iter = 0;
val = 0;
for(i=0; i<worker->env.mesh->mods.num; i++) {
- log_assert(fptr_whitelist_mod_get_mem(worker->env.mesh->
+ fptr_ok(fptr_whitelist_mod_get_mem(worker->env.mesh->
mods.mod[i]->get_mem));
if(strcmp(worker->env.mesh->mods.mod[i]->name, "validator")==0)
val += (*worker->env.mesh->mods.mod[i]->get_mem)
if(verbosity < VERB_QUERY)
return;
for(i=0; i<worker->env.mesh->mods.num; i++) {
- log_assert(fptr_whitelist_mod_get_mem(worker->env.mesh->
+ fptr_ok(fptr_whitelist_mod_get_mem(worker->env.mesh->
mods.mod[i]->get_mem));
if(strcmp(worker->env.mesh->mods.mod[i]->name, "validator")==0)
val += (*worker->env.mesh->mods.mod[i]->get_mem)
worker->stats.num_query_list_exceeded++;
comm_point_drop_reply(repinfo);
return 0;
+ } else if(worker->env.mesh->num_reply_addrs >
+ worker->request_size*256) {
+ verbose(VERB_ALGO, "Too many requests queued. "
+ "dropping incoming query.");
+ worker->stats.num_query_list_exceeded++;
+ comm_point_drop_reply(repinfo);
+ return 0;
}
mesh_new_client(worker->env.mesh, &qinfo,
ldns_buffer_read_u16_at(c->buffer, 2),
+20 February 2008: Wouter
+ - setup speec_cache for need-ldns-testns in dotests.
+ - check number of queued replies on incoming queries to avoid overload
+ on that account.
+ - fptr whitelist checks are not disabled in optimize mode.
+
19 February 2008: Wouter
- applied patch to unbound-host man page from Jan-Piet Mens.
- fix donotquery-localhost: yes default (it erroneously was switched
qinf.qname_len = namelen;
qinf.qtype = t;
qinf.qclass = c;
- log_assert(fptr_whitelist_modenv_detect_cycle(
+ fptr_ok(fptr_whitelist_modenv_detect_cycle(
qstate->env->detect_cycle));
return (*qstate->env->detect_cycle)(qstate, &qinf,
(uint16_t)(BIT_RD|BIT_CD), qstate->is_priming);
qflags |= BIT_CD;
/* attach subquery, lookup existing or make a new one */
- log_assert(fptr_whitelist_modenv_attach_sub(qstate->env->attach_sub));
+ fptr_ok(fptr_whitelist_modenv_attach_sub(qstate->env->attach_sub));
if(!(*qstate->env->attach_sub)(qstate, &qinf, qflags, prime, &subq)) {
return 0;
}
sizeof(struct iter_qstate));
if(!subq->minfo[id]) {
log_err("init subq: out of memory");
- log_assert(fptr_whitelist_modenv_kill_sub(
+ fptr_ok(fptr_whitelist_modenv_kill_sub(
qstate->env->kill_sub));
(*qstate->env->kill_sub)(subq);
return 0;
subiq->dp = delegpt_copy(stub_dp, subq->region);
if(!subiq->dp) {
log_err("out of memory priming stub, copydp");
- log_assert(fptr_whitelist_modenv_kill_sub(
+ fptr_ok(fptr_whitelist_modenv_kill_sub(
qstate->env->kill_sub));
(*qstate->env->kill_sub)(subq);
(void)error_response(qstate, id, LDNS_RCODE_SERVFAIL);
log_query_info(VERB_QUERY, "sending query:", &iq->qchase);
log_name_addr(VERB_QUERY, "sending to target:", iq->dp->name,
&target->addr, target->addrlen);
- log_assert(fptr_whitelist_modenv_send_query(qstate->env->send_query));
+ fptr_ok(fptr_whitelist_modenv_send_query(qstate->env->send_query));
outq = (*qstate->env->send_query)(
iq->qchase.qname, iq->qchase.qname_len,
iq->qchase.qtype, iq->qchase.qclass,
/* close down outstanding requests to be discarded */
outbound_list_clear(&iq->outlist);
iq->num_current_queries = 0;
- log_assert(fptr_whitelist_modenv_detach_subs(
+ fptr_ok(fptr_whitelist_modenv_detach_subs(
qstate->env->detach_subs));
(*qstate->env->detach_subs)(qstate);
iq->num_target_queries = 0;
*/
outbound_list_clear(&iq->outlist);
iq->num_current_queries = 0;
- log_assert(fptr_whitelist_modenv_detach_subs(
+ fptr_ok(fptr_whitelist_modenv_detach_subs(
qstate->env->detach_subs));
(*qstate->env->detach_subs)(qstate);
iq->num_target_queries = 0;
*/
outbound_list_clear(&iq->outlist);
iq->num_current_queries = 0;
- log_assert(fptr_whitelist_modenv_detach_subs(
+ fptr_ok(fptr_whitelist_modenv_detach_subs(
qstate->env->detach_subs));
(*qstate->env->detach_subs)(qstate);
iq->num_target_queries = 0;
/* de-init modules */
mesh = mstate->s.env->mesh;
for(i=0; i<mesh->mods.num; i++) {
- log_assert(fptr_whitelist_mod_clear(mesh->mods.mod[i]->clear));
+ fptr_ok(fptr_whitelist_mod_clear(mesh->mods.mod[i]->clear));
(*mesh->mods.mod[i]->clear)(&mstate->s, i);
mstate->s.minfo[i] = NULL;
mstate->s.ext_state[i] = module_finished;
/* make super runnable */
(void)rbtree_insert(&mesh->run, &ref->s->run_node);
/* callback the function to inform super of result */
- log_assert(fptr_whitelist_mod_inform_super(
+ fptr_ok(fptr_whitelist_mod_inform_super(
mesh->mods.mod[ref->s->s.curmod]->inform_super));
(*mesh->mods.mod[ref->s->s.curmod]->inform_super)(&mstate->s,
ref->s->s.curmod, &ref->s->s);
verbose(VERB_ALGO, "mesh_run: start");
while(mstate) {
/* run the module */
- log_assert(fptr_whitelist_mod_operate(
+ fptr_ok(fptr_whitelist_mod_operate(
mesh->mods.mod[mstate->s.curmod]->operate));
(*mesh->mods.mod[mstate->s.curmod]->operate)
(&mstate->s, ev, mstate->s.curmod, e);
for(i=0; i<stack->num; i++) {
verbose(VERB_OPS, "init module %d: %s",
i, stack->mod[i]->name);
- log_assert(fptr_whitelist_mod_init(stack->mod[i]->init));
+ fptr_ok(fptr_whitelist_mod_init(stack->mod[i]->init));
if(!(*stack->mod[i]->init)(env, i)) {
log_err("module init for module %s failed",
stack->mod[i]->name);
{
int i;
for(i=0; i<stack->num; i++) {
- log_assert(fptr_whitelist_mod_deinit(stack->mod[i]->deinit));
+ fptr_ok(fptr_whitelist_mod_deinit(stack->mod[i]->deinit));
(*stack->mod[i]->deinit)(env, i);
}
stack->num = 0;
comm_point_callback_t* cb = w->cb;
void* cb_arg = w->cb_arg;
waiting_tcp_delete(w);
- log_assert(fptr_whitelist_pending_tcp(cb));
+ fptr_ok(fptr_whitelist_pending_tcp(cb));
(void)(*cb)(NULL, cb_arg, NETEVENT_CLOSED, NULL);
}
}
error = NETEVENT_CLOSED;
}
}
- log_assert(fptr_whitelist_pending_tcp(pend->query->cb));
+ fptr_ok(fptr_whitelist_pending_tcp(pend->query->cb));
(void)(*pend->query->cb)(c, pend->query->cb_arg, error, reply_info);
decomission_pending_tcp(outnet, pend);
return 0;
verbose(VERB_ALGO, "outnet handle udp reply");
/* delete from tree first in case callback creates a retry */
(void)rbtree_delete(outnet->pending, p->node.key);
- log_assert(fptr_whitelist_pending_udp(p->cb));
+ fptr_ok(fptr_whitelist_pending_udp(p->cb));
(void)(*p->cb)(p->c, p->cb_arg, NETEVENT_NOERROR, reply_info);
pending_delete(NULL, p);
return 0;
struct pending* p = (struct pending*)arg;
/* it timed out */
verbose(VERB_ALGO, "timeout udp");
- log_assert(fptr_whitelist_pending_udp(p->cb));
+ fptr_ok(fptr_whitelist_pending_udp(p->cb));
(void)(*p->cb)(p->c, p->cb_arg, NETEVENT_TIMEOUT, NULL);
pending_delete(p->outnet, p);
}
cb = w->cb;
cb_arg = w->cb_arg;
waiting_tcp_delete(w);
- log_assert(fptr_whitelist_pending_tcp(cb));
+ fptr_ok(fptr_whitelist_pending_tcp(cb));
(void)(*cb)(NULL, cb_arg, NETEVENT_TIMEOUT, NULL);
use_free_buffer(outnet);
}
ldns_buffer_write(c->buffer, backup_p, backlen);
ldns_buffer_flip(c->buffer);
}
- log_assert(fptr_whitelist_serviced_query(p->cb));
+ fptr_ok(fptr_whitelist_serviced_query(p->cb));
(void)(*p->cb)(c, p->cb_arg, error, rep);
p = n;
}
NEED_SPLINT='00-lint.tpkg'
NEED_DOXYGEN='01-doc.tpkg'
-NEED_LDNS_TESTNS='fwd_no_edns.tpkg fwd_tcp_tc.tpkg fwd_tcp.tpkg fwd_three_service.tpkg fwd_three.tpkg fwd_ttlexpire.tpkg fwd_udp.tpkg fwd_tcp_tc6.tpkg fwd_compress_c00c.tpkg fwd_ancil.tpkg stat_timer.tpkg 05-asynclook.tpkg stream_tcp.tpkg'
+NEED_LDNS_TESTNS='fwd_no_edns.tpkg fwd_tcp_tc.tpkg fwd_tcp.tpkg fwd_three_service.tpkg fwd_three.tpkg fwd_ttlexpire.tpkg fwd_udp.tpkg fwd_tcp_tc6.tpkg fwd_compress_c00c.tpkg fwd_ancil.tpkg stat_timer.tpkg 05-asynclook.tpkg stream_tcp.tpkg speed_cache.tpkg'
NEED_XXD='fwd_compress_c00c.tpkg'
NEED_NC='fwd_compress_c00c.tpkg'
#include "util/storage/lruhash.h"
#include "util/module.h"
+/**
+ * Macro to perform an assertion check for fptr wlist checks.
+ * Does not get disabled in optimize mode. Check adds security by layers.
+ */
+#define fptr_ok(x) \
+ do { if(!(x)) \
+ fatal_exit("%s:%d: %s: pointer whitelist %s failed", \
+ __FILE__, __LINE__, __func__, #x); \
+ } while(0);
+
/**
* Check function pointer whitelist for comm_point callback values.
*
/* event times out, remove it */
(void)rbtree_delete(base->times, p);
p->ev_events &= ~EV_TIMEOUT;
- log_assert(fptr_whitelist_event(p->ev_callback));
+ fptr_ok(fptr_whitelist_event(p->ev_callback));
(*p->ev_callback)(p->ev_fd, EV_TIMEOUT, p->ev_arg);
}
}
}
bits &= base->fds[i]->ev_events;
if(bits) {
- log_assert(fptr_whitelist_event(
+ fptr_ok(fptr_whitelist_event(
base->fds[i]->ev_callback));
(*base->fds[i]->ev_callback)(base->fds[i]->ev_fd,
bits, base->fds[i]->ev_arg);
ev->ev_fd = fd;
ev->ev_events = bits;
ev->ev_callback = cb;
- log_assert(fptr_whitelist_event(ev->ev_callback));
+ fptr_ok(fptr_whitelist_event(ev->ev_callback));
ev->ev_arg = arg;
ev->added = 0;
}
ev = signal_base->signals[sig];
if(!ev)
return;
- log_assert(fptr_whitelist_event(ev->ev_callback));
+ fptr_ok(fptr_whitelist_event(ev->ev_callback));
(*ev->ev_callback)(sig, EV_SIGNAL, ev->ev_arg);
}
if(verbosity >= VERB_ALGO)
p_ancil("receive_udp on interface", &rep);
#endif /* S_SPLINT_S */
- log_assert(fptr_whitelist_comm_point(rep.c->callback));
+ fptr_ok(fptr_whitelist_comm_point(rep.c->callback));
if((*rep.c->callback)(rep.c, rep.c->cb_arg, NETEVENT_NOERROR, &rep)) {
/* send back immediate reply */
(void)comm_point_send_udp_msg_if(rep.c, rep.c->buffer,
ldns_buffer_skip(rep.c->buffer, recv);
ldns_buffer_flip(rep.c->buffer);
rep.srctype = 0;
- log_assert(fptr_whitelist_comm_point(rep.c->callback));
+ fptr_ok(fptr_whitelist_comm_point(rep.c->callback));
if((*rep.c->callback)(rep.c, rep.c->cb_arg, NETEVENT_NOERROR, &rep)) {
/* send back immediate reply */
(void)comm_point_send_udp_msg(rep.c, rep.c->buffer,
c->tcp_byte_count = 0;
if(c->type == comm_tcp)
comm_point_stop_listening(c);
- log_assert(fptr_whitelist_comm_point(c->callback));
+ fptr_ok(fptr_whitelist_comm_point(c->callback));
if( (*c->callback)(c, c->cb_arg, NETEVENT_NOERROR, &c->repinfo) ) {
comm_point_start_listening(c, -1, TCP_QUERY_TIMEOUT);
}
if(!comm_point_tcp_handle_read(fd, c, 0)) {
reclaim_tcp_handler(c);
if(!c->tcp_do_close) {
- log_assert(fptr_whitelist_comm_point(
+ fptr_ok(fptr_whitelist_comm_point(
c->callback));
(void)(*c->callback)(c, c->cb_arg,
NETEVENT_CLOSED, NULL);
if(!comm_point_tcp_handle_write(fd, c)) {
reclaim_tcp_handler(c);
if(!c->tcp_do_close) {
- log_assert(fptr_whitelist_comm_point(
+ fptr_ok(fptr_whitelist_comm_point(
c->callback));
(void)(*c->callback)(c, c->cb_arg,
NETEVENT_CLOSED, NULL);
verbose(VERB_QUERY, "tcp took too long, dropped");
reclaim_tcp_handler(c);
if(!c->tcp_do_close) {
- log_assert(fptr_whitelist_comm_point(c->callback));
+ fptr_ok(fptr_whitelist_comm_point(c->callback));
(void)(*c->callback)(c, c->cb_arg,
NETEVENT_TIMEOUT, NULL);
}
if(event&EV_READ) {
if(!comm_point_tcp_handle_read(fd, c, 1)) {
- log_assert(fptr_whitelist_comm_point(c->callback));
+ fptr_ok(fptr_whitelist_comm_point(c->callback));
(void)(*c->callback)(c, c->cb_arg, NETEVENT_CLOSED,
NULL);
}
return;
comm_base_now(tm->ev_timer->base);
tm->ev_timer->enabled = 0;
- log_assert(fptr_whitelist_comm_timer(tm->callback));
+ fptr_ok(fptr_whitelist_comm_timer(tm->callback));
(*tm->callback)(tm->cb_arg);
}
if(!(event & EV_SIGNAL))
return;
comm_base_now(comsig->base);
- log_assert(fptr_whitelist_comm_signal(comsig->callback));
+ fptr_ok(fptr_whitelist_comm_signal(comsig->callback));
(*comsig->callback)(sig, comsig->cb_arg);
}
rbnode_t *node = rbtree->root;
rbnode_t *parent = RBTREE_NULL;
- log_assert(fptr_whitelist_rbtree_cmp(rbtree->cmp));
+ fptr_ok(fptr_whitelist_rbtree_cmp(rbtree->cmp));
/* Lets find the new parent... */
while (node != RBTREE_NULL) {
/* Compare two keys, do we have a duplicate? */
node = rbtree->root;
*result = NULL;
- log_assert(fptr_whitelist_rbtree_cmp(rbtree->cmp));
+ fptr_ok(fptr_whitelist_rbtree_cmp(rbtree->cmp));
/* While there are children... */
while (node != RBTREE_NULL) {
struct lruhash_bin* bin;
struct lruhash_entry* found, *reclaimlist=NULL;
size_t need_size;
- log_assert(fptr_whitelist_hash_sizefunc(table->sizefunc));
- log_assert(fptr_whitelist_hash_delkeyfunc(table->delkeyfunc));
- log_assert(fptr_whitelist_hash_deldatafunc(table->deldatafunc));
- log_assert(fptr_whitelist_hash_compfunc(table->compfunc));
- log_assert(fptr_whitelist_hash_markdelfunc(table->markdelfunc));
+ fptr_ok(fptr_whitelist_hash_sizefunc(table->sizefunc));
+ fptr_ok(fptr_whitelist_hash_delkeyfunc(table->delkeyfunc));
+ fptr_ok(fptr_whitelist_hash_deldatafunc(table->deldatafunc));
+ fptr_ok(fptr_whitelist_hash_compfunc(table->compfunc));
+ fptr_ok(fptr_whitelist_hash_markdelfunc(table->markdelfunc));
need_size = table->sizefunc(entry->key, data);
if(cb_arg == NULL) cb_arg = table->cb_arg;
{
struct lruhash_entry* entry;
struct lruhash_bin* bin;
- log_assert(fptr_whitelist_hash_compfunc(table->compfunc));
+ fptr_ok(fptr_whitelist_hash_compfunc(table->compfunc));
lock_quick_lock(&table->lock);
bin = &table->array[hash & table->size_mask];
struct lruhash_entry* entry;
struct lruhash_bin* bin;
void *d;
- log_assert(fptr_whitelist_hash_sizefunc(table->sizefunc));
- log_assert(fptr_whitelist_hash_delkeyfunc(table->delkeyfunc));
- log_assert(fptr_whitelist_hash_deldatafunc(table->deldatafunc));
- log_assert(fptr_whitelist_hash_compfunc(table->compfunc));
- log_assert(fptr_whitelist_hash_markdelfunc(table->markdelfunc));
+ fptr_ok(fptr_whitelist_hash_sizefunc(table->sizefunc));
+ fptr_ok(fptr_whitelist_hash_delkeyfunc(table->delkeyfunc));
+ fptr_ok(fptr_whitelist_hash_deldatafunc(table->deldatafunc));
+ fptr_ok(fptr_whitelist_hash_compfunc(table->compfunc));
+ fptr_ok(fptr_whitelist_hash_markdelfunc(table->markdelfunc));
lock_quick_lock(&table->lock);
bin = &table->array[hash & table->size_mask];
size_t i;
if(!table)
return;
- log_assert(fptr_whitelist_hash_delkeyfunc(table->delkeyfunc));
- log_assert(fptr_whitelist_hash_deldatafunc(table->deldatafunc));
- log_assert(fptr_whitelist_hash_markdelfunc(table->markdelfunc));
+ fptr_ok(fptr_whitelist_hash_delkeyfunc(table->delkeyfunc));
+ fptr_ok(fptr_whitelist_hash_deldatafunc(table->deldatafunc));
+ fptr_ok(fptr_whitelist_hash_markdelfunc(table->markdelfunc));
lock_quick_lock(&table->lock);
for(i=0; i<table->size; i++) {
ask.qtype = qtype;
ask.qclass = qclass;
log_query_info(VERB_ALGO, "generate request", &ask);
- log_assert(fptr_whitelist_modenv_attach_sub(qstate->env->attach_sub));
+ fptr_ok(fptr_whitelist_modenv_attach_sub(qstate->env->attach_sub));
if(!(*qstate->env->attach_sub)(qstate, &ask,
(uint16_t)(BIT_RD|BIT_CD), 0, &newq)){
log_err("Could not generate request: out of memory");
projects / thirdparty / unbound.git / commitdiff
