diff options
Diffstat (limited to 'external/unbound/daemon/remote.h')
| -rw-r--r-- | external/unbound/daemon/remote.h | 189 |
1 files changed, 189 insertions, 0 deletions
diff --git a/external/unbound/daemon/remote.h b/external/unbound/daemon/remote.h new file mode 100644 index 000000000..cc670b701 --- /dev/null +++ b/external/unbound/daemon/remote.h @@ -0,0 +1,189 @@ +/* + * daemon/remote.h - remote control for the unbound daemon. + * + * Copyright (c) 2008, NLnet Labs. All rights reserved. + * + * This software is open source. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * Neither the name of the NLNET LABS nor the names of its contributors may + * be used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED + * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/** + * \file + * + * This file contains the remote control functionality for the daemon. + * The remote control can be performed using either the commandline + * unbound-control tool, or a SSLv3/TLS capable web browser. + * The channel is secured using SSLv3 or TLSv1, and certificates. + * Both the server and the client(control tool) have their own keys. + */ + +#ifndef DAEMON_REMOTE_H +#define DAEMON_REMOTE_H +#ifdef HAVE_OPENSSL_SSL_H +#include "openssl/ssl.h" +#endif +struct config_file; +struct listen_list; +struct listen_port; +struct worker; +struct comm_reply; +struct comm_point; +struct daemon_remote; + +/** number of seconds timeout on incoming remote control handshake */ +#define REMOTE_CONTROL_TCP_TIMEOUT 120 + +/** + * a busy control command connection, SSL state + */ +struct rc_state { + /** the next item in list */ + struct rc_state* next; + /** the commpoint */ + struct comm_point* c; + /** in the handshake part */ + enum { rc_none, rc_hs_read, rc_hs_write } shake_state; +#ifdef HAVE_SSL + /** the ssl state */ + SSL* ssl; +#endif + /** the rc this is part of */ + struct daemon_remote* rc; +}; + +/** + * The remote control tool state. + * The state is only created for the first thread, other threads + * are called from this thread. Only the first threads listens to + * the control port. The other threads do not, but are called on the + * command channel(pipe) from the first thread. + */ +struct daemon_remote { + /** the worker for this remote control */ + struct worker* worker; + /** commpoints for accepting remote control connections */ + struct listen_list* accept_list; + /** number of active commpoints that are handling remote control */ + int active; + /** max active commpoints */ + int max_active; + /** current commpoints busy; should be a short list, malloced */ + struct rc_state* busy_list; +#ifdef HAVE_SSL + /** the SSL context for creating new SSL streams */ + SSL_CTX* ctx; +#endif +}; + +/** + * Create new remote control state for the daemon. + * @param cfg: config file with key file settings. + * @return new state, or NULL on failure. + */ +struct daemon_remote* daemon_remote_create(struct config_file* cfg); + +/** + * remote control state to delete. + * @param rc: state to delete. + */ +void daemon_remote_delete(struct daemon_remote* rc); + +/** + * remote control state to clear up. Busy and accept points are closed. + * Does not delete the rc itself, or the ssl context (with its keys). + * @param rc: state to clear. + */ +void daemon_remote_clear(struct daemon_remote* rc); + +/** + * Open and create listening ports for remote control. + * @param cfg: config options. + * @return list of ports or NULL on failure. + * can be freed with listening_ports_free(). + */ +struct listen_port* daemon_remote_open_ports(struct config_file* cfg); + +/** + * Setup comm points for accepting remote control connections. + * @param rc: state + * @param ports: already opened ports. + * @param worker: worker with communication base. and links to command channels. + * @return false on error. + */ +int daemon_remote_open_accept(struct daemon_remote* rc, + struct listen_port* ports, struct worker* worker); + +/** + * Stop accept handlers for TCP (until enabled again) + * @param rc: state + */ +void daemon_remote_stop_accept(struct daemon_remote* rc); + +/** + * Stop accept handlers for TCP (until enabled again) + * @param rc: state + */ +void daemon_remote_start_accept(struct daemon_remote* rc); + +/** + * Handle nonthreaded remote cmd execution. + * @param worker: this worker (the remote worker). + */ +void daemon_remote_exec(struct worker* worker); + +#ifdef HAVE_SSL +/** + * Print fixed line of text over ssl connection in blocking mode + * @param ssl: print to + * @param text: the text. + * @return false on connection failure. + */ +int ssl_print_text(SSL* ssl, const char* text); + +/** + * printf style printing to the ssl connection + * @param ssl: the SSL connection to print to. Blocking. + * @param format: printf style format string. + * @return success or false on a network failure. + */ +int ssl_printf(SSL* ssl, const char* format, ...) + ATTR_FORMAT(printf, 2, 3); + +/** + * Read until \n is encountered + * If SSL signals EOF, the string up to then is returned (without \n). + * @param ssl: the SSL connection to read from. blocking. + * @param buf: buffer to read to. + * @param max: size of buffer. + * @return false on connection failure. + */ +int ssl_read_line(SSL* ssl, char* buf, size_t max); +#endif /* HAVE_SSL */ + +#endif /* DAEMON_REMOTE_H */ |