#include "config.h"
#include "iterator/iter_utils.h"
#include "iterator/iterator.h"
#include "iterator/iter_hints.h"
#include "iterator/iter_fwd.h"
#include "iterator/iter_donotq.h"
#include "iterator/iter_delegpt.h"
#include "iterator/iter_priv.h"
#include "services/cache/infra.h"
#include "services/cache/dns.h"
#include "services/cache/rrset.h"
#include "util/net_help.h"
#include "util/module.h"
#include "util/log.h"
#include "util/config_file.h"
#include "util/regional.h"
#include "util/data/msgparse.h"
#include "util/data/dname.h"
#include "util/random.h"
#include "util/fptr_wlist.h"
#include "validator/val_anchor.h"
Functions | |
static void | fetch_fill (struct iter_env *ie, const char *str) |
fillup fetch policy array | |
static int | read_fetch_policy (struct iter_env *ie, const char *str) |
Read config string that represents the target fetch policy. | |
int | iter_apply_cfg (struct iter_env *iter_env, struct config_file *cfg) |
Process config options and set iterator module state. | |
static int | iter_filter_unsuitable (struct iter_env *iter_env, struct module_env *env, uint8_t *name, size_t namelen, uint16_t qtype, uint32_t now, struct delegpt_addr *a) |
filter out unsuitable targets | |
static int | iter_fill_rtt (struct iter_env *iter_env, struct module_env *env, uint8_t *name, size_t namelen, uint16_t qtype, uint32_t now, struct delegpt *dp, int *best_rtt) |
lookup RTT information, and also store fastest rtt (if any) | |
static int | iter_filter_order (struct iter_env *iter_env, struct module_env *env, uint8_t *name, size_t namelen, uint16_t qtype, uint32_t now, struct delegpt *dp, int *selected_rtt) |
filter the addres list, putting best targets at front, returns number of best targets (or 0, no suitable targets) | |
struct delegpt_addr * | iter_server_selection (struct iter_env *iter_env, struct module_env *env, struct delegpt *dp, uint8_t *name, size_t namelen, uint16_t qtype, int *dnssec_expected, int *chase_to_rd) |
Select a valid, nice target to send query to. | |
struct dns_msg * | dns_alloc_msg (ldns_buffer *pkt, struct msg_parse *msg, struct regional *region) |
Allocate dns_msg from parsed msg, in regional. | |
struct dns_msg * | dns_copy_msg (struct dns_msg *from, struct regional *region) |
Copy a dns_msg to this regional. | |
int | iter_dns_store (struct module_env *env, struct query_info *msgqinf, struct reply_info *msgrep, int is_referral) |
Allocate a dns_msg with malloc/alloc structure and store in dns cache. | |
int | iter_ns_probability (struct ub_randstate *rnd, int n, int m) |
Select randomly with n/m probability. | |
static int | causes_cycle (struct module_qstate *qstate, uint8_t *name, size_t namelen, uint16_t t, uint16_t c) |
detect dependency cycle for query and target | |
void | iter_mark_cycle_targets (struct module_qstate *qstate, struct delegpt *dp) |
Mark targets that result in a dependency cycle as done, so they will not get selected as targets. | |
int | iter_dp_is_useless (struct query_info *qinfo, uint16_t qflags, struct delegpt *dp) |
See if delegation is useful or offers immediately no targets for further recursion. | |
int | iter_indicates_dnssec (struct module_env *env, struct delegpt *dp, struct dns_msg *msg, uint16_t dclass) |
See if delegation is expected to have DNSSEC information (RRSIGs) in its answers, or not. | |
int | iter_msg_has_dnssec (struct dns_msg *msg) |
See if a message contains DNSSEC. | |
int | iter_msg_from_zone (struct dns_msg *msg, struct delegpt *dp, enum response_type type, uint16_t dclass) |
See if a message is known to be from a certain zone. | |
static int | rrset_equal (struct ub_packed_rrset_key *k1, struct ub_packed_rrset_key *k2) |
check equality of two rrsets | |
int | reply_equal (struct reply_info *p, struct reply_info *q) |
Check if two replies are equal For fallback procedures. |
Configuration options. Forward zones.
int iter_apply_cfg | ( | struct iter_env * | iter_env, | |
struct config_file * | cfg | |||
) |
Process config options and set iterator module state.
Sets default values if no config is found.
iter_env,: | iterator module state. | |
cfg,: | config options. |
References config_file::do_ip6, iter_env::donotq, donotq_apply_cfg(), donotq_create(), forwards_apply_cfg(), forwards_create(), iter_env::fwds, iter_env::hints, hints_apply_cfg(), hints_create(), log_err(), iter_env::max_dependency_depth, iter_env::priv, priv_apply_cfg(), priv_create(), read_fetch_policy(), iter_env::supports_ipv6, iter_env::target_fetch_policy, config_file::target_fetch_policy, VERB_QUERY, and verbose().
Referenced by iter_init().
static int iter_filter_unsuitable | ( | struct iter_env * | iter_env, | |
struct module_env * | env, | |||
uint8_t * | name, | |||
size_t | namelen, | |||
uint16_t | qtype, | |||
uint32_t | now, | |||
struct delegpt_addr * | a | |||
) | [static] |
filter out unsuitable targets
iter_env,: | iterator environment with ipv6-support flag. | |
env,: | module environment with infra cache. | |
name,: | zone name | |
namelen,: | length of name | |
qtype,: | query type (host order). | |
now,: | current time | |
a,: | address in delegation point we are examining. |
References delegpt_addr::addr, addr_is_ip6(), delegpt_addr::addrlen, delegpt_addr::bogus, iter_env::donotq, donotq_lookup(), module_env::infra_cache, infra_get_lame_rtt(), log_addr(), iter_env::supports_ipv6, UNKNOWN_SERVER_NICENESS, USEFUL_SERVER_TOP_TIMEOUT, VERB_ALGO, and verbose().
Referenced by iter_fill_rtt().
struct delegpt_addr* iter_server_selection | ( | struct iter_env * | iter_env, | |
struct module_env * | env, | |||
struct delegpt * | dp, | |||
uint8_t * | name, | |||
size_t | namelen, | |||
uint16_t | qtype, | |||
int * | dnssec_expected, | |||
int * | chase_to_rd | |||
) | [read] |
Select a valid, nice target to send query to.
Sorting and removing unsuitable targets is combined.
iter_env,: | iterator module global state, with ip6 enabled and do-not-query-addresses. | |
env,: | environment with infra cache (lameness, rtt info). | |
dp,: | delegation point with result list. | |
name,: | zone name (for lameness check). | |
namelen,: | length of name. | |
qtype,: | query type that we want to send. | |
dnssec_expected,: | set to 0, if a known dnssec-lame server is selected these are not preferred, but are used as a last resort. | |
chase_to_rd,: | set to 1 if a known recursion lame server is selected these are not preferred, but are used as a last resort. |
References delegpt_addr::attempts, iter_filter_order(), log_assert, delegpt_addr::next_result, module_env::now, OUTBOUND_MSG_RETRY, delegpt::result_list, module_env::rnd, ub_random(), USEFUL_SERVER_TOP_TIMEOUT, VERB_ALGO, and verbose().
Referenced by processQueryTargets().
struct dns_msg* dns_alloc_msg | ( | ldns_buffer * | pkt, | |
struct msg_parse * | msg, | |||
struct regional * | regional | |||
) | [read] |
Allocate dns_msg from parsed msg, in regional.
pkt,: | packet. | |
msg,: | parsed message (cleaned and ready for regional allocation). | |
regional,: | regional to use for allocation. |
References log_err(), parse_create_msg(), dns_msg::qinfo, regional_alloc(), and dns_msg::rep.
Referenced by process_response().
Copy a dns_msg to this regional.
References dns_msg::qinfo, query_info::qname, query_info::qname_len, regional_alloc(), regional_alloc_init(), dns_msg::rep, and reply_info_copy().
Referenced by prime_supers().
int iter_dns_store | ( | struct module_env * | env, | |
struct query_info * | qinf, | |||
struct reply_info * | rep, | |||
int | is_referral | |||
) |
Allocate a dns_msg with malloc/alloc structure and store in dns cache.
env,: | environment, with alloc structure and dns cache. | |
qinf,: | query info, the query for which answer is stored. | |
rep,: | reply in dns_msg from dns_alloc_msg for example. | |
is_referral,: | If true, then the given message to be stored is a referral. The cache implementation may use this as a hint. |
References dns_cache_store().
Referenced by error_response_cache(), processFinished(), and processQueryResponse().
int iter_ns_probability | ( | struct ub_randstate * | rnd, | |
int | n, | |||
int | m | |||
) |
Select randomly with n/m probability.
For shuffle NS records for address fetching.
rnd,: | random table | |
n,: | probability. | |
m,: | divisor for probability. |
References ub_random().
Referenced by query_for_targets().
void iter_mark_cycle_targets | ( | struct module_qstate * | qstate, | |
struct delegpt * | dp | |||
) |
Mark targets that result in a dependency cycle as done, so they will not get selected as targets.
qstate,: | query state. | |
dp,: | delegpt to mark ns in. |
References causes_cycle(), log_nametypeclass(), delegpt_ns::name, delegpt_ns::namelen, delegpt_ns::next, delegpt::nslist, query_info::qclass, module_qstate::qinfo, delegpt_ns::resolved, and VERB_QUERY.
Referenced by query_for_targets().
int iter_dp_is_useless | ( | struct query_info * | qinfo, | |
uint16_t | qflags, | |||
struct delegpt * | dp | |||
) |
See if delegation is useful or offers immediately no targets for further recursion.
qinfo,: | query name and type | |
qflags,: | query flags with RD flag | |
dp,: | delegpt to check. |
References BIT_RD, delegpt_find_ns(), dname_subdomain_c(), delegpt_ns::name, delegpt::name, delegpt_ns::next, delegpt::nslist, query_info::qname, query_info::qname_len, query_info::qtype, delegpt_ns::resolved, delegpt::result_list, and delegpt::usable_list.
Referenced by print_deleg_lookup(), and processInitRequest().
int iter_indicates_dnssec | ( | struct module_env * | env, | |
struct delegpt * | dp, | |||
struct dns_msg * | msg, | |||
uint16_t | dclass | |||
) |
See if delegation is expected to have DNSSEC information (RRSIGs) in its answers, or not.
Inspects delegation point (name), trust anchors, and delegation message (DS RRset) to determine this.
env,: | module env with trust anchors. | |
dp,: | delegation point. | |
msg,: | delegation message, with DS if a secure referral. | |
dclass,: | class of query. |
References anchor_find(), module_env::anchors, delegpt::name, delegpt::namelabs, delegpt::namelen, dns_msg::rep, and reply_find_rrset_section_ns().
Referenced by generate_target_query(), prime_root(), prime_stub(), processInitRequest3(), and processQueryResponse().
int iter_msg_has_dnssec | ( | struct dns_msg * | msg | ) |
See if a message contains DNSSEC.
This is examined by looking for RRSIGs. With DNSSEC a valid answer, nxdomain, nodata, referral or cname reply has RRSIGs in answer or auth sections, sigs on answer data, SOA, DS, or NSEC/NSEC3 records.
msg,: | message to examine. |
References reply_info::an_numrrsets, reply_info::ns_numrrsets, dns_msg::rep, and reply_info::rrsets.
Referenced by processQueryResponse().
int iter_msg_from_zone | ( | struct dns_msg * | msg, | |
struct delegpt * | dp, | |||
enum response_type | type, | |||
uint16_t | dclass | |||
) |
See if a message is known to be from a certain zone.
This looks for SOA or NS rrsets, for answers. For referrals, when one label is delegated, the zone is detected. Does not look at signatures.
msg,: | the message to inspect. | |
dp,: | delegation point with zone name to look for. | |
type,: | type of message. | |
dclass,: | class of query. |
References reply_info::an_numrrsets, packed_rrset_key::dname, dname_count_labels(), dname_strict_subdomain(), log_assert, delegpt::name, delegpt::namelabs, delegpt::namelen, reply_info::ns_numrrsets, dns_msg::rep, reply_find_rrset_section_an(), reply_find_rrset_section_ns(), RESPONSE_TYPE_ANSWER, RESPONSE_TYPE_CNAME, RESPONSE_TYPE_REFERRAL, ub_packed_rrset_key::rk, packed_rrset_key::rrset_class, reply_info::rrsets, and packed_rrset_key::type.
Referenced by processQueryResponse().
static int rrset_equal | ( | struct ub_packed_rrset_key * | k1, | |
struct ub_packed_rrset_key * | k2 | |||
) | [static] |
check equality of two rrsets
k1,: | rrset | |
k2,: | rrset |
References packed_rrset_data::count, lruhash_entry::data, packed_rrset_key::dname, packed_rrset_key::dname_len, ub_packed_rrset_key::entry, packed_rrset_key::flags, query_dname_compare(), ub_packed_rrset_key::rk, packed_rrset_data::rr_data, packed_rrset_data::rr_len, packed_rrset_data::rr_ttl, packed_rrset_key::rrset_class, packed_rrset_data::rrsig_count, packed_rrset_data::security, packed_rrset_data::trust, packed_rrset_data::ttl, and packed_rrset_key::type.
Referenced by reply_equal().
int reply_equal | ( | struct reply_info * | p, | |
struct reply_info * | q | |||
) |
Check if two replies are equal For fallback procedures.
p,: | reply one. The reply has rrset data pointers in region. Does not check rrset-IDs | |
q,: | reply two |
References reply_info::an_numrrsets, reply_info::ar_numrrsets, reply_info::flags, reply_info::ns_numrrsets, reply_info::qdcount, reply_info::rrset_count, rrset_equal(), reply_info::rrsets, reply_info::security, and reply_info::ttl.
Referenced by process_response().