forked from miekg/dns
-
Notifications
You must be signed in to change notification settings - Fork 0
/
xfr.go
193 lines (182 loc) · 4.82 KB
/
xfr.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
package dns
// XfrToken is used when doing [IA]xfr with a remote server.
type XfrToken struct {
RR []RR // the set of RRs in the answer section of the AXFR reply message
Error error // if something went wrong, this contains the error
}
// XfrReceive performs a [AI]xfr request (depends on the message's Qtype). It returns
// a channel of XfrToken on which the replies from the server are sent. At the end of
// the transfer the channel is closed.
// It panics if the Qtype does not equal TypeAXFR or TypeIXFR. The messages are TSIG checked if
// needed, no other post-processing is performed. The caller must dissect the returned
// messages.
//
// Basic use pattern for receiving an AXFR:
//
// // m contains the AXFR request
// t, e := client.XfrReceive(m, "127.0.0.1:53")
// for r := range t {
// // ... deal with r.RR or r.Error
// }
func (c *Client) XfrReceive(q *Msg, a string) (chan *XfrToken, error) {
w := new(reply)
w.client = c
w.addr = a
w.req = q
if err := w.dial(); err != nil {
return nil, err
}
if err := w.send(q); err != nil {
return nil, err
}
e := make(chan *XfrToken)
switch q.Question[0].Qtype {
case TypeAXFR:
go w.axfrReceive(q, e)
return e, nil
case TypeIXFR:
go w.ixfrReceive(q, e)
return e, nil
default:
return nil, nil
}
panic("dns: not reached")
}
func (w *reply) axfrReceive(q *Msg, c chan *XfrToken) {
first := true
defer w.conn.Close()
defer close(c)
for {
in, err := w.receive()
if err != nil {
c <- &XfrToken{nil, err}
return
}
if in.Id != q.Id {
c <- &XfrToken{in.Answer, ErrId}
return
}
if first {
if !checkXfrSOA(in, true) {
c <- &XfrToken{in.Answer, ErrSoa}
return
}
first = !first
}
if !first {
w.tsigTimersOnly = true // Subsequent envelopes use this.
if checkXfrSOA(in, false) {
c <- &XfrToken{in.Answer, nil}
return
}
c <- &XfrToken{in.Answer, nil}
}
}
panic("dns: not reached")
}
func (w *reply) ixfrReceive(q *Msg, c chan *XfrToken) {
var serial uint32 // The first serial seen is the current server serial
first := true
defer w.conn.Close()
defer close(c)
for {
in, err := w.receive()
if err != nil {
c <- &XfrToken{in.Answer, err}
return
}
if q.Id != in.Id {
c <- &XfrToken{in.Answer, ErrId}
return
}
if first {
// A single SOA RR signals "no changes"
if len(in.Answer) == 1 && checkXfrSOA(in, true) {
c <- &XfrToken{in.Answer, nil}
return
}
// Check if the returned answer is ok
if !checkXfrSOA(in, true) {
c <- &XfrToken{in.Answer, ErrSoa}
return
}
// This serial is important
serial = in.Answer[0].(*RR_SOA).Serial
first = !first
}
// Now we need to check each message for SOA records, to see what we need to do
if !first {
w.tsigTimersOnly = true
// If the last record in the IXFR contains the servers' SOA, we should quit
if v, ok := in.Answer[len(in.Answer)-1].(*RR_SOA); ok {
if v.Serial == serial {
c <- &XfrToken{in.Answer, nil}
return
}
}
c <- &XfrToken{in.Answer, nil}
}
}
panic("dns: not reached")
}
// Check if he SOA record exists in the Answer section of
// the packet. If first is true the first RR must be a SOA
// if false, the last one should be a SOA.
func checkXfrSOA(in *Msg, first bool) bool {
if len(in.Answer) > 0 {
if first {
return in.Answer[0].Header().Rrtype == TypeSOA
} else {
return in.Answer[len(in.Answer)-1].Header().Rrtype == TypeSOA
}
}
return false
}
// XfrSend performs an outgoing [AI]xfr depending on the request message. The
// caller is responsible for sending the correct sequence of RR sets through
// the channel c. For reasons of symmetry XfrToken is re-used.
// Errors are signaled via the error pointer, when an error occurs the function
// sets the error and returns (it does not close the channel).
// TSIG and enveloping is handled by XfrSend.
//
// Basic use pattern for sending an AXFR:
//
// // q contains the AXFR request
// c := make(chan *XfrToken)
// var e *error
// err := XfrSend(w, q, c, e)
// w.Hijack() // hijack the connection so that the library doesn't close it
// for _, rrset := range rrsets { // rrset is a []RR
// c <- &{XfrToken{RR: rrset}
// if e != nil {
// close(c)
// break
// }
// }
// // w.Close() // Don't! Let the client close the connection
func XfrSend(w ResponseWriter, q *Msg, c chan *XfrToken, e *error) error {
switch q.Question[0].Qtype {
case TypeAXFR, TypeIXFR:
go axfrSend(w, q, c, e)
return nil
default:
return nil
}
panic("dns: not reached")
}
// TODO(mg): count the RRs and the resulting size.
func axfrSend(w ResponseWriter, req *Msg, c chan *XfrToken, e *error) {
rep := new(Msg)
rep.SetReply(req)
rep.Authoritative = true
for x := range c {
// assume it fits
rep.Answer = append(rep.Answer, x.RR...)
if err := w.Write(rep); e != nil {
*e = err
return
}
w.TsigTimersOnly(true)
rep.Answer = nil
}
}