/*% The main processing routine */ int main(int argc, char **argv) { int c; cfg_parser_t *parser = NULL; cfg_obj_t *config = NULL; const char *conffile = NULL; isc_mem_t *mctx = NULL; isc_result_t result; int exit_status = 0; isc_entropy_t *ectx = NULL; isc_boolean_t load_zones = ISC_FALSE; isc_commandline_errprint = ISC_FALSE; while ((c = isc_commandline_parse(argc, argv, "dhjt:vz")) != EOF) { switch (c) { case 'd': debug++; break; case 'j': nomerge = ISC_FALSE; break; case 't': result = isc_dir_chroot(isc_commandline_argument); if (result != ISC_R_SUCCESS) { fprintf(stderr, "isc_dir_chroot: %s\n", isc_result_totext(result)); exit(1); } result = isc_dir_chdir("/"); if (result != ISC_R_SUCCESS) { fprintf(stderr, "isc_dir_chdir: %s\n", isc_result_totext(result)); exit(1); } break; case 'v': printf(VERSION "\n"); exit(0); case 'z': load_zones = ISC_TRUE; docheckmx = ISC_FALSE; docheckns = ISC_FALSE; dochecksrv = ISC_FALSE; break; case '?': if (isc_commandline_option != '?') fprintf(stderr, "%s: invalid argument -%c\n", program, isc_commandline_option); case 'h': usage(); default: fprintf(stderr, "%s: unhandled option -%c\n", program, isc_commandline_option); exit(1); } } if (isc_commandline_index + 1 < argc) usage(); if (argv[isc_commandline_index] != NULL) conffile = argv[isc_commandline_index]; if (conffile == NULL || conffile[0] == '\0') conffile = NAMED_CONFFILE; RUNTIME_CHECK(isc_mem_create(0, 0, &mctx) == ISC_R_SUCCESS); RUNTIME_CHECK(setup_logging(mctx, stdout, &logc) == ISC_R_SUCCESS); RUNTIME_CHECK(isc_entropy_create(mctx, &ectx) == ISC_R_SUCCESS); RUNTIME_CHECK(isc_hash_create(mctx, ectx, DNS_NAME_MAXWIRE) == ISC_R_SUCCESS); dns_result_register(); RUNTIME_CHECK(cfg_parser_create(mctx, logc, &parser) == ISC_R_SUCCESS); cfg_parser_setcallback(parser, directory_callback, NULL); if (cfg_parse_file(parser, conffile, &cfg_type_namedconf, &config) != ISC_R_SUCCESS) exit(1); result = bind9_check_namedconf(config, logc, mctx); if (result != ISC_R_SUCCESS) exit_status = 1; if (result == ISC_R_SUCCESS && load_zones) { result = load_zones_fromconfig(config, mctx); if (result != ISC_R_SUCCESS) exit_status = 1; } cfg_obj_destroy(parser, &config); cfg_parser_destroy(&parser); dns_name_destroy(); isc_log_destroy(&logc); isc_hash_destroy(); isc_entropy_detach(&ectx); isc_mem_destroy(&mctx); return (exit_status); }
int main(int argc, char *argv[]) { isc_mem_t *mctx; isc_boolean_t verbose = ISC_FALSE; unsigned int workers = 2; isc_taskmgr_t *taskmgr; isc_task_t *task; isc_timermgr_t *timermgr; dns_view_t *view; int ch; isc_socketmgr_t *socketmgr; dns_dispatchmgr_t *dispatchmgr; isc_netaddr_t na; dns_byaddr_t *byaddr; isc_result_t result; unsigned int options = 0; dns_cache_t *cache; RUNTIME_CHECK(isc_app_start() == ISC_R_SUCCESS); dns_result_register(); mctx = NULL; RUNTIME_CHECK(isc_mem_create(0, 0, &mctx) == ISC_R_SUCCESS); while ((ch = isc_commandline_parse(argc, argv, "nvw:")) != -1) { switch (ch) { case 'n': /* * We only try nibbles, so do nothing for this option. */ break; case 'v': verbose = ISC_TRUE; break; case 'w': workers = (unsigned int)atoi(isc_commandline_argument); break; } } if (verbose) { printf("%u workers\n", workers); printf("IPv4: %s\n", isc_result_totext(isc_net_probeipv4())); printf("IPv6: %s\n", isc_result_totext(isc_net_probeipv6())); } taskmgr = NULL; RUNTIME_CHECK(isc_taskmgr_create(mctx, workers, 0, &taskmgr) == ISC_R_SUCCESS); task = NULL; RUNTIME_CHECK(isc_task_create(taskmgr, 0, &task) == ISC_R_SUCCESS); isc_task_setname(task, "byaddr", NULL); dispatchmgr = NULL; RUNTIME_CHECK(dns_dispatchmgr_create(mctx, NULL, &dispatchmgr) == ISC_R_SUCCESS); timermgr = NULL; RUNTIME_CHECK(isc_timermgr_create(mctx, &timermgr) == ISC_R_SUCCESS); socketmgr = NULL; RUNTIME_CHECK(isc_socketmgr_create(mctx, &socketmgr) == ISC_R_SUCCESS); cache = NULL; RUNTIME_CHECK(dns_cache_create(mctx, taskmgr, timermgr, dns_rdataclass_in, "rbt", 0, NULL, &cache) == ISC_R_SUCCESS); view = NULL; RUNTIME_CHECK(dns_view_create(mctx, dns_rdataclass_in, "default", &view) == ISC_R_SUCCESS); { unsigned int attrs; dns_dispatch_t *disp4 = NULL; dns_dispatch_t *disp6 = NULL; if (isc_net_probeipv4() == ISC_R_SUCCESS) { isc_sockaddr_t any4; isc_sockaddr_any(&any4); attrs = DNS_DISPATCHATTR_IPV4 | DNS_DISPATCHATTR_UDP; RUNTIME_CHECK(dns_dispatch_getudp(dispatchmgr, socketmgr, taskmgr, &any4, 512, 6, 1024, 17, 19, attrs, attrs, &disp4) == ISC_R_SUCCESS); INSIST(disp4 != NULL); } if (isc_net_probeipv6() == ISC_R_SUCCESS) { isc_sockaddr_t any6; isc_sockaddr_any6(&any6); attrs = DNS_DISPATCHATTR_IPV6 | DNS_DISPATCHATTR_UDP; RUNTIME_CHECK(dns_dispatch_getudp(dispatchmgr, socketmgr, taskmgr, &any6, 512, 6, 1024, 17, 19, attrs, attrs, &disp6) == ISC_R_SUCCESS); INSIST(disp6 != NULL); } RUNTIME_CHECK(dns_view_createresolver(view, taskmgr, 10, 1, socketmgr, timermgr, 0, dispatchmgr, disp4, disp6) == ISC_R_SUCCESS); if (disp4 != NULL) dns_dispatch_detach(&disp4); if (disp6 != NULL) dns_dispatch_detach(&disp6); } { struct in_addr ina; isc_sockaddr_t sa; isc_sockaddrlist_t sal; ISC_LIST_INIT(sal); ina.s_addr = inet_addr("127.0.0.1"); isc_sockaddr_fromin(&sa, &ina, 53); ISC_LIST_APPEND(sal, &sa, link); RUNTIME_CHECK(dns_fwdtable_add(view->fwdtable, dns_rootname, &sal, dns_fwdpolicy_only) == ISC_R_SUCCESS); } dns_view_setcache(view, cache); dns_view_freeze(view); dns_cache_detach(&cache); printf("address = %s\n", argv[isc_commandline_index]); na.family = AF_INET; if (inet_pton(AF_INET, argv[isc_commandline_index], (char *)&na.type.in) != 1) { na.family = AF_INET6; if (inet_pton(AF_INET6, argv[isc_commandline_index], (char *)&na.type.in6) != 1) { printf("unknown address format\n"); exit(1); } } result = dns_byaddr_create(mctx, &na, view, options, task, done, NULL, &byaddr); if (result != ISC_R_SUCCESS) { printf("dns_byaddr_create() returned %s\n", isc_result_totext(result)); RUNTIME_CHECK(0); } (void)isc_app_run(); /* * XXXRTH if we get a control-C before we get to isc_app_run(), * we're in trouble (because we might try to destroy things before * they've been created. */ dns_view_detach(&view); isc_task_shutdown(task); isc_task_detach(&task); dns_dispatchmgr_destroy(&dispatchmgr); isc_taskmgr_destroy(&taskmgr); isc_socketmgr_destroy(&socketmgr); isc_timermgr_destroy(&timermgr); if (verbose) isc_mem_stats(mctx, stdout); isc_mem_destroy(&mctx); isc_app_finish(); return (0); }
static void init_lock(void) { RUNTIME_CHECK(isc_mutex_init(&isc_strerror_lock) == ISC_R_SUCCESS); }
static void initialize(void) { dst_lib_initmsgcat(); RUNTIME_CHECK(isc_once_do(&once, initialize_action) == ISC_R_SUCCESS); }
static void create_view(void) { dns_cache_t *cache; isc_result_t result; /* * View. */ view = NULL; result = dns_view_create(mctx, dns_rdataclass_in, "_default", &view); check_result(result, "dns_view_create"); /* * Cache. */ cache = NULL; result = dns_cache_create(mctx, taskmgr, timermgr, dns_rdataclass_in, "rbt", 0, NULL, &cache); check_result(result, "dns_cache_create"); dns_view_setcache(view, cache); dns_cache_detach(&cache); { unsigned int attrs; isc_sockaddr_t any4, any6; dns_dispatch_t *disp4 = NULL; dns_dispatch_t *disp6 = NULL; isc_sockaddr_any(&any4); isc_sockaddr_any6(&any6); attrs = DNS_DISPATCHATTR_IPV4 | DNS_DISPATCHATTR_UDP; RUNTIME_CHECK(dns_dispatch_getudp(dispatchmgr, socketmgr, taskmgr, &any4, 512, 6, 1024, 17, 19, attrs, attrs, &disp4) == ISC_R_SUCCESS); INSIST(disp4 != NULL); attrs = DNS_DISPATCHATTR_IPV6 | DNS_DISPATCHATTR_UDP; RUNTIME_CHECK(dns_dispatch_getudp(dispatchmgr, socketmgr, taskmgr, &any6, 512, 6, 1024, 17, 19, attrs, attrs, &disp6) == ISC_R_SUCCESS); INSIST(disp6 != NULL); RUNTIME_CHECK(dns_view_createresolver(view, taskmgr, 10, 1, socketmgr, timermgr, 0, dispatchmgr, disp4, disp6) == ISC_R_SUCCESS); } rootdb = NULL; result = dns_rootns_create(mctx, dns_rdataclass_in, NULL, &rootdb); check_result(result, "dns_rootns_create()"); dns_view_sethints(view, rootdb); dns_db_detach(&rootdb); dns_view_freeze(view); }
int main(int argc, char *argv[]) { isc_taskmgr_t *manager = NULL; isc_timermgr_t *timgr = NULL; unsigned int workers; isc_time_t expires, now; isc_interval_t interval; if (argc > 1) workers = atoi(argv[1]); else workers = 2; printf("%d workers\n", workers); RUNTIME_CHECK(isc_mem_create(0, 0, &mctx1) == ISC_R_SUCCESS); RUNTIME_CHECK(isc_taskmgr_create(mctx1, workers, 0, &manager) == ISC_R_SUCCESS); RUNTIME_CHECK(isc_timermgr_create(mctx1, &timgr) == ISC_R_SUCCESS); RUNTIME_CHECK(isc_task_create(manager, 0, &t1) == ISC_R_SUCCESS); RUNTIME_CHECK(isc_task_create(manager, 0, &t2) == ISC_R_SUCCESS); RUNTIME_CHECK(isc_task_create(manager, 0, &t3) == ISC_R_SUCCESS); RUNTIME_CHECK(isc_task_onshutdown(t1, shutdown_task, "1") == ISC_R_SUCCESS); RUNTIME_CHECK(isc_task_onshutdown(t2, shutdown_task, "2") == ISC_R_SUCCESS); RUNTIME_CHECK(isc_task_onshutdown(t3, shutdown_task, "3") == ISC_R_SUCCESS); printf("task 1: %p\n", t1); printf("task 2: %p\n", t2); printf("task 3: %p\n", t3); TIME_NOW(&now); isc_interval_set(&interval, 2, 0); RUNTIME_CHECK(isc_timer_create(timgr, isc_timertype_once, NULL, &interval, t2, timeout, "2", &ti2) == ISC_R_SUCCESS); isc_interval_set(&interval, 1, 0); RUNTIME_CHECK(isc_timer_create(timgr, isc_timertype_ticker, NULL, &interval, t1, tick, "1", &ti1) == ISC_R_SUCCESS); isc_interval_set(&interval, 10, 0); RUNTIME_CHECK(isc_time_add(&now, &interval, &expires) == ISC_R_SUCCESS); isc_interval_set(&interval, 2, 0); RUNTIME_CHECK(isc_timer_create(timgr, isc_timertype_once, &expires, &interval, t3, timeout, "3", &ti3) == ISC_R_SUCCESS); isc_task_detach(&t1); isc_task_detach(&t2); isc_task_detach(&t3); sleep(15); printf("destroy\n"); isc_timer_detach(&ti1); isc_timer_detach(&ti2); isc_timer_detach(&ti3); sleep(2); isc_timermgr_destroy(&timgr); isc_taskmgr_destroy(&manager); printf("destroyed\n"); printf("Statistics for mctx1:\n"); isc_mem_stats(mctx1, stdout); isc_mem_destroy(&mctx1); return (0); }
int main(int argc, char *argv[]) { char *rp, *wp; unsigned char *bp; isc_buffer_t source; size_t len, i; int n; FILE *f; isc_boolean_t need_close = ISC_FALSE; unsigned char b[64 * 1024]; char s[4000]; isc_boolean_t tcp = ISC_FALSE; int ch; mctx = NULL; RUNTIME_CHECK(isc_mem_create(0, 0, &mctx) == ISC_R_SUCCESS); while ((ch = isc_commandline_parse(argc, argv, "pbsrt")) != -1) { switch (ch) { case 'p': parseflags |= DNS_MESSAGEPARSE_PRESERVEORDER; break; case 'b': parseflags |= DNS_MESSAGEPARSE_BESTEFFORT; break; case 's': printmemstats = ISC_TRUE; break; case 'r': dorender = ISC_TRUE; break; case 't': tcp = ISC_TRUE; break; default: usage(); exit(1); } } argc -= isc_commandline_index; argv += isc_commandline_index; if (argc > 1) { f = fopen(argv[1], "r"); if (f == NULL) { printf("fopen failed\n"); exit(1); } need_close = ISC_TRUE; } else f = stdin; bp = b; while (fgets(s, sizeof(s), f) != NULL) { rp = s; wp = s; len = 0; while (*rp != '\0') { if (*rp == '#') break; if (*rp != ' ' && *rp != '\t' && *rp != '\r' && *rp != '\n') { *wp++ = *rp; len++; } rp++; } if (len == 0U) break; if (len % 2 != 0U) { printf("bad input format: %lu\n", (unsigned long)len); exit(1); } if (len > sizeof(b) * 2) { printf("input too long\n"); exit(2); } rp = s; for (i = 0; i < len; i += 2) { n = fromhex(*rp++); n *= 16; n += fromhex(*rp++); *bp++ = n; } } if (need_close) fclose(f); if (tcp) { unsigned char *p = b; while (p < bp) { unsigned int len; if (p + 2 > bp) { printf("premature end of packet\n"); exit(1); } len = p[0] << 8 | p[1]; if (p + 2 + len > bp) { printf("premature end of packet\n"); exit(1); } isc_buffer_init(&source, p + 2, len); isc_buffer_add(&source, len); process_message(&source); p += 2 + len; } } else { isc_buffer_init(&source, b, sizeof(b)); isc_buffer_add(&source, bp - b); process_message(&source); } if (printmemstats) isc_mem_stats(mctx, stdout); isc_mem_destroy(&mctx); return (0); }
static void initialize_ipv6only(void) { RUNTIME_CHECK(isc_once_do(&once_ipv6only, try_ipv6only) == ISC_R_SUCCESS); }
static void initialize_ipv6pktinfo(void) { RUNTIME_CHECK(isc_once_do(&once_ipv6pktinfo, try_ipv6pktinfo) == ISC_R_SUCCESS); }
static void isc_httpd_recvdone(isc_task_t *task, isc_event_t *ev) { isc_region_t r; isc_result_t result; isc_httpd_t *httpd = ev->ev_arg; isc_socketevent_t *sev = (isc_socketevent_t *)ev; isc_httpdurl_t *url; isc_time_t now; char datebuf[32]; /* Only need 30, but safety first */ ENTER("recv"); INSIST(ISC_HTTPD_ISRECV(httpd)); if (sev->result != ISC_R_SUCCESS) { NOTICE("recv destroying client"); destroy_client(&httpd); goto out; } result = process_request(httpd, sev->n); if (result == ISC_R_NOTFOUND) { if (httpd->recvlen >= HTTP_RECVLEN - 1) { destroy_client(&httpd); goto out; } r.base = (unsigned char *)httpd->recvbuf + httpd->recvlen; r.length = HTTP_RECVLEN - httpd->recvlen - 1; /* check return code? */ (void)isc_socket_recv(httpd->sock, &r, 1, task, isc_httpd_recvdone, httpd); goto out; } else if (result != ISC_R_SUCCESS) { destroy_client(&httpd); goto out; } ISC_HTTPD_SETSEND(httpd); /* * XXXMLG Call function here. Provide an add-header function * which will append the common headers to a response we generate. */ isc_buffer_initnull(&httpd->bodybuffer); isc_time_now(&now); isc_time_formathttptimestamp(&now, datebuf, sizeof(datebuf)); url = ISC_LIST_HEAD(httpd->mgr->urls); while (url != NULL) { if (strcmp(httpd->url, url->url) == 0) break; url = ISC_LIST_NEXT(url, link); } if (url == NULL) result = httpd->mgr->render_404(httpd->url, httpd->querystring, NULL, &httpd->retcode, &httpd->retmsg, &httpd->mimetype, &httpd->bodybuffer, &httpd->freecb, &httpd->freecb_arg); else result = url->action(httpd->url, httpd->querystring, url->action_arg, &httpd->retcode, &httpd->retmsg, &httpd->mimetype, &httpd->bodybuffer, &httpd->freecb, &httpd->freecb_arg); if (result != ISC_R_SUCCESS) { result = httpd->mgr->render_500(httpd->url, httpd->querystring, NULL, &httpd->retcode, &httpd->retmsg, &httpd->mimetype, &httpd->bodybuffer, &httpd->freecb, &httpd->freecb_arg); RUNTIME_CHECK(result == ISC_R_SUCCESS); } isc_httpd_response(httpd); isc_httpd_addheader(httpd, "Content-Type", httpd->mimetype); isc_httpd_addheader(httpd, "Date", datebuf); isc_httpd_addheader(httpd, "Expires", datebuf); isc_httpd_addheader(httpd, "Last-Modified", datebuf); isc_httpd_addheader(httpd, "Pragma: no-cache", NULL); isc_httpd_addheader(httpd, "Cache-Control: no-cache", NULL); isc_httpd_addheader(httpd, "Server: libisc", NULL); isc_httpd_addheaderuint(httpd, "Content-Length", isc_buffer_usedlength(&httpd->bodybuffer)); isc_httpd_endheaders(httpd); /* done */ ISC_LIST_APPEND(httpd->bufflist, &httpd->headerbuffer, link); /* * Link the data buffer into our send queue, should we have any data * rendered into it. If no data is present, we won't do anything * with the buffer. */ if (isc_buffer_length(&httpd->bodybuffer) > 0) ISC_LIST_APPEND(httpd->bufflist, &httpd->bodybuffer, link); /* check return code? */ (void)isc_socket_sendv(httpd->sock, &httpd->bufflist, task, isc_httpd_senddone, httpd); out: isc_event_free(&ev); EXIT("recv"); }
static void choose_slots(void) { CK_MECHANISM_INFO mechInfo; CK_TOKEN_INFO tokenInfo; CK_RV rv; CK_SLOT_ID slot; CK_SLOT_ID_PTR slotList; CK_ULONG slotCount; pk11_token_t *token; unsigned int i; slotCount = 0; PK11_FATALCHECK(pkcs_C_GetSlotList, (CK_FALSE, NULL_PTR, &slotCount)); /* it's not an error if we didn't find any providers */ if (slotCount == 0) return; slotList = pk11_mem_get(sizeof(CK_SLOT_ID_PTR) * slotCount); RUNTIME_CHECK(slotList != NULL); PK11_FATALCHECK(pkcs_C_GetSlotList, (CK_FALSE, slotList, &slotCount)); for (i = 0; i < slotCount; i++) { slot = slotList[i]; rv = pkcs_C_GetTokenInfo(slot, &tokenInfo); if (rv != CKR_OK) continue; token = pk11_mem_get(sizeof(*token)); RUNTIME_CHECK(token != NULL); token->magic = TOK_MAGIC; token->slotid = slot; ISC_LINK_INIT(token, link); ISC_LIST_INIT(token->sessions); memmove(token->name, tokenInfo.label, 32); memmove(token->manuf, tokenInfo.manufacturerID, 32); memmove(token->model, tokenInfo.model, 16); memmove(token->serial, tokenInfo.serialNumber, 16); ISC_LIST_APPEND(tokens, token, link); if ((tokenInfo.flags & CKF_RNG) == 0) goto try_rsa; token->operations |= 1 << OP_RAND; if (rand_token == NULL) rand_token = token; try_rsa: rv = pkcs_C_GetMechanismInfo(slot, CKM_RSA_PKCS_KEY_PAIR_GEN, &mechInfo); if ((rv != CKR_OK) || ((mechInfo.flags & CKF_GENERATE_KEY_PAIR) == 0)) goto try_dsa; rv = pkcs_C_GetMechanismInfo(slot, CKM_MD5_RSA_PKCS, &mechInfo); if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0) || ((mechInfo.flags & CKF_VERIFY) == 0)) goto try_dsa; rv = pkcs_C_GetMechanismInfo(slot, CKM_SHA1_RSA_PKCS, &mechInfo); if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0) || ((mechInfo.flags & CKF_VERIFY) == 0)) goto try_dsa; rv = pkcs_C_GetMechanismInfo(slot, CKM_SHA256_RSA_PKCS, &mechInfo); if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0) || ((mechInfo.flags & CKF_VERIFY) == 0)) goto try_dsa; rv = pkcs_C_GetMechanismInfo(slot, CKM_SHA512_RSA_PKCS, &mechInfo); if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0) || ((mechInfo.flags & CKF_VERIFY) == 0)) goto try_dsa; token->operations |= 1 << OP_RSA; if (best_rsa_token == NULL) best_rsa_token = token; try_dsa: rv = pkcs_C_GetMechanismInfo(slot, CKM_DSA_PARAMETER_GEN, &mechInfo); if ((rv != CKR_OK) || ((mechInfo.flags & CKF_GENERATE) == 0)) goto try_dh; rv = pkcs_C_GetMechanismInfo(slot, CKM_DSA_KEY_PAIR_GEN, &mechInfo); if ((rv != CKR_OK) || ((mechInfo.flags & CKF_GENERATE_KEY_PAIR) == 0)) goto try_dh; rv = pkcs_C_GetMechanismInfo(slot, CKM_DSA_SHA1, &mechInfo); if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0) || ((mechInfo.flags & CKF_VERIFY) == 0)) goto try_dh; token->operations |= 1 << OP_DSA; if (best_dsa_token == NULL) best_dsa_token = token; try_dh: #ifdef notdef rv = pkcs_C_GetMechanismInfo(slot, CKM_DH_PKCS_PARAMETER_GEN, &mechInfo); if ((rv != CKR_OK) || ((mechInfo.flags & CKF_GENERATE) == 0)) goto try_digest; #endif rv = pkcs_C_GetMechanismInfo(slot, CKM_DH_PKCS_KEY_PAIR_GEN, &mechInfo); if ((rv != CKR_OK) || ((mechInfo.flags & CKF_GENERATE_KEY_PAIR) == 0)) goto try_digest; rv = pkcs_C_GetMechanismInfo(slot, CKM_DH_PKCS_DERIVE, &mechInfo); if ((rv != CKR_OK) || ((mechInfo.flags & CKF_DERIVE) == 0)) goto try_digest; token->operations |= 1 << OP_DH; if (best_dh_token == NULL) best_dh_token = token; try_digest: rv = pkcs_C_GetMechanismInfo(slot, CKM_MD5, &mechInfo); if ((rv != CKR_OK) || ((mechInfo.flags & CKF_DIGEST) == 0)) continue; rv = pkcs_C_GetMechanismInfo(slot, CKM_SHA_1, &mechInfo); if ((rv != CKR_OK) || ((mechInfo.flags & CKF_DIGEST) == 0)) continue; rv = pkcs_C_GetMechanismInfo(slot, CKM_SHA224, &mechInfo); if ((rv != CKR_OK) || ((mechInfo.flags & CKF_DIGEST) == 0)) continue; rv = pkcs_C_GetMechanismInfo(slot, CKM_SHA256, &mechInfo); if ((rv != CKR_OK) || ((mechInfo.flags & CKF_DIGEST) == 0)) continue; rv = pkcs_C_GetMechanismInfo(slot, CKM_SHA384, &mechInfo); if ((rv != CKR_OK) || ((mechInfo.flags & CKF_DIGEST) == 0)) continue; rv = pkcs_C_GetMechanismInfo(slot, CKM_SHA512, &mechInfo); if ((rv != CKR_OK) || ((mechInfo.flags & CKF_DIGEST) == 0)) continue; #ifdef PKCS11CRYPTOWITHHMAC rv = pkcs_C_GetMechanismInfo(slot, CKM_MD5_HMAC, &mechInfo); if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0)) continue; #endif rv = pkcs_C_GetMechanismInfo(slot, CKM_SHA_1_HMAC, &mechInfo); if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0)) continue; rv = pkcs_C_GetMechanismInfo(slot, CKM_SHA224_HMAC, &mechInfo); if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0)) continue; rv = pkcs_C_GetMechanismInfo(slot, CKM_SHA256_HMAC, &mechInfo); if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0)) continue; rv = pkcs_C_GetMechanismInfo(slot, CKM_SHA384_HMAC, &mechInfo); if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0)) continue; rv = pkcs_C_GetMechanismInfo(slot, CKM_SHA512_HMAC, &mechInfo); if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0)) continue; token->operations |= 1 << OP_DIGEST; if (digest_token == NULL) digest_token = token; /* ECDSA requires digest */ rv = pkcs_C_GetMechanismInfo(slot, CKM_EC_KEY_PAIR_GEN, &mechInfo); if ((rv != CKR_OK) || ((mechInfo.flags & CKF_GENERATE_KEY_PAIR) == 0)) goto try_gost; rv = pkcs_C_GetMechanismInfo(slot, CKM_ECDSA, &mechInfo); if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0) || ((mechInfo.flags & CKF_VERIFY) == 0)) goto try_gost; token->operations |= 1 << OP_EC; if (best_ec_token == NULL) best_ec_token = token; try_gost: /* does GOST require digest too? */ rv = pkcs_C_GetMechanismInfo(slot, CKM_GOSTR3411, &mechInfo); if ((rv != CKR_OK) || ((mechInfo.flags & CKF_DIGEST) == 0)) continue; rv = pkcs_C_GetMechanismInfo(slot, CKM_GOSTR3410_KEY_PAIR_GEN, &mechInfo); if ((rv != CKR_OK) || ((mechInfo.flags & CKF_GENERATE_KEY_PAIR) == 0)) continue; rv = pkcs_C_GetMechanismInfo(slot, CKM_GOSTR3410_WITH_GOSTR3411, &mechInfo); if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0) || ((mechInfo.flags & CKF_VERIFY) == 0)) continue; token->operations |= 1 << OP_GOST; if (best_gost_token == NULL) best_gost_token = token; } if (slotList != NULL) pk11_mem_put(slotList, sizeof(CK_SLOT_ID_PTR) * slotCount); }
int main(int argc, char *argv[]) { isc_token_t token; isc_result_t result; int c; unsigned int options = 0; dns_rdatatype_t rdtype; dns_rdataclass_t rdclass; char text[256*1024]; char data[64*1024]; isc_buffer_t tbuf; isc_buffer_t dbuf; dns_rdata_t rdata = DNS_RDATA_INIT; isc_boolean_t doexit = ISC_FALSE; isc_boolean_t once = ISC_FALSE; isc_boolean_t print = ISC_FALSE; isc_boolean_t unknown = ISC_FALSE; unsigned int t; char *origin = NULL; dns_fixedname_t fixed; dns_name_t *name = NULL; while ((c = isc_commandline_parse(argc, argv, "ho:puCPT")) != -1) { switch (c) { case '?': case 'h': if (isc_commandline_option != '?' && isc_commandline_option != 'h') fprintf(stderr, "%s: invalid argument -%c\n", argv[0], isc_commandline_option); usage(); exit(1); case 'o': origin = isc_commandline_argument; break; case 'p': print = ISC_TRUE; break; case 'u': unknown = ISC_TRUE; break; case 'C': for (t = 1; t <= 0xfeffu; t++) { if (dns_rdataclass_ismeta(t)) continue; dns_rdataclass_format(t, text, sizeof(text)); if (strncmp(text, "CLASS", 4) != 0) fprintf(stdout, "%s\n", text); } exit(0); case 'P': for (t = 0xff00; t <= 0xfffeu; t++) { if (dns_rdatatype_ismeta(t)) continue; dns_rdatatype_format(t, text, sizeof(text)); if (strncmp(text, "TYPE", 4) != 0) fprintf(stdout, "%s\n", text); } doexit = ISC_TRUE; break; case 'T': for (t = 1; t <= 0xfeffu; t++) { if (dns_rdatatype_ismeta(t)) continue; dns_rdatatype_format(t, text, sizeof(text)); if (strncmp(text, "TYPE", 4) != 0) fprintf(stdout, "%s\n", text); } doexit = ISC_TRUE; break; } } if (doexit) exit(0); RUNTIME_CHECK(isc_mem_create(0, 0, &mctx) == ISC_R_SUCCESS); RUNTIME_CHECK(isc_lex_create(mctx, 256, &lex) == ISC_R_SUCCESS); /* * Set up to lex DNS master file. */ specials['('] = 1; specials[')'] = 1; specials['"'] = 1; isc_lex_setspecials(lex, specials); options = ISC_LEXOPT_EOL; isc_lex_setcomments(lex, ISC_LEXCOMMENT_DNSMASTERFILE); RUNTIME_CHECK(isc_lex_openstream(lex, stdin) == ISC_R_SUCCESS); if (origin != NULL) { dns_fixedname_init(&fixed); name = dns_fixedname_name(&fixed); result = dns_name_fromstring(name, origin, 0, NULL); if (result != ISC_R_SUCCESS) { fprintf(stderr, "dns_name_fromstring: %s\n", dns_result_totext(result)); fflush(stderr); exit(1); } } while ((result = isc_lex_gettoken(lex, options | ISC_LEXOPT_NUMBER, &token)) == ISC_R_SUCCESS) { if (token.type == isc_tokentype_eof) break; if (token.type == isc_tokentype_eol) continue; if (once) { fprintf(stderr, "extra data\n"); exit(1); } /* * Get class. */ if (token.type == isc_tokentype_number) { rdclass = (dns_rdataclass_t) token.value.as_ulong; if (token.value.as_ulong > 0xffffu) { fprintf(stderr, "class value too big %lu\n", token.value.as_ulong); fflush(stderr); exit(1); } if (dns_rdataclass_ismeta(rdclass)) { fprintf(stderr, "class %lu is a meta value\n", token.value.as_ulong); fflush(stderr); exit(1); } } else if (token.type == isc_tokentype_string) { result = dns_rdataclass_fromtext(&rdclass, &token.value.as_textregion); if (result != ISC_R_SUCCESS) { fprintf(stderr, "dns_rdataclass_fromtext: %s\n", dns_result_totext(result)); fflush(stderr); exit(1); } if (dns_rdataclass_ismeta(rdclass)) { fprintf(stderr, "class %.*s(%d) is a meta value\n", (int)token.value.as_textregion.length, token.value.as_textregion.base, rdclass); fflush(stderr); exit(1); } } else { fprintf(stderr, "unexpected token %u\n", token.type); exit(1); } result = isc_lex_gettoken(lex, options | ISC_LEXOPT_NUMBER, &token); if (result != ISC_R_SUCCESS) break; if (token.type == isc_tokentype_eol) continue; if (token.type == isc_tokentype_eof) break; /* * Get type. */ if (token.type == isc_tokentype_number) { rdtype = (dns_rdatatype_t) token.value.as_ulong; if (token.value.as_ulong > 0xffffu) { fprintf(stderr, "type value too big %lu\n", token.value.as_ulong); exit(1); } if (dns_rdatatype_ismeta(rdtype)) { fprintf(stderr, "type %lu is a meta value\n", token.value.as_ulong); fflush(stderr); exit(1); } } else if (token.type == isc_tokentype_string) { result = dns_rdatatype_fromtext(&rdtype, &token.value.as_textregion); if (result != ISC_R_SUCCESS) { fprintf(stdout, "dns_rdatatype_fromtext: %s\n", dns_result_totext(result)); fflush(stdout); exit(1); } if (dns_rdatatype_ismeta(rdtype)) { fprintf(stderr, "type %.*s(%d) is a meta value\n", (int)token.value.as_textregion.length, token.value.as_textregion.base, rdtype); fflush(stderr); exit(1); } } else { fprintf(stderr, "unexpected token %u\n", token.type); exit(1); } isc_buffer_init(&dbuf, data, sizeof(data)); result = dns_rdata_fromtext(&rdata, rdclass, rdtype, lex, name, 0, mctx, &dbuf, NULL); if (result != ISC_R_SUCCESS) { fprintf(stderr, "dns_rdata_fromtext: %s\n", dns_result_totext(result)); fflush(stderr); exit(1); } once = ISC_TRUE; } if (result != ISC_R_EOF) { fprintf(stderr, "eof not found\n"); exit(1); } if (!once) { fprintf(stderr, "no records found\n"); exit(1); } if (print) { isc_buffer_init(&tbuf, text, sizeof(text)); result = dns_rdataclass_totext(rdclass, &tbuf); if (result != ISC_R_SUCCESS) { fprintf(stderr, "dns_rdataclass_totext: %s\n", dns_result_totext(result)); fflush(stderr); exit(1); } isc_buffer_putstr(&tbuf, "\t"); result = dns_rdatatype_totext(rdtype, &tbuf); if (result != ISC_R_SUCCESS) { fprintf(stderr, "dns_rdatatype_totext: %s\n", dns_result_totext(result)); fflush(stderr); exit(1); } isc_buffer_putstr(&tbuf, "\t"); result = dns_rdata_totext(&rdata, NULL, &tbuf); if (result != ISC_R_SUCCESS) fprintf(stderr, "dns_rdata_totext: %s\n", dns_result_totext(result)); else fprintf(stdout, "%.*s\n", (int)tbuf.used, (char*)tbuf.base); fflush(stdout); } if (unknown) { fprintf(stdout, "CLASS%u\tTYPE%u\t\\# %u", rdclass, rdtype, rdata.length); if (rdata.length != 0) { unsigned int i; fprintf(stdout, " "); for (i = 0; i < rdata.length; i++) fprintf(stdout, "%02x", rdata.data[i]); } fprintf(stdout, "\n"); } isc_lex_close(lex); isc_lex_destroy(&lex); isc_mem_destroy(&mctx); return (0); }
isc_result_t dns_tsig_sign(dns_message_t *msg) { dns_tsigkey_t *key; dns_rdata_any_tsig_t tsig, querytsig; unsigned char data[128]; isc_buffer_t databuf, sigbuf; isc_buffer_t *dynbuf; dns_name_t *owner; dns_rdata_t *rdata = NULL; dns_rdatalist_t *datalist; dns_rdataset_t *dataset; isc_region_t r; isc_stdtime_t now; isc_mem_t *mctx; dst_context_t *ctx = NULL; isc_result_t ret; unsigned char badtimedata[BADTIMELEN]; unsigned int sigsize = 0; isc_boolean_t response = is_response(msg); REQUIRE(msg != NULL); REQUIRE(VALID_TSIG_KEY(dns_message_gettsigkey(msg))); /* * If this is a response, there should be a query tsig. */ if (response && msg->querytsig == NULL) return (DNS_R_EXPECTEDTSIG); dynbuf = NULL; mctx = msg->mctx; key = dns_message_gettsigkey(msg); tsig.mctx = mctx; tsig.common.rdclass = dns_rdataclass_any; tsig.common.rdtype = dns_rdatatype_tsig; ISC_LINK_INIT(&tsig.common, link); dns_name_init(&tsig.algorithm, NULL); dns_name_clone(key->algorithm, &tsig.algorithm); isc_stdtime_get(&now); tsig.timesigned = now + msg->timeadjust; tsig.fudge = DNS_TSIG_FUDGE; tsig.originalid = msg->id; isc_buffer_init(&databuf, data, sizeof(data)); if (response) tsig.error = msg->querytsigstatus; else tsig.error = dns_rcode_noerror; if (tsig.error != dns_tsigerror_badtime) { tsig.otherlen = 0; tsig.other = NULL; } else { isc_buffer_t otherbuf; tsig.otherlen = BADTIMELEN; tsig.other = badtimedata; isc_buffer_init(&otherbuf, tsig.other, tsig.otherlen); isc_buffer_putuint48(&otherbuf, tsig.timesigned); } if (key->key != NULL && tsig.error != dns_tsigerror_badsig) { unsigned char header[DNS_MESSAGE_HEADERLEN]; isc_buffer_t headerbuf; isc_uint16_t digestbits; ret = dst_context_create(key->key, mctx, &ctx); if (ret != ISC_R_SUCCESS) return (ret); /* * If this is a response, digest the query signature. */ if (response) { dns_rdata_t querytsigrdata = DNS_RDATA_INIT; ret = dns_rdataset_first(msg->querytsig); if (ret != ISC_R_SUCCESS) goto cleanup_context; dns_rdataset_current(msg->querytsig, &querytsigrdata); ret = dns_rdata_tostruct(&querytsigrdata, &querytsig, NULL); if (ret != ISC_R_SUCCESS) goto cleanup_context; isc_buffer_putuint16(&databuf, querytsig.siglen); if (isc_buffer_availablelength(&databuf) < querytsig.siglen) { ret = ISC_R_NOSPACE; goto cleanup_context; } isc_buffer_putmem(&databuf, querytsig.signature, querytsig.siglen); isc_buffer_usedregion(&databuf, &r); ret = dst_context_adddata(ctx, &r); if (ret != ISC_R_SUCCESS) goto cleanup_context; } /* * Digest the header. */ isc_buffer_init(&headerbuf, header, sizeof(header)); dns_message_renderheader(msg, &headerbuf); isc_buffer_usedregion(&headerbuf, &r); ret = dst_context_adddata(ctx, &r); if (ret != ISC_R_SUCCESS) goto cleanup_context; /* * Digest the remainder of the message. */ isc_buffer_usedregion(msg->buffer, &r); isc_region_consume(&r, DNS_MESSAGE_HEADERLEN); ret = dst_context_adddata(ctx, &r); if (ret != ISC_R_SUCCESS) goto cleanup_context; if (msg->tcp_continuation == 0) { /* * Digest the name, class, ttl, alg. */ dns_name_toregion(&key->name, &r); ret = dst_context_adddata(ctx, &r); if (ret != ISC_R_SUCCESS) goto cleanup_context; isc_buffer_clear(&databuf); isc_buffer_putuint16(&databuf, dns_rdataclass_any); isc_buffer_putuint32(&databuf, 0); /* ttl */ isc_buffer_usedregion(&databuf, &r); ret = dst_context_adddata(ctx, &r); if (ret != ISC_R_SUCCESS) goto cleanup_context; dns_name_toregion(&tsig.algorithm, &r); ret = dst_context_adddata(ctx, &r); if (ret != ISC_R_SUCCESS) goto cleanup_context; } /* Digest the timesigned and fudge */ isc_buffer_clear(&databuf); if (tsig.error == dns_tsigerror_badtime) { INSIST(response); tsig.timesigned = querytsig.timesigned; } isc_buffer_putuint48(&databuf, tsig.timesigned); isc_buffer_putuint16(&databuf, tsig.fudge); isc_buffer_usedregion(&databuf, &r); ret = dst_context_adddata(ctx, &r); if (ret != ISC_R_SUCCESS) goto cleanup_context; if (msg->tcp_continuation == 0) { /* * Digest the error and other data length. */ isc_buffer_clear(&databuf); isc_buffer_putuint16(&databuf, tsig.error); isc_buffer_putuint16(&databuf, tsig.otherlen); isc_buffer_usedregion(&databuf, &r); ret = dst_context_adddata(ctx, &r); if (ret != ISC_R_SUCCESS) goto cleanup_context; /* * Digest other data. */ if (tsig.otherlen > 0) { r.length = tsig.otherlen; r.base = tsig.other; ret = dst_context_adddata(ctx, &r); if (ret != ISC_R_SUCCESS) goto cleanup_context; } } ret = dst_key_sigsize(key->key, &sigsize); if (ret != ISC_R_SUCCESS) goto cleanup_context; tsig.signature = (unsigned char *) isc_mem_get(mctx, sigsize); if (tsig.signature == NULL) { ret = ISC_R_NOMEMORY; goto cleanup_context; } isc_buffer_init(&sigbuf, tsig.signature, sigsize); ret = dst_context_sign(ctx, &sigbuf); if (ret != ISC_R_SUCCESS) goto cleanup_signature; dst_context_destroy(&ctx); digestbits = dst_key_getbits(key->key); if (digestbits != 0) { unsigned int bytes = (digestbits + 1) / 8; if (response && bytes < querytsig.siglen) bytes = querytsig.siglen; if (bytes > isc_buffer_usedlength(&sigbuf)) bytes = isc_buffer_usedlength(&sigbuf); tsig.siglen = bytes; } else tsig.siglen = isc_buffer_usedlength(&sigbuf); } else { tsig.siglen = 0; tsig.signature = NULL; } ret = dns_message_gettemprdata(msg, &rdata); if (ret != ISC_R_SUCCESS) goto cleanup_signature; ret = isc_buffer_allocate(msg->mctx, &dynbuf, 512); if (ret != ISC_R_SUCCESS) goto cleanup_rdata; ret = dns_rdata_fromstruct(rdata, dns_rdataclass_any, dns_rdatatype_tsig, &tsig, dynbuf); if (ret != ISC_R_SUCCESS) goto cleanup_dynbuf; dns_message_takebuffer(msg, &dynbuf); if (tsig.signature != NULL) { isc_mem_put(mctx, tsig.signature, sigsize); tsig.signature = NULL; } owner = NULL; ret = dns_message_gettempname(msg, &owner); if (ret != ISC_R_SUCCESS) goto cleanup_rdata; dns_name_init(owner, NULL); ret = dns_name_dup(&key->name, msg->mctx, owner); if (ret != ISC_R_SUCCESS) goto cleanup_owner; datalist = NULL; ret = dns_message_gettemprdatalist(msg, &datalist); if (ret != ISC_R_SUCCESS) goto cleanup_owner; dataset = NULL; ret = dns_message_gettemprdataset(msg, &dataset); if (ret != ISC_R_SUCCESS) goto cleanup_rdatalist; datalist->rdclass = dns_rdataclass_any; datalist->type = dns_rdatatype_tsig; datalist->covers = 0; datalist->ttl = 0; ISC_LIST_INIT(datalist->rdata); ISC_LIST_APPEND(datalist->rdata, rdata, link); dns_rdataset_init(dataset); RUNTIME_CHECK(dns_rdatalist_tordataset(datalist, dataset) == ISC_R_SUCCESS); msg->tsig = dataset; msg->tsigname = owner; /* Windows does not like the tsig name being compressed. */ msg->tsigname->attributes |= DNS_NAMEATTR_NOCOMPRESS; return (ISC_R_SUCCESS); cleanup_rdatalist: dns_message_puttemprdatalist(msg, &datalist); cleanup_owner: dns_message_puttempname(msg, &owner); goto cleanup_rdata; cleanup_dynbuf: isc_buffer_free(&dynbuf); cleanup_rdata: dns_message_puttemprdata(msg, &rdata); cleanup_signature: if (tsig.signature != NULL) isc_mem_put(mctx, tsig.signature, sigsize); cleanup_context: if (ctx != NULL) dst_context_destroy(&ctx); return (ret); }
int main(int argc, char *argv[]) { isc_boolean_t verbose = ISC_FALSE; isc_socketmgr_t *socketmgr; isc_timermgr_t *timermgr; struct in_addr inaddr; dns_fixedname_t fname; dns_name_t *name; isc_buffer_t b; int ch; isc_result_t result; in_port_t port = 53; RUNTIME_CHECK(isc_app_start() == ISC_R_SUCCESS); RUNTIME_CHECK(isc_mutex_init(&lock) == ISC_R_SUCCESS); mctx = NULL; RUNTIME_CHECK(isc_mem_create(0, 0, &mctx) == ISC_R_SUCCESS); while ((ch = isc_commandline_parse(argc, argv, "vp:")) != -1) { switch (ch) { case 'v': verbose = ISC_TRUE; break; case 'p': port = (unsigned int)atoi(isc_commandline_argument); break; } } RUNTIME_CHECK(isc_entropy_create(mctx, &ent) == ISC_R_SUCCESS); RUNTIME_CHECK(dst_lib_init(mctx, ent, 0) == ISC_R_SUCCESS); dns_result_register(); dst_result_register(); taskmgr = NULL; RUNTIME_CHECK(isc_taskmgr_create(mctx, 2, 0, &taskmgr) == ISC_R_SUCCESS); task1 = NULL; RUNTIME_CHECK(isc_task_create(taskmgr, 0, &task1) == ISC_R_SUCCESS); timermgr = NULL; RUNTIME_CHECK(isc_timermgr_create(mctx, &timermgr) == ISC_R_SUCCESS); socketmgr = NULL; RUNTIME_CHECK(isc_socketmgr_create(mctx, &socketmgr) == ISC_R_SUCCESS); RUNTIME_CHECK(isc_log_create(mctx, &lctx, &logconfig) == ISC_R_SUCCESS); s = NULL; RUNTIME_CHECK(isc_socket_create(socketmgr, PF_INET, isc_sockettype_udp, &s) == ISC_R_SUCCESS); inaddr.s_addr = htonl(INADDR_LOOPBACK); isc_sockaddr_fromin(&address, &inaddr, port); dns_fixedname_init(&fname); name = dns_fixedname_name(&fname); isc_buffer_init(&b, "child.example.", strlen("child.example.")); isc_buffer_add(&b, strlen("child.example.")); result = dns_name_fromtext(name, &b, dns_rootname, ISC_FALSE, NULL); CHECK("dns_name_fromtext", result); key = NULL; result = dst_key_fromfile(name, 4017, DNS_KEYALG_DSA, DST_TYPE_PUBLIC | DST_TYPE_PRIVATE, NULL, mctx, &key); CHECK("dst_key_fromfile", result); buildquery(); (void)isc_app_run(); isc_task_shutdown(task1); isc_task_detach(&task1); isc_taskmgr_destroy(&taskmgr); isc_socket_detach(&s); isc_socketmgr_destroy(&socketmgr); isc_timermgr_destroy(&timermgr); dst_key_free(&key); dst_lib_destroy(); isc_entropy_detach(&ent); isc_log_destroy(&lctx); if (verbose) isc_mem_stats(mctx, stdout); isc_mem_destroy(&mctx); DESTROYLOCK(&lock); isc_app_finish(); return (0); }
int main(int argc, char *argv[]) { isc_token_t token; isc_result_t result; int quiet = 0; int c; int masterfile = 1; int stats = 0; unsigned int options = 0; int done = 0; while ((c = isc_commandline_parse(argc, argv, "qmcs")) != -1) { switch (c) { case 'q': quiet = 1; break; case 'm': masterfile = 1; break; case 'c': masterfile = 0; break; case 's': stats = 1; break; } } RUNTIME_CHECK(isc_mem_create(0, 0, &mctx) == ISC_R_SUCCESS); RUNTIME_CHECK(isc_lex_create(mctx, 256, &lex) == ISC_R_SUCCESS); if (masterfile) { /* Set up to lex DNS master file. */ specials['('] = 1; specials[')'] = 1; specials['"'] = 1; isc_lex_setspecials(lex, specials); options = ISC_LEXOPT_DNSMULTILINE | ISC_LEXOPT_ESCAPE | ISC_LEXOPT_EOF | ISC_LEXOPT_QSTRING | ISC_LEXOPT_NOMORE; isc_lex_setcomments(lex, ISC_LEXCOMMENT_DNSMASTERFILE); } else { /* Set up to lex DNS config file. */ specials['{'] = 1; specials['}'] = 1; specials[';'] = 1; specials['/'] = 1; specials['"'] = 1; specials['!'] = 1; specials['*'] = 1; isc_lex_setspecials(lex, specials); options = ISC_LEXOPT_EOF | ISC_LEXOPT_QSTRING | ISC_LEXOPT_NUMBER | ISC_LEXOPT_NOMORE; isc_lex_setcomments(lex, (ISC_LEXCOMMENT_C| ISC_LEXCOMMENT_CPLUSPLUS| ISC_LEXCOMMENT_SHELL)); } RUNTIME_CHECK(isc_lex_openstream(lex, stdin) == ISC_R_SUCCESS); while ((result = isc_lex_gettoken(lex, options, &token)) == ISC_R_SUCCESS && !done) { if (!quiet) { char *name = isc_lex_getsourcename(lex); print_token(&token, stdout); printf(" line = %lu file = %s\n", isc_lex_getsourceline(lex), (name == NULL) ? "<none>" : name); } if (token.type == isc_tokentype_eof) isc_lex_close(lex); if (token.type == isc_tokentype_nomore) done = 1; } if (result != ISC_R_SUCCESS) printf("Result: %s\n", isc_result_totext(result)); isc_lex_close(lex); isc_lex_destroy(&lex); if (!quiet && stats) isc_mem_stats(mctx, stdout); isc_mem_destroy(&mctx); return (0); }
isc_result_t dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, dns_tsig_keyring_t *ring) { isc_result_t result = ISC_R_SUCCESS; dns_rdata_tkey_t tkeyin, tkeyout; isc_boolean_t freetkeyin = ISC_FALSE; dns_name_t *qname, *name, *keyname, *signer, tsigner; dns_fixedname_t fkeyname; dns_rdataset_t *tkeyset; dns_rdata_t rdata; dns_namelist_t namelist; char tkeyoutdata[512]; isc_buffer_t tkeyoutbuf; REQUIRE(msg != NULL); REQUIRE(tctx != NULL); REQUIRE(ring != NULL); ISC_LIST_INIT(namelist); /* * Interpret the question section. */ result = dns_message_firstname(msg, DNS_SECTION_QUESTION); if (result != ISC_R_SUCCESS) return (DNS_R_FORMERR); qname = NULL; dns_message_currentname(msg, DNS_SECTION_QUESTION, &qname); /* * Look for a TKEY record that matches the question. */ tkeyset = NULL; name = NULL; result = dns_message_findname(msg, DNS_SECTION_ADDITIONAL, qname, dns_rdatatype_tkey, 0, &name, &tkeyset); if (result != ISC_R_SUCCESS) { /* * Try the answer section, since that's where Win2000 * puts it. */ if (dns_message_findname(msg, DNS_SECTION_ANSWER, qname, dns_rdatatype_tkey, 0, &name, &tkeyset) != ISC_R_SUCCESS) { result = DNS_R_FORMERR; tkey_log("dns_tkey_processquery: couldn't find a TKEY " "matching the question"); goto failure; } } result = dns_rdataset_first(tkeyset); if (result != ISC_R_SUCCESS) { result = DNS_R_FORMERR; goto failure; } dns_rdata_init(&rdata); dns_rdataset_current(tkeyset, &rdata); RETERR(dns_rdata_tostruct(&rdata, &tkeyin, NULL)); freetkeyin = ISC_TRUE; if (tkeyin.error != dns_rcode_noerror) { result = DNS_R_FORMERR; goto failure; } /* * Before we go any farther, verify that the message was signed. * GSSAPI TKEY doesn't require a signature, the rest do. */ dns_name_init(&tsigner, NULL); result = dns_message_signer(msg, &tsigner); if (result != ISC_R_SUCCESS) { if (tkeyin.mode == DNS_TKEYMODE_GSSAPI && result == ISC_R_NOTFOUND) signer = NULL; else { tkey_log("dns_tkey_processquery: query was not " "properly signed - rejecting"); result = DNS_R_FORMERR; goto failure; } } else signer = &tsigner; tkeyout.common.rdclass = tkeyin.common.rdclass; tkeyout.common.rdtype = tkeyin.common.rdtype; ISC_LINK_INIT(&tkeyout.common, link); tkeyout.mctx = msg->mctx; dns_name_init(&tkeyout.algorithm, NULL); dns_name_clone(&tkeyin.algorithm, &tkeyout.algorithm); tkeyout.inception = tkeyout.expire = 0; tkeyout.mode = tkeyin.mode; tkeyout.error = 0; tkeyout.keylen = tkeyout.otherlen = 0; tkeyout.key = tkeyout.other = NULL; /* * A delete operation must have a fully specified key name. If this * is not a delete, we do the following: * if (qname != ".") * keyname = qname + defaultdomain * else * keyname = <random hex> + defaultdomain */ if (tkeyin.mode != DNS_TKEYMODE_DELETE) { dns_tsigkey_t *tsigkey = NULL; if (tctx->domain == NULL && tkeyin.mode != DNS_TKEYMODE_GSSAPI) { tkey_log("dns_tkey_processquery: tkey-domain not set"); result = DNS_R_REFUSED; goto failure; } dns_fixedname_init(&fkeyname); keyname = dns_fixedname_name(&fkeyname); if (!dns_name_equal(qname, dns_rootname)) { unsigned int n = dns_name_countlabels(qname); RUNTIME_CHECK(dns_name_copy(qname, keyname, NULL) == ISC_R_SUCCESS); dns_name_getlabelsequence(keyname, 0, n - 1, keyname); } else { static char hexdigits[16] = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F' }; unsigned char randomdata[16]; char randomtext[32]; isc_buffer_t b; unsigned int i, j; result = isc_entropy_getdata(tctx->ectx, randomdata, sizeof(randomdata), NULL, 0); if (result != ISC_R_SUCCESS) goto failure; for (i = 0, j = 0; i < sizeof(randomdata); i++) { unsigned char val = randomdata[i]; randomtext[j++] = hexdigits[val >> 4]; randomtext[j++] = hexdigits[val & 0xF]; } isc_buffer_init(&b, randomtext, sizeof(randomtext)); isc_buffer_add(&b, sizeof(randomtext)); result = dns_name_fromtext(keyname, &b, NULL, 0, NULL); if (result != ISC_R_SUCCESS) goto failure; } if (tkeyin.mode == DNS_TKEYMODE_GSSAPI) { /* Yup. This is a hack */ result = dns_name_concatenate(keyname, dns_rootname, keyname, NULL); if (result != ISC_R_SUCCESS) goto failure; } else { result = dns_name_concatenate(keyname, tctx->domain, keyname, NULL); if (result != ISC_R_SUCCESS) goto failure; } result = dns_tsigkey_find(&tsigkey, keyname, NULL, ring); if (result == ISC_R_SUCCESS) { tkeyout.error = dns_tsigerror_badname; dns_tsigkey_detach(&tsigkey); goto failure_with_tkey; } else if (result != ISC_R_NOTFOUND) goto failure; } else
/*% main processing routine */ int main(int argc, char **argv) { int c; char *origin = NULL; char *filename = NULL; isc_log_t *lctx = NULL; isc_result_t result; char classname_in[] = "IN"; char *classname = classname_in; const char *workdir = NULL; const char *inputformatstr = NULL; const char *outputformatstr = NULL; dns_masterformat_t inputformat = dns_masterformat_text; dns_masterformat_t outputformat = dns_masterformat_text; FILE *errout = stdout; outputstyle = &dns_master_style_full; prog_name = strrchr(argv[0], '/'); if (prog_name == NULL) prog_name = strrchr(argv[0], '\\'); if (prog_name != NULL) prog_name++; else prog_name = argv[0]; /* * Libtool doesn't preserve the program name prior to final * installation. Remove the libtool prefix ("lt-"). */ if (strncmp(prog_name, "lt-", 3) == 0) prog_name += 3; #define PROGCMP(X) \ (strcasecmp(prog_name, X) == 0 || strcasecmp(prog_name, X ".exe") == 0) if (PROGCMP("named-checkzone")) progmode = progmode_check; else if (PROGCMP("named-compilezone")) progmode = progmode_compile; else INSIST(0); /* Compilation specific defaults */ if (progmode == progmode_compile) { zone_options |= (DNS_ZONEOPT_CHECKNS | DNS_ZONEOPT_FATALNS | DNS_ZONEOPT_CHECKDUPRR | DNS_ZONEOPT_CHECKNAMES | DNS_ZONEOPT_CHECKNAMESFAIL | DNS_ZONEOPT_CHECKWILDCARD); } else zone_options |= DNS_ZONEOPT_CHECKDUPRR; #define ARGCMP(X) (strcmp(isc_commandline_argument, X) == 0) isc_commandline_errprint = ISC_FALSE; while ((c = isc_commandline_parse(argc, argv, "c:df:hi:jk:m:n:qr:s:t:o:vw:DF:M:S:W:")) != EOF) { switch (c) { case 'c': classname = isc_commandline_argument; break; case 'd': debug++; break; case 'i': if (ARGCMP("full")) { zone_options |= DNS_ZONEOPT_CHECKINTEGRITY | DNS_ZONEOPT_CHECKSIBLING; docheckmx = ISC_TRUE; docheckns = ISC_TRUE; dochecksrv = ISC_TRUE; } else if (ARGCMP("full-sibling")) { zone_options |= DNS_ZONEOPT_CHECKINTEGRITY; zone_options &= ~DNS_ZONEOPT_CHECKSIBLING; docheckmx = ISC_TRUE; docheckns = ISC_TRUE; dochecksrv = ISC_TRUE; } else if (ARGCMP("local")) { zone_options |= DNS_ZONEOPT_CHECKINTEGRITY; zone_options |= DNS_ZONEOPT_CHECKSIBLING; docheckmx = ISC_FALSE; docheckns = ISC_FALSE; dochecksrv = ISC_FALSE; } else if (ARGCMP("local-sibling")) { zone_options |= DNS_ZONEOPT_CHECKINTEGRITY; zone_options &= ~DNS_ZONEOPT_CHECKSIBLING; docheckmx = ISC_FALSE; docheckns = ISC_FALSE; dochecksrv = ISC_FALSE; } else if (ARGCMP("none")) { zone_options &= ~DNS_ZONEOPT_CHECKINTEGRITY; zone_options &= ~DNS_ZONEOPT_CHECKSIBLING; docheckmx = ISC_FALSE; docheckns = ISC_FALSE; dochecksrv = ISC_FALSE; } else { fprintf(stderr, "invalid argument to -i: %s\n", isc_commandline_argument); exit(1); } break; case 'f': inputformatstr = isc_commandline_argument; break; case 'F': outputformatstr = isc_commandline_argument; break; case 'j': nomerge = ISC_FALSE; break; case 'k': if (ARGCMP("warn")) { zone_options |= DNS_ZONEOPT_CHECKNAMES; zone_options &= ~DNS_ZONEOPT_CHECKNAMESFAIL; } else if (ARGCMP("fail")) { zone_options |= DNS_ZONEOPT_CHECKNAMES | DNS_ZONEOPT_CHECKNAMESFAIL; } else if (ARGCMP("ignore")) { zone_options &= ~(DNS_ZONEOPT_CHECKNAMES | DNS_ZONEOPT_CHECKNAMESFAIL); } else { fprintf(stderr, "invalid argument to -k: %s\n", isc_commandline_argument); exit(1); } break; case 'n': if (ARGCMP("ignore")) { zone_options &= ~(DNS_ZONEOPT_CHECKNS| DNS_ZONEOPT_FATALNS); } else if (ARGCMP("warn")) { zone_options |= DNS_ZONEOPT_CHECKNS; zone_options &= ~DNS_ZONEOPT_FATALNS; } else if (ARGCMP("fail")) { zone_options |= DNS_ZONEOPT_CHECKNS| DNS_ZONEOPT_FATALNS; } else { fprintf(stderr, "invalid argument to -n: %s\n", isc_commandline_argument); exit(1); } break; case 'm': if (ARGCMP("warn")) { zone_options |= DNS_ZONEOPT_CHECKMX; zone_options &= ~DNS_ZONEOPT_CHECKMXFAIL; } else if (ARGCMP("fail")) { zone_options |= DNS_ZONEOPT_CHECKMX | DNS_ZONEOPT_CHECKMXFAIL; } else if (ARGCMP("ignore")) { zone_options &= ~(DNS_ZONEOPT_CHECKMX | DNS_ZONEOPT_CHECKMXFAIL); } else { fprintf(stderr, "invalid argument to -m: %s\n", isc_commandline_argument); exit(1); } break; case 'o': output_filename = isc_commandline_argument; break; case 'q': quiet++; break; case 'r': if (ARGCMP("warn")) { zone_options |= DNS_ZONEOPT_CHECKDUPRR; zone_options &= ~DNS_ZONEOPT_CHECKDUPRRFAIL; } else if (ARGCMP("fail")) { zone_options |= DNS_ZONEOPT_CHECKDUPRR | DNS_ZONEOPT_CHECKDUPRRFAIL; } else if (ARGCMP("ignore")) { zone_options &= ~(DNS_ZONEOPT_CHECKDUPRR | DNS_ZONEOPT_CHECKDUPRRFAIL); } else { fprintf(stderr, "invalid argument to -r: %s\n", isc_commandline_argument); exit(1); } break; case 's': if (ARGCMP("full")) outputstyle = &dns_master_style_full; else if (ARGCMP("relative")) { outputstyle = &dns_master_style_default; } else { fprintf(stderr, "unknown or unsupported style: %s\n", isc_commandline_argument); exit(1); } break; case 't': result = isc_dir_chroot(isc_commandline_argument); if (result != ISC_R_SUCCESS) { fprintf(stderr, "isc_dir_chroot: %s: %s\n", isc_commandline_argument, isc_result_totext(result)); exit(1); } break; case 'v': printf(VERSION "\n"); exit(0); case 'w': workdir = isc_commandline_argument; break; case 'D': dumpzone++; break; case 'M': if (ARGCMP("fail")) { zone_options &= ~DNS_ZONEOPT_WARNMXCNAME; zone_options &= ~DNS_ZONEOPT_IGNOREMXCNAME; } else if (ARGCMP("warn")) { zone_options |= DNS_ZONEOPT_WARNMXCNAME; zone_options &= ~DNS_ZONEOPT_IGNOREMXCNAME; } else if (ARGCMP("ignore")) { zone_options |= DNS_ZONEOPT_WARNMXCNAME; zone_options |= DNS_ZONEOPT_IGNOREMXCNAME; } else { fprintf(stderr, "invalid argument to -M: %s\n", isc_commandline_argument); exit(1); } break; case 'S': if (ARGCMP("fail")) { zone_options &= ~DNS_ZONEOPT_WARNSRVCNAME; zone_options &= ~DNS_ZONEOPT_IGNORESRVCNAME; } else if (ARGCMP("warn")) { zone_options |= DNS_ZONEOPT_WARNSRVCNAME; zone_options &= ~DNS_ZONEOPT_IGNORESRVCNAME; } else if (ARGCMP("ignore")) { zone_options |= DNS_ZONEOPT_WARNSRVCNAME; zone_options |= DNS_ZONEOPT_IGNORESRVCNAME; } else { fprintf(stderr, "invalid argument to -S: %s\n", isc_commandline_argument); exit(1); } break; case 'W': if (ARGCMP("warn")) zone_options |= DNS_ZONEOPT_CHECKWILDCARD; else if (ARGCMP("ignore")) zone_options &= ~DNS_ZONEOPT_CHECKWILDCARD; break; case '?': if (isc_commandline_option != '?') fprintf(stderr, "%s: invalid argument -%c\n", prog_name, isc_commandline_option); case 'h': usage(); default: fprintf(stderr, "%s: unhandled option -%c\n", prog_name, isc_commandline_option); exit(1); } } if (workdir != NULL) { result = isc_dir_chdir(workdir); if (result != ISC_R_SUCCESS) { fprintf(stderr, "isc_dir_chdir: %s: %s\n", workdir, isc_result_totext(result)); exit(1); } } if (inputformatstr != NULL) { if (strcasecmp(inputformatstr, "text") == 0) inputformat = dns_masterformat_text; else if (strcasecmp(inputformatstr, "raw") == 0) inputformat = dns_masterformat_raw; else { fprintf(stderr, "unknown file format: %s\n", inputformatstr); exit(1); } } if (outputformatstr != NULL) { if (strcasecmp(outputformatstr, "text") == 0) outputformat = dns_masterformat_text; else if (strcasecmp(outputformatstr, "raw") == 0) outputformat = dns_masterformat_raw; else { fprintf(stderr, "unknown file format: %s\n", outputformatstr); exit(1); } } if (progmode == progmode_compile) { dumpzone = 1; /* always dump */ if (output_filename == NULL) { fprintf(stderr, "output file required, but not specified\n"); usage(); } } if (output_filename != NULL) dumpzone = 1; /* * If we are outputing to stdout then send the informational * output to stderr. */ if (dumpzone && (output_filename == NULL || strcmp(output_filename, "-") == 0 || strcmp(output_filename, "/dev/fd/1") == 0 || strcmp(output_filename, "/dev/stdout") == 0)) errout = stderr; if (isc_commandline_index + 2 != argc) usage(); RUNTIME_CHECK(isc_mem_create(0, 0, &mctx) == ISC_R_SUCCESS); if (!quiet) RUNTIME_CHECK(setup_logging(mctx, errout, &lctx) == ISC_R_SUCCESS); RUNTIME_CHECK(isc_entropy_create(mctx, &ectx) == ISC_R_SUCCESS); RUNTIME_CHECK(isc_hash_create(mctx, ectx, DNS_NAME_MAXWIRE) == ISC_R_SUCCESS); dns_result_register(); origin = argv[isc_commandline_index++]; filename = argv[isc_commandline_index++]; result = load_zone(mctx, origin, filename, inputformat, classname, &zone); if (result == ISC_R_SUCCESS && dumpzone) { if (!quiet && progmode == progmode_compile) { fprintf(errout, "dump zone to %s...", output_filename); fflush(errout); } result = dump_zone(origin, zone, output_filename, outputformat, outputstyle); if (!quiet && progmode == progmode_compile) fprintf(errout, "done\n"); } if (!quiet && result == ISC_R_SUCCESS) fprintf(errout, "OK\n"); destroy(); if (lctx != NULL) isc_log_destroy(&lctx); isc_hash_destroy(); isc_entropy_detach(&ectx); isc_mem_destroy(&mctx); return ((result == ISC_R_SUCCESS) ? 0 : 1); }
static void key_mutex_init(void) { RUNTIME_CHECK(isc_mutex_init(&key_mutex) == ISC_R_SUCCESS); }
int main(int argc, char *argv[]) { isc_task_t *t1, *t2; isc_timermgr_t *timgr; isc_time_t expires; isc_interval_t interval; isc_timer_t *ti1; unsigned int workers; isc_socketmgr_t *socketmgr; isc_socket_t *so1, *so2; isc_sockaddr_t sockaddr; struct in_addr ina; struct in6_addr in6a; isc_result_t result; int pf; if (argc > 1) workers = atoi(argv[1]); else workers = 2; printf("%d workers\n", workers); if (isc_net_probeipv6() == ISC_R_SUCCESS) pf = PF_INET6; else pf = PF_INET; /* * EVERYTHING needs a memory context. */ mctx = NULL; RUNTIME_CHECK(isc_mem_create(0, 0, &mctx) == ISC_R_SUCCESS); /* * The task manager is independent (other than memory context) */ manager = NULL; RUNTIME_CHECK(isc_taskmgr_create(mctx, workers, 0, &manager) == ISC_R_SUCCESS); /* * Timer manager depends only on the memory context as well. */ timgr = NULL; RUNTIME_CHECK(isc_timermgr_create(mctx, &timgr) == ISC_R_SUCCESS); t1 = NULL; RUNTIME_CHECK(isc_task_create(manager, 0, &t1) == ISC_R_SUCCESS); t2 = NULL; RUNTIME_CHECK(isc_task_create(manager, 0, &t2) == ISC_R_SUCCESS); RUNTIME_CHECK(isc_task_onshutdown(t1, my_shutdown, "1") == ISC_R_SUCCESS); RUNTIME_CHECK(isc_task_onshutdown(t2, my_shutdown, "2") == ISC_R_SUCCESS); printf("task 1 = %p\n", t1); printf("task 2 = %p\n", t2); socketmgr = NULL; RUNTIME_CHECK(isc_socketmgr_create(mctx, &socketmgr) == ISC_R_SUCCESS); /* * Open up a listener socket. */ so1 = NULL; if (pf == PF_INET6) { in6a = in6addr_any; isc_sockaddr_fromin6(&sockaddr, &in6a, 5544); } else { ina.s_addr = INADDR_ANY; isc_sockaddr_fromin(&sockaddr, &ina, 5544); } RUNTIME_CHECK(isc_socket_create(socketmgr, pf, isc_sockettype_tcp, &so1) == ISC_R_SUCCESS); result = isc_socket_bind(so1, &sockaddr); RUNTIME_CHECK(result == ISC_R_SUCCESS); RUNTIME_CHECK(isc_socket_listen(so1, 0) == ISC_R_SUCCESS); /* * Queue up the first accept event. */ RUNTIME_CHECK(isc_socket_accept(so1, t1, my_listen, "so1") == ISC_R_SUCCESS); isc_time_settoepoch(&expires); isc_interval_set(&interval, 10, 0); ti1 = NULL; RUNTIME_CHECK(isc_timer_create(timgr, isc_timertype_once, &expires, &interval, t1, timeout, so1, &ti1) == ISC_R_SUCCESS); /* * Open up a socket that will connect to www.flame.org, port 80. * Why not. :) */ so2 = NULL; ina.s_addr = inet_addr("204.152.184.97"); if (0 && pf == PF_INET6) isc_sockaddr_v6fromin(&sockaddr, &ina, 80); else isc_sockaddr_fromin(&sockaddr, &ina, 80); RUNTIME_CHECK(isc_socket_create(socketmgr, isc_sockaddr_pf(&sockaddr), isc_sockettype_tcp, &so2) == ISC_R_SUCCESS); RUNTIME_CHECK(isc_socket_connect(so2, &sockaddr, t2, my_connect, "so2") == ISC_R_SUCCESS); /* * Detaching these is safe, since the socket will attach to the * task for any outstanding requests. */ isc_task_detach(&t1); isc_task_detach(&t2); /* * Wait a short while. */ sleep(10); fprintf(stderr, "Destroying socket manager\n"); isc_socketmgr_destroy(&socketmgr); fprintf(stderr, "Destroying timer manager\n"); isc_timermgr_destroy(&timgr); fprintf(stderr, "Destroying task manager\n"); isc_taskmgr_destroy(&manager); isc_mem_stats(mctx, stdout); isc_mem_destroy(&mctx); return (0); }
int main(int argc, char **argv) { int c; char *filename = NULL; const char *classname = "IN"; while ((c = isc_commandline_parse(argc, argv, "cdf:m:qsMS")) != EOF) { switch (c) { case 'c': classname = isc_commandline_argument; break; case 'd': debug++; break; case 'f': if (filename != NULL) usage(); filename = isc_commandline_argument; break; case 'm': memset(&addr, 0, sizeof(addr)); addr.type.sin.sin_family = AF_INET; inet_pton(AF_INET, isc_commandline_argument, &addr.type.sin.sin_addr); addr.type.sin.sin_port = htons(53); break; case 'q': quiet++; break; case 's': stats++; break; case 'S': zonetype = dns_zone_slave; break; case 'M': zonetype = dns_zone_master; break; default: usage(); } } if (argv[isc_commandline_index] == NULL) usage(); RUNTIME_CHECK(isc_app_start() == ISC_R_SUCCESS); RUNTIME_CHECK(isc_mem_create(0, 0, &mctx) == ISC_R_SUCCESS); RUNTIME_CHECK(isc_taskmgr_create(mctx, 2, 0, &taskmgr) == ISC_R_SUCCESS); RUNTIME_CHECK(isc_timermgr_create(mctx, &timermgr) == ISC_R_SUCCESS); RUNTIME_CHECK(isc_socketmgr_create(mctx, &socketmgr) == ISC_R_SUCCESS); RUNTIME_CHECK(dns_zonemgr_create(mctx, taskmgr, timermgr, socketmgr, &zonemgr) == ISC_R_SUCCESS); if (filename == NULL) filename = argv[isc_commandline_index]; setup(argv[isc_commandline_index], filename, classname); query(); if (zone != NULL) dns_zone_detach(&zone); dns_zonemgr_shutdown(zonemgr); dns_zonemgr_detach(&zonemgr); isc_socketmgr_destroy(&socketmgr); isc_taskmgr_destroy(&taskmgr); isc_timermgr_destroy(&timermgr); if (!quiet && stats) isc_mem_stats(mctx, stdout); isc_mem_destroy(&mctx); return (0); }
static void initialize_action(void) { RUNTIME_CHECK(isc_mutex_init(&insecure_prefix_lock) == ISC_R_SUCCESS); }
static void db_rr_iterator_pause(db_rr_iterator_t *it) { RUNTIME_CHECK(dns_dbiterator_pause(it->dbit) == ISC_R_SUCCESS); }
static inline void CUNLOCK(void) { RUNTIME_CHECK(isc_mutex_unlock(&client_lock) == ISC_R_SUCCESS); }
isc_result_t ns_statschannels_configure(ns_server_t *server, const cfg_obj_t *config, cfg_aclconfctx_t *aclconfctx) { ns_statschannel_t *listener, *listener_next; ns_statschannellist_t new_listeners; const cfg_obj_t *statschannellist = NULL; const cfg_listelt_t *element, *element2; char socktext[ISC_SOCKADDR_FORMATSIZE]; RUNTIME_CHECK(isc_once_do(&once, init_desc) == ISC_R_SUCCESS); ISC_LIST_INIT(new_listeners); /* * Get the list of named.conf 'statistics-channels' statements. */ (void)cfg_map_get(config, "statistics-channels", &statschannellist); /* * Run through the new address/port list, noting sockets that are * already being listened on and moving them to the new list. * * Identifying duplicate addr/port combinations is left to either * the underlying config code, or to the bind attempt getting an * address-in-use error. */ if (statschannellist != NULL) { #ifndef HAVE_LIBXML2 isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_WARNING, "statistics-channels specified but not effective " "due to missing XML library"); #endif for (element = cfg_list_first(statschannellist); element != NULL; element = cfg_list_next(element)) { const cfg_obj_t *statschannel; const cfg_obj_t *listenercfg = NULL; statschannel = cfg_listelt_value(element); (void)cfg_map_get(statschannel, "inet", &listenercfg); if (listenercfg == NULL) continue; for (element2 = cfg_list_first(listenercfg); element2 != NULL; element2 = cfg_list_next(element2)) { const cfg_obj_t *listen_params; const cfg_obj_t *obj; isc_sockaddr_t addr; listen_params = cfg_listelt_value(element2); obj = cfg_tuple_get(listen_params, "address"); addr = *cfg_obj_assockaddr(obj); if (isc_sockaddr_getport(&addr) == 0) isc_sockaddr_setport(&addr, NS_STATSCHANNEL_HTTPPORT); isc_sockaddr_format(&addr, socktext, sizeof(socktext)); isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_DEBUG(9), "processing statistics " "channel %s", socktext); update_listener(server, &listener, listen_params, config, &addr, aclconfctx, socktext); if (listener != NULL) { /* * Remove the listener from the old * list, so it won't be shut down. */ ISC_LIST_UNLINK(server->statschannels, listener, link); } else { /* * This is a new listener. */ isc_result_t r; r = add_listener(server, &listener, listen_params, config, &addr, aclconfctx, socktext); if (r != ISC_R_SUCCESS) { cfg_obj_log(listen_params, ns_g_lctx, ISC_LOG_WARNING, "couldn't allocate " "statistics channel" " %s: %s", socktext, isc_result_totext(r)); } } if (listener != NULL) ISC_LIST_APPEND(new_listeners, listener, link); } } } for (listener = ISC_LIST_HEAD(server->statschannels); listener != NULL; listener = listener_next) { listener_next = ISC_LIST_NEXT(listener, link); ISC_LIST_UNLINK(server->statschannels, listener, link); shutdown_listener(listener); } ISC_LIST_APPENDLIST(server->statschannels, new_listeners, link); return (ISC_R_SUCCESS); }
int main(int argc, char **argv) { isc_result_t result; isc_logdestination_t destination; UNUSED(argc); UNUSED(argv); dns_result_register(); result = isc_app_start(); check_result(result, "isc_app_start()"); isc_stdtime_get(&now); result = isc_mutex_init(&client_lock); check_result(result, "isc_mutex_init(&client_lock)"); ISC_LIST_INIT(clients); /* * EVERYTHING needs a memory context. */ RUNTIME_CHECK(isc_mem_create(0, 0, &mctx) == ISC_R_SUCCESS); cmp = NULL; RUNTIME_CHECK(isc_mempool_create(mctx, sizeof(client_t), &cmp) == ISC_R_SUCCESS); isc_mempool_setname(cmp, "adb test clients"); result = isc_entropy_create(mctx, &ectx); check_result(result, "isc_entropy_create()"); result = isc_hash_create(mctx, ectx, DNS_NAME_MAXWIRE); check_result(result, "isc_hash_create()"); result = isc_log_create(mctx, &lctx, &lcfg); check_result(result, "isc_log_create()"); isc_log_setcontext(lctx); dns_log_init(lctx); dns_log_setcontext(lctx); /* * Create and install the default channel. */ destination.file.stream = stderr; destination.file.name = NULL; destination.file.versions = ISC_LOG_ROLLNEVER; destination.file.maximum_size = 0; result = isc_log_createchannel(lcfg, "_default", ISC_LOG_TOFILEDESC, ISC_LOG_DYNAMIC, &destination, ISC_LOG_PRINTTIME); check_result(result, "isc_log_createchannel()"); result = isc_log_usechannel(lcfg, "_default", NULL, NULL); check_result(result, "isc_log_usechannel()"); /* * Set the initial debug level. */ isc_log_setdebuglevel(lctx, 2); create_managers(); t1 = NULL; result = isc_task_create(taskmgr, 0, &t1); check_result(result, "isc_task_create t1"); t2 = NULL; result = isc_task_create(taskmgr, 0, &t2); check_result(result, "isc_task_create t2"); printf("task 1 = %p\n", t1); printf("task 2 = %p\n", t2); create_view(); adb = view->adb; /* * Lock the entire client list here. This will cause all events * for found names to block as well. */ CLOCK(); lookup("f.root-servers.net."); /* Should be in hints */ lookup("www.iengines.com"); /* should fetch */ lookup("www.isc.org"); /* should fetch */ lookup("www.flame.org"); /* should fetch */ lookup("kechara.flame.org."); /* should fetch */ lookup("moghedien.flame.org."); /* should fetch */ lookup("mailrelay.flame.org."); /* should fetch */ lookup("ipv4v6.flame.org."); /* should fetch */ lookup("nonexistant.flame.org."); /* should fail to be found */ lookup("foobar.badns.flame.org."); /* should fail utterly (NS) */ lookup("i.root-servers.net."); /* Should be in hints */ lookup("www.firstcard.com."); lookup("dns04.flame.org."); CUNLOCK(); sleep(10); dns_adb_dump(adb, stderr); sleep(10); CLOCK(); lookup("f.root-servers.net."); /* Should be in hints */ lookup("www.iengines.com"); /* should fetch */ lookup("www.isc.org"); /* should fetch */ lookup("www.flame.org"); /* should fetch */ lookup("kechara.flame.org."); /* should fetch */ lookup("moghedien.flame.org."); /* should fetch */ lookup("mailrelay.flame.org."); /* should fetch */ lookup("ipv4v6.flame.org."); /* should fetch */ lookup("nonexistant.flame.org."); /* should fail to be found */ lookup("foobar.badns.flame.org."); /* should fail utterly (NS) */ lookup("i.root-servers.net."); /* Should be in hints */ CUNLOCK(); sleep(20); dns_adb_dump(adb, stderr); isc_task_detach(&t1); isc_task_detach(&t2); isc_mem_stats(mctx, stdout); dns_adb_dump(adb, stderr); isc_app_run(); dns_adb_dump(adb, stderr); dns_view_detach(&view); adb = NULL; fprintf(stderr, "Destroying socket manager\n"); isc_socketmgr_destroy(&socketmgr); fprintf(stderr, "Destroying timer manager\n"); isc_timermgr_destroy(&timermgr); fprintf(stderr, "Destroying task manager\n"); isc_taskmgr_destroy(&taskmgr); isc_log_destroy(&lctx); isc_hash_destroy(); isc_entropy_detach(&ectx); isc_mempool_destroy(&cmp); isc_mem_stats(mctx, stdout); isc_mem_destroy(&mctx); isc_app_finish(); return (0); }
isc_result_t ns_stats_dump(ns_server_t *server, FILE *fp) { isc_stdtime_t now; isc_result_t result; dns_view_t *view; dns_zone_t *zone, *next; stats_dumparg_t dumparg; isc_uint64_t nsstat_values[dns_nsstatscounter_max]; isc_uint64_t resstat_values[dns_resstatscounter_max]; isc_uint64_t zonestat_values[dns_zonestatscounter_max]; isc_uint64_t sockstat_values[isc_sockstatscounter_max]; RUNTIME_CHECK(isc_once_do(&once, init_desc) == ISC_R_SUCCESS); /* Set common fields */ dumparg.type = statsformat_file; dumparg.arg = fp; isc_stdtime_get(&now); fprintf(fp, "+++ Statistics Dump +++ (%lu)\n", (unsigned long)now); fprintf(fp, "++ Incoming Requests ++\n"); dns_opcodestats_dump(server->opcodestats, opcodestat_dump, &dumparg, 0); fprintf(fp, "++ Incoming Queries ++\n"); dns_rdatatypestats_dump(server->rcvquerystats, rdtypestat_dump, &dumparg, 0); fprintf(fp, "++ Outgoing Queries ++\n"); for (view = ISC_LIST_HEAD(server->viewlist); view != NULL; view = ISC_LIST_NEXT(view, link)) { if (view->resquerystats == NULL) continue; if (strcmp(view->name, "_default") == 0) fprintf(fp, "[View: default]\n"); else fprintf(fp, "[View: %s]\n", view->name); dns_rdatatypestats_dump(view->resquerystats, rdtypestat_dump, &dumparg, 0); } fprintf(fp, "++ Name Server Statistics ++\n"); (void) dump_counters(server->nsstats, statsformat_file, fp, NULL, nsstats_desc, dns_nsstatscounter_max, nsstats_index, nsstat_values, 0); fprintf(fp, "++ Zone Maintenance Statistics ++\n"); (void) dump_counters(server->zonestats, statsformat_file, fp, NULL, zonestats_desc, dns_zonestatscounter_max, zonestats_index, zonestat_values, 0); fprintf(fp, "++ Resolver Statistics ++\n"); fprintf(fp, "[Common]\n"); (void) dump_counters(server->resolverstats, statsformat_file, fp, NULL, resstats_desc, dns_resstatscounter_max, resstats_index, resstat_values, 0); for (view = ISC_LIST_HEAD(server->viewlist); view != NULL; view = ISC_LIST_NEXT(view, link)) { if (view->resstats == NULL) continue; if (strcmp(view->name, "_default") == 0) fprintf(fp, "[View: default]\n"); else fprintf(fp, "[View: %s]\n", view->name); (void) dump_counters(view->resstats, statsformat_file, fp, NULL, resstats_desc, dns_resstatscounter_max, resstats_index, resstat_values, 0); } fprintf(fp, "++ Cache DB RRsets ++\n"); for (view = ISC_LIST_HEAD(server->viewlist); view != NULL; view = ISC_LIST_NEXT(view, link)) { dns_stats_t *cachestats; cachestats = dns_db_getrrsetstats(view->cachedb); if (cachestats == NULL) continue; if (strcmp(view->name, "_default") == 0) fprintf(fp, "[View: default]\n"); else fprintf(fp, "[View: %s (Cache: %s)]\n", view->name, dns_cache_getname(view->cache)); if (dns_view_iscacheshared(view)) { /* * Avoid dumping redundant statistics when the cache is * shared. */ continue; } dns_rdatasetstats_dump(cachestats, rdatasetstats_dump, &dumparg, 0); } fprintf(fp, "++ Socket I/O Statistics ++\n"); (void) dump_counters(server->sockstats, statsformat_file, fp, NULL, sockstats_desc, isc_sockstatscounter_max, sockstats_index, sockstat_values, 0); fprintf(fp, "++ Per Zone Query Statistics ++\n"); zone = NULL; for (result = dns_zone_first(server->zonemgr, &zone); result == ISC_R_SUCCESS; next = NULL, result = dns_zone_next(zone, &next), zone = next) { isc_stats_t *zonestats = dns_zone_getrequeststats(zone); if (zonestats != NULL) { char zonename[DNS_NAME_FORMATSIZE]; dns_name_format(dns_zone_getorigin(zone), zonename, sizeof(zonename)); view = dns_zone_getview(zone); fprintf(fp, "[%s", zonename); if (strcmp(view->name, "_default") != 0) fprintf(fp, " (view: %s)", view->name); fprintf(fp, "]\n"); (void) dump_counters(zonestats, statsformat_file, fp, NULL, nsstats_desc, dns_nsstatscounter_max, nsstats_index, nsstat_values, 0); } } fprintf(fp, "--- Statistics Dump --- (%lu)\n", (unsigned long)now); return (ISC_R_SUCCESS); /* this function currently always succeeds */ }
static void initialize(void) { RUNTIME_CHECK(isc_mutex_init(&createlock) == ISC_R_SUCCESS); }
int main(int argc, char *argv[]) { isc_taskmgr_t *manager = NULL; isc_task_t *t1 = NULL, *t2 = NULL; isc_task_t *t3 = NULL, *t4 = NULL; isc_event_t *event; unsigned int workers; isc_timermgr_t *timgr; isc_timer_t *ti1, *ti2; struct isc_interval interval; if (argc > 1) { workers = atoi(argv[1]); if (workers < 1) workers = 1; if (workers > 8192) workers = 8192; } else workers = 2; printf("%d workers\n", workers); RUNTIME_CHECK(isc_mem_create(0, 0, &mctx) == ISC_R_SUCCESS); RUNTIME_CHECK(isc_taskmgr_create(mctx, workers, 0, &manager) == ISC_R_SUCCESS); RUNTIME_CHECK(isc_task_create(manager, 0, &t1) == ISC_R_SUCCESS); RUNTIME_CHECK(isc_task_create(manager, 0, &t2) == ISC_R_SUCCESS); RUNTIME_CHECK(isc_task_create(manager, 0, &t3) == ISC_R_SUCCESS); RUNTIME_CHECK(isc_task_create(manager, 0, &t4) == ISC_R_SUCCESS); RUNTIME_CHECK(isc_task_onshutdown(t1, my_shutdown, "1") == ISC_R_SUCCESS); RUNTIME_CHECK(isc_task_onshutdown(t2, my_shutdown, "2") == ISC_R_SUCCESS); RUNTIME_CHECK(isc_task_onshutdown(t3, my_shutdown, "3") == ISC_R_SUCCESS); RUNTIME_CHECK(isc_task_onshutdown(t4, my_shutdown, "4") == ISC_R_SUCCESS); timgr = NULL; RUNTIME_CHECK(isc_timermgr_create(mctx, &timgr) == ISC_R_SUCCESS); ti1 = NULL; isc_interval_set(&interval, 1, 0); RUNTIME_CHECK(isc_timer_create(timgr, isc_timertype_ticker, NULL, &interval, t1, my_tick, "foo", &ti1) == ISC_R_SUCCESS); ti2 = NULL; isc_interval_set(&interval, 1, 0); RUNTIME_CHECK(isc_timer_create(timgr, isc_timertype_ticker, NULL, &interval, t2, my_tick, "bar", &ti2) == ISC_R_SUCCESS); printf("task 1 = %p\n", t1); printf("task 2 = %p\n", t2); sleep(2); /* * Note: (void *)1 is used as a sender here, since some compilers * don't like casting a function pointer to a (void *). * * In a real use, it is more likely the sender would be a * structure (socket, timer, task, etc) but this is just a test * program. */ event = isc_event_allocate(mctx, (void *)1, 1, my_callback, "1", sizeof(*event)); isc_task_send(t1, &event); event = isc_event_allocate(mctx, (void *)1, 1, my_callback, "1", sizeof(*event)); isc_task_send(t1, &event); event = isc_event_allocate(mctx, (void *)1, 1, my_callback, "1", sizeof(*event)); isc_task_send(t1, &event); event = isc_event_allocate(mctx, (void *)1, 1, my_callback, "1", sizeof(*event)); isc_task_send(t1, &event); event = isc_event_allocate(mctx, (void *)1, 1, my_callback, "1", sizeof(*event)); isc_task_send(t1, &event); event = isc_event_allocate(mctx, (void *)1, 1, my_callback, "1", sizeof(*event)); isc_task_send(t1, &event); event = isc_event_allocate(mctx, (void *)1, 1, my_callback, "1", sizeof(*event)); isc_task_send(t1, &event); event = isc_event_allocate(mctx, (void *)1, 1, my_callback, "1", sizeof(*event)); isc_task_send(t1, &event); event = isc_event_allocate(mctx, (void *)1, 1, my_callback, "1", sizeof(*event)); isc_task_send(t1, &event); event = isc_event_allocate(mctx, (void *)1, 1, my_callback, "2", sizeof(*event)); isc_task_send(t2, &event); event = isc_event_allocate(mctx, (void *)1, 1, my_callback, "3", sizeof(*event)); isc_task_send(t3, &event); event = isc_event_allocate(mctx, (void *)1, 1, my_callback, "4", sizeof(*event)); isc_task_send(t4, &event); event = isc_event_allocate(mctx, (void *)1, 1, my_callback, "2", sizeof(*event)); isc_task_send(t2, &event); event = isc_event_allocate(mctx, (void *)1, 1, my_callback, "3", sizeof(*event)); isc_task_send(t3, &event); event = isc_event_allocate(mctx, (void *)1, 1, my_callback, "4", sizeof(*event)); isc_task_send(t4, &event); isc_task_purgerange(t3, NULL, ISC_EVENTTYPE_FIRSTEVENT, ISC_EVENTTYPE_LASTEVENT, NULL); isc_task_detach(&t1); isc_task_detach(&t2); isc_task_detach(&t3); isc_task_detach(&t4); sleep(10); printf("destroy\n"); isc_timer_detach(&ti1); isc_timer_detach(&ti2); isc_timermgr_destroy(&timgr); isc_taskmgr_destroy(&manager); printf("destroyed\n"); isc_mem_stats(mctx, stdout); isc_mem_destroy(&mctx); return (0); }
static void initialize(void) { RUNTIME_CHECK(isc_once_do(&once, initialize_action) == ISC_R_SUCCESS); }
isc_result_t dns_ncache_addoptout(dns_message_t *message, dns_db_t *cache, dns_dbnode_t *node, dns_rdatatype_t covers, isc_stdtime_t now, dns_ttl_t maxttl, isc_boolean_t optout, dns_rdataset_t *addedrdataset) { isc_result_t result; isc_buffer_t buffer; isc_region_t r; dns_rdataset_t *rdataset; dns_rdatatype_t type; dns_name_t *name; dns_ttl_t ttl; dns_trust_t trust; dns_rdata_t rdata[DNS_NCACHE_RDATA]; dns_rdataset_t ncrdataset; dns_rdatalist_t ncrdatalist; unsigned char data[4096]; unsigned int next = 0; /* * Convert the authority data from 'message' into a negative cache * rdataset, and store it in 'cache' at 'node'. */ REQUIRE(message != NULL); /* * We assume that all data in the authority section has been * validated by the caller. */ /* * Initialize the list. */ ncrdatalist.rdclass = dns_db_class(cache); ncrdatalist.type = 0; ncrdatalist.covers = covers; ncrdatalist.ttl = maxttl; ISC_LIST_INIT(ncrdatalist.rdata); ISC_LINK_INIT(&ncrdatalist, link); /* * Build an ncache rdatas into buffer. */ ttl = maxttl; trust = 0xffff; isc_buffer_init(&buffer, data, sizeof(data)); if (message->counts[DNS_SECTION_AUTHORITY]) result = dns_message_firstname(message, DNS_SECTION_AUTHORITY); else result = ISC_R_NOMORE; while (result == ISC_R_SUCCESS) { name = NULL; dns_message_currentname(message, DNS_SECTION_AUTHORITY, &name); if ((name->attributes & DNS_NAMEATTR_NCACHE) != 0) { for (rdataset = ISC_LIST_HEAD(name->list); rdataset != NULL; rdataset = ISC_LIST_NEXT(rdataset, link)) { if ((rdataset->attributes & DNS_RDATASETATTR_NCACHE) == 0) continue; type = rdataset->type; if (type == dns_rdatatype_rrsig) type = rdataset->covers; if (type == dns_rdatatype_soa || type == dns_rdatatype_nsec || type == dns_rdatatype_nsec3) { if (ttl > rdataset->ttl) ttl = rdataset->ttl; if (trust > rdataset->trust) trust = rdataset->trust; /* * Copy the owner name to the buffer. */ dns_name_toregion(name, &r); result = isc_buffer_copyregion(&buffer, &r); if (result != ISC_R_SUCCESS) return (result); /* * Copy the type to the buffer. */ isc_buffer_availableregion(&buffer, &r); if (r.length < 3) return (ISC_R_NOSPACE); isc_buffer_putuint16(&buffer, rdataset->type); isc_buffer_putuint8(&buffer, (unsigned char)rdataset->trust); /* * Copy the rdataset into the buffer. */ result = copy_rdataset(rdataset, &buffer); if (result != ISC_R_SUCCESS) return (result); if (next >= DNS_NCACHE_RDATA) return (ISC_R_NOSPACE); dns_rdata_init(&rdata[next]); isc_buffer_remainingregion(&buffer, &r); rdata[next].data = r.base; rdata[next].length = r.length; rdata[next].rdclass = ncrdatalist.rdclass; rdata[next].type = 0; rdata[next].flags = 0; ISC_LIST_APPEND(ncrdatalist.rdata, &rdata[next], link); isc_buffer_forward(&buffer, r.length); next++; } } } result = dns_message_nextname(message, DNS_SECTION_AUTHORITY); } if (result != ISC_R_NOMORE) return (result); if (trust == 0xffff) { if ((message->flags & DNS_MESSAGEFLAG_AA) != 0 && message->counts[DNS_SECTION_ANSWER] == 0) { /* * The response has aa set and we haven't followed * any CNAME or DNAME chains. */ trust = dns_trust_authauthority; } else trust = dns_trust_additional; ttl = 0; } INSIST(trust != 0xffff); ncrdatalist.ttl = ttl; dns_rdataset_init(&ncrdataset); RUNTIME_CHECK(dns_rdatalist_tordataset(&ncrdatalist, &ncrdataset) == ISC_R_SUCCESS); ncrdataset.trust = trust; ncrdataset.attributes |= DNS_RDATASETATTR_NEGATIVE; if (message->rcode == dns_rcode_nxdomain) ncrdataset.attributes |= DNS_RDATASETATTR_NXDOMAIN; if (optout) ncrdataset.attributes |= DNS_RDATASETATTR_OPTOUT; return (dns_db_addrdataset(cache, node, NULL, now, &ncrdataset, 0, addedrdataset)); }