1/* 2 * xfrd.h - XFR (transfer) Daemon header file. Coordinates SOA updates. 3 * 4 * Copyright (c) 2001-2006, NLnet Labs. All rights reserved. 5 * 6 * See LICENSE for the license. 7 * 8 */ 9 10#ifndef XFRD_H 11#define XFRD_H 12 13#ifndef USE_MINI_EVENT 14# ifdef HAVE_EVENT_H 15# include <event.h> 16# else 17# include <event2/event.h> 18# include "event2/event_struct.h" 19# include "event2/event_compat.h" 20# endif 21#else 22# include "mini_event.h" 23#endif 24#include "rbtree.h" 25#include "namedb.h" 26#include "options.h" 27#include "dns.h" 28#include "tsig.h" 29 30struct nsd; 31struct region; 32struct buffer; 33struct xfrd_tcp; 34struct xfrd_tcp_set; 35struct notify_zone; 36struct udb_ptr; 37typedef struct xfrd_state xfrd_state_type; 38typedef struct xfrd_xfr xfrd_xfr_type; 39typedef struct xfrd_zone xfrd_zone_type; 40typedef struct xfrd_soa xfrd_soa_type; 41/* 42 * The global state for the xfrd daemon process. 43 * The time_t times are epochs in secs since 1970, absolute times. 44 */ 45struct xfrd_state { 46 /* time when daemon was last started */ 47 time_t xfrd_start_time; 48 struct region* region; 49 struct event_base* event_base; 50 struct nsd* nsd; 51 52 struct xfrd_tcp_set* tcp_set; 53 /* packet buffer for udp packets */ 54 struct buffer* packet; 55 /* udp waiting list, double linked list */ 56 struct xfrd_zone *udp_waiting_first, *udp_waiting_last; 57 /* number of udp sockets (for sending queries) in use */ 58 size_t udp_use_num; 59 /* activated waiting list, double linked list */ 60 struct xfrd_zone *activated_first; 61 62 /* current time is cached */ 63 uint8_t got_time; 64 time_t current_time; 65 66 /* counter for xfr file numbers */ 67 uint64_t xfrfilenumber; 68 69 /* the zonestat array size that we last saw and is safe to use */ 70 unsigned zonestat_safe; 71 /* size currently of the clear array */ 72 size_t zonestat_clear_num; 73 /* array of malloced entries with cumulative cleared stat values */ 74 struct nsdst** zonestat_clear; 75 /* array of child_count size with cumulative cleared stat values */ 76 struct nsdst* stat_clear; 77 78 /* timer for NSD reload */ 79 struct timeval reload_timeout; 80 struct event reload_handler; 81 int reload_added; 82 /* last reload must have caught all zone updates before this time */ 83 time_t reload_cmd_last_sent; 84 time_t reload_cmd_first_sent; 85 uint8_t reload_failed; 86 uint8_t can_send_reload; 87 pid_t reload_pid; 88 /* timeout for lost sigchild and reaping children */ 89 struct event child_timer; 90 int child_timer_added; 91 92 /* timeout event for zonefiles_write events */ 93 struct event write_timer; 94 /* set to 1 if zones have received xfrs since the last write_timer */ 95 int write_zonefile_needed; 96 97 /* communication channel with server_main */ 98 struct event ipc_handler; 99 int ipc_handler_flags; 100 struct xfrd_tcp *ipc_conn; 101 struct buffer* ipc_pass; 102 /* sending ipc to server_main */ 103 uint8_t need_to_send_shutdown; 104 uint8_t need_to_send_reload; 105 uint8_t need_to_send_stats; 106 uint8_t need_to_send_quit; 107 uint8_t ipc_send_blocked; 108 struct udb_ptr* last_task; 109 110 /* xfrd shutdown flag */ 111 uint8_t shutdown; 112 113 /* tree of zones, by apex name, contains xfrd_zone_type*. Only secondary zones. */ 114 rbtree_type *zones; 115 116 /* tree of zones, by apex name, contains notify_zone*. All zones. */ 117 rbtree_type *notify_zones; 118 /* number of notify_zone active using UDP socket */ 119 int notify_udp_num; 120 /* first and last notify_zone* entries waiting for a UDP socket */ 121 struct notify_zone *notify_waiting_first, *notify_waiting_last; 122 123 /* tree of catalog consumer zones. Processing is disabled if > 1. */ 124 rbtree_type *catalog_consumer_zones; 125 126 /* tree of updated catalog producer zones for which the content to serve */ 127 rbtree_type *catalog_producer_zones; 128}; 129 130/* 131 * XFR daemon SOA information kept in network format. 132 * This is in packet order. 133 */ 134struct xfrd_soa { 135 /* name of RR is zone apex dname */ 136 uint16_t type; /* = TYPE_SOA */ 137 uint16_t klass; /* = CLASS_IN */ 138 uint32_t ttl; 139 uint16_t rdata_count; /* = 7 */ 140 /* format is 1 octet length, + wireformat dname. 141 one more octet since parse_dname_wire_from_packet needs it. 142 maximum size is allocated to avoid memory alloc/free. */ 143 uint8_t prim_ns[MAXDOMAINLEN + 2]; 144 uint8_t email[MAXDOMAINLEN + 2]; 145 uint32_t serial; 146 uint32_t refresh; 147 uint32_t retry; 148 uint32_t expire; 149 uint32_t minimum; 150} ATTR_PACKED; 151 152 153/* 154 * XFRD state for a single zone 155 */ 156struct xfrd_zone { 157 rbnode_type node; 158 159 /* name of the zone */ 160 const dname_type* apex; 161 const char* apex_str; 162 163 /* Three types of soas: 164 * NSD: in use by running server 165 * disk: stored on disk in db/diff file 166 * notified: from notification, could be available on a master. 167 * And the time the soa was acquired (start time for timeouts). 168 * If the time==0, no SOA is available. 169 */ 170 xfrd_soa_type soa_nsd; 171 time_t soa_nsd_acquired; 172 xfrd_soa_type soa_disk; 173 time_t soa_disk_acquired; 174 xfrd_soa_type soa_notified; 175 time_t soa_notified_acquired; 176 177 enum xfrd_zone_state { 178 xfrd_zone_ok, 179 xfrd_zone_refreshing, 180 xfrd_zone_expired 181 } state; 182 183 /* master to try to transfer from, number for persistence */ 184 struct acl_options* master; 185 int master_num; 186 int next_master; /* -1 or set by notify where to try next */ 187 /* round of xfrattempts, -1 is waiting for timeout */ 188 int round_num; 189 struct zone_options* zone_options; 190 int fresh_xfr_timeout; 191 192 /* handler for timeouts */ 193 struct timeval timeout; 194 struct event zone_handler; 195 int zone_handler_flags; 196 int event_added; 197 198 /* tcp connection zone is using, or -1 */ 199 int tcp_conn; 200 /* zone is waiting for a tcp connection */ 201 uint8_t tcp_waiting; 202 /* next zone in waiting list */ 203 xfrd_zone_type* tcp_waiting_next; 204 xfrd_zone_type* tcp_waiting_prev; 205 /* zone is in its tcp send queue */ 206 uint8_t in_tcp_send; 207 /* next zone in tcp send queue */ 208 xfrd_zone_type* tcp_send_next; 209 xfrd_zone_type* tcp_send_prev; 210 /* zone is waiting for a udp connection (tcp is preferred) */ 211 uint8_t udp_waiting; 212 /* next zone in waiting list for UDP */ 213 xfrd_zone_type* udp_waiting_next; 214 xfrd_zone_type* udp_waiting_prev; 215 /* zone has been activated to run now (after the other events 216 * but before blocking in select again) */ 217 uint8_t is_activated; 218 xfrd_zone_type* activated_next; 219 xfrd_zone_type* activated_prev; 220 221 /* xfr message handling data */ 222 /* query id */ 223 uint16_t query_id; 224 xfrd_xfr_type *latest_xfr; 225 226 int multi_master_first_master; /* >0: first check master_num */ 227 int multi_master_update_check; /* -1: not update >0: last update master_num */ 228} ATTR_PACKED; 229 230/* 231 * State for a single zone XFR 232 */ 233struct xfrd_xfr { 234 xfrd_xfr_type *next; 235 xfrd_xfr_type *prev; 236 uint16_t query_type; 237 uint8_t sent; /* written to tasklist (tri-state) */ 238 time_t acquired; /* time xfr was acquired */ 239 uint32_t msg_seq_nr; /* number of messages already handled */ 240 uint32_t msg_old_serial, msg_new_serial; /* host byte order */ 241 size_t msg_rr_count; 242 uint8_t msg_is_ixfr; /* 1:IXFR detected. 2:middle IXFR SOA seen. */ 243 tsig_record_type tsig; /* tsig state for IXFR/AXFR */ 244 uint64_t xfrfilenumber; /* identifier for file to store xfr into, 245 valid if msg_seq_nr nonzero */ 246}; 247 248enum xfrd_packet_result { 249 xfrd_packet_bad, /* drop the packet/connection */ 250 xfrd_packet_drop, /* drop the connection, but not report bad */ 251 xfrd_packet_more, /* more packets to follow on tcp */ 252 xfrd_packet_notimpl, /* server responded with NOTIMPL or FORMATERR */ 253 xfrd_packet_tcp, /* try tcp connection */ 254 xfrd_packet_transfer, /* server responded with transfer*/ 255 xfrd_packet_newlease /* no changes, soa OK */ 256}; 257 258/* 259 Division of the (portably: 1024) max number of sockets that can be open. 260 The sum of the below numbers should be below the user limit for sockets 261 open, or you see errors in your logfile. 262 And it should be below FD_SETSIZE, to be able to select() on replies. 263 Note that also some sockets are used for writing the ixfr.db, xfrd.state 264 files and for the pipes to the main parent process. 265 266 For xfrd_tcp_max, 128 is the default number of TCP AXFR/IXFR concurrent 267 connections. Each entry has 64Kb buffer preallocated. 268*/ 269#define XFRD_MAX_UDP 128 /* max number of UDP sockets at a time for IXFR */ 270#define XFRD_MAX_UDP_NOTIFY 128 /* max concurrent UDP sockets for NOTIFY */ 271 272#define XFRD_TRANSFER_TIMEOUT_START 10 /* empty zone timeout is between x and 2*x seconds */ 273#define XFRD_TRANSFER_TIMEOUT_MAX 86400 /* empty zone timeout max expbackoff */ 274#define XFRD_LOWERBOUND_REFRESH 1 /* seconds, smallest refresh timeout */ 275#define XFRD_LOWERBOUND_RETRY 1 /* seconds, smallest retry timeout */ 276 277/* 278 * return refresh period 279 * within configured and defined lower and upper bounds 280 */ 281static inline time_t 282within_refresh_bounds(xfrd_zone_type* zone, time_t refresh) 283{ 284 return (time_t)zone->zone_options->pattern->max_refresh_time < refresh 285 ? (time_t)zone->zone_options->pattern->max_refresh_time 286 : (time_t)zone->zone_options->pattern->min_refresh_time > refresh 287 ? (time_t)zone->zone_options->pattern->min_refresh_time 288 : XFRD_LOWERBOUND_REFRESH > refresh 289 ? XFRD_LOWERBOUND_REFRESH : refresh; 290} 291 292/* 293 * return the zone's refresh period (from the on disk stored SOA) 294 * within configured and defined lower and upper bounds 295 */ 296static inline time_t 297bound_soa_disk_refresh(xfrd_zone_type* zone) 298{ 299 return within_refresh_bounds(zone, ntohl(zone->soa_disk.refresh)); 300} 301 302/* 303 * return retry period 304 * within configured and defined lower and upper bounds 305 */ 306static inline time_t 307within_retry_bounds(xfrd_zone_type* zone, time_t retry) 308{ 309 return (time_t)zone->zone_options->pattern->max_retry_time < retry 310 ? (time_t)zone->zone_options->pattern->max_retry_time 311 : (time_t)zone->zone_options->pattern->min_retry_time > retry 312 ? (time_t)zone->zone_options->pattern->min_retry_time 313 : XFRD_LOWERBOUND_RETRY > retry 314 ? XFRD_LOWERBOUND_RETRY : retry; 315} 316 317/* 318 * return the zone's retry period (from the on disk stored SOA) 319 * within configured and defined lower and upper bounds 320 */ 321static inline time_t 322bound_soa_disk_retry(xfrd_zone_type* zone) 323{ 324 return within_retry_bounds(zone, ntohl(zone->soa_disk.retry)); 325} 326 327/* 328 * return expire period 329 * within configured and defined lower bounds 330 */ 331static inline time_t 332within_expire_bounds(xfrd_zone_type* zone, time_t expire) 333{ 334 switch (zone->zone_options->pattern->min_expire_time_expr) { 335 case EXPIRE_TIME_HAS_VALUE: 336 return (time_t)zone->zone_options->pattern->min_expire_time > expire 337 ? (time_t)zone->zone_options->pattern->min_expire_time : expire; 338 339 case REFRESHPLUSRETRYPLUS1: 340 return bound_soa_disk_refresh(zone) + bound_soa_disk_retry(zone) + 1 > expire 341 ? bound_soa_disk_refresh(zone) + bound_soa_disk_retry(zone) + 1 : expire; 342 default: 343 return expire; 344 } 345} 346 347/* return the zone's expire period (from the on disk stored SOA) */ 348static inline time_t 349bound_soa_disk_expire(xfrd_zone_type* zone) 350{ 351 return within_expire_bounds(zone, ntohl(zone->soa_disk.expire)); 352} 353 354/* return the zone's expire period (from the SOA in use by the running server) */ 355static inline time_t 356bound_soa_nsd_expire(xfrd_zone_type* zone) 357{ 358 return within_expire_bounds(zone, ntohl(zone->soa_nsd.expire)); 359} 360 361extern xfrd_state_type* xfrd; 362 363/* start xfrd, new start. Pass socket to server_main. */ 364void xfrd_init(int socket, struct nsd* nsd, int shortsoa, int reload_active, 365 pid_t nsd_pid); 366 367/* add new slave zone, dname(from zone_opt) and given options */ 368void xfrd_init_slave_zone(xfrd_state_type* xfrd, struct zone_options* zone_opt); 369 370/* delete slave zone */ 371void xfrd_del_slave_zone(xfrd_state_type* xfrd, const dname_type* dname); 372 373/* disable ixfr for a while for zone->master */ 374void xfrd_disable_ixfr(xfrd_zone_type* zone); 375 376/* get the current time epoch. Cached for speed. */ 377time_t xfrd_time(void); 378 379/* 380 * Handle final received packet from network. 381 * returns enum of packet discovery results 382 */ 383enum xfrd_packet_result xfrd_handle_received_xfr_packet( 384 xfrd_zone_type* zone, buffer_type* packet); 385 386/* set timer to specific value */ 387void xfrd_set_timer(xfrd_zone_type* zone, time_t t); 388/* set refresh timer of zone to refresh at time now */ 389void xfrd_set_refresh_now(xfrd_zone_type* zone); 390/* unset the timer - no more timeouts, for when zone is queued */ 391void xfrd_unset_timer(xfrd_zone_type* zone); 392/* remove the 'refresh now', remove it from the activated list */ 393void xfrd_deactivate_zone(xfrd_zone_type* z); 394 395/* 396 * Make a new request to next master server. 397 * uses next_master if set (and a fresh set of rounds). 398 * otherwise, starts new round of requests if none started already. 399 * starts next round of requests if at last master. 400 * if too many rounds of requests, sets timer for next retry. 401 */ 402void xfrd_make_request(xfrd_zone_type* zone); 403 404/* 405 * send packet via udp (returns UDP fd source socket) to acl addr. 406 * returns -1 on failure. 407 */ 408int xfrd_send_udp(struct acl_options* acl, buffer_type* packet, 409 struct acl_options* ifc); 410 411/* 412 * read from udp port packet into buffer, returns 0 on failure 413 */ 414int xfrd_udp_read_packet(buffer_type* packet, int fd, struct sockaddr* src, 415 socklen_t* srclen); 416 417/* 418 * Release udp socket that a zone is using 419 */ 420void xfrd_udp_release(xfrd_zone_type* zone); 421 422/* 423 * Get a static buffer for temporary use (to build a packet). 424 */ 425struct buffer* xfrd_get_temp_buffer(void); 426 427/* 428 * TSIG sign outgoing request. Call if acl has a key. 429 */ 430void xfrd_tsig_sign_request(buffer_type* packet, struct tsig_record* tsig, 431 struct acl_options* acl); 432 433/* handle incoming soa information (NSD is running it, time acquired=guess). 434 Pass soa=NULL,acquired=now if NSD has nothing loaded for the zone 435 (i.e. zonefile was deleted). */ 436void xfrd_handle_incoming_soa(xfrd_zone_type* zone, xfrd_soa_type* soa, 437 time_t acquired); 438/* handle a packet passed along ipc route. acl is the one that accepted 439 the packet. The packet is the network blob received. acl_xfr is 440 provide-xfr acl matching notify sender or -1 */ 441void xfrd_handle_passed_packet(buffer_type* packet, 442 int acl_num, int acl_xfr); 443 444/* try to reopen the logfile. */ 445void xfrd_reopen_logfile(void); 446 447/* free namedb for xfrd usage */ 448void xfrd_free_namedb(struct nsd* nsd); 449 450/* copy SOA info from rr to soa struct. */ 451void xfrd_copy_soa(xfrd_soa_type* soa, rr_type* rr); 452 453/* check for failed updates - it is assumed that now the reload has 454 finished, and all zone SOAs have been sent. */ 455void xfrd_check_failed_updates(void); 456 457void 458xfrd_prepare_updates_for_reload(void); 459 460/* 461 * Prepare zones for a reload, this sets the times on the zones to be 462 * before the current time, so the reload happens after. 463 */ 464void xfrd_prepare_zones_for_reload(void); 465 466/* Bind a local interface to a socket descriptor, return 1 on success */ 467int xfrd_bind_local_interface(int sockd, struct acl_options* ifc, 468 struct acl_options* acl, int tcp); 469 470/* process results and soa info from reload */ 471void xfrd_process_task_result(xfrd_state_type* xfrd, struct udb_base* taskudb); 472 473/* set to reload right away (for user controlled reload events) */ 474void xfrd_set_reload_now(xfrd_state_type* xfrd); 475 476/* send expiry notifications to nsd */ 477void xfrd_send_expire_notification(xfrd_zone_type* zone); 478 479/* handle incoming notify (soa or NULL) and start zone xfr if necessary */ 480void xfrd_handle_notify_and_start_xfr(xfrd_zone_type* zone, xfrd_soa_type* soa); 481 482/* handle zone timeout, event */ 483void xfrd_handle_zone(int fd, short event, void* arg); 484 485const char* xfrd_pretty_time(time_t v); 486 487xfrd_xfr_type *xfrd_prepare_zone_xfr(xfrd_zone_type *zone, uint16_t query_type); 488 489void xfrd_delete_zone_xfr(xfrd_zone_type *zone, xfrd_xfr_type *xfr); 490 491#endif /* XFRD_H */ 492