remote.c File Reference

This file contains the remote control functionality for the daemon. More...

#include "config.h"
#include <ctype.h>
#include "daemon/remote.h"
#include "daemon/worker.h"
#include "daemon/daemon.h"
#include "daemon/stats.h"
#include "daemon/cachedump.h"
#include "util/log.h"
#include "util/config_file.h"
#include "util/net_help.h"
#include "util/module.h"
#include "services/listen_dnsport.h"
#include "services/cache/rrset.h"
#include "services/cache/infra.h"
#include "services/mesh.h"
#include "services/localzone.h"
#include "services/authzone.h"
#include "services/rpz.h"
#include "util/storage/slabhash.h"
#include "util/fptr_wlist.h"
#include "util/data/dname.h"
#include "validator/validator.h"
#include "validator/val_kcache.h"
#include "validator/val_kentry.h"
#include "validator/val_anchor.h"
#include "iterator/iterator.h"
#include "iterator/iter_fwd.h"
#include "iterator/iter_hints.h"
#include "iterator/iter_delegpt.h"
#include "services/outbound_list.h"
#include "services/outside_network.h"
#include "sldns/str2wire.h"
#include "sldns/parseutil.h"
#include "sldns/wire2str.h"
#include "sldns/sbuffer.h"
#include "util/timeval_func.h"
#include "util/edns.h"

Data Structures

struct  del_info
 Local info for deletion functions. More...
 
struct  infra_arg
 structure for argument data for dump infra host More...
 
struct  ratelimit_list_arg
 struct for user arg ratelimit list More...
 

Macros

#define SQ   "="
 what to put on statistics lines between var and value, ": " or "="
 
#define MAX_CMD_STRLINE   1024
 Acceptable lengths of str lines.
 
#define MAX_STDIN_STRLINE   2048
 
#define ip_ratelimit_list_arg   ratelimit_list_arg
 

Functions

static int remote_setup_ctx (struct daemon_remote *rc, struct config_file *cfg)
 
struct daemon_remotedaemon_remote_create (struct config_file *cfg)
 Create new remote control state for the daemon. More...
 
void daemon_remote_clear (struct daemon_remote *rc)
 remote control state to clear up. More...
 
void daemon_remote_delete (struct daemon_remote *rc)
 remote control state to delete. More...
 
static int add_open (const char *ip, int nr, struct listen_port **list, int noproto_is_err, struct config_file *cfg)
 Add and open a new control port. More...
 
struct listen_portdaemon_remote_open_ports (struct config_file *cfg)
 Open and create listening ports for remote control. More...
 
static int accept_open (struct daemon_remote *rc, int fd)
 open accept commpoint
 
int daemon_remote_open_accept (struct daemon_remote *rc, struct listen_port *ports, struct worker *worker)
 Setup comm points for accepting remote control connections. More...
 
void daemon_remote_stop_accept (struct daemon_remote *rc)
 Stop accept handlers for TCP (until enabled again) More...
 
void daemon_remote_start_accept (struct daemon_remote *rc)
 Stop accept handlers for TCP (until enabled again) More...
 
int remote_accept_callback (struct comm_point *c, void *arg, int err, struct comm_reply *ATTR_UNUSED(rep))
 
static void state_list_remove_elem (struct rc_state **list, struct comm_point *c)
 delete from list
 
static void clean_point (struct daemon_remote *rc, struct rc_state *s)
 decrease active count and remove commpoint from busy list
 
int ssl_print_text (RES *res, const char *text)
 
static int ssl_print_vmsg (RES *ssl, const char *format, va_list args)
 print text over the ssl connection
 
int ssl_printf (RES *ssl, const char *format,...)
 printf style printing to the ssl connection
 
int ssl_read_line (RES *res, char *buf, size_t max)
 
static char * skipwhite (char *str)
 skip whitespace, return new pointer into string
 
static void send_ok (RES *ssl)
 send the OK to the control client
 
static void distribute_cmd (struct daemon_remote *rc, RES *ssl, char *cmd)
 tell other processes to execute the command
 
static void do_stop (RES *ssl, struct worker *worker)
 do the stop command
 
static void do_reload (RES *ssl, struct worker *worker, int reuse_cache)
 do the reload command
 
static void do_verbosity (RES *ssl, char *str)
 do the verbosity command
 
static int print_stats (RES *ssl, const char *nm, struct ub_stats_info *s)
 print stats from statinfo
 
static int print_thread_stats (RES *ssl, int i, struct ub_stats_info *s)
 print stats for one thread
 
static int print_longnum (RES *ssl, const char *desc, size_t x)
 print long number
 
static int print_mem (RES *ssl, struct worker *worker, struct daemon *daemon, struct ub_stats_info *s)
 print mem stats
 
static int print_uptime (RES *ssl, struct worker *worker, int reset)
 print uptime stats
 
static int print_hist (RES *ssl, struct ub_stats_info *s)
 print extended histogram
 
static int print_ext (RES *ssl, struct ub_stats_info *s, int inhibit_zero)
 print extended stats
 
static void do_stats (RES *ssl, struct worker *worker, int reset)
 do the stats command
 
static int parse_arg_name (RES *ssl, char *str, uint8_t **res, size_t *len, int *labs)
 parse commandline argument domain name
 
static int find_arg2 (RES *ssl, char *arg, char **arg2)
 find second argument, modifies string
 
static int perform_zone_add (RES *ssl, struct local_zones *zones, char *arg)
 Add a new zone.
 
static void do_zone_add (RES *ssl, struct local_zones *zones, char *arg)
 Do the local_zone command.
 
static void do_zones_add (struct daemon_remote *rc, RES *ssl, struct worker *worker)
 Do the local_zones command.
 
static int perform_zone_remove (RES *ssl, struct local_zones *zones, char *arg)
 Remove a zone.
 
static void do_zone_remove (RES *ssl, struct local_zones *zones, char *arg)
 Do the local_zone_remove command.
 
static void do_zones_remove (struct daemon_remote *rc, RES *ssl, struct worker *worker)
 Do the local_zones_remove command.
 
static int check_RR_syntax (RES *ssl, char *str, int line)
 check syntax of newly added RR
 
static int perform_data_add (RES *ssl, struct local_zones *zones, char *arg, int line)
 Add new RR data.
 
static void do_data_add (RES *ssl, struct local_zones *zones, char *arg)
 Do the local_data command.
 
static void do_datas_add (struct daemon_remote *rc, RES *ssl, struct worker *worker)
 Do the local_datas command.
 
static int perform_data_remove (RES *ssl, struct local_zones *zones, char *arg)
 Remove RR data.
 
static void do_data_remove (RES *ssl, struct local_zones *zones, char *arg)
 Do the local_data_remove command.
 
static void do_datas_remove (struct daemon_remote *rc, RES *ssl, struct worker *worker)
 Do the local_datas_remove command.
 
static void do_view_zone_add (RES *ssl, struct worker *worker, char *arg)
 Add a new zone to view.
 
static void do_view_zone_remove (RES *ssl, struct worker *worker, char *arg)
 Remove a zone from view.
 
static void do_view_data_add (RES *ssl, struct worker *worker, char *arg)
 Add new RR data to view.
 
static void do_view_datas_add (struct daemon_remote *rc, RES *ssl, struct worker *worker, char *arg)
 Add new RR data from stdin to view.
 
static void do_view_data_remove (RES *ssl, struct worker *worker, char *arg)
 Remove RR data from view.
 
static void do_view_datas_remove (struct daemon_remote *rc, RES *ssl, struct worker *worker, char *arg)
 Remove RR data from stdin from view.
 
static void do_lookup (RES *ssl, struct worker *worker, char *arg)
 cache lookup of nameservers
 
static void do_cache_remove (struct worker *worker, uint8_t *nm, size_t nmlen, uint16_t t, uint16_t c, int remcachedb)
 flush something from rrset and msg caches
 
static int parse_remcachedb (RES *ssl, char **arg, int *pc)
 parse '+c' option, modifies string to return remainder.
 
static void do_flush_type (RES *ssl, struct worker *worker, char *arg)
 flush a type
 
static void do_flush_stats (RES *ssl, struct worker *worker)
 flush statistics
 
static void infra_del_host (struct lruhash_entry *e, void *arg)
 callback to delete hosts in infra cache
 
static void do_flush_infra (RES *ssl, struct worker *worker, char *arg)
 flush infra cache
 
static void do_flush_requestlist (RES *ssl, struct worker *worker)
 flush requestlist
 
static void zone_del_rrset (struct lruhash_entry *e, void *arg)
 callback to delete rrsets in a zone
 
static void zone_del_msg (struct lruhash_entry *e, void *arg)
 callback to delete messages in a zone
 
static void zone_del_kcache (struct lruhash_entry *e, void *arg)
 callback to delete keys in zone
 
static void do_flush_zone (RES *ssl, struct worker *worker, char *arg)
 remove all rrsets and keys from zone from cache
 
static void bogus_del_rrset (struct lruhash_entry *e, void *arg)
 callback to delete bogus rrsets
 
static void bogus_del_msg (struct lruhash_entry *e, void *arg)
 callback to delete bogus messages
 
static void bogus_del_kcache (struct lruhash_entry *e, void *arg)
 callback to delete bogus keys
 
static void do_flush_bogus (RES *ssl, struct worker *worker, char *arg)
 remove all bogus rrsets, msgs and keys from cache
 
static void negative_del_rrset (struct lruhash_entry *e, void *arg)
 callback to delete negative and servfail rrsets
 
static void negative_del_msg (struct lruhash_entry *e, void *arg)
 callback to delete negative and servfail messages
 
static void negative_del_kcache (struct lruhash_entry *e, void *arg)
 callback to delete negative key entries
 
static void do_flush_negative (RES *ssl, struct worker *worker, char *arg)
 remove all negative(NODATA,NXDOMAIN), and servfail messages from cache
 
static void do_flush_name (RES *ssl, struct worker *w, char *arg)
 remove name rrset from cache
 
static int ssl_print_name_dp (RES *ssl, const char *str, uint8_t *nm, uint16_t dclass, struct delegpt *dp)
 printout a delegation point info
 
static int print_root_fwds (RES *ssl, struct iter_forwards *fwds, uint8_t *root)
 print root forwards
 
static struct delegptparse_delegpt (RES *ssl, char *args, uint8_t *nm)
 parse args into delegpt
 
static void do_forward (RES *ssl, struct worker *worker, char *args)
 do the forward command
 
static int parse_fs_args (RES *ssl, char *args, uint8_t **nm, struct delegpt **dp, int *insecure, int *prime, int *tls)
 
static void do_forward_add (RES *ssl, struct worker *worker, char *args)
 do the forward_add command
 
static void do_forward_remove (RES *ssl, struct worker *worker, char *args)
 do the forward_remove command
 
static void do_stub_add (RES *ssl, struct worker *worker, char *args)
 do the stub_add command
 
static void do_stub_remove (RES *ssl, struct worker *worker, char *args)
 do the stub_remove command
 
static void do_insecure_add (RES *ssl, struct worker *worker, char *arg)
 do the insecure_add command
 
static void do_insecure_remove (RES *ssl, struct worker *worker, char *arg)
 do the insecure_remove command
 
static void do_insecure_list (RES *ssl, struct worker *worker)
 
static void do_status (RES *ssl, struct worker *worker)
 do the status command
 
static void get_mesh_age (struct mesh_state *m, char *buf, size_t len, struct module_env *env)
 get age for the mesh state
 
static void get_mesh_status (struct mesh_area *mesh, struct mesh_state *m, char *buf, size_t len)
 get status of a mesh state
 
static void do_dump_requestlist (RES *ssl, struct worker *worker)
 do the dump_requestlist command
 
static void dump_infra_host (struct lruhash_entry *e, void *arg)
 callback for every host element in the infra cache
 
static void do_dump_infra (RES *ssl, struct worker *worker)
 do the dump_infra command
 
static void do_log_reopen (RES *ssl, struct worker *worker)
 do the log_reopen command
 
static void do_auth_zone_reload (RES *ssl, struct worker *worker, char *arg)
 do the auth_zone_reload command
 
static void do_auth_zone_transfer (RES *ssl, struct worker *worker, char *arg)
 do the auth_zone_transfer command
 
static void do_set_option (RES *ssl, struct worker *worker, char *arg)
 do the set_option command
 
void remote_get_opt_ssl (char *line, void *arg)
 routine to printout option values over SSL
 
static void do_get_option (RES *ssl, struct worker *worker, char *arg)
 do the get_option command
 
static void do_list_forwards (RES *ssl, struct worker *worker)
 do the list_forwards command
 
static void do_list_stubs (RES *ssl, struct worker *worker)
 do the list_stubs command
 
static void do_list_auth_zones (RES *ssl, struct auth_zones *az)
 do the list_auth_zones command
 
static void do_list_local_zones (RES *ssl, struct local_zones *zones)
 do the list_local_zones command
 
static void do_list_local_data (RES *ssl, struct worker *worker, struct local_zones *zones)
 do the list_local_data command
 
static void do_view_list_local_zones (RES *ssl, struct worker *worker, char *arg)
 do the view_list_local_zones command
 
static void do_view_list_local_data (RES *ssl, struct worker *worker, char *arg)
 do the view_list_local_data command
 
static void rate_list (struct lruhash_entry *e, void *arg)
 list items in the ratelimit table
 
static void ip_rate_list (struct lruhash_entry *e, void *arg)
 list items in the ip_ratelimit table
 
static void do_ratelimit_list (RES *ssl, struct worker *worker, char *arg)
 do the ratelimit_list command
 
static void do_ip_ratelimit_list (RES *ssl, struct worker *worker, char *arg)
 do the ip_ratelimit_list command
 
static void do_rpz_enable_disable (RES *ssl, struct worker *worker, char *arg, int enable)
 do the rpz_enable/disable command
 
static void do_rpz_enable (RES *ssl, struct worker *worker, char *arg)
 do the rpz_enable command
 
static void do_rpz_disable (RES *ssl, struct worker *worker, char *arg)
 do the rpz_disable command
 
static int cookie_secret_file_dump (RES *ssl, struct worker *worker)
 Write the cookie secrets to file, returns 0 on failure. More...
 
static void do_activate_cookie_secret (RES *ssl, struct worker *worker)
 Activate cookie secret.
 
static void do_drop_cookie_secret (RES *ssl, struct worker *worker)
 Drop cookie secret.
 
static void do_add_cookie_secret (RES *ssl, struct worker *worker, char *arg)
 Add cookie secret.
 
static void do_print_cookie_secrets (RES *ssl, struct worker *worker)
 Print cookie secrets.
 
static int cmdcmp (char *p, const char *cmd, size_t len)
 check for name with end-of-string, space or tab after it
 
static void execute_cmd (struct daemon_remote *rc, RES *ssl, char *cmd, struct worker *worker)
 execute a remote control command
 
void daemon_remote_exec (struct worker *worker)
 Handle nonthreaded remote cmd execution. More...
 
static void handle_req (struct daemon_remote *rc, struct rc_state *s, RES *res)
 handle remote control request
 
static int remote_handshake_later (struct daemon_remote *rc, struct rc_state *s, struct comm_point *c, int r, int r2)
 handle SSL_do_handshake changes to the file descriptor to wait for later
 
int remote_control_callback (struct comm_point *c, void *arg, int err, struct comm_reply *ATTR_UNUSED(rep))
 

Detailed Description

This file contains the remote control functionality for the daemon.

The remote control can be performed using either the commandline unbound-control tool, or a TLS capable web browser. The channel is secured using TLSv1, and certificates. Both the server and the client(control tool) have their own keys.

Function Documentation

◆ daemon_remote_create()

struct daemon_remote* daemon_remote_create ( struct config_file cfg)

Create new remote control state for the daemon.

Parameters
cfgconfig file with key file settings.
Returns
new state, or NULL on failure.

References config_file::control_use_cert, log_err(), daemon_remote::max_active, options_remote_is_address(), and config_file::remote_control_enable.

◆ daemon_remote_clear()

void daemon_remote_clear ( struct daemon_remote rc)

remote control state to clear up.

Busy and accept points are closed. Does not delete the rc itself, or the ssl context (with its keys).

Parameters
rcstate to clear.

References daemon_remote::accept_list, daemon_remote::active, daemon_remote::busy_list, rc_state::c, comm_point_delete(), listen_list_delete(), rc_state::next, rc_state::rc, and daemon_remote::worker.

Referenced by daemon_cleanup(), and daemon_remote_delete().

◆ daemon_remote_delete()

void daemon_remote_delete ( struct daemon_remote rc)

remote control state to delete.

Parameters
rcstate to delete.

References daemon_remote_clear(), and rc_state::rc.

Referenced by daemon_delete().

◆ add_open()

static int add_open ( const char *  ip,
int  nr,
struct listen_port **  list,
int  noproto_is_err,
struct config_file cfg 
)
static

Add and open a new control port.

Parameters
ipip str
nrport nr
listlist head
noproto_is_errif lack of protocol support is an error.
cfgconfig with username for chown of unix-sockets.
Returns
false on failure.

References cfg_gid, cfg_uid, create_local_accept_sock(), create_tcp_accept_sock(), listen_port::fd, config_file::ip_dscp, config_file::ip_freebind, config_file::ip_transparent, log_assert, log_err(), listen_port::next, sock_close(), config_file::use_systemd, config_file::username, VERB_QUERY, and verbose().

Referenced by daemon_remote_open_ports().

◆ daemon_remote_open_ports()

struct listen_port* daemon_remote_open_ports ( struct config_file cfg)

Open and create listening ports for remote control.

Parameters
cfgconfig options.
Returns
list of ports or NULL on failure. can be freed with listening_ports_free().

References add_open(), config_del_strarray(), config_file::control_ifs, config_file::control_port, config_file::do_ip4, config_file::do_ip6, config_strlist_head::first, listening_ports_free(), log_assert, config_file::remote_control_enable, and resolve_interface_names().

◆ daemon_remote_open_accept()

int daemon_remote_open_accept ( struct daemon_remote rc,
struct listen_port ports,
struct worker worker 
)

Setup comm points for accepting remote control connections.

Parameters
rcstate
portsalready opened ports.
workerworker with communication base. and links to command channels.
Returns
false on error.

References accept_open(), listen_port::fd, log_err(), listen_port::next, and daemon_remote::worker.

◆ daemon_remote_stop_accept()

void daemon_remote_stop_accept ( struct daemon_remote rc)

Stop accept handlers for TCP (until enabled again)

Parameters
rcstate

References daemon_remote::accept_list, and listen_list::next.

Referenced by worker_stop_accept().

◆ daemon_remote_start_accept()

void daemon_remote_start_accept ( struct daemon_remote rc)

Stop accept handlers for TCP (until enabled again)

Parameters
rcstate

References daemon_remote::accept_list, and listen_list::next.

Referenced by worker_start_accept().

◆ cookie_secret_file_dump()

static int cookie_secret_file_dump ( RES ssl,
struct worker worker 
)
static

Write the cookie secrets to file, returns 0 on failure.

Caller has to hold the lock.

References module_env::cfg, config_file::cookie_secret_file, daemon::cookie_secrets, worker::daemon, and worker::env.

Referenced by do_activate_cookie_secret(), and do_drop_cookie_secret().

◆ daemon_remote_exec()

void daemon_remote_exec ( struct worker worker)

Handle nonthreaded remote cmd execution.

Parameters
workerthis worker (the remote worker).

References worker::cmd, execute_cmd(), log_err(), tube_read_msg(), VERB_ALGO, and verbose().