1 /* 2 * xfrd.h - XFR (transfer) Daemon header file. Coordinates SOA updates. 3 * 4 * Copyright (c) 2001-2006, NLnet Labs. All rights reserved. 5 * 6 * See LICENSE for the license. 7 * 8 */ 9 10 #ifndef XFRD_H 11 #define XFRD_H 12 13 #ifndef USE_MINI_EVENT 14 # ifdef HAVE_EVENT_H 15 # include <event.h> 16 # else 17 # include <event2/event.h> 18 # include "event2/event_struct.h" 19 # include "event2/event_compat.h" 20 # endif 21 #else 22 # include "mini_event.h" 23 #endif 24 #include "rbtree.h" 25 #include "namedb.h" 26 #include "options.h" 27 #include "dns.h" 28 #include "tsig.h" 29 30 struct nsd; 31 struct region; 32 struct buffer; 33 struct xfrd_tcp; 34 struct xfrd_tcp_set; 35 struct notify_zone; 36 struct udb_ptr; 37 typedef struct xfrd_state xfrd_state_type; 38 typedef struct xfrd_zone xfrd_zone_type; 39 typedef struct xfrd_soa xfrd_soa_type; 40 /* 41 * The global state for the xfrd daemon process. 42 * The time_t times are epochs in secs since 1970, absolute times. 43 */ 44 struct xfrd_state { 45 /* time when daemon was last started */ 46 time_t xfrd_start_time; 47 struct region* region; 48 struct event_base* event_base; 49 struct nsd* nsd; 50 51 struct xfrd_tcp_set* tcp_set; 52 /* packet buffer for udp packets */ 53 struct buffer* packet; 54 /* udp waiting list, double linked list */ 55 struct xfrd_zone *udp_waiting_first, *udp_waiting_last; 56 /* number of udp sockets (for sending queries) in use */ 57 size_t udp_use_num; 58 /* activated waiting list, double linked list */ 59 struct xfrd_zone *activated_first; 60 61 /* current time is cached */ 62 uint8_t got_time; 63 time_t current_time; 64 65 /* counter for xfr file numbers */ 66 uint64_t xfrfilenumber; 67 68 /* the zonestat array size that we last saw and is safe to use */ 69 unsigned zonestat_safe; 70 /* size currently of the clear array */ 71 size_t zonestat_clear_num; 72 /* array of malloced entries with cumulative cleared stat values */ 73 struct nsdst** zonestat_clear; 74 75 /* timer for NSD reload */ 76 struct timeval reload_timeout; 77 struct event reload_handler; 78 int reload_added; 79 /* last reload must have caught all zone updates before this time */ 80 time_t reload_cmd_last_sent; 81 uint8_t can_send_reload; 82 pid_t reload_pid; 83 /* timeout for lost sigchild and reaping children */ 84 struct event child_timer; 85 int child_timer_added; 86 87 /* timeout event for zonefiles_write events */ 88 struct event write_timer; 89 /* set to 1 if zones have received xfrs since the last write_timer */ 90 int write_zonefile_needed; 91 92 /* communication channel with server_main */ 93 struct event ipc_handler; 94 int ipc_handler_flags; 95 struct xfrd_tcp *ipc_conn; 96 struct buffer* ipc_pass; 97 /* sending ipc to server_main */ 98 uint8_t need_to_send_shutdown; 99 uint8_t need_to_send_reload; 100 uint8_t need_to_send_stats; 101 uint8_t need_to_send_quit; 102 uint8_t ipc_send_blocked; 103 struct udb_ptr* last_task; 104 105 /* xfrd shutdown flag */ 106 uint8_t shutdown; 107 108 /* tree of zones, by apex name, contains xfrd_zone_type*. Only secondary zones. */ 109 rbtree_type *zones; 110 111 /* tree of zones, by apex name, contains notify_zone*. All zones. */ 112 rbtree_type *notify_zones; 113 /* number of notify_zone active using UDP socket */ 114 int notify_udp_num; 115 /* first and last notify_zone* entries waiting for a UDP socket */ 116 struct notify_zone *notify_waiting_first, *notify_waiting_last; 117 }; 118 119 /* 120 * XFR daemon SOA information kept in network format. 121 * This is in packet order. 122 */ 123 struct xfrd_soa { 124 /* name of RR is zone apex dname */ 125 uint16_t type; /* = TYPE_SOA */ 126 uint16_t klass; /* = CLASS_IN */ 127 uint32_t ttl; 128 uint16_t rdata_count; /* = 7 */ 129 /* format is 1 octet length, + wireformat dname. 130 one more octet since parse_dname_wire_from_packet needs it. 131 maximum size is allocated to avoid memory alloc/free. */ 132 uint8_t prim_ns[MAXDOMAINLEN + 2]; 133 uint8_t email[MAXDOMAINLEN + 2]; 134 uint32_t serial; 135 uint32_t refresh; 136 uint32_t retry; 137 uint32_t expire; 138 uint32_t minimum; 139 } ATTR_PACKED; 140 141 142 /* 143 * XFRD state for a single zone 144 */ 145 struct xfrd_zone { 146 rbnode_type node; 147 148 /* name of the zone */ 149 const dname_type* apex; 150 const char* apex_str; 151 152 /* Three types of soas: 153 * NSD: in use by running server 154 * disk: stored on disk in db/diff file 155 * notified: from notification, could be available on a master. 156 * And the time the soa was acquired (start time for timeouts). 157 * If the time==0, no SOA is available. 158 */ 159 xfrd_soa_type soa_nsd; 160 time_t soa_nsd_acquired; 161 xfrd_soa_type soa_disk; 162 time_t soa_disk_acquired; 163 xfrd_soa_type soa_notified; 164 time_t soa_notified_acquired; 165 166 enum xfrd_zone_state { 167 xfrd_zone_ok, 168 xfrd_zone_refreshing, 169 xfrd_zone_expired 170 } state; 171 172 /* master to try to transfer from, number for persistence */ 173 struct acl_options* master; 174 int master_num; 175 int next_master; /* -1 or set by notify where to try next */ 176 /* round of xfrattempts, -1 is waiting for timeout */ 177 int round_num; 178 struct zone_options* zone_options; 179 int fresh_xfr_timeout; 180 181 /* handler for timeouts */ 182 struct timeval timeout; 183 struct event zone_handler; 184 int zone_handler_flags; 185 int event_added; 186 187 /* tcp connection zone is using, or -1 */ 188 int tcp_conn; 189 /* zone is waiting for a tcp connection */ 190 uint8_t tcp_waiting; 191 /* next zone in waiting list */ 192 xfrd_zone_type* tcp_waiting_next; 193 xfrd_zone_type* tcp_waiting_prev; 194 /* zone is in its tcp send queue */ 195 uint8_t in_tcp_send; 196 /* next zone in tcp send queue */ 197 xfrd_zone_type* tcp_send_next; 198 xfrd_zone_type* tcp_send_prev; 199 /* zone is waiting for a udp connection (tcp is preferred) */ 200 uint8_t udp_waiting; 201 /* next zone in waiting list for UDP */ 202 xfrd_zone_type* udp_waiting_next; 203 xfrd_zone_type* udp_waiting_prev; 204 /* zone has been activated to run now (after the other events 205 * but before blocking in select again) */ 206 uint8_t is_activated; 207 xfrd_zone_type* activated_next; 208 xfrd_zone_type* activated_prev; 209 210 /* xfr message handling data */ 211 /* query id */ 212 uint16_t query_id; 213 uint16_t query_type; 214 uint32_t msg_seq_nr; /* number of messages already handled */ 215 uint32_t msg_old_serial, msg_new_serial; /* host byte order */ 216 size_t msg_rr_count; 217 uint8_t msg_is_ixfr; /* 1:IXFR detected. 2:middle IXFR SOA seen. */ 218 tsig_record_type tsig; /* tsig state for IXFR/AXFR */ 219 uint64_t xfrfilenumber; /* identifier for file to store xfr into, 220 valid if msg_seq_nr nonzero */ 221 int multi_master_first_master; /* >0: first check master_num */ 222 int multi_master_update_check; /* -1: not update >0: last update master_num */ 223 } ATTR_PACKED; 224 225 enum xfrd_packet_result { 226 xfrd_packet_bad, /* drop the packet/connection */ 227 xfrd_packet_drop, /* drop the connection, but not report bad */ 228 xfrd_packet_more, /* more packets to follow on tcp */ 229 xfrd_packet_notimpl, /* server responded with NOTIMPL or FORMATERR */ 230 xfrd_packet_tcp, /* try tcp connection */ 231 xfrd_packet_transfer, /* server responded with transfer*/ 232 xfrd_packet_newlease /* no changes, soa OK */ 233 }; 234 235 /* 236 Division of the (portably: 1024) max number of sockets that can be open. 237 The sum of the below numbers should be below the user limit for sockets 238 open, or you see errors in your logfile. 239 And it should be below FD_SETSIZE, to be able to select() on replies. 240 Note that also some sockets are used for writing the ixfr.db, xfrd.state 241 files and for the pipes to the main parent process. 242 */ 243 #define XFRD_MAX_TCP 128 /* max number of TCP AXFR/IXFR concurrent connections.*/ 244 /* Each entry has 64Kb buffer preallocated.*/ 245 #define XFRD_MAX_UDP 128 /* max number of UDP sockets at a time for IXFR */ 246 #define XFRD_MAX_UDP_NOTIFY 128 /* max concurrent UDP sockets for NOTIFY */ 247 248 #define XFRD_TRANSFER_TIMEOUT_START 10 /* empty zone timeout is between x and 2*x seconds */ 249 #define XFRD_TRANSFER_TIMEOUT_MAX 86400 /* empty zone timeout max expbackoff */ 250 #define XFRD_LOWERBOUND_REFRESH 1 /* seconds, smallest refresh timeout */ 251 #define XFRD_LOWERBOUND_RETRY 1 /* seconds, smallest retry timeout */ 252 253 /* 254 * return refresh period 255 * within configured and defined lower and upper bounds 256 */ 257 static inline time_t 258 within_refresh_bounds(xfrd_zone_type* zone, time_t refresh) 259 { 260 return (time_t)zone->zone_options->pattern->max_refresh_time < refresh 261 ? (time_t)zone->zone_options->pattern->max_refresh_time 262 : (time_t)zone->zone_options->pattern->min_refresh_time > refresh 263 ? (time_t)zone->zone_options->pattern->min_refresh_time 264 : XFRD_LOWERBOUND_REFRESH > refresh 265 ? XFRD_LOWERBOUND_REFRESH : refresh; 266 } 267 268 /* 269 * return the zone's refresh period (from the on disk stored SOA) 270 * within configured and defined lower and upper bounds 271 */ 272 static inline time_t 273 bound_soa_disk_refresh(xfrd_zone_type* zone) 274 { 275 return within_refresh_bounds(zone, ntohl(zone->soa_disk.refresh)); 276 } 277 278 /* 279 * return retry period 280 * within configured and defined lower and upper bounds 281 */ 282 static inline time_t 283 within_retry_bounds(xfrd_zone_type* zone, time_t retry) 284 { 285 return (time_t)zone->zone_options->pattern->max_retry_time < retry 286 ? (time_t)zone->zone_options->pattern->max_retry_time 287 : (time_t)zone->zone_options->pattern->min_retry_time > retry 288 ? (time_t)zone->zone_options->pattern->min_retry_time 289 : XFRD_LOWERBOUND_RETRY > retry 290 ? XFRD_LOWERBOUND_RETRY : retry; 291 } 292 293 /* 294 * return the zone's retry period (from the on disk stored SOA) 295 * within configured and defined lower and upper bounds 296 */ 297 static inline time_t 298 bound_soa_disk_retry(xfrd_zone_type* zone) 299 { 300 return within_retry_bounds(zone, ntohl(zone->soa_disk.retry)); 301 } 302 303 /* 304 * return expire period 305 * within configured and defined lower bounds 306 */ 307 static inline time_t 308 within_expire_bounds(xfrd_zone_type* zone, time_t expire) 309 { 310 switch (zone->zone_options->pattern->min_expire_time_expr) { 311 case EXPIRE_TIME_HAS_VALUE: 312 return (time_t)zone->zone_options->pattern->min_expire_time > expire 313 ? (time_t)zone->zone_options->pattern->min_expire_time : expire; 314 315 case REFRESHPLUSRETRYPLUS1: 316 return bound_soa_disk_refresh(zone) + bound_soa_disk_retry(zone) + 1 > expire 317 ? bound_soa_disk_refresh(zone) + bound_soa_disk_retry(zone) + 1 : expire; 318 default: 319 return expire; 320 } 321 } 322 323 /* return the zone's expire period (from the on disk stored SOA) */ 324 static inline time_t 325 bound_soa_disk_expire(xfrd_zone_type* zone) 326 { 327 return within_expire_bounds(zone, ntohl(zone->soa_disk.expire)); 328 } 329 330 extern xfrd_state_type* xfrd; 331 332 /* start xfrd, new start. Pass socket to server_main. */ 333 void xfrd_init(int socket, struct nsd* nsd, int shortsoa, int reload_active, 334 pid_t nsd_pid); 335 336 /* add new slave zone, dname(from zone_opt) and given options */ 337 void xfrd_init_slave_zone(xfrd_state_type* xfrd, struct zone_options* zone_opt); 338 339 /* delete slave zone */ 340 void xfrd_del_slave_zone(xfrd_state_type* xfrd, const dname_type* dname); 341 342 /* disable ixfr for a while for zone->master */ 343 void xfrd_disable_ixfr(xfrd_zone_type* zone); 344 345 /* get the current time epoch. Cached for speed. */ 346 time_t xfrd_time(void); 347 348 /* 349 * Handle final received packet from network. 350 * returns enum of packet discovery results 351 */ 352 enum xfrd_packet_result xfrd_handle_received_xfr_packet( 353 xfrd_zone_type* zone, buffer_type* packet); 354 355 /* set timer to specific value */ 356 void xfrd_set_timer(xfrd_zone_type* zone, time_t t); 357 /* set refresh timer of zone to refresh at time now */ 358 void xfrd_set_refresh_now(xfrd_zone_type* zone); 359 /* unset the timer - no more timeouts, for when zone is queued */ 360 void xfrd_unset_timer(xfrd_zone_type* zone); 361 /* remove the 'refresh now', remove it from the activated list */ 362 void xfrd_deactivate_zone(xfrd_zone_type* z); 363 364 /* 365 * Make a new request to next master server. 366 * uses next_master if set (and a fresh set of rounds). 367 * otherwised, starts new round of requests if none started already. 368 * starts next round of requests if at last master. 369 * if too many rounds of requests, sets timer for next retry. 370 */ 371 void xfrd_make_request(xfrd_zone_type* zone); 372 373 /* 374 * send packet via udp (returns UDP fd source socket) to acl addr. 375 * returns -1 on failure. 376 */ 377 int xfrd_send_udp(struct acl_options* acl, buffer_type* packet, 378 struct acl_options* ifc); 379 380 /* 381 * read from udp port packet into buffer, returns 0 on failure 382 */ 383 int xfrd_udp_read_packet(buffer_type* packet, int fd, struct sockaddr* src, 384 socklen_t* srclen); 385 386 /* 387 * Release udp socket that a zone is using 388 */ 389 void xfrd_udp_release(xfrd_zone_type* zone); 390 391 /* 392 * Get a static buffer for temporary use (to build a packet). 393 */ 394 struct buffer* xfrd_get_temp_buffer(void); 395 396 /* 397 * TSIG sign outgoing request. Call if acl has a key. 398 */ 399 void xfrd_tsig_sign_request(buffer_type* packet, struct tsig_record* tsig, 400 struct acl_options* acl); 401 402 /* handle incoming soa information (NSD is running it, time acquired=guess). 403 Pass soa=NULL,acquired=now if NSD has nothing loaded for the zone 404 (i.e. zonefile was deleted). */ 405 void xfrd_handle_incoming_soa(xfrd_zone_type* zone, xfrd_soa_type* soa, 406 time_t acquired); 407 /* handle a packet passed along ipc route. acl is the one that accepted 408 the packet. The packet is the network blob received. acl_xfr is 409 provide-xfr acl matching notify sender or -1 */ 410 void xfrd_handle_passed_packet(buffer_type* packet, 411 int acl_num, int acl_xfr); 412 413 /* try to reopen the logfile. */ 414 void xfrd_reopen_logfile(void); 415 416 /* free namedb for xfrd usage */ 417 void xfrd_free_namedb(struct nsd* nsd); 418 419 /* copy SOA info from rr to soa struct. */ 420 void xfrd_copy_soa(xfrd_soa_type* soa, rr_type* rr); 421 422 /* check for failed updates - it is assumed that now the reload has 423 finished, and all zone SOAs have been sent. */ 424 void xfrd_check_failed_updates(void); 425 426 /* 427 * Prepare zones for a reload, this sets the times on the zones to be 428 * before the current time, so the reload happens after. 429 */ 430 void xfrd_prepare_zones_for_reload(void); 431 432 /* Bind a local interface to a socket descriptor, return 1 on success */ 433 int xfrd_bind_local_interface(int sockd, struct acl_options* ifc, 434 struct acl_options* acl, int tcp); 435 436 /* process results and soa info from reload */ 437 void xfrd_process_task_result(xfrd_state_type* xfrd, struct udb_base* taskudb); 438 439 /* set to reload right away (for user controlled reload events) */ 440 void xfrd_set_reload_now(xfrd_state_type* xfrd); 441 442 /* send expiry notifications to nsd */ 443 void xfrd_send_expire_notification(xfrd_zone_type* zone); 444 445 /* handle incoming notify (soa or NULL) and start zone xfr if necessary */ 446 void xfrd_handle_notify_and_start_xfr(xfrd_zone_type* zone, xfrd_soa_type* soa); 447 448 /* handle zone timeout, event */ 449 void xfrd_handle_zone(int fd, short event, void* arg); 450 451 const char* xfrd_pretty_time(time_t v); 452 453 #endif /* XFRD_H */ 454