OpenDNSSEC-enforcer  2.1.9
zonelist_update.c
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation).
3  * Copyright (c) 2014 OpenDNSSEC AB (svb)
4  * All rights reserved.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  * 1. Redistributions of source code must retain the above copyright
10  * notice, this list of conditions and the following disclaimer.
11  * 2. Redistributions in binary form must reproduce the above copyright
12  * notice, this list of conditions and the following disclaimer in the
13  * documentation and/or other materials provided with the distribution.
14  *
15  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
17  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
19  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
21  * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
22  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
23  * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
24  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
25  * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26  *
27  */
28 
29 #include "log.h"
30 #include "str.h"
31 #include "utils/kc_helper.h"
32 #include "db/policy.h"
33 #include "clientpipe.h"
34 
36 
37 #include <libxml/parser.h>
38 #include <libxml/tree.h>
39 #include <limits.h>
40 #include <unistd.h>
41 #include <stdio.h>
42 #include <string.h>
43 
44 static int zonelist_update(int add, int sockfd, const char* filename, const zone_db_t* zone, int comment) {
45  xmlDocPtr doc;
46  xmlNodePtr root;
47  xmlNodePtr node;
48  xmlNodePtr node2;
49  xmlNodePtr node3;
50  xmlNodePtr node4;
51  xmlChar* name;
52  int found = 0;
53  char path[PATH_MAX];
55 
56  if (!filename) {
58  }
59  if (!zone) {
61  }
62 
63  if (!access(filename, F_OK)) {
64  if (access(filename, R_OK|W_OK)) {
65  client_printf_err(sockfd, "Read and/or write access to file denied!\n");
67  }
68 
69  /*
70  * Validate, parse and walk the XML.
71  */
72  if (check_zonelist(filename, 0, NULL, 0)) {
73  client_printf_err(sockfd, "Unable to read XML, validation error!\n");
75  }
76 
77  xmlKeepBlanksDefault(0);
78  if (!(doc = xmlParseFile(filename))) {
79  client_printf_err(sockfd, "Unable to read XML, parse error!\n");
81  }
82 
83  if (!(root = xmlDocGetRootElement(doc))) {
84  client_printf_err(sockfd, "Unable to get root XML element!\n");
85  xmlFreeDoc(doc);
87  }
88  }
89  else {
90  if (!(doc = xmlNewDoc((xmlChar*)"1.0"))
91  || !(root = xmlNewNode(NULL, (xmlChar*)"ZoneList")))
92  {
93  client_printf_err(sockfd, "Unable to create XML elements, memory allocation error!\n");
94  if (doc) {
95  xmlFreeDoc(doc);
96  }
98  }
99 
100  if (comment) {
101  node = xmlNewComment((xmlChar*)
102  "\n\n"
103  "********* Important changes to zonelist.xml in 2.0 ***************\n"
104  "\n"
105  "In 2.0, the zonelist.xml file is no longer automatically updated when zones\n"
106  "are added or deleted via the command line by using the 'ods-enforcer zone add'\n"
107  "command. However, in 2.0 it is possible to force an update of the zonelist.xml\n"
108  "file by using the new 'xml' flag. This is in contrast to the behaviour in 1.4\n"
109  "where zonelist.xml was always updated, unless the 'no-xml' flag was used. \n"
110  "\n");
111  xmlNodeAddContent(node, (xmlChar*)
112  "As a result in 2.0 the contents of the enforcer database should be considered\n"
113  "the 'master' for the list of currently configured zones, not the zonelist.xml\n"
114  "file as the file can easily become out of sync with the database.\n"
115  "\n");
116  xmlNodeAddContent(node, (xmlChar*)
117  "The contents of the database can be listed using:\n"
118  " ods-enforcer zone list\n"
119  "and exported using the command\n"
120  " ods-enforcer zonelist export\n"
121  "The contents of the database can still be updated in bulk from the zonelist.xml\n"
122  "file by using the command:\n"
123  " ods-enforcer zonelist import (or ods-enforcer update zonelist)\n\n"
124  );
125  xmlAddChild(root, node);
126  }
127  xmlDocSetRootElement(doc, root);
128  }
129 
130  for (; root; root = root->next) {
131  if (root->type != XML_ELEMENT_NODE) {
132  continue;
133  }
134 
135  if (!strcmp((char*)root->name, "ZoneList")) {
136  for (node = root->children; node; node = node->next) {
137  if (node->type != XML_ELEMENT_NODE) {
138  continue;
139  }
140  if (strcmp((char*)node->name, "Zone")) {
141  continue;
142  }
143 
144  if (!(name = xmlGetProp(node, (const xmlChar*)"name"))) {
145  client_printf_err(sockfd, "Unable to XML property, memory allocation error!\n");
146  xmlFreeDoc(doc);
148  }
149 
150  if (!strcmp(zone_db_name(zone), (char*)name)) {
151  if (!add) {
152  xmlUnlinkNode(node);
153  xmlFreeNode(node);
154  }
155  found = 1;
156  xmlFree(name);
157  break;
158  }
159 
160  xmlFree(name);
161  }
162 
163  if (add && found) {
164  client_printf_err(sockfd, "Unable to update XML, entry already exists!\n");
165  xmlFreeDoc(doc);
167  }
168  if (!add && !found) {
169  xmlFreeDoc(doc);
170  return ZONELIST_UPDATE_OK;
171  }
172  }
173 
174  if (add) {
175  if (!(policy = zone_db_get_policy(zone))
176  || !(node = xmlNewChild(root, NULL, (xmlChar*)"Zone", NULL))
177  || !xmlNewProp(node, (xmlChar*)"name", (xmlChar*)zone_db_name(zone))
178  || !xmlNewChild(node, NULL, (xmlChar*)"Policy", (xmlChar*)policy_name(policy))
179  || !xmlNewChild(node, NULL, (xmlChar*)"SignerConfiguration", (xmlChar*)zone_db_signconf_path(zone))
180  || !(node2 = xmlNewChild(node, NULL, (xmlChar*)"Adapters", NULL))
181  || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"Input", NULL))
182  || !(node4 = xmlNewChild(node3, NULL, (xmlChar*)"Adapter", (xmlChar*)zone_db_input_adapter_uri(zone)))
183  || !xmlNewProp(node4, (xmlChar*)"type", (xmlChar*)zone_db_input_adapter_type(zone))
184  || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"Output", NULL))
185  || !(node4 = xmlNewChild(node3, NULL, (xmlChar*)"Adapter", (xmlChar*)zone_db_output_adapter_uri(zone)))
186  || !xmlNewProp(node4, (xmlChar*)"type", (xmlChar*)zone_db_output_adapter_type(zone)))
187  {
188  client_printf_err(sockfd, "Unable to create new XML element, memory allocation or internal error!\n");
190  xmlFreeDoc(doc);
192  }
194  }
195 
196  break;
197  }
198 
199  if (snprintf(path, sizeof(path), "%s.update", filename) >= (int)sizeof(path)) {
200  client_printf_err(sockfd, "Unable to write updated XML, path to long!\n");
201  xmlFreeDoc(doc);
203  }
204  unlink(path);
205  if (xmlSaveFormatFileEnc(path, doc, "UTF-8", 1) == -1) {
206  client_printf_err(sockfd, "Unable to write updated XML, unknown error!\n");
207  unlink(path);
208  xmlFreeDoc(doc);
210  }
211  xmlFreeDoc(doc);
212 
213  if (check_zonelist(path, 0, NULL, 0)) {
214  client_printf_err(sockfd, "Validating updated XML failed!\n");
215  unlink(path);
217  }
218 
219  if (rename(path, filename)) {
220  client_printf_err(sockfd, "Unable to write updated XML, rename failed!\n");
221  unlink(path);
223  }
224 
225  return ZONELIST_UPDATE_OK;
226 }
227 
228 int zonelist_update_add(int sockfd, const char* filename, const zone_db_t* zone, int comment) {
229  return zonelist_update(1, sockfd, filename, zone, comment);
230 }
231 
232 int zonelist_update_delete(int sockfd, const char* filename, const zone_db_t* zone, int comment) {
233  return zonelist_update(0, sockfd, filename, zone, comment);
234 }
int check_zonelist(const char *zonelist, int verbose, char **policy_names, int policy_count)
Definition: kc_helper.c:1664
const char * policy_name(const policy_t *policy)
Definition: policy.c:813
void policy_free(policy_t *policy)
Definition: policy.c:518
Definition: policy.h:60
const char * zone_db_output_adapter_uri(const zone_db_t *zone)
Definition: zone_db.c:886
const char * zone_db_name(const zone_db_t *zone)
Definition: zone_db.c:782
const char * zone_db_signconf_path(const zone_db_t *zone)
Definition: zone_db.c:798
policy_t * zone_db_get_policy(const zone_db_t *zone)
Definition: zone_db.c:744
const char * zone_db_output_adapter_type(const zone_db_t *zone)
Definition: zone_db.c:878
const char * zone_db_input_adapter_type(const zone_db_t *zone)
Definition: zone_db.c:862
const char * zone_db_input_adapter_uri(const zone_db_t *zone)
Definition: zone_db.c:870
int zonelist_update_add(int sockfd, const char *filename, const zone_db_t *zone, int comment)
int zonelist_update_delete(int sockfd, const char *filename, const zone_db_t *zone, int comment)
#define ZONELIST_UPDATE_ERR_ARGS
#define ZONELIST_UPDATE_OK
#define ZONELIST_UPDATE_ERR_MEMORY
#define ZONELIST_UPDATE_ERR_FILE
#define ZONELIST_UPDATE_ERR_XML