3 * Functions for RFC 2136 Dynamic Update
5 * Copyright (c) 2005-2008, NLnet Labs. All rights reserved.
7 * See LICENSE for the license.
10 #include <ldns/config.h>
12 #include <ldns/ldns.h>
19 * RFC 2136 sections mapped to RFC 1035:
20 * zone/ZO -- QD/question
21 * prerequisites/PR -- AN/answers
22 * updates/UP -- NS/authority records
23 * additional data/AD -- AR/additional records
27 ldns_update_pkt_new(ldns_rdf *zone_rdf, ldns_rr_class c,
28 ldns_rr_list *pr_rrlist, ldns_rr_list *up_rrlist, ldns_rr_list *ad_rrlist)
32 if (!zone_rdf || !up_rrlist) {
40 /* Create packet, fill in Zone Section. */
41 p = ldns_pkt_query_new(zone_rdf, LDNS_RR_TYPE_SOA, c, LDNS_RD);
45 zone_rdf = NULL; /* No longer safe to use. */
47 ldns_pkt_set_opcode(p, LDNS_PACKET_UPDATE);
49 ldns_rr_list_deep_free(p->_authority);
51 ldns_pkt_set_authority(p, ldns_rr_list_clone(up_rrlist));
53 ldns_update_set_upcount(p, ldns_rr_list_rr_count(up_rrlist));
56 ldns_rr_list_deep_free(p->_answer); /*XXX access function */
57 ldns_pkt_set_answer(p, ldns_rr_list_clone(pr_rrlist));
58 ldns_update_set_prcount(p, ldns_rr_list_rr_count(pr_rrlist));
62 ldns_rr_list_deep_free(p->_additional);
63 ldns_pkt_set_additional(p, ldns_rr_list_clone(ad_rrlist));
64 ldns_update_set_adcount(p, ldns_rr_list_rr_count(ad_rrlist));
70 ldns_update_pkt_tsig_add(ldns_pkt *p, ldns_resolver *r)
73 uint16_t fudge = 300; /* Recommended fudge. [RFC2845 6.4] */
74 if (ldns_resolver_tsig_keyname(r) && ldns_resolver_tsig_keydata(r))
75 return ldns_pkt_tsig_sign(p, ldns_resolver_tsig_keyname(r),
76 ldns_resolver_tsig_keydata(r), fudge,
77 ldns_resolver_tsig_algorithm(r), NULL);
84 return LDNS_STATUS_OK;
87 /* Move to higher.c or similar? */
90 ldns_update_soa_mname(ldns_rdf *zone, ldns_resolver *r,
91 ldns_rr_class c, ldns_rdf **mname)
94 ldns_pkt *query, *resp;
96 /* Nondestructive, so clone 'zone' here */
97 query = ldns_pkt_query_new(ldns_rdf_clone(zone), LDNS_RR_TYPE_SOA,
100 return LDNS_STATUS_ERR;
103 ldns_pkt_set_random_id(query);
104 if (ldns_resolver_send_pkt(&resp, r, query) != LDNS_STATUS_OK) {
105 ldns_pkt_free(query);
106 return LDNS_STATUS_ERR;
108 ldns_pkt_free(query);
110 return LDNS_STATUS_ERR;
113 /* Expect a SOA answer. */
115 while ((soa_rr = ldns_rr_list_pop_rr(ldns_pkt_answer(resp)))) {
116 if (ldns_rr_get_type(soa_rr) != LDNS_RR_TYPE_SOA)
118 /* [RFC1035 3.3.13] */
119 *mname = ldns_rdf_clone(ldns_rr_rdf(soa_rr, 0));
124 return *mname ? LDNS_STATUS_OK : LDNS_STATUS_ERR;
127 /* Try to get zone and MNAME from SOA queries. */
129 ldns_update_soa_zone_mname(const char *fqdn, ldns_resolver *r,
130 ldns_rr_class c, ldns_rdf **zone_rdf, ldns_rdf **mname_rdf)
132 ldns_rr *soa_rr, *rr;
133 ldns_rdf *soa_zone = NULL, *soa_mname = NULL;
134 ldns_rdf *ipaddr, *fqdn_rdf, *tmp;
136 ldns_pkt *query, *resp;
140 * XXX Ok, this cannot be the best way to find this...?
141 * XXX (I run into weird cache-related stuff here)
144 /* Step 1 - first find a nameserver that should know *something* */
145 fqdn_rdf = ldns_dname_new_frm_str(fqdn);
146 query = ldns_pkt_query_new(fqdn_rdf, LDNS_RR_TYPE_SOA, c, LDNS_RD);
148 return LDNS_STATUS_ERR;
152 ldns_pkt_set_random_id(query);
153 if (ldns_resolver_send_pkt(&resp, r, query) != LDNS_STATUS_OK) {
154 ldns_pkt_free(query);
155 return LDNS_STATUS_ERR;
157 ldns_pkt_free(query);
159 return LDNS_STATUS_ERR;
162 /* XXX Is it safe to only look in authority section here? */
163 while ((soa_rr = ldns_rr_list_pop_rr(ldns_pkt_authority(resp)))) {
164 if (ldns_rr_get_type(soa_rr) != LDNS_RR_TYPE_SOA)
166 /* [RFC1035 3.3.13] */
167 soa_mname = ldns_rdf_clone(ldns_rr_rdf(soa_rr, 0));
172 return LDNS_STATUS_ERR;
175 /* Step 2 - find SOA MNAME IP address, add to resolver */
176 query = ldns_pkt_query_new(soa_mname, LDNS_RR_TYPE_A, c, LDNS_RD);
178 return LDNS_STATUS_ERR;
182 ldns_pkt_set_random_id(query);
183 if (ldns_resolver_send_pkt(&resp, r, query) != LDNS_STATUS_OK) {
184 ldns_pkt_free(query);
185 return LDNS_STATUS_ERR;
187 ldns_pkt_free(query);
189 return LDNS_STATUS_ERR;
192 if (ldns_pkt_ancount(resp) == 0) {
194 return LDNS_STATUS_ERR;
197 /* XXX There may be more than one answer RR here. */
198 rr = ldns_rr_list_pop_rr(ldns_pkt_answer(resp));
199 ipaddr = ldns_rr_rdf(rr, 0);
201 /* Put the SOA mname IP first in the nameserver list. */
202 nslist = ldns_resolver_nameservers(r);
203 for (i = 0; i < ldns_resolver_nameserver_count(r); i++) {
204 if (ldns_rdf_compare(ipaddr, nslist[i]) == 0) {
207 nslist[0] = nslist[i];
213 if (i >= ldns_resolver_nameserver_count(r)) {
214 /* SOA mname was not part of the resolver so add it first. */
215 (void) ldns_resolver_push_nameserver(r, ipaddr);
216 nslist = ldns_resolver_nameservers(r);
217 i = ldns_resolver_nameserver_count(r) - 1;
219 nslist[0] = nslist[i];
224 /* Make sure to ask the first in the list, i.e SOA mname */
225 ldns_resolver_set_random(r, false);
227 /* Step 3 - Redo SOA query, sending to SOA MNAME directly. */
228 fqdn_rdf = ldns_dname_new_frm_str(fqdn);
229 query = ldns_pkt_query_new(fqdn_rdf, LDNS_RR_TYPE_SOA, c, LDNS_RD);
231 return LDNS_STATUS_ERR;
235 ldns_pkt_set_random_id(query);
236 if (ldns_resolver_send_pkt(&resp, r, query) != LDNS_STATUS_OK) {
237 ldns_pkt_free(query);
238 return LDNS_STATUS_ERR;
240 ldns_pkt_free(query);
242 return LDNS_STATUS_ERR;
245 /* XXX Is it safe to only look in authority section here, too? */
246 while ((soa_rr = ldns_rr_list_pop_rr(ldns_pkt_authority(resp)))) {
247 if (ldns_rr_get_type(soa_rr) != LDNS_RR_TYPE_SOA)
249 /* [RFC1035 3.3.13] */
250 soa_mname = ldns_rdf_clone(ldns_rr_rdf(soa_rr, 0));
251 soa_zone = ldns_rdf_clone(ldns_rr_owner(soa_rr));
256 return LDNS_STATUS_ERR;
259 /* That seems to have worked, pass results to caller. */
260 *zone_rdf = soa_zone;
261 *mname_rdf = soa_mname;
262 return LDNS_STATUS_OK;
266 * ldns_update_{get,set}_{zo,pr,up,ad}count
270 ldns_update_zocount(const ldns_pkt *p)
272 return ldns_pkt_qdcount(p);
276 ldns_update_prcount(const ldns_pkt *p)
278 return ldns_pkt_ancount(p);
282 ldns_update_upcount(const ldns_pkt *p)
284 return ldns_pkt_nscount(p);
288 ldns_update_ad(const ldns_pkt *p)
290 return ldns_pkt_arcount(p);
294 ldns_update_set_zo(ldns_pkt *p, uint16_t v)
296 ldns_pkt_set_qdcount(p, v);
300 ldns_update_set_prcount(ldns_pkt *p, uint16_t v)
302 ldns_pkt_set_ancount(p, v);
306 ldns_update_set_upcount(ldns_pkt *p, uint16_t v)
308 ldns_pkt_set_nscount(p, v);
312 ldns_update_set_adcount(ldns_pkt *p, uint16_t v)
314 ldns_pkt_set_arcount(p, v);