1 /* 2 * iterator/iter_fwd.c - iterative resolver module forward zones. 3 * 4 * Copyright (c) 2007, NLnet Labs. All rights reserved. 5 * 6 * This software is open source. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * Redistributions of source code must retain the above copyright notice, 13 * this list of conditions and the following disclaimer. 14 * 15 * Redistributions in binary form must reproduce the above copyright notice, 16 * this list of conditions and the following disclaimer in the documentation 17 * and/or other materials provided with the distribution. 18 * 19 * Neither the name of the NLNET LABS nor the names of its contributors may 20 * be used to endorse or promote products derived from this software without 21 * specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 24 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 25 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 26 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 27 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 28 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 29 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 30 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 31 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 32 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 33 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34 */ 35 36 /** 37 * \file 38 * 39 * This file contains functions to assist the iterator module. 40 * Keep track of forward zones and config settings. 41 */ 42 #include "config.h" 43 #include "iterator/iter_fwd.h" 44 #include "iterator/iter_delegpt.h" 45 #include "util/log.h" 46 #include "util/config_file.h" 47 #include "util/net_help.h" 48 #include "util/data/dname.h" 49 #include "sldns/rrdef.h" 50 #include "sldns/str2wire.h" 51 52 int 53 fwd_cmp(const void* k1, const void* k2) 54 { 55 int m; 56 struct iter_forward_zone* n1 = (struct iter_forward_zone*)k1; 57 struct iter_forward_zone* n2 = (struct iter_forward_zone*)k2; 58 if(n1->dclass != n2->dclass) { 59 if(n1->dclass < n2->dclass) 60 return -1; 61 return 1; 62 } 63 return dname_lab_cmp(n1->name, n1->namelabs, n2->name, n2->namelabs, 64 &m); 65 } 66 67 struct iter_forwards* 68 forwards_create(void) 69 { 70 struct iter_forwards* fwd = (struct iter_forwards*)calloc(1, 71 sizeof(struct iter_forwards)); 72 if(!fwd) 73 return NULL; 74 return fwd; 75 } 76 77 static void fwd_zone_free(struct iter_forward_zone* n) 78 { 79 if(!n) return; 80 delegpt_free_mlc(n->dp); 81 free(n->name); 82 free(n); 83 } 84 85 static void delfwdnode(rbnode_type* n, void* ATTR_UNUSED(arg)) 86 { 87 struct iter_forward_zone* node = (struct iter_forward_zone*)n; 88 fwd_zone_free(node); 89 } 90 91 static void fwd_del_tree(struct iter_forwards* fwd) 92 { 93 if(fwd->tree) 94 traverse_postorder(fwd->tree, &delfwdnode, NULL); 95 free(fwd->tree); 96 } 97 98 void 99 forwards_delete(struct iter_forwards* fwd) 100 { 101 if(!fwd) 102 return; 103 fwd_del_tree(fwd); 104 free(fwd); 105 } 106 107 /** insert info into forward structure */ 108 static int 109 forwards_insert_data(struct iter_forwards* fwd, uint16_t c, uint8_t* nm, 110 size_t nmlen, int nmlabs, struct delegpt* dp) 111 { 112 struct iter_forward_zone* node = (struct iter_forward_zone*)malloc( 113 sizeof(struct iter_forward_zone)); 114 if(!node) { 115 delegpt_free_mlc(dp); 116 return 0; 117 } 118 node->node.key = node; 119 node->dclass = c; 120 node->name = memdup(nm, nmlen); 121 if(!node->name) { 122 delegpt_free_mlc(dp); 123 free(node); 124 return 0; 125 } 126 node->namelen = nmlen; 127 node->namelabs = nmlabs; 128 node->dp = dp; 129 if(!rbtree_insert(fwd->tree, &node->node)) { 130 char buf[257]; 131 dname_str(nm, buf); 132 log_err("duplicate forward zone %s ignored.", buf); 133 delegpt_free_mlc(dp); 134 free(node->name); 135 free(node); 136 } 137 return 1; 138 } 139 140 /** insert new info into forward structure given dp */ 141 static int 142 forwards_insert(struct iter_forwards* fwd, uint16_t c, struct delegpt* dp) 143 { 144 return forwards_insert_data(fwd, c, dp->name, dp->namelen, 145 dp->namelabs, dp); 146 } 147 148 /** initialise parent pointers in the tree */ 149 static void 150 fwd_init_parents(struct iter_forwards* fwd) 151 { 152 struct iter_forward_zone* node, *prev = NULL, *p; 153 int m; 154 RBTREE_FOR(node, struct iter_forward_zone*, fwd->tree) { 155 node->parent = NULL; 156 if(!prev || prev->dclass != node->dclass) { 157 prev = node; 158 continue; 159 } 160 (void)dname_lab_cmp(prev->name, prev->namelabs, node->name, 161 node->namelabs, &m); /* we know prev is smaller */ 162 /* sort order like: . com. bla.com. zwb.com. net. */ 163 /* find the previous, or parent-parent-parent */ 164 for(p = prev; p; p = p->parent) 165 /* looking for name with few labels, a parent */ 166 if(p->namelabs <= m) { 167 /* ==: since prev matched m, this is closest*/ 168 /* <: prev matches more, but is not a parent, 169 * this one is a (grand)parent */ 170 node->parent = p; 171 break; 172 } 173 prev = node; 174 } 175 } 176 177 /** set zone name */ 178 static struct delegpt* 179 read_fwds_name(struct config_stub* s) 180 { 181 struct delegpt* dp; 182 uint8_t* dname; 183 size_t dname_len; 184 if(!s->name) { 185 log_err("forward zone without a name (use name \".\" to forward everything)"); 186 return NULL; 187 } 188 dname = sldns_str2wire_dname(s->name, &dname_len); 189 if(!dname) { 190 log_err("cannot parse forward zone name %s", s->name); 191 return NULL; 192 } 193 if(!(dp=delegpt_create_mlc(dname))) { 194 free(dname); 195 log_err("out of memory"); 196 return NULL; 197 } 198 free(dname); 199 return dp; 200 } 201 202 /** set fwd host names */ 203 static int 204 read_fwds_host(struct config_stub* s, struct delegpt* dp) 205 { 206 struct config_strlist* p; 207 uint8_t* dname; 208 char* tls_auth_name; 209 int port; 210 for(p = s->hosts; p; p = p->next) { 211 log_assert(p->str); 212 dname = authextstrtodname(p->str, &port, &tls_auth_name); 213 if(!dname) { 214 log_err("cannot parse forward %s server name: '%s'", 215 s->name, p->str); 216 return 0; 217 } 218 #if ! defined(HAVE_SSL_SET1_HOST) && ! defined(HAVE_X509_VERIFY_PARAM_SET1_HOST) 219 if(tls_auth_name) 220 log_err("no name verification functionality in " 221 "ssl library, ignored name for %s", p->str); 222 #endif 223 if(!delegpt_add_ns_mlc(dp, dname, 0, tls_auth_name, port)) { 224 free(dname); 225 log_err("out of memory"); 226 return 0; 227 } 228 free(dname); 229 } 230 return 1; 231 } 232 233 /** set fwd server addresses */ 234 static int 235 read_fwds_addr(struct config_stub* s, struct delegpt* dp) 236 { 237 struct config_strlist* p; 238 struct sockaddr_storage addr; 239 socklen_t addrlen; 240 char* tls_auth_name; 241 for(p = s->addrs; p; p = p->next) { 242 log_assert(p->str); 243 if(!authextstrtoaddr(p->str, &addr, &addrlen, &tls_auth_name)) { 244 log_err("cannot parse forward %s ip address: '%s'", 245 s->name, p->str); 246 return 0; 247 } 248 #if ! defined(HAVE_SSL_SET1_HOST) && ! defined(HAVE_X509_VERIFY_PARAM_SET1_HOST) 249 if(tls_auth_name) 250 log_err("no name verification functionality in " 251 "ssl library, ignored name for %s", p->str); 252 #endif 253 if(!delegpt_add_addr_mlc(dp, &addr, addrlen, 0, 0, 254 tls_auth_name, -1)) { 255 log_err("out of memory"); 256 return 0; 257 } 258 } 259 return 1; 260 } 261 262 /** read forwards config */ 263 static int 264 read_forwards(struct iter_forwards* fwd, struct config_file* cfg) 265 { 266 struct config_stub* s; 267 for(s = cfg->forwards; s; s = s->next) { 268 struct delegpt* dp; 269 if(!(dp=read_fwds_name(s))) 270 return 0; 271 if(!read_fwds_host(s, dp) || !read_fwds_addr(s, dp)) { 272 delegpt_free_mlc(dp); 273 return 0; 274 } 275 /* set flag that parent side NS information is included. 276 * Asking a (higher up) server on the internet is not useful */ 277 /* the flag is turned off for 'forward-first' so that the 278 * last resort will ask for parent-side NS record and thus 279 * fallback to the internet name servers on a failure */ 280 dp->has_parent_side_NS = (uint8_t)!s->isfirst; 281 /* Do not cache if set. */ 282 dp->no_cache = s->no_cache; 283 /* use SSL for queries to this forwarder */ 284 dp->ssl_upstream = (uint8_t)s->ssl_upstream; 285 /* use TCP for queries to this forwarder */ 286 dp->tcp_upstream = (uint8_t)s->tcp_upstream; 287 verbose(VERB_QUERY, "Forward zone server list:"); 288 delegpt_log(VERB_QUERY, dp); 289 if(!forwards_insert(fwd, LDNS_RR_CLASS_IN, dp)) 290 return 0; 291 } 292 return 1; 293 } 294 295 /** insert a stub hole (if necessary) for stub name */ 296 static int 297 fwd_add_stub_hole(struct iter_forwards* fwd, uint16_t c, uint8_t* nm) 298 { 299 struct iter_forward_zone key; 300 key.node.key = &key; 301 key.dclass = c; 302 key.name = nm; 303 key.namelabs = dname_count_size_labels(key.name, &key.namelen); 304 return forwards_insert_data(fwd, key.dclass, key.name, 305 key.namelen, key.namelabs, NULL); 306 } 307 308 /** make NULL entries for stubs */ 309 static int 310 make_stub_holes(struct iter_forwards* fwd, struct config_file* cfg) 311 { 312 struct config_stub* s; 313 uint8_t* dname; 314 size_t dname_len; 315 for(s = cfg->stubs; s; s = s->next) { 316 if(!s->name) continue; 317 dname = sldns_str2wire_dname(s->name, &dname_len); 318 if(!dname) { 319 log_err("cannot parse stub name '%s'", s->name); 320 return 0; 321 } 322 if(!fwd_add_stub_hole(fwd, LDNS_RR_CLASS_IN, dname)) { 323 free(dname); 324 log_err("out of memory"); 325 return 0; 326 } 327 free(dname); 328 } 329 return 1; 330 } 331 332 int 333 forwards_apply_cfg(struct iter_forwards* fwd, struct config_file* cfg) 334 { 335 fwd_del_tree(fwd); 336 fwd->tree = rbtree_create(fwd_cmp); 337 if(!fwd->tree) 338 return 0; 339 340 /* read forward zones */ 341 if(!read_forwards(fwd, cfg)) 342 return 0; 343 if(!make_stub_holes(fwd, cfg)) 344 return 0; 345 fwd_init_parents(fwd); 346 return 1; 347 } 348 349 struct delegpt* 350 forwards_find(struct iter_forwards* fwd, uint8_t* qname, uint16_t qclass) 351 { 352 rbnode_type* res = NULL; 353 struct iter_forward_zone key; 354 key.node.key = &key; 355 key.dclass = qclass; 356 key.name = qname; 357 key.namelabs = dname_count_size_labels(qname, &key.namelen); 358 res = rbtree_search(fwd->tree, &key); 359 if(res) return ((struct iter_forward_zone*)res)->dp; 360 return NULL; 361 } 362 363 struct delegpt* 364 forwards_lookup(struct iter_forwards* fwd, uint8_t* qname, uint16_t qclass) 365 { 366 /* lookup the forward zone in the tree */ 367 rbnode_type* res = NULL; 368 struct iter_forward_zone *result; 369 struct iter_forward_zone key; 370 key.node.key = &key; 371 key.dclass = qclass; 372 key.name = qname; 373 key.namelabs = dname_count_size_labels(qname, &key.namelen); 374 if(rbtree_find_less_equal(fwd->tree, &key, &res)) { 375 /* exact */ 376 result = (struct iter_forward_zone*)res; 377 } else { 378 /* smaller element (or no element) */ 379 int m; 380 result = (struct iter_forward_zone*)res; 381 if(!result || result->dclass != qclass) 382 return NULL; 383 /* count number of labels matched */ 384 (void)dname_lab_cmp(result->name, result->namelabs, key.name, 385 key.namelabs, &m); 386 while(result) { /* go up until qname is subdomain of stub */ 387 if(result->namelabs <= m) 388 break; 389 result = result->parent; 390 } 391 } 392 if(result) 393 return result->dp; 394 return NULL; 395 } 396 397 struct delegpt* 398 forwards_lookup_root(struct iter_forwards* fwd, uint16_t qclass) 399 { 400 uint8_t root = 0; 401 return forwards_lookup(fwd, &root, qclass); 402 } 403 404 int 405 forwards_next_root(struct iter_forwards* fwd, uint16_t* dclass) 406 { 407 struct iter_forward_zone key; 408 rbnode_type* n; 409 struct iter_forward_zone* p; 410 if(*dclass == 0) { 411 /* first root item is first item in tree */ 412 n = rbtree_first(fwd->tree); 413 if(n == RBTREE_NULL) 414 return 0; 415 p = (struct iter_forward_zone*)n; 416 if(dname_is_root(p->name)) { 417 *dclass = p->dclass; 418 return 1; 419 } 420 /* root not first item? search for higher items */ 421 *dclass = p->dclass + 1; 422 return forwards_next_root(fwd, dclass); 423 } 424 /* find class n in tree, we may get a direct hit, or if we don't 425 * this is the last item of the previous class so rbtree_next() takes 426 * us to the next root (if any) */ 427 key.node.key = &key; 428 key.name = (uint8_t*)"\000"; 429 key.namelen = 1; 430 key.namelabs = 0; 431 key.dclass = *dclass; 432 n = NULL; 433 if(rbtree_find_less_equal(fwd->tree, &key, &n)) { 434 /* exact */ 435 return 1; 436 } else { 437 /* smaller element */ 438 if(!n || n == RBTREE_NULL) 439 return 0; /* nothing found */ 440 n = rbtree_next(n); 441 if(n == RBTREE_NULL) 442 return 0; /* no higher */ 443 p = (struct iter_forward_zone*)n; 444 if(dname_is_root(p->name)) { 445 *dclass = p->dclass; 446 return 1; 447 } 448 /* not a root node, return next higher item */ 449 *dclass = p->dclass+1; 450 return forwards_next_root(fwd, dclass); 451 } 452 } 453 454 size_t 455 forwards_get_mem(struct iter_forwards* fwd) 456 { 457 struct iter_forward_zone* p; 458 size_t s; 459 if(!fwd) 460 return 0; 461 s = sizeof(*fwd) + sizeof(*fwd->tree); 462 RBTREE_FOR(p, struct iter_forward_zone*, fwd->tree) { 463 s += sizeof(*p) + p->namelen + delegpt_get_mem(p->dp); 464 } 465 return s; 466 } 467 468 static struct iter_forward_zone* 469 fwd_zone_find(struct iter_forwards* fwd, uint16_t c, uint8_t* nm) 470 { 471 struct iter_forward_zone key; 472 key.node.key = &key; 473 key.dclass = c; 474 key.name = nm; 475 key.namelabs = dname_count_size_labels(nm, &key.namelen); 476 return (struct iter_forward_zone*)rbtree_search(fwd->tree, &key); 477 } 478 479 int 480 forwards_add_zone(struct iter_forwards* fwd, uint16_t c, struct delegpt* dp) 481 { 482 struct iter_forward_zone *z; 483 if((z=fwd_zone_find(fwd, c, dp->name)) != NULL) { 484 (void)rbtree_delete(fwd->tree, &z->node); 485 fwd_zone_free(z); 486 } 487 if(!forwards_insert(fwd, c, dp)) 488 return 0; 489 fwd_init_parents(fwd); 490 return 1; 491 } 492 493 void 494 forwards_delete_zone(struct iter_forwards* fwd, uint16_t c, uint8_t* nm) 495 { 496 struct iter_forward_zone *z; 497 if(!(z=fwd_zone_find(fwd, c, nm))) 498 return; /* nothing to do */ 499 (void)rbtree_delete(fwd->tree, &z->node); 500 fwd_zone_free(z); 501 fwd_init_parents(fwd); 502 } 503 504 int 505 forwards_add_stub_hole(struct iter_forwards* fwd, uint16_t c, uint8_t* nm) 506 { 507 if(!fwd_add_stub_hole(fwd, c, nm)) { 508 return 0; 509 } 510 fwd_init_parents(fwd); 511 return 1; 512 } 513 514 void 515 forwards_delete_stub_hole(struct iter_forwards* fwd, uint16_t c, uint8_t* nm) 516 { 517 struct iter_forward_zone *z; 518 if(!(z=fwd_zone_find(fwd, c, nm))) 519 return; /* nothing to do */ 520 if(z->dp != NULL) 521 return; /* not a stub hole */ 522 (void)rbtree_delete(fwd->tree, &z->node); 523 fwd_zone_free(z); 524 fwd_init_parents(fwd); 525 } 526