1

2
/*-
3
 * SPDX-License-Identifier: ISC
4
 *
5
 * Copyright (c) 2004 by Internet Systems Consortium, Inc. ("ISC")
6
 * Copyright (c) 1999 by Internet Software Consortium.
7
 *
8
 * Permission to use, copy, modify, and distribute this software for any
9
 * purpose with or without fee is hereby granted, provided that the above
10
 * copyright notice and this permission notice appear in all copies.
11
 *
12
 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES
13
 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
14
 * MERCHANTABILITY AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR
15
 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
16
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
18
 * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
 */
20

21
/* Import. */
22

23
#include "port_before.h"
24

25
#include <sys/param.h>
26
#include <sys/socket.h>
27
#include <sys/time.h>
28

29
#include <netinet/in.h>
30
#include <arpa/inet.h>
31
#include <arpa/nameser.h>
32

33
#include <errno.h>
34
#include <limits.h>
35
#include <netdb.h>
36
#include <stdarg.h>
37
#include <stdio.h>
38
#include <stdlib.h>
39
#include <string.h>
40

41
#include <isc/list.h>
42

43
#include "port_after.h"
44

45
#include <resolv.h>
46

47
/* Data structures. */
48

49
typedef struct rr_a {
50
	LINK(struct rr_a)	link;
51
	union res_sockaddr_union addr;
52
} rr_a;
53
typedef LIST(rr_a) rrset_a;
54

55
typedef struct rr_ns {
56
	LINK(struct rr_ns)	link;
57
	const char *		name;
58
	unsigned int		flags;
59
	rrset_a			addrs;
60
} rr_ns;
61
typedef LIST(rr_ns) rrset_ns;
62

63
#define	RR_NS_HAVE_V4		0x01
64
#define	RR_NS_HAVE_V6		0x02
65

66
/* Forward. */
67

68
static int	satisfy(res_state, const char *, rrset_ns *,
69
			union res_sockaddr_union *, int);
70
static int	add_addrs(res_state, rr_ns *,
71
			  union res_sockaddr_union *, int);
72
static int	get_soa(res_state, const char *, ns_class, int,
73
			char *, size_t, char *, size_t,
74
			rrset_ns *);
75
static int	get_ns(res_state, const char *, ns_class, int, rrset_ns *);
76
static int	get_glue(res_state, ns_class, int, rrset_ns *);
77
static int	save_ns(res_state, ns_msg *, ns_sect,
78
			const char *, ns_class, int, rrset_ns *);
79
static int	save_a(res_state, ns_msg *, ns_sect,
80
		       const char *, ns_class, int, rr_ns *);
81
static void	free_nsrrset(rrset_ns *);
82
static void	free_nsrr(rrset_ns *, rr_ns *);
83
static rr_ns *	find_ns(rrset_ns *, const char *);
84
static int	do_query(res_state, const char *, ns_class, ns_type,
85
			 u_char *, ns_msg *);
86
static void	res_dprintf(const char *, ...) ISC_FORMAT_PRINTF(1, 2);
87

88
/* Macros. */
89

90
#define DPRINTF(x) do {\
91
		int save_errno = errno; \
92
		if ((statp->options & RES_DEBUG) != 0U) res_dprintf x; \
93
		errno = save_errno; \
94
	} while (0)
95

96
/* Public. */
97

98
/*%
99
 *	find enclosing zone for a <dname,class>, and some server addresses
100
 *
101
 * parameters:
102
 *\li	res - resolver context to work within (is modified)
103
 *\li	dname - domain name whose enclosing zone is desired
104
 *\li	class - class of dname (and its enclosing zone)
105
 *\li	zname - found zone name
106
 *\li	zsize - allocated size of zname
107
 *\li	addrs - found server addresses
108
 *\li	naddrs - max number of addrs
109
 *
110
 * return values:
111
 *\li	< 0 - an error occurred (check errno)
112
 *\li	= 0 - zname is now valid, but addrs[] wasn't changed
113
 *\li	> 0 - zname is now valid, and return value is number of addrs[] found
114
 *
115
 * notes:
116
 *\li	this function calls res_nsend() which means it depends on correctly
117
 *	functioning recursive nameservers (usually defined in /etc/resolv.conf
118
 *	or its local equivalent).
119
 *
120
 *\li	we start by asking for an SOA<dname,class>.  if we get one as an
121
 *	answer, that just means <dname,class> is a zone top, which is fine.
122
 *	more than likely we'll be told to go pound sand, in the form of a
123
 *	negative answer.
124
 *
125
 *\li	note that we are not prepared to deal with referrals since that would
126
 *	only come from authority servers and our correctly functioning local
127
 *	recursive server would have followed the referral and got us something
128
 *	more definite.
129
 *
130
 *\li	if the authority section contains an SOA, this SOA should also be the
131
 *	closest enclosing zone, since any intermediary zone cuts would've been
132
 *	returned as referrals and dealt with by our correctly functioning local
133
 *	recursive name server.  but an SOA in the authority section should NOT
134
 *	match our dname (since that would have been returned in the answer
135
 *	section).  an authority section SOA has to be "above" our dname.
136
 *
137
 *\li	however, since authority section SOA's were once optional, it's
138
 *	possible that we'll have to go hunting for the enclosing SOA by
139
 *	ripping labels off the front of our dname -- this is known as "doing
140
 *	it the hard way."
141
 *
142
 *\li	ultimately we want some server addresses, which are ideally the ones
143
 *	pertaining to the SOA.MNAME, but only if there is a matching NS RR.
144
 *	so the second phase (after we find an SOA) is to go looking for the
145
 *	NS RRset for that SOA's zone.
146
 *
147
 *\li	no answer section processed by this code is allowed to contain CNAME
148
 *	or DNAME RR's.  for the SOA query this means we strip a label and
149
 *	keep going.  for the NS and A queries this means we just give up.
150
 */
151

152
#ifndef _LIBC
153
int
154
res_findzonecut(res_state statp, const char *dname, ns_class class, int opts,
155
		char *zname, size_t zsize, struct in_addr *addrs, int naddrs)
156
{
157
	int result, i;
158
	union res_sockaddr_union *u;
159

160
	
161
	opts |= RES_IPV4ONLY;
162
	opts &= ~RES_IPV6ONLY;
163

164
	u = calloc(naddrs, sizeof(*u));
165
	if (u == NULL)
166
		return(-1);
167

168
	result = res_findzonecut2(statp, dname, class, opts, zname, zsize,
169
				  u, naddrs);
170

171
	for (i = 0; i < result; i++) {
172
		addrs[i] = u[i].sin.sin_addr;
173
	}
174
	free(u);
175
	return (result);
176
}
177
#endif
178

179
int
180
res_findzonecut2(res_state statp, const char *dname, ns_class class, int opts,
181
		 char *zname, size_t zsize, union res_sockaddr_union *addrs,
182
		 int naddrs)
183
{
184
	char mname[NS_MAXDNAME];
185
	u_long save_pfcode;
186
	rrset_ns nsrrs;
187
	int n;
188

189
	DPRINTF(("START dname='%s' class=%s, zsize=%ld, naddrs=%d",
190
		 dname, p_class(class), (long)zsize, naddrs));
191
	save_pfcode = statp->pfcode;
192
	statp->pfcode |= RES_PRF_HEAD2 | RES_PRF_HEAD1 | RES_PRF_HEADX |
193
			 RES_PRF_QUES | RES_PRF_ANS |
194
			 RES_PRF_AUTH | RES_PRF_ADD;
195
	INIT_LIST(nsrrs);
196

197
	DPRINTF(("get the soa, and see if it has enough glue"));
198
	if ((n = get_soa(statp, dname, class, opts, zname, zsize,
199
			 mname, sizeof mname, &nsrrs)) < 0 ||
200
	    ((opts & RES_EXHAUSTIVE) == 0 &&
201
	     (n = satisfy(statp, mname, &nsrrs, addrs, naddrs)) > 0))
202
		goto done;
203

204
	DPRINTF(("get the ns rrset and see if it has enough glue"));
205
	if ((n = get_ns(statp, zname, class, opts, &nsrrs)) < 0 ||
206
	    ((opts & RES_EXHAUSTIVE) == 0 &&
207
	     (n = satisfy(statp, mname, &nsrrs, addrs, naddrs)) > 0))
208
		goto done;
209

210
	DPRINTF(("get the missing glue and see if it's finally enough"));
211
	if ((n = get_glue(statp, class, opts, &nsrrs)) >= 0)
212
		n = satisfy(statp, mname, &nsrrs, addrs, naddrs);
213

214
 done:
215
	DPRINTF(("FINISH n=%d (%s)", n, (n < 0) ? strerror(errno) : "OK"));
216
	free_nsrrset(&nsrrs);
217
	statp->pfcode = save_pfcode;
218
	return (n);
219
}
220

221
/* Private. */
222

223
static int
224
satisfy(res_state statp, const char *mname, rrset_ns *nsrrsp,
225
	union res_sockaddr_union *addrs, int naddrs)
226
{
227
	rr_ns *nsrr;
228
	int n, x;
229

230
	n = 0;
231
	nsrr = find_ns(nsrrsp, mname);
232
	if (nsrr != NULL) {
233
		x = add_addrs(statp, nsrr, addrs, naddrs);
234
		addrs += x;
235
		naddrs -= x;
236
		n += x;
237
	}
238
	for (nsrr = HEAD(*nsrrsp);
239
	     nsrr != NULL && naddrs > 0;
240
	     nsrr = NEXT(nsrr, link))
241
		if (ns_samename(nsrr->name, mname) != 1) {
242
			x = add_addrs(statp, nsrr, addrs, naddrs);
243
			addrs += x;
244
			naddrs -= x;
245
			n += x;
246
		}
247
	DPRINTF(("satisfy(%s): %d", mname, n));
248
	return (n);
249
}
250

251
static int
252
add_addrs(res_state statp, rr_ns *nsrr,
253
	  union res_sockaddr_union *addrs, int naddrs)
254
{
255
	rr_a *arr;
256
	int n = 0;
257

258
	for (arr = HEAD(nsrr->addrs); arr != NULL; arr = NEXT(arr, link)) {
259
		if (naddrs <= 0)
260
			return (0);
261
		*addrs++ = arr->addr;
262
		naddrs--;
263
		n++;
264
	}
265
	DPRINTF(("add_addrs: %d", n));
266
	return (n);
267
}
268

269
static int
270
get_soa(res_state statp, const char *dname, ns_class class, int opts,
271
	char *zname, size_t zsize, char *mname, size_t msize,
272
	rrset_ns *nsrrsp)
273
{
274
	char tname[NS_MAXDNAME];
275
	u_char *resp = NULL;
276
	int n, i, ancount, nscount;
277
	ns_sect sect;
278
	ns_msg msg;
279
	u_int rcode;
280

281
	/*
282
	 * Find closest enclosing SOA, even if it's for the root zone.
283
	 */
284

285
	/* First canonicalize dname (exactly one unescaped trailing "."). */
286
	if (ns_makecanon(dname, tname, sizeof tname) < 0)
287
		goto cleanup;
288
	dname = tname;
289

290
	resp = malloc(NS_MAXMSG);
291
	if (resp == NULL)
292
		goto cleanup;
293

294
	/* Now grovel the subdomains, hunting for an SOA answer or auth. */
295
	for (;;) {
296
		/* Leading or inter-label '.' are skipped here. */
297
		while (*dname == '.')
298
			dname++;
299

300
		/* Is there an SOA? */
301
		n = do_query(statp, dname, class, ns_t_soa, resp, &msg);
302
		if (n < 0) {
303
			DPRINTF(("get_soa: do_query('%s', %s) failed (%d)",
304
				 dname, p_class(class), n));
305
			goto cleanup;
306
		}
307
		if (n > 0) {
308
			DPRINTF(("get_soa: CNAME or DNAME found"));
309
			sect = ns_s_max, n = 0;
310
		} else {
311
			rcode = ns_msg_getflag(msg, ns_f_rcode);
312
			ancount = ns_msg_count(msg, ns_s_an);
313
			nscount = ns_msg_count(msg, ns_s_ns);
314
			if (ancount > 0 && rcode == ns_r_noerror)
315
				sect = ns_s_an, n = ancount;
316
			else if (nscount > 0)
317
				sect = ns_s_ns, n = nscount;
318
			else
319
				sect = ns_s_max, n = 0;
320
		}
321
		for (i = 0; i < n; i++) {
322
			const char *t;
323
			const u_char *rdata;
324
			ns_rr rr;
325

326
			if (ns_parserr(&msg, sect, i, &rr) < 0) {
327
				DPRINTF(("get_soa: ns_parserr(%s, %d) failed",
328
					 p_section(sect, ns_o_query), i));
329
				goto cleanup;
330
			}
331
			if (ns_rr_type(rr) == ns_t_cname ||
332
			    ns_rr_type(rr) == ns_t_dname)
333
				break;
334
			if (ns_rr_type(rr) != ns_t_soa ||
335
			    ns_rr_class(rr) != class)
336
				continue;
337
			t = ns_rr_name(rr);
338
			switch (sect) {
339
			case ns_s_an:
340
				if (ns_samedomain(dname, t) == 0) {
341
					DPRINTF(
342
				    ("get_soa: ns_samedomain('%s', '%s') == 0",
343
						dname, t)
344
						);
345
					errno = EPROTOTYPE;
346
					goto cleanup;
347
				}
348
				break;
349
			case ns_s_ns:
350
				if (ns_samename(dname, t) == 1 ||
351
				    ns_samedomain(dname, t) == 0) {
352
					DPRINTF(
353
		       ("get_soa: ns_samename() || !ns_samedomain('%s', '%s')",
354
						dname, t)
355
						);
356
					errno = EPROTOTYPE;
357
					goto cleanup;
358
				}
359
				break;
360
			default:
361
				abort();
362
			}
363
			if (strlen(t) + 1 > zsize) {
364
				DPRINTF(("get_soa: zname(%lu) too small (%lu)",
365
					 (unsigned long)zsize,
366
					 (unsigned long)strlen(t) + 1));
367
				errno = EMSGSIZE;
368
				goto cleanup;
369
			}
370
			strcpy(zname, t);
371
			rdata = ns_rr_rdata(rr);
372
			if (ns_name_uncompress(resp, ns_msg_end(msg), rdata,
373
					       mname, msize) < 0) {
374
				DPRINTF(("get_soa: ns_name_uncompress failed")
375
					);
376
				goto cleanup;
377
			}
378
			if (save_ns(statp, &msg, ns_s_ns,
379
				    zname, class, opts, nsrrsp) < 0) {
380
				DPRINTF(("get_soa: save_ns failed"));
381
				goto cleanup;
382
			}
383
			free(resp);
384
			return (0);
385
		}
386

387
		/* If we're out of labels, then not even "." has an SOA! */
388
		if (*dname == '\0')
389
			break;
390

391
		/* Find label-terminating "."; top of loop will skip it. */
392
		while (*dname != '.') {
393
			if (*dname == '\\')
394
				if (*++dname == '\0') {
395
					errno = EMSGSIZE;
396
					goto cleanup;
397
				}
398
			dname++;
399
		}
400
	}
401
	DPRINTF(("get_soa: out of labels"));
402
	errno = EDESTADDRREQ;
403
 cleanup:
404
	if (resp != NULL)
405
		free(resp);
406
	return (-1);
407
}
408

409
static int
410
get_ns(res_state statp, const char *zname, ns_class class, int opts,
411
      rrset_ns *nsrrsp)
412
{
413
	u_char *resp;
414
	ns_msg msg;
415
	int n;
416

417
	resp = malloc(NS_MAXMSG);
418
	if (resp == NULL)
419
		return (-1);
420

421
	/* Go and get the NS RRs for this zone. */
422
	n = do_query(statp, zname, class, ns_t_ns, resp, &msg);
423
	if (n != 0) {
424
		DPRINTF(("get_ns: do_query('%s', %s) failed (%d)",
425
			 zname, p_class(class), n));
426
		free(resp);
427
		return (-1);
428
	}
429

430
	/* Remember the NS RRs and associated A RRs that came back. */
431
	if (save_ns(statp, &msg, ns_s_an, zname, class, opts, nsrrsp) < 0) {
432
		DPRINTF(("get_ns save_ns('%s', %s) failed",
433
			 zname, p_class(class)));
434
		free(resp);
435
		return (-1);
436
	}
437

438
	free(resp);
439
	return (0);
440
}
441

442
static int
443
get_glue(res_state statp, ns_class class, int opts, rrset_ns *nsrrsp) {
444
	rr_ns *nsrr, *nsrr_n;
445
	u_char *resp;
446

447
	resp = malloc(NS_MAXMSG);
448
	if (resp == NULL)
449
		return(-1);
450

451
	/* Go and get the A RRs for each empty NS RR on our list. */
452
	for (nsrr = HEAD(*nsrrsp); nsrr != NULL; nsrr = nsrr_n) {
453
		ns_msg msg;
454
		int n;
455

456
		nsrr_n = NEXT(nsrr, link);
457

458
		if ((nsrr->flags & RR_NS_HAVE_V4) == 0) {
459
			n = do_query(statp, nsrr->name, class, ns_t_a,
460
				     resp, &msg);
461
			if (n < 0) {
462
				DPRINTF(
463
				       ("get_glue: do_query('%s', %s') failed",
464
					nsrr->name, p_class(class)));
465
				goto cleanup;
466
			}
467
			if (n > 0) {
468
				DPRINTF((
469
			"get_glue: do_query('%s', %s') CNAME or DNAME found",
470
					 nsrr->name, p_class(class)));
471
			}
472
			if (save_a(statp, &msg, ns_s_an, nsrr->name, class,
473
				   opts, nsrr) < 0) {
474
				DPRINTF(("get_glue: save_r('%s', %s) failed",
475
					 nsrr->name, p_class(class)));
476
				goto cleanup;
477
			}
478
		}
479

480
		if ((nsrr->flags & RR_NS_HAVE_V6) == 0) {
481
			n = do_query(statp, nsrr->name, class, ns_t_aaaa,
482
				     resp, &msg);
483
			if (n < 0) {
484
				DPRINTF(
485
				       ("get_glue: do_query('%s', %s') failed",
486
					nsrr->name, p_class(class)));
487
				goto cleanup;
488
			}
489
			if (n > 0) {
490
				DPRINTF((
491
			"get_glue: do_query('%s', %s') CNAME or DNAME found",
492
					 nsrr->name, p_class(class)));
493
			}
494
			if (save_a(statp, &msg, ns_s_an, nsrr->name, class,
495
				   opts, nsrr) < 0) {
496
				DPRINTF(("get_glue: save_r('%s', %s) failed",
497
					 nsrr->name, p_class(class)));
498
				goto cleanup;
499
			}
500
		}
501

502
		/* If it's still empty, it's just chaff. */
503
		if (EMPTY(nsrr->addrs)) {
504
			DPRINTF(("get_glue: removing empty '%s' NS",
505
				 nsrr->name));
506
			free_nsrr(nsrrsp, nsrr);
507
		}
508
	}
509
	free(resp);
510
	return (0);
511

512
 cleanup:
513
	free(resp);
514
	return (-1);
515
}
516

517
static int
518
save_ns(res_state statp, ns_msg *msg, ns_sect sect,
519
	const char *owner, ns_class class, int opts,
520
	rrset_ns *nsrrsp)
521
{
522
	int i;
523

524
	for (i = 0; i < ns_msg_count(*msg, sect); i++) {
525
		char tname[MAXDNAME];
526
		const u_char *rdata;
527
		rr_ns *nsrr;
528
		ns_rr rr;
529

530
		if (ns_parserr(msg, sect, i, &rr) < 0) {
531
			DPRINTF(("save_ns: ns_parserr(%s, %d) failed",
532
				 p_section(sect, ns_o_query), i));
533
			return (-1);
534
		}
535
		if (ns_rr_type(rr) != ns_t_ns ||
536
		    ns_rr_class(rr) != class ||
537
		    ns_samename(ns_rr_name(rr), owner) != 1)
538
			continue;
539
		nsrr = find_ns(nsrrsp, ns_rr_name(rr));
540
		if (nsrr == NULL) {
541
			nsrr = malloc(sizeof *nsrr);
542
			if (nsrr == NULL) {
543
				DPRINTF(("save_ns: malloc failed"));
544
				return (-1);
545
			}
546
			rdata = ns_rr_rdata(rr);
547
			if (ns_name_uncompress(ns_msg_base(*msg),
548
					       ns_msg_end(*msg), rdata,
549
					       tname, sizeof tname) < 0) {
550
				DPRINTF(("save_ns: ns_name_uncompress failed")
551
					);
552
				free(nsrr);
553
				return (-1);
554
			}
555
			nsrr->name = strdup(tname);
556
			if (nsrr->name == NULL) {
557
				DPRINTF(("save_ns: strdup failed"));
558
				free(nsrr);
559
				return (-1);
560
			}
561
			INIT_LINK(nsrr, link);
562
			INIT_LIST(nsrr->addrs);
563
			nsrr->flags = 0;
564
			APPEND(*nsrrsp, nsrr, link);
565
		}
566
		if (save_a(statp, msg, ns_s_ar,
567
			   nsrr->name, class, opts, nsrr) < 0) {
568
			DPRINTF(("save_ns: save_r('%s', %s) failed",
569
				 nsrr->name, p_class(class)));
570
			return (-1);
571
		}
572
	}
573
	return (0);
574
}
575

576
static int
577
save_a(res_state statp, ns_msg *msg, ns_sect sect,
578
       const char *owner, ns_class class, int opts,
579
       rr_ns *nsrr)
580
{
581
	int i;
582

583
	for (i = 0; i < ns_msg_count(*msg, sect); i++) {
584
		ns_rr rr;
585
		rr_a *arr;
586

587
		if (ns_parserr(msg, sect, i, &rr) < 0) {
588
			DPRINTF(("save_a: ns_parserr(%s, %d) failed",
589
				 p_section(sect, ns_o_query), i));
590
			return (-1);
591
		}
592
		if ((ns_rr_type(rr) != ns_t_a &&
593
		     ns_rr_type(rr) != ns_t_aaaa) ||
594
		    ns_rr_class(rr) != class ||
595
		    ns_samename(ns_rr_name(rr), owner) != 1 ||
596
		    ns_rr_rdlen(rr) != NS_INADDRSZ)
597
			continue;
598
		if ((opts & RES_IPV6ONLY) != 0 && ns_rr_type(rr) != ns_t_aaaa)
599
			continue;
600
		if ((opts & RES_IPV4ONLY) != 0 && ns_rr_type(rr) != ns_t_a)
601
			continue;
602
		arr = malloc(sizeof *arr);
603
		if (arr == NULL) {
604
			DPRINTF(("save_a: malloc failed"));
605
			return (-1);
606
		}
607
		INIT_LINK(arr, link);
608
		memset(&arr->addr, 0, sizeof(arr->addr));
609
		switch (ns_rr_type(rr)) {
610
		case ns_t_a:
611
			arr->addr.sin.sin_family = AF_INET;
612
#ifdef HAVE_SA_LEN
613
			arr->addr.sin.sin_len = sizeof(arr->addr.sin);
614
#endif
615
			memcpy(&arr->addr.sin.sin_addr, ns_rr_rdata(rr),
616
			       NS_INADDRSZ);
617
			arr->addr.sin.sin_port = htons(NAMESERVER_PORT);
618
			nsrr->flags |= RR_NS_HAVE_V4;
619
			break;
620
		case ns_t_aaaa:
621
			arr->addr.sin6.sin6_family = AF_INET6;
622
#ifdef HAVE_SA_LEN
623
			arr->addr.sin6.sin6_len = sizeof(arr->addr.sin6);
624
#endif
625
			memcpy(&arr->addr.sin6.sin6_addr, ns_rr_rdata(rr), 16);
626
			arr->addr.sin6.sin6_port = htons(NAMESERVER_PORT);
627
			nsrr->flags |= RR_NS_HAVE_V6;
628
			break;
629
		default:
630
			abort();
631
		}
632
		APPEND(nsrr->addrs, arr, link);
633
	}
634
	return (0);
635
}
636

637
static void
638
free_nsrrset(rrset_ns *nsrrsp) {
639
	rr_ns *nsrr;
640

641
	while ((nsrr = HEAD(*nsrrsp)) != NULL)
642
		free_nsrr(nsrrsp, nsrr);
643
}
644

645
static void
646
free_nsrr(rrset_ns *nsrrsp, rr_ns *nsrr) {
647
	rr_a *arr;
648
	char *tmp;
649

650
	while ((arr = HEAD(nsrr->addrs)) != NULL) {
651
		UNLINK(nsrr->addrs, arr, link);
652
		free(arr);
653
	}
654
	DE_CONST(nsrr->name, tmp);
655
	free(tmp);
656
	UNLINK(*nsrrsp, nsrr, link);
657
	free(nsrr);
658
}
659

660
static rr_ns *
661
find_ns(rrset_ns *nsrrsp, const char *dname) {
662
	rr_ns *nsrr;
663

664
	for (nsrr = HEAD(*nsrrsp); nsrr != NULL; nsrr = NEXT(nsrr, link))
665
		if (ns_samename(nsrr->name, dname) == 1)
666
			return (nsrr);
667
	return (NULL);
668
}
669

670
static int
671
do_query(res_state statp, const char *dname, ns_class class, ns_type qtype,
672
	 u_char *resp, ns_msg *msg)
673
{
674
	u_char req[NS_PACKETSZ];
675
	int i, n;
676

677
	n = res_nmkquery(statp, ns_o_query, dname, class, qtype,
678
			 NULL, 0, NULL, req, NS_PACKETSZ);
679
	if (n < 0) {
680
		DPRINTF(("do_query: res_nmkquery failed"));
681
		return (-1);
682
	}
683
	n = res_nsend(statp, req, n, resp, NS_MAXMSG);
684
	if (n < 0) {
685
		DPRINTF(("do_query: res_nsend failed"));
686
		return (-1);
687
	}
688
	if (n == 0) {
689
		DPRINTF(("do_query: res_nsend returned 0"));
690
		errno = EMSGSIZE;
691
		return (-1);
692
	}
693
	if (ns_initparse(resp, n, msg) < 0) {
694
		DPRINTF(("do_query: ns_initparse failed"));
695
		return (-1);
696
	}
697
	n = 0;
698
	for (i = 0; i < ns_msg_count(*msg, ns_s_an); i++) {
699
		ns_rr rr;
700

701
		if (ns_parserr(msg, ns_s_an, i, &rr) < 0) {
702
			DPRINTF(("do_query: ns_parserr failed"));
703
			return (-1);
704
		}
705
		n += (ns_rr_class(rr) == class &&
706
		      (ns_rr_type(rr) == ns_t_cname ||
707
		       ns_rr_type(rr) == ns_t_dname));
708
	}
709
	return (n);
710
}
711

712
static void
713
res_dprintf(const char *fmt, ...) {
714
	va_list ap;
715

716
	va_start(ap, fmt);
717
	fputs(";; res_findzonecut: ", stderr);
718
	vfprintf(stderr, fmt, ap);
719
	fputc('\n', stderr);
720
	va_end(ap);
721
}
722

723
/*! \file */
724

725