44 #include <ldns/ldns.h>
46 static const char* zd_str =
"data";
48 static ldns_rbnode_t* domain2node(
domain_type* domain);
55 log_rdf(ldns_rdf *rdf,
const char* pre,
int level)
61 str = ldns_rdf2str(rdf);
64 ods_log_error(
"[%s] %s : %s", zd_str, pre?pre:
"", str?str:
"(null)");
65 }
else if (level == 2) {
67 }
else if (level == 3) {
68 ods_log_info(
"[%s] %s : %s", zd_str, pre?pre:
"", str?str:
"(null)");
69 }
else if (level == 4) {
71 }
else if (level == 5) {
72 ods_log_debug(
"[%s] %s : %s", zd_str, pre?pre:
"", str?str:
"(null)");
73 }
else if (level == 6) {
92 ldns_rbnode_t* node = (ldns_rbnode_t*) malloc(
sizeof(ldns_rbnode_t));
96 node->key = domain->
dname;
106 static ldns_rbnode_t*
109 ldns_rbnode_t* node = (ldns_rbnode_t*) malloc(
sizeof(ldns_rbnode_t));
113 node->key = denial->
owner;
124 domain_compare(
const void* a,
const void* b)
126 ldns_rdf* x = (ldns_rdf*)a;
127 ldns_rdf* y = (ldns_rdf*)b;
128 return ldns_dname_compare(x, y);
154 zd->
domains = ldns_rbtree_create(domain_compare);
170 ods_log_error(
"[%s] cannot create zonedata: no allocator", zd_str);
177 ods_log_error(
"[%s] cannot create zonedata: allocator failed",
184 zonedata_init_domains(zd);
204 const char* token = NULL;
205 const char* owner = NULL;
209 ldns_rdf* rdf = NULL;
210 ldns_rbnode_t* denial_node = LDNS_RBTREE_NULL;
223 goto recover_domain_error;
226 rdf = ldns_dname_new_frm_str(owner);
229 ldns_rdf_deep_free(rdf);
235 goto recover_domain_error;
241 goto recover_domain_error;
244 denial_node = denial2node(domain->
denial);
246 if (!ldns_rbtree_insert(zd->
denial_chain, denial_node)) {
248 free((
void*)denial_node);
249 goto recover_domain_error;
266 goto recover_domain_error;
273 goto recover_domain_error;
278 recover_domain_error:
294 zonedata_domain_search(ldns_rbtree_t* tree, ldns_rdf* dname)
296 ldns_rbnode_t* node = LDNS_RBTREE_NULL;
298 if (!tree || !dname) {
301 node = ldns_rbtree_search(tree, dname);
302 if (node && node != LDNS_RBTREE_NULL) {
316 if (!zd)
return NULL;
318 return zonedata_domain_search(zd->
domains, dname);
329 ldns_rbnode_t* new_node = LDNS_RBTREE_NULL;
332 ods_log_error(
"[%s] unable to add domain: no domain", zd_str);
338 log_rdf(domain->
dname,
"unable to add domain, no storage", 1);
344 new_node = domain2node(domain);
345 if (ldns_rbtree_insert(zd->
domains, new_node) == NULL) {
346 log_rdf(domain->
dname,
"unable to add domain, already present", 1);
347 free((
void*)new_node);
360 zonedata_del_domain_fixup(ldns_rbtree_t* tree,
domain_type* domain)
363 ldns_rbnode_t* del_node = LDNS_RBTREE_NULL;
369 del_node = ldns_rbtree_search(tree, (
const void*)domain->
dname);
371 del_node = ldns_rbtree_delete(tree, (
const void*)domain->
dname);
374 free((
void*)del_node);
377 log_rdf(domain->
dname,
"unable to del domain, not found", 1);
391 ods_log_error(
"[%s] unable to delete domain: no domain", zd_str);
398 log_rdf(domain->
dname,
"unable to delete domain, no zonedata", 1);
405 log_rdf(domain->
dname,
"unable to delete domain, failed to delete "
406 "denial of existence data point", 1);
411 return zonedata_del_domain_fixup(zd->
domains, domain);
420 zonedata_denial_search(ldns_rbtree_t* tree, ldns_rdf* dname)
422 ldns_rbnode_t* node = LDNS_RBTREE_NULL;
424 if (!tree || !dname) {
427 node = ldns_rbtree_search(tree, dname);
428 if (node && node != LDNS_RBTREE_NULL) {
442 if (!zd)
return NULL;
455 ldns_rdf* hashed_ownername = NULL;
456 ldns_rdf* hashed_label = NULL;
466 hashed_label = ldns_nsec3_hash_name(dname, nsec3params->
algorithm,
470 log_rdf(dname,
"unable to hash dname, hash failed", 1);
473 hashed_ownername = ldns_dname_cat_clone((
const ldns_rdf*) hashed_label,
474 (
const ldns_rdf*) apex);
475 if (!hashed_ownername) {
476 log_rdf(dname,
"unable to hash dname, concat apex failed", 1);
479 ldns_rdf_deep_free(hashed_label);
480 return hashed_ownername;
492 ldns_rbnode_t* new_node = LDNS_RBTREE_NULL;
493 ldns_rbnode_t* prev_node = LDNS_RBTREE_NULL;
494 ldns_rdf* owner = NULL;
499 ods_log_error(
"[%s] unable to add denial of existence data point: "
500 "no domain", zd_str);
506 log_rdf(domain->
dname,
"unable to add denial of existence data "
507 "point for domain, no denial chain", 1);
514 log_rdf(domain->
dname,
"unable to add denial of existence data "
515 "point for domain, apex unknown", 1);
522 owner = dname_hash(domain->
dname, apex, nsec3params);
524 log_rdf(domain->
dname,
"unable to add denial of existence data "
525 "point for domain, dname hash failed", 1);
529 owner = ldns_rdf_clone(domain->
dname);
533 log_rdf(domain->
dname,
"unable to add denial of existence for "
534 "domain, data point exists", 1);
539 new_node = denial2node(denial);
540 ldns_rdf_deep_free(owner);
543 log_rdf(domain->
dname,
"unable to add denial of existence for "
544 "domain, insert failed", 1);
545 free((
void*)new_node);
552 prev_node = ldns_rbtree_previous(new_node);
553 if (!prev_node || prev_node == LDNS_RBTREE_NULL) {
571 zonedata_del_denial_fixup(ldns_rbtree_t* tree,
denial_type* denial)
575 ldns_rbnode_t* prev_node = LDNS_RBTREE_NULL;
576 ldns_rbnode_t* del_node = LDNS_RBTREE_NULL;
583 del_node = ldns_rbtree_search(tree, (
const void*)denial->
owner);
589 prev_node = ldns_rbtree_previous(del_node);
590 if (!prev_node || prev_node == LDNS_RBTREE_NULL) {
591 prev_node = ldns_rbtree_last(tree);
603 "point: failed to wipe out NSEC RRset", zd_str);
609 "point: failed to commit NSEC RRset", zd_str);
614 del_node = ldns_rbtree_delete(tree, (
const void*)denial->
owner);
617 free((
void*)del_node);
620 log_rdf(denial->
owner,
"unable to del denial of existence data "
621 "point, not found", 1);
635 ods_log_error(
"[%s] unable to delete denial of existence data "
636 "point: no data point", zd_str);
642 log_rdf(denial->
owner,
"unable to delete denial of existence data "
643 "point, no zone data", 1);
649 return zonedata_del_denial_fixup(zd->
denial_chain, denial);
660 ldns_rbnode_t* node = LDNS_RBTREE_NULL;
667 if (zd->
domains->root != LDNS_RBTREE_NULL) {
668 node = ldns_rbtree_first(zd->
domains);
670 while (node && node != LDNS_RBTREE_NULL) {
676 node = ldns_rbtree_next(node);
689 ldns_rbnode_t* node = LDNS_RBTREE_NULL;
690 ldns_rbnode_t* nxtnode = LDNS_RBTREE_NULL;
691 ldns_rbnode_t* tmpnode = LDNS_RBTREE_NULL;
699 if (zd->
domains->root != LDNS_RBTREE_NULL) {
700 node = ldns_rbtree_last(zd->
domains);
702 while (node && node != LDNS_RBTREE_NULL) {
709 node = ldns_rbtree_previous(node);
714 nxtnode = ldns_rbtree_next(tmpnode);
716 if (nxtnode && nxtnode != LDNS_RBTREE_NULL) {
720 !ldns_dname_is_subdomain(nxtdomain->
dname, domain->
dname)) {
741 ldns_rbnode_t* node = LDNS_RBTREE_NULL;
747 if (zd->
domains->root != LDNS_RBTREE_NULL) {
748 node = ldns_rbtree_first(zd->
domains);
750 while (node && node != LDNS_RBTREE_NULL) {
753 node = ldns_rbtree_next(node);
764 domain_ent2glue(ldns_rbnode_t* node)
766 ldns_rbnode_t* nextnode = LDNS_RBTREE_NULL;
773 nextnode = ldns_rbtree_next(node);
774 while (nextnode && nextnode != LDNS_RBTREE_NULL) {
776 if (!ldns_dname_is_subdomain(nextdomain->
dname, domain->
dname)) {
786 nextnode = ldns_rbtree_next(nextnode);
803 domain_ent2unsigned(ldns_rbnode_t* node)
805 ldns_rbnode_t* nextnode = LDNS_RBTREE_NULL;
812 nextnode = ldns_rbtree_next(node);
813 while (nextnode && nextnode != LDNS_RBTREE_NULL) {
815 if (!ldns_dname_is_subdomain(nextdomain->
dname, domain->
dname)) {
826 nextnode = ldns_rbtree_next(nextnode);
845 ldns_rdf* parent_rdf = NULL;
859 while (domain && ldns_dname_is_subdomain(domain->
dname, apex) &&
860 ldns_dname_compare(domain->
dname, apex) != 0) {
869 parent_rdf = ldns_dname_left_chop(domain->
dname);
871 log_rdf(domain->
dname,
"unable to entize domain, left chop "
878 if (!parent_domain) {
880 ldns_rdf_deep_free(parent_rdf);
881 if (!parent_domain) {
882 log_rdf(domain->
dname,
"unable to entize domain, create "
888 log_rdf(domain->
dname,
"unable to entize domain, add parent "
894 domain->
parent = parent_domain;
896 domain = parent_domain;
898 ldns_rdf_deep_free(parent_rdf);
899 domain->
parent = parent_domain;
915 ldns_rbnode_t* node = LDNS_RBTREE_NULL;
920 ods_log_error(
"[%s] unable to entize zone data: no zone data",
928 ods_log_error(
"[%s] unable to entize zone data: no zone apex",
934 node = ldns_rbtree_first(zd->
domains);
935 while (node && node != LDNS_RBTREE_NULL) {
937 status = domain_entize(zd, domain, apex);
939 ods_log_error(
"[%s] unable to entize zone data: entize domain "
944 node = ldns_rbtree_next(node);
958 ldns_rbnode_t* node = LDNS_RBTREE_NULL;
959 ldns_rbnode_t* nxt_node = LDNS_RBTREE_NULL;
965 size_t nsec_added = 0;
973 node = ldns_rbtree_first(zd->
domains);
974 while (node && node != LDNS_RBTREE_NULL) {
985 log_rdf(domain->
dname,
"nsecify: don't do glue domain", 6);
987 log_rdf(domain->
dname,
"nsecify: don't do empty domain", 6);
992 "delete denial of existence data point", zd_str);
997 node = ldns_rbtree_next(node);
1001 ods_log_alert(
"[%s] unable to nsecify: apex unknown", zd_str);
1009 log_rdf(domain->
dname,
"unable to nsecify: failed to add "
1010 "denial of existence for domain", 1);
1015 node = ldns_rbtree_next(node);
1020 while (node && node != LDNS_RBTREE_NULL) {
1022 nxt_node = ldns_rbtree_next(node);
1023 if (!nxt_node || nxt_node == LDNS_RBTREE_NULL) {
1030 ods_log_error(
"[%s] unable to nsecify: failed to add NSEC record",
1034 node = ldns_rbtree_next(node);
1037 *num_added = nsec_added;
1051 ldns_rbnode_t* node = LDNS_RBTREE_NULL;
1052 ldns_rbnode_t* nxt_node = LDNS_RBTREE_NULL;
1058 size_t nsec3_added = 0;
1067 ods_log_error(
"[%s] unable to nsecify3: no nsec3 paramaters", zd_str);
1072 node = ldns_rbtree_first(zd->
domains);
1073 while (node && node != LDNS_RBTREE_NULL) {
1082 domain_ent2glue(node)) {
1083 log_rdf(domain->
dname,
"nsecify3: don't do glue domain" , 6);
1087 "delete denial of existence data point", zd_str);
1092 node = ldns_rbtree_next(node);
1096 if (nsec3params->
flags) {
1100 domain_ent2unsigned(node)) {
1106 "non-terminal (to unsigned delegation))", 5);
1111 "delete denial of existence data point", zd_str);
1116 node = ldns_rbtree_next(node);
1121 ods_log_alert(
"[%s] unable to nsecify3: apex unknown", zd_str);
1130 log_rdf(domain->
dname,
"unable to nsecify3: failed to add "
1131 "denial of existence for domain", 1);
1156 node = ldns_rbtree_next(node);
1161 while (node && node != LDNS_RBTREE_NULL) {
1163 nxt_node = ldns_rbtree_next(node);
1164 if (!nxt_node || nxt_node == LDNS_RBTREE_NULL) {
1171 ods_log_error(
"[%s] unable to nsecify3: failed to add NSEC3 "
1175 node = ldns_rbtree_next(node);
1178 *num_added = nsec3_added;
1185 max(uint32_t a, uint32_t b)
1197 const char* zone_name)
1201 uint32_t update = 0;
1208 ods_log_debug(
"[%s] zone %s update serial: in=%u internal=%u out=%u now=%u",
1220 " increase %u", zd_str, zone_name, soa, prev);
1223 ods_log_info(
"[%s] zone %s enforcing serial %u", zd_str, zone_name,
1232 "serial: not greater than inbound serial %u", zd_str,
1239 }
else if (strncmp(sc->
soa_serial,
"counter", 7) == 0) {
1246 }
else if (strncmp(sc->
soa_serial,
"datecounter", 11) == 0) {
1251 "serial: not greater than inbound serial %u", zd_str,
1258 }
else if (strncmp(sc->
soa_serial,
"keep", 4) == 0) {
1262 ods_log_error(
"[%s] zone %s cannot keep SOA SERIAL from input zone "
1263 "(%u): previous output SOA SERIAL is %u", zd_str, zone_name,
1268 ods_log_error(
"[%s] zone %s unknown serial type %s", zd_str, zone_name,
1274 update = soa - prev;
1275 if (update > 0x7FFFFFFF) {
1276 update = 0x7FFFFFFF;
1284 ods_log_debug(
"[%s] zone %s update serial: %u + %u = %u", zd_str, zone_name,
1297 ldns_rbnode_t* node = LDNS_RBTREE_NULL;
1304 if (zd->
domains->root != LDNS_RBTREE_NULL) {
1305 node = ldns_rbtree_first(zd->
domains);
1307 while (node && node != LDNS_RBTREE_NULL) {
1313 node = ldns_rbtree_next(node);
1327 ldns_rdf* parent_rdf = NULL;
1328 ldns_rdf* next_rdf = NULL;
1330 char* str_name = NULL;
1331 char* str_parent = NULL;
1339 if (ldns_dname_compare(domain->
dname, apex) == 0) {
1344 log_rdf(domain->
dname,
"occluded (non-glue non-DS) data at NS", 2);
1348 parent_rdf = ldns_dname_left_chop(domain->
dname);
1349 while (parent_rdf && ldns_dname_is_subdomain(parent_rdf, apex) &&
1350 ldns_dname_compare(parent_rdf, apex) != 0) {
1353 next_rdf = ldns_dname_left_chop(parent_rdf);
1354 ldns_rdf_deep_free(parent_rdf);
1356 if (parent_domain) {
1361 str_name = ldns_rdf2str(domain->
dname);
1362 str_parent = ldns_rdf2str(parent_domain->
dname);
1364 zd_str, str_name, str_parent);
1365 free((
void*)str_name);
1366 free((
void*)str_parent);
1369 LDNS_RR_TYPE_NS, 0) &&
1372 str_name = ldns_rdf2str(domain->
dname);
1373 str_parent = ldns_rdf2str(parent_domain->
dname);
1375 "%s NS)", zd_str, str_name, str_parent);
1376 free((
void*)str_name);
1377 free((
void*)str_parent);
1394 parent_rdf = next_rdf;
1397 ldns_rdf_deep_free(parent_rdf);
1411 ldns_rbnode_t* node = LDNS_RBTREE_NULL;
1422 if (zd->
domains->root != LDNS_RBTREE_NULL) {
1423 node = ldns_rbtree_first(zd->
domains);
1425 while (node && node != LDNS_RBTREE_NULL) {
1441 zonedata_examine_domain_is_occluded(zd, domain, apex);
1446 node = ldns_rbtree_next(node);
1459 ldns_rbnode_t* node = LDNS_RBTREE_NULL;
1464 while (node && node != LDNS_RBTREE_NULL) {
1466 if (denial->
rrset) {
1469 denial->
rrset = NULL;
1471 node = ldns_rbtree_next(node);
1483 domain_delfunc(ldns_rbnode_t* elem)
1487 if (elem && elem != LDNS_RBTREE_NULL) {
1489 domain_delfunc(elem->left);
1490 domain_delfunc(elem->right);
1504 denial_delfunc(ldns_rbnode_t* elem)
1510 if (elem && elem != LDNS_RBTREE_NULL) {
1512 denial_delfunc(elem->left);
1513 denial_delfunc(elem->right);
1535 domain_delfunc(zd->
domains->root);
1536 ldns_rbtree_free(zd->
domains);
1572 zonedata_cleanup_domains(zd);
1586 ldns_rbnode_t* node = LDNS_RBTREE_NULL;
1593 node = ldns_rbtree_first(zd->
domains);
1594 while (node && node != LDNS_RBTREE_NULL) {
1597 node = ldns_rbtree_next(node);
1599 fprintf(fd,
";;\n");
1611 ldns_rbnode_t* node = LDNS_RBTREE_NULL;
1615 ods_log_error(
"[%s] unable to print zone data: no file descriptor",
1622 ods_log_error(
"[%s] unable to print zone data: no zone data",
1629 node = ldns_rbtree_first(zd->
domains);
1630 if (!node || node == LDNS_RBTREE_NULL) {
1631 fprintf(fd,
"; empty zone\n");
1634 while (node && node != LDNS_RBTREE_NULL) {
1637 node = ldns_rbtree_next(node);
void ods_log_alert(const char *format,...)
void domain_cleanup(domain_type *domain)
int backup_read_str(FILE *in, const char **str)
denial_type * zonedata_lookup_denial(zonedata_type *zd, ldns_rdf *dname)
void zonedata_cleanup(zonedata_type *zd)
#define DNS_SERIAL_GT(a, b)
ldns_rbtree_t * denial_chain
ods_status denial_nsecify3(denial_type *denial, denial_type *nxt, uint32_t ttl, ldns_rr_class klass, nsec3params_type *nsec3params)
void rrset_cleanup(rrset_type *rrset)
int domain_examine_rrset_is_alone(domain_type *domain, ldns_rr_type rrtype)
struct domain_struct * domain
void ods_log_debug(const char *format,...)
uint32_t time_datestamp(time_t tt, const char *format, char **str)
ods_status zonedata_entize(zonedata_type *zd, ldns_rdf *apex)
void denial_cleanup(denial_type *denial)
int domain_examine_rrset_is_singleton(domain_type *domain, ldns_rr_type rrtype)
void * allocator_alloc(allocator_type *allocator, size_t size)
zonedata_type * zonedata_create(allocator_type *allocator)
denial_type * zonedata_del_denial(zonedata_type *zd, denial_type *denial)
void ods_log_info(const char *format,...)
enum ods_enum_status ods_status
void zonedata_wipe_denial(zonedata_type *zd)
domain_type * zonedata_del_domain(zonedata_type *zd, domain_type *domain)
void ods_log_error(const char *format,...)
void domain_dstatus(domain_type *domain)
ods_status rrset_wipe_out(rrset_type *rrset)
int ods_strcmp(const char *s1, const char *s2)
int backup_read_int(FILE *in, int *v)
void zonedata_rollback(zonedata_type *zd)
void zonedata_cleanup_chain(zonedata_type *zd)
void log_rdf(ldns_rdf *rdf, const char *pre, int level)
ods_status zonedata_nsecify(zonedata_type *zd, ldns_rr_class klass, uint32_t ttl, uint32_t *num_added)
void domain_backup(FILE *fd, domain_type *domain)
ods_status domain_commit(domain_type *domain)
ods_status zonedata_diff(zonedata_type *zd, keylist_type *kl)
void zonedata_backup(FILE *fd, zonedata_type *zd)
ods_status domain_queue(domain_type *domain, fifoq_type *q, worker_type *worker)
enum adapter_mode_enum adapter_mode
allocator_type * allocator
void ods_log_verbose(const char *format,...)
ods_status zonedata_recover(zonedata_type *zd, FILE *fd)
ods_status zonedata_examine(zonedata_type *zd, ldns_rdf *apex, adapter_mode mode)
ods_status denial_nsecify(denial_type *denial, denial_type *nxt, uint32_t ttl, ldns_rr_class klass)
size_t domain_count_rrset(domain_type *domain)
int domain_examine_valid_zonecut(domain_type *domain)
denial_type * denial_create(ldns_rdf *owner)
ods_status zonedata_commit(zonedata_type *zd)
ods_status zonedata_update_serial(zonedata_type *zd, signconf_type *sc, const char *zone_name)
int backup_read_check_str(FILE *in, const char *str)
void domain_print(FILE *fd, domain_type *domain)
void ods_log_deeebug(const char *format,...)
void zonedata_init_denial(zonedata_type *zd)
ods_status domain_diff(domain_type *domain, keylist_type *kl)
void allocator_deallocate(allocator_type *allocator, void *data)
int domain_examine_data_exists(domain_type *domain, ldns_rr_type rrtype, int skip_glue)
ods_status zonedata_nsecify3(zonedata_type *zd, ldns_rr_class klass, uint32_t ttl, nsec3params_type *nsec3params, uint32_t *num_added)
ods_status domain_recover(domain_type *domain, FILE *fd, domain_status dstatus)
#define ods_log_assert(x)
domain_type * zonedata_lookup_domain(zonedata_type *zd, ldns_rdf *dname)
ods_status rrset_commit(rrset_type *rrset)
void ods_log_warning(const char *format,...)
ods_status zonedata_add_denial(zonedata_type *zd, domain_type *domain, ldns_rdf *apex, nsec3params_type *nsec3params)
domain_type * domain_create(ldns_rdf *dname)
ods_status zonedata_queue(zonedata_type *zd, fifoq_type *q, worker_type *worker)
ods_status zonedata_print(FILE *fd, zonedata_type *zd)
domain_type * zonedata_add_domain(zonedata_type *zd, domain_type *domain)
void domain_rollback(domain_type *domain)