return 0;
}
-static int ipset_update(struct module_env *env, struct dns_msg *return_msg, struct ipset_env *ie) {
+static void
+ipset_add_rrset_data(struct ipset_env *ie, struct mnl_socket *mnl,
+ struct packed_rrset_data *d, const char* setname, int af,
+ const char* dname)
+{
int ret;
+ size_t j, rr_len, rd_len;
+ uint8_t *rr_data;
- struct mnl_socket *mnl;
-
- size_t i, j;
-
- const char *setname;
-
- struct ub_packed_rrset_key *rrset;
- struct packed_rrset_data *d;
+ /* to d->count, not d->rrsig_count, because we do not want to add the RRSIGs, only the addresses */
+ for (j = 0; j < d->count; j++) {
+ rr_len = d->rr_len[j];
+ rr_data = d->rr_data[j];
+
+ rd_len = sldns_read_uint16(rr_data);
+ if(af == AF_INET && rd_len != INET_SIZE)
+ continue;
+ if(af == AF_INET6 && rd_len != INET6_SIZE)
+ continue;
+ if (rr_len - 2 >= rd_len) {
+ if(verbosity >= VERB_QUERY) {
+ char ip[128];
+ if(inet_ntop(af, rr_data+2, ip, (socklen_t)sizeof(ip)) == 0)
+ snprintf(ip, sizeof(ip), "(inet_ntop_error)");
+ verbose(VERB_QUERY, "ipset: add %s to %s for %s", ip, setname, dname);
+ }
+ ret = add_to_ipset(mnl, setname, rr_data + 2, af);
+ if (ret < 0) {
+ log_err("ipset: could not add %s into %s", dname, setname);
- int af;
+ mnl_socket_close(mnl);
+ ie->mnl = NULL;
+ break;
+ }
+ }
+ }
+}
+static int
+ipset_check_zones_for_rrset(struct module_env *env, struct ipset_env *ie,
+ struct mnl_socket *mnl, struct ub_packed_rrset_key *rrset,
+ const char *setname, int af)
+{
static char dname[BUFF_LEN];
const char *s;
int dlen, plen;
struct config_strlist *p;
+ struct packed_rrset_data *d;
- size_t rr_len, rd_len;
+ dlen = sldns_wire2str_dname_buf(rrset->rk.dname, rrset->rk.dname_len, dname, BUFF_LEN);
+ if (dlen == 0) {
+ log_err("bad domain name");
+ return -1;
+ }
+ if (dname[dlen - 1] == '.') {
+ dlen--;
+ }
+
+ for (p = env->cfg->local_zones_ipset; p; p = p->next) {
+ plen = strlen(p->str);
+
+ if (dlen >= plen) {
+ s = dname + (dlen - plen);
+
+ if (strncasecmp(p->str, s, plen) == 0) {
+ d = (struct packed_rrset_data*)rrset->entry.data;
+ ipset_add_rrset_data(ie, mnl, d, setname,
+ af, dname);
+ break;
+ }
+ }
+ }
+ return 0;
+}
+
+static int ipset_update(struct module_env *env, struct dns_msg *return_msg, struct ipset_env *ie) {
+ struct mnl_socket *mnl;
+
+ size_t i;
+
+ const char *setname;
+
+ struct ub_packed_rrset_key *rrset;
+
+ int af;
- uint8_t *rr_data;
mnl = (struct mnl_socket *)ie->mnl;
if (!mnl) {
}
if (setname) {
- dlen = sldns_wire2str_dname_buf(rrset->rk.dname, rrset->rk.dname_len, dname, BUFF_LEN);
- if (dlen == 0) {
- log_err("bad domain name");
+ if(ipset_check_zones_for_rrset(env, ie, mnl, rrset,
+ setname, af) == -1)
return -1;
- }
- if (dname[dlen - 1] == '.') {
- dlen--;
- }
-
- for (p = env->cfg->local_zones_ipset; p; p = p->next) {
- plen = strlen(p->str);
-
- if (dlen >= plen) {
- s = dname + (dlen - plen);
-
- if (strncasecmp(p->str, s, plen) == 0) {
- d = (struct packed_rrset_data*)rrset->entry.data;
- /* to d->count, not d->rrsig_count, because we do not want to add the RRSIGs, only the addresses */
- for (j = 0; j < d->count; j++) {
- rr_len = d->rr_len[j];
- rr_data = d->rr_data[j];
-
- rd_len = sldns_read_uint16(rr_data);
- if(af == AF_INET && rd_len != INET_SIZE)
- continue;
- if(af == AF_INET6 && rd_len != INET6_SIZE)
- continue;
- if (rr_len - 2 >= rd_len) {
- if(verbosity >= VERB_QUERY) {
- char ip[128];
- if(inet_ntop(af, rr_data+2, ip, (socklen_t)sizeof(ip)) == 0)
- snprintf(ip, sizeof(ip), "(inet_ntop_error)");
- verbose(VERB_QUERY, "ipset: add %s to %s for %s", ip, setname, dname);
- }
- ret = add_to_ipset(mnl, setname, rr_data + 2, af);
- if (ret < 0) {
- log_err("ipset: could not add %s into %s", dname, setname);
-
- mnl_socket_close(mnl);
- ie->mnl = NULL;
- break;
- }
- }
- }
- break;
- }
- }
- }
}
}
projects / thirdparty / unbound.git / commitdiff
