Maintained by: NLnet Labs
Data Structures | Functions
authzone.h File Reference

This file contains the functions for an authority zone. More...

#include "util/rbtree.h"
#include "util/locks.h"
#include "services/mesh.h"

Data Structures

struct  auth_zones
 Authoritative zones, shared. More...
 
struct  auth_zone
 Auth zone. More...
 
struct  auth_data
 Auth data. More...
 
struct  auth_rrset
 A auth data RRset. More...
 
struct  auth_xfer
 Authoritative zone transfer structure. More...
 
struct  auth_nextprobe
 The next probe task. More...
 
struct  auth_probe
 The probe task. More...
 
struct  auth_transfer
 The transfer task. More...
 
struct  auth_addr
 list of addresses More...
 
struct  auth_master
 auth zone master upstream, and the config settings for it More...
 
struct  auth_chunk
 auth zone master zone transfer data chunk More...
 

Functions

struct auth_zonesauth_zones_create (void)
 Create auth zones structure.
 
int auth_zones_apply_cfg (struct auth_zones *az, struct config_file *cfg, int setup)
 Apply configuration to auth zones. More...
 
void auth_xfer_pickup_initial (struct auth_zones *az, struct module_env *env)
 initial pick up of worker timeouts, ties events to worker event loop More...
 
void auth_zones_cleanup (struct auth_zones *az)
 Cleanup auth zones. More...
 
void auth_zones_delete (struct auth_zones *az)
 Delete auth zones structure.
 
int auth_zone_write_file (struct auth_zone *z, const char *fname)
 Write auth zone data to file, in zonefile format.
 
int auth_zones_lookup (struct auth_zones *az, struct query_info *qinfo, struct regional *region, struct dns_msg **msg, int *fallback, uint8_t *dp_nm, size_t dp_nmlen)
 Use auth zones to lookup the answer to a query. More...
 
int auth_zones_answer (struct auth_zones *az, struct module_env *env, struct query_info *qinfo, struct edns_data *edns, struct sldns_buffer *buf, struct regional *temp)
 Answer query from auth zone. More...
 
struct auth_zoneauth_zones_find_zone (struct auth_zones *az, uint8_t *name, size_t name_len, uint16_t dclass)
 Find the auth zone that is above the given qname. More...
 
struct auth_zoneauth_zone_find (struct auth_zones *az, uint8_t *nm, size_t nmlen, uint16_t dclass)
 find an auth zone by name (exact match by name or NULL returned)
 
struct auth_xferauth_xfer_find (struct auth_zones *az, uint8_t *nm, size_t nmlen, uint16_t dclass)
 find an xfer zone by name (exact match by name or NULL returned)
 
struct auth_zoneauth_zone_create (struct auth_zones *az, uint8_t *nm, size_t nmlen, uint16_t dclass)
 create an auth zone. More...
 
int auth_zone_set_zonefile (struct auth_zone *z, char *zonefile)
 set auth zone zonefile string. More...
 
int auth_zone_set_fallback (struct auth_zone *z, char *fallbackstr)
 set auth zone fallback. More...
 
int auth_zones_can_fallback (struct auth_zones *az, uint8_t *nm, size_t nmlen, uint16_t dclass)
 see if the auth zone for the name can fallback More...
 
int auth_zones_notify (struct auth_zones *az, struct module_env *env, uint8_t *nm, size_t nmlen, uint16_t dclass, struct sockaddr_storage *addr, socklen_t addrlen, int has_serial, uint32_t serial, int *refused)
 process notify for auth zones. More...
 
int auth_zone_parse_notify_serial (struct sldns_buffer *pkt, uint32_t *serial)
 process notify packet and read serial number from SOA. More...
 
int auth_zone_read_zonefile (struct auth_zone *z)
 read auth zone from zonefile. More...
 
int auth_zone_get_serial (struct auth_zone *z, uint32_t *serial)
 find serial number of zone or false if none (no SOA record) More...
 
int auth_zone_cmp (const void *z1, const void *z2)
 compare auth_zones for sorted rbtree
 
int auth_data_cmp (const void *z1, const void *z2)
 compare auth_data for sorted rbtree
 
int auth_xfer_cmp (const void *z1, const void *z2)
 compare auth_xfer for sorted rbtree
 
struct auth_xferauth_xfer_create (struct auth_zones *az, struct auth_zone *z)
 Create auth_xfer structure. More...
 
int xfer_set_masters (struct auth_master **list, struct config_auth *c, int with_http)
 Set masters in auth xfer structure from config. More...
 
void auth_xfer_timer (void *arg)
 xfer nextprobe timeout callback, this is part of task_nextprobe
 
int auth_xfer_probe_udp_callback (struct comm_point *c, void *arg, int err, struct comm_reply *repinfo)
 callback for commpoint udp replies to task_probe More...
 
int auth_xfer_transfer_tcp_callback (struct comm_point *c, void *arg, int err, struct comm_reply *repinfo)
 callback for task_transfer tcp connections
 
int auth_xfer_transfer_http_callback (struct comm_point *c, void *arg, int err, struct comm_reply *repinfo)
 callback for task_transfer http connections
 
void auth_xfer_probe_timer_callback (void *arg)
 xfer probe timeout callback, part of task_probe More...
 
void auth_xfer_probe_lookup_callback (void *arg, int rcode, struct sldns_buffer *buf, enum sec_status sec, char *why_bogus)
 mesh callback for task_probe on lookup of host names
 
void auth_xfer_transfer_lookup_callback (void *arg, int rcode, struct sldns_buffer *buf, enum sec_status sec, char *why_bogus)
 mesh callback for task_transfer on lookup of host names
 
int compare_serial (uint32_t a, uint32_t b)
 

Detailed Description

This file contains the functions for an authority zone.

This zone is queried by the iterator, just like a stub or forward zone, but then the data is locally held.

Function Documentation

◆ auth_zones_apply_cfg()

int auth_zones_apply_cfg ( struct auth_zones az,
struct config_file cfg,
int  setup 
)

Apply configuration to auth zones.

Reads zonefiles.

Parameters
azauth zones structure
cfgconfig to apply.
setupif true, also sets up values in the auth zones structure
Returns
false on failure.

References auth_zones_cfg(), auth_zones_read_zones(), auth_zones_setup_zones(), config_file::auths, az_delete_deleted_zones(), az_setall_deleted(), log_err(), log_warn(), config_auth::name, and config_auth::next.

Referenced by check_auth(), and context_finalize().

◆ auth_xfer_pickup_initial()

void auth_xfer_pickup_initial ( struct auth_zones az,
struct module_env env 
)

initial pick up of worker timeouts, ties events to worker event loop

Parameters
azauth zones structure
envworker env, of first worker that receives the events (if any) in its eventloop.

References auth_xfer::have_zone, auth_xfer::lease_time, auth_zones::lock, auth_xfer::lock, module_env::now, RBTREE_FOR, auth_xfer::task_nextprobe, xfr_set_timeout(), and auth_zones::xtree.

◆ auth_zones_cleanup()

void auth_zones_cleanup ( struct auth_zones az)

Cleanup auth zones.

This removes all events from event bases. Stops the xfr tasks. But leaves zone data.

Parameters
azauth zones structure.

References auth_chunks_delete(), auth_zones::lock, auth_xfer::lock, RBTREE_FOR, auth_xfer::task_nextprobe, auth_xfer::task_probe, auth_xfer::task_transfer, xfr_nextprobe_disown(), xfr_probe_disown(), xfr_transfer_disown(), and auth_zones::xtree.

Referenced by daemon_cleanup().

◆ auth_zones_lookup()

int auth_zones_lookup ( struct auth_zones az,
struct query_info qinfo,
struct regional region,
struct dns_msg **  msg,
int *  fallback,
uint8_t *  dp_nm,
size_t  dp_nmlen 
)

Use auth zones to lookup the answer to a query.

The query is from the iterator. And the auth zones attempts to provide the answer instead of going to the internet.

Parameters
azauth zones structure.
qinfoquery info to lookup.
regionregion to use to allocate the reply in.
msgreply is stored here (if one).
fallbackif true, fallback to making a query to the internet.
dp_nmname of delegation point to look for. This zone is used to answer the query. If the dp_nm is not found, fallback is set to true and false returned.
dp_nmlenlength of dp_nm.
Returns
0: failure (an error of some sort, like servfail). if 0 and fallback is true, fallback to the internet. if 0 and fallback is false, like getting servfail. If true, an answer is available.

References auth_zone_find(), auth_zone_generate_answer(), auth_zone::for_upstream, auth_zones::lock, auth_zone::lock, and query_info::qclass.

Referenced by q_ans_query().

◆ auth_zones_answer()

int auth_zones_answer ( struct auth_zones az,
struct module_env env,
struct query_info qinfo,
struct edns_data edns,
struct sldns_buffer buf,
struct regional temp 
)

Answer query from auth zone.

Create authoritative answer.

Parameters
azauth zones structure.
envthe module environment.
qinfoquery info (parsed).
ednsedns info (parsed).
bufbuffer with query ID and flags, also for reply.
temptemporary storage region.
Returns
false if not answered

References auth_error_encode(), auth_zone_generate_answer(), auth_zones_find_zone(), dname_remove_label(), auth_zone::for_downstream, auth_zones::have_downstream, LDNS_RR_TYPE_DS, auth_zones::lock, auth_zone::lock, auth_zones::num_query_down, query_info::qclass, query_info::qname, query_info::qname_len, and query_info::qtype.

Referenced by handle_newq().

◆ auth_zones_find_zone()

struct auth_zone* auth_zones_find_zone ( struct auth_zones az,
uint8_t *  name,
size_t  name_len,
uint16_t  dclass 
)

Find the auth zone that is above the given qname.

Return NULL when there is no auth_zone above the give name, otherwise returns the closest auth_zone above the qname that pertains to it.

Parameters
azauth zones structure.
namequery to look up for.
name_lenlength of name.
dclassclass of zone to find.
Returns
NULL or auth_zone that pertains to the query.

Find the auth zone that is above the given qname.

References auth_zone_find(), auth_zone_find_less_equal(), auth_zone::dclass, dname_count_size_labels(), dname_get_shared_topdomain(), dname_is_root(), dname_remove_label(), and auth_zone::name.

Referenced by auth_zone_delegpt(), and auth_zones_answer().

◆ auth_zone_create()

struct auth_zone* auth_zone_create ( struct auth_zones az,
uint8_t *  nm,
size_t  nmlen,
uint16_t  dclass 
)

◆ auth_zone_set_zonefile()

int auth_zone_set_zonefile ( struct auth_zone z,
char *  zonefile 
)

set auth zone zonefile string.

caller must have lock on zone

References log_err(), and auth_zone::zonefile.

Referenced by auth_zones_cfg().

◆ auth_zone_set_fallback()

int auth_zone_set_fallback ( struct auth_zone z,
char *  fallbackstr 
)

set auth zone fallback.

caller must have lock on zone. fallbackstr is "yes" or "no". false on parse failure.

caller must have lock on zone

References auth_zone::fallback_enabled, and log_err().

◆ auth_zones_can_fallback()

int auth_zones_can_fallback ( struct auth_zones az,
uint8_t *  nm,
size_t  nmlen,
uint16_t  dclass 
)

see if the auth zone for the name can fallback

Parameters
azauth zones
nmname of delegation point.
nmlenlength of nm.
dclassclass of zone to look for.
Returns
true if fallback_enabled is true. false if not. if the zone does not exist, fallback is true (more lenient) also true if zone does not do upstream requests.

References auth_zone_find(), auth_zone::dclass, auth_zone::fallback_enabled, auth_zone::for_upstream, auth_zones::lock, and auth_zone::lock.

◆ auth_zones_notify()

int auth_zones_notify ( struct auth_zones az,
struct module_env env,
uint8_t *  nm,
size_t  nmlen,
uint16_t  dclass,
struct sockaddr_storage *  addr,
socklen_t  addrlen,
int  has_serial,
uint32_t  serial,
int *  refused 
)

process notify for auth zones.

first checks the access list. Then processes the notify. This starts the probe sequence or it notes the serial number (if any)

Parameters
azauth zones structure.
envmodule env of the worker that is handling the notify. it will pick up the task probe (or transfer), unless already in progress by another worker.
nmname of the zone. Uncompressed. from query.
nmlenlength of name.
dclassclass of zone.
addrsource address of notify
addrlenlength of addr.
has_serialif true, the notify has a serial attached.
serialthe serial number, if has_serial is true.
refusedis set to true on failure to note refused access.
Returns
fail on failures (refused is false) and when access is denied (refused is true). True when processed.

References auth_xfer_find(), az_xfr_allowed_notify(), auth_zones::lock, auth_xfer::lock, and xfr_process_notify().

◆ auth_zone_parse_notify_serial()

int auth_zone_parse_notify_serial ( struct sldns_buffer pkt,
uint32_t *  serial 
)

process notify packet and read serial number from SOA.

returns 0 if no soa record in the notify

References query_info_parse(), and sldns_buffer_set_position().

◆ auth_zone_read_zonefile()

int auth_zone_read_zonefile ( struct auth_zone z)

◆ auth_zone_get_serial()

int auth_zone_get_serial ( struct auth_zone z,
uint32_t *  serial 
)

find serial number of zone or false if none (no SOA record)

find serial number of zone or false if none (no SOA record)

References az_domain_rrset(), az_find_name(), packed_rrset_data::count, auth_rrset::data, LDNS_RR_TYPE_SOA, auth_zone::name, auth_zone::namelen, and packed_rrset_data::rr_len.

Referenced by do_list_auth_zones().

◆ auth_xfer_create()

struct auth_xfer* auth_xfer_create ( struct auth_zones az,
struct auth_zone z 
)

Create auth_xfer structure.

Caller must have wrlock on az. Returns locked xfer zone.

Parameters
azzones structure.
zzone with name and class
Returns
xfer zone or NULL

This populates the have_zone, soa values, and so on times. and sets the timeout, if a zone transfer is needed a short timeout is set. For that the auth_zone itself must exist (and read in zonefile) returns false on alloc failure.

References auth_xfer_new(), log_err(), auth_xfer::node, rbtree_insert(), and auth_zones::xtree.

Referenced by auth_zones_find_or_add_xfer().

◆ xfer_set_masters()

int xfer_set_masters ( struct auth_master **  list,
struct config_auth c,
int  with_http 
)

Set masters in auth xfer structure from config.

Parameters
listpointer to start of list. The malloced list is returned here.
cthe config items to copy over.
with_httpif true, http urls are also included, before the masters.
Returns
false on failure.

References auth_master::allow_notify, config_auth::allow_notify, auth_master_new(), auth_master::file, auth_master::host, auth_master::http, auth_master::ixfr, log_err(), config_auth::masters, config_strlist::next, parse_url(), auth_master::port, auth_master::ssl, config_strlist::str, and config_auth::urls.

Referenced by auth_zones_cfg().

◆ auth_xfer_probe_udp_callback()

int auth_xfer_probe_udp_callback ( struct comm_point c,
void *  arg,
int  err,
struct comm_reply repinfo 
)

◆ auth_xfer_probe_timer_callback()

void auth_xfer_probe_timer_callback ( void *  arg)