Commit f6e45a5c authored by Mark Andrews's avatar Mark Andrews
Browse files

4217. [protocol] Add support for CSYNC. [RT #40532]

parent 705d56b4
4217. [protocol] Add support for CSYNC. [RT #40532]
4216. [cleanup] Silence static analysis warnings. [RT #40649]
4215. [bug] nsupdate: skip to next request on GSSTKEY create
......
......@@ -288,6 +288,10 @@ openpgpkey OPENPGPKEY ( AQMFD5raczCJHViKtLYhWGz8hMY
sENW91IOW4vqudngPZsY3GvQ/xVA8/7pyFj6b7Esg
a60zyGW6LFe9r8n6paHrlG5ojqf0BaqHT+8= )
;type 62
csync01 CSYNC 0 0 A NS AAAA
csync02 CSYNC 0 0
; type 249
; TKEY is a meta-type and should never occur in master files.
; The text representation is not specified in the draft.
......
......@@ -56,6 +56,7 @@ TALINK
CDS
CDNSKEY
OPENPGPKEY
CSYNC
SPF
UINFO
UID
......
......@@ -18,6 +18,8 @@ cert01.example. 3600 IN CERT 65534 65535 PRIVATEOID MxFcby9k/yvedMfQgKzhH5er0Mu
cname01.example. 3600 IN CNAME cname-target.
cname02.example. 3600 IN CNAME cname-target.example.
cname03.example. 3600 IN CNAME .
csync01.example. 3600 IN CSYNC 0 0 A NS AAAA
csync02.example. 3600 IN CSYNC 0 0
dlv.example. 3600 IN DLV 30795 1 1 310D27F4D82C1FC2400704EA9939FE6E1CEAA3B9
dname01.example. 3600 IN DNAME dname-target.
dname02.example. 3600 IN DNAME dname-target.example.
......
......@@ -18,6 +18,8 @@ cert01.example. 3600 IN CERT 65534 65535 PRIVATEOID MxFcby9k/yvedMfQgKzhH5er0Mu
cname01.example. 3600 IN CNAME cname-target.
cname02.example. 3600 IN CNAME cname-target.example.
cname03.example. 3600 IN CNAME .
csync01.example. 3600 IN CSYNC 0 0 A NS AAAA
csync02.example. 3600 IN CSYNC 0 0
dlv.example. 3600 IN DLV 30795 1 1 310D27F4D82C1FC2400704EA9939FE6E1CEAA3B9
dname01.example. 3600 IN DNAME dname-target.
dname02.example. 3600 IN DNAME dname-target.example.
......
......@@ -13669,6 +13669,19 @@ view external {
</para>
</entry>
</row>
<row rowsep="0">
<entry colname="1">
<para>
CSYNC
</para>
</entry>
<entry colname="2">
<para>
Child-to-Parent Synchronization in DNS as described
in RFC 7477.
</para>
</entry>
</row>
<row rowsep="0">
<entry colname="1">
<para>
......
......@@ -452,8 +452,8 @@
</listitem>
<listitem>
<para>
The following types have been implemented: NINFO, RKEY, SINK, TA,
TALINK.
The following types have been implemented: CSYNC, NINFO, RKEY,
SINK, TA, TALINK.
</para>
</listitem>
</itemizedlist>
......
......@@ -83,7 +83,7 @@ or Best Current Practice (BCP) documents. The list is non exhaustive.
RFC6891
RFC7043
RFC7314
RFC7314
RFC7477
The following DNS related RFC have been obsoleted
......
......@@ -161,4 +161,5 @@
7043: Resource Records for EUI-48 and EUI-64 Addresses in the DNS
7314: Extension Mechanisms for DNS (EDNS) EXPIRE Option
7534: AS112 Nameserver Operations
7477: Child-to-Parent Synchronization in DNS
7535: AS112 Redirection Using DNAME
......@@ -400,6 +400,138 @@ mem_maybedup(isc_mem_t *mctx, void *source, size_t length) {
return (copy);
}
static inline isc_result_t
typemap_fromtext(isc_lex_t *lexer, isc_buffer_t *target,
isc_boolean_t allow_empty)
{
isc_token_t token;
unsigned char bm[8*1024]; /* 64k bits */
dns_rdatatype_t covered;
int octet;
int window;
isc_boolean_t first = ISC_TRUE;
memset(bm, 0, sizeof(bm));
do {
RETERR(isc_lex_getmastertoken(lexer, &token,
isc_tokentype_string, ISC_TRUE));
if (token.type != isc_tokentype_string)
break;
RETTOK(dns_rdatatype_fromtext(&covered,
&token.value.as_textregion));
bm[covered/8] |= (0x80>>(covered%8));
first = ISC_FALSE;
} while (1);
isc_lex_ungettoken(lexer, &token);
if (!allow_empty && first)
return (DNS_R_FORMERR);
for (window = 0; window < 256 ; window++) {
/*
* Find if we have a type in this window.
*/
for (octet = 31; octet >= 0; octet--)
if (bm[window * 32 + octet] != 0)
break;
if (octet < 0)
continue;
RETERR(uint8_tobuffer(window, target));
RETERR(uint8_tobuffer(octet + 1, target));
RETERR(mem_tobuffer(target, &bm[window * 32], octet + 1));
}
return (ISC_R_SUCCESS);
}
static inline isc_result_t
typemap_totext(isc_region_t *sr, dns_rdata_textctx_t *tctx,
isc_buffer_t *target)
{
unsigned int i, j, k;
unsigned int window, len;
isc_boolean_t first = ISC_FALSE;
for (i = 0; i < sr->length; i += len) {
if (tctx != NULL &&
(tctx->flags & DNS_STYLEFLAG_MULTILINE) != 0) {
RETERR(str_totext(tctx->linebreak, target));
first = ISC_TRUE;
}
INSIST(i + 2 <= sr->length);
window = sr->base[i];
len = sr->base[i + 1];
INSIST(len > 0 && len <= 32);
i += 2;
INSIST(i + len <= sr->length);
for (j = 0; j < len; j++) {
dns_rdatatype_t t;
if (sr->base[i + j] == 0)
continue;
for (k = 0; k < 8; k++) {
if ((sr->base[i + j] & (0x80 >> k)) == 0)
continue;
t = window * 256 + j * 8 + k;
if (!first)
RETERR(str_totext(" ", target));
first = ISC_FALSE;
if (dns_rdatatype_isknown(t)) {
RETERR(dns_rdatatype_totext(t, target));
} else {
char buf[sizeof("TYPE65535")];
sprintf(buf, "TYPE%u", t);
RETERR(str_totext(buf, target));
}
}
}
}
return (ISC_R_SUCCESS);
}
static isc_result_t
typemap_test(isc_region_t *sr, isc_boolean_t allow_empty) {
unsigned int window, lastwindow = 0;
unsigned int len;
isc_boolean_t first = ISC_TRUE;
unsigned int i;
for (i = 0; i < sr->length; i += len) {
/*
* Check for overflow.
*/
if (i + 2 > sr->length)
RETERR(DNS_R_FORMERR);
window = sr->base[i];
len = sr->base[i + 1];
i += 2;
/*
* Check that bitmap windows are in the correct order.
*/
if (!first && window <= lastwindow)
RETERR(DNS_R_FORMERR);
/*
* Check for legal lengths.
*/
if (len < 1 || len > 32)
RETERR(DNS_R_FORMERR);
/*
* Check for overflow.
*/
if (i + len > sr->length)
RETERR(DNS_R_FORMERR);
/*
* The last octet of the bitmap must be non zero.
*/
if (sr->base[i + len - 1] == 0)
RETERR(DNS_R_FORMERR);
lastwindow = window;
first = ISC_FALSE;
}
if (i != sr->length)
return (DNS_R_EXTRADATA);
if (!allow_empty && first)
RETERR(DNS_R_FORMERR);
return (ISC_R_SUCCESS);
}
static const char hexdigits[] = "0123456789abcdef";
static const char decdigits[] = "0123456789";
......
/*
* Copyright (C) 2015 Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
/* RFC 7477 */
#ifndef RDATA_GENERIC_CSYNC_62_C
#define RDATA_GENERIC_CSYNC_62_C
#define RRTYPE_CSYNC_ATTRIBUTES 0
static inline isc_result_t
fromtext_csync(ARGS_FROMTEXT) {
isc_token_t token;
REQUIRE(type == dns_rdatatype_csync);
UNUSED(type);
UNUSED(rdclass);
UNUSED(origin);
UNUSED(options);
UNUSED(callbacks);
/* Serial. */
RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_number,
ISC_FALSE));
RETERR(uint32_tobuffer(token.value.as_ulong, target));
/* Flags. */
RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_number,
ISC_FALSE));
if (token.value.as_ulong > 0xffffU)
RETTOK(ISC_R_RANGE);
RETERR(uint16_tobuffer(token.value.as_ulong, target));
/* Type Map */
return (typemap_fromtext(lexer, target, ISC_TRUE));
}
static inline isc_result_t
totext_csync(ARGS_TOTEXT) {
unsigned long num;
char buf[sizeof("0123456789")]; /* Also TYPE65535 */
isc_region_t sr;
REQUIRE(rdata->type == dns_rdatatype_csync);
REQUIRE(rdata->length >= 6);
UNUSED(tctx);
dns_rdata_toregion(rdata, &sr);
num = uint32_fromregion(&sr);
isc_region_consume(&sr, 4);
sprintf(buf, "%lu", num);
RETERR(str_totext(buf, target));
RETERR(str_totext(" ", target));
num = uint16_fromregion(&sr);
isc_region_consume(&sr, 2);
sprintf(buf, "%lu", num);
RETERR(str_totext(buf, target));
return (typemap_totext(&sr, NULL, target));
}
static /* inline */ isc_result_t
fromwire_csync(ARGS_FROMWIRE) {
isc_region_t sr;
REQUIRE(type == dns_rdatatype_csync);
UNUSED(type);
UNUSED(rdclass);
UNUSED(options);
UNUSED(dctx);
/*
* Serial + Flags
*/
isc_buffer_activeregion(source, &sr);
if (sr.length < 6)
return (ISC_R_UNEXPECTEDEND);
RETERR(mem_tobuffer(target, sr.base, 6));
isc_buffer_forward(source, 6);
isc_region_consume(&sr, 6);
RETERR(typemap_test(&sr, ISC_TRUE));
RETERR(mem_tobuffer(target, sr.base, sr.length));
isc_buffer_forward(source, sr.length);
return (ISC_R_SUCCESS);
}
static inline isc_result_t
towire_csync(ARGS_TOWIRE) {
REQUIRE(rdata->type == dns_rdatatype_csync);
REQUIRE(rdata->length >= 6);
UNUSED(cctx);
return (mem_tobuffer(target, rdata->data, rdata->length));
}
static inline int
compare_csync(ARGS_COMPARE) {
isc_region_t r1;
isc_region_t r2;
REQUIRE(rdata1->type == rdata2->type);
REQUIRE(rdata1->rdclass == rdata2->rdclass);
REQUIRE(rdata1->type == dns_rdatatype_csync);
REQUIRE(rdata1->length >= 6);
REQUIRE(rdata2->length >= 6);
dns_rdata_toregion(rdata1, &r1);
dns_rdata_toregion(rdata2, &r2);
return (isc_region_compare(&r1, &r2));
}
static inline isc_result_t
fromstruct_csync(ARGS_FROMSTRUCT) {
dns_rdata_csync_t *csync = source;
isc_region_t region;
REQUIRE(type == dns_rdatatype_csync);
REQUIRE(source != NULL);
REQUIRE(csync->common.rdtype == type);
REQUIRE(csync->common.rdclass == rdclass);
REQUIRE(csync->typebits != NULL || csync->len == 0);
UNUSED(type);
UNUSED(rdclass);
RETERR(uint32_tobuffer(csync->serial, target));
RETERR(uint16_tobuffer(csync->flags, target));
region.base = csync->typebits;
region.length = csync->len;
RETERR(typemap_test(&region, ISC_TRUE));
return (mem_tobuffer(target, csync->typebits, csync->len));
}
static inline isc_result_t
tostruct_csync(ARGS_TOSTRUCT) {
isc_region_t region;
dns_rdata_csync_t *csync = target;
REQUIRE(rdata->type == dns_rdatatype_csync);
REQUIRE(target != NULL);
REQUIRE(rdata->length != 0);
csync->common.rdclass = rdata->rdclass;
csync->common.rdtype = rdata->type;
ISC_LINK_INIT(&csync->common, link);
dns_rdata_toregion(rdata, &region);
csync->serial = uint32_fromregion(&region);
isc_region_consume(&region, 4);
csync->flags = uint16_fromregion(&region);
isc_region_consume(&region, 2);
csync->len = region.length;
csync->typebits = mem_maybedup(mctx, region.base, region.length);
if (csync->typebits == NULL)
goto cleanup;
csync->mctx = mctx;
return (ISC_R_SUCCESS);
cleanup:
return (ISC_R_NOMEMORY);
}
static inline void
freestruct_csync(ARGS_FREESTRUCT) {
dns_rdata_csync_t *csync = source;
REQUIRE(source != NULL);
REQUIRE(csync->common.rdtype == dns_rdatatype_csync);
if (csync->mctx == NULL)
return;
if (csync->typebits != NULL)
isc_mem_free(csync->mctx, csync->typebits);
csync->mctx = NULL;
}
static inline isc_result_t
additionaldata_csync(ARGS_ADDLDATA) {
REQUIRE(rdata->type == dns_rdatatype_csync);
UNUSED(rdata);
UNUSED(add);
UNUSED(arg);
return (ISC_R_SUCCESS);
}
static inline isc_result_t
digest_csync(ARGS_DIGEST) {
isc_region_t r;
REQUIRE(rdata->type == dns_rdatatype_csync);
dns_rdata_toregion(rdata, &r);
return ((digest)(arg, &r));
}
static inline isc_boolean_t
checkowner_csync(ARGS_CHECKOWNER) {
REQUIRE(type == dns_rdatatype_csync);
UNUSED(name);
UNUSED(type);
UNUSED(rdclass);
UNUSED(wildcard);
return (ISC_TRUE);
}
static inline isc_boolean_t
checknames_csync(ARGS_CHECKNAMES) {
REQUIRE(rdata->type == dns_rdatatype_csync);
UNUSED(rdata);
UNUSED(owner);
UNUSED(bad);
return (ISC_TRUE);
}
static inline int
casecompare_csync(ARGS_COMPARE) {
isc_region_t region1;
isc_region_t region2;
REQUIRE(rdata1->type == rdata2->type);
REQUIRE(rdata1->rdclass == rdata2->rdclass);
REQUIRE(rdata1->type == dns_rdatatype_csync);
REQUIRE(rdata1->length >= 6);
REQUIRE(rdata2->length >= 6);
dns_rdata_toregion(rdata1, &region1);
dns_rdata_toregion(rdata2, &region2);
return (isc_region_compare(&region1, &region2));
}
#endif /* RDATA_GENERIC_CSYNC_62_C */
/*
* Copyright (C) 2015 Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
#ifndef GENERIC_CSYNC_62_H
#define GENERIC_CSYNC_62_H 1
/*!
* \brief Per RFC 7477
*/
typedef struct dns_rdata_csync {
dns_rdatacommon_t common;
isc_mem_t *mctx;
isc_uint32_t serial;
isc_uint16_t flags;
unsigned char *typebits;
isc_uint16_t len;
} dns_rdata_csync_t;
#endif /* GENERIC_CSYNC_62_H */
......@@ -45,13 +45,10 @@
static inline isc_result_t
fromtext_nsec3(ARGS_FROMTEXT) {
isc_token_t token;
unsigned char bm[8*1024]; /* 64k bits */
dns_rdatatype_t covered;
int octet;
int window;
unsigned int flags;
unsigned char hashalg;
isc_buffer_t b;
unsigned char buf[256];
REQUIRE(type == dns_rdatatype_nsec3);
......@@ -99,50 +96,24 @@ fromtext_nsec3(ARGS_FROMTEXT) {
*/
RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_string,
ISC_FALSE));
isc_buffer_init(&b, bm, sizeof(bm));
isc_buffer_init(&b, buf, sizeof(buf));
RETTOK(isc_base32hexnp_decodestring(DNS_AS_STR(token), &b));
if (isc_buffer_usedlength(&b) > 0xffU)
RETTOK(ISC_R_RANGE);
RETERR(uint8_tobuffer(isc_buffer_usedlength(&b), target));
RETERR(mem_tobuffer(target, &bm, isc_buffer_usedlength(&b)));
memset(bm, 0, sizeof(bm));
do {
RETERR(isc_lex_getmastertoken(lexer, &token,
isc_tokentype_string, ISC_TRUE));
if (token.type != isc_tokentype_string)
break;
RETTOK(dns_rdatatype_fromtext(&covered,
&token.value.as_textregion));
bm[covered/8] |= (0x80>>(covered%8));
} while (1);
isc_lex_ungettoken(lexer, &token);
for (window = 0; window < 256 ; window++) {
/*
* Find if we have a type in this window.
*/
for (octet = 31; octet >= 0; octet--)
if (bm[window * 32 + octet] != 0)
break;
if (octet < 0)
continue;
RETERR(uint8_tobuffer(window, target));
RETERR(uint8_tobuffer(octet + 1, target));
RETERR(mem_tobuffer(target, &bm[window * 32], octet + 1));
}
return (ISC_R_SUCCESS);
RETERR(mem_tobuffer(target, &buf, isc_buffer_usedlength(&b)));
return (typemap_fromtext(lexer, target, ISC_TRUE));
}
static inline isc_result_t
totext_nsec3(ARGS_TOTEXT) {
isc_region_t sr;
unsigned int i, j, k;
unsigned int window, len;
unsigned int i, j;
unsigned char hash;
unsigned char flags;
char buf[sizeof("TYPE65535")];
isc_uint32_t iterations;
isc_boolean_t first;
REQUIRE(rdata->type == dns_rdatatype_nsec3);
REQUIRE(rdata->length != 0);
......@@ -197,39 +168,7 @@ totext_nsec3(ARGS_TOTEXT) {
if ((tctx->flags & DNS_STYLEFLAG_MULTILINE) == 0)
RETERR(str_totext(" ", target));
/* Types covered */
first = ISC_TRUE;