bin » named

update.c File Reference

This module implements dynamic update as in RFC2136. More...

#include <config.h>
#include <isc/netaddr.h>
#include <isc/print.h>
#include <isc/serial.h>
#include <isc/stats.h>
#include <isc/string.h>
#include <isc/taskpool.h>
#include <isc/util.h>
#include <dns/db.h>
#include <dns/dbiterator.h>
#include <dns/diff.h>
#include <dns/dnssec.h>
#include <dns/events.h>
#include <dns/fixedname.h>
#include <dns/journal.h>
#include <dns/keyvalues.h>
#include <dns/message.h>
#include <dns/nsec.h>
#include <dns/nsec3.h>
#include <dns/private.h>
#include <dns/rdataclass.h>
#include <dns/rdataset.h>
#include <dns/rdatasetiter.h>
#include <dns/rdatastruct.h>
#include <dns/rdatatype.h>
#include <dns/soa.h>
#include <dns/ssu.h>
#include <dns/tsig.h>
#include <dns/update.h>
#include <dns/view.h>
#include <dns/zone.h>
#include <dns/zt.h>
#include <named/client.h>
#include <named/log.h>
#include <named/server.h>
#include <named/update.h>

Go to the source code of this file.

Data Structures

struct  rr
struct  update_event
struct  add_rr_prepare_ctx_t
 Prepare an RR for the addition of the new RR 'ctx->update_rr', with TTL 'ctx->update_rr_ttl', to its rdataset, by deleting the RRs if it is replaced by the new RR or has a conflicting TTL. The necessary changes are appended to ctx->del_diff and ctx->add_diff; we need to do all deletions before any additions so that we don't run into transient states with conflicting TTLs. More...
struct  foreach_node_rr_ctx_t
 Internal context struct for foreach_node_rr(). More...
struct  ssu_check_t
struct  conditional_delete_ctx_t
 Context structure for delete_if(). More...

Defines

#define LOGLEVEL_PROTOCOL   ISC_LOG_INFO
 Log level for tracing dynamic update protocol requests.
#define LOGLEVEL_DEBUG   ISC_LOG_DEBUG(8)
 Log level for low-level debug tracing.
#define CHECK(op)
 Check an operation for failure. These macros all assume that the function using them has a 'result' variable and a 'failure' label.
#define FAIL(code)
 Fail unconditionally with result 'code', which must not be ISC_R_SUCCESS. The reason for failure presumably has been logged already.
#define FAILC(code, msg)
 Fail unconditionally and log as a client error. The test against ISC_R_SUCCESS is there to keep the Solaris compiler from complaining about "end-of-loop code not reached".
#define PREREQFAILC(code, msg)
#define FAILN(code, name, msg)
#define PREREQFAILN(code, name, msg)
#define FAILNT(code, name, type, msg)
#define PREREQFAILNT(code, name, type, msg)
#define FAILS(code, msg)
 Fail unconditionally and log as a server error. The test against ISC_R_SUCCESS is there to keep the Solaris compiler from complaining about "end-of-loop code not reached".
#define TCPCLIENT(client)   (((client)->attributes & NS_CLIENTATTR_TCP) != 0)
#define RETURN_EXISTENCE_FLAG
 Utility macro for RR existence checking functions.
#define ALLOW_SECURE_TO_INSECURE(zone)   ((dns_zone_getoptions(zone) & DNS_ZONEOPT_SECURETOINSECURE) != 0)

Typedefs

typedef struct rr rr_t
typedef struct update_event update_event_t
typedef isc_result_t rrset_func (void *data, dns_rdataset_t *rrset)
 Function type for foreach_rrset() iterator actions.
typedef isc_result_t rr_func (void *data, rr_t *rr)
 Function type for foreach_rr() iterator actions.
typedef isc_boolean_t rr_predicate (dns_rdata_t *update_rr, dns_rdata_t *db_rr)
 Function type for predicate functions that compare a database RR 'db_rr' against an update RR 'update_rr'.

Functions

static void update_action (isc_task_t *task, isc_event_t *event)
static void updatedone_action (isc_task_t *task, isc_event_t *event)
static isc_result_t send_forward_event (ns_client_t *client, dns_zone_t *zone)
static void forward_done (isc_task_t *task, isc_event_t *event)
static isc_result_t add_rr_prepare_action (void *data, rr_t *rr)
static void update_log (ns_client_t *client, dns_zone_t *zone, int level, const char *fmt,...) ISC_FORMAT_PRINTF(4
static void update_log_cb (void *arg, dns_zone_t *zone, int level, const char *message)
static void inc_stats (dns_zone_t *zone, isc_statscounter_t counter)
 Increment updated-related statistics counters.
static isc_result_t checkqueryacl (ns_client_t *client, dns_acl_t *queryacl, dns_name_t *zonename, dns_acl_t *updateacl, dns_ssutable_t *ssutable)
 Check if we could have queried for the contents of this zone or if the zone is potentially updateable. If the zone can potentially be updated and the check failed then log a error otherwise we log a informational message.
static isc_result_t checkupdateacl (ns_client_t *client, dns_acl_t *acl, const char *message, dns_name_t *zonename, isc_boolean_t slave, isc_boolean_t has_ssutable)
 Override the default acl logging when checking whether a client can update the zone or whether we can forward the request to the master based on IP address.
static isc_result_t do_one_tuple (dns_difftuple_t **tuple, dns_db_t *db, dns_dbversion_t *ver, dns_diff_t *diff)
 Update a single RR in version 'ver' of 'db' and log the update in 'diff'.
static isc_result_t do_diff (dns_diff_t *updates, dns_db_t *db, dns_dbversion_t *ver, dns_diff_t *diff)
 Perform the updates in 'updates' in version 'ver' of 'db' and log the update in 'diff'.
static isc_result_t update_one_rr (dns_db_t *db, dns_dbversion_t *ver, dns_diff_t *diff, dns_diffop_t op, dns_name_t *name, dns_ttl_t ttl, dns_rdata_t *rdata)
static isc_result_t foreach_node_rr_action (void *data, dns_rdataset_t *rdataset)
 Internal helper function for foreach_node_rr().
static isc_result_t foreach_rrset (dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, rrset_func *action, void *action_data)
 For each rdataset of 'name' in 'ver' of 'db', call 'action' with the rdataset and 'action_data' as arguments. If the name does not exist, do nothing.
static isc_result_t foreach_node_rr (dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, rr_func *rr_action, void *rr_action_data)
 For each RR of 'name' in 'ver' of 'db', call 'action' with the RR and 'action_data' as arguments. If the name does not exist, do nothing.
static isc_result_t foreach_rr (dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_rdatatype_t type, dns_rdatatype_t covers, rr_func *rr_action, void *rr_action_data)
 For each of the RRs specified by 'db', 'ver', 'name', 'type', (which can be dns_rdatatype_any to match any type), and 'covers', call 'action' with the RR and 'action_data' as arguments. If the name does not exist, or if no RRset of the given type exists at the name, do nothing.
static isc_result_t rrset_exists_action (void *data, rr_t *rr)
 Helper function for rrset_exists().
static isc_result_t rrset_exists (dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_rdatatype_t type, dns_rdatatype_t covers, isc_boolean_t *exists)
 Set '*exists' to true iff an rrset of the given type exists, to false otherwise.
static isc_result_t cname_compatibility_action (void *data, dns_rdataset_t *rrset)
 Helper function for cname_incompatible_rrset_exists.
static isc_result_t cname_incompatible_rrset_exists (dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, isc_boolean_t *exists)
 Check whether there is an rrset incompatible with adding a CNAME RR, i.e., anything but another CNAME (which can be replaced) or a DNSSEC RR (which can coexist).
static isc_result_t count_rr_action (void *data, rr_t *rr)
 Helper function for rr_count().
static isc_result_t rr_count (dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_rdatatype_t type, dns_rdatatype_t covers, int *countp)
 Count the number of RRs of 'type' belonging to 'name' in 'ver' of 'db'.
static isc_result_t name_exists_action (void *data, dns_rdataset_t *rrset)
 Context struct and helper function for name_exists().
static isc_result_t name_exists (dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, isc_boolean_t *exists)
 Set '*exists' to true iff the given name exists, to false otherwise.
static isc_result_t ssu_checkrule (void *data, dns_rdataset_t *rrset)
static isc_boolean_t ssu_checkall (dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_ssutable_t *ssutable, dns_name_t *signer, isc_netaddr_t *tcpaddr, dst_key_t *key)
static isc_result_t temp_append (dns_diff_t *diff, dns_name_t *name, dns_rdata_t *rdata)
 Append a tuple asserting the existence of the RR with 'name' and 'rdata' to 'diff'.
static isc_result_t temp_check_rrset (dns_difftuple_t *a, dns_difftuple_t *b)
 Compare two rdatasets represented as sorted lists of tuples. All list elements must have the same owner name and type. Return ISC_R_SUCCESS if the rdatasets are equal, rcode(dns_rcode_nxrrset) if not.
static int temp_order (const void *av, const void *bv)
 A comparison function defining the sorting order for the entries in the "temp" data structure. The major sort key is the owner name, followed by the type and rdata.
static isc_result_t temp_check (isc_mem_t *mctx, dns_diff_t *temp, dns_db_t *db, dns_dbversion_t *ver, dns_name_t *tmpname, dns_rdatatype_t *typep)
 Check the "RRset exists (value dependent)" prerequisite information in 'temp' against the contents of the database 'db'.
static isc_boolean_t type_not_soa_nor_ns_p (dns_rdata_t *update_rr, dns_rdata_t *db_rr)
 Predicate functions for delete_if().
static isc_boolean_t type_not_dnssec (dns_rdata_t *update_rr, dns_rdata_t *db_rr)
 Return true iff 'db_rr' is neither a RRSIG nor a NSEC.
static isc_boolean_t true_p (dns_rdata_t *update_rr, dns_rdata_t *db_rr)
 Return true always.
static isc_boolean_t rr_equal_p (dns_rdata_t *update_rr, dns_rdata_t *db_rr)
 Return true iff the two RRs have identical rdata.
static isc_boolean_t replaces_p (dns_rdata_t *update_rr, dns_rdata_t *db_rr)
 Return true iff 'update_rr' should replace 'db_rr' according to the special RFC2136 rules for CNAME, SOA, and WKS records.
static isc_result_t delete_if_action (void *data, rr_t *rr)
 Internal helper function for delete_if().
static isc_result_t delete_if (rr_predicate *predicate, dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_rdatatype_t type, dns_rdatatype_t covers, dns_rdata_t *update_rr, dns_diff_t *diff)
 Conditionally delete RRs. Apply 'predicate' to the RRs specified by 'db', 'ver', 'name', and 'type' (which can be dns_rdatatype_any to match any type). Delete those RRs for which the predicate returns true, and log the deletions in 'diff'.
static void get_current_rr (dns_message_t *msg, dns_section_t section, dns_rdataclass_t zoneclass, dns_name_t **name, dns_rdata_t *rdata, dns_rdatatype_t *covers, dns_ttl_t *ttl, dns_rdataclass_t *update_class)
 Extract a single update RR from 'section' of dynamic update message 'msg', with consistency checking.
static isc_result_t update_soa_serial (dns_db_t *db, dns_dbversion_t *ver, dns_diff_t *diff, isc_mem_t *mctx, dns_updatemethod_t method)
 Increment the SOA serial number of database 'db', version 'ver'. Replace the SOA record in the database, and log the change in 'diff'.
static isc_result_t check_soa_increment (dns_db_t *db, dns_dbversion_t *ver, dns_rdata_t *update_rdata, isc_boolean_t *ok)
 Check that the new SOA record at 'update_rdata' does not illegally cause the SOA serial number to decrease or stay unchanged relative to the existing SOA in 'db'.
static isc_result_t send_update_event (ns_client_t *client, dns_zone_t *zone)
 The actual update code in all its glory. We try to follow the RFC2136 pseudocode as closely as possible.
static void respond (ns_client_t *client, isc_result_t result)
void ns_update_start (ns_client_t *client, isc_result_t sigresult)
static isc_result_t remove_orphaned_ds (dns_db_t *db, dns_dbversion_t *newver, dns_diff_t *diff)
 DS records are not allowed to exist without corresponding NS records, RFC 3658, 2.2 Protocol Change, "DS RRsets MUST NOT appear at non-delegation points or at a zone's apex".
static isc_result_t check_mx (ns_client_t *client, dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *newver, dns_diff_t *diff)
static isc_result_t rr_exists (dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, const dns_rdata_t *rdata, isc_boolean_t *flag)
static isc_result_t get_iterations (dns_db_t *db, dns_dbversion_t *ver, dns_rdatatype_t privatetype, unsigned int *iterationsp)
static isc_result_t check_dnssec (ns_client_t *client, dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_diff_t *diff)
static isc_result_t add_nsec3param_records (ns_client_t *client, dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_diff_t *diff)
static isc_result_t rollback_private (dns_db_t *db, dns_rdatatype_t privatetype, dns_dbversion_t *ver, dns_diff_t *diff)
static isc_result_t add_signing_records (dns_db_t *db, dns_rdatatype_t privatetype, dns_dbversion_t *ver, dns_diff_t *diff)
static isc_boolean_t isdnssec (dns_db_t *db, dns_dbversion_t *ver, dns_rdatatype_t privatetype)
static void forward_fail (isc_task_t *task, isc_event_t *event)
 Update forwarding support.
static void forward_callback (void *arg, isc_result_t result, dns_message_t *answer)
static void forward_action (isc_task_t *task, isc_event_t *event)

Detailed Description

This module implements dynamic update as in RFC2136.

Definition in file update.c.

Define Documentation

#define LOGLEVEL_PROTOCOL   ISC_LOG_INFO

Log level for tracing dynamic update protocol requests.

Definition at line 75 of file update.c.

#define LOGLEVEL_DEBUG   ISC_LOG_DEBUG(8)

Log level for low-level debug tracing.

Definition at line 80 of file update.c.

#define CHECK ( op   ) 

Value:

do { result = (op); \
                if (result != ISC_R_SUCCESS) goto failure; \
        } while (0)
Check an operation for failure. These macros all assume that the function using them has a 'result' variable and a 'failure' label.

Definition at line 87 of file update.c.

#define FAIL ( code   ) 

Value:

do {                                                    \
                result = (code);                                \
                if (result != ISC_R_SUCCESS) goto failure;      \
        } while (0)
Fail unconditionally with result 'code', which must not be ISC_R_SUCCESS. The reason for failure presumably has been logged already.

The test against ISC_R_SUCCESS is there to keep the Solaris compiler from complaining about "end-of-loop code not reached".

Definition at line 101 of file update.c.

#define FAILC ( code,
msg   ) 

Value:

do {                                                    \
                const char *_what = "failed";                   \
                result = (code);                                \
                switch (result) {                               \
                case DNS_R_NXDOMAIN:                            \
                case DNS_R_YXDOMAIN:                            \
                case DNS_R_YXRRSET:                             \
                case DNS_R_NXRRSET:                             \
                        _what = "unsuccessful";                 \
                }                                               \
                update_log(client, zone, LOGLEVEL_PROTOCOL,     \
                           "update %s: %s (%s)", _what,         \
                           msg, isc_result_totext(result));     \
                if (result != ISC_R_SUCCESS) goto failure;      \
        } while (0)
Fail unconditionally and log as a client error. The test against ISC_R_SUCCESS is there to keep the Solaris compiler from complaining about "end-of-loop code not reached".

Definition at line 112 of file update.c.

#define PREREQFAILC ( code,
msg   ) 

Value:

do {                                                    \
                inc_stats(zone, dns_nsstatscounter_updatebadprereq); \
                FAILC(code, msg);                               \
        } while (0)

Definition at line 128 of file update.c.

Referenced by update_action().

#define FAILN ( code,
name,
msg   ) 

Value:

do {                                                            \
                const char *_what = "failed";                           \
                result = (code);                                        \
                switch (result) {                                       \
                case DNS_R_NXDOMAIN:                                    \
                case DNS_R_YXDOMAIN:                                    \
                case DNS_R_YXRRSET:                                     \
                case DNS_R_NXRRSET:                                     \
                        _what = "unsuccessful";                         \
                }                                                       \
                if (isc_log_wouldlog(ns_g_lctx, LOGLEVEL_PROTOCOL)) {   \
                        char _nbuf[DNS_NAME_FORMATSIZE];                \
                        dns_name_format(name, _nbuf, sizeof(_nbuf));    \
                        update_log(client, zone, LOGLEVEL_PROTOCOL,     \
                                   "update %s: %s: %s (%s)", _what, _nbuf, \
                                   msg, isc_result_totext(result));     \
                }                                                       \
                if (result != ISC_R_SUCCESS) goto failure;              \
        } while (0)

Definition at line 134 of file update.c.

#define PREREQFAILN ( code,
name,
msg   ) 

Value:

do {                                                            \
                inc_stats(zone, dns_nsstatscounter_updatebadprereq); \
                FAILN(code, name, msg);                                 \
        } while (0)

Definition at line 154 of file update.c.

Referenced by update_action().

#define FAILNT ( code,
name,
type,
msg   ) 

Value:

do {                                                            \
                const char *_what = "failed";                           \
                result = (code);                                        \
                switch (result) {                                       \
                case DNS_R_NXDOMAIN:                                    \
                case DNS_R_YXDOMAIN:                                    \
                case DNS_R_YXRRSET:                                     \
                case DNS_R_NXRRSET:                                     \
                        _what = "unsuccessful";                         \
                }                                                       \
                if (isc_log_wouldlog(ns_g_lctx, LOGLEVEL_PROTOCOL)) {   \
                        char _nbuf[DNS_NAME_FORMATSIZE];                \
                        char _tbuf[DNS_RDATATYPE_FORMATSIZE];           \
                        dns_name_format(name, _nbuf, sizeof(_nbuf));    \
                        dns_rdatatype_format(type, _tbuf, sizeof(_tbuf)); \
                        update_log(client, zone, LOGLEVEL_PROTOCOL,     \
                                   "update %s: %s/%s: %s (%s)",         \
                                   _what, _nbuf, _tbuf, msg,            \
                                   isc_result_totext(result));          \
                }                                                       \
                if (result != ISC_R_SUCCESS) goto failure;              \
        } while (0)

Definition at line 160 of file update.c.

#define PREREQFAILNT ( code,
name,
type,
msg   ) 

Value:

do {                                                            \
                inc_stats(zone, dns_nsstatscounter_updatebadprereq); \
                FAILNT(code, name, type, msg);                          \
        } while (0)

Definition at line 183 of file update.c.

Referenced by update_action().

#define FAILS ( code,
msg   ) 

Value:

do {                                                    \
                result = (code);                                \
                update_log(client, zone, LOGLEVEL_PROTOCOL,     \
                           "error: %s: %s",                     \
                           msg, isc_result_totext(result));     \
                if (result != ISC_R_SUCCESS) goto failure;      \
        } while (0)
Fail unconditionally and log as a server error. The test against ISC_R_SUCCESS is there to keep the Solaris compiler from complaining about "end-of-loop code not reached".

Definition at line 194 of file update.c.

#define TCPCLIENT ( client   )     (((client)->attributes & NS_CLIENTATTR_TCP) != 0)

Definition at line 206 of file update.c.

Referenced by update_action().

#define RETURN_EXISTENCE_FLAG

Value:

return ((result == ISC_R_EXISTS) ?              \
                (*exists = ISC_TRUE, ISC_R_SUCCESS) :   \
                ((result == ISC_R_SUCCESS) ?            \
                 (*exists = ISC_FALSE, ISC_R_SUCCESS) : \
                 result))
Utility macro for RR existence checking functions.

If the variable 'result' has the value ISC_R_EXISTS or ISC_R_SUCCESS, set *exists to ISC_TRUE or ISC_FALSE, respectively, and return success.

If 'result' has any other value, there was a failure. Return the failure result code and do not set *exists.

This would be more readable as "do { if ... } while(0)", but that form generates tons of warnings on Solaris 2.6.

Definition at line 766 of file update.c.

#define ALLOW_SECURE_TO_INSECURE ( zone   )     ((dns_zone_getoptions(zone) & DNS_ZONEOPT_SECURETOINSECURE) != 0)

Referenced by update_action().

Typedef Documentation

typedef struct rr rr_t

Definition at line 210 of file update.c.

typedef struct update_event update_event_t

Definition at line 218 of file update.c.

typedef isc_result_t rrset_func(void *data, dns_rdataset_t *rrset)

Function type for foreach_rrset() iterator actions.

Definition at line 514 of file update.c.

typedef isc_result_t rr_func(void *data, rr_t *rr)

Function type for foreach_rr() iterator actions.

Definition at line 519 of file update.c.

typedef isc_boolean_t rr_predicate(dns_rdata_t *update_rr, dns_rdata_t *db_rr)

Function type for predicate functions that compare a database RR 'db_rr' against an update RR 'update_rr'.

Definition at line 741 of file update.c.

Function Documentation

static void update_action ( isc_task_t task,
isc_event_t event 
) [static]

Definition at line 2483 of file update.c.

References add_rr_prepare_ctx_t::add_diff, add_nsec3param_records(), add_rr_prepare_action(), add_signing_records(), algorithm, ALLOW_SECURE_TO_INSECURE, dns_update_log_t::arg, CHECK, check_dnssec(), check_mx(), check_soa_increment(), checkqueryacl(), checkupdateacl(), cname_incompatible_rrset_exists(), dns_rdata::data, add_rr_prepare_ctx_t::db, add_rr_prepare_ctx_t::del_diff, delete_if(), add_rr_prepare_ctx_t::diff, dns_db_class(), dns_db_closeversion(), dns_db_currentversion(), dns_db_detach(), dns_db_newversion(), dns_db_origin(), dns_diff_clear(), dns_diff_init(), dns_diff_sort(), DNS_DIFFOP_ADD, DNS_DIFFOP_DEL, DNS_EVENT_UPDATE, DNS_EVENT_UPDATEDONE, dns_fixedname_init, dns_fixedname_name, DNS_JOURNAL_CREATE, dns_journal_destroy(), dns_journal_open(), dns_journal_write_transaction(), DNS_KEYFLAG_OWNERMASK, DNS_KEYOWNER_ZONE, DNS_KEYTYPE_NOAUTH, dns_message_firstname(), dns_message_nextname(), dns_name_equal(), dns_name_format(), DNS_NAME_FORMATSIZE, dns_name_internalwildcard(), dns_name_issubdomain(), dns_name_iswildcard(), DNS_NSEC3PARAM_BUFFERSIZE, dns_nsec3param_deletechains(), dns_nsec3param_fromprivate(), DNS_R_FORMERR, DNS_R_NOTZONE, DNS_R_NXDOMAIN, DNS_R_NXRRSET, DNS_R_REFUSED, DNS_R_YXDOMAIN, DNS_R_YXRRSET, DNS_RDATA_INIT, dns_rdata_toregion(), dns_rdata_tostruct(), dns_rdata_totext(), dns_rdatatype_format(), DNS_RDATATYPE_FORMATSIZE, dns_rdatatype_isdnssec(), dns_rdatatype_ismeta(), dns_result_totext(), DNS_SECTION_PREREQUISITE, DNS_SECTION_UPDATE, dns_ssutable_checkrules(), dns_ssutable_detach(), dns_update_signatures(), dns_zone_addnsec3chain(), dns_zone_checknames(), dns_zone_getdb(), dns_zone_getjournal(), dns_zone_getmaxttl(), dns_zone_getoptions(), dns_zone_getoptions2(), dns_zone_getprivatetype(), dns_zone_getqueryacl(), dns_zone_getserialupdatemethod(), dns_zone_getsigvalidityinterval(), dns_zone_getssutable(), dns_zone_getupdateacl(), dns_zone_getupdatedisabled(), dns_zone_markdirty(), dns_zone_notify(), dns_zone_nscheck(), dns_zone_signwithkey(), DNS_ZONEOPT2_CHECKTTL, DNS_ZONEOPT_CHECKWILDCARD, do_diff(), dst_region_computeid(), FAIL, FAILC, FAILNT, FAILS, foreach_rr(), dns_update_log_t::func, get_current_rr(), add_rr_prepare_ctx_t::ignore_add, INSIST, isc_buffer_init, isc_buffer_usedlength, ISC_FALSE, ISC_LIST_EMPTY, ISC_LIST_HEAD, ISC_LIST_NEXT, ISC_LOG_ERROR, ISC_LOG_WARNING, isc_log_wouldlog(), isc_netaddr_fromsockaddr(), ISC_R_NOMORE, ISC_R_NOSPACE, ISC_R_SUCCESS, ISC_R_UNEXPECTED, isc_result_totext(), isc_task_detach(), isc_task_send(), ISC_TF, ISC_TRUE, isdnssec(), journal, dns_tsigkey::key, dns_rdata::length, LOGLEVEL_DEBUG, LOGLEVEL_PROTOCOL, maxttl, ns_client::mctx, mctx, ns_client::message, add_rr_prepare_ctx_t::name, name, name_exists(), add_rr_prepare_ctx_t::oldname, ns_client::peeraddr, PREREQFAILC, PREREQFAILN, PREREQFAILNT, privatetype, r, remove_orphaned_ds(), update_event::result, rollback_private(), rr_count(), rr_equal_p(), rrset_exists(), ns_client::signer, ssu_checkall(), ns_client::task, TCPCLIENT, temp_append(), temp_check(), temp_order(), true_p(), dns_message::tsigkey, tsigkey, ttl, dns_rdata::type, type_not_dnssec(), type_not_soa_nor_ns_p(), UNEXPECTED_ERROR, update_log(), update_log_cb(), update_one_rr(), add_rr_prepare_ctx_t::update_rr, add_rr_prepare_ctx_t::update_rr_ttl, update_soa_serial(), updatedone_action(), add_rr_prepare_ctx_t::ver, update_event::zone, zone, and zoneclass.

Referenced by send_update_event().

static void updatedone_action ( isc_task_t task,
isc_event_t event 
) [static]

Definition at line 3329 of file update.c.

References DNS_EVENT_UPDATEDONE, dns_nsstatscounter_updatedone, dns_nsstatscounter_updatefail, dns_nsstatscounter_updaterej, DNS_R_REFUSED, dns_zone_detach(), inc_stats(), INSIST, isc_event_free(), ISC_R_SUCCESS, ns_client_detach(), ns_client::nupdates, respond(), update_event::result, ns_client::task, UNUSED, and update_event::zone.

Referenced by update_action().

static isc_result_t send_forward_event ( ns_client_t client,
dns_zone_t zone 
) [static]

Definition at line 3433 of file update.c.

References ns_client::attributes, CHECK, DNS_EVENT_UPDATE, dns_name_format(), DNS_NAME_FORMATSIZE, dns_rdataclass_format(), DNS_RDATACLASS_FORMATSIZE, dns_zone_getclass(), dns_zone_getorigin(), dns_zone_gettask(), FAIL, forward_action(), INSIST, isc_event_allocate(), isc_event_free(), ISC_EVENT_PTR, ISC_R_NOMEMORY, ISC_R_SUCCESS, isc_task_send(), LOGLEVEL_PROTOCOL, ns_client::mctx, ns_client::mortal, namebuf, ns_client_attach(), ns_client_log(), ns_client_replace(), NS_CLIENTATTR_TCP, NS_LOGCATEGORY_UPDATE, NS_LOGMODULE_UPDATE, and ns_client::nupdates.

Referenced by ns_update_start().

static void forward_done ( isc_task_t task,
isc_event_t event 
) [static]

Definition at line 3398 of file update.c.

References update_event::answer, dns_message_destroy(), INSIST, isc_event_free(), ns_client_detach(), ns_client_sendraw(), ns_client::nupdates, and UNUSED.

Referenced by forward_callback().

static isc_result_t add_rr_prepare_action ( void *  data,
rr_t rr 
) [static]

Definition at line 1328 of file update.c.

References add_rr_prepare_ctx_t::add_diff, CHECK, add_rr_prepare_ctx_t::del_diff, dns_diff_append(), DNS_DIFFOP_ADD, DNS_DIFFOP_DEL, dns_difftuple_create(), dns_name_caseequal(), dns_rdata_casecompare(), add_rr_prepare_ctx_t::ignore_add, ISC_R_SUCCESS, ISC_TF, ISC_TRUE, dns_diff::mctx, add_rr_prepare_ctx_t::name, add_rr_prepare_ctx_t::oldname, rr::rdata, replaces_p(), rr::ttl, add_rr_prepare_ctx_t::update_rr, and add_rr_prepare_ctx_t::update_rr_ttl.

Referenced by foreach_rr(), and update_action().

static void static void update_log ( ns_client_t client,
dns_zone_t zone,
int  level,
const char *  fmt,
  ... 
) [static]

Definition at line 267 of file update.c.

References dns_name_format(), DNS_NAME_FORMATSIZE, dns_rdataclass_format(), DNS_RDATACLASS_FORMATSIZE, dns_zone_getclass(), dns_zone_getorigin(), ISC_FALSE, isc_log_wouldlog(), namebuf, ns_client_log(), NS_LOGCATEGORY_UPDATE, and NS_LOGMODULE_UPDATE.

static void update_log_cb ( void *  arg,
dns_zone_t zone,
int  level,
const char *  message 
) [static]

Definition at line 296 of file update.c.

References update_log().

static void inc_stats ( dns_zone_t zone,
isc_statscounter_t  counter 
) [inline, static]

Increment updated-related statistics counters.

Definition at line 304 of file update.c.

References dns_zone_getrequeststats(), and isc_stats_increment().

static isc_result_t checkqueryacl ( ns_client_t client,
dns_acl_t queryacl,
dns_name_t zonename,
dns_acl_t updateacl,
dns_ssutable_t ssutable 
) [static]

Check if we could have queried for the contents of this zone or if the zone is potentially updateable. If the zone can potentially be updated and the check failed then log a error otherwise we log a informational message.

Definition at line 321 of file update.c.

References dns_name_format(), DNS_NAME_FORMATSIZE, DNS_R_REFUSED, dns_rdataclass_format(), DNS_RDATACLASS_FORMATSIZE, ISC_LOG_ERROR, ISC_LOG_INFO, ISC_R_SUCCESS, ISC_TRUE, namebuf, ns_client_checkaclsilent(), ns_client_log(), NS_LOGCATEGORY_UPDATE_SECURITY, NS_LOGMODULE_UPDATE, dns_view::rdclass, and ns_client::view.

Referenced by update_action().

static isc_result_t checkupdateacl ( ns_client_t client,
dns_acl_t acl,
const char *  message,
dns_name_t zonename,
isc_boolean_t  slave,
isc_boolean_t  has_ssutable 
) [static]

Override the default acl logging when checking whether a client can update the zone or whether we can forward the request to the master based on IP address.

'message' contains the type of operation that is being attempted. 'slave' indicates if this is a slave zone. If 'acl' is NULL then log at debug=3. If the zone has no access controls configured ('acl' == NULL && 'has_ssutable == ISC_FALS) log the attempt at info, otherwise at error.

If the request was signed log that we received it.

Definition at line 370 of file update.c.

References dns_name_format(), DNS_NAME_FORMATSIZE, DNS_R_NOTIMP, dns_rdataclass_format(), DNS_RDATACLASS_FORMATSIZE, ISC_FALSE, ISC_LOG_DEBUG, ISC_LOG_ERROR, ISC_LOG_INFO, ISC_R_SUCCESS, namebuf, ns_client_checkaclsilent(), ns_client_log(), NS_LOGCATEGORY_UPDATE_SECURITY, NS_LOGMODULE_UPDATE, dns_view::rdclass, ns_client::signer, and ns_client::view.

Referenced by ns_update_start(), and update_action().

static isc_result_t do_one_tuple ( dns_difftuple_t **  tuple,
dns_db_t db,
dns_dbversion_t ver,
dns_diff_t diff 
) [static]

Update a single RR in version 'ver' of 'db' and log the update in 'diff'.

Ensures:

Definition at line 420 of file update.c.

References dns_diff_appendminimal(), dns_diff_apply(), dns_diff_init(), dns_difftuple_free(), ISC_LIST_APPEND, ISC_LIST_UNLINK, ISC_R_SUCCESS, and dns_diff::mctx.

static isc_result_t do_diff ( dns_diff_t updates,
dns_db_t db,
dns_dbversion_t ver,
dns_diff_t diff 
) [static]

Perform the updates in 'updates' in version 'ver' of 'db' and log the update in 'diff'.

Ensures:

Definition at line 461 of file update.c.

References CHECK, dns_diff_clear(), do_one_tuple(), ISC_LIST_EMPTY, ISC_LIST_HEAD, ISC_LIST_UNLINK, and ISC_R_SUCCESS.

Referenced by update_action().

static isc_result_t update_one_rr ( dns_db_t db,
dns_dbversion_t ver,
dns_diff_t diff,
dns_diffop_t  op,
dns_name_t name,
dns_ttl_t  ttl,
dns_rdata_t rdata 
) [static]

Definition at line 478 of file update.c.

References dns_difftuple_create(), do_one_tuple(), ISC_R_SUCCESS, and dns_diff::mctx.

static isc_result_t foreach_node_rr_action ( void *  data,
dns_rdataset_t rdataset 
) [static]

Internal helper function for foreach_node_rr().

Definition at line 533 of file update.c.

References DNS_RDATA_INIT, dns_rdataset_current(), dns_rdataset_first(), dns_rdataset_next(), ISC_R_NOMORE, ISC_R_SUCCESS, rr::rdata, foreach_node_rr_ctx_t::rr_action, foreach_node_rr_ctx_t::rr_action_data, dns_rdataset::ttl, and rr::ttl.

static isc_result_t foreach_rrset ( dns_db_t db,
dns_dbversion_t ver,
dns_name_t name,
rrset_func action,
void *  action_data 
) [static]

For each rdataset of 'name' in 'ver' of 'db', call 'action' with the rdataset and 'action_data' as arguments. If the name does not exist, do nothing.

If 'action' returns an error, abort iteration and return the error.

Definition at line 561 of file update.c.

References dns_clientinfo_init(), dns_clientinfomethods_init(), dns_db_allrdatasets(), dns_db_closeversion(), dns_db_currentversion(), dns_db_detachnode(), dns_db_findnodeext(), dns_rdataset_disassociate(), dns_rdataset_init(), dns_rdatasetiter_current(), dns_rdatasetiter_destroy(), dns_rdatasetiter_first(), dns_rdatasetiter_next(), ISC_FALSE, ISC_R_NOMORE, ISC_R_NOTFOUND, ISC_R_SUCCESS, and ns_client_sourceip().

static isc_result_t foreach_node_rr ( dns_db_t db,
dns_dbversion_t ver,
dns_name_t name,
rr_func rr_action,
void *  rr_action_data 
) [static]

For each RR of 'name' in 'ver' of 'db', call 'action' with the RR and 'action_data' as arguments. If the name does not exist, do nothing.

If 'action' returns an error, abort iteration and return the error.

Definition at line 630 of file update.c.

References foreach_node_rr_action(), foreach_rrset(), foreach_node_rr_ctx_t::rr_action, and foreach_node_rr_ctx_t::rr_action_data.

static isc_result_t foreach_rr ( dns_db_t db,
dns_dbversion_t ver,
dns_name_t name,
dns_rdatatype_t  type,
dns_rdatatype_t  covers,
rr_func rr_action,
void *  rr_action_data 
) [static]

For each of the RRs specified by 'db', 'ver', 'name', 'type', (which can be dns_rdatatype_any to match any type), and 'covers', call 'action' with the RR and 'action_data' as arguments. If the name does not exist, or if no RRset of the given type exists at the name, do nothing.

If 'action' returns an error, abort iteration and return the error.

Definition at line 651 of file update.c.

References add_rr_prepare_action(), dns_clientinfo_init(), dns_clientinfomethods_init(), dns_db_closeversion(), dns_db_currentversion(), dns_db_detachnode(), dns_db_findnodeext(), dns_db_findnsec3node(), dns_db_findrdataset(), dns_fixedname_init, dns_fixedname_name, dns_name_copy(), DNS_RDATA_INIT, dns_rdataset_current(), dns_rdataset_disassociate(), dns_rdataset_first(), dns_rdataset_getownercase(), dns_rdataset_init(), dns_rdataset_next(), fixed, foreach_node_rr(), ISC_FALSE, ISC_R_NOMORE, ISC_R_NOTFOUND, ISC_R_SUCCESS, ns_client_sourceip(), add_rr_prepare_ctx_t::oldname, rr::rdata, dns_rdataset::ttl, and rr::ttl.

static isc_result_t rrset_exists_action ( void *  data,
rr_t rr 
) [static]

Helper function for rrset_exists().

Definition at line 747 of file update.c.

References ISC_R_EXISTS, and UNUSED.

static isc_result_t rrset_exists ( dns_db_t db,
dns_dbversion_t ver,
dns_name_t name,
dns_rdatatype_t  type,
dns_rdatatype_t  covers,
isc_boolean_t exists 
) [static]

Set '*exists' to true iff an rrset of the given type exists, to false otherwise.

Definition at line 778 of file update.c.

References foreach_rr(), RETURN_EXISTENCE_FLAG, and rrset_exists_action().

static isc_result_t cname_compatibility_action ( void *  data,
dns_rdataset_t rrset 
) [static]

Helper function for cname_incompatible_rrset_exists.

Definition at line 792 of file update.c.

References dns_rdatatype_isdnssec(), ISC_R_EXISTS, ISC_R_SUCCESS, dns_rdataset::type, and UNUSED.

Referenced by cname_incompatible_rrset_exists().

static isc_result_t cname_incompatible_rrset_exists ( dns_db_t db,
dns_dbversion_t ver,
dns_name_t name,
isc_boolean_t exists 
) [static]

Check whether there is an rrset incompatible with adding a CNAME RR, i.e., anything but another CNAME (which can be replaced) or a DNSSEC RR (which can coexist).

If such an incompatible rrset exists, set '*exists' to ISC_TRUE. Otherwise, set it to ISC_FALSE.

Definition at line 809 of file update.c.

References cname_compatibility_action(), foreach_rrset(), and RETURN_EXISTENCE_FLAG.

Referenced by update_action().

static isc_result_t count_rr_action ( void *  data,
rr_t rr 
) [static]

Helper function for rr_count().

Definition at line 821 of file update.c.

References ISC_R_SUCCESS, and UNUSED.

Referenced by rr_count().

static isc_result_t rr_count ( dns_db_t db,
dns_dbversion_t ver,
dns_name_t name,
dns_rdatatype_t  type,
dns_rdatatype_t  covers,
int *  countp 
) [static]

Count the number of RRs of 'type' belonging to 'name' in 'ver' of 'db'.

Definition at line 832 of file update.c.

References count_rr_action(), and foreach_rr().

Referenced by update_action().

static isc_result_t name_exists_action ( void *  data,
dns_rdataset_t rrset 
) [static]

Context struct and helper function for name_exists().

Definition at line 845 of file update.c.

References ISC_R_EXISTS, and UNUSED.

static isc_result_t name_exists ( dns_db_t db,
dns_dbversion_t ver,
dns_name_t name,
isc_boolean_t exists 
) [static]

Set '*exists' to true iff the given name exists, to false otherwise.

Definition at line 855 of file update.c.

References foreach_rrset(), name_exists_action(), and RETURN_EXISTENCE_FLAG.

static isc_result_t ssu_checkrule ( void *  data,
dns_rdataset_t rrset 
) [static]

Definition at line 887 of file update.c.

References dns_ssutable_checkrules(), ISC_R_FAILURE, ISC_R_SUCCESS, ISC_TRUE, ssu_check_t::key, ssu_check_t::name, ssu_check_t::signer, ssu_check_t::table, ssu_check_t::tcpaddr, and dns_rdataset::type.

Referenced by ssu_checkall().

static isc_boolean_t ssu_checkall ( dns_db_t db,
dns_dbversion_t ver,
dns_name_t name,
dns_ssutable_t ssutable,
dns_name_t signer,
isc_netaddr_t tcpaddr,
dst_key_t key 
) [static]

Definition at line 905 of file update.c.

References foreach_rrset(), ISC_R_SUCCESS, ISC_TF, ssu_check_t::key, ssu_check_t::name, ssu_check_t::signer, ssu_checkrule(), ssu_check_t::table, and ssu_check_t::tcpaddr.

Referenced by update_action().

static isc_result_t temp_append ( dns_diff_t diff,
dns_name_t name,
dns_rdata_t rdata 
) [static]

Append a tuple asserting the existence of the RR with 'name' and 'rdata' to 'diff'.

Definition at line 938 of file update.c.

References CHECK, DNS_DIFF_VALID, DNS_DIFFOP_EXISTS, dns_difftuple_create(), ISC_LIST_APPEND, dns_diff::mctx, and REQUIRE.

Referenced by temp_check(), and update_action().

static isc_result_t temp_check_rrset ( dns_difftuple_t a,
dns_difftuple_t b 
) [static]

Compare two rdatasets represented as sorted lists of tuples. All list elements must have the same owner name and type. Return ISC_R_SUCCESS if the rdatasets are equal, rcode(dns_rcode_nxrrset) if not.

Definition at line 957 of file update.c.

References DNS_DIFFOP_EXISTS, dns_name_equal(), DNS_R_NXRRSET, dns_rdata_casecompare(), INSIST, ISC_LIST_NEXT, ISC_R_SUCCESS, dns_difftuple::name, dns_difftuple::op, dns_difftuple::rdata, and dns_rdata::type.

Referenced by temp_check().

static int temp_order ( const void *  av,
const void *  bv 
) [static]

A comparison function defining the sorting order for the entries in the "temp" data structure. The major sort key is the owner name, followed by the type and rdata.

Definition at line 981 of file update.c.

References dns_name_compare(), dns_rdata_casecompare(), dns_difftuple::name, r, dns_difftuple::rdata, and dns_rdata::type.

static isc_result_t temp_check ( isc_mem_t mctx,
dns_diff_t temp,
dns_db_t db,
dns_dbversion_t ver,
dns_name_t tmpname,
dns_rdatatype_t typep 
) [static]

Check the "RRset exists (value dependent)" prerequisite information in 'temp' against the contents of the database 'db'.

Return ISC_R_SUCCESS if the prerequisites are satisfied, rcode(dns_rcode_nxrrset) if not.

'temp' must be pre-sorted.

Definition at line 1008 of file update.c.

References dns_db_detachnode(), dns_db_findnode(), dns_db_findrdataset(), dns_diff_clear(), dns_diff_init(), dns_diff_sort(), dns_name_copy(), dns_name_equal(), DNS_R_NXRRSET, dns_rdata_covers(), DNS_RDATA_INIT, dns_rdataset_current(), dns_rdataset_disassociate(), dns_rdataset_first(), dns_rdataset_init(), dns_rdataset_next(), ISC_FALSE, ISC_LIST_APPEND, ISC_LIST_APPENDLIST, ISC_LIST_HEAD, ISC_LIST_NEXT, ISC_LIST_UNLINK, ISC_R_NOMORE, ISC_R_NOTFOUND, ISC_R_SUCCESS, dns_difftuple::name, name, dns_difftuple::rdata, temp_append(), temp_check_rrset(), temp_order(), and dns_rdata::type.

Referenced by update_action().

static isc_boolean_t type_not_soa_nor_ns_p ( dns_rdata_t update_rr,
dns_rdata_t db_rr 
) [static]

Predicate functions for delete_if().

Return true iff 'db_rr' is neither a SOA nor an NS RR nor an RRSIG nor an NSEC3PARAM nor a NSEC.

Definition at line 1171 of file update.c.

References ISC_FALSE, ISC_TRUE, dns_rdata::type, and UNUSED.

Referenced by update_action().

static isc_boolean_t type_not_dnssec ( dns_rdata_t update_rr,
dns_rdata_t db_rr 
) [static]

Return true iff 'db_rr' is neither a RRSIG nor a NSEC.

Definition at line 1185 of file update.c.

References ISC_FALSE, ISC_TRUE, dns_rdata::type, and UNUSED.

Referenced by update_action().

static isc_boolean_t true_p ( dns_rdata_t update_rr,
dns_rdata_t db_rr 
) [static]

Return true always.

Definition at line 1196 of file update.c.

References ISC_TRUE, and UNUSED.

static isc_boolean_t rr_equal_p ( dns_rdata_t update_rr,
dns_rdata_t db_rr 
) [static]

Return true iff the two RRs have identical rdata.

Definition at line 1206 of file update.c.

References dns_rdata_casecompare(), ISC_FALSE, and ISC_TRUE.

Referenced by update_action().

static isc_boolean_t replaces_p ( dns_rdata_t update_rr,
dns_rdata_t db_rr 
) [static]

Return true iff 'update_rr' should replace 'db_rr' according to the special RFC2136 rules for CNAME, SOA, and WKS records.

RFC2136 does not mention NSEC or DNAME, but multiple NSECs or DNAMEs make little sense, so we replace those, too.

Additionally replace RRSIG that have been generated by the same key for the same type. This simplifies refreshing a offline KSK by not requiring that the old RRSIG be deleted. It also simplifies key rollover by only requiring that the new RRSIG be added.

Definition at line 1229 of file update.c.

References dns_rdata::data, dns_rdata_tostruct(), INSIST, ISC_FALSE, ISC_R_SUCCESS, ISC_TRUE, dns_rdata::length, RUNTIME_CHECK, and dns_rdata::type.

Referenced by add_rr_prepare_action().

static isc_result_t delete_if_action ( void *  data,
rr_t rr 
) [static]

Internal helper function for delete_if().

Definition at line 1289 of file update.c.

References conditional_delete_ctx_t::db, conditional_delete_ctx_t::diff, DNS_DIFFOP_DEL, ISC_R_SUCCESS, conditional_delete_ctx_t::name, conditional_delete_ctx_t::predicate, rr::rdata, rr::ttl, update_one_rr(), conditional_delete_ctx_t::update_rr, and conditional_delete_ctx_t::ver.

static isc_result_t delete_if ( rr_predicate predicate,
dns_db_t db,
dns_dbversion_t ver,
dns_name_t name,
dns_rdatatype_t  type,
dns_rdatatype_t  covers,
dns_rdata_t update_rr,
dns_diff_t diff 
) [static]

Conditionally delete RRs. Apply 'predicate' to the RRs specified by 'db', 'ver', 'name', and 'type' (which can be dns_rdatatype_any to match any type). Delete those RRs for which the predicate returns true, and log the deletions in 'diff'.

Definition at line 1310 of file update.c.

References conditional_delete_ctx_t::db, delete_if_action(), conditional_delete_ctx_t::diff, foreach_rr(), conditional_delete_ctx_t::name, conditional_delete_ctx_t::predicate, conditional_delete_ctx_t::update_rr, and conditional_delete_ctx_t::ver.

static void get_current_rr ( dns_message_t msg,
dns_section_t  section,
dns_rdataclass_t  zoneclass,
dns_name_t **  name,
dns_rdata_t rdata,
dns_rdatatype_t covers,
dns_ttl_t ttl,
dns_rdataclass_t update_class 
) [static]

Extract a single update RR from 'section' of dynamic update message 'msg', with consistency checking.

Stores the owner name, rdata, and TTL of the update RR at 'name', 'rdata', and 'ttl', respectively.

Definition at line 1400 of file update.c.

References dns_rdataset::covers, dns_message_currentname(), dns_rdataset_current(), dns_rdataset_first(), dns_rdataset_next(), INSIST, ISC_LIST_HEAD, ISC_LIST_NEXT, ISC_R_NOMORE, ISC_R_SUCCESS, dns_rdata::rdclass, and dns_rdataset::ttl.

Referenced by update_action().

static isc_result_t update_soa_serial ( dns_db_t db,
dns_dbversion_t ver,
dns_diff_t diff,
isc_mem_t mctx,
dns_updatemethod_t  method 
) [static]

Increment the SOA serial number of database 'db', version 'ver'. Replace the SOA record in the database, and log the change in 'diff'.

Definition at line 1434 of file update.c.

References CHECK, dns_db_createsoatuple(), DNS_DIFFOP_ADD, DNS_DIFFOP_DEL, dns_difftuple_copy(), dns_difftuple_free(), dns_soa_getserial(), dns_soa_setserial(), dns_update_soaserial(), do_one_tuple(), ISC_R_SUCCESS, dns_difftuple::op, dns_difftuple::rdata, and serial.

static isc_result_t check_soa_increment ( dns_db_t db,
dns_dbversion_t ver,
dns_rdata_t update_rdata,
isc_boolean_t ok 
) [static]

Check that the new SOA record at 'update_rdata' does not illegally cause the SOA serial number to decrease or stay unchanged relative to the existing SOA in 'db'.

Sets '*ok' to ISC_TRUE if the update is legal, ISC_FALSE if not.

William King points out that RFC2136 is inconsistent about the case where the serial number stays unchanged:

section 3.4.2.2 requires a server to ignore a SOA update request if the serial number on the update SOA is less_than_or_equal to the zone SOA serial.

section 3.6 requires a server to ignore a SOA update request if the serial is less_than the zone SOA serial.

Paul says 3.4.2.2 is correct.

Definition at line 1482 of file update.c.

References dns_db_getsoaserial(), DNS_SERIAL_GE, dns_soa_getserial(), ISC_FALSE, ISC_R_SUCCESS, and ISC_TRUE.

Referenced by update_action().

static isc_result_t send_update_event ( ns_client_t client,
dns_zone_t zone 
) [static]

The actual update code in all its glory. We try to follow the RFC2136 pseudocode as closely as possible.

Definition at line 1512 of file update.c.

References DNS_EVENT_UPDATE, dns_zone_gettask(), FAIL, INSIST, isc_event_allocate(), isc_event_free(), ISC_EVENT_PTR, ISC_R_NOMEMORY, ISC_R_SUCCESS, isc_task_send(), ns_client::mctx, ns_client_attach(), ns_client::nupdates, and update_action().

Referenced by ns_update_start().

static void respond ( ns_client_t client,
isc_result_t  result 
) [static]

Definition at line 1542 of file update.c.

References dns_message_reply(), dns_result_torcode(), ISC_LOG_ERROR, isc_log_write(), ISC_R_SUCCESS, isc_result_totext(), ISC_TRUE, ns_client::message, ns_client_next(), ns_client_send(), NS_LOGCATEGORY_UPDATE, NS_LOGMODULE_UPDATE, and dns_message::rcode.

void ns_update_start ( ns_client_t client,
isc_result_t  sigresult 
)

Definition at line 1562 of file update.c.

References CHECK, checkupdateacl(), dns_message_currentname(), dns_message_firstname(), dns_message_nextname(), dns_nsstatscounter_updaterej, DNS_R_FORMERR, DNS_R_NOTAUTH, DNS_R_REFUSED, DNS_SECTION_ZONE, dns_zone_attach(), dns_zone_detach(), dns_zone_dlz, dns_zone_getforwardacl(), dns_zone_getraw(), dns_zone_gettype(), dns_zone_master, dns_zone_slave, dns_zt_find(), FAIL, FAILC, inc_stats(), INSIST, ISC_FALSE, ISC_LIST_HEAD, ISC_LIST_NEXT, ISC_R_NOMORE, ISC_R_SUCCESS, ISC_TRUE, ns_client::message, respond(), send_forward_event(), send_update_event(), dns_rdataset::type, ns_client::view, zone, and dns_view::zonetable.

Referenced by client_request().

static isc_result_t remove_orphaned_ds ( dns_db_t db,
dns_dbversion_t newver,
dns_diff_t diff 
) [static]

DS records are not allowed to exist without corresponding NS records, RFC 3658, 2.2 Protocol Change, "DS RRsets MUST NOT appear at non-delegation points or at a zone's apex".

Definition at line 1656 of file update.c.

References CHECK, delete_if(), dns_db_origin(), dns_diff_appendminimal(), dns_diff_init(), DNS_DIFFOP_ADD, DNS_DIFFOP_DEL, dns_name_equal(), ISC_LIST_HEAD, ISC_LIST_NEXT, ISC_LIST_UNLINK, ISC_R_SUCCESS, dns_diff::mctx, dns_difftuple::name, dns_difftuple::op, dns_difftuple::rdata, rrset_exists(), true_p(), and dns_rdata::type.

Referenced by update_action().

static isc_result_t check_mx ( ns_client_t client,
dns_zone_t zone,
dns_db_t db,
dns_dbversion_t newver,
dns_diff_t diff 
) [static]

Definition at line 1696 of file update.c.

References AF_INET6, dns_db_find(), DNS_DIFFOP_ADD, dns_fixedname_init, dns_fixedname_name, dns_name_format(), DNS_NAME_FORMATSIZE, DNS_R_CNAME, DNS_R_DNAME, DNS_R_MXISADDRESS, DNS_R_NXDOMAIN, DNS_R_NXRRSET, DNS_R_REFUSED, DNS_RDATA_CHECKMX, DNS_RDATA_CHECKMXFAIL, dns_rdata_init(), dns_rdata_tostruct(), dns_result_totext(), dns_zone_getoptions(), DNS_ZONEOPT_CHECKINTEGRITY, fixed, inet_aton, ISC_FALSE, ISC_LIST_HEAD, ISC_LIST_NEXT, ISC_LOG_ERROR, ISC_LOG_WARNING, ISC_R_SUCCESS, ISC_TRUE, dns_difftuple::name, namebuf, dns_difftuple::op, dns_difftuple::rdata, RUNTIME_CHECK, dns_rdata::type, and update_log().

static isc_result_t rr_exists ( dns_db_t db,
dns_dbversion_t ver,
dns_name_t name,
const dns_rdata_t rdata,
isc_boolean_t flag 
) [static]

Definition at line 1799 of file update.c.

References CHECK, dns_db_detachnode(), dns_db_findnode(), dns_db_findnsec3node(), dns_db_findrdataset(), dns_rdata_casecompare(), DNS_RDATA_INIT, dns_rdataset_current(), dns_rdataset_disassociate(), dns_rdataset_first(), dns_rdataset_init(), dns_rdataset_next(), ISC_FALSE, ISC_R_NOMORE, ISC_R_NOTFOUND, ISC_R_SUCCESS, ISC_TRUE, and dns_rdata::type.

static isc_result_t get_iterations ( dns_db_t db,
dns_dbversion_t ver,
dns_rdatatype_t  privatetype,
unsigned int *  iterationsp 
) [static]

Definition at line 1842 of file update.c.

References CHECK, dns_db_detachnode(), dns_db_findrdataset(), dns_db_getoriginnode(), DNS_NSEC3PARAM_BUFFERSIZE, dns_nsec3param_fromprivate(), DNS_RDATA_INIT, dns_rdata_tostruct(), dns_rdataset_current(), dns_rdataset_disassociate(), dns_rdataset_first(), dns_rdataset_init(), dns_rdataset_isassociated(), dns_rdataset_next(), ISC_R_NOMORE, ISC_R_NOTFOUND, and ISC_R_SUCCESS.

Referenced by check_dnssec().

static isc_result_t check_dnssec ( ns_client_t client,
dns_zone_t zone,
dns_db_t db,
dns_dbversion_t ver,
dns_diff_t diff 
) [static]

Definition at line 1927 of file update.c.

References CHECK, dns_rdata::data, DNS_DIFFOP_ADD, dns_nsec3_activex(), dns_nsec3_maxiterations(), dns_nsec_nseconly(), DNS_R_REFUSED, dns_zone_getprivatetype(), DST_ALG_DSA, DST_ALG_ECC, DST_ALG_RSAMD5, DST_ALG_RSASHA1, get_iterations(), ISC_FALSE, ISC_LIST_HEAD, ISC_LIST_NEXT, ISC_LOG_ERROR, ISC_R_NOTFOUND, ISC_R_SUCCESS, ISC_TRUE, ns_client::mctx, dns_difftuple::op, privatetype, dns_difftuple::rdata, dns_rdata::type, and update_log().

Referenced by update_action().

static isc_result_t add_nsec3param_records ( ns_client_t client,
dns_zone_t zone,
dns_db_t db,
dns_dbversion_t ver,
dns_diff_t diff 
) [static]

Definition at line 2004 of file update.c.

References CHECK, dns_rdata::data, dns_diff_appendminimal(), dns_diff_clear(), dns_diff_init(), DNS_DIFFOP_ADD, DNS_DIFFOP_DEL, dns_difftuple_create(), dns_name_equal(), DNS_NSEC3PARAM_BUFFERSIZE, dns_nsec3param_toprivate(), dns_nsec_nseconly(), DNS_RDATA_INIT, dns_rdata_reset(), dns_zone_getorigin(), dns_zone_getprivatetype(), do_one_tuple(), INSIST, ISC_FALSE, ISC_LIST_APPEND, ISC_LIST_HEAD, ISC_LIST_NEXT, ISC_LIST_UNLINK, ISC_LOG_DEBUG, ISC_R_NOTFOUND, ISC_R_SUCCESS, ISC_TRUE, dns_rdata::length, dns_diff::mctx, dns_difftuple::name, name, dns_difftuple::op, privatetype, dns_difftuple::rdata, rr_exists(), dns_difftuple::ttl, ttl, dns_rdata::type, and update_log().

Referenced by update_action().

static isc_result_t rollback_private ( dns_db_t db,
dns_rdatatype_t  privatetype,
dns_dbversion_t ver,
dns_diff_t diff 
) [static]

Definition at line 2271 of file update.c.

References CHECK, dns_rdata::data, dns_db_origin(), dns_diff_clear(), dns_diff_init(), DNS_DIFFOP_ADD, DNS_DIFFOP_DEL, dns_difftuple_create(), dns_name_equal(), do_one_tuple(), ISC_LIST_HEAD, ISC_LIST_NEXT, ISC_LIST_PREPEND, ISC_LIST_UNLINK, ISC_R_SUCCESS, dns_rdata::length, dns_diff::mctx, mctx, dns_difftuple::name, name, dns_difftuple::op, dns_difftuple::rdata, dns_difftuple::ttl, and dns_rdata::type.

Referenced by update_action().

static isc_result_t add_signing_records ( dns_db_t db,
dns_rdatatype_t  privatetype,
dns_dbversion_t ver,
dns_diff_t diff 
) [static]

Definition at line 2334 of file update.c.

References CHECK, dns_rdata::data, dns_db_origin(), dns_diff_clear(), dns_diff_init(), DNS_DIFFOP_ADD, DNS_DIFFOP_DEL, dns_difftuple_create(), DNS_KEYFLAG_OWNERMASK, DNS_KEYOWNER_ZONE, DNS_KEYTYPE_NOAUTH, dns_name_equal(), DNS_RDATA_INIT, dns_rdata_toregion(), dns_rdata_tostruct(), do_one_tuple(), dst_region_computeid(), INSIST, ISC_LIST_APPEND, ISC_LIST_HEAD, ISC_LIST_NEXT, ISC_LIST_UNLINK, ISC_R_SUCCESS, dns_rdata::length, dns_diff::mctx, dns_difftuple::name, name, dns_difftuple::op, r, dns_difftuple::rdata, dns_rdata::rdclass, rr_exists(), RUNTIME_CHECK, and dns_rdata::type.

static isc_boolean_t isdnssec ( dns_db_t db,
dns_dbversion_t ver,
dns_rdatatype_t  privatetype 
) [static]

Definition at line 2469 of file update.c.

References dns_db_issecure(), dns_private_chains(), ISC_R_SUCCESS, ISC_TRUE, and RUNTIME_CHECK.

static void forward_fail ( isc_task_t task,
isc_event_t event 
) [static]

Update forwarding support.

Definition at line 3363 of file update.c.

References DNS_R_SERVFAIL, INSIST, isc_event_free(), ns_client_detach(), ns_client::nupdates, respond(), and UNUSED.

Referenced by forward_action(), and forward_callback().

static void forward_callback ( void *  arg,
isc_result_t  result,
dns_message_t answer 
) [static]

Definition at line 3377 of file update.c.

References update_event::answer, DNS_EVENT_UPDATEDONE, dns_nsstatscounter_updatefwdfail, dns_nsstatscounter_updaterespfwd, dns_zone_detach(), forward_done(), forward_fail(), inc_stats(), INSIST, ISC_EVENT_PTR, ISC_R_SUCCESS, isc_task_send(), ns_client::task, update_event::zone, and zone.

static void forward_action ( isc_task_t task,
isc_event_t event 
) [static]

Definition at line 3413 of file update.c.

References DNS_EVENT_UPDATEDONE, dns_nsstatscounter_updatefwdfail, dns_nsstatscounter_updatereqfwd, dns_zone_detach(), dns_zone_forwardupdate(), forward_callback(), forward_fail(), inc_stats(), ISC_R_SUCCESS, isc_task_detach(), isc_task_send(), ns_client::message, ns_client::task, update_event::zone, and zone.

Referenced by send_forward_event().

Generated on Tue Apr 28 17:41:13 2015 by Doxygen 1.5.4 for BIND9 Internals 9.11.0pre-alpha