BIND 10 trac1022, updated. bf41f8dc2265ca0cd9ffb8b8c11047291e69ca3c [trac1022] ChangeLog for trac 1022 and 1023.
BIND 10 source code commits
bind10-changes at lists.isc.org
Tue Jun 21 16:47:59 UTC 2011
The branch, trac1022 has been updated
via bf41f8dc2265ca0cd9ffb8b8c11047291e69ca3c (commit)
via 926a65fa08617be677a93e9e388df0f229b01067 (commit)
via e9798fc8931856a7eaeee37155600146d7dc7c57 (commit)
via 59e01319e369a7c8e4f9a326d603dee7e3924c6b (commit)
via ad5a633a9e77e561675aca5263853db8161e82fa (commit)
via 0eb494bd7c49f0559c870d8a687ad0552f2feeb7 (commit)
via f79a424a36d3a5896c43c5cae5d88d690ecbe90e (commit)
via a1301a0545acc48bf2f94731cb26577806e3c383 (commit)
via 40cf6abada7f06648643b14b9b7db21d0fde3b27 (commit)
via 4fae538655882db7c085dab798b4fb29c4a9d8f1 (commit)
via b5cfd5e541d4bbb7f13ad93392018711e19ba0e5 (commit)
via 85b06e8c212c9733cc77e71d8a72c72161dc34f2 (commit)
via 70af8c7c72300e1afe1974de22c117ff5566487d (commit)
via 03e690228b6f5184d67a4ff3de56a861fcac9a23 (commit)
via d749aee2ec681e0304dd53c63f276af98edeaf31 (commit)
via a4f1f8de765810aecff1194c74a108682e3de28e (commit)
via c4c85ce1694bd421912d1902f2d614c15bebbea1 (commit)
via f78cf6ebc22712c470da4af720915b09ae8e8ebe (commit)
via 4c250f85ed6ad7f697c42137f1e67aadacf73dac (commit)
via 941eceae0a54d023dce0c43757b0104b8adbcc9c (commit)
via 79143dc457f23670d860a2fa134b13eb62db490b (commit)
via d867ca0fabdb5398d6a964aa393fadf678af2bbf (commit)
via 3eb58c78cacf7686435e963d423c6c035a737bc0 (commit)
via e90d2063e0bd98767fdcd38962ad5be6f2eda68e (commit)
via 0699e756aead6ec1b3a80f5e044d8c3cb35e3280 (commit)
via 384501f85cc9e66a686a96e349241442af29a56b (commit)
via 707e700d4861b2c47235183ce6e98d985819dd2d (commit)
via a9d549be7404552a13a95db041e7e1da64729341 (commit)
via 3eb8c8e08c993b1458a6d79f434e0305936bcd14 (commit)
via 6fe98e3c2a669c9dc779980426a81fbe1ddcfff3 (commit)
via edfe1b966d53caf3ed9e17cd525b0d94beff0aaf (commit)
via fd9334b7d856c4f748919d035b2a4ad3c85b545b (commit)
via 0fdc040591f07f5f876ff2a16ea363e9026346ae (commit)
from 2d39d007d30f65589cfe4b671dc91cdab70ed107 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit bf41f8dc2265ca0cd9ffb8b8c11047291e69ca3c
Author: Stephen Morris <stephen at isc.org>
Date: Tue Jun 21 17:47:35 2011 +0100
[trac1022] ChangeLog for trac 1022 and 1023.
commit 926a65fa08617be677a93e9e388df0f229b01067
Merge: 2d39d007d30f65589cfe4b671dc91cdab70ed107 e9798fc8931856a7eaeee37155600146d7dc7c57
Author: Stephen Morris <stephen at isc.org>
Date: Tue Jun 21 17:41:58 2011 +0100
Merge branch 'master' into trac1022
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 6 +
src/bin/xfrout/xfrout.py.in | 2 +-
src/lib/acl/Makefile.am | 17 +-
src/lib/{log/log_formatter.cc => acl/loader.cc} | 40 +-
src/lib/acl/loader.h | 404 +++++++++++++++++++
src/lib/acl/tests/Makefile.am | 6 +-
src/lib/acl/tests/acl_test.cc | 68 +----
src/lib/acl/tests/loader_test.cc | 426 +++++++++++++++++++++
src/lib/acl/tests/logcheck.h | 86 +++++
src/lib/asiodns/asiodef.mes | 8 +-
src/lib/config/ccsession.cc | 6 +-
src/lib/config/ccsession.h | 19 +
src/lib/datasrc/messagedef.mes | 22 +-
src/lib/exceptions/exceptions.h | 11 +
src/lib/python/isc/config/ccsession.py | 32 ++-
src/lib/python/isc/config/tests/Makefile.am | 1 +
src/lib/python/isc/config/tests/ccsession_test.py | 39 ++-
src/lib/python/isc/log/Makefile.am | 3 +
src/lib/python/isc/log/__init__.py | 11 +-
src/lib/python/isc/log/log.cc | 64 +++
src/lib/python/isc/log/tests/Makefile.am | 1 +
src/lib/python/isc/log/tests/log_test.py | 30 ++
22 files changed, 1190 insertions(+), 112 deletions(-)
copy src/lib/{log/log_formatter.cc => acl/loader.cc} (51%)
create mode 100644 src/lib/acl/loader.h
create mode 100644 src/lib/acl/tests/loader_test.cc
create mode 100644 src/lib/acl/tests/logcheck.h
-----------------------------------------------------------------------
diff --git a/ChangeLog b/ChangeLog
index 6c6da37..3980945 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+259. [bug] stephen
+ Logging now correctly initialized in b10-auth. Also, fixed
+ bug whereby querying for "version.bind txt ch" would cause
+ b10-auth to crash if BIND 10 was started with the "-v" switch.
+ (Trac 1022,1023, git 926a65fa08617be677a93e9e388df0f229b01067)
+
258. [build] jelte
Now builds and runs with Python 3.2
(Trac #710, git dae1d2e24f993e1eef9ab429326652f40a006dfb)
diff --git a/src/bin/xfrout/xfrout.py.in b/src/bin/xfrout/xfrout.py.in
index 40bad85..ac22fe4 100755
--- a/src/bin/xfrout/xfrout.py.in
+++ b/src/bin/xfrout/xfrout.py.in
@@ -559,7 +559,7 @@ class XfroutServer:
#self._log = None
self._listen_sock_file = UNIX_SOCKET_FILE
self._shutdown_event = threading.Event()
- self._cc = isc.config.ModuleCCSession(SPECFILE_LOCATION, self.config_handler, self.command_handler)
+ self._cc = isc.config.ModuleCCSession(SPECFILE_LOCATION, self.config_handler, self.command_handler, None, True)
self._config_data = self._cc.get_full_config()
self._cc.start()
self._cc.add_remote_config(AUTH_SPECFILE_LOCATION);
diff --git a/src/lib/acl/Makefile.am b/src/lib/acl/Makefile.am
index b063289..d3222ae 100644
--- a/src/lib/acl/Makefile.am
+++ b/src/lib/acl/Makefile.am
@@ -1,6 +1,15 @@
-SUBDIRS = tests
+SUBDIRS = . tests
-EXTRA_DIST = check.h acl.h
+AM_CPPFLAGS = -I$(top_srcdir)/src/lib -I$(top_builddir)/src/lib
+AM_CPPFLAGS += $(BOOST_INCLUDES)
-# TODO: Once we have some cc file we are able to compile, create the library.
-# For now, we have only header files, not creating empty library.
+AM_CXXFLAGS = $(B10_CXXFLAGS)
+
+lib_LTLIBRARIES = libacl.la
+libacl_la_SOURCES = check.h acl.h
+libacl_la_SOURCES += loader.h loader.cc
+
+libacl_la_LIBADD = $(top_builddir)/src/lib/exceptions/libexceptions.la
+libacl_la_LIBADD += $(top_builddir)/src/lib/cc/libcc.la
+
+CLEANFILES = *.gcno *.gcda
diff --git a/src/lib/acl/loader.cc b/src/lib/acl/loader.cc
new file mode 100644
index 0000000..8ca7e28
--- /dev/null
+++ b/src/lib/acl/loader.cc
@@ -0,0 +1,46 @@
+// Copyright (C) 2011 Internet Systems Consortium, Inc. ("ISC")
+//
+// Permission to use, copy, modify, and/or distribute this software for any
+// purpose with or without fee is hereby granted, provided that the above
+// copyright notice and this permission notice appear in all copies.
+//
+// THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+// REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+// AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+// INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+// LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+// OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+// PERFORMANCE OF THIS SOFTWARE.
+
+#include "loader.h"
+
+using namespace std;
+
+namespace isc {
+namespace acl {
+
+BasicAction defaultActionLoader(data::ConstElementPtr actionEl) {
+ try {
+ const string action(actionEl->stringValue());
+ if (action == "ACCEPT") {
+ return (ACCEPT);
+ } else if (action == "REJECT") {
+ return (REJECT);
+ } else if (action == "DROP") {
+ return (DROP);
+ } else {
+ throw LoaderError(__FILE__, __LINE__,
+ string("Unknown action '" + action + "'").
+ c_str(),
+ actionEl);
+ }
+ }
+ catch (const data::TypeError&) {
+ throw LoaderError(__FILE__, __LINE__,
+ "Invalid element type for action, must be string",
+ actionEl);
+ }
+}
+
+}
+}
diff --git a/src/lib/acl/loader.h b/src/lib/acl/loader.h
new file mode 100644
index 0000000..11e7ebc
--- /dev/null
+++ b/src/lib/acl/loader.h
@@ -0,0 +1,404 @@
+// Copyright (C) 2011 Internet Systems Consortium, Inc. ("ISC")
+//
+// Permission to use, copy, modify, and/or distribute this software for any
+// purpose with or without fee is hereby granted, provided that the above
+// copyright notice and this permission notice appear in all copies.
+//
+// THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+// REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+// AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+// INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+// LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+// OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+// PERFORMANCE OF THIS SOFTWARE.
+
+#ifndef ACL_LOADER_H
+#define ACL_LOADER_H
+
+#include "acl.h"
+#include <cc/data.h>
+#include <boost/function.hpp>
+#include <boost/shared_ptr.hpp>
+#include <map>
+
+namespace isc {
+namespace acl {
+
+/**
+ * \brief Exception for bad ACL specifications.
+ *
+ * This will be thrown by the Loader if the ACL description is malformed
+ * in some way.
+ *
+ * It also can hold optional JSON element where was the error detected, so
+ * it can be examined.
+ *
+ * Checks may subclass this exception for similar errors if they see it fit.
+ */
+class LoaderError : public BadValue {
+private:
+ const data::ConstElementPtr element_;
+public:
+ /**
+ * \brief Constructor.
+ *
+ * Should be used with isc_throw if the fourth argument isn't used.
+ *
+ * \param file The file where the throw happened.
+ * \param line Similar as file, just for the line number.
+ * \param what Human readable description of what happened.
+ * \param element This might be passed to hold the JSON element where
+ * the error was detected.
+ */
+ LoaderError(const char* file, size_t line, const char* what,
+ data::ConstElementPtr element = data::ConstElementPtr()) :
+ BadValue(file, line, what),
+ element_(element)
+ {}
+ ~ LoaderError() throw() {}
+ /**
+ * \brief Get the element.
+ *
+ * This returns the element where the error was detected. Note that it
+ * might be NULL in some situations.
+ */
+ const data::ConstElementPtr& element() const {
+ return (element_);
+ }
+};
+
+/**
+ * \brief Loader of the default actions of ACLs.
+ *
+ * Declared outside the Loader class, as this one does not need to be
+ * templated. This will throw LoaderError if the parameter isn't string
+ * or if it doesn't contain one of the accepted values.
+ *
+ * \param action The JSON representation of the action. It must be a string
+ * and contain one of "ACCEPT", "REJECT" or "DENY".
+ * \note We could define different names or add aliases if needed.
+ */
+BasicAction defaultActionLoader(data::ConstElementPtr action);
+
+/**
+ * \brief Loader of ACLs.
+ *
+ * The goal of this class is to convert JSON description of an ACL to object
+ * of the ACL class (including the checks inside it).
+ *
+ * The class can be used to load the checks only. This is supposed to be used
+ * by compound checks to create the subexpressions.
+ *
+ * To allow any kind of checks to exist in the application, creators are
+ * registered for the names of the checks.
+ *
+ * An ACL definition looks like this:
+ * \verbatim
+ * [
+ * {
+ * "action": "ACCEPT",
+ * "match-type": <parameter>
+ * },
+ * {
+ * "action": "REJECT",
+ * "match-type": <parameter>
+ * "another-match-type": [<parameter1>, <parameter2>]
+* },
+* {
+* "action": "DROP"
+* }
+ * ]
+ * \endverbatim
+ *
+ * This is a list of elements. Each element must have an "action"
+ * entry/keyword. That one specifies which action is returned if this
+ * element matches (the value of the key is passed to the action loader
+ * (see the constructor). It may be any piece of JSON which the action
+ * loader expects.
+ *
+ * The rest of the element are matches. The left side is the name of the
+ * match type (for example match for source IP address or match for message
+ * size). The <parameter> is whatever is needed to describe the match and
+ * depends on the match type, the loader passes it verbatim to creator
+ * of that match type.
+ *
+ * There may be multiple match types in single element. In such case, all
+ * of the matches must match for the element to take action (so, in the second
+ * element, both "match-type" and "another-match-type" must be satisfied).
+ * If there's no match in the element, the action is taken/returned without
+ * conditions, every time (makes sense as the last entry, as the ACL will
+ * never get past it).
+ *
+ * The second entry shows another thing - if there's a list as the value
+ * for some match and the match itself is not expecting a list, it is taken
+ * as an "or" - a match for at last one of the choices in the list must match.
+ * So, for the second entry, both "match-type" and "another-match-type" must
+ * be satisfied, but the another one is satisfied by either parameter1 or
+ * parameter2.
+ */
+template<typename Context, typename Action = BasicAction> class Loader {
+public:
+ /**
+ * \brief Constructor.
+ *
+ * \param default_action The default action for created ACLs.
+ * \param actionLoader is the loader which will be used to convert actions
+ * from their JSON representation. The default value is suitable for
+ * the BasicAction enum. If you did not specify the second
+ * template argument, you don't need to specify this loader.
+ */
+ Loader(const Action& defaultAction,
+ const boost::function1<Action, data::ConstElementPtr>
+ &actionLoader = &defaultActionLoader) :
+ default_action_(defaultAction),
+ action_loader_(actionLoader)
+ {}
+ /**
+ * \brief Creator of the checks.
+ *
+ * This can be registered within the Loader and will be used to create the
+ * checks. It is expected multiple creators (for multiple types, one can
+ * handle even multiple names) will be created and registered to support
+ * range of things we could check. This allows for customizing/extending
+ * the loader.
+ */
+ class CheckCreator {
+ public:
+ /**
+ * \brief List of names supported by this loader.
+ *
+ * List of all names for which this loader is able to create the
+ * checks. There can be multiple names, to support both aliases
+ * to the same checks and creators capable of creating multiple
+ * types of checks.
+ */
+ virtual std::vector<std::string> names() const = 0;
+ /**
+ * \brief Creates the check.
+ *
+ * This function does the actual creation. It is passed all the
+ * relevant data and is supposed to return shared pointer to the
+ * check.
+ *
+ * It is expected to throw the LoaderError exception when the
+ * definition is invalid.
+ *
+ * \param name The type name of the check. If the creator creates
+ * only one type of check, it can safely ignore this parameter.
+ * \param definition The part of JSON describing the parameters of
+ * check. As there's no way for the loader to know how the
+ * parameters might look like, they are not checked in any way.
+ * Therefore it's up to the creator (or the check being created)
+ * to validate the data and throw if it is bad.
+ * \param Current loader calling this creator. This can be used
+ * to load subexpressions in case of compound check.
+ */
+ virtual boost::shared_ptr<Check<Context> > create(
+ const std::string& name, data::ConstElementPtr definition,
+ const Loader<Context, Action>& loader) = 0;
+ /**
+ * \brief Is list or-abbreviation allowed?
+ *
+ * If this returns true and the parameter (eg. the value we check
+ * against, the one that is passed as the second parameter of create)
+ * is list, the loader will call the create method with each element of
+ * the list and aggregate all the results in OR compound check. If it
+ * is false, the parameter is passed verbatim no matter if it is or
+ * isn't a list. For example, IP check will have this as true (so
+ * multiple IP addresses can be passed as options), but AND operator
+ * will return false and handle the list of subexpressions itself.
+ *
+ * The rationale behind this is that it is common to specify list of
+ * something that matches (eg. list of IP addresses).
+ */
+ virtual bool allowListAbbreviation() const {
+ return (true);
+ }
+ };
+ /**
+ * \brief Register another check creator.
+ *
+ * Adds a creator to the list of known ones. The creator's list of names
+ * must be disjoint with the names already known to the creator or the
+ * LoaderError exception is thrown. In such case, the creator is not
+ * registered under any of the names. In case of other exceptions, like
+ * bad_alloc, only weak exception safety is guaranteed.
+ *
+ * \param creator Shared pointer to the creator.
+ * \note We don't support deregistration yet, but it is expected it will
+ * be needed in future, when we have some kind of plugins. These
+ * plugins might want to unload, in which case they would need to
+ * deregister their creators. It is expected they would pass the same
+ * pointer to such method as they pass here.
+ */
+ void registerCreator(boost::shared_ptr<CheckCreator> creator) {
+ // First check we can insert all the names
+ typedef std::vector<std::string> Strings;
+ const Strings names(creator->names());
+ for (Strings::const_iterator i(names.begin()); i != names.end();
+ ++i) {
+ if (creators_.find(*i) != creators_.end()) {
+ isc_throw(LoaderError, "The loader already contains creator "
+ "named " << *i);
+ }
+ }
+ // Now insert them
+ for (Strings::const_iterator i(names.begin()); i != names.end();
+ ++i) {
+ creators_[*i] = creator;
+ }
+ }
+ /**
+ * \brief Load a check.
+ *
+ * This parses a check dict (block, the one element of ACL) and calls a
+ * creator (or creators, if more than one check is found inside) for it. It
+ * ignores the "action" key, as it is a reserved keyword used to specify
+ * actions inside the ACL.
+ *
+ * This may throw LoaderError if it is not a dict or if some of the type
+ * names is not known (there's no creator registered for it). The
+ * exceptions from creators aren't caught.
+ *
+ * \param description The JSON description of the check.
+ */
+ boost::shared_ptr<Check<Context> > loadCheck(const data::ConstElementPtr&
+ description)
+ {
+ // Get the description as a map
+ typedef std::map<std::string, data::ConstElementPtr> Map;
+ Map map;
+ try {
+ map = description->mapValue();
+ }
+ catch (const data::TypeError&) {
+ isc_throw_1(LoaderError, "Check description is not a map",
+ description);
+ }
+ // Call the internal part with extracted map
+ return (loadCheck(description, map));
+ }
+ /**
+ * \brief Load an ACL.
+ *
+ * This parses an ACL list, creates the checks and actions of each element
+ * and returns it. It may throw LoaderError if it isn't a list or the
+ * "action" key is missing in some element. Also, no exceptions from
+ * loadCheck (therefore from whatever creator is used) and from the
+ * actionLoader passed to constructor are not caught.
+ *
+ * \param description The JSON list of ACL.
+ */
+ boost::shared_ptr<ACL<Context, Action> > load(const data::ConstElementPtr&
+ description)
+ {
+ // We first check it's a list, so we can use the list reference
+ // (the list may be huge)
+ if (description->getType() != data::Element::list) {
+ isc_throw_1(LoaderError, "ACL not a list", description);
+ }
+ // First create an empty ACL
+ const List &list(description->listValue());
+ boost::shared_ptr<ACL<Context, Action> > result(
+ new ACL<Context, Action>(default_action_));
+ // Run trough the list of elements
+ for (List::const_iterator i(list.begin()); i != list.end(); ++i) {
+ Map map;
+ try {
+ map = (*i)->mapValue();
+ }
+ catch (const data::TypeError&) {
+ isc_throw_1(LoaderError, "ACL element not a map", *i);
+ }
+ // Create an action for the element
+ const Map::const_iterator action(map.find("action"));
+ if (action == map.end()) {
+ isc_throw_1(LoaderError, "No action in ACL element", *i);
+ }
+ const Action acValue(action_loader_(action->second));
+ // Now create the check if there's one
+ if (map.size() >= 2) { // One is the action, another one the check
+ result->append(loadCheck(*i, map), acValue);
+ } else {
+ // In case there's no check, this matches every time. We
+ // simulate it by our own private "True" check.
+ result->append(boost::shared_ptr<Check<Context> >(new True()),
+ acValue);
+ }
+ }
+ return (result);
+ }
+private:
+ // Some type aliases to save typing
+ typedef std::map<std::string, boost::shared_ptr<CheckCreator> > Creators;
+ typedef std::map<std::string, data::ConstElementPtr> Map;
+ typedef std::vector<data::ConstElementPtr> List;
+ // Private members
+ Creators creators_;
+ const Action default_action_;
+ const boost::function1<Action, data::ConstElementPtr> action_loader_;
+ /**
+ * \brief Internal version of loadCheck.
+ *
+ * This is the internal part, shared between load and loadCheck.
+ * \param description The bit of JSON (used in exceptions).
+ * \param map The extracted map describing the check. It does change
+ * the map.
+ */
+ boost::shared_ptr<Check<Context> > loadCheck(const data::ConstElementPtr&
+ description, Map& map)
+ {
+ // Remove the action keyword
+ map.erase("action");
+ // Now, do we have any definition? Or is it and abbreviation?
+ switch (map.size()) {
+ case 0:
+ isc_throw_1(LoaderError, "Check description is empty",
+ description);
+ case 1: {
+ // Get the first and only item
+ const Map::const_iterator checkDesc(map.begin());
+ const std::string& name(checkDesc->first);
+ const typename Creators::const_iterator
+ creatorIt(creators_.find(name));
+ if (creatorIt == creators_.end()) {
+ isc_throw_1(LoaderError, "No creator for ACL check " <<
+ name, description);
+ }
+ if (creatorIt->second->allowListAbbreviation() &&
+ checkDesc->second->getType() == data::Element::list) {
+ isc_throw_1(LoaderError,
+ "Not implemented (OR-abbreviated form)",
+ checkDesc->second);
+ }
+ // Create the check and return it
+ return (creatorIt->second->create(name, checkDesc->second,
+ *this));
+ }
+ default:
+ isc_throw_1(LoaderError,
+ "Not implemented (AND-abbreviated form)",
+ description);
+ }
+ }
+ /**
+ * \brief Check that always matches.
+ *
+ * This one is used internally for ACL elements without condition. We may
+ * want to make this publicly accesible sometime maybe, but for now,
+ * there's no need.
+ */
+ class True : public Check<Context> {
+ public:
+ virtual bool matches(const Context&) const { return (true); };
+ virtual unsigned cost() const { return (1); }
+ // We don't write "true" here, as this one was created using empty
+ // input
+ virtual std::string toText() const { return ""; }
+ };
+};
+
+}
+}
+
+#endif
diff --git a/src/lib/acl/tests/Makefile.am b/src/lib/acl/tests/Makefile.am
index a6e90f7..6ceb2fa 100644
--- a/src/lib/acl/tests/Makefile.am
+++ b/src/lib/acl/tests/Makefile.am
@@ -5,12 +5,16 @@ TESTS =
if HAVE_GTEST
TESTS += run_unittests
run_unittests_SOURCES = run_unittests.cc
-run_unittests_SOURCES += check_test.cc acl_test.cc
+run_unittests_SOURCES += check_test.cc acl_test.cc loader_test.cc
+run_unittests_SOURCES += logcheck.h
run_unittests_CPPFLAGS = $(AM_CPPFLAGS) $(GTEST_INCLUDES)
run_unittests_LDFLAGS = $(AM_LDFLAGS) $(GTEST_LDFLAGS)
run_unittests_LDADD = $(GTEST_LDADD)
run_unittests_LDADD += $(top_builddir)/src/lib/util/unittests/libutil_unittests.la
+run_unittests_LDADD += $(top_builddir)/src/lib/acl/libacl.la
+run_unittests_LDADD += $(top_builddir)/src/lib/cc/libcc.la
+run_unittests_LDADD += $(top_builddir)/src/lib/exceptions/libexceptions.la
endif
noinst_PROGRAMS = $(TESTS)
diff --git a/src/lib/acl/tests/acl_test.cc b/src/lib/acl/tests/acl_test.cc
index 36baff6..5829fe7 100644
--- a/src/lib/acl/tests/acl_test.cc
+++ b/src/lib/acl/tests/acl_test.cc
@@ -12,75 +12,11 @@
// OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
// PERFORMANCE OF THIS SOFTWARE.
-#include <gtest/gtest.h>
-#include <acl/acl.h>
-#include <cassert>
-
-using namespace isc::acl;
-using boost::shared_ptr;
+#include "logcheck.h"
namespace {
-// This is arbitrary guess of size for the log. If it's too small for your
-// test, just make it bigger.
-const size_t LOG_SIZE = 10;
-
-// This will remember which checks did run already.
-struct Log {
- // The actual log cells, if i-th check did run
- mutable bool run[LOG_SIZE];
- Log() {
- // Nothing run yet
- for (size_t i(0); i < LOG_SIZE; ++i) {
- run[i] = false;
- }
- }
- // Checks that the first amount of checks did run and the rest didn't.
- void checkFirst(size_t amount) const {
- ASSERT_LE(amount, LOG_SIZE) << "Wrong test: amount bigger than size "
- "of log";
- {
- SCOPED_TRACE("Checking that the first amount of checks did run");
- for (size_t i(0); i < amount; ++i) {
- EXPECT_TRUE(run[i]) << "Check #" << i << " did not run.";
- }
- }
-
- {
- SCOPED_TRACE("Checking that the rest did not run");
- for (size_t i(amount); i < LOG_SIZE; ++i) {
- EXPECT_FALSE(run[i]) << "Check #" << i << "did run.";
- }
- }
- }
-};
-
-// This returns true or false every time, no matter what is passed to it.
-// But it logs that it did run.
-class ConstCheck : public Check<Log> {
-public:
- ConstCheck(bool accepts, size_t log_num) :
- log_num_(log_num),
- accepts_(accepts)
- {
- assert(log_num < LOG_SIZE); // If this fails, the LOG_SIZE is too small
- }
- /*
- * This use of mutable log context is abuse for testing purposes.
- * It is expected that the context will not be modified in the real
- * applications of ACLs, but we want to know which checks were called
- * and this is an easy way.
- */
- virtual bool matches(const Log& log) const {
- log.run[log_num_] = true;
- return (accepts_);
- }
-private:
- size_t log_num_;
- bool accepts_;
-};
-
-// Test version of the ACL class. It adds few methods to examine the protected
+// Test version of the Acl class. It adds few methods to examine the protected
// data, but does not change the implementation.
class TestACL : public ACL<Log> {
public:
diff --git a/src/lib/acl/tests/loader_test.cc b/src/lib/acl/tests/loader_test.cc
new file mode 100644
index 0000000..92d40a8
--- /dev/null
+++ b/src/lib/acl/tests/loader_test.cc
@@ -0,0 +1,426 @@
+// Copyright (C) 2011 Internet Systems Consortium, Inc. ("ISC")
+//
+// Permission to use, copy, modify, and/or distribute this software for any
+// purpose with or without fee is hereby granted, provided that the above
+// copyright notice and this permission notice appear in all copies.
+//
+// THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+// REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+// AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+// INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+// LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+// OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+// PERFORMANCE OF THIS SOFTWARE.
+
+#include "logcheck.h"
+#include <acl/loader.h>
+#include <string>
+#include <gtest/gtest.h>
+
+using namespace std;
+using namespace boost;
+using isc::data::ConstElementPtr;
+
+namespace {
+
+// Just for convenience, create JSON objects from JSON string
+ConstElementPtr el(const string& JSON) {
+ return (isc::data::Element::fromJSON(JSON));
+}
+
+// We don't use the EXPECT_THROW macro, as it doesn't allow us
+// to examine the exception. We want to check the element is stored
+// there as well.
+void testActionLoaderException(const string& JSON) {
+ SCOPED_TRACE("Should throw with input: " + JSON);
+ ConstElementPtr elem(el(JSON));
+ try {
+ defaultActionLoader(elem);
+ FAIL() << "It did not throw";
+ }
+ catch (const LoaderError& error) {
+ // Yes, comparing for pointer equality, that is enough, it
+ // should return the exact instance of the JSON object
+ EXPECT_EQ(elem, error.element());
+ }
+}
+
+// Test the defaultActionLoader function
+TEST(LoaderHelpers, DefaultActionLoader) {
+ // First the three valid inputs
+ EXPECT_EQ(ACCEPT, defaultActionLoader(el("\"ACCEPT\"")));
+ EXPECT_EQ(REJECT, defaultActionLoader(el("\"REJECT\"")));
+ EXPECT_EQ(DROP, defaultActionLoader(el("\"DROP\"")));
+ // Now few invalid ones
+ // String, but unknown one
+ testActionLoaderException("\"UNKNOWN\"");
+ testActionLoaderException("42");
+ testActionLoaderException("true");
+ testActionLoaderException("null");
+ testActionLoaderException("[]");
+ testActionLoaderException("{}");
+}
+
+// A check that doesn't check anything but remembers it's own name
+// and data
+class NamedCheck : public Check<Log> {
+public:
+ NamedCheck(const string& name, ConstElementPtr data) :
+ name_(name),
+ data_(data)
+ {}
+ virtual bool matches(const Log&) const { return (true); }
+ const string name_;
+ const ConstElementPtr data_;
+};
+
+// The creator of NamedCheck
+class NamedCreator : public Loader<Log>::CheckCreator {
+public:
+ NamedCreator(const string& name, bool abbreviatedList = true) :
+ abbreviated_list_(abbreviatedList)
+ {
+ names_.push_back(name);
+ }
+ NamedCreator(const vector<string>& names) :
+ names_(names),
+ abbreviated_list_(true)
+ {}
+ vector<string> names() const {
+ return (names_);
+ }
+ shared_ptr<Check<Log> > create(const string& name, ConstElementPtr data,
+ const Loader<Log>&)
+ {
+ bool found(false);
+ for (vector<string>::const_iterator i(names_.begin());
+ i != names_.end(); ++i) {
+ if (*i == name) {
+ found = true;
+ break;
+ }
+ }
+ EXPECT_TRUE(found) << "Name " << name << " passed to creator which "
+ "doesn't handle it.";
+ return (shared_ptr<Check<Log> >(new NamedCheck(name, data)));
+ }
+ bool allowListAbbreviation() const {
+ return (abbreviated_list_);
+ }
+private:
+ vector<string> names_;
+ const bool abbreviated_list_;
+};
+
+// To be thrown in tests internally
+class TestCreatorError {};
+
+// This will throw every time it should create something
+class ThrowCreator : public Loader<Log>::CheckCreator {
+public:
+ vector<string> names() const {
+ vector<string> result;
+ result.push_back("throw");
+ return (result);
+ }
+ shared_ptr<Check<Log> > create(const string&, ConstElementPtr,
+ const Loader<Log>&)
+ {
+ throw TestCreatorError();
+ }
+};
+
+// This throws whenever the match is called on it
+class ThrowCheck : public Check<Log> {
+public:
+ virtual bool matches(const Log&) const {
+ throw TestCreatorError();
+ }
+};
+
+// And creator for it
+class ThrowCheckCreator : public Loader<Log>::CheckCreator {
+public:
+ vector<string> names() const {
+ vector<string> result;
+ result.push_back("throwcheck");
+ return (result);
+ }
+ shared_ptr<Check<Log> > create(const string&, ConstElementPtr,
+ const Loader<Log>&)
+ {
+ return (shared_ptr<Check<Log> >(new ThrowCheck()));
+ }
+};
+
+class LogCreator : public Loader<Log>::CheckCreator {
+public:
+ vector<string> names() const {
+ vector<string> result;
+ result.push_back("logcheck");
+ return (result);
+ }
+ /*
+ * For simplicity, we just take two values as a list, first is the
+ * logging cell used, the second is result of the check. No error checking
+ * is done, if there's bug in the test, it will throw TypeError for us.
+ */
+ shared_ptr<Check<Log> > create(const string&, ConstElementPtr definition,
+ const Loader<Log>&)
+ {
+ vector<ConstElementPtr> list(definition->listValue());
+ int logpos(list[0]->intValue());
+ bool accept(list[1]->boolValue());
+ return (shared_ptr<ConstCheck>(new ConstCheck(accept, logpos)));
+ }
+ // We take a list, so don't interpret it for us
+ virtual bool allowListAbbreviation() const { return (false); }
+};
+
+class LoaderTest : public ::testing::Test {
+public:
+ LoaderTest() :
+ loader_(REJECT)
+ {}
+ Loader<Log> loader_;
+ Log log_;
+ // Some convenience functions to set up
+
+ // Create a NamedCreator, convert to shared pointer
+ shared_ptr<NamedCreator> namedCreator(const string& name,
+ bool abbreviatedList = true)
+ {
+ return (shared_ptr<NamedCreator>(new NamedCreator(name,
+ abbreviatedList)));
+ }
+ // Create and add a NamedCreator
+ void addNamed(const string& name, bool abbreviatedList = true) {
+ EXPECT_NO_THROW(loader_.registerCreator(
+ namedCreator(name, abbreviatedList)));
+ }
+ // Load a check and convert it to named check to examine it
+ shared_ptr<NamedCheck> loadCheck(const string& definition) {
+ SCOPED_TRACE("Loading check " + definition);
+ shared_ptr<Check<Log> > loaded;
+ EXPECT_NO_THROW(loaded = loader_.loadCheck(el(definition)));
+ shared_ptr<NamedCheck> result(dynamic_pointer_cast<NamedCheck>(
+ loaded));
+ EXPECT_TRUE(result);
+ return (result);
+ }
+ // The loadCheck throws an exception
+ void checkException(const string& JSON) {
+ SCOPED_TRACE("Loading check exception: " + JSON);
+ ConstElementPtr input(el(JSON));
+ // Not using EXPECT_THROW, we want to examine the exception
+ try {
+ loader_.loadCheck(input);
+ FAIL() << "Should have thrown";
+ }
+ catch (const LoaderError& e) {
+ // It should be identical copy, so checking pointers
+ EXPECT_EQ(input, e.element());
+ }
+ }
+ // Insert the throw, throwcheck and logcheck checks into the loader
+ void aclSetup() {
+ try {
+ loader_.registerCreator(shared_ptr<ThrowCreator>(new
+ ThrowCreator()));
+ loader_.registerCreator(shared_ptr<ThrowCheckCreator>(
+ new ThrowCheckCreator()));
+ loader_.registerCreator(shared_ptr<LogCreator>(new LogCreator()));
+ }
+ // We ignore this exception here, because it happens when we try to
+ // insert the creators multiple times. This is harmless.
+ catch (const LoaderError&) {}
+ }
+ // Create an ACL, run it, check it's result and how many first
+ // log items it marked
+ //
+ // Works with preset names throw and logcheck
+ void aclRun(const string& JSON, BasicAction expectedResult,
+ size_t logged)
+ {
+ SCOPED_TRACE("Running ACL for " + JSON);
+ aclSetup();
+ shared_ptr<ACL<Log> > acl;
+ EXPECT_NO_THROW(acl = loader_.load(el(JSON)));
+ EXPECT_EQ(expectedResult, acl->execute(log_));
+ log_.checkFirst(logged);
+ }
+ // Check it throws an error when creating the ACL
+ void aclException(const string& JSON) {
+ SCOPED_TRACE("Trying to load bad " + JSON);
+ aclSetup();
+ EXPECT_THROW(loader_.load(el(JSON)), LoaderError);
+ }
+};
+
+// Test that it does not accept duplicate creator
+TEST_F(LoaderTest, CreatorDuplicity) {
+ addNamed("name");
+ EXPECT_THROW(loader_.registerCreator(namedCreator("name")), LoaderError);
+}
+
+// Test that when it does not accept a duplicate, nothing is inserted
+TEST_F(LoaderTest, CreatorDuplicateUnchanged) {
+ addNamed("name1");
+ vector<string> names;
+ names.push_back("name2");
+ names.push_back("name1");
+ names.push_back("name3");
+ EXPECT_THROW(loader_.registerCreator(
+ shared_ptr<NamedCreator>(new NamedCreator(names))), LoaderError);
+ // It should now reject both name2 and name3 as not known
+ checkException("{\"name2\": null}");
+ checkException("{\"name3\": null}");
+}
+
+// Test that we can register a creator and load a check with the name
+TEST_F(LoaderTest, SimpleCheckLoad) {
+ addNamed("name");
+ shared_ptr<NamedCheck> check(loadCheck("{\"name\": 42}"));
+ EXPECT_EQ("name", check->name_);
+ EXPECT_TRUE(check->data_->equals(*el("42")));
+}
+
+// As above, but there are multiple creators registered within the loader
+TEST_F(LoaderTest, MultiCreatorCheckLoad) {
+ addNamed("name1");
+ addNamed("name2");
+ shared_ptr<NamedCheck> check(loadCheck("{\"name2\": 42}"));
+ EXPECT_EQ("name2", check->name_);
+ EXPECT_TRUE(check->data_->equals(*el("42")));
+}
+
+// Similar to above, but there's a creator with multiple names
+TEST_F(LoaderTest, MultiNameCheckLoad) {
+ addNamed("name1");
+ vector<string> names;
+ names.push_back("name2");
+ names.push_back("name3");
+ EXPECT_NO_THROW(loader_.registerCreator(shared_ptr<NamedCreator>(
+ new NamedCreator(names))));
+ shared_ptr<NamedCheck> check(loadCheck("{\"name3\": 42}"));
+ EXPECT_EQ("name3", check->name_);
+ EXPECT_TRUE(check->data_->equals(*el("42")));
+}
+
+// Invalid format is rejected
+TEST_F(LoaderTest, InvalidFormatCheck) {
+ checkException("[]");
+ checkException("42");
+ checkException("\"hello\"");
+ checkException("null");
+}
+
+// Empty check is rejected
+TEST_F(LoaderTest, EmptyCheck) {
+ checkException("{}");
+}
+
+// The name isn't known
+TEST_F(LoaderTest, UnkownName) {
+ checkException("{\"unknown\": null}");
+}
+
+// Exception from the creator is propagated
+TEST_F(LoaderTest, CheckPropagate) {
+ loader_.registerCreator(shared_ptr<ThrowCreator>(new ThrowCreator()));
+ EXPECT_THROW(loader_.loadCheck(el("{\"throw\": null}")), TestCreatorError);
+}
+
+// The abbreviated form is not yet implemented
+// (we need the operators to be implemented)
+TEST_F(LoaderTest, AndAbbrev) {
+ addNamed("name1");
+ addNamed("name2");
+ EXPECT_THROW(loader_.loadCheck(el("{\"name1\": 1, \"name2\": 2}")),
+ LoaderError);
+}
+
+TEST_F(LoaderTest, OrAbbrev) {
+ addNamed("name1");
+ EXPECT_THROW(loader_.loadCheck(el("{\"name1\": [1, 2]}")),
+ LoaderError);
+}
+
+// But this is not abbreviated form, this should be passed directly to the
+// creator
+TEST_F(LoaderTest, ListCheck) {
+ addNamed("name1", false);
+ shared_ptr<NamedCheck> check(loadCheck("{\"name1\": [1, 2]}"));
+ EXPECT_EQ("name1", check->name_);
+ EXPECT_TRUE(check->data_->equals(*el("[1, 2]")));
+}
+
+// Check the action key is ignored as it should be
+TEST_F(LoaderTest, CheckNoAction) {
+ addNamed("name1");
+ shared_ptr<NamedCheck> check(loadCheck("{\"name1\": 1, \"action\": 2}"));
+ EXPECT_EQ("name1", check->name_);
+ EXPECT_TRUE(check->data_->equals(*el("1")));
+}
+
+// The empty ACL can be created and run, providing the default action
+TEST_F(LoaderTest, EmptyACL) {
+ aclRun("[]", REJECT, 0);
+}
+
+// We can create a simple ACL, which will return the correct default
+// action
+TEST_F(LoaderTest, NoMatchACL) {
+ aclRun("[{\"logcheck\": [0, false], \"action\": \"ACCEPT\"}]",
+ REJECT, 1);
+}
+
+// We can created more complicated ACL, it will match at the second
+// check
+TEST_F(LoaderTest, MatchACL) {
+ aclRun("["
+ " {\"logcheck\": [0, false], \"action\": \"DROP\"},"
+ " {\"logcheck\": [1, true], \"action\": \"ACCEPT\"}"
+ "]", ACCEPT, 2);
+}
+
+// ACL without a check (matches unconditionally)
+// We add another one check after it, to make sure it is really not run
+TEST_F(LoaderTest, NoCheckACL) {
+ aclRun("["
+ " {\"action\": \"DROP\"},"
+ " {\"throwcheck\": 1, \"action\": \"ACCEPT\"}"
+ "]", DROP, 0);
+}
+
+// Malformed things are rejected
+TEST_F(LoaderTest, InvalidACLFormat) {
+ // Not a list
+ aclException("{}");
+ aclException("42");
+ aclException("true");
+ aclException("null");
+ aclException("\"hello\"");
+ // Malformed element
+ aclException("[42]");
+ aclException("[\"hello\"]");
+ aclException("[[]]");
+ aclException("[true]");
+ aclException("[null]");
+}
+
+// If there's no action keyword, it is rejected
+TEST_F(LoaderTest, NoAction) {
+ aclException("[{}]");
+ aclException("[{\"logcheck\": [0, true]}]");
+}
+
+// Exceptions from check creation is propagated
+TEST_F(LoaderTest, ACLPropagate) {
+ aclSetup();
+ EXPECT_THROW(loader_.load(el("[{\"action\": \"ACCEPT\", \"throw\": 1}]")),
+ TestCreatorError);
+
+}
+
+}
diff --git a/src/lib/acl/tests/logcheck.h b/src/lib/acl/tests/logcheck.h
new file mode 100644
index 0000000..c5e1bb1
--- /dev/null
+++ b/src/lib/acl/tests/logcheck.h
@@ -0,0 +1,86 @@
+// Copyright (C) 2011 Internet Systems Consortium, Inc. ("ISC")
+//
+// Permission to use, copy, modify, and/or distribute this software for any
+// purpose with or without fee is hereby granted, provided that the above
+// copyright notice and this permission notice appear in all copies.
+//
+// THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+// REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+// AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+// INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+// LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+// OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+// PERFORMANCE OF THIS SOFTWARE.
+
+#include <gtest/gtest.h>
+#include <acl/acl.h>
+#include <cassert>
+
+// This is not a public header, it is used only inside the tests. Therefore
+// we lower the standards a bit and use anonymous namespace in the header
+// and "using", just for convenience. This is just to share little bit of code
+// between multiple tests.
+using namespace isc::acl;
+using boost::shared_ptr;
+
+namespace {
+
+// This is arbitrary guess of size for the log. If it's too small for your
+// test, just make it bigger.
+const size_t LOG_SIZE = 10;
+
+// This will remember which checks did run already.
+struct Log {
+ // The actual log cells, if i-th check did run
+ mutable bool run[LOG_SIZE];
+ Log() {
+ // Nothing run yet
+ for (size_t i(0); i < LOG_SIZE; ++ i) {
+ run[i] = false;
+ }
+ }
+ // Checks that the first amount of checks did run and the rest didn't.
+ void checkFirst(size_t amount) const {
+ ASSERT_LE(amount, LOG_SIZE) << "Wrong test: amount bigger than size "
+ "of log";
+ {
+ SCOPED_TRACE("Checking that the first amount of checks did run");
+ for (size_t i(0); i < amount; ++ i) {
+ EXPECT_TRUE(run[i]) << "Check #" << i << " did not run.";
+ }
+ }
+
+ {
+ SCOPED_TRACE("Checking that the rest did not run");
+ for (size_t i(amount); i < LOG_SIZE; ++ i) {
+ EXPECT_FALSE(run[i]) << "Check #" << i << "did run.";
+ }
+ }
+ }
+};
+
+// This returns true or false every time, no matter what is passed to it.
+// But it logs that it did run.
+class ConstCheck : public Check<Log> {
+public:
+ ConstCheck(bool accepts, size_t logNum) :
+ logNum_(logNum),
+ accepts_(accepts)
+ {
+ assert(logNum < LOG_SIZE); // If this fails, the LOG_SIZE is too small
+ }
+ virtual bool matches(const Log& log) const {
+ /*
+ * This is abuse of the context. It is designed to carry the
+ * information to check, not to modify it. However, this is the
+ * easiest way to do the test, so we go against the design.
+ */
+ log.run[logNum_] = true;
+ return (accepts_);
+ }
+private:
+ size_t logNum_;
+ bool accepts_;
+};
+
+}
diff --git a/src/lib/asiodns/asiodef.mes b/src/lib/asiodns/asiodef.mes
index 3f2e80c..4f4090d 100644
--- a/src/lib/asiodns/asiodef.mes
+++ b/src/lib/asiodns/asiodef.mes
@@ -16,7 +16,7 @@ $PREFIX ASIODNS_
$NAMESPACE isc::asiodns
% FETCHCOMP upstream fetch to %1(%2) has now completed
-A debug message, this records the the upstream fetch (a query made by the
+A debug message, this records that the upstream fetch (a query made by the
resolver on behalf of its client) to the specified address has completed.
% FETCHSTOP upstream fetch to %1(%2) has been stopped
@@ -27,12 +27,12 @@ enabled.
% OPENSOCK error %1 opening %2 socket to %3(%4)
The asynchronous I/O code encountered an error when trying to open a socket
of the specified protocol in order to send a message to the target address.
-The the number of the system error that cause the problem is given in the
+The number of the system error that cause the problem is given in the
message.
% RECVSOCK error %1 reading %2 data from %3(%4)
-The asynchronous I/O code encountered an error when trying read data from
-the specified address on the given protocol. The the number of the system
+The asynchronous I/O code encountered an error when trying to read data from
+the specified address on the given protocol. The number of the system
error that cause the problem is given in the message.
% SENDSOCK error %1 sending data using %2 to %3(%4)
diff --git a/src/lib/config/ccsession.cc b/src/lib/config/ccsession.cc
index 857de63..dd2be3d 100644
--- a/src/lib/config/ccsession.cc
+++ b/src/lib/config/ccsession.cc
@@ -247,7 +247,9 @@ readLoggersConf(std::vector<isc::log::LoggerSpecification>& specs,
} // end anonymous namespace
void
-my_logconfig_handler(const std::string&n, ConstElementPtr new_config, const ConfigData& config_data) {
+default_logconfig_handler(const std::string& module_name,
+ ConstElementPtr new_config,
+ const ConfigData& config_data) {
config_data.getModuleSpec().validateConfig(new_config, true);
std::vector<isc::log::LoggerSpecification> specs;
@@ -353,7 +355,7 @@ ModuleCCSession::ModuleCCSession(
// Keep track of logging settings automatically
if (handle_logging) {
- addRemoteConfig("Logging", my_logconfig_handler, false);
+ addRemoteConfig("Logging", default_logconfig_handler, false);
}
if (start_immediately) {
diff --git a/src/lib/config/ccsession.h b/src/lib/config/ccsession.h
index 53aab78..0d4b7f3 100644
--- a/src/lib/config/ccsession.h
+++ b/src/lib/config/ccsession.h
@@ -354,6 +354,25 @@ private:
ModuleSpec fetchRemoteSpec(const std::string& module, bool is_filename);
};
+/// \brief Default handler for logging config updates
+///
+/// When CCSession is initialized with handle_logging set to true,
+/// this callback will be used to update the logger when a configuration
+/// change comes in.
+///
+/// This function updates the (global) loggers by initializing a
+/// LoggerManager and passing the settings as specified in the given
+/// configuration update.
+///
+/// \param module_name The name of the module
+/// \param new_config The modified configuration values
+/// \param config_data The full config data for the (remote) logging
+/// module.
+void
+default_logconfig_handler(const std::string& module_name,
+ isc::data::ConstElementPtr new_config,
+ const ConfigData& config_data);
+
}
}
#endif // __CCSESSION_H
diff --git a/src/lib/datasrc/messagedef.mes b/src/lib/datasrc/messagedef.mes
index 0374306..dedd2ad 100644
--- a/src/lib/datasrc/messagedef.mes
+++ b/src/lib/datasrc/messagedef.mes
@@ -88,13 +88,13 @@ and put it into the additional section.
Debug information. The domain is a CNAME (or a DNAME and we created a CNAME
for it already), so it's being followed.
-% QUERY_EMPTY_CNAME cNAME at '%1' is empty
+% QUERY_EMPTY_CNAME CNAME at '%1' is empty
There was an CNAME and it was being followed. But it contains no records,
so there's nowhere to go. There will be no answer. This indicates a problem
with supplied data.
We tried to follow
-% QUERY_TOO_MANY_CNAMES cNAME chain limit exceeded at '%1'
+% QUERY_TOO_MANY_CNAMES CNAME chain limit exceeded at '%1'
A CNAME led to another CNAME and it led to another, and so on. After 16
CNAMEs, the software gave up. Long CNAME chains are discouraged, and this
might possibly be a loop as well. Note that some of the CNAMEs might have
@@ -283,9 +283,9 @@ some other data. But the protocol forbids coexistence of CNAME with anything
% MEM_CNAME_COEXIST can't add data to CNAME in domain '%1'
This is the same problem as in MEM_CNAME_TO_NONEMPTY, but it happened the
-other way around -- adding some outher data to CNAME.
+other way around -- adding some other data to CNAME.
-% MEM_DNAME_NS dNAME and NS can't coexist in non-apex domain '%1'
+% MEM_DNAME_NS DNAME and NS can't coexist in non-apex domain '%1'
It was requested for DNAME and NS records to be put into the same domain
which is not the apex (the top of the zone). This is forbidden by RFC
2672, section 3. This indicates a problem with provided data.
@@ -299,13 +299,13 @@ It was attempted to add the domain into a zone that shouldn't have it
(eg. the domain is not subdomain of the zone origin). This indicates a
problem with provided data.
-% MEM_WILDCARD_NS nS record in wildcard domain '%1'
+% MEM_WILDCARD_NS NS record in wildcard domain '%1'
The software refuses to load NS records into a wildcard domain. It isn't
explicitly forbidden, but the protocol is ambiguous about how this should
behave and BIND 9 refuses that as well. Please describe your intention using
different tools.
-% MEM_WILDCARD_DNAME dNAME record in wildcard domain '%1'
+% MEM_WILDCARD_DNAME DNAME record in wildcard domain '%1'
The software refuses to load DNAME records into a wildcard domain. It isn't
explicitly forbidden, but the protocol is ambiguous about how this should
behave and BIND 9 refuses that as well. Please describe your intention using
@@ -421,11 +421,11 @@ Debug information. The SQLite data source is looking up records of given name
and type in the database.
% SQLITE_ENCLOSURE looking for zone containing '%1'
-Debug information. The SQLite data source is trying to identify, which zone
+Debug information. The SQLite data source is trying to identify which zone
should hold this domain.
% SQLITE_ENCLOSURE_NOTFOUND no zone contains it
-Debug information. The last SQLITE_ENCLOSURE query was unsuccessful, there's
+Debug information. The last SQLITE_ENCLOSURE query was unsuccessful; there's
no such zone in our data.
% SQLITE_PREVIOUS looking for name previous to '%1'
@@ -472,13 +472,13 @@ Debug information. The SQLite data source is identifying if this domain is
a referral and where it goes.
% SQLITE_FINDREF_BAD_CLASS class mismatch looking for referral ('%1' and '%2')
-The SQLite data source was trying to identify, if there's a referral. But
+The SQLite data source was trying to identify if there's a referral. But
it contains different class than the query was for.
-% SQLITE_CREATE sQLite data source created
+% SQLITE_CREATE SQLite data source created
Debug information. An instance of SQLite data source is being created.
-% SQLITE_DESTROY sQLite data source destroyed
+% SQLITE_DESTROY SQLite data source destroyed
Debug information. An instance of SQLite data source is being destroyed.
% SQLITE_SETUP setting up SQLite database
diff --git a/src/lib/exceptions/exceptions.h b/src/lib/exceptions/exceptions.h
index a42037b..d0f1d74 100644
--- a/src/lib/exceptions/exceptions.h
+++ b/src/lib/exceptions/exceptions.h
@@ -163,6 +163,17 @@ public:
oss__ << stream; \
throw type(__FILE__, __LINE__, oss__.str().c_str()); \
} while (1)
+
+///
+/// Similar as isc_throw, but allows the exception to have one additional
+/// parameter (the stream/text goes first)
+#define isc_throw_1(type, stream, param1) \
+ do { \
+ std::ostringstream oss__; \
+ oss__ << stream; \
+ throw type(__FILE__, __LINE__, oss__.str().c_str(), param1); \
+ } while (1)
+
}
#endif // __EXCEPTIONS_H
diff --git a/src/lib/python/isc/config/ccsession.py b/src/lib/python/isc/config/ccsession.py
index 84809f1..0869160 100644
--- a/src/lib/python/isc/config/ccsession.py
+++ b/src/lib/python/isc/config/ccsession.py
@@ -39,6 +39,10 @@
from isc.cc import Session
from isc.config.config_data import ConfigData, MultiConfigData, BIND10_CONFIG_DATA_VERSION
import isc
+from isc.util.file import path_search
+import bind10_config
+from isc.log import log_config_update
+import json
class ModuleCCSessionError(Exception): pass
@@ -116,6 +120,18 @@ def create_command(command_name, params = None):
msg = { 'command': cmd }
return msg
+def default_logconfig_handler(new_config, config_data):
+ errors = []
+
+ if config_data.get_module_spec().validate_config(False, new_config, errors):
+ isc.log.log_config_update(json.dumps(new_config),
+ json.dumps(config_data.get_module_spec().get_full_spec()))
+ else:
+ # no logging here yet, TODO: log these errors
+ print("Error in logging configuration, ignoring config update: ")
+ for err in errors:
+ print(err)
+
class ModuleCCSession(ConfigData):
"""This class maintains a connection to the command channel, as
well as configuration options for modules. The module provides
@@ -126,7 +142,7 @@ class ModuleCCSession(ConfigData):
callbacks are called when 'check_command' is called on the
ModuleCCSession"""
- def __init__(self, spec_file_name, config_handler, command_handler, cc_session = None):
+ def __init__(self, spec_file_name, config_handler, command_handler, cc_session = None, handle_logging_config = False):
"""Initialize a ModuleCCSession. This does *NOT* send the
specification and request the configuration yet. Use start()
for that once the ModuleCCSession has been initialized.
@@ -149,6 +165,11 @@ class ModuleCCSession(ConfigData):
self._session.group_subscribe(self._module_name, "*")
self._remote_module_configs = {}
+ self._remote_module_callbacks = {}
+
+ if handle_logging_config:
+ self.add_remote_config(path_search('logging.spec', bind10_config.PLUGIN_PATHS),
+ default_logconfig_handler)
def __del__(self):
# If the CC Session obejct has been closed, it returns
@@ -218,6 +239,9 @@ class ModuleCCSession(ConfigData):
newc = self._remote_module_configs[module_name].get_local_config()
isc.cc.data.merge(newc, new_config)
self._remote_module_configs[module_name].set_local_config(newc)
+ if self._remote_module_callbacks[module_name] != None:
+ self._remote_module_callbacks[module_name](new_config,
+ self._remote_module_configs[module_name])
# For other modules, we're not supposed to answer
return
@@ -260,7 +284,7 @@ class ModuleCCSession(ConfigData):
and return an answer created with create_answer()"""
self._command_handler = command_handler
- def add_remote_config(self, spec_file_name):
+ def add_remote_config(self, spec_file_name, config_update_callback = None):
"""Gives access to the configuration of a different module.
These remote module options can at this moment only be
accessed through get_remote_config_value(). This function
@@ -289,9 +313,12 @@ class ModuleCCSession(ConfigData):
if rcode == 0:
if value != None and module_spec.validate_config(False, value):
module_cfg.set_local_config(value);
+ if config_update_callback is not None:
+ config_update_callback(value, module_cfg)
# all done, add it
self._remote_module_configs[module_name] = module_cfg
+ self._remote_module_callbacks[module_name] = config_update_callback
return module_name
def remove_remote_config(self, module_name):
@@ -299,6 +326,7 @@ class ModuleCCSession(ConfigData):
if module_name in self._remote_module_configs:
self._session.group_unsubscribe(module_name)
del self._remote_module_configs[module_name]
+ del self._remote_module_callbacks[module_name]
def get_remote_config_value(self, module_name, identifier):
"""Returns the current setting for the given identifier at the
diff --git a/src/lib/python/isc/config/tests/Makefile.am b/src/lib/python/isc/config/tests/Makefile.am
index 60da781..3a1abe7 100644
--- a/src/lib/python/isc/config/tests/Makefile.am
+++ b/src/lib/python/isc/config/tests/Makefile.am
@@ -14,6 +14,7 @@ endif
for pytest in $(PYTESTS) ; do \
echo Running test: $$pytest ; \
env PYTHONPATH=$(abs_top_srcdir)/src/lib/python:$(abs_top_builddir)/src/lib/python \
+ B10_TEST_PLUGIN_DIR=$(abs_top_srcdir)/src/bin/cfgmgr/plugins \
CONFIG_TESTDATA_PATH=$(abs_top_srcdir)/src/lib/config/tests/testdata \
CONFIG_WR_TESTDATA_PATH=$(abs_top_builddir)/src/lib/config/tests/testdata \
$(PYCOVERAGE_RUN) $(abs_srcdir)/$$pytest || exit ; \
diff --git a/src/lib/python/isc/config/tests/ccsession_test.py b/src/lib/python/isc/config/tests/ccsession_test.py
index a0cafd6..830cbd7 100644
--- a/src/lib/python/isc/config/tests/ccsession_test.py
+++ b/src/lib/python/isc/config/tests/ccsession_test.py
@@ -22,6 +22,7 @@ import os
from isc.config.ccsession import *
from isc.config.config_data import BIND10_CONFIG_DATA_VERSION
from unittest_fakesession import FakeModuleCCSession, WouldBlockForever
+import bind10_config
class TestHelperFunctions(unittest.TestCase):
def test_parse_answer(self):
@@ -604,7 +605,43 @@ class TestModuleCCSession(unittest.TestCase):
self.assertEqual(len(fake_session.message_queue), 1)
mccs.check_command()
self.assertEqual(len(fake_session.message_queue), 0)
-
+
+ def test_logconfig_handler(self):
+ # test whether default_logconfig_handler reacts nicely to
+ # bad data. We assume the actual logger output is tested
+ # elsewhere
+ self.assertRaises(TypeError, default_logconfig_handler);
+ self.assertRaises(TypeError, default_logconfig_handler, 1);
+
+ spec = isc.config.module_spec_from_file(
+ path_search('logging.spec', bind10_config.PLUGIN_PATHS))
+ config_data = ConfigData(spec)
+
+ self.assertRaises(TypeError, default_logconfig_handler, 1, config_data)
+
+ default_logconfig_handler({}, config_data)
+
+ # Wrong data should not raise, but simply not be accepted
+ # This would log a lot of errors, so we may want to suppress that later
+ default_logconfig_handler({ "bad_data": "indeed" }, config_data)
+ default_logconfig_handler({ "bad_data": 1}, config_data)
+ default_logconfig_handler({ "bad_data": 1123 }, config_data)
+ default_logconfig_handler({ "bad_data": True }, config_data)
+ default_logconfig_handler({ "bad_data": False }, config_data)
+ default_logconfig_handler({ "bad_data": 1.1 }, config_data)
+ default_logconfig_handler({ "bad_data": [] }, config_data)
+ default_logconfig_handler({ "bad_data": [[],[],[[1, 3, False, "foo" ]]] },
+ config_data)
+ default_logconfig_handler({ "bad_data": [ 1, 2, { "b": { "c": "d" } } ] },
+ config_data)
+
+ # Try a correct config
+ log_conf = {"loggers":
+ [{"name": "b10-xfrout", "output_options":
+ [{"output": "/tmp/bind10.log",
+ "destination": "file",
+ "flush": True}]}]}
+ default_logconfig_handler(log_conf, config_data)
class fakeData:
def decode(self):
diff --git a/src/lib/python/isc/log/Makefile.am b/src/lib/python/isc/log/Makefile.am
index 26735e7..b228caf 100644
--- a/src/lib/python/isc/log/Makefile.am
+++ b/src/lib/python/isc/log/Makefile.am
@@ -15,6 +15,9 @@ log_la_CXXFLAGS = $(AM_CXXFLAGS) $(PYTHON_CXXFLAGS)
log_la_LDFLAGS = $(PYTHON_LDFLAGS)
log_la_LDFLAGS += -module
log_la_LIBADD = $(top_builddir)/src/lib/log/liblog.la
+log_la_LIBADD += $(top_builddir)/src/lib/cc/libcc.la
+log_la_LIBADD += $(top_builddir)/src/lib/config/libcfgclient.la
+log_la_LIBADD += $(top_builddir)/src/lib/exceptions/libexceptions.la
log_la_LIBADD += $(PYTHON_LIB)
# This is not installed, it helps locate the module during tests
diff --git a/src/lib/python/isc/log/__init__.py b/src/lib/python/isc/log/__init__.py
index ad77dff..596d71c 100644
--- a/src/lib/python/isc/log/__init__.py
+++ b/src/lib/python/isc/log/__init__.py
@@ -23,7 +23,14 @@
# Should we look there? Or define something in bind10_config?
import os
+import sys
+
cwd = os.getcwd()
-pos = cwd.rfind('/src/')
-import sys; sys.path.insert(0, cwd[:pos] + '/src/lib/python/isc/log/.libs')
+base = os.path.split(cwd)[0]
+
+for base in sys.path:
+ loglibdir = os.path.join(base, 'isc/log/.libs')
+ if os.path.exists(loglibdir):
+ sys.path.append(loglibdir)
+
from log import *
diff --git a/src/lib/python/isc/log/log.cc b/src/lib/python/isc/log/log.cc
index b29c005..a671b4b 100644
--- a/src/lib/python/isc/log/log.cc
+++ b/src/lib/python/isc/log/log.cc
@@ -22,6 +22,8 @@
#include <log/logger_manager.h>
#include <log/logger.h>
+#include <config/ccsession.h>
+
#include <string>
#include <boost/bind.hpp>
@@ -49,6 +51,14 @@ namespace {
// NULL and will use the global dictionary.
MessageDictionary* testDictionary = NULL;
+// To propagate python exceptions trough our code
+// This exception is used to signal to the calling function that a
+// proper Python Exception has already been set, and the caller
+// should now return NULL.
+// Since it is only used internally, and should not pass any
+// information itself, is is not derived from std::exception
+class InternalError {};
+
PyObject*
setTestDictionary(PyObject*, PyObject* args) {
PyObject* enableO;
@@ -177,6 +187,47 @@ init(PyObject*, PyObject* args) {
Py_RETURN_NONE;
}
+PyObject*
+logConfigUpdate(PyObject*, PyObject* args) {
+ // we have no wrappers for ElementPtr and ConfigData,
+ // So we expect JSON strings and convert them.
+ // The new_config object is assumed to have been validated.
+
+ const char* new_config_json;
+ const char* mod_spec_json;
+ if (!PyArg_ParseTuple(args, "ss",
+ &new_config_json, &mod_spec_json)) {
+ return (NULL);
+ }
+
+ try {
+ isc::data::ConstElementPtr new_config =
+ isc::data::Element::fromJSON(new_config_json);
+ isc::data::ConstElementPtr mod_spec_e =
+ isc::data::Element::fromJSON(mod_spec_json);
+ isc::config::ModuleSpec mod_spec(mod_spec_e);
+ isc::config::ConfigData config_data(mod_spec);
+ isc::config::default_logconfig_handler("logging", new_config,
+ config_data);
+
+ Py_RETURN_NONE;
+ } catch (const isc::data::JSONError& je) {
+ std::string error_msg = std::string("JSON format error: ") + je.what();
+ PyErr_SetString(PyExc_TypeError, error_msg.c_str());
+ } catch (const isc::data::TypeError& de) {
+ PyErr_SetString(PyExc_TypeError, "argument 1 of log_config_update "
+ "is not a map of config data");
+ } catch (const isc::config::ModuleSpecError& mse) {
+ PyErr_SetString(PyExc_TypeError, "argument 2 of log_config_update "
+ "is not a correct module specification");
+ } catch (const std::exception& e) {
+ PyErr_SetString(PyExc_RuntimeError, e.what());
+ } catch (...) {
+ PyErr_SetString(PyExc_RuntimeError, "Unknown C++ exception");
+ }
+ return (NULL);
+}
+
PyMethodDef methods[] = {
{"set_test_dictionary", setTestDictionary, METH_VARARGS,
"Set or unset testing mode for message dictionary. In testing, "
@@ -198,6 +249,19 @@ PyMethodDef methods[] = {
"logging severity (one of 'DEBUG', 'INFO', 'WARN', 'ERROR' or "
"'FATAL'), a debug level (integer in the range 0-99) and a file name "
"of a dictionary with message text translations."},
+ {"log_config_update", logConfigUpdate, METH_VARARGS,
+ "Update logger settings. This method is automatically used when "
+ "ModuleCCSession is initialized with handle_logging_config set "
+ "to True. When called, the first argument is the new logging "
+ "configuration (in JSON format). The second argument is "
+ "the raw specification (as returned from "
+ "ConfigData.get_module_spec().get_full_spec(), and converted to "
+ "JSON format).\n"
+ "Raises a TypeError if either argument is not a (correct) JSON "
+ "string, or if the spec is not a correct spec.\n"
+ "If this call succeeds, the global logger settings have "
+ "been updated."
+ },
{NULL, NULL, 0, NULL}
};
diff --git a/src/lib/python/isc/log/tests/Makefile.am b/src/lib/python/isc/log/tests/Makefile.am
index 0eacbb1..b6b6b19 100644
--- a/src/lib/python/isc/log/tests/Makefile.am
+++ b/src/lib/python/isc/log/tests/Makefile.am
@@ -23,5 +23,6 @@ endif
echo Running test: $$pytest ; \
$(LIBRARY_PATH_PLACEHOLDER) \
env PYTHONPATH=$(abs_top_srcdir)/src/lib/python:$(abs_top_builddir)/src/lib/python:$(abs_top_builddir)/src/lib/python/isc/log:$(abs_top_builddir)/src/lib/log/python/.libs \
+ B10_TEST_PLUGIN_DIR=$(abs_top_srcdir)/src/bin/cfgmgr/plugins \
$(PYCOVERAGE_RUN) $(abs_srcdir)/$$pytest || exit ; \
done
diff --git a/src/lib/python/isc/log/tests/log_test.py b/src/lib/python/isc/log/tests/log_test.py
index a463d59..4292b6c 100644
--- a/src/lib/python/isc/log/tests/log_test.py
+++ b/src/lib/python/isc/log/tests/log_test.py
@@ -16,6 +16,9 @@
# This tests it can be loaded, nothing more yet
import isc.log
import unittest
+import json
+import bind10_config
+from isc.config.ccsession import path_search
class LogDict(unittest.TestCase):
def setUp(self):
@@ -52,6 +55,33 @@ class Manager(unittest.TestCase):
# ignore errors like missing file?
isc.log.init("root", "INFO", 0, "/no/such/file");
+ def test_log_config_update(self):
+ log_spec = json.dumps(isc.config.module_spec_from_file(path_search('logging.spec', bind10_config.PLUGIN_PATHS)).get_full_spec())
+
+ self.assertRaises(TypeError, isc.log.log_config_update)
+ self.assertRaises(TypeError, isc.log.log_config_update, 1)
+ self.assertRaises(TypeError, isc.log.log_config_update, 1, 1)
+ self.assertRaises(TypeError, isc.log.log_config_update, 1, 1, 1)
+
+ self.assertRaises(TypeError, isc.log.log_config_update, 1, log_spec)
+ self.assertRaises(TypeError, isc.log.log_config_update, [], log_spec)
+ self.assertRaises(TypeError, isc.log.log_config_update, "foo", log_spec)
+ self.assertRaises(TypeError, isc.log.log_config_update, "{ '", log_spec)
+
+ # empty should pass
+ isc.log.log_config_update("{}", log_spec)
+
+ # bad spec
+ self.assertRaises(TypeError, isc.log.log_config_update, "{}", json.dumps({"foo": "bar"}))
+
+ # Try a correct one
+ log_conf = json.dumps({"loggers":
+ [{"name": "b10-xfrout", "output_options":
+ [{"output": "/tmp/bind10.log",
+ "destination": "file",
+ "flush": True}]}]})
+ isc.log.log_config_update(log_conf, log_spec)
+
class Logger(unittest.TestCase):
def tearDown(self):
isc.log.reset()
More information about the bind10-changes
mailing list