OpenDNSSEC-signer  1.4.7
xfrd.c
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2011 NLNet Labs. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  * notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  * notice, this list of conditions and the following disclaimer in the
11  * documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
15  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
17  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
19  * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
20  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
21  * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
22  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
23  * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24  *
25  */
26 
32 #include "config.h"
33 #include "daemon/engine.h"
34 #include "daemon/xfrhandler.h"
35 #include "shared/duration.h"
36 #include "shared/file.h"
37 #include "shared/log.h"
38 #include "shared/status.h"
39 #include "shared/util.h"
40 #include "signer/backup.h"
41 #include "signer/domain.h"
42 #include "signer/zone.h"
43 #include "wire/tcpset.h"
44 #include "wire/xfrd.h"
45 
46 #include <unistd.h>
47 #include <fcntl.h>
48 
49 #define XFRD_TSIG_MAX_UNSIGNED 100
50 
51 static const char* xfrd_str = "xfrd";
52 
53 static void xfrd_handle_zone(netio_type* netio,
54  netio_handler_type* handler, netio_events_type event_types);
55 static void xfrd_make_request(xfrd_type* xfrd);
56 
57 static socklen_t xfrd_acl_sockaddr(acl_type* acl, unsigned int port,
58  struct sockaddr_storage *sck);
59 
60 static void xfrd_write_soa(xfrd_type* xfrd, buffer_type* buffer);
61 static int xfrd_parse_soa(xfrd_type* xfrd, buffer_type* buffer,
62  unsigned rdata_only, unsigned update, uint32_t t,
63  uint32_t* serial);
64 static ods_status xfrd_parse_rrs(xfrd_type* xfrd, buffer_type* buffer,
65  uint16_t count, int* done);
66 static xfrd_pkt_status xfrd_parse_packet(xfrd_type* xfrd,
67  buffer_type* buffer);
68 static xfrd_pkt_status xfrd_handle_packet(xfrd_type* xfrd,
69  buffer_type* buffer);
70 
71 static void xfrd_tcp_obtain(xfrd_type* xfrd, tcp_set_type* set);
72 static void xfrd_tcp_read(xfrd_type* xfrd, tcp_set_type* set);
73 static void xfrd_tcp_release(xfrd_type* xfrd, tcp_set_type* set);
74 static void xfrd_tcp_write(xfrd_type* xfrd, tcp_set_type* set);
75 static void xfrd_tcp_xfr(xfrd_type* xfrd, tcp_set_type* set);
76 static int xfrd_tcp_open(xfrd_type* xfrd, tcp_set_type* set);
77 
78 static void xfrd_udp_obtain(xfrd_type* xfrd);
79 static void xfrd_udp_read(xfrd_type* xfrd);
80 static void xfrd_udp_release(xfrd_type* xfrd);
81 static int xfrd_udp_read_packet(xfrd_type* xfrd);
82 static int xfrd_udp_send(xfrd_type* xfrd, buffer_type* buffer);
83 static int xfrd_udp_send_request_ixfr(xfrd_type* xfrd);
84 
85 static time_t xfrd_time(xfrd_type* xfrd);
86 static void xfrd_set_timer(xfrd_type* xfrd, time_t t);
87 static void xfrd_set_timer_time(xfrd_type* xfrd, time_t t);
88 static void xfrd_unset_timer(xfrd_type* xfrd);
89 
90 
95 static uint8_t
96 xfrd_recover_dname(uint8_t* dname, const char* name)
97 {
98  const uint8_t *s = (const uint8_t *) name;
99  uint8_t *h;
100  uint8_t *p;
101  uint8_t *d = dname;
102  size_t label_length;
103 
104  if (strcmp(name, ".") == 0) {
105  /* Root domain. */
106  dname[0] = 0;
107  return 1;
108  }
109  for (h = d, p = h + 1; *s; ++s, ++p) {
110  if (p - dname >= MAXDOMAINLEN) {
111  return 0;
112  }
113  switch (*s) {
114  case '.':
115  if (p == h + 1) {
116  /* Empty label. */
117  return 0;
118  } else {
119  label_length = p - h - 1;
120  if (label_length > MAXLABELLEN) {
121  return 0;
122  }
123  *h = label_length;
124  h = p;
125  }
126  break;
127  case '\\':
128  /* Handle escaped characters (RFC1035 5.1) */
129  if (isdigit(s[1]) && isdigit(s[2]) && isdigit(s[3])) {
130  int val = (ldns_hexdigit_to_int(s[1]) * 100 +
131  ldns_hexdigit_to_int(s[2]) * 10 +
132  ldns_hexdigit_to_int(s[3]));
133  if (0 <= val && val <= 255) {
134  s += 3;
135  *p = val;
136  } else {
137  *p = *++s;
138  }
139  } else if (s[1] != '\0') {
140  *p = *++s;
141  }
142  break;
143  default:
144  *p = *s;
145  break;
146  }
147  }
148  if (p != h + 1) {
149  /* Terminate last label. */
150  label_length = p - h - 1;
151  if (label_length > MAXLABELLEN) {
152  return 0;
153  }
154  *h = label_length;
155  h = p;
156  }
157  /* Add root label. */
158  *h = 0;
159  return p-dname;
160 }
161 
162 
167 static void
168 xfrd_recover(xfrd_type* xfrd)
169 {
170  zone_type* zone = (zone_type*) xfrd->zone;
171  char* file = NULL;
172  FILE* fd = NULL;
173  int round_num = 0;
174  int master_num = 0;
175  int next_master = 0;
176  uint32_t timeout = 0;
177  uint32_t serial_xfr = 0;
178  uint32_t serial_notify = 0;
179  uint32_t serial_disk = 0;
180  time_t serial_xfr_acquired = 0;
181  time_t serial_notify_acquired = 0;
182  time_t serial_disk_acquired = 0;
183  uint32_t soa_ttl = 0;
184  uint32_t soa_serial = 0;
185  uint32_t soa_refresh = 0;
186  uint32_t soa_retry = 0;
187  uint32_t soa_expire = 0;
188  uint32_t soa_minimum = 0;
189  const char* soa_mname = NULL;
190  const char* soa_rname = NULL;
191 
192  if (zone && zone->name && zone->db &&
193  zone->db->is_initialized && zone->db->have_serial) {
194  file = ods_build_path(zone->name, ".xfrd-state", 0, 1);
195  if (file) {
196  ods_log_verbose("[%s] recover xfrd.state file %s zone %s", xfrd_str,
197  file, zone->name);
198  fd = ods_fopen(file, NULL, "r");
199  if (fd) {
200  if (!backup_read_check_str(fd, ODS_SE_FILE_MAGIC_V3)) {
201  ods_log_error("[%s] corrupted state file zone %s: read "
202  "magic (start) error", xfrd_str, zone->name);
203  goto xfrd_recover_error;
204  }
205  if (!backup_read_check_str(fd, ";;Zone:") |
206  !backup_read_check_str(fd, "name") |
207  !backup_read_check_str(fd, zone->name) |
208  !backup_read_check_str(fd, "ttl") |
209  !backup_read_uint32_t(fd, &soa_ttl) |
210  !backup_read_check_str(fd, "mname") |
211  !backup_read_str(fd, &soa_mname) |
212  !backup_read_check_str(fd, "rname") |
213  !backup_read_str(fd, &soa_rname) |
214  !backup_read_check_str(fd, "serial") |
215  !backup_read_uint32_t(fd, &soa_serial) |
216  !backup_read_check_str(fd, "refresh") |
217  !backup_read_uint32_t(fd, &soa_refresh) |
218  !backup_read_check_str(fd, "retry") |
219  !backup_read_uint32_t(fd, &soa_retry) |
220  !backup_read_check_str(fd, "expire") |
221  !backup_read_uint32_t(fd, &soa_expire) |
222  !backup_read_check_str(fd, "minimum") |
223  !backup_read_uint32_t(fd, &soa_minimum)) {
224  ods_log_error("[%s] corrupted state file zone %s: read "
225  ";;Zone error", xfrd_str, zone->name);
226  goto xfrd_recover_error;
227  }
228  if (!backup_read_check_str(fd, ";;Master:") |
229  !backup_read_check_str(fd, "num") |
230  !backup_read_int(fd, &master_num) |
231  !backup_read_check_str(fd, "next") |
232  !backup_read_int(fd, &next_master) |
233  !backup_read_check_str(fd, "round") |
234  !backup_read_int(fd, &round_num) |
235  !backup_read_check_str(fd, "timeout") |
236  !backup_read_uint32_t(fd, &timeout)) {
237  ods_log_error("[%s] corrupt state file zone %s: read "
238  ";;Master error", xfrd_str, zone->name);
239  goto xfrd_recover_error;
240  }
241  if (!backup_read_check_str(fd, ";;Serial:") |
242  !backup_read_check_str(fd, "xfr") |
243  !backup_read_uint32_t(fd, &serial_xfr) |
244  !backup_read_time_t(fd, &serial_xfr_acquired) |
245  !backup_read_check_str(fd, "notify") |
246  !backup_read_uint32_t(fd, &serial_notify) |
247  !backup_read_time_t(fd, &serial_notify_acquired) |
248  !backup_read_check_str(fd, "disk") |
249  !backup_read_uint32_t(fd, &serial_disk) |
250  !backup_read_time_t(fd, &serial_disk_acquired)) {
251  ods_log_error("[%s] corrupt state file zone %s: read "
252  ";;Serial error", xfrd_str, zone->name);
253  goto xfrd_recover_error;
254  }
255  if (!backup_read_check_str(fd, ODS_SE_FILE_MAGIC_V3)) {
256  ods_log_error("[%s] corrupt state file zone %s: read "
257  "magic (end) error", xfrd_str, zone->name);
258  goto xfrd_recover_error;
259  }
260 
261  /* all ok */
262  xfrd->master_num = master_num;
263  xfrd->next_master = next_master;
264  xfrd->round_num = round_num;
265  xfrd->timeout.tv_sec = timeout;
266  xfrd->timeout.tv_nsec = 0;
267  xfrd->master = NULL; /* acl_find_num(...) */
268  xfrd->soa.ttl = soa_ttl;
269  xfrd->soa.serial = soa_serial;
270  xfrd->soa.refresh = soa_refresh;
271  xfrd->soa.retry = soa_retry;
272  xfrd->soa.expire = soa_expire;
273  xfrd->soa.minimum = soa_minimum;
274  xfrd->soa.mname[0] = xfrd_recover_dname(xfrd->soa.mname+1,
275  soa_mname);
276  xfrd->soa.rname[0] = xfrd_recover_dname(xfrd->soa.rname+1,
277  soa_rname);
278  xfrd->serial_xfr = serial_xfr;
279  xfrd->serial_xfr_acquired = serial_xfr_acquired;
280  xfrd->serial_notify = serial_notify;
281  xfrd->serial_notify_acquired = serial_notify_acquired;
282  xfrd->serial_disk = serial_disk;
283  xfrd->serial_disk_acquired = serial_disk_acquired;
284  if (!timeout || serial_notify_acquired ||
285  (serial_disk_acquired &&
286  (uint32_t)xfrd_time(xfrd) - serial_disk_acquired >
287  soa_refresh)) {
289  }
290  if (serial_disk_acquired &&
291  ((uint32_t)xfrd_time(xfrd) - serial_disk_acquired >
292  soa_expire)) {
294  }
295 
296 xfrd_recover_error:
297  free((void*)soa_mname);
298  free((void*)soa_rname);
299  ods_fclose(fd);
300  }
301  free(file);
302  }
303  } else {
304  ods_log_verbose("[%s] did not recover xfrd.state file zone %s", xfrd_str,
305  zone->name);
306  }
307  return;
308 }
309 
310 
315 xfrd_type*
316 xfrd_create(void* xfrhandler, void* zone)
317 {
318  xfrd_type* xfrd = NULL;
319  allocator_type* allocator = NULL;
320  if (!xfrhandler || !zone) {
321  return NULL;
322  }
323  allocator = allocator_create(malloc, free);
324  if (!allocator) {
325  ods_log_error("[%s] unable to create zone xfr structure: "
326  "allocator_create() failed", xfrd_str);
327  return NULL;
328  }
329  xfrd = (xfrd_type*) allocator_alloc(allocator, sizeof(xfrd_type));
330  if (!xfrd) {
331  ods_log_error("[%s] unable to create zone xfr structure: "
332  " allocator_alloc() failed", xfrd_str);
333  allocator_cleanup(allocator);
334  return NULL;
335  }
337  lock_basic_init(&xfrd->rw_lock);
338 
339  xfrd->allocator = allocator;
340  xfrd->xfrhandler = xfrhandler;
341  xfrd->zone = zone;
342  xfrd->tcp_conn = -1;
343  xfrd->round_num = -1;
344  xfrd->master_num = 0;
345  xfrd->next_master = -1;
346  xfrd->master = NULL;
348  xfrd->serial_xfr = 0;
349  xfrd->serial_disk = 0;
350  xfrd->serial_notify = 0;
351  xfrd->serial_xfr_acquired = 0;
352  xfrd->serial_disk_acquired = 0;
353  xfrd->serial_notify_acquired = 0;
354  xfrd->serial_retransfer = 0;
356  xfrd->query_id = 0;
357  xfrd->msg_seq_nr = 0;
358  xfrd->msg_rr_count = 0;
359  xfrd->msg_old_serial = 0;
360  xfrd->msg_new_serial = 0;
361  xfrd->msg_is_ixfr = 0;
362  xfrd->msg_do_retransfer = 0;
363  xfrd->udp_waiting = 0;
364  xfrd->udp_waiting_next = NULL;
365  xfrd->tcp_waiting = 0;
366  xfrd->tcp_waiting_next = NULL;
367  xfrd->tsig_rr = tsig_rr_create(allocator);
368  if (!xfrd->tsig_rr) {
369  xfrd_cleanup(xfrd, 0);
370  return NULL;
371  }
372  memset(&xfrd->soa, 0, sizeof(xfrd->soa));
373  xfrd->soa.ttl = 0;
374  xfrd->soa.mname[0] = 1;
375  xfrd->soa.rname[0] = 1;
376  xfrd->soa.serial = 0;
377  xfrd->soa.refresh = 3600;
378  xfrd->soa.retry = 300;
379  xfrd->soa.expire = 604800;
380  xfrd->soa.minimum = 3600;
381  xfrd->handler.fd = -1;
382  xfrd->handler.user_data = (void*) xfrd;
383  xfrd->handler.timeout = 0;
384  xfrd->handler.event_types =
386  xfrd->handler.event_handler = xfrd_handle_zone;
387  xfrd_set_timer_time(xfrd, 0);
388  xfrd_recover(xfrd);
389  return xfrd;
390 }
391 
392 
397 static time_t
398 xfrd_time(xfrd_type* xfrd)
399 {
400  ods_log_assert(xfrd);
401  ods_log_assert(xfrd->xfrhandler);
402  return xfrhandler_time((xfrhandler_type*) xfrd->xfrhandler);
403 }
404 
405 
410 static void
411 xfrd_set_timer(xfrd_type* xfrd, time_t t)
412 {
413  if (!xfrd || !xfrd->xfrhandler) {
414  return;
415  }
420  if(t > xfrd_time(xfrd) + 10) {
421  time_t extra = t - xfrd_time(xfrd);
422  time_t base = extra*9/10;
423 #ifdef HAVE_ARC4RANDOM_UNIFORM
424  t = xfrd_time(xfrd) + base +
425  arc4random_uniform(extra-base);
426 #elif HAVE_ARC4RANDOM
427  t = xfrd_time(xfrd) + base +
428  arc4random()%(extra-base);
429 #else
430  t = xfrd_time(xfrd) + base +
431  random()%(extra-base);
432 #endif
433  }
434  xfrd->handler.timeout = &xfrd->timeout;
435  xfrd->timeout.tv_sec = t;
436  xfrd->timeout.tv_nsec = 0;
437  return;
438 }
439 
440 
445 static void
446 xfrd_unset_timer(xfrd_type* xfrd)
447 {
448  ods_log_assert(xfrd);
449  xfrd->handler.timeout = NULL;
450  return;
451 }
452 
453 
458 static void
459 xfrd_set_timer_time(xfrd_type* xfrd, time_t t)
460 {
461  ods_log_assert(xfrd);
462  xfrd_set_timer(xfrd, xfrd_time(xfrd) + t);
463  return;
464 }
465 
466 
471 void
473 {
474  zone_type* zone = NULL;
475  if (!xfrd || !xfrd->zone || !xfrd->xfrhandler) {
476  return;
477  }
478  zone = (zone_type*) xfrd->zone;
479  ods_log_debug("[%s] zone %s sets timer timeout now", xfrd_str,
480  zone->name);
481  xfrd_set_timer_time(xfrd, 0);
482  return;
483 }
484 
485 
490 void
492 {
493  zone_type* zone = NULL;
494  if (!xfrd || !xfrd->zone || !xfrd->xfrhandler) {
495  return;
496  }
497  zone = (zone_type*) xfrd->zone;
498  ods_log_debug("[%s] zone %s sets timer timeout retry %u", xfrd_str,
499  zone->name, (unsigned) xfrd->soa.retry);
500  xfrd_set_timer_time(xfrd, xfrd->soa.retry);
501  return;
502 }
503 
504 
509 void
511 {
512  zone_type* zone = NULL;
513  if (!xfrd || !xfrd->zone || !xfrd->xfrhandler) {
514  return;
515  }
516  zone = (zone_type*) xfrd->zone;
517  ods_log_debug("[%s] zone %s sets timer timeout refresh %u", xfrd_str,
518  zone->name, (unsigned) xfrd->soa.refresh);
519  xfrd_set_timer_time(xfrd, xfrd->soa.refresh);
520  return;
521 }
522 
523 
528 static socklen_t
529 xfrd_acl_sockaddr(acl_type* acl, unsigned int port,
530  struct sockaddr_storage *sck)
531 {
532  ods_log_assert(acl);
533  ods_log_assert(sck);
534  ods_log_assert(port);
535  memset(sck, 0, sizeof(struct sockaddr_storage));
536  if (acl->family == AF_INET6) {
537  struct sockaddr_in6* sa = (struct sockaddr_in6*)sck;
538  sa->sin6_family = AF_INET6;
539  sa->sin6_port = htons(port);
540  sa->sin6_addr = acl->addr.addr6;
541  return sizeof(struct sockaddr_in6);
542  } else {
543  struct sockaddr_in* sa = (struct sockaddr_in*)sck;
544  sa->sin_family = AF_INET;
545  sa->sin_port = htons(port);
546  sa->sin_addr = acl->addr.addr;
547  return sizeof(struct sockaddr_in);
548  }
549  return 0;
550 }
551 
552 
557 socklen_t
558 xfrd_acl_sockaddr_to(acl_type* acl, struct sockaddr_storage *to)
559 {
560  unsigned int port = 0;
561  if (!acl || !to) {
562  return 0;
563  }
564  port = acl->port ? acl->port : (unsigned) atoi(DNS_PORT_STRING);
565  return xfrd_acl_sockaddr(acl, port, to);
566 }
567 
568 
573 static void
574 xfrd_tsig_sign(xfrd_type* xfrd, buffer_type* buffer)
575 {
576  tsig_algo_type* algo = NULL;
577  if (!xfrd || !xfrd->tsig_rr || !xfrd->master || !xfrd->master->tsig ||
578  !xfrd->master->tsig->key || !buffer) {
579  return; /* no tsig configured */
580  }
581  algo = tsig_lookup_algo(xfrd->master->tsig->algorithm);
582  if (!algo) {
583  ods_log_error("[%s] unable to sign request: tsig unknown algorithm "
584  "%s", xfrd_str, xfrd->master->tsig->algorithm);
585  return;
586  }
587  ods_log_assert(algo);
588  tsig_rr_reset(xfrd->tsig_rr, algo, xfrd->master->tsig->key);
589  xfrd->tsig_rr->original_query_id = buffer_pkt_id(buffer);
590  xfrd->tsig_rr->algo_name = ldns_rdf_clone(xfrd->tsig_rr->algo->wf_name);
591  xfrd->tsig_rr->key_name = ldns_rdf_clone(xfrd->tsig_rr->key->dname);
592  log_dname(xfrd->tsig_rr->key_name, "tsig sign query with key", LOG_DEBUG);
593  log_dname(xfrd->tsig_rr->algo_name, "tsig sign query with algorithm",
594  LOG_DEBUG);
595  tsig_rr_prepare(xfrd->tsig_rr);
596  tsig_rr_update(xfrd->tsig_rr, buffer, buffer_position(buffer));
597  tsig_rr_sign(xfrd->tsig_rr);
598  ods_log_debug("[%s] tsig append rr to request id=%u", xfrd_str,
599  buffer_pkt_id(buffer));
600  tsig_rr_append(xfrd->tsig_rr, buffer);
601  buffer_pkt_set_arcount(buffer, buffer_pkt_arcount(buffer)+1);
602  tsig_rr_prepare(xfrd->tsig_rr);
603  return;
604 }
605 
606 
611 static int
612 xfrd_tsig_process(xfrd_type* xfrd, buffer_type* buffer)
613 {
614  zone_type* zone = NULL;
615  int have_tsig = 0;
616  if (!xfrd || !xfrd->tsig_rr || !xfrd->master || !xfrd->master->tsig ||
617  !xfrd->master->tsig->key || !buffer) {
618  return 1; /* no tsig configured */
619  }
620  zone = (zone_type*) xfrd->zone;
621  ods_log_assert(zone);
622  ods_log_assert(zone->name);
623  ods_log_assert(xfrd->master->address);
624  if (!tsig_rr_find(xfrd->tsig_rr, buffer)) {
625  ods_log_error("[%s] unable to process tsig: xfr zone %s from %s "
626  "has malformed tsig rr", xfrd_str, zone->name,
627  xfrd->master->address);
628  return 0;
629  }
630  if (xfrd->tsig_rr->status == TSIG_OK) {
631  have_tsig = 1;
632  if (xfrd->tsig_rr->error_code != LDNS_RCODE_NOERROR) {
633  ods_log_error("[%s] zone %s, from %s has tsig error (%s)",
634  xfrd_str, zone->name, xfrd->master->address,
636  }
637  /* strip the TSIG resource record off... */
638  buffer_set_limit(buffer, xfrd->tsig_rr->position);
639  buffer_pkt_set_arcount(buffer, buffer_pkt_arcount(buffer)-1);
640  }
641  /* keep running the TSIG hash */
642  tsig_rr_update(xfrd->tsig_rr, buffer, buffer_limit(buffer));
643  if (have_tsig) {
644  if (!tsig_rr_verify(xfrd->tsig_rr)) {
645  ods_log_error("[%s] unable to process tsig: xfr zone %s from %s "
646  "has bad tsig signature", xfrd_str, zone->name,
647  xfrd->master->address);
648  return 0;
649  }
650  /* prepare for next tsigs */
651  tsig_rr_prepare(xfrd->tsig_rr);
652  } else if (xfrd->tsig_rr->update_since_last_prepare >
654  /* we allow a number of non-tsig signed packets */
655  ods_log_error("[%s] unable to process tsig: xfr zone %s, from %s "
656  "has too many consecutive packets without tsig", xfrd_str,
657  zone->name, xfrd->master->address);
658  return 0;
659  }
660  if (!have_tsig && xfrd->msg_seq_nr == 0) {
661  ods_log_error("[%s] unable to process tsig: xfr zone %s from %s "
662  "has no tsig in first packet of reply", xfrd_str,
663  zone->name, xfrd->master->address);
664  return 0;
665  }
666  /* process TSIG ok */
667  return 1;
668 }
669 
670 
675 static void
676 xfrd_commit_packet(xfrd_type* xfrd)
677 {
678  zone_type* zone = NULL;
679  char* xfrfile = NULL;
680  FILE* fd = NULL;
681  time_t serial_disk_acq = 0;
682  ods_log_assert(xfrd);
683  zone = (zone_type*) xfrd->zone;
684  xfrfile = ods_build_path(zone->name, ".xfrd", 0, 1);
685  if (!xfrfile) {
686  ods_log_crit("[%s] unable to commit xfr zone %s: build path failed",
687  xfrd_str, zone->name);
688  return;
689  }
690  ods_log_assert(zone);
691  ods_log_assert(zone->name);
692  lock_basic_lock(&zone->zone_lock);
693  lock_basic_lock(&xfrd->rw_lock);
695  /* mark end packet */
696  fd = ods_fopen(xfrfile, NULL, "a");
697  free((void*)xfrfile);
698  if (fd) {
699  fprintf(fd, ";;ENDPACKET\n");
700  ods_fclose(fd);
701  } else {
702  lock_basic_unlock(&xfrd->rw_lock);
705  ods_log_crit("[%s] unable to commit xfr zone %s: ods_fopen() failed "
706  "(%s)", xfrd_str, zone->name, strerror(errno));
707  return;
708  }
709  /* update soa serial management */
710  xfrd->serial_disk = xfrd->msg_new_serial;
711  serial_disk_acq = xfrd->serial_disk_acquired;
712  xfrd->serial_disk_acquired = xfrd_time(xfrd);
713  /* ensure newer time */
714  if (xfrd->serial_disk_acquired == serial_disk_acq) {
715  xfrd->serial_disk_acquired++;
716  }
717  xfrd->soa.serial = xfrd->serial_disk;
718  if (xfrd->msg_do_retransfer ||
719  (util_serial_gt(xfrd->serial_disk, xfrd->serial_xfr) &&
720  xfrd->serial_disk_acquired > xfrd->serial_xfr_acquired)) {
721  /* reschedule task */
722  int ret = 0;
723  xfrhandler_type* xfrhandler = (xfrhandler_type*) xfrd->xfrhandler;
724  engine_type* engine = (engine_type*) xfrhandler->engine;
725  ods_log_assert(xfrhandler);
726  ods_log_assert(engine);
727  ods_log_debug("[%s] reschedule task for zone %s: disk serial=%u "
728  "acquired=%u, memory serial=%u acquired=%u", xfrd_str,
729  zone->name, xfrd->serial_disk,
730  xfrd->serial_disk_acquired, xfrd->serial_xfr,
731  xfrd->serial_xfr_acquired);
732  ret = zone_reschedule_task(zone, engine->taskq, TASK_READ);
733  if (ret != ODS_STATUS_OK) {
734  ods_log_crit("[%s] unable to reschedule task for zone %s: %s",
735  xfrd_str, zone->name, ods_status2str(ret));
736  } else {
737  engine_wakeup_workers(engine);
738  }
739  }
740  /* reset retransfer */
741  xfrd->msg_do_retransfer = 0;
742 
744  lock_basic_unlock(&xfrd->rw_lock);
746  return;
747 }
748 
749 
754 static void
755 xfrd_dump_packet(xfrd_type* xfrd, buffer_type* buffer)
756 {
757  zone_type* zone = NULL;
758  char* xfrfile = NULL;
759  FILE* fd = NULL;
760  ldns_pkt* pkt = NULL;
761  ldns_status status = LDNS_STATUS_OK;
762  ods_log_assert(buffer);
763  ods_log_assert(xfrd);
764  zone = (zone_type*) xfrd->zone;
765  ods_log_assert(zone);
766  ods_log_assert(zone->name);
767  status = ldns_wire2pkt(&pkt, buffer_begin(buffer), buffer_limit(buffer));
768  if (status != LDNS_STATUS_OK) {
769  ods_log_crit("[%s] unable to dump packet zone %s: ldns_wire2pkt() "
770  "failed (%s)", xfrd_str, zone->name,
771  ldns_get_errorstr_by_id(status));
772  return;
773  }
774  ods_log_assert(pkt);
775  xfrfile = ods_build_path(zone->name, ".xfrd", 0, 1);
776  if (!xfrfile) {
777  ods_log_crit("[%s] unable to dump packet zone %s: build path failed",
778  xfrd_str, zone->name);
779  return;
780  }
781  lock_basic_lock(&xfrd->rw_lock);
782  if (xfrd->msg_do_retransfer && !xfrd->msg_seq_nr && !xfrd->msg_is_ixfr) {
783  fd = ods_fopen(xfrfile, NULL, "w");
784  } else {
785  fd = ods_fopen(xfrfile, NULL, "a");
786  }
787  free((void*) xfrfile);
788  if (!fd) {
789  ods_log_crit("[%s] unable to dump packet zone %s: ods_fopen() failed "
790  "(%s)", xfrd_str, zone->name, strerror(errno));
791  lock_basic_unlock(&xfrd->rw_lock);
792  return;
793  }
794  ods_log_assert(fd);
795  if (xfrd->msg_seq_nr == 0) {
796  fprintf(fd, ";;BEGINPACKET\n");
797  }
798  ldns_rr_list_print(fd, ldns_pkt_answer(pkt));
799  ods_fclose(fd);
800  lock_basic_unlock(&xfrd->rw_lock);
801  ldns_pkt_free(pkt);
802  return;
803 }
804 
805 
810 static void
811 xfrd_write_soa(xfrd_type* xfrd, buffer_type* buffer)
812 {
813  zone_type* zone = NULL;
814  size_t rdlength_pos = 0;
815  uint16_t rdlength = 0;
816  ods_log_assert(xfrd);
817  ods_log_assert(buffer);
818  zone = (zone_type*) xfrd->zone;
819  ods_log_assert(zone);
820  ods_log_assert(zone->apex);
821  buffer_write_rdf(buffer, zone->apex);
822  buffer_write_u16(buffer, (uint16_t) LDNS_RR_TYPE_SOA);
823  buffer_write_u16(buffer, (uint16_t) zone->klass);
824  buffer_write_u32(buffer, xfrd->soa.ttl);
825  rdlength_pos = buffer_position(buffer);
826  buffer_skip(buffer, sizeof(rdlength));
827  buffer_write(buffer, xfrd->soa.mname+1, xfrd->soa.mname[0]);
828  buffer_write(buffer, xfrd->soa.rname+1, xfrd->soa.rname[0]);
829  buffer_write_u32(buffer, xfrd->soa.serial);
830  buffer_write_u32(buffer, xfrd->soa.refresh);
831  buffer_write_u32(buffer, xfrd->soa.retry);
832  buffer_write_u32(buffer, xfrd->soa.expire);
833  buffer_write_u32(buffer, xfrd->soa.minimum);
834  rdlength = buffer_position(buffer) - rdlength_pos - sizeof(rdlength);
835  buffer_write_u16_at(buffer, rdlength_pos, rdlength);
836  return;
837 }
838 
839 
844 static void
845 xfrd_update_soa(xfrd_type* xfrd, buffer_type* buffer, uint32_t ttl,
846  uint16_t mname_pos, uint16_t rname_pos,
847  uint32_t refresh, uint32_t retry, uint32_t expire, uint32_t minimum)
848 {
849  zone_type* zone = NULL;
850  ods_log_assert(xfrd);
851  ods_log_assert(buffer);
852  zone = (zone_type*) xfrd->zone;
853  ods_log_assert(zone);
854  ods_log_assert(zone->apex);
855  xfrd->soa.ttl = ttl;
856  xfrd->soa.refresh = refresh;
857  xfrd->soa.retry = retry;
858  xfrd->soa.expire = expire;
859  xfrd->soa.minimum = minimum;
860  buffer_set_position(buffer, mname_pos);
861  if (!(xfrd->soa.mname[0] =
862  buffer_read_dname(buffer, xfrd->soa.mname+1, 1))) {
863  xfrd->soa.mname[0] = 1;
864  xfrd->soa.mname[1] = 0;
865  }
866  buffer_set_position(buffer, rname_pos);
867  if (!(xfrd->soa.rname[0] =
868  buffer_read_dname(buffer, xfrd->soa.rname+1, 1))) {
869  xfrd->soa.rname[0] = 1;
870  xfrd->soa.rname[1] = 0;
871  }
872  return;
873 }
874 
875 
880 static int
881 xfrd_parse_soa(xfrd_type* xfrd, buffer_type* buffer, unsigned rdata_only,
882  unsigned update, uint32_t t, uint32_t* soa_serial)
883 {
884  ldns_rr_type type = LDNS_RR_TYPE_SOA;
885  uint16_t mname_pos = 0;
886  uint16_t rname_pos = 0;
887  uint16_t pos = 0;
888  uint32_t serial = 0;
889  uint32_t refresh = 0;
890  uint32_t retry = 0;
891  uint32_t expire = 0;
892  uint32_t minimum = 0;
893  uint32_t ttl = t;
894  ods_log_assert(xfrd);
895  ods_log_assert(buffer);
896 
897  /* type class ttl */
898  if (!rdata_only) {
899  if (!buffer_available(buffer, 10)) {
900  ods_log_debug("[%s] unable to parse soa: rr too short",
901  xfrd_str);
902  return 0;
903  }
904  type = (ldns_rr_type) buffer_read_u16(buffer);
905  if (type != LDNS_RR_TYPE_SOA) {
906  ods_log_debug("[%s] unable to parse soa: rrtype %u != soa",
907  xfrd_str, (unsigned) type);
908  return 0;
909  }
910  (void)buffer_read_u16(buffer); /* class */
911  ttl = buffer_read_u32(buffer);
912  /* rdata length */
913  if (!buffer_available(buffer, buffer_read_u16(buffer))) {
914  ods_log_debug("[%s] unable to parse soa: rdata too short",
915  xfrd_str);
916  return 0;
917  }
918  }
919  /* MNAME */
920  mname_pos = buffer_position(buffer);
921  if (!buffer_skip_dname(buffer)) {
922  ods_log_debug("[%s] unable to parse soa: bad mname",
923  xfrd_str);
924  return 0;
925  }
926  /* RNAME */
927  rname_pos = buffer_position(buffer);
928  if (!buffer_skip_dname(buffer)) {
929  ods_log_debug("[%s] unable to parse soa: bad rname",
930  xfrd_str);
931  return 0;
932  }
933  serial = buffer_read_u32(buffer);
934  refresh = buffer_read_u32(buffer);
935  retry = buffer_read_u32(buffer);
936  expire = buffer_read_u32(buffer);
937  minimum = buffer_read_u32(buffer);
938  pos = buffer_position(buffer);
939  if (soa_serial) {
940  *soa_serial = serial;
941  }
942  if (update) {
943  xfrd_update_soa(xfrd, buffer, ttl, mname_pos, rname_pos,
944  refresh, retry, expire, minimum);
945  }
946  buffer_set_position(buffer, pos);
947  return 1;
948 }
949 
950 
955 static ods_status
956 xfrd_parse_rrs(xfrd_type* xfrd, buffer_type* buffer, uint16_t count,
957  int* done)
958 {
959  ldns_rr_type type = 0;
960  uint16_t rrlen = 0;
961  uint32_t ttl = 0;
962  uint32_t serial = 0;
963  uint32_t tmp_serial = 0;
964  size_t i = 0;
965  ods_log_assert(xfrd);
966  ods_log_assert(buffer);
967  ods_log_assert(done);
968  for (i=0; i < count; ++i, ++xfrd->msg_rr_count) {
969  if (*done) {
970  return ODS_STATUS_OK;
971  }
972  if (!buffer_skip_dname(buffer)) {
973  return ODS_STATUS_SKIPDNAME;
974  }
975  if (!buffer_available(buffer, 10)) {
976  return ODS_STATUS_BUFAVAIL;
977  }
978  (void)buffer_position(buffer);
979  type = (ldns_rr_type) buffer_read_u16(buffer);
980  (void)buffer_read_u16(buffer); /* class */
981  ttl = buffer_read_u32(buffer);
982  rrlen = buffer_read_u16(buffer);
983  if (!buffer_available(buffer, rrlen)) {
984  return ODS_STATUS_BUFAVAIL;
985  }
986  if (type == LDNS_RR_TYPE_SOA) {
987  if (!xfrd_parse_soa(xfrd, buffer, 1, 0, ttl, &serial)) {
988  return ODS_STATUS_PARSESOA;
989  }
990  if (xfrd->msg_rr_count == 1 && serial != xfrd->msg_new_serial) {
991  /* 2nd RR is SOA with different serial, this is an IXFR */
992  xfrd->msg_is_ixfr = 1;
994  if (!xfrd->serial_disk_acquired) {
996  /* got IXFR but need AXFR */
997  return ODS_STATUS_REQAXFR;
998  }
999  if (!xfrd->msg_do_retransfer && serial != xfrd->serial_disk) {
1001  /* bad start serial in IXFR */
1002  return ODS_STATUS_INSERIAL;
1003  }
1005  xfrd->msg_old_serial = serial;
1006  tmp_serial = serial;
1007  } else if (serial == xfrd->msg_new_serial) {
1008  /* saw another SOA of new serial. */
1009  if (xfrd->msg_is_ixfr == 1) {
1010  xfrd->msg_is_ixfr = 2; /* seen middle SOA in ixfr */
1011  } else {
1012  *done = 1; /* final axfr/ixfr soa */
1013  }
1014  } else if (xfrd->msg_is_ixfr) {
1015  /* some additional checks */
1016  if (util_serial_gt(serial, xfrd->msg_new_serial)) {
1017  /* bad middle serial in IXFR (too high) */
1018  return ODS_STATUS_INSERIAL;
1019  }
1020  if (util_serial_gt(tmp_serial, serial)) {
1021  /* middle serial decreases in IXFR */
1022  return ODS_STATUS_INSERIAL;
1023  }
1024  /* serial ok, update tmp serial */
1025  tmp_serial = serial;
1026  }
1027  } else {
1028  buffer_skip(buffer, rrlen);
1029  }
1030  }
1031  return ODS_STATUS_OK;
1032 }
1033 
1034 
1039 static xfrd_pkt_status
1040 xfrd_parse_packet(xfrd_type* xfrd, buffer_type* buffer)
1041 {
1042  zone_type* zone = NULL;
1043  uint16_t qdcount = 0;
1044  uint16_t ancount = 0;
1045  uint16_t ancount_todo = 0;
1046  uint16_t rrcount = 0;
1047  uint32_t serial = 0;
1048  int done = 0;
1049  ods_status status = ODS_STATUS_OK;
1050  ods_log_assert(buffer);
1051  ods_log_assert(xfrd);
1052  ods_log_assert(xfrd->master);
1053  ods_log_assert(xfrd->master->address);
1054  zone = (zone_type*) xfrd->zone;
1055  ods_log_assert(zone);
1056  ods_log_assert(zone->name);
1057  /* check packet size */
1058  if (!buffer_available(buffer, BUFFER_PKT_HEADER_SIZE)) {
1059  ods_log_error("[%s] unable to parse packet: zone %s received bad "
1060  "packet from %s (too small)", xfrd_str, zone->name,
1061  xfrd->master->address);
1062  return XFRD_PKT_BAD;
1063  }
1064  /* check query id */
1065  if (buffer_pkt_id(buffer) != xfrd->query_id) {
1066  ods_log_error("[%s] bad packet: zone %s received bad query id "
1067  "%u from %s (expected %u)", xfrd_str, zone->name,
1068  buffer_pkt_id(buffer), xfrd->master->address, xfrd->query_id);
1069  return XFRD_PKT_BAD;
1070  }
1071  /* check rcode */
1072  if (buffer_pkt_rcode(buffer) != LDNS_RCODE_NOERROR) {
1073  ods_log_error("[%s] bad packet: zone %s received error code %s from %s",
1074  xfrd_str, zone->name, ldns_pkt_rcode2str(buffer_pkt_rcode(buffer)),
1075  xfrd->master->address);
1076  if (buffer_pkt_rcode(buffer) == LDNS_RCODE_NOTIMPL) {
1077  return XFRD_PKT_NOTIMPL;
1078  } else if (buffer_pkt_rcode(buffer) != LDNS_RCODE_NOTAUTH) {
1079  return XFRD_PKT_BAD;
1080  }
1081  }
1082  /* check tsig */
1083  if (!xfrd_tsig_process(xfrd, buffer)) {
1084  ods_log_error("[%s] bad packet: zone %s received bad tsig "
1085  "from %s", xfrd_str, zone->name, xfrd->master->address);
1086  return XFRD_PKT_BAD;
1087  }
1088  /* skip header and question section */
1090  qdcount = buffer_pkt_qdcount(buffer);
1091  for (rrcount = 0; rrcount < qdcount; rrcount++) {
1092  if (!buffer_skip_rr(buffer, 1)) {
1093  ods_log_error("[%s] bad packet: zone %s received bad "
1094  "question section from %s (bad rr)", xfrd_str, zone->name,
1095  xfrd->master->address);
1096  return XFRD_PKT_BAD;
1097  }
1098  }
1099  /* answer section */
1100  ancount = buffer_pkt_ancount(buffer);
1101  if (xfrd->msg_rr_count == 0 && ancount == 0) {
1102  if (xfrd->tcp_conn == -1 && buffer_pkt_tc(buffer)) {
1103  ods_log_info("[%s] zone %s received tc from %s, retry tcp",
1104  xfrd_str, zone->name, xfrd->master->address);
1105  return XFRD_PKT_TC;
1106  }
1107  ods_log_error("[%s] bad packet: zone %s received bad xfr packet "
1108  "from %s (nodata)", xfrd_str, zone->name, xfrd->master->address);
1109  return XFRD_PKT_BAD;
1110  }
1111 
1112  ancount_todo = ancount;
1113  if (xfrd->msg_rr_count == 0) {
1114  /* parse the first RR, see if it is a SOA */
1115  if (!buffer_skip_dname(buffer) ||
1116  !xfrd_parse_soa(xfrd, buffer, 0, 1, 0, &serial)) {
1117  ods_log_error("[%s] bad packet: zone %s received bad xfr "
1118  "packet from %s (bad soa)", xfrd_str, zone->name,
1119  xfrd->master->address);
1120  return XFRD_PKT_BAD;
1121  }
1122  /* check serial */
1123  lock_basic_lock(&xfrd->serial_lock);
1124  if (!xfrd->msg_do_retransfer &&
1125  xfrd->serial_disk_acquired && xfrd->serial_disk == serial) {
1126  ods_log_info("[%s] zone %s got update indicating current "
1127  "serial %u from %s", xfrd_str, zone->name, serial,
1128  xfrd->master->address);
1129  xfrd->serial_disk_acquired = xfrd_time(xfrd);
1130  if (xfrd->serial_xfr == serial) {
1132  if (!xfrd->serial_notify_acquired) {
1133  /* not notified or anything, so stop asking around */
1134  xfrd->round_num = -1; /* next try start a new round */
1135  xfrd_set_timer_refresh(xfrd);
1136  ods_log_debug("[%s] zone %s wait refresh time", xfrd_str,
1137  zone->name);
1139  return XFRD_PKT_NEWLEASE;
1140  }
1141  /* try next master */
1142  ods_log_debug("[%s] zone %s try next master", xfrd_str,
1143  zone->name);
1145  return XFRD_PKT_BAD;
1146  }
1147  }
1148  if (!xfrd->msg_do_retransfer && xfrd->serial_disk_acquired &&
1149  !util_serial_gt(serial, xfrd->serial_disk)) {
1150  ods_log_info("[%s] zone %s ignoring old serial %u from %s "
1151  "(have %u)", xfrd_str, zone->name, serial,
1152  xfrd->master->address, xfrd->serial_disk);
1154  return XFRD_PKT_BAD;
1155  }
1156 
1157  xfrd->msg_new_serial = serial;
1158  if (!xfrd->msg_do_retransfer && xfrd->serial_disk_acquired) {
1159  xfrd->msg_old_serial = xfrd->serial_disk;
1160  } else {
1161  xfrd->msg_old_serial = 0;
1162  }
1163  /* update notify serial if this xfr is newer */
1164  if (ancount > 1 && xfrd->serial_notify_acquired &&
1165  util_serial_gt(serial, xfrd->serial_notify)) {
1166  xfrd->serial_notify = serial;
1167  }
1169  xfrd->msg_rr_count = 1;
1170  xfrd->msg_is_ixfr = 0;
1171  ancount_todo = ancount - 1;
1172  }
1173  /* check tc bit */
1174  if (xfrd->tcp_conn == -1 && buffer_pkt_tc(buffer)) {
1175  ods_log_info("[%s] zone %s received tc from %s, retry tcp",
1176  xfrd_str, zone->name, xfrd->master->address);
1177  return XFRD_PKT_TC;
1178  }
1179  if (xfrd->tcp_conn == -1 && ancount < 2) {
1180  /* too short to be a real ixfr/axfr data transfer */
1181  ods_log_info("[%s] zone %s received too short udp reply from %s, "
1182  "retry tcp", xfrd_str, zone->name, xfrd->master->address);
1183  return XFRD_PKT_TC;
1184  }
1185  status = xfrd_parse_rrs(xfrd, buffer, ancount_todo, &done);
1186  if (status != ODS_STATUS_OK) {
1187  ods_log_error("[%s] bad packet: zone %s received bad xfr packet "
1188  "from %s (%s)", xfrd_str, zone->name, xfrd->master->address,
1189  ods_status2str(status));
1190  return XFRD_PKT_BAD;
1191  }
1192  if (xfrd->tcp_conn == -1 && !done) {
1193  ods_log_error("[%s] bad packet: zone %s received bad xfr packet "
1194  "(xfr over udp incomplete)", xfrd_str, zone->name,
1195  xfrd->master->address);
1196  return XFRD_PKT_BAD;
1197  }
1198  if (!done) {
1199  return XFRD_PKT_MORE;
1200  }
1201  return XFRD_PKT_XFR;
1202 }
1203 
1204 
1209 static xfrd_pkt_status
1210 xfrd_handle_packet(xfrd_type* xfrd, buffer_type* buffer)
1211 {
1213  zone_type* zone = NULL;
1214  ods_log_assert(xfrd);
1215  ods_log_assert(xfrd->master);
1216  ods_log_assert(xfrd->master->address);
1217  zone = (zone_type*) xfrd->zone;
1218  ods_log_assert(zone);
1219  ods_log_assert(zone->name);
1220  res = xfrd_parse_packet(xfrd, buffer);
1221  ods_log_debug("[%s] zone %s xfr packet parsed (res %d)", xfrd_str,
1222  zone->name, res);
1223 
1224  switch (res) {
1225  case XFRD_PKT_MORE:
1226  case XFRD_PKT_XFR:
1227  /* continue with commit */
1228  break;
1229  case XFRD_PKT_NEWLEASE:
1230  case XFRD_PKT_TC:
1231  return res;
1232  break;
1233  case XFRD_PKT_NOTIMPL:
1234  case XFRD_PKT_BAD:
1235  default:
1236  /* rollback */
1237  if (xfrd->msg_seq_nr > 0) {
1238  buffer_clear(buffer);
1239  ods_log_info("[%s] zone %s xfr rollback", xfrd_str,
1240  zone->name);
1241  buffer_flip(buffer);
1242  }
1243  return res;
1244  break;
1245  }
1246  /* dump reply on disk to diff file */
1247  xfrd_dump_packet(xfrd, buffer);
1248  /* more? */
1249  xfrd->msg_seq_nr++;
1250  if (res == XFRD_PKT_MORE) {
1251  /* wait for more */
1252  return XFRD_PKT_MORE;
1253  }
1254  /* done */
1255  buffer_clear(buffer);
1256  buffer_flip(buffer);
1257  /* commit packet */
1258  xfrd_commit_packet(xfrd);
1259  /* next time */
1260  lock_basic_lock(&xfrd->serial_lock);
1261 
1262  ods_log_info("[%s] zone %s transfer done [notify acquired %u, serial on "
1263  "disk %u, notify serial %u]", xfrd_str, zone->name,
1264  xfrd->serial_notify_acquired, xfrd->serial_disk,
1265  xfrd->serial_notify);
1266 
1267  if (xfrd->serial_notify_acquired &&
1268  !util_serial_gt(xfrd->serial_notify, xfrd->serial_disk)) {
1269  ods_log_verbose("[%s] zone %s reset notify acquired", xfrd_str,
1270  zone->name);
1271  xfrd->serial_notify_acquired = 0;
1272  }
1273  if (!xfrd->serial_notify_acquired) {
1274  ods_log_debug("[%s] zone %s xfr done", xfrd_str, zone->name);
1275  xfrd->round_num = -1; /* next try start anew */
1276  xfrd_set_timer_refresh(xfrd);
1278  return XFRD_PKT_XFR;
1279  }
1281  /* try to get an even newer serial */
1282  ods_log_info("[%s] zone %s try get newer serial", xfrd_str, zone->name);
1283  return XFRD_PKT_BAD;
1284 }
1285 
1286 
1294 static void
1295 xfrd_tcp_write(xfrd_type* xfrd, tcp_set_type* set)
1296 {
1297  zone_type* zone = NULL;
1298  tcp_conn_type* tcp = NULL;
1299  int ret = 0;
1300  int error = 0;
1301  socklen_t len = 0;
1302 
1303  ods_log_assert(set);
1304  ods_log_assert(xfrd);
1305  ods_log_assert(xfrd->tcp_conn != -1);
1306  zone = (zone_type*) xfrd->zone;
1307  ods_log_assert(zone);
1308  ods_log_assert(zone->name);
1309  tcp = set->tcp_conn[xfrd->tcp_conn];
1310  if (tcp->total_bytes == 0) {
1311  /* check for pending error from nonblocking connect */
1312  /* from Stevens, unix network programming, vol1, 3rd ed, p450 */
1313  len = sizeof(error);
1314  if (getsockopt(tcp->fd, SOL_SOCKET, SO_ERROR, &error, &len) < 0) {
1315  error = errno; /* on solaris errno is error */
1316  }
1317  if (error == EINPROGRESS || error == EWOULDBLOCK) {
1318  ods_log_debug("[%s] zone %s zero write, write again later (%s)",
1319  xfrd_str, zone->name, strerror(error));
1320  return; /* try again later */
1321  }
1322  if (error != 0) {
1323  ods_log_error("[%s] zone %s cannot tcp connect to %s: %s",
1324  xfrd_str, zone->name, xfrd->master->address, strerror(errno));
1325  xfrd_set_timer_now(xfrd);
1326  xfrd_tcp_release(xfrd, set);
1327  return;
1328  }
1329  }
1330  ret = tcp_conn_write(tcp);
1331  if(ret == -1) {
1332  ods_log_error("[%s] zone %s cannot tcp write to %s: %s",
1333  xfrd_str, zone->name, xfrd->master->address, strerror(errno));
1334  xfrd_set_timer_now(xfrd);
1335  xfrd_tcp_release(xfrd, set);
1336  return;
1337  }
1338  if (ret == 0) {
1339  ods_log_debug("[%s] zone %s zero write, write again later",
1340  xfrd_str, zone->name);
1341  return; /* write again later */
1342  }
1343  /* done writing, get ready for reading */
1344  ods_log_debug("[%s] zone %s done writing, get ready for reading",
1345  xfrd_str, zone->name);
1346  tcp->is_reading = 1;
1347  tcp_conn_ready(tcp);
1349  xfrd_tcp_read(xfrd, set);
1350  return;
1351 }
1352 
1353 
1358 static int
1359 xfrd_tcp_open(xfrd_type* xfrd, tcp_set_type* set)
1360 {
1361  int fd, family, conn;
1362  struct sockaddr_storage to;
1363  socklen_t to_len;
1364  zone_type* zone = NULL;
1365 
1366  ods_log_assert(set);
1367  ods_log_assert(xfrd);
1368  ods_log_assert(xfrd->tcp_conn != -1);
1369  ods_log_assert(xfrd->master);
1370  ods_log_assert(xfrd->master->address);
1371  zone = (zone_type*) xfrd->zone;
1372  ods_log_assert(zone);
1373  ods_log_assert(zone->name);
1374  ods_log_debug("[%s] zone %s open tcp connection to %s", xfrd_str,
1375  zone->name, xfrd->master->address);
1376  set->tcp_conn[xfrd->tcp_conn]->is_reading = 0;
1377  set->tcp_conn[xfrd->tcp_conn]->total_bytes = 0;
1378  set->tcp_conn[xfrd->tcp_conn]->msglen = 0;
1379  if (xfrd->master->family == AF_INET6) {
1380  family = PF_INET6;
1381  } else {
1382  family = PF_INET;
1383  }
1384  fd = socket(family, SOCK_STREAM, IPPROTO_TCP);
1385  set->tcp_conn[xfrd->tcp_conn]->fd = fd;
1386  if (fd == -1) {
1387  ods_log_error("[%s] zone %s cannot create tcp socket to %s: %s",
1388  xfrd_str, zone->name, xfrd->master->address, strerror(errno));
1389  xfrd_set_timer_now(xfrd);
1390  xfrd_tcp_release(xfrd, set);
1391  return 0;
1392  }
1393  if (fcntl(fd, F_SETFL, O_NONBLOCK) == -1) {
1394  ods_log_error("[%s] zone %s cannot fcntl tcp socket to %s: %s",
1395  xfrd_str, zone->name, xfrd->master->address, strerror(errno));
1396  xfrd_set_timer_now(xfrd);
1397  xfrd_tcp_release(xfrd, set);
1398  return 0;
1399  }
1400  to_len = xfrd_acl_sockaddr_to(xfrd->master, &to);
1401  /* bind it? */
1402 
1403  conn = connect(fd, (struct sockaddr*)&to, to_len);
1404  if (conn == -1 && errno != EINPROGRESS) {
1405  ods_log_error("[%s] zone %s cannot connect tcp socket to %s: %s",
1406  xfrd_str, zone->name, xfrd->master->address, strerror(errno));
1407  xfrd_set_timer_now(xfrd);
1408  xfrd_tcp_release(xfrd, set);
1409  return 0;
1410  }
1411  xfrd->handler.fd = fd;
1413  xfrd_set_timer(xfrd, xfrd_time(xfrd) + XFRD_TCP_TIMEOUT);
1414  return 1;
1415 }
1416 
1417 
1422 static void
1423 xfrd_tcp_obtain(xfrd_type* xfrd, tcp_set_type* set)
1424 {
1425  int i = 0;
1426 
1427  ods_log_assert(set);
1428  ods_log_assert(xfrd);
1429  ods_log_assert(xfrd->tcp_conn == -1);
1430  ods_log_assert(xfrd->tcp_waiting == 0);
1431  if (set->tcp_count < TCPSET_MAX) {
1433  set->tcp_count ++;
1434  /* find a free tcp_buffer */
1435  for (i=0; i < TCPSET_MAX; i++) {
1436  if (set->tcp_conn[i]->fd == -1) {
1437  xfrd->tcp_conn = i;
1438  break;
1439  }
1440  }
1441  ods_log_assert(xfrd->tcp_conn != -1);
1442  xfrd->tcp_waiting = 0;
1443  /* stop udp use (if any) */
1444  if (xfrd->handler.fd != -1) {
1445  xfrd_udp_release(xfrd);
1446  }
1447  if (!xfrd_tcp_open(xfrd, set)) {
1448  return;
1449  }
1450  xfrd_tcp_xfr(xfrd, set);
1451  return;
1452  }
1453  /* wait, at end of line */
1454  ods_log_verbose("[%s] max number of tcp connections (%d) reached",
1455  xfrd_str, TCPSET_MAX);
1456  xfrd->tcp_waiting = 1;
1457  xfrd_unset_timer(xfrd);
1458  return;
1459 }
1460 
1461 
1466 static void
1467 xfrd_tcp_xfr(xfrd_type* xfrd, tcp_set_type* set)
1468 {
1469  tcp_conn_type* tcp = NULL;
1470  zone_type* zone = NULL;
1471 
1472  ods_log_assert(set);
1473  ods_log_assert(xfrd);
1474  zone = (zone_type*) xfrd->zone;
1475  ods_log_assert(zone);
1476  ods_log_assert(zone->name);
1477  ods_log_assert(xfrd->tcp_conn != -1);
1478  ods_log_assert(xfrd->tcp_waiting == 0);
1479  ods_log_assert(xfrd->master);
1480  ods_log_assert(xfrd->master->address);
1481  /* start AXFR or IXFR for the zone */
1482  tcp = set->tcp_conn[xfrd->tcp_conn];
1483 
1484  if (xfrd->msg_do_retransfer || xfrd->serial_xfr_acquired <= 0 ||
1485  xfrd->master->ixfr_disabled) {
1486  ods_log_info("[%s] zone %s request axfr to %s", xfrd_str,
1487  zone->name, xfrd->master->address);
1488  buffer_pkt_query(tcp->packet, zone->apex, LDNS_RR_TYPE_AXFR,
1489  zone->klass);
1490  } else {
1491  ods_log_info("[%s] zone %s request tcp/ixfr=%u to %s", xfrd_str,
1492  zone->name, xfrd->soa.serial, xfrd->master->address);
1493  buffer_pkt_query(tcp->packet, zone->apex, LDNS_RR_TYPE_IXFR,
1494  zone->klass);
1495  buffer_pkt_set_nscount(tcp->packet, 1);
1496  xfrd_write_soa(xfrd, tcp->packet);
1497  }
1498  /* make packet */
1499  xfrd->query_id = buffer_pkt_id(tcp->packet);
1500  xfrd->msg_seq_nr = 0;
1501  xfrd->msg_rr_count = 0;
1502  xfrd->msg_old_serial = 0;
1503  xfrd->msg_new_serial = 0;
1504  xfrd->msg_is_ixfr = 0;
1505  xfrd_tsig_sign(xfrd, tcp->packet);
1506  buffer_flip(tcp->packet);
1507  tcp->msglen = buffer_limit(tcp->packet);
1508  ods_log_verbose("[%s] zone %s sending tcp query id=%d", xfrd_str,
1509  zone->name, xfrd->query_id);
1510  /* wait for select to complete connect before write */
1511  return;
1512 }
1513 
1514 
1519 static void
1520 xfrd_tcp_read(xfrd_type* xfrd, tcp_set_type* set)
1521 {
1522  tcp_conn_type* tcp = NULL;
1523  int ret = 0;
1524 
1525  ods_log_assert(set);
1526  ods_log_assert(xfrd);
1527  ods_log_assert(xfrd->tcp_conn != -1);
1528  tcp = set->tcp_conn[xfrd->tcp_conn];
1529  ret = tcp_conn_read(tcp);
1530  if (ret == -1) {
1531  xfrd_set_timer_now(xfrd);
1532  xfrd_tcp_release(xfrd, set);
1533  return;
1534  }
1535  if (ret == 0) {
1536  return;
1537  }
1538  /* completed msg */
1539  buffer_flip(tcp->packet);
1540  ret = xfrd_handle_packet(xfrd, tcp->packet);
1541  switch (ret) {
1542  case XFRD_PKT_MORE:
1543  tcp_conn_ready(tcp);
1544  break;
1545  case XFRD_PKT_XFR:
1546  case XFRD_PKT_NEWLEASE:
1547  ods_log_verbose("[%s] tcp read %s: release connection", xfrd_str,
1548  XFRD_PKT_XFR?"xfr":"newlease");
1549  xfrd_tcp_release(xfrd, set);
1550  ods_log_assert(xfrd->round_num == -1);
1551  break;
1552  case XFRD_PKT_NOTIMPL:
1553  xfrd->master->ixfr_disabled = time_now();
1554  ods_log_verbose("[%s] disable ixfr requests for %s from now (%u)",
1555  xfrd_str, xfrd->master->address, xfrd->master->ixfr_disabled);
1556  /* break; */
1557  case XFRD_PKT_BAD:
1558  default:
1559  ods_log_debug("[%s] tcp read %s: release connection", xfrd_str,
1560  ret==XFRD_PKT_BAD?"bad":"notimpl");
1561  xfrd_tcp_release(xfrd, set);
1562  xfrd_make_request(xfrd);
1563  break;
1564  }
1565  return;
1566 }
1567 
1568 
1573 static void
1574 xfrd_tcp_release(xfrd_type* xfrd, tcp_set_type* set)
1575 {
1576  int conn = 0;
1577  zone_type* zone = NULL;
1578 
1579  ods_log_assert(set);
1580  ods_log_assert(xfrd);
1581  ods_log_assert(xfrd->master);
1582  ods_log_assert(xfrd->master->address);
1583  ods_log_assert(xfrd->tcp_conn != -1);
1584  ods_log_assert(xfrd->tcp_waiting == 0);
1585  zone = (zone_type*) xfrd->zone;
1586  ods_log_debug("[%s] zone %s release tcp connection to %s", xfrd_str,
1587  zone->name, xfrd->master->address);
1588  conn = xfrd->tcp_conn;
1589  xfrd->tcp_conn = -1;
1590  xfrd->tcp_waiting = 0;
1591  xfrd->handler.fd = -1;
1593 
1594  if (set->tcp_conn[conn]->fd != -1) {
1595  close(set->tcp_conn[conn]->fd);
1596  }
1597  set->tcp_conn[conn]->fd = -1;
1598  set->tcp_count --;
1599  return;
1600 }
1601 
1602 
1610 static int
1611 xfrd_udp_send(xfrd_type* xfrd, buffer_type* buffer)
1612 {
1613  struct sockaddr_storage to;
1614  socklen_t to_len = 0;
1615  int fd = -1;
1616  int family = PF_INET;
1617  ssize_t nb = -1;
1618  ods_log_assert(buffer);
1619  ods_log_assert(xfrd);
1620  ods_log_assert(xfrd->master);
1621  ods_log_assert(xfrd->master->address);
1622  /* this will set the remote port to acl->port or TCP_PORT */
1623  to_len = xfrd_acl_sockaddr_to(xfrd->master, &to);
1624  /* get the address family of the remote host */
1625  if (xfrd->master->family == AF_INET6) {
1626  family = PF_INET6;
1627  }
1628  /* create socket */
1629  fd = socket(family, SOCK_DGRAM, IPPROTO_UDP);
1630  if (fd == -1) {
1631  ods_log_error("[%s] unable to send data over udp to %s: "
1632  "socket() failed (%s)", xfrd_str, xfrd->master->address,
1633  strerror(errno));
1634  return -1;
1635  }
1636  /* bind it? */
1637 
1638  /* send it (udp) */
1639  ods_log_deeebug("[%s] send %d bytes over udp to %s", xfrd_str,
1640  buffer_remaining(buffer), xfrd->master->address);
1641  nb = sendto(fd, buffer_current(buffer), buffer_remaining(buffer), 0,
1642  (struct sockaddr*)&to, to_len);
1643  if (nb == -1) {
1644  ods_log_error("[%s] unable to send data over udp to %s: "
1645  "sendto() failed (%s)", xfrd_str, xfrd->master->address,
1646  strerror(errno));
1647  close(fd);
1648  return -1;
1649  }
1650  return fd;
1651 }
1652 
1653 
1658 static int
1659 xfrd_udp_send_request_ixfr(xfrd_type* xfrd)
1660 {
1661  int fd;
1662  xfrhandler_type* xfrhandler = NULL;
1663  zone_type* zone = NULL;
1664  ods_log_assert(xfrd);
1665  ods_log_assert(xfrd->master);
1666  ods_log_assert(xfrd->master->address);
1667  zone = (zone_type*) xfrd->zone;
1668  ods_log_assert(zone);
1669  ods_log_assert(zone->name);
1670  if (xfrd->tcp_conn != -1) {
1671  /* tcp is using the handler.fd */
1672  ods_log_error("[%s] unable to transfer zone %s: tried to send "
1673  "udp while tcp obtained", xfrd_str, zone->name);
1674  return -1;
1675  }
1676  /* make packet */
1677  xfrhandler = (xfrhandler_type*) xfrd->xfrhandler;
1678  ods_log_assert(xfrhandler);
1679  buffer_pkt_query(xfrhandler->packet, zone->apex, LDNS_RR_TYPE_IXFR,
1680  zone->klass);
1681  xfrd->query_id = buffer_pkt_id(xfrhandler->packet);
1682  xfrd->msg_seq_nr = 0;
1683  xfrd->msg_rr_count = 0;
1684  xfrd->msg_old_serial = 0;
1685  xfrd->msg_new_serial = 0;
1686  xfrd->msg_is_ixfr = 0;
1687  buffer_pkt_set_nscount(xfrhandler->packet, 1);
1688  xfrd_write_soa(xfrd, xfrhandler->packet);
1689  xfrd_tsig_sign(xfrd, xfrhandler->packet);
1690  buffer_flip(xfrhandler->packet);
1691  xfrd_set_timer(xfrd, xfrd_time(xfrd) + XFRD_UDP_TIMEOUT);
1692  ods_log_info("[%s] zone %s request udp/ixfr=%u to %s", xfrd_str,
1693  zone->name, xfrd->soa.serial, xfrd->master->address);
1694  if((fd = xfrd_udp_send(xfrd, xfrhandler->packet)) == -1) {
1695  return -1;
1696  }
1697  return fd;
1698 }
1699 
1704 static void
1705 xfrd_udp_obtain(xfrd_type* xfrd)
1706 {
1707  xfrhandler_type* xfrhandler = NULL;
1708  ods_log_assert(xfrd);
1709  ods_log_assert(xfrd->xfrhandler);
1710  ods_log_assert(xfrd->udp_waiting == 0);
1711  xfrhandler = (void*) xfrd->xfrhandler;
1712  if (xfrd->tcp_conn != -1) {
1713  /* no tcp and udp at the same time */
1714  xfrd_tcp_release(xfrd, xfrhandler->tcp_set);
1715  }
1716  if (xfrhandler->udp_use_num < XFRD_MAX_UDP) {
1717  xfrhandler->udp_use_num++;
1718  xfrd->handler.fd = xfrd_udp_send_request_ixfr(xfrd);
1719  if (xfrd->handler.fd == -1) {
1720  xfrhandler->udp_use_num--;
1721  }
1722  return;
1723  }
1724  /* queue the zone as last */
1725  xfrd->udp_waiting = 1;
1726  xfrd->udp_waiting_next = NULL;
1727  if (!xfrhandler->udp_waiting_first) {
1728  xfrhandler->udp_waiting_first = xfrd;
1729  }
1730  if (xfrhandler->udp_waiting_last) {
1731  xfrhandler->udp_waiting_last->udp_waiting_next = xfrd;
1732  }
1733  xfrhandler->udp_waiting_last = xfrd;
1734  xfrd_unset_timer(xfrd);
1735  return;
1736 }
1737 
1738 
1743 static int
1744 xfrd_udp_read_packet(xfrd_type* xfrd)
1745 {
1746  xfrhandler_type* xfrhandler = NULL;
1747  ssize_t received = 0;
1748  ods_log_assert(xfrd);
1749  xfrhandler = (xfrhandler_type*) xfrd->xfrhandler;
1750  ods_log_assert(xfrhandler);
1751  /* read the data */
1752  buffer_clear(xfrhandler->packet);
1753  received = recvfrom(xfrd->handler.fd, buffer_begin(xfrhandler->packet),
1754  buffer_remaining(xfrhandler->packet), 0, NULL, NULL);
1755  if (received == -1) {
1756  ods_log_error("[%s] unable to read packet: recvfrom() failed fd %d "
1757  "(%s)", xfrd_str, xfrd->handler.fd, strerror(errno));
1758  return 0;
1759  }
1760  buffer_set_limit(xfrhandler->packet, received);
1761  return 1;
1762 }
1763 
1764 
1769 static void
1770 xfrd_udp_read(xfrd_type* xfrd)
1771 {
1772  xfrhandler_type* xfrhandler = NULL;
1773  zone_type* zone = NULL;
1775  ods_log_assert(xfrd);
1776  zone = (zone_type*) xfrd->zone;
1777  ods_log_assert(zone);
1778  ods_log_assert(zone->name);
1779  ods_log_debug("[%s] zone %s read data from udp", xfrd_str,
1780  zone->name);
1781  if (!xfrd_udp_read_packet(xfrd)) {
1782  ods_log_error("[%s] unable to read data from udp zone %s: "
1783  "xfrd_udp_read_packet() failed", xfrd_str, zone->name);
1784  xfrd_udp_release(xfrd);
1785  return;
1786  }
1787  xfrhandler = (xfrhandler_type*) xfrd->xfrhandler;
1788  ods_log_assert(xfrhandler);
1789  res = xfrd_handle_packet(xfrd, xfrhandler->packet);
1790  switch (res) {
1791  case XFRD_PKT_TC:
1792  ods_log_verbose("[%s] truncation from %s",
1793  xfrd_str, xfrd->master->address);
1794  xfrd_udp_release(xfrd);
1795  xfrd_set_timer(xfrd, xfrd_time(xfrd) + XFRD_TCP_TIMEOUT);
1796  xfrd_tcp_obtain(xfrd, xfrhandler->tcp_set);
1797  break;
1798  case XFRD_PKT_XFR:
1799  case XFRD_PKT_NEWLEASE:
1800  ods_log_verbose("[%s] xfr/newlease from %s",
1801  xfrd_str, xfrd->master->address);
1802  /* nothing more to do */
1803  ods_log_assert(xfrd->round_num == -1);
1804  xfrd_udp_release(xfrd);
1805  break;
1806  case XFRD_PKT_NOTIMPL:
1807  xfrd->master->ixfr_disabled = time_now();
1808  ods_log_verbose("[%s] disable ixfr requests for %s from now (%u)",
1809  xfrd_str, xfrd->master->address, xfrd->master->ixfr_disabled);
1810  /* break; */
1811  case XFRD_PKT_BAD:
1812  default:
1813  ods_log_debug("[%s] bad ixfr packet from %s",
1814  xfrd_str, xfrd->master->address);
1815  xfrd_udp_release(xfrd);
1816  xfrd_make_request(xfrd);
1817  break;
1818  }
1819  return;
1820 }
1821 
1822 
1827 static void
1828 xfrd_udp_release(xfrd_type* xfrd)
1829 {
1830  xfrhandler_type* xfrhandler = NULL;
1831 
1832  ods_log_assert(xfrd);
1833  ods_log_assert(xfrd->udp_waiting == 0);
1834  if(xfrd->handler.fd != -1)
1835  close(xfrd->handler.fd);
1836  xfrd->handler.fd = -1;
1837  xfrhandler = (xfrhandler_type*) xfrd->xfrhandler;
1838  ods_log_assert(xfrhandler);
1839  /* see if there are waiting zones */
1840  if (xfrhandler->udp_use_num == XFRD_MAX_UDP) {
1841  while (xfrhandler->udp_waiting_first) {
1842  /* snip off waiting list */
1843  xfrd_type* wf = xfrhandler->udp_waiting_first;
1845  wf->udp_waiting = 0;
1846  xfrhandler->udp_waiting_first = wf->udp_waiting_next;
1847  if (xfrhandler->udp_waiting_last == wf) {
1848  xfrhandler->udp_waiting_last = NULL;
1849  }
1850  /* see if this zone needs udp connection */
1851  if (wf->tcp_conn == -1) {
1852  wf->handler.fd = xfrd_udp_send_request_ixfr(wf);
1853  if (wf->handler.fd != -1) {
1854  return;
1855  }
1856  }
1857  }
1858  }
1859  /* no waiting zones */
1860  if (xfrhandler->udp_use_num > 0) {
1861  xfrhandler->udp_use_num --;
1862  }
1863  return;
1864 }
1865 
1866 
1871 static void
1872 xfrd_make_request(xfrd_type* xfrd)
1873 {
1874  zone_type* zone = NULL;
1875  dnsin_type* dnsin = NULL;
1876  if (!xfrd || !xfrd->xfrhandler) {
1877  return;
1878  }
1879  zone = (zone_type*) xfrd->zone;
1880  ods_log_assert(zone);
1881  ods_log_assert(zone->name);
1882  ods_log_assert(zone->adinbound);
1885 
1886  dnsin = (dnsin_type*) zone->adinbound->config;
1887  if (xfrd->next_master != -1) {
1888  /* we are told to use this next master */
1889  xfrd->master_num = xfrd->next_master;
1890  xfrd->master = NULL; /* acl_find_num(...) */
1891  /* if there is no next master, fallback to use the first one */
1892  if (!xfrd->master) {
1893  xfrd->master = dnsin->request_xfr;
1894  xfrd->master_num = 0;
1895  }
1896  /* fallback to cycle master */
1897  xfrd->next_master = -1;
1898  xfrd->round_num = 0; /* fresh set of retries after notify */
1899  } else {
1900  /* cycle master */
1901  if (xfrd->round_num != -1 && xfrd->master &&
1902  xfrd->master->next) {
1903  /* try the next master */
1904  xfrd->master = xfrd->master->next;
1905  xfrd->master_num++;
1906  } else {
1907  /* start a new round */
1908  xfrd->master = dnsin->request_xfr;
1909  xfrd->master_num = 0;
1910  xfrd->round_num++;
1911  }
1912  if (xfrd->round_num >= XFRD_MAX_ROUNDS) {
1913  /* tried all servers that many times, wait */
1914  xfrd->round_num = -1;
1915  xfrd_set_timer_retry(xfrd);
1916  ods_log_verbose("[%s] zone %s make request wait retry",
1917  xfrd_str, zone->name);
1918  return;
1919  }
1920  }
1921  if (!xfrd->master) {
1922  ods_log_debug("[%s] unable to make request for zone %s: no master",
1923  xfrd_str, zone->name);
1924  xfrd->round_num = -1;
1925  xfrd_set_timer_retry(xfrd);
1926  return;
1927  }
1928  /* cache ixfr_disabled only for XFRD_NO_IXFR_CACHE time */
1929  if (xfrd->master->ixfr_disabled &&
1931  xfrd_time(xfrd)) {
1932  ods_log_verbose("[%s] clear negative caching ixfr disabled for "
1933  "master %s", xfrd_str, xfrd->master->address);
1934  ods_log_debug("[%s] clear negative caching calc: %u + %u <= %u",
1935  xfrd_str, xfrd->master->ixfr_disabled, XFRD_NO_IXFR_CACHE,
1936  xfrd_time(xfrd));
1937  xfrd->master->ixfr_disabled = 0;
1938  }
1939  /* perform xfr request */
1940  if (xfrd->serial_xfr_acquired && !xfrd->master->ixfr_disabled &&
1941  !xfrd->serial_retransfer) {
1942  xfrd_set_timer(xfrd, xfrd_time(xfrd) + XFRD_UDP_TIMEOUT);
1943 
1944  ods_log_verbose("[%s] zone %s make request [udp round %d master %s:%u]",
1945  xfrd_str, zone->name, xfrd->round_num, xfrd->master->address,
1946  xfrd->master->port);
1947  xfrd_udp_obtain(xfrd);
1948  } else if (!xfrd->serial_xfr_acquired || xfrd->master->ixfr_disabled ||
1949  xfrd->serial_retransfer) {
1950  xfrhandler_type* xfrhandler = (xfrhandler_type*) xfrd->xfrhandler;
1951  ods_log_assert(xfrhandler);
1952  if (xfrd->serial_retransfer) {
1953  xfrd->msg_do_retransfer = 1;
1954  xfrd->serial_retransfer = 0;
1955  }
1956  xfrd_set_timer(xfrd, xfrd_time(xfrd) + XFRD_TCP_TIMEOUT);
1957 
1958  ods_log_verbose("[%s] zone %s make request [tcp round %d master %s:%u]",
1959  xfrd_str, zone->name, xfrd->round_num, xfrd->master->address,
1960  xfrd->master->port);
1961  xfrd_tcp_obtain(xfrd, xfrhandler->tcp_set);
1962  }
1963  return;
1964 }
1965 
1966 
1971 static void
1972 xfrd_handle_zone(netio_type* ATTR_UNUSED(netio),
1973  netio_handler_type* handler, netio_events_type event_types)
1974 {
1975  xfrd_type* xfrd = NULL;
1976  zone_type* zone = NULL;
1977 
1978  if (!handler) {
1979  return;
1980  }
1981  xfrd = (xfrd_type*) handler->user_data;
1982  ods_log_assert(xfrd);
1983  zone = (zone_type*) xfrd->zone;
1984  ods_log_assert(zone);
1985  ods_log_assert(zone->name);
1986 
1987  if (xfrd->tcp_conn != -1) {
1988  /* busy in tcp transaction */
1989  xfrhandler_type* xfrhandler = (xfrhandler_type*) xfrd->xfrhandler;
1990  ods_log_assert(xfrhandler);
1991  if (event_types & NETIO_EVENT_READ) {
1992  ods_log_deeebug("[%s] zone %s event tcp read", xfrd_str, zone->name);
1993  xfrd_set_timer(xfrd, xfrd_time(xfrd) + XFRD_TCP_TIMEOUT);
1994  xfrd_tcp_read(xfrd, xfrhandler->tcp_set);
1995  return;
1996  } else if (event_types & NETIO_EVENT_WRITE) {
1997  ods_log_deeebug("[%s] zone %s event tcp write", xfrd_str,
1998  zone->name);
1999  xfrd_set_timer(xfrd, xfrd_time(xfrd) + XFRD_TCP_TIMEOUT);
2000  xfrd_tcp_write(xfrd, xfrhandler->tcp_set);
2001  return;
2002  } else if (event_types & NETIO_EVENT_TIMEOUT) {
2003  /* tcp connection timed out. Stop it. */
2004  ods_log_deeebug("[%s] zone %s event tcp timeout", xfrd_str,
2005  zone->name);
2006  xfrd_tcp_release(xfrd, xfrhandler->tcp_set);
2007  /* continue to retry; as if a timeout happened */
2008  event_types = NETIO_EVENT_TIMEOUT;
2009  }
2010  }
2011 
2012  if (event_types & NETIO_EVENT_READ) {
2013  /* busy in udp transaction */
2014  ods_log_deeebug("[%s] zone %s event udp read", xfrd_str,
2015  zone->name);
2016  xfrd_set_timer_now(xfrd);
2017  xfrd_udp_read(xfrd);
2018  return;
2019  }
2020 
2021  /* timeout */
2022  ods_log_deeebug("[%s] zone %s timeout", xfrd_str, zone->name);
2023  if (handler->fd != -1) {
2024  ods_log_assert(xfrd->tcp_conn == -1);
2025  xfrd_udp_release(xfrd);
2026  }
2027  if (xfrd->tcp_waiting) {
2028  ods_log_deeebug("[%s] zone %s skips retry: tcp connections full",
2029  xfrd_str, zone->name);
2030  xfrd_unset_timer(xfrd);
2031  return;
2032  }
2033  if (xfrd->udp_waiting) {
2034  ods_log_deeebug("[%s] zone %s skips retry: udp connections full",
2035  xfrd_str, zone->name);
2036  xfrd_unset_timer(xfrd);
2037  return;
2038  }
2039  /* make a new request */
2040  xfrd_make_request(xfrd);
2041  return;
2042 }
2043 
2044 
2049 static void
2050 xfrd_backup_dname(FILE* out, uint8_t* dname)
2051 {
2052  uint8_t* d= dname+1;
2053  uint8_t len = *d++;
2054  uint8_t i;
2055  if (dname[0]<=1) {
2056  fprintf(out, ".");
2057  return;
2058  }
2059  while (len) {
2060  ods_log_assert(d - (dname+1) <= dname[0]);
2061  for (i=0; i<len; i++) {
2062  uint8_t ch = *d++;
2063  if (isalnum(ch) || ch == '-' || ch == '_') {
2064  fprintf(out, "%c", ch);
2065  } else if (ch == '.' || ch == '\\') {
2066  fprintf(out, "\\%c", ch);
2067  } else {
2068  fprintf(out, "\\%03u", (unsigned int)ch);
2069  }
2070  }
2071  fprintf(out, ".");
2072  len = *d++;
2073  }
2074  return;
2075 }
2076 
2077 
2082 static void
2083 xfrd_backup(xfrd_type* xfrd)
2084 {
2085  zone_type* zone = (zone_type*) xfrd->zone;
2086  char* file = NULL;
2087  int timeout = 0;
2088  FILE* fd = NULL;
2089  if (zone && zone->name) {
2090  file = ods_build_path(zone->name, ".xfrd-state", 0, 1);
2091  if (file) {
2092  fd = ods_fopen(file, NULL, "w");
2093  if (fd) {
2094  if (xfrd->handler.timeout) {
2095  timeout = xfrd->timeout.tv_sec;
2096  }
2097  fprintf(fd, "%s\n", ODS_SE_FILE_MAGIC_V3);
2098  fprintf(fd, ";;Zone: name %s ttl %u mname ",
2099  zone->name,
2100  (unsigned) xfrd->soa.ttl);
2101  xfrd_backup_dname(fd, xfrd->soa.mname),
2102  fprintf(fd, " rname ");
2103  xfrd_backup_dname(fd, xfrd->soa.rname),
2104  fprintf(fd, " serial %u refresh %u retry %u expire %u "
2105  "minimum %u\n",
2106  (unsigned) xfrd->soa.serial,
2107  (unsigned) xfrd->soa.refresh,
2108  (unsigned) xfrd->soa.retry,
2109  (unsigned) xfrd->soa.expire,
2110  (unsigned) xfrd->soa.minimum);
2111  fprintf(fd, ";;Master: num %d next %d round %d timeout %d\n",
2112  xfrd->master_num,
2113  xfrd->next_master,
2114  xfrd->round_num,
2115  timeout);
2116  fprintf(fd, ";;Serial: xfr %u %u notify %u %u disk %u %u\n",
2117  (unsigned) xfrd->serial_xfr,
2118  (unsigned) xfrd->serial_xfr_acquired,
2119  (unsigned) xfrd->serial_notify,
2120  (unsigned) xfrd->serial_notify_acquired,
2121  (unsigned) xfrd->serial_disk,
2122  (unsigned) xfrd->serial_disk_acquired);
2123  fprintf(fd, "%s\n", ODS_SE_FILE_MAGIC_V3);
2124  ods_fclose(fd);
2125  }
2126  free(file);
2127  }
2128  }
2129  return;
2130 }
2131 
2132 
2137 static void
2138 xfrd_unlink(xfrd_type* xfrd)
2139 {
2140  zone_type* zone = (zone_type*) xfrd->zone;
2141  char* file = NULL;
2142  if (zone && zone->name) {
2143  ods_log_info("[%s] unlink zone %s xfrd state", xfrd_str, zone->name);
2144  file = ods_build_path(zone->name, ".xfrd-state", 0, 1);
2145  if (file) {
2146  (void)unlink(file);
2147  free(file);
2148  }
2149  }
2150  return;
2151 }
2152 
2153 
2158 void
2159 xfrd_cleanup(xfrd_type* xfrd, int backup)
2160 {
2161  allocator_type* allocator = NULL;
2162  lock_basic_type serial_lock;
2163  lock_basic_type rw_lock;
2164  if (!xfrd) {
2165  return;
2166  }
2167  /* backup */
2168  if (backup) {
2169  xfrd_backup(xfrd);
2170  } else {
2171  xfrd_unlink(xfrd);
2172  }
2173 
2174  allocator = xfrd->allocator;
2175  serial_lock = xfrd->serial_lock;
2176  rw_lock = xfrd->rw_lock;
2177  tsig_rr_cleanup(xfrd->tsig_rr);
2178  allocator_deallocate(allocator, (void*) xfrd);
2179  allocator_cleanup(allocator);
2180  lock_basic_destroy(&serial_lock);
2181  lock_basic_destroy(&rw_lock);
2182  return;
2183 }
#define XFRD_TSIG_MAX_UNSIGNED
Definition: xfrd.c:49
int backup_read_str(FILE *in, const char **str)
Definition: backup.c:97
tsig_algo_type * algo
Definition: tsig.h:131
int next_master
Definition: xfrd.h:103
void tsig_rr_update(tsig_rr_type *trr, buffer_type *buffer, size_t length)
Definition: tsig.c:604
#define PF_INET6
Definition: netio.h:61
tsig_status status
Definition: tsig.h:126
void engine_wakeup_workers(engine_type *engine)
Definition: engine.c:454
#define XFRD_MAX_ROUNDS
Definition: xfrd.h:47
xfrd_type * udp_waiting_first
Definition: xfrhandler.h:61
xfrd_type * udp_waiting_last
Definition: xfrhandler.h:62
#define DNS_PORT_STRING
Definition: listener.h:51
size_t tcp_count
Definition: tcpset.h:70
void * config
Definition: adapter.h:61
#define XFRD_UDP_TIMEOUT
Definition: xfrd.h:51
void ods_log_debug(const char *format,...)
Definition: log.c:270
xfrd_type * tcp_waiting_next
Definition: xfrd.h:130
void xfrd_set_timer_refresh(xfrd_type *xfrd)
Definition: xfrd.c:510
#define lock_basic_destroy(lock)
Definition: locks.h:90
uint16_t buffer_pkt_arcount(buffer_type *buffer)
Definition: buffer.c:1136
#define XFRD_TCP_TIMEOUT
Definition: xfrd.h:50
#define BUFFER_PKT_HEADER_SIZE
Definition: buffer.h:43
void * allocator_alloc(allocator_type *allocator, size_t size)
Definition: allocator.c:66
uint16_t error_code
Definition: tsig.h:144
const char * tsig_strerror(uint16_t error)
Definition: tsig.c:828
time_t serial_xfr_acquired
Definition: xfrd.h:110
uint32_t serial_notify
Definition: xfrd.h:108
uint16_t buffer_pkt_qdcount(buffer_type *buffer)
Definition: buffer.c:1061
buffer_type * packet
Definition: xfrhandler.h:60
void buffer_skip(buffer_type *buffer, ssize_t count)
Definition: buffer.c:186
size_t msg_rr_count
Definition: xfrd.h:125
uint16_t buffer_read_u16(buffer_type *buffer)
Definition: buffer.c:781
int buffer_skip_rr(buffer_type *buffer, unsigned qrr)
Definition: buffer.c:380
unsigned have_serial
Definition: namedb.h:59
void buffer_flip(buffer_type *buffer)
Definition: buffer.c:133
#define XFRD_NO_IXFR_CACHE
Definition: xfrd.h:49
void buffer_clear(buffer_type *buffer)
Definition: buffer.c:119
int round_num
Definition: xfrd.h:101
void ods_log_info(const char *format,...)
Definition: log.c:302
time_t serial_notify_acquired
Definition: xfrd.h:111
int backup_read_time_t(FILE *in, time_t *v)
Definition: backup.c:114
allocator_type * allocator
Definition: xfrd.h:93
void * zone
Definition: xfrd.h:95
uint8_t mname[MAXDOMAINLEN+2]
Definition: xfrd.h:77
enum ods_enum_status ods_status
Definition: status.h:90
enum netio_events_enum netio_events_type
Definition: netio.h:76
lock_basic_type zone_lock
Definition: zone.h:95
socklen_t xfrd_acl_sockaddr_to(acl_type *acl, struct sockaddr_storage *to)
Definition: xfrd.c:558
time_t ixfr_disabled
Definition: acl.h:71
tsig_algo_type * tsig_lookup_algo(const char *name)
Definition: tsig.c:288
tcp_conn_type * tcp_conn[TCPSET_MAX]
Definition: tcpset.h:67
xfrd_type * tcp_waiting_first
Definition: tcpset.h:68
void ods_log_error(const char *format,...)
Definition: log.c:334
acl_type * next
Definition: acl.h:59
const char * ods_status2str(ods_status status)
Definition: status.c:111
adapter_mode type
Definition: adapter.h:58
int tcp_conn_write(tcp_conn_type *tcp)
Definition: tcpset.c:185
int family
Definition: acl.h:63
union acl_addr_storage addr
Definition: acl.h:64
ldns_rdf * wf_name
Definition: tsig.h:92
int backup_read_int(FILE *in, int *v)
Definition: backup.c:165
buffer_type * packet
Definition: tcpset.h:56
void tsig_rr_reset(tsig_rr_type *trr, tsig_algo_type *algo, tsig_key_type *key)
Definition: tsig.c:332
void tsig_rr_append(tsig_rr_type *trr, buffer_type *buffer)
Definition: tsig.c:720
#define MAXLABELLEN
Definition: buffer.h:45
uint32_t msg_seq_nr
Definition: xfrd.h:122
uint32_t retry
Definition: xfrd.h:81
size_t update_since_last_prepare
Definition: tsig.h:129
void buffer_write(buffer_type *buffer, const void *data, size_t count)
Definition: buffer.c:592
uint16_t buffer_pkt_id(buffer_type *buffer)
Definition: buffer.c:811
lock_basic_type serial_lock
Definition: xfrd.h:96
uint8_t * buffer_current(buffer_type *buffer)
Definition: buffer.c:489
#define XFRD_MAX_UDP
Definition: xfrd.h:48
uint32_t ttl
Definition: xfrd.h:75
FILE * ods_fopen(const char *file, const char *dir, const char *mode)
Definition: file.c:190
const char * algorithm
Definition: tsig.h:114
void * user_data
Definition: netio.h:119
unsigned tcp_waiting
Definition: xfrd.h:132
int util_serial_gt(uint32_t serial_new, uint32_t serial_old)
Definition: util.c:72
uint16_t buffer_pkt_ancount(buffer_type *buffer)
Definition: buffer.c:1086
size_t buffer_limit(buffer_type *buffer)
Definition: buffer.c:411
xfrd_type * udp_waiting_next
Definition: xfrd.h:131
void tsig_rr_prepare(tsig_rr_type *trr)
Definition: tsig.c:579
tsig_key_type * key
Definition: tsig.h:116
void ods_log_crit(const char *format,...)
Definition: log.c:350
time_t xfrhandler_time(xfrhandler_type *xfrhandler)
Definition: xfrhandler.c:156
uint32_t refresh
Definition: xfrd.h:80
#define lock_basic_lock(lock)
Definition: locks.h:91
namedb_type * db
Definition: zone.h:86
size_t udp_use_num
Definition: xfrhandler.h:63
void buffer_pkt_set_nscount(buffer_type *buffer, uint16_t count)
Definition: buffer.c:1123
ldns_rdf * key_name
Definition: tsig.h:136
void buffer_set_limit(buffer_type *buffer, size_t limit)
Definition: buffer.c:423
allocator_type * allocator_create(void *(*allocator)(size_t size), void(*deallocator)(void *))
Definition: allocator.c:47
Definition: task.h:43
uint32_t msg_new_serial
Definition: xfrd.h:124
unsigned is_initialized
Definition: namedb.h:55
acl_type * master
Definition: xfrd.h:104
int lock_basic_type
Definition: locks.h:88
netio_event_handler_type event_handler
Definition: netio.h:131
tcp_set_type * tcp_set
Definition: xfrhandler.h:59
Definition: tsig.h:58
void tsig_rr_cleanup(tsig_rr_type *trr)
Definition: tsig.c:883
adapter_type * adinbound
Definition: zone.h:81
void xfrd_set_timer_retry(xfrd_type *xfrd)
Definition: xfrd.c:491
int buffer_skip_dname(buffer_type *buffer)
Definition: buffer.c:348
void log_dname(ldns_rdf *rdf, const char *pre, int level)
Definition: domain.c:48
int tcp_conn
Definition: xfrd.h:100
uint16_t msglen
Definition: tcpset.h:54
uint32_t buffer_read_u32(buffer_type *buffer)
Definition: buffer.c:796
void xfrd_cleanup(xfrd_type *xfrd, int backup)
Definition: xfrd.c:2159
uint32_t minimum
Definition: xfrd.h:83
tsig_rr_type * tsig_rr
Definition: xfrd.h:128
tsig_key_type * key
Definition: tsig.h:132
void buffer_pkt_query(buffer_type *buffer, ldns_rdf *qname, ldns_rr_type qtype, ldns_rr_class qclass)
Definition: buffer.c:1192
int tsig_rr_verify(tsig_rr_type *trr)
Definition: tsig.c:698
void buffer_write_u16(buffer_type *buffer, uint16_t data)
Definition: buffer.c:621
size_t buffer_read_dname(buffer_type *buffer, uint8_t *dname, unsigned allow_pointers)
Definition: buffer.c:284
ldns_rdf * dname
Definition: tsig.h:80
acl_type * request_xfr
Definition: addns.h:52
char * address
Definition: acl.h:61
void buffer_write_u32(buffer_type *buffer, uint32_t data)
Definition: buffer.c:635
ods_status zone_reschedule_task(zone_type *zone, schedule_type *taskq, task_id what)
Definition: zone.c:187
tsig_rr_type * tsig_rr_create(allocator_type *allocator)
Definition: tsig.c:305
uint32_t expire
Definition: xfrd.h:82
char * ods_build_path(const char *file, const char *suffix, int dir, int no_slash)
Definition: file.c:125
uint8_t rname[MAXDOMAINLEN+2]
Definition: xfrd.h:78
uint32_t total_bytes
Definition: tcpset.h:52
uint32_t msg_old_serial
Definition: xfrd.h:123
struct timespec timeout
Definition: xfrd.h:117
unsigned is_reading
Definition: tcpset.h:58
int tcp_conn_read(tcp_conn_type *tcp)
Definition: tcpset.c:111
void ods_log_verbose(const char *format,...)
Definition: log.c:286
ldns_rr_class klass
Definition: zone.h:69
size_t position
Definition: tsig.h:127
void buffer_write_u16_at(buffer_type *buffer, size_t at, uint16_t data)
Definition: buffer.c:564
void buffer_set_position(buffer_type *buffer, size_t pos)
Definition: buffer.c:172
#define lock_basic_init(lock)
Definition: locks.h:89
int tsig_rr_find(tsig_rr_type *trr, buffer_type *buffer)
Definition: tsig.c:477
void ods_fclose(FILE *fd)
Definition: file.c:250
void xfrd_set_timer_now(xfrd_type *xfrd)
Definition: xfrd.c:472
netio_events_type event_types
Definition: netio.h:124
uint8_t msg_is_ixfr
Definition: xfrd.h:126
int buffer_available(buffer_type *buffer, size_t count)
Definition: buffer.c:538
#define MAXDOMAINLEN
Definition: buffer.h:44
void allocator_cleanup(allocator_type *allocator)
Definition: allocator.c:151
const char * name
Definition: zone.h:76
#define PF_INET
Definition: netio.h:58
uint8_t serial_retransfer
Definition: xfrd.h:113
int backup_read_check_str(FILE *in, const char *str)
Definition: backup.c:77
size_t buffer_remaining(buffer_type *buffer)
Definition: buffer.c:514
void ods_log_deeebug(const char *format,...)
Definition: log.c:254
uint32_t serial_xfr
Definition: xfrd.h:107
uint16_t query_id
Definition: xfrd.h:121
void * xfrhandler
Definition: xfrd.h:94
void buffer_write_rdf(buffer_type *buffer, ldns_rdf *rdf)
Definition: buffer.c:649
int master_num
Definition: xfrd.h:102
void tsig_rr_sign(tsig_rr_type *trr)
Definition: tsig.c:676
void allocator_deallocate(allocator_type *allocator, void *data)
Definition: allocator.c:135
#define TCPSET_MAX
Definition: tcpset.h:42
lock_basic_type rw_lock
Definition: xfrd.h:97
#define LOG_DEBUG
Definition: log.h:51
unsigned int port
Definition: acl.h:62
void tcp_conn_ready(tcp_conn_type *tcp)
Definition: tcpset.c:96
unsigned udp_waiting
Definition: xfrd.h:133
size_t buffer_position(buffer_type *buffer)
Definition: buffer.c:160
ldns_rdf * algo_name
Definition: tsig.h:137
uint32_t serial
Definition: xfrd.h:79
void buffer_pkt_set_arcount(buffer_type *buffer, uint16_t count)
Definition: buffer.c:1148
struct in_addr addr
Definition: listener.h:60
struct timespec * timeout
Definition: netio.h:115
#define ods_log_assert(x)
Definition: log.h:154
netio_handler_type handler
Definition: xfrd.h:118
soa_type soa
Definition: xfrd.h:114
xfrd_type * xfrd_create(void *xfrhandler, void *zone)
Definition: xfrd.c:316
#define lock_basic_unlock(lock)
Definition: locks.h:92
uint16_t original_query_id
Definition: tsig.h:143
tsig_type * tsig
Definition: acl.h:69
enum xfrd_pkt_enum xfrd_pkt_status
Definition: xfrd.h:65
ldns_rdf * apex
Definition: zone.h:68
time_t serial_disk_acquired
Definition: xfrd.h:112
struct in6_addr addr6
Definition: listener.h:61
uint8_t * buffer_begin(buffer_type *buffer)
Definition: buffer.c:465
time_t time_now(void)
Definition: duration.c:513
uint32_t serial_disk
Definition: xfrd.h:109
ldns_pkt_rcode buffer_pkt_rcode(buffer_type *buffer)
Definition: buffer.c:1020
int backup_read_uint32_t(FILE *in, uint32_t *v)
Definition: backup.c:233
int buffer_pkt_tc(buffer_type *buffer)
Definition: buffer.c:960
uint8_t msg_do_retransfer
Definition: xfrd.h:127
Definition: acl.h:58