#include <isc/xml.h>
#include <dns/byaddr.h>
+#include <dns/ede.h>
#include <dns/fixedname.h>
#include <dns/message.h>
#include <dns/name.h>
result = dns_resolver_createfetch(
tat->view->resolver, tatname, dns_rdatatype_null,
domain, &nameservers, NULL, NULL, 0, 0, 0, NULL, NULL,
- tat->loop, tat_done, tat, &tat->rdataset,
+ tat->loop, tat_done, tat, NULL, &tat->rdataset,
&tat->sigrdataset, &tat->fetch);
}
include/dns/dnstap.h \
include/dns/dyndb.h \
include/dns/ecs.h \
+ include/dns/ede.h \
include/dns/edns.h \
include/dns/fixedname.h \
include/dns/forward.h \
dst_parse.h \
dyndb.c \
ecs.c \
+ ede.c \
fixedname.c \
forward.c \
gssapictx.c \
result = dns_resolver_createfetch(
adb->res, adbname->name, type, name, nameservers, NULL, NULL, 0,
options, depth, qc, gqc, isc_loop(), fetch_callback, adbname,
- &fetch->rdataset, NULL, &fetch->fetch);
+ NULL, &fetch->rdataset, NULL, &fetch->fetch);
if (result != ISC_R_SUCCESS) {
DP(ENTER_LEVEL, "fetch_name: createfetch failed with %s",
isc_result_totext(result));
result = dns_resolver_createfetch(
rctx->view->resolver, dns_fixedname_name(&rctx->name),
rctx->type, NULL, NULL, NULL, NULL, 0, fopts, 0, NULL, rctx->qc,
- rctx->client->loop, fetch_done, rctx, rctx->rdataset,
+ rctx->client->loop, fetch_done, rctx, NULL, rctx->rdataset,
rctx->sigrdataset, &rctx->fetch);
return result;
--- /dev/null
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * SPDX-License-Identifier: MPL-2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+/*! \file */
+
+#include <isc/mem.h>
+#include <isc/util.h>
+
+#include <dns/ede.h>
+
+#define DNS_EDE_MAGIC ISC_MAGIC('E', 'D', 'E', '!')
+#define DNS_EDE_VALID(v) ISC_MAGIC_VALID(v, DNS_EDE_MAGIC)
+
+void
+dns_ede_add(dns_edectx_t *edectx, uint16_t code, const char *text) {
+ REQUIRE(DNS_EDE_VALID(edectx));
+
+ size_t pos = 0;
+ uint16_t becode = htobe16(code);
+ dns_ednsopt_t *edns = NULL;
+ size_t textlen = 0;
+
+ for (pos = 0; pos < DNS_EDE_MAX_ERRORS; pos++) {
+ edns = edectx->ede[pos];
+
+ if (edns == NULL) {
+ break;
+ }
+
+ if (memcmp(&becode, edns->value, sizeof(becode)) == 0) {
+ isc_log_write(DNS_LOGCATEGORY_RESOLVER,
+ DNS_LOGMODULE_RESOLVER, ISC_LOG_DEBUG(1),
+ "ignoring duplicate ede %u %s", code,
+ text == NULL ? "(null)" : text);
+ return;
+ }
+ }
+
+ if (pos >= DNS_EDE_MAX_ERRORS) {
+ isc_log_write(DNS_LOGCATEGORY_RESOLVER, DNS_LOGMODULE_RESOLVER,
+ ISC_LOG_DEBUG(1), "too many ede, ignoring %u %s",
+ code, text == NULL ? "(null)" : text);
+ return;
+ }
+
+ isc_log_write(DNS_LOGCATEGORY_RESOLVER, DNS_LOGMODULE_RESOLVER,
+ ISC_LOG_DEBUG(1), "set ede: info-code %u extra-text %s",
+ code, text == NULL ? "(null)" : text);
+
+ if (text != NULL) {
+ textlen = strlen(text);
+
+ if (textlen > DNS_EDE_EXTRATEXT_LEN) {
+ isc_log_write(DNS_LOGCATEGORY_RESOLVER,
+ DNS_LOGMODULE_RESOLVER, ISC_LOG_DEBUG(1),
+ "truncate EDE code %hu text: %s", code,
+ text);
+ textlen = DNS_EDE_EXTRATEXT_LEN;
+ }
+ }
+
+ edns = isc_mem_get(edectx->mctx,
+ sizeof(*edns) + sizeof(becode) + textlen);
+ *edns = (dns_ednsopt_t){
+ .code = DNS_OPT_EDE,
+ .length = sizeof(becode) + textlen,
+ .value = (uint8_t *)edns + sizeof(*edns),
+ };
+
+ memmove(edns->value, &becode, sizeof(becode));
+ if (textlen > 0) {
+ memmove(edns->value + sizeof(becode), text, textlen);
+ }
+
+ edectx->ede[pos] = edns;
+}
+
+void
+dns_ede_init(isc_mem_t *mctx, dns_edectx_t *edectx) {
+ REQUIRE(mctx != NULL);
+
+ /*
+ * Memory context is assigned, not attached here,
+ * thus there's no detach in dns_ede_reset().
+ */
+ *edectx = (dns_edectx_t){
+ .magic = DNS_EDE_MAGIC,
+ .mctx = mctx,
+ };
+}
+
+void
+dns_ede_reset(dns_edectx_t *edectx) {
+ REQUIRE(DNS_EDE_VALID(edectx));
+
+ for (size_t i = 0; i < DNS_EDE_MAX_ERRORS; i++) {
+ dns_ednsopt_t *edns = edectx->ede[i];
+ if (edns == NULL) {
+ break;
+ }
+
+ isc_mem_put(edectx->mctx, edns, sizeof(*edns) + edns->length);
+ edectx->ede[i] = NULL;
+ }
+}
+
+void
+dns_ede_invalidate(dns_edectx_t *edectx) {
+ REQUIRE(DNS_EDE_VALID(edectx));
+
+ dns_ede_reset(edectx);
+
+ edectx->magic = 0;
+ edectx->mctx = NULL;
+}
+
+void
+dns_ede_copy(dns_edectx_t *edectx_to, dns_edectx_t *edectx_from) {
+ REQUIRE(DNS_EDE_VALID(edectx_to));
+ REQUIRE(DNS_EDE_VALID(edectx_from));
+
+ size_t nextede = 0;
+
+ for (nextede = 0; nextede < DNS_EDE_MAX_ERRORS; nextede++) {
+ if (edectx_to->ede[nextede] == NULL) {
+ break;
+ }
+ }
+
+ for (size_t pos = 0; pos < DNS_EDE_MAX_ERRORS; pos++) {
+ if (edectx_from->ede[pos] == NULL) {
+ break;
+ }
+
+ if (nextede >= DNS_EDE_MAX_ERRORS) {
+ isc_log_write(DNS_LOGCATEGORY_RESOLVER,
+ DNS_LOGMODULE_RESOLVER, ISC_LOG_DEBUG(1),
+ "too many ede from subfetch");
+ break;
+ }
+
+ INSIST(edectx_to->ede[nextede] == NULL);
+
+ dns_ednsopt_t *edns = isc_mem_get(
+ edectx_to->mctx,
+ sizeof(*edns) + edectx_from->ede[pos]->length);
+ *edns = (dns_ednsopt_t){
+ .code = DNS_OPT_EDE,
+ .length = edectx_from->ede[pos]->length,
+ .value = (uint8_t *)edns + sizeof(*edns),
+ };
+ memmove(edns->value, edectx_from->ede[pos]->value,
+ edectx_from->ede[pos]->length);
+
+ edectx_to->ede[nextede] = edns;
+ nextede++;
+ }
+}
--- /dev/null
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * SPDX-License-Identifier: MPL-2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+#pragma once
+
+#include <isc/mem.h>
+
+#include <dns/message.h>
+
+/*
+ * From RFC 8914:
+ * Because long EXTRA-TEXT fields may trigger truncation (which is undesirable
+ * given the supplemental nature of EDE), implementers and operators creating
+ * EDE options SHOULD avoid lengthy EXTRA-TEXT contents.
+ *
+ * Following this advice we limit the EXTRA-TEXT length to 64 characters.
+ */
+#define DNS_EDE_EXTRATEXT_LEN 64
+
+#define DNS_EDE_MAX_ERRORS 3
+
+typedef struct dns_edectx dns_edectx_t;
+struct dns_edectx {
+ int magic;
+ isc_mem_t *mctx;
+ dns_ednsopt_t *ede[DNS_EDE_MAX_ERRORS];
+};
+
+void
+dns_ede_init(isc_mem_t *mctx, dns_edectx_t *edectx);
+
+void
+dns_ede_reset(dns_edectx_t *edectx);
+
+void
+dns_ede_invalidate(dns_edectx_t *edectx);
+
+void
+dns_ede_add(dns_edectx_t *edectx, uint16_t code, const char *text);
+/*%<
+ * Set extended error with INFO-CODE <code> and EXTRA-TEXT <text>.
+ */
+
+void
+dns_ede_copy(dns_edectx_t *edectx_to, dns_edectx_t *edectx_from);
#define DNS_EDE_NETWORKERROR 23 /*%< Network Error */
#define DNS_EDE_INVALIDDATA 24 /*%< Invalid Data */
-typedef struct dns_ede dns_ede_t;
-struct dns_ede {
- uint16_t info_code;
- char *extra_text;
- ISC_LINK(dns_ede_t) link;
-};
-
-typedef ISC_LIST(dns_ede_t) dns_edelist_t;
-
-/*
- * From RFC 8914:
- * Because long EXTRA-TEXT fields may trigger truncation (which is undesirable
- * given the supplemental nature of EDE), implementers and operators creating
- * EDE options SHOULD avoid lengthy EXTRA-TEXT contents.
- *
- * Following this advice we limit the EXTRA-TEXT length to 64 characters.
- */
-#define DNS_EDE_EXTRATEXT_LEN 64
-
-#define DNS_EDE_MAX_ERRORS 3
-
#define DNS_MESSAGE_REPLYPRESERVE (DNS_MESSAGEFLAG_RD | DNS_MESSAGEFLAG_CD)
#define DNS_MESSAGEEXTFLAG_REPLYPRESERVE (DNS_MESSAGEEXTFLAG_DO)
};
struct dns_ednsopt {
- uint16_t code;
- uint16_t length;
- unsigned char *value;
+ uint16_t code;
+ uint16_t length;
+ uint8_t *value;
};
typedef void (*dns_message_cb_t)(void *arg, isc_result_t result);
isc_mempool_t **rdspoolp);
void
dns_message_destroypools(isc_mempool_t **namepoolp, isc_mempool_t **rdspoolp);
-
-void
-dns_ede_append(isc_mem_t *mctx, dns_edelist_t *list, uint16_t info_code,
- const char *extra_text);
-/*%<
- * Adds a new EDE message at the end of 'list'. If 'extra_text' is non
- * NULL, the string is synchronously copied internally, so the called
- * doesn't have to keep it alive once this call returns. RFC8914
- * section 4 define the valid range of possible numbers for
- * 'info_code'.
- *
- * Requires:
- * \li mctx to be non NULL;
- * \li list to be non NULL;
- * \li info_code to be valid;
- * \li extra_text can be NULL or non NULL, do not take ownership.
- */
-
-void
-dns_ede_unlinkall(isc_mem_t *mctx, dns_edelist_t *list);
-/*%<
- * Unlink all elements from from 'list' and free it from
- * memory. Optional text owned by elements is also freed.
- *
- * Requires:
- * \li mctx to be non NULL;
- * \li list to be non NULL;
- */
#include <isc/tls.h>
#include <isc/types.h>
+#include <dns/ede.h>
#include <dns/fixedname.h>
#include <dns/message.h>
#include <dns/types.h>
isc_mem_t *mctx;
isc_result_t result;
isc_result_t vresult;
- dns_edelist_t edelist;
+ dns_edectx_t *edectx;
dns_rdatatype_t qtype;
dns_db_t *db;
dns_dbnode_t *node;
unsigned int options, unsigned int depth,
isc_counter_t *qc, isc_counter_t *gqc,
isc_loop_t *loop, isc_job_cb cb, void *arg,
- dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset,
- dns_fetch_t **fetchp);
+ dns_edectx_t *edectx, dns_rdataset_t *rdataset,
+ dns_rdataset_t *sigrdataset, dns_fetch_t **fetchp);
/*%<
* Recurse to answer a question.
*
* Requires:
* \li 'frespp' is valid. No-op if *frespp == NULL
*/
-
-void
-dns_resolver_edeappend(fetchctx_t *fctx, uint16_t info_code, const char *what,
- const dns_name_t *name, dns_rdatatype_t type);
-/*%<
- * Helper for EDE message creation in resolver context. Creates message
- * containing the "what" context message as well as the "name"/"type" being
- * resolved
- *
- * Requires:
- * \li "fctx" is valid
- * \li "what" is valid
- * \li "info_code" is within the range of defined EDE codes
- * \li "name" is valid
- */
-
-void
-dns_resolver_copyede(dns_fetch_t *from, fetchctx_t *to);
-/*%<
- * Copy all EDE messages from the fetchctx_t "from->private" to the fetchctx_t
- * "to". The fetchctx_t from "from" is not locked. This is reponsability of the
- * caller to lock it if this function is called in a context needing "from"
- * synchronization.
- *
- * Requires:
- * \li "from" is valid
- * \li "to" is valid
- */
#include <dns/rdata.h>
#include <dns/rdataset.h>
#include <dns/rdatastruct.h> /* for dns_rdata_rrsig_t */
+#include <dns/resolver.h>
#include <dns/types.h>
#include <dst/dst.h>
isc_counter_t *qc;
isc_counter_t *gqc;
- /*
- * opaque type here, used to send EDE errors during DNSSEC valiration
- * to the fetch context.
- */
- fetchctx_t *fctx;
+ dns_edectx_t *edectx;
};
/*%
dns_message_t *message, unsigned int options,
isc_loop_t *loop, isc_job_cb cb, void *arg,
uint32_t *nvalidations, uint32_t *nfails,
- isc_counter_t *qc, isc_counter_t *gqc, fetchctx_t *fctx,
- dns_validator_t **validatorp);
+ isc_counter_t *qc, isc_counter_t *gqc,
+ dns_edectx_t *edectx, dns_validator_t **validatorp);
/*%<
* Start a DNSSEC validation.
*
isc_mempool_destroy(rdspoolp);
isc_mempool_destroy(namepoolp);
}
-
-void
-dns_ede_append(isc_mem_t *mctx, dns_edelist_t *list, uint16_t info_code,
- const char *extra_text) {
- REQUIRE(mctx);
- REQUIRE(list);
- REQUIRE(info_code <= 24);
-
- dns_ede_t *ede = isc_mem_get(mctx, sizeof(*ede));
- *ede = (dns_ede_t){
- .info_code = info_code,
- .extra_text = NULL,
- .link = ISC_LINK_INITIALIZER,
- };
-
- if (extra_text) {
- ede->extra_text = isc_mem_allocate(mctx,
- strlen(extra_text) + 1);
- strcpy(ede->extra_text, extra_text);
- }
-
- ISC_LIST_APPEND(*list, ede, link);
-}
-
-void
-dns_ede_unlinkall(isc_mem_t *mctx, dns_edelist_t *list) {
- dns_ede_t *ede, *next;
-
- REQUIRE(mctx);
- REQUIRE(list);
-
- for (ede = ISC_LIST_HEAD(*list); ede != NULL; ede = next) {
- next = ISC_LIST_NEXT(ede, link);
-
- ISC_LIST_UNLINK(*list, ede, link);
- if (ede->extra_text) {
- isc_mem_free(mctx, ede->extra_text);
- ede->extra_text = NULL;
- }
- isc_mem_put(mctx, ede, sizeof(*ede));
- }
-
- INSIST(ISC_LIST_EMPTY(*list));
-}
result = dns_resolver_createfetch(
resolver, &nta->name, dns_rdatatype_nsec, NULL, NULL, NULL,
NULL, 0, DNS_FETCHOPT_NONTA, 0, NULL, NULL, nta->loop,
- fetch_done, nta, &nta->rdataset, &nta->sigrdataset,
+ fetch_done, nta, NULL, &nta->rdataset, &nta->sigrdataset,
&nta->fetch);
if (result != ISC_R_SUCCESS) {
dns__nta_detach(&nta); /* for dns_resolver_createfetch() */
#include <dns/dns64.h>
#include <dns/dnstap.h>
#include <dns/ds.h>
+#include <dns/ede.h>
#include <dns/edns.h>
#include <dns/forward.h>
#include <dns/keytable.h>
isc_loop_t *loop;
unsigned int tid;
+ dns_edectx_t edectx;
+
/* Atomic */
isc_refcount_t references;
bool cloned;
bool spilled;
ISC_LIST(dns_fetchresponse_t) resps;
- dns_edelist_t edelist;
/*% Locked by loop event serialization. */
dns_fixedname_t dfname;
result = dns_validator_create(
fctx->res->view, name, type, rdataset, sigrdataset, message,
valoptions, fctx->loop, validated, valarg, &fctx->nvalidations,
- &fctx->nfails, fctx->qc, fctx->gqc, fctx, &validator);
+ &fctx->nfails, fctx->qc, fctx->gqc, &fctx->edectx, &validator);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
inc_stats(fctx->res, dns_resstatscounter_val);
ISC_LIST_APPEND(fctx->validators, validator, link);
}
/*
- * Copy EDE that occured during the resolution to all
- * clients.
+ * Finalize the EDE context, so it becomes "constant" and assign
+ * it to all clients.
*/
- for (dns_ede_t *ede = ISC_LIST_HEAD(fctx->edelist); ede != NULL;
- ede = ISC_LIST_NEXT(ede, link))
- {
- dns_ede_append(resp->mctx, &resp->edelist,
- ede->info_code, ede->extra_text);
+ if (resp->edectx != NULL) {
+ dns_ede_copy(resp->edectx, &fctx->edectx);
}
FCTXTRACE("post response event");
fctx_setretryinterval(fctx, srtt);
if (isc_interval_iszero(&fctx->interval)) {
FCTXTRACE("fetch expired");
- LOCK(&fctx->lock);
- dns_ede_append(fctx->mctx, &fctx->edelist,
- DNS_EDE_NOREACHABLEAUTH, NULL);
- UNLOCK(&fctx->lock);
+ dns_ede_add(&fctx->edectx, DNS_EDE_NOREACHABLEAUTH, NULL);
return ISC_R_TIMEDOUT;
}
result = dns_resolver_createfetch(
fctx->res, fctx->qminname, fctx->qmintype, fctx->domain,
&fctx->nameservers, NULL, NULL, 0, options, 0, fctx->qc,
- fctx->gqc, fctx->loop, resume_qmin, fctx,
+ fctx->gqc, fctx->loop, resume_qmin, fctx, &fctx->edectx,
&fctx->qminrrset, NULL, &fctx->qminfetch);
if (result != ISC_R_SUCCESS) {
fetchctx_unref(fctx);
}
UNLOCK(&fctx->lock);
- dns_resolver_copyede(fctx->qminfetch, fctx);
dns_resolver_destroyfetch(&fctx->qminfetch);
/*
isc_mem_put(fctx->mctx, sa, sizeof(*sa));
}
- dns_ede_unlinkall(fctx->mctx, &fctx->edelist);
-
isc_counter_detach(&fctx->qc);
if (fctx->gqc != NULL) {
isc_counter_detach(&fctx->gqc);
dns_resolver_detach(&fctx->res);
+ dns_ede_invalidate(&fctx->edectx);
+
isc_mutex_destroy(&fctx->lock);
isc_mem_free(fctx->mctx, fctx->info);
"shut down hung fetch while resolving %p(%s)", fctx,
fctx->info);
- LOCK(&fctx->lock);
- dns_ede_append(fctx->mctx, &fctx->edelist, DNS_EDE_NOREACHABLEAUTH,
- NULL);
- UNLOCK(&fctx->lock);
+ dns_ede_add(&fctx->edectx, DNS_EDE_NOREACHABLEAUTH, NULL);
fctx_done_detach(&fctx, DNS_R_SERVFAIL);
}
static void
fctx_add_event(fetchctx_t *fctx, isc_loop_t *loop, const isc_sockaddr_t *client,
dns_messageid_t id, isc_job_cb cb, void *arg,
- dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset,
- dns_fetch_t *fetch) {
+ dns_edectx_t *edectx, dns_rdataset_t *rdataset,
+ dns_rdataset_t *sigrdataset, dns_fetch_t *fetch) {
dns_fetchresponse_t *resp = NULL;
FCTXTRACE("addevent");
resp = isc_mem_get(fctx->mctx, sizeof(*resp));
*resp = (dns_fetchresponse_t){
.result = DNS_R_SERVFAIL,
- .edelist = ISC_LIST_INITIALIZER,
.qtype = fctx->type,
.rdataset = rdataset,
.sigrdataset = sigrdataset,
.cb = cb,
.arg = arg,
.link = ISC_LINK_INITIALIZER,
+ .edectx = edectx,
};
isc_mem_attach(fctx->mctx, &resp->mctx);
static void
fctx_join(fetchctx_t *fctx, isc_loop_t *loop, const isc_sockaddr_t *client,
- dns_messageid_t id, isc_job_cb cb, void *arg,
+ dns_messageid_t id, isc_job_cb cb, void *arg, dns_edectx_t *edectx,
dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset,
dns_fetch_t *fetch) {
FCTXTRACE("join");
REQUIRE(!SHUTTINGDOWN(fctx));
- fctx_add_event(fctx, loop, client, id, cb, arg, rdataset, sigrdataset,
- fetch);
+ fctx_add_event(fctx, loop, client, id, cb, arg, edectx, rdataset,
+ sigrdataset, fetch);
fetch->magic = DNS_FETCH_MAGIC;
fetchctx_attach(fctx, &fetch->private);
.loop = loop,
.nvalidations = atomic_load_relaxed(&res->maxvalidations),
.nfails = atomic_load_relaxed(&res->maxvalidationfails),
- .edelist = ISC_LIST_INITIALIZER,
};
isc_mem_attach(mctx, &fctx->mctx);
isc_mutex_init(&fctx->lock);
+ dns_ede_init(fctx->mctx, &fctx->edectx);
+
/*
* Make fctx->info point to a copy of a formatted string
* "name/type". FCTXTRACE won't work until this is done.
result = dns_resolver_createfetch(
res, fctx->nsname, dns_rdatatype_ns, domain, nsrdataset,
NULL, NULL, 0, fctx->options, 0, fctx->qc, fctx->gqc,
- loop, resume_dslookup, fctx, &fctx->nsrrset, NULL,
- &fctx->nsfetch);
+ loop, resume_dslookup, fctx, &fctx->edectx,
+ &fctx->nsrrset, NULL, &fctx->nsfetch);
if (result != ISC_R_SUCCESS) {
fetchctx_unref(fctx);
if (result == DNS_R_DUPLICATE) {
}
cleanup:
- dns_resolver_copyede(fetch, fctx);
dns_resolver_destroyfetch(&fetch);
if (result != ISC_R_SUCCESS) {
if (isc_time_microdiff(&fctx->expires, &now) < US_PER_MS) {
FCTXTRACE("query timed out; stopped trying to make "
"fetch happen");
- LOCK(&fctx->lock);
- dns_ede_append(fctx->mctx, &fctx->edelist,
- DNS_EDE_NOREACHABLEAUTH, NULL);
- UNLOCK(&fctx->lock);
+ dns_ede_add(&fctx->edectx, DNS_EDE_NOREACHABLEAUTH,
+ NULL);
} else {
FCTXTRACE("query timed out; trying next server");
/* try next server */
result = dns_resolver_createfetch(
fctx->res, fctx->nsname, dns_rdatatype_ns, NULL, NULL, NULL,
NULL, 0, fctx->options, 0, fctx->qc, fctx->gqc, fctx->loop,
- resume_dslookup, fctx, &fctx->nsrrset, NULL, &fctx->nsfetch);
+ resume_dslookup, fctx, &fctx->edectx, &fctx->nsrrset, NULL,
+ &fctx->nsfetch);
if (result != ISC_R_SUCCESS) {
if (result == DNS_R_DUPLICATE) {
result = DNS_R_SERVFAIL;
result = dns_resolver_createfetch(
res, dns_rootname, dns_rdatatype_ns, NULL, NULL, NULL,
NULL, 0, DNS_FETCHOPT_NOFORWARD, 0, NULL, NULL,
- isc_loop(), prime_done, res, rdataset, NULL,
+ isc_loop(), prime_done, res, NULL, rdataset, NULL,
&res->primefetch);
UNLOCK(&res->primelock);
unsigned int options, unsigned int depth,
isc_counter_t *qc, isc_counter_t *gqc,
isc_loop_t *loop, isc_job_cb cb, void *arg,
- dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset,
- dns_fetch_t **fetchp) {
+ dns_edectx_t *edectx, dns_rdataset_t *rdataset,
+ dns_rdataset_t *sigrdataset, dns_fetch_t **fetchp) {
dns_fetch_t *fetch = NULL;
fetchctx_t *fctx = NULL;
isc_result_t result = ISC_R_SUCCESS;
fctx->depth = depth;
}
- fctx_join(fctx, loop, client, id, cb, arg, rdataset, sigrdataset,
- fetch);
+ fctx_join(fctx, loop, client, id, cb, arg, edectx, rdataset,
+ sigrdataset, fetch);
if (new_fctx) {
fetchctx_ref(fctx);
void
dns_resolver_freefresp(dns_fetchresponse_t **frespp) {
- REQUIRE(frespp);
+ REQUIRE(frespp != NULL);
if (*frespp == NULL) {
return;
dns_fetchresponse_t *fresp = *frespp;
*frespp = NULL;
- dns_ede_unlinkall(fresp->mctx, &fresp->edelist);
isc_mem_putanddetach(&fresp->mctx, fresp, sizeof(*fresp));
}
-
-void
-dns_resolver_edeappend(fetchctx_t *fctx, uint16_t info_code, const char *what,
- const dns_name_t *name, dns_rdatatype_t type) {
- REQUIRE(VALID_FCTX(fctx));
- REQUIRE(what);
- REQUIRE(name);
-
- char extra[DNS_NAME_FORMATSIZE + DNS_RDATATYPE_FORMATSIZE +
- DNS_EDE_EXTRATEXT_LEN];
- size_t offset = 0;
-
- /*
- * -2 to leave room for separator "/" and NULL terminator
- */
- snprintf(extra, DNS_EDE_EXTRATEXT_LEN - 2, "%s ", what);
- offset += strlen(extra);
- dns_name_format(name, extra + offset, DNS_NAME_FORMATSIZE);
- offset = strlcat(extra, "/", sizeof(extra));
- dns_rdatatype_format(type, extra + offset,
- DNS_RDATATYPE_FORMATSIZE + 1);
-
- LOCK(&fctx->lock);
- dns_ede_append(fctx->mctx, &fctx->edelist, info_code, extra);
- UNLOCK(&fctx->lock)
-}
-
-void
-dns_resolver_copyede(dns_fetch_t *from, fetchctx_t *to) {
- REQUIRE(DNS_FETCH_VALID(from));
- REQUIRE(VALID_FCTX(to));
-
- LOCK(&to->lock);
- for (dns_ede_t *ede = ISC_LIST_HEAD(from->private->edelist);
- ede != NULL; ede = ISC_LIST_NEXT(ede, link))
- {
- dns_ede_append(to->mctx, &to->edelist, ede->info_code,
- ede->extra_text);
- }
- UNLOCK(&to->lock);
-}
#include <dns/db.h>
#include <dns/dnssec.h>
#include <dns/ds.h>
+#include <dns/ede.h>
#include <dns/keytable.h>
#include <dns/keyvalues.h>
#include <dns/message.h>
}
validator_log(val, ISC_LOG_DEBUG(3), "in fetch_callback_dnskey");
- dns_resolver_copyede(val->fetch, val->fctx);
+
dns_resolver_destroyfetch(&val->fetch);
if (CANCELED(val) || CANCELING(val)) {
}
validator_log(val, ISC_LOG_DEBUG(3), "in fetch_callback_ds");
- dns_resolver_copyede(val->fetch, val->fctx);
+
dns_resolver_destroyfetch(&val->fetch);
if (CANCELED(val) || CANCELING(val)) {
result = dns_resolver_createfetch(
val->view->resolver, name, type, NULL, NULL, NULL, NULL, 0,
fopts, 0, val->qc, val->gqc, val->loop, callback, val,
- &val->frdataset, &val->fsigrdataset, &val->fetch);
+ val->edectx, &val->frdataset, &val->fsigrdataset, &val->fetch);
if (result != ISC_R_SUCCESS) {
dns_validator_detach(&val);
}
(DNS_VALIDATOR_NOCDFLAG | DNS_VALIDATOR_NONTA));
validator_logcreate(val, name, type, caller, "validator");
- result = dns_validator_create(val->view, name, type, rdataset, sig,
- NULL, vopts, val->loop, cb, val,
- val->nvalidations, val->nfails, val->qc,
- val->gqc, val->fctx, &val->subvalidator);
+ result = dns_validator_create(
+ val->view, name, type, rdataset, sig, NULL, vopts, val->loop,
+ cb, val, val->nvalidations, val->nfails, val->qc, val->gqc,
+ val->edectx, &val->subvalidator);
if (result == ISC_R_SUCCESS) {
dns_validator_attach(val, &val->subvalidator->parent);
val->subvalidator->depth = val->depth + 1;
dns_message_t *message, unsigned int options,
isc_loop_t *loop, isc_job_cb cb, void *arg,
uint32_t *nvalidations, uint32_t *nfails,
- isc_counter_t *qc, isc_counter_t *gqc, fetchctx_t *fctx,
- dns_validator_t **validatorp) {
+ isc_counter_t *qc, isc_counter_t *gqc,
+ dns_edectx_t *edectx, dns_validator_t **validatorp) {
isc_result_t result = ISC_R_FAILURE;
dns_validator_t *val = NULL;
dns_keytable_t *kt = NULL;
.rdata = DNS_RDATA_INIT,
.nvalidations = nvalidations,
.nfails = nfails,
- .fctx = fctx,
+ .edectx = edectx,
};
isc_refcount_init(&val->references, 1);
static void
validate_extendederror(dns_validator_t *val) {
- char txt[32];
-
REQUIRE(VALID_VALIDATOR(val));
+ char extra[DNS_NAME_FORMATSIZE + DNS_RDATATYPE_FORMATSIZE +
+ DNS_EDE_EXTRATEXT_LEN];
+ isc_buffer_t b;
+ dns_validator_t *edeval = val;
+
+ while (edeval->parent != NULL) {
+ edeval = edeval->parent;
+ }
+
if (val->unsupported_algorithm != 0) {
- dns_secalg_format(val->unsupported_algorithm, txt, sizeof(txt));
- dns_resolver_edeappend(val->fctx, DNS_EDE_DNSKEYALG, txt,
- val->name, val->type);
+ isc_buffer_init(&b, extra, sizeof(extra));
+ dns_secalg_totext(val->unsupported_algorithm, &b);
+
+ isc_buffer_putuint8(&b, ' ');
+ dns_name_totext(val->name, DNS_NAME_OMITFINALDOT, &b);
+ isc_buffer_putuint8(&b, '/');
+ dns_rdatatype_totext(val->type, &b);
+ isc_buffer_putuint8(&b, '\0');
+
+ dns_ede_add(val->edectx, DNS_EDE_DNSKEYALG, extra);
}
if (val->unsupported_digest != 0) {
- dns_dsdigest_format(val->unsupported_digest, txt, sizeof(txt));
- dns_resolver_edeappend(val->fctx, DNS_EDE_DSDIGESTTYPE, txt,
- val->name, val->type);
+ isc_buffer_init(&b, extra, sizeof(extra));
+
+ dns_dsdigest_totext(val->unsupported_digest, &b);
+ isc_buffer_putuint8(&b, ' ');
+ dns_name_totext(val->name, DNS_NAME_OMITFINALDOT, &b);
+ isc_buffer_putuint8(&b, '/');
+ dns_rdatatype_totext(val->type, &b);
+ isc_buffer_putuint8(&b, '\0');
+
+ dns_ede_add(val->edectx, DNS_EDE_DSDIGESTTYPE, extra);
+
+ isc_buffer_invalidate(&b);
}
}
result = dns_resolver_createfetch(
resolver, kname, dns_rdatatype_dnskey, NULL, NULL, NULL, NULL,
0, options, 0, NULL, NULL, zone->loop, keyfetch_done, kfetch,
- &kfetch->dnskeyset, &kfetch->dnskeysigset, &kfetch->fetch);
+ NULL, &kfetch->dnskeyset, &kfetch->dnskeysigset,
+ &kfetch->fetch);
dns_resolver_detach(&resolver);
if (result == ISC_R_SUCCESS) {
result = dns_resolver_createfetch(
resolver, &nsfetch->pname, dns_rdatatype_ns, NULL, NULL, NULL,
NULL, 0, options, 0, NULL, NULL, zone->loop, nsfetch_done,
- nsfetch, &nsfetch->nsrrset, &nsfetch->nssigset,
+ nsfetch, NULL, &nsfetch->nsrrset, &nsfetch->nssigset,
&nsfetch->fetch);
dns_resolver_detach(&resolver);
/* XXXWPK TODO use netmgr to set timeout */
}
-static void
-client_extendederror_reset(ns_client_t *client) {
- for (size_t i = 0; i < DNS_EDE_MAX_ERRORS; i++) {
- if (client->ede[i]) {
- dns_ednsopt_t *ede = client->ede[i];
-
- isc_mem_put(client->manager->mctx, ede->value,
- ede->length);
- isc_mem_put(client->manager->mctx, ede, sizeof(*ede));
- client->ede[i] = NULL;
- }
- }
-}
-
-void
-ns_client_extendederror(ns_client_t *client, uint16_t code, const char *text) {
- uint16_t becode;
- const uint16_t becodelen = sizeof(becode);
- uint16_t textlen = 0;
- size_t pos = 0;
- unsigned char *ede = NULL;
- dns_ednsopt_t *edns = NULL;
-
- REQUIRE(NS_CLIENT_VALID(client));
-
- /*
- * As ede will be directly put in the DNS message we need to make sure
- * the code is in big-endian format
- */
- becode = htobe16(code);
-
- for (pos = 0; pos < DNS_EDE_MAX_ERRORS; pos++) {
- edns = client->ede[pos];
-
- if (edns == NULL) {
- break;
- }
-
- if (memcmp(&becode, edns->value, becodelen) == 0) {
- ns_client_log(client, NS_LOGCATEGORY_CLIENT,
- NS_LOGMODULE_CLIENT, ISC_LOG_DEBUG(1),
- "ignoring duplicate ede %u %s", code,
- text == NULL ? "(null)" : text);
- return;
- }
- }
-
- if (pos >= DNS_EDE_MAX_ERRORS) {
- ns_client_log(client, NS_LOGCATEGORY_CLIENT,
- NS_LOGMODULE_CLIENT, ISC_LOG_DEBUG(1),
- "too many ede, ignoring %u %s", code,
- text == NULL ? "(null)" : text);
- return;
- }
-
- ns_client_log(client, NS_LOGCATEGORY_CLIENT, NS_LOGMODULE_CLIENT,
- ISC_LOG_DEBUG(1), "set ede: info-code %u extra-text %s",
- code, text == NULL ? "(null)" : text);
-
- if (text != NULL && strlen(text) > 0) {
- textlen = strlen(text);
-
- if (textlen > DNS_EDE_EXTRATEXT_LEN) {
- ns_client_log(client, NS_LOGCATEGORY_CLIENT,
- NS_LOGMODULE_CLIENT, ISC_LOG_DEBUG(1),
- "truncate EDE code %hu text: %s", code,
- text);
- textlen = DNS_EDE_EXTRATEXT_LEN;
- }
- }
-
- ede = isc_mem_get(client->manager->mctx, becodelen + textlen);
-
- memcpy(ede, &becode, sizeof(code));
- if (textlen > 0) {
- memcpy(ede + becodelen, text, textlen);
- }
-
- edns = isc_mem_get(client->manager->mctx, sizeof(*edns));
- *edns = (dns_ednsopt_t){ .code = DNS_OPT_EDE,
- .length = becodelen + textlen,
- .value = ede };
-
- client->ede[pos] = edns;
-}
-
static void
ns_client_endrequest(ns_client_t *client) {
INSIST(client->state == NS_CLIENTSTATE_WORKING ||
dns_message_puttemprdataset(client->message, &client->opt);
}
- client_extendederror_reset(client);
client->signer = NULL;
client->udpsize = 512;
client->extflags = 0;
}
for (size_t i = 0; i < DNS_EDE_MAX_ERRORS; i++) {
- dns_ednsopt_t *ede = client->ede[i];
+ dns_ednsopt_t *ede = client->edectx.ede[i];
if (ede == NULL) {
break;
* Call this first because it requires a valid client.
*/
ns_query_free(client);
- client_extendederror_reset(client);
+ dns_ede_invalidate(&client->edectx);
client->magic = 0;
"no matching view in class");
}
- ns_client_extendederror(client, DNS_EDE_PROHIBITED, NULL);
+ dns_ede_add(&client->edectx, DNS_EDE_PROHIBITED, NULL);
ns_client_error(client, DNS_R_REFUSED);
goto cleanup;
*/
client->magic = NS_CLIENT_MAGIC;
ns_query_init(client);
+
+ dns_ede_init(client->manager->mctx, &client->edectx);
} else {
REQUIRE(NS_CLIENT_VALID(client));
REQUIRE(client->manager->tid == isc_tid());
.magic = 0,
.manager = client->manager,
.message = client->message,
+ .edectx = client->edectx,
.query = client->query,
};
+
+ dns_ede_reset(&client->edectx);
}
client->query.attributes &= ~NS_QUERYATTR_ANSWERED;
NS_LOGMODULE_CLIENT, ISC_LOG_DEBUG(3),
"%s approved", opname);
} else {
- ns_client_extendederror(client, DNS_EDE_PROHIBITED, NULL);
+ dns_ede_add(&client->edectx, DNS_EDE_PROHIBITED, NULL);
ns_client_log(client, DNS_LOGCATEGORY_SECURITY,
NS_LOGMODULE_CLIENT, log_level, "%s denied",
opname);
size_t tcpbuf_size;
dns_message_t *message;
dns_rdataset_t *opt;
- dns_ednsopt_t *ede[DNS_EDE_MAX_ERRORS];
+ dns_edectx_t edectx;
uint16_t udpsize;
uint16_t extflags;
int16_t ednsversion; /* -1 noedns */
* will have an RCODE determined by 'result'.
*/
-void
-ns_client_extendederror(ns_client_t *client, uint16_t code, const char *text);
-/*%<
- * Set extended error with INFO-CODE <code> and EXTRA-TEXT <text>.
- */
-
void
ns_client_drop(ns_client_t *client, isc_result_t result);
/*%<
#include <dns/dlz.h>
#include <dns/dns64.h>
#include <dns/dnssec.h>
+#include <dns/ede.h>
#include <dns/keytable.h>
#include <dns/message.h>
#include <dns/ncache.h>
ISC_LIST_INIT(client->query.namebufs);
ISC_LIST_INIT(client->query.activeversions);
ISC_LIST_INIT(client->query.freeversions);
- memset(client->ede, 0, sizeof(dns_ednsopt_t *) * DNS_EDE_MAX_ERRORS);
+
/*
* This mutex is destroyed when the client is destroyed in
* exit_check().
* since it is cleared by query_reset(), before query
* processing starts.
*/
- ns_client_extendederror(client, DNS_EDE_PROHIBITED,
- NULL);
+ dns_ede_add(&client->edectx, DNS_EDE_PROHIBITED, NULL);
if (!options.nolog) {
ns_client_aclmsg("query (cache)", name, qtype,
ns_client_log(client, DNS_LOGCATEGORY_SECURITY,
NS_LOGMODULE_QUERY, ISC_LOG_INFO,
"%s denied", msg);
- ns_client_extendederror(client, DNS_EDE_PROHIBITED,
- NULL);
+ dns_ede_add(&client->edectx, DNS_EDE_PROHIBITED, NULL);
}
}
result = ns_client_checkaclsilent(client, &client->destaddr,
queryonacl, true);
if (result != ISC_R_SUCCESS) {
- ns_client_extendederror(client, DNS_EDE_PROHIBITED,
- NULL);
+ dns_ede_add(&client->edectx, DNS_EDE_PROHIBITED, NULL);
}
if (!options.nolog && result != ISC_R_SUCCESS) {
ns_client_log(client, DNS_LOGCATEGORY_SECURITY,
isc_buffer_putstr(&buffer, " (cached)");
isc_buffer_putuint8(&buffer, 0);
- ns_client_extendederror(client, DNS_EDE_DNSKEYALG,
- isc_buffer_base(&buffer));
+ dns_ede_add(&client->edectx, DNS_EDE_DNSKEYALG,
+ isc_buffer_base(&buffer));
continue;
}
if (!dns_name_issubdomain(name, &rrsig.signer)) {
client->view->resolver, qname, qtype, NULL, NULL, NULL,
peeraddr, client->message->id, options, 0, NULL,
client->query.qc, client->manager->loop, cb, client,
- tmprdataset, NULL, fetchp);
+ &client->edectx, tmprdataset, NULL, fetchp);
if (result != ISC_R_SUCCESS) {
ns_client_putrdataset(client, &tmprdataset);
isc_nmhandle_detach(handlep);
stale_found ? "used" : "unavailable",
isc_result_totext(result));
if (stale_found) {
- ns_client_extendederror(qctx->client, ede,
- "resolver failure");
+ dns_ede_add(&qctx->client->edectx, ede,
+ "resolver failure");
} else if (!answer_found) {
/*
* Resolver failure, no stale data, nothing more we
isc_result_totext(result));
if (stale_found) {
- ns_client_extendederror(
- qctx->client, ede,
- "query within stale refresh time window");
+ dns_ede_add(&qctx->client->edectx, ede,
+ "query within stale refresh time window");
} else if (!answer_found) {
/*
* During the stale refresh window explicitly do not try
namebuf, typebuf);
qctx->refresh_rrset = STALE(qctx->rdataset);
if (stale_found) {
- ns_client_extendederror(
- qctx->client, ede,
+ dns_ede_add(
+ &qctx->client->edectx, ede,
"stale data prioritized over "
"lookup");
}
client->query.attributes &= ~NS_QUERYATTR_RECURSING;
client->state = NS_CLIENTSTATE_WORKING;
- for (dns_ede_t *ede = ISC_LIST_HEAD(resp->edelist); ede != NULL;
- ede = ISC_LIST_NEXT(ede, link))
- {
- ns_client_extendederror(client, ede->info_code,
- ede->extra_text);
- }
-
/*
* Initialize a new qctx and use it to either resume from
* recursion or clean up after cancelation. Transfer
client->view->resolver, qname, qtype, qdomain, nameservers,
NULL, peeraddr, client->message->id, client->query.fetchoptions,
0, NULL, client->query.qc, client->manager->loop,
- fetch_callback, client, rdataset, sigrdataset,
+ fetch_callback, client, &client->edectx, rdataset, sigrdataset,
&FETCH_RECTYPE_NORMAL(client));
if (result != ISC_R_SUCCESS) {
release_recursionquota(client);
if (qctx->rpz_st->m.rpz->ede != 0 &&
qctx->rpz_st->m.rpz->ede != UINT16_MAX)
{
- ns_client_extendederror(qctx->client,
- qctx->rpz_st->m.rpz->ede, NULL);
+ dns_ede_add(&qctx->client->edectx,
+ qctx->rpz_st->m.rpz->ede, NULL);
}
/*
*/
partial_result_with_servfail = true;
- ns_client_extendederror(qctx->client, 0,
- "max. restarts reached");
+ dns_ede_add(&qctx->client->edectx, 0,
+ "max. restarts reached");
ns_client_log(qctx->client, NS_LOGCATEGORY_CLIENT,
NS_LOGMODULE_QUERY, ISC_LOG_INFO,
"query iterations limit reached");
#include <sched.h> /* IWYU pragma: keep */
#include <setjmp.h>
#include <stdarg.h>
+#include <stdbool.h>
#include <stddef.h>
+#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#define UNIT_TESTING
#include <cmocka.h>
-#include <isc/buffer.h>
-#include <isc/net.h>
-#include <isc/timer.h>
-#include <isc/tls.h>
-#include <isc/util.h>
+#include <isc/list.h>
-#include <dns/message.h>
+#include <dns/ede.h>
+
+#include "../../lib/dns/ede.c"
#include <tests/isc.h>
-ISC_RUN_TEST_IMPL(ede_enqueue_unlink) {
- dns_edelist_t list;
- dns_ede_t *ede = NULL;
- const char *msg1 = "abcd";
- const char *msg2 = "abcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabc"
- "dabcdabcdadcdabcd";
-
- ISC_LIST_INIT(list);
-
- dns_ede_append(mctx, &list, 22, NULL);
- dns_ede_append(mctx, &list, 12, msg1);
- dns_ede_append(mctx, &list, 4, msg2);
-
- ede = ISC_LIST_HEAD(list);
- assert_non_null(ede);
- assert_int_equal(ede->info_code, 22);
- assert_null(ede->extra_text);
-
- ede = ISC_LIST_NEXT(ede, link);
- assert_non_null(ede);
- assert_int_equal(ede->info_code, 12);
- assert_string_equal(ede->extra_text, msg1);
- assert_ptr_not_equal(ede->extra_text, msg1);
-
- /*
- * Even though we limit the length of an EDE message to 64 bytes,
- * this is done only at the ns/client.c level (to make sure to cover all
- * the flows).
- */
- ede = ISC_LIST_NEXT(ede, link);
- assert_non_null(ede);
- assert_int_equal(ede->info_code, 4);
- assert_string_equal(ede->extra_text, msg2);
- assert_ptr_not_equal(ede->extra_text, msg2);
-
- dns_ede_unlinkall(mctx, &list);
- assert_true(ISC_LIST_EMPTY(list));
+const struct {
+ uint16_t info_code;
+ char *extra_text;
+} vectors[DNS_EDE_MAX_ERRORS] = {
+ {
+ 22,
+ NULL,
+ },
+ {
+ 12,
+ (char *)"abcd",
+ },
+ {
+ 4,
+ (char *)"abcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabc"
+ "dabcdabcdadcdabcd",
+ },
+};
+
+ISC_RUN_TEST_IMPL(dns_edectx) {
+ dns_edectx_t edectx = { 0 };
+ size_t pos = 0;
+ uint16_t becode;
+ uint8_t buf[sizeof(becode) + DNS_EDE_EXTRATEXT_LEN];
+
+ dns_ede_init(mctx, &edectx);
+
+ for (size_t i = 0; i < DNS_EDE_MAX_ERRORS; i++) {
+ dns_ede_add(&edectx, vectors[i].info_code,
+ vectors[i].extra_text);
+ }
+
+ for (size_t i = 0; pos < DNS_EDE_MAX_ERRORS; pos++) {
+ dns_ednsopt_t *edns = edectx.ede[i];
+ size_t textlen = 0;
+
+ becode = htobe16(vectors[i].info_code);
+ memmove(buf, &becode, sizeof(becode));
+ if (vectors[i].extra_text != NULL) {
+ textlen = strlen(vectors[i].extra_text);
+ memcpy(edns->value + sizeof(becode),
+ vectors[i].extra_text, textlen);
+ }
+
+ assert_memory_equal(buf, edectx.ede[i]->value,
+ sizeof(becode) + textlen);
+ }
+
+ dns_ede_reset(&edectx);
}
ISC_TEST_LIST_START
-ISC_TEST_ENTRY(ede_enqueue_unlink)
+ISC_TEST_ENTRY(dns_edectx)
ISC_TEST_LIST_END
client->magic = NS_CLIENT_MAGIC;
client->manager = &client_ede_test_dummy_manager;
+ dns_ede_init(mctx, &client->edectx);
+
return client;
}
static void
client_ede_test_free(ns_client_t *client) {
- for (size_t i = 0; i < DNS_EDE_MAX_ERRORS; i++) {
- dns_ednsopt_t *ede = client->ede[i];
-
- if (ede) {
- isc_mem_put(mctx, ede->value, ede->length);
- isc_mem_put(mctx, ede, sizeof(*ede));
- }
- client->ede[i] = NULL;
- }
+ dns_ede_reset(&client->edectx);
isc_mem_put(mctx, client, sizeof(*client));
}
size_t count = 0;
for (size_t i = 0; i < DNS_EDE_MAX_ERRORS; i++) {
- dns_ednsopt_t *edns = client->ede[i];
+ dns_ednsopt_t *edns = client->edectx.ede[i];
if (edns == NULL) {
break;
}
uint16_t code;
- const size_t codelen = sizeof(code);
const unsigned char *txt;
assert_in_range(count, 0, expected_count);
code = ISC_U8TO16_BE(edns->value);
assert_int_equal(code, expected[count].code);
- if (edns->length > codelen) {
+ if (edns->length > sizeof(code)) {
assert_non_null(expected[count].txt);
- txt = edns->value + codelen;
+ txt = edns->value + sizeof(code);
assert_memory_equal(expected[count].txt, txt,
- edns->length - codelen);
+ edns->length - sizeof(code));
} else {
assert_null(expected[count].txt);
}
const char *txt2 = "It's been a long time since I rock-and-rolled"
"Ooh, let me get it back, let me get it back";
- ns_client_extendederror(client, 2, txt1);
- ns_client_extendederror(client, 22, NULL);
- ns_client_extendederror(client, 3, txt2);
+ dns_ede_add(&client->edectx, 2, txt1);
+ dns_ede_add(&client->edectx, 22, NULL);
+ dns_ede_add(&client->edectx, 3, txt2);
const client_tests_ede_expected_t expected[3] = {
{ .code = 2, .txt = "foobar" },
ISC_RUN_TEST_IMPL(client_ede_test_max_count) {
ns_client_t *client = client_ede_test_initclient();
- ns_client_extendederror(client, 1, NULL);
- ns_client_extendederror(client, 22, "two");
- ns_client_extendederror(client, 3, "three");
- ns_client_extendederror(client, 4, "four");
- ns_client_extendederror(client, 5, "five");
+ dns_ede_add(&client->edectx, 1, NULL);
+ dns_ede_add(&client->edectx, 22, "two");
+ dns_ede_add(&client->edectx, 3, "three");
+ dns_ede_add(&client->edectx, 4, "four");
+ dns_ede_add(&client->edectx, 5, "five");
const client_tests_ede_expected_t expected[3] = {
{ .code = 1, .txt = NULL },
ISC_RUN_TEST_IMPL(client_ede_test_duplicates) {
ns_client_t *client = client_ede_test_initclient();
- ns_client_extendederror(client, 1, NULL);
- ns_client_extendederror(client, 1, "two");
- ns_client_extendederror(client, 1, "three");
+ dns_ede_add(&client->edectx, 1, NULL);
+ dns_ede_add(&client->edectx, 1, "two");
+ dns_ede_add(&client->edectx, 1, "three");
const client_tests_ede_expected_t expected[] = {
{ .code = 1, .txt = NULL },
projects / thirdparty / bind9.git / commitdiff
