1 /*
2 * xfrd.h - XFR (transfer) Daemon header file. Coordinates SOA updates.
3 *
4 * Copyright (c) 2001-2006, NLnet Labs. All rights reserved.
5 *
6 * See LICENSE for the license.
7 *
8 */
9
10 #ifndef XFRD_H
11 #define XFRD_H
12
13 #ifndef USE_MINI_EVENT
14 # ifdef HAVE_EVENT_H
15 # include <event.h>
16 # else
17 # include <event2/event.h>
18 # include "event2/event_struct.h"
19 # include "event2/event_compat.h"
20 # endif
21 #else
22 # include "mini_event.h"
23 #endif
24 #include "rbtree.h"
25 #include "namedb.h"
26 #include "options.h"
27 #include "dns.h"
28 #include "tsig.h"
29
30 struct nsd;
31 struct region;
32 struct buffer;
33 struct xfrd_tcp;
34 struct xfrd_tcp_set;
35 struct notify_zone;
36 struct udb_ptr;
37 typedef struct xfrd_state xfrd_state_type;
38 typedef struct xfrd_xfr xfrd_xfr_type;
39 typedef struct xfrd_zone xfrd_zone_type;
40 typedef struct xfrd_soa xfrd_soa_type;
41 /*
42 * The global state for the xfrd daemon process.
43 * The time_t times are epochs in secs since 1970, absolute times.
44 */
45 struct xfrd_state {
46 /* time when daemon was last started */
47 time_t xfrd_start_time;
48 struct region* region;
49 struct event_base* event_base;
50 struct nsd* nsd;
51
52 struct xfrd_tcp_set* tcp_set;
53 /* packet buffer for udp packets */
54 struct buffer* packet;
55 /* udp waiting list, double linked list */
56 struct xfrd_zone *udp_waiting_first, *udp_waiting_last;
57 /* number of udp sockets (for sending queries) in use */
58 size_t udp_use_num;
59 /* activated waiting list, double linked list */
60 struct xfrd_zone *activated_first;
61
62 /* current time is cached */
63 uint8_t got_time;
64 time_t current_time;
65
66 /* counter for xfr file numbers */
67 uint64_t xfrfilenumber;
68
69 /* the zonestat array size that we last saw and is safe to use */
70 unsigned zonestat_safe;
71 /* size currently of the clear array */
72 size_t zonestat_clear_num;
73 /* array of malloced entries with cumulative cleared stat values */
74 struct nsdst** zonestat_clear;
75 /* array of child_count size with cumulative cleared stat values */
76 struct nsdst* stat_clear;
77
78 /* timer for NSD reload */
79 struct timeval reload_timeout;
80 struct event reload_handler;
81 int reload_added;
82 /* last reload must have caught all zone updates before this time */
83 time_t reload_cmd_last_sent;
84 time_t reload_cmd_first_sent;
85 uint8_t reload_failed;
86 uint8_t can_send_reload;
87 pid_t reload_pid;
88 /* timeout for lost sigchild and reaping children */
89 struct event child_timer;
90 int child_timer_added;
91
92 /* timeout event for zonefiles_write events */
93 struct event write_timer;
94 /* set to 1 if zones have received xfrs since the last write_timer */
95 int write_zonefile_needed;
96
97 /* communication channel with server_main */
98 struct event ipc_handler;
99 int ipc_handler_flags;
100 struct xfrd_tcp *ipc_conn;
101 struct buffer* ipc_pass;
102 /* sending ipc to server_main */
103 uint8_t need_to_send_shutdown;
104 uint8_t need_to_send_reload;
105 uint8_t need_to_send_stats;
106 uint8_t need_to_send_quit;
107 uint8_t ipc_send_blocked;
108 struct udb_ptr* last_task;
109
110 /* xfrd shutdown flag */
111 uint8_t shutdown;
112
113 /* tree of zones, by apex name, contains xfrd_zone_type*. Only secondary zones. */
114 rbtree_type *zones;
115
116 /* tree of zones, by apex name, contains notify_zone*. All zones. */
117 rbtree_type *notify_zones;
118 /* number of notify_zone active using UDP socket */
119 int notify_udp_num;
120 /* first and last notify_zone* entries waiting for a UDP socket */
121 struct notify_zone *notify_waiting_first, *notify_waiting_last;
122 };
123
124 /*
125 * XFR daemon SOA information kept in network format.
126 * This is in packet order.
127 */
128 struct xfrd_soa {
129 /* name of RR is zone apex dname */
130 uint16_t type; /* = TYPE_SOA */
131 uint16_t klass; /* = CLASS_IN */
132 uint32_t ttl;
133 uint16_t rdata_count; /* = 7 */
134 /* format is 1 octet length, + wireformat dname.
135 one more octet since parse_dname_wire_from_packet needs it.
136 maximum size is allocated to avoid memory alloc/free. */
137 uint8_t prim_ns[MAXDOMAINLEN + 2];
138 uint8_t email[MAXDOMAINLEN + 2];
139 uint32_t serial;
140 uint32_t refresh;
141 uint32_t retry;
142 uint32_t expire;
143 uint32_t minimum;
144 } ATTR_PACKED;
145
146
147 /*
148 * XFRD state for a single zone
149 */
150 struct xfrd_zone {
151 rbnode_type node;
152
153 /* name of the zone */
154 const dname_type* apex;
155 const char* apex_str;
156
157 /* Three types of soas:
158 * NSD: in use by running server
159 * disk: stored on disk in db/diff file
160 * notified: from notification, could be available on a master.
161 * And the time the soa was acquired (start time for timeouts).
162 * If the time==0, no SOA is available.
163 */
164 xfrd_soa_type soa_nsd;
165 time_t soa_nsd_acquired;
166 xfrd_soa_type soa_disk;
167 time_t soa_disk_acquired;
168 xfrd_soa_type soa_notified;
169 time_t soa_notified_acquired;
170
171 enum xfrd_zone_state {
172 xfrd_zone_ok,
173 xfrd_zone_refreshing,
174 xfrd_zone_expired
175 } state;
176
177 /* master to try to transfer from, number for persistence */
178 struct acl_options* master;
179 int master_num;
180 int next_master; /* -1 or set by notify where to try next */
181 /* round of xfrattempts, -1 is waiting for timeout */
182 int round_num;
183 struct zone_options* zone_options;
184 int fresh_xfr_timeout;
185
186 /* handler for timeouts */
187 struct timeval timeout;
188 struct event zone_handler;
189 int zone_handler_flags;
190 int event_added;
191
192 /* tcp connection zone is using, or -1 */
193 int tcp_conn;
194 /* zone is waiting for a tcp connection */
195 uint8_t tcp_waiting;
196 /* next zone in waiting list */
197 xfrd_zone_type* tcp_waiting_next;
198 xfrd_zone_type* tcp_waiting_prev;
199 /* zone is in its tcp send queue */
200 uint8_t in_tcp_send;
201 /* next zone in tcp send queue */
202 xfrd_zone_type* tcp_send_next;
203 xfrd_zone_type* tcp_send_prev;
204 /* zone is waiting for a udp connection (tcp is preferred) */
205 uint8_t udp_waiting;
206 /* next zone in waiting list for UDP */
207 xfrd_zone_type* udp_waiting_next;
208 xfrd_zone_type* udp_waiting_prev;
209 /* zone has been activated to run now (after the other events
210 * but before blocking in select again) */
211 uint8_t is_activated;
212 xfrd_zone_type* activated_next;
213 xfrd_zone_type* activated_prev;
214
215 /* xfr message handling data */
216 /* query id */
217 uint16_t query_id;
218 xfrd_xfr_type *latest_xfr;
219
220 int multi_master_first_master; /* >0: first check master_num */
221 int multi_master_update_check; /* -1: not update >0: last update master_num */
222 } ATTR_PACKED;
223
224 /*
225 * State for a single zone XFR
226 */
227 struct xfrd_xfr {
228 xfrd_xfr_type *next;
229 xfrd_xfr_type *prev;
230 uint16_t query_type;
231 uint8_t sent; /* written to tasklist (tri-state) */
232 time_t acquired; /* time xfr was acquired */
233 uint32_t msg_seq_nr; /* number of messages already handled */
234 uint32_t msg_old_serial, msg_new_serial; /* host byte order */
235 size_t msg_rr_count;
236 uint8_t msg_is_ixfr; /* 1:IXFR detected. 2:middle IXFR SOA seen. */
237 tsig_record_type tsig; /* tsig state for IXFR/AXFR */
238 uint64_t xfrfilenumber; /* identifier for file to store xfr into,
239 valid if msg_seq_nr nonzero */
240 };
241
242 enum xfrd_packet_result {
243 xfrd_packet_bad, /* drop the packet/connection */
244 xfrd_packet_drop, /* drop the connection, but not report bad */
245 xfrd_packet_more, /* more packets to follow on tcp */
246 xfrd_packet_notimpl, /* server responded with NOTIMPL or FORMATERR */
247 xfrd_packet_tcp, /* try tcp connection */
248 xfrd_packet_transfer, /* server responded with transfer*/
249 xfrd_packet_newlease /* no changes, soa OK */
250 };
251
252 /*
253 Division of the (portably: 1024) max number of sockets that can be open.
254 The sum of the below numbers should be below the user limit for sockets
255 open, or you see errors in your logfile.
256 And it should be below FD_SETSIZE, to be able to select() on replies.
257 Note that also some sockets are used for writing the ixfr.db, xfrd.state
258 files and for the pipes to the main parent process.
259
260 For xfrd_tcp_max, 128 is the default number of TCP AXFR/IXFR concurrent
261 connections. Each entry has 64Kb buffer preallocated.
262 */
263 #define XFRD_MAX_UDP 128 /* max number of UDP sockets at a time for IXFR */
264 #define XFRD_MAX_UDP_NOTIFY 128 /* max concurrent UDP sockets for NOTIFY */
265
266 #define XFRD_TRANSFER_TIMEOUT_START 10 /* empty zone timeout is between x and 2*x seconds */
267 #define XFRD_TRANSFER_TIMEOUT_MAX 86400 /* empty zone timeout max expbackoff */
268 #define XFRD_LOWERBOUND_REFRESH 1 /* seconds, smallest refresh timeout */
269 #define XFRD_LOWERBOUND_RETRY 1 /* seconds, smallest retry timeout */
270
271 /*
272 * return refresh period
273 * within configured and defined lower and upper bounds
274 */
275 static inline time_t
within_refresh_bounds(xfrd_zone_type * zone,time_t refresh)276 within_refresh_bounds(xfrd_zone_type* zone, time_t refresh)
277 {
278 return (time_t)zone->zone_options->pattern->max_refresh_time < refresh
279 ? (time_t)zone->zone_options->pattern->max_refresh_time
280 : (time_t)zone->zone_options->pattern->min_refresh_time > refresh
281 ? (time_t)zone->zone_options->pattern->min_refresh_time
282 : XFRD_LOWERBOUND_REFRESH > refresh
283 ? XFRD_LOWERBOUND_REFRESH : refresh;
284 }
285
286 /*
287 * return the zone's refresh period (from the on disk stored SOA)
288 * within configured and defined lower and upper bounds
289 */
290 static inline time_t
bound_soa_disk_refresh(xfrd_zone_type * zone)291 bound_soa_disk_refresh(xfrd_zone_type* zone)
292 {
293 return within_refresh_bounds(zone, ntohl(zone->soa_disk.refresh));
294 }
295
296 /*
297 * return retry period
298 * within configured and defined lower and upper bounds
299 */
300 static inline time_t
within_retry_bounds(xfrd_zone_type * zone,time_t retry)301 within_retry_bounds(xfrd_zone_type* zone, time_t retry)
302 {
303 return (time_t)zone->zone_options->pattern->max_retry_time < retry
304 ? (time_t)zone->zone_options->pattern->max_retry_time
305 : (time_t)zone->zone_options->pattern->min_retry_time > retry
306 ? (time_t)zone->zone_options->pattern->min_retry_time
307 : XFRD_LOWERBOUND_RETRY > retry
308 ? XFRD_LOWERBOUND_RETRY : retry;
309 }
310
311 /*
312 * return the zone's retry period (from the on disk stored SOA)
313 * within configured and defined lower and upper bounds
314 */
315 static inline time_t
bound_soa_disk_retry(xfrd_zone_type * zone)316 bound_soa_disk_retry(xfrd_zone_type* zone)
317 {
318 return within_retry_bounds(zone, ntohl(zone->soa_disk.retry));
319 }
320
321 /*
322 * return expire period
323 * within configured and defined lower bounds
324 */
325 static inline time_t
within_expire_bounds(xfrd_zone_type * zone,time_t expire)326 within_expire_bounds(xfrd_zone_type* zone, time_t expire)
327 {
328 switch (zone->zone_options->pattern->min_expire_time_expr) {
329 case EXPIRE_TIME_HAS_VALUE:
330 return (time_t)zone->zone_options->pattern->min_expire_time > expire
331 ? (time_t)zone->zone_options->pattern->min_expire_time : expire;
332
333 case REFRESHPLUSRETRYPLUS1:
334 return bound_soa_disk_refresh(zone) + bound_soa_disk_retry(zone) + 1 > expire
335 ? bound_soa_disk_refresh(zone) + bound_soa_disk_retry(zone) + 1 : expire;
336 default:
337 return expire;
338 }
339 }
340
341 /* return the zone's expire period (from the on disk stored SOA) */
342 static inline time_t
bound_soa_disk_expire(xfrd_zone_type * zone)343 bound_soa_disk_expire(xfrd_zone_type* zone)
344 {
345 return within_expire_bounds(zone, ntohl(zone->soa_disk.expire));
346 }
347
348 /* return the zone's expire period (from the SOA in use by the running server) */
349 static inline time_t
bound_soa_nsd_expire(xfrd_zone_type * zone)350 bound_soa_nsd_expire(xfrd_zone_type* zone)
351 {
352 return within_expire_bounds(zone, ntohl(zone->soa_nsd.expire));
353 }
354
355 extern xfrd_state_type* xfrd;
356
357 /* start xfrd, new start. Pass socket to server_main. */
358 void xfrd_init(int socket, struct nsd* nsd, int shortsoa, int reload_active,
359 pid_t nsd_pid);
360
361 /* add new slave zone, dname(from zone_opt) and given options */
362 void xfrd_init_slave_zone(xfrd_state_type* xfrd, struct zone_options* zone_opt);
363
364 /* delete slave zone */
365 void xfrd_del_slave_zone(xfrd_state_type* xfrd, const dname_type* dname);
366
367 /* disable ixfr for a while for zone->master */
368 void xfrd_disable_ixfr(xfrd_zone_type* zone);
369
370 /* get the current time epoch. Cached for speed. */
371 time_t xfrd_time(void);
372
373 /*
374 * Handle final received packet from network.
375 * returns enum of packet discovery results
376 */
377 enum xfrd_packet_result xfrd_handle_received_xfr_packet(
378 xfrd_zone_type* zone, buffer_type* packet);
379
380 /* set timer to specific value */
381 void xfrd_set_timer(xfrd_zone_type* zone, time_t t);
382 /* set refresh timer of zone to refresh at time now */
383 void xfrd_set_refresh_now(xfrd_zone_type* zone);
384 /* unset the timer - no more timeouts, for when zone is queued */
385 void xfrd_unset_timer(xfrd_zone_type* zone);
386 /* remove the 'refresh now', remove it from the activated list */
387 void xfrd_deactivate_zone(xfrd_zone_type* z);
388
389 /*
390 * Make a new request to next master server.
391 * uses next_master if set (and a fresh set of rounds).
392 * otherwise, starts new round of requests if none started already.
393 * starts next round of requests if at last master.
394 * if too many rounds of requests, sets timer for next retry.
395 */
396 void xfrd_make_request(xfrd_zone_type* zone);
397
398 /*
399 * send packet via udp (returns UDP fd source socket) to acl addr.
400 * returns -1 on failure.
401 */
402 int xfrd_send_udp(struct acl_options* acl, buffer_type* packet,
403 struct acl_options* ifc);
404
405 /*
406 * read from udp port packet into buffer, returns 0 on failure
407 */
408 int xfrd_udp_read_packet(buffer_type* packet, int fd, struct sockaddr* src,
409 socklen_t* srclen);
410
411 /*
412 * Release udp socket that a zone is using
413 */
414 void xfrd_udp_release(xfrd_zone_type* zone);
415
416 /*
417 * Get a static buffer for temporary use (to build a packet).
418 */
419 struct buffer* xfrd_get_temp_buffer(void);
420
421 /*
422 * TSIG sign outgoing request. Call if acl has a key.
423 */
424 void xfrd_tsig_sign_request(buffer_type* packet, struct tsig_record* tsig,
425 struct acl_options* acl);
426
427 /* handle incoming soa information (NSD is running it, time acquired=guess).
428 Pass soa=NULL,acquired=now if NSD has nothing loaded for the zone
429 (i.e. zonefile was deleted). */
430 void xfrd_handle_incoming_soa(xfrd_zone_type* zone, xfrd_soa_type* soa,
431 time_t acquired);
432 /* handle a packet passed along ipc route. acl is the one that accepted
433 the packet. The packet is the network blob received. acl_xfr is
434 provide-xfr acl matching notify sender or -1 */
435 void xfrd_handle_passed_packet(buffer_type* packet,
436 int acl_num, int acl_xfr);
437
438 /* try to reopen the logfile. */
439 void xfrd_reopen_logfile(void);
440
441 /* free namedb for xfrd usage */
442 void xfrd_free_namedb(struct nsd* nsd);
443
444 /* copy SOA info from rr to soa struct. */
445 void xfrd_copy_soa(xfrd_soa_type* soa, rr_type* rr);
446
447 /* check for failed updates - it is assumed that now the reload has
448 finished, and all zone SOAs have been sent. */
449 void xfrd_check_failed_updates(void);
450
451 void
452 xfrd_prepare_updates_for_reload(void);
453
454 /*
455 * Prepare zones for a reload, this sets the times on the zones to be
456 * before the current time, so the reload happens after.
457 */
458 void xfrd_prepare_zones_for_reload(void);
459
460 /* Bind a local interface to a socket descriptor, return 1 on success */
461 int xfrd_bind_local_interface(int sockd, struct acl_options* ifc,
462 struct acl_options* acl, int tcp);
463
464 /* process results and soa info from reload */
465 void xfrd_process_task_result(xfrd_state_type* xfrd, struct udb_base* taskudb);
466
467 /* set to reload right away (for user controlled reload events) */
468 void xfrd_set_reload_now(xfrd_state_type* xfrd);
469
470 /* send expiry notifications to nsd */
471 void xfrd_send_expire_notification(xfrd_zone_type* zone);
472
473 /* handle incoming notify (soa or NULL) and start zone xfr if necessary */
474 void xfrd_handle_notify_and_start_xfr(xfrd_zone_type* zone, xfrd_soa_type* soa);
475
476 /* handle zone timeout, event */
477 void xfrd_handle_zone(int fd, short event, void* arg);
478
479 const char* xfrd_pretty_time(time_t v);
480
481 xfrd_xfr_type *xfrd_prepare_zone_xfr(xfrd_zone_type *zone, uint16_t query_type);
482
483 void xfrd_delete_zone_xfr(xfrd_zone_type *zone, xfrd_xfr_type *xfr);
484
485 #endif /* XFRD_H */
486