|
Electroneum
|
#include "iterator/iter_resptype.h"
Go to the source code of this file.
Functions | |
| int | iter_apply_cfg (struct iter_env *iter_env, struct config_file *cfg) |
| struct delegpt_addr * | iter_server_selection (struct iter_env *iter_env, struct module_env *env, struct delegpt *dp, uint8_t *name, size_t namelen, uint16_t qtype, int *dnssec_lame, int *chase_to_rd, int open_target, struct sock_list *blacklist, time_t prefetch) |
| struct dns_msg * | dns_alloc_msg (struct sldns_buffer *pkt, struct msg_parse *msg, struct regional *regional) |
| struct dns_msg * | dns_copy_msg (struct dns_msg *from, struct regional *regional) |
| void | iter_dns_store (struct module_env *env, struct query_info *qinf, struct reply_info *rep, int is_referral, time_t leeway, int pside, struct regional *region, uint16_t flags) |
| int | iter_ns_probability (struct ub_randstate *rnd, int n, int m) |
| void | iter_mark_cycle_targets (struct module_qstate *qstate, struct delegpt *dp) |
| void | iter_mark_pside_cycle_targets (struct module_qstate *qstate, struct delegpt *dp) |
| int | iter_dp_is_useless (struct query_info *qinfo, uint16_t qflags, struct delegpt *dp) |
| int | iter_qname_indicates_dnssec (struct module_env *env, struct query_info *qinfo) |
| int | iter_indicates_dnssec (struct module_env *env, struct delegpt *dp, struct dns_msg *msg, uint16_t dclass) |
| int | iter_msg_has_dnssec (struct dns_msg *msg) |
| int | iter_msg_from_zone (struct dns_msg *msg, struct delegpt *dp, enum response_type type, uint16_t dclass) |
| int | reply_equal (struct reply_info *p, struct reply_info *q, struct regional *region) |
| void | caps_strip_reply (struct reply_info *rep) |
| int | caps_failed_rcode (struct reply_info *rep) |
| void | iter_store_parentside_rrset (struct module_env *env, struct ub_packed_rrset_key *rrset) |
| void | iter_store_parentside_NS (struct module_env *env, struct reply_info *rep) |
| void | iter_store_parentside_neg (struct module_env *env, struct query_info *qinfo, struct reply_info *rep) |
| int | iter_lookup_parent_NS_from_cache (struct module_env *env, struct delegpt *dp, struct regional *region, struct query_info *qinfo) |
| int | iter_lookup_parent_glue_from_cache (struct module_env *env, struct delegpt *dp, struct regional *region, struct query_info *qinfo) |
| int | iter_get_next_root (struct iter_hints *hints, struct iter_forwards *fwd, uint16_t *c) |
| void | iter_scrub_ds (struct dns_msg *msg, struct ub_packed_rrset_key *ns, uint8_t *z) |
| void | iter_dec_attempts (struct delegpt *dp, int d) |
| void | iter_merge_retry_counts (struct delegpt *dp, struct delegpt *old) |
| int | iter_ds_toolow (struct dns_msg *msg, struct delegpt *dp) |
| int | iter_dp_cangodown (struct query_info *qinfo, struct delegpt *dp) |
This file contains functions to assist the iterator module. Configuration options. Forward zones.
Definition in file iter_utils.h.
| int caps_failed_rcode | ( | struct reply_info * | rep | ) |
see if reply has a 'useful' rcode for capsforid comparison, so not SERVFAIL or REFUSED, and thus NOERROR or NXDOMAIN.
| rep | reply to check. |
| void caps_strip_reply | ( | struct reply_info * | rep | ) |
Remove unused bits from the reply if possible. So that caps-for-id (0x20) fallback is more likely to be successful. This removes like, the additional section, and NS record in the authority section if those records are gratuitous (not for a referral).
| rep | the reply to strip stuff out of. |
| struct dns_msg* dns_alloc_msg | ( | struct sldns_buffer * | pkt, |
| struct msg_parse * | msg, | ||
| struct regional * | regional | ||
| ) |
| int iter_apply_cfg | ( | struct iter_env * | iter_env, |
| struct config_file * | cfg | ||
| ) |
Process config options and set iterator module state. Sets default values if no config is found.
| iter_env | iterator module state. |
| cfg | config options. |
| void iter_dec_attempts | ( | struct delegpt * | dp, |
| int | d | ||
| ) |
Remove query attempts from all available ips. For 0x20.
| dp | delegpt. |
| d | decrease. |
| void iter_dns_store | ( | struct module_env * | env, |
| struct query_info * | qinf, | ||
| struct reply_info * | rep, | ||
| int | is_referral, | ||
| time_t | leeway, | ||
| int | pside, | ||
| struct regional * | region, | ||
| uint16_t | flags | ||
| ) |
Allocate a dns_msg with malloc/alloc structure and store in dns cache.
| env | environment, with alloc structure and dns cache. |
| qinf | query info, the query for which answer is stored. |
| rep | reply in dns_msg from dns_alloc_msg for example. |
| is_referral | If true, then the given message to be stored is a referral. The cache implementation may use this as a hint. |
| leeway | prefetch TTL leeway to expire old rrsets quicker. |
| pside | true if dp is parentside, thus message is 'fresh' and NS can be prefetch-updates. |
| region | to copy modified (cache is better) rrs back to. |
| flags | with BIT_CD for dns64 AAAA translated queries. |
| int iter_dp_cangodown | ( | struct query_info * | qinfo, |
| struct delegpt * | dp | ||
| ) |
See if delegpt can go down a step to the qname or not
| qinfo | the query name looked up. |
| dp | checked if the name can go lower to the qname |
| int iter_dp_is_useless | ( | struct query_info * | qinfo, |
| uint16_t | qflags, | ||
| struct delegpt * | dp | ||
| ) |
See if delegation is useful or offers immediately no targets for further recursion.
| qinfo | query name and type |
| qflags | query flags with RD flag |
| dp | delegpt to check. |
See if a DS response (type ANSWER) is too low: a nodata answer with a SOA record in the authority section at-or-below the qchase.qname. Also returns true if we are not sure (i.e. empty message, CNAME nosig).
| msg | the response. |
| dp | the dp name is used to check if the RRSIG gives a clue that it was originated from the correct nameserver. |
| int iter_get_next_root | ( | struct iter_hints * | hints, |
| struct iter_forwards * | fwd, | ||
| uint16_t * | c | ||
| ) |
Lookup next root-hint or root-forward entry.
| hints | the hints. |
| fwd | the forwards. |
| c | the class to start searching at. 0 means find first one. |
| int iter_indicates_dnssec | ( | struct module_env * | env, |
| struct delegpt * | dp, | ||
| struct dns_msg * | msg, | ||
| uint16_t | dclass | ||
| ) |
See if delegation is expected to have DNSSEC information (RRSIGs) in its answers, or not. Inspects delegation point (name), trust anchors, and delegation message (DS RRset) to determine this.
| env | module env with trust anchors. |
| dp | delegation point. |
| msg | delegation message, with DS if a secure referral. |
| dclass | class of query. |
| int iter_lookup_parent_glue_from_cache | ( | struct module_env * | env, |
| struct delegpt * | dp, | ||
| struct regional * | region, | ||
| struct query_info * | qinfo | ||
| ) |
Add parent-side glue if that exists in the cache. This is both new information and acts like a timeout throttle on retries to fetch them.
| env | query env with rrset cache and time. |
| dp | delegation point to store result in. Also this dp is used to see which NS name is needed. |
| region | region to alloc result in. |
| qinfo | pertinent information, the qclass. |
| int iter_lookup_parent_NS_from_cache | ( | struct module_env * | env, |
| struct delegpt * | dp, | ||
| struct regional * | region, | ||
| struct query_info * | qinfo | ||
| ) |
Add parent NS record if that exists in the cache. This is both new information and acts like a timeout throttle on retries.
| env | query env with rrset cache and time. |
| dp | delegation point to store result in. Also this dp is used to see which NS name is needed. |
| region | region to alloc result in. |
| qinfo | pertinent information, the qclass. |
| void iter_mark_cycle_targets | ( | struct module_qstate * | qstate, |
| struct delegpt * | dp | ||
| ) |
Mark targets that result in a dependency cycle as done, so they will not get selected as targets.
| qstate | query state. |
| dp | delegpt to mark ns in. |
| void iter_mark_pside_cycle_targets | ( | struct module_qstate * | qstate, |
| struct delegpt * | dp | ||
| ) |
Mark targets that result in a dependency cycle as done, so they will not get selected as targets. For the parent-side lookups.
| qstate | query state. |
| dp | delegpt to mark ns in. |
Add retry counts from older delegpt to newer delegpt. Does not waste time on timeout'd (or other failing) addresses.
| dp | new delegationpoint. |
| old | old delegationpoint. |
| int iter_msg_from_zone | ( | struct dns_msg * | msg, |
| struct delegpt * | dp, | ||
| enum response_type | type, | ||
| uint16_t | dclass | ||
| ) |
See if a message is known to be from a certain zone. This looks for SOA or NS rrsets, for answers. For referrals, when one label is delegated, the zone is detected. Does not look at signatures.
| msg | the message to inspect. |
| dp | delegation point with zone name to look for. |
| type | type of message. |
| dclass | class of query. |
| int iter_msg_has_dnssec | ( | struct dns_msg * | msg | ) |
See if a message contains DNSSEC. This is examined by looking for RRSIGs. With DNSSEC a valid answer, nxdomain, nodata, referral or cname reply has RRSIGs in answer or auth sections, sigs on answer data, SOA, DS, or NSEC/NSEC3 records.
| msg | message to examine. |
| int iter_ns_probability | ( | struct ub_randstate * | rnd, |
| int | n, | ||
| int | m | ||
| ) |
Select randomly with n/m probability. For shuffle NS records for address fetching.
| rnd | random table |
| n | probability. |
| m | divisor for probability. |
| int iter_qname_indicates_dnssec | ( | struct module_env * | env, |
| struct query_info * | qinfo | ||
| ) |
See if qname has DNSSEC needs. This is true if there is a trust anchor above it. Whether there is an insecure delegation to the data is unknown.
| env | environment with anchors. |
| qinfo | query name and class. |
| void iter_scrub_ds | ( | struct dns_msg * | msg, |
| struct ub_packed_rrset_key * | ns, | ||
| uint8_t * | z | ||
| ) |
Remove DS records that are inappropriate before they are cached.
| msg | the response to scrub. |
| ns | RRSET that is the NS record for the referral. if NULL, then all DS records are removed from the authority section. |
| z | zone name that the response is from. |
| struct delegpt_addr* iter_server_selection | ( | struct iter_env * | iter_env, |
| struct module_env * | env, | ||
| struct delegpt * | dp, | ||
| uint8_t * | name, | ||
| size_t | namelen, | ||
| uint16_t | qtype, | ||
| int * | dnssec_lame, | ||
| int * | chase_to_rd, | ||
| int | open_target, | ||
| struct sock_list * | blacklist, | ||
| time_t | prefetch | ||
| ) |
Select a valid, nice target to send query to. Sorting and removing unsuitable targets is combined.
| iter_env | iterator module global state, with ip6 enabled and do-not-query-addresses. |
| env | environment with infra cache (lameness, rtt info). |
| dp | delegation point with result list. |
| name | zone name (for lameness check). |
| namelen | length of name. |
| qtype | query type that we want to send. |
| dnssec_lame | set to 1, if a known dnssec-lame server is selected these are not preferred, but are used as a last resort. |
| chase_to_rd | set to 1 if a known recursion lame server is selected these are not preferred, but are used as a last resort. |
| open_target | number of currently outstanding target queries. If we wait for these, perhaps more server addresses become available. |
| blacklist | the IP blacklist to use. |
| prefetch | if not 0, prefetch is in use for this query. This means the query can have different timing, because prefetch is not waited upon by the downstream client, and thus a good time to perform exploration of other targets. |
| void iter_store_parentside_neg | ( | struct module_env * | env, |
| struct query_info * | qinfo, | ||
| struct reply_info * | rep | ||
| ) |
Store parent-side negative element, the parentside rrset does not exist, creates an rrset with empty rdata in the rrset cache with PARENTSIDE flag.
| env | environment with cache, time, ... |
| qinfo | the identity of the rrset that is missing. |
| rep | delegation response or answer response, to glean TTL from. (malloc) failure is logged but otherwise ignored. |
| void iter_store_parentside_NS | ( | struct module_env * | env, |
| struct reply_info * | rep | ||
| ) |
Store parent-side NS records from a referral message
| env | environment with cache, time, ... |
| rep | response with NS rrset. Failure to store is logged, but otherwise ignored. |
| void iter_store_parentside_rrset | ( | struct module_env * | env, |
| struct ub_packed_rrset_key * | rrset | ||
| ) |
Store parent-side rrset in separate rrset cache entries for later last-resort * lookups in case the child-side versions of this information fails.
| env | environment with cache, time, ... |
| rrset | the rrset to store (copied). Failure to store is logged, but otherwise ignored. |
| int reply_equal | ( | struct reply_info * | p, |
| struct reply_info * | q, | ||
| struct regional * | region | ||
| ) |
Check if two replies are equal For fallback procedures
| p | reply one. The reply has rrset data pointers in region. Does not check rrset-IDs |
| q | reply two |
| region | scratch buffer. |