#include "config.h"
#include "iterator/iter_hints.h"
#include "iterator/iter_delegpt.h"
#include "util/log.h"
#include "util/config_file.h"
#include "util/net_help.h"
#include "util/data/dname.h"
#include "sldns/rrdef.h"
#include "sldns/str2wire.h"
#include "sldns/wire2str.h"
struct iter_hints*
hints_create(void)
{
struct iter_hints* hints = (struct iter_hints*)calloc(1,
sizeof(struct iter_hints));
if(!hints)
return NULL;
lock_rw_init(&hints->lock);
lock_protect(&hints->lock, &hints->tree, sizeof(hints->tree));
return hints;
}
static void hints_stub_free(struct iter_hints_stub* s)
{
if(!s) return;
delegpt_free_mlc(s->dp);
free(s);
}
static void delhintnode(rbnode_type* n, void* ATTR_UNUSED(arg))
{
struct iter_hints_stub* node = (struct iter_hints_stub*)n;
hints_stub_free(node);
}
static void hints_del_tree(struct iter_hints* hints)
{
traverse_postorder(&hints->tree, &delhintnode, NULL);
}
void
hints_delete(struct iter_hints* hints)
{
if(!hints)
return;
lock_rw_destroy(&hints->lock);
hints_del_tree(hints);
free(hints);
}
static int
ah(struct delegpt* dp, const char* sv, const char* ip)
{
struct sockaddr_storage addr;
socklen_t addrlen;
size_t dname_len;
uint8_t* dname = sldns_str2wire_dname(sv, &dname_len);
if(!dname) {
log_err("could not parse %s", sv);
return 0;
}
if(!delegpt_add_ns_mlc(dp, dname, 0, NULL, UNBOUND_DNS_PORT) ||
!extstrtoaddr(ip, &addr, &addrlen, UNBOUND_DNS_PORT) ||
!delegpt_add_target_mlc(dp, dname, dname_len,
&addr, addrlen, 0, 0)) {
free(dname);
return 0;
}
free(dname);
return 1;
}
static struct delegpt*
compile_time_root_prime(int do_ip4, int do_ip6)
{
struct delegpt* dp = delegpt_create_mlc((uint8_t*)"\000");
if(!dp)
return NULL;
dp->has_parent_side_NS = 1;
if(do_ip4) {
if(!ah(dp, "A.ROOT-SERVERS.NET.", "198.41.0.4")) goto failed;
if(!ah(dp, "B.ROOT-SERVERS.NET.", "170.247.170.2")) goto failed;
if(!ah(dp, "C.ROOT-SERVERS.NET.", "192.33.4.12")) goto failed;
if(!ah(dp, "D.ROOT-SERVERS.NET.", "199.7.91.13")) goto failed;
if(!ah(dp, "E.ROOT-SERVERS.NET.", "192.203.230.10")) goto failed;
if(!ah(dp, "F.ROOT-SERVERS.NET.", "192.5.5.241")) goto failed;
if(!ah(dp, "G.ROOT-SERVERS.NET.", "192.112.36.4")) goto failed;
if(!ah(dp, "H.ROOT-SERVERS.NET.", "198.97.190.53")) goto failed;
if(!ah(dp, "I.ROOT-SERVERS.NET.", "192.36.148.17")) goto failed;
if(!ah(dp, "J.ROOT-SERVERS.NET.", "192.58.128.30")) goto failed;
if(!ah(dp, "K.ROOT-SERVERS.NET.", "193.0.14.129")) goto failed;
if(!ah(dp, "L.ROOT-SERVERS.NET.", "199.7.83.42")) goto failed;
if(!ah(dp, "M.ROOT-SERVERS.NET.", "202.12.27.33")) goto failed;
}
if(do_ip6) {
if(!ah(dp, "A.ROOT-SERVERS.NET.", "2001:503:ba3e::2:30")) goto failed;
if(!ah(dp, "B.ROOT-SERVERS.NET.", "2801:1b8:10::b")) goto failed;
if(!ah(dp, "C.ROOT-SERVERS.NET.", "2001:500:2::c")) goto failed;
if(!ah(dp, "D.ROOT-SERVERS.NET.", "2001:500:2d::d")) goto failed;
if(!ah(dp, "E.ROOT-SERVERS.NET.", "2001:500:a8::e")) goto failed;
if(!ah(dp, "F.ROOT-SERVERS.NET.", "2001:500:2f::f")) goto failed;
if(!ah(dp, "G.ROOT-SERVERS.NET.", "2001:500:12::d0d")) goto failed;
if(!ah(dp, "H.ROOT-SERVERS.NET.", "2001:500:1::53")) goto failed;
if(!ah(dp, "I.ROOT-SERVERS.NET.", "2001:7fe::53")) goto failed;
if(!ah(dp, "J.ROOT-SERVERS.NET.", "2001:503:c27::2:30")) goto failed;
if(!ah(dp, "K.ROOT-SERVERS.NET.", "2001:7fd::1")) goto failed;
if(!ah(dp, "L.ROOT-SERVERS.NET.", "2001:500:9f::42")) goto failed;
if(!ah(dp, "M.ROOT-SERVERS.NET.", "2001:dc3::35")) goto failed;
}
return dp;
failed:
delegpt_free_mlc(dp);
return 0;
}
static int
hints_insert(struct iter_hints* hints, uint16_t c, struct delegpt* dp,
int noprime)
{
struct iter_hints_stub* node = (struct iter_hints_stub*)malloc(
sizeof(struct iter_hints_stub));
if(!node) {
delegpt_free_mlc(dp);
return 0;
}
node->dp = dp;
node->noprime = (uint8_t)noprime;
if(!name_tree_insert(&hints->tree, &node->node, dp->name, dp->namelen,
dp->namelabs, c)) {
char buf[LDNS_MAX_DOMAINLEN];
dname_str(dp->name, buf);
log_err("second hints for zone %s ignored.", buf);
delegpt_free_mlc(dp);
free(node);
}
return 1;
}
static struct delegpt*
read_stubs_name(struct config_stub* s)
{
struct delegpt* dp;
size_t dname_len;
uint8_t* dname;
if(!s->name) {
log_err("stub zone without a name");
return NULL;
}
dname = sldns_str2wire_dname(s->name, &dname_len);
if(!dname) {
log_err("cannot parse stub zone name %s", s->name);
return NULL;
}
if(!(dp=delegpt_create_mlc(dname))) {
free(dname);
log_err("out of memory");
return NULL;
}
free(dname);
return dp;
}
static int
read_stubs_host(struct config_stub* s, struct delegpt* dp)
{
struct config_strlist* p;
uint8_t* dname;
char* tls_auth_name;
int port;
for(p = s->hosts; p; p = p->next) {
log_assert(p->str);
dname = authextstrtodname(p->str, &port, &tls_auth_name);
if(!dname) {
log_err("cannot parse stub %s nameserver name: '%s'",
s->name, p->str);
return 0;
}
#if ! defined(HAVE_SSL_SET1_HOST) && ! defined(HAVE_X509_VERIFY_PARAM_SET1_HOST)
if(tls_auth_name)
log_err("no name verification functionality in "
"ssl library, ignored name for %s", p->str);
#endif
if(!delegpt_add_ns_mlc(dp, dname, 0, tls_auth_name, port)) {
free(dname);
log_err("out of memory");
return 0;
}
free(dname);
}
return 1;
}
static int
read_stubs_addr(struct config_stub* s, struct delegpt* dp)
{
struct config_strlist* p;
struct sockaddr_storage addr;
socklen_t addrlen;
char* auth_name;
for(p = s->addrs; p; p = p->next) {
log_assert(p->str);
if(!authextstrtoaddr(p->str, &addr, &addrlen, &auth_name)) {
log_err("cannot parse stub %s ip address: '%s'",
s->name, p->str);
return 0;
}
#if ! defined(HAVE_SSL_SET1_HOST) && ! defined(HAVE_X509_VERIFY_PARAM_SET1_HOST)
if(auth_name)
log_err("no name verification functionality in "
"ssl library, ignored name for %s", p->str);
#endif
if(!delegpt_add_addr_mlc(dp, &addr, addrlen, 0, 0,
auth_name, -1)) {
log_err("out of memory");
return 0;
}
}
return 1;
}
static int
read_stubs(struct iter_hints* hints, struct config_file* cfg)
{
struct config_stub* s;
struct delegpt* dp;
for(s = cfg->stubs; s; s = s->next) {
if(!(dp=read_stubs_name(s)))
return 0;
if(!read_stubs_host(s, dp) || !read_stubs_addr(s, dp)) {
delegpt_free_mlc(dp);
return 0;
}
dp->has_parent_side_NS = (uint8_t)!s->isfirst;
dp->no_cache = s->no_cache;
dp->ssl_upstream = (uint8_t)s->ssl_upstream;
dp->tcp_upstream = (uint8_t)s->tcp_upstream;
delegpt_log(VERB_QUERY, dp);
if(!hints_insert(hints, LDNS_RR_CLASS_IN, dp, !s->isprime))
return 0;
}
return 1;
}
static int
read_root_hints(struct iter_hints* hints, char* fname)
{
struct sldns_file_parse_state pstate;
struct delegpt* dp;
uint8_t rr[LDNS_RR_BUF_SIZE];
size_t rr_len, dname_len;
int status;
uint16_t c = LDNS_RR_CLASS_IN;
FILE* f = fopen(fname, "r");
if(!f) {
log_err("could not read root hints %s: %s",
fname, strerror(errno));
return 0;
}
dp = delegpt_create_mlc(NULL);
if(!dp) {
log_err("out of memory reading root hints");
fclose(f);
return 0;
}
verbose(VERB_QUERY, "Reading root hints from %s", fname);
memset(&pstate, 0, sizeof(pstate));
pstate.lineno = 1;
dp->has_parent_side_NS = 1;
while(!feof(f)) {
rr_len = sizeof(rr);
dname_len = 0;
status = sldns_fp2wire_rr_buf(f, rr, &rr_len, &dname_len,
&pstate);
if(status != 0) {
log_err("reading root hints %s %d:%d: %s", fname,
pstate.lineno, LDNS_WIREPARSE_OFFSET(status),
sldns_get_errorstr_parse(status));
goto stop_read;
}
if(rr_len == 0)
continue;
if(sldns_wirerr_get_type(rr, rr_len, dname_len)
== LDNS_RR_TYPE_NS) {
if(!delegpt_add_ns_mlc(dp, sldns_wirerr_get_rdata(rr,
rr_len, dname_len), 0, NULL, UNBOUND_DNS_PORT)) {
log_err("out of memory reading root hints");
goto stop_read;
}
c = sldns_wirerr_get_class(rr, rr_len, dname_len);
if(!dp->name) {
if(!delegpt_set_name_mlc(dp, rr)) {
log_err("out of memory.");
goto stop_read;
}
}
} else if(sldns_wirerr_get_type(rr, rr_len, dname_len)
== LDNS_RR_TYPE_A && sldns_wirerr_get_rdatalen(rr,
rr_len, dname_len) == INET_SIZE) {
struct sockaddr_in sa;
socklen_t len = (socklen_t)sizeof(sa);
memset(&sa, 0, len);
sa.sin_family = AF_INET;
sa.sin_port = (in_port_t)htons(UNBOUND_DNS_PORT);
memmove(&sa.sin_addr,
sldns_wirerr_get_rdata(rr, rr_len, dname_len),
INET_SIZE);
if(!delegpt_add_target_mlc(dp, rr, dname_len,
(struct sockaddr_storage*)&sa, len,
0, 0)) {
log_err("out of memory reading root hints");
goto stop_read;
}
} else if(sldns_wirerr_get_type(rr, rr_len, dname_len)
== LDNS_RR_TYPE_AAAA && sldns_wirerr_get_rdatalen(rr,
rr_len, dname_len) == INET6_SIZE) {
struct sockaddr_in6 sa;
socklen_t len = (socklen_t)sizeof(sa);
memset(&sa, 0, len);
sa.sin6_family = AF_INET6;
sa.sin6_port = (in_port_t)htons(UNBOUND_DNS_PORT);
memmove(&sa.sin6_addr,
sldns_wirerr_get_rdata(rr, rr_len, dname_len),
INET6_SIZE);
if(!delegpt_add_target_mlc(dp, rr, dname_len,
(struct sockaddr_storage*)&sa, len,
0, 0)) {
log_err("out of memory reading root hints");
goto stop_read;
}
} else {
char buf[17];
sldns_wire2str_type_buf(sldns_wirerr_get_type(rr,
rr_len, dname_len), buf, sizeof(buf));
log_warn("root hints %s:%d skipping type %s",
fname, pstate.lineno, buf);
}
}
fclose(f);
if(!dp->name) {
log_warn("root hints %s: no NS content", fname);
delegpt_free_mlc(dp);
return 1;
}
delegpt_log(VERB_QUERY, dp);
if(!hints_insert(hints, c, dp, 0)) {
return 0;
}
return 1;
stop_read:
delegpt_free_mlc(dp);
fclose(f);
return 0;
}
static int
read_root_hints_list(struct iter_hints* hints, struct config_file* cfg)
{
struct config_strlist* p;
for(p = cfg->root_hints; p; p = p->next) {
log_assert(p->str);
if(p->str && p->str[0]) {
char* f = p->str;
if(cfg->chrootdir && cfg->chrootdir[0] &&
strncmp(p->str, cfg->chrootdir,
strlen(cfg->chrootdir)) == 0)
f += strlen(cfg->chrootdir);
if(!read_root_hints(hints, f))
return 0;
}
}
return 1;
}
int
hints_apply_cfg(struct iter_hints* hints, struct config_file* cfg)
{
int nolock = 1;
lock_rw_wrlock(&hints->lock);
hints_del_tree(hints);
name_tree_init(&hints->tree);
if(!read_root_hints_list(hints, cfg)) {
lock_rw_unlock(&hints->lock);
return 0;
}
if(!read_stubs(hints, cfg)) {
lock_rw_unlock(&hints->lock);
return 0;
}
if(!hints_find_root(hints, LDNS_RR_CLASS_IN, nolock)) {
struct delegpt* dp = compile_time_root_prime(cfg->do_ip4,
cfg->do_ip6);
verbose(VERB_ALGO, "no config, using builtin root hints.");
if(!dp) {
lock_rw_unlock(&hints->lock);
return 0;
}
if(!hints_insert(hints, LDNS_RR_CLASS_IN, dp, 0)) {
lock_rw_unlock(&hints->lock);
return 0;
}
}
name_tree_init_parents(&hints->tree);
lock_rw_unlock(&hints->lock);
return 1;
}
struct delegpt*
hints_find(struct iter_hints* hints, uint8_t* qname, uint16_t qclass,
int nolock)
{
struct iter_hints_stub *stub;
size_t len;
int has_dp;
int labs = dname_count_size_labels(qname, &len);
if(!nolock) { lock_rw_rdlock(&hints->lock); }
stub = (struct iter_hints_stub*)name_tree_find(&hints->tree,
qname, len, labs, qclass);
has_dp = stub && stub->dp;
if(!has_dp && !nolock) { lock_rw_unlock(&hints->lock); }
return has_dp?stub->dp:NULL;
}
struct delegpt*
hints_find_root(struct iter_hints* hints, uint16_t qclass, int nolock)
{
uint8_t rootlab = 0;
return hints_find(hints, &rootlab, qclass, nolock);
}
struct iter_hints_stub*
hints_lookup_stub(struct iter_hints* hints, uint8_t* qname,
uint16_t qclass, struct delegpt* cache_dp, int nolock)
{
size_t len;
int labs;
struct iter_hints_stub *r;
labs = dname_count_size_labels(qname, &len);
if(!nolock) { lock_rw_rdlock(&hints->lock); }
r = (struct iter_hints_stub*)name_tree_lookup(&hints->tree, qname,
len, labs, qclass);
if(!r) {
if(!nolock) { lock_rw_unlock(&hints->lock); }
return NULL;
}
if(cache_dp == NULL) {
if(r->dp->namelabs != 1)
return r;
if(!nolock) { lock_rw_unlock(&hints->lock); }
return NULL;
}
if(r->noprime && query_dname_compare(cache_dp->name, r->dp->name)==0)
return r;
if(dname_strict_subdomain(r->dp->name, r->dp->namelabs,
cache_dp->name, cache_dp->namelabs))
return r;
if(!nolock) { lock_rw_unlock(&hints->lock); }
return NULL;
}
int hints_next_root(struct iter_hints* hints, uint16_t* qclass, int nolock)
{
int ret;
if(!nolock) { lock_rw_rdlock(&hints->lock); }
ret = name_tree_next_root(&hints->tree, qclass);
if(!nolock) { lock_rw_unlock(&hints->lock); }
return ret;
}
size_t
hints_get_mem(struct iter_hints* hints)
{
size_t s;
struct iter_hints_stub* p;
if(!hints) return 0;
lock_rw_rdlock(&hints->lock);
s = sizeof(*hints);
RBTREE_FOR(p, struct iter_hints_stub*, &hints->tree) {
s += sizeof(*p) + delegpt_get_mem(p->dp);
}
lock_rw_unlock(&hints->lock);
return s;
}
int
hints_add_stub(struct iter_hints* hints, uint16_t c, struct delegpt* dp,
int noprime, int nolock)
{
struct iter_hints_stub *z;
if(!nolock) { lock_rw_wrlock(&hints->lock); }
if((z=(struct iter_hints_stub*)name_tree_find(&hints->tree,
dp->name, dp->namelen, dp->namelabs, c)) != NULL) {
(void)rbtree_delete(&hints->tree, &z->node);
hints_stub_free(z);
}
if(!hints_insert(hints, c, dp, noprime)) {
if(!nolock) { lock_rw_unlock(&hints->lock); }
return 0;
}
name_tree_init_parents(&hints->tree);
if(!nolock) { lock_rw_unlock(&hints->lock); }
return 1;
}
void
hints_delete_stub(struct iter_hints* hints, uint16_t c, uint8_t* nm,
int nolock)
{
struct iter_hints_stub *z;
size_t len;
int labs = dname_count_size_labels(nm, &len);
if(!nolock) { lock_rw_wrlock(&hints->lock); }
if(!(z=(struct iter_hints_stub*)name_tree_find(&hints->tree,
nm, len, labs, c))) {
if(!nolock) { lock_rw_unlock(&hints->lock); }
return;
}
(void)rbtree_delete(&hints->tree, &z->node);
hints_stub_free(z);
name_tree_init_parents(&hints->tree);
if(!nolock) { lock_rw_unlock(&hints->lock); }
}
void
hints_swap_tree(struct iter_hints* hints, struct iter_hints* data)
{
rbnode_type* oldroot = hints->tree.root;
size_t oldcount = hints->tree.count;
hints->tree.root = data->tree.root;
hints->tree.count = data->tree.count;
data->tree.root = oldroot;
data->tree.count = oldcount;
}
