![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to auth.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / dnsmasq / src|
Return to auth.c CVS log | Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / dnsmasq / src |
1.1 misho 1: /* dnsmasq is Copyright (c) 2000-2013 Simon Kelley
2:
3: This program is free software; you can redistribute it and/or modify
4: it under the terms of the GNU General Public License as published by
5: the Free Software Foundation; version 2 dated June, 1991, or
6: (at your option) version 3 dated 29 June, 2007.
7:
8: This program is distributed in the hope that it will be useful,
9: but WITHOUT ANY WARRANTY; without even the implied warranty of
10: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11: GNU General Public License for more details.
12:
13: You should have received a copy of the GNU General Public License
14: along with this program. If not, see <http://www.gnu.org/licenses/>.
15: */
16:
17: #include "dnsmasq.h"
18:
19: #ifdef HAVE_AUTH
20:
21: static struct subnet *filter_zone(struct auth_zone *zone, int flag, struct all_addr *addr_u)
22: {
23: struct subnet *subnet;
24:
25: for (subnet = zone->subnet; subnet; subnet = subnet->next)
26: {
27: if (subnet->is6 && (flag & F_IPV4))
28: continue;
29:
30: if (!subnet->is6)
31: {
32: struct in_addr addr = addr_u->addr.addr4;
33: struct in_addr mask;
34:
35: mask.s_addr = htonl(~((1 << (32 - subnet->prefixlen)) - 1));
36:
37: if (is_same_net(addr, subnet->addr4, mask))
38: return subnet;
39: }
40: #ifdef HAVE_IPV6
41: else if (is_same_net6(&(addr_u->addr.addr6), &subnet->addr6, subnet->prefixlen))
42: return subnet;
43: #endif
44:
45: }
46: return NULL;
47: }
48:
49: static int filter_constructed_dhcp(struct auth_zone *zone, int flag, struct all_addr *addr_u)
50: {
51: #ifdef HAVE_DHCP6
52: struct dhcp_context *context;
53:
54: if (flag & F_IPV6)
55: for (context = daemon->dhcp6; context; context = context->next)
56: if ((context->flags & CONTEXT_CONSTRUCTED) &&
57: is_same_net6(&(addr_u->addr.addr6), &context->start6, context->prefix))
58: return 1;
59: #endif
60:
61: return filter_zone(zone, flag, addr_u) != NULL;
62: }
63:
64: static int in_zone(struct auth_zone *zone, char *name, char **cut)
65: {
66: size_t namelen = strlen(name);
67: size_t domainlen = strlen(zone->domain);
68:
69: if (cut)
70: *cut = NULL;
71:
72: if (namelen >= domainlen &&
73: hostname_isequal(zone->domain, &name[namelen - domainlen]))
74: {
75:
76: if (namelen == domainlen)
77: return 1;
78:
79: if (name[namelen - domainlen - 1] == '.')
80: {
81: if (cut)
82: *cut = &name[namelen - domainlen - 1];
83: return 1;
84: }
85: }
86:
87: return 0;
88: }
89:
90:
91: size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t now, union mysockaddr *peer_addr)
92: {
93: char *name = daemon->namebuff;
94: unsigned char *p, *ansp;
95: int qtype, qclass;
96: int nameoffset, axfroffset = 0;
97: int q, anscount = 0, authcount = 0;
98: struct crec *crecp;
99: int auth = 1, trunc = 0, nxdomain = 1, soa = 0, ns = 0, axfr = 0;
100: struct auth_zone *zone = NULL;
101: struct subnet *subnet = NULL;
102: char *cut;
103: struct mx_srv_record *rec, *move, **up;
104: struct txt_record *txt;
105: struct interface_name *intr;
106: struct naptr *na;
107: struct all_addr addr;
108: struct cname *a;
109:
110: if (ntohs(header->qdcount) == 0 || OPCODE(header) != QUERY )
111: return 0;
112:
113: /* determine end of question section (we put answers there) */
114: if (!(ansp = skip_questions(header, qlen)))
115: return 0; /* bad packet */
116:
117: /* now process each question, answers go in RRs after the question */
118: p = (unsigned char *)(header+1);
119:
120: for (q = ntohs(header->qdcount); q != 0; q--)
121: {
122: unsigned short flag = 0;
123: int found = 0;
124:
125: /* save pointer to name for copying into answers */
126: nameoffset = p - (unsigned char *)header;
127:
128: /* now extract name as .-concatenated string into name */
129: if (!extract_name(header, qlen, &p, name, 1, 4))
130: return 0; /* bad packet */
131:
132: GETSHORT(qtype, p);
133: GETSHORT(qclass, p);
134:
135: if (qclass != C_IN)
136: {
137: auth = 0;
138: continue;
139: }
140:
141: if (qtype == T_PTR)
142: {
143: if (!(flag = in_arpa_name_2_addr(name, &addr)))
144: continue;
145:
146: for (zone = daemon->auth_zones; zone; zone = zone->next)
147: if ((subnet = filter_zone(zone, flag, &addr)))
148: break;
149:
150: if (!zone)
151: {
152: auth = 0;
153: continue;
154: }
155:
156: if (flag == F_IPV4)
157: {
158: for (intr = daemon->int_names; intr; intr = intr->next)
159: {
160: if (addr.addr.addr4.s_addr == get_ifaddr(intr->intr).s_addr)
161: break;
162: else
163: while (intr->next && strcmp(intr->intr, intr->next->intr) == 0)
164: intr = intr->next;
165: }
166:
167: if (intr)
168: {
169: if (in_zone(zone, intr->name, NULL))
170: {
171: found = 1;
172: log_query(F_IPV4 | F_REVERSE | F_CONFIG, intr->name, &addr, NULL);
173: if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
174: daemon->auth_ttl, NULL,
175: T_PTR, C_IN, "d", intr->name))
176: anscount++;
177: }
178: }
179: }
180:
181: if ((crecp = cache_find_by_addr(NULL, &addr, now, flag)))
182: do {
183: strcpy(name, cache_get_name(crecp));
184:
185: if (crecp->flags & F_DHCP && !option_bool(OPT_DHCP_FQDN))
186: {
187: char *p = strchr(name, '.');
188: if (p)
189: *p = 0; /* must be bare name */
190:
191: /* add external domain */
192: strcat(name, ".");
193: strcat(name, zone->domain);
194: log_query(flag | F_DHCP | F_REVERSE, name, &addr, record_source(crecp->uid));
195: found = 1;
196: if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
197: daemon->auth_ttl, NULL,
198: T_PTR, C_IN, "d", name))
199: anscount++;
200: }
201: else if (crecp->flags & (F_DHCP | F_HOSTS) && in_zone(zone, name, NULL))
202: {
203: log_query(crecp->flags & ~F_FORWARD, name, &addr, record_source(crecp->uid));
204: found = 1;
205: if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
206: daemon->auth_ttl, NULL,
207: T_PTR, C_IN, "d", name))
208: anscount++;
209: }
210: else
211: continue;
212:
213: } while ((crecp = cache_find_by_addr(crecp, &addr, now, flag)));
214:
215: if (!found)
216: log_query(flag | F_NEG | F_NXDOMAIN | F_REVERSE | F_AUTH, NULL, &addr, NULL);
217:
218: continue;
219: }
220:
221: cname_restart:
222: for (zone = daemon->auth_zones; zone; zone = zone->next)
223: if (in_zone(zone, name, &cut))
224: break;
225:
226: if (!zone)
227: {
228: auth = 0;
229: continue;
230: }
231:
232: for (rec = daemon->mxnames; rec; rec = rec->next)
233: if (!rec->issrv && hostname_isequal(name, rec->name))
234: {
235: nxdomain = 0;
236:
237: if (qtype == T_MX)
238: {
239: found = 1;
240: log_query(F_CONFIG | F_RRNAME, name, NULL, "<MX>");
241: if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->auth_ttl,
242: NULL, T_MX, C_IN, "sd", rec->weight, rec->target))
243: anscount++;
244: }
245: }
246:
247: for (move = NULL, up = &daemon->mxnames, rec = daemon->mxnames; rec; rec = rec->next)
248: if (rec->issrv && hostname_isequal(name, rec->name))
249: {
250: nxdomain = 0;
251:
252: if (qtype == T_SRV)
253: {
254: found = 1;
255: log_query(F_CONFIG | F_RRNAME, name, NULL, "<SRV>");
256: if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->auth_ttl,
257: NULL, T_SRV, C_IN, "sssd",
258: rec->priority, rec->weight, rec->srvport, rec->target))
259:
260: anscount++;
261: }
262:
263: /* unlink first SRV record found */
264: if (!move)
265: {
266: move = rec;
267: *up = rec->next;
268: }
269: else
270: up = &rec->next;
271: }
272: else
273: up = &rec->next;
274:
275: /* put first SRV record back at the end. */
276: if (move)
277: {
278: *up = move;
279: move->next = NULL;
280: }
281:
282: for (txt = daemon->rr; txt; txt = txt->next)
283: if (hostname_isequal(name, txt->name))
284: {
285: nxdomain = 0;
286: if (txt->class == qtype)
287: {
288: found = 1;
289: log_query(F_CONFIG | F_RRNAME, name, NULL, "<RR>");
290: if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->auth_ttl,
291: NULL, txt->class, C_IN, "t", txt->len, txt->txt))
292: anscount++;
293: }
294: }
295:
296: for (txt = daemon->txt; txt; txt = txt->next)
297: if (txt->class == C_IN && hostname_isequal(name, txt->name))
298: {
299: nxdomain = 0;
300: if (qtype == T_TXT)
301: {
302: found = 1;
303: log_query(F_CONFIG | F_RRNAME, name, NULL, "<TXT>");
304: if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->auth_ttl,
305: NULL, T_TXT, C_IN, "t", txt->len, txt->txt))
306: anscount++;
307: }
308: }
309:
310: for (na = daemon->naptr; na; na = na->next)
311: if (hostname_isequal(name, na->name))
312: {
313: nxdomain = 0;
314: if (qtype == T_NAPTR)
315: {
316: found = 1;
317: log_query(F_CONFIG | F_RRNAME, name, NULL, "<NAPTR>");
318: if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->auth_ttl,
319: NULL, T_NAPTR, C_IN, "sszzzd",
320: na->order, na->pref, na->flags, na->services, na->regexp, na->replace))
321: anscount++;
322: }
323: }
324:
325:
326: for (intr = daemon->int_names; intr; intr = intr->next)
327: if (hostname_isequal(name, intr->name))
328: {
329: nxdomain = 0;
330: if (qtype == T_A && (addr.addr.addr4 = get_ifaddr(intr->intr)).s_addr != (in_addr_t) -1)
331: {
332: found = 1;
333: log_query(F_FORWARD | F_CONFIG | F_IPV4, name, &addr, NULL);
334: if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
335: daemon->auth_ttl, NULL, T_A, C_IN, "4", &addr))
336: anscount++;
337: }
338: }
339:
340: for (a = daemon->cnames; a; a = a->next)
341: if (hostname_isequal(name, a->alias) )
342: {
343: log_query(F_CONFIG | F_CNAME, name, NULL, NULL);
344: strcpy(name, a->target);
345: if (!strchr(name, '.'))
346: {
347: strcat(name, ".");
348: strcat(name, zone->domain);
349: }
350: found = 1;
351: if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
352: daemon->auth_ttl, NULL,
353: T_CNAME, C_IN, "d", name))
354: anscount++;
355:
356: goto cname_restart;
357: }
358:
359: if (qtype == T_A)
360: flag = F_IPV4;
361:
362: #ifdef HAVE_IPV6
363: if (qtype == T_AAAA)
364: flag = F_IPV6;
365: #endif
366:
367: if (!cut)
368: {
369: nxdomain = 0;
370:
371: if (qtype == T_SOA)
372: {
373: soa = 1; /* inhibits auth section */
374: found = 1;
375: log_query(F_RRNAME | F_AUTH, zone->domain, NULL, "<SOA>");
376: }
377: else if (qtype == T_AXFR)
378: {
379: struct iname *peers;
380:
381: if (peer_addr->sa.sa_family == AF_INET)
382: peer_addr->in.sin_port = 0;
383: #ifdef HAVE_IPV6
384: else
385: peer_addr->in6.sin6_port = 0;
386: #endif
387:
388: for (peers = daemon->auth_peers; peers; peers = peers->next)
389: if (sockaddr_isequal(peer_addr, &peers->addr))
390: break;
391:
392: /* Refuse all AXFR unless --auth-sec-servers is set */
393: if ((!peers && daemon->auth_peers) || !daemon->secondary_forward_server)
394: {
395: if (peer_addr->sa.sa_family == AF_INET)
396: inet_ntop(AF_INET, &peer_addr->in.sin_addr, daemon->addrbuff, ADDRSTRLEN);
397: #ifdef HAVE_IPV6
398: else
399: inet_ntop(AF_INET6, &peer_addr->in6.sin6_addr, daemon->addrbuff, ADDRSTRLEN);
400: #endif
401:
402: my_syslog(LOG_WARNING, _("ignoring zone transfer request from %s"), daemon->addrbuff);
403: return 0;
404: }
405:
406: soa = 1; /* inhibits auth section */
407: ns = 1; /* ensure we include NS records! */
408: axfr = 1;
409: found = 1;
410: axfroffset = nameoffset;
411: log_query(F_RRNAME | F_AUTH, zone->domain, NULL, "<AXFR>");
412: }
413: else if (qtype == T_NS)
414: {
415: ns = 1; /* inhibits auth section */
416: found = 1;
417: log_query(F_RRNAME | F_AUTH, zone->domain, NULL, "<NS>");
418: }
419: }
420:
421: if (!option_bool(OPT_DHCP_FQDN) && cut)
422: {
423: *cut = 0; /* remove domain part */
424:
425: if (!strchr(name, '.') && (crecp = cache_find_by_name(NULL, name, now, F_IPV4 | F_IPV6)))
426: {
427: if (crecp->flags & F_DHCP)
428: do
429: {
430: nxdomain = 0;
431: if ((crecp->flags & flag) &&
432: (filter_constructed_dhcp(zone, flag, &(crecp->addr.addr))))
433: {
434: *cut = '.'; /* restore domain part */
435: log_query(crecp->flags, name, &crecp->addr.addr, record_source(crecp->uid));
436: *cut = 0; /* remove domain part */
437: found = 1;
438: if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
439: daemon->auth_ttl, NULL, qtype, C_IN,
440: qtype == T_A ? "4" : "6", &crecp->addr))
441: anscount++;
442: }
443: } while ((crecp = cache_find_by_name(crecp, name, now, F_IPV4 | F_IPV6)));
444: }
445:
446: *cut = '.'; /* restore domain part */
447: }
448:
449: if ((crecp = cache_find_by_name(NULL, name, now, F_IPV4 | F_IPV6)))
450: {
451: if ((crecp->flags & F_HOSTS) || (((crecp->flags & F_DHCP) && option_bool(OPT_DHCP_FQDN))))
452: do
453: {
454: nxdomain = 0;
455: if ((crecp->flags & flag) && filter_constructed_dhcp(zone, flag, &(crecp->addr.addr)))
456: {
457: log_query(crecp->flags, name, &crecp->addr.addr, record_source(crecp->uid));
458: found = 1;
459: if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
460: daemon->auth_ttl, NULL, qtype, C_IN,
461: qtype == T_A ? "4" : "6", &crecp->addr))
462: anscount++;
463: }
464: } while ((crecp = cache_find_by_name(crecp, name, now, F_IPV4 | F_IPV6)));
465: }
466:
467: if (!found)
468: log_query(flag | F_NEG | (nxdomain ? F_NXDOMAIN : 0) | F_FORWARD | F_AUTH, name, NULL, NULL);
469:
470: }
471:
472: /* Add auth section */
473: if (auth && zone)
474: {
475: char *authname;
476: int newoffset, offset = 0;
477:
478: if (!subnet)
479: authname = zone->domain;
480: else
481: {
482: /* handle NS and SOA for PTR records */
483:
484: authname = name;
485:
486: if (!subnet->is6)
487: {
488: in_addr_t a = ntohl(subnet->addr4.s_addr) >> 8;
489: char *p = name;
490:
491: if (subnet->prefixlen == 24)
492: p += sprintf(p, "%d.", a & 0xff);
493: a = a >> 8;
494: if (subnet->prefixlen != 8)
495: p += sprintf(p, "%d.", a & 0xff);
496: a = a >> 8;
497: p += sprintf(p, "%d.in-addr.arpa", a & 0xff);
498:
499: }
500: #ifdef HAVE_IPV6
501: else
502: {
503: char *p = name;
504: int i;
505:
506: for (i = subnet->prefixlen-1; i >= 0; i -= 4)
507: {
508: int dig = ((unsigned char *)&subnet->addr6)[i>>3];
509: p += sprintf(p, "%.1x.", (i>>2) & 1 ? dig & 15 : dig >> 4);
510: }
511: p += sprintf(p, "ip6.arpa");
512:
513: }
514: #endif
515: }
516:
517: /* handle NS and SOA in auth section or for explicit queries */
518: newoffset = ansp - (unsigned char *)header;
519: if (((anscount == 0 && !ns) || soa) &&
520: add_resource_record(header, limit, &trunc, 0, &ansp,
521: daemon->auth_ttl, NULL, T_SOA, C_IN, "ddlllll",
522: authname, daemon->authserver, daemon->hostmaster,
523: daemon->soa_sn, daemon->soa_refresh,
524: daemon->soa_retry, daemon->soa_expiry,
525: daemon->auth_ttl))
526: {
527: offset = newoffset;
528: if (soa)
529: anscount++;
530: else
531: authcount++;
532: }
533:
534: if (anscount != 0 || ns)
535: {
536: struct name_list *secondary;
537:
538: newoffset = ansp - (unsigned char *)header;
539: if (add_resource_record(header, limit, &trunc, -offset, &ansp,
540: daemon->auth_ttl, NULL, T_NS, C_IN, "d", offset == 0 ? authname : NULL, daemon->authserver))
541: {
542: if (offset == 0)
543: offset = newoffset;
544: if (ns)
545: anscount++;
546: else
547: authcount++;
548: }
549:
550: if (!subnet)
551: for (secondary = daemon->secondary_forward_server; secondary; secondary = secondary->next)
552: if (add_resource_record(header, limit, &trunc, offset, &ansp,
553: daemon->auth_ttl, NULL, T_NS, C_IN, "d", secondary->name))
554: {
555: if (ns)
556: anscount++;
557: else
558: authcount++;
559: }
560: }
561:
562: if (axfr)
563: {
564: for (rec = daemon->mxnames; rec; rec = rec->next)
565: if (in_zone(zone, rec->name, &cut))
566: {
567: if (cut)
568: *cut = 0;
569:
570: if (rec->issrv)
571: {
572: if (add_resource_record(header, limit, &trunc, -axfroffset, &ansp, daemon->auth_ttl,
573: NULL, T_SRV, C_IN, "sssd", cut ? rec->name : NULL,
574: rec->priority, rec->weight, rec->srvport, rec->target))
575:
576: anscount++;
577: }
578: else
579: {
580: if (add_resource_record(header, limit, &trunc, -axfroffset, &ansp, daemon->auth_ttl,
581: NULL, T_MX, C_IN, "sd", cut ? rec->name : NULL, rec->weight, rec->target))
582: anscount++;
583: }
584:
585: /* restore config data */
586: if (cut)
587: *cut = '.';
588: }
589:
590: for (txt = daemon->rr; txt; txt = txt->next)
591: if (in_zone(zone, txt->name, &cut))
592: {
593: if (cut)
594: *cut = 0;
595:
596: if (add_resource_record(header, limit, &trunc, -axfroffset, &ansp, daemon->auth_ttl,
597: NULL, txt->class, C_IN, "t", cut ? txt->name : NULL, txt->len, txt->txt))
598: anscount++;
599:
600: /* restore config data */
601: if (cut)
602: *cut = '.';
603: }
604:
605: for (txt = daemon->txt; txt; txt = txt->next)
606: if (txt->class == C_IN && in_zone(zone, txt->name, &cut))
607: {
608: if (cut)
609: *cut = 0;
610:
611: if (add_resource_record(header, limit, &trunc, -axfroffset, &ansp, daemon->auth_ttl,
612: NULL, T_TXT, C_IN, "t", cut ? txt->name : NULL, txt->len, txt->txt))
613: anscount++;
614:
615: /* restore config data */
616: if (cut)
617: *cut = '.';
618: }
619:
620: for (na = daemon->naptr; na; na = na->next)
621: if (in_zone(zone, na->name, &cut))
622: {
623: if (cut)
624: *cut = 0;
625:
626: if (add_resource_record(header, limit, &trunc, -axfroffset, &ansp, daemon->auth_ttl,
627: NULL, T_NAPTR, C_IN, "sszzzd", cut ? na->name : NULL,
628: na->order, na->pref, na->flags, na->services, na->regexp, na->replace))
629: anscount++;
630:
631: /* restore config data */
632: if (cut)
633: *cut = '.';
634: }
635:
636: for (intr = daemon->int_names; intr; intr = intr->next)
637: if (in_zone(zone, intr->name, &cut) && (addr.addr.addr4 = get_ifaddr(intr->intr)).s_addr != (in_addr_t) -1)
638: {
639: if (cut)
640: *cut = 0;
641:
642: if (add_resource_record(header, limit, &trunc, -axfroffset, &ansp,
643: daemon->auth_ttl, NULL, T_A, C_IN, "4", cut ? intr->name : NULL, &addr))
644: anscount++;
645:
646: /* restore config data */
647: if (cut)
648: *cut = '.';
649: }
650:
651: for (a = daemon->cnames; a; a = a->next)
652: if (in_zone(zone, a->alias, &cut))
653: {
654: strcpy(name, a->target);
655: if (!strchr(name, '.'))
656: {
657: strcat(name, ".");
658: strcat(name, zone->domain);
659: }
660:
661: if (cut)
662: *cut = 0;
663:
664: if (add_resource_record(header, limit, &trunc, -axfroffset, &ansp,
665: daemon->auth_ttl, NULL,
666: T_CNAME, C_IN, "d", cut ? a->alias : NULL, name))
667: anscount++;
668: }
669:
670: cache_enumerate(1);
671: while ((crecp = cache_enumerate(0)))
672: {
673: if ((crecp->flags & (F_IPV4 | F_IPV6)) &&
674: !(crecp->flags & (F_NEG | F_NXDOMAIN)) &&
675: (crecp->flags & F_FORWARD))
676: {
677: if ((crecp->flags & F_DHCP) && !option_bool(OPT_DHCP_FQDN))
678: {
679: char *cache_name = cache_get_name(crecp);
680: if (!strchr(cache_name, '.') && filter_constructed_dhcp(zone, (crecp->flags & (F_IPV6 | F_IPV4)), &(crecp->addr.addr)))
681: {
682: qtype = T_A;
683: #ifdef HAVE_IPV6
684: if (crecp->flags & F_IPV6)
685: qtype = T_AAAA;
686: #endif
687: if (add_resource_record(header, limit, &trunc, -axfroffset, &ansp,
688: daemon->auth_ttl, NULL, qtype, C_IN,
689: (crecp->flags & F_IPV4) ? "4" : "6", cache_name, &crecp->addr))
690: anscount++;
691: }
692: }
693:
694: if ((crecp->flags & F_HOSTS) || (((crecp->flags & F_DHCP) && option_bool(OPT_DHCP_FQDN))))
695: {
696: strcpy(name, cache_get_name(crecp));
697: if (in_zone(zone, name, &cut) && filter_constructed_dhcp(zone, (crecp->flags & (F_IPV6 | F_IPV4)), &(crecp->addr.addr)))
698: {
699: qtype = T_A;
700: #ifdef HAVE_IPV6
701: if (crecp->flags & F_IPV6)
702: qtype = T_AAAA;
703: #endif
704: if (cut)
705: *cut = 0;
706:
707: if (add_resource_record(header, limit, &trunc, -axfroffset, &ansp,
708: daemon->auth_ttl, NULL, qtype, C_IN,
709: (crecp->flags & F_IPV4) ? "4" : "6", cut ? name : NULL, &crecp->addr))
710: anscount++;
711: }
712: }
713: }
714: }
715:
716: /* repeat SOA as last record */
717: if (add_resource_record(header, limit, &trunc, axfroffset, &ansp,
718: daemon->auth_ttl, NULL, T_SOA, C_IN, "ddlllll",
719: daemon->authserver, daemon->hostmaster,
720: daemon->soa_sn, daemon->soa_refresh,
721: daemon->soa_retry, daemon->soa_expiry,
722: daemon->auth_ttl))
723: anscount++;
724:
725: }
726:
727: }
728:
729: /* done all questions, set up header and return length of result */
730: /* clear authoritative and truncated flags, set QR flag */
731: header->hb3 = (header->hb3 & ~(HB3_AA | HB3_TC)) | HB3_QR;
732: /* clear RA flag */
733: header->hb4 &= ~HB4_RA;
734:
735: /* authoritive */
736: if (auth)
737: header->hb3 |= HB3_AA;
738:
739: /* truncation */
740: if (trunc)
741: header->hb3 |= HB3_TC;
742:
743: if (anscount == 0 && auth && nxdomain)
744: SET_RCODE(header, NXDOMAIN);
745: else
746: SET_RCODE(header, NOERROR); /* no error */
747: header->ancount = htons(anscount);
748: header->nscount = htons(authcount);
749: header->arcount = htons(0);
750: return ansp - (unsigned char *)header;
751: }
752:
753: #endif
754:
755:
756: