controlconf.c revision c2da4f9d8a153ffeb2b659541130abef2d586789
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington/*
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington * Copyright (C) 2001 Internet Software Consortium.
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington *
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington * Permission to use, copy, modify, and distribute this software for any
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington * purpose with or without fee is hereby granted, provided that the above
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington * copyright notice and this permission notice appear in all copies.
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington *
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington */
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington/* $Id: controlconf.c,v 1.14 2001/07/04 03:54:55 bwelling Exp $ */
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <config.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <isc/base64.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <isc/buffer.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <isc/event.h>
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence#include <isc/file.h>
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence#include <isc/fsaccess.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <isc/mem.h>
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence#include <isc/netaddr.h>
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence#include <isc/print.h>
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence#include <isc/random.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <isc/result.h>
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence#include <isc/stdio.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <isc/stdtime.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <isc/string.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <isc/timer.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <isc/util.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <isccfg/cfg.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <isccc/alist.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <isccc/cc.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <isccc/ccmsg.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <isccc/events.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <isccc/result.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <isccc/sexpr.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <isccc/util.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence#include <dns/keyvalues.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <dns/result.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence#include <dst/dst.h>
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <named/control.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <named/log.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington#include <named/server.h>
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington/*
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * Note: Listeners and connections are not locked. All event handlers are
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * executed by the server task, and all callers of exported routines must
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * be running under the server task.
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington */
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtontypedef struct controlkey controlkey_t;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtontypedef ISC_LIST(controlkey_t) controlkeylist_t;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtontypedef struct controlconnection controlconnection_t;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtontypedef ISC_LIST(controlconnection_t) controlconnectionlist_t;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtontypedef struct controllistener controllistener_t;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtontypedef ISC_LIST(controllistener_t) controllistenerlist_t;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstruct controlkey {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington char * keyname;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_region_t secret;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LINK(controlkey_t) link;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington};
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstruct controlconnection {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_socket_t * sock;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isccc_ccmsg_t ccmsg;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_boolean_t ccmsg_valid;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_boolean_t sending;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_timer_t * timer;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington unsigned char buffer[2048];
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controllistener_t * listener;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LINK(controlconnection_t) link;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington};
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstruct controllistener {
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson ns_controls_t * controls;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_mem_t * mctx;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_task_t * task;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_sockaddr_t address;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_socket_t * sock;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington dns_acl_t * acl;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_boolean_t listening;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_boolean_t exiting;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controlkeylist_t keys;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controlconnectionlist_t connections;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LINK(controllistener_t) link;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington};
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrencestatic struct {
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence char name[64];
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence char secret[192];
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence cfg_parser_t *parser;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence cfg_obj_t *config;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_sockaddr_t address; /* Last channel that needed automagic. */
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence} automagic_key;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence#define NS_AUTOKEY_BITS 128
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence#define NS_AUTOKEY_NAME "control_autokey"
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafssonstruct ns_controls {
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson ns_server_t *server;
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson controllistenerlist_t listeners;
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson};
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic void control_newconn(isc_task_t *task, isc_event_t *event);
091329e690b20755aa80b86cc7389d25c5d32c9bBrian Wellingtonstatic void control_recvmessage(isc_task_t *task, isc_event_t *event);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic void
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonfree_controlkey(controlkey_t *key, isc_mem_t *mctx) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (key->keyname != NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_mem_free(mctx, key->keyname);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (key->secret.base != NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_mem_put(mctx, key->secret.base, key->secret.length);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_mem_put(mctx, key, sizeof(*key));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic void
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonfree_controlkeylist(controlkeylist_t *keylist, isc_mem_t *mctx) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington while (!ISC_LIST_EMPTY(*keylist)) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controlkey_t *key = ISC_LIST_HEAD(*keylist);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LIST_UNLINK(*keylist, key, link);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington free_controlkey(key, mctx);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic void
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonfree_listener(controllistener_t *listener) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington INSIST(listener->exiting);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington INSIST(!listener->listening);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington INSIST(ISC_LIST_EMPTY(listener->connections));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (listener->sock != NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_socket_detach(&listener->sock);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington free_controlkeylist(&listener->keys, listener->mctx);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (listener->acl != NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington dns_acl_detach(&listener->acl);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_mem_put(listener->mctx, listener, sizeof(*listener));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic void
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonmaybe_free_listener(controllistener_t *listener) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (listener->exiting &&
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington !listener->listening &&
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LIST_EMPTY(listener->connections))
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington free_listener(listener);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic void
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonmaybe_free_connection(controlconnection_t *conn) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controllistener_t *listener = conn->listener;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (conn->timer != NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_timer_detach(&conn->timer);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (conn->ccmsg_valid) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isccc_ccmsg_cancelread(&conn->ccmsg);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington return;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (conn->sending) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_socket_cancel(conn->sock, listener->task,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_SOCKCANCEL_SEND);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington return;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LIST_UNLINK(listener->connections, conn, link);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_mem_put(listener->mctx, conn, sizeof(*conn));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic void
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonshutdown_listener(controllistener_t *listener) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_boolean_t destroy = ISC_TRUE;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence char socktext[ISC_SOCKADDR_FORMATSIZE];
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington listener->exiting = ISC_TRUE;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (!ISC_LIST_EMPTY(listener->connections)) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controlconnection_t *conn;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington for (conn = ISC_LIST_HEAD(listener->connections);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington conn != NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington conn = ISC_LIST_NEXT(conn, link))
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington maybe_free_connection(conn);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington destroy = ISC_FALSE;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (listener->sock != NULL) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_socket_cancel(listener->sock, listener->task,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_SOCKCANCEL_ACCEPT);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington destroy = ISC_FALSE;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_sockaddr_format(&listener->address, socktext, sizeof(socktext));
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence NS_LOGMODULE_CONTROL, ISC_LOG_NOTICE,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence "stopping command channel on %s", socktext);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (destroy)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington free_listener(listener);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic isc_boolean_t
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonaddress_ok(isc_sockaddr_t *sockaddr, dns_acl_t *acl) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_netaddr_t netaddr;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_result_t result;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington int match;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_netaddr_fromsockaddr(&netaddr, sockaddr);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington result = dns_acl_match(&netaddr, NULL, acl,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington &ns_g_server->aclenv, &match, NULL);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result != ISC_R_SUCCESS || match <= 0)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington return (ISC_FALSE);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington else
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington return (ISC_TRUE);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic isc_result_t
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtoncontrol_accept(controllistener_t *listener) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_result_t result;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington result = isc_socket_accept(listener->sock,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington listener->task,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington control_newconn, listener);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result != ISC_R_SUCCESS)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington UNEXPECTED_ERROR(__FILE__, __LINE__,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "isc_socket_accept() failed: %s",
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_result_totext(result));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington else
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington listener->listening = ISC_TRUE;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington return (result);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic isc_result_t
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtoncontrol_listen(controllistener_t *listener) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_result_t result;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington result = isc_socket_listen(listener->sock, 0);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result != ISC_R_SUCCESS)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington UNEXPECTED_ERROR(__FILE__, __LINE__,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "isc_socket_listen() failed: %s",
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_result_totext(result));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington return (result);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic void
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtoncontrol_next(controllistener_t *listener) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington (void)control_accept(listener);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic void
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtoncontrol_senddone(isc_task_t *task, isc_event_t *event) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_socketevent_t *sevent = (isc_socketevent_t *) event;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controlconnection_t *conn = event->ev_arg;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controllistener_t *listener = conn->listener;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_socket_t *sock = (isc_socket_t *)sevent->ev_sender;
091329e690b20755aa80b86cc7389d25c5d32c9bBrian Wellington isc_result_t result;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington REQUIRE(conn->sending);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington UNUSED(task);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington conn->sending = ISC_FALSE;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (sevent->result != ISC_R_SUCCESS &&
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington sevent->result != ISC_R_CANCELED)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington char socktext[ISC_SOCKADDR_FORMATSIZE];
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_sockaddr_t peeraddr;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington (void)isc_socket_getpeername(sock, &peeraddr);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_sockaddr_format(&peeraddr, socktext, sizeof(socktext));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington NS_LOGMODULE_CONTROL, ISC_LOG_WARNING,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "error sending command response to %s: %s",
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington socktext, isc_result_totext(sevent->result));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_event_free(&event);
091329e690b20755aa80b86cc7389d25c5d32c9bBrian Wellington
091329e690b20755aa80b86cc7389d25c5d32c9bBrian Wellington result = isccc_ccmsg_readmessage(&conn->ccmsg, listener->task,
091329e690b20755aa80b86cc7389d25c5d32c9bBrian Wellington control_recvmessage, conn);
091329e690b20755aa80b86cc7389d25c5d32c9bBrian Wellington if (result != ISC_R_SUCCESS) {
091329e690b20755aa80b86cc7389d25c5d32c9bBrian Wellington isc_socket_detach(&conn->sock);
091329e690b20755aa80b86cc7389d25c5d32c9bBrian Wellington maybe_free_connection(conn);
091329e690b20755aa80b86cc7389d25c5d32c9bBrian Wellington maybe_free_listener(listener);
091329e690b20755aa80b86cc7389d25c5d32c9bBrian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic inline void
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonlog_invalid(isccc_ccmsg_t *ccmsg, isc_result_t result) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington char socktext[ISC_SOCKADDR_FORMATSIZE];
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_sockaddr_t peeraddr;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington (void)isc_socket_getpeername(ccmsg->sock, &peeraddr);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_sockaddr_format(&peeraddr, socktext, sizeof(socktext));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington NS_LOGMODULE_CONTROL, ISC_LOG_ERROR,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "invalid command from %s: %s",
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington socktext, isc_result_totext(result));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic void
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtoncontrol_recvmessage(isc_task_t *task, isc_event_t *event) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controlconnection_t *conn;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controllistener_t *listener;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controlkey_t *key;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isccc_sexpr_t *request = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isccc_sexpr_t *response = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isccc_region_t ccregion;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isccc_region_t secret;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_stdtime_t now;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_buffer_t b;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_region_t r;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_uint32_t len;
e4cd5a1e5d0358abeee7618b02b4592c055d957fBrian Wellington isc_buffer_t text;
e4cd5a1e5d0358abeee7618b02b4592c055d957fBrian Wellington char textarray[1024];
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_result_t result;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_result_t eresult;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington REQUIRE(event->ev_type == ISCCC_EVENT_CCMSG);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington conn = event->ev_arg;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington listener = conn->listener;
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington secret.rstart = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (conn->ccmsg.result != ISC_R_SUCCESS) {
091329e690b20755aa80b86cc7389d25c5d32c9bBrian Wellington if (conn->ccmsg.result != ISC_R_CANCELED &&
091329e690b20755aa80b86cc7389d25c5d32c9bBrian Wellington conn->ccmsg.result != ISC_R_EOF)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington log_invalid(&conn->ccmsg, conn->ccmsg.result);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington goto cleanup;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington request = NULL;
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington INSIST(!ISC_LIST_EMPTY(listener->keys));
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington for (key = ISC_LIST_HEAD(listener->keys);
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington key != NULL;
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington key = ISC_LIST_NEXT(key, link))
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington {
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington ccregion.rstart = isc_buffer_base(&conn->ccmsg.buffer);
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington ccregion.rend = isc_buffer_used(&conn->ccmsg.buffer);
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington secret.rstart = isc_mem_get(listener->mctx, key->secret.length);
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington if (secret.rstart == NULL)
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington goto cleanup;
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington memcpy(secret.rstart, key->secret.base, key->secret.length);
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington secret.rend = secret.rstart + key->secret.length;
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington result = isccc_cc_fromwire(&ccregion, &request, &secret);
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington if (result == ISC_R_SUCCESS)
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington break;
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington else if (result == ISCCC_R_BADAUTH) {
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington /*
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington * For some reason, request is non-NULL when
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington * isccc_cc_fromwire returns ISCCC_R_BADAUTH.
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington */
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington if (request != NULL)
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington isccc_sexpr_free(&request);
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington isc_mem_put(listener->mctx, secret.rstart,
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington REGION_SIZE(secret));
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington }
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington else {
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington log_invalid(&conn->ccmsg, result);
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington goto cleanup;
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington }
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington }
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington if (key == NULL) {
c2da4f9d8a153ffeb2b659541130abef2d586789Brian Wellington log_invalid(&conn->ccmsg, ISCCC_R_BADAUTH);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington goto cleanup;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington /* We shouldn't be getting a reply. */
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (isccc_cc_isreply(request)) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington log_invalid(&conn->ccmsg, ISC_R_FAILURE);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington goto cleanup;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
e4cd5a1e5d0358abeee7618b02b4592c055d957fBrian Wellington isc_buffer_init(&text, textarray, sizeof(textarray));
e4cd5a1e5d0358abeee7618b02b4592c055d957fBrian Wellington eresult = ns_control_docommand(request, &text);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_stdtime_get(&now);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington result = isccc_cc_createresponse(request, now, now + 60, &response);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result != ISC_R_SUCCESS)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington goto cleanup;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (eresult != ISC_R_SUCCESS) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isccc_sexpr_t *data;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington data = isccc_alist_lookup(response, "_data");
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (data != NULL) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington const char *estr = isc_result_totext(eresult);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (isccc_cc_definestring(data, "err", estr) == NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington goto cleanup;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
e4cd5a1e5d0358abeee7618b02b4592c055d957fBrian Wellington if (isc_buffer_usedlength(&text) > 0) {
e4cd5a1e5d0358abeee7618b02b4592c055d957fBrian Wellington isccc_sexpr_t *data;
e4cd5a1e5d0358abeee7618b02b4592c055d957fBrian Wellington
e4cd5a1e5d0358abeee7618b02b4592c055d957fBrian Wellington data = isccc_alist_lookup(response, "_data");
e4cd5a1e5d0358abeee7618b02b4592c055d957fBrian Wellington if (data != NULL) {
e4cd5a1e5d0358abeee7618b02b4592c055d957fBrian Wellington char *str = (char *)isc_buffer_base(&text);
e4cd5a1e5d0358abeee7618b02b4592c055d957fBrian Wellington if (isccc_cc_definestring(data, "text", str) == NULL)
e4cd5a1e5d0358abeee7618b02b4592c055d957fBrian Wellington goto cleanup;
e4cd5a1e5d0358abeee7618b02b4592c055d957fBrian Wellington }
e4cd5a1e5d0358abeee7618b02b4592c055d957fBrian Wellington }
e4cd5a1e5d0358abeee7618b02b4592c055d957fBrian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ccregion.rstart = conn->buffer + 4;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ccregion.rend = conn->buffer + sizeof(conn->buffer);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington result = isccc_cc_towire(response, &ccregion, &secret);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result != ISC_R_SUCCESS)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington goto cleanup;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_buffer_init(&b, conn->buffer, 4);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington len = sizeof(conn->buffer) - REGION_SIZE(ccregion);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_buffer_putuint32(&b, len - 4);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington r.base = conn->buffer;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington r.length = len;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington result = isc_socket_send(conn->sock, &r, task, control_senddone, conn);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result != ISC_R_SUCCESS)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington goto cleanup;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington conn->sending = ISC_TRUE;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
3e9b51fc7b2d12c88298f5b777f9075feb52f071Bob Halley if (secret.rstart != NULL)
3e9b51fc7b2d12c88298f5b777f9075feb52f071Bob Halley isc_mem_put(listener->mctx, secret.rstart,
3e9b51fc7b2d12c88298f5b777f9075feb52f071Bob Halley REGION_SIZE(secret));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (request != NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isccc_sexpr_free(&request);
02d8e643ea6679beff181a2b2b3946b8fe014fecAndreas Gustafsson if (response != NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isccc_sexpr_free(&response);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington return;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cleanup:
3e9b51fc7b2d12c88298f5b777f9075feb52f071Bob Halley if (secret.rstart != NULL)
3e9b51fc7b2d12c88298f5b777f9075feb52f071Bob Halley isc_mem_put(listener->mctx, secret.rstart,
3e9b51fc7b2d12c88298f5b777f9075feb52f071Bob Halley REGION_SIZE(secret));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_socket_detach(&conn->sock);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isccc_ccmsg_invalidate(&conn->ccmsg);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington conn->ccmsg_valid = ISC_FALSE;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington maybe_free_connection(conn);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington maybe_free_listener(listener);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (request != NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isccc_sexpr_free(&request);
02d8e643ea6679beff181a2b2b3946b8fe014fecAndreas Gustafsson if (response != NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isccc_sexpr_free(&response);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic void
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtoncontrol_timeout(isc_task_t *task, isc_event_t *event) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controlconnection_t *conn = event->ev_arg;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington UNUSED(task);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_timer_detach(&conn->timer);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington maybe_free_connection(conn);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_event_free(&event);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic isc_result_t
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonnewconnection(controllistener_t *listener, isc_socket_t *sock) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controlconnection_t *conn;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_interval_t interval;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_result_t result;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington conn = isc_mem_get(listener->mctx, sizeof(*conn));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (conn == NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington return (ISC_R_NOMEMORY);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington conn->sock = sock;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isccc_ccmsg_init(listener->mctx, sock, &conn->ccmsg);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington conn->ccmsg_valid = ISC_TRUE;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington conn->sending = ISC_FALSE;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington conn->timer = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_interval_set(&interval, 60, 0);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington result = isc_timer_create(ns_g_timermgr, isc_timertype_once,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington NULL, &interval, listener->task,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington control_timeout, conn, &conn->timer);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result != ISC_R_SUCCESS)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington goto cleanup;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington conn->listener = listener;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LINK_INIT(conn, link);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington result = isccc_ccmsg_readmessage(&conn->ccmsg, listener->task,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington control_recvmessage, conn);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result != ISC_R_SUCCESS)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington goto cleanup;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isccc_ccmsg_setmaxsize(&conn->ccmsg, 2048);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LIST_APPEND(listener->connections, conn, link);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington return (ISC_R_SUCCESS);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cleanup:
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isccc_ccmsg_invalidate(&conn->ccmsg);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (conn->timer != NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_timer_detach(&conn->timer);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_mem_put(listener->mctx, conn, sizeof(*conn));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington return (result);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic void
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtoncontrol_newconn(isc_task_t *task, isc_event_t *event) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_socket_newconnev_t *nevent = (isc_socket_newconnev_t *)event;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controllistener_t *listener = event->ev_arg;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_socket_t *sock;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_sockaddr_t peeraddr;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_result_t result;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington UNUSED(task);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (nevent->result != ISC_R_SUCCESS) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (nevent->result == ISC_R_CANCELED) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_socket_detach(&listener->sock);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington listener->listening = ISC_FALSE;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington shutdown_listener(listener);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington goto cleanup;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington goto restart;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington sock = nevent->newsocket;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington (void)isc_socket_getpeername(sock, &peeraddr);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (!address_ok(&peeraddr, listener->acl)) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington char socktext[ISC_SOCKADDR_FORMATSIZE];
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_sockaddr_format(&peeraddr, socktext, sizeof(socktext));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington NS_LOGMODULE_CONTROL, ISC_LOG_WARNING,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "rejected command channel message from %s",
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington socktext);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington goto restart;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington result = newconnection(listener, sock);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result != ISC_R_SUCCESS) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington char socktext[ISC_SOCKADDR_FORMATSIZE];
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_sockaddr_format(&peeraddr, socktext, sizeof(socktext));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington NS_LOGMODULE_CONTROL, ISC_LOG_WARNING,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "dropped command channel from %s: %s",
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington socktext, isc_result_totext(result));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington goto restart;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington restart:
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington control_next(listener);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cleanup:
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_event_free(&event);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonvoid
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafssonns_controls_shutdown(ns_controls_t *controls) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controllistener_t *listener;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controllistener_t *next;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson for (listener = ISC_LIST_HEAD(controls->listeners);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington listener != NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington listener = next)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington /*
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * This is asynchronous. As listeners shut down, they will
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * call their callbacks.
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington */
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington next = ISC_LIST_NEXT(listener, link);
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson ISC_LIST_UNLINK(controls->listeners, listener, link);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington shutdown_listener(listener);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic isc_result_t
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtoncfgkeylist_find(cfg_obj_t *keylist, const char *keyname, cfg_obj_t **objp) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cfg_listelt_t *element;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington const char *str;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cfg_obj_t *obj;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington for (element = cfg_list_first(keylist);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington element != NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington element = cfg_list_next(element))
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington obj = cfg_listelt_value(element);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington str = cfg_obj_asstring(cfg_map_getname(obj));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (strcasecmp(str, keyname) == 0)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington break;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (element == NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington return (ISC_R_NOTFOUND);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington obj = cfg_listelt_value(element);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington *objp = obj;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington return (ISC_R_SUCCESS);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic isc_result_t
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtoncontrolkeylist_fromcfg(cfg_obj_t *keylist, isc_mem_t *mctx,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence controlkeylist_t *keyids)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington{
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cfg_listelt_t *element;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington char *newstr = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington const char *str;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cfg_obj_t *obj;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controlkey_t *key = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington for (element = cfg_list_first(keylist);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington element != NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington element = cfg_list_next(element))
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington obj = cfg_listelt_value(element);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington str = cfg_obj_asstring(obj);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington newstr = isc_mem_strdup(mctx, str);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (newstr == NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington goto cleanup;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington key = isc_mem_get(mctx, sizeof(*key));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (key == NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington goto cleanup;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington key->keyname = newstr;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington key->secret.base = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington key->secret.length = 0;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LINK_INIT(key, link);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LIST_APPEND(*keyids, key, link);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington key = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington newstr = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington return (ISC_R_SUCCESS);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cleanup:
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (newstr != NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_mem_free(mctx, newstr);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (key != NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_mem_put(mctx, key, sizeof(*key));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington free_controlkeylist(keyids, mctx);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington return (ISC_R_NOMEMORY);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic void
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonregister_keys(cfg_obj_t *control, cfg_obj_t *keylist,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controlkeylist_t *keyids, isc_mem_t *mctx, char *socktext)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington{
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controlkey_t *keyid, *next;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cfg_obj_t *keydef;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington char secret[1024];
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_buffer_t b;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_result_t result;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington /*
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * Find the keys corresponding to the keyids used by this listener.
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington */
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington for (keyid = ISC_LIST_HEAD(*keyids); keyid != NULL; keyid = next) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington next = ISC_LIST_NEXT(keyid, link);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington result = cfgkeylist_find(keylist, keyid->keyname, &keydef);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result != ISC_R_SUCCESS) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cfg_obj_log(control, ns_g_lctx, ISC_LOG_WARNING,
6e0e723b2554ba1c4af8b79733f54bf2692cdecfAndreas Gustafsson "couldn't find key '%s' for use with "
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "command channel %s",
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington keyid->keyname, socktext);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LIST_UNLINK(*keyids, keyid, link);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington free_controlkey(keyid, mctx);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington } else {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cfg_obj_t *algobj = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cfg_obj_t *secretobj = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington char *algstr = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington char *secretstr = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington (void)cfg_map_get(keydef, "algorithm", &algobj);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington (void)cfg_map_get(keydef, "secret", &secretobj);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington INSIST(algobj != NULL && secretobj != NULL);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington algstr = cfg_obj_asstring(algobj);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington secretstr = cfg_obj_asstring(secretobj);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (strcasecmp(algstr, "hmac-md5") != 0) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cfg_obj_log(control, ns_g_lctx,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LOG_WARNING,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "unsupported algorithm '%s' in "
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "key '%s' for use with command "
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "channel %s",
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington algstr, keyid->keyname, socktext);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LIST_UNLINK(*keyids, keyid, link);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington free_controlkey(keyid, mctx);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington continue;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_buffer_init(&b, secret, sizeof(secret));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington result = isc_base64_decodestring(secretstr, &b);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result != ISC_R_SUCCESS) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cfg_obj_log(keydef, ns_g_lctx, ISC_LOG_WARNING,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "secret for key '%s' on "
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "command channel %s: %s",
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington keyid->keyname, socktext,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_result_totext(result));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LIST_UNLINK(*keyids, keyid, link);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington free_controlkey(keyid, mctx);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington continue;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington keyid->secret.length = isc_buffer_usedlength(&b);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington keyid->secret.base = isc_mem_get(mctx,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington keyid->secret.length);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (keyid->secret.base == NULL) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cfg_obj_log(keydef, ns_g_lctx, ISC_LOG_WARNING,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "couldn't register key '%s': "
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "out of memory", keyid->keyname);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LIST_UNLINK(*keyids, keyid, link);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington free_controlkey(keyid, mctx);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington break;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington memcpy(keyid->secret.base, isc_buffer_base(&b),
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington keyid->secret.length);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrencestatic isc_result_t
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrencemake_automagic_key(isc_mem_t *mctx) {
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence unsigned char key_rawsecret[32];
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence unsigned char key_txtsecret[32];
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_buffer_t key_rawbuffer;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_buffer_t key_txtbuffer;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_region_t key_rawregion;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_uint32_t key_id;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_result_t result;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence dst_key_t *key = NULL;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence /*
11c4f6b687564cdda8a0a38745e30a12e874084aDavid Lawrence * First generate a secret. The fourth parameter non-zero means
11c4f6b687564cdda8a0a38745e30a12e874084aDavid Lawrence * that pseudorandom data is ok; good entropy is not required.
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence */
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence result = dst_key_generate(dns_rootname, DST_ALG_HMACMD5,
11c4f6b687564cdda8a0a38745e30a12e874084aDavid Lawrence NS_AUTOKEY_BITS, 1, 0, DNS_KEYPROTO_ANY,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence dns_rdataclass_in, mctx, &key);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence if (result == ISC_R_SUCCESS) {
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_buffer_init(&key_rawbuffer, &key_rawsecret,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence sizeof(key_rawsecret));
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence result = dst_key_tobuffer(key, &key_rawbuffer);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence }
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence if (result == ISC_R_SUCCESS) {
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_buffer_init(&key_txtbuffer, &key_txtsecret,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence sizeof(key_txtsecret));
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_buffer_usedregion(&key_rawbuffer, &key_rawregion);
0eace215bd758e347767c63c13504520e855b94aAndreas Gustafsson result = isc_base64_totext(&key_rawregion, -1, "",
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence &key_txtbuffer);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence }
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence if (result == ISC_R_SUCCESS) {
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence unsigned int len = isc_buffer_usedlength(&key_txtbuffer);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence INSIST(len < sizeof(automagic_key.secret));
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence memcpy(automagic_key.secret, isc_buffer_base(&key_txtbuffer),
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence len);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence automagic_key.secret[len] = '\0';
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence /*
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * Make a random name for the key and generate the config
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * file statement for it.
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence */
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_random_get(&key_id);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence len = snprintf(automagic_key.name, sizeof(automagic_key.name),
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence NS_AUTOKEY_NAME ".%u", key_id);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence INSIST(len < sizeof(automagic_key.name));
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence }
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence if (key != NULL)
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence dst_key_free(&key);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence if (result != ISC_R_SUCCESS)
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence NS_LOGMODULE_CONTROL, ISC_LOG_WARNING,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence "could not generate control channel key: %s",
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_result_totext(result));
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence return (result);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence}
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrencestatic void
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrenceformat_automagic_keycfg(isc_buffer_t *conf) {
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence unsigned int len;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence len = snprintf(isc_buffer_base(conf), isc_buffer_length(conf),
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence "key \"%s\" {\n"
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence "\talgorithm hmac-md5;\n"
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence "\tsecret \"%s\";\n"
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence "};\n",
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence automagic_key.name, automagic_key.secret);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence INSIST(len < isc_buffer_length(conf));
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_buffer_add(conf, len);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence}
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrencestatic isc_result_t
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrenceparse_automagic_key(isc_mem_t *mctx) {
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence unsigned int len;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence char cfg_data[512];
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_buffer_t cfg_buffer;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_result_t result = ISC_R_SUCCESS;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence cfg_obj_t *cfg = NULL;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence cfg_parser_t *parser = NULL;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence if (automagic_key.name[0] == '\0')
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence result = make_automagic_key(mctx);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence if (result == ISC_R_SUCCESS) {
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence /*
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * Fake up a configuration with a dummy inet control
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * to grab the keylist tuple.
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence */
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_buffer_init(&cfg_buffer, cfg_data, sizeof(cfg_data));
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence format_automagic_keycfg(&cfg_buffer);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence len = snprintf(isc_buffer_used(&cfg_buffer),
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_buffer_availablelength(&cfg_buffer),
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence "controls { inet 127.0.0.1 allow { localhost; }"
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence " keys { %s; }; };",
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence automagic_key.name);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence INSIST(len < isc_buffer_availablelength(&cfg_buffer));
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_buffer_add(&cfg_buffer, len);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence result = cfg_parser_create(mctx, ns_g_lctx, &parser);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence }
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence if (result == ISC_R_SUCCESS)
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence result = cfg_parse_buffer(parser, &cfg_buffer,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence &cfg_type_namedconf, &cfg);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence if (result == ISC_R_SUCCESS) {
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence automagic_key.parser = parser;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence automagic_key.config = cfg;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence } else {
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence NS_LOGMODULE_CONTROL, ISC_LOG_WARNING,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence "could not parse autogenerated "
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence "control channel key: %s",
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_result_totext(result));
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence if (parser != NULL)
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence cfg_parser_destroy(&parser);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence }
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence return (result);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence}
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrencestatic void
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrencefinalize_automagic_key(void) {
4a0b9bb051224b1b98667cbe586afa6d61918564Andreas Gustafsson unsigned int fsaccess;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence int i;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence FILE *fp;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_result_t result;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence (void)isc_file_remove(ns_g_autorndckeyfile);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence if (automagic_key.parser != NULL) {
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence /*
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * An automagic key was parsed, so some channel needed it.
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * Try to write the rndc.conf file.
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence */
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence char cfg_data[512];
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence char nettext[ISC_NETADDR_FORMATSIZE];
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_buffer_t cfg_buffer;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_netaddr_t netaddr;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence result = isc_stdio_open(ns_g_autorndckeyfile, "w", &fp);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence if (result == ISC_R_SUCCESS) {
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence fsaccess = 0;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_fsaccess_add(ISC_FSACCESS_OWNER, ISC_FSACCESS_READ,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence &fsaccess);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence result = isc_fsaccess_set(ns_g_autorndckeyfile,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence fsaccess);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence if (result != ISC_R_SUCCESS) {
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_log_write(ns_g_lctx,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence NS_LOGCATEGORY_GENERAL,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence NS_LOGMODULE_CONTROL,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence ISC_LOG_WARNING,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence "could not set owner-only "
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence "access on %s: %s: "
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence "server control key might be "
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence "exposed to local users",
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence ns_g_autorndckeyfile,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_result_totext(result));
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence }
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_buffer_init(&cfg_buffer, cfg_data,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence sizeof(cfg_data));
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence format_automagic_keycfg(&cfg_buffer);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_netaddr_fromsockaddr(&netaddr,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence &automagic_key.address);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_netaddr_format(&netaddr, nettext, sizeof(nettext));
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence i = fputs(isc_buffer_base(&cfg_buffer), fp);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence if (i != EOF)
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence i = fprintf(fp, "options {\n"
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence "\tdefault-server %s;\n"
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence "\tdefault-port %hu;\n"
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence "\tdefault-key \"%s\";\n"
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence "};\n",
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence nettext,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_sockaddr_getport(
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence &automagic_key.address),
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence automagic_key.name);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence if (i == EOF)
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_log_write(ns_g_lctx,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence NS_LOGCATEGORY_GENERAL,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence NS_LOGMODULE_CONTROL,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence ISC_LOG_WARNING,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence "could not write %s",
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence ns_g_autorndckeyfile);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence result = isc_stdio_close(fp);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence if (result != ISC_R_SUCCESS)
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_log_write(ns_g_lctx,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence NS_LOGCATEGORY_GENERAL,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence NS_LOGMODULE_CONTROL,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence ISC_LOG_WARNING,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence "error closing %s: %s",
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence ns_g_autorndckeyfile,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_result_totext(result));
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence }
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence cfg_obj_destroy(automagic_key.parser, &automagic_key.config);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence cfg_parser_destroy(&automagic_key.parser);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence }
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence}
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrencestatic void
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrenceget_key_info(isc_mem_t *mctx, cfg_obj_t *config, cfg_obj_t *control,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence cfg_obj_t **global_keylistp, cfg_obj_t **control_keylistp,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_boolean_t *explicit_key)
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence{
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence cfg_obj_t *control_keylist = NULL;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence cfg_obj_t *global_keylist = NULL;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_result_t result = ISC_R_SUCCESS;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence REQUIRE(global_keylistp != NULL && *global_keylistp == NULL);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence REQUIRE(control_keylistp != NULL && *control_keylistp == NULL);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence control_keylist = cfg_tuple_get(control, "keys");
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence if (cfg_obj_isvoid(control_keylist) ||
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence cfg_list_first(control_keylist) == NULL) {
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence cfg_obj_t *controls = NULL;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence cfg_obj_t *inet = NULL;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence if (automagic_key.parser == NULL)
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence result = parse_automagic_key(mctx);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence if (result == ISC_R_SUCCESS) {
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence config = automagic_key.config;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence /*
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * All of these should succeed.
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence */
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence (void)cfg_map_get(config, "key", &global_keylist);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence INSIST(global_keylist != NULL);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence (void)cfg_map_get(config, "controls", &controls);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence INSIST(controls != NULL);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence (void)cfg_map_get(cfg_listelt_value
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence (cfg_list_first(controls)),
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence "inet", &inet);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence INSIST(inet != NULL);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence control_keylist =
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence cfg_tuple_get(cfg_listelt_value
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence (cfg_list_first(inet)), "keys");
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence INSIST(control_keylist != NULL);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence }
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence *explicit_key = ISC_FALSE;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence } else {
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence result = cfg_map_get(config, "key", &global_keylist);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence *explicit_key = config != automagic_key.config
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence ? ISC_TRUE : ISC_FALSE;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence }
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence if (result == ISC_R_SUCCESS) {
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence *global_keylistp = global_keylist;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence *control_keylistp = control_keylist;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence } else
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence cfg_obj_log(control, ns_g_lctx, ISC_LOG_WARNING,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence "no key statements for use by control channel");
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence}
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic void
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafssonupdate_listener(ns_controls_t *cp,
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson controllistener_t **listenerp, cfg_obj_t *control,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cfg_obj_t *config, isc_sockaddr_t *addr,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ns_aclconfctx_t *aclconfctx, char *socktext)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington{
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controllistener_t *listener;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cfg_obj_t *allow;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence cfg_obj_t *global_keylist = NULL;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence cfg_obj_t *control_keylist = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington dns_acl_t *new_acl = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controlkeylist_t keys;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_boolean_t explicit_key;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_result_t result = ISC_R_SUCCESS;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson for (listener = ISC_LIST_HEAD(cp->listeners);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington listener != NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington listener = ISC_LIST_NEXT(listener, link))
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (isc_sockaddr_equal(addr, &listener->address))
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington break;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (listener == NULL) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington *listenerp = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington return;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington /*
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * There is already a listener for this sockaddr.
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * Update the access list and key information.
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington *
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * First try to deal with the key situation. There are a few
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * possibilities:
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * (a) It had an explicit keylist and still has an explicit keylist.
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * (b) It had an automagic key and now has an explicit keylist.
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * (c) It had an explicit keylist and now needs an automagic key.
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * (d) It has an automagic key and still needs the automagic key.
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence *
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * (c) and (d) are the annoying ones. The caller needs to know
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * that it should use the automagic configuration for key information
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * in place of the named.conf configuration.
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence *
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * XXXDCL There is one other hazard that has not been dealt with,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * the problem that if a key change is being caused by a control
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * channel reload, then the response will be with the new key
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * and not able to be decrypted by the client. For this reason,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * the automagic key is not regenerated on each reload.
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence */
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence get_key_info(listener->mctx, config, control,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence &global_keylist, &control_keylist, &explicit_key);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence if (control_keylist != NULL) {
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence INSIST(global_keylist != NULL);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence ISC_LIST_INIT(keys);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence result = controlkeylist_fromcfg(control_keylist,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence listener->mctx, &keys);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence }
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence if (result == ISC_R_SUCCESS) {
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence free_controlkeylist(&listener->keys, listener->mctx);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence listener->keys = keys;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence register_keys(control, global_keylist, &listener->keys,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence listener->mctx, socktext);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence if (! explicit_key)
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence automagic_key.address = listener->address;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence } else if (global_keylist != NULL)
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence /*
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * This message might be a little misleading since the
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * "new keys" might in fact be identical to the old ones,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * but tracking whether they are identical just for the
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * sake of avoiding this message would be too much trouble.
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence */
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence cfg_obj_log(control, ns_g_lctx, ISC_LOG_WARNING,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence "couldn't install new keys for "
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence "command channel %s: %s",
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence socktext, isc_result_totext(result));
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence /*
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence * Now, keep the old access list unless a new one can be made.
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington */
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington allow = cfg_tuple_get(control, "allow");
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington result = ns_acl_fromconfig(allow, config, aclconfctx,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington listener->mctx, &new_acl);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result == ISC_R_SUCCESS) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington dns_acl_detach(&listener->acl);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington dns_acl_attach(new_acl, &listener->acl);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington dns_acl_detach(&new_acl);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington } else
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington /* XXXDCL say the old acl is still used? */
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cfg_obj_log(control, ns_g_lctx, ISC_LOG_WARNING,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "couldn't install new acl for "
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "command channel %s: %s",
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington socktext, isc_result_totext(result));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington *listenerp = listener;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonstatic void
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafssonadd_listener(ns_controls_t *cp, controllistener_t **listenerp,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cfg_obj_t *control, cfg_obj_t *config, isc_sockaddr_t *addr,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ns_aclconfctx_t *aclconfctx, char *socktext)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington{
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson isc_mem_t *mctx = cp->server->mctx;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controllistener_t *listener;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cfg_obj_t *allow;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence cfg_obj_t *global_keylist = NULL;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence cfg_obj_t *control_keylist = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington dns_acl_t *new_acl = NULL;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_boolean_t explicit_key;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_result_t result = ISC_R_SUCCESS;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington listener = isc_mem_get(mctx, sizeof(*listener));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (listener == NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington result = ISC_R_NOMEMORY;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result == ISC_R_SUCCESS) {
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson listener->controls = cp;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington listener->mctx = mctx;
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson listener->task = cp->server->task;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington listener->address = *addr;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington listener->sock = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington listener->listening = ISC_FALSE;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington listener->exiting = ISC_FALSE;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington listener->acl = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LINK_INIT(listener, link);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LIST_INIT(listener->keys);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LIST_INIT(listener->connections);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington /*
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * Make the acl.
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington */
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington allow = cfg_tuple_get(control, "allow");
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington result = ns_acl_fromconfig(allow, config, aclconfctx, mctx,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington &new_acl);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result == ISC_R_SUCCESS) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington dns_acl_attach(new_acl, &listener->acl);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington dns_acl_detach(&new_acl);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence get_key_info(listener->mctx, config, control,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence &global_keylist, &control_keylist, &explicit_key);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence if (control_keylist != NULL)
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence result = controlkeylist_fromcfg(control_keylist,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence listener->mctx,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence &listener->keys);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence if (result == ISC_R_SUCCESS) {
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence register_keys(control, global_keylist, &listener->keys,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence listener->mctx, socktext);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence if (! explicit_key)
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence automagic_key.address = listener->address;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence } else
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cfg_obj_log(control, ns_g_lctx, ISC_LOG_WARNING,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence "couldn't install keys for "
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "command channel %s: %s",
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington socktext, isc_result_totext(result));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result == ISC_R_SUCCESS) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington int pf = isc_sockaddr_pf(&listener->address);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if ((pf == AF_INET && isc_net_probeipv4() != ISC_R_SUCCESS) ||
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington (pf == AF_INET6 && isc_net_probeipv6() != ISC_R_SUCCESS))
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington result = ISC_R_FAMILYNOSUPPORT;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result == ISC_R_SUCCESS)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington result = isc_socket_create(ns_g_socketmgr,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_sockaddr_pf(&listener->address),
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_sockettype_tcp,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington &listener->sock);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result == ISC_R_SUCCESS)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington result = isc_socket_bind(listener->sock,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington &listener->address);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result == ISC_R_SUCCESS)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington result = control_listen(listener);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result == ISC_R_SUCCESS)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington result = control_accept(listener);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (result == ISC_R_SUCCESS) {
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington NS_LOGMODULE_CONTROL, ISC_LOG_NOTICE,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "command channel listening on %s", socktext);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington *listenerp = listener;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington } else {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (listener != NULL) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington listener->exiting = ISC_TRUE;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington free_listener(listener);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cfg_obj_log(control, ns_g_lctx, ISC_LOG_WARNING,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "couldn't add command channel %s: %s",
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington socktext, isc_result_totext(result));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington *listenerp = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington /* XXXDCL return error results? fail hard? */
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellingtonisc_result_t
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrencens_controls_configure(ns_controls_t *cp, cfg_obj_t *config,
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson ns_aclconfctx_t *aclconfctx)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington{
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controllistener_t *listener;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controllistenerlist_t new_listeners;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cfg_obj_t *controlslist = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cfg_listelt_t *element, *element2;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington char socktext[ISC_SOCKADDR_FORMATSIZE];
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LIST_INIT(new_listeners);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington /*
6e0e723b2554ba1c4af8b79733f54bf2692cdecfAndreas Gustafsson * Get the list of named.conf 'controls' statements.
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington */
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington (void)cfg_map_get(config, "controls", &controlslist);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington /*
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * Run through the new control channel list, noting sockets that
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * are already being listened on and moving them to the new list.
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington *
6e0e723b2554ba1c4af8b79733f54bf2692cdecfAndreas Gustafsson * Identifying duplicate addr/port combinations is left to either
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * the underlying config code, or to the bind attempt getting an
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * address-in-use error.
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington */
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (controlslist != NULL) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington for (element = cfg_list_first(controlslist);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington element != NULL;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence element = cfg_list_next(element)) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cfg_obj_t *controls;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cfg_obj_t *inetcontrols = NULL;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington controls = cfg_listelt_value(element);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington (void)cfg_map_get(controls, "inet", &inetcontrols);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (inetcontrols == NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington continue;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington for (element2 = cfg_list_first(inetcontrols);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington element2 != NULL;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence element2 = cfg_list_next(element2)) {
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cfg_obj_t *control;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington cfg_obj_t *obj;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_sockaddr_t *addr;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington /*
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * The parser handles BIND 8 configuration file
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * syntax, so it allows unix phrases as well
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * inet phrases with no keys{} clause.
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington *
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * "unix" phrases have been reported as
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * unsupported by the parser.
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington */
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington control = cfg_listelt_value(element2);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington obj = cfg_tuple_get(control, "address");
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington addr = cfg_obj_assockaddr(obj);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (isc_sockaddr_getport(addr) == 0)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_sockaddr_setport(addr,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington NS_CONTROL_PORT);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_sockaddr_format(addr, socktext,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington sizeof(socktext));
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington isc_log_write(ns_g_lctx,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence NS_LOGCATEGORY_GENERAL,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington NS_LOGMODULE_CONTROL,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LOG_DEBUG(9),
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington "processing control channel %s",
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington socktext);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson update_listener(cp, &listener, control, config,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington addr, aclconfctx, socktext);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington if (listener != NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington /*
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * Remove the listener from the old
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * list, so it won't be shut down.
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington */
1f7342e0989d9f9063b0e757cf7091668addfdb5David Lawrence ISC_LIST_UNLINK(cp->listeners,
1f7342e0989d9f9063b0e757cf7091668addfdb5David Lawrence listener, link);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington else
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington /*
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington * This is a new listener.
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington */
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence add_listener(cp, &listener, control,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington config, addr, aclconfctx,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington socktext);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence if (listener != NULL)
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington ISC_LIST_APPEND(new_listeners,
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington listener, link);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence finalize_automagic_key();
1f7342e0989d9f9063b0e757cf7091668addfdb5David Lawrence
1f7342e0989d9f9063b0e757cf7091668addfdb5David Lawrence /*
1f7342e0989d9f9063b0e757cf7091668addfdb5David Lawrence * ns_control_shutdown() will stop whatever is on the global
1f7342e0989d9f9063b0e757cf7091668addfdb5David Lawrence * listeners list, which currently only has whatever sockaddrs
1f7342e0989d9f9063b0e757cf7091668addfdb5David Lawrence * were in the previous configuration (if any) that do not
1f7342e0989d9f9063b0e757cf7091668addfdb5David Lawrence * remain in the current configuration.
1f7342e0989d9f9063b0e757cf7091668addfdb5David Lawrence */
1f7342e0989d9f9063b0e757cf7091668addfdb5David Lawrence ns_controls_shutdown(cp);
1f7342e0989d9f9063b0e757cf7091668addfdb5David Lawrence
1f7342e0989d9f9063b0e757cf7091668addfdb5David Lawrence /*
1f7342e0989d9f9063b0e757cf7091668addfdb5David Lawrence * Put all of the valid listeners on the listeners list.
1f7342e0989d9f9063b0e757cf7091668addfdb5David Lawrence * Anything already on listeners in the process of shutting
1f7342e0989d9f9063b0e757cf7091668addfdb5David Lawrence * down will be taken care of by listen_done().
1f7342e0989d9f9063b0e757cf7091668addfdb5David Lawrence */
1f7342e0989d9f9063b0e757cf7091668addfdb5David Lawrence ISC_LIST_APPENDLIST(cp->listeners, new_listeners, link);
1f7342e0989d9f9063b0e757cf7091668addfdb5David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence } else {
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence isc_result_t result;
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence result = parse_automagic_key(cp->server->mctx);
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence if (result == ISC_R_SUCCESS)
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence ns_controls_configure(cp, automagic_key.config,
7332e47e11ceb87928f801b925269aa6a91838b1David Lawrence aclconfctx);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington }
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson return (ISC_R_SUCCESS);
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson}
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafssonisc_result_t
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafssonns_controls_create(ns_server_t *server, ns_controls_t **ctrlsp) {
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson isc_mem_t *mctx = server->mctx;
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson ns_controls_t *controls = isc_mem_get(mctx, sizeof(*controls));
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson if (controls == NULL)
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson return (ISC_R_NOMEMORY);
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson controls->server = server;
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson ISC_LIST_INIT(controls->listeners);
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson *ctrlsp = controls;
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington return (ISC_R_SUCCESS);
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1Brian Wellington}
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafssonvoid
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafssonns_controls_destroy(ns_controls_t **ctrlsp) {
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson ns_controls_t *controls = *ctrlsp;
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson REQUIRE(ISC_LIST_EMPTY(controls->listeners));
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson isc_mem_put(controls->server->mctx, controls, sizeof(*controls));
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson *ctrlsp = NULL;
532989b206894bdaf6de6cb883d2e31169c4bfacAndreas Gustafsson}