Commit 95a393d1 authored by Vladimír Čunát's avatar Vladimír Čunát

Merge !367: roothints: load from zonefile

parents 16ae4d30 8fa8f214
......@@ -2,7 +2,7 @@ include config.mk
include platform.mk
# Targets
all: info lib daemon client modules
all: info lib daemon client modules etc
install: lib-install daemon-install client-install modules-install etc-install
check: all tests
clean: contrib-clean lib-clean daemon-clean client-clean modules-clean \
......
......@@ -17,6 +17,8 @@ Bugfixes
Improvements
------------
- policy.suffix: update the aho-corasick code (#200)
- root hints are now loaded from a zonefile; exposed as hints.root_file().
You can override the path by defining ROOTHINTS during compilation.
Knot Resolver 1.3.3 (2017-08-09)
......
......@@ -19,6 +19,7 @@ MANDIR ?= $(PREFIX)/share/man
INCLUDEDIR ?= $(PREFIX)/include
MODULEDIR ?= $(LIBDIR)/kdns_modules
ETCDIR ?= $(PREFIX)/etc/kresd
ROOTHINTS ?= $(ETCDIR)/root.hints
# Tools
CC ?= cc
......
......@@ -31,6 +31,7 @@ LUA_HAS_SETFUNCS := \
kresd_CFLAGS := -fPIE \
-Dlibknot_SONAME=\"$(libknot_SONAME)\" \
-Dlibzscanner_SONAME=\"$(libzscanner_SONAME)\" \
-DROOTHINTS=\"$(ROOTHINTS)\" \
-DLUA_HAS_SETFUNCS="$(LUA_HAS_SETFUNCS)"
kresd_DEPEND := $(libkres) $(contrib)
kresd_LIBS := $(libkres_TARGET) $(contrib_TARGET) $(libknot_LIBS) \
......
......@@ -319,6 +319,62 @@ static int l_trustanchor(lua_State *L)
lua_pushboolean(L, true);
return 1;
}
/** @internal for l_hints_root_file */
static void roothints_add(zs_scanner_t *zs)
{
struct kr_zonecut *hints = zs->process.data;
if (!hints) {
return;
}
if (zs->r_type == KNOT_RRTYPE_A || zs->r_type == KNOT_RRTYPE_AAAA) {
knot_rdata_t rdata[RDATA_ARR_MAX];
knot_rdata_init(rdata, zs->r_data_length, zs->r_data, zs->r_ttl);
kr_zonecut_add(hints, zs->r_owner, rdata);
}
}
/** Load root hints from zonefile. */
static int l_hint_root_file(lua_State *L)
{
struct engine *engine = engine_luaget(L);
struct kr_context *ctx = &engine->resolver;
const char *file = lua_tostring(L, 1);
const char *err = lua_hint_root_file(ctx, file);
if (err) {
lua_pushstring(L, err);
lua_error(L);
} else {
lua_pushboolean(L, true);
return 1;
}
}
const char* lua_hint_root_file(struct kr_context *ctx, const char *file)
{
if (!file) {
file = ROOTHINTS;
}
if (strlen(file) == 0 || !ctx) {
return "invalid parameters";
}
struct kr_zonecut *root_hints = &ctx->root_hints;
zs_scanner_t zs;
if (zs_init(&zs, ".", 1, 0) != 0) {
return "not enough memory";
}
if (zs_set_input_file(&zs, file) != 0) {
return "failed to open root hints file";
}
kr_zonecut_set(root_hints, (const uint8_t *)"");
zs_set_processing(&zs, roothints_add, NULL, root_hints);
zs_parse_all(&zs);
return NULL;
}
/** Unpack JSON object to table */
static void l_unpack_json(lua_State *L, JsonNode *table)
{
......@@ -575,6 +631,8 @@ static int init_state(struct engine *engine)
lua_setglobal(engine->L, "user");
lua_pushcfunction(engine->L, l_trustanchor);
lua_setglobal(engine->L, "trustanchor");
lua_pushcfunction(engine->L, l_hint_root_file);
lua_setglobal(engine->L, "_hint_root_file");
lua_pushliteral(engine->L, libknot_SONAME);
lua_setglobal(engine->L, "libknot_SONAME");
lua_pushliteral(engine->L, libzscanner_SONAME);
......
......@@ -101,3 +101,10 @@ int engine_set_hostname(struct engine *engine, const char *hostname);
/** Set/get the per engine moduledir */
char *engine_get_moduledir(struct engine *engine);
int engine_set_moduledir(struct engine *engine, const char *moduledir);
/** Load root hints from a zonefile (or config-time default if NULL).
*
* @return error message or NULL (statically allocated)
*/
const char* lua_hint_root_file(struct kr_context *ctx, const char *file);
......@@ -14,3 +14,7 @@ end
if not cache.current_size then
cache.size = 100 * MB
end
if kres.context().root_hints.nsset.root == nil then
_hint_root_file()
end
......@@ -2,9 +2,15 @@ etc_SOURCES := icann-ca.pem \
config.cluster \
config.isp \
config.personal \
config.splitview
config.splitview \
root.hints
etc-install: $(DESTDIR)$(ETCDIR)
$(INSTALL) -m 0640 $(addprefix etc/,$(etc_SOURCES)) $(DESTDIR)$(ETCDIR)
etc: etc/root.hints
etc/root.hints:
wget -O $@ https://www.internic.net/domain/named.root
.PHONY: etc-install
; This file holds the information on root name servers needed to
; initialize cache of Internet domain name servers
; (e.g. reference this file in the "cache . <file>"
; configuration file of BIND domain name servers).
;
; This file is made available by InterNIC
; under anonymous FTP as
; file /domain/named.cache
; on server FTP.INTERNIC.NET
; -OR- RS.INTERNIC.NET
;
; last update: August 29, 2017
; related version of root zone: 2017082901
;
; FORMERLY NS.INTERNIC.NET
;
. 3600000 NS A.ROOT-SERVERS.NET.
A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:ba3e::2:30
;
; FORMERLY NS1.ISI.EDU
;
. 3600000 NS B.ROOT-SERVERS.NET.
B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201
B.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:200::b
;
; FORMERLY C.PSI.NET
;
. 3600000 NS C.ROOT-SERVERS.NET.
C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12
C.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2::c
;
; FORMERLY TERP.UMD.EDU
;
. 3600000 NS D.ROOT-SERVERS.NET.
D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13
D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2d::d
;
; FORMERLY NS.NASA.GOV
;
. 3600000 NS E.ROOT-SERVERS.NET.
E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
E.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:a8::e
;
; FORMERLY NS.ISC.ORG
;
. 3600000 NS F.ROOT-SERVERS.NET.
F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241
F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2f::f
;
; FORMERLY NS.NIC.DDN.MIL
;
. 3600000 NS G.ROOT-SERVERS.NET.
G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
G.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:12::d0d
;
; FORMERLY AOS.ARL.ARMY.MIL
;
. 3600000 NS H.ROOT-SERVERS.NET.
H.ROOT-SERVERS.NET. 3600000 A 198.97.190.53
H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::53
;
; FORMERLY NIC.NORDU.NET
;
. 3600000 NS I.ROOT-SERVERS.NET.
I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17
I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fe::53
;
; OPERATED BY VERISIGN, INC.
;
. 3600000 NS J.ROOT-SERVERS.NET.
J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30
J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:c27::2:30
;
; OPERATED BY RIPE NCC
;
. 3600000 NS K.ROOT-SERVERS.NET.
K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129
K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fd::1
;
; OPERATED BY ICANN
;
. 3600000 NS L.ROOT-SERVERS.NET.
L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42
L.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:9f::42
;
; OPERATED BY WIDE
;
. 3600000 NS M.ROOT-SERVERS.NET.
M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33
M.ROOT-SERVERS.NET. 3600000 AAAA 2001:dc3::35
; End of file
\ No newline at end of file
......@@ -66,12 +66,6 @@ libkres_HEADERS += \
libkres_LIBS += $(nettle_LIBS)
endif
lib/zonecut.c: lib/root-hints.inc
lib/root-hints.inc:
@echo "WARNING: regenerating $@"
scripts/gen-root-hints.sh > $@
.DELETE_ON_ERROR: lib/root-hints.inc
# Make library
ifeq ($(BUILDMODE), static)
$(eval $(call make_static,libkres,lib,yes))
......
/* generated root hints */
#define HINT_a_A "\xc6\x29\x00\x04"
#define HINT_b_A "\xc0\xe4\x4f\xc9"
#define HINT_c_A "\xc0\x21\x04\x0c"
#define HINT_d_A "\xc7\x07\x5b\x0d"
#define HINT_e_A "\xc0\xcb\xe6\x0a"
#define HINT_f_A "\xc0\x05\x05\xf1"
#define HINT_g_A "\xc0\x70\x24\x04"
#define HINT_h_A "\xc6\x61\xbe\x35"
#define HINT_i_A "\xc0\x24\x94\x11"
#define HINT_j_A "\xc0\x3a\x80\x1e"
#define HINT_k_A "\xc1\x00\x0e\x81"
#define HINT_l_A "\xc7\x07\x53\x2a"
#define HINT_m_A "\xca\x0c\x1b\x21"
#define HINT_a_AAAA "\x20\x01\x05\x03\xba\x3e\x00\x00\x00\x00\x00\x00\x00\x02\x00\x30"
#define HINT_b_AAAA "\x20\x01\x05\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0b"
#define HINT_c_AAAA "\x20\x01\x05\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0c"
#define HINT_d_AAAA "\x20\x01\x05\x00\x00\x2d\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0d"
#define HINT_e_AAAA "\x20\x01\x05\x00\x00\xa8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0e"
#define HINT_f_AAAA "\x20\x01\x05\x00\x00\x2f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0f"
#define HINT_g_AAAA "\x20\x01\x05\x00\x00\x12\x00\x00\x00\x00\x00\x00\x00\x00\x0d\x0d"
#define HINT_h_AAAA "\x20\x01\x05\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x53"
#define HINT_i_AAAA "\x20\x01\x07\xfe\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x53"
#define HINT_j_AAAA "\x20\x01\x05\x03\x0c\x27\x00\x00\x00\x00\x00\x00\x00\x02\x00\x30"
#define HINT_k_AAAA "\x20\x01\x07\xfd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01"
#define HINT_l_AAAA "\x20\x01\x05\x00\x00\x9f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x42"
#define HINT_m_AAAA "\x20\x01\x0d\xc3\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x35"
......@@ -36,49 +36,6 @@ struct hint_info {
#define U8(x) (const uint8_t *)(x)
/* Initialize with SBELT name servers. */
#include "lib/root-hints.inc"
#define HINT_LEN_A sizeof(struct in_addr)
#define HINT_LEN_AAAA sizeof(struct in6_addr)
#define SBELT_LEN (sizeof(SBELT) / sizeof(SBELT[0]))
static const struct hint_info SBELT[] = {
#define HINT(name,type) { \
U8("\x01" #name "\x0c""root-servers""\x03""net"), \
HINT_LEN_##type, \
U8(HINT_##name##_##type), \
}
HINT(j, A),
HINT(k, A),
HINT(d, A),
HINT(e, A),
HINT(f, A),
HINT(g, A),
HINT(h, A),
HINT(i, A),
HINT(l, A),
HINT(m, A),
HINT(b, A),
HINT(c, A),
HINT(a, A),
HINT(a, AAAA),
HINT(b, AAAA),
HINT(c, AAAA),
HINT(d, AAAA),
HINT(e, AAAA),
HINT(f, AAAA),
HINT(g, AAAA),
HINT(h, AAAA),
HINT(i, AAAA),
HINT(j, AAAA),
HINT(k, AAAA),
HINT(l, AAAA),
HINT(m, AAAA),
#undef HINT
};
#undef HINT_LEN_A
#undef HINT_LEN_AAAA
static void update_cut_name(struct kr_zonecut *cut, const knot_dname_t *name)
{
if (knot_dname_is_equal(name, cut->name)) {
......@@ -309,16 +266,6 @@ int kr_zonecut_set_sbelt(struct kr_context *ctx, struct kr_zonecut *cut)
int ret = 0;
if (ctx->root_hints.nsset.root) {
ret = kr_zonecut_copy(cut, &ctx->root_hints);
} else {
/* Copy compiled-in root hints */
for (unsigned i = 0; i < SBELT_LEN; ++i) {
const struct hint_info *hint = &SBELT[i];
knot_rdata_init(rdata_arr, hint->len, hint->addr, 0);
ret = kr_zonecut_add(cut, hint->name, rdata_arr);
if (ret != 0) {
break;
}
}
}
return ret;
}
......
......@@ -79,6 +79,10 @@ Properties
.. tip:: If no parameters are passed, returns current root hints set.
.. function:: hints.root_file(path)
Replace current root hints from a zonefile. If the path is omitted, the compiled-in path is used, i.e. the root hints are reset to the default.
.. function:: hints.root(root_hints)
:param table root_hints: new set of root hints i.e. ``{['name'] = 'addr', ...}``
......
......@@ -565,6 +565,13 @@ static char* hint_root(void *env, struct kr_module *module, const char *args)
return pack_hints(root_hints);
}
static char* hint_root_file(void *env, struct kr_module *module, const char *args)
{
struct engine *engine = env;
struct kr_context *ctx = &engine->resolver;
return (char*)lua_hint_root_file(ctx, args);
}
/*
* Module implementation.
*/
......@@ -650,6 +657,7 @@ struct kr_prop *hints_props(void)
{ &hint_get, "get", "Retrieve hint for given name.", },
{ &hint_add_hosts, "add_hosts", "Load a file with hosts-like formatting and add contents into hints.", },
{ &hint_root, "root", "Replace root hints set (empty value to return current list).", },
{ &hint_root_file, "root_file", "Replace root hints set from a zonefile.", },
{ NULL, NULL, NULL }
};
return prop_list;
......
#!/bin/sh -e
echo "/* generated root hints */"
for atype in A AAAA; do
# address length when using \xNN escapes
if [ "$atype" = A ]; then
alen=16
elif [ "$atype" = AAAA ]; then
alen=64
else
exit 1
fi
for n in a b c d e f g h i j k l m; do
ip="$(kdig "$atype" "$n.root-servers.net." +dnssec +short)"
ip_hex="$("$(dirname "$0")"/inet_pton.py "$ip")"
[ "$(printf "%s" "$ip_hex" | wc -c)" = "$alen" ] || exit 1
echo "#define HINT_${n}_${atype} \"$ip_hex\""
done
done
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment