zr.domain_id = compoundOrdername::getDomainID(key);
zr.dr.d_type = compoundOrdername::getQType(key).getCode();
zr.dr.d_ttl = lrr.ttl;
- zr.dr.d_content = deserializeContentZR(zr.dr.d_type, zr.dr.d_name, lrr.content);
+ zr.dr.setContent(deserializeContentZR(zr.dr.d_type, zr.dr.d_name, lrr.content));
zr.auth = lrr.auth;
}
rr.qname = zr.dr.d_name;
rr.ttl = zr.dr.d_ttl;
rr.qtype = zr.dr.d_type;
- rr.content = zr.dr.d_content->getZoneRepresentation(true);
+ rr.content = zr.dr.getContent()->getZoneRepresentation(true);
rr.domain_id = zr.domain_id;
rr.auth = zr.auth;
rr.disabled = zr.disabled;
dzr.dr.d_name = DNSName("version") + zone;
dzr.dr.d_ttl = 0;
dzr.dr.d_type = QType::TXT;
- dzr.dr.d_content = std::make_shared<TXTRecordContent>("2");
+ dzr.dr.setContent(std::make_shared<TXTRecordContent>("2"));
return dzr;
}
dzr.dr.d_name = prefix;
dzr.dr.d_ttl = 0;
dzr.dr.d_type = QType::PTR;
- dzr.dr.d_content = std::make_shared<PTRRecordContent>(d_zone.toString());
+ dzr.dr.setContent(std::make_shared<PTRRecordContent>(d_zone.toString()));
dzrs.emplace_back(dzr);
if (!d_coo.empty()) {
dzr.dr.d_name = DNSName("coo") + prefix;
dzr.dr.d_ttl = 0;
dzr.dr.d_type = QType::PTR;
- dzr.dr.d_content = std::make_shared<PTRRecordContent>(d_coo);
+ dzr.dr.setContent(std::make_shared<PTRRecordContent>(d_coo));
dzrs.emplace_back(dzr);
}
dzr.dr.d_name = DNSName("group") + prefix;
dzr.dr.d_ttl = 0;
dzr.dr.d_type = QType::TXT;
- dzr.dr.d_content = std::make_shared<TXTRecordContent>("\"" + group + "\"");
+ dzr.dr.setContent(std::make_shared<TXTRecordContent>("\"" + group + "\""));
dzrs.emplace_back(dzr);
}
}
DNSZoneRecord rr;
while(b->get(rr))
if(rr.dr.d_type == QType::A || rr.dr.d_type==QType::AAAA)
- addresses.push_back(rr.dr.d_content->getZoneRepresentation()); // SOL if you have a CNAME for an NS
+ addresses.push_back(rr.dr.getContent()->getZoneRepresentation()); // SOL if you have a CNAME for an NS
}
return addresses;
}
const auto rr = *rrs.rbegin();
DNSZoneRecord dzr;
- std::shared_ptr<RRSIGRecordContent> rrsig;
db.lookup(QType(QType::RRSIG), !rr.wildcardname.empty() ? rr.wildcardname : rr.dr.d_name, rr.domain_id);
while(db.get(dzr)) {
- rrsig = getRR<RRSIGRecordContent>(dzr.dr);
- if(rrsig->d_type == rr.dr.d_type) {
+ auto rrsig = getRR<RRSIGRecordContent>(dzr.dr);
+ if (rrsig->d_type == rr.dr.d_type) {
if(!rr.wildcardname.empty()) {
dzr.dr.d_name = rr.dr.d_name;
}
dr.rcode = mdp.d_header.rcode;
for(MOADNSParser::answers_t::const_iterator i=mdp.d_answers.begin(); i!=mdp.d_answers.end(); ++i) {
if(i->first.d_place == 1 && i->first.d_type == mdp.d_qtype)
- dr.ips.push_back(ComboAddress(i->first.d_content->getZoneRepresentation()));
+ dr.ips.push_back(ComboAddress(i->first.getContent()->getZoneRepresentation()));
if(i->first.d_place == 2 && i->first.d_type == QType::SOA) {
dr.seenauthsoa = true;
}
if(!g_quiet)
{
cout<<i->first.d_place-1<<"\t"<<i->first.d_name<<"\tIN\t"<<DNSRecordContent::NumberToType(i->first.d_type);
- cout<<"\t"<<i->first.d_ttl<<"\t"<< i->first.d_content->getZoneRepresentation()<<"\n";
+ cout<<"\t"<<i->first.d_ttl<<"\t"<< i->first.getContent()->getZoneRepresentation()<<"\n";
}
}
BOOST_CHECK_EQUAL(mdp.d_answers.at(0).first.d_type, static_cast<uint16_t>(QType::CNAME));
BOOST_CHECK_EQUAL(mdp.d_answers.at(0).first.d_class, QClass::IN);
BOOST_CHECK_EQUAL(mdp.d_answers.at(0).first.d_name, newTarget);
- auto content = std::dynamic_pointer_cast<UnknownRecordContent>(mdp.d_answers.at(0).first.d_content);
+ auto content = getRR<UnknownRecordContent>(mdp.d_answers.at(0).first);
BOOST_REQUIRE(content != nullptr);
BOOST_CHECK_EQUAL(content->getRawContent().size(), notTheTarget.getStorage().size());
// in case we are not compressing for AXFR, no such checking is performed!
if(d_compress) {
- std::string ser = const_cast<DNSZoneRecord&>(rr).dr.d_content->serialize(rr.dr.d_name);
+ std::string ser = rr.dr.getContent()->serialize(rr.dr.d_name);
auto hash = boost::hash< std::pair<DNSName, std::string> >()({rr.dr.d_name, ser});
if(d_dedup.count(hash)) { // might be a dup
for(auto & i : d_rrs) {
maxScopeMask = max(maxScopeMask, pos->scopeMask);
pw.startRecord(pos->dr.d_name, pos->dr.d_type, pos->dr.d_ttl, pos->dr.d_class, pos->dr.d_place);
- pos->dr.d_content->toPacket(pw);
+ pos->dr.getContent()->toPacket(pw);
if(pw.size() + optsize > (d_tcp ? 65535 : getMaxReplyLen())) {
if (throwsOnTruncation) {
throw PDNSException("attempt to write an oversized chunk");
for(const auto & answer : mdp.d_answers) {
if(answer.first.d_type == QType::TSIG && answer.first.d_class == QType::ANY) {
// cast can fail, f.e. if d_content is an UnknownRecordContent.
- shared_ptr<TSIGRecordContent> content = std::dynamic_pointer_cast<TSIGRecordContent>(answer.first.d_content);
+ auto content = getRR<TSIGRecordContent>(answer.first);
if (!content) {
g_log<<Logger::Error<<"TSIG record has no or invalid content (invalid packet)"<<endl;
return false;
if(answer.first.d_type == QType::TKEY) {
// cast can fail, f.e. if d_content is an UnknownRecordContent.
- shared_ptr<TKEYRecordContent> content = std::dynamic_pointer_cast<TKEYRecordContent>(answer.first.d_content);
+ auto content = getRR<TKEYRecordContent>(answer.first);
if (!content) {
g_log<<Logger::Error<<"TKEY record has no or invalid content (invalid packet)"<<endl;
return false;
return str.str();
}
-void UnknownRecordContent::toPacket(DNSPacketWriter& pw)
+void UnknownRecordContent::toPacket(DNSPacketWriter& pw) const
{
pw.xfrBlob(string(d_record.begin(),d_record.end()));
}
rr.qname = d.d_name;
rr.qtype = QType(d.d_type);
rr.ttl = d.d_ttl;
- rr.content = d.d_content->getZoneRepresentation(true);
+ rr.content = d.getContent()->getZoneRepresentation(true);
rr.auth = false;
rr.qclass = d.d_class;
return rr;
!(d_qtype == QType::IXFR && dr.d_place == DNSResourceRecord::AUTHORITY && dr.d_type == QType::SOA) && // IXFR queries have a SOA in their AUTHORITY section
(dr.d_place == DNSResourceRecord::ANSWER || dr.d_place == DNSResourceRecord::AUTHORITY || (dr.d_type != QType::OPT && dr.d_type != QType::TSIG && dr.d_type != QType::SIG && dr.d_type != QType::TKEY) || ((dr.d_type == QType::TSIG || dr.d_type == QType::SIG || dr.d_type == QType::TKEY) && dr.d_class != QClass::ANY))) {
// cerr<<"discarding RR, query is "<<query<<", place is "<<dr.d_place<<", type is "<<dr.d_type<<", class is "<<dr.d_class<<endl;
- dr.d_content=std::make_shared<UnknownRecordContent>(dr, pr);
+ dr.setContent(std::make_shared<UnknownRecordContent>(dr, pr));
}
else {
// cerr<<"parsing RR, query is "<<query<<", place is "<<dr.d_place<<", type is "<<dr.d_type<<", class is "<<dr.d_class<<endl;
- dr.d_content=DNSRecordContent::mastermake(dr, pr, d_header.opcode);
+ dr.setContent(DNSRecordContent::mastermake(dr, pr, d_header.opcode));
}
/* XXX: XPF records should be allowed after TSIG as soon as the actual XPF option code has been assigned:
virtual std::string getZoneRepresentation(bool noDot=false) const = 0;
virtual ~DNSRecordContent() {}
- virtual void toPacket(DNSPacketWriter& pw)=0;
+ virtual void toPacket(DNSPacketWriter& pw) const = 0;
// returns the wire format of the content, possibly including compressed pointers pointing to the owner name (unless canonic or lowerCase are set)
- virtual string serialize(const DNSName& qname, bool canonic=false, bool lowerCase=false) // it would rock if this were const, but it is too hard because we use the same method (xfrPacket) for both kinds of conversion (fromPacket, toPacket)
+ string serialize(const DNSName& qname, bool canonic=false, bool lowerCase=false) const
{
vector<uint8_t> packet;
DNSPacketWriter pw(packet, g_rootdnsname, 1);
d_place(place) {}
DNSName d_name;
- std::shared_ptr<DNSRecordContent> d_content;
+private:
+ std::shared_ptr<const DNSRecordContent> d_content;
+public:
uint16_t d_type{};
uint16_t d_class{};
uint32_t d_ttl{};
return s.str();
}
+ void setContent(const std::shared_ptr<const DNSRecordContent>& content)
+ {
+ d_content = content;
+ }
+
+ void setContent(std::shared_ptr<const DNSRecordContent>&& content)
+ {
+ d_content = std::move(content);
+ }
+
+ [[nodiscard]] const std::shared_ptr<const DNSRecordContent>& getContent() const
+ {
+ return d_content;
+ }
+
bool operator<(const DNSRecord& rhs) const
{
if(std::tie(d_name, d_type, d_class, d_ttl) < std::tie(rhs.d_name, rhs.d_type, rhs.d_class, rhs.d_ttl))
UnknownRecordContent(const string& zone);
string getZoneRepresentation(bool noDot) const override;
- void toPacket(DNSPacketWriter& pw) override;
+ void toPacket(DNSPacketWriter& pw) const override;
uint16_t getType() const override
{
return d_dr.d_type;
bool visitDNSPacket(const std::string_view& packet, const std::function<bool(uint8_t, uint16_t, uint16_t, uint32_t, uint16_t, const char*)>& visitor);
template<typename T>
-std::shared_ptr<T> getRR(const DNSRecord& dr)
+std::shared_ptr<const T> getRR(const DNSRecord& dr)
{
- return std::dynamic_pointer_cast<T>(dr.d_content);
+ return std::dynamic_pointer_cast<const T>(dr.getContent());
}
/** Simple DNSPacketMangler. Ritual is: get a pointer into the packet and moveOffset() to beyond your needs
MOADNSParser mdp(false, p.getString());
// cerr<<"Got completion, "<<mdp.d_answers.size()<<" answers, rcode: "<<mdp.d_header.rcode<<endl;
if (mdp.d_header.rcode == RCode::NoError) {
- for(const auto & answer : mdp.d_answers) {
+ for (auto& answer : mdp.d_answers) {
// cerr<<"comp: "<<(int)j->first.d_place-1<<" "<<j->first.d_label<<" " << DNSRecordContent::NumberToType(j->first.d_type)<<" "<<j->first.d_content->getZoneRepresentation()<<endl;
if(answer.first.d_place == DNSResourceRecord::ANSWER || (answer.first.d_place == DNSResourceRecord::AUTHORITY && answer.first.d_type == QType::SOA)) {
dzr.dr.d_type = answer.first.d_type;
dzr.dr.d_ttl=answer.first.d_ttl;
dzr.dr.d_place= answer.first.d_place;
- dzr.dr.d_content=answer.first.d_content;
+ dzr.dr.setContent(answer.first.getContent());
i->second.complete->addRecord(std::move(dzr));
}
}
}
#endif
-void OPTRecordContent::getData(vector<pair<uint16_t, string> >& options)
+void OPTRecordContent::getData(vector<pair<uint16_t, string> >& options) const
{
string::size_type pos=0;
uint16_t code, len;
while(d_data.size() >= 4 + pos) {
- code = 256 * (unsigned char)d_data[pos] + (unsigned char)d_data[pos+1];
- len = 256 * (unsigned char)d_data[pos+2] + (unsigned char)d_data[pos+3];
+ code = 256 * (unsigned char)d_data.at(pos) + (unsigned char)d_data.at(pos+1);
+ len = 256 * (unsigned char)d_data.at(pos+2) + (unsigned char)d_data.at(pos+3);
pos+=4;
if(pos + len > d_data.size())
}
return ret;
}
-void EUI48RecordContent::toPacket(DNSPacketWriter& pw)
+void EUI48RecordContent::toPacket(DNSPacketWriter& pw) const
{
string blob(d_eui48, d_eui48+6);
pw.xfrBlob(blob);
}
return ret;
}
-void EUI64RecordContent::toPacket(DNSPacketWriter& pw)
+void EUI64RecordContent::toPacket(DNSPacketWriter& pw) const
{
string blob(d_eui64, d_eui64+8);
pw.xfrBlob(blob);
// DNSRecord to Packet conversion
-void APLRecordContent::toPacket(DNSPacketWriter& pw) {
+void APLRecordContent::toPacket(DNSPacketWriter& pw) const {
for (auto & ard : aplrdata) {
pw.xfr16BitInt(ard.d_family);
pw.xfr8BitInt(ard.d_prefix);
}
uint16_t DNSKEYRecordContent::getTag() const
-{
- DNSKEYRecordContent tmp(*this);
- return makeTag(tmp.serialize(DNSName())); // this can't be const for some reason
-}
-
-uint16_t DNSKEYRecordContent::getTag()
{
return makeTag(this->serialize(DNSName()));
}
static std::shared_ptr<DNSRecordContent> make(const DNSRecord &dr, PacketReader& pr); \
static std::shared_ptr<DNSRecordContent> make(const string& zonedata); \
string getZoneRepresentation(bool noDot=false) const override; \
- void toPacket(DNSPacketWriter& pw) override; \
- uint16_t getType() const override { return QType::RNAME; } \
+ void toPacket(DNSPacketWriter& pw) const override; \
+ uint16_t getType() const override { return QType::RNAME; } \
+ template<class Convertor> void xfrPacket(Convertor& conv, bool noDot=false) const; \
template<class Convertor> void xfrPacket(Convertor& conv, bool noDot=false);
class NAPTRRecordContent : public DNSRecordContent
public:
includeboilerplate(ALIAS)
+ [[nodiscard]] const DNSName& getContent() const
+ {
+ return d_content;
+ }
+private:
DNSName d_content;
};
#endif
public:
OPTRecordContent(){}
includeboilerplate(OPT)
- void getData(vector<pair<uint16_t, string> > &opts);
+ void getData(vector<pair<uint16_t, string> > &opts) const;
private:
string d_data;
};
DNSKEYRecordContent();
includeboilerplate(DNSKEY)
uint16_t getTag() const;
- uint16_t getTag();
uint16_t d_flags{0};
uint8_t d_protocol{0};
}
void fromPacket(PacketReader& pr);
- void toPacket(DNSPacketWriter& pw);
+ void toPacket(DNSPacketWriter& pw) const;
std::string getZoneRepresentation() const;
static constexpr size_t const nbTypes = 65536;
static std::shared_ptr<DNSRecordContent> make(const DNSRecord &dr, PacketReader& pr);
static std::shared_ptr<DNSRecordContent> make(const string& content);
string getZoneRepresentation(bool noDot=false) const override;
- void toPacket(DNSPacketWriter& pw) override;
+ void toPacket(DNSPacketWriter& pw) const override;
uint16_t getType() const override
{
return QType::NSEC;
static std::shared_ptr<DNSRecordContent> make(const DNSRecord &dr, PacketReader& pr);
static std::shared_ptr<DNSRecordContent> make(const string& content);
string getZoneRepresentation(bool noDot=false) const override;
- void toPacket(DNSPacketWriter& pw) override;
+ void toPacket(DNSPacketWriter& pw) const override;
uint8_t d_algorithm{0}, d_flags{0};
uint16_t d_iterations{0};
static std::shared_ptr<DNSRecordContent> make(const DNSRecord &dr, PacketReader& pr);
static std::shared_ptr<DNSRecordContent> make(const string& content);
string getZoneRepresentation(bool noDot=false) const override;
- void toPacket(DNSPacketWriter& pw) override;
+ void toPacket(DNSPacketWriter& pw) const override;
uint16_t getType() const override
{
static std::shared_ptr<DNSRecordContent> make(const DNSRecord &dr, PacketReader& pr);
static std::shared_ptr<DNSRecordContent> make(const string& content);
string getZoneRepresentation(bool noDot=false) const override;
- void toPacket(DNSPacketWriter& pw) override;
+ void toPacket(DNSPacketWriter& pw) const override;
uint16_t getType() const override
{
static std::shared_ptr<DNSRecordContent> make(const DNSRecord &dr, PacketReader& pr);
static std::shared_ptr<DNSRecordContent> make(const string& content);
string getZoneRepresentation(bool noDot=false) const override;
- void toPacket(DNSPacketWriter& pw) override;
+ void toPacket(DNSPacketWriter& pw) const override;
uint8_t d_version{0}, d_size{0}, d_horizpre{0}, d_vertpre{0};
uint32_t d_latitude{0}, d_longitude{0}, d_altitude{0};
static std::shared_ptr<DNSRecordContent> make(const DNSRecord &dr, PacketReader& pr);
static std::shared_ptr<DNSRecordContent> make(const string& zone); // FIXME400: DNSName& zone?
string getZoneRepresentation(bool noDot=false) const override;
- void toPacket(DNSPacketWriter& pw) override;
+ void toPacket(DNSPacketWriter& pw) const override;
uint16_t getType() const override { return QType::EUI48; }
private:
// storage for the bytes
static std::shared_ptr<DNSRecordContent> make(const DNSRecord &dr, PacketReader& pr);
static std::shared_ptr<DNSRecordContent> make(const string& zone); // FIXME400: DNSName& zone?
string getZoneRepresentation(bool noDot=false) const override;
- void toPacket(DNSPacketWriter& pw) override;
+ void toPacket(DNSPacketWriter& pw) const override;
uint16_t getType() const override { return QType::EUI64; }
private:
// storage for the bytes
return std::make_shared<RNAME##RecordContent>(zonedata); \
} \
\
-void RNAME##RecordContent::toPacket(DNSPacketWriter& pw) \
+void RNAME##RecordContent::toPacket(DNSPacketWriter& pw) const \
{ \
this->xfrPacket(pw); \
} \
CONV; \
if (conv.eof() == false) throw MOADNSException("When parsing " #RNAME " trailing data was not parsed: '" + conv.getRemaining() + "'"); \
} \
+template<class Convertor> \
+void RNAME##RecordContent::xfrPacket(Convertor& conv, bool /* noDot */) const \
+{ \
+ CONV; \
+ if (conv.eof() == false) throw MOADNSException("When parsing " #RNAME " trailing data was not parsed: '" + conv.getRemaining() + "'"); \
+} \
struct EDNSOpts
{
if(!g_quiet) {
cout<<"orig: rcode="<<qd.d_origRcode<<"\n";
for(set<DNSRecord>::const_iterator i=canonicOrig.begin(); i!=canonicOrig.end(); ++i)
- cout<<"\t"<<i->d_name<<"\t"<<DNSRecordContent::NumberToType(i->d_type)<<"\t'" << (i->d_content ? i->d_content->getZoneRepresentation() : "") <<"'\n";
+ cout<<"\t"<<i->d_name<<"\t"<<DNSRecordContent::NumberToType(i->d_type)<<"\t'" << (i->getContent() ? i->getContent()->getZoneRepresentation() : "") <<"'\n";
cout<<"new: rcode="<<qd.d_newRcode<<"\n";
for(set<DNSRecord>::const_iterator i=canonicNew.begin(); i!=canonicNew.end(); ++i)
- cout<<"\t"<<i->d_name<<"\t"<<DNSRecordContent::NumberToType(i->d_type)<<"\t'" << (i->d_content ? i->d_content->getZoneRepresentation() : "") <<"'\n";
+ cout<<"\t"<<i->d_name<<"\t"<<DNSRecordContent::NumberToType(i->d_type)<<"\t'" << (i->getContent() ? i->getContent()->getZoneRepresentation() : "") <<"'\n";
cout<<"\n";
cout<<"-\n";
// zonemd: digest = hash( RR(1) | RR(2) | RR(3) | ... ), so skip RRSIG_RDATA
if (includeRRSIG_RDATA) {
- toHash.append(const_cast<RRSIGRecordContent&>(rrc).serialize(g_rootdnsname, true, true));
+ toHash.append(rrc.serialize(g_rootdnsname, true, true));
toHash.resize(toHash.size() - rrc.d_signature.length()); // chop off the end, don't sign the signature!
}
string nameToHash(qname.toDNSStringLC());
}
}
- for(const shared_ptr<DNSRecordContent>& add : signRecords) {
+ for (const shared_ptr<const DNSRecordContent>& add : signRecords) {
toHash.append(nameToHash);
uint16_t tmp=htons(rrc.d_type);
toHash.append((char*)&tmp, 2);
{
string toHash;
toHash.assign(qname.toDNSStringLC());
- toHash.append(const_cast<DNSKEYRecordContent&>(drc).serialize(DNSName(), true, true));
+ toHash.append(drc.serialize(DNSName(), true, true));
DSRecordContent dsrc;
try {
};
struct sharedDNSSECRecordCompare {
- bool operator() (const shared_ptr<DNSRecordContent>& a, const shared_ptr<DNSRecordContent>& b) const {
+ bool operator() (const shared_ptr<const DNSRecordContent>& a, const shared_ptr<const DNSRecordContent>& b) const {
return a->serialize(g_rootdnsname, true, true) < b->serialize(g_rootdnsname, true, true);
}
};
-typedef std::set<std::shared_ptr<DNSRecordContent>, sharedDNSSECRecordCompare> sortedRecords_t;
+typedef std::set<std::shared_ptr<const DNSRecordContent>, sharedDNSSECRecordCompare> sortedRecords_t;
string getMessageForRRSET(const DNSName& qname, const RRSIGRecordContent& rrc, const sortedRecords_t& signRecords, bool processRRSIGLabels = false, bool includeRRSIG_RDATA = true);
rr.auth=false;
rr.dr.d_place = signPlace;
for(RRSIGRecordContent& rrc : rrcs) {
- rr.dr.d_content = std::make_shared<RRSIGRecordContent>(rrc);
+ rr.dr.setContent(std::make_shared<RRSIGRecordContent>(rrc));
outsigned.push_back(rr);
}
}
origTTL = pos->dr.d_ttl;
signPlace = pos->dr.d_place;
if(pos->auth || pos->dr.d_type == QType::DS) {
- toSign.insert(pos->dr.d_content); // so ponder.. should this be a deep copy perhaps?
+ toSign.insert(pos->dr.getContent()); // so ponder.. should this be a deep copy perhaps?
}
}
if(getBestAuthFromSet(authSet, signQName, signer))
#include "tsigverifier.hh"
vector<pair<vector<DNSRecord>, vector<DNSRecord> > > processIXFRRecords(const ComboAddress& primary, const DNSName& zone,
- const vector<DNSRecord>& records, const std::shared_ptr<SOARecordContent>& primarySOA)
+ const vector<DNSRecord>& records, const std::shared_ptr<const SOARecordContent>& primarySOA)
{
vector<pair<vector<DNSRecord>, vector<DNSRecord> > > ret;
pw.getHeader()->rd=0;
pw.getHeader()->id=dns_random_uint16();
pw.startRecord(zone, QType::SOA, 0, QClass::IN, DNSResourceRecord::AUTHORITY);
- oursr.d_content->toPacket(pw);
+ oursr.getContent()->toPacket(pw);
pw.commit();
TSIGRecordContent trc;
// SOA WHERE THIS DELTA GOES
// RECORDS TO ADD
// CURRENT PRIMARY SOA
- std::shared_ptr<SOARecordContent> primarySOA = nullptr;
+ std::shared_ptr<const SOARecordContent> primarySOA = nullptr;
vector<DNSRecord> records;
size_t receivedBytes = 0;
std::string reply;
throw std::runtime_error("Error getting the content of the first SOA record of the IXFR answer for zone '"+zone.toLogString()+"' from primary '"+primary.toStringWithPort()+"'");
}
- if(sr->d_st.serial == std::dynamic_pointer_cast<SOARecordContent>(oursr.d_content)->d_st.serial) {
+ if(sr->d_st.serial == getRR<SOARecordContent>(oursr)->d_st.serial) {
// we are up to date
return ret;
}
const ComboAddress* laddr=0, size_t maxReceivedBytes=0);
vector<pair<vector<DNSRecord>, vector<DNSRecord>>> processIXFRRecords(const ComboAddress& primary, const DNSName& zone,
- const vector<DNSRecord>& records, const std::shared_ptr<SOARecordContent>& primarySOA);
+ const vector<DNSRecord>& records, const std::shared_ptr<const SOARecordContent>& primarySOA);
} // namespace YAML
struct ixfrdiff_t {
- shared_ptr<SOARecordContent> oldSOA;
- shared_ptr<SOARecordContent> newSOA;
+ shared_ptr<const SOARecordContent> oldSOA;
+ shared_ptr<const SOARecordContent> newSOA;
vector<DNSRecord> removals;
vector<DNSRecord> additions;
uint32_t oldSOATTL;
};
struct ixfrinfo_t {
- shared_ptr<SOARecordContent> soa; // The SOA of the latest AXFR
+ shared_ptr<const SOARecordContent> soa; // The SOA of the latest AXFR
records_t latestAXFR; // The most recent AXFR
vector<std::shared_ptr<ixfrdiff_t>> ixfrDiffs;
uint32_t soaTTL;
}
}
-static void getSOAFromRecords(const records_t& records, shared_ptr<SOARecordContent>& soa, uint32_t& soaTTL) {
+static void getSOAFromRecords(const records_t& records, shared_ptr<const SOARecordContent>& soa, uint32_t& soaTTL) {
for (const auto& dnsrecord : records) {
if (dnsrecord.d_type == QType::SOA) {
soa = getRR<SOARecordContent>(dnsrecord);
throw PDNSException("No SOA in supplied records");
}
-static void makeIXFRDiff(const records_t& from, const records_t& to, std::shared_ptr<ixfrdiff_t>& diff, const shared_ptr<SOARecordContent>& fromSOA = nullptr, uint32_t fromSOATTL=0, const shared_ptr<SOARecordContent>& toSOA = nullptr, uint32_t toSOATTL = 0) {
+static void makeIXFRDiff(const records_t& from, const records_t& to, std::shared_ptr<ixfrdiff_t>& diff, const shared_ptr<const SOARecordContent>& fromSOA = nullptr, uint32_t fromSOATTL=0, const shared_ptr<const SOARecordContent>& toSOA = nullptr, uint32_t toSOATTL = 0) {
set_difference(from.cbegin(), from.cend(), to.cbegin(), to.cend(), back_inserter(diff->removals), from.value_comp());
set_difference(to.cbegin(), to.cend(), from.cbegin(), from.cend(), back_inserter(diff->additions), from.value_comp());
diff->oldSOA = fromSOA;
try {
g_log<<Logger::Info<<"Trying to initially load domain "<<domain<<" from disk"<<endl;
auto serial = getSerialFromDir(dir);
- shared_ptr<SOARecordContent> soa;
+ shared_ptr<const SOARecordContent> soa;
uint32_t soaTTL;
{
string fname = workdir + "/" + domain.toString() + "/" + std::to_string(serial);
}
DNSName domain = domainConfig.first;
- shared_ptr<SOARecordContent> current_soa;
+ shared_ptr<const SOARecordContent> current_soa;
const auto& zoneInfo = getCurrentZoneInfo(domain);
if (zoneInfo != nullptr) {
current_soa = zoneInfo->soa;
string dir = workdir + "/" + domain.toString();
g_log<<Logger::Info<<"Attempting to retrieve SOA Serial update for '"<<domain<<"' from '"<<master.toStringWithPort()<<"'"<<endl;
- shared_ptr<SOARecordContent> sr;
+ shared_ptr<const SOARecordContent> sr;
try {
zoneLastCheck = now;
g_stats.incrementSOAChecks(domain);
TSIGTriplet tt;
// The *new* SOA
- shared_ptr<SOARecordContent> soa;
+ shared_ptr<const SOARecordContent> soa;
uint32_t soaTTL = 0;
records_t records;
try {
return true;
}
-static vector<uint8_t> getSOAPacket(const MOADNSParser& mdp, const shared_ptr<SOARecordContent>& soa, uint32_t soaTTL) {
+static vector<uint8_t> getSOAPacket(const MOADNSParser& mdp, const shared_ptr<const SOARecordContent>& soa, uint32_t soaTTL) {
vector<uint8_t> packet;
DNSPacketWriter pw(packet, mdp.d_qname, mdp.d_qtype);
pw.getHeader()->id = mdp.d_header.id;
static bool addRecordToWriter(DNSPacketWriter& pw, const DNSName& zoneName, const DNSRecord& record, bool compress)
{
pw.startRecord(record.d_name + zoneName, record.d_type, record.d_ttl, QClass::IN, DNSResourceRecord::ANSWER, compress);
- record.d_content->toPacket(pw);
+ record.getContent()->toPacket(pw);
if (pw.size() > 16384) {
pw.rollback();
return false;
return false;
}
- shared_ptr<SOARecordContent> soa = zoneInfo->soa;
+ shared_ptr<const SOARecordContent> soa = zoneInfo->soa;
uint32_t soaTTL = zoneInfo->soaTTL;
const records_t& records = zoneInfo->latestAXFR;
/* Produces an IXFR if one can be made according to the rules in RFC 1995 and
* creates a SOA or AXFR packet when required by the RFC.
*/
-static bool handleIXFR(int fd, const MOADNSParser& mdp, const shared_ptr<SOARecordContent>& clientSOA) {
+static bool handleIXFR(int fd, const MOADNSParser& mdp, const shared_ptr<const SOARecordContent>& clientSOA) {
vector<std::shared_ptr<ixfrdiff_t>> toSend;
/* we get a shared pointer of the zone info that we can't modify, ever.
* query, but with the query type being IXFR and the authority section
* containing the SOA record of client's version of the zone.
*/
- shared_ptr<SOARecordContent> clientSOA;
+ shared_ptr<const SOARecordContent> clientSOA;
for (auto &answer : mdp.d_answers) {
// from dnsparser.hh:
// typedef vector<pair<DNSRecord, uint16_t > > answers_t;
#include "zoneparser-tng.hh"
#include "dnsparser.hh"
-uint32_t getSerialFromMaster(const ComboAddress& master, const DNSName& zone, shared_ptr<SOARecordContent>& sr, const TSIGTriplet& tt, const uint16_t timeout)
+uint32_t getSerialFromMaster(const ComboAddress& master, const DNSName& zone, shared_ptr<const SOARecordContent>& sr, const TSIGTriplet& tt, const uint16_t timeout)
{
vector<uint8_t> packet;
DNSPacketWriter pw(packet, zone, QType::SOA);
auto found = records.equal_range(std::tie(g_rootdnsname, t));
for(auto iter = found.first; iter != found.second; ++iter) {
- auto soa = std::dynamic_pointer_cast<SOARecordContent>(iter->d_content);
+ auto soa = getRR<SOARecordContent>(*iter);
if (soa) {
soaret = *iter;
return soa->d_st.serial;
r.d_name.isRoot() ? "@" : r.d_name.toStringNoDot().c_str(),
r.d_ttl,
DNSRecordContent::NumberToType(r.d_type).c_str(),
- r.d_content->getZoneRepresentation().c_str()) < 0) {
+ r.getContent()->getZoneRepresentation().c_str()) < 0) {
throw runtime_error(stringerror());
}
}
* Load the zone `zone` from `fname` and put the first found SOA into `soa`
* Does NOT check for nullptr
*/
-void loadSOAFromDisk(const DNSName& zone, const string& fname, shared_ptr<SOARecordContent>& soa, uint32_t& soaTTL)
+void loadSOAFromDisk(const DNSName& zone, const string& fname, shared_ptr<const SOARecordContent>& soa, uint32_t& soaTTL)
{
ZoneParserTNG zpt(fname, zone);
zpt.disableGenerate();
#include <boost/multi_index_container.hpp>
#include <boost/multi_index/key_extractors.hpp>
#include <boost/multi_index/ordered_index.hpp>
+#include <boost/multi_index/mem_fun.hpp>
#include "dnsparser.hh"
#include "dnsrecords.hh"
struct CIContentCompareStruct
{
- bool operator()(const shared_ptr<DNSRecordContent>&a, const shared_ptr<DNSRecordContent>& b) const
+ bool operator()(const shared_ptr<const DNSRecordContent>&a, const shared_ptr<const DNSRecordContent>& b) const
{
return toLower(a->getZoneRepresentation()) < toLower(b->getZoneRepresentation());
}
member<DNSRecord, DNSName, &DNSRecord::d_name>,
member<DNSRecord, uint16_t, &DNSRecord::d_type>,
member<DNSRecord, uint16_t, &DNSRecord::d_class>,
- member<DNSRecord, shared_ptr<DNSRecordContent>, &DNSRecord::d_content> >,
+ BOOST_MULTI_INDEX_CONST_MEM_FUN(DNSRecord, const shared_ptr<const DNSRecordContent>&, getContent) >,
composite_key_compare<CanonDNSNameCompare, std::less<uint16_t>, std::less<uint16_t>, CIContentCompareStruct >
> /* ordered_non_uniquw */
> /* indexed_by */
> /* multi_index_container */ records_t;
-uint32_t getSerialFromMaster(const ComboAddress& master, const DNSName& zone, shared_ptr<SOARecordContent>& sr, const TSIGTriplet& tt = TSIGTriplet(), const uint16_t timeout = 2);
+uint32_t getSerialFromMaster(const ComboAddress& master, const DNSName& zone, shared_ptr<const SOARecordContent>& sr, const TSIGTriplet& tt = TSIGTriplet(), const uint16_t timeout = 2);
uint32_t getSerialFromDir(const std::string& dir);
uint32_t getSerialFromRecords(const records_t& records, DNSRecord& soaret);
void writeZoneToDisk(const records_t& records, const DNSName& zone, const std::string& directory);
void loadZoneFromDisk(records_t& records, const string& fname, const DNSName& zone);
-void loadSOAFromDisk(const DNSName& zone, const string& fname, shared_ptr<SOARecordContent>& soa, uint32_t& soaTTL);
+void loadSOAFromDisk(const DNSName& zone, const string& fname, shared_ptr<const SOARecordContent>& soa, uint32_t& soaTTL);
set_difference(before.cbegin(), before.cend(), after.cbegin(), after.cend(), back_inserter(diff), before.value_comp());
for(const auto& d : diff) {
- cout<<'-'<< (d.d_name+zone) <<" IN "<<DNSRecordContent::NumberToType(d.d_type)<<" "<<d.d_content->getZoneRepresentation()<<endl;
+ cout<<'-'<< (d.d_name+zone) <<" IN "<<DNSRecordContent::NumberToType(d.d_type)<<" "<<d.getContent()->getZoneRepresentation()<<endl;
}
diff.clear();
set_difference(after.cbegin(), after.cend(), before.cbegin(), before.cend(), back_inserter(diff), before.value_comp());
for(const auto& d : diff) {
- cout<<'+'<< (d.d_name+zone) <<" IN "<<DNSRecordContent::NumberToType(d.d_type)<<" "<<d.d_content->getZoneRepresentation()<<endl;
+ cout<<'+'<< (d.d_name+zone) <<" IN "<<DNSRecordContent::NumberToType(d.d_type)<<" "<<d.getContent()->getZoneRepresentation()<<endl;
}
exit(1);
}
cout<<"Checking for update, our serial number is "<<ourSerial<<".. ";
cout.flush();
- shared_ptr<SOARecordContent> sr;
+ shared_ptr<const SOARecordContent> sr;
uint32_t serial = getSerialFromMaster(master, zone, sr, tt);
if(ourSerial == serial) {
time_t sleepTime = sr ? sr->d_st.refresh : 60;
uint32_t newserial=0;
for(const auto& rr : add) {
if(rr.d_type == QType::SOA) {
- newserial=std::dynamic_pointer_cast<SOARecordContent>(rr.d_content)->d_st.serial;
+ newserial=getRR<SOARecordContent>(rr)->d_st.serial;
}
}
bool stop=false;
for(const auto& rr : remove) {
- report<<'-'<< (rr.d_name+zone) <<" IN "<<DNSRecordContent::NumberToType(rr.d_type)<<" "<<rr.d_content->getZoneRepresentation()<<endl;
- auto range = records.equal_range(std::tie(rr.d_name, rr.d_type, rr.d_class, rr.d_content));
+ report<<'-'<< (rr.d_name+zone) <<" IN "<<DNSRecordContent::NumberToType(rr.d_type)<<" "<<rr.getContent()->getZoneRepresentation()<<endl;
+ auto range = records.equal_range(std::tie(rr.d_name, rr.d_type, rr.d_class, rr.getContent()));
if(range.first == range.second) {
cout<<endl<<" !! Could not find record "<<rr.d_name<<" to remove!!"<<endl;
// stop=true;
}
for(const auto& rr : add) {
- report<<'+'<< (rr.d_name+zone) <<" IN "<<DNSRecordContent::NumberToType(rr.d_type)<<" "<<rr.d_content->getZoneRepresentation()<<endl;
+ report<<'+'<< (rr.d_name+zone) <<" IN "<<DNSRecordContent::NumberToType(rr.d_type)<<" "<<rr.getContent()->getZoneRepresentation()<<endl;
records.insert(rr);
}
if(stop) {
d_lw->registerFunction("match", (bool (NetmaskGroup::*)(const ComboAddress&) const)&NetmaskGroup::match);
// DNSRecord
- d_lw->writeFunction("newDR", [](const DNSName &name, const std::string &type, unsigned int ttl, const std::string &content, int place){ QType qtype; qtype = type; auto dr = DNSRecord(); dr.d_name = name; dr.d_type = qtype.getCode(); dr.d_ttl = ttl; dr.d_content = shared_ptr<DNSRecordContent>(DNSRecordContent::mastermake(dr.d_type, QClass::IN, content)); dr.d_place = static_cast<DNSResourceRecord::Place>(place); return dr; });
+ d_lw->writeFunction("newDR", [](const DNSName &name, const std::string &type, unsigned int ttl, const std::string &content, int place){ QType qtype; qtype = type; auto dr = DNSRecord(); dr.d_name = name; dr.d_type = qtype.getCode(); dr.d_ttl = ttl; dr.setContent(shared_ptr<DNSRecordContent>(DNSRecordContent::mastermake(dr.d_type, QClass::IN, content))); dr.d_place = static_cast<DNSResourceRecord::Place>(place); return dr; });
d_lw->registerMember("name", &DNSRecord::d_name);
d_lw->registerMember("type", &DNSRecord::d_type);
d_lw->registerMember("ttl", &DNSRecord::d_ttl);
d_lw->registerMember("place", &DNSRecord::d_place);
- d_lw->registerFunction<string(DNSRecord::*)()>("getContent", [](const DNSRecord& dr) { return dr.d_content->getZoneRepresentation(); });
+ d_lw->registerFunction<string(DNSRecord::*)()>("getContent", [](const DNSRecord& dr) { return dr.getContent()->getZoneRepresentation(); });
d_lw->registerFunction<boost::optional<ComboAddress>(DNSRecord::*)()>("getCA", [](const DNSRecord& dr) {
boost::optional<ComboAddress> ret;
- if(auto arec = std::dynamic_pointer_cast<ARecordContent>(dr.d_content))
+ if(auto arec = getRR<ARecordContent>(dr))
ret=arec->getCA(53);
- else if(auto aaaarec = std::dynamic_pointer_cast<AAAARecordContent>(dr.d_content))
+ else if(auto aaaarec = getRR<AAAARecordContent>(dr))
ret=aaaarec->getCA(53);
return ret;
});
- d_lw->registerFunction<void(DNSRecord::*)(const std::string&)>("changeContent", [](DNSRecord& dr, const std::string& newContent) { dr.d_content = shared_ptr<DNSRecordContent>(DNSRecordContent::mastermake(dr.d_type, 1, newContent)); });
+ d_lw->registerFunction<void(DNSRecord::*)(const std::string&)>("changeContent", [](DNSRecord& dr, const std::string& newContent) { dr.setContent(shared_ptr<DNSRecordContent>(DNSRecordContent::mastermake(dr.d_type, 1, newContent))); });
// pdnsload
d_lw->writeFunction("pdnslog", [](const std::string& msg, boost::optional<int> loglevel) {
{
// cerr<<"got nsec3 ["<<i->first.d_name<<"]"<<endl;
// cerr<<i->first.d_content->getZoneRepresentation()<<endl;
- const auto r = std::dynamic_pointer_cast<NSEC3RecordContent>(i->first.d_content);
+ const auto r = getRR<NSEC3RecordContent>(i->first);
if (!r) {
continue;
}
if(i->first.d_type == QType::CNAME)
{
- namesseen.insert(DNSName(i->first.d_content->getZoneRepresentation()));
+ namesseen.insert(DNSName(i->first.getContent()->getZoneRepresentation()));
}
cout << i->first.d_place - 1 << "\t" << i->first.d_name.toString() << "\t" << i->first.d_ttl << "\tIN\t" << DNSRecordContent::NumberToType(i->first.d_type);
- cout << "\t" << i->first.d_content->getZoneRepresentation() << "\n";
+ cout << "\t" << i->first.getContent()->getZoneRepresentation() << "\n";
}
#if 0
string tmp;
};
-void NSECBitmap::toPacket(DNSPacketWriter& pw)
+void NSECBitmap::toPacket(DNSPacketWriter& pw) const
{
NSECBitmapGenerator nbg(pw);
if (d_bitset) {
}
}
-void NSECRecordContent::toPacket(DNSPacketWriter& pw)
+void NSECRecordContent::toPacket(DNSPacketWriter& pw) const
{
pw.xfrName(d_next);
d_bitmap.toPacket(pw);
}
}
-void NSEC3RecordContent::toPacket(DNSPacketWriter& pw)
+void NSEC3RecordContent::toPacket(DNSPacketWriter& pw) const
{
pw.xfr8BitInt(d_algorithm);
pw.xfr8BitInt(d_flags);
rtr.xfrHexBlob(d_salt);
}
-void NSEC3PARAMRecordContent::toPacket(DNSPacketWriter& pw)
+void NSEC3PARAMRecordContent::toPacket(DNSPacketWriter& pw) const
{
pw.xfr8BitInt(d_algorithm);
pw.xfr8BitInt(d_flags);
}
}
-void CSYNCRecordContent::toPacket(DNSPacketWriter& pw)
+void CSYNCRecordContent::toPacket(DNSPacketWriter& pw) const
{
pw.xfr32BitInt(d_serial);
pw.xfr16BitInt(d_flags);
rr.auth=true;
if (publishCDNSKEY == "0") { // delete DS via CDNSKEY
- rr.dr.d_content=s_deleteCDNSKEYContent;
+ rr.dr.setContent(s_deleteCDNSKEYContent);
r->addRecord(std::move(rr));
return true;
}
if (!value.second.published) {
continue;
}
- rr.dr.d_content=std::make_shared<DNSKEYRecordContent>(value.first.getDNSKEY());
+ rr.dr.setContent(std::make_shared<DNSKEYRecordContent>(value.first.getDNSKEY()));
r->addRecord(DNSZoneRecord(rr));
haveOne=true;
}
rr.dr.d_type=QType::DNSKEY;
rr.dr.d_ttl=d_sd.minimum;
rr.dr.d_name=p.qdomain;
- rr.dr.d_content=std::make_shared<DNSKEYRecordContent>(value.first.getDNSKEY());
+ rr.dr.setContent(std::make_shared<DNSKEYRecordContent>(value.first.getDNSKEY()));
rr.auth=true;
r->addRecord(std::move(rr));
haveOne=true;
rr.auth=true;
if(std::find(digestAlgos.begin(), digestAlgos.end(), "0") != digestAlgos.end()) { // delete DS via CDS
- rr.dr.d_content=s_deleteCDSContent;
+ rr.dr.setContent(s_deleteCDSContent);
r->addRecord(std::move(rr));
return true;
}
continue;
}
for(auto const &digestAlgo : digestAlgos){
- rr.dr.d_content=std::make_shared<DSRecordContent>(makeDSFromDNSKey(p.qdomain, value.first.getDNSKEY(), pdns::checked_stoi<uint8_t>(digestAlgo)));
+ rr.dr.setContent(std::make_shared<DSRecordContent>(makeDSFromDNSKey(p.qdomain, value.first.getDNSKEY(), pdns::checked_stoi<uint8_t>(digestAlgo))));
r->addRecord(DNSZoneRecord(rr));
haveOne=true;
}
rr.dr.d_ttl=d_sd.minimum;
rr.dr.d_name=p.qdomain;
ns3prc.d_flags = 0; // the NSEC3PARAM 'flag' is defined to always be zero in RFC5155.
- rr.dr.d_content=std::make_shared<NSEC3PARAMRecordContent>(ns3prc);
+ rr.dr.setContent(std::make_shared<NSEC3PARAMRecordContent>(ns3prc));
rr.auth = true;
r->addRecord(std::move(rr));
return true;
}
else
content=mode;
- rr.dr.d_content = DNSRecordContent::mastermake(QType::TXT, 1, "\""+content+"\"");
+ rr.dr.setContent(DNSRecordContent::mastermake(QType::TXT, 1, "\""+content+"\""));
}
else if (target==idserver) {
// modes: disabled, hostname or custom
if(!tid.empty() && tid[0]!='"') { // see #6010 however
tid = "\"" + tid + "\"";
}
- rr.dr.d_content=DNSRecordContent::mastermake(QType::TXT, 1, tid);
+ rr.dr.setContent(DNSRecordContent::mastermake(QType::TXT, 1, tid));
}
else {
r->setRcode(RCode::Refused);
ret.push_back(rr); // put in the original
rr.dr.d_type = QType::CNAME;
rr.dr.d_name = prefix + rr.dr.d_name;
- rr.dr.d_content = std::make_shared<CNAMERecordContent>(CNAMERecordContent(prefix + getRR<DNAMERecordContent>(rr.dr)->getTarget()));
+ rr.dr.setContent(std::make_shared<CNAMERecordContent>(CNAMERecordContent(prefix + getRR<DNAMERecordContent>(rr.dr)->getTarget())));
rr.auth = false; // don't sign CNAME
target = getRR<CNAMERecordContent>(rr.dr)->getTarget();
ret.push_back(rr);
DLOG(g_log<<"Executing Lua: '"<<rec->getCode()<<"'"<<endl);
try {
auto recvec=luaSynth(rec->getCode(), target, d_sd.qname, d_sd.domain_id, p, rec->d_type, s_LUA);
- for(const auto& r : recvec) {
+ for (const auto& r : recvec) {
rr.dr.d_type = rec->d_type; // might be CNAME
- rr.dr.d_content = r;
+ rr.dr.setContent(r);
rr.scopeMask = p.getRealRemote().getBits(); // this makes sure answer is a specific as your question
ret->push_back(rr);
}
if (!newRRC) {
continue;
}
- rrc = newRRC;
- rec->dr.d_content = newRRC;
if (s_SVCAutohints) {
auto hints = getIPAddressFor(target, QType::A);
if (hints.size() == 0) {
- rrc->removeParam(SvcParam::ipv4hint);
+ newRRC->removeParam(SvcParam::ipv4hint);
} else {
- rrc->setHints(SvcParam::ipv4hint, hints);
+ newRRC->setHints(SvcParam::ipv4hint, hints);
}
} else {
- rrc->removeParam(SvcParam::ipv4hint);
+ newRRC->removeParam(SvcParam::ipv4hint);
}
+ rrc = newRRC;
+ rec->dr.setContent(std::move(newRRC));
}
if (rrc->hasParam(SvcParam::ipv6hint) && rrc->autoHint(SvcParam::ipv6hint)) {
if (!newRRC) {
continue;
}
- rrc = newRRC;
- rec->dr.d_content = newRRC;
if (s_SVCAutohints) {
auto hints = getIPAddressFor(target, QType::AAAA);
if (hints.size() == 0) {
- rrc->removeParam(SvcParam::ipv6hint);
+ newRRC->removeParam(SvcParam::ipv6hint);
} else {
- rrc->setHints(SvcParam::ipv6hint, hints);
+ newRRC->setHints(SvcParam::ipv6hint, hints);
}
} else {
- rrc->removeParam(SvcParam::ipv6hint);
+ newRRC->removeParam(SvcParam::ipv6hint);
}
+ rec->dr.setContent(std::move(newRRC));
}
}
rr.dr.d_name = name;
rr.dr.d_ttl = d_sd.getNegativeTTL();
rr.dr.d_type = QType::NSEC;
- rr.dr.d_content = std::make_shared<NSECRecordContent>(std::move(nrc));
+ rr.dr.setContent(std::make_shared<NSECRecordContent>(std::move(nrc)));
rr.dr.d_place = (mode == 5 ) ? DNSResourceRecord::ANSWER: DNSResourceRecord::AUTHORITY;
rr.auth = true;
rr.dr.d_name = DNSName(toBase32Hex(namehash))+d_sd.qname;
rr.dr.d_ttl = d_sd.getNegativeTTL();
rr.dr.d_type=QType::NSEC3;
- rr.dr.d_content=std::make_shared<NSEC3RecordContent>(std::move(n3rc));
+ rr.dr.setContent(std::make_shared<NSEC3RecordContent>(std::move(n3rc)));
rr.dr.d_place = (mode == 5 ) ? DNSResourceRecord::ANSWER: DNSResourceRecord::AUTHORITY;
rr.auth = true;
try {
auto recvec=luaSynth(rec->getCode(), target, d_sd.qname, d_sd.domain_id, p, rec->d_type, s_LUA);
if(!recvec.empty()) {
- for(const auto& r_it : recvec) {
+ for (const auto& r_it : recvec) {
rr.dr.d_type = rec->d_type; // might be CNAME
- rr.dr.d_content = r_it;
+ rr.dr.setContent(r_it);
rr.scopeMask = p.getRealRemote().getBits(); // this makes sure answer is a specific as your question
rrset.push_back(rr);
}
g_log<<Logger::Info<<"ALIAS record found for "<<target<<", but ALIAS expansion is disabled."<<endl;
continue;
}
- haveAlias=getRR<ALIASRecordContent>(rr.dr)->d_content;
+ haveAlias=getRR<ALIASRecordContent>(rr.dr)->getContent();
aliasScopeMask=rr.scopeMask;
}
sort(pre.begin(), pre.end(), DNSRecord::prettyCompare);
for(const auto& dr : pre) {
ostringstream os;
- os<<dr.d_name<<"\t"<<dr.d_ttl<<"\tIN\t"<<DNSRecordContent::NumberToType(dr.d_type)<<"\t"<<dr.d_content->getZoneRepresentation(true)<<endl;
+ os<<dr.d_name<<"\t"<<dr.d_ttl<<"\tIN\t"<<DNSRecordContent::NumberToType(dr.d_type)<<"\t"<<dr.getContent()->getZoneRepresentation(true)<<endl;
if(write(tmpfd, os.str().c_str(), os.str().length()) < 0)
unixDie("Writing zone to temporary file");
}
set_difference(pre.cbegin(), pre.cend(), post.cbegin(), post.cend(), back_inserter(diff), DNSRecord::prettyCompare);
for(const auto& d : diff) {
ostringstream str;
- str << col.red() << "-" << d.d_name << " " << d.d_ttl << " IN " << DNSRecordContent::NumberToType(d.d_type) << " " <<d.d_content->getZoneRepresentation(true) << col.rst() <<endl;
+ str << col.red() << "-" << d.d_name << " " << d.d_ttl << " IN " << DNSRecordContent::NumberToType(d.d_type) << " " <<d.getContent()->getZoneRepresentation(true) << col.rst() <<endl;
changed[{d.d_name,d.d_type}] += str.str();
}
for(const auto& d : diff) {
ostringstream str;
- str<<col.green() << "+" << d.d_name << " " << d.d_ttl << " IN " <<DNSRecordContent::NumberToType(d.d_type) << " " << d.d_content->getZoneRepresentation(true) << col.rst() <<endl;
+ str<<col.green() << "+" << d.d_name << " " << d.d_ttl << " IN " <<DNSRecordContent::NumberToType(d.d_type) << " " << d.getContent()->getZoneRepresentation(true) << col.rst() <<endl;
changed[{d.d_name,d.d_type}]+=str.str();
}
cout<<"Detected the following changes:"<<endl;
{
DNSRecord oldSoaDR = grouped[{zone, QType::SOA}].at(0); // there should be only one SOA record, so we can use .at(0);
ostringstream str;
- str<< col.red() << "-" << oldSoaDR.d_name << " " << oldSoaDR.d_ttl << " IN " << DNSRecordContent::NumberToType(oldSoaDR.d_type) << " " <<oldSoaDR.d_content->getZoneRepresentation(true) << col.rst() <<endl;
+ str<< col.red() << "-" << oldSoaDR.d_name << " " << oldSoaDR.d_ttl << " IN " << DNSRecordContent::NumberToType(oldSoaDR.d_type) << " " <<oldSoaDR.getContent()->getZoneRepresentation(true) << col.rst() <<endl;
SOAData sd;
B.getSOAUncached(zone, sd);
DNSResourceRecord rr;
makeIncreasedSOARecord(sd, "SOA-EDIT-INCREASE", soaEditKind, rr);
DNSRecord dr(rr);
- str << col.green() << "+" << dr.d_name << " " << dr.d_ttl<< " IN " <<DNSRecordContent::NumberToType(dr.d_type) << " " <<dr.d_content->getZoneRepresentation(true) << col.rst() <<endl;
+ str << col.green() << "+" << dr.d_name << " " << dr.d_ttl<< " IN " <<DNSRecordContent::NumberToType(dr.d_type) << " " <<dr.getContent()->getZoneRepresentation(true) << col.rst() <<endl;
changed[{dr.d_name, dr.d_type}]+=str.str();
grouped[{dr.d_name, dr.d_type}].at(0) = dr;
}
}
-static bool isMinimallyCoveringNSEC(const DNSName& owner, const std::shared_ptr<NSECRecordContent>& nsec)
+static bool isMinimallyCoveringNSEC(const DNSName& owner, const std::shared_ptr<const NSECRecordContent>& nsec)
{
/* this test only covers Cloudflare's ones (https://blog.cloudflare.com/black-lies/),
we might need to cover more cases described in rfc4470 as well, but the name generation algorithm
return commonPrefixIsLong(ownerHash, nextHash, AggressiveNSECCache::s_maxNSEC3CommonPrefix);
}
-void AggressiveNSECCache::insertNSEC(const DNSName& zone, const DNSName& owner, const DNSRecord& record, const std::vector<std::shared_ptr<RRSIGRecordContent>>& signatures, bool nsec3)
+void AggressiveNSECCache::insertNSEC(const DNSName& zone, const DNSName& owner, const DNSRecord& record, const std::vector<std::shared_ptr<const RRSIGRecordContent>>& signatures, bool nsec3)
{
if (nsec3 && nsec3Disabled()) {
return;
/* the TTL is already a TTD by now */
if (!nsec3 && isWildcardExpanded(owner.countLabels(), signatures.at(0))) {
DNSName realOwner = getNSECOwnerName(owner, signatures);
- auto pair = zoneEntry->d_entries.insert({record.d_content, signatures, std::move(realOwner), std::move(next), record.d_ttl});
+ auto pair = zoneEntry->d_entries.insert({record.getContent(), signatures, std::move(realOwner), std::move(next), record.d_ttl});
if (pair.second) {
++d_entriesCount;
}
}
else {
- auto pair = zoneEntry->d_entries.insert({record.d_content, signatures, owner, std::move(next), record.d_ttl});
+ auto pair = zoneEntry->d_entries.insert({record.getContent(), signatures, owner, std::move(next), record.d_ttl});
if (pair.second) {
++d_entriesCount;
}
return false;
}
-static void addToRRSet(const time_t now, std::vector<DNSRecord>& recordSet, std::vector<std::shared_ptr<RRSIGRecordContent>> signatures, const DNSName& owner, bool doDNSSEC, std::vector<DNSRecord>& ret, DNSResourceRecord::Place place = DNSResourceRecord::AUTHORITY)
+static void addToRRSet(const time_t now, std::vector<DNSRecord>& recordSet, std::vector<std::shared_ptr<const RRSIGRecordContent>> signatures, const DNSName& owner, bool doDNSSEC, std::vector<DNSRecord>& ret, DNSResourceRecord::Place place = DNSResourceRecord::AUTHORITY)
{
uint32_t ttl = 0;
dr.d_type = QType::RRSIG;
dr.d_name = owner;
dr.d_ttl = ttl;
- dr.d_content = std::move(signature);
+ dr.setContent(std::move(signature));
dr.d_place = place;
dr.d_class = QClass::IN;
ret.push_back(std::move(dr));
}
}
-static void addRecordToRRSet(time_t now, const DNSName& owner, const QType& type, uint32_t ttl, std::shared_ptr<DNSRecordContent>& content, std::vector<std::shared_ptr<RRSIGRecordContent>> signatures, bool doDNSSEC, std::vector<DNSRecord>& ret)
+static void addRecordToRRSet(time_t now, const DNSName& owner, const QType& type, uint32_t ttl, std::shared_ptr<const DNSRecordContent>& content, std::vector<std::shared_ptr<const RRSIGRecordContent>> signatures, bool doDNSSEC, std::vector<DNSRecord>& ret)
{
DNSRecord nsecRec;
nsecRec.d_type = type.getCode();
nsecRec.d_name = owner;
nsecRec.d_ttl = ttl;
- nsecRec.d_content = std::move(content);
+ nsecRec.setContent(std::move(content));
nsecRec.d_place = DNSResourceRecord::AUTHORITY;
nsecRec.d_class = QClass::IN;
ret.push_back(std::move(nsecRec));
dr.d_type = QType::RRSIG;
dr.d_name = owner;
dr.d_ttl = ttl;
- dr.d_content = std::move(signature);
+ dr.setContent(std::move(signature));
dr.d_place = DNSResourceRecord::AUTHORITY;
dr.d_class = QClass::IN;
ret.push_back(std::move(dr));
vState cachedState;
std::vector<DNSRecord> wcSet;
- std::vector<std::shared_ptr<RRSIGRecordContent>> wcSignatures;
+ std::vector<std::shared_ptr<const RRSIGRecordContent>> wcSignatures;
if (g_recCache->get(now, wildcardName, type, MemRecursorCache::RequireAuth, &wcSet, ComboAddress("127.0.0.1"), boost::none, doDNSSEC ? &wcSignatures : nullptr, nullptr, nullptr, &cachedState) <= 0 || cachedState != vState::Secure) {
VLOG(log, name << ": Unfortunately we don't have a valid entry for " << wildcardName << ", so we cannot synthesize from that wildcard" << endl);
vState cachedState;
std::vector<DNSRecord> wcSet;
- std::vector<std::shared_ptr<RRSIGRecordContent>> wcSignatures;
+ std::vector<std::shared_ptr<const RRSIGRecordContent>> wcSignatures;
if (g_recCache->get(now, wildcardName, type, MemRecursorCache::RequireAuth, &wcSet, ComboAddress("127.0.0.1"), boost::none, doDNSSEC ? &wcSignatures : nullptr, nullptr, nullptr, &cachedState) <= 0 || cachedState != vState::Secure) {
VLOG(log, name << ": Unfortunately we don't have a valid entry for " << wildcardName << ", so we cannot synthesize from that wildcard" << endl);
return true;
}
-bool AggressiveNSECCache::getNSEC3Denial(time_t now, std::shared_ptr<LockGuarded<AggressiveNSECCache::ZoneEntry>>& zoneEntry, std::vector<DNSRecord>& soaSet, std::vector<std::shared_ptr<RRSIGRecordContent>>& soaSignatures, const DNSName& name, const QType& type, std::vector<DNSRecord>& ret, int& res, bool doDNSSEC, const OptLog& log)
+bool AggressiveNSECCache::getNSEC3Denial(time_t now, std::shared_ptr<LockGuarded<AggressiveNSECCache::ZoneEntry>>& zoneEntry, std::vector<DNSRecord>& soaSet, std::vector<std::shared_ptr<const RRSIGRecordContent>>& soaSignatures, const DNSName& name, const QType& type, std::vector<DNSRecord>& ret, int& res, bool doDNSSEC, const OptLog& log)
{
DNSName zone;
std::string salt;
ZoneEntry::CacheEntry exactNSEC3;
if (getNSEC3(now, zoneEntry, nameHash, exactNSEC3)) {
VLOG(log, name << ": Found a direct NSEC3 match for " << nameHash);
- auto nsec3 = std::dynamic_pointer_cast<NSEC3RecordContent>(exactNSEC3.d_record);
+ auto nsec3 = std::dynamic_pointer_cast<const NSEC3RecordContent>(exactNSEC3.d_record);
if (!nsec3 || nsec3->d_iterations != iterations || nsec3->d_salt != salt) {
VLOG_NO_PREFIX(log, " but the content is not valid, or has a different salt or iterations count" << endl);
return false;
if (getNSEC3(now, zoneEntry, closestHash, closestNSEC3)) {
VLOG(log, name << ": Found closest encloser at " << closestEncloser << " (" << closestHash << ")" << endl);
- auto nsec3 = std::dynamic_pointer_cast<NSEC3RecordContent>(closestNSEC3.d_record);
+ auto nsec3 = std::dynamic_pointer_cast<const NSEC3RecordContent>(closestNSEC3.d_record);
if (!nsec3 || nsec3->d_iterations != iterations || nsec3->d_salt != salt) {
VLOG_NO_PREFIX(log, " but the content is not valid, or has a different salt or iterations count" << endl);
break;
return false;
}
- auto nextCloserNsec3 = std::dynamic_pointer_cast<NSEC3RecordContent>(nextCloserEntry.d_record);
+ auto nextCloserNsec3 = std::dynamic_pointer_cast<const NSEC3RecordContent>(nextCloserEntry.d_record);
if (!nextCloserNsec3 || nextCloserNsec3->d_iterations != iterations || nextCloserNsec3->d_salt != salt) {
VLOG(log, name << ": The NSEC3 covering the next closer is not valid, or has a different salt or iterations count, bailing out" << endl);
return false;
if ((DNSName(wcHash) + zone) == wcEntry.d_owner) {
VLOG(log, name << ": Found an exact match for the wildcard");
- auto nsec3 = std::dynamic_pointer_cast<NSEC3RecordContent>(wcEntry.d_record);
+ auto nsec3 = std::dynamic_pointer_cast<const NSEC3RecordContent>(wcEntry.d_record);
if (!nsec3 || nsec3->d_iterations != iterations || nsec3->d_salt != salt) {
VLOG_NO_PREFIX(log, " but the content is not valid, or has a different salt or iterations count" << endl);
return false;
return false;
}
- auto nsec3 = std::dynamic_pointer_cast<NSEC3RecordContent>(wcEntry.d_record);
+ auto nsec3 = std::dynamic_pointer_cast<const NSEC3RecordContent>(wcEntry.d_record);
if (!nsec3 || nsec3->d_iterations != iterations || nsec3->d_salt != salt) {
VLOG(log, name << ": The content of the NSEC3 covering the wildcard is not valid, or has a different salt or iterations count" << endl);
return false;
vState cachedState;
std::vector<DNSRecord> soaSet;
- std::vector<std::shared_ptr<RRSIGRecordContent>> soaSignatures;
+ std::vector<std::shared_ptr<const RRSIGRecordContent>> soaSignatures;
/* we might not actually need the SOA if we find a matching wildcard, but let's not bother for now */
if (g_recCache->get(now, zone, QType::SOA, MemRecursorCache::RequireAuth, &soaSet, who, routingTag, doDNSSEC ? &soaSignatures : nullptr, nullptr, nullptr, &cachedState) <= 0 || cachedState != vState::Secure) {
VLOG(log, name << ": No valid SOA found for " << zone << ", which is the best match for " << name << endl);
return false;
}
- auto content = std::dynamic_pointer_cast<NSECRecordContent>(entry.d_record);
+ auto content = std::dynamic_pointer_cast<const NSECRecordContent>(entry.d_record);
if (!content) {
return false;
}
VLOG_NO_PREFIX(log, ": found a possible NSEC at " << wcEntry.d_owner << " ");
- auto nsecContent = std::dynamic_pointer_cast<NSECRecordContent>(wcEntry.d_record);
+ auto nsecContent = std::dynamic_pointer_cast<const NSECRecordContent>(wcEntry.d_record);
denial = matchesNSEC(wc, type.getCode(), wcEntry.d_owner, nsecContent, wcEntry.d_signatures, log);
if (denial == dState::NODENIAL || denial == dState::INCONCLUSIVE) {
return s_maxNSEC3CommonPrefix == 0;
}
- void insertNSEC(const DNSName& zone, const DNSName& owner, const DNSRecord& record, const std::vector<std::shared_ptr<RRSIGRecordContent>>& signatures, bool nsec3);
+ void insertNSEC(const DNSName& zone, const DNSName& owner, const DNSRecord& record, const std::vector<std::shared_ptr<const RRSIGRecordContent>>& signatures, bool nsec3);
bool getDenial(time_t, const DNSName& name, const QType& type, std::vector<DNSRecord>& ret, int& res, const ComboAddress& who, const boost::optional<std::string>& routingTag, bool doDNSSEC, const OptLog& log = std::nullopt);
void removeZoneInfo(const DNSName& zone, bool subzones);
struct CacheEntry
{
- std::shared_ptr<DNSRecordContent> d_record;
- std::vector<std::shared_ptr<RRSIGRecordContent>> d_signatures;
+ std::shared_ptr<const DNSRecordContent> d_record;
+ std::vector<std::shared_ptr<const RRSIGRecordContent>> d_signatures;
DNSName d_owner;
DNSName d_next;
std::shared_ptr<LockGuarded<ZoneEntry>> getBestZone(const DNSName& zone);
bool getNSECBefore(time_t now, std::shared_ptr<LockGuarded<ZoneEntry>>& zoneEntry, const DNSName& name, ZoneEntry::CacheEntry& entry);
bool getNSEC3(time_t now, std::shared_ptr<LockGuarded<ZoneEntry>>& zoneEntry, const DNSName& name, ZoneEntry::CacheEntry& entry);
- bool getNSEC3Denial(time_t now, std::shared_ptr<LockGuarded<ZoneEntry>>& zoneEntry, std::vector<DNSRecord>& soaSet, std::vector<std::shared_ptr<RRSIGRecordContent>>& soaSignatures, const DNSName& name, const QType& type, std::vector<DNSRecord>& ret, int& res, bool doDNSSEC, const OptLog&);
+ bool getNSEC3Denial(time_t now, std::shared_ptr<LockGuarded<ZoneEntry>>& zoneEntry, std::vector<DNSRecord>& soaSet, std::vector<std::shared_ptr<const RRSIGRecordContent>>& soaSignatures, const DNSName& name, const QType& type, std::vector<DNSRecord>& ret, int& res, bool doDNSSEC, const OptLog&);
bool synthesizeFromNSEC3Wildcard(time_t now, const DNSName& name, const QType& type, std::vector<DNSRecord>& ret, int& res, bool doDNSSEC, ZoneEntry::CacheEntry& nextCloser, const DNSName& wildcardName, const OptLog&);
bool synthesizeFromNSECWildcard(time_t now, const DNSName& name, const QType& type, std::vector<DNSRecord>& ret, int& res, bool doDNSSEC, ZoneEntry::CacheEntry& nsec, const DNSName& wildcardName, const OptLog&);
"kind", Logging::Loggable(getKindToString(d_kind)));
}
-DNSRecord DNSFilterEngine::Policy::getRecordFromCustom(const DNSName& qname, const std::shared_ptr<DNSRecordContent>& custom) const
+DNSRecord DNSFilterEngine::Policy::getRecordFromCustom(const DNSName& qname, const std::shared_ptr<const DNSRecordContent>& custom) const
{
DNSRecord dr;
dr.d_name = qname;
dr.d_ttl = d_ttl;
dr.d_class = QClass::IN;
dr.d_place = DNSResourceRecord::ANSWER;
- dr.d_content = custom;
+ dr.setContent(custom);
if (dr.d_type == QType::CNAME) {
- const auto content = std::dynamic_pointer_cast<CNAMERecordContent>(custom);
+ const auto content = std::dynamic_pointer_cast<const CNAMERecordContent>(custom);
if (content) {
DNSName target = content->getTarget();
if (target.isWildcard()) {
target.chopOff();
- dr.d_content = std::make_shared<CNAMERecordContent>(qname + target);
+ dr.setContent(std::make_shared<CNAMERecordContent>(qname + target));
}
}
}
dr.d_ttl = d_ttl;
dr.d_class = QClass::IN;
dr.d_place = DNSResourceRecord::ANSWER;
- dr.d_content = custom;
+ dr.setContent(custom);
if (dr.d_type == QType::CNAME) {
- const auto content = std::dynamic_pointer_cast<CNAMERecordContent>(custom);
+ const auto content = std::dynamic_pointer_cast<const CNAMERecordContent>(custom);
if (content) {
DNSName target = content->getTarget();
if (target.isWildcard()) {
target.chopOff();
- dr.d_content = std::make_shared<CNAMERecordContent>(qname + target);
+ dr.setContent(std::make_shared<CNAMERecordContent>(qname + target));
}
}
}
dr.d_ttl = static_cast<uint32_t>(d_ttl);
dr.d_type = QType::CNAME;
dr.d_class = QClass::IN;
- dr.d_content = DNSRecordContent::mastermake(QType::CNAME, QClass::IN, getKindToString(d_kind));
+ dr.setContent(DNSRecordContent::mastermake(QType::CNAME, QClass::IN, getKindToString(d_kind)));
result.push_back(std::move(dr));
}
{
auto records = pol.getRecords(name);
for (const auto& dr : records) {
- fprintf(fp, "%s %" PRIu32 " IN %s %s\n", dr.d_name.toString().c_str(), dr.d_ttl, QType(dr.d_type).toString().c_str(), dr.d_content->getZoneRepresentation().c_str());
+ fprintf(fp, "%s %" PRIu32 " IN %s %s\n", dr.d_name.toString().c_str(), dr.d_ttl, QType(dr.d_type).toString().c_str(), dr.getContent()->getZoneRepresentation().c_str());
}
}
auto records = pol.getRecords(full);
for (const auto& dr : records) {
- fprintf(fp, "%s %" PRIu32 " IN %s %s\n", dr.d_name.toString().c_str(), dr.d_ttl, QType(dr.d_type).toString().c_str(), dr.d_content->getZoneRepresentation().c_str());
+ fprintf(fp, "%s %" PRIu32 " IN %s %s\n", dr.d_name.toString().c_str(), dr.d_ttl, QType(dr.d_type).toString().c_str(), dr.getContent()->getZoneRepresentation().c_str());
}
}
{
}
- Policy(PolicyKind kind, PolicyType type, int32_t ttl = 0, std::shared_ptr<PolicyZoneData> data = nullptr, const std::vector<std::shared_ptr<DNSRecordContent>>& custom = {}) :
+ Policy(PolicyKind kind, PolicyType type, int32_t ttl = 0, std::shared_ptr<PolicyZoneData> data = nullptr, const std::vector<std::shared_ptr<const DNSRecordContent>>& custom = {}) :
d_custom(custom), d_zoneData(data), d_ttl(ttl), d_kind(kind), d_type(type)
{
}
std::vector<DNSRecord> getCustomRecords(const DNSName& qname, uint16_t qtype) const;
std::vector<DNSRecord> getRecords(const DNSName& qname) const;
- std::vector<std::shared_ptr<DNSRecordContent>> d_custom;
+ std::vector<std::shared_ptr<const DNSRecordContent>> d_custom;
std::shared_ptr<PolicyZoneData> d_zoneData{nullptr};
DNSName d_trigger;
string d_hit;
PolicyType d_type;
private:
- DNSRecord getRecordFromCustom(const DNSName& qname, const std::shared_ptr<DNSRecordContent>& custom) const;
+ DNSRecord getRecordFromCustom(const DNSName& qname, const std::shared_ptr<const DNSRecordContent>& custom) const;
};
class Zone
dr.d_ttl = ttl.get_value_or(3600);
dr.d_type = type;
dr.d_place = place;
- dr.d_content = DNSRecordContent::mastermake(type, QClass::IN, content);
+ dr.setContent(DNSRecordContent::mastermake(type, QClass::IN, content));
records.push_back(dr);
}
}
return std::string(option.values.at(0).content, option.values.at(0).size); });
- d_lw->registerFunction<string(DNSRecord::*)()>("getContent", [](const DNSRecord& dr) { return dr.d_content->getZoneRepresentation(); });
+ d_lw->registerFunction<string(DNSRecord::*)()>("getContent", [](const DNSRecord& dr) { return dr.getContent()->getZoneRepresentation(); });
d_lw->registerFunction<boost::optional<ComboAddress>(DNSRecord::*)()>("getCA", [](const DNSRecord& dr) {
boost::optional<ComboAddress> ret;
- if(auto rec = std::dynamic_pointer_cast<ARecordContent>(dr.d_content))
+ if(auto rec = getRR<ARecordContent>(dr))
ret=rec->getCA(53);
- else if(auto aaaarec = std::dynamic_pointer_cast<AAAARecordContent>(dr.d_content))
+ else if(auto aaaarec = getRR<AAAARecordContent>(dr))
ret=aaaarec->getCA(53);
return ret;
});
d_lw->registerFunction<const ProxyProtocolValue, std::string()>("getContent", [](const ProxyProtocolValue& value) { return value.content; });
d_lw->registerFunction<const ProxyProtocolValue, uint8_t()>("getType", [](const ProxyProtocolValue& value) { return value.type; });
- d_lw->registerFunction<void(DNSRecord::*)(const std::string&)>("changeContent", [](DNSRecord& dr, const std::string& newContent) { dr.d_content = DNSRecordContent::mastermake(dr.d_type, QClass::IN, newContent); });
+ d_lw->registerFunction<void(DNSRecord::*)(const std::string&)>("changeContent", [](DNSRecord& dr, const std::string& newContent) { dr.setContent(DNSRecordContent::mastermake(dr.d_type, QClass::IN, newContent)); });
d_lw->registerFunction("addAnswer", &DNSQuestion::addAnswer);
d_lw->registerFunction("addRecord", &DNSQuestion::addRecord);
d_lw->registerFunction("getRecords", &DNSQuestion::getRecords);
dr.d_type = type;
dr.d_class = QClass::IN;
dr.d_place = DNSResourceRecord::Place(place);
- dr.d_content = DNSRecordContent::mastermake(type, QClass::IN, std::string(content, contentSize));
+ dr.setContent(DNSRecordContent::mastermake(type, QClass::IN, std::string(content, contentSize)));
ref->params.records.push_back(std::move(dr));
return true;
record->name = ref->insert(std::move(name))->c_str();
}
if (raw) {
- auto content = ref->insert(r.d_content->serialize(r.d_name, true));
+ auto content = ref->insert(r.getContent()->serialize(r.d_name, true));
record->content = content->data();
record->content_len = content->size();
}
else {
- auto content = ref->insert(r.d_content->getZoneRepresentation());
+ auto content = ref->insert(r.getContent()->getZoneRepresentation());
record->content = content->data();
record->content_len = content->size();
}
try {
DNSRecord& r = ref->handle.d_dq.currentRecords->at(i);
if (raw) {
- r.d_content = DNSRecordContent::deserialize(r.d_name, r.d_type, string(content, contentLen));
+ r.setContent(DNSRecordContent::deserialize(r.d_name, r.d_type, string(content, contentLen)));
}
else {
- r.d_content = DNSRecordContent::mastermake(r.d_type, QClass::IN, string(content, contentLen));
+ r.setContent(DNSRecordContent::mastermake(r.d_type, QClass::IN, string(content, contentLen)));
}
return true;
dr.d_class = QClass::IN;
dr.d_place = DNSResourceRecord::Place(place);
if (raw) {
- dr.d_content = DNSRecordContent::deserialize(dr.d_name, dr.d_type, string(content, contentLen));
+ dr.setContent(DNSRecordContent::deserialize(dr.d_name, dr.d_type, string(content, contentLen)));
}
else {
- dr.d_content = DNSRecordContent::mastermake(type, QClass::IN, string(content, contentLen));
+ dr.setContent(DNSRecordContent::mastermake(type, QClass::IN, string(content, contentLen)));
}
ref->handle.d_dq.currentRecords->push_back(std::move(dr));
int64_t ttl = ne.d_ttd - now.tv_sec;
fprintf(fp.get(), "%s %" PRId64 " IN %s VIA %s ; (%s) origttl=%" PRIu32 " ss=%hu\n", ne.d_name.toString().c_str(), ttl, ne.d_qtype.toString().c_str(), ne.d_auth.toString().c_str(), vStateToString(ne.d_validationState).c_str(), ne.d_orig_ttl, ne.d_servedStale);
for (const auto& rec : ne.authoritySOA.records) {
- fprintf(fp.get(), "%s %" PRId64 " IN %s %s ; (%s)\n", rec.d_name.toString().c_str(), ttl, DNSRecordContent::NumberToType(rec.d_type).c_str(), rec.d_content->getZoneRepresentation().c_str(), vStateToString(ne.d_validationState).c_str());
+ fprintf(fp.get(), "%s %" PRId64 " IN %s %s ; (%s)\n", rec.d_name.toString().c_str(), ttl, DNSRecordContent::NumberToType(rec.d_type).c_str(), rec.getContent()->getZoneRepresentation().c_str(), vStateToString(ne.d_validationState).c_str());
}
for (const auto& sig : ne.authoritySOA.signatures) {
- fprintf(fp.get(), "%s %" PRId64 " IN RRSIG %s ;\n", sig.d_name.toString().c_str(), ttl, sig.d_content->getZoneRepresentation().c_str());
+ fprintf(fp.get(), "%s %" PRId64 " IN RRSIG %s ;\n", sig.d_name.toString().c_str(), ttl, sig.getContent()->getZoneRepresentation().c_str());
}
for (const auto& rec : ne.DNSSECRecords.records) {
- fprintf(fp.get(), "%s %" PRId64 " IN %s %s ; (%s)\n", rec.d_name.toString().c_str(), ttl, DNSRecordContent::NumberToType(rec.d_type).c_str(), rec.d_content->getZoneRepresentation().c_str(), vStateToString(ne.d_validationState).c_str());
+ fprintf(fp.get(), "%s %" PRId64 " IN %s %s ; (%s)\n", rec.d_name.toString().c_str(), ttl, DNSRecordContent::NumberToType(rec.d_type).c_str(), rec.getContent()->getZoneRepresentation().c_str(), vStateToString(ne.d_validationState).c_str());
}
for (const auto& sig : ne.DNSSECRecords.signatures) {
- fprintf(fp.get(), "%s %" PRId64 " IN RRSIG %s ;\n", sig.d_name.toString().c_str(), ttl, sig.d_content->getZoneRepresentation().c_str());
+ fprintf(fp.get(), "%s %" PRId64 " IN RRSIG %s ;\n", sig.d_name.toString().c_str(), ttl, sig.getContent()->getZoneRepresentation().c_str());
}
}
}
bool oldWantsRPZ = sr.getWantsRPZ();
sr.setWantsRPZ(false);
vector<DNSRecord> ans;
- res = sr.beginResolve(DNSName(spoofed.d_content->getZoneRepresentation()), qtype, QClass::IN, ans);
+ res = sr.beginResolve(DNSName(spoofed.getContent()->getZoneRepresentation()), qtype, QClass::IN, ans);
for (const auto& rec : ans) {
if (rec.d_place == DNSResourceRecord::ANSWER) {
ret.push_back(rec);
if (rec.d_type != QType::OPT) // their TTL ain't real
minTTL = min(minTTL, rec.d_ttl);
- rec.d_content->toPacket(pw);
+ rec.getContent()->toPacket(pw);
if (pw.size() > static_cast<size_t>(maxAnswerSize)) {
pw.rollback();
if (rec.d_place != DNSResourceRecord::ADDITIONAL) {
if (record.d_place == DNSResourceRecord::ANSWER || record.d_place == DNSResourceRecord::ADDITIONAL) {
// Create a string that represent a triplet of (qname, qtype and RR[type, name, content])
std::stringstream ss;
- ss << dname.toDNSStringLC() << ":" << qtype << ":" << qtype << ":" << record.d_type << ":" << record.d_name.toDNSStringLC() << ":" << record.d_content->getZoneRepresentation();
+ ss << dname.toDNSStringLC() << ":" << qtype << ":" << qtype << ":" << record.d_type << ":" << record.d_name.toDNSStringLC() << ":" << record.getContent()->getZoneRepresentation();
if (t_udrDBp && t_udrDBp->isUniqueResponse(ss.str())) {
if (g_udrLog) {
// This should also probably log to a dedicated file.
- SLOG(g_log << Logger::Notice << "Unique response observed: qname=" << dname << " qtype=" << QType(qtype) << " rrtype=" << QType(record.d_type) << " rrname=" << record.d_name << " rrcontent=" << record.d_content->getZoneRepresentation() << endl,
+ SLOG(g_log << Logger::Notice << "Unique response observed: qname=" << dname << " qtype=" << QType(qtype) << " rrtype=" << QType(record.d_type) << " rrname=" << record.d_name << " rrcontent=" << record.getContent()->getZoneRepresentation() << endl,
nodlogger->info(Logr::Debug, "New response observed",
"qtype", Logging::Loggable(QType(qtype)),
"rrtype", Logging::Loggable(QType(record.d_type)),
"rrname", Logging::Loggable(record.d_name),
- "rrcontent", Logging::Loggable(record.d_content->getZoneRepresentation())););
+ "rrcontent", Logging::Loggable(record.getContent()->getZoneRepresentation())););
}
ret = true;
}
if (auto rec = getRR<ARecordContent>(rr)) {
ComboAddress ipv4(rec->getCA());
memcpy(&prefix.sin6.sin6_addr.s6_addr[12], &ipv4.sin4.sin_addr.s_addr, sizeof(ipv4.sin4.sin_addr.s_addr));
- rr.d_content = std::make_shared<AAAARecordContent>(prefix);
+ rr.setContent(std::make_shared<AAAARecordContent>(prefix));
rr.d_type = QType::AAAA;
}
seenA = true;
DNSRecord rr;
rr.d_name = qname;
rr.d_type = QType::CNAME;
- rr.d_content = std::make_shared<CNAMERecordContent>(newquery);
+ rr.setContent(std::make_shared<CNAMERecordContent>(newquery));
ret.push_back(rr);
auto log = g_slog->withName("dns64")->withValues("method", Logging::Loggable("getPTR"));
size_t zoneIdx;
std::string dumpFile;
- std::shared_ptr<SOARecordContent> sr = nullptr;
+ std::shared_ptr<const SOARecordContent> sr = nullptr;
try {
std::string seedFile;
struct luaConfigDelayedThreads
{
// Please make sure that the tuple below only contains value types since they are used as parameters in a thread ct
- std::vector<std::tuple<std::vector<ComboAddress>, boost::optional<DNSFilterEngine::Policy>, bool, uint32_t, size_t, TSIGTriplet, size_t, ComboAddress, uint16_t, uint32_t, std::shared_ptr<SOARecordContent>, std::string>> rpzPrimaryThreads;
+ std::vector<std::tuple<std::vector<ComboAddress>, boost::optional<DNSFilterEngine::Policy>, bool, uint32_t, size_t, TSIGTriplet, size_t, ComboAddress, uint16_t, uint32_t, std::shared_ptr<const SOARecordContent>, std::string>> rpzPrimaryThreads;
};
void loadRecursorLuaConfig(const std::string& fname, luaConfigDelayedThreads& delayedThreads, ProxyMapping&);
switch (record.d_type) {
case QType::A: {
- const auto& content = dynamic_cast<const ARecordContent&>(*(record.d_content));
- ComboAddress data = content.getCA();
+ const auto& content = getRR<ARecordContent>(record);
+ if (!content) {
+ return;
+ }
+ ComboAddress data = content->getCA();
pbf_rr.add_bytes(static_cast<protozero::pbf_tag_type>(pdns::ProtoZero::Message::RRField::rdata), reinterpret_cast<const char*>(&data.sin4.sin_addr.s_addr), sizeof(data.sin4.sin_addr.s_addr));
break;
}
case QType::AAAA: {
- const auto& content = dynamic_cast<const AAAARecordContent&>(*(record.d_content));
- ComboAddress data = content.getCA();
+ const auto& content = getRR<AAAARecordContent>(record);
+ if (!content) {
+ return;
+ }
+ ComboAddress data = content->getCA();
pbf_rr.add_bytes(static_cast<protozero::pbf_tag_type>(pdns::ProtoZero::Message::RRField::rdata), reinterpret_cast<const char*>(&data.sin6.sin6_addr.s6_addr), sizeof(data.sin6.sin6_addr.s6_addr));
break;
}
case QType::CNAME: {
- const auto& content = dynamic_cast<const CNAMERecordContent&>(*(record.d_content));
- add(content.getTarget().toString());
+ const auto& content = getRR<CNAMERecordContent>(record);
+ if (!content) {
+ return;
+ }
+ add(content->getTarget().toString());
break;
}
case QType::TXT: {
- const auto& content = dynamic_cast<const TXTRecordContent&>(*(record.d_content));
- add(content.d_text);
+ const auto& content = getRR<TXTRecordContent>(record);
+ if (!content) {
+ return;
+ }
+ add(content->d_text);
break;
}
case QType::NS: {
- const auto& content = dynamic_cast<const NSRecordContent&>(*(record.d_content));
- add(content.getNS().toString());
+ const auto& content = getRR<NSRecordContent>(record);
+ if (!content) {
+ return;
+ }
+ add(content->getNS().toString());
break;
}
case QType::PTR: {
- const auto& content = dynamic_cast<const PTRRecordContent&>(*(record.d_content));
- add(content.getContent().toString());
+ const auto& content = getRR<PTRRecordContent>(record);
+ if (!content) {
+ return;
+ }
+ add(content->getContent().toString());
break;
}
case QType::MX: {
- const auto& content = dynamic_cast<const MXRecordContent&>(*(record.d_content));
- add(content.d_mxname.toString());
+ const auto& content = getRR<MXRecordContent>(record);
+ if (!content) {
+ return;
+ }
+ add(content->d_mxname.toString());
break;
}
case QType::SPF: {
- const auto& content = dynamic_cast<const SPFRecordContent&>(*(record.d_content));
- add(content.getText());
+ const auto& content = getRR<SPFRecordContent>(record);
+ if (!content) {
+ return;
+ }
+ add(content->getText());
break;
}
case QType::SRV: {
- const auto& content = dynamic_cast<const SRVRecordContent&>(*(record.d_content));
- add(content.d_target.toString());
+ const auto& content = getRR<SRVRecordContent>(record);
+ if (!content) {
+ return;
+ }
+ add(content->d_target.toString());
break;
}
default:
// Potentially the two fields below could be merged into a single map. ATM it is not clear to me
// if that would make the code easier to read.
std::map<pair<DNSName, QType>, vector<DNSRecord>> d_all;
- std::map<pair<DNSName, QType>, vector<shared_ptr<RRSIGRecordContent>>> d_sigs;
+ std::map<pair<DNSName, QType>, vector<shared_ptr<const RRSIGRecordContent>>> d_sigs;
// Maybe use a SuffixMatchTree?
std::set<DNSName> d_delegations;
found->second.push_back(rr);
}
else {
- vector<shared_ptr<RRSIGRecordContent>> sigsrr;
+ vector<shared_ptr<const RRSIGRecordContent>> sigsrr;
sigsrr.push_back(rr);
d_sigs.insert({sigkey, sigsrr});
}
case QType::RRSIG:
break;
default: {
- vector<shared_ptr<RRSIGRecordContent>> sigsrr;
+ vector<shared_ptr<const RRSIGRecordContent>> sigsrr;
auto it = d_sigs.find(key);
if (it != d_sigs.end()) {
sigsrr = it->second;
}
}
-time_t MemRecursorCache::handleHit(MapCombo::LockedContent& content, MemRecursorCache::OrderedTagIterator_t& entry, const DNSName& qname, uint32_t& origTTL, vector<DNSRecord>* res, vector<std::shared_ptr<RRSIGRecordContent>>* signatures, std::vector<std::shared_ptr<DNSRecord>>* authorityRecs, bool* variable, boost::optional<vState>& state, bool* wasAuth, DNSName* fromAuthZone, ComboAddress* fromAuthIP)
+time_t MemRecursorCache::handleHit(MapCombo::LockedContent& content, MemRecursorCache::OrderedTagIterator_t& entry, const DNSName& qname, uint32_t& origTTL, vector<DNSRecord>* res, vector<std::shared_ptr<const RRSIGRecordContent>>* signatures, std::vector<std::shared_ptr<DNSRecord>>* authorityRecs, bool* variable, boost::optional<vState>& state, bool* wasAuth, DNSName* fromAuthZone, ComboAddress* fromAuthIP)
{
// MUTEX SHOULD BE ACQUIRED (as indicated by the reference to the content which is protected by a lock)
time_t ttd = entry->d_ttd;
dr.d_name = qname;
dr.d_type = entry->d_qtype;
dr.d_class = QClass::IN;
- dr.d_content = k;
+ dr.setContent(k);
// coverity[store_truncates_time_t]
dr.d_ttl = static_cast<uint32_t>(entry->d_ttd);
dr.d_place = DNSResourceRecord::ANSWER;
return ttl;
}
// returns -1 for no hits
-time_t MemRecursorCache::get(time_t now, const DNSName& qname, const QType qt, Flags flags, vector<DNSRecord>* res, const ComboAddress& who, const OptTag& routingTag, vector<std::shared_ptr<RRSIGRecordContent>>* signatures, std::vector<std::shared_ptr<DNSRecord>>* authorityRecs, bool* variable, vState* state, bool* wasAuth, DNSName* fromAuthZone, ComboAddress* fromAuthIP)
+time_t MemRecursorCache::get(time_t now, const DNSName& qname, const QType qt, Flags flags, vector<DNSRecord>* res, const ComboAddress& who, const OptTag& routingTag, vector<std::shared_ptr<const RRSIGRecordContent>>* signatures, std::vector<std::shared_ptr<DNSRecord>>* authorityRecs, bool* variable, vState* state, bool* wasAuth, DNSName* fromAuthZone, ComboAddress* fromAuthIP)
{
bool requireAuth = flags & RequireAuth;
bool refresh = flags & Refresh;
return true;
}
-void MemRecursorCache::replace(time_t now, const DNSName& qname, const QType qt, const vector<DNSRecord>& content, const vector<shared_ptr<RRSIGRecordContent>>& signatures, const std::vector<std::shared_ptr<DNSRecord>>& authorityRecs, bool auth, const DNSName& authZone, boost::optional<Netmask> ednsmask, const OptTag& routingTag, vState state, boost::optional<ComboAddress> from, bool refresh)
+void MemRecursorCache::replace(time_t now, const DNSName& qname, const QType qt, const vector<DNSRecord>& content, const vector<shared_ptr<const RRSIGRecordContent>>& signatures, const std::vector<std::shared_ptr<DNSRecord>>& authorityRecs, bool auth, const DNSName& authZone, boost::optional<Netmask> ednsmask, const OptTag& routingTag, vState state, boost::optional<ComboAddress> from, bool refresh)
{
auto& mc = getMap(qname);
auto map = mc.lock();
prior to calling this function, so the TTL actually holds a TTD. */
ce.d_ttd = min(maxTTD, static_cast<time_t>(i.d_ttl)); // XXX this does weird things if TTLs differ in the set
ce.d_orig_ttl = ce.d_ttd - now;
- ce.d_records.push_back(i.d_content);
+ ce.d_records.push_back(i.getContent());
}
if (!isNew) {
static constexpr Flags Refresh = 1 << 1;
static constexpr Flags ServeStale = 1 << 2;
- time_t get(time_t, const DNSName& qname, const QType qt, Flags flags, vector<DNSRecord>* res, const ComboAddress& who, const OptTag& routingTag = boost::none, vector<std::shared_ptr<RRSIGRecordContent>>* signatures = nullptr, std::vector<std::shared_ptr<DNSRecord>>* authorityRecs = nullptr, bool* variable = nullptr, vState* state = nullptr, bool* wasAuth = nullptr, DNSName* fromAuthZone = nullptr, ComboAddress* fromAuthIP = nullptr);
+ time_t get(time_t, const DNSName& qname, const QType qt, Flags flags, vector<DNSRecord>* res, const ComboAddress& who, const OptTag& routingTag = boost::none, vector<std::shared_ptr<const RRSIGRecordContent>>* signatures = nullptr, std::vector<std::shared_ptr<DNSRecord>>* authorityRecs = nullptr, bool* variable = nullptr, vState* state = nullptr, bool* wasAuth = nullptr, DNSName* fromAuthZone = nullptr, ComboAddress* fromAuthIP = nullptr);
- void replace(time_t, const DNSName& qname, const QType qt, const vector<DNSRecord>& content, const vector<shared_ptr<RRSIGRecordContent>>& signatures, const std::vector<std::shared_ptr<DNSRecord>>& authorityRecs, bool auth, const DNSName& authZone, boost::optional<Netmask> ednsmask = boost::none, const OptTag& routingTag = boost::none, vState state = vState::Indeterminate, boost::optional<ComboAddress> from = boost::none, bool refresh = false);
+ void replace(time_t, const DNSName& qname, const QType qt, const vector<DNSRecord>& content, const vector<shared_ptr<const RRSIGRecordContent>>& signatures, const std::vector<std::shared_ptr<DNSRecord>>& authorityRecs, bool auth, const DNSName& authZone, boost::optional<Netmask> ednsmask = boost::none, const OptTag& routingTag = boost::none, vState state = vState::Indeterminate, boost::optional<ComboAddress> from = boost::none, bool refresh = false);
void doPrune(size_t keep);
uint64_t doDump(int fd, size_t maxCacheEntries);
{
}
- typedef vector<std::shared_ptr<DNSRecordContent>> records_t;
+ typedef vector<std::shared_ptr<const DNSRecordContent>> records_t;
bool isStale(time_t now) const
{
bool shouldReplace(time_t now, bool auth, vState state, bool refresh);
records_t d_records;
- std::vector<std::shared_ptr<RRSIGRecordContent>> d_signatures;
+ std::vector<std::shared_ptr<const RRSIGRecordContent>> d_signatures;
std::vector<std::shared_ptr<DNSRecord>> d_authorityRecs;
DNSName d_qname;
DNSName d_authZone;
Entries getEntries(MapCombo::LockedContent& content, const DNSName& qname, const QType qt, const OptTag& rtag);
cache_t::const_iterator getEntryUsingECSIndex(MapCombo::LockedContent& content, time_t now, const DNSName& qname, QType qtype, bool requireAuth, const ComboAddress& who, bool serveStale);
- time_t handleHit(MapCombo::LockedContent& content, OrderedTagIterator_t& entry, const DNSName& qname, uint32_t& origTTL, vector<DNSRecord>* res, vector<std::shared_ptr<RRSIGRecordContent>>* signatures, std::vector<std::shared_ptr<DNSRecord>>* authorityRecs, bool* variable, boost::optional<vState>& state, bool* wasAuth, DNSName* authZone, ComboAddress* fromAuthIP);
+ time_t handleHit(MapCombo::LockedContent& content, OrderedTagIterator_t& entry, const DNSName& qname, uint32_t& origTTL, vector<DNSRecord>* res, vector<std::shared_ptr<const RRSIGRecordContent>>* signatures, std::vector<std::shared_ptr<DNSRecord>>* authorityRecs, bool* variable, boost::optional<vState>& state, bool* wasAuth, DNSName* authZone, ComboAddress* fromAuthIP);
void updateStaleEntry(time_t now, OrderedTagIterator_t& entry);
void handleServeStaleBookkeeping(time_t, bool, OrderedTagIterator_t&);
dr.d_place = DNSResourceRecord::ANSWER;
dr.d_ttl = 86400;
dr.d_type = QType::SOA;
- dr.d_content = DNSRecordContent::mastermake(QType::SOA, 1, "localhost. root 1 604800 86400 2419200 604800");
+ dr.setContent(DNSRecordContent::mastermake(QType::SOA, 1, "localhost. root 1 604800 86400 2419200 604800"));
SyncRes::AuthDomain ad;
ad.d_rdForward = false;
ad.d_records.insert(dr);
dr.d_type = QType::NS;
- dr.d_content = std::make_shared<NSRecordContent>(content);
+ dr.setContent(std::make_shared<NSRecordContent>(content));
ad.d_records.insert(dr);
return ad;
auto recType = address.isIPv6() ? QType::AAAA : QType::A;
dr.d_type = recType;
dr.d_ttl = 86400;
- dr.d_content = DNSRecordContent::mastermake(recType, QClass::IN, address.toStringNoInterface());
+ dr.setContent(DNSRecordContent::mastermake(recType, QClass::IN, address.toStringNoInterface()));
entry->second.d_records.insert(dr);
}
// Add a PTR entry for the primary name for reverse lookups.
dr.d_type = QType::PTR;
- dr.d_content = DNSRecordContent::mastermake(QType::PTR, 1, DNSName(canonicalHostname).toString());
+ dr.setContent(DNSRecordContent::mastermake(QType::PTR, 1, DNSName(canonicalHostname).toString()));
ad.d_records.insert(dr);
addToDomainMap(newMap, ad, dr.d_name, log, false, true);
templ[sizeof(templ) - 1] = '\0';
*templ = c;
aaaarr.d_name = arr.d_name = DNSName(templ);
- nsrr.d_content = std::make_shared<NSRecordContent>(DNSName(templ));
- arr.d_content = std::make_shared<ARecordContent>(ComboAddress(rootIps4[c - 'a']));
+ nsrr.setContent(std::make_shared<NSRecordContent>(DNSName(templ)));
+ arr.setContent(std::make_shared<ARecordContent>(ComboAddress(rootIps4[c - 'a'])));
vector<DNSRecord> aset;
aset.push_back(arr);
/*
* all root-server.net names will be marked auth and will expire at the same time. A re-prime is then triggered,
* as before, when the records were inserted with the auth bit set and the TTD comes.
*/
- g_recCache->replace(now, DNSName(templ), QType(QType::A), aset, vector<std::shared_ptr<RRSIGRecordContent>>(), vector<std::shared_ptr<DNSRecord>>(), false, g_rootdnsname, boost::none, boost::none, validationState, from); // auth, nuke it all
+ g_recCache->replace(now, DNSName(templ), QType(QType::A), aset, vector<std::shared_ptr<const RRSIGRecordContent>>(), vector<std::shared_ptr<DNSRecord>>(), false, g_rootdnsname, boost::none, boost::none, validationState, from); // auth, nuke it all
if (rootIps6[c - 'a'] != NULL) {
- aaaarr.d_content = std::make_shared<AAAARecordContent>(ComboAddress(rootIps6[c - 'a']));
+ aaaarr.setContent(std::make_shared<AAAARecordContent>(ComboAddress(rootIps6[c - 'a'])));
vector<DNSRecord> aaaaset;
aaaaset.push_back(aaaarr);
- g_recCache->replace(now, DNSName(templ), QType(QType::AAAA), aaaaset, vector<std::shared_ptr<RRSIGRecordContent>>(), vector<std::shared_ptr<DNSRecord>>(), false, g_rootdnsname, boost::none, boost::none, validationState, from);
+ g_recCache->replace(now, DNSName(templ), QType(QType::AAAA), aaaaset, vector<std::shared_ptr<const RRSIGRecordContent>>(), vector<std::shared_ptr<DNSRecord>>(), false, g_rootdnsname, boost::none, boost::none, validationState, from);
}
nsset.push_back(nsrr);
seenA.insert(rr.qname);
vector<DNSRecord> aset;
aset.push_back(DNSRecord(rr));
- g_recCache->replace(now, rr.qname, QType(QType::A), aset, vector<std::shared_ptr<RRSIGRecordContent>>(), vector<std::shared_ptr<DNSRecord>>(), true, g_rootdnsname, boost::none, boost::none, validationState, from); // auth, etc see above
+ g_recCache->replace(now, rr.qname, QType(QType::A), aset, vector<std::shared_ptr<const RRSIGRecordContent>>(), vector<std::shared_ptr<DNSRecord>>(), true, g_rootdnsname, boost::none, boost::none, validationState, from); // auth, etc see above
}
else if (rr.qtype.getCode() == QType::AAAA) {
seenAAAA.insert(rr.qname);
vector<DNSRecord> aaaaset;
aaaaset.push_back(DNSRecord(rr));
- g_recCache->replace(now, rr.qname, QType(QType::AAAA), aaaaset, vector<std::shared_ptr<RRSIGRecordContent>>(), vector<std::shared_ptr<DNSRecord>>(), true, g_rootdnsname, boost::none, boost::none, validationState, from);
+ g_recCache->replace(now, rr.qname, QType(QType::AAAA), aaaaset, vector<std::shared_ptr<const RRSIGRecordContent>>(), vector<std::shared_ptr<DNSRecord>>(), true, g_rootdnsname, boost::none, boost::none, validationState, from);
}
else if (rr.qtype.getCode() == QType::NS) {
seenNS.insert(DNSName(rr.content));
}
g_recCache->doWipeCache(g_rootdnsname, false, QType::NS);
- g_recCache->replace(now, g_rootdnsname, QType(QType::NS), nsset, vector<std::shared_ptr<RRSIGRecordContent>>(), vector<std::shared_ptr<DNSRecord>>(), false, g_rootdnsname, boost::none, boost::none, validationState, from); // and stuff in the cache
+ g_recCache->replace(now, g_rootdnsname, QType(QType::NS), nsset, vector<std::shared_ptr<const RRSIGRecordContent>>(), vector<std::shared_ptr<DNSRecord>>(), false, g_rootdnsname, boost::none, boost::none, validationState, from); // and stuff in the cache
return true;
}
}
else {
pol.d_kind = DNSFilterEngine::PolicyKind::Custom;
- pol.d_custom.emplace_back(dr.d_content);
+ pol.d_custom.emplace_back(dr.getContent());
// cerr<<"Wants custom "<<crcTarget<<" for "<<dr.d_name<<": ";
}
}
}
else {
pol.d_kind = DNSFilterEngine::PolicyKind::Custom;
- pol.d_custom.emplace_back(dr.d_content);
+ pol.d_custom.emplace_back(dr.getContent());
// cerr<<"Wants custom "<<dr.d_content->getZoneRepresentation()<<" for "<<dr.d_name<<": ";
}
}
}
}
-static shared_ptr<SOARecordContent> loadRPZFromServer(Logr::log_t plogger, const ComboAddress& primary, const DNSName& zoneName, std::shared_ptr<DNSFilterEngine::Zone> zone, const boost::optional<DNSFilterEngine::Policy>& defpol, bool defpolOverrideLocal, uint32_t maxTTL, const TSIGTriplet& tt, size_t maxReceivedBytes, const ComboAddress& localAddress, uint16_t axfrTimeout)
+static shared_ptr<const SOARecordContent> loadRPZFromServer(Logr::log_t plogger, const ComboAddress& primary, const DNSName& zoneName, std::shared_ptr<DNSFilterEngine::Zone> zone, const boost::optional<DNSFilterEngine::Policy>& defpol, bool defpolOverrideLocal, uint32_t maxTTL, const TSIGTriplet& tt, size_t maxReceivedBytes, const ComboAddress& localAddress, uint16_t axfrTimeout)
{
auto logger = plogger->withValues("primary", Logging::Loggable(primary));
time_t last = 0;
time_t axfrStart = time(nullptr);
time_t axfrNow = time(nullptr);
- shared_ptr<SOARecordContent> sr;
+ shared_ptr<const SOARecordContent> sr;
while (axfr.getChunk(nop, &chunk, (axfrStart + axfrTimeout - axfrNow))) {
for (auto& dr : chunk) {
if (dr.d_type == QType::NS || dr.d_type == QType::TSIG) {
}
// this function is silent - you do the logging
-std::shared_ptr<SOARecordContent> loadRPZFromFile(const std::string& fname, std::shared_ptr<DNSFilterEngine::Zone> zone, const boost::optional<DNSFilterEngine::Policy>& defpol, bool defpolOverrideLocal, uint32_t maxTTL)
+std::shared_ptr<const SOARecordContent> loadRPZFromFile(const std::string& fname, std::shared_ptr<DNSFilterEngine::Zone> zone, const boost::optional<DNSFilterEngine::Policy>& defpol, bool defpolOverrideLocal, uint32_t maxTTL)
{
- shared_ptr<SOARecordContent> sr = nullptr;
+ shared_ptr<const SOARecordContent> sr = nullptr;
ZoneParserTNG zpt(fname);
zpt.setMaxGenerateSteps(::arg().asNum("max-generate-steps"));
zpt.setMaxIncludes(::arg().asNum("max-include-depth"));
return true;
}
-void RPZIXFRTracker(const std::vector<ComboAddress>& primaries, const boost::optional<DNSFilterEngine::Policy>& defpol, bool defpolOverrideLocal, uint32_t maxTTL, size_t zoneIdx, const TSIGTriplet& tt, size_t maxReceivedBytes, const ComboAddress& localAddress, const uint16_t xfrTimeout, const uint32_t refreshFromConf, std::shared_ptr<SOARecordContent> sr, const std::string& dumpZoneFileName, uint64_t configGeneration)
+void RPZIXFRTracker(const std::vector<ComboAddress>& primaries, const boost::optional<DNSFilterEngine::Policy>& defpol, bool defpolOverrideLocal, uint32_t maxTTL, size_t zoneIdx, const TSIGTriplet& tt, size_t maxReceivedBytes, const ComboAddress& localAddress, const uint16_t xfrTimeout, const uint32_t refreshFromConf, std::shared_ptr<const SOARecordContent> sr, const std::string& dumpZoneFileName, uint64_t configGeneration)
{
setThreadName("rec/rpzixfr");
bool isPreloaded = sr != nullptr;
for (;;) {
DNSRecord dr;
- dr.d_content = sr;
+ dr.setContent(sr);
if (skipRefreshDelay) {
skipRefreshDelay = false;
/* we need to make a _full copy_ of the zone we are going to work on */
std::shared_ptr<DNSFilterEngine::Zone> newZone = std::make_shared<DNSFilterEngine::Zone>(*oldZone);
/* initialize the current serial to the last one */
- std::shared_ptr<SOARecordContent> currentSR = sr;
+ std::shared_ptr<const SOARecordContent> currentSR = sr;
int totremove = 0, totadd = 0;
bool fullUpdate = false;
extern bool g_logRPZChanges;
-std::shared_ptr<SOARecordContent> loadRPZFromFile(const std::string& fname, std::shared_ptr<DNSFilterEngine::Zone> zone, const boost::optional<DNSFilterEngine::Policy>& defpol, bool defpolOverrideLocal, uint32_t maxTTL);
-void RPZIXFRTracker(const std::vector<ComboAddress>& primaries, const boost::optional<DNSFilterEngine::Policy>& defpol, bool defpolOverrideLocal, uint32_t maxTTL, size_t zoneIdx, const TSIGTriplet& tt, size_t maxReceivedBytes, const ComboAddress& localAddress, const uint16_t xfrTimeout, const uint32_t reloadFromConf, shared_ptr<SOARecordContent> sr, const std::string& dumpZoneFileName, uint64_t configGeneration);
+std::shared_ptr<const SOARecordContent> loadRPZFromFile(const std::string& fname, std::shared_ptr<DNSFilterEngine::Zone> zone, const boost::optional<DNSFilterEngine::Policy>& defpol, bool defpolOverrideLocal, uint32_t maxTTL);
+void RPZIXFRTracker(const std::vector<ComboAddress>& primaries, const boost::optional<DNSFilterEngine::Policy>& defpol, bool defpolOverrideLocal, uint32_t maxTTL, size_t zoneIdx, const TSIGTriplet& tt, size_t maxReceivedBytes, const ComboAddress& localAddress, const uint16_t xfrTimeout, const uint32_t reloadFromConf, shared_ptr<const SOARecordContent> sr, const std::string& dumpZoneFileName, uint64_t configGeneration);
struct rpzStats
{
dr.d_ttl = 86400;
for (const auto& ans : answers) {
dr.d_type = ans.first;
- dr.d_content = DNSRecordContent::mastermake(ans.first, qclass, ans.second);
+ dr.setContent(DNSRecordContent::mastermake(ans.first, qclass, ans.second));
ret.push_back(dr);
}
}
}
vector<DNSRecord> cset;
- vector<std::shared_ptr<RRSIGRecordContent>> signatures;
+ vector<std::shared_ptr<const RRSIGRecordContent>> signatures;
vector<std::shared_ptr<DNSRecord>> authorityRecs;
bool wasAuth;
uint32_t capTTL = std::numeric_limits<uint32_t>::max();
}
}
- LOG(prefix << qname << ": Found cache " << foundQT.toString() << " hit for '" << foundName << "|" << foundQT.toString() << "' to '" << record.d_content->getZoneRepresentation() << "', validation state is " << context.state << endl);
+ LOG(prefix << qname << ": Found cache " << foundQT.toString() << " hit for '" << foundName << "|" << foundQT.toString() << "' to '" << record.getContent()->getZoneRepresentation() << "', validation state is " << context.state << endl);
DNSRecord dr = record;
dr.d_ttl -= d_now.tv_sec;
sigdr.d_type = QType::RRSIG;
sigdr.d_name = foundName;
sigdr.d_ttl = ttl;
- sigdr.d_content = signature;
+ sigdr.setContent(signature);
sigdr.d_place = DNSResourceRecord::ANSWER;
sigdr.d_class = QClass::IN;
ret.push_back(sigdr);
dr.d_type = QType::CNAME;
dr.d_name = targetPrefix + foundName;
newTarget = targetPrefix + dnameSuffix;
- dr.d_content = std::make_shared<CNAMERecordContent>(CNAMERecordContent(newTarget));
+ dr.setContent(std::make_shared<CNAMERecordContent>(CNAMERecordContent(newTarget)));
ret.push_back(dr);
}
catch (const std::exception& e) {
struct CacheEntry
{
vector<DNSRecord> records;
- vector<shared_ptr<RRSIGRecordContent>> signatures;
+ vector<shared_ptr<const RRSIGRecordContent>> signatures;
uint32_t signaturesTTL{std::numeric_limits<uint32_t>::max()};
};
struct CacheKey
return std::tie(type, place, name) < std::tie(rhs.type, rhs.place, rhs.name);
}
};
-typedef map<CacheKey, CacheEntry> tcache_t;
+using tcache_t = map<CacheKey, CacheEntry>;
}
static void reapRecordsFromNegCacheEntryForValidation(tcache_t& tcache, const vector<DNSRecord>& records)
}
}
-static void reapSignaturesForValidation(std::map<QType, CacheEntry>& entries, const vector<std::shared_ptr<RRSIGRecordContent>>& signatures)
+static void reapSignaturesForValidation(std::map<QType, CacheEntry>& entries, const vector<std::shared_ptr<const RRSIGRecordContent>>& signatures)
{
for (const auto& sig : signatures) {
entries[sig->d_type].signatures.push_back(sig);
vector<DNSRecord> cset;
bool found = false, expired = false;
- vector<std::shared_ptr<RRSIGRecordContent>> signatures;
+ vector<std::shared_ptr<const RRSIGRecordContent>> signatures;
vector<std::shared_ptr<DNSRecord>> authorityRecs;
uint32_t ttl = 0;
uint32_t capTTL = std::numeric_limits<uint32_t>::max();
for (auto j = cset.cbegin(); j != cset.cend(); ++j) {
- LOG(j->d_content->getZoneRepresentation());
+ LOG(j->getContent()->getZoneRepresentation());
if (j->d_class != QClass::IN) {
continue;
dr.d_type = QType::RRSIG;
dr.d_name = sqname;
dr.d_ttl = ttl;
- dr.d_content = signature;
+ dr.setContent(signature);
dr.d_place = DNSResourceRecord::ANSWER;
dr.d_class = QClass::IN;
ret.push_back(dr);
return nameservers;
}
-static uint32_t getRRSIGTTL(const time_t now, const std::shared_ptr<RRSIGRecordContent>& rrsig)
+static uint32_t getRRSIGTTL(const time_t now, const std::shared_ptr<const RRSIGRecordContent>& rrsig)
{
uint32_t res = 0;
if (now < rrsig->d_sigexpire) {
}
}
for (const auto& rec : ne.DNSSECRecords.records) {
- cspmap[{rec.d_name, rec.d_type}].records.insert(rec.d_content);
+ cspmap[{rec.d_name, rec.d_type}].records.insert(rec.getContent());
}
return cspmap;
}
return g_dnssecmode != DNSSECMode::Off && g_dnssecmode != DNSSECMode::ProcessNoValidate;
}
-uint32_t SyncRes::computeLowestTTD(const std::vector<DNSRecord>& records, const std::vector<std::shared_ptr<RRSIGRecordContent>>& signatures, uint32_t signaturesTTL, const std::vector<std::shared_ptr<DNSRecord>>& authorityRecs) const
+uint32_t SyncRes::computeLowestTTD(const std::vector<DNSRecord>& records, const std::vector<std::shared_ptr<const RRSIGRecordContent>>& signatures, uint32_t signaturesTTL, const std::vector<std::shared_ptr<DNSRecord>>& authorityRecs) const
{
uint32_t lowestTTD = std::numeric_limits<uint32_t>::max();
for (const auto& record : records) {
return result;
}
-vState SyncRes::validateDNSKeys(const DNSName& zone, const std::vector<DNSRecord>& dnskeys, const std::vector<std::shared_ptr<RRSIGRecordContent>>& signatures, unsigned int depth, const string& prefix)
+vState SyncRes::validateDNSKeys(const DNSName& zone, const std::vector<DNSRecord>& dnskeys, const std::vector<std::shared_ptr<const RRSIGRecordContent>>& signatures, unsigned int depth, const string& prefix)
{
dsmap_t ds;
if (signatures.empty()) {
return vState::BogusUnableToGetDNSKEYs;
}
-vState SyncRes::validateRecordsWithSigs(unsigned int depth, const string& prefix, const DNSName& qname, const QType qtype, const DNSName& name, const QType type, const std::vector<DNSRecord>& records, const std::vector<std::shared_ptr<RRSIGRecordContent>>& signatures)
+vState SyncRes::validateRecordsWithSigs(unsigned int depth, const string& prefix, const DNSName& qname, const QType qtype, const DNSName& name, const QType type, const std::vector<DNSRecord>& records, const std::vector<std::shared_ptr<const RRSIGRecordContent>>& signatures)
{
skeyset_t keys;
if (signatures.empty()) {
sortedRecords_t recordcontents;
for (const auto& record : records) {
- recordcontents.insert(record.d_content);
+ recordcontents.insert(record.getContent());
}
LOG(prefix << name << ": Going to validate " << recordcontents.size() << " record contents with " << signatures.size() << " sigs and " << keys.size() << " keys for " << name << "|" << type.toString() << endl);
}
if (!rec->d_name.isPartOf(auth)) {
- LOG(prefix << qname << ": Removing record '" << rec->d_name << "|" << DNSRecordContent::NumberToType(rec->d_type) << "|" << rec->d_content->getZoneRepresentation() << "' in the " << (int)rec->d_place << " section received from " << auth << endl);
+ LOG(prefix << qname << ": Removing record '" << rec->d_name << "|" << DNSRecordContent::NumberToType(rec->d_type) << "|" << rec->getContent()->getZoneRepresentation() << "' in the " << (int)rec->d_place << " section received from " << auth << endl);
rec = lwr.d_records.erase(rec);
continue;
}
/* for now we allow a CNAME for the exact qname in ANSWER with AA=0, because Amazon DNS servers
are sending such responses */
if (!(rec->d_type == QType::CNAME && qname == rec->d_name)) {
- LOG(prefix << qname << ": Removing record '" << rec->d_name << "|" << DNSRecordContent::NumberToType(rec->d_type) << "|" << rec->d_content->getZoneRepresentation() << "' in the answer section without the AA bit set received from " << auth << endl);
+ LOG(prefix << qname << ": Removing record '" << rec->d_name << "|" << DNSRecordContent::NumberToType(rec->d_type) << "|" << rec->getContent()->getZoneRepresentation() << "' in the answer section without the AA bit set received from " << auth << endl);
rec = lwr.d_records.erase(rec);
continue;
}
}
if (rec->d_type == QType::DNAME && (rec->d_place != DNSResourceRecord::ANSWER || !qname.isPartOf(rec->d_name))) {
- LOG(prefix << qname << ": Removing invalid DNAME record '" << rec->d_name << "|" << DNSRecordContent::NumberToType(rec->d_type) << "|" << rec->d_content->getZoneRepresentation() << "' in the " << (int)rec->d_place << " section received from " << auth << endl);
+ LOG(prefix << qname << ": Removing invalid DNAME record '" << rec->d_name << "|" << DNSRecordContent::NumberToType(rec->d_type) << "|" << rec->getContent()->getZoneRepresentation() << "' in the " << (int)rec->d_place << " section received from " << auth << endl);
rec = lwr.d_records.erase(rec);
continue;
}
if (rec->d_place == DNSResourceRecord::ANSWER && (qtype != QType::ANY && rec->d_type != qtype.getCode() && s_redirectionQTypes.count(rec->d_type) == 0 && rec->d_type != QType::SOA && rec->d_type != QType::RRSIG)) {
- LOG(prefix << qname << ": Removing irrelevant record '" << rec->d_name << "|" << DNSRecordContent::NumberToType(rec->d_type) << "|" << rec->d_content->getZoneRepresentation() << "' in the ANSWER section received from " << auth << endl);
+ LOG(prefix << qname << ": Removing irrelevant record '" << rec->d_name << "|" << DNSRecordContent::NumberToType(rec->d_type) << "|" << rec->getContent()->getZoneRepresentation() << "' in the ANSWER section received from " << auth << endl);
rec = lwr.d_records.erase(rec);
continue;
}
/* dealing with the records in authority */
if (rec->d_place == DNSResourceRecord::AUTHORITY && rec->d_type != QType::NS && rec->d_type != QType::DS && rec->d_type != QType::SOA && rec->d_type != QType::RRSIG && rec->d_type != QType::NSEC && rec->d_type != QType::NSEC3) {
- LOG(prefix << qname << ": Removing irrelevant record '" << rec->d_name << "|" << DNSRecordContent::NumberToType(rec->d_type) << "|" << rec->d_content->getZoneRepresentation() << "' in the AUTHORITY section received from " << auth << endl);
+ LOG(prefix << qname << ": Removing irrelevant record '" << rec->d_name << "|" << DNSRecordContent::NumberToType(rec->d_type) << "|" << rec->getContent()->getZoneRepresentation() << "' in the AUTHORITY section received from " << auth << endl);
rec = lwr.d_records.erase(rec);
continue;
}
if (rec->d_place == DNSResourceRecord::AUTHORITY && rec->d_type == QType::SOA) {
if (!qname.isPartOf(rec->d_name)) {
- LOG(prefix << qname << ": Removing irrelevant SOA record '" << rec->d_name << "|" << rec->d_content->getZoneRepresentation() << "' in the AUTHORITY section received from " << auth << endl);
+ LOG(prefix << qname << ": Removing irrelevant SOA record '" << rec->d_name << "|" << rec->getContent()->getZoneRepresentation() << "' in the AUTHORITY section received from " << auth << endl);
rec = lwr.d_records.erase(rec);
continue;
}
if (!(lwr.d_aabit || wasForwardRecurse)) {
- LOG(prefix << qname << ": Removing irrelevant record '" << rec->d_name << "|" << DNSRecordContent::NumberToType(rec->d_type) << "|" << rec->d_content->getZoneRepresentation() << "' in the AUTHORITY section received from " << auth << endl);
+ LOG(prefix << qname << ": Removing irrelevant record '" << rec->d_name << "|" << DNSRecordContent::NumberToType(rec->d_type) << "|" << rec->getContent()->getZoneRepresentation() << "' in the AUTHORITY section received from " << auth << endl);
rec = lwr.d_records.erase(rec);
continue;
}
* because they are somewhat easy to insert into a large, fragmented UDP response
* for an off-path attacker by injecting spoofed UDP fragments. So do not add these to allowedAdditionals.
*/
- LOG(prefix << qname << ": Removing NS record '" << rec->d_name << "|" << DNSRecordContent::NumberToType(rec->d_type) << "|" << rec->d_content->getZoneRepresentation() << "' in the " << (int)rec->d_place << " section of a " << (isNXDomain ? "NXD" : "NXQTYPE") << " response received from " << auth << endl);
+ LOG(prefix << qname << ": Removing NS record '" << rec->d_name << "|" << DNSRecordContent::NumberToType(rec->d_type) << "|" << rec->getContent()->getZoneRepresentation() << "' in the " << (int)rec->d_place << " section of a " << (isNXDomain ? "NXD" : "NXQTYPE") << " response received from " << auth << endl);
rec = lwr.d_records.erase(rec);
continue;
}
* We don't want to pick up root NS records in AUTHORITY and their associated ADDITIONAL sections of random queries.
* So don't add them to allowedAdditionals.
*/
- LOG(prefix << qname << ": Removing NS record '" << rec->d_name << "|" << DNSRecordContent::NumberToType(rec->d_type) << "|" << rec->d_content->getZoneRepresentation() << "' in the " << (int)rec->d_place << " section of a response received from " << auth << endl);
+ LOG(prefix << qname << ": Removing NS record '" << rec->d_name << "|" << DNSRecordContent::NumberToType(rec->d_type) << "|" << rec->getContent()->getZoneRepresentation() << "' in the " << (int)rec->d_place << " section of a response received from " << auth << endl);
rec = lwr.d_records.erase(rec);
continue;
}
/* dealing with the records in additional */
if (rec->d_place == DNSResourceRecord::ADDITIONAL && rec->d_type != QType::A && rec->d_type != QType::AAAA && rec->d_type != QType::RRSIG) {
- LOG(prefix << qname << ": Removing irrelevant record '" << rec->d_name << "|" << DNSRecordContent::NumberToType(rec->d_type) << "|" << rec->d_content->getZoneRepresentation() << "' in the ADDITIONAL section received from " << auth << endl);
+ LOG(prefix << qname << ": Removing irrelevant record '" << rec->d_name << "|" << DNSRecordContent::NumberToType(rec->d_type) << "|" << rec->getContent()->getZoneRepresentation() << "' in the ADDITIONAL section received from " << auth << endl);
rec = lwr.d_records.erase(rec);
continue;
}
if (rec->d_place == DNSResourceRecord::ADDITIONAL && allowedAdditionals.count(rec->d_name) == 0) {
- LOG(prefix << qname << ": Removing irrelevant additional record '" << rec->d_name << "|" << DNSRecordContent::NumberToType(rec->d_type) << "|" << rec->d_content->getZoneRepresentation() << "' in the ADDITIONAL section received from " << auth << endl);
+ LOG(prefix << qname << ": Removing irrelevant additional record '" << rec->d_name << "|" << DNSRecordContent::NumberToType(rec->d_type) << "|" << rec->getContent()->getZoneRepresentation() << "' in the ADDITIONAL section received from " << auth << endl);
rec = lwr.d_records.erase(rec);
continue;
}
continue;
}
- LOG(prefix << qname << ": Accept answer '" << rec.d_name << "|" << DNSRecordContent::NumberToType(rec.d_type) << "|" << rec.d_content->getZoneRepresentation() << "' from '" << auth << "' nameservers? ttl=" << rec.d_ttl << ", place=" << (int)rec.d_place << " ");
+ LOG(prefix << qname << ": Accept answer '" << rec.d_name << "|" << DNSRecordContent::NumberToType(rec.d_type) << "|" << rec.getContent()->getZoneRepresentation() << "' from '" << auth << "' nameservers? ttl=" << rec.d_ttl << ", place=" << (int)rec.d_place << " ");
// We called sanitizeRecords before, so all ANY, non-IN and non-aa/non-forwardrecurse answer records are already removed
}
// for ANY answers we *must* have an authoritative answer, unless we are forwarding recursively
else if (rec.d_place == DNSResourceRecord::ANSWER && rec.d_name == qname && (rec.d_type == qtype.getCode() || ((lwr.d_aabit || sendRDQuery) && qtype == QType::ANY))) {
- LOG(prefix << qname << ": Answer is in: resolved to '" << rec.d_content->getZoneRepresentation() << "|" << DNSRecordContent::NumberToType(rec.d_type) << "'" << endl);
+ LOG(prefix << qname << ": Answer is in: resolved to '" << rec.getContent()->getZoneRepresentation() << "|" << DNSRecordContent::NumberToType(rec.d_type) << "'" << endl);
done = true;
rcode = RCode::NoError;
else if (rec.d_place == DNSResourceRecord::AUTHORITY && rec.d_type == QType::NS && qname.isPartOf(rec.d_name)) {
if (moreSpecificThan(rec.d_name, auth)) {
newauth = rec.d_name;
- LOG(prefix << qname << ": Got NS record '" << rec.d_name << "' -> '" << rec.d_content->getZoneRepresentation() << "'" << endl);
+ LOG(prefix << qname << ": Got NS record '" << rec.d_name << "' -> '" << rec.getContent()->getZoneRepresentation() << "'" << endl);
/* check if we have a referral from the parent zone to a child zone for a DS query, which is not right */
if (qtype == QType::DS && (newauth.isPartOf(qname) || qname == newauth)) {
}
}
else {
- LOG(prefix << qname << ": Got upwards/level NS record '" << rec.d_name << "' -> '" << rec.d_content->getZoneRepresentation() << "', had '" << auth << "'" << endl);
+ LOG(prefix << qname << ": Got upwards/level NS record '" << rec.d_name << "' -> '" << rec.getContent()->getZoneRepresentation() << "', had '" << auth << "'" << endl);
if (auto content = getRR<NSRecordContent>(rec)) {
nsset.insert(content->getNS());
}
}
}
else if (rec.d_place == DNSResourceRecord::AUTHORITY && rec.d_type == QType::DS && qname.isPartOf(rec.d_name)) {
- LOG(prefix << qname << ": Got DS record '" << rec.d_name << "' -> '" << rec.d_content->getZoneRepresentation() << "'" << endl);
+ LOG(prefix << qname << ": Got DS record '" << rec.d_name << "' -> '" << rec.getContent()->getZoneRepresentation() << "'" << endl);
}
else if (realreferral && rec.d_place == DNSResourceRecord::AUTHORITY && (rec.d_type == QType::NSEC || rec.d_type == QType::NSEC3) && newauth.isPartOf(auth)) {
/* we might have received a denial of the DS, let's check */
cnamerec.d_name = qname;
cnamerec.d_type = QType::CNAME;
cnamerec.d_ttl = dnameTTL;
- cnamerec.d_content = std::make_shared<CNAMERecordContent>(CNAMERecordContent(newtarget));
+ cnamerec.setContent(std::make_shared<CNAMERecordContent>(CNAMERecordContent(newtarget)));
ret.push_back(std::move(cnamerec));
}
boost::optional<Netmask> getEDNSSubnetMask(const DNSName& dn, const ComboAddress& rem);
bool validationEnabled() const;
- uint32_t computeLowestTTD(const std::vector<DNSRecord>& records, const std::vector<std::shared_ptr<RRSIGRecordContent>>& signatures, uint32_t signaturesTTL, const std::vector<std::shared_ptr<DNSRecord>>& authorityRecs) const;
+ uint32_t computeLowestTTD(const std::vector<DNSRecord>& records, const std::vector<std::shared_ptr<const RRSIGRecordContent>>& signatures, uint32_t signaturesTTL, const std::vector<std::shared_ptr<DNSRecord>>& authorityRecs) const;
void updateValidationState(const DNSName& qname, vState& state, const vState stateUpdate, const string& prefix);
- vState validateRecordsWithSigs(unsigned int depth, const string& prefix, const DNSName& qname, const QType qtype, const DNSName& name, const QType type, const std::vector<DNSRecord>& records, const std::vector<std::shared_ptr<RRSIGRecordContent>>& signatures);
- vState validateDNSKeys(const DNSName& zone, const std::vector<DNSRecord>& dnskeys, const std::vector<std::shared_ptr<RRSIGRecordContent>>& signatures, unsigned int depth, const string& prefix);
+ vState validateRecordsWithSigs(unsigned int depth, const string& prefix, const DNSName& qname, const QType qtype, const DNSName& name, const QType type, const std::vector<DNSRecord>& records, const std::vector<std::shared_ptr<const RRSIGRecordContent>>& signatures);
+ vState validateDNSKeys(const DNSName& zone, const std::vector<DNSRecord>& dnskeys, const std::vector<std::shared_ptr<const RRSIGRecordContent>>& signatures, unsigned int depth, const string& prefix);
vState getDNSKeys(const DNSName& signer, skeyset_t& keys, bool& servFailOccurred, unsigned int depth, const string& prefix);
dState getDenialValidationState(const NegCache::NegCacheEntry& ne, const dState expectedState, bool referralToUnsigned, const string& prefix);
void updateDenialValidationState(const DNSName& qname, vState& neValidationState, const DNSName& neName, vState& state, const dState denialState, const dState expectedState, bool isDS, unsigned int depth, const string& prefix);
rec.d_name = DNSName("www.powerdns.com");
rec.d_type = QType::NSEC;
rec.d_ttl = now.tv_sec + 10;
- rec.d_content = getRecordContent(QType::NSEC, "z.powerdns.com. A RRSIG NSEC");
+ rec.setContent(getRecordContent(QType::NSEC, "z.powerdns.com. A RRSIG NSEC"));
auto rrsig = std::make_shared<RRSIGRecordContent>("NSEC 5 3 10 20370101000000 20370101000000 24567 dummy. data");
cache->insertNSEC(DNSName("powerdns.com"), rec.d_name, rec, {rrsig}, false);
rec.d_name = DNSName("z.powerdns.com");
- rec.d_content = getRecordContent(QType::NSEC, "zz.powerdns.com. AAAA RRSIG NSEC");
+ rec.setContent(getRecordContent(QType::NSEC, "zz.powerdns.com. AAAA RRSIG NSEC"));
cache->insertNSEC(DNSName("powerdns.com"), rec.d_name, rec, {rrsig}, false);
rec.d_name = DNSName("www.powerdns.org");
rec.d_type = QType::NSEC3;
rec.d_ttl = now.tv_sec + 10;
- rec.d_content = getRecordContent(QType::NSEC3, "1 0 500 ab HASG==== A RRSIG NSEC3");
+ rec.setContent(getRecordContent(QType::NSEC3, "1 0 500 ab HASG==== A RRSIG NSEC3"));
rrsig = std::make_shared<RRSIGRecordContent>("NSEC3 5 3 10 20370101000000 20370101000000 24567 dummy. data");
cache->insertNSEC(DNSName("powerdns.org"), rec.d_name, rec, {rrsig}, true);
rec.d_name = DNSName("www.powerdns.com");
rec.d_type = QType::NSEC;
rec.d_ttl = now.tv_sec + 10;
- rec.d_content = getRecordContent(QType::NSEC, "z.powerdns.com. A RRSIG NSEC");
+ rec.setContent(getRecordContent(QType::NSEC, "z.powerdns.com. A RRSIG NSEC"));
auto rrsig = std::make_shared<RRSIGRecordContent>("NSEC 5 3 10 20370101000000 20370101000000 24567 dummy. data");
cache->insertNSEC(DNSName("powerdns.com"), rec.d_name, rec, {rrsig}, false);
rec.d_name = DNSName("z.powerdns.com");
- rec.d_content = getRecordContent(QType::NSEC, "zz.powerdns.com. AAAA RRSIG NSEC");
+ rec.setContent(getRecordContent(QType::NSEC, "zz.powerdns.com. AAAA RRSIG NSEC"));
cache->insertNSEC(DNSName("powerdns.com"), rec.d_name, rec, {rrsig}, false);
BOOST_CHECK_EQUAL(cache->getEntriesCount(), 2U);
rec.d_name = DNSName("www.powerdns.org");
rec.d_type = QType::NSEC3;
rec.d_ttl = now.tv_sec + 10;
- rec.d_content = getRecordContent(QType::NSEC3, "1 0 500 ab HASG==== A RRSIG NSEC3");
+ rec.setContent(getRecordContent(QType::NSEC3, "1 0 500 ab HASG==== A RRSIG NSEC3"));
rrsig = std::make_shared<RRSIGRecordContent>("NSEC3 5 3 10 20370101000000 20370101000000 24567 dummy. data");
cache->insertNSEC(DNSName("powerdns.org"), rec.d_name, rec, {rrsig}, true);
rec.d_name = DNSName("www.powerdns.com");
rec.d_type = QType::NSEC;
rec.d_ttl = now.tv_sec + 10;
- rec.d_content = getRecordContent(QType::NSEC, "z.powerdns.com. A RRSIG NSEC");
+ rec.setContent(getRecordContent(QType::NSEC, "z.powerdns.com. A RRSIG NSEC"));
auto rrsig = std::make_shared<RRSIGRecordContent>("NSEC 5 3 10 20370101000000 20370101000000 24567 dummy. data");
cache->insertNSEC(DNSName("powerdns.com"), rec.d_name, rec, {rrsig}, false);
rec.d_name = DNSName("z.powerdns.com");
- rec.d_content = getRecordContent(QType::NSEC, "zz.powerdns.com. AAAA RRSIG NSEC");
+ rec.setContent(getRecordContent(QType::NSEC, "zz.powerdns.com. AAAA RRSIG NSEC"));
cache->insertNSEC(DNSName("powerdns.com"), rec.d_name, rec, {rrsig}, false);
rec.d_name = DNSName("www.powerdns.org");
rec.d_type = QType::NSEC3;
rec.d_ttl = now.tv_sec + 10;
- rec.d_content = getRecordContent(QType::NSEC3, "1 0 50 ab HASG==== A RRSIG NSEC3");
+ rec.setContent(getRecordContent(QType::NSEC3, "1 0 50 ab HASG==== A RRSIG NSEC3"));
rrsig = std::make_shared<RRSIGRecordContent>("NSEC3 5 3 10 20370101000000 20370101000000 24567 dummy. data");
cache->insertNSEC(DNSName("powerdns.org"), rec.d_name, rec, {rrsig}, true);
drSOA.d_name = zone;
drSOA.d_type = QType::SOA;
drSOA.d_class = QClass::IN;
- drSOA.d_content = std::make_shared<SOARecordContent>("pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600");
+ drSOA.setContent(std::make_shared<SOARecordContent>("pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600"));
drSOA.d_ttl = static_cast<uint32_t>(ttd); // XXX truncation
drSOA.d_place = DNSResourceRecord::ANSWER;
records.push_back(drSOA);
nrc.set(type);
}
- rec.d_content = std::make_shared<NSEC3RecordContent>(nrc);
+ rec.setContent(std::make_shared<NSEC3RecordContent>(nrc));
auto rrsig = std::make_shared<RRSIGRecordContent>("NSEC3 5 3 10 20370101000000 20370101000000 24567 dummy. data");
cache->insertNSEC(zone, rec.d_name, rec, {rrsig}, true);
nrc.set(type);
}
- rec.d_content = std::make_shared<NSEC3RecordContent>(nrc);
+ rec.setContent(std::make_shared<NSEC3RecordContent>(nrc));
rrsig = std::make_shared<RRSIGRecordContent>("NSEC3 5 3 10 20370101000000 20370101000000 24567 dummy. data");
cache->insertNSEC(zone, rec.d_name, rec, {rrsig}, true);
nrc.set(type);
}
- rec.d_content = std::make_shared<NSEC3RecordContent>(nrc);
+ rec.setContent(std::make_shared<NSEC3RecordContent>(nrc));
rrsig = std::make_shared<RRSIGRecordContent>("NSEC3 5 3 10 20370101000000 20370101000000 24567 dummy. data");
cache->insertNSEC(zone, rec.d_name, rec, {rrsig}, true);
drSOA.d_name = zone;
drSOA.d_type = QType::SOA;
drSOA.d_class = QClass::IN;
- drSOA.d_content = std::make_shared<SOARecordContent>("pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600");
+ drSOA.setContent(std::make_shared<SOARecordContent>("pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600"));
drSOA.d_ttl = static_cast<uint32_t>(ttd); // XXX truncation
drSOA.d_place = DNSResourceRecord::ANSWER;
records.push_back(drSOA);
nrc.set(type);
}
- rec.d_content = std::make_shared<NSECRecordContent>(nrc);
+ rec.setContent(std::make_shared<NSECRecordContent>(nrc));
auto rrsig = std::make_shared<RRSIGRecordContent>("NSEC 5 3 10 20370101000000 20370101000000 24567 sub.powerdns.com. data");
cache->insertNSEC(zone, rec.d_name, rec, {rrsig}, false);
nrc.set(type);
}
- rec.d_content = std::make_shared<NSECRecordContent>(nrc);
+ rec.setContent(std::make_shared<NSECRecordContent>(nrc));
auto rrsig = std::make_shared<RRSIGRecordContent>("NSEC 5 3 10 20370101000000 20370101000000 24567 powerdns.com. data");
cache->insertNSEC(zone, rec.d_name, rec, {rrsig}, false);
nrc.set(type);
}
- rec.d_content = std::make_shared<NSECRecordContent>(nrc);
+ rec.setContent(std::make_shared<NSECRecordContent>(nrc));
auto rrsig = std::make_shared<RRSIGRecordContent>("NSEC 5 3 10 20370101000000 20370101000000 24567 powerdns.com. data");
cache->insertNSEC(zone, rec.d_name, rec, {rrsig}, false);
nrc.set(type);
}
- rec.d_content = std::make_shared<NSECRecordContent>(nrc);
+ rec.setContent(std::make_shared<NSECRecordContent>(nrc));
auto rrsig = std::make_shared<RRSIGRecordContent>("NSEC 5 3 10 20370101000000 20370101000000 24567 powerdns.com. data");
cache->insertNSEC(zone, rec.d_name, rec, {rrsig}, false);
nrc.set(type);
}
- rec.d_content = std::make_shared<NSECRecordContent>(nrc);
+ rec.setContent(std::make_shared<NSECRecordContent>(nrc));
auto rrsig = std::make_shared<RRSIGRecordContent>("NSEC 5 3 10 20370101000000 20370101000000 24567 powerdns.com. data");
cache->insertNSEC(zone, rec.d_name, rec, {rrsig}, false);
drSOA.d_name = zone;
drSOA.d_type = QType::SOA;
drSOA.d_class = QClass::IN;
- drSOA.d_content = std::make_shared<SOARecordContent>("pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600");
+ drSOA.setContent(std::make_shared<SOARecordContent>("pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600"));
drSOA.d_ttl = static_cast<uint32_t>(ttd); // XXX truncation
drSOA.d_place = DNSResourceRecord::ANSWER;
records.push_back(drSOA);
nrc.set(type);
}
- rec.d_content = std::make_shared<NSEC3RecordContent>(nrc);
+ rec.setContent(std::make_shared<NSEC3RecordContent>(nrc));
auto rrsig = std::make_shared<RRSIGRecordContent>("NSEC3 5 3 10 20370101000000 20370101000000 24567 sub.powerdns.com. data");
cache->insertNSEC(zone, rec.d_name, rec, {rrsig}, true);
nrc.set(type);
}
- rec.d_content = std::make_shared<NSEC3RecordContent>(nrc);
+ rec.setContent(std::make_shared<NSEC3RecordContent>(nrc));
auto rrsig = std::make_shared<RRSIGRecordContent>("NSEC3 5 3 10 20370101000000 20370101000000 24567 powerdns.com. data");
cache->insertNSEC(zone, rec.d_name, rec, {rrsig}, true);
nrc.set(type);
}
- rec.d_content = std::make_shared<NSEC3RecordContent>(nrc);
+ rec.setContent(std::make_shared<NSEC3RecordContent>(nrc));
auto rrsig = std::make_shared<RRSIGRecordContent>("NSEC3 5 3 10 20370101000000 20370101000000 24567 powerdns.com. data");
cache->insertNSEC(zone, rec.d_name, rec, {rrsig}, true);
nrc.set(type);
}
- rec.d_content = std::make_shared<NSEC3RecordContent>(nrc);
+ rec.setContent(std::make_shared<NSEC3RecordContent>(nrc));
auto rrsig = std::make_shared<RRSIGRecordContent>("NSEC3 5 3 10 20370101000000 20370101000000 24567 powerdns.com. data");
cache->insertNSEC(zone, rec.d_name, rec, {rrsig}, true);
nrc.set(type);
}
- rec.d_content = std::make_shared<NSEC3RecordContent>(nrc);
+ rec.setContent(std::make_shared<NSEC3RecordContent>(nrc));
auto rrsig = std::make_shared<RRSIGRecordContent>("NSEC3 5 3 10 20370101000000 20370101000000 24567 powerdns.com. data");
cache->insertNSEC(zone, rec.d_name, rec, {rrsig}, true);
nrc.set(type);
}
- rec.d_content = std::make_shared<NSEC3RecordContent>(nrc);
+ rec.setContent(std::make_shared<NSEC3RecordContent>(nrc));
auto rrsig = std::make_shared<RRSIGRecordContent>("NSEC3 5 3 10 20370101000000 20370101000000 24567 powerdns.com. data");
cache->insertNSEC(zone, rec.d_name, rec, {rrsig}, true);
nrc.set(type);
}
- rec.d_content = std::make_shared<NSEC3RecordContent>(nrc);
+ rec.setContent(std::make_shared<NSEC3RecordContent>(nrc));
auto rrsig = std::make_shared<RRSIGRecordContent>("NSEC3 5 3 10 20370101000000 20370101000000 24567 powerdns.com. data");
cache->insertNSEC(zone, rec.d_name, rec, {rrsig}, true);
nrc.set(type);
}
- rec.d_content = std::make_shared<NSEC3RecordContent>(nrc);
+ rec.setContent(std::make_shared<NSEC3RecordContent>(nrc));
auto rrsig = std::make_shared<RRSIGRecordContent>("NSEC3 5 3 10 20370101000000 20370101000000 24567 powerdns.com. data");
cache->insertNSEC(zone, rec.d_name, rec, {rrsig}, true);
nrc.set(type);
}
- rec.d_content = std::make_shared<NSEC3RecordContent>(nrc);
+ rec.setContent(std::make_shared<NSEC3RecordContent>(nrc));
auto rrsig = std::make_shared<RRSIGRecordContent>("NSEC3 5 3 10 20370101000000 20370101000000 24567 powerdns.com. data");
cache->insertNSEC(zone, rec.d_name, rec, {rrsig}, true);
/* blocked A */
DNSRecord dr;
dr.d_type = QType::A;
- dr.d_content = DNSRecordContent::mastermake(QType::A, QClass::IN, responseIP.toString());
+ dr.setContent(DNSRecordContent::mastermake(QType::A, QClass::IN, responseIP.toString()));
const auto matchingPolicy = dfe.getPostPolicy({dr}, std::unordered_map<std::string, bool>(), DNSFilterEngine::maximumPriority);
BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::ResponseIP);
BOOST_CHECK(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::Drop);
/* allowed A */
DNSRecord dr;
dr.d_type = QType::A;
- dr.d_content = DNSRecordContent::mastermake(QType::A, QClass::IN, "192.0.2.142");
+ dr.setContent(DNSRecordContent::mastermake(QType::A, QClass::IN, "192.0.2.142"));
const auto matchingPolicy = dfe.getPostPolicy({dr}, std::unordered_map<std::string, bool>(), DNSFilterEngine::maximumPriority);
BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::None);
DNSFilterEngine::Policy zonePolicy;
const auto& record = records.at(0);
BOOST_CHECK(record.d_type == QType::CNAME);
BOOST_CHECK(record.d_class == QClass::IN);
- auto content = std::dynamic_pointer_cast<CNAMERecordContent>(record.d_content);
+ auto content = getRR<CNAMERecordContent>(record);
BOOST_CHECK(content != nullptr);
BOOST_CHECK_EQUAL(content->getTarget().toString(), "garden.example.net.");
}
const auto& record = records.at(0);
BOOST_CHECK(record.d_type == QType::A);
BOOST_CHECK(record.d_class == QClass::IN);
- auto content = std::dynamic_pointer_cast<ARecordContent>(record.d_content);
+ auto content = getRR<ARecordContent>(record);
BOOST_CHECK(content != nullptr);
BOOST_CHECK_EQUAL(content->getCA().toString(), "192.0.2.1");
}
const auto& record = records.at(1);
BOOST_CHECK(record.d_type == QType::A);
BOOST_CHECK(record.d_class == QClass::IN);
- auto content = std::dynamic_pointer_cast<ARecordContent>(record.d_content);
+ auto content = getRR<ARecordContent>(record);
BOOST_CHECK(content != nullptr);
BOOST_CHECK_EQUAL(content->getCA().toString(), "192.0.2.2");
}
const auto& record = records.at(0);
BOOST_CHECK(record.d_type == QType::MX);
BOOST_CHECK(record.d_class == QClass::IN);
- auto content = std::dynamic_pointer_cast<MXRecordContent>(record.d_content);
+ auto content = getRR<MXRecordContent>(record);
BOOST_CHECK(content != nullptr);
BOOST_CHECK_EQUAL(content->d_mxname.toString(), "garden-mail.example.net.");
}
const auto& record = records.at(0);
BOOST_CHECK(record.d_type == QType::A);
BOOST_CHECK(record.d_class == QClass::IN);
- auto content = std::dynamic_pointer_cast<ARecordContent>(record.d_content);
+ auto content = getRR<ARecordContent>(record);
BOOST_CHECK(content != nullptr);
BOOST_CHECK_EQUAL(content->getCA().toString(), "192.0.2.2");
}
const auto& record = records.at(0);
BOOST_CHECK(record.d_type == QType::MX);
BOOST_CHECK(record.d_class == QClass::IN);
- auto content = std::dynamic_pointer_cast<MXRecordContent>(record.d_content);
+ auto content = getRR<MXRecordContent>(record);
BOOST_CHECK(content != nullptr);
BOOST_CHECK_EQUAL(content->d_mxname.toString(), "garden-mail.example.net.");
}
const auto& record1 = records.at(0);
BOOST_CHECK(record1.d_type == QType::A);
BOOST_CHECK(record1.d_class == QClass::IN);
- auto content1 = std::dynamic_pointer_cast<ARecordContent>(record1.d_content);
+ auto content1 = getRR<ARecordContent>(record1);
BOOST_CHECK(content1 != nullptr);
BOOST_CHECK_EQUAL(content1->getCA().toString(), "1.2.3.4");
const auto& record2 = records.at(1);
BOOST_CHECK(record2.d_type == QType::A);
BOOST_CHECK(record2.d_class == QClass::IN);
- auto content2 = std::dynamic_pointer_cast<ARecordContent>(record2.d_content);
+ auto content2 = getRR<ARecordContent>(record2);
BOOST_CHECK(content2 != nullptr);
BOOST_CHECK_EQUAL(content2->getCA().toString(), "1.2.3.5");
}
const auto& record1 = records.at(0);
BOOST_CHECK(record1.d_type == QType::AAAA);
BOOST_CHECK(record1.d_class == QClass::IN);
- auto content1 = std::dynamic_pointer_cast<AAAARecordContent>(record1.d_content);
+ auto content1 = getRR<AAAARecordContent>(record1);
BOOST_CHECK(content1 != nullptr);
BOOST_CHECK_EQUAL(content1->getCA().toString(), "::1234");
}
const auto& record1 = records.at(0);
BOOST_CHECK(record1.d_type == QType::A);
BOOST_CHECK(record1.d_class == QClass::IN);
- auto content1 = std::dynamic_pointer_cast<ARecordContent>(record1.d_content);
+ auto content1 = getRR<ARecordContent>(record1);
BOOST_CHECK(content1 != nullptr);
BOOST_CHECK_EQUAL(content1->getCA().toString(), "1.2.3.4");
}
const auto& record1 = records.at(0);
BOOST_CHECK(record1.d_type == QType::AAAA);
BOOST_CHECK(record1.d_class == QClass::IN);
- auto content1 = std::dynamic_pointer_cast<AAAARecordContent>(record1.d_content);
+ auto content1 = getRR<AAAARecordContent>(record1);
BOOST_CHECK(content1 != nullptr);
BOOST_CHECK_EQUAL(content1->getCA().toString(), "::1234");
}
const auto& record1 = records.at(0);
BOOST_CHECK(record1.d_type == QType::AAAA);
BOOST_CHECK(record1.d_class == QClass::IN);
- auto content1 = std::dynamic_pointer_cast<AAAARecordContent>(record1.d_content);
+ auto content1 = getRR<AAAARecordContent>(record1);
BOOST_CHECK(content1 != nullptr);
BOOST_CHECK_EQUAL(content1->getCA().toString(), "::1234");
}
const auto& record = records.at(0);
BOOST_CHECK(record.d_type == QType::CNAME);
BOOST_CHECK(record.d_class == QClass::IN);
- auto content = std::dynamic_pointer_cast<CNAMERecordContent>(record.d_content);
+ auto content = getRR<CNAMERecordContent>(record);
BOOST_CHECK(content != nullptr);
BOOST_CHECK_EQUAL(content->getTarget().toString(), "garden1a.example.net.");
}
const auto& record = records.at(0);
BOOST_CHECK(record.d_type == QType::CNAME);
BOOST_CHECK(record.d_class == QClass::IN);
- auto content = std::dynamic_pointer_cast<CNAMERecordContent>(record.d_content);
+ auto content = getRR<CNAMERecordContent>(record);
BOOST_CHECK(content != nullptr);
BOOST_CHECK_EQUAL(content->getTarget().toString(), "garden1b.example.net.");
}
const auto& record = records.at(0);
BOOST_CHECK(record.d_type == QType::CNAME);
BOOST_CHECK(record.d_class == QClass::IN);
- auto content = std::dynamic_pointer_cast<CNAMERecordContent>(record.d_content);
+ auto content = getRR<CNAMERecordContent>(record);
BOOST_CHECK(content != nullptr);
BOOST_CHECK_EQUAL(content->getTarget().toString(), "garden1a.example.net.");
}
const auto& record = records.at(0);
BOOST_CHECK(record.d_type == QType::CNAME);
BOOST_CHECK(record.d_class == QClass::IN);
- auto content = std::dynamic_pointer_cast<CNAMERecordContent>(record.d_content);
+ auto content = getRR<CNAMERecordContent>(record);
BOOST_CHECK(content != nullptr);
BOOST_CHECK_EQUAL(content->getTarget().toString(), "garden2a.example.net.");
}
const auto& record = records.at(0);
BOOST_CHECK(record.d_type == QType::CNAME);
BOOST_CHECK(record.d_class == QClass::IN);
- auto content = std::dynamic_pointer_cast<CNAMERecordContent>(record.d_content);
+ auto content = getRR<CNAMERecordContent>(record);
BOOST_CHECK(content != nullptr);
BOOST_CHECK_EQUAL(content->getTarget().toString(), "client1a.example.net.");
}
const auto& record = records.at(0);
BOOST_CHECK(record.d_type == QType::CNAME);
BOOST_CHECK(record.d_class == QClass::IN);
- auto content = std::dynamic_pointer_cast<CNAMERecordContent>(record.d_content);
+ auto content = getRR<CNAMERecordContent>(record);
BOOST_CHECK(content != nullptr);
BOOST_CHECK_EQUAL(content->getTarget().toString(), "garden1a.example.net.");
}
const auto& record = records.at(0);
BOOST_CHECK(record.d_type == QType::CNAME);
BOOST_CHECK(record.d_class == QClass::IN);
- auto content = std::dynamic_pointer_cast<CNAMERecordContent>(record.d_content);
+ auto content = getRR<CNAMERecordContent>(record);
BOOST_CHECK(content != nullptr);
BOOST_CHECK_EQUAL(content->getTarget().toString(), "garden1a.example.net.");
}
const auto& record = records.at(0);
BOOST_CHECK(record.d_type == QType::CNAME);
BOOST_CHECK(record.d_class == QClass::IN);
- auto content = std::dynamic_pointer_cast<CNAMERecordContent>(record.d_content);
+ auto content = getRR<CNAMERecordContent>(record);
BOOST_CHECK(content != nullptr);
BOOST_CHECK_EQUAL(content->getTarget().toString(), "garden2a.example.net.");
}
const auto& record = records.at(0);
BOOST_CHECK(record.d_type == QType::CNAME);
BOOST_CHECK(record.d_class == QClass::IN);
- auto content = std::dynamic_pointer_cast<CNAMERecordContent>(record.d_content);
+ auto content = getRR<CNAMERecordContent>(record);
BOOST_CHECK(content != nullptr);
BOOST_CHECK_EQUAL(content->getTarget().toString(), "nsname1a.example.net.");
}
const auto& record = records.at(0);
BOOST_CHECK(record.d_type == QType::CNAME);
BOOST_CHECK(record.d_class == QClass::IN);
- auto content = std::dynamic_pointer_cast<CNAMERecordContent>(record.d_content);
+ auto content = getRR<CNAMERecordContent>(record);
BOOST_CHECK(content != nullptr);
BOOST_CHECK_EQUAL(content->getTarget().toString(), "nsip1a.example.net.");
}
/* blocked A in the response */
DNSRecord dr;
dr.d_type = QType::A;
- dr.d_content = DNSRecordContent::mastermake(QType::A, QClass::IN, responseIP.toString());
+ dr.setContent(DNSRecordContent::mastermake(QType::A, QClass::IN, responseIP.toString()));
const auto matchingPolicy = dfe.getPostPolicy({dr}, std::unordered_map<std::string, bool>(), DNSFilterEngine::maximumPriority);
BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::ResponseIP);
BOOST_CHECK(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::Custom);
const auto& record = records.at(0);
BOOST_CHECK(record.d_type == QType::CNAME);
BOOST_CHECK(record.d_class == QClass::IN);
- auto content = std::dynamic_pointer_cast<CNAMERecordContent>(record.d_content);
+ auto content = getRR<CNAMERecordContent>(record);
BOOST_CHECK(content != nullptr);
BOOST_CHECK_EQUAL(content->getTarget().toString(), "response1a.example.net.");
}
/* blocked A in the response, except 1 is disabled and 2's priority is too high */
DNSRecord dr;
dr.d_type = QType::A;
- dr.d_content = DNSRecordContent::mastermake(QType::A, QClass::IN, responseIP.toString());
+ dr.setContent(DNSRecordContent::mastermake(QType::A, QClass::IN, responseIP.toString()));
const auto matchingPolicy = dfe.getPostPolicy({dr}, {{zone1->getName(), true}}, 1);
BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::None);
BOOST_CHECK(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::NoAction);
rec.d_type = qtype;
rec.d_ttl = 600;
rec.d_place = DNSResourceRecord::AUTHORITY;
- rec.d_content = DNSRecordContent::mastermake(qtype, QClass::IN, content);
+ rec.setContent(DNSRecordContent::mastermake(qtype, QClass::IN, content));
ret.records.push_back(rec);
if (sigs) {
rec.d_type = QType::RRSIG;
- rec.d_content = std::make_shared<RRSIGRecordContent>(QType(qtype).toString() + " 5 3 600 2037010100000000 2037010100000000 24567 dummy data");
+ rec.setContent(std::make_shared<RRSIGRecordContent>(QType(qtype).toString() + " 5 3 600 2037010100000000 2037010100000000 24567 dummy data"));
ret.signatures.push_back(rec);
}
std::vector<DNSRecord> records;
std::vector<std::shared_ptr<DNSRecord>> authRecords;
- std::vector<std::shared_ptr<RRSIGRecordContent>> signatures;
+ std::vector<std::shared_ptr<const RRSIGRecordContent>> signatures;
const DNSName authZone(".");
time_t ttd = now + 30;
dr0.d_name = power;
dr0.d_type = QType::AAAA;
dr0.d_class = QClass::IN;
- dr0.d_content = std::make_shared<AAAARecordContent>(dr0Content);
+ dr0.setContent(std::make_shared<AAAARecordContent>(dr0Content));
dr0.d_ttl = static_cast<uint32_t>(ttd); // XXX truncation
dr0.d_place = DNSResourceRecord::ANSWER;
dr1.d_name = power;
dr1.d_type = QType::AAAA;
dr1.d_class = QClass::IN;
- dr1.d_content = std::make_shared<AAAARecordContent>(dr1Content);
+ dr1.setContent(std::make_shared<AAAARecordContent>(dr1Content));
dr1.d_ttl = static_cast<uint32_t>(ttd); // XXX truncation
dr1.d_place = DNSResourceRecord::ANSWER;
dr2.d_name = power;
dr2.d_type = QType::A;
dr2.d_class = QClass::IN;
- dr2.d_content = std::make_shared<ARecordContent>(dr2Content);
+ dr2.setContent(std::make_shared<ARecordContent>(dr2Content));
dr2.d_ttl = static_cast<uint32_t>(ttd); // XXX truncation
// the place should not matter to the cache
dr2.d_place = DNSResourceRecord::AUTHORITY;
dr3.d_name = power;
dr3.d_type = QType::A;
dr3.d_class = QClass::IN;
- dr3.d_content = std::make_shared<ARecordContent>(dr3Content);
+ dr3.setContent(std::make_shared<ARecordContent>(dr3Content));
dr3.d_ttl = static_cast<uint32_t>(ttd + 100); // XXX truncation
// the place should not matter to the cache
dr3.d_place = DNSResourceRecord::AUTHORITY;
dr4.d_name = power;
dr4.d_type = QType::A;
dr4.d_class = QClass::IN;
- dr4.d_content = std::make_shared<ARecordContent>(dr4Content);
+ dr4.setContent(std::make_shared<ARecordContent>(dr4Content));
dr4.d_ttl = static_cast<uint32_t>(ttd); // XXX truncation
dr4.d_place = DNSResourceRecord::AUTHORITY;
std::vector<DNSRecord> records;
std::vector<std::shared_ptr<DNSRecord>> authRecords;
- std::vector<std::shared_ptr<RRSIGRecordContent>> signatures;
+ std::vector<std::shared_ptr<const RRSIGRecordContent>> signatures;
time_t now = time(nullptr);
BOOST_CHECK_EQUAL(MRC.size(), 0U);
ns1.d_name = ghost;
ns1.d_type = QType::NS;
ns1.d_class = QClass::IN;
- ns1.d_content = std::make_shared<NSRecordContent>(ns1Content);
+ ns1.setContent(std::make_shared<NSRecordContent>(ns1Content));
ns1.d_ttl = static_cast<uint32_t>(ttd); // XXX truncation
ns1.d_place = DNSResourceRecord::ANSWER;
records.push_back(ns1);
std::vector<DNSRecord> records;
std::vector<std::shared_ptr<DNSRecord>> authRecords;
- std::vector<std::shared_ptr<RRSIGRecordContent>> signatures;
+ std::vector<std::shared_ptr<const RRSIGRecordContent>> signatures;
time_t now = time(nullptr);
BOOST_CHECK_EQUAL(MRC.size(), 0U);
ns1.d_name = record1;
ns1.d_type = QType::NS;
ns1.d_class = QClass::IN;
- ns1.d_content = std::make_shared<NSRecordContent>(record1);
+ ns1.setContent(std::make_shared<NSRecordContent>(record1));
ns1.d_ttl = static_cast<uint32_t>(ttd); // XXX truncation
ns1.d_place = DNSResourceRecord::ANSWER;
records.push_back(ns1);
MemRecursorCache MRC(1);
std::vector<DNSRecord> records;
- std::vector<std::shared_ptr<RRSIGRecordContent>> signatures;
+ std::vector<std::shared_ptr<const RRSIGRecordContent>> signatures;
std::vector<std::shared_ptr<DNSRecord>> authRecs;
const DNSName authZone(".");
BOOST_CHECK_EQUAL(MRC.size(), 0U);
dr1.d_name = power1;
dr1.d_type = QType::AAAA;
dr1.d_class = QClass::IN;
- dr1.d_content = std::make_shared<AAAARecordContent>(dr1Content);
+ dr1.setContent(std::make_shared<AAAARecordContent>(dr1Content));
dr1.d_ttl = static_cast<uint32_t>(ttd); // XXX truncation
dr1.d_place = DNSResourceRecord::ANSWER;
dr2.d_name = power2;
dr2.d_type = QType::AAAA;
dr2.d_class = QClass::IN;
- dr2.d_content = std::make_shared<AAAARecordContent>(dr2Content);
+ dr2.setContent(std::make_shared<AAAARecordContent>(dr2Content));
dr2.d_ttl = static_cast<uint32_t>(ttd); // XXX truncation
dr2.d_place = DNSResourceRecord::ANSWER;
MemRecursorCache MRC(1);
std::vector<DNSRecord> records;
- std::vector<std::shared_ptr<RRSIGRecordContent>> signatures;
+ std::vector<std::shared_ptr<const RRSIGRecordContent>> signatures;
std::vector<std::shared_ptr<DNSRecord>> authRecs;
const DNSName authZone(".");
BOOST_CHECK_EQUAL(MRC.size(), 0U);
dr1.d_name = power1;
dr1.d_type = QType::AAAA;
dr1.d_class = QClass::IN;
- dr1.d_content = std::make_shared<AAAARecordContent>(dr1Content);
+ dr1.setContent(std::make_shared<AAAARecordContent>(dr1Content));
dr1.d_ttl = static_cast<uint32_t>(ttd);
dr1.d_place = DNSResourceRecord::ANSWER;
dr2.d_name = power2;
dr2.d_type = QType::AAAA;
dr2.d_class = QClass::IN;
- dr2.d_content = std::make_shared<AAAARecordContent>(dr2Content);
+ dr2.setContent(std::make_shared<AAAARecordContent>(dr2Content));
dr2.d_ttl = static_cast<uint32_t>(ttd);
dr2.d_place = DNSResourceRecord::ANSWER;
r1.d_name = power1;
r1.d_type = QType::A;
r1.d_class = QClass::IN;
- r1.d_content = std::make_shared<ARecordContent>(r1Content);
+ r1.setContent(std::make_shared<ARecordContent>(r1Content));
r1.d_ttl = static_cast<uint32_t>(ttd);
r1.d_place = DNSResourceRecord::ANSWER;
records.push_back(r1);
const DNSName authZone(".");
std::vector<DNSRecord> records;
std::vector<std::shared_ptr<DNSRecord>> authRecords;
- std::vector<std::shared_ptr<RRSIGRecordContent>> signatures;
+ std::vector<std::shared_ptr<const RRSIGRecordContent>> signatures;
time_t now = time(nullptr);
std::vector<DNSRecord> retrieved;
ComboAddress who("192.0.2.1");
dr1.d_name = power;
dr1.d_type = QType::A;
dr1.d_class = QClass::IN;
- dr1.d_content = std::make_shared<ARecordContent>(dr1Content);
+ dr1.setContent(std::make_shared<ARecordContent>(dr1Content));
dr1.d_ttl = static_cast<uint32_t>(ttd);
dr1.d_place = DNSResourceRecord::ANSWER;
dr2.d_name = power;
dr2.d_type = QType::A;
dr2.d_class = QClass::IN;
- dr2.d_content = std::make_shared<ARecordContent>(dr2Content);
+ dr2.setContent(std::make_shared<ARecordContent>(dr2Content));
dr2.d_ttl = static_cast<uint32_t>(now + 5);
dr2.d_place = DNSResourceRecord::ANSWER;
const DNSName authZone(".");
std::vector<DNSRecord> records;
std::vector<std::shared_ptr<DNSRecord>> authRecords;
- std::vector<std::shared_ptr<RRSIGRecordContent>> signatures;
+ std::vector<std::shared_ptr<const RRSIGRecordContent>> signatures;
time_t now = time(nullptr);
std::vector<DNSRecord> retrieved;
ComboAddress who("192.0.2.1");
dr1.d_name = power;
dr1.d_type = QType::A;
dr1.d_class = QClass::IN;
- dr1.d_content = std::make_shared<ARecordContent>(dr1Content);
+ dr1.setContent(std::make_shared<ARecordContent>(dr1Content));
dr1.d_ttl = static_cast<uint32_t>(ttd);
dr1.d_place = DNSResourceRecord::ANSWER;
const DNSName authZone(".");
std::vector<std::shared_ptr<DNSRecord>> authRecords;
- std::vector<std::shared_ptr<RRSIGRecordContent>> signatures;
+ std::vector<std::shared_ptr<const RRSIGRecordContent>> signatures;
time_t now = time(nullptr);
time_t ttd = now + 30;
dr0.d_name = power;
dr0.d_type = QType::A;
dr0.d_class = QClass::IN;
- dr0.d_content = std::make_shared<ARecordContent>(dr0Content);
+ dr0.setContent(std::make_shared<ARecordContent>(dr0Content));
dr0.d_ttl = static_cast<uint32_t>(ttd);
dr0.d_place = DNSResourceRecord::ANSWER;
std::vector<DNSRecord> rset0;
dr0tagged.d_name = power;
dr0tagged.d_type = QType::A;
dr0tagged.d_class = QClass::IN;
- dr0tagged.d_content = std::make_shared<ARecordContent>(dr0taggedContent);
+ dr0tagged.setContent(std::make_shared<ARecordContent>(dr0taggedContent));
dr0tagged.d_ttl = static_cast<uint32_t>(ttd);
dr0tagged.d_place = DNSResourceRecord::ANSWER;
std::vector<DNSRecord> rset0tagged;
dr1.d_name = power;
dr1.d_type = QType::A;
dr1.d_class = QClass::IN;
- dr1.d_content = std::make_shared<ARecordContent>(dr1Content);
+ dr1.setContent(std::make_shared<ARecordContent>(dr1Content));
dr1.d_ttl = static_cast<uint32_t>(ttd);
dr1.d_place = DNSResourceRecord::ANSWER;
std::vector<DNSRecord> rset1;
dr2.d_name = power;
dr2.d_type = QType::A;
dr2.d_class = QClass::IN;
- dr2.d_content = std::make_shared<ARecordContent>(dr2Content);
+ dr2.setContent(std::make_shared<ARecordContent>(dr2Content));
dr2.d_ttl = static_cast<uint32_t>(ttd);
dr2.d_place = DNSResourceRecord::ANSWER;
std::vector<DNSRecord> rset2;
dr3.d_name = power;
dr3.d_type = QType::A;
dr3.d_class = QClass::IN;
- dr3.d_content = std::make_shared<ARecordContent>(dr3Content);
+ dr3.setContent(std::make_shared<ARecordContent>(dr3Content));
dr3.d_ttl = static_cast<uint32_t>(ttd);
dr3.d_place = DNSResourceRecord::ANSWER;
std::vector<DNSRecord> rset3;
templ[sizeof(templ) - 1] = '\0';
*templ = c;
aaaarr.d_name = arr.d_name = DNSName(templ);
- nsrr.d_content = std::make_shared<NSRecordContent>(DNSName(templ));
- arr.d_content = std::make_shared<ARecordContent>(ComboAddress(rootIps4[c - 'a']));
+ nsrr.setContent(std::make_shared<NSRecordContent>(DNSName(templ)));
+ arr.setContent(std::make_shared<ARecordContent>(ComboAddress(rootIps4[c - 'a'])));
vector<DNSRecord> aset;
aset.push_back(arr);
- g_recCache->replace(now, DNSName(templ), QType(QType::A), aset, vector<std::shared_ptr<RRSIGRecordContent>>(), vector<std::shared_ptr<DNSRecord>>(), false, g_rootdnsname);
+ g_recCache->replace(now, DNSName(templ), QType(QType::A), aset, vector<std::shared_ptr<const RRSIGRecordContent>>(), vector<std::shared_ptr<DNSRecord>>(), false, g_rootdnsname);
if (rootIps6[c - 'a'] != NULL) {
- aaaarr.d_content = std::make_shared<AAAARecordContent>(ComboAddress(rootIps6[c - 'a']));
+ aaaarr.setContent(std::make_shared<AAAARecordContent>(ComboAddress(rootIps6[c - 'a'])));
vector<DNSRecord> aaaaset;
aaaaset.push_back(aaaarr);
- g_recCache->replace(now, DNSName(templ), QType(QType::AAAA), aaaaset, vector<std::shared_ptr<RRSIGRecordContent>>(), vector<std::shared_ptr<DNSRecord>>(), false, g_rootdnsname);
+ g_recCache->replace(now, DNSName(templ), QType(QType::AAAA), aaaaset, vector<std::shared_ptr<const RRSIGRecordContent>>(), vector<std::shared_ptr<DNSRecord>>(), false, g_rootdnsname);
}
nsset.push_back(nsrr);
}
- g_recCache->replace(now, g_rootdnsname, QType(QType::NS), nsset, vector<std::shared_ptr<RRSIGRecordContent>>(), vector<std::shared_ptr<DNSRecord>>(), false, g_rootdnsname); // and stuff in the cache
+ g_recCache->replace(now, g_rootdnsname, QType(QType::NS), nsset, vector<std::shared_ptr<const RRSIGRecordContent>>(), vector<std::shared_ptr<DNSRecord>>(), false, g_rootdnsname); // and stuff in the cache
return true;
}
sortedRecords_t recordcontents;
for (const auto& record : records) {
if (record.d_name == name && record.d_type == type) {
- recordcontents.insert(record.d_content);
+ recordcontents.insert(record.getContent());
}
}
rec.d_name = records[recordsCount - 1].d_name;
rec.d_ttl = records[recordsCount - 1].d_ttl;
- rec.d_content = std::make_shared<RRSIGRecordContent>(rrc);
+ rec.setContent(std::make_shared<RRSIGRecordContent>(rrc));
records.push_back(rec);
return true;
rec.d_type = QType::DNSKEY;
rec.d_ttl = ttl;
- rec.d_content = std::make_shared<DNSKEYRecordContent>(it->second.first.getDNSKEY());
+ rec.setContent(std::make_shared<DNSKEYRecordContent>(it->second.first.getDNSKEY()));
records.push_back(rec);
}
rec.d_type = QType::DS;
rec.d_place = place;
rec.d_ttl = ttl;
- rec.d_content = std::make_shared<DSRecordContent>(it->second.second);
+ rec.setContent(std::make_shared<DSRecordContent>(it->second.second));
records.push_back(rec);
return true;
rec.d_name = domain;
rec.d_ttl = ttl;
rec.d_type = QType::NSEC;
- rec.d_content = std::make_shared<NSECRecordContent>(std::move(nrc));
+ rec.setContent(std::make_shared<NSECRecordContent>(std::move(nrc)));
rec.d_place = DNSResourceRecord::AUTHORITY;
records.push_back(rec);
rec.d_name = hashedName;
rec.d_ttl = ttl;
rec.d_type = QType::NSEC3;
- rec.d_content = std::make_shared<NSEC3RecordContent>(std::move(nrc));
+ rec.setContent(std::make_shared<NSEC3RecordContent>(std::move(nrc)));
rec.d_place = DNSResourceRecord::AUTHORITY;
records.push_back(rec);
/* we populate the cache with a flawed NSset, i.e. there is a NS entry but no corresponding glue */
time_t now = sr->getNow().tv_sec;
std::vector<DNSRecord> records;
- std::vector<shared_ptr<RRSIGRecordContent>> sigs;
+ std::vector<shared_ptr<const RRSIGRecordContent>> sigs;
addRecordToList(records, target, QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, now + 3600);
g_recCache->replace(now, target, QType(QType::NS), records, sigs, vector<std::shared_ptr<DNSRecord>>(), true, g_rootdnsname, boost::optional<Netmask>());
/* we populate the cache with everything we need */
time_t now = sr->getNow().tv_sec;
std::vector<DNSRecord> records;
- std::vector<shared_ptr<RRSIGRecordContent>> sigs;
+ std::vector<shared_ptr<const RRSIGRecordContent>> sigs;
addRecordToList(records, target, QType::A, "192.0.2.1", DNSResourceRecord::ANSWER, now + 3600);
g_recCache->replace(now, target, QType(QType::A), records, sigs, vector<std::shared_ptr<DNSRecord>>(), true, g_rootdnsname, boost::optional<Netmask>());
const time_t now = sr->getNow().tv_sec;
std::vector<DNSRecord> records;
- std::vector<shared_ptr<RRSIGRecordContent>> sigs;
+ std::vector<shared_ptr<const RRSIGRecordContent>> sigs;
addRecordToList(records, target, QType::A, "192.0.2.42", DNSResourceRecord::ANSWER, now - 60);
g_recCache->replace(now - 3600, target, QType(QType::A), records, sigs, vector<std::shared_ptr<DNSRecord>>(), true, g_rootdnsname, boost::optional<Netmask>());
const time_t now = sr->getNow().tv_sec;
std::vector<DNSRecord> records;
- std::vector<shared_ptr<RRSIGRecordContent>> sigs;
+ std::vector<shared_ptr<const RRSIGRecordContent>> sigs;
addRecordToList(records, target, QType::A, "192.0.2.2", DNSResourceRecord::ANSWER, now + 29);
g_recCache->replace(now - 30, target, QType(QType::A), records, sigs, vector<std::shared_ptr<DNSRecord>>(), true, g_rootdnsname, boost::optional<Netmask>());
/* check that the record in the answer section has not been cached */
const ComboAddress who;
vector<DNSRecord> cached;
- vector<std::shared_ptr<RRSIGRecordContent>> signatures;
+ vector<std::shared_ptr<const RRSIGRecordContent>> signatures;
BOOST_REQUIRE_GT(g_recCache->get(now, target, QType(QType::A), MemRecursorCache::None, &cached, who, boost::none, &signatures), 0);
}
dr.d_name = target;
dr.d_type = QType::A;
dr.d_ttl = 1800;
- dr.d_content = std::make_shared<ARecordContent>(targetAddr);
+ dr.setContent(std::make_shared<ARecordContent>(targetAddr));
ad.d_records.insert(dr);
(*SyncRes::t_sstorage.domainmap)[authZone] = ad;
dr.d_name = target;
dr.d_type = QType::CNAME;
dr.d_ttl = 1800;
- dr.d_content = std::make_shared<CNAMERecordContent>(targetCname);
+ dr.setContent(std::make_shared<CNAMERecordContent>(targetCname));
ad.d_records.insert(dr);
dr.d_place = DNSResourceRecord::ANSWER;
dr.d_name = targetCname;
dr.d_type = QType::A;
dr.d_ttl = 1800;
- dr.d_content = std::make_shared<ARecordContent>(targetCnameAddr);
+ dr.setContent(std::make_shared<ARecordContent>(targetCnameAddr));
ad.d_records.insert(dr);
(*SyncRes::t_sstorage.domainmap)[authZone] = ad;
dr.d_name = target;
dr.d_type = QType::SOA;
dr.d_ttl = 3600;
- dr.d_content = std::make_shared<SOARecordContent>("pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600");
+ dr.setContent(std::make_shared<SOARecordContent>("pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600"));
ad.d_records.insert(dr);
dr.d_place = DNSResourceRecord::ANSWER;
dr.d_name = target;
dr.d_type = QType::A;
dr.d_ttl = 3600;
- dr.d_content = std::make_shared<ARecordContent>(addr);
+ dr.setContent(std::make_shared<ARecordContent>(addr));
ad.d_records.insert(dr);
auto map = std::make_shared<SyncRes::domainmap_t>();
dr.d_name = authZone;
dr.d_type = QType::SOA;
dr.d_ttl = 3600;
- dr.d_content = std::make_shared<SOARecordContent>("pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600");
+ dr.setContent(std::make_shared<SOARecordContent>("pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600"));
ad.d_records.insert(dr);
dr.d_place = DNSResourceRecord::ANSWER;
dr.d_name = authZone;
dr.d_type = QType::A;
dr.d_ttl = 3600;
- dr.d_content = std::make_shared<ARecordContent>(addr);
+ dr.setContent(std::make_shared<ARecordContent>(addr));
ad.d_records.insert(dr);
auto map = std::make_shared<SyncRes::domainmap_t>();
dr.d_name = target;
dr.d_type = QType::SOA;
dr.d_ttl = 3600;
- dr.d_content = std::make_shared<SOARecordContent>("pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600");
+ dr.setContent(std::make_shared<SOARecordContent>("pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600"));
ad.d_records.insert(dr);
dr.d_place = DNSResourceRecord::ANSWER;
dr.d_name = target;
dr.d_type = QType::CNAME;
dr.d_ttl = 3600;
- dr.d_content = std::make_shared<CNAMERecordContent>(externalCNAME);
+ dr.setContent(std::make_shared<CNAMERecordContent>(externalCNAME));
ad.d_records.insert(dr);
auto map = std::make_shared<SyncRes::domainmap_t>();
dr.d_name = target;
dr.d_type = QType::SOA;
dr.d_ttl = 3600;
- dr.d_content = std::make_shared<SOARecordContent>("pdns-public-ns1.powerdns.corp. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600");
+ dr.setContent(std::make_shared<SOARecordContent>("pdns-public-ns1.powerdns.corp. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600"));
ad.d_records.insert(dr);
dr.d_place = DNSResourceRecord::ANSWER;
dr.d_name = target;
dr.d_type = QType::A;
dr.d_ttl = 3600;
- dr.d_content = std::make_shared<ARecordContent>(addr);
+ dr.setContent(std::make_shared<ARecordContent>(addr));
ad.d_records.insert(dr);
auto map = std::make_shared<SyncRes::domainmap_t>();
dr.d_name = target;
dr.d_type = QType::A;
dr.d_ttl = 3600;
- dr.d_content = std::make_shared<ARecordContent>(ComboAddress("192.0.2.1"));
+ dr.setContent(std::make_shared<ARecordContent>(ComboAddress("192.0.2.1")));
ad.d_records.insert(dr);
dr.d_place = DNSResourceRecord::ANSWER;
dr.d_name = authZone;
dr.d_type = QType::SOA;
dr.d_ttl = 3600;
- dr.d_content = std::make_shared<SOARecordContent>("pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600");
+ dr.setContent(std::make_shared<SOARecordContent>("pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600"));
ad.d_records.insert(dr);
auto map = std::make_shared<SyncRes::domainmap_t>();
dr.d_name = DNSName("powerdns.com.");
dr.d_type = QType::SOA;
dr.d_ttl = 3600;
- dr.d_content = std::make_shared<SOARecordContent>("pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600");
+ dr.setContent(std::make_shared<SOARecordContent>("pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600"));
ad.d_records.insert(dr);
auto map = std::make_shared<SyncRes::domainmap_t>();
dr.d_name = authZone;
dr.d_type = QType::SOA;
dr.d_ttl = 3600;
- dr.d_content = std::make_shared<SOARecordContent>("pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600");
+ dr.setContent(std::make_shared<SOARecordContent>("pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600"));
ad.d_records.insert(dr);
dr.d_place = DNSResourceRecord::ANSWER;
dr.d_name = DNSName("test.powerdns.com.");
dr.d_type = QType::NS;
dr.d_ttl = 3600;
- dr.d_content = std::make_shared<NSRecordContent>(ns);
+ dr.setContent(std::make_shared<NSRecordContent>(ns));
ad.d_records.insert(dr);
dr.d_place = DNSResourceRecord::ANSWER;
dr.d_name = ns;
dr.d_type = QType::A;
dr.d_ttl = 3600;
- dr.d_content = std::make_shared<ARecordContent>(nsAddr);
+ dr.setContent(std::make_shared<ARecordContent>(nsAddr));
ad.d_records.insert(dr);
auto map = std::make_shared<SyncRes::domainmap_t>();
dr.d_name = authZone;
dr.d_type = QType::SOA;
dr.d_ttl = 3600;
- dr.d_content = std::make_shared<SOARecordContent>("pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600");
+ dr.setContent(std::make_shared<SOARecordContent>("pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600"));
ad.d_records.insert(dr);
dr.d_place = DNSResourceRecord::ANSWER;
dr.d_name = DNSName("test.powerdns.com.");
dr.d_type = QType::NS;
dr.d_ttl = 3600;
- dr.d_content = std::make_shared<NSRecordContent>(ns);
+ dr.setContent(std::make_shared<NSRecordContent>(ns));
ad.d_records.insert(dr);
dr.d_place = DNSResourceRecord::ANSWER;
dr.d_name = ns;
dr.d_type = QType::A;
dr.d_ttl = 3600;
- dr.d_content = std::make_shared<ARecordContent>(nsAddr);
+ dr.setContent(std::make_shared<ARecordContent>(nsAddr));
ad.d_records.insert(dr);
auto map = std::make_shared<SyncRes::domainmap_t>();
dr.d_name = authZone;
dr.d_type = QType::SOA;
dr.d_ttl = 3600;
- dr.d_content = std::make_shared<SOARecordContent>("pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600");
+ dr.setContent(std::make_shared<SOARecordContent>("pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600"));
ad.d_records.insert(dr);
dr.d_place = DNSResourceRecord::ANSWER;
dr.d_name = DNSName("*.powerdns.com.");
dr.d_type = QType::A;
dr.d_ttl = 3600;
- dr.d_content = std::make_shared<ARecordContent>(targetAddr);
+ dr.setContent(std::make_shared<ARecordContent>(targetAddr));
ad.d_records.insert(dr);
auto map = std::make_shared<SyncRes::domainmap_t>();
dr.d_name = authZone;
dr.d_type = QType::SOA;
dr.d_ttl = 3600;
- dr.d_content = std::make_shared<SOARecordContent>("pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600");
+ dr.setContent(std::make_shared<SOARecordContent>("pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600"));
ad.d_records.insert(dr);
dr.d_place = DNSResourceRecord::ANSWER;
dr.d_name = DNSName("abc.xyz.test.powerdns.com.");
dr.d_type = QType::A;
dr.d_ttl = 3600;
- dr.d_content = std::make_shared<ARecordContent>(targetAddr1);
+ dr.setContent(std::make_shared<ARecordContent>(targetAddr1));
ad.d_records.insert(dr);
dr.d_place = DNSResourceRecord::ANSWER;
dr.d_name = DNSName("*.powerdns.com.");
dr.d_type = QType::A;
dr.d_ttl = 3600;
- dr.d_content = std::make_shared<ARecordContent>(targetAddr2);
+ dr.setContent(std::make_shared<ARecordContent>(targetAddr2));
ad.d_records.insert(dr);
auto map = std::make_shared<SyncRes::domainmap_t>();
dr.d_name = authZone;
dr.d_type = QType::SOA;
dr.d_ttl = 3600;
- dr.d_content = std::make_shared<SOARecordContent>("pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600");
+ dr.setContent(std::make_shared<SOARecordContent>("pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600"));
ad.d_records.insert(dr);
dr.d_place = DNSResourceRecord::ANSWER;
dr.d_name = DNSName("*.powerdns.com.");
dr.d_type = QType::A;
dr.d_ttl = 3600;
- dr.d_content = std::make_shared<ARecordContent>(targetAddr);
+ dr.setContent(std::make_shared<ARecordContent>(targetAddr));
ad.d_records.insert(dr);
auto map = std::make_shared<SyncRes::domainmap_t>();
dr.d_name = target;
dr.d_type = QType::SOA;
dr.d_ttl = 3600;
- dr.d_content = std::make_shared<SOARecordContent>("pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600");
+ dr.setContent(std::make_shared<SOARecordContent>("pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600"));
ad.d_records.insert(dr);
dr.d_place = DNSResourceRecord::ANSWER;
dr.d_name = target;
dr.d_type = QType::A;
dr.d_ttl = 3600;
- dr.d_content = std::make_shared<ARecordContent>(addr);
+ dr.setContent(std::make_shared<ARecordContent>(addr));
ad.d_records.insert(dr);
auto map = std::make_shared<SyncRes::domainmap_t>();
skeyset_t keyset;
keyset.insert(std::make_shared<DNSKEYRecordContent>(dpk.getDNSKEY()));
- std::vector<std::shared_ptr<RRSIGRecordContent>> sigs;
+ std::vector<std::shared_ptr<const RRSIGRecordContent>> sigs;
sigs.push_back(std::make_shared<RRSIGRecordContent>(rrc));
BOOST_CHECK(validateWithKeySet(now, qname, recordcontents, sigs, keyset, std::nullopt) == vState::Secure);
vector<DNSRecord> records;
sortedRecords_t recordContents;
- vector<shared_ptr<RRSIGRecordContent>> signatureContents;
+ vector<shared_ptr<const RRSIGRecordContent>> signatureContents;
/*
No wrap test case:
a.example.org. -> d.example.org. denies the existence of b.example.org.
*/
addNSECRecordToLW(DNSName("a.example.org."), DNSName("d.example.org"), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, records);
- recordContents.insert(records.at(0).d_content);
+ recordContents.insert(records.at(0).getContent());
addRRSIG(keys, records, DNSName("example.org."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
records.clear();
recordContents.clear();
signatureContents.clear();
addNSECRecordToLW(DNSName("example.org."), DNSName("+.example.org"), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, records);
- recordContents.insert(records.at(0).d_content);
+ recordContents.insert(records.at(0).getContent());
addRRSIG(keys, records, DNSName("example.org."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
records.clear();
vector<DNSRecord> records;
sortedRecords_t recordContents;
- vector<shared_ptr<RRSIGRecordContent>> signatureContents;
+ vector<shared_ptr<const RRSIGRecordContent>> signatureContents;
/*
Wrap case 1 test case:
z.example.org. -> b.example.org. denies the existence of a.example.org.
*/
addNSECRecordToLW(DNSName("z.example.org."), DNSName("b.example.org"), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, records);
- recordContents.insert(records.at(0).d_content);
+ recordContents.insert(records.at(0).getContent());
addRRSIG(keys, records, DNSName("example.org."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
records.clear();
vector<DNSRecord> records;
sortedRecords_t recordContents;
- vector<shared_ptr<RRSIGRecordContent>> signatureContents;
+ vector<shared_ptr<const RRSIGRecordContent>> signatureContents;
/*
Wrap case 2 test case:
y.example.org. -> a.example.org. denies the existence of z.example.org.
*/
addNSECRecordToLW(DNSName("y.example.org."), DNSName("a.example.org"), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, records);
- recordContents.insert(records.at(0).d_content);
+ recordContents.insert(records.at(0).getContent());
addRRSIG(keys, records, DNSName("example.org."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
records.clear();
vector<DNSRecord> records;
sortedRecords_t recordContents;
- vector<shared_ptr<RRSIGRecordContent>> signatureContents;
+ vector<shared_ptr<const RRSIGRecordContent>> signatureContents;
/*
Only one NSEC in the whole zone test case:
a.example.org. -> a.example.org. denies the existence of b.example.org.
*/
addNSECRecordToLW(DNSName("a.example.org."), DNSName("a.example.org"), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, records);
- recordContents.insert(records.at(0).d_content);
+ recordContents.insert(records.at(0).getContent());
addRRSIG(keys, records, DNSName("example.org."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
records.clear();
vector<DNSRecord> records;
sortedRecords_t recordContents;
- vector<shared_ptr<RRSIGRecordContent>> signatureContents;
+ vector<shared_ptr<const RRSIGRecordContent>> signatureContents;
/*
The RRSIG from "." denies the existence of anything between a. and c.,
including b.
*/
addNSECRecordToLW(DNSName("a."), DNSName("c."), {QType::NS}, 600, records);
- recordContents.insert(records.at(0).d_content);
+ recordContents.insert(records.at(0).getContent());
addRRSIG(keys, records, DNSName("."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
records.clear();
recordContents.clear();
signatureContents.clear();
addNSECRecordToLW(DNSName("."), DNSName("+"), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, records);
- recordContents.insert(records.at(0).d_content);
+ recordContents.insert(records.at(0).getContent());
addRRSIG(keys, records, DNSName("."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
records.clear();
vector<DNSRecord> records;
sortedRecords_t recordContents;
- vector<shared_ptr<RRSIGRecordContent>> signatureContents;
+ vector<shared_ptr<const RRSIGRecordContent>> signatureContents;
/*
The RRSIG from "." denies the existence of any type except NS at a.
or a DS.
*/
addNSECRecordToLW(DNSName("a."), DNSName("b."), {QType::NS}, 600, records);
- recordContents.insert(records.at(0).d_content);
+ recordContents.insert(records.at(0).getContent());
addRRSIG(keys, records, DNSName("."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
records.clear();
vector<DNSRecord> records;
sortedRecords_t recordContents;
- vector<shared_ptr<RRSIGRecordContent>> signatureContents;
+ vector<shared_ptr<const RRSIGRecordContent>> signatureContents;
addNSECRecordToLW(DNSName("example.org."), DNSName("a.example.org"), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, records);
- recordContents.insert(records.at(0).d_content);
+ recordContents.insert(records.at(0).getContent());
addRRSIG(keys, records, DNSName("example.org."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
records.clear();
vector<DNSRecord> records;
sortedRecords_t recordContents;
- vector<shared_ptr<RRSIGRecordContent>> signatureContents;
+ vector<shared_ptr<const RRSIGRecordContent>> signatureContents;
/*
* RFC 5155 section 8.9:
we correctly detect that it's not.
*/
addNSECRecordToLW(DNSName("a."), DNSName("b."), {}, 600, records);
- recordContents.insert(records.at(0).d_content);
+ recordContents.insert(records.at(0).getContent());
addRRSIG(keys, records, DNSName("."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
records.clear();
vector<DNSRecord> records;
sortedRecords_t recordContents;
- vector<shared_ptr<RRSIGRecordContent>> signatureContents;
+ vector<shared_ptr<const RRSIGRecordContent>> signatureContents;
/*
* RFC 5155 section 8.9:
NS has to be set since it is proving an insecure delegation, but SOA should NOT!
*/
addNSECRecordToLW(DNSName("a."), DNSName("b."), {QType::NS, QType::SOA}, 600, records);
- recordContents.insert(records.at(0).d_content);
+ recordContents.insert(records.at(0).getContent());
addRRSIG(keys, records, DNSName("."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
records.clear();
vector<DNSRecord> records;
sortedRecords_t recordContents;
- vector<shared_ptr<RRSIGRecordContent>> signatureContents;
+ vector<shared_ptr<const RRSIGRecordContent>> signatureContents;
addNSECRecordToLW(DNSName("a.powerdns.com."), DNSName("a.c.powerdns.com."), {QType::CNAME}, 600, records);
- recordContents.insert(records.at(0).d_content);
+ recordContents.insert(records.at(0).getContent());
addRRSIG(keys, records, DNSName("powerdns.com."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
records.clear();
vector<DNSRecord> records;
sortedRecords_t recordContents;
- vector<shared_ptr<RRSIGRecordContent>> signatureContents;
+ vector<shared_ptr<const RRSIGRecordContent>> signatureContents;
addNSEC3UnhashedRecordToLW(DNSName("powerdns.com."), DNSName("powerdns.com."), "whatever", {QType::A}, 600, records);
- recordContents.insert(records.at(0).d_content);
+ recordContents.insert(records.at(0).getContent());
addRRSIG(keys, records, DNSName("powerdns.com."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
vector<DNSRecord> records;
sortedRecords_t recordContents;
- vector<shared_ptr<RRSIGRecordContent>> signatureContents;
+ vector<shared_ptr<const RRSIGRecordContent>> signatureContents;
addNSEC3UnhashedRecordToLW(DNSName("a.powerdns.com."), DNSName("powerdns.com."), "whatever", {QType::CNAME}, 600, records);
- recordContents.insert(records.at(0).d_content);
+ recordContents.insert(records.at(0).getContent());
addRRSIG(keys, records, DNSName("powerdns.com."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
vector<DNSRecord> records;
sortedRecords_t recordContents;
- vector<shared_ptr<RRSIGRecordContent>> signatureContents;
+ vector<shared_ptr<const RRSIGRecordContent>> signatureContents;
addNSECRecordToLW(DNSName("a.powerdns.com."), DNSName("d.powerdns.com"), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, records);
- recordContents.insert(records.at(0).d_content);
+ recordContents.insert(records.at(0).getContent());
addRRSIG(keys, records, DNSName("powerdns.com."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
records.clear();
vector<DNSRecord> records;
sortedRecords_t recordContents;
- vector<shared_ptr<RRSIGRecordContent>> signatureContents;
+ vector<shared_ptr<const RRSIGRecordContent>> signatureContents;
addNSEC3NarrowRecordToLW(DNSName("a.powerdns.com."), DNSName("powerdns.com."), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, records, 10);
- recordContents.insert(records.at(0).d_content);
+ recordContents.insert(records.at(0).getContent());
addRRSIG(keys, records, DNSName("powerdns.com."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
signatureContents.clear();
records.clear();
addNSEC3UnhashedRecordToLW(DNSName("powerdns.com."), DNSName("powerdns.com."), "whatever", {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, records, 10);
- recordContents.insert(records.at(0).d_content);
+ recordContents.insert(records.at(0).getContent());
addRRSIG(keys, records, DNSName("powerdns.com."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
vector<DNSRecord> records;
sortedRecords_t recordContents;
- vector<shared_ptr<RRSIGRecordContent>> signatureContents;
+ vector<shared_ptr<const RRSIGRecordContent>> signatureContents;
/* proves that a.example.com does exist, and has been generated from a wildcard (see the RRSIG below) */
addNSECRecordToLW(DNSName("a.example.org."), DNSName("d.example.org"), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, records);
- recordContents.insert(records.at(0).d_content);
+ recordContents.insert(records.at(0).getContent());
addRRSIG(keys, records, DNSName("example.org."), 300, false, boost::none, DNSName("example.org."));
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
records.clear();
vector<DNSRecord> records;
sortedRecords_t recordContents;
- vector<shared_ptr<RRSIGRecordContent>> signatureContents;
+ vector<shared_ptr<const RRSIGRecordContent>> signatureContents;
/* proves that b.example.com does not exist */
addNSECRecordToLW(DNSName("a.example.org."), DNSName("d.example.org"), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, records);
- recordContents.insert(records.at(0).d_content);
+ recordContents.insert(records.at(0).getContent());
addRRSIG(keys, records, DNSName("example.org."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
records.clear();
recordContents.clear();
signatureContents.clear();
addNSECRecordToLW(DNSName("*.example.org."), DNSName("+.example.org"), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, records);
- recordContents.insert(records.at(0).d_content);
+ recordContents.insert(records.at(0).getContent());
addRRSIG(keys, records, DNSName("example.org."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
records.clear();
recordContents.clear();
signatureContents.clear();
addNSECRecordToLW(DNSName("*.example.org."), DNSName("+.example.org"), {QType::CNAME, QType::RRSIG, QType::NSEC}, 600, records);
- recordContents.insert(records.at(0).d_content);
+ recordContents.insert(records.at(0).getContent());
addRRSIG(keys, records, DNSName("example.org."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
records.clear();
vector<DNSRecord> records;
sortedRecords_t recordContents;
- vector<shared_ptr<RRSIGRecordContent>> signatureContents;
+ vector<shared_ptr<const RRSIGRecordContent>> signatureContents;
/* proves that b.example.com does not exist */
addNSEC3NarrowRecordToLW(DNSName("b.example.org"), DNSName("example.org."), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC3}, 600, records);
- recordContents.insert(records.at(0).d_content);
+ recordContents.insert(records.at(0).getContent());
addRRSIG(keys, records, DNSName("example.org."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
signatureContents.clear();
records.clear();
addNSEC3UnhashedRecordToLW(DNSName("example.org."), DNSName("example.org."), "whatever", {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, records);
- recordContents.insert(records.at(0).d_content);
+ recordContents.insert(records.at(0).getContent());
addRRSIG(keys, records, DNSName("example.org."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
signatureContents.clear();
records.clear();
addNSEC3UnhashedRecordToLW(DNSName("*.example.org."), DNSName("example.org"), "whatever", {QType::A, QType::TXT, QType::RRSIG, QType::NSEC3}, 600, records);
- recordContents.insert(records.at(0).d_content);
+ recordContents.insert(records.at(0).getContent());
addRRSIG(keys, records, DNSName("example.org."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
signatureContents.clear();
records.clear();
addNSEC3UnhashedRecordToLW(DNSName("*.example.org."), DNSName("example.org"), "whatever", {QType::CNAME, QType::RRSIG, QType::NSEC3}, 600, records);
- recordContents.insert(records.at(0).d_content);
+ recordContents.insert(records.at(0).getContent());
addRRSIG(keys, records, DNSName("example.org."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
vector<DNSRecord> records;
sortedRecords_t recordContents;
- vector<shared_ptr<RRSIGRecordContent>> signatureContents;
+ vector<shared_ptr<const RRSIGRecordContent>> signatureContents;
addNSECRecordToLW(DNSName("a.powerdns.com."), DNSName("a.c.powerdns.com."), {QType::A}, 600, records);
- recordContents.insert(records.at(0).d_content);
+ recordContents.insert(records.at(0).getContent());
addRRSIG(keys, records, DNSName("powerdns.com."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
records.clear();
recordContents.clear();
signatureContents.clear();
addNSECRecordToLW(DNSName(").powerdns.com."), DNSName("+.powerdns.com."), {}, 600, records);
- recordContents.insert(records.at(0).d_content);
+ recordContents.insert(records.at(0).getContent());
addRRSIG(keys, records, DNSName("powerdns.com."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
records.clear();
vector<DNSRecord> records;
sortedRecords_t recordContents;
- vector<shared_ptr<RRSIGRecordContent>> signatureContents;
+ vector<shared_ptr<const RRSIGRecordContent>> signatureContents;
/*
The RRSIG from "." denies the existence of any type except NS at a.
be used to deny anything except the whole name or a DS.
*/
addNSEC3UnhashedRecordToLW(DNSName("a."), DNSName("."), "whatever", {QType::NS}, 600, records);
- recordContents.insert(records.at(0).d_content);
+ recordContents.insert(records.at(0).getContent());
addRRSIG(keys, records, DNSName("."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
signatureContents.clear();
records.clear();
addNSEC3NarrowRecordToLW(DNSName("sub.a."), DNSName("."), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC3}, 600, records);
- recordContents.insert(records.at(0).d_content);
+ recordContents.insert(records.at(0).getContent());
addRRSIG(keys, records, DNSName("."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
signatureContents.clear();
records.clear();
addNSEC3NarrowRecordToLW(DNSName("*.a."), DNSName("."), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC3}, 600, records);
- recordContents.insert(records.at(0).d_content);
+ recordContents.insert(records.at(0).getContent());
addRRSIG(keys, records, DNSName("."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
vector<DNSRecord> records;
sortedRecords_t recordContents;
- vector<shared_ptr<RRSIGRecordContent>> signatureContents;
+ vector<shared_ptr<const RRSIGRecordContent>> signatureContents;
/* adding a NSEC3 with more iterations that we support */
addNSEC3UnhashedRecordToLW(DNSName("a."), DNSName("."), "whatever", {QType::AAAA}, 600, records, g_maxNSEC3Iterations + 100);
- recordContents.insert(records.at(0).d_content);
+ recordContents.insert(records.at(0).getContent());
addRRSIG(keys, records, DNSName("."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
vector<DNSRecord> records;
sortedRecords_t recordContents;
- vector<shared_ptr<RRSIGRecordContent>> signatureContents;
+ vector<shared_ptr<const RRSIGRecordContent>> signatureContents;
/*
* RFC 5155 section 8.9:
we correctly detect that it's not.
*/
addNSEC3UnhashedRecordToLW(DNSName("a."), DNSName("."), "whatever", {}, 600, records);
- recordContents.insert(records.at(0).d_content);
+ recordContents.insert(records.at(0).getContent());
addRRSIG(keys, records, DNSName("."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
vector<DNSRecord> records;
sortedRecords_t recordContents;
- vector<shared_ptr<RRSIGRecordContent>> signatureContents;
+ vector<shared_ptr<const RRSIGRecordContent>> signatureContents;
/*
* RFC 5155 section 8.9:
NS has to be set since it is proving an insecure delegation, but SOA should NOT!
*/
addNSEC3UnhashedRecordToLW(DNSName("a."), DNSName("."), "whatever", {QType::NS, QType::SOA}, 600, records);
- recordContents.insert(records.at(0).d_content);
+ recordContents.insert(records.at(0).getContent());
addRRSIG(keys, records, DNSName("."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
vector<DNSRecord> records;
sortedRecords_t recordContents;
- vector<shared_ptr<RRSIGRecordContent>> signatureContents;
+ vector<shared_ptr<const RRSIGRecordContent>> signatureContents;
/*
* RFC 7129 section 5.1:
a wildcard proof).
*/
addNSEC3UnhashedRecordToLW(DNSName("was.here."), DNSName("."), "whatever", {}, 600, records, 10, true /* opt out */);
- recordContents.insert(records.at(0).d_content);
+ recordContents.insert(records.at(0).getContent());
addRRSIG(keys, records, DNSName("."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
signatureContents.clear();
records.clear();
addNSEC3NarrowRecordToLW(DNSName("ent.was.here."), DNSName("."), {QType::RRSIG, QType::NSEC3}, 600, records, 10, true /* opt-out */);
- recordContents.insert(records.at(0).d_content);
+ recordContents.insert(records.at(0).getContent());
addRRSIG(keys, records, DNSName("."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
/* check that the entry has not been cached for longer than the RRSIG validity */
const ComboAddress who;
vector<DNSRecord> cached;
- vector<std::shared_ptr<RRSIGRecordContent>> signatures;
+ vector<std::shared_ptr<const RRSIGRecordContent>> signatures;
BOOST_REQUIRE_EQUAL(g_recCache->get(tnow, target, QType(QType::A), MemRecursorCache::RequireAuth, &cached, who, boost::none, &signatures), 1);
BOOST_REQUIRE_EQUAL(cached.size(), 1U);
BOOST_REQUIRE_EQUAL(signatures.size(), 1U);
BOOST_CHECK_EQUAL(res, RCode::NoError);
BOOST_REQUIRE_EQUAL(ret.size(), 2U);
- BOOST_CHECK_EQUAL(ret[0].d_content->getZoneRepresentation(), cname.toString());
+ BOOST_CHECK_EQUAL(ret[0].getContent()->getZoneRepresentation(), cname.toString());
BOOST_REQUIRE_EQUAL(sentOutQnames.size(), 4U);
BOOST_CHECK_EQUAL(sentOutQnames[0].toString(), target.makeLowerCase().toString());
/* check that we accepted the DS from the parent, and not from the child zone */
BOOST_CHECK_GT(g_recCache->get(now, DNSName("powerdns.com."), QType(QType::DS), MemRecursorCache::None, &cached, who), 0);
BOOST_REQUIRE_EQUAL(cached.size(), 1U);
- BOOST_CHECK_EQUAL(cached.at(0).d_content->getZoneRepresentation(), "1 8 2 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
+ BOOST_CHECK_EQUAL(cached.at(0).getContent()->getZoneRepresentation(), "1 8 2 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
}
BOOST_AUTO_TEST_CASE(test_records_sanitization_scrubs_ns_nxd)
{"name", dr.d_name.toString()},
{"type", DNSRecordContent::NumberToType(dr.d_type)},
{"ttl", (double)dr.d_ttl},
- {"content", dr.d_content->getZoneRepresentation()}});
+ {"content", dr.getContent()->getZoneRepresentation()}});
}
// id is the canonical lookup key, which doesn't actually match the name (in some cases)
const SyncRes::AuthDomain& zone = val.second;
for (const SyncRes::AuthDomain::records_t::value_type& rr : zone.d_records) {
- if (pdns_ci_find(rr.d_name.toString(), q) == string::npos && pdns_ci_find(rr.d_content->getZoneRepresentation(), q) == string::npos)
+ if (pdns_ci_find(rr.d_name.toString(), q) == string::npos && pdns_ci_find(rr.getContent()->getZoneRepresentation(), q) == string::npos)
continue;
doc.push_back(Json::object{
{"zone_id", zoneId},
{"zone_name", zoneName},
{"name", rr.d_name.toString()},
- {"content", rr.d_content->getZoneRepresentation()}});
+ {"content", rr.getContent()->getZoneRepresentation()}});
}
}
resp->setJsonBody(doc);
rr.qname = i.first.d_name;
rr.qtype = i.first.d_type;
rr.ttl = i.first.d_ttl;
- rr.content = i.first.d_content->getZoneRepresentation(true);
+ rr.content = i.first.getContent()->getZoneRepresentation(true);
result->push_back(rr);
}
bool gotSOA=false;
for(const MOADNSParser::answers_t::value_type& drc : mdp.d_answers) {
if(drc.first.d_type == QType::SOA && drc.first.d_name == *domain) {
- shared_ptr<SOARecordContent> src=getRR<SOARecordContent>(drc.first);
+ auto src = getRR<SOARecordContent>(drc.first);
if (src) {
- *theirSerial=src->d_st.serial;
+ *theirSerial = src->d_st.serial;
gotSOA = true;
}
}
if(drc.first.d_type == QType::RRSIG && drc.first.d_name == *domain) {
- shared_ptr<RRSIGRecordContent> rrc=getRR<RRSIGRecordContent>(drc.first);
+ auto rrc = getRR<RRSIGRecordContent>(drc.first);
if(rrc && rrc->d_type == QType::SOA) {
*theirInception= std::max(*theirInception, rrc->d_siginception);
*theirExpire = std::max(*theirExpire, rrc->d_sigexpire);
if (rrType == QType::NSEC3PARAM) {
g_log<<Logger::Notice<<msgPrefix<<"Adding/updating NSEC3PARAM for zone, resetting ordernames."<<endl;
- *ns3pr = NSEC3PARAMRecordContent(rr->d_content->getZoneRepresentation(), di->zone);
+ *ns3pr = NSEC3PARAMRecordContent(rr->getContent()->getZoneRepresentation(), di->zone);
*narrow = false; // adding a NSEC3 will cause narrow mode to be dropped, as you cannot specify that in a NSEC3PARAM record
d_dk.setNSEC3PARAM(di->zone, *ns3pr, (*narrow));
*haveNSEC3 = true;
SOAData sdOld, sdUpdate;
DNSResourceRecord *oldRec = &rrset.front();
fillSOAData(oldRec->content, sdOld);
- oldRec->setContent(rr->d_content->getZoneRepresentation());
+ oldRec->setContent(rr->getContent()->getZoneRepresentation());
fillSOAData(oldRec->content, sdUpdate);
if (rfc1982LessThan(sdOld.serial, sdUpdate.serial)) {
di->backend->replaceRRSet(di->id, oldRec->qname, oldRec->qtype, rrset);
} else if (rrType == QType::CNAME) {
int changedCNames = 0;
for (auto& i : rrset) {
- if (i.ttl != rr->d_ttl || i.content != rr->d_content->getZoneRepresentation()) {
+ if (i.ttl != rr->d_ttl || i.content != rr->getContent()->getZoneRepresentation()) {
i.ttl = rr->d_ttl;
- i.setContent(rr->d_content->getZoneRepresentation());
+ i.setContent(rr->getContent()->getZoneRepresentation());
changedCNames++;
}
}
rrType.getCode() == QType::SRV) {
lowerCase = true;
}
- string content = rr->d_content->getZoneRepresentation();
+ string content = rr->getContent()->getZoneRepresentation();
if (lowerCase) content = toLower(content);
for (auto& i : rrset) {
string icontent = i.getZoneRepresentation();
if (rr->d_class == QClass::ANY)
d_dk.unsetNSEC3PARAM(rr->d_name);
else if (rr->d_class == QClass::NONE) {
- NSEC3PARAMRecordContent nsec3rr(rr->d_content->getZoneRepresentation(), di->zone);
+ NSEC3PARAMRecordContent nsec3rr(rr->getContent()->getZoneRepresentation(), di->zone);
if (*haveNSEC3 && ns3pr->getZoneRepresentation() == nsec3rr.getZoneRepresentation())
d_dk.unsetNSEC3PARAM(rr->d_name);
else
repr = rc->getZoneRepresentation(true);
DLOG(g_log<<msgPrefix<<"Adjusted TXT content to ["<<repr<<"]"<<endl);
}
- DLOG(g_log<<msgPrefix<<"Matching RR in RRset - (adjusted) representation from request=["<<repr<<"], rr->d_content->getZoneRepresentation()=["<<rr->d_content->getZoneRepresentation()<<"]"<<endl);
- if (rrType == rec.qtype && repr == rr->d_content->getZoneRepresentation())
+ DLOG(g_log<<msgPrefix<<"Matching RR in RRset - (adjusted) representation from request=["<<repr<<"], rr->getContent()->getZoneRepresentation()=["<<rr->getContent()->getZoneRepresentation()<<"]"<<endl);
+ if (rrType == rec.qtype && repr == rr->getContent()->getZoneRepresentation())
recordsToDelete.push_back(rec);
else
rrset.push_back(rec);
if (nsRRInZone.size() > nsRRtoDelete.size()) { // only delete if the NS's we delete are less then what we have in the zone (3.4.2.4)
for (auto& inZone: nsRRInZone) {
for (auto& rr: nsRRtoDelete) {
- if (inZone.getZoneRepresentation() == (rr)->d_content->getZoneRepresentation())
+ if (inZone.getZoneRepresentation() == (rr)->getContent()->getZoneRepresentation())
changedRecords += performUpdate(msgPrefix, rr, &di, isPresigned, &narrow, &haveNSEC3, &ns3pr, &updatedSerial);
}
}
for(MOADNSParser::answers_t::const_iterator i=mdp.d_answers.begin(); i!=mdp.d_answers.end(); ++i) {
if(i->first.d_type != QType::TKEY) continue;
// recover TKEY record
- tkrc = TKEYRecordContent(i->first.d_content->getZoneRepresentation());
+ tkrc = TKEYRecordContent(i->first.getContent()->getZoneRepresentation());
input = tkrc.d_key;
}
}
if (!tsig) {
std::cerr<<"Unexpected TSIG signature in data"<<endl;
}
- trc = TSIGRecordContent(i->first.d_content->getZoneRepresentation());
+ trc = TSIGRecordContent(i->first.getContent()->getZoneRepresentation());
continue;
}
if(i->first.d_type == QType::SOA)
++soacount;
}
else if (i->first.d_type == QType::NSEC3PARAM) {
- ns3pr = NSEC3PARAMRecordContent(i->first.d_content->getZoneRepresentation());
- isNSEC3 = true;
+ ns3pr = NSEC3PARAMRecordContent(i->first.getContent()->getZoneRepresentation());
+ isNSEC3 = true;
}
ostringstream o;
o<<"\t"<<i->first.d_ttl<<"\tIN\t"<<DNSRecordContent::NumberToType(i->first.d_type);
if(showdetails)
{
- o<<"\t"<<i->first.d_content->getZoneRepresentation();
+ o<<"\t"<<i->first.getContent()->getZoneRepresentation();
}
else if(i->first.d_type == QType::RRSIG)
{
- string zoneRep = i->first.d_content->getZoneRepresentation();
+ string zoneRep = i->first.getContent()->getZoneRepresentation();
vector<string> parts;
stringtok(parts, zoneRep);
o<<"\t"<<parts[0]<<" "<<parts[1]<<" "<<parts[2]<<" "<<parts[3]<<" [expiry] [inception] [keytag] "<<parts[7]<<" ...";
}
else if(i->first.d_type == QType::NSEC3)
{
- string zoneRep = i->first.d_content->getZoneRepresentation();
+ string zoneRep = i->first.getContent()->getZoneRepresentation();
vector<string> parts;
stringtok(parts, zoneRep);
o<<"\t"<<parts[0]<<" ";
}
else if(i->first.d_type == QType::DNSKEY)
{
- string zoneRep = i->first.d_content->getZoneRepresentation();
+ string zoneRep = i->first.getContent()->getZoneRepresentation();
vector<string> parts;
stringtok(parts, zoneRep);
o<<"\t"<<parts[0]<<" "<<parts[1]<<" "<<parts[2]<<" ...";
}
else
{
- o<<"\t"<<i->first.d_content->getZoneRepresentation();
+ o<<"\t"<<i->first.getContent()->getZoneRepresentation();
}
records.emplace_back(i->first.d_name, o.str());
<< ttl(i->first.d_ttl) << "\t" << nameForClass(i->first.d_class, i->first.d_type) << "\t"
<< DNSRecordContent::NumberToType(i->first.d_type);
if (dumpluaraw) {
- cout<<"\t"<< makeLuaString(i->first.d_content->serialize(DNSName(), true))<<endl;
+ cout<<"\t"<< makeLuaString(i->first.getContent()->serialize(DNSName(), true))<<endl;
continue;
}
if (i->first.d_class == QClass::IN) {
if (i->first.d_type == QType::RRSIG) {
- string zoneRep = i->first.d_content->getZoneRepresentation();
+ string zoneRep = i->first.getContent()->getZoneRepresentation();
vector<string> parts;
stringtok(parts, zoneRep);
cout << "\t" << parts[0] << " "
continue;
}
if (!showflags && i->first.d_type == QType::NSEC3) {
- string zoneRep = i->first.d_content->getZoneRepresentation();
+ string zoneRep = i->first.getContent()->getZoneRepresentation();
vector<string> parts;
stringtok(parts, zoneRep);
cout << "\t" << parts[0] << " [flags] "
continue;
}
if (i->first.d_type == QType::DNSKEY) {
- string zoneRep = i->first.d_content->getZoneRepresentation();
+ string zoneRep = i->first.getContent()->getZoneRepresentation();
vector<string> parts;
stringtok(parts, zoneRep);
cout << "\t" << parts[0] << " "
continue;
}
if (i->first.d_type == QType::SOA && hidesoadetails) {
- string zoneRep = i->first.d_content->getZoneRepresentation();
+ string zoneRep = i->first.getContent()->getZoneRepresentation();
vector<string> parts;
stringtok(parts, zoneRep);
cout << "\t" << parts[0] << " "
continue;
}
}
- cout << "\t" << i->first.d_content->getZoneRepresentation() << "\n";
+ cout << "\t" << i->first.getContent()->getZoneRepresentation() << "\n";
}
EDNSOpts edo;
soa.d_type = QType::SOA;
soa.d_ttl = sd.ttl;
soa.d_place = place;
- soa.d_content = makeSOAContent(edited);
+ soa.setContent(makeSOAContent(edited));
DNSZoneRecord dzr;
dzr.domain_id = sd.domain_id;
bool
dedupLessThan(const DNSZoneRecord& a, const DNSZoneRecord &b)
{
- return std::make_tuple(a.dr.d_content->getZoneRepresentation(), a.dr.d_ttl) < std::make_tuple(b.dr.d_content->getZoneRepresentation(), b.dr.d_ttl); // XXX SLOW SLOW SLOW
+ return std::make_tuple(a.dr.getContent()->getZoneRepresentation(), a.dr.d_ttl) < std::make_tuple(b.dr.getContent()->getZoneRepresentation(), b.dr.d_ttl); // XXX SLOW SLOW SLOW
}
bool dedupEqual(const DNSZoneRecord& a, const DNSZoneRecord &b)
{
- return std::make_tuple(a.dr.d_content->getZoneRepresentation(), a.dr.d_ttl) == std::make_tuple(b.dr.d_content->getZoneRepresentation(), b.dr.d_ttl); // XXX SLOW SLOW SLOW
+ return std::make_tuple(a.dr.getContent()->getZoneRepresentation(), a.dr.d_ttl) == std::make_tuple(b.dr.getContent()->getZoneRepresentation(), b.dr.d_ttl); // XXX SLOW SLOW SLOW
}
}
}
-void LOCRecordContent::toPacket(DNSPacketWriter& pw)
+void LOCRecordContent::toPacket(DNSPacketWriter& pw) const
{
pw.xfr8BitInt(d_version);
pw.xfr8BitInt(d_size);
st.serial=di.serial;
DNSRecord drsoa;
- drsoa.d_content = std::make_shared<SOARecordContent>(g_rootdnsname, g_rootdnsname, st);
+ drsoa.setContent(std::make_shared<SOARecordContent>(g_rootdnsname, g_rootdnsname, st));
auto deltas = getIXFRDeltas(remote, domain, drsoa, xfrTimeout, false, tt, laddr.sin4.sin_family ? &laddr : nullptr, ((size_t) ::arg().asNum("xfr-max-received-mbytes")) * 1024 * 1024);
zs.numDeltas=deltas.size();
// cout<<"Got "<<deltas.size()<<" deltas from serial "<<di.serial<<", applying.."<<endl;
cout<<"res: "<<res<<endl;
for(const auto& r : ret) {
- cout<<r.dr.d_content->getZoneRepresentation()<<endl;
+ cout<<r.dr.getContent()->getZoneRepresentation()<<endl;
}
}
catch(std::exception &e)
continue;
}
zrr.dr.d_type = QType::DNSKEY;
- zrr.dr.d_content = std::make_shared<DNSKEYRecordContent>(value.first.getDNSKEY());
+ zrr.dr.setContent(std::make_shared<DNSKEYRecordContent>(value.first.getDNSKEY()));
DNSName keyname = NSEC3Zone ? DNSName(toBase32Hex(hashQNameWithSalt(ns3pr, zrr.dr.d_name))) : zrr.dr.d_name;
zrrs.push_back(zrr);
zrr.dr.d_type=QType::CDNSKEY;
if (publishCDNSKEY == "0") {
doCDNSKEY = false;
- zrr.dr.d_content=PacketHandler::s_deleteCDNSKEYContent;
+ zrr.dr.setContent(PacketHandler::s_deleteCDNSKEYContent);
zrrs.push_back(zrr);
} else {
- zrr.dr.d_content = std::make_shared<DNSKEYRecordContent>(value.first.getDNSKEY());
+ zrr.dr.setContent(std::make_shared<DNSKEYRecordContent>(value.first.getDNSKEY()));
zrrs.push_back(zrr);
}
}
stringtok(digestAlgos, publishCDS, ", ");
if(std::find(digestAlgos.begin(), digestAlgos.end(), "0") != digestAlgos.end()) {
doCDS = false;
- zrr.dr.d_content=PacketHandler::s_deleteCDSContent;
+ zrr.dr.setContent(PacketHandler::s_deleteCDSContent);
zrrs.push_back(zrr);
} else {
for(auto const &digestAlgo : digestAlgos) {
- zrr.dr.d_content=std::make_shared<DSRecordContent>(makeDSFromDNSKey(target, value.first.getDNSKEY(), pdns::checked_stoi<uint8_t>(digestAlgo)));
+ zrr.dr.setContent(std::make_shared<DSRecordContent>(makeDSFromDNSKey(target, value.first.getDNSKEY(), pdns::checked_stoi<uint8_t>(digestAlgo))));
zrrs.push_back(zrr);
}
}
uint8_t flags = ns3pr.d_flags;
zrr.dr.d_type = QType::NSEC3PARAM;
ns3pr.d_flags = 0;
- zrr.dr.d_content = std::make_shared<NSEC3PARAMRecordContent>(ns3pr);
+ zrr.dr.setContent(std::make_shared<NSEC3PARAMRecordContent>(ns3pr));
ns3pr.d_flags = flags;
DNSName keyname = DNSName(toBase32Hex(hashQNameWithSalt(ns3pr, zrr.dr.d_name)));
zrrs.push_back(zrr);
zrr.dr.d_name = target;
zrr.dr.d_ttl = 0;
zrr.dr.d_type = QType::NS;
- zrr.dr.d_content = std::make_shared<NSRecordContent>("invalid.");
+ zrr.dr.setContent(std::make_shared<NSRecordContent>("invalid."));
zrrs.emplace_back(zrr);
}
if(zrr.dr.d_name.isPartOf(target)) {
if (zrr.dr.d_type == QType::ALIAS && ::arg().mustDo("outgoing-axfr-expand-alias")) {
vector<DNSZoneRecord> ips;
- int ret1 = stubDoResolve(getRR<ALIASRecordContent>(zrr.dr)->d_content, QType::A, ips);
- int ret2 = stubDoResolve(getRR<ALIASRecordContent>(zrr.dr)->d_content, QType::AAAA, ips);
+ int ret1 = stubDoResolve(getRR<ALIASRecordContent>(zrr.dr)->getContent(), QType::A, ips);
+ int ret2 = stubDoResolve(getRR<ALIASRecordContent>(zrr.dr)->getContent(), QType::AAAA, ips);
if(ret1 != RCode::NoError || ret2 != RCode::NoError) {
- g_log<<Logger::Warning<<logPrefix<<"error resolving for ALIAS "<<zrr.dr.d_content->getZoneRepresentation()<<", aborting AXFR"<<endl;
+ g_log<<Logger::Warning<<logPrefix<<"error resolving for ALIAS "<<zrr.dr.getContent()->getZoneRepresentation()<<", aborting AXFR"<<endl;
outpacket->setRcode(RCode::ServFail);
sendPacket(outpacket,outsock);
return 0;
}
- for(const auto& ip: ips) {
+ for (auto& ip: ips) {
zrr.dr.d_type = ip.dr.d_type;
- zrr.dr.d_content = ip.dr.d_content;
+ zrr.dr.setContent(ip.dr.getContent());
zrrs.push_back(zrr);
}
continue;
}
}
- for (auto loopRR : zrrs) {
+ for (auto& loopRR : zrrs) {
if ((loopRR.dr.d_type == QType::SVCB || loopRR.dr.d_type == QType::HTTPS)) {
// Process auto hints
// TODO this is an almost copy of the code in the packethandler
if (rrc == nullptr) {
continue;
}
- DNSName svcTarget = rrc->getTarget().isRoot() ? loopRR.dr.d_name : rrc->getTarget();
- if (rrc->autoHint(SvcParam::ipv4hint)) {
+ auto newRRC = rrc->clone();
+ if (!newRRC) {
+ continue;
+ }
+ DNSName svcTarget = newRRC->getTarget().isRoot() ? loopRR.dr.d_name : newRRC->getTarget();
+ if (newRRC->autoHint(SvcParam::ipv4hint)) {
sd.db->lookup(QType::A, svcTarget, sd.domain_id);
vector<ComboAddress> hints;
DNSZoneRecord rr;
hints.push_back(arrc->getCA());
}
if (hints.size() == 0) {
- rrc->removeParam(SvcParam::ipv4hint);
+ newRRC->removeParam(SvcParam::ipv4hint);
} else {
- rrc->setHints(SvcParam::ipv4hint, hints);
+ newRRC->setHints(SvcParam::ipv4hint, hints);
}
}
- if (rrc->autoHint(SvcParam::ipv6hint)) {
+ if (newRRC->autoHint(SvcParam::ipv6hint)) {
sd.db->lookup(QType::AAAA, svcTarget, sd.domain_id);
vector<ComboAddress> hints;
DNSZoneRecord rr;
hints.push_back(arrc->getCA());
}
if (hints.size() == 0) {
- rrc->removeParam(SvcParam::ipv6hint);
+ newRRC->removeParam(SvcParam::ipv6hint);
} else {
- rrc->setHints(SvcParam::ipv6hint, hints);
+ newRRC->setHints(SvcParam::ipv6hint, hints);
}
}
+
+ loopRR.dr.setContent(std::move(newRRC));
}
}
zrr.dr.d_name = iter->first+sd.qname;
zrr.dr.d_ttl = sd.getNegativeTTL();
- zrr.dr.d_content = std::make_shared<NSEC3RecordContent>(std::move(n3rc));
+ zrr.dr.setContent(std::make_shared<NSEC3RecordContent>(std::move(n3rc)));
zrr.dr.d_type = QType::NSEC3;
zrr.dr.d_place = DNSResourceRecord::ANSWER;
zrr.auth=true;
zrr.dr.d_name = iter->first;
zrr.dr.d_ttl = sd.getNegativeTTL();
- zrr.dr.d_content = std::make_shared<NSECRecordContent>(std::move(nrc));
+ zrr.dr.setContent(std::make_shared<NSECRecordContent>(std::move(nrc)));
zrr.dr.d_type = QType::NSEC;
zrr.dr.d_place = DNSResourceRecord::ANSWER;
zrr.auth=true;
const DNSRecord *rr = &answer.first;
if (rr->d_type == QType::SOA && rr->d_place == DNSResourceRecord::AUTHORITY) {
vector<string>parts;
- stringtok(parts, rr->d_content->getZoneRepresentation());
+ stringtok(parts, rr->getContent()->getZoneRepresentation());
if (parts.size() >= 3) {
try {
pdns::checked_stoi_into(serial, parts[2]);
rec.d_type = type;
rec.d_ttl = ttl;
- rec.d_content = getRecordContent(type, content);
+ rec.setContent(getRecordContent(type, content));
records.push_back(rec);
}
const auto& record = parser.d_answers.at(0).first;
BOOST_REQUIRE(record.d_type == QType::NSEC3);
BOOST_REQUIRE(record.d_class == QClass::IN);
- auto content = std::dynamic_pointer_cast<NSEC3RecordContent>(record.d_content);
+ auto content = getRR<NSEC3RecordContent>(record);
BOOST_REQUIRE(content);
BOOST_CHECK_EQUAL(content->numberOfTypesSet(), 0U);
for (size_t idx = 0; idx < 65536; idx++) {
BOOST_CHECK_EQUAL(answer.first.d_ttl, 0U);
BOOST_CHECK_EQUAL(tsigFound, false);
- shared_ptr<TSIGRecordContent> rectrc = getRR<TSIGRecordContent>(answer.first);
+ auto rectrc = getRR<TSIGRecordContent>(answer.first);
if (rectrc) {
trc = *rectrc;
theirMac = rectrc->d_mac;
return;
}
+ auto inception = time(nullptr);
// retain original name for response
tkey_out->d_error = 0;
tkey_out->d_mode = tkey_in.d_mode;
tkey_out->d_algo = tkey_in.d_algo;
- tkey_out->d_inception = time((time_t*)nullptr);
+ tkey_out->d_inception = inception;
tkey_out->d_expiration = tkey_out->d_inception+15;
if (tkey_in.d_mode == 3) { // establish context
zrr.dr.d_ttl = 0;
zrr.dr.d_type = QType::TKEY;
zrr.dr.d_class = QClass::ANY;
- zrr.dr.d_content = tkey_out;
+ zrr.dr.setContent(std::move(tkey_out));
zrr.dr.d_place = DNSResourceRecord::ANSWER;
r->addRecord(std::move(zrr));
{
TSIGRecordContent trc;
trc.d_algoName = DNSName("gss-tsig");
- trc.d_time = tkey_out->d_inception;
+ trc.d_time = inception;
trc.d_fudge = 300;
trc.d_mac = "";
trc.d_origID = p.d.id;
}
if(answer.first.d_type == QType::TSIG) {
- shared_ptr<TSIGRecordContent> trc = getRR<TSIGRecordContent>(answer.first);
+ auto trc = getRR<TSIGRecordContent>(answer.first);
if(trc) {
theirMac = trc->d_mac;
d_trc.d_time = trc->d_time;
DNSZoneRecord rr;
rr.dr.d_name = sd->qname;
rr.dr.d_type = QType::SOA;
- rr.dr.d_content = makeSOAContent(*sd);
+ rr.dr.setContent(makeSOAContent(*sd));
rr.dr.d_ttl = sd->ttl;
rr.domain_id = sd->domain_id;
DNSZoneRecord rr;
rr.dr.d_name = sd.qname;
rr.dr.d_type = QType::SOA;
- rr.dr.d_content = makeSOAContent(sd);
+ rr.dr.setContent(makeSOAContent(sd));
rr.dr.d_ttl = sd.ttl;
rr.domain_id = sd.domain_id;
return (key.d_flags & 128) != 0;
}
-static vector<shared_ptr<DNSKEYRecordContent > > getByTag(const skeyset_t& keys, uint16_t tag, uint8_t algorithm, const OptLog& log)
+static vector<shared_ptr<const DNSKEYRecordContent > > getByTag(const skeyset_t& keys, uint16_t tag, uint8_t algorithm, const OptLog& log)
{
- vector<shared_ptr<DNSKEYRecordContent>> ret;
+ vector<shared_ptr<const DNSKEYRecordContent>> ret;
for (const auto& key : keys) {
if (!isAZoneKey(*key)) {
using nsec3HashesCache = std::map<std::tuple<DNSName, std::string, uint16_t>, std::string>;
-static std::string getHashFromNSEC3(const DNSName& qname, const std::shared_ptr<NSEC3RecordContent>& nsec3, nsec3HashesCache& cache)
+static std::string getHashFromNSEC3(const DNSName& qname, const std::shared_ptr<const NSEC3RecordContent>& nsec3, nsec3HashesCache& cache)
{
std::string result;
Labels field of the covering RRSIG RR, then the RRset and its
covering RRSIG RR were created as a result of wildcard expansion."
*/
-bool isWildcardExpanded(unsigned int labelCount, const std::shared_ptr<RRSIGRecordContent>& sign)
+bool isWildcardExpanded(unsigned int labelCount, const std::shared_ptr<const RRSIGRecordContent>& sign)
{
if (sign && sign->d_labels < labelCount) {
return true;
return false;
}
-static bool isWildcardExpanded(const DNSName& owner, const std::vector<std::shared_ptr<RRSIGRecordContent> >& signatures)
+static bool isWildcardExpanded(const DNSName& owner, const std::vector<std::shared_ptr<const RRSIGRecordContent> >& signatures)
{
if (signatures.empty()) {
return false;
return isWildcardExpanded(labelsCount, sign);
}
-bool isWildcardExpandedOntoItself(const DNSName& owner, unsigned int labelCount, const std::shared_ptr<RRSIGRecordContent>& sign)
+bool isWildcardExpandedOntoItself(const DNSName& owner, unsigned int labelCount, const std::shared_ptr<const RRSIGRecordContent>& sign)
{
if (owner.isWildcard() && (labelCount - 1) == sign->d_labels) {
/* this is a wildcard alright, but it has not been expanded */
return false;
}
-static bool isWildcardExpandedOntoItself(const DNSName& owner, const std::vector<std::shared_ptr<RRSIGRecordContent> >& signatures)
+static bool isWildcardExpandedOntoItself(const DNSName& owner, const std::vector<std::shared_ptr<const RRSIGRecordContent> >& signatures)
{
if (signatures.empty()) {
return false;
/* if this is a wildcard NSEC, the owner name has been modified
to match the name. Make sure we use the original '*' form. */
-DNSName getNSECOwnerName(const DNSName& initialOwner, const std::vector<std::shared_ptr<RRSIGRecordContent> >& signatures)
+DNSName getNSECOwnerName(const DNSName& initialOwner, const std::vector<std::shared_ptr<const RRSIGRecordContent> >& signatures)
{
DNSName result = initialOwner;
return result;
}
-static bool isNSECAncestorDelegation(const DNSName& signer, const DNSName& owner, const std::shared_ptr<NSECRecordContent>& nsec)
+static bool isNSECAncestorDelegation(const DNSName& signer, const DNSName& owner, const std::shared_ptr<const NSECRecordContent>& nsec)
{
return nsec->isSet(QType::NS) &&
!nsec->isSet(QType::SOA) &&
signer.countLabels() < owner.countLabels();
}
-bool isNSEC3AncestorDelegation(const DNSName& signer, const DNSName& owner, const std::shared_ptr<NSEC3RecordContent>& nsec3)
+bool isNSEC3AncestorDelegation(const DNSName& signer, const DNSName& owner, const std::shared_ptr<const NSEC3RecordContent>& nsec3)
{
return nsec3->isSet(QType::NS) &&
!nsec3->isSet(QType::SOA) &&
if (v.first.second == QType::NSEC) {
for (const auto& r : v.second.records) {
VLOG(log, ":\t"<<r->getZoneRepresentation()<<endl);
- auto nsec = std::dynamic_pointer_cast<NSECRecordContent>(r);
+ auto nsec = std::dynamic_pointer_cast<const NSECRecordContent>(r);
if (!nsec) {
continue;
}
if (v.first.second == QType::NSEC) {
for (const auto& r : v.second.records) {
VLOG(log, qname << ":\t"<<r->getZoneRepresentation()<<endl);
- auto nsec = std::dynamic_pointer_cast<NSECRecordContent>(r);
+ auto nsec = std::dynamic_pointer_cast<const NSECRecordContent>(r);
if (!nsec) {
continue;
}
if (v.first.second == QType::NSEC3) {
for (const auto& r : v.second.records) {
VLOG(log, closestEncloser << ":\t"<<r->getZoneRepresentation()<<endl);
- auto nsec3 = std::dynamic_pointer_cast<NSEC3RecordContent>(r);
+ auto nsec3 = std::dynamic_pointer_cast<const NSEC3RecordContent>(r);
if (!nsec3) {
continue;
}
return false;
}
-dState matchesNSEC(const DNSName& name, uint16_t qtype, const DNSName& nsecOwner, const std::shared_ptr<NSECRecordContent>& nsec, const std::vector<std::shared_ptr<RRSIGRecordContent>>& signatures, const OptLog& log)
+dState matchesNSEC(const DNSName& name, uint16_t qtype, const DNSName& nsecOwner, const std::shared_ptr<const NSECRecordContent>& nsec, const std::vector<std::shared_ptr<const RRSIGRecordContent>>& signatures, const OptLog& log)
{
const DNSName signer = getSigner(signatures);
if (!name.isPartOf(signer) || !nsecOwner.isPartOf(signer)) {
continue;
}
- auto nsec = std::dynamic_pointer_cast<NSECRecordContent>(r);
+ auto nsec = std::dynamic_pointer_cast<const NSECRecordContent>(r);
if (!nsec) {
continue;
}
} else if(v.first.second==QType::NSEC3) {
for (const auto& r : v.second.records) {
VLOG(log, qname << ":\t"<<r->getZoneRepresentation()<<endl);
- auto nsec3 = std::dynamic_pointer_cast<NSEC3RecordContent>(r);
+ auto nsec3 = std::dynamic_pointer_cast<const NSEC3RecordContent>(r);
if (!nsec3) {
continue;
}
if(v.first.second==QType::NSEC3) {
for(const auto& r : v.second.records) {
VLOG(log, qname << ":\t"<<r->getZoneRepresentation()<<endl);
- auto nsec3 = std::dynamic_pointer_cast<NSEC3RecordContent>(r);
+ auto nsec3 = std::dynamic_pointer_cast<const NSEC3RecordContent>(r);
if (!nsec3) {
continue;
}
if(v.first.second==QType::NSEC3) {
for(const auto& r : v.second.records) {
VLOG(log, qname << ":\t"<<r->getZoneRepresentation()<<endl);
- auto nsec3 = std::dynamic_pointer_cast<NSEC3RecordContent>(r);
+ auto nsec3 = std::dynamic_pointer_cast<const NSEC3RecordContent>(r);
if(!nsec3)
continue;
return dState::NODENIAL;
}
-bool isRRSIGNotExpired(const time_t now, const shared_ptr<RRSIGRecordContent>& sig)
+bool isRRSIGNotExpired(const time_t now, const shared_ptr<const RRSIGRecordContent>& sig)
{
// Should use https://www.rfc-editor.org/rfc/rfc4034.txt section 3.1.5
return sig->d_sigexpire >= now;
}
-bool isRRSIGIncepted(const time_t now, const shared_ptr<RRSIGRecordContent>& sig)
+bool isRRSIGIncepted(const time_t now, const shared_ptr<const RRSIGRecordContent>& sig)
{
// Should use https://www.rfc-editor.org/rfc/rfc4034.txt section 3.1.5
return sig->d_siginception - g_signatureInceptionSkew <= now;
}
-static bool checkSignatureWithKey(const DNSName& qname, time_t now, const shared_ptr<RRSIGRecordContent> sig, const shared_ptr<DNSKEYRecordContent> key, const std::string& msg, vState& ede, const OptLog& log)
+static bool checkSignatureWithKey(const DNSName& qname, time_t now, const shared_ptr<const RRSIGRecordContent>& sig, const shared_ptr<const DNSKEYRecordContent>& key, const std::string& msg, vState& ede, const OptLog& log)
{
bool result = false;
try {
return result;
}
-vState validateWithKeySet(time_t now, const DNSName& name, const sortedRecords_t& toSign, const vector<shared_ptr<RRSIGRecordContent> >& signatures, const skeyset_t& keys, const OptLog& log, bool validateAllSigs)
+vState validateWithKeySet(time_t now, const DNSName& name, const sortedRecords_t& toSign, const vector<shared_ptr<const RRSIGRecordContent> >& signatures, const skeyset_t& keys, const OptLog& log, bool validateAllSigs)
{
bool foundKey = false;
bool isValid = false;
}
}
else {
- cspmap[{rec.d_name, rec.d_type}].records.insert(rec.d_content);
+ cspmap[{rec.d_name, rec.d_type}].records.insert(rec.getContent());
}
}
return cspmap;
return true;
}
-vState validateDNSKeysAgainstDS(time_t now, const DNSName& zone, const dsmap_t& dsmap, const skeyset_t& tkeys, const sortedRecords_t& toSign, const vector<shared_ptr<RRSIGRecordContent> >& sigs, skeyset_t& validkeys, const OptLog& log)
+vState validateDNSKeysAgainstDS(time_t now, const DNSName& zone, const dsmap_t& dsmap, const skeyset_t& tkeys, const sortedRecords_t& toSign, const vector<shared_ptr<const RRSIGRecordContent> >& sigs, skeyset_t& validkeys, const OptLog& log)
{
/*
* Check all DNSKEY records against all DS records and place all DNSKEY records
return true;
}
-DNSName getSigner(const std::vector<std::shared_ptr<RRSIGRecordContent> >& signatures)
+DNSName getSigner(const std::vector<std::shared_ptr<const RRSIGRecordContent> >& signatures)
{
for (const auto& sig : signatures) {
if (sig) {
struct ContentSigPair
{
sortedRecords_t records;
- vector<shared_ptr<RRSIGRecordContent>> signatures;
+ vector<shared_ptr<const RRSIGRecordContent>> signatures;
// ponder adding a validate method that accepts a key
};
typedef map<pair<DNSName,uint16_t>, ContentSigPair> cspmap_t;
struct sharedDNSKeyRecordContentCompare
{
- bool operator() (const shared_ptr<DNSKEYRecordContent>& a, const shared_ptr<DNSKEYRecordContent>& b) const
+ bool operator() (const shared_ptr<const DNSKEYRecordContent>& a, const shared_ptr<const DNSKEYRecordContent>& b) const
{
return *a < *b;
}
};
-typedef set<shared_ptr<DNSKEYRecordContent>, sharedDNSKeyRecordContentCompare > skeyset_t;
+typedef set<shared_ptr<const DNSKEYRecordContent>, sharedDNSKeyRecordContentCompare > skeyset_t;
-vState validateWithKeySet(time_t now, const DNSName& name, const sortedRecords_t& records, const vector<shared_ptr<RRSIGRecordContent> >& signatures, const skeyset_t& keys, const OptLog& log, bool validateAllSigs=true);
+vState validateWithKeySet(time_t now, const DNSName& name, const sortedRecords_t& records, const vector<shared_ptr<const RRSIGRecordContent> >& signatures, const skeyset_t& keys, const OptLog& log, bool validateAllSigs=true);
bool isCoveredByNSEC(const DNSName& name, const DNSName& begin, const DNSName& next);
bool isCoveredByNSEC3Hash(const std::string& h, const std::string& beginHash, const std::string& nextHash);
bool isCoveredByNSEC3Hash(const DNSName& h, const DNSName& beginHash, const DNSName& nextHash);
cspmap_t harvestCSPFromRecs(const vector<DNSRecord>& recs);
bool getTrustAnchor(const map<DNSName,dsmap_t>& anchors, const DNSName& zone, dsmap_t &res);
bool haveNegativeTrustAnchor(const map<DNSName,std::string>& negAnchors, const DNSName& zone, std::string& reason);
-vState validateDNSKeysAgainstDS(time_t now, const DNSName& zone, const dsmap_t& dsmap, const skeyset_t& tkeys, const sortedRecords_t& toSign, const vector<shared_ptr<RRSIGRecordContent> >& sigs, skeyset_t& validkeys, const OptLog&);
+vState validateDNSKeysAgainstDS(time_t now, const DNSName& zone, const dsmap_t& dsmap, const skeyset_t& tkeys, const sortedRecords_t& toSign, const vector<shared_ptr<const RRSIGRecordContent> >& sigs, skeyset_t& validkeys, const OptLog&);
dState getDenial(const cspmap_t &validrrsets, const DNSName& qname, const uint16_t qtype, bool referralToUnsigned, bool wantsNoDataProof, const OptLog& log = std::nullopt, bool needsWildcardProof=true, unsigned int wildcardLabelsCount=0);
bool isSupportedDS(const DSRecordContent& ds, const OptLog&);
-DNSName getSigner(const std::vector<std::shared_ptr<RRSIGRecordContent> >& signatures);
+DNSName getSigner(const std::vector<std::shared_ptr<const RRSIGRecordContent> >& signatures);
bool denialProvesNoDelegation(const DNSName& zone, const std::vector<DNSRecord>& dsrecords);
-bool isRRSIGNotExpired(const time_t now, const std::shared_ptr<RRSIGRecordContent>& sig);
-bool isRRSIGIncepted(const time_t now, const shared_ptr<RRSIGRecordContent>& sig);
-bool isWildcardExpanded(unsigned int labelCount, const std::shared_ptr<RRSIGRecordContent>& sign);
-bool isWildcardExpandedOntoItself(const DNSName& owner, unsigned int labelCount, const std::shared_ptr<RRSIGRecordContent>& sign);
+bool isRRSIGNotExpired(const time_t now, const std::shared_ptr<const RRSIGRecordContent>& sig);
+bool isRRSIGIncepted(const time_t now, const shared_ptr<const RRSIGRecordContent>& sig);
+bool isWildcardExpanded(unsigned int labelCount, const std::shared_ptr<const RRSIGRecordContent>& sign);
+bool isWildcardExpandedOntoItself(const DNSName& owner, unsigned int labelCount, const std::shared_ptr<const RRSIGRecordContent>& sign);
void updateDNSSECValidationState(vState& state, const vState stateUpdate);
-dState matchesNSEC(const DNSName& name, uint16_t qtype, const DNSName& nsecOwner, const std::shared_ptr<NSECRecordContent>& nsec, const std::vector<std::shared_ptr<RRSIGRecordContent>>& signatures, const OptLog&);
+dState matchesNSEC(const DNSName& name, uint16_t qtype, const DNSName& nsecOwner, const std::shared_ptr<const NSECRecordContent>& nsec, const std::vector<std::shared_ptr<const RRSIGRecordContent>>& signatures, const OptLog&);
-bool isNSEC3AncestorDelegation(const DNSName& signer, const DNSName& owner, const std::shared_ptr<NSEC3RecordContent>& nsec3);
-DNSName getNSECOwnerName(const DNSName& initialOwner, const std::vector<std::shared_ptr<RRSIGRecordContent> >& signatures);
+bool isNSEC3AncestorDelegation(const DNSName& signer, const DNSName& owner, const std::shared_ptr<const NSEC3RecordContent>& nsec3);
+DNSName getNSECOwnerName(const DNSName& initialOwner, const std::vector<std::shared_ptr<const RRSIGRecordContent> >& signatures);
DNSName getClosestEncloserFromNSEC(const DNSName& name, const DNSName& owner, const DNSName& next);
template <typename NSEC> bool isTypeDenied(const NSEC& nsec, const QType& type)
}
DNSRecord rec;
rec.d_name = dnsResourceRecord.qname;
- rec.d_content = drc;
+ rec.setContent(std::move(drc));
rec.d_type = dnsResourceRecord.qtype;
rec.d_class = dnsResourceRecord.qclass;
rec.d_ttl = dnsResourceRecord.ttl;
if (record.d_class == QClass::IN && record.d_name == d_zone) {
switch (record.d_type) {
case QType::SOA: {
- d_soaRecordContent = std::dynamic_pointer_cast<SOARecordContent>(record.d_content);
+ d_soaRecordContent = getRR<SOARecordContent>(record);
if (d_soaRecordContent == nullptr) {
throw PDNSException("Invalid SOA record");
}
break;
}
case QType::DNSKEY: {
- auto dnskey = std::dynamic_pointer_cast<DNSKEYRecordContent>(record.d_content);
+ auto dnskey = getRR<DNSKEYRecordContent>(record);
if (dnskey == nullptr) {
throw PDNSException("Invalid DNSKEY record");
}
break;
}
case QType::ZONEMD: {
- auto zonemd = std::dynamic_pointer_cast<ZONEMDRecordContent>(record.d_content);
+ auto zonemd = getRR<ZONEMDRecordContent>(record);
if (zonemd == nullptr) {
throw PDNSException("Invalid ZONEMD record");
}
break;
}
case QType::RRSIG: {
- auto rrsig = std::dynamic_pointer_cast<RRSIGRecordContent>(record.d_content);
+ auto rrsig = getRR<RRSIGRecordContent>(record);
if (rrsig == nullptr) {
throw PDNSException("Invalid RRSIG record");
}
break;
}
case QType::NSEC: {
- auto nsec = std::dynamic_pointer_cast<NSECRecordContent>(record.d_content);
+ auto nsec = getRR<NSECRecordContent>(record);
if (nsec == nullptr) {
throw PDNSException("Invalid NSEC record");
}
// Handled below
break;
case QType::NSEC3PARAM: {
- auto param = std::dynamic_pointer_cast<NSEC3PARAMRecordContent>(record.d_content);
+ auto param = getRR<NSEC3PARAMRecordContent>(record);
if (param == nullptr) {
throw PDNSException("Invalid NSEC3PARAM record");
}
if (record.d_class == QClass::IN && (d_nsec3label.empty() || record.d_name == d_nsec3label)) {
switch (record.d_type) {
case QType::NSEC3: {
- auto nsec3 = std::dynamic_pointer_cast<NSEC3RecordContent>(record.d_content);
+ auto nsec3 = getRR<NSEC3RecordContent>(record);
if (nsec3 == nullptr) {
throw PDNSException("Invalid NSEC3 record");
}
break;
}
case QType::RRSIG: {
- auto rrsig = std::dynamic_pointer_cast<RRSIGRecordContent>(record.d_content);
+ auto rrsig = getRR<RRSIGRecordContent>(record);
if (rrsig == nullptr) {
throw PDNSException("Invalid RRSIG record");
}
}
}
RRSetKey_t key = std::pair(record.d_name, record.d_type);
- d_resourceRecordSets[key].push_back(record.d_content);
+ d_resourceRecordSets[key].push_back(record.getContent());
d_resourceRecordSetTTLs[key] = record.d_ttl;
}
sortedRecords_t sorted;
for (auto& rr : rrset.second) {
if (qtype == QType::RRSIG) {
- const auto rrsig = std::dynamic_pointer_cast<RRSIGRecordContent>(rr);
+ const auto rrsig = std::dynamic_pointer_cast<const RRSIGRecordContent>(rr);
if (rrsig->d_type == QType::ZONEMD && qname == d_zone) {
continue;
}
// RRSIG is special, since original TTL depends on qtype covered by RRSIG
// which can be different per record
for (const auto& rrsig : sorted) {
- auto rrsigc = std::dynamic_pointer_cast<RRSIGRecordContent>(rrsig);
+ auto rrsigc = std::dynamic_pointer_cast<const RRSIGRecordContent>(rrsig);
RRSIGRecordContent rrc;
rrc.d_originalttl = d_resourceRecordSetTTLs[pair(rrset.first.first, rrsigc->d_type)];
rrc.d_type = qtype;
void verify(bool& validationDone, bool& validationOK);
// Return the zone's apex DNSKEYs
- const std::set<shared_ptr<DNSKEYRecordContent>>& getDNSKEYs() const
+ const std::set<shared_ptr<const DNSKEYRecordContent>>& getDNSKEYs() const
{
return d_dnskeys;
}
// Return the zone's apex RRSIGs
- const std::vector<shared_ptr<RRSIGRecordContent>>& getRRSIGs() const
+ const std::vector<shared_ptr<const RRSIGRecordContent>>& getRRSIGs() const
{
return d_rrsigs;
}
// Return the zone's apex ZONEMDs
- std::vector<shared_ptr<ZONEMDRecordContent>> getZONEMDs() const
+ std::vector<shared_ptr<const ZONEMDRecordContent>> getZONEMDs() const
{
- std::vector<shared_ptr<ZONEMDRecordContent>> ret;
+ std::vector<shared_ptr<const ZONEMDRecordContent>> ret;
for (const auto& zonemd : d_zonemdRecords) {
ret.emplace_back(zonemd.second.record);
}
return d_nsec3label;
}
- const std::vector<shared_ptr<NSEC3PARAMRecordContent>>& getNSEC3Params() const
+ const std::vector<shared_ptr<const NSEC3PARAMRecordContent>>& getNSEC3Params() const
{
return d_nsec3params;
}
private:
- typedef std::pair<DNSName, QType> RRSetKey_t;
- typedef std::vector<std::shared_ptr<DNSRecordContent>> RRVector_t;
+ using RRSetKey_t = std::pair<DNSName, QType>;
+ using RRVector_t = std::vector<std::shared_ptr<const DNSRecordContent>>;
struct CanonRRSetKeyCompare
{
}
};
- typedef std::map<RRSetKey_t, RRVector_t, CanonRRSetKeyCompare> RRSetMap_t;
+ using RRSetMap_t = std::map<RRSetKey_t, RRVector_t, CanonRRSetKeyCompare>;
struct ZoneMDAndDuplicateFlag
{
- std::shared_ptr<ZONEMDRecordContent> record;
+ const std::shared_ptr<const ZONEMDRecordContent> record;
bool duplicate;
};
RRSetMap_t d_resourceRecordSets;
std::map<RRSetKey_t, uint32_t> d_resourceRecordSetTTLs;
- std::shared_ptr<SOARecordContent> d_soaRecordContent;
- std::set<shared_ptr<DNSKEYRecordContent>> d_dnskeys;
- std::vector<shared_ptr<RRSIGRecordContent>> d_rrsigs;
- std::vector<shared_ptr<NSEC3PARAMRecordContent>> d_nsec3params;
+ std::shared_ptr<const SOARecordContent> d_soaRecordContent;
+ std::set<shared_ptr<const DNSKEYRecordContent>> d_dnskeys;
+ std::vector<shared_ptr<const RRSIGRecordContent>> d_rrsigs;
+ std::vector<shared_ptr<const NSEC3PARAMRecordContent>> d_nsec3params;
ContentSigPair d_nsecs;
map<DNSName, ContentSigPair> d_nsec3s;
DNSName d_nsec3label;
projects / thirdparty / pdns.git / commitdiff
