static void
xfrd_set_timer_retry(xfrd_zone_t* zone)
{
/* set timer for next retry or expire timeout if earlier. */
if(zone->soa_disk_acquired == 0) {
/* if no information, use reasonable timeout */
xfrd_set_timer(zone, xfrd_time() + zone->fresh_xfr_timeout
+ random()%zone->fresh_xfr_timeout);
/* exponential backoff - some master data in zones is paid-for
but non-working, and will not get fixed. */
zone->fresh_xfr_timeout *= 2;
if(zone->fresh_xfr_timeout > XFRD_TRANSFER_TIMEOUT_MAX)
zone->fresh_xfr_timeout = XFRD_TRANSFER_TIMEOUT_MAX;
} else if(zone->state == xfrd_zone_expired ||
xfrd_time() + ntohl(zone->soa_disk.retry) <
zone->soa_disk_acquired + ntohl(zone->soa_disk.expire))
{
if(ntohl(zone->soa_disk.retry) < XFRD_LOWERBOUND_RETRY)
xfrd_set_timer(zone, xfrd_time() + XFRD_LOWERBOUND_RETRY);
else
xfrd_set_timer(zone, xfrd_time() + ntohl(zone->soa_disk.retry));
} else {
if(ntohl(zone->soa_disk.expire) < XFRD_LOWERBOUND_RETRY)
xfrd_set_timer(zone, xfrd_time() + XFRD_LOWERBOUND_RETRY);
else
xfrd_set_timer(zone, zone->soa_disk_acquired +
ntohl(zone->soa_disk.expire));
}
}
void
xfrd_set_timer(xfrd_zone_t* zone, time_t t)
{
/* randomize the time, within 90%-100% of original */
/* not later so zones cannot expire too late */
/* only for times far in the future */
if(t > xfrd_time() + 10) {
time_t extra = t - xfrd_time();
time_t base = extra*9/10;
t = xfrd_time() + base + random()%(extra-base);
}
zone->zone_handler.timeout = &zone->timeout;
zone->timeout.tv_sec = t;
zone->timeout.tv_nsec = 0;
}
void
xfrd_set_refresh_now(xfrd_zone_t* zone)
{
xfrd_set_timer(zone, xfrd_time());
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd zone %s sets timeout right now, state %d",
zone->apex_str, zone->state));
}
static int
xfrd_handle_incoming_notify(xfrd_zone_t* zone, xfrd_soa_t* soa)
{
if(soa && zone->soa_disk_acquired && zone->state != xfrd_zone_expired &&
compare_serial(ntohl(soa->serial),ntohl(zone->soa_disk.serial)) <= 0)
{
DEBUG(DEBUG_XFRD,1, (LOG_INFO,
"xfrd: ignored notify %s %u old serial, zone valid "
"(soa disk serial %u)", zone->apex_str,
ntohl(soa->serial),
ntohl(zone->soa_disk.serial)));
return 0; /* ignore notify with old serial, we have a valid zone */
}
if(soa == 0) {
zone->soa_notified.serial = 0;
}
else if (zone->soa_notified_acquired == 0 ||
zone->soa_notified.serial == 0 ||
compare_serial(ntohl(soa->serial),
ntohl(zone->soa_notified.serial)) > 0)
{
zone->soa_notified = *soa;
}
zone->soa_notified_acquired = xfrd_time();
if(zone->state == xfrd_zone_ok) {
xfrd_set_zone_state(zone, xfrd_zone_refreshing);
}
/* transfer right away */
VERBOSITY(1, (LOG_INFO, "Handle incoming notify for zone %s",
zone->apex_str));
return 1;
}
static void
xfrd_write_state_soa(FILE* out, const char* id,
xfrd_soa_t* soa, time_t soatime, const dname_type* ATTR_UNUSED(apex))
{
fprintf(out, "\t%s_acquired: %d", id, (int)soatime);
if(!soatime) {
fprintf(out, "\n");
return;
}
neato_timeout(out, "\t# was", xfrd_time()-soatime);
fprintf(out, " ago\n");
fprintf(out, "\t%s: %u %u %u %u", id,
(unsigned)ntohs(soa->type), (unsigned)ntohs(soa->klass),
(unsigned)ntohl(soa->ttl), (unsigned)ntohs(soa->rdata_count));
fprintf(out, " ");
xfrd_write_dname(out, soa->prim_ns);
fprintf(out, " ");
xfrd_write_dname(out, soa->email);
fprintf(out, " %u", (unsigned)ntohl(soa->serial));
fprintf(out, " %u", (unsigned)ntohl(soa->refresh));
fprintf(out, " %u", (unsigned)ntohl(soa->retry));
fprintf(out, " %u", (unsigned)ntohl(soa->expire));
fprintf(out, " %u\n", (unsigned)ntohl(soa->minimum));
fprintf(out, "\t#");
neato_timeout(out, " refresh =", ntohl(soa->refresh));
neato_timeout(out, " retry =", ntohl(soa->retry));
neato_timeout(out, " expire =", ntohl(soa->expire));
neato_timeout(out, " minimum =", ntohl(soa->minimum));
fprintf(out, "\n");
}
static void
xfrd_set_reload_timeout()
{
if(xfrd->nsd->options->xfrd_reload_timeout == -1)
return; /* automatic reload disabled. */
if(xfrd->reload_timeout.tv_sec == 0 ||
xfrd_time() >= xfrd->reload_timeout.tv_sec ) {
/* no reload wait period (or it passed), do it right away */
xfrd->need_to_send_reload = 1;
xfrd->ipc_handler.event_types |= NETIO_EVENT_WRITE;
/* start reload wait period */
xfrd->reload_timeout.tv_sec = xfrd_time() +
xfrd->nsd->options->xfrd_reload_timeout;
xfrd->reload_timeout.tv_nsec = 0;
return;
}
/* cannot reload now, set that after the timeout a reload has to happen */
xfrd->reload_handler.timeout = &xfrd->reload_timeout;
}
static void
xfrd_handle_reload(netio_type *ATTR_UNUSED(netio),
netio_handler_type *handler, netio_event_types_type event_types)
{
/* reload timeout */
assert(event_types & NETIO_EVENT_TIMEOUT);
/* timeout wait period after this request is sent */
handler->timeout = NULL;
xfrd->reload_timeout.tv_sec = xfrd_time() +
xfrd->nsd->options->xfrd_reload_timeout;
xfrd->need_to_send_reload = 1;
xfrd->ipc_handler.event_types |= NETIO_EVENT_WRITE;
}
void
xfrd_prepare_zones_for_reload()
{
xfrd_zone_t* zone;
RBTREE_FOR(zone, xfrd_zone_t*, xfrd->zones)
{
/* zone has a disk soa, and no nsd soa or a different nsd soa */
if(zone->soa_disk_acquired != 0 &&
(zone->soa_nsd_acquired == 0 ||
zone->soa_disk.serial != zone->soa_nsd.serial))
{
if(zone->soa_disk_acquired == xfrd_time()) {
/* antedate by one second.
* this makes sure that the zone time is before
* reload, so that check_failed_zones() is
* certain of the result.
*/
zone->soa_disk_acquired--;
}
}
}
}
static int
xfrd_send_ixfr_request_udp(xfrd_zone_t* zone)
{
int fd;
/* make sure we have a master to query the ixfr request to */
assert(zone->master);
if(zone->tcp_conn != -1) {
/* tcp is using the zone_handler.fd */
log_msg(LOG_ERR, "xfrd: %s tried to send udp whilst tcp engaged",
zone->apex_str);
return -1;
}
xfrd_setup_packet(xfrd->packet, TYPE_IXFR, CLASS_IN, zone->apex);
zone->query_id = ID(xfrd->packet);
zone->msg_seq_nr = 0;
zone->msg_rr_count = 0;
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "sent query with ID %d", zone->query_id));
NSCOUNT_SET(xfrd->packet, 1);
xfrd_write_soa_buffer(xfrd->packet, zone->apex, &zone->soa_disk);
/* if we have tsig keys, sign the ixfr query */
if(zone->master->key_options && zone->master->key_options->tsig_key) {
xfrd_tsig_sign_request(xfrd->packet, &zone->tsig, zone->master);
}
buffer_flip(xfrd->packet);
xfrd_set_timer(zone, xfrd_time() + XFRD_UDP_TIMEOUT);
if((fd = xfrd_send_udp(zone->master, xfrd->packet,
zone->zone_options->outgoing_interface)) == -1)
return -1;
DEBUG(DEBUG_XFRD,1, (LOG_INFO,
"xfrd sent udp request for ixfr=%u for zone %s to %s",
ntohl(zone->soa_disk.serial),
zone->apex_str, zone->master->ip_address_spec));
return fd;
}
static void
xfrd_udp_read(xfrd_zone_t* zone)
{
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: zone %s read udp data", zone->apex_str));
if(!xfrd_udp_read_packet(xfrd->packet, zone->zone_handler.fd)) {
xfrd_udp_release(zone);
return;
}
switch(xfrd_handle_received_xfr_packet(zone, xfrd->packet)) {
case xfrd_packet_tcp:
xfrd_set_timer(zone, xfrd_time() + xfrd->tcp_set->tcp_timeout);
xfrd_udp_release(zone);
xfrd_tcp_obtain(xfrd->tcp_set, zone);
break;
case xfrd_packet_transfer:
case xfrd_packet_newlease:
/* nothing more to do */
assert(zone->round_num == -1);
xfrd_udp_release(zone);
break;
case xfrd_packet_notimpl:
zone->master->ixfr_disabled = time(NULL);
/* drop packet */
xfrd_udp_release(zone);
/* query next server */
xfrd_make_request(zone);
break;
case xfrd_packet_more:
case xfrd_packet_bad:
default:
/* drop packet */
xfrd_udp_release(zone);
/* query next server */
xfrd_make_request(zone);
break;
}
}
void
xfrd_read_state(struct xfrd_state* xfrd)
{
const char* statefile = xfrd->nsd->options->xfrdfile;
FILE *in;
uint32_t filetime = 0;
uint32_t numzones, i;
region_type *tempregion;
tempregion = region_create(xalloc, free);
if(!tempregion)
return;
in = fopen(statefile, "r");
if(!in) {
if(errno != ENOENT) {
log_msg(LOG_ERR, "xfrd: Could not open file %s for reading: %s",
statefile, strerror(errno));
} else {
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: no file %s. refreshing all zones.",
statefile));
}
region_destroy(tempregion);
return;
}
if(!xfrd_read_check_str(in, XFRD_FILE_MAGIC) ||
!xfrd_read_check_str(in, "filetime:") ||
!xfrd_read_i32(in, &filetime) ||
(time_t)filetime > xfrd_time()+15 ||
!xfrd_read_check_str(in, "numzones:") ||
!xfrd_read_i32(in, &numzones))
{
log_msg(LOG_ERR, "xfrd: corrupt state file %s dated %d (now=%lld)",
statefile, (int)filetime, (long long)xfrd_time());
fclose(in);
region_destroy(tempregion);
return;
}
for(i=0; i<numzones; i++) {
char *p;
xfrd_zone_t* zone;
const dname_type* dname;
uint32_t state, masnum, nextmas, round_num, timeout;
xfrd_soa_t soa_nsd_read, soa_disk_read, soa_notified_read;
time_t soa_nsd_acquired_read,
soa_disk_acquired_read, soa_notified_acquired_read;
xfrd_soa_t incoming_soa;
time_t incoming_acquired;
memset(&soa_nsd_read, 0, sizeof(soa_nsd_read));
memset(&soa_disk_read, 0, sizeof(soa_disk_read));
memset(&soa_notified_read, 0, sizeof(soa_notified_read));
if(!xfrd_read_check_str(in, "zone:") ||
!xfrd_read_check_str(in, "name:") ||
!(p=xfrd_read_token(in)) ||
!(dname = dname_parse(tempregion, p)) ||
!xfrd_read_check_str(in, "state:") ||
!xfrd_read_i32(in, &state) || (state>2) ||
!xfrd_read_check_str(in, "master:") ||
!xfrd_read_i32(in, &masnum) ||
!xfrd_read_check_str(in, "next_master:") ||
!xfrd_read_i32(in, &nextmas) ||
!xfrd_read_check_str(in, "round_num:") ||
!xfrd_read_i32(in, &round_num) ||
!xfrd_read_check_str(in, "next_timeout:") ||
!xfrd_read_i32(in, &timeout) ||
!xfrd_read_state_soa(in, "soa_nsd_acquired:", "soa_nsd:",
&soa_nsd_read, &soa_nsd_acquired_read) ||
!xfrd_read_state_soa(in, "soa_disk_acquired:", "soa_disk:",
&soa_disk_read, &soa_disk_acquired_read) ||
!xfrd_read_state_soa(in, "soa_notify_acquired:", "soa_notify:",
&soa_notified_read, &soa_notified_acquired_read))
{
log_msg(LOG_ERR, "xfrd: corrupt state file %s dated %d (now=%lld)",
statefile, (int)filetime, (long long)xfrd_time());
fclose(in);
region_destroy(tempregion);
return;
}
zone = (xfrd_zone_t*)rbtree_search(xfrd->zones, dname);
if(!zone) {
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: state file has info for not configured zone %s", p));
continue;
}
if(soa_nsd_acquired_read>xfrd_time()+15 ||
soa_disk_acquired_read>xfrd_time()+15 ||
soa_notified_acquired_read>xfrd_time()+15)
{
log_msg(LOG_ERR, "xfrd: statefile %s contains"
" times in the future for zone %s. Ignoring.",
statefile, zone->apex_str);
continue;
}
zone->state = state;
zone->master_num = masnum;
zone->next_master = nextmas;
zone->round_num = round_num;
zone->timeout.tv_sec = timeout;
zone->timeout.tv_usec = 0;
/* read the zone OK, now set the master properly */
zone->master = acl_find_num(zone->zone_options->pattern->
request_xfr, zone->master_num);
if(!zone->master) {
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: masters changed for zone %s",
zone->apex_str));
zone->master = zone->zone_options->pattern->request_xfr;
zone->master_num = 0;
zone->round_num = 0;
}
/*
* There is no timeout,
* or there is a notification,
* or there is a soa && current time is past refresh point
*/
if(timeout == 0 || soa_notified_acquired_read != 0 ||
(soa_disk_acquired_read != 0 &&
(uint32_t)xfrd_time() - soa_disk_acquired_read
> ntohl(soa_disk_read.refresh)))
{
zone->state = xfrd_zone_refreshing;
xfrd_set_refresh_now(zone);
}
/* There is a soa && current time is past expiry point */
if(soa_disk_acquired_read!=0 &&
(uint32_t)xfrd_time() - soa_disk_acquired_read
> ntohl(soa_disk_read.expire))
{
zone->state = xfrd_zone_expired;
xfrd_set_refresh_now(zone);
}
/* handle as an incoming SOA. */
incoming_soa = zone->soa_nsd;
incoming_acquired = zone->soa_nsd_acquired;
zone->soa_nsd = soa_nsd_read;
zone->soa_disk = soa_disk_read;
zone->soa_notified = soa_notified_read;
zone->soa_nsd_acquired = soa_nsd_acquired_read;
/* we had better use what we got from starting NSD, not
* what we store in this file, because the actual zone
* contents trumps the contents of this cache */
/* zone->soa_disk_acquired = soa_disk_acquired_read; */
zone->soa_notified_acquired = soa_notified_acquired_read;
xfrd_handle_incoming_soa(zone, &incoming_soa, incoming_acquired);
}
if(!xfrd_read_check_str(in, XFRD_FILE_MAGIC)) {
log_msg(LOG_ERR, "xfrd: corrupt state file %s dated %d (now=%lld)",
statefile, (int)filetime, (long long)xfrd_time());
region_destroy(tempregion);
fclose(in);
return;
}
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: read %d zones from state file", (int)numzones));
fclose(in);
region_destroy(tempregion);
}
void
xfrd_handle_incoming_soa(xfrd_zone_t* zone,
xfrd_soa_t* soa, time_t acquired)
{
if(soa == NULL) {
/* nsd no longer has a zone in memory */
zone->soa_nsd_acquired = 0;
xfrd_set_zone_state(zone, xfrd_zone_refreshing);
xfrd_set_refresh_now(zone);
return;
}
if(zone->soa_nsd_acquired && soa->serial == zone->soa_nsd.serial)
return;
if(zone->soa_disk_acquired && soa->serial == zone->soa_disk.serial)
{
/* soa in disk has been loaded in memory */
log_msg(LOG_INFO, "Zone %s serial %u is updated to %u.",
zone->apex_str, ntohl(zone->soa_nsd.serial),
ntohl(soa->serial));
zone->soa_nsd = zone->soa_disk;
zone->soa_nsd_acquired = zone->soa_disk_acquired;
if((uint32_t)xfrd_time() - zone->soa_disk_acquired
< ntohl(zone->soa_disk.refresh))
{
/* zone ok, wait for refresh time */
xfrd_set_zone_state(zone, xfrd_zone_ok);
zone->round_num = -1;
xfrd_set_timer_refresh(zone);
} else if((uint32_t)xfrd_time() - zone->soa_disk_acquired
< ntohl(zone->soa_disk.expire))
{
/* zone refreshing */
xfrd_set_zone_state(zone, xfrd_zone_refreshing);
xfrd_set_refresh_now(zone);
}
if((uint32_t)xfrd_time() - zone->soa_disk_acquired
>= ntohl(zone->soa_disk.expire)) {
/* zone expired */
xfrd_set_zone_state(zone, xfrd_zone_expired);
xfrd_set_refresh_now(zone);
}
if(zone->soa_notified_acquired != 0 &&
(zone->soa_notified.serial == 0 ||
compare_serial(ntohl(zone->soa_disk.serial),
ntohl(zone->soa_notified.serial)) >= 0))
{ /* read was in response to this notification */
zone->soa_notified_acquired = 0;
}
if(zone->soa_notified_acquired && zone->state == xfrd_zone_ok)
{
/* refresh because of notification */
xfrd_set_zone_state(zone, xfrd_zone_refreshing);
xfrd_set_refresh_now(zone);
}
xfrd_send_notify(xfrd->notify_zones, zone->apex, &zone->soa_nsd);
return;
}
/* user must have manually provided zone data */
DEBUG(DEBUG_XFRD,1, (LOG_INFO,
"xfrd: zone %s serial %u from unknown source. refreshing",
zone->apex_str, ntohl(soa->serial)));
zone->soa_nsd = *soa;
zone->soa_disk = *soa;
zone->soa_nsd_acquired = acquired;
zone->soa_disk_acquired = acquired;
if(zone->soa_notified_acquired != 0 &&
(zone->soa_notified.serial == 0 ||
compare_serial(ntohl(zone->soa_disk.serial),
ntohl(zone->soa_notified.serial)) >= 0))
{ /* user provided in response to this notification */
zone->soa_notified_acquired = 0;
}
xfrd_set_zone_state(zone, xfrd_zone_refreshing);
xfrd_set_refresh_now(zone);
xfrd_send_notify(xfrd->notify_zones, zone->apex, &zone->soa_nsd);
}
enum xfrd_packet_result
xfrd_handle_received_xfr_packet(xfrd_zone_t* zone, buffer_type* packet)
{
xfrd_soa_t soa;
enum xfrd_packet_result res;
/* parse and check the packet - see if it ends the xfr */
switch((res=xfrd_parse_received_xfr_packet(zone, packet, &soa)))
{
case xfrd_packet_more:
case xfrd_packet_transfer:
/* continue with commit */
break;
case xfrd_packet_newlease:
return xfrd_packet_newlease;
case xfrd_packet_tcp:
return xfrd_packet_tcp;
case xfrd_packet_notimpl:
case xfrd_packet_bad:
default:
{
/* rollback */
if(zone->msg_seq_nr > 0) {
/* do not process xfr - if only one part simply ignore it. */
/* rollback previous parts of commit */
buffer_clear(packet);
buffer_printf(packet, "xfrd: zone %s xfr "
"rollback serial %u at "
"time %u from %s of %u "
"parts",
zone->apex_str,
(int)zone->msg_new_serial,
(int)xfrd_time(),
zone->master->ip_address_spec,
zone->msg_seq_nr);
buffer_flip(packet);
diff_write_commit(zone->apex_str,
zone->msg_old_serial,
zone->msg_new_serial,
zone->query_id, zone->msg_seq_nr, 0,
(char*)buffer_begin(packet),
xfrd->nsd->options);
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: zone %s "
"xfr reverted "
"\"%s\"",
zone->apex_str,
(char*)buffer_begin(packet)));
}
if (res == xfrd_packet_notimpl)
return res;
else
return xfrd_packet_bad;
}
}
/* dump reply on disk to diff file */
diff_write_packet(zone->apex_str, zone->msg_new_serial, zone->query_id,
zone->msg_seq_nr, buffer_begin(packet), buffer_limit(packet),
xfrd->nsd->options);
VERBOSITY(1, (LOG_INFO,
"xfrd: zone %s written received XFR from %s with serial %u to "
"disk", zone->apex_str, zone->master->ip_address_spec,
(int)zone->msg_new_serial));
zone->msg_seq_nr++;
if(res == xfrd_packet_more) {
/* wait for more */
return xfrd_packet_more;
}
/* done. we are completely sure of this */
buffer_clear(packet);
buffer_printf(packet, "xfrd: zone %s received update to serial %u at "
"time %u from %s in %u parts",
zone->apex_str, (int)zone->msg_new_serial, (int)xfrd_time(),
zone->master->ip_address_spec, zone->msg_seq_nr);
if(zone->master->key_options) {
buffer_printf(packet, " TSIG verified with key %s",
zone->master->key_options->name);
}
buffer_flip(packet);
diff_write_commit(zone->apex_str, zone->msg_old_serial,
zone->msg_new_serial, zone->query_id, zone->msg_seq_nr, 1,
(char*)buffer_begin(packet), xfrd->nsd->options);
VERBOSITY(1, (LOG_INFO, "xfrd: zone %s committed \"%s\"",
zone->apex_str, (char*)buffer_begin(packet)));
/* update the disk serial no. */
zone->soa_disk_acquired = xfrd_time();
zone->soa_disk = soa;
if(zone->soa_notified_acquired && (
zone->soa_notified.serial == 0 ||
compare_serial(htonl(zone->soa_disk.serial),
htonl(zone->soa_notified.serial)) >= 0))
{
zone->soa_notified_acquired = 0;
}
if(!zone->soa_notified_acquired) {
/* do not set expired zone to ok:
* it would cause nsd to start answering
* bad data, since the zone is not loaded yet.
* if nsd does not reload < retry time, more
* queries (for even newer versions) are made.
* For expired zone after reload it is set ok (SOAINFO ipc). */
if(zone->state != xfrd_zone_expired)
xfrd_set_zone_state(zone, xfrd_zone_ok);
DEBUG(DEBUG_XFRD,1, (LOG_INFO,
"xfrd: zone %s is waiting for reload",
zone->apex_str));
zone->round_num = -1; /* next try start anew */
xfrd_set_timer_refresh(zone);
xfrd_set_reload_timeout();
return xfrd_packet_transfer;
} else {
/* try to get an even newer serial */
/* pretend it was bad to continue queries */
xfrd_set_reload_timeout();
return xfrd_packet_bad;
}
}
static void
xfrd_handle_zone(netio_type* ATTR_UNUSED(netio),
netio_handler_type *handler, netio_event_types_type event_types)
{
xfrd_zone_t* zone = (xfrd_zone_t*)handler->user_data;
if(zone->tcp_conn != -1) {
/* busy in tcp transaction */
if(xfrd_tcp_is_reading(xfrd->tcp_set, zone->tcp_conn) && event_types & NETIO_EVENT_READ) {
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: zone %s event tcp read", zone->apex_str));
xfrd_set_timer(zone, xfrd_time() + xfrd->tcp_set->tcp_timeout);
xfrd_tcp_read(xfrd->tcp_set, zone);
return;
} else if(!xfrd_tcp_is_reading(xfrd->tcp_set, zone->tcp_conn) && event_types & NETIO_EVENT_WRITE) {
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: zone %s event tcp write", zone->apex_str));
xfrd_set_timer(zone, xfrd_time() + xfrd->tcp_set->tcp_timeout);
xfrd_tcp_write(xfrd->tcp_set, zone);
return;
} else if(event_types & NETIO_EVENT_TIMEOUT) {
/* tcp connection timed out. Stop it. */
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: zone %s event tcp timeout", zone->apex_str));
xfrd_tcp_release(xfrd->tcp_set, zone);
/* continue to retry; as if a timeout happened */
event_types = NETIO_EVENT_TIMEOUT;
}
}
if(event_types & NETIO_EVENT_READ) {
/* busy in udp transaction */
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: zone %s event udp read", zone->apex_str));
xfrd_set_refresh_now(zone);
xfrd_udp_read(zone);
return;
}
/* timeout */
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: zone %s timeout", zone->apex_str));
if(handler->fd != -1) {
assert(zone->tcp_conn == -1);
xfrd_udp_release(zone);
}
if(zone->tcp_waiting) {
DEBUG(DEBUG_XFRD,1, (LOG_ERR, "xfrd: zone %s skips retry, TCP connections full",
zone->apex_str));
xfrd_unset_timer(zone);
return;
}
if(zone->udp_waiting) {
DEBUG(DEBUG_XFRD,1, (LOG_ERR, "xfrd: zone %s skips retry, UDP connections full",
zone->apex_str));
xfrd_unset_timer(zone);
return;
}
if(zone->soa_disk_acquired)
{
if (zone->state != xfrd_zone_expired &&
(uint32_t)xfrd_time() >= zone->soa_disk_acquired + ntohl(zone->soa_disk.expire)) {
/* zone expired */
log_msg(LOG_ERR, "xfrd: zone %s has expired", zone->apex_str);
xfrd_set_zone_state(zone, xfrd_zone_expired);
}
else if(zone->state == xfrd_zone_ok &&
(uint32_t)xfrd_time() >= zone->soa_disk_acquired + ntohl(zone->soa_disk.refresh)) {
/* zone goes to refreshing state. */
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: zone %s is refreshing", zone->apex_str));
xfrd_set_zone_state(zone, xfrd_zone_refreshing);
}
}
/* make a new request */
xfrd_make_request(zone);
}
static void
xfrd_init_zones()
{
zone_type *dbzone;
zone_options_t *zone_opt;
xfrd_zone_t *xzone;
const dname_type* dname;
assert(xfrd->zones == 0);
assert(xfrd->nsd->db != 0);
xfrd->zones = rbtree_create(xfrd->region,
(int (*)(const void *, const void *)) dname_compare);
xfrd->notify_zones = rbtree_create(xfrd->region,
(int (*)(const void *, const void *)) dname_compare);
RBTREE_FOR(zone_opt, zone_options_t*, xfrd->nsd->options->zone_options)
{
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "Zone %s\n", zone_opt->name));
dname = dname_parse(xfrd->region, zone_opt->name);
if(!dname) {
log_msg(LOG_ERR, "xfrd: Could not parse zone name %s.", zone_opt->name);
continue;
}
dbzone = domain_find_zone(domain_table_find(xfrd->nsd->db->domains, dname));
if(dbzone && dname_compare(dname, domain_dname(dbzone->apex)) != 0)
dbzone = 0; /* we found a parent zone */
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: adding %s zone %s\n",
dbzone?"filled":"empty", zone_opt->name));
init_notify_send(xfrd->notify_zones, xfrd->netio,
xfrd->region, dname, zone_opt, dbzone);
if(!zone_is_slave(zone_opt)) {
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: zone %s, master zone has no outgoing xfr requests", zone_opt->name));
continue;
}
xzone = (xfrd_zone_t*)region_alloc(xfrd->region, sizeof(xfrd_zone_t));
memset(xzone, 0, sizeof(xfrd_zone_t));
xzone->apex = dname;
xzone->apex_str = zone_opt->name;
xzone->state = xfrd_zone_refreshing;
xzone->dirty = 0;
xzone->zone_options = zone_opt;
/* first retry will use first master */
xzone->master = 0;
xzone->master_num = 0;
xzone->next_master = 0;
xzone->fresh_xfr_timeout = XFRD_TRANSFER_TIMEOUT_START;
xzone->soa_nsd_acquired = 0;
xzone->soa_disk_acquired = 0;
xzone->soa_notified_acquired = 0;
/* [0]=1, [1]=0; "." domain name */
xzone->soa_nsd.prim_ns[0] = 1;
xzone->soa_nsd.email[0] = 1;
xzone->soa_disk.prim_ns[0]=1;
xzone->soa_disk.email[0]=1;
xzone->soa_notified.prim_ns[0]=1;
xzone->soa_notified.email[0]=1;
xzone->zone_handler.fd = -1;
xzone->zone_handler.timeout = 0;
xzone->zone_handler.user_data = xzone;
xzone->zone_handler.event_types =
NETIO_EVENT_READ|NETIO_EVENT_TIMEOUT;
xzone->zone_handler.event_handler = xfrd_handle_zone;
netio_add_handler(xfrd->netio, &xzone->zone_handler);
xzone->tcp_conn = -1;
xzone->tcp_waiting = 0;
xzone->udp_waiting = 0;
tsig_create_record_custom(&xzone->tsig, xfrd->region, 0, 0, 4);
if(dbzone && dbzone->soa_rrset && dbzone->soa_rrset->rrs) {
xzone->soa_nsd_acquired = xfrd_time();
xzone->soa_disk_acquired = xfrd_time();
/* we only use the first SOA in the rrset */
xfrd_copy_soa(&xzone->soa_nsd, dbzone->soa_rrset->rrs);
xfrd_copy_soa(&xzone->soa_disk, dbzone->soa_rrset->rrs);
}
/* set refreshing anyway, we have data but it may be old */
xfrd_set_refresh_now(xzone);
xzone->node.key = dname;
rbtree_insert(xfrd->zones, (rbnode_t*)xzone);
}
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: started server %d secondary zones", (int)xfrd->zones->count));
}
void
xfrd_make_request(xfrd_zone_t* zone)
{
if(zone->next_master != -1) {
/* we are told to use this next master */
DEBUG(DEBUG_XFRD,1, (LOG_INFO,
"xfrd zone %s use master %i",
zone->apex_str, zone->next_master));
zone->master_num = zone->next_master;
zone->master = acl_find_num(
zone->zone_options->request_xfr, zone->master_num);
/* if there is no next master, fallback to use the first one */
if(!zone->master) {
zone->master = zone->zone_options->request_xfr;
zone->master_num = 0;
}
/* fallback to cycle master */
zone->next_master = -1;
zone->round_num = 0; /* fresh set of retries after notify */
} else {
/* cycle master */
if(zone->round_num != -1 && zone->master && zone->master->next)
{
/* try the next master */
zone->master = zone->master->next;
zone->master_num++;
} else {
/* start a new round */
zone->master = zone->zone_options->request_xfr;
zone->master_num = 0;
zone->round_num++;
}
if(zone->round_num >= XFRD_MAX_ROUNDS) {
/* tried all servers that many times, wait */
zone->round_num = -1;
xfrd_set_timer_retry(zone);
DEBUG(DEBUG_XFRD,1, (LOG_INFO,
"xfrd zone %s makereq wait_retry, rd %d mr %d nx %d",
zone->apex_str, zone->round_num, zone->master_num, zone->next_master));
return;
}
}
/* cache ixfr_disabled only for XFRD_NO_IXFR_CACHE time */
if (zone->master->ixfr_disabled &&
(zone->master->ixfr_disabled + XFRD_NO_IXFR_CACHE) <= time(NULL)) {
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "clear negative caching ixfr "
"disabled for master %s num "
"%d ",
zone->master->ip_address_spec, zone->master_num));
zone->master->ixfr_disabled = 0;
}
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd zone %s make request round %d mr %d nx %d",
zone->apex_str, zone->round_num, zone->master_num, zone->next_master));
/* perform xfr request */
if (!zone->master->use_axfr_only && zone->soa_disk_acquired > 0 &&
!zone->master->ixfr_disabled) {
if (zone->master->allow_udp) {
xfrd_set_timer(zone, xfrd_time() + XFRD_UDP_TIMEOUT);
xfrd_udp_obtain(zone);
}
else { /* doing 3 rounds of IXFR/TCP might not be useful */
xfrd_set_timer(zone, xfrd_time() + xfrd->tcp_set->tcp_timeout);
xfrd_tcp_obtain(xfrd->tcp_set, zone);
}
}
else if (zone->master->use_axfr_only || zone->soa_disk_acquired <= 0) {
xfrd_set_timer(zone, xfrd_time() + xfrd->tcp_set->tcp_timeout);
xfrd_tcp_obtain(xfrd->tcp_set, zone);
}
else if (zone->master->ixfr_disabled) {
if (zone->zone_options->allow_axfr_fallback) {
xfrd_set_timer(zone, xfrd_time() + xfrd->tcp_set->tcp_timeout);
xfrd_tcp_obtain(xfrd->tcp_set, zone);
}
else
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd zone %s axfr "
"fallback not allowed, skipping master %s.",
zone->apex_str, zone->master->ip_address_spec));
}
}
void
xfrd_write_state(struct xfrd_state* xfrd)
{
rbnode_t* p;
const char* statefile = xfrd->nsd->options->xfrdfile;
FILE *out;
time_t now = xfrd_time();
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: write file %s", statefile));
out = fopen(statefile, "w");
if(!out) {
log_msg(LOG_ERR, "xfrd: Could not open file %s for writing: %s",
statefile, strerror(errno));
return;
}
fprintf(out, "%s\n", XFRD_FILE_MAGIC);
fprintf(out, "# This file is written on exit by nsd xfr daemon.\n");
fprintf(out, "# This file contains slave zone information:\n");
fprintf(out, "# * timeouts (when was zone data acquired)\n");
fprintf(out, "# * state (OK, refreshing, expired)\n");
fprintf(out, "# * which master transfer to attempt next\n");
fprintf(out, "# The file is read on start (but not on reload) by nsd xfr daemon.\n");
fprintf(out, "# You can edit; but do not change statement order\n");
fprintf(out, "# and no fancy stuff (like quoted \"strings\").\n");
fprintf(out, "#\n");
fprintf(out, "# If you remove a zone entry, it will be refreshed.\n");
fprintf(out, "# This can be useful for an expired zone; it revives\n");
fprintf(out, "# the zone temporarily, from refresh-expiry time.\n");
fprintf(out, "# If you delete the file all slave zones are updated.\n");
fprintf(out, "#\n");
fprintf(out, "# Note: if you edit this file while nsd is running,\n");
fprintf(out, "# it will be overwritten on exit by nsd.\n");
fprintf(out, "\n");
fprintf(out, "filetime: %lld\t# %s\n", (long long)now, ctime(&now));
fprintf(out, "# The number of zone entries in this file\n");
fprintf(out, "numzones: %d\n", (int)xfrd->zones->count);
fprintf(out, "\n");
for(p = rbtree_first(xfrd->zones); p && p!=RBTREE_NULL; p=rbtree_next(p))
{
xfrd_zone_t* zone = (xfrd_zone_t*)p;
fprintf(out, "zone: \tname: %s\n", zone->apex_str);
fprintf(out, "\tstate: %d", (int)zone->state);
fprintf(out, " # %s", zone->state==xfrd_zone_ok?"OK":(
zone->state==xfrd_zone_refreshing?"refreshing":"expired"));
fprintf(out, "\n");
fprintf(out, "\tmaster: %d\n", zone->master_num);
fprintf(out, "\tnext_master: %d\n", zone->next_master);
fprintf(out, "\tround_num: %d\n", zone->round_num);
fprintf(out, "\tnext_timeout: %d",
(zone->zone_handler_flags&EV_TIMEOUT)?(int)zone->timeout.tv_sec:0);
if((zone->zone_handler_flags&EV_TIMEOUT)) {
neato_timeout(out, "\t# =", zone->timeout.tv_sec);
}
fprintf(out, "\n");
xfrd_write_state_soa(out, "soa_nsd", &zone->soa_nsd,
zone->soa_nsd_acquired, zone->apex);
xfrd_write_state_soa(out, "soa_disk", &zone->soa_disk,
zone->soa_disk_acquired, zone->apex);
xfrd_write_state_soa(out, "soa_notify", &zone->soa_notified,
zone->soa_notified_acquired, zone->apex);
fprintf(out, "\n");
}
fprintf(out, "%s\n", XFRD_FILE_MAGIC);
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: written %d zones to state file",
(int)xfrd->zones->count));
fclose(out);
}
/* parse the received packet. returns xfrd packet result code. */
static enum xfrd_packet_result
xfrd_parse_received_xfr_packet(xfrd_zone_t* zone, buffer_type* packet,
xfrd_soa_t* soa)
{
size_t rr_count;
size_t qdcount = QDCOUNT(packet);
size_t ancount = ANCOUNT(packet), ancount_todo;
int done = 0;
/* has to be axfr / ixfr reply */
if(!buffer_available(packet, QHEADERSZ)) {
log_msg(LOG_INFO, "packet too small");
return xfrd_packet_bad;
}
/* only check ID in first response message. Could also check that
* AA bit and QR bit are set, but not needed.
*/
DEBUG(DEBUG_XFRD,2, (LOG_INFO,
"got query with ID %d and %d needed", ID(packet), zone->query_id));
if(ID(packet) != zone->query_id) {
log_msg(LOG_ERR, "xfrd: zone %s received bad query id from %s, "
"dropped",
zone->apex_str, zone->master->ip_address_spec);
return xfrd_packet_bad;
}
/* check RCODE in all response messages */
if(RCODE(packet) != RCODE_OK) {
log_msg(LOG_ERR, "xfrd: zone %s received error code %s from "
"%s",
zone->apex_str, rcode2str(RCODE(packet)),
zone->master->ip_address_spec);
if (RCODE(packet) == RCODE_IMPL ||
RCODE(packet) == RCODE_FORMAT) {
return xfrd_packet_notimpl;
}
return xfrd_packet_bad;
}
/* check TSIG */
if(zone->master->key_options) {
if(!xfrd_xfr_process_tsig(zone, packet)) {
DEBUG(DEBUG_XFRD,1, (LOG_ERR, "dropping xfr reply due "
"to bad TSIG"));
return xfrd_packet_bad;
}
}
buffer_skip(packet, QHEADERSZ);
/* skip question section */
for(rr_count = 0; rr_count < qdcount; ++rr_count) {
if (!packet_skip_rr(packet, 1)) {
log_msg(LOG_ERR, "xfrd: zone %s, from %s: bad RR in "
"question section",
zone->apex_str, zone->master->ip_address_spec);
return xfrd_packet_bad;
}
}
if(zone->msg_rr_count == 0 && ancount == 0) {
if(zone->tcp_conn == -1 && TC(packet)) {
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: TC flagged"));
return xfrd_packet_tcp;
}
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: too short xfr packet: no "
"answer"));
return xfrd_packet_bad;
}
ancount_todo = ancount;
if(zone->msg_rr_count == 0) {
/* parse the first RR, see if it is a SOA */
if(!packet_skip_dname(packet) ||
!xfrd_parse_soa_info(packet, soa))
{
DEBUG(DEBUG_XFRD,1, (LOG_ERR, "xfrd: zone %s, from %s: "
"no SOA begins answer"
" section",
zone->apex_str, zone->master->ip_address_spec));
return xfrd_packet_bad;
}
if(zone->soa_disk_acquired != 0 &&
zone->state != xfrd_zone_expired /* if expired - accept anything */ &&
compare_serial(ntohl(soa->serial), ntohl(zone->soa_disk.serial)) < 0) {
DEBUG(DEBUG_XFRD,1, (LOG_INFO,
"xfrd: zone %s ignoring old serial from %s",
zone->apex_str, zone->master->ip_address_spec));
VERBOSITY(1, (LOG_INFO,
"xfrd: zone %s ignoring old serial from %s",
zone->apex_str, zone->master->ip_address_spec));
return xfrd_packet_bad;
}
if(zone->soa_disk_acquired != 0 && zone->soa_disk.serial == soa->serial) {
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: zone %s got "
"update indicating "
"current serial",
zone->apex_str));
/* (even if notified) the lease on the current soa is renewed */
zone->soa_disk_acquired = xfrd_time();
if(zone->soa_nsd.serial == soa->serial)
zone->soa_nsd_acquired = xfrd_time();
xfrd_set_zone_state(zone, xfrd_zone_ok);
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: zone %s is ok",
zone->apex_str));
if(zone->soa_notified_acquired == 0) {
/* not notified or anything, so stop asking around */
zone->round_num = -1; /* next try start a new round */
xfrd_set_timer_refresh(zone);
return xfrd_packet_newlease;
}
/* try next master */
return xfrd_packet_bad;
}
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "IXFR reply has ok serial (have \
%u, reply %u).", ntohl(zone->soa_disk.serial), ntohl(soa->serial)));
/* serial is newer than soa_disk */
if(ancount == 1) {
/* single record means it is like a notify */
(void)xfrd_handle_incoming_notify(zone, soa);
}
else if(zone->soa_notified_acquired && zone->soa_notified.serial &&
compare_serial(ntohl(zone->soa_notified.serial), ntohl(soa->serial)) < 0) {
/* this AXFR/IXFR notifies me that an even newer serial exists */
zone->soa_notified.serial = soa->serial;
}
zone->msg_new_serial = ntohl(soa->serial);
zone->msg_rr_count = 1;
zone->msg_is_ixfr = 0;
if(zone->soa_disk_acquired)
zone->msg_old_serial = ntohl(zone->soa_disk.serial);
else zone->msg_old_serial = 0;
ancount_todo = ancount - 1;
}
if(zone->tcp_conn == -1 && TC(packet)) {
DEBUG(DEBUG_XFRD,1, (LOG_INFO,
"xfrd: zone %s received TC from %s. retry tcp.",
zone->apex_str, zone->master->ip_address_spec));
return xfrd_packet_tcp;
}
if(zone->tcp_conn == -1 && ancount < 2) {
/* too short to be a real ixfr/axfr data transfer: need at */
/* least two RRs in the answer section. */
/* The serial is newer, so try tcp to this master. */
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: udp reply is short. Try "
"tcp anyway."));
return xfrd_packet_tcp;
}
if(!xfrd_xfr_check_rrs(zone, packet, ancount_todo, &done, soa))
{
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: zone %s sent bad xfr "
"reply.", zone->apex_str));
return xfrd_packet_bad;
}
if(zone->tcp_conn == -1 && done == 0) {
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: udp reply incomplete"));
return xfrd_packet_bad;
}
if(done == 0)
return xfrd_packet_more;
if(zone->master->key_options) {
if(zone->tsig.updates_since_last_prepare != 0) {
log_msg(LOG_INFO, "xfrd: last packet of reply has no "
"TSIG");
return xfrd_packet_bad;
}
}
return xfrd_packet_transfer;
}