/contrib/bind9/lib/dns/zone.c

https://bitbucket.org/freebsd/freebsd-head/ · C · 14592 lines · 11254 code · 1786 blank · 1552 comment · 3275 complexity · d13f256320707749935465f4f1a2a4ac MD5 · raw file

Large files are truncated click here to view the full file

  1. /*
  2. * Copyright (C) 2004-2012 Internet Systems Consortium, Inc. ("ISC")
  3. * Copyright (C) 1999-2003 Internet Software Consortium.
  4. *
  5. * Permission to use, copy, modify, and/or distribute this software for any
  6. * purpose with or without fee is hereby granted, provided that the above
  7. * copyright notice and this permission notice appear in all copies.
  8. *
  9. * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
  10. * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
  11. * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
  12. * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
  13. * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
  14. * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  15. * PERFORMANCE OF THIS SOFTWARE.
  16. */
  17. /* $Id$ */
  18. /*! \file */
  19. #include <config.h>
  20. #include <errno.h>
  21. #include <isc/file.h>
  22. #include <isc/mutex.h>
  23. #include <isc/print.h>
  24. #include <isc/random.h>
  25. #include <isc/ratelimiter.h>
  26. #include <isc/refcount.h>
  27. #include <isc/rwlock.h>
  28. #include <isc/serial.h>
  29. #include <isc/strerror.h>
  30. #include <isc/stats.h>
  31. #include <isc/stdtime.h>
  32. #include <isc/string.h>
  33. #include <isc/taskpool.h>
  34. #include <isc/timer.h>
  35. #include <isc/util.h>
  36. #include <dns/acache.h>
  37. #include <dns/acl.h>
  38. #include <dns/adb.h>
  39. #include <dns/callbacks.h>
  40. #include <dns/db.h>
  41. #include <dns/dbiterator.h>
  42. #include <dns/dnssec.h>
  43. #include <dns/events.h>
  44. #include <dns/journal.h>
  45. #include <dns/keydata.h>
  46. #include <dns/keytable.h>
  47. #include <dns/keyvalues.h>
  48. #include <dns/log.h>
  49. #include <dns/master.h>
  50. #include <dns/masterdump.h>
  51. #include <dns/message.h>
  52. #include <dns/name.h>
  53. #include <dns/nsec.h>
  54. #include <dns/nsec3.h>
  55. #include <dns/peer.h>
  56. #include <dns/private.h>
  57. #include <dns/rbt.h>
  58. #include <dns/rcode.h>
  59. #include <dns/rdataclass.h>
  60. #include <dns/rdatalist.h>
  61. #include <dns/rdataset.h>
  62. #include <dns/rdatasetiter.h>
  63. #include <dns/rdatastruct.h>
  64. #include <dns/rdatatype.h>
  65. #include <dns/request.h>
  66. #include <dns/resolver.h>
  67. #include <dns/result.h>
  68. #include <dns/rriterator.h>
  69. #include <dns/soa.h>
  70. #include <dns/ssu.h>
  71. #include <dns/stats.h>
  72. #include <dns/time.h>
  73. #include <dns/tsig.h>
  74. #include <dns/xfrin.h>
  75. #include <dns/zone.h>
  76. #include <dst/dst.h>
  77. #define ZONE_MAGIC ISC_MAGIC('Z', 'O', 'N', 'E')
  78. #define DNS_ZONE_VALID(zone) ISC_MAGIC_VALID(zone, ZONE_MAGIC)
  79. #define NOTIFY_MAGIC ISC_MAGIC('N', 't', 'f', 'y')
  80. #define DNS_NOTIFY_VALID(notify) ISC_MAGIC_VALID(notify, NOTIFY_MAGIC)
  81. #define STUB_MAGIC ISC_MAGIC('S', 't', 'u', 'b')
  82. #define DNS_STUB_VALID(stub) ISC_MAGIC_VALID(stub, STUB_MAGIC)
  83. #define ZONEMGR_MAGIC ISC_MAGIC('Z', 'm', 'g', 'r')
  84. #define DNS_ZONEMGR_VALID(stub) ISC_MAGIC_VALID(stub, ZONEMGR_MAGIC)
  85. #define LOAD_MAGIC ISC_MAGIC('L', 'o', 'a', 'd')
  86. #define DNS_LOAD_VALID(load) ISC_MAGIC_VALID(load, LOAD_MAGIC)
  87. #define FORWARD_MAGIC ISC_MAGIC('F', 'o', 'r', 'w')
  88. #define DNS_FORWARD_VALID(load) ISC_MAGIC_VALID(load, FORWARD_MAGIC)
  89. #define IO_MAGIC ISC_MAGIC('Z', 'm', 'I', 'O')
  90. #define DNS_IO_VALID(load) ISC_MAGIC_VALID(load, IO_MAGIC)
  91. /*%
  92. * Ensure 'a' is at least 'min' but not more than 'max'.
  93. */
  94. #define RANGE(a, min, max) \
  95. (((a) < (min)) ? (min) : ((a) < (max) ? (a) : (max)))
  96. #define NSEC3REMOVE(x) (((x) & DNS_NSEC3FLAG_REMOVE) != 0)
  97. /*%
  98. * Key flags
  99. */
  100. #define REVOKE(x) ((dst_key_flags(x) & DNS_KEYFLAG_REVOKE) != 0)
  101. #define KSK(x) ((dst_key_flags(x) & DNS_KEYFLAG_KSK) != 0)
  102. #define ALG(x) dst_key_alg(x)
  103. /*
  104. * Default values.
  105. */
  106. #define DNS_DEFAULT_IDLEIN 3600 /*%< 1 hour */
  107. #define DNS_DEFAULT_IDLEOUT 3600 /*%< 1 hour */
  108. #define MAX_XFER_TIME (2*3600) /*%< Documented default is 2 hours */
  109. #define RESIGN_DELAY 3600 /*%< 1 hour */
  110. #ifndef DNS_MAX_EXPIRE
  111. #define DNS_MAX_EXPIRE 14515200 /*%< 24 weeks */
  112. #endif
  113. #ifndef DNS_DUMP_DELAY
  114. #define DNS_DUMP_DELAY 900 /*%< 15 minutes */
  115. #endif
  116. typedef struct dns_notify dns_notify_t;
  117. typedef struct dns_stub dns_stub_t;
  118. typedef struct dns_load dns_load_t;
  119. typedef struct dns_forward dns_forward_t;
  120. typedef ISC_LIST(dns_forward_t) dns_forwardlist_t;
  121. typedef struct dns_io dns_io_t;
  122. typedef ISC_LIST(dns_io_t) dns_iolist_t;
  123. typedef struct dns_signing dns_signing_t;
  124. typedef ISC_LIST(dns_signing_t) dns_signinglist_t;
  125. typedef struct dns_nsec3chain dns_nsec3chain_t;
  126. typedef ISC_LIST(dns_nsec3chain_t) dns_nsec3chainlist_t;
  127. typedef struct dns_keyfetch dns_keyfetch_t;
  128. #define DNS_ZONE_CHECKLOCK
  129. #ifdef DNS_ZONE_CHECKLOCK
  130. #define LOCK_ZONE(z) \
  131. do { LOCK(&(z)->lock); \
  132. INSIST((z)->locked == ISC_FALSE); \
  133. (z)->locked = ISC_TRUE; \
  134. } while (0)
  135. #define UNLOCK_ZONE(z) \
  136. do { (z)->locked = ISC_FALSE; UNLOCK(&(z)->lock); } while (0)
  137. #define LOCKED_ZONE(z) ((z)->locked)
  138. #else
  139. #define LOCK_ZONE(z) LOCK(&(z)->lock)
  140. #define UNLOCK_ZONE(z) UNLOCK(&(z)->lock)
  141. #define LOCKED_ZONE(z) ISC_TRUE
  142. #endif
  143. #ifdef ISC_RWLOCK_USEATOMIC
  144. #define ZONEDB_INITLOCK(l) isc_rwlock_init((l), 0, 0)
  145. #define ZONEDB_DESTROYLOCK(l) isc_rwlock_destroy(l)
  146. #define ZONEDB_LOCK(l, t) RWLOCK((l), (t))
  147. #define ZONEDB_UNLOCK(l, t) RWUNLOCK((l), (t))
  148. #else
  149. #define ZONEDB_INITLOCK(l) isc_mutex_init(l)
  150. #define ZONEDB_DESTROYLOCK(l) DESTROYLOCK(l)
  151. #define ZONEDB_LOCK(l, t) LOCK(l)
  152. #define ZONEDB_UNLOCK(l, t) UNLOCK(l)
  153. #endif
  154. struct dns_zone {
  155. /* Unlocked */
  156. unsigned int magic;
  157. isc_mutex_t lock;
  158. #ifdef DNS_ZONE_CHECKLOCK
  159. isc_boolean_t locked;
  160. #endif
  161. isc_mem_t *mctx;
  162. isc_refcount_t erefs;
  163. #ifdef ISC_RWLOCK_USEATOMIC
  164. isc_rwlock_t dblock;
  165. #else
  166. isc_mutex_t dblock;
  167. #endif
  168. dns_db_t *db; /* Locked by dblock */
  169. /* Locked */
  170. dns_zonemgr_t *zmgr;
  171. ISC_LINK(dns_zone_t) link; /* Used by zmgr. */
  172. isc_timer_t *timer;
  173. unsigned int irefs;
  174. dns_name_t origin;
  175. char *masterfile;
  176. dns_masterformat_t masterformat;
  177. char *journal;
  178. isc_int32_t journalsize;
  179. dns_rdataclass_t rdclass;
  180. dns_zonetype_t type;
  181. unsigned int flags;
  182. unsigned int options;
  183. unsigned int db_argc;
  184. char **db_argv;
  185. isc_time_t expiretime;
  186. isc_time_t refreshtime;
  187. isc_time_t dumptime;
  188. isc_time_t loadtime;
  189. isc_time_t notifytime;
  190. isc_time_t resigntime;
  191. isc_time_t keywarntime;
  192. isc_time_t signingtime;
  193. isc_time_t nsec3chaintime;
  194. isc_time_t refreshkeytime;
  195. isc_uint32_t refreshkeycount;
  196. isc_uint32_t refresh;
  197. isc_uint32_t retry;
  198. isc_uint32_t expire;
  199. isc_uint32_t minimum;
  200. isc_stdtime_t key_expiry;
  201. isc_stdtime_t log_key_expired_timer;
  202. char *keydirectory;
  203. isc_uint32_t maxrefresh;
  204. isc_uint32_t minrefresh;
  205. isc_uint32_t maxretry;
  206. isc_uint32_t minretry;
  207. isc_sockaddr_t *masters;
  208. dns_name_t **masterkeynames;
  209. isc_boolean_t *mastersok;
  210. unsigned int masterscnt;
  211. unsigned int curmaster;
  212. isc_sockaddr_t masteraddr;
  213. dns_notifytype_t notifytype;
  214. isc_sockaddr_t *notify;
  215. unsigned int notifycnt;
  216. isc_sockaddr_t notifyfrom;
  217. isc_task_t *task;
  218. isc_sockaddr_t notifysrc4;
  219. isc_sockaddr_t notifysrc6;
  220. isc_sockaddr_t xfrsource4;
  221. isc_sockaddr_t xfrsource6;
  222. isc_sockaddr_t altxfrsource4;
  223. isc_sockaddr_t altxfrsource6;
  224. isc_sockaddr_t sourceaddr;
  225. dns_xfrin_ctx_t *xfr; /* task locked */
  226. dns_tsigkey_t *tsigkey; /* key used for xfr */
  227. /* Access Control Lists */
  228. dns_acl_t *update_acl;
  229. dns_acl_t *forward_acl;
  230. dns_acl_t *notify_acl;
  231. dns_acl_t *query_acl;
  232. dns_acl_t *queryon_acl;
  233. dns_acl_t *xfr_acl;
  234. isc_boolean_t update_disabled;
  235. isc_boolean_t zero_no_soa_ttl;
  236. dns_severity_t check_names;
  237. ISC_LIST(dns_notify_t) notifies;
  238. dns_request_t *request;
  239. dns_loadctx_t *lctx;
  240. dns_io_t *readio;
  241. dns_dumpctx_t *dctx;
  242. dns_io_t *writeio;
  243. isc_uint32_t maxxfrin;
  244. isc_uint32_t maxxfrout;
  245. isc_uint32_t idlein;
  246. isc_uint32_t idleout;
  247. isc_event_t ctlevent;
  248. dns_ssutable_t *ssutable;
  249. isc_uint32_t sigvalidityinterval;
  250. isc_uint32_t sigresigninginterval;
  251. dns_view_t *view;
  252. dns_acache_t *acache;
  253. dns_checkmxfunc_t checkmx;
  254. dns_checksrvfunc_t checksrv;
  255. dns_checknsfunc_t checkns;
  256. /*%
  257. * Zones in certain states such as "waiting for zone transfer"
  258. * or "zone transfer in progress" are kept on per-state linked lists
  259. * in the zone manager using the 'statelink' field. The 'statelist'
  260. * field points at the list the zone is currently on. It the zone
  261. * is not on any such list, statelist is NULL.
  262. */
  263. ISC_LINK(dns_zone_t) statelink;
  264. dns_zonelist_t *statelist;
  265. /*%
  266. * Statistics counters about zone management.
  267. */
  268. isc_stats_t *stats;
  269. /*%
  270. * Optional per-zone statistics counters. Counted outside of this
  271. * module.
  272. */
  273. isc_boolean_t requeststats_on;
  274. isc_stats_t *requeststats;
  275. isc_uint32_t notifydelay;
  276. dns_isselffunc_t isself;
  277. void *isselfarg;
  278. char * strnamerd;
  279. char * strname;
  280. char * strrdclass;
  281. char * strviewname;
  282. /*%
  283. * Serial number for deferred journal compaction.
  284. */
  285. isc_uint32_t compact_serial;
  286. /*%
  287. * Keys that are signing the zone for the first time.
  288. */
  289. dns_signinglist_t signing;
  290. dns_nsec3chainlist_t nsec3chain;
  291. /*%
  292. * Signing / re-signing quantum stopping parameters.
  293. */
  294. isc_uint32_t signatures;
  295. isc_uint32_t nodes;
  296. dns_rdatatype_t privatetype;
  297. /*%
  298. * Autosigning/key-maintenance options
  299. */
  300. isc_uint32_t keyopts;
  301. /*%
  302. * True if added by "rndc addzone"
  303. */
  304. isc_boolean_t added;
  305. /*%
  306. * whether a rpz radix was needed when last loaded
  307. */
  308. isc_boolean_t rpz_zone;
  309. /*%
  310. * Outstanding forwarded UPDATE requests.
  311. */
  312. dns_forwardlist_t forwards;
  313. };
  314. #define DNS_ZONE_FLAG(z,f) (ISC_TF(((z)->flags & (f)) != 0))
  315. #define DNS_ZONE_SETFLAG(z,f) do { \
  316. INSIST(LOCKED_ZONE(z)); \
  317. (z)->flags |= (f); \
  318. } while (0)
  319. #define DNS_ZONE_CLRFLAG(z,f) do { \
  320. INSIST(LOCKED_ZONE(z)); \
  321. (z)->flags &= ~(f); \
  322. } while (0)
  323. /* XXX MPA these may need to go back into zone.h */
  324. #define DNS_ZONEFLG_REFRESH 0x00000001U /*%< refresh check in progress */
  325. #define DNS_ZONEFLG_NEEDDUMP 0x00000002U /*%< zone need consolidation */
  326. #define DNS_ZONEFLG_USEVC 0x00000004U /*%< use tcp for refresh query */
  327. #define DNS_ZONEFLG_DUMPING 0x00000008U /*%< a dump is in progress */
  328. #define DNS_ZONEFLG_HASINCLUDE 0x00000010U /*%< $INCLUDE in zone file */
  329. #define DNS_ZONEFLG_LOADED 0x00000020U /*%< database has loaded */
  330. #define DNS_ZONEFLG_EXITING 0x00000040U /*%< zone is being destroyed */
  331. #define DNS_ZONEFLG_EXPIRED 0x00000080U /*%< zone has expired */
  332. #define DNS_ZONEFLG_NEEDREFRESH 0x00000100U /*%< refresh check needed */
  333. #define DNS_ZONEFLG_UPTODATE 0x00000200U /*%< zone contents are
  334. * uptodate */
  335. #define DNS_ZONEFLG_NEEDNOTIFY 0x00000400U /*%< need to send out notify
  336. * messages */
  337. #define DNS_ZONEFLG_DIFFONRELOAD 0x00000800U /*%< generate a journal diff on
  338. * reload */
  339. #define DNS_ZONEFLG_NOMASTERS 0x00001000U /*%< an attempt to refresh a
  340. * zone with no masters
  341. * occurred */
  342. #define DNS_ZONEFLG_LOADING 0x00002000U /*%< load from disk in progress*/
  343. #define DNS_ZONEFLG_HAVETIMERS 0x00004000U /*%< timer values have been set
  344. * from SOA (if not set, we
  345. * are still using
  346. * default timer values) */
  347. #define DNS_ZONEFLG_FORCEXFER 0x00008000U /*%< Force a zone xfer */
  348. #define DNS_ZONEFLG_NOREFRESH 0x00010000U
  349. #define DNS_ZONEFLG_DIALNOTIFY 0x00020000U
  350. #define DNS_ZONEFLG_DIALREFRESH 0x00040000U
  351. #define DNS_ZONEFLG_SHUTDOWN 0x00080000U
  352. #define DNS_ZONEFLAG_NOIXFR 0x00100000U /*%< IXFR failed, force AXFR */
  353. #define DNS_ZONEFLG_FLUSH 0x00200000U
  354. #define DNS_ZONEFLG_NOEDNS 0x00400000U
  355. #define DNS_ZONEFLG_USEALTXFRSRC 0x00800000U
  356. #define DNS_ZONEFLG_SOABEFOREAXFR 0x01000000U
  357. #define DNS_ZONEFLG_NEEDCOMPACT 0x02000000U
  358. #define DNS_ZONEFLG_REFRESHING 0x04000000U /*%< Refreshing keydata */
  359. #define DNS_ZONEFLG_THAW 0x08000000U
  360. /* #define DNS_ZONEFLG_XXXXX 0x10000000U XXXMPA unused. */
  361. #define DNS_ZONEFLG_NODELAY 0x20000000U
  362. #define DNS_ZONE_OPTION(z,o) (((z)->options & (o)) != 0)
  363. #define DNS_ZONEKEY_OPTION(z,o) (((z)->keyopts & (o)) != 0)
  364. /* Flags for zone_load() */
  365. #define DNS_ZONELOADFLAG_NOSTAT 0x00000001U /* Do not stat() master files */
  366. #define DNS_ZONELOADFLAG_THAW 0x00000002U /* Thaw the zone on successful
  367. load. */
  368. #define UNREACH_CHACHE_SIZE 10U
  369. #define UNREACH_HOLD_TIME 600 /* 10 minutes */
  370. #define CHECK(op) \
  371. do { result = (op); \
  372. if (result != ISC_R_SUCCESS) goto failure; \
  373. } while (0)
  374. struct dns_unreachable {
  375. isc_sockaddr_t remote;
  376. isc_sockaddr_t local;
  377. isc_uint32_t expire;
  378. isc_uint32_t last;
  379. };
  380. struct dns_zonemgr {
  381. unsigned int magic;
  382. isc_mem_t * mctx;
  383. int refs; /* Locked by rwlock */
  384. isc_taskmgr_t * taskmgr;
  385. isc_timermgr_t * timermgr;
  386. isc_socketmgr_t * socketmgr;
  387. isc_taskpool_t * zonetasks;
  388. isc_task_t * task;
  389. isc_ratelimiter_t * rl;
  390. isc_rwlock_t rwlock;
  391. isc_mutex_t iolock;
  392. isc_rwlock_t urlock;
  393. /* Locked by rwlock. */
  394. dns_zonelist_t zones;
  395. dns_zonelist_t waiting_for_xfrin;
  396. dns_zonelist_t xfrin_in_progress;
  397. /* Configuration data. */
  398. isc_uint32_t transfersin;
  399. isc_uint32_t transfersperns;
  400. unsigned int serialqueryrate;
  401. /* Locked by iolock */
  402. isc_uint32_t iolimit;
  403. isc_uint32_t ioactive;
  404. dns_iolist_t high;
  405. dns_iolist_t low;
  406. /* Locked by urlock. */
  407. /* LRU cache */
  408. struct dns_unreachable unreachable[UNREACH_CHACHE_SIZE];
  409. };
  410. /*%
  411. * Hold notify state.
  412. */
  413. struct dns_notify {
  414. unsigned int magic;
  415. unsigned int flags;
  416. isc_mem_t *mctx;
  417. dns_zone_t *zone;
  418. dns_adbfind_t *find;
  419. dns_request_t *request;
  420. dns_name_t ns;
  421. isc_sockaddr_t dst;
  422. ISC_LINK(dns_notify_t) link;
  423. };
  424. #define DNS_NOTIFY_NOSOA 0x0001U
  425. /*%
  426. * dns_stub holds state while performing a 'stub' transfer.
  427. * 'db' is the zone's 'db' or a new one if this is the initial
  428. * transfer.
  429. */
  430. struct dns_stub {
  431. unsigned int magic;
  432. isc_mem_t *mctx;
  433. dns_zone_t *zone;
  434. dns_db_t *db;
  435. dns_dbversion_t *version;
  436. };
  437. /*%
  438. * Hold load state.
  439. */
  440. struct dns_load {
  441. unsigned int magic;
  442. isc_mem_t *mctx;
  443. dns_zone_t *zone;
  444. dns_db_t *db;
  445. isc_time_t loadtime;
  446. dns_rdatacallbacks_t callbacks;
  447. };
  448. /*%
  449. * Hold forward state.
  450. */
  451. struct dns_forward {
  452. unsigned int magic;
  453. isc_mem_t *mctx;
  454. dns_zone_t *zone;
  455. isc_buffer_t *msgbuf;
  456. dns_request_t *request;
  457. isc_uint32_t which;
  458. isc_sockaddr_t addr;
  459. dns_updatecallback_t callback;
  460. void *callback_arg;
  461. ISC_LINK(dns_forward_t) link;
  462. };
  463. /*%
  464. * Hold IO request state.
  465. */
  466. struct dns_io {
  467. unsigned int magic;
  468. dns_zonemgr_t *zmgr;
  469. isc_boolean_t high;
  470. isc_task_t *task;
  471. ISC_LINK(dns_io_t) link;
  472. isc_event_t *event;
  473. };
  474. /*%
  475. * Hold state for when we are signing a zone with a new
  476. * DNSKEY as result of an update.
  477. */
  478. struct dns_signing {
  479. unsigned int magic;
  480. dns_db_t *db;
  481. dns_dbiterator_t *dbiterator;
  482. dns_secalg_t algorithm;
  483. isc_uint16_t keyid;
  484. isc_boolean_t delete;
  485. isc_boolean_t done;
  486. ISC_LINK(dns_signing_t) link;
  487. };
  488. struct dns_nsec3chain {
  489. unsigned int magic;
  490. dns_db_t *db;
  491. dns_dbiterator_t *dbiterator;
  492. dns_rdata_nsec3param_t nsec3param;
  493. unsigned char salt[255];
  494. isc_boolean_t done;
  495. isc_boolean_t seen_nsec;
  496. isc_boolean_t delete_nsec;
  497. isc_boolean_t save_delete_nsec;
  498. ISC_LINK(dns_nsec3chain_t) link;
  499. };
  500. /*%<
  501. * 'dbiterator' contains a iterator for the database. If we are creating
  502. * a NSEC3 chain only the non-NSEC3 nodes will be iterated. If we are
  503. * removing a NSEC3 chain then both NSEC3 and non-NSEC3 nodes will be
  504. * iterated.
  505. *
  506. * 'nsec3param' contains the parameters of the NSEC3 chain being created
  507. * or removed.
  508. *
  509. * 'salt' is buffer space and is referenced via 'nsec3param.salt'.
  510. *
  511. * 'seen_nsec' will be set to true if, while iterating the zone to create a
  512. * NSEC3 chain, a NSEC record is seen.
  513. *
  514. * 'delete_nsec' will be set to true if, at the completion of the creation
  515. * of a NSEC3 chain, 'seen_nsec' is true. If 'delete_nsec' is true then we
  516. * are in the process of deleting the NSEC chain.
  517. *
  518. * 'save_delete_nsec' is used to store the initial state of 'delete_nsec'
  519. * so it can be recovered in the event of a error.
  520. */
  521. struct dns_keyfetch {
  522. dns_fixedname_t name;
  523. dns_rdataset_t keydataset;
  524. dns_rdataset_t dnskeyset;
  525. dns_rdataset_t dnskeysigset;
  526. dns_zone_t *zone;
  527. dns_db_t *db;
  528. dns_fetch_t *fetch;
  529. };
  530. #define HOUR 3600
  531. #define DAY (24*HOUR)
  532. #define MONTH (30*DAY)
  533. #define SEND_BUFFER_SIZE 2048
  534. static void zone_settimer(dns_zone_t *, isc_time_t *);
  535. static void cancel_refresh(dns_zone_t *);
  536. static void zone_debuglog(dns_zone_t *zone, const char *, int debuglevel,
  537. const char *msg, ...) ISC_FORMAT_PRINTF(4, 5);
  538. static void notify_log(dns_zone_t *zone, int level, const char *fmt, ...)
  539. ISC_FORMAT_PRINTF(3, 4);
  540. static void queue_xfrin(dns_zone_t *zone);
  541. static isc_result_t update_one_rr(dns_db_t *db, dns_dbversion_t *ver,
  542. dns_diff_t *diff, dns_diffop_t op,
  543. dns_name_t *name, dns_ttl_t ttl,
  544. dns_rdata_t *rdata);
  545. static void zone_unload(dns_zone_t *zone);
  546. static void zone_expire(dns_zone_t *zone);
  547. static void zone_iattach(dns_zone_t *source, dns_zone_t **target);
  548. static void zone_idetach(dns_zone_t **zonep);
  549. static isc_result_t zone_replacedb(dns_zone_t *zone, dns_db_t *db,
  550. isc_boolean_t dump);
  551. static inline void zone_attachdb(dns_zone_t *zone, dns_db_t *db);
  552. static inline void zone_detachdb(dns_zone_t *zone);
  553. static isc_result_t default_journal(dns_zone_t *zone);
  554. static void zone_xfrdone(dns_zone_t *zone, isc_result_t result);
  555. static isc_result_t zone_postload(dns_zone_t *zone, dns_db_t *db,
  556. isc_time_t loadtime, isc_result_t result);
  557. static void zone_needdump(dns_zone_t *zone, unsigned int delay);
  558. static void zone_shutdown(isc_task_t *, isc_event_t *);
  559. static void zone_loaddone(void *arg, isc_result_t result);
  560. static isc_result_t zone_startload(dns_db_t *db, dns_zone_t *zone,
  561. isc_time_t loadtime);
  562. static void zone_namerd_tostr(dns_zone_t *zone, char *buf, size_t length);
  563. static void zone_name_tostr(dns_zone_t *zone, char *buf, size_t length);
  564. static void zone_rdclass_tostr(dns_zone_t *zone, char *buf, size_t length);
  565. static void zone_viewname_tostr(dns_zone_t *zone, char *buf, size_t length);
  566. #if 0
  567. /* ondestroy example */
  568. static void dns_zonemgr_dbdestroyed(isc_task_t *task, isc_event_t *event);
  569. #endif
  570. static void refresh_callback(isc_task_t *, isc_event_t *);
  571. static void stub_callback(isc_task_t *, isc_event_t *);
  572. static void queue_soa_query(dns_zone_t *zone);
  573. static void soa_query(isc_task_t *, isc_event_t *);
  574. static void ns_query(dns_zone_t *zone, dns_rdataset_t *soardataset,
  575. dns_stub_t *stub);
  576. static int message_count(dns_message_t *msg, dns_section_t section,
  577. dns_rdatatype_t type);
  578. static void notify_cancel(dns_zone_t *zone);
  579. static void notify_find_address(dns_notify_t *notify);
  580. static void notify_send(dns_notify_t *notify);
  581. static isc_result_t notify_createmessage(dns_zone_t *zone,
  582. unsigned int flags,
  583. dns_message_t **messagep);
  584. static void notify_done(isc_task_t *task, isc_event_t *event);
  585. static void notify_send_toaddr(isc_task_t *task, isc_event_t *event);
  586. static isc_result_t zone_dump(dns_zone_t *, isc_boolean_t);
  587. static void got_transfer_quota(isc_task_t *task, isc_event_t *event);
  588. static isc_result_t zmgr_start_xfrin_ifquota(dns_zonemgr_t *zmgr,
  589. dns_zone_t *zone);
  590. static void zmgr_resume_xfrs(dns_zonemgr_t *zmgr, isc_boolean_t multi);
  591. static void zonemgr_free(dns_zonemgr_t *zmgr);
  592. static isc_result_t zonemgr_getio(dns_zonemgr_t *zmgr, isc_boolean_t high,
  593. isc_task_t *task, isc_taskaction_t action,
  594. void *arg, dns_io_t **iop);
  595. static void zonemgr_putio(dns_io_t **iop);
  596. static void zonemgr_cancelio(dns_io_t *io);
  597. static isc_result_t
  598. zone_get_from_db(dns_zone_t *zone, dns_db_t *db, unsigned int *nscount,
  599. unsigned int *soacount, isc_uint32_t *serial,
  600. isc_uint32_t *refresh, isc_uint32_t *retry,
  601. isc_uint32_t *expire, isc_uint32_t *minimum,
  602. unsigned int *errors);
  603. static void zone_freedbargs(dns_zone_t *zone);
  604. static void forward_callback(isc_task_t *task, isc_event_t *event);
  605. static void zone_saveunique(dns_zone_t *zone, const char *path,
  606. const char *templat);
  607. static void zone_maintenance(dns_zone_t *zone);
  608. static void zone_notify(dns_zone_t *zone, isc_time_t *now);
  609. static void dump_done(void *arg, isc_result_t result);
  610. static isc_result_t zone_signwithkey(dns_zone_t *zone, dns_secalg_t algorithm,
  611. isc_uint16_t keyid, isc_boolean_t delete);
  612. static isc_result_t delete_nsec(dns_db_t *db, dns_dbversion_t *ver,
  613. dns_dbnode_t *node, dns_name_t *name,
  614. dns_diff_t *diff);
  615. static void zone_rekey(dns_zone_t *zone);
  616. static isc_boolean_t delsig_ok(dns_rdata_rrsig_t *rrsig_ptr,
  617. dst_key_t **keys, unsigned int nkeys);
  618. #define ENTER zone_debuglog(zone, me, 1, "enter")
  619. static const unsigned int dbargc_default = 1;
  620. static const char *dbargv_default[] = { "rbt" };
  621. #define DNS_ZONE_JITTER_ADD(a, b, c) \
  622. do { \
  623. isc_interval_t _i; \
  624. isc_uint32_t _j; \
  625. _j = isc_random_jitter((b), (b)/4); \
  626. isc_interval_set(&_i, _j, 0); \
  627. if (isc_time_add((a), &_i, (c)) != ISC_R_SUCCESS) { \
  628. dns_zone_log(zone, ISC_LOG_WARNING, \
  629. "epoch approaching: upgrade required: " \
  630. "now + %s failed", #b); \
  631. isc_interval_set(&_i, _j/2, 0); \
  632. (void)isc_time_add((a), &_i, (c)); \
  633. } \
  634. } while (0)
  635. #define DNS_ZONE_TIME_ADD(a, b, c) \
  636. do { \
  637. isc_interval_t _i; \
  638. isc_interval_set(&_i, (b), 0); \
  639. if (isc_time_add((a), &_i, (c)) != ISC_R_SUCCESS) { \
  640. dns_zone_log(zone, ISC_LOG_WARNING, \
  641. "epoch approaching: upgrade required: " \
  642. "now + %s failed", #b); \
  643. isc_interval_set(&_i, (b)/2, 0); \
  644. (void)isc_time_add((a), &_i, (c)); \
  645. } \
  646. } while (0)
  647. /*%
  648. * Increment resolver-related statistics counters. Zone must be locked.
  649. */
  650. static inline void
  651. inc_stats(dns_zone_t *zone, isc_statscounter_t counter) {
  652. if (zone->stats != NULL)
  653. isc_stats_increment(zone->stats, counter);
  654. }
  655. /***
  656. *** Public functions.
  657. ***/
  658. isc_result_t
  659. dns_zone_create(dns_zone_t **zonep, isc_mem_t *mctx) {
  660. isc_result_t result;
  661. dns_zone_t *zone;
  662. isc_time_t now;
  663. REQUIRE(zonep != NULL && *zonep == NULL);
  664. REQUIRE(mctx != NULL);
  665. TIME_NOW(&now);
  666. zone = isc_mem_get(mctx, sizeof(*zone));
  667. if (zone == NULL)
  668. return (ISC_R_NOMEMORY);
  669. zone->mctx = NULL;
  670. isc_mem_attach(mctx, &zone->mctx);
  671. result = isc_mutex_init(&zone->lock);
  672. if (result != ISC_R_SUCCESS)
  673. goto free_zone;
  674. result = ZONEDB_INITLOCK(&zone->dblock);
  675. if (result != ISC_R_SUCCESS)
  676. goto free_mutex;
  677. /* XXX MPA check that all elements are initialised */
  678. #ifdef DNS_ZONE_CHECKLOCK
  679. zone->locked = ISC_FALSE;
  680. #endif
  681. zone->db = NULL;
  682. zone->zmgr = NULL;
  683. ISC_LINK_INIT(zone, link);
  684. result = isc_refcount_init(&zone->erefs, 1); /* Implicit attach. */
  685. if (result != ISC_R_SUCCESS)
  686. goto free_dblock;
  687. zone->irefs = 0;
  688. dns_name_init(&zone->origin, NULL);
  689. zone->strnamerd = NULL;
  690. zone->strname = NULL;
  691. zone->strrdclass = NULL;
  692. zone->strviewname = NULL;
  693. zone->masterfile = NULL;
  694. zone->masterformat = dns_masterformat_none;
  695. zone->keydirectory = NULL;
  696. zone->journalsize = -1;
  697. zone->journal = NULL;
  698. zone->rdclass = dns_rdataclass_none;
  699. zone->type = dns_zone_none;
  700. zone->flags = 0;
  701. zone->options = 0;
  702. zone->keyopts = 0;
  703. zone->db_argc = 0;
  704. zone->db_argv = NULL;
  705. isc_time_settoepoch(&zone->expiretime);
  706. isc_time_settoepoch(&zone->refreshtime);
  707. isc_time_settoepoch(&zone->dumptime);
  708. isc_time_settoepoch(&zone->loadtime);
  709. zone->notifytime = now;
  710. isc_time_settoepoch(&zone->resigntime);
  711. isc_time_settoepoch(&zone->keywarntime);
  712. isc_time_settoepoch(&zone->signingtime);
  713. isc_time_settoepoch(&zone->nsec3chaintime);
  714. isc_time_settoepoch(&zone->refreshkeytime);
  715. zone->refreshkeycount = 0;
  716. zone->refresh = DNS_ZONE_DEFAULTREFRESH;
  717. zone->retry = DNS_ZONE_DEFAULTRETRY;
  718. zone->expire = 0;
  719. zone->minimum = 0;
  720. zone->maxrefresh = DNS_ZONE_MAXREFRESH;
  721. zone->minrefresh = DNS_ZONE_MINREFRESH;
  722. zone->maxretry = DNS_ZONE_MAXRETRY;
  723. zone->minretry = DNS_ZONE_MINRETRY;
  724. zone->masters = NULL;
  725. zone->masterkeynames = NULL;
  726. zone->mastersok = NULL;
  727. zone->masterscnt = 0;
  728. zone->curmaster = 0;
  729. zone->notify = NULL;
  730. zone->notifytype = dns_notifytype_yes;
  731. zone->notifycnt = 0;
  732. zone->task = NULL;
  733. zone->update_acl = NULL;
  734. zone->forward_acl = NULL;
  735. zone->notify_acl = NULL;
  736. zone->query_acl = NULL;
  737. zone->queryon_acl = NULL;
  738. zone->xfr_acl = NULL;
  739. zone->update_disabled = ISC_FALSE;
  740. zone->zero_no_soa_ttl = ISC_TRUE;
  741. zone->check_names = dns_severity_ignore;
  742. zone->request = NULL;
  743. zone->lctx = NULL;
  744. zone->readio = NULL;
  745. zone->dctx = NULL;
  746. zone->writeio = NULL;
  747. zone->timer = NULL;
  748. zone->idlein = DNS_DEFAULT_IDLEIN;
  749. zone->idleout = DNS_DEFAULT_IDLEOUT;
  750. zone->log_key_expired_timer = 0;
  751. ISC_LIST_INIT(zone->notifies);
  752. isc_sockaddr_any(&zone->notifysrc4);
  753. isc_sockaddr_any6(&zone->notifysrc6);
  754. isc_sockaddr_any(&zone->xfrsource4);
  755. isc_sockaddr_any6(&zone->xfrsource6);
  756. isc_sockaddr_any(&zone->altxfrsource4);
  757. isc_sockaddr_any6(&zone->altxfrsource6);
  758. zone->xfr = NULL;
  759. zone->tsigkey = NULL;
  760. zone->maxxfrin = MAX_XFER_TIME;
  761. zone->maxxfrout = MAX_XFER_TIME;
  762. zone->ssutable = NULL;
  763. zone->sigvalidityinterval = 30 * 24 * 3600;
  764. zone->sigresigninginterval = 7 * 24 * 3600;
  765. zone->view = NULL;
  766. zone->acache = NULL;
  767. zone->checkmx = NULL;
  768. zone->checksrv = NULL;
  769. zone->checkns = NULL;
  770. ISC_LINK_INIT(zone, statelink);
  771. zone->statelist = NULL;
  772. zone->stats = NULL;
  773. zone->requeststats_on = ISC_FALSE;
  774. zone->requeststats = NULL;
  775. zone->notifydelay = 5;
  776. zone->isself = NULL;
  777. zone->isselfarg = NULL;
  778. ISC_LIST_INIT(zone->signing);
  779. ISC_LIST_INIT(zone->nsec3chain);
  780. zone->signatures = 10;
  781. zone->nodes = 100;
  782. zone->privatetype = (dns_rdatatype_t)0xffffU;
  783. zone->added = ISC_FALSE;
  784. zone->rpz_zone = ISC_FALSE;
  785. ISC_LIST_INIT(zone->forwards);
  786. zone->magic = ZONE_MAGIC;
  787. /* Must be after magic is set. */
  788. result = dns_zone_setdbtype(zone, dbargc_default, dbargv_default);
  789. if (result != ISC_R_SUCCESS)
  790. goto free_erefs;
  791. ISC_EVENT_INIT(&zone->ctlevent, sizeof(zone->ctlevent), 0, NULL,
  792. DNS_EVENT_ZONECONTROL, zone_shutdown, zone, zone,
  793. NULL, NULL);
  794. *zonep = zone;
  795. return (ISC_R_SUCCESS);
  796. free_erefs:
  797. isc_refcount_decrement(&zone->erefs, NULL);
  798. isc_refcount_destroy(&zone->erefs);
  799. free_dblock:
  800. ZONEDB_DESTROYLOCK(&zone->dblock);
  801. free_mutex:
  802. DESTROYLOCK(&zone->lock);
  803. free_zone:
  804. isc_mem_putanddetach(&zone->mctx, zone, sizeof(*zone));
  805. return (result);
  806. }
  807. /*
  808. * Free a zone. Because we require that there be no more
  809. * outstanding events or references, no locking is necessary.
  810. */
  811. static void
  812. zone_free(dns_zone_t *zone) {
  813. isc_mem_t *mctx = NULL;
  814. dns_signing_t *signing;
  815. dns_nsec3chain_t *nsec3chain;
  816. REQUIRE(DNS_ZONE_VALID(zone));
  817. REQUIRE(isc_refcount_current(&zone->erefs) == 0);
  818. REQUIRE(zone->irefs == 0);
  819. REQUIRE(!LOCKED_ZONE(zone));
  820. REQUIRE(zone->timer == NULL);
  821. /*
  822. * Managed objects. Order is important.
  823. */
  824. if (zone->request != NULL)
  825. dns_request_destroy(&zone->request); /* XXXMPA */
  826. INSIST(zone->readio == NULL);
  827. INSIST(zone->statelist == NULL);
  828. INSIST(zone->writeio == NULL);
  829. if (zone->task != NULL)
  830. isc_task_detach(&zone->task);
  831. if (zone->zmgr != NULL)
  832. dns_zonemgr_releasezone(zone->zmgr, zone);
  833. /* Unmanaged objects */
  834. for (signing = ISC_LIST_HEAD(zone->signing);
  835. signing != NULL;
  836. signing = ISC_LIST_HEAD(zone->signing)) {
  837. ISC_LIST_UNLINK(zone->signing, signing, link);
  838. dns_db_detach(&signing->db);
  839. dns_dbiterator_destroy(&signing->dbiterator);
  840. isc_mem_put(zone->mctx, signing, sizeof *signing);
  841. }
  842. for (nsec3chain = ISC_LIST_HEAD(zone->nsec3chain);
  843. nsec3chain != NULL;
  844. nsec3chain = ISC_LIST_HEAD(zone->nsec3chain)) {
  845. ISC_LIST_UNLINK(zone->nsec3chain, nsec3chain, link);
  846. dns_db_detach(&nsec3chain->db);
  847. dns_dbiterator_destroy(&nsec3chain->dbiterator);
  848. isc_mem_put(zone->mctx, nsec3chain, sizeof *nsec3chain);
  849. }
  850. if (zone->masterfile != NULL)
  851. isc_mem_free(zone->mctx, zone->masterfile);
  852. zone->masterfile = NULL;
  853. if (zone->keydirectory != NULL)
  854. isc_mem_free(zone->mctx, zone->keydirectory);
  855. zone->keydirectory = NULL;
  856. zone->journalsize = -1;
  857. if (zone->journal != NULL)
  858. isc_mem_free(zone->mctx, zone->journal);
  859. zone->journal = NULL;
  860. if (zone->stats != NULL)
  861. isc_stats_detach(&zone->stats);
  862. if (zone->requeststats != NULL)
  863. isc_stats_detach(&zone->requeststats);
  864. if (zone->db != NULL)
  865. zone_detachdb(zone);
  866. if (zone->acache != NULL)
  867. dns_acache_detach(&zone->acache);
  868. zone_freedbargs(zone);
  869. RUNTIME_CHECK(dns_zone_setmasterswithkeys(zone, NULL, NULL, 0)
  870. == ISC_R_SUCCESS);
  871. RUNTIME_CHECK(dns_zone_setalsonotify(zone, NULL, 0)
  872. == ISC_R_SUCCESS);
  873. zone->check_names = dns_severity_ignore;
  874. if (zone->update_acl != NULL)
  875. dns_acl_detach(&zone->update_acl);
  876. if (zone->forward_acl != NULL)
  877. dns_acl_detach(&zone->forward_acl);
  878. if (zone->notify_acl != NULL)
  879. dns_acl_detach(&zone->notify_acl);
  880. if (zone->query_acl != NULL)
  881. dns_acl_detach(&zone->query_acl);
  882. if (zone->queryon_acl != NULL)
  883. dns_acl_detach(&zone->queryon_acl);
  884. if (zone->xfr_acl != NULL)
  885. dns_acl_detach(&zone->xfr_acl);
  886. if (dns_name_dynamic(&zone->origin))
  887. dns_name_free(&zone->origin, zone->mctx);
  888. if (zone->strnamerd != NULL)
  889. isc_mem_free(zone->mctx, zone->strnamerd);
  890. if (zone->strname != NULL)
  891. isc_mem_free(zone->mctx, zone->strname);
  892. if (zone->strrdclass != NULL)
  893. isc_mem_free(zone->mctx, zone->strrdclass);
  894. if (zone->strviewname != NULL)
  895. isc_mem_free(zone->mctx, zone->strviewname);
  896. if (zone->ssutable != NULL)
  897. dns_ssutable_detach(&zone->ssutable);
  898. /* last stuff */
  899. ZONEDB_DESTROYLOCK(&zone->dblock);
  900. DESTROYLOCK(&zone->lock);
  901. isc_refcount_destroy(&zone->erefs);
  902. zone->magic = 0;
  903. mctx = zone->mctx;
  904. isc_mem_put(mctx, zone, sizeof(*zone));
  905. isc_mem_detach(&mctx);
  906. }
  907. /*
  908. * Single shot.
  909. */
  910. void
  911. dns_zone_setclass(dns_zone_t *zone, dns_rdataclass_t rdclass) {
  912. char namebuf[1024];
  913. REQUIRE(DNS_ZONE_VALID(zone));
  914. REQUIRE(rdclass != dns_rdataclass_none);
  915. /*
  916. * Test and set.
  917. */
  918. LOCK_ZONE(zone);
  919. REQUIRE(zone->rdclass == dns_rdataclass_none ||
  920. zone->rdclass == rdclass);
  921. zone->rdclass = rdclass;
  922. if (zone->strnamerd != NULL)
  923. isc_mem_free(zone->mctx, zone->strnamerd);
  924. if (zone->strrdclass != NULL)
  925. isc_mem_free(zone->mctx, zone->strrdclass);
  926. zone_namerd_tostr(zone, namebuf, sizeof namebuf);
  927. zone->strnamerd = isc_mem_strdup(zone->mctx, namebuf);
  928. zone_rdclass_tostr(zone, namebuf, sizeof namebuf);
  929. zone->strrdclass = isc_mem_strdup(zone->mctx, namebuf);
  930. UNLOCK_ZONE(zone);
  931. }
  932. dns_rdataclass_t
  933. dns_zone_getclass(dns_zone_t *zone) {
  934. REQUIRE(DNS_ZONE_VALID(zone));
  935. return (zone->rdclass);
  936. }
  937. void
  938. dns_zone_setnotifytype(dns_zone_t *zone, dns_notifytype_t notifytype) {
  939. REQUIRE(DNS_ZONE_VALID(zone));
  940. LOCK_ZONE(zone);
  941. zone->notifytype = notifytype;
  942. UNLOCK_ZONE(zone);
  943. }
  944. isc_result_t
  945. dns_zone_getserial2(dns_zone_t *zone, isc_uint32_t *serialp) {
  946. isc_result_t result;
  947. REQUIRE(DNS_ZONE_VALID(zone));
  948. REQUIRE(serialp != NULL);
  949. LOCK_ZONE(zone);
  950. ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read);
  951. if (zone->db != NULL) {
  952. result = zone_get_from_db(zone, zone->db, NULL, NULL, serialp,
  953. NULL, NULL, NULL, NULL, NULL);
  954. } else
  955. result = DNS_R_NOTLOADED;
  956. ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read);
  957. UNLOCK_ZONE(zone);
  958. return (result);
  959. }
  960. isc_uint32_t
  961. dns_zone_getserial(dns_zone_t *zone) {
  962. isc_result_t result;
  963. isc_uint32_t serial;
  964. result = dns_zone_getserial2(zone, &serial);
  965. if (result != ISC_R_SUCCESS)
  966. serial = 0; /* XXX: not really correct, but no other choice */
  967. return (serial);
  968. }
  969. /*
  970. * Single shot.
  971. */
  972. void
  973. dns_zone_settype(dns_zone_t *zone, dns_zonetype_t type) {
  974. REQUIRE(DNS_ZONE_VALID(zone));
  975. REQUIRE(type != dns_zone_none);
  976. /*
  977. * Test and set.
  978. */
  979. LOCK_ZONE(zone);
  980. REQUIRE(zone->type == dns_zone_none || zone->type == type);
  981. zone->type = type;
  982. UNLOCK_ZONE(zone);
  983. }
  984. static void
  985. zone_freedbargs(dns_zone_t *zone) {
  986. unsigned int i;
  987. /* Free the old database argument list. */
  988. if (zone->db_argv != NULL) {
  989. for (i = 0; i < zone->db_argc; i++)
  990. isc_mem_free(zone->mctx, zone->db_argv[i]);
  991. isc_mem_put(zone->mctx, zone->db_argv,
  992. zone->db_argc * sizeof(*zone->db_argv));
  993. }
  994. zone->db_argc = 0;
  995. zone->db_argv = NULL;
  996. }
  997. isc_result_t
  998. dns_zone_getdbtype(dns_zone_t *zone, char ***argv, isc_mem_t *mctx) {
  999. size_t size = 0;
  1000. unsigned int i;
  1001. isc_result_t result = ISC_R_SUCCESS;
  1002. void *mem;
  1003. char **tmp, *tmp2;
  1004. REQUIRE(DNS_ZONE_VALID(zone));
  1005. REQUIRE(argv != NULL && *argv == NULL);
  1006. LOCK_ZONE(zone);
  1007. size = (zone->db_argc + 1) * sizeof(char *);
  1008. for (i = 0; i < zone->db_argc; i++)
  1009. size += strlen(zone->db_argv[i]) + 1;
  1010. mem = isc_mem_allocate(mctx, size);
  1011. if (mem != NULL) {
  1012. tmp = mem;
  1013. tmp2 = mem;
  1014. tmp2 += (zone->db_argc + 1) * sizeof(char *);
  1015. for (i = 0; i < zone->db_argc; i++) {
  1016. *tmp++ = tmp2;
  1017. strcpy(tmp2, zone->db_argv[i]);
  1018. tmp2 += strlen(tmp2) + 1;
  1019. }
  1020. *tmp = NULL;
  1021. } else
  1022. result = ISC_R_NOMEMORY;
  1023. UNLOCK_ZONE(zone);
  1024. *argv = mem;
  1025. return (result);
  1026. }
  1027. isc_result_t
  1028. dns_zone_setdbtype(dns_zone_t *zone,
  1029. unsigned int dbargc, const char * const *dbargv) {
  1030. isc_result_t result = ISC_R_SUCCESS;
  1031. char **new = NULL;
  1032. unsigned int i;
  1033. REQUIRE(DNS_ZONE_VALID(zone));
  1034. REQUIRE(dbargc >= 1);
  1035. REQUIRE(dbargv != NULL);
  1036. LOCK_ZONE(zone);
  1037. /* Set up a new database argument list. */
  1038. new = isc_mem_get(zone->mctx, dbargc * sizeof(*new));
  1039. if (new == NULL)
  1040. goto nomem;
  1041. for (i = 0; i < dbargc; i++)
  1042. new[i] = NULL;
  1043. for (i = 0; i < dbargc; i++) {
  1044. new[i] = isc_mem_strdup(zone->mctx, dbargv[i]);
  1045. if (new[i] == NULL)
  1046. goto nomem;
  1047. }
  1048. /* Free the old list. */
  1049. zone_freedbargs(zone);
  1050. zone->db_argc = dbargc;
  1051. zone->db_argv = new;
  1052. result = ISC_R_SUCCESS;
  1053. goto unlock;
  1054. nomem:
  1055. if (new != NULL) {
  1056. for (i = 0; i < dbargc; i++)
  1057. if (new[i] != NULL)
  1058. isc_mem_free(zone->mctx, new[i]);
  1059. isc_mem_put(zone->mctx, new, dbargc * sizeof(*new));
  1060. }
  1061. result = ISC_R_NOMEMORY;
  1062. unlock:
  1063. UNLOCK_ZONE(zone);
  1064. return (result);
  1065. }
  1066. void
  1067. dns_zone_setview(dns_zone_t *zone, dns_view_t *view) {
  1068. char namebuf[1024];
  1069. REQUIRE(DNS_ZONE_VALID(zone));
  1070. LOCK_ZONE(zone);
  1071. if (zone->view != NULL)
  1072. dns_view_weakdetach(&zone->view);
  1073. dns_view_weakattach(view, &zone->view);
  1074. if (zone->strviewname != NULL)
  1075. isc_mem_free(zone->mctx, zone->strviewname);
  1076. if (zone->strnamerd != NULL)
  1077. isc_mem_free(zone->mctx, zone->strnamerd);
  1078. zone_namerd_tostr(zone, namebuf, sizeof namebuf);
  1079. zone->strnamerd = isc_mem_strdup(zone->mctx, namebuf);
  1080. zone_viewname_tostr(zone, namebuf, sizeof namebuf);
  1081. zone->strviewname = isc_mem_strdup(zone->mctx, namebuf);
  1082. UNLOCK_ZONE(zone);
  1083. }
  1084. dns_view_t *
  1085. dns_zone_getview(dns_zone_t *zone) {
  1086. REQUIRE(DNS_ZONE_VALID(zone));
  1087. return (zone->view);
  1088. }
  1089. isc_result_t
  1090. dns_zone_setorigin(dns_zone_t *zone, const dns_name_t *origin) {
  1091. isc_result_t result;
  1092. char namebuf[1024];
  1093. REQUIRE(DNS_ZONE_VALID(zone));
  1094. REQUIRE(origin != NULL);
  1095. LOCK_ZONE(zone);
  1096. if (dns_name_dynamic(&zone->origin)) {
  1097. dns_name_free(&zone->origin, zone->mctx);
  1098. dns_name_init(&zone->origin, NULL);
  1099. }
  1100. result = dns_name_dup(origin, zone->mctx, &zone->origin);
  1101. if (zone->strnamerd != NULL)
  1102. isc_mem_free(zone->mctx, zone->strnamerd);
  1103. if (zone->strname != NULL)
  1104. isc_mem_free(zone->mctx, zone->strname);
  1105. zone_namerd_tostr(zone, namebuf, sizeof namebuf);
  1106. zone->strnamerd = isc_mem_strdup(zone->mctx, namebuf);
  1107. zone_name_tostr(zone, namebuf, sizeof namebuf);
  1108. zone->strname = isc_mem_strdup(zone->mctx, namebuf);
  1109. UNLOCK_ZONE(zone);
  1110. return (result);
  1111. }
  1112. void
  1113. dns_zone_setacache(dns_zone_t *zone, dns_acache_t *acache) {
  1114. REQUIRE(DNS_ZONE_VALID(zone));
  1115. REQUIRE(acache != NULL);
  1116. LOCK_ZONE(zone);
  1117. if (zone->acache != NULL)
  1118. dns_acache_detach(&zone->acache);
  1119. dns_acache_attach(acache, &zone->acache);
  1120. ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read);
  1121. if (zone->db != NULL) {
  1122. isc_result_t result;
  1123. /*
  1124. * If the zone reuses an existing DB, the DB needs to be
  1125. * set in the acache explicitly. We can safely ignore the
  1126. * case where the DB is already set. If other error happens,
  1127. * the acache will not work effectively.
  1128. */
  1129. result = dns_acache_setdb(acache, zone->db);
  1130. if (result != ISC_R_SUCCESS && result != ISC_R_EXISTS) {
  1131. UNEXPECTED_ERROR(__FILE__, __LINE__,
  1132. "dns_acache_setdb() failed: %s",
  1133. isc_result_totext(result));
  1134. }
  1135. }
  1136. ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read);
  1137. UNLOCK_ZONE(zone);
  1138. }
  1139. static isc_result_t
  1140. dns_zone_setstring(dns_zone_t *zone, char **field, const char *value) {
  1141. char *copy;
  1142. if (value != NULL) {
  1143. copy = isc_mem_strdup(zone->mctx, value);
  1144. if (copy == NULL)
  1145. return (ISC_R_NOMEMORY);
  1146. } else {
  1147. copy = NULL;
  1148. }
  1149. if (*field != NULL)
  1150. isc_mem_free(zone->mctx, *field);
  1151. *field = copy;
  1152. return (ISC_R_SUCCESS);
  1153. }
  1154. isc_result_t
  1155. dns_zone_setfile(dns_zone_t *zone, const char *file) {
  1156. return (dns_zone_setfile2(zone, file, dns_masterformat_text));
  1157. }
  1158. isc_result_t
  1159. dns_zone_setfile2(dns_zone_t *zone, const char *file,
  1160. dns_masterformat_t format) {
  1161. isc_result_t result = ISC_R_SUCCESS;
  1162. REQUIRE(DNS_ZONE_VALID(zone));
  1163. LOCK_ZONE(zone);
  1164. result = dns_zone_setstring(zone, &zone->masterfile, file);
  1165. if (result == ISC_R_SUCCESS) {
  1166. zone->masterformat = format;
  1167. result = default_journal(zone);
  1168. }
  1169. UNLOCK_ZONE(zone);
  1170. return (result);
  1171. }
  1172. const char *
  1173. dns_zone_getfile(dns_zone_t *zone) {
  1174. REQUIRE(DNS_ZONE_VALID(zone));
  1175. return (zone->masterfile);
  1176. }
  1177. static isc_result_t
  1178. default_journal(dns_zone_t *zone) {
  1179. isc_result_t result;
  1180. char *journal;
  1181. REQUIRE(DNS_ZONE_VALID(zone));
  1182. REQUIRE(LOCKED_ZONE(zone));
  1183. if (zone->masterfile != NULL) {
  1184. /* Calculate string length including '\0'. */
  1185. int len = strlen(zone->masterfile) + sizeof(".jnl");
  1186. journal = isc_mem_allocate(zone->mctx, len);
  1187. if (journal == NULL)
  1188. return (ISC_R_NOMEMORY);
  1189. strcpy(journal, zone->masterfile);
  1190. strcat(journal, ".jnl");
  1191. } else {
  1192. journal = NULL;
  1193. }
  1194. result = dns_zone_setstring(zone, &zone->journal, journal);
  1195. if (journal != NULL)
  1196. isc_mem_free(zone->mctx, journal);
  1197. return (result);
  1198. }
  1199. isc_result_t
  1200. dns_zone_setjournal(dns_zone_t *zone, const char *journal) {
  1201. isc_result_t result = ISC_R_SUCCESS;
  1202. REQUIRE(DNS_ZONE_VALID(zone));
  1203. LOCK_ZONE(zone);
  1204. result = dns_zone_setstring(zone, &zone->journal, journal);
  1205. UNLOCK_ZONE(zone);
  1206. return (result);
  1207. }
  1208. char *
  1209. dns_zone_getjournal(dns_zone_t *zone) {
  1210. REQUIRE(DNS_ZONE_VALID(zone));
  1211. return (zone->journal);
  1212. }
  1213. /*
  1214. * Return true iff the zone is "dynamic", in the sense that the zone's
  1215. * master file (if any) is written by the server, rather than being
  1216. * updated manually and read by the server.
  1217. *
  1218. * This is true for slave zones, stub zones, key zones, and zones that
  1219. * allow dynamic updates either by having an update policy ("ssutable")
  1220. * or an "allow-update" ACL with a value other than exactly "{ none; }".
  1221. */
  1222. static isc_boolean_t
  1223. zone_isdynamic(dns_zone_t *zone) {
  1224. REQUIRE(DNS_ZONE_VALID(zone));
  1225. return (ISC_TF(zone->type == dns_zone_slave ||
  1226. zone->type == dns_zone_stub ||
  1227. zone->type == dns_zone_key ||
  1228. (!zone->update_disabled && zone->ssutable != NULL) ||
  1229. (!zone->update_disabled && zone->update_acl != NULL &&
  1230. !dns_acl_isnone(zone->update_acl))));
  1231. }
  1232. static isc_result_t
  1233. zone_load(dns_zone_t *zone, unsigned int flags) {
  1234. isc_result_t result;
  1235. isc_time_t now;
  1236. isc_time_t loadtime, filetime;
  1237. dns_db_t *db = NULL;
  1238. isc_boolean_t rbt;
  1239. REQUIRE(DNS_ZONE_VALID(zone));
  1240. LOCK_ZONE(zone);
  1241. TIME_NOW(&now);
  1242. INSIST(zone->type != dns_zone_none);
  1243. if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_LOADING)) {
  1244. if ((flags & DNS_ZONELOADFLAG_THAW) != 0)
  1245. DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_THAW);
  1246. result = DNS_R_CONTINUE;
  1247. goto cleanup;
  1248. }
  1249. INSIST(zone->db_argc >= 1);
  1250. rbt = strcmp(zone->db_argv[0], "rbt") == 0 ||
  1251. strcmp(zone->db_argv[0], "rbt64") == 0;
  1252. if (zone->db != NULL && zone->masterfile == NULL && rbt) {
  1253. /*
  1254. * The zone has no master file configured.
  1255. */
  1256. result = ISC_R_SUCCESS;
  1257. goto cleanup;
  1258. }
  1259. if (zone->db != NULL && zone_isdynamic(zone)) {
  1260. /*
  1261. * This is a slave, stub, or dynamically updated
  1262. * zone being reloaded. Do nothing - the database
  1263. * we already have is guaranteed to be up-to-date.
  1264. */
  1265. if (zone->type == dns_zone_master)
  1266. result = DNS_R_DYNAMIC;
  1267. else
  1268. result = ISC_R_SUCCESS;
  1269. goto cleanup;
  1270. }
  1271. /*
  1272. * Store the current time before the zone is loaded, so that if the
  1273. * file changes between the time of the load and the time that
  1274. * zone->loadtime is set, then the file will still be reloaded
  1275. * the next time dns_zone_load is called.
  1276. */
  1277. TIME_NOW(&loadtime);
  1278. /*
  1279. * Don't do the load if the file that stores the zone is older
  1280. * than the last time the zone was loaded. If the zone has not
  1281. * been loaded yet, zone->loadtime will be the epoch.
  1282. */
  1283. if (zone->masterfile != NULL) {
  1284. /*
  1285. * The file is already loaded. If we are just doing a
  1286. * "rndc reconfig", we are done.
  1287. */
  1288. if (!isc_time_isepoch(&zone->loadtime) &&
  1289. (flags & DNS_ZONELOADFLAG_NOSTAT) != 0 &&
  1290. zone->rpz_zone == dns_rpz_needed()) {
  1291. result = ISC_R_SUCCESS;
  1292. goto cleanup;
  1293. }
  1294. result = isc_file_getmodtime(zone->masterfile, &filetime);
  1295. if (result == ISC_R_SUCCESS) {
  1296. if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_LOADED) &&
  1297. !DNS_ZONE_FLAG(zone, DNS_ZONEFLG_HASINCLUDE) &&
  1298. isc_time_compare(&filetime, &zone->loadtime) <= 0 &&
  1299. zone->rpz_zone == dns_rpz_needed()) {
  1300. dns_zone_log(zone, ISC_LOG_DEBUG(1),
  1301. "skipping load: master file "
  1302. "older than last load");
  1303. result = DNS_R_UPTODATE;
  1304. goto cleanup;
  1305. }
  1306. loadtime = filetime;
  1307. zone->rpz_zone = dns_rpz_needed();
  1308. }
  1309. }
  1310. /*
  1311. * Built in zones (with the exception of empty zones) don't need
  1312. * to be reloaded.
  1313. */
  1314. if (zone->type == dns_zone_master &&
  1315. strcmp(zone->db_argv[0], "_builtin") == 0 &&
  1316. (zone->db_argc < 2 || strcmp(zone->db_argv[1], "empty") != 0) &&
  1317. DNS_ZONE_FLAG(zone, DNS_ZONEFLG_LOADED)) {
  1318. result = ISC_R_SUCCESS;
  1319. goto cleanup;
  1320. }
  1321. if ((zone->type == dns_zone_slave || zone->type == dns_zone_stub) &&
  1322. rbt) {
  1323. if (zone->masterfile == NULL ||
  1324. !isc_file_exists(zone->masterfile)) {
  1325. if (zone->masterfile != NULL) {
  1326. dns_zone_log(zone, ISC_LOG_DEBUG(1),
  1327. "no master file");
  1328. }
  1329. zone->refreshtime = now;
  1330. if (zone->task != NULL)
  1331. zone_settimer(zone, &now);
  1332. result = ISC_R_SUCCESS;
  1333. goto cleanup;
  1334. }
  1335. }
  1336. dns_zone_log(zone, ISC_LOG_DEBUG(1), "starting load");
  1337. result = dns_db_create(zone->mctx, zone->db_argv[0],
  1338. &zone->origin, (zone->type == dns_zone_stub) ?
  1339. dns_dbtype_stub : dns_dbtype_zone,
  1340. zone->rdclass,
  1341. zone->db_argc - 1, zone->db_argv + 1,
  1342. &db);
  1343. if (result != ISC_R_SUCCESS) {
  1344. dns_zone_log(zone, ISC_LOG_ERROR,
  1345. "loading zone: creating database: %s",
  1346. isc_result_totext(result));
  1347. goto cleanup;
  1348. }
  1349. dns_db_settask(db, zone->task);
  1350. if (! dns_db_ispersistent(db)) {
  1351. if (zone->masterfile != NULL) {
  1352. result = zone_startload(db, zone, loadtime);
  1353. } else {
  1354. result = DNS_R_NOMASTERFILE;
  1355. if (zone->type == dns_zone_master) {
  1356. dns_zone_log(zone, ISC_LOG_ERROR,
  1357. "loading zone: "
  1358. "no master file configured");
  1359. goto cleanup;
  1360. }
  1361. dns_zone_log(zone, ISC_LOG_INFO, "loading zone: "
  1362. "no master file configured: continuing");
  1363. }
  1364. }
  1365. if (result == DNS_R_CONTINUE) {
  1366. DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_LOADING);
  1367. if ((flags & DNS_ZONELOADFLAG_THAW) != 0)
  1368. DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_THAW);
  1369. goto cleanup;
  1370. }
  1371. result = zone_postload(zone, db, loadtime, result);
  1372. cleanup:
  1373. UNLOCK_ZONE(zone);
  1374. if (db != NULL)
  1375. dns_db_detach(&db);
  1376. return (result);
  1377. }
  1378. isc_result_t
  1379. dns_zone_load(dns_zone_t *zone) {
  1380. return (zone_load(zone, 0));
  1381. }
  1382. isc_result_t
  1383. dns_zone_loadnew(dns_zone_t *zone) {
  1384. return (zone_load(zone, DNS_ZONELOADFLAG_NOSTAT));
  1385. }
  1386. isc_result_t
  1387. dns_zone_loadandthaw(dns_zone_t *zone) {
  1388. isc_result_t result;
  1389. result = zone_load(zone, DNS_ZONELOADFLAG_THAW);
  1390. switch (result) {
  1391. case DNS_R_CONTINUE:
  1392. /* Deferred thaw. */
  1393. break;
  1394. case ISC_R_SUCCESS:
  1395. case DNS_R_UPTODATE:
  1396. case DNS_R_SEENINCLUDE:
  1397. zone->update_disabled = ISC_FALSE;
  1398. break;
  1399. case DNS_R_NOMASTERFILE:
  1400. zone->update_disabled = ISC_FALSE;
  1401. break;
  1402. default:
  1403. /* Error, remain in disabled state. */
  1404. break;
  1405. }
  1406. return (result);
  1407. }
  1408. static unsigned int
  1409. get_master_options(dns_zone_t *zone) {
  1410. unsigned int options;
  1411. options = DNS_MASTER_ZONE;
  1412. if (zone->type == dns_zone_slave)
  1413. options |= DNS_MASTER_SLAVE;
  1414. if (zone->type == dns_zone_key)
  1415. options |= DNS_MASTER_KEY;
  1416. if (DNS_ZONE_OPTION(zone, DNS_ZONEOPT_CHECKNS))
  1417. options |= DNS_MASTER_CHECKNS;
  1418. if (DNS_ZONE_OPTION(zone, DNS_ZONEOPT_FATALNS))
  1419. options |= DNS_MASTER_FATALNS;
  1420. if (DNS_ZONE_OPTION(zone, DNS_ZONEOPT_CHECKNAMES))
  1421. options |= DNS_MASTER_CHECKNAMES;
  1422. if (DNS_ZONE_OPTION(zone, DNS_ZONEOPT_CHECKNAMESFAIL))
  1423. options |= DNS_MASTER_CHECKNAMESFAIL;
  1424. if (DNS_ZONE_OPTION(zone, DNS_ZONEOPT_CHECKMX))
  1425. options |= DNS_MASTER_CHECKMX;
  1426. if (DNS_ZONE_OPTION(zone, DNS_ZONEOPT_CHECKMXFAIL))
  1427. options |= DNS_MASTER_CHECKMXFAIL;
  1428. if (DNS_ZONE_OPTION(zone, DNS_ZONEOPT_CHECKWILDCARD))
  1429. options |= DNS_MASTER_CHECKWILDCARD;
  1430. if (zone->type == dns_zone_master &&
  1431. ((zone->update_acl != NULL && !dns_acl_isnone(zone->update_acl)) ||
  1432. zone->ssutable != NULL))
  1433. options |= DNS_MASTER_RESIGN;
  1434. return (options);
  1435. }
  1436. static void
  1437. zone_gotreadhandle(isc_task_t *task, isc_event_t *event) {
  1438. dns_load_t *load = event->ev_arg;
  1439. isc_result_t result = ISC_R_SUCCESS;
  1440. unsigned int options;
  1441. REQUIRE(DNS_LOAD_VALID(load));
  1442. if ((event->ev_attributes & ISC_EVENTATTR_CANCELED) != 0)
  1443. result = ISC_R_CANCELED;
  1444. isc_event_free(&event);
  1445. if (result == ISC_R_CANCELED)
  1446. goto fail;
  1447. options = get_master_options(load->zone);
  1448. result = dns_master_loadfileinc3(load->zone->masterfile,
  1449. dns_db_origin(load->db),
  1450. dns_db_origin(load->db),
  1451. load->zone->rdclass,
  1452. options,
  1453. load->zone->sigresigninginterval,
  1454. &load->callbacks, task,
  1455. zone_loaddone, load,
  1456. &load->zone->lctx, load->zone->mctx,
  1457. load->zone->masterformat);
  1458. if (result != ISC_R_SUCCESS && result != DNS_R_CONTINUE &&
  1459. result != DNS_R_SEENINCLUDE)
  1460. goto fail;
  1461. return;
  1462. fail:
  1463. zone_loaddone(load, result);
  1464. }
  1465. static void
  1466. zone_gotwritehandle(isc_task_t *task, isc_event_t *event) {
  1467. const char me[] = "zone_gotwritehandle";
  1468. dns_zone_t *zone = event->ev_arg;
  1469. isc_result_t result = ISC_R_SUCCESS;
  1470. dns_dbversion_t *version = NULL;
  1471. REQUIRE(DNS_ZONE_VALID(zone));
  1472. INSIST(task == zone->task);
  1473. ENTER;
  1474. if ((event->ev_attributes & ISC_EVENTATTR_CANCELED) != 0)
  1475. result = ISC_R_CANCELED;
  1476. isc_event_free(&event);
  1477. if (result == ISC_R_CANCELED)
  1478. goto fail;
  1479. LOCK_ZONE(zone);
  1480. ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read);
  1481. if (zone->db != NULL) {
  1482. dns_db_currentversion(zone->db, &version);
  1483. result = dns_master_dumpinc2(zone->mctx, zone->db, version,
  1484. &dns_master_style_default,
  1485. zone->masterfile, zone->task,
  1486. dump_done, zone, &zone->dctx,
  1487. zone->masterformat);
  1488. dns_db_closeversion(zone->db, &version, ISC_FALSE);
  1489. } else
  1490. result = ISC_R_CANCELED;
  1491. ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read);
  1492. UNLOCK_ZONE(zone);
  1493. if (result != DNS_R_CONTINUE)
  1494. goto fail;
  1495. return;
  1496. fail:
  1497. dump_done(zone, result);
  1498. }
  1499. static isc_result_t
  1500. zone_startload(dns_db_t *db, dns_zone_t *zone, isc_time_t loadtime) {
  1501. dns_load_t *load;
  1502. isc_result_t result;
  1503. isc_result_t tresult;
  1504. unsigned int options;
  1505. options = get_master_options(zone);
  1506. if (DNS_ZONE_OPTION(zone, DNS_ZONEOPT_MANYERRORS))
  1507. options |= DNS_MASTER_MANYERRORS;
  1508. if (zone->zmgr != NULL && zone->db != NULL && zone->task != NULL) {
  1509. load = isc_mem_get(zone->mctx, sizeof(*load));
  1510. if (load == NULL)
  1511. return (ISC_R_NOMEMORY);
  1512. load->mctx = NULL;
  1513. load->zone = NULL;
  1514. load->db = NULL;
  1515. load->loadtime = loadtime;
  1516. load->magic = LOAD_MAGIC;
  1517. isc_mem_attach(zone->mctx, &load->mctx);
  1518. zone_iattach(zone, &load->zone);
  1519. dns_db_attach(db, &load->db);
  1520. dns_rdatacallbacks_init(&load->callbacks);
  1521. result = dns_db_beginload(db, &load->callbacks.add,
  1522. &load->callbacks.add_private);
  1523. if (result != ISC_R_SUCCESS)
  1524. goto cleanup;
  1525. result = zonemgr_getio(zone->zmgr, ISC_TRUE, zone->task,
  1526. zone_gotreadhandle, load,
  1527. &zone->readio);
  1528. if (result != ISC_R_SUCCESS) {
  1529. /*
  1530. * We can't report multiple errors so ignore
  1531. * the result of dns_db_endload().
  1532. */
  1533. (void)dns_db_endload(load->db,
  1534. &load->callbacks.add_private);
  1535. goto cleanup;
  1536. } else
  1537. result = DNS_R_CONTINUE;
  1538. } else {
  1539. dns_rdatacallbacks_t callbacks;
  1540. dns_rdatacallbacks_init(&callbacks);
  1541. result = dns_db_beginload(db, &callbacks.add,
  1542. &callbacks.add_private);
  1543. if (result != ISC_R_SUCCESS)
  1544. return (result);
  1545. result = dns_master_loadfile3(zone->masterfile, &zone->origin,
  1546. &zone->origin, zone->rdclass,
  1547. options, zone->sigresigninginterval,
  1548. &callbacks, zone->mctx,
  1549. zone->masterformat);
  1550. tresult = dns_db_endload(db, &callbacks.add_private);
  1551. if (result == ISC_R_SUCCESS)
  1552. result = tresult;
  1553. }
  1554. return (result);
  1555. cleanup:
  1556. load->magic = 0;
  1557. dns_db_detach(&load->db);
  1558. zone_idetach(&load->zone);
  1559. isc_mem_detach(&load->mctx);
  1560. isc_mem_put(zone->mctx, load, sizeof(*load));
  1561. return (result);
  1562. }
  1563. static isc_boolean_t
  1564. zone_check_mx(dns_zone_t *zone, dns_db_t *db, dns_name_t *name,
  1565. dns_name_t *owner)
  1566. {
  1567. isc_result_t result;
  1568. char ownerbuf[DNS_NAME_FORMATSIZE];
  1569. char namebuf[DNS_NAME_FORMATSIZE];
  1570. char altbuf[DNS_NAME_FORMATSIZE];
  1571. dns_fixedname_t fixed;
  1572. dns_name_t *foundname;
  1573. int level;
  1574. /*
  1575. * "." means the services does not exist.
  1576. */
  1577. if (dns_name_equal(name, dns_rootname))
  1578. return (ISC_TRUE);
  1579. /*
  1580. * Outside of zone.
  1581. */
  1582. if (!dns_name_issubdomain(name, &zone->origin)) {
  1583. if (zone->checkmx != NULL)
  1584. return ((zone->checkmx)(zone, name, owner));
  1585. return (ISC_TRUE);
  1586. }
  1587. if (zone->type == dns_zone_master)
  1588. level = ISC_LOG_ERROR;
  1589. else
  1590. level = ISC_LOG_WARNING;
  1591. dns_fixedname_init(&fixed);
  1592. foundname = dns_fixedname_name(&fixed);
  1593. result = dns_db_find(db, name, NULL, dns_rdatatype_a,
  1594. 0, 0, NULL, foundname, NULL, NULL);
  1595. if (result == ISC_R_SUCCESS)
  1596. return (ISC_TRUE);
  1597. if (result == DNS_R_NXRRSET) {
  1598. result = dns_db_find(db, name, NULL, dns_rdatatype_aaaa,