[thirdparty/systemd.git] / src / resolve / resolved-dns-zone.c

/* SPDX-License-Identifier: LGPL-2.1+ */
/***
  This file is part of systemd.

  Copyright 2014 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include "alloc-util.h"
#include "dns-domain.h"
#include "list.h"
#include "resolved-dns-packet.h"
#include "resolved-dns-zone.h"
#include "resolved-dnssd.h"
#include "string-util.h"

/* Never allow more than 1K entries */
#define ZONE_MAX 1024

void dns_zone_item_probe_stop(DnsZoneItem *i) {
        DnsTransaction *t;
        assert(i);

        if (!i->probe_transaction)
                return;

        t = i->probe_transaction;
        i->probe_transaction = NULL;

        set_remove(t->notify_zone_items, i);
        set_remove(t->notify_zone_items_done, i);
        dns_transaction_gc(t);
}

static void dns_zone_item_free(DnsZoneItem *i) {
        if (!i)
                return;

        dns_zone_item_probe_stop(i);
        dns_resource_record_unref(i->rr);

        free(i);
}

DEFINE_TRIVIAL_CLEANUP_FUNC(DnsZoneItem*, dns_zone_item_free);

static void dns_zone_item_remove_and_free(DnsZone *z, DnsZoneItem *i) {
        DnsZoneItem *first;

        assert(z);

        if (!i)
                return;

        first = hashmap_get(z->by_key, i->rr->key);
        LIST_REMOVE(by_key, first, i);
        if (first)
                assert_se(hashmap_replace(z->by_key, first->rr->key, first) >= 0);
        else
                hashmap_remove(z->by_key, i->rr->key);

        first = hashmap_get(z->by_name, dns_resource_key_name(i->rr->key));
        LIST_REMOVE(by_name, first, i);
        if (first)
                assert_se(hashmap_replace(z->by_name, dns_resource_key_name(first->rr->key), first) >= 0);
        else
                hashmap_remove(z->by_name, dns_resource_key_name(i->rr->key));

        dns_zone_item_free(i);
}

void dns_zone_flush(DnsZone *z) {
        DnsZoneItem *i;

        assert(z);

        while ((i = hashmap_first(z->by_key)))
                dns_zone_item_remove_and_free(z, i);

        assert(hashmap_size(z->by_key) == 0);
        assert(hashmap_size(z->by_name) == 0);

        z->by_key = hashmap_free(z->by_key);
        z->by_name = hashmap_free(z->by_name);
}

DnsZoneItem* dns_zone_get(DnsZone *z, DnsResourceRecord *rr) {
        DnsZoneItem *i;

        assert(z);
        assert(rr);

        LIST_FOREACH(by_key, i, hashmap_get(z->by_key, rr->key))
                if (dns_resource_record_equal(i->rr, rr) > 0)
                        return i;

        return NULL;
}

void dns_zone_remove_rr(DnsZone *z, DnsResourceRecord *rr) {
        DnsZoneItem *i;

        assert(z);
        assert(rr);

        i = dns_zone_get(z, rr);
        if (i)
                dns_zone_item_remove_and_free(z, i);
}

int dns_zone_remove_rrs_by_key(DnsZone *z, DnsResourceKey *key) {
        _cleanup_(dns_answer_unrefp) DnsAnswer *answer = NULL, *soa = NULL;
        DnsResourceRecord *rr;
        bool tentative;
        int r;

        r = dns_zone_lookup(z, key, 0, &answer, &soa, &tentative);
        if (r < 0)
                return r;

        DNS_ANSWER_FOREACH(rr, answer)
                dns_zone_remove_rr(z, rr);

        return 0;
}

static int dns_zone_init(DnsZone *z) {
        int r;

        assert(z);

        r = hashmap_ensure_allocated(&z->by_key, &dns_resource_key_hash_ops);
        if (r < 0)
                return r;

        r = hashmap_ensure_allocated(&z->by_name, &dns_name_hash_ops);
        if (r < 0)
                return r;

        return 0;
}

static int dns_zone_link_item(DnsZone *z, DnsZoneItem *i) {
        DnsZoneItem *first;
        int r;

        first = hashmap_get(z->by_key, i->rr->key);
        if (first) {
                LIST_PREPEND(by_key, first, i);
                assert_se(hashmap_replace(z->by_key, first->rr->key, first) >= 0);
        } else {
                r = hashmap_put(z->by_key, i->rr->key, i);
                if (r < 0)
                        return r;
        }

        first = hashmap_get(z->by_name, dns_resource_key_name(i->rr->key));
        if (first) {
                LIST_PREPEND(by_name, first, i);
                assert_se(hashmap_replace(z->by_name, dns_resource_key_name(first->rr->key), first) >= 0);
        } else {
                r = hashmap_put(z->by_name, dns_resource_key_name(i->rr->key), i);
                if (r < 0)
                        return r;
        }

        return 0;
}

static int dns_zone_item_probe_start(DnsZoneItem *i)  {
        DnsTransaction *t;
        int r;

        assert(i);

        if (i->probe_transaction)
                return 0;

        t = dns_scope_find_transaction(i->scope, &DNS_RESOURCE_KEY_CONST(i->rr->key->class, DNS_TYPE_ANY, dns_resource_key_name(i->rr->key)), false);
        if (!t) {
                _cleanup_(dns_resource_key_unrefp) DnsResourceKey *key = NULL;

                key = dns_resource_key_new(i->rr->key->class, DNS_TYPE_ANY, dns_resource_key_name(i->rr->key));
                if (!key)
                        return -ENOMEM;

                r = dns_transaction_new(&t, i->scope, key);
                if (r < 0)
                        return r;
        }

        r = set_ensure_allocated(&t->notify_zone_items, NULL);
        if (r < 0)
                goto gc;

        r = set_ensure_allocated(&t->notify_zone_items_done, NULL);
        if (r < 0)
                goto gc;

        r = set_put(t->notify_zone_items, i);
        if (r < 0)
                goto gc;

        i->probe_transaction = t;
        t->probing = true;

        if (t->state == DNS_TRANSACTION_NULL) {

                i->block_ready++;
                r = dns_transaction_go(t);
                i->block_ready--;

                if (r < 0) {
                        dns_zone_item_probe_stop(i);
                        return r;
                }
        }

        dns_zone_item_notify(i);
        return 0;

gc:
        dns_transaction_gc(t);
        return r;
}

int dns_zone_put(DnsZone *z, DnsScope *s, DnsResourceRecord *rr, bool probe) {
        _cleanup_(dns_zone_item_freep) DnsZoneItem *i = NULL;
        DnsZoneItem *existing;
        int r;

        assert(z);
        assert(s);
        assert(rr);

        if (dns_class_is_pseudo(rr->key->class))
                return -EINVAL;
        if (dns_type_is_pseudo(rr->key->type))
                return -EINVAL;

        existing = dns_zone_get(z, rr);
        if (existing)
                return 0;

        r = dns_zone_init(z);
        if (r < 0)
                return r;

        i = new0(DnsZoneItem, 1);
        if (!i)
                return -ENOMEM;

        i->scope = s;
        i->rr = dns_resource_record_ref(rr);
        i->probing_enabled = probe;

        r = dns_zone_link_item(z, i);
        if (r < 0)
                return r;

        if (probe) {
                DnsZoneItem *first, *j;
                bool established = false;

                /* Check if there's already an RR with the same name
                 * established. If so, it has been probed already, and
                 * we don't ned to probe again. */

                LIST_FIND_HEAD(by_name, i, first);
                LIST_FOREACH(by_name, j, first) {
                        if (i == j)
                                continue;

                        if (j->state == DNS_ZONE_ITEM_ESTABLISHED)
                                established = true;
                }

                if (established)
                        i->state = DNS_ZONE_ITEM_ESTABLISHED;
                else {
                        i->state = DNS_ZONE_ITEM_PROBING;

                        r = dns_zone_item_probe_start(i);
                        if (r < 0) {
                                dns_zone_item_remove_and_free(z, i);
                                i = NULL;
                                return r;
                        }
                }
        } else
                i->state = DNS_ZONE_ITEM_ESTABLISHED;

        i = NULL;
        return 0;
}

static int dns_zone_add_authenticated_answer(DnsAnswer *a, DnsZoneItem *i, int ifindex) {
        DnsAnswerFlags flags;

        /* From RFC 6762, Section 10.2
         * "They (the rules about when to set the cache-flush bit) apply to
         * startup announcements as described in Section 8.3, "Announcing",
         * and to responses generated as a result of receiving query messages."
         * So, set the cache-flush bit for mDNS answers except for DNS-SD
         * service enumeration PTRs described in RFC 6763, Section 4.1. */
        if (i->scope->protocol == DNS_PROTOCOL_MDNS &&
            !dns_resource_key_is_dnssd_ptr(i->rr->key))
                flags = DNS_ANSWER_AUTHENTICATED|DNS_ANSWER_CACHE_FLUSH;
        else
                flags = DNS_ANSWER_AUTHENTICATED;

        return dns_answer_add(a, i->rr, ifindex, flags);
}

int dns_zone_lookup(DnsZone *z, DnsResourceKey *key, int ifindex, DnsAnswer **ret_answer, DnsAnswer **ret_soa, bool *ret_tentative) {
        _cleanup_(dns_answer_unrefp) DnsAnswer *answer = NULL, *soa = NULL;
        unsigned n_answer = 0;
        DnsZoneItem *j, *first;
        bool tentative = true, need_soa = false;
        int r;

        /* Note that we don't actually need the ifindex for anything. However when it is passed we'll initialize the
         * ifindex field in the answer with it */

        assert(z);
        assert(key);
        assert(ret_answer);

        /* First iteration, count what we have */

        if (key->type == DNS_TYPE_ANY || key->class == DNS_CLASS_ANY) {
                bool found = false, added = false;
                int k;

                /* If this is a generic match, then we have to
                 * go through the list by the name and look
                 * for everything manually */

                first = hashmap_get(z->by_name, dns_resource_key_name(key));
                LIST_FOREACH(by_name, j, first) {
                        if (!IN_SET(j->state, DNS_ZONE_ITEM_PROBING, DNS_ZONE_ITEM_ESTABLISHED, DNS_ZONE_ITEM_VERIFYING))
                                continue;

                        found = true;

                        k = dns_resource_key_match_rr(key, j->rr, NULL);
                        if (k < 0)
                                return k;
                        if (k > 0) {
                                n_answer++;
                                added = true;
                        }

                }

                if (found && !added)
                        need_soa = true;

        } else {
                bool found = false;

                /* If this is a specific match, then look for
                 * the right key immediately */

                first = hashmap_get(z->by_key, key);
                LIST_FOREACH(by_key, j, first) {
                        if (!IN_SET(j->state, DNS_ZONE_ITEM_PROBING, DNS_ZONE_ITEM_ESTABLISHED, DNS_ZONE_ITEM_VERIFYING))
                                continue;

                        found = true;
                        n_answer++;
                }

                if (!found) {
                        first = hashmap_get(z->by_name, dns_resource_key_name(key));
                        LIST_FOREACH(by_name, j, first) {
                                if (!IN_SET(j->state, DNS_ZONE_ITEM_PROBING, DNS_ZONE_ITEM_ESTABLISHED, DNS_ZONE_ITEM_VERIFYING))
                                        continue;

                                need_soa = true;
                                break;
                        }
                }
        }

        if (n_answer <= 0 && !need_soa)
                goto return_empty;

        if (n_answer > 0) {
                answer = dns_answer_new(n_answer);
                if (!answer)
                        return -ENOMEM;
        }

        if (need_soa) {
                soa = dns_answer_new(1);
                if (!soa)
                        return -ENOMEM;
        }

        /* Second iteration, actually add the RRs to the answers */
        if (key->type == DNS_TYPE_ANY || key->class == DNS_CLASS_ANY) {
                bool found = false, added = false;
                int k;

                first = hashmap_get(z->by_name, dns_resource_key_name(key));
                LIST_FOREACH(by_name, j, first) {
                        if (!IN_SET(j->state, DNS_ZONE_ITEM_PROBING, DNS_ZONE_ITEM_ESTABLISHED, DNS_ZONE_ITEM_VERIFYING))
                                continue;

                        found = true;

                        if (j->state != DNS_ZONE_ITEM_PROBING)
                                tentative = false;

                        k = dns_resource_key_match_rr(key, j->rr, NULL);
                        if (k < 0)
                                return k;
                        if (k > 0) {
                                r = dns_zone_add_authenticated_answer(answer, j, ifindex);
                                if (r < 0)
                                        return r;

                                added = true;
                        }
                }

                if (found && !added) {
                        r = dns_answer_add_soa(soa, dns_resource_key_name(key), LLMNR_DEFAULT_TTL, ifindex);
                        if (r < 0)
                                return r;
                }
        } else {
                bool found = false;

                first = hashmap_get(z->by_key, key);
                LIST_FOREACH(by_key, j, first) {
                        if (!IN_SET(j->state, DNS_ZONE_ITEM_PROBING, DNS_ZONE_ITEM_ESTABLISHED, DNS_ZONE_ITEM_VERIFYING))
                                continue;

                        found = true;

                        if (j->state != DNS_ZONE_ITEM_PROBING)
                                tentative = false;

                        r = dns_zone_add_authenticated_answer(answer, j, ifindex);
                        if (r < 0)
                                return r;
                }

                if (!found) {
                        bool add_soa = false;

                        first = hashmap_get(z->by_name, dns_resource_key_name(key));
                        LIST_FOREACH(by_name, j, first) {
                                if (!IN_SET(j->state, DNS_ZONE_ITEM_PROBING, DNS_ZONE_ITEM_ESTABLISHED, DNS_ZONE_ITEM_VERIFYING))
                                        continue;

                                if (j->state != DNS_ZONE_ITEM_PROBING)
                                        tentative = false;

                                add_soa = true;
                        }

                        if (add_soa) {
                                r = dns_answer_add_soa(soa, dns_resource_key_name(key), LLMNR_DEFAULT_TTL, ifindex);
                                if (r < 0)
                                        return r;
                        }
                }
        }

        /* If the caller sets ret_tentative to NULL, then use this as
         * indication to not return tentative entries */

        if (!ret_tentative && tentative)
                goto return_empty;

        *ret_answer = answer;
        answer = NULL;

        if (ret_soa) {
                *ret_soa = soa;
                soa = NULL;
        }

        if (ret_tentative)
                *ret_tentative = tentative;

        return 1;

return_empty:
        *ret_answer = NULL;

        if (ret_soa)
                *ret_soa = NULL;

        if (ret_tentative)
                *ret_tentative = false;

        return 0;
}

void dns_zone_item_conflict(DnsZoneItem *i) {
        assert(i);

        if (!IN_SET(i->state, DNS_ZONE_ITEM_PROBING, DNS_ZONE_ITEM_VERIFYING, DNS_ZONE_ITEM_ESTABLISHED))
                return;

        log_info("Detected conflict on %s", strna(dns_resource_record_to_string(i->rr)));

        dns_zone_item_probe_stop(i);

        /* Withdraw the conflict item */
        i->state = DNS_ZONE_ITEM_WITHDRAWN;

        dnssd_signal_conflict(i->scope->manager, dns_resource_key_name(i->rr->key));

        /* Maybe change the hostname */
        if (manager_is_own_hostname(i->scope->manager, dns_resource_key_name(i->rr->key)) > 0)
                manager_next_hostname(i->scope->manager);
}

void dns_zone_item_notify(DnsZoneItem *i) {
        assert(i);
        assert(i->probe_transaction);

        if (i->block_ready > 0)
                return;

        if (IN_SET(i->probe_transaction->state, DNS_TRANSACTION_NULL, DNS_TRANSACTION_PENDING, DNS_TRANSACTION_VALIDATING))
                return;

        if (i->probe_transaction->state == DNS_TRANSACTION_SUCCESS) {
                bool we_lost = false;

                /* The probe got a successful reply. If we so far
                 * weren't established we just give up.
                 *
                 * In LLMNR case if we already
                 * were established, and the peer has the
                 * lexicographically larger IP address we continue
                 * and defend it. */

                if (!IN_SET(i->state, DNS_ZONE_ITEM_ESTABLISHED, DNS_ZONE_ITEM_VERIFYING)) {
                        log_debug("Got a successful probe for not yet established RR, we lost.");
                        we_lost = true;
                } else if (i->probe_transaction->scope->protocol == DNS_PROTOCOL_LLMNR) {
                        assert(i->probe_transaction->received);
                        we_lost = memcmp(&i->probe_transaction->received->sender, &i->probe_transaction->received->destination, FAMILY_ADDRESS_SIZE(i->probe_transaction->received->family)) < 0;
                        if (we_lost)
                                log_debug("Got a successful probe reply for an established RR, and we have a lexicographically larger IP address and thus lost.");
                }

                if (we_lost) {
                        dns_zone_item_conflict(i);
                        return;
                }

                log_debug("Got a successful probe reply, but peer has lexicographically lower IP address and thus lost.");
        }

        log_debug("Record %s successfully probed.", strna(dns_resource_record_to_string(i->rr)));

        dns_zone_item_probe_stop(i);
        i->state = DNS_ZONE_ITEM_ESTABLISHED;
}

static int dns_zone_item_verify(DnsZoneItem *i) {
        int r;

        assert(i);

        if (i->state != DNS_ZONE_ITEM_ESTABLISHED)
                return 0;

        log_debug("Verifying RR %s", strna(dns_resource_record_to_string(i->rr)));

        i->state = DNS_ZONE_ITEM_VERIFYING;
        r = dns_zone_item_probe_start(i);
        if (r < 0) {
                log_error_errno(r, "Failed to start probing for verifying RR: %m");
                i->state = DNS_ZONE_ITEM_ESTABLISHED;
                return r;
        }

        return 0;
}

int dns_zone_check_conflicts(DnsZone *zone, DnsResourceRecord *rr) {
        DnsZoneItem *i, *first;
        int c = 0;

        assert(zone);
        assert(rr);

        /* This checks whether a response RR we received from somebody
         * else is one that we actually thought was uniquely ours. If
         * so, we'll verify our RRs. */

        /* No conflict if we don't have the name at all. */
        first = hashmap_get(zone->by_name, dns_resource_key_name(rr->key));
        if (!first)
                return 0;

        /* No conflict if we have the exact same RR */
        if (dns_zone_get(zone, rr))
                return 0;

        /* No conflict if it is DNS-SD RR used for service enumeration. */
        if (dns_resource_key_is_dnssd_ptr(rr->key))
                return 0;

        /* OK, somebody else has RRs for the same name. Yuck! Let's
         * start probing again */

        LIST_FOREACH(by_name, i, first) {
                if (dns_resource_record_equal(i->rr, rr))
                        continue;

                dns_zone_item_verify(i);
                c++;
        }

        return c;
}

int dns_zone_verify_conflicts(DnsZone *zone, DnsResourceKey *key) {
        DnsZoneItem *i, *first;
        int c = 0;

        assert(zone);

        /* Somebody else notified us about a possible conflict. Let's
         * verify if that's true. */

        first = hashmap_get(zone->by_name, dns_resource_key_name(key));
        if (!first)
                return 0;

        LIST_FOREACH(by_name, i, first) {
                dns_zone_item_verify(i);
                c++;
        }

        return c;
}

void dns_zone_verify_all(DnsZone *zone) {
        DnsZoneItem *i;
        Iterator iterator;

        assert(zone);

        HASHMAP_FOREACH(i, zone->by_key, iterator) {
                DnsZoneItem *j;

                LIST_FOREACH(by_key, j, i)
                        dns_zone_item_verify(j);
        }
}

void dns_zone_dump(DnsZone *zone, FILE *f) {
        Iterator iterator;
        DnsZoneItem *i;

        if (!zone)
                return;

        if (!f)
                f = stdout;

        HASHMAP_FOREACH(i, zone->by_key, iterator) {
                DnsZoneItem *j;

                LIST_FOREACH(by_key, j, i) {
                        const char *t;

                        t = dns_resource_record_to_string(j->rr);
                        if (!t) {
                                log_oom();
                                continue;
                        }

                        fputc('\t', f);
                        fputs(t, f);
                        fputc('\n', f);
                }
        }
}

bool dns_zone_is_empty(DnsZone *zone) {
        if (!zone)
                return true;

        return hashmap_isempty(zone->by_key);
}

bool dns_zone_contains_name(DnsZone *z, const char *name) {
        DnsZoneItem *i, *first;

        first = hashmap_get(z->by_name, name);
        if (!first)
                return false;

        LIST_FOREACH(by_name, i, first) {
                if (!IN_SET(i->state, DNS_ZONE_ITEM_PROBING, DNS_ZONE_ITEM_ESTABLISHED, DNS_ZONE_ITEM_VERIFYING))
                        continue;

                return true;
        }

        return false;
}
Commit	Line	Data
53e1b683	1	/* SPDX-License-Identifier: LGPL-2.1+ */
623a4c97 LP	2	/***
	3	This file is part of systemd.
	4
	5	Copyright 2014 Lennart Poettering
	6
	7	systemd is free software; you can redistribute it and/or modify it
	8	under the terms of the GNU Lesser General Public License as published by
	9	the Free Software Foundation; either version 2.1 of the License, or
	10	(at your option) any later version.
	11
	12	systemd is distributed in the hope that it will be useful, but
	13	WITHOUT ANY WARRANTY; without even the implied warranty of
	14	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	15	Lesser General Public License for more details.
	16
	17	You should have received a copy of the GNU Lesser General Public License
	18	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	19	***/
	20
b5efdb8a	21	#include "alloc-util.h"
4ad7f276	22	#include "dns-domain.h"
07630cea	23	#include "list.h"
623a4c97	24	#include "resolved-dns-packet.h"
07630cea	25	#include "resolved-dns-zone.h"
c3036641	26	#include "resolved-dnssd.h"
07630cea	27	#include "string-util.h"
623a4c97 LP	28
	29	/* Never allow more than 1K entries */
	30	#define ZONE_MAX 1024
	31
3ef64445	32	void dns_zone_item_probe_stop(DnsZoneItem *i) {
ec2c5e43 LP	33	DnsTransaction *t;
ec2c5e43 LP	34	assert(i);
623a4c97	35
ec2c5e43 LP	36	if (!i->probe_transaction)
	37	return;
	38
	39	t = i->probe_transaction;
	40	i->probe_transaction = NULL;
	41
547973de	42	set_remove(t->notify_zone_items, i);
35aa04e9	43	set_remove(t->notify_zone_items_done, i);
ec2c5e43 LP	44	dns_transaction_gc(t);
ec2c5e43 LP	45	}
623a4c97 LP	46
	47	static void dns_zone_item_free(DnsZoneItem *i) {
	48	if (!i)
	49	return;
	50
ec2c5e43	51	dns_zone_item_probe_stop(i);
623a4c97	52	dns_resource_record_unref(i->rr);
ec2c5e43	53
623a4c97 LP	54	free(i);
	55	}
	56
	57	DEFINE_TRIVIAL_CLEANUP_FUNC(DnsZoneItem*, dns_zone_item_free);
	58
	59	static void dns_zone_item_remove_and_free(DnsZone z, DnsZoneItem i) {
	60	DnsZoneItem *first;
	61
	62	assert(z);
	63
	64	if (!i)
	65	return;
	66
	67	first = hashmap_get(z->by_key, i->rr->key);
	68	LIST_REMOVE(by_key, first, i);
	69	if (first)
	70	assert_se(hashmap_replace(z->by_key, first->rr->key, first) >= 0);
	71	else
	72	hashmap_remove(z->by_key, i->rr->key);
	73
1c02e7ba	74	first = hashmap_get(z->by_name, dns_resource_key_name(i->rr->key));
623a4c97 LP	75	LIST_REMOVE(by_name, first, i);
623a4c97 LP	76	if (first)
1c02e7ba	77	assert_se(hashmap_replace(z->by_name, dns_resource_key_name(first->rr->key), first) >= 0);
623a4c97	78	else
1c02e7ba	79	hashmap_remove(z->by_name, dns_resource_key_name(i->rr->key));
623a4c97 LP	80
	81	dns_zone_item_free(i);
	82	}
	83
	84	void dns_zone_flush(DnsZone *z) {
	85	DnsZoneItem *i;
	86
	87	assert(z);
	88
	89	while ((i = hashmap_first(z->by_key)))
	90	dns_zone_item_remove_and_free(z, i);
	91
	92	assert(hashmap_size(z->by_key) == 0);
	93	assert(hashmap_size(z->by_name) == 0);
	94
525d3cc7 LP	95	z->by_key = hashmap_free(z->by_key);
525d3cc7 LP	96	z->by_name = hashmap_free(z->by_name);
623a4c97 LP	97	}
623a4c97 LP	98
8d67e72c	99	DnsZoneItem* dns_zone_get(DnsZone z, DnsResourceRecord rr) {
623a4c97 LP	100	DnsZoneItem *i;
	101
	102	assert(z);
	103	assert(rr);
	104
	105	LIST_FOREACH(by_key, i, hashmap_get(z->by_key, rr->key))
3ef77d04	106	if (dns_resource_record_equal(i->rr, rr) > 0)
623a4c97 LP	107	return i;
	108
	109	return NULL;
	110	}
	111
	112	void dns_zone_remove_rr(DnsZone z, DnsResourceRecord rr) {
	113	DnsZoneItem *i;
	114
	115	assert(z);
	116	assert(rr);
	117
	118	i = dns_zone_get(z, rr);
	119	if (i)
	120	dns_zone_item_remove_and_free(z, i);
	121	}
	122
6db6a464 DR	123	int dns_zone_remove_rrs_by_key(DnsZone z, DnsResourceKey key) {
	124	_cleanup_(dns_answer_unrefp) DnsAnswer answer = NULL, soa = NULL;
	125	DnsResourceRecord *rr;
	126	bool tentative;
	127	int r;
	128
	129	r = dns_zone_lookup(z, key, 0, &answer, &soa, &tentative);
	130	if (r < 0)
	131	return r;
	132
	133	DNS_ANSWER_FOREACH(rr, answer)
	134	dns_zone_remove_rr(z, rr);
	135
	136	return 0;
	137	}
	138
623a4c97 LP	139	static int dns_zone_init(DnsZone *z) {
	140	int r;
	141
	142	assert(z);
	143
d5099efc	144	r = hashmap_ensure_allocated(&z->by_key, &dns_resource_key_hash_ops);
623a4c97 LP	145	if (r < 0)
	146	return r;
	147
d5099efc	148	r = hashmap_ensure_allocated(&z->by_name, &dns_name_hash_ops);
623a4c97 LP	149	if (r < 0)
	150	return r;
	151
	152	return 0;
	153	}
	154
	155	static int dns_zone_link_item(DnsZone z, DnsZoneItem i) {
	156	DnsZoneItem *first;
	157	int r;
	158
	159	first = hashmap_get(z->by_key, i->rr->key);
	160	if (first) {
	161	LIST_PREPEND(by_key, first, i);
	162	assert_se(hashmap_replace(z->by_key, first->rr->key, first) >= 0);
	163	} else {
	164	r = hashmap_put(z->by_key, i->rr->key, i);
	165	if (r < 0)
	166	return r;
	167	}
	168
1c02e7ba	169	first = hashmap_get(z->by_name, dns_resource_key_name(i->rr->key));
623a4c97 LP	170	if (first) {
623a4c97 LP	171	LIST_PREPEND(by_name, first, i);
1c02e7ba	172	assert_se(hashmap_replace(z->by_name, dns_resource_key_name(first->rr->key), first) >= 0);
623a4c97	173	} else {
1c02e7ba	174	r = hashmap_put(z->by_name, dns_resource_key_name(i->rr->key), i);
623a4c97 LP	175	if (r < 0)
	176	return r;
	177	}
	178
	179	return 0;
	180	}
	181
ec2c5e43	182	static int dns_zone_item_probe_start(DnsZoneItem *i) {
ec2c5e43 LP	183	DnsTransaction *t;
	184	int r;
	185
	186	assert(i);
	187
	188	if (i->probe_transaction)
	189	return 0;
	190
1c02e7ba	191	t = dns_scope_find_transaction(i->scope, &DNS_RESOURCE_KEY_CONST(i->rr->key->class, DNS_TYPE_ANY, dns_resource_key_name(i->rr->key)), false);
ec2c5e43	192	if (!t) {
1b4f6e79 LP	193	_cleanup_(dns_resource_key_unrefp) DnsResourceKey *key = NULL;
1b4f6e79 LP	194
1c02e7ba	195	key = dns_resource_key_new(i->rr->key->class, DNS_TYPE_ANY, dns_resource_key_name(i->rr->key));
1b4f6e79 LP	196	if (!key)
	197	return -ENOMEM;
	198
f52e61da	199	r = dns_transaction_new(&t, i->scope, key);
ec2c5e43 LP	200	if (r < 0)
	201	return r;
	202	}
	203
547973de	204	r = set_ensure_allocated(&t->notify_zone_items, NULL);
ec2c5e43 LP	205	if (r < 0)
	206	goto gc;
	207
35aa04e9 LP	208	r = set_ensure_allocated(&t->notify_zone_items_done, NULL);
	209	if (r < 0)
	210	goto gc;
	211
547973de	212	r = set_put(t->notify_zone_items, i);
ec2c5e43 LP	213	if (r < 0)
	214	goto gc;
	215
	216	i->probe_transaction = t;
53fda2bb	217	t->probing = true;
ec2c5e43 LP	218
	219	if (t->state == DNS_TRANSACTION_NULL) {
	220
	221	i->block_ready++;
	222	r = dns_transaction_go(t);
	223	i->block_ready--;
	224
	225	if (r < 0) {
	226	dns_zone_item_probe_stop(i);
	227	return r;
	228	}
	229	}
	230
547973de	231	dns_zone_item_notify(i);
ec2c5e43 LP	232	return 0;
	233
	234	gc:
	235	dns_transaction_gc(t);
	236	return r;
	237	}
	238
	239	int dns_zone_put(DnsZone z, DnsScope s, DnsResourceRecord *rr, bool probe) {
623a4c97 LP	240	_cleanup_(dns_zone_item_freep) DnsZoneItem *i = NULL;
	241	DnsZoneItem *existing;
	242	int r;
	243
	244	assert(z);
ec2c5e43	245	assert(s);
623a4c97 LP	246	assert(rr);
623a4c97 LP	247
222148b6	248	if (dns_class_is_pseudo(rr->key->class))
1d3b690f	249	return -EINVAL;
222148b6	250	if (dns_type_is_pseudo(rr->key->type))
1d3b690f LP	251	return -EINVAL;
1d3b690f LP	252
623a4c97 LP	253	existing = dns_zone_get(z, rr);
	254	if (existing)
	255	return 0;
	256
	257	r = dns_zone_init(z);
	258	if (r < 0)
	259	return r;
	260
	261	i = new0(DnsZoneItem, 1);
	262	if (!i)
	263	return -ENOMEM;
	264
ec2c5e43	265	i->scope = s;
623a4c97	266	i->rr = dns_resource_record_ref(rr);
ec2c5e43	267	i->probing_enabled = probe;
623a4c97 LP	268
	269	r = dns_zone_link_item(z, i);
	270	if (r < 0)
	271	return r;
	272
ec2c5e43	273	if (probe) {
cd1b20f9 LP	274	DnsZoneItem first, j;
	275	bool established = false;
	276
	277	/* Check if there's already an RR with the same name
	278	* established. If so, it has been probed already, and
	279	* we don't ned to probe again. */
	280
	281	LIST_FIND_HEAD(by_name, i, first);
	282	LIST_FOREACH(by_name, j, first) {
	283	if (i == j)
	284	continue;
	285
	286	if (j->state == DNS_ZONE_ITEM_ESTABLISHED)
	287	established = true;
ec2c5e43 LP	288	}
ec2c5e43 LP	289
cd1b20f9 LP	290	if (established)
	291	i->state = DNS_ZONE_ITEM_ESTABLISHED;
	292	else {
60eb3f7c LP	293	i->state = DNS_ZONE_ITEM_PROBING;
60eb3f7c LP	294
cd1b20f9 LP	295	r = dns_zone_item_probe_start(i);
	296	if (r < 0) {
	297	dns_zone_item_remove_and_free(z, i);
	298	i = NULL;
	299	return r;
	300	}
cd1b20f9	301	}
ec2c5e43 LP	302	} else
	303	i->state = DNS_ZONE_ITEM_ESTABLISHED;
	304
623a4c97 LP	305	i = NULL;
	306	return 0;
	307	}
	308
748a548e DR	309	static int dns_zone_add_authenticated_answer(DnsAnswer a, DnsZoneItem i, int ifindex) {
	310	DnsAnswerFlags flags;
	311
	312	/* From RFC 6762, Section 10.2
	313	* "They (the rules about when to set the cache-flush bit) apply to
	314	* startup announcements as described in Section 8.3, "Announcing",
	315	* and to responses generated as a result of receiving query messages."
	316	* So, set the cache-flush bit for mDNS answers except for DNS-SD
	317	* service enumeration PTRs described in RFC 6763, Section 4.1. */
	318	if (i->scope->protocol == DNS_PROTOCOL_MDNS &&
	319	!dns_resource_key_is_dnssd_ptr(i->rr->key))
	320	flags = DNS_ANSWER_AUTHENTICATED\|DNS_ANSWER_CACHE_FLUSH;
	321	else
	322	flags = DNS_ANSWER_AUTHENTICATED;
	323
	324	return dns_answer_add(a, i->rr, ifindex, flags);
	325	}
	326
97ebebbc	327	int dns_zone_lookup(DnsZone z, DnsResourceKey key, int ifindex, DnsAnswer ret_answer, DnsAnswer ret_soa, bool *ret_tentative) {
8bf52d3d	328	_cleanup_(dns_answer_unrefp) DnsAnswer answer = NULL, soa = NULL;
5032b16d LP	329	unsigned n_answer = 0;
	330	DnsZoneItem j, first;
	331	bool tentative = true, need_soa = false;
d5323661	332	int r;
623a4c97	333
97ebebbc LP	334	/* Note that we don't actually need the ifindex for anything. However when it is passed we'll initialize the
	335	* ifindex field in the answer with it */
	336
623a4c97	337	assert(z);
5032b16d	338	assert(key);
8bf52d3d	339	assert(ret_answer);
623a4c97	340
5032b16d	341	/* First iteration, count what we have */
ec2c5e43	342
5032b16d LP	343	if (key->type == DNS_TYPE_ANY \|\| key->class == DNS_CLASS_ANY) {
	344	bool found = false, added = false;
	345	int k;
623a4c97	346
5032b16d LP	347	/* If this is a generic match, then we have to
	348	* go through the list by the name and look
	349	* for everything manually */
623a4c97	350
1c02e7ba	351	first = hashmap_get(z->by_name, dns_resource_key_name(key));
5032b16d LP	352	LIST_FOREACH(by_name, j, first) {
	353	if (!IN_SET(j->state, DNS_ZONE_ITEM_PROBING, DNS_ZONE_ITEM_ESTABLISHED, DNS_ZONE_ITEM_VERIFYING))
	354	continue;
d5323661	355
5032b16d	356	found = true;
d5323661	357
801ad6a6	358	k = dns_resource_key_match_rr(key, j->rr, NULL);
5032b16d LP	359	if (k < 0)
	360	return k;
	361	if (k > 0) {
	362	n_answer++;
	363	added = true;
	364	}
ec2c5e43	365
5032b16d	366	}
ec2c5e43	367
5032b16d LP	368	if (found && !added)
5032b16d LP	369	need_soa = true;
ec2c5e43	370
5032b16d LP	371	} else {
5032b16d LP	372	bool found = false;
d5323661	373
5032b16d LP	374	/* If this is a specific match, then look for
5032b16d LP	375	* the right key immediately */
ec2c5e43	376
5032b16d LP	377	first = hashmap_get(z->by_key, key);
	378	LIST_FOREACH(by_key, j, first) {
	379	if (!IN_SET(j->state, DNS_ZONE_ITEM_PROBING, DNS_ZONE_ITEM_ESTABLISHED, DNS_ZONE_ITEM_VERIFYING))
	380	continue;
ec2c5e43	381
5032b16d LP	382	found = true;
	383	n_answer++;
	384	}
ec2c5e43	385
5032b16d	386	if (!found) {
1c02e7ba	387	first = hashmap_get(z->by_name, dns_resource_key_name(key));
5032b16d	388	LIST_FOREACH(by_name, j, first) {
ec2c5e43 LP	389	if (!IN_SET(j->state, DNS_ZONE_ITEM_PROBING, DNS_ZONE_ITEM_ESTABLISHED, DNS_ZONE_ITEM_VERIFYING))
	390	continue;
	391
5032b16d LP	392	need_soa = true;
5032b16d LP	393	break;
d5323661	394	}
d5323661	395	}
623a4c97 LP	396	}
623a4c97 LP	397
5032b16d LP	398	if (n_answer <= 0 && !need_soa)
5032b16d LP	399	goto return_empty;
623a4c97	400
8bf52d3d LP	401	if (n_answer > 0) {
	402	answer = dns_answer_new(n_answer);
	403	if (!answer)
	404	return -ENOMEM;
	405	}
623a4c97	406
5032b16d LP	407	if (need_soa) {
5032b16d LP	408	soa = dns_answer_new(1);
8bf52d3d LP	409	if (!soa)
	410	return -ENOMEM;
	411	}
	412
	413	/* Second iteration, actually add the RRs to the answers */
5032b16d LP	414	if (key->type == DNS_TYPE_ANY \|\| key->class == DNS_CLASS_ANY) {
	415	bool found = false, added = false;
	416	int k;
d5323661	417
1c02e7ba	418	first = hashmap_get(z->by_name, dns_resource_key_name(key));
5032b16d LP	419	LIST_FOREACH(by_name, j, first) {
	420	if (!IN_SET(j->state, DNS_ZONE_ITEM_PROBING, DNS_ZONE_ITEM_ESTABLISHED, DNS_ZONE_ITEM_VERIFYING))
	421	continue;
ec2c5e43	422
5032b16d	423	found = true;
ec2c5e43	424
5032b16d LP	425	if (j->state != DNS_ZONE_ITEM_PROBING)
5032b16d LP	426	tentative = false;
ec2c5e43	427
801ad6a6	428	k = dns_resource_key_match_rr(key, j->rr, NULL);
5032b16d LP	429	if (k < 0)
	430	return k;
	431	if (k > 0) {
748a548e	432	r = dns_zone_add_authenticated_answer(answer, j, ifindex);
d5323661 LP	433	if (r < 0)
d5323661 LP	434	return r;
5032b16d LP	435
5032b16d LP	436	added = true;
d5323661	437	}
5032b16d	438	}
d5323661	439
5032b16d	440	if (found && !added) {
97ebebbc	441	r = dns_answer_add_soa(soa, dns_resource_key_name(key), LLMNR_DEFAULT_TTL, ifindex);
5032b16d LP	442	if (r < 0)
	443	return r;
	444	}
	445	} else {
	446	bool found = false;
ec2c5e43	447
5032b16d LP	448	first = hashmap_get(z->by_key, key);
	449	LIST_FOREACH(by_key, j, first) {
	450	if (!IN_SET(j->state, DNS_ZONE_ITEM_PROBING, DNS_ZONE_ITEM_ESTABLISHED, DNS_ZONE_ITEM_VERIFYING))
	451	continue;
ec2c5e43	452
5032b16d	453	found = true;
ec2c5e43	454
5032b16d LP	455	if (j->state != DNS_ZONE_ITEM_PROBING)
5032b16d LP	456	tentative = false;
ec2c5e43	457
748a548e	458	r = dns_zone_add_authenticated_answer(answer, j, ifindex);
5032b16d LP	459	if (r < 0)
	460	return r;
	461	}
ec2c5e43	462
5032b16d LP	463	if (!found) {
5032b16d LP	464	bool add_soa = false;
ec2c5e43	465
1c02e7ba	466	first = hashmap_get(z->by_name, dns_resource_key_name(key));
5032b16d LP	467	LIST_FOREACH(by_name, j, first) {
	468	if (!IN_SET(j->state, DNS_ZONE_ITEM_PROBING, DNS_ZONE_ITEM_ESTABLISHED, DNS_ZONE_ITEM_VERIFYING))
	469	continue;
ec2c5e43	470
5032b16d LP	471	if (j->state != DNS_ZONE_ITEM_PROBING)
5032b16d LP	472	tentative = false;
ec2c5e43	473
5032b16d LP	474	add_soa = true;
	475	}
	476
	477	if (add_soa) {
97ebebbc	478	r = dns_answer_add_soa(soa, dns_resource_key_name(key), LLMNR_DEFAULT_TTL, ifindex);
5032b16d LP	479	if (r < 0)
5032b16d LP	480	return r;
d5323661	481	}
623a4c97 LP	482	}
	483	}
	484
5032b16d LP	485	/* If the caller sets ret_tentative to NULL, then use this as
	486	* indication to not return tentative entries */
	487
	488	if (!ret_tentative && tentative)
	489	goto return_empty;
	490
8bf52d3d	491	*ret_answer = answer;
623a4c97 LP	492	answer = NULL;
623a4c97 LP	493
5032b16d LP	494	if (ret_soa) {
	495	*ret_soa = soa;
	496	soa = NULL;
	497	}
8bf52d3d	498
ec2c5e43 LP	499	if (ret_tentative)
	500	*ret_tentative = tentative;
	501
623a4c97	502	return 1;
5032b16d LP	503
	504	return_empty:
	505	*ret_answer = NULL;
	506
	507	if (ret_soa)
	508	*ret_soa = NULL;
	509
	510	if (ret_tentative)
	511	*ret_tentative = false;
	512
	513	return 0;
623a4c97	514	}
ec2c5e43 LP	515
ec2c5e43 LP	516	void dns_zone_item_conflict(DnsZoneItem *i) {
ec2c5e43 LP	517	assert(i);
ec2c5e43 LP	518
a4076574 LP	519	if (!IN_SET(i->state, DNS_ZONE_ITEM_PROBING, DNS_ZONE_ITEM_VERIFYING, DNS_ZONE_ITEM_ESTABLISHED))
	520	return;
	521
7b50eb2e	522	log_info("Detected conflict on %s", strna(dns_resource_record_to_string(i->rr)));
ec2c5e43	523
d84b686f LP	524	dns_zone_item_probe_stop(i);
d84b686f LP	525
ec2c5e43 LP	526	/* Withdraw the conflict item */
	527	i->state = DNS_ZONE_ITEM_WITHDRAWN;
	528
c3036641 DR	529	dnssd_signal_conflict(i->scope->manager, dns_resource_key_name(i->rr->key));
c3036641 DR	530
ec2c5e43	531	/* Maybe change the hostname */
1c02e7ba	532	if (manager_is_own_hostname(i->scope->manager, dns_resource_key_name(i->rr->key)) > 0)
ec2c5e43 LP	533	manager_next_hostname(i->scope->manager);
	534	}
	535
547973de	536	void dns_zone_item_notify(DnsZoneItem *i) {
ec2c5e43 LP	537	assert(i);
	538	assert(i->probe_transaction);
	539
	540	if (i->block_ready > 0)
	541	return;
	542
547973de	543	if (IN_SET(i->probe_transaction->state, DNS_TRANSACTION_NULL, DNS_TRANSACTION_PENDING, DNS_TRANSACTION_VALIDATING))
ec2c5e43 LP	544	return;
ec2c5e43 LP	545
a4076574 LP	546	if (i->probe_transaction->state == DNS_TRANSACTION_SUCCESS) {
a4076574 LP	547	bool we_lost = false;
ec2c5e43	548
a4076574	549	/* The probe got a successful reply. If we so far
008d4ab7 DR	550	* weren't established we just give up.
	551	*
	552	* In LLMNR case if we already
a4076574	553	* were established, and the peer has the
4d91eec4	554	* lexicographically larger IP address we continue
a4076574 LP	555	* and defend it. */
a4076574 LP	556
2fb3034c LP	557	if (!IN_SET(i->state, DNS_ZONE_ITEM_ESTABLISHED, DNS_ZONE_ITEM_VERIFYING)) {
2fb3034c LP	558	log_debug("Got a successful probe for not yet established RR, we lost.");
a4076574	559	we_lost = true;
008d4ab7	560	} else if (i->probe_transaction->scope->protocol == DNS_PROTOCOL_LLMNR) {
a4076574	561	assert(i->probe_transaction->received);
4d91eec4	562	we_lost = memcmp(&i->probe_transaction->received->sender, &i->probe_transaction->received->destination, FAMILY_ADDRESS_SIZE(i->probe_transaction->received->family)) < 0;
2fb3034c	563	if (we_lost)
4d91eec4	564	log_debug("Got a successful probe reply for an established RR, and we have a lexicographically larger IP address and thus lost.");
a4076574 LP	565	}
	566
	567	if (we_lost) {
	568	dns_zone_item_conflict(i);
	569	return;
	570	}
	571
	572	log_debug("Got a successful probe reply, but peer has lexicographically lower IP address and thus lost.");
	573	}
	574
7b50eb2e	575	log_debug("Record %s successfully probed.", strna(dns_resource_record_to_string(i->rr)));
ec2c5e43	576
a4076574 LP	577	dns_zone_item_probe_stop(i);
	578	i->state = DNS_ZONE_ITEM_ESTABLISHED;
	579	}
	580
	581	static int dns_zone_item_verify(DnsZoneItem *i) {
	582	int r;
	583
	584	assert(i);
	585
	586	if (i->state != DNS_ZONE_ITEM_ESTABLISHED)
	587	return 0;
	588
7b50eb2e	589	log_debug("Verifying RR %s", strna(dns_resource_record_to_string(i->rr)));
2fb3034c	590
a4076574 LP	591	i->state = DNS_ZONE_ITEM_VERIFYING;
	592	r = dns_zone_item_probe_start(i);
	593	if (r < 0) {
da927ba9	594	log_error_errno(r, "Failed to start probing for verifying RR: %m");
ec2c5e43	595	i->state = DNS_ZONE_ITEM_ESTABLISHED;
a4076574 LP	596	return r;
	597	}
	598
	599	return 0;
	600	}
	601
	602	int dns_zone_check_conflicts(DnsZone zone, DnsResourceRecord rr) {
	603	DnsZoneItem i, first;
bf1594f5	604	int c = 0;
a4076574 LP	605
	606	assert(zone);
	607	assert(rr);
	608
	609	/* This checks whether a response RR we received from somebody
	610	* else is one that we actually thought was uniquely ours. If
	611	* so, we'll verify our RRs. */
	612
	613	/* No conflict if we don't have the name at all. */
1c02e7ba	614	first = hashmap_get(zone->by_name, dns_resource_key_name(rr->key));
a4076574 LP	615	if (!first)
	616	return 0;
	617
	618	/* No conflict if we have the exact same RR */
	619	if (dns_zone_get(zone, rr))
	620	return 0;
	621
d686f15c DR	622	/* No conflict if it is DNS-SD RR used for service enumeration. */
	623	if (dns_resource_key_is_dnssd_ptr(rr->key))
	624	return 0;
	625
a4076574 LP	626	/* OK, somebody else has RRs for the same name. Yuck! Let's
	627	* start probing again */
	628
	629	LIST_FOREACH(by_name, i, first) {
	630	if (dns_resource_record_equal(i->rr, rr))
	631	continue;
	632
	633	dns_zone_item_verify(i);
	634	c++;
	635	}
	636
	637	return c;
	638	}
	639
	640	int dns_zone_verify_conflicts(DnsZone zone, DnsResourceKey key) {
	641	DnsZoneItem i, first;
bf1594f5	642	int c = 0;
a4076574 LP	643
	644	assert(zone);
	645
	646	/* Somebody else notified us about a possible conflict. Let's
	647	* verify if that's true. */
	648
1c02e7ba	649	first = hashmap_get(zone->by_name, dns_resource_key_name(key));
a4076574 LP	650	if (!first)
	651	return 0;
	652
	653	LIST_FOREACH(by_name, i, first) {
	654	dns_zone_item_verify(i);
	655	c++;
	656	}
	657
	658	return c;
ec2c5e43	659	}
902bb5d8 LP	660
	661	void dns_zone_verify_all(DnsZone *zone) {
	662	DnsZoneItem *i;
	663	Iterator iterator;
	664
	665	assert(zone);
	666
	667	HASHMAP_FOREACH(i, zone->by_key, iterator) {
	668	DnsZoneItem *j;
	669
	670	LIST_FOREACH(by_key, j, i)
	671	dns_zone_item_verify(j);
	672	}
	673	}
4d506d6b LP	674
	675	void dns_zone_dump(DnsZone zone, FILE f) {
	676	Iterator iterator;
	677	DnsZoneItem *i;
4d506d6b LP	678
	679	if (!zone)
	680	return;
	681
	682	if (!f)
	683	f = stdout;
	684
	685	HASHMAP_FOREACH(i, zone->by_key, iterator) {
	686	DnsZoneItem *j;
	687
	688	LIST_FOREACH(by_key, j, i) {
7b50eb2e	689	const char *t;
4d506d6b	690
7b50eb2e LP	691	t = dns_resource_record_to_string(j->rr);
7b50eb2e LP	692	if (!t) {
4d506d6b LP	693	log_oom();
	694	continue;
	695	}
	696
	697	fputc('\t', f);
	698	fputs(t, f);
	699	fputc('\n', f);
	700	}
	701	}
	702	}
	703
	704	bool dns_zone_is_empty(DnsZone *zone) {
	705	if (!zone)
	706	return true;
	707
	708	return hashmap_isempty(zone->by_key);
	709	}
a2bf8a19 DR	710
	711	bool dns_zone_contains_name(DnsZone z, const char name) {
	712	DnsZoneItem i, first;
	713
	714	first = hashmap_get(z->by_name, name);
	715	if (!first)
	716	return false;
	717
	718	LIST_FOREACH(by_name, i, first) {
	719	if (!IN_SET(i->state, DNS_ZONE_ITEM_PROBING, DNS_ZONE_ITEM_ESTABLISHED, DNS_ZONE_ITEM_VERIFYING))
	720	continue;
	721
	722	return true;
	723	}
	724
	725	return false;
	726	}