#endif /* defined(ENABLE_COOKIES) */
/* Load basic modules */
-#if defined(ENABLE_COOKIES)
- engine_register(engine, "cookiemonster", NULL, NULL);
-#endif /* defined(ENABLE_COOKIES) */
engine_register(engine, "iterate", NULL, NULL);
engine_register(engine, "validate", NULL, NULL);
engine_register(engine, "rrcache", NULL, NULL);
#pragma once
+#include <libknot/rrtype/opt.h>
#include <libknot/rrtype/opt-cookie.h>
#include <netinet/in.h>
#include <stdint.h>
ifeq ($(HAS_nettle),yes)
libkres_SOURCES += \
- lib/layer/cookiemonster.c \
lib/cookies/alg_containers.c \
lib/cookies/alg_sha.c \
lib/cookies/cache.c \
#include "lib/module.h"
/* List of embedded modules */
-#if defined(ENABLE_COOKIES)
-const knot_layer_api_t *cookiemonster_layer(struct kr_module *module);
-#endif /* defined(ENABLE_COOKIES) */
const knot_layer_api_t *iterate_layer(struct kr_module *module);
const knot_layer_api_t *validate_layer(struct kr_module *module);
const knot_layer_api_t *rrcache_layer(struct kr_module *module);
const knot_layer_api_t *pktcache_layer(struct kr_module *module);
static const struct kr_module embedded_modules[] = {
-#if defined(ENABLE_COOKIES)
- { "cookiemonster", NULL, NULL, NULL, cookiemonster_layer, NULL, NULL, NULL },
-#endif /* defined(ENABLE_COOKIES) */
{ "iterate", NULL, NULL, NULL, iterate_layer, NULL, NULL, NULL },
{ "validate", NULL, NULL, NULL, validate_layer, NULL, NULL, NULL },
{ "rrcache", NULL, NULL, NULL, rrcache_layer, NULL, NULL, NULL },
+++ /dev/null
-cookiectl_CFLAGS := -fvisibility=hidden -fPIC
-cookiectl_SOURCES := \
- modules/cookiectl/contrib/openbsd/strlcat.c \
- modules/cookiectl/contrib/openbsd/strlcpy.c \
- modules/cookiectl/contrib/print.c \
- modules/cookiectl/contrib/sockaddr.c \
- modules/cookiectl/print_pkt.c \
- modules/cookiectl/cookiectl.c
-cookiectl_DEPEND := $(libkres)
-cookiectl_LIBS := $(contrib_TARGET) $(libkres_TARGET) $(libkres_LIBS)
-$(call make_c_module,cookiectl)
#include <stdlib.h>
#include <string.h>
-#include "daemon/engine.h"
#include "lib/cookies/alg_containers.h"
-#include "lib/cookies/control.h"
-#include "lib/layer.h"
-
-#define DEBUG_MSG(qry, fmt...) QRDEBUG(qry, "cookiectl", fmt)
+#include "modules/cookies/cookiectl.h"
#define NAME_CLIENT_ENABLED "client_enabled"
#define NAME_CLIENT_SECRET "client_secret"
running->srvr.enabled = shallow->srvr.enabled;
}
-static bool apply_config(struct kr_cookie_ctx *ctx, const char *args)
+bool config_apply(struct kr_cookie_ctx *ctx, const char *args)
{
if (!ctx) {
return false;
return success;
}
-char *read_config(struct kr_cookie_ctx *ctx)
+char *config_read(struct kr_cookie_ctx *ctx)
{
if (!ctx) {
return NULL;
return result;
}
-/**
- * Get/set DNS cookie related stuff.
- *
- * Input: { name: value, ... }
- * Output: current configuration
- */
-static char *cookiectl_config(void *env, struct kr_module *module, const char *args)
+int config_init(struct kr_cookie_ctx *ctx)
{
- struct kr_cookie_ctx *cookie_ctx = module->data;
- assert(cookie_ctx);
-
- /* Apply configuration, if any. */
- apply_config(cookie_ctx, args);
-
- /* Return current configuration. */
- return read_config(cookie_ctx);
-}
-
-/*
- * Module implementation.
- */
-
-KR_EXPORT
-int cookiectl_init(struct kr_module *module)
-{
- struct engine *engine = module->data;
-
- struct kr_cookie_ctx *cookie_ctx = &engine->resolver.cookie_ctx;
+ if (!ctx) {
+ return kr_error(EINVAL);
+ }
- kr_cookie_ctx_init(cookie_ctx);
+ kr_cookie_ctx_init(ctx);
struct kr_cookie_secret *cs = new_cookie_secret(KNOT_OPT_COOKIE_CLNT,
true);
return kr_error(ENOKEY);
}
- cookie_ctx->clnt.current.secr = cs;
- cookie_ctx->clnt.current.alg_id = clookup->id;
-
- cookie_ctx->srvr.current.secr = ss;
- cookie_ctx->srvr.current.alg_id = slookup->id;
+ ctx->clnt.current.secr = cs;
+ ctx->clnt.current.alg_id = clookup->id;
- /* Replace engine pointer. */
- module->data = cookie_ctx;
+ ctx->srvr.current.secr = ss;
+ ctx->srvr.current.alg_id = slookup->id;
return kr_ok();
}
-KR_EXPORT
-int cookiectl_deinit(struct kr_module *module)
+void config_deinit(struct kr_cookie_ctx *ctx)
{
- struct engine *engine = module->data;
-
- struct kr_cookie_ctx *cookie_ctx = module->data;
-
- cookie_ctx->clnt.enabled = false;
-
- free(cookie_ctx->clnt.recent.secr);
- cookie_ctx->clnt.recent.secr = NULL;
+ if (!ctx) {
+ return;
+ }
- free(cookie_ctx->clnt.current.secr);
- cookie_ctx->clnt.current.secr = NULL;
+ ctx->clnt.enabled = false;
- cookie_ctx->srvr.enabled = false;
+ free(ctx->clnt.recent.secr);
+ ctx->clnt.recent.secr = NULL;
- free(cookie_ctx->srvr.recent.secr);
- cookie_ctx->srvr.recent.secr = NULL;
+ free(ctx->clnt.current.secr);
+ ctx->clnt.current.secr = NULL;
- free(cookie_ctx->srvr.current.secr);
- cookie_ctx->srvr.current.secr = NULL;
+ ctx->srvr.enabled = false;
- return kr_ok();
-}
+ free(ctx->srvr.recent.secr);
+ ctx->srvr.recent.secr = NULL;
-KR_EXPORT
-struct kr_prop *cookiectl_props(void)
-{
- static struct kr_prop prop_list[] = {
- { &cookiectl_config, "config", "Empty value to return current configuration.", },
- { NULL, NULL, NULL }
- };
- return prop_list;
+ free(ctx->srvr.current.secr);
+ ctx->srvr.current.secr = NULL;
}
-
-KR_MODULE_EXPORT(cookiectl);
--- /dev/null
+/* Copyright (C) 2016 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#pragma once
+
+#include "lib/cookies/control.h"
+
+/**
+ * @brief Sets cookie control context structure.
+ * @param ctx cookie control context
+ * @param args JSON string describing configuration changes
+ * @return true if changes successfully applied
+ */
+bool config_apply(struct kr_cookie_ctx *ctx, const char *args);
+
+/**
+ * @brief Reads cookie control context structure.
+ * @param ctx cookie control context
+ * @return JSON string or NULL on error
+ */
+char *config_read(struct kr_cookie_ctx *ctx);
+
+/**
+ * @brief Initialises cookie control context to default values.
+ * @param ctx cookie control context
+ * @return kr_ok() or error code
+ */
+int config_init(struct kr_cookie_ctx *ctx);
+
+/**
+ * @brief Clears the cookie control context.
+ * @param ctx cookie control context
+ */
+void config_deinit(struct kr_cookie_ctx *ctx);
#include <libknot/db/db_lmdb.h>
#include <libknot/error.h>
#include <libknot/mm_ctx.h>
-#include <libknot/packet/pkt.h>
#include <libknot/rrtype/opt-cookie.h> // branch dns-cookies-wip
#include <stdlib.h>
#include <string.h>
-#include "daemon/engine.h"
#include "lib/cookies/alg_containers.h"
#include "lib/cookies/cache.h"
#include "lib/cookies/control.h"
#include "lib/cookies/helper.h"
#include "lib/cookies/nonce.h"
-#include "lib/module.h"
-#include "lib/layer.h"
+#include "modules/cookies/cookiemonster.h"
-#define DEBUG_MSG(qry, fmt...) QRDEBUG(qry, "cookiemonster", fmt)
+#define DEBUG_MSG(qry, fmt...) QRDEBUG(qry, "cookies", fmt)
/* TODO -- The context must store sent cookies and server addresses in order
* to make the process more reliable. */
}
/** Process incoming response. */
-static int check_response(knot_layer_t *ctx, knot_pkt_t *pkt)
+int check_response(knot_layer_t *ctx, knot_pkt_t *pkt)
{
struct kr_request *req = ctx->data;
struct kr_query *qry = req->current_query;
return knot_edns_get_option(req->qsource.opt, KNOT_EDNS_OPTION_COOKIE);
}
-static int check_request(knot_layer_t *ctx, void *module_param)
+int check_request(knot_layer_t *ctx, void *module_param)
{
struct kr_request *req = ctx->data;
struct kr_cookie_settings *srvr_sett = &req->ctx->cookie_ctx.srvr;
}
return return_state;
}
-
-/** Module implementation. */
-
-KR_EXPORT
-const knot_layer_api_t *cookiemonster_layer(struct kr_module *module)
-{
- /* The function answer_finalize() in resolver is called before any
- * .finish callback. Therefore this layer does not use it. */
-
- static knot_layer_api_t _layer = {
- .begin = &check_request,
- .consume = &check_response
- };
- /* Store module reference */
- _layer.data = module;
- return &_layer;
-}
-
-KR_MODULE_EXPORT(cookiemonster)
--- /dev/null
+/* Copyright (C) 2016 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#pragma once
+
+#include <libknot/packet/pkt.h>
+
+#include "lib/layer.h"
+
+/**
+ * @brief Checks cookies of inbound requests.
+ * @param ctx layer context
+ * @param module_param module parameters
+ * @return layer state
+ */
+int check_request(knot_layer_t *ctx, void *module_param);
+
+/**
+ * @brief Checks cookies of received responses.
+ * @param ctx layer context
+ * @param pkt response packet
+ * @return layer state
+ */
+int check_response(knot_layer_t *ctx, knot_pkt_t *pkt);
--- /dev/null
+/* Copyright (C) 2016 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include <assert.h>
+
+#include "daemon/engine.h"
+#include "lib/layer.h"
+#include "modules/cookies/cookiectl.h"
+#include "modules/cookies/cookiemonster.h"
+
+/**
+ * Get/set DNS cookie related stuff.
+ *
+ * Input: { name: value, ... }
+ * Output: current configuration
+ */
+static char *cookies_config(void *env, struct kr_module *module,
+ const char *args)
+{
+ struct kr_cookie_ctx *cookie_ctx = module->data;
+ assert(cookie_ctx);
+
+ /* Apply configuration, if any. */
+ config_apply(cookie_ctx, args);
+
+ /* Return current configuration. */
+ return config_read(cookie_ctx);
+}
+
+/*
+ * Module implementation.
+ */
+
+KR_EXPORT
+int cookies_init(struct kr_module *module)
+{
+ struct engine *engine = module->data;
+
+ struct kr_cookie_ctx *cookie_ctx = &engine->resolver.cookie_ctx;
+
+ int ret = config_init(cookie_ctx);
+ if (ret != kr_ok()) {
+ return ret;
+ }
+
+ /* Replace engine pointer. */
+ module->data = cookie_ctx;
+
+ return kr_ok();
+}
+
+KR_EXPORT
+int cookies_deinit(struct kr_module *module)
+{
+ struct engine *engine = module->data;
+
+ struct kr_cookie_ctx *cookie_ctx = module->data;
+
+ config_deinit(cookie_ctx);
+
+ return kr_ok();
+}
+
+KR_EXPORT
+const knot_layer_api_t *cookies_layer(struct kr_module *module)
+{
+ /* The function answer_finalize() in resolver is called before any
+ * .finish callback. Therefore this layer does not use it. */
+
+ static knot_layer_api_t _layer = {
+ .begin = &check_request,
+ .consume = &check_response
+ };
+ /* Store module reference */
+ _layer.data = module;
+ return &_layer;
+}
+
+KR_EXPORT
+struct kr_prop *cookies_props(void)
+{
+ static struct kr_prop prop_list[] = {
+ { &cookies_config, "config", "Empty value to return current configuration.", },
+ { NULL, NULL, NULL }
+ };
+ return prop_list;
+}
+
+KR_MODULE_EXPORT(cookies);
--- /dev/null
+cookies_CFLAGS := -fvisibility=hidden -fPIC
+cookies_SOURCES := \
+ modules/cookies/cookiectl.c \
+ modules/cookies/cookiemonster.c \
+ modules/cookies/cookies.c
+cookies_DEPEND := $(libkres)
+cookies_LIBS := $(contrib_TARGET) $(libkres_TARGET) $(libkres_LIBS)
+$(call make_c_module,cookies)
# DNS cookies
ifeq ($(HAS_nettle),yes)
-modules_TARGETS += cookiectl
+modules_TARGETS += cookies
endif
# Memcached
projects / thirdparty / knot-resolver.git / commitdiff
