2 * Copyright (C) 2011-2012 Reto Guadagnini
4 * Copyright (C) secunet Security Networks AG
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or (at your
9 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
19 #include <ldns/ldns.h>
23 #include <utils/debug.h>
25 #include "unbound_resolver.h"
26 #include "unbound_response.h"
28 /* DNS resolver configuration and DNSSEC trust anchors */
29 #define RESOLV_CONF_FILE "/etc/resolv.conf"
30 #define TRUST_ANCHOR_FILE IPSEC_CONFDIR "/ipsec.d/dnssec.keys"
32 typedef struct private_resolver_t private_resolver_t
;
35 * private data of a unbound_resolver_t object.
37 struct private_resolver_t
{
45 * private unbound resolver handle (unbound context)
51 * query method implementation
53 METHOD(resolver_t
, query
, resolver_response_t
*,
54 private_resolver_t
*this, char *domain
, rr_class_t rr_class
,
57 unbound_response_t
*response
= NULL
;
58 struct ub_result
*result
= NULL
;
61 ub_retval
= ub_resolve(this->ctx
, domain
, rr_type
, rr_class
, &result
);
64 DBG1(DBG_LIB
, "unbound resolver error: %s", ub_strerror(ub_retval
));
65 ub_resolve_free(result
);
69 response
= unbound_response_create_frm_libub_response(result
);
72 DBG1(DBG_LIB
, "unbound resolver failed to create response");
73 ub_resolve_free(result
);
76 ub_resolve_free(result
);
78 return (resolver_response_t
*)response
;
82 * destroy method implementation
84 METHOD(resolver_t
, destroy
, void,
85 private_resolver_t
*this)
87 ub_ctx_delete(this->ctx
);
92 * Described in header.
94 resolver_t
*unbound_resolver_create(void)
96 private_resolver_t
*this;
98 char *resolv_conf
, *trust_anchors
, *dlv_anchors
;
100 resolv_conf
= lib
->settings
->get_str(lib
->settings
,
101 "%s.plugins.unbound.resolv_conf",
102 RESOLV_CONF_FILE
, lib
->ns
);
103 trust_anchors
= lib
->settings
->get_str(lib
->settings
,
104 "%s.plugins.unbound.trust_anchors",
105 TRUST_ANCHOR_FILE
, lib
->ns
);
106 dlv_anchors
= lib
->settings
->get_str(lib
->settings
,
107 "%s.plugins.unbound.dlv_anchors",
117 this->ctx
= ub_ctx_create();
120 DBG1(DBG_LIB
, "failed to create unbound resolver context");
125 DBG2(DBG_CFG
, "loading unbound resolver config from '%s'", resolv_conf
);
126 ub_retval
= ub_ctx_resolvconf(this->ctx
, resolv_conf
);
129 DBG1(DBG_CFG
, "failed to read the resolver config: %s (%s)",
130 ub_strerror(ub_retval
), strerror(errno
));
135 DBG2(DBG_CFG
, "loading unbound trust anchors from '%s'", trust_anchors
);
136 ub_retval
= ub_ctx_add_ta_file(this->ctx
, trust_anchors
);
139 DBG1(DBG_CFG
, "failed to load trust anchors: %s (%s)",
140 ub_strerror(ub_retval
), strerror(errno
));
145 DBG2(DBG_CFG
, "loading trusted keys for DLV from '%s'", dlv_anchors
);
146 ub_retval
= ub_ctx_set_option(this->ctx
, "dlv-anchor-file:",
150 DBG1(DBG_CFG
, "failed to load trusted keys for DLV: %s (%s)",
151 ub_strerror(ub_retval
), strerror(errno
));
154 return &this->public;