113 query_error(
query_type* q, ldns_pkt_rcode rcode)
138 ldns_pkt_opcode opcode = LDNS_PACKET_QUERY;
147 ods_log_debug(
"[%s] formerr",
query_str);
148 return query_error(q, LDNS_RCODE_FORMERR);
162 ods_log_debug(
"[%s] servfail",
query_str);
166 return query_error(q, LDNS_RCODE_SERVFAIL);
180 ods_log_debug(
"[%s] notimpl",
query_str);
181 return query_error(q, LDNS_RCODE_NOTIMPL);
195 ods_log_debug(
"[%s] refused",
query_str);
196 return query_error(q, LDNS_RCODE_REFUSED);
210 ods_log_debug(
"[%s] notauth",
query_str);
211 return query_error(q, LDNS_RCODE_NOTAUTH);
221 query_parse_soa(
buffer_type* buffer, uint32_t* serial)
223 ldns_rr_type type = 0;
224 ods_log_assert(buffer);
226 ods_log_error(
"[%s] bad soa: packet too short",
query_str);
230 if (type != LDNS_RR_TYPE_SOA) {
231 ods_log_error(
"[%s] bad soa: rr is not soa (%d)",
query_str, type);
238 ods_log_error(
"[%s] bad soa: missing rdlength",
query_str);
243 ods_log_error(
"[%s] bad soa: missing mname",
query_str);
248 ods_log_error(
"[%s] bad soa: missing rname",
query_str);
269 uint16_t rrcount = 0;
273 if (!engine || !q || !q->
zone) {
278 ods_log_verbose(
"[%s] incoming notify for zone %s",
query_str,
290 qtype != LDNS_RR_TYPE_SOA) {
291 return query_formerr(q);
294 ods_log_error(
"[%s] zone %s is not configured to have input dns " 296 return query_notauth(q);
302 ods_log_info(
"[%s] unauthorized notify for zone %s from %s: " 305 ods_log_info(
"[%s] unauthorized notify for zone %s from unknown " 308 return query_notauth(q);
314 for (rrcount = 0; rrcount < count; rrcount++) {
317 ods_log_info(
"[%s] dropped packet: zone %s received bad " 318 "notify from %s (bad question section)",
query_str,
321 ods_log_info(
"[%s] dropped packet: zone %s received bad " 322 "notify from unknown source (bad question section)",
334 !query_parse_soa(q->
buffer, &serial)) {
336 ods_log_info(
"[%s] dropped packet: zone %s received bad " 337 "notify from %s (bad soa in answer section)",
query_str,
340 ods_log_info(
"[%s] dropped packet: zone %s received bad " 341 "notify from unknown source (bad soa in answer section)",
350 ods_log_info(
"[%s] ignore notify from %s: already got " 351 "zone %s serial %u on disk (received %u)",
query_str,
355 ods_log_info(
"[%s] ignore notify: already got zone %s " 356 "serial %u on disk (received %u)",
query_str,
363 ods_log_info(
"[%s] ignore notify from %s: zone %s " 364 "transfer in progress",
query_str, address,
367 ods_log_info(
"[%s] ignore notify: zone %s transfer in " 376 ods_log_verbose(
"[%s] forward notify for zone %s from client %s",
379 ods_log_verbose(
"[%s] forward notify for zone %s",
query_str,
390 ods_log_verbose(
"[%s] forward notify for zone %s from client %s",
393 ods_log_verbose(
"[%s] forward notify for zone %s",
query_str,
424 ods_log_assert(q->
buffer);
429 ods_log_error(
"[%s] dropped packet: zone %s received bad ixfr " 441 ods_log_error(
"[%s] dropped packet: zone %s received bad ixfr " 445 ods_log_debug(
"[%s] found ixfr request zone %s serial=%u",
query_str,
449 ods_log_debug(
"[%s] ixfr request zone %s has no auth section",
query_str,
462 ldns_pkt_section section)
464 if (!r || !rrset || !section) {
480 response_encode_rr(
query_type* q, ldns_rr* rr, ldns_pkt_section section)
482 uint8_t *data = NULL;
484 ldns_status status = LDNS_STATUS_OK;
487 ods_log_assert(section);
488 status = ldns_rr2wire(&data, rr, section, &size);
489 if (status != LDNS_STATUS_OK) {
490 ods_log_error(
"[%s] unable to send good response: ldns_rr2wire() " 491 "failed (%s)",
query_str, ldns_get_errorstr_by_id(status));
511 ods_log_assert(rrset);
512 ods_log_assert(section);
514 for (i = 0; i < rrset->
rr_count; i++) {
515 added += response_encode_rr(q, rrset->
rrs[i].
rr, section);
518 while((rrsig = collection_iterator(rrset->
rrsigs))) {
519 added += response_encode_rr(q, rrsig->
rr, section);
534 uint16_t counts[LDNS_SECTION_ANY];
535 ldns_pkt_section s = LDNS_SECTION_QUESTION;
539 for (s = LDNS_SECTION_ANSWER; s < LDNS_SECTION_ANY; s++) {
542 for (s = LDNS_SECTION_ANSWER; s < LDNS_SECTION_ANY; s++) {
545 counts[s] += response_encode_rrset(q, r->
rrsets[i], s);
562 query_response(
query_type* q, ldns_rr_type qtype)
566 if (!q || !q->
zone) {
573 if (!response_add_rrset(&r, rrset, LDNS_SECTION_ANSWER)) {
575 return query_servfail(q);
580 if (!response_add_rrset(&r, rrset, LDNS_SECTION_AUTHORITY)) {
582 return query_servfail(q);
585 }
else if (qtype != LDNS_RR_TYPE_SOA) {
588 if (!response_add_rrset(&r, rrset, LDNS_SECTION_AUTHORITY)) {
590 return query_servfail(q);
595 return query_servfail(q);
599 response_encode(q, &r);
615 ods_log_assert(q->
buffer);
637 if (!q || !q->
zone) {
641 ods_log_debug(
"[%s] incoming query qtype=%s for zone %s",
query_str,
646 return query_formerr(q);
651 return query_formerr(q);
655 ods_log_error(
"[%s] zone %s is not configured to have output dns " 657 return query_refused(q);
663 ods_log_debug(
"[%s] zone %s acl query refused",
query_str,
665 return query_refused(q);
670 if (qtype == LDNS_RR_TYPE_IXFR) {
672 ods_log_debug(
"[%s] incoming ixfr request serial=%u for zone %s",
674 return ixfr(q, engine);
677 if (qtype == LDNS_RR_TYPE_AXFR) {
679 ods_log_debug(
"[%s] incoming axfr request for zone %s",
681 return axfr(q, engine, 0);
684 if (qtype == LDNS_RR_TYPE_SOA) {
686 ods_log_debug(
"[%s] incoming soa request for zone %s",
691 return query_response(q, qtype);
702 if (!q || !q->
zone) {
705 ods_log_debug(
"[%s] dynamic update not implemented",
query_str);
706 return query_notimpl(q);
714 static ldns_pkt_rcode
718 return LDNS_RCODE_SERVFAIL;
721 return LDNS_RCODE_FORMERR;
725 ods_log_debug(
"[%s] tsig unknown key/algorithm",
query_str);
726 return LDNS_RCODE_REFUSED;
733 ods_log_debug(
"[%s] bad tsig signature",
query_str);
734 return LDNS_RCODE_NOTAUTH;
737 return LDNS_RCODE_NOERROR;
745 static ldns_pkt_rcode
749 return LDNS_RCODE_SERVFAIL;
753 return LDNS_RCODE_FORMERR;
769 return LDNS_RCODE_NOERROR;
780 size_t saved_pos = 0;
786 ods_log_assert(q->
buffer);
795 for (i=0; i < rrcount; i++) {
803 ods_log_assert(rrcount != 0);
805 ods_log_debug(
"[%s] got bad tsig",
query_str);
819 ods_log_debug(
"[%s] got bad tsig",
query_str);
827 ods_log_debug(
"[%s] too many additional rrs",
query_str);
842 ldns_status status = LDNS_STATUS_OK;
843 ldns_pkt* pkt = NULL;
845 ldns_pkt_rcode rcode = LDNS_RCODE_NOERROR;
846 ldns_pkt_opcode opcode = LDNS_PACKET_QUERY;
847 ldns_rr_type qtype = LDNS_RR_TYPE_SOA;
848 ods_log_assert(engine);
850 ods_log_assert(q->
buffer);
851 if (!engine || !q || !q->
buffer) {
852 ods_log_error(
"[%s] drop query: assertion error",
query_str);
856 ods_log_debug(
"[%s] drop query: packet too small",
query_str);
860 ods_log_debug(
"[%s] drop query: qr bit set",
query_str);
866 if (status != LDNS_STATUS_OK) {
867 ods_log_debug(
"[%s] got bad packet: %s",
query_str,
868 ldns_get_errorstr_by_id(status));
869 return query_formerr(q);
871 rr = ldns_rr_list_rr(ldns_pkt_question(pkt), 0);
873 ods_log_debug(
"[%s] no RRset in query section, ignoring",
query_str);
880 ldns_rr_get_class(rr));
884 ods_log_warning(
"[%s] zone %s just added, don't answer for now",
890 ods_log_debug(
"[%s] zone not found",
query_str);
891 return query_servfail(q);
894 if (!query_find_tsig(q)) {
895 return query_formerr(q);
900 opcode = ldns_pkt_get_opcode(pkt);
901 qtype = ldns_rr_get_type(rr);
902 if (qtype == LDNS_RR_TYPE_IXFR) {
904 ods_log_debug(
"[%s] incoming ixfr request for zone %s",
907 return query_formerr(q);
911 rcode = query_process_tsig(q);
912 if (rcode != LDNS_RCODE_NOERROR) {
913 return query_error(q, rcode);
916 rcode = query_process_edns(q);
917 if (rcode != LDNS_RCODE_NOERROR) {
922 return query_error(q, LDNS_RCODE_NOERROR);
927 case LDNS_PACKET_NOTIFY:
928 return query_process_notify(q, qtype, engine);
929 case LDNS_PACKET_QUERY:
930 return query_process_query(q, qtype, engine);
931 case LDNS_PACKET_UPDATE:
932 return query_process_update(q);
936 return query_notimpl(q);
948 ods_log_assert(q->
buffer);
966 edns = &engine->
edns;
971 ods_log_debug(
"[%s] add edns opt ok",
query_str);
984 ods_log_debug(
"[%s] add edns opt err",
query_str);
1008 ods_log_debug(
"[%s] add tsig err",
query_str);
1015 ods_log_debug(
"[%s] add tsig ok",
query_str);
1041 size_t rdlength_pos = 0;
1042 uint16_t rdlength = 0;
1045 ods_log_assert(q->
buffer);
1052 goto query_add_rr_tc;
1056 sizeof(uint32_t) +
sizeof(rdlength))) {
1057 goto query_add_rr_tc;
1066 for (i=0; i < ldns_rr_rd_count(rr); i++) {
1068 goto query_add_rr_tc;
1073 if (!query_overflow(q)) {
1083 ods_log_assert(!query_overflow(q));
void edns_rr_cleanup(edns_rr_type *err)
ldns_pkt_opcode buffer_pkt_opcode(buffer_type *buffer)
query_type * query_create(void)
void tsig_rr_update(tsig_rr_type *trr, buffer_type *buffer, size_t length)
int edns_rr_parse(edns_rr_type *err, buffer_type *buffer)
int buffer_pkt_rd(buffer_type *buffer)
const char * rrset_type2str(ldns_rr_type type)
void query_cleanup(query_type *q)
#define UDP_MAX_MESSAGE_LEN
int tsig_rr_parse(tsig_rr_type *trr, buffer_type *buffer)
uint16_t buffer_pkt_arcount(buffer_type *buffer)
#define BUFFER_PKT_HEADER_SIZE
void edns_rr_reset(edns_rr_type *err)
uint16_t buffer_pkt_qdcount(buffer_type *buffer)
void buffer_skip(buffer_type *buffer, ssize_t count)
void buffer_pkt_set_flags(buffer_type *buffer, uint16_t flags)
uint16_t buffer_read_u16(buffer_type *buffer)
int buffer_skip_rr(buffer_type *buffer, unsigned qrr)
void buffer_pkt_set_qdcount(buffer_type *buffer, uint16_t count)
void buffer_clear(buffer_type *buffer)
time_t serial_notify_acquired
lock_basic_type zone_lock
void query_reset(query_type *q, size_t maxlen, int is_tcp)
int buffer_pkt_qr(buffer_type *buffer)
void tsig_rr_reset(tsig_rr_type *trr, tsig_algo_type *algo, tsig_key_type *key)
void tsig_rr_append(tsig_rr_type *trr, buffer_type *buffer)
void buffer_write(buffer_type *buffer, const void *data, size_t count)
struct sockaddr_storage addr
rrset_type * rrsets[QUERY_RESPONSE_MAX_RRSET]
lock_basic_type serial_lock
uint8_t * buffer_current(buffer_type *buffer)
adapter_type * adoutbound
uint16_t buffer_pkt_ancount(buffer_type *buffer)
size_t buffer_limit(buffer_type *buffer)
tsig_rr_type * tsig_rr_create()
void tsig_rr_prepare(tsig_rr_type *trr)
void buffer_pkt_set_ancount(buffer_type *buffer, uint16_t count)
const char * tsig_status2str(tsig_status status)
void buffer_pkt_set_nscount(buffer_type *buffer, uint16_t count)
void buffer_set_limit(buffer_type *buffer, size_t limit)
void buffer_cleanup(buffer_type *buffer)
zone_type * zonelist_lookup_zone_by_dname(zonelist_type *zonelist, ldns_rdf *dname, ldns_rr_class klass)
edns_rr_type * edns_rr_create()
uint16_t buffer_pkt_flags(buffer_type *buffer)
query_state axfr(query_type *q, engine_type *engine, int fallback)
void tsig_rr_cleanup(tsig_rr_type *trr)
size_t buffer_capacity(buffer_type *buffer)
int buffer_skip_dname(buffer_type *buffer)
uint32_t buffer_read_u32(buffer_type *buffer)
void query_add_optional(query_type *q, engine_type *engine)
void buffer_pkt_set_opcode(buffer_type *buffer, ldns_pkt_opcode opcode)
enum query_enum query_state
#define PACKET_BUFFER_SIZE
#define EDNS_MAX_MESSAGE_LEN
int tsig_rr_verify(tsig_rr_type *trr)
void buffer_write_u16(buffer_type *buffer, uint16_t data)
query_state query_process(query_type *q, engine_type *engine)
void buffer_write_u32(buffer_type *buffer, uint32_t data)
void buffer_pkt_set_aa(buffer_type *buffer)
void tsig_rr_error(tsig_rr_type *trr)
int buffer_pkt_aa(buffer_type *buffer)
query_state ixfr(query_type *q, engine_type *engine)
uint16_t buffer_pkt_nscount(buffer_type *buffer)
acl_type * acl_find(acl_type *acl, struct sockaddr_storage *addr, tsig_rr_type *trr)
rrset_type * zone_lookup_rrset(zone_type *zone, ldns_rdf *owner, ldns_rr_type type)
void buffer_write_u16_at(buffer_type *buffer, size_t at, uint16_t data)
void buffer_set_position(buffer_type *buffer, size_t pos)
void xfrd_set_timer_now(xfrd_type *xfrd)
int buffer_available(buffer_type *buffer, size_t count)
int buffer_pkt_ad(buffer_type *buffer)
int tsig_rr_lookup(tsig_rr_type *trr)
size_t buffer_remaining(buffer_type *buffer)
void buffer_pkt_set_rcode(buffer_type *buffer, ldns_pkt_rcode rcode)
query_state soa_request(query_type *q, engine_type *engine)
void buffer_write_rdf(buffer_type *buffer, ldns_rdf *rdf)
int buffer_pkt_ra(buffer_type *buffer)
void tsig_rr_sign(tsig_rr_type *trr)
void query_prepare(query_type *q)
int query_add_rr(query_type *q, ldns_rr *rr)
size_t edns_rr_reserved_space(edns_rr_type *err)
size_t buffer_position(buffer_type *buffer)
unsigned char error[OPT_LEN]
unsigned char ok[OPT_LEN]
void buffer_pkt_set_arcount(buffer_type *buffer, uint16_t count)
int buffer_pkt_cd(buffer_type *buffer)
ldns_pkt_section sections[QUERY_RESPONSE_MAX_RRSET]
void dnshandler_fwd_notify(dnshandler_type *dnshandler, uint8_t *pkt, size_t len)
int addr2ip(struct sockaddr_storage addr, char *ip, size_t len)
unsigned char rdata_none[OPT_RDATA]
void buffer_pkt_set_qr(buffer_type *buffer)
uint8_t * buffer_begin(buffer_type *buffer)
ldns_pkt_rcode buffer_pkt_rcode(buffer_type *buffer)
buffer_type * buffer_create(size_t capacity)
dnshandler_type * dnshandler
int buffer_pkt_tc(buffer_type *buffer)
size_t tsig_rr_reserved_space(tsig_rr_type *trr)