From: Charles-Henri Bruyand <charles-henri.bruyand@open-xchange.com>
Date: Thu, 19 Sep 2019 15:30:24 +0000 (+0200)
Subject: auth: lua monitoring, lock on status change, better report malformed options content
X-Git-Tag: auth-4.3.0-alpha1^2~2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e3982a50a3f076acef0f423bfa1fcbdc20b7581a;p=thirdparty%2Fpdns.git

auth: lua monitoring, lock on status change, better report malformed options content
---

diff --git a/docs/settings.rst b/docs/settings.rst
index 2bf913eb78..16e84782ac 100644
--- a/docs/settings.rst
+++ b/docs/settings.rst
@@ -880,7 +880,7 @@ Script to be used to edit incoming AXFRs, see :ref:`modes-of-operation-axfrfilte
 .. _setting-lua-health-checks-expire-delay:
 
 ``lua-health-checks-expire-delay``
------------------------------
+----------------------------------
 
 -  Integer
 -  Default: 3600
@@ -893,7 +893,7 @@ isn't used any more (either deleted or modified).
 .. _setting-lua-health-checks-interval:
 
 ``lua-health-checks-interval``
------------------------------
+------------------------------
 
 -  Integer
 -  Default: 5
diff --git a/pdns/common_startup.cc b/pdns/common_startup.cc
index 37a843634f..9b97b5e9a8 100644
--- a/pdns/common_startup.cc
+++ b/pdns/common_startup.cc
@@ -219,9 +219,8 @@ void declareArguments()
 #ifdef HAVE_LUA_RECORDS
   ::arg().setSwitch("enable-lua-records", "Process LUA records for all zones (metadata overrides this)")="no";
   ::arg().set("lua-records-exec-limit", "LUA records scripts execution limit (instructions count). Values <= 0 mean no limit")="1000";
-  ::arg().set("lua-health-checks-expire-delay", "Stops doing health checks after the record hasn't been unused for that delay (in seconds)")="3600";
+  ::arg().set("lua-health-checks-expire-delay", "Stops doing health checks after the record hasn't been used for that delay (in seconds)")="3600";
   ::arg().set("lua-health-checks-interval", "LUA records health checks monitoring interval in seconds")="5";
-  ::arg().set("lua-health-checks-timeout", "Maximum time in milliseconds that you allow the LUA monitoring health checks to take")="500";
 #endif
   ::arg().setSwitch("axfr-lower-serial", "Also AXFR a zone from a master with a lower serial")="no";
 
diff --git a/pdns/lua-record.cc b/pdns/lua-record.cc
index 6e1418ff91..4760a46891 100644
--- a/pdns/lua-record.cc
+++ b/pdns/lua-record.cc
@@ -111,13 +111,13 @@ private:
         throw std::runtime_error(boost::str(boost::format("unable to match content with `%s`") % cd.opts.at("stringmatch")));
       }
       if(!status) {
-        g_log<<Logger::Warning<<"LUA record monitoring declaring "<<cd.rem.toString()<<" UP for URL "<<cd.url<<"!"<<endl;
+        g_log<<Logger::Info<<"LUA record monitoring declaring "<<cd.rem.toString()<<" UP for URL "<<cd.url<<"!"<<endl;
       }
       setUp(cd);
     }
     catch(std::exception& ne) {
       if(status || first)
-        g_log<<Logger::Warning<<"LUA record monitoring declaring "<<cd.rem.toString()<<" DOWN for URL "<<cd.url<<", error: "<<ne.what()<<endl;
+        g_log<<Logger::Info<<"LUA record monitoring declaring "<<cd.rem.toString()<<" DOWN for URL "<<cd.url<<", error: "<<ne.what()<<endl;
       setDown(cd);
     }
   }
@@ -136,7 +136,7 @@ private:
       }
       s.connect(cd.rem, timeout);
       if (!status) {
-        g_log<<Logger::Warning<<"Lua record monitoring declaring TCP/IP "<<cd.rem.toStringWithPort()<<" ";
+        g_log<<Logger::Info<<"Lua record monitoring declaring TCP/IP "<<cd.rem.toStringWithPort()<<" ";
         if(cd.opts.count("source"))
           g_log<<"(source "<<src.toString()<<") ";
         g_log<<"UP!"<<endl;
@@ -145,7 +145,7 @@ private:
     }
     catch (const NetworkError& ne) {
       if(status || first) {
-        g_log<<Logger::Warning<<"Lua record monitoring declaring TCP/IP "<<cd.rem.toStringWithPort()<<" DOWN: "<<ne.what()<<endl;
+        g_log<<Logger::Info<<"Lua record monitoring declaring TCP/IP "<<cd.rem.toStringWithPort()<<" DOWN: "<<ne.what()<<endl;
       }
       setDown(cd);
     }
@@ -194,6 +194,7 @@ private:
 
   void setStatus(const CheckDesc& cd, bool status)
   {
+    ReadLock lock{&d_lock};
     auto& state = d_statuses[cd];
     state->status = status;
     if (state->first) {
@@ -239,6 +240,13 @@ bool IsUpOracle::isUp(const CheckDesc& cd)
       return iter->second->status;
     }
   }
+  // try to parse options so we don't insert any malformed content
+  if (cd.opts.count("source")) {
+    ComboAddress src(cd.opts.at("source"));
+  }
+  if (cd.opts.count("timeout")) {
+    int timeout = std::atoi(cd.opts.at("timeout").c_str());
+  }
   {
     WriteLock lock{&d_lock};
     // Make sure we don't insert new entry twice now we have the lock
@@ -955,7 +963,7 @@ std::vector<shared_ptr<DNSRecordContent>> luaSynth(const std::string& code, cons
         ret.push_back(DNSRecordContent::mastermake(qtype, QClass::IN, content_it ));
     }
   } catch(std::exception &e) {
-    g_log<<Logger::Error<<"Lua record reported: "<<e.what();
+    g_log << Logger::Info << "Lua record reported: " << e.what();
     try {
       std::rethrow_if_nested(e);
       g_log<<endl;