diff --git a/bin/plugins/filter-a.c b/bin/plugins/filter-a.c index 30d0125530..4811190783 100644 --- a/bin/plugins/filter-a.c +++ b/bin/plugins/filter-a.c @@ -98,7 +98,7 @@ typedef struct filter_instance { /* * Client attribute tests. */ -#define WANTDNSSEC(c) (((c)->attributes & NS_CLIENTATTR_WANTDNSSEC) != 0) +#define WANTDNSSEC(c) (((c)->inner.attributes & NS_CLIENTATTR_WANTDNSSEC) != 0) #define RECURSIONOK(c) (((c)->query.attributes & NS_QUERYATTR_RECURSIONOK) != 0) /* @@ -439,11 +439,11 @@ typedef struct section_filter { */ static bool is_v4_client(ns_client_t *client) { - if (isc_sockaddr_pf(&client->peeraddr) == AF_INET) { + if (isc_sockaddr_pf(&client->inner.peeraddr) == AF_INET) { return true; } - if (isc_sockaddr_pf(&client->peeraddr) == AF_INET6 && - IN6_IS_ADDR_V4MAPPED(&client->peeraddr.type.sin6.sin6_addr)) + if (isc_sockaddr_pf(&client->inner.peeraddr) == AF_INET6 && + IN6_IS_ADDR_V4MAPPED(&client->inner.peeraddr.type.sin6.sin6_addr)) { return true; } @@ -455,8 +455,8 @@ is_v4_client(ns_client_t *client) { */ static bool is_v6_client(ns_client_t *client) { - if (isc_sockaddr_pf(&client->peeraddr) == AF_INET6 && - !IN6_IS_ADDR_V4MAPPED(&client->peeraddr.type.sin6.sin6_addr)) + if (isc_sockaddr_pf(&client->inner.peeraddr) == AF_INET6 && + !IN6_IS_ADDR_V4MAPPED(&client->inner.peeraddr.type.sin6.sin6_addr)) { return true; } @@ -705,7 +705,7 @@ filter_respond_begin(void *arg, void *cbdata, isc_result_t *resp) { trdataset = ns_client_newrdataset(qctx->client); result = dns_db_findrdataset( qctx->db, qctx->node, qctx->version, dns_rdatatype_aaaa, - 0, qctx->client->now, trdataset, NULL); + 0, qctx->client->inner.now, trdataset, NULL); if (dns_rdataset_isassociated(trdataset)) { dns_rdataset_disassociate(trdataset); } diff --git a/bin/plugins/filter-aaaa.c b/bin/plugins/filter-aaaa.c index 8202a8b0cd..043236850e 100644 --- a/bin/plugins/filter-aaaa.c +++ b/bin/plugins/filter-aaaa.c @@ -98,7 +98,7 @@ typedef struct filter_instance { /* * Client attribute tests. */ -#define WANTDNSSEC(c) (((c)->attributes & NS_CLIENTATTR_WANTDNSSEC) != 0) +#define WANTDNSSEC(c) (((c)->inner.attributes & NS_CLIENTATTR_WANTDNSSEC) != 0) #define RECURSIONOK(c) (((c)->query.attributes & NS_QUERYATTR_RECURSIONOK) != 0) /* @@ -443,11 +443,11 @@ typedef struct section_filter { */ static bool is_v4_client(ns_client_t *client) { - if (isc_sockaddr_pf(&client->peeraddr) == AF_INET) { + if (isc_sockaddr_pf(&client->inner.peeraddr) == AF_INET) { return true; } - if (isc_sockaddr_pf(&client->peeraddr) == AF_INET6 && - IN6_IS_ADDR_V4MAPPED(&client->peeraddr.type.sin6.sin6_addr)) + if (isc_sockaddr_pf(&client->inner.peeraddr) == AF_INET6 && + IN6_IS_ADDR_V4MAPPED(&client->inner.peeraddr.type.sin6.sin6_addr)) { return true; } @@ -459,8 +459,8 @@ is_v4_client(ns_client_t *client) { */ static bool is_v6_client(ns_client_t *client) { - if (isc_sockaddr_pf(&client->peeraddr) == AF_INET6 && - !IN6_IS_ADDR_V4MAPPED(&client->peeraddr.type.sin6.sin6_addr)) + if (isc_sockaddr_pf(&client->inner.peeraddr) == AF_INET6 && + !IN6_IS_ADDR_V4MAPPED(&client->inner.peeraddr.type.sin6.sin6_addr)) { return true; } @@ -709,7 +709,7 @@ filter_respond_begin(void *arg, void *cbdata, isc_result_t *resp) { trdataset = ns_client_newrdataset(qctx->client); result = dns_db_findrdataset( qctx->db, qctx->node, qctx->version, dns_rdatatype_a, 0, - qctx->client->now, trdataset, NULL); + qctx->client->inner.now, trdataset, NULL); if (dns_rdataset_isassociated(trdataset)) { dns_rdataset_disassociate(trdataset); } diff --git a/lib/ns/client.c b/lib/ns/client.c index bafd51f306..92c6172c7b 100644 --- a/lib/ns/client.c +++ b/lib/ns/client.c @@ -92,18 +92,19 @@ #define MTRACE(m) ((void)(m)) #endif /* ifdef NS_CLIENT_TRACE */ -#define TCP_CLIENT(c) (((c)->attributes & NS_CLIENTATTR_TCP) != 0) +#define TCP_CLIENT(c) (((c)->inner.attributes & NS_CLIENTATTR_TCP) != 0) #define COOKIE_SIZE 24U /* 8 + 4 + 4 + 8 */ #define ECS_SIZE 20U /* 2 + 1 + 1 + [0..16] */ -#define USEKEEPALIVE(x) (((x)->attributes & NS_CLIENTATTR_USEKEEPALIVE) != 0) -#define WANTEXPIRE(x) (((x)->attributes & NS_CLIENTATTR_WANTEXPIRE) != 0) -#define WANTNSID(x) (((x)->attributes & NS_CLIENTATTR_WANTNSID) != 0) -#define WANTPAD(x) (((x)->attributes & NS_CLIENTATTR_WANTPAD) != 0) -#define WANTRC(x) (((x)->attributes & NS_CLIENTATTR_WANTRC) != 0) +#define USEKEEPALIVE(x) \ + (((x)->inner.attributes & NS_CLIENTATTR_USEKEEPALIVE) != 0) +#define WANTEXPIRE(x) (((x)->inner.attributes & NS_CLIENTATTR_WANTEXPIRE) != 0) +#define WANTNSID(x) (((x)->inner.attributes & NS_CLIENTATTR_WANTNSID) != 0) +#define WANTPAD(x) (((x)->inner.attributes & NS_CLIENTATTR_WANTPAD) != 0) +#define WANTRC(x) (((x)->inner.attributes & NS_CLIENTATTR_WANTRC) != 0) #define WANTZONEVERSION(x) \ - (((x)->attributes & NS_CLIENTATTR_WANTZONEVERSION) != 0) + (((x)->inner.attributes & NS_CLIENTATTR_WANTZONEVERSION) != 0) #define MANAGER_MAGIC ISC_MAGIC('N', 'S', 'C', 'm') #define VALID_MANAGER(m) ISC_MAGIC_VALID(m, MANAGER_MAGIC) @@ -152,9 +153,9 @@ ns_client_transport_type(const ns_client_t *client) { return DNS_TRANSPORT_UDP; } - INSIST(client->handle != NULL); + INSIST(client->inner.handle != NULL); - switch (isc_nm_socket_type(client->handle)) { + switch (isc_nm_socket_type(client->inner.handle)) { case isc_nm_udpsocket: case isc_nm_udplistener: case isc_nm_proxyudpsocket: @@ -171,7 +172,7 @@ ns_client_transport_type(const ns_client_t *client) { case isc_nm_proxystreamlistener: case isc_nm_proxystreamsocket: /* If it isn't DoT, it is DNS-over-TCP */ - if (isc_nm_has_encryption(client->handle)) { + if (isc_nm_has_encryption(client->inner.handle)) { return DNS_TRANSPORT_TLS; } FALLTHROUGH; @@ -189,11 +190,11 @@ ns_client_transport_type(const ns_client_t *client) { void ns_client_recursing(ns_client_t *client) { REQUIRE(NS_CLIENT_VALID(client)); - REQUIRE(client->state == NS_CLIENTSTATE_WORKING); + REQUIRE(client->inner.state == NS_CLIENTSTATE_WORKING); LOCK(&client->manager->reclock); - client->state = NS_CLIENTSTATE_RECURSING; - ISC_LIST_APPEND(client->manager->recursing, client, rlink); + client->inner.state = NS_CLIENTSTATE_RECURSING; + ISC_LIST_APPEND(client->manager->recursing, client, inner.rlink); UNLOCK(&client->manager->reclock); } @@ -205,7 +206,8 @@ ns_client_killoldestquery(ns_client_t *client) { LOCK(&client->manager->reclock); oldest = ISC_LIST_HEAD(client->manager->recursing); if (oldest != NULL) { - ISC_LIST_UNLINK(client->manager->recursing, oldest, rlink); + ISC_LIST_UNLINK(client->manager->recursing, oldest, + inner.rlink); ns_query_cancel(oldest); ns_stats_increment(client->manager->sctx->nsstats, ns_statscounter_reclimitdropped); @@ -222,36 +224,36 @@ ns_client_settimeout(ns_client_t *client, unsigned int seconds) { static void client_zoneversion_reset(ns_client_t *client) { - if (client->zoneversion == NULL) { + if (client->inner.zoneversion == NULL) { return; } - isc_mem_put(client->manager->mctx, client->zoneversion, - client->zoneversionlength); - client->zoneversionlength = 0; + isc_mem_put(client->manager->mctx, client->inner.zoneversion, + client->inner.zoneversionlength); + client->inner.zoneversionlength = 0; } static void ns_client_endrequest(ns_client_t *client) { - INSIST(client->state == NS_CLIENTSTATE_WORKING || - client->state == NS_CLIENTSTATE_RECURSING); + INSIST(client->inner.state == NS_CLIENTSTATE_WORKING || + client->inner.state == NS_CLIENTSTATE_RECURSING); CTRACE("endrequest"); - if (client->state == NS_CLIENTSTATE_RECURSING) { + if (client->inner.state == NS_CLIENTSTATE_RECURSING) { LOCK(&client->manager->reclock); - if (ISC_LINK_LINKED(client, rlink)) { + if (ISC_LINK_LINKED(client, inner.rlink)) { ISC_LIST_UNLINK(client->manager->recursing, client, - rlink); + inner.rlink); } UNLOCK(&client->manager->reclock); } - if (client->cleanup != NULL) { - (client->cleanup)(client); - client->cleanup = NULL; + if (client->inner.cleanup != NULL) { + (client->inner.cleanup)(client); + client->inner.cleanup = NULL; } - if (client->view != NULL) { + if (client->inner.view != NULL) { #ifdef ENABLE_AFL if (client->manager->sctx->fuzztype == isc_fuzz_resolver) { dns_adb_t *adb = NULL; @@ -262,30 +264,31 @@ ns_client_endrequest(ns_client_t *client) { } } #endif /* ifdef ENABLE_AFL */ - dns_view_detach(&client->view); + dns_view_detach(&client->inner.view); } - if (client->opt != NULL) { - INSIST(dns_rdataset_isassociated(client->opt)); - dns_rdataset_disassociate(client->opt); - dns_message_puttemprdataset(client->message, &client->opt); + if (client->inner.opt != NULL) { + INSIST(dns_rdataset_isassociated(client->inner.opt)); + dns_rdataset_disassociate(client->inner.opt); + dns_message_puttemprdataset(client->message, + &client->inner.opt); } client_zoneversion_reset(client); - client->signer = NULL; - client->udpsize = 512; - client->extflags = 0; - client->ednsversion = -1; - client->additionaldepth = 0; - if (dns_name_dynamic(&client->rad)) { - dns_name_free(&client->rad, client->manager->mctx); + client->inner.signer = NULL; + client->inner.udpsize = 512; + client->inner.extflags = 0; + client->inner.ednsversion = -1; + client->inner.additionaldepth = 0; + if (dns_name_dynamic(&client->inner.rad)) { + dns_name_free(&client->inner.rad, client->manager->mctx); } - dns_ecs_init(&client->ecs); + dns_ecs_init(&client->inner.ecs); dns_message_reset(client->message, DNS_MESSAGE_INTENTPARSE); /* * Clear all client attributes that are specific to the request */ - client->attributes = 0; + client->inner.attributes = 0; #ifdef ENABLE_AFL if (client->manager->sctx->fuzznotify != NULL && (client->manager->sctx->fuzztype == isc_fuzz_client || @@ -300,8 +303,8 @@ ns_client_endrequest(ns_client_t *client) { void ns_client_drop(ns_client_t *client, isc_result_t result) { REQUIRE(NS_CLIENT_VALID(client)); - REQUIRE(client->state == NS_CLIENTSTATE_WORKING || - client->state == NS_CLIENTSTATE_RECURSING); + REQUIRE(client->inner.state == NS_CLIENTSTATE_WORKING || + client->inner.state == NS_CLIENTSTATE_RECURSING); CTRACE("drop"); if (result != ISC_R_SUCCESS) { @@ -315,7 +318,7 @@ static void client_senddone(isc_nmhandle_t *handle, isc_result_t result, void *cbarg) { ns_client_t *client = cbarg; - REQUIRE(client->sendhandle == handle); + REQUIRE(client->inner.sendhandle == handle); CTRACE("senddone"); @@ -326,7 +329,7 @@ client_senddone(isc_nmhandle_t *handle, isc_result_t result, void *cbarg) { * we will then detach the handle from *this* send by detaching * 'handle' directly below. */ - client->sendhandle = NULL; + client->inner.sendhandle = NULL; if (result != ISC_R_SUCCESS) { if (!TCP_CLIENT(client) && result == ISC_R_MAXSIZE) { @@ -334,7 +337,7 @@ client_senddone(isc_nmhandle_t *handle, isc_result_t result, void *cbarg) { NS_LOGMODULE_CLIENT, ISC_LOG_DEBUG(3), "send exceeded maximum size: truncating"); client->query.attributes &= ~NS_QUERYATTR_ANSWERED; - client->rcode_override = dns_rcode_noerror; + client->inner.rcode_override = dns_rcode_noerror; ns_client_error(client, ISC_R_MAXSIZE); } else { ns_client_log(client, DNS_LOGCATEGORY_SECURITY, @@ -350,25 +353,25 @@ client_senddone(isc_nmhandle_t *handle, isc_result_t result, void *cbarg) { static void client_setup_tcp_buffer(ns_client_t *client) { - REQUIRE(client->tcpbuf == NULL); + REQUIRE(client->inner.tcpbuf == NULL); - client->tcpbuf = client->manager->tcp_buffer; - client->tcpbuf_size = NS_CLIENT_TCP_BUFFER_SIZE; + client->inner.tcpbuf = client->manager->tcp_buffer; + client->inner.tcpbuf_size = NS_CLIENT_TCP_BUFFER_SIZE; } static void client_put_tcp_buffer(ns_client_t *client) { - if (client->tcpbuf == NULL) { + if (client->inner.tcpbuf == NULL) { return; } - if (client->tcpbuf != client->manager->tcp_buffer) { - isc_mem_put(client->manager->mctx, client->tcpbuf, - client->tcpbuf_size); + if (client->inner.tcpbuf != client->manager->tcp_buffer) { + isc_mem_put(client->manager->mctx, client->inner.tcpbuf, + client->inner.tcpbuf_size); } - client->tcpbuf = NULL; - client->tcpbuf_size = 0; + client->inner.tcpbuf = NULL; + client->inner.tcpbuf_size = 0; } static void @@ -381,21 +384,22 @@ client_allocsendbuf(ns_client_t *client, isc_buffer_t *buffer, if (TCP_CLIENT(client)) { client_setup_tcp_buffer(client); - data = client->tcpbuf; - isc_buffer_init(buffer, data, client->tcpbuf_size); + data = client->inner.tcpbuf; + isc_buffer_init(buffer, data, client->inner.tcpbuf_size); } else { data = client->sendbuf; - if ((client->attributes & NS_CLIENTATTR_HAVECOOKIE) == 0) { - if (client->view != NULL) { - bufsize = client->view->nocookieudp; + if ((client->inner.attributes & NS_CLIENTATTR_HAVECOOKIE) == 0) + { + if (client->inner.view != NULL) { + bufsize = client->inner.view->nocookieudp; } else { bufsize = 512; } } else { - bufsize = client->udpsize; + bufsize = client->inner.udpsize; } - if (bufsize > client->udpsize) { - bufsize = client->udpsize; + if (bufsize > client->inner.udpsize) { + bufsize = client->inner.udpsize; } if (bufsize > NS_CLIENT_SEND_BUFFER_SIZE) { bufsize = NS_CLIENT_SEND_BUFFER_SIZE; @@ -411,11 +415,11 @@ client_sendpkg(ns_client_t *client, isc_buffer_t *buffer) { isc_region_t r; dns_ttl_t min_ttl = 0; - REQUIRE(client->sendhandle == NULL); + REQUIRE(client->inner.sendhandle == NULL); - if (isc_buffer_base(buffer) == client->tcpbuf) { + if (isc_buffer_base(buffer) == client->inner.tcpbuf) { size_t used = isc_buffer_usedlength(buffer); - INSIST(client->tcpbuf_size == NS_CLIENT_TCP_BUFFER_SIZE); + INSIST(client->inner.tcpbuf_size == NS_CLIENT_TCP_BUFFER_SIZE); /* * Copy the data into a smaller buffer before sending, @@ -440,8 +444,8 @@ client_sendpkg(ns_client_t *client, isc_buffer_t *buffer) { /* * Keep the new buffer's information so it can be freed. */ - client->tcpbuf = new_tcpbuf; - client->tcpbuf_size = used; + client->inner.tcpbuf = new_tcpbuf; + client->inner.tcpbuf_size = used; r.base = new_tcpbuf; } else { @@ -462,15 +466,15 @@ client_sendpkg(ns_client_t *client, isc_buffer_t *buffer) { } else { isc_buffer_usedregion(buffer, &r); } - isc_nmhandle_attach(client->handle, &client->sendhandle); + isc_nmhandle_attach(client->inner.handle, &client->inner.sendhandle); - if (isc_nm_is_http_handle(client->handle)) { + if (isc_nm_is_http_handle(client->inner.handle)) { result = dns_message_response_minttl(client->message, &min_ttl); if (result == ISC_R_SUCCESS) { - isc_nm_set_maxage(client->handle, min_ttl); + isc_nm_set_maxage(client->inner.handle, min_ttl); } } - isc_nm_send(client->handle, &r, client_senddone, client); + isc_nm_send(client->inner.handle, &r, client_senddone, client); } void @@ -514,7 +518,7 @@ ns_client_sendraw(ns_client_t *client, dns_message_t *message) { r.base[1] = client->message->id & 0xff; #ifdef HAVE_DNSTAP - if (client->view != NULL) { + if (client->inner.view != NULL) { transport_type = ns_client_transport_type(client); if (client->message->opcode == dns_opcode_update) { @@ -524,9 +528,10 @@ ns_client_sendraw(ns_client_t *client, dns_message_t *message) { } else { dtmsgtype = DNS_DTTYPE_AR; } - dns_dt_send(client->view, dtmsgtype, &client->peeraddr, - &client->destsockaddr, transport_type, NULL, - &client->requesttime, NULL, &buffer); + dns_dt_send(client->inner.view, dtmsgtype, + &client->inner.peeraddr, + &client->inner.destsockaddr, transport_type, NULL, + &client->inner.requesttime, NULL, &buffer); } #endif @@ -534,7 +539,7 @@ ns_client_sendraw(ns_client_t *client, dns_message_t *message) { return; done: - if (client->tcpbuf != NULL) { + if (client->inner.tcpbuf != NULL) { client_put_tcp_buffer(client); } @@ -578,27 +583,29 @@ ns_client_send(ns_client_t *client) { CTRACE("send"); if (client->message->opcode == dns_opcode_query && - (client->attributes & NS_CLIENTATTR_RA) != 0) + (client->inner.attributes & NS_CLIENTATTR_RA) != 0) { client->message->flags |= DNS_MESSAGEFLAG_RA; } - if ((client->attributes & NS_CLIENTATTR_WANTDNSSEC) != 0) { + if ((client->inner.attributes & NS_CLIENTATTR_WANTDNSSEC) != 0) { render_opts = 0; } else { render_opts = DNS_MESSAGERENDER_OMITDNSSEC; } preferred_glue = 0; - if (client->view != NULL) { - if (client->view->preferred_glue == dns_rdatatype_a) { + if (client->inner.view != NULL) { + if (client->inner.view->preferred_glue == dns_rdatatype_a) { preferred_glue = DNS_MESSAGERENDER_PREFER_A; - } else if (client->view->preferred_glue == dns_rdatatype_aaaa) { + } else if (client->inner.view->preferred_glue == + dns_rdatatype_aaaa) + { preferred_glue = DNS_MESSAGERENDER_PREFER_AAAA; } } if (preferred_glue == 0) { - if (isc_sockaddr_pf(&client->peeraddr) == AF_INET) { + if (isc_sockaddr_pf(&client->inner.peeraddr) == AF_INET) { preferred_glue = DNS_MESSAGERENDER_PREFER_A; } else { preferred_glue = DNS_MESSAGERENDER_PREFER_AAAA; @@ -608,9 +615,9 @@ ns_client_send(ns_client_t *client) { /* * Create an OPT for our reply. */ - if ((client->attributes & NS_CLIENTATTR_WANTOPT) != 0) { + if ((client->inner.attributes & NS_CLIENTATTR_WANTOPT) != 0) { result = ns_client_addopt(client, client->message, - &client->opt); + &client->inner.opt); if (result != ISC_R_SUCCESS) { goto cleanup; } @@ -618,23 +625,23 @@ ns_client_send(ns_client_t *client) { client_allocsendbuf(client, &buffer, &data); compflags = 0; - if (client->peeraddr_valid && client->view != NULL) { + if (client->inner.peeraddr_valid && client->inner.view != NULL) { isc_netaddr_t netaddr; dns_name_t *name = NULL; - isc_netaddr_fromsockaddr(&netaddr, &client->peeraddr); + isc_netaddr_fromsockaddr(&netaddr, &client->inner.peeraddr); if (client->message->tsigkey != NULL) { name = client->message->tsigkey->name; } - if (client->view->nocasecompress == NULL || + if (client->inner.view->nocasecompress == NULL || !dns_acl_allowed(&netaddr, name, - client->view->nocasecompress, env)) + client->inner.view->nocasecompress, env)) { compflags |= DNS_COMPRESS_CASE; } - if (!client->view->msgcompression) { + if (!client->inner.view->msgcompression) { compflags = DNS_COMPRESS_DISABLED; } } @@ -646,10 +653,10 @@ ns_client_send(ns_client_t *client) { goto cleanup; } - if (client->opt != NULL) { - result = dns_message_setopt(client->message, client->opt); + if (client->inner.opt != NULL) { + result = dns_message_setopt(client->message, client->inner.opt); opt_included = true; - client->opt = NULL; + client->inner.opt = NULL; if (result != ISC_R_SUCCESS) { goto cleanup; } @@ -733,15 +740,17 @@ renderend: dns_compress_invalidate(&cctx); } - if (client->sendcb != NULL) { - client->sendcb(&buffer); + if (client->inner.sendcb != NULL) { + client->inner.sendcb(&buffer); } else if (TCP_CLIENT(client)) { isc_buffer_usedregion(&buffer, &r); #ifdef HAVE_DNSTAP - if (client->view != NULL) { - dns_dt_send(client->view, dtmsgtype, &client->peeraddr, - &client->destsockaddr, transport_type, &zr, - &client->requesttime, NULL, &buffer); + if (client->inner.view != NULL) { + dns_dt_send(client->inner.view, dtmsgtype, + &client->inner.peeraddr, + &client->inner.destsockaddr, transport_type, + &zr, &client->inner.requesttime, NULL, + &buffer); } #endif /* HAVE_DNSTAP */ @@ -749,7 +758,7 @@ renderend: client_sendpkg(client, &buffer); - switch (isc_sockaddr_pf(&client->peeraddr)) { + switch (isc_sockaddr_pf(&client->inner.peeraddr)) { case AF_INET: isc_histomulti_inc(client->manager->sctx->tcpoutstats4, DNS_SIZEHISTO_BUCKETOUT(respsize)); @@ -767,10 +776,12 @@ renderend: * Log dnstap data first, because client_sendpkg() may * leave client->view set to NULL. */ - if (client->view != NULL) { - dns_dt_send(client->view, dtmsgtype, &client->peeraddr, - &client->destsockaddr, transport_type, &zr, - &client->requesttime, NULL, &buffer); + if (client->inner.view != NULL) { + dns_dt_send(client->inner.view, dtmsgtype, + &client->inner.peeraddr, + &client->inner.destsockaddr, transport_type, + &zr, &client->inner.requesttime, NULL, + &buffer); } #endif /* HAVE_DNSTAP */ @@ -778,7 +789,7 @@ renderend: client_sendpkg(client, &buffer); - switch (isc_sockaddr_pf(&client->peeraddr)) { + switch (isc_sockaddr_pf(&client->inner.peeraddr)) { case AF_INET: isc_histomulti_inc(client->manager->sctx->udpoutstats4, DNS_SIZEHISTO_BUCKETOUT(respsize)); @@ -820,7 +831,7 @@ renderend: return; cleanup: - if (client->tcpbuf != NULL) { + if (client->inner.tcpbuf != NULL) { client_put_tcp_buffer(client); } @@ -869,10 +880,10 @@ ns_client_error(ns_client_t *client, isc_result_t result) { message = client->message; - if (client->rcode_override == -1) { + if (client->inner.rcode_override == -1) { rcode = dns_result_torcode(result); } else { - rcode = (dns_rcode_t)(client->rcode_override & 0xfff); + rcode = (dns_rcode_t)(client->inner.rcode_override & 0xfff); } if (result == ISC_R_MAXSIZE) { @@ -884,7 +895,7 @@ ns_client_error(ns_client_t *client, isc_result_t result) { * Don't send FORMERR to ports on the drop port list. */ if (rcode == dns_rcode_formerr && - ns_client_dropport(isc_sockaddr_getport(&client->peeraddr)) != + ns_client_dropport(isc_sockaddr_getport(&client->inner.peeraddr)) != DROPPORT_NO) { char buf[64]; @@ -906,7 +917,7 @@ ns_client_error(ns_client_t *client, isc_result_t result) { /* * Try to rate limit error responses. */ - if (client->view != NULL && client->view->rrl != NULL) { + if (client->inner.view != NULL && client->inner.view->rrl != NULL) { bool wouldlog; char log_buf[DNS_RRL_LOG_BUF_LEN]; dns_rrl_result_t rrl_result; @@ -920,11 +931,11 @@ ns_client_error(ns_client_t *client, isc_result_t result) { loglevel = ISC_LOG_DEBUG(1); } wouldlog = isc_log_wouldlog(loglevel); - rrl_result = dns_rrl(client->view, NULL, &client->peeraddr, - TCP_CLIENT(client), dns_rdataclass_in, - dns_rdatatype_none, NULL, result, - client->now, wouldlog, log_buf, - sizeof(log_buf)); + rrl_result = dns_rrl( + client->inner.view, NULL, &client->inner.peeraddr, + TCP_CLIENT(client), dns_rdataclass_in, + dns_rdatatype_none, NULL, result, client->inner.now, + wouldlog, log_buf, sizeof(log_buf)); if (rrl_result != DNS_RRL_RESULT_OK) { /* * Log dropped errors in the query category @@ -942,7 +953,7 @@ ns_client_error(ns_client_t *client, isc_result_t result) { * Some error responses cannot be 'slipped', * so don't try to slip any error responses. */ - if (!client->view->rrl->log_only) { + if (!client->inner.view->rrl->log_only) { ns_stats_increment( client->manager->sctx->nsstats, ns_statscounter_ratedropped); @@ -994,11 +1005,11 @@ ns_client_error(ns_client_t *client, isc_result_t result) { * elicit a FORMERR response. Drop a packet to break * the loop. */ - if (isc_sockaddr_equal(&client->peeraddr, - &client->formerrcache.addr) && - message->id == client->formerrcache.id && - (isc_time_seconds(&client->requesttime) - - client->formerrcache.time) < 2) + if (isc_sockaddr_equal(&client->inner.peeraddr, + &client->inner.formerrcache.addr) && + message->id == client->inner.formerrcache.id && + (isc_time_seconds(&client->inner.requesttime) - + client->inner.formerrcache.time) < 2) { /* Drop packet. */ ns_client_log(client, NS_LOGCATEGORY_CLIENT, @@ -1008,13 +1019,14 @@ ns_client_error(ns_client_t *client, isc_result_t result) { ns_client_drop(client, result); return; } - client->formerrcache.addr = client->peeraddr; - client->formerrcache.time = - isc_time_seconds(&client->requesttime); - client->formerrcache.id = message->id; + client->inner.formerrcache.addr = client->inner.peeraddr; + client->inner.formerrcache.time = + isc_time_seconds(&client->inner.requesttime); + client->inner.formerrcache.id = message->id; } else if (rcode == dns_rcode_servfail && client->query.qname != NULL && - client->view != NULL && client->view->fail_ttl != 0 && - ((client->attributes & NS_CLIENTATTR_NOSETFC) == 0)) + client->inner.view != NULL && + client->inner.view->fail_ttl != 0 && + ((client->inner.attributes & NS_CLIENTATTR_NOSETFC) == 0)) { /* * SERVFAIL caching: store qname/qtype of failed queries @@ -1027,10 +1039,10 @@ ns_client_error(ns_client_t *client, isc_result_t result) { flags = NS_FAILCACHE_CD; } - isc_interval_set(&i, client->view->fail_ttl, 0); + isc_interval_set(&i, client->inner.view->fail_ttl, 0); result = isc_time_nowplusinterval(&expire, &i); if (result == ISC_R_SUCCESS) { - dns_badcache_add(client->view->failcache, + dns_badcache_add(client->inner.view->failcache, client->query.qname, client->query.qtype, flags, isc_time_seconds(&expire)); @@ -1061,14 +1073,14 @@ ns_client_addopt(ns_client_t *client, dns_message_t *message, REQUIRE(message != NULL); env = client->manager->aclenv; - view = client->view; + view = client->inner.view; if (view != NULL) { udpsize = dns_view_getudpsize(view); } else { udpsize = client->manager->sctx->udpsize; } - flags = client->extflags & DNS_MESSAGEEXTFLAG_REPLYPRESERVE; + flags = client->inner.extflags & DNS_MESSAGEEXTFLAG_REPLYPRESERVE; /* Set EDNS options if applicable */ if (WANTNSID(client)) { @@ -1090,7 +1102,7 @@ ns_client_addopt(ns_client_t *client, dns_message_t *message, count++; } no_nsid: - if ((client->attributes & NS_CLIENTATTR_WANTCOOKIE) != 0) { + if ((client->inner.attributes & NS_CLIENTATTR_WANTCOOKIE) != 0) { isc_buffer_t buf; isc_stdtime_t now = isc_stdtime_now(); @@ -1105,22 +1117,22 @@ no_nsid: ednsopts[count].value = cookie; count++; } - if ((client->attributes & NS_CLIENTATTR_HAVEEXPIRE) != 0) { + if ((client->inner.attributes & NS_CLIENTATTR_HAVEEXPIRE) != 0) { isc_buffer_t buf; INSIST(count < DNS_EDNSOPTIONS); isc_buffer_init(&buf, expire, sizeof(expire)); - isc_buffer_putuint32(&buf, client->expire); + isc_buffer_putuint32(&buf, client->inner.expire); ednsopts[count].code = DNS_OPT_EXPIRE; ednsopts[count].length = 4; ednsopts[count].value = expire; count++; } - if (((client->attributes & NS_CLIENTATTR_HAVEECS) != 0) && - (client->ecs.addr.family == AF_INET || - client->ecs.addr.family == AF_INET6 || - client->ecs.addr.family == AF_UNSPEC)) + if (((client->inner.attributes & NS_CLIENTATTR_HAVEECS) != 0) && + (client->inner.ecs.addr.family == AF_INET || + client->inner.ecs.addr.family == AF_INET6 || + client->inner.ecs.addr.family == AF_UNSPEC)) { isc_buffer_t buf; uint8_t addr[16]; @@ -1129,12 +1141,12 @@ no_nsid: /* Add CLIENT-SUBNET option. */ - plen = client->ecs.source; + plen = client->inner.ecs.source; /* Round up prefix len to a multiple of 8 */ addrl = (plen + 7) / 8; - switch (client->ecs.addr.family) { + switch (client->inner.ecs.addr.family) { case AF_UNSPEC: INSIST(plen == 0); family = 0; @@ -1142,12 +1154,12 @@ no_nsid: case AF_INET: INSIST(plen <= 32); family = 1; - memmove(addr, &client->ecs.addr.type, addrl); + memmove(addr, &client->inner.ecs.addr.type, addrl); break; case AF_INET6: INSIST(plen <= 128); family = 2; - memmove(addr, &client->ecs.addr.type, addrl); + memmove(addr, &client->inner.ecs.addr.type, addrl); break; default: UNREACHABLE(); @@ -1157,9 +1169,9 @@ no_nsid: /* family */ isc_buffer_putuint16(&buf, family); /* source prefix-length */ - isc_buffer_putuint8(&buf, client->ecs.source); + isc_buffer_putuint8(&buf, client->inner.ecs.source); /* scope prefix-length */ - isc_buffer_putuint8(&buf, client->ecs.scope); + isc_buffer_putuint8(&buf, client->inner.ecs.scope); /* address */ if (addrl > 0) { @@ -1178,7 +1190,7 @@ no_nsid: if (TCP_CLIENT(client) && USEKEEPALIVE(client)) { isc_buffer_t buf; uint32_t advertised_timeout = isc_nm_getadvertisedtimeout( - isc_nmhandle_netmgr(client->handle)); + isc_nmhandle_netmgr(client->inner.handle)); INSIST(count < DNS_EDNSOPTIONS); @@ -1204,18 +1216,18 @@ no_nsid: ednsopts[count].value = ede->value; count++; } - if ((client->attributes & NS_CLIENTATTR_HAVEZONEVERSION) != 0) { + if ((client->inner.attributes & NS_CLIENTATTR_HAVEZONEVERSION) != 0) { INSIST(count < DNS_EDNSOPTIONS); ednsopts[count].code = DNS_OPT_ZONEVERSION; - ednsopts[count].length = client->zoneversionlength; - ednsopts[count].value = client->zoneversion; + ednsopts[count].length = client->inner.zoneversionlength; + ednsopts[count].value = client->inner.zoneversion; count++; } if (WANTRC(client)) { dns_name_t *rad = NULL; - if (dns_name_dynamic(&client->rad)) { - rad = &client->rad; + if (dns_name_dynamic(&client->inner.rad)) { + rad = &client->inner.rad; } if (rad != NULL && !dns_name_equal(rad, dns_rootname)) { INSIST(count < DNS_EDNSOPTIONS); @@ -1229,12 +1241,12 @@ no_nsid: /* Padding must be added last */ if ((view != NULL) && (view->padding > 0) && WANTPAD(client) && (TCP_CLIENT(client) || - ((client->attributes & NS_CLIENTATTR_HAVECOOKIE) != 0))) + ((client->inner.attributes & NS_CLIENTATTR_HAVECOOKIE) != 0))) { isc_netaddr_t netaddr; int match; - isc_netaddr_fromsockaddr(&netaddr, &client->peeraddr); + isc_netaddr_fromsockaddr(&netaddr, &client->inner.peeraddr); result = dns_acl_match(&netaddr, NULL, view->pad_acl, env, &match, NULL); if (result == ISC_R_SUCCESS && match > 0) { @@ -1268,7 +1280,7 @@ compute_cookie(ns_client_t *client, uint32_t when, const unsigned char *secret, isc_netaddr_t netaddr; unsigned char *cp; - isc_buffer_putmem(buf, client->cookie, 8); + isc_buffer_putmem(buf, client->inner.cookie, 8); isc_buffer_putuint8(buf, NS_COOKIE_VERSION_1); isc_buffer_putuint8(buf, 0); /* Reserved */ isc_buffer_putuint16(buf, 0); /* Reserved */ @@ -1276,7 +1288,7 @@ compute_cookie(ns_client_t *client, uint32_t when, const unsigned char *secret, memmove(input, (unsigned char *)isc_buffer_used(buf) - 16, 16); - isc_netaddr_fromsockaddr(&netaddr, &client->peeraddr); + isc_netaddr_fromsockaddr(&netaddr, &client->inner.peeraddr); switch (netaddr.family) { case AF_INET: cp = (unsigned char *)&netaddr.type.in; @@ -1314,13 +1326,13 @@ process_cookie(ns_client_t *client, isc_buffer_t *buf, size_t optlen) { * If we have already seen a cookie option skip this cookie option. */ if ((!client->manager->sctx->answercookie) || - (client->attributes & NS_CLIENTATTR_WANTCOOKIE) != 0) + (client->inner.attributes & NS_CLIENTATTR_WANTCOOKIE) != 0) { isc_buffer_forward(buf, (unsigned int)optlen); return; } - client->attributes |= NS_CLIENTATTR_WANTCOOKIE; + client->inner.attributes |= NS_CLIENTATTR_WANTCOOKIE; ns_stats_increment(client->manager->sctx->nsstats, ns_statscounter_cookiein); @@ -1330,7 +1342,7 @@ process_cookie(ns_client_t *client, isc_buffer_t *buf, size_t optlen) { * Not our token. */ INSIST(optlen >= 8U); - memmove(client->cookie, isc_buffer_current(buf), 8); + memmove(client->inner.cookie, isc_buffer_current(buf), 8); isc_buffer_forward(buf, (unsigned int)optlen); if (optlen == 8U) { @@ -1339,7 +1351,7 @@ process_cookie(ns_client_t *client, isc_buffer_t *buf, size_t optlen) { } else { ns_stats_increment(client->manager->sctx->nsstats, ns_statscounter_cookiebadsize); - client->attributes |= NS_CLIENTATTR_BADCOOKIE; + client->inner.attributes |= NS_CLIENTATTR_BADCOOKIE; } return; } @@ -1348,7 +1360,7 @@ process_cookie(ns_client_t *client, isc_buffer_t *buf, size_t optlen) { * Process all of the incoming buffer. */ old = isc_buffer_current(buf); - memmove(client->cookie, old, 8); + memmove(client->inner.cookie, old, 8); isc_buffer_forward(buf, 8); isc_buffer_forward(buf, 4); /* version + reserved */ when = isc_buffer_getuint32(buf); @@ -1373,7 +1385,7 @@ process_cookie(ns_client_t *client, isc_buffer_t *buf, size_t optlen) { if (isc_serial_gt(when, now + 300) /* In the future. */ || isc_serial_lt(when, now - 3600) /* In the past. */) { - client->attributes |= NS_CLIENTATTR_BADCOOKIE; + client->inner.attributes |= NS_CLIENTATTR_BADCOOKIE; ns_stats_increment(client->manager->sctx->nsstats, ns_statscounter_cookiebadtime); return; @@ -1385,7 +1397,7 @@ process_cookie(ns_client_t *client, isc_buffer_t *buf, size_t optlen) { if (isc_safe_memequal(old, dbuf, COOKIE_SIZE) || alwaysvalid) { ns_stats_increment(client->manager->sctx->nsstats, ns_statscounter_cookiematch); - client->attributes |= NS_CLIENTATTR_HAVECOOKIE; + client->inner.attributes |= NS_CLIENTATTR_HAVECOOKIE; return; } @@ -1395,12 +1407,12 @@ process_cookie(ns_client_t *client, isc_buffer_t *buf, size_t optlen) { if (isc_safe_memequal(old, dbuf, COOKIE_SIZE)) { ns_stats_increment(client->manager->sctx->nsstats, ns_statscounter_cookiematch); - client->attributes |= NS_CLIENTATTR_HAVECOOKIE; + client->inner.attributes |= NS_CLIENTATTR_HAVECOOKIE; return; } } - client->attributes |= NS_CLIENTATTR_BADCOOKIE; + client->inner.attributes |= NS_CLIENTATTR_BADCOOKIE; ns_stats_increment(client->manager->sctx->nsstats, ns_statscounter_cookienomatch); } @@ -1414,7 +1426,7 @@ process_ecs(ns_client_t *client, isc_buffer_t *buf, size_t optlen) { /* * If we have already seen a ECS option skip this ECS option. */ - if ((client->attributes & NS_CLIENTATTR_HAVEECS) != 0) { + if ((client->inner.attributes & NS_CLIENTATTR_HAVEECS) != 0) { isc_buffer_forward(buf, (unsigned int)optlen); return ISC_R_SUCCESS; } @@ -1515,10 +1527,10 @@ process_ecs(ns_client_t *client, isc_buffer_t *buf, size_t optlen) { } } - memmove(&client->ecs.addr, &caddr, sizeof(caddr)); - client->ecs.source = addrlen; - client->ecs.scope = 0; - client->attributes |= NS_CLIENTATTR_HAVEECS; + memmove(&client->inner.ecs.addr, &caddr, sizeof(caddr)); + client->inner.ecs.source = addrlen; + client->inner.ecs.scope = 0; + client->inner.attributes |= NS_CLIENTATTR_HAVEECS; isc_buffer_forward(buf, (unsigned int)optlen); return ISC_R_SUCCESS; @@ -1532,15 +1544,15 @@ process_keytag(ns_client_t *client, isc_buffer_t *buf, size_t optlen) { } /* Silently drop additional keytag options. */ - if (client->keytag != NULL) { + if (client->inner.keytag != NULL) { isc_buffer_forward(buf, (unsigned int)optlen); return ISC_R_SUCCESS; } - client->keytag = isc_mem_get(client->manager->mctx, optlen); + client->inner.keytag = isc_mem_get(client->manager->mctx, optlen); { - client->keytag_len = (uint16_t)optlen; - memmove(client->keytag, isc_buffer_current(buf), optlen); + client->inner.keytag_len = (uint16_t)optlen; + memmove(client->inner.keytag, isc_buffer_current(buf), optlen); } isc_buffer_forward(buf, (unsigned int)optlen); return ISC_R_SUCCESS; @@ -1557,27 +1569,27 @@ process_opt(ns_client_t *client, dns_rdataset_t *opt) { /* * Set the client's UDP buffer size. */ - client->udpsize = opt->rdclass; + client->inner.udpsize = opt->rdclass; /* * If the requested UDP buffer size is less than 512, * ignore it and use 512. */ - if (client->udpsize < 512) { - client->udpsize = 512; + if (client->inner.udpsize < 512) { + client->inner.udpsize = 512; } /* * Get the flags out of the OPT record. */ - client->extflags = (uint16_t)(opt->ttl & 0xFFFF); + client->inner.extflags = (uint16_t)(opt->ttl & 0xFFFF); /* * Do we understand this version of EDNS? * * XXXRTH need library support for this! */ - client->ednsversion = (opt->ttl & 0x00FF0000) >> 16; + client->inner.ednsversion = (opt->ttl & 0x00FF0000) >> 16; /* Check for NSID request */ result = dns_rdataset_first(opt); @@ -1596,7 +1608,7 @@ process_opt(ns_client_t *client, dns_rdataset_t *opt) { * When returning BADVERSION, only process * DNS_OPT_NSID or DNS_OPT_COOKIE options. */ - if (client->ednsversion > DNS_EDNS_VERSION && + if (client->inner.ednsversion > DNS_EDNS_VERSION && optcode != DNS_OPT_NSID && optcode != DNS_OPT_COOKIE) { @@ -1610,7 +1622,8 @@ process_opt(ns_client_t *client, dns_rdataset_t *opt) { client->manager->sctx->nsstats, ns_statscounter_nsidopt); } - client->attributes |= NS_CLIENTATTR_WANTNSID; + client->inner.attributes |= + NS_CLIENTATTR_WANTNSID; isc_buffer_forward(&optbuf, optlen); break; case DNS_OPT_COOKIE: @@ -1622,7 +1635,8 @@ process_opt(ns_client_t *client, dns_rdataset_t *opt) { client->manager->sctx->nsstats, ns_statscounter_expireopt); } - client->attributes |= NS_CLIENTATTR_WANTEXPIRE; + client->inner.attributes |= + NS_CLIENTATTR_WANTEXPIRE; isc_buffer_forward(&optbuf, optlen); break; case DNS_OPT_CLIENT_SUBNET: @@ -1640,13 +1654,15 @@ process_opt(ns_client_t *client, dns_rdataset_t *opt) { client->manager->sctx->nsstats, ns_statscounter_keepaliveopt); } - client->attributes |= + client->inner.attributes |= NS_CLIENTATTR_USEKEEPALIVE; - isc_nmhandle_keepalive(client->handle, true); + isc_nmhandle_keepalive(client->inner.handle, + true); isc_buffer_forward(&optbuf, optlen); break; case DNS_OPT_PAD: - client->attributes |= NS_CLIENTATTR_WANTPAD; + client->inner.attributes |= + NS_CLIENTATTR_WANTPAD; ns_stats_increment( client->manager->sctx->nsstats, ns_statscounter_padopt); @@ -1670,7 +1686,7 @@ process_opt(ns_client_t *client, dns_rdataset_t *opt) { ns_stats_increment( client->manager->sctx->nsstats, ns_statscounter_zoneversionopt); - client->attributes |= + client->inner.attributes |= NS_CLIENTATTR_WANTZONEVERSION; isc_buffer_forward(&optbuf, optlen); break; @@ -1684,11 +1700,11 @@ process_opt(ns_client_t *client, dns_rdataset_t *opt) { } } - if (client->ednsversion > DNS_EDNS_VERSION) { + if (client->inner.ednsversion > DNS_EDNS_VERSION) { ns_stats_increment(client->manager->sctx->nsstats, ns_statscounter_badednsver); result = ns_client_addopt(client, client->message, - &client->opt); + &client->inner.opt); if (result == ISC_R_SUCCESS) { result = DNS_R_BADVERS; } @@ -1698,14 +1714,14 @@ process_opt(ns_client_t *client, dns_rdataset_t *opt) { ns_stats_increment(client->manager->sctx->nsstats, ns_statscounter_edns0in); - client->attributes |= NS_CLIENTATTR_WANTOPT; + client->inner.attributes |= NS_CLIENTATTR_WANTOPT; return result; formerr: if (result == DNS_R_FORMERR || result == DNS_R_OPTERR) { result = ns_client_addopt(client, client->message, - &client->opt); + &client->inner.opt); if (result == ISC_R_SUCCESS) { result = DNS_R_FORMERR; } @@ -1716,10 +1732,10 @@ formerr: static void ns_client_async_reset(ns_client_t *client) { - if (client->async) { - client->async = false; - if (client->handle != NULL) { - isc_nmhandle_unref(client->handle); + if (client->inner.async) { + client->inner.async = false; + if (client->inner.handle != NULL) { + isc_nmhandle_unref(client->inner.handle); } } } @@ -1735,24 +1751,24 @@ ns__client_reset_cb(void *client0) { * We never started processing this client, possible if we're * shutting down, just exit. */ - if (client->state == NS_CLIENTSTATE_READY) { + if (client->inner.state == NS_CLIENTSTATE_READY) { return; } ns_client_endrequest(client); - if (client->tcpbuf != NULL) { + if (client->inner.tcpbuf != NULL) { client_put_tcp_buffer(client); } - if (client->keytag != NULL) { - isc_mem_put(client->manager->mctx, client->keytag, - client->keytag_len); - client->keytag_len = 0; + if (client->inner.keytag != NULL) { + isc_mem_put(client->manager->mctx, client->inner.keytag, + client->inner.keytag_len); + client->inner.keytag_len = 0; } ns_client_async_reset(client); - client->state = NS_CLIENTSTATE_READY; + client->inner.state = NS_CLIENTSTATE_READY; #ifdef WANT_SINGLETRACE isc_log_setforcelog(false); @@ -1780,10 +1796,11 @@ ns__client_put_cb(void *client0) { client->magic = 0; - if (client->opt != NULL) { - INSIST(dns_rdataset_isassociated(client->opt)); - dns_rdataset_disassociate(client->opt); - dns_message_puttemprdataset(client->message, &client->opt); + if (client->inner.opt != NULL) { + INSIST(dns_rdataset_isassociated(client->inner.opt)); + dns_rdataset_disassociate(client->inner.opt); + dns_message_puttemprdataset(client->message, + &client->inner.opt); } ns_client_async_reset(client); @@ -1805,22 +1822,22 @@ static isc_result_t ns_client_setup_view(ns_client_t *client, isc_netaddr_t *netaddr) { isc_result_t result; - client->sigresult = client->viewmatchresult = ISC_R_UNSET; + client->inner.sigresult = client->inner.viewmatchresult = ISC_R_UNSET; - if (client->async) { - isc_nmhandle_ref(client->handle); + if (client->inner.async) { + isc_nmhandle_ref(client->inner.handle); } result = client->manager->sctx->matchingview( - netaddr, &client->destaddr, client->message, + netaddr, &client->inner.destaddr, client->message, client->manager->aclenv, client->manager->sctx, - client->async ? client->manager->loop : NULL, - ns_client_request_continue, client, &client->sigresult, - &client->viewmatchresult, &client->view); + client->inner.async ? client->manager->loop : NULL, + ns_client_request_continue, client, &client->inner.sigresult, + &client->inner.viewmatchresult, &client->inner.view); /* Async mode. */ if (result == DNS_R_WAIT) { - INSIST(client->async == true); + INSIST(client->inner.async == true); return DNS_R_WAIT; } @@ -1829,7 +1846,7 @@ ns_client_setup_view(ns_client_t *client, isc_netaddr_t *netaddr) { * not running in async mode, in which case 'result' must be equal to * 'client->viewmatchresult'. */ - INSIST(result == client->viewmatchresult); + INSIST(result == client->inner.viewmatchresult); /* Non-async mode. */ ns_client_async_reset(client); @@ -1879,41 +1896,41 @@ ns_client_request(isc_nmhandle_t *handle, isc_result_t eresult, ns__client_setup(client, NULL, false); } - client->state = NS_CLIENTSTATE_READY; + client->inner.state = NS_CLIENTSTATE_READY; - if (client->handle == NULL) { + if (client->inner.handle == NULL) { isc_nmhandle_setdata(handle, client, ns__client_reset_cb, ns__client_put_cb); - client->handle = handle; + client->inner.handle = handle; } if (isc_nmhandle_is_stream(handle)) { - client->attributes |= NS_CLIENTATTR_TCP; + client->inner.attributes |= NS_CLIENTATTR_TCP; } - INSIST(client->state == NS_CLIENTSTATE_READY); + INSIST(client->inner.state == NS_CLIENTSTATE_READY); (void)atomic_fetch_add_relaxed(&ns_client_requests, 1); - isc_buffer_init(&client->tbuffer, region->base, region->length); - isc_buffer_add(&client->tbuffer, region->length); - client->buffer = &client->tbuffer; + isc_buffer_init(&client->inner.tbuffer, region->base, region->length); + isc_buffer_add(&client->inner.tbuffer, region->length); + client->inner.buffer = &client->inner.tbuffer; - client->peeraddr = isc_nmhandle_peeraddr(handle); - client->peeraddr_valid = true; + client->inner.peeraddr = isc_nmhandle_peeraddr(handle); + client->inner.peeraddr_valid = true; - reqsize = isc_buffer_usedlength(client->buffer); + reqsize = isc_buffer_usedlength(client->inner.buffer); - client->state = NS_CLIENTSTATE_WORKING; + client->inner.state = NS_CLIENTSTATE_WORKING; - client->requesttime = isc_time_now(); - client->tnow = client->requesttime; - client->now = isc_time_seconds(&client->tnow); + client->inner.requesttime = isc_time_now(); + client->inner.tnow = client->inner.requesttime; + client->inner.now = isc_time_seconds(&client->inner.tnow); - isc_netaddr_fromsockaddr(&netaddr, &client->peeraddr); + isc_netaddr_fromsockaddr(&netaddr, &client->inner.peeraddr); #if NS_CLIENT_DROPPORT - if (ns_client_dropport(isc_sockaddr_getport(&client->peeraddr)) == + if (ns_client_dropport(isc_sockaddr_getport(&client->inner.peeraddr)) == DROPPORT_REQUEST) { ns_client_log(client, DNS_LOGCATEGORY_SECURITY, @@ -1941,7 +1958,7 @@ ns_client_request(isc_nmhandle_t *handle, isc_result_t eresult, ISC_LOG_DEBUG(3), "%s request", TCP_CLIENT(client) ? "TCP" : "UDP"); - result = dns_message_peekheader(client->buffer, &id, &flags); + result = dns_message_peekheader(client->inner.buffer, &id, &flags); if (result != ISC_R_SUCCESS) { /* * There isn't enough header to determine whether @@ -1976,7 +1993,7 @@ ns_client_request(isc_nmhandle_t *handle, isc_result_t eresult, /* * Update some statistics counters. Don't count responses. */ - if (isc_sockaddr_pf(&client->peeraddr) == PF_INET) { + if (isc_sockaddr_pf(&client->inner.peeraddr) == PF_INET) { ns_stats_increment(client->manager->sctx->nsstats, ns_statscounter_requestv4); } else { @@ -1986,7 +2003,7 @@ ns_client_request(isc_nmhandle_t *handle, isc_result_t eresult, if (TCP_CLIENT(client)) { ns_stats_increment(client->manager->sctx->nsstats, ns_statscounter_requesttcp); - switch (isc_sockaddr_pf(&client->peeraddr)) { + switch (isc_sockaddr_pf(&client->inner.peeraddr)) { case AF_INET: isc_histomulti_inc(client->manager->sctx->tcpinstats4, DNS_SIZEHISTO_BUCKETIN(reqsize)); @@ -1999,7 +2016,7 @@ ns_client_request(isc_nmhandle_t *handle, isc_result_t eresult, UNREACHABLE(); } } else { - switch (isc_sockaddr_pf(&client->peeraddr)) { + switch (isc_sockaddr_pf(&client->inner.peeraddr)) { case AF_INET: isc_histomulti_inc(client->manager->sctx->udpinstats4, DNS_SIZEHISTO_BUCKETIN(reqsize)); @@ -2016,7 +2033,7 @@ ns_client_request(isc_nmhandle_t *handle, isc_result_t eresult, /* * It's a request. Parse it. */ - result = dns_message_parse(client->message, client->buffer, 0); + result = dns_message_parse(client->message, client->inner.buffer, 0); if (result != ISC_R_SUCCESS) { /* * Parsing the request failed. Send a response @@ -2024,7 +2041,7 @@ ns_client_request(isc_nmhandle_t *handle, isc_result_t eresult, */ if (result == DNS_R_OPTERR) { (void)ns_client_addopt(client, client->message, - &client->opt); + &client->inner.opt); } ns_client_log(client, NS_LOGCATEGORY_CLIENT, @@ -2063,8 +2080,8 @@ ns_client_request(isc_nmhandle_t *handle, isc_result_t eresult, opt = dns_message_getopt(client->message); } - client->ecs.source = 0; - client->ecs.scope = 0; + client->inner.ecs.source = 0; + client->inner.ecs.scope = 0; if (opt != NULL) { /* @@ -2114,7 +2131,8 @@ ns_client_request(isc_nmhandle_t *handle, isc_result_t eresult, } if (client->message->rdclass == 0) { - if ((client->attributes & NS_CLIENTATTR_WANTCOOKIE) != 0 && + if ((client->inner.attributes & NS_CLIENTATTR_WANTCOOKIE) != + 0 && client->message->opcode == dns_opcode_query && client->message->counts[DNS_SECTION_QUESTION] == 0U) { @@ -2141,16 +2159,17 @@ ns_client_request(isc_nmhandle_t *handle, isc_result_t eresult, return; } - client->destsockaddr = isc_nmhandle_localaddr(handle); - isc_netaddr_fromsockaddr(&client->destaddr, &client->destsockaddr); + client->inner.destsockaddr = isc_nmhandle_localaddr(handle); + isc_netaddr_fromsockaddr(&client->inner.destaddr, + &client->inner.destsockaddr); /* * Offload view matching only if we are going to check a SIG(0) * signature. */ - client->async = (client->message->tsigkey == NULL && - client->message->tsig == NULL && - client->message->sig0 != NULL); + client->inner.async = (client->message->tsigkey == NULL && + client->message->tsig == NULL && + client->message->sig0 != NULL); result = ns_client_setup_view(client, &netaddr); if (result == DNS_R_WAIT) { @@ -2189,18 +2208,18 @@ ns_client_request_continue(void *arg) { dns_dtmsgtype_t dtmsgtype; #endif /* ifdef HAVE_DNSTAP */ - INSIST(client->viewmatchresult != ISC_R_UNSET); + INSIST(client->inner.viewmatchresult != ISC_R_UNSET); /* * This function could be running asynchronously, in which case update * the current 'now' for correct timekeeping. */ - if (client->async) { - client->tnow = isc_time_now(); - client->now = isc_time_seconds(&client->tnow); + if (client->inner.async) { + client->inner.tnow = isc_time_now(); + client->inner.now = isc_time_seconds(&client->inner.tnow); } - if (client->viewmatchresult != ISC_R_SUCCESS) { + if (client->inner.viewmatchresult != ISC_R_SUCCESS) { isc_buffer_t b; isc_region_t *r; @@ -2215,7 +2234,7 @@ ns_client_request_continue(void *arg) { isc_buffer_add(&b, r->length); (void)dns_tsig_verify(&b, client->message, NULL, NULL); - if (client->viewmatchresult == ISC_R_QUOTA) { + if (client->inner.viewmatchresult == ISC_R_QUOTA) { ns_client_log(client, NS_LOGCATEGORY_CLIENT, NS_LOGMODULE_CLIENT, ISC_LOG_DEBUG(5), "SIG(0) checks quota reached"); @@ -2247,20 +2266,20 @@ ns_client_request_continue(void *arg) { goto cleanup; } - if (isc_nm_is_proxy_handle(client->handle)) { + if (isc_nm_is_proxy_handle(client->inner.handle)) { char fmtbuf[ISC_SOCKADDR_FORMATSIZE] = { 0 }; isc_netaddr_t real_local_addr, real_peer_addr; isc_sockaddr_t real_local, real_peer; int log_level = ISC_LOG_DEBUG(10); - real_peer = isc_nmhandle_real_peeraddr(client->handle); + real_peer = isc_nmhandle_real_peeraddr(client->inner.handle); isc_netaddr_fromsockaddr(&real_peer_addr, &real_peer); - real_local = isc_nmhandle_real_localaddr(client->handle); + real_local = isc_nmhandle_real_localaddr(client->inner.handle); isc_netaddr_fromsockaddr(&real_local_addr, &real_local); /* do not allow by default */ if (ns_client_checkaclsilent(client, &real_peer_addr, - client->view->proxyacl, + client->inner.view->proxyacl, false) != ISC_R_SUCCESS) { if (isc_log_wouldlog(log_level)) { @@ -2275,13 +2294,13 @@ ns_client_request_continue(void *arg) { "ACL", fmtbuf); } - isc_nm_bad_request(client->handle); + isc_nm_bad_request(client->inner.handle); goto cleanup; } /* allow by default */ if (ns_client_checkaclsilent(client, &real_local_addr, - client->view->proxyonacl, + client->inner.view->proxyonacl, true) != ISC_R_SUCCESS) { if (isc_log_wouldlog(log_level)) { @@ -2296,13 +2315,14 @@ ns_client_request_continue(void *arg) { "'allow-proxy-on' ACL", fmtbuf); } - isc_nm_bad_request(client->handle); + isc_nm_bad_request(client->inner.handle); goto cleanup; } } ns_client_log(client, NS_LOGCATEGORY_CLIENT, NS_LOGMODULE_CLIENT, - ISC_LOG_DEBUG(5), "using view '%s'", client->view->name); + ISC_LOG_DEBUG(5), "using view '%s'", + client->inner.view->name); /* * Check for a signature. We log bad signatures regardless of @@ -2310,9 +2330,9 @@ ns_client_request_continue(void *arg) { * not. We do not log the lack of a signature unless we are * debugging. */ - client->signer = NULL; - dns_name_init(&client->signername); - result = dns_message_signer(client->message, &client->signername); + client->inner.signer = NULL; + dns_name_init(&client->inner.signername); + result = dns_message_signer(client->message, &client->inner.signername); if (result != ISC_R_NOTFOUND) { signame = NULL; if (dns_message_gettsig(client->message, &signame) != NULL) { @@ -2325,11 +2345,12 @@ ns_client_request_continue(void *arg) { } if (result == ISC_R_SUCCESS) { char namebuf[DNS_NAME_FORMATSIZE]; - dns_name_format(&client->signername, namebuf, sizeof(namebuf)); + dns_name_format(&client->inner.signername, namebuf, + sizeof(namebuf)); ns_client_log(client, DNS_LOGCATEGORY_SECURITY, NS_LOGMODULE_CLIENT, ISC_LOG_DEBUG(3), "request has valid signature: %s", namebuf); - client->signer = &client->signername; + client->inner.signer = &client->inner.signername; } else if (result == ISC_R_NOTFOUND) { ns_client_log(client, DNS_LOGCATEGORY_SECURITY, NS_LOGMODULE_CLIENT, ISC_LOG_DEBUG(3), @@ -2390,7 +2411,7 @@ ns_client_request_continue(void *arg) { if (!(client->message->tsigstatus == dns_tsigerror_badkey && client->message->opcode == dns_opcode_update)) { - ns_client_error(client, client->sigresult); + ns_client_error(client, client->inner.sigresult); goto cleanup; } } @@ -2405,33 +2426,33 @@ ns_client_request_continue(void *arg) { ra = false; /* must be initialized before ns_client_log uses it as index */ - if (client->view->resolver == NULL) { + if (client->inner.view->resolver == NULL) { ra_refusal_reason = NO_RESOLVER; - } else if (!client->view->recursion) { + } else if (!client->inner.view->recursion) { ra_refusal_reason = RECURSION_DISABLED; } else if (ns_client_checkaclsilent(client, NULL, - client->view->recursionacl, + client->inner.view->recursionacl, true) != ISC_R_SUCCESS) { ra_refusal_reason = ALLOW_RECURSION; } else if (ns_client_checkaclsilent(client, NULL, - client->view->cacheacl, + client->inner.view->cacheacl, true) != ISC_R_SUCCESS) { ra_refusal_reason = ALLOW_QUERY_CACHE; - } else if (ns_client_checkaclsilent(client, &client->destaddr, - client->view->recursiononacl, + } else if (ns_client_checkaclsilent(client, &client->inner.destaddr, + client->inner.view->recursiononacl, true) != ISC_R_SUCCESS) { ra_refusal_reason = ALLOW_RECURSION_ON; - } else if (ns_client_checkaclsilent(client, &client->destaddr, - client->view->cacheonacl, + } else if (ns_client_checkaclsilent(client, &client->inner.destaddr, + client->inner.view->cacheonacl, true) != ISC_R_SUCCESS) { ra_refusal_reason = ALLOW_QUERY_CACHE_ON; } else { ra = true; - client->attributes |= NS_CLIENTATTR_RA; + client->inner.attributes |= NS_CLIENTATTR_RA; } ns_client_log(client, DNS_LOGCATEGORY_SECURITY, NS_LOGMODULE_CLIENT, @@ -2443,19 +2464,19 @@ ns_client_request_continue(void *arg) { /* * Adjust maximum UDP response size for this client. */ - if (client->udpsize > 512) { + if (client->inner.udpsize > 512) { dns_peer_t *peer = NULL; - uint16_t udpsize = client->view->maxudp; + uint16_t udpsize = client->inner.view->maxudp; isc_netaddr_t netaddr; - isc_netaddr_fromsockaddr(&netaddr, &client->peeraddr); - (void)dns_peerlist_peerbyaddr(client->view->peers, &netaddr, - &peer); + isc_netaddr_fromsockaddr(&netaddr, &client->inner.peeraddr); + (void)dns_peerlist_peerbyaddr(client->inner.view->peers, + &netaddr, &peer); if (peer != NULL) { dns_peer_getmaxudp(peer, &udpsize); } - if (client->udpsize > udpsize) { - client->udpsize = udpsize; + if (client->inner.udpsize > udpsize) { + client->inner.udpsize = udpsize; } } @@ -2476,27 +2497,31 @@ ns_client_request_continue(void *arg) { dtmsgtype = DNS_DTTYPE_AQ; } - dns_dt_send(client->view, dtmsgtype, &client->peeraddr, - &client->destsockaddr, transport_type, NULL, - &client->requesttime, NULL, client->buffer); + dns_dt_send( + client->inner.view, dtmsgtype, &client->inner.peeraddr, + &client->inner.destsockaddr, transport_type, NULL, + &client->inner.requesttime, NULL, client->inner.buffer); #endif /* HAVE_DNSTAP */ - ns_query_start(client, client->handle); + ns_query_start(client, client->inner.handle); break; case dns_opcode_update: CTRACE("update"); #ifdef HAVE_DNSTAP - dns_dt_send(client->view, DNS_DTTYPE_UQ, &client->peeraddr, - &client->destsockaddr, transport_type, NULL, - &client->requesttime, NULL, client->buffer); + dns_dt_send(client->inner.view, DNS_DTTYPE_UQ, + &client->inner.peeraddr, + &client->inner.destsockaddr, transport_type, NULL, + &client->inner.requesttime, NULL, + client->inner.buffer); #endif /* HAVE_DNSTAP */ ns_client_settimeout(client, 60); - ns_update_start(client, client->handle, client->sigresult); + ns_update_start(client, client->inner.handle, + client->inner.sigresult); break; case dns_opcode_notify: CTRACE("notify"); ns_client_settimeout(client, 60); - ns_notify_start(client, client->handle); + ns_notify_start(client, client->inner.handle); break; case dns_opcode_iquery: CTRACE("iquery"); @@ -2582,29 +2607,22 @@ ns__client_setup(ns_client_t *client, ns_clientmgr_t *mgr, bool new) { * Retain these values from the existing client, but * zero every thing else. */ - *client = (ns_client_t){ - .magic = 0, - .manager = client->manager, - .message = client->message, - .edectx = client->edectx, - .query = client->query, - }; - + client->inner = (struct ns_client_inner){}; dns_ede_reset(&client->edectx); } client->query.attributes &= ~NS_QUERYATTR_ANSWERED; - client->state = NS_CLIENTSTATE_INACTIVE; - client->udpsize = 512; - client->ednsversion = -1; - dns_name_init(&client->signername); - dns_name_init(&client->rad); - dns_ecs_init(&client->ecs); - isc_sockaddr_any(&client->formerrcache.addr); - client->formerrcache.time = 0; - client->formerrcache.id = 0; - ISC_LINK_INIT(client, rlink); - client->rcode_override = -1; /* not set */ + client->inner.state = NS_CLIENTSTATE_INACTIVE; + client->inner.udpsize = 512; + client->inner.ednsversion = -1; + dns_name_init(&client->inner.signername); + dns_name_init(&client->inner.rad); + dns_ecs_init(&client->inner.ecs); + isc_sockaddr_any(&client->inner.formerrcache.addr); + client->inner.formerrcache.time = 0; + client->inner.formerrcache.id = 0; + ISC_LINK_INIT(client, inner.rlink); + client->inner.rcode_override = -1; /* not set */ client->magic = NS_CLIENT_MAGIC; @@ -2682,7 +2700,7 @@ ns_clientmgr_shutdown(ns_clientmgr_t *manager) { MTRACE("destroy"); LOCK(&manager->reclock); - ISC_LIST_FOREACH (manager->recursing, client, rlink) { + ISC_LIST_FOREACH (manager->recursing, client, inner.rlink) { ns_query_cancel(client); } UNLOCK(&manager->reclock); @@ -2690,12 +2708,12 @@ ns_clientmgr_shutdown(ns_clientmgr_t *manager) { isc_sockaddr_t * ns_client_getsockaddr(ns_client_t *client) { - return &client->peeraddr; + return &client->inner.peeraddr; } isc_sockaddr_t * ns_client_getdestaddr(ns_client_t *client) { - return &client->destsockaddr; + return &client->inner.destsockaddr; } isc_result_t @@ -2716,16 +2734,16 @@ ns_client_checkaclsilent(ns_client_t *client, isc_netaddr_t *netaddr, } if (netaddr == NULL) { - isc_netaddr_fromsockaddr(&tmpnetaddr, &client->peeraddr); + isc_netaddr_fromsockaddr(&tmpnetaddr, &client->inner.peeraddr); netaddr = &tmpnetaddr; } - local = isc_nmhandle_localaddr(client->handle); + local = isc_nmhandle_localaddr(client->inner.handle); result = dns_acl_match_port_transport( netaddr, isc_sockaddr_getport(&local), - isc_nm_socket_type(client->handle), - isc_nm_has_encryption(client->handle), client->signer, acl, env, - &match, NULL); + isc_nm_socket_type(client->inner.handle), + isc_nm_has_encryption(client->inner.handle), + client->inner.signer, acl, env, &match, NULL); if (result != ISC_R_SUCCESS) { goto deny; /* Internal error, already logged. */ @@ -2772,8 +2790,8 @@ ns_client_checkacl(ns_client_t *client, isc_sockaddr_t *sockaddr, static void ns_client_name(ns_client_t *client, char *peerbuf, size_t len) { - if (client->peeraddr_valid) { - isc_sockaddr_format(&client->peeraddr, peerbuf, + if (client->inner.peeraddr_valid) { + isc_sockaddr_format(&client->inner.peeraddr, peerbuf, (unsigned int)len); } else { snprintf(peerbuf, len, "@%p", client); @@ -2795,8 +2813,9 @@ ns_client_logv(ns_client_t *client, isc_logcategory_t category, vsnprintf(msgbuf, sizeof(msgbuf), fmt, ap); - if (client->signer != NULL) { - dns_name_format(client->signer, signerbuf, sizeof(signerbuf)); + if (client->inner.signer != NULL) { + dns_name_format(client->inner.signer, signerbuf, + sizeof(signerbuf)); sep1 = "/key "; signer = signerbuf; } @@ -2810,15 +2829,16 @@ ns_client_logv(ns_client_t *client, isc_logcategory_t category, qname = qnamebuf; } - if (client->view != NULL && strcmp(client->view->name, "_bind") != 0 && - strcmp(client->view->name, "_default") != 0) + if (client->inner.view != NULL && + strcmp(client->inner.view->name, "_bind") != 0 && + strcmp(client->inner.view->name, "_default") != 0) { sep4 = ": view "; - viewname = client->view->name; + viewname = client->inner.view->name; } - if (client->peeraddr_valid) { - isc_sockaddr_format(&client->peeraddr, peerbuf, + if (client->inner.peeraddr_valid) { + isc_sockaddr_format(&client->inner.peeraddr, peerbuf, sizeof(peerbuf)); } else { snprintf(peerbuf, sizeof(peerbuf), "(no-peer)"); @@ -2909,15 +2929,15 @@ ns_client_dumprecursing(FILE *f, ns_clientmgr_t *manager) { REQUIRE(VALID_MANAGER(manager)); LOCK(&manager->reclock); - ISC_LIST_FOREACH (manager->recursing, client, rlink) { - INSIST(client->state == NS_CLIENTSTATE_RECURSING); + ISC_LIST_FOREACH (manager->recursing, client, inner.rlink) { + INSIST(client->inner.state == NS_CLIENTSTATE_RECURSING); ns_client_name(client, peerbuf, sizeof(peerbuf)); - if (client->view != NULL && - strcmp(client->view->name, "_bind") != 0 && - strcmp(client->view->name, "_default") != 0) + if (client->inner.view != NULL && + strcmp(client->inner.view->name, "_bind") != 0 && + strcmp(client->inner.view->name, "_default") != 0) { - name = client->view->name; + name = client->inner.view->name; sep = ": view "; } else { name = ""; @@ -2958,7 +2978,7 @@ ns_client_dumprecursing(FILE *f, ns_clientmgr_t *manager) { dns_transport_totext(ns_client_transport_type(client)), sep, name, client->message->id, namebuf, typebuf, classbuf, origfor, original, - isc_time_seconds(&client->requesttime)); + isc_time_seconds(&client->inner.requesttime)); } UNLOCK(&manager->reclock); } @@ -2984,7 +3004,7 @@ ns_client_sourceip(dns_clientinfo_t *ci, isc_sockaddr_t **addrp) { REQUIRE(NS_CLIENT_VALID(client)); REQUIRE(addrp != NULL); - *addrp = &client->peeraddr; + *addrp = &client->inner.peeraddr; return ISC_R_SUCCESS; } diff --git a/lib/ns/include/ns/client.h b/lib/ns/include/ns/client.h index 8d17118c4d..2946bad345 100644 --- a/lib/ns/include/ns/client.h +++ b/lib/ns/include/ns/client.h @@ -163,81 +163,87 @@ struct ns_clientmgr { /*% nameserver client structure */ struct ns_client { - unsigned int magic; - ns_clientmgr_t *manager; - ns_clientstate_t state; - bool async; - unsigned int attributes; - dns_view_t *view; - dns_dispatch_t *dispatch; - isc_nmhandle_t *handle; /* Permanent pointer to handle */ - isc_nmhandle_t *sendhandle; /* Waiting for send callback */ - isc_nmhandle_t *reqhandle; /* Waiting for request callback - (query, update, notify) */ - isc_nmhandle_t *updatehandle; /* Waiting for update callback */ - isc_nmhandle_t *restarthandle; /* Waiting for restart callback */ - unsigned char *tcpbuf; - size_t tcpbuf_size; + unsigned int magic; + struct ns_client_inner { + ns_clientstate_t state; + bool async; + unsigned int attributes; + dns_view_t *view; + dns_dispatch_t *dispatch; + isc_nmhandle_t *handle; /* Permanent pointer to handle */ + isc_nmhandle_t *sendhandle; /* Waiting for send callback */ + isc_nmhandle_t *reqhandle; /* Waiting for request callback + (query, update, notify) */ + isc_nmhandle_t *updatehandle; /* Waiting for update callback */ + isc_nmhandle_t *restarthandle; /* Waiting for restart callback + */ + unsigned char *tcpbuf; + size_t tcpbuf_size; + dns_rdataset_t *opt; + uint16_t udpsize; + uint16_t extflags; + int16_t ednsversion; /* -1 noedns */ + uint16_t additionaldepth; + void (*cleanup)(ns_client_t *); + isc_time_t requesttime; + isc_stdtime_t now; + isc_time_t tnow; + dns_name_t signername; /*%< [T]SIG key name */ + dns_name_t *signer; /*%< NULL if not valid sig */ + isc_result_t sigresult; + isc_result_t viewmatchresult; + isc_buffer_t *buffer; + isc_buffer_t tbuffer; + + dns_name_t rad; /* Zone rad domain */ + + isc_sockaddr_t peeraddr; + bool peeraddr_valid; + isc_netaddr_t destaddr; + isc_sockaddr_t destsockaddr; + + dns_ecs_t ecs; /*%< EDNS client subnet sent by client */ + + /*% + * Information about recent FORMERR response(s), for + * FORMERR loop avoidance. This is separate for each + * client object rather than global only to avoid + * the need for locking. + */ + struct { + isc_sockaddr_t addr; + isc_stdtime_t time; + dns_messageid_t id; + } formerrcache; + + /*% Callback function to send a response when unit testing */ + void (*sendcb)(isc_buffer_t *buf); + + ISC_LINK(ns_client_t) rlink; + unsigned char cookie[8]; + uint32_t expire; + unsigned char *zoneversion; + uint32_t zoneversionlength; + unsigned char *keytag; + uint16_t keytag_len; + + /*% + * Used to override the DNS response code in ns_client_error(). + * If set to -1, the rcode is determined from the result code, + * but if set to any other value, the least significant 12 + * bits will be used as the rcode in the response message. + */ + int32_t rcode_override; + } inner; + + /* + * Fields which will be preserved + */ + ns_clientmgr_t *manager; dns_message_t *message; - dns_rdataset_t *opt; dns_edectx_t edectx; - uint16_t udpsize; - uint16_t extflags; - int16_t ednsversion; /* -1 noedns */ - uint16_t additionaldepth; - void (*cleanup)(ns_client_t *); - ns_query_t query; - isc_time_t requesttime; - isc_stdtime_t now; - isc_time_t tnow; - dns_name_t signername; /*%< [T]SIG key name */ - dns_name_t *signer; /*%< NULL if not valid sig */ - isc_result_t sigresult; - isc_result_t viewmatchresult; - isc_buffer_t *buffer; - isc_buffer_t tbuffer; - - dns_name_t rad; /* Zone rad domain */ - - isc_sockaddr_t peeraddr; - bool peeraddr_valid; - isc_netaddr_t destaddr; - isc_sockaddr_t destsockaddr; - - dns_ecs_t ecs; /*%< EDNS client subnet sent by client */ - - /*% - * Information about recent FORMERR response(s), for - * FORMERR loop avoidance. This is separate for each - * client object rather than global only to avoid - * the need for locking. - */ - struct { - isc_sockaddr_t addr; - isc_stdtime_t time; - dns_messageid_t id; - } formerrcache; - - /*% Callback function to send a response when unit testing */ - void (*sendcb)(isc_buffer_t *buf); - - ISC_LINK(ns_client_t) rlink; - unsigned char cookie[8]; - uint32_t expire; - unsigned char *zoneversion; - uint32_t zoneversionlength; - unsigned char *keytag; - uint16_t keytag_len; - - /*% - * Used to override the DNS response code in ns_client_error(). - * If set to -1, the rcode is determined from the result code, - * but if set to any other value, the least significant 12 - * bits will be used as the rcode in the response message. - */ - int32_t rcode_override; - - uint8_t sendbuf[NS_CLIENT_SEND_BUFFER_SIZE]; + ns_query_t query; + uint8_t sendbuf[NS_CLIENT_SEND_BUFFER_SIZE]; }; #define NS_CLIENT_MAGIC ISC_MAGIC('N', 'S', 'C', 'c') diff --git a/lib/ns/notify.c b/lib/ns/notify.c index 4dc5b2b604..60753a4464 100644 --- a/lib/ns/notify.c +++ b/lib/ns/notify.c @@ -55,7 +55,7 @@ respond(ns_client_t *client, isc_result_t result) { } if (msg_result != ISC_R_SUCCESS) { ns_client_drop(client, msg_result); - isc_nmhandle_detach(&client->reqhandle); + isc_nmhandle_detach(&client->inner.reqhandle); return; } message->rcode = rcode; @@ -66,7 +66,7 @@ respond(ns_client_t *client, isc_result_t result) { } ns_client_send(client); - isc_nmhandle_detach(&client->reqhandle); + isc_nmhandle_detach(&client->inner.reqhandle); } void @@ -83,7 +83,7 @@ ns_notify_start(ns_client_t *client, isc_nmhandle_t *handle) { /* * Attach to the request handle */ - isc_nmhandle_attach(handle, &client->reqhandle); + isc_nmhandle_attach(handle, &client->inner.reqhandle); /* * Interpret the question section. @@ -142,8 +142,8 @@ ns_notify_start(ns_client_t *client, isc_nmhandle_t *handle) { } dns_name_format(zonename, namebuf, sizeof(namebuf)); - result = dns_view_findzone(client->view, zonename, DNS_ZTFIND_EXACT, - &zone); + result = dns_view_findzone(client->inner.view, zonename, + DNS_ZTFIND_EXACT, &zone); if (result == ISC_R_SUCCESS) { dns_zonetype_t zonetype = dns_zone_gettype(zone); diff --git a/lib/ns/query.c b/lib/ns/query.c index e4e769d85b..3de9454d30 100644 --- a/lib/ns/query.c +++ b/lib/ns/query.c @@ -107,22 +107,22 @@ #define WANTRECURSION(c) \ (((c)->query.attributes & NS_QUERYATTR_WANTRECURSION) != 0) /*% Is TCP? */ -#define TCP(c) (((c)->attributes & NS_CLIENTATTR_TCP) != 0) +#define TCP(c) (((c)->inner.attributes & NS_CLIENTATTR_TCP) != 0) /*% This query needs to have been sent over TCP. Return TC=1. */ -#define NEEDTCP(c) (((c)->attributes & NS_CLIENTATTR_NEEDTCP) != 0) +#define NEEDTCP(c) (((c)->inner.attributes & NS_CLIENTATTR_NEEDTCP) != 0) /*% Want DNSSEC? */ -#define WANTDNSSEC(c) (((c)->attributes & NS_CLIENTATTR_WANTDNSSEC) != 0) +#define WANTDNSSEC(c) (((c)->inner.attributes & NS_CLIENTATTR_WANTDNSSEC) != 0) /*% Want WANTAD? */ -#define WANTAD(c) (((c)->attributes & NS_CLIENTATTR_WANTAD) != 0) +#define WANTAD(c) (((c)->inner.attributes & NS_CLIENTATTR_WANTAD) != 0) /*% Client presented a bad COOKIE. */ -#define BADCOOKIE(c) (((c)->attributes & NS_CLIENTATTR_BADCOOKIE) != 0) +#define BADCOOKIE(c) (((c)->inner.attributes & NS_CLIENTATTR_BADCOOKIE) != 0) /*% Client presented a valid COOKIE. */ -#define HAVECOOKIE(c) (((c)->attributes & NS_CLIENTATTR_HAVECOOKIE) != 0) +#define HAVECOOKIE(c) (((c)->inner.attributes & NS_CLIENTATTR_HAVECOOKIE) != 0) /*% Client presented a COOKIE. */ -#define WANTCOOKIE(c) (((c)->attributes & NS_CLIENTATTR_WANTCOOKIE) != 0) +#define WANTCOOKIE(c) (((c)->inner.attributes & NS_CLIENTATTR_WANTCOOKIE) != 0) /*% Client presented a CLIENT-SUBNET option. */ -#define HAVEECS(c) (((c)->attributes & NS_CLIENTATTR_HAVEECS) != 0) +#define HAVEECS(c) (((c)->inner.attributes & NS_CLIENTATTR_HAVEECS) != 0) /*% No authority? */ #define NOAUTHORITY(c) (((c)->query.attributes & NS_QUERYATTR_NOAUTHORITY) != 0) /*% No additional? */ @@ -564,14 +564,14 @@ ns_client_log_flags(ns_client_t *client, unsigned int flags, isc_buffer_init(&b, buf, len); isc_buffer_putuint8(&b, WANTRECURSION(client) ? '+' : '-'); - if (client->ednsversion >= 0) { + if (client->inner.ednsversion >= 0) { char ednsbuf[sizeof("E(255)")] = { 0 }; snprintf(ednsbuf, sizeof(ednsbuf), "E(%hhu)", - (unsigned char)client->ednsversion); + (unsigned char)client->inner.ednsversion); isc_buffer_putstr(&b, ednsbuf); } - if (client->signer != NULL) { + if (client->inner.signer != NULL) { isc_buffer_putuint8(&b, 'S'); } if (TCP(client)) { @@ -596,7 +596,7 @@ ns_client_log_flags(ns_client_t *client, unsigned int flags, static inline void ns_client_log_ecs(ns_client_t *client, char *ecsbuf, size_t len) { strlcpy(ecsbuf, " [ECS ", len); - dns_ecs_format(&client->ecs, ecsbuf + 6, len - 6); + dns_ecs_format(&client->inner.ecs, ecsbuf + 6, len - 6); strlcat(ecsbuf, "]", len); } @@ -623,14 +623,14 @@ log_response(ns_client_t *client, dns_rcode_t rcode) { isc_buffer_init(&b, rcodebuf, sizeof(rcodebuf)); dns_rcode_totext(rcode, &b); isc_buffer_putuint8(&b, 0); - isc_netaddr_format(&client->destaddr, onbuf, sizeof(onbuf)); + isc_netaddr_format(&client->inner.destaddr, onbuf, sizeof(onbuf)); if (HAVEECS(client)) { ns_client_log_ecs(client, ecsbuf, sizeof(ecsbuf)); } - ns_client_log_flags(client, client->message->flags, client->extflags, - flagsbuf, sizeof(flagsbuf)); + ns_client_log_flags(client, client->message->flags, + client->inner.extflags, flagsbuf, sizeof(flagsbuf)); ns_client_log(client, NS_LOGCATEGORY_RESPONSES, NS_LOGMODULE_QUERY, level, "response: %s %s %s %s %u %u %u %s (%s)%s", namebuf, classbuf, typebuf, rcodebuf, @@ -676,7 +676,7 @@ query_send(ns_client_t *client) { log_response(client, client->message->rcode); } - isc_nmhandle_detach(&client->reqhandle); + isc_nmhandle_detach(&client->inner.reqhandle); } static void @@ -712,7 +712,7 @@ query_error(ns_client_t *client, isc_result_t result, int line) { log_response(client, rcode); } - isc_nmhandle_detach(&client->reqhandle); + isc_nmhandle_detach(&client->inner.reqhandle); } static void @@ -725,7 +725,7 @@ query_next(ns_client_t *client, isc_result_t result) { inc_stats(client, ns_statscounter_failure); } ns_client_drop(client, result); - isc_nmhandle_detach(&client->reqhandle); + isc_nmhandle_detach(&client->inner.reqhandle); } static void @@ -938,13 +938,13 @@ query_checkcacheaccess(ns_client_t *client, const dns_name_t *name, char msg[NS_CLIENT_ACLMSGSIZE("query (cache)")]; enum refusal_reasons refusal_reason = ALLOW_QUERY_CACHE; - result = ns_client_checkaclsilent(client, NULL, - client->view->cacheacl, true); + result = ns_client_checkaclsilent( + client, NULL, client->inner.view->cacheacl, true); if (result == ISC_R_SUCCESS) { refusal_reason = ALLOW_QUERY_CACHE_ON; result = ns_client_checkaclsilent( - client, &client->destaddr, - client->view->cacheonacl, true); + client, &client->inner.destaddr, + client->inner.view->cacheonacl, true); } if (result == ISC_R_SUCCESS) { /* @@ -955,8 +955,8 @@ query_checkcacheaccess(ns_client_t *client, const dns_name_t *name, isc_log_wouldlog(ISC_LOG_DEBUG(3))) { ns_client_aclmsg("query (cache)", name, qtype, - client->view->rdclass, msg, - sizeof(msg)); + client->inner.view->rdclass, + msg, sizeof(msg)); ns_client_log(client, DNS_LOGCATEGORY_SECURITY, NS_LOGMODULE_QUERY, ISC_LOG_DEBUG(3), "%s approved", @@ -973,8 +973,8 @@ query_checkcacheaccess(ns_client_t *client, const dns_name_t *name, if (!options.nolog) { ns_client_aclmsg("query (cache)", name, qtype, - client->view->rdclass, msg, - sizeof(msg)); + client->inner.view->rdclass, + msg, sizeof(msg)); ns_client_log(client, DNS_LOGCATEGORY_SECURITY, NS_LOGMODULE_QUERY, ISC_LOG_INFO, "%s denied (%s)", msg, @@ -1067,7 +1067,7 @@ query_validatezonedb(ns_client_t *client, const dns_name_t *name, queryacl = dns_zone_getqueryacl(zone); if (queryacl == NULL) { - queryacl = client->view->queryacl; + queryacl = client->inner.view->queryacl; if ((client->query.attributes & NS_QUERYATTR_QUERYOKVALID) != 0) { /* @@ -1094,8 +1094,8 @@ query_validatezonedb(ns_client_t *client, const dns_name_t *name, if (result == ISC_R_SUCCESS) { if (isc_log_wouldlog(ISC_LOG_DEBUG(3))) { ns_client_aclmsg("query", name, qtype, - client->view->rdclass, msg, - sizeof(msg)); + client->inner.view->rdclass, + msg, sizeof(msg)); ns_client_log(client, DNS_LOGCATEGORY_SECURITY, NS_LOGMODULE_QUERY, ISC_LOG_DEBUG(3), "%s approved", @@ -1103,7 +1103,7 @@ query_validatezonedb(ns_client_t *client, const dns_name_t *name, } } else { ns_client_aclmsg("query", name, qtype, - client->view->rdclass, msg, + client->inner.view->rdclass, msg, sizeof(msg)); ns_client_log(client, DNS_LOGCATEGORY_SECURITY, NS_LOGMODULE_QUERY, ISC_LOG_INFO, @@ -1112,7 +1112,7 @@ query_validatezonedb(ns_client_t *client, const dns_name_t *name, } } - if (queryacl == client->view->queryacl) { + if (queryacl == client->inner.view->queryacl) { if (result == ISC_R_SUCCESS) { /* * We were allowed by the default @@ -1132,11 +1132,11 @@ query_validatezonedb(ns_client_t *client, const dns_name_t *name, if (result == ISC_R_SUCCESS) { queryonacl = dns_zone_getqueryonacl(zone); if (queryonacl == NULL) { - queryonacl = client->view->queryonacl; + queryonacl = client->inner.view->queryonacl; } - result = ns_client_checkaclsilent(client, &client->destaddr, - queryonacl, true); + result = ns_client_checkaclsilent( + client, &client->inner.destaddr, queryonacl, true); if (result != ISC_R_SUCCESS) { dns_ede_add(&client->edectx, DNS_EDE_PROHIBITED, NULL); } @@ -1182,7 +1182,7 @@ query_getzonedb(ns_client_t *client, const dns_name_t *name, ztoptions |= DNS_ZTFIND_NOEXACT; } - result = dns_view_findzone(client->view, name, ztoptions, &zone); + result = dns_view_findzone(client->inner.view, name, ztoptions, &zone); if (result == DNS_R_PARTIALMATCH) { partial = true; @@ -1407,7 +1407,7 @@ query_getcachedb(ns_client_t *client, const dns_name_t *name, return DNS_R_REFUSED; } - dns_db_attach(client->view->cachedb, &db); + dns_db_attach(client->inner.view->cachedb, &db); result = query_checkcacheaccess(client, name, qtype, options); if (result != ISC_R_SUCCESS) { @@ -1453,7 +1453,7 @@ query_getdb(ns_client_t *client, dns_name_t *name, dns_rdatatype_t qtype, * Only try if DLZ drivers are loaded for this view */ if (zonelabels < namelabels && - !ISC_LIST_EMPTY(client->view->dlz_searched)) + !ISC_LIST_EMPTY(client->inner.view->dlz_searched)) { dns_clientinfomethods_t cm; dns_clientinfo_t ci; @@ -1461,11 +1461,11 @@ query_getdb(ns_client_t *client, dns_name_t *name, dns_rdatatype_t qtype, dns_clientinfomethods_init(&cm, ns_client_sourceip); dns_clientinfo_init(&ci, client, NULL); - dns_clientinfo_setecs(&ci, &client->ecs); + dns_clientinfo_setecs(&ci, &client->inner.ecs); tdbp = NULL; - tresult = dns_view_searchdlz(client->view, name, zonelabels, - &cm, &ci, &tdbp); + tresult = dns_view_searchdlz(client->inner.view, name, + zonelabels, &cm, &ci, &tdbp); /* If we successful, we found a better match. */ if (tresult == ISC_R_SUCCESS) { ns_dbversion_t *dbversion; @@ -1606,8 +1606,8 @@ query_additionalauthfind(dns_db_t *db, dns_dbversion_t *version, * necessarily in the same database. */ result = dns_db_findext(db, name, version, type, - client->query.dboptions, client->now, &node, - fname, &cm, &ci, rdataset, sigrdataset); + client->query.dboptions, client->inner.now, + &node, fname, &cm, &ci, rdataset, sigrdataset); if (result != ISC_R_SUCCESS) { if (dns_rdataset_isassociated(rdataset)) { dns_rdataset_disassociate(rdataset); @@ -1833,8 +1833,8 @@ query_additional_cb(void *arg, const dns_name_t *name, dns_rdatatype_t qtype, result = dns_db_findext(db, name, version, type, client->query.dboptions | DNS_DBFIND_GLUEOK | DNS_DBFIND_ADDITIONALOK, - client->now, &node, fname, &cm, &ci, rdataset, - sigrdataset); + client->inner.now, &node, fname, &cm, &ci, + rdataset, sigrdataset); dns_cache_updatestats(qctx->view->cache, result); if (!WANTDNSSEC(client)) { @@ -1892,8 +1892,8 @@ try_glue: additionaltype = dns_rdatasetadditional_fromglue; result = dns_db_findext(db, name, version, type, client->query.dboptions | DNS_DBFIND_GLUEOK, - client->now, &node, fname, &cm, &ci, rdataset, - sigrdataset); + client->inner.now, &node, fname, &cm, &ci, + rdataset, sigrdataset); if (result != ISC_R_SUCCESS && result != DNS_R_ZONECUT && result != DNS_R_GLUE) { @@ -1971,7 +1971,7 @@ found: goto aaaa_lookup; } result = dns_db_findrdataset(db, node, version, dns_rdatatype_a, - 0, client->now, rdataset, + 0, client->inner.now, rdataset, sigrdataset); if (result == DNS_R_NCACHENXDOMAIN) { goto addname; @@ -2038,9 +2038,9 @@ found: { goto addname; } - result = dns_db_findrdataset(db, node, version, - dns_rdatatype_aaaa, 0, client->now, - rdataset, sigrdataset); + result = dns_db_findrdataset( + db, node, version, dns_rdatatype_aaaa, 0, + client->inner.now, rdataset, sigrdataset); if (result == DNS_R_NCACHENXDOMAIN) { goto addname; } else if (result == DNS_R_NCACHENXRRSET) { @@ -2123,12 +2123,14 @@ addname: * This cannot go more than 'max-restarts' levels deep. */ if (trdataset != NULL && dns_rdatatype_followadditional(type)) { - if (client->additionaldepth++ < client->view->max_restarts) { + if (client->inner.additionaldepth++ < + client->inner.view->max_restarts) + { eresult = dns_rdataset_additionaldata( trdataset, fname, query_additional_cb, qctx, DNS_RDATASET_MAXADDITIONAL); } - client->additionaldepth--; + client->inner.additionaldepth--; } /* @@ -2170,7 +2172,7 @@ query_addtoname(dns_name_t *name, dns_rdataset_t *rdataset) { static void query_setorder(query_ctx_t *qctx, dns_name_t *name, dns_rdataset_t *rdataset) { ns_client_t *client = qctx->client; - dns_order_t *order = client->view->order; + dns_order_t *order = client->inner.view->order; CTRACE(ISC_LOG_DEBUG(3), "query_setorder"); @@ -2352,12 +2354,12 @@ mark_secure(ns_client_t *client, dns_db_t *db, dns_name_t *name, now = isc_stdtime_now(); dns_rdataset_trimttl(rdataset, sigrdataset, rrsig, now, - client->view->acceptexpired); + client->inner.view->acceptexpired); - (void)dns_db_addrdataset(db, node, NULL, client->now, rdataset, 0, - NULL); - (void)dns_db_addrdataset(db, node, NULL, client->now, sigrdataset, 0, + (void)dns_db_addrdataset(db, node, NULL, client->inner.now, rdataset, 0, NULL); + (void)dns_db_addrdataset(db, node, NULL, client->inner.now, sigrdataset, + 0, NULL); dns_db_detachnode(db, &node); } @@ -2387,9 +2389,9 @@ get_key(ns_client_t *client, dns_db_t *db, dns_rdata_rrsig_t *rrsig, return false; } - result = dns_db_findrdataset(db, node, NULL, - dns_rdatatype_dnskey, 0, - client->now, keyrdataset, NULL); + result = dns_db_findrdataset( + db, node, NULL, dns_rdatatype_dnskey, 0, + client->inner.now, keyrdataset, NULL); dns_db_detachnode(db, &node); if (result != ISC_R_SUCCESS) { return false; @@ -2450,7 +2452,7 @@ verify(dst_key_t *key, dns_name_t *name, dns_rdataset_t *rdataset, again: result = dns_dnssec_verify(name, rdataset, key, ignore, client->manager->mctx, rdata, NULL); - if (result == DNS_R_SIGEXPIRED && client->view->acceptexpired) { + if (result == DNS_R_SIGEXPIRED && client->inner.view->acceptexpired) { ignore = true; goto again; } @@ -2481,7 +2483,7 @@ validate(ns_client_t *client, dns_db_t *db, dns_name_t *name, result = dns_rdata_tostruct(&rdata, &rrsig, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); if (!dns_resolver_algorithm_supported( - client->view->resolver, name, rrsig.algorithm, + client->inner.view->resolver, name, rrsig.algorithm, rrsig.signature, rrsig.siglen)) { char txt[DNS_NAME_FORMATSIZE + 32]; @@ -2667,14 +2669,14 @@ stale_refresh_aftermath(ns_client_t *client, isc_result_t result) { * database, starting the stale-refresh-time window for it. * This is a condensed form of query_lookup(). */ - client->now = isc_stdtime_now(); + client->inner.now = isc_stdtime_now(); client->query.attributes &= ~NS_QUERYATTR_RECURSIONOK; qctx_init(client, NULL, 0, &qctx); dns_clientinfomethods_init(&cm, ns_client_sourceip); dns_clientinfo_init(&ci, qctx.client, NULL); if (HAVEECS(qctx.client)) { - dns_clientinfo_setecs(&ci, &qctx.client->ecs); + dns_clientinfo_setecs(&ci, &qctx.client->inner.ecs); } result = qctx_prepare_buffers(&qctx, &buffer); @@ -2686,11 +2688,12 @@ stale_refresh_aftermath(ns_client_t *client, isc_result_t result) { dboptions |= DNS_DBFIND_STALEOK; dboptions |= DNS_DBFIND_STALESTART; - dns_db_attach(qctx.client->view->cachedb, &db); + dns_db_attach(qctx.client->inner.view->cachedb, &db); (void)dns_db_findext(db, qctx.client->query.qname, NULL, qctx.client->query.qtype, dboptions, - qctx.client->now, &qctx.node, qctx.fname, - &cm, &ci, qctx.rdataset, qctx.sigrdataset); + qctx.client->inner.now, &qctx.node, + qctx.fname, &cm, &ci, qctx.rdataset, + qctx.sigrdataset); if (qctx.node != NULL) { dns_db_detachnode(db, &qctx.node); } @@ -2777,7 +2780,7 @@ fetch_and_forget(ns_client_t *client, dns_name_t *qname, dns_rdatatype_t qtype, tmprdataset = ns_client_newrdataset(client); if (!TCP(client)) { - peeraddr = &client->peeraddr; + peeraddr = &client->inner.peeraddr; } else { peeraddr = NULL; } @@ -2802,9 +2805,9 @@ fetch_and_forget(ns_client_t *client, dns_name_t *qname, dns_rdatatype_t qtype, handlep = &client->query.recursions[recursion_type].handle; fetchp = &client->query.recursions[recursion_type].fetch; - isc_nmhandle_attach(client->handle, handlep); + isc_nmhandle_attach(client->inner.handle, handlep); result = dns_resolver_createfetch( - client->view->resolver, qname, qtype, NULL, NULL, NULL, + client->inner.view->resolver, qname, qtype, NULL, NULL, NULL, peeraddr, client->message->id, options, 0, NULL, client->query.qc, client->manager->loop, cb, client, NULL, tmprdataset, NULL, fetchp); @@ -2821,8 +2824,8 @@ query_prefetch(ns_client_t *client, dns_name_t *qname, CTRACE(ISC_LOG_DEBUG(3), "query_prefetch"); if (FETCH_RECTYPE_PREFETCH(client) != NULL || - client->view->prefetch_trigger == 0U || - rdataset->ttl > client->view->prefetch_trigger || + client->inner.view->prefetch_trigger == 0U || + rdataset->ttl > client->inner.view->prefetch_trigger || (rdataset->attributes & DNS_RDATASETATTR_PREFETCH) == 0) { return; @@ -3086,8 +3089,9 @@ rpz_rrset_find(ns_client_t *client, dns_name_t *name, dns_rdatatype_t type, found = dns_fixedname_initname(&fixed); dns_clientinfomethods_init(&cm, ns_client_sourceip); dns_clientinfo_init(&ci, client, NULL); - result = dns_db_findext(*dbp, name, version, type, options, client->now, - &node, found, &cm, &ci, *rdatasetp, NULL); + result = dns_db_findext(*dbp, name, version, type, options, + client->inner.now, &node, found, &cm, &ci, + *rdatasetp, NULL); if (result == DNS_R_DELEGATION && is_zone && USECACHE(client)) { /* * Try the cache if we're authoritative for an @@ -3095,10 +3099,10 @@ rpz_rrset_find(ns_client_t *client, dns_name_t *name, dns_rdatatype_t type, */ rpz_clean(NULL, dbp, &node, rdatasetp); version = NULL; - dns_db_attach(client->view->cachedb, dbp); + dns_db_attach(client->inner.view->cachedb, dbp); result = dns_db_findext(*dbp, name, version, type, 0, - client->now, &node, found, &cm, &ci, - *rdatasetp, NULL); + client->inner.now, &node, found, &cm, + &ci, *rdatasetp, NULL); } rpz_clean(NULL, dbp, &node, NULL); if (result == DNS_R_DELEGATION) { @@ -3109,8 +3113,8 @@ rpz_rrset_find(ns_client_t *client, dns_name_t *name, dns_rdatatype_t type, */ if (rpz_type == DNS_RPZ_TYPE_IP) { result = DNS_R_NXRRSET; - } else if (!client->view->rpzs->p.nsip_wait_recurse || - (!client->view->rpzs->p.nsdname_wait_recurse && + } else if (!client->inner.view->rpzs->p.nsip_wait_recurse || + (!client->inner.view->rpzs->p.nsdname_wait_recurse && rpz_type == DNS_RPZ_TYPE_NSDNAME)) { query_rpzfetch(client, name, type); @@ -3251,8 +3255,8 @@ rpz_find_p(ns_client_t *client, dns_name_t *self_name, dns_rdatatype_t qtype, found = dns_fixedname_initname(&foundf); result = dns_db_findext(*dbp, p_name, *versionp, dns_rdatatype_any, 0, - client->now, nodep, found, &cm, &ci, *rdatasetp, - NULL); + client->inner.now, nodep, found, &cm, &ci, + *rdatasetp, NULL); /* * Choose the best rdataset if we found something. */ @@ -3270,7 +3274,7 @@ rpz_find_p(ns_client_t *client, dns_name_t *self_name, dns_rdatatype_t qtype, return DNS_R_SERVFAIL; } if (qtype == dns_rdatatype_aaaa && - !ISC_LIST_EMPTY(client->view->dns64)) + !ISC_LIST_EMPTY(client->inner.view->dns64)) { DNS_RDATASETITER_FOREACH (rdsiter) { dns_rdatasetiter_current(rdsiter, *rdatasetp); @@ -3304,10 +3308,10 @@ rpz_find_p(ns_client_t *client, dns_name_t *self_name, dns_rdatatype_t qtype, if (dns_rdatatype_issig(qtype)) { result = DNS_R_NXRRSET; } else { - result = dns_db_findext(*dbp, p_name, *versionp, - qtype, 0, client->now, - nodep, found, &cm, &ci, - *rdatasetp, NULL); + result = dns_db_findext( + *dbp, p_name, *versionp, qtype, 0, + client->inner.now, nodep, found, &cm, + &ci, *rdatasetp, NULL); } } } @@ -3412,7 +3416,7 @@ rpz_rewrite_ip(ns_client_t *client, const isc_netaddr_t *netaddr, CTRACE(ISC_LOG_DEBUG(3), "rpz_rewrite_ip"); - rpzs = client->view->rpzs; + rpzs = client->inner.view->rpzs; st = client->query.rpz_st; ip_name = dns_fixedname_initname(&ip_namef); @@ -3729,7 +3733,7 @@ rpz_rewrite_name(ns_client_t *client, dns_name_t *trig_name, CTRACE(ISC_LOG_DEBUG(3), "rpz_rewrite_name"); - rpzs = client->view->rpzs; + rpzs = client->inner.view->rpzs; st = client->query.rpz_st; zbits = rpz_get_zbits(client, qtype, rpz_type); @@ -3907,7 +3911,7 @@ rpz_rewrite(ns_client_t *client, dns_rdatatype_t qtype, isc_result_t qresult, CTRACE(ISC_LOG_DEBUG(3), "rpz_rewrite"); - rpzs = client->view->rpzs; + rpzs = client->inner.view->rpzs; st = client->query.rpz_st; if (rpzs == NULL) { @@ -4033,8 +4037,8 @@ rpz_rewrite(ns_client_t *client, dns_rdatatype_t qtype, isc_result_t qresult, DNS_RPZ_TYPE_CLIENT_IP); zbits &= allowed; if (zbits != 0) { - isc_netaddr_fromsockaddr(&netaddr, - &client->peeraddr); + isc_netaddr_fromsockaddr( + &netaddr, &client->inner.peeraddr); result = rpz_rewrite_ip(client, &netaddr, qtype, DNS_RPZ_TYPE_CLIENT_IP, zbits, &rdataset); @@ -4322,7 +4326,7 @@ rpz_ck_dnssec(ns_client_t *client, isc_result_t qresult, CTRACE(ISC_LOG_DEBUG(3), "rpz_ck_dnssec"); - if (client->view->rpzs->p.break_dnssec || !WANTDNSSEC(client)) { + if (client->inner.view->rpzs->p.break_dnssec || !WANTDNSSEC(client)) { return true; } @@ -4510,8 +4514,9 @@ again: dboptions = client->query.dboptions | DNS_DBFIND_FORCENSEC3; result = dns_db_findext(db, dns_fixedname_name(&fixed), version, - dns_rdatatype_nsec3, dboptions, client->now, - NULL, fname, &cm, &ci, rdataset, sigrdataset); + dns_rdatatype_nsec3, dboptions, + client->inner.now, NULL, fname, &cm, &ci, + rdataset, sigrdataset); if (result == DNS_R_NXDOMAIN) { if (!dns_rdataset_isassociated(rdataset)) { @@ -4609,7 +4614,7 @@ dns64_aaaaok(ns_client_t *client, dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset) { isc_netaddr_t netaddr; dns_aclenv_t *env = client->manager->aclenv; - dns_dns64_t *dns64 = ISC_LIST_HEAD(client->view->dns64); + dns_dns64_t *dns64 = ISC_LIST_HEAD(client->inner.view->dns64); unsigned int flags = 0; unsigned int i, count; bool *aaaaok; @@ -4636,8 +4641,8 @@ dns64_aaaaok(ns_client_t *client, dns_rdataset_t *rdataset, count = dns_rdataset_count(rdataset); aaaaok = isc_mem_cget(client->manager->mctx, count, sizeof(bool)); - isc_netaddr_fromsockaddr(&netaddr, &client->peeraddr); - if (dns_dns64_aaaaok(dns64, &netaddr, client->signer, env, flags, + isc_netaddr_fromsockaddr(&netaddr, &client->inner.peeraddr); + if (dns_dns64_aaaaok(dns64, &netaddr, client->inner.signer, env, flags, rdataset, aaaaok, count)) { for (i = 0; i < count; i++) { @@ -4685,7 +4690,7 @@ redirect(ns_client_t *client, dns_name_t *name, dns_rdataset_t *rdataset, CTRACE(ISC_LOG_DEBUG(3), "redirect"); - if (client->view->redirect == NULL) { + if (client->inner.view->redirect == NULL) { return ISC_R_NOTFOUND; } @@ -4693,7 +4698,7 @@ redirect(ns_client_t *client, dns_name_t *name, dns_rdataset_t *rdataset, dns_clientinfomethods_init(&cm, ns_client_sourceip); dns_clientinfo_init(&ci, client, NULL); - dns_clientinfo_setecs(&ci, &client->ecs); + dns_clientinfo_setecs(&ci, &client->inner.ecs); if (WANTDNSSEC(client) && dns_db_iszone(*dbp) && dns_db_issecure(*dbp)) { @@ -4726,13 +4731,13 @@ redirect(ns_client_t *client, dns_name_t *name, dns_rdataset_t *rdataset, } result = ns_client_checkaclsilent( - client, NULL, dns_zone_getqueryacl(client->view->redirect), - true); + client, NULL, + dns_zone_getqueryacl(client->inner.view->redirect), true); if (result != ISC_R_SUCCESS) { return ISC_R_NOTFOUND; } - result = dns_zone_getdb(client->view->redirect, &db); + result = dns_zone_getdb(client->inner.view->redirect, &db); if (result != ISC_R_SUCCESS) { return ISC_R_NOTFOUND; } @@ -4747,8 +4752,8 @@ redirect(ns_client_t *client, dns_name_t *name, dns_rdataset_t *rdataset, * Lookup the requested data in the redirect zone. */ result = dns_db_findext(db, client->query.qname, dbversion->version, - qtype, DNS_DBFIND_NOZONECUT, client->now, &node, - found, &cm, &ci, &trdataset, NULL); + qtype, DNS_DBFIND_NOZONECUT, client->inner.now, + &node, found, &cm, &ci, &trdataset, NULL); if (result == DNS_R_NXRRSET || result == DNS_R_NCACHENXRRSET) { if (dns_rdataset_isassociated(rdataset)) { dns_rdataset_disassociate(rdataset); @@ -4815,11 +4820,11 @@ redirect2(ns_client_t *client, dns_name_t *name, dns_rdataset_t *rdataset, CTRACE(ISC_LOG_DEBUG(3), "redirect2"); - if (client->view->redirectzone == NULL) { + if (client->inner.view->redirectzone == NULL) { return ISC_R_NOTFOUND; } - if (dns_name_issubdomain(name, client->view->redirectzone)) { + if (dns_name_issubdomain(name, client->inner.view->redirectzone)) { return ISC_R_NOTFOUND; } @@ -4827,7 +4832,7 @@ redirect2(ns_client_t *client, dns_name_t *name, dns_rdataset_t *rdataset, dns_clientinfomethods_init(&cm, ns_client_sourceip); dns_clientinfo_init(&ci, client, NULL); - dns_clientinfo_setecs(&ci, &client->ecs); + dns_clientinfo_setecs(&ci, &client->inner.ecs); if (WANTDNSSEC(client) && dns_db_iszone(*dbp) && dns_db_issecure(*dbp)) { @@ -4867,13 +4872,14 @@ redirect2(ns_client_t *client, dns_name_t *name, dns_rdataset_t *rdataset, dns_name_init(&prefix); dns_name_getlabelsequence(client->query.qname, 0, labels - 1, &prefix); - result = dns_name_concatenate( - &prefix, client->view->redirectzone, redirectname); + result = dns_name_concatenate(&prefix, + client->inner.view->redirectzone, + redirectname); if (result != ISC_R_SUCCESS) { return ISC_R_NOTFOUND; } } else { - dns_name_copy(redirectname, client->view->redirectzone); + dns_name_copy(redirectname, client->inner.view->redirectzone); } result = query_getdb(client, redirectname, qtype, @@ -4890,8 +4896,8 @@ redirect2(ns_client_t *client, dns_name_t *name, dns_rdataset_t *rdataset, * Lookup the requested data in the redirect zone. */ result = dns_db_findext(db, redirectname, version, qtype, 0, - client->now, &node, found, &cm, &ci, &trdataset, - NULL); + client->inner.now, &node, found, &cm, &ci, + &trdataset, NULL); if (result == DNS_R_NXRRSET || result == DNS_R_NCACHENXRRSET) { if (dns_rdataset_isassociated(rdataset)) { dns_rdataset_disassociate(rdataset); @@ -4941,7 +4947,8 @@ redirect2(ns_client_t *client, dns_name_t *name, dns_rdataset_t *rdataset, /* * Adjust the found name to not include the redirectzone suffix. */ - dns_name_split(found, dns_name_countlabels(client->view->redirectzone), + dns_name_split(found, + dns_name_countlabels(client->inner.view->redirectzone), found, NULL); /* * Make the name absolute. @@ -4994,7 +5001,7 @@ qctx_init(ns_client_t *client, dns_fetchresponse_t **frespp, /* Set this first so CCTRACE will work */ qctx->client = client; - dns_view_attach(client->view, &qctx->view); + dns_view_attach(client->inner.view, &qctx->view); CCTRACE(ISC_LOG_DEBUG(3), "qctx_init"); @@ -5153,7 +5160,7 @@ query_trace(query_ctx_t *qctx) { snprintf(mbuf, sizeof(mbuf) - 1, "client attr:0x%x, query attr:0x%X, restarts:%u, " "origqname:%s, timer:%d, authdb:%d, referral:%d", - qctx->client->attributes, qctx->client->query.attributes, + qctx->client->inner.attributes, qctx->client->query.attributes, qctx->client->query.restarts, qbuf, (int)qctx->client->query.timerset, (int)qctx->client->query.authdbset, @@ -5265,7 +5272,7 @@ static void qctx_reportquery(query_ctx_t *qctx) { ns_client_t *client = qctx->client; - client->attributes |= NS_CLIENTATTR_WANTRC; + client->inner.attributes |= NS_CLIENTATTR_WANTRC; /* If this isn't a report-logging zone, there's no more to do */ dns_zoneopt_t opts = dns_zone_getoptions(qctx->zone); @@ -5277,7 +5284,7 @@ qctx_reportquery(query_ctx_t *qctx) { * Suppress EDNS Report-Channel in responses from report- * logging zones; this prevents infinite loops. */ - client->attributes &= ~NS_CLIENTATTR_WANTRC; + client->inner.attributes &= ~NS_CLIENTATTR_WANTRC; /* If this isn't an error-report query, there's nothing more to do */ if (client->query.qtype != dns_rdatatype_txt || @@ -5293,9 +5300,9 @@ qctx_reportquery(query_ctx_t *qctx) { */ if (!TCP(client) && !HAVECOOKIE(client)) { if (WANTCOOKIE(client)) { - client->attributes |= NS_CLIENTATTR_BADCOOKIE; + client->inner.attributes |= NS_CLIENTATTR_BADCOOKIE; } else { - client->attributes |= NS_CLIENTATTR_NEEDTCP; + client->inner.attributes |= NS_CLIENTATTR_NEEDTCP; } } @@ -5304,7 +5311,7 @@ qctx_reportquery(query_ctx_t *qctx) { char namebuf[DNS_NAME_FORMATSIZE]; dns_name_format(client->query.qname, namebuf, sizeof(namebuf)); - dns_rdataclass_format(client->view->rdclass, classbuf, + dns_rdataclass_format(client->inner.view->rdclass, classbuf, sizeof(classbuf)); isc_log_write(NS_LOGCATEGORY_DRA, NS_LOGMODULE_QUERY, @@ -5318,14 +5325,15 @@ qctx_setrad(query_ctx_t *qctx) { ns_client_t *client = qctx->client; /* Set the client to send a Report-Channel option when replying */ - if ((client->attributes & NS_CLIENTATTR_WANTRC) != 0) { + if ((client->inner.attributes & NS_CLIENTATTR_WANTRC) != 0) { dns_fixedname_t fixed; dns_name_t *rad = dns_fixedname_initname(&fixed); - if (!dns_name_dynamic(&client->rad) && + if (!dns_name_dynamic(&client->inner.rad) && dns_zone_getrad(qctx->zone, rad) == ISC_R_SUCCESS) { - dns_name_dup(rad, client->manager->mctx, &client->rad); + dns_name_dup(rad, client->manager->mctx, + &client->inner.rad); } } } @@ -5363,7 +5371,7 @@ ns__query_start(query_ctx_t *qctx) { qctx->client->message->flags &= ~DNS_MESSAGEFLAG_AA; qctx->client->message->flags &= ~DNS_MESSAGEFLAG_AD; qctx->client->message->rcode = dns_rcode_badcookie; - qctx->client->attributes &= ~NS_CLIENTATTR_WANTRC; + qctx->client->inner.attributes &= ~NS_CLIENTATTR_WANTRC; return ns_query_done(qctx); } @@ -5554,7 +5562,7 @@ ns__query_start(query_ctx_t *qctx) { } qctx->client->query.authdbset = true; - isc_nmhandle_t *handle = qctx->client->handle; + isc_nmhandle_t *handle = qctx->client->inner.handle; /* Track protocol stats per zone */ switch (isc_nm_socket_type(handle)) { @@ -5663,9 +5671,9 @@ static void async_restart(void *arg) { query_ctx_t *qctx = arg; ns_client_t *client = qctx->client; - isc_nmhandle_t *handle = client->restarthandle; + isc_nmhandle_t *handle = client->inner.restarthandle; - client->restarthandle = NULL; + client->inner.restarthandle = NULL; ns__query_start(qctx); @@ -5752,7 +5760,7 @@ query_lookup(query_ctx_t *qctx) { dns_clientinfomethods_init(&cm, ns_client_sourceip); dns_clientinfo_init(&ci, qctx->client, NULL); if (HAVEECS(qctx->client)) { - dns_clientinfo_setecs(&ci, &qctx->client->ecs); + dns_clientinfo_setecs(&ci, &qctx->client->inner.ecs); } /* @@ -5790,16 +5798,16 @@ query_lookup(query_ctx_t *qctx) { dboptions |= DNS_DBFIND_COVERINGNSEC; } - (void)dns_db_getservestalerefresh(qctx->client->view->cachedb, + (void)dns_db_getservestalerefresh(qctx->client->inner.view->cachedb, &stale_refresh); if (stale_refresh > 0 && - dns_view_staleanswerenabled(qctx->client->view)) + dns_view_staleanswerenabled(qctx->client->inner.view)) { dboptions |= DNS_DBFIND_STALEENABLED; } result = dns_db_findext(qctx->db, rpzqname, qctx->version, qctx->type, - dboptions, qctx->client->now, &qctx->node, + dboptions, qctx->client->inner.now, &qctx->node, qctx->fname, &cm, &ci, qctx->rdataset, qctx->sigrdataset); @@ -5935,7 +5943,7 @@ query_lookup(query_ctx_t *qctx) { { qctx_clean(qctx); qctx_freedata(qctx); - dns_db_attach(qctx->client->view->cachedb, + dns_db_attach(qctx->client->inner.view->cachedb, &qctx->db); qctx->client->query.dboptions &= ~DNS_DBFIND_STALETIMEOUT; @@ -6058,7 +6066,9 @@ fetch_callback(void *arg) { * We are resuming from recursion. Reset any attributes, options * that a lookup due to stale-answer-client-timeout may have set. */ - if (client->view->cachedb != NULL && client->view->recursion) { + if (client->inner.view->cachedb != NULL && + client->inner.view->recursion) + { client->query.attributes |= NS_QUERYATTR_RECURSIONOK; } client->query.dboptions &= ~DNS_DBFIND_STALETIMEOUT; @@ -6076,7 +6086,7 @@ fetch_callback(void *arg) { /* * Update client->now. */ - client->now = isc_stdtime_now(); + client->inner.now = isc_stdtime_now(); } else { /* * This is a fetch completion event for a canceled fetch. @@ -6097,7 +6107,7 @@ fetch_callback(void *arg) { isc_nmhandle_detach(&HANDLE_RECTYPE_NORMAL(client)); client->query.attributes &= ~NS_QUERYATTR_RECURSING; - client->state = NS_CLIENTSTATE_WORKING; + client->inner.state = NS_CLIENTSTATE_WORKING; /* * Initialize a new qctx and use it to either resume from @@ -6252,8 +6262,9 @@ release_recursionquota(ns_client_t *client) { recursionquotatype_detach(client); LOCK(&client->manager->reclock); - if (ISC_LINK_LINKED(client, rlink)) { - ISC_LIST_UNLINK(client->manager->recursing, client, rlink); + if (ISC_LINK_LINKED(client, inner.rlink)) { + ISC_LIST_UNLINK(client->manager->recursing, client, + inner.rlink); } UNLOCK(&client->manager->reclock); } @@ -6308,16 +6319,17 @@ ns_query_recurse(ns_client_t *client, dns_rdatatype_t qtype, dns_name_t *qname, } if (!TCP(client)) { - peeraddr = &client->peeraddr; + peeraddr = &client->inner.peeraddr; } - isc_nmhandle_attach(client->handle, &HANDLE_RECTYPE_NORMAL(client)); + isc_nmhandle_attach(client->inner.handle, + &HANDLE_RECTYPE_NORMAL(client)); result = dns_resolver_createfetch( - client->view->resolver, qname, qtype, qdomain, nameservers, - NULL, peeraddr, client->message->id, client->query.fetchoptions, - 0, NULL, client->query.qc, client->manager->loop, - fetch_callback, client, &client->edectx, rdataset, sigrdataset, - &FETCH_RECTYPE_NORMAL(client)); + client->inner.view->resolver, qname, qtype, qdomain, + nameservers, NULL, peeraddr, client->message->id, + client->query.fetchoptions, 0, NULL, client->query.qc, + client->manager->loop, fetch_callback, client, &client->edectx, + rdataset, sigrdataset, &FETCH_RECTYPE_NORMAL(client)); if (result != ISC_R_SUCCESS) { release_recursionquota(client); @@ -6546,7 +6558,7 @@ query_hookresume(void *arg) { INSIST(rev->ctx == client->query.hookactx); client->query.hookactx = NULL; canceled = false; - client->now = isc_stdtime_now(); + client->inner.now = isc_stdtime_now(); } else { canceled = true; } @@ -6562,7 +6574,7 @@ query_hookresume(void *arg) { */ isc_nmhandle_detach(&HANDLE_RECTYPE_HOOK(client)); - client->state = NS_CLIENTSTATE_WORKING; + client->inner.state = NS_CLIENTSTATE_WORKING; if (canceled) { /* @@ -6706,7 +6718,7 @@ ns_query_hookasync(query_ctx_t *qctx, ns_query_starthookasync_t runasync, * only if 'runasync' succeeds. It should be safe since we're either in * the client task or pausing it. */ - isc_nmhandle_attach(client->handle, &HANDLE_RECTYPE_HOOK(client)); + isc_nmhandle_attach(client->inner.handle, &HANDLE_RECTYPE_HOOK(client)); return ISC_R_SUCCESS; cleanup_and_detach_from_quota: @@ -6765,7 +6777,7 @@ ns__query_sfcache(query_ctx_t *qctx) { failcache = dns_badcache_find( qctx->view->failcache, qctx->client->query.qname, qctx->qtype, &flags, - isc_time_seconds(&qctx->client->tnow)); + isc_time_seconds(&qctx->client->inner.tnow)); } if (failcache != ISC_R_SUCCESS) { @@ -6792,7 +6804,7 @@ ns__query_sfcache(query_ctx_t *qctx) { "0"); } - qctx->client->attributes |= NS_CLIENTATTR_NOSETFC; + qctx->client->inner.attributes |= NS_CLIENTATTR_NOSETFC; QUERY_ERROR(qctx, DNS_R_SERVFAIL); return ns_query_done(qctx); } @@ -6809,7 +6821,7 @@ query_trace_rrldrop(query_ctx_t *qctx, char peerbuf[ISC_SOCKADDR_FORMATSIZE]; isc_netaddr_t peer; - isc_netaddr_fromsockaddr(&peer, &qctx->client->peeraddr); + isc_netaddr_fromsockaddr(&peer, &qctx->client->inner.peeraddr); isc_netaddr_format(&peer, peerbuf, sizeof(peerbuf)); char qnamebuf[DNS_NAME_FORMATSIZE]; @@ -6846,7 +6858,7 @@ query_checkrrl(query_ctx_t *qctx, isc_result_t result) { "rrl=%p, HAVECOOKIE=%u, result=%s, " "fname=%p(%u), is_zone=%u, RECURSIONOK=%u, " "query.rpz_st=%p(%u), RRL_CHECKED=%u", - qctx->client->view->rrl, HAVECOOKIE(qctx->client), + qctx->client->inner.view->rrl, HAVECOOKIE(qctx->client), isc_result_toid(result), qctx->fname, qctx->fname != NULL ? dns_name_isabsolute(qctx->fname) : 0, qctx->is_zone, RECURSIONOK(qctx->client), @@ -6926,10 +6938,11 @@ query_checkrrl(query_ctx_t *qctx, isc_result_t result) { } rrl_result = dns_rrl( - qctx->view, qctx->zone, &qctx->client->peeraddr, + qctx->view, qctx->zone, &qctx->client->inner.peeraddr, TCP(qctx->client), qctx->client->message->rdclass, - qctx->qtype, constname, resp_result, qctx->client->now, - wouldlog, log_buf, sizeof(log_buf)); + qctx->qtype, constname, resp_result, + qctx->client->inner.now, wouldlog, log_buf, + sizeof(log_buf)); if (rrl_result != DNS_RRL_RESULT_OK) { /* * Log dropped or slipped responses in the query @@ -6976,7 +6989,7 @@ query_checkrrl(query_ctx_t *qctx, isc_result_t result) { ~DNS_MESSAGEFLAG_AD; qctx->client->message->rcode = dns_rcode_badcookie; - qctx->client->attributes &= + qctx->client->inner.attributes &= ~NS_CLIENTATTR_WANTRC; } else { qctx->client->message->flags |= @@ -7186,8 +7199,8 @@ query_checkrpz(query_ctx_t *qctx, isc_result_t result) { * Turn off DNSSEC because the results of a * response policy zone cannot verify. */ - qctx->client->attributes &= ~(NS_CLIENTATTR_WANTDNSSEC | - NS_CLIENTATTR_WANTAD); + qctx->client->inner.attributes &= ~(NS_CLIENTATTR_WANTDNSSEC | + NS_CLIENTATTR_WANTAD); qctx->client->message->flags &= ~DNS_MESSAGEFLAG_AD; ns_client_putrdataset(qctx->client, &qctx->sigrdataset); qctx->rpz_st->q.is_zone = qctx->is_zone; @@ -7254,8 +7267,8 @@ query_rpzcname(query_ctx_t *qctx, dns_name_t *cname) { * Turn off DNSSEC because the results of a * response policy zone cannot verify. */ - client->attributes &= ~(NS_CLIENTATTR_WANTDNSSEC | - NS_CLIENTATTR_WANTAD); + client->inner.attributes &= ~(NS_CLIENTATTR_WANTDNSSEC | + NS_CLIENTATTR_WANTAD); return ISC_R_SUCCESS; } @@ -7391,7 +7404,7 @@ query_usestale(query_ctx_t *qctx, isc_result_t result) { qctx_clean(qctx); qctx_freedata(qctx); - if (dns_view_staleanswerenabled(qctx->client->view)) { + if (dns_view_staleanswerenabled(qctx->client->inner.view)) { isc_result_t ret; ret = query_getdb(qctx->client, qctx->client->query.qname, qctx->client->query.qtype, qctx->options, @@ -7473,7 +7486,7 @@ root_key_sentinel: /* * Don't record this response in the SERVFAIL cache. */ - qctx->client->attributes |= NS_CLIENTATTR_NOSETFC; + qctx->client->inner.attributes |= NS_CLIENTATTR_NOSETFC; QUERY_ERROR(qctx, DNS_R_SERVFAIL); return ns_query_done(qctx); } @@ -7541,7 +7554,7 @@ root_key_sentinel: * Regardless of the triggering result, we definitely * want to return SERVFAIL from here. */ - qctx->client->rcode_override = dns_rcode_servfail; + qctx->client->inner.rcode_override = dns_rcode_servfail; QUERY_ERROR(qctx, result); return ns_query_done(qctx); @@ -7791,7 +7804,7 @@ query_respond_any(query_ctx_t *qctx) { */ if (!qctx->is_zone) { qctx->authoritative = false; - qctx->client->attributes &= ~NS_CLIENTATTR_RA; + qctx->client->inner.attributes &= ~NS_CLIENTATTR_RA; query_addauth(qctx); return ns_query_done(qctx); } @@ -7836,7 +7849,7 @@ query_getexpire(query_ctx_t *qctx) { if (qctx->zone == NULL || !qctx->is_zone || qctx->qtype != dns_rdatatype_soa || qctx->client->query.restarts != 0 || - (qctx->client->attributes & NS_CLIENTATTR_WANTEXPIRE) == 0) + (qctx->client->inner.attributes & NS_CLIENTATTR_WANTEXPIRE) == 0) { return; } @@ -7851,10 +7864,13 @@ query_getexpire(query_ctx_t *qctx) { uint32_t secs; dns_zone_getexpiretime(qctx->zone, &expiretime); secs = isc_time_seconds(&expiretime); - if (secs >= qctx->client->now && qctx->result == ISC_R_SUCCESS) + if (secs >= qctx->client->inner.now && + qctx->result == ISC_R_SUCCESS) { - qctx->client->attributes |= NS_CLIENTATTR_HAVEEXPIRE; - qctx->client->expire = secs - qctx->client->now; + qctx->client->inner.attributes |= + NS_CLIENTATTR_HAVEEXPIRE; + qctx->client->inner.expire = secs - + qctx->client->inner.now; } } else if (dns_zone_gettype(mayberaw) == dns_zone_primary) { isc_result_t result; @@ -7868,8 +7884,8 @@ query_getexpire(query_ctx_t *qctx) { result = dns_rdata_tostruct(&rdata, &soa, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); - qctx->client->expire = soa.expire; - qctx->client->attributes |= NS_CLIENTATTR_HAVEEXPIRE; + qctx->client->inner.expire = soa.expire; + qctx->client->inner.attributes |= NS_CLIENTATTR_HAVEEXPIRE; } if (raw != NULL) { @@ -7887,8 +7903,10 @@ query_getzoneversion(query_ctx_t *qctx) { if (qctx->zone == NULL || !qctx->is_zone || qctx->client->query.restarts != 0 || - (qctx->client->attributes & NS_CLIENTATTR_WANTZONEVERSION) == 0 || - (qctx->client->attributes & NS_CLIENTATTR_HAVEZONEVERSION) != 0) + (qctx->client->inner.attributes & NS_CLIENTATTR_WANTZONEVERSION) == + 0 || + (qctx->client->inner.attributes & NS_CLIENTATTR_HAVEZONEVERSION) != + 0) { return; } @@ -7911,13 +7929,13 @@ query_getzoneversion(query_ctx_t *qctx) { if (len < 2 || (buf[1] == 0 && len != 6)) { return; } - qctx->client->attributes |= + qctx->client->inner.attributes |= NS_CLIENTATTR_HAVEZONEVERSION; - INSIST(qctx->client->zoneversion == NULL); - qctx->client->zoneversion = + INSIST(qctx->client->inner.zoneversion == NULL); + qctx->client->inner.zoneversion = isc_mem_get(qctx->client->manager->mctx, len); - qctx->client->zoneversionlength = len; - memmove(qctx->client->zoneversion, buf, len); + qctx->client->inner.zoneversionlength = len; + memmove(qctx->client->inner.zoneversion, buf, len); } break; } @@ -8128,7 +8146,7 @@ query_dns64(query_ctx_t *qctx) { dns_name_t *name = NULL, *mname = NULL; dns_rdataset_t *mrdataset = NULL; dns_rdataset_t *dns64_rdataset = NULL; - dns_view_t *view = client->view; + dns_view_t *view = client->inner.view; const dns_section_t section = DNS_SECTION_ANSWER; unsigned int flags = 0; @@ -8197,10 +8215,11 @@ query_dns64(query_ctx_t *qctx) { flags |= DNS_DNS64_RECURSIVE; } - result = dns_dns64_apply( - client->manager->mctx, view->dns64, view->dns64cnt, - client->message, client->manager->aclenv, &client->peeraddr, - client->signer, flags, qctx->rdataset, &dns64_rdataset); + result = dns_dns64_apply(client->manager->mctx, view->dns64, + view->dns64cnt, client->message, + client->manager->aclenv, + &client->inner.peeraddr, client->inner.signer, + flags, qctx->rdataset, &dns64_rdataset); if (result != ISC_R_SUCCESS) { goto cleanup; } @@ -8361,10 +8380,10 @@ query_notfound(query_ctx_t *qctx) { dns_clientinfo_init(&ci, qctx->client, NULL); dns_db_attach(qctx->view->hints, &qctx->db); - result = dns_db_findext(qctx->db, dns_rootname, NULL, - dns_rdatatype_ns, 0, qctx->client->now, - &qctx->node, qctx->fname, &cm, &ci, - qctx->rdataset, qctx->sigrdataset); + result = dns_db_findext( + qctx->db, dns_rootname, NULL, dns_rdatatype_ns, 0, + qctx->client->inner.now, &qctx->node, qctx->fname, &cm, + &ci, qctx->rdataset, qctx->sigrdataset); } else { /* We have no hints. */ result = ISC_R_FAILURE; @@ -8776,15 +8795,15 @@ query_addds(query_ctx_t *qctx) { * Look for the DS record, which may or may not be present. */ result = dns_db_findrdataset(qctx->db, qctx->node, qctx->version, - dns_rdatatype_ds, 0, client->now, rdataset, - sigrdataset); + dns_rdatatype_ds, 0, client->inner.now, + rdataset, sigrdataset); /* * If we didn't find it, look for an NSEC. */ if (result == ISC_R_NOTFOUND) { result = dns_db_findrdataset( qctx->db, qctx->node, qctx->version, dns_rdatatype_nsec, - 0, client->now, rdataset, sigrdataset); + 0, client->inner.now, rdataset, sigrdataset); } if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { goto addnsec3; @@ -9812,8 +9831,8 @@ query_coveringnsec(query_ctx_t *qctx) { dns_db_attach(qctx->db, &db); result = dns_db_findext(db, signer, qctx->version, dns_rdatatype_soa, dboptions, - qctx->client->now, &node, fname, &cm, - &ci, soardataset, sigsoardataset); + qctx->client->inner.now, &node, fname, + &cm, &ci, soardataset, sigsoardataset); if (result != ISC_R_SUCCESS) { goto cleanup; @@ -9830,8 +9849,8 @@ query_coveringnsec(query_ctx_t *qctx) { dns_db_attach(qctx->db, &db); result = dns_db_findext(db, wild, qctx->version, qctx->type, dboptions | DNS_DBFIND_COVERINGNSEC, - qctx->client->now, &node, nowild, &cm, &ci, - &rdataset, &sigrdataset); + qctx->client->inner.now, &node, nowild, &cm, + &ci, &rdataset, &sigrdataset); if (rdataset.trust != dns_trust_secure || sigrdataset.trust != dns_trust_secure) @@ -9934,8 +9953,8 @@ query_coveringnsec(query_ctx_t *qctx) { * Look for SOA record to construct NXDOMAIN response. */ result = dns_db_findext(db, signer, qctx->version, dns_rdatatype_soa, - dboptions, qctx->client->now, &node, fname, &cm, - &ci, soardataset, sigsoardataset); + dboptions, qctx->client->inner.now, &node, + fname, &cm, &ci, soardataset, sigsoardataset); if (result != ISC_R_SUCCESS) { goto cleanup; @@ -10465,9 +10484,9 @@ query_addsoa(query_ctx_t *qctx, unsigned int override_ttl, */ result = dns_db_getoriginnode(qctx->db, &node); if (result == ISC_R_SUCCESS) { - result = dns_db_findrdataset(qctx->db, node, qctx->version, - dns_rdatatype_soa, 0, client->now, - rdataset, sigrdataset); + result = dns_db_findrdataset( + qctx->db, node, qctx->version, dns_rdatatype_soa, 0, + client->inner.now, rdataset, sigrdataset); } else { dns_fixedname_t foundname; dns_name_t *fname; @@ -10586,9 +10605,9 @@ query_addns(query_ctx_t *qctx) { */ result = dns_db_getoriginnode(qctx->db, &node); if (result == ISC_R_SUCCESS) { - result = dns_db_findrdataset(qctx->db, node, qctx->version, - dns_rdatatype_ns, 0, client->now, - rdataset, sigrdataset); + result = dns_db_findrdataset( + qctx->db, node, qctx->version, dns_rdatatype_ns, 0, + client->inner.now, rdataset, sigrdataset); } else { CTRACE(ISC_LOG_DEBUG(3), "query_addns: calling dns_db_find"); result = dns_db_findext(qctx->db, name, NULL, dns_rdatatype_ns, @@ -10687,7 +10706,7 @@ query_addbestns(query_ctx_t *qctx) { if (!USECACHE(client)) { goto cleanup; } - dns_db_attach(client->view->cachedb, &db); + dns_db_attach(client->inner.view->cachedb, &db); is_zone = false; } break; @@ -10715,8 +10734,8 @@ db_find: if (is_zone) { result = dns_db_findext( db, client->query.qname, version, dns_rdatatype_ns, - client->query.dboptions, client->now, &node, fname, &cm, - &ci, rdataset, sigrdataset); + client->query.dboptions, client->inner.now, &node, + fname, &cm, &ci, rdataset, sigrdataset); if (result != DNS_R_DELEGATION) { goto cleanup; } @@ -10728,14 +10747,15 @@ db_find: SAVE(zrdataset, rdataset); SAVE(zsigrdataset, sigrdataset); version = NULL; - dns_db_attach(client->view->cachedb, &db); + dns_db_attach(client->inner.view->cachedb, &db); is_zone = false; goto db_find; } } else { - result = dns_db_findzonecut( - db, client->query.qname, client->query.dboptions, - client->now, &node, fname, NULL, rdataset, sigrdataset); + result = dns_db_findzonecut(db, client->query.qname, + client->query.dboptions, + client->inner.now, &node, fname, + NULL, rdataset, sigrdataset); if (result == ISC_R_SUCCESS) { if (zfname != NULL && !dns_name_issubdomain(fname, zfname)) @@ -11258,7 +11278,7 @@ ns_query_done(query_ctx_t *qctx) { */ if (qctx->client->query.restarts == 0 && !qctx->authoritative) { qctx->client->message->flags &= ~DNS_MESSAGEFLAG_AA; - qctx->client->attributes &= ~NS_CLIENTATTR_WANTRC; + qctx->client->inner.attributes &= ~NS_CLIENTATTR_WANTRC; } /* @@ -11266,15 +11286,15 @@ ns_query_done(query_ctx_t *qctx) { */ if (qctx->want_restart) { if (qctx->client->query.restarts < - qctx->client->view->max_restarts) + qctx->client->inner.view->max_restarts) { query_ctx_t *saved_qctx = NULL; qctx->client->query.restarts++; saved_qctx = isc_mem_get(qctx->client->manager->mctx, sizeof(*saved_qctx)); qctx_save(qctx, saved_qctx); - isc_nmhandle_attach(qctx->client->handle, - &qctx->client->restarthandle); + isc_nmhandle_attach(qctx->client->inner.handle, + &qctx->client->inner.restarthandle); isc_async_run(qctx->client->manager->loop, async_restart, saved_qctx); return DNS_R_CONTINUE; @@ -11419,31 +11439,31 @@ log_tat(ns_client_t *client) { if ((client->query.qtype != dns_rdatatype_null || !dns_name_istat(client->query.qname)) && - (client->keytag == NULL || + (client->inner.keytag == NULL || client->query.qtype != dns_rdatatype_dnskey)) { return; } - isc_netaddr_fromsockaddr(&netaddr, &client->peeraddr); + isc_netaddr_fromsockaddr(&netaddr, &client->inner.peeraddr); dns_name_format(client->query.qname, namebuf, sizeof(namebuf)); isc_netaddr_format(&netaddr, clientbuf, sizeof(clientbuf)); - dns_rdataclass_format(client->view->rdclass, classbuf, + dns_rdataclass_format(client->inner.view->rdclass, classbuf, sizeof(classbuf)); if (client->query.qtype == dns_rdatatype_dnskey) { - uint16_t keytags = client->keytag_len / 2; + uint16_t keytags = client->inner.keytag_len / 2; size_t len = taglen = sizeof("65000") * keytags + 1; char *cp = tags = isc_mem_get(client->manager->mctx, taglen); int i = 0; - INSIST(client->keytag != NULL); + INSIST(client->inner.keytag != NULL); if (tags != NULL) { while (keytags-- > 0U) { int n; uint16_t keytag; - keytag = (client->keytag[i * 2] << 8) | - client->keytag[i * 2 + 1]; + keytag = (client->inner.keytag[i * 2] << 8) | + client->inner.keytag[i * 2 + 1]; n = snprintf(cp, len, " %u", keytag); if (n > 0 && (size_t)n <= len) { cp += n; @@ -11484,7 +11504,7 @@ log_query(ns_client_t *client, unsigned int flags, unsigned int extflags) { dns_name_format(client->query.qname, namebuf, sizeof(namebuf)); dns_rdataclass_format(rdataset->rdclass, classbuf, sizeof(classbuf)); dns_rdatatype_format(rdataset->type, typebuf, sizeof(typebuf)); - isc_sockaddr_format(&client->destsockaddr, sabuf, sizeof(sabuf)); + isc_sockaddr_format(&client->inner.destsockaddr, sabuf, sizeof(sabuf)); if (HAVEECS(client)) { ns_client_log_ecs(client, ecsbuf, sizeof(ecsbuf)); @@ -11554,10 +11574,10 @@ ns_query_start(ns_client_t *client, isc_nmhandle_t *handle) { /* * Attach to the request handle */ - isc_nmhandle_attach(handle, &client->reqhandle); + isc_nmhandle_attach(handle, &client->inner.reqhandle); message = client->message; - saved_extflags = client->extflags; + saved_extflags = client->inner.extflags; saved_flags = client->message->flags; CTRACE(ISC_LOG_DEBUG(3), "ns_query_start"); @@ -11565,17 +11585,17 @@ ns_query_start(ns_client_t *client, isc_nmhandle_t *handle) { /* * Ensure that appropriate cleanups occur. */ - client->cleanup = query_cleanup; + client->inner.cleanup = query_cleanup; if ((message->flags & DNS_MESSAGEFLAG_RD) != 0) { client->query.attributes |= NS_QUERYATTR_WANTRECURSION; } - if ((client->extflags & DNS_MESSAGEEXTFLAG_DO) != 0) { - client->attributes |= NS_CLIENTATTR_WANTDNSSEC; + if ((client->inner.extflags & DNS_MESSAGEEXTFLAG_DO) != 0) { + client->inner.attributes |= NS_CLIENTATTR_WANTDNSSEC; } - switch (client->view->minimalresponses) { + switch (client->inner.view->minimalresponses) { case dns_minimal_no: break; case dns_minimal_yes: @@ -11592,15 +11612,17 @@ ns_query_start(ns_client_t *client, isc_nmhandle_t *handle) { break; } - if (client->view->cachedb == NULL || !client->view->recursion) { + if (client->inner.view->cachedb == NULL || + !client->inner.view->recursion) + { /* * We don't have a cache. Turn off cache support and * recursion. */ client->query.attributes &= ~(NS_QUERYATTR_RECURSIONOK | NS_QUERYATTR_CACHEOK); - client->attributes |= NS_CLIENTATTR_NOSETFC; - } else if ((client->attributes & NS_CLIENTATTR_RA) == 0 || + client->inner.attributes |= NS_CLIENTATTR_NOSETFC; + } else if ((client->inner.attributes & NS_CLIENTATTR_RA) == 0 || (message->flags & DNS_MESSAGEFLAG_RD) == 0) { /* @@ -11610,7 +11632,7 @@ ns_query_start(ns_client_t *client, isc_nmhandle_t *handle) { * doesn't want recursion, turn recursion off. */ client->query.attributes &= ~NS_QUERYATTR_RECURSIONOK; - client->attributes |= NS_CLIENTATTR_NOSETFC; + client->inner.attributes |= NS_CLIENTATTR_NOSETFC; } /* @@ -11713,7 +11735,7 @@ ns_query_start(ns_client_t *client, isc_nmhandle_t *handle) { case dns_rdatatype_tkey: result = dns_tkey_processquery( client->message, client->manager->sctx->tkeyctx, - client->view->dynamickeys); + client->inner.view->dynamickeys); if (result == ISC_R_SUCCESS) { query_send(client); } else { @@ -11743,7 +11765,7 @@ ns_query_start(ns_client_t *client, isc_nmhandle_t *handle) { /* * Maybe turn on minimal responses for ANY queries. */ - if (qtype == dns_rdatatype_any && client->view->minimal_any && + if (qtype == dns_rdatatype_any && client->inner.view->minimal_any && !TCP(client)) { client->query.attributes |= (NS_QUERYATTR_NOAUTHORITY | @@ -11753,7 +11775,8 @@ ns_query_start(ns_client_t *client, isc_nmhandle_t *handle) { /* * Turn on minimal responses for EDNS/UDP bufsize 512 queries. */ - if (client->ednsversion >= 0 && client->udpsize <= 512U && !TCP(client)) + if (client->inner.ednsversion >= 0 && client->inner.udpsize <= 512U && + !TCP(client)) { client->query.attributes |= (NS_QUERYATTR_NOAUTHORITY | NS_QUERYATTR_NOADDITIONAL); @@ -11772,14 +11795,14 @@ ns_query_start(ns_client_t *client, isc_nmhandle_t *handle) { { client->query.dboptions |= DNS_DBFIND_PENDINGOK; client->query.fetchoptions |= DNS_FETCHOPT_NOVALIDATE; - } else if (!client->view->enablevalidation) { + } else if (!client->inner.view->enablevalidation) { client->query.fetchoptions |= DNS_FETCHOPT_NOVALIDATE; } - if (client->view->qminimization) { + if (client->inner.view->qminimization) { client->query.fetchoptions |= DNS_FETCHOPT_QMINIMIZE | DNS_FETCHOPT_QMIN_SKIP_IP6A; - if (client->view->qmin_strict) { + if (client->inner.view->qmin_strict) { client->query.fetchoptions |= DNS_FETCHOPT_QMIN_STRICT; } } @@ -11797,7 +11820,7 @@ ns_query_start(ns_client_t *client, isc_nmhandle_t *handle) { * This allows AD to be returned on queries without DO set. */ if ((message->flags & DNS_MESSAGEFLAG_AD) != 0) { - client->attributes |= NS_CLIENTATTR_WANTAD; + client->inner.attributes |= NS_CLIENTATTR_WANTAD; } /* @@ -11831,8 +11854,8 @@ ns_query_start(ns_client_t *client, isc_nmhandle_t *handle) { /* * Start global outgoing query count. */ - isc_counter_create(client->manager->mctx, client->view->max_queries, - &client->query.qc); + isc_counter_create(client->manager->mctx, + client->inner.view->max_queries, &client->query.qc); query_setup(client, qtype); } diff --git a/lib/ns/update.c b/lib/ns/update.c index e781e8cb7f..24847c381b 100644 --- a/lib/ns/update.c +++ b/lib/ns/update.c @@ -210,7 +210,8 @@ /* * Return TRUE if NS_CLIENTATTR_TCP is set in the attributes other FALSE. */ -#define TCPCLIENT(client) (((client)->attributes & NS_CLIENTATTR_TCP) != 0) +#define TCPCLIENT(client) \ + (((client)->inner.attributes & NS_CLIENTATTR_TCP) != 0) /**************************************************************************/ @@ -357,7 +358,7 @@ checkqueryacl(ns_client_t *client, dns_acl_t *queryacl, dns_name_t *zonename, int level = update_possible ? ISC_LOG_ERROR : ISC_LOG_INFO; dns_name_format(zonename, namebuf, sizeof(namebuf)); - dns_rdataclass_format(client->view->rdclass, classbuf, + dns_rdataclass_format(client->inner.view->rdclass, classbuf, sizeof(classbuf)); ns_client_log(client, NS_LOGCATEGORY_UPDATE_SECURITY, @@ -366,7 +367,7 @@ checkqueryacl(ns_client_t *client, dns_acl_t *queryacl, dns_name_t *zonename, namebuf, classbuf); } else if (!update_possible) { dns_name_format(zonename, namebuf, sizeof(namebuf)); - dns_rdataclass_format(client->view->rdclass, classbuf, + dns_rdataclass_format(client->inner.view->rdclass, classbuf, sizeof(classbuf)); result = DNS_R_REFUSED; @@ -415,15 +416,15 @@ checkupdateacl(ns_client_t *client, dns_acl_t *acl, const char *message, } } - if (client->signer != NULL) { - dns_name_format(client->signer, namebuf, sizeof(namebuf)); + if (client->inner.signer != NULL) { + dns_name_format(client->inner.signer, namebuf, sizeof(namebuf)); ns_client_log(client, NS_LOGCATEGORY_UPDATE_SECURITY, NS_LOGMODULE_UPDATE, ISC_LOG_INFO, "signer \"%s\" %s", namebuf, msg); } dns_name_format(zonename, namebuf, sizeof(namebuf)); - dns_rdataclass_format(client->view->rdclass, classbuf, + dns_rdataclass_format(client->inner.view->rdclass, classbuf, sizeof(classbuf)); ns_client_log(client, NS_LOGCATEGORY_UPDATE_SECURITY, @@ -1634,7 +1635,7 @@ send_update(ns_client_t *client, dns_zone_t *zone) { CHECK(checkupdateacl(client, dns_zone_getupdateacl(zone), "update", dns_zone_getorigin(zone), false, false)); - } else if (client->signer == NULL && !TCPCLIENT(client)) { + } else if (client->inner.signer == NULL && !TCPCLIENT(client)) { CHECK(checkupdateacl(client, NULL, "update", dns_zone_getorigin(zone), false, true)); } @@ -1738,7 +1739,8 @@ send_update(ns_client_t *client, dns_zone_t *zone) { maxbytype[update] = 0; - isc_netaddr_fromsockaddr(&netaddr, &client->peeraddr); + isc_netaddr_fromsockaddr(&netaddr, + &client->inner.peeraddr); if (client->message->tsigkey != NULL) { tsigkey = client->message->tsigkey->key; @@ -1771,7 +1773,7 @@ send_update(ns_client_t *client, dns_zone_t *zone) { ssuinfo.name = name; ssuinfo.table = ssutable; - ssuinfo.signer = client->signer; + ssuinfo.signer = client->inner.signer; ssuinfo.addr = &netaddr; ssuinfo.aclenv = env; ssuinfo.tcp = TCPCLIENT(client); @@ -1791,9 +1793,10 @@ send_update(ns_client_t *client, dns_zone_t *zone) { CHECK(rr_exists(db, ver, name, &rdata, &flag)); if (flag && !dns_ssutable_checkrules( - ssutable, client->signer, name, - &netaddr, TCPCLIENT(client), env, - rdata.type, target, tsigkey, NULL)) + ssutable, client->inner.signer, + name, &netaddr, TCPCLIENT(client), + env, rdata.type, target, tsigkey, + NULL)) { FAILC(DNS_R_REFUSED, "rejected by secure update"); @@ -1801,9 +1804,9 @@ send_update(ns_client_t *client, dns_zone_t *zone) { } else if (rdata.type != dns_rdatatype_any) { const dns_ssurule_t *ssurule = NULL; if (!dns_ssutable_checkrules( - ssutable, client->signer, name, - &netaddr, TCPCLIENT(client), env, - rdata.type, target, tsigkey, + ssutable, client->inner.signer, + name, &netaddr, TCPCLIENT(client), + env, rdata.type, target, tsigkey, &ssurule)) { FAILC(DNS_R_REFUSED, @@ -1813,7 +1816,8 @@ send_update(ns_client_t *client, dns_zone_t *zone) { rdata.type); } else { if (!ssu_checkall(db, ver, name, ssutable, - client->signer, &netaddr, env, + client->inner.signer, + &netaddr, env, TCPCLIENT(client), tsigkey)) { FAILC(DNS_R_REFUSED, @@ -1845,7 +1849,7 @@ send_update(ns_client_t *client, dns_zone_t *zone) { .result = ISC_R_SUCCESS, }; - isc_nmhandle_attach(client->handle, &client->updatehandle); + isc_nmhandle_attach(client->inner.handle, &client->inner.updatehandle); isc_async_run(dns_zone_getloop(zone), update_action, uev); maxbytype = NULL; @@ -1877,13 +1881,13 @@ respond(ns_client_t *client, isc_result_t result) { "could not create update response message: %s", isc_result_totext(msg_result)); ns_client_drop(client, msg_result); - isc_nmhandle_detach(&client->reqhandle); + isc_nmhandle_detach(&client->inner.reqhandle); return; } client->message->rcode = dns_result_torcode(result); ns_client_send(client); - isc_nmhandle_detach(&client->reqhandle); + isc_nmhandle_detach(&client->inner.reqhandle); } void @@ -1899,7 +1903,7 @@ ns_update_start(ns_client_t *client, isc_nmhandle_t *handle, * Attach to the request handle. This will be held until * we respond, or drop the request. */ - isc_nmhandle_attach(handle, &client->reqhandle); + isc_nmhandle_attach(handle, &client->inner.reqhandle); /* * Interpret the zone section. @@ -1929,8 +1933,8 @@ ns_update_start(ns_client_t *client, isc_nmhandle_t *handle, "update zone section contains multiple RRs"); } - result = dns_view_findzone(client->view, zonename, DNS_ZTFIND_EXACT, - &zone); + result = dns_view_findzone(client->inner.view, zonename, + DNS_ZTFIND_EXACT, &zone); if (result != ISC_R_SUCCESS) { FAILN(DNS_R_NOTAUTH, zonename, "not authoritative for update zone"); @@ -1982,7 +1986,7 @@ failure: */ if (result == DNS_R_DROP) { ns_client_drop(client, result); - isc_nmhandle_detach(&client->reqhandle); + isc_nmhandle_detach(&client->inner.reqhandle); } else { respond(client, result); } @@ -3377,7 +3381,7 @@ updatedone_action(void *arg) { update_t *uev = (update_t *)arg; ns_client_t *client = uev->client; - REQUIRE(client->updatehandle == client->handle); + REQUIRE(client->inner.updatehandle == client->inner.handle); switch (uev->result) { case ISC_R_SUCCESS: @@ -3398,7 +3402,7 @@ updatedone_action(void *arg) { dns_zone_detach(&uev->zone); } isc_mem_put(client->manager->mctx, uev, sizeof(*uev)); - isc_nmhandle_detach(&client->updatehandle); + isc_nmhandle_detach(&client->inner.updatehandle); } /*% @@ -3413,7 +3417,7 @@ forward_fail(void *arg) { isc_quota_release(&client->manager->sctx->updquota); isc_mem_put(client->manager->mctx, uev, sizeof(*uev)); - isc_nmhandle_detach(&client->updatehandle); + isc_nmhandle_detach(&client->inner.updatehandle); } static void @@ -3445,8 +3449,8 @@ forward_done(void *arg) { isc_quota_release(&client->manager->sctx->updquota); isc_mem_put(client->manager->mctx, uev, sizeof(*uev)); - isc_nmhandle_detach(&client->reqhandle); - isc_nmhandle_detach(&client->updatehandle); + isc_nmhandle_detach(&client->inner.reqhandle); + isc_nmhandle_detach(&client->inner.updatehandle); } static void @@ -3509,7 +3513,7 @@ send_forward(ns_client_t *client, dns_zone_t *zone) { LOGLEVEL_PROTOCOL, "forwarding update for zone '%s/%s'", namebuf, classbuf); - isc_nmhandle_attach(client->handle, &client->updatehandle); + isc_nmhandle_attach(client->inner.handle, &client->inner.updatehandle); isc_async_run(dns_zone_getloop(zone), forward_action, uev); return result; diff --git a/lib/ns/xfrout.c b/lib/ns/xfrout.c index e5b1895b74..fc574b0544 100644 --- a/lib/ns/xfrout.c +++ b/lib/ns/xfrout.c @@ -738,7 +738,7 @@ ns_xfr_start(ns_client_t *client, dns_rdatatype_t reqtype) { isc_mem_t *mctx = client->manager->mctx; dns_message_t *request = client->message; xfrout_ctx_t *xfr = NULL; - dns_transfer_format_t format = client->view->transfer_format; + dns_transfer_format_t format = client->inner.view->transfer_format; isc_netaddr_t na; dns_peer_t *peer = NULL; isc_buffer_t *tsigbuf = NULL; @@ -796,7 +796,7 @@ ns_xfr_start(ns_client_t *client, dns_rdatatype_t reqtype) { FAILC(DNS_R_FORMERR, "multiple questions"); } - result = dns_view_findzone(client->view, question_name, + result = dns_view_findzone(client->inner.view, question_name, DNS_ZTFIND_EXACT, &zone); if (result != ISC_R_SUCCESS || dns_zone_gettype(zone) == dns_zone_dlz) { /* @@ -804,10 +804,10 @@ ns_xfr_start(ns_client_t *client, dns_rdatatype_t reqtype) { * marked in the zone table as a DLZ zone. Check the DLZ * databases for a match. */ - if (!ISC_LIST_EMPTY(client->view->dlz_searched)) { - result = dns_dlzallowzonexfr(client->view, - question_name, - &client->peeraddr, &db); + if (!ISC_LIST_EMPTY(client->inner.view->dlz_searched)) { + result = dns_dlzallowzonexfr( + client->inner.view, question_name, + &client->inner.peeraddr, &db); if (result == ISC_R_DEFAULT) { useviewacl = true; result = ISC_R_SUCCESS; @@ -913,9 +913,9 @@ got_soa: dns_acl_t *acl; ns_client_aclmsg("zone transfer", question_name, reqtype, - client->view->rdclass, msg, sizeof(msg)); + client->inner.view->rdclass, msg, sizeof(msg)); if (useviewacl) { - acl = client->view->transferacl; + acl = client->inner.view->transferacl; } else { acl = dns_zone_getxfracl(zone); } @@ -927,7 +927,7 @@ got_soa: * AXFR over UDP is not possible. */ if (reqtype == dns_rdatatype_axfr && - (client->attributes & NS_CLIENTATTR_TCP) == 0) + (client->inner.attributes & NS_CLIENTATTR_TCP) == 0) { FAILC(DNS_R_FORMERR, "attempted AXFR over UDP"); } @@ -935,8 +935,8 @@ got_soa: /* * Look up the requesting server in the peer table. */ - isc_netaddr_fromsockaddr(&na, &client->peeraddr); - (void)dns_peerlist_peerbyaddr(client->view->peers, &na, &peer); + isc_netaddr_fromsockaddr(&na, &client->inner.peeraddr); + (void)dns_peerlist_peerbyaddr(client->inner.view->peers, &na, &peer); /* * Decide on the transfer format (one-answer or many-answers). @@ -978,7 +978,7 @@ got_soa: * IXFR over UDP (currently, we always do). */ if (DNS_SERIAL_GE(begin_serial, current_serial) || - (client->attributes & NS_CLIENTATTR_TCP) == 0) + (client->inner.attributes & NS_CLIENTATTR_TCP) == 0) { CHECK(soa_rrstream_create(mctx, db, ver, &stream)); is_poll = true; @@ -989,10 +989,10 @@ got_soa: * Outgoing IXFR may have been disabled for this peer * or globally. */ - if ((client->attributes & NS_CLIENTATTR_TCP) != 0) { + if ((client->inner.attributes & NS_CLIENTATTR_TCP) != 0) { bool provide_ixfr; - provide_ixfr = client->view->provideixfr; + provide_ixfr = client->inner.view->provideixfr; if (peer != NULL) { (void)dns_peer_getprovideixfr(peer, &provide_ixfr); @@ -1121,7 +1121,8 @@ have_stream: if (zone != NULL) { dns_zone_getraw(zone, &raw); mayberaw = (raw != NULL) ? raw : zone; - if ((client->attributes & NS_CLIENTATTR_WANTEXPIRE) != 0 && + if ((client->inner.attributes & NS_CLIENTATTR_WANTEXPIRE) != + 0 && (dns_zone_gettype(mayberaw) == dns_zone_secondary || dns_zone_gettype(mayberaw) == dns_zone_mirror)) { @@ -1129,9 +1130,12 @@ have_stream: uint32_t secs; dns_zone_getexpiretime(zone, &expiretime); secs = isc_time_seconds(&expiretime); - if (secs >= client->now && result == ISC_R_SUCCESS) { - client->attributes |= NS_CLIENTATTR_HAVEEXPIRE; - client->expire = secs - client->now; + if (secs >= client->inner.now && + result == ISC_R_SUCCESS) + { + client->inner.attributes |= + NS_CLIENTATTR_HAVEEXPIRE; + client->inner.expire = secs - client->inner.now; } } if (raw != NULL) { @@ -1192,7 +1196,7 @@ failure: NS_LOGMODULE_XFER_OUT, ISC_LOG_DEBUG(3), "zone transfer setup failed"); ns_client_error(client, result); - isc_nmhandle_detach(&client->reqhandle); + isc_nmhandle_detach(&client->inner.reqhandle); } } @@ -1236,11 +1240,11 @@ xfrout_ctx_create(isc_mem_t *mctx, ns_client_t *client, unsigned int id, xfr->stats.start = isc_time_now(); - isc_nm_timer_create(xfr->client->handle, xfrout_client_timeout, xfr, - &xfr->maxtime_timer); + isc_nm_timer_create(xfr->client->inner.handle, xfrout_client_timeout, + xfr, &xfr->maxtime_timer); - isc_nm_timer_create(xfr->client->handle, xfrout_delayed_timeout, xfr, - &xfr->delayed_send_timer); + isc_nm_timer_create(xfr->client->inner.handle, xfrout_delayed_timeout, + xfr, &xfr->delayed_send_timer); /* * Allocate a temporary buffer for the uncompressed response @@ -1277,28 +1281,28 @@ xfrout_ctx_create(isc_mem_t *mctx, ns_client_t *client, unsigned int id, static void xfrout_send(xfrout_ctx_t *xfr) { - const bool is_tcp = ((xfr->client->attributes & NS_CLIENTATTR_TCP) != - 0); + const bool is_tcp = + ((xfr->client->inner.attributes & NS_CLIENTATTR_TCP) != 0); if (is_tcp) { isc_region_t used; isc_buffer_usedregion(&xfr->txbuf, &used); - isc_nmhandle_attach(xfr->client->handle, - &xfr->client->sendhandle); + isc_nmhandle_attach(xfr->client->inner.handle, + &xfr->client->inner.sendhandle); if (xfr->idletime > 0) { - isc_nmhandle_setwritetimeout(xfr->client->sendhandle, - xfr->idletime); + isc_nmhandle_setwritetimeout( + xfr->client->inner.sendhandle, xfr->idletime); } - isc_nm_send(xfr->client->sendhandle, &used, xfrout_senddone, - xfr); + isc_nm_send(xfr->client->inner.sendhandle, &used, + xfrout_senddone, xfr); xfr->sends++; xfr->cbytes = used.length; } else { ns_client_send(xfr->client); xfr->stream->methods->pause(xfr->stream); - isc_nmhandle_detach(&xfr->client->reqhandle); + isc_nmhandle_detach(&xfr->client->inner.reqhandle); xfrout_ctx_destroy(&xfr); } } @@ -1369,7 +1373,7 @@ sendstream(xfrout_ctx_t *xfr) { isc_buffer_clear(&xfr->buf); isc_buffer_clear(&xfr->txbuf); - is_tcp = ((xfr->client->attributes & NS_CLIENTATTR_TCP) != 0); + is_tcp = ((xfr->client->inner.attributes & NS_CLIENTATTR_TCP) != 0); if (!is_tcp) { /* * In the UDP case, we put the response data directly into @@ -1393,7 +1397,7 @@ sendstream(xfrout_ctx_t *xfr) { msg->id = xfr->id; msg->rcode = dns_rcode_noerror; msg->flags = DNS_MESSAGEFLAG_QR | DNS_MESSAGEFLAG_AA; - if ((xfr->client->attributes & NS_CLIENTATTR_RA) != 0) { + if ((xfr->client->inner.attributes & NS_CLIENTATTR_RA) != 0) { msg->flags |= DNS_MESSAGEFLAG_RA; } CHECK(dns_message_settsigkey(msg, xfr->tsigkey)); @@ -1406,7 +1410,9 @@ sendstream(xfrout_ctx_t *xfr) { /* * Add a EDNS option to the message? */ - if ((xfr->client->attributes & NS_CLIENTATTR_WANTOPT) != 0) { + if ((xfr->client->inner.attributes & NS_CLIENTATTR_WANTOPT) != + 0) + { dns_rdataset_t *opt = NULL; CHECK(ns_client_addopt(xfr->client, msg, &opt)); @@ -1414,8 +1420,10 @@ sendstream(xfrout_ctx_t *xfr) { /* * Add to first message only. */ - xfr->client->attributes &= ~NS_CLIENTATTR_WANTNSID; - xfr->client->attributes &= ~NS_CLIENTATTR_HAVEEXPIRE; + xfr->client->inner.attributes &= + ~NS_CLIENTATTR_WANTNSID; + xfr->client->inner.attributes &= + ~NS_CLIENTATTR_HAVEEXPIRE; } /* @@ -1669,14 +1677,14 @@ static void xfrout_senddone(isc_nmhandle_t *handle, isc_result_t result, void *arg) { xfrout_ctx_t *xfr = (xfrout_ctx_t *)arg; - REQUIRE((xfr->client->attributes & NS_CLIENTATTR_TCP) != 0); + REQUIRE((xfr->client->inner.attributes & NS_CLIENTATTR_TCP) != 0); - INSIST(handle == xfr->client->handle); + INSIST(handle == xfr->client->inner.handle); xfr->sends--; INSIST(xfr->sends == 0); - isc_nmhandle_detach(&xfr->client->sendhandle); + isc_nmhandle_detach(&xfr->client->inner.sendhandle); /* * Update transfer statistics if sending succeeded, accounting for the @@ -1719,7 +1727,7 @@ xfrout_senddone(isc_nmhandle_t *handle, isc_result_t result, void *arg) { * We're done, unreference the handle and destroy the xfr * context. */ - isc_nmhandle_detach(&xfr->client->reqhandle); + isc_nmhandle_detach(&xfr->client->inner.reqhandle); xfrout_ctx_destroy(&xfr); } } @@ -1737,7 +1745,7 @@ xfrout_maybe_destroy(xfrout_ctx_t *xfr) { REQUIRE(xfr->shuttingdown); ns_client_drop(xfr->client, ISC_R_CANCELED); - isc_nmhandle_detach(&xfr->client->reqhandle); + isc_nmhandle_detach(&xfr->client->inner.reqhandle); xfrout_ctx_destroy(&xfr); } diff --git a/tests/libtest/ns.c b/tests/libtest/ns.c index 83e5c3f2b7..3efce8030c 100644 --- a/tests/libtest/ns.c +++ b/tests/libtest/ns.c @@ -230,7 +230,7 @@ ns_test_getclient(ns_interface_t *ifp0, bool tcp, ns_client_t **clientp) { atomic_store(&client_refs[i], 2); atomic_store(&client_addrs[i], (uintptr_t)client); - client->handle = (isc_nmhandle_t *)client; /* Hack */ + client->inner.handle = (isc_nmhandle_t *)client; /* Hack */ *clientp = client; } @@ -389,12 +389,12 @@ create_qctx_for_client(ns_client_t *client, query_ctx_t **qctxp) { saved_hook_table = ns__hook_table; ns__hook_table = query_hooks; - ns_query_start(client, client->handle); + ns_query_start(client, client->inner.handle); ns__hook_table = saved_hook_table; ns_hooktable_free(mctx, (void **)&query_hooks); - isc_nmhandle_detach(&client->reqhandle); + isc_nmhandle_detach(&client->inner.reqhandle); return ISC_R_SUCCESS; } @@ -415,13 +415,13 @@ ns_test_qctx_create(const ns_test_qctx_create_params_t *params, * Allocate and initialize a client structure. */ ns_test_getclient(NULL, false, &client); - client->tnow = isc_time_now(); + client->inner.tnow = isc_time_now(); /* * Every client needs to belong to a view. */ result = dns_test_makeview("view", false, params->with_cache, - &client->view); + &client->inner.view); if (result != ISC_R_SUCCESS) { goto detach_client; } @@ -441,7 +441,7 @@ ns_test_qctx_create(const ns_test_qctx_create_params_t *params, * set in ns_client_request(), i.e. earlier than the unit tests hook * into the call chain, just set it manually. */ - client->attributes |= NS_CLIENTATTR_RA; + client->inner.attributes |= NS_CLIENTATTR_RA; /* * Create a query context for a client sending the previously @@ -457,7 +457,7 @@ ns_test_qctx_create(const ns_test_qctx_create_params_t *params, * decrement it in order for it to drop to zero when "qctx" gets * destroyed. */ - handle = client->handle; + handle = client->inner.handle; isc_nmhandle_detach(&handle); return ISC_R_SUCCESS; @@ -465,9 +465,9 @@ ns_test_qctx_create(const ns_test_qctx_create_params_t *params, detach_query: dns_message_detach(&client->message); detach_view: - dns_view_detach(&client->view); + dns_view_detach(&client->inner.view); detach_client: - isc_nmhandle_detach(&client->handle); + isc_nmhandle_detach(&client->inner.handle); return result; } @@ -489,7 +489,7 @@ ns_test_qctx_destroy(query_ctx_t **qctxp) { dns_db_detach(&qctx->db); } if (qctx->client != NULL) { - isc_nmhandle_detach(&qctx->client->handle); + isc_nmhandle_detach(&qctx->client->inner.handle); } isc_mem_put(mctx, qctx, sizeof(*qctx)); diff --git a/tests/ns/netmgr_wrap.c b/tests/ns/netmgr_wrap.c index 19fae38dcf..f32a6c9113 100644 --- a/tests/ns/netmgr_wrap.c +++ b/tests/ns/netmgr_wrap.c @@ -84,8 +84,8 @@ isc_nmhandle_detach(isc_nmhandle_t **handlep) { INSIST(i < 32); if (atomic_fetch_sub(&client_refs[i], 1) == 1) { - dns_view_detach(&client->view); - client->state = 4; + dns_view_detach(&client->inner.view); + client->inner.state = 4; ns__client_reset_cb(client); ns__client_put_cb(client); atomic_store(&client_addrs[i], (uintptr_t)NULL); diff --git a/tests/ns/notify_test.c b/tests/ns/notify_test.c index 03d78c3abb..edcc476178 100644 --- a/tests/ns/notify_test.c +++ b/tests/ns/notify_test.c @@ -71,12 +71,12 @@ ISC_LOOP_TEST_IMPL(notify_start) { ns_test_getclient(NULL, false, &client); - result = dns_test_makeview("view", false, false, &client->view); + result = dns_test_makeview("view", false, false, &client->inner.view); assert_int_equal(result, ISC_R_SUCCESS); result = ns_test_serve_zone("example.com", TESTS_DIR "/testdata/notify/zone1.db", - client->view); + client->inner.view); assert_int_equal(result, ISC_R_SUCCESS); /* @@ -104,16 +104,16 @@ ISC_LOOP_TEST_IMPL(notify_start) { } client->message = nmsg; nmsg = NULL; - client->sendcb = check_response; - ns_notify_start(client, client->handle); + client->inner.sendcb = check_response; + ns_notify_start(client, client->inner.handle); /* * Clean up */ ns_test_cleanup_zone(); - handle = client->handle; - isc_nmhandle_detach(&client->handle); + handle = client->inner.handle; + isc_nmhandle_detach(&client->inner.handle); isc_nmhandle_detach(&handle); isc_loop_teardown(mainloop, shutdown_interfacemgr, NULL); diff --git a/tests/ns/query_test.c b/tests/ns/query_test.c index 18801bc742..9bea8cea01 100644 --- a/tests/ns/query_test.c +++ b/tests/ns/query_test.c @@ -122,8 +122,9 @@ run_sfcache_test(const ns__query_sfcache_test_params_t *test) { result = isc_time_nowplusinterval(&expire, &hour); assert_int_equal(result, ISC_R_SUCCESS); - dns_badcache_add(qctx->client->view->failcache, dns_rootname, - dns_rdatatype_ns, test->cache_entry_flags, + dns_badcache_add(qctx->client->inner.view->failcache, + dns_rootname, dns_rdatatype_ns, + test->cache_entry_flags, isc_time_seconds(&expire)); } @@ -315,7 +316,7 @@ run_start_test(const ns__query_start_test_params_t *test) { /* * Enable view->checknames by default, disable if requested. */ - qctx->client->view->checknames = !test->disable_name_checks; + qctx->client->inner.view->checknames = !test->disable_name_checks; /* * Load zone from file and attach it to the client's view, if @@ -324,7 +325,7 @@ run_start_test(const ns__query_start_test_params_t *test) { if (test->auth_zone_path != NULL) { result = ns_test_serve_zone(test->auth_zone_origin, test->auth_zone_path, - qctx->client->view); + qctx->client->inner.view); assert_int_equal(result, ISC_R_SUCCESS); } @@ -367,7 +368,8 @@ run_start_test(const ns__query_start_test_params_t *test) { "query context, but some was", test->id.description, test->id.lineno); } - if (qctx->db == NULL || qctx->db != qctx->client->view->cachedb) + if (qctx->db == NULL || + qctx->db != qctx->client->inner.view->cachedb) { fail_msg("# test \"%s\" on line %d: " "cache database was expected to be " @@ -388,7 +390,7 @@ run_start_test(const ns__query_start_test_params_t *test) { "context, but it was not", test->id.description, test->id.lineno); } - if (qctx->db == qctx->client->view->cachedb) { + if (qctx->db == qctx->client->inner.view->cachedb) { fail_msg("# test \"%s\" on line %d: " "cache database was not expected to be " "attached to query context, but it is", @@ -887,7 +889,7 @@ run_hookasync_test(const ns__query_hookasync_test_params_t *test) { }; result = ns_test_qctx_create(&qctx_params, &qctx); INSIST(result == ISC_R_SUCCESS); - qctx->client->sendcb = send_noop; + qctx->client->inner.sendcb = send_noop; } /* @@ -914,15 +916,15 @@ run_hookasync_test(const ns__query_hookasync_test_params_t *test) { test->do_cancel) { expect_servfail = true; - isc_nmhandle_attach(qctx->client->handle, - &qctx->client->reqhandle); + isc_nmhandle_attach(qctx->client->inner.handle, + &qctx->client->inner.reqhandle); } /* * Emulate query handling from query_start. * Specified hook should be called. */ - qctx->client->state = NS_CLIENTSTATE_WORKING; + qctx->client->inner.state = NS_CLIENTSTATE_WORKING; result = ns__query_start(qctx); INSIST(result == ISC_R_UNSET); @@ -944,23 +946,23 @@ run_hookasync_test(const ns__query_hookasync_test_params_t *test) { /* If async event has started, manually invoke the 'done' event. */ if (asdata.async) { - qctx->client->now = 0; /* set to sentinel before resume */ + qctx->client->inner.now = 0; /* set to sentinel before resume */ asdata.rev->cb(asdata.rev); /* Confirm necessary cleanup has been performed. */ INSIST(qctx->client->query.hookactx == NULL); - INSIST(qctx->client->state == NS_CLIENTSTATE_WORKING); + INSIST(qctx->client->inner.state == NS_CLIENTSTATE_WORKING); INSIST(ns_stats_get_counter( qctx->client->manager->sctx->nsstats, ns_statscounter_recursclients) == 0); - INSIST(!ISC_LINK_LINKED(qctx->client, rlink)); + INSIST(!ISC_LINK_LINKED(qctx->client, inner.rlink)); if (!test->do_cancel) { /* * In the normal case the client's timestamp is updated * and the query handling has been resumed from the * expected point. */ - INSIST(qctx->client->now != 0); + INSIST(qctx->client->inner.now != 0); INSIST(asdata.lasthookpoint == test->hookpoint2); } } else { @@ -1385,21 +1387,22 @@ run_hookasync_e2e_test(const ns__query_hookasync_e2e_test_params_t *test) { result = ns_test_qctx_create(&qctx_params, &qctx); INSIST(result == ISC_R_SUCCESS); - qctx->client->sendcb = send_noop; + qctx->client->inner.sendcb = send_noop; /* Load a zone. it should have ns.foo/A */ result = ns_test_serve_zone("foo", TESTS_DIR "/testdata/query/foo.db", - qctx->client->view); + qctx->client->inner.view); INSIST(result == ISC_R_SUCCESS); /* * We expect to have a response sent all cases, so we need to * setup reqhandle (which will be detached on the send). */ - isc_nmhandle_attach(qctx->client->handle, &qctx->client->reqhandle); + isc_nmhandle_attach(qctx->client->inner.handle, + &qctx->client->inner.reqhandle); /* Handle the query. hook-based async event will be triggered. */ - qctx->client->state = NS_CLIENTSTATE_WORKING; + qctx->client->inner.state = NS_CLIENTSTATE_WORKING; ns__query_start(qctx); /* If specified cancel the query at this point. */