[thirdparty/pdns.git] / pdns / signingpipe.cc

#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include "signingpipe.hh"
#include "misc.hh"
#include <poll.h>
#include <boost/foreach.hpp>
#include <sys/socket.h>
#include <netinet/in.h>
#include <netinet/tcp.h>
#include <sched.h>

// deal with partial reads
namespace {
int readn(int fd, void* buffer, unsigned int len)
{
  unsigned int pos=0;
  int res;
  for(;;) {
    res = read(fd, (char*)buffer + pos, len - pos);
    if(res == 0) {
      if(pos)
        throw runtime_error("Signing Pipe remote shut down in the middle of a message");
      else {
        //cerr<<"Got decent EOF on "<<fd<<endl;
        return 0;
      }
    }
      
    if(res < 0) {
      if(errno == EAGAIN || errno == EINTR) {
        if(pos==0)
          return -1;
        waitForData(fd, -1); 
        continue;
      }
      unixDie("Reading from socket in Signing Pipe loop");
    }
  
    pos+=res;
    if(pos == len)
      break;
  }
  return len;
}
}


// used to pass information to the new thread
struct StartHelperStruct
{
  StartHelperStruct(ChunkedSigningPipe* csp, int id, int fd) : d_csp(csp), d_id(id), d_fd(fd){}
  ChunkedSigningPipe* d_csp;
  int d_id;
  int d_fd;
};

// used to launch the new thread
void* ChunkedSigningPipe::helperWorker(void* p)
try
{
  StartHelperStruct shs=*(StartHelperStruct*)p;
  delete (StartHelperStruct*)p;
  
  shs.d_csp->worker(shs.d_id, shs.d_fd);
  return 0;
}
catch(...) {
  L<<Logger::Error<<"Unknown exception in signing thread occurred"<<endl;
  return 0;
}

ChunkedSigningPipe::ChunkedSigningPipe(const string& signerName, bool mustSign, const string& servers, unsigned int workers)
  : d_queued(0), d_outstanding(0), d_signer(signerName), d_maxchunkrecords(100), d_numworkers(workers), d_tids(d_numworkers),
    d_mustSign(mustSign), d_final(false), d_submitted(0)
{
  d_rrsetToSign = new rrset_t;
  d_chunks.push_back(vector<DNSResourceRecord>()); // load an empty chunk
  
  if(!d_mustSign)
    return;
  
  int fds[2];
  
  for(unsigned int n=0; n < d_numworkers; ++n) {
    if(socketpair(AF_UNIX, SOCK_STREAM, 0, fds) < 0) 
      throw runtime_error("Unable to create communication socket in for ChunkedSigningPipe");
    setCloseOnExec(fds[0]);
    setCloseOnExec(fds[1]);
    pthread_create(&d_tids[n], 0, helperWorker, (void*) new StartHelperStruct(this, n, fds[1]));
    setNonBlocking(fds[0]);
    d_sockets.push_back(fds[0]);
  }
}

ChunkedSigningPipe::~ChunkedSigningPipe()
{
  delete d_rrsetToSign;
  if(!d_mustSign)
    return;
  BOOST_FOREACH(int fd, d_sockets) {
    close(fd); // this will trigger all threads to exit
  }
    
  void* res;
  BOOST_FOREACH(pthread_t& tid, d_tids) {
    pthread_join(tid, &res);
  }
  //cout<<"Did: "<<d_signed<<", records (!= chunks) submitted: "<<d_submitted<<endl;
}

namespace {
bool
dedupLessThan(const DNSResourceRecord& a, const DNSResourceRecord &b)
{
  return (tie(a.content, a.ttl) < tie(b.content, b.ttl));
}

bool dedupEqual(const DNSResourceRecord& a, const DNSResourceRecord &b)
{
  return(tie(a.content, a.ttl) == tie(b.content, b.ttl));
}
}

void ChunkedSigningPipe::dedupRRSet()
{
  // our set contains contains records for one type and one name, but might not be sorted otherwise
  sort(d_rrsetToSign->begin(), d_rrsetToSign->end(), dedupLessThan);
  d_rrsetToSign->erase(unique(d_rrsetToSign->begin(), d_rrsetToSign->end(), dedupEqual), d_rrsetToSign->end());
}

bool ChunkedSigningPipe::submit(const DNSResourceRecord& rr)
{
  ++d_submitted;
  // check if we have a full RRSET to sign
  if(!d_rrsetToSign->empty() && (d_rrsetToSign->begin()->qtype.getCode() != rr.qtype.getCode()  ||  d_rrsetToSign->begin()->qname != rr.qname)) 
  {
    dedupRRSet();
    sendRRSetToWorker();
  }
  d_rrsetToSign->push_back(rr);
  return !d_chunks.empty() && d_chunks.front().size() >= d_maxchunkrecords; // "you can send more"
}

pair<vector<int>, vector<int> > ChunkedSigningPipe::waitForRW(bool rd, bool wr, int seconds)
{
  vector<pollfd> pfds;
  
  for(unsigned int n = 0; n < d_sockets.size(); ++n) {    
    if(d_eof.count(d_sockets[n]))  
      continue;
    struct pollfd pfd;
    memset(&pfd, 0, sizeof(pfd));
    pfd.fd = d_sockets[n];
    if(rd)
      pfd.events |= POLLIN;
    if(wr)
      pfd.events |= POLLOUT;
    pfds.push_back(pfd);
  }
  
  int res = poll(&pfds[0], pfds.size(), (seconds < 0) ? -1 : (seconds * 1000)); // -1 = infinite
  if(res < 0)
    unixDie("polling for activity from signers, "+lexical_cast<string>(d_sockets.size()));
  pair<vector<int>, vector<int> > vects;
  for(unsigned int n = 0; n < pfds.size(); ++n) 
    if(pfds[n].revents & POLLIN)
      vects.first.push_back(pfds[n].fd);
    else if(pfds[n].revents & POLLOUT)
      vects.second.push_back(pfds[n].fd);
  
  return vects;
}

void ChunkedSigningPipe::addSignedToChunks(chunk_t* signedChunk)
{
  chunk_t::const_iterator from = signedChunk->begin();
  
  while(from != signedChunk->end()) {
    chunk_t& fillChunk = d_chunks.back();
    
    chunk_t::size_type room = d_maxchunkrecords - fillChunk.size();
    
    unsigned int fit = std::min(room, (chunk_t::size_type)(signedChunk->end() - from));
  
    d_chunks.back().insert(fillChunk.end(), from , from + fit);
    from+=fit;
    
    if(from != signedChunk->end()) // it didn't fit, so add a new chunk
      d_chunks.push_back(chunk_t());
  }
}

void ChunkedSigningPipe::sendRRSetToWorker() // it sounds so socialist!
{
  if(!d_mustSign) {
    addSignedToChunks(d_rrsetToSign);
    d_rrsetToSign->clear();
    return;
  }
  
  if(d_final && !d_outstanding) // nothing to do!
    return;
  
  bool wantRead, wantWrite;
  
  wantWrite = !d_rrsetToSign->empty();
  wantRead = d_outstanding || wantWrite;  // if we wrote, we want to read
  
  pair<vector<int>, vector<int> > rwVect;
  
  rwVect = waitForRW(wantRead, wantWrite, -1); // wait for something to happen  
  
  if(wantWrite && !rwVect.second.empty()) {
    random_shuffle(rwVect.second.begin(), rwVect.second.end()); // pick random available worker
    writen2(*rwVect.second.begin(), &d_rrsetToSign, sizeof(d_rrsetToSign));
    d_rrsetToSign = new rrset_t;
    d_outstanding++;
    d_queued++;
    wantWrite=false;
  } 
  
  if(wantRead) {
    while(d_outstanding) {
      chunk_t* chunk;
      
      BOOST_FOREACH(int fd, rwVect.first) {
        if(d_eof.count(fd))
          continue;
        
        while(d_outstanding) {
          int res = readn(fd, &chunk, sizeof(chunk));
          if(!res) {
            d_eof.insert(fd);
            break;
          }
          if(res < 0) {
            if(errno != EAGAIN && errno != EINTR)
              unixDie("Error reading signed chunk from thread");
            else
              break;
          }
          
          --d_outstanding;
          
          addSignedToChunks(chunk);
          
          delete chunk;
        }
      }
      if(!d_outstanding || !d_final)
        break;
      rwVect = waitForRW(1, 0, -1); // wait for something to happen  
    }
  }
  
  if(wantWrite) {  // our optimization above failed, we now wait synchronously
    rwVect = waitForRW(0, wantWrite, -1); // wait for something to happen  
    random_shuffle(rwVect.second.begin(), rwVect.second.end()); // pick random available worker
    writen2(*rwVect.second.begin(), &d_rrsetToSign, sizeof(d_rrsetToSign));
    d_rrsetToSign = new rrset_t;
    d_outstanding++;
    d_queued++;
  }
  
}

unsigned int ChunkedSigningPipe::getReady()
{
   unsigned int sum=0; 
   BOOST_FOREACH(const std::vector<DNSResourceRecord>& v, d_chunks) {
     sum += v.size(); 
   }
   return sum;
}
void ChunkedSigningPipe::worker(int id, int fd)
try
{
  DNSSECKeeper dk;
  UeberBackend db("key-only");
  
  chunk_t* chunk;
  int res;
  for(;;) {
    res = readn(fd, &chunk, sizeof(chunk));
    if(!res)
      break;
    if(res < 0)
      unixDie("reading object pointer to sign from pdns");
    set<string, CIStringCompare> authSet;
    authSet.insert(d_signer);
    addRRSigs(dk, db, authSet, *chunk);
    ++d_signed;
    
    writen2(fd, &chunk, sizeof(chunk));
  }
  close(fd);
}
catch(PDNSException& pe)
{
  L<<Logger::Error<<"Signing thread died because of PDNSException: "<<pe.reason<<endl;
  close(fd);
}
catch(std::exception& e)
{
  L<<Logger::Error<<"Signing thread died because of std::exception: "<<e.what()<<endl;
  close(fd);
}

void ChunkedSigningPipe::flushToSign()
{
  sendRRSetToWorker();
  d_rrsetToSign->clear();
}

vector<DNSResourceRecord> ChunkedSigningPipe::getChunk(bool final)
{
  if(final && !d_final) {
    // this means we should keep on reading until d_outstanding == 0
    d_final = true;
    flushToSign();
    
    BOOST_FOREACH(int fd, d_sockets) {
      shutdown(fd, SHUT_WR); // perhaps this transmits EOF the other side
      //cerr<<"shutdown of "<<fd<<endl;
    }
  }
  if(d_final)
    flushToSign(); // should help us wait
  vector<DNSResourceRecord> front=d_chunks.front();
  d_chunks.pop_front();
  if(d_chunks.empty())
    d_chunks.push_back(vector<DNSResourceRecord>());
/*  if(d_final && front.empty())
      cerr<<"getChunk returning empty in final"<<endl; */
  return front;
}

#if 0

  ServiceTuple st;
  ComboAddress remote;
  if(!servers.empty()) {
    st.port=2000;
    parseService(servers, st);
    remote=ComboAddress(st.host, st.port);
  }
  
  ///
    if(!servers.empty()) {
      fds[0] = socket(AF_INET, SOCK_STREAM, 0);
      fds[1] = -1;
      
      if(connect(fds[0], (struct sockaddr*)&remote, remote.getSocklen()) < 0)
        unixDie("Connecting to signing server");
    }
    else {
/////
      signal(SIGCHLD, SIG_IGN);
      if(!fork()) { // child
        dup2(fds[1], 0);
        execl("./pdnssec", "./pdnssec", "--config-dir=./", "signing-slave", NULL);
        // helperWorker(new StartHelperStruct(this, n));
        return;
      }
      else 
        close(fds[1]);
#endif

#if 0
bool readLStringFromSocket(int fd, string& msg)
{
  msg.clear();
  uint32_t len;
  if(!readn(fd, &len, sizeof(len)))
    return false;
  
  len = ntohl(len);
  
  scoped_array<char> buf(new char[len]);
  readn(fd, buf.get(), len);
  
  msg.assign(buf.get(), len);
  return true;
}
void writeLStringToSocket(int fd, const string& msg)
{
  string realmsg;
  uint32_t len = htonl(msg.length());
  string tot((char*)&len, 4);
  tot+=msg;
  
  writen2(fd, tot.c_str(), tot.length());
}

#endif
Commit	Line	Data
870a0fe4 AT	1	#ifdef HAVE_CONFIG_H
	2	#include "config.h"
	3	#endif
8e9b7d99	4	#include "signingpipe.hh"
a6ef6f7a BH	5	#include "misc.hh"
a6ef6f7a BH	6	#include <poll.h>
a2aaa807	7	#include <boost/foreach.hpp>
a6ef6f7a BH	8	#include <sys/socket.h>
	9	#include <netinet/in.h>
	10	#include <netinet/tcp.h>
	11	#include <sched.h>
8e9b7d99	12
8d59e8ce BH	13	// deal with partial reads
	14	namespace {
	15	int readn(int fd, void* buffer, unsigned int len)
	16	{
	17	unsigned int pos=0;
	18	int res;
	19	for(;;) {
	20	res = read(fd, (char*)buffer + pos, len - pos);
	21	if(res == 0) {
	22	if(pos)
	23	throw runtime_error("Signing Pipe remote shut down in the middle of a message");
	24	else {
7b217f2e	25	//cerr<<"Got decent EOF on "<<fd<<endl;
8d59e8ce BH	26	return 0;
	27	}
	28	}
	29
	30	if(res < 0) {
	31	if(errno == EAGAIN \|\| errno == EINTR) {
	32	if(pos==0)
	33	return -1;
	34	waitForData(fd, -1);
	35	continue;
	36	}
	37	unixDie("Reading from socket in Signing Pipe loop");
	38	}
	39
	40	pos+=res;
	41	if(pos == len)
	42	break;
	43	}
	44	return len;
	45	}
	46	}
	47
	48
	49	// used to pass information to the new thread
a2aaa807 BH	50	struct StartHelperStruct
a2aaa807 BH	51	{
a6ef6f7a	52	StartHelperStruct(ChunkedSigningPipe* csp, int id, int fd) : d_csp(csp), d_id(id), d_fd(fd){}
a2aaa807 BH	53	ChunkedSigningPipe* d_csp;
a2aaa807 BH	54	int d_id;
a6ef6f7a	55	int d_fd;
a2aaa807	56	};
8267bd2c	57
a67dd0cf	58	// used to launch the new thread
8267bd2c	59	void* ChunkedSigningPipe::helperWorker(void* p)
bec14a20	60	try
8267bd2c	61	{
a2aaa807 BH	62	StartHelperStruct shs=(StartHelperStruct)p;
	63	delete (StartHelperStruct*)p;
	64
a6ef6f7a	65	shs.d_csp->worker(shs.d_id, shs.d_fd);
8267bd2c BH	66	return 0;
8267bd2c BH	67	}
97f1f8d9	68	catch(...) {
c057bfaa	69	L<<Logger::Error<<"Unknown exception in signing thread occurred"<<endl;
a2aaa807	70	return 0;
bec14a20	71	}
8267bd2c	72
bab008e2	73	ChunkedSigningPipe::ChunkedSigningPipe(const string& signerName, bool mustSign, const string& servers, unsigned int workers)
a6ef6f7a	74	: d_queued(0), d_outstanding(0), d_signer(signerName), d_maxchunkrecords(100), d_numworkers(workers), d_tids(d_numworkers),
8d59e8ce	75	d_mustSign(mustSign), d_final(false), d_submitted(0)
8267bd2c	76	{
a2aaa807	77	d_rrsetToSign = new rrset_t;
8d59e8ce BH	78	d_chunks.push_back(vector<DNSResourceRecord>()); // load an empty chunk
8d59e8ce BH	79
8267bd2c BH	80	if(!d_mustSign)
8267bd2c BH	81	return;
a2aaa807	82
a2aaa807 BH	83	int fds[2];
a2aaa807 BH	84
8267bd2c	85	for(unsigned int n=0; n < d_numworkers; ++n) {
8d59e8ce BH	86	if(socketpair(AF_UNIX, SOCK_STREAM, 0, fds) < 0)
8d59e8ce BH	87	throw runtime_error("Unable to create communication socket in for ChunkedSigningPipe");
3897b9e1	88	setCloseOnExec(fds[0]);
3897b9e1	89	setCloseOnExec(fds[1]);
8d59e8ce	90	pthread_create(&d_tids[n], 0, helperWorker, (void*) new StartHelperStruct(this, n, fds[1]));
3897b9e1	91	setNonBlocking(fds[0]);
8d59e8ce	92	d_sockets.push_back(fds[0]);
8267bd2c BH	93	}
	94	}
	95
	96	ChunkedSigningPipe::~ChunkedSigningPipe()
	97	{
a2aaa807	98	delete d_rrsetToSign;
8267bd2c BH	99	if(!d_mustSign)
8267bd2c BH	100	return;
a6ef6f7a BH	101	BOOST_FOREACH(int fd, d_sockets) {
	102	close(fd); // this will trigger all threads to exit
	103	}
a2aaa807	104
8267bd2c	105	void* res;
a6ef6f7a BH	106	BOOST_FOREACH(pthread_t& tid, d_tids) {
	107	pthread_join(tid, &res);
	108	}
7b217f2e	109	//cout<<"Did: "<<d_signed<<", records (!= chunks) submitted: "<<d_submitted<<endl;
8267bd2c BH	110	}
8267bd2c BH	111
a2f3b9ec	112	namespace {
b9bafae0 KM	113	bool
b9bafae0 KM	114	dedupLessThan(const DNSResourceRecord& a, const DNSResourceRecord &b)
a2f3b9ec	115	{
b9bafae0	116	return (tie(a.content, a.ttl) < tie(b.content, b.ttl));
a2f3b9ec BH	117	}
	118
	119	bool dedupEqual(const DNSResourceRecord& a, const DNSResourceRecord &b)
	120	{
b9bafae0	121	return(tie(a.content, a.ttl) == tie(b.content, b.ttl));
a2f3b9ec BH	122	}
	123	}
	124
	125	void ChunkedSigningPipe::dedupRRSet()
	126	{
	127	// our set contains contains records for one type and one name, but might not be sorted otherwise
	128	sort(d_rrsetToSign->begin(), d_rrsetToSign->end(), dedupLessThan);
	129	d_rrsetToSign->erase(unique(d_rrsetToSign->begin(), d_rrsetToSign->end(), dedupEqual), d_rrsetToSign->end());
	130	}
	131
8e9b7d99 BH	132	bool ChunkedSigningPipe::submit(const DNSResourceRecord& rr)
8e9b7d99 BH	133	{
8d59e8ce BH	134	++d_submitted;
8d59e8ce BH	135	// check if we have a full RRSET to sign
675fa24c	136	if(!d_rrsetToSign->empty() && (d_rrsetToSign->begin()->qtype.getCode() != rr.qtype.getCode() \|\| d_rrsetToSign->begin()->qname != rr.qname))
8e9b7d99	137	{
a2f3b9ec	138	dedupRRSet();
a2aaa807	139	sendRRSetToWorker();
8e9b7d99	140	}
a2aaa807	141	d_rrsetToSign->push_back(rr);
a2f3b9ec	142	return !d_chunks.empty() && d_chunks.front().size() >= d_maxchunkrecords; // "you can send more"
8e9b7d99 BH	143	}
8e9b7d99 BH	144
a6ef6f7a BH	145	pair<vector<int>, vector<int> > ChunkedSigningPipe::waitForRW(bool rd, bool wr, int seconds)
a6ef6f7a BH	146	{
ac10b8c6	147	vector<pollfd> pfds;
a6ef6f7a	148
8d59e8ce	149	for(unsigned int n = 0; n < d_sockets.size(); ++n) {
a4da80fc	150	if(d_eof.count(d_sockets[n]))
ac10b8c6 BH	151	continue;
	152	struct pollfd pfd;
	153	memset(&pfd, 0, sizeof(pfd));
	154	pfd.fd = d_sockets[n];
	155	if(rd)
	156	pfd.events \|= POLLIN;
	157	if(wr)
	158	pfd.events \|= POLLOUT;
	159	pfds.push_back(pfd);
a6ef6f7a BH	160	}
a6ef6f7a BH	161
a135720d	162	int res = poll(&pfds[0], pfds.size(), (seconds < 0) ? -1 : (seconds * 1000)); // -1 = infinite
a6ef6f7a	163	if(res < 0)
ac10b8c6	164	unixDie("polling for activity from signers, "+lexical_cast<string>(d_sockets.size()));
a6ef6f7a	165	pair<vector<int>, vector<int> > vects;
ac10b8c6	166	for(unsigned int n = 0; n < pfds.size(); ++n)
a6ef6f7a BH	167	if(pfds[n].revents & POLLIN)
	168	vects.first.push_back(pfds[n].fd);
	169	else if(pfds[n].revents & POLLOUT)
	170	vects.second.push_back(pfds[n].fd);
	171
	172	return vects;
	173	}
	174
8d59e8ce BH	175	void ChunkedSigningPipe::addSignedToChunks(chunk_t* signedChunk)
	176	{
	177	chunk_t::const_iterator from = signedChunk->begin();
	178
	179	while(from != signedChunk->end()) {
	180	chunk_t& fillChunk = d_chunks.back();
	181
	182	chunk_t::size_type room = d_maxchunkrecords - fillChunk.size();
	183
	184	unsigned int fit = std::min(room, (chunk_t::size_type)(signedChunk->end() - from));
	185
	186	d_chunks.back().insert(fillChunk.end(), from , from + fit);
	187	from+=fit;
	188
	189	if(from != signedChunk->end()) // it didn't fit, so add a new chunk
	190	d_chunks.push_back(chunk_t());
	191	}
	192	}
a6ef6f7a	193
a2aaa807	194	void ChunkedSigningPipe::sendRRSetToWorker() // it sounds so socialist!
8267bd2c BH	195	{
8267bd2c BH	196	if(!d_mustSign) {
8d59e8ce	197	addSignedToChunks(d_rrsetToSign);
a2aaa807	198	d_rrsetToSign->clear();
8267bd2c BH	199	return;
8267bd2c BH	200	}
a2aaa807	201
8d59e8ce BH	202	if(d_final && !d_outstanding) // nothing to do!
	203	return;
	204
a6ef6f7a BH	205	bool wantRead, wantWrite;
	206
	207	wantWrite = !d_rrsetToSign->empty();
8d59e8ce	208	wantRead = d_outstanding \|\| wantWrite; // if we wrote, we want to read
a6ef6f7a BH	209
	210	pair<vector<int>, vector<int> > rwVect;
	211
8d59e8ce	212	rwVect = waitForRW(wantRead, wantWrite, -1); // wait for something to happen
a6ef6f7a BH	213
a6ef6f7a BH	214	if(wantWrite && !rwVect.second.empty()) {
8d59e8ce	215	random_shuffle(rwVect.second.begin(), rwVect.second.end()); // pick random available worker
a6ef6f7a	216	writen2(*rwVect.second.begin(), &d_rrsetToSign, sizeof(d_rrsetToSign));
a2aaa807	217	d_rrsetToSign = new rrset_t;
8267bd2c	218	d_outstanding++;
a2aaa807	219	d_queued++;
8d59e8ce BH	220	wantWrite=false;
	221	}
	222
	223	if(wantRead) {
	224	while(d_outstanding) {
	225	chunk_t* chunk;
a6ef6f7a	226
8d59e8ce BH	227	BOOST_FOREACH(int fd, rwVect.first) {
	228	if(d_eof.count(fd))
	229	continue;
	230
	231	while(d_outstanding) {
	232	int res = readn(fd, &chunk, sizeof(chunk));
	233	if(!res) {
	234	d_eof.insert(fd);
	235	break;
	236	}
	237	if(res < 0) {
	238	if(errno != EAGAIN && errno != EINTR)
	239	unixDie("Error reading signed chunk from thread");
	240	else
	241	break;
	242	}
	243
	244	--d_outstanding;
	245
	246	addSignedToChunks(chunk);
	247
	248	delete chunk;
	249	}
	250	}
	251	if(!d_outstanding \|\| !d_final)
a6ef6f7a	252	break;
8d59e8ce	253	rwVect = waitForRW(1, 0, -1); // wait for something to happen
a6ef6f7a	254	}
8267bd2c	255	}
a6ef6f7a	256
8d59e8ce BH	257	if(wantWrite) { // our optimization above failed, we now wait synchronously
	258	rwVect = waitForRW(0, wantWrite, -1); // wait for something to happen
	259	random_shuffle(rwVect.second.begin(), rwVect.second.end()); // pick random available worker
	260	writen2(*rwVect.second.begin(), &d_rrsetToSign, sizeof(d_rrsetToSign));
	261	d_rrsetToSign = new rrset_t;
	262	d_outstanding++;
	263	d_queued++;
a6ef6f7a BH	264	}
a6ef6f7a BH	265
8267bd2c BH	266	}
8267bd2c BH	267
a2aaa807 BH	268	unsigned int ChunkedSigningPipe::getReady()
	269	{
	270	unsigned int sum=0;
	271	BOOST_FOREACH(const std::vector<DNSResourceRecord>& v, d_chunks) {
	272	sum += v.size();
	273	}
	274	return sum;
	275	}
a6ef6f7a BH	276	void ChunkedSigningPipe::worker(int id, int fd)
a6ef6f7a BH	277	try
8267bd2c	278	{
8267bd2c	279	DNSSECKeeper dk;
a6ef6f7a BH	280	UeberBackend db("key-only");
	281
	282	chunk_t* chunk;
8267bd2c BH	283	int res;
8267bd2c BH	284	for(;;) {
a6ef6f7a BH	285	res = readn(fd, &chunk, sizeof(chunk));
a6ef6f7a BH	286	if(!res)
8267bd2c	287	break;
a6ef6f7a BH	288	if(res < 0)
a6ef6f7a BH	289	unixDie("reading object pointer to sign from pdns");
8d3cbffa BH	290	set<string, CIStringCompare> authSet;
	291	authSet.insert(d_signer);
	292	addRRSigs(dk, db, authSet, *chunk);
a6ef6f7a BH	293	++d_signed;
	294
	295	writen2(fd, &chunk, sizeof(chunk));
8267bd2c	296	}
a6ef6f7a BH	297	close(fd);
a6ef6f7a BH	298	}
97f1f8d9 KM	299	catch(PDNSException& pe)
	300	{
	301	L<<Logger::Error<<"Signing thread died because of PDNSException: "<<pe.reason<<endl;
	302	close(fd);
	303	}
18e7758c	304	catch(std::exception& e)
a6ef6f7a	305	{
a4da80fc	306	L<<Logger::Error<<"Signing thread died because of std::exception: "<<e.what()<<endl;
a6ef6f7a	307	close(fd);
8267bd2c BH	308	}
8267bd2c BH	309
8e9b7d99 BH	310	void ChunkedSigningPipe::flushToSign()
8e9b7d99 BH	311	{
a2aaa807 BH	312	sendRRSetToWorker();
a2aaa807 BH	313	d_rrsetToSign->clear();
8e9b7d99 BH	314	}
	315
	316	vector<DNSResourceRecord> ChunkedSigningPipe::getChunk(bool final)
	317	{
a6ef6f7a BH	318	if(final && !d_final) {
	319	// this means we should keep on reading until d_outstanding == 0
	320	d_final = true;
8e9b7d99	321	flushToSign();
a6ef6f7a BH	322
	323	BOOST_FOREACH(int fd, d_sockets) {
	324	shutdown(fd, SHUT_WR); // perhaps this transmits EOF the other side
7b217f2e	325	//cerr<<"shutdown of "<<fd<<endl;
a6ef6f7a	326	}
8267bd2c	327	}
a6ef6f7a BH	328	if(d_final)
a6ef6f7a BH	329	flushToSign(); // should help us wait
a2aaa807 BH	330	vector<DNSResourceRecord> front=d_chunks.front();
	331	d_chunks.pop_front();
	332	if(d_chunks.empty())
	333	d_chunks.push_back(vector<DNSResourceRecord>());
e125fc69	334	/* if(d_final && front.empty())
e125fc69	335	cerr<<"getChunk returning empty in final"<<endl; */
a2aaa807	336	return front;
8e9b7d99	337	}
8d59e8ce BH	338
	339	#if 0
	340
	341	ServiceTuple st;
	342	ComboAddress remote;
	343	if(!servers.empty()) {
	344	st.port=2000;
	345	parseService(servers, st);
	346	remote=ComboAddress(st.host, st.port);
	347	}
	348
	349	///
	350	if(!servers.empty()) {
	351	fds[0] = socket(AF_INET, SOCK_STREAM, 0);
	352	fds[1] = -1;
	353
	354	if(connect(fds[0], (struct sockaddr*)&remote, remote.getSocklen()) < 0)
	355	unixDie("Connecting to signing server");
	356	}
	357	else {
	358	/////
	359	signal(SIGCHLD, SIG_IGN);
	360	if(!fork()) { // child
	361	dup2(fds[1], 0);
	362	execl("./pdnssec", "./pdnssec", "--config-dir=./", "signing-slave", NULL);
	363	// helperWorker(new StartHelperStruct(this, n));
	364	return;
	365	}
	366	else
	367	close(fds[1]);
	368	#endif
	369
	370	#if 0
	371	bool readLStringFromSocket(int fd, string& msg)
	372	{
	373	msg.clear();
	374	uint32_t len;
	375	if(!readn(fd, &len, sizeof(len)))
	376	return false;
	377
	378	len = ntohl(len);
	379
	380	scoped_array<char> buf(new char[len]);
	381	readn(fd, buf.get(), len);
	382
	383	msg.assign(buf.get(), len);
	384	return true;
	385	}
	386	void writeLStringToSocket(int fd, const string& msg)
	387	{
	388	string realmsg;
	389	uint32_t len = htonl(msg.length());
	390	string tot((char*)&len, 4);
	391	tot+=msg;
	392
	393	writen2(fd, tot.c_str(), tot.length());
	394	}
	395
	396	#endif
	397