#!@PYTHON@ # Copyright (C) 2011 Internet Systems Consortium. # # Permission to use, copy, modify, and distribute this software for any # purpose with or without fee is hereby granted, provided that the above # copyright notice and this permission notice appear in all copies. # # THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SYSTEMS CONSORTIUM # DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL # INTERNET SYSTEMS CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, # INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING # FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, # NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION # WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. import sys; sys.path.append ('@@PYTHONPATH@@') import isc import bind10_config from isc.dns import * import isc.ddns.session from isc.ddns.zone_config import ZoneConfig from isc.config.ccsession import * from isc.cc import SessionError, SessionTimeout import isc.util.process import isc.util.cio.socketsession import isc.server_common.tsig_keyring from isc.datasrc import DataSourceClient import select import errno from isc.log_messages.ddns_messages import * from optparse import OptionParser, OptionValueError import os import os.path import signal import socket isc.log.init("b10-ddns") logger = isc.log.Logger("ddns") TRACE_BASIC = logger.DBGLVL_TRACE_BASIC # Well known path settings. We need to define # SPECFILE_LOCATION: ddns configuration spec file # SOCKET_FILE: Unix domain socket file to communicate with b10-auth # AUTH_SPECFILE_LOCATION: b10-auth configuration spec file (tentatively # necessarily for sqlite3-only-and-older-datasrc-API stuff). This should be # gone once we migrate to the new API and start using generalized config. # # If B10_FROM_SOURCE is set in the environment, we use data files # from a directory relative to that, otherwise we use the ones # installed on the system if "B10_FROM_SOURCE" in os.environ: SPECFILE_PATH = os.environ["B10_FROM_SOURCE"] + "/src/bin/ddns" else: PREFIX = "@prefix@" DATAROOTDIR = "@datarootdir@" SPECFILE_PATH = "@datadir@/@PACKAGE@".replace("${datarootdir}", DATAROOTDIR) SPECFILE_PATH = SPECFILE_PATH.replace("${prefix}", PREFIX) if "B10_FROM_BUILD" in os.environ: AUTH_SPECFILE_PATH = os.environ["B10_FROM_BUILD"] + "/src/bin/auth" if "B10_FROM_SOURCE_LOCALSTATEDIR" in os.environ: SOCKET_FILE_PATH = os.environ["B10_FROM_SOURCE_LOCALSTATEDIR"] else: SOCKET_FILE_PATH = os.environ["B10_FROM_BUILD"] else: SOCKET_FILE_PATH = bind10_config.DATA_PATH AUTH_SPECFILE_PATH = SPECFILE_PATH SPECFILE_LOCATION = SPECFILE_PATH + "/ddns.spec" SOCKET_FILE = SOCKET_FILE_PATH + '/ddns_socket' AUTH_SPECFILE_LOCATION = AUTH_SPECFILE_PATH + '/auth.spec' isc.util.process.rename() class DDNSConfigError(Exception): '''An exception indicating an error in updating ddns configuration. This exception is raised when the ddns process encounters an error in handling configuration updates. Not all syntax error can be caught at the module-CC layer, so ddns needs to (explicitly or implicitly) validate the given configuration data itself. When it finds an error it raises this exception (either directly or by converting an exception from other modules) as a unified error in configuration. ''' pass class DDNSSessionError(Exception): '''An exception raised for some unexpected events during a ddns session. ''' pass class DDNSSession: '''Class to handle one DDNS update''' def __init__(self): '''Initialize a DDNS Session''' pass def clear_socket(): ''' Removes the socket file, if it exists. ''' if os.path.exists(SOCKET_FILE): os.remove(SOCKET_FILE) def get_datasrc_client(cc_session): '''Return data source client for update requests. This is supposed to have a very short lifetime and should soon be replaced with generic data source configuration framework. Based on that observation we simply hardcode everything except the SQLite3 database file, which will be retrieved from the auth server configuration (this behavior will also be deprecated). When something goes wrong with it this function still returns a dummy client so that the caller doesn't have to bother to handle the error (which would also have to be replaced anyway). The caller will subsequently call its find_zone method via an update session object, which will result in an exception, and then result in a SERVFAIL response. Once we are ready for introducing the general framework, the whole function will simply be removed. ''' try: HARDCODED_DATASRC_CLASS = RRClass.IN() file, is_default = cc_session.get_remote_config_value("Auth", "database_file") # See xfrout.py:get_db_file() for this trick: if is_default and "B10_FROM_BUILD" in os.environ: file = os.environ["B10_FROM_BUILD"] + "/bind10_zones.sqlite3" datasrc_config = '{ "database_file": "' + file + '"}' return HARDCODED_DATASRC_CLASS, DataSourceClient('sqlite3', datasrc_config) except isc.datasrc.Error as ex: class DummyDataSourceClient: def __init__(self, ex): self.__ex = ex def find_zone(self, zone_name): raise isc.datasrc.Error(self.__ex) return HARDCODED_DATASRC_CLASS, DummyDataSourceClient(ex) class DDNSServer: def __init__(self, cc_session=None): ''' Initialize the DDNS Server. This sets up a ModuleCCSession for the BIND 10 system. Parameters: cc_session: If None (default), a new ModuleCCSession will be set up. If specified, the given session will be used. This is mainly used for testing. ''' if cc_session is not None: self._cc = cc_session else: self._cc = isc.config.ModuleCCSession(SPECFILE_LOCATION, self.config_handler, self.command_handler) self._config_data = self._cc.get_full_config() self._cc.start() self._cc.add_remote_config(AUTH_SPECFILE_LOCATION) isc.server_common.tsig_keyring.init_keyring(self._cc) self._shutdown = False # List of the session receivers where we get the requests self._socksession_receivers = {} clear_socket() self._listen_socket = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM) self._listen_socket.bind(SOCKET_FILE) self._listen_socket.listen(16) # Create reusable resources self.__request_msg = Message(Message.PARSE) self.__response_renderer = MessageRenderer() # The following attribute(s) are essentially private and constant, # but defined as "protected" so that test code can customize them. # They should not be overridden for any other purposes. # # DDNS Protocol handling class. self._UpdateSessionClass = isc.ddns.session.UpdateSession class SessionError(Exception): '''Exception for internal errors in an update session. This exception is expected to be caught within the server class, only used for controling the code flow. ''' pass def config_handler(self, new_config): '''Update config data.''' # TODO: Handle exceptions and turn them to an error response # (once we have any configuration) answer = create_answer(0) return answer def command_handler(self, cmd, args): ''' Handle a CC session command, as sent from bindctl or other BIND 10 modules. ''' # TODO: Handle exceptions and turn them to an error response if cmd == "shutdown": logger.info(DDNS_RECEIVED_SHUTDOWN_COMMAND) self.trigger_shutdown() answer = create_answer(0) else: answer = create_answer(1, "Unknown command: " + str(cmd)) return answer def trigger_shutdown(self): '''Initiate a shutdown sequence. This method is expected to be called in various ways including in the middle of a signal handler, and is designed to be as simple as possible to minimize side effects. Actual shutdown will take place in a normal control flow. ''' logger.info(DDNS_SHUTDOWN) self._shutdown = True def shutdown_cleanup(self): ''' Perform any cleanup that is necessary when shutting down the server. Do NOT call this to initialize shutdown, use trigger_shutdown(). Currently, it only causes the ModuleCCSession to send a message that this module is stopping. ''' self._cc.send_stopping() def accept(self): """ Accept another connection and create the session receiver. """ try: sock = self._listen_socket.accept() fileno = sock.fileno() logger.debug(TRACE_BASIC, DDNS_NEW_CONN, fileno, sock.getpeername()) receiver = isc.util.cio.socketsession.SocketSessionReceiver(sock) self._socksession_receivers[fileno] = (sock, receiver) except (socket.error, isc.util.cio.socketsession.SocketSessionError) \ as e: # These exceptions mean the connection didn't work, but we can # continue with the rest logger.error(DDNS_ACCEPT_FAILURE, e) def __check_request_tsig(self, msg, req_data): '''TSIG checker for update requests. This is a helper method for handle_request() below. It examines the given update request message to see if it contains a TSIG RR, and verifies the signature if it does. It returs the TSIG context used for the verification, or None if the request doesn't contain a TSIG. If the verification fails it simply raises an exception as handle_request() assumes it should succeed. ''' tsig_record = msg.get_tsig_record() if tsig_record is None: return None tsig_ctx = TSIGContext(tsig_record.get_name(), tsig_record.get_rdata().get_algorithm(), isc.server_common.tsig_keyring.get_keyring()) tsig_error = tsig_ctx.verify(tsig_record, req_data) if tsig_error != TSIGError.NOERROR: raise SessionError("Failed to verify request's TSIG: " + str(tsig_error)) return tsig_ctx def handle_request(self, req_session): """ This is the place where the actual DDNS processing is done. Other methods are either subroutines of this method or methods doing the uninteresting "accounting" stuff, like accepting socket, initialization, etc. It is called with the request being session as received from SocketSessionReceiver, i.e. tuple (socket, local_address, remote_address, data). """ # give tuple elements intuitive names (sock, local_addr, remote_addr, req_data) = req_session # The session sender (b10-auth) should have made sure that this is # a validly formed DNS message of OPCODE being UPDATE, and if it's # TSIG signed, its key is known to the system and the signature is # valid. Messages that don't meet these should have been resopnded # or dropped by the sender, so if such error is detected we treat it # as an internal error and don't bother to respond. try: self.__request_msg.clear(Message.PARSE) self.__request_msg.from_wire(req_data) if self.__request_msg.get_opcode() != Opcode.UPDATE(): raise SessionError('Update request has unexpected opcode: ' + str(self.__request_msg.get_opcode())) tsig_ctx = self.__check_request_tsig(self.__request_msg, req_data) except Exception as ex: logger.error(DDNS_REQUEST_PARSE_FAIL, ex) return False # TODO: Don't propagate most of the exceptions (like datasrc errors), # just drop the packet. # Let an update session object handle the request. Note: things around # ZoneConfig will soon be substantially revised. For now we don't # bother to generalize it. datasrc_class, datasrc_client = get_datasrc_client(self._cc) zone_cfg = ZoneConfig([], datasrc_class, datasrc_client, {}) update_session = self._UpdateSessionClass(self.__request_msg, remote_addr, zone_cfg) result, zname, zclass = update_session.handle() # If the request should be dropped, we're done; otherwise, send the # response generated by the session object. if result == isc.ddns.session.UPDATE_DROP: return False msg = update_session.get_message() self.__response_renderer.clear() if tsig_ctx is not None: msg.to_wire(self.__response_renderer, tsig_ctx) else: msg.to_wire(self.__response_renderer) sock.sendto(self.__response_renderer.get_data(), remote_addr) return True def handle_session(self, fileno): """ Handle incoming session on the socket with given fileno. """ logger.debug(TRACE_BASIC, DDNS_SESSION, fileno) (socket, receiver) = self._socksession_receivers[fileno] try: self.handle_request(receiver.pop()) except isc.util.cio.socketsession.SocketSessionError as se: # No matter why this failed, the connection is in unknown, possibly # broken state. So, we close the socket and remove the receiver. del self._socksession_receivers[fileno] socket.close() logger.warn(DDNS_DROP_CONN, fileno, se) def run(self): ''' Get and process all commands sent from cfgmgr or other modules. This loops waiting for events until self.shutdown() has been called. ''' logger.info(DDNS_RUNNING) cc_fileno = self._cc.get_socket().fileno() listen_fileno = self._listen_socket.fileno() while not self._shutdown: # In this event loop, we propagate most of exceptions, which will # subsequently kill the process. We expect the handling functions # to catch their own exceptions which they can recover from # (malformed packets, lost connections, etc). The rationale behind # this is they know best which exceptions are recoverable there # and an exception may be recoverable somewhere, but not elsewhere. try: (reads, writes, exceptions) = \ select.select([cc_fileno, listen_fileno] + list(self._socksession_receivers.keys()), [], []) except select.error as se: # In case it is just interrupted, we continue like nothing # happened if se.args[0] == errno.EINTR: (reads, writes, exceptions) = ([], [], []) else: raise for fileno in reads: if fileno == cc_fileno: self._cc.check_command(True) elif fileno == listen_fileno: self.accept() else: self.handle_session(fileno) self.shutdown_cleanup() logger.info(DDNS_STOPPED) def create_signal_handler(ddns_server): ''' This creates a signal_handler for use in set_signal_handler, which shuts down the given DDNSServer (or any object that has a shutdown() method) ''' def signal_handler(signal, frame): ''' Handler for process signals. Since only signals to shut down are sent here, the actual signal is not checked and the server is simply shut down. ''' ddns_server.trigger_shutdown() return signal_handler def set_signal_handler(signal_handler): ''' Sets the signal handler(s). ''' signal.signal(signal.SIGTERM, signal_handler) signal.signal(signal.SIGINT, signal_handler) def set_cmd_options(parser): ''' Helper function to set command-line options ''' parser.add_option("-v", "--verbose", dest="verbose", action="store_true", help="display more about what is going on") def main(ddns_server=None): ''' The main function. Parameters: ddns_server: If None (default), a DDNSServer object is initialized. If specified, the given DDNSServer will be used. This is mainly used for testing. cc_session: If None (default), a new ModuleCCSession will be set up. If specified, the given session will be used. This is mainly used for testing. ''' try: parser = OptionParser() set_cmd_options(parser) (options, args) = parser.parse_args() if options.verbose: print("[b10-ddns] Warning: -v verbose option is ignored at this point.") if ddns_server is None: ddns_server = DDNSServer() set_signal_handler(create_signal_handler(ddns_server)) ddns_server.run() except KeyboardInterrupt: logger.info(DDNS_STOPPED_BY_KEYBOARD) except SessionError as e: logger.error(DDNS_CC_SESSION_ERROR, str(e)) except ModuleCCSessionError as e: logger.error(DDNS_MODULECC_SESSION_ERROR, str(e)) except DDNSConfigError as e: logger.error(DDNS_CONFIG_ERROR, str(e)) except SessionTimeout as e: logger.error(DDNS_CC_SESSION_TIMEOUT_ERROR) except Exception as e: logger.error(DDNS_UNCAUGHT_EXCEPTION, type(e).__name__, str(e)) clear_socket() if '__main__' == __name__: main()