Lines Matching refs:client
67 * All client state changes, other than that from idle to listening, occur
71 * If a routine is ever created that allows someone other than the client's
72 * task to change the client, then the client will have to be locked.
77 #define CTRACE(m) ns_client_log(client, \
103 * client objects, since concurrent access to a shared context would cause
116 /*% nameserver client manager structure */
152 * states are generally "more active", meaning that the client can
157 * To force the client into a less active state, set client->newstate
164 * The client object no longer exists.
169 * The client object exists and has a task and timer.
171 * It is on the client manager's list of inactive clients.
177 * The client object is either a TCP or a UDP one, and
179 * client manager's list of active clients.
181 * If it is a TCP client object, it has a TCP listener socket
184 * If it is a UDP client object, it has a UDP listener socket
190 * The client object is a TCP client object that has received
193 * UDP client objects.
198 * The client object has received a request and is working
205 * The client object is recursing. It will be on the 'recursing'
211 * Sentinel value used to indicate "no state". When client->newstate
225 static void client_read(ns_client_t *client);
226 static void client_accept(ns_client_t *client);
227 static void client_udprecv(ns_client_t *client);
229 static isc_boolean_t exit_check(ns_client_t *client);
230 static void ns_client_endrequest(ns_client_t *client);
233 static void ns_client_dumpmessage(ns_client_t *client, const char *reason);
238 ns_client_recursing(ns_client_t *client) {
239 REQUIRE(NS_CLIENT_VALID(client));
240 REQUIRE(client->state == NS_CLIENTSTATE_WORKING);
242 LOCK(&client->manager->reclock);
243 client->newstate = client->state = NS_CLIENTSTATE_RECURSING;
244 ISC_LIST_APPEND(client->manager->recursing, client, rlink);
245 UNLOCK(&client->manager->reclock);
249 ns_client_killoldestquery(ns_client_t *client) {
251 REQUIRE(NS_CLIENT_VALID(client));
253 LOCK(&client->manager->reclock);
254 oldest = ISC_LIST_HEAD(client->manager->recursing);
256 ISC_LIST_UNLINK(client->manager->recursing, oldest, rlink);
257 UNLOCK(&client->manager->reclock);
260 UNLOCK(&client->manager->reclock);
264 ns_client_settimeout(ns_client_t *client, unsigned int seconds) {
269 result = isc_timer_reset(client->timer, isc_timertype_once, NULL,
271 client->timerset = ISC_TRUE;
273 ns_client_log(client, NS_LOGCATEGORY_CLIENT,
284 * the caller must no longer use the client object as it may have been
288 exit_check(ns_client_t *client) {
292 REQUIRE(NS_CLIENT_VALID(client));
293 manager = client->manager;
295 if (client->state <= client->newstate)
298 INSIST(client->newstate < NS_CLIENTSTATE_RECURSING);
306 * - The client does not detach from the view until references is zero
311 if (client->nupdates == 0 &&
312 client->newstate == NS_CLIENTSTATE_FREED && client->view != NULL)
313 dns_view_detach(&client->view);
315 if (client->state == NS_CLIENTSTATE_WORKING ||
316 client->state == NS_CLIENTSTATE_RECURSING)
318 INSIST(client->newstate <= NS_CLIENTSTATE_READING);
322 if (client->nupdates > 0)
328 if (client->nsends > 0) {
330 if (TCP_CLIENT(client))
331 socket = client->tcpsocket;
333 socket = client->udpsocket;
334 isc_socket_cancel(socket, client->task,
338 if (! (client->nsends == 0 && client->nrecvs == 0 &&
339 client->references == 0))
351 * the client is no longer on the recursing list.
353 * We need to check whether the client is still linked,
357 if (client->state == NS_CLIENTSTATE_RECURSING) {
359 if (ISC_LINK_LINKED(client, rlink))
361 client, rlink);
364 ns_client_endrequest(client);
366 client->state = NS_CLIENTSTATE_READING;
367 INSIST(client->recursionquota == NULL);
369 if (NS_CLIENTSTATE_READING == client->newstate) {
370 client_read(client);
371 client->newstate = NS_CLIENTSTATE_MAX;
376 if (client->state == NS_CLIENTSTATE_READING) {
381 INSIST(client->recursionquota == NULL);
382 INSIST(client->newstate <= NS_CLIENTSTATE_READY);
383 if (client->nreads > 0)
384 dns_tcpmsg_cancelread(&client->tcpmsg);
385 if (! client->nreads == 0) {
390 if (client->tcpmsg_valid) {
391 dns_tcpmsg_invalidate(&client->tcpmsg);
392 client->tcpmsg_valid = ISC_FALSE;
394 if (client->tcpsocket != NULL) {
396 isc_socket_detach(&client->tcpsocket);
399 if (client->tcpquota != NULL)
400 isc_quota_detach(&client->tcpquota);
402 if (client->timerset) {
403 (void)isc_timer_reset(client->timer,
406 client->timerset = ISC_FALSE;
409 client->peeraddr_valid = ISC_FALSE;
411 client->state = NS_CLIENTSTATE_READY;
412 INSIST(client->recursionquota == NULL);
415 * Now the client is ready to accept a new TCP connection
417 * that already. Check whether this client needs to remain
421 * may remain active if we have fewer active TCP client
424 if (client->mortal && TCP_CLIENT(client) && !ns_g_clienttest) {
425 LOCK(&client->interface->lock);
426 if (client->interface->ntcpcurrent <
427 client->interface->ntcptarget)
428 client->mortal = ISC_FALSE;
429 UNLOCK(&client->interface->lock);
433 * We don't need the client; send it to the inactive
436 if (client->mortal) {
437 if (client->newstate > NS_CLIENTSTATE_INACTIVE)
438 client->newstate = NS_CLIENTSTATE_INACTIVE;
441 if (NS_CLIENTSTATE_READY == client->newstate) {
442 if (TCP_CLIENT(client)) {
443 client_accept(client);
445 client_udprecv(client);
446 client->newstate = NS_CLIENTSTATE_MAX;
451 if (client->state == NS_CLIENTSTATE_READY) {
452 INSIST(client->newstate <= NS_CLIENTSTATE_INACTIVE);
457 if (client->naccepts > 0)
458 isc_socket_cancel(client->tcplistener, client->task,
462 if (! (client->naccepts == 0))
466 if (client->nrecvs > 0)
467 isc_socket_cancel(client->udpsocket, client->task,
471 if (! (client->nrecvs == 0))
475 if (client->nctls > 0)
478 /* Deactivate the client. */
479 if (client->interface)
480 ns_interface_detach(&client->interface);
482 INSIST(client->naccepts == 0);
483 INSIST(client->recursionquota == NULL);
484 if (client->tcplistener != NULL)
485 isc_socket_detach(&client->tcplistener);
487 if (client->udpsocket != NULL)
488 isc_socket_detach(&client->udpsocket);
490 if (client->dispatch != NULL)
491 dns_dispatch_detach(&client->dispatch);
493 client->attributes = 0;
494 client->mortal = ISC_FALSE;
497 * Put the client on the inactive list. If we are aiming for
501 * the dying client inbetween.
503 client->state = NS_CLIENTSTATE_INACTIVE;
504 INSIST(client->recursionquota == NULL);
506 if (client->state == client->newstate) {
507 client->newstate = NS_CLIENTSTATE_MAX;
510 ISC_QUEUE_PUSH(manager->inactive, client,
512 if (client->needshutdown)
513 isc_task_shutdown(client->task);
518 if (client->state == NS_CLIENTSTATE_INACTIVE) {
519 INSIST(client->newstate == NS_CLIENTSTATE_FREED);
521 * We are trying to free the client.
528 REQUIRE(client->state == NS_CLIENTSTATE_INACTIVE);
530 INSIST(client->recursionquota == NULL);
531 INSIST(!ISC_QLINK_LINKED(client, ilink));
533 ns_query_free(client);
534 isc_mem_put(client->mctx, client->recvbuf, RECV_BUFFER_SIZE);
535 isc_event_free((isc_event_t **)&client->sendevent);
536 isc_event_free((isc_event_t **)&client->recvevent);
537 isc_timer_detach(&client->timer);
539 if (client->tcpbuf != NULL)
540 isc_mem_put(client->mctx, client->tcpbuf,
542 if (client->opt != NULL) {
543 INSIST(dns_rdataset_isassociated(client->opt));
544 dns_rdataset_disassociate(client->opt);
545 dns_message_puttemprdataset(client->message,
546 &client->opt);
549 dns_message_destroy(&client->message);
552 ISC_LIST_UNLINK(manager->clients, client, link);
564 * client->task.
566 if (client->task != NULL)
567 isc_task_detach(&client->task);
570 client->magic = 0;
576 if (ns_g_clienttest && isc_mem_references(client->mctx) != 1) {
577 isc_mem_stats(client->mctx, stderr);
580 isc_mem_putanddetach(&client->mctx, client, sizeof(*client));
590 * The client's task has received the client's control event
595 ns_client_t *client = (ns_client_t *) event->ev_arg;
597 INSIST(task == client->task);
601 INSIST(client->nctls == 1);
602 client->nctls--;
604 if (exit_check(client))
607 if (TCP_CLIENT(client)) {
608 client_accept(client);
610 client_udprecv(client);
616 * The client's task has received a shutdown event.
620 ns_client_t *client;
624 client = event->ev_arg;
625 REQUIRE(NS_CLIENT_VALID(client));
626 REQUIRE(task == client->task);
634 if (client->shutdown != NULL) {
635 (client->shutdown)(client->shutdown_arg, ISC_R_SHUTTINGDOWN);
636 client->shutdown = NULL;
637 client->shutdown_arg = NULL;
640 if (ISC_QLINK_LINKED(client, ilink))
641 ISC_QUEUE_UNLINK(client->manager->inactive, client, ilink);
643 client->newstate = NS_CLIENTSTATE_FREED;
644 client->needshutdown = ISC_FALSE;
645 (void)exit_check(client);
649 ns_client_endrequest(ns_client_t *client) {
650 INSIST(client->naccepts == 0);
651 INSIST(client->nreads == 0);
652 INSIST(client->nsends == 0);
653 INSIST(client->nrecvs == 0);
654 INSIST(client->nupdates == 0);
655 INSIST(client->state == NS_CLIENTSTATE_WORKING ||
656 client->state == NS_CLIENTSTATE_RECURSING);
660 if (client->next != NULL) {
661 (client->next)(client);
662 client->next = NULL;
665 if (client->view != NULL)
666 dns_view_detach(&client->view);
667 if (client->opt != NULL) {
668 INSIST(dns_rdataset_isassociated(client->opt));
669 dns_rdataset_disassociate(client->opt);
670 dns_message_puttemprdataset(client->message, &client->opt);
673 client->signer = NULL;
674 client->udpsize = 512;
675 client->extflags = 0;
676 client->ednsversion = -1;
677 dns_message_reset(client->message, DNS_MESSAGE_INTENTPARSE);
679 if (client->recursionquota != NULL)
680 isc_quota_detach(&client->recursionquota);
683 * Clear all client attributes that are specific to
686 client->attributes &= NS_CLIENTATTR_TCP;
690 ns_client_next(ns_client_t *client, isc_result_t result) {
693 REQUIRE(NS_CLIENT_VALID(client));
694 REQUIRE(client->state == NS_CLIENTSTATE_WORKING ||
695 client->state == NS_CLIENTSTATE_RECURSING ||
696 client->state == NS_CLIENTSTATE_READING);
701 ns_client_log(client, DNS_LOGCATEGORY_SECURITY,
710 if (result == ISC_R_SUCCESS && TCP_CLIENT(client))
715 if (client->newstate > newstate)
716 client->newstate = newstate;
717 (void)exit_check(client);
723 ns_client_t *client;
728 client = sevent->ev_arg;
729 REQUIRE(NS_CLIENT_VALID(client));
730 REQUIRE(task == client->task);
731 REQUIRE(sevent == client->sendevent);
738 ns_client_log(client, NS_LOGCATEGORY_CLIENT,
743 INSIST(client->nsends > 0);
744 client->nsends--;
746 if (client->tcpbuf != NULL) {
747 INSIST(TCP_CLIENT(client));
748 isc_mem_put(client->mctx, client->tcpbuf, TCP_BUFFER_SIZE);
749 client->tcpbuf = NULL;
752 ns_client_next(client, ISC_R_SUCCESS);
764 client_allocsendbuf(ns_client_t *client, isc_buffer_t *buffer,
776 if (TCP_CLIENT(client)) {
777 INSIST(client->tcpbuf == NULL);
782 client->tcpbuf = isc_mem_get(client->mctx, TCP_BUFFER_SIZE);
783 if (client->tcpbuf == NULL) {
787 data = client->tcpbuf;
798 if (client->udpsize < SEND_BUFFER_SIZE)
799 bufsize = client->udpsize;
816 client_sendpkg(ns_client_t *client, isc_buffer_t *buffer) {
826 if (TCP_CLIENT(client)) {
827 socket = client->tcpsocket;
830 socket = client->udpsocket;
831 address = &client->peeraddr;
833 isc_netaddr_fromsockaddr(&netaddr, &client->peeraddr);
844 if ((client->attributes & NS_CLIENTATTR_PKTINFO) != 0 &&
845 (client->attributes & NS_CLIENTATTR_MULTICAST) == 0)
846 pktinfo = &client->pktinfo;
854 result = isc_socket_sendto2(socket, &r, client->task,
856 client->sendevent, sockflags);
858 client->nsends++;
860 client_senddone(client->task,
861 (isc_event_t *)client->sendevent);
868 ns_client_sendraw(ns_client_t *client, dns_message_t *message) {
876 REQUIRE(NS_CLIENT_VALID(client));
886 result = client_allocsendbuf(client, &buffer, NULL, mr->length,
898 r.base[0] = (client->message->id >> 8) & 0xff;
899 r.base[1] = client->message->id & 0xff;
901 result = client_sendpkg(client, &buffer);
906 if (client->tcpbuf != NULL) {
907 isc_mem_put(client->mctx, client->tcpbuf, TCP_BUFFER_SIZE);
908 client->tcpbuf = NULL;
910 ns_client_next(client, result);
914 ns_client_send(ns_client_t *client) {
927 REQUIRE(NS_CLIENT_VALID(client));
931 if ((client->attributes & NS_CLIENTATTR_RA) != 0)
932 client->message->flags |= DNS_MESSAGEFLAG_RA;
934 if ((client->attributes & NS_CLIENTATTR_WANTDNSSEC) != 0)
940 if (client->view != NULL) {
941 if (client->view->preferred_glue == dns_rdatatype_a)
943 else if (client->view->preferred_glue == dns_rdatatype_aaaa)
953 * and that we either have no signatures that the client wants
958 if ((client->attributes & NS_CLIENTATTR_FILTER_AAAA) != 0) {
968 result = client_allocsendbuf(client, &buffer, &tcpbuffer, 0,
973 result = dns_compress_init(&cctx, -1, client->mctx);
979 result = dns_message_renderbegin(client->message, &cctx, &buffer);
983 if (client->opt != NULL) {
984 result = dns_message_setopt(client->message, client->opt);
986 client->opt = NULL;
990 result = dns_message_rendersection(client->message,
993 client->message->flags |= DNS_MESSAGEFLAG_TC;
1002 if ((client->message->flags & DNS_MESSAGEFLAG_TC) != 0)
1005 result = dns_message_rendersection(client->message,
1010 client->message->flags |= DNS_MESSAGEFLAG_TC;
1015 result = dns_message_rendersection(client->message,
1020 client->message->flags |= DNS_MESSAGEFLAG_TC;
1025 result = dns_message_rendersection(client->message,
1031 result = dns_message_renderend(client->message);
1041 if (TCP_CLIENT(client)) {
1045 result = client_sendpkg(client, &tcpbuffer);
1047 result = client_sendpkg(client, &buffer);
1055 if (client->message->tsigkey != NULL) {
1059 if (client->message->sig0key != NULL) {
1063 if ((client->message->flags & DNS_MESSAGEFLAG_TC) != 0)
1071 if (client->tcpbuf != NULL) {
1072 isc_mem_put(client->mctx, client->tcpbuf, TCP_BUFFER_SIZE);
1073 client->tcpbuf = NULL;
1079 ns_client_next(client, result);
1111 ns_client_error(ns_client_t *client, isc_result_t result) {
1115 REQUIRE(NS_CLIENT_VALID(client));
1119 message = client->message;
1127 ns_client_dropport(isc_sockaddr_getport(&client->peeraddr)) !=
1135 ns_client_log(client, DNS_LOGCATEGORY_SECURITY,
1139 ns_client_next(client, ISC_R_SUCCESS);
1148 if (client->view != NULL && client->view->rrl != NULL) {
1156 rrl_result = dns_rrl(client->view, &client->peeraddr,
1157 TCP_CLIENT(client),
1159 NULL, result, client->now,
1169 ns_client_log(client,
1179 if (!client->view->rrl->log_only) {
1184 ns_client_next(client, DNS_R_DROP);
1210 ns_client_next(client, result);
1218 * with the same ID to the same client less than two
1226 if (isc_sockaddr_equal(&client->peeraddr,
1227 &client->formerrcache.addr) &&
1228 message->id == client->formerrcache.id &&
1229 client->requesttime - client->formerrcache.time < 2) {
1231 ns_client_log(client, NS_LOGCATEGORY_CLIENT,
1235 ns_client_next(client, result);
1238 client->formerrcache.addr = client->peeraddr;
1239 client->formerrcache.time = client->requesttime;
1240 client->formerrcache.id = message->id;
1242 ns_client_send(client);
1246 client_addopt(ns_client_t *client) {
1256 REQUIRE(client->opt == NULL); /* XXXRTH free old. */
1258 view = client->view;
1265 flags = client->extflags & DNS_MESSAGEEXTFLAG_REPLYPRESERVE;
1268 if ((client->attributes & NS_CLIENTATTR_WANTNSID) != 0 &&
1287 result = dns_message_buildopt(client->message, &client->opt, 0,
1371 process_opt(ns_client_t *client, dns_rdataset_t *opt) {
1379 * Set the client's UDP buffer size.
1381 client->udpsize = opt->rdclass;
1387 if (client->udpsize < 512)
1388 client->udpsize = 512;
1393 client->extflags = (isc_uint16_t)(opt->ttl & 0xFFFF);
1400 client->ednsversion = (opt->ttl & 0x00FF0000) >> 16;
1401 if (client->ednsversion > 0) {
1404 result = client_addopt(client);
1407 ns_client_error(client, result);
1423 client->attributes |= NS_CLIENTATTR_WANTNSID;
1438 result = client_addopt(client);
1440 ns_client_error(client, result);
1453 ns_client_t *client;
1470 client = event->ev_arg;
1471 REQUIRE(NS_CLIENT_VALID(client));
1472 REQUIRE(task == client->task);
1474 INSIST(client->recursionquota == NULL);
1476 INSIST(client->state == (TCP_CLIENT(client) ?
1483 INSIST(!TCP_CLIENT(client));
1485 REQUIRE(sevent == client->recvevent);
1491 client->peeraddr = sevent->address;
1492 client->peeraddr_valid = ISC_TRUE;
1495 client->attributes |= NS_CLIENTATTR_PKTINFO;
1496 client->pktinfo = sevent->pktinfo;
1499 client->attributes |= NS_CLIENTATTR_MULTICAST;
1500 client->nrecvs--;
1502 INSIST(TCP_CLIENT(client));
1504 REQUIRE(event->ev_sender == &client->tcpmsg);
1505 buffer = &client->tcpmsg.buffer;
1506 result = client->tcpmsg.result;
1507 INSIST(client->nreads == 1);
1509 * client->peeraddr was set when the connection was accepted.
1511 client->nreads--;
1514 if (exit_check(client))
1516 client->state = client->newstate = NS_CLIENTSTATE_WORKING;
1518 isc_task_getcurrenttime(task, &client->requesttime);
1519 client->now = client->requesttime;
1522 if (TCP_CLIENT(client)) {
1523 ns_client_next(client, result);
1529 "UDP client handler shutting "
1533 isc_task_shutdown(client->task);
1538 isc_netaddr_fromsockaddr(&netaddr, &client->peeraddr);
1541 if (ns_client_dropport(isc_sockaddr_getport(&client->peeraddr)) ==
1543 ns_client_log(client, DNS_LOGCATEGORY_SECURITY,
1546 ns_client_next(client, ISC_R_SUCCESS);
1551 ns_client_log(client, NS_LOGCATEGORY_CLIENT,
1554 TCP_CLIENT(client) ? "TCP" : "UDP");
1560 if (!TCP_CLIENT(client)) {
1568 ns_client_log(client, DNS_LOGCATEGORY_SECURITY,
1571 ns_client_next(client, ISC_R_SUCCESS);
1580 if ((client->attributes & NS_CLIENTATTR_MULTICAST) != 0) {
1581 ns_client_log(client, NS_LOGCATEGORY_CLIENT,
1584 ns_client_next(client, DNS_R_REFUSED);
1594 ns_client_next(client, result);
1599 * The client object handles requests, not responses.
1604 if (TCP_CLIENT(client)) {
1606 ns_client_next(client, DNS_R_FORMERR);
1609 dns_dispatch_importrecv(client->dispatch, event);
1610 ns_client_next(client, ISC_R_SUCCESS);
1618 if (isc_sockaddr_pf(&client->peeraddr) == PF_INET) {
1625 if (TCP_CLIENT(client))
1632 result = dns_message_parse(client->message, buffer, 0);
1638 ns_client_error(client, result);
1643 client->message->opcode);
1644 switch (client->message->opcode) {
1656 client->message->rcode = dns_rcode_noerror;
1659 if ((client->attributes & NS_CLIENTATTR_MULTICAST) != 0)
1660 client->message->flags &= ~DNS_MESSAGEFLAG_RD;
1665 opt = dns_message_getopt(client->message);
1667 result = process_opt(client, opt);
1672 if (client->message->rdclass == 0) {
1673 ns_client_log(client, NS_LOGCATEGORY_CLIENT,
1676 ns_client_dumpmessage(client,
1678 ns_client_error(client, notimp ? DNS_R_NOTIMP : DNS_R_FORMERR);
1693 if ((client->interface->flags & NS_INTERFACEFLAG_ANYADDR) == 0)
1694 isc_netaddr_fromsockaddr(&client->destaddr,
1695 &client->interface->addr);
1700 if (TCP_CLIENT(client))
1701 result = isc_socket_getsockname(client->tcpsocket,
1704 isc_netaddr_fromsockaddr(&client->destaddr, &sockaddr);
1706 client->interface->addr.type.sa.sa_family == AF_INET6 &&
1707 (client->attributes & NS_CLIENTATTR_PKTINFO) != 0) {
1716 isc_netaddr_fromin6(&client->destaddr,
1717 &client->pktinfo.ipi6_addr);
1718 if (IN6_IS_ADDR_LINKLOCAL(&client->pktinfo.ipi6_addr))
1719 isc_netaddr_setzone(&client->destaddr,
1720 client->pktinfo.ipi6_ifindex);
1728 ns_client_next(client, ISC_R_SUCCESS);
1734 * Find a view that matches the client's source address.
1739 if (client->message->rdclass == view->rdclass ||
1740 client->message->rdclass == dns_rdataclass_any)
1744 sigresult = dns_message_rechecksig(client->message,
1747 tsig = dns_tsigkey_identity(client->message->tsigkey);
1750 allowed(&client->destaddr, tsig,
1752 !((client->message->flags & DNS_MESSAGEFLAG_RD)
1755 dns_view_attach(view, &client->view);
1772 dns_message_resetsig(client->message);
1774 r = dns_message_getrawmessage(client->message);
1777 (void)dns_tsig_verify(&b, client->message, NULL, NULL);
1779 dns_rdataclass_format(client->message->rdclass, classname,
1781 ns_client_log(client, NS_LOGCATEGORY_CLIENT,
1784 ns_client_dumpmessage(client, "no matching view in class");
1785 ns_client_error(client, notimp ? DNS_R_NOTIMP : DNS_R_REFUSED);
1789 ns_client_log(client, NS_LOGCATEGORY_CLIENT,
1799 client->signer = NULL;
1800 dns_name_init(&client->signername, NULL);
1801 result = dns_message_signer(client->message, &client->signername);
1804 if (dns_message_gettsig(client->message, &signame) != NULL) {
1815 dns_name_format(&client->signername, namebuf, sizeof(namebuf));
1816 ns_client_log(client, DNS_LOGCATEGORY_SECURITY,
1819 client->signer = &client->signername;
1821 ns_client_log(client, DNS_LOGCATEGORY_SECURITY,
1825 ns_client_log(client, DNS_LOGCATEGORY_SECURITY,
1838 if (dns_message_gettsig(client->message, &signame) != NULL) {
1842 status = client->message->tsigstatus;
1847 if (client->message->tsigkey->generated) {
1848 dns_name_format(client->message->tsigkey->creator,
1850 ns_client_log(client, DNS_LOGCATEGORY_SECURITY,
1859 ns_client_log(client, DNS_LOGCATEGORY_SECURITY,
1868 status = client->message->sig0status;
1873 ns_client_log(client, DNS_LOGCATEGORY_SECURITY,
1883 if (!(client->message->tsigstatus == dns_tsigerror_badkey &&
1884 client->message->opcode == dns_opcode_update)) {
1885 ns_client_error(client, sigresult);
1891 * Decide whether recursive service is available to this client.
1898 if (client->view->resolver != NULL &&
1899 client->view->recursion == ISC_TRUE &&
1900 ns_client_checkaclsilent(client, NULL,
1901 client->view->recursionacl,
1903 ns_client_checkaclsilent(client, NULL,
1904 client->view->cacheacl,
1906 ns_client_checkaclsilent(client, &client->destaddr,
1907 client->view->recursiononacl,
1909 ns_client_checkaclsilent(client, &client->destaddr,
1910 client->view->cacheonacl,
1915 client->attributes |= NS_CLIENTATTR_RA;
1917 ns_client_log(client, DNS_LOGCATEGORY_SECURITY, NS_LOGMODULE_CLIENT,
1922 * Adjust maximum UDP response size for this client.
1924 if (client->udpsize > 512) {
1930 if (client->udpsize > udpsize)
1931 client->udpsize = udpsize;
1937 switch (client->message->opcode) {
1940 ns_query_start(client);
1944 ns_client_settimeout(client, 60);
1945 ns_update_start(client, sigresult);
1949 ns_client_settimeout(client, 60);
1950 ns_notify_start(client);
1954 ns_client_error(client, DNS_R_NOTIMP);
1958 ns_client_error(client, DNS_R_NOTIMP);
1967 ns_client_t *client;
1972 client = event->ev_arg;
1973 REQUIRE(NS_CLIENT_VALID(client));
1974 REQUIRE(task == client->task);
1975 REQUIRE(client->timer != NULL);
1983 if (client->shutdown != NULL) {
1984 (client->shutdown)(client->shutdown_arg, ISC_R_TIMEDOUT);
1985 client->shutdown = NULL;
1986 client->shutdown_arg = NULL;
1989 if (client->newstate > NS_CLIENTSTATE_READY)
1990 client->newstate = NS_CLIENTSTATE_READY;
1991 (void)exit_check(client);
2010 isc_mem_setname(*mctxp, "client", NULL);
2025 isc_mem_setname(clientmctx, "client", NULL);
2040 ns_client_t *client;
2047 * Note: creating a client does not add the client to the
2048 * manager's client list or set the client's manager pointer.
2058 client = isc_mem_get(mctx, sizeof(*client));
2059 if (client == NULL) {
2063 client->mctx = mctx;
2065 client->task = NULL;
2066 result = isc_task_create(manager->taskmgr, 0, &client->task);
2069 isc_task_setname(client->task, "client", client);
2071 client->timer = NULL;
2073 NULL, NULL, client->task, client_timeout,
2074 client, &client->timer);
2077 client->timerset = ISC_FALSE;
2079 client->message = NULL;
2080 result = dns_message_create(client->mctx, DNS_MESSAGE_INTENTPARSE,
2081 &client->message);
2087 client->sendevent = (isc_socketevent_t *)
2088 isc_event_allocate(client->mctx, client,
2090 client_senddone, client,
2092 if (client->sendevent == NULL) {
2097 client->recvbuf = isc_mem_get(client->mctx, RECV_BUFFER_SIZE);
2098 if (client->recvbuf == NULL) {
2103 client->recvevent = (isc_socketevent_t *)
2104 isc_event_allocate(client->mctx, client,
2106 client_request, client,
2108 if (client->recvevent == NULL) {
2113 client->magic = NS_CLIENT_MAGIC;
2114 client->manager = NULL;
2115 client->state = NS_CLIENTSTATE_INACTIVE;
2116 client->newstate = NS_CLIENTSTATE_MAX;
2117 client->naccepts = 0;
2118 client->nreads = 0;
2119 client->nsends = 0;
2120 client->nrecvs = 0;
2121 client->nupdates = 0;
2122 client->nctls = 0;
2123 client->references = 0;
2124 client->attributes = 0;
2125 client->view = NULL;
2126 client->dispatch = NULL;
2127 client->udpsocket = NULL;
2128 client->tcplistener = NULL;
2129 client->tcpsocket = NULL;
2130 client->tcpmsg_valid = ISC_FALSE;
2131 client->tcpbuf = NULL;
2132 client->opt = NULL;
2133 client->udpsize = 512;
2134 client->extflags = 0;
2135 client->ednsversion = -1;
2136 client->next = NULL;
2137 client->shutdown = NULL;
2138 client->shutdown_arg = NULL;
2139 client->signer = NULL;
2140 dns_name_init(&client->signername, NULL);
2141 client->mortal = ISC_FALSE;
2142 client->tcpquota = NULL;
2143 client->recursionquota = NULL;
2144 client->interface = NULL;
2145 client->peeraddr_valid = ISC_FALSE;
2147 client->filter_aaaa = dns_v4_aaaa_ok;
2149 client->needshutdown = ns_g_clienttest;
2151 ISC_EVENT_INIT(&client->ctlevent, sizeof(client->ctlevent), 0, NULL,
2152 NS_EVENT_CLIENTCONTROL, client_start, client, client,
2158 isc_sockaddr_any(&client->formerrcache.addr);
2159 client->formerrcache.time = 0;
2160 client->formerrcache.id = 0;
2161 ISC_LINK_INIT(client, link);
2162 ISC_LINK_INIT(client, rlink);
2163 ISC_QLINK_INIT(client, ilink);
2166 * We call the init routines for the various kinds of client here,
2167 * after we have created an otherwise valid client, because some
2168 * of them call routines that REQUIRE(NS_CLIENT_VALID(client)).
2170 result = ns_query_init(client);
2174 result = isc_task_onshutdown(client->task, client_shutdown, client);
2180 *clientp = client;
2185 ns_query_free(client);
2188 isc_event_free((isc_event_t **)&client->recvevent);
2191 isc_mem_put(client->mctx, client->recvbuf, RECV_BUFFER_SIZE);
2194 isc_event_free((isc_event_t **)&client->sendevent);
2196 client->magic = 0;
2199 dns_message_destroy(&client->message);
2202 isc_timer_detach(&client->timer);
2205 isc_task_detach(&client->task);
2208 isc_mem_putanddetach(&client->mctx, client, sizeof(*client));
2214 client_read(ns_client_t *client) {
2219 result = dns_tcpmsg_readmessage(&client->tcpmsg, client->task,
2220 client_request, client);
2228 ns_client_settimeout(client, 30);
2230 client->state = client->newstate = NS_CLIENTSTATE_READING;
2231 INSIST(client->nreads == 0);
2232 INSIST(client->recursionquota == NULL);
2233 client->nreads++;
2237 ns_client_next(client, result);
2242 ns_client_t *client = event->ev_arg;
2247 REQUIRE(NS_CLIENT_VALID(client));
2248 REQUIRE(client->task == task);
2252 INSIST(client->state == NS_CLIENTSTATE_READY);
2254 INSIST(client->naccepts == 1);
2255 client->naccepts--;
2257 LOCK(&client->interface->lock);
2258 INSIST(client->interface->ntcpcurrent > 0);
2259 client->interface->ntcpcurrent--;
2260 UNLOCK(&client->interface->lock);
2267 client->tcpsocket = nevent->newsocket;
2268 isc_socket_setname(client->tcpsocket, "client-tcp", NULL);
2269 client->state = NS_CLIENTSTATE_READING;
2270 INSIST(client->recursionquota == NULL);
2272 (void)isc_socket_getpeername(client->tcpsocket,
2273 &client->peeraddr);
2274 client->peeraddr_valid = ISC_TRUE;
2275 ns_client_log(client, NS_LOGCATEGORY_CLIENT,
2289 ns_client_log(client, NS_LOGCATEGORY_CLIENT,
2295 if (exit_check(client))
2302 isc_netaddr_fromsockaddr(&netaddr, &client->peeraddr);
2311 ns_client_log(client, DNS_LOGCATEGORY_SECURITY,
2314 client->newstate = NS_CLIENTSTATE_READY;
2315 (void)exit_check(client);
2319 INSIST(client->tcpmsg_valid == ISC_FALSE);
2320 dns_tcpmsg_init(client->mctx, client->tcpsocket,
2321 &client->tcpmsg);
2322 client->tcpmsg_valid = ISC_TRUE;
2325 * Let a new client take our place immediately, before
2331 &client->tcpquota);
2333 result = ns_client_replace(client);
2335 ns_client_log(client, NS_LOGCATEGORY_CLIENT,
2341 client_read(client);
2349 client_accept(ns_client_t *client) {
2354 result = isc_socket_accept(client->tcplistener, client->task,
2355 client_newconn, client);
2369 INSIST(client->naccepts == 0);
2370 client->naccepts++;
2371 LOCK(&client->interface->lock);
2372 client->interface->ntcpcurrent++;
2373 UNLOCK(&client->interface->lock);
2377 client_udprecv(ns_client_t *client) {
2383 r.base = client->recvbuf;
2385 result = isc_socket_recv2(client->udpsocket, &r, 1,
2386 client->task, client->recvevent, 0);
2399 INSIST(client->nrecvs == 0);
2400 client->nrecvs++;
2417 ns_client_t *client = *clientp;
2419 client->references--;
2420 INSIST(client->references >= 0);
2422 ns_client_log(client, NS_LOGCATEGORY_CLIENT,
2424 "ns_client_detach: ref = %d", client->references);
2425 (void)exit_check(client);
2429 ns_client_shuttingdown(ns_client_t *client) {
2430 return (ISC_TF(client->newstate == NS_CLIENTSTATE_FREED));
2434 ns_client_replace(ns_client_t *client) {
2439 REQUIRE(client != NULL);
2440 REQUIRE(client->manager != NULL);
2442 result = get_client(client->manager, client->interface,
2443 client->dispatch, TCP_CLIENT(client));
2449 * transferred to the new client. Therefore, the old client
2452 client->mortal = ISC_TRUE;
2548 ns_client_t *client;
2568 for (client = ISC_LIST_HEAD(manager->clients);
2569 client != NULL;
2570 client = ISC_LIST_NEXT(client, link))
2571 isc_task_shutdown(client->task);
2591 ns_client_t *client;
2592 MTRACE("get client");
2600 * Allocate a client. First try to get a recycled one;
2603 client = NULL;
2605 ISC_QUEUE_POP(manager->inactive, ilink, client);
2607 if (client != NULL)
2613 result = client_create(manager, &client);
2619 ISC_LIST_APPEND(manager->clients, client, link);
2623 client->manager = manager;
2624 ns_interface_attach(ifp, &client->interface);
2625 client->state = NS_CLIENTSTATE_READY;
2626 INSIST(client->recursionquota == NULL);
2629 client->attributes |= NS_CLIENTATTR_TCP;
2631 &client->tcplistener);
2635 dns_dispatch_attach(disp, &client->dispatch);
2636 sock = dns_dispatch_getsocket(client->dispatch);
2637 isc_socket_attach(sock, &client->udpsocket);
2640 INSIST(client->nctls == 0);
2641 client->nctls++;
2642 ev = &client->ctlevent;
2643 isc_task_send(client->task, &ev);
2670 ns_client_getsockaddr(ns_client_t *client) {
2671 return (&client->peeraddr);
2675 ns_client_checkaclsilent(ns_client_t *client, isc_netaddr_t *netaddr,
2690 isc_netaddr_fromsockaddr(&tmpnetaddr, &client->peeraddr);
2694 result = dns_acl_match(netaddr, client->signer, acl,
2711 ns_client_checkacl(ns_client_t *client, isc_sockaddr_t *sockaddr,
2721 result = ns_client_checkaclsilent(client, sockaddr ? &netaddr : NULL,
2725 ns_client_log(client, DNS_LOGCATEGORY_SECURITY,
2729 ns_client_log(client, DNS_LOGCATEGORY_SECURITY,
2736 ns_client_name(ns_client_t *client, char *peerbuf, size_t len) {
2737 if (client->peeraddr_valid)
2738 isc_sockaddr_format(&client->peeraddr, peerbuf,
2741 snprintf(peerbuf, len, "@%p", client);
2745 ns_client_logv(ns_client_t *client, isc_logcategory_t *category,
2758 ns_client_name(client, peerbuf, sizeof(peerbuf));
2760 if (client->signer != NULL) {
2761 dns_name_format(client->signer, signerbuf, sizeof(signerbuf));
2766 q = client->query.origqname != NULL
2767 ? client->query.origqname : client->query.qname;
2775 if (client->view != NULL && strcmp(client->view->name, "_bind") != 0 &&
2776 strcmp(client->view->name, "_default") != 0) {
2778 viewname = client->view->name;
2782 "client %s%s%s%s%s%s%s%s: %s",
2788 ns_client_log(ns_client_t *client, isc_logcategory_t *category,
2797 ns_client_logv(client, category, module, level, fmt, ap);
2817 ns_client_dumpmessage(ns_client_t *client, const char *reason) {
2829 buf = isc_mem_get(client->mctx, len);
2833 result = dns_message_totext(client->message,
2837 isc_mem_put(client->mctx, buf, len);
2840 ns_client_log(client, NS_LOGCATEGORY_UNMATCHED,
2848 isc_mem_put(client->mctx, buf, len);
2853 ns_client_t *client;
2867 client = ISC_LIST_HEAD(manager->recursing);
2868 while (client != NULL) {
2869 INSIST(client->state == NS_CLIENTSTATE_RECURSING);
2871 ns_client_name(client, peerbuf, sizeof(peerbuf));
2872 if (client->view != NULL &&
2873 strcmp(client->view->name, "_bind") != 0 &&
2874 strcmp(client->view->name, "_default") != 0) {
2875 name = client->view->name;
2882 LOCK(&client->query.fetchlock);
2883 INSIST(client->query.qname != NULL);
2884 dns_name_format(client->query.qname, namebuf, sizeof(namebuf));
2885 if (client->query.qname != client->query.origqname &&
2886 client->query.origqname != NULL) {
2888 dns_name_format(client->query.origqname, original,
2894 rdataset = ISC_LIST_HEAD(client->query.qname->list);
2895 if (rdataset == NULL && client->query.origqname != NULL)
2896 rdataset = ISC_LIST_HEAD(client->query.origqname->list);
2906 UNLOCK(&client->query.fetchlock);
2907 fprintf(f, "; client %s%s%s: id %u '%s/%s/%s'%s%s "
2909 client->message->id, namebuf, typebuf, classbuf,
2910 origfor, original, client->requesttime);
2911 client = ISC_LIST_NEXT(client, rlink);
2917 ns_client_qnamereplace(ns_client_t *client, dns_name_t *name) {
2918 LOCK(&client->query.fetchlock);
2919 if (client->query.restarts > 0) {
2921 * client->query.qname was dynamically allocated.
2923 dns_message_puttempname(client->message,
2924 &client->query.qname);
2926 client->query.qname = name;
2927 UNLOCK(&client->query.fetchlock);
2932 ns_client_t *client = (ns_client_t *) ci->data;
2934 REQUIRE(NS_CLIENT_VALID(client));
2937 *addrp = &client->peeraddr;