From: Wouter Wijngaards Date: Fri, 15 Oct 2010 09:31:58 +0000 (+0000) Subject: Root key option in the unbound windows installer works. X-Git-Tag: release-1.4.7rc1~31 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b20f11c6a7c8b7c5e851ab0743f5a4d227cd137b;p=thirdparty%2Funbound.git Root key option in the unbound windows installer works. git-svn-id: file:///svn/unbound/trunk@2294 be551aaa-1e26-0410-a405-d3ace91eadb9 --- diff --git a/winrc/setup.nsi b/winrc/setup.nsi index 66d5d1271..ff1b0b39a 100644 --- a/winrc/setup.nsi +++ b/winrc/setup.nsi @@ -122,9 +122,9 @@ section "-hidden.postinstall" FileWrite $R1 "$\nserver: auto-trust-anchor-file: $\"$INSTDIR\root.key$\"$\n" FileClose $R1 done_rk: - WriteRegStr HKLM "Software\Unbound" "RootAnchor" "yes" + WriteRegStr HKLM "Software\Unbound" "RootAnchor" "$\"$INSTDIR\unbound-anchor.exe$\"" ${Else} - WriteRegStr HKLM "Software\Unbound" "RootAnchor" "no" + WriteRegStr HKLM "Software\Unbound" "RootAnchor" "" ${EndIf} # Store DLV choice @@ -213,6 +213,7 @@ section "un.Unbound" Delete "$INSTDIR\service.conf" Delete "$INSTDIR\example.conf" Delete "$INSTDIR\dlv.isc.org.key" + Delete "$INSTDIR\root.key" RMDir "$INSTDIR" # start menu items diff --git a/winrc/win_svc.c b/winrc/win_svc.c index 316584be3..b1525f0c5 100644 --- a/winrc/win_svc.c +++ b/winrc/win_svc.c @@ -231,6 +231,66 @@ lookup_reg_int(const char* key, const char* name) return result; } +/** wait for unbound-anchor process to finish */ +static void +waitforubanchor(PROCESS_INFORMATION* pinfo) +{ + /* we have 5 seconds scheduled for it, usually it will be very fast, + * with only a UDP message or two (100 msec or so), but the https + * connections could take some time */ + DWORD count = 7900; + DWORD ret = WAIT_TIMEOUT; + /* decrease timer every 1/10 second, we are still starting up */ + while(ret == WAIT_TIMEOUT) { + ret = WaitForSingleObject(pinfo->hProcess, 100); + if(count > 4000) count -= 100; + else count--; /* go slow, it is taking long */ + if(count > 3000) + report_status(SERVICE_START_PENDING, NO_ERROR, count); + } + verbose(VERB_ALGO, "unbound-anchor done"); + if(ret != WAIT_OBJECT_0) { + return; /* did not end successfully */ + } + if(!GetExitCodeProcess(pinfo->hProcess, &ret)) { + log_err("GetExitCodeProcess failed"); + return; + } + verbose(VERB_ALGO, "unbound-anchor exit code is %d", (int)ret); + if(ret != 0) { + log_info("The root trust anchor has been updated."); + } +} + + +/** + * Perform root anchor update if so configured, by calling that process + */ +static void +call_root_update(void) +{ + char* rootanchor; + rootanchor = lookup_reg_str("Software\\Unbound", "RootAnchor"); + if(rootanchor && strlen(rootanchor)>0) { + STARTUPINFO sinfo; + PROCESS_INFORMATION pinfo; + memset(&pinfo, 0, sizeof(pinfo)); + memset(&sinfo, 0, sizeof(sinfo)); + sinfo.cb = sizeof(sinfo); + verbose(VERB_ALGO, "rootanchor: %s", rootanchor); + report_status(SERVICE_START_PENDING, NO_ERROR, 8000); + if(!CreateProcess(NULL, rootanchor, NULL, NULL, 0, + CREATE_NO_WINDOW, NULL, NULL, &sinfo, &pinfo)) + log_err("CreateProcess error for unbound-anchor.exe"); + else { + waitforubanchor(&pinfo); + CloseHandle(pinfo.hProcess); + CloseHandle(pinfo.hThread); + } + } + free(rootanchor); +} + /** * Init service. Keeps calling status pending to tell service control * manager that this process is not hanging. @@ -343,6 +403,9 @@ service_main(DWORD ATTR_UNUSED(argc), LPTSTR* ATTR_UNUSED(argv)) service_status.dwServiceType = SERVICE_WIN32_OWN_PROCESS; service_status.dwServiceSpecificExitCode = 0; + /* see if we have root anchor update enabled */ + call_root_update(); + /* we are now starting up */ report_status(SERVICE_START_PENDING, NO_ERROR, 3000); if(!service_init(0, &daemon, &cfg)) { @@ -483,8 +546,8 @@ win_do_cron(void* ATTR_UNUSED(arg)) CloseHandle(pinfo.hProcess); CloseHandle(pinfo.hThread); } - free(cronaction); - } else if(cronaction) free(cronaction); + } + free(cronaction); /* stop self */ CloseHandle(cron_thread); cron_thread = NULL;