113query_error(
query_type* q, ldns_pkt_rcode rcode)
138 ldns_pkt_opcode opcode = LDNS_PACKET_QUERY;
147 ods_log_debug(
"[%s] formerr",
query_str);
148 return query_error(q, LDNS_RCODE_FORMERR);
162 ods_log_debug(
"[%s] servfail",
query_str);
166 return query_error(q, LDNS_RCODE_SERVFAIL);
180 ods_log_debug(
"[%s] notimpl",
query_str);
181 return query_error(q, LDNS_RCODE_NOTIMPL);
195 ods_log_debug(
"[%s] refused",
query_str);
196 return query_error(q, LDNS_RCODE_REFUSED);
210 ods_log_debug(
"[%s] notauth",
query_str);
211 return query_error(q, LDNS_RCODE_NOTAUTH);
221query_parse_soa(
buffer_type* buffer, uint32_t* serial)
223 ldns_rr_type type = 0;
224 ods_log_assert(buffer);
226 ods_log_error(
"[%s] bad soa: packet too short",
query_str);
230 if (type != LDNS_RR_TYPE_SOA) {
231 ods_log_error(
"[%s] bad soa: rr is not soa (%d)",
query_str, type);
238 ods_log_error(
"[%s] bad soa: missing rdlength",
query_str);
243 ods_log_error(
"[%s] bad soa: missing mname",
query_str);
248 ods_log_error(
"[%s] bad soa: missing rname",
query_str);
269 uint16_t rrcount = 0;
273 if (!engine || !q || !q->
zone) {
278 ods_log_verbose(
"[%s] incoming notify for zone %s",
query_str,
290 qtype != LDNS_RR_TYPE_SOA) {
291 return query_formerr(q);
294 ods_log_error(
"[%s] zone %s is not configured to have input dns "
296 return query_notauth(q);
302 ods_log_info(
"[%s] unauthorized notify for zone %s from %s: "
305 ods_log_info(
"[%s] unauthorized notify for zone %s from unknown "
308 return query_notauth(q);
314 for (rrcount = 0; rrcount < count; rrcount++) {
317 ods_log_info(
"[%s] dropped packet: zone %s received bad "
318 "notify from %s (bad question section)",
query_str,
321 ods_log_info(
"[%s] dropped packet: zone %s received bad "
322 "notify from unknown source (bad question section)",
334 !query_parse_soa(q->
buffer, &serial)) {
336 ods_log_info(
"[%s] dropped packet: zone %s received bad "
337 "notify from %s (bad soa in answer section)",
query_str,
340 ods_log_info(
"[%s] dropped packet: zone %s received bad "
341 "notify from unknown source (bad soa in answer section)",
350 ods_log_info(
"[%s] ignore notify from %s: already got "
351 "zone %s serial %u on disk (received %u)",
query_str,
355 ods_log_info(
"[%s] ignore notify: already got zone %s "
356 "serial %u on disk (received %u)",
query_str,
363 ods_log_info(
"[%s] ignore notify from %s: zone %s "
364 "transfer in progress",
query_str, address,
367 ods_log_info(
"[%s] ignore notify: zone %s transfer in "
376 ods_log_verbose(
"[%s] forward notify for zone %s from client %s",
379 ods_log_verbose(
"[%s] forward notify for zone %s",
query_str,
390 ods_log_verbose(
"[%s] forward notify for zone %s from client %s",
393 ods_log_verbose(
"[%s] forward notify for zone %s",
query_str,
424 ods_log_assert(q->
buffer);
429 ods_log_error(
"[%s] dropped packet: zone %s received bad ixfr "
441 ods_log_error(
"[%s] dropped packet: zone %s received bad ixfr "
445 ods_log_debug(
"[%s] found ixfr request zone %s serial=%u",
query_str,
449 ods_log_debug(
"[%s] ixfr request zone %s has no auth section",
query_str,
462 ldns_pkt_section section)
464 if (!r || !rrset || !section) {
480response_encode_rr(
query_type* q, ldns_rr* rr, ldns_pkt_section section)
482 uint8_t *data = NULL;
484 ldns_status status = LDNS_STATUS_OK;
487 ods_log_assert(section);
488 status = ldns_rr2wire(&data, rr, section, &size);
489 if (status != LDNS_STATUS_OK) {
490 ods_log_error(
"[%s] unable to send good response: ldns_rr2wire() "
491 "failed (%s)",
query_str, ldns_get_errorstr_by_id(status));
511 ods_log_assert(rrset);
512 ods_log_assert(section);
514 for (i = 0; i < rrset->
rr_count; i++) {
515 added += response_encode_rr(q, rrset->
rrs[i].
rr, section);
518 while((rrsig = collection_iterator(rrset->
rrsigs))) {
519 added += response_encode_rr(q, rrsig->
rr, section);
534 uint16_t counts[LDNS_SECTION_ANY];
535 ldns_pkt_section s = LDNS_SECTION_QUESTION;
539 for (s = LDNS_SECTION_ANSWER; s < LDNS_SECTION_ANY; s++) {
542 for (s = LDNS_SECTION_ANSWER; s < LDNS_SECTION_ANY; s++) {
545 counts[s] += response_encode_rrset(q, r->
rrsets[i], s);
562query_response(
query_type* q, ldns_rr_type qtype)
566 if (!q || !q->
zone) {
573 if (!response_add_rrset(&r, rrset, LDNS_SECTION_ANSWER)) {
575 return query_servfail(q);
580 if (!response_add_rrset(&r, rrset, LDNS_SECTION_AUTHORITY)) {
582 return query_servfail(q);
585 }
else if (qtype != LDNS_RR_TYPE_SOA) {
589 return query_servfail(q);
591 if (!response_add_rrset(&r, rrset, LDNS_SECTION_AUTHORITY)) {
593 return query_servfail(q);
597 return query_servfail(q);
601 response_encode(q, &r);
617 ods_log_assert(q->
buffer);
639 if (!q || !q->
zone) {
643 ods_log_debug(
"[%s] incoming query qtype=%s for zone %s",
query_str,
648 return query_formerr(q);
653 return query_formerr(q);
657 ods_log_error(
"[%s] zone %s is not configured to have output dns "
659 return query_refused(q);
665 ods_log_debug(
"[%s] zone %s acl query refused",
query_str,
667 return query_refused(q);
672 if (qtype == LDNS_RR_TYPE_IXFR) {
674 ods_log_debug(
"[%s] incoming ixfr request serial=%u for zone %s",
676 return ixfr(q, engine);
679 if (qtype == LDNS_RR_TYPE_AXFR) {
681 ods_log_debug(
"[%s] incoming axfr request for zone %s",
683 return axfr(q, engine, 0);
686 if (qtype == LDNS_RR_TYPE_SOA) {
688 ods_log_debug(
"[%s] incoming soa request for zone %s",
693 return query_response(q, qtype);
704 if (!q || !q->
zone) {
707 ods_log_debug(
"[%s] dynamic update not implemented",
query_str);
708 return query_notimpl(q);
720 return LDNS_RCODE_SERVFAIL;
723 return LDNS_RCODE_FORMERR;
727 ods_log_debug(
"[%s] tsig unknown key/algorithm",
query_str);
728 return LDNS_RCODE_REFUSED;
735 ods_log_debug(
"[%s] bad tsig signature",
query_str);
736 return LDNS_RCODE_NOTAUTH;
739 return LDNS_RCODE_NOERROR;
751 return LDNS_RCODE_SERVFAIL;
755 return LDNS_RCODE_FORMERR;
771 return LDNS_RCODE_NOERROR;
782 size_t saved_pos = 0;
788 ods_log_assert(q->
buffer);
797 for (i=0; i < rrcount; i++) {
805 ods_log_assert(rrcount != 0);
807 ods_log_debug(
"[%s] got bad tsig",
query_str);
821 ods_log_debug(
"[%s] got bad tsig",
query_str);
829 ods_log_debug(
"[%s] too many additional rrs",
query_str);
844 ldns_status status = LDNS_STATUS_OK;
845 ldns_pkt* pkt = NULL;
847 ldns_pkt_rcode rcode = LDNS_RCODE_NOERROR;
848 ldns_pkt_opcode opcode = LDNS_PACKET_QUERY;
849 ldns_rr_type qtype = LDNS_RR_TYPE_SOA;
850 ods_log_assert(engine);
852 ods_log_assert(q->
buffer);
854 ods_log_debug(
"[%s] drop query: packet too small",
query_str);
858 ods_log_debug(
"[%s] drop query: qr bit set",
query_str);
864 if (status != LDNS_STATUS_OK) {
865 ods_log_debug(
"[%s] got bad packet: %s",
query_str,
866 ldns_get_errorstr_by_id(status));
867 return query_formerr(q);
869 rr = ldns_rr_list_rr(ldns_pkt_question(pkt), 0);
871 ods_log_debug(
"[%s] no RRset in query section, ignoring",
query_str);
879 ldns_rr_get_class(rr));
883 ods_log_warning(
"[%s] zone %s just added, don't answer for now",
889 ods_log_debug(
"[%s] zone not found",
query_str);
891 return query_servfail(q);
894 if (!query_find_tsig(q)) {
896 return query_formerr(q);
901 opcode = ldns_pkt_get_opcode(pkt);
902 qtype = ldns_rr_get_type(rr);
903 if (qtype == LDNS_RR_TYPE_IXFR) {
905 ods_log_debug(
"[%s] incoming ixfr request for zone %s",
909 return query_formerr(q);
913 rcode = query_process_tsig(q);
914 if (rcode != LDNS_RCODE_NOERROR) {
916 return query_error(q, rcode);
919 rcode = query_process_edns(q);
920 if (rcode != LDNS_RCODE_NOERROR) {
926 return query_error(q, LDNS_RCODE_NOERROR);
931 case LDNS_PACKET_NOTIFY:
932 return query_process_notify(q, qtype, engine);
933 case LDNS_PACKET_QUERY:
934 return query_process_query(q, qtype, engine);
935 case LDNS_PACKET_UPDATE:
936 return query_process_update(q);
940 return query_notimpl(q);
952 ods_log_assert(q->
buffer);
970 edns = &engine->
edns;
975 ods_log_debug(
"[%s] add edns opt ok",
query_str);
988 ods_log_debug(
"[%s] add edns opt err",
query_str);
1012 ods_log_debug(
"[%s] add tsig err",
query_str);
1019 ods_log_debug(
"[%s] add tsig ok",
query_str);
1045 size_t rdlength_pos = 0;
1046 uint16_t rdlength = 0;
1049 ods_log_assert(q->
buffer);
1056 goto query_add_rr_tc;
1060 sizeof(uint32_t) +
sizeof(rdlength))) {
1061 goto query_add_rr_tc;
1070 for (i=0; i < ldns_rr_rd_count(rr); i++) {
1072 goto query_add_rr_tc;
1077 if (!query_overflow(q)) {
1087 ods_log_assert(!query_overflow(q));
int addr2ip(struct sockaddr_storage addr, char *ip, size_t len)
acl_type * acl_find(acl_type *acl, struct sockaddr_storage *addr, tsig_rr_type *trr)
query_state ixfr(query_type *q, engine_type *engine)
query_state axfr(query_type *q, engine_type *engine, int fallback)
query_state soa_request(query_type *q, engine_type *engine)
void buffer_pkt_set_flags(buffer_type *buffer, uint16_t flags)
int buffer_available(buffer_type *buffer, size_t count)
void buffer_pkt_set_opcode(buffer_type *buffer, ldns_pkt_opcode opcode)
void buffer_pkt_set_rcode(buffer_type *buffer, ldns_pkt_rcode rcode)
size_t buffer_capacity(buffer_type *buffer)
uint16_t buffer_pkt_qdcount(buffer_type *buffer)
void buffer_clear(buffer_type *buffer)
int buffer_pkt_ad(buffer_type *buffer)
int buffer_skip_rr(buffer_type *buffer, unsigned qrr)
void buffer_cleanup(buffer_type *buffer)
uint32_t buffer_read_u32(buffer_type *buffer)
uint16_t buffer_read_u16(buffer_type *buffer)
uint8_t * buffer_current(buffer_type *buffer)
void buffer_set_limit(buffer_type *buffer, size_t limit)
void buffer_set_position(buffer_type *buffer, size_t pos)
int buffer_pkt_cd(buffer_type *buffer)
int buffer_pkt_qr(buffer_type *buffer)
uint8_t * buffer_begin(buffer_type *buffer)
ldns_pkt_opcode buffer_pkt_opcode(buffer_type *buffer)
ldns_pkt_rcode buffer_pkt_rcode(buffer_type *buffer)
int buffer_pkt_aa(buffer_type *buffer)
size_t buffer_position(buffer_type *buffer)
uint16_t buffer_pkt_arcount(buffer_type *buffer)
void buffer_pkt_set_nscount(buffer_type *buffer, uint16_t count)
void buffer_write(buffer_type *buffer, const void *data, size_t count)
void buffer_write_rdf(buffer_type *buffer, ldns_rdf *rdf)
void buffer_pkt_set_qr(buffer_type *buffer)
int buffer_pkt_rd(buffer_type *buffer)
void buffer_write_u16_at(buffer_type *buffer, size_t at, uint16_t data)
void buffer_skip(buffer_type *buffer, ssize_t count)
uint16_t buffer_pkt_flags(buffer_type *buffer)
int buffer_pkt_tc(buffer_type *buffer)
int buffer_skip_dname(buffer_type *buffer)
int buffer_pkt_ra(buffer_type *buffer)
size_t buffer_remaining(buffer_type *buffer)
void buffer_write_u32(buffer_type *buffer, uint32_t data)
void buffer_pkt_set_ancount(buffer_type *buffer, uint16_t count)
void buffer_write_u16(buffer_type *buffer, uint16_t data)
buffer_type * buffer_create(size_t capacity)
size_t buffer_limit(buffer_type *buffer)
void buffer_pkt_set_aa(buffer_type *buffer)
uint16_t buffer_pkt_ancount(buffer_type *buffer)
uint16_t buffer_pkt_nscount(buffer_type *buffer)
void buffer_pkt_set_arcount(buffer_type *buffer, uint16_t count)
void buffer_pkt_set_qdcount(buffer_type *buffer, uint16_t count)
#define BUFFER_PKT_HEADER_SIZE
#define PACKET_BUFFER_SIZE
void dnshandler_fwd_notify(dnshandler_type *dnshandler, uint8_t *pkt, size_t len)
void edns_rr_cleanup(edns_rr_type *err)
size_t edns_rr_reserved_space(edns_rr_type *err)
void edns_rr_reset(edns_rr_type *err)
int edns_rr_parse(edns_rr_type *err, buffer_type *buffer)
edns_rr_type * edns_rr_create()
#define EDNS_MAX_MESSAGE_LEN
void query_prepare(query_type *q)
query_type * query_create(void)
void query_reset(query_type *q, size_t maxlen, int is_tcp)
void query_add_optional(query_type *q, engine_type *engine)
void query_cleanup(query_type *q)
query_state query_process(query_type *q, engine_type *engine)
int query_add_rr(query_type *q, ldns_rr *rr)
#define UDP_MAX_MESSAGE_LEN
enum query_enum query_state
const char * rrset_type2str(ldns_rr_type type)
unsigned char ok[OPT_LEN]
unsigned char error[OPT_LEN]
unsigned char rdata_none[OPT_RDATA]
dnshandler_type * dnshandler
struct sockaddr_storage addr
ldns_pkt_section sections[QUERY_RESPONSE_MAX_RRSET]
rrset_type * rrsets[QUERY_RESPONSE_MAX_RRSET]
pthread_mutex_t serial_lock
time_t serial_notify_acquired
pthread_mutex_t zone_lock
adapter_type * adoutbound
int tsig_rr_lookup(tsig_rr_type *trr)
void tsig_rr_cleanup(tsig_rr_type *trr)
int tsig_rr_verify(tsig_rr_type *trr)
void tsig_rr_error(tsig_rr_type *trr)
size_t tsig_rr_reserved_space(tsig_rr_type *trr)
void tsig_rr_append(tsig_rr_type *trr, buffer_type *buffer)
const char * tsig_status2str(tsig_status status)
void tsig_rr_sign(tsig_rr_type *trr)
int tsig_rr_parse(tsig_rr_type *trr, buffer_type *buffer)
void tsig_rr_reset(tsig_rr_type *trr, tsig_algo_type *algo, tsig_key_type *key)
void tsig_rr_update(tsig_rr_type *trr, buffer_type *buffer, size_t length)
void tsig_rr_prepare(tsig_rr_type *trr)
tsig_rr_type * tsig_rr_create()
void xfrd_set_timer_now(xfrd_type *xfrd)
rrset_type * zone_lookup_rrset(zone_type *zone, ldns_rdf *owner, ldns_rr_type type)
zone_type * zonelist_lookup_zone_by_dname(zonelist_type *zonelist, ldns_rdf *dname, ldns_rr_class klass)