Lines Matching refs:ssl
242 if(p->ssl)
243 SSL_free(p->ssl);
488 n->ssl = SSL_new(rc->ctx);
489 if(!n->ssl) {
495 SSL_set_accept_state(n->ssl);
496 (void)SSL_set_mode(n->ssl, (long)SSL_MODE_AUTO_RETRY);
497 if(!SSL_set_fd(n->ssl, newfd)) {
499 SSL_free(n->ssl);
505 n->ssl = NULL;
538 if(s->ssl) {
539 SSL_shutdown(s->ssl);
540 SSL_free(s->ssl);
552 if(res->ssl) {
554 if((r=SSL_write(res->ssl, text, (int)strlen(text))) <= 0) {
555 if(SSL_get_error(res->ssl, r) == SSL_ERROR_ZERO_RETURN) {
580 /** print text over the ssl connection */
582 ssl_print_vmsg(RES* ssl, const char* format, va_list args)
586 return ssl_print_text(ssl, msg);
589 /** printf style printing to the ssl connection */
590 int ssl_printf(RES* ssl, const char* format, ...)
595 ret = ssl_print_vmsg(ssl, format, args);
608 if(res->ssl) {
610 if((r=SSL_read(res->ssl, buf+len, 1)) <= 0) {
611 if(SSL_get_error(res->ssl, r) == SSL_ERROR_ZERO_RETURN) {
658 static void send_ok(RES* ssl)
660 (void)ssl_printf(ssl, "ok\n");
665 do_stop(RES* ssl, struct worker* worker)
669 send_ok(ssl);
674 do_reload(RES* ssl, struct worker* worker)
678 send_ok(ssl);
683 do_verbosity(RES* ssl, char* str)
687 ssl_printf(ssl, "error in verbosity number syntax: %s\n", str);
691 send_ok(ssl);
696 print_stats(RES* ssl, const char* nm, struct ub_stats_info* s)
699 if(!ssl_printf(ssl, "%s.num.queries"SQ"%lu\n", nm,
701 if(!ssl_printf(ssl, "%s.num.queries_ip_ratelimited"SQ"%lu\n", nm,
703 if(!ssl_printf(ssl, "%s.num.cachehits"SQ"%lu\n", nm,
706 if(!ssl_printf(ssl, "%s.num.cachemiss"SQ"%lu\n", nm,
708 if(!ssl_printf(ssl, "%s.num.prefetch"SQ"%lu\n", nm,
710 if(!ssl_printf(ssl, "%s.num.expired"SQ"%lu\n", nm,
712 if(!ssl_printf(ssl, "%s.num.recursivereplies"SQ"%lu\n", nm,
715 if(!ssl_printf(ssl, "%s.num.dnscrypt.crypted"SQ"%lu\n", nm,
717 if(!ssl_printf(ssl, "%s.num.dnscrypt.cert"SQ"%lu\n", nm,
719 if(!ssl_printf(ssl, "%s.num.dnscrypt.cleartext"SQ"%lu\n", nm,
721 if(!ssl_printf(ssl, "%s.num.dnscrypt.malformed"SQ"%lu\n", nm,
724 if(!ssl_printf(ssl, "%s.requestlist.avg"SQ"%g\n", nm,
729 if(!ssl_printf(ssl, "%s.requestlist.max"SQ"%lu\n", nm,
731 if(!ssl_printf(ssl, "%s.requestlist.overwritten"SQ"%lu\n", nm,
733 if(!ssl_printf(ssl, "%s.requestlist.exceeded"SQ"%lu\n", nm,
735 if(!ssl_printf(ssl, "%s.requestlist.current.all"SQ"%lu\n", nm,
737 if(!ssl_printf(ssl, "%s.requestlist.current.user"SQ"%lu\n", nm,
744 if(!ssl_printf(ssl, "%s.recursion.time.avg"SQ ARG_LL "d.%6.6d\n", nm,
746 if(!ssl_printf(ssl, "%s.recursion.time.median"SQ"%g\n", nm,
748 if(!ssl_printf(ssl, "%s.tcpusage"SQ"%lu\n", nm,
755 print_thread_stats(RES* ssl, int i, struct ub_stats_info* s)
760 return print_stats(ssl, nm, s);
765 print_longnum(RES* ssl, const char* desc, size_t x)
771 return ssl_printf(ssl, "%s%u%6.6u\n", desc,
774 return ssl_printf(ssl, "%s%lu\n", desc, (unsigned long)x);
780 print_mem(RES* ssl, struct worker* worker, struct daemon* daemon,
819 if(!print_longnum(ssl, "mem.cache.rrset"SQ, rrset))
821 if(!print_longnum(ssl, "mem.cache.message"SQ, msg))
823 if(!print_longnum(ssl, "mem.mod.iterator"SQ, iter))
825 if(!print_longnum(ssl, "mem.mod.validator"SQ, val))
827 if(!print_longnum(ssl, "mem.mod.respip"SQ, respip))
830 if(!print_longnum(ssl, "mem.mod.subnet"SQ, subnet))
834 if(!print_longnum(ssl, "mem.mod.ipsecmod"SQ, ipsecmod))
838 if(!print_longnum(ssl, "mem.cache.dnscrypt_shared_secret"SQ,
841 if(!print_longnum(ssl, "mem.cache.dnscrypt_nonce"SQ,
846 if(!print_longnum(ssl, "mem.mod.dynlibmod"SQ, dynlib))
849 if(!print_longnum(ssl, "mem.streamwait"SQ,
852 if(!print_longnum(ssl, "mem.http.query_buffer"SQ,
855 if(!print_longnum(ssl, "mem.http.response_buffer"SQ,
863 print_uptime(RES* ssl, struct worker* worker, int reset)
871 if(!ssl_printf(ssl, "time.now"SQ ARG_LL "d.%6.6d\n",
873 if(!ssl_printf(ssl, "time.up"SQ ARG_LL "d.%6.6d\n",
875 if(!ssl_printf(ssl, "time.elapsed"SQ ARG_LL "d.%6.6d\n",
882 print_hist(RES* ssl, struct ub_stats_info* s)
893 if(!ssl_printf(ssl,
910 print_ext(RES* ssl, struct ub_stats_info* s)
936 if(!ssl_printf(ssl, "num.query.type.%s"SQ"%lu\n",
940 if(!ssl_printf(ssl, "num.query.type.other"SQ"%lu\n",
953 if(!ssl_printf(ssl, "num.query.class.%s"SQ"%lu\n",
957 if(!ssl_printf(ssl, "num.query.class.other"SQ"%lu\n",
970 if(!ssl_printf(ssl, "num.query.opcode.%s"SQ"%lu\n",
974 if(!ssl_printf(ssl, "num.query.tcp"SQ"%lu\n",
976 if(!ssl_printf(ssl, "num.query.tcpout"SQ"%lu\n",
978 if(!ssl_printf(ssl, "num.query.tls"SQ"%lu\n",
980 if(!ssl_printf(ssl, "num.query.tls.resume"SQ"%lu\n",
982 if(!ssl_printf(ssl, "num.query.ipv6"SQ"%lu\n",
984 if(!ssl_printf(ssl, "num.query.https"SQ"%lu\n",
987 if(!ssl_printf(ssl, "num.query.flags.QR"SQ"%lu\n",
989 if(!ssl_printf(ssl, "num.query.flags.AA"SQ"%lu\n",
991 if(!ssl_printf(ssl, "num.query.flags.TC"SQ"%lu\n",
993 if(!ssl_printf(ssl, "num.query.flags.RD"SQ"%lu\n",
995 if(!ssl_printf(ssl, "num.query.flags.RA"SQ"%lu\n",
997 if(!ssl_printf(ssl, "num.query.flags.Z"SQ"%lu\n",
999 if(!ssl_printf(ssl, "num.query.flags.AD"SQ"%lu\n",
1001 if(!ssl_printf(ssl, "num.query.flags.CD"SQ"%lu\n",
1003 if(!ssl_printf(ssl, "num.query.edns.present"SQ"%lu\n",
1005 if(!ssl_printf(ssl, "num.query.edns.DO"SQ"%lu\n",
1019 if(!ssl_printf(ssl, "num.answer.rcode.%s"SQ"%lu\n",
1023 if(!ssl_printf(ssl, "num.answer.rcode.nodata"SQ"%lu\n",
1027 if(!ssl_printf(ssl, "num.query.ratelimited"SQ"%lu\n",
1030 if(!ssl_printf(ssl, "num.answer.secure"SQ"%lu\n",
1032 if(!ssl_printf(ssl, "num.answer.bogus"SQ"%lu\n",
1034 if(!ssl_printf(ssl, "num.rrset.bogus"SQ"%lu\n",
1036 if(!ssl_printf(ssl, "num.query.aggressive.NOERROR"SQ"%lu\n",
1038 if(!ssl_printf(ssl, "num.query.aggressive.NXDOMAIN"SQ"%lu\n",
1041 if(!ssl_printf(ssl, "unwanted.queries"SQ"%lu\n",
1043 if(!ssl_printf(ssl, "unwanted.replies"SQ"%lu\n",
1046 if(!ssl_printf(ssl, "msg.cache.count"SQ"%u\n",
1048 if(!ssl_printf(ssl, "rrset.cache.count"SQ"%u\n",
1050 if(!ssl_printf(ssl, "infra.cache.count"SQ"%u\n",
1052 if(!ssl_printf(ssl, "key.cache.count"SQ"%u\n",
1060 if(!ssl_printf(ssl, "num.rpz.action.%s"SQ"%lu\n",
1065 if(!ssl_printf(ssl, "dnscrypt_shared_secret.cache.count"SQ"%u\n",
1067 if(!ssl_printf(ssl, "dnscrypt_nonce.cache.count"SQ"%u\n",
1069 if(!ssl_printf(ssl, "num.query.dnscrypt.shared_secret.cachemiss"SQ"%lu\n",
1071 if(!ssl_printf(ssl, "num.query.dnscrypt.replay"SQ"%lu\n",
1074 if(!ssl_printf(ssl, "num.query.authzone.up"SQ"%lu\n",
1076 if(!ssl_printf(ssl, "num.query.authzone.down"SQ"%lu\n",
1079 if(!ssl_printf(ssl, "num.query.subnet"SQ"%lu\n",
1081 if(!ssl_printf(ssl, "num.query.subnet_cache"SQ"%lu\n",
1089 do_stats(RES* ssl, struct worker* worker, int reset)
1100 if(!print_thread_stats(ssl, i, &s))
1108 if(!print_stats(ssl, "total", &total))
1110 if(!print_uptime(ssl, worker, reset))
1113 if(!print_mem(ssl, worker, daemon, &total))
1115 if(!print_hist(ssl, &total))
1117 if(!print_ext(ssl, &total))
1124 parse_arg_name(RES* ssl, char* str, uint8_t** res, size_t* len, int* labs)
1133 ssl_printf(ssl, "error: this option requires a domain name\n");
1138 ssl_printf(ssl, "error cannot parse name %s at %d: %s\n", str,
1145 ssl_printf(ssl, "error out of memory\n");
1154 find_arg2(RES* ssl, char* arg, char** arg2)
1170 ssl_printf(ssl, "error could not find next argument "
1179 perform_zone_add(RES* ssl, struct local_zones* zones, char* arg)
1187 if(!find_arg2(ssl, arg, &arg2))
1189 if(!parse_arg_name(ssl, arg, &nm, &nmlen, &nmlabs))
1192 ssl_printf(ssl, "error not a zone type. %s\n", arg2);
1210 ssl_printf(ssl, "error out of memory\n");
1219 do_zone_add(RES* ssl, struct local_zones* zones, char* arg)
1221 if(!perform_zone_add(ssl, zones, arg))
1223 send_ok(ssl);
1228 do_zones_add(RES* ssl, struct local_zones* zones)
1232 while(ssl_read_line(ssl, buf, sizeof(buf))) {
1235 if(!perform_zone_add(ssl, zones, buf)) {
1236 if(!ssl_printf(ssl, "error for input line: %s\n", buf))
1242 (void)ssl_printf(ssl, "added %d zones\n", num);
1247 perform_zone_remove(RES* ssl, struct local_zones* zones, char* arg)
1253 if(!parse_arg_name(ssl, arg, &nm, &nmlen, &nmlabs))
1268 do_zone_remove(RES* ssl, struct local_zones* zones, char* arg)
1270 if(!perform_zone_remove(ssl, zones, arg))
1272 send_ok(ssl);
1277 do_zones_remove(RES* ssl, struct local_zones* zones)
1281 while(ssl_read_line(ssl, buf, sizeof(buf))) {
1284 if(!perform_zone_remove(ssl, zones, buf)) {
1285 if(!ssl_printf(ssl, "error for input line: %s\n", buf))
1291 (void)ssl_printf(ssl, "removed %d zones\n", num);
1296 perform_data_add(RES* ssl, struct local_zones* zones, char* arg)
1299 ssl_printf(ssl,"error in syntax or out of memory, %s\n", arg);
1307 do_data_add(RES* ssl, struct local_zones* zones, char* arg)
1309 if(!perform_data_add(ssl, zones, arg))
1311 send_ok(ssl);
1316 do_datas_add(RES* ssl, struct local_zones* zones)
1320 while(ssl_read_line(ssl, buf, sizeof(buf))) {
1323 if(!perform_data_add(ssl, zones, buf)) {
1324 if(!ssl_printf(ssl, "error for input line: %s\n", buf))
1330 (void)ssl_printf(ssl, "added %d datas\n", num);
1335 perform_data_remove(RES* ssl, struct local_zones* zones, char* arg)
1340 if(!parse_arg_name(ssl, arg, &nm, &nmlen, &nmlabs))
1350 do_data_remove(RES* ssl, struct local_zones* zones, char* arg)
1352 if(!perform_data_remove(ssl, zones, arg))
1354 send_ok(ssl);
1359 do_datas_remove(RES* ssl, struct local_zones* zones)
1363 while(ssl_read_line(ssl, buf, sizeof(buf))) {
1366 if(!perform_data_remove(ssl, zones, buf)) {
1367 if(!ssl_printf(ssl, "error for input line: %s\n", buf))
1373 (void)ssl_printf(ssl, "removed %d datas\n", num);
1378 do_view_zone_add(RES* ssl, struct worker* worker, char* arg)
1382 if(!find_arg2(ssl, arg, &arg2))
1387 ssl_printf(ssl,"no view with name: %s\n", arg);
1393 ssl_printf(ssl,"error out of memory\n");
1405 do_zone_add(ssl, v->local_zones, arg2);
1411 do_view_zone_remove(RES* ssl, struct worker* worker, char* arg)
1415 if(!find_arg2(ssl, arg, &arg2))
1420 ssl_printf(ssl,"no view with name: %s\n", arg);
1425 send_ok(ssl);
1428 do_zone_remove(ssl, v->local_zones, arg2);
1434 do_view_data_add(RES* ssl, struct worker* worker, char* arg)
1438 if(!find_arg2(ssl, arg, &arg2))
1443 ssl_printf(ssl,"no view with name: %s\n", arg);
1449 ssl_printf(ssl,"error out of memory\n");
1453 do_data_add(ssl, v->local_zones, arg2);
1459 do_view_datas_add(RES* ssl, struct worker* worker, char* arg)
1465 ssl_printf(ssl,"no view with name: %s\n", arg);
1471 ssl_printf(ssl,"error out of memory\n");
1475 do_datas_add(ssl, v->local_zones);
1481 do_view_data_remove(RES* ssl, struct worker* worker, char* arg)
1485 if(!find_arg2(ssl, arg, &arg2))
1490 ssl_printf(ssl,"no view with name: %s\n", arg);
1495 send_ok(ssl);
1498 do_data_remove(ssl, v->local_zones, arg2);
1504 do_view_datas_remove(RES* ssl, struct worker* worker, char* arg)
1510 ssl_printf(ssl,"no view with name: %s\n", arg);
1515 ssl_printf(ssl, "removed 0 datas\n");
1519 do_datas_remove(ssl, v->local_zones);
1525 do_lookup(RES* ssl, struct worker* worker, char* arg)
1530 if(!parse_arg_name(ssl, arg, &nm, &nmlen, &nmlabs))
1532 (void)print_deleg_lookup(ssl, worker, nm, nmlen, nmlabs);
1563 do_flush_type(RES* ssl, struct worker* worker, char* arg)
1570 if(!find_arg2(ssl, arg, &arg2))
1572 if(!parse_arg_name(ssl, arg, &nm, &nmlen, &nmlabs))
1578 send_ok(ssl);
1583 do_flush_stats(RES* ssl, struct worker* worker)
1586 send_ok(ssl);
1638 do_flush_infra(RES* ssl, struct worker* worker, char* arg)
1645 send_ok(ssl);
1649 (void)ssl_printf(ssl, "error parsing ip addr: '%s'\n", arg);
1667 send_ok(ssl);
1672 do_flush_requestlist(RES* ssl, struct worker* worker)
1675 send_ok(ssl);
1731 do_flush_zone(RES* ssl, struct worker* worker, char* arg)
1737 if(!parse_arg_name(ssl, arg, &nm, &nmlen, &nmlabs))
1763 (void)ssl_printf(ssl, "ok removed %lu rrsets, %lu messages "
1809 do_flush_bogus(RES* ssl, struct worker* worker)
1830 (void)ssl_printf(ssl, "ok removed %lu rrsets, %lu messages "
1884 do_flush_negative(RES* ssl, struct worker* worker)
1905 (void)ssl_printf(ssl, "ok removed %lu rrsets, %lu messages "
1912 do_flush_name(RES* ssl, struct worker* w, char* arg)
1917 if(!parse_arg_name(ssl, arg, &nm, &nmlen, &nmlabs))
1931 send_ok(ssl);
1936 ssl_print_name_dp(RES* ssl, const char* str, uint8_t* nm, uint16_t dclass,
1946 if(!ssl_printf(ssl, "%s %s %s ", buf, (c?c:"CLASS??"), str)) {
1954 if(!ssl_printf(ssl, "%s%s", (f?" ":""), buf))
1960 if(!ssl_printf(ssl, "%s%s", (f?" ":""), buf))
1964 return ssl_printf(ssl, "\n");
1970 print_root_fwds(RES* ssl, struct iter_forwards* fwds, uint8_t* root)
1975 return ssl_printf(ssl, "off (using root hints)\n");
1978 return ssl_print_name_dp(ssl, NULL, root, LDNS_RR_CLASS_IN, dp);
1983 parse_delegpt(RES* ssl, char* args, uint8_t* nm, int allow_names)
1993 (void)ssl_printf(ssl, "error out of memory\n");
2009 if(!parse_arg_name(ssl, todo, &n, &ln, &lb)) {
2010 (void)ssl_printf(ssl, "error cannot "
2017 (void)ssl_printf(ssl, "error out of memory\n");
2025 (void)ssl_printf(ssl, "error cannot parse"
2034 "ssl library, ignored name for %s", todo);
2039 (void)ssl_printf(ssl, "error out of memory\n");
2051 do_forward(RES* ssl, struct worker* worker, char* args)
2056 (void)ssl_printf(ssl, "error: structure not allocated\n");
2060 (void)print_root_fwds(ssl, fwd, root);
2071 if(!(dp = parse_delegpt(ssl, args, root, 0)))
2074 (void)ssl_printf(ssl, "error out of memory\n");
2078 send_ok(ssl);
2082 parse_fs_args(RES* ssl, char* args, uint8_t** nm, struct delegpt** dp,
2091 if(!find_arg2(ssl, args, &rest))
2099 (void)ssl_printf(ssl, "error: unknown option %s\n", args);
2107 if(!find_arg2(ssl, args, &rest))
2112 if(!parse_arg_name(ssl, zonename, nm, &nmlen, &nmlabs))
2117 if(!(*dp = parse_delegpt(ssl, args, *nm, 1))) {
2127 do_forward_add(RES* ssl, struct worker* worker, char* args)
2133 if(!parse_fs_args(ssl, args, &nm, &dp, &insecure, NULL))
2138 (void)ssl_printf(ssl, "error out of memory\n");
2145 (void)ssl_printf(ssl, "error out of memory\n");
2150 send_ok(ssl);
2155 do_forward_remove(RES* ssl, struct worker* worker, char* args)
2160 if(!parse_fs_args(ssl, args, &nm, NULL, &insecure, NULL))
2167 send_ok(ssl);
2172 do_stub_add(RES* ssl, struct worker* worker, char* args)
2178 if(!parse_fs_args(ssl, args, &nm, &dp, &insecure, &prime))
2183 (void)ssl_printf(ssl, "error out of memory\n");
2193 (void)ssl_printf(ssl, "error out of memory\n");
2199 (void)ssl_printf(ssl, "error out of memory\n");
2208 send_ok(ssl);
2213 do_stub_remove(RES* ssl, struct worker* worker, char* args)
2218 if(!parse_fs_args(ssl, args, &nm, NULL, &insecure, NULL))
2226 send_ok(ssl);
2231 do_insecure_add(RES* ssl, struct worker* worker, char* arg)
2236 if(!parse_arg_name(ssl, arg, &nm, &nmlen, &nmlabs))
2241 (void)ssl_printf(ssl, "error out of memory\n");
2247 send_ok(ssl);
2252 do_insecure_remove(RES* ssl, struct worker* worker, char* arg)
2257 if(!parse_arg_name(ssl, arg, &nm, &nmlen, &nmlabs))
2263 send_ok(ssl);
2267 do_insecure_list(RES* ssl, struct worker* worker)
2275 ssl_printf(ssl, "%s\n", buf);
2283 do_status(RES* ssl, struct worker* worker)
2287 if(!ssl_printf(ssl, "version: %s\n", PACKAGE_VERSION))
2289 if(!ssl_printf(ssl, "verbosity: %d\n", verbosity))
2291 if(!ssl_printf(ssl, "threads: %d\n", worker->daemon->num))
2293 if(!ssl_printf(ssl, "modules: %d [", worker->daemon->mods.num))
2296 if(!ssl_printf(ssl, " %s", worker->daemon->mods.mod[i]->name))
2299 if(!ssl_printf(ssl, " ]\n"))
2302 if(!ssl_printf(ssl, "uptime: " ARG_LL "d seconds\n", (long long)uptime))
2304 if(!ssl_printf(ssl, "options:%s%s%s%s\n" ,
2307 (worker->daemon->rc->accept_list && worker->daemon->rc->use_cert?"(ssl)":""),
2311 if(!ssl_printf(ssl, "unbound (pid %d) is running...\n",
2391 do_dump_requestlist(RES* ssl, struct worker* worker)
2399 if(!ssl_printf(ssl, "thread #%d\n", worker->thread_num))
2401 if(!ssl_printf(ssl, "# type cl name seconds module status\n"))
2412 if(!ssl_printf(ssl, "%3d %4s %2s %s %s %s\n",
2430 RES* ssl;
2433 /** ssl failure? stop writing and skip the rest. If the tcp
2460 if(!ssl_printf(a->ssl, "%s %s expired rto %d\n", ip_str,
2468 if(!ssl_printf(a->ssl, "%s %s ttl %lu ping %d var %d rtt %d rto %d "
2485 do_dump_infra(RES* ssl, struct worker* worker)
2489 arg.ssl = ssl;
2497 do_log_reopen(RES* ssl, struct worker* worker)
2500 send_ok(ssl);
2506 do_auth_zone_reload(RES* ssl, struct worker* worker, char* arg)
2513 if(!parse_arg_name(ssl, arg, &nm, &nmlen, &nmlabs))
2525 (void)ssl_printf(ssl, "error no auth-zone %s\n", arg);
2530 (void)ssl_printf(ssl, "error failed to read %s\n", arg);
2534 send_ok(ssl);
2539 do_auth_zone_transfer(RES* ssl, struct worker* worker, char* arg)
2545 if(!parse_arg_name(ssl, arg, &nm, &nmlen, &nmlabs))
2549 (void)ssl_printf(ssl, "error zone xfr task not found %s\n", arg);
2554 send_ok(ssl);
2559 do_set_option(RES* ssl, struct worker* worker, char* arg)
2562 if(!find_arg2(ssl, arg, &arg2))
2565 (void)ssl_printf(ssl, "error setting option\n");
2576 send_ok(ssl);
2582 RES* ssl = (RES*)arg;
2583 (void)ssl_printf(ssl, "%s\n", line);
2588 do_get_option(RES* ssl, struct worker* worker, char* arg)
2591 r = config_get_option(worker->env.cfg, arg, remote_get_opt_ssl, ssl);
2593 (void)ssl_printf(ssl, "error unknown option\n");
2600 do_list_forwards(RES* ssl, struct worker* worker)
2620 if(!ssl_print_name_dp(ssl, (insecure?"forward +i":"forward"),
2628 do_list_stubs(RES* ssl, struct worker* worker)
2648 if(!ssl_print_name_dp(ssl, str, z->node.name,
2656 do_list_auth_zones(RES* ssl, struct auth_zones* az)
2673 if(!ssl_printf(ssl, "%s\t%s\n", buf, buf2)) {
2686 do_list_local_zones(RES* ssl, struct local_zones* zones)
2694 if(!ssl_printf(ssl, "%s %s\n", buf,
2708 do_list_local_data(RES* ssl, struct worker* worker, struct local_zones* zones)
2726 if(!ssl_printf(ssl, "BADRR\n")) {
2732 if(!ssl_printf(ssl, "%s\n", s)) {
2747 do_view_list_local_zones(RES* ssl, struct worker* worker, char* arg)
2752 ssl_printf(ssl,"no view with name: %s\n", arg);
2756 do_list_local_zones(ssl, v->local_zones);
2763 do_view_list_local_data(RES* ssl, struct worker* worker, char* arg)
2768 ssl_printf(ssl,"no view with name: %s\n", arg);
2772 do_list_local_data(ssl, worker, v->local_zones);
2782 RES* ssl;
2806 ssl_printf(a->ssl, "%s %d limit %d\n", buf, max, lim);
2824 ssl_printf(a->ssl, "%s %d limit %d\n", ip, max, lim);
2829 do_ratelimit_list(RES* ssl, struct worker* worker, char* arg)
2835 a.ssl = ssl;
2847 do_ip_ratelimit_list(RES* ssl, struct worker* worker, char* arg)
2853 a.ssl = ssl;
2865 do_rpz_enable_disable(RES* ssl, struct worker* worker, char* arg, int enable) {
2871 if (!parse_arg_name(ssl, arg, &nm, &nmlen, &nmlabs))
2883 (void) ssl_printf(ssl, "error no auth-zone %s\n", arg);
2887 (void) ssl_printf(ssl, "error auth-zone %s not RPZ\n", arg);
2897 send_ok(ssl);
2902 do_rpz_enable(RES* ssl, struct worker* worker, char* arg)
2904 do_rpz_enable_disable(ssl, worker, arg, 1);
2909 do_rpz_disable(RES* ssl, struct worker* worker, char* arg)
2911 do_rpz_enable_disable(ssl, worker, arg, 0);
2916 distribute_cmd(struct daemon_remote* rc, RES* ssl, char* cmd)
2919 if(!cmd || !ssl)
2927 ssl_printf(ssl, "error could not distribute cmd\n");
2942 execute_cmd(struct daemon_remote* rc, RES* ssl, char* cmd,
2948 do_stop(ssl, worker);
2951 do_reload(ssl, worker);
2954 do_stats(ssl, worker, 0);
2957 do_stats(ssl, worker, 1);
2960 do_status(ssl, worker);
2963 (void)dump_cache(ssl, worker);
2966 if(load_cache(ssl, worker)) send_ok(ssl);
2969 do_list_forwards(ssl, worker);
2972 do_list_stubs(ssl, worker);
2975 do_insecure_list(ssl, worker);
2978 do_list_local_zones(ssl, worker->daemon->local_zones);
2981 do_list_local_data(ssl, worker, worker->daemon->local_zones);
2984 do_view_list_local_zones(ssl, worker, skipwhite(p+21));
2987 do_view_list_local_data(ssl, worker, skipwhite(p+20));
2990 do_ratelimit_list(ssl, worker, p+14);
2993 do_ip_ratelimit_list(ssl, worker, p+17);
2996 do_list_auth_zones(ssl, worker->env.auth_zones);
2999 do_auth_zone_reload(ssl, worker, skipwhite(p+16));
3002 do_auth_zone_transfer(ssl, worker, skipwhite(p+18));
3006 if(rc) distribute_cmd(rc, ssl, cmd);
3007 do_stub_add(ssl, worker, skipwhite(p+8));
3011 if(rc) distribute_cmd(rc, ssl, cmd);
3012 do_stub_remove(ssl, worker, skipwhite(p+11));
3016 if(rc) distribute_cmd(rc, ssl, cmd);
3017 do_forward_add(ssl, worker, skipwhite(p+11));
3021 if(rc) distribute_cmd(rc, ssl, cmd);
3022 do_forward_remove(ssl, worker, skipwhite(p+14));
3026 if(rc) distribute_cmd(rc, ssl, cmd);
3027 do_insecure_add(ssl, worker, skipwhite(p+12));
3031 if(rc) distribute_cmd(rc, ssl, cmd);
3032 do_insecure_remove(ssl, worker, skipwhite(p+15));
3036 if(rc) distribute_cmd(rc, ssl, cmd);
3037 do_forward(ssl, worker, skipwhite(p+7));
3041 if(rc) distribute_cmd(rc, ssl, cmd);
3042 do_flush_stats(ssl, worker);
3046 if(rc) distribute_cmd(rc, ssl, cmd);
3047 do_flush_requestlist(ssl, worker);
3050 do_lookup(ssl, worker, skipwhite(p+6));
3059 distribute_cmd(rc, ssl, cmd);
3063 do_verbosity(ssl, skipwhite(p+9));
3065 do_zone_remove(ssl, worker->daemon->local_zones, skipwhite(p+17));
3067 do_zones_remove(ssl, worker->daemon->local_zones);
3069 do_zone_add(ssl, worker->daemon->local_zones, skipwhite(p+10));
3071 do_zones_add(ssl, worker->daemon->local_zones);
3073 do_data_remove(ssl, worker->daemon->local_zones, skipwhite(p+17));
3075 do_datas_remove(ssl, worker->daemon->local_zones);
3077 do_data_add(ssl, worker->daemon->local_zones, skipwhite(p+10));
3079 do_datas_add(ssl, worker->daemon->local_zones);
3081 do_view_zone_remove(ssl, worker, skipwhite(p+22));
3083 do_view_zone_add(ssl, worker, skipwhite(p+15));
3085 do_view_data_remove(ssl, worker, skipwhite(p+22));
3087 do_view_datas_remove(ssl, worker, skipwhite(p+23));
3089 do_view_data_add(ssl, worker, skipwhite(p+15));
3091 do_view_datas_add(ssl, worker, skipwhite(p+16));
3093 do_flush_zone(ssl, worker, skipwhite(p+10));
3095 do_flush_type(ssl, worker, skipwhite(p+10));
3097 do_flush_infra(ssl, worker, skipwhite(p+11));
3099 do_flush_name(ssl, worker, skipwhite(p+5));
3101 do_dump_requestlist(ssl, worker);
3103 do_dump_infra(ssl, worker);
3105 do_log_reopen(ssl, worker);
3107 do_set_option(ssl, worker, skipwhite(p+10));
3109 do_get_option(ssl, worker, skipwhite(p+10));
3111 do_flush_bogus(ssl, worker);
3113 do_flush_negative(ssl, worker);
3115 do_rpz_enable(ssl, worker, skipwhite(p+10));
3117 do_rpz_disable(ssl, worker, skipwhite(p+11));
3119 (void)ssl_printf(ssl, "error unknown command '%s'\n", p);
3154 if(res->ssl) {
3156 if((r=SSL_read(res->ssl, magic, (int)sizeof(magic)-1)) <= 0) {
3157 if(SSL_get_error(res->ssl, r) == SSL_ERROR_ZERO_RETURN)
3226 log_crypto_err("remote control failed ssl");
3245 if(s->ssl) {
3248 r = SSL_do_handshake(s->ssl);
3250 int r2 = SSL_get_error(s->ssl, r);
3259 } else if(SSL_get_verify_result(s->ssl) == X509_V_OK) {
3260 X509* x = SSL_get_peer_certificate(s->ssl);
3277 res.ssl = s->ssl;