OpenDNSSEC-signer 1.2.1
|
00001 /* 00002 * $Id: tools.c 4515 2011-02-24 08:58:03Z matthijs $ 00003 * 00004 * Copyright (c) 2009 NLNet Labs. All rights reserved. 00005 * 00006 * Redistribution and use in source and binary forms, with or without 00007 * modification, are permitted provided that the following conditions 00008 * are met: 00009 * 1. Redistributions of source code must retain the above copyright 00010 * notice, this list of conditions and the following disclaimer. 00011 * 2. Redistributions in binary form must reproduce the above copyright 00012 * notice, this list of conditions and the following disclaimer in the 00013 * documentation and/or other materials provided with the distribution. 00014 * 00015 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 00016 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 00017 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 00018 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY 00019 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 00020 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE 00021 * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 00022 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER 00023 * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 00024 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN 00025 * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 00026 * 00027 */ 00028 00034 #include "config.h" 00035 #include "adapter/adapter.h" 00036 #include "daemon/engine.h" 00037 #include "scheduler/locks.h" 00038 #include "signer/tools.h" 00039 #include "signer/zone.h" 00040 #include "util/file.h" 00041 #include "util/log.h" 00042 #include "util/se_malloc.h" 00043 00044 #include <unistd.h> /* unlink() */ 00045 00046 00051 int 00052 tools_read_input(zone_type* zone) 00053 { 00054 char* tmpname = NULL; 00055 char* axfrname = NULL; 00056 int error = 0; 00057 time_t start = 0; 00058 time_t end = 0; 00059 00060 se_log_assert(zone); 00061 se_log_assert(zone->inbound_adapter); 00062 se_log_assert(zone->signconf); 00063 se_log_assert(zone->stats); 00064 00065 zone->stats->sort_done = 0; 00066 zone->stats->sort_count = 0; 00067 zone->stats->sort_time = 0; 00068 start = time(NULL); 00069 00070 switch (zone->inbound_adapter->type) { 00071 case ADAPTER_FILE: 00072 if (zone->fetch) { 00073 se_log_verbose("fetch zone %s", 00074 zone->name?zone->name:"(null)"); 00075 axfrname = se_build_path(zone->inbound_adapter->filename, 00076 ".axfr", 0); 00077 error = se_file_copy(axfrname, 00078 zone->inbound_adapter->filename); 00079 if (error) { 00080 se_log_error("unable to copy axfr file %s to %s", 00081 axfrname, zone->inbound_adapter->filename); 00082 se_free((void*)axfrname); 00083 return 1; 00084 } 00085 se_free((void*)axfrname); 00086 } 00087 00088 se_log_verbose("read zone %s from input file adapter %s", 00089 zone->name?zone->name:"(null)", 00090 zone->inbound_adapter->filename ? 00091 zone->inbound_adapter->filename:"(null)"); 00092 00093 tmpname = se_build_path(zone->name, ".inbound", 0); 00094 error = se_file_copy(zone->inbound_adapter->filename, tmpname); 00095 if (!error) { 00096 error = adfile_read(zone, tmpname, 0); 00097 } 00098 se_free((void*)tmpname); 00099 break; 00100 case ADAPTER_UNKNOWN: 00101 default: 00102 se_log_error("read zone %s failed: unknown inbound adapter type " 00103 "%i", zone->name?zone->name:"(null)", 00104 (int) zone->inbound_adapter->type); 00105 error = 1; 00106 break; 00107 } 00108 end = time(NULL); 00109 if (!error) { 00110 zone_backup_state(zone); 00111 zone->stats->start_time = start; 00112 zone->stats->sort_time = (end-start); 00113 } else { 00114 zonedata_cancel_update(zone->zonedata); 00115 } 00116 return error; 00117 } 00118 00119 00124 int 00125 tools_add_dnskeys(zone_type* zone) 00126 { 00127 int error = 0; 00128 se_log_assert(zone); 00129 se_log_assert(zone->signconf); 00130 se_log_verbose("publish dnskeys to zone %s", 00131 zone->name?zone->name:"(null)"); 00132 error = zone_add_dnskeys(zone); 00133 if (!error) { 00134 zone_backup_state(zone); 00135 } else { 00136 zonedata_cancel_update(zone->zonedata); 00137 } 00138 return error; 00139 } 00140 00145 int 00146 tools_update(zone_type* zone) 00147 { 00148 int error = 0; 00149 char* inbound = NULL; 00150 char* unsorted = NULL; 00151 se_log_assert(zone); 00152 se_log_assert(zone->signconf); 00153 se_log_verbose("update zone %s", zone->name?zone->name:"(null)"); 00154 error = zone_update_zonedata(zone); 00155 if (!error) { 00156 se_log_verbose("zone %s updated to serial %u", 00157 zone->name?zone->name:"(null)", zone->zonedata->internal_serial); 00158 00159 inbound = se_build_path(zone->name, ".inbound", 0); 00160 unsorted = se_build_path(zone->name, ".unsorted", 0); 00161 error = se_file_copy(inbound, unsorted); 00162 if (!error) { 00163 zone_backup_state(zone); 00164 zone->stats->sort_done = 1; 00165 unlink(inbound); 00166 } 00167 se_free((void*)inbound); 00168 se_free((void*)unsorted); 00169 } 00170 return error; 00171 } 00172 00173 00178 int 00179 tools_nsecify(zone_type* zone) 00180 { 00181 int error = 0; 00182 time_t start = 0; 00183 time_t end = 0; 00184 se_log_assert(zone); 00185 se_log_assert(zone->signconf); 00186 se_log_assert(zone->stats); 00187 se_log_verbose("nsecify zone %s", zone->name?zone->name:"(null)"); 00188 start = time(NULL); 00189 error = zone_nsecify(zone); 00190 end = time(NULL); 00191 if (!error) { 00192 if (!zone->stats->start_time) { 00193 zone->stats->start_time = start; 00194 } 00195 zone->stats->nsec_time = (end-start); 00196 } 00197 return error; 00198 } 00199 00200 00205 int 00206 tools_sign(zone_type* zone) 00207 { 00208 int error = 0; 00209 time_t start = 0; 00210 time_t end = 0; 00211 se_log_assert(zone); 00212 se_log_assert(zone->signconf); 00213 se_log_assert(zone->stats); 00214 se_log_verbose("sign zone %s", zone->name?zone->name:"(null)"); 00215 start = time(NULL); 00216 error = zone_sign(zone); 00217 end = time(NULL); 00218 if (!error) { 00219 se_log_verbose("zone %s signed, new serial %u", 00220 zone->name?zone->name:"(null)", zone->zonedata->internal_serial); 00221 if (!zone->stats->start_time) { 00222 zone->stats->start_time = start; 00223 } 00224 zone->stats->sig_time = (end-start); 00225 zone_backup_state(zone); 00226 } 00227 return error; 00228 } 00229 00230 00235 int 00236 tools_audit(zone_type* zone, char* working_dir, char* cfg_filename) 00237 { 00238 char* finalized = NULL; 00239 char str[SYSTEM_MAXLEN]; 00240 int error = 0; 00241 time_t start = 0; 00242 time_t end = 0; 00243 se_log_assert(zone); 00244 se_log_assert(zone->signconf); 00245 00246 if (zone->stats->sort_done == 0 && 00247 (zone->stats->sig_count <= zone->stats->sig_soa_count)) { 00248 return 0; 00249 } 00250 if (zone->signconf->audit) { 00251 se_log_verbose("audit zone %s", zone->name?zone->name:"(null)"); 00252 finalized = se_build_path(zone->name, ".finalized", 0); 00253 error = adfile_write(zone, finalized); 00254 if (error != 0) { 00255 se_log_error("audit zone %s failed: unable to write zone", 00256 zone->name?zone->name:"(null)"); 00257 se_free((void*)finalized); 00258 return 1; 00259 } 00260 00261 snprintf(str, SYSTEM_MAXLEN, "%s -c %s -s %s/%s -z %s > /dev/null", 00262 ODS_SE_AUDITOR, 00263 cfg_filename?cfg_filename:ODS_SE_CFGFILE, 00264 working_dir?working_dir:"", 00265 finalized?finalized:"(null)", 00266 zone->name?zone->name:"(null)"); 00267 00268 start = time(NULL); 00269 se_log_debug("system call: %s", str); 00270 error = system(str); 00271 if (finalized) { 00272 if (!error) { 00273 unlink(finalized); 00274 } 00275 se_free((void*)finalized); 00276 } 00277 end = time(NULL); 00278 zone->stats->audit_time = (end-start); 00279 } 00280 return error; 00281 } 00282 00283 00290 int tools_write_output(zone_type* zone) 00291 { 00292 int error = 0; 00293 char str[SYSTEM_MAXLEN]; 00294 se_log_assert(zone); 00295 se_log_assert(zone->signconf); 00296 se_log_assert(zone->outbound_adapter); 00297 se_log_assert(zone->stats);; 00298 00299 if (zone->stats->sort_done == 0 && 00300 (zone->stats->sig_count <= zone->stats->sig_soa_count)) { 00301 se_log_verbose("skip write zone %s serial %u (zone not changed)", 00302 zone->name?zone->name:"(null)", zone->zonedata->internal_serial); 00303 stats_clear(zone->stats); 00304 return 0; 00305 } 00306 00307 zone->zonedata->outbound_serial = zone->zonedata->internal_serial; 00308 se_log_verbose("write zone %s serial %u", 00309 zone->name?zone->name:"(null)", zone->zonedata->outbound_serial); 00310 00311 switch (zone->outbound_adapter->type) { 00312 case ADAPTER_FILE: 00313 error = adfile_write(zone, NULL); 00314 break; 00315 case ADAPTER_UNKNOWN: 00316 default: 00317 se_log_error("write zone %s failed: unknown outbound adapter " 00318 "type %i", zone->name?zone->name:"(null)", 00319 (int) zone->inbound_adapter->type); 00320 error = 1; 00321 break; 00322 } 00323 if (error) { 00324 return error; 00325 } 00326 zone_backup_state(zone); 00327 00328 /* kick the nameserver */ 00329 if (zone->notify_ns) { 00330 se_log_verbose("notify nameserver: %s", zone->notify_ns); 00331 00332 snprintf(str, SYSTEM_MAXLEN, "%s > /dev/null", 00333 zone->notify_ns); 00334 error = system(str); 00335 if (error) { 00336 se_log_error("failed to notify nameserver"); 00337 } 00338 } 00339 /* log stats */ 00340 zone->stats->end_time = time(NULL); 00341 se_log_debug("log stats for zone %s", zone->name?zone->name:"(null)"); 00342 stats_log(zone->stats, zone->name, zone->signconf->nsec_type); 00343 stats_clear(zone->stats); 00344 00345 return error; 00346 }