Annotation of src/external/mpl/bind/dist/lib/dns/rootns.c, Revision 1.1.1.1
1.1 christos 1: /* $NetBSD$ */
2:
3: /*
4: * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
5: *
6: * This Source Code Form is subject to the terms of the Mozilla Public
7: * License, v. 2.0. If a copy of the MPL was not distributed with this
8: * file, You can obtain one at http://mozilla.org/MPL/2.0/.
9: *
10: * See the COPYRIGHT file distributed with this work for additional
11: * information regarding copyright ownership.
12: */
13:
14:
15: /*! \file */
16:
17: #include <config.h>
18:
19: #include <isc/buffer.h>
20: #include <isc/string.h> /* Required for HP/UX (and others?) */
21: #include <isc/util.h>
22:
23: #include <dns/callbacks.h>
24: #include <dns/db.h>
25: #include <dns/dbiterator.h>
26: #include <dns/fixedname.h>
27: #include <dns/log.h>
28: #include <dns/master.h>
29: #include <dns/rdata.h>
30: #include <dns/rdata.h>
31: #include <dns/rdataset.h>
32: #include <dns/rdatasetiter.h>
33: #include <dns/rdatastruct.h>
34: #include <dns/rdatatype.h>
35: #include <dns/result.h>
36: #include <dns/rootns.h>
37: #include <dns/view.h>
38:
39: static char root_ns[] =
40: ";\n"
41: "; Internet Root Nameservers\n"
42: ";\n"
43: "$TTL 518400\n"
44: ". 518400 IN NS A.ROOT-SERVERS.NET.\n"
45: ". 518400 IN NS B.ROOT-SERVERS.NET.\n"
46: ". 518400 IN NS C.ROOT-SERVERS.NET.\n"
47: ". 518400 IN NS D.ROOT-SERVERS.NET.\n"
48: ". 518400 IN NS E.ROOT-SERVERS.NET.\n"
49: ". 518400 IN NS F.ROOT-SERVERS.NET.\n"
50: ". 518400 IN NS G.ROOT-SERVERS.NET.\n"
51: ". 518400 IN NS H.ROOT-SERVERS.NET.\n"
52: ". 518400 IN NS I.ROOT-SERVERS.NET.\n"
53: ". 518400 IN NS J.ROOT-SERVERS.NET.\n"
54: ". 518400 IN NS K.ROOT-SERVERS.NET.\n"
55: ". 518400 IN NS L.ROOT-SERVERS.NET.\n"
56: ". 518400 IN NS M.ROOT-SERVERS.NET.\n"
57: "A.ROOT-SERVERS.NET. 3600000 IN A 198.41.0.4\n"
58: "A.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:503:BA3E::2:30\n"
59: "B.ROOT-SERVERS.NET. 3600000 IN A 199.9.14.201\n"
60: "B.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:500:200::b\n"
61: "C.ROOT-SERVERS.NET. 3600000 IN A 192.33.4.12\n"
62: "C.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:500:2::c\n"
63: "D.ROOT-SERVERS.NET. 3600000 IN A 199.7.91.13\n"
64: "D.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:500:2d::d\n"
65: "E.ROOT-SERVERS.NET. 3600000 IN A 192.203.230.10\n"
66: "E.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:500:a8::e\n"
67: "F.ROOT-SERVERS.NET. 3600000 IN A 192.5.5.241\n"
68: "F.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:500:2F::F\n"
69: "G.ROOT-SERVERS.NET. 3600000 IN A 192.112.36.4\n"
70: "G.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:500:12::d0d\n"
71: "H.ROOT-SERVERS.NET. 3600000 IN A 198.97.190.53\n"
72: "H.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:500:1::53\n"
73: "I.ROOT-SERVERS.NET. 3600000 IN A 192.36.148.17\n"
74: "I.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:7fe::53\n"
75: "J.ROOT-SERVERS.NET. 3600000 IN A 192.58.128.30\n"
76: "J.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:503:C27::2:30\n"
77: "K.ROOT-SERVERS.NET. 3600000 IN A 193.0.14.129\n"
78: "K.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:7FD::1\n"
79: "L.ROOT-SERVERS.NET. 3600000 IN A 199.7.83.42\n"
80: "L.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:500:9f::42\n"
81: "M.ROOT-SERVERS.NET. 3600000 IN A 202.12.27.33\n"
82: "M.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:DC3::35\n";
83:
84: static isc_result_t
85: in_rootns(dns_rdataset_t *rootns, dns_name_t *name) {
86: isc_result_t result;
87: dns_rdata_t rdata = DNS_RDATA_INIT;
88: dns_rdata_ns_t ns;
89:
90: if (!dns_rdataset_isassociated(rootns))
91: return (ISC_R_NOTFOUND);
92:
93: result = dns_rdataset_first(rootns);
94: while (result == ISC_R_SUCCESS) {
95: dns_rdataset_current(rootns, &rdata);
96: result = dns_rdata_tostruct(&rdata, &ns, NULL);
97: if (result != ISC_R_SUCCESS)
98: return (result);
99: if (dns_name_compare(name, &ns.name) == 0)
100: return (ISC_R_SUCCESS);
101: result = dns_rdataset_next(rootns);
102: dns_rdata_reset(&rdata);
103: }
104: if (result == ISC_R_NOMORE)
105: result = ISC_R_NOTFOUND;
106: return (result);
107: }
108:
109: static isc_result_t
110: check_node(dns_rdataset_t *rootns, dns_name_t *name,
111: dns_rdatasetiter_t *rdsiter) {
112: isc_result_t result;
113: dns_rdataset_t rdataset;
114:
115: dns_rdataset_init(&rdataset);
116: result = dns_rdatasetiter_first(rdsiter);
117: while (result == ISC_R_SUCCESS) {
118: dns_rdatasetiter_current(rdsiter, &rdataset);
119: switch (rdataset.type) {
120: case dns_rdatatype_a:
121: case dns_rdatatype_aaaa:
122: result = in_rootns(rootns, name);
123: if (result != ISC_R_SUCCESS)
124: goto cleanup;
125: break;
126: case dns_rdatatype_ns:
127: if (dns_name_compare(name, dns_rootname) == 0)
128: break;
129: /* FALLTHROUGH */
130: default:
131: result = ISC_R_FAILURE;
132: goto cleanup;
133: }
134: dns_rdataset_disassociate(&rdataset);
135: result = dns_rdatasetiter_next(rdsiter);
136: }
137: if (result == ISC_R_NOMORE)
138: result = ISC_R_SUCCESS;
139: cleanup:
140: if (dns_rdataset_isassociated(&rdataset))
141: dns_rdataset_disassociate(&rdataset);
142: return (result);
143: }
144:
145: static isc_result_t
146: check_hints(dns_db_t *db) {
147: isc_result_t result;
148: dns_rdataset_t rootns;
149: dns_dbiterator_t *dbiter = NULL;
150: dns_dbnode_t *node = NULL;
151: isc_stdtime_t now;
152: dns_fixedname_t fixname;
153: dns_name_t *name;
154: dns_rdatasetiter_t *rdsiter = NULL;
155:
156: isc_stdtime_get(&now);
157:
158: name = dns_fixedname_initname(&fixname);
159:
160: dns_rdataset_init(&rootns);
161: (void)dns_db_find(db, dns_rootname, NULL, dns_rdatatype_ns, 0,
162: now, NULL, name, &rootns, NULL);
163: result = dns_db_createiterator(db, 0, &dbiter);
164: if (result != ISC_R_SUCCESS)
165: goto cleanup;
166: result = dns_dbiterator_first(dbiter);
167: while (result == ISC_R_SUCCESS) {
168: result = dns_dbiterator_current(dbiter, &node, name);
169: if (result != ISC_R_SUCCESS)
170: goto cleanup;
171: result = dns_db_allrdatasets(db, node, NULL, now, &rdsiter);
172: if (result != ISC_R_SUCCESS)
173: goto cleanup;
174: result = check_node(&rootns, name, rdsiter);
175: if (result != ISC_R_SUCCESS)
176: goto cleanup;
177: dns_rdatasetiter_destroy(&rdsiter);
178: dns_db_detachnode(db, &node);
179: result = dns_dbiterator_next(dbiter);
180: }
181: if (result == ISC_R_NOMORE)
182: result = ISC_R_SUCCESS;
183:
184: cleanup:
185: if (dns_rdataset_isassociated(&rootns))
186: dns_rdataset_disassociate(&rootns);
187: if (rdsiter != NULL)
188: dns_rdatasetiter_destroy(&rdsiter);
189: if (node != NULL)
190: dns_db_detachnode(db, &node);
191: if (dbiter != NULL)
192: dns_dbiterator_destroy(&dbiter);
193: return (result);
194: }
195:
196: isc_result_t
197: dns_rootns_create(isc_mem_t *mctx, dns_rdataclass_t rdclass,
198: const char *filename, dns_db_t **target)
199: {
200: isc_result_t result, eresult;
201: isc_buffer_t source;
202: unsigned int len;
203: dns_rdatacallbacks_t callbacks;
204: dns_db_t *db = NULL;
205:
206: REQUIRE(target != NULL && *target == NULL);
207:
208: result = dns_db_create(mctx, "rbt", dns_rootname, dns_dbtype_zone,
209: rdclass, 0, NULL, &db);
210: if (result != ISC_R_SUCCESS)
211: goto failure;
212:
213: len = strlen(root_ns);
214: isc_buffer_init(&source, root_ns, len);
215: isc_buffer_add(&source, len);
216:
217: dns_rdatacallbacks_init(&callbacks);
218: result = dns_db_beginload(db, &callbacks);
219: if (result != ISC_R_SUCCESS)
220: goto failure;
221: if (filename != NULL) {
222: /*
223: * Load the hints from the specified filename.
224: */
225: result = dns_master_loadfile(filename, &db->origin,
226: &db->origin, db->rdclass,
227: DNS_MASTER_HINT,
228: &callbacks, db->mctx);
229: } else if (rdclass == dns_rdataclass_in) {
230: /*
231: * Default to using the Internet root servers.
232: */
233: result = dns_master_loadbuffer(&source, &db->origin,
234: &db->origin, db->rdclass,
235: DNS_MASTER_HINT,
236: &callbacks, db->mctx);
237: } else
238: result = ISC_R_NOTFOUND;
239: eresult = dns_db_endload(db, &callbacks);
240: if (result == ISC_R_SUCCESS || result == DNS_R_SEENINCLUDE)
241: result = eresult;
242: if (result != ISC_R_SUCCESS && result != DNS_R_SEENINCLUDE)
243: goto failure;
244: if (check_hints(db) != ISC_R_SUCCESS)
245: isc_log_write(dns_lctx, DNS_LOGCATEGORY_GENERAL,
246: DNS_LOGMODULE_HINTS, ISC_LOG_WARNING,
247: "extra data in root hints '%s'",
248: (filename != NULL) ? filename : "<BUILT-IN>");
249: *target = db;
250: return (ISC_R_SUCCESS);
251:
252: failure:
253: isc_log_write(dns_lctx, DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_HINTS,
254: ISC_LOG_ERROR, "could not configure root hints from "
255: "'%s': %s", (filename != NULL) ? filename : "<BUILT-IN>",
256: isc_result_totext(result));
257:
258: if (db != NULL)
259: dns_db_detach(&db);
260:
261: return (result);
262: }
263:
264: static void
265: report(dns_view_t *view, dns_name_t *name, isc_boolean_t missing,
266: dns_rdata_t *rdata)
267: {
268: const char *viewname = "", *sep = "";
269: char namebuf[DNS_NAME_FORMATSIZE];
270: char typebuf[DNS_RDATATYPE_FORMATSIZE];
271: char databuf[sizeof("xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:123.123.123.123")];
272: isc_buffer_t buffer;
273: isc_result_t result;
274:
275: if (strcmp(view->name, "_bind") != 0 &&
276: strcmp(view->name, "_default") != 0) {
277: viewname = view->name;
278: sep = ": view ";
279: }
280:
281: dns_name_format(name, namebuf, sizeof(namebuf));
282: dns_rdatatype_format(rdata->type, typebuf, sizeof(typebuf));
283: isc_buffer_init(&buffer, databuf, sizeof(databuf) - 1);
284: result = dns_rdata_totext(rdata, NULL, &buffer);
285: RUNTIME_CHECK(result == ISC_R_SUCCESS);
286: databuf[isc_buffer_usedlength(&buffer)] = '\0';
287:
288: if (missing)
289: isc_log_write(dns_lctx, DNS_LOGCATEGORY_GENERAL,
290: DNS_LOGMODULE_HINTS, ISC_LOG_WARNING,
291: "checkhints%s%s: %s/%s (%s) missing from hints",
292: sep, viewname, namebuf, typebuf, databuf);
293: else
294: isc_log_write(dns_lctx, DNS_LOGCATEGORY_GENERAL,
295: DNS_LOGMODULE_HINTS, ISC_LOG_WARNING,
296: "checkhints%s%s: %s/%s (%s) extra record "
297: "in hints", sep, viewname, namebuf, typebuf,
298: databuf);
299: }
300:
301: static isc_boolean_t
302: inrrset(dns_rdataset_t *rrset, dns_rdata_t *rdata) {
303: isc_result_t result;
304: dns_rdata_t current = DNS_RDATA_INIT;
305:
306: result = dns_rdataset_first(rrset);
307: while (result == ISC_R_SUCCESS) {
308: dns_rdataset_current(rrset, ¤t);
309: if (dns_rdata_compare(rdata, ¤t) == 0)
310: return (ISC_TRUE);
311: dns_rdata_reset(¤t);
312: result = dns_rdataset_next(rrset);
313: }
314: return (ISC_FALSE);
315: }
316:
317: /*
318: * Check that the address RRsets match.
319: *
320: * Note we don't complain about missing glue records.
321: */
322:
323: static void
324: check_address_records(dns_view_t *view, dns_db_t *hints, dns_db_t *db,
325: dns_name_t *name, isc_stdtime_t now)
326: {
327: isc_result_t hresult, rresult, result;
328: dns_rdataset_t hintrrset, rootrrset;
329: dns_rdata_t rdata = DNS_RDATA_INIT;
330: dns_name_t *foundname;
331: dns_fixedname_t fixed;
332:
333: dns_rdataset_init(&hintrrset);
334: dns_rdataset_init(&rootrrset);
335: foundname = dns_fixedname_initname(&fixed);
336:
337: hresult = dns_db_find(hints, name, NULL, dns_rdatatype_a, 0,
338: now, NULL, foundname, &hintrrset, NULL);
339: rresult = dns_db_find(db, name, NULL, dns_rdatatype_a,
340: DNS_DBFIND_GLUEOK, now, NULL, foundname,
341: &rootrrset, NULL);
342: if (hresult == ISC_R_SUCCESS &&
343: (rresult == ISC_R_SUCCESS || rresult == DNS_R_GLUE)) {
344: result = dns_rdataset_first(&rootrrset);
345: while (result == ISC_R_SUCCESS) {
346: dns_rdata_reset(&rdata);
347: dns_rdataset_current(&rootrrset, &rdata);
348: if (!inrrset(&hintrrset, &rdata))
349: report(view, name, ISC_TRUE, &rdata);
350: result = dns_rdataset_next(&rootrrset);
351: }
352: result = dns_rdataset_first(&hintrrset);
353: while (result == ISC_R_SUCCESS) {
354: dns_rdata_reset(&rdata);
355: dns_rdataset_current(&hintrrset, &rdata);
356: if (!inrrset(&rootrrset, &rdata))
357: report(view, name, ISC_FALSE, &rdata);
358: result = dns_rdataset_next(&hintrrset);
359: }
360: }
361: if (hresult == ISC_R_NOTFOUND &&
362: (rresult == ISC_R_SUCCESS || rresult == DNS_R_GLUE)) {
363: result = dns_rdataset_first(&rootrrset);
364: while (result == ISC_R_SUCCESS) {
365: dns_rdata_reset(&rdata);
366: dns_rdataset_current(&rootrrset, &rdata);
367: report(view, name, ISC_TRUE, &rdata);
368: result = dns_rdataset_next(&rootrrset);
369: }
370: }
371: if (dns_rdataset_isassociated(&rootrrset))
372: dns_rdataset_disassociate(&rootrrset);
373: if (dns_rdataset_isassociated(&hintrrset))
374: dns_rdataset_disassociate(&hintrrset);
375:
376: /*
377: * Check AAAA records.
378: */
379: hresult = dns_db_find(hints, name, NULL, dns_rdatatype_aaaa, 0,
380: now, NULL, foundname, &hintrrset, NULL);
381: rresult = dns_db_find(db, name, NULL, dns_rdatatype_aaaa,
382: DNS_DBFIND_GLUEOK, now, NULL, foundname,
383: &rootrrset, NULL);
384: if (hresult == ISC_R_SUCCESS &&
385: (rresult == ISC_R_SUCCESS || rresult == DNS_R_GLUE)) {
386: result = dns_rdataset_first(&rootrrset);
387: while (result == ISC_R_SUCCESS) {
388: dns_rdata_reset(&rdata);
389: dns_rdataset_current(&rootrrset, &rdata);
390: if (!inrrset(&hintrrset, &rdata))
391: report(view, name, ISC_TRUE, &rdata);
392: dns_rdata_reset(&rdata);
393: result = dns_rdataset_next(&rootrrset);
394: }
395: result = dns_rdataset_first(&hintrrset);
396: while (result == ISC_R_SUCCESS) {
397: dns_rdata_reset(&rdata);
398: dns_rdataset_current(&hintrrset, &rdata);
399: if (!inrrset(&rootrrset, &rdata))
400: report(view, name, ISC_FALSE, &rdata);
401: dns_rdata_reset(&rdata);
402: result = dns_rdataset_next(&hintrrset);
403: }
404: }
405: if (hresult == ISC_R_NOTFOUND &&
406: (rresult == ISC_R_SUCCESS || rresult == DNS_R_GLUE)) {
407: result = dns_rdataset_first(&rootrrset);
408: while (result == ISC_R_SUCCESS) {
409: dns_rdata_reset(&rdata);
410: dns_rdataset_current(&rootrrset, &rdata);
411: report(view, name, ISC_TRUE, &rdata);
412: dns_rdata_reset(&rdata);
413: result = dns_rdataset_next(&rootrrset);
414: }
415: }
416: if (dns_rdataset_isassociated(&rootrrset))
417: dns_rdataset_disassociate(&rootrrset);
418: if (dns_rdataset_isassociated(&hintrrset))
419: dns_rdataset_disassociate(&hintrrset);
420: }
421:
422: void
423: dns_root_checkhints(dns_view_t *view, dns_db_t *hints, dns_db_t *db) {
424: isc_result_t result;
425: dns_rdata_t rdata = DNS_RDATA_INIT;
426: dns_rdata_ns_t ns;
427: dns_rdataset_t hintns, rootns;
428: const char *viewname = "", *sep = "";
429: isc_stdtime_t now;
430: dns_name_t *name;
431: dns_fixedname_t fixed;
432:
433: REQUIRE(hints != NULL);
434: REQUIRE(db != NULL);
435: REQUIRE(view != NULL);
436:
437: isc_stdtime_get(&now);
438:
439: if (strcmp(view->name, "_bind") != 0 &&
440: strcmp(view->name, "_default") != 0) {
441: viewname = view->name;
442: sep = ": view ";
443: }
444:
445: dns_rdataset_init(&hintns);
446: dns_rdataset_init(&rootns);
447: name = dns_fixedname_initname(&fixed);
448:
449: result = dns_db_find(hints, dns_rootname, NULL, dns_rdatatype_ns, 0,
450: now, NULL, name, &hintns, NULL);
451: if (result != ISC_R_SUCCESS) {
452: isc_log_write(dns_lctx, DNS_LOGCATEGORY_GENERAL,
453: DNS_LOGMODULE_HINTS, ISC_LOG_WARNING,
454: "checkhints%s%s: unable to get root NS rrset "
455: "from hints: %s", sep, viewname,
456: dns_result_totext(result));
457: goto cleanup;
458: }
459:
460: result = dns_db_find(db, dns_rootname, NULL, dns_rdatatype_ns, 0,
461: now, NULL, name, &rootns, NULL);
462: if (result != ISC_R_SUCCESS) {
463: isc_log_write(dns_lctx, DNS_LOGCATEGORY_GENERAL,
464: DNS_LOGMODULE_HINTS, ISC_LOG_WARNING,
465: "checkhints%s%s: unable to get root NS rrset "
466: "from cache: %s", sep, viewname,
467: dns_result_totext(result));
468: goto cleanup;
469: }
470:
471: /*
472: * Look for missing root NS names.
473: */
474: result = dns_rdataset_first(&rootns);
475: while (result == ISC_R_SUCCESS) {
476: dns_rdataset_current(&rootns, &rdata);
477: result = dns_rdata_tostruct(&rdata, &ns, NULL);
478: RUNTIME_CHECK(result == ISC_R_SUCCESS);
479: result = in_rootns(&hintns, &ns.name);
480: if (result != ISC_R_SUCCESS) {
481: char namebuf[DNS_NAME_FORMATSIZE];
482: /* missing from hints */
483: dns_name_format(&ns.name, namebuf, sizeof(namebuf));
484: isc_log_write(dns_lctx, DNS_LOGCATEGORY_GENERAL,
485: DNS_LOGMODULE_HINTS, ISC_LOG_WARNING,
486: "checkhints%s%s: unable to find root "
487: "NS '%s' in hints", sep, viewname,
488: namebuf);
489: } else
490: check_address_records(view, hints, db, &ns.name, now);
491: dns_rdata_reset(&rdata);
492: result = dns_rdataset_next(&rootns);
493: }
494: if (result != ISC_R_NOMORE) {
495: goto cleanup;
496: }
497:
498: /*
499: * Look for extra root NS names.
500: */
501: result = dns_rdataset_first(&hintns);
502: while (result == ISC_R_SUCCESS) {
503: dns_rdataset_current(&hintns, &rdata);
504: result = dns_rdata_tostruct(&rdata, &ns, NULL);
505: RUNTIME_CHECK(result == ISC_R_SUCCESS);
506: result = in_rootns(&rootns, &ns.name);
507: if (result != ISC_R_SUCCESS) {
508: char namebuf[DNS_NAME_FORMATSIZE];
509: /* extra entry in hints */
510: dns_name_format(&ns.name, namebuf, sizeof(namebuf));
511: isc_log_write(dns_lctx, DNS_LOGCATEGORY_GENERAL,
512: DNS_LOGMODULE_HINTS, ISC_LOG_WARNING,
513: "checkhints%s%s: extra NS '%s' in hints",
514: sep, viewname, namebuf);
515: }
516: dns_rdata_reset(&rdata);
517: result = dns_rdataset_next(&hintns);
518: }
519: if (result != ISC_R_NOMORE) {
520: goto cleanup;
521: }
522:
523: cleanup:
524: if (dns_rdataset_isassociated(&rootns))
525: dns_rdataset_disassociate(&rootns);
526: if (dns_rdataset_isassociated(&hintns))
527: dns_rdataset_disassociate(&hintns);
528: }
CVSweb <webmaster@jp.NetBSD.org>