|
unbound
0.1
|
This file contains functions to resolve DNS queries and validate the answers. More...
#include "libunbound/unbound.h"#include "config.h"#include <ctype.h>#include "libunbound/context.h"#include "libunbound/libworker.h"#include "util/locks.h"#include "util/config_file.h"#include "util/alloc.h"#include "util/module.h"#include "util/regional.h"#include "util/log.h"#include "util/random.h"#include "util/net_help.h"#include "util/tube.h"#include "services/modstack.h"#include "services/localzone.h"#include "services/cache/infra.h"#include "services/cache/rrset.h"Functions | |
| struct ub_ctx * | ub_ctx_create (void) |
| Create a resolving and validation context. | |
| static void | delq (rbnode_t *n, void *ATTR_UNUSED(arg)) |
| delete q | |
| void | ub_ctx_delete (struct ub_ctx *ctx) |
| Destroy a validation context and free all its resources. | |
| int | ub_ctx_set_option (struct ub_ctx *ctx, char *opt, char *val) |
| Set an option for the context. | |
| int | ub_ctx_get_option (struct ub_ctx *ctx, char *opt, char **str) |
| Get an option from the context. | |
| int | ub_ctx_config (struct ub_ctx *ctx, char *fname) |
| setup configuration for the given context. | |
| int | ub_ctx_add_ta (struct ub_ctx *ctx, char *ta) |
| Add a trust anchor to the given context. | |
| int | ub_ctx_add_ta_file (struct ub_ctx *ctx, char *fname) |
| Add trust anchors to the given context. | |
| int | ub_ctx_trustedkeys (struct ub_ctx *ctx, char *fname) |
| Add trust anchors to the given context. | |
| int | ub_ctx_debuglevel (struct ub_ctx *ctx, int d) |
| Set debug verbosity for the context Output is directed to stderr. | |
| int | ub_ctx_debugout (struct ub_ctx *ctx, void *out) |
| Set debug output (and error output) to the specified stream. | |
| int | ub_ctx_async (struct ub_ctx *ctx, int dothread) |
| Set a context behaviour for asynchronous action. | |
| int | ub_poll (struct ub_ctx *ctx) |
| Poll a context to see if it has any new results Do not poll in a loop, instead extract the fd below to poll for readiness, and then check, or wait using the wait routine. | |
| int | ub_fd (struct ub_ctx *ctx) |
| Get file descriptor. | |
| static int | process_answer_detail (struct ub_ctx *ctx, uint8_t *msg, uint32_t len, ub_callback_t *cb, void **cbarg, int *err, struct ub_result **res) |
| process answer from bg worker | |
| static int | process_answer (struct ub_ctx *ctx, uint8_t *msg, uint32_t len) |
| process answer from bg worker | |
| int | ub_process (struct ub_ctx *ctx) |
| Call this routine to continue processing results from the validating resolver (when the fd becomes readable). | |
| int | ub_wait (struct ub_ctx *ctx) |
| Wait for a context to finish with results. | |
| int | ub_resolve (struct ub_ctx *ctx, char *name, int rrtype, int rrclass, struct ub_result **result) |
| Perform resolution and validation of the target name. | |
| int | ub_resolve_async (struct ub_ctx *ctx, char *name, int rrtype, int rrclass, void *mydata, ub_callback_t callback, int *async_id) |
| Perform resolution and validation of the target name. | |
| int | ub_cancel (struct ub_ctx *ctx, int async_id) |
| Cancel an async query in progress. | |
| void | ub_resolve_free (struct ub_result *result) |
| Free storage associated with a result structure. | |
| const char * | ub_strerror (int err) |
| Convert error value to a human readable string. | |
| int | ub_ctx_set_fwd (struct ub_ctx *ctx, char *addr) |
| Set machine to forward DNS queries to, the caching resolver to use. | |
| int | ub_ctx_resolvconf (struct ub_ctx *ctx, char *fname) |
| Read list of nameservers to use from the filename given. | |
| int | ub_ctx_hosts (struct ub_ctx *ctx, char *fname) |
| Read list of hosts from the filename given. | |
| static int | ub_ctx_finalize (struct ub_ctx *ctx) |
| finalize the context, if not already finalized | |
| int | ub_ctx_print_local_zones (struct ub_ctx *ctx) |
| Debug routine. | |
| int | ub_ctx_zone_add (struct ub_ctx *ctx, char *zone_name, char *zone_type) |
| Add a new zone with the zonetype to the local authority info of the library. | |
| int | ub_ctx_zone_remove (struct ub_ctx *ctx, char *zone_name) |
| Remove zone from local authority info of the library. | |
| int | ub_ctx_data_add (struct ub_ctx *ctx, char *data) |
| Add localdata to the library local authority info. | |
| int | ub_ctx_data_remove (struct ub_ctx *ctx, char *data) |
| Remove localdata from the library local authority info. | |
| const char * | ub_version (void) |
| Get a version string from the libunbound implementation. | |
This file contains functions to resolve DNS queries and validate the answers.
Synchonously and asynchronously.
| struct ub_ctx* ub_ctx_create | ( | void | ) | [read] |
Create a resolving and validation context.
The information from /etc/resolv.conf and /etc/hosts is not utilised by default. Use ub_ctx_resolvconf and ub_ctx_hosts to read them.
References module_env::alloc, alloc_init(), module_env::cfg, ub_ctx::cfglock, config_create_forlib(), ub_ctx::env, log_err(), log_ident_set(), log_init(), ub_ctx::mods, modstack_init(), module_env::need_to_validate, ub_ctx::qq_pipe, ub_ctx::qqpipe_lock, ub_ctx::queries, rbtree_init(), ub_ctx::rr_pipe, ub_ctx::rrpipe_lock, ub_ctx::seed_rnd, ub_ctx::superalloc, tube_create(), tube_delete(), ub_initstate(), ub_randfree(), verbosity, and module_env::worker.
Referenced by create_unbound_context(), do_update(), and main().
| void ub_ctx_delete | ( | struct ub_ctx * | ctx | ) |
Destroy a validation context and free all its resources.
Outstanding async queries are killed and callbacks are not called for them.
| ctx,: | context to delete. |
References alloc_clear(), ub_ctx::alloc_list, ub_ctx::bg_tid, module_env::cfg, ub_ctx::cfglock, config_delete(), context_serial_getcmd(), ub_ctx::created_bg, delq(), ub_ctx::dothread, ub_ctx::env, module_env::infra_cache, infra_delete(), ub_ctx::local_zones, local_zones_delete(), ub_ctx::mods, modstack_desetup(), module_env::msg_cache, ub_ctx::qq_pipe, ub_ctx::qqpipe_lock, ub_ctx::queries, ub_ctx::rr_pipe, ub_ctx::rrpipe_lock, module_env::rrset_cache, rrset_cache_delete(), ub_ctx::seed_rnd, slabhash_delete(), alloc_cache::super, ub_ctx::superalloc, traverse_postorder(), tube_delete(), tube_read_msg(), tube_write_msg(), UB_LIBCMD_QUIT, and ub_randfree().
Referenced by add_5011_probe_root(), do_root_update_work(), do_update(), ext_test(), lookup(), main(), prime_root_key(), resolve_host_ip(), resolve_name(), and ub_ctx_error_exit().
| int ub_ctx_set_option | ( | struct ub_ctx * | ctx, |
| char * | opt, | ||
| char * | val | ||
| ) |
Set an option for the context.
| ctx,: | context. |
| opt,: | option name from the unbound.conf config file format. (not all settings applicable). The name includes the trailing ':' for example ub_ctx_set_option(ctx, "logfile:", "mylog.txt"); This is a power-users interface that lets you specify all sorts of options. For some specific options, such as adding trust anchors, special routines exist. |
| val,: | value of the option. |
References module_env::cfg, ub_ctx::cfglock, config_set_option(), ub_ctx::env, ub_ctx::finalized, UB_AFTERFINAL, UB_NOERROR, and UB_SYNTAX.
Referenced by add_5011_probe_root(), create_unbound_context(), and main().
| int ub_ctx_get_option | ( | struct ub_ctx * | ctx, |
| char * | opt, | ||
| char ** | str | ||
| ) |
Get an option from the context.
| ctx,: | context. |
| opt,: | option name from the unbound.conf config file format. (not all settings applicable). The name excludes the trailing ':' for example ub_ctx_get_option(ctx, "logfile", &result); This is a power-users interface that lets you specify all sorts of options. |
| str,: | the string is malloced and returned here. NULL on error. The caller must free() the string. In cases with multiple entries (auto-trust-anchor-file), a newline delimited list is returned in the string. |
References module_env::cfg, ub_ctx::cfglock, config_get_option_collate(), ub_ctx::env, UB_NOERROR, UB_NOMEM, and UB_SYNTAX.
Referenced by main().
| int ub_ctx_config | ( | struct ub_ctx * | ctx, |
| char * | fname | ||
| ) |
setup configuration for the given context.
| ctx,: | context. |
| fname,: | unbound config file (not all settings applicable). This is a power-users interface that lets you specify all sorts of options. For some specific options, such as adding trust anchors, special routines exist. |
References module_env::cfg, ub_ctx::cfglock, config_read(), ub_ctx::env, ub_ctx::finalized, UB_AFTERFINAL, UB_NOERROR, and UB_SYNTAX.
Referenced by create_unbound_context(), and main().
| int ub_ctx_add_ta | ( | struct ub_ctx * | ctx, |
| char * | ta | ||
| ) |
Add a trust anchor to the given context.
The trust anchor is a string, on one line, that holds a valid DNSKEY or DS RR.
| ctx,: | context. At this time it is only possible to add trusted keys before the first resolve is done. |
| ta,: | string, with zone-format RR on one line. [domainname] [TTL optional] [type] [class optional] [rdata contents] |
References module_env::cfg, cfg_strlist_insert(), ub_ctx::cfglock, ub_ctx::env, ub_ctx::finalized, config_file::trust_anchor_list, UB_AFTERFINAL, UB_NOERROR, and UB_NOMEM.
Referenced by main().
| int ub_ctx_add_ta_file | ( | struct ub_ctx * | ctx, |
| char * | fname | ||
| ) |
Add trust anchors to the given context.
Pass name of a file with DS and DNSKEY records (like from dig or drill).
| ctx,: | context. At this time it is only possible to add trusted keys before the first resolve is done. |
| fname,: | filename of file with keyfile with trust anchors. |
References module_env::cfg, cfg_strlist_insert(), ub_ctx::cfglock, ub_ctx::env, ub_ctx::finalized, config_file::trust_anchor_file_list, UB_AFTERFINAL, UB_NOERROR, and UB_NOMEM.
Referenced by do_update(), and main().
| int ub_ctx_trustedkeys | ( | struct ub_ctx * | ctx, |
| char * | fname | ||
| ) |
Add trust anchors to the given context.
Pass the name of a bind-style config file with trusted-keys{}.
| ctx,: | context. At this time it is only possible to add trusted keys before the first resolve is done. |
| fname,: | filename of file with bind-style config entries with trust anchors. |
References module_env::cfg, cfg_strlist_insert(), ub_ctx::cfglock, ub_ctx::env, ub_ctx::finalized, config_file::trusted_keys_file_list, UB_AFTERFINAL, UB_NOERROR, and UB_NOMEM.
Referenced by main().
| int ub_ctx_debuglevel | ( | struct ub_ctx * | ctx, |
| int | d | ||
| ) |
Set debug verbosity for the context Output is directed to stderr.
| ctx,: | context. |
| d,: | debug level, 0 is off, 1 is very minimal, 2 is detailed, and 3 is lots. |
References module_env::cfg, ub_ctx::cfglock, ub_ctx::env, UB_NOERROR, config_file::verbosity, and verbosity.
Referenced by main().
| int ub_ctx_debugout | ( | struct ub_ctx * | ctx, |
| void * | out | ||
| ) |
Set debug output (and error output) to the specified stream.
Pass NULL to disable. Default is stderr.
| ctx,: | context. |
| out,: | FILE* out file stream to log to. Type void* to avoid stdio dependency of this header file. |
References ub_ctx::cfglock, log_file(), ub_ctx::log_out, ub_ctx::logfile_override, and UB_NOERROR.
| int ub_ctx_async | ( | struct ub_ctx * | ctx, |
| int | dothread | ||
| ) |
Set a context behaviour for asynchronous action.
| ctx,: | context. |
| dothread,: | if true, enables threading and a call to resolve_async() creates a thread to handle work in the background. If false, a process is forked to handle work in the background. Changes to this setting after async() calls have been made have no effect (delete and re-create the context to change). |
References ub_ctx::cfglock, ub_ctx::dothread, ub_ctx::finalized, UB_AFTERFINAL, and UB_NOERROR.
Referenced by main().
Poll a context to see if it has any new results Do not poll in a loop, instead extract the fd below to poll for readiness, and then check, or wait using the wait routine.
| ctx,: | context. |
References ub_ctx::rr_pipe, and tube_poll().
Get file descriptor.
Wait for it to become readable, at this point answers are returned from the asynchronous validating resolver. Then call the ub_process to continue processing. This routine works immediately after context creation, the fd does not change.
| ctx,: | context. |
References ub_ctx::rr_pipe, and tube_read_fd().
| int ub_process | ( | struct ub_ctx * | ctx | ) |
Call this routine to continue processing results from the validating resolver (when the fd becomes readable).
Will perform necessary callbacks.
| ctx,: | context |
References ub_result::len, process_answer(), ub_ctx::rr_pipe, ub_ctx::rrpipe_lock, tube_read_msg(), UB_NOERROR, and UB_PIPE.
Referenced by main().
Wait for a context to finish with results.
Calls ub_process() after the wait for you. After the wait, there are no more outstanding asynchronous queries.
| ctx,: | context. |
References ub_ctx::cfglock, ub_result::len, ub_ctx::num_async, process_answer_detail(), ub_ctx::rr_pipe, ub_ctx::rrpipe_lock, tube_read_msg(), tube_wait(), UB_NOERROR, and UB_PIPE.
Referenced by ext_thread().
| int ub_resolve | ( | struct ub_ctx * | ctx, |
| char * | name, | ||
| int | rrtype, | ||
| int | rrclass, | ||
| struct ub_result ** | result | ||
| ) |
Perform resolution and validation of the target name.
| ctx,: | context. The context is finalized, and can no longer accept config changes. |
| name,: | domain name in text format (a zero terminated text string). |
| rrtype,: | type of RR in host order, 1 is A (address). |
| rrclass,: | class of RR in host order, 1 is IN (for internet). |
| result,: | the result data is returned in a newly allocated result structure. May be NULL on return, return value is set to an error in that case (out of memory). |
References ub_result::answer_len, ub_result::answer_packet, ub_ctx::cfglock, context_finalize(), context_new(), context_query_delete(), ub_ctx::finalized, rbnode_t::key, libworker_fg(), ctx_query::msg, ctx_query::msg_len, ctx_query::node, ub_ctx::queries, rbtree_delete(), ctx_query::res, UB_NOERROR, and UB_NOMEM.
Referenced by dnslook(), do_lookup(), ext_thread(), main(), prime_root_key(), process(), and resolve_host_ip().
| int ub_resolve_async | ( | struct ub_ctx * | ctx, |
| char * | name, | ||
| int | rrtype, | ||
| int | rrclass, | ||
| void * | mydata, | ||
| ub_callback_t | callback, | ||
| int * | async_id | ||
| ) |
Perform resolution and validation of the target name.
Asynchronous, after a while, the callback will be called with your data and the result.
| ctx,: | context. If no thread or process has been created yet to perform the work in the background, it is created now. The context is finalized, and can no longer accept config changes. |
| name,: | domain name in text format (a string). |
| rrtype,: | type of RR in host order, 1 is A. |
| rrclass,: | class of RR in host order, 1 is IN (for internet). |
| mydata,: | this data is your own data (you can pass NULL), and is passed on to the callback function. |
| callback,: | this is called on completion of the resolution. It is called as: void callback(void* mydata, int err, struct ub_result* result) with mydata: the same as passed here, you may pass NULL, with err: is 0 when a result has been found. with result: a newly allocated result structure. The result may be NULL, in that case err is set. |
If an error happens during processing, your callback will be called with error set to a nonzero value (and result==NULL).
| async_id,: | if you pass a non-NULL value, an identifier number is returned for the query as it is in progress. It can be used to cancel the query. |
References ub_ctx::cfglock, context_finalize(), context_new(), context_query_delete(), context_serialize_new_query(), ub_ctx::created_bg, ub_ctx::finalized, rbnode_t::key, libworker_bg(), ctx_query::msg, ctx_query::node, ub_ctx::num_async, ub_ctx::qq_pipe, ub_ctx::qqpipe_lock, ub_ctx::queries, ctx_query::querynum, rbtree_delete(), tube_write_msg(), UB_NOERROR, UB_NOMEM, and UB_PIPE.
Referenced by ext_thread(), and main().
Cancel an async query in progress.
Its callback will not be called.
| ctx,: | context. |
| async_id,: | which query to cancel. |
References ctx_query::async, ctx_query::cancelled, ub_ctx::cfglock, context_query_delete(), context_serialize_cancel(), ub_ctx::dothread, rbnode_t::key, log_assert, ctx_query::msg, ctx_query::node, ub_ctx::num_async, ub_ctx::qq_pipe, ub_ctx::qqpipe_lock, ub_ctx::queries, rbtree_delete(), rbtree_search(), tube_write_msg(), UB_NOERROR, UB_NOID, UB_NOMEM, and UB_PIPE.
Referenced by ext_thread(), and main().
| void ub_resolve_free | ( | struct ub_result * | result | ) |
Free storage associated with a result structure.
| result,: | to free |
References ub_result::answer_packet, ub_result::canonname, ub_result::data, ub_result::len, ub_result::qname, and ub_result::why_bogus.
Referenced by context_query_delete(), dnslook(), do_certupdate(), do_root_update_work(), do_update(), ext_callback(), ext_thread(), main(), process(), process_answer_detail(), and resolve_host_ip().
| const char* ub_strerror | ( | int | err | ) |
Convert error value to a human readable string.
| err,: | error code from one of the ub_val* functions. |
References UB_AFTERFINAL, UB_FORKFAIL, UB_INITFAIL, UB_NOERROR, UB_NOID, UB_NOMEM, UB_PIPE, UB_READFILE, UB_SERVFAIL, UB_SOCKET, and UB_SYNTAX.
Referenced by add_5011_probe_root(), check_ub_res(), checkerr(), create_unbound_context(), dnslook(), do_lookup(), do_update(), main(), prime_root_key(), print_result(), process(), and resolve_host_ip().
| int ub_ctx_set_fwd | ( | struct ub_ctx * | ctx, |
| char * | addr | ||
| ) |
Set machine to forward DNS queries to, the caching resolver to use.
IP4 or IP6 address. Forwards all DNS requests to that machine, which is expected to run a recursive resolver. If the proxy is not DNSSEC-capable, validation may fail. Can be called several times, in that case the addresses are used as backup servers.
To read the list of nameservers from /etc/resolv.conf (from DHCP or so), use the call ub_ctx_resolvconf.
| ctx,: | context. At this time it is only possible to set configuration before the first resolve is done. |
| addr,: | address, IP4 or IP6 in string format. If the addr is NULL, forwarding is disabled. |
References config_stub::addrs, module_env::cfg, cfg_strlist_insert(), ub_ctx::cfglock, config_delstubs(), ub_ctx::env, extstrtoaddr(), ub_ctx::finalized, config_file::forwards, log_assert, config_stub::name, config_stub::next, UB_AFTERFINAL, UB_NOERROR, UB_NOMEM, and UB_SYNTAX.
Referenced by main(), and ub_ctx_resolvconf().
| int ub_ctx_resolvconf | ( | struct ub_ctx * | ctx, |
| char * | fname | ||
| ) |
Read list of nameservers to use from the filename given.
Usually "/etc/resolv.conf". Uses those nameservers as caching proxies. If they do not support DNSSEC, validation may fail.
Only nameservers are picked up, the searchdomain, ndots and other settings from resolv.conf(5) are ignored.
| ctx,: | context. At this time it is only possible to set configuration before the first resolve is done. |
| fname,: | file name string. If NULL "/etc/resolv.conf" is used. |
References ub_ctx_set_fwd(), UB_NOERROR, and UB_READFILE.
Referenced by create_unbound_context(), and main().
| int ub_ctx_hosts | ( | struct ub_ctx * | ctx, |
| char * | fname | ||
| ) |
Read list of hosts from the filename given.
Usually "/etc/hosts". These addresses are not flagged as DNSSEC secure when queried for.
| ctx,: | context. At this time it is only possible to set configuration before the first resolve is done. |
| fname,: | file name string. If NULL "/etc/hosts" is used. |
References module_env::cfg, cfg_strlist_insert(), ub_ctx::cfglock, ub_ctx::env, ub_ctx::finalized, config_file::local_data, config_stub::name, str_is_ip6(), UB_AFTERFINAL, ub_ctx_hosts(), UB_NOERROR, UB_NOMEM, UB_READFILE, and UB_SYNTAX.
Referenced by main(), and ub_ctx_hosts().
| int ub_ctx_print_local_zones | ( | struct ub_ctx * | ctx | ) |
Debug routine.
Print the local zone information to debug output.
| ctx,: | context. Is finalized by the routine. |
References ub_ctx::local_zones, local_zones_print(), ub_ctx_finalize(), and UB_NOERROR.
| int ub_ctx_zone_add | ( | struct ub_ctx * | ctx, |
| char * | zone_name, | ||
| char * | zone_type | ||
| ) |
Add a new zone with the zonetype to the local authority info of the library.
| ctx,: | context. Is finalized by the routine. |
| zone_name,: | name of the zone in text, "example.com" If it already exists, the type is updated. |
| zone_type,: | type of the zone (like for unbound.conf) in text. |
References local_zone_str2type(), ub_ctx::local_zones, local_zones_add_zone(), local_zones_find(), local_zones::lock, local_zone::lock, parse_dname(), local_zone::type, ub_ctx_finalize(), UB_NOERROR, UB_NOMEM, and UB_SYNTAX.
| int ub_ctx_zone_remove | ( | struct ub_ctx * | ctx, |
| char * | zone_name | ||
| ) |
Remove zone from local authority info of the library.
| ctx,: | context. Is finalized by the routine. |
| zone_name,: | name of the zone in text, "example.com" If it does not exist, nothing happens. |
References ub_ctx::local_zones, local_zones_del_zone(), local_zones_find(), local_zones::lock, parse_dname(), ub_ctx_finalize(), UB_NOERROR, and UB_SYNTAX.
| int ub_ctx_data_add | ( | struct ub_ctx * | ctx, |
| char * | data | ||
| ) |
Add localdata to the library local authority info.
Similar to local-data config statement.
| ctx,: | context. Is finalized by the routine. |
| data,: | the resource record in text format, for example "www.example.com IN A 127.0.0.1" |
References module_env::cfg, ub_ctx::cfglock, ub_ctx::env, ub_ctx::local_zones, local_zones_add_RR(), config_file::msg_buffer_size, ub_ctx_finalize(), UB_NOERROR, and UB_NOMEM.
| int ub_ctx_data_remove | ( | struct ub_ctx * | ctx, |
| char * | data | ||
| ) |
Remove localdata from the library local authority info.
| ctx,: | context. Is finalized by the routine. |
| data,: | the name to delete all data from, like "www.example.com". |
References ub_ctx::local_zones, local_zones_del_data(), parse_dname(), ub_ctx_finalize(), UB_NOERROR, and UB_SYNTAX.
| const char* ub_version | ( | void | ) |
Get a version string from the libunbound implementation.
1.7.6.1