- list_auth_zones unbound-control command.

git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4650 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-04-23 14:42:30 +00:00 · 2018-04-23 14:42:30 +00:00 · 34247dd0ce
commit 34247dd0ce
parent d17ed68567
6 changed files with 61 additions and 0 deletions
--- a/daemon/remote.c
+++ b/daemon/remote.c
@ -68,6 +68,7 @@
 #include "services/cache/infra.h"
 #include "services/mesh.h"
 #include "services/localzone.h"
+#include "services/authzone.h"
 #include "util/storage/slabhash.h"
 #include "util/fptr_wlist.h"
 #include "util/data/dname.h"
@ -2543,6 +2544,36 @@ do_list_stubs(SSL* ssl, struct worker* worker)
 	}
 }

+/** do the list_auth_zones command */
+static void
+do_list_auth_zones(SSL* ssl, struct auth_zones* az)
+{
+	struct auth_zone* z;
+	char buf[257], buf2[256];
+	lock_rw_rdlock(&az->lock);
+	RBTREE_FOR(z, struct auth_zone*, &az->ztree) {
+		lock_rw_rdlock(&z->lock);
+		dname_str(z->name, buf);
+		if(z->zone_expired)
+			snprintf(buf2, sizeof(buf2), "expired");
+		else {
+			uint32_t serial = 0;
+			if(auth_zone_get_serial(z, &serial))
+				snprintf(buf2, sizeof(buf2), "serial %u",
+					(unsigned)serial);
+			else	snprintf(buf2, sizeof(buf2), "no serial");
+		}
+		if(!ssl_printf(ssl, "%s\t%s\n", buf, buf2)) {
+			/* failure to print */
+			lock_rw_unlock(&z->lock);
+			lock_rw_unlock(&az->lock);
+			return;
+		}
+		lock_rw_unlock(&z->lock);
+	}
+	lock_rw_unlock(&az->lock);
+}
+
 /** do the list_local_zones command */
 static void
 do_list_local_zones(SSL* ssl, struct local_zones* zones)
@ -2803,6 +2834,9 @@ execute_cmd(struct daemon_remote* rc, SSL* ssl, char* cmd,
 	} else if(cmdcmp(p, "ip_ratelimit_list", 17)) {
 		do_ip_ratelimit_list(ssl, worker, p+17);
 		return;
+	} else if(cmdcmp(p, "list_auth_zones", 15)) {
+		do_list_auth_zones(ssl, worker->env.auth_zones);
+		return;
 	} else if(cmdcmp(p, "stub_add", 8)) {
 		/* must always distribute this cmd */
 		if(rc) distribute_cmd(rc, ssl, cmd);
--- a/doc/Changelog
+++ b/doc/Changelog
@ -8,6 +8,7 @@
 	- Attempt for auth zone fix; add of callback in mesh gets from
 	  callback does not skip callback of result.
 	- Fix cname classification with qname minimisation enabled.
+	- list_auth_zones unbound-control command.

 20 April 2018: Wouter
 	- man page documentation for dns-over-tls forward-addr '#' notation.
--- a/doc/unbound-control.8.in
+++ b/doc/unbound-control.8.in
@ -289,6 +289,10 @@ estimated qps and qps limit from config.  With +a it prints all ips, not
 just the ratelimited ips, with their estimated qps.  The ratelimited
 ips are dropped before checking the cache.
 .TP
+.B list_auth_zones
+List the auth zones that are configured.  Printed one per line with a
+status, indicating if the zone is expired and current serial number.
+.TP
 .B view_list_local_zones \fIview\fR
 \fIlist_local_zones\fR for given view.
 .TP
--- a/services/authzone.c
+++ b/services/authzone.c
@ -1724,6 +1724,24 @@ auth_zones_read_zones(struct auth_zones* az)
 	return 1;
 }

+/** find serial number of zone or false if none */
+int
+auth_zone_get_serial(struct auth_zone* z, uint32_t* serial)
+{
+	struct auth_data* apex;
+	struct auth_rrset* soa;
+	struct packed_rrset_data* d;
+	apex = az_find_name(z, z->name, z->namelen);
+	if(!apex) return 0;
+	soa = az_domain_rrset(apex, LDNS_RR_TYPE_SOA);
+	if(!soa || soa->data->count==0)
+		return 0; /* no RRset or no RRs in rrset */
+	if(soa->data->rr_len[0] < 2+4*5) return 0; /* SOA too short */
+	d = soa->data;
+	*serial = sldns_read_uint32(d->rr_data[0]+(d->rr_len[0]-20));
+	return 1;
+}
+
 /** Find auth_zone SOA and populate the values in xfr(soa values). */
 static int
 xfr_find_soa(struct auth_zone* z, struct auth_xfer* xfr)
--- a/services/authzone.h
+++ b/services/authzone.h
@ -591,6 +591,9 @@ int auth_zone_parse_notify_serial(struct sldns_buffer* pkt, uint32_t *serial);
 /** read auth zone from zonefile. caller must lock zone. false on failure */
 int auth_zone_read_zonefile(struct auth_zone* z);

+/** find serial number of zone or false if none (no SOA record) */
+int auth_zone_get_serial(struct auth_zone* z, uint32_t* serial);
+
 /** compare auth_zones for sorted rbtree */
 int auth_zone_cmp(const void* z1, const void* z2);

--- a/smallapp/unbound-control.c
+++ b/smallapp/unbound-control.c
@ -142,6 +142,7 @@ usage(void)
 	printf("  ratelimit_list [+a]		list ratelimited domains\n");
 	printf("  ip_ratelimit_list [+a]	list ratelimited ip addresses\n");
 	printf("		+a		list all, also not ratelimited\n");
+	printf("  list_auth_zones		list auth zones\n");
 	printf("  view_list_local_zones	view	list local-zones in view\n");
 	printf("  view_list_local_data	view	list local-data RRs in view\n");
 	printf("  view_local_zone view name type  	add local-zone in view\n");