unbound
0.1
|
This file contains functions to resolve DNS queries and validate the answers. More...
Data Structures | |
struct | ub_result |
The validation and resolution results. More... | |
struct | ub_shm_stat_info |
Some global statistics that are not in struct stats_info, this struct is shared on a shm segment (shm-key in unbound.conf) More... | |
struct | ub_server_stats |
per worker statistics. More... | |
struct | ub_stats_info |
Statistics to send over the control pipe when asked This struct is made to be memcopied, sent in binary. More... | |
Macros | |
#define | UNBOUND_VERSION_MAJOR @UNBOUND_VERSION_MAJOR@ |
the version of this header file | |
#define | UNBOUND_VERSION_MINOR @UNBOUND_VERSION_MINOR@ |
#define | UNBOUND_VERSION_MICRO @UNBOUND_VERSION_MICRO@ |
#define | UB_STATS_QTYPE_NUM 256 |
number of qtype that is stored for in array | |
#define | UB_STATS_QCLASS_NUM 256 |
number of qclass that is stored for in array | |
#define | UB_STATS_RCODE_NUM 16 |
number of rcodes in stats | |
#define | UB_STATS_OPCODE_NUM 16 |
number of opcodes in stats | |
#define | UB_STATS_BUCKET_NUM 40 |
number of histogram buckets | |
Typedefs | |
typedef void(* | ub_callback_type) (void *, int, struct ub_result *) |
Callback for results of async queries. More... | |
Functions | |
struct ub_ctx * | ub_ctx_create (void) |
Create a resolving and validation context. More... | |
void | ub_ctx_delete (struct ub_ctx *ctx) |
Destroy a validation context and free all its resources. More... | |
int | ub_ctx_set_option (struct ub_ctx *ctx, const char *opt, const char *val) |
Set an option for the context. More... | |
int | ub_ctx_get_option (struct ub_ctx *ctx, const char *opt, char **str) |
Get an option from the context. More... | |
int | ub_ctx_config (struct ub_ctx *ctx, const char *fname) |
setup configuration for the given context. More... | |
int | ub_ctx_set_fwd (struct ub_ctx *ctx, const char *addr) |
Set machine to forward DNS queries to, the caching resolver to use. More... | |
int | ub_ctx_set_stub (struct ub_ctx *ctx, const char *zone, const char *addr, int isprime) |
Add a stub zone, with given address to send to. More... | |
int | ub_ctx_resolvconf (struct ub_ctx *ctx, const char *fname) |
Read list of nameservers to use from the filename given. More... | |
int | ub_ctx_hosts (struct ub_ctx *ctx, const char *fname) |
Read list of hosts from the filename given. More... | |
int | ub_ctx_add_ta (struct ub_ctx *ctx, const char *ta) |
Add a trust anchor to the given context. More... | |
int | ub_ctx_add_ta_file (struct ub_ctx *ctx, const char *fname) |
Add trust anchors to the given context. More... | |
int | ub_ctx_add_ta_autr (struct ub_ctx *ctx, const char *fname) |
Add trust anchor to the given context that is tracked with RFC5011 automated trust anchor maintenance. More... | |
int | ub_ctx_trustedkeys (struct ub_ctx *ctx, const char *fname) |
Add trust anchors to the given context. More... | |
int | ub_ctx_debugout (struct ub_ctx *ctx, void *out) |
Set debug output (and error output) to the specified stream. More... | |
int | ub_ctx_debuglevel (struct ub_ctx *ctx, int d) |
Set debug verbosity for the context Output is directed to stderr. More... | |
int | ub_ctx_async (struct ub_ctx *ctx, int dothread) |
Set a context behaviour for asynchronous action. More... | |
int | ub_poll (struct ub_ctx *ctx) |
Poll a context to see if it has any new results Do not poll in a loop, instead extract the fd below to poll for readiness, and then check, or wait using the wait routine. More... | |
int | ub_wait (struct ub_ctx *ctx) |
Wait for a context to finish with results. More... | |
int | ub_fd (struct ub_ctx *ctx) |
Get file descriptor. More... | |
int | ub_process (struct ub_ctx *ctx) |
Call this routine to continue processing results from the validating resolver (when the fd becomes readable). More... | |
int | ub_resolve (struct ub_ctx *ctx, const char *name, int rrtype, int rrclass, struct ub_result **result) |
Perform resolution and validation of the target name. More... | |
int | ub_resolve_async (struct ub_ctx *ctx, const char *name, int rrtype, int rrclass, void *mydata, ub_callback_type callback, int *async_id) |
Perform resolution and validation of the target name. More... | |
int | ub_cancel (struct ub_ctx *ctx, int async_id) |
Cancel an async query in progress. More... | |
void | ub_resolve_free (struct ub_result *result) |
Free storage associated with a result structure. More... | |
const char * | ub_strerror (int err) |
Convert error value to a human readable string. More... | |
int | ub_ctx_print_local_zones (struct ub_ctx *ctx) |
Debug routine. More... | |
int | ub_ctx_zone_add (struct ub_ctx *ctx, const char *zone_name, const char *zone_type) |
Add a new zone with the zonetype to the local authority info of the library. More... | |
int | ub_ctx_zone_remove (struct ub_ctx *ctx, const char *zone_name) |
Remove zone from local authority info of the library. More... | |
int | ub_ctx_data_add (struct ub_ctx *ctx, const char *data) |
Add localdata to the library local authority info. More... | |
int | ub_ctx_data_remove (struct ub_ctx *ctx, const char *data) |
Remove localdata from the library local authority info. More... | |
const char * | ub_version (void) |
Get a version string from the libunbound implementation. More... | |
This file contains functions to resolve DNS queries and validate the answers.
Synchronously and asynchronously.
Several ways to use this interface from an application wishing to perform (validated) DNS lookups.
All start with ctx = ub_ctx_create(); err = ub_ctx_add_ta(ctx, "..."); err = ub_ctx_add_ta(ctx, "..."); ... some lookups ... call ub_ctx_delete(ctx); when you want to stop.
Application not threaded. Blocking. int err = ub_resolve(ctx, "www.example.com", ... if(err) fprintf(stderr, "lookup error: %s\n", ub_strerror(err)); ... use the answer
Application not threaded. Non-blocking ('asynchronous'). err = ub_resolve_async(ctx, "www.example.com", ... my_callback); ... application resumes processing ... ... and when either ub_poll(ctx) is true ... or when the file descriptor ub_fd(ctx) is readable, ... or whenever, the app calls ... ub_process(ctx); ... if no result is ready, the app resumes processing above, ... or process() calls my_callback() with results.
... if the application has nothing more to do, wait for answer ub_wait(ctx);
Application threaded. Blocking. Blocking, same as above. The current thread does the work. Multiple threads can use the same context, each does work and uses shared cache data from the context.
Application threaded. Non-blocking ('asynchronous'). ... setup threaded-asynchronous config option err = ub_ctx_async(ctx, 1); ... same as async for non-threaded ... the callbacks are called in the thread that calls process(ctx)
Openssl needs to have locking in place, and the application must set it up, because a mere library cannot do this, use the calls CRYPTO_set_id_callback and CRYPTO_set_locking_callback.
If no threading is compiled in, the above async example uses fork(2) to create a process to perform the work. The forked process exits when the calling process exits, or ctx_delete() is called. Otherwise, for asynchronous with threading, a worker thread is created.
The blocking calls use shared ctx-cache when threaded. Thus ub_resolve() and ub_resolve_async() && ub_wait() are not the same. The first makes the current thread do the work, setting up buffers, etc, to perform the work (but using shared cache data). The second calls another worker thread (or process) to perform the work. And no buffers need to be set up, but a context-switch happens.
typedef void(* ub_callback_type) (void *, int, struct ub_result *) |
Callback for results of async queries.
The readable function definition looks like: void my_callback(void* my_arg, int err, struct ub_result* result); It is called with void* my_arg: your pointer to a (struct of) data of your choice, or NULL. int err: if 0 all is OK, otherwise an error occured and no results are forthcoming. struct result: pointer to more detailed result structure. This structure is allocated on the heap and needs to be freed with ub_resolve_free(result);
struct ub_ctx* ub_ctx_create | ( | void | ) |
Create a resolving and validation context.
The information from /etc/resolv.conf and /etc/hosts is not utilised by default. Use ub_ctx_resolvconf and ub_ctx_hosts to read them.
void ub_ctx_delete | ( | struct ub_ctx * | ctx | ) |
Destroy a validation context and free all its resources.
Outstanding async queries are killed and callbacks are not called for them.
ctx | context to delete. |
int ub_ctx_set_option | ( | struct ub_ctx * | ctx, |
const char * | opt, | ||
const char * | val | ||
) |
Set an option for the context.
ctx | context. |
opt | option name from the unbound.conf config file format. (not all settings applicable). The name includes the trailing ':' for example ub_ctx_set_option(ctx, "logfile:", "mylog.txt"); This is a power-users interface that lets you specify all sorts of options. For some specific options, such as adding trust anchors, special routines exist. |
val | value of the option. |
int ub_ctx_get_option | ( | struct ub_ctx * | ctx, |
const char * | opt, | ||
char ** | str | ||
) |
Get an option from the context.
ctx | context. |
opt | option name from the unbound.conf config file format. (not all settings applicable). The name excludes the trailing ':' for example ub_ctx_get_option(ctx, "logfile", &result); This is a power-users interface that lets you specify all sorts of options. |
str | the string is malloced and returned here. NULL on error. The caller must free() the string. In cases with multiple entries (auto-trust-anchor-file), a newline delimited list is returned in the string. |
int ub_ctx_config | ( | struct ub_ctx * | ctx, |
const char * | fname | ||
) |
setup configuration for the given context.
ctx | context. |
fname | unbound config file (not all settings applicable). This is a power-users interface that lets you specify all sorts of options. For some specific options, such as adding trust anchors, special routines exist. |
int ub_ctx_set_fwd | ( | struct ub_ctx * | ctx, |
const char * | addr | ||
) |
Set machine to forward DNS queries to, the caching resolver to use.
IP4 or IP6 address. Forwards all DNS requests to that machine, which is expected to run a recursive resolver. If the proxy is not DNSSEC-capable, validation may fail. Can be called several times, in that case the addresses are used as backup servers.
To read the list of nameservers from /etc/resolv.conf (from DHCP or so), use the call ub_ctx_resolvconf.
ctx | context. At this time it is only possible to set configuration before the first resolve is done. |
addr | address, IP4 or IP6 in string format. If the addr is NULL, forwarding is disabled. |
int ub_ctx_set_stub | ( | struct ub_ctx * | ctx, |
const char * | zone, | ||
const char * | addr, | ||
int | isprime | ||
) |
Add a stub zone, with given address to send to.
This is for custom root hints or pointing to a local authoritative dns server. For dns resolvers and the 'DHCP DNS' ip address, use ub_ctx_set_fwd. This is similar to a stub-zone entry in unbound.conf.
ctx | context. It is only possible to set configuration before the first resolve is done. |
zone | name of the zone, string. |
addr | address, IP4 or IP6 in string format. The addr is added to the list of stub-addresses if the entry exists. If the addr is NULL the stub entry is removed. |
isprime | set to true to set stub-prime to yes for the stub. For local authoritative servers, people usually set it to false, For root hints it should be set to true. |
int ub_ctx_resolvconf | ( | struct ub_ctx * | ctx, |
const char * | fname | ||
) |
Read list of nameservers to use from the filename given.
Usually "/etc/resolv.conf". Uses those nameservers as caching proxies. If they do not support DNSSEC, validation may fail.
Only nameservers are picked up, the searchdomain, ndots and other settings from resolv.conf(5) are ignored.
ctx | context. At this time it is only possible to set configuration before the first resolve is done. |
fname | file name string. If NULL "/etc/resolv.conf" is used. |
int ub_ctx_hosts | ( | struct ub_ctx * | ctx, |
const char * | fname | ||
) |
Read list of hosts from the filename given.
Usually "/etc/hosts". These addresses are not flagged as DNSSEC secure when queried for.
ctx | context. At this time it is only possible to set configuration before the first resolve is done. |
fname | file name string. If NULL "/etc/hosts" is used. |
int ub_ctx_add_ta | ( | struct ub_ctx * | ctx, |
const char * | ta | ||
) |
Add a trust anchor to the given context.
The trust anchor is a string, on one line, that holds a valid DNSKEY or DS RR.
ctx | context. At this time it is only possible to add trusted keys before the first resolve is done. |
ta | string, with zone-format RR on one line. [domainname] [TTL optional] [type] [class optional] [rdata contents] |
int ub_ctx_add_ta_file | ( | struct ub_ctx * | ctx, |
const char * | fname | ||
) |
Add trust anchors to the given context.
Pass name of a file with DS and DNSKEY records (like from dig or drill).
ctx | context. At this time it is only possible to add trusted keys before the first resolve is done. |
fname | filename of file with keyfile with trust anchors. |
int ub_ctx_add_ta_autr | ( | struct ub_ctx * | ctx, |
const char * | fname | ||
) |
Add trust anchor to the given context that is tracked with RFC5011 automated trust anchor maintenance.
The file is written to when the trust anchor is changed. Pass the name of a file that was output from eg. unbound-anchor, or you can start it by providing a trusted DNSKEY or DS record on one line in the file.
ctx | context. At this time it is only possible to add trusted keys before the first resolve is done. |
fname | filename of file with trust anchor. |
int ub_ctx_trustedkeys | ( | struct ub_ctx * | ctx, |
const char * | fname | ||
) |
Add trust anchors to the given context.
Pass the name of a bind-style config file with trusted-keys{}.
ctx | context. At this time it is only possible to add trusted keys before the first resolve is done. |
fname | filename of file with bind-style config entries with trust anchors. |
int ub_ctx_debugout | ( | struct ub_ctx * | ctx, |
void * | out | ||
) |
Set debug output (and error output) to the specified stream.
Pass NULL to disable. Default is stderr.
ctx | context. |
out | FILE* out file stream to log to. Type void* to avoid stdio dependency of this header file. |
int ub_ctx_debuglevel | ( | struct ub_ctx * | ctx, |
int | d | ||
) |
Set debug verbosity for the context Output is directed to stderr.
ctx | context. |
d | debug level, 0 is off, 1 is very minimal, 2 is detailed, and 3 is lots. |
int ub_ctx_async | ( | struct ub_ctx * | ctx, |
int | dothread | ||
) |
Set a context behaviour for asynchronous action.
ctx | context. |
dothread | if true, enables threading and a call to resolve_async() creates a thread to handle work in the background. If false, a process is forked to handle work in the background. Changes to this setting after async() calls have been made have no effect (delete and re-create the context to change). |
int ub_poll | ( | struct ub_ctx * | ctx | ) |
Poll a context to see if it has any new results Do not poll in a loop, instead extract the fd below to poll for readiness, and then check, or wait using the wait routine.
ctx | context. |
int ub_wait | ( | struct ub_ctx * | ctx | ) |
Wait for a context to finish with results.
Calls ub_process() after the wait for you. After the wait, there are no more outstanding asynchronous queries.
ctx | context. |
int ub_fd | ( | struct ub_ctx * | ctx | ) |
Get file descriptor.
Wait for it to become readable, at this point answers are returned from the asynchronous validating resolver. Then call the ub_process to continue processing. This routine works immediately after context creation, the fd does not change.
ctx | context. |
int ub_process | ( | struct ub_ctx * | ctx | ) |
Call this routine to continue processing results from the validating resolver (when the fd becomes readable).
Will perform necessary callbacks.
ctx | context |
int ub_resolve | ( | struct ub_ctx * | ctx, |
const char * | name, | ||
int | rrtype, | ||
int | rrclass, | ||
struct ub_result ** | result | ||
) |
Perform resolution and validation of the target name.
ctx | context. The context is finalized, and can no longer accept config changes. |
name | domain name in text format (a zero terminated text string). |
rrtype | type of RR in host order, 1 is A (address). |
rrclass | class of RR in host order, 1 is IN (for internet). |
result | the result data is returned in a newly allocated result structure. May be NULL on return, return value is set to an error in that case (out of memory). |
int ub_resolve_async | ( | struct ub_ctx * | ctx, |
const char * | name, | ||
int | rrtype, | ||
int | rrclass, | ||
void * | mydata, | ||
ub_callback_type | callback, | ||
int * | async_id | ||
) |
Perform resolution and validation of the target name.
Asynchronous, after a while, the callback will be called with your data and the result.
ctx | context. If no thread or process has been created yet to perform the work in the background, it is created now. The context is finalized, and can no longer accept config changes. |
name | domain name in text format (a string). |
rrtype | type of RR in host order, 1 is A. |
rrclass | class of RR in host order, 1 is IN (for internet). |
mydata | this data is your own data (you can pass NULL), and is passed on to the callback function. |
callback | this is called on completion of the resolution. It is called as: void callback(void* mydata, int err, struct ub_result* result) with mydata: the same as passed here, you may pass NULL, with err: is 0 when a result has been found. with result: a newly allocated result structure. The result may be NULL, in that case err is set. |
If an error happens during processing, your callback will be called with error set to a nonzero value (and result==NULL).
async_id | if you pass a non-NULL value, an identifier number is returned for the query as it is in progress. It can be used to cancel the query. |
int ub_cancel | ( | struct ub_ctx * | ctx, |
int | async_id | ||
) |
Cancel an async query in progress.
Its callback will not be called.
ctx | context. |
async_id | which query to cancel. |
void ub_resolve_free | ( | struct ub_result * | result | ) |
Free storage associated with a result structure.
result | to free |
const char* ub_strerror | ( | int | err | ) |
Convert error value to a human readable string.
err | error code from one of the libunbound functions. |
int ub_ctx_print_local_zones | ( | struct ub_ctx * | ctx | ) |
Debug routine.
Print the local zone information to debug output.
ctx | context. Is finalized by the routine. |
int ub_ctx_zone_add | ( | struct ub_ctx * | ctx, |
const char * | zone_name, | ||
const char * | zone_type | ||
) |
Add a new zone with the zonetype to the local authority info of the library.
ctx | context. Is finalized by the routine. |
zone_name | name of the zone in text, "example.com" If it already exists, the type is updated. |
zone_type | type of the zone (like for unbound.conf) in text. |
int ub_ctx_zone_remove | ( | struct ub_ctx * | ctx, |
const char * | zone_name | ||
) |
Remove zone from local authority info of the library.
ctx | context. Is finalized by the routine. |
zone_name | name of the zone in text, "example.com" If it does not exist, nothing happens. |
int ub_ctx_data_add | ( | struct ub_ctx * | ctx, |
const char * | data | ||
) |
Add localdata to the library local authority info.
Similar to local-data config statement.
ctx | context. Is finalized by the routine. |
data | the resource record in text format, for example "www.example.com IN A 127.0.0.1" |
int ub_ctx_data_remove | ( | struct ub_ctx * | ctx, |
const char * | data | ||
) |
Remove localdata from the library local authority info.
ctx | context. Is finalized by the routine. |
data | the name to delete all data from, like "www.example.com". |
const char* ub_version | ( | void | ) |
Get a version string from the libunbound implementation.