]> git.saurik.com Git - apple/network_cmds.git/blame - unbound/daemon/worker.c
projects / apple / network_cmds.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
network_cmds-543.200.16.tar.gz
[apple/network_cmds.git] / unbound / daemon / worker.c
CommitLineData
89c4ed63
A		 1/*
2 * daemon/worker.c - worker that handles a pending list of requests.
3 *
4 * Copyright (c) 2007, NLnet Labs. All rights reserved.
5 *
6 * This software is open source.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * Redistributions of source code must retain the above copyright notice,
13 * this list of conditions and the following disclaimer.
14 *
15 * Redistributions in binary form must reproduce the above copyright notice,
16 * this list of conditions and the following disclaimer in the documentation
17 * and/or other materials provided with the distribution.
18 *
19 * Neither the name of the NLNET LABS nor the names of its contributors may
20 * be used to endorse or promote products derived from this software without
21 * specific prior written permission.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
24 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
25 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
26 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
27 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
28 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
29 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
30 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
31 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
32 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
33 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
34 */
35
36/**
37 * \file
38 *
39 * This file implements the worker that handles callbacks on events, for
40 * pending requests.
41 */
42#include "config.h"
43#include "util/log.h"
44#include "util/net_help.h"
45#include "util/random.h"
46#include "daemon/worker.h"
47#include "daemon/daemon.h"
48#include "daemon/remote.h"
49#include "daemon/acl_list.h"
50#include "util/netevent.h"
51#include "util/config_file.h"
52#include "util/module.h"
53#include "util/regional.h"
54#include "util/storage/slabhash.h"
55#include "services/listen_dnsport.h"
56#include "services/outside_network.h"
57#include "services/outbound_list.h"
58#include "services/cache/rrset.h"
59#include "services/cache/infra.h"
60#include "services/cache/dns.h"
61#include "services/mesh.h"
62#include "services/localzone.h"
63#include "util/data/msgparse.h"
64#include "util/data/msgencode.h"
65#include "util/data/dname.h"
66#include "util/fptr_wlist.h"
67#include "util/tube.h"
68#include "iterator/iter_fwd.h"
69#include "iterator/iter_hints.h"
70#include "validator/autotrust.h"
71#include "validator/val_anchor.h"
72#include "libunbound/context.h"
73#include "libunbound/libworker.h"
74#include "ldns/sbuffer.h"
75
76#ifdef HAVE_SYS_TYPES_H
77# include <sys/types.h>
78#endif
79#ifdef HAVE_NETDB_H
80#include <netdb.h>
81#endif
82#include <signal.h>
83#ifdef UB_ON_WINDOWS
84#include "winrc/win_svc.h"
85#endif
86
87/** Size of an UDP datagram */
88#define NORMAL_UDP_SIZE 512 /* bytes */
89
90/**
91 * seconds to add to prefetch leeway. This is a TTL that expires old rrsets
92 * earlier than they should in order to put the new update into the cache.
93 * This additional value is to make sure that if not all TTLs are equal in
94 * the message to be updated(and replaced), that rrsets with up to this much
95 * extra TTL are also replaced. This means that the resulting new message
96 * will have (most likely) this TTL at least, avoiding very small 'split
97 * second' TTLs due to operators choosing relative primes for TTLs (or so).
98 * Also has to be at least one to break ties (and overwrite cached entry).
99 */
100#define PREFETCH_EXPIRY_ADD 60
101
102#ifdef UNBOUND_ALLOC_STATS
103/** measure memory leakage */
104static void
105debug_memleak(size_t accounted, size_t heap,
106 size_t total_alloc, size_t total_free)
107{
108 static int init = 0;
109 static size_t base_heap, base_accounted, base_alloc, base_free;
110 size_t base_af, cur_af, grow_af, grow_acc;
111 if(!init) {
112 init = 1;
113 base_heap = heap;
114 base_accounted = accounted;
115 base_alloc = total_alloc;
116 base_free = total_free;
117 }
118 base_af = base_alloc - base_free;
119 cur_af = total_alloc - total_free;
120 grow_af = cur_af - base_af;
121 grow_acc = accounted - base_accounted;
122 log_info("Leakage: %d leaked. growth: %u use, %u acc, %u heap",
123 (int)(grow_af - grow_acc), (unsigned)grow_af,
124 (unsigned)grow_acc, (unsigned)(heap - base_heap));
125}
126
127/** give debug heap size indication */
128static void
129debug_total_mem(size_t calctotal)
130{
131#ifdef HAVE_SBRK
132 extern void* unbound_start_brk;
133 extern size_t unbound_mem_alloc, unbound_mem_freed;
134 void* cur = sbrk(0);
135 int total = cur-unbound_start_brk;
136 log_info("Total heap memory estimate: %u total-alloc: %u "
137 "total-free: %u", (unsigned)total,
138 (unsigned)unbound_mem_alloc, (unsigned)unbound_mem_freed);
139 debug_memleak(calctotal, (size_t)total,
140 unbound_mem_alloc, unbound_mem_freed);
141#else
142 (void)calctotal;
143#endif /* HAVE_SBRK */
144}
145#endif /* UNBOUND_ALLOC_STATS */
146
147/** Report on memory usage by this thread and global */
148static void
149worker_mem_report(struct worker* ATTR_UNUSED(worker),
150 struct serviced_query* ATTR_UNUSED(cur_serv))
151{
152#ifdef UNBOUND_ALLOC_STATS
153 /* debug func in validator module */
154 size_t total, front, back, mesh, msg, rrset, infra, ac, superac;
155 size_t me, iter, val, anch;
156 int i;
157 if(verbosity < VERB_ALGO)
158 return;
159 front = listen_get_mem(worker->front);
160 back = outnet_get_mem(worker->back);
161 msg = slabhash_get_mem(worker->env.msg_cache);
162 rrset = slabhash_get_mem(&worker->env.rrset_cache->table);
163 infra = infra_get_mem(worker->env.infra_cache);
164 mesh = mesh_get_mem(worker->env.mesh);
165 ac = alloc_get_mem(&worker->alloc);
166 superac = alloc_get_mem(&worker->daemon->superalloc);
167 anch = anchors_get_mem(worker->env.anchors);
168 iter = 0;
169 val = 0;
170 for(i=0; i<worker->env.mesh->mods.num; i++) {
171 fptr_ok(fptr_whitelist_mod_get_mem(worker->env.mesh->
172 mods.mod[i]->get_mem));
173 if(strcmp(worker->env.mesh->mods.mod[i]->name, "validator")==0)
174 val += (*worker->env.mesh->mods.mod[i]->get_mem)
175 (&worker->env, i);
176 else iter += (*worker->env.mesh->mods.mod[i]->get_mem)
177 (&worker->env, i);
178 }
179 me = sizeof(*worker) + sizeof(*worker->base) + sizeof(*worker->comsig)
180 + comm_point_get_mem(worker->cmd_com)
181 + sizeof(worker->rndstate)
182 + regional_get_mem(worker->scratchpad)
183 + sizeof(*worker->env.scratch_buffer)
184 + sldns_buffer_capacity(worker->env.scratch_buffer)
185 + forwards_get_mem(worker->env.fwds)
186 + hints_get_mem(worker->env.hints);
187 if(worker->thread_num == 0)
188 me += acl_list_get_mem(worker->daemon->acl);
189 if(cur_serv) {
190 me += serviced_get_mem(cur_serv);
191 }
192 total = front+back+mesh+msg+rrset+infra+iter+val+ac+superac+me;
193 log_info("Memory conditions: %u front=%u back=%u mesh=%u msg=%u "
194 "rrset=%u infra=%u iter=%u val=%u anchors=%u "
195 "alloccache=%u globalalloccache=%u me=%u",
196 (unsigned)total, (unsigned)front, (unsigned)back,
197 (unsigned)mesh, (unsigned)msg, (unsigned)rrset,
198 (unsigned)infra, (unsigned)iter, (unsigned)val, (unsigned)anch,
199 (unsigned)ac, (unsigned)superac, (unsigned)me);
200 debug_total_mem(total);
201#else /* no UNBOUND_ALLOC_STATS */
202 size_t val = 0;
203 int i;
204 if(verbosity < VERB_QUERY)
205 return;
206 for(i=0; i<worker->env.mesh->mods.num; i++) {
207 fptr_ok(fptr_whitelist_mod_get_mem(worker->env.mesh->
208 mods.mod[i]->get_mem));
209 if(strcmp(worker->env.mesh->mods.mod[i]->name, "validator")==0)
210 val += (*worker->env.mesh->mods.mod[i]->get_mem)
211 (&worker->env, i);
212 }
213 verbose(VERB_QUERY, "cache memory msg=%u rrset=%u infra=%u val=%u",
214 (unsigned)slabhash_get_mem(worker->env.msg_cache),
215 (unsigned)slabhash_get_mem(&worker->env.rrset_cache->table),
216 (unsigned)infra_get_mem(worker->env.infra_cache),
217 (unsigned)val);
218#endif /* UNBOUND_ALLOC_STATS */
219}
220
221void
222worker_send_cmd(struct worker* worker, enum worker_commands cmd)
223{
224 uint32_t c = (uint32_t)htonl(cmd);
225 if(!tube_write_msg(worker->cmd, (uint8_t*)&c, sizeof(c), 0)) {
226 log_err("worker send cmd %d failed", (int)cmd);
227 }
228}
229
230int
231worker_handle_reply(struct comm_point* c, void* arg, int error,
232 struct comm_reply* reply_info)
233{
234 struct module_qstate* q = (struct module_qstate*)arg;
235 struct worker* worker = q->env->worker;
236 struct outbound_entry e;
237 e.qstate = q;
238 e.qsent = NULL;
239
240 if(error != 0) {
241 mesh_report_reply(worker->env.mesh, &e, reply_info, error);
242 worker_mem_report(worker, NULL);
243 return 0;
244 }
245 /* sanity check. */
246 if(!LDNS_QR_WIRE(sldns_buffer_begin(c->buffer))
247 || LDNS_OPCODE_WIRE(sldns_buffer_begin(c->buffer)) !=
248 LDNS_PACKET_QUERY
249 || LDNS_QDCOUNT(sldns_buffer_begin(c->buffer)) > 1) {
250 /* error becomes timeout for the module as if this reply
251 * never arrived. */
252 mesh_report_reply(worker->env.mesh, &e, reply_info,
253 NETEVENT_TIMEOUT);
254 worker_mem_report(worker, NULL);
255 return 0;
256 }
257 mesh_report_reply(worker->env.mesh, &e, reply_info, NETEVENT_NOERROR);
258 worker_mem_report(worker, NULL);
259 return 0;
260}
261
262int
263worker_handle_service_reply(struct comm_point* c, void* arg, int error,
264 struct comm_reply* reply_info)
265{
266 struct outbound_entry* e = (struct outbound_entry*)arg;
267 struct worker* worker = e->qstate->env->worker;
268 struct serviced_query *sq = e->qsent;
269
270 verbose(VERB_ALGO, "worker svcd callback for qstate %p", e->qstate);
271 if(error != 0) {
272 mesh_report_reply(worker->env.mesh, e, reply_info, error);
273 worker_mem_report(worker, sq);
274 return 0;
275 }
276 /* sanity check. */
277 if(!LDNS_QR_WIRE(sldns_buffer_begin(c->buffer))
278 || LDNS_OPCODE_WIRE(sldns_buffer_begin(c->buffer)) !=
279 LDNS_PACKET_QUERY
280 || LDNS_QDCOUNT(sldns_buffer_begin(c->buffer)) > 1) {
281 /* error becomes timeout for the module as if this reply
282 * never arrived. */
283 verbose(VERB_ALGO, "worker: bad reply handled as timeout");
284 mesh_report_reply(worker->env.mesh, e, reply_info,
285 NETEVENT_TIMEOUT);
286 worker_mem_report(worker, sq);
287 return 0;
288 }
289 mesh_report_reply(worker->env.mesh, e, reply_info, NETEVENT_NOERROR);
290 worker_mem_report(worker, sq);
291 return 0;
292}
293
294/** check request sanity.
295 * @param pkt: the wire packet to examine for sanity.
296 * @param worker: parameters for checking.
297 * @return error code, 0 OK, or -1 discard.
298*/
299static int
300worker_check_request(sldns_buffer* pkt, struct worker* worker)
301{
302 if(sldns_buffer_limit(pkt) < LDNS_HEADER_SIZE) {
303 verbose(VERB_QUERY, "request too short, discarded");
304 return -1;
305 }
306 if(sldns_buffer_limit(pkt) > NORMAL_UDP_SIZE &&
307 worker->daemon->cfg->harden_large_queries) {
308 verbose(VERB_QUERY, "request too large, discarded");
309 return -1;
310 }
311 if(LDNS_QR_WIRE(sldns_buffer_begin(pkt))) {
312 verbose(VERB_QUERY, "request has QR bit on, discarded");
313 return -1;
314 }
315 if(LDNS_TC_WIRE(sldns_buffer_begin(pkt))) {
316 LDNS_TC_CLR(sldns_buffer_begin(pkt));
317 verbose(VERB_QUERY, "request bad, has TC bit on");
318 return LDNS_RCODE_FORMERR;
319 }
320 if(LDNS_OPCODE_WIRE(sldns_buffer_begin(pkt)) != LDNS_PACKET_QUERY) {
321 verbose(VERB_QUERY, "request unknown opcode %d",
322 LDNS_OPCODE_WIRE(sldns_buffer_begin(pkt)));
323 return LDNS_RCODE_NOTIMPL;
324 }
325 if(LDNS_QDCOUNT(sldns_buffer_begin(pkt)) != 1) {
326 verbose(VERB_QUERY, "request wrong nr qd=%d",
327 LDNS_QDCOUNT(sldns_buffer_begin(pkt)));
328 return LDNS_RCODE_FORMERR;
329 }
330 if(LDNS_ANCOUNT(sldns_buffer_begin(pkt)) != 0) {
331 verbose(VERB_QUERY, "request wrong nr an=%d",
332 LDNS_ANCOUNT(sldns_buffer_begin(pkt)));
333 return LDNS_RCODE_FORMERR;
334 }
335 if(LDNS_NSCOUNT(sldns_buffer_begin(pkt)) != 0) {
336 verbose(VERB_QUERY, "request wrong nr ns=%d",
337 LDNS_NSCOUNT(sldns_buffer_begin(pkt)));
338 return LDNS_RCODE_FORMERR;
339 }
340 if(LDNS_ARCOUNT(sldns_buffer_begin(pkt)) > 1) {
341 verbose(VERB_QUERY, "request wrong nr ar=%d",
342 LDNS_ARCOUNT(sldns_buffer_begin(pkt)));
343 return LDNS_RCODE_FORMERR;
344 }
345 return 0;
346}
347
348void
349worker_handle_control_cmd(struct tube* ATTR_UNUSED(tube), uint8_t* msg,
350 size_t len, int error, void* arg)
351{
352 struct worker* worker = (struct worker*)arg;
353 enum worker_commands cmd;
354 if(error != NETEVENT_NOERROR) {
355 free(msg);
356 if(error == NETEVENT_CLOSED)
357 comm_base_exit(worker->base);
358 else log_info("control event: %d", error);
359 return;
360 }
361 if(len != sizeof(uint32_t)) {
362 fatal_exit("bad control msg length %d", (int)len);
363 }
364 cmd = sldns_read_uint32(msg);
365 free(msg);
366 switch(cmd) {
367 case worker_cmd_quit:
368 verbose(VERB_ALGO, "got control cmd quit");
369 comm_base_exit(worker->base);
370 break;
371 case worker_cmd_stats:
372 verbose(VERB_ALGO, "got control cmd stats");
373 server_stats_reply(worker, 1);
374 break;
375 case worker_cmd_stats_noreset:
376 verbose(VERB_ALGO, "got control cmd stats_noreset");
377 server_stats_reply(worker, 0);
378 break;
379 case worker_cmd_remote:
380 verbose(VERB_ALGO, "got control cmd remote");
381 daemon_remote_exec(worker);
382 break;
383 default:
384 log_err("bad command %d", (int)cmd);
385 break;
386 }
387}
388
389/** check if a delegation is secure */
390static enum sec_status
391check_delegation_secure(struct reply_info *rep)
392{
393 /* return smallest security status */
394 size_t i;
395 enum sec_status sec = sec_status_secure;
396 enum sec_status s;
397 size_t num = rep->an_numrrsets + rep->ns_numrrsets;
398 /* check if answer and authority are OK */
399 for(i=0; i<num; i++) {
400 s = ((struct packed_rrset_data*)rep->rrsets[i]->entry.data)
401 ->security;
402 if(s < sec)
403 sec = s;
404 }
405 /* in additional, only unchecked triggers revalidation */
406 for(i=num; i<rep->rrset_count; i++) {
407 s = ((struct packed_rrset_data*)rep->rrsets[i]->entry.data)
408 ->security;
409 if(s == sec_status_unchecked)
410 return s;
411 }
412 return sec;
413}
414
415/** remove nonsecure from a delegation referral additional section */
416static void
417deleg_remove_nonsecure_additional(struct reply_info* rep)
418{
419 /* we can simply edit it, since we are working in the scratch region */
420 size_t i;
421 enum sec_status s;
422
423 for(i = rep->an_numrrsets+rep->ns_numrrsets; i<rep->rrset_count; i++) {
424 s = ((struct packed_rrset_data*)rep->rrsets[i]->entry.data)
425 ->security;
426 if(s != sec_status_secure) {
427 memmove(rep->rrsets+i, rep->rrsets+i+1,
428 sizeof(struct ub_packed_rrset_key*)*
429 (rep->rrset_count - i - 1));
430 rep->ar_numrrsets--;
431 rep->rrset_count--;
432 i--;
433 }
434 }
435}
436
437/** answer nonrecursive query from the cache */
438static int
439answer_norec_from_cache(struct worker* worker, struct query_info* qinfo,
440 uint16_t id, uint16_t flags, struct comm_reply* repinfo,
441 struct edns_data* edns)
442{
443 /* for a nonrecursive query return either:
444 * o an error (servfail; we try to avoid this)
445 * o a delegation (closest we have; this routine tries that)
446 * o the answer (checked by answer_from_cache)
447 *
448 * So, grab a delegation from the rrset cache.
449 * Then check if it needs validation, if so, this routine fails,
450 * so that iterator can prime and validator can verify rrsets.
451 */
452 uint16_t udpsize = edns->udp_size;
453 int secure = 0;
454 time_t timenow = *worker->env.now;
455 int must_validate = (!(flags&BIT_CD) || worker->env.cfg->ignore_cd)
456 && worker->env.need_to_validate;
457 struct dns_msg *msg = NULL;
458 struct delegpt *dp;
459
460 dp = dns_cache_find_delegation(&worker->env, qinfo->qname,
461 qinfo->qname_len, qinfo->qtype, qinfo->qclass,
462 worker->scratchpad, &msg, timenow);
463 if(!dp) { /* no delegation, need to reprime */
464 regional_free_all(worker->scratchpad);
465 return 0;
466 }
467 if(must_validate) {
468 switch(check_delegation_secure(msg->rep)) {
469 case sec_status_unchecked:
470 /* some rrsets have not been verified yet, go and
471 * let validator do that */
472 regional_free_all(worker->scratchpad);
473 return 0;
474 case sec_status_bogus:
475 /* some rrsets are bogus, reply servfail */
476 edns->edns_version = EDNS_ADVERTISED_VERSION;
477 edns->udp_size = EDNS_ADVERTISED_SIZE;
478 edns->ext_rcode = 0;
479 edns->bits &= EDNS_DO;
480 error_encode(repinfo->c->buffer, LDNS_RCODE_SERVFAIL,
481 &msg->qinfo, id, flags, edns);
482 regional_free_all(worker->scratchpad);
483 if(worker->stats.extended) {
484 worker->stats.ans_bogus++;
485 worker->stats.ans_rcode[LDNS_RCODE_SERVFAIL]++;
486 }
487 return 1;
488 case sec_status_secure:
489 /* all rrsets are secure */
490 /* remove non-secure rrsets from the add. section*/
491 if(worker->env.cfg->val_clean_additional)
492 deleg_remove_nonsecure_additional(msg->rep);
493 secure = 1;
494 break;
495 case sec_status_indeterminate:
496 case sec_status_insecure:
497 default:
498 /* not secure */
499 secure = 0;
500 break;
501 }
502 }
503 /* return this delegation from the cache */
504 edns->edns_version = EDNS_ADVERTISED_VERSION;
505 edns->udp_size = EDNS_ADVERTISED_SIZE;
506 edns->ext_rcode = 0;
507 edns->bits &= EDNS_DO;
508 msg->rep->flags |= BIT_QR|BIT_RA;
509 if(!reply_info_answer_encode(&msg->qinfo, msg->rep, id, flags,
510 repinfo->c->buffer, 0, 1, worker->scratchpad,
511 udpsize, edns, (int)(edns->bits & EDNS_DO), secure)) {
512 error_encode(repinfo->c->buffer, LDNS_RCODE_SERVFAIL,
513 &msg->qinfo, id, flags, edns);
514 }
515 regional_free_all(worker->scratchpad);
516 if(worker->stats.extended) {
517 if(secure) worker->stats.ans_secure++;
518 server_stats_insrcode(&worker->stats, repinfo->c->buffer);
519 }
520 return 1;
521}
522
523/** answer query from the cache */
524static int
525answer_from_cache(struct worker* worker, struct query_info* qinfo,
526 struct reply_info* rep, uint16_t id, uint16_t flags,
527 struct comm_reply* repinfo, struct edns_data* edns)
528{
529 time_t timenow = *worker->env.now;
530 uint16_t udpsize = edns->udp_size;
531 int secure;
532 int must_validate = (!(flags&BIT_CD) || worker->env.cfg->ignore_cd)
533 && worker->env.need_to_validate;
534 /* see if it is possible */
535 if(rep->ttl < timenow) {
536 /* the rrsets may have been updated in the meantime.
537 * we will refetch the message format from the
538 * authoritative server
539 */
540 return 0;
541 }
542 if(!rrset_array_lock(rep->ref, rep->rrset_count, timenow))
543 return 0;
544 /* locked and ids and ttls are OK. */
545 /* check CNAME chain (if any) */
546 if(rep->an_numrrsets > 0 && (rep->rrsets[0]->rk.type ==
547 htons(LDNS_RR_TYPE_CNAME) || rep->rrsets[0]->rk.type ==
548 htons(LDNS_RR_TYPE_DNAME))) {
549 if(!reply_check_cname_chain(rep)) {
550 /* cname chain invalid, redo iterator steps */
551 verbose(VERB_ALGO, "Cache reply: cname chain broken");
552 bail_out:
553 rrset_array_unlock_touch(worker->env.rrset_cache,
554 worker->scratchpad, rep->ref, rep->rrset_count);
555 regional_free_all(worker->scratchpad);
556 return 0;
557 }
558 }
559 /* check security status of the cached answer */
560 if( rep->security == sec_status_bogus && must_validate) {
561 /* BAD cached */
562 edns->edns_version = EDNS_ADVERTISED_VERSION;
563 edns->udp_size = EDNS_ADVERTISED_SIZE;
564 edns->ext_rcode = 0;
565 edns->bits &= EDNS_DO;
566 error_encode(repinfo->c->buffer, LDNS_RCODE_SERVFAIL,
567 qinfo, id, flags, edns);
568 rrset_array_unlock_touch(worker->env.rrset_cache,
569 worker->scratchpad, rep->ref, rep->rrset_count);
570 regional_free_all(worker->scratchpad);
571 if(worker->stats.extended) {
572 worker->stats.ans_bogus ++;
573 worker->stats.ans_rcode[LDNS_RCODE_SERVFAIL] ++;
574 }
575 return 1;
576 } else if( rep->security == sec_status_unchecked && must_validate) {
577 verbose(VERB_ALGO, "Cache reply: unchecked entry needs "
578 "validation");
579 goto bail_out; /* need to validate cache entry first */
580 } else if(rep->security == sec_status_secure) {
581 if(reply_all_rrsets_secure(rep))
582 secure = 1;
583 else {
584 if(must_validate) {
585 verbose(VERB_ALGO, "Cache reply: secure entry"
586 " changed status");
587 goto bail_out; /* rrset changed, re-verify */
588 }
589 secure = 0;
590 }
591 } else secure = 0;
592
593 edns->edns_version = EDNS_ADVERTISED_VERSION;
594 edns->udp_size = EDNS_ADVERTISED_SIZE;
595 edns->ext_rcode = 0;
596 edns->bits &= EDNS_DO;
597 if(!reply_info_answer_encode(qinfo, rep, id, flags,
598 repinfo->c->buffer, timenow, 1, worker->scratchpad,
599 udpsize, edns, (int)(edns->bits & EDNS_DO), secure)) {
600 error_encode(repinfo->c->buffer, LDNS_RCODE_SERVFAIL,
601 qinfo, id, flags, edns);
602 }
603 /* cannot send the reply right now, because blocking network syscall
604 * is bad while holding locks. */
605 rrset_array_unlock_touch(worker->env.rrset_cache, worker->scratchpad,
606 rep->ref, rep->rrset_count);
607 regional_free_all(worker->scratchpad);
608 if(worker->stats.extended) {
609 if(secure) worker->stats.ans_secure++;
610 server_stats_insrcode(&worker->stats, repinfo->c->buffer);
611 }
612 /* go and return this buffer to the client */
613 return 1;
614}
615
616/** Reply to client and perform prefetch to keep cache up to date */
617static void
618reply_and_prefetch(struct worker* worker, struct query_info* qinfo,
619 uint16_t flags, struct comm_reply* repinfo, time_t leeway)
620{
621 /* first send answer to client to keep its latency
622 * as small as a cachereply */
623 comm_point_send_reply(repinfo);
624 server_stats_prefetch(&worker->stats, worker);
625
626 /* create the prefetch in the mesh as a normal lookup without
627 * client addrs waiting, which has the cache blacklisted (to bypass
628 * the cache and go to the network for the data). */
629 /* this (potentially) runs the mesh for the new query */
630 mesh_new_prefetch(worker->env.mesh, qinfo, flags, leeway +
631 PREFETCH_EXPIRY_ADD);
632}
633
634/**
635 * Fill CH class answer into buffer. Keeps query.
636 * @param pkt: buffer
637 * @param str: string to put into text record (<255).
638 * @param edns: edns reply information.
639 */
640static void
641chaos_replystr(sldns_buffer* pkt, const char* str, struct edns_data* edns)
642{
643 size_t len = strlen(str);
644 unsigned int rd = LDNS_RD_WIRE(sldns_buffer_begin(pkt));
645 unsigned int cd = LDNS_CD_WIRE(sldns_buffer_begin(pkt));
646 if(len>255) len=255; /* cap size of TXT record */
647 sldns_buffer_clear(pkt);
648 sldns_buffer_skip(pkt, (ssize_t)sizeof(uint16_t)); /* skip id */
649 sldns_buffer_write_u16(pkt, (uint16_t)(BIT_QR|BIT_RA));
650 if(rd) LDNS_RD_SET(sldns_buffer_begin(pkt));
651 if(cd) LDNS_CD_SET(sldns_buffer_begin(pkt));
652 sldns_buffer_write_u16(pkt, 1); /* qdcount */
653 sldns_buffer_write_u16(pkt, 1); /* ancount */
654 sldns_buffer_write_u16(pkt, 0); /* nscount */
655 sldns_buffer_write_u16(pkt, 0); /* arcount */
656 (void)query_dname_len(pkt); /* skip qname */
657 sldns_buffer_skip(pkt, (ssize_t)sizeof(uint16_t)); /* skip qtype */
658 sldns_buffer_skip(pkt, (ssize_t)sizeof(uint16_t)); /* skip qclass */
659 sldns_buffer_write_u16(pkt, 0xc00c); /* compr ptr to query */
660 sldns_buffer_write_u16(pkt, LDNS_RR_TYPE_TXT);
661 sldns_buffer_write_u16(pkt, LDNS_RR_CLASS_CH);
662 sldns_buffer_write_u32(pkt, 0); /* TTL */
663 sldns_buffer_write_u16(pkt, sizeof(uint8_t) + len);
664 sldns_buffer_write_u8(pkt, len);
665 sldns_buffer_write(pkt, str, len);
666 sldns_buffer_flip(pkt);
667 edns->edns_version = EDNS_ADVERTISED_VERSION;
668 edns->udp_size = EDNS_ADVERTISED_SIZE;
669 edns->bits &= EDNS_DO;
670 attach_edns_record(pkt, edns);
671}
672
673/**
674 * Answer CH class queries.
675 * @param w: worker
676 * @param qinfo: query info. Pointer into packet buffer.
677 * @param edns: edns info from query.
678 * @param pkt: packet buffer.
679 * @return: true if a reply is to be sent.
680 */
681static int
682answer_chaos(struct worker* w, struct query_info* qinfo,
683 struct edns_data* edns, sldns_buffer* pkt)
684{
685 struct config_file* cfg = w->env.cfg;
686 if(qinfo->qtype != LDNS_RR_TYPE_ANY && qinfo->qtype != LDNS_RR_TYPE_TXT)
687 return 0;
688 if(query_dname_compare(qinfo->qname,
689 (uint8_t*)"\002id\006server") == 0 ||
690 query_dname_compare(qinfo->qname,
691 (uint8_t*)"\010hostname\004bind") == 0)
692 {
693 if(cfg->hide_identity)
694 return 0;
695 if(cfg->identity==NULL || cfg->identity[0]==0) {
696 char buf[MAXHOSTNAMELEN+1];
697 if (gethostname(buf, MAXHOSTNAMELEN) == 0) {
698 buf[MAXHOSTNAMELEN] = 0;
699 chaos_replystr(pkt, buf, edns);
700 } else {
701 log_err("gethostname: %s", strerror(errno));
702 chaos_replystr(pkt, "no hostname", edns);
703 }
704 }
705 else chaos_replystr(pkt, cfg->identity, edns);
706 return 1;
707 }
708 if(query_dname_compare(qinfo->qname,
709 (uint8_t*)"\007version\006server") == 0 ||
710 query_dname_compare(qinfo->qname,
711 (uint8_t*)"\007version\004bind") == 0)
712 {
713 if(cfg->hide_version)
714 return 0;
715 if(cfg->version==NULL || cfg->version[0]==0)
716 chaos_replystr(pkt, PACKAGE_STRING, edns);
717 else chaos_replystr(pkt, cfg->version, edns);
718 return 1;
719 }
720 return 0;
721}
722
723static int
724deny_refuse(struct comm_point* c, enum acl_access acl,
725 enum acl_access deny, enum acl_access refuse,
726 struct worker* worker, struct comm_reply* repinfo)
727{
728 if(acl == deny) {
729 comm_point_drop_reply(repinfo);
730 if(worker->stats.extended)
731 worker->stats.unwanted_queries++;
732 return 0;
733 } else if(acl == refuse) {
734 log_addr(VERB_ALGO, "refused query from",
735 &repinfo->addr, repinfo->addrlen);
736 log_buf(VERB_ALGO, "refuse", c->buffer);
737 if(worker->stats.extended)
738 worker->stats.unwanted_queries++;
739 if(worker_check_request(c->buffer, worker) == -1) {
740 comm_point_drop_reply(repinfo);
741 return 0; /* discard this */
742 }
743 sldns_buffer_set_limit(c->buffer, LDNS_HEADER_SIZE);
744 sldns_buffer_write_at(c->buffer, 4,
745 (uint8_t*)"\0\0\0\0\0\0\0\0", 8);
746 LDNS_QR_SET(sldns_buffer_begin(c->buffer));
747 LDNS_RCODE_SET(sldns_buffer_begin(c->buffer),
748 LDNS_RCODE_REFUSED);
749 return 1;
750 }
751
752 return -1;
753}
754
755static int
756deny_refuse_all(struct comm_point* c, enum acl_access acl,
757 struct worker* worker, struct comm_reply* repinfo)
758{
759 return deny_refuse(c, acl, acl_deny, acl_refuse, worker, repinfo);
760}
761
762static int
763deny_refuse_non_local(struct comm_point* c, enum acl_access acl,
764 struct worker* worker, struct comm_reply* repinfo)
765{
766 return deny_refuse(c, acl, acl_deny_non_local, acl_refuse_non_local, worker, repinfo);
767}
768
769int
770worker_handle_request(struct comm_point* c, void* arg, int error,
771 struct comm_reply* repinfo)
772{
773 struct worker* worker = (struct worker*)arg;
774 int ret;
775 hashvalue_t h;
776 struct lruhash_entry* e;
777 struct query_info qinfo;
778 struct edns_data edns;
779 enum acl_access acl;
780 int rc = 0;
781
782 if(error != NETEVENT_NOERROR) {
783 /* some bad tcp query DNS formats give these error calls */
784 verbose(VERB_ALGO, "handle request called with err=%d", error);
785 return 0;
786 }
787#ifdef USE_DNSTAP
788 if(worker->dtenv.log_client_query_messages)
789 dt_msg_send_client_query(&worker->dtenv, &repinfo->addr, c->type,
790 c->buffer);
791#endif
792 acl = acl_list_lookup(worker->daemon->acl, &repinfo->addr,
793 repinfo->addrlen);
794 if((ret=deny_refuse_all(c, acl, worker, repinfo)) != -1)
795 {
796 if(ret == 1)
797 goto send_reply;
798 return ret;
799 }
800 if((ret=worker_check_request(c->buffer, worker)) != 0) {
801 verbose(VERB_ALGO, "worker check request: bad query.");
802 log_addr(VERB_CLIENT,"from",&repinfo->addr, repinfo->addrlen);
803 if(ret != -1) {
804 LDNS_QR_SET(sldns_buffer_begin(c->buffer));
805 LDNS_RCODE_SET(sldns_buffer_begin(c->buffer), ret);
806 return 1;
807 }
808 comm_point_drop_reply(repinfo);
809 return 0;
810 }
811 worker->stats.num_queries++;
812 /* see if query is in the cache */
813 if(!query_info_parse(&qinfo, c->buffer)) {
814 verbose(VERB_ALGO, "worker parse request: formerror.");
815 log_addr(VERB_CLIENT,"from",&repinfo->addr, repinfo->addrlen);
816 sldns_buffer_rewind(c->buffer);
817 LDNS_QR_SET(sldns_buffer_begin(c->buffer));
818 LDNS_RCODE_SET(sldns_buffer_begin(c->buffer),
819 LDNS_RCODE_FORMERR);
820 server_stats_insrcode(&worker->stats, c->buffer);
821 goto send_reply;
822 }
823 if(worker->env.cfg->log_queries) {
824 char ip[128];
825 addr_to_str(&repinfo->addr, repinfo->addrlen, ip, sizeof(ip));
826 log_nametypeclass(0, ip, qinfo.qname, qinfo.qtype, qinfo.qclass);
827 }
828 if(qinfo.qtype == LDNS_RR_TYPE_AXFR ||
829 qinfo.qtype == LDNS_RR_TYPE_IXFR) {
830 verbose(VERB_ALGO, "worker request: refused zone transfer.");
831 log_addr(VERB_CLIENT,"from",&repinfo->addr, repinfo->addrlen);
832 sldns_buffer_rewind(c->buffer);
833 LDNS_QR_SET(sldns_buffer_begin(c->buffer));
834 LDNS_RCODE_SET(sldns_buffer_begin(c->buffer),
835 LDNS_RCODE_REFUSED);
836 if(worker->stats.extended) {
837 worker->stats.qtype[qinfo.qtype]++;
838 server_stats_insrcode(&worker->stats, c->buffer);
839 }
840 goto send_reply;
841 }
842 if((ret=parse_edns_from_pkt(c->buffer, &edns)) != 0) {
843 verbose(VERB_ALGO, "worker parse edns: formerror.");
844 log_addr(VERB_CLIENT,"from",&repinfo->addr, repinfo->addrlen);
845 sldns_buffer_rewind(c->buffer);
846 LDNS_QR_SET(sldns_buffer_begin(c->buffer));
847 LDNS_RCODE_SET(sldns_buffer_begin(c->buffer), ret);
848 server_stats_insrcode(&worker->stats, c->buffer);
849 goto send_reply;
850 }
851 if(edns.edns_present && edns.edns_version != 0) {
852 edns.ext_rcode = (uint8_t)(EDNS_RCODE_BADVERS>>4);
853 edns.edns_version = EDNS_ADVERTISED_VERSION;
854 edns.udp_size = EDNS_ADVERTISED_SIZE;
855 edns.bits &= EDNS_DO;
856 verbose(VERB_ALGO, "query with bad edns version.");
857 log_addr(VERB_CLIENT,"from",&repinfo->addr, repinfo->addrlen);
858 error_encode(c->buffer, EDNS_RCODE_BADVERS&0xf, &qinfo,
859 *(uint16_t*)(void *)sldns_buffer_begin(c->buffer),
860 sldns_buffer_read_u16_at(c->buffer, 2), NULL);
861 attach_edns_record(c->buffer, &edns);
862 goto send_reply;
863 }
864 if(edns.edns_present && edns.udp_size < NORMAL_UDP_SIZE &&
865 worker->daemon->cfg->harden_short_bufsize) {
866 verbose(VERB_QUERY, "worker request: EDNS bufsize %d ignored",
867 (int)edns.udp_size);
868 log_addr(VERB_CLIENT,"from",&repinfo->addr, repinfo->addrlen);
869 edns.udp_size = NORMAL_UDP_SIZE;
870 }
871 if(edns.udp_size > worker->daemon->cfg->max_udp_size &&
872 c->type == comm_udp) {
873 verbose(VERB_QUERY,
874 "worker request: max UDP reply size modified"
875 " (%d to max-udp-size)", (int)edns.udp_size);
876 log_addr(VERB_CLIENT,"from",&repinfo->addr, repinfo->addrlen);
877 edns.udp_size = worker->daemon->cfg->max_udp_size;
878 }
879 if(edns.udp_size < LDNS_HEADER_SIZE) {
880 verbose(VERB_ALGO, "worker request: edns is too small.");
881 log_addr(VERB_CLIENT, "from", &repinfo->addr, repinfo->addrlen);
882 LDNS_QR_SET(sldns_buffer_begin(c->buffer));
883 LDNS_TC_SET(sldns_buffer_begin(c->buffer));
884 LDNS_RCODE_SET(sldns_buffer_begin(c->buffer),
885 LDNS_RCODE_SERVFAIL);
886 sldns_buffer_set_position(c->buffer, LDNS_HEADER_SIZE);
887 sldns_buffer_write_at(c->buffer, 4,
888 (uint8_t*)"\0\0\0\0\0\0\0\0", 8);
889 sldns_buffer_flip(c->buffer);
890 goto send_reply;
891 }
892 if(worker->stats.extended)
893 server_stats_insquery(&worker->stats, c, qinfo.qtype,
894 qinfo.qclass, &edns, repinfo);
895 if(c->type != comm_udp)
896 edns.udp_size = 65535; /* max size for TCP replies */
897 if(qinfo.qclass == LDNS_RR_CLASS_CH && answer_chaos(worker, &qinfo,
898 &edns, c->buffer)) {
899 server_stats_insrcode(&worker->stats, c->buffer);
900 goto send_reply;
901 }
902 if(local_zones_answer(worker->daemon->local_zones, &qinfo, &edns,
903 c->buffer, worker->scratchpad)) {
904 regional_free_all(worker->scratchpad);
905 if(sldns_buffer_limit(c->buffer) == 0) {
906 comm_point_drop_reply(repinfo);
907 return 0;
908 }
909 server_stats_insrcode(&worker->stats, c->buffer);
910 goto send_reply;
911 }
912
913 /* We've looked in our local zones. If the answer isn't there, we
914 * might need to bail out based on ACLs now. */
915 if((ret=deny_refuse_non_local(c, acl, worker, repinfo)) != -1)
916 {
917 if(ret == 1)
918 goto send_reply;
919 return ret;
920 }
921
922 /* If this request does not have the recursion bit set, verify
923 * ACLs allow the snooping. */
924 if(!(LDNS_RD_WIRE(sldns_buffer_begin(c->buffer))) &&
925 acl != acl_allow_snoop ) {
926 sldns_buffer_set_limit(c->buffer, LDNS_HEADER_SIZE);
927 sldns_buffer_write_at(c->buffer, 4,
928 (uint8_t*)"\0\0\0\0\0\0\0\0", 8);
929 LDNS_QR_SET(sldns_buffer_begin(c->buffer));
930 LDNS_RCODE_SET(sldns_buffer_begin(c->buffer),
931 LDNS_RCODE_REFUSED);
932 sldns_buffer_flip(c->buffer);
933 server_stats_insrcode(&worker->stats, c->buffer);
934 log_addr(VERB_ALGO, "refused nonrec (cache snoop) query from",
935 &repinfo->addr, repinfo->addrlen);
936 goto send_reply;
937 }
938 h = query_info_hash(&qinfo, sldns_buffer_read_u16_at(c->buffer, 2));
939 if((e=slabhash_lookup(worker->env.msg_cache, h, &qinfo, 0))) {
940 /* answer from cache - we have acquired a readlock on it */
941 if(answer_from_cache(worker, &qinfo,
942 (struct reply_info*)e->data,
943 *(uint16_t*)(void *)sldns_buffer_begin(c->buffer),
944 sldns_buffer_read_u16_at(c->buffer, 2), repinfo,
945 &edns)) {
946 /* prefetch it if the prefetch TTL expired */
947 if(worker->env.cfg->prefetch && *worker->env.now >=
948 ((struct reply_info*)e->data)->prefetch_ttl) {
949 time_t leeway = ((struct reply_info*)e->
950 data)->ttl - *worker->env.now;
951 lock_rw_unlock(&e->lock);
952 reply_and_prefetch(worker, &qinfo,
953 sldns_buffer_read_u16_at(c->buffer, 2),
954 repinfo, leeway);
955 rc = 0;
956 goto send_reply_rc;
957 }
958 lock_rw_unlock(&e->lock);
959 goto send_reply;
960 }
961 verbose(VERB_ALGO, "answer from the cache failed");
962 lock_rw_unlock(&e->lock);
963 }
964 if(!LDNS_RD_WIRE(sldns_buffer_begin(c->buffer))) {
965 if(answer_norec_from_cache(worker, &qinfo,
966 *(uint16_t*)(void *)sldns_buffer_begin(c->buffer),
967 sldns_buffer_read_u16_at(c->buffer, 2), repinfo,
968 &edns)) {
969 goto send_reply;
970 }
971 verbose(VERB_ALGO, "answer norec from cache -- "
972 "need to validate or not primed");
973 }
974 sldns_buffer_rewind(c->buffer);
975 server_stats_querymiss(&worker->stats, worker);
976
977 if(verbosity >= VERB_CLIENT) {
978 if(c->type == comm_udp)
979 log_addr(VERB_CLIENT, "udp request from",
980 &repinfo->addr, repinfo->addrlen);
981 else log_addr(VERB_CLIENT, "tcp request from",
982 &repinfo->addr, repinfo->addrlen);
983 }
984
985 /* grab a work request structure for this new request */
986 mesh_new_client(worker->env.mesh, &qinfo,
987 sldns_buffer_read_u16_at(c->buffer, 2),
988 &edns, repinfo, *(uint16_t*)(void *)sldns_buffer_begin(c->buffer));
989 worker_mem_report(worker, NULL);
990 return 0;
991
992send_reply:
993 rc = 1;
994send_reply_rc:
995#ifdef USE_DNSTAP
996 if(worker->dtenv.log_client_response_messages)
997 dt_msg_send_client_response(&worker->dtenv, &repinfo->addr,
998 c->type, c->buffer);
999#endif
1000 return rc;
1001}
1002
1003void
1004worker_sighandler(int sig, void* arg)
1005{
1006 /* note that log, print, syscalls here give race conditions.
1007 * And cause hangups if the log-lock is held by the application. */
1008 struct worker* worker = (struct worker*)arg;
1009 switch(sig) {
1010#ifdef SIGHUP
1011 case SIGHUP:
1012 comm_base_exit(worker->base);
1013 break;
1014#endif
1015 case SIGINT:
1016 worker->need_to_exit = 1;
1017 comm_base_exit(worker->base);
1018 break;
1019#ifdef SIGQUIT
1020 case SIGQUIT:
1021 worker->need_to_exit = 1;
1022 comm_base_exit(worker->base);
1023 break;
1024#endif
1025 case SIGTERM:
1026 worker->need_to_exit = 1;
1027 comm_base_exit(worker->base);
1028 break;
1029 default:
1030 /* unknown signal, ignored */
1031 break;
1032 }
1033}
1034
1035/** restart statistics timer for worker, if enabled */
1036static void
1037worker_restart_timer(struct worker* worker)
1038{
1039 if(worker->env.cfg->stat_interval > 0) {
1040 struct timeval tv;
1041#ifndef S_SPLINT_S
1042 tv.tv_sec = worker->env.cfg->stat_interval;
1043 tv.tv_usec = 0;
1044#endif
1045 comm_timer_set(worker->stat_timer, &tv);
1046 }
1047}
1048
1049void worker_stat_timer_cb(void* arg)
1050{
1051 struct worker* worker = (struct worker*)arg;
1052 server_stats_log(&worker->stats, worker, worker->thread_num);
1053 mesh_stats(worker->env.mesh, "mesh has");
1054 worker_mem_report(worker, NULL);
1055 if(!worker->daemon->cfg->stat_cumulative) {
1056 worker_stats_clear(worker);
1057 }
1058 /* start next timer */
1059 worker_restart_timer(worker);
1060}
1061
1062void worker_probe_timer_cb(void* arg)
1063{
1064 struct worker* worker = (struct worker*)arg;
1065 struct timeval tv;
1066#ifndef S_SPLINT_S
1067 tv.tv_sec = (time_t)autr_probe_timer(&worker->env);
1068 tv.tv_usec = 0;
1069#endif
1070 if(tv.tv_sec != 0)
1071 comm_timer_set(worker->env.probe_timer, &tv);
1072}
1073
1074struct worker*
1075worker_create(struct daemon* daemon, int id, int* ports, int n)
1076{
1077 unsigned int seed;
1078 struct worker* worker = (struct worker*)calloc(1,
1079 sizeof(struct worker));
1080 if(!worker)
1081 return NULL;
1082 worker->numports = n;
1083 worker->ports = (int*)memdup(ports, sizeof(int)*n);
1084 if(!worker->ports) {
1085 free(worker);
1086 return NULL;
1087 }
1088 worker->daemon = daemon;
1089 worker->thread_num = id;
1090 if(!(worker->cmd = tube_create())) {
1091 free(worker->ports);
1092 free(worker);
1093 return NULL;
1094 }
1095 /* create random state here to avoid locking trouble in RAND_bytes */
1096 seed = (unsigned int)time(NULL) ^ (unsigned int)getpid() ^
1097 (((unsigned int)worker->thread_num)<<17);
1098 /* shift thread_num so it does not match out pid bits */
1099 if(!(worker->rndstate = ub_initstate(seed, daemon->rand))) {
1100 seed = 0;
1101 log_err("could not init random numbers.");
1102 tube_delete(worker->cmd);
1103 free(worker->ports);
1104 free(worker);
1105 return NULL;
1106 }
1107 seed = 0;
1108#ifdef USE_DNSTAP
1109 if(daemon->cfg->dnstap) {
1110 log_assert(daemon->dtenv != NULL);
1111 memcpy(&worker->dtenv, daemon->dtenv, sizeof(struct dt_env));
1112 if(!dt_init(&worker->dtenv))
1113 fatal_exit("dt_init failed");
1114 }
1115#endif
1116 return worker;
1117}
1118
1119int
1120worker_init(struct worker* worker, struct config_file *cfg,
1121 struct listen_port* ports, int do_sigs)
1122{
1123#ifdef USE_DNSTAP
1124 struct dt_env* dtenv = &worker->dtenv;
1125#else
1126 void* dtenv = NULL;
1127#endif
1128 worker->need_to_exit = 0;
1129 worker->base = comm_base_create(do_sigs);
1130 if(!worker->base) {
1131 log_err("could not create event handling base");
1132 worker_delete(worker);
1133 return 0;
1134 }
1135 comm_base_set_slow_accept_handlers(worker->base, &worker_stop_accept,
1136 &worker_start_accept, worker);
1137 if(do_sigs) {
1138#ifdef SIGHUP
1139 ub_thread_sig_unblock(SIGHUP);
1140#endif
1141 ub_thread_sig_unblock(SIGINT);
1142#ifdef SIGQUIT
1143 ub_thread_sig_unblock(SIGQUIT);
1144#endif
1145 ub_thread_sig_unblock(SIGTERM);
1146#ifndef LIBEVENT_SIGNAL_PROBLEM
1147 worker->comsig = comm_signal_create(worker->base,
1148 worker_sighandler, worker);
1149 if(!worker->comsig
1150#ifdef SIGHUP
1151 || !comm_signal_bind(worker->comsig, SIGHUP)
1152#endif
1153#ifdef SIGQUIT
1154 || !comm_signal_bind(worker->comsig, SIGQUIT)
1155#endif
1156 || !comm_signal_bind(worker->comsig, SIGTERM)
1157 || !comm_signal_bind(worker->comsig, SIGINT)) {
1158 log_err("could not create signal handlers");
1159 worker_delete(worker);
1160 return 0;
1161 }
1162#endif /* LIBEVENT_SIGNAL_PROBLEM */
1163 if(!daemon_remote_open_accept(worker->daemon->rc,
1164 worker->daemon->rc_ports, worker)) {
1165 worker_delete(worker);
1166 return 0;
1167 }
1168#ifdef UB_ON_WINDOWS
1169 wsvc_setup_worker(worker);
1170#endif /* UB_ON_WINDOWS */
1171 } else { /* !do_sigs */
1172 worker->comsig = NULL;
1173 }
1174 worker->front = listen_create(worker->base, ports,
1175 cfg->msg_buffer_size, (int)cfg->incoming_num_tcp,
1176 worker->daemon->listen_sslctx, dtenv, worker_handle_request,
1177 worker);
1178 if(!worker->front) {
1179 log_err("could not create listening sockets");
1180 worker_delete(worker);
1181 return 0;
1182 }
1183 worker->back = outside_network_create(worker->base,
1184 cfg->msg_buffer_size, (size_t)cfg->outgoing_num_ports,
1185 cfg->out_ifs, cfg->num_out_ifs, cfg->do_ip4, cfg->do_ip6,
1186 cfg->do_tcp?cfg->outgoing_num_tcp:0,
1187 worker->daemon->env->infra_cache, worker->rndstate,
1188 cfg->use_caps_bits_for_id, worker->ports, worker->numports,
1189 cfg->unwanted_threshold, &worker_alloc_cleanup, worker,
1190 cfg->do_udp, worker->daemon->connect_sslctx, cfg->delay_close,
1191 dtenv);
1192 if(!worker->back) {
1193 log_err("could not create outgoing sockets");
1194 worker_delete(worker);
1195 return 0;
1196 }
1197 /* start listening to commands */
1198 if(!tube_setup_bg_listen(worker->cmd, worker->base,
1199 &worker_handle_control_cmd, worker)) {
1200 log_err("could not create control compt.");
1201 worker_delete(worker);
1202 return 0;
1203 }
1204 worker->stat_timer = comm_timer_create(worker->base,
1205 worker_stat_timer_cb, worker);
1206 if(!worker->stat_timer) {
1207 log_err("could not create statistics timer");
1208 }
1209
1210 /* we use the msg_buffer_size as a good estimate for what the
1211 * user wants for memory usage sizes */
1212 worker->scratchpad = regional_create_custom(cfg->msg_buffer_size);
1213 if(!worker->scratchpad) {
1214 log_err("malloc failure");
1215 worker_delete(worker);
1216 return 0;
1217 }
1218
1219 server_stats_init(&worker->stats, cfg);
1220 alloc_init(&worker->alloc, &worker->daemon->superalloc,
1221 worker->thread_num);
1222 alloc_set_id_cleanup(&worker->alloc, &worker_alloc_cleanup, worker);
1223 worker->env = *worker->daemon->env;
1224 comm_base_timept(worker->base, &worker->env.now, &worker->env.now_tv);
1225 if(worker->thread_num == 0)
1226 log_set_time(worker->env.now);
1227 worker->env.worker = worker;
1228 worker->env.send_query = &worker_send_query;
1229 worker->env.alloc = &worker->alloc;
1230 worker->env.rnd = worker->rndstate;
1231 worker->env.scratch = worker->scratchpad;
1232 worker->env.mesh = mesh_create(&worker->daemon->mods, &worker->env);
1233 worker->env.detach_subs = &mesh_detach_subs;
1234 worker->env.attach_sub = &mesh_attach_sub;
1235 worker->env.kill_sub = &mesh_state_delete;
1236 worker->env.detect_cycle = &mesh_detect_cycle;
1237 worker->env.scratch_buffer = sldns_buffer_new(cfg->msg_buffer_size);
1238 if(!(worker->env.fwds = forwards_create()) ||
1239 !forwards_apply_cfg(worker->env.fwds, cfg)) {
1240 log_err("Could not set forward zones");
1241 worker_delete(worker);
1242 return 0;
1243 }
1244 if(!(worker->env.hints = hints_create()) ||
1245 !hints_apply_cfg(worker->env.hints, cfg)) {
1246 log_err("Could not set root or stub hints");
1247 worker_delete(worker);
1248 return 0;
1249 }
1250 /* one probe timer per process -- if we have 5011 anchors */
1251 if(autr_get_num_anchors(worker->env.anchors) > 0
1252#ifndef THREADS_DISABLED
1253 && worker->thread_num == 0
1254#endif
1255 ) {
1256 struct timeval tv;
1257 tv.tv_sec = 0;
1258 tv.tv_usec = 0;
1259 worker->env.probe_timer = comm_timer_create(worker->base,
1260 worker_probe_timer_cb, worker);
1261 if(!worker->env.probe_timer) {
1262 log_err("could not create 5011-probe timer");
1263 } else {
1264 /* let timer fire, then it can reset itself */
1265 comm_timer_set(worker->env.probe_timer, &tv);
1266 }
1267 }
1268 if(!worker->env.mesh || !worker->env.scratch_buffer) {
1269 worker_delete(worker);
1270 return 0;
1271 }
1272 worker_mem_report(worker, NULL);
1273 /* if statistics enabled start timer */
1274 if(worker->env.cfg->stat_interval > 0) {
1275 verbose(VERB_ALGO, "set statistics interval %d secs",
1276 worker->env.cfg->stat_interval);
1277 worker_restart_timer(worker);
1278 }
1279 return 1;
1280}
1281
1282void
1283worker_work(struct worker* worker)
1284{
1285 comm_base_dispatch(worker->base);
1286}
1287
1288void
1289worker_delete(struct worker* worker)
1290{
1291 if(!worker)
1292 return;
1293 if(worker->env.mesh && verbosity >= VERB_OPS) {
1294 server_stats_log(&worker->stats, worker, worker->thread_num);
1295 mesh_stats(worker->env.mesh, "mesh has");
1296 worker_mem_report(worker, NULL);
1297 }
1298 outside_network_quit_prepare(worker->back);
1299 mesh_delete(worker->env.mesh);
1300 sldns_buffer_free(worker->env.scratch_buffer);
1301 forwards_delete(worker->env.fwds);
1302 hints_delete(worker->env.hints);
1303 listen_delete(worker->front);
1304 outside_network_delete(worker->back);
1305 comm_signal_delete(worker->comsig);
1306 tube_delete(worker->cmd);
1307 comm_timer_delete(worker->stat_timer);
1308 comm_timer_delete(worker->env.probe_timer);
1309 free(worker->ports);
1310 if(worker->thread_num == 0) {
1311 log_set_time(NULL);
1312#ifdef UB_ON_WINDOWS
1313 wsvc_desetup_worker(worker);
1314#endif /* UB_ON_WINDOWS */
1315 }
1316 comm_base_delete(worker->base);
1317 ub_randfree(worker->rndstate);
1318 alloc_clear(&worker->alloc);
1319 regional_destroy(worker->scratchpad);
1320 free(worker);
1321}
1322
1323struct outbound_entry*
1324worker_send_query(uint8_t* qname, size_t qnamelen, uint16_t qtype,
1325 uint16_t qclass, uint16_t flags, int dnssec, int want_dnssec,
1326 int nocaps, struct sockaddr_storage* addr, socklen_t addrlen,
1327 uint8_t* zone, size_t zonelen, struct module_qstate* q)
1328{
1329 struct worker* worker = q->env->worker;
1330 struct outbound_entry* e = (struct outbound_entry*)regional_alloc(
1331 q->region, sizeof(*e));
1332 if(!e)
1333 return NULL;
1334 e->qstate = q;
1335 e->qsent = outnet_serviced_query(worker->back, qname,
1336 qnamelen, qtype, qclass, flags, dnssec, want_dnssec, nocaps,
1337 q->env->cfg->tcp_upstream, q->env->cfg->ssl_upstream, addr,
1338 addrlen, zone, zonelen, worker_handle_service_reply, e,
1339 worker->back->udp_buff);
1340 if(!e->qsent) {
1341 return NULL;
1342 }
1343 return e;
1344}
1345
1346void
1347worker_alloc_cleanup(void* arg)
1348{
1349 struct worker* worker = (struct worker*)arg;
1350 slabhash_clear(&worker->env.rrset_cache->table);
1351 slabhash_clear(worker->env.msg_cache);
1352}
1353
1354void worker_stats_clear(struct worker* worker)
1355{
1356 server_stats_init(&worker->stats, worker->env.cfg);
1357 mesh_stats_clear(worker->env.mesh);
1358 worker->back->unwanted_replies = 0;
1359 worker->back->num_tcp_outgoing = 0;
1360}
1361
1362void worker_start_accept(void* arg)
1363{
1364 struct worker* worker = (struct worker*)arg;
1365 listen_start_accept(worker->front);
1366 if(worker->thread_num == 0)
1367 daemon_remote_start_accept(worker->daemon->rc);
1368}
1369
1370void worker_stop_accept(void* arg)
1371{
1372 struct worker* worker = (struct worker*)arg;
1373 listen_stop_accept(worker->front);
1374 if(worker->thread_num == 0)
1375 daemon_remote_stop_accept(worker->daemon->rc);
1376}
1377
1378/* --- fake callbacks for fptr_wlist to work --- */
1379struct outbound_entry* libworker_send_query(uint8_t* ATTR_UNUSED(qname),
1380 size_t ATTR_UNUSED(qnamelen), uint16_t ATTR_UNUSED(qtype),
1381 uint16_t ATTR_UNUSED(qclass), uint16_t ATTR_UNUSED(flags),
1382 int ATTR_UNUSED(dnssec), int ATTR_UNUSED(want_dnssec),
1383 int ATTR_UNUSED(nocaps), struct sockaddr_storage* ATTR_UNUSED(addr),
1384 socklen_t ATTR_UNUSED(addrlen), uint8_t* ATTR_UNUSED(zone),
1385 size_t ATTR_UNUSED(zonelen), struct module_qstate* ATTR_UNUSED(q))
1386{
1387 log_assert(0);
1388 return 0;
1389}
1390
1391int libworker_handle_reply(struct comm_point* ATTR_UNUSED(c),
1392 void* ATTR_UNUSED(arg), int ATTR_UNUSED(error),
1393 struct comm_reply* ATTR_UNUSED(reply_info))
1394{
1395 log_assert(0);
1396 return 0;
1397}
1398
1399int libworker_handle_service_reply(struct comm_point* ATTR_UNUSED(c),
1400 void* ATTR_UNUSED(arg), int ATTR_UNUSED(error),
1401 struct comm_reply* ATTR_UNUSED(reply_info))
1402{
1403 log_assert(0);
1404 return 0;
1405}
1406
1407void libworker_handle_control_cmd(struct tube* ATTR_UNUSED(tube),
1408 uint8_t* ATTR_UNUSED(buffer), size_t ATTR_UNUSED(len),
1409 int ATTR_UNUSED(error), void* ATTR_UNUSED(arg))
1410{
1411 log_assert(0);
1412}
1413
1414void libworker_fg_done_cb(void* ATTR_UNUSED(arg), int ATTR_UNUSED(rcode),
1415 sldns_buffer* ATTR_UNUSED(buf), enum sec_status ATTR_UNUSED(s),
1416 char* ATTR_UNUSED(why_bogus))
1417{
1418 log_assert(0);
1419}
1420
1421void libworker_bg_done_cb(void* ATTR_UNUSED(arg), int ATTR_UNUSED(rcode),
1422 sldns_buffer* ATTR_UNUSED(buf), enum sec_status ATTR_UNUSED(s),
1423 char* ATTR_UNUSED(why_bogus))
1424{
1425 log_assert(0);
1426}
1427
1428void libworker_event_done_cb(void* ATTR_UNUSED(arg), int ATTR_UNUSED(rcode),
1429 sldns_buffer* ATTR_UNUSED(buf), enum sec_status ATTR_UNUSED(s),
1430 char* ATTR_UNUSED(why_bogus))
1431{
1432 log_assert(0);
1433}
1434
1435int context_query_cmp(const void* ATTR_UNUSED(a), const void* ATTR_UNUSED(b))
1436{
1437 log_assert(0);
1438 return 0;
1439}
1440
1441int order_lock_cmp(const void* ATTR_UNUSED(e1), const void* ATTR_UNUSED(e2))
1442{
1443 log_assert(0);
1444 return 0;
1445}
1446
1447int codeline_cmp(const void* ATTR_UNUSED(a), const void* ATTR_UNUSED(b))
1448{
1449 log_assert(0);
1450 return 0;
1451}
1452
mirror of network_cmds