named_config.cc

Go to the documentation of this file.

/*
 * Copyright (c) 2013 Juniper Networks, Inc. All rights reserved.
 */

#include <cstdio>
#include <iomanip>
#include <assert.h>
#include <errno.h>
#include <sys/types.h>
#include <dirent.h>
#include "base/logging.h"
#include <base/contrail_ports.h>
#include <bind/bind_util.h>
#include <cfg/dns_config.h>
#include <mgr/dns_oper.h>
#include "named_config.h"
#include <cmn/dns.h>

using namespace std;

NamedConfig *NamedConfig::singleton_;
const string NamedConfig::NamedZoneFileSuffix = "zone";
const string NamedConfig::NamedZoneNSPrefix = "contrail-ns";
const string NamedConfig::NamedZoneMXPrefix = "contrail-mx";
const char NamedConfig::pid_file_name[] = "contrail-named.pid";
const char NamedConfig::sessionkey_file_name[] = "session.key";

void NamedConfig::Init(const std::string& named_config_dir,
                       const std::string& named_config_file,
                       const std::string& named_log_file,
                       const std::string& rndc_config_file,
                       const std::string& rndc_secret,
                       const std::string& named_max_cache_size) {
    assert(singleton_ == NULL);
    singleton_ = new NamedConfig(named_config_dir, named_config_file,
                                 named_log_file, rndc_config_file, rndc_secret,
                                 named_max_cache_size);
    singleton_->Reset();
}

void NamedConfig::Shutdown() {
    assert(singleton_);
    delete singleton_;
}

// Reset bind config
void NamedConfig::Reset() {
    reset_flag_ = true;
    CreateRndcConf();
    UpdateNamedConf();
    DIR *dir = opendir(named_config_dir_.c_str());
    if (dir) {
        struct dirent *file;
        while ((file = readdir(dir)) != NULL) {
            std::string str(named_config_dir_);
            str.append(file->d_name);
            if (str.find(".zone") != std::string::npos) {
                remove(str.c_str());
            }
        }
        closedir(dir);
    }
    reset_flag_ = false;
}

void NamedConfig::AddView(const VirtualDnsConfig *vdns) {
    UpdateNamedConf(vdns);
}

void NamedConfig::ChangeView(const VirtualDnsConfig *vdns) {
    UpdateNamedConf(vdns);
    std::string old_domain = vdns->GetOldDomainName();
    if (vdns->GetDomainName() != old_domain) {
        ZoneList zones;
        zones.push_back(old_domain);
        RemoveZoneFiles(vdns, zones);
    }
}

void NamedConfig::DelView(const VirtualDnsConfig *vdns) {
    UpdateNamedConf(vdns);
}

void NamedConfig::AddAllViews() {
    all_zone_files_ = true;
    UpdateNamedConf();
    all_zone_files_ = false;
}

void NamedConfig::AddZone(const Subnet &subnet, const VirtualDnsConfig *vdns) {
    ZoneList zones;
    subnet.GetReverseZones(zones);
    // Ignore zone files which already exist
    for (unsigned int i = 0; i < zones.size();) {
        std::ifstream file(zones[i].c_str());
        if (file.is_open()) {
            if (file.good()) {
                zones.erase(zones.begin() + i);
                file.close();
                continue;
            }
            file.close();
        }
        i++;
    }
    AddZoneFiles(zones, vdns);
    UpdateNamedConf();
}

void NamedConfig::DelZone(const Subnet &subnet, const VirtualDnsConfig *vdns) {
    UpdateNamedConf();
    ZoneList vdns_zones, snet_zones;
    MakeZoneList(vdns, vdns_zones);
    subnet.GetReverseZones(snet_zones);
    // Ignore zones which are still in use
    for (unsigned int i = 0; i < snet_zones.size();) {
        unsigned int j;
        for (j = 0; j < vdns_zones.size(); j++) {
            if (snet_zones[i] == vdns_zones[j]) {
                snet_zones.erase(snet_zones.begin() + i);
                break;
            }
        }
        if (j == vdns_zones.size())
            i++;
    }
    RemoveZoneFiles(vdns, snet_zones);
}

void NamedConfig::UpdateNamedConf(const VirtualDnsConfig *updated_vdns) {
    CreateNamedConf(updated_vdns);
    sync();

    ifstream pyscript("/etc/contrail/dns/applynamedconfig.py");
    if (!pyscript.good()) {
        std::stringstream str;
        str << "/usr/bin/contrail-rndc -c " << rndc_config_file_ << " -p ";
        str << ContrailPorts::DnsRndc();
        str << " reconfig";
        int res = system(str.str().c_str());
        if (res) {
            LOG(WARN, "/usr/bin/contrail-rndc command failed");
        }
    } else {
        std::stringstream str;
        // execute the helper script to apply named config
        str << "python3 /etc/contrail/dns/applynamedconfig.py";
        int res = system(str.str().c_str());
        if (res) {
            LOG(ERROR, "Applying named configuration failed");
        }
    }
}

void NamedConfig::CreateNamedConf(const VirtualDnsConfig *updated_vdns) {
     GetDefaultForwarders();
     file_.open(named_config_file_.c_str());

     WriteOptionsConfig();
     WriteRndcConfig();
     WriteLoggingConfig();
     WriteViewConfig(updated_vdns);

     file_.flush();
     file_.close();
}

void NamedConfig::CreateRndcConf() {
     file_.open(rndc_config_file_.c_str());

     file_ << "key \"rndc-key\" {" << endl;
     file_ << "    algorithm hmac-md5;" << endl;
     file_ << "    secret \"" << rndc_secret_ << "\";" << endl;
     file_ << "};" << endl << endl;

     file_ << "options {" << endl;
     file_ << "    default-key \"rndc-key\";" << endl;
     file_ << "    default-server 127.0.0.1;" << endl;
     file_ << "    default-port " << ContrailPorts::DnsRndc() << ";" << endl;
     file_ << "};" << endl << endl;

     file_.flush();
     file_.close();
}

void NamedConfig::WriteOptionsConfig() {
    file_ << "options {" << endl;
    file_ << "    directory \"" << named_config_dir_ << "\";" << endl;
    file_ << "    managed-keys-directory \"" << named_config_dir_ << "\";" << endl;
    file_ << "    empty-zones-enable no;" << endl;
    file_ << "    pid-file \"" << GetPidFilePath() << "\";" << endl;
    file_ << "    session-keyfile \"" << GetSessionKeyFilePath() << "\";" << endl;
    file_ << "    listen-on port " << Dns::GetDnsPort() << " { any; };" << endl;
    file_ << "    allow-query { any; };" << endl;
    file_ << "    allow-recursion { any; };" << endl;
    file_ << "    allow-query-cache { any; };" << endl;
    if (!named_max_cache_size_.empty())
        file_ << "    max-cache-size " << named_max_cache_size_ << ";" << endl;
    file_ << "};" << endl << endl;
}

void NamedConfig::WriteRndcConfig() {
    file_ << "key \"rndc-key\" {" << endl;
    file_ << "    algorithm hmac-md5;" << endl;
    file_ << "    secret \"" << rndc_secret_ << "\";" << endl;
    file_ << "};" << endl << endl;


    file_ << "controls {" << endl;
    file_ << "    inet 127.0.0.1 port "<< ContrailPorts::DnsRndc() << endl;
    file_ << "    allow { 127.0.0.1; }  keys { \"rndc-key\"; };" << endl;
    file_ << "};" << endl << endl;
}

void NamedConfig::WriteLoggingConfig() {
    file_ << "logging {" << endl;
    file_ << "    channel debug_log {" << endl;
    file_ << "        file \"" << named_log_file_ << "\" versions 3 size 5m;" << endl;
    file_ << "        severity debug;" << endl;
    file_ << "        print-time yes;" << endl;
    file_ << "        print-severity yes;" << endl;
    file_ << "        print-category yes;" << endl;
    file_ << "    };" << endl;
    file_ << "    category default {" << endl;
    file_ << "        debug_log;" << endl;
    file_ << "    };" << endl;
    file_ << "    category queries {" << endl;
    file_ << "        debug_log;" << endl;
    file_ << "    };" << endl;
    file_ << "};" << endl << endl;
}

void NamedConfig::WriteViewConfig(const VirtualDnsConfig *updated_vdns) {
    ZoneViewMap zone_view_map;
    if (reset_flag_) {
        WriteDefaultView(zone_view_map);
        return;
    }

    VirtualDnsConfig::DataMap vdns = VirtualDnsConfig::GetVirtualDnsMap();
    for (VirtualDnsConfig::DataMap::iterator it = vdns.begin(); it != vdns.end(); ++it) {
        VirtualDnsConfig *curr_vdns = it->second;
        ZoneList zones;
        MakeZoneList(curr_vdns, zones);

        if (curr_vdns->IsDeleted() || !curr_vdns->IsNotified()) {
            RemoveZoneFiles(curr_vdns, zones);
            continue;
        }

        std::string view_name = curr_vdns->GetViewName();
        file_ << "view \"" << view_name << "\" {" << endl;

        std::string order = curr_vdns->GetRecordOrder();
        if (!order.empty()) {
            if (order == "round-robin")
                order = "cyclic";
            file_ << "    rrset-order {order " << order << ";};" << endl;
        }

        std::string next_dns = curr_vdns->GetNextDns();
        if (!next_dns.empty()) {
            boost::system::error_code ec;
            boost::asio::ip::address_v4
                next_addr(boost::asio::ip::address_v4::from_string(next_dns, ec));
            if (!ec.value()) {
                file_ << "    forwarders {" << next_addr.to_string() << ";};" << endl;
            } else {
                file_ << "    virtual-forwarder \"" << next_dns << "\";" << endl;
            }
        } else if (!default_forwarders_.empty()) {
            file_ << "    forwarders {" << default_forwarders_ << "};" << endl;
        }

        bool reverse_resolution = curr_vdns->IsReverseResolutionEnabled();
        for (unsigned int i = 0; i < zones.size(); i++) {
            WriteZone(view_name, zones[i], true, reverse_resolution, next_dns);
            // update the zone view map, to be used to generate default view
            if (curr_vdns->IsExternalVisible())
                zone_view_map.insert(ZoneViewPair(zones[i], view_name));

        }

        file_ << "};" << endl << endl;

        if (curr_vdns == updated_vdns || all_zone_files_)
            AddZoneFiles(zones, curr_vdns);
    }

    WriteDefaultView(zone_view_map);
}

void NamedConfig::WriteDefaultView(ZoneViewMap &zone_view_map) {
    // Create a default view first for any requests which do not have
    // view name TXT record
    file_ << "view \"_default_view_\" {" << endl;
    file_ << "    match-clients {any;};" << endl;
    file_ << "    match-destinations {any;};" << endl;
    file_ << "    match-recursive-only no;" << endl;
    if (!default_forwarders_.empty()) {
        file_ << "    forwarders {" << default_forwarders_ << "};" << endl;
    }
    for (ZoneViewMap::iterator it = zone_view_map.begin();
         it != zone_view_map.end(); ++it) {
        WriteZone(it->second, it->first, false, false, "");
    }
    file_ << "};" << endl << endl;
}

void NamedConfig::WriteZone(const string &vdns, const string &name,
                            bool is_master, bool is_rr, const string &next_dns) {
    file_ << "    zone \"" << name << "\" IN {" << endl;
    if (is_master) {
        file_ << "        type master;" << endl;
        file_ << "        file \"" << GetZoneFilePath(vdns, name) << "\";" << endl;
        file_ << "        allow-update {127.0.0.1;};" << endl;
        if (!next_dns.empty()) {
            if (!is_rr && BindUtil::IsReverseZone(name)) {
                file_ << "        forwarders { };" << endl;
            }
        } else {
            file_ << "        forwarders { };" << endl;
        }
    } else {
        file_ << "        type static-stub;" << endl;
        file_ << "        virtual-server-name \"" << vdns << "\";" << endl;
        file_ << "        server-addresses {127.0.0.1;};" << endl;
    }
    file_ << "    };" << endl;
}

void NamedConfig::AddZoneFiles(ZoneList &zones, const VirtualDnsConfig *vdns) {
    for (unsigned int i = 0; i < zones.size(); i++) {
        CreateZoneFile(zones[i], vdns, !BindUtil::IsReverseZone(zones[i]));
    }
}

void NamedConfig::RemoveZoneFiles(const VirtualDnsConfig *vdns,
                                  ZoneList &zones) {
    for (unsigned int i = 0; i < zones.size(); i++) {
        RemoveZoneFile(vdns, zones[i]);
    }
}

void NamedConfig::RemoveZoneFile(const VirtualDnsConfig *vdns, string &zone) {
    string zfile_name = GetZoneFilePath(vdns->GetViewName(), zone);
    remove(zfile_name.c_str());
    zfile_name.append(".jnl");
    remove(zfile_name.c_str());
}

string NamedConfig::GetZoneFileName(const string &vdns, const string &name) {
    if (name.size() && name.at(name.size() - 1) == '.')
        return (vdns + "." + name + NamedZoneFileSuffix);
    else
        return (vdns + "." + name + "." + NamedZoneFileSuffix);
}

string NamedConfig::GetZoneFilePath(const string &vdns, const string &name) {
    return (named_config_dir_ + GetZoneFileName(vdns, name));
}

string NamedConfig::GetPidFilePath() {
    return (named_config_dir_ + pid_file_name);
}

string NamedConfig::GetSessionKeyFilePath() {
    return (named_config_dir_ + sessionkey_file_name);
}

string NamedConfig::GetZoneNSName(const string domain_name) {
    return (NamedZoneNSPrefix + "." + domain_name);
}

string NamedConfig::GetZoneMXName(const string domain_name) {
    return (NamedZoneMXPrefix + "." + domain_name);
}

void NamedConfig::CreateZoneFile(std::string &zone_name,
                                 const VirtualDnsConfig *vdns, bool ns) {
    ofstream zfile;
    string ns_name;
    string zone_filename = GetZoneFilePath(vdns->GetViewName(), zone_name);

    zfile.open(zone_filename.c_str());
    zfile << "$ORIGIN ." << endl;
    if (vdns->GetTtl() > 0) {
        zfile << "$TTL " << vdns->GetTtl() << endl;
    } else {
        zfile << "$TTL " << Defaults::GlobalTTL << endl;
    }
    zfile << left << setw(NameWidth) << zone_name << " IN  SOA " <<
                GetZoneNSName(vdns->GetDomainName()) << "  " <<
                GetZoneMXName(vdns->GetDomainName()) << " (" << endl;
    zfile << setw(NameWidth + 8) << "" << setw(NumberWidth) << Defaults::Serial << endl;
    zfile << setw(NameWidth + 8) << "" << setw(NumberWidth) << Defaults::Refresh << endl;
    zfile << setw(NameWidth + 8) << "" << setw(NumberWidth) << Defaults::Retry << endl;
    zfile << setw(NameWidth + 8) << "" << setw(NumberWidth) << Defaults::Expire << endl;
    if (vdns->GetNegativeCacheTtl() > 0 ) {
        zfile << setw(NameWidth + 8) << "" << setw(NumberWidth) << vdns->GetNegativeCacheTtl() << endl;
    } else {
        zfile << setw(NameWidth + 8) << "" << setw(NumberWidth) << Defaults::Minimum << endl;
    }
    zfile << setw(NameWidth + 8) << "" << ")" << endl;
    /* NS records are mandatory in zone file. They are required for the following reasons
       1. Name servers returns NS RR in responses to queries, in the authority section
          of the DNS message.
       2. Name servers use the NS records to determine where to send NOTIFY messages.
     */
    zfile << setw(NameWidth + 4) << "" << setw(TypeWidth) << " NS " <<
                setw(NameWidth) << GetZoneNSName(vdns->GetDomainName()) << endl;
    zfile << "$ORIGIN " << zone_name << endl;
    //Write the NS record
    if (ns)
        zfile << setw(NameWidth) << NamedZoneNSPrefix << " IN  A   " << Dns::GetSelfIp() << endl;
    zfile.flush();
    zfile.close();
}

// Create a list of zones for the virtual DNS
void NamedConfig::MakeZoneList(const VirtualDnsConfig *vdns_config,
                               ZoneList &zones) {
    // always take domain name in lower case, to avoid differences due to case
    std::string dns_domain = boost::to_lower_copy(vdns_config->GetDomainName());
    if (dns_domain.empty()) {
        return;
    }

    // Forward Zone
    zones.push_back(dns_domain);

    // Reverse zones
    MakeReverseZoneList(vdns_config, zones);
}

void NamedConfig::MakeReverseZoneList(const VirtualDnsConfig *vdns_config,
                                      ZoneList &zones) {
    const VirtualDnsConfig::IpamList &ipams = vdns_config->GetIpamList();
    for (VirtualDnsConfig::IpamList::const_iterator ipam_it = ipams.begin();
         ipam_it != ipams.end(); ++ipam_it) {
        if ((*ipam_it)->IsDeleted() || !(*ipam_it)->IsValid()) {
            continue;
        }
        const IpamConfig::VnniList &vnni_list = (*ipam_it)->GetVnniList();
        for (IpamConfig::VnniList::iterator vnni_it = vnni_list.begin();
             vnni_it != vnni_list.end(); ++vnni_it) {
            if ((*vnni_it)->IsDeleted() || !(*vnni_it)->IsValid()) {
                continue;
            }
            const Subnets &subnets = (*vnni_it)->GetSubnets();
            for (unsigned int i = 0; i < subnets.size(); ++i) {
                const Subnet &subnet = subnets[i];
                if (subnet.IsDeleted())
                    continue;
                subnet.GetReverseZones(zones);
            }
        }
    }

    // If same subnet is used in different VNs, remove duplicates
    std::sort(zones.begin(), zones.end());
    ZoneList::iterator it = std::unique(zones.begin(), zones.end());
    zones.resize(std::distance(zones.begin(), it));
}

void NamedConfig::GetDefaultForwarders() {
    default_forwarders_.clear();
    std::ifstream fd;
    fd.open(GetResolveFile().c_str());
    if (!fd.is_open()) {
        return;
    }

    std::string line;
    while (getline(fd, line)) {
        std::size_t pos = line.find_first_of("#");
        std::stringstream ss(line.substr(0, pos));
        std::string key;
        ss >> key;
        if (key == "nameserver") {
            std::string ip;
            ss >> ip;
            boost::system::error_code ec;
            boost::asio::ip::address_v4::from_string(ip, ec);
            if (!ec.value()) {
                default_forwarders_ += ip + "; ";
            }
        }
    }

    fd.close();
}


BindStatus::BindStatus(BindEventHandler handler)
    : named_pid_(-1), handler_(handler), change_timeout_(true) {
    status_timer_ = TimerManager::CreateTimer(
                    *Dns::GetEventManager()->io_service(), "BindStatusTimer",
                    TaskScheduler::GetInstance()->GetTaskId("dns::BindStatus"), 0);
    status_timer_->Start(kInitTimeout,
                         boost::bind(&BindStatus::CheckBindStatus, this));
}

BindStatus::~BindStatus() {
    status_timer_->Cancel();
    TimerManager::DeleteTimer(status_timer_);
}

// Check if a given pid belongs to contrail-named
bool BindStatus::IsBindPid(uint32_t pid) {
    bool ret = false;
    std::stringstream str;
    str << "/proc/" << pid << "/cmdline";

    ifstream ifile(str.str().c_str());
    if (ifile.is_open()) {
        if (ifile.good()) {
            std::string cmdline;
            cmdline.assign((istreambuf_iterator<char>(ifile)),
                            istreambuf_iterator<char>());
            istringstream cmdstream(cmdline);
            if (cmdstream.str().find("/usr/bin/contrail-named") !=
                std::string::npos) {
               ret = true;
            }
        }
        ifile.close();
    }

    return ret;
}

bool BindStatus::CheckBindStatus() {
    uint32_t new_pid = -1;
    NamedConfig *ncfg = NamedConfig::GetNamedConfigObject();
    if (ncfg) {
        std::ifstream pid_file(ncfg->GetPidFilePath().c_str());
        if (pid_file.is_open()) {
            if (pid_file.good()) {
                pid_file >> new_pid;
            }
            pid_file.close();
        }
    }

    if (new_pid == (uint32_t) -1) {
        handler_(Down);
    } else if (!IsBindPid(new_pid)) {
        if (named_pid_ != (uint32_t) -1) {
            named_pid_ = -1;
            handler_(Down);
        }
    } else {
        if (named_pid_ != new_pid) {
            named_pid_ = new_pid;
            handler_(Up);
        }
    }

    if (change_timeout_) {
        change_timeout_ = false;
        status_timer_->Reschedule(kBindStatusTimeout);
    }
    return true;
}