[thirdparty/pdns.git] / pdns / packethandler.hh

/*
 * This file is part of PowerDNS or dnsdist.
 * Copyright -- PowerDNS.COM B.V. and its contributors
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of version 2 of the GNU General Public License as
 * published by the Free Software Foundation.
 *
 * In addition, for the avoidance of any doubt, permission is granted to
 * link this program with OpenSSL and to (re)distribute the binaries
 * produced as the result of such linking.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 */
#pragma once
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include "ueberbackend.hh"
#include "dnspacket.hh"
#include "packetcache.hh"
#include "dnsseckeeper.hh"
#include "lua-auth4.hh"

#include "namespaces.hh"

// silly Solaris people define PC
#undef PC

/** Central DNS logic according to RFC1034. Ask this class a question in the form of a DNSPacket
    and it will return, synchronously, a DNSPacket answer, suitable for 
    sending out over the network. 

    The PacketHandler gives your question to the PacketCache for possible inclusion
    in the cache.

    In order to do so, the PacketHandler contains a reference to the global extern PacketCache PC

    It also contains an UeberBackend instance for answering the subqueries needed to generate
    a complete reply.

*/
class NSEC3PARAMRecordContent;

class PacketHandler
{
public:
  std::unique_ptr<DNSPacket> doQuestion(DNSPacket&); //!< hand us a DNS packet with a question, we give you an answer
  std::unique_ptr<DNSPacket> question(DNSPacket&); //!< hand us a DNS packet with a question, we give you an answer
  PacketHandler(); 
  ~PacketHandler(); // defined in packethandler.cc, and does --count
  static int numRunning(){return s_count;}; //!< Returns the number of running PacketHandlers. Called by Distributor
 
  UeberBackend *getBackend();

  int tryAutoPrimarySynchronous(const DNSPacket& p, const DNSName& tsigkeyname);
  static NetmaskGroup s_allowNotifyFrom;
  static set<string> s_forwardNotify;
  static bool s_SVCAutohints;
  static const std::shared_ptr<CDNSKEYRecordContent> s_deleteCDNSKEYContent;
  static const std::shared_ptr<CDSRecordContent> s_deleteCDSContent;

private:
  int tryAutoPrimary(const DNSPacket& p, const DNSName& tsigkeyname);
  int processNotify(const DNSPacket& );
  void addRootReferral(DNSPacket& r);
  int doChaosRequest(const DNSPacket& p, std::unique_ptr<DNSPacket>& r, DNSName &target) const;
  bool addDNSKEY(DNSPacket& p, std::unique_ptr<DNSPacket>& r);
  bool addCDNSKEY(DNSPacket& p, std::unique_ptr<DNSPacket>& r);
  bool addCDS(DNSPacket& p, std::unique_ptr<DNSPacket>& r);
  bool addNSEC3PARAM(const DNSPacket& p, std::unique_ptr<DNSPacket>& r);
  void doAdditionalProcessing(DNSPacket& p, std::unique_ptr<DNSPacket>& r);
  DNSName doAdditionalServiceProcessing(const DNSName &firstTarget, const uint16_t &qtype, std::unique_ptr<DNSPacket>& r, vector<DNSZoneRecord>& extraRecords);

  //! Get all IPv4 or IPv6 addresses (based on |qtype|) for |target|.
  vector<ComboAddress> getIPAddressFor(const DNSName &target, const uint16_t qtype);
  void addNSECX(DNSPacket& p, std::unique_ptr<DNSPacket>& r, const DNSName &target, const DNSName &wildcard, int mode);
  void addNSEC(DNSPacket& p, std::unique_ptr<DNSPacket>& r, const DNSName &target, const DNSName &wildcard, int mode);
  bool getNSEC3Hashes(bool narrow, const std::string& hashed, bool decrement, DNSName& unhashed, std::string& before, std::string& after, int mode=0);
  void addNSEC3(DNSPacket& p, std::unique_ptr<DNSPacket>& r, const DNSName &target, const DNSName &wildcard, const NSEC3PARAMRecordContent& nsec3param, bool narrow, int mode);
  void emitNSEC(std::unique_ptr<DNSPacket>& r, const DNSName& name, const DNSName& next, int mode);
  void emitNSEC3(std::unique_ptr<DNSPacket>& r, const NSEC3PARAMRecordContent &ns3rc, const DNSName& unhashed, const string& begin, const string& end, int mode);
  int processUpdate(DNSPacket& p);
  int forwardPacket(const string &msgPrefix, const DNSPacket& p, const DomainInfo& di);
  uint performUpdate(const string &msgPrefix, const DNSRecord *rr, DomainInfo *di, bool isPresigned, bool* narrow, bool* haveNSEC3, NSEC3PARAMRecordContent *ns3pr, bool *updatedSerial);
  int checkUpdatePrescan(const DNSRecord *rr);
  int checkUpdatePrerequisites(const DNSRecord *rr, DomainInfo *di);
  void increaseSerial(const string &msgPrefix, const DomainInfo *di, const string& soaEditSetting, bool haveNSEC3, bool narrow, const NSEC3PARAMRecordContent *ns3pr);

  void makeNXDomain(DNSPacket& p, std::unique_ptr<DNSPacket>& r, const DNSName& target, const DNSName& wildcard);
  void makeNOError(DNSPacket& p, std::unique_ptr<DNSPacket>& r, const DNSName& target, const DNSName& wildcard, int mode);
  vector<DNSZoneRecord> getBestReferralNS(DNSPacket& p, const DNSName &target);
  void getBestDNAMESynth(DNSPacket& p, DNSName &target, vector<DNSZoneRecord> &ret);
  bool tryDNAME(DNSPacket& p, std::unique_ptr<DNSPacket>& r, DNSName &target);
  bool tryReferral(DNSPacket& p, std::unique_ptr<DNSPacket>& r, const DNSName &target, bool retargeted);

  bool getBestWildcard(DNSPacket& p, const DNSName &target, DNSName &wildcard, vector<DNSZoneRecord>* ret);
  bool tryWildcard(DNSPacket& p, std::unique_ptr<DNSPacket>& r, DNSName &target, DNSName &wildcard, bool& retargeted, bool& nodata);
  bool addDSforNS(DNSPacket& p, std::unique_ptr<DNSPacket>& r, const DNSName& dsname);
  void completeANYRecords(DNSPacket& p, std::unique_ptr<DNSPacket>& r, const DNSName &target);

  void tkeyHandler(const DNSPacket& p, std::unique_ptr<DNSPacket>& r); //<! process TKEY record, and adds TKEY record to (r)eply, or error code.

  static AtomicCounter s_count;
  static std::mutex s_rfc2136lock;
  bool d_logDNSDetails;
  bool d_doDNAME;
  bool d_doExpandALIAS;
  bool d_dnssec{false};
  SOAData d_sd;
  std::unique_ptr<AuthLua4> d_pdl;
  std::unique_ptr<AuthLua4> d_update_policy_lua;
  std::unique_ptr<AuthLua4> s_LUA;
  UeberBackend B; // every thread an own instance
  DNSSECKeeper d_dk; // B is shared with DNSSECKeeper
};
Commit	Line	Data
12c86877	1	/*
12471842 PL	2	* This file is part of PowerDNS or dnsdist.
	3	* Copyright -- PowerDNS.COM B.V. and its contributors
	4	*
	5	* This program is free software; you can redistribute it and/or modify
	6	* it under the terms of version 2 of the GNU General Public License as
	7	* published by the Free Software Foundation.
	8	*
	9	* In addition, for the avoidance of any doubt, permission is granted to
	10	* link this program with OpenSSL and to (re)distribute the binaries
	11	* produced as the result of such linking.
	12	*
	13	* This program is distributed in the hope that it will be useful,
	14	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	15	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	16	* GNU General Public License for more details.
	17	*
	18	* You should have received a copy of the GNU General Public License
	19	* along with this program; if not, write to the Free Software
	20	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
	21	*/
e8c59f2d	22	#pragma once
76473b92 KM	23	#include <sys/socket.h>
	24	#include <netinet/in.h>
	25	#include <arpa/inet.h>
12c86877 BH	26	#include "ueberbackend.hh"
	27	#include "dnspacket.hh"
	28	#include "packetcache.hh"
e0d84497	29	#include "dnsseckeeper.hh"
0ecc1158	30	#include "lua-auth4.hh"
12c86877	31
10f4eea8	32	#include "namespaces.hh"
12c86877	33
88def049 BH	34	// silly Solaris people define PC
	35	#undef PC
	36
12c86877 BH	37	/** Central DNS logic according to RFC1034. Ask this class a question in the form of a DNSPacket
	38	and it will return, synchronously, a DNSPacket answer, suitable for
	39	sending out over the network.
	40
	41	The PacketHandler gives your question to the PacketCache for possible inclusion
	42	in the cache.
	43
	44	In order to do so, the PacketHandler contains a reference to the global extern PacketCache PC
	45
	46	It also contains an UeberBackend instance for answering the subqueries needed to generate
	47	a complete reply.
	48
	49	*/
5c3bf2db	50	class NSEC3PARAMRecordContent;
12c86877 BH	51
	52	class PacketHandler
	53	{
	54	public:
c2826d2e RG	55	std::unique_ptr<DNSPacket> doQuestion(DNSPacket&); //!< hand us a DNS packet with a question, we give you an answer
c2826d2e RG	56	std::unique_ptr<DNSPacket> question(DNSPacket&); //!< hand us a DNS packet with a question, we give you an answer
12c86877 BH	57	PacketHandler();
12c86877 BH	58	~PacketHandler(); // defined in packethandler.cc, and does --count
bdc9f8d2	59	static int numRunning(){return s_count;}; //!< Returns the number of running PacketHandlers. Called by Distributor
12c86877	60
3971cf53	61	UeberBackend *getBackend();
cc3afe25	62
d525b58b	63	int tryAutoPrimarySynchronous(const DNSPacket& p, const DNSName& tsigkeyname);
d207ad63	64	static NetmaskGroup s_allowNotifyFrom;
dad0736b	65	static set<string> s_forwardNotify;
0a21c8ea	66	static bool s_SVCAutohints;
481508ab KM	67	static const std::shared_ptr<CDNSKEYRecordContent> s_deleteCDNSKEYContent;
481508ab KM	68	static const std::shared_ptr<CDSRecordContent> s_deleteCDSContent;
12c86877 BH	69
12c86877 BH	70	private:
d525b58b	71	int tryAutoPrimary(const DNSPacket& p, const DNSName& tsigkeyname);
c2826d2e RG	72	int processNotify(const DNSPacket& );
	73	void addRootReferral(DNSPacket& r);
	74	int doChaosRequest(const DNSPacket& p, std::unique_ptr<DNSPacket>& r, DNSName &target) const;
ba8fc158 KM	75	bool addDNSKEY(DNSPacket& p, std::unique_ptr<DNSPacket>& r);
	76	bool addCDNSKEY(DNSPacket& p, std::unique_ptr<DNSPacket>& r);
	77	bool addCDS(DNSPacket& p, std::unique_ptr<DNSPacket>& r);
	78	bool addNSEC3PARAM(const DNSPacket& p, std::unique_ptr<DNSPacket>& r);
	79	void doAdditionalProcessing(DNSPacket& p, std::unique_ptr<DNSPacket>& r);
ee2163cd PD	80	DNSName doAdditionalServiceProcessing(const DNSName &firstTarget, const uint16_t &qtype, std::unique_ptr<DNSPacket>& r, vector<DNSZoneRecord>& extraRecords);
ee2163cd PD	81
2a1b8d08 PL	82	//! Get all IPv4 or IPv6 addresses (based on \|qtype\|) for \|target\|.
2a1b8d08 PL	83	vector<ComboAddress> getIPAddressFor(const DNSName &target, const uint16_t qtype);
ba8fc158 KM	84	void addNSECX(DNSPacket& p, std::unique_ptr<DNSPacket>& r, const DNSName &target, const DNSName &wildcard, int mode);
	85	void addNSEC(DNSPacket& p, std::unique_ptr<DNSPacket>& r, const DNSName &target, const DNSName &wildcard, int mode);
	86	bool getNSEC3Hashes(bool narrow, const std::string& hashed, bool decrement, DNSName& unhashed, std::string& before, std::string& after, int mode=0);
	87	void addNSEC3(DNSPacket& p, std::unique_ptr<DNSPacket>& r, const DNSName &target, const DNSName &wildcard, const NSEC3PARAMRecordContent& nsec3param, bool narrow, int mode);
	88	void emitNSEC(std::unique_ptr<DNSPacket>& r, const DNSName& name, const DNSName& next, int mode);
	89	void emitNSEC3(std::unique_ptr<DNSPacket>& r, const NSEC3PARAMRecordContent &ns3rc, const DNSName& unhashed, const string& begin, const string& end, int mode);
c2826d2e RG	90	int processUpdate(DNSPacket& p);
c2826d2e RG	91	int forwardPacket(const string &msgPrefix, const DNSPacket& p, const DomainInfo& di);
d0d273cf	92	uint performUpdate(const string &msgPrefix, const DNSRecord rr, DomainInfo di, bool isPresigned, bool* narrow, bool* haveNSEC3, NSEC3PARAMRecordContent ns3pr, bool updatedSerial);
f7a69a4c RA	93	int checkUpdatePrescan(const DNSRecord *rr);
f7a69a4c RA	94	int checkUpdatePrerequisites(const DNSRecord rr, DomainInfo di);
b163cc0e	95	void increaseSerial(const string &msgPrefix, const DomainInfo di, const string& soaEditSetting, bool haveNSEC3, bool narrow, const NSEC3PARAMRecordContent ns3pr);
5c3bf2db	96
ba8fc158 KM	97	void makeNXDomain(DNSPacket& p, std::unique_ptr<DNSPacket>& r, const DNSName& target, const DNSName& wildcard);
	98	void makeNOError(DNSPacket& p, std::unique_ptr<DNSPacket>& r, const DNSName& target, const DNSName& wildcard, int mode);
	99	vector<DNSZoneRecord> getBestReferralNS(DNSPacket& p, const DNSName &target);
3b3bd29f	100	void getBestDNAMESynth(DNSPacket& p, DNSName &target, vector<DNSZoneRecord> &ret);
ba8fc158 KM	101	bool tryDNAME(DNSPacket& p, std::unique_ptr<DNSPacket>& r, DNSName &target);
	102	bool tryReferral(DNSPacket& p, std::unique_ptr<DNSPacket>& r, const DNSName &target, bool retargeted);
	103
	104	bool getBestWildcard(DNSPacket& p, const DNSName &target, DNSName &wildcard, vector<DNSZoneRecord>* ret);
	105	bool tryWildcard(DNSPacket& p, std::unique_ptr<DNSPacket>& r, DNSName &target, DNSName &wildcard, bool& retargeted, bool& nodata);
	106	bool addDSforNS(DNSPacket& p, std::unique_ptr<DNSPacket>& r, const DNSName& dsname);
	107	void completeANYRecords(DNSPacket& p, std::unique_ptr<DNSPacket>& r, const DNSName &target);
c00d7891	108
c2826d2e	109	void tkeyHandler(const DNSPacket& p, std::unique_ptr<DNSPacket>& r); //<! process TKEY record, and adds TKEY record to (r)eply, or error code.
c00d7891	110
16f7d28d	111	static AtomicCounter s_count;
0ddde5fb	112	static std::mutex s_rfc2136lock;
12c86877	113	bool d_logDNSDetails;
8dee0750	114	bool d_doDNAME;
389b7a05	115	bool d_doExpandALIAS;
32b50c94	116	bool d_dnssec{false};
79a8e56f	117	SOAData d_sd;
7c99293d	118	std::unique_ptr<AuthLua4> d_pdl;
3ce6361c	119	std::unique_ptr<AuthLua4> d_update_policy_lua;
d43d0b93	120	std::unique_ptr<AuthLua4> s_LUA;
12c86877	121	UeberBackend B; // every thread an own instance
e59b5787	122	DNSSECKeeper d_dk; // B is shared with DNSSECKeeper
12c86877	123	};
c2826d2e	124