From: Peter van Dijk Date: Mon, 18 May 2015 15:39:49 +0000 (+0200) Subject: snap X-Git-Tag: dnsdist-1.0.0-alpha1~248^2~58^2~21^2~5^2~76 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=675fa24c7b92b808ed54ca4dec3df9085bb0559a;p=pdns snap --- diff --git a/modules/bindbackend/bindbackend2.cc b/modules/bindbackend/bindbackend2.cc index 555c5f5fc..f0426239e 100644 --- a/modules/bindbackend/bindbackend2.cc +++ b/modules/bindbackend/bindbackend2.cc @@ -187,7 +187,7 @@ void Bind2Backend::setFresh(uint32_t domain_id) } } -bool Bind2Backend::startTransaction(const string &qname, int id) +bool Bind2Backend::startTransaction(const DNSName &qname, int id) { if(id < 0) { d_transaction_tmpname.clear(); @@ -254,7 +254,7 @@ bool Bind2Backend::abortTransaction() bool Bind2Backend::feedRecord(const DNSResourceRecord &r, string *ordername) { - string qname=r.qname; + string qname=r.qname.toString(); BB2DomainInfo bbd; safeGetBBDomainInfo(d_transaction_id, &bbd); @@ -453,7 +453,7 @@ void Bind2Backend::parseZoneFile(BB2DomainInfo *bbd) else hashed=""; } - insertRecord(*bbd, rr.qname, rr.qtype, rr.content, rr.ttl, hashed); + insertRecord(*bbd, rr.qname.toString(), rr.qtype, rr.content, rr.ttl, hashed); } fixupAuth(bbd->d_records.getWRITABLE()); doEmptyNonTerminals(*bbd, nsec3zone, ns3pr); @@ -728,7 +728,7 @@ void Bind2Backend::doEmptyNonTerminals(BB2DomainInfo& bbd, bool nsec3zone, NSEC3 rr.qname=nt.first+"."+bbd.d_name+"."; if(nsec3zone) hashed=toBase32Hex(hashQNameWithSalt(ns3pr.d_iterations, ns3pr.d_salt, rr.qname)); - insertRecord(bbd, rr.qname, rr.qtype, rr.content, rr.ttl, hashed, &nt.second); + insertRecord(bbd, rr.qname.toString(), rr.qtype, rr.content, rr.ttl, hashed, &nt.second); } } @@ -880,9 +880,9 @@ void Bind2Backend::queueReloadAndStore(unsigned int id) } } -bool Bind2Backend::findBeforeAndAfterUnhashed(BB2DomainInfo& bbd, const std::string& qname, std::string& unhashed, std::string& before, std::string& after) +bool Bind2Backend::findBeforeAndAfterUnhashed(BB2DomainInfo& bbd, const DNSName& qname, DNSName& unhashed, DNSName& before, DNSName& after) { - string domain=toLower(qname); + string domain=qname.toString(); shared_ptr records = bbd.d_records.get(); recordstorage_t::const_iterator iter = records->upper_bound(domain); @@ -1026,10 +1026,10 @@ bool Bind2Backend::getBeforeAndAfterNamesAbsolute(uint32_t id, const std::string } } -void Bind2Backend::lookup(const QType &qtype, const string &qname, DNSPacket *pkt_p, int zoneId ) +void Bind2Backend::lookup(const QType &qtype, const DNSName &qname, DNSPacket *pkt_p, int zoneId ) { d_handle.reset(); - string domain=toLower(qname); + string domain=qname.toString(); static bool mustlog=::arg().mustDo("query-logging"); if(mustlog) @@ -1126,7 +1126,7 @@ bool Bind2Backend::get(DNSResourceRecord &r) return false; } if(d_handle.mustlog) - L< *unfreshDomains); void getUpdatedMasters(vector *changedDomains); - bool getDomainInfo(const string &domain, DomainInfo &di); + bool getDomainInfo(const DNSName &domain, DomainInfo &di); time_t getCtime(const string &fname); // DNSSEC - virtual bool getBeforeAndAfterNamesAbsolute(uint32_t id, const std::string& qname, std::string& unhashed, std::string& before, std::string& after); - void lookup(const QType &, const string &qdomain, DNSPacket *p=0, int zoneId=-1); - bool list(const string &target, int id, bool include_disabled=false); + virtual bool getBeforeAndAfterNamesAbsolute(uint32_t id, const DNSName& qname, DNSName& unhashed, DNSName& before, DNSName& after); + void lookup(const QType &, const DNSName &qdomain, DNSPacket *p=0, int zoneId=-1); + bool list(const DNSName &target, int id, bool include_disabled=false); bool get(DNSResourceRecord &); void getAllDomains(vector *domains, bool include_disabled=false); @@ -199,24 +199,24 @@ public: void setFresh(uint32_t domain_id); void setNotified(uint32_t id, uint32_t serial); - bool startTransaction(const string &qname, int id); + bool startTransaction(const DNSName &qname, int id); bool feedRecord(const DNSResourceRecord &r, string *ordername=0); bool commitTransaction(); bool abortTransaction(); - void alsoNotifies(const string &domain, set *ips); + void alsoNotifies(const DNSName &domain, set *ips); // the DNSSEC related (getDomainMetadata has broader uses too) - virtual bool getAllDomainMetadata(const string& name, std::map >& meta); - virtual bool getDomainMetadata(const string& name, const std::string& kind, std::vector& meta); - virtual bool setDomainMetadata(const string& name, const std::string& kind, const std::vector& meta); - virtual bool getDomainKeys(const string& name, unsigned int kind, std::vector& keys); - virtual bool removeDomainKey(const string& name, unsigned int id); - virtual int addDomainKey(const string& name, const KeyData& key); - virtual bool activateDomainKey(const string& name, unsigned int id); - virtual bool deactivateDomainKey(const string& name, unsigned int id); - virtual bool getTSIGKey(const string& name, string* algorithm, string* content); - virtual bool setTSIGKey(const string& name, const string& algorithm, const string& content); - virtual bool deleteTSIGKey(const string& name); + virtual bool getAllDomainMetadata(const DNSName& name, std::map >& meta); + virtual bool getDomainMetadata(const DNSName& name, const std::string& kind, std::vector& meta); + virtual bool setDomainMetadata(const DNSName& name, const std::string& kind, const std::vector& meta); + virtual bool getDomainKeys(const DNSName& name, unsigned int kind, std::vector& keys); + virtual bool removeDomainKey(const DNSName& name, unsigned int id); + virtual int addDomainKey(const DNSName& name, const KeyData& key); + virtual bool activateDomainKey(const DNSName& name, unsigned int id); + virtual bool deactivateDomainKey(const DNSName& name, unsigned int id); + virtual bool getTSIGKey(const DNSName& name, string* algorithm, string* content); + virtual bool setTSIGKey(const DNSName& name, const DNSName& algorithm, const string& content); + virtual bool deleteTSIGKey(const DNSName& name); virtual bool getTSIGKeys(std::vector< struct TSIGKey > &keys); virtual bool doesDNSSEC(); // end of DNSSEC @@ -232,12 +232,12 @@ public: void insertRecord(BB2DomainInfo& bbd, const string &qname, const QType &qtype, const string &content, int ttl, const std::string& hashed=string(), bool *auth=0); void rediscover(string *status=0); - bool isMaster(const string &name, const string &ip); + bool isMaster(const DNSName &name, const string &ip); // for supermaster support - bool superMasterBackend(const string &ip, const string &domain, const vector&nsset, string *nameserver, string *account, DNSBackend **db); + bool superMasterBackend(const string &ip, const DNSName &domain, const vector&nsset, string *nameserver, string *account, DNSBackend **db); static pthread_mutex_t s_supermaster_config_lock; - bool createSlaveDomain(const string &ip, const string &domain, const string &nameserver, const string &account); + bool createSlaveDomain(const string &ip, const DNSName &domain, const string &nameserver, const string &account); private: void setupDNSSEC(); diff --git a/modules/randombackend/randombackend.cc b/modules/randombackend/randombackend.cc index fdfacaf3f..33a729e7a 100644 --- a/modules/randombackend/randombackend.cc +++ b/modules/randombackend/randombackend.cc @@ -39,16 +39,16 @@ public: RandomBackend(const string &suffix="") { setArgPrefix("random"+suffix); - d_ourname=getArg("hostname"); + d_ourname=DNSName(getArg("hostname")); } - bool list(const string &target, int id, bool include_disabled) { + bool list(const DNSName &target, int id, bool include_disabled) { return false; // we don't support AXFR } - void lookup(const QType &type, const string &qdomain, DNSPacket *p, int zoneId) + void lookup(const QType &type, const DNSName &qdomain, DNSPacket *p, int zoneId) { - if((type.getCode()!=QType::ANY && type.getCode()!=QType::A) || !pdns_iequals(qdomain, d_ourname)) // we only know about random.example.com A by default + if((type.getCode()!=QType::ANY && type.getCode()!=QType::A) || qdomain==d_ourname) // we only know about random.example.com A by default d_answer=""; // no answer else { ostringstream os; @@ -76,7 +76,7 @@ public: private: string d_answer; - string d_ourname; + DNSName d_ourname; }; /* SECOND PART */ diff --git a/pdns/backends/gsql/gsqlbackend.cc b/pdns/backends/gsql/gsqlbackend.cc index ced4e1675..5ea37df8c 100644 --- a/pdns/backends/gsql/gsqlbackend.cc +++ b/pdns/backends/gsql/gsqlbackend.cc @@ -497,7 +497,7 @@ bool GSQLBackend::setDNSSECAuthOnDsRecord(uint32_t domain_id, const std::string& return true; } -bool GSQLBackend::updateEmptyNonTerminals(uint32_t domain_id, const std::string& zonename, set& insert, set& erase, bool remove) +bool GSQLBackend::updateEmptyNonTerminals(uint32_t domain_id, const DNSName& zonename, set& insert, set& erase, bool remove) { if(remove) { try { @@ -513,7 +513,7 @@ bool GSQLBackend::updateEmptyNonTerminals(uint32_t domain_id, const std::string& } else { - BOOST_FOREACH(const string qname, erase) { + for(auto &qname: erase) { try { d_deleteEmptyNonTerminalQuery_stmt-> bind("domain_id", domain_id)-> @@ -522,13 +522,13 @@ bool GSQLBackend::updateEmptyNonTerminals(uint32_t domain_id, const std::string& reset(); } catch (SSqlException &e) { - throw PDNSException("GSQLBackend unable to delete empty non-terminal rr "+qname+" from domain_id "+itoa(domain_id)+": "+e.txtReason()); + throw PDNSException("GSQLBackend unable to delete empty non-terminal rr "+qname.toString()+" from domain_id "+itoa(domain_id)+": "+e.txtReason()); return false; } } } - BOOST_FOREACH(const string qname, insert) { + for(auto &qname: insert) { try { d_insertEmptyNonTerminalQuery_stmt-> bind("domain_id", domain_id)-> @@ -537,7 +537,7 @@ bool GSQLBackend::updateEmptyNonTerminals(uint32_t domain_id, const std::string& reset(); } catch (SSqlException &e) { - throw PDNSException("GSQLBackend unable to insert empty non-terminal rr "+qname+" in domain_id "+itoa(domain_id)+": "+e.txtReason()); + throw PDNSException("GSQLBackend unable to insert empty non-terminal rr "+qname.toString()+" in domain_id "+itoa(domain_id)+": "+e.txtReason()); return false; } } @@ -1264,7 +1264,7 @@ bool GSQLBackend::feedRecord(const DNSResourceRecord &r, string *ordername) bind("qtype",r.qtype.getName())-> bind("domain_id",r.domain_id)-> bind("disabled",r.disabled)-> - bind("qname",toLower(r.qname)); + bind("qname",stripDot(r.qname.toString())); // FIXME lowercase? if (ordername == NULL) d_InsertRecordOrderQuery_stmt->bindNull("ordername"); else @@ -1283,7 +1283,7 @@ bool GSQLBackend::feedRecord(const DNSResourceRecord &r, string *ordername) bind("qtype",r.qtype.getName())-> bind("domain_id",r.domain_id)-> bind("disabled",r.disabled)-> - bind("qname",toLower(r.qname))-> + bind("qname",stripDot(r.qname.toString()))-> bind("auth", (r.auth || !d_dnssecQueries))-> execute()-> reset(); diff --git a/pdns/backends/gsql/gsqlbackend.hh b/pdns/backends/gsql/gsqlbackend.hh index 33bdc6854..45cb116d5 100644 --- a/pdns/backends/gsql/gsqlbackend.hh +++ b/pdns/backends/gsql/gsqlbackend.hh @@ -193,7 +193,7 @@ public: virtual bool nullifyDNSSECOrderNameAndUpdateAuth(uint32_t domain_id, const std::string& qname, bool auth); virtual bool nullifyDNSSECOrderNameAndAuth(uint32_t domain_id, const std::string& qname, const std::string& type); virtual bool setDNSSECAuthOnDsRecord(uint32_t domain_id, const std::string& qname); - virtual bool updateEmptyNonTerminals(uint32_t domain_id, const std::string& zonename, set& insert ,set& erase, bool remove); + virtual bool updateEmptyNonTerminals(uint32_t domain_id, const DNSName& zonename, set& insert ,set& erase, bool remove); virtual bool doesDNSSEC(); virtual bool calculateSOASerial(const string& domain, const SOAData& sd, time_t& serial); diff --git a/pdns/backends/gsql/ssql.hh b/pdns/backends/gsql/ssql.hh index dbf81d859..7256d6a06 100644 --- a/pdns/backends/gsql/ssql.hh +++ b/pdns/backends/gsql/ssql.hh @@ -44,6 +44,7 @@ public: virtual SSqlStatement* bind(const string& name, long long value)=0;; virtual SSqlStatement* bind(const string& name, unsigned long long value)=0; virtual SSqlStatement* bind(const string& name, const std::string& value)=0; + virtual SSqlStatement* bind(const string& name, const DNSName& value)=0; virtual SSqlStatement* bindNull(const string& name)=0; virtual SSqlStatement* execute()=0;; virtual bool hasNextRow()=0; diff --git a/pdns/communicator.hh b/pdns/communicator.hh index 17f3f459e..e2de7b07c 100644 --- a/pdns/communicator.hh +++ b/pdns/communicator.hh @@ -183,7 +183,7 @@ private: void makeNotifySockets(); void queueNotifyDomain(const DNSName &domain, UeberBackend *B); int d_nsock4, d_nsock6; - map,time_t>d_holes; + map,time_t>d_holes; pthread_mutex_t d_holelock; void launchRetrievalThreads(); void suck(const DNSName &domain, const string &remote); diff --git a/pdns/dbdnsseckeeper.cc b/pdns/dbdnsseckeeper.cc index 03c450bd4..dbb517cc2 100644 --- a/pdns/dbdnsseckeeper.cc +++ b/pdns/dbdnsseckeeper.cc @@ -52,7 +52,7 @@ pthread_rwlock_t DNSSECKeeper::s_keycachelock = PTHREAD_RWLOCK_INITIALIZER; AtomicCounter DNSSECKeeper::s_ops; time_t DNSSECKeeper::s_last_prune; -bool DNSSECKeeper::isSecuredZone(const std::string& zone) +bool DNSSECKeeper::isSecuredZone(const DNSName& zone) { if(isPresigned(zone)) return true; @@ -67,14 +67,14 @@ bool DNSSECKeeper::isSecuredZone(const std::string& zone) return false; } -bool DNSSECKeeper::isPresigned(const std::string& name) +bool DNSSECKeeper::isPresigned(const DNSName& name) { string meta; getFromMeta(name, "PRESIGNED", meta); return meta=="1"; } -bool DNSSECKeeper::addKey(const std::string& name, bool keyOrZone, int algorithm, int bits, bool active) +bool DNSSECKeeper::addKey(const DNSName& name, bool keyOrZone, int algorithm, int bits, bool active) { if(!bits) { if(algorithm <= 10) @@ -107,7 +107,7 @@ void DNSSECKeeper::clearAllCaches() { s_metacache.clear(); } -void DNSSECKeeper::clearCaches(const std::string& name) +void DNSSECKeeper::clearCaches(const DNSName& name) { { WriteLock l(&s_keycachelock); @@ -120,7 +120,7 @@ void DNSSECKeeper::clearCaches(const std::string& name) } -bool DNSSECKeeper::addKey(const std::string& name, const DNSSECPrivateKey& dpk, bool active) +bool DNSSECKeeper::addKey(const DNSName& name, const DNSSECPrivateKey& dpk, bool active) { clearCaches(name); DNSBackend::KeyData kd; @@ -138,7 +138,7 @@ static bool keyCompareByKindAndID(const DNSSECKeeper::keyset_t::value_type& a, c make_pair(!b.second.keyOrZone, b.second.id); } -DNSSECPrivateKey DNSSECKeeper::getKeyById(const std::string& zname, unsigned int id) +DNSSECPrivateKey DNSSECKeeper::getKeyById(const DNSName& zname, unsigned int id) { vector keys; d_keymetadb->getDomainKeys(zname, 0, keys); @@ -158,30 +158,30 @@ DNSSECPrivateKey DNSSECKeeper::getKeyById(const std::string& zname, unsigned int return dpk; } - throw runtime_error("Can't find a key with id "+lexical_cast(id)+" for zone '"+zname+"'"); + throw runtime_error("Can't find a key with id "+lexical_cast(id)+" for zone '"+zname.toString()+"'"); } -bool DNSSECKeeper::removeKey(const std::string& zname, unsigned int id) +bool DNSSECKeeper::removeKey(const DNSName& zname, unsigned int id) { clearCaches(zname); return d_keymetadb->removeDomainKey(zname, id); } -bool DNSSECKeeper::deactivateKey(const std::string& zname, unsigned int id) +bool DNSSECKeeper::deactivateKey(const DNSName& zname, unsigned int id) { clearCaches(zname); return d_keymetadb->deactivateDomainKey(zname, id); } -bool DNSSECKeeper::activateKey(const std::string& zname, unsigned int id) +bool DNSSECKeeper::activateKey(const DNSName& zname, unsigned int id) { clearCaches(zname); return d_keymetadb->activateDomainKey(zname, id); } -void DNSSECKeeper::getFromMeta(const std::string& zname, const std::string& key, std::string& value) +void DNSSECKeeper::getFromMeta(const DNSName& zname, const std::string& key, std::string& value) { value.clear(); unsigned int now = time(0); @@ -228,7 +228,7 @@ uint64_t DNSSECKeeper::dbdnssecCacheSizes(const std::string& str) return (uint64_t)-1; } -bool DNSSECKeeper::getNSEC3PARAM(const std::string& zname, NSEC3PARAMRecordContent* ns3p, bool* narrow) +bool DNSSECKeeper::getNSEC3PARAM(const DNSName& zname, NSEC3PARAMRecordContent* ns3p, bool* narrow) { string value; getFromMeta(zname, "NSEC3PARAM", value); @@ -243,7 +243,7 @@ bool DNSSECKeeper::getNSEC3PARAM(const std::string& zname, NSEC3PARAMRecordConte delete tmp; if (ns3p->d_iterations > maxNSEC3Iterations) { ns3p->d_iterations = maxNSEC3Iterations; - L< maxNSEC3Iterations) - throw runtime_error("Can't set NSEC3PARAM for zone '"+zname+"': number of NSEC3 iterations is above 'max-nsec3-iterations'"); + throw runtime_error("Can't set NSEC3PARAM for zone '"+zname.toString()+"': number of NSEC3 iterations is above 'max-nsec3-iterations'"); clearCaches(zname); string descr = ns3p.getZoneRepresentation(); @@ -274,14 +274,14 @@ bool DNSSECKeeper::setNSEC3PARAM(const std::string& zname, const NSEC3PARAMRecor return false; } -bool DNSSECKeeper::unsetNSEC3PARAM(const std::string& zname) +bool DNSSECKeeper::unsetNSEC3PARAM(const DNSName& zname) { clearCaches(zname); return (d_keymetadb->setDomainMetadata(zname, "NSEC3PARAM", vector()) && d_keymetadb->setDomainMetadata(zname, "NSEC3NARROW", vector())); } -bool DNSSECKeeper::setPresigned(const std::string& zname) +bool DNSSECKeeper::setPresigned(const DNSName& zname) { clearCaches(zname); vector meta; @@ -289,14 +289,14 @@ bool DNSSECKeeper::setPresigned(const std::string& zname) return d_keymetadb->setDomainMetadata(zname, "PRESIGNED", meta); } -bool DNSSECKeeper::unsetPresigned(const std::string& zname) +bool DNSSECKeeper::unsetPresigned(const DNSName& zname) { clearCaches(zname); return d_keymetadb->setDomainMetadata(zname, "PRESIGNED", vector()); } -DNSSECKeeper::keyset_t DNSSECKeeper::getKeys(const std::string& zone, boost::tribool allOrKeyOrZone, bool useCache) +DNSSECKeeper::keyset_t DNSSECKeeper::getKeys(const DNSName& zone, boost::tribool allOrKeyOrZone, bool useCache) { unsigned int now = time(0); @@ -360,21 +360,19 @@ DNSSECKeeper::keyset_t DNSSECKeeper::getKeys(const std::string& zone, boost::tri return retkeyset; } -bool DNSSECKeeper::secureZone(const std::string& name, int algorithm, int size) +bool DNSSECKeeper::secureZone(const DNSName& name, int algorithm, int size) { clearCaches(name); // just to be sure ;) return addKey(name, true, algorithm, size); } -bool DNSSECKeeper::getPreRRSIGs(UeberBackend& db, const std::string& signer, const std::string& qname, - const std::string& wildcardname, const QType& qtype, +bool DNSSECKeeper::getPreRRSIGs(UeberBackend& db, const DNSName& signer, const DNSName& qname, + const DNSName& wildcardname, const QType& qtype, DNSPacketWriter::Place signPlace, vector& rrsigs, uint32_t signTTL) { vector sigs; - if(db.getDirectRRSIGs(toLower(signer), toLower(wildcardname.empty() ? qname : wildcardname), qtype, sigs)) { + if(db.getDirectRRSIGs(signer, wildcardname.countLabels() ? wildcardname : qname, qtype, sigs)) { BOOST_FOREACH(DNSResourceRecord &rr, sigs) { - if (!wildcardname.empty()) - rr.qname = toLower(qname); rr.d_place = (DNSResourceRecord::Place)signPlace; rr.ttl = signTTL; rrsigs.push_back(rr); @@ -388,15 +386,15 @@ bool DNSSECKeeper::getPreRRSIGs(UeberBackend& db, const std::string& signer, con DLOG(L<<"Could not get SOA for domain"< parts; stringtok(parts, rr.content); - if(parts[0] == qtype.getName() && pdns_iequals(parts[7], signer+".")) { + if(parts[0] == qtype.getName() && DNSName(parts[7])==signer) { // cerr<<"Got it"< allowed; d_keymetadb->getDomainMetadata(zone, "TSIG-ALLOW-AXFR", allowed); BOOST_FOREACH(const string& dbkey, allowed) { - if(pdns_iequals(dbkey, keyname)) + if(DNSName(dbkey)==keyname) return true; } return false; } -bool DNSSECKeeper::getTSIGForAccess(const string& zone, const string& master, string* keyname) +bool DNSSECKeeper::getTSIGForAccess(const DNSName& zone, const string& master, DNSName* keyname) { vector keynames; d_keymetadb->getDomainMetadata(zone, "AXFR-MASTER-TSIG", keynames); - keyname->clear(); + keyname->trimToLabels(0); // XXX FIXME this should check for a specific master! BOOST_FOREACH(const string& dbkey, keynames) { - *keyname=dbkey; + *keyname=DNSName(dbkey); return true; } return false; diff --git a/pdns/dns.cc b/pdns/dns.cc index b08f41051..d790a7da4 100644 --- a/pdns/dns.cc +++ b/pdns/dns.cc @@ -220,7 +220,7 @@ string serializeSOAData(const SOAData &d) { ostringstream o; // nameservername hostmaster serial-number [refresh [retry [expire [ minimum] ] ] ] - o< #include #include "qtype.hh" +#include "dnsname.hh" #include #include class DNSBackend; +class DNSName; // FIXME struct SOAData { SOAData() : ttl(0), serial(0), refresh(0), retry(0), expire(0), domain_id(-1), db(0), scopeMask(0) {}; - string qname; - string nameserver; - string hostmaster; + DNSName qname; + DNSName nameserver; + DNSName hostmaster; uint32_t ttl; uint32_t serial; uint32_t refresh; @@ -82,8 +84,8 @@ public: QType qtype; //!< qtype of this record, ie A, CNAME, MX etc uint16_t qclass; //!< class of this record - string qname; //!< the name of this record, for example: www.powerdns.com - string wildcardname; + DNSName qname; //!< the name of this record, for example: www.powerdns.com + DNSName wildcardname; string content; //!< what this record points to. Example: 10.1.2.3 uint32_t ttl; //!< Time To Live of this record uint32_t signttl; //!< If non-zero, use this TTL as original TTL in the RRSIG diff --git a/pdns/dnsbackend.cc b/pdns/dnsbackend.cc index 6f5ab3d0e..09e9b8afc 100644 --- a/pdns/dnsbackend.cc +++ b/pdns/dnsbackend.cc @@ -33,25 +33,25 @@ #include "dnspacket.hh" #include "dns.hh" -bool DNSBackend::getAuth(DNSPacket *p, SOAData *sd, const string &target, const int best_match_len) +bool DNSBackend::getAuth(DNSPacket *p, SOAData *sd, const DNSName &target, const int best_match_len) { bool found=false; - string subdomain(target); + DNSName subdomain(target); do { - if( best_match_len >= (int)subdomain.length() ) + if( best_match_len >= (int)subdomain.toString().length() ) break; if( this->getSOA( subdomain, *sd, p ) ) { sd->qname = subdomain; - if(p->qtype.getCode() == QType::DS && pdns_iequals(subdomain, target)) { + if(p->qtype.getCode() == QType::DS && subdomain==target) { // Found authoritative zone but look for parent zone with 'DS' record. found=true; } else return true; } } - while( chopOff( subdomain ) ); // 'www.powerdns.org' -> 'powerdns.org' -> 'org' -> '' + while( subdomain.chopOff() ); // 'www.powerdns.org' -> 'powerdns.org' -> 'org' -> '' return found; } @@ -228,7 +228,7 @@ vectorBackendMakerClass::all(bool metadataOnly) \param domain Domain we want to get the SOA details of \param sd SOAData which is filled with the SOA details */ -bool DNSBackend::getSOA(const string &domain, SOAData &sd, DNSPacket *p) +bool DNSBackend::getSOA(const DNSName &domain, SOAData &sd, DNSPacket *p) { this->lookup(QType(QType::SOA),domain,p); @@ -249,27 +249,27 @@ bool DNSBackend::getSOA(const string &domain, SOAData &sd, DNSPacket *p) if(!hits) return false; sd.qname = domain; - if(sd.nameserver.empty()) + if(!sd.nameserver.countLabels()) sd.nameserver=arg()["default-soa-name"]; - if(sd.hostmaster.empty()) { + if(!sd.hostmaster.countLabels()) { if (!arg().isEmpty("default-soa-mail")) { sd.hostmaster=arg()["default-soa-mail"]; - attodot(sd.hostmaster); + // attodot(sd.hostmaster); FIXME } else sd.hostmaster="hostmaster."+domain; } if(!sd.serial) { // magic time! - DLOG(L<getBeforeAndAfterNamesAbsolute(id, lcqname, dnc, before, after); + // lcqname=labelReverse(lcqname); + DNSName dnc; + bool ret = this->getBeforeAndAfterNamesAbsolute(id, qname, dnc, before, after); - before=dotConcat(labelReverse(before), lczonename); - after=dotConcat(labelReverse(after), lczonename); + // before=dotConcat(labelReverse(before), lczonename); FIXME + // after=dotConcat(labelReverse(after), lczonename); FIXME return ret; } @@ -303,7 +303,7 @@ bool DNSBackend::getBeforeAndAfterNames(uint32_t id, const std::string& zonename * \param sd Information about the SOA record already available * \param serial Output parameter. Only inspected when we return true */ -bool DNSBackend::calculateSOASerial(const string& domain, const SOAData& sd, time_t& serial) +bool DNSBackend::calculateSOASerial(const DNSName& domain, const SOAData& sd, time_t& serial) { // we do this by listing the domain and taking the maximum last modified timestamp @@ -311,7 +311,7 @@ bool DNSBackend::calculateSOASerial(const string& domain, const SOAData& sd, tim time_t newest=0; if(!(this->list(domain, sd.domain_id))) { - DLOG(L<qname = inZone.substr( inZone.length() - foundkey.length(), string::npos ); - DLOG(L<qname<qname.toString()< #include "namespaces.hh" #include "comment.hh" +#include "dnsname.hh" class DNSBackend; struct DomainInfo { DomainInfo() : backend(0) {} uint32_t id; - string zone; + DNSName zone; vector masters; uint32_t notified_serial; uint32_t serial; @@ -84,8 +85,8 @@ struct DomainInfo }; struct TSIGKey { - std::string name; - std::string algorithm; + DNSName name; + DNSName algorithm; std::string key; }; @@ -106,7 +107,7 @@ class DNSBackend { public: //! lookup() initiates a lookup. A lookup without results should not throw! - virtual void lookup(const QType &qtype, const string &qdomain, DNSPacket *pkt_p=0, int zoneId=-1)=0; + virtual void lookup(const QType &qtype, const DNSName &qdomain, DNSPacket *pkt_p=0, int zoneId=-1)=0; virtual bool get(DNSResourceRecord &)=0; //!< retrieves one DNSResource record, returns false if no more were available //! Initiates a list of the specified domain @@ -114,22 +115,22 @@ public: if the backend does not consider itself responsible for the id passed. \param domain_id ID of which a list is requested */ - virtual bool list(const string &target, int domain_id, bool include_disabled=false)=0; + virtual bool list(const DNSName &target, int domain_id, bool include_disabled=false)=0; virtual ~DNSBackend(){}; //! fills the soadata struct with the SOA details. Returns false if there is no SOA. - virtual bool getSOA(const string &name, SOAData &soadata, DNSPacket *p=0); + virtual bool getSOA(const DNSName &name, SOAData &soadata, DNSPacket *p=0); //! Calculates a SOA serial for the zone and stores it in the third argument. - virtual bool calculateSOASerial(const string& domain, const SOAData& sd, time_t& serial); + virtual bool calculateSOASerial(const DNSName& domain, const SOAData& sd, time_t& serial); - virtual bool replaceRRSet(uint32_t domain_id, const string& qname, const QType& qt, const vector& rrset) + virtual bool replaceRRSet(uint32_t domain_id, const DNSName& qname, const QType& qt, const vector& rrset) { return false; } - virtual bool listSubZone(const string &zone, int domain_id) + virtual bool listSubZone(const DNSName &zone, int domain_id) { return false; } @@ -138,9 +139,9 @@ public: bool isDnssecDomainMetadata (const string& name) { return (name == "PRESIGNED" || name == "NSEC3PARAM" || name == "NSEC3NARROW"); } - virtual bool getAllDomainMetadata(const string& name, std::map >& meta) { return false; }; - virtual bool getDomainMetadata(const string& name, const std::string& kind, std::vector& meta) { return false; } - virtual bool getDomainMetadataOne(const string& name, const std::string& kind, std::string& value) + virtual bool getAllDomainMetadata(const DNSName& name, std::map >& meta) { return false; }; + virtual bool getDomainMetadata(const DNSName& name, const std::string& kind, std::vector& meta) { return false; } + virtual bool getDomainMetadataOne(const DNSName& name, const std::string& kind, std::string& value) { std::vector meta; if (getDomainMetadata(name, kind, meta)) { @@ -152,8 +153,8 @@ public: return false; } - virtual bool setDomainMetadata(const string& name, const std::string& kind, const std::vector& meta) {return false;} - virtual bool setDomainMetadataOne(const string& name, const std::string& kind, const std::string& value) + virtual bool setDomainMetadata(const DNSName& name, const std::string& kind, const std::vector& meta) {return false;} + virtual bool setDomainMetadataOne(const DNSName& name, const std::string& kind, const std::string& value) { const std::vector meta(1, value); return setDomainMetadata(name, kind, meta); @@ -163,7 +164,7 @@ public: virtual void getAllDomains(vector *domains, bool include_disabled=false) { } /** Determines if we are authoritative for a zone, and at what level */ - virtual bool getAuth(DNSPacket *p, SOAData *sd, const string &target, const int best_match_len); + virtual bool getAuth(DNSPacket *p, SOAData *sd, const DNSName &target, const int best_match_len); struct KeyData { unsigned int id; @@ -172,52 +173,52 @@ public: std::string content; }; - virtual bool getDomainKeys(const string& name, unsigned int kind, std::vector& keys) { return false;} - virtual bool removeDomainKey(const string& name, unsigned int id) { return false; } - virtual int addDomainKey(const string& name, const KeyData& key){ return -1; } - virtual bool activateDomainKey(const string& name, unsigned int id) { return false; } - virtual bool deactivateDomainKey(const string& name, unsigned int id) { return false; } + virtual bool getDomainKeys(const DNSName& name, unsigned int kind, std::vector& keys) { return false;} + virtual bool removeDomainKey(const DNSName& name, unsigned int id) { return false; } + virtual int addDomainKey(const DNSName& name, const KeyData& key){ return -1; } + virtual bool activateDomainKey(const DNSName& name, unsigned int id) { return false; } + virtual bool deactivateDomainKey(const DNSName& name, unsigned int id) { return false; } - virtual bool getTSIGKey(const string& name, string* algorithm, string* content) { return false; } - virtual bool setTSIGKey(const string& name, const string& algorithm, const string& content) { return false; } - virtual bool deleteTSIGKey(const string& name) { return false; } + virtual bool getTSIGKey(const DNSName& name, DNSName* algorithm, string* content) { return false; } + virtual bool setTSIGKey(const DNSName& name, const DNSName& algorithm, const string& content) { return false; } + virtual bool deleteTSIGKey(const DNSName& name) { return false; } virtual bool getTSIGKeys(std::vector< struct TSIGKey > &keys) { return false; } - virtual bool getBeforeAndAfterNamesAbsolute(uint32_t id, const std::string& qname, std::string& unhashed, std::string& before, std::string& after) + virtual bool getBeforeAndAfterNamesAbsolute(uint32_t id, const DNSName& qname, DNSName& unhashed, DNSName& before, DNSName& after) { std::cerr<<"Default beforeAndAfterAbsolute called!"<& insert, set& erase, bool remove) + virtual bool updateEmptyNonTerminals(uint32_t domain_id, const DNSName& zonename, set& insert, set& erase, bool remove) { return false; } - virtual bool nullifyDNSSECOrderNameAndUpdateAuth(uint32_t domain_id, const std::string& qname, bool auth) + virtual bool nullifyDNSSECOrderNameAndUpdateAuth(uint32_t domain_id, const DNSName& qname, bool auth) { return false; } - virtual bool nullifyDNSSECOrderNameAndAuth(uint32_t domain_id, const std::string& qname, const std::string& type) + virtual bool nullifyDNSSECOrderNameAndAuth(uint32_t domain_id, const DNSName& qname, const std::string& type) { return false; } - virtual bool setDNSSECAuthOnDsRecord(uint32_t domain_id, const std::string& qname) + virtual bool setDNSSECAuthOnDsRecord(uint32_t domain_id, const DNSName& qname) { return false; } @@ -244,19 +245,19 @@ public: { } - virtual bool replaceComments(const uint32_t domain_id, const string& qname, const QType& qt, const vector& comments) + virtual bool replaceComments(const uint32_t domain_id, const DNSName& qname, const QType& qt, const vector& comments) { return false; } //! returns true if master ip is master for domain name. - virtual bool isMaster(const string &name, const string &ip) + virtual bool isMaster(const DNSName &name, const string &ip) { return false; } //! starts the transaction for updating domain qname (FIXME: what is id?) - virtual bool startTransaction(const string &qname, int id=-1) + virtual bool startTransaction(const DNSName &qname, int id=-1) { return false; } @@ -286,17 +287,17 @@ public: { return false; // no problem! } - virtual bool feedEnts(int domain_id, map &nonterm) + virtual bool feedEnts(int domain_id, map &nonterm) { return false; } - virtual bool feedEnts3(int domain_id, const string &domain, map &nonterm, unsigned int times, const string &salt, bool narrow) + virtual bool feedEnts3(int domain_id, const DNSName &domain, map &nonterm, unsigned int times, const string &salt, bool narrow) { return false; } //! if this returns true, DomainInfo di contains information about the domain - virtual bool getDomainInfo(const string &domain, DomainInfo &di) + virtual bool getDomainInfo(const DNSName &domain, DomainInfo &di) { return false; } @@ -306,7 +307,7 @@ public: } //! get a list of IP addresses that should also be notified for a domain - virtual void alsoNotifies(const string &domain, set *ips) + virtual void alsoNotifies(const DNSName &domain, set *ips) { } @@ -326,19 +327,19 @@ public: } //! Called when the Master of a domain should be changed - virtual bool setMaster(const string &domain, const string &ip) + virtual bool setMaster(const DNSName &domain, const string &ip) { return false; } //! Called when the Kind of a domain should be changed (master -> native and similar) - virtual bool setKind(const string &domain, const DomainInfo::DomainKind kind) + virtual bool setKind(const DNSName &domain, const DomainInfo::DomainKind kind) { return false; } //! Called when the Account of a domain should be changed - virtual bool setAccount(const string &domain, const string &account) + virtual bool setAccount(const DNSName &domain, const string &account) { return false; } @@ -347,36 +348,36 @@ public: void setArgPrefix(const string &prefix); //! determine if ip is a supermaster or a domain - virtual bool superMasterBackend(const string &ip, const string &domain, const vector&nsset, string *nameserver, string *account, DNSBackend **db) + virtual bool superMasterBackend(const string &ip, const DNSName &domain, const vector&nsset, string *nameserver, string *account, DNSBackend **db) { return false; } //! called by PowerDNS to create a new domain - virtual bool createDomain(const string &domain) + virtual bool createDomain(const DNSName &domain) { return false; } //! called by PowerDNS to create a slave record for a superMaster - virtual bool createSlaveDomain(const string &ip, const string &domain, const string &nameserver, const string &account) + virtual bool createSlaveDomain(const string &ip, const DNSName &domain, const string &nameserver, const string &account) { return false; } //! called to delete a domain, incl. all metadata, zone contents, etc. - virtual bool deleteDomain(const string &domain) + virtual bool deleteDomain(const DNSName &domain) { return false; } //! called to get a NSECx record from backend - virtual bool getDirectNSECx(uint32_t id, const string &hashed, const QType &qtype, string &before, DNSResourceRecord &rr) + virtual bool getDirectNSECx(uint32_t id, const string &hashed, const QType &qtype, DNSName &before, DNSResourceRecord &rr) { return false; } //! called to get RRSIG record(s) from backend - virtual bool getDirectRRSIGs(const string &signer, const string &qname, const QType &qtype, vector &rrsigs) + virtual bool getDirectRRSIGs(const DNSName &signer, const DNSName &qname, const QType &qtype, vector &rrsigs) { return false; } diff --git a/pdns/dnsname.hh b/pdns/dnsname.hh index 14e73754b..6c0f2437e 100644 --- a/pdns/dnsname.hh +++ b/pdns/dnsname.hh @@ -4,7 +4,7 @@ #include #include #include -#include "misc.hh" +// #include "dns.hh" // #include diff --git a/pdns/dnspacket.cc b/pdns/dnspacket.cc index c9076a445..39edec33c 100644 --- a/pdns/dnspacket.cc +++ b/pdns/dnspacket.cc @@ -402,7 +402,7 @@ DNSPacket *DNSPacket::replyPacket() const r->d_haveednssubnet = d_haveednssubnet; r->d_haveednssection = d_haveednssection; - if(!d_tsigkeyname.empty()) { + if(d_tsigkeyname.countLabels()) { r->d_tsigkeyname = d_tsigkeyname; r->d_tsigprevious = d_tsigprevious; r->d_trc = d_trc; @@ -444,7 +444,7 @@ int DNSPacket::noparse(const char *mesg, int length) return 0; } -void DNSPacket::setTSIGDetails(const TSIGRecordContent& tr, const string& keyname, const string& secret, const string& previous, bool timersonly) +void DNSPacket::setTSIGDetails(const TSIGRecordContent& tr, const DNSName& keyname, const string& secret, const string& previous, bool timersonly) { d_trc=tr; d_tsigkeyname = keyname; @@ -453,7 +453,7 @@ void DNSPacket::setTSIGDetails(const TSIGRecordContent& tr, const string& keynam d_tsigtimersonly=timersonly; } -bool DNSPacket::getTSIGDetails(TSIGRecordContent* trc, string* keyname, string* message) const +bool DNSPacket::getTSIGDetails(TSIGRecordContent* trc, DNSName* keyname, string* message) const { MOADNSParser mdp(d_rawpacket); @@ -467,8 +467,6 @@ bool DNSPacket::getTSIGDetails(TSIGRecordContent* trc, string* keyname, string* gotit=true; *keyname = i->first.d_label; - if(!keyname->empty()) - keyname->resize(keyname->size()-1); // drop the trailing dot } } if(!gotit) @@ -479,7 +477,7 @@ bool DNSPacket::getTSIGDetails(TSIGRecordContent* trc, string* keyname, string* return true; } -bool DNSPacket::getTKEYRecord(TKEYRecordContent *tr, string *keyname) const +bool DNSPacket::getTKEYRecord(TKEYRecordContent *tr, DNSName *keyname) const { MOADNSParser mdp(d_rawpacket); bool gotit=false; @@ -622,20 +620,20 @@ void DNSPacket::commitD() d_rawpacket.replace(0,12,(char *)&d,12); // copy in d } -bool checkForCorrectTSIG(const DNSPacket* q, UeberBackend* B, string* keyname, string* secret, TSIGRecordContent* trc) +bool checkForCorrectTSIG(const DNSPacket* q, UeberBackend* B, DNSName* keyname, string* secret, TSIGRecordContent* trc) { string message; q->getTSIGDetails(trc, keyname, &message); int64_t now = time(0); if(abs((int64_t)trc->d_time - now) > trc->d_fudge) { - L<qdomain.toString()<<"' denied: TSIG (key '"<<*keyname<<"') time delta "<< abs(trc->d_time - now)<<" > 'fudge' "<d_fudge<qdomain.toString()<<"' denied: TSIG (key '"<toString()<<"') time delta "<< abs(trc->d_time - now)<<" > 'fudge' "<d_fudge<d_algoName.toString(); // FIXME - if (algoName == "hmac-md5.sig-alg.reg.int") - algoName = "hmac-md5"; + DNSName algoName = trc->d_algoName; // FIXME + if (algoName == DNSName("hmac-md5.sig-alg.reg.int")) + algoName = DNSName("hmac-md5"); if (algoName == "gss-tsig") { if (!gss_verify_signature(*keyname, message, trc->d_mac)) { @@ -647,11 +645,11 @@ bool checkForCorrectTSIG(const DNSPacket* q, UeberBackend* B, string* keyname, s string secret64; if(!B->getTSIGKey(*keyname, &algoName, &secret64)) { - L<qdomain.toString()<<"' denied: can't find TSIG key with name '"<<*keyname<<"' and algorithm '"<qdomain.toString()<<"' denied: can't find TSIG key with name '"<toString()<<"' and algorithm '"<d_algoName == "hmac-md5") - trc->d_algoName += ".sig-alg.reg.int."; + if (trc->d_algoName == DNSName("hmac-md5")) + trc->d_algoName += DNSName("sig-alg.reg.int."); TSIGHashEnum algo; if(!getTSIGHashEnum(trc->d_algoName, algo)) { @@ -662,7 +660,7 @@ bool checkForCorrectTSIG(const DNSPacket* q, UeberBackend* B, string* keyname, s B64Decode(secret64, *secret); bool result=calculateHMAC(*secret, message, algo) == trc->d_mac; if(!result) { - L<qdomain.toString()<<"' denied: TSIG signature mismatch using '"<<*keyname<<"' and algorithm '"<d_algoName.toString()<<"'"<qdomain.toString()<<"' denied: TSIG signature mismatch using '"<toString()<<"' and algorithm '"<d_algoName.toString()<<"'"<& getRRS() { return d_rrs; } TSIGRecordContent d_trc; @@ -174,7 +174,7 @@ private: bool d_haveednssection; EDNSSubnetOpts d_eso; string d_tsigsecret; - string d_tsigkeyname; + DNSName d_tsigkeyname; string d_tsigprevious; bool d_tsigtimersonly; diff --git a/pdns/dnsparser.hh b/pdns/dnsparser.hh index ad38a6d3a..f097126bd 100644 --- a/pdns/dnsparser.hh +++ b/pdns/dnsparser.hh @@ -165,7 +165,7 @@ public: virtual std::string getZoneRepresentation() const = 0; virtual ~DNSRecordContent() {} virtual void toPacket(DNSPacketWriter& pw)=0; - virtual string serialize(const string& qname, bool canonic=false, bool lowerCase=false) // it would rock if this were const, but it is too hard + virtual string serialize(const DNSName& qname, bool canonic=false, bool lowerCase=false) // it would rock if this were const, but it is too hard { vector packet; string empty; diff --git a/pdns/dnsrecords.cc b/pdns/dnsrecords.cc index 58ace38c4..e30583494 100644 --- a/pdns/dnsrecords.cc +++ b/pdns/dnsrecords.cc @@ -63,12 +63,9 @@ bool DNSResourceRecord::operator==(const DNSResourceRecord& rhs) string lcontent=toLower(content); string rcontent=toLower(rhs.content); - string llabel=toLower(qname); - string rlabel=toLower(rhs.qname); - return - tie(llabel, qtype, lcontent, ttl) == - tie(rlabel, rhs.qtype, rcontent, rhs.ttl); + tie(qname, qtype, lcontent, ttl) == + tie(rhs.qname, rhs.qtype, rcontent, rhs.ttl); } @@ -77,8 +74,8 @@ DNSResourceRecord::DNSResourceRecord(const DNSRecord &p) { auth=true; disabled=false; qname = p.d_label; - if(!qname.empty()) - boost::erase_tail(qname, 1); // strip . + // if(!qname.empty()) + // boost::erase_tail(qname, 1); // strip . qtype = p.d_type; ttl = p.d_ttl; diff --git a/pdns/dnssecinfra.cc b/pdns/dnssecinfra.cc index ebd151823..36d7bcc36 100644 --- a/pdns/dnssecinfra.cc +++ b/pdns/dnssecinfra.cc @@ -379,10 +379,10 @@ uint32_t getStartOfWeek() return now; } -std::string hashQNameWithSalt(unsigned int times, const std::string& salt, const std::string& qname) +std::string hashQNameWithSalt(unsigned int times, const std::string& salt, const DNSName& qname) { string toHash; - toHash.assign(simpleCompress(toLower(qname))); + toHash.assign(qname.toDNSString()); toHash.append(salt); // cerr< }; bool sharedDNSSECCompare(const std::shared_ptr& a, const shared_ptr& b); -string getMessageForRRSET(const std::string& qname, const RRSIGRecordContent& rrc, std::vector >& signRecords); +string getMessageForRRSET(const DNSName& qname, const RRSIGRecordContent& rrc, std::vector >& signRecords); -DSRecordContent makeDSFromDNSKey(const std::string& qname, const DNSKEYRecordContent& drc, int digest=1); +DSRecordContent makeDSFromDNSKey(const DNSName& qname, const DNSKEYRecordContent& drc, int digest=1); -int countLabels(const std::string& signQName); - class RSAContext; class DNSSECKeeper; struct DNSSECPrivateKey; -void fillOutRRSIG(DNSSECPrivateKey& dpk, const std::string& signQName, RRSIGRecordContent& rrc, vector >& toSign); +void fillOutRRSIG(DNSSECPrivateKey& dpk, const DNSName& signQName, RRSIGRecordContent& rrc, vector >& toSign); uint32_t getStartOfWeek(); -void addSignature(DNSSECKeeper& dk, UeberBackend& db, const std::string& signer, const std::string signQName, const std::string& wildcardname, uint16_t signQType, uint32_t signTTL, DNSPacketWriter::Place signPlace, +void addSignature(DNSSECKeeper& dk, UeberBackend& db, const DNSName& signer, const DNSName signQName, const DNSName& wildcardname, uint16_t signQType, uint32_t signTTL, DNSPacketWriter::Place signPlace, vector >& toSign, vector& outsigned, uint32_t origTTL); -int getRRSIGsForRRSET(DNSSECKeeper& dk, const std::string& signer, const std::string signQName, uint16_t signQType, uint32_t signTTL, +int getRRSIGsForRRSET(DNSSECKeeper& dk, const DNSName& signer, const DNSName signQName, uint16_t signQType, uint32_t signTTL, vector >& toSign, vector &rrc); -std::string hashQNameWithSalt(unsigned int times, const std::string& salt, const std::string& qname); +std::string hashQNameWithSalt(unsigned int times, const std::string& salt, const DNSName& qname); void decodeDERIntegerSequence(const std::string& input, vector& output); class DNSPacket; void addRRSigs(DNSSECKeeper& dk, UeberBackend& db, const std::set& authMap, vector& rrs); diff --git a/pdns/dnsseckeeper.hh b/pdns/dnsseckeeper.hh index c1786e5f4..87bcd7ac7 100644 --- a/pdns/dnsseckeeper.hh +++ b/pdns/dnsseckeeper.hh @@ -69,30 +69,30 @@ public: if(d_ourDB) delete d_keymetadb; } - bool isSecuredZone(const std::string& zone); + bool isSecuredZone(const DNSName& zone); static uint64_t dbdnssecCacheSizes(const std::string& str); - keyset_t getKeys(const std::string& zone, boost::tribool allOrKeyOrZone = boost::indeterminate, bool useCache = true); - DNSSECPrivateKey getKeyById(const std::string& zone, unsigned int id); - bool addKey(const std::string& zname, bool keyOrZone, int algorithm=5, int bits=0, bool active=true); - bool addKey(const std::string& zname, const DNSSECPrivateKey& dpk, bool active=true); - bool removeKey(const std::string& zname, unsigned int id); - bool activateKey(const std::string& zname, unsigned int id); - bool deactivateKey(const std::string& zname, unsigned int id); - - bool secureZone(const std::string& fname, int algorithm, int size); - - bool getNSEC3PARAM(const std::string& zname, NSEC3PARAMRecordContent* n3p=0, bool* narrow=0); - bool setNSEC3PARAM(const std::string& zname, const NSEC3PARAMRecordContent& n3p, const bool& narrow=false); - bool unsetNSEC3PARAM(const std::string& zname); + keyset_t getKeys(const DNSName& zone, boost::tribool allOrKeyOrZone = boost::indeterminate, bool useCache = true); + DNSSECPrivateKey getKeyById(const DNSName& zone, unsigned int id); + bool addKey(const DNSName& zname, bool keyOrZone, int algorithm=5, int bits=0, bool active=true); + bool addKey(const DNSName& zname, const DNSSECPrivateKey& dpk, bool active=true); + bool removeKey(const DNSName& zname, unsigned int id); + bool activateKey(const DNSName& zname, unsigned int id); + bool deactivateKey(const DNSName& zname, unsigned int id); + + bool secureZone(const DNSName& fname, int algorithm, int size); + + bool getNSEC3PARAM(const DNSName& zname, NSEC3PARAMRecordContent* n3p=0, bool* narrow=0); + bool setNSEC3PARAM(const DNSName& zname, const NSEC3PARAMRecordContent& n3p, const bool& narrow=false); + bool unsetNSEC3PARAM(const DNSName& zname); void clearAllCaches(); - void clearCaches(const std::string& name); - bool getPreRRSIGs(UeberBackend& db, const std::string& signer, const std::string& qname, const std::string& wildcardname, const QType& qtype, DNSPacketWriter::Place, vector& rrsigs, uint32_t signTTL); - bool isPresigned(const std::string& zname); - bool setPresigned(const std::string& zname); - bool unsetPresigned(const std::string& zname); - - bool TSIGGrantsAccess(const string& zone, const string& keyname); - bool getTSIGForAccess(const string& zone, const string& master, string* keyname); + void clearCaches(const DNSName& name); + bool getPreRRSIGs(UeberBackend& db, const DNSName& signer, const DNSName& qname, const DNSName& wildcardname, const QType& qtype, DNSPacketWriter::Place, vector& rrsigs, uint32_t signTTL); + bool isPresigned(const DNSName& zname); + bool setPresigned(const DNSName& zname); + bool unsetPresigned(const DNSName& zname); + + bool TSIGGrantsAccess(const DNSName& zone, const DNSName& keyname); + bool getTSIGForAccess(const DNSName& zone, const string& master, DNSName* keyname); void startTransaction() { @@ -104,7 +104,7 @@ public: (*d_keymetadb->backends.begin())->commitTransaction(); } - void getFromMeta(const std::string& zname, const std::string& key, std::string& value); + void getFromMeta(const DNSName& zname, const std::string& key, std::string& value); private: @@ -117,7 +117,7 @@ private: return d_ttd; } - string d_domain; + DNSName d_domain; unsigned int d_ttd; mutable keys_t d_keys; }; @@ -129,7 +129,7 @@ private: return d_ttd; } - string d_domain; + DNSName d_domain; unsigned int d_ttd; mutable std::string d_key, d_value; @@ -139,7 +139,7 @@ private: typedef multi_index_container< KeyCacheEntry, indexed_by< - ordered_unique, CIStringCompare >, + ordered_unique >, sequenced<> > > keycache_t; @@ -149,9 +149,9 @@ private: ordered_unique< composite_key< METACacheEntry, - member , + member , member - >, composite_key_compare >, + >, composite_key_compare, CIStringCompare> >, sequenced<> > > metacache_t; @@ -170,7 +170,7 @@ class DNSPacket; uint32_t localtime_format_YYYYMMDDSS(time_t t, uint32_t seq); // for SOA-EDIT uint32_t calculateEditSOA(SOAData sd, const string& kind); -bool editSOA(DNSSECKeeper& dk, const string& qname, DNSPacket* dp); +bool editSOA(DNSSECKeeper& dk, const DNSName& qname, DNSPacket* dp); bool editSOARecord(DNSResourceRecord& rr, const string& kind); // for SOA-EDIT-DNSUPDATE/API uint32_t calculateIncreaseSOA(SOAData sd, const string& increaseKind, const string& editKind); diff --git a/pdns/dnssecsigner.cc b/pdns/dnssecsigner.cc index 14060ad89..e5fb527c8 100644 --- a/pdns/dnssecsigner.cc +++ b/pdns/dnssecsigner.cc @@ -35,7 +35,7 @@ extern StatBag S; /* this is where the RRSIGs begin, keys are retrieved, but the actual signing happens in fillOutRRSIG */ -int getRRSIGsForRRSET(DNSSECKeeper& dk, const std::string& signer, const std::string signQName, uint16_t signQType, uint32_t signTTL, +int getRRSIGsForRRSET(DNSSECKeeper& dk, const DNSName& signer, const DNSName signQName, uint16_t signQType, uint32_t signTTL, vector >& toSign, vector& rrcs) { if(toSign.empty()) @@ -44,11 +44,11 @@ int getRRSIGsForRRSET(DNSSECKeeper& dk, const std::string& signer, const std::st RRSIGRecordContent rrc; rrc.d_type=signQType; - rrc.d_labels=countLabels(signQName); + rrc.d_labels=signQName.countLabels(); rrc.d_originalttl=signTTL; rrc.d_siginception=startOfWeek - 7*86400; // XXX should come from zone metadata rrc.d_sigexpire=startOfWeek + 14*86400; - rrc.d_signer = signer.empty() ? "." : toLower(signer); + rrc.d_signer = signer; rrc.d_tag = 0; // we sign the RRSET in toSign + the rrc w/o hash @@ -91,7 +91,7 @@ int getRRSIGsForRRSET(DNSSECKeeper& dk, const std::string& signer, const std::st } // this is the entrypoint from DNSPacket -void addSignature(DNSSECKeeper& dk, UeberBackend& db, const std::string& signer, const std::string signQName, const std::string& wildcardname, uint16_t signQType, +void addSignature(DNSSECKeeper& dk, UeberBackend& db, const DNSName& signer, const DNSName signQName, const DNSName& wildcardname, uint16_t signQType, uint32_t signTTL, DNSPacketWriter::Place signPlace, vector >& toSign, vector& outsigned, uint32_t origTTL) { @@ -104,7 +104,7 @@ void addSignature(DNSSECKeeper& dk, UeberBackend& db, const std::string& signer, dk.getPreRRSIGs(db, signer, signQName, wildcardname, QType(signQType), signPlace, outsigned, origTTL); // does it all } else { - if(getRRSIGsForRRSET(dk, signer, wildcardname.empty() ? signQName : wildcardname, signQType, signTTL, toSign, rrcs) < 0) { + if(getRRSIGsForRRSET(dk, signer, wildcardname.countLabels() ? wildcardname : signQName, signQType, signTTL, toSign, rrcs) < 0) { // cerr<<"Error signing a record!"<& authSet, const string& name, string& auth) +static bool getBestAuthFromSet(const set& authSet, const DNSName& name, DNSName& auth) { - auth.clear(); - string sname(name); + auth.trimToLabels(0); + DNSName sname(name); do { if(authSet.find(sname) != authSet.end()) { auth = sname; return true; } } - while(chopOff(sname)); + while(sname.chopOff()); return false; } -void addRRSigs(DNSSECKeeper& dk, UeberBackend& db, const set& authSet, vector& rrs) +void addRRSigs(DNSSECKeeper& dk, UeberBackend& db, const set& authSet, vector& rrs) { stable_sort(rrs.begin(), rrs.end(), rrsigncomp); - string signQName, wildcardQName; + DNSName signQName, wildcardQName; uint16_t signQType=0; uint32_t signTTL=0; uint32_t origTTL=0; @@ -215,7 +215,7 @@ void addRRSigs(DNSSECKeeper& dk, UeberBackend& db, const set signedRecords; - string signer; + DNSName signer; for(vector::const_iterator pos = rrs.begin(); pos != rrs.end(); ++pos) { if(pos != rrs.begin() && (signQType != pos->qtype.getCode() || signQName != pos->qname)) { if(getBestAuthFromSet(authSet, signQName, signer)) diff --git a/pdns/dynhandler.cc b/pdns/dynhandler.cc index b0e8d0126..777548188 100644 --- a/pdns/dynhandler.cc +++ b/pdns/dynhandler.cc @@ -346,7 +346,7 @@ string DLListZones(const vector&parts, Utility::pid_t ppid) for (vector::const_iterator di=domains.begin(); di != domains.end(); di++) { if (di->kind == kindFilter || kindFilter == -1) { - ret<zone<zone.toString()<::const_iterator j=nsset.begin();j!=nsset.end();++j) { vector nsips=fns.lookup(*j, B); if(nsips.empty()) - L<::const_iterator k=nsips.begin();k!=nsips.end();++k) { const ComboAddress caIp(*k, 53); if(!d_preventSelfNotification || !AddressIsUs(caIp)) { if(!d_onlyNotify.match(&caIp)) - L<::const_iterator j=ips.begin();j!=ips.end();++j) { - L<::const_iterator j=alsoNotify.begin();j!=alsoNotify.end();++j) { try { const ComboAddress caIp(*j, 53); - L<::const_iterator i=cmdomains.begin();i!=cmdomains.end();++i) { extern PacketCache PC; - PC.purge(i->zone); // fixes cvstrac ticket #30 + PC.purge(i->zone.toString()); // fixes cvstrac ticket #30 queueNotifyDomain(i->zone,P->getBackend()); i->backend->setNotified(i->id,i->serial); } @@ -188,7 +188,8 @@ time_t CommunicatorClass::doNotifications() } // send out possible new notifications - string domain, ip; + DNSName domain; + string ip; uint16_t id; bool purged; @@ -206,17 +207,17 @@ time_t CommunicatorClass::doNotifications() drillHole(domain, ip); } catch(ResolverException &re) { - L< packet; DNSPacketWriter pw(packet, domain, QType::SOA, 1, Opcode::Notify); diff --git a/pdns/misc.hh b/pdns/misc.hh index acbc2c8b3..90718d9cc 100644 --- a/pdns/misc.hh +++ b/pdns/misc.hh @@ -346,6 +346,13 @@ inline bool pdns_iequals(const std::string& a, const std::string& b) return true; } +// FIXME remove this +inline bool pdns_iequals(const DNSName& a, const DNSName& b) __attribute__((pure)); +inline bool pdns_iequals(const DNSName& a, const DNSName& b) +{ + return a==b; +} + inline bool pdns_iequals_ch(const char a, const char b) __attribute__((pure)); inline bool pdns_iequals_ch(const char a, const char b) { @@ -486,6 +493,11 @@ inline bool isCanonical(const string& dom) return dom[dom.size()-1]=='.'; } +inline string toCanonic(const DNSName& zone, const string& domain) +{ + return toCanonic(zone.toString(), domain); +} + inline string toCanonic(const string& zone, const string& domain) { if(domain.length()==1 && domain[0]=='@') diff --git a/pdns/packetcache.cc b/pdns/packetcache.cc index bb77a8bd8..ced4b0e21 100644 --- a/pdns/packetcache.cc +++ b/pdns/packetcache.cc @@ -97,7 +97,7 @@ int PacketCache::get(DNSPacket *p, DNSPacket *cached, bool recursive) string value; bool haveSomething; { - MapCombo& mc=getMap(pcReverse(p->qdomain.toString())); // FIXME + MapCombo& mc=getMap(pcReverse(p->qdomain)); TryReadLock l(&mc.d_mut); // take a readlock here if(!l.gotIt()) { S.inc("deferred-cache-lookup"); @@ -160,7 +160,7 @@ void PacketCache::insert(DNSPacket *q, DNSPacket *r, bool recursive, unsigned in } // universal key appears to be: qname, qtype, kind (packet, query cache), optionally zoneid, meritsRecursion -void PacketCache::insert(const string &qname, const QType& qtype, CacheEntryType cet, const string& value, unsigned int ttl, int zoneID, +void PacketCache::insert(const DNSName &qname, const QType& qtype, CacheEntryType cet, const string& value, unsigned int ttl, int zoneID, bool meritsRecursion, unsigned int maxReplyLen, bool dnssecOk, bool EDNS) { if(!((++d_ops) % 300000)) { @@ -249,7 +249,7 @@ int PacketCache::purge(const string &match) return delcount; } // called from ueberbackend -bool PacketCache::getEntry(const string &qname, const QType& qtype, CacheEntryType cet, string& value, int zoneID, bool meritsRecursion, +bool PacketCache::getEntry(const DNSName &qname, const QType& qtype, CacheEntryType cet, string& value, int zoneID, bool meritsRecursion, unsigned int maxReplyLen, bool dnssecOk, bool hasEDNS, unsigned int *age) { if(d_ttl<0) @@ -271,7 +271,7 @@ bool PacketCache::getEntry(const string &qname, const QType& qtype, CacheEntryTy } -bool PacketCache::getEntryLocked(const string &qname, const QType& qtype, CacheEntryType cet, string& value, int zoneID, bool meritsRecursion, +bool PacketCache::getEntryLocked(const DNSName &qname, const QType& qtype, CacheEntryType cet, string& value, int zoneID, bool meritsRecursion, unsigned int maxReplyLen, bool dnssecOK, bool hasEDNS, unsigned int *age) { uint16_t qt = qtype.getCode(); @@ -291,10 +291,11 @@ bool PacketCache::getEntryLocked(const string &qname, const QType& qtype, CacheE } -string PacketCache::pcReverse(const string &content) +string PacketCache::pcReverse(const DNSName &DNcontent) { typedef vector > parts_t; parts_t parts; + string content = DNcontent.toString(); vstringtok(parts,toLower(content), "."); string ret; ret.reserve(content.size()+1); diff --git a/pdns/packetcache.hh b/pdns/packetcache.hh index 758da9c82..e5f65c338 100644 --- a/pdns/packetcache.hh +++ b/pdns/packetcache.hh @@ -56,11 +56,11 @@ public: void insert(DNSPacket *q, DNSPacket *r, bool recursive, unsigned int maxttl=UINT_MAX); //!< We copy the contents of *p into our cache. Do not needlessly call this to insert questions already in the cache as it wastes resources - void insert(const string &qname, const QType& qtype, CacheEntryType cet, const string& value, unsigned int ttl, int zoneID=-1, bool meritsRecursion=false, + void insert(const DNSName &qname, const QType& qtype, CacheEntryType cet, const string& value, unsigned int ttl, int zoneID=-1, bool meritsRecursion=false, unsigned int maxReplyLen=512, bool dnssecOk=false, bool EDNS=false); int get(DNSPacket *p, DNSPacket *q, bool recursive); //!< We return a dynamically allocated copy out of our cache. You need to delete it. You also need to spoof in the right ID with the DNSPacket.spoofID() method. - bool getEntry(const string &content, const QType& qtype, CacheEntryType cet, string& entry, int zoneID=-1, + bool getEntry(const DNSName &qname, const QType& qtype, CacheEntryType cet, string& entry, int zoneID=-1, bool meritsRecursion=false, unsigned int maxReplyLen=512, bool dnssecOk=false, bool hasEDNS=false, unsigned int *age=0); int size(); //!< number of entries in the cache @@ -70,9 +70,9 @@ public: map getCounts(); private: - bool getEntryLocked(const string &content, const QType& qtype, CacheEntryType cet, string& entry, int zoneID=-1, + bool getEntryLocked(const DNSName &qname, const QType& qtype, CacheEntryType cet, string& entry, int zoneID=-1, bool meritsRecursion=false, unsigned int maxReplyLen=512, bool dnssecOk=false, bool hasEDNS=false, unsigned int *age=0); - string pcReverse(const string &content); + string pcReverse(const DNSName &content); struct CacheEntry { CacheEntry() { qtype = ctype = 0; zoneID = -1; meritsRecursion=false; dnssecOk=false; hasEDNS=false;} diff --git a/pdns/packethandler.cc b/pdns/packethandler.cc index 546fafdcb..991a64c31 100644 --- a/pdns/packethandler.cc +++ b/pdns/packethandler.cc @@ -184,7 +184,7 @@ bool PacketHandler::addNSEC3PARAM(DNSPacket *p, DNSPacket *r, const SOAData& sd) // This is our chaos class requests handler. Return 1 if content was added, 0 if it wasn't -int PacketHandler::doChaosRequest(DNSPacket *p, DNSPacket *r, string &target) +int PacketHandler::doChaosRequest(DNSPacket *p, DNSPacket *r, DNSName &target) { DNSResourceRecord rr; @@ -231,11 +231,11 @@ int PacketHandler::doChaosRequest(DNSPacket *p, DNSPacket *r, string &target) return 0; } -vector PacketHandler::getBestReferralNS(DNSPacket *p, SOAData& sd, const string &target) +vector PacketHandler::getBestReferralNS(DNSPacket *p, SOAData& sd, const DNSName &target) { vector ret; DNSResourceRecord rr; - string subdomain(target); + DNSName subdomain(target); do { if(subdomain == sd.qname) // stop at SOA break; @@ -245,18 +245,18 @@ vector PacketHandler::getBestReferralNS(DNSPacket *p, SOAData } if(!ret.empty()) return ret; - } while( chopOff( subdomain ) ); // 'www.powerdns.org' -> 'powerdns.org' -> 'org' -> '' + } while( subdomain.chopOff() ); // 'www.powerdns.org' -> 'powerdns.org' -> 'org' -> '' return ret; } -vector PacketHandler::getBestDNAMESynth(DNSPacket *p, SOAData& sd, string &target) +vector PacketHandler::getBestDNAMESynth(DNSPacket *p, SOAData& sd, DNSName &target) { vector ret; DNSResourceRecord rr; string prefix; - string subdomain(target); + DNSName subdomain(target); do { - DLOG(L<<"Attempting DNAME lookup for "<::const_iterator i=crrs.begin(); i!=crrs.end(); ++i) { - if(r->d.aa && !i->qname.empty() && i->qtype.getCode()==QType::NS && !B.getSOA(i->qname,sd,p) && !retargeted) { // drop AA in case of non-SOA-level NS answer, except for root referral + if(r->d.aa && i->qname.countLabels() && i->qtype.getCode()==QType::NS && !B.getSOA(i->qname,sd,p) && !retargeted) { // drop AA in case of non-SOA-level NS answer, except for root referral r->setA(false); // i->d_place=DNSResourceRecord::AUTHORITY; // XXX FIXME } @@ -369,10 +369,10 @@ int PacketHandler::doAdditionalProcessingAndDropAA(DNSPacket *p, DNSPacket *r, c } while(B.get(rr)) { if(rr.domain_id!=i->domain_id && ::arg()["out-of-zone-additional-processing"]=="no") { - DLOG(L<qname<<" ("<qname.toString()<<" ("<addRecord(rr); @@ -384,7 +384,7 @@ int PacketHandler::doAdditionalProcessingAndDropAA(DNSPacket *p, DNSPacket *r, c } -void PacketHandler::emitNSEC(const std::string& begin, const std::string& end, const std::string& toNSEC, const SOAData& sd, DNSPacket *r, int mode) +void PacketHandler::emitNSEC(const DNSName& begin, const DNSName& end, const DNSName& toNSEC, const SOAData& sd, DNSPacket *r, int mode) { // cerr<<"We should emit '"<addRecord(rr); } -void emitNSEC3(UeberBackend& B, const NSEC3PARAMRecordContent& ns3prc, const SOAData& sd, const std::string& unhashed, const std::string& begin, const std::string& end, const std::string& toNSEC3, DNSPacket *r, int mode) +void emitNSEC3(UeberBackend& B, const NSEC3PARAMRecordContent& ns3prc, const SOAData& sd, const DNSName& unhashed, const DNSName& begin, const DNSName& end, const DNSName& toNSEC3, DNSPacket *r, int mode) { // cerr<<"We should emit NSEC3 '"<addRecord(rr); } -void PacketHandler::emitNSEC3(const NSEC3PARAMRecordContent& ns3prc, const SOAData& sd, const std::string& unhashed, const std::string& begin, const std::string& end, const std::string& toNSEC3, DNSPacket *r, int mode) +void PacketHandler::emitNSEC3(const NSEC3PARAMRecordContent& ns3prc, const SOAData& sd, const DNSName& unhashed, const DNSName& begin, const DNSName& end, const DNSName& toNSEC3, DNSPacket *r, int mode) { ::emitNSEC3(B, ns3prc, sd, unhashed, begin, end, toNSEC3, r, mode); @@ -467,7 +467,7 @@ void PacketHandler::emitNSEC3(const NSEC3PARAMRecordContent& ns3prc, const SOADa mode 4 = Name Error Responses mode 5 = Direct NSEC request */ -void PacketHandler::addNSECX(DNSPacket *p, DNSPacket *r, const string& target, const string& wildcard, const string& auth, int mode) +void PacketHandler::addNSECX(DNSPacket *p, DNSPacket *r, const DNSName& target, const DNSName& wildcard, const DNSName& auth, int mode) { if(!p->d_dnssecOk && mode != 5) return; @@ -878,7 +878,7 @@ DNSPacket *PacketHandler::question(DNSPacket *p) return ret; } -void PacketHandler::makeNXDomain(DNSPacket* p, DNSPacket* r, const std::string& target, const std::string& wildcard, SOAData& sd) +void PacketHandler::makeNXDomain(DNSPacket* p, DNSPacket* r, const DNSName& target, const DNSName& wildcard, SOAData& sd) { DNSResourceRecord rr; rr.qname=sd.qname; @@ -898,7 +898,7 @@ void PacketHandler::makeNXDomain(DNSPacket* p, DNSPacket* r, const std::string& r->setRcode(RCode::NXDomain); } -void PacketHandler::makeNOError(DNSPacket* p, DNSPacket* r, const std::string& target, const std::string& wildcard, SOAData& sd, int mode) +void PacketHandler::makeNOError(DNSPacket* p, DNSPacket* r, const DNSName& target, const DNSName& wildcard, SOAData& sd, int mode) { DNSResourceRecord rr; rr.qname=sd.qname; @@ -919,7 +919,7 @@ void PacketHandler::makeNOError(DNSPacket* p, DNSPacket* r, const std::string& t } -bool PacketHandler::addDSforNS(DNSPacket* p, DNSPacket* r, SOAData& sd, const string& dsname) +bool PacketHandler::addDSforNS(DNSPacket* p, DNSPacket* r, SOAData& sd, const DNSName& dsname) { //cerr<<"Trying to find a DS for '"< authSet; + set authSet; vector rrset; bool weDone=0, weRedirected=0, weHaveUnauth=0; diff --git a/pdns/packethandler.hh b/pdns/packethandler.hh index f7cb7f5b9..16d94cc06 100644 --- a/pdns/packethandler.hh +++ b/pdns/packethandler.hh @@ -70,15 +70,15 @@ private: int trySuperMaster(DNSPacket *p); int processNotify(DNSPacket *); void addRootReferral(DNSPacket *r); - int doChaosRequest(DNSPacket *p, DNSPacket *r, string &target); + int doChaosRequest(DNSPacket *p, DNSPacket *r, DNSName &target); bool addDNSKEY(DNSPacket *p, DNSPacket *r, const SOAData& sd); bool addNSEC3PARAM(DNSPacket *p, DNSPacket *r, const SOAData& sd); int doAdditionalProcessingAndDropAA(DNSPacket *p, DNSPacket *r, const SOAData& sd, bool retargeted); - void addNSECX(DNSPacket *p, DNSPacket* r, const string &target, const string &wildcard, const std::string &auth, int mode); - void addNSEC(DNSPacket *p, DNSPacket* r, const string &target, const string &wildcard, const std::string& auth, int mode); - void addNSEC3(DNSPacket *p, DNSPacket* r, const string &target, const string &wildcard, const std::string& auth, const NSEC3PARAMRecordContent& nsec3param, bool narrow, int mode); - void emitNSEC(const std::string& before, const std::string& after, const std::string& toNSEC, const SOAData& sd, DNSPacket *r, int mode); - void emitNSEC3(const NSEC3PARAMRecordContent &ns3rc, const SOAData& sd, const std::string& unhashed, const std::string& begin, const std::string& end, const std::string& toNSEC3, DNSPacket *r, int mode); + void addNSECX(DNSPacket *p, DNSPacket* r, const DNSName &target, const DNSName &wildcard, const DNSName &auth, int mode); + void addNSEC(DNSPacket *p, DNSPacket* r, const DNSName &target, const DNSName &wildcard, const DNSName& auth, int mode); + void addNSEC3(DNSPacket *p, DNSPacket* r, const DNSName &target, const DNSName &wildcard, const DNSName& auth, const NSEC3PARAMRecordContent& nsec3param, bool narrow, int mode); + void emitNSEC(const DNSName& before, const DNSName& after, const DNSName& toNSEC, const SOAData& sd, DNSPacket *r, int mode); + void emitNSEC3(const NSEC3PARAMRecordContent &ns3rc, const SOAData& sd, const DNSName& unhashed, const DNSName& begin, const DNSName& end, const DNSName& toNSEC3, DNSPacket *r, int mode); int processUpdate(DNSPacket *p); int forwardPacket(const string &msgPrefix, DNSPacket *p, DomainInfo *di); uint performUpdate(const string &msgPrefix, const DNSRecord *rr, DomainInfo *di, bool isPresigned, bool* narrow, bool* haveNSEC3, NSEC3PARAMRecordContent *ns3pr, bool *updatedSerial); @@ -86,17 +86,17 @@ private: int checkUpdatePrerequisites(const DNSRecord *rr, DomainInfo *di); void increaseSerial(const string &msgPrefix, const DomainInfo *di, bool haveNSEC3, bool narrow, const NSEC3PARAMRecordContent *ns3pr); - void makeNXDomain(DNSPacket* p, DNSPacket* r, const std::string& target, const std::string& wildcard, SOAData& sd); - void makeNOError(DNSPacket* p, DNSPacket* r, const std::string& target, const std::string& wildcard, SOAData& sd, int mode); - vector getBestReferralNS(DNSPacket *p, SOAData& sd, const string &target); - vector getBestDNAMESynth(DNSPacket *p, SOAData& sd, string &target); - bool tryDNAME(DNSPacket *p, DNSPacket*r, SOAData& sd, string &target); - bool tryReferral(DNSPacket *p, DNSPacket*r, SOAData& sd, const string &target, bool retargeted); - - bool getBestWildcard(DNSPacket *p, SOAData& sd, const string &target, string &wildcard, vector* ret); - bool tryWildcard(DNSPacket *p, DNSPacket*r, SOAData& sd, string &target, string &wildcard, bool& retargeted, bool& nodata); - bool addDSforNS(DNSPacket* p, DNSPacket* r, SOAData& sd, const string& dsname); - void completeANYRecords(DNSPacket *p, DNSPacket*r, SOAData& sd, const string &target); + void makeNXDomain(DNSPacket* p, DNSPacket* r, const DNSName& target, const DNSName& wildcard, SOAData& sd); + void makeNOError(DNSPacket* p, DNSPacket* r, const DNSName& target, const DNSName& wildcard, SOAData& sd, int mode); + vector getBestReferralNS(DNSPacket *p, SOAData& sd, const DNSName &target); + vector getBestDNAMESynth(DNSPacket *p, SOAData& sd, DNSName &target); + bool tryDNAME(DNSPacket *p, DNSPacket*r, SOAData& sd, DNSName &target); + bool tryReferral(DNSPacket *p, DNSPacket*r, SOAData& sd, const DNSName &target, bool retargeted); + + bool getBestWildcard(DNSPacket *p, SOAData& sd, const DNSName &target, DNSName &wildcard, vector* ret); + bool tryWildcard(DNSPacket *p, DNSPacket*r, SOAData& sd, DNSName &target, DNSName &wildcard, bool& retargeted, bool& nodata); + bool addDSforNS(DNSPacket* p, DNSPacket* r, SOAData& sd, const DNSName& dsname); + void completeANYRecords(DNSPacket *p, DNSPacket*r, SOAData& sd, const DNSName &target); void tkeyHandler(DNSPacket *p, DNSPacket *r); //list(zone, sd.domain_id); DNSResourceRecord rr; - set qnames, nsset, dsnames, insnonterm, delnonterm; - map nonterm; + set qnames, nsset, dsnames, insnonterm, delnonterm; + map nonterm; bool doent=true; while(sd.db->get(rr)) { if (rr.qtype.getCode()) { qnames.insert(rr.qname); - if(rr.qtype.getCode() == QType::NS && !pdns_iequals(rr.qname, zone)) + if(rr.qtype.getCode() == QType::NS && rr.qname!=zone) nsset.insert(rr.qname); if(rr.qtype.getCode() == QType::DS) dsnames.insert(rr.qname); @@ -223,9 +223,9 @@ bool rectifyZone(DNSSECKeeper& dk, const std::string& zone) cerr<<"Adding NSEC ordering information "<second)) { hashed=toBase32Hex(hashQNameWithSalt(ns3pr.d_iterations, ns3pr.d_salt, qname)); if(g_verbose) - cerr<<"'"< '"<< hashed <<"'"< '"<< hashed <<"'"<updateDNSSECOrderAndAuthAbsolute(sd.domain_id, qname, hashed, auth); } else { @@ -290,13 +290,13 @@ bool rectifyZone(DNSSECKeeper& dk, const std::string& zone) if(doent) { shorter=qname; - while(!pdns_iequals(shorter, zone) && chopOff(shorter)) + while(shorter!=zone && shorter.chopOff()) { if(!qnames.count(shorter)) { if(!(maxent)) { - cerr<<"Zone '"<(shorter, auth)); + nonterm.insert(pair(shorter, auth)); --maxent; } else if (auth) nonterm[shorter]=true; @@ -330,7 +330,7 @@ bool rectifyZone(DNSSECKeeper& dk, const std::string& zone) { realrr=false; qnames.clear(); - pair nt; + pair nt; BOOST_FOREACH(nt, nonterm){ qnames.insert(nt.first); } @@ -394,18 +394,18 @@ void rectifyAllZones(DNSSECKeeper &dk) B.getAllDomains(&domainInfo); BOOST_FOREACH(DomainInfo di, domainInfo) { - cerr<<"Rectifying "< records, cnames, noncnames, glue, checkglue; + set cnames, noncnames, glue, checkglue; + set records; map ttl; ostringstream content; @@ -476,73 +477,73 @@ int checkZone(DNSSECKeeper &dk, UeberBackend &B, const std::string& zone) tmp = drc->getZoneRepresentation(); if (rr.qtype.getCode() != QType::AAAA) { if (!pdns_iequals(tmp, rr.content)) { - cout<<"[Warning] Parsed and original record content are not equal: "<(toLower(content.str()), rr.ttl)); if (ret.second == false && ret.first->second != rr.ttl) { - cout<<"[Error] TTL mismatch in rrset: '"<second<<" != "<second<<" != "<::const_iterator i = cnames.begin(); i != cnames.end(); i++) { - if (noncnames.find(*i) != noncnames.end()) { - cout<<"[Error] CNAME "<<*i<<" found, but other records with same label exist."< 1) { - cerr< '"<< hashed <<"'"< '"<< hashed <<"'"<updateDNSSECOrderAndAuthAbsolute(sd.domain_id, rrs[0].qname, hashed, 1); } else { @@ -730,31 +731,31 @@ int increaseSerial(const string& zone, DNSSECKeeper &dk) sd.db->commitTransaction(); - cout<<"SOA serial for zone "<deleteDomain(zone)) return 0; - cerr<<"Failed to delete domain '"+zone+"'"<list(zone, di.id); @@ -764,25 +765,25 @@ int listZone(const string &zone) { if ( (rr.qtype.getCode() == QType::NS || rr.qtype.getCode() == QType::SRV || rr.qtype.getCode() == QType::MX || rr.qtype.getCode() == QType::CNAME) && !rr.content.empty() && rr.content[rr.content.size()-1] != '.') rr.content.append(1, '.'); - cout<startTransaction(zone, di.id)) { - cerr<<"Unable to start transaction for load of zone '"<feedRecord(rr); } db->commitTransaction(); return 0; } -int createZone(const string &zone) { +int createZone(const DNSName &zone) { UeberBackend B; DomainInfo di; if (B.getDomainInfo(zone, di)) { - cerr<<"Domain '"<::const_iterator di=domains.begin(); di != domains.end(); di++) { if (di->kind == kindFilter || kindFilter == -1) { - cout<zone<zone.toString()< > toSign; - string qname, apex; + DNSName qname, apex; dsrc.d_digesttype=0; while(zpt.get(rr)) { if(rr.qtype.getCode() == QType::DNSKEY) { @@ -950,8 +950,8 @@ void verifyCrypto(const string& zone) string msg = getMessageForRRSET(qname, rrc, toSign); cerr<<"Verify: "<verify(msg, rrc.d_signature)< k_algos; @@ -1097,21 +1097,21 @@ bool secureZone(DNSSECKeeper& dk, const std::string& zone) } if(dk.isSecuredZone(zone)) { - cerr << "Zone '"<createSlaveDomain("127.0.0.1", zone, "", "_testschema"); cout<<"Slave domain created"<getBeforeAndAfterNames(di.id, zone, "z."+zone, before, after); - cout<<"got '"< 3 && cmds[3]=="narrow"; NSEC3PARAMRecordContent ns3pr(nsec3params); - string zone=cmds[1]; + DNSName zone(cmds[1]); if(!dk.isSecuredZone(zone)) { - cerr<<"Zone '"< rrset, recordsToDelete; - set delnonterm, insnonterm; // used to (at the end) fix ENT records. + set delnonterm, insnonterm; // used to (at the end) fix ENT records. if (rr->d_class == QClass::IN) { // 3.4.2.2 QClass::IN means insert or update @@ -280,7 +280,7 @@ uint PacketHandler::performUpdate(const string &msgPrefix, const DNSRecord *rr, // because we added a record, we need to fix DNSSEC data. - string shorter(rrLabel); + DNSName shorter(rrLabel); bool auth=newRec.auth; bool fixDS = (rrType == QType::DS); @@ -305,7 +305,7 @@ uint PacketHandler::performUpdate(const string &msgPrefix, const DNSRecord *rr, insnonterm.insert(shorter); if (foundShorter) break; // if we find a shorter record, we can stop searching - } while(chopOff(shorter)); + } while(shorter.chopOff()); } if(*haveNSEC3) @@ -465,7 +465,7 @@ uint PacketHandler::performUpdate(const string &msgPrefix, const DNSRecord *rr, // If we've removed a delegate, we need to reset ordername/auth for some records. if (rrType == QType::NS && rrLabel != di->zone) { - vector belowOldDelegate, nsRecs, updateAuthFlag; + vector belowOldDelegate, nsRecs, updateAuthFlag; di->backend->listSubZone(rrLabel, di->id); while (di->backend->get(rec)) { if (rec.qtype.getCode()) // skip ENT records, they are always auth=false @@ -474,7 +474,7 @@ uint PacketHandler::performUpdate(const string &msgPrefix, const DNSRecord *rr, nsRecs.push_back(rec.qname); } - for(vector::const_iterator belowOldDel=belowOldDelegate.begin(); belowOldDel!= belowOldDelegate.end(); belowOldDel++) + for(auto &belowOldDel: belowOldDelegate) { bool isBelowDelegate = false; for(vector::const_iterator ns=nsRecs.begin(); ns!= nsRecs.end(); ns++) { @@ -518,9 +518,9 @@ uint PacketHandler::performUpdate(const string &msgPrefix, const DNSRecord *rr, } else if (!foundOtherWithSameName) { // If we didn't have to insert an ENT, we might have deleted a record at very deep level // and we must then clean up the ENT's above the deleted record. - string shorter(rrLabel); + DNSName shorter(rrLabel); while (shorter != di->zone) { - chopOff(shorter); + shorter.chopOff(); bool foundRealRR = false; bool foundEnt = false; diff --git a/pdns/serialtweaker.cc b/pdns/serialtweaker.cc index b170f0984..ad410861b 100644 --- a/pdns/serialtweaker.cc +++ b/pdns/serialtweaker.cc @@ -43,7 +43,7 @@ bool editSOA(DNSSECKeeper& dk, const string& qname, DNSPacket* dp) { vector& rrs = dp->getRRS(); BOOST_FOREACH(DNSResourceRecord& rr, rrs) { - if(rr.qtype.getCode() == QType::SOA && pdns_iequals(rr.qname,qname)) { + if(rr.qtype.getCode() == QType::SOA && rr.qname == qname) { string kind; dk.getFromMeta(qname, "SOA-EDIT", kind); return editSOARecord(rr, kind); diff --git a/pdns/signingpipe.cc b/pdns/signingpipe.cc index 0240b8edc..94edc09c3 100644 --- a/pdns/signingpipe.cc +++ b/pdns/signingpipe.cc @@ -133,7 +133,7 @@ bool ChunkedSigningPipe::submit(const DNSResourceRecord& rr) { ++d_submitted; // check if we have a full RRSET to sign - if(!d_rrsetToSign->empty() && (d_rrsetToSign->begin()->qtype.getCode() != rr.qtype.getCode() || !pdns_iequals(d_rrsetToSign->begin()->qname, rr.qname))) + if(!d_rrsetToSign->empty() && (d_rrsetToSign->begin()->qtype.getCode() != rr.qtype.getCode() || d_rrsetToSign->begin()->qname != rr.qname)) { dedupRRSet(); sendRRSetToWorker(); diff --git a/pdns/ueberbackend.cc b/pdns/ueberbackend.cc index a130027d7..320d75582 100644 --- a/pdns/ueberbackend.cc +++ b/pdns/ueberbackend.cc @@ -83,7 +83,7 @@ void UeberBackend::go(void) pthread_mutex_unlock(&d_mut); } -bool UeberBackend::getDomainInfo(const string &domain, DomainInfo &di) +bool UeberBackend::getDomainInfo(const DNSName &domain, DomainInfo &di) { for(vector::const_iterator i=backends.begin();i!=backends.end();++i) if((*i)->getDomainInfo(domain, di)) @@ -91,7 +91,7 @@ bool UeberBackend::getDomainInfo(const string &domain, DomainInfo &di) return false; } -bool UeberBackend::createDomain(const string &domain) +bool UeberBackend::createDomain(const DNSName &domain) { BOOST_FOREACH(DNSBackend* mydb, backends) { if(mydb->createDomain(domain)) { @@ -101,7 +101,7 @@ bool UeberBackend::createDomain(const string &domain) return false; } -int UeberBackend::addDomainKey(const string& name, const DNSBackend::KeyData& key) +int UeberBackend::addDomainKey(const DNSName& name, const DNSBackend::KeyData& key) { int ret; BOOST_FOREACH(DNSBackend* db, backends) { @@ -110,7 +110,7 @@ int UeberBackend::addDomainKey(const string& name, const DNSBackend::KeyData& ke } return -1; } -bool UeberBackend::getDomainKeys(const string& name, unsigned int kind, std::vector& keys) +bool UeberBackend::getDomainKeys(const DNSName& name, unsigned int kind, std::vector& keys) { BOOST_FOREACH(DNSBackend* db, backends) { if(db->getDomainKeys(name, kind, keys)) @@ -119,7 +119,7 @@ bool UeberBackend::getDomainKeys(const string& name, unsigned int kind, std::vec return false; } -bool UeberBackend::getAllDomainMetadata(const string& name, std::map >& meta) +bool UeberBackend::getAllDomainMetadata(const DNSName& name, std::map >& meta) { BOOST_FOREACH(DNSBackend* db, backends) { if(db->getAllDomainMetadata(name, meta)) @@ -128,7 +128,7 @@ bool UeberBackend::getAllDomainMetadata(const string& name, std::map& meta) +bool UeberBackend::getDomainMetadata(const DNSName& name, const std::string& kind, std::vector& meta) { BOOST_FOREACH(DNSBackend* db, backends) { if(db->getDomainMetadata(name, kind, meta)) @@ -137,7 +137,7 @@ bool UeberBackend::getDomainMetadata(const string& name, const std::string& kind return false; } -bool UeberBackend::setDomainMetadata(const string& name, const std::string& kind, const std::vector& meta) +bool UeberBackend::setDomainMetadata(const DNSName& name, const std::string& kind, const std::vector& meta) { BOOST_FOREACH(DNSBackend* db, backends) { if(db->setDomainMetadata(name, kind, meta)) @@ -146,7 +146,7 @@ bool UeberBackend::setDomainMetadata(const string& name, const std::string& kind return false; } -bool UeberBackend::activateDomainKey(const string& name, unsigned int id) +bool UeberBackend::activateDomainKey(const DNSName& name, unsigned int id) { BOOST_FOREACH(DNSBackend* db, backends) { if(db->activateDomainKey(name, id)) @@ -155,7 +155,7 @@ bool UeberBackend::activateDomainKey(const string& name, unsigned int id) return false; } -bool UeberBackend::deactivateDomainKey(const string& name, unsigned int id) +bool UeberBackend::deactivateDomainKey(const DNSName& name, unsigned int id) { BOOST_FOREACH(DNSBackend* db, backends) { if(db->deactivateDomainKey(name, id)) @@ -164,7 +164,7 @@ bool UeberBackend::deactivateDomainKey(const string& name, unsigned int id) return false; } -bool UeberBackend::removeDomainKey(const string& name, unsigned int id) +bool UeberBackend::removeDomainKey(const DNSName& name, unsigned int id) { BOOST_FOREACH(DNSBackend* db, backends) { if(db->removeDomainKey(name, id)) @@ -174,7 +174,7 @@ bool UeberBackend::removeDomainKey(const string& name, unsigned int id) } -bool UeberBackend::getTSIGKey(const string& name, string* algorithm, string* content) +bool UeberBackend::getTSIGKey(const DNSName& name, DNSName* algorithm, string* content) { BOOST_FOREACH(DNSBackend* db, backends) { if(db->getTSIGKey(name, algorithm, content)) @@ -184,7 +184,7 @@ bool UeberBackend::getTSIGKey(const string& name, string* algorithm, string* con } -bool UeberBackend::setTSIGKey(const string& name, const string& algorithm, const string& content) +bool UeberBackend::setTSIGKey(const DNSName& name, const DNSName& algorithm, const string& content) { BOOST_FOREACH(DNSBackend* db, backends) { if(db->setTSIGKey(name, algorithm, content)) @@ -193,7 +193,7 @@ bool UeberBackend::setTSIGKey(const string& name, const string& algorithm, const return false; } -bool UeberBackend::deleteTSIGKey(const string& name) +bool UeberBackend::deleteTSIGKey(const DNSName& name) { BOOST_FOREACH(DNSBackend* db, backends) { if(db->deleteTSIGKey(name)) @@ -210,7 +210,7 @@ bool UeberBackend::getTSIGKeys(std::vector< struct TSIGKey > &keys) return true; } -bool UeberBackend::getDirectNSECx(uint32_t id, const string &hashed, const QType &qtype, string &before, DNSResourceRecord &rr) +bool UeberBackend::getDirectNSECx(uint32_t id, const string &hashed, const QType &qtype, DNSName &before, DNSResourceRecord &rr) { BOOST_FOREACH(DNSBackend* db, backends) { if(db->getDirectNSECx(id, hashed, qtype, before, rr)) @@ -219,7 +219,7 @@ bool UeberBackend::getDirectNSECx(uint32_t id, const string &hashed, const QType return false; } -bool UeberBackend::getDirectRRSIGs(const string &signer, const string &qname, const QType &qtype, vector &rrsigs) +bool UeberBackend::getDirectRRSIGs(const DNSName &signer, const DNSName &qname, const QType &qtype, vector &rrsigs) { BOOST_FOREACH(DNSBackend* db, backends) { if(db->getDirectRRSIGs(signer, qname, qtype, rrsigs)) @@ -267,7 +267,7 @@ void UeberBackend::getUpdatedMasters(vector* domains) } } -bool UeberBackend::getAuth(DNSPacket *p, SOAData *sd, const string &target) +bool UeberBackend::getAuth(DNSPacket *p, SOAData *sd, const DNSName &target) { int best_match_len = -1; bool from_cache = false; // Was this result fetched from the cache? @@ -276,7 +276,7 @@ bool UeberBackend::getAuth(DNSPacket *p, SOAData *sd, const string &target) // find the best match from the cache. If DS then we need to find parent so // dont bother with caching as it confuses matters. if( sd->db != (DNSBackend *)-1 && d_cache_ttl && p->qtype != QType::DS ) { - string subdomain(target); + DNSName subdomain(target); int cstat, loops = 0; do { d_question.qtype = QType::SOA; @@ -298,23 +298,23 @@ bool UeberBackend::getAuth(DNSPacket *p, SOAData *sd, const string &target) return true; from_cache = true; - best_match_len = sd->qname.length(); + best_match_len = sd->qname.countLabels(); break; } loops++; } - while( chopOff( subdomain ) ); // 'www.powerdns.org' -> 'powerdns.org' -> 'org' -> '' + while( subdomain.chopOff() ); // 'www.powerdns.org' -> 'powerdns.org' -> 'org' -> '' } for(vector::const_iterator i=backends.begin(); i!=backends.end();++i) if((*i)->getAuth(p, sd, target, best_match_len)) { - best_match_len = sd->qname.length(); + best_match_len = sd->qname.countLabels(); // FIXME from_cache = false; // Shortcut for the case that we got a direct hit - no need to go // through the other backends then. - if( best_match_len == (int)target.length() ) + if( best_match_len == (int)target.countLabels() ) goto auth_found; } @@ -343,7 +343,7 @@ auth_found: return true; } -bool UeberBackend::getSOA(const string &domain, SOAData &sd, DNSPacket *p) +bool UeberBackend::getSOA(const DNSName &domain, SOAData &sd, DNSPacket *p) { d_question.qtype=QType::SOA; d_question.qname=domain; @@ -365,7 +365,7 @@ bool UeberBackend::getSOA(const string &domain, SOAData &sd, DNSPacket *p) return getSOAUncached(domain, sd, p); } -bool UeberBackend::getSOAUncached(const string &domain, SOAData &sd, DNSPacket *p) +bool UeberBackend::getSOAUncached(const DNSName &domain, SOAData &sd, DNSPacket *p) { d_question.qtype=QType::SOA; d_question.qname=domain; @@ -391,7 +391,7 @@ bool UeberBackend::getSOAUncached(const string &domain, SOAData &sd, DNSPacket * return false; } -bool UeberBackend::superMasterBackend(const string &ip, const string &domain, const vector&nsset, string *nameserver, string *account, DNSBackend **db) +bool UeberBackend::superMasterBackend(const string &ip, const DNSName &domain, const vector&nsset, string *nameserver, string *account, DNSBackend **db) { for(vector::const_iterator i=backends.begin();i!=backends.end();++i) if((*i)->superMasterBackend(ip, domain, nsset, nameserver, account, db)) @@ -498,7 +498,7 @@ void UeberBackend::addCache(const Question &q, const vector & PC.insert(q.qname, q.qtype, PacketCache::QUERYCACHE, ostr.str(), store_ttl, q.zoneId); } -void UeberBackend::alsoNotifies(const string &domain, set *ips) +void UeberBackend::alsoNotifies(const DNSName &domain, set *ips) { for ( vector< DNSBackend * >::iterator i = backends.begin(); i != backends.end(); ++i ) (*i)->alsoNotifies(domain,ips); @@ -511,14 +511,14 @@ UeberBackend::~UeberBackend() } // this handle is more magic than most -void UeberBackend::lookup(const QType &qtype,const string &qname, DNSPacket *pkt_p, int zoneId) +void UeberBackend::lookup(const QType &qtype,const DNSName &qname, DNSPacket *pkt_p, int zoneId) { if(stale) { L<&nsset, string *nameserver, string *account, DNSBackend **db); + bool superMasterBackend(const string &ip, const DNSName &domain, const vector&nsset, string *nameserver, string *account, DNSBackend **db); /** Tracks all created UeberBackend instances for us. We use this vector to notify existing threads of new modules @@ -93,47 +93,47 @@ public: //! DNSPacket who asked this question DNSPacket *pkt_p; - string qname; + DNSName qname; QType qtype; private: static AtomicCounter instances; }; - void lookup(const QType &, const string &qdomain, DNSPacket *pkt_p=0, int zoneId=-1); + void lookup(const QType &, const DNSName &qdomain, DNSPacket *pkt_p=0, int zoneId=-1); - bool getAuth(DNSPacket *p, SOAData *sd, const string &target); - bool getSOA(const string &domain, SOAData &sd, DNSPacket *p=0); - bool getSOAUncached(const string &domain, SOAData &sd, DNSPacket *p=0); // same, but ignores cache - bool list(const string &target, int domain_id, bool include_disabled=false); + bool getAuth(DNSPacket *p, SOAData *sd, const DNSName &target); + bool getSOA(const DNSName &domain, SOAData &sd, DNSPacket *p=0); + bool getSOAUncached(const DNSName &domain, SOAData &sd, DNSPacket *p=0); // same, but ignores cache + bool list(const DNSName &target, int domain_id, bool include_disabled=false); bool get(DNSResourceRecord &r); void getAllDomains(vector *domains, bool include_disabled=false); static DNSBackend *maker(const map &); void getUnfreshSlaveInfos(vector* domains); void getUpdatedMasters(vector* domains); - bool getDomainInfo(const string &domain, DomainInfo &di); - bool createDomain(const string &domain); + bool getDomainInfo(const DNSName &domain, DomainInfo &di); + bool createDomain(const DNSName &domain); - int addDomainKey(const string& name, const DNSBackend::KeyData& key); - bool getDomainKeys(const string& name, unsigned int kind, std::vector& keys); - bool getAllDomainMetadata(const string& name, std::map >& meta); - bool getDomainMetadata(const string& name, const std::string& kind, std::vector& meta); - bool setDomainMetadata(const string& name, const std::string& kind, const std::vector& meta); - - bool removeDomainKey(const string& name, unsigned int id); - bool activateDomainKey(const string& name, unsigned int id); - bool deactivateDomainKey(const string& name, unsigned int id); - - bool getDirectNSECx(uint32_t id, const string &hashed, const QType &qtype, string &before, DNSResourceRecord &rr); - bool getDirectRRSIGs(const string &signer, const string &qname, const QType &qtype, vector &rrsigs); - - bool getTSIGKey(const string& name, string* algorithm, string* content); - bool setTSIGKey(const string& name, const string& algorithm, const string& content); - bool deleteTSIGKey(const string& name); + int addDomainKey(const DNSName& name, const DNSBackend::KeyData& key); + bool getDomainKeys(const DNSName& name, unsigned int kind, std::vector& keys); + bool getAllDomainMetadata(const DNSName& name, std::map >& meta); + bool getDomainMetadata(const DNSName& name, const std::string& kind, std::vector& meta); + bool setDomainMetadata(const DNSName& name, const std::string& kind, const std::vector& meta); + + bool removeDomainKey(const DNSName& name, unsigned int id); + bool activateDomainKey(const DNSName& name, unsigned int id); + bool deactivateDomainKey(const DNSName& name, unsigned int id); + + bool getDirectNSECx(uint32_t id, const string &hashed, const QType &qtype, DNSName &before, DNSResourceRecord &rr); + bool getDirectRRSIGs(const DNSName &signer, const DNSName &qname, const QType &qtype, vector &rrsigs); + + bool getTSIGKey(const DNSName& name, DNSName* algorithm, string* content); + bool setTSIGKey(const DNSName& name, const DNSName& algorithm, const string& content); + bool deleteTSIGKey(const DNSName& name); bool getTSIGKeys(std::vector< struct TSIGKey > &keys); - void alsoNotifies(const string &domain, set *ips); + void alsoNotifies(const DNSName &domain, set *ips); void rediscover(string* status=0); void reload(); private: @@ -146,7 +146,7 @@ private: struct Question { QType qtype; - string qname; + DNSName qname; int zoneId; }d_question; vector d_answers; diff --git a/pdns/ws-auth.cc b/pdns/ws-auth.cc index 9e5525b76..ff89a1137 100644 --- a/pdns/ws-auth.cc +++ b/pdns/ws-auth.cc @@ -789,15 +789,15 @@ static void apiServerZoneDetail(HttpRequest* req, HttpResponse* resp) { throw HttpMethodNotAllowedException(); } -static string makeDotted(string in) { - if (in.empty()) { - return "."; - } - if (in[in.size()-1] != '.') { - return in + "."; - } - return in; -} +// static string makeDotted(string in) { +// if (in.empty()) { +// return "."; +// } +// if (in[in.size()-1] != '.') { +// return in + "."; +// } +// return in; +// } static void apiServerZoneExport(HttpRequest* req, HttpResponse* resp) { string zonename = apiZoneIdToName(req->parameters["id"]); @@ -824,8 +824,8 @@ static void apiServerZoneExport(HttpRequest* req, HttpResponse* resp) { switch(rr.qtype.getCode()) { case QType::SOA: fillSOAData(rr.content, sd); - sd.nameserver = makeDotted(sd.nameserver); - sd.hostmaster = makeDotted(sd.hostmaster); + sd.nameserver = sd.nameserver.toString(); + sd.hostmaster = sd.hostmaster.toString(); content = serializeSOAData(sd); break; case QType::MX: @@ -833,14 +833,14 @@ static void apiServerZoneExport(HttpRequest* req, HttpResponse* resp) { case QType::CNAME: case QType::NS: case QType::AFSDB: - content = makeDotted(rr.content); + content = rr.content.toString() break; default: break; } ss << - makeDotted(rr.qname) << "\t" << + rr.qname.toString() << "\t" << rr.ttl << "\t" << rr.qtype.getName() << "\t" << content << @@ -923,13 +923,13 @@ static void makePtr(const DNSResourceRecord& rr, DNSResourceRecord* ptr) { // reverse and append arpa domain ptr->qname = string(tmp.rbegin(), tmp.rend()) + ".ip6.arpa"; } else { - throw ApiException("Unsupported PTR source '" + rr.qname + "' type '" + rr.qtype.getName() + "'"); + throw ApiException("Unsupported PTR source '" + rr.qname.toString() + "' type '" + rr.qtype.getName() + "'"); } ptr->qtype = "PTR"; ptr->ttl = rr.ttl; ptr->disabled = rr.disabled; - ptr->content = rr.qname; + ptr->content = rr.qname.toString(); } static void patchZone(HttpRequest* req, HttpResponse* resp) { @@ -989,7 +989,7 @@ static void patchZone(HttpRequest* req, HttpResponse* resp) { rr.domain_id = di.id; if (rr.qname != qname || rr.qtype != qtype) - throw ApiException("Record "+rr.qname+"/"+rr.qtype.getName()+" "+rr.content+": Record wrongly bundled with RRset " + qname + "/" + qtype.getName()); + throw ApiException("Record "+rr.qname+"/"+rr.qtype.getName()+" "+rr.content+": Record wrongly bundled with RRset " + qname.toString() + "/" + qtype.getName()); if (rr.qtype.getCode() == QType::SOA && pdns_iequals(rr.qname, zonename)) { soa_edit_done = increaseSOARecord(rr, soa_edit_api_kind, soa_edit_kind); diff --git a/pdns/zoneparser-tng.cc b/pdns/zoneparser-tng.cc index bffbfb646..9415d68d4 100644 --- a/pdns/zoneparser-tng.cc +++ b/pdns/zoneparser-tng.cc @@ -36,19 +36,17 @@ #include #include -ZoneParserTNG::ZoneParserTNG(const string& fname, const string& zname, const string& reldir) : d_reldir(reldir), +ZoneParserTNG::ZoneParserTNG(const string& fname, const DNSName& zname, const string& reldir) : d_reldir(reldir), d_zonename(zname), d_defaultttl(3600), d_havedollarttl(false) { - d_zonename = toCanonic("", d_zonename); stackFile(fname); } -ZoneParserTNG::ZoneParserTNG(const vector zonedata, const string& zname): +ZoneParserTNG::ZoneParserTNG(const vector zonedata, const DNSName& zname): d_zonename(zname), d_defaultttl(3600), d_havedollarttl(false) { - d_zonename = toCanonic("", d_zonename); d_zonedata = zonedata; d_zonedataline = d_zonedata.begin(); d_fromfile = false; @@ -280,7 +278,7 @@ bool ZoneParserTNG::get(DNSResourceRecord& rr, std::string* comment) stackFile(fname); } else if(pdns_iequals(command, "$ORIGIN") && parts.size() > 1) { - d_zonename = toCanonic("", makeString(d_line, parts[1])); + d_zonename = DNSName(toCanonic(string(""), makeString(d_line, parts[1]))); } else if(pdns_iequals(command, "$GENERATE") && parts.size() > 2) { // $GENERATE 1-127 $ CNAME $.0 @@ -305,17 +303,13 @@ bool ZoneParserTNG::get(DNSResourceRecord& rr, std::string* comment) else { rr.qname=makeString(d_line, parts[0]); parts.pop_front(); - if(rr.qname.empty() || rr.qname[0]==';') + if(!rr.qname.countLabels() || rr.qname.toString()[0]==';') goto retry; } if(rr.qname=="@") rr.qname=d_zonename; - else if(!isCanonical(rr.qname)) { - if(d_zonename.empty() || d_zonename[0]!='.') // prevent us from adding a double dot - rr.qname.append(1,'.'); - - rr.qname.append(d_zonename); - } + else + rr.qname += d_zonename; d_prevqname=rr.qname; if(parts.empty()) @@ -374,7 +368,7 @@ bool ZoneParserTNG::get(DNSResourceRecord& rr, std::string* comment) trim(rr.content); if(equals(rr.content, "@")) - rr.content=d_zonename; + rr.content=d_zonename.toString(); if(findAndElide(rr.content, '(')) { // have found a ( and elided it if(!findAndElide(rr.content, ')')) { diff --git a/pdns/zoneparser-tng.hh b/pdns/zoneparser-tng.hh index 79e58a8d4..89888b0ef 100644 --- a/pdns/zoneparser-tng.hh +++ b/pdns/zoneparser-tng.hh @@ -32,8 +32,8 @@ class ZoneParserTNG { public: - ZoneParserTNG(const string& fname, const string& zname="", const string& reldir=""); - ZoneParserTNG(const vector zonedata, const string& zname); + ZoneParserTNG(const string& fname, const DNSName& zname="", const string& reldir=""); + ZoneParserTNG(const vector zonedata, const DNSName& zname); ~ZoneParserTNG(); bool get(DNSResourceRecord& rr, std::string* comment=0); @@ -47,8 +47,8 @@ private: string getLineOfFile(); string d_reldir; string d_line; - string d_prevqname; - string d_zonename; + DNSName d_prevqname; + DNSName d_zonename; vector d_zonedata; vector::iterator d_zonedataline; int d_defaultttl;