"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "remote.c" between
nsd-4.3.6.tar.gz and nsd-4.3.7.tar.gz

About: NSD is an authoritative only, high performance, simple name server daemon.

remote.c  (nsd-4.3.6):remote.c  (nsd-4.3.7)
skipping to change at line 2163 skipping to change at line 2163
(void)ssl_printf(ssl, "error: key: %s is in use and cannot be del eted\n", arg); (void)ssl_printf(ssl, "error: key: %s is in use and cannot be del eted\n", arg);
return; return;
} else { } else {
remove_key(xfrd, arg); remove_key(xfrd, arg);
log_msg(LOG_INFO, "key: %s is successfully deleted\n", arg); log_msg(LOG_INFO, "key: %s is successfully deleted\n", arg);
} }
send_ok(ssl); send_ok(ssl);
} }
/* returns `0` on failure */
static int
cookie_secret_file_dump(RES* ssl, nsd_type const* nsd) {
char const* secret_file = nsd->options->cookie_secret_file;
char secret_hex[NSD_COOKIE_SECRET_SIZE * 2 + 1];
FILE* f;
size_t i;
assert( secret_file != NULL );
/* open write only and truncate */
if((f = fopen(secret_file, "w")) == NULL ) {
(void)ssl_printf(ssl, "unable to open cookie secret file %s: %s",
secret_file, strerror(errno));
return 0;
}
for(i = 0; i < nsd->cookie_count; i++) {
struct cookie_secret const* cs = &nsd->cookie_secrets[i];
ssize_t const len = hex_ntop(cs->cookie_secret, NSD_COOKIE_SECRET
_SIZE,
secret_hex, sizeof(secret_hex));
(void)len; /* silence unused variable warning with -DNDEBUG */
assert( len == NSD_COOKIE_SECRET_SIZE * 2 );
secret_hex[NSD_COOKIE_SECRET_SIZE * 2] = '\0';
fprintf(f, "%s\n", secret_hex);
}
explicit_bzero(secret_hex, sizeof(secret_hex));
fclose(f);
return 1;
}
static void
do_activate_cookie_secret(RES* ssl, xfrd_state_type* xrfd, char* arg) {
nsd_type* nsd = xrfd->nsd;
(void)arg;
if(nsd->cookie_count <= 1 ) {
(void)ssl_printf(ssl, "error: no staging cookie secret to activat
e\n");
return;
}
if(!nsd->options->cookie_secret_file || !nsd->options->cookie_secret_file
[0]) {
(void)ssl_printf(ssl, "error: no cookie secret file configured\n"
);
return;
}
if(!cookie_secret_file_dump(ssl, nsd)) {
(void)ssl_printf(ssl, "error: writing to cookie secret file: \"%s
\"\n",
nsd->options->cookie_secret_file);
return;
}
activate_cookie_secret(nsd);
(void)cookie_secret_file_dump(ssl, nsd);
task_new_activate_cookie_secret(xfrd->nsd->task[xfrd->nsd->mytask],
xfrd->last_task);
xfrd_set_reload_now(xfrd);
send_ok(ssl);
}
static void
do_drop_cookie_secret(RES* ssl, xfrd_state_type* xrfd, char* arg) {
nsd_type* nsd = xrfd->nsd;
(void)arg;
if(nsd->cookie_count <= 1 ) {
(void)ssl_printf(ssl, "error: can not drop the currently active c
ookie secret\n");
return;
}
if(!nsd->options->cookie_secret_file || !nsd->options->cookie_secret_file
[0]) {
(void)ssl_printf(ssl, "error: no cookie secret file configured\n"
);
return;
}
if(!cookie_secret_file_dump(ssl, nsd)) {
(void)ssl_printf(ssl, "error: writing to cookie secret file: \"%s
\"\n",
nsd->options->cookie_secret_file);
return;
}
drop_cookie_secret(nsd);
(void)cookie_secret_file_dump(ssl, nsd);
task_new_drop_cookie_secret(xfrd->nsd->task[xfrd->nsd->mytask],
xfrd->last_task);
xfrd_set_reload_now(xfrd);
send_ok(ssl);
}
static void
do_add_cookie_secret(RES* ssl, xfrd_state_type* xrfd, char* arg) {
nsd_type* nsd = xrfd->nsd;
uint8_t secret[NSD_COOKIE_SECRET_SIZE];
if(*arg == '\0') {
(void)ssl_printf(ssl, "error: missing argument (cookie_secret)\n"
);
return;
}
if(strlen(arg) != 32) {
explicit_bzero(arg, strlen(arg));
(void)ssl_printf(ssl, "invalid cookie secret: invalid argument le
ngth\n");
(void)ssl_printf(ssl, "please provide a 128bit hex encoded secret
\n");
return;
}
if(hex_pton(arg, secret, NSD_COOKIE_SECRET_SIZE) != NSD_COOKIE_SECRET_SIZ
E ) {
explicit_bzero(secret, NSD_COOKIE_SECRET_SIZE);
explicit_bzero(arg, strlen(arg));
(void)ssl_printf(ssl, "invalid cookie secret: parse error\n");
(void)ssl_printf(ssl, "please provide a 128bit hex encoded secret
\n");
return;
}
if(!nsd->options->cookie_secret_file || !nsd->options->cookie_secret_file
[0]) {
explicit_bzero(secret, NSD_COOKIE_SECRET_SIZE);
explicit_bzero(arg, strlen(arg));
(void)ssl_printf(ssl, "error: no cookie secret file configured\n"
);
return;
}
if(!cookie_secret_file_dump(ssl, nsd)) {
explicit_bzero(secret, NSD_COOKIE_SECRET_SIZE);
explicit_bzero(arg, strlen(arg));
(void)ssl_printf(ssl, "error: writing to cookie secret file: \"%s
\"\n",
nsd->options->cookie_secret_file);
return;
}
add_cookie_secret(nsd, secret);
explicit_bzero(secret, NSD_COOKIE_SECRET_SIZE);
(void)cookie_secret_file_dump(ssl, nsd);
task_new_add_cookie_secret(xfrd->nsd->task[xfrd->nsd->mytask],
xfrd->last_task, arg);
explicit_bzero(arg, strlen(arg));
xfrd_set_reload_now(xfrd);
send_ok(ssl);
}
static void
do_print_cookie_secrets(RES* ssl, xfrd_state_type* xrfd, char* arg) {
nsd_type* nsd = xrfd->nsd;
char secret_hex[NSD_COOKIE_SECRET_SIZE * 2 + 1];
int i;
(void)arg;
/* (void)ssl_printf(ssl, "cookie_secret_count=%zu\n", nsd->cookie_count);
*/
for(i = 0; (size_t)i < nsd->cookie_count; i++) {
struct cookie_secret const* cs = &nsd->cookie_secrets[i];
ssize_t const len = hex_ntop(cs->cookie_secret, NSD_COOKIE_SECRET
_SIZE,
secret_hex, sizeof(secret_hex));
(void)len; /* silence unused variable warning with -DNDEBUG */
assert( len == NSD_COOKIE_SECRET_SIZE * 2 );
secret_hex[NSD_COOKIE_SECRET_SIZE * 2] = '\0';
if (i == 0)
(void)ssl_printf(ssl, "active : %s\n", secret_hex);
else if (nsd->cookie_count == 2)
(void)ssl_printf(ssl, "staging: %s\n", secret_hex);
else
(void)ssl_printf(ssl, "staging[%d]: %s\n", i, secret_hex)
;
}
explicit_bzero(secret_hex, sizeof(secret_hex));
}
/** check for name with end-of-string, space or tab after it */ /** check for name with end-of-string, space or tab after it */
static int static int
cmdcmp(char* p, const char* cmd, size_t len) cmdcmp(char* p, const char* cmd, size_t len)
{ {
return strncmp(p,cmd,len)==0 && (p[len]==0||p[len]==' '||p[len]=='\t'); return strncmp(p,cmd,len)==0 && (p[len]==0||p[len]==' '||p[len]=='\t');
} }
/** execute a remote control command */ /** execute a remote control command */
static void static void
execute_cmd(struct daemon_remote* rc, RES* ssl, char* cmd, struct rc_state* rs) execute_cmd(struct daemon_remote* rc, RES* ssl, char* cmd, struct rc_state* rs)
skipping to change at line 2226 skipping to change at line 2377
} else if(cmdcmp(p, "print_tsig", 10)) { } else if(cmdcmp(p, "print_tsig", 10)) {
do_print_tsig(ssl, rc->xfrd, skipwhite(p+10)); do_print_tsig(ssl, rc->xfrd, skipwhite(p+10));
} else if(cmdcmp(p, "update_tsig", 11)) { } else if(cmdcmp(p, "update_tsig", 11)) {
do_update_tsig(ssl, rc->xfrd, skipwhite(p+11)); do_update_tsig(ssl, rc->xfrd, skipwhite(p+11));
} else if(cmdcmp(p, "add_tsig", 8)) { } else if(cmdcmp(p, "add_tsig", 8)) {
do_add_tsig(ssl, rc->xfrd, skipwhite(p+8)); do_add_tsig(ssl, rc->xfrd, skipwhite(p+8));
} else if(cmdcmp(p, "assoc_tsig", 10)) { } else if(cmdcmp(p, "assoc_tsig", 10)) {
do_assoc_tsig(ssl, rc->xfrd, skipwhite(p+10)); do_assoc_tsig(ssl, rc->xfrd, skipwhite(p+10));
} else if(cmdcmp(p, "del_tsig", 8)) { } else if(cmdcmp(p, "del_tsig", 8)) {
do_del_tsig(ssl, rc->xfrd, skipwhite(p+8)); do_del_tsig(ssl, rc->xfrd, skipwhite(p+8));
} else if(cmdcmp(p, "add_cookie_secret", 17)) {
do_add_cookie_secret(ssl, rc->xfrd, skipwhite(p+17));
} else if(cmdcmp(p, "drop_cookie_secret", 18)) {
do_drop_cookie_secret(ssl, rc->xfrd, skipwhite(p+18));
} else if(cmdcmp(p, "print_cookie_secrets", 20)) {
do_print_cookie_secrets(ssl, rc->xfrd, skipwhite(p+20));
} else if(cmdcmp(p, "activate_cookie_secret", 22)) {
do_activate_cookie_secret(ssl, rc->xfrd, skipwhite(p+22));
} else { } else {
(void)ssl_printf(ssl, "error unknown command '%s'\n", p); (void)ssl_printf(ssl, "error unknown command '%s'\n", p);
} }
} }
/** handle remote control request */ /** handle remote control request */
static void static void
handle_req(struct daemon_remote* rc, struct rc_state* s, RES* res) handle_req(struct daemon_remote* rc, struct rc_state* s, RES* res)
{ {
int r; int r;
 End of changes. 2 change blocks. 
0 lines changed or deleted 179 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)