|
unbound 0.1
|
This file contains the remote control functionality for the daemon. More...
#include "config.h"#include <ctype.h>#include "daemon/remote.h"#include "daemon/worker.h"#include "daemon/daemon.h"#include "daemon/stats.h"#include "daemon/cachedump.h"#include "util/log.h"#include "util/config_file.h"#include "util/net_help.h"#include "util/module.h"#include "services/listen_dnsport.h"#include "services/cache/rrset.h"#include "services/cache/infra.h"#include "services/mesh.h"#include "services/localzone.h"#include "services/authzone.h"#include "services/rpz.h"#include "util/storage/slabhash.h"#include "util/fptr_wlist.h"#include "util/data/dname.h"#include "validator/validator.h"#include "validator/val_kcache.h"#include "validator/val_kentry.h"#include "validator/val_anchor.h"#include "iterator/iterator.h"#include "iterator/iter_fwd.h"#include "iterator/iter_hints.h"#include "iterator/iter_delegpt.h"#include "services/outbound_list.h"#include "services/outside_network.h"#include "sldns/str2wire.h"#include "sldns/parseutil.h"#include "sldns/wire2str.h"#include "sldns/sbuffer.h"#include "util/timeval_func.h"#include "util/edns.h"Data Structures | |
| struct | del_info |
| Local info for deletion functions. More... | |
| struct | infra_arg |
| structure for argument data for dump infra host More... | |
| struct | ratelimit_list_arg |
| struct for user arg ratelimit list More... | |
Macros | |
| #define | SQ "=" |
| what to put on statistics lines between var and value, ": " or "=" | |
| #define | MAX_CMD_STRLINE 1024 |
| Acceptable lengths of str lines. | |
| #define | MAX_STDIN_STRLINE 2048 |
| #define | ip_ratelimit_list_arg ratelimit_list_arg |
Functions | |
| static int | remote_setup_ctx (struct daemon_remote *rc, struct config_file *cfg) |
| struct daemon_remote * | daemon_remote_create (struct config_file *cfg) |
| Create new remote control state for the daemon. | |
| void | daemon_remote_clear (struct daemon_remote *rc) |
| remote control state to clear up. | |
| void | daemon_remote_delete (struct daemon_remote *rc) |
| remote control state to delete. | |
| static int | add_open (const char *ip, int nr, struct listen_port **list, int noproto_is_err, struct config_file *cfg) |
| Add and open a new control port. | |
| struct listen_port * | daemon_remote_open_ports (struct config_file *cfg) |
| Open and create listening ports for remote control. | |
| static int | accept_open (struct daemon_remote *rc, int fd) |
| open accept commpoint | |
| int | daemon_remote_open_accept (struct daemon_remote *rc, struct listen_port *ports, struct worker *worker) |
| Setup comm points for accepting remote control connections. | |
| void | daemon_remote_stop_accept (struct daemon_remote *rc) |
| Stop accept handlers for TCP (until enabled again) | |
| void | daemon_remote_start_accept (struct daemon_remote *rc) |
| Stop accept handlers for TCP (until enabled again) | |
| int | remote_accept_callback (struct comm_point *c, void *arg, int err, struct comm_reply *ATTR_UNUSED(rep)) |
| static void | state_list_remove_elem (struct rc_state **list, struct comm_point *c) |
| delete from list | |
| static void | clean_point (struct daemon_remote *rc, struct rc_state *s) |
| decrease active count and remove commpoint from busy list | |
| int | ssl_print_text (RES *res, const char *text) |
| static int | ssl_print_vmsg (RES *ssl, const char *format, va_list args) |
| print text over the ssl connection | |
| int | ssl_printf (RES *ssl, const char *format,...) |
| printf style printing to the ssl connection | |
| int | ssl_read_line (RES *res, char *buf, size_t max) |
| static char * | skipwhite (char *str) |
| skip whitespace, return new pointer into string | |
| static void | send_ok (RES *ssl) |
| send the OK to the control client | |
| static void | distribute_cmd (struct daemon_remote *rc, RES *ssl, char *cmd) |
| tell other processes to execute the command | |
| static void | do_stop (RES *ssl, struct worker *worker) |
| do the stop command | |
| static void | do_reload (RES *ssl, struct worker *worker, int reuse_cache) |
| do the reload command | |
| static void | do_verbosity (RES *ssl, char *str) |
| do the verbosity command | |
| static int | print_stats (RES *ssl, const char *nm, struct ub_stats_info *s) |
| print stats from statinfo | |
| static int | print_thread_stats (RES *ssl, int i, struct ub_stats_info *s) |
| print stats for one thread | |
| static int | print_longnum (RES *ssl, const char *desc, size_t x) |
| print long number | |
| static int | print_mem (RES *ssl, struct worker *worker, struct daemon *daemon, struct ub_stats_info *s) |
| print mem stats | |
| static int | print_uptime (RES *ssl, struct worker *worker, int reset) |
| print uptime stats | |
| static int | print_hist (RES *ssl, struct ub_stats_info *s) |
| print extended histogram | |
| static int | print_ext (RES *ssl, struct ub_stats_info *s, int inhibit_zero) |
| print extended stats | |
| static void | do_stats (RES *ssl, struct worker *worker, int reset) |
| do the stats command | |
| static int | parse_arg_name (RES *ssl, char *str, uint8_t **res, size_t *len, int *labs) |
| parse commandline argument domain name | |
| static int | find_arg2 (RES *ssl, char *arg, char **arg2) |
| find second argument, modifies string | |
| static int | perform_zone_add (RES *ssl, struct local_zones *zones, char *arg) |
| Add a new zone. | |
| static void | do_zone_add (RES *ssl, struct local_zones *zones, char *arg) |
| Do the local_zone command. | |
| static void | do_zones_add (struct daemon_remote *rc, RES *ssl, struct worker *worker) |
| Do the local_zones command. | |
| static int | perform_zone_remove (RES *ssl, struct local_zones *zones, char *arg) |
| Remove a zone. | |
| static void | do_zone_remove (RES *ssl, struct local_zones *zones, char *arg) |
| Do the local_zone_remove command. | |
| static void | do_zones_remove (struct daemon_remote *rc, RES *ssl, struct worker *worker) |
| Do the local_zones_remove command. | |
| static int | check_RR_syntax (RES *ssl, char *str, int line) |
| check syntax of newly added RR | |
| static int | perform_data_add (RES *ssl, struct local_zones *zones, char *arg, int line) |
| Add new RR data. | |
| static void | do_data_add (RES *ssl, struct local_zones *zones, char *arg) |
| Do the local_data command. | |
| static void | do_datas_add (struct daemon_remote *rc, RES *ssl, struct worker *worker) |
| Do the local_datas command. | |
| static int | perform_data_remove (RES *ssl, struct local_zones *zones, char *arg) |
| Remove RR data. | |
| static void | do_data_remove (RES *ssl, struct local_zones *zones, char *arg) |
| Do the local_data_remove command. | |
| static void | do_datas_remove (struct daemon_remote *rc, RES *ssl, struct worker *worker) |
| Do the local_datas_remove command. | |
| static void | do_view_zone_add (RES *ssl, struct worker *worker, char *arg) |
| Add a new zone to view. | |
| static void | do_view_zone_remove (RES *ssl, struct worker *worker, char *arg) |
| Remove a zone from view. | |
| static void | do_view_data_add (RES *ssl, struct worker *worker, char *arg) |
| Add new RR data to view. | |
| static void | do_view_datas_add (struct daemon_remote *rc, RES *ssl, struct worker *worker, char *arg) |
| Add new RR data from stdin to view. | |
| static void | do_view_data_remove (RES *ssl, struct worker *worker, char *arg) |
| Remove RR data from view. | |
| static void | do_view_datas_remove (struct daemon_remote *rc, RES *ssl, struct worker *worker, char *arg) |
| Remove RR data from stdin from view. | |
| static void | do_lookup (RES *ssl, struct worker *worker, char *arg) |
| cache lookup of nameservers | |
| static void | do_cache_remove (struct worker *worker, uint8_t *nm, size_t nmlen, uint16_t t, uint16_t c, int remcachedb) |
| flush something from rrset and msg caches | |
| static int | parse_remcachedb (RES *ssl, char **arg, int *pc) |
| parse '+c' option, modifies string to return remainder. | |
| static void | do_flush_type (RES *ssl, struct worker *worker, char *arg) |
| flush a type | |
| static void | do_flush_stats (RES *ssl, struct worker *worker) |
| flush statistics | |
| static void | infra_del_host (struct lruhash_entry *e, void *arg) |
| callback to delete hosts in infra cache | |
| static void | do_flush_infra (RES *ssl, struct worker *worker, char *arg) |
| flush infra cache | |
| static void | do_flush_requestlist (RES *ssl, struct worker *worker) |
| flush requestlist | |
| static void | zone_del_rrset (struct lruhash_entry *e, void *arg) |
| callback to delete rrsets in a zone | |
| static void | zone_del_msg (struct lruhash_entry *e, void *arg) |
| callback to delete messages in a zone | |
| static void | zone_del_kcache (struct lruhash_entry *e, void *arg) |
| callback to delete keys in zone | |
| static void | do_flush_zone (RES *ssl, struct worker *worker, char *arg) |
| remove all rrsets and keys from zone from cache | |
| static void | bogus_del_rrset (struct lruhash_entry *e, void *arg) |
| callback to delete bogus rrsets | |
| static void | bogus_del_msg (struct lruhash_entry *e, void *arg) |
| callback to delete bogus messages | |
| static void | bogus_del_kcache (struct lruhash_entry *e, void *arg) |
| callback to delete bogus keys | |
| static void | do_flush_bogus (RES *ssl, struct worker *worker, char *arg) |
| remove all bogus rrsets, msgs and keys from cache | |
| static void | negative_del_rrset (struct lruhash_entry *e, void *arg) |
| callback to delete negative and servfail rrsets | |
| static void | negative_del_msg (struct lruhash_entry *e, void *arg) |
| callback to delete negative and servfail messages | |
| static void | negative_del_kcache (struct lruhash_entry *e, void *arg) |
| callback to delete negative key entries | |
| static void | do_flush_negative (RES *ssl, struct worker *worker, char *arg) |
| remove all negative(NODATA,NXDOMAIN), and servfail messages from cache | |
| static void | do_flush_name (RES *ssl, struct worker *w, char *arg) |
| remove name rrset from cache | |
| static int | ssl_print_name_dp (RES *ssl, const char *str, uint8_t *nm, uint16_t dclass, struct delegpt *dp) |
| printout a delegation point info | |
| static int | print_root_fwds (RES *ssl, struct iter_forwards *fwds, uint8_t *root) |
| print root forwards | |
| static struct delegpt * | parse_delegpt (RES *ssl, char *args, uint8_t *nm) |
| parse args into delegpt | |
| static void | do_forward (RES *ssl, struct worker *worker, char *args) |
| do the forward command | |
| static int | parse_fs_args (RES *ssl, char *args, uint8_t **nm, struct delegpt **dp, int *insecure, int *prime, int *tls) |
| static void | do_forward_add (RES *ssl, struct worker *worker, char *args) |
| do the forward_add command | |
| static void | do_forward_remove (RES *ssl, struct worker *worker, char *args) |
| do the forward_remove command | |
| static void | do_stub_add (RES *ssl, struct worker *worker, char *args) |
| do the stub_add command | |
| static void | do_stub_remove (RES *ssl, struct worker *worker, char *args) |
| do the stub_remove command | |
| static void | do_insecure_add (RES *ssl, struct worker *worker, char *arg) |
| do the insecure_add command | |
| static void | do_insecure_remove (RES *ssl, struct worker *worker, char *arg) |
| do the insecure_remove command | |
| static void | do_insecure_list (RES *ssl, struct worker *worker) |
| static void | do_status (RES *ssl, struct worker *worker) |
| do the status command | |
| static void | get_mesh_age (struct mesh_state *m, char *buf, size_t len, struct module_env *env) |
| get age for the mesh state | |
| static void | get_mesh_status (struct mesh_area *mesh, struct mesh_state *m, char *buf, size_t len) |
| get status of a mesh state | |
| static void | do_dump_requestlist (RES *ssl, struct worker *worker) |
| do the dump_requestlist command | |
| static void | dump_infra_host (struct lruhash_entry *e, void *arg) |
| callback for every host element in the infra cache | |
| static void | do_dump_infra (RES *ssl, struct worker *worker) |
| do the dump_infra command | |
| static void | do_log_reopen (RES *ssl, struct worker *worker) |
| do the log_reopen command | |
| static void | do_auth_zone_reload (RES *ssl, struct worker *worker, char *arg) |
| do the auth_zone_reload command | |
| static void | do_auth_zone_transfer (RES *ssl, struct worker *worker, char *arg) |
| do the auth_zone_transfer command | |
| static void | do_set_option (RES *ssl, struct worker *worker, char *arg) |
| do the set_option command | |
| void | remote_get_opt_ssl (char *line, void *arg) |
| routine to printout option values over SSL | |
| static void | do_get_option (RES *ssl, struct worker *worker, char *arg) |
| do the get_option command | |
| static void | do_list_forwards (RES *ssl, struct worker *worker) |
| do the list_forwards command | |
| static void | do_list_stubs (RES *ssl, struct worker *worker) |
| do the list_stubs command | |
| static void | do_list_auth_zones (RES *ssl, struct auth_zones *az) |
| do the list_auth_zones command | |
| static void | do_list_local_zones (RES *ssl, struct local_zones *zones) |
| do the list_local_zones command | |
| static void | do_list_local_data (RES *ssl, struct worker *worker, struct local_zones *zones) |
| do the list_local_data command | |
| static void | do_view_list_local_zones (RES *ssl, struct worker *worker, char *arg) |
| do the view_list_local_zones command | |
| static void | do_view_list_local_data (RES *ssl, struct worker *worker, char *arg) |
| do the view_list_local_data command | |
| static void | rate_list (struct lruhash_entry *e, void *arg) |
| list items in the ratelimit table | |
| static void | ip_rate_list (struct lruhash_entry *e, void *arg) |
| list items in the ip_ratelimit table | |
| static void | do_ratelimit_list (RES *ssl, struct worker *worker, char *arg) |
| do the ratelimit_list command | |
| static void | do_ip_ratelimit_list (RES *ssl, struct worker *worker, char *arg) |
| do the ip_ratelimit_list command | |
| static void | do_rpz_enable_disable (RES *ssl, struct worker *worker, char *arg, int enable) |
| do the rpz_enable/disable command | |
| static void | do_rpz_enable (RES *ssl, struct worker *worker, char *arg) |
| do the rpz_enable command | |
| static void | do_rpz_disable (RES *ssl, struct worker *worker, char *arg) |
| do the rpz_disable command | |
| static int | cookie_secret_file_dump (RES *ssl, struct worker *worker) |
Write the cookie secrets to file, returns 0 on failure. | |
| static void | do_activate_cookie_secret (RES *ssl, struct worker *worker) |
| Activate cookie secret. | |
| static void | do_drop_cookie_secret (RES *ssl, struct worker *worker) |
| Drop cookie secret. | |
| static void | do_add_cookie_secret (RES *ssl, struct worker *worker, char *arg) |
| Add cookie secret. | |
| static void | do_print_cookie_secrets (RES *ssl, struct worker *worker) |
| Print cookie secrets. | |
| static int | cmdcmp (char *p, const char *cmd, size_t len) |
| check for name with end-of-string, space or tab after it | |
| static void | execute_cmd (struct daemon_remote *rc, RES *ssl, char *cmd, struct worker *worker) |
| execute a remote control command | |
| void | daemon_remote_exec (struct worker *worker) |
| Handle nonthreaded remote cmd execution. | |
| static void | handle_req (struct daemon_remote *rc, struct rc_state *s, RES *res) |
| handle remote control request | |
| static int | remote_handshake_later (struct daemon_remote *rc, struct rc_state *s, struct comm_point *c, int r, int r2) |
| handle SSL_do_handshake changes to the file descriptor to wait for later | |
| int | remote_control_callback (struct comm_point *c, void *arg, int err, struct comm_reply *ATTR_UNUSED(rep)) |
This file contains the remote control functionality for the daemon.
The remote control can be performed using either the commandline unbound-control tool, or a TLS capable web browser. The channel is secured using TLSv1, and certificates. Both the server and the client(control tool) have their own keys.
| struct daemon_remote * daemon_remote_create | ( | struct config_file * | cfg | ) |
Create new remote control state for the daemon.
| cfg | config file with key file settings. |
References config_file::control_ifs, config_file::control_use_cert, daemon_remote_delete(), config_strlist_head::first, log_err(), log_warn(), daemon_remote::max_active, config_strlist::next, options_remote_is_address(), config_file::remote_control_enable, and config_strlist::str.
Referenced by perform_setup(), and service_init().
| void daemon_remote_clear | ( | struct daemon_remote * | rc | ) |
remote control state to clear up.
Busy and accept points are closed. Does not delete the rc itself, or the ssl context (with its keys).
| rc | state to clear. |
References daemon_remote::accept_list, daemon_remote::active, daemon_remote::busy_list, rc_state::c, comm_point_delete(), listen_list_delete(), rc_state::next, rc_state::rc, and daemon_remote::worker.
Referenced by daemon_cleanup(), and daemon_remote_delete().
| void daemon_remote_delete | ( | struct daemon_remote * | rc | ) |
remote control state to delete.
| rc | state to delete. |
References daemon_remote_clear(), and rc_state::rc.
Referenced by daemon_delete(), and daemon_remote_create().
|
static |
Add and open a new control port.
| ip | ip str |
| nr | port nr |
| list | list head |
| noproto_is_err | if lack of protocol support is an error. |
| cfg | config with username for chown of unix-sockets. |
References cfg_gid, cfg_uid, create_local_accept_sock(), create_tcp_accept_sock(), listen_port::fd, config_file::ip_dscp, config_file::ip_freebind, config_file::ip_transparent, log_assert, log_err(), listen_port::next, sock_close(), config_file::use_systemd, config_file::username, VERB_QUERY, and verbose().
Referenced by daemon_remote_open_ports().
| struct listen_port * daemon_remote_open_ports | ( | struct config_file * | cfg | ) |
Open and create listening ports for remote control.
| cfg | config options. |
References add_open(), config_del_strarray(), config_file::control_ifs, config_file::control_port, config_file::do_ip4, config_file::do_ip6, config_strlist_head::first, listening_ports_free(), log_assert, config_file::remote_control_enable, and resolve_interface_names().
Referenced by daemon_open_shared_ports().
| int daemon_remote_open_accept | ( | struct daemon_remote * | rc, |
| struct listen_port * | ports, | ||
| struct worker * | worker ) |
Setup comm points for accepting remote control connections.
| rc | state |
| ports | already opened ports. |
| worker | worker with communication base. and links to command channels. |
References accept_open(), listen_port::fd, log_err(), listen_port::next, and daemon_remote::worker.
Referenced by worker_init().
| void daemon_remote_stop_accept | ( | struct daemon_remote * | rc | ) |
Stop accept handlers for TCP (until enabled again)
| rc | state |
References daemon_remote::accept_list, listen_list::com, and listen_list::next.
Referenced by worker_stop_accept().
| void daemon_remote_start_accept | ( | struct daemon_remote * | rc | ) |
Stop accept handlers for TCP (until enabled again)
| rc | state |
References daemon_remote::accept_list, listen_list::com, and listen_list::next.
Referenced by worker_start_accept().
Write the cookie secrets to file, returns 0 on failure.
Caller has to hold the lock.
References module_env::cfg, cookie_secrets::cookie_count, cookie_secret::cookie_secret, config_file::cookie_secret_file, daemon::cookie_secrets, worker::daemon, worker::env, hex_ntop(), log_assert, and ssl_printf().
Referenced by do_activate_cookie_secret(), do_add_cookie_secret(), and do_drop_cookie_secret().
| void daemon_remote_exec | ( | struct worker * | worker | ) |
Handle nonthreaded remote cmd execution.
| worker | this worker (the remote worker). |
References worker::cmd, execute_cmd(), log_err(), tube_read_msg(), VERB_ALGO, and verbose().