2 * This file is part of PowerDNS or dnsdist.
3 * Copyright -- PowerDNS.COM B.V. and its contributors
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of version 2 of the GNU General Public License as
7 * published by the Free Software Foundation.
9 * In addition, for the avoidance of any doubt, permission is granted to
10 * link this program with OpenSSL and to (re)distribute the binaries
11 * produced as the result of such linking.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22 #ifndef PACKETHANDLER_HH
23 #define PACKETHANDLER_HH
25 #include <sys/socket.h>
26 #include <netinet/in.h>
27 #include <arpa/inet.h>
28 #include "ueberbackend.hh"
29 #include "dnspacket.hh"
30 #include "packetcache.hh"
31 #include "dnsseckeeper.hh"
32 #include "lua-auth4.hh"
33 #include "gss_context.hh"
35 #include "namespaces.hh"
37 // silly Solaris people define PC
40 /** Central DNS logic according to RFC1034. Ask this class a question in the form of a DNSPacket
41 and it will return, synchronously, a DNSPacket answer, suitable for
42 sending out over the network.
44 The PacketHandler gives your question to the PacketCache for possible inclusion
47 In order to do so, the PacketHandler contains a reference to the global extern PacketCache PC
49 It also contains an UeberBackend instance for answering the subqueries needed to generate
53 class NSEC3PARAMRecordContent;
58 DNSPacket *doQuestion(DNSPacket *); //!< hand us a DNS packet with a question, we give you an answer
59 DNSPacket *question(DNSPacket *); //!< hand us a DNS packet with a question, we give you an answer
61 ~PacketHandler(); // defined in packethandler.cc, and does --count
62 static int numRunning(){return s_count;}; //!< Returns the number of running PacketHandlers. Called by Distributor
64 UeberBackend *getBackend();
66 int trySuperMasterSynchronous(const DNSPacket *p, const DNSName& tsigkeyname);
67 static NetmaskGroup s_allowNotifyFrom;
68 static set<string> s_forwardNotify;
71 int trySuperMaster(DNSPacket *p, const DNSName& tsigkeyname);
72 int processNotify(DNSPacket *);
73 void addRootReferral(DNSPacket *r);
74 int doChaosRequest(DNSPacket *p, DNSPacket *r, DNSName &target);
75 bool addDNSKEY(DNSPacket *p, DNSPacket *r, const SOAData& sd);
76 bool addCDNSKEY(DNSPacket *p, DNSPacket *r, const SOAData& sd);
77 bool addCDS(DNSPacket *p, DNSPacket *r, const SOAData& sd);
78 bool addNSEC3PARAM(DNSPacket *p, DNSPacket *r, const SOAData& sd);
79 int doAdditionalProcessingAndDropAA(DNSPacket *p, DNSPacket *r, const SOAData& sd, bool retargeted);
80 void addNSECX(DNSPacket *p, DNSPacket* r, const DNSName &target, const DNSName &wildcard, const DNSName &auth, int mode);
81 void addNSEC(DNSPacket *p, DNSPacket* r, const DNSName &target, const DNSName &wildcard, const DNSName& auth, int mode);
82 void addNSEC3(DNSPacket *p, DNSPacket* r, const DNSName &target, const DNSName &wildcard, const DNSName& auth, const NSEC3PARAMRecordContent& nsec3param, bool narrow, int mode);
83 void emitNSEC(DNSPacket *r, const SOAData& sd, const DNSName& name, const DNSName& next, int mode);
84 void emitNSEC3(DNSPacket *r, const SOAData& sd, const NSEC3PARAMRecordContent &ns3rc, const DNSName& unhashed, const string& begin, const string& end, int mode);
85 int processUpdate(DNSPacket *p);
86 int forwardPacket(const string &msgPrefix, DNSPacket *p, DomainInfo *di);
87 uint performUpdate(const string &msgPrefix, const DNSRecord *rr, DomainInfo *di, bool isPresigned, bool* narrow, bool* haveNSEC3, NSEC3PARAMRecordContent *ns3pr, bool *updatedSerial);
88 int checkUpdatePrescan(const DNSRecord *rr);
89 int checkUpdatePrerequisites(const DNSRecord *rr, DomainInfo *di);
90 void increaseSerial(const string &msgPrefix, const DomainInfo *di, bool haveNSEC3, bool narrow, const NSEC3PARAMRecordContent *ns3pr);
92 void makeNXDomain(DNSPacket* p, DNSPacket* r, const DNSName& target, const DNSName& wildcard, const SOAData& sd);
93 void makeNOError(DNSPacket* p, DNSPacket* r, const DNSName& target, const DNSName& wildcard, const SOAData& sd, int mode);
94 vector<DNSZoneRecord> getBestReferralNS(DNSPacket *p, SOAData& sd, const DNSName &target);
95 vector<DNSZoneRecord> getBestDNAMESynth(DNSPacket *p, SOAData& sd, DNSName &target);
96 bool tryDNAME(DNSPacket *p, DNSPacket*r, SOAData& sd, DNSName &target);
97 bool tryReferral(DNSPacket *p, DNSPacket*r, SOAData& sd, const DNSName &target, bool retargeted);
99 bool getBestWildcard(DNSPacket *p, SOAData& sd, const DNSName &target, DNSName &wildcard, vector<DNSZoneRecord>* ret);
100 bool tryWildcard(DNSPacket *p, DNSPacket*r, SOAData& sd, DNSName &target, DNSName &wildcard, bool& retargeted, bool& nodata);
101 bool addDSforNS(DNSPacket* p, DNSPacket* r, SOAData& sd, const DNSName& dsname);
102 void completeANYRecords(DNSPacket *p, DNSPacket*r, SOAData& sd, const DNSName &target);
104 void tkeyHandler(DNSPacket *p, DNSPacket *r); //<! process TKEY record, and adds TKEY record to (r)eply, or error code.
106 static AtomicCounter s_count;
107 static pthread_mutex_t s_rfc2136lock;
108 bool d_logDNSDetails;
109 bool d_doIPv6AdditionalProcessing;
111 bool d_doExpandALIAS;
113 std::unique_ptr<AuthLua4> d_pdl;
114 std::unique_ptr<AuthLua4> d_update_policy_lua;
116 UeberBackend B; // every thread an own instance
117 DNSSECKeeper d_dk; // B is shared with DNSSECKeeper
119 bool getNSEC3Hashes(bool narrow, DNSBackend* db, int id, const std::string& hashed, bool decrement, DNSName& unhashed, string& before, string& after, int mode=0);
120 std::shared_ptr<DNSRecordContent> makeSOAContent(const SOAData& sd);
121 #endif /* PACKETHANDLER */