Functions | Variables
iterator.c File Reference

This file contains a module that performs recursive iterative DNS query processing. More...

#include "config.h"
#include "iterator/iterator.h"
#include "iterator/iter_utils.h"
#include "iterator/iter_hints.h"
#include "iterator/iter_fwd.h"
#include "iterator/iter_donotq.h"
#include "iterator/iter_delegpt.h"
#include "iterator/iter_resptype.h"
#include "iterator/iter_scrub.h"
#include "iterator/iter_priv.h"
#include "validator/val_neg.h"
#include "services/cache/dns.h"
#include "services/cache/rrset.h"
#include "services/cache/infra.h"
#include "services/authzone.h"
#include "util/module.h"
#include "util/netevent.h"
#include "util/net_help.h"
#include "util/regional.h"
#include "util/data/dname.h"
#include "util/data/msgencode.h"
#include "util/fptr_wlist.h"
#include "util/config_file.h"
#include "util/random.h"
#include "sldns/rrdef.h"
#include "sldns/wire2str.h"
#include "sldns/str2wire.h"
#include "sldns/parseutil.h"
#include "sldns/sbuffer.h"

Functions

static void target_count_increase_nx (struct iter_qstate *iq, int num)
 
int iter_init (struct module_env *env, int id)
 iterator init
 
static void caps_free (struct rbnode_type *n, void *ATTR_UNUSED(d))
 delete caps_whitelist element
 
void iter_deinit (struct module_env *env, int id)
 iterator deinit
 
static int iter_new (struct module_qstate *qstate, int id)
 new query for iterator
 
static int next_state (struct iter_qstate *iq, enum iter_state nextstate)
 Transition to the next state. More...
 
static int final_state (struct iter_qstate *iq)
 Transition an event to its final state. More...
 
static void error_supers (struct module_qstate *qstate, int id, struct module_qstate *super)
 Callback routine to handle errors in parent query states. More...
 
static int error_response (struct module_qstate *qstate, int id, int rcode)
 Return an error to the client. More...
 
static int error_response_cache (struct module_qstate *qstate, int id, int rcode)
 Return an error to the client and cache the error code in the message cache (so per qname, qtype, qclass). More...
 
static int prepend_is_duplicate (struct ub_packed_rrset_key **sets, size_t to, struct ub_packed_rrset_key *dup)
 check if prepend item is duplicate item
 
static int iter_prepend (struct iter_qstate *iq, struct dns_msg *msg, struct regional *region)
 prepend the prepend list in the answer and authority section of dns_msg
 
static int iter_find_rrset_in_prepend_answer (struct iter_qstate *iq, struct ub_packed_rrset_key *rrset)
 Find rrset in ANSWER prepend list. More...
 
static int iter_add_prepend_answer (struct module_qstate *qstate, struct iter_qstate *iq, struct ub_packed_rrset_key *rrset)
 Add rrset to ANSWER prepend list. More...
 
static int iter_add_prepend_auth (struct module_qstate *qstate, struct iter_qstate *iq, struct ub_packed_rrset_key *rrset)
 Add rrset to AUTHORITY prepend list. More...
 
static int handle_cname_response (struct module_qstate *qstate, struct iter_qstate *iq, struct dns_msg *msg, uint8_t **mname, size_t *mname_len)
 Given a CNAME response (defined as a response containing a CNAME or DNAME that does not answer the request), process the response, modifying the state as necessary. More...
 
static void fill_fail_addr (struct iter_qstate *iq, struct sockaddr_storage *addr, socklen_t addrlen)
 fill fail address for later recovery
 
static void print_fail_addr (struct iter_qstate *iq, char *buf, size_t len)
 print fail addr to string
 
static void errinf_reply (struct module_qstate *qstate, struct iter_qstate *iq)
 add response specific error information for log servfail
 
static int can_have_last_resort (struct module_env *env, uint8_t *nm, size_t ATTR_UNUSED(nmlen), uint16_t qclass, int *have_dp, struct delegpt **retdp, struct regional *region)
 see if last resort is possible - does config allow queries to parent
 
static int is_caps_whitelisted (struct iter_env *ie, struct iter_qstate *iq)
 see if target name is caps-for-id whitelisted
 
static void target_count_create (struct iter_qstate *iq)
 Create target count structure for this query. More...
 
static void target_count_increase (struct iter_qstate *iq, int num)
 
static void target_count_increase_global_quota (struct iter_qstate *iq, int num)
 
static int generate_sub_request (uint8_t *qname, size_t qnamelen, uint16_t qtype, uint16_t qclass, struct module_qstate *qstate, int id, struct iter_qstate *iq, enum iter_state initial_state, enum iter_state finalstate, struct module_qstate **subq_ret, int v, int detached)
 Generate a subrequest. More...
 
static int prime_root (struct module_qstate *qstate, struct iter_qstate *iq, int id, uint16_t qclass)
 Generate and send a root priming request. More...
 
static int prime_stub (struct module_qstate *qstate, struct iter_qstate *iq, int id, uint8_t *qname, uint16_t qclass)
 Generate and process a stub priming request. More...
 
static int auth_zone_delegpt (struct module_qstate *qstate, struct iter_qstate *iq, uint8_t *delname, size_t delnamelen)
 Generate a delegation point for an auth zone (unless cached dp is better) false on alloc failure.
 
static void generate_a_aaaa_check (struct module_qstate *qstate, struct iter_qstate *iq, int id)
 Generate A and AAAA checks for glue that is in-zone for the referral we just got to obtain authoritative information on the addresses. More...
 
static void generate_ns_check (struct module_qstate *qstate, struct iter_qstate *iq, int id)
 Generate a NS check request to obtain authoritative information on an NS rrset. More...
 
static void generate_dnskey_prefetch (struct module_qstate *qstate, struct iter_qstate *iq, int id)
 Generate a DNSKEY prefetch query to get the DNSKEY for the DS record we just got in a referral (where we have dnssec_expected, thus have trust anchors above it). More...
 
static int forward_request (struct module_qstate *qstate, struct iter_qstate *iq)
 See if the query needs forwarding. More...
 
static int processInitRequest (struct module_qstate *qstate, struct iter_qstate *iq, struct iter_env *ie, int id)
 Process the initial part of the request handling. More...
 
static int processInitRequest2 (struct module_qstate *qstate, struct iter_qstate *iq, int id)
 Process the second part of the initial request handling. More...
 
static int processInitRequest3 (struct module_qstate *qstate, struct iter_qstate *iq, int id)
 Process the third part of the initial request handling. More...
 
static int generate_parentside_target_query (struct module_qstate *qstate, struct iter_qstate *iq, int id, uint8_t *name, size_t namelen, uint16_t qtype, uint16_t qclass)
 Given a basic query, generate a parent-side "target" query. More...
 
static int generate_target_query (struct module_qstate *qstate, struct iter_qstate *iq, int id, uint8_t *name, size_t namelen, uint16_t qtype, uint16_t qclass)
 Given a basic query, generate a "target" query. More...
 
static int query_for_targets (struct module_qstate *qstate, struct iter_qstate *iq, struct iter_env *ie, int id, int maxtargets, int *num)
 Given an event at a certain state, generate zero or more target queries for it's current delegation point. More...
 
static int processLastResort (struct module_qstate *qstate, struct iter_qstate *iq, struct iter_env *ie, int id)
 Called by processQueryTargets when it would like extra targets to query but it seems to be out of options. More...
 
static int processDSNSFind (struct module_qstate *qstate, struct iter_qstate *iq, int id)
 Try to find the NS record set that will resolve a qtype DS query. More...
 
static void check_waiting_queries (struct iter_qstate *iq, struct module_qstate *qstate, int id)
 Check if we wait responses for sent queries and update the iterator's external state.
 
static int processQueryTargets (struct module_qstate *qstate, struct iter_qstate *iq, struct iter_env *ie, int id)
 This is the request event state where the request will be sent to one of its current query targets. More...
 
static struct ub_packed_rrset_keyfind_NS (struct reply_info *rep, size_t from, size_t to)
 find NS rrset in given list
 
static int processQueryResponse (struct module_qstate *qstate, struct iter_qstate *iq, struct iter_env *ie, int id)
 Process the query response. More...
 
static void prime_supers (struct module_qstate *qstate, int id, struct module_qstate *forq)
 Return priming query results to interested super querystates. More...
 
static int processPrimeResponse (struct module_qstate *qstate, int id)
 This handles the response to a priming query. More...
 
static void processTargetResponse (struct module_qstate *qstate, int id, struct module_qstate *forq)
 Do final processing on responses to target queries. More...
 
static void processDSNSResponse (struct module_qstate *qstate, int id, struct module_qstate *forq)
 Process response for DS NS Find queries, that attempt to find the delegation point where we ask the DS query from. More...
 
static void processClassResponse (struct module_qstate *qstate, int id, struct module_qstate *forq)
 Process response for qclass=ANY queries for a particular class. More...
 
static int processCollectClass (struct module_qstate *qstate, int id)
 Collect class ANY responses and make them into one response. More...
 
static int processFinished (struct module_qstate *qstate, struct iter_qstate *iq, int id)
 This handles the final state for first-tier responses (i.e., responses to externally generated queries). More...
 
void iter_inform_super (struct module_qstate *qstate, int id, struct module_qstate *super)
 Return priming query results to interested super querystates. More...
 
static void iter_handle (struct module_qstate *qstate, struct iter_qstate *iq, struct iter_env *ie, int id)
 Handle iterator state. More...
 
static void process_request (struct module_qstate *qstate, struct iter_qstate *iq, struct iter_env *ie, int id)
 This is the primary entry point for processing request events. More...
 
static void process_response (struct module_qstate *qstate, struct iter_qstate *iq, struct iter_env *ie, int id, struct outbound_entry *outbound, enum module_ev event)
 process authoritative server reply
 
void iter_operate (struct module_qstate *qstate, enum module_ev event, int id, struct outbound_entry *outbound)
 iterator operate on a query
 
void iter_clear (struct module_qstate *qstate, int id)
 iterator cleanup query state
 
size_t iter_get_mem (struct module_env *env, int id)
 iterator alloc size routine
 
struct module_func_blockiter_get_funcblock (void)
 Get the iterator function block. More...
 
const char * iter_state_to_string (enum iter_state state)
 Get iterator state as a string. More...
 
int iter_state_is_responsestate (enum iter_state s)
 See if iterator state is a response state. More...
 

Variables

int MAX_GLOBAL_QUOTA = 128
 max number of upstream queries for a query and its subqueries, it is never reset.
 
int UNKNOWN_SERVER_NICENESS = 376
 how nice is a server without further information, in msec Equals rtt initial timeout value.
 
int USEFUL_SERVER_TOP_TIMEOUT = 120000
 maximum timeout before a host is deemed unsuitable, in msec. More...
 
int BLACKLIST_PENALTY = (120000*4)
 penalty to validation failed blacklisted IPs Equals USEFUL_SERVER_TOP_TIMEOUT*4, and thus when RTT_MAX_TIMEOUT is overwritten by config infra_cache_max_rtt, it will be overwritten as well.
 
static struct module_func_block iter_block
 The iterator function block. More...
 

Detailed Description

This file contains a module that performs recursive iterative DNS query processing.

Function Documentation

◆ next_state()

static int next_state ( struct iter_qstate iq,
enum iter_state  nextstate 
)
static

Transition to the next state.

This can be used to advance a currently processing event. It cannot be used to reactivate a forEvent.

Parameters
iqiterator query state
nextstateThe state to transition to.
Returns
true. This is so this can be called as the return value for the actual process*State() methods. (Transitioning to the next state implies further processing).

References iter_state_is_responsestate(), log_err(), iter_qstate::response, and iter_qstate::state.

Referenced by final_state(), processInitRequest3(), processQueryResponse(), and respip_operate().

◆ final_state()

static int final_state ( struct iter_qstate iq)
static

Transition an event to its final state.

Final states always either return a result up the module chain, or reactivate a dependent event. Which final state to transition to is set in the module state for the event when it was created, and depends on the original purpose of the event.

The response is stored in the qstate->buf buffer.

Parameters
iqiterator query state
Returns
false. This is so this method can be used as the return value for the processState methods. (Transitioning to the final state

References iter_qstate::final_state, and next_state().

Referenced by processInitRequest3().

◆ error_supers()

static void error_supers ( struct module_qstate qstate,
int  id,
struct module_qstate super 
)
static

Callback routine to handle errors in parent query states.

Parameters
qstatequery state that failed.
idmodule id.
supersuper state.

References cache_fill_missing(), delegpt_find_ns(), delegpt_mark_neg(), module_qstate::env, delegpt_ns::got4, delegpt_ns::got6, LDNS_RR_TYPE_A, LDNS_RR_TYPE_AAAA, log_err(), log_query_info(), module_qstate::minfo, module_env::modinfo, module_qstate::qinfo, query_info::qname, query_info::qname_len, query_info::qtype, module_qstate::region, delegpt_ns::resolved, iter_env::supports_ipv4, iter_env::supports_ipv6, iter_env::use_nat64, VERB_ALGO, and verbose().

◆ error_response()

static int error_response ( struct module_qstate qstate,
int  id,
int  rcode 
)
static

Return an error to the client.

Parameters
qstateour query state
idmodule id
rcodeerror code (DNS errcode).
Returns
: 0 for use by caller, to make notation easy, like: return error_response(..).

References module_qstate::ext_state, module_finished, delegpt_ns::name, module_qstate::return_msg, module_qstate::return_rcode, sldns_lookup_by_id(), sldns_rcodes, VERB_QUERY, and verbose().

Referenced by error_response_cache(), iter_operate(), prime_stub(), process_response(), processCollectClass(), processFinished(), and processInitRequest2().

◆ error_response_cache()

static int error_response_cache ( struct module_qstate qstate,
int  id,
int  rcode 
)
static

Return an error to the client and cache the error code in the message cache (so per qname, qtype, qclass).

Parameters
qstateour query state
idmodule id
rcodeerror code (DNS errcode).
Returns
: 0 for use by caller, to make notation easy, like: return error_response(..).

References module_env::cfg, lruhash_entry::data, dns_cache_prefetch_adjust(), msgreply_entry::entry, module_qstate::env, error_response(), reply_info::flags, FLAGS_GET_RCODE, msg_cache_lookup(), module_qstate::no_cache_store, NORR_TTL, module_env::now, module_qstate::prefetch_leeway, query_info::qclass, module_qstate::qinfo, query_info::qname, query_info::qname_len, query_info::qtype, module_qstate::query_flags, config_file::serve_expired, reply_info::serve_expired_norec_ttl, config_file::serve_expired_ttl, reply_info::serve_expired_ttl, config_file::serve_expired_ttl_reset, VERB_ALGO, and verbose().

Referenced by processDSNSFind(), processInitRequest(), processLastResort(), and processQueryTargets().

◆ iter_find_rrset_in_prepend_answer()

static int iter_find_rrset_in_prepend_answer ( struct iter_qstate iq,
struct ub_packed_rrset_key rrset 
)
static

Find rrset in ANSWER prepend list.

to avoid duplicate DNAMEs when a DNAME is traversed twice.

Parameters
iqiterator query state.
rrsetrrset to add.
Returns
false if not found

References iter_qstate::an_prepend_list, lruhash_entry::data, ub_packed_rrset_key::entry, iter_prep_list::next, iter_prep_list::rrset, rrsetdata_equal(), and ub_rrset_compare().

Referenced by handle_cname_response().

◆ iter_add_prepend_answer()

static int iter_add_prepend_answer ( struct module_qstate qstate,
struct iter_qstate iq,
struct ub_packed_rrset_key rrset 
)
static

Add rrset to ANSWER prepend list.

Parameters
qstatequery state.
iqiterator query state.
rrsetrrset to add.
Returns
false on failure (malloc).

References iter_qstate::an_prepend_last, iter_qstate::an_prepend_list, iter_prep_list::next, module_qstate::region, regional_alloc(), and iter_prep_list::rrset.

Referenced by handle_cname_response().

◆ iter_add_prepend_auth()

static int iter_add_prepend_auth ( struct module_qstate qstate,
struct iter_qstate iq,
struct ub_packed_rrset_key rrset 
)
static

Add rrset to AUTHORITY prepend list.

Parameters
qstatequery state.
iqiterator query state.
rrsetrrset to add.
Returns
false on failure (malloc).

References iter_prep_list::next, iter_qstate::ns_prepend_last, iter_qstate::ns_prepend_list, module_qstate::region, regional_alloc(), and iter_prep_list::rrset.

◆ handle_cname_response()

static int handle_cname_response ( struct module_qstate qstate,
struct iter_qstate iq,
struct dns_msg msg,
uint8_t **  mname,
size_t *  mname_len 
)
static

Given a CNAME response (defined as a response containing a CNAME or DNAME that does not answer the request), process the response, modifying the state as necessary.

This follows the CNAME/DNAME chain and returns the final query name.

sets the new query name, after following the CNAME/DNAME chain.

Parameters
qstatequery state.
iqiterator query state.
msgthe response.
mnamereturned target new query name.
mname_lenlength of mname.
Returns
false on (malloc) error.

References reply_info::an_numrrsets, packed_rrset_key::dname, dname_strict_subdomain_c(), get_cname_target(), iter_add_prepend_answer(), iter_find_rrset_in_prepend_answer(), LDNS_RR_TYPE_CNAME, LDNS_RR_TYPE_DNAME, reply_info::ns_numrrsets, iter_qstate::qchase, query_info::qname, query_info::qname_len, query_dname_compare(), dns_msg::rep, ub_packed_rrset_key::rk, reply_info::rrsets, and packed_rrset_key::type.

◆ target_count_create()

static void target_count_create ( struct iter_qstate iq)
static

Create target count structure for this query.

This is always explicitly created for the parent query.

References iter_qstate::nxns_dp, iter_qstate::target_count, TARGET_COUNT_MAX, and TARGET_COUNT_REF.

Referenced by generate_sub_request().

◆ generate_sub_request()

static int generate_sub_request ( uint8_t *  qname,
size_t  qnamelen,
uint16_t  qtype,
uint16_t  qclass,
struct module_qstate qstate,
int  id,
struct iter_qstate iq,
enum iter_state  initial_state,
enum iter_state  finalstate,
struct module_qstate **  subq_ret,
int  v,
int  detached 
)
static

Generate a subrequest.

Generate a local request event. Local events are tied to this module, and have a corresponding (first tier) event that is waiting for this event to resolve to continue.

Parameters
qnameThe query name for this request.
qnamelenlength of qname
qtypeThe query type for this request.
qclassThe query class for this request.
qstateThe event that is generating this event.
idmodule id.
iqThe iterator state that is generating this event.
initial_stateThe initial response state (normally this is QUERY_RESP_STATE, unless it is known that the request won't need iterative processing
finalstateThe final state for the response to this request.
subq_retif newly allocated, the subquerystate, or NULL if it does not need initialisation.
vif true, validation is done on the subquery.
detachedtrue if this qstate should not attach to the subquery
Returns
false on error (malloc).

References module_env::add_sub, module_env::attach_sub, BIT_CD, BIT_RD, module_env::cfg, iter_qstate::chase_flags, module_qstate::curmod, iter_qstate::depth, DONOT_MINIMISE_STATE, iter_qstate::dp_target_count, module_qstate::env, module_qstate::ext_state, iter_qstate::final_state, fptr_ok, fptr_whitelist_modenv_add_sub(), fptr_whitelist_modenv_attach_sub(), fptr_whitelist_modenv_kill_sub(), INIT_MINIMISE_STATE, INIT_REQUEST_STATE, module_env::kill_sub, query_info::local_alias, log_err(), module_qstate::minfo, iter_qstate::minimisation_state, module_state_initial, iter_qstate::num_current_queries, iter_qstate::num_target_queries, iter_qstate::nxns_dp, outbound_list_init(), iter_qstate::outlist, PRIME_RESP_STATE, iter_qstate::qchase, query_info::qclass, module_qstate::qinfo, iter_qstate::qinfo_out, query_info::qname, query_info::qname_len, config_file::qname_minimisation, query_info::qtype, module_qstate::query_flags, iter_qstate::refetch_glue, module_qstate::region, regional_alloc(), iter_qstate::state, iter_qstate::target_count, target_count_create(), and TARGET_COUNT_REF.

Referenced by generate_a_aaaa_check(), generate_ns_check(), generate_parentside_target_query(), generate_target_query(), prime_root(), and processCollectClass().

◆ prime_root()

static int prime_root ( struct module_qstate qstate,
struct iter_qstate iq,
int  id,
uint16_t  qclass 
)
static

Generate and send a root priming request.

Parameters
qstatethe qtstate that triggered the need to prime.
iqiterator query state.
idmodule id.
qclassthe class to prime.
Returns
0 on failure

References delegpt_copy(), iter_qstate::dnssec_expected, iter_qstate::dp, module_qstate::env, module_qstate::ext_state, fptr_ok, fptr_whitelist_modenv_kill_sub(), generate_sub_request(), module_env::hints, hints_find_root(), iter_indicates_dnssec(), module_env::kill_sub, LDNS_RR_TYPE_NS, iter_hints::lock, log_err(), module_qstate::minfo, module_wait_subquery, iter_qstate::num_target_queries, PRIME_RESP_STATE, query_info::qclass, module_qstate::qinfo, QUERYTARGETS_STATE, module_qstate::region, sldns_lookup_by_id(), sldns_rr_classes, VERB_ALGO, VERB_DETAIL, and verbose().

◆ prime_stub()

static int prime_stub ( struct module_qstate qstate,
struct iter_qstate iq,
int  id,
uint8_t *  qname,
uint16_t  qclass 
)
static

Generate and process a stub priming request.

This method tests for the need to prime a stub zone, so it is safe to call for every request.

Parameters
qstatethe qtstate that triggered the need to prime.
iqiterator query state.
idmodule id.
qnamerequest name.
qclassrequest class.
Returns
true if a priming subrequest was made, false if not. The will only issue a priming request if it detects an unprimed stub. Uses value of 2 to signal during stub-prime in root-prime situation that a noprime-stub is available and resolution can continue.

References delegpt::auth_dp, iter_qstate::auth_zone_avoid, delegpt_copy(), iter_hints_stub::dp, iter_qstate::dp, module_qstate::env, errinf(), error_response(), module_env::hints, hints_lookup_stub(), iter_hints::lock, log_err(), delegpt::name, iter_hints_stub::noprime, query_dname_compare(), and module_qstate::region.

◆ generate_a_aaaa_check()

static void generate_a_aaaa_check ( struct module_qstate qstate,
struct iter_qstate iq,
int  id 
)
static

Generate A and AAAA checks for glue that is in-zone for the referral we just got to obtain authoritative information on the addresses.

Parameters
qstatethe qtstate that triggered the need to prime.
iqiterator query state.
idmodule id.

References BIT_CD, BIT_RD, iter_qstate::depth, iter_qstate::dp, module_qstate::env, FINISHED_STATE, generate_sub_request(), INIT_REQUEST_STATE, LDNS_RR_TYPE_A, LDNS_RR_TYPE_AAAA, log_assert, log_nametypeclass(), iter_env::max_dependency_depth, module_env::modinfo, query_info::qclass, module_qstate::qinfo, query_info::qname, query_info::qtype, query_dname_compare(), module_qstate::query_flags, dns_msg::rep, iter_qstate::response, VERB_ALGO, and verbose().

Referenced by generate_ns_check().

◆ generate_ns_check()

static void generate_ns_check ( struct module_qstate qstate,
struct iter_qstate iq,
int  id 
)
static

Generate a NS check request to obtain authoritative information on an NS rrset.

Parameters
qstatethe qstate that triggered the need to prime.
iqiterator query state.
idmodule id.

References BIT_CD, BIT_RD, can_have_last_resort(), delegpt_copy(), iter_qstate::depth, iter_qstate::dp, module_qstate::env, FINISHED_STATE, fptr_ok, fptr_whitelist_modenv_kill_sub(), generate_a_aaaa_check(), generate_sub_request(), INIT_REQUEST_STATE, module_env::kill_sub, LDNS_RR_TYPE_DS, LDNS_RR_TYPE_NS, log_assert, log_err(), log_nametypeclass(), iter_env::max_dependency_depth, module_env::modinfo, delegpt::name, delegpt::namelen, iter_qstate::qchase, query_info::qclass, module_qstate::qinfo, query_info::qname, query_info::qtype, query_dname_compare(), module_qstate::query_flags, iter_qstate::refetch_glue, VERB_ALGO, and verbose().

◆ generate_dnskey_prefetch()

static void generate_dnskey_prefetch ( struct module_qstate qstate,
struct iter_qstate iq,
int  id 
)
static

Generate a DNSKEY prefetch query to get the DNSKEY for the DS record we just got in a referral (where we have dnssec_expected, thus have trust anchors above it).

Note that right after calling this routine the iterator detached subqueries (because of following the referral), and thus the DNSKEY query becomes detached, its return stored in the cache for later lookup by the validator. This cache lookup by the validator avoids the roundtrip incurred by the DNSKEY query. The DNSKEY query is now performed at about the same time the original query is sent to the domain, thus the two answers are likely to be returned at about the same time, saving a roundtrip from the validated lookup.

Parameters
qstatethe qtstate that triggered the need to prime.
iqiterator query state.
idmodule id.

References iter_qstate::dp, log_assert, module_qstate::qinfo, and query_info::qtype.

Referenced by processInitRequest3().

◆ forward_request()

static int forward_request ( struct module_qstate qstate,
struct iter_qstate iq 
)
static

See if the query needs forwarding.

Parameters
qstatequery state.
iqiterator query state.
Returns
true if the request is forwarded, false if not. If returns true but, iq->dp is NULL then a malloc failure occurred.

References BIT_RD, iter_qstate::chase_flags, delegpt_copy(), dname_is_root(), dname_remove_label(), iter_qstate::dp, module_qstate::env, forwards_lookup(), module_env::fwds, LDNS_RR_TYPE_DS, iter_forwards::lock, delegpt::name, delegpt::namelen, iter_qstate::qchase, query_info::qclass, query_info::qname, query_info::qname_len, query_info::qtype, iter_qstate::refetch_glue, module_qstate::region, VERB_ALGO, and verbose().

◆ processInitRequest()

static int processInitRequest ( struct module_qstate qstate,
struct iter_qstate iq,
struct iter_env ie,
int  id 
)
static

Process the initial part of the request handling.

This state roughly corresponds to resolver algorithms steps 1 (find answer in cache) and 2 (find the best servers to ask).

Note that all requests start here, and query restarts revisit this state.

This state either generates: 1) a response, from cache or error, 2) a priming event, or 3) forwards the request to the next state (init2, generally).

Parameters
qstatequery state.
iqiterator query state.
ieiterator shared global environment.
idmodule id.
Returns
true if the event needs more request processing immediately, false if not.

References errinf(), errinf_dname(), error_response_cache(), LDNS_MAX_DOMAINLEN, log_query_info(), iter_env::max_query_restarts, iter_qstate::qchase, module_qstate::qinfo, query_info::qname, iter_qstate::query_restart_count, VERB_DETAIL, VERB_QUERY, and verbose().

Referenced by iter_handle().

◆ processInitRequest2()

static int processInitRequest2 ( struct module_qstate qstate,
struct iter_qstate iq,
int  id 
)
static

Process the second part of the initial request handling.

This state basically exists so that queries that generate root priming events have the same init processing as ones that do not. Request events that reach this state must have a valid currentDelegationPoint set.

This part is primarily handling stub zone priming. Events that reach this state must have a current delegation point.

Parameters
qstatequery state.
iqiterator query state.
idmodule id.
Returns
true if the event needs more request processing immediately, false if not.

References iter_qstate::dp, errinf(), error_response(), log_err(), log_query_info(), iter_qstate::qchase, module_qstate::qinfo, query_info::qname, query_info::qname_len, iter_qstate::refetch_glue, and VERB_QUERY.

Referenced by iter_handle().

◆ processInitRequest3()

static int processInitRequest3 ( struct module_qstate qstate,
struct iter_qstate iq,
int  id 
)
static

Process the third part of the initial request handling.

This state exists as a separate state so that queries that generate stub priming events will get the tail end of the init process but not repeat the stub priming check.

Parameters
qstatequery state.
iqiterator query state.
idmodule id.
Returns
true, advancing the event to the QUERYTARGETS_STATE.

References BIT_CD, BIT_RD, module_env::cfg, iter_qstate::chase_flags, iter_qstate::deleg_msg, module_env::detach_subs, iter_qstate::dnssec_expected, iter_qstate::dp, module_qstate::env, final_state(), fptr_ok, fptr_whitelist_modenv_detach_subs(), generate_dnskey_prefetch(), iter_indicates_dnssec(), log_dns_msg(), log_query_info(), next_state(), config_file::prefetch_key, iter_qstate::qchase, query_info::qclass, dns_msg::qinfo, module_qstate::qinfo, module_qstate::query_flags, QUERYTARGETS_STATE, module_qstate::region, dns_msg::rep, module_qstate::reply_origin, iter_qstate::response, sock_list_insert(), VERB_ALGO, VERB_QUERY, and verbosity.

Referenced by iter_handle().

◆ generate_parentside_target_query()

static int generate_parentside_target_query ( struct module_qstate qstate,
struct iter_qstate iq,
int  id,
uint8_t *  name,
size_t  namelen,
uint16_t  qtype,
uint16_t  qclass 
)
static

Given a basic query, generate a parent-side "target" query.

These are subordinate queries for missing delegation point target addresses, for which only the parent of the delegation provides correct IP addresses.

Parameters
qstatequery state.
iqiterator query state.
idmodule id.
nametarget qname.
namelentarget qname length.
qtypetarget qtype (either A or AAAA).
qclasstarget qclass.
Returns
true on success, false on failure.

References module_qstate::blacklist, iter_qstate::deleg_msg, delegpt_copy(), dname_subdomain_c(), dns_cache_find_delegation(), iter_qstate::dnssec_expected, iter_qstate::dp, module_qstate::env, FINISHED_STATE, generate_sub_request(), INIT_REQUEST_STATE, iter_indicates_dnssec(), log_nametypeclass(), module_qstate::minfo, delegpt::name, module_env::now, module_qstate::prefetch_leeway, query_info::qclass, module_qstate::qinfo, iter_qstate::query_for_pside_glue, iter_qstate::refetch_glue, module_qstate::region, sock_list_insert(), and VERB_QUERY.

◆ generate_target_query()

static int generate_target_query ( struct module_qstate qstate,
struct iter_qstate iq,
int  id,
uint8_t *  name,
size_t  namelen,
uint16_t  qtype,
uint16_t  qclass 
)
static

Given a basic query, generate a "target" query.

These are subordinate queries for missing delegation point target addresses.

Parameters
qstatequery state.
iqiterator query state.
idmodule id.
nametarget qname.
namelentarget qname length.
qtypetarget qtype (either A or AAAA).
qclasstarget qclass.
Returns
true on success, false on failure.

References FINISHED_STATE, generate_sub_request(), INIT_REQUEST_STATE, log_nametypeclass(), and VERB_QUERY.

Referenced by query_for_targets().

◆ query_for_targets()

static int query_for_targets ( struct module_qstate qstate,
struct iter_qstate iq,
struct iter_env ie,
int  id,
int  maxtargets,
int *  num 
)
static

Given an event at a certain state, generate zero or more target queries for it's current delegation point.

Parameters
qstatequery state.
iqiterator query state.
ieiterator shared global environment.
idmodule id.
maxtargetsThe maximum number of targets to query for. if it is negative, there is no maximum number of targets.
numreturns the number of queries generated and processed, which may be zero if there were no missing targets.
Returns
0 on success, nonzero on error. 1 means temporary failure and 2 means the failure can be cached.

References delegpt_count_missing_targets(), iter_qstate::depth, dname_str(), delegpt_ns::done_pside4, delegpt_ns::done_pside6, iter_qstate::dp, iter_qstate::dp_target_count, module_qstate::env, module_qstate::ext_state, generate_target_query(), delegpt_ns::got4, delegpt_ns::got6, iter_mark_cycle_targets(), iter_ns_probability(), delegpt_ns::lame, LDNS_MAX_DOMAINLEN, LDNS_RR_TYPE_A, LDNS_RR_TYPE_AAAA, log_assert, iter_env::max_dependency_depth, MAX_DP_TARGET_COUNT, MAX_TARGET_COUNT, module_env::mesh, mesh_jostle_exceeded(), module_wait_subquery, delegpt_ns::name, delegpt_ns::namelen, delegpt_ns::next, delegpt::nslist, iter_qstate::qchase, query_info::qclass, module_qstate::qinfo, query_info::qname, delegpt_ns::resolved, module_env::rnd, iter_env::supports_ipv4, iter_env::supports_ipv6, iter_qstate::target_count, TARGET_COUNT_QUERIES, iter_env::use_nat64, VERB_QUERY, and verbose().

◆ processLastResort()

static int processLastResort ( struct module_qstate qstate,
struct iter_qstate iq,
struct iter_env ie,
int  id 
)
static

Called by processQueryTargets when it would like extra targets to query but it seems to be out of options.

At last resort some less appealing options are explored. If there are no more options, the result is SERVFAIL

Parameters
qstatequery state.
iqiterator query state.
ieiterator shared global environment.
idmodule id.
Returns
true if the event requires more request processing immediately, false if not.

References can_have_last_resort(), iter_qstate::dp, module_qstate::env, errinf(), errinf_dname(), errinf_reply(), error_response_cache(), log_assert, delegpt::name, delegpt::namelen, iter_qstate::qchase, query_info::qclass, VERB_ALGO, VERB_QUERY, and verbose().

◆ processDSNSFind()

static int processDSNSFind ( struct module_qstate qstate,
struct iter_qstate iq,
int  id 
)
static

Try to find the NS record set that will resolve a qtype DS query.

Due to grandparent/grandchild reasons we did not get a proper lookup right away. We need to create type NS queries until we get the right parent for this lookup. We remove labels from the query to find the right point. If we end up at the old dp name, then there is no solution.

Parameters
qstatequery state.
iqiterator query state.
idmodule id.
Returns
true if the event requires more immediate processing, false if not. This is generally only true when forwarding the request to the final state (i.e., on answer).

References dname_subdomain_c(), iter_qstate::dp, iter_qstate::dsns_point, iter_qstate::dsns_point_len, errinf_dname(), error_response_cache(), delegpt::name, iter_qstate::qchase, query_info::qname, query_info::qname_len, VERB_ALGO, and verbose().

Referenced by iter_handle().

◆ processQueryTargets()

static int processQueryTargets ( struct module_qstate qstate,
struct iter_qstate iq,
struct iter_env ie,
int  id 
)
static

This is the request event state where the request will be sent to one of its current query targets.

This state also handles issuing target lookup queries for missing target IP addresses. Queries typically iterate on this state, both when they are just trying different targets for a given delegation point, and when they change delegation points. This state roughly corresponds to RFC 1034 algorithm steps 3 and 4.

Parameters
qstatequery state.
iqiterator query state.
ieiterator shared global environment.
idmodule id.
Returns
true if the event requires more request processing immediately, false if not. This state only returns true when it is generating a SERVFAIL response because the query has hit a dead end.

References errinf(), error_response_cache(), log_query_info(), MAX_REFERRAL_COUNT, iter_qstate::num_current_queries, iter_qstate::num_target_queries, module_qstate::qinfo, iter_qstate::referral_count, iter_qstate::sent_count, VERB_ALGO, VERB_QUERY, and verbose().

Referenced by iter_handle().

◆ processQueryResponse()

static int processQueryResponse ( struct module_qstate qstate,
struct iter_qstate iq,
struct iter_env ie,
int  id 
)
static

Process the query response.

All queries end up at this state first. This process generally consists of analyzing the response and routing the event to the next state (either bouncing it back to a request state, or terminating the processing for this event).

Parameters
qstatequery state.
iqiterator query state.
ieiterator shared global environment.
idmodule id.
Returns
true if the event requires more immediate processing, false if not. This is generally only true when forwarding the request to the final state (i.e., on answer).

References reply_info::an_numrrsets, iter_qstate::auth_zone_response, BIT_RD, BIT_TC, module_env::cfg, iter_qstate::chase_flags, iter_qstate::chase_to_rd, delegpt_find_addr(), config_file::disable_dnssec_lame_check, packed_rrset_key::dname, dname_strict_subdomain_c(), dname_subdomain_c(), iter_qstate::dnssec_expected, DNSSEC_LAME_DETECT_COUNT, iter_qstate::dnssec_lame_query, delegpt_addr::dnsseclame, iter_qstate::dp, iter_qstate::empty_nodata_found, EMPTY_NODATA_RETRY_COUNT, module_qstate::env, find_NS(), reply_info::flags, FLAGS_GET_RCODE, inplace_cb_query_response_call(), iter_msg_from_zone(), iter_msg_has_dnssec(), iter_scrub_ds(), delegpt_addr::lame, log_err(), iter_qstate::minimisation_state, delegpt::name, next_state(), reply_info::ns_numrrsets, iter_qstate::num_current_queries, iter_qstate::qchase, query_info::qclass, iter_qstate::qinfo_out, query_info::qname, config_file::qname_minimisation, QUERYTARGETS_STATE, comm_reply::remote_addr, comm_reply::remote_addrlen, dns_msg::rep, module_qstate::reply, iter_qstate::response, RESPONSE_TYPE_ANSWER, response_type_from_server(), RESPONSE_TYPE_LAME, RESPONSE_TYPE_REC_LAME, RESPONSE_TYPE_REFERRAL, RESPONSE_TYPE_THROWAWAY, RESPONSE_TYPE_UNTYPED, ub_packed_rrset_key::rk, iter_qstate::sent_count, SKIP_MINIMISE_STATE, iter_qstate::timeout_count, VERB_ALGO, and verbose().

Referenced by iter_handle().

◆ prime_supers()

static void prime_supers ( struct module_qstate qstate,
int  id,
struct module_qstate forq 
)
static

Return priming query results to interested super querystates.

Sets the delegation point and delegation message (not nonRD queries). This is a callback from walk_supers.

Parameters
qstatepriming query state that finished.
idmodule id.
forqthe qstate for which priming has been done.

References iter_qstate::dp, module_qstate::is_priming, log_assert, module_qstate::minfo, module_qstate::return_rcode, and iter_qstate::wait_priming_stub.

◆ processPrimeResponse()

static int processPrimeResponse ( struct module_qstate qstate,
int  id 
)
static

This handles the response to a priming query.

This is used to handle both root and stub priming responses. This is basically the equivalent of the QUERY_RESP_STATE, but will not handle CNAME responses and will treat REFERRALs as ANSWERS. It will also update and reactivate the originating event.

Parameters
qstatequery state.
idmodule id.
Returns
true if the event needs more immediate processing, false if not. This state always returns false.

References BIT_RA, BIT_RD, iter_qstate::chase_flags, iter_qstate::chase_to_rd, iter_qstate::dp, reply_info::flags, module_qstate::minfo, iter_qstate::qchase, dns_msg::rep, iter_qstate::response, RESPONSE_TYPE_ANSWER, response_type_from_server(), and module_qstate::return_rcode.

Referenced by iter_handle().

◆ processTargetResponse()

static void processTargetResponse ( struct module_qstate qstate,
int  id,
struct module_qstate forq 
)
static

Do final processing on responses to target queries.

Events reach this state after the iterative resolution algorithm terminates. This state is responsible for reactivating the original event, and housekeeping related to received target responses (caching, updating the current delegation point, etc). Callback from walk_supers for every super state that is interested in the results from this query.

Parameters
qstatequery state.
idmodule id.
forqsuper query state.

References module_qstate::env, log_assert, module_qstate::minfo, module_env::modinfo, and module_qstate::return_rcode.

◆ processDSNSResponse()

static void processDSNSResponse ( struct module_qstate qstate,
int  id,
struct module_qstate forq 
)
static

Process response for DS NS Find queries, that attempt to find the delegation point where we ask the DS query from.

Parameters
qstatequery state.
idmodule id.
forqsuper query state.

References module_qstate::minfo, and module_qstate::return_rcode.

Referenced by iter_inform_super().

◆ processClassResponse()

static void processClassResponse ( struct module_qstate qstate,
int  id,
struct module_qstate forq 
)
static

Process response for qclass=ANY queries for a particular class.

Append to result or error-exit.

Parameters
qstatequery state.
idmodule id.
forqsuper query state.

References log_query_info(), module_qstate::minfo, module_qstate::qinfo, module_qstate::return_msg, module_qstate::return_rcode, and VERB_ALGO.

Referenced by iter_inform_super().

◆ processCollectClass()

static int processCollectClass ( struct module_qstate qstate,
int  id 
)
static

Collect class ANY responses and make them into one response.

This state is started and it creates queries for all classes (that have root hints). The answers are then collected.

Parameters
qstatequery state.
idmodule id.
Returns
true if the event needs more immediate processing, false if not.

References BIT_CD, module_qstate::env, errinf(), error_response(), FINISHED_STATE, module_env::fwds, generate_sub_request(), module_env::hints, INIT_REQUEST_STATE, iter_get_next_root(), LDNS_RR_CLASS_ANY, log_nametypeclass(), module_qstate::minfo, iter_qstate::qchase, query_info::qclass, module_qstate::qinfo, query_info::qname, query_info::qname_len, query_info::qtype, module_qstate::query_flags, and VERB_ALGO.

Referenced by iter_handle().

◆ processFinished()

static int processFinished ( struct module_qstate qstate,
struct iter_qstate iq,
int  id 
)
static

This handles the final state for first-tier responses (i.e., responses to externally generated queries).

Parameters
qstatequery state.
iqiterator query state.
idmodule id.
Returns
true if the event needs more processing, false if not. Since this is the final state for an event, it always returns false.

References iter_qstate::deleg_msg, module_qstate::env, errinf(), error_response(), iter_store_parentside_neg(), log_query_info(), module_qstate::no_cache_store, iter_qstate::pside_glue, module_qstate::qinfo, iter_qstate::query_for_pside_glue, dns_msg::rep, iter_qstate::response, VERB_ALGO, VERB_QUERY, and verbose().

Referenced by iter_handle().

◆ iter_inform_super()

void iter_inform_super ( struct module_qstate qstate,
int  id,
struct module_qstate super 
)

Return priming query results to interested super querystates.

Sets the delegation point and delegation message (not nonRD queries). This is a callback from walk_supers.

Parameters
qstatequery state that finished.
idmodule id.
superthe qstate to inform.

References DSNS_FIND_STATE, module_qstate::is_priming, LDNS_RR_CLASS_ANY, LDNS_RR_TYPE_DS, module_qstate::minfo, processClassResponse(), processDSNSResponse(), query_info::qclass, module_qstate::qinfo, query_info::qtype, and module_qstate::return_rcode.

Referenced by fptr_whitelist_mod_inform_super().

◆ iter_handle()

static void iter_handle ( struct module_qstate qstate,
struct iter_qstate iq,
struct iter_env ie,
int  id 
)
static

Handle iterator state.

Handle events. This is the real processing loop for events, responsible for moving events through the various states. If a processing method returns true, then it will be advanced to the next state. If false, then processing will stop.

Parameters
qstatequery state.
ieiterator shared global environment.
iqiterator query state.
idmodule id.

References COLLECT_CLASS_STATE, DSNS_FIND_STATE, FINISHED_STATE, INIT_REQUEST_2_STATE, INIT_REQUEST_3_STATE, INIT_REQUEST_STATE, iter_state_to_string(), log_warn(), PRIME_RESP_STATE, processCollectClass(), processDSNSFind(), processFinished(), processInitRequest(), processInitRequest2(), processInitRequest3(), processPrimeResponse(), processQueryResponse(), processQueryTargets(), QUERY_RESP_STATE, QUERYTARGETS_STATE, iter_qstate::state, VERB_ALGO, and verbose().

Referenced by process_request().

◆ process_request()

static void process_request ( struct module_qstate qstate,
struct iter_qstate iq,
struct iter_env ie,
int  id 
)
static

This is the primary entry point for processing request events.

Note that this method should only be used by external modules.

Parameters
qstatequery state.
ieiterator shared global environment.
iqiterator query state.
idmodule id.

References iter_qstate::final_state, FINISHED_STATE, INIT_REQUEST_STATE, iter_handle(), iter_qstate::state, VERB_ALGO, and verbose().

◆ iter_get_funcblock()

struct module_func_block* iter_get_funcblock ( void  )

Get the iterator function block.

Returns
: function block with function pointers to iterator methods.

References iter_block.

Referenced by module_funcs_avail().

◆ iter_state_to_string()

const char* iter_state_to_string ( enum iter_state  state)

Get iterator state as a string.

Parameters
stateto convert
Returns
constant string that is printable.

References COLLECT_CLASS_STATE, DSNS_FIND_STATE, FINISHED_STATE, INIT_REQUEST_2_STATE, INIT_REQUEST_3_STATE, INIT_REQUEST_STATE, PRIME_RESP_STATE, QUERY_RESP_STATE, and QUERYTARGETS_STATE.

Referenced by iter_handle().

◆ iter_state_is_responsestate()

int iter_state_is_responsestate ( enum iter_state  s)

See if iterator state is a response state.

Parameters
sto inspect
Returns
true if response state.

References COLLECT_CLASS_STATE, INIT_REQUEST_2_STATE, INIT_REQUEST_3_STATE, INIT_REQUEST_STATE, and QUERYTARGETS_STATE.

Referenced by next_state().

Variable Documentation

◆ USEFUL_SERVER_TOP_TIMEOUT

int USEFUL_SERVER_TOP_TIMEOUT = 120000

maximum timeout before a host is deemed unsuitable, in msec.

After host_ttl this will be timed out and the host will be tried again. Equals RTT_MAX_TIMEOUT, and thus when RTT_MAX_TIMEOUT is overwritten by config infra_cache_max_rtt, it will be overwritten as well.

Referenced by config_apply(), config_set_option(), dump_infra_host(), infra_get_lame_rtt(), infra_host(), infra_rtt_update(), iter_filter_order(), iter_filter_unsuitable(), iter_server_selection(), and print_dp_details().

◆ iter_block

struct module_func_block iter_block
static
Initial value:
= {
"iterator",
NULL, NULL, &iter_init, &iter_deinit, &iter_operate,
&iter_inform_super, &iter_clear, &iter_get_mem
}
iter_get_mem
size_t iter_get_mem(struct module_env *env, int id)
iterator alloc size routine
Definition: iterator.c:4529
iter_init
int iter_init(struct module_env *env, int id)
iterator init
Definition: iterator.c:85
iter_inform_super
void iter_inform_super(struct module_qstate *qstate, int id, struct module_qstate *super)
Return priming query results to interested super querystates.
Definition: iterator.c:4176
iter_clear
void iter_clear(struct module_qstate *qstate, int id)
iterator cleanup query state
Definition: iterator.c:4510
iter_deinit
void iter_deinit(struct module_env *env, int id)
iterator deinit
Definition: iterator.c:119
iter_operate
void iter_operate(struct module_qstate *qstate, enum module_ev event, int id, struct outbound_entry *outbound)
iterator operate on a query
Definition: iterator.c:4464

The iterator function block.

Referenced by iter_get_funcblock().