nsd.h revision 1.10
1/* 2 * nsd.h -- nsd(8) definitions and prototypes 3 * 4 * Copyright (c) 2001-2006, NLnet Labs. All rights reserved. 5 * 6 * See LICENSE for the license. 7 * 8 */ 9 10#ifndef _NSD_H_ 11#define _NSD_H_ 12 13#include <signal.h> 14#include <net/if.h> 15#ifndef IFNAMSIZ 16# ifdef IF_NAMESIZE 17# define IFNAMSIZ IF_NAMESIZE 18# else 19# define IFNAMSIZ 16 20# endif 21#endif 22#ifdef HAVE_OPENSSL_SSL_H 23#include <openssl/ssl.h> 24#endif 25 26#include "dns.h" 27#include "edns.h" 28#include "bitset.h" 29struct netio_handler; 30struct nsd_options; 31struct udb_base; 32struct daemon_remote; 33#ifdef USE_DNSTAP 34struct dt_collector; 35#endif 36 37/* The NSD runtime states and NSD ipc command values */ 38#define NSD_RUN 0 39#define NSD_RELOAD 1 40#define NSD_SHUTDOWN 2 41#define NSD_STATS 3 42#define NSD_REAP_CHILDREN 4 43#define NSD_QUIT 5 44/* 45 * PASS_TO_XFRD is followed by the u16(len in network order) and 46 * then network packet contents. packet is a notify(acl checked), or 47 * xfr reply from a master(acl checked). 48 * followed by u32(acl number that matched from notify/xfr acl). 49 */ 50#define NSD_PASS_TO_XFRD 6 51/* 52 * RELOAD_REQ is sent when parent receives a SIGHUP and tells 53 * xfrd that it wants to initiate a reload (and thus task swap). 54 */ 55#define NSD_RELOAD_REQ 7 56/* 57 * RELOAD_DONE is sent at the end of a reload pass. 58 * xfrd then knows that reload phase is over. 59 */ 60#define NSD_RELOAD_DONE 8 61/* 62 * QUIT_SYNC is sent to signify a synchronisation of ipc 63 * channel content during reload 64 */ 65#define NSD_QUIT_SYNC 9 66/* 67 * QUIT_WITH_STATS is sent during a reload when BIND8_STATS is defined, 68 * from parent to children. The stats are transferred too from child to 69 * parent with this commandvalue, when the child is exiting. 70 */ 71#define NSD_QUIT_WITH_STATS 10 72/* 73 * QUIT_CHILD is sent at exit, to make sure the child has exited so that 74 * port53 is free when all of nsd's processes have exited at shutdown time 75 */ 76#define NSD_QUIT_CHILD 11 77 78#define NSD_SERVER_MAIN 0x0U 79#define NSD_SERVER_UDP 0x1U 80#define NSD_SERVER_TCP 0x2U 81#define NSD_SERVER_BOTH (NSD_SERVER_UDP | NSD_SERVER_TCP) 82 83#ifdef INET6 84#define DEFAULT_AI_FAMILY AF_UNSPEC 85#else 86#define DEFAULT_AI_FAMILY AF_INET 87#endif 88 89#ifdef BIND8_STATS 90/* Counter for statistics */ 91typedef unsigned long stc_type; 92 93#define LASTELEM(arr) (sizeof(arr) / sizeof(arr[0]) - 1) 94 95#define STATUP(nsd, stc) nsd->st.stc++ 96/* #define STATUP2(nsd, stc, i) ((i) <= (LASTELEM(nsd->st.stc) - 1)) ? nsd->st.stc[(i)]++ : \ 97 nsd->st.stc[LASTELEM(nsd->st.stc)]++ */ 98 99#define STATUP2(nsd, stc, i) nsd->st.stc[(i) <= (LASTELEM(nsd->st.stc) - 1) ? i : LASTELEM(nsd->st.stc)]++ 100#else /* BIND8_STATS */ 101 102#define STATUP(nsd, stc) /* Nothing */ 103#define STATUP2(nsd, stc, i) /* Nothing */ 104 105#endif /* BIND8_STATS */ 106 107#ifdef USE_ZONE_STATS 108/* increment zone statistic, checks if zone-nonNULL and zone array bounds */ 109#define ZTATUP(nsd, zone, stc) ( \ 110 (zone && zone->zonestatid < nsd->zonestatsizenow) ? \ 111 nsd->zonestatnow[zone->zonestatid].stc++ \ 112 : 0) 113#define ZTATUP2(nsd, zone, stc, i) ( \ 114 (zone && zone->zonestatid < nsd->zonestatsizenow) ? \ 115 (nsd->zonestatnow[zone->zonestatid].stc[(i) <= (LASTELEM(nsd->zonestatnow[zone->zonestatid].stc) - 1) ? i : LASTELEM(nsd->zonestatnow[zone->zonestatid].stc)]++ ) \ 116 : 0) 117#else /* USE_ZONE_STATS */ 118#define ZTATUP(nsd, zone, stc) /* Nothing */ 119#define ZTATUP2(nsd, zone, stc, i) /* Nothing */ 120#endif /* USE_ZONE_STATS */ 121 122#define NSD_SOCKET_IS_OPTIONAL (1<<0) 123#define NSD_BIND_DEVICE (1<<1) 124 125struct nsd_addrinfo 126{ 127 int ai_flags; 128 int ai_family; 129 int ai_socktype; 130 socklen_t ai_addrlen; 131 struct sockaddr_storage ai_addr; 132}; 133 134struct nsd_socket 135{ 136 struct nsd_addrinfo addr; 137 int s; 138 int flags; 139 struct nsd_bitset *servers; 140 char device[IFNAMSIZ]; 141 int fib; 142}; 143 144struct nsd_child 145{ 146#ifdef HAVE_CPUSET_T 147 /* Processor(s) that child process must run on (if applicable). */ 148 cpuset_t *cpuset; 149#endif 150 151 /* The type of child process (UDP or TCP handler). */ 152 int kind; 153 154 /* The child's process id. */ 155 pid_t pid; 156 157 /* child number in child array */ 158 int child_num; 159 160 /* 161 * Socket used by the parent process to send commands and 162 * receive responses to/from this child process. 163 */ 164 int child_fd; 165 166 /* 167 * Socket used by the child process to receive commands and 168 * send responses from/to the parent process. 169 */ 170 int parent_fd; 171 172 /* 173 * IPC info, buffered for nonblocking writes to the child 174 */ 175 uint8_t need_to_send_STATS, need_to_send_QUIT; 176 uint8_t need_to_exit, has_exited; 177 178 /* 179 * The handler for handling the commands from the child. 180 */ 181 struct netio_handler* handler; 182 183#ifdef BIND8_STATS 184 stc_type query_count; 185#endif 186}; 187 188/* NSD configuration and run-time variables */ 189typedef struct nsd nsd_type; 190struct nsd 191{ 192 /* 193 * Global region that is not deallocated until NSD shuts down. 194 */ 195 region_type *region; 196 197 /* Run-time variables */ 198 pid_t pid; 199 volatile sig_atomic_t mode; 200 volatile sig_atomic_t signal_hint_reload_hup; 201 volatile sig_atomic_t signal_hint_reload; 202 volatile sig_atomic_t signal_hint_child; 203 volatile sig_atomic_t signal_hint_quit; 204 volatile sig_atomic_t signal_hint_shutdown; 205 volatile sig_atomic_t signal_hint_stats; 206 volatile sig_atomic_t signal_hint_statsusr; 207 volatile sig_atomic_t quit_sync_done; 208 unsigned server_kind; 209 struct namedb *db; 210 int debug; 211 212 size_t child_count; 213 struct nsd_child *children; 214 int restart_children; 215 int reload_failed; 216 217 /* NULL if this is the parent process. */ 218 struct nsd_child *this_child; 219 220 /* mmaps with data exchange from xfrd and reload */ 221 struct udb_base* task[2]; 222 int mytask; 223 /* the base used by this (child)process */ 224 struct event_base* event_base; 225 /* the server_region used by this (child)process */ 226 region_type* server_region; 227 struct netio_handler* xfrd_listener; 228 struct daemon_remote* rc; 229 230 /* Configuration */ 231 const char *dbfile; 232 const char *pidfile; 233 const char *log_filename; 234 const char *username; 235 uid_t uid; 236 gid_t gid; 237 const char *chrootdir; 238 const char *version; 239 const char *identity; 240 uint16_t nsid_len; 241 unsigned char *nsid; 242 uint8_t file_rotation_ok; 243 244#ifdef HAVE_CPUSET_T 245 int use_cpu_affinity; 246 cpuset_t* cpuset; 247 cpuset_t* xfrd_cpuset; 248#endif 249 250 /* number of interfaces */ 251 size_t ifs; 252 /* non0 if so_reuseport is in use, if so, tcp, udp array increased */ 253 int reuseport; 254 255 /* TCP specific configuration (array size ifs) */ 256 struct nsd_socket* tcp; 257 258 /* UDP specific configuration (array size ifs) */ 259 struct nsd_socket* udp; 260 261 edns_data_type edns_ipv4; 262#if defined(INET6) 263 edns_data_type edns_ipv6; 264#endif 265 266 int maximum_tcp_count; 267 int current_tcp_count; 268 int tcp_query_count; 269 int tcp_timeout; 270 int tcp_mss; 271 int outgoing_tcp_mss; 272 size_t ipv4_edns_size; 273 size_t ipv6_edns_size; 274 275#ifdef BIND8_STATS 276 277 struct nsdst { 278 time_t boot; 279 int period; /* Produce statistics dump every st_period seconds */ 280 stc_type qtype[257]; /* Counters per qtype */ 281 stc_type qclass[4]; /* Class IN or Class CH or other */ 282 stc_type qudp, qudp6; /* Number of queries udp and udp6 */ 283 stc_type ctcp, ctcp6; /* Number of tcp and tcp6 connections */ 284 stc_type ctls, ctls6; /* Number of tls and tls6 connections */ 285 stc_type rcode[17], opcode[6]; /* Rcodes & opcodes */ 286 /* Dropped, truncated, queries for nonconfigured zone, tx errors */ 287 stc_type dropped, truncated, wrongzone, txerr, rxerr; 288 stc_type edns, ednserr, raxfr, nona; 289 uint64_t db_disk, db_mem; 290 } st; 291 /* per zone stats, each an array per zone-stat-idx, stats per zone is 292 * add of [0][zoneidx] and [1][zoneidx]. */ 293 struct nsdst* zonestat[2]; 294 /* fd for zonestat mapping (otherwise mmaps cannot be shared between 295 * processes and resized) */ 296 int zonestatfd[2]; 297 /* filenames */ 298 char* zonestatfname[2]; 299 /* size of the mmapped zone stat array (number of array entries) */ 300 size_t zonestatsize[2], zonestatdesired, zonestatsizenow; 301 /* current zonestat array to use */ 302 struct nsdst* zonestatnow; 303#endif /* BIND8_STATS */ 304#ifdef USE_DNSTAP 305 /* the dnstap collector process info */ 306 struct dt_collector* dt_collector; 307 /* the pipes from server processes to the dt_collector, 308 * arrays of size child_count. Kept open for (re-)forks. */ 309 int *dt_collector_fd_send, *dt_collector_fd_recv; 310#endif /* USE_DNSTAP */ 311 /* ratelimit for errors, time value */ 312 time_t err_limit_time; 313 /* ratelimit for errors, packet count */ 314 unsigned int err_limit_count; 315 316 struct nsd_options* options; 317 318#ifdef HAVE_SSL 319 /* TLS specific configuration */ 320 SSL_CTX *tls_ctx; 321#endif 322}; 323 324extern struct nsd nsd; 325 326/* nsd.c */ 327pid_t readpid(const char *file); 328int writepid(struct nsd *nsd); 329void unlinkpid(const char* file); 330void sig_handler(int sig); 331void bind8_stats(struct nsd *nsd); 332 333/* server.c */ 334int server_init(struct nsd *nsd); 335int server_prepare(struct nsd *nsd); 336void server_main(struct nsd *nsd); 337void server_child(struct nsd *nsd); 338void server_shutdown(struct nsd *nsd) ATTR_NORETURN; 339void server_close_all_sockets(struct nsd_socket sockets[], size_t n); 340const char* nsd_event_vs(void); 341const char* nsd_event_method(void); 342struct event_base* nsd_child_event_base(void); 343void service_remaining_tcp(struct nsd* nsd); 344/* extra domain numbers for temporary domains */ 345#define EXTRA_DOMAIN_NUMBERS 1024 346#define SLOW_ACCEPT_TIMEOUT 2 /* in seconds */ 347/* ratelimit for error responses */ 348#define ERROR_RATELIMIT 100 /* qps */ 349/* allocate zonestat structures */ 350void server_zonestat_alloc(struct nsd* nsd); 351/* remap the mmaps for zonestat isx, to bytesize sz. Caller has to set 352 * the zonestatsize */ 353void zonestat_remap(struct nsd* nsd, int idx, size_t sz); 354/* allocate and init xfrd variables */ 355void server_prepare_xfrd(struct nsd *nsd); 356/* start xfrdaemon (again) */ 357void server_start_xfrd(struct nsd *nsd, int del_db, int reload_active); 358/* send SOA serial numbers to xfrd */ 359void server_send_soa_xfrd(struct nsd *nsd, int shortsoa); 360#ifdef HAVE_SSL 361SSL_CTX* server_tls_ctx_setup(char* key, char* pem, char* verifypem); 362SSL_CTX* server_tls_ctx_create(struct nsd *nsd, char* verifypem, char* ocspfile); 363void perform_openssl_init(void); 364#endif 365ssize_t block_read(struct nsd* nsd, int s, void* p, ssize_t sz, int timeout); 366 367#endif /* _NSD_H_ */ 368