+ direct queries for NS records
+ careful caching, only NS query causes referral caching.
+ direct queries for A, AAAA in-bailiwick from a referral.
-* trouble counter, cache wipe threshold.
++ trouble counter, cache wipe threshold.
+ off-path validation
+ root NS, root glue validation after prime
interface-automatic. IPPKTINFO, IP6PKTINFO for WSARecvMsg, WSASendMsg.
o local-zone directive with authority service, full authority server
is a non-goal.
+o configure option to force use of builtin ldns tarball.
/**
* See if a name is whitelisted.
* @param priv: structure for address storage.
+ * @param pkt: the packet (for compression ptrs).
* @param name: name to check.
* @param dclass: class to check.
* @return: true if the name is OK. false if unlisted.
*/
static int
-priv_lookup_name(struct iter_priv* priv, uint8_t* name, uint16_t dclass)
+priv_lookup_name(struct iter_priv* priv, ldns_buffer* pkt,
+ uint8_t* name, size_t dname_len, uint16_t dclass)
{
size_t len;
- int labs = dname_count_size_labels(name, &len);
- return name_tree_lookup(&priv->n, name, len, labs, dclass) != NULL;
+ uint8_t decomp[256];
+ int labs;
+ if(dname_len >= sizeof(decomp))
+ return 0;
+ dname_pkt_copy(pkt, decomp, name);
+ labs = dname_count_size_labels(decomp, &len);
+ log_assert(dname_len == len);
+ return name_tree_lookup(&priv->n, decomp, len, labs, dclass) != NULL;
}
size_t priv_get_mem(struct iter_priv* priv)
return sizeof(*priv) + regional_get_mem(priv->region);
}
-int priv_rrset_bad(struct iter_priv* priv, struct rrset_parse* rrset)
+int priv_rrset_bad(struct iter_priv* priv, ldns_buffer* pkt,
+ struct rrset_parse* rrset)
{
/* see if it is a private name, that is allowed to have any */
- if(priv_lookup_name(priv, rrset->dname, ntohs(rrset->rrset_class))) {
+ if(priv_lookup_name(priv, pkt, rrset->dname, rrset->dname_len,
+ ntohs(rrset->rrset_class))) {
return 0;
} else {
/* so its a public name, check the address */
/**
* See if rrset is bad.
* @param priv: structure for private address storage.
+ * @param pkt: packet to decompress rrset name in.
* @param rrset: the rrset to examine, A or AAAA.
* @return true if the rrset is bad and should be removed.
*/
-int priv_rrset_bad(struct iter_priv* priv, struct rrset_parse* rrset);
+int priv_rrset_bad(struct iter_priv* priv, ldns_buffer* pkt,
+ struct rrset_parse* rrset);
/**
* Get memory used by priv structure.
/* remove private addresses */
if( (rrset->type == LDNS_RR_TYPE_A ||
rrset->type == LDNS_RR_TYPE_AAAA) &&
- priv_rrset_bad(ie->priv, rrset)) {
+ priv_rrset_bad(ie->priv, pkt, rrset)) {
/* set servfail, so the classification becomes
* THROWAWAY, instead of LAME or other unwanted */
FLAGS_SET_RCODE(msg->flags, LDNS_RCODE_SERVFAIL);
projects / thirdparty / unbound.git / commitdiff
