]>
Commit | Line | Data |
---|---|---|
806c95f2 | 1 | #include "secpoll-recursor.hh" |
2 | #include "syncres.hh" | |
3 | #include "logger.hh" | |
4 | #include "arguments.hh" | |
6c85e51f | 5 | #include "version.hh" |
6 | #include "version_generated.h" | |
806c95f2 | 7 | |
8 | #ifndef PACKAGEVERSION | |
6c85e51f | 9 | #define PACKAGEVERSION PDNS_VERSION |
806c95f2 | 10 | #endif |
11 | ||
12 | uint32_t g_security_status; | |
13 | string g_security_message; | |
14 | ||
15 | void doSecPoll(time_t* last_secpoll) | |
16 | { | |
17 | if(::arg()["security-poll-suffix"].empty()) | |
18 | return; | |
19 | ||
20 | struct timeval now; | |
21 | gettimeofday(&now, 0); | |
22 | SyncRes sr(now); | |
23 | ||
24 | vector<DNSResourceRecord> ret; | |
25 | ||
6c85e51f | 26 | string query = "recursor-" PACKAGEVERSION ".security-status."+::arg()["security-poll-suffix"]; |
27 | ||
28 | int res=sr.beginResolve(query, QType(QType::TXT), 1, ret); | |
806c95f2 | 29 | if(!res && !ret.empty()) { |
30 | string content=ret.begin()->content; | |
31 | if(!content.empty() && content[0]=='"' && content[content.size()-1]=='"') { | |
32 | content=content.substr(1, content.length()-2); | |
33 | } | |
34 | ||
35 | pair<string, string> split = splitField(content, ' '); | |
36 | ||
37 | g_security_status = atoi(split.first.c_str()); | |
38 | g_security_message = split.second; | |
39 | ||
40 | *last_secpoll=now.tv_sec; | |
41 | } | |
42 | else { | |
6c85e51f | 43 | L<<Logger::Warning<<"Could not retrieve security status update for '" PACKAGEVERSION "' on '"+query+"', RCODE = "<< RCode::to_s(res)<<endl; |
806c95f2 | 44 | if(g_security_status == 1) |
45 | g_security_status = 0; | |
46 | } | |
47 | ||
48 | if(g_security_status == 2) { | |
49 | L<<Logger::Error<<"PowerDNS Security Update Recommended: "<<g_security_message<<endl; | |
50 | } | |
51 | else if(g_security_status == 3) { | |
52 | L<<Logger::Error<<"PowerDNS Security Update Mandatory: "<<g_security_message<<endl; | |
53 | } | |
54 | } |