40 static const char* rrset_str =
"rrset";
48 log_rr(ldns_rr* rr,
const char* pre,
int level)
56 str = ldns_rr2str(rr);
58 ods_log_error(
"[%s] %s: Error converting RR to string", rrset_str,
62 str[(strlen(str))-1] =
'\0';
64 for (i=0; i < strlen(str); i++) {
100 log_rrset(ldns_rdf* dname, ldns_rr_type type,
const char* pre,
int level)
108 str = ldns_rdf2str(dname);
112 str[(strlen(str))-1] =
'\0';
114 for (i=0; i < strlen(str); i++) {
115 if (str[i] ==
'\t') {
123 ods_log_alert(
"[%s] %s: <%s,%s>", rrset_str, pre?pre:
"", str,
126 ods_log_crit(
"[%s] %s: <%s,%s>", rrset_str, pre?pre:
"", str,
129 ods_log_error(
"[%s] %s: <%s,%s>", rrset_str, pre?pre:
"", str,
135 ods_log_info(
"[%s] %s: <%s,%s>", rrset_str, pre?pre:
"", str,
141 ods_log_debug(
"[%s] %s: <%s,%s>", rrset_str, pre?pre:
"", str,
162 if (type == LDNS_RR_TYPE_IXFR) {
164 }
else if (type == LDNS_RR_TYPE_AXFR) {
166 }
else if (type == LDNS_RR_TYPE_MAILB) {
168 }
else if (type == LDNS_RR_TYPE_MAILA) {
170 }
else if (type == LDNS_RR_TYPE_ANY) {
173 const ldns_rr_descriptor* descriptor = ldns_rr_descript(type);
174 if (descriptor && descriptor->_name) {
175 return descriptor->_name;
191 if (!type || !zoneptr) {
197 ods_log_error(
"[%s] unable to create RRset %u: allocator_alloc() "
198 "failed", rrset_str, (
unsigned) type);
205 rrset->
zone = zoneptr;
221 ldns_status lstatus = LDNS_STATUS_OK;
225 if (!rrset || !rr || rrset->
rr_count <= 0) {
228 for (i=0; i < rrset->
rr_count; i++) {
230 if (lstatus != LDNS_STATUS_OK) {
231 ods_log_error(
"[%s] unable to lookup RR: compare failed (%s)",
232 rrset_str, ldns_get_errorstr_by_id(lstatus));
236 return &rrset->
rrs[i];
255 for (i=0; i < rrset->
rr_count; i++) {
279 rrs_old = rrset->
rrs;
283 ods_fatal_exit(
"[%s] fatal unable to add RR: allocator_alloc() failed",
318 rrset->
rrs[rrnum].
rr = NULL;
319 while (rrnum < rrset->rr_count-1) {
320 rrset->
rrs[rrnum] = rrset->
rrs[rrnum+1];
324 rrs_orig = rrset->
rrs;
328 ods_fatal_exit(
"[%s] fatal unable to delete RR: allocator_alloc() failed",
348 uint8_t del_sigs = 0;
353 for (i=0; i < rrset->
rr_count; i++) {
363 if ((rrset->
rrtype == LDNS_RR_TYPE_DNSKEY ||
364 rrset->
rrtype == LDNS_RR_TYPE_NSEC3PARAMS) && more_coming) {
401 const char* locator, uint32_t flags)
409 rrsigs_old = rrset->
rrsigs;
413 ods_fatal_exit(
"[%s] fatal unable to add RRSIG: allocator_alloc() failed",
417 memcpy(rrset->
rrsigs, rrsigs_old,
449 while (rrnum < rrset->rrsig_count-1) {
454 rrsigs_orig = rrset->
rrsigs;
458 ods_fatal_exit(
"[%s] fatal unable to delete RRSIG: allocator_alloc() failed",
461 memcpy(rrset->
rrsigs, rrsigs_orig,
474 rrset_recycle(
rrset_type* rrset, time_t signtime, ldns_rr_type dstatus,
475 ldns_rr_type delegpt)
477 uint32_t refresh = 0;
478 uint32_t expiration = 0;
479 uint32_t inception = 0;
480 uint32_t reusedsigs = 0;
481 unsigned drop_sig = 0;
492 refresh = (uint32_t) (signtime +
499 if (dstatus != LDNS_RR_TYPE_SOA || (delegpt != LDNS_RR_TYPE_SOA &&
500 rrset->
rrtype != LDNS_RR_TYPE_DS)) {
502 goto recycle_drop_sig;
505 (delegpt == LDNS_RR_TYPE_SOA || rrset->
rrtype == LDNS_RR_TYPE_DS));
508 if (rrset->
needs_signing || refresh <= (uint32_t) signtime) {
510 goto recycle_drop_sig;
513 expiration = ldns_rdf2native_int32(
514 ldns_rr_rrsig_expiration(rrset->
rrsigs[i].
rr));
515 if (expiration < refresh) {
517 goto recycle_drop_sig;
520 inception = ldns_rdf2native_int32(
521 ldns_rr_rrsig_inception(rrset->
rrsigs[i].
rr));
522 if (inception > (uint32_t) signtime) {
524 goto recycle_drop_sig;
556 rrset_sigalgo(
rrset_type* rrset, uint8_t algorithm)
563 if (algorithm == ldns_rdf2native_int8(
564 ldns_rr_rrsig_algorithm(rrset->
rrsigs[i].
rr))) {
577 rrset_siglocator(
rrset_type* rrset,
const char* locator)
599 ldns_rr_list* rr_list = NULL;
602 rr_list = ldns_rr_list_new();
603 for (i=0; i < rrset->
rr_count; i++) {
609 ldns_rr2canonical(rrset->
rrs[i].
rr);
610 ret = (int) ldns_rr_list_push_rr(rr_list, rrset->
rrs[i].
rr);
612 ldns_rr_list_free(rr_list);
615 if (rrset->
rrtype == LDNS_RR_TYPE_CNAME ||
616 rrset->
rrtype == LDNS_RR_TYPE_DNAME) {
621 ldns_rr_list_sort(rr_list);
631 rrset_sigvalid_period(
signconf_type* sc, ldns_rr_type rrtype, time_t signtime,
632 time_t* inception, time_t* expiration)
637 time_t random_jitter = 0;
638 if (!sc || !rrtype || !signtime) {
646 if (rrtype == LDNS_RR_TYPE_NSEC || rrtype == LDNS_RR_TYPE_NSEC3) {
651 *inception = signtime - offset;
652 *expiration = (signtime + validity + random_jitter) - jitter;
665 uint32_t newsigs = 0;
666 uint32_t reusedsigs = 0;
667 ldns_rr* rrsig = NULL;
668 ldns_rr_list* rr_list = NULL;
670 const char* locator = NULL;
671 time_t inception = 0;
672 time_t expiration = 0;
675 ldns_rr_type dstatus = LDNS_RR_TYPE_FIRST;
676 ldns_rr_type delegpt = LDNS_RR_TYPE_FIRST;
684 if (rrset->
rrtype == LDNS_RR_TYPE_NSEC ||
685 rrset->
rrtype == LDNS_RR_TYPE_NSEC3) {
686 dstatus = LDNS_RR_TYPE_SOA;
687 delegpt = LDNS_RR_TYPE_SOA;
693 reusedsigs = rrset_recycle(rrset, signtime, dstatus, delegpt);
700 if (dstatus != LDNS_RR_TYPE_SOA) {
705 if (delegpt != LDNS_RR_TYPE_SOA && rrset->
rrtype != LDNS_RR_TYPE_DS) {
714 (delegpt == LDNS_RR_TYPE_SOA || rrset->
rrtype == LDNS_RR_TYPE_DS));
716 rr_list = rrset2rrlist(rrset);
718 ods_log_error(
"[%s] unable to sign RRset[%i]: rrset2rrlist() failed",
719 rrset_str, rrset->
rrtype);
722 if (ldns_rr_list_rr_count(rr_list) <= 0) {
724 ldns_rr_list_free(rr_list);
729 &inception, &expiration);
734 rrset->
rrtype != LDNS_RR_TYPE_DNSKEY) {
739 rrset->
rrtype == LDNS_RR_TYPE_DNSKEY) {
746 if (rrset->
rrtype != LDNS_RR_TYPE_DNSKEY &&
760 zone->
apex, inception, expiration);
762 ods_log_crit(
"[%s] unable to sign RRset[%i]: lhsm_sign() failed",
763 rrset_str, rrset->
rrtype);
764 ldns_rr_list_free(rr_list);
780 ldns_rr_list_free(rr_list);
782 if (rrset->
rrtype == LDNS_RR_TYPE_SOA) {
804 ods_log_crit(
"[%s] unable to print RRset: rrset or fd missing",
811 for (i=0; i < rrset->
rr_count; i++) {
814 if (rrset->
rrtype == LDNS_RR_TYPE_CNAME ||
815 rrset->
rrtype == LDNS_RR_TYPE_DNAME) {
863 for (i=0; i < rrset->
rr_count; i++) {
864 ldns_rr_free(rrset->
rrs[i].
rr);
893 str = ldns_rr2str(rrset->
rrsigs[i].
rr);
897 str[(strlen(str))-1] =
'\0';
898 fprintf(fd,
"%s; {locator %s flags %u}\n", str,