xfrin.c revision f30785f506a522ed6a5e394af2bb13b6f883927e
fccc836ebfeb8e278b528b59304f451c369baf37Tinderbox User/*
bf8267aa453e5d2a735ed732a043b77a0b355b20Mark Andrews * Copyright (C) 2004-2008, 2011 Internet Systems Consortium, Inc. ("ISC")
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews * Copyright (C) 1999-2003 Internet Software Consortium.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews *
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews * Permission to use, copy, modify, and/or distribute this software for any
2bef3713093349af52ba61eaab07adf3207da873Mark Andrews * purpose with or without fee is hereby granted, provided that the above
2bef3713093349af52ba61eaab07adf3207da873Mark Andrews * copyright notice and this permission notice appear in all copies.
2bef3713093349af52ba61eaab07adf3207da873Mark Andrews *
2bef3713093349af52ba61eaab07adf3207da873Mark Andrews * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
2bef3713093349af52ba61eaab07adf3207da873Mark Andrews * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
2bef3713093349af52ba61eaab07adf3207da873Mark Andrews * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
2bef3713093349af52ba61eaab07adf3207da873Mark Andrews * PERFORMANCE OF THIS SOFTWARE.
2bef3713093349af52ba61eaab07adf3207da873Mark Andrews */
2bef3713093349af52ba61eaab07adf3207da873Mark Andrews
2bef3713093349af52ba61eaab07adf3207da873Mark Andrews/* $Id: xfrin.c,v 1.172 2011/12/22 07:32:41 each Exp $ */
2bef3713093349af52ba61eaab07adf3207da873Mark Andrews
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews/*! \file */
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews
a27bbd21cf07371fc71e7ade75c3d78a5b98b7f9Mark Andrews#include <config.h>
de7df3e56fe99c33a415674b018aae93eee94750Evan Hunt
de7df3e56fe99c33a415674b018aae93eee94750Evan Hunt#include <isc/mem.h>
de7df3e56fe99c33a415674b018aae93eee94750Evan Hunt#include <isc/print.h>
de7df3e56fe99c33a415674b018aae93eee94750Evan Hunt#include <isc/random.h>
a27bbd21cf07371fc71e7ade75c3d78a5b98b7f9Mark Andrews#include <isc/string.h> /* Required for HP/UX (and others?) */
a27bbd21cf07371fc71e7ade75c3d78a5b98b7f9Mark Andrews#include <isc/task.h>
de7df3e56fe99c33a415674b018aae93eee94750Evan Hunt#include <isc/timer.h>
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews#include <isc/util.h>
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews
ff6de396a93b9b73a37173059a595f3d295b57cbMark Andrews#include <dns/db.h>
ff6de396a93b9b73a37173059a595f3d295b57cbMark Andrews#include <dns/diff.h>
ff6de396a93b9b73a37173059a595f3d295b57cbMark Andrews#include <dns/events.h>
ff6de396a93b9b73a37173059a595f3d295b57cbMark Andrews#include <dns/journal.h>
ff6de396a93b9b73a37173059a595f3d295b57cbMark Andrews#include <dns/log.h>
ff6de396a93b9b73a37173059a595f3d295b57cbMark Andrews#include <dns/message.h>
ff6de396a93b9b73a37173059a595f3d295b57cbMark Andrews#include <dns/rdataclass.h>
ff6de396a93b9b73a37173059a595f3d295b57cbMark Andrews#include <dns/rdatalist.h>
ff6de396a93b9b73a37173059a595f3d295b57cbMark Andrews#include <dns/rdataset.h>
8f25faf9720a0c2730c4ac80ea4c12ca1f25599fMukund Sivaraman#include <dns/result.h>
aa49af836ce7a7a2888f5cedf4cbb14ff4dc1d11Mark Andrews#include <dns/soa.h>
8f1ed05dc0aae7ae6c3da6ec6d405df61257a61eMark Andrews#include <dns/tcpmsg.h>
8f1ed05dc0aae7ae6c3da6ec6d405df61257a61eMark Andrews#include <dns/timer.h>
8f1ed05dc0aae7ae6c3da6ec6d405df61257a61eMark Andrews#include <dns/tsig.h>
8f1ed05dc0aae7ae6c3da6ec6d405df61257a61eMark Andrews#include <dns/view.h>
8f1ed05dc0aae7ae6c3da6ec6d405df61257a61eMark Andrews#include <dns/xfrin.h>
8f1ed05dc0aae7ae6c3da6ec6d405df61257a61eMark Andrews#include <dns/zone.h>
8f1ed05dc0aae7ae6c3da6ec6d405df61257a61eMark Andrews
8f1ed05dc0aae7ae6c3da6ec6d405df61257a61eMark Andrews#include <dst/dst.h>
8f1ed05dc0aae7ae6c3da6ec6d405df61257a61eMark Andrews
8f1ed05dc0aae7ae6c3da6ec6d405df61257a61eMark Andrews/*
8f1ed05dc0aae7ae6c3da6ec6d405df61257a61eMark Andrews * Incoming AXFR and IXFR.
8f1ed05dc0aae7ae6c3da6ec6d405df61257a61eMark Andrews */
8f1ed05dc0aae7ae6c3da6ec6d405df61257a61eMark Andrews
8f1ed05dc0aae7ae6c3da6ec6d405df61257a61eMark Andrews/*%
8f1ed05dc0aae7ae6c3da6ec6d405df61257a61eMark Andrews * It would be non-sensical (or at least obtuse) to use FAIL() with an
8f1ed05dc0aae7ae6c3da6ec6d405df61257a61eMark Andrews * ISC_R_SUCCESS code, but the test is there to keep the Solaris compiler
8f1ed05dc0aae7ae6c3da6ec6d405df61257a61eMark Andrews * from complaining about "end-of-loop code not reached".
8f1ed05dc0aae7ae6c3da6ec6d405df61257a61eMark Andrews */
aa49af836ce7a7a2888f5cedf4cbb14ff4dc1d11Mark Andrews#define FAIL(code) \
2bef3713093349af52ba61eaab07adf3207da873Mark Andrews do { result = (code); \
8f25faf9720a0c2730c4ac80ea4c12ca1f25599fMukund Sivaraman if (result != ISC_R_SUCCESS) goto failure; \
8f25faf9720a0c2730c4ac80ea4c12ca1f25599fMukund Sivaraman } while (0)
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews#define CHECK(op) \
8f25faf9720a0c2730c4ac80ea4c12ca1f25599fMukund Sivaraman do { result = (op); \
8f25faf9720a0c2730c4ac80ea4c12ca1f25599fMukund Sivaraman if (result != ISC_R_SUCCESS) goto failure; \
8f25faf9720a0c2730c4ac80ea4c12ca1f25599fMukund Sivaraman } while (0)
8f25faf9720a0c2730c4ac80ea4c12ca1f25599fMukund Sivaraman
8f25faf9720a0c2730c4ac80ea4c12ca1f25599fMukund Sivaraman/*%
8f25faf9720a0c2730c4ac80ea4c12ca1f25599fMukund Sivaraman * The states of the *XFR state machine. We handle both IXFR and AXFR
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews * with a single integrated state machine because they cannot be distinguished
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews * immediately - an AXFR response to an IXFR request can only be detected
d999ca28d40337907b55eebc28a255b638702379Evan Hunt * when the first two (2) response RRs have already been received.
d1f1f13c7fc1f1515930053508f1645cfafaa478Mark Andrews */
d1f1f13c7fc1f1515930053508f1645cfafaa478Mark Andrewstypedef enum {
d999ca28d40337907b55eebc28a255b638702379Evan Hunt XFRST_SOAQUERY,
d999ca28d40337907b55eebc28a255b638702379Evan Hunt XFRST_GOTSOA,
d999ca28d40337907b55eebc28a255b638702379Evan Hunt XFRST_INITIALSOA,
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews XFRST_FIRSTDATA,
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews XFRST_IXFR_DELSOA,
67adc03ef81fb610f8df093b17f55275ee816754Evan Hunt XFRST_IXFR_DEL,
67adc03ef81fb610f8df093b17f55275ee816754Evan Hunt XFRST_IXFR_ADDSOA,
67adc03ef81fb610f8df093b17f55275ee816754Evan Hunt XFRST_IXFR_ADD,
67adc03ef81fb610f8df093b17f55275ee816754Evan Hunt XFRST_IXFR_END,
67adc03ef81fb610f8df093b17f55275ee816754Evan Hunt XFRST_AXFR,
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews XFRST_AXFR_END
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews} xfrin_state_t;
e45d0508c3460db87afb1f743bc5210522721bb3Evan Hunt
e45d0508c3460db87afb1f743bc5210522721bb3Evan Hunt/*%
e45d0508c3460db87afb1f743bc5210522721bb3Evan Hunt * Incoming zone transfer context.
e45d0508c3460db87afb1f743bc5210522721bb3Evan Hunt */
e45d0508c3460db87afb1f743bc5210522721bb3Evan Hunt
e45d0508c3460db87afb1f743bc5210522721bb3Evan Huntstruct dns_xfrin_ctx {
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews unsigned int magic;
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews isc_mem_t *mctx;
de7df3e56fe99c33a415674b018aae93eee94750Evan Hunt dns_zone_t *zone;
de7df3e56fe99c33a415674b018aae93eee94750Evan Hunt
ac436908582fe08c85c886b200664816b11fded6Mark Andrews int refcount;
de7df3e56fe99c33a415674b018aae93eee94750Evan Hunt
de7df3e56fe99c33a415674b018aae93eee94750Evan Hunt isc_task_t *task;
de7df3e56fe99c33a415674b018aae93eee94750Evan Hunt isc_timer_t *timer;
de7df3e56fe99c33a415674b018aae93eee94750Evan Hunt isc_socketmgr_t *socketmgr;
2bef3713093349af52ba61eaab07adf3207da873Mark Andrews
2bef3713093349af52ba61eaab07adf3207da873Mark Andrews int connects; /*%< Connect in progress */
2bef3713093349af52ba61eaab07adf3207da873Mark Andrews int sends; /*%< Send in progress */
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews int recvs; /*%< Receive in progress */
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews isc_boolean_t shuttingdown;
820fdd61dd35e359a8e616031209d074a7140d97Evan Hunt
820fdd61dd35e359a8e616031209d074a7140d97Evan Hunt dns_name_t name; /*%< Name of zone to transfer */
820fdd61dd35e359a8e616031209d074a7140d97Evan Hunt dns_rdataclass_t rdclass;
820fdd61dd35e359a8e616031209d074a7140d97Evan Hunt
820fdd61dd35e359a8e616031209d074a7140d97Evan Hunt isc_boolean_t checkid;
820fdd61dd35e359a8e616031209d074a7140d97Evan Hunt dns_messageid_t id;
820fdd61dd35e359a8e616031209d074a7140d97Evan Hunt
820fdd61dd35e359a8e616031209d074a7140d97Evan Hunt /*%
820fdd61dd35e359a8e616031209d074a7140d97Evan Hunt * Requested transfer type (dns_rdatatype_axfr or
820fdd61dd35e359a8e616031209d074a7140d97Evan Hunt * dns_rdatatype_ixfr). The actual transfer type
820fdd61dd35e359a8e616031209d074a7140d97Evan Hunt * may differ due to IXFR->AXFR fallback.
820fdd61dd35e359a8e616031209d074a7140d97Evan Hunt */
820fdd61dd35e359a8e616031209d074a7140d97Evan Hunt dns_rdatatype_t reqtype;
820fdd61dd35e359a8e616031209d074a7140d97Evan Hunt
820fdd61dd35e359a8e616031209d074a7140d97Evan Hunt isc_sockaddr_t masteraddr;
820fdd61dd35e359a8e616031209d074a7140d97Evan Hunt isc_sockaddr_t sourceaddr;
820fdd61dd35e359a8e616031209d074a7140d97Evan Hunt isc_socket_t *socket;
076bda8c2e2b2f41775bd7b1694dd2cab287aeebMark Andrews
076bda8c2e2b2f41775bd7b1694dd2cab287aeebMark Andrews /*% Buffer for IXFR/AXFR request message */
076bda8c2e2b2f41775bd7b1694dd2cab287aeebMark Andrews isc_buffer_t qbuffer;
076bda8c2e2b2f41775bd7b1694dd2cab287aeebMark Andrews unsigned char qbuffer_data[512];
076bda8c2e2b2f41775bd7b1694dd2cab287aeebMark Andrews
076bda8c2e2b2f41775bd7b1694dd2cab287aeebMark Andrews /*% Incoming reply TCP message */
076bda8c2e2b2f41775bd7b1694dd2cab287aeebMark Andrews dns_tcpmsg_t tcpmsg;
076bda8c2e2b2f41775bd7b1694dd2cab287aeebMark Andrews isc_boolean_t tcpmsg_valid;
076bda8c2e2b2f41775bd7b1694dd2cab287aeebMark Andrews
820fdd61dd35e359a8e616031209d074a7140d97Evan Hunt dns_db_t *db;
820fdd61dd35e359a8e616031209d074a7140d97Evan Hunt dns_dbversion_t *ver;
820fdd61dd35e359a8e616031209d074a7140d97Evan Hunt dns_diff_t diff; /*%< Pending database changes */
820fdd61dd35e359a8e616031209d074a7140d97Evan Hunt int difflen; /*%< Number of pending tuples */
820fdd61dd35e359a8e616031209d074a7140d97Evan Hunt
820fdd61dd35e359a8e616031209d074a7140d97Evan Hunt xfrin_state_t state;
820fdd61dd35e359a8e616031209d074a7140d97Evan Hunt isc_uint32_t end_serial;
820fdd61dd35e359a8e616031209d074a7140d97Evan Hunt isc_boolean_t is_ixfr;
820fdd61dd35e359a8e616031209d074a7140d97Evan Hunt
820fdd61dd35e359a8e616031209d074a7140d97Evan Hunt unsigned int nmsg; /*%< Number of messages recvd */
820fdd61dd35e359a8e616031209d074a7140d97Evan Hunt unsigned int nrecs; /*%< Number of records recvd */
820fdd61dd35e359a8e616031209d074a7140d97Evan Hunt isc_uint64_t nbytes; /*%< Number of bytes received */
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews isc_time_t start; /*%< Start time of the transfer */
f46168b87966f679a22aaf494c555f0de821aff9Evan Hunt isc_time_t end; /*%< End time of the transfer */
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews dns_tsigkey_t *tsigkey; /*%< Key used to create TSIG */
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews isc_buffer_t *lasttsig; /*%< The last TSIG */
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews dst_context_t *tsigctx; /*%< TSIG verification context */
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews unsigned int sincetsig; /*%< recvd since the last TSIG */
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews dns_xfrindone_t done;
1e34fe9044874422104e84373988d07876f716b6Mark Andrews
1e34fe9044874422104e84373988d07876f716b6Mark Andrews /*%
1e34fe9044874422104e84373988d07876f716b6Mark Andrews * AXFR- and IXFR-specific data. Only one is used at a time
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews * according to the is_ixfr flag, so this could be a union,
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews * but keeping them separate makes it a bit simpler to clean
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews * things up when destroying the context.
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews */
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews struct {
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews dns_addrdatasetfunc_t add_func;
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews dns_dbload_t *add_private;
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews } axfr;
1e34fe9044874422104e84373988d07876f716b6Mark Andrews
1e34fe9044874422104e84373988d07876f716b6Mark Andrews struct {
2b8bed6681d1541474f022586cbe728dfce36880Evan Hunt isc_uint32_t request_serial;
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews isc_uint32_t current_serial;
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews dns_journal_t *journal;
2b8bed6681d1541474f022586cbe728dfce36880Evan Hunt
2b8bed6681d1541474f022586cbe728dfce36880Evan Hunt } ixfr;
f46168b87966f679a22aaf494c555f0de821aff9Evan Hunt};
f46168b87966f679a22aaf494c555f0de821aff9Evan Hunt
f46168b87966f679a22aaf494c555f0de821aff9Evan Hunt#define XFRIN_MAGIC ISC_MAGIC('X', 'f', 'r', 'I')
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews#define VALID_XFRIN(x) ISC_MAGIC_VALID(x, XFRIN_MAGIC)
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews
c14ba7107063650e7f4329e8c54adca57913381bEvan Hunt/**************************************************************************/
c14ba7107063650e7f4329e8c54adca57913381bEvan Hunt/*
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews * Forward declarations.
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews */
c14ba7107063650e7f4329e8c54adca57913381bEvan Hunt
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrewsstatic isc_result_t
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrewsxfrin_create(isc_mem_t *mctx,
c14ba7107063650e7f4329e8c54adca57913381bEvan Hunt dns_zone_t *zone,
c14ba7107063650e7f4329e8c54adca57913381bEvan Hunt dns_db_t *db,
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews isc_task_t *task,
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews isc_timermgr_t *timermgr,
c14ba7107063650e7f4329e8c54adca57913381bEvan Hunt isc_socketmgr_t *socketmgr,
c14ba7107063650e7f4329e8c54adca57913381bEvan Hunt dns_name_t *zonename,
35f6a21f5f8114542c050bfcb484b39ce513d4bdEvan Hunt dns_rdataclass_t rdclass,
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews dns_rdatatype_t reqtype,
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews isc_sockaddr_t *masteraddr,
35f6a21f5f8114542c050bfcb484b39ce513d4bdEvan Hunt isc_sockaddr_t *sourceaddr,
35f6a21f5f8114542c050bfcb484b39ce513d4bdEvan Hunt dns_tsigkey_t *tsigkey,
35f6a21f5f8114542c050bfcb484b39ce513d4bdEvan Hunt dns_xfrin_ctx_t **xfrp);
35f6a21f5f8114542c050bfcb484b39ce513d4bdEvan Hunt
35f6a21f5f8114542c050bfcb484b39ce513d4bdEvan Huntstatic isc_result_t axfr_init(dns_xfrin_ctx_t *xfr);
35f6a21f5f8114542c050bfcb484b39ce513d4bdEvan Huntstatic isc_result_t axfr_makedb(dns_xfrin_ctx_t *xfr, dns_db_t **dbp);
35f6a21f5f8114542c050bfcb484b39ce513d4bdEvan Huntstatic isc_result_t axfr_putdata(dns_xfrin_ctx_t *xfr, dns_diffop_t op,
35f6a21f5f8114542c050bfcb484b39ce513d4bdEvan Hunt dns_name_t *name, dns_ttl_t ttl,
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews dns_rdata_t *rdata);
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrewsstatic isc_result_t axfr_apply(dns_xfrin_ctx_t *xfr);
35f6a21f5f8114542c050bfcb484b39ce513d4bdEvan Huntstatic isc_result_t axfr_commit(dns_xfrin_ctx_t *xfr);
35f6a21f5f8114542c050bfcb484b39ce513d4bdEvan Huntstatic isc_result_t axfr_finalize(dns_xfrin_ctx_t *xfr);
35f6a21f5f8114542c050bfcb484b39ce513d4bdEvan Hunt
c14ba7107063650e7f4329e8c54adca57913381bEvan Huntstatic isc_result_t ixfr_init(dns_xfrin_ctx_t *xfr);
c14ba7107063650e7f4329e8c54adca57913381bEvan Huntstatic isc_result_t ixfr_apply(dns_xfrin_ctx_t *xfr);
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrewsstatic isc_result_t ixfr_putdata(dns_xfrin_ctx_t *xfr, dns_diffop_t op,
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews dns_name_t *name, dns_ttl_t ttl,
baad8d9fd8dd054ce1edf350ff0c0f2038a1519eEvan Hunt dns_rdata_t *rdata);
baad8d9fd8dd054ce1edf350ff0c0f2038a1519eEvan Huntstatic isc_result_t ixfr_commit(dns_xfrin_ctx_t *xfr);
baad8d9fd8dd054ce1edf350ff0c0f2038a1519eEvan Hunt
baad8d9fd8dd054ce1edf350ff0c0f2038a1519eEvan Huntstatic isc_result_t xfr_rr(dns_xfrin_ctx_t *xfr, dns_name_t *name,
baad8d9fd8dd054ce1edf350ff0c0f2038a1519eEvan Hunt isc_uint32_t ttl, dns_rdata_t *rdata);
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrewsstatic isc_result_t xfrin_start(dns_xfrin_ctx_t *xfr);
baad8d9fd8dd054ce1edf350ff0c0f2038a1519eEvan Hunt
baad8d9fd8dd054ce1edf350ff0c0f2038a1519eEvan Huntstatic void xfrin_connect_done(isc_task_t *task, isc_event_t *event);
baad8d9fd8dd054ce1edf350ff0c0f2038a1519eEvan Huntstatic isc_result_t xfrin_send_request(dns_xfrin_ctx_t *xfr);
baad8d9fd8dd054ce1edf350ff0c0f2038a1519eEvan Huntstatic void xfrin_send_done(isc_task_t *task, isc_event_t *event);
baad8d9fd8dd054ce1edf350ff0c0f2038a1519eEvan Huntstatic void xfrin_sendlen_done(isc_task_t *task, isc_event_t *event);
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrewsstatic void xfrin_recv_done(isc_task_t *task, isc_event_t *event);
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrewsstatic void xfrin_timeout(isc_task_t *task, isc_event_t *event);
0c29904b27c9ab3b85ecbde159b22ae1323bdbcdMukund Sivaraman
0c29904b27c9ab3b85ecbde159b22ae1323bdbcdMukund Sivaramanstatic void maybe_free(dns_xfrin_ctx_t *xfr);
0c29904b27c9ab3b85ecbde159b22ae1323bdbcdMukund Sivaraman
0c29904b27c9ab3b85ecbde159b22ae1323bdbcdMukund Sivaramanstatic void
0c29904b27c9ab3b85ecbde159b22ae1323bdbcdMukund Sivaramanxfrin_fail(dns_xfrin_ctx_t *xfr, isc_result_t result, const char *msg);
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrewsstatic isc_result_t
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrewsrender(dns_message_t *msg, isc_mem_t *mctx, isc_buffer_t *buf);
0c29904b27c9ab3b85ecbde159b22ae1323bdbcdMukund Sivaraman
0c29904b27c9ab3b85ecbde159b22ae1323bdbcdMukund Sivaramanstatic void
0c29904b27c9ab3b85ecbde159b22ae1323bdbcdMukund Sivaramanxfrin_logv(int level, const char *zonetext, isc_sockaddr_t *masteraddr,
0c29904b27c9ab3b85ecbde159b22ae1323bdbcdMukund Sivaraman const char *fmt, va_list ap)
0c29904b27c9ab3b85ecbde159b22ae1323bdbcdMukund Sivaraman ISC_FORMAT_PRINTF(4, 0);
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrewsstatic void
0c29904b27c9ab3b85ecbde159b22ae1323bdbcdMukund Sivaramanxfrin_log1(int level, const char *zonetext, isc_sockaddr_t *masteraddr,
0c29904b27c9ab3b85ecbde159b22ae1323bdbcdMukund Sivaraman const char *fmt, ...)
0c29904b27c9ab3b85ecbde159b22ae1323bdbcdMukund Sivaraman ISC_FORMAT_PRINTF(4, 5);
0c29904b27c9ab3b85ecbde159b22ae1323bdbcdMukund Sivaraman
0c29904b27c9ab3b85ecbde159b22ae1323bdbcdMukund Sivaramanstatic void
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrewsxfrin_log(dns_xfrin_ctx_t *xfr, int level, const char *fmt, ...)
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews ISC_FORMAT_PRINTF(3, 4);
0c29904b27c9ab3b85ecbde159b22ae1323bdbcdMukund Sivaraman
0c29904b27c9ab3b85ecbde159b22ae1323bdbcdMukund Sivaraman/**************************************************************************/
0c29904b27c9ab3b85ecbde159b22ae1323bdbcdMukund Sivaraman/*
0c29904b27c9ab3b85ecbde159b22ae1323bdbcdMukund Sivaraman * AXFR handling
0c29904b27c9ab3b85ecbde159b22ae1323bdbcdMukund Sivaraman */
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrewsstatic isc_result_t
0c2313eb367de3b58801d643d52c0fd9bc0e5df7Evan Huntaxfr_init(dns_xfrin_ctx_t *xfr) {
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews isc_result_t result;
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews xfr->is_ixfr = ISC_FALSE;
0c2313eb367de3b58801d643d52c0fd9bc0e5df7Evan Hunt
0c2313eb367de3b58801d643d52c0fd9bc0e5df7Evan Hunt if (xfr->db != NULL)
0c2313eb367de3b58801d643d52c0fd9bc0e5df7Evan Hunt dns_db_detach(&xfr->db);
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews CHECK(axfr_makedb(xfr, &xfr->db));
0c2313eb367de3b58801d643d52c0fd9bc0e5df7Evan Hunt CHECK(dns_db_beginload(xfr->db, &xfr->axfr.add_func,
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews &xfr->axfr.add_private));
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews result = ISC_R_SUCCESS;
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews failure:
0c2313eb367de3b58801d643d52c0fd9bc0e5df7Evan Hunt return (result);
0c2313eb367de3b58801d643d52c0fd9bc0e5df7Evan Hunt}
0c2313eb367de3b58801d643d52c0fd9bc0e5df7Evan Hunt
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrewsstatic isc_result_t
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrewsaxfr_makedb(dns_xfrin_ctx_t *xfr, dns_db_t **dbp) {
0c2313eb367de3b58801d643d52c0fd9bc0e5df7Evan Hunt return (dns_db_create(xfr->mctx, /* XXX */
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews "rbt", /* XXX guess */
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews &xfr->name,
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews dns_dbtype_zone,
0c2313eb367de3b58801d643d52c0fd9bc0e5df7Evan Hunt xfr->rdclass,
0c2313eb367de3b58801d643d52c0fd9bc0e5df7Evan Hunt 0, NULL, /* XXX guess */
0c2313eb367de3b58801d643d52c0fd9bc0e5df7Evan Hunt dbp));
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews}
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews
0c2313eb367de3b58801d643d52c0fd9bc0e5df7Evan Huntstatic isc_result_t
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrewsaxfr_putdata(dns_xfrin_ctx_t *xfr, dns_diffop_t op,
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews dns_name_t *name, dns_ttl_t ttl, dns_rdata_t *rdata)
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews{
0c2313eb367de3b58801d643d52c0fd9bc0e5df7Evan Hunt isc_result_t result;
0c2313eb367de3b58801d643d52c0fd9bc0e5df7Evan Hunt
0c2313eb367de3b58801d643d52c0fd9bc0e5df7Evan Hunt dns_difftuple_t *tuple = NULL;
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews CHECK(dns_zone_checknames(xfr->zone, name, rdata));
0c2313eb367de3b58801d643d52c0fd9bc0e5df7Evan Hunt CHECK(dns_difftuple_create(xfr->diff.mctx, op,
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews name, ttl, rdata, &tuple));
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews dns_diff_append(&xfr->diff, &tuple);
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews if (++xfr->difflen > 100)
0c2313eb367de3b58801d643d52c0fd9bc0e5df7Evan Hunt CHECK(axfr_apply(xfr));
0c2313eb367de3b58801d643d52c0fd9bc0e5df7Evan Hunt result = ISC_R_SUCCESS;
0c2313eb367de3b58801d643d52c0fd9bc0e5df7Evan Hunt failure:
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews return (result);
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews}
0c2313eb367de3b58801d643d52c0fd9bc0e5df7Evan Hunt
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews/*
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews * Store a set of AXFR RRs in the database.
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews */
0c2313eb367de3b58801d643d52c0fd9bc0e5df7Evan Huntstatic isc_result_t
0c2313eb367de3b58801d643d52c0fd9bc0e5df7Evan Huntaxfr_apply(dns_xfrin_ctx_t *xfr) {
0c2313eb367de3b58801d643d52c0fd9bc0e5df7Evan Hunt isc_result_t result;
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews CHECK(dns_diff_load(&xfr->diff,
fbd9aaa58c32abaeab1bd3ca6943b18ce19ea023Mark Andrews xfr->axfr.add_func, xfr->axfr.add_private));
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews xfr->difflen = 0;
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews dns_diff_clear(&xfr->diff);
fbd9aaa58c32abaeab1bd3ca6943b18ce19ea023Mark Andrews result = ISC_R_SUCCESS;
fbd9aaa58c32abaeab1bd3ca6943b18ce19ea023Mark Andrews failure:
fbd9aaa58c32abaeab1bd3ca6943b18ce19ea023Mark Andrews return (result);
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews}
43e2c588ba773f471a7a2459b10a67a800c576c6Mark Andrews
075a3d60c23140f05db10d70126ff271ef6469c9Mark Andrewsstatic isc_result_t
075a3d60c23140f05db10d70126ff271ef6469c9Mark Andrewsaxfr_commit(dns_xfrin_ctx_t *xfr) {
075a3d60c23140f05db10d70126ff271ef6469c9Mark Andrews isc_result_t result;
075a3d60c23140f05db10d70126ff271ef6469c9Mark Andrews
075a3d60c23140f05db10d70126ff271ef6469c9Mark Andrews CHECK(axfr_apply(xfr));
075a3d60c23140f05db10d70126ff271ef6469c9Mark Andrews CHECK(dns_db_endload(xfr->db, &xfr->axfr.add_private));
9052766cc5ae39b9341253f863360ae679133a35Mark Andrews
9052766cc5ae39b9341253f863360ae679133a35Mark Andrews result = ISC_R_SUCCESS;
e6d0a391f5f9b18f5bd497aefff269e474ee560cWitold Krecicki failure:
e6d0a391f5f9b18f5bd497aefff269e474ee560cWitold Krecicki return (result);
e6d0a391f5f9b18f5bd497aefff269e474ee560cWitold Krecicki}
e6d0a391f5f9b18f5bd497aefff269e474ee560cWitold Krecicki
e6d0a391f5f9b18f5bd497aefff269e474ee560cWitold Krecickistatic isc_result_t
e6d0a391f5f9b18f5bd497aefff269e474ee560cWitold Krecickiaxfr_finalize(dns_xfrin_ctx_t *xfr) {
7382f5160274938d143d82bda1941b32822dac53Mark Andrews isc_result_t result;
7382f5160274938d143d82bda1941b32822dac53Mark Andrews
7382f5160274938d143d82bda1941b32822dac53Mark Andrews CHECK(dns_zone_replacedb(xfr->zone, xfr->db, ISC_TRUE));
7382f5160274938d143d82bda1941b32822dac53Mark Andrews
7382f5160274938d143d82bda1941b32822dac53Mark Andrews result = ISC_R_SUCCESS;
7382f5160274938d143d82bda1941b32822dac53Mark Andrews failure:
7382f5160274938d143d82bda1941b32822dac53Mark Andrews return (result);
7382f5160274938d143d82bda1941b32822dac53Mark Andrews}
7382f5160274938d143d82bda1941b32822dac53Mark Andrews
7382f5160274938d143d82bda1941b32822dac53Mark Andrews/**************************************************************************/
7382f5160274938d143d82bda1941b32822dac53Mark Andrews/*
7382f5160274938d143d82bda1941b32822dac53Mark Andrews * IXFR handling
7382f5160274938d143d82bda1941b32822dac53Mark Andrews */
7382f5160274938d143d82bda1941b32822dac53Mark Andrews
7382f5160274938d143d82bda1941b32822dac53Mark Andrewsstatic isc_result_t
7382f5160274938d143d82bda1941b32822dac53Mark Andrewsixfr_init(dns_xfrin_ctx_t *xfr) {
7382f5160274938d143d82bda1941b32822dac53Mark Andrews isc_result_t result;
7382f5160274938d143d82bda1941b32822dac53Mark Andrews char *journalfile;
7382f5160274938d143d82bda1941b32822dac53Mark Andrews
7382f5160274938d143d82bda1941b32822dac53Mark Andrews if (xfr->reqtype != dns_rdatatype_ixfr) {
7382f5160274938d143d82bda1941b32822dac53Mark Andrews xfrin_log(xfr, ISC_LOG_ERROR,
7382f5160274938d143d82bda1941b32822dac53Mark Andrews "got incremental response to AXFR request");
7382f5160274938d143d82bda1941b32822dac53Mark Andrews return (DNS_R_FORMERR);
7382f5160274938d143d82bda1941b32822dac53Mark Andrews }
30ca20f720ad0887772a79e7abb25b4fa0e4b5b0Mark Andrews
30ca20f720ad0887772a79e7abb25b4fa0e4b5b0Mark Andrews xfr->is_ixfr = ISC_TRUE;
30ca20f720ad0887772a79e7abb25b4fa0e4b5b0Mark Andrews INSIST(xfr->db != NULL);
30ca20f720ad0887772a79e7abb25b4fa0e4b5b0Mark Andrews xfr->difflen = 0;
30ca20f720ad0887772a79e7abb25b4fa0e4b5b0Mark Andrews
c8b2cbe1e004a8c0d8fdfa1bc70c3eb952b79d21Mark Andrews journalfile = dns_zone_getjournal(xfr->zone);
30ca20f720ad0887772a79e7abb25b4fa0e4b5b0Mark Andrews if (journalfile != NULL)
30ca20f720ad0887772a79e7abb25b4fa0e4b5b0Mark Andrews CHECK(dns_journal_open(xfr->mctx, journalfile,
30ca20f720ad0887772a79e7abb25b4fa0e4b5b0Mark Andrews DNS_JOURNAL_CREATE, &xfr->ixfr.journal));
30ca20f720ad0887772a79e7abb25b4fa0e4b5b0Mark Andrews
30ca20f720ad0887772a79e7abb25b4fa0e4b5b0Mark Andrews result = ISC_R_SUCCESS;
30ca20f720ad0887772a79e7abb25b4fa0e4b5b0Mark Andrews failure:
30ca20f720ad0887772a79e7abb25b4fa0e4b5b0Mark Andrews return (result);
30ca20f720ad0887772a79e7abb25b4fa0e4b5b0Mark Andrews}
30ca20f720ad0887772a79e7abb25b4fa0e4b5b0Mark Andrews
30ca20f720ad0887772a79e7abb25b4fa0e4b5b0Mark Andrewsstatic isc_result_t
30ca20f720ad0887772a79e7abb25b4fa0e4b5b0Mark Andrewsixfr_putdata(dns_xfrin_ctx_t *xfr, dns_diffop_t op,
30ca20f720ad0887772a79e7abb25b4fa0e4b5b0Mark Andrews dns_name_t *name, dns_ttl_t ttl, dns_rdata_t *rdata)
30ca20f720ad0887772a79e7abb25b4fa0e4b5b0Mark Andrews{
30ca20f720ad0887772a79e7abb25b4fa0e4b5b0Mark Andrews isc_result_t result;
30ca20f720ad0887772a79e7abb25b4fa0e4b5b0Mark Andrews
30ca20f720ad0887772a79e7abb25b4fa0e4b5b0Mark Andrews dns_difftuple_t *tuple = NULL;
30ca20f720ad0887772a79e7abb25b4fa0e4b5b0Mark Andrews if (op == DNS_DIFFOP_ADD)
30ca20f720ad0887772a79e7abb25b4fa0e4b5b0Mark Andrews CHECK(dns_zone_checknames(xfr->zone, name, rdata));
30ca20f720ad0887772a79e7abb25b4fa0e4b5b0Mark Andrews CHECK(dns_difftuple_create(xfr->diff.mctx, op,
b071744673b81b67bc8941149629733c4bf2b022Mark Andrews name, ttl, rdata, &tuple));
30ca20f720ad0887772a79e7abb25b4fa0e4b5b0Mark Andrews dns_diff_append(&xfr->diff, &tuple);
c8b2cbe1e004a8c0d8fdfa1bc70c3eb952b79d21Mark Andrews if (++xfr->difflen > 100)
30ca20f720ad0887772a79e7abb25b4fa0e4b5b0Mark Andrews CHECK(ixfr_apply(xfr));
30ca20f720ad0887772a79e7abb25b4fa0e4b5b0Mark Andrews result = ISC_R_SUCCESS;
30ca20f720ad0887772a79e7abb25b4fa0e4b5b0Mark Andrews failure:
2bef3713093349af52ba61eaab07adf3207da873Mark Andrews return (result);
3635d8f9104e70e141a8f191a0e6c1502ceed2f3Mark Andrews}
/*
* Apply a set of IXFR changes to the database.
*/
static isc_result_t
ixfr_apply(dns_xfrin_ctx_t *xfr) {
isc_result_t result;
if (xfr->ver == NULL) {
CHECK(dns_db_newversion(xfr->db, &xfr->ver));
if (xfr->ixfr.journal != NULL)
CHECK(dns_journal_begin_transaction(xfr->ixfr.journal));
}
CHECK(dns_diff_apply(&xfr->diff, xfr->db, xfr->ver));
if (xfr->ixfr.journal != NULL) {
result = dns_journal_writediff(xfr->ixfr.journal, &xfr->diff);
if (result != ISC_R_SUCCESS)
goto failure;
}
dns_diff_clear(&xfr->diff);
xfr->difflen = 0;
result = ISC_R_SUCCESS;
failure:
return (result);
}
static isc_result_t
ixfr_commit(dns_xfrin_ctx_t *xfr) {
isc_result_t result;
CHECK(ixfr_apply(xfr));
if (xfr->ver != NULL) {
/* XXX enter ready-to-commit state here */
if (xfr->ixfr.journal != NULL)
CHECK(dns_journal_commit(xfr->ixfr.journal));
dns_db_closeversion(xfr->db, &xfr->ver, ISC_TRUE);
dns_zone_markdirty(xfr->zone);
}
result = ISC_R_SUCCESS;
failure:
return (result);
}
/**************************************************************************/
/*
* Common AXFR/IXFR protocol code
*/
/*
* Handle a single incoming resource record according to the current
* state.
*/
static isc_result_t
xfr_rr(dns_xfrin_ctx_t *xfr, dns_name_t *name, isc_uint32_t ttl,
dns_rdata_t *rdata)
{
isc_result_t result;
xfr->nrecs++;
if (rdata->type == dns_rdatatype_none ||
dns_rdatatype_ismeta(rdata->type))
FAIL(DNS_R_FORMERR);
redo:
switch (xfr->state) {
case XFRST_SOAQUERY:
if (rdata->type != dns_rdatatype_soa) {
xfrin_log(xfr, ISC_LOG_ERROR,
"non-SOA response to SOA query");
FAIL(DNS_R_FORMERR);
}
xfr->end_serial = dns_soa_getserial(rdata);
if (!DNS_SERIAL_GT(xfr->end_serial, xfr->ixfr.request_serial) &&
!dns_zone_isforced(xfr->zone)) {
xfrin_log(xfr, ISC_LOG_DEBUG(3),
"requested serial %u, "
"master has %u, not updating",
xfr->ixfr.request_serial, xfr->end_serial);
FAIL(DNS_R_UPTODATE);
}
xfr->state = XFRST_GOTSOA;
break;
case XFRST_GOTSOA:
/*
* Skip other records in the answer section.
*/
break;
case XFRST_INITIALSOA:
if (rdata->type != dns_rdatatype_soa) {
xfrin_log(xfr, ISC_LOG_ERROR,
"first RR in zone transfer must be SOA");
FAIL(DNS_R_FORMERR);
}
/*
* Remember the serial number in the initial SOA.
* We need it to recognize the end of an IXFR.
*/
xfr->end_serial = dns_soa_getserial(rdata);
if (xfr->reqtype == dns_rdatatype_ixfr &&
! DNS_SERIAL_GT(xfr->end_serial, xfr->ixfr.request_serial)
&& !dns_zone_isforced(xfr->zone))
{
/*
* This must be the single SOA record that is
* sent when the current version on the master
* is not newer than the version in the request.
*/
xfrin_log(xfr, ISC_LOG_DEBUG(3),
"requested serial %u, "
"master has %u, not updating",
xfr->ixfr.request_serial, xfr->end_serial);
FAIL(DNS_R_UPTODATE);
}
if (xfr->reqtype == dns_rdatatype_axfr)
xfr->checkid = ISC_FALSE;
xfr->state = XFRST_FIRSTDATA;
break;
case XFRST_FIRSTDATA:
/*
* If the transfer begins with one SOA record, it is an AXFR,
* if it begins with two SOAs, it is an IXFR.
*/
if (xfr->reqtype == dns_rdatatype_ixfr &&
rdata->type == dns_rdatatype_soa &&
xfr->ixfr.request_serial == dns_soa_getserial(rdata)) {
xfrin_log(xfr, ISC_LOG_DEBUG(3),
"got incremental response");
CHECK(ixfr_init(xfr));
xfr->state = XFRST_IXFR_DELSOA;
} else {
xfrin_log(xfr, ISC_LOG_DEBUG(3),
"got nonincremental response");
CHECK(axfr_init(xfr));
xfr->state = XFRST_AXFR;
}
goto redo;
case XFRST_IXFR_DELSOA:
INSIST(rdata->type == dns_rdatatype_soa);
CHECK(ixfr_putdata(xfr, DNS_DIFFOP_DEL, name, ttl, rdata));
xfr->state = XFRST_IXFR_DEL;
break;
case XFRST_IXFR_DEL:
if (rdata->type == dns_rdatatype_soa) {
isc_uint32_t soa_serial = dns_soa_getserial(rdata);
xfr->state = XFRST_IXFR_ADDSOA;
xfr->ixfr.current_serial = soa_serial;
goto redo;
}
CHECK(ixfr_putdata(xfr, DNS_DIFFOP_DEL, name, ttl, rdata));
break;
case XFRST_IXFR_ADDSOA:
INSIST(rdata->type == dns_rdatatype_soa);
CHECK(ixfr_putdata(xfr, DNS_DIFFOP_ADD, name, ttl, rdata));
xfr->state = XFRST_IXFR_ADD;
break;
case XFRST_IXFR_ADD:
if (rdata->type == dns_rdatatype_soa) {
isc_uint32_t soa_serial = dns_soa_getserial(rdata);
if (soa_serial == xfr->end_serial) {
CHECK(ixfr_commit(xfr));
xfr->state = XFRST_IXFR_END;
break;
} else if (soa_serial != xfr->ixfr.current_serial) {
xfrin_log(xfr, ISC_LOG_ERROR,
"IXFR out of sync: "
"expected serial %u, got %u",
xfr->ixfr.current_serial, soa_serial);
FAIL(DNS_R_FORMERR);
} else {
CHECK(ixfr_commit(xfr));
xfr->state = XFRST_IXFR_DELSOA;
goto redo;
}
}
if (rdata->type == dns_rdatatype_ns &&
dns_name_iswildcard(name))
FAIL(DNS_R_INVALIDNS);
CHECK(ixfr_putdata(xfr, DNS_DIFFOP_ADD, name, ttl, rdata));
break;
case XFRST_AXFR:
/*
* Old BINDs sent cross class A records for non IN classes.
*/
if (rdata->type == dns_rdatatype_a &&
rdata->rdclass != xfr->rdclass &&
xfr->rdclass != dns_rdataclass_in)
break;
CHECK(axfr_putdata(xfr, DNS_DIFFOP_ADD, name, ttl, rdata));
if (rdata->type == dns_rdatatype_soa) {
CHECK(axfr_commit(xfr));
xfr->state = XFRST_AXFR_END;
break;
}
break;
case XFRST_AXFR_END:
case XFRST_IXFR_END:
FAIL(DNS_R_EXTRADATA);
default:
INSIST(0);
break;
}
result = ISC_R_SUCCESS;
failure:
return (result);
}
isc_result_t
dns_xfrin_create(dns_zone_t *zone, dns_rdatatype_t xfrtype,
isc_sockaddr_t *masteraddr, dns_tsigkey_t *tsigkey,
isc_mem_t *mctx, isc_timermgr_t *timermgr,
isc_socketmgr_t *socketmgr, isc_task_t *task,
dns_xfrindone_t done, dns_xfrin_ctx_t **xfrp)
{
isc_sockaddr_t sourceaddr;
switch (isc_sockaddr_pf(masteraddr)) {
case PF_INET:
sourceaddr = *dns_zone_getxfrsource4(zone);
break;
case PF_INET6:
sourceaddr = *dns_zone_getxfrsource6(zone);
break;
default:
INSIST(0);
}
return(dns_xfrin_create2(zone, xfrtype, masteraddr, &sourceaddr,
tsigkey, mctx, timermgr, socketmgr,
task, done, xfrp));
}
isc_result_t
dns_xfrin_create2(dns_zone_t *zone, dns_rdatatype_t xfrtype,
isc_sockaddr_t *masteraddr, isc_sockaddr_t *sourceaddr,
dns_tsigkey_t *tsigkey, isc_mem_t *mctx,
isc_timermgr_t *timermgr, isc_socketmgr_t *socketmgr,
isc_task_t *task, dns_xfrindone_t done,
dns_xfrin_ctx_t **xfrp)
{
dns_name_t *zonename = dns_zone_getorigin(zone);
dns_xfrin_ctx_t *xfr = NULL;
isc_result_t result;
dns_db_t *db = NULL;
REQUIRE(xfrp != NULL && *xfrp == NULL);
(void)dns_zone_getdb(zone, &db);
if (xfrtype == dns_rdatatype_soa || xfrtype == dns_rdatatype_ixfr)
REQUIRE(db != NULL);
CHECK(xfrin_create(mctx, zone, db, task, timermgr, socketmgr, zonename,
dns_zone_getclass(zone), xfrtype, masteraddr,
sourceaddr, tsigkey, &xfr));
CHECK(xfrin_start(xfr));
xfr->done = done;
xfr->refcount++;
*xfrp = xfr;
failure:
if (db != NULL)
dns_db_detach(&db);
if (result != ISC_R_SUCCESS) {
char zonetext[DNS_NAME_MAXTEXT+32];
dns_zone_name(zone, zonetext, sizeof(zonetext));
xfrin_log1(ISC_LOG_ERROR, zonetext, masteraddr,
"zone transfer setup failed");
}
return (result);
}
void
dns_xfrin_shutdown(dns_xfrin_ctx_t *xfr) {
if (! xfr->shuttingdown)
xfrin_fail(xfr, ISC_R_CANCELED, "shut down");
}
void
dns_xfrin_attach(dns_xfrin_ctx_t *source, dns_xfrin_ctx_t **target) {
REQUIRE(target != NULL && *target == NULL);
source->refcount++;
*target = source;
}
void
dns_xfrin_detach(dns_xfrin_ctx_t **xfrp) {
dns_xfrin_ctx_t *xfr = *xfrp;
INSIST(xfr->refcount > 0);
xfr->refcount--;
maybe_free(xfr);
*xfrp = NULL;
}
static void
xfrin_cancelio(dns_xfrin_ctx_t *xfr) {
if (xfr->connects > 0) {
isc_socket_cancel(xfr->socket, xfr->task,
ISC_SOCKCANCEL_CONNECT);
} else if (xfr->recvs > 0) {
dns_tcpmsg_cancelread(&xfr->tcpmsg);
} else if (xfr->sends > 0) {
isc_socket_cancel(xfr->socket, xfr->task,
ISC_SOCKCANCEL_SEND);
}
}
static void
xfrin_reset(dns_xfrin_ctx_t *xfr) {
REQUIRE(VALID_XFRIN(xfr));
xfrin_log(xfr, ISC_LOG_INFO, "resetting");
xfrin_cancelio(xfr);
if (xfr->socket != NULL)
isc_socket_detach(&xfr->socket);
if (xfr->lasttsig != NULL)
isc_buffer_free(&xfr->lasttsig);
dns_diff_clear(&xfr->diff);
xfr->difflen = 0;
if (xfr->ixfr.journal != NULL)
dns_journal_destroy(&xfr->ixfr.journal);
if (xfr->axfr.add_private != NULL) {
(void)dns_db_endload(xfr->db, &xfr->axfr.add_private);
xfr->axfr.add_func = NULL;
}
if (xfr->tcpmsg_valid) {
dns_tcpmsg_invalidate(&xfr->tcpmsg);
xfr->tcpmsg_valid = ISC_FALSE;
}
if (xfr->ver != NULL)
dns_db_closeversion(xfr->db, &xfr->ver, ISC_FALSE);
}
static void
xfrin_fail(dns_xfrin_ctx_t *xfr, isc_result_t result, const char *msg) {
if (result != DNS_R_UPTODATE) {
xfrin_log(xfr, ISC_LOG_ERROR, "%s: %s",
msg, isc_result_totext(result));
if (xfr->is_ixfr)
/* Pass special result code to force AXFR retry */
result = DNS_R_BADIXFR;
}
xfrin_cancelio(xfr);
/*
* Close the journal.
*/
if (xfr->ixfr.journal != NULL)
dns_journal_destroy(&xfr->ixfr.journal);
if (xfr->done != NULL) {
(xfr->done)(xfr->zone, result);
xfr->done = NULL;
}
xfr->shuttingdown = ISC_TRUE;
maybe_free(xfr);
}
static isc_result_t
xfrin_create(isc_mem_t *mctx,
dns_zone_t *zone,
dns_db_t *db,
isc_task_t *task,
isc_timermgr_t *timermgr,
isc_socketmgr_t *socketmgr,
dns_name_t *zonename,
dns_rdataclass_t rdclass,
dns_rdatatype_t reqtype,
isc_sockaddr_t *masteraddr,
isc_sockaddr_t *sourceaddr,
dns_tsigkey_t *tsigkey,
dns_xfrin_ctx_t **xfrp)
{
dns_xfrin_ctx_t *xfr = NULL;
isc_result_t result;
isc_uint32_t tmp;
xfr = isc_mem_get(mctx, sizeof(*xfr));
if (xfr == NULL)
return (ISC_R_NOMEMORY);
xfr->mctx = mctx;
xfr->refcount = 0;
xfr->zone = NULL;
dns_zone_iattach(zone, &xfr->zone);
xfr->task = NULL;
isc_task_attach(task, &xfr->task);
xfr->timer = NULL;
xfr->socketmgr = socketmgr;
xfr->done = NULL;
xfr->connects = 0;
xfr->sends = 0;
xfr->recvs = 0;
xfr->shuttingdown = ISC_FALSE;
dns_name_init(&xfr->name, NULL);
xfr->rdclass = rdclass;
isc_random_get(&tmp);
xfr->checkid = ISC_TRUE;
xfr->id = (isc_uint16_t)(tmp & 0xffff);
xfr->reqtype = reqtype;
/* sockaddr */
xfr->socket = NULL;
/* qbuffer */
/* qbuffer_data */
/* tcpmsg */
xfr->tcpmsg_valid = ISC_FALSE;
xfr->db = NULL;
if (db != NULL)
dns_db_attach(db, &xfr->db);
xfr->ver = NULL;
dns_diff_init(xfr->mctx, &xfr->diff);
xfr->difflen = 0;
if (reqtype == dns_rdatatype_soa)
xfr->state = XFRST_SOAQUERY;
else
xfr->state = XFRST_INITIALSOA;
/* end_serial */
xfr->nmsg = 0;
xfr->nrecs = 0;
xfr->nbytes = 0;
isc_time_now(&xfr->start);
xfr->tsigkey = NULL;
if (tsigkey != NULL)
dns_tsigkey_attach(tsigkey, &xfr->tsigkey);
xfr->lasttsig = NULL;
xfr->tsigctx = NULL;
xfr->sincetsig = 0;
xfr->is_ixfr = ISC_FALSE;
/* ixfr.request_serial */
/* ixfr.current_serial */
xfr->ixfr.journal = NULL;
xfr->axfr.add_func = NULL;
xfr->axfr.add_private = NULL;
CHECK(dns_name_dup(zonename, mctx, &xfr->name));
CHECK(isc_timer_create(timermgr, isc_timertype_inactive, NULL, NULL,
task, xfrin_timeout, xfr, &xfr->timer));
CHECK(dns_timer_setidle(xfr->timer,
dns_zone_getmaxxfrin(xfr->zone),
dns_zone_getidlein(xfr->zone),
ISC_FALSE));
xfr->masteraddr = *masteraddr;
INSIST(isc_sockaddr_pf(masteraddr) == isc_sockaddr_pf(sourceaddr));
xfr->sourceaddr = *sourceaddr;
isc_sockaddr_setport(&xfr->sourceaddr, 0);
isc_buffer_init(&xfr->qbuffer, xfr->qbuffer_data,
sizeof(xfr->qbuffer_data));
xfr->magic = XFRIN_MAGIC;
*xfrp = xfr;
return (ISC_R_SUCCESS);
failure:
if (xfr->timer != NULL)
isc_timer_detach(&xfr->timer);
if (dns_name_dynamic(&xfr->name))
dns_name_free(&xfr->name, xfr->mctx);
if (xfr->tsigkey != NULL)
dns_tsigkey_detach(&xfr->tsigkey);
if (xfr->db != NULL)
dns_db_detach(&xfr->db);
isc_task_detach(&xfr->task);
dns_zone_idetach(&xfr->zone);
isc_mem_put(mctx, xfr, sizeof(*xfr));
return (result);
}
static isc_result_t
xfrin_start(dns_xfrin_ctx_t *xfr) {
isc_result_t result;
CHECK(isc_socket_create(xfr->socketmgr,
isc_sockaddr_pf(&xfr->sourceaddr),
isc_sockettype_tcp,
&xfr->socket));
isc_socket_setname(xfr->socket, "xfrin", NULL);
#ifndef BROKEN_TCP_BIND_BEFORE_CONNECT
CHECK(isc_socket_bind(xfr->socket, &xfr->sourceaddr,
ISC_SOCKET_REUSEADDRESS));
#endif
CHECK(isc_socket_connect(xfr->socket, &xfr->masteraddr, xfr->task,
xfrin_connect_done, xfr));
xfr->connects++;
return (ISC_R_SUCCESS);
failure:
xfrin_fail(xfr, result, "failed setting up socket");
return (result);
}
/* XXX the resolver could use this, too */
static isc_result_t
render(dns_message_t *msg, isc_mem_t *mctx, isc_buffer_t *buf) {
dns_compress_t cctx;
isc_boolean_t cleanup_cctx = ISC_FALSE;
isc_result_t result;
CHECK(dns_compress_init(&cctx, -1, mctx));
cleanup_cctx = ISC_TRUE;
CHECK(dns_message_renderbegin(msg, &cctx, buf));
CHECK(dns_message_rendersection(msg, DNS_SECTION_QUESTION, 0));
CHECK(dns_message_rendersection(msg, DNS_SECTION_ANSWER, 0));
CHECK(dns_message_rendersection(msg, DNS_SECTION_AUTHORITY, 0));
CHECK(dns_message_rendersection(msg, DNS_SECTION_ADDITIONAL, 0));
CHECK(dns_message_renderend(msg));
result = ISC_R_SUCCESS;
failure:
if (cleanup_cctx)
dns_compress_invalidate(&cctx);
return (result);
}
/*
* A connection has been established.
*/
static void
xfrin_connect_done(isc_task_t *task, isc_event_t *event) {
isc_socket_connev_t *cev = (isc_socket_connev_t *) event;
dns_xfrin_ctx_t *xfr = (dns_xfrin_ctx_t *) event->ev_arg;
isc_result_t result = cev->result;
char sourcetext[ISC_SOCKADDR_FORMATSIZE];
isc_sockaddr_t sockaddr;
REQUIRE(VALID_XFRIN(xfr));
UNUSED(task);
INSIST(event->ev_type == ISC_SOCKEVENT_CONNECT);
isc_event_free(&event);
xfr->connects--;
if (xfr->shuttingdown) {
maybe_free(xfr);
return;
}
if (result != ISC_R_SUCCESS) {
dns_zonemgr_t * zmgr = dns_zone_getmgr(xfr->zone);
isc_time_t now;
if (zmgr != NULL) {
TIME_NOW(&now);
dns_zonemgr_unreachableadd(zmgr, &xfr->masteraddr,
&xfr->sourceaddr, &now);
}
goto failure;
}
result = isc_socket_getsockname(xfr->socket, &sockaddr);
if (result == ISC_R_SUCCESS) {
isc_sockaddr_format(&sockaddr, sourcetext, sizeof(sourcetext));
} else
strcpy(sourcetext, "<UNKNOWN>");
xfrin_log(xfr, ISC_LOG_INFO, "connected using %s", sourcetext);
dns_tcpmsg_init(xfr->mctx, xfr->socket, &xfr->tcpmsg);
xfr->tcpmsg_valid = ISC_TRUE;
CHECK(xfrin_send_request(xfr));
failure:
if (result != ISC_R_SUCCESS)
xfrin_fail(xfr, result, "failed to connect");
}
/*
* Convert a tuple into a dns_name_t suitable for inserting
* into the given dns_message_t.
*/
static isc_result_t
tuple2msgname(dns_difftuple_t *tuple, dns_message_t *msg, dns_name_t **target)
{
isc_result_t result;
dns_rdata_t *rdata = NULL;
dns_rdatalist_t *rdl = NULL;
dns_rdataset_t *rds = NULL;
dns_name_t *name = NULL;
REQUIRE(target != NULL && *target == NULL);
CHECK(dns_message_gettemprdata(msg, &rdata));
dns_rdata_init(rdata);
dns_rdata_clone(&tuple->rdata, rdata);
CHECK(dns_message_gettemprdatalist(msg, &rdl));
dns_rdatalist_init(rdl);
rdl->type = tuple->rdata.type;
rdl->rdclass = tuple->rdata.rdclass;
rdl->ttl = tuple->ttl;
ISC_LIST_APPEND(rdl->rdata, rdata, link);
CHECK(dns_message_gettemprdataset(msg, &rds));
dns_rdataset_init(rds);
CHECK(dns_rdatalist_tordataset(rdl, rds));
CHECK(dns_message_gettempname(msg, &name));
dns_name_init(name, NULL);
dns_name_clone(&tuple->name, name);
ISC_LIST_APPEND(name->list, rds, link);
*target = name;
return (ISC_R_SUCCESS);
failure:
if (rds != NULL) {
dns_rdataset_disassociate(rds);
dns_message_puttemprdataset(msg, &rds);
}
if (rdl != NULL) {
ISC_LIST_UNLINK(rdl->rdata, rdata, link);
dns_message_puttemprdatalist(msg, &rdl);
}
if (rdata != NULL)
dns_message_puttemprdata(msg, &rdata);
return (result);
}
/*
* Build an *XFR request and send its length prefix.
*/
static isc_result_t
xfrin_send_request(dns_xfrin_ctx_t *xfr) {
isc_result_t result;
isc_region_t region;
isc_region_t lregion;
dns_rdataset_t *qrdataset = NULL;
dns_message_t *msg = NULL;
unsigned char length[2];
dns_difftuple_t *soatuple = NULL;
dns_name_t *qname = NULL;
dns_dbversion_t *ver = NULL;
dns_name_t *msgsoaname = NULL;
/* Create the request message */
CHECK(dns_message_create(xfr->mctx, DNS_MESSAGE_INTENTRENDER, &msg));
CHECK(dns_message_settsigkey(msg, xfr->tsigkey));
/* Create a name for the question section. */
CHECK(dns_message_gettempname(msg, &qname));
dns_name_init(qname, NULL);
dns_name_clone(&xfr->name, qname);
/* Formulate the question and attach it to the question name. */
CHECK(dns_message_gettemprdataset(msg, &qrdataset));
dns_rdataset_init(qrdataset);
dns_rdataset_makequestion(qrdataset, xfr->rdclass, xfr->reqtype);
ISC_LIST_APPEND(qname->list, qrdataset, link);
qrdataset = NULL;
dns_message_addname(msg, qname, DNS_SECTION_QUESTION);
qname = NULL;
if (xfr->reqtype == dns_rdatatype_ixfr) {
/* Get the SOA and add it to the authority section. */
/* XXX is using the current version the right thing? */
dns_db_currentversion(xfr->db, &ver);
CHECK(dns_db_createsoatuple(xfr->db, ver, xfr->mctx,
DNS_DIFFOP_EXISTS, &soatuple));
xfr->ixfr.request_serial = dns_soa_getserial(&soatuple->rdata);
xfr->ixfr.current_serial = xfr->ixfr.request_serial;
xfrin_log(xfr, ISC_LOG_DEBUG(3),
"requesting IXFR for serial %u",
xfr->ixfr.request_serial);
CHECK(tuple2msgname(soatuple, msg, &msgsoaname));
dns_message_addname(msg, msgsoaname, DNS_SECTION_AUTHORITY);
} else if (xfr->reqtype == dns_rdatatype_soa)
CHECK(dns_db_getsoaserial(xfr->db, NULL,
&xfr->ixfr.request_serial));
xfr->checkid = ISC_TRUE;
xfr->id++;
xfr->nmsg = 0;
xfr->nrecs = 0;
xfr->nbytes = 0;
isc_time_now(&xfr->start);
msg->id = xfr->id;
if (xfr->tsigctx != NULL)
dst_context_destroy(&xfr->tsigctx);
CHECK(render(msg, xfr->mctx, &xfr->qbuffer));
/*
* Free the last tsig, if there is one.
*/
if (xfr->lasttsig != NULL)
isc_buffer_free(&xfr->lasttsig);
/*
* Save the query TSIG and don't let message_destroy free it.
*/
CHECK(dns_message_getquerytsig(msg, xfr->mctx, &xfr->lasttsig));
isc_buffer_usedregion(&xfr->qbuffer, &region);
INSIST(region.length <= 65535);
length[0] = region.length >> 8;
length[1] = region.length & 0xFF;
lregion.base = length;
lregion.length = 2;
CHECK(isc_socket_send(xfr->socket, &lregion, xfr->task,
xfrin_sendlen_done, xfr));
xfr->sends++;
failure:
if (qname != NULL)
dns_message_puttempname(msg, &qname);
if (qrdataset != NULL)
dns_message_puttemprdataset(msg, &qrdataset);
if (msg != NULL)
dns_message_destroy(&msg);
if (soatuple != NULL)
dns_difftuple_free(&soatuple);
if (ver != NULL)
dns_db_closeversion(xfr->db, &ver, ISC_FALSE);
return (result);
}
/* XXX there should be library support for sending DNS TCP messages */
static void
xfrin_sendlen_done(isc_task_t *task, isc_event_t *event) {
isc_socketevent_t *sev = (isc_socketevent_t *) event;
dns_xfrin_ctx_t *xfr = (dns_xfrin_ctx_t *) event->ev_arg;
isc_result_t evresult = sev->result;
isc_result_t result;
isc_region_t region;
REQUIRE(VALID_XFRIN(xfr));
UNUSED(task);
INSIST(event->ev_type == ISC_SOCKEVENT_SENDDONE);
isc_event_free(&event);
xfr->sends--;
if (xfr->shuttingdown) {
maybe_free(xfr);
return;
}
xfrin_log(xfr, ISC_LOG_DEBUG(3), "sent request length prefix");
CHECK(evresult);
isc_buffer_usedregion(&xfr->qbuffer, &region);
CHECK(isc_socket_send(xfr->socket, &region, xfr->task,
xfrin_send_done, xfr));
xfr->sends++;
failure:
if (result != ISC_R_SUCCESS)
xfrin_fail(xfr, result, "failed sending request length prefix");
}
static void
xfrin_send_done(isc_task_t *task, isc_event_t *event) {
isc_socketevent_t *sev = (isc_socketevent_t *) event;
dns_xfrin_ctx_t *xfr = (dns_xfrin_ctx_t *) event->ev_arg;
isc_result_t result;
REQUIRE(VALID_XFRIN(xfr));
UNUSED(task);
INSIST(event->ev_type == ISC_SOCKEVENT_SENDDONE);
xfr->sends--;
xfrin_log(xfr, ISC_LOG_DEBUG(3), "sent request data");
CHECK(sev->result);
CHECK(dns_tcpmsg_readmessage(&xfr->tcpmsg, xfr->task,
xfrin_recv_done, xfr));
xfr->recvs++;
failure:
isc_event_free(&event);
if (result != ISC_R_SUCCESS)
xfrin_fail(xfr, result, "failed sending request data");
}
static void
xfrin_recv_done(isc_task_t *task, isc_event_t *ev) {
dns_xfrin_ctx_t *xfr = (dns_xfrin_ctx_t *) ev->ev_arg;
isc_result_t result;
dns_message_t *msg = NULL;
dns_name_t *name;
dns_tcpmsg_t *tcpmsg;
dns_name_t *tsigowner = NULL;
REQUIRE(VALID_XFRIN(xfr));
UNUSED(task);
INSIST(ev->ev_type == DNS_EVENT_TCPMSG);
tcpmsg = ev->ev_sender;
isc_event_free(&ev);
xfr->recvs--;
if (xfr->shuttingdown) {
maybe_free(xfr);
return;
}
CHECK(tcpmsg->result);
xfrin_log(xfr, ISC_LOG_DEBUG(7), "received %u bytes",
tcpmsg->buffer.used);
CHECK(isc_timer_touch(xfr->timer));
CHECK(dns_message_create(xfr->mctx, DNS_MESSAGE_INTENTPARSE, &msg));
CHECK(dns_message_settsigkey(msg, xfr->tsigkey));
CHECK(dns_message_setquerytsig(msg, xfr->lasttsig));
msg->tsigctx = xfr->tsigctx;
xfr->tsigctx = NULL;
if (xfr->nmsg > 0)
msg->tcp_continuation = 1;
result = dns_message_parse(msg, &tcpmsg->buffer,
DNS_MESSAGEPARSE_PRESERVEORDER);
if (result != ISC_R_SUCCESS || msg->rcode != dns_rcode_noerror ||
(xfr->checkid && msg->id != xfr->id)) {
if (result == ISC_R_SUCCESS)
result = ISC_RESULTCLASS_DNSRCODE + msg->rcode; /*XXX*/
if (result == ISC_R_SUCCESS || result == DNS_R_NOERROR)
result = DNS_R_UNEXPECTEDID;
if (xfr->reqtype == dns_rdatatype_axfr ||
xfr->reqtype == dns_rdatatype_soa)
goto failure;
xfrin_log(xfr, ISC_LOG_DEBUG(3), "got %s, retrying with AXFR",
isc_result_totext(result));
try_axfr:
dns_message_destroy(&msg);
xfrin_reset(xfr);
xfr->reqtype = dns_rdatatype_soa;
xfr->state = XFRST_SOAQUERY;
(void)xfrin_start(xfr);
return;
}
/*
* Does the server know about IXFR? If it doesn't we will get
* a message with a empty answer section or a potentially a CNAME /
* DNAME, the later is handled by xfr_rr() which will return FORMERR
* if the first RR in the answer section is not a SOA record.
*/
if (xfr->reqtype == dns_rdatatype_ixfr &&
xfr->state == XFRST_INITIALSOA &&
msg->counts[DNS_SECTION_ANSWER] == 0) {
xfrin_log(xfr, ISC_LOG_DEBUG(3),
"empty answer section, retrying with AXFR");
goto try_axfr;
}
if (xfr->reqtype == dns_rdatatype_soa &&
(msg->flags & DNS_MESSAGEFLAG_AA) == 0) {
FAIL(DNS_R_NOTAUTHORITATIVE);
}
result = dns_message_checksig(msg, dns_zone_getview(xfr->zone));
if (result != ISC_R_SUCCESS) {
xfrin_log(xfr, ISC_LOG_DEBUG(3), "TSIG check failed: %s",
isc_result_totext(result));
goto failure;
}
for (result = dns_message_firstname(msg, DNS_SECTION_ANSWER);
result == ISC_R_SUCCESS;
result = dns_message_nextname(msg, DNS_SECTION_ANSWER))
{
dns_rdataset_t *rds;
name = NULL;
dns_message_currentname(msg, DNS_SECTION_ANSWER, &name);
for (rds = ISC_LIST_HEAD(name->list);
rds != NULL;
rds = ISC_LIST_NEXT(rds, link))
{
for (result = dns_rdataset_first(rds);
result == ISC_R_SUCCESS;
result = dns_rdataset_next(rds))
{
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(rds, &rdata);
CHECK(xfr_rr(xfr, name, rds->ttl, &rdata));
}
}
}
if (result != ISC_R_NOMORE)
goto failure;
if (dns_message_gettsig(msg, &tsigowner) != NULL) {
/*
* Reset the counter.
*/
xfr->sincetsig = 0;
/*
* Free the last tsig, if there is one.
*/
if (xfr->lasttsig != NULL)
isc_buffer_free(&xfr->lasttsig);
/*
* Update the last tsig pointer.
*/
CHECK(dns_message_getquerytsig(msg, xfr->mctx,
&xfr->lasttsig));
} else if (dns_message_gettsigkey(msg) != NULL) {
xfr->sincetsig++;
if (xfr->sincetsig > 100 || xfr->nmsg == 0 ||
xfr->state == XFRST_AXFR_END ||
xfr->state == XFRST_IXFR_END)
{
result = DNS_R_EXPECTEDTSIG;
goto failure;
}
}
/*
* Update the number of messages received.
*/
xfr->nmsg++;
/*
* Update the number of bytes received.
*/
xfr->nbytes += tcpmsg->buffer.used;
/*
* Take the context back.
*/
INSIST(xfr->tsigctx == NULL);
xfr->tsigctx = msg->tsigctx;
msg->tsigctx = NULL;
dns_message_destroy(&msg);
switch (xfr->state) {
case XFRST_GOTSOA:
xfr->reqtype = dns_rdatatype_axfr;
xfr->state = XFRST_INITIALSOA;
CHECK(xfrin_send_request(xfr));
break;
case XFRST_AXFR_END:
CHECK(axfr_finalize(xfr));
/* FALLTHROUGH */
case XFRST_IXFR_END:
/*
* Close the journal.
*/
if (xfr->ixfr.journal != NULL)
dns_journal_destroy(&xfr->ixfr.journal);
/*
* Inform the caller we succeeded.
*/
if (xfr->done != NULL) {
(xfr->done)(xfr->zone, ISC_R_SUCCESS);
xfr->done = NULL;
}
/*
* We should have no outstanding events at this
* point, thus maybe_free() should succeed.
*/
xfr->shuttingdown = ISC_TRUE;
maybe_free(xfr);
break;
default:
/*
* Read the next message.
*/
CHECK(dns_tcpmsg_readmessage(&xfr->tcpmsg, xfr->task,
xfrin_recv_done, xfr));
xfr->recvs++;
}
return;
failure:
if (msg != NULL)
dns_message_destroy(&msg);
if (result != ISC_R_SUCCESS)
xfrin_fail(xfr, result, "failed while receiving responses");
}
static void
xfrin_timeout(isc_task_t *task, isc_event_t *event) {
dns_xfrin_ctx_t *xfr = (dns_xfrin_ctx_t *) event->ev_arg;
REQUIRE(VALID_XFRIN(xfr));
UNUSED(task);
isc_event_free(&event);
/*
* This will log "giving up: timeout".
*/
xfrin_fail(xfr, ISC_R_TIMEDOUT, "giving up");
}
static void
maybe_free(dns_xfrin_ctx_t *xfr) {
isc_uint64_t msecs;
isc_uint64_t persec;
REQUIRE(VALID_XFRIN(xfr));
if (! xfr->shuttingdown || xfr->refcount != 0 ||
xfr->connects != 0 || xfr->sends != 0 ||
xfr->recvs != 0)
return;
/*
* Calculate the length of time the transfer took,
* and print a log message with the bytes and rate.
*/
isc_time_now(&xfr->end);
msecs = isc_time_microdiff(&xfr->end, &xfr->start) / 1000;
if (msecs == 0)
msecs = 1;
persec = (xfr->nbytes * 1000) / msecs;
xfrin_log(xfr, ISC_LOG_INFO,
"Transfer completed: %d messages, %d records, "
"%" ISC_PRINT_QUADFORMAT "u bytes, "
"%u.%03u secs (%u bytes/sec)",
xfr->nmsg, xfr->nrecs, xfr->nbytes,
(unsigned int) (msecs / 1000), (unsigned int) (msecs % 1000),
(unsigned int) persec);
if (xfr->socket != NULL)
isc_socket_detach(&xfr->socket);
if (xfr->timer != NULL)
isc_timer_detach(&xfr->timer);
if (xfr->task != NULL)
isc_task_detach(&xfr->task);
if (xfr->tsigkey != NULL)
dns_tsigkey_detach(&xfr->tsigkey);
if (xfr->lasttsig != NULL)
isc_buffer_free(&xfr->lasttsig);
dns_diff_clear(&xfr->diff);
if (xfr->ixfr.journal != NULL)
dns_journal_destroy(&xfr->ixfr.journal);
if (xfr->axfr.add_private != NULL)
(void)dns_db_endload(xfr->db, &xfr->axfr.add_private);
if (xfr->tcpmsg_valid)
dns_tcpmsg_invalidate(&xfr->tcpmsg);
if (xfr->tsigctx != NULL)
dst_context_destroy(&xfr->tsigctx);
if ((xfr->name.attributes & DNS_NAMEATTR_DYNAMIC) != 0)
dns_name_free(&xfr->name, xfr->mctx);
if (xfr->ver != NULL)
dns_db_closeversion(xfr->db, &xfr->ver, ISC_FALSE);
if (xfr->db != NULL)
dns_db_detach(&xfr->db);
if (xfr->zone != NULL)
dns_zone_idetach(&xfr->zone);
isc_mem_put(xfr->mctx, xfr, sizeof(*xfr));
}
/*
* Log incoming zone transfer messages in a format like
* transfer of <zone> from <address>: <message>
*/
static void
xfrin_logv(int level, const char *zonetext, isc_sockaddr_t *masteraddr,
const char *fmt, va_list ap)
{
char mastertext[ISC_SOCKADDR_FORMATSIZE];
char msgtext[2048];
isc_sockaddr_format(masteraddr, mastertext, sizeof(mastertext));
vsnprintf(msgtext, sizeof(msgtext), fmt, ap);
isc_log_write(dns_lctx, DNS_LOGCATEGORY_XFER_IN,
DNS_LOGMODULE_XFER_IN, level,
"transfer of '%s' from %s: %s",
zonetext, mastertext, msgtext);
}
/*
* Logging function for use when a xfrin_ctx_t has not yet been created.
*/
static void
xfrin_log1(int level, const char *zonetext, isc_sockaddr_t *masteraddr,
const char *fmt, ...)
{
va_list ap;
if (isc_log_wouldlog(dns_lctx, level) == ISC_FALSE)
return;
va_start(ap, fmt);
xfrin_logv(level, zonetext, masteraddr, fmt, ap);
va_end(ap);
}
/*
* Logging function for use when there is a xfrin_ctx_t.
*/
static void
xfrin_log(dns_xfrin_ctx_t *xfr, int level, const char *fmt, ...)
{
va_list ap;
char zonetext[DNS_NAME_MAXTEXT+32];
if (isc_log_wouldlog(dns_lctx, level) == ISC_FALSE)
return;
dns_zone_name(xfr->zone, zonetext, sizeof(zonetext));
va_start(ap, fmt);
xfrin_logv(level, zonetext, &xfr->masteraddr, fmt, ap);
va_end(ap);
}