../../src/lib/util \
../../src/lib/util/encode \
../../src/lib/util/io \
- ../../src/lib/util/random \
../../src/lib/util/unittests \
../../src/lib/yang \
.
considers the configuration is incorrect and rejects it using the error
string as an error message.
+ @subsection d2HooksSelectKey select_key
+ - @b Arguments:
+ - name: @b current_server, type: isc::d2::DnsServerInfoPtr, direction: <b>in</b>
+ - name: @b tsig_key, type: isc::dns::TSIGKeyPtr, direction: <b>in/out</b>
+
+ - @b Description: this callout is executed when the DNS server to send the
+ next DNS update was selected and a TSIG key to protect the DNS update
+ is looking for. Pointers to the selected DNS server and the current TSIG
+ key are provided. If a hook library wants to use another TSIG key the
+ pointer must be updated.
+
+ - <b>Next step status</b>: IF any callout sets the status to value different
+ from CONTINUE the selected server is skipped.
*/
struct D2ProcessHooks {
int hooks_index_d2_srv_configured_;
- /// Constructor that registers hook points for the DHCPv4 server.
+ /// Constructor that registers hook points for the D2 server.
D2ProcessHooks() {
hooks_index_d2_srv_configured_ = HooksManager::registerHook("d2_srv_configured");
}
#include <d2srv/d2_log.h>
#include <dns/qid_gen.h>
#include <dns/rdata.h>
+#include <hooks/hooks.h>
+#include <hooks/hooks_manager.h>
#include <sstream>
+using namespace isc::hooks;
using namespace isc::util;
+namespace {
+
+/// Structure that holds registered hook indexes.
+struct NcTransHooks {
+ int hooks_index_select_key_;
+
+ /// Constructor that registers hook points for the D2 server.
+ NcTransHooks() {
+ hooks_index_select_key_ = HooksManager::registerHook("select_key");
+ }
+};
+
+// Declare a Hooks object. As this is outside any function or method, it
+// will be instantiated (and the constructor run) when the module is loaded.
+// As a result, the hook indexes will be defined before any method in this
+// module is called.
+
+NcTransHooks Hooks;
+
+}
+
namespace isc {
namespace d2 {
bool
NameChangeTransaction::selectNextServer() {
- if ((current_server_list_) &&
- (next_server_pos_ < current_server_list_->size())) {
- current_server_ = (*current_server_list_)[next_server_pos_];
- // Toss out any previous response.
- dns_update_response_.reset();
-
- // Set the tsig_key to that of the current server..
- TSIGKeyInfoPtr tsig_key_info = current_server_->getTSIGKeyInfo();
- if (tsig_key_info) {
- tsig_key_ = tsig_key_info->getTSIGKey();
- } else {
- tsig_key_.reset();
+ for (;;) {
+ if ((current_server_list_) &&
+ (next_server_pos_ < current_server_list_->size())) {
+ current_server_ = (*current_server_list_)[next_server_pos_];
+ // Toss out any previous response.
+ dns_update_response_.reset();
+
+ // Set the tsig_key to that of the current server..
+ if (!selectTSIGKey()) {
+ ++next_server_pos_;
+ continue;
+ }
+
+ // @todo Protocol is set on DNSClient constructor. We need
+ // to propagate a configuration value downward, probably starting
+ // at global, then domain, then server
+ // Once that is supported we need to add it here.
+ dns_client_.reset(new DNSClient(dns_update_response_ , this,
+ DNSClient::UDP));
+ ++next_server_pos_;
+ return (true);
}
- // @todo Protocol is set on DNSClient constructor. We need
- // to propagate a configuration value downward, probably starting
- // at global, then domain, then server
- // Once that is supported we need to add it here.
- dns_client_.reset(new DNSClient(dns_update_response_ , this,
- DNSClient::UDP));
- ++next_server_pos_;
- return (true);
+ return (false);
}
+}
- return (false);
+bool
+NameChangeTransaction::selectTSIGKey() {
+ TSIGKeyInfoPtr tsig_key_info = current_server_->getTSIGKeyInfo();
+ if (tsig_key_info) {
+ tsig_key_ = tsig_key_info->getTSIGKey();
+ } else {
+ tsig_key_.reset();
+ }
+
+ // This hook point allows hooks libraries to overwrite the TSIG key.
+ if (HooksManager::calloutsPresent(Hooks.hooks_index_select_key_)) {
+ CalloutHandlePtr callout_handle = HooksManager::createCalloutHandle();
+
+ callout_handle->setArgument("current_server", current_server_);
+ callout_handle->setArgument("tsig_key", tsig_key_);
+
+ HooksManager::callCallouts(Hooks.hooks_index_select_key_,
+ *callout_handle);
+
+ // This server is skipped not NEXT_STEP_CONTINUE status.
+ if (callout_handle->getStatus() != CalloutHandle::NEXT_STEP_CONTINUE) {
+ return (false);
+ }
+
+ // Reread the TSIG key.
+ callout_handle->getArgument("tsig_key", tsig_key_);
+ }
+
+ return (true);
}
+
const DNSClientPtr&
NameChangeTransaction::getDNSClient() const {
return (dns_client_);
/// servers from which to select.
bool selectNextServer();
+ /// @brief Selects the TSIG key.
+ ///
+ /// This method uses the current server and the select_key callout.
+ /// When no TSIG key is selected the tsig_key_ pointer is null.
+ ///
+ /// @return False when the current server should be skipped.
+ bool selectTSIGKey();
+
/// @brief Sets the update attempt count to the given value.
///
/// @param value is the new value to assign.
// There are no prerequisites.
- // Create the FQDN/IP PTR 'delete' RR for this IP and add it to
+ // Create the FQDN/IP PTR 'delete' RR for this IP and add it to
// the update section.
dns::RRsetPtr update(new dns::RRset(rev_ip, dns::RRClass::ANY(),
dns::RRType::PTR(), dns::RRTTL(0)));
const std::string& ip, const size_t port,
const TSIGKeyInfoPtr &tsig_key_info) {
DnsServerInfoPtr server(new DnsServerInfo(name, asiolink::IOAddress(ip),
- port, true, tsig_key_info, true));
+ port, true, tsig_key_info));
domain->getServers()->push_back(server);
}
// Key name is optional. If it is not blank, then find the key in the
// list of defined keys.
TSIGKeyInfoPtr tsig_key_info;
- bool inherited_key = false;
+ bool inherited_key = true;
if (key_name.empty()) {
std::string domain_key_name = getString(domain_config, "key-name");
if (!domain_key_name.empty()) {
key_name = domain_key_name;
- inherited_key = true;
}
+ } else {
+ inherited_key = false;
}
if (!key_name.empty()) {
if (keys) {
/// @param tsig_key_info pointer to the TSIGKeyInfo for the server's key
/// It defaults to an empty pointer, signifying the server has no key.
/// @param inherited_key is a flag that indicates whether the key was
- /// inherited from the domain or not. It defaults to false i.e. not
- /// inherited.
+ /// inherited from the domain or not. It defaults to true i.e. inherited.
DnsServerInfo(const std::string& hostname,
isc::asiolink::IOAddress ip_address,
uint32_t port = STANDARD_DNS_PORT,
bool enabled = true,
const TSIGKeyInfoPtr& tsig_key_info = TSIGKeyInfoPtr(),
- bool inherited_key = false);
+ bool inherited_key = true);
/// @brief Destructor
virtual ~DnsServerInfo();
/// 3. Add the new TSIGKeyInfo instance to the key map
///
/// @param key_list_config is the list of "tsig_key" elements to parse.
- /// @param keys map of defined TSIG keys
///
/// @return a map containing the TSIGKeyInfo instances
TSIGKeyInfoMapPtr parse(data::ConstElementPtr key_list_config);
projects / thirdparty / kea.git / commitdiff
