bind/lib/ns/notify.c

/*
 * Copyright (C) 2017  Internet Systems Consortium, Inc. ("ISC")
 *
 * This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/.
 */

#include <config.h>

#include <isc/log.h>
#include <isc/print.h>

#include <dns/message.h>
#include <dns/rdataset.h>
#include <dns/result.h>
#include <dns/tsig.h>
#include <dns/view.h>
#include <dns/zone.h>
#include <dns/zt.h>

#include <ns/log.h>
#include <ns/notify.h>
#include <ns/types.h>

/*! \file
 * \brief
 * This module implements notify as in RFC1996.
 */

static void
notify_log(ns_client_t *client, int level, const char *fmt, ...) {
	va_list ap;

	va_start(ap, fmt);
	ns_client_logv(client, DNS_LOGCATEGORY_NOTIFY, NS_LOGMODULE_NOTIFY,
		       level, fmt, ap);
	va_end(ap);
}

static void
respond(ns_client_t *client, isc_result_t result) {
	dns_rcode_t rcode;
	dns_message_t *message;
	isc_result_t msg_result;

	message = client->message;
	rcode = dns_result_torcode(result);

	msg_result = dns_message_reply(message, ISC_TRUE);
	if (msg_result != ISC_R_SUCCESS)
		msg_result = dns_message_reply(message, ISC_FALSE);
	if (msg_result != ISC_R_SUCCESS) {
		ns_client_next(client, msg_result);
		return;
	}
	message->rcode = rcode;
	if (rcode == dns_rcode_noerror)
		message->flags |= DNS_MESSAGEFLAG_AA;
	else
		message->flags &= ~DNS_MESSAGEFLAG_AA;
	ns_client_send(client);
}

void
ns_notify_start(ns_client_t *client) {
	dns_message_t *request = client->message;
	isc_result_t result;
	dns_name_t *zonename;
	dns_rdataset_t *zone_rdataset;
	dns_zone_t *zone = NULL;
	char namebuf[DNS_NAME_FORMATSIZE];
	char tsigbuf[DNS_NAME_FORMATSIZE + sizeof(": TSIG ''")];
	dns_tsigkey_t *tsigkey;

	/*
	 * Interpret the question section.
	 */
	result = dns_message_firstname(request, DNS_SECTION_QUESTION);
	if (result != ISC_R_SUCCESS) {
		notify_log(client, ISC_LOG_NOTICE,
			   "notify question section empty");
		goto formerr;
	}

	/*
	 * The question section must contain exactly one question.
	 */
	zonename = NULL;
	dns_message_currentname(request, DNS_SECTION_QUESTION, &zonename);
	zone_rdataset = ISC_LIST_HEAD(zonename->list);
	if (ISC_LIST_NEXT(zone_rdataset, link) != NULL) {
		notify_log(client, ISC_LOG_NOTICE,
			   "notify question section contains multiple RRs");
		goto formerr;
	}

	/* The zone section must have exactly one name. */
	result = dns_message_nextname(request, DNS_SECTION_ZONE);
	if (result != ISC_R_NOMORE) {
		notify_log(client, ISC_LOG_NOTICE,
			   "notify question section contains multiple RRs");
		goto formerr;
	}

	/* The one rdataset must be an SOA. */
	if (zone_rdataset->type != dns_rdatatype_soa) {
		notify_log(client, ISC_LOG_NOTICE,
			   "notify question section contains no SOA");
		goto formerr;
	}

	tsigkey = dns_message_gettsigkey(request);
	if (tsigkey != NULL) {
		dns_name_format(&tsigkey->name, namebuf, sizeof(namebuf));

		if (tsigkey->generated) {
			char cnamebuf[DNS_NAME_FORMATSIZE];
			dns_name_format(tsigkey->creator, cnamebuf,
					sizeof(cnamebuf));
			snprintf(tsigbuf, sizeof(tsigbuf), ": TSIG '%s' (%s)",
				 namebuf, cnamebuf);
		} else {
			snprintf(tsigbuf, sizeof(tsigbuf), ": TSIG '%s'",
				 namebuf);
		}
	} else
		tsigbuf[0] = '\0';
	dns_name_format(zonename, namebuf, sizeof(namebuf));
	result = dns_zt_find(client->view->zonetable, zonename, 0, NULL,
			     &zone);
	if (result != ISC_R_SUCCESS)
		goto notauth;

	switch (dns_zone_gettype(zone)) {
	case dns_zone_master:
	case dns_zone_slave:
	case dns_zone_stub:	/* Allow dialup passive to work. */
		notify_log(client, ISC_LOG_INFO,
			   "received notify for zone '%s'%s", namebuf, tsigbuf);
		respond(client, dns_zone_notifyreceive(zone,
			ns_client_getsockaddr(client), request));
		break;
	default:
		goto notauth;
	}
	dns_zone_detach(&zone);
	return;

 notauth:
	notify_log(client, ISC_LOG_NOTICE,
		   "received notify for zone '%s'%s: not authoritative",
		   namebuf, tsigbuf);
	result = DNS_R_NOTAUTH;
	goto failure;

 formerr:
	result = DNS_R_FORMERR;

 failure:
	if (zone != NULL)
		dns_zone_detach(&zone);
	respond(client, result);
}
Initial checkpoint for notify. 1999-12-14 06:58:27 +00:00			`/*`
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186] 2017-09-08 13:39:09 -07:00			`* Copyright (C) 2017 Internet Systems Consortium, Inc. ("ISC")`
Trailing whitespace trimmed. Perhaps running "perl util/spacewhack.pl in your own CVS tree will help minimize CVS conflicts. Maybe not. Blame Graff for getting me to trim all trailing whitespace. 2000-08-01 01:33:37 +00:00			`*`
4401. [misc] Change LICENSE to MPL 2.0. 2016-06-27 14:56:38 +10:00			`* This Source Code Form is subject to the terms of the Mozilla Public`
			`* License, v. 2.0. If a copy of the MPL was not distributed with this`
			`* file, You can obtain one at http://mozilla.org/MPL/2.0/.`
Initial checkpoint for notify. 1999-12-14 06:58:27 +00:00			`*/`

			`#include <config.h>`

improve logging [RT #1132] 2001-03-31 01:03:26 +00:00			`#include <isc/log.h>`
1704. [port] lwres needed a snprintf() implementation for platforms without snprintf(). Add missing "#include <isc/print.h>". [RT #12321] 2004-08-28 06:20:14 +00:00			`#include <isc/print.h>`
improve logging [RT #1132] 2001-03-31 01:03:26 +00:00
Initial checkpoint for notify. 1999-12-14 06:58:27 +00:00			`#include <dns/message.h>`
			`#include <dns/rdataset.h>`
			`#include <dns/result.h>`
2105. [func] GSS-TSIG support (RFC 3645). 2006-12-04 01:54:53 +00:00			`#include <dns/tsig.h>`
Initial checkpoint for notify. 1999-12-14 06:58:27 +00:00			`#include <dns/view.h>`
			`#include <dns/zone.h>`
			`#include <dns/zt.h>`

[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186] 2017-09-08 13:39:09 -07:00			`#include <ns/log.h>`
			`#include <ns/notify.h>`
			`#include <ns/types.h>`
Initial checkpoint for notify. 1999-12-14 06:58:27 +00:00
1851. [doc] Doxygen comment markup. [RT #11398] 2005-04-27 04:57:32 +00:00			`/*! \file`
			`* \brief`
			`* This module implements notify as in RFC1996.`
Initial checkpoint for notify. 1999-12-14 06:58:27 +00:00			`*/`
Trailing whitespace trimmed. Perhaps running "perl util/spacewhack.pl in your own CVS tree will help minimize CVS conflicts. Maybe not. Blame Graff for getting me to trim all trailing whitespace. 2000-08-01 01:33:37 +00:00
improve logging [RT #1132] 2001-03-31 01:03:26 +00:00			`static void`
1158. [func] Report the client's address when logging notify messages. 2001-12-10 23:09:24 +00:00			`notify_log(ns_client_t client, int level, const char fmt, ...) {`
improve logging [RT #1132] 2001-03-31 01:03:26 +00:00			`va_list ap;`
Initial checkpoint for notify. 1999-12-14 06:58:27 +00:00
improve logging [RT #1132] 2001-03-31 01:03:26 +00:00			`va_start(ap, fmt);`
1158. [func] Report the client's address when logging notify messages. 2001-12-10 23:09:24 +00:00			`ns_client_logv(client, DNS_LOGCATEGORY_NOTIFY, NS_LOGMODULE_NOTIFY,`
improve logging [RT #1132] 2001-03-31 01:03:26 +00:00			`level, fmt, ap);`
			`va_end(ap);`
			`}`
Initial checkpoint for notify. 1999-12-14 06:58:27 +00:00
			`static void`
dns_result_t is no more. s/dns_result_t/isc_result_t/ -- more later, when I need a break. 1999-12-23 00:09:04 +00:00			`respond(ns_client_t *client, isc_result_t result) {`
complete slave side of notify 1999-12-16 01:23:17 +00:00			`dns_rcode_t rcode;`
8 space -> tab conversion 2000-12-11 19:24:30 +00:00			`dns_message_t *message;`
			`isc_result_t msg_result;`
complete slave side of notify 1999-12-16 01:23:17 +00:00
			`message = client->message;`
dns_result_torcode() now converts ISC_R_SUCCESS into dns_rcode_noerror, not dns_rcode_servfail 1999-12-22 22:11:18 +00:00			`rcode = dns_result_torcode(result);`
complete slave side of notify 1999-12-16 01:23:17 +00:00
			`msg_result = dns_message_reply(message, ISC_TRUE);`
			`if (msg_result != ISC_R_SUCCESS)`
			`msg_result = dns_message_reply(message, ISC_FALSE);`
			`if (msg_result != ISC_R_SUCCESS) {`
			`ns_client_next(client, msg_result);`
			`return;`
			`}`
			`message->rcode = rcode;`
set AA in notify messages 2000-06-23 17:26:38 +00:00			`if (rcode == dns_rcode_noerror)`
			`message->flags \|= DNS_MESSAGEFLAG_AA;`
			`else`
			`message->flags &= ~DNS_MESSAGEFLAG_AA;`
complete slave side of notify 1999-12-16 01:23:17 +00:00			`ns_client_send(client);`
Initial checkpoint for notify. 1999-12-14 06:58:27 +00:00			`}`

			`void`
removed unused stack variable "zoneclass" from ns_notify_state 2000-05-24 03:19:21 +00:00			`ns_notify_start(ns_client_t *client) {`
Initial checkpoint for notify. 1999-12-14 06:58:27 +00:00			`dns_message_t *request = client->message;`
dns_result_t is no more. s/dns_result_t/isc_result_t/ -- more later, when I need a break. 1999-12-23 00:09:04 +00:00			`isc_result_t result;`
Initial checkpoint for notify. 1999-12-14 06:58:27 +00:00			`dns_name_t *zonename;`
			`dns_rdataset_t *zone_rdataset;`
			`dns_zone_t *zone = NULL;`
1439. [bug] Named could return NOERROR with certian NOTIFY failures. Return NOTAUTH is the NOTIFY zone is not being served. 1438. [func] Log TSIG (if any) when logging NOTIFY requests. developer: marka reviewer: explorer 2003-02-26 04:16:27 +00:00			`char namebuf[DNS_NAME_FORMATSIZE];`
			`char tsigbuf[DNS_NAME_FORMATSIZE + sizeof(": TSIG ''")];`
2105. [func] GSS-TSIG support (RFC 3645). 2006-12-04 01:54:53 +00:00			`dns_tsigkey_t *tsigkey;`
Trailing whitespace trimmed. Perhaps running "perl util/spacewhack.pl in your own CVS tree will help minimize CVS conflicts. Maybe not. Blame Graff for getting me to trim all trailing whitespace. 2000-08-01 01:33:37 +00:00
Initial checkpoint for notify. 1999-12-14 06:58:27 +00:00			`/*`
			`* Interpret the question section.`
			`*/`
			`result = dns_message_firstname(request, DNS_SECTION_QUESTION);`
improve logging [RT #1132] 2001-03-31 01:03:26 +00:00			`if (result != ISC_R_SUCCESS) {`
1439. [bug] Named could return NOERROR with certian NOTIFY failures. Return NOTAUTH is the NOTIFY zone is not being served. 1438. [func] Log TSIG (if any) when logging NOTIFY requests. developer: marka reviewer: explorer 2003-02-26 04:16:27 +00:00			`notify_log(client, ISC_LOG_NOTICE,`
			`"notify question section empty");`
			`goto formerr;`
improve logging [RT #1132] 2001-03-31 01:03:26 +00:00			`}`
Initial checkpoint for notify. 1999-12-14 06:58:27 +00:00
			`/*`
			`* The question section must contain exactly one question.`
			`*/`
			`zonename = NULL;`
			`dns_message_currentname(request, DNS_SECTION_QUESTION, &zonename);`
			`zone_rdataset = ISC_LIST_HEAD(zonename->list);`
improve logging [RT #1132] 2001-03-31 01:03:26 +00:00			`if (ISC_LIST_NEXT(zone_rdataset, link) != NULL) {`
1343. [func] Log successful notifies received (info). Adjust log level for failed notifies to notice. 2002-07-29 05:15:32 +00:00			`notify_log(client, ISC_LOG_NOTICE,`
improve logging [RT #1132] 2001-03-31 01:03:26 +00:00			`"notify question section contains multiple RRs");`
1439. [bug] Named could return NOERROR with certian NOTIFY failures. Return NOTAUTH is the NOTIFY zone is not being served. 1438. [func] Log TSIG (if any) when logging NOTIFY requests. developer: marka reviewer: explorer 2003-02-26 04:16:27 +00:00			`goto formerr;`
improve logging [RT #1132] 2001-03-31 01:03:26 +00:00			`}`
Initial checkpoint for notify. 1999-12-14 06:58:27 +00:00
			`/* The zone section must have exactly one name. */`
			`result = dns_message_nextname(request, DNS_SECTION_ZONE);`
improve logging [RT #1132] 2001-03-31 01:03:26 +00:00			`if (result != ISC_R_NOMORE) {`
1343. [func] Log successful notifies received (info). Adjust log level for failed notifies to notice. 2002-07-29 05:15:32 +00:00			`notify_log(client, ISC_LOG_NOTICE,`
improve logging [RT #1132] 2001-03-31 01:03:26 +00:00			`"notify question section contains multiple RRs");`
1439. [bug] Named could return NOERROR with certian NOTIFY failures. Return NOTAUTH is the NOTIFY zone is not being served. 1438. [func] Log TSIG (if any) when logging NOTIFY requests. developer: marka reviewer: explorer 2003-02-26 04:16:27 +00:00			`goto formerr;`
improve logging [RT #1132] 2001-03-31 01:03:26 +00:00			`}`

			`/* The one rdataset must be an SOA. */`
			`if (zone_rdataset->type != dns_rdatatype_soa) {`
1343. [func] Log successful notifies received (info). Adjust log level for failed notifies to notice. 2002-07-29 05:15:32 +00:00			`notify_log(client, ISC_LOG_NOTICE,`
improve logging [RT #1132] 2001-03-31 01:03:26 +00:00			`"notify question section contains no SOA");`
1439. [bug] Named could return NOERROR with certian NOTIFY failures. Return NOTAUTH is the NOTIFY zone is not being served. 1438. [func] Log TSIG (if any) when logging NOTIFY requests. developer: marka reviewer: explorer 2003-02-26 04:16:27 +00:00			`goto formerr;`
improve logging [RT #1132] 2001-03-31 01:03:26 +00:00			`}`
Initial checkpoint for notify. 1999-12-14 06:58:27 +00:00
2105. [func] GSS-TSIG support (RFC 3645). 2006-12-04 01:54:53 +00:00			`tsigkey = dns_message_gettsigkey(request);`
			`if (tsigkey != NULL) {`
			`dns_name_format(&tsigkey->name, namebuf, sizeof(namebuf));`

			`if (tsigkey->generated) {`
			`char cnamebuf[DNS_NAME_FORMATSIZE];`
			`dns_name_format(tsigkey->creator, cnamebuf,`
			`sizeof(cnamebuf));`
			`snprintf(tsigbuf, sizeof(tsigbuf), ": TSIG '%s' (%s)",`
			`namebuf, cnamebuf);`
			`} else {`
			`snprintf(tsigbuf, sizeof(tsigbuf), ": TSIG '%s'",`
			`namebuf);`
			`}`
1439. [bug] Named could return NOERROR with certian NOTIFY failures. Return NOTAUTH is the NOTIFY zone is not being served. 1438. [func] Log TSIG (if any) when logging NOTIFY requests. developer: marka reviewer: explorer 2003-02-26 04:16:27 +00:00			`} else`
			`tsigbuf[0] = '\0';`
			`dns_name_format(zonename, namebuf, sizeof(namebuf));`
conform to zt API change 2000-04-19 18:27:42 +00:00			`result = dns_zt_find(client->view->zonetable, zonename, 0, NULL,`
			`&zone);`
1439. [bug] Named could return NOERROR with certian NOTIFY failures. Return NOTAUTH is the NOTIFY zone is not being served. 1438. [func] Log TSIG (if any) when logging NOTIFY requests. developer: marka reviewer: explorer 2003-02-26 04:16:27 +00:00			`if (result != ISC_R_SUCCESS)`
			`goto notauth;`
Initial checkpoint for notify. 1999-12-14 06:58:27 +00:00
spacing 2001-12-06 18:55:52 +00:00			`switch (dns_zone_gettype(zone)) {`
Initial checkpoint for notify. 1999-12-14 06:58:27 +00:00			`case dns_zone_master:`
			`case dns_zone_slave:`
Allow "dialup passive" to work for stub zones. 2000-11-28 03:17:48 +00:00			`case dns_zone_stub: /* Allow dialup passive to work. */`
initalise str 2002-08-01 06:51:32 +00:00			`notify_log(client, ISC_LOG_INFO,`
1439. [bug] Named could return NOERROR with certian NOTIFY failures. Return NOTAUTH is the NOTIFY zone is not being served. 1438. [func] Log TSIG (if any) when logging NOTIFY requests. developer: marka reviewer: explorer 2003-02-26 04:16:27 +00:00			`"received notify for zone '%s'%s", namebuf, tsigbuf);`
Initial checkpoint for notify. 1999-12-14 06:58:27 +00:00			`respond(client, dns_zone_notifyreceive(zone,`
			`ns_client_getsockaddr(client), request));`
complete slave side of notify 1999-12-16 01:23:17 +00:00			`break;`
Initial checkpoint for notify. 1999-12-14 06:58:27 +00:00			`default:`
1439. [bug] Named could return NOERROR with certian NOTIFY failures. Return NOTAUTH is the NOTIFY zone is not being served. 1438. [func] Log TSIG (if any) when logging NOTIFY requests. developer: marka reviewer: explorer 2003-02-26 04:16:27 +00:00			`goto notauth;`
Initial checkpoint for notify. 1999-12-14 06:58:27 +00:00			`}`
155. [bug] ns_notify_start() was not detaching the found zone. 2000-05-08 07:26:37 +00:00			`dns_zone_detach(&zone);`
Initial checkpoint for notify. 1999-12-14 06:58:27 +00:00			`return;`
Trailing whitespace trimmed. Perhaps running "perl util/spacewhack.pl in your own CVS tree will help minimize CVS conflicts. Maybe not. Blame Graff for getting me to trim all trailing whitespace. 2000-08-01 01:33:37 +00:00
1439. [bug] Named could return NOERROR with certian NOTIFY failures. Return NOTAUTH is the NOTIFY zone is not being served. 1438. [func] Log TSIG (if any) when logging NOTIFY requests. developer: marka reviewer: explorer 2003-02-26 04:16:27 +00:00			`notauth:`
			`notify_log(client, ISC_LOG_NOTICE,`
			`"received notify for zone '%s'%s: not authoritative",`
			`namebuf, tsigbuf);`
			`result = DNS_R_NOTAUTH;`
			`goto failure;`

			`formerr:`
			`result = DNS_R_FORMERR;`

Initial checkpoint for notify. 1999-12-14 06:58:27 +00:00			`failure:`
155. [bug] ns_notify_start() was not detaching the found zone. 2000-05-08 07:26:37 +00:00			`if (zone != NULL)`
			`dns_zone_detach(&zone);`
Initial checkpoint for notify. 1999-12-14 06:58:27 +00:00			`respond(client, result);`
			`}`