clones/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2024-09-21 14:47:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

debug routines and first brazilian prime has been done.

Browse Source 
git-svn-id: file:///svn/unbound/trunk@1770 be551aaa-1e26-0410-a405-d3ace91eadb9
This commit is contained in:
Wouter Wijngaards 2009-08-21 15:27:23 +00:00
parent ca94ca57b4
commit 28be658942
5 changed files with 148 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
doc/Changelog
View File

@ -1,3 +1,6 @@
21 August 2009: Wouter
- autotrust: debug routines. Read,write and conversions work.
20 August 2009: Wouter 20 August 2009: Wouter
- autotrust: save and read trustpoint variables. - autotrust: save and read trustpoint variables.

4
util/data/packed_rrset.c
View File

@ -372,7 +372,7 @@ packed_rrset_heap_data(ldns_rr_list* rrset)
data->rr_ttl[i] = ldns_rr_ttl(rr); data->rr_ttl[i] = ldns_rr_ttl(rr);
if(data->rr_ttl[i] < data->ttl) if(data->rr_ttl[i] < data->ttl)
data->ttl = data->rr_ttl[i]; data->ttl = data->rr_ttl[i];
data->rr_len[i] = 0; data->rr_len[i] = 2; /* the rdlength */
for(j=0; j<ldns_rr_rd_count(rr); j++) for(j=0; j<ldns_rr_rd_count(rr); j++)
data->rr_len[i] += ldns_rdf_size(ldns_rr_rdf(rr, j)); data->rr_len[i] += ldns_rdf_size(ldns_rr_rdf(rr, j));
} }
@ -386,7 +386,7 @@ packed_rrset_heap_data(ldns_rr_list* rrset)
/* copy data in there */ /* copy data in there */
for(i=0; i<total; i++) { for(i=0; i<total; i++) {
ldns_rr* rr = ldns_rr_list_rr(rrset, i); ldns_rr* rr = ldns_rr_list_rr(rrset, i);
uint16_t rdlen = htons(data->rr_len[i]); uint16_t rdlen = htons(data->rr_len[i]-2);
size_t p = sizeof(rdlen); size_t p = sizeof(rdlen);
memmove(data->rr_data[i], &rdlen, p); memmove(data->rr_data[i], &rdlen, p);
for(j=0; j<ldns_rr_rd_count(rr); j++) { for(j=0; j<ldns_rr_rd_count(rr); j++) {

183
validator/autotrust.c
View File

@ -513,7 +513,8 @@ autr_assemble(struct trust_anchor* tp)
/* make packed rrset keys - malloced with no ID number, they /* make packed rrset keys - malloced with no ID number, they
* are not in the cache */ * are not in the cache */
/* make packed rrset data (if there is a key) */ /* make packed rrset data (if there is a key) */
if(ds) {
if(ldns_rr_list_rr_count(ds) > 0) {
ubds = ub_packed_rrset_heap_key(ds); ubds = ub_packed_rrset_heap_key(ds);
if(!ubds) if(!ubds)
goto error_cleanup; goto error_cleanup;
@ -521,7 +522,7 @@ autr_assemble(struct trust_anchor* tp)
if(!ubds->entry.data) if(!ubds->entry.data)
goto error_cleanup; goto error_cleanup;
} }
if(dnskey) { if(ldns_rr_list_rr_count(dnskey) > 0) {
ubdnskey = ub_packed_rrset_heap_key(dnskey); ubdnskey = ub_packed_rrset_heap_key(dnskey);
if(!ubdnskey) if(!ubdnskey)
goto error_cleanup; goto error_cleanup;
@ -543,6 +544,8 @@ autr_assemble(struct trust_anchor* tp)
/* assign the data to replace the old */ /* assign the data to replace the old */
tp->ds_rrset = ubds; tp->ds_rrset = ubds;
tp->dnskey_rrset = ubdnskey; tp->dnskey_rrset = ubdnskey;
tp->numDS = ldns_rr_list_rr_count(ds);
tp->numDNSKEY = ldns_rr_list_rr_count(dnskey);
ldns_rr_list_free(ds); ldns_rr_list_free(ds);
ldns_rr_list_free(dnskey); ldns_rr_list_free(dnskey);
@ -607,39 +610,40 @@ parse_var_line(char* line, struct val_anchors* anchors,
{ {
struct trust_anchor* tp = *anchor; struct trust_anchor* tp = *anchor;
int r = 0; int r = 0;
if(strncmp(line, ";;id: ", 5) == 0) { if(strncmp(line, ";;id: ", 6) == 0) {
*anchor = parse_id(anchors, line+6); *anchor = parse_id(anchors, line+6);
if(!*anchor) return -1; if(!*anchor) return -1;
else return 1; else return 1;
} else if(strncmp(line, ";;last_queried: ", 15) == 0) { } else if(strncmp(line, ";;last_queried: ", 16) == 0) {
if(!tp) return -1; if(!tp) return -1;
lock_basic_lock(&tp->lock); lock_basic_lock(&tp->lock);
tp->autr->last_queried = (time_t)parse_int(line+16, &r); tp->autr->last_queried = (time_t)parse_int(line+16, &r);
lock_basic_unlock(&tp->lock); lock_basic_unlock(&tp->lock);
} else if(strncmp(line, ";;last_success: ", 15) == 0) { } else if(strncmp(line, ";;last_success: ", 16) == 0) {
if(!tp) return -1; if(!tp) return -1;
lock_basic_lock(&tp->lock); lock_basic_lock(&tp->lock);
tp->autr->last_success = (time_t)parse_int(line+16, &r); tp->autr->last_success = (time_t)parse_int(line+16, &r);
lock_basic_unlock(&tp->lock); lock_basic_unlock(&tp->lock);
} else if(strncmp(line, ";;next_probe_time: ", 18) == 0) { } else if(strncmp(line, ";;next_probe_time: ", 19) == 0) {
if(!tp) return -1; if(!tp) return -1;
lock_basic_lock(&tp->lock); lock_basic_lock(&tp->lock);
tp->autr->next_probe_time = (time_t)parse_int(line+16, &r); tp->autr->next_probe_time = (time_t)parse_int(line+19, &r);
/* TODO manage probetree */
lock_basic_unlock(&tp->lock); lock_basic_unlock(&tp->lock);
} else if(strncmp(line, ";;query_failed: ", 15) == 0) { } else if(strncmp(line, ";;query_failed: ", 16) == 0) {
if(!tp) return -1; if(!tp) return -1;
lock_basic_lock(&tp->lock); lock_basic_lock(&tp->lock);
tp->autr->query_failed = (uint8_t)parse_int(line+16, &r); tp->autr->query_failed = (uint8_t)parse_int(line+16, &r);
lock_basic_unlock(&tp->lock); lock_basic_unlock(&tp->lock);
} else if(strncmp(line, ";;query_interval: ", 17) == 0) { } else if(strncmp(line, ";;query_interval: ", 18) == 0) {
if(!tp) return -1; if(!tp) return -1;
lock_basic_lock(&tp->lock); lock_basic_lock(&tp->lock);
tp->autr->query_interval = (uint32_t)parse_int(line+16, &r); tp->autr->query_interval = (uint32_t)parse_int(line+18, &r);
lock_basic_unlock(&tp->lock); lock_basic_unlock(&tp->lock);
} else if(strncmp(line, ";;retry_time: ", 13) == 0) { } else if(strncmp(line, ";;retry_time: ", 14) == 0) {
if(!tp) return -1; if(!tp) return -1;
lock_basic_lock(&tp->lock); lock_basic_lock(&tp->lock);
tp->autr->retry_time = (uint32_t)parse_int(line+16, &r); tp->autr->retry_time = (uint32_t)parse_int(line+14, &r);
lock_basic_unlock(&tp->lock); lock_basic_unlock(&tp->lock);
} }
return r; return r;
@ -664,7 +668,6 @@ int autr_read_file(struct val_anchors* anchors, const char* nm)
} }
verbose(VERB_ALGO, "reading autotrust anchor file %s", nm); verbose(VERB_ALGO, "reading autotrust anchor file %s", nm);
/* TODO: read line to see if special marker for revoked tp */ /* TODO: read line to see if special marker for revoked tp */
/* TODO: read next probe time (if in file, otherwise now+0-100s) */
while (fgets(line, (int)sizeof(line), fd) != NULL) { while (fgets(line, (int)sizeof(line), fd) != NULL) {
line_nr++; line_nr++;
if((r = parse_var_line(line, anchors, &tp)) == -1) { if((r = parse_var_line(line, anchors, &tp)) == -1) {
@ -706,6 +709,21 @@ int autr_read_file(struct val_anchors* anchors, const char* nm)
return 1; return 1;
} }
/** string for a trustanchor state */
static const char*
trustanchor_state2str(autr_state_t s)
{
switch (s) {
case AUTR_STATE_START: return " START ";
case AUTR_STATE_ADDPEND: return " ADDPEND ";
case AUTR_STATE_VALID: return " VALID ";
case AUTR_STATE_MISSING: return " MISSING ";
case AUTR_STATE_REVOKED: return " REVOKED ";
case AUTR_STATE_REMOVED: return " REMOVED ";
}
return " UNKNOWN ";
}
/** print ID to file */ /** print ID to file */
static void static void
print_id(FILE* out, struct module_env* env, print_id(FILE* out, struct module_env* env,
@ -744,15 +762,15 @@ void autr_write_file(struct module_env* env, struct trust_anchor* tp)
/* write pretty header */ /* write pretty header */
fprintf(out, "; autotrust trust anchor file\n"); fprintf(out, "; autotrust trust anchor file\n");
print_id(out, env, tp->name, tp->namelen, tp->dclass); print_id(out, env, tp->name, tp->namelen, tp->dclass);
ctime_r(&(tp->autr->last_queried), tmi); fprintf(out, ";;last_queried: %u ;;%s",
fprintf(out, ";;last_queried: %u ;;%s\n", (unsigned int)tp->autr->last_queried,
(unsigned int)tp->autr->last_queried, tmi); ctime_r(&(tp->autr->last_queried), tmi));
ctime_r(&(tp->autr->last_success), tmi); fprintf(out, ";;last_success: %u ;;%s",
fprintf(out, ";;last_success: %u ;;%s\n", (unsigned int)tp->autr->last_success,
(unsigned int)tp->autr->last_success, tmi); ctime_r(&(tp->autr->last_success), tmi));
ctime_r(&(tp->autr->next_probe_time), tmi); fprintf(out, ";;next_probe_time: %u ;;%s",
fprintf(out, ";;next_probe_time: %u ;;%s\n", (unsigned int)tp->autr->next_probe_time,
(unsigned int)tp->autr->next_probe_time, tmi); ctime_r(&(tp->autr->next_probe_time), tmi));
fprintf(out, ";;query_failed: %d\n", (int)tp->autr->query_failed); fprintf(out, ";;query_failed: %d\n", (int)tp->autr->query_failed);
fprintf(out, ";;query_interval: %d\n", (int)tp->autr->query_interval); fprintf(out, ";;query_interval: %d\n", (int)tp->autr->query_interval);
fprintf(out, ";;retry_time: %d\n", (int)tp->autr->retry_time); fprintf(out, ";;retry_time: %d\n", (int)tp->autr->retry_time);
@ -778,10 +796,11 @@ void autr_write_file(struct module_env* env, struct trust_anchor* tp)
continue; continue;
} }
str[strlen(str)-1] = 0; str[strlen(str)-1] = 0;
ctime_r(&(ta->last_change), tmi); fprintf(out, "%s ;;state=%d [%s] ;;count=%d "
fprintf(out, "%s ;;state=%d ;;count=%d ;;lastchange=%u ;;%s", ";;lastchange=%u ;;%s", str, (int)ta->s,
str, (int)ta->s, (int)ta->pending_count, trustanchor_state2str(ta->s), (int)ta->pending_count,
(unsigned int)ta->last_change, tmi); (unsigned int)ta->last_change,
ctime_r(&(ta->last_change), tmi));
free(str); free(str);
} }
fclose(out); fclose(out);
@ -1035,11 +1054,7 @@ static void
set_tp_times(struct trust_anchor* tp, uint32_t rrsig_exp_interval, set_tp_times(struct trust_anchor* tp, uint32_t rrsig_exp_interval,
uint32_t origttl, int* changed) uint32_t origttl, int* changed)
{ {
uint32_t x; uint32_t x, qi = tp->autr->query_interval, rt = tp->autr->retry_time;
uint32_t qi = tp->autr->query_interval, rt = tp->autr->retry_time;
verbose(VERB_ALGO, "orig_ttl is %d", (int)origttl);
verbose(VERB_ALGO, "rrsig_exp_interval is %d", (int)rrsig_exp_interval);
/* x = MIN(15days, ttl/2, expire/2) */ /* x = MIN(15days, ttl/2, expire/2) */
x = 15 * 24 * 3600; x = 15 * 24 * 3600;
@ -1063,11 +1078,15 @@ set_tp_times(struct trust_anchor* tp, uint32_t rrsig_exp_interval,
tp->autr->retry_time = 3600; tp->autr->retry_time = 3600;
else tp->autr->retry_time = x; else tp->autr->retry_time = x;
if(qi != tp->autr->query_interval || rt != tp->autr->retry_time) if(qi != tp->autr->query_interval || rt != tp->autr->retry_time) {
*changed = 1; *changed = 1;
verbose(VERB_ALGO, "orig_ttl is %d", (int)origttl);
verbose(VERB_ALGO, "rrsig_exp_interval is %d",
(int)rrsig_exp_interval);
verbose(VERB_ALGO, "query_interval: %d, retry_time: %d", verbose(VERB_ALGO, "query_interval: %d, retry_time: %d",
(int)tp->autr->query_interval, (int)tp->autr->retry_time); (int)tp->autr->query_interval,
(int)tp->autr->retry_time);
}
} }
/** init events to zero */ /** init events to zero */
@ -1131,21 +1150,6 @@ update_events(struct module_env* env, struct val_env* ve,
return 1; return 1;
} }
/** string for a trustanchor state */
static const char*
trustanchor_state2str(autr_state_t s)
{
switch (s) {
case AUTR_STATE_START: return " START ";
case AUTR_STATE_ADDPEND: return " ADDPEND ";
case AUTR_STATE_VALID: return " VALID ";
case AUTR_STATE_MISSING: return " MISSING ";
case AUTR_STATE_REVOKED: return " REVOKED ";
case AUTR_STATE_REMOVED: return " REMOVED ";
}
return " UNKNOWN ";
}
/** /**
* Check if the holddown time has already exceeded * Check if the holddown time has already exceeded
* setting: add-holddown: add holddown timer * setting: add-holddown: add holddown timer
@ -1457,7 +1461,86 @@ int autr_process_prime(struct module_env* env, struct val_env* ve,
* save name, unlock, take from tree, delete. */ * save name, unlock, take from tree, delete. */
return 0; /* trust point removed */ return 0; /* trust point removed */
} }
} } else verbose(VERB_ALGO, "autotrust: no changes");
return 1; /* no changes */ return 1; /* no changes */
} }
/** debug print a trust anchor key */
static void
autr_debug_print_ta(struct autr_ta* ta)
{
char buf[32];
char* str = ldns_rr2str(ta->rr);
if(!str) {
log_info("out of memory in debug_print_ta");
return;
}
if(str && str[0]) str[strlen(str)-1]=0; /* remove newline */
ctime_r(&ta->last_change, buf);
if(buf[0]) buf[strlen(buf)-1]=0; /* remove newline */
log_info("[%s] %s ;;state:%d ;;pending_count:%d%s%s last:%s",
trustanchor_state2str(ta->s), str, ta->s, ta->pending_count,
ta->fetched?" fetched":"", ta->revoked?" revoked":"", buf);
free(str);
}
/** debug print a trust point */
static void
autr_debug_print_tp(struct trust_anchor* tp)
{
struct autr_ta* ta;
char buf[257];
dname_str(tp->name, buf);
log_info("trust point %s : %d", buf, (int)tp->dclass);
log_info("assembled %d DS and %d DNSKEYs",
(int)tp->numDS, (int)tp->numDNSKEY);
if(1) { /* DEBUG */
ldns_buffer* buf = ldns_buffer_new(70000);
ldns_rr_list* list;
if(tp->ds_rrset) {
list = packed_rrset_to_rr_list(tp->ds_rrset, buf);
ldns_rr_list_print(stderr, list);
ldns_rr_list_deep_free(list);
}
if(tp->dnskey_rrset) {
list = packed_rrset_to_rr_list(tp->dnskey_rrset, buf);
ldns_rr_list_print(stderr, list);
ldns_rr_list_deep_free(list);
}
ldns_buffer_free(buf);
}
if(!tp->autr)
return;
log_info("file %s", tp->autr->file);
ctime_r(&tp->autr->last_queried, buf);
if(buf[0]) buf[strlen(buf)-1]=0; /* remove newline */
log_info("last_queried: %u %s", (unsigned)tp->autr->last_queried, buf);
ctime_r(&tp->autr->last_success, buf);
if(buf[0]) buf[strlen(buf)-1]=0; /* remove newline */
log_info("last_success: %u %s", (unsigned)tp->autr->last_success, buf);
ctime_r(&tp->autr->next_probe_time, buf);
if(buf[0]) buf[strlen(buf)-1]=0; /* remove newline */
log_info("next_probe_time: %u %s", (unsigned)tp->autr->next_probe_time,
buf);
log_info("query_interval: %u", (unsigned)tp->autr->query_interval);
log_info("retry_time: %u", (unsigned)tp->autr->retry_time);
log_info("query_failed: %u", (unsigned)tp->autr->query_failed);
for(ta=tp->autr->keys; ta; ta=ta->next) {
autr_debug_print_ta(ta);
}
}
void
autr_debug_print(struct val_anchors* anchors)
{
struct trust_anchor* tp;
lock_basic_lock(&anchors->lock);
RBTREE_FOR(tp, struct trust_anchor*, anchors->tree) {
lock_basic_lock(&tp->lock);
autr_debug_print_tp(tp);
lock_basic_unlock(&tp->lock);
}
lock_basic_unlock(&anchors->lock);
}

6
validator/autotrust.h
View File

@ -164,4 +164,10 @@ void autr_point_delete(struct trust_anchor* tp);
int autr_process_prime(struct module_env* env, struct val_env* ve, int autr_process_prime(struct module_env* env, struct val_env* ve,
struct trust_anchor* tp, struct ub_packed_rrset_key* dnskey_rrset); struct trust_anchor* tp, struct ub_packed_rrset_key* dnskey_rrset);
/**
* Debug printout of rfc5011 tracked anchors
* @param anchors: all the anchors.
*/
void autr_debug_print(struct val_anchors* anchors);
#endif /* VALIDATOR_AUTOTRUST_H */ #endif /* VALIDATOR_AUTOTRUST_H */

5
validator/val_anchor.c
View File

@ -940,9 +940,9 @@ anchors_assemble_rrsets(struct val_anchors* anchors)
while((rbnode_t*)ta != RBTREE_NULL) { while((rbnode_t*)ta != RBTREE_NULL) {
next = (struct trust_anchor*)rbtree_next(&ta->node); next = (struct trust_anchor*)rbtree_next(&ta->node);
lock_basic_lock(&ta->lock); lock_basic_lock(&ta->lock);
if(ta->numDS == 0 && ta->numDNSKEY == 0) { if(ta->autr || (ta->numDS == 0 && ta->numDNSKEY == 0)) {
lock_basic_unlock(&ta->lock); lock_basic_unlock(&ta->lock);
ta = next; /* skip unsigned entries, nothing to do */ ta = next; /* skip */
continue; continue;
} }
if(!anchors_assemble(anchors, ta)) { if(!anchors_assemble(anchors, ta)) {
@ -1079,6 +1079,7 @@ anchors_apply_cfg(struct val_anchors* anchors, struct config_file* cfg)
anchors_assemble_rrsets(anchors); anchors_assemble_rrsets(anchors);
init_parents(anchors); init_parents(anchors);
ldns_buffer_free(parsebuf); ldns_buffer_free(parsebuf);
autr_debug_print(anchors); /* DEBUG */
return 1; return 1;
} }