Add static ede context into each validator layer

Instead of passing the edectx from the fetchctx into all subvalidators,
make the ede context ownership explict for dns_resolver_createfetch()
callers, and copy the ede result codes from the children validators to
the parent when finishing the validation process.

diff --git a/lib/dns/include/dns/validator.h b/lib/dns/include/dns/validator.h
index 51440b3caba07207737aa56de43f5741168b22c2..00d56d6866609320bf8294da5436c7532a60a6d0 100644 (file)
--- a/lib/dns/include/dns/validator.h
+++ b/lib/dns/include/dns/validator.h
@@ -156,7 +156,9 @@ struct dns_validator {
        isc_counter_t *qc;
        isc_counter_t *gqc;
 
-       dns_edectx_t *edectx;
+       dns_edectx_t edectx;
+
+       dns_edectx_t *cb_edectx;
 };
 
 /*%

diff --git a/lib/dns/validator.c b/lib/dns/validator.c
index f103d8368bea7c7c9df1bd7394a71ba954428d7f..1d1b69cccfb750737ad04bc14ee751149d111446 100644 (file)
--- a/lib/dns/validator.c
+++ b/lib/dns/validator.c
@@ -243,6 +243,8 @@ validator_done(dns_validator_t *val, isc_result_t result) {
        val->attributes |= VALATTR_COMPLETE;
        val->result = result;
 
+       dns_ede_copy(val->cb_edectx, &val->edectx);
+
        isc_async_run(val->loop, val->cb, val);
 }
 
@@ -951,7 +953,7 @@ create_fetch(dns_validator_t *val, dns_name_t *name, dns_rdatatype_t type,
        result = dns_resolver_createfetch(
                val->view->resolver, name, type, NULL, NULL, NULL, NULL, 0,
                fopts, 0, val->qc, val->gqc, val->loop, callback, val,
-               val->edectx, &val->frdataset, &val->fsigrdataset, &val->fetch);
+               &val->edectx, &val->frdataset, &val->fsigrdataset, &val->fetch);
        if (result != ISC_R_SUCCESS) {
                dns_validator_detach(&val);
        }
@@ -988,7 +990,7 @@ create_validator(dns_validator_t *val, dns_name_t *name, dns_rdatatype_t type,
        result = dns_validator_create(
                val->view, name, type, rdataset, sig, NULL, vopts, val->loop,
                cb, val, val->nvalidations, val->nfails, val->qc, val->gqc,
-               val->edectx, &val->subvalidator);
+               &val->edectx, &val->subvalidator);
        if (result == ISC_R_SUCCESS) {
                dns_validator_attach(val, &val->subvalidator->parent);
                val->subvalidator->depth = val->depth + 1;
@@ -3391,6 +3393,7 @@ dns_validator_create(dns_view_t *view, dns_name_t *name, dns_rdatatype_t type,
        REQUIRE(rdataset != NULL ||
                (rdataset == NULL && sigrdataset == NULL && message != NULL));
        REQUIRE(validatorp != NULL && *validatorp == NULL);
+       REQUIRE(edectx != NULL);
 
        result = dns_view_getsecroots(view, &kt);
        if (result != ISC_R_SUCCESS) {
@@ -3412,9 +3415,11 @@ dns_validator_create(dns_view_t *view, dns_name_t *name, dns_rdatatype_t type,
                .cb = cb,
                .arg = arg,
                .rdata = DNS_RDATA_INIT,
-               .edectx = edectx,
+               .cb_edectx = edectx,
        };
 
+       dns_ede_init(view->mctx, &val->edectx);
+
        isc_refcount_init(&val->references, 1);
        dns_view_attach(view, &val->view);
        if (message != NULL) {
@@ -3534,6 +3539,8 @@ destroy_validator(dns_validator_t *val) {
                isc_counter_detach(&val->gqc);
        }
 
+       dns_ede_invalidate(&val->edectx);
+
        dns_view_detach(&val->view);
        isc_loop_detach(&val->loop);
 
@@ -3654,7 +3661,7 @@ validator_addede(dns_validator_t *val, uint16_t code, const char *extra) {
        dns_rdatatype_totext(val->type, &b);
        isc_buffer_putuint8(&b, '\0');
 
-       dns_ede_add(val->edectx, code, bdata);
+       dns_ede_add(&val->edectx, code, bdata);
 }
 
 static void