Annotation of embedaddon/dhcp/server/ddns.c, revision 1.1
1.1 ! misho 1: /* ddns.c
! 2:
! 3: Dynamic DNS updates. */
! 4:
! 5: /*
! 6: * Copyright (c) 2004-2007,2009-2010 by
! 7: * Internet Systems Consortium, Inc. ("ISC")
! 8: * Copyright (c) 2000-2003 by Internet Software Consortium
! 9: *
! 10: * Permission to use, copy, modify, and distribute this software for any
! 11: * purpose with or without fee is hereby granted, provided that the above
! 12: * copyright notice and this permission notice appear in all copies.
! 13: *
! 14: * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES
! 15: * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
! 16: * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR
! 17: * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
! 18: * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
! 19: * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
! 20: * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
! 21: *
! 22: * Internet Systems Consortium, Inc.
! 23: * 950 Charter Street
! 24: * Redwood City, CA 94063
! 25: * <info@isc.org>
! 26: * https://www.isc.org/
! 27: *
! 28: * This software has been donated to Internet Systems Consortium
! 29: * by Damien Neil of Nominum, Inc.
! 30: *
! 31: * To learn more about Internet Systems Consortium, see
! 32: * ``https://www.isc.org/''. To learn more about Nominum, Inc., see
! 33: * ``http://www.nominum.com''.
! 34: */
! 35:
! 36: #include "dhcpd.h"
! 37: #include "dst/md5.h"
! 38: #include "minires/minires.h"
! 39:
! 40: #ifdef NSUPDATE
! 41:
! 42: /* DN: No way of checking that there is enough space in a data_string's
! 43: buffer. Be certain to allocate enough!
! 44: TL: This is why the expression evaluation code allocates a *new*
! 45: data_string. :') */
! 46: static void data_string_append (struct data_string *ds1,
! 47: struct data_string *ds2)
! 48: {
! 49: memcpy (ds1 -> buffer -> data + ds1 -> len,
! 50: ds2 -> data,
! 51: ds2 -> len);
! 52: ds1 -> len += ds2 -> len;
! 53: }
! 54:
! 55: static isc_result_t ddns_update_ptr (struct data_string *ddns_fwd_name,
! 56: struct data_string *ddns_rev_name,
! 57: unsigned long ttl)
! 58: {
! 59: ns_updque updqueue;
! 60: ns_updrec *updrec;
! 61: isc_result_t result = ISC_R_UNEXPECTED;
! 62:
! 63: /*
! 64: * The DHCP server submits a DNS query which deletes all of the PTR RRs
! 65: * associated with the lease IP address, and adds a PTR RR whose data
! 66: * is the client's (possibly disambiguated) host name. The server also
! 67: * adds a DHCID RR specified in Section 4.3.
! 68: * -- "Interaction between DHCP and DNS"
! 69: */
! 70:
! 71: ISC_LIST_INIT (updqueue);
! 72:
! 73: /*
! 74: * Delete all PTR RRs.
! 75: */
! 76: updrec = minires_mkupdrec (S_UPDATE,
! 77: (const char *)ddns_rev_name -> data,
! 78: C_IN, T_PTR, 0);
! 79: if (!updrec) {
! 80: result = ISC_R_NOMEMORY;
! 81: goto error;
! 82: }
! 83:
! 84: updrec -> r_data = (unsigned char *)0;
! 85: updrec -> r_size = 0;
! 86: updrec -> r_opcode = DELETE;
! 87:
! 88: ISC_LIST_APPEND (updqueue, updrec, r_link);
! 89:
! 90: /*
! 91: * Add PTR RR.
! 92: */
! 93: updrec = minires_mkupdrec (S_UPDATE,
! 94: (const char *)ddns_rev_name -> data,
! 95: C_IN, T_PTR, ttl);
! 96: if (!updrec) {
! 97: result = ISC_R_NOMEMORY;
! 98: goto error;
! 99: }
! 100:
! 101: updrec -> r_data = ddns_fwd_name -> data;
! 102: updrec -> r_size = ddns_fwd_name -> len;
! 103: updrec -> r_opcode = ADD;
! 104:
! 105: ISC_LIST_APPEND (updqueue, updrec, r_link);
! 106:
! 107: /*
! 108: * Attempt to perform the update.
! 109: */
! 110: result = minires_nupdate (&resolver_state, ISC_LIST_HEAD (updqueue));
! 111: #if defined (DEBUG)
! 112: print_dns_status ((int)result, &updqueue);
! 113: #endif
! 114: if (result == ISC_R_SUCCESS) {
! 115: log_info ("added reverse map from %.*s to %.*s",
! 116: (int)ddns_rev_name -> len,
! 117: (const char *)ddns_rev_name -> data,
! 118: (int)ddns_fwd_name -> len,
! 119: (const char *)ddns_fwd_name -> data);
! 120: } else {
! 121: log_error ("unable to add reverse map from %.*s to %.*s: %s",
! 122: (int)ddns_rev_name -> len,
! 123: (const char *)ddns_rev_name -> data,
! 124: (int)ddns_fwd_name -> len,
! 125: (const char *)ddns_fwd_name -> data,
! 126: isc_result_totext (result));
! 127: }
! 128:
! 129: /* Fall through. */
! 130: error:
! 131:
! 132: while (!ISC_LIST_EMPTY (updqueue)) {
! 133: updrec = ISC_LIST_HEAD (updqueue);
! 134: ISC_LIST_UNLINK (updqueue, updrec, r_link);
! 135: minires_freeupdrec (updrec);
! 136: }
! 137:
! 138: return result;
! 139: }
! 140:
! 141:
! 142: static isc_result_t ddns_remove_ptr (struct data_string *ddns_rev_name)
! 143: {
! 144: ns_updque updqueue;
! 145: ns_updrec *updrec;
! 146: isc_result_t result;
! 147:
! 148: /*
! 149: * When a lease expires or a DHCP client issues a DHCPRELEASE request,
! 150: * the DHCP server SHOULD delete the PTR RR that matches the DHCP
! 151: * binding, if one was successfully added. The server's update query
! 152: * SHOULD assert that the name in the PTR record matches the name of
! 153: * the client whose lease has expired or been released.
! 154: * -- "Interaction between DHCP and DNS"
! 155: */
! 156:
! 157: ISC_LIST_INIT (updqueue);
! 158:
! 159: /*
! 160: * Delete the PTR RRset for the leased address.
! 161: */
! 162: updrec = minires_mkupdrec (S_UPDATE,
! 163: (const char *)ddns_rev_name -> data,
! 164: C_IN, T_PTR, 0);
! 165: if (!updrec) {
! 166: result = ISC_R_NOMEMORY;
! 167: goto error;
! 168: }
! 169:
! 170: updrec -> r_data = (unsigned char *)0;
! 171: updrec -> r_size = 0;
! 172: updrec -> r_opcode = DELETE;
! 173:
! 174: ISC_LIST_APPEND (updqueue, updrec, r_link);
! 175:
! 176: /*
! 177: * Attempt to perform the update.
! 178: */
! 179: result = minires_nupdate (&resolver_state, ISC_LIST_HEAD (updqueue));
! 180: #if defined (DEBUG)
! 181: print_dns_status ((int)result, &updqueue);
! 182: #endif
! 183: if (result == ISC_R_SUCCESS) {
! 184: log_info ("removed reverse map on %.*s",
! 185: (int)ddns_rev_name -> len,
! 186: (const char *)ddns_rev_name -> data);
! 187: } else {
! 188: if (result != ISC_R_NXRRSET && result != ISC_R_NXDOMAIN)
! 189: log_error ("can't remove reverse map on %.*s: %s",
! 190: (int)ddns_rev_name -> len,
! 191: (const char *)ddns_rev_name -> data,
! 192: isc_result_totext (result));
! 193: }
! 194:
! 195: /* Not there is success. */
! 196: if (result == ISC_R_NXRRSET || result == ISC_R_NXDOMAIN)
! 197: result = ISC_R_SUCCESS;
! 198:
! 199: /* Fall through. */
! 200: error:
! 201:
! 202: while (!ISC_LIST_EMPTY (updqueue)) {
! 203: updrec = ISC_LIST_HEAD (updqueue);
! 204: ISC_LIST_UNLINK (updqueue, updrec, r_link);
! 205: minires_freeupdrec (updrec);
! 206: }
! 207:
! 208: return result;
! 209: }
! 210:
! 211:
! 212: /* Determine what, if any, forward and reverse updates need to be
! 213: * performed, and carry them through.
! 214: */
! 215: int
! 216: ddns_updates(struct packet *packet, struct lease *lease, struct lease *old,
! 217: struct iasubopt *lease6, struct iasubopt *old6,
! 218: struct option_state *options)
! 219: {
! 220: unsigned long ddns_ttl = DEFAULT_DDNS_TTL;
! 221: struct data_string ddns_hostname;
! 222: struct data_string ddns_domainname;
! 223: struct data_string old_ddns_fwd_name;
! 224: struct data_string ddns_fwd_name;
! 225: struct data_string ddns_rev_name;
! 226: struct data_string ddns_dhcid;
! 227: struct binding_scope **scope;
! 228: struct iaddr addr;
! 229: struct data_string d1;
! 230: struct option_cache *oc;
! 231: int s1, s2;
! 232: int result = 0;
! 233: isc_result_t rcode1 = ISC_R_SUCCESS, rcode2 = ISC_R_SUCCESS;
! 234: int server_updates_a = 1;
! 235: int server_updates_ptr = 1;
! 236: struct buffer *bp = (struct buffer *)0;
! 237: int ignorep = 0, client_ignorep = 0;
! 238: int rev_name_len;
! 239: int i;
! 240:
! 241: if (ddns_update_style != 2)
! 242: return 0;
! 243:
! 244: if (lease != NULL) {
! 245: scope = &(lease->scope);
! 246: addr = lease->ip_addr;
! 247: } else if (lease6 != NULL) {
! 248: scope = &(lease6->scope);
! 249: memcpy(addr.iabuf, lease6->addr.s6_addr, 16);
! 250: addr.len = 16;
! 251: } else {
! 252: log_fatal("Impossible condition at %s:%d.", MDL);
! 253: /* Silence compiler warnings. */
! 254: return 0;
! 255: }
! 256:
! 257: memset(&d1, 0, sizeof(d1));
! 258: memset (&ddns_hostname, 0, sizeof (ddns_hostname));
! 259: memset (&ddns_domainname, 0, sizeof (ddns_domainname));
! 260: memset (&old_ddns_fwd_name, 0, sizeof (ddns_fwd_name));
! 261: memset (&ddns_fwd_name, 0, sizeof (ddns_fwd_name));
! 262: memset (&ddns_rev_name, 0, sizeof (ddns_rev_name));
! 263: memset (&ddns_dhcid, 0, sizeof (ddns_dhcid));
! 264:
! 265: /* If we are allowed to accept the client's update of its own A
! 266: record, see if the client wants to update its own A record. */
! 267: if (!(oc = lookup_option(&server_universe, options,
! 268: SV_CLIENT_UPDATES)) ||
! 269: evaluate_boolean_option_cache(&client_ignorep, packet, lease, NULL,
! 270: packet->options, options, scope,
! 271: oc, MDL)) {
! 272: /* If there's no fqdn.no-client-update or if it's
! 273: nonzero, don't try to use the client-supplied
! 274: XXX */
! 275: if (!(oc = lookup_option (&fqdn_universe, packet -> options,
! 276: FQDN_SERVER_UPDATE)) ||
! 277: evaluate_boolean_option_cache(&ignorep, packet, lease,
! 278: NULL, packet->options,
! 279: options, scope, oc, MDL))
! 280: goto noclient;
! 281: /* Win98 and Win2k will happily claim to be willing to
! 282: update an unqualified domain name. */
! 283: if (!(oc = lookup_option (&fqdn_universe, packet -> options,
! 284: FQDN_DOMAINNAME)))
! 285: goto noclient;
! 286: if (!(oc = lookup_option (&fqdn_universe, packet -> options,
! 287: FQDN_FQDN)) ||
! 288: !evaluate_option_cache(&ddns_fwd_name, packet, lease,
! 289: NULL, packet->options,
! 290: options, scope, oc, MDL))
! 291: goto noclient;
! 292: server_updates_a = 0;
! 293: goto client_updates;
! 294: }
! 295: noclient:
! 296: /* If do-forward-updates is disabled, this basically means don't
! 297: do an update unless the client is participating, so if we get
! 298: here and do-forward-updates is disabled, we can stop. */
! 299: if ((oc = lookup_option (&server_universe, options,
! 300: SV_DO_FORWARD_UPDATES)) &&
! 301: !evaluate_boolean_option_cache(&ignorep, packet, lease,
! 302: NULL, packet->options,
! 303: options, scope, oc, MDL)) {
! 304: return 0;
! 305: }
! 306:
! 307: /* If it's a static lease, then don't do the DNS update unless we're
! 308: specifically configured to do so. If the client asked to do its
! 309: own update and we allowed that, we don't do this test. */
! 310: /* XXX: note that we cannot detect static DHCPv6 leases. */
! 311: if ((lease != NULL) && (lease->flags & STATIC_LEASE)) {
! 312: if (!(oc = lookup_option(&server_universe, options,
! 313: SV_UPDATE_STATIC_LEASES)) ||
! 314: !evaluate_boolean_option_cache(&ignorep, packet, lease,
! 315: NULL, packet->options,
! 316: options, scope, oc, MDL))
! 317: return 0;
! 318: }
! 319:
! 320: /*
! 321: * Compute the name for the A record.
! 322: */
! 323: oc = lookup_option(&server_universe, options, SV_DDNS_HOST_NAME);
! 324: if (oc)
! 325: s1 = evaluate_option_cache(&ddns_hostname, packet, lease,
! 326: NULL, packet->options,
! 327: options, scope, oc, MDL);
! 328: else
! 329: s1 = 0;
! 330:
! 331: oc = lookup_option(&server_universe, options, SV_DDNS_DOMAIN_NAME);
! 332: if (oc)
! 333: s2 = evaluate_option_cache(&ddns_domainname, packet, lease,
! 334: NULL, packet->options,
! 335: options, scope, oc, MDL);
! 336: else
! 337: s2 = 0;
! 338:
! 339: if (s1 && s2) {
! 340: if (ddns_hostname.len + ddns_domainname.len > 253) {
! 341: log_error ("ddns_update: host.domain name too long");
! 342:
! 343: goto out;
! 344: }
! 345:
! 346: buffer_allocate (&ddns_fwd_name.buffer,
! 347: ddns_hostname.len + ddns_domainname.len + 2,
! 348: MDL);
! 349: if (ddns_fwd_name.buffer) {
! 350: ddns_fwd_name.data = ddns_fwd_name.buffer -> data;
! 351: data_string_append (&ddns_fwd_name, &ddns_hostname);
! 352: ddns_fwd_name.buffer -> data [ddns_fwd_name.len] = '.';
! 353: ddns_fwd_name.len++;
! 354: data_string_append (&ddns_fwd_name, &ddns_domainname);
! 355: ddns_fwd_name.buffer -> data [ddns_fwd_name.len] ='\0';
! 356: ddns_fwd_name.terminated = 1;
! 357: }
! 358: }
! 359: client_updates:
! 360:
! 361: /* See if there's a name already stored on the lease. */
! 362: if (find_bound_string(&old_ddns_fwd_name, *scope, "ddns-fwd-name")) {
! 363: /* If there is, see if it's different. */
! 364: if (old_ddns_fwd_name.len != ddns_fwd_name.len ||
! 365: memcmp (old_ddns_fwd_name.data, ddns_fwd_name.data,
! 366: old_ddns_fwd_name.len)) {
! 367: /* If the name is different, try to delete
! 368: the old A record. */
! 369: if (!ddns_removals(lease, lease6))
! 370: goto out;
! 371: /* If the delete succeeded, go install the new
! 372: record. */
! 373: goto in;
! 374: }
! 375:
! 376: /* See if there's a DHCID on the lease, and if not
! 377: * then potentially look for 'on events' for ad-hoc ddns.
! 378: */
! 379: if (!find_bound_string(&ddns_dhcid, *scope, "ddns-txt") &&
! 380: (old != NULL)) {
! 381: /* If there's no DHCID, the update was probably
! 382: done with the old-style ad-hoc DDNS updates.
! 383: So if the expiry and release events look like
! 384: they're the same, run them. This should delete
! 385: the old DDNS data. */
! 386: if (old -> on_expiry == old -> on_release) {
! 387: execute_statements(NULL, NULL, lease, NULL,
! 388: NULL, NULL, scope,
! 389: old->on_expiry);
! 390: if (old -> on_expiry)
! 391: executable_statement_dereference
! 392: (&old -> on_expiry, MDL);
! 393: if (old -> on_release)
! 394: executable_statement_dereference
! 395: (&old -> on_release, MDL);
! 396: /* Now, install the DDNS data the new way. */
! 397: goto in;
! 398: }
! 399: } else
! 400: data_string_forget(&ddns_dhcid, MDL);
! 401:
! 402: /* See if the administrator wants to do updates even
! 403: in cases where the update already appears to have been
! 404: done. */
! 405: if (!(oc = lookup_option(&server_universe, options,
! 406: SV_UPDATE_OPTIMIZATION)) ||
! 407: evaluate_boolean_option_cache(&ignorep, packet, lease,
! 408: NULL, packet->options,
! 409: options, scope, oc, MDL)) {
! 410: result = 1;
! 411: goto noerror;
! 412: }
! 413: /* If there's no "ddns-fwd-name" on the lease record, see if
! 414: * there's a ddns-client-fqdn indicating a previous client
! 415: * update (if it changes, we need to adjust the PTR).
! 416: */
! 417: } else if (find_bound_string(&old_ddns_fwd_name, *scope,
! 418: "ddns-client-fqdn")) {
! 419: /* If the name is not different, no need to update
! 420: the PTR record. */
! 421: if (old_ddns_fwd_name.len == ddns_fwd_name.len &&
! 422: !memcmp (old_ddns_fwd_name.data, ddns_fwd_name.data,
! 423: old_ddns_fwd_name.len) &&
! 424: (!(oc = lookup_option(&server_universe, options,
! 425: SV_UPDATE_OPTIMIZATION)) ||
! 426: evaluate_boolean_option_cache(&ignorep, packet, lease,
! 427: NULL, packet->options,
! 428: options, scope, oc, MDL))) {
! 429: goto noerror;
! 430: }
! 431: }
! 432: in:
! 433:
! 434: /* If we don't have a name that the client has been assigned, we
! 435: can just skip all this. */
! 436: if (!ddns_fwd_name.len)
! 437: goto out;
! 438:
! 439: if (ddns_fwd_name.len > 255) {
! 440: log_error ("client provided fqdn: too long");
! 441: goto out;
! 442: }
! 443:
! 444: /*
! 445: * Compute the RR TTL.
! 446: */
! 447: ddns_ttl = DEFAULT_DDNS_TTL;
! 448: if ((oc = lookup_option(&server_universe, options, SV_DDNS_TTL))) {
! 449: if (evaluate_option_cache(&d1, packet, lease, NULL,
! 450: packet->options, options, scope,
! 451: oc, MDL)) {
! 452: if (d1.len == sizeof (u_int32_t))
! 453: ddns_ttl = getULong (d1.data);
! 454: data_string_forget (&d1, MDL);
! 455: }
! 456: }
! 457:
! 458: /*
! 459: * Compute the reverse IP name, starting with the domain name.
! 460: */
! 461: oc = lookup_option(&server_universe, options, SV_DDNS_REV_DOMAIN_NAME);
! 462: if (oc)
! 463: s1 = evaluate_option_cache(&d1, packet, lease, NULL,
! 464: packet->options, options,
! 465: scope, oc, MDL);
! 466: else
! 467: s1 = 0;
! 468:
! 469: /*
! 470: * Figure out the length of the part of the name that depends
! 471: * on the address.
! 472: */
! 473: if (addr.len == 4) {
! 474: char buf[17];
! 475: /* XXX: WOW this is gross. */
! 476: rev_name_len = snprintf(buf, sizeof(buf), "%u.%u.%u.%u.",
! 477: addr.iabuf[3] & 0xff,
! 478: addr.iabuf[2] & 0xff,
! 479: addr.iabuf[1] & 0xff,
! 480: addr.iabuf[0] & 0xff) + 1;
! 481:
! 482: if (s1) {
! 483: rev_name_len += d1.len;
! 484:
! 485: if (rev_name_len > 255) {
! 486: log_error("ddns_update: Calculated rev domain "
! 487: "name too long.");
! 488: s1 = 0;
! 489: data_string_forget(&d1, MDL);
! 490: }
! 491: }
! 492: } else if (addr.len == 16) {
! 493: /*
! 494: * IPv6 reverse names are always the same length, with
! 495: * 32 hex characters separated by dots.
! 496: */
! 497: rev_name_len = sizeof("0.1.2.3.4.5.6.7."
! 498: "8.9.a.b.c.d.e.f."
! 499: "0.1.2.3.4.5.6.7."
! 500: "8.9.a.b.c.d.e.f."
! 501: "ip6.arpa.");
! 502:
! 503: /* Set s1 to make sure we gate into updates. */
! 504: s1 = 1;
! 505: } else {
! 506: log_fatal("invalid address length %d", addr.len);
! 507: /* Silence compiler warnings. */
! 508: return 0;
! 509: }
! 510:
! 511: /* See if we are configured NOT to do reverse ptr updates */
! 512: if ((oc = lookup_option(&server_universe, options,
! 513: SV_DO_REVERSE_UPDATES)) &&
! 514: !evaluate_boolean_option_cache(&ignorep, packet, lease, NULL,
! 515: packet->options, options,
! 516: scope, oc, MDL)) {
! 517: server_updates_ptr = 0;
! 518: }
! 519:
! 520: if (s1) {
! 521: buffer_allocate(&ddns_rev_name.buffer, rev_name_len, MDL);
! 522: if (ddns_rev_name.buffer != NULL) {
! 523: ddns_rev_name.data = ddns_rev_name.buffer->data;
! 524:
! 525: if (addr.len == 4) {
! 526: ddns_rev_name.len =
! 527: sprintf((char *)ddns_rev_name.buffer->data,
! 528: "%u.%u.%u.%u.",
! 529: addr.iabuf[3] & 0xff,
! 530: addr.iabuf[2] & 0xff,
! 531: addr.iabuf[1] & 0xff,
! 532: addr.iabuf[0] & 0xff);
! 533:
! 534: /*
! 535: * d1.data may be opaque, garbage bytes, from
! 536: * user (mis)configuration.
! 537: */
! 538: data_string_append(&ddns_rev_name, &d1);
! 539: ddns_rev_name.buffer->data[ddns_rev_name.len] =
! 540: '\0';
! 541: } else if (addr.len == 16) {
! 542: char *p = (char *)&ddns_rev_name.buffer->data;
! 543: unsigned char *a = addr.iabuf + 15;
! 544: for (i=0; i<16; i++) {
! 545: sprintf(p, "%x.%x.",
! 546: (*a & 0xF), ((*a >> 4) & 0xF));
! 547: p += 4;
! 548: a -= 1;
! 549: }
! 550: strcat(p, "ip6.arpa.");
! 551: ddns_rev_name.len =
! 552: strlen((const char *)ddns_rev_name.data);
! 553: }
! 554:
! 555: ddns_rev_name.terminated = 1;
! 556: }
! 557:
! 558: if (d1.data != NULL)
! 559: data_string_forget(&d1, MDL);
! 560: }
! 561:
! 562: /*
! 563: * If we are updating the A record, compute the DHCID value.
! 564: */
! 565: if (server_updates_a) {
! 566: memset (&ddns_dhcid, 0, sizeof ddns_dhcid);
! 567: if (lease6 != NULL)
! 568: result = get_dhcid(&ddns_dhcid, 2,
! 569: lease6->ia->iaid_duid.data,
! 570: lease6->ia->iaid_duid.len);
! 571: else if ((lease != NULL) && (lease->uid != NULL) &&
! 572: (lease->uid_len != 0))
! 573: result = get_dhcid (&ddns_dhcid,
! 574: DHO_DHCP_CLIENT_IDENTIFIER,
! 575: lease -> uid, lease -> uid_len);
! 576: else if (lease != NULL)
! 577: result = get_dhcid (&ddns_dhcid, 0,
! 578: lease -> hardware_addr.hbuf,
! 579: lease -> hardware_addr.hlen);
! 580: else
! 581: log_fatal("Impossible condition at %s:%d.", MDL);
! 582:
! 583: if (!result)
! 584: goto badfqdn;
! 585: }
! 586:
! 587: /*
! 588: * Start the resolver, if necessary.
! 589: */
! 590: if (!resolver_inited) {
! 591: minires_ninit (&resolver_state);
! 592: resolver_inited = 1;
! 593: resolver_state.retrans = 1;
! 594: resolver_state.retry = 1;
! 595: }
! 596:
! 597: /*
! 598: * Perform updates.
! 599: */
! 600: if (ddns_fwd_name.len && ddns_dhcid.len) {
! 601: unsigned conflict;
! 602:
! 603: oc = lookup_option(&server_universe, options,
! 604: SV_DDNS_CONFLICT_DETECT);
! 605: if (!oc ||
! 606: evaluate_boolean_option_cache(&ignorep, packet, lease,
! 607: NULL, packet->options,
! 608: options, scope, oc, MDL))
! 609: conflict = 1;
! 610: else
! 611: conflict = 0;
! 612:
! 613: rcode1 = ddns_update_fwd(&ddns_fwd_name, addr, &ddns_dhcid,
! 614: ddns_ttl, 0, conflict);
! 615: }
! 616:
! 617: if (rcode1 == ISC_R_SUCCESS && server_updates_ptr) {
! 618: if (ddns_fwd_name.len && ddns_rev_name.len)
! 619: rcode2 = ddns_update_ptr (&ddns_fwd_name,
! 620: &ddns_rev_name, ddns_ttl);
! 621: } else
! 622: rcode2 = rcode1;
! 623:
! 624: if (rcode1 == ISC_R_SUCCESS &&
! 625: (server_updates_a || rcode2 == ISC_R_SUCCESS)) {
! 626: bind_ds_value(scope, server_updates_a ? "ddns-fwd-name"
! 627: : "ddns-client-fqdn",
! 628: &ddns_fwd_name);
! 629: if (server_updates_a)
! 630: bind_ds_value(scope, "ddns-txt", &ddns_dhcid);
! 631: }
! 632:
! 633: if (rcode2 == ISC_R_SUCCESS && server_updates_ptr) {
! 634: bind_ds_value(scope, "ddns-rev-name", &ddns_rev_name);
! 635: }
! 636:
! 637: noerror:
! 638: /*
! 639: * If fqdn-reply option is disabled in dhcpd.conf, then don't
! 640: * send the client an FQDN option at all, even if one was requested.
! 641: * (WinXP clients allegedly misbehave if the option is present,
! 642: * refusing to handle PTR updates themselves).
! 643: */
! 644: if ((oc = lookup_option (&server_universe, options, SV_FQDN_REPLY)) &&
! 645: !evaluate_boolean_option_cache(&ignorep, packet, lease, NULL,
! 646: packet->options, options,
! 647: scope, oc, MDL)) {
! 648: goto badfqdn;
! 649:
! 650: /* If we're ignoring client updates, then we tell a sort of 'white
! 651: * lie'. We've already updated the name the server wants (per the
! 652: * config written by the server admin). Now let the client do as
! 653: * it pleases with the name they supplied (if any).
! 654: *
! 655: * We only form an FQDN option this way if the client supplied an
! 656: * FQDN option that had FQDN_SERVER_UPDATE set false.
! 657: */
! 658: } else if (client_ignorep &&
! 659: (oc = lookup_option(&fqdn_universe, packet->options,
! 660: FQDN_SERVER_UPDATE)) &&
! 661: !evaluate_boolean_option_cache(&ignorep, packet, lease, NULL,
! 662: packet->options, options,
! 663: scope, oc, MDL)) {
! 664: oc = lookup_option(&fqdn_universe, packet->options, FQDN_FQDN);
! 665: if (oc && evaluate_option_cache(&d1, packet, lease, NULL,
! 666: packet->options, options,
! 667: scope, oc, MDL)) {
! 668: if (d1.len == 0 ||
! 669: !buffer_allocate(&bp, d1.len + 5, MDL))
! 670: goto badfqdn;
! 671:
! 672: /* Server pretends it is not updating. */
! 673: bp->data[0] = 0;
! 674: if (!save_option_buffer(&fqdn_universe, options,
! 675: bp, &bp->data[0], 1,
! 676: FQDN_SERVER_UPDATE, 0))
! 677: goto badfqdn;
! 678:
! 679: /* Client is encouraged to update. */
! 680: bp->data[1] = 0;
! 681: if (!save_option_buffer(&fqdn_universe, options,
! 682: bp, &bp->data[1], 1,
! 683: FQDN_NO_CLIENT_UPDATE, 0))
! 684: goto badfqdn;
! 685:
! 686: /* Use the encoding of client's FQDN option. */
! 687: oc = lookup_option(&fqdn_universe, packet->options,
! 688: FQDN_ENCODED);
! 689: if (oc &&
! 690: evaluate_boolean_option_cache(&ignorep, packet,
! 691: lease, NULL,
! 692: packet->options,
! 693: options, scope,
! 694: oc, MDL))
! 695: bp->data[2] = 1; /* FQDN is encoded. */
! 696: else
! 697: bp->data[2] = 0; /* FQDN is not encoded. */
! 698:
! 699: if (!save_option_buffer(&fqdn_universe, options,
! 700: bp, &bp->data[2], 1,
! 701: FQDN_ENCODED, 0))
! 702: goto badfqdn;
! 703:
! 704: /* Current FQDN drafts indicate 255 is mandatory. */
! 705: bp->data[3] = 255;
! 706: if (!save_option_buffer(&fqdn_universe, options,
! 707: bp, &bp->data[3], 1,
! 708: FQDN_RCODE1, 0))
! 709: goto badfqdn;
! 710:
! 711: bp->data[4] = 255;
! 712: if (!save_option_buffer(&fqdn_universe, options,
! 713: bp, &bp->data[4], 1,
! 714: FQDN_RCODE2, 0))
! 715: goto badfqdn;
! 716:
! 717: /* Copy in the FQDN supplied by the client. Note well
! 718: * that the format of this option in the cache is going
! 719: * to be in text format. If the fqdn supplied by the
! 720: * client is encoded, it is decoded into the option
! 721: * cache when parsed out of the packet. It will be
! 722: * re-encoded when the option is assembled to be
! 723: * transmitted if the client elects that encoding.
! 724: */
! 725: memcpy(&bp->data[5], d1.data, d1.len);
! 726: if (!save_option_buffer(&fqdn_universe, options,
! 727: bp, &bp->data[5], d1.len,
! 728: FQDN_FQDN, 0))
! 729: goto badfqdn;
! 730:
! 731: data_string_forget(&d1, MDL);
! 732: }
! 733: /* Set up the outgoing FQDN option if there was an incoming
! 734: * FQDN option. If there's a valid FQDN option, there MUST
! 735: * be an FQDN_SERVER_UPDATES suboption, it's part of the fixed
! 736: * length head of the option contents, so we test the latter
! 737: * to detect the presence of the former.
! 738: */
! 739: } else if ((oc = lookup_option(&fqdn_universe, packet->options,
! 740: FQDN_ENCODED)) &&
! 741: buffer_allocate(&bp, ddns_fwd_name.len + 5, MDL)) {
! 742: bp -> data [0] = server_updates_a;
! 743: if (!save_option_buffer(&fqdn_universe, options,
! 744: bp, &bp->data [0], 1,
! 745: FQDN_SERVER_UPDATE, 0))
! 746: goto badfqdn;
! 747: bp -> data [1] = server_updates_a;
! 748: if (!save_option_buffer(&fqdn_universe, options,
! 749: bp, &bp->data [1], 1,
! 750: FQDN_NO_CLIENT_UPDATE, 0))
! 751: goto badfqdn;
! 752:
! 753: /* Do the same encoding the client did. */
! 754: if (evaluate_boolean_option_cache(&ignorep, packet, lease,
! 755: NULL, packet->options,
! 756: options, scope, oc, MDL))
! 757: bp -> data [2] = 1;
! 758: else
! 759: bp -> data [2] = 0;
! 760: if (!save_option_buffer(&fqdn_universe, options,
! 761: bp, &bp->data [2], 1,
! 762: FQDN_ENCODED, 0))
! 763: goto badfqdn;
! 764: bp -> data [3] = isc_rcode_to_ns (rcode1);
! 765: if (!save_option_buffer(&fqdn_universe, options,
! 766: bp, &bp->data [3], 1,
! 767: FQDN_RCODE1, 0))
! 768: goto badfqdn;
! 769: bp -> data [4] = isc_rcode_to_ns (rcode2);
! 770: if (!save_option_buffer(&fqdn_universe, options,
! 771: bp, &bp->data [4], 1,
! 772: FQDN_RCODE2, 0))
! 773: goto badfqdn;
! 774: if (ddns_fwd_name.len) {
! 775: memcpy (&bp -> data [5],
! 776: ddns_fwd_name.data, ddns_fwd_name.len);
! 777: if (!save_option_buffer(&fqdn_universe, options,
! 778: bp, &bp->data [5],
! 779: ddns_fwd_name.len,
! 780: FQDN_FQDN, 0))
! 781: goto badfqdn;
! 782: }
! 783: }
! 784:
! 785: badfqdn:
! 786: out:
! 787: /*
! 788: * Final cleanup.
! 789: */
! 790: data_string_forget(&d1, MDL);
! 791: data_string_forget(&ddns_hostname, MDL);
! 792: data_string_forget(&ddns_domainname, MDL);
! 793: data_string_forget(&old_ddns_fwd_name, MDL);
! 794: data_string_forget(&ddns_fwd_name, MDL);
! 795: data_string_forget(&ddns_rev_name, MDL);
! 796: data_string_forget(&ddns_dhcid, MDL);
! 797: if (bp)
! 798: buffer_dereference(&bp, MDL);
! 799:
! 800: return result;
! 801: }
! 802:
! 803: /* Remove relevant entries from DNS. */
! 804: int
! 805: ddns_removals(struct lease *lease, struct iasubopt *lease6)
! 806: {
! 807: struct data_string ddns_fwd_name;
! 808: struct data_string ddns_rev_name;
! 809: struct data_string ddns_dhcid;
! 810: isc_result_t rcode;
! 811: struct binding_scope **scope;
! 812: struct iaddr addr;
! 813: int result = 0;
! 814: int client_updated = 0;
! 815:
! 816: if (lease != NULL) {
! 817: scope = &(lease->scope);
! 818: addr = lease->ip_addr;
! 819: } else if (lease6 != NULL) {
! 820: scope = &(lease6->scope);
! 821: memcpy(addr.iabuf, lease6->addr.s6_addr, 16);
! 822: addr.len = 16;
! 823: } else
! 824: return 0;
! 825:
! 826: /* No scope implies that DDNS has not been performed for this lease. */
! 827: if (*scope == NULL)
! 828: return 0;
! 829:
! 830: if (ddns_update_style != 2)
! 831: return 0;
! 832:
! 833: /*
! 834: * Look up stored names.
! 835: */
! 836: memset (&ddns_fwd_name, 0, sizeof (ddns_fwd_name));
! 837: memset (&ddns_rev_name, 0, sizeof (ddns_rev_name));
! 838: memset (&ddns_dhcid, 0, sizeof (ddns_dhcid));
! 839:
! 840: /*
! 841: * Start the resolver, if necessary.
! 842: */
! 843: if (!resolver_inited) {
! 844: minires_ninit (&resolver_state);
! 845: resolver_inited = 1;
! 846: resolver_state.retrans = 1;
! 847: resolver_state.retry = 1;
! 848: }
! 849:
! 850: /* We need the fwd name whether we are deleting both records or just
! 851: the PTR record, so if it's not there, we can't proceed. */
! 852: if (!find_bound_string(&ddns_fwd_name, *scope, "ddns-fwd-name")) {
! 853: /* If there's no ddns-fwd-name, look for the client fqdn,
! 854: in case the client did the update. */
! 855: if (find_bound_string(&ddns_fwd_name, *scope,
! 856: "ddns-client-fqdn"))
! 857: client_updated = 1;
! 858: goto try_rev;
! 859: }
! 860:
! 861: /* If the ddns-txt binding isn't there, this isn't an interim
! 862: or rfc3??? record, so we can't delete the A record using
! 863: this mechanism, but we can delete the PTR record. */
! 864: if (!find_bound_string (&ddns_dhcid, *scope, "ddns-txt")) {
! 865: result = 1;
! 866: goto try_rev;
! 867: }
! 868:
! 869: /*
! 870: * Perform removals.
! 871: */
! 872: if (ddns_fwd_name.len)
! 873: rcode = ddns_remove_fwd(&ddns_fwd_name, addr, &ddns_dhcid);
! 874: else
! 875: rcode = ISC_R_SUCCESS;
! 876:
! 877: if (rcode == ISC_R_SUCCESS) {
! 878: result = 1;
! 879: unset(*scope, "ddns-fwd-name");
! 880: unset(*scope, "ddns-txt");
! 881: try_rev:
! 882: if (find_bound_string(&ddns_rev_name, *scope,
! 883: "ddns-rev-name")) {
! 884: if (ddns_remove_ptr(&ddns_rev_name) == ISC_R_SUCCESS) {
! 885: unset(*scope, "ddns-rev-name");
! 886: if (client_updated)
! 887: unset(*scope, "ddns-client-fqdn");
! 888: /* XXX this is to compensate for a bug in
! 889: XXX 3.0rc8, and should be removed before
! 890: XXX 3.0pl1. */
! 891: else if (!ddns_fwd_name.len)
! 892: unset(*scope, "ddns-text");
! 893: } else
! 894: result = 0;
! 895: }
! 896: }
! 897:
! 898: data_string_forget (&ddns_fwd_name, MDL);
! 899: data_string_forget (&ddns_rev_name, MDL);
! 900: data_string_forget (&ddns_dhcid, MDL);
! 901:
! 902: return result;
! 903: }
! 904:
! 905: #endif /* NSUPDATE */
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to ddns.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / dhcp / server