- list_auth_zones unbound-control command.

git-svn-id: file:///svn/unbound/trunk@4650 be551aaa-1e26-0410-a405-d3ace91eadb9

diff --git a/daemon/remote.c b/daemon/remote.c
index c58e3618965642c1a2f31889b6a844a292d9f2da..cfc91eb98b3aae8888b6671ad99f25d931b04faa 100644 (file)
--- a/daemon/remote.c
+++ b/daemon/remote.c
@@ -68,6 +68,7 @@
 #include "services/cache/infra.h"
 #include "services/mesh.h"
 #include "services/localzone.h"
+#include "services/authzone.h"
 #include "util/storage/slabhash.h"
 #include "util/fptr_wlist.h"
 #include "util/data/dname.h"
@@ -2543,6 +2544,36 @@ do_list_stubs(SSL* ssl, struct worker* worker)
        }
 }
 
+/** do the list_auth_zones command */
+static void
+do_list_auth_zones(SSL* ssl, struct auth_zones* az)
+{
+       struct auth_zone* z;
+       char buf[257], buf2[256];
+       lock_rw_rdlock(&az->lock);
+       RBTREE_FOR(z, struct auth_zone*, &az->ztree) {
+               lock_rw_rdlock(&z->lock);
+               dname_str(z->name, buf);
+               if(z->zone_expired)
+                       snprintf(buf2, sizeof(buf2), "expired");
+               else {
+                       uint32_t serial = 0;
+                       if(auth_zone_get_serial(z, &serial))
+                               snprintf(buf2, sizeof(buf2), "serial %u",
+                                       (unsigned)serial);
+                       else    snprintf(buf2, sizeof(buf2), "no serial");
+               }
+               if(!ssl_printf(ssl, "%s\t%s\n", buf, buf2)) {
+                       /* failure to print */
+                       lock_rw_unlock(&z->lock);
+                       lock_rw_unlock(&az->lock);
+                       return;
+               }
+               lock_rw_unlock(&z->lock);
+       }
+       lock_rw_unlock(&az->lock);
+}
+
 /** do the list_local_zones command */
 static void
 do_list_local_zones(SSL* ssl, struct local_zones* zones)
@@ -2803,6 +2834,9 @@ execute_cmd(struct daemon_remote* rc, SSL* ssl, char* cmd,
        } else if(cmdcmp(p, "ip_ratelimit_list", 17)) {
                do_ip_ratelimit_list(ssl, worker, p+17);
                return;
+       } else if(cmdcmp(p, "list_auth_zones", 15)) {
+               do_list_auth_zones(ssl, worker->env.auth_zones);
+               return;
        } else if(cmdcmp(p, "stub_add", 8)) {
                /* must always distribute this cmd */
                if(rc) distribute_cmd(rc, ssl, cmd);

diff --git a/doc/Changelog b/doc/Changelog
index 1556830c177a2db0c98b566b7356a2f7c7d230c8..7b81fa46f63035d9bf3bbc8a476f6b92ef2728e9 100644 (file)
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -8,6 +8,7 @@
        - Attempt for auth zone fix; add of callback in mesh gets from
          callback does not skip callback of result.
        - Fix cname classification with qname minimisation enabled.
+       - list_auth_zones unbound-control command.
 
 20 April 2018: Wouter
        - man page documentation for dns-over-tls forward-addr '#' notation.

diff --git a/doc/unbound-control.8.in b/doc/unbound-control.8.in
index 887441196827dea353466dd4b85eba57b07897a9..c207bee6b1b6d2a7b093c362f2f13050cd7a0d38 100644 (file)
--- a/doc/unbound-control.8.in
+++ b/doc/unbound-control.8.in
@@ -289,6 +289,10 @@ estimated qps and qps limit from config.  With +a it prints all ips, not
 just the ratelimited ips, with their estimated qps.  The ratelimited
 ips are dropped before checking the cache.
 .TP
+.B list_auth_zones
+List the auth zones that are configured.  Printed one per line with a
+status, indicating if the zone is expired and current serial number.
+.TP
 .B view_list_local_zones \fIview\fR
 \fIlist_local_zones\fR for given view.
 .TP

diff --git a/services/authzone.c b/services/authzone.c
index 4ade1fc6273dc265af0d9a014436f04157a3351b..1f56ac8cfc870517eacbba258deffdbf2c9eac19 100644 (file)
--- a/services/authzone.c
+++ b/services/authzone.c
@@ -1724,6 +1724,24 @@ auth_zones_read_zones(struct auth_zones* az)
        return 1;
 }
 
+/** find serial number of zone or false if none */
+int
+auth_zone_get_serial(struct auth_zone* z, uint32_t* serial)
+{
+       struct auth_data* apex;
+       struct auth_rrset* soa;
+       struct packed_rrset_data* d;
+       apex = az_find_name(z, z->name, z->namelen);
+       if(!apex) return 0;
+       soa = az_domain_rrset(apex, LDNS_RR_TYPE_SOA);
+       if(!soa || soa->data->count==0)
+               return 0; /* no RRset or no RRs in rrset */
+       if(soa->data->rr_len[0] < 2+4*5) return 0; /* SOA too short */
+       d = soa->data;
+       *serial = sldns_read_uint32(d->rr_data[0]+(d->rr_len[0]-20));
+       return 1;
+}
+
 /** Find auth_zone SOA and populate the values in xfr(soa values). */
 static int
 xfr_find_soa(struct auth_zone* z, struct auth_xfer* xfr)

diff --git a/services/authzone.h b/services/authzone.h
index 8de18bf7311b2f2fc4158e8e6acda9e2d2bd374d..4e06c0654d99f49df896015a740af29a03eace20 100644 (file)
--- a/services/authzone.h
+++ b/services/authzone.h
@@ -591,6 +591,9 @@ int auth_zone_parse_notify_serial(struct sldns_buffer* pkt, uint32_t *serial);
 /** read auth zone from zonefile. caller must lock zone. false on failure */
 int auth_zone_read_zonefile(struct auth_zone* z);
 
+/** find serial number of zone or false if none (no SOA record) */
+int auth_zone_get_serial(struct auth_zone* z, uint32_t* serial);
+
 /** compare auth_zones for sorted rbtree */
 int auth_zone_cmp(const void* z1, const void* z2);
 

diff --git a/smallapp/unbound-control.c b/smallapp/unbound-control.c
index afb764d46a302250c7ecf9860293106e439e584e..2337e7a7372834c6622a979f541afb04f5accf96 100644 (file)
--- a/smallapp/unbound-control.c
+++ b/smallapp/unbound-control.c
@@ -142,6 +142,7 @@ usage(void)
        printf("  ratelimit_list [+a]           list ratelimited domains\n");
        printf("  ip_ratelimit_list [+a]        list ratelimited ip addresses\n");
        printf("                +a              list all, also not ratelimited\n");
+       printf("  list_auth_zones               list auth zones\n");
        printf("  view_list_local_zones view    list local-zones in view\n");
        printf("  view_list_local_data  view    list local-data RRs in view\n");
        printf("  view_local_zone view name type        add local-zone in view\n");