From cac9e018c37750cc875a782db79fcd7dcfe9b0fa Mon Sep 17 00:00:00 2001 From: Vitezslav Kriz Date: Thu, 7 Sep 2017 16:29:18 +0200 Subject: [PATCH] roothints: load from zonefile --- Makefile | 2 +- config.mk | 1 + daemon/daemon.mk | 5 +- daemon/engine.c | 49 +++++++++++++ daemon/lua/{config.lua => config.lua.in} | 4 ++ etc/etc.mk | 8 ++- etc/hints.zone | 92 ++++++++++++++++++++++++ lib/lib.mk | 6 -- lib/root-hints.inc | 27 ------- lib/zonecut.c | 53 -------------- 10 files changed, 158 insertions(+), 89 deletions(-) rename daemon/lua/{config.lua => config.lua.in} (82%) create mode 100644 etc/hints.zone delete mode 100644 lib/root-hints.inc diff --git a/Makefile b/Makefile index a6b3f2b2d..144721c0c 100644 --- a/Makefile +++ b/Makefile @@ -2,7 +2,7 @@ include config.mk include platform.mk # Targets -all: info lib daemon client modules +all: info lib daemon client modules etc install: lib-install daemon-install client-install modules-install etc-install check: all tests clean: contrib-clean lib-clean daemon-clean client-clean modules-clean \ diff --git a/config.mk b/config.mk index abb62413c..7ed32b191 100644 --- a/config.mk +++ b/config.mk @@ -19,6 +19,7 @@ MANDIR ?= $(PREFIX)/share/man INCLUDEDIR ?= $(PREFIX)/include MODULEDIR ?= $(LIBDIR)/kdns_modules ETCDIR ?= $(PREFIX)/etc/kresd +ROOTHINTS ?= $(ETCDIR)/hints.zone # Tools CC ?= cc diff --git a/daemon/daemon.mk b/daemon/daemon.mk index ed5a10288..9fe5b6af2 100644 --- a/daemon/daemon.mk +++ b/daemon/daemon.mk @@ -59,7 +59,7 @@ ifneq ($(SED),) endif daemon-clean: kresd-clean @$(RM) daemon/lua/*.inc daemon/lua/kres.lua daemon/lua/trust_anchors.lua \ - daemon/lua/zonefile.lua + daemon/lua/zonefile.lua daemon/lua/config.lua KNOT_RRSET_TXT_DUMP := \ $(shell pkg-config libknot --atleast-version=2.4.0 && echo true || echo false) @@ -69,6 +69,9 @@ daemon/lua/kres.lua: daemon/lua/kres.lua.in daemon/lua/trust_anchors.lua: daemon/lua/trust_anchors.lua.in @$(call quiet,SED,$<) -e "s|@ETCDIR@|$(ETCDIR)|g" $< > $@ +daemon/lua/config.lua: daemon/lua/config.lua.in + @$(call quiet,SED,$<) -e "s|@ROOTHINTS@|$(ROOTHINTS)|g" $< > $@ + LIBZSCANNER_COMMENTS := \ $(shell pkg-config libzscanner --atleast-version=2.4.2 && echo true || echo false) daemon/lua/zonefile.lua: daemon/lua/zonefile.lua.in diff --git a/daemon/engine.c b/daemon/engine.c index 903086f5f..5ba247966 100644 --- a/daemon/engine.c +++ b/daemon/engine.c @@ -319,6 +319,53 @@ static int l_trustanchor(lua_State *L) lua_pushboolean(L, true); return 1; } + +/** @internal for l_roothints */ +static void roothints_add(zs_scanner_t *zs) +{ + struct kr_zonecut *hints = zs->process.data; + if (!hints) { + return; + } + if(zs->r_type == KNOT_RRTYPE_A || zs->r_type == KNOT_RRTYPE_AAAA) { + knot_rdata_t rdata[RDATA_ARR_MAX]; + knot_rdata_init(rdata, zs->r_data_length, zs->r_data, zs->r_ttl); + kr_zonecut_add(hints,zs->r_owner, rdata); + } +} + +/** Load root hints from zonefile. */ +static int l_roothints(lua_State *L) +{ + struct engine *engine = engine_luaget(L); + struct kr_context *ctx = &engine->resolver; + struct kr_zonecut *root_hints = &ctx->root_hints; + const char *file = lua_tostring(L, 1); + if (!file || strlen(file) == 0) { + return 0; + } + + zs_scanner_t *zs = malloc(sizeof(*zs)); + if (!zs || zs_init(zs, ".", 1, 0) != 0) { + free(zs); + lua_pushstring(L, "not enough memory"); + lua_error(L); + } + + if (zs_set_input_file(zs, file) != 0) { + free(zs); + lua_pushstring(L, "failed to open root hints file"); + lua_error(L); + } + + kr_zonecut_set(root_hints, (const uint8_t *)""); + zs_set_processing(zs, roothints_add, NULL, root_hints); + zs_parse_all(zs); + + lua_pushboolean(L, true); + free(zs); + return 1; +} /** Unpack JSON object to table */ static void l_unpack_json(lua_State *L, JsonNode *table) { @@ -575,6 +622,8 @@ static int init_state(struct engine *engine) lua_setglobal(engine->L, "user"); lua_pushcfunction(engine->L, l_trustanchor); lua_setglobal(engine->L, "trustanchor"); + lua_pushcfunction(engine->L, l_roothints); + lua_setglobal(engine->L, "roothints"); lua_pushliteral(engine->L, libknot_SONAME); lua_setglobal(engine->L, "libknot_SONAME"); lua_pushliteral(engine->L, libzscanner_SONAME); diff --git a/daemon/lua/config.lua b/daemon/lua/config.lua.in similarity index 82% rename from daemon/lua/config.lua rename to daemon/lua/config.lua.in index 877b553ab..b201a4668 100644 --- a/daemon/lua/config.lua +++ b/daemon/lua/config.lua.in @@ -14,3 +14,7 @@ end if not cache.current_size then cache.size = 100 * MB end + +if kres.context().root_hints.nsset.root == nil then + roothints('@ROOTHINTS@') +end diff --git a/etc/etc.mk b/etc/etc.mk index 9c5b446eb..04d484bb1 100644 --- a/etc/etc.mk +++ b/etc/etc.mk @@ -2,9 +2,15 @@ etc_SOURCES := icann-ca.pem \ config.cluster \ config.isp \ config.personal \ - config.splitview + config.splitview \ + hints.zone etc-install: $(DESTDIR)$(ETCDIR) $(INSTALL) -m 0640 $(addprefix etc/,$(etc_SOURCES)) $(DESTDIR)$(ETCDIR) +etc: etc/hints.zone + +etc/hints.zone: + wget -O $@ https://www.internic.net/domain/named.root + .PHONY: etc-install diff --git a/etc/hints.zone b/etc/hints.zone new file mode 100644 index 000000000..198d1b39b --- /dev/null +++ b/etc/hints.zone @@ -0,0 +1,92 @@ +; This file holds the information on root name servers needed to +; initialize cache of Internet domain name servers +; (e.g. reference this file in the "cache . " +; configuration file of BIND domain name servers). +; +; This file is made available by InterNIC +; under anonymous FTP as +; file /domain/named.cache +; on server FTP.INTERNIC.NET +; -OR- RS.INTERNIC.NET +; +; last update: August 29, 2017 +; related version of root zone: 2017082901 +; +; FORMERLY NS.INTERNIC.NET +; +. 3600000 NS A.ROOT-SERVERS.NET. +A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 +A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:ba3e::2:30 +; +; FORMERLY NS1.ISI.EDU +; +. 3600000 NS B.ROOT-SERVERS.NET. +B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201 +B.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:200::b +; +; FORMERLY C.PSI.NET +; +. 3600000 NS C.ROOT-SERVERS.NET. +C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12 +C.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2::c +; +; FORMERLY TERP.UMD.EDU +; +. 3600000 NS D.ROOT-SERVERS.NET. +D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13 +D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2d::d +; +; FORMERLY NS.NASA.GOV +; +. 3600000 NS E.ROOT-SERVERS.NET. +E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10 +E.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:a8::e +; +; FORMERLY NS.ISC.ORG +; +. 3600000 NS F.ROOT-SERVERS.NET. +F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241 +F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2f::f +; +; FORMERLY NS.NIC.DDN.MIL +; +. 3600000 NS G.ROOT-SERVERS.NET. +G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4 +G.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:12::d0d +; +; FORMERLY AOS.ARL.ARMY.MIL +; +. 3600000 NS H.ROOT-SERVERS.NET. +H.ROOT-SERVERS.NET. 3600000 A 198.97.190.53 +H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::53 +; +; FORMERLY NIC.NORDU.NET +; +. 3600000 NS I.ROOT-SERVERS.NET. +I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17 +I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fe::53 +; +; OPERATED BY VERISIGN, INC. +; +. 3600000 NS J.ROOT-SERVERS.NET. +J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30 +J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:c27::2:30 +; +; OPERATED BY RIPE NCC +; +. 3600000 NS K.ROOT-SERVERS.NET. +K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129 +K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fd::1 +; +; OPERATED BY ICANN +; +. 3600000 NS L.ROOT-SERVERS.NET. +L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42 +L.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:9f::42 +; +; OPERATED BY WIDE +; +. 3600000 NS M.ROOT-SERVERS.NET. +M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33 +M.ROOT-SERVERS.NET. 3600000 AAAA 2001:dc3::35 +; End of file \ No newline at end of file diff --git a/lib/lib.mk b/lib/lib.mk index 8f1ae18f0..5789cbe17 100644 --- a/lib/lib.mk +++ b/lib/lib.mk @@ -66,12 +66,6 @@ libkres_HEADERS += \ libkres_LIBS += $(nettle_LIBS) endif -lib/zonecut.c: lib/root-hints.inc -lib/root-hints.inc: - @echo "WARNING: regenerating $@" - scripts/gen-root-hints.sh > $@ -.DELETE_ON_ERROR: lib/root-hints.inc - # Make library ifeq ($(BUILDMODE), static) $(eval $(call make_static,libkres,lib,yes)) diff --git a/lib/root-hints.inc b/lib/root-hints.inc deleted file mode 100644 index 874a3e1f0..000000000 --- a/lib/root-hints.inc +++ /dev/null @@ -1,27 +0,0 @@ -/* generated root hints */ -#define HINT_a_A "\xc6\x29\x00\x04" -#define HINT_b_A "\xc0\xe4\x4f\xc9" -#define HINT_c_A "\xc0\x21\x04\x0c" -#define HINT_d_A "\xc7\x07\x5b\x0d" -#define HINT_e_A "\xc0\xcb\xe6\x0a" -#define HINT_f_A "\xc0\x05\x05\xf1" -#define HINT_g_A "\xc0\x70\x24\x04" -#define HINT_h_A "\xc6\x61\xbe\x35" -#define HINT_i_A "\xc0\x24\x94\x11" -#define HINT_j_A "\xc0\x3a\x80\x1e" -#define HINT_k_A "\xc1\x00\x0e\x81" -#define HINT_l_A "\xc7\x07\x53\x2a" -#define HINT_m_A "\xca\x0c\x1b\x21" -#define HINT_a_AAAA "\x20\x01\x05\x03\xba\x3e\x00\x00\x00\x00\x00\x00\x00\x02\x00\x30" -#define HINT_b_AAAA "\x20\x01\x05\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0b" -#define HINT_c_AAAA "\x20\x01\x05\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0c" -#define HINT_d_AAAA "\x20\x01\x05\x00\x00\x2d\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0d" -#define HINT_e_AAAA "\x20\x01\x05\x00\x00\xa8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0e" -#define HINT_f_AAAA "\x20\x01\x05\x00\x00\x2f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0f" -#define HINT_g_AAAA "\x20\x01\x05\x00\x00\x12\x00\x00\x00\x00\x00\x00\x00\x00\x0d\x0d" -#define HINT_h_AAAA "\x20\x01\x05\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x53" -#define HINT_i_AAAA "\x20\x01\x07\xfe\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x53" -#define HINT_j_AAAA "\x20\x01\x05\x03\x0c\x27\x00\x00\x00\x00\x00\x00\x00\x02\x00\x30" -#define HINT_k_AAAA "\x20\x01\x07\xfd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01" -#define HINT_l_AAAA "\x20\x01\x05\x00\x00\x9f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x42" -#define HINT_m_AAAA "\x20\x01\x0d\xc3\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x35" diff --git a/lib/zonecut.c b/lib/zonecut.c index f1ce2c755..92035f883 100644 --- a/lib/zonecut.c +++ b/lib/zonecut.c @@ -36,49 +36,6 @@ struct hint_info { #define U8(x) (const uint8_t *)(x) -/* Initialize with SBELT name servers. */ -#include "lib/root-hints.inc" -#define HINT_LEN_A sizeof(struct in_addr) -#define HINT_LEN_AAAA sizeof(struct in6_addr) -#define SBELT_LEN (sizeof(SBELT) / sizeof(SBELT[0])) -static const struct hint_info SBELT[] = { - #define HINT(name,type) { \ - U8("\x01" #name "\x0c""root-servers""\x03""net"), \ - HINT_LEN_##type, \ - U8(HINT_##name##_##type), \ - } - HINT(j, A), - HINT(k, A), - HINT(d, A), - HINT(e, A), - HINT(f, A), - HINT(g, A), - HINT(h, A), - HINT(i, A), - HINT(l, A), - HINT(m, A), - HINT(b, A), - HINT(c, A), - HINT(a, A), - HINT(a, AAAA), - HINT(b, AAAA), - HINT(c, AAAA), - HINT(d, AAAA), - HINT(e, AAAA), - HINT(f, AAAA), - HINT(g, AAAA), - HINT(h, AAAA), - HINT(i, AAAA), - HINT(j, AAAA), - HINT(k, AAAA), - HINT(l, AAAA), - HINT(m, AAAA), - #undef HINT -}; -#undef HINT_LEN_A -#undef HINT_LEN_AAAA - - static void update_cut_name(struct kr_zonecut *cut, const knot_dname_t *name) { if (knot_dname_is_equal(name, cut->name)) { @@ -309,16 +266,6 @@ int kr_zonecut_set_sbelt(struct kr_context *ctx, struct kr_zonecut *cut) int ret = 0; if (ctx->root_hints.nsset.root) { ret = kr_zonecut_copy(cut, &ctx->root_hints); - } else { - /* Copy compiled-in root hints */ - for (unsigned i = 0; i < SBELT_LEN; ++i) { - const struct hint_info *hint = &SBELT[i]; - knot_rdata_init(rdata_arr, hint->len, hint->addr, 0); - ret = kr_zonecut_add(cut, hint->name, rdata_arr); - if (ret != 0) { - break; - } - } } return ret; } -- 2.47.2