OpenDNSSEC-signer  2.0.3
xfrd.c
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2011 NLNet Labs. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  * notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  * notice, this list of conditions and the following disclaimer in the
11  * documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
15  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
17  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
19  * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
20  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
21  * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
22  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
23  * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24  *
25  */
26 
32 #include "config.h"
33 #include "daemon/engine.h"
34 #include "daemon/xfrhandler.h"
35 #include "duration.h"
36 #include "file.h"
37 #include "log.h"
38 #include "status.h"
39 #include "util.h"
40 #include "signer/domain.h"
41 #include "signer/zone.h"
42 #include "wire/tcpset.h"
43 #include "wire/xfrd.h"
44 #include "signer/backup.h"
45 
46 #include <unistd.h>
47 #include <fcntl.h>
48 
49 #define XFRD_TSIG_MAX_UNSIGNED 100
50 
51 static const char* xfrd_str = "xfrd";
52 
53 static void xfrd_handle_zone(netio_type* netio,
54  netio_handler_type* handler, netio_events_type event_types);
55 static void xfrd_make_request(xfrd_type* xfrd);
56 
57 static socklen_t xfrd_acl_sockaddr(acl_type* acl, unsigned int port,
58  struct sockaddr_storage *sck);
59 
60 static void xfrd_write_soa(xfrd_type* xfrd, buffer_type* buffer);
61 static int xfrd_parse_soa(xfrd_type* xfrd, buffer_type* buffer,
62  unsigned rdata_only, unsigned update, uint32_t t,
63  uint32_t* serial);
64 static ods_status xfrd_parse_rrs(xfrd_type* xfrd, buffer_type* buffer,
65  uint16_t count, int* done);
66 static xfrd_pkt_status xfrd_parse_packet(xfrd_type* xfrd,
67  buffer_type* buffer);
68 static xfrd_pkt_status xfrd_handle_packet(xfrd_type* xfrd,
69  buffer_type* buffer);
70 
71 static void xfrd_tcp_obtain(xfrd_type* xfrd, tcp_set_type* set);
72 static void xfrd_tcp_read(xfrd_type* xfrd, tcp_set_type* set);
73 static void xfrd_tcp_release(xfrd_type* xfrd, tcp_set_type* set, int open_waiting);
74 static void xfrd_tcp_write(xfrd_type* xfrd, tcp_set_type* set);
75 static void xfrd_tcp_xfr(xfrd_type* xfrd, tcp_set_type* set);
76 static int xfrd_tcp_open(xfrd_type* xfrd, tcp_set_type* set);
77 
78 static void xfrd_udp_obtain(xfrd_type* xfrd);
79 static void xfrd_udp_read(xfrd_type* xfrd);
80 static void xfrd_udp_release(xfrd_type* xfrd);
81 static int xfrd_udp_read_packet(xfrd_type* xfrd);
82 static int xfrd_udp_send(xfrd_type* xfrd, buffer_type* buffer);
83 static int xfrd_udp_send_request_ixfr(xfrd_type* xfrd);
84 
85 static time_t xfrd_time(xfrd_type* xfrd);
86 static void xfrd_set_timer(xfrd_type* xfrd, time_t t);
87 static void xfrd_set_timer_time(xfrd_type* xfrd, time_t t);
88 static void xfrd_unset_timer(xfrd_type* xfrd);
89 
90 
95 static uint8_t
96 xfrd_recover_dname(uint8_t* dname, const char* name)
97 {
98  const uint8_t *s = (const uint8_t *) name;
99  uint8_t *h;
100  uint8_t *p;
101  uint8_t *d = dname;
102  size_t label_length;
103 
104  if (strcmp(name, ".") == 0) {
105  /* Root domain. */
106  dname[0] = 0;
107  return 1;
108  }
109  for (h = d, p = h + 1; *s; ++s, ++p) {
110  if (p - dname >= MAXDOMAINLEN) {
111  return 0;
112  }
113  switch (*s) {
114  case '.':
115  if (p == h + 1) {
116  /* Empty label. */
117  return 0;
118  } else {
119  label_length = p - h - 1;
120  if (label_length > MAXLABELLEN) {
121  return 0;
122  }
123  *h = label_length;
124  h = p;
125  }
126  break;
127  case '\\':
128  /* Handle escaped characters (RFC1035 5.1) */
129  if (isdigit(s[1]) && isdigit(s[2]) && isdigit(s[3])) {
130  int val = (ldns_hexdigit_to_int(s[1]) * 100 +
131  ldns_hexdigit_to_int(s[2]) * 10 +
132  ldns_hexdigit_to_int(s[3]));
133  if (0 <= val && val <= 255) {
134  s += 3;
135  *p = val;
136  } else {
137  *p = *++s;
138  }
139  } else if (s[1] != '\0') {
140  *p = *++s;
141  }
142  break;
143  default:
144  *p = *s;
145  break;
146  }
147  }
148  if (p != h + 1) {
149  /* Terminate last label. */
150  label_length = p - h - 1;
151  if (label_length > MAXLABELLEN) {
152  return 0;
153  }
154  *h = label_length;
155  h = p;
156  }
157  /* Add root label. */
158  *h = 0;
159  return p-dname;
160 }
161 
162 
167 static void
168 xfrd_recover(xfrd_type* xfrd)
169 {
170  zone_type* zone = (zone_type*) xfrd->zone;
171  char* file = NULL;
172  FILE* fd = NULL;
173  int round_num = 0;
174  int master_num = 0;
175  int next_master = 0;
176  uint32_t timeout = 0;
177  uint32_t serial_xfr = 0;
178  uint32_t serial_notify = 0;
179  uint32_t serial_disk = 0;
180  time_t serial_xfr_acquired = 0;
181  time_t serial_notify_acquired = 0;
182  time_t serial_disk_acquired = 0;
183  uint32_t soa_ttl = 0;
184  uint32_t soa_serial = 0;
185  uint32_t soa_refresh = 0;
186  uint32_t soa_retry = 0;
187  uint32_t soa_expire = 0;
188  uint32_t soa_minimum = 0;
189  const char* soa_mname = NULL;
190  const char* soa_rname = NULL;
191 
192  if (zone && zone->name && zone->db &&
193  zone->db->is_initialized && zone->db->have_serial) {
194  file = ods_build_path(zone->name, ".xfrd-state", 0, 1);
195  if (file) {
196  ods_log_verbose("[%s] recover xfrd.state file %s zone %s", xfrd_str,
197  file, zone->name);
198  fd = ods_fopen(file, NULL, "r");
199  if (fd) {
200  if (!backup_read_check_str(fd, ODS_SE_FILE_MAGIC_V3)) {
201  ods_log_error("[%s] corrupted state file zone %s: read "
202  "magic (start) error", xfrd_str, zone->name);
203  goto xfrd_recover_error;
204  }
205  if (!backup_read_check_str(fd, ";;Zone:") |
206  !backup_read_check_str(fd, "name") |
207  !backup_read_check_str(fd, zone->name) |
208  !backup_read_check_str(fd, "ttl") |
209  !backup_read_uint32_t(fd, &soa_ttl) |
210  !backup_read_check_str(fd, "mname") |
211  !backup_read_str(fd, &soa_mname) |
212  !backup_read_check_str(fd, "rname") |
213  !backup_read_str(fd, &soa_rname) |
214  !backup_read_check_str(fd, "serial") |
215  !backup_read_uint32_t(fd, &soa_serial) |
216  !backup_read_check_str(fd, "refresh") |
217  !backup_read_uint32_t(fd, &soa_refresh) |
218  !backup_read_check_str(fd, "retry") |
219  !backup_read_uint32_t(fd, &soa_retry) |
220  !backup_read_check_str(fd, "expire") |
221  !backup_read_uint32_t(fd, &soa_expire) |
222  !backup_read_check_str(fd, "minimum") |
223  !backup_read_uint32_t(fd, &soa_minimum)) {
224  ods_log_error("[%s] corrupted state file zone %s: read "
225  ";;Zone error", xfrd_str, zone->name);
226  goto xfrd_recover_error;
227  }
228  if (!backup_read_check_str(fd, ";;Master:") |
229  !backup_read_check_str(fd, "num") |
230  !backup_read_int(fd, &master_num) |
231  !backup_read_check_str(fd, "next") |
232  !backup_read_int(fd, &next_master) |
233  !backup_read_check_str(fd, "round") |
234  !backup_read_int(fd, &round_num) |
235  !backup_read_check_str(fd, "timeout") |
236  !backup_read_uint32_t(fd, &timeout)) {
237  ods_log_error("[%s] corrupt state file zone %s: read "
238  ";;Master error", xfrd_str, zone->name);
239  goto xfrd_recover_error;
240  }
241  if (!backup_read_check_str(fd, ";;Serial:") |
242  !backup_read_check_str(fd, "xfr") |
243  !backup_read_uint32_t(fd, &serial_xfr) |
244  !backup_read_time_t(fd, &serial_xfr_acquired) |
245  !backup_read_check_str(fd, "notify") |
246  !backup_read_uint32_t(fd, &serial_notify) |
247  !backup_read_time_t(fd, &serial_notify_acquired) |
248  !backup_read_check_str(fd, "disk") |
249  !backup_read_uint32_t(fd, &serial_disk) |
250  !backup_read_time_t(fd, &serial_disk_acquired)) {
251  ods_log_error("[%s] corrupt state file zone %s: read "
252  ";;Serial error", xfrd_str, zone->name);
253  goto xfrd_recover_error;
254  }
255  if (!backup_read_check_str(fd, ODS_SE_FILE_MAGIC_V3)) {
256  ods_log_error("[%s] corrupt state file zone %s: read "
257  "magic (end) error", xfrd_str, zone->name);
258  goto xfrd_recover_error;
259  }
260 
261  /* all ok */
262  xfrd->master_num = master_num;
263  xfrd->next_master = next_master;
264  xfrd->round_num = round_num;
265  xfrd->timeout.tv_sec = timeout;
266  xfrd->timeout.tv_nsec = 0;
267  xfrd->master = NULL; /* acl_find_num(...) */
268  xfrd->soa.ttl = soa_ttl;
269  xfrd->soa.serial = soa_serial;
270  xfrd->soa.refresh = soa_refresh;
271  xfrd->soa.retry = soa_retry;
272  xfrd->soa.expire = soa_expire;
273  xfrd->soa.minimum = soa_minimum;
274  xfrd->soa.mname[0] = xfrd_recover_dname(xfrd->soa.mname+1,
275  soa_mname);
276  xfrd->soa.rname[0] = xfrd_recover_dname(xfrd->soa.rname+1,
277  soa_rname);
278  xfrd->serial_xfr = serial_xfr;
279  xfrd->serial_xfr_acquired = serial_xfr_acquired;
280  xfrd->serial_notify = serial_notify;
281  xfrd->serial_notify_acquired = serial_notify_acquired;
282  xfrd->serial_disk = serial_disk;
283  xfrd->serial_disk_acquired = serial_disk_acquired;
284  if (!timeout || serial_notify_acquired ||
285  (serial_disk_acquired &&
286  (uint32_t)xfrd_time(xfrd) - serial_disk_acquired >
287  soa_refresh)) {
289  }
290  if (serial_disk_acquired &&
291  ((uint32_t)xfrd_time(xfrd) - serial_disk_acquired >
292  soa_expire)) {
294  }
295 
296 xfrd_recover_error:
297  free((void*)soa_mname);
298  free((void*)soa_rname);
299  ods_fclose(fd);
300  }
301  free(file);
302  }
303  } else {
304  ods_log_verbose("[%s] did not recover xfrd.state file zone %s", xfrd_str,
305  (zone && zone->name)?zone->name:"(null)");
306  }
307 }
308 
309 
314 xfrd_type*
316 {
317  xfrd_type* xfrd = NULL;
318  if (!xfrhandler || !zone) {
319  return NULL;
320  }
321  CHECKALLOC(xfrd = (xfrd_type*) malloc(sizeof(xfrd_type)));
322  lock_basic_init(&xfrd->serial_lock);
323  lock_basic_init(&xfrd->rw_lock);
324 
325  xfrd->xfrhandler = xfrhandler;
326  xfrd->zone = zone;
327  xfrd->tcp_conn = -1;
328  xfrd->round_num = -1;
329  xfrd->master_num = 0;
330  xfrd->next_master = -1;
331  xfrd->master = NULL;
332  lock_basic_lock(&xfrd->serial_lock);
333  xfrd->serial_xfr = 0;
334  xfrd->serial_disk = 0;
335  xfrd->serial_notify = 0;
336  xfrd->serial_xfr_acquired = 0;
337  xfrd->serial_disk_acquired = 0;
338  xfrd->serial_notify_acquired = 0;
339  xfrd->serial_retransfer = 0;
340  lock_basic_unlock(&xfrd->serial_lock);
341  xfrd->query_id = 0;
342  xfrd->msg_seq_nr = 0;
343  xfrd->msg_rr_count = 0;
344  xfrd->msg_old_serial = 0;
345  xfrd->msg_new_serial = 0;
346  xfrd->msg_is_ixfr = 0;
347  xfrd->msg_do_retransfer = 0;
348  xfrd->udp_waiting = 0;
349  xfrd->udp_waiting_next = NULL;
350  xfrd->tcp_waiting = 0;
351  xfrd->tcp_waiting_next = NULL;
352  xfrd->tsig_rr = tsig_rr_create();
353  if (!xfrd->tsig_rr) {
354  xfrd_cleanup(xfrd, 0);
355  return NULL;
356  }
357  memset(&xfrd->soa, 0, sizeof(xfrd->soa));
358  xfrd->soa.ttl = 0;
359  xfrd->soa.mname[0] = 1;
360  xfrd->soa.rname[0] = 1;
361  xfrd->soa.serial = 0;
362  xfrd->soa.refresh = 3600;
363  xfrd->soa.retry = 300;
364  xfrd->soa.expire = 604800;
365  xfrd->soa.minimum = 3600;
366  xfrd->handler.fd = -1;
367  xfrd->handler.user_data = (void*) xfrd;
368  xfrd->handler.timeout = 0;
369  xfrd->handler.event_types =
371  xfrd->handler.event_handler = xfrd_handle_zone;
372  xfrd_set_timer_time(xfrd, 0);
373  xfrd_recover(xfrd);
374  return xfrd;
375 }
376 
377 
382 static time_t
383 xfrd_time(xfrd_type* xfrd)
384 {
385  ods_log_assert(xfrd);
386  ods_log_assert(xfrd->xfrhandler);
387  return xfrhandler_time((xfrhandler_type*) xfrd->xfrhandler);
388 }
389 
390 
395 static void
396 xfrd_set_timer(xfrd_type* xfrd, time_t t)
397 {
398  if (!xfrd || !xfrd->xfrhandler) {
399  return;
400  }
405  if(t > xfrd_time(xfrd) + 10) {
406  time_t extra = t - xfrd_time(xfrd);
407  time_t base = extra*9/10;
408 #ifdef HAVE_ARC4RANDOM_UNIFORM
409  t = xfrd_time(xfrd) + base +
410  arc4random_uniform(extra-base);
411 #elif HAVE_ARC4RANDOM
412  t = xfrd_time(xfrd) + base +
413  arc4random()%(extra-base);
414 #else
415  t = xfrd_time(xfrd) + base +
416  random()%(extra-base);
417 #endif
418  }
419  xfrd->handler.timeout = &xfrd->timeout;
420  xfrd->timeout.tv_sec = t;
421  xfrd->timeout.tv_nsec = 0;
422 }
423 
424 
429 static void
430 xfrd_unset_timer(xfrd_type* xfrd)
431 {
432  ods_log_assert(xfrd);
433  xfrd->handler.timeout = NULL;
434 }
435 
436 
441 static void
442 xfrd_set_timer_time(xfrd_type* xfrd, time_t t)
443 {
444  ods_log_assert(xfrd);
445  xfrd_set_timer(xfrd, xfrd_time(xfrd) + t);
446 }
447 
448 
453 void
455 {
456  zone_type* zone = NULL;
457  if (!xfrd || !xfrd->zone || !xfrd->xfrhandler) {
458  return;
459  }
460  zone = (zone_type*) xfrd->zone;
461  ods_log_debug("[%s] zone %s sets timer timeout now", xfrd_str,
462  zone->name);
463  xfrd_set_timer_time(xfrd, 0);
464 }
465 
466 
471 void
473 {
474  zone_type* zone = NULL;
475  if (!xfrd || !xfrd->zone || !xfrd->xfrhandler) {
476  return;
477  }
478  zone = (zone_type*) xfrd->zone;
479  ods_log_debug("[%s] zone %s sets timer timeout retry %u", xfrd_str,
480  zone->name, (unsigned) xfrd->soa.retry);
481  xfrd_set_timer_time(xfrd, xfrd->soa.retry);
482 }
483 
484 
489 void
491 {
492  zone_type* zone = NULL;
493  if (!xfrd || !xfrd->zone || !xfrd->xfrhandler) {
494  return;
495  }
496  zone = (zone_type*) xfrd->zone;
497  ods_log_debug("[%s] zone %s sets timer timeout refresh %u", xfrd_str,
498  zone->name, (unsigned) xfrd->soa.refresh);
499  xfrd_set_timer_time(xfrd, xfrd->soa.refresh);
500 }
501 
502 
507 static socklen_t
508 xfrd_acl_sockaddr(acl_type* acl, unsigned int port,
509  struct sockaddr_storage *sck)
510 {
511  ods_log_assert(acl);
512  ods_log_assert(sck);
513  ods_log_assert(port);
514  memset(sck, 0, sizeof(struct sockaddr_storage));
515  if (acl->family == AF_INET6) {
516  struct sockaddr_in6* sa = (struct sockaddr_in6*)sck;
517  sa->sin6_family = AF_INET6;
518  sa->sin6_port = htons(port);
519  sa->sin6_addr = acl->addr.addr6;
520  return sizeof(struct sockaddr_in6);
521  } else {
522  struct sockaddr_in* sa = (struct sockaddr_in*)sck;
523  sa->sin_family = AF_INET;
524  sa->sin_port = htons(port);
525  sa->sin_addr = acl->addr.addr;
526  return sizeof(struct sockaddr_in);
527  }
528  return 0;
529 }
530 
531 
536 socklen_t
537 xfrd_acl_sockaddr_to(acl_type* acl, struct sockaddr_storage *to)
538 {
539  unsigned int port = 0;
540  if (!acl || !to) {
541  return 0;
542  }
543  port = acl->port ? acl->port : (unsigned) atoi(DNS_PORT_STRING);
544  return xfrd_acl_sockaddr(acl, port, to);
545 }
546 
547 
552 static void
553 xfrd_tsig_sign(xfrd_type* xfrd, buffer_type* buffer)
554 {
555  tsig_algo_type* algo = NULL;
556  if (!xfrd || !xfrd->tsig_rr || !xfrd->master || !xfrd->master->tsig ||
557  !xfrd->master->tsig->key || !buffer) {
558  return; /* no tsig configured */
559  }
560  algo = tsig_lookup_algo(xfrd->master->tsig->algorithm);
561  if (!algo) {
562  ods_log_error("[%s] unable to sign request: tsig unknown algorithm "
563  "%s", xfrd_str, xfrd->master->tsig->algorithm);
564  return;
565  }
566  ods_log_assert(algo);
567  tsig_rr_reset(xfrd->tsig_rr, algo, xfrd->master->tsig->key);
568  xfrd->tsig_rr->original_query_id = buffer_pkt_id(buffer);
569  xfrd->tsig_rr->algo_name = ldns_rdf_clone(xfrd->tsig_rr->algo->wf_name);
570  xfrd->tsig_rr->key_name = ldns_rdf_clone(xfrd->tsig_rr->key->dname);
571  log_dname(xfrd->tsig_rr->key_name, "tsig sign query with key", LOG_DEBUG);
572  log_dname(xfrd->tsig_rr->algo_name, "tsig sign query with algorithm",
573  LOG_DEBUG);
574  tsig_rr_prepare(xfrd->tsig_rr);
575  tsig_rr_update(xfrd->tsig_rr, buffer, buffer_position(buffer));
576  tsig_rr_sign(xfrd->tsig_rr);
577  ods_log_debug("[%s] tsig append rr to request id=%u", xfrd_str,
578  buffer_pkt_id(buffer));
579  tsig_rr_append(xfrd->tsig_rr, buffer);
580  buffer_pkt_set_arcount(buffer, buffer_pkt_arcount(buffer)+1);
581  tsig_rr_prepare(xfrd->tsig_rr);
582 }
583 
584 
589 static int
590 xfrd_tsig_process(xfrd_type* xfrd, buffer_type* buffer)
591 {
592  zone_type* zone = NULL;
593  int have_tsig = 0;
594  if (!xfrd || !xfrd->tsig_rr || !xfrd->master || !xfrd->master->tsig ||
595  !xfrd->master->tsig->key || !buffer) {
596  return 1; /* no tsig configured */
597  }
598  zone = (zone_type*) xfrd->zone;
599  ods_log_assert(zone);
600  ods_log_assert(zone->name);
601  ods_log_assert(xfrd->master->address);
602  if (!tsig_rr_find(xfrd->tsig_rr, buffer)) {
603  ods_log_error("[%s] unable to process tsig: xfr zone %s from %s "
604  "has malformed tsig rr", xfrd_str, zone->name,
605  xfrd->master->address);
606  return 0;
607  }
608  if (xfrd->tsig_rr->status == TSIG_OK) {
609  have_tsig = 1;
610  if (xfrd->tsig_rr->error_code != LDNS_RCODE_NOERROR) {
611  ods_log_error("[%s] zone %s, from %s has tsig error (%s)",
612  xfrd_str, zone->name, xfrd->master->address,
614  }
615  /* strip the TSIG resource record off... */
616  buffer_set_limit(buffer, xfrd->tsig_rr->position);
617  buffer_pkt_set_arcount(buffer, buffer_pkt_arcount(buffer)-1);
618  }
619  /* keep running the TSIG hash */
620  tsig_rr_update(xfrd->tsig_rr, buffer, buffer_limit(buffer));
621  if (have_tsig) {
622  if (!tsig_rr_verify(xfrd->tsig_rr)) {
623  ods_log_error("[%s] unable to process tsig: xfr zone %s from %s "
624  "has bad tsig signature", xfrd_str, zone->name,
625  xfrd->master->address);
626  return 0;
627  }
628  /* prepare for next tsigs */
629  tsig_rr_prepare(xfrd->tsig_rr);
630  } else if (xfrd->tsig_rr->update_since_last_prepare >
632  /* we allow a number of non-tsig signed packets */
633  ods_log_error("[%s] unable to process tsig: xfr zone %s, from %s "
634  "has too many consecutive packets without tsig", xfrd_str,
635  zone->name, xfrd->master->address);
636  return 0;
637  }
638  if (!have_tsig && xfrd->msg_seq_nr == 0) {
639  ods_log_error("[%s] unable to process tsig: xfr zone %s from %s "
640  "has no tsig in first packet of reply", xfrd_str,
641  zone->name, xfrd->master->address);
642  return 0;
643  }
644  /* process TSIG ok */
645  return 1;
646 }
647 
648 
653 static void
654 xfrd_commit_packet(xfrd_type* xfrd)
655 {
656  zone_type* zone = NULL;
657  char* xfrfile = NULL;
658  FILE* fd = NULL;
659  time_t serial_disk_acq = 0;
660  ods_log_assert(xfrd);
661  zone = (zone_type*) xfrd->zone;
662  xfrfile = ods_build_path(zone->name, ".xfrd", 0, 1);
663  if (!xfrfile) {
664  ods_log_crit("[%s] unable to commit xfr zone %s: build path failed",
665  xfrd_str, zone->name);
666  return;
667  }
668  ods_log_assert(zone);
669  ods_log_assert(zone->name);
670  lock_basic_lock(&zone->zone_lock);
671  lock_basic_lock(&xfrd->rw_lock);
672  lock_basic_lock(&xfrd->serial_lock);
673  /* mark end packet */
674  fd = ods_fopen(xfrfile, NULL, "a");
675  free((void*)xfrfile);
676  if (fd) {
677  fprintf(fd, ";;ENDPACKET\n");
678  ods_fclose(fd);
679  } else {
680  lock_basic_unlock(&xfrd->rw_lock);
681  lock_basic_unlock(&zone->zone_lock);
682  lock_basic_unlock(&xfrd->serial_lock);
683  ods_log_crit("[%s] unable to commit xfr zone %s: ods_fopen() failed "
684  "(%s)", xfrd_str, zone->name, strerror(errno));
685  return;
686  }
687  /* update soa serial management */
688  xfrd->serial_disk = xfrd->msg_new_serial;
689  serial_disk_acq = xfrd->serial_disk_acquired;
690  xfrd->serial_disk_acquired = xfrd_time(xfrd);
691  /* ensure newer time */
692  if (xfrd->serial_disk_acquired == serial_disk_acq) {
693  xfrd->serial_disk_acquired++;
694  }
695  xfrd->soa.serial = xfrd->serial_disk;
696  if (xfrd->msg_do_retransfer ||
697  (util_serial_gt(xfrd->serial_disk, xfrd->serial_xfr) &&
698  xfrd->serial_disk_acquired > xfrd->serial_xfr_acquired)) {
699  /* reschedule task */
700  int ret = 0;
701  xfrhandler_type* xfrhandler = (xfrhandler_type*) xfrd->xfrhandler;
702  engine_type* engine = (engine_type*) xfrhandler->engine;
703  ods_log_assert(xfrhandler);
704  ods_log_assert(engine);
705  ods_log_debug("[%s] reschedule task for zone %s: disk serial=%u "
706  "acquired=%lu, memory serial=%u acquired=%lu", xfrd_str,
707  zone->name, xfrd->serial_disk,
708  (unsigned long)xfrd->serial_disk_acquired, xfrd->serial_xfr,
709  (unsigned long)xfrd->serial_xfr_acquired);
710  ret = zone_reschedule_task(zone, engine->taskq, TASK_READ);
711  if (ret != ODS_STATUS_OK) {
712  ods_log_crit("[%s] unable to reschedule task for zone %s: %s",
713  xfrd_str, zone->name, ods_status2str(ret));
714  } else {
715  engine_wakeup_workers(engine);
716  }
717  }
718  /* reset retransfer */
719  xfrd->msg_do_retransfer = 0;
720 
721  lock_basic_unlock(&xfrd->serial_lock);
722  lock_basic_unlock(&xfrd->rw_lock);
723  lock_basic_unlock(&zone->zone_lock);
724 }
725 
726 
731 static void
732 xfrd_dump_packet(xfrd_type* xfrd, buffer_type* buffer)
733 {
734  zone_type* zone = NULL;
735  char* xfrfile = NULL;
736  FILE* fd = NULL;
737  ldns_pkt* pkt = NULL;
738  ldns_status status = LDNS_STATUS_OK;
739  ods_log_assert(buffer);
740  ods_log_assert(xfrd);
741  zone = (zone_type*) xfrd->zone;
742  ods_log_assert(zone);
743  ods_log_assert(zone->name);
744  status = ldns_wire2pkt(&pkt, buffer_begin(buffer), buffer_limit(buffer));
745  if (status != LDNS_STATUS_OK) {
746  ods_log_crit("[%s] unable to dump packet zone %s: ldns_wire2pkt() "
747  "failed (%s)", xfrd_str, zone->name,
748  ldns_get_errorstr_by_id(status));
749  return;
750  }
751  ods_log_assert(pkt);
752  xfrfile = ods_build_path(zone->name, ".xfrd", 0, 1);
753  if (!xfrfile) {
754  ods_log_crit("[%s] unable to dump packet zone %s: build path failed",
755  xfrd_str, zone->name);
756  return;
757  }
758  lock_basic_lock(&xfrd->rw_lock);
759  if (xfrd->msg_do_retransfer && !xfrd->msg_seq_nr && !xfrd->msg_is_ixfr) {
760  fd = ods_fopen(xfrfile, NULL, "w");
761  } else {
762  fd = ods_fopen(xfrfile, NULL, "a");
763  }
764  free((void*) xfrfile);
765  if (!fd) {
766  ods_log_crit("[%s] unable to dump packet zone %s: ods_fopen() failed "
767  "(%s)", xfrd_str, zone->name, strerror(errno));
768  lock_basic_unlock(&xfrd->rw_lock);
769  return;
770  }
771  ods_log_assert(fd);
772  if (xfrd->msg_seq_nr == 0) {
773  fprintf(fd, ";;BEGINPACKET\n");
774  }
775  ldns_rr_list_print(fd, ldns_pkt_answer(pkt));
776  ods_fclose(fd);
777  lock_basic_unlock(&xfrd->rw_lock);
778  ldns_pkt_free(pkt);
779 }
780 
781 
786 static void
787 xfrd_write_soa(xfrd_type* xfrd, buffer_type* buffer)
788 {
789  zone_type* zone = NULL;
790  size_t rdlength_pos = 0;
791  uint16_t rdlength = 0;
792  ods_log_assert(xfrd);
793  ods_log_assert(buffer);
794  zone = (zone_type*) xfrd->zone;
795  ods_log_assert(zone);
796  ods_log_assert(zone->apex);
797  buffer_write_rdf(buffer, zone->apex);
798  buffer_write_u16(buffer, (uint16_t) LDNS_RR_TYPE_SOA);
799  buffer_write_u16(buffer, (uint16_t) zone->klass);
800  buffer_write_u32(buffer, xfrd->soa.ttl);
801  rdlength_pos = buffer_position(buffer);
802  buffer_skip(buffer, sizeof(rdlength));
803  buffer_write(buffer, xfrd->soa.mname+1, xfrd->soa.mname[0]);
804  buffer_write(buffer, xfrd->soa.rname+1, xfrd->soa.rname[0]);
805  buffer_write_u32(buffer, xfrd->soa.serial);
806  buffer_write_u32(buffer, xfrd->soa.refresh);
807  buffer_write_u32(buffer, xfrd->soa.retry);
808  buffer_write_u32(buffer, xfrd->soa.expire);
809  buffer_write_u32(buffer, xfrd->soa.minimum);
810  rdlength = buffer_position(buffer) - rdlength_pos - sizeof(rdlength);
811  buffer_write_u16_at(buffer, rdlength_pos, rdlength);
812 }
813 
814 
819 static void
820 xfrd_update_soa(xfrd_type* xfrd, buffer_type* buffer, uint32_t ttl,
821  uint16_t mname_pos, uint16_t rname_pos,
822  uint32_t refresh, uint32_t retry, uint32_t expire, uint32_t minimum)
823 {
824  zone_type* zone = NULL;
825  ods_log_assert(xfrd);
826  ods_log_assert(buffer);
827  zone = (zone_type*) xfrd->zone;
828  ods_log_assert(zone);
829  ods_log_assert(zone->apex);
830  xfrd->soa.ttl = ttl;
831  xfrd->soa.refresh = refresh;
832  xfrd->soa.retry = retry;
833  xfrd->soa.expire = expire;
834  xfrd->soa.minimum = minimum;
835  buffer_set_position(buffer, mname_pos);
836  if (!(xfrd->soa.mname[0] =
837  buffer_read_dname(buffer, xfrd->soa.mname+1, 1))) {
838  xfrd->soa.mname[0] = 1;
839  xfrd->soa.mname[1] = 0;
840  }
841  buffer_set_position(buffer, rname_pos);
842  if (!(xfrd->soa.rname[0] =
843  buffer_read_dname(buffer, xfrd->soa.rname+1, 1))) {
844  xfrd->soa.rname[0] = 1;
845  xfrd->soa.rname[1] = 0;
846  }
847 }
848 
849 
854 static int
855 xfrd_parse_soa(xfrd_type* xfrd, buffer_type* buffer, unsigned rdata_only,
856  unsigned update, uint32_t t, uint32_t* soa_serial)
857 {
858  ldns_rr_type type = LDNS_RR_TYPE_SOA;
859  uint16_t mname_pos = 0;
860  uint16_t rname_pos = 0;
861  uint16_t pos = 0;
862  uint32_t serial = 0;
863  uint32_t refresh = 0;
864  uint32_t retry = 0;
865  uint32_t expire = 0;
866  uint32_t minimum = 0;
867  uint32_t ttl = t;
868  ods_log_assert(xfrd);
869  ods_log_assert(buffer);
870 
871  /* type class ttl */
872  if (!rdata_only) {
873  if (!buffer_available(buffer, 10)) {
874  ods_log_debug("[%s] unable to parse soa: rr too short",
875  xfrd_str);
876  return 0;
877  }
878  type = (ldns_rr_type) buffer_read_u16(buffer);
879  if (type != LDNS_RR_TYPE_SOA) {
880  ods_log_debug("[%s] unable to parse soa: rrtype %u != soa",
881  xfrd_str, (unsigned) type);
882  return 0;
883  }
884  (void)buffer_read_u16(buffer); /* class */
885  ttl = buffer_read_u32(buffer);
886  /* rdata length */
887  if (!buffer_available(buffer, buffer_read_u16(buffer))) {
888  ods_log_debug("[%s] unable to parse soa: rdata too short",
889  xfrd_str);
890  return 0;
891  }
892  }
893  /* MNAME */
894  mname_pos = buffer_position(buffer);
895  if (!buffer_skip_dname(buffer)) {
896  ods_log_debug("[%s] unable to parse soa: bad mname",
897  xfrd_str);
898  return 0;
899  }
900  /* RNAME */
901  rname_pos = buffer_position(buffer);
902  if (!buffer_skip_dname(buffer)) {
903  ods_log_debug("[%s] unable to parse soa: bad rname",
904  xfrd_str);
905  return 0;
906  }
907  serial = buffer_read_u32(buffer);
908  refresh = buffer_read_u32(buffer);
909  retry = buffer_read_u32(buffer);
910  expire = buffer_read_u32(buffer);
911  minimum = buffer_read_u32(buffer);
912  pos = buffer_position(buffer);
913  if (soa_serial) {
914  *soa_serial = serial;
915  }
916  if (update) {
917  xfrd_update_soa(xfrd, buffer, ttl, mname_pos, rname_pos,
918  refresh, retry, expire, minimum);
919  }
920  buffer_set_position(buffer, pos);
921  return 1;
922 }
923 
924 
929 static ods_status
930 xfrd_parse_rrs(xfrd_type* xfrd, buffer_type* buffer, uint16_t count,
931  int* done)
932 {
933  ldns_rr_type type = 0;
934  uint16_t rrlen = 0;
935  uint32_t ttl = 0;
936  uint32_t serial = 0;
937  uint32_t tmp_serial = 0;
938  size_t i = 0;
939  ods_log_assert(xfrd);
940  ods_log_assert(buffer);
941  ods_log_assert(done);
942  for (i=0; i < count; ++i, ++xfrd->msg_rr_count) {
943  if (*done) {
944  return ODS_STATUS_OK;
945  }
946  if (!buffer_skip_dname(buffer)) {
947  return ODS_STATUS_SKIPDNAME;
948  }
949  if (!buffer_available(buffer, 10)) {
950  return ODS_STATUS_BUFAVAIL;
951  }
952  (void)buffer_position(buffer);
953  type = (ldns_rr_type) buffer_read_u16(buffer);
954  (void)buffer_read_u16(buffer); /* class */
955  ttl = buffer_read_u32(buffer);
956  rrlen = buffer_read_u16(buffer);
957  if (!buffer_available(buffer, rrlen)) {
958  return ODS_STATUS_BUFAVAIL;
959  }
960  if (type == LDNS_RR_TYPE_SOA) {
961  if (!xfrd_parse_soa(xfrd, buffer, 1, 0, ttl, &serial)) {
962  return ODS_STATUS_PARSESOA;
963  }
964  if (xfrd->msg_rr_count == 1 && serial != xfrd->msg_new_serial) {
965  /* 2nd RR is SOA with different serial, this is an IXFR */
966  xfrd->msg_is_ixfr = 1;
967  lock_basic_lock(&xfrd->serial_lock);
968  if (!xfrd->serial_disk_acquired) {
969  lock_basic_unlock(&xfrd->serial_lock);
970  /* got IXFR but need AXFR */
971  return ODS_STATUS_REQAXFR;
972  }
973  if (!xfrd->msg_do_retransfer && serial != xfrd->serial_disk) {
974  lock_basic_unlock(&xfrd->serial_lock);
975  /* bad start serial in IXFR */
976  return ODS_STATUS_INSERIAL;
977  }
978  lock_basic_unlock(&xfrd->serial_lock);
979  xfrd->msg_old_serial = serial;
980  tmp_serial = serial;
981  } else if (serial == xfrd->msg_new_serial) {
982  /* saw another SOA of new serial. */
983  if (xfrd->msg_is_ixfr == 1) {
984  xfrd->msg_is_ixfr = 2; /* seen middle SOA in ixfr */
985  } else {
986  *done = 1; /* final axfr/ixfr soa */
987  }
988  } else if (xfrd->msg_is_ixfr) {
989  /* some additional checks */
990  if (util_serial_gt(serial, xfrd->msg_new_serial)) {
991  /* bad middle serial in IXFR (too high) */
992  return ODS_STATUS_INSERIAL;
993  }
994  if (util_serial_gt(tmp_serial, serial)) {
995  /* middle serial decreases in IXFR */
996  return ODS_STATUS_INSERIAL;
997  }
998  /* serial ok, update tmp serial */
999  tmp_serial = serial;
1000  }
1001  } else {
1002  buffer_skip(buffer, rrlen);
1003  }
1004  }
1005  return ODS_STATUS_OK;
1006 }
1007 
1008 
1013 static xfrd_pkt_status
1014 xfrd_parse_packet(xfrd_type* xfrd, buffer_type* buffer)
1015 {
1016  zone_type* zone = NULL;
1017  uint16_t qdcount = 0;
1018  uint16_t ancount = 0;
1019  uint16_t ancount_todo = 0;
1020  uint16_t rrcount = 0;
1021  uint32_t serial = 0;
1022  int done = 0;
1023  ods_status status = ODS_STATUS_OK;
1024  ods_log_assert(buffer);
1025  ods_log_assert(xfrd);
1026  ods_log_assert(xfrd->master);
1027  ods_log_assert(xfrd->master->address);
1028  zone = (zone_type*) xfrd->zone;
1029  ods_log_assert(zone);
1030  ods_log_assert(zone->name);
1031  /* check packet size */
1032  if (!buffer_available(buffer, BUFFER_PKT_HEADER_SIZE)) {
1033  ods_log_error("[%s] unable to parse packet: zone %s received bad "
1034  "packet from %s (too small)", xfrd_str, zone->name,
1035  xfrd->master->address);
1036  return XFRD_PKT_BAD;
1037  }
1038  /* check query id */
1039  if (buffer_pkt_id(buffer) != xfrd->query_id) {
1040  ods_log_error("[%s] bad packet: zone %s received bad query id "
1041  "%u from %s (expected %u)", xfrd_str, zone->name,
1042  buffer_pkt_id(buffer), xfrd->master->address, xfrd->query_id);
1043  return XFRD_PKT_BAD;
1044  }
1045  /* check rcode */
1046  if (buffer_pkt_rcode(buffer) != LDNS_RCODE_NOERROR) {
1047  ods_log_error("[%s] bad packet: zone %s received error code %s from %s",
1048  xfrd_str, zone->name, ldns_pkt_rcode2str(buffer_pkt_rcode(buffer)),
1049  xfrd->master->address);
1050  if (buffer_pkt_rcode(buffer) == LDNS_RCODE_NOTIMPL) {
1051  return XFRD_PKT_NOTIMPL;
1052  } else if (buffer_pkt_rcode(buffer) != LDNS_RCODE_NOTAUTH) {
1053  return XFRD_PKT_BAD;
1054  }
1055  }
1056  /* check tsig */
1057  if (!xfrd_tsig_process(xfrd, buffer)) {
1058  ods_log_error("[%s] bad packet: zone %s received bad tsig "
1059  "from %s", xfrd_str, zone->name, xfrd->master->address);
1060  return XFRD_PKT_BAD;
1061  }
1062  /* skip header and question section */
1064  qdcount = buffer_pkt_qdcount(buffer);
1065  for (rrcount = 0; rrcount < qdcount; rrcount++) {
1066  if (!buffer_skip_rr(buffer, 1)) {
1067  ods_log_error("[%s] bad packet: zone %s received bad "
1068  "question section from %s (bad rr)", xfrd_str, zone->name,
1069  xfrd->master->address);
1070  return XFRD_PKT_BAD;
1071  }
1072  }
1073  /* answer section */
1074  ancount = buffer_pkt_ancount(buffer);
1075  if (xfrd->msg_rr_count == 0 && ancount == 0) {
1076  if (xfrd->tcp_conn == -1 && buffer_pkt_tc(buffer)) {
1077  ods_log_info("[%s] zone %s received tc from %s, retry tcp",
1078  xfrd_str, zone->name, xfrd->master->address);
1079  return XFRD_PKT_TC;
1080  }
1081  ods_log_error("[%s] bad packet: zone %s received bad xfr packet "
1082  "from %s (nodata)", xfrd_str, zone->name, xfrd->master->address);
1083  return XFRD_PKT_BAD;
1084  }
1085 
1086  ancount_todo = ancount;
1087  if (xfrd->msg_rr_count == 0) {
1088  /* parse the first RR, see if it is a SOA */
1089  if (!buffer_skip_dname(buffer) ||
1090  !xfrd_parse_soa(xfrd, buffer, 0, 1, 0, &serial)) {
1091  ods_log_error("[%s] bad packet: zone %s received bad xfr "
1092  "packet from %s (bad soa)", xfrd_str, zone->name,
1093  xfrd->master->address);
1094  return XFRD_PKT_BAD;
1095  }
1096  /* check serial */
1097  lock_basic_lock(&xfrd->serial_lock);
1098  if (!xfrd->msg_do_retransfer &&
1099  xfrd->serial_disk_acquired && xfrd->serial_disk == serial) {
1100  ods_log_info("[%s] zone %s got update indicating current "
1101  "serial %u from %s", xfrd_str, zone->name, serial,
1102  xfrd->master->address);
1103  xfrd->serial_disk_acquired = xfrd_time(xfrd);
1104  if (xfrd->serial_xfr == serial) {
1106  if (!xfrd->serial_notify_acquired) {
1107  /* not notified or anything, so stop asking around */
1108  xfrd->round_num = -1; /* next try start a new round */
1109  xfrd_set_timer_refresh(xfrd);
1110  ods_log_debug("[%s] zone %s wait refresh time", xfrd_str,
1111  zone->name);
1112  lock_basic_unlock(&xfrd->serial_lock);
1113  return XFRD_PKT_NEWLEASE;
1114  }
1115  /* try next master */
1116  ods_log_debug("[%s] zone %s try next master", xfrd_str,
1117  zone->name);
1118  lock_basic_unlock(&xfrd->serial_lock);
1119  return XFRD_PKT_BAD;
1120  }
1121  }
1122  if (!xfrd->msg_do_retransfer && xfrd->serial_disk_acquired &&
1123  !util_serial_gt(serial, xfrd->serial_disk)) {
1124  ods_log_info("[%s] zone %s ignoring old serial %u from %s "
1125  "(have %u)", xfrd_str, zone->name, serial,
1126  xfrd->master->address, xfrd->serial_disk);
1127  lock_basic_unlock(&xfrd->serial_lock);
1128  return XFRD_PKT_BAD;
1129  }
1130 
1131  xfrd->msg_new_serial = serial;
1132  if (!xfrd->msg_do_retransfer && xfrd->serial_disk_acquired) {
1133  xfrd->msg_old_serial = xfrd->serial_disk;
1134  } else {
1135  xfrd->msg_old_serial = 0;
1136  }
1137  /* update notify serial if this xfr is newer */
1138  if (ancount > 1 && xfrd->serial_notify_acquired &&
1139  util_serial_gt(serial, xfrd->serial_notify)) {
1140  xfrd->serial_notify = serial;
1141  }
1142  lock_basic_unlock(&xfrd->serial_lock);
1143  xfrd->msg_rr_count = 1;
1144  xfrd->msg_is_ixfr = 0;
1145  ancount_todo = ancount - 1;
1146  }
1147  /* check tc bit */
1148  if (xfrd->tcp_conn == -1 && buffer_pkt_tc(buffer)) {
1149  ods_log_info("[%s] zone %s received tc from %s, retry tcp",
1150  xfrd_str, zone->name, xfrd->master->address);
1151  return XFRD_PKT_TC;
1152  }
1153  if (xfrd->tcp_conn == -1 && ancount < 2) {
1154  /* too short to be a real ixfr/axfr data transfer */
1155  ods_log_info("[%s] zone %s received too short udp reply from %s, "
1156  "retry tcp", xfrd_str, zone->name, xfrd->master->address);
1157  return XFRD_PKT_TC;
1158  }
1159  status = xfrd_parse_rrs(xfrd, buffer, ancount_todo, &done);
1160  if (status != ODS_STATUS_OK) {
1161  ods_log_error("[%s] bad packet: zone %s received bad xfr packet "
1162  "from %s (%s)", xfrd_str, zone->name, xfrd->master->address,
1163  ods_status2str(status));
1164  return XFRD_PKT_BAD;
1165  }
1166  if (xfrd->tcp_conn == -1 && !done) {
1167  ods_log_error("[%s] bad packet: zone %s received bad xfr packet "
1168  "(xfr over udp incomplete)", xfrd_str, zone->name);
1169  return XFRD_PKT_BAD;
1170  }
1171  if (!done) {
1172  return XFRD_PKT_MORE;
1173  }
1174  return XFRD_PKT_XFR;
1175 }
1176 
1177 
1182 static xfrd_pkt_status
1183 xfrd_handle_packet(xfrd_type* xfrd, buffer_type* buffer)
1184 {
1186  zone_type* zone = NULL;
1187  ods_log_assert(xfrd);
1188  ods_log_assert(xfrd->master);
1189  ods_log_assert(xfrd->master->address);
1190  zone = (zone_type*) xfrd->zone;
1191  ods_log_assert(zone);
1192  ods_log_assert(zone->name);
1193  res = xfrd_parse_packet(xfrd, buffer);
1194  ods_log_debug("[%s] zone %s xfr packet parsed (res %d)", xfrd_str,
1195  zone->name, res);
1196 
1197  switch (res) {
1198  case XFRD_PKT_MORE:
1199  case XFRD_PKT_XFR:
1200  /* continue with commit */
1201  break;
1202  case XFRD_PKT_NEWLEASE:
1203  case XFRD_PKT_TC:
1204  return res;
1205  break;
1206  case XFRD_PKT_NOTIMPL:
1207  case XFRD_PKT_BAD:
1208  default:
1209  /* rollback */
1210  if (xfrd->msg_seq_nr > 0) {
1211  buffer_clear(buffer);
1212  ods_log_info("[%s] zone %s xfr rollback", xfrd_str,
1213  zone->name);
1214  buffer_flip(buffer);
1215  }
1216  return res;
1217  break;
1218  }
1219  /* dump reply on disk to diff file */
1220  xfrd_dump_packet(xfrd, buffer);
1221  /* more? */
1222  xfrd->msg_seq_nr++;
1223  if (res == XFRD_PKT_MORE) {
1224  /* wait for more */
1225  return XFRD_PKT_MORE;
1226  }
1227  /* done */
1228  buffer_clear(buffer);
1229  buffer_flip(buffer);
1230  /* commit packet */
1231  xfrd_commit_packet(xfrd);
1232  /* next time */
1233  lock_basic_lock(&xfrd->serial_lock);
1234 
1235  ods_log_info("[%s] zone %s transfer done [notify acquired %lu, serial on "
1236  "disk %u, notify serial %u]", xfrd_str, zone->name,
1237  (unsigned long)xfrd->serial_notify_acquired, xfrd->serial_disk,
1238  xfrd->serial_notify);
1239 
1240  if (xfrd->serial_notify_acquired &&
1241  !util_serial_gt(xfrd->serial_notify, xfrd->serial_disk)) {
1242  ods_log_verbose("[%s] zone %s reset notify acquired", xfrd_str,
1243  zone->name);
1244  xfrd->serial_notify_acquired = 0;
1245  }
1246  if (!xfrd->serial_notify_acquired) {
1247  ods_log_debug("[%s] zone %s xfr done", xfrd_str, zone->name);
1248  xfrd->round_num = -1; /* next try start anew */
1249  xfrd_set_timer_refresh(xfrd);
1250  lock_basic_unlock(&xfrd->serial_lock);
1251  return XFRD_PKT_XFR;
1252  }
1253  lock_basic_unlock(&xfrd->serial_lock);
1254  /* try to get an even newer serial */
1255  ods_log_info("[%s] zone %s try get newer serial", xfrd_str, zone->name);
1256  return XFRD_PKT_BAD;
1257 }
1258 
1259 
1267 static void
1268 xfrd_tcp_write(xfrd_type* xfrd, tcp_set_type* set)
1269 {
1270  zone_type* zone = NULL;
1271  tcp_conn_type* tcp = NULL;
1272  int ret = 0;
1273  int error = 0;
1274  socklen_t len = 0;
1275 
1276  ods_log_assert(set);
1277  ods_log_assert(xfrd);
1278  ods_log_assert(xfrd->tcp_conn != -1);
1279  zone = (zone_type*) xfrd->zone;
1280  ods_log_assert(zone);
1281  ods_log_assert(zone->name);
1282  tcp = set->tcp_conn[xfrd->tcp_conn];
1283  if (tcp->total_bytes == 0) {
1284  /* check for pending error from nonblocking connect */
1285  /* from Stevens, unix network programming, vol1, 3rd ed, p450 */
1286  len = sizeof(error);
1287  if (getsockopt(tcp->fd, SOL_SOCKET, SO_ERROR, &error, &len) < 0) {
1288  error = errno; /* on solaris errno is error */
1289  }
1290  if (error == EINPROGRESS || error == EWOULDBLOCK) {
1291  ods_log_debug("[%s] zone %s zero write, write again later (%s)",
1292  xfrd_str, zone->name, strerror(error));
1293  return; /* try again later */
1294  }
1295  if (error != 0) {
1296  ods_log_error("[%s] zone %s cannot tcp connect to %s: %s",
1297  xfrd_str, zone->name, xfrd->master->address, strerror(errno));
1298  xfrd_set_timer_now(xfrd);
1299  xfrd_tcp_release(xfrd, set, 1);
1300  return;
1301  }
1302  }
1303  ret = tcp_conn_write(tcp);
1304  if(ret == -1) {
1305  ods_log_error("[%s] zone %s cannot tcp write to %s: %s",
1306  xfrd_str, zone->name, xfrd->master->address, strerror(errno));
1307  xfrd_set_timer_now(xfrd);
1308  xfrd_tcp_release(xfrd, set, 1);
1309  return;
1310  }
1311  if (ret == 0) {
1312  ods_log_debug("[%s] zone %s zero write, write again later",
1313  xfrd_str, zone->name);
1314  return; /* write again later */
1315  }
1316  /* done writing, get ready for reading */
1317  ods_log_debug("[%s] zone %s done writing, get ready for reading",
1318  xfrd_str, zone->name);
1319  tcp->is_reading = 1;
1320  tcp_conn_ready(tcp);
1322  xfrd_tcp_read(xfrd, set);
1323 }
1324 
1325 
1330 static int
1331 xfrd_tcp_open(xfrd_type* xfrd, tcp_set_type* set)
1332 {
1333  int fd, family, conn;
1334  struct sockaddr_storage to;
1335  socklen_t to_len;
1336  zone_type* zone = NULL;
1337 
1338  ods_log_assert(set);
1339  ods_log_assert(xfrd);
1340  ods_log_assert(xfrd->tcp_conn != -1);
1341  ods_log_assert(xfrd->master);
1342  ods_log_assert(xfrd->master->address);
1343  zone = (zone_type*) xfrd->zone;
1344  ods_log_assert(zone);
1345  ods_log_assert(zone->name);
1346  ods_log_debug("[%s] zone %s open tcp connection to %s", xfrd_str,
1347  zone->name, xfrd->master->address);
1348  set->tcp_conn[xfrd->tcp_conn]->is_reading = 0;
1349  set->tcp_conn[xfrd->tcp_conn]->total_bytes = 0;
1350  set->tcp_conn[xfrd->tcp_conn]->msglen = 0;
1351  if (xfrd->master->family == AF_INET6) {
1352  family = PF_INET6;
1353  } else {
1354  family = PF_INET;
1355  }
1356  fd = socket(family, SOCK_STREAM, IPPROTO_TCP);
1357  set->tcp_conn[xfrd->tcp_conn]->fd = fd;
1358  if (fd == -1) {
1359  ods_log_error("[%s] zone %s cannot create tcp socket to %s: %s",
1360  xfrd_str, zone->name, xfrd->master->address, strerror(errno));
1361  xfrd_set_timer_now(xfrd);
1362  xfrd_tcp_release(xfrd, set, 0);
1363  return 0;
1364  }
1365  if (fcntl(fd, F_SETFL, O_NONBLOCK) == -1) {
1366  ods_log_error("[%s] zone %s cannot fcntl tcp socket: %s",
1367  xfrd_str, zone->name, strerror(errno));
1368  xfrd_set_timer_now(xfrd);
1369  xfrd_tcp_release(xfrd, set, 0);
1370  return 0;
1371  }
1372  to_len = xfrd_acl_sockaddr_to(xfrd->master, &to);
1373  /* bind it? */
1374 
1375  conn = connect(fd, (struct sockaddr*)&to, to_len);
1376  if (conn == -1 && errno != EINPROGRESS) {
1377  ods_log_error("[%s] zone %s cannot connect tcp socket to %s: %s",
1378  xfrd_str, zone->name, xfrd->master->address, strerror(errno));
1379  xfrd_set_timer_now(xfrd);
1380  xfrd_tcp_release(xfrd, set, 0);
1381  return 0;
1382  }
1383  xfrd->handler.fd = fd;
1385  xfrd_set_timer(xfrd, xfrd_time(xfrd) + XFRD_TCP_TIMEOUT);
1386  return 1;
1387 }
1388 
1389 
1394 static void
1395 xfrd_tcp_obtain(xfrd_type* xfrd, tcp_set_type* set)
1396 {
1397  xfrhandler_type* xfrhandler;
1398  int i = 0;
1399 
1400  ods_log_assert(set);
1401  ods_log_assert(xfrd);
1402  ods_log_assert(xfrd->tcp_conn == -1);
1403  ods_log_assert(xfrd->tcp_waiting == 0);
1404  if (set->tcp_count < TCPSET_MAX) {
1405  ods_log_assert(!set->tcp_waiting_first);
1406  set->tcp_count ++;
1407  /* find a free tcp_buffer */
1408  for (i=0; i < TCPSET_MAX; i++) {
1409  if (set->tcp_conn[i]->fd == -1) {
1410  xfrd->tcp_conn = i;
1411  break;
1412  }
1413  }
1414  ods_log_assert(xfrd->tcp_conn != -1);
1415  xfrd->tcp_waiting = 0;
1416  /* stop udp use (if any) */
1417  if (xfrd->handler.fd != -1) {
1418  xfrd_udp_release(xfrd);
1419  }
1420  if (!xfrd_tcp_open(xfrd, set)) {
1421  return;
1422  }
1423  xfrd_tcp_xfr(xfrd, set);
1424  return;
1425  }
1426  /* wait, at end of line */
1427  ods_log_verbose("[%s] max number of tcp connections (%d) reached",
1428  xfrd_str, TCPSET_MAX);
1429  xfrd->tcp_waiting = 1;
1430  xfrd_unset_timer(xfrd);
1431 
1432  /* add it to the waiting queue */
1433  xfrhandler = (xfrhandler_type*) xfrd->xfrhandler;
1434  xfrd->tcp_waiting_next = xfrhandler->tcp_waiting_first;
1435  xfrhandler->tcp_waiting_first = xfrd;
1436 }
1437 
1438 
1443 static void
1444 xfrd_tcp_xfr(xfrd_type* xfrd, tcp_set_type* set)
1445 {
1446  tcp_conn_type* tcp = NULL;
1447  zone_type* zone = NULL;
1448 
1449  ods_log_assert(set);
1450  ods_log_assert(xfrd);
1451  zone = (zone_type*) xfrd->zone;
1452  ods_log_assert(zone);
1453  ods_log_assert(zone->name);
1454  ods_log_assert(xfrd->tcp_conn != -1);
1455  ods_log_assert(xfrd->tcp_waiting == 0);
1456  ods_log_assert(xfrd->master);
1457  ods_log_assert(xfrd->master->address);
1458  /* start AXFR or IXFR for the zone */
1459  tcp = set->tcp_conn[xfrd->tcp_conn];
1460 
1461  if (xfrd->msg_do_retransfer || xfrd->serial_xfr_acquired <= 0 ||
1462  xfrd->master->ixfr_disabled) {
1463  ods_log_info("[%s] zone %s request axfr to %s", xfrd_str,
1464  zone->name, xfrd->master->address);
1465  buffer_pkt_query(tcp->packet, zone->apex, LDNS_RR_TYPE_AXFR,
1466  zone->klass);
1467  } else {
1468  ods_log_info("[%s] zone %s request tcp/ixfr=%u to %s", xfrd_str,
1469  zone->name, xfrd->soa.serial, xfrd->master->address);
1470  buffer_pkt_query(tcp->packet, zone->apex, LDNS_RR_TYPE_IXFR,
1471  zone->klass);
1472  buffer_pkt_set_nscount(tcp->packet, 1);
1473  xfrd_write_soa(xfrd, tcp->packet);
1474  }
1475  /* make packet */
1476  xfrd->query_id = buffer_pkt_id(tcp->packet);
1477  xfrd->msg_seq_nr = 0;
1478  xfrd->msg_rr_count = 0;
1479  xfrd->msg_old_serial = 0;
1480  xfrd->msg_new_serial = 0;
1481  xfrd->msg_is_ixfr = 0;
1482  xfrd_tsig_sign(xfrd, tcp->packet);
1483  buffer_flip(tcp->packet);
1484  tcp->msglen = buffer_limit(tcp->packet);
1485  ods_log_verbose("[%s] zone %s sending tcp query id=%d", xfrd_str,
1486  zone->name, xfrd->query_id);
1487  /* wait for select to complete connect before write */
1488 }
1489 
1490 
1495 static void
1496 xfrd_tcp_read(xfrd_type* xfrd, tcp_set_type* set)
1497 {
1498  tcp_conn_type* tcp = NULL;
1499  int ret = 0;
1500 
1501  ods_log_assert(set);
1502  ods_log_assert(xfrd);
1503  ods_log_assert(xfrd->tcp_conn != -1);
1504  tcp = set->tcp_conn[xfrd->tcp_conn];
1505  ret = tcp_conn_read(tcp);
1506  if (ret == -1) {
1507  xfrd_set_timer_now(xfrd);
1508  xfrd_tcp_release(xfrd, set, 1);
1509  return;
1510  }
1511  if (ret == 0) {
1512  return;
1513  }
1514  /* completed msg */
1515  buffer_flip(tcp->packet);
1516  ret = xfrd_handle_packet(xfrd, tcp->packet);
1517  switch (ret) {
1518  case XFRD_PKT_MORE:
1519  tcp_conn_ready(tcp);
1520  break;
1521  case XFRD_PKT_XFR:
1522  case XFRD_PKT_NEWLEASE:
1523  ods_log_verbose("[%s] tcp read %s: release connection", xfrd_str,
1524  XFRD_PKT_XFR?"xfr":"newlease");
1525  xfrd_tcp_release(xfrd, set, 1);
1526  ods_log_assert(xfrd->round_num == -1);
1527  break;
1528  case XFRD_PKT_NOTIMPL:
1529  xfrd->master->ixfr_disabled = time_now();
1530  ods_log_verbose("[%s] disable ixfr requests for %s from now (%lu)",
1531  xfrd_str, xfrd->master->address, (unsigned long)xfrd->master->ixfr_disabled);
1532  /* break; */
1533  case XFRD_PKT_BAD:
1534  default:
1535  ods_log_debug("[%s] tcp read %s: release connection", xfrd_str,
1536  ret==XFRD_PKT_BAD?"bad":"notimpl");
1537  xfrd_tcp_release(xfrd, set, 1);
1538  xfrd_make_request(xfrd);
1539  break;
1540  }
1541 }
1542 
1543 
1549 static void
1550 xfrd_tcp_release(xfrd_type* xfrd, tcp_set_type* set, int open_waiting)
1551 {
1552  xfrhandler_type* xfrhandler;
1553  int conn = 0;
1554  zone_type* zone = NULL;
1555 
1556  ods_log_assert(set);
1557  ods_log_assert(xfrd);
1558  ods_log_assert(xfrd->master);
1559  ods_log_assert(xfrd->master->address);
1560  ods_log_assert(xfrd->tcp_conn != -1);
1561  ods_log_assert(xfrd->tcp_waiting == 0);
1562  zone = (zone_type*) xfrd->zone;
1563  ods_log_debug("[%s] zone %s release tcp connection to %s", xfrd_str,
1564  zone->name, xfrd->master->address);
1565  conn = xfrd->tcp_conn;
1566  xfrd->tcp_conn = -1;
1567  xfrd->tcp_waiting = 0;
1568  xfrd->handler.fd = -1;
1570 
1571  if (set->tcp_conn[conn]->fd != -1) {
1572  close(set->tcp_conn[conn]->fd);
1573  }
1574  set->tcp_conn[conn]->fd = -1;
1575  set->tcp_count --;
1576 
1577  /* see if there are any connections waiting for a slot. Or return. */
1578  if (!open_waiting) return;
1579  xfrhandler = (xfrhandler_type*) xfrd->xfrhandler;
1580  while (xfrhandler->tcp_waiting_first && set->tcp_count < TCPSET_MAX) {
1581  int i;
1582  xfrd_type* waiting_xfrd = xfrhandler->tcp_waiting_first;
1583  xfrhandler->tcp_waiting_first = waiting_xfrd->tcp_waiting_next;
1584  waiting_xfrd->tcp_waiting_next = NULL;
1585 
1586  /* find a free tcp_buffer */
1587  for (i=0; i < TCPSET_MAX; i++) {
1588  if (set->tcp_conn[i]->fd == -1) {
1589  waiting_xfrd->tcp_conn = i;
1590  set->tcp_count++;
1591  break;
1592  }
1593  }
1594  waiting_xfrd->tcp_waiting = 0;
1595  /* stop udp use (if any) */
1596  if (waiting_xfrd->handler.fd != -1) {
1597  xfrd_udp_release(waiting_xfrd);
1598  }
1599  /* if xfrd_tcp_open() fails its slot in set->tcp_conn[]
1600  * is released. Continue to next. We don't put it back in the
1601  * waiting queue, it would keep the signer busy retrying, making
1602  * things only worse. */
1603  if (xfrd_tcp_open(waiting_xfrd, set)) {
1604  xfrd_tcp_xfr(waiting_xfrd, set);
1605  }
1606  }
1607 }
1608 
1609 
1617 static int
1618 xfrd_udp_send(xfrd_type* xfrd, buffer_type* buffer)
1619 {
1620  struct sockaddr_storage to;
1621  socklen_t to_len = 0;
1622  int fd = -1;
1623  int family = PF_INET;
1624  ssize_t nb = -1;
1625  ods_log_assert(buffer);
1626  ods_log_assert(xfrd);
1627  ods_log_assert(xfrd->master);
1628  ods_log_assert(xfrd->master->address);
1629  /* this will set the remote port to acl->port or TCP_PORT */
1630  to_len = xfrd_acl_sockaddr_to(xfrd->master, &to);
1631  /* get the address family of the remote host */
1632  if (xfrd->master->family == AF_INET6) {
1633  family = PF_INET6;
1634  }
1635  /* create socket */
1636  fd = socket(family, SOCK_DGRAM, IPPROTO_UDP);
1637  if (fd == -1) {
1638  ods_log_error("[%s] unable to send data over udp to %s: "
1639  "socket() failed (%s)", xfrd_str, xfrd->master->address,
1640  strerror(errno));
1641  return -1;
1642  }
1643  /* bind it? */
1644 
1645  /* send it (udp) */
1646  ods_log_deeebug("[%s] send %lu bytes over udp to %s", xfrd_str,
1647  (unsigned long)buffer_remaining(buffer), xfrd->master->address);
1648  nb = sendto(fd, buffer_current(buffer), buffer_remaining(buffer), 0,
1649  (struct sockaddr*)&to, to_len);
1650  if (nb == -1) {
1651  ods_log_error("[%s] unable to send data over udp to %s: "
1652  "sendto() failed (%s)", xfrd_str, xfrd->master->address,
1653  strerror(errno));
1654  close(fd);
1655  return -1;
1656  }
1657  return fd;
1658 }
1659 
1660 
1665 static int
1666 xfrd_udp_send_request_ixfr(xfrd_type* xfrd)
1667 {
1668  int fd;
1669  xfrhandler_type* xfrhandler = NULL;
1670  zone_type* zone = NULL;
1671  ods_log_assert(xfrd);
1672  ods_log_assert(xfrd->master);
1673  ods_log_assert(xfrd->master->address);
1674  zone = (zone_type*) xfrd->zone;
1675  ods_log_assert(zone);
1676  ods_log_assert(zone->name);
1677  if (xfrd->tcp_conn != -1) {
1678  /* tcp is using the handler.fd */
1679  ods_log_error("[%s] unable to transfer zone %s: tried to send "
1680  "udp while tcp obtained", xfrd_str, zone->name);
1681  return -1;
1682  }
1683  /* make packet */
1684  xfrhandler = (xfrhandler_type*) xfrd->xfrhandler;
1685  ods_log_assert(xfrhandler);
1686  buffer_pkt_query(xfrhandler->packet, zone->apex, LDNS_RR_TYPE_IXFR,
1687  zone->klass);
1688  xfrd->query_id = buffer_pkt_id(xfrhandler->packet);
1689  xfrd->msg_seq_nr = 0;
1690  xfrd->msg_rr_count = 0;
1691  xfrd->msg_old_serial = 0;
1692  xfrd->msg_new_serial = 0;
1693  xfrd->msg_is_ixfr = 0;
1694  buffer_pkt_set_nscount(xfrhandler->packet, 1);
1695  xfrd_write_soa(xfrd, xfrhandler->packet);
1696  xfrd_tsig_sign(xfrd, xfrhandler->packet);
1697  buffer_flip(xfrhandler->packet);
1698  xfrd_set_timer(xfrd, xfrd_time(xfrd) + XFRD_UDP_TIMEOUT);
1699  ods_log_info("[%s] zone %s request udp/ixfr=%u to %s", xfrd_str,
1700  zone->name, xfrd->soa.serial, xfrd->master->address);
1701  if((fd = xfrd_udp_send(xfrd, xfrhandler->packet)) == -1) {
1702  return -1;
1703  }
1704  return fd;
1705 }
1706 
1711 static void
1712 xfrd_udp_obtain(xfrd_type* xfrd)
1713 {
1714  xfrhandler_type* xfrhandler = NULL;
1715  ods_log_assert(xfrd);
1716  ods_log_assert(xfrd->xfrhandler);
1717  ods_log_assert(xfrd->udp_waiting == 0);
1718  xfrhandler = (void*) xfrd->xfrhandler;
1719  if (xfrd->tcp_conn != -1) {
1720  /* no tcp and udp at the same time */
1721  xfrd_tcp_release(xfrd, xfrhandler->tcp_set, 1);
1722  }
1723  if (xfrhandler->udp_use_num < XFRD_MAX_UDP) {
1724  xfrhandler->udp_use_num++;
1725  xfrd->handler.fd = xfrd_udp_send_request_ixfr(xfrd);
1726  if (xfrd->handler.fd == -1) {
1727  xfrhandler->udp_use_num--;
1728  }
1729  return;
1730  }
1731  /* queue the zone as last */
1732  xfrd->udp_waiting = 1;
1733  xfrd->udp_waiting_next = NULL;
1734  if (!xfrhandler->udp_waiting_first) {
1735  xfrhandler->udp_waiting_first = xfrd;
1736  }
1737  if (xfrhandler->udp_waiting_last) {
1738  xfrhandler->udp_waiting_last->udp_waiting_next = xfrd;
1739  }
1740  xfrhandler->udp_waiting_last = xfrd;
1741  xfrd_unset_timer(xfrd);
1742 }
1743 
1744 
1749 static int
1750 xfrd_udp_read_packet(xfrd_type* xfrd)
1751 {
1752  xfrhandler_type* xfrhandler = NULL;
1753  ssize_t received = 0;
1754  ods_log_assert(xfrd);
1755  xfrhandler = (xfrhandler_type*) xfrd->xfrhandler;
1756  ods_log_assert(xfrhandler);
1757  /* read the data */
1758  buffer_clear(xfrhandler->packet);
1759  received = recvfrom(xfrd->handler.fd, buffer_begin(xfrhandler->packet),
1760  buffer_remaining(xfrhandler->packet), 0, NULL, NULL);
1761  if (received == -1) {
1762  ods_log_error("[%s] unable to read packet: recvfrom() failed fd %d "
1763  "(%s)", xfrd_str, xfrd->handler.fd, strerror(errno));
1764  return 0;
1765  }
1766  buffer_set_limit(xfrhandler->packet, received);
1767  return 1;
1768 }
1769 
1770 
1775 static void
1776 xfrd_udp_read(xfrd_type* xfrd)
1777 {
1778  xfrhandler_type* xfrhandler = NULL;
1779  zone_type* zone = NULL;
1781  ods_log_assert(xfrd);
1782  zone = (zone_type*) xfrd->zone;
1783  ods_log_assert(zone);
1784  ods_log_assert(zone->name);
1785  ods_log_debug("[%s] zone %s read data from udp", xfrd_str,
1786  zone->name);
1787  if (!xfrd_udp_read_packet(xfrd)) {
1788  ods_log_error("[%s] unable to read data from udp zone %s: "
1789  "xfrd_udp_read_packet() failed", xfrd_str, zone->name);
1790  xfrd_udp_release(xfrd);
1791  return;
1792  }
1793  xfrhandler = (xfrhandler_type*) xfrd->xfrhandler;
1794  ods_log_assert(xfrhandler);
1795  res = xfrd_handle_packet(xfrd, xfrhandler->packet);
1796  switch (res) {
1797  case XFRD_PKT_TC:
1798  ods_log_verbose("[%s] truncation from %s",
1799  xfrd_str, xfrd->master->address);
1800  xfrd_udp_release(xfrd);
1801  xfrd_set_timer(xfrd, xfrd_time(xfrd) + XFRD_TCP_TIMEOUT);
1802  xfrd_tcp_obtain(xfrd, xfrhandler->tcp_set);
1803  break;
1804  case XFRD_PKT_XFR:
1805  case XFRD_PKT_NEWLEASE:
1806  ods_log_verbose("[%s] xfr/newlease from %s",
1807  xfrd_str, xfrd->master->address);
1808  /* nothing more to do */
1809  ods_log_assert(xfrd->round_num == -1);
1810  xfrd_udp_release(xfrd);
1811  break;
1812  case XFRD_PKT_NOTIMPL:
1813  xfrd->master->ixfr_disabled = time_now();
1814  ods_log_verbose("[%s] disable ixfr requests for %s from now (%lu)",
1815  xfrd_str, xfrd->master->address, (unsigned long)xfrd->master->ixfr_disabled);
1816  /* break; */
1817  case XFRD_PKT_BAD:
1818  default:
1819  ods_log_debug("[%s] bad ixfr packet from %s",
1820  xfrd_str, xfrd->master->address);
1821  xfrd_udp_release(xfrd);
1822  xfrd_make_request(xfrd);
1823  break;
1824  }
1825 }
1826 
1827 
1832 static void
1833 xfrd_udp_release(xfrd_type* xfrd)
1834 {
1835  xfrhandler_type* xfrhandler = NULL;
1836 
1837  ods_log_assert(xfrd);
1838  ods_log_assert(xfrd->udp_waiting == 0);
1839  if(xfrd->handler.fd != -1)
1840  close(xfrd->handler.fd);
1841  xfrd->handler.fd = -1;
1842  xfrhandler = (xfrhandler_type*) xfrd->xfrhandler;
1843  ods_log_assert(xfrhandler);
1844  /* see if there are waiting zones */
1845  if (xfrhandler->udp_use_num == XFRD_MAX_UDP) {
1846  while (xfrhandler->udp_waiting_first) {
1847  /* snip off waiting list */
1848  xfrd_type* wf = xfrhandler->udp_waiting_first;
1849  ods_log_assert(wf->udp_waiting);
1850  wf->udp_waiting = 0;
1851  xfrhandler->udp_waiting_first = wf->udp_waiting_next;
1852  if (xfrhandler->udp_waiting_last == wf) {
1853  xfrhandler->udp_waiting_last = NULL;
1854  }
1855  /* see if this zone needs udp connection */
1856  if (wf->tcp_conn == -1) {
1857  wf->handler.fd = xfrd_udp_send_request_ixfr(wf);
1858  if (wf->handler.fd != -1) {
1859  return;
1860  }
1861  }
1862  }
1863  }
1864  /* no waiting zones */
1865  if (xfrhandler->udp_use_num > 0) {
1866  xfrhandler->udp_use_num --;
1867  }
1868 }
1869 
1870 
1875 static void
1876 xfrd_make_request(xfrd_type* xfrd)
1877 {
1878  zone_type* zone = NULL;
1879  dnsin_type* dnsin = NULL;
1880  if (!xfrd || !xfrd->xfrhandler) {
1881  return;
1882  }
1883  zone = (zone_type*) xfrd->zone;
1884  ods_log_assert(zone);
1885  ods_log_assert(zone->name);
1886  ods_log_assert(zone->adinbound);
1887  ods_log_assert(zone->adinbound->type == ADAPTER_DNS);
1888  ods_log_assert(zone->adinbound->config);
1889 
1890  dnsin = (dnsin_type*) zone->adinbound->config;
1891  if (xfrd->next_master != -1) {
1892  /* we are told to use this next master */
1893  xfrd->master_num = xfrd->next_master;
1894  xfrd->master = NULL; /* acl_find_num(...) */
1895  /* if there is no next master, fallback to use the first one */
1896  if (!xfrd->master) {
1897  xfrd->master = dnsin->request_xfr;
1898  xfrd->master_num = 0;
1899  }
1900  /* fallback to cycle master */
1901  xfrd->next_master = -1;
1902  xfrd->round_num = 0; /* fresh set of retries after notify */
1903  } else {
1904  /* cycle master */
1905  if (xfrd->round_num != -1 && xfrd->master &&
1906  xfrd->master->next) {
1907  /* try the next master */
1908  xfrd->master = xfrd->master->next;
1909  xfrd->master_num++;
1910  } else {
1911  /* start a new round */
1912  xfrd->master = dnsin->request_xfr;
1913  xfrd->master_num = 0;
1914  xfrd->round_num++;
1915  }
1916  if (xfrd->round_num >= XFRD_MAX_ROUNDS) {
1917  /* tried all servers that many times, wait */
1918  xfrd->round_num = -1;
1919  xfrd_set_timer_retry(xfrd);
1920  ods_log_verbose("[%s] zone %s make request wait retry",
1921  xfrd_str, zone->name);
1922  return;
1923  }
1924  }
1925  if (!xfrd->master) {
1926  ods_log_debug("[%s] unable to make request for zone %s: no master",
1927  xfrd_str, zone->name);
1928  xfrd->round_num = -1;
1929  xfrd_set_timer_retry(xfrd);
1930  return;
1931  }
1932  /* cache ixfr_disabled only for XFRD_NO_IXFR_CACHE time */
1933  if (xfrd->master->ixfr_disabled &&
1935  xfrd_time(xfrd)) {
1936  ods_log_verbose("[%s] clear negative caching ixfr disabled for "
1937  "master %s", xfrd_str, xfrd->master->address);
1938  ods_log_debug("[%s] clear negative caching calc: %lu + %lu <= %lu",
1939  xfrd_str, (unsigned long) xfrd->master->ixfr_disabled, (unsigned long)XFRD_NO_IXFR_CACHE,
1940  (unsigned long) xfrd_time(xfrd));
1941  xfrd->master->ixfr_disabled = 0;
1942  }
1943  /* perform xfr request */
1944  if (xfrd->serial_xfr_acquired && !xfrd->master->ixfr_disabled &&
1945  !xfrd->serial_retransfer) {
1946  xfrd_set_timer(xfrd, xfrd_time(xfrd) + XFRD_UDP_TIMEOUT);
1947 
1948  ods_log_verbose("[%s] zone %s make request [udp round %d master %s:%u]",
1949  xfrd_str, zone->name, xfrd->round_num, xfrd->master->address,
1950  xfrd->master->port);
1951  xfrd_udp_obtain(xfrd);
1952  } else if (!xfrd->serial_xfr_acquired || xfrd->master->ixfr_disabled ||
1953  xfrd->serial_retransfer) {
1954  xfrhandler_type* xfrhandler = (xfrhandler_type*) xfrd->xfrhandler;
1955  ods_log_assert(xfrhandler);
1956  if (xfrd->serial_retransfer) {
1957  xfrd->msg_do_retransfer = 1;
1958  xfrd->serial_retransfer = 0;
1959  }
1960  xfrd_set_timer(xfrd, xfrd_time(xfrd) + XFRD_TCP_TIMEOUT);
1961 
1962  ods_log_verbose("[%s] zone %s make request [tcp round %d master %s:%u]",
1963  xfrd_str, zone->name, xfrd->round_num, xfrd->master->address,
1964  xfrd->master->port);
1965  xfrd_tcp_obtain(xfrd, xfrhandler->tcp_set);
1966  }
1967 }
1968 
1969 
1974 static void
1975 xfrd_handle_zone(netio_type* ATTR_UNUSED(netio),
1976  netio_handler_type* handler, netio_events_type event_types)
1977 {
1978  xfrd_type* xfrd = NULL;
1979  zone_type* zone = NULL;
1980 
1981  if (!handler) {
1982  return;
1983  }
1984  xfrd = (xfrd_type*) handler->user_data;
1985  ods_log_assert(xfrd);
1986  zone = (zone_type*) xfrd->zone;
1987  ods_log_assert(zone);
1988  ods_log_assert(zone->name);
1989 
1990  if (xfrd->tcp_conn != -1) {
1991  /* busy in tcp transaction */
1992  xfrhandler_type* xfrhandler = (xfrhandler_type*) xfrd->xfrhandler;
1993  ods_log_assert(xfrhandler);
1994  if (event_types & NETIO_EVENT_READ) {
1995  ods_log_deeebug("[%s] zone %s event tcp read", xfrd_str, zone->name);
1996  xfrd_set_timer(xfrd, xfrd_time(xfrd) + XFRD_TCP_TIMEOUT);
1997  xfrd_tcp_read(xfrd, xfrhandler->tcp_set);
1998  return;
1999  } else if (event_types & NETIO_EVENT_WRITE) {
2000  ods_log_deeebug("[%s] zone %s event tcp write", xfrd_str,
2001  zone->name);
2002  xfrd_set_timer(xfrd, xfrd_time(xfrd) + XFRD_TCP_TIMEOUT);
2003  xfrd_tcp_write(xfrd, xfrhandler->tcp_set);
2004  return;
2005  } else if (event_types & NETIO_EVENT_TIMEOUT) {
2006  /* tcp connection timed out. Stop it. */
2007  ods_log_deeebug("[%s] zone %s event tcp timeout", xfrd_str,
2008  zone->name);
2009  xfrd_tcp_release(xfrd, xfrhandler->tcp_set, 1);
2010  /* continue to retry; as if a timeout happened */
2011  event_types = NETIO_EVENT_TIMEOUT;
2012  }
2013  }
2014 
2015  if (event_types & NETIO_EVENT_READ) {
2016  /* busy in udp transaction */
2017  ods_log_deeebug("[%s] zone %s event udp read", xfrd_str,
2018  zone->name);
2019  xfrd_set_timer_now(xfrd);
2020  xfrd_udp_read(xfrd);
2021  return;
2022  }
2023 
2024  /* timeout */
2025  ods_log_deeebug("[%s] zone %s timeout", xfrd_str, zone->name);
2026  if (handler->fd != -1) {
2027  ods_log_assert(xfrd->tcp_conn == -1);
2028  xfrd_udp_release(xfrd);
2029  }
2030  if (xfrd->tcp_waiting) {
2031  ods_log_deeebug("[%s] zone %s skips retry: tcp connections full",
2032  xfrd_str, zone->name);
2033  xfrd_unset_timer(xfrd);
2034  return;
2035  }
2036  if (xfrd->udp_waiting) {
2037  ods_log_deeebug("[%s] zone %s skips retry: udp connections full",
2038  xfrd_str, zone->name);
2039  xfrd_unset_timer(xfrd);
2040  return;
2041  }
2042  /* make a new request */
2043  xfrd_make_request(xfrd);
2044 }
2045 
2046 
2051 static void
2052 xfrd_backup_dname(FILE* out, uint8_t* dname)
2053 {
2054  uint8_t* d= dname+1;
2055  uint8_t len = *d++;
2056  uint8_t i;
2057  if (dname[0]<=1) {
2058  fprintf(out, ".");
2059  return;
2060  }
2061  while (len) {
2062  ods_log_assert(d - (dname+1) <= dname[0]);
2063  for (i=0; i<len; i++) {
2064  uint8_t ch = *d++;
2065  if (isalnum(ch) || ch == '-' || ch == '_') {
2066  fprintf(out, "%c", ch);
2067  } else if (ch == '.' || ch == '\\') {
2068  fprintf(out, "\\%c", ch);
2069  } else {
2070  fprintf(out, "\\%03u", (unsigned int)ch);
2071  }
2072  }
2073  fprintf(out, ".");
2074  len = *d++;
2075  }
2076  return;
2077 }
2078 
2079 
2084 static void
2085 xfrd_backup(xfrd_type* xfrd)
2086 {
2087  zone_type* zone = (zone_type*) xfrd->zone;
2088  char* file = NULL;
2089  int timeout = 0;
2090  FILE* fd = NULL;
2091  if (zone && zone->name) {
2092  file = ods_build_path(zone->name, ".xfrd-state", 0, 1);
2093  if (file) {
2094  fd = ods_fopen(file, NULL, "w");
2095  if (fd) {
2096  if (xfrd->handler.timeout) {
2097  timeout = xfrd->timeout.tv_sec;
2098  }
2099  fprintf(fd, "%s\n", ODS_SE_FILE_MAGIC_V3);
2100  fprintf(fd, ";;Zone: name %s ttl %u mname ",
2101  zone->name,
2102  (unsigned) xfrd->soa.ttl);
2103  xfrd_backup_dname(fd, xfrd->soa.mname),
2104  fprintf(fd, " rname ");
2105  xfrd_backup_dname(fd, xfrd->soa.rname),
2106  fprintf(fd, " serial %u refresh %u retry %u expire %u "
2107  "minimum %u\n",
2108  (unsigned) xfrd->soa.serial,
2109  (unsigned) xfrd->soa.refresh,
2110  (unsigned) xfrd->soa.retry,
2111  (unsigned) xfrd->soa.expire,
2112  (unsigned) xfrd->soa.minimum);
2113  fprintf(fd, ";;Master: num %d next %d round %d timeout %d\n",
2114  xfrd->master_num,
2115  xfrd->next_master,
2116  xfrd->round_num,
2117  timeout);
2118  fprintf(fd, ";;Serial: xfr %u %u notify %u %u disk %u %u\n",
2119  (unsigned) xfrd->serial_xfr,
2120  (unsigned) xfrd->serial_xfr_acquired,
2121  (unsigned) xfrd->serial_notify,
2122  (unsigned) xfrd->serial_notify_acquired,
2123  (unsigned) xfrd->serial_disk,
2124  (unsigned) xfrd->serial_disk_acquired);
2125  fprintf(fd, "%s\n", ODS_SE_FILE_MAGIC_V3);
2126  ods_fclose(fd);
2127  }
2128  free(file);
2129  }
2130  }
2131 }
2132 
2133 
2138 static void
2139 xfrd_unlink(xfrd_type* xfrd)
2140 {
2141  zone_type* zone = (zone_type*) xfrd->zone;
2142  char* file = NULL;
2143  if (zone && zone->name) {
2144  ods_log_info("[%s] unlink zone %s xfrd state", xfrd_str, zone->name);
2145  file = ods_build_path(zone->name, ".xfrd-state", 0, 1);
2146  if (file) {
2147  (void)unlink(file);
2148  free(file);
2149  }
2150  }
2151 }
2152 
2153 
2158 void
2159 xfrd_cleanup(xfrd_type* xfrd, int backup)
2160 {
2161  if (!xfrd) {
2162  return;
2163  }
2164  /* backup */
2165  if (backup) {
2166  xfrd_backup(xfrd);
2167  } else {
2168  xfrd_unlink(xfrd);
2169  }
2170 
2171  tsig_rr_cleanup(xfrd->tsig_rr);
2172  lock_basic_destroy(&xfrd->serial_lock);
2173  lock_basic_destroy(&xfrd->rw_lock);
2174  free(xfrd);
2175 }
#define XFRD_TSIG_MAX_UNSIGNED
Definition: xfrd.c:49
int backup_read_str(FILE *in, const char **str)
Definition: backup.c:105
tsig_algo_type * algo
Definition: tsig.h:129
int next_master
Definition: xfrd.h:104
void tsig_rr_update(tsig_rr_type *trr, buffer_type *buffer, size_t length)
Definition: tsig.c:557
#define PF_INET6
Definition: netio.h:61
tsig_status status
Definition: tsig.h:124
void engine_wakeup_workers(engine_type *engine)
Definition: engine.c:427
#define XFRD_MAX_ROUNDS
Definition: xfrd.h:65
xfrd_type * udp_waiting_first
Definition: xfrhandler.h:64
xfrd_type * udp_waiting_last
Definition: xfrhandler.h:65
#define DNS_PORT_STRING
Definition: listener.h:51
zone_type * zone
Definition: xfrd.h:96
void * config
Definition: adapter.h:61
#define XFRD_UDP_TIMEOUT
Definition: xfrd.h:69
xfrd_type * tcp_waiting_next
Definition: xfrd.h:136
void xfrd_set_timer_refresh(xfrd_type *xfrd)
Definition: xfrd.c:490
uint16_t buffer_pkt_arcount(buffer_type *buffer)
Definition: buffer.c:1066
xfrd_type * tcp_waiting_first
Definition: xfrhandler.h:63
#define XFRD_TCP_TIMEOUT
Definition: xfrd.h:68
#define BUFFER_PKT_HEADER_SIZE
Definition: buffer.h:43
uint16_t error_code
Definition: tsig.h:142
const char * tsig_strerror(uint16_t error)
Definition: tsig.c:776
time_t serial_xfr_acquired
Definition: xfrd.h:114
uint32_t serial_notify
Definition: xfrd.h:111
uint16_t buffer_pkt_qdcount(buffer_type *buffer)
Definition: buffer.c:994
buffer_type * packet
Definition: xfrhandler.h:62
void buffer_skip(buffer_type *buffer, ssize_t count)
Definition: buffer.c:150
size_t msg_rr_count
Definition: xfrd.h:131
uint16_t buffer_read_u16(buffer_type *buffer)
Definition: buffer.c:721
int buffer_skip_rr(buffer_type *buffer, unsigned qrr)
Definition: buffer.c:342
unsigned have_serial
Definition: namedb.h:61
void buffer_flip(buffer_type *buffer)
Definition: buffer.c:112
engine_type * engine
Definition: xfrhandler.h:55
#define XFRD_NO_IXFR_CACHE
Definition: xfrd.h:67
void buffer_clear(buffer_type *buffer)
Definition: buffer.c:99
int round_num
Definition: xfrd.h:102
time_t serial_notify_acquired
Definition: xfrd.h:117
int backup_read_time_t(FILE *in, time_t *v)
Definition: backup.c:122
uint8_t mname[MAXDOMAINLEN+2]
Definition: xfrd.h:80
enum netio_events_enum netio_events_type
Definition: netio.h:76
lock_basic_type zone_lock
Definition: zone.h:86
socklen_t xfrd_acl_sockaddr_to(acl_type *acl, struct sockaddr_storage *to)
Definition: xfrd.c:537
time_t ixfr_disabled
Definition: acl.h:71
tsig_algo_type * tsig_lookup_algo(const char *name)
Definition: tsig.c:256
acl_type * next
Definition: acl.h:59
adapter_mode type
Definition: adapter.h:58
int tcp_conn_write(tcp_conn_type *tcp)
Definition: tcpset.c:177
int family
Definition: acl.h:63
union acl_addr_storage addr
Definition: acl.h:64
ldns_rdf * wf_name
Definition: tsig.h:91
int backup_read_int(FILE *in, int *v)
Definition: backup.c:177
buffer_type * packet
Definition: tcpset.h:58
void tsig_rr_reset(tsig_rr_type *trr, tsig_algo_type *algo, tsig_key_type *key)
Definition: tsig.c:291
void tsig_rr_append(tsig_rr_type *trr, buffer_type *buffer)
Definition: tsig.c:670
#define MAXLABELLEN
Definition: buffer.h:45
xfrd_type * xfrd_create(xfrhandler_type *xfrhandler, zone_type *zone)
Definition: xfrd.c:315
uint32_t msg_seq_nr
Definition: xfrd.h:128
uint32_t retry
Definition: xfrd.h:84
size_t update_since_last_prepare
Definition: tsig.h:127
void buffer_write(buffer_type *buffer, const void *data, size_t count)
Definition: buffer.c:538
uint16_t buffer_pkt_id(buffer_type *buffer)
Definition: buffer.c:751
lock_basic_type serial_lock
Definition: xfrd.h:97
xfrhandler_type * xfrhandler
Definition: xfrd.h:95
uint8_t * buffer_current(buffer_type *buffer)
Definition: buffer.c:438
#define XFRD_MAX_UDP
Definition: xfrd.h:66
uint32_t ttl
Definition: xfrd.h:78
const char * algorithm
Definition: tsig.h:113
void * user_data
Definition: netio.h:119
unsigned tcp_waiting
Definition: xfrd.h:138
uint16_t buffer_pkt_ancount(buffer_type *buffer)
Definition: buffer.c:1018
size_t buffer_limit(buffer_type *buffer)
Definition: buffer.c:373
xfrd_type * udp_waiting_next
Definition: xfrd.h:137
tsig_rr_type * tsig_rr_create()
Definition: tsig.c:273
void tsig_rr_prepare(tsig_rr_type *trr)
Definition: tsig.c:535
tsig_key_type * key
Definition: tsig.h:115
time_t xfrhandler_time(xfrhandler_type *xfrhandler)
Definition: xfrhandler.c:140
uint32_t refresh
Definition: xfrd.h:83
namedb_type * db
Definition: zone.h:77
size_t udp_use_num
Definition: xfrhandler.h:66
void buffer_pkt_set_nscount(buffer_type *buffer, uint16_t count)
Definition: buffer.c:1054
ldns_rdf * key_name
Definition: tsig.h:134
void buffer_set_limit(buffer_type *buffer, size_t limit)
Definition: buffer.c:385
Definition: task.h:41
uint32_t msg_new_serial
Definition: xfrd.h:130
unsigned is_initialized
Definition: namedb.h:57
acl_type * master
Definition: xfrd.h:105
netio_event_handler_type event_handler
Definition: netio.h:131
tcp_set_type * tcp_set
Definition: xfrhandler.h:61
Definition: tsig.h:57
void tsig_rr_cleanup(tsig_rr_type *trr)
Definition: tsig.c:830
adapter_type * adinbound
Definition: zone.h:72
void xfrd_set_timer_retry(xfrd_type *xfrd)
Definition: xfrd.c:472
int buffer_skip_dname(buffer_type *buffer)
Definition: buffer.c:310
void log_dname(ldns_rdf *rdf, const char *pre, int level)
Definition: domain.c:48
int tcp_conn
Definition: xfrd.h:101
uint16_t msglen
Definition: tcpset.h:56
uint32_t buffer_read_u32(buffer_type *buffer)
Definition: buffer.c:736
void xfrd_cleanup(xfrd_type *xfrd, int backup)
Definition: xfrd.c:2159
uint32_t minimum
Definition: xfrd.h:86
tsig_rr_type * tsig_rr
Definition: xfrd.h:134
tsig_key_type * key
Definition: tsig.h:130
void buffer_pkt_query(buffer_type *buffer, ldns_rdf *qname, ldns_rr_type qtype, ldns_rr_class qclass)
Definition: buffer.c:1120
int tsig_rr_verify(tsig_rr_type *trr)
Definition: tsig.c:648
void buffer_write_u16(buffer_type *buffer, uint16_t data)
Definition: buffer.c:565
size_t buffer_read_dname(buffer_type *buffer, uint8_t *dname, unsigned allow_pointers)
Definition: buffer.c:246
ldns_rdf * dname
Definition: tsig.h:79
acl_type * request_xfr
Definition: addns.h:50
char * address
Definition: acl.h:61
void buffer_write_u32(buffer_type *buffer, uint32_t data)
Definition: buffer.c:578
ods_status zone_reschedule_task(zone_type *zone, schedule_type *taskq, task_id what)
Definition: zone.c:186
uint32_t expire
Definition: xfrd.h:85
uint8_t rname[MAXDOMAINLEN+2]
Definition: xfrd.h:81
uint32_t total_bytes
Definition: tcpset.h:54
uint32_t msg_old_serial
Definition: xfrd.h:129
struct timespec timeout
Definition: xfrd.h:123
unsigned is_reading
Definition: tcpset.h:60
int tcp_conn_read(tcp_conn_type *tcp)
Definition: tcpset.c:103
ldns_rr_class klass
Definition: zone.h:60
size_t position
Definition: tsig.h:125
void buffer_write_u16_at(buffer_type *buffer, size_t at, uint16_t data)
Definition: buffer.c:512
void buffer_set_position(buffer_type *buffer, size_t pos)
Definition: buffer.c:137
int tsig_rr_find(tsig_rr_type *trr, buffer_type *buffer)
Definition: tsig.c:434
void xfrd_set_timer_now(xfrd_type *xfrd)
Definition: xfrd.c:454
netio_events_type event_types
Definition: netio.h:124
uint8_t msg_is_ixfr
Definition: xfrd.h:132
int buffer_available(buffer_type *buffer, size_t count)
Definition: buffer.c:487
#define MAXDOMAINLEN
Definition: buffer.h:44
const char * name
Definition: zone.h:67
#define PF_INET
Definition: netio.h:58
uint8_t serial_retransfer
Definition: xfrd.h:119
int backup_read_check_str(FILE *in, const char *str)
Definition: backup.c:77
size_t buffer_remaining(buffer_type *buffer)
Definition: buffer.c:463
uint32_t serial_xfr
Definition: xfrd.h:108
uint16_t query_id
Definition: xfrd.h:127
void buffer_write_rdf(buffer_type *buffer, ldns_rdf *rdf)
Definition: buffer.c:591
int master_num
Definition: xfrd.h:103
void tsig_rr_sign(tsig_rr_type *trr)
Definition: tsig.c:627
#define TCPSET_MAX
Definition: tcpset.h:45
lock_basic_type rw_lock
Definition: xfrd.h:98
unsigned int port
Definition: acl.h:62
void tcp_conn_ready(tcp_conn_type *tcp)
Definition: tcpset.c:89
unsigned udp_waiting
Definition: xfrd.h:139
size_t buffer_position(buffer_type *buffer)
Definition: buffer.c:125
ldns_rdf * algo_name
Definition: tsig.h:135
uint32_t serial
Definition: xfrd.h:82
void buffer_pkt_set_arcount(buffer_type *buffer, uint16_t count)
Definition: buffer.c:1078
struct in_addr addr
Definition: listener.h:60
struct timespec * timeout
Definition: netio.h:115
netio_handler_type handler
Definition: xfrd.h:124
soa_type soa
Definition: xfrd.h:120
uint16_t original_query_id
Definition: tsig.h:141
tsig_type * tsig
Definition: acl.h:69
enum xfrd_pkt_enum xfrd_pkt_status
Definition: xfrd.h:51
ldns_rdf * apex
Definition: zone.h:59
time_t serial_disk_acquired
Definition: xfrd.h:118
struct in6_addr addr6
Definition: listener.h:61
uint8_t * buffer_begin(buffer_type *buffer)
Definition: buffer.c:426
uint32_t serial_disk
Definition: xfrd.h:113
ldns_pkt_rcode buffer_pkt_rcode(buffer_type *buffer)
Definition: buffer.c:954
int backup_read_uint32_t(FILE *in, uint32_t *v)
Definition: backup.c:211
int buffer_pkt_tc(buffer_type *buffer)
Definition: buffer.c:894
uint8_t msg_do_retransfer
Definition: xfrd.h:133
Definition: acl.h:58