xref: /freebsd/contrib/unbound/iterator/iter_fwd.c (revision 357378bbdedf24ce2b90e9bd831af4a9db3ec70a)
1 /*
2  * iterator/iter_fwd.c - iterative resolver module forward zones.
3  *
4  * Copyright (c) 2007, NLnet Labs. All rights reserved.
5  *
6  * This software is open source.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  *
12  * Redistributions of source code must retain the above copyright notice,
13  * this list of conditions and the following disclaimer.
14  *
15  * Redistributions in binary form must reproduce the above copyright notice,
16  * this list of conditions and the following disclaimer in the documentation
17  * and/or other materials provided with the distribution.
18  *
19  * Neither the name of the NLNET LABS nor the names of its contributors may
20  * be used to endorse or promote products derived from this software without
21  * specific prior written permission.
22  *
23  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
24  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
25  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
26  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
27  * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
28  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
29  * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
30  * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
31  * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
32  * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
33  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
34  */
35 
36 /**
37  * \file
38  *
39  * This file contains functions to assist the iterator module.
40  * Keep track of forward zones and config settings.
41  */
42 #include "config.h"
43 #include "iterator/iter_fwd.h"
44 #include "iterator/iter_delegpt.h"
45 #include "util/log.h"
46 #include "util/config_file.h"
47 #include "util/net_help.h"
48 #include "util/data/dname.h"
49 #include "sldns/rrdef.h"
50 #include "sldns/str2wire.h"
51 
52 int
53 fwd_cmp(const void* k1, const void* k2)
54 {
55 	int m;
56 	struct iter_forward_zone* n1 = (struct iter_forward_zone*)k1;
57 	struct iter_forward_zone* n2 = (struct iter_forward_zone*)k2;
58 	if(n1->dclass != n2->dclass) {
59 		if(n1->dclass < n2->dclass)
60 			return -1;
61 		return 1;
62 	}
63 	return dname_lab_cmp(n1->name, n1->namelabs, n2->name, n2->namelabs,
64 		&m);
65 }
66 
67 struct iter_forwards*
68 forwards_create(void)
69 {
70 	struct iter_forwards* fwd = (struct iter_forwards*)calloc(1,
71 		sizeof(struct iter_forwards));
72 	if(!fwd)
73 		return NULL;
74 	lock_rw_init(&fwd->lock);
75 	return fwd;
76 }
77 
78 static void fwd_zone_free(struct iter_forward_zone* n)
79 {
80 	if(!n) return;
81 	delegpt_free_mlc(n->dp);
82 	free(n->name);
83 	free(n);
84 }
85 
86 static void delfwdnode(rbnode_type* n, void* ATTR_UNUSED(arg))
87 {
88 	struct iter_forward_zone* node = (struct iter_forward_zone*)n;
89 	fwd_zone_free(node);
90 }
91 
92 static void fwd_del_tree(struct iter_forwards* fwd)
93 {
94 	if(fwd->tree)
95 		traverse_postorder(fwd->tree, &delfwdnode, NULL);
96 	free(fwd->tree);
97 }
98 
99 void
100 forwards_delete(struct iter_forwards* fwd)
101 {
102 	if(!fwd)
103 		return;
104 	lock_rw_destroy(&fwd->lock);
105 	fwd_del_tree(fwd);
106 	free(fwd);
107 }
108 
109 /** insert info into forward structure */
110 static int
111 forwards_insert_data(struct iter_forwards* fwd, uint16_t c, uint8_t* nm,
112 	size_t nmlen, int nmlabs, struct delegpt* dp)
113 {
114 	struct iter_forward_zone* node = (struct iter_forward_zone*)malloc(
115 		sizeof(struct iter_forward_zone));
116 	if(!node) {
117 		delegpt_free_mlc(dp);
118 		return 0;
119 	}
120 	node->node.key = node;
121 	node->dclass = c;
122 	node->name = memdup(nm, nmlen);
123 	if(!node->name) {
124 		delegpt_free_mlc(dp);
125 		free(node);
126 		return 0;
127 	}
128 	node->namelen = nmlen;
129 	node->namelabs = nmlabs;
130 	node->dp = dp;
131 	if(!rbtree_insert(fwd->tree, &node->node)) {
132 		char buf[257];
133 		dname_str(nm, buf);
134 		log_err("duplicate forward zone %s ignored.", buf);
135 		delegpt_free_mlc(dp);
136 		free(node->name);
137 		free(node);
138 	}
139 	return 1;
140 }
141 
142 /** insert new info into forward structure given dp */
143 static int
144 forwards_insert(struct iter_forwards* fwd, uint16_t c, struct delegpt* dp)
145 {
146 	return forwards_insert_data(fwd, c, dp->name, dp->namelen,
147 		dp->namelabs, dp);
148 }
149 
150 /** initialise parent pointers in the tree */
151 static void
152 fwd_init_parents(struct iter_forwards* fwd)
153 {
154 	struct iter_forward_zone* node, *prev = NULL, *p;
155 	int m;
156 	RBTREE_FOR(node, struct iter_forward_zone*, fwd->tree) {
157 		node->parent = NULL;
158 		if(!prev || prev->dclass != node->dclass) {
159 			prev = node;
160 			continue;
161 		}
162 		(void)dname_lab_cmp(prev->name, prev->namelabs, node->name,
163 			node->namelabs, &m); /* we know prev is smaller */
164 		/* sort order like: . com. bla.com. zwb.com. net. */
165 		/* find the previous, or parent-parent-parent */
166 		for(p = prev; p; p = p->parent)
167 			/* looking for name with few labels, a parent */
168 			if(p->namelabs <= m) {
169 				/* ==: since prev matched m, this is closest*/
170 				/* <: prev matches more, but is not a parent,
171 				 * this one is a (grand)parent */
172 				node->parent = p;
173 				break;
174 			}
175 		prev = node;
176 	}
177 }
178 
179 /** set zone name */
180 static struct delegpt*
181 read_fwds_name(struct config_stub* s)
182 {
183 	struct delegpt* dp;
184 	uint8_t* dname;
185 	size_t dname_len;
186 	if(!s->name) {
187 		log_err("forward zone without a name (use name \".\" to forward everything)");
188 		return NULL;
189 	}
190 	dname = sldns_str2wire_dname(s->name, &dname_len);
191 	if(!dname) {
192 		log_err("cannot parse forward zone name %s", s->name);
193 		return NULL;
194 	}
195 	if(!(dp=delegpt_create_mlc(dname))) {
196 		free(dname);
197 		log_err("out of memory");
198 		return NULL;
199 	}
200 	free(dname);
201 	return dp;
202 }
203 
204 /** set fwd host names */
205 static int
206 read_fwds_host(struct config_stub* s, struct delegpt* dp)
207 {
208 	struct config_strlist* p;
209 	uint8_t* dname;
210 	char* tls_auth_name;
211 	int port;
212 	for(p = s->hosts; p; p = p->next) {
213 		log_assert(p->str);
214 		dname = authextstrtodname(p->str, &port, &tls_auth_name);
215 		if(!dname) {
216 			log_err("cannot parse forward %s server name: '%s'",
217 				s->name, p->str);
218 			return 0;
219 		}
220 #if ! defined(HAVE_SSL_SET1_HOST) && ! defined(HAVE_X509_VERIFY_PARAM_SET1_HOST)
221 		if(tls_auth_name)
222 			log_err("no name verification functionality in "
223 				"ssl library, ignored name for %s", p->str);
224 #endif
225 		if(!delegpt_add_ns_mlc(dp, dname, 0, tls_auth_name, port)) {
226 			free(dname);
227 			log_err("out of memory");
228 			return 0;
229 		}
230 		free(dname);
231 	}
232 	return 1;
233 }
234 
235 /** set fwd server addresses */
236 static int
237 read_fwds_addr(struct config_stub* s, struct delegpt* dp)
238 {
239 	struct config_strlist* p;
240 	struct sockaddr_storage addr;
241 	socklen_t addrlen;
242 	char* tls_auth_name;
243 	for(p = s->addrs; p; p = p->next) {
244 		log_assert(p->str);
245 		if(!authextstrtoaddr(p->str, &addr, &addrlen, &tls_auth_name)) {
246 			log_err("cannot parse forward %s ip address: '%s'",
247 				s->name, p->str);
248 			return 0;
249 		}
250 #if ! defined(HAVE_SSL_SET1_HOST) && ! defined(HAVE_X509_VERIFY_PARAM_SET1_HOST)
251 		if(tls_auth_name)
252 			log_err("no name verification functionality in "
253 				"ssl library, ignored name for %s", p->str);
254 #endif
255 		if(!delegpt_add_addr_mlc(dp, &addr, addrlen, 0, 0,
256 			tls_auth_name, -1)) {
257 			log_err("out of memory");
258 			return 0;
259 		}
260 	}
261 	return 1;
262 }
263 
264 /** read forwards config */
265 static int
266 read_forwards(struct iter_forwards* fwd, struct config_file* cfg)
267 {
268 	struct config_stub* s;
269 	for(s = cfg->forwards; s; s = s->next) {
270 		struct delegpt* dp;
271 		if(!(dp=read_fwds_name(s)))
272 			return 0;
273 		if(!read_fwds_host(s, dp) || !read_fwds_addr(s, dp)) {
274 			delegpt_free_mlc(dp);
275 			return 0;
276 		}
277 		/* set flag that parent side NS information is included.
278 		 * Asking a (higher up) server on the internet is not useful */
279 		/* the flag is turned off for 'forward-first' so that the
280 		 * last resort will ask for parent-side NS record and thus
281 		 * fallback to the internet name servers on a failure */
282 		dp->has_parent_side_NS = (uint8_t)!s->isfirst;
283 		/* Do not cache if set. */
284 		dp->no_cache = s->no_cache;
285 		/* use SSL for queries to this forwarder */
286 		dp->ssl_upstream = (uint8_t)s->ssl_upstream;
287 		/* use TCP for queries to this forwarder */
288 		dp->tcp_upstream = (uint8_t)s->tcp_upstream;
289 		verbose(VERB_QUERY, "Forward zone server list:");
290 		delegpt_log(VERB_QUERY, dp);
291 		if(!forwards_insert(fwd, LDNS_RR_CLASS_IN, dp))
292 			return 0;
293 	}
294 	return 1;
295 }
296 
297 /** insert a stub hole (if necessary) for stub name */
298 static int
299 fwd_add_stub_hole(struct iter_forwards* fwd, uint16_t c, uint8_t* nm)
300 {
301 	struct iter_forward_zone key;
302 	key.node.key = &key;
303 	key.dclass = c;
304 	key.name = nm;
305 	key.namelabs = dname_count_size_labels(key.name, &key.namelen);
306 	return forwards_insert_data(fwd, key.dclass, key.name,
307 		key.namelen, key.namelabs, NULL);
308 }
309 
310 /** make NULL entries for stubs */
311 static int
312 make_stub_holes(struct iter_forwards* fwd, struct config_file* cfg)
313 {
314 	struct config_stub* s;
315 	uint8_t* dname;
316 	size_t dname_len;
317 	for(s = cfg->stubs; s; s = s->next) {
318 		if(!s->name) continue;
319 		dname = sldns_str2wire_dname(s->name, &dname_len);
320 		if(!dname) {
321 			log_err("cannot parse stub name '%s'", s->name);
322 			return 0;
323 		}
324 		if(!fwd_add_stub_hole(fwd, LDNS_RR_CLASS_IN, dname)) {
325 			free(dname);
326 			log_err("out of memory");
327 			return 0;
328 		}
329 		free(dname);
330 	}
331 	return 1;
332 }
333 
334 int
335 forwards_apply_cfg(struct iter_forwards* fwd, struct config_file* cfg)
336 {
337 	if(fwd->tree) {
338 		lock_unprotect(&fwd->lock, fwd->tree);
339 	}
340 	fwd_del_tree(fwd);
341 	fwd->tree = rbtree_create(fwd_cmp);
342 	if(!fwd->tree)
343 		return 0;
344 	lock_protect(&fwd->lock, fwd->tree, sizeof(*fwd->tree));
345 
346 	lock_rw_wrlock(&fwd->lock);
347 	/* read forward zones */
348 	if(!read_forwards(fwd, cfg)) {
349 		lock_rw_unlock(&fwd->lock);
350 		return 0;
351 	}
352 	if(!make_stub_holes(fwd, cfg)) {
353 		lock_rw_unlock(&fwd->lock);
354 		return 0;
355 	}
356 	fwd_init_parents(fwd);
357 	lock_rw_unlock(&fwd->lock);
358 	return 1;
359 }
360 
361 struct delegpt*
362 forwards_find(struct iter_forwards* fwd, uint8_t* qname, uint16_t qclass,
363 	int nolock)
364 {
365 	struct iter_forward_zone* res;
366 	struct iter_forward_zone key;
367 	int has_dp;
368 	key.node.key = &key;
369 	key.dclass = qclass;
370 	key.name = qname;
371 	key.namelabs = dname_count_size_labels(qname, &key.namelen);
372 	/* lock_() calls are macros that could be nothing, surround in {} */
373 	if(!nolock) { lock_rw_rdlock(&fwd->lock); }
374 	res = (struct iter_forward_zone*)rbtree_search(fwd->tree, &key);
375 	has_dp = res && res->dp;
376 	if(!has_dp && !nolock) { lock_rw_unlock(&fwd->lock); }
377 	return has_dp?res->dp:NULL;
378 }
379 
380 struct delegpt*
381 forwards_lookup(struct iter_forwards* fwd, uint8_t* qname, uint16_t qclass,
382 	int nolock)
383 {
384 	/* lookup the forward zone in the tree */
385 	rbnode_type* res = NULL;
386 	struct iter_forward_zone *result;
387 	struct iter_forward_zone key;
388 	int has_dp;
389 	key.node.key = &key;
390 	key.dclass = qclass;
391 	key.name = qname;
392 	key.namelabs = dname_count_size_labels(qname, &key.namelen);
393 	/* lock_() calls are macros that could be nothing, surround in {} */
394 	if(!nolock) { lock_rw_rdlock(&fwd->lock); }
395 	if(rbtree_find_less_equal(fwd->tree, &key, &res)) {
396 		/* exact */
397 		result = (struct iter_forward_zone*)res;
398 	} else {
399 		/* smaller element (or no element) */
400 		int m;
401 		result = (struct iter_forward_zone*)res;
402 		if(!result || result->dclass != qclass) {
403 			if(!nolock) { lock_rw_unlock(&fwd->lock); }
404 			return NULL;
405 		}
406 		/* count number of labels matched */
407 		(void)dname_lab_cmp(result->name, result->namelabs, key.name,
408 			key.namelabs, &m);
409 		while(result) { /* go up until qname is subdomain of stub */
410 			if(result->namelabs <= m)
411 				break;
412 			result = result->parent;
413 		}
414 	}
415 	has_dp = result && result->dp;
416 	if(!has_dp && !nolock) { lock_rw_unlock(&fwd->lock); }
417 	return has_dp?result->dp:NULL;
418 }
419 
420 struct delegpt*
421 forwards_lookup_root(struct iter_forwards* fwd, uint16_t qclass, int nolock)
422 {
423 	uint8_t root = 0;
424 	return forwards_lookup(fwd, &root, qclass, nolock);
425 }
426 
427 /* Finds next root item in forwards lookup tree.
428  * Caller needs to handle locking of the forwards structure. */
429 static int
430 next_root_locked(struct iter_forwards* fwd, uint16_t* dclass)
431 {
432 	struct iter_forward_zone key;
433 	rbnode_type* n;
434 	struct iter_forward_zone* p;
435 	if(*dclass == 0) {
436 		/* first root item is first item in tree */
437 		n = rbtree_first(fwd->tree);
438 		if(n == RBTREE_NULL)
439 			return 0;
440 		p = (struct iter_forward_zone*)n;
441 		if(dname_is_root(p->name)) {
442 			*dclass = p->dclass;
443 			return 1;
444 		}
445 		/* root not first item? search for higher items */
446 		*dclass = p->dclass + 1;
447 		return next_root_locked(fwd, dclass);
448 	}
449 	/* find class n in tree, we may get a direct hit, or if we don't
450 	 * this is the last item of the previous class so rbtree_next() takes
451 	 * us to the next root (if any) */
452 	key.node.key = &key;
453 	key.name = (uint8_t*)"\000";
454 	key.namelen = 1;
455 	key.namelabs = 0;
456 	key.dclass = *dclass;
457 	n = NULL;
458 	if(rbtree_find_less_equal(fwd->tree, &key, &n)) {
459 		/* exact */
460 		return 1;
461 	} else {
462 		/* smaller element */
463 		if(!n || n == RBTREE_NULL)
464 			return 0; /* nothing found */
465 		n = rbtree_next(n);
466 		if(n == RBTREE_NULL)
467 			return 0; /* no higher */
468 		p = (struct iter_forward_zone*)n;
469 		if(dname_is_root(p->name)) {
470 			*dclass = p->dclass;
471 			return 1;
472 		}
473 		/* not a root node, return next higher item */
474 		*dclass = p->dclass+1;
475 		return next_root_locked(fwd, dclass);
476 	}
477 }
478 
479 int
480 forwards_next_root(struct iter_forwards* fwd, uint16_t* dclass, int nolock)
481 {
482 	int ret;
483 	/* lock_() calls are macros that could be nothing, surround in {} */
484 	if(!nolock) { lock_rw_rdlock(&fwd->lock); }
485 	ret = next_root_locked(fwd, dclass);
486 	if(!nolock) { lock_rw_unlock(&fwd->lock); }
487 	return ret;
488 }
489 
490 size_t
491 forwards_get_mem(struct iter_forwards* fwd)
492 {
493 	struct iter_forward_zone* p;
494 	size_t s;
495 	if(!fwd)
496 		return 0;
497 	lock_rw_rdlock(&fwd->lock);
498 	s = sizeof(*fwd) + sizeof(*fwd->tree);
499 	RBTREE_FOR(p, struct iter_forward_zone*, fwd->tree) {
500 		s += sizeof(*p) + p->namelen + delegpt_get_mem(p->dp);
501 	}
502 	lock_rw_unlock(&fwd->lock);
503 	return s;
504 }
505 
506 static struct iter_forward_zone*
507 fwd_zone_find(struct iter_forwards* fwd, uint16_t c, uint8_t* nm)
508 {
509 	struct iter_forward_zone key;
510 	key.node.key = &key;
511 	key.dclass = c;
512 	key.name = nm;
513 	key.namelabs = dname_count_size_labels(nm, &key.namelen);
514 	return (struct iter_forward_zone*)rbtree_search(fwd->tree, &key);
515 }
516 
517 int
518 forwards_add_zone(struct iter_forwards* fwd, uint16_t c, struct delegpt* dp,
519 	int nolock)
520 {
521 	struct iter_forward_zone *z;
522 	/* lock_() calls are macros that could be nothing, surround in {} */
523 	if(!nolock) { lock_rw_wrlock(&fwd->lock); }
524 	if((z=fwd_zone_find(fwd, c, dp->name)) != NULL) {
525 		(void)rbtree_delete(fwd->tree, &z->node);
526 		fwd_zone_free(z);
527 	}
528 	if(!forwards_insert(fwd, c, dp)) {
529 		if(!nolock) { lock_rw_unlock(&fwd->lock); }
530 		return 0;
531 	}
532 	fwd_init_parents(fwd);
533 	if(!nolock) { lock_rw_unlock(&fwd->lock); }
534 	return 1;
535 }
536 
537 void
538 forwards_delete_zone(struct iter_forwards* fwd, uint16_t c, uint8_t* nm,
539 	int nolock)
540 {
541 	struct iter_forward_zone *z;
542 	/* lock_() calls are macros that could be nothing, surround in {} */
543 	if(!nolock) { lock_rw_wrlock(&fwd->lock); }
544 	if(!(z=fwd_zone_find(fwd, c, nm))) {
545 		if(!nolock) { lock_rw_unlock(&fwd->lock); }
546 		return; /* nothing to do */
547 	}
548 	(void)rbtree_delete(fwd->tree, &z->node);
549 	fwd_zone_free(z);
550 	fwd_init_parents(fwd);
551 	if(!nolock) { lock_rw_unlock(&fwd->lock); }
552 }
553 
554 int
555 forwards_add_stub_hole(struct iter_forwards* fwd, uint16_t c, uint8_t* nm,
556 	int nolock)
557 {
558 	/* lock_() calls are macros that could be nothing, surround in {} */
559 	if(!nolock) { lock_rw_wrlock(&fwd->lock); }
560 	if(fwd_zone_find(fwd, c, nm) != NULL) {
561 		if(!nolock) { lock_rw_unlock(&fwd->lock); }
562 		return 1; /* already a stub zone there */
563 	}
564 	if(!fwd_add_stub_hole(fwd, c, nm)) {
565 		if(!nolock) { lock_rw_unlock(&fwd->lock); }
566 		return 0;
567 	}
568 	fwd_init_parents(fwd);
569 	if(!nolock) { lock_rw_unlock(&fwd->lock); }
570 	return 1;
571 }
572 
573 void
574 forwards_delete_stub_hole(struct iter_forwards* fwd, uint16_t c,
575 	uint8_t* nm, int nolock)
576 {
577 	struct iter_forward_zone *z;
578 	/* lock_() calls are macros that could be nothing, surround in {} */
579 	if(!nolock) { lock_rw_wrlock(&fwd->lock); }
580 	if(!(z=fwd_zone_find(fwd, c, nm))) {
581 		if(!nolock) { lock_rw_unlock(&fwd->lock); }
582 		return; /* nothing to do */
583 	}
584 	if(z->dp != NULL) {
585 		if(!nolock) { lock_rw_unlock(&fwd->lock); }
586 		return; /* not a stub hole */
587 	}
588 	(void)rbtree_delete(fwd->tree, &z->node);
589 	fwd_zone_free(z);
590 	fwd_init_parents(fwd);
591 	if(!nolock) { lock_rw_unlock(&fwd->lock); }
592 }
593