From: Wouter Wijngaards Date: Fri, 3 Aug 2007 14:12:28 +0000 (+0000) Subject: create rrsets for verification later. X-Git-Tag: release-0.5~152 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9ebbdbabd3439bc071131669e7cedfa8bbbe3040;p=thirdparty%2Funbound.git create rrsets for verification later. git-svn-id: file:///svn/unbound/trunk@489 be551aaa-1e26-0410-a405-d3ace91eadb9 --- diff --git a/doc/Changelog b/doc/Changelog index 0086def29..18c9d7c13 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -4,6 +4,7 @@ - trust anchors can be in config file or read from zone file, DS and DNSKEY entries. - unit test trust anchor storage. + - trust anchors converted to packed rrsets. 2 August 2007: Wouter - configure change for latest libevent trunk version (needs -lrt). diff --git a/validator/val_anchor.c b/validator/val_anchor.c index 73b645707..51ebe85c6 100644 --- a/validator/val_anchor.c +++ b/validator/val_anchor.c @@ -363,6 +363,107 @@ anchor_read_file(struct val_anchors* anchors, ldns_buffer* buffer, return ok; } +/** + * Assemble an rrset structure for the type + * @param region: allocated in this region. + * @param ta: trust anchor. + * @param num: number of items to fetch from list. + * @param type: fetch only items of this type. + * @return rrset or NULL on error. + */ +static struct ub_packed_rrset_key* +assemble_it(struct region* region, struct trust_anchor* ta, size_t num, + uint16_t type) +{ + struct ub_packed_rrset_key* pkey = (struct ub_packed_rrset_key*) + region_alloc(region, sizeof(*pkey)); + struct packed_rrset_data* pd; + struct ta_key* tk; + size_t i; + if(!pkey) + return NULL; + memset(pkey, 0, sizeof(*pkey)); + pkey->rk.dname = region_alloc_init(region, ta->name, ta->namelen); + if(!pkey->rk.dname) + return NULL; + + pkey->rk.dname_len = ta->namelen; + pkey->rk.type = htons(type); + pkey->rk.rrset_class = htons(ta->dclass); + /* The rrset is build in an uncompressed way. This means it + * cannot be copied in the normal way. */ + pd = (struct packed_rrset_data*)region_alloc(region, sizeof(*pd)); + if(!pd) + return NULL; + memset(pd, 0, sizeof(*pd)); + pd->count = num; + pd->trust = rrset_trust_ultimate; + pd->rr_len = (size_t*)region_alloc(region, num*sizeof(size_t)); + if(!pd->rr_len) + return NULL; + pd->rr_ttl = (uint32_t*)region_alloc(region, num*sizeof(uint32_t)); + if(!pd->rr_ttl) + return NULL; + pd->rr_data = (uint8_t**)region_alloc(region, num*sizeof(uint8_t*)); + if(!pd->rr_data) + return NULL; + /* fill in rrs */ + i=0; + for(tk = ta->keylist; tk; tk = tk->next) { + if(tk->type != type) + continue; + pd->rr_len[i] = tk->len; + /* reuse data ptr to allocation in region */ + pd->rr_data[i] = tk->data; + pd->rr_ttl[i] = 0; + i++; + } + pkey->entry.data = (void*)pd; + return pkey; +} + +/** + * Assemble structures for the trust DS and DNSKEY rrsets. + * @param anchors: trust anchor storage. + * @param ta: trust anchor + * @return: false on error. + */ +static int +anchors_assemble(struct val_anchors* anchors, struct trust_anchor* ta) +{ + if(ta->numDS > 0) { + ta->ds_rrset = assemble_it(anchors->region, ta, + ta->numDS, LDNS_RR_TYPE_DS); + if(!ta->ds_rrset) + return 0; + } + if(ta->numDNSKEY > 0) { + ta->dnskey_rrset = assemble_it(anchors->region, ta, + ta->numDNSKEY, LDNS_RR_TYPE_DNSKEY); + if(!ta->dnskey_rrset) + return 0; + } + return 1; +} + +/** + * Assemble the rrsets in the anchors, ready for use by validator. + * @param anchors: trust anchor storage. + * @return: false on error. + */ +static int +anchors_assemble_rrsets(struct val_anchors* anchors) +{ + struct trust_anchor* ta; + RBTREE_FOR(ta, struct trust_anchor*, anchors->tree) { + if(!anchors_assemble(anchors, ta)) { + log_err("out of memory"); + return 0; + } + } + return 1; +} + int anchors_apply_cfg(struct val_anchors* anchors, struct config_file* cfg) { @@ -387,6 +488,7 @@ anchors_apply_cfg(struct val_anchors* anchors, struct config_file* cfg) } } init_parents(anchors); + anchors_assemble_rrsets(anchors); ldns_buffer_free(parsebuf); return 1; } diff --git a/validator/val_anchor.h b/validator/val_anchor.h index 1fcc58c84..01c3e801d 100644 --- a/validator/val_anchor.h +++ b/validator/val_anchor.h @@ -45,6 +45,7 @@ struct region; struct trust_anchor; struct config_file; +struct ub_packed_rrset_key; /** * Trust anchor store. @@ -99,6 +100,10 @@ struct trust_anchor { size_t numDS; /** number of DNSKEYs in the keylist */ size_t numDNSKEY; + /** the DS RRset */ + struct ub_packed_rrset_key* ds_rrset; + /** The DNSKEY RRset */ + struct ub_packed_rrset_key* dnskey_rrset; /** class of the trust anchor */ uint16_t dclass; };