|
unbound
0.1
|
#include "config.h"#include "iterator/iter_utils.h"#include "iterator/iterator.h"#include "iterator/iter_hints.h"#include "iterator/iter_fwd.h"#include "iterator/iter_donotq.h"#include "iterator/iter_delegpt.h"#include "iterator/iter_priv.h"#include "services/cache/infra.h"#include "services/cache/dns.h"#include "services/cache/rrset.h"#include "util/net_help.h"#include "util/module.h"#include "util/log.h"#include "util/config_file.h"#include "util/regional.h"#include "util/data/msgparse.h"#include "util/data/dname.h"#include "util/random.h"#include "util/fptr_wlist.h"#include "validator/val_anchor.h"#include "validator/val_kcache.h"#include "validator/val_kentry.h"#include "validator/val_utils.h"#include "validator/val_sigcrypt.h"#include "sldns/sbuffer.h"#include "sldns/str2wire.h"Macros | |
| #define | SUSPICION_RECENT_EXPIRY 86400 |
| time when nameserver glue is said to be 'recent' | |
| #define | BLACKLIST_PENALTY (USEFUL_SERVER_TOP_TIMEOUT*4) |
| penalty to validation failed blacklisted IPs | |
Functions | |
| static void | fetch_fill (struct iter_env *ie, const char *str) |
| fillup fetch policy array | |
| static int | read_fetch_policy (struct iter_env *ie, const char *str) |
| Read config string that represents the target fetch policy. | |
| static int | caps_white_apply_cfg (rbtree_type *ntree, struct config_file *cfg) |
| apply config caps whitelist items to name tree | |
| int | iter_apply_cfg (struct iter_env *iter_env, struct config_file *cfg) |
| Process config options and set iterator module state. More... | |
| static int | iter_filter_unsuitable (struct iter_env *iter_env, struct module_env *env, uint8_t *name, size_t namelen, uint16_t qtype, time_t now, struct delegpt_addr *a) |
| filter out unsuitable targets More... | |
| static int | iter_fill_rtt (struct iter_env *iter_env, struct module_env *env, uint8_t *name, size_t namelen, uint16_t qtype, time_t now, struct delegpt *dp, int *best_rtt, struct sock_list *blacklist, size_t *num_suitable_results) |
| lookup RTT information, and also store fastest rtt (if any) | |
| static int | rtt_compare (const void *x, const void *y) |
| compare two rtts, return -1, 0 or 1 | |
| static int | nth_rtt (struct delegpt_addr *result_list, size_t num_results, size_t n) |
| get RTT for the Nth fastest server | |
| static int | iter_filter_order (struct iter_env *iter_env, struct module_env *env, uint8_t *name, size_t namelen, uint16_t qtype, time_t now, struct delegpt *dp, int *selected_rtt, int open_target, struct sock_list *blacklist, time_t prefetch) |
| filter the address list, putting best targets at front, returns number of best targets (or 0, no suitable targets) | |
| struct delegpt_addr * | iter_server_selection (struct iter_env *iter_env, struct module_env *env, struct delegpt *dp, uint8_t *name, size_t namelen, uint16_t qtype, int *dnssec_lame, int *chase_to_rd, int open_target, struct sock_list *blacklist, time_t prefetch) |
| Select a valid, nice target to send query to. More... | |
| struct dns_msg * | dns_alloc_msg (sldns_buffer *pkt, struct msg_parse *msg, struct regional *region) |
| Allocate dns_msg from parsed msg, in regional. More... | |
| struct dns_msg * | dns_copy_msg (struct dns_msg *from, struct regional *region) |
| Copy a dns_msg to this regional. More... | |
| void | iter_dns_store (struct module_env *env, struct query_info *msgqinf, struct reply_info *msgrep, int is_referral, time_t leeway, int pside, struct regional *region, uint16_t flags) |
| Allocate a dns_msg with malloc/alloc structure and store in dns cache. More... | |
| int | iter_ns_probability (struct ub_randstate *rnd, int n, int m) |
| Select randomly with n/m probability. More... | |
| static int | causes_cycle (struct module_qstate *qstate, uint8_t *name, size_t namelen, uint16_t t, uint16_t c) |
| detect dependency cycle for query and target | |
| void | iter_mark_cycle_targets (struct module_qstate *qstate, struct delegpt *dp) |
| Mark targets that result in a dependency cycle as done, so they will not get selected as targets. More... | |
| void | iter_mark_pside_cycle_targets (struct module_qstate *qstate, struct delegpt *dp) |
| Mark targets that result in a dependency cycle as done, so they will not get selected as targets. More... | |
| int | iter_dp_is_useless (struct query_info *qinfo, uint16_t qflags, struct delegpt *dp) |
| See if delegation is useful or offers immediately no targets for further recursion. More... | |
| int | iter_qname_indicates_dnssec (struct module_env *env, struct query_info *qinfo) |
| See if qname has DNSSEC needs. More... | |
| int | iter_indicates_dnssec (struct module_env *env, struct delegpt *dp, struct dns_msg *msg, uint16_t dclass) |
| See if delegation is expected to have DNSSEC information (RRSIGs) in its answers, or not. More... | |
| int | iter_msg_has_dnssec (struct dns_msg *msg) |
| See if a message contains DNSSEC. More... | |
| int | iter_msg_from_zone (struct dns_msg *msg, struct delegpt *dp, enum response_type type, uint16_t dclass) |
| See if a message is known to be from a certain zone. More... | |
| static int | rrset_equal (struct ub_packed_rrset_key *k1, struct ub_packed_rrset_key *k2) |
| check equality of two rrsets More... | |
| static int | rrset_canonical_sort_cmp (const void *x, const void *y) |
| compare rrsets and sort canonically. More... | |
| int | reply_equal (struct reply_info *p, struct reply_info *q, struct regional *region) |
| Check if two replies are equal For fallback procedures. More... | |
| void | caps_strip_reply (struct reply_info *rep) |
| Remove unused bits from the reply if possible. More... | |
| int | caps_failed_rcode (struct reply_info *rep) |
| see if reply has a 'useful' rcode for capsforid comparison, so not SERVFAIL or REFUSED, and thus NOERROR or NXDOMAIN. More... | |
| void | iter_store_parentside_rrset (struct module_env *env, struct ub_packed_rrset_key *rrset) |
| Store parent-side rrset in separate rrset cache entries for later last-resort * lookups in case the child-side versions of this information fails. More... | |
| static struct ub_packed_rrset_key * | reply_get_NS_rrset (struct reply_info *rep) |
| fetch NS record from reply, if any | |
| void | iter_store_parentside_NS (struct module_env *env, struct reply_info *rep) |
| Store parent-side NS records from a referral message. More... | |
| void | iter_store_parentside_neg (struct module_env *env, struct query_info *qinfo, struct reply_info *rep) |
| Store parent-side negative element, the parentside rrset does not exist, creates an rrset with empty rdata in the rrset cache with PARENTSIDE flag. More... | |
| int | iter_lookup_parent_NS_from_cache (struct module_env *env, struct delegpt *dp, struct regional *region, struct query_info *qinfo) |
| Add parent NS record if that exists in the cache. More... | |
| int | iter_lookup_parent_glue_from_cache (struct module_env *env, struct delegpt *dp, struct regional *region, struct query_info *qinfo) |
| Add parent-side glue if that exists in the cache. More... | |
| int | iter_get_next_root (struct iter_hints *hints, struct iter_forwards *fwd, uint16_t *c) |
| Lookup next root-hint or root-forward entry. More... | |
| void | iter_scrub_ds (struct dns_msg *msg, struct ub_packed_rrset_key *ns, uint8_t *z) |
| Remove DS records that are inappropriate before they are cached. More... | |
| void | iter_scrub_nxdomain (struct dns_msg *msg) |
| Prepare an NXDOMAIN message to be used for a subdomain answer by removing all RRs from the ANSWER section. More... | |
| void | iter_dec_attempts (struct delegpt *dp, int d) |
| Remove query attempts from all available ips. More... | |
| void | iter_merge_retry_counts (struct delegpt *dp, struct delegpt *old) |
| Add retry counts from older delegpt to newer delegpt. More... | |
| int | iter_ds_toolow (struct dns_msg *msg, struct delegpt *dp) |
| See if a DS response (type ANSWER) is too low: a nodata answer with a SOA record in the authority section at-or-below the qchase.qname. More... | |
| int | iter_dp_cangodown (struct query_info *qinfo, struct delegpt *dp) |
| See if delegpt can go down a step to the qname or not. More... | |
| int | iter_stub_fwd_no_cache (struct module_qstate *qstate, struct query_info *qinf) |
| Lookup if no_cache is set in stub or fwd. More... | |
This file contains functions to assist the iterator module. Configuration options. Forward zones.
| int iter_apply_cfg | ( | struct iter_env * | iter_env, |
| struct config_file * | cfg | ||
| ) |
Process config options and set iterator module state.
Sets default values if no config is found.
| iter_env | iterator module state. |
| cfg | config options. |
References iter_env::caps_white, caps_white_apply_cfg(), config_file::caps_whitelist, config_file::do_ip4, config_file::do_ip6, iter_env::donotq, donotq_apply_cfg(), donotq_create(), log_err(), iter_env::max_dependency_depth, name_tree_compare(), iter_env::priv, priv_apply_cfg(), priv_create(), rbtree_create(), read_fetch_policy(), iter_env::supports_ipv4, iter_env::supports_ipv6, iter_env::target_fetch_policy, config_file::target_fetch_policy, VERB_QUERY, and verbose().
Referenced by iter_init().
|
static |
filter out unsuitable targets
| iter_env | iterator environment with ipv6-support flag. |
| env | module environment with infra cache. |
| name | zone name |
| namelen | length of name |
| qtype | query type (host order). |
| now | current time |
| a | address in delegation point we are examining. |
When a final value is chosen that is dnsseclame ; dnsseclameness checking is turned off (so we do not discard the reply). When a final value is chosen that is recursionlame; RD bit is set on query. Because of the numbers this means recursionlame also have dnssec lameness checking turned off.
References delegpt_addr::addr, addr_is_ip6(), delegpt_addr::addrlen, delegpt_addr::bogus, delegpt_addr::dnsseclame, iter_env::donotq, donotq_lookup(), module_env::infra_cache, infra_get_lame_rtt(), delegpt_addr::lame, log_addr(), name_tree_node::name, iter_env::supports_ipv4, iter_env::supports_ipv6, UNKNOWN_SERVER_NICENESS, USEFUL_SERVER_TOP_TIMEOUT, VERB_ALGO, and verbose().
Referenced by iter_fill_rtt().
| struct delegpt_addr* iter_server_selection | ( | struct iter_env * | iter_env, |
| struct module_env * | env, | ||
| struct delegpt * | dp, | ||
| uint8_t * | name, | ||
| size_t | namelen, | ||
| uint16_t | qtype, | ||
| int * | dnssec_lame, | ||
| int * | chase_to_rd, | ||
| int | open_target, | ||
| struct sock_list * | blacklist, | ||
| time_t | prefetch | ||
| ) |
Select a valid, nice target to send query to.
Sorting and removing unsuitable targets is combined.
| iter_env | iterator module global state, with ip6 enabled and do-not-query-addresses. |
| env | environment with infra cache (lameness, rtt info). |
| dp | delegation point with result list. |
| name | zone name (for lameness check). |
| namelen | length of name. |
| qtype | query type that we want to send. |
| dnssec_lame | set to 1, if a known dnssec-lame server is selected these are not preferred, but are used as a last resort. |
| chase_to_rd | set to 1 if a known recursion lame server is selected these are not preferred, but are used as a last resort. |
| open_target | number of currently outstanding target queries. If we wait for these, perhaps more server addresses become available. |
| blacklist | the IP blacklist to use. |
| prefetch | if not 0, prefetch is in use for this query. This means the query can have different timing, because prefetch is not waited upon by the downstream client, and thus a good time to perform exploration of other targets. |
References delegpt_addr::attempts, BLACKLIST_PENALTY, iter_filter_order(), log_assert, delegpt_addr::next_result, module_env::now, OUTBOUND_MSG_RETRY, delegpt::result_list, module_env::rnd, ub_random_max(), USEFUL_SERVER_TOP_TIMEOUT, VERB_ALGO, and verbose().
| struct dns_msg* dns_alloc_msg | ( | struct sldns_buffer * | pkt, |
| struct msg_parse * | msg, | ||
| struct regional * | regional | ||
| ) |
Allocate dns_msg from parsed msg, in regional.
| pkt | packet. |
| msg | parsed message (cleaned and ready for regional allocation). |
| regional | regional to use for allocation. |
References log_err(), parse_create_msg(), dns_msg::qinfo, regional_alloc(), and dns_msg::rep.
Copy a dns_msg to this regional.
| from | dns message, also in regional. |
| regional | regional to use for allocation. |
References dns_msg::qinfo, query_info::qname, query_info::qname_len, regional_alloc(), regional_alloc_init(), dns_msg::rep, and reply_info_copy().
| void iter_dns_store | ( | struct module_env * | env, |
| struct query_info * | qinf, | ||
| struct reply_info * | rep, | ||
| int | is_referral, | ||
| time_t | leeway, | ||
| int | pside, | ||
| struct regional * | region, | ||
| uint16_t | flags | ||
| ) |
Allocate a dns_msg with malloc/alloc structure and store in dns cache.
| env | environment, with alloc structure and dns cache. |
| qinf | query info, the query for which answer is stored. |
| rep | reply in dns_msg from dns_alloc_msg for example. |
| is_referral | If true, then the given message to be stored is a referral. The cache implementation may use this as a hint. |
| leeway | prefetch TTL leeway to expire old rrsets quicker. |
| pside | true if dp is parentside, thus message is 'fresh' and NS can be prefetch-updates. |
| region | to copy modified (cache is better) rrs back to. |
| flags | with BIT_CD for dns64 AAAA translated queries. |
References dns_cache_store(), and log_err().
| int iter_ns_probability | ( | struct ub_randstate * | rnd, |
| int | n, | ||
| int | m | ||
| ) |
Select randomly with n/m probability.
For shuffle NS records for address fetching.
| rnd | random table |
| n | probability. |
| m | divisor for probability. |
References ub_random_max().
Referenced by query_for_targets().
| void iter_mark_cycle_targets | ( | struct module_qstate * | qstate, |
| struct delegpt * | dp | ||
| ) |
Mark targets that result in a dependency cycle as done, so they will not get selected as targets.
| qstate | query state. |
| dp | delegpt to mark ns in. |
References causes_cycle(), LDNS_RR_TYPE_A, LDNS_RR_TYPE_AAAA, log_nametypeclass(), delegpt_ns::name, delegpt_ns::namelen, delegpt_ns::next, delegpt::nslist, query_info::qclass, module_qstate::qinfo, delegpt_ns::resolved, and VERB_QUERY.
Referenced by query_for_targets().
| void iter_mark_pside_cycle_targets | ( | struct module_qstate * | qstate, |
| struct delegpt * | dp | ||
| ) |
Mark targets that result in a dependency cycle as done, so they will not get selected as targets.
For the parent-side lookups.
| qstate | query state. |
| dp | delegpt to mark ns in. |
References causes_cycle(), delegpt_ns::done_pside4, delegpt_ns::done_pside6, LDNS_RR_TYPE_A, LDNS_RR_TYPE_AAAA, log_nametypeclass(), delegpt_ns::name, delegpt_ns::namelen, delegpt_ns::next, delegpt::nslist, query_info::qclass, module_qstate::qinfo, and VERB_QUERY.
| int iter_dp_is_useless | ( | struct query_info * | qinfo, |
| uint16_t | qflags, | ||
| struct delegpt * | dp | ||
| ) |
See if delegation is useful or offers immediately no targets for further recursion.
| qinfo | query name and type |
| qflags | query flags with RD flag |
| dp | delegpt to check. |
References BIT_RD, delegpt_find_ns(), dname_subdomain_c(), LDNS_RR_TYPE_A, LDNS_RR_TYPE_AAAA, delegpt::name, delegpt_ns::name, delegpt_ns::next, delegpt::nslist, query_info::qname, query_info::qname_len, query_info::qtype, delegpt_ns::resolved, delegpt::result_list, and delegpt::usable_list.
| int iter_qname_indicates_dnssec | ( | struct module_env * | env, |
| struct query_info * | qinfo | ||
| ) |
See if qname has DNSSEC needs.
This is true if there is a trust anchor above it. Whether there is an insecure delegation to the data is unknown.
| env | environment with anchors. |
| qinfo | query name and class. |
References module_env::anchors, anchors_lookup(), trust_anchor::lock, trust_anchor::numDNSKEY, trust_anchor::numDS, query_info::qclass, query_info::qname, and query_info::qname_len.
| int iter_indicates_dnssec | ( | struct module_env * | env, |
| struct delegpt * | dp, | ||
| struct dns_msg * | msg, | ||
| uint16_t | dclass | ||
| ) |
See if delegation is expected to have DNSSEC information (RRSIGs) in its answers, or not.
Inspects delegation point (name), trust anchors, and delegation message (DS RRset) to determine this.
| env | module env with trust anchors. |
| dp | delegation point. |
| msg | delegation message, with DS if a secure referral. |
| dclass | class of query. |
References anchor_find(), module_env::anchors, trust_anchor::dclass, module_env::key_cache, key_cache_obtain(), key_entry_isbad(), key_entry_isgood(), key_entry_isnull(), LDNS_RR_TYPE_DS, trust_anchor::lock, delegpt::name, key_entry_key::name, delegpt::namelabs, delegpt::namelen, module_env::now, trust_anchor::numDNSKEY, trust_anchor::numDS, query_dname_compare(), regional_free_all(), dns_msg::rep, reply_find_rrset_section_ns(), and module_env::scratch.
Referenced by generate_parentside_target_query(), prime_root(), and processInitRequest3().
| int iter_msg_has_dnssec | ( | struct dns_msg * | msg | ) |
See if a message contains DNSSEC.
This is examined by looking for RRSIGs. With DNSSEC a valid answer, nxdomain, nodata, referral or cname reply has RRSIGs in answer or auth sections, sigs on answer data, SOA, DS, or NSEC/NSEC3 records.
| msg | message to examine. |
References reply_info::an_numrrsets, reply_info::ns_numrrsets, dns_msg::rep, and reply_info::rrsets.
Referenced by processQueryResponse().
| int iter_msg_from_zone | ( | struct dns_msg * | msg, |
| struct delegpt * | dp, | ||
| enum response_type | type, | ||
| uint16_t | dclass | ||
| ) |
See if a message is known to be from a certain zone.
This looks for SOA or NS rrsets, for answers. For referrals, when one label is delegated, the zone is detected. Does not look at signatures.
| msg | the message to inspect. |
| dp | delegation point with zone name to look for. |
| type | type of message. |
| dclass | class of query. |
References reply_info::an_numrrsets, packed_rrset_key::dname, dname_count_labels(), dname_strict_subdomain(), LDNS_RR_TYPE_NS, LDNS_RR_TYPE_SOA, log_assert, delegpt::name, delegpt::namelabs, delegpt::namelen, reply_info::ns_numrrsets, dns_msg::rep, reply_find_rrset_section_an(), reply_find_rrset_section_ns(), RESPONSE_TYPE_ANSWER, RESPONSE_TYPE_CNAME, RESPONSE_TYPE_REFERRAL, ub_packed_rrset_key::rk, packed_rrset_key::rrset_class, reply_info::rrsets, and packed_rrset_key::type.
Referenced by processQueryResponse().
|
static |
check equality of two rrsets
| k1 | rrset |
| k2 | rrset |
References packed_rrset_data::count, lruhash_entry::data, packed_rrset_key::dname, packed_rrset_key::dname_len, ub_packed_rrset_key::entry, packed_rrset_key::flags, query_dname_compare(), ub_packed_rrset_key::rk, packed_rrset_data::rr_data, packed_rrset_data::rr_len, packed_rrset_key::rrset_class, packed_rrset_data::rrsig_count, packed_rrset_data::security, packed_rrset_data::trust, and packed_rrset_key::type.
Referenced by reply_equal().
|
static |
compare rrsets and sort canonically.
Compares rrset name, type, class. return 0 if equal, +1 if x > y, and -1 if x < y.
References packed_rrset_key::dname, dname_canonical_compare(), ub_packed_rrset_key::rk, packed_rrset_key::rrset_class, and packed_rrset_key::type.
Referenced by reply_equal().
| int reply_equal | ( | struct reply_info * | p, |
| struct reply_info * | q, | ||
| struct regional * | region | ||
| ) |
Check if two replies are equal For fallback procedures.
| p | reply one. The reply has rrset data pointers in region. Does not check rrset-IDs |
| q | reply two |
| region | scratch buffer. |
References reply_info::an_numrrsets, reply_info::ar_numrrsets, reply_info::flags, log_assert, reply_info::ns_numrrsets, reply_info::qdcount, regional_alloc_init(), regional_free_all(), rrset_canonical_equal(), rrset_canonical_sort_cmp(), reply_info::rrset_count, rrset_equal(), reply_info::rrsets, and reply_info::security.
| void caps_strip_reply | ( | struct reply_info * | rep | ) |
Remove unused bits from the reply if possible.
So that caps-for-id (0x20) fallback is more likely to be successful. This removes like, the additional section, and NS record in the authority section if those records are gratuitous (not for a referral).
| rep | the reply to strip stuff out of. |
References reply_info::an_numrrsets, reply_info::ar_numrrsets, BIT_AA, reply_info::flags, LDNS_RR_TYPE_NS, reply_info::ns_numrrsets, ub_packed_rrset_key::rk, reply_info::rrset_count, reply_info::rrsets, packed_rrset_key::type, VERB_ALGO, and verbose().
| int caps_failed_rcode | ( | struct reply_info * | rep | ) |
see if reply has a 'useful' rcode for capsforid comparison, so not SERVFAIL or REFUSED, and thus NOERROR or NXDOMAIN.
| rep | reply to check. |
References reply_info::flags, and FLAGS_GET_RCODE.
| void iter_store_parentside_rrset | ( | struct module_env * | env, |
| struct ub_packed_rrset_key * | rrset | ||
| ) |
Store parent-side rrset in separate rrset cache entries for later last-resort * lookups in case the child-side versions of this information fails.
| env | environment with cache, time, ... |
| rrset | the rrset to store (copied). Failure to store is logged, but otherwise ignored. |
References module_env::alloc, rrset_ref::id, rrset_ref::key, log_err(), module_env::now, packed_rrset_copy_alloc(), PACKED_RRSET_PARENT_SIDE, module_env::rrset_cache, rrset_cache_update(), and rrset_key_hash().
Referenced by iter_store_parentside_NS().
| void iter_store_parentside_NS | ( | struct module_env * | env, |
| struct reply_info * | rep | ||
| ) |
Store parent-side NS records from a referral message.
| env | environment with cache, time, ... |
| rep | response with NS rrset. Failure to store is logged, but otherwise ignored. |
References iter_store_parentside_rrset(), log_rrset_key(), reply_get_NS_rrset(), and VERB_ALGO.
| void iter_store_parentside_neg | ( | struct module_env * | env, |
| struct query_info * | qinfo, | ||
| struct reply_info * | rep | ||
| ) |
Store parent-side negative element, the parentside rrset does not exist, creates an rrset with empty rdata in the rrset cache with PARENTSIDE flag.
| env | environment with cache, time, ... |
| qinfo | the identity of the rrset that is missing. |
| rep | delegation response or answer response, to glean TTL from. (malloc) failure is logged but otherwise ignored. |
References packed_rrset_data::count, lruhash_entry::data, packed_rrset_key::dname, packed_rrset_key::dname_len, ub_packed_rrset_key::entry, packed_rrset_key::flags, lruhash_entry::hash, lruhash_entry::key, log_err(), NORR_TTL, packed_rrset_ptr_fixup(), query_info::qclass, query_info::qname, query_info::qname_len, query_info::qtype, regional_alloc(), regional_alloc_init(), regional_alloc_zero(), reply_get_NS_rrset(), ub_packed_rrset_key::rk, packed_rrset_data::rr_len, packed_rrset_data::rr_ttl, packed_rrset_key::rrset_class, reply_info::rrset_count, rrset_key_hash(), rrset_trust_ans_noAA, reply_info::rrsets, packed_rrset_data::rrsig_count, module_env::scratch, packed_rrset_data::trust, packed_rrset_data::ttl, packed_rrset_key::type, and ub_packed_rrset_ttl().
Referenced by processFinished().
| int iter_lookup_parent_NS_from_cache | ( | struct module_env * | env, |
| struct delegpt * | dp, | ||
| struct regional * | region, | ||
| struct query_info * | qinfo | ||
| ) |
Add parent NS record if that exists in the cache.
This is both new information and acts like a timeout throttle on retries.
| env | query env with rrset cache and time. |
| dp | delegation point to store result in. Also this dp is used to see which NS name is needed. |
| region | region to alloc result in. |
| qinfo | pertinent information, the qclass. |
References delegpt_rrset_add_ns(), ub_packed_rrset_key::entry, delegpt::has_parent_side_NS, LDNS_RR_TYPE_NS, lruhash_entry::lock, log_rrset_key(), delegpt::name, delegpt::namelen, module_env::now, PACKED_RRSET_PARENT_SIDE, query_info::qclass, module_env::rrset_cache, rrset_cache_lookup(), and VERB_ALGO.
| int iter_lookup_parent_glue_from_cache | ( | struct module_env * | env, |
| struct delegpt * | dp, | ||
| struct regional * | region, | ||
| struct query_info * | qinfo | ||
| ) |
Add parent-side glue if that exists in the cache.
This is both new information and acts like a timeout throttle on retries to fetch them.
| env | query env with rrset cache and time. |
| dp | delegation point to store result in. Also this dp is used to see which NS name is needed. |
| region | region to alloc result in. |
| qinfo | pertinent information, the qclass. |
References delegpt_add_rrset_A(), delegpt_add_rrset_AAAA(), delegpt_count_targets(), delegpt_ns::done_pside4, delegpt_ns::done_pside6, ub_packed_rrset_key::entry, LDNS_RR_TYPE_A, LDNS_RR_TYPE_AAAA, lruhash_entry::lock, log_err(), log_rrset_key(), delegpt_ns::name, delegpt_ns::namelen, delegpt_ns::next, module_env::now, delegpt::nslist, PACKED_RRSET_PARENT_SIDE, query_info::qclass, module_env::rrset_cache, rrset_cache_lookup(), and VERB_ALGO.
| int iter_get_next_root | ( | struct iter_hints * | hints, |
| struct iter_forwards * | fwd, | ||
| uint16_t * | c | ||
| ) |
Lookup next root-hint or root-forward entry.
| hints | the hints. |
| fwd | the forwards. |
| c | the class to start searching at. 0 means find first one. |
References forwards_next_root(), and hints_next_root().
Referenced by processCollectClass().
| void iter_scrub_ds | ( | struct dns_msg * | msg, |
| struct ub_packed_rrset_key * | ns, | ||
| uint8_t * | z | ||
| ) |
Remove DS records that are inappropriate before they are cached.
| msg | the response to scrub. |
| ns | RRSET that is the NS record for the referral. if NULL, then all DS records are removed from the authority section. |
| z | zone name that the response is from. |
References reply_info::an_numrrsets, packed_rrset_key::dname, dname_subdomain_c(), LDNS_RR_TYPE_DS, log_nametypeclass(), reply_info::ns_numrrsets, query_dname_compare(), dns_msg::rep, ub_packed_rrset_key::rk, packed_rrset_key::rrset_class, reply_info::rrset_count, reply_info::rrsets, packed_rrset_key::type, and VERB_ALGO.
Referenced by processQueryResponse().
| void iter_scrub_nxdomain | ( | struct dns_msg * | msg | ) |
Prepare an NXDOMAIN message to be used for a subdomain answer by removing all RRs from the ANSWER section.
| msg | the response to scrub. |
References reply_info::an_numrrsets, dns_msg::rep, reply_info::rrset_count, and reply_info::rrsets.
| void iter_dec_attempts | ( | struct delegpt * | dp, |
| int | d | ||
| ) |
Remove query attempts from all available ips.
For 0x20.
| dp | delegpt. |
| d | decrease. |
References delegpt_addr::attempts, delegpt_addr::next_result, delegpt_addr::next_target, OUTBOUND_MSG_RETRY, delegpt::result_list, and delegpt::target_list.
Referenced by process_response().
Add retry counts from older delegpt to newer delegpt.
Does not waste time on timeout'd (or other failing) addresses.
| dp | new delegationpoint. |
| old | old delegationpoint. |
References delegpt_addr::addr, delegpt_addr::addrlen, delegpt_addr::attempts, delegpt_find_addr(), log_addr(), delegpt_addr::next_target, delegpt_addr::next_usable, OUTBOUND_MSG_RETRY, delegpt::target_list, delegpt::usable_list, and VERB_ALGO.
See if a DS response (type ANSWER) is too low: a nodata answer with a SOA record in the authority section at-or-below the qchase.qname.
Also returns true if we are not sure (i.e. empty message, CNAME nosig).
| msg | the response. |
| dp | the dp name is used to check if the RRSIG gives a clue that it was originated from the correct nameserver. |
References reply_info::an_numrrsets, packed_rrset_key::dname, dname_subdomain_c(), LDNS_RR_TYPE_CNAME, LDNS_RR_TYPE_DNAME, LDNS_RR_TYPE_DS, LDNS_RR_TYPE_SOA, delegpt::name, reply_info::ns_numrrsets, dns_msg::qinfo, query_info::qname, query_dname_compare(), dns_msg::rep, ub_packed_rrset_key::rk, reply_info::rrsets, packed_rrset_key::type, and val_find_rrset_signer().
| int iter_dp_cangodown | ( | struct query_info * | qinfo, |
| struct delegpt * | dp | ||
| ) |
See if delegpt can go down a step to the qname or not.
| qinfo | the query name looked up. |
| dp | checked if the name can go lower to the qname |
References dname_count_labels(), delegpt::name, delegpt::namelabs, query_info::qname, and query_dname_compare().
| int iter_stub_fwd_no_cache | ( | struct module_qstate * | qstate, |
| struct query_info * | qinf | ||
| ) |
Lookup if no_cache is set in stub or fwd.
| qstate | query state with env with hints and fwds. |
| qinf | query name to lookup for. |
References dname_str(), dname_strict_subdomain(), iter_hints_stub::dp, module_qstate::env, forwards_lookup(), module_env::fwds, module_env::hints, hints_lookup_stub(), delegpt::name, delegpt::namelabs, query_info::qclass, query_info::qname, VERB_ALGO, and verbose().
1.8.18