This file contains the data storage for RRsets. More...

#include "util/storage/lruhash.h"

Data Structures
struct	packed_rrset_key
	The identifying information for an RRset. More...

struct	ub_packed_rrset_key
	This structure contains an RRset. More...

struct	packed_rrset_data
	RRset data. More...

struct	packed_rrset
	An RRset can be represented using both key and data together. More...

struct	packed_rrset_list
	list of packed rrsets More...

Macros
#define	PACKED_RRSET_NSEC_AT_APEX 0x1
	this rrset is NSEC and is at zone apex (at child side of zonecut)

#define	PACKED_RRSET_PARENT_SIDE 0x2
	this rrset is A/AAAA and is in-zone-glue (from parent side of zonecut)

#define	PACKED_RRSET_SOA_NEG 0x4
	this rrset is SOA and has the negative ttl (from nxdomain or nodata), this is set on SOA rrsets in the authority section, to keep its TTL separate from the SOA in the answer section from a direct SOA query or ANY query.

#define	PACKED_RRSET_FIXEDTTL 0x80000000
	This rrset is considered to have a fixed TTL; its TTL doesn't have to be updated on encoding in a reply. More...

#define	PACKED_RRSET_RPZ 0x8
	This rrset is from RPZ. More...

#define	PACKED_RRSET_UNVERIFIED_GLUE 0x10
	this rrset is A/AAAA and is an unverified glue record

#define	RR_COUNT_MAX 0xffffff
	number of rrs and rrsets for integer overflow protection. More...

Typedefs
typedef uint64_t	rrset_id_type
	type used to uniquely identify rrsets. More...

Enumerations
enum	rrset_trust { rrset_trust_none = 0 , rrset_trust_add_noAA , rrset_trust_auth_noAA , rrset_trust_add_AA , rrset_trust_nonauth_ans_AA , rrset_trust_ans_noAA , rrset_trust_glue , rrset_trust_auth_AA , rrset_trust_ans_AA , rrset_trust_sec_noglue , rrset_trust_prim_noglue , rrset_trust_validated , rrset_trust_ultimate }
	RRset trustworthiness. More...

enum	sec_status { sec_status_unchecked = 0 , sec_status_bogus , sec_status_indeterminate , sec_status_insecure , sec_status_secure_sentinel_fail , sec_status_secure }
	Security status from validation for data. More...

Functions
void	ub_packed_rrset_parsedelete (struct ub_packed_rrset_key pkey, struct alloc_cache alloc)
	Delete packed rrset key and data, not entered in hashtables yet. More...

size_t	packed_rrset_sizeof (struct packed_rrset_data *data)
	Memory size of rrset data. More...

time_t	ub_packed_rrset_ttl (struct ub_packed_rrset_key *key)
	Get TTL of rrset. More...

size_t	ub_rrset_sizefunc (void key, void data)
	Calculate memory size of rrset entry. More...

int	ub_rrset_compare (void k1, void k2)
	compares two rrset keys. More...

int	rrsetdata_equal (struct packed_rrset_data d1, struct packed_rrset_data d2)
	compare two rrset data structures. More...

void	ub_rrset_key_delete (void key, void userdata)
	Old key to be deleted. More...

void	rrset_data_delete (void data, void userdata)
	Old data to be deleted. More...

hashvalue_type	rrset_key_hash (struct packed_rrset_key *key)
	Calculate hash value for a packed rrset key. More...

void	packed_rrset_ptr_fixup (struct packed_rrset_data *data)
	Fixup pointers in fixed data packed_rrset_data blob. More...

void	packed_rrset_ttl_add (struct packed_rrset_data *data, time_t add)
	Fixup TTLs in fixed data packed_rrset_data blob. More...

void	get_cname_target (struct ub_packed_rrset_key rrset, uint8_t dname, size_t dname_len)
	Utility procedure to extract CNAME target name from its rdata. More...

const char *	rrset_trust_to_string (enum rrset_trust s)
	Get a printable string for a rrset trust value. More...

const char *	sec_status_to_string (enum sec_status s)
	Get a printable string for a security status value. More...

void	log_rrset_key (enum verbosity_value v, const char str, struct ub_packed_rrset_key rrset)
	Print string with neat domain name, type, class from rrset. More...

int	packed_rr_to_string (struct ub_packed_rrset_key rrset, size_t i, time_t now, char dest, size_t dest_len)
	Convert RR from RRset to string. More...

void	log_packed_rrset (enum verbosity_value v, const char str, struct ub_packed_rrset_key rrset)
	Print the string with prefix, one rr per line. More...

struct ub_packed_rrset_key *	packed_rrset_copy_region (struct ub_packed_rrset_key key, struct regional region, time_t now)
	Allocate rrset in region - no more locks needed. More...

struct ub_packed_rrset_key *	packed_rrset_copy_alloc (struct ub_packed_rrset_key key, struct alloc_cache alloc, time_t now)
	Allocate rrset with malloc (from region or you are holding the lock). More...

int	packed_rrset_find_rr (struct packed_rrset_data d, uint8_t rdata, size_t len, size_t *index)
	Find RR index in packed rrset Raw comparison, does not canonicalize RDATA. More...

Detailed Description

This file contains the data storage for RRsets.

Macro Definition Documentation

◆ PACKED_RRSET_FIXEDTTL

#define PACKED_RRSET_FIXEDTTL 0x80000000

This rrset is considered to have a fixed TTL; its TTL doesn't have to be updated on encoding in a reply.

This flag is not expected to be set in cached data.

◆ PACKED_RRSET_RPZ

#define PACKED_RRSET_RPZ 0x8

This rrset is from RPZ.

It is not real, it is synthesized data to block access. The flag makes lookups, from cache in iterator, ignore the fake items and only use actual data. Eg. when the iterator looksup NS, CNAME, A and AAAA types, it then gets items without this flag that are the actual network. But messages with these records in it can be stored in the cache and retrieved for a reply.

◆ RR_COUNT_MAX

#define RR_COUNT_MAX 0xffffff

number of rrs and rrsets for integer overflow protection.

More than this is not really possible (64K packet has much less RRs and RRsets) in a message. And this is small enough that also multiplied there is no integer overflow.

Typedef Documentation

◆ rrset_id_type

typedef uint64_t rrset_id_type

type used to uniquely identify rrsets.

Cannot be reused without clearing the cache.

Enumeration Type Documentation

◆ rrset_trust

enum rrset_trust

RRset trustworthiness.

Bigger value is more trust. RFC 2181. The rrset_trust_add_noAA, rrset_trust_auth_noAA, rrset_trust_add_AA, are mentioned as the same trustworthiness in 2181, but split up here for ease of processing.

rrset_trust_nonauth_ans_AA, rrset_trust_ans_noAA are also mentioned as the same trustworthiness in 2181, but split up here for ease of processing.

Added trust_none for a sane initial value, smaller than anything else. Added validated and ultimate trust for keys and rrsig validated content.

Enumerator
rrset_trust_none	initial value for trust
rrset_trust_add_noAA	Additional information from non-authoritative answers.
rrset_trust_auth_noAA	Data from the authority section of a non-authoritative answer.
rrset_trust_add_AA	Additional information from an authoritative answer.
rrset_trust_nonauth_ans_AA	non-authoritative data from the answer section of authoritative answers
rrset_trust_ans_noAA	Data from the answer section of a non-authoritative answer.
rrset_trust_glue	Glue from a primary zone, or glue from a zone transfer.
rrset_trust_auth_AA	Data from the authority section of an authoritative answer.
rrset_trust_ans_AA	The authoritative data included in the answer section of an authoritative reply.
rrset_trust_sec_noglue	Data from a zone transfer, other than glue.
rrset_trust_prim_noglue	Data from a primary zone file, other than glue data.
rrset_trust_validated	DNSSEC(rfc4034) validated with trusted keys.
rrset_trust_ultimate	ultimately trusted, no more trust is possible; trusted keys from the unbound configuration setup.

◆ sec_status

enum sec_status

Security status from validation for data.

The order is significant; more secure, more proven later.

Enumerator
sec_status_unchecked	UNCHECKED means that object has yet to be validated.
sec_status_bogus	BOGUS means that the object (RRset or message) failed to validate (according to local policy), but should have validated.
sec_status_indeterminate	INDETERMINATE means that the object is insecure, but not authoritatively so. Generally this means that the RRset is not below a configured trust anchor.
sec_status_insecure	INSECURE means that the object is authoritatively known to be insecure. Generally this means that this RRset is below a trust anchor, but also below a verified, insecure delegation.
sec_status_secure_sentinel_fail	SECURE_SENTINEL_FAIL means that the object (RRset or message) validated according to local policy but did not succeed in the root KSK sentinel test (draft-ietf-dnsop-kskroll-sentinel).
sec_status_secure	SECURE means that the object (RRset or message) validated according to local policy.

Function Documentation

◆ ub_packed_rrset_parsedelete()

void ub_packed_rrset_parsedelete	(	struct ub_packed_rrset_key *	pkey,
		struct alloc_cache *	alloc
	)

Delete packed rrset key and data, not entered in hashtables yet.

Used during parsing.

Parameters

pkey	rrset key structure with locks, key and data pointers.
alloc	where to return the unfree-able key structure.

References alloc_special_release(), lruhash_entry::data, packed_rrset_key::dname, ub_packed_rrset_key::entry, ub_packed_rrset_key::id, and ub_packed_rrset_key::rk.

Referenced by move_into_cache(), reply_info_parsedelete(), and rrset_cache_update().

◆ packed_rrset_sizeof()

size_t packed_rrset_sizeof ( struct packed_rrset_data * data )

Memory size of rrset data.

RRset data must be filled in correctly.

Parameters

data	data to examine.

Returns: size in bytes.

References packed_rrset_data::count, log_assert, packed_rrset_data::rr_data, packed_rrset_data::rr_len, and packed_rrset_data::rrsig_count.

Referenced by key_entry_copy(), key_entry_copy_toregion(), key_entry_create_rrset(), key_entry_get_rrset(), key_entry_sizefunc(), packed_rrset_copy_alloc(), packed_rrset_copy_region(), repinfo_copy_rrsets(), rrset_add_rr(), rrset_moveover_rrsigs(), rrset_remove_rr(), and ub_rrset_sizefunc().

◆ ub_packed_rrset_ttl()

time_t ub_packed_rrset_ttl ( struct ub_packed_rrset_key * key )

Get TTL of rrset.

RRset data must be filled in correctly.

Parameters

key	rrset key, with data to examine.

Returns: ttl value.

References packed_rrset_data::ttl.

Referenced by iter_prepend(), and iter_store_parentside_neg().

◆ ub_rrset_sizefunc()

size_t ub_rrset_sizefunc	(	void *	key,
		void *	data
	)

Calculate memory size of rrset entry.

For hash table usage.

Parameters

key	struct ub_packed_rrset_key*.
data	struct packed_rrset_data*.

Returns: size in bytes.

References ub_packed_rrset_key::entry, lruhash_entry::lock, packed_rrset_sizeof(), and ub_packed_rrset_key::rk.

Referenced by fptr_whitelist_hash_sizefunc(), and rrset_cache_create().

◆ ub_rrset_compare()

int ub_rrset_compare	(	void *	k1,
		void *	k2
	)

compares two rrset keys.

Parameters

k1	struct ub_packed_rrset_key*.
k2	struct ub_packed_rrset_key*.

Returns: 0 if equal.

References packed_rrset_key::dname, packed_rrset_key::dname_len, packed_rrset_key::flags, query_dname_compare(), ub_packed_rrset_key::rk, packed_rrset_key::rrset_class, and packed_rrset_key::type.

Referenced by fptr_whitelist_hash_compfunc(), iter_find_rrset_in_prepend_answer(), and rrset_cache_create().

◆ rrsetdata_equal()

int rrsetdata_equal	(	struct packed_rrset_data *	d1,
		struct packed_rrset_data *	d2
	)

compare two rrset data structures.

Compared rdata and rrsigdata, not the trust or ttl value.

Parameters

d1	data to compare.
d2	data to compare.

Returns: 1 if equal.

References packed_rrset_data::count, packed_rrset_data::rr_data, packed_rrset_data::rr_len, and packed_rrset_data::rrsig_count.

Referenced by iter_find_rrset_in_prepend_answer(), rrset_cache_update(), rrset_check_sec_status(), and rrset_update_sec_status().

◆ ub_rrset_key_delete()

void ub_rrset_key_delete	(	void *	key,
		void *	userdata
	)

Old key to be deleted.

RRset keys are recycled via alloc. The id is set to 0. So that other threads, after acquiring a lock always get the correct value, in this case the 0 deleted-special value.

Parameters

key	struct ub_packed_rrset_key*.
userdata	alloc structure to use for recycling.

References alloc_special_release(), packed_rrset_key::dname, ub_packed_rrset_key::id, and ub_packed_rrset_key::rk.

Referenced by fptr_whitelist_hash_delkeyfunc(), and rrset_cache_create().

◆ rrset_data_delete()

void rrset_data_delete	(	void *	data,
		void *	userdata
	)

Old data to be deleted.

Parameters

data	what to delete.
userdata	user data ptr.

Referenced by fptr_whitelist_hash_deldatafunc(), and rrset_cache_create().

◆ rrset_key_hash()

hashvalue_type rrset_key_hash ( struct packed_rrset_key * key )

Calculate hash value for a packed rrset key.

Parameters

key	the rrset key with name, type, class, flags.

Returns: hash value.

References packed_rrset_key::dname, dname_query_hash(), packed_rrset_key::flags, hashlittle(), packed_rrset_key::rrset_class, and packed_rrset_key::type.

Referenced by auth_packed_rrset_copy_region(), az_change_dnames(), iter_store_parentside_neg(), iter_store_parentside_rrset(), make_soa_ubrrset(), move_into_cache(), rrset_cache_lookup(), rrset_cache_remove(), rrset_cache_update_wildcard(), rrset_check_sec_status(), and rrset_update_sec_status().

◆ packed_rrset_ptr_fixup()

void packed_rrset_ptr_fixup ( struct packed_rrset_data * data )

Fixup pointers in fixed data packed_rrset_data blob.

After a memcpy of the data for example. Will set internal pointers right.

Parameters

data	rrset data structure. Otherwise correctly filled in.

References packed_rrset_data::count, packed_rrset_data::rr_data, packed_rrset_data::rr_len, packed_rrset_data::rr_ttl, and packed_rrset_data::rrsig_count.

Referenced by iter_store_parentside_neg(), key_entry_copy(), key_entry_copy_toregion(), key_entry_create_rrset(), key_entry_get_rrset(), move_into_cache(), packed_rrset_copy_alloc(), packed_rrset_copy_region(), repinfo_copy_rrsets(), rrset_add_rr(), rrset_moveover_rrsigs(), and rrset_remove_rr().

◆ packed_rrset_ttl_add()

void packed_rrset_ttl_add	(	struct packed_rrset_data *	data,
		time_t	add
	)

Fixup TTLs in fixed data packed_rrset_data blob.

Parameters

data	rrset data structure. Otherwise correctly filled in.
add	how many seconds to add, pass time(0) for example.

References packed_rrset_data::count, packed_rrset_data::rr_ttl, packed_rrset_data::rrsig_count, packed_rrset_data::ttl, and packed_rrset_data::ttl_add.

Referenced by dns_cache_store(), packed_rrset_copy_alloc(), and store_rrset().

◆ get_cname_target()

void get_cname_target	(	struct ub_packed_rrset_key *	rrset,
		uint8_t **	dname,
		size_t *	dname_len
	)

Utility procedure to extract CNAME target name from its rdata.

Failsafes; it will change passed dname to a valid dname or do nothing.

Parameters

rrset	the rrset structure. Must be a CNAME. Only first RR is used (multiple RRs are technically illegal anyway). Also works on type DNAME. Returns target name.
dname	this pointer is updated to point into the cname rdata. If a failsafe fails, nothing happens to the pointer (such as the rdata was not a valid dname, not a CNAME, ...).
dname_len	length of dname is returned.

References packed_rrset_data::count, lruhash_entry::data, ub_packed_rrset_key::entry, LDNS_RR_TYPE_CNAME, LDNS_RR_TYPE_DNAME, ub_packed_rrset_key::rk, packed_rrset_data::rr_len, and packed_rrset_key::type.

Referenced by handle_cname_response(), mesh_serve_expired_callback(), reply_check_cname_chain(), reply_find_answer_rrset(), reply_find_final_cname_target(), and val_chase_cname().

◆ rrset_trust_to_string()

const char* rrset_trust_to_string ( enum rrset_trust s )

Get a printable string for a rrset trust value.

Parameters

s	rrset trust value

Returns: printable string.

References rrset_trust_add_AA, rrset_trust_add_noAA, rrset_trust_ans_AA, rrset_trust_ans_noAA, rrset_trust_auth_AA, rrset_trust_auth_noAA, rrset_trust_glue, rrset_trust_nonauth_ans_AA, rrset_trust_none, rrset_trust_prim_noglue, rrset_trust_sec_noglue, rrset_trust_ultimate, and rrset_trust_validated.

◆ sec_status_to_string()

const char* sec_status_to_string ( enum sec_status s )

Get a printable string for a security status value.

Parameters

s	security status

Returns: printable string.

References sec_status_bogus, sec_status_indeterminate, sec_status_insecure, sec_status_secure, sec_status_secure_sentinel_fail, and sec_status_unchecked.

Referenced by already_validated(), validate_referral_response(), and verify_dnskey().

◆ log_rrset_key()

void log_rrset_key	(	enum verbosity_value	v,
		const char *	str,
		struct ub_packed_rrset_key *	rrset
	)

Print string with neat domain name, type, class from rrset.

Parameters

v	at what verbosity level to print this.
str	string of message.
rrset	structure with name, type and class.

Referenced by iter_lookup_parent_NS_from_cache(), iter_store_parentside_NS(), and remove_spurious_authority().

◆ packed_rr_to_string()

int packed_rr_to_string	(	struct ub_packed_rrset_key *	rrset,
		size_t	i,
		time_t	now,
		char *	dest,
		size_t	dest_len
	)

Convert RR from RRset to string.

Parameters

rrset	structure with data.
i	index of rr or RRSIG.
now	time that is subtracted from ttl before printout. Can be 0.
dest	destination string buffer. Must be nonNULL.
dest_len	length of dest buffer (>0).

Returns: false on failure.

References packed_rrset_data::count, packed_rrset_key::dname, packed_rrset_key::dname_len, log_assert, ub_packed_rrset_key::rk, packed_rrset_data::rr_len, and packed_rrset_key::type.

Referenced by do_list_local_data(), dump_rrset_line(), pr_rrs(), print_rrset(), and verify_rrset().

◆ log_packed_rrset()

void log_packed_rrset	(	enum verbosity_value	v,
		const char *	str,
		struct ub_packed_rrset_key *	rrset
	)

Print the string with prefix, one rr per line.

Parameters

v	at what verbosity level to print this.
str	string of message.
rrset	with name, and rdata, and rrsigs.

Referenced by autr_debug_print_tp().

◆ packed_rrset_copy_region()

struct ub_packed_rrset_key* packed_rrset_copy_region	(	struct ub_packed_rrset_key *	key,
		struct regional *	region,
		time_t	now
	)

Allocate rrset in region - no more locks needed.

Parameters

key	a (just from rrset cache looked up) rrset key + valid, packed data record.
region	where to alloc the copy
now	adjust the TTLs to be relative (subtract from all TTLs).

Returns: new region-alloced rrset key or NULL on alloc failure.

References packed_rrset_data::count, lruhash_entry::data, packed_rrset_key::dname, packed_rrset_key::dname_len, ub_packed_rrset_key::entry, lruhash_entry::hash, ub_packed_rrset_key::id, lruhash_entry::key, packed_rrset_ptr_fixup(), packed_rrset_sizeof(), regional_alloc(), regional_alloc_init(), ub_packed_rrset_key::rk, packed_rrset_data::rr_ttl, packed_rrset_data::rrsig_count, SERVE_EXPIRED, SERVE_EXPIRED_REPLY_TTL, SERVE_ORIGINAL_TTL, packed_rrset_data::ttl, and packed_rrset_data::ttl_add.

Referenced by addr_to_additional(), auth_packed_rrset_copy_region(), dns_msg_ansadd(), dns_msg_authadd(), dns_msg_deepcopy_region(), load_ref(), store_rrsets(), tomsg(), and val_find_DS().

◆ packed_rrset_copy_alloc()

struct ub_packed_rrset_key* packed_rrset_copy_alloc	(	struct ub_packed_rrset_key *	key,
		struct alloc_cache *	alloc,
		time_t	now
	)

Allocate rrset with malloc (from region or you are holding the lock).

Parameters

key	key with data entry.
alloc	alloc_cache to create rrset_keys
now	adjust the TTLs to be absolute (add to all TTLs).

Returns: new region-alloced rrset key or NULL on alloc failure.

References alloc_special_obtain(), alloc_special_release(), lruhash_entry::data, packed_rrset_key::dname, packed_rrset_key::dname_len, ub_packed_rrset_key::entry, lruhash_entry::hash, memdup(), packed_rrset_ptr_fixup(), packed_rrset_sizeof(), packed_rrset_ttl_add(), and ub_packed_rrset_key::rk.

Referenced by iter_store_parentside_rrset(), and rrset_cache_update_wildcard().

◆ packed_rrset_find_rr()

int packed_rrset_find_rr	(	struct packed_rrset_data *	d,
		uint8_t *	rdata,
		size_t	len,
		size_t *	index
	)

Find RR index in packed rrset Raw comparison, does not canonicalize RDATA.

Parameters

d	packed rrset
rdata	RDATA of RR to find
len	length of rdata
index	pointer to int to store index of found RR

Returns: 1 if RR found, 0 otherwise

References packed_rrset_data::count, packed_rrset_data::rr_data, and packed_rrset_data::rr_len.

Referenced by az_domain_remove_rr(), rpz_data_delete_rr(), rpz_remove_clientip_rr(), and rpz_rrset_delete_rr().

Data Structures

Macros

Typedefs

Enumerations

Functions

Detailed Description

Macro Definition Documentation

◆ PACKED_RRSET_FIXEDTTL

◆ PACKED_RRSET_RPZ

◆ RR_COUNT_MAX

Typedef Documentation

◆ rrset_id_type

Enumeration Type Documentation

◆ rrset_trust

◆ sec_status

Function Documentation

◆ ub_packed_rrset_parsedelete()

◆ packed_rrset_sizeof()

◆ ub_packed_rrset_ttl()

◆ ub_rrset_sizefunc()

◆ ub_rrset_compare()

◆ rrsetdata_equal()

◆ ub_rrset_key_delete()

◆ rrset_data_delete()

◆ rrset_key_hash()

◆ packed_rrset_ptr_fixup()

◆ packed_rrset_ttl_add()

◆ get_cname_target()

◆ rrset_trust_to_string()

◆ sec_status_to_string()

◆ log_rrset_key()

◆ packed_rr_to_string()

◆ log_packed_rrset()

◆ packed_rrset_copy_region()

◆ packed_rrset_copy_alloc()

◆ packed_rrset_find_rr()