[thirdparty/pdns.git] / pdns / packethandler.hh

/*
 * This file is part of PowerDNS or dnsdist.
 * Copyright -- PowerDNS.COM B.V. and its contributors
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of version 2 of the GNU General Public License as
 * published by the Free Software Foundation.
 *
 * In addition, for the avoidance of any doubt, permission is granted to
 * link this program with OpenSSL and to (re)distribute the binaries
 * produced as the result of such linking.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 */
#ifndef PACKETHANDLER_HH
#define PACKETHANDLER_HH

#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include "ueberbackend.hh"
#include "dnspacket.hh"
#include "packetcache.hh"
#include "dnsseckeeper.hh"
#include "lua-auth4.hh"
#include "gss_context.hh"

#include "namespaces.hh"

// silly Solaris people define PC
#undef PC

/** Central DNS logic according to RFC1034. Ask this class a question in the form of a DNSPacket
    and it will return, synchronously, a DNSPacket answer, suitable for 
    sending out over the network. 

    The PacketHandler gives your question to the PacketCache for possible inclusion
    in the cache.

    In order to do so, the PacketHandler contains a reference to the global extern PacketCache PC

    It also contains an UeberBackend instance for answering the subqueries needed to generate
    a complete reply.

*/
class NSEC3PARAMRecordContent;

class PacketHandler
{
public:
  DNSPacket *doQuestion(DNSPacket *); //!< hand us a DNS packet with a question, we give you an answer
  DNSPacket *question(DNSPacket *); //!< hand us a DNS packet with a question, we give you an answer
  PacketHandler(); 
  ~PacketHandler(); // defined in packethandler.cc, and does --count
  static int numRunning(){return s_count;}; //!< Returns the number of running PacketHandlers. Called by Distributor
 
  UeberBackend *getBackend();

  int trySuperMasterSynchronous(const DNSPacket *p, const DNSName& tsigkeyname);
  static NetmaskGroup s_allowNotifyFrom;
  static set<string> s_forwardNotify;

private:
  int trySuperMaster(DNSPacket *p, const DNSName& tsigkeyname);
  int processNotify(DNSPacket *);
  void addRootReferral(DNSPacket *r);
  int doChaosRequest(DNSPacket *p, DNSPacket *r, DNSName &target);
  bool addDNSKEY(DNSPacket *p, DNSPacket *r, const SOAData& sd);
  bool addCDNSKEY(DNSPacket *p, DNSPacket *r, const SOAData& sd);
  bool addCDS(DNSPacket *p, DNSPacket *r, const SOAData& sd);
  bool addNSEC3PARAM(DNSPacket *p, DNSPacket *r, const SOAData& sd);
  int doAdditionalProcessingAndDropAA(DNSPacket *p, DNSPacket *r, const SOAData& sd, bool retargeted);
  void addNSECX(DNSPacket *p, DNSPacket* r, const DNSName &target, const DNSName &wildcard, const DNSName &auth, int mode);
  void addNSEC(DNSPacket *p, DNSPacket* r, const DNSName &target, const DNSName &wildcard, const DNSName& auth, int mode);
  void addNSEC3(DNSPacket *p, DNSPacket* r, const DNSName &target, const DNSName &wildcard, const DNSName& auth, const NSEC3PARAMRecordContent& nsec3param, bool narrow, int mode);
  void emitNSEC(DNSPacket *r, const SOAData& sd, const DNSName& name, const DNSName& next, int mode);
  void emitNSEC3(DNSPacket *r, const SOAData& sd, const NSEC3PARAMRecordContent &ns3rc, const DNSName& unhashed, const string& begin, const string& end, int mode);
  int processUpdate(DNSPacket *p);
  int forwardPacket(const string &msgPrefix, DNSPacket *p, DomainInfo *di);
  uint performUpdate(const string &msgPrefix, const DNSRecord *rr, DomainInfo *di, bool isPresigned, bool* narrow, bool* haveNSEC3, NSEC3PARAMRecordContent *ns3pr, bool *updatedSerial);
  int checkUpdatePrescan(const DNSRecord *rr);
  int checkUpdatePrerequisites(const DNSRecord *rr, DomainInfo *di);
  void increaseSerial(const string &msgPrefix, const DomainInfo *di, bool haveNSEC3, bool narrow, const NSEC3PARAMRecordContent *ns3pr);

  void makeNXDomain(DNSPacket* p, DNSPacket* r, const DNSName& target, const DNSName& wildcard, const SOAData& sd);
  void makeNOError(DNSPacket* p, DNSPacket* r, const DNSName& target, const DNSName& wildcard, const SOAData& sd, int mode);
  vector<DNSZoneRecord> getBestReferralNS(DNSPacket *p, SOAData& sd, const DNSName &target);
  vector<DNSZoneRecord> getBestDNAMESynth(DNSPacket *p, SOAData& sd, DNSName &target);
  bool tryDNAME(DNSPacket *p, DNSPacket*r, SOAData& sd, DNSName &target);
  bool tryReferral(DNSPacket *p, DNSPacket*r, SOAData& sd, const DNSName &target, bool retargeted);

  bool getBestWildcard(DNSPacket *p, SOAData& sd, const DNSName &target, DNSName &wildcard, vector<DNSZoneRecord>* ret);
  bool tryWildcard(DNSPacket *p, DNSPacket*r, SOAData& sd, DNSName &target, DNSName &wildcard, bool& retargeted, bool& nodata);
  bool addDSforNS(DNSPacket* p, DNSPacket* r, SOAData& sd, const DNSName& dsname);
  void completeANYRecords(DNSPacket *p, DNSPacket*r, SOAData& sd, const DNSName &target);

  void tkeyHandler(DNSPacket *p, DNSPacket *r); //<! process TKEY record, and adds TKEY record to (r)eply, or error code.

  static AtomicCounter s_count;
  static pthread_mutex_t s_rfc2136lock;
  bool d_logDNSDetails;
  bool d_doIPv6AdditionalProcessing;
  bool d_doDNAME;
  bool d_doExpandALIAS;
  bool d_dnssec;
  std::unique_ptr<AuthLua4> d_pdl;
  std::unique_ptr<AuthLua4> d_update_policy_lua;

  UeberBackend B; // every thread an own instance
  DNSSECKeeper d_dk; // B is shared with DNSSECKeeper
};
bool getNSEC3Hashes(bool narrow, DNSBackend* db, int id, const std::string& hashed, bool decrement, DNSName& unhashed, string& before, string& after, int mode=0);
std::shared_ptr<DNSRecordContent> makeSOAContent(const SOAData& sd);
#endif /* PACKETHANDLER */
Commit	Line	Data
12c86877	1	/*
12471842 PL	2	* This file is part of PowerDNS or dnsdist.
	3	* Copyright -- PowerDNS.COM B.V. and its contributors
	4	*
	5	* This program is free software; you can redistribute it and/or modify
	6	* it under the terms of version 2 of the GNU General Public License as
	7	* published by the Free Software Foundation.
	8	*
	9	* In addition, for the avoidance of any doubt, permission is granted to
	10	* link this program with OpenSSL and to (re)distribute the binaries
	11	* produced as the result of such linking.
	12	*
	13	* This program is distributed in the hope that it will be useful,
	14	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	15	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	16	* GNU General Public License for more details.
	17	*
	18	* You should have received a copy of the GNU General Public License
	19	* along with this program; if not, write to the Free Software
	20	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
	21	*/
12c86877 BH	22	#ifndef PACKETHANDLER_HH
12c86877 BH	23	#define PACKETHANDLER_HH
cc3afe25	24
76473b92 KM	25	#include <sys/socket.h>
	26	#include <netinet/in.h>
	27	#include <arpa/inet.h>
12c86877 BH	28	#include "ueberbackend.hh"
	29	#include "dnspacket.hh"
	30	#include "packetcache.hh"
e0d84497	31	#include "dnsseckeeper.hh"
0ecc1158	32	#include "lua-auth4.hh"
7f9ac49b	33	#include "gss_context.hh"
12c86877	34
10f4eea8	35	#include "namespaces.hh"
12c86877	36
88def049 BH	37	// silly Solaris people define PC
	38	#undef PC
	39
12c86877 BH	40	/** Central DNS logic according to RFC1034. Ask this class a question in the form of a DNSPacket
	41	and it will return, synchronously, a DNSPacket answer, suitable for
	42	sending out over the network.
	43
	44	The PacketHandler gives your question to the PacketCache for possible inclusion
	45	in the cache.
	46
	47	In order to do so, the PacketHandler contains a reference to the global extern PacketCache PC
	48
	49	It also contains an UeberBackend instance for answering the subqueries needed to generate
	50	a complete reply.
	51
	52	*/
5c3bf2db	53	class NSEC3PARAMRecordContent;
12c86877 BH	54
	55	class PacketHandler
	56	{
	57	public:
e89efca5	58	DNSPacket doQuestion(DNSPacket ); //!< hand us a DNS packet with a question, we give you an answer
12c86877 BH	59	DNSPacket question(DNSPacket ); //!< hand us a DNS packet with a question, we give you an answer
	60	PacketHandler();
	61	~PacketHandler(); // defined in packethandler.cc, and does --count
bdc9f8d2	62	static int numRunning(){return s_count;}; //!< Returns the number of running PacketHandlers. Called by Distributor
12c86877	63
3971cf53	64	UeberBackend *getBackend();
cc3afe25	65
02980dc2	66	int trySuperMasterSynchronous(const DNSPacket *p, const DNSName& tsigkeyname);
d207ad63	67	static NetmaskGroup s_allowNotifyFrom;
dad0736b	68	static set<string> s_forwardNotify;
12c86877 BH	69
12c86877 BH	70	private:
6fe866b4	71	int trySuperMaster(DNSPacket *p, const DNSName& tsigkeyname);
3777f434	72	int processNotify(DNSPacket *);
8a63d3ce	73	void addRootReferral(DNSPacket *r);
675fa24c	74	int doChaosRequest(DNSPacket p, DNSPacket r, DNSName &target);
f889ab99 PL	75	bool addDNSKEY(DNSPacket p, DNSPacket r, const SOAData& sd);
f889ab99 PL	76	bool addCDNSKEY(DNSPacket p, DNSPacket r, const SOAData& sd);
ef542223	77	bool addCDS(DNSPacket p, DNSPacket r, const SOAData& sd);
794c2f92	78	bool addNSEC3PARAM(DNSPacket p, DNSPacket r, const SOAData& sd);
d2323cd0	79	int doAdditionalProcessingAndDropAA(DNSPacket p, DNSPacket r, const SOAData& sd, bool retargeted);
675fa24c PD	80	void addNSECX(DNSPacket p, DNSPacket r, const DNSName &target, const DNSName &wildcard, const DNSName &auth, int mode);
	81	void addNSEC(DNSPacket p, DNSPacket r, const DNSName &target, const DNSName &wildcard, const DNSName& auth, int mode);
	82	void addNSEC3(DNSPacket p, DNSPacket r, const DNSName &target, const DNSName &wildcard, const DNSName& auth, const NSEC3PARAMRecordContent& nsec3param, bool narrow, int mode);
ca617317	83	void emitNSEC(DNSPacket *r, const SOAData& sd, const DNSName& name, const DNSName& next, int mode);
576e7e0f	84	void emitNSEC3(DNSPacket *r, const SOAData& sd, const NSEC3PARAMRecordContent &ns3rc, const DNSName& unhashed, const string& begin, const string& end, int mode);
f7a69a4c	85	int processUpdate(DNSPacket *p);
b3148887	86	int forwardPacket(const string &msgPrefix, DNSPacket p, DomainInfo di);
d0d273cf	87	uint performUpdate(const string &msgPrefix, const DNSRecord rr, DomainInfo di, bool isPresigned, bool* narrow, bool* haveNSEC3, NSEC3PARAMRecordContent ns3pr, bool updatedSerial);
f7a69a4c RA	88	int checkUpdatePrescan(const DNSRecord *rr);
f7a69a4c RA	89	int checkUpdatePrerequisites(const DNSRecord rr, DomainInfo di);
166ac305	90	void increaseSerial(const string &msgPrefix, const DomainInfo di, bool haveNSEC3, bool narrow, const NSEC3PARAMRecordContent ns3pr);
5c3bf2db	91
5fff7d51 KM	92	void makeNXDomain(DNSPacket* p, DNSPacket* r, const DNSName& target, const DNSName& wildcard, const SOAData& sd);
5fff7d51 KM	93	void makeNOError(DNSPacket* p, DNSPacket* r, const DNSName& target, const DNSName& wildcard, const SOAData& sd, int mode);
90ba52e0	94	vector<DNSZoneRecord> getBestReferralNS(DNSPacket *p, SOAData& sd, const DNSName &target);
90ba52e0	95	vector<DNSZoneRecord> getBestDNAMESynth(DNSPacket *p, SOAData& sd, DNSName &target);
675fa24c PD	96	bool tryDNAME(DNSPacket p, DNSPacketr, SOAData& sd, DNSName &target);
	97	bool tryReferral(DNSPacket p, DNSPacketr, SOAData& sd, const DNSName &target, bool retargeted);
	98
90ba52e0	99	bool getBestWildcard(DNSPacket p, SOAData& sd, const DNSName &target, DNSName &wildcard, vector<DNSZoneRecord> ret);
675fa24c PD	100	bool tryWildcard(DNSPacket p, DNSPacketr, SOAData& sd, DNSName &target, DNSName &wildcard, bool& retargeted, bool& nodata);
	101	bool addDSforNS(DNSPacket* p, DNSPacket* r, SOAData& sd, const DNSName& dsname);
	102	void completeANYRecords(DNSPacket p, DNSPacketr, SOAData& sd, const DNSName &target);
c00d7891	103
6d45df05	104	void tkeyHandler(DNSPacket p, DNSPacket r); //<! process TKEY record, and adds TKEY record to (r)eply, or error code.
c00d7891	105
16f7d28d	106	static AtomicCounter s_count;
ee9ef8f2	107	static pthread_mutex_t s_rfc2136lock;
12c86877	108	bool d_logDNSDetails;
fd8bc993	109	bool d_doIPv6AdditionalProcessing;
8dee0750	110	bool d_doDNAME;
389b7a05	111	bool d_doExpandALIAS;
6dbf337f	112	bool d_dnssec;
7c99293d	113	std::unique_ptr<AuthLua4> d_pdl;
3ce6361c	114	std::unique_ptr<AuthLua4> d_update_policy_lua;
12c86877 BH	115
12c86877 BH	116	UeberBackend B; // every thread an own instance
e59b5787	117	DNSSECKeeper d_dk; // B is shared with DNSSECKeeper
12c86877	118	};
561434a6	119	bool getNSEC3Hashes(bool narrow, DNSBackend* db, int id, const std::string& hashed, bool decrement, DNSName& unhashed, string& before, string& after, int mode=0);
90ba52e0	120	std::shared_ptr<DNSRecordContent> makeSOAContent(const SOAData& sd);
12c86877	121	#endif /* PACKETHANDLER */