"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "server.c" between
nsd-4.3.5.tar.gz and nsd-4.3.6.tar.gz

About: NSD is an authoritative only, high performance, simple name server daemon.

server.c  (nsd-4.3.5):server.c  (nsd-4.3.6)
skipping to change at line 90 skipping to change at line 90
#include "udb.h" #include "udb.h"
#include "remote.h" #include "remote.h"
#include "lookup3.h" #include "lookup3.h"
#include "rrl.h" #include "rrl.h"
#ifdef USE_DNSTAP #ifdef USE_DNSTAP
#include "dnstap/dnstap_collector.h" #include "dnstap/dnstap_collector.h"
#endif #endif
#define RELOAD_SYNC_TIMEOUT 25 /* seconds */ #define RELOAD_SYNC_TIMEOUT 25 /* seconds */
#ifdef USE_DNSTAP
/*
* log_addr() - the function to print sockaddr_in/sockaddr_in6 structures conten
t
* just like its done in Unbound via the same log_addr(VERB_LEVEL, const char*,
sockaddr_storage*)
*/
static void
log_addr(const char* descr,
#ifdef INET6
struct sockaddr_storage* addr,
#else
struct sockaddr_in* addr,
#endif
short family)
{
char str_buf[64];
if(verbosity < 6)
return;
if(family == AF_INET) {
struct sockaddr_in* s = (struct sockaddr_in*)addr;
inet_ntop(AF_INET, &s->sin_addr.s_addr, str_buf, sizeof(str_buf))
;
VERBOSITY(6, (LOG_INFO, "%s: address is: %s, port is: %d", descr,
str_buf, ntohs(s->sin_port)));
#ifdef INET6
} else {
struct sockaddr_in6* s6 = (struct sockaddr_in6*)addr;
inet_ntop(AF_INET6, &s6->sin6_addr.s6_addr, str_buf, sizeof(str_b
uf));
VERBOSITY(6, (LOG_INFO, "%s: address is: %s, port is: %d", descr,
str_buf, ntohs(s6->sin6_port)));
#endif
}
}
#endif /* USE_DNSTAP */
#ifdef USE_TCP_FASTOPEN #ifdef USE_TCP_FASTOPEN
#define TCP_FASTOPEN_FILE "/proc/sys/net/ipv4/tcp_fastopen" #define TCP_FASTOPEN_FILE "/proc/sys/net/ipv4/tcp_fastopen"
#define TCP_FASTOPEN_SERVER_BIT_MASK 0x2 #define TCP_FASTOPEN_SERVER_BIT_MASK 0x2
#endif #endif
/* /*
* Data for the UDP handlers. * Data for the UDP handlers.
*/ */
struct udp_handler_data struct udp_handler_data
{ {
skipping to change at line 217 skipping to change at line 248
/* /*
* The timeout in msec for this tcp connection * The timeout in msec for this tcp connection
*/ */
int tcp_timeout; int tcp_timeout;
/* /*
* If the connection is allowed to have further queries on it. * If the connection is allowed to have further queries on it.
*/ */
int tcp_no_more_queries; int tcp_no_more_queries;
#ifdef USE_DNSTAP
/* the socket of the accept socket to find proper service (local) address
the socket is bound to. */
struct nsd_socket *socket;
#endif /* USE_DNSTAP */
#ifdef HAVE_SSL #ifdef HAVE_SSL
/* /*
* TLS object. * TLS object.
*/ */
SSL* tls; SSL* tls;
/* /*
* TLS handshake state. * TLS handshake state.
*/ */
enum { tls_hs_none, tls_hs_read, tls_hs_write, enum { tls_hs_none, tls_hs_read, tls_hs_write,
skipping to change at line 3301 skipping to change at line 3338
if (data->socket->addr.ai_family == AF_INET) { if (data->socket->addr.ai_family == AF_INET) {
STATUP(data->nsd, qudp); STATUP(data->nsd, qudp);
} else if (data->socket->addr.ai_family == AF_INET6) { } else if (data->socket->addr.ai_family == AF_INET6) {
STATUP(data->nsd, qudp6); STATUP(data->nsd, qudp6);
} }
#endif #endif
buffer_skip(q->packet, received); buffer_skip(q->packet, received);
buffer_flip(q->packet); buffer_flip(q->packet);
#ifdef USE_DNSTAP #ifdef USE_DNSTAP
dt_collector_submit_auth_query(data->nsd, &q->addr, q->addrlen, /*
* sending UDP-query with server address (local) and client addre
ss to dnstap process
*/
log_addr("query from client", &q->addr, data->socket->addr.ai_fam
ily);
log_addr("to server (local)", &data->socket->addr.ai_addr, data->
socket->addr.ai_family);
dt_collector_submit_auth_query(data->nsd, &data->socket->addr.ai_
addr, &q->addr, q->addrlen,
q->tcp, q->packet); q->tcp, q->packet);
#endif /* USE_DNSTAP */ #endif /* USE_DNSTAP */
/* Process and answer the query... */ /* Process and answer the query... */
if (server_process_query_udp(data->nsd, q) != QUERY_DISCARDED) { if (server_process_query_udp(data->nsd, q) != QUERY_DISCARDED) {
if (RCODE(q->packet) == RCODE_OK && !AA(q->packet)) { if (RCODE(q->packet) == RCODE_OK && !AA(q->packet)) {
STATUP(data->nsd, nona); STATUP(data->nsd, nona);
ZTATUP(data->nsd, q->zone, nona); ZTATUP(data->nsd, q->zone, nona);
} }
skipping to change at line 3335 skipping to change at line 3377
#ifdef BIND8_STATS #ifdef BIND8_STATS
/* Account the rcode & TC... */ /* Account the rcode & TC... */
STATUP2(data->nsd, rcode, RCODE(q->packet)); STATUP2(data->nsd, rcode, RCODE(q->packet));
ZTATUP2(data->nsd, q->zone, rcode, RCODE(q->packet)); ZTATUP2(data->nsd, q->zone, rcode, RCODE(q->packet));
if (TC(q->packet)) { if (TC(q->packet)) {
STATUP(data->nsd, truncated); STATUP(data->nsd, truncated);
ZTATUP(data->nsd, q->zone, truncated); ZTATUP(data->nsd, q->zone, truncated);
} }
#endif /* BIND8_STATS */ #endif /* BIND8_STATS */
#ifdef USE_DNSTAP #ifdef USE_DNSTAP
dt_collector_submit_auth_response(data->nsd, /*
* sending UDP-response with server address (local) and c
lient address to dnstap process
*/
log_addr("from server (local)", &data->socket->addr.ai_ad
dr, data->socket->addr.ai_family);
log_addr("response to client", &q->addr, data->socket->ad
dr.ai_family);
dt_collector_submit_auth_response(data->nsd, &data->socke
t->addr.ai_addr,
&q->addr, q->addrlen, q->tcp, q->packet, &q->addr, q->addrlen, q->tcp, q->packet,
q->zone); q->zone);
#endif /* USE_DNSTAP */ #endif /* USE_DNSTAP */
} else { } else {
query_reset(queries[i], UDP_MAX_MESSAGE_LEN, 0); query_reset(queries[i], UDP_MAX_MESSAGE_LEN, 0);
iovecs[i].iov_len = buffer_remaining(q->packet); iovecs[i].iov_len = buffer_remaining(q->packet);
msgs[i].msg_hdr.msg_namelen = queries[i]->addrlen; msgs[i].msg_hdr.msg_namelen = queries[i]->addrlen;
swap_drop: swap_drop:
STATUP(data->nsd, dropped); STATUP(data->nsd, dropped);
ZTATUP(data->nsd, q->zone, dropped); ZTATUP(data->nsd, q->zone, dropped);
skipping to change at line 3637 skipping to change at line 3684
#endif #endif
#endif /* BIND8_STATS */ #endif /* BIND8_STATS */
/* We have a complete query, process it. */ /* We have a complete query, process it. */
/* tcp-query-count: handle query counter ++ */ /* tcp-query-count: handle query counter ++ */
data->query_count++; data->query_count++;
buffer_flip(data->query->packet); buffer_flip(data->query->packet);
#ifdef USE_DNSTAP #ifdef USE_DNSTAP
dt_collector_submit_auth_query(data->nsd, &data->query->addr, /*
* and send TCP-query with found address (local) and client address to dn
stap process
*/
log_addr("query from client", &data->query->addr, data->query->addr.ss_fa
mily);
log_addr("to server (local)", &data->socket->addr.ai_addr, data->query->a
ddr.ss_family);
dt_collector_submit_auth_query(data->nsd, &data->socket->addr.ai_addr, &d
ata->query->addr,
data->query->addrlen, data->query->tcp, data->query->packet); data->query->addrlen, data->query->tcp, data->query->packet);
#endif /* USE_DNSTAP */ #endif /* USE_DNSTAP */
data->query_state = server_process_query(data->nsd, data->query); data->query_state = server_process_query(data->nsd, data->query);
if (data->query_state == QUERY_DISCARDED) { if (data->query_state == QUERY_DISCARDED) {
/* Drop the packet and the entire connection... */ /* Drop the packet and the entire connection... */
STATUP(data->nsd, dropped); STATUP(data->nsd, dropped);
ZTATUP(data->nsd, data->query->zone, dropped); ZTATUP(data->nsd, data->query->zone, dropped);
cleanup_tcp_handler(data); cleanup_tcp_handler(data);
return; return;
} }
skipping to change at line 3685 skipping to change at line 3737
#ifdef BIND8_STATS #ifdef BIND8_STATS
/* Account the rcode & TC... */ /* Account the rcode & TC... */
STATUP2(data->nsd, rcode, RCODE(data->query->packet)); STATUP2(data->nsd, rcode, RCODE(data->query->packet));
ZTATUP2(data->nsd, data->query->zone, rcode, RCODE(data->query->packet)); ZTATUP2(data->nsd, data->query->zone, rcode, RCODE(data->query->packet));
if (TC(data->query->packet)) { if (TC(data->query->packet)) {
STATUP(data->nsd, truncated); STATUP(data->nsd, truncated);
ZTATUP(data->nsd, data->query->zone, truncated); ZTATUP(data->nsd, data->query->zone, truncated);
} }
#endif /* BIND8_STATS */ #endif /* BIND8_STATS */
#ifdef USE_DNSTAP #ifdef USE_DNSTAP
dt_collector_submit_auth_response(data->nsd, &data->query->addr, /*
* sending TCP-response with found (earlier) address (local) and client a
ddress to dnstap process
*/
log_addr("from server (local)", &data->socket->addr.ai_addr, data->query-
>addr.ss_family);
log_addr("response to client", &data->query->addr, data->query->addr.ss_f
amily);
dt_collector_submit_auth_response(data->nsd, &data->socket->addr.ai_addr,
&data->query->addr,
data->query->addrlen, data->query->tcp, data->query->packet, data->query->addrlen, data->query->tcp, data->query->packet,
data->query->zone); data->query->zone);
#endif /* USE_DNSTAP */ #endif /* USE_DNSTAP */
data->bytes_transmitted = 0; data->bytes_transmitted = 0;
timeout.tv_sec = data->tcp_timeout / 1000; timeout.tv_sec = data->tcp_timeout / 1000;
timeout.tv_usec = (data->tcp_timeout % 1000)*1000; timeout.tv_usec = (data->tcp_timeout % 1000)*1000;
ev_base = data->event.ev_base; ev_base = data->event.ev_base;
event_del(&data->event); event_del(&data->event);
skipping to change at line 4115 skipping to change at line 4172
} }
#endif #endif
/* We have a complete query, process it. */ /* We have a complete query, process it. */
/* tcp-query-count: handle query counter ++ */ /* tcp-query-count: handle query counter ++ */
data->query_count++; data->query_count++;
buffer_flip(data->query->packet); buffer_flip(data->query->packet);
#ifdef USE_DNSTAP #ifdef USE_DNSTAP
dt_collector_submit_auth_query(data->nsd, &data->query->addr, /*
* and send TCP-query with found address (local) and client address to dn
stap process
*/
log_addr("query from client", &data->query->addr, data->query->addr.ss_fa
mily);
log_addr("to server (local)", &data->socket->addr.ai_addr, data->query->a
ddr.ss_family);
dt_collector_submit_auth_query(data->nsd, &data->socket->addr.ai_addr, &d
ata->query->addr,
data->query->addrlen, data->query->tcp, data->query->packet); data->query->addrlen, data->query->tcp, data->query->packet);
#endif /* USE_DNSTAP */ #endif /* USE_DNSTAP */
data->query_state = server_process_query(data->nsd, data->query); data->query_state = server_process_query(data->nsd, data->query);
if (data->query_state == QUERY_DISCARDED) { if (data->query_state == QUERY_DISCARDED) {
/* Drop the packet and the entire connection... */ /* Drop the packet and the entire connection... */
STATUP(data->nsd, dropped); STATUP(data->nsd, dropped);
ZTATUP(data->nsd, data->query->zone, dropped); ZTATUP(data->nsd, data->query->zone, dropped);
cleanup_tcp_handler(data); cleanup_tcp_handler(data);
return; return;
} }
skipping to change at line 4163 skipping to change at line 4225
#ifdef BIND8_STATS #ifdef BIND8_STATS
/* Account the rcode & TC... */ /* Account the rcode & TC... */
STATUP2(data->nsd, rcode, RCODE(data->query->packet)); STATUP2(data->nsd, rcode, RCODE(data->query->packet));
ZTATUP2(data->nsd, data->query->zone, rcode, RCODE(data->query->packet)); ZTATUP2(data->nsd, data->query->zone, rcode, RCODE(data->query->packet));
if (TC(data->query->packet)) { if (TC(data->query->packet)) {
STATUP(data->nsd, truncated); STATUP(data->nsd, truncated);
ZTATUP(data->nsd, data->query->zone, truncated); ZTATUP(data->nsd, data->query->zone, truncated);
} }
#endif /* BIND8_STATS */ #endif /* BIND8_STATS */
#ifdef USE_DNSTAP #ifdef USE_DNSTAP
dt_collector_submit_auth_response(data->nsd, &data->query->addr, /*
* sending TCP-response with found (earlier) address (local) and client a
ddress to dnstap process
*/
log_addr("from server (local)", &data->socket->addr.ai_addr, data->query-
>addr.ss_family);
log_addr("response to client", &data->query->addr, data->query->addr.ss_f
amily);
dt_collector_submit_auth_response(data->nsd, &data->socket->addr.ai_addr,
&data->query->addr,
data->query->addrlen, data->query->tcp, data->query->packet, data->query->addrlen, data->query->tcp, data->query->packet,
data->query->zone); data->query->zone);
#endif /* USE_DNSTAP */ #endif /* USE_DNSTAP */
data->bytes_transmitted = 0; data->bytes_transmitted = 0;
tcp_handler_setup_event(data, handle_tls_writing, fd, EV_PERSIST | EV_WRI TE | EV_TIMEOUT); tcp_handler_setup_event(data, handle_tls_writing, fd, EV_PERSIST | EV_WRI TE | EV_TIMEOUT);
/* see if we can write the answer right away(usually so,EAGAIN ifnot)*/ /* see if we can write the answer right away(usually so,EAGAIN ifnot)*/
handle_tls_writing(fd, EV_WRITE, data); handle_tls_writing(fd, EV_WRITE, data);
} }
skipping to change at line 4448 skipping to change at line 4515
tcp_data->tcp_no_more_queries = 0; tcp_data->tcp_no_more_queries = 0;
tcp_data->tcp_timeout = data->nsd->tcp_timeout * 1000; tcp_data->tcp_timeout = data->nsd->tcp_timeout * 1000;
if (data->nsd->current_tcp_count > data->nsd->maximum_tcp_count/2) { if (data->nsd->current_tcp_count > data->nsd->maximum_tcp_count/2) {
/* very busy, give smaller timeout */ /* very busy, give smaller timeout */
tcp_data->tcp_timeout = 200; tcp_data->tcp_timeout = 200;
} }
memset(&tcp_data->event, 0, sizeof(tcp_data->event)); memset(&tcp_data->event, 0, sizeof(tcp_data->event));
timeout.tv_sec = tcp_data->tcp_timeout / 1000; timeout.tv_sec = tcp_data->tcp_timeout / 1000;
timeout.tv_usec = (tcp_data->tcp_timeout % 1000)*1000; timeout.tv_usec = (tcp_data->tcp_timeout % 1000)*1000;
#ifdef USE_DNSTAP
/* save the address of the connection */
tcp_data->socket = data->socket;
#endif /* USE_DNSTAP */
#ifdef HAVE_SSL #ifdef HAVE_SSL
if (data->tls_accept) { if (data->tls_accept) {
tcp_data->tls = incoming_ssl_fd(tcp_data->nsd->tls_ctx, s); tcp_data->tls = incoming_ssl_fd(tcp_data->nsd->tls_ctx, s);
if(!tcp_data->tls) { if(!tcp_data->tls) {
close(s); close(s);
return; return;
} }
tcp_data->shake_state = tls_hs_read; tcp_data->shake_state = tls_hs_read;
memset(&tcp_data->event, 0, sizeof(tcp_data->event)); memset(&tcp_data->event, 0, sizeof(tcp_data->event));
event_set(&tcp_data->event, s, EV_PERSIST | EV_READ | EV_TIMEOUT, event_set(&tcp_data->event, s, EV_PERSIST | EV_READ | EV_TIMEOUT,
 End of changes. 9 change blocks. 
6 lines changed or deleted 109 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)