44 #include <ldns/ldns.h>
46 static const char* zd_str =
"data";
48 static ldns_rbnode_t* domain2node(
domain_type* domain);
55 log_rdf(ldns_rdf *rdf,
const char* pre,
int level)
61 str = ldns_rdf2str(rdf);
64 ods_log_error(
"[%s] %s : %s", zd_str, pre?pre:
"", str?str:
"(null)");
65 }
else if (level == 2) {
67 }
else if (level == 3) {
68 ods_log_info(
"[%s] %s : %s", zd_str, pre?pre:
"", str?str:
"(null)");
69 }
else if (level == 4) {
71 }
else if (level == 5) {
72 ods_log_debug(
"[%s] %s : %s", zd_str, pre?pre:
"", str?str:
"(null)");
73 }
else if (level == 6) {
92 ldns_rbnode_t* node = (ldns_rbnode_t*) malloc(
sizeof(ldns_rbnode_t));
96 node->key = domain->
dname;
106 static ldns_rbnode_t*
109 ldns_rbnode_t* node = (ldns_rbnode_t*) malloc(
sizeof(ldns_rbnode_t));
113 node->key = denial->
owner;
124 domain_compare(
const void* a,
const void* b)
126 ldns_rdf* x = (ldns_rdf*)a;
127 ldns_rdf* y = (ldns_rdf*)b;
128 return ldns_dname_compare(x, y);
154 zd->
domains = ldns_rbtree_create(domain_compare);
170 ods_log_error(
"[%s] cannot create zonedata: no allocator", zd_str);
177 ods_log_error(
"[%s] cannot create zonedata: allocator failed",
184 zonedata_init_domains(zd);
202 const char* token = NULL;
203 const char* owner = NULL;
207 ldns_rdf* rdf = NULL;
208 ldns_rbnode_t* denial_node = LDNS_RBTREE_NULL;
221 goto recover_domain_error;
224 rdf = ldns_dname_new_frm_str(owner);
227 ldns_rdf_deep_free(rdf);
233 goto recover_domain_error;
239 goto recover_domain_error;
242 denial_node = denial2node(domain->
denial);
244 if (!ldns_rbtree_insert(zd->
denial_chain, denial_node)) {
246 free((
void*)denial_node);
247 goto recover_domain_error;
264 goto recover_domain_error;
271 goto recover_domain_error;
276 recover_domain_error:
292 zonedata_domain_search(ldns_rbtree_t* tree, ldns_rdf* dname)
294 ldns_rbnode_t* node = LDNS_RBTREE_NULL;
296 if (!tree || !dname) {
299 node = ldns_rbtree_search(tree, dname);
300 if (node && node != LDNS_RBTREE_NULL) {
314 if (!zd)
return NULL;
316 return zonedata_domain_search(zd->
domains, dname);
327 ldns_rbnode_t* new_node = LDNS_RBTREE_NULL;
330 ods_log_error(
"[%s] unable to add domain: no domain", zd_str);
336 log_rdf(domain->
dname,
"unable to add domain, no storage", 1);
342 new_node = domain2node(domain);
343 if (ldns_rbtree_insert(zd->
domains, new_node) == NULL) {
344 log_rdf(domain->
dname,
"unable to add domain, already present", 1);
345 free((
void*)new_node);
358 zonedata_del_domain_fixup(ldns_rbtree_t* tree,
domain_type* domain)
361 ldns_rbnode_t* del_node = LDNS_RBTREE_NULL;
367 del_node = ldns_rbtree_search(tree, (
const void*)domain->
dname);
369 del_node = ldns_rbtree_delete(tree, (
const void*)domain->
dname);
372 free((
void*)del_node);
375 log_rdf(domain->
dname,
"unable to del domain, not found", 1);
389 ods_log_error(
"[%s] unable to delete domain: no domain", zd_str);
396 log_rdf(domain->
dname,
"unable to delete domain, no zonedata", 1);
403 log_rdf(domain->
dname,
"unable to delete domain, failed to delete "
404 "denial of existence data point", 1);
409 return zonedata_del_domain_fixup(zd->
domains, domain);
418 zonedata_denial_search(ldns_rbtree_t* tree, ldns_rdf* dname)
420 ldns_rbnode_t* node = LDNS_RBTREE_NULL;
422 if (!tree || !dname) {
425 node = ldns_rbtree_search(tree, dname);
426 if (node && node != LDNS_RBTREE_NULL) {
440 if (!zd)
return NULL;
453 ldns_rdf* hashed_ownername = NULL;
454 ldns_rdf* hashed_label = NULL;
464 hashed_label = ldns_nsec3_hash_name(dname, nsec3params->
algorithm,
468 log_rdf(dname,
"unable to hash dname, hash failed", 1);
471 hashed_ownername = ldns_dname_cat_clone((
const ldns_rdf*) hashed_label,
472 (
const ldns_rdf*) apex);
473 if (!hashed_ownername) {
474 log_rdf(dname,
"unable to hash dname, concat apex failed", 1);
477 ldns_rdf_deep_free(hashed_label);
478 return hashed_ownername;
490 ldns_rbnode_t* new_node = LDNS_RBTREE_NULL;
491 ldns_rbnode_t* prev_node = LDNS_RBTREE_NULL;
492 ldns_rdf* owner = NULL;
497 ods_log_error(
"[%s] unable to add denial of existence data point: "
498 "no domain", zd_str);
504 log_rdf(domain->
dname,
"unable to add denial of existence data "
505 "point for domain, no denial chain", 1);
512 log_rdf(domain->
dname,
"unable to add denial of existence data "
513 "point for domain, apex unknown", 1);
520 owner = dname_hash(domain->
dname, apex, nsec3params);
522 log_rdf(domain->
dname,
"unable to add denial of existence data "
523 "point for domain, dname hash failed", 1);
527 owner = ldns_rdf_clone(domain->
dname);
531 log_rdf(domain->
dname,
"unable to add denial of existence for "
532 "domain, data point exists", 1);
537 new_node = denial2node(denial);
538 ldns_rdf_deep_free(owner);
541 log_rdf(domain->
dname,
"unable to add denial of existence for "
542 "domain, insert failed", 1);
543 free((
void*)new_node);
550 prev_node = ldns_rbtree_previous(new_node);
551 if (!prev_node || prev_node == LDNS_RBTREE_NULL) {
569 zonedata_del_denial_fixup(ldns_rbtree_t* tree,
denial_type* denial)
573 ldns_rbnode_t* prev_node = LDNS_RBTREE_NULL;
574 ldns_rbnode_t* del_node = LDNS_RBTREE_NULL;
581 del_node = ldns_rbtree_search(tree, (
const void*)denial->
owner);
587 prev_node = ldns_rbtree_previous(del_node);
588 if (!prev_node || prev_node == LDNS_RBTREE_NULL) {
589 prev_node = ldns_rbtree_last(tree);
601 "point: failed to wipe out NSEC RRset", zd_str);
607 "point: failed to commit NSEC RRset", zd_str);
612 del_node = ldns_rbtree_delete(tree, (
const void*)denial->
owner);
615 free((
void*)del_node);
618 log_rdf(denial->
owner,
"unable to del denial of existence data "
619 "point, not found", 1);
633 ods_log_error(
"[%s] unable to delete denial of existence data "
634 "point: no data point", zd_str);
640 log_rdf(denial->
owner,
"unable to delete denial of existence data "
641 "point, no zone data", 1);
647 return zonedata_del_denial_fixup(zd->
denial_chain, denial);
658 ldns_rbnode_t* node = LDNS_RBTREE_NULL;
665 if (zd->
domains->root != LDNS_RBTREE_NULL) {
666 node = ldns_rbtree_first(zd->
domains);
668 while (node && node != LDNS_RBTREE_NULL) {
674 node = ldns_rbtree_next(node);
687 ldns_rbnode_t* node = LDNS_RBTREE_NULL;
688 ldns_rbnode_t* nxtnode = LDNS_RBTREE_NULL;
689 ldns_rbnode_t* tmpnode = LDNS_RBTREE_NULL;
698 if (zd->
domains->root != LDNS_RBTREE_NULL) {
699 node = ldns_rbtree_last(zd->
domains);
701 while (node && node != LDNS_RBTREE_NULL) {
709 node = ldns_rbtree_previous(node);
714 nxtnode = ldns_rbtree_next(tmpnode);
716 if (nxtnode && nxtnode != LDNS_RBTREE_NULL) {
720 !ldns_dname_is_subdomain(nxtdomain->
dname, domain->
dname)) {
741 ldns_rbnode_t* node = LDNS_RBTREE_NULL;
747 if (zd->
domains->root != LDNS_RBTREE_NULL) {
748 node = ldns_rbtree_first(zd->
domains);
750 while (node && node != LDNS_RBTREE_NULL) {
753 node = ldns_rbtree_next(node);
764 domain_ent2glue(ldns_rbnode_t* node)
766 ldns_rbnode_t* nextnode = LDNS_RBTREE_NULL;
773 nextnode = ldns_rbtree_next(node);
774 while (nextnode && nextnode != LDNS_RBTREE_NULL) {
776 if (!ldns_dname_is_subdomain(nextdomain->
dname, domain->
dname)) {
786 nextnode = ldns_rbtree_next(nextnode);
803 domain_ent2unsigned(ldns_rbnode_t* node)
805 ldns_rbnode_t* nextnode = LDNS_RBTREE_NULL;
812 nextnode = ldns_rbtree_next(node);
813 while (nextnode && nextnode != LDNS_RBTREE_NULL) {
815 if (!ldns_dname_is_subdomain(nextdomain->
dname, domain->
dname)) {
826 nextnode = ldns_rbtree_next(nextnode);
845 ldns_rdf* parent_rdf = NULL;
859 while (domain && ldns_dname_is_subdomain(domain->
dname, apex) &&
860 ldns_dname_compare(domain->
dname, apex) != 0) {
869 parent_rdf = ldns_dname_left_chop(domain->
dname);
871 log_rdf(domain->
dname,
"unable to entize domain, left chop "
878 if (!parent_domain) {
880 ldns_rdf_deep_free(parent_rdf);
881 if (!parent_domain) {
882 log_rdf(domain->
dname,
"unable to entize domain, create "
888 log_rdf(domain->
dname,
"unable to entize domain, add parent "
894 domain->
parent = parent_domain;
896 domain = parent_domain;
898 ldns_rdf_deep_free(parent_rdf);
899 domain->
parent = parent_domain;
915 ldns_rbnode_t* node = LDNS_RBTREE_NULL;
920 ods_log_error(
"[%s] unable to entize zone data: no zone data",
928 ods_log_error(
"[%s] unable to entize zone data: no zone apex",
934 node = ldns_rbtree_first(zd->
domains);
935 while (node && node != LDNS_RBTREE_NULL) {
937 status = domain_entize(zd, domain, apex);
939 ods_log_error(
"[%s] unable to entize zone data: entize domain "
944 node = ldns_rbtree_next(node);
958 ldns_rbnode_t* node = LDNS_RBTREE_NULL;
959 ldns_rbnode_t* nxt_node = LDNS_RBTREE_NULL;
965 size_t nsec_added = 0;
973 node = ldns_rbtree_first(zd->
domains);
974 while (node && node != LDNS_RBTREE_NULL) {
985 log_rdf(domain->
dname,
"nsecify: don't do glue domain", 6);
987 log_rdf(domain->
dname,
"nsecify: don't do empty domain", 6);
992 "delete denial of existence data point", zd_str);
997 node = ldns_rbtree_next(node);
1001 ods_log_alert(
"[%s] unable to nsecify: apex unknown", zd_str);
1009 log_rdf(domain->
dname,
"unable to nsecify: failed to add "
1010 "denial of existence for domain", 1);
1015 node = ldns_rbtree_next(node);
1020 while (node && node != LDNS_RBTREE_NULL) {
1022 nxt_node = ldns_rbtree_next(node);
1023 if (!nxt_node || nxt_node == LDNS_RBTREE_NULL) {
1030 ods_log_error(
"[%s] unable to nsecify: failed to add NSEC record",
1034 node = ldns_rbtree_next(node);
1037 *num_added = nsec_added;
1051 ldns_rbnode_t* node = LDNS_RBTREE_NULL;
1052 ldns_rbnode_t* nxt_node = LDNS_RBTREE_NULL;
1058 size_t nsec3_added = 0;
1067 ods_log_error(
"[%s] unable to nsecify3: no nsec3 paramaters", zd_str);
1072 node = ldns_rbtree_first(zd->
domains);
1073 while (node && node != LDNS_RBTREE_NULL) {
1082 domain_ent2glue(node)) {
1083 log_rdf(domain->
dname,
"nsecify3: don't do glue domain" , 6);
1087 "delete denial of existence data point", zd_str);
1092 node = ldns_rbtree_next(node);
1096 if (nsec3params->
flags) {
1100 domain_ent2unsigned(node)) {
1106 "non-terminal (to unsigned delegation))", 5);
1111 "delete denial of existence data point", zd_str);
1116 node = ldns_rbtree_next(node);
1121 ods_log_alert(
"[%s] unable to nsecify3: apex unknown", zd_str);
1130 log_rdf(domain->
dname,
"unable to nsecify3: failed to add "
1131 "denial of existence for domain", 1);
1156 node = ldns_rbtree_next(node);
1161 while (node && node != LDNS_RBTREE_NULL) {
1163 nxt_node = ldns_rbtree_next(node);
1164 if (!nxt_node || nxt_node == LDNS_RBTREE_NULL) {
1171 ods_log_error(
"[%s] unable to nsecify3: failed to add NSEC3 "
1175 node = ldns_rbtree_next(node);
1178 *num_added = nsec3_added;
1193 uint32_t update = 0;
1199 ods_log_debug(
"[%s] update serial: in=%u internal=%u out=%u now=%u",
1212 "not greater than inbound serial %u", zd_str, soa,
1219 }
else if (strncmp(sc->
soa_serial,
"counter", 7) == 0) {
1226 }
else if (strncmp(sc->
soa_serial,
"datecounter", 11) == 0) {
1231 "not greater than inbound serial %u", zd_str, soa,
1238 }
else if (strncmp(sc->
soa_serial,
"keep", 4) == 0) {
1241 ods_log_error(
"[%s] cannot keep SOA SERIAL from input zone "
1242 " (%u): previous output SOA SERIAL is %u", zd_str, soa, prev);
1251 update = soa - prev;
1252 if (update > 0x7FFFFFFF) {
1253 update = 0x7FFFFFFF;
1261 ods_log_debug(
"[%s] update serial: %u + %u = %u", zd_str, prev, update,
1274 ldns_rbnode_t* node = LDNS_RBTREE_NULL;
1281 if (zd->
domains->root != LDNS_RBTREE_NULL) {
1282 node = ldns_rbtree_first(zd->
domains);
1284 while (node && node != LDNS_RBTREE_NULL) {
1290 node = ldns_rbtree_next(node);
1304 ldns_rdf* parent_rdf = NULL;
1305 ldns_rdf* next_rdf = NULL;
1307 char* str_name = NULL;
1308 char* str_parent = NULL;
1316 if (ldns_dname_compare(domain->
dname, apex) == 0) {
1321 log_rdf(domain->
dname,
"occluded (non-glue non-DS) data at NS", 2);
1325 parent_rdf = ldns_dname_left_chop(domain->
dname);
1326 while (parent_rdf && ldns_dname_is_subdomain(parent_rdf, apex) &&
1327 ldns_dname_compare(parent_rdf, apex) != 0) {
1330 next_rdf = ldns_dname_left_chop(parent_rdf);
1331 ldns_rdf_deep_free(parent_rdf);
1333 if (parent_domain) {
1338 str_name = ldns_rdf2str(domain->
dname);
1339 str_parent = ldns_rdf2str(parent_domain->
dname);
1341 zd_str, str_name, str_parent);
1342 free((
void*)str_name);
1343 free((
void*)str_parent);
1346 LDNS_RR_TYPE_NS, 0) &&
1349 str_name = ldns_rdf2str(domain->
dname);
1350 str_parent = ldns_rdf2str(parent_domain->
dname);
1352 "%s NS)", zd_str, str_name, str_parent);
1353 free((
void*)str_name);
1354 free((
void*)str_parent);
1371 parent_rdf = next_rdf;
1374 ldns_rdf_deep_free(parent_rdf);
1388 ldns_rbnode_t* node = LDNS_RBTREE_NULL;
1399 if (zd->
domains->root != LDNS_RBTREE_NULL) {
1400 node = ldns_rbtree_first(zd->
domains);
1402 while (node && node != LDNS_RBTREE_NULL) {
1418 zonedata_examine_domain_is_occluded(zd, domain, apex);
1423 node = ldns_rbtree_next(node);
1436 ldns_rbnode_t* node = LDNS_RBTREE_NULL;
1441 while (node && node != LDNS_RBTREE_NULL) {
1443 if (denial->
rrset) {
1446 denial->
rrset = NULL;
1448 node = ldns_rbtree_next(node);
1460 domain_delfunc(ldns_rbnode_t* elem)
1464 if (elem && elem != LDNS_RBTREE_NULL) {
1466 domain_delfunc(elem->left);
1467 domain_delfunc(elem->right);
1481 denial_delfunc(ldns_rbnode_t* elem)
1487 if (elem && elem != LDNS_RBTREE_NULL) {
1489 denial_delfunc(elem->left);
1490 denial_delfunc(elem->right);
1512 domain_delfunc(zd->
domains->root);
1513 ldns_rbtree_free(zd->
domains);
1549 zonedata_cleanup_domains(zd);
1563 ldns_rbnode_t* node = LDNS_RBTREE_NULL;
1570 node = ldns_rbtree_first(zd->
domains);
1571 while (node && node != LDNS_RBTREE_NULL) {
1574 node = ldns_rbtree_next(node);
1576 fprintf(fd,
";;\n");
1588 ldns_rbnode_t* node = LDNS_RBTREE_NULL;
1592 ods_log_error(
"[%s] unable to print zone data: no file descriptor",
1599 ods_log_error(
"[%s] unable to print zone data: no zone data",
1606 node = ldns_rbtree_first(zd->
domains);
1607 if (!node || node == LDNS_RBTREE_NULL) {
1608 fprintf(fd,
"; empty zone\n");
1611 while (node && node != LDNS_RBTREE_NULL) {
1614 node = ldns_rbtree_next(node);