Root key option in the unbound windows installer works.

author Wouter Wijngaards <wouter@nlnetlabs.nl>

Fri, 15 Oct 2010 09:31:58 +0000 (09:31 +0000)

committer Wouter Wijngaards <wouter@nlnetlabs.nl>

Fri, 15 Oct 2010 09:31:58 +0000 (09:31 +0000)
author Wouter Wijngaards <wouter@nlnetlabs.nl>
Fri, 15 Oct 2010 09:31:58 +0000 (09:31 +0000)
committer Wouter Wijngaards <wouter@nlnetlabs.nl>
Fri, 15 Oct 2010 09:31:58 +0000 (09:31 +0000)
diff --git a/winrc/setup.nsi b/winrc/setup.nsi

index 66d5d12714b39065d0083079352f31238b21fc24..ff1b0b39a0d5f566ac58005708cf5f9c75fea96a 100644 (file)
--- a/winrc/setup.nsi
+++ b/winrc/setup.nsi
@@ -122,9 +122,9 @@ section "-hidden.postinstall"
                 FileWrite $R1 "$\nserver: auto-trust-anchor-file: $\"$INSTDIR\root.key$\"$\n"
                 FileClose $R1
           done_rk:
-               WriteRegStr HKLM "Software\Unbound" "RootAnchor" "yes"
+               WriteRegStr HKLM "Software\Unbound" "RootAnchor" "$\"$INSTDIR\unbound-anchor.exe$\""
         ${Else}
-               WriteRegStr HKLM "Software\Unbound" "RootAnchor" "no"
+               WriteRegStr HKLM "Software\Unbound" "RootAnchor" ""
         ${EndIf}
  
         # Store DLV choice
@@ -213,6 +213,7 @@ section "un.Unbound"
         Delete "$INSTDIR\service.conf"
         Delete "$INSTDIR\example.conf"
         Delete "$INSTDIR\dlv.isc.org.key"
+       Delete "$INSTDIR\root.key"
         RMDir "$INSTDIR"
  
         # start menu items
diff --git a/winrc/win_svc.c b/winrc/win_svc.c

index 316584be3104a3f38d76788741dce964e9b79356..b1525f0c51ab8cff49c187f70e78b9ba15f27c51 100644 (file)
--- a/winrc/win_svc.c
+++ b/winrc/win_svc.c
@@ -231,6 +231,66 @@ lookup_reg_int(const char* key, const char* name)
         return result;
  }
  
+/** wait for unbound-anchor process to finish */
+static void
+waitforubanchor(PROCESS_INFORMATION* pinfo)
+{
+       /* we have 5 seconds scheduled for it, usually it will be very fast,
+        * with only a UDP message or two (100 msec or so), but the https
+        * connections could take some time */
+       DWORD count = 7900;
+       DWORD ret = WAIT_TIMEOUT;
+       /* decrease timer every 1/10 second, we are still starting up */
+       while(ret == WAIT_TIMEOUT) {
+               ret = WaitForSingleObject(pinfo->hProcess, 100);
+               if(count > 4000) count -= 100;
+               else count--; /* go slow, it is taking long */
+               if(count > 3000)
+                       report_status(SERVICE_START_PENDING, NO_ERROR, count);
+       }
+       verbose(VERB_ALGO, "unbound-anchor done");
+       if(ret != WAIT_OBJECT_0) {
+               return; /* did not end successfully */
+       }
+       if(!GetExitCodeProcess(pinfo->hProcess, &ret)) {
+               log_err("GetExitCodeProcess failed");
+               return;
+       }
+       verbose(VERB_ALGO, "unbound-anchor exit code is %d", (int)ret);
+       if(ret != 0) {
+               log_info("The root trust anchor has been updated.");
+       }
+}
+
+
+/**
+ * Perform root anchor update if so configured, by calling that process
+ */
+static void
+call_root_update(void)
+{
+       char* rootanchor;
+       rootanchor = lookup_reg_str("Software\\Unbound", "RootAnchor");
+       if(rootanchor && strlen(rootanchor)>0) {
+               STARTUPINFO sinfo;
+               PROCESS_INFORMATION pinfo;
+               memset(&pinfo, 0, sizeof(pinfo));
+               memset(&sinfo, 0, sizeof(sinfo));
+               sinfo.cb = sizeof(sinfo);
+               verbose(VERB_ALGO, "rootanchor: %s", rootanchor);
+               report_status(SERVICE_START_PENDING, NO_ERROR, 8000);
+               if(!CreateProcess(NULL, rootanchor, NULL, NULL, 0, 
+                       CREATE_NO_WINDOW, NULL, NULL, &sinfo, &pinfo))
+                       log_err("CreateProcess error for unbound-anchor.exe");
+               else {
+                       waitforubanchor(&pinfo);
+                       CloseHandle(pinfo.hProcess);
+                       CloseHandle(pinfo.hThread);
+               }
+       }
+       free(rootanchor);
+}
+
  /**
   * Init service. Keeps calling status pending to tell service control
   * manager that this process is not hanging.
@@ -343,6 +403,9 @@ service_main(DWORD ATTR_UNUSED(argc), LPTSTR* ATTR_UNUSED(argv))
         service_status.dwServiceType = SERVICE_WIN32_OWN_PROCESS;
         service_status.dwServiceSpecificExitCode = 0;
  
+       /* see if we have root anchor update enabled */
+       call_root_update();
+
         /* we are now starting up */
         report_status(SERVICE_START_PENDING, NO_ERROR, 3000);
         if(!service_init(0, &daemon, &cfg)) {
@@ -483,8 +546,8 @@ win_do_cron(void* ATTR_UNUSED(arg))
                         CloseHandle(pinfo.hProcess);
                         CloseHandle(pinfo.hThread);
                 }
-               free(cronaction);
-       } else if(cronaction) free(cronaction);
+       }
+       free(cronaction);
         /* stop self */
         CloseHandle(cron_thread);
         cron_thread = NULL;
author	Wouter Wijngaards <wouter@nlnetlabs.nl>
	Fri, 15 Oct 2010 09:31:58 +0000 (09:31 +0000)
committer	Wouter Wijngaards <wouter@nlnetlabs.nl>
	Fri, 15 Oct 2010 09:31:58 +0000 (09:31 +0000)
winrc/setup.nsi		patch \| blob \| blame \| history
winrc/win_svc.c		patch \| blob \| blame \| history