kea/src/bin/ddns/ddns.py.in

#!@PYTHON@

# Copyright (C) 2011  Internet Systems Consortium.
#
# Permission to use, copy, modify, and distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SYSTEMS CONSORTIUM
# DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
# INTERNET SYSTEMS CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
# FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.


import sys; sys.path.append ('@@PYTHONPATH@@')
import isc
from isc.acl.dns import REQUEST_LOADER
import bind10_config
from isc.dns import *
import isc.ddns.session
from isc.ddns.zone_config import ZoneConfig
from isc.ddns.logger import ClientFormatter, ZoneFormatter
from isc.config.ccsession import *
from isc.config.module_spec import ModuleSpecError
from isc.cc import SessionError, SessionTimeout, ProtocolError
import isc.util.process
import isc.util.cio.socketsession
import isc.server_common.tsig_keyring
from isc.server_common.dns_tcp import DNSTCPContext
from isc.datasrc import DataSourceClient
from isc.server_common.auth_command import auth_loadzone_command
import select
import time
import errno

from isc.log_messages.ddns_messages import *

from optparse import OptionParser, OptionValueError
import os
import os.path
import signal
import socket

isc.log.init("b10-ddns", buffer=True)
logger = isc.log.Logger("ddns")
TRACE_BASIC = logger.DBGLVL_TRACE_BASIC

# Well known path settings.  We need to define
# SPECFILE_LOCATION: ddns configuration spec file
# SOCKET_FILE: Unix domain socket file to communicate with b10-auth
# AUTH_SPECFILE_LOCATION: b10-auth configuration spec file (tentatively
#  necessarily for sqlite3-only-and-older-datasrc-API stuff).  This should be
#  gone once we migrate to the new API and start using generalized config.
#
# If B10_FROM_SOURCE is set in the environment, we use data files
# from a directory relative to that, otherwise we use the ones
# installed on the system
if "B10_FROM_SOURCE" in os.environ:
    SPECFILE_PATH = os.environ["B10_FROM_SOURCE"] + "/src/bin/ddns"
else:
    PREFIX = "@prefix@"
    DATAROOTDIR = "@datarootdir@"
    SPECFILE_PATH = "@datadir@/@PACKAGE@".replace("${datarootdir}", DATAROOTDIR)
    SPECFILE_PATH = SPECFILE_PATH.replace("${prefix}", PREFIX)

if "B10_FROM_BUILD" in os.environ:
    if "B10_FROM_SOURCE_LOCALSTATEDIR" in os.environ:
        SOCKET_FILE_PATH = os.environ["B10_FROM_SOURCE_LOCALSTATEDIR"]
    else:
        SOCKET_FILE_PATH = os.environ["B10_FROM_BUILD"]
else:
    SOCKET_FILE_PATH = bind10_config.DATA_PATH

SPECFILE_LOCATION = SPECFILE_PATH + "/ddns.spec"
SOCKET_FILE = SOCKET_FILE_PATH + '/ddns_socket'

# Cooperating or dependency modules
AUTH_MODULE_NAME = 'Auth'
XFROUT_MODULE_NAME = 'Xfrout'
ZONEMGR_MODULE_NAME = 'Zonemgr'

isc.util.process.rename()

class DDNSConfigError(Exception):
    '''An exception indicating an error in updating ddns configuration.

    This exception is raised when the ddns process encounters an error in
    handling configuration updates.  Not all syntax error can be caught
    at the module-CC layer, so ddns needs to (explicitly or implicitly)
    validate the given configuration data itself.  When it finds an error
    it raises this exception (either directly or by converting an exception
    from other modules) as a unified error in configuration.
    '''
    pass

class DDNSSessionError(Exception):
    '''An exception raised for some unexpected events during a ddns session.
    '''
    pass

class DDNSSession:
    '''Class to handle one DDNS update'''

    def __init__(self):
        '''Initialize a DDNS Session'''
        pass

def clear_socket():
    '''
    Removes the socket file, if it exists.
    '''
    if os.path.exists(SOCKET_FILE):
        os.remove(SOCKET_FILE)

def get_datasrc_client(cc_session):
    '''Return data source client for update requests.

    This is supposed to have a very short lifetime and should soon be replaced
    with generic data source configuration framework.  Based on that
    observation we simply hardcode everything except the SQLite3 database file,
    which will be retrieved from the auth server configuration (this behavior
    will also be deprecated).  When something goes wrong with it this function
    still returns a dummy client so that the caller doesn't have to bother
    to handle the error (which would also have to be replaced anyway).
    The caller will subsequently call its find_zone method via an update
    session object, which will result in an exception, and then result in
    a SERVFAIL response.

    Once we are ready for introducing the general framework, the whole
    function will simply be removed.

    '''
    HARDCODED_DATASRC_CLASS = RRClass.IN()
    file, is_default = cc_session.get_remote_config_value("Auth",
                                                          "database_file")
    # See xfrout.py:get_db_file() for this trick:
    if is_default and "B10_FROM_BUILD" in os.environ:
        file = os.environ["B10_FROM_BUILD"] + "/bind10_zones.sqlite3"
    datasrc_config = '{ "database_file": "' + file + '"}'
    try:
        return (HARDCODED_DATASRC_CLASS,
                DataSourceClient('sqlite3', datasrc_config), file)
    except isc.datasrc.Error as ex:
        class DummyDataSourceClient:
            def __init__(self, ex):
                self.__ex = ex
            def find_zone(self, zone_name):
                raise isc.datasrc.Error(self.__ex)
        return (HARDCODED_DATASRC_CLASS, DummyDataSourceClient(ex), file)

def add_pause(sec):
    '''Pause a specified period for inter module synchronization.

    This is a trivial wrapper of time.sleep, but defined as a separate function
    so tests can customize it.
    '''
    time.sleep(sec)

class DDNSServer:
    # The number of TCP clients that can be handled by the server at the same
    # time (this should be configurable parameter).
    TCP_CLIENTS = 10

    def __init__(self, cc_session=None):
        '''
        Initialize the DDNS Server.
        This sets up a ModuleCCSession for the BIND 10 system.
        Parameters:
        cc_session: If None (default), a new ModuleCCSession will be set up.
                    If specified, the given session will be used. This is
                    mainly used for testing.
        '''
        if cc_session is not None:
            self._cc = cc_session
        else:
            self._cc = isc.config.ModuleCCSession(SPECFILE_LOCATION,
                                                  self.config_handler,
                                                  self.command_handler)

        # Initialize configuration with defaults.  Right now 'zones' is the
        # only configuration, so we simply directly set it here.
        self._config_data = self._cc.get_full_config()
        self._zone_config = self.__update_zone_config(
            self._cc.get_default_value('zones'))
        self._cc.start()

        # Internal attributes derived from other modules.  They will be
        # initialized via dd_remote_xxx below and will be kept updated
        # through their callbacks.  They are defined as 'protected' so tests
        # can examine them; but they are essentially private to the class.
        #
        # Datasource client used for handling update requests: when set,
        # should a tuple of RRClass and DataSourceClient.  Constructed and
        # maintained based on auth configuration.
        self._datasrc_info = None
        # A set of secondary zones, retrieved from zonemgr configuration.
        self._secondary_zones = None

        # Get necessary configurations from remote modules.
        for mod in [(AUTH_MODULE_NAME, self.__auth_config_handler),
                    (ZONEMGR_MODULE_NAME, self.__zonemgr_config_handler)]:
            self.__add_remote_module(mod[0], mod[1])
        # This should succeed as long as cfgmgr is up.
        isc.server_common.tsig_keyring.init_keyring(self._cc)

        self._shutdown = False
        # List of the session receivers where we get the requests
        self._socksession_receivers = {}
        clear_socket()
        self._listen_socket = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
        self._listen_socket.bind(SOCKET_FILE)
        self._listen_socket.listen(16)

        # Create reusable resources
        self.__request_msg = Message(Message.PARSE)
        self.__response_renderer = MessageRenderer()

        # The following attribute(s) are essentially private, but defined as
        # "protected" so that test code can customize/inspect them.
        # They should not be overridden/referenced for any other purposes.
        #
        # DDNS Protocol handling class.
        self._UpdateSessionClass = isc.ddns.session.UpdateSession
        # Outstanding TCP context: fileno=>(context_obj, dst)
        self._tcp_ctxs = {}

        # Notify Auth server that DDNS update messages can now be forwarded
        self.__notify_start_forwarder()

    class InternalError(Exception):
        '''Exception for internal errors in an update session.

        This exception is expected to be caught within the server class,
        only used for controling the code flow.

        '''
        pass

    def config_handler(self, new_config):
        '''Update config data.'''
        try:
            if 'zones' in new_config:
                self._zone_config = \
                    self.__update_zone_config(new_config['zones'])
            return create_answer(0)
        except Exception as ex:
            # We catch any exception here.  That includes any syntax error
            # against the configuration spec.  The config interface is too
            # complicated and it's not clear how much validation is performed
            # there, so, while assuming it's unlikely to happen, we act
            # proactively.
            logger.error(DDNS_CONFIG_HANDLER_ERROR, ex)
            return create_answer(1, "Failed to handle new configuration: " +
                                 str(ex))

    def __update_zone_config(self, new_zones_config):
        '''Handle zones configuration update.'''
        new_zones = {}
        for zone_config in new_zones_config:
            origin = Name(zone_config['origin'])
            rrclass = RRClass(zone_config['class'])
            update_acl = zone_config['update_acl']
            new_zones[(origin, rrclass)] = REQUEST_LOADER.load(update_acl)
        return new_zones

    def command_handler(self, cmd, args):
        '''
        Handle a CC session command, as sent from bindctl or other
        BIND 10 modules.
        '''
        # TODO: Handle exceptions and turn them to an error response
        if cmd == "shutdown":
            logger.info(DDNS_RECEIVED_SHUTDOWN_COMMAND)
            self.trigger_shutdown()
            answer = create_answer(0)
        elif cmd == "auth_started":
            self.__notify_start_forwarder()
            answer = None
        else:
            answer = create_answer(1, "Unknown command: " + str(cmd))
        return answer

    def __add_remote_module(self, mod_name, callback):
        '''Register interest in other module's config with a callback.'''

        # Due to startup timing, add_remote_config can fail.  We could make it
        # more sophisticated, but for now we simply retry a few times, each
        # separated by a short period (3 times and 1 sec, arbitrary chosen,
        # and hardcoded for now).  In practice this should be more than
        # sufficient, but if it turns out to be a bigger problem we can
        # consider more elegant solutions.
        for n_try in range(0, 3):
            try:
                # by_name() version can fail with ModuleSpecError in getting
                # the module spec because cfgmgr returns a "successful" answer
                # with empty data if it cannot find the specified module.
                # This seems to be a deviant behavior (see Trac #2039), but
                # we need to deal with it.
                self._cc.add_remote_config_by_name(mod_name, callback)
                return
            except (ModuleSpecError, ModuleCCSessionError) as ex:
                logger.warn(DDNS_GET_REMOTE_CONFIG_FAIL, mod_name, n_try + 1,
                            ex)
                last_ex = ex
                add_pause(1)
        raise last_ex

    def __auth_config_handler(self, new_config, module_config):
        logger.info(DDNS_RECEIVED_AUTH_UPDATE)

        # If we've got the config before and the new config doesn't update
        # the DB file, there's nothing we should do with it.
        # Note: there seems to be a bug either in bindctl or cfgmgr, and
        # new_config can contain 'database_file' even if it's not really
        # updated.  We still perform the check so we can avoid redundant
        # resetting when the bug is fixed.  The redundant reset itself is not
        # good, but such configuration update should not happen so often and
        # it should be acceptable in practice.
        if self._datasrc_info is not None and \
                not 'database_file' in new_config:
            return
        rrclass, client, db_file = get_datasrc_client(self._cc)
        self._datasrc_info = (rrclass, client)
        logger.info(DDNS_AUTH_DBFILE_UPDATE, db_file)

    def __zonemgr_config_handler(self, new_config, module_config):
        logger.info(DDNS_RECEIVED_ZONEMGR_UPDATE)

        # If we've got the config before and the new config doesn't update
        # the secondary zone list, there's nothing we should do with it.
        # (Same note as that for auth's config applies)
        if self._secondary_zones is not None and \
                not 'secondary_zones' in new_config:
            return

        # Get the latest secondary zones.  Use get_remote_config_value() so
        # it can work for both the initial default case and updates.
        sec_zones, _ = self._cc.get_remote_config_value(ZONEMGR_MODULE_NAME,
                                                        'secondary_zones')
        new_secondary_zones = set()
        try:
            # Parse the new config and build a new list of secondary zones.
            # Unfortunately, in the current implementation, even an observer
            # module needs to perform full validation.  This should be changed
            # so that only post-validation (done by the main module) config is
            # delivered to observer modules, but until it's supported we need
            # to protect ourselves.
            for zone_spec in sec_zones:
                zname = Name(zone_spec['name'])
                # class has the default value in case it's unspecified.
                # ideally this should be merged within the config module, but
                # the current implementation doesn't esnure that, so we need to
                # subsitute it ourselves.
                if 'class' in zone_spec:
                    zclass = RRClass(zone_spec['class'])
                else:
                    zclass = RRClass(module_config.get_default_value(
                            'secondary_zones/class'))
                new_secondary_zones.add((zname, zclass))
            self._secondary_zones = new_secondary_zones
            logger.info(DDNS_SECONDARY_ZONES_UPDATE, len(self._secondary_zones))
        except Exception as ex:
            logger.error(DDNS_SECONDARY_ZONES_UPDATE_FAIL, ex)

    def trigger_shutdown(self):
        '''Initiate a shutdown sequence.

        This method is expected to be called in various ways including
        in the middle of a signal handler, and is designed to be as simple
        as possible to minimize side effects.  Actual shutdown will take
        place in a normal control flow.

        '''
        logger.info(DDNS_SHUTDOWN)
        self._shutdown = True

    def shutdown_cleanup(self):
        '''
        Perform any cleanup that is necessary when shutting down the server.
        Do NOT call this to initialize shutdown, use trigger_shutdown().

        '''
        # tell Auth not to forward UPDATE messages anymore
        self.__notify_stop_forwarder()
        # tell the ModuleCCSession to send a message that this module is
        # stopping.
        self._cc.send_stopping()
        # make sure any open socket is explicitly closed, per Python
        # convention.
        self._listen_socket.close()

    def accept(self):
        """
        Accept another connection and create the session receiver.
        """
        try:
            (sock, remote_addr) = self._listen_socket.accept()
            fileno = sock.fileno()
            logger.debug(TRACE_BASIC, DDNS_NEW_CONN, fileno,
                         remote_addr if remote_addr else '<anonymous address>')
            receiver = isc.util.cio.socketsession.SocketSessionReceiver(sock)
            self._socksession_receivers[fileno] = (sock, receiver)
        except (socket.error, isc.util.cio.socketsession.SocketSessionError) \
            as e:
            # These exceptions mean the connection didn't work, but we can
            # continue with the rest
            logger.error(DDNS_ACCEPT_FAILURE, e)

    def __check_request_tsig(self, msg, req_data):
        '''TSIG checker for update requests.

        This is a helper method for handle_request() below.  It examines
        the given update request message to see if it contains a TSIG RR,
        and verifies the signature if it does.  It returs the TSIG context
        used for the verification, or None if the request doesn't contain
        a TSIG.  If the verification fails it simply raises an exception
        as handle_request() assumes it should succeed.

        '''
        tsig_record = msg.get_tsig_record()
        if tsig_record is None:
            return None
        tsig_ctx = TSIGContext(tsig_record.get_name(),
                               tsig_record.get_rdata().get_algorithm(),
                               isc.server_common.tsig_keyring.get_keyring())
        tsig_error = tsig_ctx.verify(tsig_record, req_data)
        if tsig_error != TSIGError.NOERROR:
            raise self.InternalError("Failed to verify request's TSIG: " +
                                     str(tsig_error))
        return tsig_ctx

    def handle_request(self, req_session):
        """
        This is the place where the actual DDNS processing is done. Other
        methods are either subroutines of this method or methods doing the
        uninteresting "accounting" stuff, like accepting socket,
        initialization, etc.

        It is called with the request being session as received from
        SocketSessionReceiver, i.e. tuple
        (socket, local_address, remote_address, data).

        In general, this method doesn't propagate exceptions outside the
        method.  Most of protocol or system errors will result in an error
        response to the update client or dropping the update request.
        The update session class should also ensure this.  Critical exceptions
        such as memory allocation failure will be propagated, however, and
        will subsequently terminate the server process.

        Return: True if a response to the request is successfully sent;
        False otherwise.  The return value wouldn't be useful for the server
        itself; it's provided mainly for testing purposes.

        """
        # give tuple elements intuitive names
        (sock, local_addr, remote_addr, req_data) = req_session

        # The session sender (b10-auth) should have made sure that this is
        # a validly formed DNS message of OPCODE being UPDATE, and if it's
        # TSIG signed, its key is known to the system and the signature is
        # valid.  Messages that don't meet these should have been resopnded
        # or dropped by the sender, so if such error is detected we treat it
        # as an internal error and don't bother to respond.
        try:
            self.__request_msg.clear(Message.PARSE)
            # specify PRESERVE_ORDER as we need to handle each RR separately.
            self.__request_msg.from_wire(req_data, Message.PRESERVE_ORDER)
            if self.__request_msg.get_opcode() != Opcode.UPDATE():
                raise self.InternalError('Update request has unexpected '
                                         'opcode: ' +
                                         str(self.__request_msg.get_opcode()))
            tsig_ctx = self.__check_request_tsig(self.__request_msg, req_data)
        except Exception as ex:
            logger.error(DDNS_REQUEST_PARSE_FAIL, ex)
            return False

        # Let an update session object handle the request.  Note: things around
        # ZoneConfig will soon be substantially revised.  For now we don't
        # bother to generalize it.
        zone_cfg = ZoneConfig(self._secondary_zones, self._datasrc_info[0],
                              self._datasrc_info[1], self._zone_config)
        update_session = self._UpdateSessionClass(self.__request_msg,
                                                  remote_addr, zone_cfg)
        result, zname, zclass = update_session.handle()

        # If the request should be dropped, we're done; otherwise, send the
        # response generated by the session object.
        if result == isc.ddns.session.UPDATE_DROP:
            return False
        msg = update_session.get_message()
        self.__response_renderer.clear()
        if tsig_ctx is not None:
            msg.to_wire(self.__response_renderer, tsig_ctx)
        else:
            msg.to_wire(self.__response_renderer)

        ret = self.__send_response(sock, self.__response_renderer.get_data(),
                                   remote_addr)
        if result == isc.ddns.session.UPDATE_SUCCESS:
            self.__notify_auth(zname, zclass)
            self.__notify_xfrout(zname, zclass)
        return ret

    def __send_response(self, sock, data, dest):
        '''Send DDNS response to the client.

        Right now, this is a straightforward subroutine of handle_request(),
        but is intended to be extended evetually so that it can handle more
        comlicated operations for TCP (which requires asynchronous write).
        Further, when we support multiple requests over a single TCP
        connection, this method may even be shared by multiple methods.

        Parameters:
        sock: (python socket) the socket to which the response should be sent.
        data: (binary) the response data
        dest: (python socket address) the destion address to which the response
          should be sent.

        Return: True if the send operation succeds; otherwise False.

        '''
        try:
            if sock.proto == socket.IPPROTO_UDP:
                sock.sendto(data, dest)
            else:
                tcp_ctx = DNSTCPContext(sock)
                send_result = tcp_ctx.send(data)
                if send_result == DNSTCPContext.SENDING:
                    self._tcp_ctxs[sock.fileno()] = (tcp_ctx, dest)
                elif send_result == DNSTCPContext.CLOSED:
                    raise socket.error("socket error in TCP send")
                else:
                    tcp_ctx.close()
        except socket.error as ex:
            logger.warn(DDNS_RESPONSE_SOCKET_ERROR, ClientFormatter(dest), ex)
            return False

        return True

    def __notify_start_forwarder(self):
        '''Notify auth that DDNS Update messages can now be forwarded'''
        try:
            seq = self._cc._session.group_sendmsg(create_command(
                    "start_ddns_forwarder"), AUTH_MODULE_NAME)
            answer, _ = self._cc._session.group_recvmsg(False, seq)
            rcode, error_msg = parse_answer(answer)
            if rcode != 0:
                logger.error(DDNS_START_FORWARDER_ERROR, error_msg)
        except (SessionTimeout, SessionError, ProtocolError) as ex:
            logger.error(DDNS_START_FORWARDER_FAIL, ex)

    def __notify_stop_forwarder(self):
        '''Notify auth that DDNS Update messages should no longer be forwarded.

        '''
        try:
            seq = self._cc._session.group_sendmsg(create_command(
                    "stop_ddns_forwarder"), AUTH_MODULE_NAME)
            answer, _ = self._cc._session.group_recvmsg(False, seq)
            rcode, error_msg = parse_answer(answer)
            if rcode != 0:
                logger.error(DDNS_STOP_FORWARDER_ERROR, error_msg)
        except (SessionTimeout, SessionError, ProtocolError) as ex:
            logger.error(DDNS_STOP_FORWARDER_FAIL, ex)

    def __notify_auth(self, zname, zclass):
        '''Notify auth of the update, if necessary.'''
        msg = auth_loadzone_command(self._cc, zname, zclass)
        if msg is not None:
            self.__notify_update(AUTH_MODULE_NAME, msg, zname, zclass)

    def __notify_xfrout(self, zname, zclass):
        '''Notify xfrout of the update.'''
        param = {'zone_name': zname.to_text(), 'zone_class': zclass.to_text()}
        msg = create_command('notify', param)
        self.__notify_update(XFROUT_MODULE_NAME, msg, zname, zclass)

    def __notify_update(self, modname, msg, zname, zclass):
        '''Notify other module of the update.

        Note that we use blocking communication here.  While the internal
        communication bus is generally expected to be pretty responsive and
        error free, notable delay can still occur, and in worse cases timeouts
        or connection reset can happen.  In these cases, even if the trouble
        is temporary, the update service will be suspended for a while.
        For a longer term we'll need to switch to asynchronous communication,
        but for now we rely on the blocking operation.

        Note also that we directly refer to the "protected" member of
        ccsession (_cc._session) rather than creating a separate channel.
        It's probably not the best practice, but hopefully we can introduce
        a cleaner way when we support asynchronous communication.
        At the moment we prefer the brevity with the use of internal channel
        of the cc session.

        '''
        try:
            seq = self._cc._session.group_sendmsg(msg, modname)
            answer, _ = self._cc._session.group_recvmsg(False, seq)
            rcode, error_msg = parse_answer(answer)
        except (SessionTimeout, SessionError, ProtocolError) as ex:
            rcode = 1
            error_msg = str(ex)
        if rcode == 0:
            logger.debug(TRACE_BASIC, DDNS_UPDATE_NOTIFY, modname,
                         ZoneFormatter(zname, zclass))
        else:
            logger.error(DDNS_UPDATE_NOTIFY_FAIL, modname,
                         ZoneFormatter(zname, zclass), error_msg)

    def handle_session(self, fileno):
        """Handle incoming session on the socket with given fileno.

        Return True if a response (whether positive or negative) has been
        sent; otherwise False.  The return value isn't expected to be used
        for other purposes than testing.

        """
        logger.debug(TRACE_BASIC, DDNS_SESSION, fileno)
        (session_socket, receiver) = self._socksession_receivers[fileno]
        try:
            req_session = receiver.pop()
            (sock, remote_addr) = (req_session[0], req_session[2])

            # If this is a TCP client, check the quota, and immediately reject
            # it if we cannot accept more.
            if sock.proto == socket.IPPROTO_TCP and \
                    len(self._tcp_ctxs) >= self.TCP_CLIENTS:
                logger.warn(DDNS_REQUEST_TCP_QUOTA,
                            ClientFormatter(remote_addr), len(self._tcp_ctxs))
                sock.close()
                return False
            return self.handle_request(req_session)
        except isc.util.cio.socketsession.SocketSessionError as se:
            # No matter why this failed, the connection is in unknown, possibly
            # broken state. So, we close the socket and remove the receiver.
            del self._socksession_receivers[fileno]
            session_socket.close()
            logger.warn(DDNS_DROP_CONN, fileno, se)
            return False

    def run(self):
        '''
        Get and process all commands sent from cfgmgr or other modules.
        This loops waiting for events until self.shutdown() has been called.
        '''
        logger.info(DDNS_STARTED)
        cc_fileno = self._cc.get_socket().fileno()
        listen_fileno = self._listen_socket.fileno()
        while not self._shutdown:
            # In this event loop, we propagate most of exceptions, which will
            # subsequently kill the process. We expect the handling functions
            # to catch their own exceptions which they can recover from
            # (malformed packets, lost connections, etc). The rationale behind
            # this is they know best which exceptions are recoverable there
            # and an exception may be recoverable somewhere, but not elsewhere.

            try:
                (reads, writes, exceptions) = \
                    select.select([cc_fileno, listen_fileno] +
                                  list(self._socksession_receivers.keys()),
                                  list(self._tcp_ctxs.keys()), [])
            except select.error as se:
                # In case it is just interrupted, we continue like nothing
                # happened
                if se.args[0] == errno.EINTR:
                    (reads, writes, exceptions) = ([], [], [])
                else:
                    raise
            for fileno in reads:
                if fileno == cc_fileno:
                    self._cc.check_command(True)
                elif fileno == listen_fileno:
                    self.accept()
                else:
                    self.handle_session(fileno)
            for fileno in writes:
                ctx = self._tcp_ctxs[fileno]
                result = ctx[0].send_ready()
                if result != DNSTCPContext.SENDING:
                    if result == DNSTCPContext.CLOSED:
                        logger.warn(DDNS_RESPONSE_TCP_SOCKET_ERROR,
                                    ClientFormatter(ctx[1]))
                    ctx[0].close()
                    del self._tcp_ctxs[fileno]
        self.shutdown_cleanup()
        logger.info(DDNS_STOPPED)

def create_signal_handler(ddns_server):
    '''
    This creates a signal_handler for use in set_signal_handler, which
    shuts down the given DDNSServer (or any object that has a shutdown()
    method)
    '''
    def signal_handler(signal, frame):
        '''
        Handler for process signals. Since only signals to shut down are sent
        here, the actual signal is not checked and the server is simply shut
        down.
        '''
        ddns_server.trigger_shutdown()
    return signal_handler

def set_signal_handler(signal_handler):
    '''
    Sets the signal handler(s).
    '''
    signal.signal(signal.SIGTERM, signal_handler)
    signal.signal(signal.SIGINT, signal_handler)

def set_cmd_options(parser):
    '''
    Helper function to set command-line options
    '''
    parser.add_option("-v", "--verbose", dest="verbose", action="store_true",
            help="display more about what is going on")

def main(ddns_server=None):
    '''
    The main function.
    Parameters:
    ddns_server: If None (default), a DDNSServer object is initialized.
                 If specified, the given DDNSServer will be used. This is
                 mainly used for testing.
    cc_session: If None (default), a new ModuleCCSession will be set up.
                If specified, the given session will be used. This is
                mainly used for testing.
    '''
    try:
        parser = OptionParser()
        set_cmd_options(parser)
        (options, args) = parser.parse_args()
        if options.verbose:
            print("[b10-ddns] Warning: -v verbose option is ignored at this point.")

        if ddns_server is None:
            ddns_server = DDNSServer()
        set_signal_handler(create_signal_handler(ddns_server))
        ddns_server.run()
    except KeyboardInterrupt:
        logger.info(DDNS_STOPPED_BY_KEYBOARD)
    except SessionError as e:
        logger.error(DDNS_CC_SESSION_ERROR, str(e))
    except (ModuleSpecError, ModuleCCSessionError) as e:
        logger.error(DDNS_MODULECC_SESSION_ERROR, str(e))
    except DDNSConfigError as e:
        logger.error(DDNS_CONFIG_ERROR, str(e))
    except SessionTimeout as e:
        logger.error(DDNS_CC_SESSION_TIMEOUT_ERROR)
    except Exception as e:
        logger.error(DDNS_UNCAUGHT_EXCEPTION, type(e).__name__, str(e))
    clear_socket()

if '__main__' == __name__:
    main()