File:  [ELWIX - Embedded LightWeight unIX -] / embedaddon / dhcp / common / dns.c
Revision 1.1.1.1 (vendor branch): download - view: text, annotated - select for diffs - revision graph
Tue Oct 9 09:06:54 2012 UTC (12 years, 2 months ago) by misho
Branches: dhcp, MAIN
CVS tags: v4_1_R7p0, v4_1_R7, v4_1_R4, HEAD
dhcp 4.1 r7

/* dns.c

   Domain Name Service subroutines. */

/*
 * Copyright (c) 2009-2010 by Internet Systems Consortium, Inc. ("ISC")
 * Copyright (c) 2004-2007 by Internet Systems Consortium, Inc. ("ISC")
 * Copyright (c) 2001-2003 by Internet Software Consortium
 *
 * Permission to use, copy, modify, and distribute this software for any
 * purpose with or without fee is hereby granted, provided that the above
 * copyright notice and this permission notice appear in all copies.
 *
 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES
 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
 * MERCHANTABILITY AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR
 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
 * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 *
 *   Internet Systems Consortium, Inc.
 *   950 Charter Street
 *   Redwood City, CA 94063
 *   <info@isc.org>
 *   https://www.isc.org/
 *
 * This software has been written for Internet Systems Consortium
 * by Ted Lemon in cooperation with Nominum, Inc.
 * To learn more about Internet Systems Consortium, see
 * ``https://www.isc.org/''.  To learn more about Nominum, Inc., see
 * ``http://www.nominum.com''.
 */

#include "dhcpd.h"
#include "arpa/nameser.h"
#include "dst/md5.h"

/* This file is kind of a crutch for the BIND 8 nsupdate code, which has
 * itself been cruelly hacked from its original state.   What this code
 * does is twofold: first, it maintains a database of zone cuts that can
 * be used to figure out which server should be contacted to update any
 * given domain name.   Secondly, it maintains a set of named TSIG keys,
 * and associates those keys with zones.   When an update is requested for
 * a particular zone, the key associated with that zone is used for the
 * update.
 *
 * The way this works is that you define the domain name to which an
 * SOA corresponds, and the addresses of some primaries for that domain name:
 *
 *	zone FOO.COM {
 *	  primary 10.0.17.1;
 *	  secondary 10.0.22.1, 10.0.23.1;
 *	  key "FOO.COM Key";
 * 	}
 *
 * If an update is requested for GAZANGA.TOPANGA.FOO.COM, then the name
 * server looks in its database for a zone record for "GAZANGA.TOPANGA.FOO.COM",
 * doesn't find it, looks for one for "TOPANGA.FOO.COM", doesn't find *that*,
 * looks for "FOO.COM", finds it. So it
 * attempts the update to the primary for FOO.COM.   If that times out, it
 * tries the secondaries.   You can list multiple primaries if you have some
 * kind of magic name server that supports that.   You shouldn't list
 * secondaries that don't know how to forward updates (e.g., BIND 8 doesn't
 * support update forwarding, AFAIK).   If no TSIG key is listed, the update
 * is attempted without TSIG.
 *
 * The DHCP server tries to find an existing zone for any given name by
 * trying to look up a local zone structure for each domain containing
 * that name, all the way up to '.'.   If it finds one cached, it tries
 * to use that one to do the update.   That's why it tries to update
 * "FOO.COM" above, even though theoretically it should try GAZANGA...
 * and TOPANGA... first.
 *
 * If the update fails with a predefined or cached zone (we'll get to
 * those in a second), then it tries to find a more specific zone.   This
 * is done by looking first for an SOA for GAZANGA.TOPANGA.FOO.COM.   Then
 * an SOA for TOPANGA.FOO.COM is sought.   If during this search a predefined
 * or cached zone is found, the update fails - there's something wrong
 * somewhere.
 *
 * If a more specific zone _is_ found, that zone is cached for the length of
 * its TTL in the same database as that described above.   TSIG updates are
 * never done for cached zones - if you want TSIG updates you _must_
 * write a zone definition linking the key to the zone.   In cases where you
 * know for sure what the key is but do not want to hardcode the IP addresses
 * of the primary or secondaries, a zone declaration can be made that doesn't
 * include any primary or secondary declarations.   When the DHCP server
 * encounters this while hunting up a matching zone for a name, it looks up
 * the SOA, fills in the IP addresses, and uses that record for the update.
 * If the SOA lookup returns NXRRSET, a warning is printed and the zone is
 * discarded, TSIG key and all.   The search for the zone then continues as if
 * the zone record hadn't been found.   Zones without IP addresses don't
 * match when initially hunting for a predefined or cached zone to update.
 *
 * When an update is attempted and no predefined or cached zone is found
 * that matches any enclosing domain of the domain being updated, the DHCP
 * server goes through the same process that is done when the update to a
 * predefined or cached zone fails - starting with the most specific domain
 * name (GAZANGA.TOPANGA.FOO.COM) and moving to the least specific (the root),
 * it tries to look up an SOA record.   When it finds one, it creates a cached
 * zone and attempts an update, and gives up if the update fails.
 *
 * TSIG keys are defined like this:
 *
 *	key "FOO.COM Key" {
 *		algorithm HMAC-MD5.SIG-ALG.REG.INT;
 *		secret <Base64>;
 *	}
 *
 * <Base64> is a number expressed in base64 that represents the key.
 * It's also permissible to use a quoted string here - this will be
 * translated as the ASCII bytes making up the string, and will not
 * include any NUL termination.  The key name can be any text string,
 * and the key type must be one of the key types defined in the draft
 * or by the IANA.  Currently only the HMAC-MD5... key type is
 * supported.
 */

dns_zone_hash_t *dns_zone_hash;

#if defined (NSUPDATE)
isc_result_t find_tsig_key (ns_tsig_key **key, const char *zname,
			    struct dns_zone *zone)
{
	ns_tsig_key *tkey;

	if (!zone)
		return ISC_R_NOTFOUND;

	if (!zone -> key) {
		return ISC_R_KEY_UNKNOWN;
	}
	
	if ((!zone -> key -> name ||
	     strlen (zone -> key -> name) > NS_MAXDNAME) ||
	    (!zone -> key -> algorithm ||
	     strlen (zone -> key -> algorithm) > NS_MAXDNAME) ||
	    (!zone -> key) ||
	    (!zone -> key -> key) ||
	    (zone -> key -> key -> len == 0)) {
		return ISC_R_INVALIDKEY;
	}
	tkey = dmalloc (sizeof *tkey, MDL);
	if (!tkey) {
	      nomem:
		return ISC_R_NOMEMORY;
	}
	memset (tkey, 0, sizeof *tkey);
	tkey -> data = dmalloc (zone -> key -> key -> len, MDL);
	if (!tkey -> data) {
		dfree (tkey, MDL);
		goto nomem;
	}
	strcpy (tkey -> name, zone -> key -> name);
	strcpy (tkey -> alg, zone -> key -> algorithm);
	memcpy (tkey -> data,
		zone -> key -> key -> value, zone -> key -> key -> len);
	tkey -> len = zone -> key -> key -> len;
	*key = tkey;
	return ISC_R_SUCCESS;
}

void tkey_free (ns_tsig_key **key)
{
	if ((*key) -> data)
		dfree ((*key) -> data, MDL);
	dfree ((*key), MDL);
	*key = (ns_tsig_key *)0;
}
#endif

isc_result_t enter_dns_zone (struct dns_zone *zone)
{
	struct dns_zone *tz = (struct dns_zone *)0;

	if (dns_zone_hash) {
		dns_zone_hash_lookup (&tz,
				      dns_zone_hash, zone -> name, 0, MDL);
		if (tz == zone) {
			dns_zone_dereference (&tz, MDL);
			return ISC_R_SUCCESS;
		}
		if (tz) {
			dns_zone_hash_delete (dns_zone_hash,
					      zone -> name, 0, MDL);
			dns_zone_dereference (&tz, MDL);
		}
	} else {
		if (!dns_zone_new_hash(&dns_zone_hash, DNS_HASH_SIZE, MDL))
			return ISC_R_NOMEMORY;
	}
	dns_zone_hash_add (dns_zone_hash, zone -> name, 0, zone, MDL);
	return ISC_R_SUCCESS;
}

isc_result_t dns_zone_lookup (struct dns_zone **zone, const char *name)
{
	int len;
	char *tname = (char *)0;
	isc_result_t status;

	if (!dns_zone_hash)
		return ISC_R_NOTFOUND;

	len = strlen (name);
	if (name [len - 1] != '.') {
		tname = dmalloc ((unsigned)len + 2, MDL);
		if (!tname)
			return ISC_R_NOMEMORY;
		strcpy (tname, name);
		tname [len] = '.';
		tname [len + 1] = 0;
		name = tname;
	}
	if (!dns_zone_hash_lookup (zone, dns_zone_hash, name, 0, MDL))
		status = ISC_R_NOTFOUND;
	else
		status = ISC_R_SUCCESS;

	if (tname)
		dfree (tname, MDL);
	return status;
}

int dns_zone_dereference (ptr, file, line)
	struct dns_zone **ptr;
	const char *file;
	int line;
{
	struct dns_zone *dns_zone;

	if (!ptr || !*ptr) {
		log_error ("%s(%d): null pointer", file, line);
#if defined (POINTER_DEBUG)
		abort ();
#else
		return 0;
#endif
	}

	dns_zone = *ptr;
	*ptr = (struct dns_zone *)0;
	--dns_zone -> refcnt;
	rc_register (file, line, ptr, dns_zone, dns_zone -> refcnt, 1, RC_MISC);
	if (dns_zone -> refcnt > 0)
		return 1;

	if (dns_zone -> refcnt < 0) {
		log_error ("%s(%d): negative refcnt!", file, line);
#if defined (DEBUG_RC_HISTORY)
		dump_rc_history (dns_zone);
#endif
#if defined (POINTER_DEBUG)
		abort ();
#else
		return 0;
#endif
	}

	if (dns_zone -> name)
		dfree (dns_zone -> name, file, line);
	if (dns_zone -> key)
		omapi_auth_key_dereference (&dns_zone -> key, file, line);
	if (dns_zone -> primary)
		option_cache_dereference (&dns_zone -> primary, file, line);
	if (dns_zone -> secondary)
		option_cache_dereference (&dns_zone -> secondary, file, line);
	dfree (dns_zone, file, line);
	return 1;
}

#if defined (NSUPDATE)
isc_result_t find_cached_zone (const char *dname, ns_class class,
			       char *zname, size_t zsize,
			       struct in_addr *addrs,
			       int naddrs, int *naddrout,
			       struct dns_zone **zcookie)
{
	isc_result_t status = ISC_R_NOTFOUND;
	const char *np;
	struct dns_zone *zone = (struct dns_zone *)0;
	struct data_string nsaddrs;
	int ix;

	/* The absence of the zcookie pointer indicates that we
	   succeeded previously, but the update itself failed, meaning
	   that we shouldn't use the cached zone. */
	if (!zcookie)
		return ISC_R_NOTFOUND;

	/* We can't look up a null zone. */
	if (!dname || !*dname)
		return ISC_R_INVALIDARG;

	/*
	 * For each subzone, try to find a cached zone.
	 */
	for (np = dname;;) {
		status = dns_zone_lookup (&zone, np);
		if (status == ISC_R_SUCCESS)
			break;

		np = strchr(np, '.');
		if (np == NULL)
			break;
		np++;
	}

	if (status != ISC_R_SUCCESS)
		return status;

	/* Make sure the zone is valid. */
	if (zone -> timeout && zone -> timeout < cur_time) {
		dns_zone_dereference (&zone, MDL);
		return ISC_R_CANCELED;
	}

	/* Make sure the zone name will fit. */
	if (strlen (zone -> name) > zsize) {
		dns_zone_dereference (&zone, MDL);
		return ISC_R_NOSPACE;
	}
	strcpy (zname, zone -> name);

	memset (&nsaddrs, 0, sizeof nsaddrs);
	ix = 0;

	if (zone -> primary) {
		if (evaluate_option_cache (&nsaddrs, (struct packet *)0,
					   (struct lease *)0,
					   (struct client_state *)0,
					   (struct option_state *)0,
					   (struct option_state *)0,
					   &global_scope,
					   zone -> primary, MDL)) {
			int ip = 0;
			while (ix < naddrs) {
				if (ip + 4 > nsaddrs.len)
					break;
				memcpy (&addrs [ix], &nsaddrs.data [ip], 4);
				ip += 4;
				ix++;
			}
			data_string_forget (&nsaddrs, MDL);
		}
	}
	if (zone -> secondary) {
		if (evaluate_option_cache (&nsaddrs, (struct packet *)0,
					   (struct lease *)0,
					   (struct client_state *)0,
					   (struct option_state *)0,
					   (struct option_state *)0,
					   &global_scope,
					   zone -> secondary, MDL)) {
			int ip = 0;
			while (ix < naddrs) {
				if (ip + 4 > nsaddrs.len)
					break;
				memcpy (&addrs [ix], &nsaddrs.data [ip], 4);
				ip += 4;
				ix++;
			}
			data_string_forget (&nsaddrs, MDL);
		}
	}

	/* It's not an error for zcookie to have a value here - actually,
	   it's quite likely, because res_nupdate cycles through all the
	   names in the update looking for their zones. */
	if (!*zcookie)
		dns_zone_reference (zcookie, zone, MDL);
	dns_zone_dereference (&zone, MDL);
	if (naddrout)
		*naddrout = ix;
	return ISC_R_SUCCESS;
}

void forget_zone (struct dns_zone **zone)
{
	dns_zone_dereference (zone, MDL);
}

void repudiate_zone (struct dns_zone **zone)
{
	/* XXX Currently we're not differentiating between a cached
	   XXX zone and a zone that's been repudiated, which means
	   XXX that if we reap cached zones, we blow away repudiated
	   XXX zones.   This isn't a big problem since we're not yet
	   XXX caching zones... :'} */

	(*zone) -> timeout = cur_time - 1;
	dns_zone_dereference (zone, MDL);
}

void cache_found_zone (ns_class class,
		       char *zname, struct in_addr *addrs, int naddrs)
{
	struct dns_zone *zone = (struct dns_zone *)0;
	int ix = strlen (zname);

	if (zname [ix - 1] == '.')
		ix = 0;

	/* See if there's already such a zone. */
	if (dns_zone_lookup (&zone, zname) == ISC_R_SUCCESS) {
		/* If it's not a dynamic zone, leave it alone. */
		if (!zone -> timeout)
			return;
		/* Address may have changed, so just blow it away. */
		if (zone -> primary)
			option_cache_dereference (&zone -> primary, MDL);
		if (zone -> secondary)
			option_cache_dereference (&zone -> secondary, MDL);
	} else if (!dns_zone_allocate (&zone, MDL))
		return;

	if (!zone -> name) {
		zone -> name =
			dmalloc (strlen (zname) + 1 + (ix != 0), MDL);
		if (!zone -> name) {
			dns_zone_dereference (&zone, MDL);
			return;
		}
		strcpy (zone -> name, zname);
		/* Add a trailing '.' if it was missing. */
		if (ix) {
			zone -> name [ix] = '.';
			zone -> name [ix + 1] = 0;
		}
	}

	/* XXX Need to get the lower-level code to push the actual zone
	   XXX TTL up to us. */
	zone -> timeout = cur_time + 1800;
	
	if (!option_cache_allocate (&zone -> primary, MDL)) {
		dns_zone_dereference (&zone, MDL);
		return;
	}
	if (!buffer_allocate (&zone -> primary -> data.buffer,
			      naddrs * sizeof (struct in_addr), MDL)) {
		dns_zone_dereference (&zone, MDL);
		return;
	}
	memcpy (zone -> primary -> data.buffer -> data,
		addrs, naddrs * sizeof *addrs);
	zone -> primary -> data.data =
		&zone -> primary -> data.buffer -> data [0];
	zone -> primary -> data.len = naddrs * sizeof *addrs;

	enter_dns_zone (zone);
}

/* Have to use TXT records for now. */
#define T_DHCID T_TXT

int get_dhcid (struct data_string *id,
	       int type, const u_int8_t *data, unsigned len)
{
	unsigned char buf[MD5_DIGEST_LENGTH];
	MD5_CTX md5;
	int i;

	/* Types can only be 0..(2^16)-1. */
	if (type < 0 || type > 65535)
		return 0;

	/* Hexadecimal MD5 digest plus two byte type and NUL. */
	if (!buffer_allocate (&id -> buffer,
			      (MD5_DIGEST_LENGTH * 2) + 3, MDL))
		return 0;
	id -> data = id -> buffer -> data;

	/*
	 * DHCP clients and servers should use the following forms of client
	 * identification, starting with the most preferable, and finishing
	 * with the least preferable.  If the client does not send any of these
	 * forms of identification, the DHCP/DDNS interaction is not defined by
	 * this specification.  The most preferable form of identification is
	 * the Globally Unique Identifier Option [TBD].  Next is the DHCP
	 * Client Identifier option.  Last is the client's link-layer address,
	 * as conveyed in its DHCPREQUEST message.  Implementors should note
	 * that the link-layer address cannot be used if there are no
	 * significant bytes in the chaddr field of the DHCP client's request,
	 * because this does not constitute a unique identifier.
	 *   -- "Interaction between DHCP and DNS"
	 *      <draft-ietf-dhc-dhcp-dns-12.txt>
	 *      M. Stapp, Y. Rekhter
	 */

	/* Put the type in the first two bytes. */
	id->buffer->data[0] = "0123456789abcdef"[(type >> 4) & 0xf];
	/* This should have been [type & 0xf] but now that
	 * it is in use we need to leave it this way in order
	 * to avoid disturbing customer's lease files
	 */
	id -> buffer -> data [1] = "0123456789abcdef" [type % 15];

	/* Mash together an MD5 hash of the identifier. */
	MD5_Init (&md5);
	MD5_Update (&md5, data, len);
	MD5_Final (buf, &md5);

	/* Convert into ASCII. */
	for (i = 0; i < MD5_DIGEST_LENGTH; i++) {
		id -> buffer -> data [i * 2 + 2] =
			"0123456789abcdef" [(buf [i] >> 4) & 0xf];
		id -> buffer -> data [i * 2 + 3] =
			"0123456789abcdef" [buf [i] & 0xf];
	}
	id -> len = MD5_DIGEST_LENGTH * 2 + 2;
	id -> buffer -> data [id -> len] = 0;
	id -> terminated = 1;

	return 1;
}

/* Now for the DDNS update code that is shared between client and
   server... */

isc_result_t
ddns_update_fwd(struct data_string *ddns_fwd_name, struct iaddr ddns_addr,
		struct data_string *ddns_dhcid, unsigned long ttl,
		unsigned rrsetp, unsigned conflict) {
	ns_updque updqueue;
	ns_updrec *updrec;
	isc_result_t result;
	const char *logstr;
	char ddns_address[
		sizeof("ffff:ffff:ffff:ffff:ffff:ffff:255.255.255.255")];
	int ddns_address_type;

	/* 
	 * We want to delete either A or AAAA records, depending on
	 * whether we have an IPv4 or an IPv6 address.
	 */
	if (ddns_addr.len == 4) {
		ddns_address_type = T_A;
	} else if (ddns_addr.len == 16) {
		ddns_address_type = T_AAAA;
	} else {
		return ISC_R_INVALIDARG;
	}
	strcpy(ddns_address, piaddr(ddns_addr));

	/*
	 * When a DHCP client or server intends to update an A RR, it first
	 * prepares a DNS UPDATE query which includes as a prerequisite the
	 * assertion that the name does not exist.  The update section of the
	 * query attempts to add the new name and its IP address mapping (an A
	 * RR), and the DHCID RR with its unique client-identity.
	 *   -- "Interaction between DHCP and DNS"
	 */

	ISC_LIST_INIT (updqueue);

	/*
	 * A RR does not exist.
	 */
	updrec = minires_mkupdrec (S_PREREQ,
				   (const char *)ddns_fwd_name -> data,
				   C_IN, ddns_address_type, 0);
	if (!updrec) {
		result = ISC_R_NOMEMORY;
		goto error;
	}

	updrec -> r_data = (unsigned char *)0;
	updrec -> r_size = 0;
	updrec -> r_opcode = rrsetp ? NXRRSET : NXDOMAIN;

	ISC_LIST_APPEND (updqueue, updrec, r_link);


	/*
	 * Add A RR.
	 */
	updrec = minires_mkupdrec (S_UPDATE,
				   (const char *)ddns_fwd_name -> data,
				   C_IN, ddns_address_type, ttl);
	if (!updrec) {
		result = ISC_R_NOMEMORY;
		goto error;
	}

	updrec -> r_data = (unsigned char *)ddns_address;
	updrec -> r_size = strlen (ddns_address);
	updrec -> r_opcode = ADD;

	ISC_LIST_APPEND (updqueue, updrec, r_link);


	/*
	 * Add DHCID RR.
	 */
	updrec = minires_mkupdrec (S_UPDATE,
				   (const char *)ddns_fwd_name -> data,
				   C_IN, T_DHCID, ttl);
	if (!updrec) {
		result = ISC_R_NOMEMORY;
		goto error;
	}

	updrec -> r_data = ddns_dhcid -> data;
	updrec -> r_size = ddns_dhcid -> len;
	updrec -> r_opcode = ADD;

	ISC_LIST_APPEND (updqueue, updrec, r_link);


	/*
	 * Attempt to perform the update.
	 */
	result = minires_nupdate (&resolver_state, ISC_LIST_HEAD (updqueue));

#ifdef DEBUG_DNS_UPDATES
	print_dns_status ((int)result, &updqueue);
#endif

	/*
	 * If this update operation succeeds, the updater can conclude that it
	 * has added a new name whose only RRs are the A and DHCID RR records.
	 * The A RR update is now complete (and a client updater is finished,
	 * while a server might proceed to perform a PTR RR update).
	 *   -- "Interaction between DHCP and DNS"
	 */

	if (result == ISC_R_SUCCESS) {
		log_info ("Added new forward map from %.*s to %s",
			  (int)ddns_fwd_name -> len,
			  (const char *)ddns_fwd_name -> data, ddns_address);
		goto error;
	}


	/*
	 * If the first update operation fails with YXDOMAIN, the updater can
	 * conclude that the intended name is in use.  The updater then
	 * attempts to confirm that the DNS name is not being used by some
	 * other host. The updater prepares a second UPDATE query in which the
	 * prerequisite is that the desired name has attached to it a DHCID RR
	 * whose contents match the client identity.  The update section of
	 * this query deletes the existing A records on the name, and adds the
	 * A record that matches the DHCP binding and the DHCID RR with the
	 * client identity.
	 *   -- "Interaction between DHCP and DNS"
	 */

	if (result != (rrsetp ? ISC_R_YXRRSET : ISC_R_YXDOMAIN)) {
		log_error ("Unable to add forward map from %.*s to %s: %s",
			   (int)ddns_fwd_name -> len,
			   (const char *)ddns_fwd_name -> data, ddns_address,
			   isc_result_totext (result));
		goto error;
	}

	while (!ISC_LIST_EMPTY (updqueue)) {
		updrec = ISC_LIST_HEAD (updqueue);
		ISC_LIST_UNLINK (updqueue, updrec, r_link);
		minires_freeupdrec (updrec);
	}

	/* If we're doing conflict resolution, we use a set of prereqs.  If
	 * not, we delete the DHCID in addition to all A rrsets.
	 */
	if (conflict) {
		/*
		 * DHCID RR exists, and matches client identity.
		 */
		updrec = minires_mkupdrec (S_PREREQ,
					   (const char *)ddns_fwd_name -> data,
					   C_IN, T_DHCID, 0);
		if (!updrec) {
			result = ISC_R_NOMEMORY;
			goto error;
		}
	
		updrec -> r_data = ddns_dhcid -> data;
		updrec -> r_size = ddns_dhcid -> len;
		updrec -> r_opcode = YXRRSET;

		ISC_LIST_APPEND (updqueue, updrec, r_link);
	} else {
		/*
		 * Conflict detection override: delete DHCID RRs.
		 */
		updrec = minires_mkupdrec(S_UPDATE, 
					  (const char *)ddns_fwd_name->data,
					  C_IN, T_DHCID, 0);

		if (!updrec) {
			result = ISC_R_NOMEMORY;
			goto error;
		}

		updrec->r_data = NULL;
		updrec->r_size = 0;
		updrec->r_opcode = DELETE;

		ISC_LIST_APPEND(updqueue, updrec, r_link);


		/*
		 * With all other DHCID RR's deleted, add this client's
		 * DHCID unconditionally (as update-conflict-detection is
		 * disabled).
		 */
		updrec = minires_mkupdrec(S_UPDATE,
					  (const char *)ddns_fwd_name->data,
					  C_IN, T_DHCID, ttl);
		if (!updrec) {
			result = ISC_R_NOMEMORY;
			goto error;
		}
 
		updrec->r_data = ddns_dhcid->data;
		updrec->r_size = ddns_dhcid->len;
		updrec->r_opcode = ADD;
 
		ISC_LIST_APPEND (updqueue, updrec, r_link);
	}


	/*
	 * Delete A RRset.
	 */
	updrec = minires_mkupdrec (S_UPDATE,
				   (const char *)ddns_fwd_name -> data,
				   C_IN, ddns_address_type, 0);
	if (!updrec) {
		result = ISC_R_NOMEMORY;
		goto error;
	}

	updrec -> r_data = (unsigned char *)0;
	updrec -> r_size = 0;
	updrec -> r_opcode = DELETE;

	ISC_LIST_APPEND (updqueue, updrec, r_link);


	/*
	 * Add A RR.
	 */
	updrec = minires_mkupdrec (S_UPDATE,
				   (const char *)ddns_fwd_name -> data,
				   C_IN, ddns_address_type, ttl);
	if (!updrec) {
		result = ISC_R_NOMEMORY;
		goto error;
	}

	updrec -> r_data = (unsigned char *)ddns_address;
	updrec -> r_size = strlen (ddns_address);
	updrec -> r_opcode = ADD;

	ISC_LIST_APPEND (updqueue, updrec, r_link);


	/*
	 * Attempt to perform the update.
	 */
	result = minires_nupdate (&resolver_state, ISC_LIST_HEAD (updqueue));

	switch (result) {
	    case ISC_R_SUCCESS:
		logstr = NULL;
		break;

	    case ISC_R_YXRRSET:
	    case ISC_R_YXDOMAIN:
		logstr = "DHCID mismatch, belongs to another client.";
		break;

	    case ISC_R_NXRRSET:
	    case ISC_R_NXDOMAIN:
		logstr = "Has an address record but no DHCID, not mine.";
		break;

	    default:
		logstr = isc_result_totext(result);
		break;
	}

	if (logstr != NULL)
		log_error("Forward map from %.*s to %s FAILED: %s",
				   (int)ddns_fwd_name -> len,
				   (const char *)ddns_fwd_name -> data,
				   ddns_address, logstr);
	else
		log_info("Added new forward map from %.*s to %s",
			  (int)ddns_fwd_name -> len,
			  (const char *)ddns_fwd_name -> data, ddns_address);

#if defined (DEBUG_DNS_UPDATES)
	print_dns_status ((int)result, &updqueue);
#endif

	/*
	 * If this query succeeds, the updater can conclude that the current
	 * client was the last client associated with the domain name, and that
	 * the name now contains the updated A RR. The A RR update is now
	 * complete (and a client updater is finished, while a server would
	 * then proceed to perform a PTR RR update).
	 *   -- "Interaction between DHCP and DNS"
	 */

	/*
	 * If the second query fails with NXRRSET, the updater must conclude
	 * that the client's desired name is in use by another host.  At this
	 * juncture, the updater can decide (based on some administrative
	 * configuration outside of the scope of this document) whether to let
	 * the existing owner of the name keep that name, and to (possibly)
	 * perform some name disambiguation operation on behalf of the current
	 * client, or to replace the RRs on the name with RRs that represent
	 * the current client. If the configured policy allows replacement of
	 * existing records, the updater submits a query that deletes the
	 * existing A RR and the existing DHCID RR, adding A and DHCID RRs that
	 * represent the IP address and client-identity of the new client.
	 *   -- "Interaction between DHCP and DNS"
	 */

  error:
	while (!ISC_LIST_EMPTY (updqueue)) {
		updrec = ISC_LIST_HEAD (updqueue);
		ISC_LIST_UNLINK (updqueue, updrec, r_link);
		minires_freeupdrec (updrec);
	}

	return result;
}

isc_result_t
ddns_remove_fwd(struct data_string *ddns_fwd_name,
		struct iaddr ddns_addr, 
		struct data_string *ddns_dhcid) {
	ns_updque updqueue;
	ns_updrec *updrec;
	isc_result_t result = SERVFAIL;
	char ddns_address[
		sizeof("ffff:ffff:ffff:ffff:ffff:ffff:255.255.255.255")];
	int ddns_address_type;

	/* 
	 * We want to delete either A or AAAA records, depending on
	 * whether we have an IPv4 or an IPv6 address.
	 */
	if (ddns_addr.len == 4) {
		ddns_address_type = T_A;
	} else if (ddns_addr.len == 16) {
		ddns_address_type = T_AAAA;
	} else {
		return ISC_R_INVALIDARG;
	}
	strcpy(ddns_address, piaddr(ddns_addr));

	/*
	 * The entity chosen to handle the A record for this client (either the
	 * client or the server) SHOULD delete the A record that was added when
	 * the lease was made to the client.
	 *
	 * In order to perform this delete, the updater prepares an UPDATE
	 * query which contains two prerequisites.  The first prerequisite
	 * asserts that the DHCID RR exists whose data is the client identity
	 * described in Section 4.3. The second prerequisite asserts that the
	 * data in the A RR contains the IP address of the lease that has
	 * expired or been released.
	 *   -- "Interaction between DHCP and DNS"
	 */

	ISC_LIST_INIT (updqueue);

	/*
	 * DHCID RR exists, and matches client identity.
	 */
	updrec = minires_mkupdrec (S_PREREQ,
				   (const char *)ddns_fwd_name -> data,
				   C_IN, T_DHCID,0);
	if (!updrec) {
		result = ISC_R_NOMEMORY;
		goto error;
	}

	updrec -> r_data = ddns_dhcid -> data;
	updrec -> r_size = ddns_dhcid -> len;
	updrec -> r_opcode = YXRRSET;

	ISC_LIST_APPEND (updqueue, updrec, r_link);


	/*
	 * Address RR (A/AAAA) matches the expiring lease.
	 */
	updrec = minires_mkupdrec (S_PREREQ,
				   (const char *)ddns_fwd_name -> data,
				   C_IN, ddns_address_type, 0);
	if (!updrec) {
		result = ISC_R_NOMEMORY;
		goto error;
	}

	updrec -> r_data = (unsigned char *)ddns_address;
	updrec -> r_size = strlen (ddns_address);
	updrec -> r_opcode = YXRRSET;

	ISC_LIST_APPEND (updqueue, updrec, r_link);


	/*
	 * Delete appropriate Address RR (A/AAAA).
	 */
	updrec = minires_mkupdrec (S_UPDATE,
				   (const char *)ddns_fwd_name -> data,
				   C_IN, ddns_address_type, 0);
	if (!updrec) {
		result = ISC_R_NOMEMORY;
		goto error;
	}

	updrec -> r_data = (unsigned char *)ddns_address;
	updrec -> r_size = strlen (ddns_address);
	updrec -> r_opcode = DELETE;

	ISC_LIST_APPEND (updqueue, updrec, r_link);

	/*
	 * Attempt to perform the update.
	 */
	result = minires_nupdate (&resolver_state, ISC_LIST_HEAD (updqueue));
	print_dns_status ((int)result, &updqueue);

	/*
	 * If the query fails, the updater MUST NOT delete the DNS name.  It
	 * may be that the host whose lease on the server has expired has moved
	 * to another network and obtained a lease from a different server,
	 * which has caused the client's A RR to be replaced. It may also be
	 * that some other client has been configured with a name that matches
	 * the name of the DHCP client, and the policy was that the last client
	 * to specify the name would get the name.  In this case, the DHCID RR
	 * will no longer match the updater's notion of the client-identity of
	 * the host pointed to by the DNS name.
	 *   -- "Interaction between DHCP and DNS"
	 */

	if (result != ISC_R_SUCCESS) {
		/* If the rrset isn't there, we didn't need to do the
		   delete, which is success. */
		if (result == ISC_R_NXRRSET || result == ISC_R_NXDOMAIN)
			result = ISC_R_SUCCESS;	
		goto error;
	}

	while (!ISC_LIST_EMPTY (updqueue)) {
		updrec = ISC_LIST_HEAD (updqueue);
		ISC_LIST_UNLINK (updqueue, updrec, r_link);
		minires_freeupdrec (updrec);
	}

	/*
	 * If the deletion of the desired address succeeded (its A or AAAA
	 * RR was removed above), and there are zero other A or AAAA records
	 * left for this domain, then we can delete the DHCID record as well.
	 * We can't delete the DHCID record above because it's possible the
	 * client has more than one valid address added to this domain name,
	 * by this or other DHCP servers.
	 *
	 * Essentially, this final update is a cleanup operation that is only
	 * intended to succeed after the last address has been removed from
	 * DNS (which is only expected to happen after the client is not
	 * reasonably in possession of those addresses).
	 */
	ISC_LIST_INIT (updqueue);

	/*
	 * A RR does not exist.
	 */
	updrec = minires_mkupdrec(S_PREREQ, (const char *)ddns_fwd_name->data,
				  C_IN, T_A, 0);
	if (updrec == NULL) {
		result = ISC_R_NOMEMORY;
		goto error;
	}

	updrec->r_data = NULL;
	updrec->r_size = 0;
	updrec->r_opcode = NXRRSET;

	ISC_LIST_APPEND (updqueue, updrec, r_link);

	/*
	 * AAAA RR does not exist.
	 */
	updrec = minires_mkupdrec(S_PREREQ, (const char *)ddns_fwd_name->data,
				  C_IN, T_AAAA, 0);

	if (updrec == NULL) {
		result = ISC_R_NOMEMORY;
		goto error;
	}

	updrec->r_data = NULL;
	updrec->r_size = 0;
	updrec->r_opcode = NXRRSET;

	ISC_LIST_APPEND(updqueue, updrec, r_link);

	/*
	 * Delete appropriate DHCID RR.
	 */
	updrec = minires_mkupdrec (S_UPDATE,
				  (const char *)ddns_fwd_name -> data,
				   C_IN, T_DHCID, 0);
	if (!updrec) {
		result = ISC_R_NOMEMORY;
		goto error;
	}

	updrec -> r_data = ddns_dhcid -> data;
	updrec -> r_size = ddns_dhcid -> len;
	updrec -> r_opcode = DELETE;

	ISC_LIST_APPEND (updqueue, updrec, r_link);

	/*
	 * Attempt to perform the update.
	 */
	result = minires_nupdate (&resolver_state, ISC_LIST_HEAD (updqueue));
	print_dns_status ((int)result, &updqueue);

	/* Fall through. */
  error:

	while (!ISC_LIST_EMPTY (updqueue)) {
		updrec = ISC_LIST_HEAD (updqueue);
		ISC_LIST_UNLINK (updqueue, updrec, r_link);
		minires_freeupdrec (updrec);
	}

	return result;
}


#endif /* NSUPDATE */

HASH_FUNCTIONS (dns_zone, const char *, struct dns_zone, dns_zone_hash_t,
		dns_zone_reference, dns_zone_dereference, do_case_hash)

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>