2 * This file is part of PowerDNS or dnsdist.
3 * Copyright -- PowerDNS.COM B.V. and its contributors
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of version 2 of the GNU General Public License as
7 * published by the Free Software Foundation.
9 * In addition, for the avoidance of any doubt, permission is granted to
10 * link this program with OpenSSL and to (re)distribute the binaries
11 * produced as the result of such linking.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
30 #include "dnsrecords.hh"
31 #include "validate.hh"
40 enum class Config : uint8_t
46 enum class Result : uint8_t
53 ZoneMD(DNSName zone) :
54 d_zone(std::move(zone))
56 void readRecords(ZoneParserTNG& zpt);
57 void readRecords(const std::vector<DNSRecord>& records);
58 void readRecord(const DNSRecord& record);
59 void processRecord(const DNSRecord& record);
60 void verify(bool& validationDone, bool& validationOK);
62 // Return the zone's apex DNSKEYs
63 [[nodiscard]] const std::set<shared_ptr<const DNSKEYRecordContent>>& getDNSKEYs() const
68 // Return the zone's apex RRSIGs
69 [[nodiscard]] const std::vector<shared_ptr<const RRSIGRecordContent>>& getRRSIGs(QType requestedType)
71 if (d_rrsigs.count(requestedType) == 0) {
72 d_rrsigs[requestedType] = {};
74 return d_rrsigs[requestedType];
77 // Return the zone's apex ZONEMDs
78 [[nodiscard]] std::vector<shared_ptr<const ZONEMDRecordContent>> getZONEMDs() const
80 std::vector<shared_ptr<const ZONEMDRecordContent>> ret;
81 ret.reserve(d_zonemdRecords.size());
82 for (const auto& zonemd : d_zonemdRecords) {
83 ret.emplace_back(zonemd.second.record);
88 // Return the zone's apex NSECs with signatures
89 [[nodiscard]] const ContentSigPair& getNSECs() const
94 // Return the zone's apex NSEC3s with signatures
95 [[nodiscard]] const ContentSigPair& getNSEC3s() const
97 const auto item = d_nsec3s.find(d_nsec3label);
98 return item == d_nsec3s.end() ? empty : d_nsec3s.at(d_nsec3label);
101 [[nodiscard]] const DNSName& getNSEC3Label() const
106 [[nodiscard]] const std::vector<shared_ptr<const NSEC3PARAMRecordContent>>& getNSEC3Params() const
108 return d_nsec3params;
112 using RRSetKey_t = std::pair<DNSName, QType>;
113 using RRVector_t = std::vector<std::shared_ptr<const DNSRecordContent>>;
115 struct CanonRRSetKeyCompare
117 bool operator()(const RRSetKey_t& lhs, const RRSetKey_t& rhs) const
119 // FIXME surely we can be smarter here
120 if (lhs.first.canonCompare(rhs.first)) {
123 if (rhs.first.canonCompare(lhs.first)) {
126 return lhs.second < rhs.second;
130 using RRSetMap_t = std::map<RRSetKey_t, RRVector_t, CanonRRSetKeyCompare>;
132 struct ZoneMDAndDuplicateFlag
134 const std::shared_ptr<const ZONEMDRecordContent> record;
138 // scheme,hashalgo -> zonemdrecord,duplicate
139 std::map<pair<uint8_t, uint8_t>, ZoneMDAndDuplicateFlag> d_zonemdRecords;
141 RRSetMap_t d_resourceRecordSets;
142 std::map<RRSetKey_t, uint32_t> d_resourceRecordSetTTLs;
144 std::shared_ptr<const SOARecordContent> d_soaRecordContent;
145 std::set<shared_ptr<const DNSKEYRecordContent>> d_dnskeys;
146 std::map<QType, std::vector<shared_ptr<const RRSIGRecordContent>>> d_rrsigs;
147 std::vector<shared_ptr<const NSEC3PARAMRecordContent>> d_nsec3params;
148 ContentSigPair d_nsecs;
149 map<DNSName, ContentSigPair> d_nsec3s;
150 DNSName d_nsec3label;
151 const DNSName d_zone;
152 const ContentSigPair empty;