1 /*
2 * xfrd.h - XFR (transfer) Daemon header file. Coordinates SOA updates.
3 *
4 * Copyright (c) 2001-2006, NLnet Labs. All rights reserved.
5 *
6 * See LICENSE for the license.
7 *
8 */
9
10 #ifndef XFRD_H
11 #define XFRD_H
12
13 #ifndef USE_MINI_EVENT
14 # ifdef HAVE_EVENT_H
15 # include <event.h>
16 # else
17 # include <event2/event.h>
18 # include "event2/event_struct.h"
19 # include "event2/event_compat.h"
20 # endif
21 #else
22 # include "mini_event.h"
23 #endif
24 #include "rbtree.h"
25 #include "namedb.h"
26 #include "options.h"
27 #include "dns.h"
28 #include "tsig.h"
29
30 struct nsd;
31 struct region;
32 struct buffer;
33 struct xfrd_tcp;
34 struct xfrd_tcp_set;
35 struct notify_zone;
36 struct udb_ptr;
37 typedef struct xfrd_state xfrd_state_type;
38 typedef struct xfrd_xfr xfrd_xfr_type;
39 typedef struct xfrd_zone xfrd_zone_type;
40 typedef struct xfrd_soa xfrd_soa_type;
41 /*
42 * The global state for the xfrd daemon process.
43 * The time_t times are epochs in secs since 1970, absolute times.
44 */
45 struct xfrd_state {
46 /* time when daemon was last started */
47 time_t xfrd_start_time;
48 struct region* region;
49 struct event_base* event_base;
50 struct nsd* nsd;
51
52 struct xfrd_tcp_set* tcp_set;
53 /* packet buffer for udp packets */
54 struct buffer* packet;
55 /* udp waiting list, double linked list */
56 struct xfrd_zone *udp_waiting_first, *udp_waiting_last;
57 /* number of udp sockets (for sending queries) in use */
58 size_t udp_use_num;
59 /* activated waiting list, double linked list */
60 struct xfrd_zone *activated_first;
61
62 /* current time is cached */
63 uint8_t got_time;
64 time_t current_time;
65
66 /* counter for xfr file numbers */
67 uint64_t xfrfilenumber;
68
69 /* the zonestat array size that we last saw and is safe to use */
70 unsigned zonestat_safe;
71 /* size currently of the clear array */
72 size_t zonestat_clear_num;
73 /* array of malloced entries with cumulative cleared stat values */
74 struct nsdst** zonestat_clear;
75
76 /* timer for NSD reload */
77 struct timeval reload_timeout;
78 struct event reload_handler;
79 int reload_added;
80 /* last reload must have caught all zone updates before this time */
81 time_t reload_cmd_last_sent;
82 time_t reload_cmd_first_sent;
83 uint8_t reload_failed;
84 uint8_t can_send_reload;
85 pid_t reload_pid;
86 /* timeout for lost sigchild and reaping children */
87 struct event child_timer;
88 int child_timer_added;
89
90 /* timeout event for zonefiles_write events */
91 struct event write_timer;
92 /* set to 1 if zones have received xfrs since the last write_timer */
93 int write_zonefile_needed;
94
95 /* communication channel with server_main */
96 struct event ipc_handler;
97 int ipc_handler_flags;
98 struct xfrd_tcp *ipc_conn;
99 struct buffer* ipc_pass;
100 /* sending ipc to server_main */
101 uint8_t need_to_send_shutdown;
102 uint8_t need_to_send_reload;
103 uint8_t need_to_send_stats;
104 uint8_t need_to_send_quit;
105 uint8_t ipc_send_blocked;
106 struct udb_ptr* last_task;
107
108 /* xfrd shutdown flag */
109 uint8_t shutdown;
110
111 /* tree of zones, by apex name, contains xfrd_zone_type*. Only secondary zones. */
112 rbtree_type *zones;
113
114 /* tree of zones, by apex name, contains notify_zone*. All zones. */
115 rbtree_type *notify_zones;
116 /* number of notify_zone active using UDP socket */
117 int notify_udp_num;
118 /* first and last notify_zone* entries waiting for a UDP socket */
119 struct notify_zone *notify_waiting_first, *notify_waiting_last;
120 };
121
122 /*
123 * XFR daemon SOA information kept in network format.
124 * This is in packet order.
125 */
126 struct xfrd_soa {
127 /* name of RR is zone apex dname */
128 uint16_t type; /* = TYPE_SOA */
129 uint16_t klass; /* = CLASS_IN */
130 uint32_t ttl;
131 uint16_t rdata_count; /* = 7 */
132 /* format is 1 octet length, + wireformat dname.
133 one more octet since parse_dname_wire_from_packet needs it.
134 maximum size is allocated to avoid memory alloc/free. */
135 uint8_t prim_ns[MAXDOMAINLEN + 2];
136 uint8_t email[MAXDOMAINLEN + 2];
137 uint32_t serial;
138 uint32_t refresh;
139 uint32_t retry;
140 uint32_t expire;
141 uint32_t minimum;
142 } ATTR_PACKED;
143
144
145 /*
146 * XFRD state for a single zone
147 */
148 struct xfrd_zone {
149 rbnode_type node;
150
151 /* name of the zone */
152 const dname_type* apex;
153 const char* apex_str;
154
155 /* Three types of soas:
156 * NSD: in use by running server
157 * disk: stored on disk in db/diff file
158 * notified: from notification, could be available on a master.
159 * And the time the soa was acquired (start time for timeouts).
160 * If the time==0, no SOA is available.
161 */
162 xfrd_soa_type soa_nsd;
163 time_t soa_nsd_acquired;
164 xfrd_soa_type soa_disk;
165 time_t soa_disk_acquired;
166 xfrd_soa_type soa_notified;
167 time_t soa_notified_acquired;
168
169 enum xfrd_zone_state {
170 xfrd_zone_ok,
171 xfrd_zone_refreshing,
172 xfrd_zone_expired
173 } state;
174
175 /* master to try to transfer from, number for persistence */
176 struct acl_options* master;
177 int master_num;
178 int next_master; /* -1 or set by notify where to try next */
179 /* round of xfrattempts, -1 is waiting for timeout */
180 int round_num;
181 struct zone_options* zone_options;
182 int fresh_xfr_timeout;
183
184 /* handler for timeouts */
185 struct timeval timeout;
186 struct event zone_handler;
187 int zone_handler_flags;
188 int event_added;
189
190 /* tcp connection zone is using, or -1 */
191 int tcp_conn;
192 /* zone is waiting for a tcp connection */
193 uint8_t tcp_waiting;
194 /* next zone in waiting list */
195 xfrd_zone_type* tcp_waiting_next;
196 xfrd_zone_type* tcp_waiting_prev;
197 /* zone is in its tcp send queue */
198 uint8_t in_tcp_send;
199 /* next zone in tcp send queue */
200 xfrd_zone_type* tcp_send_next;
201 xfrd_zone_type* tcp_send_prev;
202 /* zone is waiting for a udp connection (tcp is preferred) */
203 uint8_t udp_waiting;
204 /* next zone in waiting list for UDP */
205 xfrd_zone_type* udp_waiting_next;
206 xfrd_zone_type* udp_waiting_prev;
207 /* zone has been activated to run now (after the other events
208 * but before blocking in select again) */
209 uint8_t is_activated;
210 xfrd_zone_type* activated_next;
211 xfrd_zone_type* activated_prev;
212
213 /* xfr message handling data */
214 /* query id */
215 uint16_t query_id;
216 xfrd_xfr_type *latest_xfr;
217
218 int multi_master_first_master; /* >0: first check master_num */
219 int multi_master_update_check; /* -1: not update >0: last update master_num */
220 } ATTR_PACKED;
221
222 /*
223 * State for a single zone XFR
224 */
225 struct xfrd_xfr {
226 xfrd_xfr_type *next;
227 xfrd_xfr_type *prev;
228 uint16_t query_type;
229 uint8_t sent; /* written to tasklist (tri-state) */
230 time_t acquired; /* time xfr was acquired */
231 uint32_t msg_seq_nr; /* number of messages already handled */
232 uint32_t msg_old_serial, msg_new_serial; /* host byte order */
233 size_t msg_rr_count;
234 uint8_t msg_is_ixfr; /* 1:IXFR detected. 2:middle IXFR SOA seen. */
235 tsig_record_type tsig; /* tsig state for IXFR/AXFR */
236 uint64_t xfrfilenumber; /* identifier for file to store xfr into,
237 valid if msg_seq_nr nonzero */
238 };
239
240 enum xfrd_packet_result {
241 xfrd_packet_bad, /* drop the packet/connection */
242 xfrd_packet_drop, /* drop the connection, but not report bad */
243 xfrd_packet_more, /* more packets to follow on tcp */
244 xfrd_packet_notimpl, /* server responded with NOTIMPL or FORMATERR */
245 xfrd_packet_tcp, /* try tcp connection */
246 xfrd_packet_transfer, /* server responded with transfer*/
247 xfrd_packet_newlease /* no changes, soa OK */
248 };
249
250 /*
251 Division of the (portably: 1024) max number of sockets that can be open.
252 The sum of the below numbers should be below the user limit for sockets
253 open, or you see errors in your logfile.
254 And it should be below FD_SETSIZE, to be able to select() on replies.
255 Note that also some sockets are used for writing the ixfr.db, xfrd.state
256 files and for the pipes to the main parent process.
257
258 For xfrd_tcp_max, 128 is the default number of TCP AXFR/IXFR concurrent
259 connections. Each entry has 64Kb buffer preallocated.
260 */
261 #define XFRD_MAX_UDP 128 /* max number of UDP sockets at a time for IXFR */
262 #define XFRD_MAX_UDP_NOTIFY 128 /* max concurrent UDP sockets for NOTIFY */
263
264 #define XFRD_TRANSFER_TIMEOUT_START 10 /* empty zone timeout is between x and 2*x seconds */
265 #define XFRD_TRANSFER_TIMEOUT_MAX 86400 /* empty zone timeout max expbackoff */
266 #define XFRD_LOWERBOUND_REFRESH 1 /* seconds, smallest refresh timeout */
267 #define XFRD_LOWERBOUND_RETRY 1 /* seconds, smallest retry timeout */
268
269 /*
270 * return refresh period
271 * within configured and defined lower and upper bounds
272 */
273 static inline time_t
within_refresh_bounds(xfrd_zone_type * zone,time_t refresh)274 within_refresh_bounds(xfrd_zone_type* zone, time_t refresh)
275 {
276 return (time_t)zone->zone_options->pattern->max_refresh_time < refresh
277 ? (time_t)zone->zone_options->pattern->max_refresh_time
278 : (time_t)zone->zone_options->pattern->min_refresh_time > refresh
279 ? (time_t)zone->zone_options->pattern->min_refresh_time
280 : XFRD_LOWERBOUND_REFRESH > refresh
281 ? XFRD_LOWERBOUND_REFRESH : refresh;
282 }
283
284 /*
285 * return the zone's refresh period (from the on disk stored SOA)
286 * within configured and defined lower and upper bounds
287 */
288 static inline time_t
bound_soa_disk_refresh(xfrd_zone_type * zone)289 bound_soa_disk_refresh(xfrd_zone_type* zone)
290 {
291 return within_refresh_bounds(zone, ntohl(zone->soa_disk.refresh));
292 }
293
294 /*
295 * return retry period
296 * within configured and defined lower and upper bounds
297 */
298 static inline time_t
within_retry_bounds(xfrd_zone_type * zone,time_t retry)299 within_retry_bounds(xfrd_zone_type* zone, time_t retry)
300 {
301 return (time_t)zone->zone_options->pattern->max_retry_time < retry
302 ? (time_t)zone->zone_options->pattern->max_retry_time
303 : (time_t)zone->zone_options->pattern->min_retry_time > retry
304 ? (time_t)zone->zone_options->pattern->min_retry_time
305 : XFRD_LOWERBOUND_RETRY > retry
306 ? XFRD_LOWERBOUND_RETRY : retry;
307 }
308
309 /*
310 * return the zone's retry period (from the on disk stored SOA)
311 * within configured and defined lower and upper bounds
312 */
313 static inline time_t
bound_soa_disk_retry(xfrd_zone_type * zone)314 bound_soa_disk_retry(xfrd_zone_type* zone)
315 {
316 return within_retry_bounds(zone, ntohl(zone->soa_disk.retry));
317 }
318
319 /*
320 * return expire period
321 * within configured and defined lower bounds
322 */
323 static inline time_t
within_expire_bounds(xfrd_zone_type * zone,time_t expire)324 within_expire_bounds(xfrd_zone_type* zone, time_t expire)
325 {
326 switch (zone->zone_options->pattern->min_expire_time_expr) {
327 case EXPIRE_TIME_HAS_VALUE:
328 return (time_t)zone->zone_options->pattern->min_expire_time > expire
329 ? (time_t)zone->zone_options->pattern->min_expire_time : expire;
330
331 case REFRESHPLUSRETRYPLUS1:
332 return bound_soa_disk_refresh(zone) + bound_soa_disk_retry(zone) + 1 > expire
333 ? bound_soa_disk_refresh(zone) + bound_soa_disk_retry(zone) + 1 : expire;
334 default:
335 return expire;
336 }
337 }
338
339 /* return the zone's expire period (from the on disk stored SOA) */
340 static inline time_t
bound_soa_disk_expire(xfrd_zone_type * zone)341 bound_soa_disk_expire(xfrd_zone_type* zone)
342 {
343 return within_expire_bounds(zone, ntohl(zone->soa_disk.expire));
344 }
345
346 /* return the zone's expire period (from the SOA in use by the running server) */
347 static inline time_t
bound_soa_nsd_expire(xfrd_zone_type * zone)348 bound_soa_nsd_expire(xfrd_zone_type* zone)
349 {
350 return within_expire_bounds(zone, ntohl(zone->soa_nsd.expire));
351 }
352
353 extern xfrd_state_type* xfrd;
354
355 /* start xfrd, new start. Pass socket to server_main. */
356 void xfrd_init(int socket, struct nsd* nsd, int shortsoa, int reload_active,
357 pid_t nsd_pid);
358
359 /* add new slave zone, dname(from zone_opt) and given options */
360 void xfrd_init_slave_zone(xfrd_state_type* xfrd, struct zone_options* zone_opt);
361
362 /* delete slave zone */
363 void xfrd_del_slave_zone(xfrd_state_type* xfrd, const dname_type* dname);
364
365 /* disable ixfr for a while for zone->master */
366 void xfrd_disable_ixfr(xfrd_zone_type* zone);
367
368 /* get the current time epoch. Cached for speed. */
369 time_t xfrd_time(void);
370
371 /*
372 * Handle final received packet from network.
373 * returns enum of packet discovery results
374 */
375 enum xfrd_packet_result xfrd_handle_received_xfr_packet(
376 xfrd_zone_type* zone, buffer_type* packet);
377
378 /* set timer to specific value */
379 void xfrd_set_timer(xfrd_zone_type* zone, time_t t);
380 /* set refresh timer of zone to refresh at time now */
381 void xfrd_set_refresh_now(xfrd_zone_type* zone);
382 /* unset the timer - no more timeouts, for when zone is queued */
383 void xfrd_unset_timer(xfrd_zone_type* zone);
384 /* remove the 'refresh now', remove it from the activated list */
385 void xfrd_deactivate_zone(xfrd_zone_type* z);
386
387 /*
388 * Make a new request to next master server.
389 * uses next_master if set (and a fresh set of rounds).
390 * otherwise, starts new round of requests if none started already.
391 * starts next round of requests if at last master.
392 * if too many rounds of requests, sets timer for next retry.
393 */
394 void xfrd_make_request(xfrd_zone_type* zone);
395
396 /*
397 * send packet via udp (returns UDP fd source socket) to acl addr.
398 * returns -1 on failure.
399 */
400 int xfrd_send_udp(struct acl_options* acl, buffer_type* packet,
401 struct acl_options* ifc);
402
403 /*
404 * read from udp port packet into buffer, returns 0 on failure
405 */
406 int xfrd_udp_read_packet(buffer_type* packet, int fd, struct sockaddr* src,
407 socklen_t* srclen);
408
409 /*
410 * Release udp socket that a zone is using
411 */
412 void xfrd_udp_release(xfrd_zone_type* zone);
413
414 /*
415 * Get a static buffer for temporary use (to build a packet).
416 */
417 struct buffer* xfrd_get_temp_buffer(void);
418
419 /*
420 * TSIG sign outgoing request. Call if acl has a key.
421 */
422 void xfrd_tsig_sign_request(buffer_type* packet, struct tsig_record* tsig,
423 struct acl_options* acl);
424
425 /* handle incoming soa information (NSD is running it, time acquired=guess).
426 Pass soa=NULL,acquired=now if NSD has nothing loaded for the zone
427 (i.e. zonefile was deleted). */
428 void xfrd_handle_incoming_soa(xfrd_zone_type* zone, xfrd_soa_type* soa,
429 time_t acquired);
430 /* handle a packet passed along ipc route. acl is the one that accepted
431 the packet. The packet is the network blob received. acl_xfr is
432 provide-xfr acl matching notify sender or -1 */
433 void xfrd_handle_passed_packet(buffer_type* packet,
434 int acl_num, int acl_xfr);
435
436 /* try to reopen the logfile. */
437 void xfrd_reopen_logfile(void);
438
439 /* free namedb for xfrd usage */
440 void xfrd_free_namedb(struct nsd* nsd);
441
442 /* copy SOA info from rr to soa struct. */
443 void xfrd_copy_soa(xfrd_soa_type* soa, rr_type* rr);
444
445 /* check for failed updates - it is assumed that now the reload has
446 finished, and all zone SOAs have been sent. */
447 void xfrd_check_failed_updates(void);
448
449 void
450 xfrd_prepare_updates_for_reload(void);
451
452 /*
453 * Prepare zones for a reload, this sets the times on the zones to be
454 * before the current time, so the reload happens after.
455 */
456 void xfrd_prepare_zones_for_reload(void);
457
458 /* Bind a local interface to a socket descriptor, return 1 on success */
459 int xfrd_bind_local_interface(int sockd, struct acl_options* ifc,
460 struct acl_options* acl, int tcp);
461
462 /* process results and soa info from reload */
463 void xfrd_process_task_result(xfrd_state_type* xfrd, struct udb_base* taskudb);
464
465 /* set to reload right away (for user controlled reload events) */
466 void xfrd_set_reload_now(xfrd_state_type* xfrd);
467
468 /* send expiry notifications to nsd */
469 void xfrd_send_expire_notification(xfrd_zone_type* zone);
470
471 /* handle incoming notify (soa or NULL) and start zone xfr if necessary */
472 void xfrd_handle_notify_and_start_xfr(xfrd_zone_type* zone, xfrd_soa_type* soa);
473
474 /* handle zone timeout, event */
475 void xfrd_handle_zone(int fd, short event, void* arg);
476
477 const char* xfrd_pretty_time(time_t v);
478
479 xfrd_xfr_type *xfrd_prepare_zone_xfr(xfrd_zone_type *zone, uint16_t query_type);
480
481 void xfrd_delete_zone_xfr(xfrd_zone_type *zone, xfrd_xfr_type *xfr);
482
483 #endif /* XFRD_H */
484