Commit ba63bb98 authored by Jan Kadlec's avatar Jan Kadlec

zone-events: Removed TSIG todos, moved serial checking.

parent 0f4930a5
......@@ -225,7 +225,7 @@ int axfr_query(knot_pkt_t *pkt, struct query_data *qdata)
return NS_PROC_DONE;
break;
default: /* Generic error. */
AXFROUT_LOG(LOG_ERR, "%s", knot_strerror(ret));
AXFROUT_LOG(LOG_ERR, "Failed: %s", knot_strerror(ret));
return NS_PROC_FAIL;
}
}
......@@ -329,12 +329,6 @@ static int process_axfr_packet(knot_pkt_t *pkt, struct xfr_proc *proc)
const knot_rrset_t *rr = &answer->rr[i];
if (rr->type == KNOT_RRTYPE_SOA &&
node_rrtype_exists(zc.z->apex, KNOT_RRTYPE_SOA)) {
// Last SOA, last message, check TSIG.
// int ret = xfrin_check_tsig(pkt, xfr, 1);
#warning TODO: TSIG API
// if (ret != KNOT_EOK) {
// return ret;
// }
return NS_PROC_DONE;
} else {
int ret = zcreator_step(&zc, rr);
......@@ -344,9 +338,6 @@ static int process_axfr_packet(knot_pkt_t *pkt, struct xfr_proc *proc)
}
}
// Check possible TSIG at the end of DNS message.
// return xfrin_check_tsig(pkt, xfr, knot_ns_tsig_required(xfr->packet_nr));
#warning TODO: TSIG API
return NS_PROC_MORE;
}
......@@ -356,6 +347,11 @@ int axfr_process_answer(knot_pkt_t *pkt, struct answer_data *data)
int ret = KNOT_EOK;
if (data->ext == NULL) {
NS_NEED_TSIG_SIGNED(&data->param->tsig_ctx, 0);
if (!zone_transfer_needed(data->param->zone, pkt)) {
AXFRIN_LOG(LOG_INFO, "Zone is up-to-date.");
return NS_PROC_DONE;
}
ret = axfr_answer_init(data);
if (ret != KNOT_EOK) {
return NS_PROC_FAIL;
......
......@@ -319,6 +319,7 @@ static int ixfrin_answer_init(struct answer_data *data)
}
proc->state = IXFR_START;
proc->zone = data->param->zone;
proc->mm = data->mm;
data->ext = proc;
data->ext_cleanup = &ixfrin_cleanup;
......@@ -515,19 +516,6 @@ static bool out_of_zone(const knot_rrset_t *rr, struct ixfr_proc *proc)
!knot_dname_is_equal(rr->owner, proc->zone->name);
}
/*! \brief Returns true if final SOA in transfer has newer serial than zone */
static bool transfer_needed(const zone_t *zone, const knot_pkt_t *pkt)
{
const knot_pktsection_t *answer = knot_pkt_section(pkt, KNOT_ANSWER);
const knot_rrset_t soa = answer->rr[0];
if (soa.type != KNOT_RRTYPE_SOA) {
return false;
}
return knot_serial_compare(zone_contents_serial(zone->contents),
knot_soa_serial(&soa.rrs)) < 0;
}
/*!
* \brief Processes IXFR reply packet and fills in the changesets structure.
*
......@@ -568,8 +556,6 @@ static int process_ixfrin_packet(knot_pkt_t *pkt, struct answer_data *adata)
}
}
#warning TODO TSIG
return NS_PROC_MORE;
}
......@@ -642,7 +628,7 @@ int ixfr_process_answer(knot_pkt_t *pkt, struct answer_data *adata)
{
if (adata->ext == NULL) {
NS_NEED_TSIG_SIGNED(&adata->param->tsig_ctx, 0);
if (!transfer_needed(adata->param->zone, pkt)) {
if (!zone_transfer_needed(adata->param->zone, pkt)) {
IXFRIN_LOG(LOG_INFO, "Server has newer zone.");
return NS_PROC_DONE;
}
......
......@@ -32,6 +32,7 @@
#include "libknot/dname.h"
#include "libknot/dnssec/random.h"
#include "libknot/util/utils.h"
#include "libknot/rdata/soa.h"
/*!
* \brief Set ACL list from configuration.
......@@ -354,3 +355,16 @@ struct request_data *zone_update_dequeue(zone_t *zone)
return ret;
}
bool zone_transfer_needed(const zone_t *zone, const knot_pkt_t *pkt)
{
const knot_pktsection_t *answer = knot_pkt_section(pkt, KNOT_ANSWER);
const knot_rrset_t soa = answer->rr[0];
if (soa.type != KNOT_RRTYPE_SOA) {
return false;
}
return knot_serial_compare(zone_contents_serial(zone->contents),
knot_soa_serial(&soa.rrs)) < 0;
}
......@@ -141,4 +141,8 @@ int zone_update_enqueue(zone_t *zone, knot_pkt_t *pkt, struct process_query_para
/*! \brief Dequeue UPDATE request. */
struct request_data *zone_update_dequeue(zone_t *zone);
/*! \brief Returns true if final SOA in transfer has newer serial than zone */
bool zone_transfer_needed(const zone_t *zone, const knot_pkt_t *pkt);
/*! @} */
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment