From 9f82dd096a47f5c8ce6f8158a2892a139083fc8a Mon Sep 17 00:00:00 2001 From: Vladimír Čunát Date: Wed, 29 May 2024 15:07:46 +0200 Subject: iterate: fix NSEC3 records missing from answer in an edge case When positive wildcard expansion happens, NSEC(3) records are needed to prove that the expansion was allowed. If the NSEC3 had too many iterations, we downgrade the answer to insecure status, but unintentionally we also dropped the NSEC3 record from the answer. That was breaking DNSSEC validation of that answer, e.g. when forwarding to Knot Resolver. The validator needs the NSEC3 - either to validate the expansion or to determine that it's too expensive. --- lib/layer/iterate.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/layer/iterate.c b/lib/layer/iterate.c index 5d16015e..656bc2d2 100644 --- a/lib/layer/iterate.c +++ b/lib/layer/iterate.c @@ -825,7 +825,10 @@ static int process_answer(knot_pkt_t *pkt, struct kr_request *req) } } else if (!query->parent) { /* Answer for initial query */ - const bool to_wire = ((pkt_class & (PKT_NXDOMAIN|PKT_NODATA)) != 0); + const bool to_wire = ((pkt_class & (PKT_NXDOMAIN|PKT_NODATA)) != 0) + /* We need to cover the case of positive wildcard answer + * with over-limit NSEC3 iterations. */ + || query->flags.DNSSEC_WEXPAND; state = pick_authority(pkt, req, to_wire); if (state != kr_ok()) { return KR_STATE_FAIL; -- cgit v1.2.3 From 824b1a52e6b1fd3850d5fc5060d578ae019c2e3a Mon Sep 17 00:00:00 2001 From: Vladimír Čunát Date: Mon, 11 Mar 2024 08:09:38 +0100 Subject: lib/rules kr_rules_init(): allow not overwriting the DB --- daemon/lua/kres-gen-30.lua | 2 +- daemon/lua/kres-gen-31.lua | 2 +- daemon/lua/kres-gen-32.lua | 2 +- lib/rules/api.c | 21 ++++++++------------- lib/rules/api.h | 10 ++++++---- lib/rules/impl.h | 2 +- 6 files changed, 18 insertions(+), 21 deletions(-) (limited to 'lib') diff --git a/daemon/lua/kres-gen-30.lua b/daemon/lua/kres-gen-30.lua index 36e3e405..56f7abb1 100644 --- a/daemon/lua/kres-gen-30.lua +++ b/daemon/lua/kres-gen-30.lua @@ -497,7 +497,7 @@ int kr_cache_remove(struct kr_cache *, const knot_dname_t *, uint16_t); int kr_cache_remove_subtree(struct kr_cache *, const knot_dname_t *, _Bool, int); int kr_cache_commit(struct kr_cache *); uint32_t packet_ttl(const knot_pkt_t *); -int kr_rules_init(const char *, size_t); +int kr_rules_init(const char *, size_t, _Bool); int kr_rules_commit(_Bool); int kr_view_insert_action(const char *, const char *, kr_proto_set, const char *); int kr_view_select_action(const struct kr_request *, knot_db_val_t *); diff --git a/daemon/lua/kres-gen-31.lua b/daemon/lua/kres-gen-31.lua index beeec867..1855c6d8 100644 --- a/daemon/lua/kres-gen-31.lua +++ b/daemon/lua/kres-gen-31.lua @@ -497,7 +497,7 @@ int kr_cache_remove(struct kr_cache *, const knot_dname_t *, uint16_t); int kr_cache_remove_subtree(struct kr_cache *, const knot_dname_t *, _Bool, int); int kr_cache_commit(struct kr_cache *); uint32_t packet_ttl(const knot_pkt_t *); -int kr_rules_init(const char *, size_t); +int kr_rules_init(const char *, size_t, _Bool); int kr_rules_commit(_Bool); int kr_view_insert_action(const char *, const char *, kr_proto_set, const char *); int kr_view_select_action(const struct kr_request *, knot_db_val_t *); diff --git a/daemon/lua/kres-gen-32.lua b/daemon/lua/kres-gen-32.lua index 9edee2de..9fe16981 100644 --- a/daemon/lua/kres-gen-32.lua +++ b/daemon/lua/kres-gen-32.lua @@ -498,7 +498,7 @@ int kr_cache_remove(struct kr_cache *, const knot_dname_t *, uint16_t); int kr_cache_remove_subtree(struct kr_cache *, const knot_dname_t *, _Bool, int); int kr_cache_commit(struct kr_cache *); uint32_t packet_ttl(const knot_pkt_t *); -int kr_rules_init(const char *, size_t); +int kr_rules_init(const char *, size_t, _Bool); int kr_rules_commit(_Bool); int kr_view_insert_action(const char *, const char *, kr_proto_set, const char *); int kr_view_select_action(const struct kr_request *, knot_db_val_t *); diff --git a/lib/rules/api.c b/lib/rules/api.c index 8e908a7a..8d2c1028 100644 --- a/lib/rules/api.c +++ b/lib/rules/api.c @@ -141,9 +141,9 @@ int kr_rules_init_ensure(void) { if (the_rules) return kr_ok(); - return kr_rules_init(NULL, 0); + return kr_rules_init(NULL, 0, true); } -int kr_rules_init(const char *path, size_t maxsize) +int kr_rules_init(const char *path, size_t maxsize, bool overwrite) { if (the_rules) return kr_error(EINVAL); @@ -157,22 +157,17 @@ int kr_rules_init(const char *path, size_t maxsize) // FIXME: the file will be sparse, but we still need to choose its size somehow. // Later we might improve it to auto-resize in case of running out of space. // Caveat: mdb_env_set_mapsize() can only be called without transactions open. - .maxsize = maxsize ? maxsize : - (size_t)(sizeof(size_t) > 4 ? 2048 : 500) * 1024*1024, + .maxsize = !overwrite ? 0 : + (maxsize ? maxsize : (size_t)(sizeof(size_t) > 4 ? 2048 : 500) * 1024*1024), }; int ret = the_rules->api->open(&the_rules->db, &the_rules->stats, &opts, NULL); - /* No persistence - we always refill from config for now. - * LATER: - * - Make it include versioning? - * - "\0stamp" key when loading config(s)? - * - Don't clear ruleset data that doesn't come directly from config; - * and add marks for that, etc. - * (after there actually are any kinds of rules like that) - */ - if (ret == 0) ret = ruledb_op(clear); + + if (ret == 0 && overwrite) ret = ruledb_op(clear); if (ret != 0) goto failure; kr_require(the_rules->db); + if (!overwrite) return kr_ok(); // we assume that the caller ensured OK contents + ret = tag_names_default(); if (ret != 0) goto failure; diff --git a/lib/rules/api.h b/lib/rules/api.h index 1069ef4d..f7f3b466 100644 --- a/lib/rules/api.h +++ b/lib/rules/api.h @@ -19,11 +19,13 @@ typedef uint64_t kr_rule_tags_t; /** Open the rule DB. * - * You can call this to override the path or size (NULL/0 -> default). - * Not allowed if already open (EINVAL), so this optional call has to come - * before writing anything into the DB. */ + * You can call this to override the path or size (NULL/0 -> default) + * or choose not to overwrite the DB with just the defaults. + * + * \return error code. Not allowed if already open (EINVAL), + * so this optional call has to come before writing anything into the DB. */ KR_EXPORT -int kr_rules_init(const char *path, size_t maxsize); +int kr_rules_init(const char *path, size_t maxsize, bool overwrite); /** kr_rules_init() but OK if already open, and not allowing to override defaults. */ KR_EXPORT int kr_rules_init_ensure(void); diff --git a/lib/rules/impl.h b/lib/rules/impl.h index 0d7de513..1a2ee4dd 100644 --- a/lib/rules/impl.h +++ b/lib/rules/impl.h @@ -20,7 +20,7 @@ extern struct kr_rules *the_rules; #define ENSURE_the_rules \ if (!the_rules) { \ - int ret = kr_rules_init(NULL, 0); \ + int ret = kr_rules_init(NULL, 0, true); \ if (ret) return ret; \ } -- cgit v1.2.3 From dfa29bfe8b6e11868c3ad5d2a4d9ecaf210f2be7 Mon Sep 17 00:00:00 2001 From: Vladimír Čunát Date: Tue, 14 May 2024 11:03:59 +0200 Subject: lib/rules: tweak how the read-only transactions work Let's avoid reloading the RO transaction unless necessary. For example, when normal config reload happens (one kresd at a time), we most likely do *not* want to reload the rule DB prematurely. --- daemon/lua/kres-gen-30.lua | 1 + daemon/lua/kres-gen-31.lua | 1 + daemon/lua/kres-gen-32.lua | 1 + daemon/lua/kres-gen.sh | 1 + lib/cache/api.c | 2 +- lib/cache/cdb_api.h | 5 +++-- lib/cache/cdb_lmdb.c | 28 ++++++++++++++-------------- lib/rules/api.c | 8 +++++++- lib/rules/api.h | 12 ++++++++++++ lib/selection.c | 2 +- 10 files changed, 42 insertions(+), 19 deletions(-) (limited to 'lib') diff --git a/daemon/lua/kres-gen-30.lua b/daemon/lua/kres-gen-30.lua index 56f7abb1..565812aa 100644 --- a/daemon/lua/kres-gen-30.lua +++ b/daemon/lua/kres-gen-30.lua @@ -499,6 +499,7 @@ int kr_cache_commit(struct kr_cache *); uint32_t packet_ttl(const knot_pkt_t *); int kr_rules_init(const char *, size_t, _Bool); int kr_rules_commit(_Bool); +int kr_rules_reset(void); int kr_view_insert_action(const char *, const char *, kr_proto_set, const char *); int kr_view_select_action(const struct kr_request *, knot_db_val_t *); int kr_rule_tag_add(const char *, kr_rule_tags_t *); diff --git a/daemon/lua/kres-gen-31.lua b/daemon/lua/kres-gen-31.lua index 1855c6d8..7b7274f3 100644 --- a/daemon/lua/kres-gen-31.lua +++ b/daemon/lua/kres-gen-31.lua @@ -499,6 +499,7 @@ int kr_cache_commit(struct kr_cache *); uint32_t packet_ttl(const knot_pkt_t *); int kr_rules_init(const char *, size_t, _Bool); int kr_rules_commit(_Bool); +int kr_rules_reset(void); int kr_view_insert_action(const char *, const char *, kr_proto_set, const char *); int kr_view_select_action(const struct kr_request *, knot_db_val_t *); int kr_rule_tag_add(const char *, kr_rule_tags_t *); diff --git a/daemon/lua/kres-gen-32.lua b/daemon/lua/kres-gen-32.lua index 9fe16981..c3bd0d9c 100644 --- a/daemon/lua/kres-gen-32.lua +++ b/daemon/lua/kres-gen-32.lua @@ -500,6 +500,7 @@ int kr_cache_commit(struct kr_cache *); uint32_t packet_ttl(const knot_pkt_t *); int kr_rules_init(const char *, size_t, _Bool); int kr_rules_commit(_Bool); +int kr_rules_reset(void); int kr_view_insert_action(const char *, const char *, kr_proto_set, const char *); int kr_view_select_action(const struct kr_request *, knot_db_val_t *); int kr_rule_tag_add(const char *, kr_rule_tags_t *); diff --git a/daemon/lua/kres-gen.sh b/daemon/lua/kres-gen.sh index 5039a723..8554a783 100755 --- a/daemon/lua/kres-gen.sh +++ b/daemon/lua/kres-gen.sh @@ -299,6 +299,7 @@ ${CDEFS} ${LIBKRES} functions <<-EOF # New policy kr_rules_init kr_rules_commit + kr_rules_reset kr_view_insert_action kr_view_select_action kr_rule_tag_add diff --git a/lib/cache/api.c b/lib/cache/api.c index 490f3d1c..0cd18534 100644 --- a/lib/cache/api.c +++ b/lib/cache/api.c @@ -175,7 +175,7 @@ int kr_cache_commit(struct kr_cache *cache) return kr_error(EINVAL); } if (cache->api->commit) { - return cache_op(cache, commit, true); + return cache_op(cache, commit, true, true); } return kr_ok(); } diff --git a/lib/cache/cdb_api.h b/lib/cache/cdb_api.h index bce8740f..23a795d5 100644 --- a/lib/cache/cdb_api.h +++ b/lib/cache/cdb_api.h @@ -58,10 +58,11 @@ struct kr_cdb_api { int (*clear)(kr_cdb_pt db, struct kr_cdb_stats *stat); /** Run after a row of operations to release transaction/lock if needed. - * \param accept true=commit / false=abort + * \param accept_rw whether the RW transaction should accept changes (commit vs. abort) + * \param reset_ro whether the RO transaction should be ended (newest data next time) * \return error code - accepting RW transactions can fail with LMDB. */ - int (*commit)(kr_cdb_pt db, struct kr_cdb_stats *stat, bool accept); + int (*commit)(kr_cdb_pt db, struct kr_cdb_stats *stat, bool accept_rw, bool reset_ro); /* Data access */ diff --git a/lib/cache/cdb_lmdb.c b/lib/cache/cdb_lmdb.c index 5351cd73..10611513 100644 --- a/lib/cache/cdb_lmdb.c +++ b/lib/cache/cdb_lmdb.c @@ -76,7 +76,7 @@ static inline kr_cdb_pt env2db(struct lmdb_env *env) return (kr_cdb_pt)env; } -static int cdb_commit(kr_cdb_pt db, struct kr_cdb_stats *stats, bool accept); +static int cdb_commit(kr_cdb_pt db, struct kr_cdb_stats *stats, bool accept_rw, bool reset_ro); static void txn_abort(struct lmdb_env *env); /** @brief Convert LMDB error code. */ @@ -114,7 +114,7 @@ static inline MDB_val val_knot2mdb(knot_db_val_t v) * It's much lighter than reopen_env(). */ static int refresh_mapsize(struct lmdb_env *env) { - int ret = cdb_commit(env2db(env), NULL, true); + int ret = cdb_commit(env2db(env), NULL, true, true); if (!ret) ret = lmdb_error(env, mdb_env_set_mapsize(env->env, 0)); if (ret) return ret; @@ -223,20 +223,20 @@ static int txn_get(struct lmdb_env *env, MDB_txn **txn, bool rdonly) return kr_ok(); } -static int cdb_commit(kr_cdb_pt db, struct kr_cdb_stats *stats, bool accept) +static int cdb_commit(kr_cdb_pt db, struct kr_cdb_stats *stats, bool accept_rw, bool reset_ro) { struct lmdb_env *env = db2env(db); - if (!accept) { - txn_abort(env); - return kr_ok(); - } int ret = kr_ok(); if (env->txn.rw) { - if (stats) stats->commit++; - ret = lmdb_error(env, mdb_txn_commit(env->txn.rw)); + if (accept_rw) { + if (stats) stats->commit++; + ret = lmdb_error(env, mdb_txn_commit(env->txn.rw)); + } else { + mdb_txn_abort(env->txn.rw); + } env->txn.rw = NULL; /* the transaction got freed even in case of errors */ - } else if (env->txn.ro && env->txn.ro_active) { + } else if (reset_ro && env->txn.ro && env->txn.ro_active) { mdb_txn_reset(env->txn.ro); env->txn.ro_active = false; env->txn.ro_curs_active = false; @@ -256,7 +256,7 @@ static int txn_curs_get(struct lmdb_env *env, MDB_cursor **curs, struct kr_cdb_s * At least for rules we don't do the auto-commit feature. */ if (env->txn.rw) { if (!env->is_cache) return kr_error(EINPROGRESS); - int ret = cdb_commit(env2db(env), stats, true); + int ret = cdb_commit(env2db(env), stats, true, false); if (ret) return ret; } MDB_txn *txn = NULL; @@ -312,7 +312,7 @@ static void cdb_close_env(struct lmdb_env *env, struct kr_cdb_stats *stats) /* Get rid of any transactions. */ txn_free_ro(env); - cdb_commit(env2db(env), stats, env->is_cache); + cdb_commit(env2db(env), stats, env->is_cache, true); mdb_env_sync(env->env, 1); stats->close++; @@ -574,7 +574,7 @@ static int cdb_clear(kr_cdb_pt db, struct kr_cdb_stats *stats) if (ret == kr_ok()) { ret = lmdb_error(env, mdb_drop(txn, env->dbi, 0)); if (ret == kr_ok() && env->is_cache) { - ret = cdb_commit(db, stats, true); + ret = cdb_commit(db, stats, true, true); } if (ret == kr_ok()) { return ret; @@ -588,7 +588,7 @@ static int cdb_clear(kr_cdb_pt db, struct kr_cdb_stats *stats) /* We are about to switch to a different file, so end all txns, to be sure. */ txn_free_ro(env); - (void) cdb_commit(db, stats, env->is_cache); + (void)cdb_commit(db, stats, env->is_cache, true); const char *path = NULL; int ret = mdb_env_get_path(env->env, &path); diff --git a/lib/rules/api.c b/lib/rules/api.c index 8d2c1028..9dc01a4f 100644 --- a/lib/rules/api.c +++ b/lib/rules/api.c @@ -200,7 +200,13 @@ void kr_rules_deinit(void) int kr_rules_commit(bool accept) { if (!the_rules) return kr_error(EINVAL); - return ruledb_op(commit, accept); + return ruledb_op(commit, accept, false); +} + +int kr_rules_reset(void) +{ + if (!the_rules) return kr_error(EINVAL); + return ruledb_op(commit, false, true); } static bool kr_rule_consume_tags(knot_db_val_t *val, const struct kr_request *req) diff --git a/lib/rules/api.h b/lib/rules/api.h index f7f3b466..f1737a19 100644 --- a/lib/rules/api.h +++ b/lib/rules/api.h @@ -38,10 +38,22 @@ void kr_rules_deinit(void); * Normally commit happens only on successfully loading a config file. * However, an advanced user may get in trouble e.g. if calling resolve() from there, * causing even an assertion failure. In that case they might want to commit explicitly. + * + * If only read-only transaction is open, this will NOT reset it to the newest data. */ KR_EXPORT int kr_rules_commit(bool accept); +/** Reset to the latest version of rules committed in the DB. + * + * Note that this is not always a good idea. For example, the `forward` rules + * now use data from both the DB and lua config, so reloading only the DB + * may lead to weird behavior in some cases. + * (Modifications will also do this, as you can only modify the latest DB.) + */ +KR_EXPORT +int kr_rules_reset(void); + /** Try answering the query from local data; WIP: otherwise determine data source overrides. * * \return kr_error() on errors, >0 if answered, 0 otherwise (also when forwarding) diff --git a/lib/selection.c b/lib/selection.c index 9cdd1a60..cdef1701 100644 --- a/lib/selection.c +++ b/lib/selection.c @@ -173,7 +173,7 @@ int put_rtt_state(const uint8_t *ip, size_t len, struct rtt_state state, .data = &state }; int ret = cache->api->write(db, stats, &key, &value, 1); - cache->api->commit(db, stats, true); + kr_cache_commit(cache); free(key.data); return ret; -- cgit v1.2.3 From 20d639b7b04b7212b852a903f1ee29e2ef589034 Mon Sep 17 00:00:00 2001 From: Vladimír Čunát Date: Tue, 18 Jun 2024 10:24:17 +0200 Subject: drop libknot 3.0.x support - Upstream last maintained 3.0.x in summer 2022. - Our packaging shouldn't be affected, neither the new one, nor OBS. - If someone updates resolver, it shouldn't be too hard to update libknot as well. - Maintenance on resolver side still needed effort for kres-gen-30.lua --- NEWS | 9 +- daemon/io.c | 11 +- daemon/lua/kres-gen-30.lua | 688 --------------------------------------------- daemon/lua/meson.build | 2 - daemon/session2.c | 4 +- daemon/worker.c | 17 +- daemon/zimport.c | 30 +- lib/defines.h | 5 - meson.build | 2 +- 9 files changed, 22 insertions(+), 746 deletions(-) delete mode 100644 daemon/lua/kres-gen-30.lua (limited to 'lib') diff --git a/NEWS b/NEWS index 01ecf0b2..fabf7b75 100644 --- a/NEWS +++ b/NEWS @@ -34,6 +34,8 @@ Incompatible changes the default behaviour as well. See the `relevant documentation section `_ for more. +- libknot 3.0.x support is dropped (!1558) + Upstream last maintained 3.0.x in spring 2022. Bugfixes -------- @@ -114,13 +116,18 @@ https://www.knot-resolver.cz/documentation/latest/upgrading-to-6.html 5.x branch longterm support ~~~~~~~~~~~~~~~~~~~~~~~~~~~ -Knot Resolver 5.7.4 (2024-06-dd) +Knot Resolver 5.7.4 (2024-0m-dd) ================================ Improvements ------------ - add the fresh DNSSEC root key "KSK-2024" already, Key ID 38696 (!1556) +Incompatible changes +-------------------- +- libknot 3.0.x support is dropped (!1558) + Upstream last maintained 3.0.x in spring 2022. + Knot Resolver 5.7.3 (2024-05-30) ================================ diff --git a/daemon/io.c b/daemon/io.c index 90c55e8c..7f91fa97 100644 --- a/daemon/io.c +++ b/daemon/io.c @@ -742,11 +742,7 @@ static void xdp_rx(uv_poll_t* handle, int status, int events) kr_require(xhd && xhd->session && xhd->socket); uint32_t rcvd; knot_xdp_msg_t msgs[XDP_RX_BATCH_SIZE]; - int ret = knot_xdp_recv(xhd->socket, msgs, XDP_RX_BATCH_SIZE, &rcvd - #if KNOT_VERSION_HEX >= 0x030100 - , NULL - #endif - ); + int ret = knot_xdp_recv(xhd->socket, msgs, XDP_RX_BATCH_SIZE, &rcvd, NULL); if (kr_fails_assert(ret == KNOT_EOK)) { /* ATM other error codes can only be returned when called incorrectly */ @@ -827,10 +823,7 @@ int io_listen_xdp(uv_loop_t *loop, struct endpoint *ep, const char *ifname) // This call is a libknot version hell, unfortunately. int ret = knot_xdp_init(&xhd->socket, ifname, ep->nic_queue, - #if KNOT_VERSION_HEX < 0x030100 - ep->port ? ep->port : KNOT_XDP_LISTEN_PORT_ALL, - KNOT_XDP_LOAD_BPF_MAYBE - #elif KNOT_VERSION_HEX < 0x030200 + #if KNOT_VERSION_HEX < 0x030200 ep->port ? ep->port : (KNOT_XDP_LISTEN_PORT_PASS | 0), KNOT_XDP_LOAD_BPF_MAYBE #else diff --git a/daemon/lua/kres-gen-30.lua b/daemon/lua/kres-gen-30.lua deleted file mode 100644 index 565812aa..00000000 --- a/daemon/lua/kres-gen-30.lua +++ /dev/null @@ -1,688 +0,0 @@ --- SPDX-License-Identifier: GPL-3.0-or-later - -local ffi = require('ffi') ---[[ This file is generated by ./kres-gen.sh ]] ffi.cdef[[ - -typedef @time_t@ time_t; -typedef @time_t@ __time_t; -typedef @time_t@ __suseconds_t; -struct timeval { - __time_t tv_sec; - __suseconds_t tv_usec; -}; - -typedef struct knot_dump_style knot_dump_style_t; -extern const knot_dump_style_t KR_DUMP_STYLE_DEFAULT; -struct kr_cdb_api {}; -struct lru {}; -typedef enum {KNOT_ANSWER, KNOT_AUTHORITY, KNOT_ADDITIONAL} knot_section_t; -typedef struct { - uint16_t pos; - uint16_t flags; - uint16_t compress_ptr[16]; -} knot_rrinfo_t; -typedef unsigned char knot_dname_t; -typedef struct { - uint16_t len; - uint8_t data[]; -} knot_rdata_t; -typedef struct { - uint16_t count; - uint32_t size; - knot_rdata_t *rdata; -} knot_rdataset_t; -typedef struct knot_db_val { - void *data; - size_t len; -} knot_db_val_t; - -typedef struct knot_mm { - void *ctx, *alloc, *free; -} knot_mm_t; - -typedef void *(*map_alloc_f)(void *, size_t); -typedef void (*map_free_f)(void *baton, void *ptr); -typedef void (*trace_log_f) (const struct kr_request *, const char *); -typedef void (*trace_callback_f)(struct kr_request *); -typedef uint8_t * (*alloc_wire_f)(struct kr_request *req, uint16_t *maxlen); -typedef bool (*addr_info_f)(struct sockaddr*); -typedef void (*zi_callback)(int state, void *param); -typedef struct { - knot_dname_t *_owner; - uint32_t _ttl; - uint16_t type; - uint16_t rclass; - knot_rdataset_t rrs; - void *additional; -} knot_rrset_t; - -struct kr_module; -typedef char *(kr_prop_cb)(void *, struct kr_module *, const char *); -typedef unsigned char knot_dname_storage_t[255]; -typedef struct knot_pkt knot_pkt_t; -typedef struct { - uint8_t *ptr[15]; -} knot_edns_options_t; -typedef struct { - knot_pkt_t *pkt; - uint16_t pos; - uint16_t count; -} knot_pktsection_t; -typedef struct knot_compr { - uint8_t *wire; - knot_rrinfo_t *rrinfo; - struct { - uint16_t pos; - uint8_t labels; - } suffix; -} knot_compr_t; -struct knot_pkt { - uint8_t *wire; - size_t size; - size_t max_size; - size_t parsed; - uint16_t reserved; - uint16_t qname_size; - uint16_t rrset_count; - uint16_t flags; - knot_rrset_t *opt_rr; - knot_rrset_t *tsig_rr; - knot_edns_options_t *edns_opts; - struct { - uint8_t *pos; - size_t len; - } tsig_wire; - knot_section_t current; - knot_pktsection_t sections[3]; - size_t rrset_allocd; - knot_rrinfo_t *rr_info; - knot_rrset_t *rr; - knot_mm_t mm; - knot_compr_t compr; -}; -typedef struct trie trie_t; -struct kr_qflags { - _Bool NO_MINIMIZE : 1; - _Bool NO_IPV6 : 1; - _Bool NO_IPV4 : 1; - _Bool TCP : 1; - _Bool NO_ANSWER : 1; - _Bool RESOLVED : 1; - _Bool AWAIT_IPV4 : 1; - _Bool AWAIT_IPV6 : 1; - _Bool AWAIT_CUT : 1; - _Bool NO_EDNS : 1; - _Bool CACHED : 1; - _Bool NO_CACHE : 1; - _Bool EXPIRING : 1; - _Bool ALLOW_LOCAL : 1; - _Bool DNSSEC_WANT : 1; - _Bool DNSSEC_BOGUS : 1; - _Bool DNSSEC_INSECURE : 1; - _Bool DNSSEC_CD : 1; - _Bool STUB : 1; - _Bool ALWAYS_CUT : 1; - _Bool DNSSEC_WEXPAND : 1; - _Bool PERMISSIVE : 1; - _Bool STRICT : 1; - _Bool BADCOOKIE_AGAIN : 1; - _Bool CNAME : 1; - _Bool REORDER_RR : 1; - _Bool TRACE : 1; - _Bool NO_0X20 : 1; - _Bool DNSSEC_NODS : 1; - _Bool DNSSEC_OPTOUT : 1; - _Bool NONAUTH : 1; - _Bool FORWARD : 1; - _Bool DNS64_MARK : 1; - _Bool CACHE_TRIED : 1; - _Bool NO_NS_FOUND : 1; - _Bool PKT_IS_SANE : 1; - _Bool DNS64_DISABLE : 1; - _Bool PASSTHRU_LEGACY : 1; -}; -typedef struct ranked_rr_array_entry { - uint32_t qry_uid; - uint8_t rank; - uint8_t revalidation_cnt; - _Bool cached : 1; - _Bool yielded : 1; - _Bool to_wire : 1; - _Bool expiring : 1; - _Bool in_progress : 1; - _Bool dont_cache : 1; - knot_rrset_t *rr; -} ranked_rr_array_entry_t; -typedef struct { - ranked_rr_array_entry_t **at; - size_t len; - size_t cap; -} ranked_rr_array_t; -typedef struct kr_http_header_array_entry { - char *name; - char *value; -} kr_http_header_array_entry_t; -typedef struct { - kr_http_header_array_entry_t *at; - size_t len; - size_t cap; -} kr_http_header_array_t; -typedef struct { - union kr_sockaddr *at; - size_t len; - size_t cap; -} kr_sockaddr_array_t; -struct kr_zonecut { - knot_dname_t *name; - knot_rrset_t *key; - knot_rrset_t *trust_anchor; - struct kr_zonecut *parent; - trie_t *nsset; - knot_mm_t *pool; - _Bool avoid_resolving; -}; -typedef struct { - struct kr_query **at; - size_t len; - size_t cap; -} kr_qarray_t; -struct kr_rplan { - kr_qarray_t pending; - kr_qarray_t resolved; - struct kr_query *initial; - struct kr_request *request; - knot_mm_t *pool; - uint32_t next_uid; -}; -struct kr_request_qsource_flags { - _Bool tcp : 1; - _Bool tls : 1; - _Bool http : 1; - _Bool xdp : 1; -}; -typedef unsigned long kr_rule_tags_t; -struct kr_rule_zonefile_config { - const char *filename; - const char *input_str; - size_t input_len; - _Bool is_rpz; - _Bool nodata; - kr_rule_tags_t tags; - const char *origin; - uint32_t ttl; -}; -struct kr_rule_fwd_flags { - _Bool is_auth : 1; - _Bool is_tcp : 1; - _Bool is_nods : 1; -}; -typedef struct kr_rule_fwd_flags kr_rule_fwd_flags_t; -struct kr_extended_error { - int32_t info_code; - const char *extra_text; -}; -struct kr_request { - struct kr_context *ctx; - knot_pkt_t *answer; - struct kr_query *current_query; - struct { - const struct sockaddr *addr; - const struct sockaddr *comm_addr; - const struct sockaddr *dst_addr; - const knot_pkt_t *packet; - struct kr_request_qsource_flags flags; - struct kr_request_qsource_flags comm_flags; - size_t size; - int32_t stream_id; - kr_http_header_array_t headers; - } qsource; - struct { - unsigned int rtt; - const struct kr_transport *transport; - } upstream; - struct kr_qflags options; - int state; - ranked_rr_array_t answ_selected; - ranked_rr_array_t auth_selected; - ranked_rr_array_t add_selected; - _Bool answ_validated; - _Bool auth_validated; - uint8_t rank; - struct kr_rplan rplan; - trace_log_f trace_log; - trace_callback_f trace_finish; - int vars_ref; - knot_mm_t pool; - unsigned int uid; - struct { - addr_info_f is_tls_capable; - addr_info_f is_tcp_connected; - addr_info_f is_tcp_waiting; - kr_sockaddr_array_t forwarding_targets; - } selection_context; - unsigned int count_no_nsaddr; - unsigned int count_fail_row; - alloc_wire_f alloc_wire_cb; - kr_rule_tags_t rule_tags; - struct kr_extended_error extended_error; -}; -enum kr_rank {KR_RANK_INITIAL, KR_RANK_OMIT, KR_RANK_TRY, KR_RANK_INDET = 4, KR_RANK_BOGUS, KR_RANK_MISMATCH, KR_RANK_MISSING, KR_RANK_INSECURE, KR_RANK_AUTH = 16, KR_RANK_SECURE = 32}; -typedef struct kr_cdb * kr_cdb_pt; -struct kr_cdb_stats { - uint64_t open; - uint64_t close; - uint64_t count; - uint64_t count_entries; - uint64_t clear; - uint64_t commit; - uint64_t read; - uint64_t read_miss; - uint64_t write; - uint64_t remove; - uint64_t remove_miss; - uint64_t match; - uint64_t match_miss; - uint64_t read_leq; - uint64_t read_leq_miss; - uint64_t read_less; - double usage_percent; -}; -typedef struct uv_timer_s uv_timer_t; -struct kr_cache { - kr_cdb_pt db; - const struct kr_cdb_api *api; - struct kr_cdb_stats stats; - uint32_t ttl_min; - uint32_t ttl_max; - struct timeval checkpoint_walltime; - uint64_t checkpoint_monotime; - uv_timer_t *health_timer; -}; -typedef struct kr_layer { - int state; - struct kr_request *req; - const struct kr_layer_api *api; - knot_pkt_t *pkt; - struct sockaddr *dst; - _Bool is_stream; -} kr_layer_t; -typedef struct kr_layer_api { - int (*begin)(kr_layer_t *); - int (*reset)(kr_layer_t *); - int (*finish)(kr_layer_t *); - int (*consume)(kr_layer_t *, knot_pkt_t *); - int (*produce)(kr_layer_t *, knot_pkt_t *); - int (*checkout)(kr_layer_t *, knot_pkt_t *, struct sockaddr *, int); - int (*answer_finalize)(kr_layer_t *); - void *data; - int cb_slots[]; -} kr_layer_api_t; -struct kr_prop { - kr_prop_cb *cb; - const char *name; - const char *info; -}; -struct kr_module { - char *name; - int (*init)(struct kr_module *); - int (*deinit)(struct kr_module *); - int (*config)(struct kr_module *, const char *); - const kr_layer_api_t *layer; - const struct kr_prop *props; - void *lib; - void *data; -}; -struct kr_server_selection { - _Bool initialized; - void (*choose_transport)(struct kr_query *, struct kr_transport **); - void (*update_rtt)(struct kr_query *, const struct kr_transport *, unsigned int); - void (*error)(struct kr_query *, const struct kr_transport *, enum kr_selection_error); - struct local_state *local_state; -}; -typedef int kr_log_level_t; -enum kr_log_group {LOG_GRP_UNKNOWN = -1, LOG_GRP_SYSTEM = 1, LOG_GRP_CACHE, LOG_GRP_IO, LOG_GRP_NETWORK, LOG_GRP_TA, LOG_GRP_TLS, LOG_GRP_GNUTLS, LOG_GRP_TLSCLIENT, LOG_GRP_XDP, LOG_GRP_DOH, LOG_GRP_DNSSEC, LOG_GRP_HINT, LOG_GRP_PLAN, LOG_GRP_ITERATOR, LOG_GRP_VALIDATOR, LOG_GRP_RESOLVER, LOG_GRP_SELECTION, LOG_GRP_ZCUT, LOG_GRP_COOKIES, LOG_GRP_STATISTICS, LOG_GRP_REBIND, LOG_GRP_WORKER, LOG_GRP_POLICY, LOG_GRP_TASENTINEL, LOG_GRP_TASIGNALING, LOG_GRP_TAUPDATE, LOG_GRP_DAF, LOG_GRP_DETECTTIMEJUMP, LOG_GRP_DETECTTIMESKEW, LOG_GRP_GRAPHITE, LOG_GRP_PREFILL, LOG_GRP_PRIMING, LOG_GRP_SRVSTALE, LOG_GRP_WATCHDOG, LOG_GRP_NSID, LOG_GRP_DNSTAP, LOG_GRP_TESTS, LOG_GRP_DOTAUTH, LOG_GRP_HTTP, LOG_GRP_CONTROL, LOG_GRP_MODULE, LOG_GRP_DEVEL, LOG_GRP_RENUMBER, LOG_GRP_EDE, LOG_GRP_RULES, LOG_GRP_PROTOLAYER, LOG_GRP_REQDBG}; -struct kr_query_data_src { - _Bool initialized; - _Bool all_set; - uint8_t rule_depth; - kr_rule_fwd_flags_t flags; - knot_db_val_t targets_ptr; -}; -enum kr_rule_sub_t {KR_RULE_SUB_EMPTY = 1, KR_RULE_SUB_NXDOMAIN, KR_RULE_SUB_NODATA, KR_RULE_SUB_REDIRECT}; -enum kr_proto {KR_PROTO_INTERNAL, KR_PROTO_UDP53, KR_PROTO_TCP53, KR_PROTO_DOT, KR_PROTO_DOH, KR_PROTO_DOQ, KR_PROTO_COUNT}; -typedef unsigned char kr_proto_set; -kr_layer_t kr_layer_t_static; -_Bool kr_dbg_assertion_abort; -int kr_dbg_assertion_fork; -const uint32_t KR_RULE_TTL_DEFAULT; - -typedef int32_t (*kr_stale_cb)(int32_t ttl, const knot_dname_t *owner, uint16_t type, - const struct kr_query *qry); - -void kr_rrset_init(knot_rrset_t *rrset, knot_dname_t *owner, - uint16_t type, uint16_t rclass, uint32_t ttl); -struct kr_query { - struct kr_query *parent; - knot_dname_t *sname; - uint16_t stype; - uint16_t sclass; - uint16_t id; - uint16_t reorder; - struct kr_qflags flags; - struct kr_qflags forward_flags; - uint32_t secret; - uint32_t uid; - int32_t vld_limit_crypto_remains; - uint32_t vld_limit_uid; - uint64_t creation_time_mono; - uint64_t timestamp_mono; - struct timeval timestamp; - struct kr_zonecut zone_cut; - struct kr_layer_pickle *deferred; - struct kr_query_data_src data_src; - int8_t cname_depth; - struct kr_query *cname_parent; - struct kr_request *request; - kr_stale_cb stale_cb; - struct kr_server_selection server_selection; -}; -struct kr_context { - struct kr_qflags options; - knot_rrset_t *downstream_opt_rr; - knot_rrset_t *upstream_opt_rr; - trie_t *trust_anchors; - trie_t *negative_anchors; - int32_t vld_limit_crypto; - struct kr_zonecut root_hints; - struct kr_cache cache; - unsigned int cache_rtt_tout_retry_interval; - char _stub[]; -}; -struct kr_transport { - knot_dname_t *ns_name; - /* beware: hidden stub, to avoid hardcoding sockaddr lengths */ -}; -const char *knot_strerror(int); -knot_dname_t *knot_dname_copy(const knot_dname_t *, knot_mm_t *); -knot_dname_t *knot_dname_from_str(uint8_t *, const char *, size_t); -int knot_dname_in_bailiwick(const knot_dname_t *, const knot_dname_t *); -_Bool knot_dname_is_equal(const knot_dname_t *, const knot_dname_t *); -size_t knot_dname_labels(const uint8_t *, const uint8_t *); -size_t knot_dname_size(const knot_dname_t *); -void knot_dname_to_lower(knot_dname_t *); -char *knot_dname_to_str(char *, const knot_dname_t *, size_t); -knot_rdata_t *knot_rdataset_at(const knot_rdataset_t *, uint16_t); -int knot_rdataset_merge(knot_rdataset_t *, const knot_rdataset_t *, knot_mm_t *); -int knot_rrset_add_rdata(knot_rrset_t *, const uint8_t *, uint16_t, knot_mm_t *); -void knot_rrset_free(knot_rrset_t *, knot_mm_t *); -int knot_rrset_txt_dump(const knot_rrset_t *, char **, size_t *, const knot_dump_style_t *); -int knot_rrset_txt_dump_data(const knot_rrset_t *, const size_t, char *, const size_t, const knot_dump_style_t *); -size_t knot_rrset_size(const knot_rrset_t *); -int knot_pkt_begin(knot_pkt_t *, knot_section_t); -int knot_pkt_put_question(knot_pkt_t *, const knot_dname_t *, uint16_t, uint16_t); -int knot_pkt_put_rotate(knot_pkt_t *, uint16_t, const knot_rrset_t *, uint16_t, uint16_t); -knot_pkt_t *knot_pkt_new(void *, uint16_t, knot_mm_t *); -void knot_pkt_free(knot_pkt_t *); -int knot_pkt_parse(knot_pkt_t *, unsigned int); -knot_rrset_t *kr_request_ensure_edns(struct kr_request *); -knot_pkt_t *kr_request_ensure_answer(struct kr_request *); -int kr_request_set_extended_error(struct kr_request *, int, const char *); -struct kr_rplan *kr_resolve_plan(struct kr_request *); -knot_mm_t *kr_resolve_pool(struct kr_request *); -struct kr_query *kr_rplan_push(struct kr_rplan *, struct kr_query *, const knot_dname_t *, uint16_t, uint16_t); -int kr_rplan_pop(struct kr_rplan *, struct kr_query *); -struct kr_query *kr_rplan_resolved(struct kr_rplan *); -struct kr_query *kr_rplan_last(struct kr_rplan *); -int kr_forward_add_target(struct kr_request *, const struct sockaddr *); -_Bool kr_log_is_debug_fun(enum kr_log_group, const struct kr_request *); -void kr_log_req1(const struct kr_request * const, uint32_t, const unsigned int, enum kr_log_group, const char *, const char *, ...); -void kr_log_q1(const struct kr_query * const, enum kr_log_group, const char *, const char *, ...); -const char *kr_log_grp2name(enum kr_log_group); -void kr_log_fmt(enum kr_log_group, kr_log_level_t, const char *, const char *, const char *, const char *, ...); -int kr_make_query(struct kr_query *, knot_pkt_t *); -void kr_pkt_make_auth_header(knot_pkt_t *); -int kr_pkt_put(knot_pkt_t *, const knot_dname_t *, uint32_t, uint16_t, uint16_t, const uint8_t *, uint16_t); -int kr_pkt_recycle(knot_pkt_t *); -int kr_pkt_clear_payload(knot_pkt_t *); -_Bool kr_pkt_has_wire(const knot_pkt_t *); -_Bool kr_pkt_has_dnssec(const knot_pkt_t *); -uint16_t kr_pkt_qclass(const knot_pkt_t *); -uint16_t kr_pkt_qtype(const knot_pkt_t *); -char *kr_pkt_text(const knot_pkt_t *); -void kr_rnd_buffered(void *, unsigned int); -uint32_t kr_rrsig_sig_inception(const knot_rdata_t *); -uint32_t kr_rrsig_sig_expiration(const knot_rdata_t *); -uint16_t kr_rrsig_type_covered(const knot_rdata_t *); -const char *kr_inaddr(const struct sockaddr *); -int kr_inaddr_family(const struct sockaddr *); -int kr_inaddr_len(const struct sockaddr *); -int kr_inaddr_str(const struct sockaddr *, char *, size_t *); -int kr_sockaddr_cmp(const struct sockaddr *, const struct sockaddr *); -int kr_sockaddr_len(const struct sockaddr *); -uint16_t kr_inaddr_port(const struct sockaddr *); -int kr_straddr_family(const char *); -int kr_straddr_subnet(void *, const char *); -int kr_bitcmp(const char *, const char *, int); -int kr_family_len(int); -struct sockaddr *kr_straddr_socket(const char *, int, knot_mm_t *); -int kr_straddr_split(const char *, char * restrict, uint16_t *); -_Bool kr_rank_test(uint8_t, uint8_t); -int kr_ranked_rrarray_add(ranked_rr_array_t *, const knot_rrset_t *, uint8_t, _Bool, uint32_t, knot_mm_t *); -int kr_ranked_rrarray_finalize(ranked_rr_array_t *, uint32_t, knot_mm_t *); -void kr_qflags_set(struct kr_qflags *, struct kr_qflags); -void kr_qflags_clear(struct kr_qflags *, struct kr_qflags); -int kr_zonecut_add(struct kr_zonecut *, const knot_dname_t *, const void *, int); -_Bool kr_zonecut_is_empty(struct kr_zonecut *); -void kr_zonecut_set(struct kr_zonecut *, const knot_dname_t *); -uint64_t kr_now(void); -const char *kr_strptime_diff(const char *, const char *, const char *, double *); -time_t kr_file_mtime(const char *); -long long kr_fssize(const char *); -const char *kr_dirent_name(const struct dirent *); -void lru_free_items_impl(struct lru *); -struct lru *lru_create_impl(unsigned int, unsigned int, knot_mm_t *, knot_mm_t *); -void *lru_get_impl(struct lru *, const char *, unsigned int, unsigned int, _Bool, _Bool *); -void *mm_realloc(knot_mm_t *, void *, size_t, size_t); -knot_rrset_t *kr_ta_get(trie_t *, const knot_dname_t *); -int kr_ta_add(trie_t *, const knot_dname_t *, uint16_t, uint32_t, const uint8_t *, uint16_t); -int kr_ta_del(trie_t *, const knot_dname_t *); -void kr_ta_clear(trie_t *); -_Bool kr_dnssec_key_sep_flag(const uint8_t *); -_Bool kr_dnssec_key_revoked(const uint8_t *); -int kr_dnssec_key_tag(uint16_t, const uint8_t *, size_t); -int kr_dnssec_key_match(const uint8_t *, size_t, const uint8_t *, size_t); -int kr_cache_closest_apex(struct kr_cache *, const knot_dname_t *, _Bool, knot_dname_t **); -int kr_cache_insert_rr(struct kr_cache *, const knot_rrset_t *, const knot_rrset_t *, uint8_t, uint32_t, _Bool); -int kr_cache_remove(struct kr_cache *, const knot_dname_t *, uint16_t); -int kr_cache_remove_subtree(struct kr_cache *, const knot_dname_t *, _Bool, int); -int kr_cache_commit(struct kr_cache *); -uint32_t packet_ttl(const knot_pkt_t *); -int kr_rules_init(const char *, size_t, _Bool); -int kr_rules_commit(_Bool); -int kr_rules_reset(void); -int kr_view_insert_action(const char *, const char *, kr_proto_set, const char *); -int kr_view_select_action(const struct kr_request *, knot_db_val_t *); -int kr_rule_tag_add(const char *, kr_rule_tags_t *); -int kr_rule_local_subtree(const knot_dname_t *, enum kr_rule_sub_t, uint32_t, kr_rule_tags_t); -int kr_rule_zonefile(const struct kr_rule_zonefile_config *); -int kr_rule_forward(const knot_dname_t *, kr_rule_fwd_flags_t, const struct sockaddr **); -int kr_rule_local_address(const char *, const char *, _Bool, uint32_t, kr_rule_tags_t); -int kr_rule_local_hosts(const char *, _Bool, uint32_t, kr_rule_tags_t); -typedef struct { - int sock_type; - _Bool tls; - _Bool http; - _Bool xdp; - _Bool freebind; - const char *kind; -} endpoint_flags_t; -typedef struct { - char **at; - size_t len; - size_t cap; -} addr_array_t; -typedef struct { - int fd; - endpoint_flags_t flags; -} flagged_fd_t; -typedef struct { - flagged_fd_t *at; - size_t len; - size_t cap; -} flagged_fd_array_t; -typedef struct { - const char **at; - size_t len; - size_t cap; -} config_array_t; -struct args { - addr_array_t addrs; - addr_array_t addrs_tls; - flagged_fd_array_t fds; - int control_fd; - int forks; - config_array_t config; - const char *rundir; - _Bool interactive; - _Bool quiet; - _Bool tty_binary_output; -}; -typedef struct { - const char *zone_file; - const char *origin; - uint32_t ttl; - enum {ZI_STAMP_NOW, ZI_STAMP_MTIM} time_src; - _Bool downgrade; - _Bool zonemd; - const knot_rrset_t *ds; - zi_callback cb; - void *cb_param; -} zi_config_t; -struct args *the_args; -struct endpoint { - void *handle; - int fd; - int family; - uint16_t port; - int16_t nic_queue; - _Bool engaged; - endpoint_flags_t flags; -}; -struct request_ctx { - struct kr_request req; - struct qr_task *task; - /* beware: hidden stub, to avoid hardcoding sockaddr lengths */ -}; -struct qr_task { - struct request_ctx *ctx; - /* beware: hidden stub, to avoid qr_tasklist_t */ -}; -int worker_resolve_exec(struct qr_task *, knot_pkt_t *); -knot_pkt_t *worker_resolve_mk_pkt(const char *, uint16_t, uint16_t, const struct kr_qflags *); -struct qr_task *worker_resolve_start(knot_pkt_t *, struct kr_qflags); -int zi_zone_import(const zi_config_t); -struct engine { - char _stub[]; -}; -struct worker_ctx { - char _stub[]; -}; -struct kr_context *the_resolver; -struct worker_ctx *the_worker; -struct engine *the_engine; -typedef struct { - uint8_t bitmap[32]; - uint8_t length; -} zs_win_t; -typedef struct { - uint8_t excl_flag; - uint16_t addr_family; - uint8_t prefix_length; -} zs_apl_t; -typedef struct { - uint32_t d1; - uint32_t d2; - uint32_t m1; - uint32_t m2; - uint32_t s1; - uint32_t s2; - uint32_t alt; - uint64_t siz; - uint64_t hp; - uint64_t vp; - int8_t lat_sign; - int8_t long_sign; - int8_t alt_sign; -} zs_loc_t; -typedef enum {ZS_STATE_NONE, ZS_STATE_DATA, ZS_STATE_ERROR, ZS_STATE_INCLUDE, ZS_STATE_EOF, ZS_STATE_STOP} zs_state_t; -typedef struct zs_scanner zs_scanner_t; -typedef struct zs_scanner { - int cs; - int top; - int stack[16]; - _Bool multiline; - uint64_t number64; - uint64_t number64_tmp; - uint32_t decimals; - uint32_t decimal_counter; - uint32_t item_length; - uint32_t item_length_position; - uint8_t *item_length_location; - uint32_t buffer_length; - uint8_t buffer[65535]; - char include_filename[65535]; - char *path; - zs_win_t windows[256]; - int16_t last_window; - zs_apl_t apl; - zs_loc_t loc; - uint8_t addr[16]; - _Bool long_string; - uint8_t *dname; - uint32_t *dname_length; - uint32_t dname_tmp_length; - uint32_t r_data_tail; - uint32_t zone_origin_length; - uint8_t zone_origin[318]; - uint16_t default_class; - uint32_t default_ttl; - zs_state_t state; - struct { - _Bool automatic; - void (*record)(zs_scanner_t *); - void (*error)(zs_scanner_t *); - void (*comment)(zs_scanner_t *); - void *data; - } process; - struct { - const char *start; - const char *current; - const char *end; - _Bool eof; - _Bool mmaped; - } input; - struct { - char *name; - int descriptor; - } file; - struct { - int code; - uint64_t counter; - _Bool fatal; - } error; - uint64_t line_counter; - uint32_t r_owner_length; - uint8_t r_owner[318]; - uint16_t r_class; - uint32_t r_ttl; - uint16_t r_type; - uint32_t r_data_length; - uint8_t r_data[65535]; -} zs_scanner_t; -void zs_deinit(zs_scanner_t *); -int zs_init(zs_scanner_t *, const char *, const uint16_t, const uint32_t); -int zs_parse_record(zs_scanner_t *); -int zs_set_input_file(zs_scanner_t *, const char *); -int zs_set_input_string(zs_scanner_t *, const char *, size_t); -const char *zs_strerror(const int); -]] diff --git a/daemon/lua/meson.build b/daemon/lua/meson.build index d55d35fc..22a5b361 100644 --- a/daemon/lua/meson.build +++ b/daemon/lua/meson.build @@ -43,8 +43,6 @@ if libknot.version().version_compare('>= 3.2') kres_gen_fname = 'kres-gen-32.lua' elif libknot.version().version_compare('>= 3.1') kres_gen_fname = 'kres-gen-31.lua' -else - kres_gen_fname = 'kres-gen-30.lua' endif # Exact types around time_t aren't easy to detect, but at least we need the same size. diff --git a/daemon/session2.c b/daemon/session2.c index 19ea42dc..09a4b362 100644 --- a/daemon/session2.c +++ b/daemon/session2.c @@ -1484,7 +1484,7 @@ static int session2_transport_pushv(struct session2 *s, &iovecmem, ctx); knot_xdp_msg_t msg; -#if KNOT_VERSION_HEX >= 0x030100 + /* We don't have a nice way of preserving the _msg_t from frame allocation, * so we manually redo all other parts of knot_xdp_send_alloc() */ memset(&msg, 0, sizeof(msg)); @@ -1492,7 +1492,7 @@ static int session2_transport_pushv(struct session2 *s, msg.flags = ipv6 ? KNOT_XDP_MSG_IPV6 : 0; memcpy(msg.eth_from, comm->eth_from, sizeof(comm->eth_from)); memcpy(msg.eth_to, comm->eth_to, sizeof(comm->eth_to)); -#endif + const struct sockaddr *ip_from = comm->dst_addr; const struct sockaddr *ip_to = comm->comm_addr; memcpy(&msg.ip_from, ip_from, kr_sockaddr_len(ip_from)); diff --git a/daemon/worker.c b/daemon/worker.c index 2abaee07..f620904c 100644 --- a/daemon/worker.c +++ b/daemon/worker.c @@ -227,25 +227,16 @@ static uint8_t *alloc_wire_cb(struct kr_request *req, uint16_t *maxlen) xdp_handle_data_t *xhd = handle->data; knot_xdp_msg_t out; bool ipv6 = ctx->source.comm_addr.ip.sa_family == AF_INET6; - int ret = knot_xdp_send_alloc(xhd->socket, - #if KNOT_VERSION_HEX >= 0x030100 - ipv6 ? KNOT_XDP_MSG_IPV6 : 0, &out); - #else - ipv6, &out, NULL); - #endif + int ret = knot_xdp_send_alloc(xhd->socket, ipv6 ? KNOT_XDP_MSG_IPV6 : 0, &out); if (ret != KNOT_EOK) { kr_assert(ret == KNOT_ENOMEM); *maxlen = 0; return NULL; } *maxlen = MIN(*maxlen, out.payload.iov_len); -#if KNOT_VERSION_HEX < 0x030100 - /* It's most convenient to fill the MAC addresses at this point. */ - memcpy(out.eth_from, &ctx->source.eth_from, 6); - memcpy(out.eth_to, &ctx->source.eth_to, 6); -#endif return out.payload.iov_base; } + static void free_wire(const struct request_ctx *ctx) { if (kr_fails_assert(ctx->req.alloc_wire_cb == alloc_wire_cb)) @@ -267,12 +258,8 @@ static void free_wire(const struct request_ctx *ctx) out.payload.iov_base = ans->wire; out.payload.iov_len = 0; uint32_t sent = 0; -#if KNOT_VERSION_HEX >= 0x030100 int ret = 0; knot_xdp_send_free(xhd->socket, &out, 1); -#else - int ret = knot_xdp_send(xhd->socket, &out, 1, &sent); -#endif kr_assert(ret == KNOT_EOK && sent == 0); kr_log_debug(XDP, "freed unsent buffer, ret = %d\n", ret); } diff --git a/daemon/zimport.c b/daemon/zimport.c index 30edcaec..61a46a89 100644 --- a/daemon/zimport.c +++ b/daemon/zimport.c @@ -32,15 +32,10 @@ #include #include -#include -#define ENABLE_ZONEMD (KNOT_VERSION_HEX >= 0x030100) -#if ENABLE_ZONEMD - #include - - #if KNOT_VERSION_HEX < 0x030200 - #define KNOT_ZONEMD_ALGORITHM_SHA384 KNOT_ZONEMD_ALORITHM_SHA384 - #define KNOT_ZONEMD_ALGORITHM_SHA512 KNOT_ZONEMD_ALORITHM_SHA512 - #endif +#include +#if KNOT_VERSION_HEX < 0x030200 + #define KNOT_ZONEMD_ALGORITHM_SHA384 KNOT_ZONEMD_ALORITHM_SHA384 + #define KNOT_ZONEMD_ALGORITHM_SHA512 KNOT_ZONEMD_ALORITHM_SHA512 #endif #include "daemon/worker.h" @@ -72,7 +67,6 @@ struct zone_import_ctx { struct kr_svldr_ctx *svldr; /// DNSSEC validator; NULL iff we don't validate const knot_dname_t *last_cut; /// internal to zi_rrset_import() -#if ENABLE_ZONEMD uint8_t *digest_buf; /// temporary buffer for digest computation (on pool) #define DIGEST_BUF_SIZE (64*1024 - 1) #define DIGEST_ALG_COUNT 2 @@ -81,7 +75,6 @@ struct zone_import_ctx { dnssec_digest_ctx_t *ctx; const uint8_t *expected; /// expected digest (inside zonemd on pool) } digests[DIGEST_ALG_COUNT]; /// we use indices 0 and 1 for SHA 384 and 512 -#endif }; typedef struct zone_import_ctx zone_import_ctx_t; @@ -130,7 +123,6 @@ static knot_rrset_t * rrset_get(trie_t *rrsets, const knot_dname_t *name, return *rrsig_p; } -#if ENABLE_ZONEMD static int digest_rrset(trie_val_t *rr_p, void *z_import_v) { zone_import_ctx_t *z_import = z_import_v; @@ -303,8 +295,6 @@ do_digest: bool ok = has_match && (zonemd_is_valid || !z_import->svldr); return ok ? kr_ok() : kr_error(ENOENT); } -#endif - /** * @internal Import given rrset to cache. @@ -705,15 +695,9 @@ int zi_zone_import(const zi_config_t config) zonemd: (void)0; // C can't have a variable definition following a label double time_zonemd = NAN; if (c->zonemd) { - #if ENABLE_ZONEMD - kr_timer_start(&stopwatch); - ret = zonemd_verify(z_import); - time_zonemd = kr_timer_elapsed(&stopwatch); - #else - kr_log_error(PREFILL, - "ZONEMD check requested but not supported, fail\n"); - ret = kr_error(ENOSYS); - #endif + kr_timer_start(&stopwatch); + ret = zonemd_verify(z_import); + time_zonemd = kr_timer_elapsed(&stopwatch); } else { ret = kr_ok(); } diff --git a/lib/defines.h b/lib/defines.h index e8328928..24205896 100644 --- a/lib/defines.h +++ b/lib/defines.h @@ -73,11 +73,6 @@ static inline int KR_COLD kr_error(int x) { #define KR_DNAME_STR_MAXLEN (KNOT_DNAME_TXT_MAXLEN + 1) #define KR_RRTYPE_STR_MAXLEN (16 + 1) -/* Compatibility with libknot<3.1.0 */ -#if KNOT_VERSION_HEX < 0x030100 -#define KNOT_EDNS_EDE_NONE (-1) -#endif - /* * Address sanitizer hints. */ diff --git a/meson.build b/meson.build index 8ac3e6e3..a2a56a33 100644 --- a/meson.build +++ b/meson.build @@ -18,7 +18,7 @@ endif message('--- required dependencies ---') -knot_version = '>=3.0.2' +knot_version = '>=3.1' libknot = dependency('libknot', version: knot_version) libdnssec = dependency('libdnssec', version: knot_version) libzscanner = dependency('libzscanner', version: knot_version) -- cgit v1.2.3 From d068a95304a57306b732f45a5105be0357886f7c Mon Sep 17 00:00:00 2001 From: Oto Šťáva Date: Wed, 10 Jul 2024 16:38:26 +0200 Subject: drop libknot <=3.2.x support --- .github/workflows/macOS.yaml | 2 +- .gitlab-ci.yml | 52 ++- NEWS | 3 +- daemon/io.c | 8 +- daemon/lua/kres-gen-31.lua | 697 ------------------------------------- daemon/lua/kres-gen-32.lua | 698 ------------------------------------- daemon/lua/kres-gen-33.lua | 699 ++++++++++++++++++++++++++++++++++++++ daemon/lua/meson.build | 6 +- daemon/zimport.c | 4 - lib/resolve.c | 4 - lib/utils.c | 4 - meson.build | 2 +- scripts/enable-repo-cznic-labs.sh | 30 ++ scripts/enable-repo.py | 132 ------- 14 files changed, 754 insertions(+), 1587 deletions(-) delete mode 100644 daemon/lua/kres-gen-31.lua delete mode 100644 daemon/lua/kres-gen-32.lua create mode 100644 daemon/lua/kres-gen-33.lua create mode 100755 scripts/enable-repo-cznic-labs.sh delete mode 100755 scripts/enable-repo.py (limited to 'lib') diff --git a/.github/workflows/macOS.yaml b/.github/workflows/macOS.yaml index f7fe0907..6f022d32 100644 --- a/.github/workflows/macOS.yaml +++ b/.github/workflows/macOS.yaml @@ -8,7 +8,7 @@ jobs: runs-on: macOS-latest strategy: matrix: - knot-version: ['3.2', '3.3'] + knot-version: ['3.3'] steps: - name: Checkout resolver code diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 4c4b6e81..75a6ccbd 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -10,7 +10,7 @@ variables: RESPDIFF_COUNT: 1 RESPDIFF_FORCE: 0 RESPERF_FORCE: 0 - KNOT_VERSION: '3.1' + KNOT_VERSION: '3.3' LIBKRES_ABI: 9 LIBKRES_NAME: libkres MESON_TEST: meson test -C build_ci* -t 4 --print-errorlogs @@ -135,32 +135,18 @@ build-stable: - ninja -C build_ci_stable install >/dev/null - ${MESON_TEST} --suite unit --suite config --suite dnstap --no-suite snowflake -build-deb11-knot31: - <<: *build - image: $IMAGE_PREFIX/debian11-knot_3_1:$IMAGE_TAG - script: - - meson build_ci_deb11_knot31 --prefix=$PREFIX -Dmalloc=disabled -Dwerror=true -Dextra_tests=enabled - - ninja -C build_ci_deb11_knot31 - - ninja -C build_ci_deb11_knot31 install >/dev/null - - ${MESON_TEST} --suite unit --suite config --suite dnstap --no-suite snowflake - -build-deb11-knot32: - <<: *build - image: $IMAGE_PREFIX/debian11-knot_3_2:$IMAGE_TAG - script: - - meson build_ci_deb11_knot32 --prefix=$PREFIX -Dmalloc=disabled -Dwerror=true -Dextra_tests=enabled - - ninja -C build_ci_deb11_knot32 - - ninja -C build_ci_deb11_knot32 install >/dev/null - - ${MESON_TEST} --suite unit --suite config --suite dnstap --no-suite snowflake - -build-deb12-knot32: - <<: *build - image: $IMAGE_PREFIX/debian12-knot_3_2:$IMAGE_TAG - script: - - meson build_ci_deb12_knot32 --prefix=$PREFIX -Dmalloc=disabled -Dwerror=true -Dextra_tests=enabled - - ninja -C build_ci_deb12_knot32 - - ninja -C build_ci_deb12_knot32 install >/dev/null - - ${MESON_TEST} --suite unit --suite config --suite dnstap --no-suite snowflake +# This is currently the same as stable - uncomment this once Knot 3.4 is +# released and we are building against that, to keep sanity-checking the 3.3 +# support. +# +#build-deb12-knot33: +# <<: *build +# image: $IMAGE_PREFIX/debian12-knot_3_3:$IMAGE_TAG +# script: +# - meson build_ci_deb12_knot33 --prefix=$PREFIX -Dmalloc=disabled -Dwerror=true -Dextra_tests=enabled +# - ninja -C build_ci_deb12_knot33 +# - ninja -C build_ci_deb12_knot33 install >/dev/null +# - ${MESON_TEST} --suite unit --suite config --suite dnstap --no-suite snowflake build-deb12-knot-master: <<: *build @@ -309,12 +295,9 @@ lint:coverity: - ninja -C build_ci_lib daemon/kresd - ninja -C build_ci_lib kres-gen - git diff --quiet || (git diff; exit 1) -kres-gen-31: +kres-gen-33: <<: *kres-gen - image: $IMAGE_PREFIX/debian11-knot_3_1:$IMAGE_TAG -kres-gen-32: - <<: *kres-gen - image: $IMAGE_PREFIX/debian12-knot_3_2:$IMAGE_TAG + image: $IMAGE_PREFIX/debian12-knot_3_3:$IMAGE_TAG root.hints: <<: *sanity @@ -613,7 +596,7 @@ obs:odvr: .enable_repo_build: &enable_repo_build before_script: - - ./scripts/enable-repo.py build + - ./scripts/enable-repo-cznic-labs.sh knot-dns .pkg_test: &pkg_test stage: pkg @@ -665,10 +648,12 @@ pkg:make-archive: pkg:debian-12: <<: *pkg_test_deb + <<: *enable_repo_build image: $CI_REGISTRY/packaging/apkg/full/debian-12 pkg:debian-11: <<: *pkg_test_deb + <<: *enable_repo_build image: $CI_REGISTRY/packaging/apkg/full/debian-11 pkg:ubuntu-24.04: @@ -677,6 +662,7 @@ pkg:ubuntu-24.04: pkg:ubuntu-22.04: <<: *pkg_test_deb + <<: *enable_repo_build image: $CI_REGISTRY/packaging/apkg/full/ubuntu-22.04 pkg:ubuntu-20.04: diff --git a/NEWS b/NEWS index fabf7b75..28c6a1c9 100644 --- a/NEWS +++ b/NEWS @@ -34,8 +34,7 @@ Incompatible changes the default behaviour as well. See the `relevant documentation section `_ for more. -- libknot 3.0.x support is dropped (!1558) - Upstream last maintained 3.0.x in spring 2022. +- libknot <=3.2.x support is dropped (!1565) Bugfixes -------- diff --git a/daemon/io.c b/daemon/io.c index 7f91fa97..cf372787 100644 --- a/daemon/io.c +++ b/daemon/io.c @@ -823,16 +823,10 @@ int io_listen_xdp(uv_loop_t *loop, struct endpoint *ep, const char *ifname) // This call is a libknot version hell, unfortunately. int ret = knot_xdp_init(&xhd->socket, ifname, ep->nic_queue, - #if KNOT_VERSION_HEX < 0x030200 - ep->port ? ep->port : (KNOT_XDP_LISTEN_PORT_PASS | 0), - KNOT_XDP_LOAD_BPF_MAYBE - #else KNOT_XDP_FILTER_UDP | (ep->port ? 0 : KNOT_XDP_FILTER_PASS), ep->port, 0/*quic_port*/, KNOT_XDP_LOAD_BPF_MAYBE, - NULL/*xdp_config*/ - #endif - ); + NULL/*xdp_config*/); if (!ret) xdp_warn_mode(ifname); diff --git a/daemon/lua/kres-gen-31.lua b/daemon/lua/kres-gen-31.lua deleted file mode 100644 index 7b7274f3..00000000 --- a/daemon/lua/kres-gen-31.lua +++ /dev/null @@ -1,697 +0,0 @@ --- SPDX-License-Identifier: GPL-3.0-or-later - -local ffi = require('ffi') ---[[ This file is generated by ./kres-gen.sh ]] ffi.cdef[[ - -typedef @time_t@ time_t; -typedef @time_t@ __time_t; -typedef @time_t@ __suseconds_t; -struct timeval { - __time_t tv_sec; - __suseconds_t tv_usec; -}; - -typedef struct knot_dump_style knot_dump_style_t; -extern const knot_dump_style_t KR_DUMP_STYLE_DEFAULT; -struct kr_cdb_api {}; -struct lru {}; -typedef enum {KNOT_ANSWER, KNOT_AUTHORITY, KNOT_ADDITIONAL} knot_section_t; -typedef struct { - uint16_t pos; - uint16_t flags; - uint16_t compress_ptr[16]; -} knot_rrinfo_t; -typedef unsigned char knot_dname_t; -typedef struct { - uint16_t len; - uint8_t data[]; -} knot_rdata_t; -typedef struct { - uint16_t count; - uint32_t size; - knot_rdata_t *rdata; -} knot_rdataset_t; -typedef struct knot_db_val { - void *data; - size_t len; -} knot_db_val_t; - -typedef struct knot_mm { - void *ctx, *alloc, *free; -} knot_mm_t; - -typedef void *(*map_alloc_f)(void *, size_t); -typedef void (*map_free_f)(void *baton, void *ptr); -typedef void (*trace_log_f) (const struct kr_request *, const char *); -typedef void (*trace_callback_f)(struct kr_request *); -typedef uint8_t * (*alloc_wire_f)(struct kr_request *req, uint16_t *maxlen); -typedef bool (*addr_info_f)(struct sockaddr*); -typedef void (*zi_callback)(int state, void *param); -typedef struct { - knot_dname_t *_owner; - uint32_t _ttl; - uint16_t type; - uint16_t rclass; - knot_rdataset_t rrs; - void *additional; -} knot_rrset_t; - -struct kr_module; -typedef char *(kr_prop_cb)(void *, struct kr_module *, const char *); -typedef unsigned char knot_dname_storage_t[255]; -typedef struct knot_pkt knot_pkt_t; -typedef struct { - uint8_t *ptr[18]; -} knot_edns_options_t; -typedef struct { - knot_pkt_t *pkt; - uint16_t pos; - uint16_t count; -} knot_pktsection_t; -typedef struct knot_compr { - uint8_t *wire; - knot_rrinfo_t *rrinfo; - struct { - uint16_t pos; - uint8_t labels; - } suffix; -} knot_compr_t; -struct knot_pkt { - uint8_t *wire; - size_t size; - size_t max_size; - size_t parsed; - uint16_t reserved; - uint16_t qname_size; - uint16_t rrset_count; - uint16_t flags; - knot_rrset_t *opt_rr; - knot_rrset_t *tsig_rr; - knot_edns_options_t *edns_opts; - struct { - uint8_t *pos; - size_t len; - } tsig_wire; - knot_section_t current; - knot_pktsection_t sections[3]; - size_t rrset_allocd; - knot_rrinfo_t *rr_info; - knot_rrset_t *rr; - knot_mm_t mm; - knot_compr_t compr; -}; -typedef struct trie trie_t; -struct kr_qflags { - _Bool NO_MINIMIZE : 1; - _Bool NO_IPV6 : 1; - _Bool NO_IPV4 : 1; - _Bool TCP : 1; - _Bool NO_ANSWER : 1; - _Bool RESOLVED : 1; - _Bool AWAIT_IPV4 : 1; - _Bool AWAIT_IPV6 : 1; - _Bool AWAIT_CUT : 1; - _Bool NO_EDNS : 1; - _Bool CACHED : 1; - _Bool NO_CACHE : 1; - _Bool EXPIRING : 1; - _Bool ALLOW_LOCAL : 1; - _Bool DNSSEC_WANT : 1; - _Bool DNSSEC_BOGUS : 1; - _Bool DNSSEC_INSECURE : 1; - _Bool DNSSEC_CD : 1; - _Bool STUB : 1; - _Bool ALWAYS_CUT : 1; - _Bool DNSSEC_WEXPAND : 1; - _Bool PERMISSIVE : 1; - _Bool STRICT : 1; - _Bool BADCOOKIE_AGAIN : 1; - _Bool CNAME : 1; - _Bool REORDER_RR : 1; - _Bool TRACE : 1; - _Bool NO_0X20 : 1; - _Bool DNSSEC_NODS : 1; - _Bool DNSSEC_OPTOUT : 1; - _Bool NONAUTH : 1; - _Bool FORWARD : 1; - _Bool DNS64_MARK : 1; - _Bool CACHE_TRIED : 1; - _Bool NO_NS_FOUND : 1; - _Bool PKT_IS_SANE : 1; - _Bool DNS64_DISABLE : 1; - _Bool PASSTHRU_LEGACY : 1; -}; -typedef struct ranked_rr_array_entry { - uint32_t qry_uid; - uint8_t rank; - uint8_t revalidation_cnt; - _Bool cached : 1; - _Bool yielded : 1; - _Bool to_wire : 1; - _Bool expiring : 1; - _Bool in_progress : 1; - _Bool dont_cache : 1; - knot_rrset_t *rr; -} ranked_rr_array_entry_t; -typedef struct { - ranked_rr_array_entry_t **at; - size_t len; - size_t cap; -} ranked_rr_array_t; -typedef struct kr_http_header_array_entry { - char *name; - char *value; -} kr_http_header_array_entry_t; -typedef struct { - kr_http_header_array_entry_t *at; - size_t len; - size_t cap; -} kr_http_header_array_t; -typedef struct { - union kr_sockaddr *at; - size_t len; - size_t cap; -} kr_sockaddr_array_t; -struct kr_zonecut { - knot_dname_t *name; - knot_rrset_t *key; - knot_rrset_t *trust_anchor; - struct kr_zonecut *parent; - trie_t *nsset; - knot_mm_t *pool; - _Bool avoid_resolving; -}; -typedef struct { - struct kr_query **at; - size_t len; - size_t cap; -} kr_qarray_t; -struct kr_rplan { - kr_qarray_t pending; - kr_qarray_t resolved; - struct kr_query *initial; - struct kr_request *request; - knot_mm_t *pool; - uint32_t next_uid; -}; -struct kr_request_qsource_flags { - _Bool tcp : 1; - _Bool tls : 1; - _Bool http : 1; - _Bool xdp : 1; -}; -typedef unsigned long kr_rule_tags_t; -struct kr_rule_zonefile_config { - const char *filename; - const char *input_str; - size_t input_len; - _Bool is_rpz; - _Bool nodata; - kr_rule_tags_t tags; - const char *origin; - uint32_t ttl; -}; -struct kr_rule_fwd_flags { - _Bool is_auth : 1; - _Bool is_tcp : 1; - _Bool is_nods : 1; -}; -typedef struct kr_rule_fwd_flags kr_rule_fwd_flags_t; -struct kr_extended_error { - int32_t info_code; - const char *extra_text; -}; -struct kr_request { - struct kr_context *ctx; - knot_pkt_t *answer; - struct kr_query *current_query; - struct { - const struct sockaddr *addr; - const struct sockaddr *comm_addr; - const struct sockaddr *dst_addr; - const knot_pkt_t *packet; - struct kr_request_qsource_flags flags; - struct kr_request_qsource_flags comm_flags; - size_t size; - int32_t stream_id; - kr_http_header_array_t headers; - } qsource; - struct { - unsigned int rtt; - const struct kr_transport *transport; - } upstream; - struct kr_qflags options; - int state; - ranked_rr_array_t answ_selected; - ranked_rr_array_t auth_selected; - ranked_rr_array_t add_selected; - _Bool answ_validated; - _Bool auth_validated; - uint8_t rank; - struct kr_rplan rplan; - trace_log_f trace_log; - trace_callback_f trace_finish; - int vars_ref; - knot_mm_t pool; - unsigned int uid; - struct { - addr_info_f is_tls_capable; - addr_info_f is_tcp_connected; - addr_info_f is_tcp_waiting; - kr_sockaddr_array_t forwarding_targets; - } selection_context; - unsigned int count_no_nsaddr; - unsigned int count_fail_row; - alloc_wire_f alloc_wire_cb; - kr_rule_tags_t rule_tags; - struct kr_extended_error extended_error; -}; -enum kr_rank {KR_RANK_INITIAL, KR_RANK_OMIT, KR_RANK_TRY, KR_RANK_INDET = 4, KR_RANK_BOGUS, KR_RANK_MISMATCH, KR_RANK_MISSING, KR_RANK_INSECURE, KR_RANK_AUTH = 16, KR_RANK_SECURE = 32}; -typedef struct kr_cdb * kr_cdb_pt; -struct kr_cdb_stats { - uint64_t open; - uint64_t close; - uint64_t count; - uint64_t count_entries; - uint64_t clear; - uint64_t commit; - uint64_t read; - uint64_t read_miss; - uint64_t write; - uint64_t remove; - uint64_t remove_miss; - uint64_t match; - uint64_t match_miss; - uint64_t read_leq; - uint64_t read_leq_miss; - uint64_t read_less; - double usage_percent; -}; -typedef struct uv_timer_s uv_timer_t; -struct kr_cache { - kr_cdb_pt db; - const struct kr_cdb_api *api; - struct kr_cdb_stats stats; - uint32_t ttl_min; - uint32_t ttl_max; - struct timeval checkpoint_walltime; - uint64_t checkpoint_monotime; - uv_timer_t *health_timer; -}; -typedef struct kr_layer { - int state; - struct kr_request *req; - const struct kr_layer_api *api; - knot_pkt_t *pkt; - struct sockaddr *dst; - _Bool is_stream; -} kr_layer_t; -typedef struct kr_layer_api { - int (*begin)(kr_layer_t *); - int (*reset)(kr_layer_t *); - int (*finish)(kr_layer_t *); - int (*consume)(kr_layer_t *, knot_pkt_t *); - int (*produce)(kr_layer_t *, knot_pkt_t *); - int (*checkout)(kr_layer_t *, knot_pkt_t *, struct sockaddr *, int); - int (*answer_finalize)(kr_layer_t *); - void *data; - int cb_slots[]; -} kr_layer_api_t; -struct kr_prop { - kr_prop_cb *cb; - const char *name; - const char *info; -}; -struct kr_module { - char *name; - int (*init)(struct kr_module *); - int (*deinit)(struct kr_module *); - int (*config)(struct kr_module *, const char *); - const kr_layer_api_t *layer; - const struct kr_prop *props; - void *lib; - void *data; -}; -struct kr_server_selection { - _Bool initialized; - void (*choose_transport)(struct kr_query *, struct kr_transport **); - void (*update_rtt)(struct kr_query *, const struct kr_transport *, unsigned int); - void (*error)(struct kr_query *, const struct kr_transport *, enum kr_selection_error); - struct local_state *local_state; -}; -typedef int kr_log_level_t; -enum kr_log_group {LOG_GRP_UNKNOWN = -1, LOG_GRP_SYSTEM = 1, LOG_GRP_CACHE, LOG_GRP_IO, LOG_GRP_NETWORK, LOG_GRP_TA, LOG_GRP_TLS, LOG_GRP_GNUTLS, LOG_GRP_TLSCLIENT, LOG_GRP_XDP, LOG_GRP_DOH, LOG_GRP_DNSSEC, LOG_GRP_HINT, LOG_GRP_PLAN, LOG_GRP_ITERATOR, LOG_GRP_VALIDATOR, LOG_GRP_RESOLVER, LOG_GRP_SELECTION, LOG_GRP_ZCUT, LOG_GRP_COOKIES, LOG_GRP_STATISTICS, LOG_GRP_REBIND, LOG_GRP_WORKER, LOG_GRP_POLICY, LOG_GRP_TASENTINEL, LOG_GRP_TASIGNALING, LOG_GRP_TAUPDATE, LOG_GRP_DAF, LOG_GRP_DETECTTIMEJUMP, LOG_GRP_DETECTTIMESKEW, LOG_GRP_GRAPHITE, LOG_GRP_PREFILL, LOG_GRP_PRIMING, LOG_GRP_SRVSTALE, LOG_GRP_WATCHDOG, LOG_GRP_NSID, LOG_GRP_DNSTAP, LOG_GRP_TESTS, LOG_GRP_DOTAUTH, LOG_GRP_HTTP, LOG_GRP_CONTROL, LOG_GRP_MODULE, LOG_GRP_DEVEL, LOG_GRP_RENUMBER, LOG_GRP_EDE, LOG_GRP_RULES, LOG_GRP_PROTOLAYER, LOG_GRP_REQDBG}; -struct kr_query_data_src { - _Bool initialized; - _Bool all_set; - uint8_t rule_depth; - kr_rule_fwd_flags_t flags; - knot_db_val_t targets_ptr; -}; -enum kr_rule_sub_t {KR_RULE_SUB_EMPTY = 1, KR_RULE_SUB_NXDOMAIN, KR_RULE_SUB_NODATA, KR_RULE_SUB_REDIRECT}; -enum kr_proto {KR_PROTO_INTERNAL, KR_PROTO_UDP53, KR_PROTO_TCP53, KR_PROTO_DOT, KR_PROTO_DOH, KR_PROTO_DOQ, KR_PROTO_COUNT}; -typedef unsigned char kr_proto_set; -kr_layer_t kr_layer_t_static; -_Bool kr_dbg_assertion_abort; -int kr_dbg_assertion_fork; -const uint32_t KR_RULE_TTL_DEFAULT; - -typedef int32_t (*kr_stale_cb)(int32_t ttl, const knot_dname_t *owner, uint16_t type, - const struct kr_query *qry); - -void kr_rrset_init(knot_rrset_t *rrset, knot_dname_t *owner, - uint16_t type, uint16_t rclass, uint32_t ttl); -struct kr_query { - struct kr_query *parent; - knot_dname_t *sname; - uint16_t stype; - uint16_t sclass; - uint16_t id; - uint16_t reorder; - struct kr_qflags flags; - struct kr_qflags forward_flags; - uint32_t secret; - uint32_t uid; - int32_t vld_limit_crypto_remains; - uint32_t vld_limit_uid; - uint64_t creation_time_mono; - uint64_t timestamp_mono; - struct timeval timestamp; - struct kr_zonecut zone_cut; - struct kr_layer_pickle *deferred; - struct kr_query_data_src data_src; - int8_t cname_depth; - struct kr_query *cname_parent; - struct kr_request *request; - kr_stale_cb stale_cb; - struct kr_server_selection server_selection; -}; -struct kr_context { - struct kr_qflags options; - knot_rrset_t *downstream_opt_rr; - knot_rrset_t *upstream_opt_rr; - trie_t *trust_anchors; - trie_t *negative_anchors; - int32_t vld_limit_crypto; - struct kr_zonecut root_hints; - struct kr_cache cache; - unsigned int cache_rtt_tout_retry_interval; - char _stub[]; -}; -struct kr_transport { - knot_dname_t *ns_name; - /* beware: hidden stub, to avoid hardcoding sockaddr lengths */ -}; -const char *knot_strerror(int); -knot_dname_t *knot_dname_copy(const knot_dname_t *, knot_mm_t *); -knot_dname_t *knot_dname_from_str(uint8_t *, const char *, size_t); -int knot_dname_in_bailiwick(const knot_dname_t *, const knot_dname_t *); -_Bool knot_dname_is_equal(const knot_dname_t *, const knot_dname_t *); -size_t knot_dname_labels(const uint8_t *, const uint8_t *); -size_t knot_dname_size(const knot_dname_t *); -void knot_dname_to_lower(knot_dname_t *); -char *knot_dname_to_str(char *, const knot_dname_t *, size_t); -knot_rdata_t *knot_rdataset_at(const knot_rdataset_t *, uint16_t); -int knot_rdataset_merge(knot_rdataset_t *, const knot_rdataset_t *, knot_mm_t *); -int knot_rrset_add_rdata(knot_rrset_t *, const uint8_t *, uint16_t, knot_mm_t *); -void knot_rrset_free(knot_rrset_t *, knot_mm_t *); -int knot_rrset_txt_dump(const knot_rrset_t *, char **, size_t *, const knot_dump_style_t *); -int knot_rrset_txt_dump_data(const knot_rrset_t *, const size_t, char *, const size_t, const knot_dump_style_t *); -size_t knot_rrset_size(const knot_rrset_t *); -int knot_pkt_begin(knot_pkt_t *, knot_section_t); -int knot_pkt_put_question(knot_pkt_t *, const knot_dname_t *, uint16_t, uint16_t); -int knot_pkt_put_rotate(knot_pkt_t *, uint16_t, const knot_rrset_t *, uint16_t, uint16_t); -knot_pkt_t *knot_pkt_new(void *, uint16_t, knot_mm_t *); -void knot_pkt_free(knot_pkt_t *); -int knot_pkt_parse(knot_pkt_t *, unsigned int); -knot_rrset_t *kr_request_ensure_edns(struct kr_request *); -knot_pkt_t *kr_request_ensure_answer(struct kr_request *); -int kr_request_set_extended_error(struct kr_request *, int, const char *); -struct kr_rplan *kr_resolve_plan(struct kr_request *); -knot_mm_t *kr_resolve_pool(struct kr_request *); -struct kr_query *kr_rplan_push(struct kr_rplan *, struct kr_query *, const knot_dname_t *, uint16_t, uint16_t); -int kr_rplan_pop(struct kr_rplan *, struct kr_query *); -struct kr_query *kr_rplan_resolved(struct kr_rplan *); -struct kr_query *kr_rplan_last(struct kr_rplan *); -int kr_forward_add_target(struct kr_request *, const struct sockaddr *); -_Bool kr_log_is_debug_fun(enum kr_log_group, const struct kr_request *); -void kr_log_req1(const struct kr_request * const, uint32_t, const unsigned int, enum kr_log_group, const char *, const char *, ...); -void kr_log_q1(const struct kr_query * const, enum kr_log_group, const char *, const char *, ...); -const char *kr_log_grp2name(enum kr_log_group); -void kr_log_fmt(enum kr_log_group, kr_log_level_t, const char *, const char *, const char *, const char *, ...); -int kr_make_query(struct kr_query *, knot_pkt_t *); -void kr_pkt_make_auth_header(knot_pkt_t *); -int kr_pkt_put(knot_pkt_t *, const knot_dname_t *, uint32_t, uint16_t, uint16_t, const uint8_t *, uint16_t); -int kr_pkt_recycle(knot_pkt_t *); -int kr_pkt_clear_payload(knot_pkt_t *); -_Bool kr_pkt_has_wire(const knot_pkt_t *); -_Bool kr_pkt_has_dnssec(const knot_pkt_t *); -uint16_t kr_pkt_qclass(const knot_pkt_t *); -uint16_t kr_pkt_qtype(const knot_pkt_t *); -char *kr_pkt_text(const knot_pkt_t *); -void kr_rnd_buffered(void *, unsigned int); -uint32_t kr_rrsig_sig_inception(const knot_rdata_t *); -uint32_t kr_rrsig_sig_expiration(const knot_rdata_t *); -uint16_t kr_rrsig_type_covered(const knot_rdata_t *); -const char *kr_inaddr(const struct sockaddr *); -int kr_inaddr_family(const struct sockaddr *); -int kr_inaddr_len(const struct sockaddr *); -int kr_inaddr_str(const struct sockaddr *, char *, size_t *); -int kr_sockaddr_cmp(const struct sockaddr *, const struct sockaddr *); -int kr_sockaddr_len(const struct sockaddr *); -uint16_t kr_inaddr_port(const struct sockaddr *); -int kr_straddr_family(const char *); -int kr_straddr_subnet(void *, const char *); -int kr_bitcmp(const char *, const char *, int); -int kr_family_len(int); -struct sockaddr *kr_straddr_socket(const char *, int, knot_mm_t *); -int kr_straddr_split(const char *, char * restrict, uint16_t *); -_Bool kr_rank_test(uint8_t, uint8_t); -int kr_ranked_rrarray_add(ranked_rr_array_t *, const knot_rrset_t *, uint8_t, _Bool, uint32_t, knot_mm_t *); -int kr_ranked_rrarray_finalize(ranked_rr_array_t *, uint32_t, knot_mm_t *); -void kr_qflags_set(struct kr_qflags *, struct kr_qflags); -void kr_qflags_clear(struct kr_qflags *, struct kr_qflags); -int kr_zonecut_add(struct kr_zonecut *, const knot_dname_t *, const void *, int); -_Bool kr_zonecut_is_empty(struct kr_zonecut *); -void kr_zonecut_set(struct kr_zonecut *, const knot_dname_t *); -uint64_t kr_now(void); -const char *kr_strptime_diff(const char *, const char *, const char *, double *); -time_t kr_file_mtime(const char *); -long long kr_fssize(const char *); -const char *kr_dirent_name(const struct dirent *); -void lru_free_items_impl(struct lru *); -struct lru *lru_create_impl(unsigned int, unsigned int, knot_mm_t *, knot_mm_t *); -void *lru_get_impl(struct lru *, const char *, unsigned int, unsigned int, _Bool, _Bool *); -void *mm_realloc(knot_mm_t *, void *, size_t, size_t); -knot_rrset_t *kr_ta_get(trie_t *, const knot_dname_t *); -int kr_ta_add(trie_t *, const knot_dname_t *, uint16_t, uint32_t, const uint8_t *, uint16_t); -int kr_ta_del(trie_t *, const knot_dname_t *); -void kr_ta_clear(trie_t *); -_Bool kr_dnssec_key_sep_flag(const uint8_t *); -_Bool kr_dnssec_key_revoked(const uint8_t *); -int kr_dnssec_key_tag(uint16_t, const uint8_t *, size_t); -int kr_dnssec_key_match(const uint8_t *, size_t, const uint8_t *, size_t); -int kr_cache_closest_apex(struct kr_cache *, const knot_dname_t *, _Bool, knot_dname_t **); -int kr_cache_insert_rr(struct kr_cache *, const knot_rrset_t *, const knot_rrset_t *, uint8_t, uint32_t, _Bool); -int kr_cache_remove(struct kr_cache *, const knot_dname_t *, uint16_t); -int kr_cache_remove_subtree(struct kr_cache *, const knot_dname_t *, _Bool, int); -int kr_cache_commit(struct kr_cache *); -uint32_t packet_ttl(const knot_pkt_t *); -int kr_rules_init(const char *, size_t, _Bool); -int kr_rules_commit(_Bool); -int kr_rules_reset(void); -int kr_view_insert_action(const char *, const char *, kr_proto_set, const char *); -int kr_view_select_action(const struct kr_request *, knot_db_val_t *); -int kr_rule_tag_add(const char *, kr_rule_tags_t *); -int kr_rule_local_subtree(const knot_dname_t *, enum kr_rule_sub_t, uint32_t, kr_rule_tags_t); -int kr_rule_zonefile(const struct kr_rule_zonefile_config *); -int kr_rule_forward(const knot_dname_t *, kr_rule_fwd_flags_t, const struct sockaddr **); -int kr_rule_local_address(const char *, const char *, _Bool, uint32_t, kr_rule_tags_t); -int kr_rule_local_hosts(const char *, _Bool, uint32_t, kr_rule_tags_t); -typedef struct { - int sock_type; - _Bool tls; - _Bool http; - _Bool xdp; - _Bool freebind; - const char *kind; -} endpoint_flags_t; -typedef struct { - char **at; - size_t len; - size_t cap; -} addr_array_t; -typedef struct { - int fd; - endpoint_flags_t flags; -} flagged_fd_t; -typedef struct { - flagged_fd_t *at; - size_t len; - size_t cap; -} flagged_fd_array_t; -typedef struct { - const char **at; - size_t len; - size_t cap; -} config_array_t; -struct args { - addr_array_t addrs; - addr_array_t addrs_tls; - flagged_fd_array_t fds; - int control_fd; - int forks; - config_array_t config; - const char *rundir; - _Bool interactive; - _Bool quiet; - _Bool tty_binary_output; -}; -typedef struct { - const char *zone_file; - const char *origin; - uint32_t ttl; - enum {ZI_STAMP_NOW, ZI_STAMP_MTIM} time_src; - _Bool downgrade; - _Bool zonemd; - const knot_rrset_t *ds; - zi_callback cb; - void *cb_param; -} zi_config_t; -struct args *the_args; -struct endpoint { - void *handle; - int fd; - int family; - uint16_t port; - int16_t nic_queue; - _Bool engaged; - endpoint_flags_t flags; -}; -struct request_ctx { - struct kr_request req; - struct qr_task *task; - /* beware: hidden stub, to avoid hardcoding sockaddr lengths */ -}; -struct qr_task { - struct request_ctx *ctx; - /* beware: hidden stub, to avoid qr_tasklist_t */ -}; -int worker_resolve_exec(struct qr_task *, knot_pkt_t *); -knot_pkt_t *worker_resolve_mk_pkt(const char *, uint16_t, uint16_t, const struct kr_qflags *); -struct qr_task *worker_resolve_start(knot_pkt_t *, struct kr_qflags); -int zi_zone_import(const zi_config_t); -struct engine { - char _stub[]; -}; -struct worker_ctx { - char _stub[]; -}; -struct kr_context *the_resolver; -struct worker_ctx *the_worker; -struct engine *the_engine; -typedef struct { - uint8_t *params_position; - uint8_t *mandatory_position; - uint8_t *param_position; - int32_t last_key; -} zs_svcb_t; -typedef struct { - uint8_t bitmap[32]; - uint8_t length; -} zs_win_t; -typedef struct { - uint8_t excl_flag; - uint16_t addr_family; - uint8_t prefix_length; -} zs_apl_t; -typedef struct { - uint32_t d1; - uint32_t d2; - uint32_t m1; - uint32_t m2; - uint32_t s1; - uint32_t s2; - uint32_t alt; - uint64_t siz; - uint64_t hp; - uint64_t vp; - int8_t lat_sign; - int8_t long_sign; - int8_t alt_sign; -} zs_loc_t; -typedef enum {ZS_STATE_NONE, ZS_STATE_DATA, ZS_STATE_ERROR, ZS_STATE_INCLUDE, ZS_STATE_EOF, ZS_STATE_STOP} zs_state_t; -typedef struct zs_scanner zs_scanner_t; -typedef struct zs_scanner { - int cs; - int top; - int stack[16]; - _Bool multiline; - uint64_t number64; - uint64_t number64_tmp; - uint32_t decimals; - uint32_t decimal_counter; - uint32_t item_length; - uint32_t item_length_position; - uint8_t *item_length_location; - uint8_t *item_length2_location; - uint32_t buffer_length; - uint8_t buffer[65535]; - char include_filename[65535]; - char *path; - zs_win_t windows[256]; - int16_t last_window; - zs_apl_t apl; - zs_loc_t loc; - zs_svcb_t svcb; - uint8_t addr[16]; - _Bool long_string; - _Bool comma_list; - uint8_t *dname; - uint32_t *dname_length; - uint32_t dname_tmp_length; - uint32_t r_data_tail; - uint32_t zone_origin_length; - uint8_t zone_origin[318]; - uint16_t default_class; - uint32_t default_ttl; - zs_state_t state; - struct { - _Bool automatic; - void (*record)(zs_scanner_t *); - void (*error)(zs_scanner_t *); - void (*comment)(zs_scanner_t *); - void *data; - } process; - struct { - const char *start; - const char *current; - const char *end; - _Bool eof; - _Bool mmaped; - } input; - struct { - char *name; - int descriptor; - } file; - struct { - int code; - uint64_t counter; - _Bool fatal; - } error; - uint64_t line_counter; - uint32_t r_owner_length; - uint8_t r_owner[318]; - uint16_t r_class; - uint32_t r_ttl; - uint16_t r_type; - uint32_t r_data_length; - uint8_t r_data[65535]; -} zs_scanner_t; -void zs_deinit(zs_scanner_t *); -int zs_init(zs_scanner_t *, const char *, const uint16_t, const uint32_t); -int zs_parse_record(zs_scanner_t *); -int zs_set_input_file(zs_scanner_t *, const char *); -int zs_set_input_string(zs_scanner_t *, const char *, size_t); -const char *zs_strerror(const int); -]] diff --git a/daemon/lua/kres-gen-32.lua b/daemon/lua/kres-gen-32.lua deleted file mode 100644 index c3bd0d9c..00000000 --- a/daemon/lua/kres-gen-32.lua +++ /dev/null @@ -1,698 +0,0 @@ --- SPDX-License-Identifier: GPL-3.0-or-later - -local ffi = require('ffi') ---[[ This file is generated by ./kres-gen.sh ]] ffi.cdef[[ - -typedef @time_t@ time_t; -typedef @time_t@ __time_t; -typedef @time_t@ __suseconds_t; -struct timeval { - __time_t tv_sec; - __suseconds_t tv_usec; -}; - -typedef struct knot_dump_style knot_dump_style_t; -extern const knot_dump_style_t KR_DUMP_STYLE_DEFAULT; -struct kr_cdb_api {}; -struct lru {}; -typedef enum {KNOT_ANSWER, KNOT_AUTHORITY, KNOT_ADDITIONAL} knot_section_t; -typedef struct { - uint16_t pos; - uint16_t flags; - uint16_t compress_ptr[16]; -} knot_rrinfo_t; -typedef unsigned char knot_dname_t; -typedef struct { - uint16_t len; - uint8_t data[]; -} knot_rdata_t; -typedef struct { - uint16_t count; - uint32_t size; - knot_rdata_t *rdata; -} knot_rdataset_t; -typedef struct knot_db_val { - void *data; - size_t len; -} knot_db_val_t; - -typedef struct knot_mm { - void *ctx, *alloc, *free; -} knot_mm_t; - -typedef void *(*map_alloc_f)(void *, size_t); -typedef void (*map_free_f)(void *baton, void *ptr); -typedef void (*trace_log_f) (const struct kr_request *, const char *); -typedef void (*trace_callback_f)(struct kr_request *); -typedef uint8_t * (*alloc_wire_f)(struct kr_request *req, uint16_t *maxlen); -typedef bool (*addr_info_f)(struct sockaddr*); -typedef void (*zi_callback)(int state, void *param); -typedef struct { - knot_dname_t *_owner; - uint32_t _ttl; - uint16_t type; - uint16_t rclass; - knot_rdataset_t rrs; - void *additional; -} knot_rrset_t; - -struct kr_module; -typedef char *(kr_prop_cb)(void *, struct kr_module *, const char *); -typedef unsigned char knot_dname_storage_t[255]; -typedef struct knot_pkt knot_pkt_t; -typedef struct { - uint8_t *ptr[18]; -} knot_edns_options_t; -typedef struct { - knot_pkt_t *pkt; - uint16_t pos; - uint16_t count; -} knot_pktsection_t; -typedef struct knot_compr { - uint8_t *wire; - knot_rrinfo_t *rrinfo; - struct { - uint16_t pos; - uint8_t labels; - } suffix; -} knot_compr_t; -struct knot_pkt { - uint8_t *wire; - size_t size; - size_t max_size; - size_t parsed; - uint16_t reserved; - uint16_t qname_size; - uint16_t rrset_count; - uint16_t flags; - knot_rrset_t *opt_rr; - knot_rrset_t *tsig_rr; - knot_edns_options_t *edns_opts; - struct { - uint8_t *pos; - size_t len; - } tsig_wire; - knot_section_t current; - knot_pktsection_t sections[3]; - size_t rrset_allocd; - knot_rrinfo_t *rr_info; - knot_rrset_t *rr; - knot_mm_t mm; - knot_compr_t compr; - knot_dname_storage_t lower_qname; -}; -typedef struct trie trie_t; -struct kr_qflags { - _Bool NO_MINIMIZE : 1; - _Bool NO_IPV6 : 1; - _Bool NO_IPV4 : 1; - _Bool TCP : 1; - _Bool NO_ANSWER : 1; - _Bool RESOLVED : 1; - _Bool AWAIT_IPV4 : 1; - _Bool AWAIT_IPV6 : 1; - _Bool AWAIT_CUT : 1; - _Bool NO_EDNS : 1; - _Bool CACHED : 1; - _Bool NO_CACHE : 1; - _Bool EXPIRING : 1; - _Bool ALLOW_LOCAL : 1; - _Bool DNSSEC_WANT : 1; - _Bool DNSSEC_BOGUS : 1; - _Bool DNSSEC_INSECURE : 1; - _Bool DNSSEC_CD : 1; - _Bool STUB : 1; - _Bool ALWAYS_CUT : 1; - _Bool DNSSEC_WEXPAND : 1; - _Bool PERMISSIVE : 1; - _Bool STRICT : 1; - _Bool BADCOOKIE_AGAIN : 1; - _Bool CNAME : 1; - _Bool REORDER_RR : 1; - _Bool TRACE : 1; - _Bool NO_0X20 : 1; - _Bool DNSSEC_NODS : 1; - _Bool DNSSEC_OPTOUT : 1; - _Bool NONAUTH : 1; - _Bool FORWARD : 1; - _Bool DNS64_MARK : 1; - _Bool CACHE_TRIED : 1; - _Bool NO_NS_FOUND : 1; - _Bool PKT_IS_SANE : 1; - _Bool DNS64_DISABLE : 1; - _Bool PASSTHRU_LEGACY : 1; -}; -typedef struct ranked_rr_array_entry { - uint32_t qry_uid; - uint8_t rank; - uint8_t revalidation_cnt; - _Bool cached : 1; - _Bool yielded : 1; - _Bool to_wire : 1; - _Bool expiring : 1; - _Bool in_progress : 1; - _Bool dont_cache : 1; - knot_rrset_t *rr; -} ranked_rr_array_entry_t; -typedef struct { - ranked_rr_array_entry_t **at; - size_t len; - size_t cap; -} ranked_rr_array_t; -typedef struct kr_http_header_array_entry { - char *name; - char *value; -} kr_http_header_array_entry_t; -typedef struct { - kr_http_header_array_entry_t *at; - size_t len; - size_t cap; -} kr_http_header_array_t; -typedef struct { - union kr_sockaddr *at; - size_t len; - size_t cap; -} kr_sockaddr_array_t; -struct kr_zonecut { - knot_dname_t *name; - knot_rrset_t *key; - knot_rrset_t *trust_anchor; - struct kr_zonecut *parent; - trie_t *nsset; - knot_mm_t *pool; - _Bool avoid_resolving; -}; -typedef struct { - struct kr_query **at; - size_t len; - size_t cap; -} kr_qarray_t; -struct kr_rplan { - kr_qarray_t pending; - kr_qarray_t resolved; - struct kr_query *initial; - struct kr_request *request; - knot_mm_t *pool; - uint32_t next_uid; -}; -struct kr_request_qsource_flags { - _Bool tcp : 1; - _Bool tls : 1; - _Bool http : 1; - _Bool xdp : 1; -}; -typedef unsigned long kr_rule_tags_t; -struct kr_rule_zonefile_config { - const char *filename; - const char *input_str; - size_t input_len; - _Bool is_rpz; - _Bool nodata; - kr_rule_tags_t tags; - const char *origin; - uint32_t ttl; -}; -struct kr_rule_fwd_flags { - _Bool is_auth : 1; - _Bool is_tcp : 1; - _Bool is_nods : 1; -}; -typedef struct kr_rule_fwd_flags kr_rule_fwd_flags_t; -struct kr_extended_error { - int32_t info_code; - const char *extra_text; -}; -struct kr_request { - struct kr_context *ctx; - knot_pkt_t *answer; - struct kr_query *current_query; - struct { - const struct sockaddr *addr; - const struct sockaddr *comm_addr; - const struct sockaddr *dst_addr; - const knot_pkt_t *packet; - struct kr_request_qsource_flags flags; - struct kr_request_qsource_flags comm_flags; - size_t size; - int32_t stream_id; - kr_http_header_array_t headers; - } qsource; - struct { - unsigned int rtt; - const struct kr_transport *transport; - } upstream; - struct kr_qflags options; - int state; - ranked_rr_array_t answ_selected; - ranked_rr_array_t auth_selected; - ranked_rr_array_t add_selected; - _Bool answ_validated; - _Bool auth_validated; - uint8_t rank; - struct kr_rplan rplan; - trace_log_f trace_log; - trace_callback_f trace_finish; - int vars_ref; - knot_mm_t pool; - unsigned int uid; - struct { - addr_info_f is_tls_capable; - addr_info_f is_tcp_connected; - addr_info_f is_tcp_waiting; - kr_sockaddr_array_t forwarding_targets; - } selection_context; - unsigned int count_no_nsaddr; - unsigned int count_fail_row; - alloc_wire_f alloc_wire_cb; - kr_rule_tags_t rule_tags; - struct kr_extended_error extended_error; -}; -enum kr_rank {KR_RANK_INITIAL, KR_RANK_OMIT, KR_RANK_TRY, KR_RANK_INDET = 4, KR_RANK_BOGUS, KR_RANK_MISMATCH, KR_RANK_MISSING, KR_RANK_INSECURE, KR_RANK_AUTH = 16, KR_RANK_SECURE = 32}; -typedef struct kr_cdb * kr_cdb_pt; -struct kr_cdb_stats { - uint64_t open; - uint64_t close; - uint64_t count; - uint64_t count_entries; - uint64_t clear; - uint64_t commit; - uint64_t read; - uint64_t read_miss; - uint64_t write; - uint64_t remove; - uint64_t remove_miss; - uint64_t match; - uint64_t match_miss; - uint64_t read_leq; - uint64_t read_leq_miss; - uint64_t read_less; - double usage_percent; -}; -typedef struct uv_timer_s uv_timer_t; -struct kr_cache { - kr_cdb_pt db; - const struct kr_cdb_api *api; - struct kr_cdb_stats stats; - uint32_t ttl_min; - uint32_t ttl_max; - struct timeval checkpoint_walltime; - uint64_t checkpoint_monotime; - uv_timer_t *health_timer; -}; -typedef struct kr_layer { - int state; - struct kr_request *req; - const struct kr_layer_api *api; - knot_pkt_t *pkt; - struct sockaddr *dst; - _Bool is_stream; -} kr_layer_t; -typedef struct kr_layer_api { - int (*begin)(kr_layer_t *); - int (*reset)(kr_layer_t *); - int (*finish)(kr_layer_t *); - int (*consume)(kr_layer_t *, knot_pkt_t *); - int (*produce)(kr_layer_t *, knot_pkt_t *); - int (*checkout)(kr_layer_t *, knot_pkt_t *, struct sockaddr *, int); - int (*answer_finalize)(kr_layer_t *); - void *data; - int cb_slots[]; -} kr_layer_api_t; -struct kr_prop { - kr_prop_cb *cb; - const char *name; - const char *info; -}; -struct kr_module { - char *name; - int (*init)(struct kr_module *); - int (*deinit)(struct kr_module *); - int (*config)(struct kr_module *, const char *); - const kr_layer_api_t *layer; - const struct kr_prop *props; - void *lib; - void *data; -}; -struct kr_server_selection { - _Bool initialized; - void (*choose_transport)(struct kr_query *, struct kr_transport **); - void (*update_rtt)(struct kr_query *, const struct kr_transport *, unsigned int); - void (*error)(struct kr_query *, const struct kr_transport *, enum kr_selection_error); - struct local_state *local_state; -}; -typedef int kr_log_level_t; -enum kr_log_group {LOG_GRP_UNKNOWN = -1, LOG_GRP_SYSTEM = 1, LOG_GRP_CACHE, LOG_GRP_IO, LOG_GRP_NETWORK, LOG_GRP_TA, LOG_GRP_TLS, LOG_GRP_GNUTLS, LOG_GRP_TLSCLIENT, LOG_GRP_XDP, LOG_GRP_DOH, LOG_GRP_DNSSEC, LOG_GRP_HINT, LOG_GRP_PLAN, LOG_GRP_ITERATOR, LOG_GRP_VALIDATOR, LOG_GRP_RESOLVER, LOG_GRP_SELECTION, LOG_GRP_ZCUT, LOG_GRP_COOKIES, LOG_GRP_STATISTICS, LOG_GRP_REBIND, LOG_GRP_WORKER, LOG_GRP_POLICY, LOG_GRP_TASENTINEL, LOG_GRP_TASIGNALING, LOG_GRP_TAUPDATE, LOG_GRP_DAF, LOG_GRP_DETECTTIMEJUMP, LOG_GRP_DETECTTIMESKEW, LOG_GRP_GRAPHITE, LOG_GRP_PREFILL, LOG_GRP_PRIMING, LOG_GRP_SRVSTALE, LOG_GRP_WATCHDOG, LOG_GRP_NSID, LOG_GRP_DNSTAP, LOG_GRP_TESTS, LOG_GRP_DOTAUTH, LOG_GRP_HTTP, LOG_GRP_CONTROL, LOG_GRP_MODULE, LOG_GRP_DEVEL, LOG_GRP_RENUMBER, LOG_GRP_EDE, LOG_GRP_RULES, LOG_GRP_PROTOLAYER, LOG_GRP_REQDBG}; -struct kr_query_data_src { - _Bool initialized; - _Bool all_set; - uint8_t rule_depth; - kr_rule_fwd_flags_t flags; - knot_db_val_t targets_ptr; -}; -enum kr_rule_sub_t {KR_RULE_SUB_EMPTY = 1, KR_RULE_SUB_NXDOMAIN, KR_RULE_SUB_NODATA, KR_RULE_SUB_REDIRECT}; -enum kr_proto {KR_PROTO_INTERNAL, KR_PROTO_UDP53, KR_PROTO_TCP53, KR_PROTO_DOT, KR_PROTO_DOH, KR_PROTO_DOQ, KR_PROTO_COUNT}; -typedef unsigned char kr_proto_set; -kr_layer_t kr_layer_t_static; -_Bool kr_dbg_assertion_abort; -int kr_dbg_assertion_fork; -const uint32_t KR_RULE_TTL_DEFAULT; - -typedef int32_t (*kr_stale_cb)(int32_t ttl, const knot_dname_t *owner, uint16_t type, - const struct kr_query *qry); - -void kr_rrset_init(knot_rrset_t *rrset, knot_dname_t *owner, - uint16_t type, uint16_t rclass, uint32_t ttl); -struct kr_query { - struct kr_query *parent; - knot_dname_t *sname; - uint16_t stype; - uint16_t sclass; - uint16_t id; - uint16_t reorder; - struct kr_qflags flags; - struct kr_qflags forward_flags; - uint32_t secret; - uint32_t uid; - int32_t vld_limit_crypto_remains; - uint32_t vld_limit_uid; - uint64_t creation_time_mono; - uint64_t timestamp_mono; - struct timeval timestamp; - struct kr_zonecut zone_cut; - struct kr_layer_pickle *deferred; - struct kr_query_data_src data_src; - int8_t cname_depth; - struct kr_query *cname_parent; - struct kr_request *request; - kr_stale_cb stale_cb; - struct kr_server_selection server_selection; -}; -struct kr_context { - struct kr_qflags options; - knot_rrset_t *downstream_opt_rr; - knot_rrset_t *upstream_opt_rr; - trie_t *trust_anchors; - trie_t *negative_anchors; - int32_t vld_limit_crypto; - struct kr_zonecut root_hints; - struct kr_cache cache; - unsigned int cache_rtt_tout_retry_interval; - char _stub[]; -}; -struct kr_transport { - knot_dname_t *ns_name; - /* beware: hidden stub, to avoid hardcoding sockaddr lengths */ -}; -const char *knot_strerror(int); -knot_dname_t *knot_dname_copy(const knot_dname_t *, knot_mm_t *); -knot_dname_t *knot_dname_from_str(uint8_t *, const char *, size_t); -int knot_dname_in_bailiwick(const knot_dname_t *, const knot_dname_t *); -_Bool knot_dname_is_equal(const knot_dname_t *, const knot_dname_t *); -size_t knot_dname_labels(const uint8_t *, const uint8_t *); -size_t knot_dname_size(const knot_dname_t *); -void knot_dname_to_lower(knot_dname_t *); -char *knot_dname_to_str(char *, const knot_dname_t *, size_t); -knot_rdata_t *knot_rdataset_at(const knot_rdataset_t *, uint16_t); -int knot_rdataset_merge(knot_rdataset_t *, const knot_rdataset_t *, knot_mm_t *); -int knot_rrset_add_rdata(knot_rrset_t *, const uint8_t *, uint16_t, knot_mm_t *); -void knot_rrset_free(knot_rrset_t *, knot_mm_t *); -int knot_rrset_txt_dump(const knot_rrset_t *, char **, size_t *, const knot_dump_style_t *); -int knot_rrset_txt_dump_data(const knot_rrset_t *, const size_t, char *, const size_t, const knot_dump_style_t *); -size_t knot_rrset_size(const knot_rrset_t *); -int knot_pkt_begin(knot_pkt_t *, knot_section_t); -int knot_pkt_put_question(knot_pkt_t *, const knot_dname_t *, uint16_t, uint16_t); -int knot_pkt_put_rotate(knot_pkt_t *, uint16_t, const knot_rrset_t *, uint16_t, uint16_t); -knot_pkt_t *knot_pkt_new(void *, uint16_t, knot_mm_t *); -void knot_pkt_free(knot_pkt_t *); -int knot_pkt_parse(knot_pkt_t *, unsigned int); -knot_rrset_t *kr_request_ensure_edns(struct kr_request *); -knot_pkt_t *kr_request_ensure_answer(struct kr_request *); -int kr_request_set_extended_error(struct kr_request *, int, const char *); -struct kr_rplan *kr_resolve_plan(struct kr_request *); -knot_mm_t *kr_resolve_pool(struct kr_request *); -struct kr_query *kr_rplan_push(struct kr_rplan *, struct kr_query *, const knot_dname_t *, uint16_t, uint16_t); -int kr_rplan_pop(struct kr_rplan *, struct kr_query *); -struct kr_query *kr_rplan_resolved(struct kr_rplan *); -struct kr_query *kr_rplan_last(struct kr_rplan *); -int kr_forward_add_target(struct kr_request *, const struct sockaddr *); -_Bool kr_log_is_debug_fun(enum kr_log_group, const struct kr_request *); -void kr_log_req1(const struct kr_request * const, uint32_t, const unsigned int, enum kr_log_group, const char *, const char *, ...); -void kr_log_q1(const struct kr_query * const, enum kr_log_group, const char *, const char *, ...); -const char *kr_log_grp2name(enum kr_log_group); -void kr_log_fmt(enum kr_log_group, kr_log_level_t, const char *, const char *, const char *, const char *, ...); -int kr_make_query(struct kr_query *, knot_pkt_t *); -void kr_pkt_make_auth_header(knot_pkt_t *); -int kr_pkt_put(knot_pkt_t *, const knot_dname_t *, uint32_t, uint16_t, uint16_t, const uint8_t *, uint16_t); -int kr_pkt_recycle(knot_pkt_t *); -int kr_pkt_clear_payload(knot_pkt_t *); -_Bool kr_pkt_has_wire(const knot_pkt_t *); -_Bool kr_pkt_has_dnssec(const knot_pkt_t *); -uint16_t kr_pkt_qclass(const knot_pkt_t *); -uint16_t kr_pkt_qtype(const knot_pkt_t *); -char *kr_pkt_text(const knot_pkt_t *); -void kr_rnd_buffered(void *, unsigned int); -uint32_t kr_rrsig_sig_inception(const knot_rdata_t *); -uint32_t kr_rrsig_sig_expiration(const knot_rdata_t *); -uint16_t kr_rrsig_type_covered(const knot_rdata_t *); -const char *kr_inaddr(const struct sockaddr *); -int kr_inaddr_family(const struct sockaddr *); -int kr_inaddr_len(const struct sockaddr *); -int kr_inaddr_str(const struct sockaddr *, char *, size_t *); -int kr_sockaddr_cmp(const struct sockaddr *, const struct sockaddr *); -int kr_sockaddr_len(const struct sockaddr *); -uint16_t kr_inaddr_port(const struct sockaddr *); -int kr_straddr_family(const char *); -int kr_straddr_subnet(void *, const char *); -int kr_bitcmp(const char *, const char *, int); -int kr_family_len(int); -struct sockaddr *kr_straddr_socket(const char *, int, knot_mm_t *); -int kr_straddr_split(const char *, char * restrict, uint16_t *); -_Bool kr_rank_test(uint8_t, uint8_t); -int kr_ranked_rrarray_add(ranked_rr_array_t *, const knot_rrset_t *, uint8_t, _Bool, uint32_t, knot_mm_t *); -int kr_ranked_rrarray_finalize(ranked_rr_array_t *, uint32_t, knot_mm_t *); -void kr_qflags_set(struct kr_qflags *, struct kr_qflags); -void kr_qflags_clear(struct kr_qflags *, struct kr_qflags); -int kr_zonecut_add(struct kr_zonecut *, const knot_dname_t *, const void *, int); -_Bool kr_zonecut_is_empty(struct kr_zonecut *); -void kr_zonecut_set(struct kr_zonecut *, const knot_dname_t *); -uint64_t kr_now(void); -const char *kr_strptime_diff(const char *, const char *, const char *, double *); -time_t kr_file_mtime(const char *); -long long kr_fssize(const char *); -const char *kr_dirent_name(const struct dirent *); -void lru_free_items_impl(struct lru *); -struct lru *lru_create_impl(unsigned int, unsigned int, knot_mm_t *, knot_mm_t *); -void *lru_get_impl(struct lru *, const char *, unsigned int, unsigned int, _Bool, _Bool *); -void *mm_realloc(knot_mm_t *, void *, size_t, size_t); -knot_rrset_t *kr_ta_get(trie_t *, const knot_dname_t *); -int kr_ta_add(trie_t *, const knot_dname_t *, uint16_t, uint32_t, const uint8_t *, uint16_t); -int kr_ta_del(trie_t *, const knot_dname_t *); -void kr_ta_clear(trie_t *); -_Bool kr_dnssec_key_sep_flag(const uint8_t *); -_Bool kr_dnssec_key_revoked(const uint8_t *); -int kr_dnssec_key_tag(uint16_t, const uint8_t *, size_t); -int kr_dnssec_key_match(const uint8_t *, size_t, const uint8_t *, size_t); -int kr_cache_closest_apex(struct kr_cache *, const knot_dname_t *, _Bool, knot_dname_t **); -int kr_cache_insert_rr(struct kr_cache *, const knot_rrset_t *, const knot_rrset_t *, uint8_t, uint32_t, _Bool); -int kr_cache_remove(struct kr_cache *, const knot_dname_t *, uint16_t); -int kr_cache_remove_subtree(struct kr_cache *, const knot_dname_t *, _Bool, int); -int kr_cache_commit(struct kr_cache *); -uint32_t packet_ttl(const knot_pkt_t *); -int kr_rules_init(const char *, size_t, _Bool); -int kr_rules_commit(_Bool); -int kr_rules_reset(void); -int kr_view_insert_action(const char *, const char *, kr_proto_set, const char *); -int kr_view_select_action(const struct kr_request *, knot_db_val_t *); -int kr_rule_tag_add(const char *, kr_rule_tags_t *); -int kr_rule_local_subtree(const knot_dname_t *, enum kr_rule_sub_t, uint32_t, kr_rule_tags_t); -int kr_rule_zonefile(const struct kr_rule_zonefile_config *); -int kr_rule_forward(const knot_dname_t *, kr_rule_fwd_flags_t, const struct sockaddr **); -int kr_rule_local_address(const char *, const char *, _Bool, uint32_t, kr_rule_tags_t); -int kr_rule_local_hosts(const char *, _Bool, uint32_t, kr_rule_tags_t); -typedef struct { - int sock_type; - _Bool tls; - _Bool http; - _Bool xdp; - _Bool freebind; - const char *kind; -} endpoint_flags_t; -typedef struct { - char **at; - size_t len; - size_t cap; -} addr_array_t; -typedef struct { - int fd; - endpoint_flags_t flags; -} flagged_fd_t; -typedef struct { - flagged_fd_t *at; - size_t len; - size_t cap; -} flagged_fd_array_t; -typedef struct { - const char **at; - size_t len; - size_t cap; -} config_array_t; -struct args { - addr_array_t addrs; - addr_array_t addrs_tls; - flagged_fd_array_t fds; - int control_fd; - int forks; - config_array_t config; - const char *rundir; - _Bool interactive; - _Bool quiet; - _Bool tty_binary_output; -}; -typedef struct { - const char *zone_file; - const char *origin; - uint32_t ttl; - enum {ZI_STAMP_NOW, ZI_STAMP_MTIM} time_src; - _Bool downgrade; - _Bool zonemd; - const knot_rrset_t *ds; - zi_callback cb; - void *cb_param; -} zi_config_t; -struct args *the_args; -struct endpoint { - void *handle; - int fd; - int family; - uint16_t port; - int16_t nic_queue; - _Bool engaged; - endpoint_flags_t flags; -}; -struct request_ctx { - struct kr_request req; - struct qr_task *task; - /* beware: hidden stub, to avoid hardcoding sockaddr lengths */ -}; -struct qr_task { - struct request_ctx *ctx; - /* beware: hidden stub, to avoid qr_tasklist_t */ -}; -int worker_resolve_exec(struct qr_task *, knot_pkt_t *); -knot_pkt_t *worker_resolve_mk_pkt(const char *, uint16_t, uint16_t, const struct kr_qflags *); -struct qr_task *worker_resolve_start(knot_pkt_t *, struct kr_qflags); -int zi_zone_import(const zi_config_t); -struct engine { - char _stub[]; -}; -struct worker_ctx { - char _stub[]; -}; -struct kr_context *the_resolver; -struct worker_ctx *the_worker; -struct engine *the_engine; -typedef struct { - uint8_t *params_position; - uint8_t *mandatory_position; - uint8_t *param_position; - int32_t last_key; -} zs_svcb_t; -typedef struct { - uint8_t bitmap[32]; - uint8_t length; -} zs_win_t; -typedef struct { - uint8_t excl_flag; - uint16_t addr_family; - uint8_t prefix_length; -} zs_apl_t; -typedef struct { - uint32_t d1; - uint32_t d2; - uint32_t m1; - uint32_t m2; - uint32_t s1; - uint32_t s2; - uint32_t alt; - uint64_t siz; - uint64_t hp; - uint64_t vp; - int8_t lat_sign; - int8_t long_sign; - int8_t alt_sign; -} zs_loc_t; -typedef enum {ZS_STATE_NONE, ZS_STATE_DATA, ZS_STATE_ERROR, ZS_STATE_INCLUDE, ZS_STATE_EOF, ZS_STATE_STOP} zs_state_t; -typedef struct zs_scanner zs_scanner_t; -typedef struct zs_scanner { - int cs; - int top; - int stack[16]; - _Bool multiline; - uint64_t number64; - uint64_t number64_tmp; - uint32_t decimals; - uint32_t decimal_counter; - uint32_t item_length; - uint32_t item_length_position; - uint8_t *item_length_location; - uint8_t *item_length2_location; - uint32_t buffer_length; - uint8_t buffer[65535]; - char include_filename[65535]; - char *path; - zs_win_t windows[256]; - int16_t last_window; - zs_apl_t apl; - zs_loc_t loc; - zs_svcb_t svcb; - uint8_t addr[16]; - _Bool long_string; - _Bool comma_list; - uint8_t *dname; - uint32_t *dname_length; - uint32_t dname_tmp_length; - uint32_t r_data_tail; - uint32_t zone_origin_length; - uint8_t zone_origin[318]; - uint16_t default_class; - uint32_t default_ttl; - zs_state_t state; - struct { - _Bool automatic; - void (*record)(zs_scanner_t *); - void (*error)(zs_scanner_t *); - void (*comment)(zs_scanner_t *); - void *data; - } process; - struct { - const char *start; - const char *current; - const char *end; - _Bool eof; - _Bool mmaped; - } input; - struct { - char *name; - int descriptor; - } file; - struct { - int code; - uint64_t counter; - _Bool fatal; - } error; - uint64_t line_counter; - uint32_t r_owner_length; - uint8_t r_owner[318]; - uint16_t r_class; - uint32_t r_ttl; - uint16_t r_type; - uint32_t r_data_length; - uint8_t r_data[65535]; -} zs_scanner_t; -void zs_deinit(zs_scanner_t *); -int zs_init(zs_scanner_t *, const char *, const uint16_t, const uint32_t); -int zs_parse_record(zs_scanner_t *); -int zs_set_input_file(zs_scanner_t *, const char *); -int zs_set_input_string(zs_scanner_t *, const char *, size_t); -const char *zs_strerror(const int); -]] diff --git a/daemon/lua/kres-gen-33.lua b/daemon/lua/kres-gen-33.lua new file mode 100644 index 00000000..77e69f2c --- /dev/null +++ b/daemon/lua/kres-gen-33.lua @@ -0,0 +1,699 @@ +-- SPDX-License-Identifier: GPL-3.0-or-later + +local ffi = require('ffi') +--[[ This file is generated by ./kres-gen.sh ]] ffi.cdef[[ + +typedef @time_t@ time_t; +typedef @time_t@ __time_t; +typedef @time_t@ __suseconds_t; +struct timeval { + __time_t tv_sec; + __suseconds_t tv_usec; +}; + +typedef struct knot_dump_style knot_dump_style_t; +extern const knot_dump_style_t KR_DUMP_STYLE_DEFAULT; +struct kr_cdb_api {}; +struct lru {}; +typedef enum {KNOT_ANSWER, KNOT_AUTHORITY, KNOT_ADDITIONAL} knot_section_t; +typedef struct { + uint16_t pos; + uint16_t flags; + uint16_t compress_ptr[16]; +} knot_rrinfo_t; +typedef unsigned char knot_dname_t; +typedef struct { + uint16_t len; + uint8_t data[]; +} knot_rdata_t; +typedef struct { + uint16_t count; + uint32_t size; + knot_rdata_t *rdata; +} knot_rdataset_t; +typedef struct knot_db_val { + void *data; + size_t len; +} knot_db_val_t; + +typedef struct knot_mm { + void *ctx, *alloc, *free; +} knot_mm_t; + +typedef void *(*map_alloc_f)(void *, size_t); +typedef void (*map_free_f)(void *baton, void *ptr); +typedef void (*trace_log_f) (const struct kr_request *, const char *); +typedef void (*trace_callback_f)(struct kr_request *); +typedef uint8_t * (*alloc_wire_f)(struct kr_request *req, uint16_t *maxlen); +typedef bool (*addr_info_f)(struct sockaddr*); +typedef void (*zi_callback)(int state, void *param); +typedef struct { + knot_dname_t *_owner; + uint32_t _ttl; + uint16_t type; + uint16_t rclass; + knot_rdataset_t rrs; + void *additional; +} knot_rrset_t; + +struct kr_module; +typedef char *(kr_prop_cb)(void *, struct kr_module *, const char *); +typedef unsigned char knot_dname_storage_t[255]; +typedef struct knot_pkt knot_pkt_t; +typedef struct { + uint8_t *ptr[18]; +} knot_edns_options_t; +typedef struct { + knot_pkt_t *pkt; + uint16_t pos; + uint16_t count; +} knot_pktsection_t; +typedef struct knot_compr { + uint8_t *wire; + knot_rrinfo_t *rrinfo; + struct { + uint16_t pos; + uint8_t labels; + } suffix; +} knot_compr_t; +struct knot_pkt { + uint8_t *wire; + size_t size; + size_t max_size; + size_t parsed; + uint16_t reserved; + uint16_t qname_size; + uint16_t rrset_count; + uint16_t flags; + knot_rrset_t *opt_rr; + knot_rrset_t *tsig_rr; + knot_edns_options_t *edns_opts; + struct { + uint8_t *pos; + size_t len; + } tsig_wire; + knot_section_t current; + knot_pktsection_t sections[3]; + size_t rrset_allocd; + knot_rrinfo_t *rr_info; + knot_rrset_t *rr; + knot_mm_t mm; + knot_compr_t compr; + knot_dname_storage_t lower_qname; +}; +typedef struct trie trie_t; +struct kr_qflags { + _Bool NO_MINIMIZE : 1; + _Bool NO_IPV6 : 1; + _Bool NO_IPV4 : 1; + _Bool TCP : 1; + _Bool NO_ANSWER : 1; + _Bool RESOLVED : 1; + _Bool AWAIT_IPV4 : 1; + _Bool AWAIT_IPV6 : 1; + _Bool AWAIT_CUT : 1; + _Bool NO_EDNS : 1; + _Bool CACHED : 1; + _Bool NO_CACHE : 1; + _Bool EXPIRING : 1; + _Bool ALLOW_LOCAL : 1; + _Bool DNSSEC_WANT : 1; + _Bool DNSSEC_BOGUS : 1; + _Bool DNSSEC_INSECURE : 1; + _Bool DNSSEC_CD : 1; + _Bool STUB : 1; + _Bool ALWAYS_CUT : 1; + _Bool DNSSEC_WEXPAND : 1; + _Bool PERMISSIVE : 1; + _Bool STRICT : 1; + _Bool BADCOOKIE_AGAIN : 1; + _Bool CNAME : 1; + _Bool REORDER_RR : 1; + _Bool TRACE : 1; + _Bool NO_0X20 : 1; + _Bool DNSSEC_NODS : 1; + _Bool DNSSEC_OPTOUT : 1; + _Bool NONAUTH : 1; + _Bool FORWARD : 1; + _Bool DNS64_MARK : 1; + _Bool CACHE_TRIED : 1; + _Bool NO_NS_FOUND : 1; + _Bool PKT_IS_SANE : 1; + _Bool DNS64_DISABLE : 1; + _Bool PASSTHRU_LEGACY : 1; +}; +typedef struct ranked_rr_array_entry { + uint32_t qry_uid; + uint8_t rank; + uint8_t revalidation_cnt; + _Bool cached : 1; + _Bool yielded : 1; + _Bool to_wire : 1; + _Bool expiring : 1; + _Bool in_progress : 1; + _Bool dont_cache : 1; + knot_rrset_t *rr; +} ranked_rr_array_entry_t; +typedef struct { + ranked_rr_array_entry_t **at; + size_t len; + size_t cap; +} ranked_rr_array_t; +typedef struct kr_http_header_array_entry { + char *name; + char *value; +} kr_http_header_array_entry_t; +typedef struct { + kr_http_header_array_entry_t *at; + size_t len; + size_t cap; +} kr_http_header_array_t; +typedef struct { + union kr_sockaddr *at; + size_t len; + size_t cap; +} kr_sockaddr_array_t; +struct kr_zonecut { + knot_dname_t *name; + knot_rrset_t *key; + knot_rrset_t *trust_anchor; + struct kr_zonecut *parent; + trie_t *nsset; + knot_mm_t *pool; + _Bool avoid_resolving; +}; +typedef struct { + struct kr_query **at; + size_t len; + size_t cap; +} kr_qarray_t; +struct kr_rplan { + kr_qarray_t pending; + kr_qarray_t resolved; + struct kr_query *initial; + struct kr_request *request; + knot_mm_t *pool; + uint32_t next_uid; +}; +struct kr_request_qsource_flags { + _Bool tcp : 1; + _Bool tls : 1; + _Bool http : 1; + _Bool xdp : 1; +}; +typedef unsigned long kr_rule_tags_t; +struct kr_rule_zonefile_config { + const char *filename; + const char *input_str; + size_t input_len; + _Bool is_rpz; + _Bool nodata; + kr_rule_tags_t tags; + const char *origin; + uint32_t ttl; +}; +struct kr_rule_fwd_flags { + _Bool is_auth : 1; + _Bool is_tcp : 1; + _Bool is_nods : 1; +}; +typedef struct kr_rule_fwd_flags kr_rule_fwd_flags_t; +struct kr_extended_error { + int32_t info_code; + const char *extra_text; +}; +struct kr_request { + struct kr_context *ctx; + knot_pkt_t *answer; + struct kr_query *current_query; + struct { + const struct sockaddr *addr; + const struct sockaddr *comm_addr; + const struct sockaddr *dst_addr; + const knot_pkt_t *packet; + struct kr_request_qsource_flags flags; + struct kr_request_qsource_flags comm_flags; + size_t size; + int32_t stream_id; + kr_http_header_array_t headers; + } qsource; + struct { + unsigned int rtt; + const struct kr_transport *transport; + } upstream; + struct kr_qflags options; + int state; + ranked_rr_array_t answ_selected; + ranked_rr_array_t auth_selected; + ranked_rr_array_t add_selected; + _Bool answ_validated; + _Bool auth_validated; + uint8_t rank; + struct kr_rplan rplan; + trace_log_f trace_log; + trace_callback_f trace_finish; + int vars_ref; + knot_mm_t pool; + unsigned int uid; + struct { + addr_info_f is_tls_capable; + addr_info_f is_tcp_connected; + addr_info_f is_tcp_waiting; + kr_sockaddr_array_t forwarding_targets; + } selection_context; + unsigned int count_no_nsaddr; + unsigned int count_fail_row; + alloc_wire_f alloc_wire_cb; + kr_rule_tags_t rule_tags; + struct kr_extended_error extended_error; +}; +enum kr_rank {KR_RANK_INITIAL, KR_RANK_OMIT, KR_RANK_TRY, KR_RANK_INDET = 4, KR_RANK_BOGUS, KR_RANK_MISMATCH, KR_RANK_MISSING, KR_RANK_INSECURE, KR_RANK_AUTH = 16, KR_RANK_SECURE = 32}; +typedef struct kr_cdb * kr_cdb_pt; +struct kr_cdb_stats { + uint64_t open; + uint64_t close; + uint64_t count; + uint64_t count_entries; + uint64_t clear; + uint64_t commit; + uint64_t read; + uint64_t read_miss; + uint64_t write; + uint64_t remove; + uint64_t remove_miss; + uint64_t match; + uint64_t match_miss; + uint64_t read_leq; + uint64_t read_leq_miss; + uint64_t read_less; + double usage_percent; +}; +typedef struct uv_timer_s uv_timer_t; +struct kr_cache { + kr_cdb_pt db; + const struct kr_cdb_api *api; + struct kr_cdb_stats stats; + uint32_t ttl_min; + uint32_t ttl_max; + struct timeval checkpoint_walltime; + uint64_t checkpoint_monotime; + uv_timer_t *health_timer; +}; +typedef struct kr_layer { + int state; + struct kr_request *req; + const struct kr_layer_api *api; + knot_pkt_t *pkt; + struct sockaddr *dst; + _Bool is_stream; +} kr_layer_t; +typedef struct kr_layer_api { + int (*begin)(kr_layer_t *); + int (*reset)(kr_layer_t *); + int (*finish)(kr_layer_t *); + int (*consume)(kr_layer_t *, knot_pkt_t *); + int (*produce)(kr_layer_t *, knot_pkt_t *); + int (*checkout)(kr_layer_t *, knot_pkt_t *, struct sockaddr *, int); + int (*answer_finalize)(kr_layer_t *); + void *data; + int cb_slots[]; +} kr_layer_api_t; +struct kr_prop { + kr_prop_cb *cb; + const char *name; + const char *info; +}; +struct kr_module { + char *name; + int (*init)(struct kr_module *); + int (*deinit)(struct kr_module *); + int (*config)(struct kr_module *, const char *); + const kr_layer_api_t *layer; + const struct kr_prop *props; + void *lib; + void *data; +}; +struct kr_server_selection { + _Bool initialized; + void (*choose_transport)(struct kr_query *, struct kr_transport **); + void (*update_rtt)(struct kr_query *, const struct kr_transport *, unsigned int); + void (*error)(struct kr_query *, const struct kr_transport *, enum kr_selection_error); + struct local_state *local_state; +}; +typedef int kr_log_level_t; +enum kr_log_group {LOG_GRP_UNKNOWN = -1, LOG_GRP_SYSTEM = 1, LOG_GRP_CACHE, LOG_GRP_IO, LOG_GRP_NETWORK, LOG_GRP_TA, LOG_GRP_TLS, LOG_GRP_GNUTLS, LOG_GRP_TLSCLIENT, LOG_GRP_XDP, LOG_GRP_DOH, LOG_GRP_DNSSEC, LOG_GRP_HINT, LOG_GRP_PLAN, LOG_GRP_ITERATOR, LOG_GRP_VALIDATOR, LOG_GRP_RESOLVER, LOG_GRP_SELECTION, LOG_GRP_ZCUT, LOG_GRP_COOKIES, LOG_GRP_STATISTICS, LOG_GRP_REBIND, LOG_GRP_WORKER, LOG_GRP_POLICY, LOG_GRP_TASENTINEL, LOG_GRP_TASIGNALING, LOG_GRP_TAUPDATE, LOG_GRP_DAF, LOG_GRP_DETECTTIMEJUMP, LOG_GRP_DETECTTIMESKEW, LOG_GRP_GRAPHITE, LOG_GRP_PREFILL, LOG_GRP_PRIMING, LOG_GRP_SRVSTALE, LOG_GRP_WATCHDOG, LOG_GRP_NSID, LOG_GRP_DNSTAP, LOG_GRP_TESTS, LOG_GRP_DOTAUTH, LOG_GRP_HTTP, LOG_GRP_CONTROL, LOG_GRP_MODULE, LOG_GRP_DEVEL, LOG_GRP_RENUMBER, LOG_GRP_EDE, LOG_GRP_RULES, LOG_GRP_PROTOLAYER, LOG_GRP_REQDBG}; +struct kr_query_data_src { + _Bool initialized; + _Bool all_set; + uint8_t rule_depth; + kr_rule_fwd_flags_t flags; + knot_db_val_t targets_ptr; +}; +enum kr_rule_sub_t {KR_RULE_SUB_EMPTY = 1, KR_RULE_SUB_NXDOMAIN, KR_RULE_SUB_NODATA, KR_RULE_SUB_REDIRECT}; +enum kr_proto {KR_PROTO_INTERNAL, KR_PROTO_UDP53, KR_PROTO_TCP53, KR_PROTO_DOT, KR_PROTO_DOH, KR_PROTO_DOQ, KR_PROTO_COUNT}; +typedef unsigned char kr_proto_set; +kr_layer_t kr_layer_t_static; +_Bool kr_dbg_assertion_abort; +int kr_dbg_assertion_fork; +const uint32_t KR_RULE_TTL_DEFAULT; + +typedef int32_t (*kr_stale_cb)(int32_t ttl, const knot_dname_t *owner, uint16_t type, + const struct kr_query *qry); + +void kr_rrset_init(knot_rrset_t *rrset, knot_dname_t *owner, + uint16_t type, uint16_t rclass, uint32_t ttl); +struct kr_query { + struct kr_query *parent; + knot_dname_t *sname; + uint16_t stype; + uint16_t sclass; + uint16_t id; + uint16_t reorder; + struct kr_qflags flags; + struct kr_qflags forward_flags; + uint32_t secret; + uint32_t uid; + int32_t vld_limit_crypto_remains; + uint32_t vld_limit_uid; + uint64_t creation_time_mono; + uint64_t timestamp_mono; + struct timeval timestamp; + struct kr_zonecut zone_cut; + struct kr_layer_pickle *deferred; + struct kr_query_data_src data_src; + int8_t cname_depth; + struct kr_query *cname_parent; + struct kr_request *request; + kr_stale_cb stale_cb; + struct kr_server_selection server_selection; +}; +struct kr_context { + struct kr_qflags options; + knot_rrset_t *downstream_opt_rr; + knot_rrset_t *upstream_opt_rr; + trie_t *trust_anchors; + trie_t *negative_anchors; + int32_t vld_limit_crypto; + struct kr_zonecut root_hints; + struct kr_cache cache; + unsigned int cache_rtt_tout_retry_interval; + char _stub[]; +}; +struct kr_transport { + knot_dname_t *ns_name; + /* beware: hidden stub, to avoid hardcoding sockaddr lengths */ +}; +const char *knot_strerror(int); +knot_dname_t *knot_dname_copy(const knot_dname_t *, knot_mm_t *); +knot_dname_t *knot_dname_from_str(uint8_t *, const char *, size_t); +int knot_dname_in_bailiwick(const knot_dname_t *, const knot_dname_t *); +_Bool knot_dname_is_equal(const knot_dname_t *, const knot_dname_t *); +size_t knot_dname_labels(const uint8_t *, const uint8_t *); +size_t knot_dname_size(const knot_dname_t *); +void knot_dname_to_lower(knot_dname_t *); +char *knot_dname_to_str(char *, const knot_dname_t *, size_t); +knot_rdata_t *knot_rdataset_at(const knot_rdataset_t *, uint16_t); +int knot_rdataset_merge(knot_rdataset_t *, const knot_rdataset_t *, knot_mm_t *); +int knot_rrset_add_rdata(knot_rrset_t *, const uint8_t *, uint16_t, knot_mm_t *); +void knot_rrset_free(knot_rrset_t *, knot_mm_t *); +int knot_rrset_txt_dump(const knot_rrset_t *, char **, size_t *, const knot_dump_style_t *); +int knot_rrset_txt_dump_data(const knot_rrset_t *, const size_t, char *, const size_t, const knot_dump_style_t *); +size_t knot_rrset_size(const knot_rrset_t *); +int knot_pkt_begin(knot_pkt_t *, knot_section_t); +int knot_pkt_put_question(knot_pkt_t *, const knot_dname_t *, uint16_t, uint16_t); +int knot_pkt_put_rotate(knot_pkt_t *, uint16_t, const knot_rrset_t *, uint16_t, uint16_t); +knot_pkt_t *knot_pkt_new(void *, uint16_t, knot_mm_t *); +void knot_pkt_free(knot_pkt_t *); +int knot_pkt_parse(knot_pkt_t *, unsigned int); +knot_rrset_t *kr_request_ensure_edns(struct kr_request *); +knot_pkt_t *kr_request_ensure_answer(struct kr_request *); +int kr_request_set_extended_error(struct kr_request *, int, const char *); +struct kr_rplan *kr_resolve_plan(struct kr_request *); +knot_mm_t *kr_resolve_pool(struct kr_request *); +struct kr_query *kr_rplan_push(struct kr_rplan *, struct kr_query *, const knot_dname_t *, uint16_t, uint16_t); +int kr_rplan_pop(struct kr_rplan *, struct kr_query *); +struct kr_query *kr_rplan_resolved(struct kr_rplan *); +struct kr_query *kr_rplan_last(struct kr_rplan *); +int kr_forward_add_target(struct kr_request *, const struct sockaddr *); +_Bool kr_log_is_debug_fun(enum kr_log_group, const struct kr_request *); +void kr_log_req1(const struct kr_request * const, uint32_t, const unsigned int, enum kr_log_group, const char *, const char *, ...); +void kr_log_q1(const struct kr_query * const, enum kr_log_group, const char *, const char *, ...); +const char *kr_log_grp2name(enum kr_log_group); +void kr_log_fmt(enum kr_log_group, kr_log_level_t, const char *, const char *, const char *, const char *, ...); +int kr_make_query(struct kr_query *, knot_pkt_t *); +void kr_pkt_make_auth_header(knot_pkt_t *); +int kr_pkt_put(knot_pkt_t *, const knot_dname_t *, uint32_t, uint16_t, uint16_t, const uint8_t *, uint16_t); +int kr_pkt_recycle(knot_pkt_t *); +int kr_pkt_clear_payload(knot_pkt_t *); +_Bool kr_pkt_has_wire(const knot_pkt_t *); +_Bool kr_pkt_has_dnssec(const knot_pkt_t *); +uint16_t kr_pkt_qclass(const knot_pkt_t *); +uint16_t kr_pkt_qtype(const knot_pkt_t *); +char *kr_pkt_text(const knot_pkt_t *); +void kr_rnd_buffered(void *, unsigned int); +uint32_t kr_rrsig_sig_inception(const knot_rdata_t *); +uint32_t kr_rrsig_sig_expiration(const knot_rdata_t *); +uint16_t kr_rrsig_type_covered(const knot_rdata_t *); +const char *kr_inaddr(const struct sockaddr *); +int kr_inaddr_family(const struct sockaddr *); +int kr_inaddr_len(const struct sockaddr *); +int kr_inaddr_str(const struct sockaddr *, char *, size_t *); +int kr_sockaddr_cmp(const struct sockaddr *, const struct sockaddr *); +int kr_sockaddr_len(const struct sockaddr *); +uint16_t kr_inaddr_port(const struct sockaddr *); +int kr_straddr_family(const char *); +int kr_straddr_subnet(void *, const char *); +int kr_bitcmp(const char *, const char *, int); +int kr_family_len(int); +struct sockaddr *kr_straddr_socket(const char *, int, knot_mm_t *); +int kr_straddr_split(const char *, char * restrict, uint16_t *); +_Bool kr_rank_test(uint8_t, uint8_t); +int kr_ranked_rrarray_add(ranked_rr_array_t *, const knot_rrset_t *, uint8_t, _Bool, uint32_t, knot_mm_t *); +int kr_ranked_rrarray_finalize(ranked_rr_array_t *, uint32_t, knot_mm_t *); +void kr_qflags_set(struct kr_qflags *, struct kr_qflags); +void kr_qflags_clear(struct kr_qflags *, struct kr_qflags); +int kr_zonecut_add(struct kr_zonecut *, const knot_dname_t *, const void *, int); +_Bool kr_zonecut_is_empty(struct kr_zonecut *); +void kr_zonecut_set(struct kr_zonecut *, const knot_dname_t *); +uint64_t kr_now(void); +const char *kr_strptime_diff(const char *, const char *, const char *, double *); +time_t kr_file_mtime(const char *); +long long kr_fssize(const char *); +const char *kr_dirent_name(const struct dirent *); +void lru_free_items_impl(struct lru *); +struct lru *lru_create_impl(unsigned int, unsigned int, knot_mm_t *, knot_mm_t *); +void *lru_get_impl(struct lru *, const char *, unsigned int, unsigned int, _Bool, _Bool *); +void *mm_realloc(knot_mm_t *, void *, size_t, size_t); +knot_rrset_t *kr_ta_get(trie_t *, const knot_dname_t *); +int kr_ta_add(trie_t *, const knot_dname_t *, uint16_t, uint32_t, const uint8_t *, uint16_t); +int kr_ta_del(trie_t *, const knot_dname_t *); +void kr_ta_clear(trie_t *); +_Bool kr_dnssec_key_sep_flag(const uint8_t *); +_Bool kr_dnssec_key_revoked(const uint8_t *); +int kr_dnssec_key_tag(uint16_t, const uint8_t *, size_t); +int kr_dnssec_key_match(const uint8_t *, size_t, const uint8_t *, size_t); +int kr_cache_closest_apex(struct kr_cache *, const knot_dname_t *, _Bool, knot_dname_t **); +int kr_cache_insert_rr(struct kr_cache *, const knot_rrset_t *, const knot_rrset_t *, uint8_t, uint32_t, _Bool); +int kr_cache_remove(struct kr_cache *, const knot_dname_t *, uint16_t); +int kr_cache_remove_subtree(struct kr_cache *, const knot_dname_t *, _Bool, int); +int kr_cache_commit(struct kr_cache *); +uint32_t packet_ttl(const knot_pkt_t *); +int kr_rules_init(const char *, size_t, _Bool); +int kr_rules_commit(_Bool); +int kr_rules_reset(void); +int kr_view_insert_action(const char *, const char *, kr_proto_set, const char *); +int kr_view_select_action(const struct kr_request *, knot_db_val_t *); +int kr_rule_tag_add(const char *, kr_rule_tags_t *); +int kr_rule_local_subtree(const knot_dname_t *, enum kr_rule_sub_t, uint32_t, kr_rule_tags_t); +int kr_rule_zonefile(const struct kr_rule_zonefile_config *); +int kr_rule_forward(const knot_dname_t *, kr_rule_fwd_flags_t, const struct sockaddr **); +int kr_rule_local_address(const char *, const char *, _Bool, uint32_t, kr_rule_tags_t); +int kr_rule_local_hosts(const char *, _Bool, uint32_t, kr_rule_tags_t); +typedef struct { + int sock_type; + _Bool tls; + _Bool http; + _Bool xdp; + _Bool freebind; + const char *kind; +} endpoint_flags_t; +typedef struct { + char **at; + size_t len; + size_t cap; +} addr_array_t; +typedef struct { + int fd; + endpoint_flags_t flags; +} flagged_fd_t; +typedef struct { + flagged_fd_t *at; + size_t len; + size_t cap; +} flagged_fd_array_t; +typedef struct { + const char **at; + size_t len; + size_t cap; +} config_array_t; +struct args { + addr_array_t addrs; + addr_array_t addrs_tls; + flagged_fd_array_t fds; + int control_fd; + int forks; + config_array_t config; + const char *rundir; + _Bool interactive; + _Bool quiet; + _Bool tty_binary_output; +}; +typedef struct { + const char *zone_file; + const char *origin; + uint32_t ttl; + enum {ZI_STAMP_NOW, ZI_STAMP_MTIM} time_src; + _Bool downgrade; + _Bool zonemd; + const knot_rrset_t *ds; + zi_callback cb; + void *cb_param; +} zi_config_t; +struct args *the_args; +struct endpoint { + void *handle; + int fd; + int family; + uint16_t port; + int16_t nic_queue; + _Bool engaged; + endpoint_flags_t flags; +}; +struct request_ctx { + struct kr_request req; + struct qr_task *task; + /* beware: hidden stub, to avoid hardcoding sockaddr lengths */ +}; +struct qr_task { + struct request_ctx *ctx; + /* beware: hidden stub, to avoid qr_tasklist_t */ +}; +int worker_resolve_exec(struct qr_task *, knot_pkt_t *); +knot_pkt_t *worker_resolve_mk_pkt(const char *, uint16_t, uint16_t, const struct kr_qflags *); +struct qr_task *worker_resolve_start(knot_pkt_t *, struct kr_qflags); +int zi_zone_import(const zi_config_t); +struct engine { + char _stub[]; +}; +struct worker_ctx { + char _stub[]; +}; +struct kr_context *the_resolver; +struct worker_ctx *the_worker; +struct engine *the_engine; +typedef struct { + uint8_t *params_position; + uint8_t *mandatory_position; + uint8_t *param_position; + int32_t last_key; +} zs_svcb_t; +typedef struct { + uint8_t bitmap[32]; + uint8_t length; +} zs_win_t; +typedef struct { + uint8_t excl_flag; + uint16_t addr_family; + uint8_t prefix_length; +} zs_apl_t; +typedef struct { + uint32_t d1; + uint32_t d2; + uint32_t m1; + uint32_t m2; + uint32_t s1; + uint32_t s2; + uint32_t alt; + uint64_t siz; + uint64_t hp; + uint64_t vp; + int8_t lat_sign; + int8_t long_sign; + int8_t alt_sign; +} zs_loc_t; +typedef enum {ZS_STATE_NONE, ZS_STATE_DATA, ZS_STATE_ERROR, ZS_STATE_INCLUDE, ZS_STATE_EOF, ZS_STATE_STOP} zs_state_t; +typedef struct zs_scanner zs_scanner_t; +typedef struct zs_scanner { + int cs; + int top; + int stack[16]; + _Bool multiline; + uint64_t number64; + uint64_t number64_tmp; + uint32_t decimals; + uint32_t decimal_counter; + uint32_t item_length; + uint32_t item_length_position; + uint8_t *item_length_location; + uint8_t *item_length2_location; + uint32_t buffer_length; + uint8_t buffer[65535]; + char include_filename[65535]; + char *path; + zs_win_t windows[256]; + int16_t last_window; + zs_apl_t apl; + zs_loc_t loc; + zs_svcb_t svcb; + uint8_t addr[16]; + _Bool long_string; + _Bool comma_list; + _Bool pending_backslash; + uint8_t *dname; + uint32_t *dname_length; + uint32_t dname_tmp_length; + uint32_t r_data_tail; + uint32_t zone_origin_length; + uint8_t zone_origin[318]; + uint16_t default_class; + uint32_t default_ttl; + zs_state_t state; + struct { + _Bool automatic; + void (*record)(zs_scanner_t *); + void (*error)(zs_scanner_t *); + void (*comment)(zs_scanner_t *); + void *data; + } process; + struct { + const char *start; + const char *current; + const char *end; + _Bool eof; + _Bool mmaped; + } input; + struct { + char *name; + int descriptor; + } file; + struct { + int code; + uint64_t counter; + _Bool fatal; + } error; + uint64_t line_counter; + uint32_t r_owner_length; + uint8_t r_owner[318]; + uint16_t r_class; + uint32_t r_ttl; + uint16_t r_type; + uint32_t r_data_length; + uint8_t r_data[65535]; +} zs_scanner_t; +void zs_deinit(zs_scanner_t *); +int zs_init(zs_scanner_t *, const char *, const uint16_t, const uint32_t); +int zs_parse_record(zs_scanner_t *); +int zs_set_input_file(zs_scanner_t *, const char *); +int zs_set_input_string(zs_scanner_t *, const char *, size_t); +const char *zs_strerror(const int); +]] diff --git a/daemon/lua/meson.build b/daemon/lua/meson.build index 22a5b361..267bb56d 100644 --- a/daemon/lua/meson.build +++ b/daemon/lua/meson.build @@ -39,10 +39,8 @@ distro_preconfig = configure_file( ) # Unfortunately the different ABI implies different contents of 'kres-gen.lua'. -if libknot.version().version_compare('>= 3.2') - kres_gen_fname = 'kres-gen-32.lua' -elif libknot.version().version_compare('>= 3.1') - kres_gen_fname = 'kres-gen-31.lua' +if libknot.version().version_compare('>= 3.3') + kres_gen_fname = 'kres-gen-33.lua' endif # Exact types around time_t aren't easy to detect, but at least we need the same size. diff --git a/daemon/zimport.c b/daemon/zimport.c index 61a46a89..2f546354 100644 --- a/daemon/zimport.c +++ b/daemon/zimport.c @@ -33,10 +33,6 @@ #include #include -#if KNOT_VERSION_HEX < 0x030200 - #define KNOT_ZONEMD_ALGORITHM_SHA384 KNOT_ZONEMD_ALORITHM_SHA384 - #define KNOT_ZONEMD_ALGORITHM_SHA512 KNOT_ZONEMD_ALORITHM_SHA512 -#endif #include "daemon/worker.h" #include "lib/dnssec/ta.h" diff --git a/lib/resolve.c b/lib/resolve.c index ec00b215..4730f105 100644 --- a/lib/resolve.c +++ b/lib/resolve.c @@ -246,11 +246,7 @@ static int pkt_padding(knot_pkt_t *packet, int32_t padding) if (padding == -1) { /* use the default padding policy from libknot */ const size_t block_size = knot_wire_get_qr(packet->wire) ? KNOT_EDNS_ALIGNMENT_RESPONSE_DEFAULT - #if KNOT_VERSION_HEX < 0x030200 - : KNOT_EDNS_ALIGNMENT_QUERY_DEFALT; - #else : KNOT_EDNS_ALIGNMENT_QUERY_DEFAULT; - #endif pad_bytes = knot_edns_alignment_size(packet->size, knot_rrset_size(opt_rr), block_size); } diff --git a/lib/utils.c b/lib/utils.c index 2a0635e0..d04f5467 100644 --- a/lib/utils.c +++ b/lib/utils.c @@ -1198,11 +1198,7 @@ char *kr_pkt_text(const knot_pkt_t *pkt) const knot_dump_style_t KR_DUMP_STYLE_DEFAULT = { /* almost all = false, */ .show_ttl = true, -#if KNOT_VERSION_HEX >= 0x030200 .human_timestamp = true, -#else - .human_tmstamp = true, -#endif }; char *kr_rrset_text(const knot_rrset_t *rr) diff --git a/meson.build b/meson.build index a2a56a33..4e2b6f7b 100644 --- a/meson.build +++ b/meson.build @@ -18,7 +18,7 @@ endif message('--- required dependencies ---') -knot_version = '>=3.1' +knot_version = '>=3.3' libknot = dependency('libknot', version: knot_version) libdnssec = dependency('libdnssec', version: knot_version) libzscanner = dependency('libzscanner', version: knot_version) diff --git a/scripts/enable-repo-cznic-labs.sh b/scripts/enable-repo-cznic-labs.sh new file mode 100755 index 00000000..cbc64c68 --- /dev/null +++ b/scripts/enable-repo-cznic-labs.sh @@ -0,0 +1,30 @@ +#!/bin/bash +# enable CZ.NIC Labs Debian/Ubuntu repos - see https://pkg.labs.nic.cz/doc/ +set -e + +REPO=$1 +if [ -z "${REPO}" ]; then + echo "usage: $0 REPOSITORY" + echo -e "\nPlease see: https://pkg.labs.nic.cz/doc/" + exit 1 +fi +if [ "$(whoami)" != "root" ]; then + echo "ERROR: this script must be run as ROOT" + echo -e "\nTry running with sudo:\n\n sudo $0\n" + exit 2 +fi + +# update apt metadata and install requirements +apt-get update +apt-get install -y apt-transport-https ca-certificates lsb-release wget + +DISTRO=$(lsb_release -si | tr '[:upper:]' '[:lower:]') +CODENAME=$(lsb_release -sc) + +echo "Enabling $REPO repo on $DISTRO $CODENAME..." +# get repo signing key +wget -O /usr/share/keyrings/cznic-labs-pkg.gpg https://pkg.labs.nic.cz/gpg +# create repo entry +echo "deb [signed-by=/usr/share/keyrings/cznic-labs-pkg.gpg] https://pkg.labs.nic.cz/$REPO $CODENAME main" > /etc/apt/sources.list.d/cznic-labs-$REPO.list +# update apt metadata from the new repo +apt-get update diff --git a/scripts/enable-repo.py b/scripts/enable-repo.py deleted file mode 100755 index 2b9319eb..00000000 --- a/scripts/enable-repo.py +++ /dev/null @@ -1,132 +0,0 @@ -#!/usr/bin/python3 -""" -Enable Knot Resolver upstream repo on current system. - -Requires python3-distro. - -Run this as ROOT. -""" - -import argparse -import distro as distro_ -from pathlib import Path -from subprocess import run, PIPE -import sys - - -REPO_CHOICES = ['latest', 'testing', 'build'] - - -def detect_distro(): - return '%s-%s' % (distro_.id(), distro_.version()) - - -def parse_distro(distro): - id_, _, ver_ = distro.rpartition('-') - return id_, ver_ - - -def distro2obs(distro): - distro_id, distro_ver = parse_distro(distro) - if not str(distro_ver): - return None - if distro_id == 'debian': - return 'Debian_%s' % distro_ver - if distro_id == 'ubuntu': - return 'xUbuntu_%s' % distro_ver - if distro_id == 'opensuse-leap': - return 'openSUSE_Leap_%s' % distro_ver - return None - - -def show_info(): - print("distro ID: %s" % detect_distro()) - print("distro name: %s %s" % (distro_.name(), distro_.version(pretty=True))) - - -def enable_deb_repo(repo_id, distro): - obs_distro = distro2obs(distro) - if not obs_distro: - return fail('unsupported Debian-based distro: %s' % distro) - - requires = ['python3-requests', 'gnupg'] - print("installing required packages: %s" % ' '.join(requires)) - p = run(['apt', 'install', '-y'] + requires) - import requests - - sources_p = Path('/etc/apt/sources.list.d/%s.list' % repo_id) - sources_txt = 'deb http://download.opensuse.org/repositories/home:/CZ-NIC:/%s/%s/ /' % (repo_id, obs_distro) - key_url = 'https://download.opensuse.org/repositories/home:CZ-NIC:%s/%s/Release.key' % (repo_id, obs_distro) - print("writing sources list: %s" % sources_p) - with sources_p.open('wt') as f: - f.write(sources_txt + '\n') - print(sources_txt) - print("fetching key: %s" % key_url) - r = requests.get(key_url) - if not r.ok: - return fail('failed to fetch repo key: %s' % key_url) - key_txt = r.content.decode('utf-8') - print("adding key using `apt-key add`") - p = run(['apt-key', 'add', '-'], input=key_txt, encoding='utf-8') - if p.returncode != 0: - print('apt-key add failed :(') - run(['apt', 'update']) - print("%s repo added" % repo_id) - - -def enable_suse_repo(repo_id, distro): - obs_distro = distro2obs(distro) - if not obs_distro: - return fail('unsupported SUSE distro: %s' % distro) - - repo_url = 'https://download.opensuse.org/repositories/home:CZ-NIC:{repo}/{distro}/home:CZ-NIC:{repo}.repo'.format( - repo=repo_id, distro=obs_distro) - print("adding OBS repo: %s" % repo_url) - run(['zypper', 'addrepo', repo_url]) - run(['zypper', '--no-gpg-checks', 'refresh']) - - -def enable_repo(repo_id, distro): - distro_id, distro_ver = parse_distro(distro) - print("enable %s repo on %s" % (repo_id, distro)) - - if distro_id in ['debian', 'ubuntu']: - enable_deb_repo(repo_id, distro) - elif distro_id == 'opensuse-leap': - enable_suse_repo(repo_id, distro) - elif distro_id == 'arch': - print("no external repo needed on %s" % distro_id) - else: - fail("unsupported distro: %s" % distro_id) - - -def fail(msg): - print(msg) - sys.exit(1) - - -def main(): - parser = argparse.ArgumentParser( - description="Enable Knot Resolver repo on this system") - parser.add_argument('repo', choices=REPO_CHOICES, nargs='?', default=REPO_CHOICES[0], - help="repo to enable") - parser.add_argument('-d', '--distro', type=str, - help="override target distro (DISTRO-VERSION format)") - parser.add_argument('-i', '--info', action='store_true', - help="show distro information and exit") - - args = parser.parse_args() - if args.info: - show_info() - return - - distro = args.distro - if not distro: - distro = detect_distro() - - repo = 'knot-resolver-%s' % args.repo - enable_repo(repo, distro) - - -if __name__ == '__main__': - main() -- cgit v1.2.3 From 241b5a727ece5ec10ff94f1254189c99d43907e0 Mon Sep 17 00:00:00 2001 From: Vladimír Čunát Date: Wed, 10 Jul 2024 18:15:35 +0200 Subject: treewide nit: avoid NULL arithmetics (u)intptr_t casts seem the best in terms of compliance: https://stackoverflow.com/q/45220134/587396 Otherwise with clang 18 we can get warnings like ../$path:$line:$col: runtime error: applying non-zero offset $num to null pointer SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../$path:$line:$col --- contrib/mempattern.c | 2 +- contrib/mempattern.h | 2 +- daemon/bindings/net.c | 4 ++-- daemon/network.c | 6 +++--- lib/generic/lru.c | 4 ++-- lib/generic/test_trie.c | 6 +++--- lib/generic/trie.c | 2 +- 7 files changed, 13 insertions(+), 13 deletions(-) (limited to 'lib') diff --git a/contrib/mempattern.c b/contrib/mempattern.c index 6c237eac..e0c784de 100644 --- a/contrib/mempattern.c +++ b/contrib/mempattern.c @@ -125,7 +125,7 @@ void mm_ctx_mempool(knot_mm_t *mm, size_t chunk_size) void *mm_malloc_aligned(void *ctx, size_t n) { - size_t alignment = (size_t)ctx; + size_t alignment = (uintptr_t)ctx; void *res; int err = posix_memalign(&res, alignment, n); if (err == 0) { diff --git a/contrib/mempattern.h b/contrib/mempattern.h index 4db147ae..7cb2bae8 100644 --- a/contrib/mempattern.h +++ b/contrib/mempattern.h @@ -81,7 +81,7 @@ static inline void mm_ctx_init_aligned(knot_mm_t *mm, size_t alignment) { assert(__builtin_popcount(alignment) == 1); mm_ctx_init(mm); - mm->ctx = (uint8_t *)NULL + alignment; /*< roundabout to satisfy linters */ + mm->ctx = (void *)(uintptr_t)alignment; /*< roundabout to satisfy linters */ /* posix_memalign() doesn't allow alignment < sizeof(void*), * and there's no point in using it for small values anyway, * as plain malloc() guarantees at least max_align_t. */ diff --git a/daemon/bindings/net.c b/daemon/bindings/net.c index aaeef238..55e9a914 100644 --- a/daemon/bindings/net.c +++ b/daemon/bindings/net.c @@ -1191,7 +1191,7 @@ static int net_register_endpoint_kind(lua_State *L) if (param_count == 1) { void *val; if (trie_del(the_network->endpoint_kinds, kind, kind_len, &val) == KNOT_EOK) { - const int fun_id = (char *)val - (char *)NULL; + const int fun_id = (intptr_t)val; luaL_unref(L, LUA_REGISTRYINDEX, fun_id); return 0; } @@ -1209,7 +1209,7 @@ static int net_register_endpoint_kind(lua_State *L) if (!pp) lua_error_maybe(L, kr_error(ENOMEM)); if (*pp != NULL || !strcasecmp(kind, "dns") || !strcasecmp(kind, "tls")) lua_error_p(L, "attempt to register known kind '%s'\n", kind); - *pp = (char *)NULL + fun_id; + *pp = (void *)(intptr_t)fun_id; /* We don't attempt to engage corresponding endpoints now. * That's the job for network_engage_endpoints() later. */ return 0; diff --git a/daemon/network.c b/daemon/network.c index 1ec34e90..7d1d5155 100644 --- a/daemon/network.c +++ b/daemon/network.c @@ -102,7 +102,7 @@ static int endpoint_open_lua_cb(struct endpoint *ep, if (!pp) return kr_ok(); /* Now execute the callback. */ - const int fun_id = (char *)*pp - (char *)NULL; + const int fun_id = (intptr_t)*pp; lua_rawgeti(L, LUA_REGISTRYINDEX, fun_id); lua_pushboolean(L, true /* open */); lua_pushpointer(L, ep); @@ -182,7 +182,7 @@ static void endpoint_close_lua_cb(struct endpoint *ep) } if (!pp) return; - const int fun_id = (char *)*pp - (char *)NULL; + const int fun_id = (intptr_t)*pp; lua_rawgeti(L, LUA_REGISTRYINDEX, fun_id); lua_pushboolean(L, false /* close */); lua_pushpointer(L, ep); @@ -262,7 +262,7 @@ static int free_key(trie_val_t *val, void* ext) int kind_unregister(trie_val_t *tv, void *L) { - int fun_id = (char *)*tv - (char *)NULL; + int fun_id = (intptr_t)*tv; luaL_unref(L, LUA_REGISTRYINDEX, fun_id); return 0; } diff --git a/lib/generic/lru.c b/lib/generic/lru.c index 857b20b3..71b8730b 100644 --- a/lib/generic/lru.c +++ b/lib/generic/lru.c @@ -50,9 +50,9 @@ static uint item_size(const struct lru *lru, uint key_len, uint val_len) /** @internal Return pointer to value in an lru_item. */ static void * item_val(const struct lru *lru, struct lru_item *it) { - size_t key_end = it->data + it->key_len - (char *)NULL; + size_t key_end = (uintptr_t)(it->data + it->key_len); size_t val_begin = round_power(key_end, lru->val_alignment); - return (char *)NULL + val_begin; + return (void *)(uintptr_t)val_begin; } /** @internal Free each item. */ diff --git a/lib/generic/test_trie.c b/lib/generic/test_trie.c index 9ecd67cd..ce164906 100644 --- a/lib/generic/test_trie.c +++ b/lib/generic/test_trie.c @@ -48,7 +48,7 @@ static void test_insert(void **state) trie_val_t *data = trie_get_ins(t, dict[i], KEY_LEN(dict[i])); assert_non_null(data); assert_null(*data); - *data = (char *)NULL + i; // yes, ugly + *data = (void *)(intptr_t)i; // yes, ugly assert_ptr_equal(trie_get_try(t, dict[i], KEY_LEN(dict[i])), data); } assert_int_equal(trie_weight(t), dict_size); @@ -82,7 +82,7 @@ static void test_iter(void **state) const char *key = trie_it_key(it, &len); assert_int_equal(KEY_LEN(key), len); assert_string_equal(key, dict_sorted[i]); - assert_ptr_equal(dict[(char *)*trie_it_val(it) - (char *)NULL], + assert_ptr_equal(dict[(uintptr_t)*trie_it_val(it)], dict_sorted[i]); } assert_true(trie_it_finished(it)); @@ -100,7 +100,7 @@ static void test_queue(void **state) assert_non_null(key); assert_int_equal(len, KEY_LEN(key)); assert_non_null(data); - ptrdiff_t key_i = (char *)*data - (char *)NULL; + uintptr_t key_i = (uintptr_t)*data; assert_string_equal(key, dict[key_i]); len = 30; diff --git a/lib/generic/trie.c b/lib/generic/trie.c index 21254eb4..e2ce061e 100644 --- a/lib/generic/trie.c +++ b/lib/generic/trie.c @@ -116,7 +116,7 @@ static inline void empty_root(node_t *root) { static void assert_portability(void) { #if FLAGS_HACK kr_require(((union node){ .leaf = { - .key = (tkey_t *)(((uint8_t *)NULL) + 1), + .key = (tkey_t *)(void *)(uintptr_t)1, .val = NULL } }).branch.flags == 1); #endif -- cgit v1.2.3 From 062eafbd4f02275e4191b71ee5dd748c37764ef2 Mon Sep 17 00:00:00 2001 From: Vladimír Čunát Date: Wed, 26 Jun 2024 15:05:54 +0200 Subject: lib/rules: fix a bug in subnet computations The problem mainly affected subnets not aligned on whole bytes, but maybe also others. Reported: https://lists.nic.cz/hyperkitty/list/knot-resolver-users@lists.nic.cz/message/6P2JPK72WMVLP45TDV42DTACEA2N5NW2/ I'm really sorry about this; no idea why I thought that the simple multiplication would suffice. --- lib/rules/api.c | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) (limited to 'lib') diff --git a/lib/rules/api.c b/lib/rules/api.c index 9dc01a4f..2725e9a4 100644 --- a/lib/rules/api.c +++ b/lib/rules/api.c @@ -842,13 +842,22 @@ static int subnet_encode(const struct sockaddr *addr, int sub_len, uint8_t buf[3 // - 00 -> beyond the subnet's prefix // - 10 -> zero bit within the subnet's prefix // - 11 -> one bit within the subnet's prefix - // Multiplying one uint8_t by 01010101 (in binary) will do interleaving. int i; // Let's hope that compiler optimizes this into something reasonable. for (i = 0; sub_len > 0; ++i, sub_len -= 8) { - uint16_t x = a[i] * 85; // interleave by zero bits - uint8_t sub_mask = 255 >> (8 - MIN(sub_len, 8)); - uint16_t r = x | (sub_mask * 85 * 2); + // r = a[i] interleaved by 1 bits (with 1s on the higher-value positions) + // https://graphics.stanford.edu/~seander/bithacks.html#Interleave64bitOps + // but we modify it slightly: no need for the 0x5555 mask (==0b0101010101010101) + // or the y-part - we instead just set all odd bits to 1s. + uint16_t r = ( + (a[i] * 0x0101010101010101ULL & 0x8040201008040201ULL) + * 0x0102040810204081ULL >> 49 + ) | 0xAAAAU/* = 0b1010'1010'1010'1010 */; + // now r might just need clipping + if (sub_len < 8) { + uint16_t mask = 0xFFFFffffU << (2 * (8 - sub_len)); + r &= mask; + } buf[(ssize_t)2*i] = r / 256; buf[(ssize_t)2*i + 1] = r % 256; } -- cgit v1.2.3 From ea262c7195f6ad0e9394cd8d9c6a45806f59dbbc Mon Sep 17 00:00:00 2001 From: Vladimír Čunát Date: Wed, 26 Jun 2024 16:07:13 +0200 Subject: lib/rules nit: missing `static` for a function --- lib/rules/api.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/rules/api.c b/lib/rules/api.c index 2725e9a4..c4e25450 100644 --- a/lib/rules/api.c +++ b/lib/rules/api.c @@ -865,7 +865,7 @@ static int subnet_encode(const struct sockaddr *addr, int sub_len, uint8_t buf[3 } // Is `a` subnet-prefix of `b`? (a byte format of subnet_encode()) -bool subnet_is_prefix(uint8_t a, uint8_t b) +static bool subnet_is_prefix(uint8_t a, uint8_t b) { while (true) { if (a >> 6 == 0) -- cgit v1.2.3 From 0bd1e71b275ef77689440bbf3739da5c25b00f5e Mon Sep 17 00:00:00 2001 From: Vladimír Čunát Date: Thu, 27 Jun 2024 09:53:11 +0200 Subject: lib/rules subnet_encode(): improve doc-comments --- lib/rules/api.c | 28 ++++++++++++++++++---------- 1 file changed, 18 insertions(+), 10 deletions(-) (limited to 'lib') diff --git a/lib/rules/api.c b/lib/rules/api.c index c4e25450..5ecbe29e 100644 --- a/lib/rules/api.c +++ b/lib/rules/api.c @@ -818,16 +818,28 @@ int kr_rule_local_subtree(const knot_dname_t *apex, enum kr_rule_sub_t type, } -/** Encode a subnet into a (longer) string. +/** Encode a subnet into a (longer) string. The result is in `buf` with returned length. * * The point is to have different encodings for different subnets, * with using just byte-length strings (e.g. for ::/1 vs. ::/2). - * And we need to preserve order: FIXME description - * - natural partial order on subnets, one included in another - * - partial order on strings, one being a prefix of another - * - implies lexicographical order on the encoded strings + * You might imagine this as the space of all nodes of a binary trie. * - * Consequently, given a set of subnets, the t + * == Key properties == + * We're utilizing the order on the encoded strings. LMDB uses lexicographical order. + * Optimization: the properties should cut down LMDB operation count when searching + * for rule sets typical in practice. Some properties: + * - full address is just a subnet containing only that address (/128 and /32) + * - order of full addresses is kept the same as before encoding + * - ancestor first: if subnet B is included inside subnet A, we get A < B + * - subnet mixing: if two subnets do not share any address, all addresses of one + * of them are ordered before all addresses of the other one + * + * == The encoding == + * The encoding replaces each address bit by a pair of bits: + * - 00 -> beyond the subnet's prefix + * - 10 -> zero bit within the subnet's prefix + * - 11 -> one bit within the subnet's prefix + * - we cut the byte-length - no need for all-zero suffixes */ static int subnet_encode(const struct sockaddr *addr, int sub_len, uint8_t buf[32]) { @@ -838,10 +850,6 @@ static int subnet_encode(const struct sockaddr *addr, int sub_len, uint8_t buf[3 return kr_error(EINVAL); const uint8_t *a = (const uint8_t *)/*sign*/kr_inaddr(addr); - // Algo: interleave bits of the address. Bit pairs: - // - 00 -> beyond the subnet's prefix - // - 10 -> zero bit within the subnet's prefix - // - 11 -> one bit within the subnet's prefix int i; // Let's hope that compiler optimizes this into something reasonable. for (i = 0; sub_len > 0; ++i, sub_len -= 8) { -- cgit v1.2.3