#endif // defined(HAVE_DNS_OVER_TLS) || defined(HAVE_DNS_OVER_HTTPS)
-void setupLuaConfig(bool client)
+void setupLuaConfig(bool client, bool configCheck)
{
typedef std::unordered_map<std::string, boost::variant<bool, std::string, vector<pair<int, std::string> >, DownstreamState::checkfunc_t > > newserver_t;
g_lua.writeFunction("inClientStartup", [client]() {
return client && !g_configurationDone;
});
+ g_lua.writeFunction("inConfigCheck", [client, configCheck]() {
+ return !configCheck;
+ });
+
g_lua.writeFunction("newServer",
- [client](boost::variant<string,newserver_t> pvars, boost::optional<int> qps) {
+ [client, configCheck](boost::variant<string,newserver_t> pvars, boost::optional<int> qps) {
setLuaSideEffect();
std::shared_ptr<DownstreamState> ret = std::make_shared<DownstreamState>(ComboAddress());
}
}
- if(client) {
- // do not construct DownstreamState now, it would try binding sockets.
- return ret;
- }
- ret=std::make_shared<DownstreamState>(serverAddr, sourceAddr, sourceItf, sourceItfName, numberOfSockets);
+ // create but don't connect the socket in client or check-config modes
+ ret=std::make_shared<DownstreamState>(serverAddr, sourceAddr, sourceItf, sourceItfName, numberOfSockets, !(client || configCheck));
if(vars.count("qps")) {
int qpsVal=std::stoi(boost::get<string>(vars["qps"]));
g_carbon.setState(ours);
});
- g_lua.writeFunction("webserver", [client](const std::string& address, const std::string& password, const boost::optional<std::string> apiKey, const boost::optional<std::map<std::string, std::string> > customHeaders) {
+ g_lua.writeFunction("webserver", [client,configCheck](const std::string& address, const std::string& password, const boost::optional<std::string> apiKey, const boost::optional<std::map<std::string, std::string> > customHeaders) {
setLuaSideEffect();
ComboAddress local;
try {
throw std::runtime_error(std::string("Error parsing the bind address for the webserver: ") + e.reason);
}
- if (client) {
+ if (client || configCheck) {
return;
}
}
});
- g_lua.writeFunction("controlSocket", [client](const std::string& str) {
+ g_lua.writeFunction("controlSocket", [client,configCheck](const std::string& str) {
setLuaSideEffect();
ComboAddress local(str, 5199);
- if(client) {
+ if(client || configCheck) {
g_serverControl = local;
return;
}
#endif
});
- g_lua.writeFunction("generateDNSCryptProviderKeys", [](const std::string& publicKeyFile, const std::string privateKeyFile) {
+ g_lua.writeFunction("generateDNSCryptProviderKeys", [client](const std::string& publicKeyFile, const std::string privateKeyFile) {
setLuaNoSideEffect();
#ifdef HAVE_DNSCRYPT
+ if (client) {
+ return;
+ }
unsigned char publicKey[DNSCRYPT_PROVIDER_PUBLIC_KEY_SIZE];
unsigned char privateKey[DNSCRYPT_PROVIDER_PRIVATE_KEY_SIZE];
sodium_mlock(privateKey, sizeof(privateKey));
});
#ifdef HAVE_DNSCRYPT
- g_lua.writeFunction("generateDNSCryptCertificate", [](const std::string& providerPrivateKeyFile, const std::string& certificateFile, const std::string privateKeyFile, uint32_t serial, time_t begin, time_t end, boost::optional<DNSCryptExchangeVersion> version) {
+ g_lua.writeFunction("generateDNSCryptCertificate", [client](const std::string& providerPrivateKeyFile, const std::string& certificateFile, const std::string privateKeyFile, uint32_t serial, time_t begin, time_t end, boost::optional<DNSCryptExchangeVersion> version) {
setLuaNoSideEffect();
+ if (client) {
+ return;
+ }
DNSCryptPrivateKey privateKey;
DNSCryptCert cert;
g_useTCPSinglePipe = flag;
});
- g_lua.writeFunction("snmpAgent", [client](bool enableTraps, boost::optional<std::string> masterSocket) {
- if(client)
+ g_lua.writeFunction("snmpAgent", [client,configCheck](bool enableTraps, boost::optional<std::string> masterSocket) {
+ if(client || configCheck)
return;
#ifdef HAVE_NET_SNMP
if (g_configurationDone) {
g_lua.writeFunction("setAllowEmptyResponse", [](bool allow) { g_allowEmptyResponse=allow; });
#if defined(HAVE_LIBSSL) && defined(HAVE_OCSP_BASIC_SIGN)
- g_lua.writeFunction("generateOCSPResponse", [](const std::string& certFile, const std::string& caCert, const std::string& caKey, const std::string& outFile, int ndays, int nmin) {
- return libssl_generate_ocsp_response(certFile, caCert, caKey, outFile, ndays, nmin);
+ g_lua.writeFunction("generateOCSPResponse", [client](const std::string& certFile, const std::string& caCert, const std::string& caKey, const std::string& outFile, int ndays, int nmin) {
+ if (client) {
+ return;
+ }
+
+ libssl_generate_ocsp_response(certFile, caCert, caKey, outFile, ndays, nmin);
});
#endif /* HAVE_LIBSSL && HAVE_OCSP_BASIC_SIGN*/
}
-vector<std::function<void(void)>> setupLua(bool client, const std::string& config)
+vector<std::function<void(void)>> setupLua(bool client, bool configCheck, const std::string& config)
{
g_launchWork= new vector<std::function<void(void)>>();
setupLuaActions();
- setupLuaConfig(client);
+ setupLuaConfig(client, configCheck);
setupLuaBindings(client);
setupLuaBindingsDNSCrypt();
setupLuaBindingsDNSQuestion();
setupLuaBindingsKVS(client);
setupLuaBindingsPacketCache();
- setupLuaBindingsProtoBuf(client);
+ setupLuaBindingsProtoBuf(client, configCheck);
setupLuaInspection();
setupLuaRules();
setupLuaVars();
typedef NetmaskTree<DynBlock> nmts_t;
+vector<std::function<void(void)>> setupLua(bool client, bool configCheck, const std::string& config);
void setupLuaActions();
void setupLuaBindings(bool client);
void setupLuaBindingsDNSCrypt();
void setupLuaBindingsDNSQuestion();
void setupLuaBindingsKVS(bool client);
void setupLuaBindingsPacketCache();
-void setupLuaBindingsProtoBuf(bool client);
+void setupLuaBindingsProtoBuf(bool client, bool configCheck);
void setupLuaRules();
void setupLuaInspection();
void setupLuaVars();
}
}
-DownstreamState::DownstreamState(const ComboAddress& remote_, const ComboAddress& sourceAddr_, unsigned int sourceItf_, const std::string& sourceItfName_, size_t numberOfSockets): sourceItfName(sourceItfName_), remote(remote_), sourceAddr(sourceAddr_), sourceItf(sourceItf_)
+DownstreamState::DownstreamState(const ComboAddress& remote_, const ComboAddress& sourceAddr_, unsigned int sourceItf_, const std::string& sourceItfName_, size_t numberOfSockets, bool connect=true): sourceItfName(sourceItfName_), remote(remote_), sourceAddr(sourceAddr_), sourceItf(sourceItf_)
{
pthread_rwlock_init(&d_lock, nullptr);
id = getUniqueID();
fd = -1;
}
- if (!IsAnyAddress(remote)) {
+ if (connect && !IsAnyAddress(remote)) {
reconnect();
idStates.resize(g_maxOutstanding);
sw.start();
g_policy.setState(leastOutstandingPol);
if(g_cmdLine.beClient || !g_cmdLine.command.empty()) {
- setupLua(true, g_cmdLine.config);
+ setupLua(true, false, g_cmdLine.config);
if (clientAddress != ComboAddress())
g_serverControl = clientAddress;
doClient(g_serverControl, g_cmdLine.command);
g_consoleACL.setState(consoleACL);
if (g_cmdLine.checkConfig) {
- setupLua(true, g_cmdLine.config);
+ setupLua(false, true, g_cmdLine.config);
// No exception was thrown
infolog("Configuration '%s' OK!", g_cmdLine.config);
_exit(EXIT_SUCCESS);
}
- auto todo=setupLua(false, g_cmdLine.config);
+ auto todo=setupLua(false, false, g_cmdLine.config);
auto localPools = g_pools.getCopy();
{
{
typedef std::function<std::tuple<DNSName, uint16_t, uint16_t>(const DNSName&, uint16_t, uint16_t, dnsheader*)> checkfunc_t;
- DownstreamState(const ComboAddress& remote_, const ComboAddress& sourceAddr_, unsigned int sourceItf, const std::string& sourceItfName, size_t numberOfSockets);
- DownstreamState(const ComboAddress& remote_): DownstreamState(remote_, ComboAddress(), 0, std::string(), 1) {}
+ DownstreamState(const ComboAddress& remote_, const ComboAddress& sourceAddr_, unsigned int sourceItf, const std::string& sourceItfName, size_t numberOfSockets, bool connect);
+ DownstreamState(const ComboAddress& remote_): DownstreamState(remote_, ComboAddress(), 0, std::string(), 1, true) {}
~DownstreamState()
{
for (auto& fd : sockets) {
struct dnsheader;
void controlThread(int fd, ComboAddress local);
-vector<std::function<void(void)>> setupLua(bool client, const std::string& config);
std::shared_ptr<ServerPool> getPool(const pools_t& pools, const std::string& poolName);
std::shared_ptr<ServerPool> createPoolIfNotExists(pools_t& pools, const string& poolName);
NumberedServerVector getDownstreamCandidates(const pools_t& pools, const std::string& poolName);
#include "ipcipher.hh"
#endif /* HAVE_LIBCRYPTO */
-void setupLuaBindingsProtoBuf(bool client)
+void setupLuaBindingsProtoBuf(bool client, bool configCheck)
{
#ifdef HAVE_LIBCRYPTO
g_lua.registerFunction<ComboAddress(ComboAddress::*)(const std::string& key)>("ipencrypt", [](const ComboAddress& ca, const std::string& key) {
});
/* RemoteLogger */
- g_lua.writeFunction("newRemoteLogger", [client](const std::string& remote, boost::optional<uint16_t> timeout, boost::optional<uint64_t> maxQueuedEntries, boost::optional<uint8_t> reconnectWaitTime) {
- if (client) {
+ g_lua.writeFunction("newRemoteLogger", [client,configCheck](const std::string& remote, boost::optional<uint16_t> timeout, boost::optional<uint64_t> maxQueuedEntries, boost::optional<uint8_t> reconnectWaitTime) {
+ if (client || configCheck) {
return std::shared_ptr<RemoteLoggerInterface>(nullptr);
}
return std::shared_ptr<RemoteLoggerInterface>(new RemoteLogger(ComboAddress(remote), timeout ? *timeout : 2, maxQueuedEntries ? (*maxQueuedEntries*100) : 10000, reconnectWaitTime ? *reconnectWaitTime : 1, client));
});
- g_lua.writeFunction("newFrameStreamUnixLogger", [client](const std::string& address) {
+ g_lua.writeFunction("newFrameStreamUnixLogger", [client,configCheck](const std::string& address) {
#ifdef HAVE_FSTRM
- if (client) {
+ if (client || configCheck) {
return std::shared_ptr<RemoteLoggerInterface>(nullptr);
}
return std::shared_ptr<RemoteLoggerInterface>(new FrameStreamLogger(AF_UNIX, address, !client));
#endif /* HAVE_FSTRM */
});
- g_lua.writeFunction("newFrameStreamTcpLogger", [client](const std::string& address) {
+ g_lua.writeFunction("newFrameStreamTcpLogger", [client,configCheck](const std::string& address) {
#if defined(HAVE_FSTRM) && defined(HAVE_FSTRM_TCP_WRITER_INIT)
- if (client) {
+ if (client || configCheck) {
return std::shared_ptr<RemoteLoggerInterface>(nullptr);
}
return std::shared_ptr<RemoteLoggerInterface>(new FrameStreamLogger(AF_INET, address, !client));
Returns true while the console client is parsing the configuration.
+.. function:: inConfigCheck()
+
+ .. versionadded:: 1.5.0
+
+ Returns true while the configuration is being checked, ie when run with ``--check-config``.
+
.. function:: makeKey()
Generate and print an encryption key.
projects / thirdparty / pdns.git / commitdiff
