- Changes from DNS64:

strcpy changed to memmove. arraybound check fixed from prefix_net/8/4 to prefix_net/8+4. allocation of result consistently in the correct region. time_t is now used for ttl in unbound (since the patch's version). git-svn-id: file:///svn/unbound/trunk@3199 be551aaa-1e26-0410-a405-d3ace91eadb9
labuwx · Jul 31, 2014 · 04bacd6 · 04bacd6
1 parent 45022b6
commit 04bacd6
Show file tree

Hide file tree

Showing 11 changed files with 234 additions and 207 deletions.
diff --git a/Makefile.in b/Makefile.in
@@ -692,7 +692,7 @@ modstack.lo modstack.o: $(srcdir)/services/modstack.c config.h $(srcdir)/service
  $(srcdir)/util/module.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h \
  $(srcdir)/util/data/msgreply.h $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/data/msgparse.h \
  $(srcdir)/ldns/pkthdr.h $(srcdir)/ldns/rrdef.h $(srcdir)/util/fptr_wlist.h $(srcdir)/util/netevent.h $(srcdir)/util/tube.h \
- $(srcdir)/services/mesh.h $(srcdir)/util/rbtree.h $(srcdir)/iterator/iterator.h \
+ $(srcdir)/services/mesh.h $(srcdir)/util/rbtree.h $(srcdir)/dns64/dns64.h $(srcdir)/iterator/iterator.h \
  $(srcdir)/services/outbound_list.h $(srcdir)/validator/validator.h $(srcdir)/validator/val_utils.h
 outbound_list.lo outbound_list.o: $(srcdir)/services/outbound_list.c config.h \
  $(srcdir)/services/outbound_list.h $(srcdir)/services/outside_network.h $(srcdir)/util/rbtree.h \
@@ -730,13 +730,13 @@ fptr_wlist.lo fptr_wlist.o: $(srcdir)/util/fptr_wlist.c config.h $(srcdir)/util/
  $(srcdir)/services/mesh.h $(srcdir)/util/rbtree.h $(srcdir)/services/modstack.h $(srcdir)/util/mini_event.h \
  $(srcdir)/util/rbtree.h $(srcdir)/services/outside_network.h $(srcdir)/services/localzone.h \
  $(srcdir)/services/cache/infra.h $(srcdir)/util/rtt.h $(srcdir)/services/cache/rrset.h \
- $(srcdir)/util/storage/slabhash.h $(srcdir)/iterator/iterator.h $(srcdir)/services/outbound_list.h \
- $(srcdir)/iterator/iter_fwd.h $(srcdir)/validator/validator.h $(srcdir)/validator/val_utils.h \
- $(srcdir)/validator/val_anchor.h $(srcdir)/validator/val_nsec3.h $(srcdir)/validator/val_sigcrypt.h \
- $(srcdir)/validator/val_kentry.h $(srcdir)/validator/val_neg.h $(srcdir)/validator/autotrust.h \
- $(srcdir)/util/storage/dnstree.h $(srcdir)/libunbound/libworker.h $(srcdir)/libunbound/context.h \
- $(srcdir)/util/alloc.h $(srcdir)/libunbound/unbound.h $(srcdir)/libunbound/worker.h $(srcdir)/ldns/sbuffer.h \
- $(srcdir)/util/config_file.h
+ $(srcdir)/util/storage/slabhash.h $(srcdir)/dns64/dns64.h $(srcdir)/iterator/iterator.h \
+ $(srcdir)/services/outbound_list.h $(srcdir)/iterator/iter_fwd.h $(srcdir)/validator/validator.h \
+ $(srcdir)/validator/val_utils.h $(srcdir)/validator/val_anchor.h $(srcdir)/validator/val_nsec3.h \
+ $(srcdir)/validator/val_sigcrypt.h $(srcdir)/validator/val_kentry.h $(srcdir)/validator/val_neg.h \
+ $(srcdir)/validator/autotrust.h $(srcdir)/util/storage/dnstree.h $(srcdir)/libunbound/libworker.h \
+ $(srcdir)/libunbound/context.h $(srcdir)/util/alloc.h $(srcdir)/libunbound/unbound.h \
+ $(srcdir)/libunbound/worker.h $(srcdir)/ldns/sbuffer.h $(srcdir)/util/config_file.h
 locks.lo locks.o: $(srcdir)/util/locks.c config.h $(srcdir)/util/locks.h $(srcdir)/util/log.h
 log.lo log.o: $(srcdir)/util/log.c config.h $(srcdir)/util/log.h $(srcdir)/util/locks.h $(srcdir)/ldns/sbuffer.h
 mini_event.lo mini_event.o: $(srcdir)/util/mini_event.c config.h $(srcdir)/util/mini_event.h $(srcdir)/util/rbtree.h \
@@ -759,8 +759,7 @@ net_help.lo net_help.o: $(srcdir)/util/net_help.c config.h $(srcdir)/util/net_he
  $(srcdir)/ldns/pkthdr.h $(srcdir)/ldns/rrdef.h $(srcdir)/util/regional.h $(srcdir)/ldns/parseutil.h \
  $(srcdir)/ldns/wire2str.h \
 
-random.lo random.o: $(srcdir)/util/random.c config.h $(srcdir)/util/random.h $(srcdir)/util/log.h \
-
+random.lo random.o: $(srcdir)/util/random.c config.h $(srcdir)/util/random.h $(srcdir)/util/log.h
 rbtree.lo rbtree.o: $(srcdir)/util/rbtree.c config.h $(srcdir)/util/log.h $(srcdir)/util/fptr_wlist.h \
  $(srcdir)/util/netevent.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h \
  $(srcdir)/util/module.h $(srcdir)/util/data/msgreply.h $(srcdir)/util/data/packed_rrset.h \
@@ -861,6 +860,13 @@ val_utils.lo val_utils.o: $(srcdir)/validator/val_utils.c config.h $(srcdir)/val
  $(srcdir)/validator/val_nsec.h $(srcdir)/validator/val_neg.h $(srcdir)/services/cache/rrset.h \
  $(srcdir)/util/storage/slabhash.h $(srcdir)/services/cache/dns.h $(srcdir)/util/data/dname.h \
  $(srcdir)/util/net_help.h $(srcdir)/util/regional.h
+dns64.lo dns64.o: $(srcdir)/dns64/dns64.c config.h $(srcdir)/dns64/dns64.h $(srcdir)/util/module.h \
+ $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h $(srcdir)/util/data/msgreply.h \
+ $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/data/msgparse.h $(srcdir)/ldns/pkthdr.h $(srcdir)/ldns/rrdef.h \
+ $(srcdir)/services/cache/dns.h $(srcdir)/services/cache/rrset.h $(srcdir)/util/storage/slabhash.h \
+ $(srcdir)/util/config_file.h $(srcdir)/util/fptr_wlist.h $(srcdir)/util/netevent.h $(srcdir)/util/tube.h \
+ $(srcdir)/services/mesh.h $(srcdir)/util/rbtree.h $(srcdir)/services/modstack.h $(srcdir)/util/net_help.h \
+ $(srcdir)/util/regional.h
 checklocks.lo checklocks.o: $(srcdir)/testcode/checklocks.c config.h $(srcdir)/util/locks.h $(srcdir)/util/log.h \
  $(srcdir)/testcode/checklocks.h
 unitanchor.lo unitanchor.o: $(srcdir)/testcode/unitanchor.c config.h $(srcdir)/util/log.h $(srcdir)/util/data/dname.h \
@@ -1171,13 +1177,13 @@ snprintf.lo snprintf.o: $(srcdir)/compat/snprintf.c config.h
 strlcat.lo strlcat.o: $(srcdir)/compat/strlcat.c config.h
 strlcpy.lo strlcpy.o: $(srcdir)/compat/strlcpy.c config.h
 strptime.lo strptime.o: $(srcdir)/compat/strptime.c config.h
-getentropy_linux.lo getentropy_linux.o: $(srcdir)/compat/getentropy_linux.c
-getentropy_osx.lo getentropy_osx.o: $(srcdir)/compat/getentropy_osx.c
-getentropy_solaris.lo getentropy_solaris.o: $(srcdir)/compat/getentropy_solaris.c
+getentropy_linux.lo getentropy_linux.o: $(srcdir)/compat/getentropy_linux.c config.h \
+
+getentropy_osx.lo getentropy_osx.o: $(srcdir)/compat/getentropy_osx.c config.h
+getentropy_solaris.lo getentropy_solaris.o: $(srcdir)/compat/getentropy_solaris.c config.h
 getentropy_win.lo getentropy_win.o: $(srcdir)/compat/getentropy_win.c
-explicit_bzero.lo explicit_bzero.o: $(srcdir)/compat/explicit_bzero.c
-arc4random.lo arc4random.o: $(srcdir)/compat/arc4random.c $(srcdir)/compat/chacha_private.h
-arc4random_uniform.lo arc4random_uniform.o: $(srcdir)/compat/arc4random_uniform.c $(srcdir)/compat/chacha_private.h
-arc4_lock.lo arc4_lock.o: $(srcdir)/compat/arc4_lock.c
-sha512.lo sha512.o: $(srcdir)/compat/sha512.c
-dns64.lo: $(srcdir)/dns64/dns64.c config.h $(srcdir)/util/module.h $(srcdir)/services/cache/dns.h $(srcdir)/services/cache/rrset.h $(srcdir)/util/config_file.h $(srcdir)/util/data/msgreply.h $(srcdir)/util/fptr_wlist.h $(srcdir)/util/net_help.h $(srcdir)/util/regional.h
+explicit_bzero.lo explicit_bzero.o: $(srcdir)/compat/explicit_bzero.c config.h
+arc4random.lo arc4random.o: $(srcdir)/compat/arc4random.c config.h $(srcdir)/compat/chacha_private.h
+arc4random_uniform.lo arc4random_uniform.o: $(srcdir)/compat/arc4random_uniform.c config.h
+arc4_lock.lo arc4_lock.o: $(srcdir)/compat/arc4_lock.c config.h $(srcdir)/util/locks.h
+sha512.lo sha512.o: $(srcdir)/compat/sha512.c config.h
diff --git a/dns64/dns64.c b/dns64/dns64.c
@@ -1,5 +1,5 @@
 /*
- * iterator/iterator.h - DNS64 module
+ * dns64/dns64.c - DNS64 module
  *
  * Copyright (c) 2009, Viagénie. All rights reserved.
  *
@@ -39,7 +39,7 @@
  * This file contains a module that performs DNS64 query processing.
  */
 
-#include <config.h>
+#include "config.h"
 #include "dns64/dns64.h"
 #include "services/cache/dns.h"
 #include "services/cache/rrset.h"
@@ -212,7 +212,7 @@ ipv4_to_ptr(uint32_t ipv4, char ptr[MAX_PTR_QNAME_IPV4])
         ipv4 /= 256;
     }
 
-    strcpy(c, IPV4_PTR_SUFFIX);
+    memmove(c, IPV4_PTR_SUFFIX, sizeof(IPV4_PTR_SUFFIX));
 
     return c + sizeof(IPV4_PTR_SUFFIX) - ptr;
 }
@@ -273,7 +273,7 @@ synthesize_aaaa(const uint8_t prefix_addr[16], int prefix_net,
     aaaa[prefix_net/8+2] |= a[2] >> (0+prefix_net%8);
     aaaa[prefix_net/8+3] |= a[2] << (8-prefix_net%8);
     aaaa[prefix_net/8+3] |= a[3] >> (0+prefix_net%8);
-    if (prefix_net/8/4 < 16)  /* <-- my beautiful symmetry is destroyed! */
+    if (prefix_net/8+4 < 16)  /* <-- my beautiful symmetry is destroyed! */
     aaaa[prefix_net/8+4] |= a[3] << (8-prefix_net%8);
 }
 
@@ -334,7 +334,7 @@ dns64_init(struct module_env* env, int id)
         log_err("dns64: could not apply configuration settings.");
         return 0;
     }
-	return 1;
+    return 1;
 }
 
 /**
@@ -493,13 +493,13 @@ handle_event_pass(struct module_qstate* qstate, int id)
 	    && qstate->qinfo.qtype == LDNS_RR_TYPE_AAAA)
 		return generate_type_A_query(qstate, id);
 
-    /* We are finished when our sub-query is finished. */
+	/* We are finished when our sub-query is finished. */
 	if ((uintptr_t)qstate->minfo[id] == DNS64_SUBQUERY_FINISHED)
 		return module_finished;
 
-    /* Otherwise, pass request to next module. */
-    verbose(VERB_ALGO, "dns64: pass to next module");
-    return module_wait_module;
+	/* Otherwise, pass request to next module. */
+	verbose(VERB_ALGO, "dns64: pass to next module");
+	return module_wait_module;
 }
 
 /**
@@ -532,6 +532,7 @@ handle_event_moddone(struct module_qstate* qstate, int id)
 			    qstate->return_msg->rep)))
 		return module_finished;
 
+    /* So, this is a AAAA noerror/nodata answer */
 	return generate_type_A_query(qstate, id);
 }
 
@@ -588,7 +589,7 @@ dns64_synth_aaaa_data(const struct ub_packed_rrset_key* fk,
 	 */
 	if (!(dd = *dd_out = regional_alloc(region,
 		  sizeof(struct packed_rrset_data)
-		  + fd->count * (sizeof(size_t) + sizeof(uint32_t) +
+		  + fd->count * (sizeof(size_t) + sizeof(time_t) +
 			     sizeof(uint8_t*) + 2 + 16)))) {
 		log_err("out of memory");
 		return;
@@ -607,7 +608,7 @@ dns64_synth_aaaa_data(const struct ub_packed_rrset_key* fk,
 	dd->rr_len =
 	    (size_t*)((uint8_t*)dd + sizeof(struct packed_rrset_data));
 	dd->rr_data = (uint8_t**)&dd->rr_len[dd->count];
-	dd->rr_ttl = (uint32_t*)&dd->rr_data[dd->count];
+	dd->rr_ttl = (time_t*)&dd->rr_data[dd->count];
 	for(i = 0; i < fd->count; ++i) {
 		if (fd->rr_len[i] != 6 || fd->rr_data[i][0] != 0
 		    || fd->rr_data[i][1] != 4)
@@ -654,7 +655,6 @@ dns64_synth_aaaa_data(const struct ub_packed_rrset_key* fk,
  * original empty response.
  *
  * \param id     This module's instance ID.
- * \param answer The answer RR set located in the sub-query's response.
  * \param super  Original AAAA query.
  * \param qstate A query.
  */
@@ -672,7 +672,6 @@ dns64_adjust_a(int id, struct module_qstate* super, struct module_qstate* qstate
 	log_assert(super->region);
 	log_assert(qstate->return_msg);
 	log_assert(qstate->return_msg->rep);
-	log_assert(qstate->region);
 
 	/* If dns64-synthall is enabled, return_msg is not initialized */
 	if(!super->return_msg) {
@@ -689,14 +688,14 @@ dns64_adjust_a(int id, struct module_qstate* super, struct module_qstate* qstate
 	/*
 	 * Build the actual reply.
 	 */
-	cp = construct_reply_info_base(qstate->region, rep->flags, rep->qdcount,
+	cp = construct_reply_info_base(super->region, rep->flags, rep->qdcount,
 		rep->ttl, rep->prefetch_ttl, rep->an_numrrsets, rep->ns_numrrsets,
 		rep->ar_numrrsets, rep->rrset_count, rep->security);
 	if(!cp)
 		return;
 
 	/* allocate ub_key structures special or not */
-	if(!repinfo_alloc_rrset_keys(cp, qstate->region)) {
+	if(!repinfo_alloc_rrset_keys(cp, super->region)) {
 		return;
 	}
 
@@ -705,27 +704,28 @@ dns64_adjust_a(int id, struct module_qstate* super, struct module_qstate* qstate
 		fk = rep->rrsets[i];
 		dk = cp->rrsets[i];
 		fd = (struct packed_rrset_data*)fk->entry.data;
-		dk->entry.hash = fk->entry.hash;
 		dk->rk = fk->rk;
 		dk->id = fk->id;
 
 		if(i<rep->an_numrrsets && fk->rk.type == htons(LDNS_RR_TYPE_A)) {
+			/* also sets dk->entry.hash */
 			dns64_synth_aaaa_data(fk, fd, dk, &dd, super->region, dns64_env);
 			/* Delete negative AAAA record from cache stored by
 			 * the iterator module */
 			rrset_cache_remove(super->env->rrset_cache, dk->rk.dname, 
 					   dk->rk.dname_len, LDNS_RR_TYPE_AAAA, 
 					   LDNS_RR_CLASS_IN, 0);
 		} else {
-			dk->rk.dname = (uint8_t*)regional_alloc_init(qstate->region,
+			dk->entry.hash = fk->entry.hash;
+			dk->rk.dname = (uint8_t*)regional_alloc_init(super->region,
 				fk->rk.dname, fk->rk.dname_len);
 
 			if(!dk->rk.dname)
 				return;
 
 			s = packed_rrset_sizeof(fd);
 			dd = (struct packed_rrset_data*)regional_alloc_init(
-				qstate->region, fd, s);
+				super->region, fd, s);
 
 			if(!dd)
 				return;

diff --git a/doc/CREDITS b/doc/CREDITS
@@ -19,3 +19,4 @@ Brett Carr - windows beta testing.
 Luca Bruno - patch for windows support in libunbound hosts and resolvconf().
 Tom Hendrikx - contributed split-itar.sh a useful script to 5011-track ITAR.
 Daisuke HIGASHI - patch for rrset-roundrobin and minimal-responses.
+Simon Perrault - DNS64 module.
diff --git a/doc/Changelog b/doc/Changelog
@@ -3,6 +3,11 @@
 	  Initial commit of the patch from the FreeBSD base (with its fixes).
 	  This adds a module (for module-config in unbound.conf) dns64 that
 	  performs DNS64 processing, see README.DNS64.
+	- Changes from DNS64:
+	  strcpy changed to memmove.
+	  arraybound check fixed from prefix_net/8/4 to prefix_net/8+4.
+	  allocation of result consistently in the correct region.
+	  time_t is now used for ttl in unbound (since the patch's version).
 
 29 July 2014: Wouter
 	- Patch from Dag-Erling Smorgrav that implements feature, unbound -dd

diff --git a/doc/README b/doc/README
@@ -3,6 +3,7 @@ Copyright 2007 NLnet Labs
 http://unbound.net
 
 This software is under BSD license, see LICENSE for details.
+The DNS64 module has BSD license in dns64/dns64.c.
 
 * Download the latest release version of this software from 
   	http://unbound.net 

diff --git a/doc/README.DNS64 b/doc/README.DNS64
@@ -1,3 +1,7 @@
+The DNS64 code was written by Viagenie, 2009, by Simon Perrault as part
+of the Ecdysis project.  The code is copyright by them, and has the BSD
+license (see the dns64/dns64.c file).
+
 To enable DNS64 functionality in Unbound, two directives in unbound.conf must
 be edited:
 

diff --git a/doc/example.conf.in b/doc/example.conf.in
@@ -331,8 +331,8 @@ server:
 	# minimal-responses: no
 
 	# module configuration of the server. A string with identifiers
-	# separated by spaces. Syntax: [dns64] [validator] iterator
-	# module-config: "dns64 iterator"
+	# separated by spaces. Syntax: "[dns64] [validator] iterator"
+	# module-config: "validator iterator"
 
 	# File with trusted keys, kept uptodate using RFC5011 probes,
 	# initial file like trust-anchor-file, then it stores metadata.
@@ -534,7 +534,8 @@ server:
 	# Default is no.  Can be turned on and off with unbound-control.
 	# ssl-upstream: no
 
-	# DNS64 prefix. Must be specified when DNS64 is in use.
+	# DNS64 prefix. Must be specified when DNS64 is use.
+	# Enable dns64 in module-config.  Used to synthesize IPv6 from IPv4.
 	# dns64-prefix: 64:ff9b::0/96
 
 # Python config section. To enable: