d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
freebsd-nq/contrib/bind9/lib/dns/adb.c
Doug Barton 5143adb549 Update to BIND 9.6.3, the latest from ISC on the 9.6 branch. 
All 9.6 users with DNSSEC validation enabled should upgrade to this
version, or the latest version in the 9.7 branch, prior to 2011-03-31
in order to avoid validation failures for names in .COM as described
here:

https://www.isc.org/announcement/bind-9-dnssec-validation-fails-new-ds-record

In addition the fixes for this and other bugs, there are also the
following:

  * Various fixes to kerberos support, including GSS-TSIG
  * Various fixes to avoid leaking memory, and to problems that could
    prevent a clean shutdown of named
2011-02-06 22:46:07 +00:00

3635 lines
93 KiB
C
Raw Blame History

/*
* Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1999-2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: adb.c,v 1.243.42.6 2010-08-11 23:45:49 tbox Exp $ */
/*! \file
*
* \note
* In finds, if task == NULL, no events will be generated, and no events
* have been sent. If task != NULL but taskaction == NULL, an event has been
* posted but not yet freed. If neither are NULL, no event was posted.
*
*/
#include <config.h>
#include <limits.h>
#include <isc/mutexblock.h>
#include <isc/netaddr.h>
#include <isc/random.h>
#include <isc/stats.h>
#include <isc/string.h> /* Required for HP/UX (and others?) */
#include <isc/task.h>
#include <isc/util.h>
#include <dns/adb.h>
#include <dns/db.h>
#include <dns/events.h>
#include <dns/log.h>
#include <dns/rdata.h>
#include <dns/rdataset.h>
#include <dns/rdatastruct.h>
#include <dns/rdatatype.h>
#include <dns/resolver.h>
#include <dns/result.h>
#include <dns/stats.h>
#define DNS_ADB_MAGIC ISC_MAGIC('D', 'a', 'd', 'b')
#define DNS_ADB_VALID(x) ISC_MAGIC_VALID(x, DNS_ADB_MAGIC)
#define DNS_ADBNAME_MAGIC ISC_MAGIC('a', 'd', 'b', 'N')
#define DNS_ADBNAME_VALID(x) ISC_MAGIC_VALID(x, DNS_ADBNAME_MAGIC)
#define DNS_ADBNAMEHOOK_MAGIC ISC_MAGIC('a', 'd', 'N', 'H')
#define DNS_ADBNAMEHOOK_VALID(x) ISC_MAGIC_VALID(x, DNS_ADBNAMEHOOK_MAGIC)
#define DNS_ADBLAMEINFO_MAGIC ISC_MAGIC('a', 'd', 'b', 'Z')
#define DNS_ADBLAMEINFO_VALID(x) ISC_MAGIC_VALID(x, DNS_ADBLAMEINFO_MAGIC)
#define DNS_ADBENTRY_MAGIC ISC_MAGIC('a', 'd', 'b', 'E')
#define DNS_ADBENTRY_VALID(x) ISC_MAGIC_VALID(x, DNS_ADBENTRY_MAGIC)
#define DNS_ADBFETCH_MAGIC ISC_MAGIC('a', 'd', 'F', '4')
#define DNS_ADBFETCH_VALID(x) ISC_MAGIC_VALID(x, DNS_ADBFETCH_MAGIC)
#define DNS_ADBFETCH6_MAGIC ISC_MAGIC('a', 'd', 'F', '6')
#define DNS_ADBFETCH6_VALID(x) ISC_MAGIC_VALID(x, DNS_ADBFETCH6_MAGIC)
/*!
* The number of buckets needs to be a prime (for good hashing).
*
* XXXRTH How many buckets do we need?
*/
#define NBUCKETS 1009 /*%< how many buckets for names/addrs */
/*!
* For type 3 negative cache entries, we will remember that the address is
* broken for this long. XXXMLG This is also used for actual addresses, too.
* The intent is to keep us from constantly asking about A/AAAA records
* if the zone has extremely low TTLs.
*/
#define ADB_CACHE_MINIMUM 10 /*%< seconds */
#define ADB_CACHE_MAXIMUM 86400 /*%< seconds (86400 = 24 hours) */
#define ADB_ENTRY_WINDOW 1800 /*%< seconds */
/*%
* The period in seconds after which an ADB name entry is regarded as stale
* and forced to be cleaned up.
* TODO: This should probably be configurable at run-time.
*/
#ifndef ADB_STALE_MARGIN
#define ADB_STALE_MARGIN 1800
#endif
#define FREE_ITEMS 64 /*%< free count for memory pools */
#define FILL_COUNT 16 /*%< fill count for memory pools */
#define DNS_ADB_INVALIDBUCKET (-1) /*%< invalid bucket address */
#define DNS_ADB_MINADBSIZE (1024*1024) /*%< 1 Megabyte */
typedef ISC_LIST(dns_adbname_t) dns_adbnamelist_t;
typedef struct dns_adbnamehook dns_adbnamehook_t;
typedef ISC_LIST(dns_adbnamehook_t) dns_adbnamehooklist_t;
typedef struct dns_adblameinfo dns_adblameinfo_t;
typedef ISC_LIST(dns_adbentry_t) dns_adbentrylist_t;
typedef struct dns_adbfetch dns_adbfetch_t;
typedef struct dns_adbfetch6 dns_adbfetch6_t;
/*% dns adb structure */
struct dns_adb {
unsigned int magic;
isc_mutex_t lock;
isc_mutex_t reflock; /*%< Covers irefcnt, erefcnt */
isc_mutex_t overmemlock; /*%< Covers overmem */
isc_mem_t *mctx;
dns_view_t *view;
isc_taskmgr_t *taskmgr;
isc_task_t *task;
isc_interval_t tick_interval;
int next_cleanbucket;
unsigned int irefcnt;
unsigned int erefcnt;
isc_mutex_t mplock;
isc_mempool_t *nmp; /*%< dns_adbname_t */
isc_mempool_t *nhmp; /*%< dns_adbnamehook_t */
isc_mempool_t *limp; /*%< dns_adblameinfo_t */
isc_mempool_t *emp; /*%< dns_adbentry_t */
isc_mempool_t *ahmp; /*%< dns_adbfind_t */
isc_mempool_t *aimp; /*%< dns_adbaddrinfo_t */
isc_mempool_t *afmp; /*%< dns_adbfetch_t */
/*!
* Bucketized locks and lists for names.
*
* XXXRTH Have a per-bucket structure that contains all of these?
*/
dns_adbnamelist_t names[NBUCKETS];
dns_adbnamelist_t deadnames[NBUCKETS];
/*% See dns_adbnamelist_t */
isc_mutex_t namelocks[NBUCKETS];
/*% See dns_adbnamelist_t */
isc_boolean_t name_sd[NBUCKETS];
/*% See dns_adbnamelist_t */
unsigned int name_refcnt[NBUCKETS];
/*!
* Bucketized locks for entries.
*
* XXXRTH Have a per-bucket structure that contains all of these?
*/
dns_adbentrylist_t entries[NBUCKETS];
dns_adbentrylist_t deadentries[NBUCKETS];
isc_mutex_t entrylocks[NBUCKETS];
isc_boolean_t entry_sd[NBUCKETS]; /*%< shutting down */
unsigned int entry_refcnt[NBUCKETS];
isc_event_t cevent;
isc_boolean_t cevent_sent;
isc_boolean_t shutting_down;
isc_eventlist_t whenshutdown;
};
/*
* XXXMLG Document these structures.
*/
/*% dns_adbname structure */
struct dns_adbname {
unsigned int magic;
dns_name_t name;
dns_adb_t *adb;
unsigned int partial_result;
unsigned int flags;
int lock_bucket;
dns_name_t target;
isc_stdtime_t expire_target;
isc_stdtime_t expire_v4;
isc_stdtime_t expire_v6;
unsigned int chains;
dns_adbnamehooklist_t v4;
dns_adbnamehooklist_t v6;
dns_adbfetch_t *fetch_a;
dns_adbfetch_t *fetch_aaaa;
unsigned int fetch_err;
unsigned int fetch6_err;
dns_adbfindlist_t finds;
/* for LRU-based management */
isc_stdtime_t last_used;
ISC_LINK(dns_adbname_t) plink;
};
/*% The adbfetch structure */
struct dns_adbfetch {
unsigned int magic;
dns_fetch_t *fetch;
dns_rdataset_t rdataset;
};
/*%
* This is a small widget that dangles off a dns_adbname_t. It contains a
* pointer to the address information about this host, and a link to the next
* namehook that will contain the next address this host has.
*/
struct dns_adbnamehook {
unsigned int magic;
dns_adbentry_t *entry;
ISC_LINK(dns_adbnamehook_t) plink;
};
/*%
* This is a small widget that holds qname-specific information about an
* address. Currently limited to lameness, but could just as easily be
* extended to other types of information about zones.
*/
struct dns_adblameinfo {
unsigned int magic;
dns_name_t qname;
dns_rdatatype_t qtype;
isc_stdtime_t lame_timer;
ISC_LINK(dns_adblameinfo_t) plink;
};
/*%
* An address entry. It holds quite a bit of information about addresses,
* including edns state (in "flags"), rtt, and of course the address of
* the host.
*/
struct dns_adbentry {
unsigned int magic;
int lock_bucket;
unsigned int refcnt;
unsigned int flags;
unsigned int srtt;
isc_sockaddr_t sockaddr;
isc_stdtime_t expires;
/*%<
* A nonzero 'expires' field indicates that the entry should
* persist until that time. This allows entries found
* using dns_adb_findaddrinfo() to persist for a limited time
* even though they are not necessarily associated with a
* name.
*/
ISC_LIST(dns_adblameinfo_t) lameinfo;
ISC_LINK(dns_adbentry_t) plink;
};
/*
* Internal functions (and prototypes).
*/
static inline dns_adbname_t *new_adbname(dns_adb_t *, dns_name_t *);
static inline void free_adbname(dns_adb_t *, dns_adbname_t **);
static inline dns_adbnamehook_t *new_adbnamehook(dns_adb_t *,
dns_adbentry_t *);
static inline void free_adbnamehook(dns_adb_t *, dns_adbnamehook_t **);
static inline dns_adblameinfo_t *new_adblameinfo(dns_adb_t *, dns_name_t *,
dns_rdatatype_t);
static inline void free_adblameinfo(dns_adb_t *, dns_adblameinfo_t **);
static inline dns_adbentry_t *new_adbentry(dns_adb_t *);
static inline void free_adbentry(dns_adb_t *, dns_adbentry_t **);
static inline dns_adbfind_t *new_adbfind(dns_adb_t *);
static inline isc_boolean_t free_adbfind(dns_adb_t *, dns_adbfind_t **);
static inline dns_adbaddrinfo_t *new_adbaddrinfo(dns_adb_t *, dns_adbentry_t *,
in_port_t);
static inline dns_adbfetch_t *new_adbfetch(dns_adb_t *);
static inline void free_adbfetch(dns_adb_t *, dns_adbfetch_t **);
static inline dns_adbname_t *find_name_and_lock(dns_adb_t *, dns_name_t *,
unsigned int, int *);
static inline dns_adbentry_t *find_entry_and_lock(dns_adb_t *,
isc_sockaddr_t *, int *,
isc_stdtime_t);
static void dump_adb(dns_adb_t *, FILE *, isc_boolean_t debug, isc_stdtime_t);
static void print_dns_name(FILE *, dns_name_t *);
static void print_namehook_list(FILE *, const char *legend,
dns_adbnamehooklist_t *list,
isc_boolean_t debug,
isc_stdtime_t now);
static void print_find_list(FILE *, dns_adbname_t *);
static void print_fetch_list(FILE *, dns_adbname_t *);
static inline isc_boolean_t dec_adb_irefcnt(dns_adb_t *);
static inline void inc_adb_irefcnt(dns_adb_t *);
static inline void inc_adb_erefcnt(dns_adb_t *);
static inline void inc_entry_refcnt(dns_adb_t *, dns_adbentry_t *,
isc_boolean_t);
static inline isc_boolean_t dec_entry_refcnt(dns_adb_t *, isc_boolean_t,
dns_adbentry_t *, isc_boolean_t);
static inline void violate_locking_hierarchy(isc_mutex_t *, isc_mutex_t *);
static isc_boolean_t clean_namehooks(dns_adb_t *, dns_adbnamehooklist_t *);
static void clean_target(dns_adb_t *, dns_name_t *);
static void clean_finds_at_name(dns_adbname_t *, isc_eventtype_t,
unsigned int);
static isc_boolean_t check_expire_namehooks(dns_adbname_t *, isc_stdtime_t);
static isc_boolean_t check_expire_entry(dns_adb_t *, dns_adbentry_t **,
isc_stdtime_t);
static void cancel_fetches_at_name(dns_adbname_t *);
static isc_result_t dbfind_name(dns_adbname_t *, isc_stdtime_t,
dns_rdatatype_t);
static isc_result_t fetch_name(dns_adbname_t *, isc_boolean_t,
dns_rdatatype_t);
static inline void check_exit(dns_adb_t *);
static void destroy(dns_adb_t *);
static isc_boolean_t shutdown_names(dns_adb_t *);
static isc_boolean_t shutdown_entries(dns_adb_t *);
static inline void link_name(dns_adb_t *, int, dns_adbname_t *);
static inline isc_boolean_t unlink_name(dns_adb_t *, dns_adbname_t *);
static inline void link_entry(dns_adb_t *, int, dns_adbentry_t *);
static inline isc_boolean_t unlink_entry(dns_adb_t *, dns_adbentry_t *);
static isc_boolean_t kill_name(dns_adbname_t **, isc_eventtype_t);
static void water(void *, int);
static void dump_entry(FILE *, dns_adbentry_t *, isc_boolean_t, isc_stdtime_t);
/*
* MUST NOT overlap DNS_ADBFIND_* flags!
*/
#define FIND_EVENT_SENT 0x40000000
#define FIND_EVENT_FREED 0x80000000
#define FIND_EVENTSENT(h) (((h)->flags & FIND_EVENT_SENT) != 0)
#define FIND_EVENTFREED(h) (((h)->flags & FIND_EVENT_FREED) != 0)
#define NAME_NEEDS_POKE 0x80000000
#define NAME_IS_DEAD 0x40000000
#define NAME_HINT_OK DNS_ADBFIND_HINTOK
#define NAME_GLUE_OK DNS_ADBFIND_GLUEOK
#define NAME_STARTATZONE DNS_ADBFIND_STARTATZONE
#define NAME_DEAD(n) (((n)->flags & NAME_IS_DEAD) != 0)
#define NAME_NEEDSPOKE(n) (((n)->flags & NAME_NEEDS_POKE) != 0)
#define NAME_GLUEOK(n) (((n)->flags & NAME_GLUE_OK) != 0)
#define NAME_HINTOK(n) (((n)->flags & NAME_HINT_OK) != 0)
/*
* Private flag(s) for entries.
* MUST NOT overlap FCTX_ADDRINFO_xxx and DNS_FETCHOPT_NOEDNS0.
*/
#define ENTRY_IS_DEAD 0x80000000
/*
* To the name, address classes are all that really exist. If it has a
* V6 address it doesn't care if it came from a AAAA query.
*/
#define NAME_HAS_V4(n) (!ISC_LIST_EMPTY((n)->v4))
#define NAME_HAS_V6(n) (!ISC_LIST_EMPTY((n)->v6))
#define NAME_HAS_ADDRS(n) (NAME_HAS_V4(n) || NAME_HAS_V6(n))
/*
* Fetches are broken out into A and AAAA types. In some cases,
* however, it makes more sense to test for a particular class of fetches,
* like V4 or V6 above.
* Note: since we have removed the support of A6 in adb, FETCH_A and FETCH_AAAA
* are now equal to FETCH_V4 and FETCH_V6, respectively.
*/
#define NAME_FETCH_A(n) ((n)->fetch_a != NULL)
#define NAME_FETCH_AAAA(n) ((n)->fetch_aaaa != NULL)
#define NAME_FETCH_V4(n) (NAME_FETCH_A(n))
#define NAME_FETCH_V6(n) (NAME_FETCH_AAAA(n))
#define NAME_FETCH(n) (NAME_FETCH_V4(n) || NAME_FETCH_V6(n))
/*
* Find options and tests to see if there are addresses on the list.
*/
#define FIND_WANTEVENT(fn) (((fn)->options & DNS_ADBFIND_WANTEVENT) != 0)
#define FIND_WANTEMPTYEVENT(fn) (((fn)->options & DNS_ADBFIND_EMPTYEVENT) != 0)
#define FIND_AVOIDFETCHES(fn) (((fn)->options & DNS_ADBFIND_AVOIDFETCHES) \
!= 0)
#define FIND_STARTATZONE(fn) (((fn)->options & DNS_ADBFIND_STARTATZONE) \
!= 0)
#define FIND_HINTOK(fn) (((fn)->options & DNS_ADBFIND_HINTOK) != 0)
#define FIND_GLUEOK(fn) (((fn)->options & DNS_ADBFIND_GLUEOK) != 0)
#define FIND_HAS_ADDRS(fn) (!ISC_LIST_EMPTY((fn)->list))
#define FIND_RETURNLAME(fn) (((fn)->options & DNS_ADBFIND_RETURNLAME) != 0)
/*
* These are currently used on simple unsigned ints, so they are
* not really associated with any particular type.
*/
#define WANT_INET(x) (((x) & DNS_ADBFIND_INET) != 0)
#define WANT_INET6(x) (((x) & DNS_ADBFIND_INET6) != 0)
#define EXPIRE_OK(exp, now) ((exp == INT_MAX) || (exp < now))
/*
* Find out if the flags on a name (nf) indicate if it is a hint or
* glue, and compare this to the appropriate bits set in o, to see if
* this is ok.
*/
#define GLUE_OK(nf, o) (!NAME_GLUEOK(nf) || (((o) & DNS_ADBFIND_GLUEOK) != 0))
#define HINT_OK(nf, o) (!NAME_HINTOK(nf) || (((o) & DNS_ADBFIND_HINTOK) != 0))
#define GLUEHINT_OK(nf, o) (GLUE_OK(nf, o) || HINT_OK(nf, o))
#define STARTATZONE_MATCHES(nf, o) (((nf)->flags & NAME_STARTATZONE) == \
((o) & DNS_ADBFIND_STARTATZONE))
#define ENTER_LEVEL ISC_LOG_DEBUG(50)
#define EXIT_LEVEL ENTER_LEVEL
#define CLEAN_LEVEL ISC_LOG_DEBUG(100)
#define DEF_LEVEL ISC_LOG_DEBUG(5)
#define NCACHE_LEVEL ISC_LOG_DEBUG(20)
#define NCACHE_RESULT(r) ((r) == DNS_R_NCACHENXDOMAIN || \
(r) == DNS_R_NCACHENXRRSET)
#define AUTH_NX(r) ((r) == DNS_R_NXDOMAIN || \
(r) == DNS_R_NXRRSET)
#define NXDOMAIN_RESULT(r) ((r) == DNS_R_NXDOMAIN || \
(r) == DNS_R_NCACHENXDOMAIN)
#define NXRRSET_RESULT(r) ((r) == DNS_R_NCACHENXRRSET || \
(r) == DNS_R_NXRRSET || \
(r) == DNS_R_HINTNXRRSET)
/*
* Error state rankings.
*/
#define FIND_ERR_SUCCESS 0 /* highest rank */
#define FIND_ERR_CANCELED 1
#define FIND_ERR_FAILURE 2
#define FIND_ERR_NXDOMAIN 3
#define FIND_ERR_NXRRSET 4
#define FIND_ERR_UNEXPECTED 5
#define FIND_ERR_NOTFOUND 6
#define FIND_ERR_MAX 7
static const char *errnames[] = {
"success",
"canceled",
"failure",
"nxdomain",
"nxrrset",
"unexpected",
"not_found"
};
#define NEWERR(old, new) (ISC_MIN((old), (new)))
static isc_result_t find_err_map[FIND_ERR_MAX] = {
ISC_R_SUCCESS,
ISC_R_CANCELED,
ISC_R_FAILURE,
DNS_R_NXDOMAIN,
DNS_R_NXRRSET,
ISC_R_UNEXPECTED,
ISC_R_NOTFOUND /* not YET found */
};
static void
DP(int level, const char *format, ...) ISC_FORMAT_PRINTF(2, 3);
static void
DP(int level, const char *format, ...) {
va_list args;
va_start(args, format);
isc_log_vwrite(dns_lctx,
DNS_LOGCATEGORY_DATABASE, DNS_LOGMODULE_ADB,
level, format, args);
va_end(args);
}
/*%
* Increment resolver-related statistics counters.
*/
static inline void
inc_stats(dns_adb_t *adb, isc_statscounter_t counter) {
if (adb->view->resstats != NULL)
isc_stats_increment(adb->view->resstats, counter);
}
static inline dns_ttl_t
ttlclamp(dns_ttl_t ttl) {
if (ttl < ADB_CACHE_MINIMUM)
ttl = ADB_CACHE_MINIMUM;
if (ttl > ADB_CACHE_MAXIMUM)
ttl = ADB_CACHE_MAXIMUM;
return (ttl);
}
/*
* Requires the adbname bucket be locked and that no entry buckets be locked.
*
* This code handles A and AAAA rdatasets only.
*/
static isc_result_t
import_rdataset(dns_adbname_t *adbname, dns_rdataset_t *rdataset,
isc_stdtime_t now)
{
isc_result_t result;
dns_adb_t *adb;
dns_adbnamehook_t *nh;
dns_adbnamehook_t *anh;
dns_rdata_t rdata = DNS_RDATA_INIT;
struct in_addr ina;
struct in6_addr in6a;
isc_sockaddr_t sockaddr;
dns_adbentry_t *foundentry; /* NO CLEAN UP! */
int addr_bucket;
isc_boolean_t new_addresses_added;
dns_rdatatype_t rdtype;
unsigned int findoptions;
dns_adbnamehooklist_t *hookhead;
INSIST(DNS_ADBNAME_VALID(adbname));
adb = adbname->adb;
INSIST(DNS_ADB_VALID(adb));
rdtype = rdataset->type;
INSIST((rdtype == dns_rdatatype_a) || (rdtype == dns_rdatatype_aaaa));
if (rdtype == dns_rdatatype_a)
findoptions = DNS_ADBFIND_INET;
else
findoptions = DNS_ADBFIND_INET6;
addr_bucket = DNS_ADB_INVALIDBUCKET;
new_addresses_added = ISC_FALSE;
nh = NULL;
result = dns_rdataset_first(rdataset);
while (result == ISC_R_SUCCESS) {
dns_rdata_reset(&rdata);
dns_rdataset_current(rdataset, &rdata);
if (rdtype == dns_rdatatype_a) {
INSIST(rdata.length == 4);
memcpy(&ina.s_addr, rdata.data, 4);
isc_sockaddr_fromin(&sockaddr, &ina, 0);
hookhead = &adbname->v4;
} else {
INSIST(rdata.length == 16);
memcpy(in6a.s6_addr, rdata.data, 16);
isc_sockaddr_fromin6(&sockaddr, &in6a, 0);
hookhead = &adbname->v6;
}
INSIST(nh == NULL);
nh = new_adbnamehook(adb, NULL);
if (nh == NULL) {
adbname->partial_result |= findoptions;
result = ISC_R_NOMEMORY;
goto fail;
}
foundentry = find_entry_and_lock(adb, &sockaddr, &addr_bucket,
now);
if (foundentry == NULL) {
dns_adbentry_t *entry;
entry = new_adbentry(adb);
if (entry == NULL) {
adbname->partial_result |= findoptions;
result = ISC_R_NOMEMORY;
goto fail;
}
entry->sockaddr = sockaddr;
entry->refcnt = 1;
nh->entry = entry;
link_entry(adb, addr_bucket, entry);
} else {
for (anh = ISC_LIST_HEAD(*hookhead);
anh != NULL;
anh = ISC_LIST_NEXT(anh, plink))
if (anh->entry == foundentry)
break;
if (anh == NULL) {
foundentry->refcnt++;
nh->entry = foundentry;
} else
free_adbnamehook(adb, &nh);
}
new_addresses_added = ISC_TRUE;
if (nh != NULL)
ISC_LIST_APPEND(*hookhead, nh, plink);
nh = NULL;
result = dns_rdataset_next(rdataset);
}
fail:
if (nh != NULL)
free_adbnamehook(adb, &nh);
if (addr_bucket != DNS_ADB_INVALIDBUCKET)
UNLOCK(&adb->entrylocks[addr_bucket]);
if (rdataset->trust == dns_trust_glue ||
rdataset->trust == dns_trust_additional)
rdataset->ttl = ADB_CACHE_MINIMUM;
else
rdataset->ttl = ttlclamp(rdataset->ttl);
if (rdtype == dns_rdatatype_a) {
DP(NCACHE_LEVEL, "expire_v4 set to MIN(%u,%u) import_rdataset",
adbname->expire_v4, now + rdataset->ttl);
adbname->expire_v4 = ISC_MIN(adbname->expire_v4,
now + rdataset->ttl);
} else {
DP(NCACHE_LEVEL, "expire_v6 set to MIN(%u,%u) import_rdataset",
adbname->expire_v6, now + rdataset->ttl);
adbname->expire_v6 = ISC_MIN(adbname->expire_v6,
now + rdataset->ttl);
}
if (new_addresses_added) {
/*
* Lie a little here. This is more or less so code that cares
* can find out if any new information was added or not.
*/
return (ISC_R_SUCCESS);
}
return (result);
}
/*
* Requires the name's bucket be locked.
*/
static isc_boolean_t
kill_name(dns_adbname_t **n, isc_eventtype_t ev) {
dns_adbname_t *name;
isc_boolean_t result = ISC_FALSE;
isc_boolean_t result4, result6;
int bucket;
dns_adb_t *adb;
INSIST(n != NULL);
name = *n;
*n = NULL;
INSIST(DNS_ADBNAME_VALID(name));
adb = name->adb;
INSIST(DNS_ADB_VALID(adb));
DP(DEF_LEVEL, "killing name %p", name);
/*
* If we're dead already, just check to see if we should go
* away now or not.
*/
if (NAME_DEAD(name) && !NAME_FETCH(name)) {
result = unlink_name(adb, name);
free_adbname(adb, &name);
if (result)
result = dec_adb_irefcnt(adb);
return (result);
}
/*
* Clean up the name's various lists. These two are destructive
* in that they will always empty the list.
*/
clean_finds_at_name(name, ev, DNS_ADBFIND_ADDRESSMASK);
result4 = clean_namehooks(adb, &name->v4);
result6 = clean_namehooks(adb, &name->v6);
clean_target(adb, &name->target);
result = ISC_TF(result4 || result6);
/*
* If fetches are running, cancel them. If none are running, we can
* just kill the name here.
*/
if (!NAME_FETCH(name)) {
INSIST(result == ISC_FALSE);
result = unlink_name(adb, name);
free_adbname(adb, &name);
if (result)
result = dec_adb_irefcnt(adb);
} else {
cancel_fetches_at_name(name);
if (!NAME_DEAD(name)) {
bucket = name->lock_bucket;
ISC_LIST_UNLINK(adb->names[bucket], name, plink);
ISC_LIST_APPEND(adb->deadnames[bucket], name, plink);
name->flags |= NAME_IS_DEAD;
}
}
return (result);
}
/*
* Requires the name's bucket be locked and no entry buckets be locked.
*/
static isc_boolean_t
check_expire_namehooks(dns_adbname_t *name, isc_stdtime_t now) {
dns_adb_t *adb;
isc_boolean_t result4 = ISC_FALSE;
isc_boolean_t result6 = ISC_FALSE;
INSIST(DNS_ADBNAME_VALID(name));
adb = name->adb;
INSIST(DNS_ADB_VALID(adb));
/*
* Check to see if we need to remove the v4 addresses
*/
if (!NAME_FETCH_V4(name) && EXPIRE_OK(name->expire_v4, now)) {
if (NAME_HAS_V4(name)) {
DP(DEF_LEVEL, "expiring v4 for name %p", name);
result4 = clean_namehooks(adb, &name->v4);
name->partial_result &= ~DNS_ADBFIND_INET;
}
name->expire_v4 = INT_MAX;
name->fetch_err = FIND_ERR_UNEXPECTED;
}
/*
* Check to see if we need to remove the v6 addresses
*/
if (!NAME_FETCH_V6(name) && EXPIRE_OK(name->expire_v6, now)) {
if (NAME_HAS_V6(name)) {
DP(DEF_LEVEL, "expiring v6 for name %p", name);
result6 = clean_namehooks(adb, &name->v6);
name->partial_result &= ~DNS_ADBFIND_INET6;
}
name->expire_v6 = INT_MAX;
name->fetch6_err = FIND_ERR_UNEXPECTED;
}
/*
* Check to see if we need to remove the alias target.
*/
if (EXPIRE_OK(name->expire_target, now)) {
clean_target(adb, &name->target);
name->expire_target = INT_MAX;
}
return (ISC_TF(result4 || result6));
}
/*
* Requires the name's bucket be locked.
*/
static inline void
link_name(dns_adb_t *adb, int bucket, dns_adbname_t *name) {
INSIST(name->lock_bucket == DNS_ADB_INVALIDBUCKET);
ISC_LIST_PREPEND(adb->names[bucket], name, plink);
name->lock_bucket = bucket;
adb->name_refcnt[bucket]++;
}
/*
* Requires the name's bucket be locked.
*/
static inline isc_boolean_t
unlink_name(dns_adb_t *adb, dns_adbname_t *name) {
int bucket;
isc_boolean_t result = ISC_FALSE;
bucket = name->lock_bucket;
INSIST(bucket != DNS_ADB_INVALIDBUCKET);
if (NAME_DEAD(name))
ISC_LIST_UNLINK(adb->deadnames[bucket], name, plink);
else
ISC_LIST_UNLINK(adb->names[bucket], name, plink);
name->lock_bucket = DNS_ADB_INVALIDBUCKET;
INSIST(adb->name_refcnt[bucket] > 0);
adb->name_refcnt[bucket]--;
if (adb->name_sd[bucket] && adb->name_refcnt[bucket] == 0)
result = ISC_TRUE;
return (result);
}
/*
* Requires the entry's bucket be locked.
*/
static inline void
link_entry(dns_adb_t *adb, int bucket, dns_adbentry_t *entry) {
int i;
dns_adbentry_t *e;
if (isc_mem_isovermem(adb->mctx)) {
for (i = 0; i < 2; i++) {
e = ISC_LIST_TAIL(adb->entries[bucket]);
if (e == NULL)
break;
if (e->refcnt == 0) {
unlink_entry(adb, e);
free_adbentry(adb, &e);
continue;
}
INSIST((e->flags & ENTRY_IS_DEAD) == 0);
e->flags |= ENTRY_IS_DEAD;
ISC_LIST_UNLINK(adb->entries[bucket], e, plink);
ISC_LIST_PREPEND(adb->deadentries[bucket], e, plink);
}
}
ISC_LIST_PREPEND(adb->entries[bucket], entry, plink);
entry->lock_bucket = bucket;
adb->entry_refcnt[bucket]++;
}
/*
* Requires the entry's bucket be locked.
*/
static inline isc_boolean_t
unlink_entry(dns_adb_t *adb, dns_adbentry_t *entry) {
int bucket;
isc_boolean_t result = ISC_FALSE;
bucket = entry->lock_bucket;
INSIST(bucket != DNS_ADB_INVALIDBUCKET);
if ((entry->flags & ENTRY_IS_DEAD) != 0)
ISC_LIST_UNLINK(adb->deadentries[bucket], entry, plink);
else
ISC_LIST_UNLINK(adb->entries[bucket], entry, plink);
entry->lock_bucket = DNS_ADB_INVALIDBUCKET;
INSIST(adb->entry_refcnt[bucket] > 0);
adb->entry_refcnt[bucket]--;
if (adb->entry_sd[bucket] && adb->entry_refcnt[bucket] == 0)
result = ISC_TRUE;
return (result);
}
static inline void
violate_locking_hierarchy(isc_mutex_t *have, isc_mutex_t *want) {
if (isc_mutex_trylock(want) != ISC_R_SUCCESS) {
UNLOCK(have);
LOCK(want);
LOCK(have);
}
}
/*
* The ADB _MUST_ be locked before calling. Also, exit conditions must be
* checked after calling this function.
*/
static isc_boolean_t
shutdown_names(dns_adb_t *adb) {
int bucket;
isc_boolean_t result = ISC_FALSE;
dns_adbname_t *name;
dns_adbname_t *next_name;
for (bucket = 0; bucket < NBUCKETS; bucket++) {
LOCK(&adb->namelocks[bucket]);
adb->name_sd[bucket] = ISC_TRUE;
name = ISC_LIST_HEAD(adb->names[bucket]);
if (name == NULL) {
/*
* This bucket has no names. We must decrement the
* irefcnt ourselves, since it will not be
* automatically triggered by a name being unlinked.
*/
INSIST(result == ISC_FALSE);
result = dec_adb_irefcnt(adb);
} else {
/*
* Run through the list. For each name, clean up finds
* found there, and cancel any fetches running. When
* all the fetches are canceled, the name will destroy
* itself.
*/
while (name != NULL) {
next_name = ISC_LIST_NEXT(name, plink);
INSIST(result == ISC_FALSE);
result = kill_name(&name,
DNS_EVENT_ADBSHUTDOWN);
name = next_name;
}
}
UNLOCK(&adb->namelocks[bucket]);
}
return (result);
}
/*
* The ADB _MUST_ be locked before calling. Also, exit conditions must be
* checked after calling this function.
*/
static isc_boolean_t
shutdown_entries(dns_adb_t *adb) {
int bucket;
isc_boolean_t result = ISC_FALSE;
dns_adbentry_t *entry;
dns_adbentry_t *next_entry;
for (bucket = 0; bucket < NBUCKETS; bucket++) {
LOCK(&adb->entrylocks[bucket]);
adb->entry_sd[bucket] = ISC_TRUE;
entry = ISC_LIST_HEAD(adb->entries[bucket]);
if (adb->entry_refcnt[bucket] == 0) {
/*
* This bucket has no entries. We must decrement the
* irefcnt ourselves, since it will not be
* automatically triggered by an entry being unlinked.
*/
result = dec_adb_irefcnt(adb);
} else {
/*
* Run through the list. Cleanup any entries not
* associated with names, and which are not in use.
*/
while (entry != NULL) {
next_entry = ISC_LIST_NEXT(entry, plink);
if (entry->refcnt == 0 &&
entry->expires != 0) {
result = unlink_entry(adb, entry);
free_adbentry(adb, &entry);
if (result)
result = dec_adb_irefcnt(adb);
}
entry = next_entry;
}
}
UNLOCK(&adb->entrylocks[bucket]);
}
return (result);
}
/*
* Name bucket must be locked
*/
static void
cancel_fetches_at_name(dns_adbname_t *name) {
if (NAME_FETCH_A(name))
dns_resolver_cancelfetch(name->fetch_a->fetch);
if (NAME_FETCH_AAAA(name))
dns_resolver_cancelfetch(name->fetch_aaaa->fetch);
}
/*
* Assumes the name bucket is locked.
*/
static isc_boolean_t
clean_namehooks(dns_adb_t *adb, dns_adbnamehooklist_t *namehooks) {
dns_adbentry_t *entry;
dns_adbnamehook_t *namehook;
int addr_bucket;
isc_boolean_t result = ISC_FALSE;
isc_boolean_t overmem = isc_mem_isovermem(adb->mctx);
addr_bucket = DNS_ADB_INVALIDBUCKET;
namehook = ISC_LIST_HEAD(*namehooks);
while (namehook != NULL) {
INSIST(DNS_ADBNAMEHOOK_VALID(namehook));
/*
* Clean up the entry if needed.
*/
entry = namehook->entry;
if (entry != NULL) {
INSIST(DNS_ADBENTRY_VALID(entry));
if (addr_bucket != entry->lock_bucket) {
if (addr_bucket != DNS_ADB_INVALIDBUCKET)
UNLOCK(&adb->entrylocks[addr_bucket]);
addr_bucket = entry->lock_bucket;
LOCK(&adb->entrylocks[addr_bucket]);
}
result = dec_entry_refcnt(adb, overmem, entry,
ISC_FALSE);
}
/*
* Free the namehook
*/
namehook->entry = NULL;
ISC_LIST_UNLINK(*namehooks, namehook, plink);
free_adbnamehook(adb, &namehook);
namehook = ISC_LIST_HEAD(*namehooks);
}
if (addr_bucket != DNS_ADB_INVALIDBUCKET)
UNLOCK(&adb->entrylocks[addr_bucket]);
return (result);
}
static void
clean_target(dns_adb_t *adb, dns_name_t *target) {
if (dns_name_countlabels(target) > 0) {
dns_name_free(target, adb->mctx);
dns_name_init(target, NULL);
}
}
static isc_result_t
set_target(dns_adb_t *adb, dns_name_t *name, dns_name_t *fname,
dns_rdataset_t *rdataset, dns_name_t *target)
{
isc_result_t result;
dns_namereln_t namereln;
unsigned int nlabels;
int order;
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_fixedname_t fixed1, fixed2;
dns_name_t *prefix, *new_target;
REQUIRE(dns_name_countlabels(target) == 0);
if (rdataset->type == dns_rdatatype_cname) {
dns_rdata_cname_t cname;
/*
* Copy the CNAME's target into the target name.
*/
result = dns_rdataset_first(rdataset);
if (result != ISC_R_SUCCESS)
return (result);
dns_rdataset_current(rdataset, &rdata);
result = dns_rdata_tostruct(&rdata, &cname, NULL);
if (result != ISC_R_SUCCESS)
return (result);
result = dns_name_dup(&cname.cname, adb->mctx, target);
dns_rdata_freestruct(&cname);
if (result != ISC_R_SUCCESS)
return (result);
} else {
dns_rdata_dname_t dname;
INSIST(rdataset->type == dns_rdatatype_dname);
namereln = dns_name_fullcompare(name, fname, &order, &nlabels);
INSIST(namereln == dns_namereln_subdomain);
/*
* Get the target name of the DNAME.
*/
result = dns_rdataset_first(rdataset);
if (result != ISC_R_SUCCESS)
return (result);
dns_rdataset_current(rdataset, &rdata);
result = dns_rdata_tostruct(&rdata, &dname, NULL);
if (result != ISC_R_SUCCESS)
return (result);
/*
* Construct the new target name.
*/
dns_fixedname_init(&fixed1);
prefix = dns_fixedname_name(&fixed1);
dns_fixedname_init(&fixed2);
new_target = dns_fixedname_name(&fixed2);
dns_name_split(name, nlabels, prefix, NULL);
result = dns_name_concatenate(prefix, &dname.dname, new_target,
NULL);
dns_rdata_freestruct(&dname);
if (result != ISC_R_SUCCESS)
return (result);
result = dns_name_dup(new_target, adb->mctx, target);
if (result != ISC_R_SUCCESS)
return (result);
}
return (ISC_R_SUCCESS);
}
/*
* Assumes nothing is locked, since this is called by the client.
*/
static void
event_free(isc_event_t *event) {
dns_adbfind_t *find;
INSIST(event != NULL);
find = event->ev_destroy_arg;
INSIST(DNS_ADBFIND_VALID(find));
LOCK(&find->lock);
find->flags |= FIND_EVENT_FREED;
event->ev_destroy_arg = NULL;
UNLOCK(&find->lock);
}
/*
* Assumes the name bucket is locked.
*/
static void
clean_finds_at_name(dns_adbname_t *name, isc_eventtype_t evtype,
unsigned int addrs)
{
isc_event_t *ev;
isc_task_t *task;
dns_adbfind_t *find;
dns_adbfind_t *next_find;
isc_boolean_t process;
unsigned int wanted, notify;
DP(ENTER_LEVEL,
"ENTER clean_finds_at_name, name %p, evtype %08x, addrs %08x",
name, evtype, addrs);
find = ISC_LIST_HEAD(name->finds);
while (find != NULL) {
LOCK(&find->lock);
next_find = ISC_LIST_NEXT(find, plink);
process = ISC_FALSE;
wanted = find->flags & DNS_ADBFIND_ADDRESSMASK;
notify = wanted & addrs;
switch (evtype) {
case DNS_EVENT_ADBMOREADDRESSES:
DP(ISC_LOG_DEBUG(3), "DNS_EVENT_ADBMOREADDRESSES");
if ((notify) != 0) {
find->flags &= ~addrs;
process = ISC_TRUE;
}
break;
case DNS_EVENT_ADBNOMOREADDRESSES:
DP(ISC_LOG_DEBUG(3), "DNS_EVENT_ADBNOMOREADDRESSES");
find->flags &= ~addrs;
wanted = find->flags & DNS_ADBFIND_ADDRESSMASK;
if (wanted == 0)
process = ISC_TRUE;
break;
default:
find->flags &= ~addrs;
process = ISC_TRUE;
}
if (process) {
DP(DEF_LEVEL, "cfan: processing find %p", find);
/*
* Unlink the find from the name, letting the caller
* call dns_adb_destroyfind() on it to clean it up
* later.
*/
ISC_LIST_UNLINK(name->finds, find, plink);
find->adbname = NULL;
find->name_bucket = DNS_ADB_INVALIDBUCKET;
INSIST(!FIND_EVENTSENT(find));
ev = &find->event;
task = ev->ev_sender;
ev->ev_sender = find;
find->result_v4 = find_err_map[name->fetch_err];
find->result_v6 = find_err_map[name->fetch6_err];
ev->ev_type = evtype;
ev->ev_destroy = event_free;
ev->ev_destroy_arg = find;
DP(DEF_LEVEL,
"sending event %p to task %p for find %p",
ev, task, find);
isc_task_sendanddetach(&task, (isc_event_t **)&ev);
} else {
DP(DEF_LEVEL, "cfan: skipping find %p", find);
}
UNLOCK(&find->lock);
find = next_find;
}
DP(ENTER_LEVEL, "EXIT clean_finds_at_name, name %p", name);
}
static inline void
check_exit(dns_adb_t *adb) {
isc_event_t *event;
/*
* The caller must be holding the adb lock.
*/
if (adb->shutting_down) {
/*
* If there aren't any external references either, we're
* done. Send the control event to initiate shutdown.
*/
INSIST(!adb->cevent_sent); /* Sanity check. */
event = &adb->cevent;
isc_task_send(adb->task, &event);
adb->cevent_sent = ISC_TRUE;
}
}
static inline isc_boolean_t
dec_adb_irefcnt(dns_adb_t *adb) {
isc_event_t *event;
isc_task_t *etask;
isc_boolean_t result = ISC_FALSE;
LOCK(&adb->reflock);
INSIST(adb->irefcnt > 0);
adb->irefcnt--;
if (adb->irefcnt == 0) {
event = ISC_LIST_HEAD(adb->whenshutdown);
while (event != NULL) {
ISC_LIST_UNLINK(adb->whenshutdown, event, ev_link);
etask = event->ev_sender;
event->ev_sender = adb;
isc_task_sendanddetach(&etask, &event);
event = ISC_LIST_HEAD(adb->whenshutdown);
}
}
if (adb->irefcnt == 0 && adb->erefcnt == 0)
result = ISC_TRUE;
UNLOCK(&adb->reflock);
return (result);
}
static inline void
inc_adb_irefcnt(dns_adb_t *adb) {
LOCK(&adb->reflock);
adb->irefcnt++;
UNLOCK(&adb->reflock);
}
static inline void
inc_adb_erefcnt(dns_adb_t *adb) {
LOCK(&adb->reflock);
adb->erefcnt++;
UNLOCK(&adb->reflock);
}
static inline void
inc_entry_refcnt(dns_adb_t *adb, dns_adbentry_t *entry, isc_boolean_t lock) {
int bucket;
bucket = entry->lock_bucket;
if (lock)
LOCK(&adb->entrylocks[bucket]);
entry->refcnt++;
if (lock)
UNLOCK(&adb->entrylocks[bucket]);
}
static inline isc_boolean_t
dec_entry_refcnt(dns_adb_t *adb, isc_boolean_t overmem, dns_adbentry_t *entry,
isc_boolean_t lock)
{
int bucket;
isc_boolean_t destroy_entry;
isc_boolean_t result = ISC_FALSE;
bucket = entry->lock_bucket;
if (lock)
LOCK(&adb->entrylocks[bucket]);
INSIST(entry->refcnt > 0);
entry->refcnt--;
destroy_entry = ISC_FALSE;
if (entry->refcnt == 0 &&
(adb->entry_sd[bucket] || entry->expires == 0 || overmem ||
(entry->flags & ENTRY_IS_DEAD) != 0)) {
destroy_entry = ISC_TRUE;
result = unlink_entry(adb, entry);
}
if (lock)
UNLOCK(&adb->entrylocks[bucket]);
if (!destroy_entry)
return (result);
entry->lock_bucket = DNS_ADB_INVALIDBUCKET;
free_adbentry(adb, &entry);
if (result)
result = dec_adb_irefcnt(adb);
return (result);
}
static inline dns_adbname_t *
new_adbname(dns_adb_t *adb, dns_name_t *dnsname) {
dns_adbname_t *name;
name = isc_mempool_get(adb->nmp);
if (name == NULL)
return (NULL);
dns_name_init(&name->name, NULL);
if (dns_name_dup(dnsname, adb->mctx, &name->name) != ISC_R_SUCCESS) {
isc_mempool_put(adb->nmp, name);
return (NULL);
}
dns_name_init(&name->target, NULL);
name->magic = DNS_ADBNAME_MAGIC;
name->adb = adb;
name->partial_result = 0;
name->flags = 0;
name->expire_v4 = INT_MAX;
name->expire_v6 = INT_MAX;
name->expire_target = INT_MAX;
name->chains = 0;
name->lock_bucket = DNS_ADB_INVALIDBUCKET;
ISC_LIST_INIT(name->v4);
ISC_LIST_INIT(name->v6);
name->fetch_a = NULL;
name->fetch_aaaa = NULL;
name->fetch_err = FIND_ERR_UNEXPECTED;
name->fetch6_err = FIND_ERR_UNEXPECTED;
ISC_LIST_INIT(name->finds);
ISC_LINK_INIT(name, plink);
return (name);
}
static inline void
free_adbname(dns_adb_t *adb, dns_adbname_t **name) {
dns_adbname_t *n;
INSIST(name != NULL && DNS_ADBNAME_VALID(*name));
n = *name;
*name = NULL;
INSIST(!NAME_HAS_V4(n));
INSIST(!NAME_HAS_V6(n));
INSIST(!NAME_FETCH(n));
INSIST(ISC_LIST_EMPTY(n->finds));
INSIST(!ISC_LINK_LINKED(n, plink));
INSIST(n->lock_bucket == DNS_ADB_INVALIDBUCKET);
INSIST(n->adb == adb);
n->magic = 0;
dns_name_free(&n->name, adb->mctx);
isc_mempool_put(adb->nmp, n);
}
static inline dns_adbnamehook_t *
new_adbnamehook(dns_adb_t *adb, dns_adbentry_t *entry) {
dns_adbnamehook_t *nh;
nh = isc_mempool_get(adb->nhmp);
if (nh == NULL)
return (NULL);
nh->magic = DNS_ADBNAMEHOOK_MAGIC;
nh->entry = entry;
ISC_LINK_INIT(nh, plink);
return (nh);
}
static inline void
free_adbnamehook(dns_adb_t *adb, dns_adbnamehook_t **namehook) {
dns_adbnamehook_t *nh;
INSIST(namehook != NULL && DNS_ADBNAMEHOOK_VALID(*namehook));
nh = *namehook;
*namehook = NULL;
INSIST(nh->entry == NULL);
INSIST(!ISC_LINK_LINKED(nh, plink));
nh->magic = 0;
isc_mempool_put(adb->nhmp, nh);
}
static inline dns_adblameinfo_t *
new_adblameinfo(dns_adb_t *adb, dns_name_t *qname, dns_rdatatype_t qtype) {
dns_adblameinfo_t *li;
li = isc_mempool_get(adb->limp);
if (li == NULL)
return (NULL);
dns_name_init(&li->qname, NULL);
if (dns_name_dup(qname, adb->mctx, &li->qname) != ISC_R_SUCCESS) {
isc_mempool_put(adb->limp, li);
return (NULL);
}
li->magic = DNS_ADBLAMEINFO_MAGIC;
li->lame_timer = 0;
li->qtype = qtype;
ISC_LINK_INIT(li, plink);
return (li);
}
static inline void
free_adblameinfo(dns_adb_t *adb, dns_adblameinfo_t **lameinfo) {
dns_adblameinfo_t *li;
INSIST(lameinfo != NULL && DNS_ADBLAMEINFO_VALID(*lameinfo));
li = *lameinfo;
*lameinfo = NULL;
INSIST(!ISC_LINK_LINKED(li, plink));
dns_name_free(&li->qname, adb->mctx);
li->magic = 0;
isc_mempool_put(adb->limp, li);
}
static inline dns_adbentry_t *
new_adbentry(dns_adb_t *adb) {
dns_adbentry_t *e;
isc_uint32_t r;
e = isc_mempool_get(adb->emp);
if (e == NULL)
return (NULL);
e->magic = DNS_ADBENTRY_MAGIC;
e->lock_bucket = DNS_ADB_INVALIDBUCKET;
e->refcnt = 0;
e->flags = 0;
isc_random_get(&r);
e->srtt = (r & 0x1f) + 1;
e->expires = 0;
ISC_LIST_INIT(e->lameinfo);
ISC_LINK_INIT(e, plink);
return (e);
}
static inline void
free_adbentry(dns_adb_t *adb, dns_adbentry_t **entry) {
dns_adbentry_t *e;
dns_adblameinfo_t *li;
INSIST(entry != NULL && DNS_ADBENTRY_VALID(*entry));
e = *entry;
*entry = NULL;
INSIST(e->lock_bucket == DNS_ADB_INVALIDBUCKET);
INSIST(e->refcnt == 0);
INSIST(!ISC_LINK_LINKED(e, plink));
e->magic = 0;
li = ISC_LIST_HEAD(e->lameinfo);
while (li != NULL) {
ISC_LIST_UNLINK(e->lameinfo, li, plink);
free_adblameinfo(adb, &li);
li = ISC_LIST_HEAD(e->lameinfo);
}
isc_mempool_put(adb->emp, e);
}
static inline dns_adbfind_t *
new_adbfind(dns_adb_t *adb) {
dns_adbfind_t *h;
isc_result_t result;
h = isc_mempool_get(adb->ahmp);
if (h == NULL)
return (NULL);
/*
* Public members.
*/
h->magic = 0;
h->adb = adb;
h->partial_result = 0;
h->options = 0;
h->flags = 0;
h->result_v4 = ISC_R_UNEXPECTED;
h->result_v6 = ISC_R_UNEXPECTED;
ISC_LINK_INIT(h, publink);
ISC_LINK_INIT(h, plink);
ISC_LIST_INIT(h->list);
h->adbname = NULL;
h->name_bucket = DNS_ADB_INVALIDBUCKET;
/*
* private members
*/
result = isc_mutex_init(&h->lock);
if (result != ISC_R_SUCCESS) {
isc_mempool_put(adb->ahmp, h);
return (NULL);
}
ISC_EVENT_INIT(&h->event, sizeof(isc_event_t), 0, 0, 0, NULL, NULL,
NULL, NULL, h);
inc_adb_irefcnt(adb);
h->magic = DNS_ADBFIND_MAGIC;
return (h);
}
static inline dns_adbfetch_t *
new_adbfetch(dns_adb_t *adb) {
dns_adbfetch_t *f;
f = isc_mempool_get(adb->afmp);
if (f == NULL)
return (NULL);
f->magic = 0;
f->fetch = NULL;
dns_rdataset_init(&f->rdataset);
f->magic = DNS_ADBFETCH_MAGIC;
return (f);
}
static inline void
free_adbfetch(dns_adb_t *adb, dns_adbfetch_t **fetch) {
dns_adbfetch_t *f;
INSIST(fetch != NULL && DNS_ADBFETCH_VALID(*fetch));
f = *fetch;
*fetch = NULL;
f->magic = 0;
if (dns_rdataset_isassociated(&f->rdataset))
dns_rdataset_disassociate(&f->rdataset);
isc_mempool_put(adb->afmp, f);
}
static inline isc_boolean_t
free_adbfind(dns_adb_t *adb, dns_adbfind_t **findp) {
dns_adbfind_t *find;
INSIST(findp != NULL && DNS_ADBFIND_VALID(*findp));
find = *findp;
*findp = NULL;
INSIST(!FIND_HAS_ADDRS(find));
INSIST(!ISC_LINK_LINKED(find, publink));
INSIST(!ISC_LINK_LINKED(find, plink));
INSIST(find->name_bucket == DNS_ADB_INVALIDBUCKET);
INSIST(find->adbname == NULL);
find->magic = 0;
DESTROYLOCK(&find->lock);
isc_mempool_put(adb->ahmp, find);
return (dec_adb_irefcnt(adb));
}
/*
* Copy bits from the entry into the newly allocated addrinfo. The entry
* must be locked, and the reference count must be bumped up by one
* if this function returns a valid pointer.
*/
static inline dns_adbaddrinfo_t *
new_adbaddrinfo(dns_adb_t *adb, dns_adbentry_t *entry, in_port_t port) {
dns_adbaddrinfo_t *ai;
ai = isc_mempool_get(adb->aimp);
if (ai == NULL)
return (NULL);
ai->magic = DNS_ADBADDRINFO_MAGIC;
ai->sockaddr = entry->sockaddr;
isc_sockaddr_setport(&ai->sockaddr, port);
ai->srtt = entry->srtt;
ai->flags = entry->flags;
ai->entry = entry;
ISC_LINK_INIT(ai, publink);
return (ai);
}
static inline void
free_adbaddrinfo(dns_adb_t *adb, dns_adbaddrinfo_t **ainfo) {
dns_adbaddrinfo_t *ai;
INSIST(ainfo != NULL && DNS_ADBADDRINFO_VALID(*ainfo));
ai = *ainfo;
*ainfo = NULL;
INSIST(ai->entry == NULL);
INSIST(!ISC_LINK_LINKED(ai, publink));
ai->magic = 0;
isc_mempool_put(adb->aimp, ai);
}
/*
* Search for the name. NOTE: The bucket is kept locked on both
* success and failure, so it must always be unlocked by the caller!
*
* On the first call to this function, *bucketp must be set to
* DNS_ADB_INVALIDBUCKET.
*/
static inline dns_adbname_t *
find_name_and_lock(dns_adb_t *adb, dns_name_t *name,
unsigned int options, int *bucketp)
{
dns_adbname_t *adbname;
int bucket;
bucket = dns_name_fullhash(name, ISC_FALSE) % NBUCKETS;
if (*bucketp == DNS_ADB_INVALIDBUCKET) {
LOCK(&adb->namelocks[bucket]);
*bucketp = bucket;
} else if (*bucketp != bucket) {
UNLOCK(&adb->namelocks[*bucketp]);
LOCK(&adb->namelocks[bucket]);
*bucketp = bucket;
}
adbname = ISC_LIST_HEAD(adb->names[bucket]);
while (adbname != NULL) {
if (!NAME_DEAD(adbname)) {
if (dns_name_equal(name, &adbname->name)
&& GLUEHINT_OK(adbname, options)
&& STARTATZONE_MATCHES(adbname, options))
return (adbname);
}
adbname = ISC_LIST_NEXT(adbname, plink);
}
return (NULL);
}
/*
* Search for the address. NOTE: The bucket is kept locked on both
* success and failure, so it must always be unlocked by the caller.
*
* On the first call to this function, *bucketp must be set to
* DNS_ADB_INVALIDBUCKET. This will cause a lock to occur. On
* later calls (within the same "lock path") it can be left alone, so
* if this function is called multiple times locking is only done if
* the bucket changes.
*/
static inline dns_adbentry_t *
find_entry_and_lock(dns_adb_t *adb, isc_sockaddr_t *addr, int *bucketp,
isc_stdtime_t now)
{
dns_adbentry_t *entry, *entry_next;
int bucket;
bucket = isc_sockaddr_hash(addr, ISC_TRUE) % NBUCKETS;
if (*bucketp == DNS_ADB_INVALIDBUCKET) {
LOCK(&adb->entrylocks[bucket]);
*bucketp = bucket;
} else if (*bucketp != bucket) {
UNLOCK(&adb->entrylocks[*bucketp]);
LOCK(&adb->entrylocks[bucket]);
*bucketp = bucket;
}
/* Search the list, while cleaning up expired entries. */
for (entry = ISC_LIST_HEAD(adb->entries[bucket]);
entry != NULL;
entry = entry_next) {
entry_next = ISC_LIST_NEXT(entry, plink);
(void)check_expire_entry(adb, &entry, now);
if (entry != NULL &&
isc_sockaddr_equal(addr, &entry->sockaddr)) {
ISC_LIST_UNLINK(adb->entries[bucket], entry, plink);
ISC_LIST_PREPEND(adb->entries[bucket], entry, plink);
return (entry);
}
}
return (NULL);
}
/*
* Entry bucket MUST be locked!
*/
static isc_boolean_t
entry_is_lame(dns_adb_t *adb, dns_adbentry_t *entry, dns_name_t *qname,
dns_rdatatype_t qtype, isc_stdtime_t now)
{
dns_adblameinfo_t *li, *next_li;
isc_boolean_t is_bad;
is_bad = ISC_FALSE;
li = ISC_LIST_HEAD(entry->lameinfo);
if (li == NULL)
return (ISC_FALSE);
while (li != NULL) {
next_li = ISC_LIST_NEXT(li, plink);
/*
* Has the entry expired?
*/
if (li->lame_timer < now) {
ISC_LIST_UNLINK(entry->lameinfo, li, plink);
free_adblameinfo(adb, &li);
}
/*
* Order tests from least to most expensive.
*
* We do not break out of the main loop here as
* we use the loop for house keeping.
*/
if (li != NULL && !is_bad && li->qtype == qtype &&
dns_name_equal(qname, &li->qname))
is_bad = ISC_TRUE;
li = next_li;
}
return (is_bad);
}
static void
copy_namehook_lists(dns_adb_t *adb, dns_adbfind_t *find, dns_name_t *qname,
dns_rdatatype_t qtype, dns_adbname_t *name,
isc_stdtime_t now)
{
dns_adbnamehook_t *namehook;
dns_adbaddrinfo_t *addrinfo;
dns_adbentry_t *entry;
int bucket;
bucket = DNS_ADB_INVALIDBUCKET;
if (find->options & DNS_ADBFIND_INET) {
namehook = ISC_LIST_HEAD(name->v4);
while (namehook != NULL) {
entry = namehook->entry;
bucket = entry->lock_bucket;
LOCK(&adb->entrylocks[bucket]);
if (!FIND_RETURNLAME(find)
&& entry_is_lame(adb, entry, qname, qtype, now)) {
find->options |= DNS_ADBFIND_LAMEPRUNED;
goto nextv4;
}
addrinfo = new_adbaddrinfo(adb, entry, find->port);
if (addrinfo == NULL) {
find->partial_result |= DNS_ADBFIND_INET;
goto out;
}
/*
* Found a valid entry. Add it to the find's list.
*/
inc_entry_refcnt(adb, entry, ISC_FALSE);
ISC_LIST_APPEND(find->list, addrinfo, publink);
addrinfo = NULL;
nextv4:
UNLOCK(&adb->entrylocks[bucket]);
bucket = DNS_ADB_INVALIDBUCKET;
namehook = ISC_LIST_NEXT(namehook, plink);
}
}
if (find->options & DNS_ADBFIND_INET6) {
namehook = ISC_LIST_HEAD(name->v6);
while (namehook != NULL) {
entry = namehook->entry;
bucket = entry->lock_bucket;
LOCK(&adb->entrylocks[bucket]);
if (!FIND_RETURNLAME(find)
&& entry_is_lame(adb, entry, qname, qtype, now)) {
find->options |= DNS_ADBFIND_LAMEPRUNED;
goto nextv6;
}
addrinfo = new_adbaddrinfo(adb, entry, find->port);
if (addrinfo == NULL) {
find->partial_result |= DNS_ADBFIND_INET6;
goto out;
}
/*
* Found a valid entry. Add it to the find's list.
*/
inc_entry_refcnt(adb, entry, ISC_FALSE);
ISC_LIST_APPEND(find->list, addrinfo, publink);
addrinfo = NULL;
nextv6:
UNLOCK(&adb->entrylocks[bucket]);
bucket = DNS_ADB_INVALIDBUCKET;
namehook = ISC_LIST_NEXT(namehook, plink);
}
}
out:
if (bucket != DNS_ADB_INVALIDBUCKET)
UNLOCK(&adb->entrylocks[bucket]);
}
static void
shutdown_task(isc_task_t *task, isc_event_t *ev) {
dns_adb_t *adb;
UNUSED(task);
adb = ev->ev_arg;
INSIST(DNS_ADB_VALID(adb));
isc_event_free(&ev);
/*
* Wait for lock around check_exit() call to be released.
*/
LOCK(&adb->lock);
UNLOCK(&adb->lock);
destroy(adb);
}
/*
* Name bucket must be locked; adb may be locked; no other locks held.
*/
static isc_boolean_t
check_expire_name(dns_adbname_t **namep, isc_stdtime_t now) {
dns_adbname_t *name;
isc_boolean_t result = ISC_FALSE;
INSIST(namep != NULL && DNS_ADBNAME_VALID(*namep));
name = *namep;
if (NAME_HAS_V4(name) || NAME_HAS_V6(name))
return (result);
if (NAME_FETCH(name))
return (result);
if (!EXPIRE_OK(name->expire_v4, now))
return (result);
if (!EXPIRE_OK(name->expire_v6, now))
return (result);
if (!EXPIRE_OK(name->expire_target, now))
return (result);
/*
* The name is empty. Delete it.
*/
result = kill_name(&name, DNS_EVENT_ADBEXPIRED);
*namep = NULL;
/*
* Our caller, or one of its callers, will be calling check_exit() at
* some point, so we don't need to do it here.
*/
return (result);
}
/*%
* Examine the tail entry of the LRU list to see if it expires or is stale
* (unused for some period); if so, the name entry will be freed. If the ADB
* is in the overmem condition, the tail and the next to tail entries
* will be unconditionally removed (unless they have an outstanding fetch).
* We don't care about a race on 'overmem' at the risk of causing some
* collateral damage or a small delay in starting cleanup, so we don't bother
* to lock ADB (if it's not locked).
*
* Name bucket must be locked; adb may be locked; no other locks held.
*/
static void
check_stale_name(dns_adb_t *adb, int bucket, isc_stdtime_t now) {
int victims, max_victims;
isc_boolean_t result;
dns_adbname_t *victim, *next_victim;
isc_boolean_t overmem = isc_mem_isovermem(adb->mctx);
int scans = 0;
INSIST(bucket != DNS_ADB_INVALIDBUCKET);
max_victims = overmem ? 2 : 1;
/*
* We limit the number of scanned entries to 10 (arbitrary choice)
* in order to avoid examining too many entries when there are many
* tail entries that have fetches (this should be rare, but could
* happen).
*/
victim = ISC_LIST_TAIL(adb->names[bucket]);
for (victims = 0;
victim != NULL && victims < max_victims && scans < 10;
victim = next_victim) {
INSIST(!NAME_DEAD(victim));
scans++;
next_victim = ISC_LIST_PREV(victim, plink);
result = check_expire_name(&victim, now);
if (victim == NULL) {
victims++;
goto next;
}
if (!NAME_FETCH(victim) &&
(overmem || victim->last_used + ADB_STALE_MARGIN <= now)) {
RUNTIME_CHECK(kill_name(&victim,
DNS_EVENT_ADBCANCELED) ==
ISC_FALSE);
victims++;
}
next:
if (!overmem)
break;
}
}
/*
* Entry bucket must be locked; adb may be locked; no other locks held.
*/
static isc_boolean_t
check_expire_entry(dns_adb_t *adb, dns_adbentry_t **entryp, isc_stdtime_t now)
{
dns_adbentry_t *entry;
isc_boolean_t result = ISC_FALSE;
INSIST(entryp != NULL && DNS_ADBENTRY_VALID(*entryp));
entry = *entryp;
if (entry->refcnt != 0)
return (result);
if (entry->expires == 0 || entry->expires > now)
return (result);
/*
* The entry is not in use. Delete it.
*/
DP(DEF_LEVEL, "killing entry %p", entry);
INSIST(ISC_LINK_LINKED(entry, plink));
result = unlink_entry(adb, entry);
free_adbentry(adb, &entry);
if (result)
dec_adb_irefcnt(adb);
*entryp = NULL;
return (result);
}
/*
* ADB must be locked, and no other locks held.
*/
static isc_boolean_t
cleanup_names(dns_adb_t *adb, int bucket, isc_stdtime_t now) {
dns_adbname_t *name;
dns_adbname_t *next_name;
isc_boolean_t result = ISC_FALSE;
DP(CLEAN_LEVEL, "cleaning name bucket %d", bucket);
LOCK(&adb->namelocks[bucket]);
if (adb->name_sd[bucket]) {
UNLOCK(&adb->namelocks[bucket]);
return (result);
}
name = ISC_LIST_HEAD(adb->names[bucket]);
while (name != NULL) {
next_name = ISC_LIST_NEXT(name, plink);
INSIST(result == ISC_FALSE);
result = check_expire_namehooks(name, now);
if (!result)
result = check_expire_name(&name, now);
name = next_name;
}
UNLOCK(&adb->namelocks[bucket]);
return (result);
}
/*
* ADB must be locked, and no other locks held.
*/
static isc_boolean_t
cleanup_entries(dns_adb_t *adb, int bucket, isc_stdtime_t now) {
dns_adbentry_t *entry, *next_entry;
isc_boolean_t result = ISC_FALSE;
DP(CLEAN_LEVEL, "cleaning entry bucket %d", bucket);
LOCK(&adb->entrylocks[bucket]);
entry = ISC_LIST_HEAD(adb->entries[bucket]);
while (entry != NULL) {
next_entry = ISC_LIST_NEXT(entry, plink);
INSIST(result == ISC_FALSE);
result = check_expire_entry(adb, &entry, now);
entry = next_entry;
}
UNLOCK(&adb->entrylocks[bucket]);
return (result);
}
static void
destroy(dns_adb_t *adb) {
adb->magic = 0;
isc_task_detach(&adb->task);
isc_mempool_destroy(&adb->nmp);
isc_mempool_destroy(&adb->nhmp);
isc_mempool_destroy(&adb->limp);
isc_mempool_destroy(&adb->emp);
isc_mempool_destroy(&adb->ahmp);
isc_mempool_destroy(&adb->aimp);
isc_mempool_destroy(&adb->afmp);
DESTROYMUTEXBLOCK(adb->entrylocks, NBUCKETS);
DESTROYMUTEXBLOCK(adb->namelocks, NBUCKETS);
DESTROYLOCK(&adb->reflock);
DESTROYLOCK(&adb->lock);
DESTROYLOCK(&adb->mplock);
DESTROYLOCK(&adb->overmemlock);
isc_mem_putanddetach(&adb->mctx, adb, sizeof(dns_adb_t));
}
/*
* Public functions.
*/
isc_result_t
dns_adb_create(isc_mem_t *mem, dns_view_t *view, isc_timermgr_t *timermgr,
isc_taskmgr_t *taskmgr, dns_adb_t **newadb)
{
dns_adb_t *adb;
isc_result_t result;
int i;
REQUIRE(mem != NULL);
REQUIRE(view != NULL);
REQUIRE(timermgr != NULL); /* this is actually unused */
REQUIRE(taskmgr != NULL);
REQUIRE(newadb != NULL && *newadb == NULL);
UNUSED(timermgr);
adb = isc_mem_get(mem, sizeof(dns_adb_t));
if (adb == NULL)
return (ISC_R_NOMEMORY);
/*
* Initialize things here that cannot fail, and especially things
* that must be NULL for the error return to work properly.
*/
adb->magic = 0;
adb->erefcnt = 1;
adb->irefcnt = 0;
adb->nmp = NULL;
adb->nhmp = NULL;
adb->limp = NULL;
adb->emp = NULL;
adb->ahmp = NULL;
adb->aimp = NULL;
adb->afmp = NULL;
adb->task = NULL;
adb->mctx = NULL;
adb->view = view;
adb->taskmgr = taskmgr;
adb->next_cleanbucket = 0;
ISC_EVENT_INIT(&adb->cevent, sizeof(adb->cevent), 0, NULL,
DNS_EVENT_ADBCONTROL, shutdown_task, adb,
adb, NULL, NULL);
adb->cevent_sent = ISC_FALSE;
adb->shutting_down = ISC_FALSE;
ISC_LIST_INIT(adb->whenshutdown);
isc_mem_attach(mem, &adb->mctx);
result = isc_mutex_init(&adb->lock);
if (result != ISC_R_SUCCESS)
goto fail0b;
result = isc_mutex_init(&adb->mplock);
if (result != ISC_R_SUCCESS)
goto fail0c;
result = isc_mutex_init(&adb->reflock);
if (result != ISC_R_SUCCESS)
goto fail0d;
result = isc_mutex_init(&adb->overmemlock);
if (result != ISC_R_SUCCESS)
goto fail0e;
/*
* Initialize the bucket locks for names and elements.
* May as well initialize the list heads, too.
*/
result = isc_mutexblock_init(adb->namelocks, NBUCKETS);
if (result != ISC_R_SUCCESS)
goto fail1;
for (i = 0; i < NBUCKETS; i++) {
ISC_LIST_INIT(adb->names[i]);
ISC_LIST_INIT(adb->deadnames[i]);
adb->name_sd[i] = ISC_FALSE;
adb->name_refcnt[i] = 0;
adb->irefcnt++;
}
for (i = 0; i < NBUCKETS; i++) {
ISC_LIST_INIT(adb->entries[i]);
ISC_LIST_INIT(adb->deadentries[i]);
adb->entry_sd[i] = ISC_FALSE;
adb->entry_refcnt[i] = 0;
adb->irefcnt++;
}
result = isc_mutexblock_init(adb->entrylocks, NBUCKETS);
if (result != ISC_R_SUCCESS)
goto fail2;
/*
* Memory pools
*/
#define MPINIT(t, p, n) do { \
result = isc_mempool_create(mem, sizeof(t), &(p)); \
if (result != ISC_R_SUCCESS) \
goto fail3; \
isc_mempool_setfreemax((p), FREE_ITEMS); \
isc_mempool_setfillcount((p), FILL_COUNT); \
isc_mempool_setname((p), n); \
isc_mempool_associatelock((p), &adb->mplock); \
} while (0)
MPINIT(dns_adbname_t, adb->nmp, "adbname");
MPINIT(dns_adbnamehook_t, adb->nhmp, "adbnamehook");
MPINIT(dns_adblameinfo_t, adb->limp, "adblameinfo");
MPINIT(dns_adbentry_t, adb->emp, "adbentry");
MPINIT(dns_adbfind_t, adb->ahmp, "adbfind");
MPINIT(dns_adbaddrinfo_t, adb->aimp, "adbaddrinfo");
MPINIT(dns_adbfetch_t, adb->afmp, "adbfetch");
#undef MPINIT
/*
* Allocate an internal task.
*/
result = isc_task_create(adb->taskmgr, 0, &adb->task);
if (result != ISC_R_SUCCESS)
goto fail3;
isc_task_setname(adb->task, "ADB", adb);
/*
* Normal return.
*/
adb->magic = DNS_ADB_MAGIC;
*newadb = adb;
return (ISC_R_SUCCESS);
fail3:
if (adb->task != NULL)
isc_task_detach(&adb->task);
/* clean up entrylocks */
DESTROYMUTEXBLOCK(adb->entrylocks, NBUCKETS);
fail2: /* clean up namelocks */
DESTROYMUTEXBLOCK(adb->namelocks, NBUCKETS);
fail1: /* clean up only allocated memory */
if (adb->nmp != NULL)
isc_mempool_destroy(&adb->nmp);
if (adb->nhmp != NULL)
isc_mempool_destroy(&adb->nhmp);
if (adb->limp != NULL)
isc_mempool_destroy(&adb->limp);
if (adb->emp != NULL)
isc_mempool_destroy(&adb->emp);
if (adb->ahmp != NULL)
isc_mempool_destroy(&adb->ahmp);
if (adb->aimp != NULL)
isc_mempool_destroy(&adb->aimp);
if (adb->afmp != NULL)
isc_mempool_destroy(&adb->afmp);
DESTROYLOCK(&adb->overmemlock);
fail0e:
DESTROYLOCK(&adb->reflock);
fail0d:
DESTROYLOCK(&adb->mplock);
fail0c:
DESTROYLOCK(&adb->lock);
fail0b:
isc_mem_putanddetach(&adb->mctx, adb, sizeof(dns_adb_t));
return (result);
}
void
dns_adb_attach(dns_adb_t *adb, dns_adb_t **adbx) {
REQUIRE(DNS_ADB_VALID(adb));
REQUIRE(adbx != NULL && *adbx == NULL);
inc_adb_erefcnt(adb);
*adbx = adb;
}
void
dns_adb_detach(dns_adb_t **adbx) {
dns_adb_t *adb;
isc_boolean_t need_exit_check;
REQUIRE(adbx != NULL && DNS_ADB_VALID(*adbx));
adb = *adbx;
*adbx = NULL;
INSIST(adb->erefcnt > 0);
LOCK(&adb->reflock);
adb->erefcnt--;
need_exit_check = ISC_TF(adb->erefcnt == 0 && adb->irefcnt == 0);
UNLOCK(&adb->reflock);
if (need_exit_check) {
LOCK(&adb->lock);
INSIST(adb->shutting_down);
check_exit(adb);
UNLOCK(&adb->lock);
}
}
void
dns_adb_whenshutdown(dns_adb_t *adb, isc_task_t *task, isc_event_t **eventp) {
isc_task_t *clone;
isc_event_t *event;
isc_boolean_t zeroirefcnt = ISC_FALSE;
/*
* Send '*eventp' to 'task' when 'adb' has shutdown.
*/
REQUIRE(DNS_ADB_VALID(adb));
REQUIRE(eventp != NULL);
event = *eventp;
*eventp = NULL;
LOCK(&adb->lock);
LOCK(&adb->reflock);
zeroirefcnt = ISC_TF(adb->irefcnt == 0);
if (adb->shutting_down && zeroirefcnt &&
isc_mempool_getallocated(adb->ahmp) == 0) {
/*
* We're already shutdown. Send the event.
*/
event->ev_sender = adb;
isc_task_send(task, &event);
} else {
clone = NULL;
isc_task_attach(task, &clone);
event->ev_sender = clone;
ISC_LIST_APPEND(adb->whenshutdown, event, ev_link);
}
UNLOCK(&adb->reflock);
UNLOCK(&adb->lock);
}
void
dns_adb_shutdown(dns_adb_t *adb) {
isc_boolean_t need_check_exit;
/*
* Shutdown 'adb'.
*/
LOCK(&adb->lock);
if (!adb->shutting_down) {
adb->shutting_down = ISC_TRUE;
isc_mem_setwater(adb->mctx, water, adb, 0, 0);
need_check_exit = shutdown_names(adb);
if (!need_check_exit)
need_check_exit = shutdown_entries(adb);
if (need_check_exit)
check_exit(adb);
}
UNLOCK(&adb->lock);
}
isc_result_t
dns_adb_createfind(dns_adb_t *adb, isc_task_t *task, isc_taskaction_t action,
void *arg, dns_name_t *name, dns_name_t *qname,
dns_rdatatype_t qtype, unsigned int options,
isc_stdtime_t now, dns_name_t *target,
in_port_t port, dns_adbfind_t **findp)
{
dns_adbfind_t *find;
dns_adbname_t *adbname;
int bucket;
isc_boolean_t want_event, start_at_zone, alias, have_address;
isc_result_t result;
unsigned int wanted_addresses;
unsigned int wanted_fetches;
unsigned int query_pending;
REQUIRE(DNS_ADB_VALID(adb));
if (task != NULL) {
REQUIRE(action != NULL);
}
REQUIRE(name != NULL);
REQUIRE(qname != NULL);
REQUIRE(findp != NULL && *findp == NULL);
REQUIRE(target == NULL || dns_name_hasbuffer(target));
REQUIRE((options & DNS_ADBFIND_ADDRESSMASK) != 0);
result = ISC_R_UNEXPECTED;
wanted_addresses = (options & DNS_ADBFIND_ADDRESSMASK);
wanted_fetches = 0;
query_pending = 0;
want_event = ISC_FALSE;
start_at_zone = ISC_FALSE;
alias = ISC_FALSE;
if (now == 0)
isc_stdtime_get(&now);
/*
* XXXMLG Move this comment somewhere else!
*
* Look up the name in our internal database.
*
* Possibilities: Note that these are not always exclusive.
*
* No name found. In this case, allocate a new name header and
* an initial namehook or two. If any of these allocations
* fail, clean up and return ISC_R_NOMEMORY.
*
* Name found, valid addresses present. Allocate one addrinfo
* structure for each found and append it to the linked list
* of addresses for this header.
*
* Name found, queries pending. In this case, if a task was
* passed in, allocate a job id, attach it to the name's job
* list and remember to tell the caller that there will be
* more info coming later.
*/
find = new_adbfind(adb);
if (find == NULL)
return (ISC_R_NOMEMORY);
find->port = port;
/*
* Remember what types of addresses we are interested in.
*/
find->options = options;
find->flags |= wanted_addresses;
if (FIND_WANTEVENT(find)) {
REQUIRE(task != NULL);
}
/*
* Try to see if we know anything about this name at all.
*/
bucket = DNS_ADB_INVALIDBUCKET;
adbname = find_name_and_lock(adb, name, find->options, &bucket);
if (adb->name_sd[bucket]) {
DP(DEF_LEVEL,
"dns_adb_createfind: returning ISC_R_SHUTTINGDOWN");
RUNTIME_CHECK(free_adbfind(adb, &find) == ISC_FALSE);
result = ISC_R_SHUTTINGDOWN;
goto out;
}
/*
* Nothing found. Allocate a new adbname structure for this name.
*/
if (adbname == NULL) {
/*
* See if there is any stale name at the end of list, and purge
* it if so.
*/
check_stale_name(adb, bucket, now);
adbname = new_adbname(adb, name);
if (adbname == NULL) {
RUNTIME_CHECK(free_adbfind(adb, &find) == ISC_FALSE);
result = ISC_R_NOMEMORY;
goto out;
}
link_name(adb, bucket, adbname);
if (FIND_HINTOK(find))
adbname->flags |= NAME_HINT_OK;
if (FIND_GLUEOK(find))
adbname->flags |= NAME_GLUE_OK;
if (FIND_STARTATZONE(find))
adbname->flags |= NAME_STARTATZONE;
} else {
/* Move this name forward in the LRU list */
ISC_LIST_UNLINK(adb->names[bucket], adbname, plink);
ISC_LIST_PREPEND(adb->names[bucket], adbname, plink);
}
adbname->last_used = now;
/*
* Expire old entries, etc.
*/
RUNTIME_CHECK(check_expire_namehooks(adbname, now) == ISC_FALSE);
/*
* Do we know that the name is an alias?
*/
if (!EXPIRE_OK(adbname->expire_target, now)) {
/*
* Yes, it is.
*/
DP(DEF_LEVEL,
"dns_adb_createfind: name %p is an alias (cached)",
adbname);
alias = ISC_TRUE;
goto post_copy;
}
/*
* Try to populate the name from the database and/or
* start fetches. First try looking for an A record
* in the database.
*/
if (!NAME_HAS_V4(adbname) && EXPIRE_OK(adbname->expire_v4, now)
&& WANT_INET(wanted_addresses)) {
result = dbfind_name(adbname, now, dns_rdatatype_a);
if (result == ISC_R_SUCCESS) {
DP(DEF_LEVEL,
"dns_adb_createfind: found A for name %p in db",
adbname);
goto v6;
}
/*
* Did we get a CNAME or DNAME?
*/
if (result == DNS_R_ALIAS) {
DP(DEF_LEVEL,
"dns_adb_createfind: name %p is an alias",
adbname);
alias = ISC_TRUE;
goto post_copy;
}
/*
* If the name doesn't exist at all, don't bother with
* v6 queries; they won't work.
*
* If the name does exist but we didn't get our data, go
* ahead and try AAAA.
*
* If the result is neither of these, try a fetch for A.
*/
if (NXDOMAIN_RESULT(result))
goto fetch;
else if (NXRRSET_RESULT(result))
goto v6;
if (!NAME_FETCH_V4(adbname))
wanted_fetches |= DNS_ADBFIND_INET;
}
v6:
if (!NAME_HAS_V6(adbname) && EXPIRE_OK(adbname->expire_v6, now)
&& WANT_INET6(wanted_addresses)) {
result = dbfind_name(adbname, now, dns_rdatatype_aaaa);
if (result == ISC_R_SUCCESS) {
DP(DEF_LEVEL,
"dns_adb_createfind: found AAAA for name %p",
adbname);
goto fetch;
}
/*
* Did we get a CNAME or DNAME?
*/
if (result == DNS_R_ALIAS) {
DP(DEF_LEVEL,
"dns_adb_createfind: name %p is an alias",
adbname);
alias = ISC_TRUE;
goto post_copy;
}
/*
* Listen to negative cache hints, and don't start
* another query.
*/
if (NCACHE_RESULT(result) || AUTH_NX(result))
goto fetch;
if (!NAME_FETCH_V6(adbname))
wanted_fetches |= DNS_ADBFIND_INET6;
}
fetch:
if ((WANT_INET(wanted_addresses) && NAME_HAS_V4(adbname)) ||
(WANT_INET6(wanted_addresses) && NAME_HAS_V6(adbname)))
have_address = ISC_TRUE;
else
have_address = ISC_FALSE;
if (wanted_fetches != 0 &&
! (FIND_AVOIDFETCHES(find) && have_address)) {
/*
* We're missing at least one address family. Either the
* caller hasn't instructed us to avoid fetches, or we don't
* know anything about any of the address families that would
* be acceptable so we have to launch fetches.
*/
if (FIND_STARTATZONE(find))
start_at_zone = ISC_TRUE;
/*
* Start V4.
*/
if (WANT_INET(wanted_fetches) &&
fetch_name(adbname, start_at_zone,
dns_rdatatype_a) == ISC_R_SUCCESS) {
DP(DEF_LEVEL,
"dns_adb_createfind: started A fetch for name %p",
adbname);
}
/*
* Start V6.
*/
if (WANT_INET6(wanted_fetches) &&
fetch_name(adbname, start_at_zone,
dns_rdatatype_aaaa) == ISC_R_SUCCESS) {
DP(DEF_LEVEL,
"dns_adb_createfind: "
"started AAAA fetch for name %p",
adbname);
}
}
/*
* Run through the name and copy out the bits we are
* interested in.
*/
copy_namehook_lists(adb, find, qname, qtype, adbname, now);
post_copy:
if (NAME_FETCH_V4(adbname))
query_pending |= DNS_ADBFIND_INET;
if (NAME_FETCH_V6(adbname))
query_pending |= DNS_ADBFIND_INET6;
/*
* Attach to the name's query list if there are queries
* already running, and we have been asked to.
*/
want_event = ISC_TRUE;
if (!FIND_WANTEVENT(find))
want_event = ISC_FALSE;
if (FIND_WANTEMPTYEVENT(find) && FIND_HAS_ADDRS(find))
want_event = ISC_FALSE;
if ((wanted_addresses & query_pending) == 0)
want_event = ISC_FALSE;
if (alias)
want_event = ISC_FALSE;
if (want_event) {
find->adbname = adbname;
find->name_bucket = bucket;
ISC_LIST_APPEND(adbname->finds, find, plink);
find->query_pending = (query_pending & wanted_addresses);
find->flags &= ~DNS_ADBFIND_ADDRESSMASK;
find->flags |= (find->query_pending & DNS_ADBFIND_ADDRESSMASK);
DP(DEF_LEVEL, "createfind: attaching find %p to adbname %p",
find, adbname);
} else {
/*
* Remove the flag so the caller knows there will never
* be an event, and set internal flags to fake that
* the event was sent and freed, so dns_adb_destroyfind() will
* do the right thing.
*/
find->query_pending = (query_pending & wanted_addresses);
find->options &= ~DNS_ADBFIND_WANTEVENT;
find->flags |= (FIND_EVENT_SENT | FIND_EVENT_FREED);
find->flags &= ~DNS_ADBFIND_ADDRESSMASK;
}
find->partial_result |= (adbname->partial_result & wanted_addresses);
if (alias) {
if (target != NULL) {
result = dns_name_copy(&adbname->target, target, NULL);
if (result != ISC_R_SUCCESS)
goto out;
}
result = DNS_R_ALIAS;
} else
result = ISC_R_SUCCESS;
/*
* Copy out error flags from the name structure into the find.
*/
find->result_v4 = find_err_map[adbname->fetch_err];
find->result_v6 = find_err_map[adbname->fetch6_err];
out:
if (find != NULL) {
*findp = find;
if (want_event) {
isc_task_t *taskp;
INSIST((find->flags & DNS_ADBFIND_ADDRESSMASK) != 0);
taskp = NULL;
isc_task_attach(task, &taskp);
find->event.ev_sender = taskp;
find->event.ev_action = action;
find->event.ev_arg = arg;
}
}
UNLOCK(&adb->namelocks[bucket]);
return (result);
}
void
dns_adb_destroyfind(dns_adbfind_t **findp) {
dns_adbfind_t *find;
dns_adbentry_t *entry;
dns_adbaddrinfo_t *ai;
int bucket;
dns_adb_t *adb;
isc_boolean_t overmem;
REQUIRE(findp != NULL && DNS_ADBFIND_VALID(*findp));
find = *findp;
*findp = NULL;
LOCK(&find->lock);
DP(DEF_LEVEL, "dns_adb_destroyfind on find %p", find);
adb = find->adb;
REQUIRE(DNS_ADB_VALID(adb));
REQUIRE(FIND_EVENTFREED(find));
bucket = find->name_bucket;
INSIST(bucket == DNS_ADB_INVALIDBUCKET);
UNLOCK(&find->lock);
/*
* The find doesn't exist on any list, and nothing is locked.
* Return the find to the memory pool, and decrement the adb's
* reference count.
*/
overmem = isc_mem_isovermem(adb->mctx);
ai = ISC_LIST_HEAD(find->list);
while (ai != NULL) {
ISC_LIST_UNLINK(find->list, ai, publink);
entry = ai->entry;
ai->entry = NULL;
INSIST(DNS_ADBENTRY_VALID(entry));
RUNTIME_CHECK(dec_entry_refcnt(adb, overmem, entry, ISC_TRUE) ==
ISC_FALSE);
free_adbaddrinfo(adb, &ai);
ai = ISC_LIST_HEAD(find->list);
}
/*
* WARNING: The find is freed with the adb locked. This is done
* to avoid a race condition where we free the find, some other
* thread tests to see if it should be destroyed, detects it should
* be, destroys it, and then we try to lock it for our check, but the
* lock is destroyed.
*/
LOCK(&adb->lock);
if (free_adbfind(adb, &find))
check_exit(adb);
UNLOCK(&adb->lock);
}
void
dns_adb_cancelfind(dns_adbfind_t *find) {
isc_event_t *ev;
isc_task_t *task;
dns_adb_t *adb;
int bucket;
int unlock_bucket;
LOCK(&find->lock);
DP(DEF_LEVEL, "dns_adb_cancelfind on find %p", find);
adb = find->adb;
REQUIRE(DNS_ADB_VALID(adb));
REQUIRE(!FIND_EVENTFREED(find));
REQUIRE(FIND_WANTEVENT(find));
bucket = find->name_bucket;
if (bucket == DNS_ADB_INVALIDBUCKET)
goto cleanup;
/*
* We need to get the adbname's lock to unlink the find.
*/
unlock_bucket = bucket;
violate_locking_hierarchy(&find->lock, &adb->namelocks[unlock_bucket]);
bucket = find->name_bucket;
if (bucket != DNS_ADB_INVALIDBUCKET) {
ISC_LIST_UNLINK(find->adbname->finds, find, plink);
find->adbname = NULL;
find->name_bucket = DNS_ADB_INVALIDBUCKET;
}
UNLOCK(&adb->namelocks[unlock_bucket]);
bucket = DNS_ADB_INVALIDBUCKET;
cleanup:
if (!FIND_EVENTSENT(find)) {
ev = &find->event;
task = ev->ev_sender;
ev->ev_sender = find;
ev->ev_type = DNS_EVENT_ADBCANCELED;
ev->ev_destroy = event_free;
ev->ev_destroy_arg = find;
find->result_v4 = ISC_R_CANCELED;
find->result_v6 = ISC_R_CANCELED;
DP(DEF_LEVEL, "sending event %p to task %p for find %p",
ev, task, find);
isc_task_sendanddetach(&task, (isc_event_t **)&ev);
}
UNLOCK(&find->lock);
}
void
dns_adb_dump(dns_adb_t *adb, FILE *f) {
int i;
isc_stdtime_t now;
REQUIRE(DNS_ADB_VALID(adb));
REQUIRE(f != NULL);
/*
* Lock the adb itself, lock all the name buckets, then lock all
* the entry buckets. This should put the adb into a state where
* nothing can change, so we can iterate through everything and
* print at our leisure.
*/
LOCK(&adb->lock);
isc_stdtime_get(&now);
for (i = 0; i < NBUCKETS; i++)
RUNTIME_CHECK(cleanup_names(adb, i, now) == ISC_FALSE);
for (i = 0; i < NBUCKETS; i++)
RUNTIME_CHECK(cleanup_entries(adb, i, now) == ISC_FALSE);
dump_adb(adb, f, ISC_FALSE, now);
UNLOCK(&adb->lock);
}
static void
dump_ttl(FILE *f, const char *legend, isc_stdtime_t value, isc_stdtime_t now) {
if (value == INT_MAX)
return;
fprintf(f, " [%s TTL %d]", legend, value - now);
}
static void
dump_adb(dns_adb_t *adb, FILE *f, isc_boolean_t debug, isc_stdtime_t now) {
int i;
dns_adbname_t *name;
dns_adbentry_t *entry;
fprintf(f, ";\n; Address database dump\n;\n");
if (debug)
fprintf(f, "; addr %p, erefcnt %u, irefcnt %u, finds out %u\n",
adb, adb->erefcnt, adb->irefcnt,
isc_mempool_getallocated(adb->nhmp));
for (i = 0; i < NBUCKETS; i++)
LOCK(&adb->namelocks[i]);
for (i = 0; i < NBUCKETS; i++)
LOCK(&adb->entrylocks[i]);
/*
* Dump the names
*/
for (i = 0; i < NBUCKETS; i++) {
name = ISC_LIST_HEAD(adb->names[i]);
if (name == NULL)
continue;
if (debug)
fprintf(f, "; bucket %d\n", i);
for (;
name != NULL;
name = ISC_LIST_NEXT(name, plink))
{
if (debug)
fprintf(f, "; name %p (flags %08x)\n",
name, name->flags);
fprintf(f, "; ");
print_dns_name(f, &name->name);
if (dns_name_countlabels(&name->target) > 0) {
fprintf(f, " alias ");
print_dns_name(f, &name->target);
}
dump_ttl(f, "v4", name->expire_v4, now);
dump_ttl(f, "v6", name->expire_v6, now);
dump_ttl(f, "target", name->expire_target, now);
fprintf(f, " [v4 %s] [v6 %s]",
errnames[name->fetch_err],
errnames[name->fetch6_err]);
fprintf(f, "\n");
print_namehook_list(f, "v4", &name->v4, debug, now);
print_namehook_list(f, "v6", &name->v6, debug, now);
if (debug)
print_fetch_list(f, name);
if (debug)
print_find_list(f, name);
}
}
fprintf(f, ";\n; Unassociated entries\n;\n");
for (i = 0; i < NBUCKETS; i++) {
entry = ISC_LIST_HEAD(adb->entries[i]);
while (entry != NULL) {
if (entry->refcnt == 0)
dump_entry(f, entry, debug, now);
entry = ISC_LIST_NEXT(entry, plink);
}
}
/*
* Unlock everything
*/
for (i = 0; i < NBUCKETS; i++)
UNLOCK(&adb->entrylocks[i]);
for (i = 0; i < NBUCKETS; i++)
UNLOCK(&adb->namelocks[i]);
}
static void
dump_entry(FILE *f, dns_adbentry_t *entry, isc_boolean_t debug,
isc_stdtime_t now)
{
char addrbuf[ISC_NETADDR_FORMATSIZE];
char typebuf[DNS_RDATATYPE_FORMATSIZE];
isc_netaddr_t netaddr;
dns_adblameinfo_t *li;
isc_netaddr_fromsockaddr(&netaddr, &entry->sockaddr);
isc_netaddr_format(&netaddr, addrbuf, sizeof(addrbuf));
if (debug)
fprintf(f, ";\t%p: refcnt %u\n", entry, entry->refcnt);
fprintf(f, ";\t%s [srtt %u] [flags %08x]",
addrbuf, entry->srtt, entry->flags);
if (entry->expires != 0)
fprintf(f, " [ttl %d]", entry->expires - now);
fprintf(f, "\n");
for (li = ISC_LIST_HEAD(entry->lameinfo);
li != NULL;
li = ISC_LIST_NEXT(li, plink)) {
fprintf(f, ";\t\t");
print_dns_name(f, &li->qname);
dns_rdatatype_format(li->qtype, typebuf, sizeof(typebuf));
fprintf(f, " %s [lame TTL %d]\n", typebuf,
li->lame_timer - now);
}
}
void
dns_adb_dumpfind(dns_adbfind_t *find, FILE *f) {
char tmp[512];
const char *tmpp;
dns_adbaddrinfo_t *ai;
isc_sockaddr_t *sa;
/*
* Not used currently, in the API Just In Case we
* want to dump out the name and/or entries too.
*/
LOCK(&find->lock);
fprintf(f, ";Find %p\n", find);
fprintf(f, ";\tqpending %08x partial %08x options %08x flags %08x\n",
find->query_pending, find->partial_result,
find->options, find->flags);
fprintf(f, ";\tname_bucket %d, name %p, event sender %p\n",
find->name_bucket, find->adbname, find->event.ev_sender);
ai = ISC_LIST_HEAD(find->list);
if (ai != NULL)
fprintf(f, "\tAddresses:\n");
while (ai != NULL) {
sa = &ai->sockaddr;
switch (sa->type.sa.sa_family) {
case AF_INET:
tmpp = inet_ntop(AF_INET, &sa->type.sin.sin_addr,
tmp, sizeof(tmp));
break;
case AF_INET6:
tmpp = inet_ntop(AF_INET6, &sa->type.sin6.sin6_addr,
tmp, sizeof(tmp));
break;
default:
tmpp = "UnkFamily";
}
if (tmpp == NULL)
tmpp = "BadAddress";
fprintf(f, "\t\tentry %p, flags %08x"
" srtt %u addr %s\n",
ai->entry, ai->flags, ai->srtt, tmpp);
ai = ISC_LIST_NEXT(ai, publink);
}
UNLOCK(&find->lock);
}
static void
print_dns_name(FILE *f, dns_name_t *name) {
char buf[DNS_NAME_FORMATSIZE];
INSIST(f != NULL);
dns_name_format(name, buf, sizeof(buf));
fprintf(f, "%s", buf);
}
static void
print_namehook_list(FILE *f, const char *legend, dns_adbnamehooklist_t *list,
isc_boolean_t debug, isc_stdtime_t now)
{
dns_adbnamehook_t *nh;
for (nh = ISC_LIST_HEAD(*list);
nh != NULL;
nh = ISC_LIST_NEXT(nh, plink))
{
if (debug)
fprintf(f, ";\tHook(%s) %p\n", legend, nh);
dump_entry(f, nh->entry, debug, now);
}
}
static inline void
print_fetch(FILE *f, dns_adbfetch_t *ft, const char *type) {
fprintf(f, "\t\tFetch(%s): %p -> { fetch %p }\n",
type, ft, ft->fetch);
}
static void
print_fetch_list(FILE *f, dns_adbname_t *n) {
if (NAME_FETCH_A(n))
print_fetch(f, n->fetch_a, "A");
if (NAME_FETCH_AAAA(n))
print_fetch(f, n->fetch_aaaa, "AAAA");
}
static void
print_find_list(FILE *f, dns_adbname_t *name) {
dns_adbfind_t *find;
find = ISC_LIST_HEAD(name->finds);
while (find != NULL) {
dns_adb_dumpfind(find, f);
find = ISC_LIST_NEXT(find, plink);
}
}
static isc_result_t
dbfind_name(dns_adbname_t *adbname, isc_stdtime_t now, dns_rdatatype_t rdtype)
{
isc_result_t result;
dns_rdataset_t rdataset;
dns_adb_t *adb;
dns_fixedname_t foundname;
dns_name_t *fname;
INSIST(DNS_ADBNAME_VALID(adbname));
adb = adbname->adb;
INSIST(DNS_ADB_VALID(adb));
INSIST(rdtype == dns_rdatatype_a || rdtype == dns_rdatatype_aaaa);
dns_fixedname_init(&foundname);
fname = dns_fixedname_name(&foundname);
dns_rdataset_init(&rdataset);
if (rdtype == dns_rdatatype_a)
adbname->fetch_err = FIND_ERR_UNEXPECTED;
else
adbname->fetch6_err = FIND_ERR_UNEXPECTED;
result = dns_view_find(adb->view, &adbname->name, rdtype, now,
NAME_GLUEOK(adbname) ? DNS_DBFIND_GLUEOK : 0,
ISC_TF(NAME_HINTOK(adbname)),
NULL, NULL, fname, &rdataset, NULL);
/* XXXVIX this switch statement is too sparse to gen a jump table. */
switch (result) {
case DNS_R_GLUE:
case DNS_R_HINT:
case ISC_R_SUCCESS:
/*
* Found in the database. Even if we can't copy out
* any information, return success, or else a fetch
* will be made, which will only make things worse.
*/
if (rdtype == dns_rdatatype_a)
adbname->fetch_err = FIND_ERR_SUCCESS;
else
adbname->fetch6_err = FIND_ERR_SUCCESS;
result = import_rdataset(adbname, &rdataset, now);
break;
case DNS_R_NXDOMAIN:
case DNS_R_NXRRSET:
/*
* We're authoritative and the data doesn't exist.
* Make up a negative cache entry so we don't ask again
* for a while.
*
* XXXRTH What time should we use? I'm putting in 30 seconds
* for now.
*/
if (rdtype == dns_rdatatype_a) {
adbname->expire_v4 = now + 30;
DP(NCACHE_LEVEL,
"adb name %p: Caching auth negative entry for A",
adbname);
if (result == DNS_R_NXDOMAIN)
adbname->fetch_err = FIND_ERR_NXDOMAIN;
else
adbname->fetch_err = FIND_ERR_NXRRSET;
} else {
DP(NCACHE_LEVEL,
"adb name %p: Caching auth negative entry for AAAA",
adbname);
adbname->expire_v6 = now + 30;
if (result == DNS_R_NXDOMAIN)
adbname->fetch6_err = FIND_ERR_NXDOMAIN;
else
adbname->fetch6_err = FIND_ERR_NXRRSET;
}
break;
case DNS_R_NCACHENXDOMAIN:
case DNS_R_NCACHENXRRSET:
/*
* We found a negative cache entry. Pull the TTL from it
* so we won't ask again for a while.
*/
rdataset.ttl = ttlclamp(rdataset.ttl);
if (rdtype == dns_rdatatype_a) {
adbname->expire_v4 = rdataset.ttl + now;
if (result == DNS_R_NCACHENXDOMAIN)
adbname->fetch_err = FIND_ERR_NXDOMAIN;
else
adbname->fetch_err = FIND_ERR_NXRRSET;
DP(NCACHE_LEVEL,
"adb name %p: Caching negative entry for A (ttl %u)",
adbname, rdataset.ttl);
} else {
DP(NCACHE_LEVEL,
"adb name %p: Caching negative entry for AAAA (ttl %u)",
adbname, rdataset.ttl);
adbname->expire_v6 = rdataset.ttl + now;
if (result == DNS_R_NCACHENXDOMAIN)
adbname->fetch6_err = FIND_ERR_NXDOMAIN;
else
adbname->fetch6_err = FIND_ERR_NXRRSET;
}
break;
case DNS_R_CNAME:
case DNS_R_DNAME:
/*
* Clear the hint and glue flags, so this will match
* more often.
*/
adbname->flags &= ~(DNS_ADBFIND_GLUEOK | DNS_ADBFIND_HINTOK);
rdataset.ttl = ttlclamp(rdataset.ttl);
clean_target(adb, &adbname->target);
adbname->expire_target = INT_MAX;
result = set_target(adb, &adbname->name, fname, &rdataset,
&adbname->target);
if (result == ISC_R_SUCCESS) {
result = DNS_R_ALIAS;
DP(NCACHE_LEVEL,
"adb name %p: caching alias target",
adbname);
adbname->expire_target = rdataset.ttl + now;
}
if (rdtype == dns_rdatatype_a)
adbname->fetch_err = FIND_ERR_SUCCESS;
else
adbname->fetch6_err = FIND_ERR_SUCCESS;
break;
}
if (dns_rdataset_isassociated(&rdataset))
dns_rdataset_disassociate(&rdataset);
return (result);
}
static void
fetch_callback(isc_task_t *task, isc_event_t *ev) {
dns_fetchevent_t *dev;
dns_adbname_t *name;
dns_adb_t *adb;
dns_adbfetch_t *fetch;
int bucket;
isc_eventtype_t ev_status;
isc_stdtime_t now;
isc_result_t result;
unsigned int address_type;
isc_boolean_t want_check_exit = ISC_FALSE;
UNUSED(task);
INSIST(ev->ev_type == DNS_EVENT_FETCHDONE);
dev = (dns_fetchevent_t *)ev;
name = ev->ev_arg;
INSIST(DNS_ADBNAME_VALID(name));
adb = name->adb;
INSIST(DNS_ADB_VALID(adb));
bucket = name->lock_bucket;
LOCK(&adb->namelocks[bucket]);
INSIST(NAME_FETCH_A(name) || NAME_FETCH_AAAA(name));
address_type = 0;
if (NAME_FETCH_A(name) && (name->fetch_a->fetch == dev->fetch)) {
address_type = DNS_ADBFIND_INET;
fetch = name->fetch_a;
name->fetch_a = NULL;
} else if (NAME_FETCH_AAAA(name)
&& (name->fetch_aaaa->fetch == dev->fetch)) {
address_type = DNS_ADBFIND_INET6;
fetch = name->fetch_aaaa;
name->fetch_aaaa = NULL;
} else
fetch = NULL;
INSIST(address_type != 0 && fetch != NULL);
dns_resolver_destroyfetch(&fetch->fetch);
dev->fetch = NULL;
ev_status = DNS_EVENT_ADBNOMOREADDRESSES;
/*
* Cleanup things we don't care about.
*/
if (dev->node != NULL)
dns_db_detachnode(dev->db, &dev->node);
if (dev->db != NULL)
dns_db_detach(&dev->db);
/*
* If this name is marked as dead, clean up, throwing away
* potentially good data.
*/
if (NAME_DEAD(name)) {
free_adbfetch(adb, &fetch);
isc_event_free(&ev);
want_check_exit = kill_name(&name, DNS_EVENT_ADBCANCELED);
UNLOCK(&adb->namelocks[bucket]);
if (want_check_exit) {
LOCK(&adb->lock);
check_exit(adb);
UNLOCK(&adb->lock);
}
return;
}
isc_stdtime_get(&now);
/*
* If we got a negative cache response, remember it.
*/
if (NCACHE_RESULT(dev->result)) {
dev->rdataset->ttl = ttlclamp(dev->rdataset->ttl);
if (address_type == DNS_ADBFIND_INET) {
DP(NCACHE_LEVEL, "adb fetch name %p: "
"caching negative entry for A (ttl %u)",
name, dev->rdataset->ttl);
name->expire_v4 = ISC_MIN(name->expire_v4,
dev->rdataset->ttl + now);
if (dev->result == DNS_R_NCACHENXDOMAIN)
name->fetch_err = FIND_ERR_NXDOMAIN;
else
name->fetch_err = FIND_ERR_NXRRSET;
inc_stats(adb, dns_resstatscounter_gluefetchv4fail);
} else {
DP(NCACHE_LEVEL, "adb fetch name %p: "
"caching negative entry for AAAA (ttl %u)",
name, dev->rdataset->ttl);
name->expire_v6 = ISC_MIN(name->expire_v6,
dev->rdataset->ttl + now);
if (dev->result == DNS_R_NCACHENXDOMAIN)
name->fetch6_err = FIND_ERR_NXDOMAIN;
else
name->fetch6_err = FIND_ERR_NXRRSET;
inc_stats(adb, dns_resstatscounter_gluefetchv6fail);
}
goto out;
}
/*
* Handle CNAME/DNAME.
*/
if (dev->result == DNS_R_CNAME || dev->result == DNS_R_DNAME) {
dev->rdataset->ttl = ttlclamp(dev->rdataset->ttl);
clean_target(adb, &name->target);
name->expire_target = INT_MAX;
result = set_target(adb, &name->name,
dns_fixedname_name(&dev->foundname),
dev->rdataset,
&name->target);
if (result == ISC_R_SUCCESS) {
DP(NCACHE_LEVEL,
"adb fetch name %p: caching alias target",
name);
name->expire_target = dev->rdataset->ttl + now;
}
goto check_result;
}
/*
* Did we get back junk? If so, and there are no more fetches
* sitting out there, tell all the finds about it.
*/
if (dev->result != ISC_R_SUCCESS) {
char buf[DNS_NAME_FORMATSIZE];
dns_name_format(&name->name, buf, sizeof(buf));
DP(DEF_LEVEL, "adb: fetch of '%s' %s failed: %s",
buf, address_type == DNS_ADBFIND_INET ? "A" : "AAAA",
dns_result_totext(dev->result));
/* XXXMLG Don't pound on bad servers. */
if (address_type == DNS_ADBFIND_INET) {
name->expire_v4 = ISC_MIN(name->expire_v4, now + 300);
name->fetch_err = FIND_ERR_FAILURE;
inc_stats(adb, dns_resstatscounter_gluefetchv4fail);
} else {
name->expire_v6 = ISC_MIN(name->expire_v6, now + 300);
name->fetch6_err = FIND_ERR_FAILURE;
inc_stats(adb, dns_resstatscounter_gluefetchv6fail);
}
goto out;
}
/*
* We got something potentially useful.
*/
result = import_rdataset(name, &fetch->rdataset, now);
check_result:
if (result == ISC_R_SUCCESS) {
ev_status = DNS_EVENT_ADBMOREADDRESSES;
if (address_type == DNS_ADBFIND_INET)
name->fetch_err = FIND_ERR_SUCCESS;
else
name->fetch6_err = FIND_ERR_SUCCESS;
}
out:
free_adbfetch(adb, &fetch);
isc_event_free(&ev);
clean_finds_at_name(name, ev_status, address_type);
UNLOCK(&adb->namelocks[bucket]);
}
static isc_result_t
fetch_name(dns_adbname_t *adbname,
isc_boolean_t start_at_zone,
dns_rdatatype_t type)
{
isc_result_t result;
dns_adbfetch_t *fetch = NULL;
dns_adb_t *adb;
dns_fixedname_t fixed;
dns_name_t *name;
dns_rdataset_t rdataset;
dns_rdataset_t *nameservers;
unsigned int options;
INSIST(DNS_ADBNAME_VALID(adbname));
adb = adbname->adb;
INSIST(DNS_ADB_VALID(adb));
INSIST((type == dns_rdatatype_a && !NAME_FETCH_V4(adbname)) ||
(type == dns_rdatatype_aaaa && !NAME_FETCH_V6(adbname)));
adbname->fetch_err = FIND_ERR_NOTFOUND;
name = NULL;
nameservers = NULL;
dns_rdataset_init(&rdataset);
options = DNS_FETCHOPT_NOVALIDATE;
if (start_at_zone) {
DP(ENTER_LEVEL,
"fetch_name: starting at zone for name %p",
adbname);
dns_fixedname_init(&fixed);
name = dns_fixedname_name(&fixed);
result = dns_view_findzonecut2(adb->view, &adbname->name, name,
0, 0, ISC_TRUE, ISC_FALSE,
&rdataset, NULL);
if (result != ISC_R_SUCCESS && result != DNS_R_HINT)
goto cleanup;
nameservers = &rdataset;
options |= DNS_FETCHOPT_UNSHARED;
}
fetch = new_adbfetch(adb);
if (fetch == NULL) {
result = ISC_R_NOMEMORY;
goto cleanup;
}
result = dns_resolver_createfetch(adb->view->resolver, &adbname->name,
type, name, nameservers, NULL,
options, adb->task, fetch_callback,
adbname, &fetch->rdataset, NULL,
&fetch->fetch);
if (result != ISC_R_SUCCESS)
goto cleanup;
if (type == dns_rdatatype_a) {
adbname->fetch_a = fetch;
inc_stats(adb, dns_resstatscounter_gluefetchv4);
} else {
adbname->fetch_aaaa = fetch;
inc_stats(adb, dns_resstatscounter_gluefetchv6);
}
fetch = NULL; /* Keep us from cleaning this up below. */
cleanup:
if (fetch != NULL)
free_adbfetch(adb, &fetch);
if (dns_rdataset_isassociated(&rdataset))
dns_rdataset_disassociate(&rdataset);
return (result);
}
/*
* XXXMLG Needs to take a find argument and an address info, no zone or adb,
* since these can be extracted from the find itself.
*/
isc_result_t
dns_adb_marklame(dns_adb_t *adb, dns_adbaddrinfo_t *addr, dns_name_t *qname,
dns_rdatatype_t qtype, isc_stdtime_t expire_time)
{
dns_adblameinfo_t *li;
int bucket;
isc_result_t result = ISC_R_SUCCESS;
REQUIRE(DNS_ADB_VALID(adb));
REQUIRE(DNS_ADBADDRINFO_VALID(addr));
REQUIRE(qname != NULL);
bucket = addr->entry->lock_bucket;
LOCK(&adb->entrylocks[bucket]);
li = ISC_LIST_HEAD(addr->entry->lameinfo);
while (li != NULL &&
(li->qtype != qtype || !dns_name_equal(qname, &li->qname)))
li = ISC_LIST_NEXT(li, plink);
if (li != NULL) {
if (expire_time > li->lame_timer)
li->lame_timer = expire_time;
goto unlock;
}
li = new_adblameinfo(adb, qname, qtype);
if (li == NULL) {
result = ISC_R_NOMEMORY;
goto unlock;
}
li->lame_timer = expire_time;
ISC_LIST_PREPEND(addr->entry->lameinfo, li, plink);
unlock:
UNLOCK(&adb->entrylocks[bucket]);
return (result);
}
void
dns_adb_adjustsrtt(dns_adb_t *adb, dns_adbaddrinfo_t *addr,
unsigned int rtt, unsigned int factor)
{
int bucket;
unsigned int new_srtt;
isc_stdtime_t now;
REQUIRE(DNS_ADB_VALID(adb));
REQUIRE(DNS_ADBADDRINFO_VALID(addr));
REQUIRE(factor <= 10);
bucket = addr->entry->lock_bucket;
LOCK(&adb->entrylocks[bucket]);
if (factor == DNS_ADB_RTTADJAGE)
new_srtt = addr->entry->srtt * 98 / 100;
else
new_srtt = (addr->entry->srtt / 10 * factor)
+ (rtt / 10 * (10 - factor));
addr->entry->srtt = new_srtt;
addr->srtt = new_srtt;
isc_stdtime_get(&now);
addr->entry->expires = now + ADB_ENTRY_WINDOW;
UNLOCK(&adb->entrylocks[bucket]);
}
void
dns_adb_changeflags(dns_adb_t *adb, dns_adbaddrinfo_t *addr,
unsigned int bits, unsigned int mask)
{
int bucket;
REQUIRE(DNS_ADB_VALID(adb));
REQUIRE(DNS_ADBADDRINFO_VALID(addr));
bucket = addr->entry->lock_bucket;
LOCK(&adb->entrylocks[bucket]);
addr->entry->flags = (addr->entry->flags & ~mask) | (bits & mask);
/*
* Note that we do not update the other bits in addr->flags with
* the most recent values from addr->entry->flags.
*/
addr->flags = (addr->flags & ~mask) | (bits & mask);
UNLOCK(&adb->entrylocks[bucket]);
}
isc_result_t
dns_adb_findaddrinfo(dns_adb_t *adb, isc_sockaddr_t *sa,
dns_adbaddrinfo_t **addrp, isc_stdtime_t now)
{
int bucket;
dns_adbentry_t *entry;
dns_adbaddrinfo_t *addr;
isc_result_t result;
in_port_t port;
REQUIRE(DNS_ADB_VALID(adb));
REQUIRE(addrp != NULL && *addrp == NULL);
UNUSED(now);
result = ISC_R_SUCCESS;
bucket = DNS_ADB_INVALIDBUCKET;
entry = find_entry_and_lock(adb, sa, &bucket, now);
if (adb->entry_sd[bucket]) {
result = ISC_R_SHUTTINGDOWN;
goto unlock;
}
if (entry == NULL) {
/*
* We don't know anything about this address.
*/
entry = new_adbentry(adb);
if (entry == NULL) {
result = ISC_R_NOMEMORY;
goto unlock;
}
entry->sockaddr = *sa;
link_entry(adb, bucket, entry);
DP(ENTER_LEVEL, "findaddrinfo: new entry %p", entry);
} else
DP(ENTER_LEVEL, "findaddrinfo: found entry %p", entry);
port = isc_sockaddr_getport(sa);
addr = new_adbaddrinfo(adb, entry, port);
if (addr == NULL) {
result = ISC_R_NOMEMORY;
} else {
inc_entry_refcnt(adb, entry, ISC_FALSE);
*addrp = addr;
}
unlock:
UNLOCK(&adb->entrylocks[bucket]);
return (result);
}
void
dns_adb_freeaddrinfo(dns_adb_t *adb, dns_adbaddrinfo_t **addrp) {
dns_adbaddrinfo_t *addr;
dns_adbentry_t *entry;
int bucket;
isc_stdtime_t now;
isc_boolean_t want_check_exit = ISC_FALSE;
isc_boolean_t overmem;
REQUIRE(DNS_ADB_VALID(adb));
REQUIRE(addrp != NULL);
addr = *addrp;
REQUIRE(DNS_ADBADDRINFO_VALID(addr));
entry = addr->entry;
REQUIRE(DNS_ADBENTRY_VALID(entry));
isc_stdtime_get(&now);
*addrp = NULL;
overmem = isc_mem_isovermem(adb->mctx);
bucket = addr->entry->lock_bucket;
LOCK(&adb->entrylocks[bucket]);
entry->expires = now + ADB_ENTRY_WINDOW;
want_check_exit = dec_entry_refcnt(adb, overmem, entry, ISC_FALSE);
UNLOCK(&adb->entrylocks[bucket]);
addr->entry = NULL;
free_adbaddrinfo(adb, &addr);
if (want_check_exit) {
LOCK(&adb->lock);
check_exit(adb);
UNLOCK(&adb->lock);
}
}
void
dns_adb_flush(dns_adb_t *adb) {
unsigned int i;
INSIST(DNS_ADB_VALID(adb));
LOCK(&adb->lock);
/*
* Call our cleanup routines.
*/
for (i = 0; i < NBUCKETS; i++)
RUNTIME_CHECK(cleanup_names(adb, i, INT_MAX) == ISC_FALSE);
for (i = 0; i < NBUCKETS; i++)
RUNTIME_CHECK(cleanup_entries(adb, i, INT_MAX) == ISC_FALSE);
#ifdef DUMP_ADB_AFTER_CLEANING
dump_adb(adb, stdout, ISC_TRUE, INT_MAX);
#endif
UNLOCK(&adb->lock);
}
void
dns_adb_flushname(dns_adb_t *adb, dns_name_t *name) {
dns_adbname_t *adbname;
dns_adbname_t *nextname;
int bucket;
INSIST(DNS_ADB_VALID(adb));
LOCK(&adb->lock);
bucket = dns_name_hash(name, ISC_FALSE) % NBUCKETS;
LOCK(&adb->namelocks[bucket]);
adbname = ISC_LIST_HEAD(adb->names[bucket]);
while (adbname != NULL) {
nextname = ISC_LIST_NEXT(adbname, plink);
if (!NAME_DEAD(adbname) &&
dns_name_equal(name, &adbname->name)) {
RUNTIME_CHECK(kill_name(&adbname,
DNS_EVENT_ADBCANCELED) ==
ISC_FALSE);
}
adbname = nextname;
}
UNLOCK(&adb->namelocks[bucket]);
UNLOCK(&adb->lock);
}
static void
water(void *arg, int mark) {
/*
* We're going to change the way to handle overmem condition: use
* isc_mem_isovermem() instead of storing the state via this callback,
* since the latter way tends to cause race conditions.
* To minimize the change, and in case we re-enable the callback
* approach, however, keep this function at the moment.
*/
dns_adb_t *adb = arg;
isc_boolean_t overmem = ISC_TF(mark == ISC_MEM_HIWATER);
REQUIRE(DNS_ADB_VALID(adb));
DP(ISC_LOG_DEBUG(1),
"adb reached %s water mark", overmem ? "high" : "low");
}
void
dns_adb_setadbsize(dns_adb_t *adb, isc_uint32_t size) {
isc_uint32_t hiwater;
isc_uint32_t lowater;
INSIST(DNS_ADB_VALID(adb));
if (size != 0 && size < DNS_ADB_MINADBSIZE)
size = DNS_ADB_MINADBSIZE;
hiwater = size - (size >> 3); /* Approximately 7/8ths. */
lowater = size - (size >> 2); /* Approximately 3/4ths. */
if (size == 0 || hiwater == 0 || lowater == 0)
isc_mem_setwater(adb->mctx, water, adb, 0, 0);
else
isc_mem_setwater(adb->mctx, water, adb, hiwater, lowater);
}
Reference in New Issue View Git Blame Copy Permalink