<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html><head><meta http-equiv="Content-Type" content="text/html;charset=UTF-8">
<title>unbound: iterator/iter_scrub.c File Reference</title>
<link href="tabs.css" rel="stylesheet" type="text/css">
<link href="doxygen.css" rel="stylesheet" type="text/css">
</head><body>
<!-- Generated by Doxygen 1.5.9 -->
<div class="navigation" id="top">
<div class="tabs">
<ul>
<li><a href="index.html"><span>Main Page</span></a></li>
<li><a href="annotated.html"><span>Data Structures</span></a></li>
<li class="current"><a href="files.html"><span>Files</span></a></li>
<li><a href="dirs.html"><span>Directories</span></a></li>
</ul>
</div>
<div class="tabs">
<ul>
<li><a href="files.html"><span>File List</span></a></li>
<li><a href="globals.html"><span>Globals</span></a></li>
</ul>
</div>
<div class="navpath"><a class="el" href="dir_fb9f2b54f370aa6f4de91e34db18da16.html">iterator</a>
</div>
</div>
<div class="contents">
<h1>iter_scrub.c File Reference</h1>This file has routine(s) for cleaning up incoming DNS messages from possible useless or malicious junk in it.
<a href="#_details">More...</a>
<p>
<code>#include "config.h"</code><br>
<code>#include "<a class="el" href="iter__scrub_8h.html">iterator/iter_scrub.h</a>"</code><br>
<code>#include "<a class="el" href="iterator_8h.html">iterator/iterator.h</a>"</code><br>
<code>#include "<a class="el" href="iter__priv_8h.html">iterator/iter_priv.h</a>"</code><br>
<code>#include "<a class="el" href="rrset_8h.html">services/cache/rrset.h</a>"</code><br>
<code>#include "<a class="el" href="log_8h.html">util/log.h</a>"</code><br>
<code>#include "<a class="el" href="net__help_8h.html">util/net_help.h</a>"</code><br>
<code>#include "<a class="el" href="regional_8h.html">util/regional.h</a>"</code><br>
<code>#include "<a class="el" href="config__file_8h.html">util/config_file.h</a>"</code><br>
<code>#include "<a class="el" href="module_8h.html">util/module.h</a>"</code><br>
<code>#include "<a class="el" href="msgparse_8h.html">util/data/msgparse.h</a>"</code><br>
<code>#include "<a class="el" href="dname_8h.html">util/data/dname.h</a>"</code><br>
<code>#include "<a class="el" href="msgreply_8h.html">util/data/msgreply.h</a>"</code><br>
<code>#include "<a class="el" href="alloc_8h.html">util/alloc.h</a>"</code><br>
<table border="0" cellpadding="0" cellspacing="0">
<tr><td></td></tr>
<tr><td colspan="2"><br><h2>Defines</h2></td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="iter__scrub_8c.html#1821c928c0dd5624a2753ddc762aa567">RRSET_SCRUB_OK</a> 0x80</td></tr>
<tr><td class="mdescLeft"> </td><td class="mdescRight">RRset flag used during scrubbing. <a href="#1821c928c0dd5624a2753ddc762aa567"></a><br></td></tr>
<tr><td colspan="2"><br><h2>Functions</h2></td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top"><a class="anchor" name="b49044bdaaac0d1bcf543d6e45b68784"></a><!-- doxytag: member="iter_scrub.c::remove_rrset" ref="b49044bdaaac0d1bcf543d6e45b68784" args="(const char *str, ldns_buffer *pkt, struct msg_parse *msg, struct rrset_parse *prev, struct rrset_parse **rrset)" -->
static void </td><td class="memItemRight" valign="bottom"><a class="el" href="iter__scrub_8c.html#b49044bdaaac0d1bcf543d6e45b68784">remove_rrset</a> (const char *str, ldns_buffer *pkt, struct <a class="el" href="structmsg__parse.html">msg_parse</a> *msg, struct <a class="el" href="structrrset__parse.html">rrset_parse</a> *prev, struct <a class="el" href="structrrset__parse.html">rrset_parse</a> **rrset)</td></tr>
<tr><td class="mdescLeft"> </td><td class="mdescRight">remove rrset, update loop variables <br></td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top"><a class="anchor" name="a80843c846dbaab176476dc94bb19d21"></a><!-- doxytag: member="iter_scrub.c::has_additional" ref="a80843c846dbaab176476dc94bb19d21" args="(uint16_t t)" -->
static int </td><td class="memItemRight" valign="bottom"><a class="el" href="iter__scrub_8c.html#a80843c846dbaab176476dc94bb19d21">has_additional</a> (uint16_t t)</td></tr>
<tr><td class="mdescLeft"> </td><td class="mdescRight">return true if rr type has additional names in it <br></td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top"><a class="anchor" name="92e8e375431ecbae8b006f8e1b743dfe"></a><!-- doxytag: member="iter_scrub.c::get_additional_name" ref="92e8e375431ecbae8b006f8e1b743dfe" args="(struct rrset_parse *rrset, struct rr_parse *rr, uint8_t **nm, size_t *nmlen, ldns_buffer *pkt)" -->
static int </td><td class="memItemRight" valign="bottom"><a class="el" href="iter__scrub_8c.html#92e8e375431ecbae8b006f8e1b743dfe">get_additional_name</a> (struct <a class="el" href="structrrset__parse.html">rrset_parse</a> *rrset, struct <a class="el" href="structrr__parse.html">rr_parse</a> *rr, uint8_t **nm, size_t *nmlen, ldns_buffer *pkt)</td></tr>
<tr><td class="mdescLeft"> </td><td class="mdescRight">get additional name from rrset RR, return false if no name present <br></td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top"><a class="anchor" name="93eedafe0dcfddb3361ed01686929995"></a><!-- doxytag: member="iter_scrub.c::mark_additional_rrset" ref="93eedafe0dcfddb3361ed01686929995" args="(ldns_buffer *pkt, struct msg_parse *msg, struct rrset_parse *rrset)" -->
static void </td><td class="memItemRight" valign="bottom"><a class="el" href="iter__scrub_8c.html#93eedafe0dcfddb3361ed01686929995">mark_additional_rrset</a> (ldns_buffer *pkt, struct <a class="el" href="structmsg__parse.html">msg_parse</a> *msg, struct <a class="el" href="structrrset__parse.html">rrset_parse</a> *rrset)</td></tr>
<tr><td class="mdescLeft"> </td><td class="mdescRight">Place mark on rrsets in additional section they are OK. <br></td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top"><a class="anchor" name="13f35dcb27ccf98d34844c387427a16c"></a><!-- doxytag: member="iter_scrub.c::parse_get_cname_target" ref="13f35dcb27ccf98d34844c387427a16c" args="(struct rrset_parse *rrset, uint8_t **sname, size_t *snamelen)" -->
static int </td><td class="memItemRight" valign="bottom"><a class="el" href="iter__scrub_8c.html#13f35dcb27ccf98d34844c387427a16c">parse_get_cname_target</a> (struct <a class="el" href="structrrset__parse.html">rrset_parse</a> *rrset, uint8_t **sname, size_t *snamelen)</td></tr>
<tr><td class="mdescLeft"> </td><td class="mdescRight">Get target name of a CNAME. <br></td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top"><a class="anchor" name="258242fd5ce1d89b5884c124cfe86678"></a><!-- doxytag: member="iter_scrub.c::synth_cname" ref="258242fd5ce1d89b5884c124cfe86678" args="(uint8_t *qname, size_t qnamelen, struct rrset_parse *dname_rrset, uint8_t *alias, size_t *aliaslen, ldns_buffer *pkt)" -->
static int </td><td class="memItemRight" valign="bottom"><a class="el" href="iter__scrub_8c.html#258242fd5ce1d89b5884c124cfe86678">synth_cname</a> (uint8_t *qname, size_t qnamelen, struct <a class="el" href="structrrset__parse.html">rrset_parse</a> *dname_rrset, uint8_t *alias, size_t *aliaslen, ldns_buffer *pkt)</td></tr>
<tr><td class="mdescLeft"> </td><td class="mdescRight">Synthesize CNAME from DNAME, false if too long. <br></td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top"><a class="anchor" name="cb63133593d2e12d649d703d446a3221"></a><!-- doxytag: member="iter_scrub.c::synth_cname_rrset" ref="cb63133593d2e12d649d703d446a3221" args="(uint8_t **sname, size_t *snamelen, uint8_t *alias, size_t aliaslen, struct regional *region, struct msg_parse *msg, struct rrset_parse *rrset, struct rrset_parse *prev, struct rrset_parse *nx, ldns_buffer *pkt)" -->
static struct <a class="el" href="structrrset__parse.html">rrset_parse</a> * </td><td class="memItemRight" valign="bottom"><a class="el" href="iter__scrub_8c.html#cb63133593d2e12d649d703d446a3221">synth_cname_rrset</a> (uint8_t **sname, size_t *snamelen, uint8_t *alias, size_t aliaslen, struct <a class="el" href="structregional.html">regional</a> *region, struct <a class="el" href="structmsg__parse.html">msg_parse</a> *msg, struct <a class="el" href="structrrset__parse.html">rrset_parse</a> *rrset, struct <a class="el" href="structrrset__parse.html">rrset_parse</a> *prev, struct <a class="el" href="structrrset__parse.html">rrset_parse</a> *nx, ldns_buffer *pkt)</td></tr>
<tr><td class="mdescLeft"> </td><td class="mdescRight">synthesize a CNAME rrset <br></td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top"><a class="anchor" name="4794bd5886c7177e88918f54dd06a324"></a><!-- doxytag: member="iter_scrub.c::pkt_strict_sub" ref="4794bd5886c7177e88918f54dd06a324" args="(ldns_buffer *pkt, uint8_t *sname, uint8_t *dr)" -->
static int </td><td class="memItemRight" valign="bottom"><a class="el" href="iter__scrub_8c.html#4794bd5886c7177e88918f54dd06a324">pkt_strict_sub</a> (ldns_buffer *pkt, uint8_t *sname, uint8_t *dr)</td></tr>
<tr><td class="mdescLeft"> </td><td class="mdescRight">check if DNAME applies to a name <br></td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top"><a class="anchor" name="687c75cce47bbdeb03f0e628c492507d"></a><!-- doxytag: member="iter_scrub.c::pkt_sub" ref="687c75cce47bbdeb03f0e628c492507d" args="(ldns_buffer *pkt, uint8_t *comprname, uint8_t *zone)" -->
static int </td><td class="memItemRight" valign="bottom"><a class="el" href="iter__scrub_8c.html#687c75cce47bbdeb03f0e628c492507d">pkt_sub</a> (ldns_buffer *pkt, uint8_t *comprname, uint8_t *zone)</td></tr>
<tr><td class="mdescLeft"> </td><td class="mdescRight">check subdomain with decompression <br></td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top">static int </td><td class="memItemRight" valign="bottom"><a class="el" href="iter__scrub_8c.html#85eebdc0642e4d82fd2ac976abb2de9b">scrub_normalize</a> (ldns_buffer *pkt, struct <a class="el" href="structmsg__parse.html">msg_parse</a> *msg, struct <a class="el" href="structquery__info.html">query_info</a> *qinfo, struct <a class="el" href="structregional.html">regional</a> *region)</td></tr>
<tr><td class="mdescLeft"> </td><td class="mdescRight">This routine normalizes a response. <a href="#85eebdc0642e4d82fd2ac976abb2de9b"></a><br></td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top">static void </td><td class="memItemRight" valign="bottom"><a class="el" href="iter__scrub_8c.html#057798ab93f8e96d81d136bfb197d4fa">store_rrset</a> (ldns_buffer *pkt, struct <a class="el" href="structmsg__parse.html">msg_parse</a> *msg, struct <a class="el" href="structmodule__env.html">module_env</a> *env, struct <a class="el" href="structrrset__parse.html">rrset_parse</a> *rrset)</td></tr>
<tr><td class="mdescLeft"> </td><td class="mdescRight">Store potential poison in the cache (only if hardening disabled). <a href="#057798ab93f8e96d81d136bfb197d4fa"></a><br></td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top">static int </td><td class="memItemRight" valign="bottom"><a class="el" href="iter__scrub_8c.html#6140d89697711eaa763044622099cfa4">sanitize_nsec_is_overreach</a> (struct <a class="el" href="structrrset__parse.html">rrset_parse</a> *rrset, uint8_t *zonename)</td></tr>
<tr><td class="mdescLeft"> </td><td class="mdescRight">Check if right hand name in NSEC is within zone. <a href="#6140d89697711eaa763044622099cfa4"></a><br></td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top">static int </td><td class="memItemRight" valign="bottom"><a class="el" href="iter__scrub_8c.html#035916975fec0fe36322289f9505de18">scrub_sanitize</a> (ldns_buffer *pkt, struct <a class="el" href="structmsg__parse.html">msg_parse</a> *msg, struct <a class="el" href="structquery__info.html">query_info</a> *qinfo, uint8_t *zonename, struct <a class="el" href="structmodule__env.html">module_env</a> *env, struct <a class="el" href="structiter__env.html">iter_env</a> *ie)</td></tr>
<tr><td class="mdescLeft"> </td><td class="mdescRight">Given a response event, remove suspect RRsets from the response. <a href="#035916975fec0fe36322289f9505de18"></a><br></td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="iter__scrub_8c.html#9ed5945d99864434ca0a7a540b667029">scrub_message</a> (ldns_buffer *pkt, struct <a class="el" href="structmsg__parse.html">msg_parse</a> *msg, struct <a class="el" href="structquery__info.html">query_info</a> *qinfo, uint8_t *zonename, struct <a class="el" href="structregional.html">regional</a> *region, struct <a class="el" href="structmodule__env.html">module_env</a> *env, struct <a class="el" href="structiter__env.html">iter_env</a> *ie)</td></tr>
<tr><td class="mdescLeft"> </td><td class="mdescRight">Cleanup the passed dns message. <a href="#9ed5945d99864434ca0a7a540b667029"></a><br></td></tr>
</table>
<hr><h2>Detailed Description</h2>
This file has routine(s) for cleaning up incoming DNS messages from possible useless or malicious junk in it.
<p>
<hr><h2>Define Documentation</h2>
<a class="anchor" name="1821c928c0dd5624a2753ddc762aa567"></a><!-- doxytag: member="iter_scrub.c::RRSET_SCRUB_OK" ref="1821c928c0dd5624a2753ddc762aa567" args="" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">#define RRSET_SCRUB_OK 0x80 </td>
</tr>
</table>
</div>
<div class="memdoc">
<p>
RRset flag used during scrubbing.
<p>
The RRset is OK.
<p>Referenced by <a class="el" href="iter__scrub_8c_source.html#l00150">mark_additional_rrset()</a>, and <a class="el" href="iter__scrub_8c_source.html#l00318">scrub_normalize()</a>.</p>
</div>
</div><p>
<hr><h2>Function Documentation</h2>
<a class="anchor" name="85eebdc0642e4d82fd2ac976abb2de9b"></a><!-- doxytag: member="iter_scrub.c::scrub_normalize" ref="85eebdc0642e4d82fd2ac976abb2de9b" args="(ldns_buffer *pkt, struct msg_parse *msg, struct query_info *qinfo, struct regional *region)" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">static int scrub_normalize </td>
<td>(</td>
<td class="paramtype">ldns_buffer * </td>
<td class="paramname"> <em>pkt</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">struct <a class="el" href="structmsg__parse.html">msg_parse</a> * </td>
<td class="paramname"> <em>msg</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">struct <a class="el" href="structquery__info.html">query_info</a> * </td>
<td class="paramname"> <em>qinfo</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">struct <a class="el" href="structregional.html">regional</a> * </td>
<td class="paramname"> <em>region</em></td><td> </td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td><td><code> [static]</code></td>
</tr>
</table>
</div>
<div class="memdoc">
<p>
This routine normalizes a response.
<p>
This includes removing "irrelevant" records from the answer and additional sections and (re)synthesizing CNAMEs from DNAMEs, if present.<p>
<dl compact><dt><b>Parameters:</b></dt><dd>
<table border="0" cellspacing="2" cellpadding="0">
<tr><td valign="top"></td><td valign="top"><em>pkt,:</em> </td><td>packet. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>msg,:</em> </td><td>msg to normalize. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>qinfo,:</em> </td><td>original query. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>region,:</em> </td><td>where to allocate synthesized CNAMEs. </td></tr>
</table>
</dl>
<dl class="return" compact><dt><b>Returns:</b></dt><dd>0 on error. </dd></dl>
<p>References <a class="el" href="msgparse_8h_source.html#l00141">rrset_parse::dname</a>, <a class="el" href="dname_8c_source.html#l00217">dname_pkt_compare()</a>, <a class="el" href="msgparse_8h_source.html#l00149">rrset_parse::flags</a>, <a class="el" href="msgparse_8h_source.html#l00087">msg_parse::flags</a>, <a class="el" href="net__help_8h_source.html#l00070">FLAGS_GET_RCODE</a>, <a class="el" href="net__help_8h_source.html#l00072">FLAGS_SET_RCODE</a>, <a class="el" href="log_8c_source.html#l00241">log_err()</a>, <a class="el" href="iter__scrub_8c_source.html#l00150">mark_additional_rrset()</a>, <a class="el" href="iter__scrub_8c_source.html#l00186">parse_get_cname_target()</a>, <a class="el" href="iter__scrub_8c_source.html#l00287">pkt_strict_sub()</a>, <a class="el" href="msgreply_8h_source.html#l00064">query_info::qname</a>, <a class="el" href="msgreply_8h_source.html#l00066">query_info::qname_len</a>, <a class="el" href="msgreply_8h_source.html#l00068">query_info::qtype</a>, <a class="el" href="iter__scrub_8c_source.html#l00062">remove_rrset()</a>, <a class="el" href="msgparse_8h_source.html#l00151">rrset_parse::rr_count</a>, <a class="el" href="msgparse_8h_source.html#l00133">rrset_parse::rrset_all_next</a>, <a class="el" href="msgparse_8h_source.html#l00121">msg_parse::rrset_first</a>, <a class="el" href="iter__scrub_8c_source.html#l00058">RRSET_SCRUB_OK</a>, <a class="el" href="msgparse_8h_source.html#l00139">rrset_parse::section</a>, <a class="el" href="iter__scrub_8c_source.html#l00208">synth_cname()</a>, <a class="el" href="iter__scrub_8c_source.html#l00230">synth_cname_rrset()</a>, <a class="el" href="msgparse_8h_source.html#l00145">rrset_parse::type</a>, <a class="el" href="log_8h_source.html#l00058">VERB_ALGO</a>, and <a class="el" href="ldns-testpkts_8c.html#a557e5b23b2833d7c1ec0415a1bdd2b1">verbose()</a>.</p>
<p>Referenced by <a class="el" href="iter__scrub_8c_source.html#l00668">scrub_message()</a>.</p>
</div>
</div><p>
<a class="anchor" name="057798ab93f8e96d81d136bfb197d4fa"></a><!-- doxytag: member="iter_scrub.c::store_rrset" ref="057798ab93f8e96d81d136bfb197d4fa" args="(ldns_buffer *pkt, struct msg_parse *msg, struct module_env *env, struct rrset_parse *rrset)" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">static void store_rrset </td>
<td>(</td>
<td class="paramtype">ldns_buffer * </td>
<td class="paramname"> <em>pkt</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">struct <a class="el" href="structmsg__parse.html">msg_parse</a> * </td>
<td class="paramname"> <em>msg</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">struct <a class="el" href="structmodule__env.html">module_env</a> * </td>
<td class="paramname"> <em>env</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">struct <a class="el" href="structrrset__parse.html">rrset_parse</a> * </td>
<td class="paramname"> <em>rrset</em></td><td> </td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td><td><code> [static]</code></td>
</tr>
</table>
</div>
<div class="memdoc">
<p>
Store potential poison in the cache (only if hardening disabled).
<p>
The rrset is stored in the cache but removed from the message. So that it will be used for infrastructure purposes, but not be returned to the client. <dl compact><dt><b>Parameters:</b></dt><dd>
<table border="0" cellspacing="2" cellpadding="0">
<tr><td valign="top"></td><td valign="top"><em>pkt,:</em> </td><td>packet </td></tr>
<tr><td valign="top"></td><td valign="top"><em>msg,:</em> </td><td>message parsed </td></tr>
<tr><td valign="top"></td><td valign="top"><em>env,:</em> </td><td>environment with cache </td></tr>
<tr><td valign="top"></td><td valign="top"><em>rrset,:</em> </td><td>to store. </td></tr>
</table>
</dl>
<p>References <a class="el" href="module_8h_source.html#l00194">module_env::alloc</a>, <a class="el" href="alloc_8c_source.html#l00186">alloc_special_obtain()</a>, <a class="el" href="alloc_8c_source.html#l00249">alloc_special_release()</a>, <a class="el" href="lruhash_8h_source.html#l00222">lruhash_entry::data</a>, <a class="el" href="packed__rrset_8h_source.html#l00094">ub_packed_rrset_key::entry</a>, <a class="el" href="packed__rrset_8h_source.html#l00103">ub_packed_rrset_key::id</a>, <a class="el" href="msgreply_8h_source.html#l00080">rrset_ref::id</a>, <a class="el" href="msgreply_8h_source.html#l00078">rrset_ref::key</a>, <a class="el" href="module_8h_source.html#l00198">module_env::now</a>, <a class="el" href="packed__rrset_8c_source.html#l00216">packed_rrset_ttl_add()</a>, <a class="el" href="msgreply_8c_source.html#l00333">parse_copy_decompress_rrset()</a>, <a class="el" href="module_8h_source.html#l00077">module_env::rrset_cache</a>, and <a class="el" href="rrset_8c_source.html#l00171">rrset_cache_update()</a>.</p>
<p>Referenced by <a class="el" href="iter__scrub_8c_source.html#l00565">scrub_sanitize()</a>.</p>
</div>
</div><p>
<a class="anchor" name="6140d89697711eaa763044622099cfa4"></a><!-- doxytag: member="iter_scrub.c::sanitize_nsec_is_overreach" ref="6140d89697711eaa763044622099cfa4" args="(struct rrset_parse *rrset, uint8_t *zonename)" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">static int sanitize_nsec_is_overreach </td>
<td>(</td>
<td class="paramtype">struct <a class="el" href="structrrset__parse.html">rrset_parse</a> * </td>
<td class="paramname"> <em>rrset</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">uint8_t * </td>
<td class="paramname"> <em>zonename</em></td><td> </td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td><td><code> [static]</code></td>
</tr>
</table>
</div>
<div class="memdoc">
<p>
Check if right hand name in NSEC is within zone.
<p>
<dl compact><dt><b>Parameters:</b></dt><dd>
<table border="0" cellspacing="2" cellpadding="0">
<tr><td valign="top"></td><td valign="top"><em>rrset,:</em> </td><td>the NSEC rrset </td></tr>
<tr><td valign="top"></td><td valign="top"><em>zonename,:</em> </td><td>the zone name. </td></tr>
</table>
</dl>
<dl class="return" compact><dt><b>Returns:</b></dt><dd>true if BAD. </dd></dl>
<p>References <a class="el" href="dname_8c_source.html#l00587">dname_subdomain_c()</a>, <a class="el" href="dname_8c_source.html#l00072">dname_valid()</a>, <a class="el" href="log_8h_source.html#l00185">log_assert</a>, <a class="el" href="msgparse_8h_source.html#l00182">rr_parse::next</a>, <a class="el" href="msgparse_8h_source.html#l00155">rrset_parse::rr_first</a>, <a class="el" href="msgparse_8h_source.html#l00175">rr_parse::ttl_data</a>, and <a class="el" href="msgparse_8h_source.html#l00145">rrset_parse::type</a>.</p>
<p>Referenced by <a class="el" href="iter__scrub_8c_source.html#l00565">scrub_sanitize()</a>.</p>
</div>
</div><p>
<a class="anchor" name="035916975fec0fe36322289f9505de18"></a><!-- doxytag: member="iter_scrub.c::scrub_sanitize" ref="035916975fec0fe36322289f9505de18" args="(ldns_buffer *pkt, struct msg_parse *msg, struct query_info *qinfo, uint8_t *zonename, struct module_env *env, struct iter_env *ie)" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">static int scrub_sanitize </td>
<td>(</td>
<td class="paramtype">ldns_buffer * </td>
<td class="paramname"> <em>pkt</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">struct <a class="el" href="structmsg__parse.html">msg_parse</a> * </td>
<td class="paramname"> <em>msg</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">struct <a class="el" href="structquery__info.html">query_info</a> * </td>
<td class="paramname"> <em>qinfo</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">uint8_t * </td>
<td class="paramname"> <em>zonename</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">struct <a class="el" href="structmodule__env.html">module_env</a> * </td>
<td class="paramname"> <em>env</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">struct <a class="el" href="structiter__env.html">iter_env</a> * </td>
<td class="paramname"> <em>ie</em></td><td> </td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td><td><code> [static]</code></td>
</tr>
</table>
</div>
<div class="memdoc">
<p>
Given a response event, remove suspect RRsets from the response.
<p>
"Suspect" rrsets are potentially poison. Note that this routine expects the response to be in a "normalized" state -- that is, all "irrelevant" RRsets have already been removed, CNAMEs are in order, etc.<p>
<dl compact><dt><b>Parameters:</b></dt><dd>
<table border="0" cellspacing="2" cellpadding="0">
<tr><td valign="top"></td><td valign="top"><em>pkt,:</em> </td><td>packet. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>msg,:</em> </td><td>msg to normalize. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>qinfo,:</em> </td><td>the question originally asked. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>zonename,:</em> </td><td>name of server zone. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>env,:</em> </td><td>module environment with config and cache. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>ie,:</em> </td><td>iterator environment with private address data. </td></tr>
</table>
</dl>
<dl class="return" compact><dt><b>Returns:</b></dt><dd>0 on error. </dd></dl>
<p>References <a class="el" href="msgparse_8h_source.html#l00097">msg_parse::an_rrsets</a>, <a class="el" href="module_8h_source.html#l00073">module_env::cfg</a>, <a class="el" href="msgparse_8h_source.html#l00141">rrset_parse::dname</a>, <a class="el" href="dname_8c_source.html#l00217">dname_pkt_compare()</a>, <a class="el" href="msgparse_8h_source.html#l00087">msg_parse::flags</a>, <a class="el" href="net__help_8h_source.html#l00070">FLAGS_GET_RCODE</a>, <a class="el" href="net__help_8h_source.html#l00072">FLAGS_SET_RCODE</a>, <a class="el" href="config__file_8h_source.html#l00147">config_file::harden_glue</a>, <a class="el" href="iter__scrub_8c_source.html#l00287">pkt_strict_sub()</a>, <a class="el" href="iter__scrub_8c_source.html#l00299">pkt_sub()</a>, <a class="el" href="iterator_8h_source.html#l00094">iter_env::priv</a>, <a class="el" href="iter__priv_8c_source.html#l00210">priv_rrset_bad()</a>, <a class="el" href="msgreply_8h_source.html#l00064">query_info::qname</a>, <a class="el" href="iter__scrub_8c_source.html#l00062">remove_rrset()</a>, <a class="el" href="msgparse_8h_source.html#l00133">rrset_parse::rrset_all_next</a>, <a class="el" href="msgparse_8h_source.html#l00121">msg_parse::rrset_first</a>, <a class="el" href="iter__scrub_8c_source.html#l00527">sanitize_nsec_is_overreach()</a>, <a class="el" href="msgparse_8h_source.html#l00139">rrset_parse::section</a>, <a class="el" href="iter__scrub_8c_source.html#l00496">store_rrset()</a>, and <a class="el" href="msgparse_8h_source.html#l00145">rrset_parse::type</a>.</p>
<p>Referenced by <a class="el" href="iter__scrub_8c_source.html#l00668">scrub_message()</a>.</p>
</div>
</div><p>
<a class="anchor" name="9ed5945d99864434ca0a7a540b667029"></a><!-- doxytag: member="iter_scrub.c::scrub_message" ref="9ed5945d99864434ca0a7a540b667029" args="(ldns_buffer *pkt, struct msg_parse *msg, struct query_info *qinfo, uint8_t *zonename, struct regional *region, struct module_env *env, struct iter_env *ie)" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int scrub_message </td>
<td>(</td>
<td class="paramtype">ldns_buffer * </td>
<td class="paramname"> <em>pkt</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">struct <a class="el" href="structmsg__parse.html">msg_parse</a> * </td>
<td class="paramname"> <em>msg</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">struct <a class="el" href="structquery__info.html">query_info</a> * </td>
<td class="paramname"> <em>qinfo</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">uint8_t * </td>
<td class="paramname"> <em>zonename</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">struct <a class="el" href="structregional.html">regional</a> * </td>
<td class="paramname"> <em>regional</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">struct <a class="el" href="structmodule__env.html">module_env</a> * </td>
<td class="paramname"> <em>env</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">struct <a class="el" href="structiter__env.html">iter_env</a> * </td>
<td class="paramname"> <em>ie</em></td><td> </td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td><td></td>
</tr>
</table>
</div>
<div class="memdoc">
<p>
Cleanup the passed dns message.
<p>
<dl compact><dt><b>Parameters:</b></dt><dd>
<table border="0" cellspacing="2" cellpadding="0">
<tr><td valign="top"></td><td valign="top"><em>pkt,:</em> </td><td>the packet itself, for resolving name compression pointers. the packet buffer is unaltered. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>msg,:</em> </td><td>the parsed packet, this structure is cleaned up. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>qinfo,:</em> </td><td>the query info that was sent to the server. Checked. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>zonename,:</em> </td><td>the name of the last delegation point. Used to determine out of bailiwick information. </td></tr>
<tr><td valign="top"></td><td valign="top"><em><a class="el" href="structregional.html" title="the regional* is the first block*.">regional</a>,:</em> </td><td>where to allocate (new) parts of the message. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>env,:</em> </td><td>module environment with config settings and cache. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>ie,:</em> </td><td>iterator module environment data. </td></tr>
</table>
</dl>
<dl class="return" compact><dt><b>Returns:</b></dt><dd>: false if the message is total waste. true if scrubbed with success. </dd></dl>
<p>References <a class="el" href="net__help_8h_source.html#l00068">BIT_QR</a>, <a class="el" href="dname_8c_source.html#l00217">dname_pkt_compare()</a>, <a class="el" href="msgparse_8h_source.html#l00087">msg_parse::flags</a>, <a class="el" href="net__help_8h_source.html#l00070">FLAGS_GET_RCODE</a>, <a class="el" href="net__help_8c_source.html#l00265">log_nametypeclass()</a>, <a class="el" href="msgparse_8h_source.html#l00112">msg_parse::qclass</a>, <a class="el" href="msgreply_8h_source.html#l00070">query_info::qclass</a>, <a class="el" href="msgparse_8h_source.html#l00089">msg_parse::qdcount</a>, <a class="el" href="msgreply_8h_source.html#l00064">query_info::qname</a>, <a class="el" href="msgparse_8h_source.html#l00106">msg_parse::qname</a>, <a class="el" href="msgreply_8h_source.html#l00068">query_info::qtype</a>, <a class="el" href="msgparse_8h_source.html#l00110">msg_parse::qtype</a>, <a class="el" href="iter__scrub_8c_source.html#l00318">scrub_normalize()</a>, <a class="el" href="iter__scrub_8c_source.html#l00565">scrub_sanitize()</a>, and <a class="el" href="log_8h_source.html#l00058">VERB_ALGO</a>.</p>
<p>Referenced by <a class="el" href="iterator_8c_source.html#l02011">process_response()</a>.</p>
</div>
</div><p>
</div>
<hr size="1"><address style="text-align: right;"><small>Generated on Tue Oct 13 06:46:30 2009 for unbound by
<a href="http://www.doxygen.org/index.html">
<img src="doxygen.png" alt="doxygen" align="middle" border="0"></a> 1.5.9 </small></address>
</body>
</html>
distrib
>
Mandriva
>
2010.0
>
i586
>
media
>
contrib-release
>
by-pkgid
>
550bbe86d83a7870fdddc73c68e5d2b2
>
files
>
178
