OpenDNSSEC-enforcer  2.1.5
zonelist_update.c
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation).
3  * Copyright (c) 2014 OpenDNSSEC AB (svb)
4  * All rights reserved.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  * 1. Redistributions of source code must retain the above copyright
10  * notice, this list of conditions and the following disclaimer.
11  * 2. Redistributions in binary form must reproduce the above copyright
12  * notice, this list of conditions and the following disclaimer in the
13  * documentation and/or other materials provided with the distribution.
14  *
15  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
17  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
19  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
21  * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
22  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
23  * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
24  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
25  * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26  *
27  */
28 
29 #include "log.h"
30 #include "str.h"
31 #include "utils/kc_helper.h"
32 #include "db/policy.h"
33 #include "clientpipe.h"
34 
36 
37 #include <libxml/parser.h>
38 #include <libxml/tree.h>
39 #include <limits.h>
40 #include <unistd.h>
41 #include <stdio.h>
42 #include <string.h>
43 
44 static int zonelist_update(int add, int sockfd, const char* filename, const zone_db_t* zone, int comment) {
45  xmlDocPtr doc;
46  xmlNodePtr root;
47  xmlNodePtr node;
48  xmlNodePtr node2;
49  xmlNodePtr node3;
50  xmlNodePtr node4;
51  xmlChar* name;
52  int found = 0;
53  char path[PATH_MAX];
55 
56  if (!filename) {
58  }
59  if (!zone) {
61  }
62 
63  if (!access(filename, F_OK)) {
64  if (access(filename, R_OK|W_OK)) {
65  client_printf_err(sockfd, "Read and/or write access to file denied!\n");
67  }
68 
69  /*
70  * Validate, parse and walk the XML.
71  */
72  if (check_zonelist(filename, 0, NULL, 0)) {
73  client_printf_err(sockfd, "Unable to read XML, validation error!\n");
75  }
76 
77  xmlKeepBlanksDefault(0);
78  if (!(doc = xmlParseFile(filename))) {
79  client_printf_err(sockfd, "Unable to read XML, parse error!\n");
81  }
82 
83  if (!(root = xmlDocGetRootElement(doc))) {
84  client_printf_err(sockfd, "Unable to get root XML element!\n");
85  xmlFreeDoc(doc);
87  }
88  }
89  else {
90  if (!(doc = xmlNewDoc((xmlChar*)"1.0"))
91  || !(root = xmlNewNode(NULL, (xmlChar*)"ZoneList")))
92  {
93  client_printf_err(sockfd, "Unable to create XML elements, memory allocation error!\n");
94  if (doc) {
95  xmlFreeDoc(doc);
96  }
98  }
99 
100  if (comment) {
101  node = xmlNewComment((xmlChar*)
102  "\n\n"
103  "********* Important changes to zonelist.xml in 2.0 ***************\n"
104  "\n"
105  "In 2.0, the zonelist.xml file is no longer automatically updated when zones\n"
106  "are added or deleted via the command line by using the 'ods-enforcer zone add'\n"
107  "command. However, in 2.0 it is possible to force an update of the zonelist.xml\n"
108  "file by using the new 'xml' flag. This is in contrast to the behaviour in 1.4\n"
109  "where zonelist.xml was always updated, unless the 'no-xml' flag was used. \n"
110  "\n");
111  xmlNodeAddContent(node, (xmlChar*)
112  "As a result in 2.0 the contents of the enforcer database should be considered\n"
113  "the 'master' for the list of currently configured zones, not the zonelist.xml\n"
114  "file as the file can easily become out of sync with the database.\n"
115  "\n");
116  xmlNodeAddContent(node, (xmlChar*)
117  "The contents of the database can be listed using:\n"
118  " ods-enforcer zone list\n"
119  "and exported using the command\n"
120  " ods-enforcer zonelist export\n"
121  "The contents of the database can still be updated in bulk from the zonelist.xml\n"
122  "file by using the command:\n"
123  " ods-enforcer zonelist import (or ods-enforcer update zonelist)\n\n"
124  );
125  xmlAddChild(root, node);
126  }
127  xmlDocSetRootElement(doc, root);
128  }
129 
130  for (; root; root = root->next) {
131  if (root->type != XML_ELEMENT_NODE) {
132  continue;
133  }
134 
135  if (!strcmp((char*)root->name, "ZoneList")) {
136  for (node = root->children; node; node = node->next) {
137  if (node->type != XML_ELEMENT_NODE) {
138  continue;
139  }
140  if (strcmp((char*)node->name, "Zone")) {
141  continue;
142  }
143 
144  if (!(name = xmlGetProp(node, (const xmlChar*)"name"))) {
145  client_printf_err(sockfd, "Unable to XML property, memory allocation error!\n");
146  xmlFreeDoc(doc);
148  }
149 
150  if (!strcmp(zone_db_name(zone), (char*)name)) {
151  if (!add) {
152  xmlUnlinkNode(node);
153  xmlFreeNode(node);
154  }
155  found = 1;
156  xmlFree(name);
157  break;
158  }
159 
160  xmlFree(name);
161  }
162 
163  if (add && found) {
164  client_printf_err(sockfd, "Unable to update XML, entry already exists!\n");
165  xmlFreeDoc(doc);
167  }
168  if (!add && !found) {
169  xmlFreeDoc(doc);
170  return ZONELIST_UPDATE_OK;
171  }
172  }
173 
174  if (add) {
175  if (!(policy = zone_db_get_policy(zone))
176  || !(node = xmlNewChild(root, NULL, (xmlChar*)"Zone", NULL))
177  || !xmlNewProp(node, (xmlChar*)"name", (xmlChar*)zone_db_name(zone))
178  || !xmlNewChild(node, NULL, (xmlChar*)"Policy", (xmlChar*)policy_name(policy))
179  || !xmlNewChild(node, NULL, (xmlChar*)"SignerConfiguration", (xmlChar*)zone_db_signconf_path(zone))
180  || !(node2 = xmlNewChild(node, NULL, (xmlChar*)"Adapters", NULL))
181  || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"Input", NULL))
182  || !(node4 = xmlNewChild(node3, NULL, (xmlChar*)"Adapter", (xmlChar*)zone_db_input_adapter_uri(zone)))
183  || !xmlNewProp(node4, (xmlChar*)"type", (xmlChar*)zone_db_input_adapter_type(zone))
184  || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"Output", NULL))
185  || !(node4 = xmlNewChild(node3, NULL, (xmlChar*)"Adapter", (xmlChar*)zone_db_output_adapter_uri(zone)))
186  || !xmlNewProp(node4, (xmlChar*)"type", (xmlChar*)zone_db_output_adapter_type(zone)))
187  {
188  client_printf_err(sockfd, "Unable to create new XML element, memory allocation or internal error!\n");
190  xmlFreeDoc(doc);
192  }
194  }
195 
196  break;
197  }
198 
199  if (snprintf(path, sizeof(path), "%s.update", filename) >= (int)sizeof(path)) {
200  client_printf_err(sockfd, "Unable to write updated XML, path to long!\n");
201  xmlFreeDoc(doc);
203  }
204  unlink(path);
205  if (xmlSaveFormatFileEnc(path, doc, "UTF-8", 1) == -1) {
206  client_printf_err(sockfd, "Unable to write updated XML, unknown error!\n");
207  unlink(path);
208  xmlFreeDoc(doc);
210  }
211  xmlFreeDoc(doc);
212 
213  if (check_zonelist(path, 0, NULL, 0)) {
214  client_printf_err(sockfd, "Validating updated XML failed!\n");
215  unlink(path);
217  }
218 
219  if (rename(path, filename)) {
220  client_printf_err(sockfd, "Unable to write updated XML, rename failed!\n");
221  unlink(path);
223  }
224 
225  return ZONELIST_UPDATE_OK;
226 }
227 
228 int zonelist_update_add(int sockfd, const char* filename, const zone_db_t* zone, int comment) {
229  return zonelist_update(1, sockfd, filename, zone, comment);
230 }
231 
232 int zonelist_update_delete(int sockfd, const char* filename, const zone_db_t* zone, int comment) {
233  return zonelist_update(0, sockfd, filename, zone, comment);
234 }
policy.h
zone_db_output_adapter_uri
const char * zone_db_output_adapter_uri(const zone_db_t *zone)
Definition: zone_db.c:886
zonelist_update.h
check_zonelist
int check_zonelist(const char *zonelist, int verbose, char **policy_names, int policy_count)
Definition: kc_helper.c:1664
policy_name
const char * policy_name(const policy_t *policy)
Definition: policy.c:813
zone_db_signconf_path
const char * zone_db_signconf_path(const zone_db_t *zone)
Definition: zone_db.c:798
ZONELIST_UPDATE_ERR_FILE
#define ZONELIST_UPDATE_ERR_FILE
Definition: zonelist_update.h:57
ZONELIST_UPDATE_OK
#define ZONELIST_UPDATE_OK
Definition: zonelist_update.h:37
kc_helper.h
zone_db_output_adapter_type
const char * zone_db_output_adapter_type(const zone_db_t *zone)
Definition: zone_db.c:878
zonelist_update_delete
int zonelist_update_delete(int sockfd, const char *filename, const zone_db_t *zone, int comment)
Definition: zonelist_update.c:232
zone_db_name
const char * zone_db_name(const zone_db_t *zone)
Definition: zone_db.c:782
ZONELIST_UPDATE_ERR_MEMORY
#define ZONELIST_UPDATE_ERR_MEMORY
Definition: zonelist_update.h:53
policy_free
void policy_free(policy_t *policy)
Definition: policy.c:518
zone_db
Definition: zone_db.h:46
ZONELIST_UPDATE_ERR_ARGS
#define ZONELIST_UPDATE_ERR_ARGS
Definition: zonelist_update.h:41
zone_db_get_policy
policy_t * zone_db_get_policy(const zone_db_t *zone)
Definition: zone_db.c:744
ZONELIST_UPDATE_ERR_XML
#define ZONELIST_UPDATE_ERR_XML
Definition: zonelist_update.h:45
zone_db_input_adapter_uri
const char * zone_db_input_adapter_uri(const zone_db_t *zone)
Definition: zone_db.c:870
policy
Definition: policy.h:60
zone_db_input_adapter_type
const char * zone_db_input_adapter_type(const zone_db_t *zone)
Definition: zone_db.c:862
zonelist_update_add
int zonelist_update_add(int sockfd, const char *filename, const zone_db_t *zone, int comment)
Definition: zonelist_update.c:228