Commit 8e9c9912 authored by Jelte Jansen's avatar Jelte Jansen
Browse files

sync with trunk

also fixed a bug in recursor which caused a segfault (wrong iterator use in a foreach)


git-svn-id: svn://bind10.isc.org/svn/bind10/branches/trac327@3783 e5f2f494-b856-4b98-b285-d166d9295462
parents b8283594 81cfe6b6
......@@ -12,6 +12,62 @@
It has "listen_on" and "forward_addresses" options.
(Trac #389, r3448)
bind10-devel-20101201 released on December 01, 2010
125. [func] jelte
Added support for addressing individual list items in bindctl
configuration commands; If you have an element that is a list, you
can use foo[X] to address a specific item, where X is an integer
(starting at 0)
(Trac #405, svn r3739)
124. [bug] jreed
Fix some wrong version reporting. Now also show the version
for the component and BIND 10 suite. (Trac #302, svn r3696)
123. [bug] jelte
src/bin/bindctl printed values had the form of python literals
(e.g. 'True'), while the input requires valid JSON (e.g. 'true').
Output changed to JSON format for consistency. (svn r3694)
122. [func] stephen
src/bin/bind10: Added configuration options to Boss to determine
whether to start the authoritative server, recursive server (or
both). A dummy recursor has been provided for test purposes.
(Trac #412, svn r3676)
121. [func] jinmei
src/lib/dns: Added support for TSIG RDATA. At this moment this is
not much of real use, however, because no protocol support was
added yet. It will soon be added. (Trac #372, svn r3649)
120. [func] jinmei
src/lib/dns: introduced two new classes, TSIGKey and TSIGKeyRing,
to manage TSIG keys. (Trac #381, svn r3622)
119. [bug] jinmei
The master file parser of the python datasrc module incorrectly
regarded a domain name beginning with a decimal number as a TTL
specification. This confused b10-loadzone and had it reject to
load a zone file that contains such a name.
Note: this fix is incomplete and the loadzone would still be
confused if the owner name is a syntactically indistinguishable
from a TTL specification. This is part of a more general issue
and will be addressed in Trac #413. (Trac #411, svn r3599)
118. [func] jinmei
src/lib/dns: changed the interface of
AbstractRRset::getRdataIterator() so that the internal
cursor would point to the first RDATA automatically. This
will be a more intuitive and less error prone behavior.
This is a backward compatible change. (Trac #410, r3595)
117. [func] jinmei
src/lib/datasrc: added new zone and zone table classes for the
support of in memory data source. This is an intermediate step to
the bigger feature, and is not yet actually usable in practice.
(Trac #399, svn r3590)
116. [bug] jerry
src/bin/xfrout: Xfrout and Auth will communicate by long tcp
connection, Auth needs to make a new connection only on the first
......@@ -40,15 +96,13 @@
Add one mixin class to override the naive serve_forever() provided
in python library socketserver. Instead of polling for shutdwon
every poll_interval seconds, one socketpair is used to wake up
the waiting server.(Trac #352, svn r3366)
the waiting server. (Trac #352, svn r3366)
111. [bug]* zhanglikun, Michal Vaner
Make sure process xfrin/xfrout/zonemgr/cmdctl can be stoped
Make sure process xfrin/xfrout/zonemgr/cmdctl can be stopped
properly when user enter "ctrl+c" or 'Boss shutdown' command
through bindctl.
The ZonemgrRefresh.run_timer and NotifyOut.dispatcher spawn
a thread themselves.
through bindctl. The ZonemgrRefresh.run_timer and
NotifyOut.dispatcher spawn a thread themselves.
(Trac #335, svn r3273)
110. [func] Michal Vaner
......@@ -60,7 +114,7 @@
109. [func] naokikambe
Added the initial version of the stats module for the statistics
feature of BIND 10, which supports the restricted features and
items and reports via bindctl command (Trac #191, r3218)
items and reports via bindctl command. (Trac #191, r3218)
Added the document of the stats module, which is about how stats
module collects the data (Trac #170, [wiki:StatsModule])
......@@ -87,11 +141,11 @@
104. [bug] jerry
bin/zonemgr: zonemgr should be attempting to refresh expired zones.
(Trac #336, r3139)
103. [bug] jerry
lib/python/isc/log: Fixed an issue with python logging,
python log shouldn't die with OSError.(Trac #267, r3137)
python log shouldn't die with OSError. (Trac #267, r3137)
102. [build] jinmei
Disable threads in ASIO to minimize build time dependency.
(Trac #345, r3100)
......@@ -144,7 +198,7 @@ bind10-devel-20100917 released on September 17, 2010
93. [bug] jinmei
lib/datasrc: A DS query could crash the library (and therefore,
e.g. the authoritative server) if some RR of the same apex name
is stored in the hot spot cache. (Trac #307, svn r2923)
is stored in the hot spot cache. (Trac #307, svn r2923)
92. [func]* jelte
libdns_python (the python wrappers for libdns++) has been renamed
......@@ -324,7 +378,7 @@ bind10-devel-20100701 released on July 1, 2010
66. [bug] each
Check for duplicate RRsets before inserting data into a message
section; this, among other things, will prevent multiple copies
of the same CNAME from showing up when there's a loop. (Trac #69,
of the same CNAME from showing up when there's a loop. (Trac #69,
svn r2350)
65. [func] shentingting
......@@ -446,7 +500,7 @@ bind10-devel-20100602 released on June 2, 2010
#205, svn r1957)
44. [build] jreed
Install headers for libdns and libexception. (Trac #68,
Install headers for libdns and libexception. (Trac #68,
svn r1941)
43. [func] jelte
......@@ -454,7 +508,7 @@ bind10-devel-20100602 released on June 2, 2010
42. [func] jelte
lib/python/isc/config: Make temporary file with python
tempfile module instead of manual with fixed name. (Trac
tempfile module instead of manual with fixed name. (Trac
#184, svn r1859)
41. [func] jelte
......@@ -462,7 +516,7 @@ bind10-devel-20100602 released on June 2, 2010
40. [build] jreed
Report detected features and configure settings at end of
configure output. (svn r1836)
configure output. (svn r1836)
39. [func]* each
Renamed libauth to libdatasrc.
......@@ -475,7 +529,7 @@ bind10-devel-20100602 released on June 2, 2010
(Trac #135, #151, #134, svn r1797)
37. [build] jinmei
Check for the availability of python-config. (Trac #159,
Check for the availability of python-config. (Trac #159,
svn r1794)
36. [func] shane
......@@ -520,7 +574,7 @@ bind10-devel-20100421 released on April 21, 2010
27. [build]
Add missing copyright license statements to various source
files. (svn r1750)
files. (svn r1750)
26. [func]
Use PACKAGE_STRING (name + version) from config.h instead
......
......@@ -37,7 +37,7 @@ report-coverage:
\*_unittest.cc \
\*_unittests.h \
--output report.info
$(GENHTML) -o coverage report.info
$(GENHTML) --legend -o coverage report.info
coverage: clean-coverage perform-coverage report-coverage
......
......@@ -17,8 +17,9 @@ This release includes the bind10 master process, b10-msgq message
bus, b10-auth authoritative DNS server (with SQLite3 backend),
b10-cmdctl remote control daemon, b10-cfgmgr configuration manager,
b10-xfrin AXFR inbound service, b10-xfrout outgoing AXFR service,
b10-zonemgr secondary manager, and a new libdns++ library for C++
with a python wrapper.
b10-zonemgr secondary manager, b10-stats statistics collection and
reporting daemon, and a new libdns++ library for C++ with a python
wrapper.
Documentation is included and also available via the BIND 10
website at http://bind10.isc.org/
......
......@@ -2,7 +2,7 @@
# Process this file with autoconf to produce a configure script.
AC_PREREQ([2.59])
AC_INIT(bind10-devel, 20101013, bind10-dev@isc.org)
AC_INIT(bind10-devel, 20101201, bind10-dev@isc.org)
AC_CONFIG_SRCDIR(README)
AM_INIT_AUTOMAKE
AC_CONFIG_HEADERS([config.h])
......@@ -496,6 +496,7 @@ AC_CONFIG_FILES([Makefile
src/lib/python/isc/util/Makefile
src/lib/python/isc/util/tests/Makefile
src/lib/python/isc/datasrc/Makefile
src/lib/python/isc/datasrc/tests/Makefile
src/lib/python/isc/cc/Makefile
src/lib/python/isc/cc/tests/Makefile
src/lib/python/isc/config/Makefile
......@@ -536,6 +537,8 @@ AC_OUTPUT([src/bin/cfgmgr/b10-cfgmgr.py
src/bin/xfrout/xfrout.spec.pre
src/bin/xfrout/tests/xfrout_test
src/bin/xfrout/run_b10-xfrout.sh
src/bin/recurse/recurse.spec.pre
src/bin/recurse/spec_config.h.pre
src/bin/zonemgr/zonemgr.py
src/bin/zonemgr/zonemgr.spec.pre
src/bin/zonemgr/tests/zonemgr_test
......@@ -563,8 +566,6 @@ AC_OUTPUT([src/bin/cfgmgr/b10-cfgmgr.py
src/bin/msgq/run_msgq.sh
src/bin/auth/auth.spec.pre
src/bin/auth/spec_config.h.pre
src/bin/recurse/recurse.spec.pre
src/bin/recurse/spec_config.h.pre
src/bin/tests/process_rename_test.py
src/lib/config/tests/data_def_unittests_config.h
src/lib/python/isc/config/tests/config_test
......@@ -580,6 +581,7 @@ AC_OUTPUT([src/bin/cfgmgr/b10-cfgmgr.py
chmod +x src/bin/cmdctl/run_b10-cmdctl.sh
chmod +x src/bin/xfrin/run_b10-xfrin.sh
chmod +x src/bin/xfrout/run_b10-xfrout.sh
chmod +x src/bin/recurse/run_b10-recurse.sh
chmod +x src/bin/zonemgr/run_b10-zonemgr.sh
chmod +x src/bin/stats/tests/stats_test
chmod +x src/bin/stats/run_b10-stats.sh
......
SUBDIRS = bind10 bindctl cfgmgr loadzone msgq host cmdctl auth recurse xfrin \
xfrout usermgr zonemgr stats tests
SUBDIRS = bind10 bindctl cfgmgr loadzone msgq host cmdctl auth xfrin xfrout \
usermgr zonemgr stats tests recurse
check-recursive: all-recursive
......@@ -37,6 +37,7 @@ spec_config.h: spec_config.h.pre
BUILT_SOURCES = spec_config.h
pkglibexec_PROGRAMS = b10-auth
b10_auth_SOURCES = auth_srv.cc auth_srv.h
b10_auth_SOURCES += query.cc query.h
b10_auth_SOURCES += change_user.cc change_user.h
b10_auth_SOURCES += common.h
b10_auth_SOURCES += main.cc
......
......@@ -147,7 +147,7 @@ public:
/// containing the result of the update operation.
isc::data::ConstElementPtr updateConfig(isc::data::ConstElementPtr config);
/// \param Returns the command and configuration session for the
/// \brief Returns the command and configuration session for the
/// \c AuthSrv.
///
/// This method never throws an exception.
......@@ -223,6 +223,7 @@ public:
/// is shutdown.
///
void setXfrinSession(isc::cc::AbstractSession* xfrin_session);
private:
AuthSrvImpl* impl_;
asiolink::IOService* io_service_;
......
......@@ -12,30 +12,31 @@
// OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
// PERFORMANCE OF THIS SOFTWARE.
// $Id: rrtype_unittest.cc 476 2010-01-19 00:29:28Z jinmei $
#include <dns/message.h>
#include <dns/rcode.h>
#include <gtest/gtest.h>
#include <datasrc/zonetable.h>
#include <dns/tsig.h>
#include <auth/query.h>
#include <dns/tests/unittest_util.h>
using isc::UnitTestUtil;
using namespace std;
using namespace isc::dns;
namespace {
class TsigTest : public ::testing::Test {
protected:
TsigTest() {}
};
// simple creation test to get the testing ball rolling
TEST_F(TsigTest, creates) {
Tsig tsig(Name("example.com"), Tsig::HMACMD5, "someRandomData");
EXPECT_TRUE(1);
using namespace isc::datasrc;
namespace isc {
namespace auth {
void
Query::process() const {
const ZoneTable::FindResult result = zone_table_.find(qname_);
if (result.code != ZoneTable::SUCCESS &&
result.code != ZoneTable::PARTIALMATCH) {
response_.setRcode(Rcode::SERVFAIL());
return;
}
// Right now we have no code to search the zone, so we simply return
// NXDOMAIN for tests.
response_.setRcode(Rcode::NXDOMAIN());
}
}
}
} // end namespace
/*
* Copyright (C) 2010 Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
namespace isc {
namespace dns {
class Message;
class Name;
class RRType;
}
namespace datasrc {
class ZoneTable;
}
namespace auth {
/// The \c Query class represents a standard DNS query that encapsulates
/// processing logic to answer the query.
///
/// Many of the design details for this class are still in flux.
/// We'll revisit and update them as we add more functionality, for example:
/// - zone_table parameter of the constructor. This will eventually be
/// replaced with a generic DataSrc object, or perhaps a notion of "view".
/// - as a related point, we may have to pass the RR class of the query.
/// in the initial implementation the RR class is an attribute of zone
/// table and omitted. It's not clear if this assumption holds with
/// generic data sources. On the other hand, it will help keep
/// implementation simpler, and we might rather want to modify the design
/// of the data source on this point.
/// - return value of process(). rather than or in addition to setting the
/// Rcode, we might use it as a return value of \c process().
/// - we'll have to be able to specify whether DNSSEC is requested.
/// It's an open question whether it should be in the constructor or via a
/// separate attribute setter.
/// - likewise, we'll eventually need to do per zone access control, for which
/// we need querier's information such as its IP address.
/// - zone_table (or DataSrc eventually) and response may better be parameters
/// to process() instead of the constructor.
///
/// <b>Note:</b> The class name is intentionally the same as the one used in
/// the datasrc library. This is because the plan is to eventually merge
/// the two classes. We could give it a different name such as "AuthQuery"
/// to avoid possible ambiguity, but it may sound redundant in that it's
/// obvious that this class is for authoritative queries.
/// Since the interfaces are very different for now and it's less
/// likely to misuse one of the classes instead of the other
/// accidentally, and since it's considered a temporary development state,
/// we keep this name at the moment.
class Query {
public:
/// Constructor from query parameters.
///
/// This constructor never throws an exception.
///
/// \param zone_table The zone table wherein the answer to the query is
/// to be found.
/// \param qname The query name
/// \param qtype The RR type of the query
/// \param response The response message to store the answer to the query.
Query(const isc::datasrc::ZoneTable& zone_table,
const isc::dns::Name& qname, const isc::dns::RRType& qtype,
isc::dns::Message& response) :
zone_table_(zone_table), qname_(qname), qtype_(qtype),
response_(response)
{}
/// Process the query.
///
/// This method first identifies the zone that best matches the query
/// name (and in some cases RR type when the search is dependent on the
/// type) and then searches the zone for an entry that best matches the
/// query name.
/// It then updates the response message accordingly; for example, a
/// successful search would result in adding a corresponding RRset to
/// the answer section of the response.
///
/// If no matching zone is found in the zone table, the RCODE of
/// SERVFAIL will be set in the response.
/// <b>Note:</b> this is different from the error code that BIND 9 returns
/// by default when it's configured as an authoritative-only server (and
/// from the behavior of the BIND 10 datasrc library, which was implemented
/// to be compatible with BIND 9).
/// The difference comes from the fact that BIND 9 returns REFUSED as a
/// result of access control check on the use of its cache.
/// Since BIND 10's authoritative server doesn't have the notion of cache
/// by design, it doesn't make sense to return REFUSED. On the other hand,
/// providing compatible behavior may have its own benefit, so this point
/// should be revisited later.
///
/// Right now this method never throws an exception, but it may in a
/// future version.
void process() const;
private:
const isc::datasrc::ZoneTable& zone_table_;
const isc::dns::Name& qname_;
const isc::dns::RRType& qtype_;
isc::dns::Message& response_;
};
}
}
// Local Variables:
// mode: c++
// End:
......@@ -19,8 +19,10 @@ TESTS += run_unittests
run_unittests_SOURCES = $(top_srcdir)/src/lib/dns/tests/unittest_util.h
run_unittests_SOURCES += $(top_srcdir)/src/lib/dns/tests/unittest_util.cc
run_unittests_SOURCES += ../auth_srv.h ../auth_srv.cc
run_unittests_SOURCES += ../query.h ../query.cc
run_unittests_SOURCES += ../change_user.h ../change_user.cc
run_unittests_SOURCES += auth_srv_unittest.cc
run_unittests_SOURCES += query_unittest.cc
run_unittests_SOURCES += change_user_unittest.cc
run_unittests_SOURCES += run_unittests.cc
run_unittests_CPPFLAGS = $(AM_CPPFLAGS) $(GTEST_INCLUDES)
......
......@@ -12,61 +12,59 @@
// OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
// PERFORMANCE OF THIS SOFTWARE.
// $Id$
#ifndef __TSIG_H
#define __TSIG_H 1
#include <string>
#include <vector>
#include <exceptions/exceptions.h>
#include <dns/name.h>
#include <dns/message.h>
#include <dns/name.h>
#include <dns/rcode.h>
#include <dns/rrtype.h>
namespace isc {
namespace dns {
class BadTsigKey : public Exception {
public:
BadTsigKey(const char* file, size_t line, const char* what) :
isc::Exception(file, line, what) {}
};
#include <datasrc/zonetable.h>
//
// This class holds a Tsig key, including all its attributes.
//
class Tsig {
public:
enum TsigAlgorithm {
HMACMD5 = 0,
GSS = 1,
HMACSHA1 = 2,
HMACSHA224 = 3,
HMACSHA265 = 4,
HMACSHA384 = 5,
HMACSHA512 = 6,
};
#include <auth/query.h>
Tsig(const Name& name, TsigAlgorithm algorithm,
const std::string& algorithm_data) :
name_(name), algorithm_(algorithm), algorithm_data_(algorithm_data) {};
#include <gtest/gtest.h>
bool signMessage(const Message& message);
bool verifyMessage(const Message &message);
using namespace isc::dns;
using namespace isc::datasrc;
using namespace isc::auth;
private:
Name name_;
TsigAlgorithm algorithm_;
std::string algorithm_data_;
namespace {
class QueryTest : public ::testing::Test {
protected:
QueryTest() :
qname(Name("www.example.com")), qclass(RRClass::IN()),
qtype(RRType::A()), response(Message::RENDER),
query(zone_table, qname, qtype, response)
{
response.setRcode(Rcode::NOERROR());
}
ZoneTable zone_table;
const Name qname;
const RRClass qclass;
const RRType qtype;
Message response;
Query query;
};
}
TEST_F(QueryTest, noZone) {
// There's no zone in the zone table. So the response should have
// SERVFAIL.
query.process();
EXPECT_EQ(Rcode::SERVFAIL(), response.getRcode());
}
#endif // __TSIG_H
TEST_F(QueryTest, matchZone) {
// add a matching zone. since the zone is empty right now, the response
// should have NXDOMAIN.
zone_table.add(ZonePtr(new MemoryZone(qclass, Name("example.com"))));
query.process();
EXPECT_EQ(Rcode::NXDOMAIN(), response.getRcode());
}
// Local Variables:
// mode: c++
// End:
TEST_F(QueryTest, noMatchZone) {
// there's a zone in the table but it doesn't match the qname. should
// result in SERVFAIL.
zone_table.add(ZonePtr(new MemoryZone(qclass, Name("example.org"))));
query.process();
EXPECT_EQ(Rcode::SERVFAIL(), response.getRcode());
}
}
This diff is collapsed.
......@@ -3,6 +3,18 @@
"module_name": "Boss",
"module_description": "Master process",
"config_data": [
{
"item_name": "start_auth",
"item_type": "boolean",
"item_optional": false,
"item_default": true
},
{
"item_name": "start_recurse",
"item_type": "boolean",
"item_optional": false,
"item_default": false
}
],
"commands": [
{
......
......@@ -23,7 +23,7 @@ BIND10_PATH=@abs_top_builddir@/src/bin/bind10
PATH=@abs_top_builddir@/src/bin/msgq:@abs_top_builddir@/src/bin/auth:@abs_top_builddir@/src/bin/recurse:@abs_top_builddir@/src/bin/cfgmgr:@abs_top_builddir@/src/bin/cmdctl:@abs_top_builddir@/src/bin/stats:@abs_top_builddir@/src/bin/xfrin:@abs_top_builddir@/src/bin/xfrout:@abs_top_builddir@/src/bin/zonemgr:$PATH
export PATH
PYTHONPATH=@abs_top_builddir@/src/lib/python:@abs_top_builddir@/src/lib/dns/python/.libs:@abs_top_builddir@/src/lib/xfr/.libs
PYTHONPATH=@abs_top_builddir@/src/lib/python:@abs_top_builddir@/src/lib/dns/python/.libs:@abs_top_builddir@/src/lib/xfr/.libs:@abs_top_builddir@/src/lib/log/.libs
export PYTHONPATH
# If necessary (rare cases), explicitly specify paths to dynamic libraries
......
......@@ -79,43 +79,237 @@ class TestBoB(unittest.TestCase):
self.assertEqual(bob.verbose, False)
self.assertEqual(bob.msgq_socket_file, None)
self.assertEqual(bob.dns_port, 5300)
self.assertEqual(bob.cc_session, None)
self.assertEqual(bob.address, None)
self.assertEqual(bob.cc_session, None)
self.assertEqual(bob.ccs, None)
self.assertEqual(bob.processes, {})
self.assertEqual(bob.dead_processes, {})
self.assertEqual(bob.runnable, False)
self.assertEqual(bob.uid, None)
self.assertEqual(bob.username, None)
self.assertEqual(bob.nocache, False)
self.assertEqual(bob.cfg_start_auth, True)
self.assertEqual(bob.cfg_start_recurse, False)
def test_init_alternate_socket(self):
bob = BoB("alt_socket_file")
self.assertEqual(bob.verbose, False)
self.assertEqual(bob.msgq_socket_file, "alt_socket_file")
self.assertEqual(bob.address, None)
self.assertEqual(bob.dns_port, 5300)
self.assertEqual(bob.cc_session, None)
self.assertEqual(bob.ccs, None)
self.assertEqual(bob.processes, {})
self.assertEqual(bob.dead_processes, {})
self.assertEqual(bob.runnable, False)
self.assertEqual(bob.uid, None)
self.assertEqual(bob.username, None)
self.assertEqual(bob.nocache, False)
self.assertEqual(bob.cfg_start_auth, True)
self.assertEqual(bob.cfg_start_recurse, False)
def test_init_alternate_dns_port(self):
bob = BoB(None, 9999)
self.assertEqual(bob.verbose, False)
self.assertEqual(bob.msgq_socket_file, None)
self.assertEqual(bob.dns_port, 9999)
self.assertEqual(bob.cc_session, None)
self.assertEqual(bob.address, None)
self.assertEqual(bob.cc_session, None)
self.assertEqual(bob.ccs, None)
self.assertEqual(bob.processes, {})
self.assertEqual(bob.dead_processes, {})
self.assertEqual(bob.runnable, False)
self.assertEqual(bob.uid, None)
self.assertEqual(bob.username, None)