From: Wouter Wijngaards Date: Fri, 15 Jun 2018 15:01:31 +0000 (+0000) Subject: - unbound-control auth_zone_transfer _zone_ option starts the probe X-Git-Tag: release-1.8.0rc1~142 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=abff4d1237602d69640269943128582ac7ad1a13;p=thirdparty%2Funbound.git - unbound-control auth_zone_transfer _zone_ option starts the probe sequence for a master to transfer the zone from and transfers when a new zone version is available. git-svn-id: file:///svn/unbound/trunk@4736 be551aaa-1e26-0410-a405-d3ace91eadb9 --- diff --git a/daemon/remote.c b/daemon/remote.c index c3d073b30..ceeac4c66 100644 --- a/daemon/remote.c +++ b/daemon/remote.c @@ -2437,6 +2437,24 @@ do_auth_zone_reload(RES* ssl, struct worker* worker, char* arg) send_ok(ssl); } +/** do the auth_zone_transfer command */ +static void +do_auth_zone_transfer(RES* ssl, struct worker* worker, char* arg) +{ + size_t nmlen; + int nmlabs; + uint8_t* nm = NULL; + struct auth_zones* az = worker->env.auth_zones; + if(!parse_arg_name(ssl, arg, &nm, &nmlen, &nmlabs)) + return; + if(!az || !auth_zones_startprobesequence(az, &worker->env, nm, nmlen, + LDNS_RR_CLASS_IN)) { + (void)ssl_printf(ssl, "error zone xfr task not found %s\n", arg); + return; + } + send_ok(ssl); +} + /** do the set_option command */ static void do_set_option(RES* ssl, struct worker* worker, char* arg) @@ -2830,6 +2848,9 @@ execute_cmd(struct daemon_remote* rc, RES* ssl, char* cmd, } else if(cmdcmp(p, "auth_zone_reload", 16)) { do_auth_zone_reload(ssl, worker, skipwhite(p+16)); return; + } else if(cmdcmp(p, "auth_zone_transfer", 18)) { + do_auth_zone_transfer(ssl, worker, skipwhite(p+18)); + return; } else if(cmdcmp(p, "stub_add", 8)) { /* must always distribute this cmd */ if(rc) distribute_cmd(rc, ssl, cmd); diff --git a/doc/Changelog b/doc/Changelog index 4d96a9d3c..26c2bd1ad 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -2,6 +2,9 @@ - tag for 1.7.3rc1. - trunk has 1.7.4. - unbound-control auth_zone_reload _zone_ option rereads the zonefile. + - unbound-control auth_zone_transfer _zone_ option starts the probe + sequence for a master to transfer the zone from and transfers when + a new zone version is available. 14 June 2018: Wouter - #4103: Fix that auth-zone does not insist on SOA record first in diff --git a/doc/unbound-control.8.in b/doc/unbound-control.8.in index caae9dec9..6f9567f04 100644 --- a/doc/unbound-control.8.in +++ b/doc/unbound-control.8.in @@ -300,6 +300,11 @@ contents itself, not the cache contents. Such cache contents exists if you set unbound to validate with for-upstream yes and that can be cleared with \fBflush_zone\fR \fIzone\fR. .TP +.B auth_zone_transfer \fIzone\fR +Tranfer the auth zone from master. The auth zone probe sequence is started, +where the masters are probed to see if they have an updated zone (with the SOA +serial check). And then the zone is transferred for a newer zone version. +.TP .B view_list_local_zones \fIview\fR \fIlist_local_zones\fR for given view. .TP diff --git a/services/authzone.c b/services/authzone.c index f1ca2a2b0..a76b51f69 100644 --- a/services/authzone.c +++ b/services/authzone.c @@ -3470,6 +3470,23 @@ int auth_zones_notify(struct auth_zones* az, struct module_env* env, return 1; } +int auth_zones_startprobesequence(struct auth_zones* az, + struct module_env* env, uint8_t* nm, size_t nmlen, uint16_t dclass) +{ + struct auth_xfer* xfr; + lock_rw_rdlock(&az->lock); + xfr = auth_xfer_find(az, nm, nmlen, dclass); + if(!xfr) { + lock_rw_unlock(&az->lock); + return 0; + } + lock_basic_lock(&xfr->lock); + lock_rw_unlock(&az->lock); + + xfr_process_notify(xfr, env, 0, 0, NULL); + return 1; +} + /** set a zone expired */ static void auth_xfer_set_expired(struct auth_xfer* xfr, struct module_env* env, diff --git a/services/authzone.h b/services/authzone.h index 4e06c0654..69158de23 100644 --- a/services/authzone.h +++ b/services/authzone.h @@ -588,6 +588,12 @@ int auth_zones_notify(struct auth_zones* az, struct module_env* env, * returns 0 if no soa record in the notify */ int auth_zone_parse_notify_serial(struct sldns_buffer* pkt, uint32_t *serial); +/** for the zone and if not already going, starts the probe sequence. + * false if zone cannot be found. This is like a notify arrived and was + * accepted for that zone. */ +int auth_zones_startprobesequence(struct auth_zones* az, + struct module_env* env, uint8_t* nm, size_t nmlen, uint16_t dclass); + /** read auth zone from zonefile. caller must lock zone. false on failure */ int auth_zone_read_zonefile(struct auth_zone* z); diff --git a/smallapp/unbound-control.c b/smallapp/unbound-control.c index ab43c0eba..8eb4afb45 100644 --- a/smallapp/unbound-control.c +++ b/smallapp/unbound-control.c @@ -144,6 +144,7 @@ usage(void) printf(" +a list all, also not ratelimited\n"); printf(" list_auth_zones list auth zones\n"); printf(" auth_zone_reload zone reload auth zone from zonefile\n"); + printf(" auth_zone_transfer zone transfer auth zone from master\n"); printf(" view_list_local_zones view list local-zones in view\n"); printf(" view_list_local_data view list local-data RRs in view\n"); printf(" view_local_zone view name type add local-zone in view\n");