/contrib/bind9/lib/dns/rootns.c

https://bitbucket.org/freebsd/freebsd-head/ · C · 527 lines · 441 code · 45 blank · 41 comment · 136 complexity · 0b3ecd06fc404b6784d4f6766b17765a MD5 · raw file

  1. /*
  2. * Copyright (C) 2004, 2005, 2007, 2008, 2010 Internet Systems Consortium, Inc. ("ISC")
  3. * Copyright (C) 1999-2002 Internet Software Consortium.
  4. *
  5. * Permission to use, copy, modify, and/or distribute this software for any
  6. * purpose with or without fee is hereby granted, provided that the above
  7. * copyright notice and this permission notice appear in all copies.
  8. *
  9. * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
  10. * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
  11. * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
  12. * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
  13. * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
  14. * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  15. * PERFORMANCE OF THIS SOFTWARE.
  16. */
  17. /* $Id: rootns.c,v 1.40 2010/06/18 05:36:24 marka Exp $ */
  18. /*! \file */
  19. #include <config.h>
  20. #include <isc/buffer.h>
  21. #include <isc/string.h> /* Required for HP/UX (and others?) */
  22. #include <isc/util.h>
  23. #include <dns/callbacks.h>
  24. #include <dns/db.h>
  25. #include <dns/dbiterator.h>
  26. #include <dns/fixedname.h>
  27. #include <dns/log.h>
  28. #include <dns/master.h>
  29. #include <dns/rdata.h>
  30. #include <dns/rdata.h>
  31. #include <dns/rdataset.h>
  32. #include <dns/rdatasetiter.h>
  33. #include <dns/rdatastruct.h>
  34. #include <dns/rdatatype.h>
  35. #include <dns/result.h>
  36. #include <dns/rootns.h>
  37. #include <dns/view.h>
  38. static char root_ns[] =
  39. ";\n"
  40. "; Internet Root Nameservers\n"
  41. ";\n"
  42. "$TTL 518400\n"
  43. ". 518400 IN NS A.ROOT-SERVERS.NET.\n"
  44. ". 518400 IN NS B.ROOT-SERVERS.NET.\n"
  45. ". 518400 IN NS C.ROOT-SERVERS.NET.\n"
  46. ". 518400 IN NS D.ROOT-SERVERS.NET.\n"
  47. ". 518400 IN NS E.ROOT-SERVERS.NET.\n"
  48. ". 518400 IN NS F.ROOT-SERVERS.NET.\n"
  49. ". 518400 IN NS G.ROOT-SERVERS.NET.\n"
  50. ". 518400 IN NS H.ROOT-SERVERS.NET.\n"
  51. ". 518400 IN NS I.ROOT-SERVERS.NET.\n"
  52. ". 518400 IN NS J.ROOT-SERVERS.NET.\n"
  53. ". 518400 IN NS K.ROOT-SERVERS.NET.\n"
  54. ". 518400 IN NS L.ROOT-SERVERS.NET.\n"
  55. ". 518400 IN NS M.ROOT-SERVERS.NET.\n"
  56. "A.ROOT-SERVERS.NET. 3600000 IN A 198.41.0.4\n"
  57. "A.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:503:BA3E::2:30\n"
  58. "B.ROOT-SERVERS.NET. 3600000 IN A 192.228.79.201\n"
  59. "C.ROOT-SERVERS.NET. 3600000 IN A 192.33.4.12\n"
  60. "D.ROOT-SERVERS.NET. 3600000 IN A 128.8.10.90\n"
  61. "E.ROOT-SERVERS.NET. 3600000 IN A 192.203.230.10\n"
  62. "F.ROOT-SERVERS.NET. 3600000 IN A 192.5.5.241\n"
  63. "F.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:500:2F::F\n"
  64. "G.ROOT-SERVERS.NET. 3600000 IN A 192.112.36.4\n"
  65. "H.ROOT-SERVERS.NET. 3600000 IN A 128.63.2.53\n"
  66. "H.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:500:1::803F:235\n"
  67. "I.ROOT-SERVERS.NET. 3600000 IN A 192.36.148.17\n"
  68. "I.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:7fe::53\n"
  69. "J.ROOT-SERVERS.NET. 3600000 IN A 192.58.128.30\n"
  70. "J.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:503:C27::2:30\n"
  71. "K.ROOT-SERVERS.NET. 3600000 IN A 193.0.14.129\n"
  72. "K.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:7FD::1\n"
  73. "L.ROOT-SERVERS.NET. 3600000 IN A 199.7.83.42\n"
  74. "L.ROOT-SERVERS.NET. 604800 IN AAAA 2001:500:3::42\n"
  75. "M.ROOT-SERVERS.NET. 3600000 IN A 202.12.27.33\n"
  76. "M.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:DC3::35\n";
  77. static isc_result_t
  78. in_rootns(dns_rdataset_t *rootns, dns_name_t *name) {
  79. isc_result_t result;
  80. dns_rdata_t rdata = DNS_RDATA_INIT;
  81. dns_rdata_ns_t ns;
  82. if (!dns_rdataset_isassociated(rootns))
  83. return (ISC_R_NOTFOUND);
  84. result = dns_rdataset_first(rootns);
  85. while (result == ISC_R_SUCCESS) {
  86. dns_rdataset_current(rootns, &rdata);
  87. result = dns_rdata_tostruct(&rdata, &ns, NULL);
  88. if (result != ISC_R_SUCCESS)
  89. return (result);
  90. if (dns_name_compare(name, &ns.name) == 0)
  91. return (ISC_R_SUCCESS);
  92. result = dns_rdataset_next(rootns);
  93. dns_rdata_reset(&rdata);
  94. }
  95. if (result == ISC_R_NOMORE)
  96. result = ISC_R_NOTFOUND;
  97. return (result);
  98. }
  99. static isc_result_t
  100. check_node(dns_rdataset_t *rootns, dns_name_t *name,
  101. dns_rdatasetiter_t *rdsiter) {
  102. isc_result_t result;
  103. dns_rdataset_t rdataset;
  104. dns_rdataset_init(&rdataset);
  105. result = dns_rdatasetiter_first(rdsiter);
  106. while (result == ISC_R_SUCCESS) {
  107. dns_rdatasetiter_current(rdsiter, &rdataset);
  108. switch (rdataset.type) {
  109. case dns_rdatatype_a:
  110. case dns_rdatatype_aaaa:
  111. result = in_rootns(rootns, name);
  112. if (result != ISC_R_SUCCESS)
  113. goto cleanup;
  114. break;
  115. case dns_rdatatype_ns:
  116. if (dns_name_compare(name, dns_rootname) == 0)
  117. break;
  118. /*FALLTHROUGH*/
  119. default:
  120. result = ISC_R_FAILURE;
  121. goto cleanup;
  122. }
  123. dns_rdataset_disassociate(&rdataset);
  124. result = dns_rdatasetiter_next(rdsiter);
  125. }
  126. if (result == ISC_R_NOMORE)
  127. result = ISC_R_SUCCESS;
  128. cleanup:
  129. if (dns_rdataset_isassociated(&rdataset))
  130. dns_rdataset_disassociate(&rdataset);
  131. return (result);
  132. }
  133. static isc_result_t
  134. check_hints(dns_db_t *db) {
  135. isc_result_t result;
  136. dns_rdataset_t rootns;
  137. dns_dbiterator_t *dbiter = NULL;
  138. dns_dbnode_t *node = NULL;
  139. isc_stdtime_t now;
  140. dns_fixedname_t fixname;
  141. dns_name_t *name;
  142. dns_rdatasetiter_t *rdsiter = NULL;
  143. isc_stdtime_get(&now);
  144. dns_fixedname_init(&fixname);
  145. name = dns_fixedname_name(&fixname);
  146. dns_rdataset_init(&rootns);
  147. (void)dns_db_find(db, dns_rootname, NULL, dns_rdatatype_ns, 0,
  148. now, NULL, name, &rootns, NULL);
  149. result = dns_db_createiterator(db, 0, &dbiter);
  150. if (result != ISC_R_SUCCESS)
  151. goto cleanup;
  152. result = dns_dbiterator_first(dbiter);
  153. while (result == ISC_R_SUCCESS) {
  154. result = dns_dbiterator_current(dbiter, &node, name);
  155. if (result != ISC_R_SUCCESS)
  156. goto cleanup;
  157. result = dns_db_allrdatasets(db, node, NULL, now, &rdsiter);
  158. if (result != ISC_R_SUCCESS)
  159. goto cleanup;
  160. result = check_node(&rootns, name, rdsiter);
  161. if (result != ISC_R_SUCCESS)
  162. goto cleanup;
  163. dns_rdatasetiter_destroy(&rdsiter);
  164. dns_db_detachnode(db, &node);
  165. result = dns_dbiterator_next(dbiter);
  166. }
  167. if (result == ISC_R_NOMORE)
  168. result = ISC_R_SUCCESS;
  169. cleanup:
  170. if (dns_rdataset_isassociated(&rootns))
  171. dns_rdataset_disassociate(&rootns);
  172. if (rdsiter != NULL)
  173. dns_rdatasetiter_destroy(&rdsiter);
  174. if (node != NULL)
  175. dns_db_detachnode(db, &node);
  176. if (dbiter != NULL)
  177. dns_dbiterator_destroy(&dbiter);
  178. return (result);
  179. }
  180. isc_result_t
  181. dns_rootns_create(isc_mem_t *mctx, dns_rdataclass_t rdclass,
  182. const char *filename, dns_db_t **target)
  183. {
  184. isc_result_t result, eresult;
  185. isc_buffer_t source;
  186. size_t len;
  187. dns_rdatacallbacks_t callbacks;
  188. dns_db_t *db = NULL;
  189. REQUIRE(target != NULL && *target == NULL);
  190. result = dns_db_create(mctx, "rbt", dns_rootname, dns_dbtype_zone,
  191. rdclass, 0, NULL, &db);
  192. if (result != ISC_R_SUCCESS)
  193. return (result);
  194. dns_rdatacallbacks_init(&callbacks);
  195. len = strlen(root_ns);
  196. isc_buffer_init(&source, root_ns, len);
  197. isc_buffer_add(&source, len);
  198. result = dns_db_beginload(db, &callbacks.add,
  199. &callbacks.add_private);
  200. if (result != ISC_R_SUCCESS)
  201. return (result);
  202. if (filename != NULL) {
  203. /*
  204. * Load the hints from the specified filename.
  205. */
  206. result = dns_master_loadfile(filename, &db->origin,
  207. &db->origin, db->rdclass,
  208. DNS_MASTER_HINT,
  209. &callbacks, db->mctx);
  210. } else if (rdclass == dns_rdataclass_in) {
  211. /*
  212. * Default to using the Internet root servers.
  213. */
  214. result = dns_master_loadbuffer(&source, &db->origin,
  215. &db->origin, db->rdclass,
  216. DNS_MASTER_HINT,
  217. &callbacks, db->mctx);
  218. } else
  219. result = ISC_R_NOTFOUND;
  220. eresult = dns_db_endload(db, &callbacks.add_private);
  221. if (result == ISC_R_SUCCESS || result == DNS_R_SEENINCLUDE)
  222. result = eresult;
  223. if (result != ISC_R_SUCCESS && result != DNS_R_SEENINCLUDE)
  224. goto db_detach;
  225. if (check_hints(db) != ISC_R_SUCCESS)
  226. isc_log_write(dns_lctx, DNS_LOGCATEGORY_GENERAL,
  227. DNS_LOGMODULE_HINTS, ISC_LOG_WARNING,
  228. "extra data in root hints '%s'",
  229. (filename != NULL) ? filename : "<BUILT-IN>");
  230. *target = db;
  231. return (ISC_R_SUCCESS);
  232. db_detach:
  233. dns_db_detach(&db);
  234. return (result);
  235. }
  236. static void
  237. report(dns_view_t *view, dns_name_t *name, isc_boolean_t missing,
  238. dns_rdata_t *rdata)
  239. {
  240. const char *viewname = "", *sep = "";
  241. char namebuf[DNS_NAME_FORMATSIZE];
  242. char typebuf[DNS_RDATATYPE_FORMATSIZE];
  243. char databuf[sizeof("xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:123.123.123.123")];
  244. isc_buffer_t buffer;
  245. isc_result_t result;
  246. if (strcmp(view->name, "_bind") != 0 &&
  247. strcmp(view->name, "_default") != 0) {
  248. viewname = view->name;
  249. sep = ": view ";
  250. }
  251. dns_name_format(name, namebuf, sizeof(namebuf));
  252. dns_rdatatype_format(rdata->type, typebuf, sizeof(typebuf));
  253. isc_buffer_init(&buffer, databuf, sizeof(databuf) - 1);
  254. result = dns_rdata_totext(rdata, NULL, &buffer);
  255. RUNTIME_CHECK(result == ISC_R_SUCCESS);
  256. databuf[isc_buffer_usedlength(&buffer)] = '\0';
  257. if (missing)
  258. isc_log_write(dns_lctx, DNS_LOGCATEGORY_GENERAL,
  259. DNS_LOGMODULE_HINTS, ISC_LOG_WARNING,
  260. "checkhints%s%s: %s/%s (%s) missing from hints",
  261. sep, viewname, namebuf, typebuf, databuf);
  262. else
  263. isc_log_write(dns_lctx, DNS_LOGCATEGORY_GENERAL,
  264. DNS_LOGMODULE_HINTS, ISC_LOG_WARNING,
  265. "checkhints%s%s: %s/%s (%s) extra record "
  266. "in hints", sep, viewname, namebuf, typebuf,
  267. databuf);
  268. }
  269. static isc_boolean_t
  270. inrrset(dns_rdataset_t *rrset, dns_rdata_t *rdata) {
  271. isc_result_t result;
  272. dns_rdata_t current = DNS_RDATA_INIT;
  273. result = dns_rdataset_first(rrset);
  274. while (result == ISC_R_SUCCESS) {
  275. dns_rdataset_current(rrset, &current);
  276. if (dns_rdata_compare(rdata, &current) == 0)
  277. return (ISC_TRUE);
  278. dns_rdata_reset(&current);
  279. result = dns_rdataset_next(rrset);
  280. }
  281. return (ISC_FALSE);
  282. }
  283. /*
  284. * Check that the address RRsets match.
  285. *
  286. * Note we don't complain about missing glue records.
  287. */
  288. static void
  289. check_address_records(dns_view_t *view, dns_db_t *hints, dns_db_t *db,
  290. dns_name_t *name, isc_stdtime_t now)
  291. {
  292. isc_result_t hresult, rresult, result;
  293. dns_rdataset_t hintrrset, rootrrset;
  294. dns_rdata_t rdata = DNS_RDATA_INIT;
  295. dns_name_t *foundname;
  296. dns_fixedname_t fixed;
  297. dns_rdataset_init(&hintrrset);
  298. dns_rdataset_init(&rootrrset);
  299. dns_fixedname_init(&fixed);
  300. foundname = dns_fixedname_name(&fixed);
  301. hresult = dns_db_find(hints, name, NULL, dns_rdatatype_a, 0,
  302. now, NULL, foundname, &hintrrset, NULL);
  303. rresult = dns_db_find(db, name, NULL, dns_rdatatype_a,
  304. DNS_DBFIND_GLUEOK, now, NULL, foundname,
  305. &rootrrset, NULL);
  306. if (hresult == ISC_R_SUCCESS &&
  307. (rresult == ISC_R_SUCCESS || rresult == DNS_R_GLUE)) {
  308. result = dns_rdataset_first(&rootrrset);
  309. while (result == ISC_R_SUCCESS) {
  310. dns_rdata_reset(&rdata);
  311. dns_rdataset_current(&rootrrset, &rdata);
  312. if (!inrrset(&hintrrset, &rdata))
  313. report(view, name, ISC_TRUE, &rdata);
  314. result = dns_rdataset_next(&rootrrset);
  315. }
  316. result = dns_rdataset_first(&hintrrset);
  317. while (result == ISC_R_SUCCESS) {
  318. dns_rdata_reset(&rdata);
  319. dns_rdataset_current(&hintrrset, &rdata);
  320. if (!inrrset(&rootrrset, &rdata))
  321. report(view, name, ISC_FALSE, &rdata);
  322. result = dns_rdataset_next(&hintrrset);
  323. }
  324. }
  325. if (hresult == ISC_R_NOTFOUND &&
  326. (rresult == ISC_R_SUCCESS || rresult == DNS_R_GLUE)) {
  327. result = dns_rdataset_first(&rootrrset);
  328. while (result == ISC_R_SUCCESS) {
  329. dns_rdata_reset(&rdata);
  330. dns_rdataset_current(&rootrrset, &rdata);
  331. report(view, name, ISC_TRUE, &rdata);
  332. result = dns_rdataset_next(&rootrrset);
  333. }
  334. }
  335. if (dns_rdataset_isassociated(&rootrrset))
  336. dns_rdataset_disassociate(&rootrrset);
  337. if (dns_rdataset_isassociated(&hintrrset))
  338. dns_rdataset_disassociate(&hintrrset);
  339. /*
  340. * Check AAAA records.
  341. */
  342. hresult = dns_db_find(hints, name, NULL, dns_rdatatype_aaaa, 0,
  343. now, NULL, foundname, &hintrrset, NULL);
  344. rresult = dns_db_find(db, name, NULL, dns_rdatatype_aaaa,
  345. DNS_DBFIND_GLUEOK, now, NULL, foundname,
  346. &rootrrset, NULL);
  347. if (hresult == ISC_R_SUCCESS &&
  348. (rresult == ISC_R_SUCCESS || rresult == DNS_R_GLUE)) {
  349. result = dns_rdataset_first(&rootrrset);
  350. while (result == ISC_R_SUCCESS) {
  351. dns_rdata_reset(&rdata);
  352. dns_rdataset_current(&rootrrset, &rdata);
  353. if (!inrrset(&hintrrset, &rdata))
  354. report(view, name, ISC_TRUE, &rdata);
  355. dns_rdata_reset(&rdata);
  356. result = dns_rdataset_next(&rootrrset);
  357. }
  358. result = dns_rdataset_first(&hintrrset);
  359. while (result == ISC_R_SUCCESS) {
  360. dns_rdata_reset(&rdata);
  361. dns_rdataset_current(&hintrrset, &rdata);
  362. if (!inrrset(&rootrrset, &rdata))
  363. report(view, name, ISC_FALSE, &rdata);
  364. dns_rdata_reset(&rdata);
  365. result = dns_rdataset_next(&hintrrset);
  366. }
  367. }
  368. if (hresult == ISC_R_NOTFOUND &&
  369. (rresult == ISC_R_SUCCESS || rresult == DNS_R_GLUE)) {
  370. result = dns_rdataset_first(&rootrrset);
  371. while (result == ISC_R_SUCCESS) {
  372. dns_rdata_reset(&rdata);
  373. dns_rdataset_current(&rootrrset, &rdata);
  374. report(view, name, ISC_TRUE, &rdata);
  375. dns_rdata_reset(&rdata);
  376. result = dns_rdataset_next(&rootrrset);
  377. }
  378. }
  379. if (dns_rdataset_isassociated(&rootrrset))
  380. dns_rdataset_disassociate(&rootrrset);
  381. if (dns_rdataset_isassociated(&hintrrset))
  382. dns_rdataset_disassociate(&hintrrset);
  383. }
  384. void
  385. dns_root_checkhints(dns_view_t *view, dns_db_t *hints, dns_db_t *db) {
  386. isc_result_t result;
  387. dns_rdata_t rdata = DNS_RDATA_INIT;
  388. dns_rdata_ns_t ns;
  389. dns_rdataset_t hintns, rootns;
  390. const char *viewname = "", *sep = "";
  391. isc_stdtime_t now;
  392. dns_name_t *name;
  393. dns_fixedname_t fixed;
  394. REQUIRE(hints != NULL);
  395. REQUIRE(db != NULL);
  396. REQUIRE(view != NULL);
  397. isc_stdtime_get(&now);
  398. if (strcmp(view->name, "_bind") != 0 &&
  399. strcmp(view->name, "_default") != 0) {
  400. viewname = view->name;
  401. sep = ": view ";
  402. }
  403. dns_rdataset_init(&hintns);
  404. dns_rdataset_init(&rootns);
  405. dns_fixedname_init(&fixed);
  406. name = dns_fixedname_name(&fixed);
  407. result = dns_db_find(hints, dns_rootname, NULL, dns_rdatatype_ns, 0,
  408. now, NULL, name, &hintns, NULL);
  409. if (result != ISC_R_SUCCESS) {
  410. isc_log_write(dns_lctx, DNS_LOGCATEGORY_GENERAL,
  411. DNS_LOGMODULE_HINTS, ISC_LOG_WARNING,
  412. "checkhints%s%s: unable to get root NS rrset "
  413. "from hints: %s", sep, viewname,
  414. dns_result_totext(result));
  415. goto cleanup;
  416. }
  417. result = dns_db_find(db, dns_rootname, NULL, dns_rdatatype_ns, 0,
  418. now, NULL, name, &rootns, NULL);
  419. if (result != ISC_R_SUCCESS) {
  420. isc_log_write(dns_lctx, DNS_LOGCATEGORY_GENERAL,
  421. DNS_LOGMODULE_HINTS, ISC_LOG_WARNING,
  422. "checkhints%s%s: unable to get root NS rrset "
  423. "from cache: %s", sep, viewname,
  424. dns_result_totext(result));
  425. goto cleanup;
  426. }
  427. /*
  428. * Look for missing root NS names.
  429. */
  430. result = dns_rdataset_first(&rootns);
  431. while (result == ISC_R_SUCCESS) {
  432. dns_rdataset_current(&rootns, &rdata);
  433. result = dns_rdata_tostruct(&rdata, &ns, NULL);
  434. RUNTIME_CHECK(result == ISC_R_SUCCESS);
  435. result = in_rootns(&hintns, &ns.name);
  436. if (result != ISC_R_SUCCESS) {
  437. char namebuf[DNS_NAME_FORMATSIZE];
  438. /* missing from hints */
  439. dns_name_format(&ns.name, namebuf, sizeof(namebuf));
  440. isc_log_write(dns_lctx, DNS_LOGCATEGORY_GENERAL,
  441. DNS_LOGMODULE_HINTS, ISC_LOG_WARNING,
  442. "checkhints%s%s: unable to find root "
  443. "NS '%s' in hints", sep, viewname,
  444. namebuf);
  445. } else
  446. check_address_records(view, hints, db, &ns.name, now);
  447. dns_rdata_reset(&rdata);
  448. result = dns_rdataset_next(&rootns);
  449. }
  450. if (result != ISC_R_NOMORE) {
  451. goto cleanup;
  452. }
  453. /*
  454. * Look for extra root NS names.
  455. */
  456. result = dns_rdataset_first(&hintns);
  457. while (result == ISC_R_SUCCESS) {
  458. dns_rdataset_current(&hintns, &rdata);
  459. result = dns_rdata_tostruct(&rdata, &ns, NULL);
  460. RUNTIME_CHECK(result == ISC_R_SUCCESS);
  461. result = in_rootns(&rootns, &ns.name);
  462. if (result != ISC_R_SUCCESS) {
  463. char namebuf[DNS_NAME_FORMATSIZE];
  464. /* extra entry in hints */
  465. dns_name_format(&ns.name, namebuf, sizeof(namebuf));
  466. isc_log_write(dns_lctx, DNS_LOGCATEGORY_GENERAL,
  467. DNS_LOGMODULE_HINTS, ISC_LOG_WARNING,
  468. "checkhints%s%s: extra NS '%s' in hints",
  469. sep, viewname, namebuf);
  470. }
  471. dns_rdata_reset(&rdata);
  472. result = dns_rdataset_next(&hintns);
  473. }
  474. if (result != ISC_R_NOMORE) {
  475. goto cleanup;
  476. }
  477. cleanup:
  478. if (dns_rdataset_isassociated(&rootns))
  479. dns_rdataset_disassociate(&rootns);
  480. if (dns_rdataset_isassociated(&hintns))
  481. dns_rdataset_disassociate(&hintns);
  482. }