From: bert hubert <bert.hubert@netherlabs.nl>
Date: Tue, 28 Oct 2014 09:45:12 +0000 (+0100)
Subject: actually hook up the security polling
X-Git-Tag: auth-3.4.1~3
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a8750a501b9cb42fbdff03cbfff12ce559aec51e;p=thirdparty%2Fpdns.git

actually hook up the security polling
---

diff --git a/pdns/common_startup.cc b/pdns/common_startup.cc
index 7fdf047485..824f8e8fd1 100644
--- a/pdns/common_startup.cc
+++ b/pdns/common_startup.cc
@@ -21,6 +21,7 @@
 */
 #include "common_startup.hh"
 #include "ws-auth.hh"
+#include "secpoll-auth.hh"
 
 bool g_anyToTcp;
 typedef Distributor<DNSPacket,DNSPacket,PacketHandler> DNSDistributor;
@@ -160,6 +161,7 @@ void declareArguments()
   ::arg().set("max-nsec3-iterations","Limit the number of NSEC3 hash iterations")="500"; // RFC5155 10.3
 
   ::arg().set("include-dir","Include *.conf files from this directory");
+  ::arg().set("security-poll-suffix","Domain name from which to query security update notifications")="secpoll.powerdns.com.";
 }
 
 void declareStats(void)
@@ -199,7 +201,7 @@ void declareStats(void)
   S.declare("servfail-packets","Number of times a server-failed packet was sent out");
   S.declare("latency","Average number of microseconds needed to answer a question");
   S.declare("timedout-packets","Number of packets which weren't answered within timeout set");
-
+  S.declare("security-status", "Security status based on regular polling");
   S.declareRing("queries","UDP Queries Received");
   S.declareRing("nxdomain-queries","Queries for non-existent records within existent domains");
   S.declareRing("noerror-queries","Queries for existing records, but for type we don't have");
@@ -363,6 +365,9 @@ void mainthread()
 
    DNSPacket::s_udpTruncationThreshold = std::max(512, ::arg().asNum("udp-truncation-threshold"));
    DNSPacket::s_doEDNSSubnetProcessing = ::arg().mustDo("edns-subnet-processing");
+
+   doSecPoll(true); // this must be BEFORE chroot
+
    if(!::arg()["chroot"].empty()) {  
      if(::arg().mustDo("master") || ::arg().mustDo("slave"))
         gethostbyname("a.root-servers.net"); // this forces all lookup libraries to be loaded
@@ -400,13 +405,16 @@ void mainthread()
     TN->go(); // tcp nameserver launch
 
   pthread_create(&qtid,0,carbonDumpThread, 0); // runs even w/o carbon, might change @ runtime    
+
   //  fork(); (this worked :-))
   unsigned int max_rthreads= ::arg().asNum("receiver-threads", 1);
   for(unsigned int n=0; n < max_rthreads; ++n)
     pthread_create(&qtid,0,qthread, reinterpret_cast<void *>(n)); // receives packets
 
-  void *p;
-  pthread_join(qtid, &p);
+  for(;;) {
+    sleep(1800);
+    doSecPoll(false);
+  }
   
   L<<Logger::Error<<"Mainthread exiting - should never happen"<<endl;
 }