Unverified Commit 0d4685b3 authored by Michal 'vorner' Vaner's avatar Michal 'vorner' Vaner
Browse files

Merge #1976

Finally! This one was big.

With some minor updates to catch up to the changes after merge.

Conflicts:
	src/bin/auth/auth_srv.cc
	src/bin/auth/auth_srv.h
	src/bin/auth/tests/auth_srv_unittest.cc
	src/lib/datasrc/client_list.cc
	src/lib/datasrc/tests/client_list_unittest.cc
parents 1318187d 19df22ab
......@@ -1142,6 +1142,7 @@ AC_CONFIG_FILES([Makefile
AC_OUTPUT([doc/version.ent
src/bin/cfgmgr/b10-cfgmgr.py
src/bin/cfgmgr/tests/b10-cfgmgr_test.py
src/bin/cfgmgr/plugins/datasrc.spec.pre
src/bin/cmdctl/cmdctl.py
src/bin/cmdctl/run_b10-cmdctl.sh
src/bin/cmdctl/tests/cmdctl_test
......
......@@ -48,6 +48,7 @@ b10_auth_SOURCES += auth_config.cc auth_config.h
b10_auth_SOURCES += command.cc command.h
b10_auth_SOURCES += common.h common.cc
b10_auth_SOURCES += statistics.cc statistics.h
b10_auth_SOURCES += datasrc_configurator.h
b10_auth_SOURCES += main.cc
# This is a temporary workaround for #1206, where the InMemoryClient has been
# moved to an ldopened library. We could add that library to LDADD, but that
......
......@@ -125,10 +125,6 @@
{
"item_name": "origin", "item_type": "string",
"item_optional": false, "item_default": ""
},
{
"item_name": "datasrc", "item_type": "string",
"item_optional": true, "item_default": "memory"
}
]
},
......
......@@ -43,20 +43,6 @@ using namespace isc::datasrc;
using namespace isc::server_common::portconfig;
namespace {
/// A derived \c AuthConfigParser class for the "datasources" configuration
/// identifier.
class DatasourcesConfig : public AuthConfigParser {
public:
DatasourcesConfig(AuthSrv& server) : server_(server)
{}
virtual void build(ConstElementPtr config_value);
virtual void commit();
private:
AuthSrv& server_;
vector<boost::shared_ptr<AuthConfigParser> > datasources_;
set<string> configured_sources_;
vector<pair<RRClass, DataSourceClientContainerPtr> > clients_;
};
/// A derived \c AuthConfigParser for the version value
/// (which is not used at this moment)
......@@ -67,79 +53,6 @@ public:
virtual void commit() {};
};
void
DatasourcesConfig::build(ConstElementPtr config_value) {
BOOST_FOREACH(ConstElementPtr datasrc_elem, config_value->listValue()) {
// The caller is supposed to perform syntax-level checks, but we'll
// do minimum level of validation ourselves so that we won't crash due
// to a buggy application.
ConstElementPtr datasrc_type = datasrc_elem->get("type");
if (!datasrc_type) {
isc_throw(AuthConfigError, "Missing data source type");
}
if (configured_sources_.find(datasrc_type->stringValue()) !=
configured_sources_.end()) {
isc_throw(AuthConfigError, "Data source type '" <<
datasrc_type->stringValue() << "' already configured");
}
// Apart from that it's not really easy to get at the default
// class value for the class here, it should probably really
// be a property of the instantiated data source. For now
// use hardcoded default IN.
const RRClass rrclass =
datasrc_elem->contains("class") ?
RRClass(datasrc_elem->get("class")->stringValue()) : RRClass::IN();
// Right now, we only support the in-memory data source for the
// RR class of IN. We reject other cases explicitly by hardcoded
// checks. This will soon be generalized, at which point these
// checks will also have to be cleaned up.
if (rrclass != RRClass::IN()) {
isc_throw(isc::InvalidParameter, "Unsupported data source class: "
<< rrclass);
}
if (datasrc_type->stringValue() != "memory") {
isc_throw(AuthConfigError, "Unsupported data source type: "
<< datasrc_type->stringValue());
}
// Create a new client for the specified data source and store it
// in the local vector. For now, we always build a new client
// from the scratch, and replace any existing ones with the new ones.
// We might eventually want to optimize building zones (in case of
// reloading) by selectively loading fresh zones for data source
// where zone loading is expensive (such as in-memory).
clients_.push_back(
pair<RRClass, DataSourceClientContainerPtr>(
rrclass,
DataSourceClientContainerPtr(new DataSourceClientContainer(
datasrc_type->stringValue(),
datasrc_elem))));
configured_sources_.insert(datasrc_type->stringValue());
}
}
void
DatasourcesConfig::commit() {
// As noted in build(), the current implementation only supports the
// in-memory data source for class IN, and build() should have ensured
// it. So, depending on the vector is empty or not, we either clear
// or install an in-memory data source for the server.
//
// When we generalize it, we'll somehow install all data source clients
// built in the vector, clearing deleted ones from the server.
if (clients_.empty()) {
server_.setInMemoryClient(RRClass::IN(),
DataSourceClientContainerPtr());
} else {
server_.setInMemoryClient(clients_.front().first,
clients_.front().second);
}
}
/// A derived \c AuthConfigParser class for the "statistics-internal"
/// configuration identifier.
class StatisticsIntervalConfig : public AuthConfigParser {
......@@ -242,9 +155,7 @@ createAuthConfigParser(AuthSrv& server, const std::string& config_id) {
// simplicity. In future we'll probably generalize it using map-like
// data structure, and may even provide external register interface so
// that it can be dynamically customized.
if (config_id == "datasources") {
return (new DatasourcesConfig(server));
} else if (config_id == "statistics-interval") {
if (config_id == "statistics-interval") {
return (new StatisticsIntervalConfig(server));
} else if (config_id == "listen_on") {
return (new ListenAddressConfig(server));
......@@ -261,6 +172,14 @@ createAuthConfigParser(AuthSrv& server, const std::string& config_id) {
// later be used to mark backwards incompatible changes in the
// config data
return (new VersionConfig());
} else if (config_id == "datasources") {
// TODO: Ignored for now, since the value is probably used by
// other modules. Once they have been removed from there, remove
// it from here and the spec file.
// We need to return something. The VersionConfig is empty now,
// so we may abuse that one, as it is a short-term solution only.
return (new VersionConfig());
} else {
isc_throw(AuthConfigError, "Unknown configuration identifier: " <<
config_id);
......
......@@ -43,9 +43,9 @@
#include <datasrc/query.h>
#include <datasrc/data_source.h>
#include <datasrc/memory_datasrc.h>
#include <datasrc/static_datasrc.h>
#include <datasrc/sqlite3_datasrc.h>
#include <datasrc/client_list.h>
#include <xfr/xfrout_client.h>
......@@ -222,10 +222,9 @@ private:
AuthSrvImpl(const AuthSrvImpl& source);
AuthSrvImpl& operator=(const AuthSrvImpl& source);
public:
AuthSrvImpl(const bool use_cache, AbstractXfroutClient& xfrout_client,
AuthSrvImpl(AbstractXfroutClient& xfrout_client,
BaseSocketSessionForwarder& ddns_forwarder);
~AuthSrvImpl();
isc::data::ConstElementPtr setDbFile(isc::data::ConstElementPtr config);
bool processNormalQuery(const IOMessage& io_message, Message& message,
OutputBuffer& buffer,
......@@ -248,13 +247,6 @@ public:
ModuleCCSession* config_session_;
AbstractSession* xfrin_session_;
/// In-memory data source. Currently class IN only for simplicity.
const RRClass memory_client_class_;
isc::datasrc::DataSourceClientContainerPtr memory_client_container_;
/// Hot spot cache
isc::datasrc::HotCache cache_;
/// Interval timer for periodic submission of statistics counters.
IntervalTimer statistics_timer_;
......@@ -267,6 +259,21 @@ public:
/// The TSIG keyring
const boost::shared_ptr<TSIGKeyRing>* keyring_;
/// The client list
map<RRClass, boost::shared_ptr<ConfigurableClientList> > client_lists_;
boost::shared_ptr<ConfigurableClientList> getClientList(const RRClass&
rrclass)
{
const map<RRClass, boost::shared_ptr<ConfigurableClientList> >::
const_iterator it(client_lists_.find(rrclass));
if (it == client_lists_.end()) {
return (boost::shared_ptr<ConfigurableClientList>());
} else {
return (it->second);
}
}
/// Bind the ModuleSpec object in config_session_ with
/// isc:config::ModuleSpec::validateStatistics.
void registerStatisticsValidator();
......@@ -296,14 +303,6 @@ public:
bool done);
private:
std::string db_file_;
MetaDataSrc data_sources_;
/// We keep a pointer to the currently running sqlite datasource
/// so that we can specifically remove that one should the database
/// file change
ConstDataSrcPtr cur_datasrc_;
bool xfrout_connected_;
AbstractXfroutClient& xfrout_client_;
......@@ -316,12 +315,10 @@ private:
auth::Query query_;
};
AuthSrvImpl::AuthSrvImpl(const bool use_cache,
AbstractXfroutClient& xfrout_client,
AuthSrvImpl::AuthSrvImpl(AbstractXfroutClient& xfrout_client,
BaseSocketSessionForwarder& ddns_forwarder) :
config_session_(NULL),
xfrin_session_(NULL),
memory_client_class_(RRClass::IN()),
statistics_timer_(io_service_),
counters_(),
keyring_(NULL),
......@@ -329,17 +326,7 @@ AuthSrvImpl::AuthSrvImpl(const bool use_cache,
ddns_forwarder_(NULL),
xfrout_connected_(false),
xfrout_client_(xfrout_client)
{
// cur_datasrc_ is automatically initialized by the default constructor,
// effectively being an empty (sqlite) data source. once ccsession is up
// the datasource will be set by the configuration setting
// add static data source
data_sources_.addDataSrc(ConstDataSrcPtr(new StaticDataSrc));
// enable or disable the cache
cache_.setEnabled(use_cache);
}
{}
AuthSrvImpl::~AuthSrvImpl() {
if (xfrout_connected_) {
......@@ -398,11 +385,10 @@ private:
AuthSrv* server_;
};
AuthSrv::AuthSrv(const bool use_cache,
isc::xfr::AbstractXfroutClient& xfrout_client,
AuthSrv::AuthSrv(isc::xfr::AbstractXfroutClient& xfrout_client,
isc::util::io::BaseSocketSessionForwarder& ddns_forwarder)
{
impl_ = new AuthSrvImpl(use_cache, xfrout_client, ddns_forwarder);
impl_ = new AuthSrvImpl(xfrout_client, ddns_forwarder);
checkin_ = new ConfigChecker(this);
dns_lookup_ = new MessageLookup(this);
dns_answer_ = new MessageAnswer(this);
......@@ -481,16 +467,6 @@ AuthSrv::getIOService() {
return (impl_->io_service_);
}
void
AuthSrv::setCacheSlots(const size_t slots) {
impl_->cache_.setSlots(slots);
}
size_t
AuthSrv::getCacheSlots() const {
return (impl_->cache_.getSlots());
}
void
AuthSrv::setXfrinSession(AbstractSession* xfrin_session) {
impl_->xfrin_session_ = xfrin_session;
......@@ -512,48 +488,6 @@ AuthSrv::getConfigSession() const {
return (impl_->config_session_);
}
isc::datasrc::DataSourceClientContainerPtr
AuthSrv::getInMemoryClientContainer(const RRClass& rrclass) {
if (rrclass != impl_->memory_client_class_) {
isc_throw(InvalidParameter,
"Memory data source is not supported for RR class "
<< rrclass);
}
return (impl_->memory_client_container_);
}
isc::datasrc::DataSourceClient*
AuthSrv::getInMemoryClient(const RRClass& rrclass) {
if (hasInMemoryClient()) {
return (&getInMemoryClientContainer(rrclass)->getInstance());
} else {
return (NULL);
}
}
bool
AuthSrv::hasInMemoryClient() const {
return (impl_->memory_client_container_);
}
void
AuthSrv::setInMemoryClient(const isc::dns::RRClass& rrclass,
DataSourceClientContainerPtr memory_client)
{
if (rrclass != impl_->memory_client_class_) {
isc_throw(InvalidParameter,
"Memory data source is not supported for RR class "
<< rrclass);
} else if (!impl_->memory_client_container_ && memory_client) {
LOG_DEBUG(auth_logger, DBG_AUTH_OPS, AUTH_MEM_DATASRC_ENABLED)
.arg(rrclass);
} else if (impl_->memory_client_container_ && !memory_client) {
LOG_DEBUG(auth_logger, DBG_AUTH_OPS, AUTH_MEM_DATASRC_DISABLED)
.arg(rrclass);
}
impl_->memory_client_container_ = memory_client;
}
uint32_t
AuthSrv::getStatisticsTimerInterval() const {
return (impl_->statistics_timer_.getInterval() / 1000);
......@@ -725,18 +659,16 @@ AuthSrvImpl::processNormalQuery(const IOMessage& io_message, Message& message,
}
try {
// If a memory data source is configured call the separate
// Query::process()
const ConstQuestionPtr question = *message.beginQuestion();
if (memory_client_container_ &&
memory_client_class_ == question->getClass()) {
const boost::shared_ptr<datasrc::ClientList>
list(getClientList(question->getClass()));
if (list) {
const RRType& qtype = question->getType();
const Name& qname = question->getName();
query_.process(memory_client_container_->getInstance(),
qname, qtype, message, dnssec_ok);
query_.process(*list, qname, qtype, message, dnssec_ok);
} else {
datasrc::Query query(message, cache_, dnssec_ok);
data_sources_.doQuery(query);
makeErrorMessage(renderer_, message, buffer, Rcode::REFUSED());
return (true);
}
} catch (const Exception& ex) {
LOG_ERROR(auth_logger, AUTH_PROCESS_FAIL).arg(ex.what());
......@@ -926,56 +858,6 @@ AuthSrvImpl::validateStatistics(isc::data::ConstElementPtr data) const {
data, true));
}
ConstElementPtr
AuthSrvImpl::setDbFile(ConstElementPtr config) {
ConstElementPtr answer = isc::config::createAnswer();
if (config && config->contains("database_file")) {
db_file_ = config->get("database_file")->stringValue();
} else if (config_session_ != NULL) {
bool is_default;
string item("database_file");
ConstElementPtr value = config_session_->getValue(is_default, item);
ElementPtr final = Element::createMap();
// If the value is the default, and we are running from
// a specific directory ('from build'), we need to use
// a different value than the default (which may not exist)
// (btw, this should not be done here in the end, i think
// the from-source script should have a check for this,
// but for that we need offline access to config, so for
// now this is a decent solution)
if (is_default && getenv("B10_FROM_BUILD")) {
value = Element::create(string(getenv("B10_FROM_BUILD")) +
"/bind10_zones.sqlite3");
}
final->set(item, value);
config = final;
db_file_ = value->stringValue();
} else {
return (answer);
}
LOG_DEBUG(auth_logger, DBG_AUTH_OPS, AUTH_DATA_SOURCE).arg(db_file_);
// create SQL data source
// Note: the following step is tricky to be exception-safe and to ensure
// exception guarantee: We first need to perform all operations that can
// fail, while acquiring resources in the RAII manner. We then perform
// delete and swap operations which should not fail.
DataSrcPtr datasrc_ptr(DataSrcPtr(new Sqlite3DataSrc));
datasrc_ptr->init(config);
data_sources_.addDataSrc(datasrc_ptr);
// The following code should be exception free.
if (cur_datasrc_ != NULL) {
data_sources_.removeDataSrc(cur_datasrc_);
}
cur_datasrc_ = datasrc_ptr;
return (answer);
}
void
AuthSrvImpl::resumeServer(DNSServer* server, Message& message, bool done) {
if (done) {
......@@ -992,7 +874,7 @@ AuthSrv::updateConfig(ConstElementPtr new_config) {
if (new_config) {
configureAuthServer(*this, new_config);
}
return (impl_->setDbFile(new_config));
return (isc::config::createAnswer());
} catch (const isc::Exception& error) {
LOG_ERROR(auth_logger, AUTH_CONFIG_UPDATE_FAIL).arg(error.what());
return (isc::config::createAnswer(1, error.what()));
......@@ -1056,4 +938,27 @@ AuthSrv::destroyDDNSForwarder() {
}
}
void
AuthSrv::setClientList(const RRClass& rrclass,
const boost::shared_ptr<ConfigurableClientList>& list) {
if (list) {
impl_->client_lists_[rrclass] = list;
} else {
impl_->client_lists_.erase(rrclass);
}
}
boost::shared_ptr<ConfigurableClientList>
AuthSrv::getClientList(const RRClass& rrclass) {
return (impl_->getClientList(rrclass));
}
vector<RRClass>
AuthSrv::getClientListClasses() const {
vector<RRClass> result;
for (map<RRClass, boost::shared_ptr<ConfigurableClientList> >::
const_iterator it(impl_->client_lists_.begin());
it != impl_->client_lists_.end(); ++it) {
result.push_back(it->first);
}
return (result);
}
......@@ -43,7 +43,7 @@ class BaseSocketSessionForwarder;
}
}
namespace datasrc {
class InMemoryClient;
class ConfigurableClientList;
}
namespace xfr {
class AbstractXfroutClient;
......@@ -92,13 +92,11 @@ private:
public:
/// The constructor.
///
/// \param use_cache Whether to enable hot spot cache for lookup results.
/// \param xfrout_client Communication interface with a separate xfrout
/// process. It's normally a reference to an xfr::XfroutClient object,
/// but can refer to a local mock object for testing (or other
/// experimental) purposes.
AuthSrv(const bool use_cache,
isc::xfr::AbstractXfroutClient& xfrout_client,
AuthSrv(isc::xfr::AbstractXfroutClient& xfrout_client,
isc::util::io::BaseSocketSessionForwarder& ddns_forwarder);
~AuthSrv();
//@}
......@@ -129,20 +127,7 @@ public:
isc::util::OutputBuffer& buffer,
isc::asiodns::DNSServer* server);
/// \brief Updates the data source for the \c AuthSrv object.
///
/// This method installs or replaces the data source that the \c AuthSrv
/// object refers to for query processing.
/// Although the method name is generic, the only thing it does is to
/// update the data source information.
/// If there is a data source installed, it will be replaced with the
/// new one.
///
/// In the current implementation, the SQLite data source and InMemoryClient
/// are assumed.
/// We can enable memory data source and get the path of SQLite database by
/// the \c config parameter. If we disabled memory data source, the SQLite
/// data source will be used.
/// \brief Updates the configuration for the \c AuthSrv object.
///
/// On success this method returns a data \c Element (in the form of a
/// pointer like object) indicating the successful result,
......@@ -200,26 +185,6 @@ public:
/// \brief Return pointer to the Checkin callback function
isc::asiolink::SimpleCallback* getCheckinProvider() const { return (checkin_); }
/// \brief Set or update the size (number of slots) of hot spot cache.
///
/// If the specified size is 0, it means the size will be unlimited.
/// The specified size is recorded even if the cache is disabled; the
/// new size will be effective when the cache is enabled.
///
/// This method never throws an exception.
///
/// \param slots The number of cache slots.
void setCacheSlots(const size_t slots);
/// \brief Get the current size (number of slots) of hot spot cache.
///
/// It always returns the recorded size regardless of the cache is enabled.
///
/// This method never throws an exception.
///
/// \return The current number of cache slots.
size_t getCacheSlots() const;
/// \brief Set the communication session with a separate process for
/// outgoing zone transfers.
///
......@@ -238,71 +203,6 @@ public:
///
void setXfrinSession(isc::cc::AbstractSession* xfrin_session);
/// Returns the in-memory data source configured for the \c AuthSrv,
/// if any, as a pointer.
///
/// This is mostly a convenience function around
/// \c getInMemoryClientContainer, which saves the caller the step
/// of having to call getInstance().
/// The pointer is of course only valid as long as the container
/// exists.
///
/// The in-memory data source is configured per RR class. However,
/// the data source may not be available for all RR classes.
/// If it is not available for the specified RR class, an exception of
/// class \c InvalidParameter will be thrown.
/// This method never throws an exception otherwise.
///
/// Even for supported RR classes, the in-memory data source is not
/// configured by default. In that case a NULL (shared) pointer will
/// be returned.
///
/// \param rrclass The RR class of the requested in-memory data source.
/// \return A pointer to the in-memory data source, if configured;
/// otherwise NULL.
isc::datasrc::DataSourceClient* getInMemoryClient(
const isc::dns::RRClass& rrclass);
/// Returns the DataSourceClientContainer of the in-memory datasource
///
/// \exception InvalidParameter if the given class does not match
/// the one in the memory data source, or if the memory
/// datasource has not been set (callers can check with
/// \c hasMemoryDataSource())
///
/// \param rrclass The RR class of the requested in-memory data source.
/// \return A shared pointer to the in-memory data source, if configured;
/// otherwise an empty shared pointer.
isc::datasrc::DataSourceClientContainerPtr getInMemoryClientContainer(
const isc::dns::RRClass& rrclass);
/// Checks if the in-memory data source has been set.
///
/// Right now, only one datasource at a time is effectively supported.
/// This is a helper method to check whether it is the in-memory one.
/// This is mostly useful for current testing, and is expected to be
/// removed (or changed in behaviour) soon, when the general
/// multi-data-source framework is completed.
///
/// \return True if the in-memory datasource has been set.
bool hasInMemoryClient() const;
/// Sets or replaces the in-memory data source of the specified RR class.
///
/// Some RR classes may not be supported, in which case an exception
/// of class \c InvalidParameter will be thrown.
/// This method never throws an exception otherwise.
///
/// If there is already an in memory data source configured, it will be
/// replaced with the newly specified one.
/// \c memory_client can be an empty shared pointer, in which case it
/// will (re)disable the in-memory data source.
///
/// \param rrclass The RR class of the in-memory data source to be set.
/// \param memory_client A (shared) pointer to \c InMemoryClient to be set.
void setInMemoryClient(const isc::dns::RRClass& rrclass,
isc::datasrc::DataSourceClientContainerPtr memory_client);
/// \brief Set the communication session with Statistics.
///
/// This function never throws an exception as far as
......@@ -437,6 +337,32 @@ public:
/// If there was no forwarder yet, this method does nothing.
void destroyDDNSForwarder();
/// \brief Sets the currently used list for data sources of given
/// class.
///
/// Replaces the internally used client list with a new one. Other
/// classes are not changed.
///
/// \param rrclass The class to modify.
/// \param list Shared pointer to the client list. If it is NULL,
/// the list is removed instead.
void setClientList(const isc::dns::RRClass& rrclass, const
boost::shared_ptr<isc::datasrc::ConfigurableClientList>&
list);
/// \brief Returns the currently used client list for the class.
///
/// \param rrclass The class for which to get the list.
/// \return The list, or NULL if no list is set for the class.
boost::shared_ptr<isc::datasrc::ConfigurableClientList>
getClientList(const isc::dns::RRClass& rrclass);