Lines Matching defs:ssl
214 if(p->ssl)
215 SSL_free(p->ssl);
467 n->ssl = SSL_new(rc->ctx);
468 if(!n->ssl) {
474 SSL_set_accept_state(n->ssl);
475 (void)SSL_set_mode(n->ssl, (long)SSL_MODE_AUTO_RETRY);
476 if(!SSL_set_fd(n->ssl, newfd)) {
478 SSL_free(n->ssl);
484 n->ssl = NULL;
517 if(s->ssl) {
518 SSL_shutdown(s->ssl);
519 SSL_free(s->ssl);
531 if(res->ssl) {
533 if((r=SSL_write(res->ssl, text, (int)strlen(text))) <= 0) {
535 if((r2=SSL_get_error(res->ssl, r)) == SSL_ERROR_ZERO_RETURN) {
560 /** print text over the ssl connection */
562 ssl_print_vmsg(RES* ssl, const char* format, va_list args)
566 return ssl_print_text(ssl, msg);
569 /** printf style printing to the ssl connection */
570 int ssl_printf(RES* ssl, const char* format, ...)
575 ret = ssl_print_vmsg(ssl, format, args);
588 if(res->ssl) {
590 if((r=SSL_read(res->ssl, buf+len, 1)) <= 0) {
592 if((r2=SSL_get_error(res->ssl, r)) == SSL_ERROR_ZERO_RETURN) {
639 static void send_ok(RES* ssl)
641 (void)ssl_printf(ssl, "ok\n");
646 distribute_cmd(struct daemon_remote* rc, RES* ssl, char* cmd)
649 if(!cmd || !ssl)
657 (void)ssl_printf(ssl, "error could not distribute cmd\n");
665 do_stop(RES* ssl, struct worker* worker)
669 send_ok(ssl);
674 do_reload(RES* ssl, struct worker* worker, int reuse_cache)
679 send_ok(ssl);
684 do_verbosity(RES* ssl, char* str)
688 ssl_printf(ssl, "error in verbosity number syntax: %s\n", str);
692 send_ok(ssl);
697 print_stats(RES* ssl, const char* nm, struct ub_stats_info* s)
700 if(!ssl_printf(ssl, "%s.num.queries"SQ"%lu\n", nm,
702 if(!ssl_printf(ssl, "%s.num.queries_ip_ratelimited"SQ"%lu\n", nm,
704 if(!ssl_printf(ssl, "%s.num.queries_cookie_valid"SQ"%lu\n", nm,
706 if(!ssl_printf(ssl, "%s.num.queries_cookie_client"SQ"%lu\n", nm,
708 if(!ssl_printf(ssl, "%s.num.queries_cookie_invalid"SQ"%lu\n", nm,
710 if(!ssl_printf(ssl, "%s.num.cachehits"SQ"%lu\n", nm,
713 if(!ssl_printf(ssl, "%s.num.cachemiss"SQ"%lu\n", nm,
715 if(!ssl_printf(ssl, "%s.num.prefetch"SQ"%lu\n", nm,
717 if(!ssl_printf(ssl, "%s.num.queries_timed_out"SQ"%lu\n", nm,
719 if(!ssl_printf(ssl, "%s.query.queue_time_us.max"SQ"%lu\n", nm,
721 if(!ssl_printf(ssl, "%s.num.expired"SQ"%lu\n", nm,
723 if(!ssl_printf(ssl, "%s.num.recursivereplies"SQ"%lu\n", nm,
726 if(!ssl_printf(ssl, "%s.num.dnscrypt.crypted"SQ"%lu\n", nm,
728 if(!ssl_printf(ssl, "%s.num.dnscrypt.cert"SQ"%lu\n", nm,
730 if(!ssl_printf(ssl, "%s.num.dnscrypt.cleartext"SQ"%lu\n", nm,
732 if(!ssl_printf(ssl, "%s.num.dnscrypt.malformed"SQ"%lu\n", nm,
735 if(!ssl_printf(ssl, "%s.requestlist.avg"SQ"%g\n", nm,
740 if(!ssl_printf(ssl, "%s.requestlist.max"SQ"%lu\n", nm,
742 if(!ssl_printf(ssl, "%s.requestlist.overwritten"SQ"%lu\n", nm,
744 if(!ssl_printf(ssl, "%s.requestlist.exceeded"SQ"%lu\n", nm,
746 if(!ssl_printf(ssl, "%s.requestlist.current.all"SQ"%lu\n", nm,
748 if(!ssl_printf(ssl, "%s.requestlist.current.user"SQ"%lu\n", nm,
755 if(!ssl_printf(ssl, "%s.recursion.time.avg"SQ ARG_LL "d.%6.6d\n", nm,
757 if(!ssl_printf(ssl, "%s.recursion.time.median"SQ"%g\n", nm,
759 if(!ssl_printf(ssl, "%s.tcpusage"SQ"%lu\n", nm,
766 print_thread_stats(RES* ssl, int i, struct ub_stats_info* s)
771 return print_stats(ssl, nm, s);
776 print_longnum(RES* ssl, const char* desc, size_t x)
782 return ssl_printf(ssl, "%s%u%6.6u\n", desc,
785 return ssl_printf(ssl, "%s%lu\n", desc, (unsigned long)x);
791 print_mem(RES* ssl, struct worker* worker, struct daemon* daemon,
830 if(!print_longnum(ssl, "mem.cache.rrset"SQ, rrset))
832 if(!print_longnum(ssl, "mem.cache.message"SQ, msg))
834 if(!print_longnum(ssl, "mem.mod.iterator"SQ, iter))
836 if(!print_longnum(ssl, "mem.mod.validator"SQ, val))
838 if(!print_longnum(ssl, "mem.mod.respip"SQ, respip))
841 if(!print_longnum(ssl, "mem.mod.subnet"SQ, subnet))
845 if(!print_longnum(ssl, "mem.mod.ipsecmod"SQ, ipsecmod))
849 if(!print_longnum(ssl, "mem.cache.dnscrypt_shared_secret"SQ,
852 if(!print_longnum(ssl, "mem.cache.dnscrypt_nonce"SQ,
857 if(!print_longnum(ssl, "mem.mod.dynlibmod"SQ, dynlib))
860 if(!print_longnum(ssl, "mem.streamwait"SQ,
863 if(!print_longnum(ssl, "mem.http.query_buffer"SQ,
866 if(!print_longnum(ssl, "mem.http.response_buffer"SQ,
870 if(!print_longnum(ssl, "mem.quic"SQ, (size_t)s->svr.mem_quic))
878 print_uptime(RES* ssl, struct worker* worker, int reset)
886 if(!ssl_printf(ssl, "time.now"SQ ARG_LL "d.%6.6d\n",
888 if(!ssl_printf(ssl, "time.up"SQ ARG_LL "d.%6.6d\n",
890 if(!ssl_printf(ssl, "time.elapsed"SQ ARG_LL "d.%6.6d\n",
897 print_hist(RES* ssl, struct ub_stats_info* s)
908 if(!ssl_printf(ssl,
925 print_ext(RES* ssl, struct ub_stats_info* s, int inhibit_zero)
951 if(!ssl_printf(ssl, "num.query.type.%s"SQ"%lu\n",
955 if(!ssl_printf(ssl, "num.query.type.other"SQ"%lu\n",
968 if(!ssl_printf(ssl, "num.query.class.%s"SQ"%lu\n",
972 if(!ssl_printf(ssl, "num.query.class.other"SQ"%lu\n",
985 if(!ssl_printf(ssl, "num.query.opcode.%s"SQ"%lu\n",
989 if(!ssl_printf(ssl, "num.query.tcp"SQ"%lu\n",
991 if(!ssl_printf(ssl, "num.query.tcpout"SQ"%lu\n",
993 if(!ssl_printf(ssl, "num.query.udpout"SQ"%lu\n",
995 if(!ssl_printf(ssl, "num.query.tls"SQ"%lu\n",
997 if(!ssl_printf(ssl, "num.query.tls.resume"SQ"%lu\n",
999 if(!ssl_printf(ssl, "num.query.ipv6"SQ"%lu\n",
1001 if(!ssl_printf(ssl, "num.query.https"SQ"%lu\n",
1004 if(!ssl_printf(ssl, "num.query.quic"SQ"%lu\n",
1008 if(!ssl_printf(ssl, "num.query.flags.QR"SQ"%lu\n",
1010 if(!ssl_printf(ssl, "num.query.flags.AA"SQ"%lu\n",
1012 if(!ssl_printf(ssl, "num.query.flags.TC"SQ"%lu\n",
1014 if(!ssl_printf(ssl, "num.query.flags.RD"SQ"%lu\n",
1016 if(!ssl_printf(ssl, "num.query.flags.RA"SQ"%lu\n",
1018 if(!ssl_printf(ssl, "num.query.flags.Z"SQ"%lu\n",
1020 if(!ssl_printf(ssl, "num.query.flags.AD"SQ"%lu\n",
1022 if(!ssl_printf(ssl, "num.query.flags.CD"SQ"%lu\n",
1024 if(!ssl_printf(ssl, "num.query.edns.present"SQ"%lu\n",
1026 if(!ssl_printf(ssl, "num.query.edns.DO"SQ"%lu\n",
1040 if(!ssl_printf(ssl, "num.answer.rcode.%s"SQ"%lu\n",
1044 if(!ssl_printf(ssl, "num.answer.rcode.nodata"SQ"%lu\n",
1048 if(!ssl_printf(ssl, "num.query.ratelimited"SQ"%lu\n",
1051 if(!ssl_printf(ssl, "num.answer.secure"SQ"%lu\n",
1053 if(!ssl_printf(ssl, "num.answer.bogus"SQ"%lu\n",
1055 if(!ssl_printf(ssl, "num.rrset.bogus"SQ"%lu\n",
1057 if(!ssl_printf(ssl, "num.query.aggressive.NOERROR"SQ"%lu\n",
1059 if(!ssl_printf(ssl, "num.query.aggressive.NXDOMAIN"SQ"%lu\n",
1062 if(!ssl_printf(ssl, "unwanted.queries"SQ"%lu\n",
1064 if(!ssl_printf(ssl, "unwanted.replies"SQ"%lu\n",
1067 if(!ssl_printf(ssl, "msg.cache.count"SQ"%u\n",
1069 if(!ssl_printf(ssl, "rrset.cache.count"SQ"%u\n",
1071 if(!ssl_printf(ssl, "infra.cache.count"SQ"%u\n",
1073 if(!ssl_printf(ssl, "key.cache.count"SQ"%u\n",
1076 if(!ssl_printf(ssl, "msg.cache.max_collisions"SQ"%u\n",
1078 if(!ssl_printf(ssl, "rrset.cache.max_collisions"SQ"%u\n",
1086 if(!ssl_printf(ssl, "num.rpz.action.%s"SQ"%lu\n",
1091 if(!ssl_printf(ssl, "dnscrypt_shared_secret.cache.count"SQ"%u\n",
1093 if(!ssl_printf(ssl, "dnscrypt_nonce.cache.count"SQ"%u\n",
1095 if(!ssl_printf(ssl, "num.query.dnscrypt.shared_secret.cachemiss"SQ"%lu\n",
1097 if(!ssl_printf(ssl, "num.query.dnscrypt.replay"SQ"%lu\n",
1100 if(!ssl_printf(ssl, "num.query.authzone.up"SQ"%lu\n",
1102 if(!ssl_printf(ssl, "num.query.authzone.down"SQ"%lu\n",
1105 if(!ssl_printf(ssl, "num.query.subnet"SQ"%lu\n",
1107 if(!ssl_printf(ssl, "num.query.subnet_cache"SQ"%lu\n",
1111 if(!ssl_printf(ssl, "num.query.cachedb"SQ"%lu\n",
1119 do_stats(RES* ssl, struct worker* worker, int reset)
1130 if(!print_thread_stats(ssl, i, &s))
1138 if(!print_stats(ssl, "total", &total))
1140 if(!print_uptime(ssl, worker, reset))
1143 if(!print_mem(ssl, worker, daemon, &total))
1145 if(!print_hist(ssl, &total))
1147 if(!print_ext(ssl, &total, daemon->cfg->stat_inhibit_zero))
1154 parse_arg_name(RES* ssl, char* str, uint8_t** res, size_t* len, int* labs)
1163 ssl_printf(ssl, "error: this option requires a domain name\n");
1168 ssl_printf(ssl, "error cannot parse name %s at %d: %s\n", str,
1175 ssl_printf(ssl, "error out of memory\n");
1184 find_arg2(RES* ssl, char* arg, char** arg2)
1200 ssl_printf(ssl, "error could not find next argument "
1209 perform_zone_add(RES* ssl, struct local_zones* zones, char* arg)
1217 if(!find_arg2(ssl, arg, &arg2))
1219 if(!parse_arg_name(ssl, arg, &nm, &nmlen, &nmlabs))
1222 ssl_printf(ssl, "error not a zone type. %s\n", arg2);
1240 ssl_printf(ssl, "error out of memory\n");
1249 do_zone_add(RES* ssl, struct local_zones* zones, char* arg)
1251 if(!perform_zone_add(ssl, zones, arg))
1253 send_ok(ssl);
1258 do_zones_add(struct daemon_remote* rc, RES* ssl, struct worker* worker)
1263 while(ssl_read_line(ssl, buf+cmd_len, MAX_STDIN_STRLINE)) {
1269 if(rc) distribute_cmd(rc, ssl, buf);
1273 if(!perform_zone_add(ssl, worker->daemon->local_zones,
1275 if(!ssl_printf(ssl, "error for input line: %s\n",
1281 (void)ssl_printf(ssl, "added %d zones\n", num);
1286 perform_zone_remove(RES* ssl, struct local_zones* zones, char* arg)
1292 if(!parse_arg_name(ssl, arg, &nm, &nmlen, &nmlabs))
1307 do_zone_remove(RES* ssl, struct local_zones* zones, char* arg)
1309 if(!perform_zone_remove(ssl, zones, arg))
1311 send_ok(ssl);
1316 do_zones_remove(struct daemon_remote* rc, RES* ssl, struct worker* worker)
1321 while(ssl_read_line(ssl, buf+cmd_len, MAX_STDIN_STRLINE)) {
1327 if(rc) distribute_cmd(rc, ssl, buf);
1331 if(!perform_zone_remove(ssl, worker->daemon->local_zones,
1333 if(!ssl_printf(ssl, "error for input line: %s\n",
1339 (void)ssl_printf(ssl, "removed %d zones\n", num);
1344 check_RR_syntax(RES* ssl, char* str, int line)
1355 if(!ssl_printf(ssl, "error parsing local-data at %sposition %d '%s': %s\n",
1366 perform_data_add(RES* ssl, struct local_zones* zones, char* arg, int line)
1368 if(!check_RR_syntax(ssl, arg, line)) {
1372 ssl_printf(ssl,"error in syntax or out of memory, %s\n", arg);
1380 do_data_add(RES* ssl, struct local_zones* zones, char* arg)
1382 if(!perform_data_add(ssl, zones, arg, 0))
1384 send_ok(ssl);
1389 do_datas_add(struct daemon_remote* rc, RES* ssl, struct worker* worker)
1394 while(ssl_read_line(ssl, buf+cmd_len, MAX_STDIN_STRLINE)) {
1400 if(rc) distribute_cmd(rc, ssl, buf);
1405 if(perform_data_add(ssl, worker->daemon->local_zones,
1409 (void)ssl_printf(ssl, "added %d datas\n", num);
1414 perform_data_remove(RES* ssl, struct local_zones* zones, char* arg)
1419 if(!parse_arg_name(ssl, arg, &nm, &nmlen, &nmlabs))
1429 do_data_remove(RES* ssl, struct local_zones* zones, char* arg)
1431 if(!perform_data_remove(ssl, zones, arg))
1433 send_ok(ssl);
1438 do_datas_remove(struct daemon_remote* rc, RES* ssl, struct worker* worker)
1443 while(ssl_read_line(ssl, buf+cmd_len, MAX_STDIN_STRLINE)) {
1449 if(rc) distribute_cmd(rc, ssl, buf);
1453 if(!perform_data_remove(ssl, worker->daemon->local_zones,
1455 if(!ssl_printf(ssl, "error for input line: %s\n",
1461 (void)ssl_printf(ssl, "removed %d datas\n", num);
1466 do_view_zone_add(RES* ssl, struct worker* worker, char* arg)
1470 if(!find_arg2(ssl, arg, &arg2))
1475 ssl_printf(ssl,"no view with name: %s\n", arg);
1481 ssl_printf(ssl,"error out of memory\n");
1493 do_zone_add(ssl, v->local_zones, arg2);
1499 do_view_zone_remove(RES* ssl, struct worker* worker, char* arg)
1503 if(!find_arg2(ssl, arg, &arg2))
1508 ssl_printf(ssl,"no view with name: %s\n", arg);
1513 send_ok(ssl);
1516 do_zone_remove(ssl, v->local_zones, arg2);
1522 do_view_data_add(RES* ssl, struct worker* worker, char* arg)
1526 if(!find_arg2(ssl, arg, &arg2))
1531 ssl_printf(ssl,"no view with name: %s\n", arg);
1537 ssl_printf(ssl,"error out of memory\n");
1541 do_data_add(ssl, v->local_zones, arg2);
1547 do_view_datas_add(struct daemon_remote* rc, RES* ssl, struct worker* worker,
1557 ssl_printf(ssl,"no view with name: %s\n", arg);
1563 ssl_printf(ssl,"error out of memory\n");
1570 while(ssl_read_line(ssl, buf+cmd_len, MAX_STDIN_STRLINE)) {
1576 if(rc) distribute_cmd(rc, ssl, buf);
1581 if(perform_data_add(ssl, v->local_zones, buf+cmd_len, line))
1585 (void)ssl_printf(ssl, "added %d datas\n", num);
1590 do_view_data_remove(RES* ssl, struct worker* worker, char* arg)
1594 if(!find_arg2(ssl, arg, &arg2))
1599 ssl_printf(ssl,"no view with name: %s\n", arg);
1604 send_ok(ssl);
1607 do_data_remove(ssl, v->local_zones, arg2);
1613 do_view_datas_remove(struct daemon_remote* rc, RES* ssl, struct worker* worker,
1623 ssl_printf(ssl,"no view with name: %s\n", arg);
1628 ssl_printf(ssl, "removed 0 datas\n");
1634 while(ssl_read_line(ssl, buf+cmd_len, MAX_STDIN_STRLINE)) {
1640 if(rc) distribute_cmd(rc, ssl, buf);
1644 if(!perform_data_remove(ssl, v->local_zones, buf+cmd_len)) {
1645 if(!ssl_printf(ssl, "error for input line: %s\n",
1652 (void)ssl_printf(ssl, "removed %d datas\n", num);
1657 do_lookup(RES* ssl, struct worker* worker, char* arg)
1662 if(!parse_arg_name(ssl, arg, &nm, &nmlen, &nmlabs))
1664 (void)print_deleg_lookup(ssl, worker, nm, nmlen, nmlabs);
1701 parse_remcachedb(RES* ssl, char** arg, int* pc)
1707 if(!find_arg2(ssl, *arg, &arg2))
1718 do_flush_type(RES* ssl, struct worker* worker, char* arg)
1726 if(!parse_remcachedb(ssl, &arg, &pc))
1728 if(!find_arg2(ssl, arg, &arg2))
1730 if(!parse_arg_name(ssl, arg, &nm, &nmlen, &nmlabs))
1734 (void)ssl_printf(ssl, "error parsing RRset type: '%s'\n", arg2);
1741 send_ok(ssl);
1746 do_flush_stats(RES* ssl, struct worker* worker)
1749 send_ok(ssl);
1803 do_flush_infra(RES* ssl, struct worker* worker, char* arg)
1810 send_ok(ssl);
1814 (void)ssl_printf(ssl, "error parsing ip addr: '%s'\n", arg);
1833 send_ok(ssl);
1838 do_flush_requestlist(RES* ssl, struct worker* worker)
1841 send_ok(ssl);
1901 do_flush_zone(RES* ssl, struct worker* worker, char* arg)
1908 if(!parse_remcachedb(ssl, &arg, &pc))
1910 if(!parse_arg_name(ssl, arg, &nm, &nmlen, &nmlabs))
1937 (void)ssl_printf(ssl, "ok removed %lu rrsets, %lu messages "
1990 do_flush_bogus(RES* ssl, struct worker* worker, char* arg)
1994 if(!parse_remcachedb(ssl, &arg, &pc))
2015 (void)ssl_printf(ssl, "ok removed %lu rrsets, %lu messages "
2076 do_flush_negative(RES* ssl, struct worker* worker, char* arg)
2080 if(!parse_remcachedb(ssl, &arg, &pc))
2101 (void)ssl_printf(ssl, "ok removed %lu rrsets, %lu messages "
2108 do_flush_name(RES* ssl, struct worker* w, char* arg)
2114 if(!parse_remcachedb(ssl, &arg, &pc))
2116 if(!parse_arg_name(ssl, arg, &nm, &nmlen, &nmlabs))
2132 send_ok(ssl);
2137 ssl_print_name_dp(RES* ssl, const char* str, uint8_t* nm, uint16_t dclass,
2147 if(!ssl_printf(ssl, "%s %s %s ", buf, (c?c:"CLASS??"), str)) {
2155 if(!ssl_printf(ssl, "%s%s", (f?" ":""), buf))
2161 if(!ssl_printf(ssl, "%s%s", (f?" ":""), buf))
2165 return ssl_printf(ssl, "\n");
2171 print_root_fwds(RES* ssl, struct iter_forwards* fwds, uint8_t* root)
2177 return ssl_printf(ssl, "off (using root hints)\n");
2181 if(!ssl_print_name_dp(ssl, NULL, root, LDNS_RR_CLASS_IN, dp)) {
2191 parse_delegpt(RES* ssl, char* args, uint8_t* nm)
2201 (void)ssl_printf(ssl, "error out of memory\n");
2217 (void)ssl_printf(ssl, "error cannot parse"
2225 "ssl library, ignored name for %s", todo);
2228 (void)ssl_printf(ssl, "error out of memory\n");
2237 "ssl library, ignored name for %s", todo);
2242 (void)ssl_printf(ssl, "error out of memory\n");
2254 do_forward(RES* ssl, struct worker* worker, char* args)
2260 (void)ssl_printf(ssl, "error: structure not allocated\n");
2264 (void)print_root_fwds(ssl, fwd, root);
2275 if(!(dp = parse_delegpt(ssl, args, root)))
2278 (void)ssl_printf(ssl, "error out of memory\n");
2282 send_ok(ssl);
2286 parse_fs_args(RES* ssl, char* args, uint8_t** nm, struct delegpt** dp,
2295 if(!find_arg2(ssl, args, &rest))
2305 (void)ssl_printf(ssl, "error: unknown option %s\n", args);
2313 if(!find_arg2(ssl, args, &rest))
2318 if(!parse_arg_name(ssl, zonename, nm, &nmlen, &nmlabs))
2323 if(!(*dp = parse_delegpt(ssl, args, *nm))) {
2333 do_forward_add(RES* ssl, struct worker* worker, char* args)
2340 if(!parse_fs_args(ssl, args, &nm, &dp, &insecure, NULL, &tls))
2350 (void)ssl_printf(ssl, "error out of memory\n");
2358 (void)ssl_printf(ssl, "error out of memory\n");
2364 send_ok(ssl);
2369 do_forward_remove(RES* ssl, struct worker* worker, char* args)
2375 if(!parse_fs_args(ssl, args, &nm, NULL, &insecure, NULL, NULL))
2385 send_ok(ssl);
2390 do_stub_add(RES* ssl, struct worker* worker, char* args)
2397 if(!parse_fs_args(ssl, args, &nm, &dp, &insecure, &prime, &tls))
2409 (void)ssl_printf(ssl, "error out of memory\n");
2421 (void)ssl_printf(ssl, "error out of memory\n");
2428 (void)ssl_printf(ssl, "error out of memory\n");
2441 send_ok(ssl);
2446 do_stub_remove(RES* ssl, struct worker* worker, char* args)
2452 if(!parse_fs_args(ssl, args, &nm, NULL, &insecure, NULL, NULL))
2465 send_ok(ssl);
2470 do_insecure_add(RES* ssl, struct worker* worker, char* arg)
2475 if(!parse_arg_name(ssl, arg, &nm, &nmlen, &nmlabs))
2480 (void)ssl_printf(ssl, "error out of memory\n");
2486 send_ok(ssl);
2491 do_insecure_remove(RES* ssl, struct worker* worker, char* arg)
2496 if(!parse_arg_name(ssl, arg, &nm, &nmlen, &nmlabs))
2502 send_ok(ssl);
2506 do_insecure_list(RES* ssl, struct worker* worker)
2514 ssl_printf(ssl, "%s\n", buf);
2522 do_status(RES* ssl, struct worker* worker)
2526 if(!ssl_printf(ssl, "version: %s\n", PACKAGE_VERSION))
2528 if(!ssl_printf(ssl, "verbosity: %d\n", verbosity))
2530 if(!ssl_printf(ssl, "threads: %d\n", worker->daemon->num))
2532 if(!ssl_printf(ssl, "modules: %d [", worker->daemon->mods.num))
2535 if(!ssl_printf(ssl, " %s", worker->daemon->mods.mod[i]->name))
2538 if(!ssl_printf(ssl, " ]\n"))
2541 if(!ssl_printf(ssl, "uptime: " ARG_LL "d seconds\n", (long long)uptime))
2543 if(!ssl_printf(ssl, "options:%s%s%s%s\n" ,
2546 (worker->daemon->rc->accept_list && worker->daemon->rc->use_cert?"(ssl)":""),
2550 if(!ssl_printf(ssl, "unbound (pid %d) is running...\n",
2630 do_dump_requestlist(RES* ssl, struct worker* worker)
2638 if(!ssl_printf(ssl, "thread #%d\n", worker->thread_num))
2640 if(!ssl_printf(ssl, "# type cl name seconds module status\n"))
2651 if(!ssl_printf(ssl, "%3d %4s %2s %s %s %s\n",
2669 RES* ssl;
2672 /** ssl failure? stop writing and skip the rest. If the tcp
2699 if(!ssl_printf(a->ssl, "%s %s expired rto %d\n", ip_str,
2707 if(!ssl_printf(a->ssl, "%s %s ttl %lu ping %d var %d rtt %d rto %d "
2724 do_dump_infra(RES* ssl, struct worker* worker)
2728 arg.ssl = ssl;
2736 do_log_reopen(RES* ssl, struct worker* worker)
2739 send_ok(ssl);
2745 do_auth_zone_reload(RES* ssl, struct worker* worker, char* arg)
2754 if(!parse_arg_name(ssl, arg, &nm, &nmlen, &nmlabs))
2773 (void)ssl_printf(ssl, "error no auth-zone %s\n", arg);
2781 (void)ssl_printf(ssl, "error failed to read %s\n", arg);
2792 (void)ssl_printf(ssl, "zone %s has no contents\n", arg);
2797 (void)ssl_printf(ssl, "error: no SOA in zone after read %s\n", arg);
2809 (void)ssl_printf(ssl, "error zonemd for %s failed: %s\n",
2815 (void)ssl_printf(ssl, "%s: %s\n", arg, reason);
2819 send_ok(ssl);
2824 do_auth_zone_transfer(RES* ssl, struct worker* worker, char* arg)
2830 if(!parse_arg_name(ssl, arg, &nm, &nmlen, &nmlabs))
2834 (void)ssl_printf(ssl, "error zone xfr task not found %s\n", arg);
2839 send_ok(ssl);
2844 do_set_option(RES* ssl, struct worker* worker, char* arg)
2847 if(!find_arg2(ssl, arg, &arg2))
2850 (void)ssl_printf(ssl, "error setting option\n");
2861 send_ok(ssl);
2867 RES* ssl = (RES*)arg;
2868 (void)ssl_printf(ssl, "%s\n", line);
2873 do_get_option(RES* ssl, struct worker* worker, char* arg)
2876 r = config_get_option(worker->env.cfg, arg, remote_get_opt_ssl, ssl);
2878 (void)ssl_printf(ssl, "error unknown option\n");
2885 do_list_forwards(RES* ssl, struct worker* worker)
2906 if(!ssl_print_name_dp(ssl, (insecure?"forward +i":"forward"),
2917 do_list_stubs(RES* ssl, struct worker* worker)
2938 if(!ssl_print_name_dp(ssl, str, z->node.name,
2949 do_list_auth_zones(RES* ssl, struct auth_zones* az)
2966 if(!ssl_printf(ssl, "%s\t%s\n", buf, buf2)) {
2979 do_list_local_zones(RES* ssl, struct local_zones* zones)
2987 if(!ssl_printf(ssl, "%s %s\n", buf,
3001 do_list_local_data(RES* ssl, struct worker* worker, struct local_zones* zones)
3019 if(!ssl_printf(ssl, "BADRR\n")) {
3025 if(!ssl_printf(ssl, "%s\n", s)) {
3040 do_view_list_local_zones(RES* ssl, struct worker* worker, char* arg)
3045 ssl_printf(ssl,"no view with name: %s\n", arg);
3049 do_list_local_zones(ssl, v->local_zones);
3056 do_view_list_local_data(RES* ssl, struct worker* worker, char* arg)
3061 ssl_printf(ssl,"no view with name: %s\n", arg);
3065 do_list_local_data(ssl, worker, v->local_zones);
3075 RES* ssl;
3101 ssl_printf(a->ssl, "%s %d limit %d\n", buf, max, lim);
3119 ssl_printf(a->ssl, "%s %d limit %d\n", ip, max, lim);
3124 do_ratelimit_list(RES* ssl, struct worker* worker, char* arg)
3130 a.ssl = ssl;
3143 do_ip_ratelimit_list(RES* ssl, struct worker* worker, char* arg)
3149 a.ssl = ssl;
3162 do_rpz_enable_disable(RES* ssl, struct worker* worker, char* arg, int enable) {
3168 if (!parse_arg_name(ssl, arg, &nm, &nmlen, &nmlabs))
3180 (void) ssl_printf(ssl, "error no auth-zone %s\n", arg);
3184 (void) ssl_printf(ssl, "error auth-zone %s not RPZ\n", arg);
3194 send_ok(ssl);
3199 do_rpz_enable(RES* ssl, struct worker* worker, char* arg)
3201 do_rpz_enable_disable(ssl, worker, arg, 1);
3206 do_rpz_disable(RES* ssl, struct worker* worker, char* arg)
3208 do_rpz_enable_disable(ssl, worker, arg, 0);
3214 cookie_secret_file_dump(RES* ssl, struct worker* worker) {
3221 (void)ssl_printf(ssl, "error: no cookie secret file configured\n");
3228 (void)ssl_printf(ssl, "unable to open cookie secret file %s: %s",
3256 do_activate_cookie_secret(RES* ssl, struct worker* worker) {
3261 (void)ssl_printf(ssl, "error: no cookie secret file configured\n");
3265 (void)ssl_printf(ssl, "error: there are no cookie_secrets.");
3272 (void)ssl_printf(ssl, "error: no staging cookie secret to activate\n");
3276 if(worker->thread_num == 0 && !cookie_secret_file_dump(ssl, worker)) {
3278 (void)ssl_printf(ssl, "error: writing to cookie secret file: \"%s\"\n",
3284 (void)cookie_secret_file_dump(ssl, worker);
3286 send_ok(ssl);
3291 do_drop_cookie_secret(RES* ssl, struct worker* worker) {
3296 (void)ssl_printf(ssl, "error: no cookie secret file configured\n");
3300 (void)ssl_printf(ssl, "error: there are no cookie_secrets.");
3307 (void)ssl_printf(ssl, "error: can not drop the currently active cookie secret\n");
3311 if(worker->thread_num == 0 && !cookie_secret_file_dump(ssl, worker)) {
3313 (void)ssl_printf(ssl, "error: writing to cookie secret file: \"%s\"\n",
3319 (void)cookie_secret_file_dump(ssl, worker);
3321 send_ok(ssl);
3326 do_add_cookie_secret(RES* ssl, struct worker* worker, char* arg) {
3332 (void)ssl_printf(ssl, "error: no cookie secret file configured\n");
3338 (void)ssl_printf(ssl, "error: out of memory");
3347 (void)ssl_printf(ssl, "error: missing argument (cookie_secret)\n");
3353 (void)ssl_printf(ssl, "invalid cookie secret: invalid argument length\n");
3354 (void)ssl_printf(ssl, "please provide a 128bit hex encoded secret\n");
3362 (void)ssl_printf(ssl, "invalid cookie secret: parse error\n");
3363 (void)ssl_printf(ssl, "please provide a 128bit hex encoded secret\n");
3367 if(worker->thread_num == 0 && !cookie_secret_file_dump(ssl, worker)) {
3371 (void)ssl_printf(ssl, "error: writing to cookie secret file: \"%s\"\n",
3378 (void)cookie_secret_file_dump(ssl, worker);
3381 send_ok(ssl);
3386 do_print_cookie_secrets(RES* ssl, struct worker* worker) {
3404 (void)ssl_printf(ssl, "active : %s\n", secret_hex);
3406 (void)ssl_printf(ssl, "staging: %s\n", secret_hex);
3408 (void)ssl_printf(ssl, "staging[%d]: %s\n", i,
3424 execute_cmd(struct daemon_remote* rc, RES* ssl, char* cmd,
3430 do_stop(ssl, worker);
3433 do_reload(ssl, worker, 1);
3436 do_reload(ssl, worker, 0);
3439 do_stats(ssl, worker, 0);
3442 do_stats(ssl, worker, 1);
3445 do_status(ssl, worker);
3450 (void)ssl_printf(ssl, "dump_cache/load_cache is not "
3455 (void)dump_cache(ssl, worker);
3465 if(load_cache(ssl, worker)) send_ok(ssl);
3468 do_list_forwards(ssl, worker);
3471 do_list_stubs(ssl, worker);
3474 do_insecure_list(ssl, worker);
3477 do_list_local_zones(ssl, worker->daemon->local_zones);
3480 do_list_local_data(ssl, worker, worker->daemon->local_zones);
3483 do_view_list_local_zones(ssl, worker, skipwhite(p+21));
3486 do_view_list_local_data(ssl, worker, skipwhite(p+20));
3489 do_ratelimit_list(ssl, worker, p+14);
3492 do_ip_ratelimit_list(ssl, worker, p+17);
3495 do_list_auth_zones(ssl, worker->env.auth_zones);
3498 do_auth_zone_reload(ssl, worker, skipwhite(p+16));
3501 do_auth_zone_transfer(ssl, worker, skipwhite(p+18));
3505 if(rc) distribute_cmd(rc, ssl, cmd);
3506 do_insecure_add(ssl, worker, skipwhite(p+12));
3510 if(rc) distribute_cmd(rc, ssl, cmd);
3511 do_insecure_remove(ssl, worker, skipwhite(p+15));
3515 if(rc) distribute_cmd(rc, ssl, cmd);
3516 do_flush_stats(ssl, worker);
3520 if(rc) distribute_cmd(rc, ssl, cmd);
3521 do_flush_requestlist(ssl, worker);
3524 do_lookup(ssl, worker, skipwhite(p+6));
3530 do_zones_remove(rc, ssl, worker);
3533 do_zones_add(rc, ssl, worker);
3536 do_datas_remove(rc, ssl, worker);
3539 do_datas_add(rc, ssl, worker);
3542 do_view_datas_remove(rc, ssl, worker, skipwhite(p+23));
3545 do_view_datas_add(rc, ssl, worker, skipwhite(p+16));
3548 do_print_cookie_secrets(ssl, worker);
3557 distribute_cmd(rc, ssl, cmd);
3561 do_verbosity(ssl, skipwhite(p+9));
3563 do_zone_remove(ssl, worker->daemon->local_zones, skipwhite(p+17));
3565 do_zone_add(ssl, worker->daemon->local_zones, skipwhite(p+10));
3567 do_data_remove(ssl, worker->daemon->local_zones, skipwhite(p+17));
3569 do_data_add(ssl, worker->daemon->local_zones, skipwhite(p+10));
3571 do_forward_add(ssl, worker, skipwhite(p+11));
3573 do_forward_remove(ssl, worker, skipwhite(p+14));
3575 do_forward(ssl, worker, skipwhite(p+7));
3577 do_stub_add(ssl, worker, skipwhite(p+8));
3579 do_stub_remove(ssl, worker, skipwhite(p+11));
3581 do_view_zone_remove(ssl, worker, skipwhite(p+22));
3583 do_view_zone_add(ssl, worker, skipwhite(p+15));
3585 do_view_data_remove(ssl, worker, skipwhite(p+22));
3587 do_view_data_add(ssl, worker, skipwhite(p+15));
3589 do_flush_zone(ssl, worker, skipwhite(p+10));
3591 do_flush_type(ssl, worker, skipwhite(p+10));
3593 do_flush_infra(ssl, worker, skipwhite(p+11));
3595 do_flush_name(ssl, worker, skipwhite(p+5));
3597 do_dump_requestlist(ssl, worker);
3599 do_dump_infra(ssl, worker);
3601 do_log_reopen(ssl, worker);
3603 do_set_option(ssl, worker, skipwhite(p+10));
3605 do_get_option(ssl, worker, skipwhite(p+10));
3607 do_flush_bogus(ssl, worker, skipwhite(p+11));
3609 do_flush_negative(ssl, worker, skipwhite(p+14));
3611 do_rpz_enable(ssl, worker, skipwhite(p+10));
3613 do_rpz_disable(ssl, worker, skipwhite(p+11));
3615 do_add_cookie_secret(ssl, worker, skipwhite(p+17));
3617 do_drop_cookie_secret(ssl, worker);
3619 do_activate_cookie_secret(ssl, worker);
3621 (void)ssl_printf(ssl, "error unknown command '%s'\n", p);
3656 if(res->ssl) {
3658 if((r=SSL_read(res->ssl, magic, (int)sizeof(magic)-1)) <= 0) {
3660 if((r2=SSL_get_error(res->ssl, r)) == SSL_ERROR_ZERO_RETURN)
3729 log_crypto_err_io("remote control failed ssl", r2);
3748 if(s->ssl) {
3751 r = SSL_do_handshake(s->ssl);
3753 int r2 = SSL_get_error(s->ssl, r);
3762 } else if(SSL_get_verify_result(s->ssl) == X509_V_OK) {
3764 X509* x = SSL_get1_peer_certificate(s->ssl);
3766 X509* x = SSL_get_peer_certificate(s->ssl);
3784 res.ssl = s->ssl;