xref: /freebsd/contrib/unbound/iterator/iter_delegpt.h (revision 9e5787d2284e187abb5b654d924394a65772e004)
1 /*
2  * iterator/iter_delegpt.h - delegation point with NS and address information.
3  *
4  * Copyright (c) 2007, NLnet Labs. All rights reserved.
5  *
6  * This software is open source.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  *
12  * Redistributions of source code must retain the above copyright notice,
13  * this list of conditions and the following disclaimer.
14  *
15  * Redistributions in binary form must reproduce the above copyright notice,
16  * this list of conditions and the following disclaimer in the documentation
17  * and/or other materials provided with the distribution.
18  *
19  * Neither the name of the NLNET LABS nor the names of its contributors may
20  * be used to endorse or promote products derived from this software without
21  * specific prior written permission.
22  *
23  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
24  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
25  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
26  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
27  * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
28  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
29  * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
30  * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
31  * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
32  * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
33  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
34  */
35 
36 /**
37  * \file
38  *
39  * This file implements the Delegation Point. It contains a list of name servers
40  * and their addresses if known.
41  */
42 
43 #ifndef ITERATOR_ITER_DELEGPT_H
44 #define ITERATOR_ITER_DELEGPT_H
45 #include "util/log.h"
46 struct regional;
47 struct delegpt_ns;
48 struct delegpt_addr;
49 struct dns_msg;
50 struct ub_packed_rrset_key;
51 struct msgreply_entry;
52 
53 /**
54  * Delegation Point.
55  * For a domain name, the NS rrset, and the A and AAAA records for those.
56  */
57 struct delegpt {
58 	/** the domain name of the delegation point. */
59 	uint8_t* name;
60 	/** length of the delegation point name */
61 	size_t namelen;
62 	/** number of labels in delegation point */
63 	int namelabs;
64 
65 	/** the nameservers, names from the NS RRset rdata. */
66 	struct delegpt_ns* nslist;
67 	/** the target addresses for delegation */
68 	struct delegpt_addr* target_list;
69 	/** the list of usable targets; subset of target_list
70 	 * the items in this list are not part of the result list.  */
71 	struct delegpt_addr* usable_list;
72 	/** the list of returned targets; subset of target_list */
73 	struct delegpt_addr* result_list;
74 
75 	/** if true, the NS RRset was bogus. All info is bad. */
76 	int bogus;
77 	/** if true, the parent-side NS record has been applied:
78 	 * its names have been added and their addresses can follow later.
79 	 * Also true if the delegationpoint was created from a delegation
80 	 * message and thus contains the parent-side-info already. */
81 	uint8_t has_parent_side_NS;
82 	/** for assertions on type of delegpt */
83 	uint8_t dp_type_mlc;
84 	/** use SSL for upstream query */
85 	uint8_t ssl_upstream;
86 	/** delegpt from authoritative zone that is locally hosted */
87 	uint8_t auth_dp;
88 	/*** no cache */
89 	int no_cache;
90 };
91 
92 /**
93  * Nameservers for a delegation point.
94  */
95 struct delegpt_ns {
96 	/** next in list */
97 	struct delegpt_ns* next;
98 	/** name of nameserver */
99 	uint8_t* name;
100 	/** length of name */
101 	size_t namelen;
102 	/**
103 	 * If the name has been resolved. false if not queried for yet.
104 	 * true if the A, AAAA queries have been generated.
105 	 * marked true if those queries fail.
106 	 * and marked true if got4 and got6 are both true.
107 	 */
108 	int resolved;
109 	/** if the ipv4 address is in the delegpt, 0=not, 1=yes 2=negative,
110 	 * negative means it was done, but no content. */
111 	uint8_t got4;
112 	/** if the ipv6 address is in the delegpt, 0=not, 1=yes 2=negative */
113 	uint8_t got6;
114 	/**
115 	 * If the name is parent-side only and thus dispreferred.
116 	 * Its addresses become dispreferred as well
117 	 */
118 	uint8_t lame;
119 	/** if the parent-side ipv4 address has been looked up (last resort).
120 	 * Also enabled if a parent-side cache entry exists, or a parent-side
121 	 * negative-cache entry exists. */
122 	uint8_t done_pside4;
123 	/** if the parent-side ipv6 address has been looked up (last resort).
124 	 * Also enabled if a parent-side cache entry exists, or a parent-side
125 	 * negative-cache entry exists. */
126 	uint8_t done_pside6;
127 };
128 
129 /**
130  * Address of target nameserver in delegation point.
131  */
132 struct delegpt_addr {
133 	/** next delegation point in results */
134 	struct delegpt_addr* next_result;
135 	/** next delegation point in usable list */
136 	struct delegpt_addr* next_usable;
137 	/** next delegation point in all targets list */
138 	struct delegpt_addr* next_target;
139 
140 	/** delegation point address */
141 	struct sockaddr_storage addr;
142 	/** length of addr */
143 	socklen_t addrlen;
144 	/** number of attempts for this addr */
145 	int attempts;
146 	/** rtt stored here in the selection algorithm */
147 	int sel_rtt;
148 	/** if true, the A or AAAA RR was bogus, so this address is bad.
149 	 * Also check the dp->bogus to see if everything is bogus. */
150 	uint8_t bogus;
151 	/** if true, this address is dispreferred: it is a lame IP address */
152 	uint8_t lame;
153 	/** if the address is dnsseclame, but this cannot be cached, this
154 	 * option is useful to mark the address dnsseclame.
155 	 * This value is not copied in addr-copy and dp-copy. */
156 	uint8_t dnsseclame;
157 	/** the TLS authentication name, (if not NULL) to use. */
158 	char* tls_auth_name;
159 };
160 
161 /**
162  * Create new delegation point.
163  * @param regional: where to allocate it.
164  * @return new delegation point or NULL on error.
165  */
166 struct delegpt* delegpt_create(struct regional* regional);
167 
168 /**
169  * Create a copy of a delegation point.
170  * @param dp: delegation point to copy.
171  * @param regional: where to allocate it.
172  * @return new delegation point or NULL on error.
173  */
174 struct delegpt* delegpt_copy(struct delegpt* dp, struct regional* regional);
175 
176 /**
177  * Set name of delegation point.
178  * @param dp: delegation point.
179  * @param regional: where to allocate the name copy.
180  * @param name: name to use.
181  * @return false on error.
182  */
183 int delegpt_set_name(struct delegpt* dp, struct regional* regional,
184 	uint8_t* name);
185 
186 /**
187  * Add a name to the delegation point.
188  * @param dp: delegation point.
189  * @param regional: where to allocate the info.
190  * @param name: domain name in wire format.
191  * @param lame: name is lame, disprefer it.
192  * @return false on error.
193  */
194 int delegpt_add_ns(struct delegpt* dp, struct regional* regional,
195 	uint8_t* name, uint8_t lame);
196 
197 /**
198  * Add NS rrset; calls add_ns repeatedly.
199  * @param dp: delegation point.
200  * @param regional: where to allocate the info.
201  * @param ns_rrset: NS rrset.
202  * @param lame: rrset is lame, disprefer it.
203  * @return 0 on alloc error.
204  */
205 int delegpt_rrset_add_ns(struct delegpt* dp, struct regional* regional,
206 	struct ub_packed_rrset_key* ns_rrset, uint8_t lame);
207 
208 /**
209  * Add target address to the delegation point.
210  * @param dp: delegation point.
211  * @param regional: where to allocate the info.
212  * @param name: name for which target was found (must be in nslist).
213  *	This name is marked resolved.
214  * @param namelen: length of name.
215  * @param addr: the address.
216  * @param addrlen: the length of addr.
217  * @param bogus: security status for the address, pass true if bogus.
218  * @param lame: address is lame.
219  * @param additions: will be set to 1 if a new address is added
220  * @return false on error.
221  */
222 int delegpt_add_target(struct delegpt* dp, struct regional* regional,
223 	uint8_t* name, size_t namelen, struct sockaddr_storage* addr,
224 	socklen_t addrlen, uint8_t bogus, uint8_t lame, int* additions);
225 
226 /**
227  * Add A RRset to delegpt.
228  * @param dp: delegation point.
229  * @param regional: where to allocate the info.
230  * @param rrset: RRset A to add.
231  * @param lame: rrset is lame, disprefer it.
232  * @param additions: will be set to 1 if a new address is added
233  * @return 0 on alloc error.
234  */
235 int delegpt_add_rrset_A(struct delegpt* dp, struct regional* regional,
236 	struct ub_packed_rrset_key* rrset, uint8_t lame, int* additions);
237 
238 /**
239  * Add AAAA RRset to delegpt.
240  * @param dp: delegation point.
241  * @param regional: where to allocate the info.
242  * @param rrset: RRset AAAA to add.
243  * @param lame: rrset is lame, disprefer it.
244  * @param additions: will be set to 1 if a new address is added
245  * @return 0 on alloc error.
246  */
247 int delegpt_add_rrset_AAAA(struct delegpt* dp, struct regional* regional,
248 	struct ub_packed_rrset_key* rrset, uint8_t lame, int* additions);
249 
250 /**
251  * Add any RRset to delegpt.
252  * Does not check for duplicates added.
253  * @param dp: delegation point.
254  * @param regional: where to allocate the info.
255  * @param rrset: RRset to add, NS, A, AAAA.
256  * @param lame: rrset is lame, disprefer it.
257  * @param additions: will be set to 1 if a new address is added
258  * @return 0 on alloc error.
259  */
260 int delegpt_add_rrset(struct delegpt* dp, struct regional* regional,
261 	struct ub_packed_rrset_key* rrset, uint8_t lame, int* additions);
262 
263 /**
264  * Add address to the delegation point. No servername is associated or checked.
265  * @param dp: delegation point.
266  * @param regional: where to allocate the info.
267  * @param addr: the address.
268  * @param addrlen: the length of addr.
269  * @param bogus: if address is bogus.
270  * @param lame: if address is lame.
271  * @param tls_auth_name: TLS authentication name (or NULL).
272  * @param additions: will be set to 1 if a new address is added
273  * @return false on error.
274  */
275 int delegpt_add_addr(struct delegpt* dp, struct regional* regional,
276 	struct sockaddr_storage* addr, socklen_t addrlen,
277 	uint8_t bogus, uint8_t lame, char* tls_auth_name, int* additions);
278 
279 /**
280  * Find NS record in name list of delegation point.
281  * @param dp: delegation point.
282  * @param name: name of nameserver to look for, uncompressed wireformat.
283  * @param namelen: length of name.
284  * @return the ns structure or NULL if not found.
285  */
286 struct delegpt_ns* delegpt_find_ns(struct delegpt* dp, uint8_t* name,
287 	size_t namelen);
288 
289 /**
290  * Find address record in total list of delegation point.
291  * @param dp: delegation point.
292  * @param addr: address
293  * @param addrlen: length of addr
294  * @return the addr structure or NULL if not found.
295  */
296 struct delegpt_addr* delegpt_find_addr(struct delegpt* dp,
297 	struct sockaddr_storage* addr, socklen_t addrlen);
298 
299 /**
300  * Print the delegation point to the log. For debugging.
301  * @param v: verbosity value that is needed to emit to log.
302  * @param dp: delegation point.
303  */
304 void delegpt_log(enum verbosity_value v, struct delegpt* dp);
305 
306 /** count NS and number missing for logging */
307 void delegpt_count_ns(struct delegpt* dp, size_t* numns, size_t* missing);
308 
309 /** count addresses, and number in result and available lists, for logging */
310 void delegpt_count_addr(struct delegpt* dp, size_t* numaddr, size_t* numres,
311 	size_t* numavail);
312 
313 /**
314  * Add all usable targets to the result list.
315  * @param dp: delegation point.
316  */
317 void delegpt_add_unused_targets(struct delegpt* dp);
318 
319 /**
320  * Count number of missing targets. These are ns names with no resolved flag.
321  * @param dp: delegation point.
322  * @return number of missing targets (or 0).
323  */
324 size_t delegpt_count_missing_targets(struct delegpt* dp);
325 
326 /** count total number of targets in dp */
327 size_t delegpt_count_targets(struct delegpt* dp);
328 
329 /**
330  * Create new delegation point from a dns message
331  *
332  * Note that this method does not actually test to see if the message is an
333  * actual referral. It really is just checking to see if it can construct a
334  * delegation point, so the message could be of some other type (some ANSWER
335  * messages, some CNAME messages, generally.) Note that the resulting
336  * DelegationPoint will contain targets for all "relevant" glue (i.e.,
337  * address records whose ownernames match the target of one of the NS
338  * records), so if policy dictates that some glue should be discarded beyond
339  * that, discard it before calling this method. Note that this method will
340  * find "glue" in either the ADDITIONAL section or the ANSWER section.
341  *
342  * @param msg: the dns message, referral.
343  * @param regional: where to allocate delegation point.
344  * @return new delegation point or NULL on alloc error, or if the
345  *         message was not appropriate.
346  */
347 struct delegpt* delegpt_from_message(struct dns_msg* msg,
348 	struct regional* regional);
349 
350 /**
351  * Mark negative return in delegation point for specific nameserver.
352  * sets the got4 or got6 to negative, updates the ns->resolved.
353  * @param ns: the nameserver in the delegpt.
354  * @param qtype: A or AAAA (host order).
355  */
356 void delegpt_mark_neg(struct delegpt_ns* ns, uint16_t qtype);
357 
358 /**
359  * Add negative message to delegation point.
360  * @param dp: delegation point.
361  * @param msg: the message added, marks off A or AAAA from an NS entry.
362  */
363 void delegpt_add_neg_msg(struct delegpt* dp, struct msgreply_entry* msg);
364 
365 /**
366  * Register the fact that there is no ipv6 and thus AAAAs are not going
367  * to be queried for or be useful.
368  * @param dp: the delegation point. Updated to reflect no ipv6.
369  */
370 void delegpt_no_ipv6(struct delegpt* dp);
371 
372 /**
373  * Register the fact that there is no ipv4 and thus As are not going
374  * to be queried for or be useful.
375  * @param dp: the delegation point. Updated to reflect no ipv4.
376  */
377 void delegpt_no_ipv4(struct delegpt* dp);
378 
379 /**
380  * create malloced delegation point, with the given name
381  * @param name: uncompressed wireformat of delegpt name.
382  * @return NULL on alloc failure
383  */
384 struct delegpt* delegpt_create_mlc(uint8_t* name);
385 
386 /**
387  * free malloced delegation point.
388  * @param dp: must have been created with delegpt_create_mlc, free'd.
389  */
390 void delegpt_free_mlc(struct delegpt* dp);
391 
392 /**
393  * Set name of delegation point.
394  * @param dp: delegation point. malloced.
395  * @param name: name to use.
396  * @return false on error.
397  */
398 int delegpt_set_name_mlc(struct delegpt* dp, uint8_t* name);
399 
400 /**
401  * add a name to malloced delegation point.
402  * @param dp: must have been created with delegpt_create_mlc.
403  * @param name: the name to add.
404  * @param lame: the name is lame, disprefer.
405  * @return false on error.
406  */
407 int delegpt_add_ns_mlc(struct delegpt* dp, uint8_t* name, uint8_t lame);
408 
409 /**
410  * add an address to a malloced delegation point.
411  * @param dp: must have been created with delegpt_create_mlc.
412  * @param addr: the address.
413  * @param addrlen: the length of addr.
414  * @param bogus: if address is bogus.
415  * @param lame: if address is lame.
416  * @param tls_auth_name: TLS authentication name (or NULL).
417  * @return false on error.
418  */
419 int delegpt_add_addr_mlc(struct delegpt* dp, struct sockaddr_storage* addr,
420 	socklen_t addrlen, uint8_t bogus, uint8_t lame, char* tls_auth_name);
421 
422 /**
423  * Add target address to the delegation point.
424  * @param dp: must have been created with delegpt_create_mlc.
425  * @param name: name for which target was found (must be in nslist).
426  *	This name is marked resolved.
427  * @param namelen: length of name.
428  * @param addr: the address.
429  * @param addrlen: the length of addr.
430  * @param bogus: security status for the address, pass true if bogus.
431  * @param lame: address is lame.
432  * @return false on error.
433  */
434 int delegpt_add_target_mlc(struct delegpt* dp, uint8_t* name, size_t namelen,
435 	struct sockaddr_storage* addr, socklen_t addrlen, uint8_t bogus,
436 	uint8_t lame);
437 
438 /** get memory in use by dp */
439 size_t delegpt_get_mem(struct delegpt* dp);
440 
441 #endif /* ITERATOR_ITER_DELEGPT_H */
442