d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington/*
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews * Copyright (C) 2001-2008, 2011-2016 Internet Systems Consortium, Inc. ("ISC")
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington *
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews * This Source Code Form is subject to the terms of the Mozilla Public
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews * License, v. 2.0. If a copy of the MPL was not distributed with this
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews * file, You can obtain one at http://mozilla.org/MPL/2.0/.
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington */
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein/*! \file */
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <config.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <isc/base64.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <isc/buffer.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <isc/event.h>
368aedf188d7c7782cae8a5ce2a978be47b5a764Evan Hunt#include <isc/file.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <isc/mem.h>
5cd7e9d4db393c314dd1a761c52d2cb3a4da9b72Andreas Gustafsson#include <isc/net.h>
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence#include <isc/netaddr.h>
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews#include <isc/random.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <isc/result.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <isc/stdtime.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <isc/string.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <isc/timer.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <isc/util.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
669e9657c731176df235832367f61435f7b83ddfAndreas Gustafsson#include <isccfg/namedconf.h>
c2bc56dc65b4b103a5600565680eb5f33fa4c90bMark Andrews
c2bc56dc65b4b103a5600565680eb5f33fa4c90bMark Andrews#include <bind9/check.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <isccc/alist.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <isccc/cc.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <isccc/ccmsg.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <isccc/events.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <isccc/result.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <isccc/sexpr.h>
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews#include <isccc/symtab.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <isccc/util.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <dns/result.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
3dfc806ddf433d0569340d9c4ccc5af8ec41a27bBrian Wellington#include <named/config.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <named/control.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <named/log.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <named/server.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington/*
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * Note: Listeners and connections are not locked. All event handlers are
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * executed by the server task, and all callers of exported routines must
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * be running under the server task.
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington */
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtontypedef struct controlkey controlkey_t;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtontypedef ISC_LIST(controlkey_t) controlkeylist_t;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtontypedef struct controlconnection controlconnection_t;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtontypedef ISC_LIST(controlconnection_t) controlconnectionlist_t;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtontypedef struct controllistener controllistener_t;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtontypedef ISC_LIST(controllistener_t) controllistenerlist_t;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstruct controlkey {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington char * keyname;
4eb998928b9aef0ceda42d7529980d658138698aEvan Hunt isc_uint32_t algorithm;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_region_t secret;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LINK(controlkey_t) link;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington};
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstruct controlconnection {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_socket_t * sock;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isccc_ccmsg_t ccmsg;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_boolean_t ccmsg_valid;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_boolean_t sending;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_timer_t * timer;
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt isc_buffer_t * buffer;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controllistener_t * listener;
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews isc_uint32_t nonce;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LINK(controlconnection_t) link;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington};
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstruct controllistener {
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson ns_controls_t * controls;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_mem_t * mctx;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_task_t * task;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_sockaddr_t address;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_socket_t * sock;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington dns_acl_t * acl;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_boolean_t listening;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_boolean_t exiting;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controlkeylist_t keys;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controlconnectionlist_t connections;
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews isc_sockettype_t type;
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews isc_uint32_t perm;
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews isc_uint32_t owner;
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews isc_uint32_t group;
58f7af60e79a5aaf58f6a8861c306d4c617fb1d1Mukund Sivaraman isc_boolean_t readonly;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LINK(controllistener_t) link;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington};
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafssonstruct ns_controls {
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson ns_server_t *server;
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson controllistenerlist_t listeners;
b32e75f3e1822f14681c538d7657bdbccd7fcd45Brian Wellington isc_boolean_t shuttingdown;
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews isccc_symtab_t *symtab;
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson};
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic void control_newconn(isc_task_t *task, isc_event_t *event);
091329e690b20755aa80b86cc7389d25c5d32c9bBrian Wellingtonstatic void control_recvmessage(isc_task_t *task, isc_event_t *event);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews#define CLOCKSKEW 300
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic void
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonfree_controlkey(controlkey_t *key, isc_mem_t *mctx) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (key->keyname != NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_mem_free(mctx, key->keyname);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (key->secret.base != NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_mem_put(mctx, key->secret.base, key->secret.length);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_mem_put(mctx, key, sizeof(*key));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic void
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonfree_controlkeylist(controlkeylist_t *keylist, isc_mem_t *mctx) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington while (!ISC_LIST_EMPTY(*keylist)) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controlkey_t *key = ISC_LIST_HEAD(*keylist);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LIST_UNLINK(*keylist, key, link);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington free_controlkey(key, mctx);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic void
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonfree_listener(controllistener_t *listener) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington INSIST(listener->exiting);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington INSIST(!listener->listening);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington INSIST(ISC_LIST_EMPTY(listener->connections));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (listener->sock != NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_socket_detach(&listener->sock);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington free_controlkeylist(&listener->keys, listener->mctx);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (listener->acl != NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington dns_acl_detach(&listener->acl);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
3a0da183bb40bd120698102b20b61ef12665c09bMark Andrews isc_mem_putanddetach(&listener->mctx, listener, sizeof(*listener));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic void
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonmaybe_free_listener(controllistener_t *listener) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (listener->exiting &&
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington !listener->listening &&
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LIST_EMPTY(listener->connections))
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington free_listener(listener);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic void
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonmaybe_free_connection(controlconnection_t *conn) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controllistener_t *listener = conn->listener;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt if (conn->buffer != NULL)
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt isc_buffer_free(&conn->buffer);
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (conn->timer != NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_timer_detach(&conn->timer);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (conn->ccmsg_valid) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isccc_ccmsg_cancelread(&conn->ccmsg);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington return;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (conn->sending) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_socket_cancel(conn->sock, listener->task,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_SOCKCANCEL_SEND);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington return;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LIST_UNLINK(listener->connections, conn, link);
19d80ce5844e00a021643759adcbe27c11b485a0Witold Krecicki#ifdef ENABLE_AFL
19d80ce5844e00a021643759adcbe27c11b485a0Witold Krecicki if (ns_g_fuzz_type == ns_fuzz_rndc) {
19d80ce5844e00a021643759adcbe27c11b485a0Witold Krecicki named_fuzz_notify();
19d80ce5844e00a021643759adcbe27c11b485a0Witold Krecicki }
19d80ce5844e00a021643759adcbe27c11b485a0Witold Krecicki#endif
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_mem_put(listener->mctx, conn, sizeof(*conn));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic void
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonshutdown_listener(controllistener_t *listener) {
32d248107a5bc92b4bf9fc77deaa55b3da969ba2Andreas Gustafsson controlconnection_t *conn;
32d248107a5bc92b4bf9fc77deaa55b3da969ba2Andreas Gustafsson controlconnection_t *next;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
ed3418751ebdf7de397df76753dae97851d2bdf9Brian Wellington if (!listener->exiting) {
ed3418751ebdf7de397df76753dae97851d2bdf9Brian Wellington char socktext[ISC_SOCKADDR_FORMATSIZE];
ed3418751ebdf7de397df76753dae97851d2bdf9Brian Wellington
32d248107a5bc92b4bf9fc77deaa55b3da969ba2Andreas Gustafsson ISC_LIST_UNLINK(listener->controls->listeners, listener, link);
32d248107a5bc92b4bf9fc77deaa55b3da969ba2Andreas Gustafsson
ed3418751ebdf7de397df76753dae97851d2bdf9Brian Wellington isc_sockaddr_format(&listener->address, socktext,
ed3418751ebdf7de397df76753dae97851d2bdf9Brian Wellington sizeof(socktext));
ed3418751ebdf7de397df76753dae97851d2bdf9Brian Wellington isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
ed3418751ebdf7de397df76753dae97851d2bdf9Brian Wellington NS_LOGMODULE_CONTROL, ISC_LOG_NOTICE,
ed3418751ebdf7de397df76753dae97851d2bdf9Brian Wellington "stopping command channel on %s", socktext);
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews if (listener->type == isc_sockettype_unix)
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews isc_socket_cleanunix(&listener->address, ISC_TRUE);
ed3418751ebdf7de397df76753dae97851d2bdf9Brian Wellington listener->exiting = ISC_TRUE;
ed3418751ebdf7de397df76753dae97851d2bdf9Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
32d248107a5bc92b4bf9fc77deaa55b3da969ba2Andreas Gustafsson for (conn = ISC_LIST_HEAD(listener->connections);
32d248107a5bc92b4bf9fc77deaa55b3da969ba2Andreas Gustafsson conn != NULL;
32d248107a5bc92b4bf9fc77deaa55b3da969ba2Andreas Gustafsson conn = next)
32d248107a5bc92b4bf9fc77deaa55b3da969ba2Andreas Gustafsson {
32d248107a5bc92b4bf9fc77deaa55b3da969ba2Andreas Gustafsson next = ISC_LIST_NEXT(conn, link);
32d248107a5bc92b4bf9fc77deaa55b3da969ba2Andreas Gustafsson maybe_free_connection(conn);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
32d248107a5bc92b4bf9fc77deaa55b3da969ba2Andreas Gustafsson if (listener->listening)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_socket_cancel(listener->sock, listener->task,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_SOCKCANCEL_ACCEPT);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
32d248107a5bc92b4bf9fc77deaa55b3da969ba2Andreas Gustafsson maybe_free_listener(listener);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic isc_boolean_t
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonaddress_ok(isc_sockaddr_t *sockaddr, dns_acl_t *acl) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_netaddr_t netaddr;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_result_t result;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington int match;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_netaddr_fromsockaddr(&netaddr, sockaddr);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington result = dns_acl_match(&netaddr, NULL, acl,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington &ns_g_server->aclenv, &match, NULL);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result != ISC_R_SUCCESS || match <= 0)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington return (ISC_FALSE);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington else
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington return (ISC_TRUE);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic isc_result_t
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtoncontrol_accept(controllistener_t *listener) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_result_t result;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington result = isc_socket_accept(listener->sock,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington listener->task,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington control_newconn, listener);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result != ISC_R_SUCCESS)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington UNEXPECTED_ERROR(__FILE__, __LINE__,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "isc_socket_accept() failed: %s",
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_result_totext(result));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington else
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington listener->listening = ISC_TRUE;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington return (result);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic isc_result_t
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtoncontrol_listen(controllistener_t *listener) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_result_t result;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington result = isc_socket_listen(listener->sock, 0);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result != ISC_R_SUCCESS)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington UNEXPECTED_ERROR(__FILE__, __LINE__,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "isc_socket_listen() failed: %s",
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_result_totext(result));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington return (result);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic void
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtoncontrol_next(controllistener_t *listener) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington (void)control_accept(listener);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic void
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtoncontrol_senddone(isc_task_t *task, isc_event_t *event) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_socketevent_t *sevent = (isc_socketevent_t *) event;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controlconnection_t *conn = event->ev_arg;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controllistener_t *listener = conn->listener;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_socket_t *sock = (isc_socket_t *)sevent->ev_sender;
091329e690b20755aa80b86cc7389d25c5d32c9bBrian Wellington isc_result_t result;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington REQUIRE(conn->sending);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington UNUSED(task);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington conn->sending = ISC_FALSE;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (sevent->result != ISC_R_SUCCESS &&
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington sevent->result != ISC_R_CANCELED)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington char socktext[ISC_SOCKADDR_FORMATSIZE];
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_sockaddr_t peeraddr;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington (void)isc_socket_getpeername(sock, &peeraddr);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_sockaddr_format(&peeraddr, socktext, sizeof(socktext));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington NS_LOGMODULE_CONTROL, ISC_LOG_WARNING,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "error sending command response to %s: %s",
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington socktext, isc_result_totext(sevent->result));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_event_free(&event);
091329e690b20755aa80b86cc7389d25c5d32c9bBrian Wellington
091329e690b20755aa80b86cc7389d25c5d32c9bBrian Wellington result = isccc_ccmsg_readmessage(&conn->ccmsg, listener->task,
091329e690b20755aa80b86cc7389d25c5d32c9bBrian Wellington control_recvmessage, conn);
091329e690b20755aa80b86cc7389d25c5d32c9bBrian Wellington if (result != ISC_R_SUCCESS) {
091329e690b20755aa80b86cc7389d25c5d32c9bBrian Wellington isc_socket_detach(&conn->sock);
091329e690b20755aa80b86cc7389d25c5d32c9bBrian Wellington maybe_free_connection(conn);
091329e690b20755aa80b86cc7389d25c5d32c9bBrian Wellington maybe_free_listener(listener);
091329e690b20755aa80b86cc7389d25c5d32c9bBrian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic inline void
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonlog_invalid(isccc_ccmsg_t *ccmsg, isc_result_t result) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington char socktext[ISC_SOCKADDR_FORMATSIZE];
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_sockaddr_t peeraddr;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington (void)isc_socket_getpeername(ccmsg->sock, &peeraddr);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_sockaddr_format(&peeraddr, socktext, sizeof(socktext));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington NS_LOGMODULE_CONTROL, ISC_LOG_ERROR,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "invalid command from %s: %s",
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington socktext, isc_result_totext(result));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic void
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtoncontrol_recvmessage(isc_task_t *task, isc_event_t *event) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controlconnection_t *conn;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controllistener_t *listener;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controlkey_t *key;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isccc_sexpr_t *request = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isccc_sexpr_t *response = NULL;
4eb998928b9aef0ceda42d7529980d658138698aEvan Hunt isc_uint32_t algorithm;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isccc_region_t secret;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_stdtime_t now;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_buffer_t b;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_region_t r;
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt isc_buffer_t *text;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_result_t result;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_result_t eresult;
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews isccc_sexpr_t *_ctrl;
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews isccc_time_t sent;
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews isccc_time_t exp;
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews isc_uint32_t nonce;
9e804040a29b9c3066c8471b43835f30707039b7Evan Hunt isccc_sexpr_t *data;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington REQUIRE(event->ev_type == ISCCC_EVENT_CCMSG);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington conn = event->ev_arg;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington listener = conn->listener;
4eb998928b9aef0ceda42d7529980d658138698aEvan Hunt algorithm = DST_ALG_UNKNOWN;
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington secret.rstart = NULL;
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt text = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
2f012d936b5ccdf6520c96a4de23721dc58a2221Automatic Updater /* Is the server shutting down? */
2f012d936b5ccdf6520c96a4de23721dc58a2221Automatic Updater if (listener->controls->shuttingdown)
2f012d936b5ccdf6520c96a4de23721dc58a2221Automatic Updater goto cleanup;
640923da589bc5b8492ac407ef89ea1ee9a1c358Andreas Gustafsson
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (conn->ccmsg.result != ISC_R_SUCCESS) {
091329e690b20755aa80b86cc7389d25c5d32c9bBrian Wellington if (conn->ccmsg.result != ISC_R_CANCELED &&
091329e690b20755aa80b86cc7389d25c5d32c9bBrian Wellington conn->ccmsg.result != ISC_R_EOF)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington log_invalid(&conn->ccmsg, conn->ccmsg.result);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington goto cleanup;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington request = NULL;
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington for (key = ISC_LIST_HEAD(listener->keys);
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington key != NULL;
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington key = ISC_LIST_NEXT(key, link))
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington {
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt isccc_region_t ccregion;
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington ccregion.rstart = isc_buffer_base(&conn->ccmsg.buffer);
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington ccregion.rend = isc_buffer_used(&conn->ccmsg.buffer);
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington secret.rstart = isc_mem_get(listener->mctx, key->secret.length);
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington if (secret.rstart == NULL)
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington goto cleanup;
e851ea826066ac5a5b01c2c23218faa0273a12e8Evan Hunt memmove(secret.rstart, key->secret.base, key->secret.length);
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington secret.rend = secret.rstart + key->secret.length;
4eb998928b9aef0ceda42d7529980d658138698aEvan Hunt algorithm = key->algorithm;
4eb998928b9aef0ceda42d7529980d658138698aEvan Hunt result = isccc_cc_fromwire(&ccregion, &request,
4eb998928b9aef0ceda42d7529980d658138698aEvan Hunt algorithm, &secret);
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington if (result == ISC_R_SUCCESS)
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington break;
546c2bf791782df1077217bdaf1865235fa95a93Mark Andrews isc_mem_put(listener->mctx, secret.rstart, REGION_SIZE(secret));
c298583db573a329f37d43301d8c3c812500ac85Mark Andrews if (result != ISCCC_R_BADAUTH) {
c298583db573a329f37d43301d8c3c812500ac85Mark Andrews log_invalid(&conn->ccmsg, result);
c298583db573a329f37d43301d8c3c812500ac85Mark Andrews goto cleanup;
c298583db573a329f37d43301d8c3c812500ac85Mark Andrews }
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington }
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington if (key == NULL) {
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington log_invalid(&conn->ccmsg, ISCCC_R_BADAUTH);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington goto cleanup;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington /* We shouldn't be getting a reply. */
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (isccc_cc_isreply(request)) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington log_invalid(&conn->ccmsg, ISC_R_FAILURE);
546c2bf791782df1077217bdaf1865235fa95a93Mark Andrews goto cleanup_request;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews isc_stdtime_get(&now);
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews /*
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews * Limit exposure to replay attacks.
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews */
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews _ctrl = isccc_alist_lookup(request, "_ctrl");
a2b15b3305acd52179e6f3dc7d073b07fbc40b8eMark Andrews if (!isccc_alist_alistp(_ctrl)) {
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews log_invalid(&conn->ccmsg, ISC_R_FAILURE);
546c2bf791782df1077217bdaf1865235fa95a93Mark Andrews goto cleanup_request;
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews }
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews if (isccc_cc_lookupuint32(_ctrl, "_tim", &sent) == ISC_R_SUCCESS) {
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews if ((sent + CLOCKSKEW) < now || (sent - CLOCKSKEW) > now) {
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews log_invalid(&conn->ccmsg, ISCCC_R_CLOCKSKEW);
546c2bf791782df1077217bdaf1865235fa95a93Mark Andrews goto cleanup_request;
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews }
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews } else {
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews log_invalid(&conn->ccmsg, ISC_R_FAILURE);
546c2bf791782df1077217bdaf1865235fa95a93Mark Andrews goto cleanup_request;
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews }
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews /*
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews * Expire messages that are too old.
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews */
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews if (isccc_cc_lookupuint32(_ctrl, "_exp", &exp) == ISC_R_SUCCESS &&
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews now > exp) {
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews log_invalid(&conn->ccmsg, ISCCC_R_EXPIRED);
546c2bf791782df1077217bdaf1865235fa95a93Mark Andrews goto cleanup_request;
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews }
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews /*
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews * Duplicate suppression (required for UDP).
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews */
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews isccc_cc_cleansymtab(listener->controls->symtab, now);
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews result = isccc_cc_checkdup(listener->controls->symtab, request, now);
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews if (result != ISC_R_SUCCESS) {
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews if (result == ISC_R_EXISTS)
2f012d936b5ccdf6520c96a4de23721dc58a2221Automatic Updater result = ISCCC_R_DUPLICATE;
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews log_invalid(&conn->ccmsg, result);
546c2bf791782df1077217bdaf1865235fa95a93Mark Andrews goto cleanup_request;
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews }
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews if (conn->nonce != 0 &&
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews (isccc_cc_lookupuint32(_ctrl, "_nonce", &nonce) != ISC_R_SUCCESS ||
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews conn->nonce != nonce)) {
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews log_invalid(&conn->ccmsg, ISCCC_R_BADAUTH);
546c2bf791782df1077217bdaf1865235fa95a93Mark Andrews goto cleanup_request;
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews }
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt result = isc_buffer_allocate(listener->mctx, &text, 2 * 2048);
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt if (result != ISC_R_SUCCESS)
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt goto cleanup_request;
c1e88f8d8679501def1896fb4c4af927a70813ebEvan Hunt
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews /*
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews * Establish nonce.
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews */
c1e88f8d8679501def1896fb4c4af927a70813ebEvan Hunt if (conn->nonce == 0) {
c1e88f8d8679501def1896fb4c4af927a70813ebEvan Hunt while (conn->nonce == 0)
c1e88f8d8679501def1896fb4c4af927a70813ebEvan Hunt isc_random_get(&conn->nonce);
c1e88f8d8679501def1896fb4c4af927a70813ebEvan Hunt eresult = ISC_R_SUCCESS;
c1e88f8d8679501def1896fb4c4af927a70813ebEvan Hunt } else
58f7af60e79a5aaf58f6a8861c306d4c617fb1d1Mukund Sivaraman eresult = ns_control_docommand(request, listener->readonly, &text);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington result = isccc_cc_createresponse(request, now, now + 60, &response);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result != ISC_R_SUCCESS)
546c2bf791782df1077217bdaf1865235fa95a93Mark Andrews goto cleanup_request;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
9e804040a29b9c3066c8471b43835f30707039b7Evan Hunt data = isccc_alist_lookup(response, "_data");
9e804040a29b9c3066c8471b43835f30707039b7Evan Hunt if (data != NULL) {
9e804040a29b9c3066c8471b43835f30707039b7Evan Hunt if (isccc_cc_defineuint32(data, "result", eresult) == NULL)
9e804040a29b9c3066c8471b43835f30707039b7Evan Hunt goto cleanup_response;
9e804040a29b9c3066c8471b43835f30707039b7Evan Hunt }
9e804040a29b9c3066c8471b43835f30707039b7Evan Hunt
9e804040a29b9c3066c8471b43835f30707039b7Evan Hunt if (eresult != ISC_R_SUCCESS) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (data != NULL) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington const char *estr = isc_result_totext(eresult);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (isccc_cc_definestring(data, "err", estr) == NULL)
546c2bf791782df1077217bdaf1865235fa95a93Mark Andrews goto cleanup_response;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt if (isc_buffer_usedlength(text) > 0) {
e4cd5a1e5d0358abeee7618b02b4592c055d957fBrian Wellington if (data != NULL) {
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt char *str = (char *)isc_buffer_base(text);
e4cd5a1e5d0358abeee7618b02b4592c055d957fBrian Wellington if (isccc_cc_definestring(data, "text", str) == NULL)
546c2bf791782df1077217bdaf1865235fa95a93Mark Andrews goto cleanup_response;
e4cd5a1e5d0358abeee7618b02b4592c055d957fBrian Wellington }
e4cd5a1e5d0358abeee7618b02b4592c055d957fBrian Wellington }
e4cd5a1e5d0358abeee7618b02b4592c055d957fBrian Wellington
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews _ctrl = isccc_alist_lookup(response, "_ctrl");
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews if (_ctrl == NULL ||
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews isccc_cc_defineuint32(_ctrl, "_nonce", conn->nonce) == NULL)
546c2bf791782df1077217bdaf1865235fa95a93Mark Andrews goto cleanup_response;
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt if (conn->buffer == NULL) {
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt result = isc_buffer_allocate(listener->mctx,
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt &conn->buffer, 2 * 2048);
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt if (result != ISC_R_SUCCESS)
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt goto cleanup_response;
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt }
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt isc_buffer_clear(conn->buffer);
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt /* Skip the length field (4 bytes) */
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt isc_buffer_add(conn->buffer, 4);
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt result = isccc_cc_towire(response, &conn->buffer, algorithm, &secret);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result != ISC_R_SUCCESS)
546c2bf791782df1077217bdaf1865235fa95a93Mark Andrews goto cleanup_response;
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt isc_buffer_init(&b, conn->buffer->base, 4);
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt isc_buffer_putuint32(&b, conn->buffer->used - 4);
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt r.base = conn->buffer->base;
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt r.length = conn->buffer->used;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington result = isc_socket_send(conn->sock, &r, task, control_senddone, conn);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result != ISC_R_SUCCESS)
546c2bf791782df1077217bdaf1865235fa95a93Mark Andrews goto cleanup_response;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington conn->sending = ISC_TRUE;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
546c2bf791782df1077217bdaf1865235fa95a93Mark Andrews isc_mem_put(listener->mctx, secret.rstart, REGION_SIZE(secret));
546c2bf791782df1077217bdaf1865235fa95a93Mark Andrews isccc_sexpr_free(&request);
546c2bf791782df1077217bdaf1865235fa95a93Mark Andrews isccc_sexpr_free(&response);
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt isc_buffer_free(&text);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington return;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
546c2bf791782df1077217bdaf1865235fa95a93Mark Andrews cleanup_response:
546c2bf791782df1077217bdaf1865235fa95a93Mark Andrews isccc_sexpr_free(&response);
546c2bf791782df1077217bdaf1865235fa95a93Mark Andrews
546c2bf791782df1077217bdaf1865235fa95a93Mark Andrews cleanup_request:
546c2bf791782df1077217bdaf1865235fa95a93Mark Andrews isccc_sexpr_free(&request);
546c2bf791782df1077217bdaf1865235fa95a93Mark Andrews isc_mem_put(listener->mctx, secret.rstart, REGION_SIZE(secret));
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt if (text != NULL)
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt isc_buffer_free(&text);
546c2bf791782df1077217bdaf1865235fa95a93Mark Andrews
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cleanup:
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_socket_detach(&conn->sock);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isccc_ccmsg_invalidate(&conn->ccmsg);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington conn->ccmsg_valid = ISC_FALSE;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington maybe_free_connection(conn);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington maybe_free_listener(listener);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic void
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtoncontrol_timeout(isc_task_t *task, isc_event_t *event) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controlconnection_t *conn = event->ev_arg;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington UNUSED(task);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_timer_detach(&conn->timer);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington maybe_free_connection(conn);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_event_free(&event);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic isc_result_t
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonnewconnection(controllistener_t *listener, isc_socket_t *sock) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controlconnection_t *conn;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_interval_t interval;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_result_t result;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington conn = isc_mem_get(listener->mctx, sizeof(*conn));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (conn == NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington return (ISC_R_NOMEMORY);
2f012d936b5ccdf6520c96a4de23721dc58a2221Automatic Updater
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington conn->sock = sock;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isccc_ccmsg_init(listener->mctx, sock, &conn->ccmsg);
9b17fd447c684a84b2f5fbfb04ad6e890ae2078cMukund Sivaraman
9b17fd447c684a84b2f5fbfb04ad6e890ae2078cMukund Sivaraman /* Set a 32 KiB upper limit on incoming message. */
9b17fd447c684a84b2f5fbfb04ad6e890ae2078cMukund Sivaraman isccc_ccmsg_setmaxsize(&conn->ccmsg, 32768);
9b17fd447c684a84b2f5fbfb04ad6e890ae2078cMukund Sivaraman
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington conn->ccmsg_valid = ISC_TRUE;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington conn->sending = ISC_FALSE;
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt conn->buffer = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington conn->timer = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_interval_set(&interval, 60, 0);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington result = isc_timer_create(ns_g_timermgr, isc_timertype_once,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington NULL, &interval, listener->task,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington control_timeout, conn, &conn->timer);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result != ISC_R_SUCCESS)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington goto cleanup;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington conn->listener = listener;
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews conn->nonce = 0;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LINK_INIT(conn, link);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington result = isccc_ccmsg_readmessage(&conn->ccmsg, listener->task,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington control_recvmessage, conn);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result != ISC_R_SUCCESS)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington goto cleanup;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LIST_APPEND(listener->connections, conn, link);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington return (ISC_R_SUCCESS);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cleanup:
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt if (conn->buffer != NULL)
e32d354f754a5d7847a0862bcd6302827ea225bfEvan Hunt isc_buffer_free(&conn->buffer);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isccc_ccmsg_invalidate(&conn->ccmsg);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (conn->timer != NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_timer_detach(&conn->timer);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_mem_put(listener->mctx, conn, sizeof(*conn));
19d80ce5844e00a021643759adcbe27c11b485a0Witold Krecicki#ifdef ENABLE_AFL
19d80ce5844e00a021643759adcbe27c11b485a0Witold Krecicki if (ns_g_fuzz_type == ns_fuzz_rndc) {
19d80ce5844e00a021643759adcbe27c11b485a0Witold Krecicki named_fuzz_notify();
19d80ce5844e00a021643759adcbe27c11b485a0Witold Krecicki }
19d80ce5844e00a021643759adcbe27c11b485a0Witold Krecicki#endif
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington return (result);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic void
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtoncontrol_newconn(isc_task_t *task, isc_event_t *event) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_socket_newconnev_t *nevent = (isc_socket_newconnev_t *)event;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controllistener_t *listener = event->ev_arg;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_socket_t *sock;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_sockaddr_t peeraddr;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_result_t result;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington UNUSED(task);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
32d248107a5bc92b4bf9fc77deaa55b3da969ba2Andreas Gustafsson listener->listening = ISC_FALSE;
32d248107a5bc92b4bf9fc77deaa55b3da969ba2Andreas Gustafsson
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (nevent->result != ISC_R_SUCCESS) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (nevent->result == ISC_R_CANCELED) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington shutdown_listener(listener);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington goto cleanup;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington goto restart;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington sock = nevent->newsocket;
96ea71632887c58a9d00f47eb318bf76b35903c3Mark Andrews isc_socket_setname(sock, "control", NULL);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington (void)isc_socket_getpeername(sock, &peeraddr);
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews if (listener->type == isc_sockettype_tcp &&
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews !address_ok(&peeraddr, listener->acl)) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington char socktext[ISC_SOCKADDR_FORMATSIZE];
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_sockaddr_format(&peeraddr, socktext, sizeof(socktext));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington NS_LOGMODULE_CONTROL, ISC_LOG_WARNING,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "rejected command channel message from %s",
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington socktext);
b541c10d0442d9804d94567a97956cec3bd2912dBrian Wellington isc_socket_detach(&sock);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington goto restart;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington result = newconnection(listener, sock);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result != ISC_R_SUCCESS) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington char socktext[ISC_SOCKADDR_FORMATSIZE];
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_sockaddr_format(&peeraddr, socktext, sizeof(socktext));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington NS_LOGMODULE_CONTROL, ISC_LOG_WARNING,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "dropped command channel from %s: %s",
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington socktext, isc_result_totext(result));
b541c10d0442d9804d94567a97956cec3bd2912dBrian Wellington isc_socket_detach(&sock);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington goto restart;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington restart:
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington control_next(listener);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cleanup:
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_event_free(&event);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
9cc98b104e1a1d479a4cf9a47e2acccba927dbcdBrian Wellingtonstatic void
9cc98b104e1a1d479a4cf9a47e2acccba927dbcdBrian Wellingtoncontrols_shutdown(ns_controls_t *controls) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controllistener_t *listener;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controllistener_t *next;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson for (listener = ISC_LIST_HEAD(controls->listeners);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington listener != NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington listener = next)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington /*
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * This is asynchronous. As listeners shut down, they will
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * call their callbacks.
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington */
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington next = ISC_LIST_NEXT(listener, link);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington shutdown_listener(listener);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
9cc98b104e1a1d479a4cf9a47e2acccba927dbcdBrian Wellington}
9cc98b104e1a1d479a4cf9a47e2acccba927dbcdBrian Wellington
9cc98b104e1a1d479a4cf9a47e2acccba927dbcdBrian Wellingtonvoid
9cc98b104e1a1d479a4cf9a47e2acccba927dbcdBrian Wellingtonns_controls_shutdown(ns_controls_t *controls) {
9cc98b104e1a1d479a4cf9a47e2acccba927dbcdBrian Wellington controls_shutdown(controls);
b32e75f3e1822f14681c538d7657bdbccd7fcd45Brian Wellington controls->shuttingdown = ISC_TRUE;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic isc_result_t
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrewscfgkeylist_find(const cfg_obj_t *keylist, const char *keyname,
2f012d936b5ccdf6520c96a4de23721dc58a2221Automatic Updater const cfg_obj_t **objp)
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews{
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews const cfg_listelt_t *element;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington const char *str;
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews const cfg_obj_t *obj;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington for (element = cfg_list_first(keylist);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington element != NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington element = cfg_list_next(element))
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington obj = cfg_listelt_value(element);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington str = cfg_obj_asstring(cfg_map_getname(obj));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (strcasecmp(str, keyname) == 0)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington break;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (element == NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington return (ISC_R_NOTFOUND);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington obj = cfg_listelt_value(element);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington *objp = obj;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington return (ISC_R_SUCCESS);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic isc_result_t
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrewscontrolkeylist_fromcfg(const cfg_obj_t *keylist, isc_mem_t *mctx,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence controlkeylist_t *keyids)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington{
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews const cfg_listelt_t *element;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington char *newstr = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington const char *str;
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews const cfg_obj_t *obj;
cfcb0881d12db2b7cb33475b7d20ac6c9015203bMark Andrews controlkey_t *key;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington for (element = cfg_list_first(keylist);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington element != NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington element = cfg_list_next(element))
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington obj = cfg_listelt_value(element);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington str = cfg_obj_asstring(obj);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington newstr = isc_mem_strdup(mctx, str);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (newstr == NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington goto cleanup;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington key = isc_mem_get(mctx, sizeof(*key));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (key == NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington goto cleanup;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington key->keyname = newstr;
4eb998928b9aef0ceda42d7529980d658138698aEvan Hunt key->algorithm = DST_ALG_UNKNOWN;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington key->secret.base = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington key->secret.length = 0;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LINK_INIT(key, link);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LIST_APPEND(*keyids, key, link);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington newstr = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington return (ISC_R_SUCCESS);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cleanup:
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (newstr != NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_mem_free(mctx, newstr);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington free_controlkeylist(keyids, mctx);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington return (ISC_R_NOMEMORY);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic void
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrewsregister_keys(const cfg_obj_t *control, const cfg_obj_t *keylist,
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews controlkeylist_t *keyids, isc_mem_t *mctx, const char *socktext)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington{
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controlkey_t *keyid, *next;
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews const cfg_obj_t *keydef;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington char secret[1024];
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_buffer_t b;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_result_t result;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington /*
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * Find the keys corresponding to the keyids used by this listener.
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington */
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington for (keyid = ISC_LIST_HEAD(*keyids); keyid != NULL; keyid = next) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington next = ISC_LIST_NEXT(keyid, link);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington result = cfgkeylist_find(keylist, keyid->keyname, &keydef);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result != ISC_R_SUCCESS) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cfg_obj_log(control, ns_g_lctx, ISC_LOG_WARNING,
6e0e723b2554ba1c4af8b79733f54bf2692cdecfAndreas Gustafsson "couldn't find key '%s' for use with "
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "command channel %s",
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington keyid->keyname, socktext);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LIST_UNLINK(*keyids, keyid, link);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington free_controlkey(keyid, mctx);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington } else {
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews const cfg_obj_t *algobj = NULL;
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews const cfg_obj_t *secretobj = NULL;
4e1d3e67cdc76609bad5f0310ac48de10b442b9fMark Andrews const char *algstr = NULL;
4e1d3e67cdc76609bad5f0310ac48de10b442b9fMark Andrews const char *secretstr = NULL;
4eb998928b9aef0ceda42d7529980d658138698aEvan Hunt unsigned int algtype;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington (void)cfg_map_get(keydef, "algorithm", &algobj);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington (void)cfg_map_get(keydef, "secret", &secretobj);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington INSIST(algobj != NULL && secretobj != NULL);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington algstr = cfg_obj_asstring(algobj);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington secretstr = cfg_obj_asstring(secretobj);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
4eb998928b9aef0ceda42d7529980d658138698aEvan Hunt if (ns_config_getkeyalgorithm2(algstr, NULL,
4eb998928b9aef0ceda42d7529980d658138698aEvan Hunt &algtype, NULL) != ISC_R_SUCCESS)
3dfc806ddf433d0569340d9c4ccc5af8ec41a27bBrian Wellington {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cfg_obj_log(control, ns_g_lctx,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LOG_WARNING,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "unsupported algorithm '%s' in "
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "key '%s' for use with command "
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "channel %s",
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington algstr, keyid->keyname, socktext);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LIST_UNLINK(*keyids, keyid, link);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington free_controlkey(keyid, mctx);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington continue;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
4eb998928b9aef0ceda42d7529980d658138698aEvan Hunt keyid->algorithm = algtype;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_buffer_init(&b, secret, sizeof(secret));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington result = isc_base64_decodestring(secretstr, &b);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result != ISC_R_SUCCESS) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cfg_obj_log(keydef, ns_g_lctx, ISC_LOG_WARNING,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "secret for key '%s' on "
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "command channel %s: %s",
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington keyid->keyname, socktext,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_result_totext(result));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LIST_UNLINK(*keyids, keyid, link);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington free_controlkey(keyid, mctx);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington continue;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington keyid->secret.length = isc_buffer_usedlength(&b);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington keyid->secret.base = isc_mem_get(mctx,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington keyid->secret.length);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (keyid->secret.base == NULL) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cfg_obj_log(keydef, ns_g_lctx, ISC_LOG_WARNING,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "couldn't register key '%s': "
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "out of memory", keyid->keyname);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LIST_UNLINK(*keyids, keyid, link);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington free_controlkey(keyid, mctx);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington break;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
e851ea826066ac5a5b01c2c23218faa0273a12e8Evan Hunt memmove(keyid->secret.base, isc_buffer_base(&b),
e851ea826066ac5a5b01c2c23218faa0273a12e8Evan Hunt keyid->secret.length);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews#define CHECK(x) \
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews do { \
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews result = (x); \
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews if (result != ISC_R_SUCCESS) \
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews goto cleanup; \
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews } while (0)
2f012d936b5ccdf6520c96a4de23721dc58a2221Automatic Updater
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrencestatic isc_result_t
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrewsget_rndckey(isc_mem_t *mctx, controlkeylist_t *keyids) {
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_result_t result;
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews cfg_parser_t *pctx = NULL;
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews cfg_obj_t *config = NULL;
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews const cfg_obj_t *key = NULL;
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews const cfg_obj_t *algobj = NULL;
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews const cfg_obj_t *secretobj = NULL;
4e1d3e67cdc76609bad5f0310ac48de10b442b9fMark Andrews const char *algstr = NULL;
4e1d3e67cdc76609bad5f0310ac48de10b442b9fMark Andrews const char *secretstr = NULL;
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews controlkey_t *keyid = NULL;
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews char secret[1024];
4eb998928b9aef0ceda42d7529980d658138698aEvan Hunt unsigned int algtype;
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews isc_buffer_t b;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
368aedf188d7c7782cae8a5ce2a978be47b5a764Evan Hunt isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
368aedf188d7c7782cae8a5ce2a978be47b5a764Evan Hunt NS_LOGMODULE_CONTROL, ISC_LOG_INFO,
368aedf188d7c7782cae8a5ce2a978be47b5a764Evan Hunt "configuring command channel from '%s'",
368aedf188d7c7782cae8a5ce2a978be47b5a764Evan Hunt ns_g_keyfile);
368aedf188d7c7782cae8a5ce2a978be47b5a764Evan Hunt if (! isc_file_exists(ns_g_keyfile))
368aedf188d7c7782cae8a5ce2a978be47b5a764Evan Hunt return (ISC_R_FILENOTFOUND);
368aedf188d7c7782cae8a5ce2a978be47b5a764Evan Hunt
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews CHECK(cfg_parser_create(mctx, ns_g_lctx, &pctx));
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews CHECK(cfg_parse_file(pctx, ns_g_keyfile, &cfg_type_rndckey, &config));
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews CHECK(cfg_map_get(config, "key", &key));
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews keyid = isc_mem_get(mctx, sizeof(*keyid));
2f012d936b5ccdf6520c96a4de23721dc58a2221Automatic Updater if (keyid == NULL)
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews CHECK(ISC_R_NOMEMORY);
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews keyid->keyname = isc_mem_strdup(mctx,
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews cfg_obj_asstring(cfg_map_getname(key)));
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews keyid->secret.base = NULL;
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews keyid->secret.length = 0;
4eb998928b9aef0ceda42d7529980d658138698aEvan Hunt keyid->algorithm = DST_ALG_UNKNOWN;
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews ISC_LINK_INIT(keyid, link);
2f012d936b5ccdf6520c96a4de23721dc58a2221Automatic Updater if (keyid->keyname == NULL)
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews CHECK(ISC_R_NOMEMORY);
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews
c2bc56dc65b4b103a5600565680eb5f33fa4c90bMark Andrews CHECK(bind9_check_key(key, ns_g_lctx));
7dac8d231c644c5d3339f48d8eaedcf498f9d153Andreas Gustafsson
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews (void)cfg_map_get(key, "algorithm", &algobj);
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews (void)cfg_map_get(key, "secret", &secretobj);
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews INSIST(algobj != NULL && secretobj != NULL);
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews algstr = cfg_obj_asstring(algobj);
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews secretstr = cfg_obj_asstring(secretobj);
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews
4eb998928b9aef0ceda42d7529980d658138698aEvan Hunt if (ns_config_getkeyalgorithm2(algstr, NULL,
4eb998928b9aef0ceda42d7529980d658138698aEvan Hunt &algtype, NULL) != ISC_R_SUCCESS) {
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews cfg_obj_log(key, ns_g_lctx,
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews ISC_LOG_WARNING,
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews "unsupported algorithm '%s' in "
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews "key '%s' for use with command "
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews "channel",
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews algstr, keyid->keyname);
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews goto cleanup;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence }
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
4eb998928b9aef0ceda42d7529980d658138698aEvan Hunt keyid->algorithm = algtype;
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews isc_buffer_init(&b, secret, sizeof(secret));
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews result = isc_base64_decodestring(secretstr, &b);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews if (result != ISC_R_SUCCESS) {
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews cfg_obj_log(key, ns_g_lctx, ISC_LOG_WARNING,
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews "secret for key '%s' on command channel: %s",
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews keyid->keyname, isc_result_totext(result));
0874abad14e3e9ecfc3dc1a1a2b9969f2f027724Mark Andrews goto cleanup;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence }
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews keyid->secret.length = isc_buffer_usedlength(&b);
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews keyid->secret.base = isc_mem_get(mctx,
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews keyid->secret.length);
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews if (keyid->secret.base == NULL) {
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews cfg_obj_log(key, ns_g_lctx, ISC_LOG_WARNING,
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews "couldn't register key '%s': "
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews "out of memory", keyid->keyname);
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews CHECK(ISC_R_NOMEMORY);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence }
e851ea826066ac5a5b01c2c23218faa0273a12e8Evan Hunt memmove(keyid->secret.base, isc_buffer_base(&b),
e851ea826066ac5a5b01c2c23218faa0273a12e8Evan Hunt keyid->secret.length);
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews ISC_LIST_APPEND(*keyids, keyid, link);
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews keyid = NULL;
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews result = ISC_R_SUCCESS;
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews cleanup:
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews if (keyid != NULL)
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews free_controlkey(keyid, mctx);
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews if (config != NULL)
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews cfg_obj_destroy(pctx, &config);
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews if (pctx != NULL)
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews cfg_parser_destroy(&pctx);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence return (result);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence}
2f012d936b5ccdf6520c96a4de23721dc58a2221Automatic Updater
9bac746a3cdabdbb7b306875f101c03e637dc639Mark Andrews/*
9bac746a3cdabdbb7b306875f101c03e637dc639Mark Andrews * Ensures that both '*global_keylistp' and '*control_keylistp' are
9bac746a3cdabdbb7b306875f101c03e637dc639Mark Andrews * valid or both are NULL.
9bac746a3cdabdbb7b306875f101c03e637dc639Mark Andrews */
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrencestatic void
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrewsget_key_info(const cfg_obj_t *config, const cfg_obj_t *control,
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews const cfg_obj_t **global_keylistp,
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews const cfg_obj_t **control_keylistp)
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence{
9bac746a3cdabdbb7b306875f101c03e637dc639Mark Andrews isc_result_t result;
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews const cfg_obj_t *control_keylist = NULL;
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews const cfg_obj_t *global_keylist = NULL;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence REQUIRE(global_keylistp != NULL && *global_keylistp == NULL);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence REQUIRE(control_keylistp != NULL && *control_keylistp == NULL);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence control_keylist = cfg_tuple_get(control, "keys");
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews if (!cfg_obj_isvoid(control_keylist) &&
9bac746a3cdabdbb7b306875f101c03e637dc639Mark Andrews cfg_list_first(control_keylist) != NULL) {
9bac746a3cdabdbb7b306875f101c03e637dc639Mark Andrews result = cfg_map_get(config, "key", &global_keylist);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
9bac746a3cdabdbb7b306875f101c03e637dc639Mark Andrews if (result == ISC_R_SUCCESS) {
9bac746a3cdabdbb7b306875f101c03e637dc639Mark Andrews *global_keylistp = global_keylist;
9bac746a3cdabdbb7b306875f101c03e637dc639Mark Andrews *control_keylistp = control_keylist;
9bac746a3cdabdbb7b306875f101c03e637dc639Mark Andrews }
9bac746a3cdabdbb7b306875f101c03e637dc639Mark Andrews }
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence}
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic void
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrewsupdate_listener(ns_controls_t *cp, controllistener_t **listenerp,
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews const cfg_obj_t *control, const cfg_obj_t *config,
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews isc_sockaddr_t *addr, cfg_aclconfctx_t *aclconfctx,
2f012d936b5ccdf6520c96a4de23721dc58a2221Automatic Updater const char *socktext, isc_sockettype_t type)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington{
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controllistener_t *listener;
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews const cfg_obj_t *allow;
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews const cfg_obj_t *global_keylist = NULL;
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews const cfg_obj_t *control_keylist = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington dns_acl_t *new_acl = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controlkeylist_t keys;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_result_t result = ISC_R_SUCCESS;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson for (listener = ISC_LIST_HEAD(cp->listeners);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington listener != NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington listener = ISC_LIST_NEXT(listener, link))
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (isc_sockaddr_equal(addr, &listener->address))
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington break;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (listener == NULL) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington *listenerp = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington return;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
2f012d936b5ccdf6520c96a4de23721dc58a2221Automatic Updater
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington /*
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * There is already a listener for this sockaddr.
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * Update the access list and key information.
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington *
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * First try to deal with the key situation. There are a few
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * possibilities:
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * (a) It had an explicit keylist and still has an explicit keylist.
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * (b) It had an automagic key and now has an explicit keylist.
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * (c) It had an explicit keylist and now needs an automagic key.
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * (d) It has an automagic key and still needs the automagic key.
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence *
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * (c) and (d) are the annoying ones. The caller needs to know
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * that it should use the automagic configuration for key information
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * in place of the named.conf configuration.
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence *
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * XXXDCL There is one other hazard that has not been dealt with,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * the problem that if a key change is being caused by a control
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * channel reload, then the response will be with the new key
f8c304e5a5ed6c9a195ce03877381e5a77d439eeAndreas Gustafsson * and not able to be decrypted by the client.
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence */
ee8a5c01e20740f60be1a87123d6c81ec2c5f8b1Mark Andrews if (control != NULL)
ee8a5c01e20740f60be1a87123d6c81ec2c5f8b1Mark Andrews get_key_info(config, control, &global_keylist,
ee8a5c01e20740f60be1a87123d6c81ec2c5f8b1Mark Andrews &control_keylist);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence if (control_keylist != NULL) {
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence INSIST(global_keylist != NULL);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence ISC_LIST_INIT(keys);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence result = controlkeylist_fromcfg(control_keylist,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence listener->mctx, &keys);
8173a963d2f8c413e698bf48b8eebdd01f3bb877Mark Andrews if (result == ISC_R_SUCCESS) {
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews free_controlkeylist(&listener->keys, listener->mctx);
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews listener->keys = keys;
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews register_keys(control, global_keylist, &listener->keys,
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews listener->mctx, socktext);
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews }
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews } else {
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence free_controlkeylist(&listener->keys, listener->mctx);
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews result = get_rndckey(listener->mctx, &listener->keys);
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews }
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
ade83e60fa640d495de7d46bed87114d6f9a740cMark Andrews if (result != ISC_R_SUCCESS && global_keylist != NULL) {
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence /*
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * This message might be a little misleading since the
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * "new keys" might in fact be identical to the old ones,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * but tracking whether they are identical just for the
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * sake of avoiding this message would be too much trouble.
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence */
2674e1a455d4f71de09b2b60e7a8304b9a305588Mark Andrews if (control != NULL)
2674e1a455d4f71de09b2b60e7a8304b9a305588Mark Andrews cfg_obj_log(control, ns_g_lctx, ISC_LOG_WARNING,
2674e1a455d4f71de09b2b60e7a8304b9a305588Mark Andrews "couldn't install new keys for "
2674e1a455d4f71de09b2b60e7a8304b9a305588Mark Andrews "command channel %s: %s",
2674e1a455d4f71de09b2b60e7a8304b9a305588Mark Andrews socktext, isc_result_totext(result));
2674e1a455d4f71de09b2b60e7a8304b9a305588Mark Andrews else
2674e1a455d4f71de09b2b60e7a8304b9a305588Mark Andrews isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
2674e1a455d4f71de09b2b60e7a8304b9a305588Mark Andrews NS_LOGMODULE_CONTROL, ISC_LOG_WARNING,
2674e1a455d4f71de09b2b60e7a8304b9a305588Mark Andrews "couldn't install new keys for "
2674e1a455d4f71de09b2b60e7a8304b9a305588Mark Andrews "command channel %s: %s",
2674e1a455d4f71de09b2b60e7a8304b9a305588Mark Andrews socktext, isc_result_totext(result));
ade83e60fa640d495de7d46bed87114d6f9a740cMark Andrews }
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence /*
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * Now, keep the old access list unless a new one can be made.
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington */
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews if (control != NULL && type == isc_sockettype_tcp) {
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews allow = cfg_tuple_get(control, "allow");
ad5bc22a819190839bdcc4d102d023782dc23660Mark Andrews result = cfg_acl_fromconfig(allow, config, ns_g_lctx,
c7e266b7e5675e12d1ca3cc929f24b3e86d41f8eEvan Hunt aclconfctx, listener->mctx, 0,
ad5bc22a819190839bdcc4d102d023782dc23660Mark Andrews &new_acl);
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews } else {
1bcdcce64b5b0f66a23fb784b442d38a134581c8Andreas Gustafsson result = dns_acl_any(listener->mctx, &new_acl);
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews }
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews
58f7af60e79a5aaf58f6a8861c306d4c617fb1d1Mukund Sivaraman if (control != NULL) {
58f7af60e79a5aaf58f6a8861c306d4c617fb1d1Mukund Sivaraman const cfg_obj_t *readonly;
58f7af60e79a5aaf58f6a8861c306d4c617fb1d1Mukund Sivaraman
58f7af60e79a5aaf58f6a8861c306d4c617fb1d1Mukund Sivaraman readonly = cfg_tuple_get(control, "read-only");
58f7af60e79a5aaf58f6a8861c306d4c617fb1d1Mukund Sivaraman if (!cfg_obj_isvoid(readonly))
58f7af60e79a5aaf58f6a8861c306d4c617fb1d1Mukund Sivaraman listener->readonly = cfg_obj_asboolean(readonly);
58f7af60e79a5aaf58f6a8861c306d4c617fb1d1Mukund Sivaraman }
58f7af60e79a5aaf58f6a8861c306d4c617fb1d1Mukund Sivaraman
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result == ISC_R_SUCCESS) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington dns_acl_detach(&listener->acl);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington dns_acl_attach(new_acl, &listener->acl);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington dns_acl_detach(&new_acl);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington /* XXXDCL say the old acl is still used? */
2674e1a455d4f71de09b2b60e7a8304b9a305588Mark Andrews } else if (control != NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cfg_obj_log(control, ns_g_lctx, ISC_LOG_WARNING,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "couldn't install new acl for "
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "command channel %s: %s",
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington socktext, isc_result_totext(result));
2674e1a455d4f71de09b2b60e7a8304b9a305588Mark Andrews else
2674e1a455d4f71de09b2b60e7a8304b9a305588Mark Andrews isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
2674e1a455d4f71de09b2b60e7a8304b9a305588Mark Andrews NS_LOGMODULE_CONTROL, ISC_LOG_WARNING,
2674e1a455d4f71de09b2b60e7a8304b9a305588Mark Andrews "couldn't install new acl for "
2674e1a455d4f71de09b2b60e7a8304b9a305588Mark Andrews "command channel %s: %s",
2674e1a455d4f71de09b2b60e7a8304b9a305588Mark Andrews socktext, isc_result_totext(result));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews if (result == ISC_R_SUCCESS && type == isc_sockettype_unix) {
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews isc_uint32_t perm, owner, group;
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews perm = cfg_obj_asuint32(cfg_tuple_get(control, "perm"));
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews owner = cfg_obj_asuint32(cfg_tuple_get(control, "owner"));
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews group = cfg_obj_asuint32(cfg_tuple_get(control, "group"));
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews result = ISC_R_SUCCESS;
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews if (listener->perm != perm || listener->owner != owner ||
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews listener->group != group)
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews result = isc_socket_permunix(&listener->address, perm,
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews owner, group);
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews if (result == ISC_R_SUCCESS) {
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews listener->perm = perm;
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews listener->owner = owner;
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews listener->group = group;
2674e1a455d4f71de09b2b60e7a8304b9a305588Mark Andrews } else if (control != NULL)
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews cfg_obj_log(control, ns_g_lctx, ISC_LOG_WARNING,
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews "couldn't update ownership/permission for "
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews "command channel %s", socktext);
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews }
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington *listenerp = listener;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic void
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafssonadd_listener(ns_controls_t *cp, controllistener_t **listenerp,
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews const cfg_obj_t *control, const cfg_obj_t *config,
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews isc_sockaddr_t *addr, cfg_aclconfctx_t *aclconfctx,
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews const char *socktext, isc_sockettype_t type)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington{
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson isc_mem_t *mctx = cp->server->mctx;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controllistener_t *listener;
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews const cfg_obj_t *allow;
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews const cfg_obj_t *global_keylist = NULL;
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews const cfg_obj_t *control_keylist = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington dns_acl_t *new_acl = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_result_t result = ISC_R_SUCCESS;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington listener = isc_mem_get(mctx, sizeof(*listener));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (listener == NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington result = ISC_R_NOMEMORY;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result == ISC_R_SUCCESS) {
3a0da183bb40bd120698102b20b61ef12665c09bMark Andrews listener->mctx = NULL;
3a0da183bb40bd120698102b20b61ef12665c09bMark Andrews isc_mem_attach(mctx, &listener->mctx);
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson listener->controls = cp;
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson listener->task = cp->server->task;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington listener->address = *addr;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington listener->sock = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington listener->listening = ISC_FALSE;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington listener->exiting = ISC_FALSE;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington listener->acl = NULL;
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews listener->type = type;
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews listener->perm = 0;
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews listener->owner = 0;
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews listener->group = 0;
58f7af60e79a5aaf58f6a8861c306d4c617fb1d1Mukund Sivaraman listener->readonly = ISC_FALSE;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LINK_INIT(listener, link);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LIST_INIT(listener->keys);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LIST_INIT(listener->connections);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington /*
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * Make the acl.
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington */
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews if (control != NULL && type == isc_sockettype_tcp) {
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews allow = cfg_tuple_get(control, "allow");
ad5bc22a819190839bdcc4d102d023782dc23660Mark Andrews result = cfg_acl_fromconfig(allow, config, ns_g_lctx,
c7e266b7e5675e12d1ca3cc929f24b3e86d41f8eEvan Hunt aclconfctx, mctx, 0,
2f012d936b5ccdf6520c96a4de23721dc58a2221Automatic Updater &new_acl);
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews } else {
b4b47bf1874a9dd19796d5593de47bd4c9d3d896Andreas Gustafsson result = dns_acl_any(mctx, &new_acl);
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
58f7af60e79a5aaf58f6a8861c306d4c617fb1d1Mukund Sivaraman if ((result == ISC_R_SUCCESS) && (control != NULL)) {
58f7af60e79a5aaf58f6a8861c306d4c617fb1d1Mukund Sivaraman const cfg_obj_t *readonly;
58f7af60e79a5aaf58f6a8861c306d4c617fb1d1Mukund Sivaraman
58f7af60e79a5aaf58f6a8861c306d4c617fb1d1Mukund Sivaraman readonly = cfg_tuple_get(control, "read-only");
58f7af60e79a5aaf58f6a8861c306d4c617fb1d1Mukund Sivaraman if (!cfg_obj_isvoid(readonly))
58f7af60e79a5aaf58f6a8861c306d4c617fb1d1Mukund Sivaraman listener->readonly = cfg_obj_asboolean(readonly);
58f7af60e79a5aaf58f6a8861c306d4c617fb1d1Mukund Sivaraman }
58f7af60e79a5aaf58f6a8861c306d4c617fb1d1Mukund Sivaraman
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result == ISC_R_SUCCESS) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington dns_acl_attach(new_acl, &listener->acl);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington dns_acl_detach(&new_acl);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews if (config != NULL)
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews get_key_info(config, control, &global_keylist,
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews &control_keylist);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews if (control_keylist != NULL) {
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence result = controlkeylist_fromcfg(control_keylist,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence listener->mctx,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence &listener->keys);
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews if (result == ISC_R_SUCCESS)
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews register_keys(control, global_keylist,
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews &listener->keys,
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews listener->mctx, socktext);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence } else
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews result = get_rndckey(mctx, &listener->keys);
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews if (result != ISC_R_SUCCESS && control != NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cfg_obj_log(control, ns_g_lctx, ISC_LOG_WARNING,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence "couldn't install keys for "
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "command channel %s: %s",
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington socktext, isc_result_totext(result));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result == ISC_R_SUCCESS) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington int pf = isc_sockaddr_pf(&listener->address);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if ((pf == AF_INET && isc_net_probeipv4() != ISC_R_SUCCESS) ||
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews#ifdef ISC_PLATFORM_HAVESYSUNH
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews (pf == AF_UNIX && isc_net_probeunix() != ISC_R_SUCCESS) ||
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews#endif
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington (pf == AF_INET6 && isc_net_probeipv6() != ISC_R_SUCCESS))
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington result = ISC_R_FAMILYNOSUPPORT;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews if (result == ISC_R_SUCCESS && type == isc_sockettype_unix)
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews isc_socket_cleanunix(&listener->address, ISC_FALSE);
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result == ISC_R_SUCCESS)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington result = isc_socket_create(ns_g_socketmgr,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_sockaddr_pf(&listener->address),
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews type, &listener->sock);
96ea71632887c58a9d00f47eb318bf76b35903c3Mark Andrews if (result == ISC_R_SUCCESS)
96ea71632887c58a9d00f47eb318bf76b35903c3Mark Andrews isc_socket_setname(listener->sock, "control", NULL);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
328e0fee6b6c91c258e5ce36eb70f5e017a85af2Mark Andrews#ifndef ISC_ALLOW_MAPPED
328e0fee6b6c91c258e5ce36eb70f5e017a85af2Mark Andrews if (result == ISC_R_SUCCESS)
328e0fee6b6c91c258e5ce36eb70f5e017a85af2Mark Andrews isc_socket_ipv6only(listener->sock, ISC_TRUE);
328e0fee6b6c91c258e5ce36eb70f5e017a85af2Mark Andrews#endif
328e0fee6b6c91c258e5ce36eb70f5e017a85af2Mark Andrews
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result == ISC_R_SUCCESS)
240e53b13217af266abb3dae8ba103614daf2bf7Mark Andrews result = isc_socket_bind(listener->sock, &listener->address,
240e53b13217af266abb3dae8ba103614daf2bf7Mark Andrews ISC_SOCKET_REUSEADDRESS);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews if (result == ISC_R_SUCCESS && type == isc_sockettype_unix) {
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews listener->perm = cfg_obj_asuint32(cfg_tuple_get(control,
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews "perm"));
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews listener->owner = cfg_obj_asuint32(cfg_tuple_get(control,
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews "owner"));
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews listener->group = cfg_obj_asuint32(cfg_tuple_get(control,
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews "group"));
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews result = isc_socket_permunix(&listener->address, listener->perm,
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews listener->owner, listener->group);
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result == ISC_R_SUCCESS)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington result = control_listen(listener);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result == ISC_R_SUCCESS)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington result = control_accept(listener);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result == ISC_R_SUCCESS) {
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington NS_LOGMODULE_CONTROL, ISC_LOG_NOTICE,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "command channel listening on %s", socktext);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington *listenerp = listener;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington } else {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (listener != NULL) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington listener->exiting = ISC_TRUE;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington free_listener(listener);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews if (control != NULL)
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews cfg_obj_log(control, ns_g_lctx, ISC_LOG_WARNING,
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews "couldn't add command channel %s: %s",
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews socktext, isc_result_totext(result));
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews else
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews NS_LOGMODULE_CONTROL, ISC_LOG_NOTICE,
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews "couldn't add command channel %s: %s",
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews socktext, isc_result_totext(result));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington *listenerp = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington /* XXXDCL return error results? fail hard? */
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonisc_result_t
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrewsns_controls_configure(ns_controls_t *cp, const cfg_obj_t *config,
ad5bc22a819190839bdcc4d102d023782dc23660Mark Andrews cfg_aclconfctx_t *aclconfctx)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington{
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controllistener_t *listener;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controllistenerlist_t new_listeners;
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews const cfg_obj_t *controlslist = NULL;
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews const cfg_listelt_t *element, *element2;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington char socktext[ISC_SOCKADDR_FORMATSIZE];
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LIST_INIT(new_listeners);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington /*
6e0e723b2554ba1c4af8b79733f54bf2692cdecfAndreas Gustafsson * Get the list of named.conf 'controls' statements.
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington */
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington (void)cfg_map_get(config, "controls", &controlslist);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington /*
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * Run through the new control channel list, noting sockets that
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * are already being listened on and moving them to the new list.
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington *
6e0e723b2554ba1c4af8b79733f54bf2692cdecfAndreas Gustafsson * Identifying duplicate addr/port combinations is left to either
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * the underlying config code, or to the bind attempt getting an
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * address-in-use error.
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington */
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (controlslist != NULL) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington for (element = cfg_list_first(controlslist);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington element != NULL;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence element = cfg_list_next(element)) {
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews const cfg_obj_t *controls;
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews const cfg_obj_t *inetcontrols = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controls = cfg_listelt_value(element);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington (void)cfg_map_get(controls, "inet", &inetcontrols);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (inetcontrols == NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington continue;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington for (element2 = cfg_list_first(inetcontrols);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington element2 != NULL;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence element2 = cfg_list_next(element2)) {
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews const cfg_obj_t *control;
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews const cfg_obj_t *obj;
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews isc_sockaddr_t addr;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington /*
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * The parser handles BIND 8 configuration file
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * syntax, so it allows unix phrases as well
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * inet phrases with no keys{} clause.
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington */
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington control = cfg_listelt_value(element2);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington obj = cfg_tuple_get(control, "address");
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews addr = *cfg_obj_assockaddr(obj);
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews if (isc_sockaddr_getport(&addr) == 0)
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews isc_sockaddr_setport(&addr,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington NS_CONTROL_PORT);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews isc_sockaddr_format(&addr, socktext,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington sizeof(socktext));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_log_write(ns_g_lctx,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence NS_LOGCATEGORY_GENERAL,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington NS_LOGMODULE_CONTROL,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LOG_DEBUG(9),
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "processing control channel %s",
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington socktext);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson update_listener(cp, &listener, control, config,
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews &addr, aclconfctx, socktext,
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews isc_sockettype_tcp);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (listener != NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington /*
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * Remove the listener from the old
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * list, so it won't be shut down.
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington */
1f7342e0989d9f9063b0e757cf7091668addfdb5David Lawrence ISC_LIST_UNLINK(cp->listeners,
1f7342e0989d9f9063b0e757cf7091668addfdb5David Lawrence listener, link);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington else
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington /*
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * This is a new listener.
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington */
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence add_listener(cp, &listener, control,
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews config, &addr, aclconfctx,
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews socktext,
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews isc_sockettype_tcp);
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews if (listener != NULL)
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews ISC_LIST_APPEND(new_listeners,
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews listener, link);
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews }
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews }
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews for (element = cfg_list_first(controlslist);
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews element != NULL;
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews element = cfg_list_next(element)) {
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews const cfg_obj_t *controls;
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews const cfg_obj_t *unixcontrols = NULL;
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews controls = cfg_listelt_value(element);
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews (void)cfg_map_get(controls, "unix", &unixcontrols);
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews if (unixcontrols == NULL)
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews continue;
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews for (element2 = cfg_list_first(unixcontrols);
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews element2 != NULL;
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews element2 = cfg_list_next(element2)) {
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews const cfg_obj_t *control;
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews const cfg_obj_t *path;
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews isc_sockaddr_t addr;
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews isc_result_t result;
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews /*
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews * The parser handles BIND 8 configuration file
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews * syntax, so it allows unix phrases as well
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews * inet phrases with no keys{} clause.
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews */
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews control = cfg_listelt_value(element2);
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews path = cfg_tuple_get(control, "path");
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews result = isc_sockaddr_frompath(&addr,
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews cfg_obj_asstring(path));
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews if (result != ISC_R_SUCCESS) {
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews isc_log_write(ns_g_lctx,
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews NS_LOGCATEGORY_GENERAL,
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews NS_LOGMODULE_CONTROL,
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews ISC_LOG_DEBUG(9),
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews "control channel '%s': %s",
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews cfg_obj_asstring(path),
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews isc_result_totext(result));
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews continue;
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews }
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews isc_log_write(ns_g_lctx,
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews NS_LOGCATEGORY_GENERAL,
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews NS_LOGMODULE_CONTROL,
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews ISC_LOG_DEBUG(9),
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews "processing control channel '%s'",
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews cfg_obj_asstring(path));
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews update_listener(cp, &listener, control, config,
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews &addr, aclconfctx,
2f012d936b5ccdf6520c96a4de23721dc58a2221Automatic Updater cfg_obj_asstring(path),
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews isc_sockettype_unix);
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews if (listener != NULL)
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews /*
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews * Remove the listener from the old
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews * list, so it won't be shut down.
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews */
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews ISC_LIST_UNLINK(cp->listeners,
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews listener, link);
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews else
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews /*
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews * This is a new listener.
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews */
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews add_listener(cp, &listener, control,
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews config, &addr, aclconfctx,
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews cfg_obj_asstring(path),
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews isc_sockettype_unix);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence if (listener != NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LIST_APPEND(new_listeners,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington listener, link);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence } else {
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews int i;
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews
b199e25ab71bf7e212581e1c68b179b757418d1bAndreas Gustafsson for (i = 0; i < 2; i++) {
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews isc_sockaddr_t addr;
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews
8173a963d2f8c413e698bf48b8eebdd01f3bb877Mark Andrews if (i == 0) {
5cd7e9d4db393c314dd1a761c52d2cb3a4da9b72Andreas Gustafsson struct in_addr localhost;
5cd7e9d4db393c314dd1a761c52d2cb3a4da9b72Andreas Gustafsson
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews if (isc_net_probeipv4() != ISC_R_SUCCESS)
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews continue;
5cd7e9d4db393c314dd1a761c52d2cb3a4da9b72Andreas Gustafsson localhost.s_addr = htonl(INADDR_LOOPBACK);
5cd7e9d4db393c314dd1a761c52d2cb3a4da9b72Andreas Gustafsson isc_sockaddr_fromin(&addr, &localhost, 0);
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews } else {
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews if (isc_net_probeipv6() != ISC_R_SUCCESS)
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews continue;
5cd7e9d4db393c314dd1a761c52d2cb3a4da9b72Andreas Gustafsson isc_sockaddr_fromin6(&addr,
5cd7e9d4db393c314dd1a761c52d2cb3a4da9b72Andreas Gustafsson &in6addr_loopback, 0);
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews }
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews isc_sockaddr_setport(&addr, NS_CONTROL_PORT);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews isc_sockaddr_format(&addr, socktext, sizeof(socktext));
2f012d936b5ccdf6520c96a4de23721dc58a2221Automatic Updater
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews update_listener(cp, &listener, NULL, NULL,
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews &addr, NULL, socktext,
2f012d936b5ccdf6520c96a4de23721dc58a2221Automatic Updater isc_sockettype_tcp);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews if (listener != NULL)
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews /*
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews * Remove the listener from the old
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews * list, so it won't be shut down.
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews */
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews ISC_LIST_UNLINK(cp->listeners,
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews listener, link);
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews else
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews /*
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews * This is a new listener.
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews */
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews add_listener(cp, &listener, NULL, NULL,
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews &addr, NULL, socktext,
4423c99613db1399dbb5c51e86ef0d351a1418c2Mark Andrews isc_sockettype_tcp);
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews if (listener != NULL)
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews ISC_LIST_APPEND(new_listeners,
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews listener, link);
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews /*
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews * ns_control_shutdown() will stop whatever is on the global
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews * listeners list, which currently only has whatever sockaddrs
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews * were in the previous configuration (if any) that do not
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews * remain in the current configuration.
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews */
9cc98b104e1a1d479a4cf9a47e2acccba927dbcdBrian Wellington controls_shutdown(cp);
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews /*
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews * Put all of the valid listeners on the listeners list.
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews * Anything already on listeners in the process of shutting
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews * down will be taken care of by listen_done().
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews */
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6Mark Andrews ISC_LIST_APPENDLIST(cp->listeners, new_listeners, link);
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson return (ISC_R_SUCCESS);
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafssonisc_result_t
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafssonns_controls_create(ns_server_t *server, ns_controls_t **ctrlsp) {
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson isc_mem_t *mctx = server->mctx;
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews isc_result_t result;
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson ns_controls_t *controls = isc_mem_get(mctx, sizeof(*controls));
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson if (controls == NULL)
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson return (ISC_R_NOMEMORY);
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson controls->server = server;
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson ISC_LIST_INIT(controls->listeners);
b32e75f3e1822f14681c538d7657bdbccd7fcd45Brian Wellington controls->shuttingdown = ISC_FALSE;
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews controls->symtab = NULL;
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews result = isccc_cc_createsymtab(&controls->symtab);
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews if (result != ISC_R_SUCCESS) {
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews isc_mem_put(server->mctx, controls, sizeof(*controls));
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews return (result);
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews }
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson *ctrlsp = controls;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington return (ISC_R_SUCCESS);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafssonvoid
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafssonns_controls_destroy(ns_controls_t **ctrlsp) {
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson ns_controls_t *controls = *ctrlsp;
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson REQUIRE(ISC_LIST_EMPTY(controls->listeners));
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson
72ddc4cef9c6a6de53aae530dea1ddbb90631131Mark Andrews isccc_symtab_destroy(&controls->symtab);
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson isc_mem_put(controls->server->mctx, controls, sizeof(*controls));
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson *ctrlsp = NULL;
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson}