1 /*
2 * iterator/iter_fwd.c - iterative resolver module forward zones.
3 *
4 * Copyright (c) 2007, NLnet Labs. All rights reserved.
5 *
6 * This software is open source.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * Redistributions of source code must retain the above copyright notice,
13 * this list of conditions and the following disclaimer.
14 *
15 * Redistributions in binary form must reproduce the above copyright notice,
16 * this list of conditions and the following disclaimer in the documentation
17 * and/or other materials provided with the distribution.
18 *
19 * Neither the name of the NLNET LABS nor the names of its contributors may
20 * be used to endorse or promote products derived from this software without
21 * specific prior written permission.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
24 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
25 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
26 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
27 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
28 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
29 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
30 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
31 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
32 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
33 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
34 */
35
36 /**
37 * \file
38 *
39 * This file contains functions to assist the iterator module.
40 * Keep track of forward zones and config settings.
41 */
42 #include "config.h"
43 #include "iterator/iter_fwd.h"
44 #include "iterator/iter_delegpt.h"
45 #include "util/log.h"
46 #include "util/config_file.h"
47 #include "util/net_help.h"
48 #include "util/data/dname.h"
49 #include "sldns/rrdef.h"
50 #include "sldns/str2wire.h"
51
52 int
fwd_cmp(const void * k1,const void * k2)53 fwd_cmp(const void* k1, const void* k2)
54 {
55 int m;
56 struct iter_forward_zone* n1 = (struct iter_forward_zone*)k1;
57 struct iter_forward_zone* n2 = (struct iter_forward_zone*)k2;
58 if(n1->dclass != n2->dclass) {
59 if(n1->dclass < n2->dclass)
60 return -1;
61 return 1;
62 }
63 return dname_lab_cmp(n1->name, n1->namelabs, n2->name, n2->namelabs,
64 &m);
65 }
66
67 struct iter_forwards*
forwards_create(void)68 forwards_create(void)
69 {
70 struct iter_forwards* fwd = (struct iter_forwards*)calloc(1,
71 sizeof(struct iter_forwards));
72 if(!fwd)
73 return NULL;
74 return fwd;
75 }
76
fwd_zone_free(struct iter_forward_zone * n)77 static void fwd_zone_free(struct iter_forward_zone* n)
78 {
79 if(!n) return;
80 delegpt_free_mlc(n->dp);
81 free(n->name);
82 free(n);
83 }
84
delfwdnode(rbnode_type * n,void * ATTR_UNUSED (arg))85 static void delfwdnode(rbnode_type* n, void* ATTR_UNUSED(arg))
86 {
87 struct iter_forward_zone* node = (struct iter_forward_zone*)n;
88 fwd_zone_free(node);
89 }
90
fwd_del_tree(struct iter_forwards * fwd)91 static void fwd_del_tree(struct iter_forwards* fwd)
92 {
93 if(fwd->tree)
94 traverse_postorder(fwd->tree, &delfwdnode, NULL);
95 free(fwd->tree);
96 }
97
98 void
forwards_delete(struct iter_forwards * fwd)99 forwards_delete(struct iter_forwards* fwd)
100 {
101 if(!fwd)
102 return;
103 fwd_del_tree(fwd);
104 free(fwd);
105 }
106
107 /** insert info into forward structure */
108 static int
forwards_insert_data(struct iter_forwards * fwd,uint16_t c,uint8_t * nm,size_t nmlen,int nmlabs,struct delegpt * dp)109 forwards_insert_data(struct iter_forwards* fwd, uint16_t c, uint8_t* nm,
110 size_t nmlen, int nmlabs, struct delegpt* dp)
111 {
112 struct iter_forward_zone* node = (struct iter_forward_zone*)malloc(
113 sizeof(struct iter_forward_zone));
114 if(!node) {
115 delegpt_free_mlc(dp);
116 return 0;
117 }
118 node->node.key = node;
119 node->dclass = c;
120 node->name = memdup(nm, nmlen);
121 if(!node->name) {
122 delegpt_free_mlc(dp);
123 free(node);
124 return 0;
125 }
126 node->namelen = nmlen;
127 node->namelabs = nmlabs;
128 node->dp = dp;
129 if(!rbtree_insert(fwd->tree, &node->node)) {
130 char buf[257];
131 dname_str(nm, buf);
132 log_err("duplicate forward zone %s ignored.", buf);
133 delegpt_free_mlc(dp);
134 free(node->name);
135 free(node);
136 }
137 return 1;
138 }
139
140 /** insert new info into forward structure given dp */
141 static int
forwards_insert(struct iter_forwards * fwd,uint16_t c,struct delegpt * dp)142 forwards_insert(struct iter_forwards* fwd, uint16_t c, struct delegpt* dp)
143 {
144 return forwards_insert_data(fwd, c, dp->name, dp->namelen,
145 dp->namelabs, dp);
146 }
147
148 /** initialise parent pointers in the tree */
149 static void
fwd_init_parents(struct iter_forwards * fwd)150 fwd_init_parents(struct iter_forwards* fwd)
151 {
152 struct iter_forward_zone* node, *prev = NULL, *p;
153 int m;
154 RBTREE_FOR(node, struct iter_forward_zone*, fwd->tree) {
155 node->parent = NULL;
156 if(!prev || prev->dclass != node->dclass) {
157 prev = node;
158 continue;
159 }
160 (void)dname_lab_cmp(prev->name, prev->namelabs, node->name,
161 node->namelabs, &m); /* we know prev is smaller */
162 /* sort order like: . com. bla.com. zwb.com. net. */
163 /* find the previous, or parent-parent-parent */
164 for(p = prev; p; p = p->parent)
165 /* looking for name with few labels, a parent */
166 if(p->namelabs <= m) {
167 /* ==: since prev matched m, this is closest*/
168 /* <: prev matches more, but is not a parent,
169 * this one is a (grand)parent */
170 node->parent = p;
171 break;
172 }
173 prev = node;
174 }
175 }
176
177 /** set zone name */
178 static struct delegpt*
read_fwds_name(struct config_stub * s)179 read_fwds_name(struct config_stub* s)
180 {
181 struct delegpt* dp;
182 uint8_t* dname;
183 size_t dname_len;
184 if(!s->name) {
185 log_err("forward zone without a name (use name \".\" to forward everything)");
186 return NULL;
187 }
188 dname = sldns_str2wire_dname(s->name, &dname_len);
189 if(!dname) {
190 log_err("cannot parse forward zone name %s", s->name);
191 return NULL;
192 }
193 if(!(dp=delegpt_create_mlc(dname))) {
194 free(dname);
195 log_err("out of memory");
196 return NULL;
197 }
198 free(dname);
199 return dp;
200 }
201
202 /** set fwd host names */
203 static int
read_fwds_host(struct config_stub * s,struct delegpt * dp)204 read_fwds_host(struct config_stub* s, struct delegpt* dp)
205 {
206 struct config_strlist* p;
207 uint8_t* dname;
208 char* tls_auth_name;
209 int port;
210 for(p = s->hosts; p; p = p->next) {
211 log_assert(p->str);
212 dname = authextstrtodname(p->str, &port, &tls_auth_name);
213 if(!dname) {
214 log_err("cannot parse forward %s server name: '%s'",
215 s->name, p->str);
216 return 0;
217 }
218 #if ! defined(HAVE_SSL_SET1_HOST) && ! defined(HAVE_X509_VERIFY_PARAM_SET1_HOST)
219 if(tls_auth_name)
220 log_err("no name verification functionality in "
221 "ssl library, ignored name for %s", p->str);
222 #endif
223 if(!delegpt_add_ns_mlc(dp, dname, 0, tls_auth_name, port)) {
224 free(dname);
225 log_err("out of memory");
226 return 0;
227 }
228 free(dname);
229 }
230 return 1;
231 }
232
233 /** set fwd server addresses */
234 static int
read_fwds_addr(struct config_stub * s,struct delegpt * dp)235 read_fwds_addr(struct config_stub* s, struct delegpt* dp)
236 {
237 struct config_strlist* p;
238 struct sockaddr_storage addr;
239 socklen_t addrlen;
240 char* tls_auth_name;
241 for(p = s->addrs; p; p = p->next) {
242 log_assert(p->str);
243 if(!authextstrtoaddr(p->str, &addr, &addrlen, &tls_auth_name)) {
244 log_err("cannot parse forward %s ip address: '%s'",
245 s->name, p->str);
246 return 0;
247 }
248 #if ! defined(HAVE_SSL_SET1_HOST) && ! defined(HAVE_X509_VERIFY_PARAM_SET1_HOST)
249 if(tls_auth_name)
250 log_err("no name verification functionality in "
251 "ssl library, ignored name for %s", p->str);
252 #endif
253 if(!delegpt_add_addr_mlc(dp, &addr, addrlen, 0, 0,
254 tls_auth_name, -1)) {
255 log_err("out of memory");
256 return 0;
257 }
258 }
259 return 1;
260 }
261
262 /** read forwards config */
263 static int
read_forwards(struct iter_forwards * fwd,struct config_file * cfg)264 read_forwards(struct iter_forwards* fwd, struct config_file* cfg)
265 {
266 struct config_stub* s;
267 for(s = cfg->forwards; s; s = s->next) {
268 struct delegpt* dp;
269 if(!(dp=read_fwds_name(s)))
270 return 0;
271 if(!read_fwds_host(s, dp) || !read_fwds_addr(s, dp)) {
272 delegpt_free_mlc(dp);
273 return 0;
274 }
275 /* set flag that parent side NS information is included.
276 * Asking a (higher up) server on the internet is not useful */
277 /* the flag is turned off for 'forward-first' so that the
278 * last resort will ask for parent-side NS record and thus
279 * fallback to the internet name servers on a failure */
280 dp->has_parent_side_NS = (uint8_t)!s->isfirst;
281 /* Do not cache if set. */
282 dp->no_cache = s->no_cache;
283 /* use SSL for queries to this forwarder */
284 dp->ssl_upstream = (uint8_t)s->ssl_upstream;
285 /* use TCP for queries to this forwarder */
286 dp->tcp_upstream = (uint8_t)s->tcp_upstream;
287 verbose(VERB_QUERY, "Forward zone server list:");
288 delegpt_log(VERB_QUERY, dp);
289 if(!forwards_insert(fwd, LDNS_RR_CLASS_IN, dp))
290 return 0;
291 }
292 return 1;
293 }
294
295 /** insert a stub hole (if necessary) for stub name */
296 static int
fwd_add_stub_hole(struct iter_forwards * fwd,uint16_t c,uint8_t * nm)297 fwd_add_stub_hole(struct iter_forwards* fwd, uint16_t c, uint8_t* nm)
298 {
299 struct iter_forward_zone key;
300 key.node.key = &key;
301 key.dclass = c;
302 key.name = nm;
303 key.namelabs = dname_count_size_labels(key.name, &key.namelen);
304 return forwards_insert_data(fwd, key.dclass, key.name,
305 key.namelen, key.namelabs, NULL);
306 }
307
308 /** make NULL entries for stubs */
309 static int
make_stub_holes(struct iter_forwards * fwd,struct config_file * cfg)310 make_stub_holes(struct iter_forwards* fwd, struct config_file* cfg)
311 {
312 struct config_stub* s;
313 uint8_t* dname;
314 size_t dname_len;
315 for(s = cfg->stubs; s; s = s->next) {
316 if(!s->name) continue;
317 dname = sldns_str2wire_dname(s->name, &dname_len);
318 if(!dname) {
319 log_err("cannot parse stub name '%s'", s->name);
320 return 0;
321 }
322 if(!fwd_add_stub_hole(fwd, LDNS_RR_CLASS_IN, dname)) {
323 free(dname);
324 log_err("out of memory");
325 return 0;
326 }
327 free(dname);
328 }
329 return 1;
330 }
331
332 int
forwards_apply_cfg(struct iter_forwards * fwd,struct config_file * cfg)333 forwards_apply_cfg(struct iter_forwards* fwd, struct config_file* cfg)
334 {
335 fwd_del_tree(fwd);
336 fwd->tree = rbtree_create(fwd_cmp);
337 if(!fwd->tree)
338 return 0;
339
340 /* read forward zones */
341 if(!read_forwards(fwd, cfg))
342 return 0;
343 if(!make_stub_holes(fwd, cfg))
344 return 0;
345 fwd_init_parents(fwd);
346 return 1;
347 }
348
349 struct delegpt*
forwards_find(struct iter_forwards * fwd,uint8_t * qname,uint16_t qclass)350 forwards_find(struct iter_forwards* fwd, uint8_t* qname, uint16_t qclass)
351 {
352 rbnode_type* res = NULL;
353 struct iter_forward_zone key;
354 key.node.key = &key;
355 key.dclass = qclass;
356 key.name = qname;
357 key.namelabs = dname_count_size_labels(qname, &key.namelen);
358 res = rbtree_search(fwd->tree, &key);
359 if(res) return ((struct iter_forward_zone*)res)->dp;
360 return NULL;
361 }
362
363 struct delegpt*
forwards_lookup(struct iter_forwards * fwd,uint8_t * qname,uint16_t qclass)364 forwards_lookup(struct iter_forwards* fwd, uint8_t* qname, uint16_t qclass)
365 {
366 /* lookup the forward zone in the tree */
367 rbnode_type* res = NULL;
368 struct iter_forward_zone *result;
369 struct iter_forward_zone key;
370 key.node.key = &key;
371 key.dclass = qclass;
372 key.name = qname;
373 key.namelabs = dname_count_size_labels(qname, &key.namelen);
374 if(rbtree_find_less_equal(fwd->tree, &key, &res)) {
375 /* exact */
376 result = (struct iter_forward_zone*)res;
377 } else {
378 /* smaller element (or no element) */
379 int m;
380 result = (struct iter_forward_zone*)res;
381 if(!result || result->dclass != qclass)
382 return NULL;
383 /* count number of labels matched */
384 (void)dname_lab_cmp(result->name, result->namelabs, key.name,
385 key.namelabs, &m);
386 while(result) { /* go up until qname is subdomain of stub */
387 if(result->namelabs <= m)
388 break;
389 result = result->parent;
390 }
391 }
392 if(result)
393 return result->dp;
394 return NULL;
395 }
396
397 struct delegpt*
forwards_lookup_root(struct iter_forwards * fwd,uint16_t qclass)398 forwards_lookup_root(struct iter_forwards* fwd, uint16_t qclass)
399 {
400 uint8_t root = 0;
401 return forwards_lookup(fwd, &root, qclass);
402 }
403
404 int
forwards_next_root(struct iter_forwards * fwd,uint16_t * dclass)405 forwards_next_root(struct iter_forwards* fwd, uint16_t* dclass)
406 {
407 struct iter_forward_zone key;
408 rbnode_type* n;
409 struct iter_forward_zone* p;
410 if(*dclass == 0) {
411 /* first root item is first item in tree */
412 n = rbtree_first(fwd->tree);
413 if(n == RBTREE_NULL)
414 return 0;
415 p = (struct iter_forward_zone*)n;
416 if(dname_is_root(p->name)) {
417 *dclass = p->dclass;
418 return 1;
419 }
420 /* root not first item? search for higher items */
421 *dclass = p->dclass + 1;
422 return forwards_next_root(fwd, dclass);
423 }
424 /* find class n in tree, we may get a direct hit, or if we don't
425 * this is the last item of the previous class so rbtree_next() takes
426 * us to the next root (if any) */
427 key.node.key = &key;
428 key.name = (uint8_t*)"\000";
429 key.namelen = 1;
430 key.namelabs = 0;
431 key.dclass = *dclass;
432 n = NULL;
433 if(rbtree_find_less_equal(fwd->tree, &key, &n)) {
434 /* exact */
435 return 1;
436 } else {
437 /* smaller element */
438 if(!n || n == RBTREE_NULL)
439 return 0; /* nothing found */
440 n = rbtree_next(n);
441 if(n == RBTREE_NULL)
442 return 0; /* no higher */
443 p = (struct iter_forward_zone*)n;
444 if(dname_is_root(p->name)) {
445 *dclass = p->dclass;
446 return 1;
447 }
448 /* not a root node, return next higher item */
449 *dclass = p->dclass+1;
450 return forwards_next_root(fwd, dclass);
451 }
452 }
453
454 size_t
forwards_get_mem(struct iter_forwards * fwd)455 forwards_get_mem(struct iter_forwards* fwd)
456 {
457 struct iter_forward_zone* p;
458 size_t s;
459 if(!fwd)
460 return 0;
461 s = sizeof(*fwd) + sizeof(*fwd->tree);
462 RBTREE_FOR(p, struct iter_forward_zone*, fwd->tree) {
463 s += sizeof(*p) + p->namelen + delegpt_get_mem(p->dp);
464 }
465 return s;
466 }
467
468 static struct iter_forward_zone*
fwd_zone_find(struct iter_forwards * fwd,uint16_t c,uint8_t * nm)469 fwd_zone_find(struct iter_forwards* fwd, uint16_t c, uint8_t* nm)
470 {
471 struct iter_forward_zone key;
472 key.node.key = &key;
473 key.dclass = c;
474 key.name = nm;
475 key.namelabs = dname_count_size_labels(nm, &key.namelen);
476 return (struct iter_forward_zone*)rbtree_search(fwd->tree, &key);
477 }
478
479 int
forwards_add_zone(struct iter_forwards * fwd,uint16_t c,struct delegpt * dp)480 forwards_add_zone(struct iter_forwards* fwd, uint16_t c, struct delegpt* dp)
481 {
482 struct iter_forward_zone *z;
483 if((z=fwd_zone_find(fwd, c, dp->name)) != NULL) {
484 (void)rbtree_delete(fwd->tree, &z->node);
485 fwd_zone_free(z);
486 }
487 if(!forwards_insert(fwd, c, dp))
488 return 0;
489 fwd_init_parents(fwd);
490 return 1;
491 }
492
493 void
forwards_delete_zone(struct iter_forwards * fwd,uint16_t c,uint8_t * nm)494 forwards_delete_zone(struct iter_forwards* fwd, uint16_t c, uint8_t* nm)
495 {
496 struct iter_forward_zone *z;
497 if(!(z=fwd_zone_find(fwd, c, nm)))
498 return; /* nothing to do */
499 (void)rbtree_delete(fwd->tree, &z->node);
500 fwd_zone_free(z);
501 fwd_init_parents(fwd);
502 }
503
504 int
forwards_add_stub_hole(struct iter_forwards * fwd,uint16_t c,uint8_t * nm)505 forwards_add_stub_hole(struct iter_forwards* fwd, uint16_t c, uint8_t* nm)
506 {
507 if(!fwd_add_stub_hole(fwd, c, nm)) {
508 return 0;
509 }
510 fwd_init_parents(fwd);
511 return 1;
512 }
513
514 void
forwards_delete_stub_hole(struct iter_forwards * fwd,uint16_t c,uint8_t * nm)515 forwards_delete_stub_hole(struct iter_forwards* fwd, uint16_t c, uint8_t* nm)
516 {
517 struct iter_forward_zone *z;
518 if(!(z=fwd_zone_find(fwd, c, nm)))
519 return; /* nothing to do */
520 if(z->dp != NULL)
521 return; /* not a stub hole */
522 (void)rbtree_delete(fwd->tree, &z->node);
523 fwd_zone_free(z);
524 fwd_init_parents(fwd);
525 }
526
527