HardenedBSD/contrib/bind/bin/named/db_update.c
Jeroen Ruigrok van der Werven a1f80258eb Virgin import of BIND v8.2.3-T5B
2000-05-26 07:17:19 +00:00

990 lines
28 KiB
C

#if !defined(lint) && !defined(SABER)
static const char sccsid[] = "@(#)db_update.c 4.28 (Berkeley) 3/21/91";
static const char rcsid[] = "$Id: db_update.c,v 8.42 2000/04/21 06:54:04 vixie Exp $";
#endif /* not lint */
/*
* Copyright (c) 1986, 1990
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/*
* Portions Copyright (c) 1993 by Digital Equipment Corporation.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies, and that
* the name of Digital Equipment Corporation not be used in advertising or
* publicity pertaining to distribution of the document or software without
* specific, written prior permission.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND DIGITAL EQUIPMENT CORP. DISCLAIMS ALL
* WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DIGITAL EQUIPMENT
* CORPORATION BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
* DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
* PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
* ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
* SOFTWARE.
*/
/*
* Portions Copyright (c) 1996-2000 by Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
* ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
* CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
* DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
* PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
* ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
* SOFTWARE.
*/
#include "port_before.h"
#include <sys/types.h>
#include <sys/param.h>
#include <sys/socket.h>
#include <sys/un.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <arpa/nameser.h>
#include <resolv.h>
#include <stdio.h>
#include <string.h>
#include <syslog.h>
#include <time.h>
#include <isc/eventlib.h>
#include <isc/logging.h>
#include "port_after.h"
#include "named.h"
/* int
* isRefByNS(name, htp)
* recurse through all of `htp' looking for NS RR's that refer to `name'.
* returns:
* nonzero if at least one such NS RR exists
* cautions:
* this is very expensive; probably you only want to use on fcachetab.
*/
static int
isRefByNS(const char *name, struct hashbuf *htp) {
struct namebuf *np;
struct databuf *dp;
for (np = htp->h_tab[0]; np != NULL; np = np->n_next) {
for (dp = np->n_data; dp != NULL; dp = dp->d_next) {
if ((dp->d_class == C_ANY ||
dp->d_class == C_IN ||
dp->d_class == C_HS) &&
dp->d_type == T_NS &&
!dp->d_rcode &&
ns_samename(name, (char *)dp->d_data) == 1) {
return (1);
}
}
if (np->n_hash && isRefByNS(name, np->n_hash))
return (1);
}
return (0);
}
/* int
* findMyZone(struct namebuf *np, int class)
* surf the zone cuts and find this zone the hard way
* return value:
* zone number or DB_Z_CACHE if it's outside a zone
* interesting cases:
* DEC.COM SOA (primary)
* CRL.DEC.COM NS (in primary)
* if you start at CRL.. here, you find the DEC.COM zone
* if you start at NS.CRL.. here, you're in the cache
* DEC.COM SOA (primary)
* CRL.DEC.COM NS (in primary)
* CRL.DEC.COM SOA (secondary)
* CRL.DEC.COM NS (in secondary)
* if you start at CRL.. here, you find the CRL.DEC.COM zone
* if you start at NS.CRL.. here, you're in the CRL.. zone
*/
int
findMyZone(struct namebuf *np, int class) {
for ((void)NULL; np; np = np_parent(np)) {
struct databuf *dp;
/* if we encounter an SOA, we're in its zone (which can be
* the cache or an authoritative zone, depending).
*/
for (dp = np->n_data; dp; dp = dp->d_next)
if (match(dp, class, T_SOA) && dp->d_type == T_SOA)
return (dp->d_zone);
/* if we find an NS at some node without having seen an SOA
* (above), then we're out in the cache somewhere.
*/
for (dp = np->n_data; dp; dp = dp->d_next)
if (match(dp, class, T_NS) && dp->d_type == T_NS)
return (DB_Z_CACHE);
}
/* The cache has not yet been primed. */
return (DB_Z_CACHE);
}
/* int
* db_update(name, odp, newdp, savedpp, flags, htp, from)
* update data base node at `name'. `flags' controls the action.
* side effects:
* inverse query tables modified, if we're using them.
* return value:
* OK - success
* NONAME - name doesn't exist
* AUTH - you can't do that
* DATAEXISTS - there's something there and DB_NODATA was specified
* NODATA - there's no data, and (DB_DELETE or DB_MEXIST) was spec'd
*
* Policy: How to add data if one more RR is -ve data
*
* NEND NOERROR_NODATA
* NXD NXDOMAIN
*
* match
* old
* Data NEND NXD
* Data Merge Data Data
* new NEND NEND NEND NEND
* NXD NXD NXD NXD
*
* no match
* old
* Data NEND NXD
* Data Merge Merge Data
* new NEND Merge Merge NEND
* NXD NXD NXD NXD
*
*/
/* XXX: this code calls nlookup, which can create namebuf's. if this code
* has to exit with a fatal error, it should scan from the new np upward
* and for each node which has no children and no data it should remove
* the namebuf. design notes: (1) there's no harm in doing this even if
* success occurred; (2) stopping on the first nonremovable np is optimal;
* the code for removal should be taken out of clean_cache() and made
* general enough for this use, and for clean_cache()'s continued use.
* vix, 21jul94
*/
int
db_update(const char *name,
struct databuf *odp, struct databuf *newdp,
struct databuf **savedpp,
int flags, struct hashbuf *htp, struct sockaddr_in from)
{
struct databuf *dp, *pdp;
struct namebuf *np;
int zn, isHintNS;
int check_ttl = 0;
int deleted_something = 0;
const char *fname;
#ifdef BIND_UPDATE
int found_other_ns = 0;
struct databuf *tmpdp;
#endif
ns_debug(ns_log_db, 3, "db_update(%s, %#x, %#x, %#x, 0%o, %#x)%s",
name, odp, newdp, savedpp, flags, htp,
(odp && (odp->d_flags&DB_F_HINT)) ? " hint" : "");
np = nlookup(name, &htp, &fname, newdp != NULL);
if (np == NULL || fname != name)
return (NONAME);
if (newdp && zones[newdp->d_zone].z_type == Z_PRIMARY)
check_ttl = 1;
/* don't let nonauthoritative updates write in authority zones */
if (newdp && ((zn = findMyZone(np, newdp->d_class)) != DB_Z_CACHE) &&
#ifdef STUBS
(zones[zn].z_type != Z_STUB) &&
#endif
(flags & DB_NOTAUTH)) {
int foundRR = 0;
/*
* Don't generate the warning if the update
* would have been harmless (identical data).
*/
for (dp = np->n_data; dp != NULL; dp = dp->d_next) {
if (!db_cmp(dp, newdp)) {
foundRR++;
break;
}
}
if (!foundRR)
ns_debug(ns_log_db, 5,
"[%s].%d update? to auth zone \"%s\" (%s)",
inet_ntoa(from.sin_addr),
ntohs(from.sin_port),
zones[zn].z_origin,
name);
return (AUTH);
}
if (newdp && zn && !(flags & DB_NOTAUTH)) {
if (nlabels(zones[zn].z_origin) > newdp->d_clev) {
ns_debug(ns_log_db, 5,
"attempted update child zone %s, %s",
zones[zn].z_origin, name);
return (AUTH);
}
}
/* some special checks for root NS' A RR's */
isHintNS = isRefByNS(name, fcachetab);
#ifdef DEPRECATED
if (newdp && isHintNS && newdp->d_type == T_A) {
/* upgrade credibility of additional data for rootsrv addrs */
if (newdp->d_cred == DB_C_ADDITIONAL) {
ns_debug(ns_log_db, 3,
"upgrading credibility for A RR (%s)",
name);
/* XXX: should copy NS RR's, but we really just want
* to prevent deprecation later so this will do.
*/
newdp->d_cred = DB_C_ANSWER;
newdp->d_clev = 0;
}
}
#endif
/* Reflect certain updates in hint cache also... */
/* Don't stick data we are authoritative for in hints. */
if (!(flags & DB_NOHINTS) &&
(flags & DB_PRIMING) &&
(odp != NULL) &&
(htp != fcachetab) &&
(DB_Z_SPECIAL(odp->d_zone)) &&
!(odp->d_flags & DB_F_HINT) &&
(!newdp || !newdp->d_rcode) &&
((name[0] == '\0' && odp->d_type == T_NS) ||
(odp->d_type == T_A && isHintNS)
)
)
{
ns_debug(ns_log_db, 3, "db_update: hint '%s' %u",
name, odp->d_ttl);
dp = savedata(odp->d_class, odp->d_type, odp->d_ttl,
odp->d_data, odp->d_size);
dp->d_zone = DB_Z_CACHE;
dp->d_flags = DB_F_HINT;
dp->d_cred = DB_C_CACHE;
dp->d_secure = odp->d_secure; /* BEW - this should be ok */
dp->d_clev = 0;
if (db_update(name,
dp, dp, NULL,
(flags|DB_NOHINTS),
fcachetab, from)
!= OK) {
ns_debug(ns_log_db, 3,
"db_update: hint %#x freed", dp);
db_freedata(dp);
}
}
if (odp != NULL) {
int foundRR = 0;
pdp = NULL;
for (dp = np->n_data; dp != NULL; ) {
if (!rrmatch(name, dp, odp)) {
/* {class,type} doesn't match. these are
* the aggregation cases.
*/
/* Check that CNAMEs are only accompanied by
* Secure DNS RR's (KEY, SIG, and NXT).
*/
if (((dp->d_type == T_CNAME &&
odp->d_type != T_KEY &&
odp->d_type != T_SIG &&
odp->d_type != T_NXT) ||
(odp->d_type == T_CNAME &&
dp->d_type != T_KEY &&
dp->d_type != T_SIG &&
dp->d_type != T_NXT)) &&
odp->d_class == dp->d_class &&
/* XXXRTH d_mark removed in 4.9.5,
but still here for dynamic
update */
odp->d_mark == dp->d_mark &&
!dp->d_rcode &&
!odp->d_rcode &&
#ifdef BIND_UPDATE
/* updating a CNAME with another CNAME is permitted */
(dp->d_type != T_CNAME ||
odp->d_type != T_CNAME) &&
#endif
zones[odp->d_zone].z_type != Z_CACHE) {
ns_info(ns_log_db,
"%s has CNAME and other data (invalid)",
name);
if (zones[odp->d_zone].z_type ==
Z_PRIMARY)
return (CNAMEANDOTHER);
goto skip;
}
if (!newdp || newdp->d_class != dp->d_class)
goto skip;
/* if the new data is authorative
* remove any data for this domain with
* the same class that isn't as credable
*/
if (newdp->d_cred == DB_C_ZONE &&
newdp->d_cred > dp->d_cred)
/* better credibility and the old datum
* was not from a zone file. remove
* the old datum.
*/
goto delete;
#if 0 /* caught by findMyZone() now. */
/* if we have authoritative data for a
* node, don't add in other data.
*/
if (dp->d_cred == DB_C_ZONE &&
newdp->d_cred < dp->d_cred)
return (AUTH);
#endif
/* if the new data is authoritative
* but isn't as credible, reject it.
*/
if (newdp->d_cred == DB_C_ZONE &&
dp->d_cred == DB_C_ZONE) {
/* Both records are from a zone file.
* If their credibility levels differ,
* we're dealing with a zone cut. The
* record with lower clev is from the
* upper zone's file and is therefore
* glue.
*/
/* BEW/OG: we see no reason to override
* these rules with new security based
* rules.
*/
if (newdp->d_clev < dp->d_clev) {
if (!ISVALIDGLUE(newdp)) {
ns_info(ns_log_db,
"domain %s %s record in zone %s should be in zone %s, ignored",
name, p_type(newdp->d_type),
zones[newdp->d_zone].z_origin,
zones[dp->d_zone].z_origin);
}
return (AUTH);
}
if (newdp->d_clev > dp->d_clev) {
if (!ISVALIDGLUE(dp)) {
ns_info(ns_log_db,
"domain %s %s record in zone %s should be in zone %s, deleted",
name, p_type(dp->d_type),
zones[dp->d_zone].z_origin,
zones[newdp->d_zone].z_origin);
}
goto delete;
}
}
/* process NXDOMAIN */
/* policy */
if (newdp->d_rcode == NXDOMAIN) {
if (dp->d_cred < DB_C_AUTH &&
newdp->d_secure >= dp->d_secure)
goto delete;
else
return (DATAEXISTS);
}
if (dp->d_rcode == NXDOMAIN)
goto delete;
/* process NOERROR_NODATA */
/* NO PROCESSING REQUIRED */
goto skip;
} /*if {class,type} did not match*/
/*
* {type,class} did match. This is the replace case.
*/
ns_debug(ns_log_db, 5,
"db_update: flags = %#x, sizes = %d, %d (cmp %d)",
flags, odp->d_size, dp->d_size,
db_cmp(dp, odp));
if (newdp) {
ns_debug(ns_log_db, 4,
"credibility for %s is %d(%d)(sec %d) from [%s].%d, is %d(%d)(sec %d) in cache",
*name ? name : ".",
newdp->d_cred,
newdp->d_clev,
newdp->d_secure,
inet_ntoa(from.sin_addr),
ntohs(from.sin_port),
dp->d_cred,
dp->d_secure,
dp->d_clev);
if ((newdp->d_secure > dp->d_secure) ||
(newdp->d_secure == dp->d_secure &&
(newdp->d_cred > dp->d_cred)))
{
/* better credibility / security.
* remove the old datum.
*/
goto delete;
}
if ((newdp->d_secure < dp->d_secure) ||
(newdp->d_secure == dp->d_secure &&
(newdp->d_cred < dp->d_cred)))
{
/* credibility / security is worse.
* ignore it.
*/
return (AUTH);
}
/* BEW/OG: from above, we know the security
* levels are the same.
*/
if (newdp->d_cred == DB_C_ZONE &&
dp->d_cred == DB_C_ZONE ) {
/* Both records are from a zone file.
* If their credibility levels differ,
* we're dealing with a zone cut. The
* record with lower clev is from the
* upper zone's file and is therefore
* glue.
*/
/* XXX - Tricky situation here is you
* have 2 zones a.b.c and sub.a.b.c
* being served by the same server.
* named will send NS records for
* sub.a.b.c during zone transfer of
* a.b.c zone. If we're secondary for
* both zones, and we reload zone
* a.b.c, we'll get the NS records
* (and possibly A records to go with
* them?) for sub.a.b.c as part of the
* a.b.c zone transfer. But we've
* already got a more credible record
* from the sub.a.b.c zone. So we want
* to ignore the new record, but we
* shouldn't syslog because there's
* nothing the user can do to prevent
* the situation. Perhaps we should
* only complain when we are primary?
*/
if (newdp->d_clev < dp->d_clev) {
if (!ISVALIDGLUE(newdp)) {
ns_info(ns_log_db,
"domain %s %s record in zone %s should be in zone %s, ignored",
name, p_type(newdp->d_type),
zones[newdp->d_zone].z_origin,
zones[dp->d_zone].z_origin);
}
return (AUTH);
}
if (newdp->d_clev > dp->d_clev) {
if (!ISVALIDGLUE(dp)) {
ns_info(ns_log_db,
"domain %s %s record in zone %s should be in zone %s, deleted",
name, p_type(dp->d_type),
zones[dp->d_zone].z_origin,
zones[newdp->d_zone].z_origin);
}
goto delete;
}
}
/* credibility is the same.
* let it aggregate in the normal way.
*/
/*
* if the new or old RR is -ve, delete old.
*/
if (dp->d_rcode || newdp->d_rcode) {
/* XXX: how can a zone rr be neg? */
if (dp->d_cred != DB_C_ZONE)
goto delete;
else
return (DATAEXISTS);
}
/*
* Some RR types should not be aggregated.
*/
if (dp->d_type == T_SOA) {
#ifdef BIND_UPDATE
u_int32_t dp_ser, ndp_ser;
u_char *dp_cp, *ndp_cp;
dp_cp = findsoaserial(dp->d_data);
ndp_cp = findsoaserial(newdp->d_data);
GETLONG(dp_ser, dp_cp);
GETLONG(ndp_ser, ndp_cp);
if (SEQ_GT(ndp_ser, dp_ser))
goto delete;
else
return (SERIAL);
#else
goto delete;
#endif /*BIND_UPDATE*/
}
if (dp->d_type == T_WKS &&
!memcmp(dp->d_data, newdp->d_data,
INT32SZ + sizeof(u_char)))
goto delete;
if (dp->d_type == T_CNAME &&
!NS_OPTION_P(OPTION_MULTIPLE_CNAMES) &&
db_cmp(dp, odp) != 0)
if ((flags & DB_REPLACE) == 0 &&
zones[dp->d_zone].z_type ==
Z_PRIMARY) {
ns_warning(ns_log_db,
"%s has multiple CNAMES",
name);
return (CNAMEANDOTHER);
} else
goto delete;
#if 0
/* BEW - this _seriously_ breaks DNSSEC. Is it necessary for dynamic update? */
#ifdef BIND_UPDATE
if (dp->d_type == T_SIG)
/*
* Type covered has already been
* checked.
*/
goto delete;
#endif
#endif
if (dp->d_type == T_NXT) {
goto delete;
}
if (dp->d_type == T_SIG &&
SIG_COVERS(dp) == T_NXT) {
struct sig_record *sr1, *sr2;
sr1 = (struct sig_record *) dp->d_data;
sr2 = (struct sig_record *)
newdp->d_data;
if (sr1->sig_alg_n == sr2->sig_alg_n)
goto delete;
}
if (check_ttl) {
if (newdp->d_ttl != dp->d_ttl)
ns_warning(ns_log_db,
"%s %s %s differing ttls: corrected",
name[0]?name:".",
p_class(dp->d_class),
p_type(dp->d_type));
if (newdp->d_ttl > dp->d_ttl) {
newdp->d_ttl = dp->d_ttl;
} else {
dp->d_ttl = newdp->d_ttl;
}
}
}
if ((flags & DB_NODATA) && !db_cmp(dp, odp)) {
/* Refresh ttl if cache entry. */
if (dp->d_zone == DB_Z_CACHE) {
if (odp->d_zone != DB_Z_CACHE) {
/* Changing cache->auth. */
dp->d_zone = odp->d_zone;
dp->d_ttl = odp->d_ttl;
ns_debug(ns_log_db, 4,
"db_update: cache entry now in auth zone");
return (DATAEXISTS);
}
fixttl(odp);
if (odp->d_ttl > dp->d_ttl)
dp->d_ttl = odp->d_ttl;
ns_debug(ns_log_db, 3,
"db_update: new ttl %u +%lu",
dp->d_ttl,
(u_long)(dp->d_ttl - tt.tv_sec)
);
}
return (DATAEXISTS);
}
/*
* If the old databuf has some data, check that the
* data matches that in the new databuf.
*/
if (odp->d_size > 0)
if (db_cmp(dp, odp))
goto skip;
if (odp->d_clev < dp->d_clev)
goto skip;
if ((odp->d_secure < dp->d_secure) ||
((odp->d_secure == dp->d_secure) &&
(odp->d_cred < dp->d_cred)))
goto skip;
#ifdef BIND_UPDATE
if (ns_samename(name, zones[dp->d_zone].z_origin) == 1
&& newdp == NULL) {
/* do not delete SOA or NS records as a set */
/* XXXRTH isn't testing d_size unnecessary? */
if ((odp->d_size == 0) &&
(odp->d_class == C_ANY) &&
(odp->d_type == T_ANY ||
odp->d_type == T_SOA ||
odp->d_type == T_NS) &&
(dp->d_type == T_SOA ||
dp->d_type == T_NS))
goto skip;
/* XXXRTH I added this to prevent SOA deletion
I'm using the same style of comparison as
the other code in this section. Do we
really need to look at dp->d_type here?
We're in the "match" section... */
if ((odp->d_type == T_SOA) &&
(dp->d_type == T_SOA))
goto skip;
/* do not delete the last NS record
for the zone */
if ((odp->d_type == T_NS) &&
(dp->d_type == T_NS)) {
found_other_ns = 0;
for (tmpdp = np->n_data;
tmpdp && !found_other_ns;
tmpdp = tmpdp->d_next)
if ((tmpdp->d_type == T_NS) &&
(tmpdp != dp))
found_other_ns = 1;
if (!found_other_ns) {
ns_debug(ns_log_db, 3,
"cannot delete last remaining NS record for zone %s",
name);
goto skip;
}
}
}
#endif
foundRR = 1;
if (flags & DB_DELETE) {
delete:
#ifdef BIND_UPDATE
/*
* XXX assume here that savedpp!=NULL iff. db_update
* has been called by the dyanmic update code.
* Maybe a new flag is more appropriate?
*/
if (savedpp != NULL)
foundRR = 1;
#endif
deleted_something = 1;
dp = rm_datum(dp, np, pdp, savedpp);
} else {
skip: pdp = dp;
dp = dp->d_next;
}
}
if (!foundRR) {
if (flags & DB_DELETE)
return (NODATA);
if (flags & DB_MEXIST)
return (NODATA);
}
}
if (newdp == NULL) {
if (deleted_something) {
while (np->n_data == NULL && np->n_hash == NULL) {
np = purge_node(htp, np);
if (np == NULL)
break;
}
}
return (OK);
}
/* XXX: empty nodes bypass credibility checks above; should check
* response source address here if flags&NOTAUTH.
*/
fixttl(newdp);
ns_debug(ns_log_db, 3, "db_update: adding%s %#x",
(newdp->d_flags&DB_F_HINT) ? " hint":"", newdp);
if (NS_OPTION_P(OPTION_HOSTSTATS) &&
newdp->d_zone == DB_Z_CACHE &&
(newdp->d_flags & DB_F_HINT) == 0)
newdp->d_ns = nameserFind(from.sin_addr, NS_F_INSERT);
/* Add to end of list, generally preserving order */
newdp->d_next = NULL;
if ((dp = np->n_data) == NULL) {
DRCNTINC(newdp);
if (newdp->d_flags & DB_F_ACTIVE)
panic("db_update: DB_F_ACTIVE set", NULL);
newdp->d_flags |= DB_F_ACTIVE;
np->n_data = newdp;
return (OK);
}
while (dp->d_next != NULL) {
if ((flags & DB_NODATA) && !db_cmp(dp, newdp))
return (DATAEXISTS);
dp = dp->d_next;
}
if ((flags & DB_NODATA) && !db_cmp(dp, newdp))
return (DATAEXISTS);
DRCNTINC(newdp);
if (newdp->d_flags & DB_F_ACTIVE)
panic("db_update: DB_F_ACTIVE set", NULL);
newdp->d_flags |= DB_F_ACTIVE;
dp->d_next = newdp;
return (OK);
}
void
fixttl(struct databuf *dp) {
if (dp->d_zone == DB_Z_CACHE && (dp->d_flags & DB_F_HINT) == 0) {
if (dp->d_ttl <= (u_int32_t)tt.tv_sec)
return;
else if (dp->d_ttl < (u_int32_t)tt.tv_sec+min_cache_ttl)
dp->d_ttl = (u_int32_t)tt.tv_sec+min_cache_ttl;
else if (dp->d_ttl > (u_int32_t)tt.tv_sec+max_cache_ttl)
dp->d_ttl = (u_int32_t)tt.tv_sec+max_cache_ttl;
}
}
/*
* Compare type, class and data from databufs for equivalence.
* All domain names in RR's must be compared case-insensitively.
* Return 0 if equivalent, nonzero otherwise.
*/
int
db_cmp(const struct databuf *dp1, const struct databuf *dp2) {
const u_char *cp1, *cp2;
int len, len2;
/* XXXDYNUP- should be changed to
if (!match(dp1, dp2->d_type, dp2->d_class) */
if (dp1->d_type != dp2->d_type || dp1->d_class != dp2->d_class)
return (1);
/* XXXDYNUP - should be changed to (dp1->d_size != dp2->d_size &&
dp1->d_size != 0 && dp2->d_size != 0) */
if (dp1->d_size != dp2->d_size)
return (1);
/* d_mark is only used for dynamic updates currently */
#ifndef BIND_UPDATE
if (dp1->d_mark != dp2->d_mark)
return (1); /* old and new RR's are distinct */
#endif
if (dp1->d_rcode && dp2->d_rcode)
return ((dp1->d_rcode == dp1->d_rcode)?0:1);
if (dp1->d_rcode || dp2->d_rcode)
return (1);
switch (dp1->d_type) {
case T_A:
case T_WKS:
case T_NULL:
case T_NSAP:
case T_AAAA:
case T_LOC:
case T_KEY:
/* Only binary data */
return (memcmp(dp1->d_data, dp2->d_data, dp1->d_size));
case T_NS:
case T_CNAME:
case T_PTR:
case T_MB:
case T_MG:
case T_MR:
/* Only a domain name */
if (ns_samename((char *)dp1->d_data, (char *)dp2->d_data) == 1)
return (0);
else
return (1);
case T_SIG:
/* Binary data, a domain name, more binary data */
if (dp1->d_size < NS_SIG_SIGNER)
return (1);
if (memcmp(dp1->d_data, dp2->d_data, NS_SIG_SIGNER))
return (1);
len = NS_SIG_SIGNER +
strlen((char *)dp1->d_data + NS_SIG_SIGNER);
if (ns_samename((char *)dp1->d_data + NS_SIG_SIGNER,
(char *)dp2->d_data + NS_SIG_SIGNER) != 1)
return (1);
return (memcmp(dp1->d_data + len,
dp2->d_data + len,
dp1->d_size - len));
case T_NXT:
/* First a domain name, then binary data */
if (ns_samename((char *)dp1->d_data, (char *)dp2->d_data) != 1)
return (1);
len = strlen((char *)dp1->d_data)+1;
return (memcmp(dp1->d_data + len,
dp2->d_data + len,
dp1->d_size - len));
case T_HINFO:
case T_ISDN:
cp1 = dp1->d_data;
cp2 = dp2->d_data;
len = *cp1;
len2 = *cp2;
if (len != len2)
return (1);
if (strncasecmp((char *)++cp1, (char *)++cp2, len))
return (1);
cp1 += len;
cp2 += len;
len = *cp1;
len2 = *cp2;
if (len != len2)
return (1);
return (strncasecmp((char *)++cp1, (char *)++cp2, len));
case T_SOA:
case T_MINFO:
case T_RP:
if (ns_samename((char *)dp1->d_data, (char *)dp2->d_data) != 1)
return (1);
cp1 = dp1->d_data + strlen((char *)dp1->d_data) + 1;
cp2 = dp2->d_data + strlen((char *)dp2->d_data) + 1;
if (ns_samename((char *)cp1, (char *)cp2) != 1)
return (1);
if (dp1->d_type != T_SOA)
return (0);
cp1 += strlen((char *)cp1) + 1;
cp2 += strlen((char *)cp2) + 1;
return (memcmp(cp1, cp2, INT32SZ * 5));
case T_NAPTR: {
int t1,t2;
if (dp1->d_size != dp2->d_size)
return (1);
cp1 = dp1->d_data;
cp2 = dp2->d_data;
/* Order */
if (*cp1++ != *cp2++ || *cp1++ != *cp2++)
return (1);
/* Preference */
if (*cp1++ != *cp2++ || *cp1++ != *cp2++)
return (1);
/* Flags */
t1 = *cp1++; t2 = *cp2++;
if (t1 != t2 || memcmp(cp1, cp2, t1))
return (1);
cp1 += t1; cp2 += t2;
/* Services */
t1 = *cp1++; t2 = *cp2++;
if (t1 != t2 || memcmp(cp1, cp2, t1))
return (1);
cp1 += t1; cp2 += t2;
/* Regexp */
t1 = *cp1++; t2 = *cp2++;
if (t1 != t2 || memcmp(cp1, cp2, t1))
return (1);
cp1 += t1; cp2 += t2;
/* Replacement */
t1 = strlen((char *)cp1); t2 = strlen((char *)cp2);
if (t1 != t2 || memcmp(cp1, cp2, t1))
return (1);
cp1 += t1 + 1; cp2 += t2 + 1;
/* they all checked out! */
return (0);
}
case T_MX:
case T_AFSDB:
case T_RT:
case T_SRV:
cp1 = dp1->d_data;
cp2 = dp2->d_data;
if (*cp1++ != *cp2++ || *cp1++ != *cp2++) /* cmp prio */
return (1);
if (dp1->d_type == T_SRV) {
if (*cp1++ != *cp2++ || *cp1++ != *cp2++) /* weight */
return (1);
if (*cp1++ != *cp2++ || *cp1++ != *cp2++) /* port */
return (1);
}
if (ns_samename((char *)cp1, (char *)cp2) != 1)
return (1);
return (0);
case T_PX:
cp1 = dp1->d_data;
cp2 = dp2->d_data;
if (*cp1++ != *cp2++ || *cp1++ != *cp2++) /* cmp prio */
return (1);
if (ns_samename((char *)cp1, (char *)cp2) != 1)
return (1);
cp1 += strlen((char *)cp1) + 1;
cp2 += strlen((char *)cp2) + 1;
if (ns_samename((char *)cp1, (char *)cp2) != 1)
return (1);
return (0);
case T_TXT:
case T_X25:
if (dp1->d_size != dp2->d_size)
return (1);
return (memcmp(dp1->d_data, dp2->d_data, dp1->d_size));
default:
return (1);
}
}