update.c
Go to the documentation of this file.
1/* update.c
2 *
3 * Functions for RFC 2136 Dynamic Update
4 *
5 * Copyright (c) 2005-2008, NLnet Labs. All rights reserved.
6 *
7 * See LICENSE for the license.
8 */
9
10#include <ldns/config.h>
11
12#include <ldns/ldns.h>
13
14#include <strings.h>
15#include <stdlib.h>
16#include <limits.h>
17
18/*
19 * RFC 2136 sections mapped to RFC 1035:
20 * zone/ZO -- QD/question
21 * prerequisites/PR -- AN/answers
22 * updates/UP -- NS/authority records
23 * additional data/AD -- AR/additional records
24 */
25
26ldns_pkt *
27ldns_update_pkt_new(ldns_rdf *zone_rdf, ldns_rr_class c,
28 const ldns_rr_list *pr_rrlist, const ldns_rr_list *up_rrlist, const ldns_rr_list *ad_rrlist)
29{
30 ldns_pkt *p;
31
32 if (!zone_rdf || !up_rrlist) {
33 return NULL;
34 }
35
36 if (c == 0) {
37 c = LDNS_RR_CLASS_IN;
38 }
39
40 /* Create packet, fill in Zone Section. */
41 p = ldns_pkt_query_new(zone_rdf, LDNS_RR_TYPE_SOA, c, LDNS_RD);
42 if (!p) {
43 return NULL;
44 }
45 zone_rdf = NULL; /* No longer safe to use. */
46
47 ldns_pkt_set_opcode(p, LDNS_PACKET_UPDATE);
48
49 ldns_rr_list_deep_free(p->_authority);
50
51 ldns_pkt_set_authority(p, ldns_rr_list_clone(up_rrlist));
52
53 ldns_update_set_upcount(p, ldns_rr_list_rr_count(up_rrlist));
54
55 if (pr_rrlist) {
56 ldns_rr_list_deep_free(p->_answer); /*XXX access function */
57 ldns_pkt_set_answer(p, ldns_rr_list_clone(pr_rrlist));
58 ldns_update_set_prcount(p, ldns_rr_list_rr_count(pr_rrlist));
59 }
60
61 if (ad_rrlist) {
62 ldns_rr_list_deep_free(p->_additional);
63 ldns_pkt_set_additional(p, ldns_rr_list_clone(ad_rrlist));
64 ldns_update_set_adcount(p, ldns_rr_list_rr_count(ad_rrlist));
65 }
66 return p;
67}
68
69ldns_status
70ldns_update_pkt_tsig_add(ldns_pkt *p, const ldns_resolver *r)
71{
72#ifdef HAVE_SSL
73 uint16_t fudge = 300; /* Recommended fudge. [RFC2845 6.4] */
74 if (ldns_resolver_tsig_keyname(r) && ldns_resolver_tsig_keydata(r))
75 return ldns_pkt_tsig_sign(p, ldns_resolver_tsig_keyname(r),
76 ldns_resolver_tsig_keydata(r), fudge,
77 ldns_resolver_tsig_algorithm(r), NULL);
78#else
79 /* do nothing */
80 (void)p;
81 (void)r;
82#endif /* HAVE_SSL */
83 /* No TSIG to do. */
84 return LDNS_STATUS_OK;
85}
86
87/* Move to higher.c or similar? */
88/* XXX doc */
89ldns_status
90ldns_update_soa_mname(ldns_rdf *zone, ldns_resolver *r,
91 ldns_rr_class c, ldns_rdf **mname)
92{
93 ldns_rr *soa_rr;
94 ldns_pkt *query, *resp;
95
96 /* Nondestructive, so clone 'zone' here */
97 query = ldns_pkt_query_new(ldns_rdf_clone(zone), LDNS_RR_TYPE_SOA,
98 c, LDNS_RD);
99 if (!query) {
100 return LDNS_STATUS_ERR;
101 }
102
103 ldns_pkt_set_random_id(query);
104 if (ldns_resolver_send_pkt(&resp, r, query) != LDNS_STATUS_OK) {
105 ldns_pkt_free(query);
106 return LDNS_STATUS_ERR;
107 }
108 ldns_pkt_free(query);
109 if (!resp) {
110 return LDNS_STATUS_ERR;
111 }
112
113 /* Expect a SOA answer. */
114 *mname = NULL;
115 while ((soa_rr = ldns_rr_list_pop_rr(ldns_pkt_answer(resp)))) {
116 if (ldns_rr_get_type(soa_rr) != LDNS_RR_TYPE_SOA
117 || ldns_rr_rdf(soa_rr, 0) == NULL)
118 continue;
119 /* [RFC1035 3.3.13] */
120 *mname = ldns_rdf_clone(ldns_rr_rdf(soa_rr, 0));
121 break;
122 }
123 ldns_pkt_free(resp);
124
125 return *mname ? LDNS_STATUS_OK : LDNS_STATUS_ERR;
126}
127
128/* Try to get zone and MNAME from SOA queries. */
129ldns_status
130ldns_update_soa_zone_mname(const char *fqdn, ldns_resolver *r,
131 ldns_rr_class c, ldns_rdf **zone_rdf, ldns_rdf **mname_rdf)
132{
133 ldns_rr *soa_rr, *rr;
134 ldns_rdf *soa_zone = NULL, *soa_mname = NULL;
135 ldns_rdf *ipaddr, *fqdn_rdf, *tmp;
136 ldns_rdf **nslist;
137 ldns_pkt *query, *resp;
138 ldns_resolver *tmp_r;
139 size_t i;
140
141 /*
142 * XXX Ok, this cannot be the best way to find this...?
143 * XXX (I run into weird cache-related stuff here)
144 */
145
146 /* Step 1 - first find a nameserver that should know *something* */
147 fqdn_rdf = ldns_dname_new_frm_str(fqdn);
148 query = ldns_pkt_query_new(fqdn_rdf, LDNS_RR_TYPE_SOA, c, LDNS_RD);
149 if (!query) {
150 return LDNS_STATUS_ERR;
151 }
152 fqdn_rdf = NULL;
153
154 ldns_pkt_set_random_id(query);
155 if (ldns_resolver_send_pkt(&resp, r, query) != LDNS_STATUS_OK) {
156 ldns_pkt_free(query);
157 return LDNS_STATUS_ERR;
158 }
159 ldns_pkt_free(query);
160 if (!resp) {
161 return LDNS_STATUS_ERR;
162 }
163
164 /* XXX Is it safe to only look in authority section here? */
165 while ((soa_rr = ldns_rr_list_pop_rr(ldns_pkt_authority(resp)))) {
166 if (ldns_rr_get_type(soa_rr) != LDNS_RR_TYPE_SOA
167 || ldns_rr_rdf(soa_rr, 0) == NULL)
168 continue;
169 /* [RFC1035 3.3.13] */
170 soa_mname = ldns_rdf_clone(ldns_rr_rdf(soa_rr, 0));
171 break;
172 }
173 ldns_pkt_free(resp);
174 if (!soa_rr) {
175 return LDNS_STATUS_ERR;
176 }
177
178 /* Step 2 - find SOA MNAME IP address, add to resolver */
179 query = ldns_pkt_query_new(soa_mname, LDNS_RR_TYPE_A, c, LDNS_RD);
180 if (!query) {
181 return LDNS_STATUS_ERR;
182 }
183 soa_mname = NULL;
184
185 ldns_pkt_set_random_id(query);
186 if (ldns_resolver_send_pkt(&resp, r, query) != LDNS_STATUS_OK) {
187 ldns_pkt_free(query);
188 return LDNS_STATUS_ERR;
189 }
190 ldns_pkt_free(query);
191 if (!resp) {
192 return LDNS_STATUS_ERR;
193 }
194
195 if (ldns_pkt_ancount(resp) == 0) {
196 ldns_pkt_free(resp);
197 return LDNS_STATUS_ERR;
198 }
199
200 /* XXX There may be more than one answer RR here. */
201 rr = ldns_rr_list_pop_rr(ldns_pkt_answer(resp));
202 ipaddr = ldns_rr_rdf(rr, 0);
203
204 /* Put the SOA mname IP first in the nameserver list. */
205 if (!(tmp_r = ldns_resolver_clone(r))) {
206 return LDNS_STATUS_MEM_ERR;
207 }
208 nslist = ldns_resolver_nameservers(tmp_r);
209 for (i = 0; i < ldns_resolver_nameserver_count(tmp_r); i++) {
210 if (ldns_rdf_compare(ipaddr, nslist[i]) == 0) {
211 if (i) {
212 tmp = nslist[0];
213 nslist[0] = nslist[i];
214 nslist[i] = tmp;
215 }
216 break;
217 }
218 }
219 if (i >= ldns_resolver_nameserver_count(tmp_r)) {
220 /* SOA mname was not part of the resolver so add it first. */
221 (void) ldns_resolver_push_nameserver(tmp_r, ipaddr);
222 nslist = ldns_resolver_nameservers(tmp_r);
223 i = ldns_resolver_nameserver_count(tmp_r) - 1;
224 tmp = nslist[0];
225 nslist[0] = nslist[i];
226 nslist[i] = tmp;
227 }
228 ldns_pkt_free(resp);
229
230 /* Make sure to ask the first in the list, i.e SOA mname */
231 ldns_resolver_set_random(tmp_r, false);
232
233 /* Step 3 - Redo SOA query, sending to SOA MNAME directly. */
234 fqdn_rdf = ldns_dname_new_frm_str(fqdn);
235 query = ldns_pkt_query_new(fqdn_rdf, LDNS_RR_TYPE_SOA, c, LDNS_RD);
236 if (!query) {
237 ldns_resolver_free(tmp_r);
238 return LDNS_STATUS_ERR;
239 }
240 fqdn_rdf = NULL;
241
242 ldns_pkt_set_random_id(query);
243 if (ldns_resolver_send_pkt(&resp, tmp_r, query) != LDNS_STATUS_OK) {
244 ldns_pkt_free(query);
245 ldns_resolver_free(tmp_r);
246 return LDNS_STATUS_ERR;
247 }
248 ldns_resolver_free(tmp_r);
249 ldns_pkt_free(query);
250 if (!resp) {
251 return LDNS_STATUS_ERR;
252 }
253
254 /* XXX Is it safe to only look in authority section here, too? */
255 while ((soa_rr = ldns_rr_list_pop_rr(ldns_pkt_authority(resp)))) {
256 if (ldns_rr_get_type(soa_rr) != LDNS_RR_TYPE_SOA
257 || ldns_rr_rdf(soa_rr, 0) == NULL)
258 continue;
259 /* [RFC1035 3.3.13] */
260 soa_mname = ldns_rdf_clone(ldns_rr_rdf(soa_rr, 0));
261 soa_zone = ldns_rdf_clone(ldns_rr_owner(soa_rr));
262 break;
263 }
264 ldns_pkt_free(resp);
265 if (!soa_rr) {
266 return LDNS_STATUS_ERR;
267 }
268
269 /* That seems to have worked, pass results to caller. */
270 *zone_rdf = soa_zone;
271 *mname_rdf = soa_mname;
272 return LDNS_STATUS_OK;
273}
274
275/*
276 * ldns_update_{get,set}_{zo,pr,up,ad}count
277 */
278
279uint16_t
280ldns_update_zocount(const ldns_pkt *p)
281{
282 return ldns_pkt_qdcount(p);
283}
284
285uint16_t
286ldns_update_prcount(const ldns_pkt *p)
287{
288 return ldns_pkt_ancount(p);
289}
290
291uint16_t
292ldns_update_upcount(const ldns_pkt *p)
293{
294 return ldns_pkt_nscount(p);
295}
296
297uint16_t
298ldns_update_ad(const ldns_pkt *p)
299{
300 return ldns_pkt_arcount(p);
301}
302
303void
304ldns_update_set_zo(ldns_pkt *p, uint16_t v)
305{
306 ldns_pkt_set_qdcount(p, v);
307}
308
309void
310ldns_update_set_prcount(ldns_pkt *p, uint16_t v)
311{
312 ldns_pkt_set_ancount(p, v);
313}
314
315void
316ldns_update_set_upcount(ldns_pkt *p, uint16_t v)
317{
318 ldns_pkt_set_nscount(p, v);
319}
320
321void
322ldns_update_set_adcount(ldns_pkt *p, uint16_t v)
323{
324 ldns_pkt_set_arcount(p, v);
325}
ldns_dname_new_frm_str
ldns_rdf * ldns_dname_new_frm_str(const char *str)
creates a new dname rdf from a string.
Definition dname.c:268
LDNS_STATUS_ERR
@ LDNS_STATUS_ERR
Definition error.h:37
LDNS_STATUS_MEM_ERR
@ LDNS_STATUS_MEM_ERR
Definition error.h:34
LDNS_STATUS_OK
@ LDNS_STATUS_OK
Definition error.h:26
ldns_status
enum ldns_enum_status ldns_status
Definition error.h:148
ldns.h
Including this file will include all ldns files, and define some lookup tables.
ldns_pkt_free
void ldns_pkt_free(ldns_pkt *packet)
frees the packet structure and all data that it contains.
Definition packet.c:897
ldns_pkt_set_additional
void ldns_pkt_set_additional(ldns_pkt *p, ldns_rr_list *rr)
directly set the additional section
Definition packet.c:509
ldns_pkt_authority
ldns_rr_list * ldns_pkt_authority(const ldns_pkt *p)
Return the packet's authority section.
Definition packet.c:136
ldns_pkt_set_authority
void ldns_pkt_set_authority(ldns_pkt *p, ldns_rr_list *rr)
directly set the authority section
Definition packet.c:527
ldns_pkt_query_new
ldns_pkt * ldns_pkt_query_new(ldns_rdf *rr_name, ldns_rr_type rr_type, ldns_rr_class rr_class, uint16_t flags)
creates a packet with a query in it for the given name, type and class.
Definition packet.c:1150
ldns_pkt_ancount
uint16_t ldns_pkt_ancount(const ldns_pkt *p)
Return the packet's an count.
Definition packet.c:106
ldns_pkt_nscount
uint16_t ldns_pkt_nscount(const ldns_pkt *p)
Return the packet's ns count.
Definition packet.c:112
ldns_pkt_answer
ldns_rr_list * ldns_pkt_answer(const ldns_pkt *p)
Return the packet's answer section.
Definition packet.c:130
LDNS_PACKET_UPDATE
@ LDNS_PACKET_UPDATE
Definition packet.h:51
ldns_pkt_set_answer
void ldns_pkt_set_answer(ldns_pkt *p, ldns_rr_list *rr)
directly set the answer section
Definition packet.c:521
ldns_pkt_set_qdcount
void ldns_pkt_set_qdcount(ldns_pkt *p, uint16_t c)
Set the packet's qd count.
Definition packet.c:563
ldns_pkt_qdcount
uint16_t ldns_pkt_qdcount(const ldns_pkt *p)
Return the packet's qd count.
Definition packet.c:100
ldns_pkt_set_arcount
void ldns_pkt_set_arcount(ldns_pkt *p, uint16_t c)
Set the packet's arcount.
Definition packet.c:581
ldns_pkt_set_opcode
void ldns_pkt_set_opcode(ldns_pkt *p, ldns_pkt_opcode c)
Set the packet's opcode.
Definition packet.c:551
ldns_pkt_arcount
uint16_t ldns_pkt_arcount(const ldns_pkt *p)
Return the packet's ar count.
Definition packet.c:118
ldns_pkt_set_random_id
void ldns_pkt_set_random_id(ldns_pkt *p)
Set the packet's id to a random value.
Definition packet.c:477
ldns_pkt_set_ancount
void ldns_pkt_set_ancount(ldns_pkt *p, uint16_t c)
Set the packet's an count.
Definition packet.c:569
LDNS_RD
#define LDNS_RD
Definition packet.h:30
ldns_pkt_set_nscount
void ldns_pkt_set_nscount(ldns_pkt *p, uint16_t c)
Set the packet's ns count.
Definition packet.c:575
ldns_rdf_clone
ldns_rdf * ldns_rdf_clone(const ldns_rdf *rd)
clones a rdf structure.
Definition rdata.c:222
ldns_rdf_compare
int ldns_rdf_compare(const ldns_rdf *rd1, const ldns_rdf *rd2)
compares two rdf's on their wire formats.
Definition rdata.c:657
ldns_resolver_tsig_keydata
const char * ldns_resolver_tsig_keydata(const ldns_resolver *r)
Return the tsig keydata as used by the nameserver.
Definition resolver.c:219
ldns_resolver_tsig_keyname
const char * ldns_resolver_tsig_keyname(const ldns_resolver *r)
Return the tsig keyname as used by the nameserver.
Definition resolver.c:207
ldns_resolver_nameserver_count
size_t ldns_resolver_nameserver_count(const ldns_resolver *r)
How many nameserver are configured in the resolver.
Definition resolver.c:114
ldns_resolver_free
void ldns_resolver_free(ldns_resolver *res)
Frees the allocated space for this resolver.
Definition resolver.c:998
ldns_resolver_clone
ldns_resolver * ldns_resolver_clone(ldns_resolver *r)
Clone a resolver.
Definition resolver.c:665
ldns_resolver_nameservers
ldns_rdf ** ldns_resolver_nameservers(const ldns_resolver *r)
Return the configured nameserver ip address.
Definition resolver.c:108
ldns_resolver_push_nameserver
ldns_status ldns_resolver_push_nameserver(ldns_resolver *r, const ldns_rdf *n)
Push a new nameserver to the resolver.
Definition resolver.c:288
ldns_resolver_set_random
void ldns_resolver_set_random(ldns_resolver *r, signed char b)
Should the nameserver list be randomized before each use.
Definition resolver.c:601
ldns_resolver_tsig_algorithm
const char * ldns_resolver_tsig_algorithm(const ldns_resolver *r)
Return the tsig algorithm as used by the nameserver.
Definition resolver.c:213
ldns_resolver_send_pkt
ldns_status ldns_resolver_send_pkt(ldns_pkt **answer, ldns_resolver *r, ldns_pkt *query_pkt)
Send the given packet to a nameserver.
Definition resolver.c:1171
ldns_rr_list_deep_free
void ldns_rr_list_deep_free(ldns_rr_list *rr_list)
frees an rr_list structure and all rrs contained therein.
Definition rr.c:1024
ldns_rr_list_pop_rr
ldns_rr * ldns_rr_list_pop_rr(ldns_rr_list *rr_list)
pops the last rr from an rrlist.
Definition rr.c:1181
LDNS_RR_TYPE_A
@ LDNS_RR_TYPE_A
a host address
Definition rr.h:80
LDNS_RR_TYPE_SOA
@ LDNS_RR_TYPE_SOA
marks the start of a zone of authority
Definition rr.h:90
ldns_rr_rdf
ldns_rdf * ldns_rr_rdf(const ldns_rr *rr, size_t nr)
returns the rdata field member counter.
Definition rr.c:913
ldns_rr_list_rr_count
size_t ldns_rr_list_rr_count(const ldns_rr_list *rr_list)
returns the number of rr's in an rr_list.
Definition rr.c:961
ldns_rr_get_type
ldns_rr_type ldns_rr_get_type(const ldns_rr *rr)
returns the type of the rr.
Definition rr.c:947
ldns_rr_class
enum ldns_enum_rr_class ldns_rr_class
Definition rr.h:61
ldns_rr_list_clone
ldns_rr_list * ldns_rr_list_clone(const ldns_rr_list *rrlist)
clones an rrlist.
Definition rr.c:1435
ldns_rr_owner
ldns_rdf * ldns_rr_owner(const ldns_rr *rr)
returns the owner name of an rr structure.
Definition rr.c:923
LDNS_RR_CLASS_IN
@ LDNS_RR_CLASS_IN
the Internet
Definition rr.h:47
ldns_struct_pkt
DNS packet.
Definition packet.h:235
ldns_struct_pkt::_authority
ldns_rr_list * _authority
Authority section.
Definition packet.h:268
ldns_struct_pkt::_answer
ldns_rr_list * _answer
Answer section.
Definition packet.h:266
ldns_struct_pkt::_additional
ldns_rr_list * _additional
Additional section.
Definition packet.h:270
ldns_struct_rdf
Resource record data field.
Definition rdata.h:197
ldns_struct_resolver
DNS stub resolver structure.
Definition resolver.h:60
ldns_struct_rr_list
List or Set of Resource Records.
Definition rr.h:346
ldns_struct_rr
Resource Record.
Definition rr.h:318
ldns_pkt_tsig_sign
ldns_status ldns_pkt_tsig_sign(ldns_pkt *pkt, const char *key_name, const char *key_data, uint16_t fudge, const char *algorithm_name, const ldns_rdf *query_mac)
creates a tsig rr for the given packet and key.
Definition tsig.c:376
ldns_update_ad
uint16_t ldns_update_ad(const ldns_pkt *p)
Get the zo count.
Definition update.c:298
ldns_update_set_zo
void ldns_update_set_zo(ldns_pkt *p, uint16_t v)
Set the zo count.
Definition update.c:304
ldns_update_set_adcount
void ldns_update_set_adcount(ldns_pkt *p, uint16_t v)
Set the ad count.
Definition update.c:322
ldns_update_upcount
uint16_t ldns_update_upcount(const ldns_pkt *p)
Get the zo count.
Definition update.c:292
ldns_update_zocount
uint16_t ldns_update_zocount(const ldns_pkt *p)
Get the zo count.
Definition update.c:280
ldns_update_soa_zone_mname
ldns_status ldns_update_soa_zone_mname(const char *fqdn, ldns_resolver *r, ldns_rr_class c, ldns_rdf **zone_rdf, ldns_rdf **mname_rdf)
Definition update.c:130
ldns_update_prcount
uint16_t ldns_update_prcount(const ldns_pkt *p)
Get the zo count.
Definition update.c:286
ldns_update_pkt_new
ldns_pkt * ldns_update_pkt_new(ldns_rdf *zone_rdf, ldns_rr_class c, const ldns_rr_list *pr_rrlist, const ldns_rr_list *up_rrlist, const ldns_rr_list *ad_rrlist)
create an update packet from zone name, class and the rr lists
Definition update.c:27
ldns_update_set_prcount
void ldns_update_set_prcount(ldns_pkt *p, uint16_t v)
Set the pr count.
Definition update.c:310
ldns_update_set_upcount
void ldns_update_set_upcount(ldns_pkt *p, uint16_t v)
Set the up count.
Definition update.c:316
ldns_update_pkt_tsig_add
ldns_status ldns_update_pkt_tsig_add(ldns_pkt *p, const ldns_resolver *r)
add tsig credentials to a packet from a resolver
Definition update.c:70
ldns_update_soa_mname
ldns_status ldns_update_soa_mname(ldns_rdf *zone, ldns_resolver *r, ldns_rr_class c, ldns_rdf **mname)
Definition update.c:90