xref: /netbsd-src/external/bsd/unbound/dist/iterator/iter_hints.c (revision 91f7d55fb697b5e0475da4718fa34c3a3ebeac85) 
13b6c3722Schristos /*
23b6c3722Schristos  * iterator/iter_hints.c - iterative resolver module stub and root hints.
33b6c3722Schristos  *
43b6c3722Schristos  * Copyright (c) 2007, NLnet Labs. All rights reserved.
53b6c3722Schristos  *
63b6c3722Schristos  * This software is open source.
73b6c3722Schristos  *
83b6c3722Schristos  * Redistribution and use in source and binary forms, with or without
93b6c3722Schristos  * modification, are permitted provided that the following conditions
103b6c3722Schristos  * are met:
113b6c3722Schristos  *
123b6c3722Schristos  * Redistributions of source code must retain the above copyright notice,
133b6c3722Schristos  * this list of conditions and the following disclaimer.
143b6c3722Schristos  *
153b6c3722Schristos  * Redistributions in binary form must reproduce the above copyright notice,
163b6c3722Schristos  * this list of conditions and the following disclaimer in the documentation
173b6c3722Schristos  * and/or other materials provided with the distribution.
183b6c3722Schristos  *
193b6c3722Schristos  * Neither the name of the NLNET LABS nor the names of its contributors may
203b6c3722Schristos  * be used to endorse or promote products derived from this software without
213b6c3722Schristos  * specific prior written permission.
223b6c3722Schristos  *
233b6c3722Schristos  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
243b6c3722Schristos  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
253b6c3722Schristos  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
263b6c3722Schristos  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
273b6c3722Schristos  * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
283b6c3722Schristos  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
293b6c3722Schristos  * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
303b6c3722Schristos  * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
313b6c3722Schristos  * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
323b6c3722Schristos  * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
333b6c3722Schristos  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
343b6c3722Schristos  */
353b6c3722Schristos 
363b6c3722Schristos /**
373b6c3722Schristos  * \file
383b6c3722Schristos  *
393b6c3722Schristos  * This file contains functions to assist the iterator module.
403b6c3722Schristos  * Keep track of stub and root hints, and read those from config.
413b6c3722Schristos  */
423b6c3722Schristos #include "config.h"
433b6c3722Schristos #include "iterator/iter_hints.h"
443b6c3722Schristos #include "iterator/iter_delegpt.h"
453b6c3722Schristos #include "util/log.h"
463b6c3722Schristos #include "util/config_file.h"
473b6c3722Schristos #include "util/net_help.h"
483b6c3722Schristos #include "util/data/dname.h"
493b6c3722Schristos #include "sldns/rrdef.h"
503b6c3722Schristos #include "sldns/str2wire.h"
513b6c3722Schristos #include "sldns/wire2str.h"
523b6c3722Schristos 
533b6c3722Schristos struct iter_hints*
hints_create(void)543b6c3722Schristos hints_create(void)
553b6c3722Schristos {
563b6c3722Schristos 	struct iter_hints* hints = (struct iter_hints*)calloc(1,
573b6c3722Schristos 		sizeof(struct iter_hints));
583b6c3722Schristos 	if(!hints)
593b6c3722Schristos 		return NULL;
603b6c3722Schristos 	return hints;
613b6c3722Schristos }
623b6c3722Schristos 
hints_stub_free(struct iter_hints_stub * s)633b6c3722Schristos static void hints_stub_free(struct iter_hints_stub* s)
643b6c3722Schristos {
653b6c3722Schristos 	if(!s) return;
663b6c3722Schristos 	delegpt_free_mlc(s->dp);
673b6c3722Schristos 	free(s);
683b6c3722Schristos }
693b6c3722Schristos 
delhintnode(rbnode_type * n,void * ATTR_UNUSED (arg))700cd9f4ecSchristos static void delhintnode(rbnode_type* n, void* ATTR_UNUSED(arg))
713b6c3722Schristos {
723b6c3722Schristos 	struct iter_hints_stub* node = (struct iter_hints_stub*)n;
733b6c3722Schristos 	hints_stub_free(node);
743b6c3722Schristos }
753b6c3722Schristos 
hints_del_tree(struct iter_hints * hints)763b6c3722Schristos static void hints_del_tree(struct iter_hints* hints)
773b6c3722Schristos {
783b6c3722Schristos 	traverse_postorder(&hints->tree, &delhintnode, NULL);
793b6c3722Schristos }
803b6c3722Schristos 
813b6c3722Schristos void
hints_delete(struct iter_hints * hints)823b6c3722Schristos hints_delete(struct iter_hints* hints)
833b6c3722Schristos {
843b6c3722Schristos 	if(!hints)
853b6c3722Schristos 		return;
863b6c3722Schristos 	hints_del_tree(hints);
873b6c3722Schristos 	free(hints);
883b6c3722Schristos }
893b6c3722Schristos 
903b6c3722Schristos /** add hint to delegation hints */
913b6c3722Schristos static int
ah(struct delegpt * dp,const char * sv,const char * ip)923b6c3722Schristos ah(struct delegpt* dp, const char* sv, const char* ip)
933b6c3722Schristos {
943b6c3722Schristos 	struct sockaddr_storage addr;
953b6c3722Schristos 	socklen_t addrlen;
963b6c3722Schristos 	size_t dname_len;
973b6c3722Schristos 	uint8_t* dname = sldns_str2wire_dname(sv, &dname_len);
983b6c3722Schristos 	if(!dname) {
993b6c3722Schristos 		log_err("could not parse %s", sv);
1003b6c3722Schristos 		return 0;
1013b6c3722Schristos 	}
1027a540f2bSchristos 	if(!delegpt_add_ns_mlc(dp, dname, 0, NULL, UNBOUND_DNS_PORT) ||
103*91f7d55fSchristos 	   !extstrtoaddr(ip, &addr, &addrlen, UNBOUND_DNS_PORT) ||
1043b6c3722Schristos 	   !delegpt_add_target_mlc(dp, dname, dname_len,
1053b6c3722Schristos 		&addr, addrlen, 0, 0)) {
1063b6c3722Schristos 		free(dname);
1073b6c3722Schristos 		return 0;
1083b6c3722Schristos 	}
1093b6c3722Schristos 	free(dname);
1103b6c3722Schristos 	return 1;
1113b6c3722Schristos }
1123b6c3722Schristos 
1133b6c3722Schristos /** obtain compiletime provided root hints */
1143b6c3722Schristos static struct delegpt*
compile_time_root_prime(int do_ip4,int do_ip6)1153b6c3722Schristos compile_time_root_prime(int do_ip4, int do_ip6)
1163b6c3722Schristos {
1173b6c3722Schristos 	/* from:
1183b6c3722Schristos 	 ;       This file is made available by InterNIC
1193b6c3722Schristos 	 ;       under anonymous FTP as
1203b6c3722Schristos 	 ;           file                /domain/named.cache
1213b6c3722Schristos 	 ;           on server           FTP.INTERNIC.NET
1223b6c3722Schristos 	 ;       -OR-                    RS.INTERNIC.NET
1233b6c3722Schristos 	 ;
1243b6c3722Schristos 	 ;       related version of root zone:   changes-on-20120103
1253b6c3722Schristos 	 */
1263b6c3722Schristos 	struct delegpt* dp = delegpt_create_mlc((uint8_t*)"\000");
1273b6c3722Schristos 	if(!dp)
1283b6c3722Schristos 		return NULL;
1293b6c3722Schristos 	dp->has_parent_side_NS = 1;
1303b6c3722Schristos       if(do_ip4) {
1313b6c3722Schristos 	if(!ah(dp, "A.ROOT-SERVERS.NET.", "198.41.0.4"))	goto failed;
1327cd94d69Schristos 	if(!ah(dp, "B.ROOT-SERVERS.NET.", "199.9.14.201")) goto failed;
1333b6c3722Schristos 	if(!ah(dp, "C.ROOT-SERVERS.NET.", "192.33.4.12"))	goto failed;
1343b6c3722Schristos 	if(!ah(dp, "D.ROOT-SERVERS.NET.", "199.7.91.13"))	goto failed;
1353b6c3722Schristos 	if(!ah(dp, "E.ROOT-SERVERS.NET.", "192.203.230.10")) goto failed;
1363b6c3722Schristos 	if(!ah(dp, "F.ROOT-SERVERS.NET.", "192.5.5.241"))	goto failed;
1373b6c3722Schristos 	if(!ah(dp, "G.ROOT-SERVERS.NET.", "192.112.36.4"))	goto failed;
1383b6c3722Schristos 	if(!ah(dp, "H.ROOT-SERVERS.NET.", "198.97.190.53"))	goto failed;
1393b6c3722Schristos 	if(!ah(dp, "I.ROOT-SERVERS.NET.", "192.36.148.17"))	goto failed;
1403b6c3722Schristos 	if(!ah(dp, "J.ROOT-SERVERS.NET.", "192.58.128.30"))	goto failed;
1413b6c3722Schristos 	if(!ah(dp, "K.ROOT-SERVERS.NET.", "193.0.14.129"))	goto failed;
1423b6c3722Schristos 	if(!ah(dp, "L.ROOT-SERVERS.NET.", "199.7.83.42"))	goto failed;
1433b6c3722Schristos 	if(!ah(dp, "M.ROOT-SERVERS.NET.", "202.12.27.33"))	goto failed;
1443b6c3722Schristos       }
1453b6c3722Schristos       if(do_ip6) {
1463b6c3722Schristos 	if(!ah(dp, "A.ROOT-SERVERS.NET.", "2001:503:ba3e::2:30")) goto failed;
1470cd9f4ecSchristos 	if(!ah(dp, "B.ROOT-SERVERS.NET.", "2001:500:200::b")) goto failed;
1483b6c3722Schristos 	if(!ah(dp, "C.ROOT-SERVERS.NET.", "2001:500:2::c")) goto failed;
1493b6c3722Schristos 	if(!ah(dp, "D.ROOT-SERVERS.NET.", "2001:500:2d::d")) goto failed;
1500cd9f4ecSchristos 	if(!ah(dp, "E.ROOT-SERVERS.NET.", "2001:500:a8::e")) goto failed;
1513b6c3722Schristos 	if(!ah(dp, "F.ROOT-SERVERS.NET.", "2001:500:2f::f")) goto failed;
1520cd9f4ecSchristos 	if(!ah(dp, "G.ROOT-SERVERS.NET.", "2001:500:12::d0d")) goto failed;
1533b6c3722Schristos 	if(!ah(dp, "H.ROOT-SERVERS.NET.", "2001:500:1::53")) goto failed;
1543b6c3722Schristos 	if(!ah(dp, "I.ROOT-SERVERS.NET.", "2001:7fe::53")) goto failed;
1553b6c3722Schristos 	if(!ah(dp, "J.ROOT-SERVERS.NET.", "2001:503:c27::2:30")) goto failed;
1563b6c3722Schristos 	if(!ah(dp, "K.ROOT-SERVERS.NET.", "2001:7fd::1")) goto failed;
1573b6c3722Schristos 	if(!ah(dp, "L.ROOT-SERVERS.NET.", "2001:500:9f::42")) goto failed;
1583b6c3722Schristos 	if(!ah(dp, "M.ROOT-SERVERS.NET.", "2001:dc3::35")) goto failed;
1593b6c3722Schristos       }
1603b6c3722Schristos 	return dp;
1613b6c3722Schristos failed:
1623b6c3722Schristos 	delegpt_free_mlc(dp);
1633b6c3722Schristos 	return 0;
1643b6c3722Schristos }
1653b6c3722Schristos 
1663b6c3722Schristos /** insert new hint info into hint structure */
1673b6c3722Schristos static int
hints_insert(struct iter_hints * hints,uint16_t c,struct delegpt * dp,int noprime)1683b6c3722Schristos hints_insert(struct iter_hints* hints, uint16_t c, struct delegpt* dp,
1693b6c3722Schristos 	int noprime)
1703b6c3722Schristos {
1713b6c3722Schristos 	struct iter_hints_stub* node = (struct iter_hints_stub*)malloc(
1723b6c3722Schristos 		sizeof(struct iter_hints_stub));
1733b6c3722Schristos 	if(!node) {
1743b6c3722Schristos 		delegpt_free_mlc(dp);
1753b6c3722Schristos 		return 0;
1763b6c3722Schristos 	}
1773b6c3722Schristos 	node->dp = dp;
1783b6c3722Schristos 	node->noprime = (uint8_t)noprime;
1793b6c3722Schristos 	if(!name_tree_insert(&hints->tree, &node->node, dp->name, dp->namelen,
1803b6c3722Schristos 		dp->namelabs, c)) {
1813b6c3722Schristos 		char buf[257];
1823b6c3722Schristos 		dname_str(dp->name, buf);
1833b6c3722Schristos 		log_err("second hints for zone %s ignored.", buf);
1843b6c3722Schristos 		delegpt_free_mlc(dp);
1853b6c3722Schristos 		free(node);
1863b6c3722Schristos 	}
1873b6c3722Schristos 	return 1;
1883b6c3722Schristos }
1893b6c3722Schristos 
1903b6c3722Schristos /** set stub name */
1913b6c3722Schristos static struct delegpt*
read_stubs_name(struct config_stub * s)1923b6c3722Schristos read_stubs_name(struct config_stub* s)
1933b6c3722Schristos {
1943b6c3722Schristos 	struct delegpt* dp;
1953b6c3722Schristos 	size_t dname_len;
1963b6c3722Schristos 	uint8_t* dname;
1973b6c3722Schristos 	if(!s->name) {
1983b6c3722Schristos 		log_err("stub zone without a name");
1993b6c3722Schristos 		return NULL;
2003b6c3722Schristos 	}
2013b6c3722Schristos 	dname = sldns_str2wire_dname(s->name, &dname_len);
2023b6c3722Schristos 	if(!dname) {
2033b6c3722Schristos 		log_err("cannot parse stub zone name %s", s->name);
2043b6c3722Schristos 		return NULL;
2053b6c3722Schristos 	}
2063b6c3722Schristos 	if(!(dp=delegpt_create_mlc(dname))) {
2073b6c3722Schristos 		free(dname);
2083b6c3722Schristos 		log_err("out of memory");
2093b6c3722Schristos 		return NULL;
2103b6c3722Schristos 	}
2113b6c3722Schristos 	free(dname);
2123b6c3722Schristos 	return dp;
2133b6c3722Schristos }
2143b6c3722Schristos 
2153b6c3722Schristos /** set stub host names */
2163b6c3722Schristos static int
read_stubs_host(struct config_stub * s,struct delegpt * dp)2173b6c3722Schristos read_stubs_host(struct config_stub* s, struct delegpt* dp)
2183b6c3722Schristos {
2193b6c3722Schristos 	struct config_strlist* p;
2203b6c3722Schristos 	uint8_t* dname;
2217a540f2bSchristos 	char* tls_auth_name;
2227a540f2bSchristos 	int port;
2233b6c3722Schristos 	for(p = s->hosts; p; p = p->next) {
2243b6c3722Schristos 		log_assert(p->str);
2257a540f2bSchristos 		dname = authextstrtodname(p->str, &port, &tls_auth_name);
2263b6c3722Schristos 		if(!dname) {
2273b6c3722Schristos 			log_err("cannot parse stub %s nameserver name: '%s'",
2283b6c3722Schristos 				s->name, p->str);
2293b6c3722Schristos 			return 0;
2303b6c3722Schristos 		}
2317a540f2bSchristos #if ! defined(HAVE_SSL_SET1_HOST) && ! defined(HAVE_X509_VERIFY_PARAM_SET1_HOST)
2327a540f2bSchristos 		if(tls_auth_name)
2337a540f2bSchristos 			log_err("no name verification functionality in "
2347a540f2bSchristos 				"ssl library, ignored name for %s", p->str);
2357a540f2bSchristos #endif
2367a540f2bSchristos 		if(!delegpt_add_ns_mlc(dp, dname, 0, tls_auth_name, port)) {
2373b6c3722Schristos 			free(dname);
2383b6c3722Schristos 			log_err("out of memory");
2393b6c3722Schristos 			return 0;
2403b6c3722Schristos 		}
2413b6c3722Schristos 		free(dname);
2423b6c3722Schristos 	}
2433b6c3722Schristos 	return 1;
2443b6c3722Schristos }
2453b6c3722Schristos 
2463b6c3722Schristos /** set stub server addresses */
2473b6c3722Schristos static int
read_stubs_addr(struct config_stub * s,struct delegpt * dp)2483b6c3722Schristos read_stubs_addr(struct config_stub* s, struct delegpt* dp)
2493b6c3722Schristos {
2503b6c3722Schristos 	struct config_strlist* p;
2513b6c3722Schristos 	struct sockaddr_storage addr;
2523b6c3722Schristos 	socklen_t addrlen;
2537cd94d69Schristos 	char* auth_name;
2543b6c3722Schristos 	for(p = s->addrs; p; p = p->next) {
2553b6c3722Schristos 		log_assert(p->str);
2567cd94d69Schristos 		if(!authextstrtoaddr(p->str, &addr, &addrlen, &auth_name)) {
2573b6c3722Schristos 			log_err("cannot parse stub %s ip address: '%s'",
2583b6c3722Schristos 				s->name, p->str);
2593b6c3722Schristos 			return 0;
2603b6c3722Schristos 		}
261f42d8de7Schristos #if ! defined(HAVE_SSL_SET1_HOST) && ! defined(HAVE_X509_VERIFY_PARAM_SET1_HOST)
262f42d8de7Schristos 		if(auth_name)
263f42d8de7Schristos 			log_err("no name verification functionality in "
264f42d8de7Schristos 				"ssl library, ignored name for %s", p->str);
265f42d8de7Schristos #endif
2667cd94d69Schristos 		if(!delegpt_add_addr_mlc(dp, &addr, addrlen, 0, 0,
2677a540f2bSchristos 			auth_name, -1)) {
2683b6c3722Schristos 			log_err("out of memory");
2693b6c3722Schristos 			return 0;
2703b6c3722Schristos 		}
2713b6c3722Schristos 	}
2723b6c3722Schristos 	return 1;
2733b6c3722Schristos }
2743b6c3722Schristos 
2753b6c3722Schristos /** read stubs config */
2763b6c3722Schristos static int
read_stubs(struct iter_hints * hints,struct config_file * cfg)2773b6c3722Schristos read_stubs(struct iter_hints* hints, struct config_file* cfg)
2783b6c3722Schristos {
2793b6c3722Schristos 	struct config_stub* s;
2803b6c3722Schristos 	struct delegpt* dp;
2813b6c3722Schristos 	for(s = cfg->stubs; s; s = s->next) {
2823b6c3722Schristos 		if(!(dp=read_stubs_name(s)))
2833b6c3722Schristos 			return 0;
2843b6c3722Schristos 		if(!read_stubs_host(s, dp) || !read_stubs_addr(s, dp)) {
2853b6c3722Schristos 			delegpt_free_mlc(dp);
2863b6c3722Schristos 			return 0;
2873b6c3722Schristos 		}
2883b6c3722Schristos 		/* the flag is turned off for 'stub-first' so that the
2893b6c3722Schristos 		 * last resort will ask for parent-side NS record and thus
2903b6c3722Schristos 		 * fallback to the internet name servers on a failure */
2913b6c3722Schristos 		dp->has_parent_side_NS = (uint8_t)!s->isfirst;
292f42d8de7Schristos 		/* Do not cache if set. */
293f42d8de7Schristos 		dp->no_cache = s->no_cache;
2940cd9f4ecSchristos 		/* ssl_upstream */
2950cd9f4ecSchristos 		dp->ssl_upstream = (uint8_t)s->ssl_upstream;
2967a540f2bSchristos 		/* tcp_upstream */
2977a540f2bSchristos 		dp->tcp_upstream = (uint8_t)s->tcp_upstream;
2983b6c3722Schristos 		delegpt_log(VERB_QUERY, dp);
2993b6c3722Schristos 		if(!hints_insert(hints, LDNS_RR_CLASS_IN, dp, !s->isprime))
3003b6c3722Schristos 			return 0;
3013b6c3722Schristos 	}
3023b6c3722Schristos 	return 1;
3033b6c3722Schristos }
3043b6c3722Schristos 
3053b6c3722Schristos /** read root hints from file */
3063b6c3722Schristos static int
read_root_hints(struct iter_hints * hints,char * fname)3073b6c3722Schristos read_root_hints(struct iter_hints* hints, char* fname)
3083b6c3722Schristos {
3093b6c3722Schristos 	struct sldns_file_parse_state pstate;
3103b6c3722Schristos 	struct delegpt* dp;
3113b6c3722Schristos 	uint8_t rr[LDNS_RR_BUF_SIZE];
3123b6c3722Schristos 	size_t rr_len, dname_len;
3133b6c3722Schristos 	int status;
3143b6c3722Schristos 	uint16_t c = LDNS_RR_CLASS_IN;
3153b6c3722Schristos 	FILE* f = fopen(fname, "r");
3163b6c3722Schristos 	if(!f) {
3173b6c3722Schristos 		log_err("could not read root hints %s: %s",
3183b6c3722Schristos 			fname, strerror(errno));
3193b6c3722Schristos 		return 0;
3203b6c3722Schristos 	}
3213b6c3722Schristos 	dp = delegpt_create_mlc(NULL);
3223b6c3722Schristos 	if(!dp) {
3233b6c3722Schristos 		log_err("out of memory reading root hints");
3243b6c3722Schristos 		fclose(f);
3253b6c3722Schristos 		return 0;
3263b6c3722Schristos 	}
3273b6c3722Schristos 	verbose(VERB_QUERY, "Reading root hints from %s", fname);
3283b6c3722Schristos 	memset(&pstate, 0, sizeof(pstate));
3293b6c3722Schristos 	pstate.lineno = 1;
3303b6c3722Schristos 	dp->has_parent_side_NS = 1;
3313b6c3722Schristos 	while(!feof(f)) {
3323b6c3722Schristos 		rr_len = sizeof(rr);
3333b6c3722Schristos 		dname_len = 0;
3343b6c3722Schristos 		status = sldns_fp2wire_rr_buf(f, rr, &rr_len, &dname_len,
3353b6c3722Schristos 			&pstate);
3363b6c3722Schristos 		if(status != 0) {
3373b6c3722Schristos 			log_err("reading root hints %s %d:%d: %s", fname,
3383b6c3722Schristos 				pstate.lineno, LDNS_WIREPARSE_OFFSET(status),
3393b6c3722Schristos 				sldns_get_errorstr_parse(status));
3403b6c3722Schristos 			goto stop_read;
3413b6c3722Schristos 		}
3423b6c3722Schristos 		if(rr_len == 0)
3433b6c3722Schristos 			continue; /* EMPTY line, TTL or ORIGIN */
3443b6c3722Schristos 		if(sldns_wirerr_get_type(rr, rr_len, dname_len)
3453b6c3722Schristos 			== LDNS_RR_TYPE_NS) {
3463b6c3722Schristos 			if(!delegpt_add_ns_mlc(dp, sldns_wirerr_get_rdata(rr,
3477a540f2bSchristos 				rr_len, dname_len), 0, NULL, UNBOUND_DNS_PORT)) {
3483b6c3722Schristos 				log_err("out of memory reading root hints");
3493b6c3722Schristos 				goto stop_read;
3503b6c3722Schristos 			}
3513b6c3722Schristos 			c = sldns_wirerr_get_class(rr, rr_len, dname_len);
3523b6c3722Schristos 			if(!dp->name) {
3533b6c3722Schristos 				if(!delegpt_set_name_mlc(dp, rr)) {
3543b6c3722Schristos 					log_err("out of memory.");
3553b6c3722Schristos 					goto stop_read;
3563b6c3722Schristos 				}
3573b6c3722Schristos 			}
3583b6c3722Schristos 		} else if(sldns_wirerr_get_type(rr, rr_len, dname_len)
3593b6c3722Schristos 			== LDNS_RR_TYPE_A && sldns_wirerr_get_rdatalen(rr,
3603b6c3722Schristos 			rr_len, dname_len) == INET_SIZE) {
3613b6c3722Schristos 			struct sockaddr_in sa;
3623b6c3722Schristos 			socklen_t len = (socklen_t)sizeof(sa);
3633b6c3722Schristos 			memset(&sa, 0, len);
3643b6c3722Schristos 			sa.sin_family = AF_INET;
3653b6c3722Schristos 			sa.sin_port = (in_port_t)htons(UNBOUND_DNS_PORT);
3663b6c3722Schristos 			memmove(&sa.sin_addr,
3673b6c3722Schristos 				sldns_wirerr_get_rdata(rr, rr_len, dname_len),
3683b6c3722Schristos 				INET_SIZE);
3693b6c3722Schristos 			if(!delegpt_add_target_mlc(dp, rr, dname_len,
3703b6c3722Schristos 					(struct sockaddr_storage*)&sa, len,
3713b6c3722Schristos 					0, 0)) {
3723b6c3722Schristos 				log_err("out of memory reading root hints");
3733b6c3722Schristos 				goto stop_read;
3743b6c3722Schristos 			}
3753b6c3722Schristos 		} else if(sldns_wirerr_get_type(rr, rr_len, dname_len)
3763b6c3722Schristos 			== LDNS_RR_TYPE_AAAA && sldns_wirerr_get_rdatalen(rr,
3773b6c3722Schristos 			rr_len, dname_len) == INET6_SIZE) {
3783b6c3722Schristos 			struct sockaddr_in6 sa;
3793b6c3722Schristos 			socklen_t len = (socklen_t)sizeof(sa);
3803b6c3722Schristos 			memset(&sa, 0, len);
3813b6c3722Schristos 			sa.sin6_family = AF_INET6;
3823b6c3722Schristos 			sa.sin6_port = (in_port_t)htons(UNBOUND_DNS_PORT);
3833b6c3722Schristos 			memmove(&sa.sin6_addr,
3843b6c3722Schristos 				sldns_wirerr_get_rdata(rr, rr_len, dname_len),
3853b6c3722Schristos 				INET6_SIZE);
3863b6c3722Schristos 			if(!delegpt_add_target_mlc(dp, rr, dname_len,
3873b6c3722Schristos 					(struct sockaddr_storage*)&sa, len,
3883b6c3722Schristos 					0, 0)) {
3893b6c3722Schristos 				log_err("out of memory reading root hints");
3903b6c3722Schristos 				goto stop_read;
3913b6c3722Schristos 			}
3923b6c3722Schristos 		} else {
3933b6c3722Schristos 			char buf[17];
3943b6c3722Schristos 			sldns_wire2str_type_buf(sldns_wirerr_get_type(rr,
3953b6c3722Schristos 				rr_len, dname_len), buf, sizeof(buf));
3963b6c3722Schristos 			log_warn("root hints %s:%d skipping type %s",
3973b6c3722Schristos 				fname, pstate.lineno, buf);
3983b6c3722Schristos 		}
3993b6c3722Schristos 	}
4003b6c3722Schristos 	fclose(f);
4013b6c3722Schristos 	if(!dp->name) {
4023b6c3722Schristos 		log_warn("root hints %s: no NS content", fname);
4033b6c3722Schristos 		delegpt_free_mlc(dp);
4043b6c3722Schristos 		return 1;
4053b6c3722Schristos 	}
4067a540f2bSchristos 	delegpt_log(VERB_QUERY, dp);
4073b6c3722Schristos 	if(!hints_insert(hints, c, dp, 0)) {
4083b6c3722Schristos 		return 0;
4093b6c3722Schristos 	}
4103b6c3722Schristos 	return 1;
4113b6c3722Schristos 
4123b6c3722Schristos stop_read:
4133b6c3722Schristos 	delegpt_free_mlc(dp);
4143b6c3722Schristos 	fclose(f);
4153b6c3722Schristos 	return 0;
4163b6c3722Schristos }
4173b6c3722Schristos 
4183b6c3722Schristos /** read root hints list */
4193b6c3722Schristos static int
read_root_hints_list(struct iter_hints * hints,struct config_file * cfg)4203b6c3722Schristos read_root_hints_list(struct iter_hints* hints, struct config_file* cfg)
4213b6c3722Schristos {
4223b6c3722Schristos 	struct config_strlist* p;
4233b6c3722Schristos 	for(p = cfg->root_hints; p; p = p->next) {
4243b6c3722Schristos 		log_assert(p->str);
4253b6c3722Schristos 		if(p->str && p->str[0]) {
4263b6c3722Schristos 			char* f = p->str;
4273b6c3722Schristos 			if(cfg->chrootdir && cfg->chrootdir[0] &&
4283b6c3722Schristos 				strncmp(p->str, cfg->chrootdir,
4293b6c3722Schristos 				strlen(cfg->chrootdir)) == 0)
4303b6c3722Schristos 				f += strlen(cfg->chrootdir);
4313b6c3722Schristos 			if(!read_root_hints(hints, f))
4323b6c3722Schristos 				return 0;
4333b6c3722Schristos 		}
4343b6c3722Schristos 	}
4353b6c3722Schristos 	return 1;
4363b6c3722Schristos }
4373b6c3722Schristos 
4383b6c3722Schristos int
hints_apply_cfg(struct iter_hints * hints,struct config_file * cfg)4393b6c3722Schristos hints_apply_cfg(struct iter_hints* hints, struct config_file* cfg)
4403b6c3722Schristos {
4413b6c3722Schristos 	hints_del_tree(hints);
4423b6c3722Schristos 	name_tree_init(&hints->tree);
4433b6c3722Schristos 
4443b6c3722Schristos 	/* read root hints */
4453b6c3722Schristos 	if(!read_root_hints_list(hints, cfg))
4463b6c3722Schristos 		return 0;
4473b6c3722Schristos 
4483b6c3722Schristos 	/* read stub hints */
4493b6c3722Schristos 	if(!read_stubs(hints, cfg))
4503b6c3722Schristos 		return 0;
4513b6c3722Schristos 
4523b6c3722Schristos 	/* use fallback compiletime root hints */
4533b6c3722Schristos 	if(!hints_lookup_root(hints, LDNS_RR_CLASS_IN)) {
4543b6c3722Schristos 		struct delegpt* dp = compile_time_root_prime(cfg->do_ip4,
4553b6c3722Schristos 			cfg->do_ip6);
4563b6c3722Schristos 		verbose(VERB_ALGO, "no config, using builtin root hints.");
4573b6c3722Schristos 		if(!dp)
4583b6c3722Schristos 			return 0;
4593b6c3722Schristos 		if(!hints_insert(hints, LDNS_RR_CLASS_IN, dp, 0))
4603b6c3722Schristos 			return 0;
4613b6c3722Schristos 	}
4623b6c3722Schristos 
4633b6c3722Schristos 	name_tree_init_parents(&hints->tree);
4643b6c3722Schristos 	return 1;
4653b6c3722Schristos }
4663b6c3722Schristos 
4673b6c3722Schristos struct delegpt*
hints_lookup_root(struct iter_hints * hints,uint16_t qclass)4683b6c3722Schristos hints_lookup_root(struct iter_hints* hints, uint16_t qclass)
4693b6c3722Schristos {
4703b6c3722Schristos 	uint8_t rootlab = 0;
4713b6c3722Schristos 	struct iter_hints_stub *stub;
4723b6c3722Schristos 	stub = (struct iter_hints_stub*)name_tree_find(&hints->tree,
4733b6c3722Schristos 		&rootlab, 1, 1, qclass);
4743b6c3722Schristos 	if(!stub)
4753b6c3722Schristos 		return NULL;
4763b6c3722Schristos 	return stub->dp;
4773b6c3722Schristos }
4783b6c3722Schristos 
4793b6c3722Schristos struct iter_hints_stub*
hints_lookup_stub(struct iter_hints * hints,uint8_t * qname,uint16_t qclass,struct delegpt * cache_dp)4803b6c3722Schristos hints_lookup_stub(struct iter_hints* hints, uint8_t* qname,
4813b6c3722Schristos 	uint16_t qclass, struct delegpt* cache_dp)
4823b6c3722Schristos {
4833b6c3722Schristos 	size_t len;
4843b6c3722Schristos 	int labs;
4853b6c3722Schristos 	struct iter_hints_stub *r;
4863b6c3722Schristos 
4873b6c3722Schristos 	/* first lookup the stub */
4883b6c3722Schristos 	labs = dname_count_size_labels(qname, &len);
4893b6c3722Schristos 	r = (struct iter_hints_stub*)name_tree_lookup(&hints->tree, qname,
4903b6c3722Schristos 		len, labs, qclass);
4913b6c3722Schristos 	if(!r) return NULL;
4923b6c3722Schristos 
4933b6c3722Schristos 	/* If there is no cache (root prime situation) */
4943b6c3722Schristos 	if(cache_dp == NULL) {
4953b6c3722Schristos 		if(r->dp->namelabs != 1)
4963b6c3722Schristos 			return r; /* no cache dp, use any non-root stub */
4973b6c3722Schristos 		return NULL;
4983b6c3722Schristos 	}
4993b6c3722Schristos 
5003b6c3722Schristos 	/*
5013b6c3722Schristos 	 * If the stub is same as the delegation we got
5023b6c3722Schristos 	 * And has noprime set, we need to 'prime' to use this stub instead.
5033b6c3722Schristos 	 */
5043b6c3722Schristos 	if(r->noprime && query_dname_compare(cache_dp->name, r->dp->name)==0)
5053b6c3722Schristos 		return r; /* use this stub instead of cached dp */
5063b6c3722Schristos 
5073b6c3722Schristos 	/*
5083b6c3722Schristos 	 * If our cached delegation point is above the hint, we need to prime.
5093b6c3722Schristos 	 */
5103b6c3722Schristos 	if(dname_strict_subdomain(r->dp->name, r->dp->namelabs,
5113b6c3722Schristos 		cache_dp->name, cache_dp->namelabs))
5123b6c3722Schristos 		return r; /* need to prime this stub */
5133b6c3722Schristos 	return NULL;
5143b6c3722Schristos }
5153b6c3722Schristos 
hints_next_root(struct iter_hints * hints,uint16_t * qclass)5163b6c3722Schristos int hints_next_root(struct iter_hints* hints, uint16_t* qclass)
5173b6c3722Schristos {
5183b6c3722Schristos 	return name_tree_next_root(&hints->tree, qclass);
5193b6c3722Schristos }
5203b6c3722Schristos 
5213b6c3722Schristos size_t
hints_get_mem(struct iter_hints * hints)5223b6c3722Schristos hints_get_mem(struct iter_hints* hints)
5233b6c3722Schristos {
5243b6c3722Schristos 	size_t s;
5253b6c3722Schristos 	struct iter_hints_stub* p;
5263b6c3722Schristos 	if(!hints) return 0;
5273b6c3722Schristos 	s = sizeof(*hints);
5283b6c3722Schristos 	RBTREE_FOR(p, struct iter_hints_stub*, &hints->tree) {
5293b6c3722Schristos 		s += sizeof(*p) + delegpt_get_mem(p->dp);
5303b6c3722Schristos 	}
5313b6c3722Schristos 	return s;
5323b6c3722Schristos }
5333b6c3722Schristos 
5343b6c3722Schristos int
hints_add_stub(struct iter_hints * hints,uint16_t c,struct delegpt * dp,int noprime)5353b6c3722Schristos hints_add_stub(struct iter_hints* hints, uint16_t c, struct delegpt* dp,
5363b6c3722Schristos 	int noprime)
5373b6c3722Schristos {
5383b6c3722Schristos 	struct iter_hints_stub *z;
5393b6c3722Schristos 	if((z=(struct iter_hints_stub*)name_tree_find(&hints->tree,
5403b6c3722Schristos 		dp->name, dp->namelen, dp->namelabs, c)) != NULL) {
5413b6c3722Schristos 		(void)rbtree_delete(&hints->tree, &z->node);
5423b6c3722Schristos 		hints_stub_free(z);
5433b6c3722Schristos 	}
5443b6c3722Schristos 	if(!hints_insert(hints, c, dp, noprime))
5453b6c3722Schristos 		return 0;
5463b6c3722Schristos 	name_tree_init_parents(&hints->tree);
5473b6c3722Schristos 	return 1;
5483b6c3722Schristos }
5493b6c3722Schristos 
5503b6c3722Schristos void
hints_delete_stub(struct iter_hints * hints,uint16_t c,uint8_t * nm)5513b6c3722Schristos hints_delete_stub(struct iter_hints* hints, uint16_t c, uint8_t* nm)
5523b6c3722Schristos {
5533b6c3722Schristos 	struct iter_hints_stub *z;
5543b6c3722Schristos 	size_t len;
5553b6c3722Schristos 	int labs = dname_count_size_labels(nm, &len);
5563b6c3722Schristos 	if(!(z=(struct iter_hints_stub*)name_tree_find(&hints->tree,
5573b6c3722Schristos 		nm, len, labs, c)))
5583b6c3722Schristos 		return; /* nothing to do */
5593b6c3722Schristos 	(void)rbtree_delete(&hints->tree, &z->node);
5603b6c3722Schristos 	hints_stub_free(z);
5613b6c3722Schristos 	name_tree_init_parents(&hints->tree);
5623b6c3722Schristos }
5633b6c3722Schristos 
564