BIND 10 master, updated. 411a806a41666b522ed35552588789d114cc1390 [master] update changelog
BIND 10 source code commits
bind10-changes at lists.isc.org
Tue Nov 22 11:01:05 UTC 2011
The branch, master has been updated
via 411a806a41666b522ed35552588789d114cc1390 (commit)
via ab3f90da16d31fc6833d869686e07729d9b8c135 (commit)
via 3ff33cfedcca0cd1acb80a5cf2651f89403a82a9 (commit)
via cf297878998c80018ba9523a53ae4947fc7e6a5e (commit)
via 52f4e6faf56afb5c0432f88d5b1528090530c62e (commit)
via 33a956b09f22597d91929b22542913412757e279 (commit)
via 1b3e21e08311d84d649a2780471e9a8b46143dca (commit)
from 710e8207090f894b14eaa9834a9c6cd551ea950d (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 411a806a41666b522ed35552588789d114cc1390
Author: Jelte Jansen <jelte at isc.org>
Date: Tue Nov 22 12:00:51 2011 +0100
[master] update changelog
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 5 +
src/bin/auth/auth_srv.cc | 19 ++--
src/bin/auth/tests/auth_srv_unittest.cc | 155 ++++++++++++++++++++++++------
src/bin/xfrout/tests/xfrout_test.py.in | 7 +-
src/bin/xfrout/xfrout.py.in | 26 +++---
src/bin/xfrout/xfrout_messages.mes | 63 ++++++-------
6 files changed, 189 insertions(+), 86 deletions(-)
-----------------------------------------------------------------------
diff --git a/ChangeLog b/ChangeLog
index f7bfb33..e1fd540 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+328. [func] jelte
+ b10-auth now passes IXFR requests on to b10-xfrout, and no longer
+ responds to them with NOTIMPL.
+ (Trac #1390, git ab3f90da16d31fc6833d869686e07729d9b8c135)
+
327. [func] jinmei
b10-xfrout now supports IXFR. (Right now there is no user
configurable parameter about this feature; b10-xfrout will
diff --git a/src/bin/auth/auth_srv.cc b/src/bin/auth/auth_srv.cc
index c9dac88..c268478 100644
--- a/src/bin/auth/auth_srv.cc
+++ b/src/bin/auth/auth_srv.cc
@@ -91,9 +91,9 @@ public:
bool processNormalQuery(const IOMessage& io_message, MessagePtr message,
OutputBufferPtr buffer,
auto_ptr<TSIGContext> tsig_context);
- bool processAxfrQuery(const IOMessage& io_message, MessagePtr message,
- OutputBufferPtr buffer,
- auto_ptr<TSIGContext> tsig_context);
+ bool processXfrQuery(const IOMessage& io_message, MessagePtr message,
+ OutputBufferPtr buffer,
+ auto_ptr<TSIGContext> tsig_context);
bool processNotify(const IOMessage& io_message, MessagePtr message,
OutputBufferPtr buffer,
auto_ptr<TSIGContext> tsig_context);
@@ -472,10 +472,11 @@ AuthSrv::processMessage(const IOMessage& io_message, MessagePtr message,
ConstQuestionPtr question = *message->beginQuestion();
const RRType &qtype = question->getType();
if (qtype == RRType::AXFR()) {
- sendAnswer = impl_->processAxfrQuery(io_message, message, buffer,
- tsig_context);
+ sendAnswer = impl_->processXfrQuery(io_message, message, buffer,
+ tsig_context);
} else if (qtype == RRType::IXFR()) {
- makeErrorMessage(message, buffer, Rcode::NOTIMP(), tsig_context);
+ sendAnswer = impl_->processXfrQuery(io_message, message, buffer,
+ tsig_context);
} else {
sendAnswer = impl_->processNormalQuery(io_message, message, buffer,
tsig_context);
@@ -543,9 +544,9 @@ AuthSrvImpl::processNormalQuery(const IOMessage& io_message, MessagePtr message,
}
bool
-AuthSrvImpl::processAxfrQuery(const IOMessage& io_message, MessagePtr message,
- OutputBufferPtr buffer,
- auto_ptr<TSIGContext> tsig_context)
+AuthSrvImpl::processXfrQuery(const IOMessage& io_message, MessagePtr message,
+ OutputBufferPtr buffer,
+ auto_ptr<TSIGContext> tsig_context)
{
// Increment query counter.
incCounter(io_message.getSocket().getProtocol());
diff --git a/src/bin/auth/tests/auth_srv_unittest.cc b/src/bin/auth/tests/auth_srv_unittest.cc
index 4698588..ac25cd6 100644
--- a/src/bin/auth/tests/auth_srv_unittest.cc
+++ b/src/bin/auth/tests/auth_srv_unittest.cc
@@ -229,7 +229,8 @@ TEST_F(AuthSrvTest, AXFROverUDP) {
TEST_F(AuthSrvTest, AXFRSuccess) {
EXPECT_FALSE(xfrout.isConnected());
UnitTestUtil::createRequestMessage(request_message, opcode, default_qid,
- Name("example.com"), RRClass::IN(), RRType::AXFR());
+ Name("example.com"), RRClass::IN(),
+ RRType::AXFR());
createRequestPacket(request_message, IPPROTO_TCP);
// On success, the AXFR query has been passed to a separate process,
// so we shouldn't have to respond.
@@ -245,7 +246,8 @@ TEST_F(AuthSrvTest, TSIGSigned) {
const TSIGKey key("key:c2VjcmV0Cg==:hmac-sha1");
TSIGContext context(key);
UnitTestUtil::createRequestMessage(request_message, opcode, default_qid,
- Name("version.bind"), RRClass::CH(), RRType::TXT());
+ Name("version.bind"), RRClass::CH(),
+ RRType::TXT());
createRequestPacket(request_message, IPPROTO_UDP, &context);
// Run the message through the server
@@ -278,7 +280,8 @@ TEST_F(AuthSrvTest, TSIGSignedBadKey) {
TSIGKey key("key:c2VjcmV0Cg==:hmac-sha1");
TSIGContext context(key);
UnitTestUtil::createRequestMessage(request_message, opcode, default_qid,
- Name("version.bind"), RRClass::CH(), RRType::TXT());
+ Name("version.bind"), RRClass::CH(),
+ RRType::TXT());
createRequestPacket(request_message, IPPROTO_UDP, &context);
// Process the message, but use a different key there
@@ -309,7 +312,8 @@ TEST_F(AuthSrvTest, TSIGBadSig) {
TSIGKey key("key:c2VjcmV0Cg==:hmac-sha1");
TSIGContext context(key);
UnitTestUtil::createRequestMessage(request_message, opcode, default_qid,
- Name("version.bind"), RRClass::CH(), RRType::TXT());
+ Name("version.bind"), RRClass::CH(),
+ RRType::TXT());
createRequestPacket(request_message, IPPROTO_UDP, &context);
// Process the message, but use a different key there
@@ -375,7 +379,8 @@ TEST_F(AuthSrvTest, AXFRConnectFail) {
EXPECT_FALSE(xfrout.isConnected()); // check prerequisite
xfrout.disableConnect();
UnitTestUtil::createRequestMessage(request_message, opcode, default_qid,
- Name("example.com"), RRClass::IN(), RRType::AXFR());
+ Name("example.com"), RRClass::IN(),
+ RRType::AXFR());
createRequestPacket(request_message, IPPROTO_TCP);
server.processMessage(*io_message, parse_message, response_obuffer, &dnsserv);
EXPECT_TRUE(dnsserv.hasAnswer());
@@ -388,7 +393,8 @@ TEST_F(AuthSrvTest, AXFRSendFail) {
// first send a valid query, making the connection with the xfr process
// open.
UnitTestUtil::createRequestMessage(request_message, opcode, default_qid,
- Name("example.com"), RRClass::IN(), RRType::AXFR());
+ Name("example.com"), RRClass::IN(),
+ RRType::AXFR());
createRequestPacket(request_message, IPPROTO_TCP);
server.processMessage(*io_message, parse_message, response_obuffer, &dnsserv);
EXPECT_TRUE(xfrout.isConnected());
@@ -397,7 +403,8 @@ TEST_F(AuthSrvTest, AXFRSendFail) {
parse_message->clear(Message::PARSE);
response_obuffer->clear();
UnitTestUtil::createRequestMessage(request_message, opcode, default_qid,
- Name("example.com"), RRClass::IN(), RRType::AXFR());
+ Name("example.com"), RRClass::IN(),
+ RRType::AXFR());
createRequestPacket(request_message, IPPROTO_TCP);
server.processMessage(*io_message, parse_message, response_obuffer, &dnsserv);
EXPECT_TRUE(dnsserv.hasAnswer());
@@ -414,7 +421,66 @@ TEST_F(AuthSrvTest, AXFRDisconnectFail) {
xfrout.disableSend();
xfrout.disableDisconnect();
UnitTestUtil::createRequestMessage(request_message, opcode, default_qid,
- Name("example.com"), RRClass::IN(), RRType::AXFR());
+ Name("example.com"), RRClass::IN(),
+ RRType::AXFR());
+ createRequestPacket(request_message, IPPROTO_TCP);
+ EXPECT_THROW(server.processMessage(*io_message, parse_message,
+ response_obuffer, &dnsserv),
+ XfroutError);
+ EXPECT_TRUE(xfrout.isConnected());
+ // XXX: we need to re-enable disconnect. otherwise an exception would be
+ // thrown via the destructor of the server.
+ xfrout.enableDisconnect();
+}
+
+TEST_F(AuthSrvTest, IXFRConnectFail) {
+ EXPECT_FALSE(xfrout.isConnected()); // check prerequisite
+ xfrout.disableConnect();
+ UnitTestUtil::createRequestMessage(request_message, opcode, default_qid,
+ Name("example.com"), RRClass::IN(),
+ RRType::IXFR());
+ createRequestPacket(request_message, IPPROTO_TCP);
+ server.processMessage(*io_message, parse_message, response_obuffer, &dnsserv);
+ EXPECT_TRUE(dnsserv.hasAnswer());
+ headerCheck(*parse_message, default_qid, Rcode::SERVFAIL(),
+ opcode.getCode(), QR_FLAG, 1, 0, 0, 0);
+ EXPECT_FALSE(xfrout.isConnected());
+}
+
+TEST_F(AuthSrvTest, IXFRSendFail) {
+ // first send a valid query, making the connection with the xfr process
+ // open.
+ UnitTestUtil::createRequestMessage(request_message, opcode, default_qid,
+ Name("example.com"), RRClass::IN(),
+ RRType::IXFR());
+ createRequestPacket(request_message, IPPROTO_TCP);
+ server.processMessage(*io_message, parse_message, response_obuffer, &dnsserv);
+ EXPECT_TRUE(xfrout.isConnected());
+
+ xfrout.disableSend();
+ parse_message->clear(Message::PARSE);
+ response_obuffer->clear();
+ UnitTestUtil::createRequestMessage(request_message, opcode, default_qid,
+ Name("example.com"), RRClass::IN(),
+ RRType::IXFR());
+ createRequestPacket(request_message, IPPROTO_TCP);
+ server.processMessage(*io_message, parse_message, response_obuffer, &dnsserv);
+ EXPECT_TRUE(dnsserv.hasAnswer());
+ headerCheck(*parse_message, default_qid, Rcode::SERVFAIL(),
+ opcode.getCode(), QR_FLAG, 1, 0, 0, 0);
+
+ // The connection should have been closed due to the send failure.
+ EXPECT_FALSE(xfrout.isConnected());
+}
+
+TEST_F(AuthSrvTest, IXFRDisconnectFail) {
+ // In our usage disconnect() shouldn't fail. So we'll see the exception
+ // should it be thrown.
+ xfrout.disableSend();
+ xfrout.disableDisconnect();
+ UnitTestUtil::createRequestMessage(request_message, opcode, default_qid,
+ Name("example.com"), RRClass::IN(),
+ RRType::IXFR());
createRequestPacket(request_message, IPPROTO_TCP);
EXPECT_THROW(server.processMessage(*io_message, parse_message,
response_obuffer, &dnsserv),
@@ -426,8 +492,9 @@ TEST_F(AuthSrvTest, AXFRDisconnectFail) {
}
TEST_F(AuthSrvTest, notify) {
- UnitTestUtil::createRequestMessage(request_message, Opcode::NOTIFY(), default_qid,
- Name("example.com"), RRClass::IN(), RRType::SOA());
+ UnitTestUtil::createRequestMessage(request_message, Opcode::NOTIFY(),
+ default_qid, Name("example.com"),
+ RRClass::IN(), RRType::SOA());
request_message.setHeaderFlag(Message::HEADERFLAG_AA);
createRequestPacket(request_message, IPPROTO_UDP);
server.processMessage(*io_message, parse_message, response_obuffer, &dnsserv);
@@ -458,8 +525,9 @@ TEST_F(AuthSrvTest, notify) {
TEST_F(AuthSrvTest, notifyForCHClass) {
// Same as the previous test, but for the CH RRClass.
- UnitTestUtil::createRequestMessage(request_message, Opcode::NOTIFY(), default_qid,
- Name("example.com"), RRClass::CH(), RRType::SOA());
+ UnitTestUtil::createRequestMessage(request_message, Opcode::NOTIFY(),
+ default_qid, Name("example.com"),
+ RRClass::CH(), RRType::SOA());
request_message.setHeaderFlag(Message::HEADERFLAG_AA);
createRequestPacket(request_message, IPPROTO_UDP);
server.processMessage(*io_message, parse_message, response_obuffer, &dnsserv);
@@ -487,8 +555,9 @@ TEST_F(AuthSrvTest, notifyEmptyQuestion) {
}
TEST_F(AuthSrvTest, notifyMultiQuestions) {
- UnitTestUtil::createRequestMessage(request_message, Opcode::NOTIFY(), default_qid,
- Name("example.com"), RRClass::IN(), RRType::SOA());
+ UnitTestUtil::createRequestMessage(request_message, Opcode::NOTIFY(),
+ default_qid, Name("example.com"),
+ RRClass::IN(), RRType::SOA());
// add one more SOA question
request_message.addQuestion(Question(Name("example.com"), RRClass::IN(),
RRType::SOA()));
@@ -501,8 +570,9 @@ TEST_F(AuthSrvTest, notifyMultiQuestions) {
}
TEST_F(AuthSrvTest, notifyNonSOAQuestion) {
- UnitTestUtil::createRequestMessage(request_message, Opcode::NOTIFY(), default_qid,
- Name("example.com"), RRClass::IN(), RRType::NS());
+ UnitTestUtil::createRequestMessage(request_message, Opcode::NOTIFY(),
+ default_qid, Name("example.com"),
+ RRClass::IN(), RRType::NS());
request_message.setHeaderFlag(Message::HEADERFLAG_AA);
createRequestPacket(request_message, IPPROTO_UDP);
server.processMessage(*io_message, parse_message, response_obuffer, &dnsserv);
@@ -513,8 +583,9 @@ TEST_F(AuthSrvTest, notifyNonSOAQuestion) {
TEST_F(AuthSrvTest, notifyWithoutAA) {
// implicitly leave the AA bit off. our implementation will accept it.
- UnitTestUtil::createRequestMessage(request_message, Opcode::NOTIFY(), default_qid,
- Name("example.com"), RRClass::IN(), RRType::SOA());
+ UnitTestUtil::createRequestMessage(request_message, Opcode::NOTIFY(),
+ default_qid, Name("example.com"),
+ RRClass::IN(), RRType::SOA());
createRequestPacket(request_message, IPPROTO_UDP);
server.processMessage(*io_message, parse_message, response_obuffer, &dnsserv);
EXPECT_TRUE(dnsserv.hasAnswer());
@@ -523,8 +594,9 @@ TEST_F(AuthSrvTest, notifyWithoutAA) {
}
TEST_F(AuthSrvTest, notifyWithErrorRcode) {
- UnitTestUtil::createRequestMessage(request_message, Opcode::NOTIFY(), default_qid,
- Name("example.com"), RRClass::IN(), RRType::SOA());
+ UnitTestUtil::createRequestMessage(request_message, Opcode::NOTIFY(),
+ default_qid, Name("example.com"),
+ RRClass::IN(), RRType::SOA());
request_message.setHeaderFlag(Message::HEADERFLAG_AA);
request_message.setRcode(Rcode::SERVFAIL());
createRequestPacket(request_message, IPPROTO_UDP);
@@ -537,8 +609,9 @@ TEST_F(AuthSrvTest, notifyWithErrorRcode) {
TEST_F(AuthSrvTest, notifyWithoutSession) {
server.setXfrinSession(NULL);
- UnitTestUtil::createRequestMessage(request_message, Opcode::NOTIFY(), default_qid,
- Name("example.com"), RRClass::IN(), RRType::SOA());
+ UnitTestUtil::createRequestMessage(request_message, Opcode::NOTIFY(),
+ default_qid, Name("example.com"),
+ RRClass::IN(), RRType::SOA());
request_message.setHeaderFlag(Message::HEADERFLAG_AA);
createRequestPacket(request_message, IPPROTO_UDP);
@@ -551,8 +624,9 @@ TEST_F(AuthSrvTest, notifyWithoutSession) {
TEST_F(AuthSrvTest, notifySendFail) {
notify_session.disableSend();
- UnitTestUtil::createRequestMessage(request_message, Opcode::NOTIFY(), default_qid,
- Name("example.com"), RRClass::IN(), RRType::SOA());
+ UnitTestUtil::createRequestMessage(request_message, Opcode::NOTIFY(),
+ default_qid, Name("example.com"),
+ RRClass::IN(), RRType::SOA());
request_message.setHeaderFlag(Message::HEADERFLAG_AA);
createRequestPacket(request_message, IPPROTO_UDP);
@@ -563,8 +637,9 @@ TEST_F(AuthSrvTest, notifySendFail) {
TEST_F(AuthSrvTest, notifyReceiveFail) {
notify_session.disableReceive();
- UnitTestUtil::createRequestMessage(request_message, Opcode::NOTIFY(), default_qid,
- Name("example.com"), RRClass::IN(), RRType::SOA());
+ UnitTestUtil::createRequestMessage(request_message, Opcode::NOTIFY(),
+ default_qid, Name("example.com"),
+ RRClass::IN(), RRType::SOA());
request_message.setHeaderFlag(Message::HEADERFLAG_AA);
createRequestPacket(request_message, IPPROTO_UDP);
server.processMessage(*io_message, parse_message, response_obuffer, &dnsserv);
@@ -574,8 +649,9 @@ TEST_F(AuthSrvTest, notifyReceiveFail) {
TEST_F(AuthSrvTest, notifyWithBogusSessionMessage) {
notify_session.setMessage(Element::fromJSON("{\"foo\": 1}"));
- UnitTestUtil::createRequestMessage(request_message, Opcode::NOTIFY(), default_qid,
- Name("example.com"), RRClass::IN(), RRType::SOA());
+ UnitTestUtil::createRequestMessage(request_message, Opcode::NOTIFY(),
+ default_qid, Name("example.com"),
+ RRClass::IN(), RRType::SOA());
request_message.setHeaderFlag(Message::HEADERFLAG_AA);
createRequestPacket(request_message, IPPROTO_UDP);
server.processMessage(*io_message, parse_message, response_obuffer, &dnsserv);
@@ -586,8 +662,9 @@ TEST_F(AuthSrvTest, notifyWithSessionMessageError) {
notify_session.setMessage(
Element::fromJSON("{\"result\": [1, \"FAIL\"]}"));
- UnitTestUtil::createRequestMessage(request_message, Opcode::NOTIFY(), default_qid,
- Name("example.com"), RRClass::IN(), RRType::SOA());
+ UnitTestUtil::createRequestMessage(request_message, Opcode::NOTIFY(),
+ default_qid, Name("example.com"),
+ RRClass::IN(), RRType::SOA());
request_message.setHeaderFlag(Message::HEADERFLAG_AA);
createRequestPacket(request_message, IPPROTO_UDP);
server.processMessage(*io_message, parse_message, response_obuffer, &dnsserv);
@@ -737,12 +814,28 @@ TEST_F(AuthSrvTest, queryCounterTCPAXFR) {
Name("example.com"), RRClass::IN(), RRType::AXFR());
createRequestPacket(request_message, IPPROTO_TCP);
// On success, the AXFR query has been passed to a separate process,
- // so we shouldn't have to respond.
+ // so auth itself shouldn't respond.
server.processMessage(*io_message, parse_message, response_obuffer, &dnsserv);
+ EXPECT_FALSE(dnsserv.hasAnswer());
// After processing TCP AXFR query, the counter should be 1.
EXPECT_EQ(1, server.getCounter(AuthCounters::COUNTER_TCP_QUERY));
}
+// Submit TCP IXFR query and check query counter
+TEST_F(AuthSrvTest, queryCounterTCPIXFR) {
+ // The counter should be initialized to 0.
+ EXPECT_EQ(0, server.getCounter(AuthCounters::COUNTER_TCP_QUERY));
+ UnitTestUtil::createRequestMessage(request_message, opcode, default_qid,
+ Name("example.com"), RRClass::IN(), RRType::IXFR());
+ createRequestPacket(request_message, IPPROTO_TCP);
+ // On success, the IXFR query has been passed to a separate process,
+ // so auth itself shouldn't respond.
+ server.processMessage(*io_message, parse_message, response_obuffer, &dnsserv);
+ EXPECT_FALSE(dnsserv.hasAnswer());
+ // After processing TCP IXFR query, the counter should be 1.
+ EXPECT_EQ(1, server.getCounter(AuthCounters::COUNTER_TCP_QUERY));
+}
+
// class for queryCounterUnexpected test
// getProtocol() returns IPPROTO_IP
class DummyUnknownSocket : public IOSocket {
diff --git a/src/bin/xfrout/tests/xfrout_test.py.in b/src/bin/xfrout/tests/xfrout_test.py.in
index 7e0af42..37e8993 100644
--- a/src/bin/xfrout/tests/xfrout_test.py.in
+++ b/src/bin/xfrout/tests/xfrout_test.py.in
@@ -222,7 +222,7 @@ class TestXfroutSessionBase(unittest.TestCase):
the owner name of the SOA in the authority section.
soa_class: IXFR only. The RR class of the SOA RR in the authority
section.
- num_soa: IXFR only. The number of SOA RDATAs in the authority
+ num_soa: IXFR only. The number of SOA RDATAs in the authority
section.
'''
msg = Message(Message.RENDER)
@@ -336,6 +336,11 @@ class TestXfroutSession(TestXfroutSessionBase):
self.assertRaises(RuntimeError, self.xfrsess._parse_query_message,
self.create_request_data(qtype=RRType.A()))
+ # NOERROR
+ request_data = self.create_request_data(ixfr=IXFR_OK_VERSION)
+ rcode, msg = self.xfrsess._parse_query_message(request_data)
+ self.assertEqual(rcode.to_text(), "NOERROR")
+
# tsig signed query message
request_data = self.create_request_data(with_tsig=True)
# BADKEY
diff --git a/src/bin/xfrout/xfrout.py.in b/src/bin/xfrout/xfrout.py.in
index 8990c13..d450138 100755
--- a/src/bin/xfrout/xfrout.py.in
+++ b/src/bin/xfrout/xfrout.py.in
@@ -39,6 +39,7 @@ from isc.log_messages.xfrout_messages import *
isc.log.init("b10-xfrout")
logger = isc.log.Logger("xfrout")
+DBG_XFROUT_TRACE = logger.DBGLVL_TRACE_BASIC
try:
from libutil_io_python import *
@@ -46,7 +47,7 @@ try:
except ImportError as e:
# C++ loadable module may not be installed; even so the xfrout process
# must keep running, so we warn about it and move forward.
- log.error(XFROUT_IMPORT, str(e))
+ logger.error(XFROUT_IMPORT, str(e))
from isc.acl.acl import ACCEPT, REJECT, DROP, LoaderError
from isc.acl.dns import REQUEST_LOADER
@@ -252,14 +253,14 @@ class XfroutSession():
acl_result = acl.execute(
isc.acl.dns.RequestContext(self._remote[2], msg.get_tsig_record()))
if acl_result == DROP:
- logger.info(XFROUT_QUERY_DROPPED, self._request_typestr,
- format_addrinfo(self._remote),
- format_zone_str(zone_name, zone_class))
+ logger.debug(DBG_XFROUT_TRACE, XFROUT_QUERY_DROPPED,
+ self._request_type, format_addrinfo(self._remote),
+ format_zone_str(zone_name, zone_class))
return None, None
elif acl_result == REJECT:
- logger.info(XFROUT_QUERY_REJECTED, self._request_typestr,
- format_addrinfo(self._remote),
- format_zone_str(zone_name, zone_class))
+ logger.debug(DBG_XFROUT_TRACE, XFROUT_QUERY_REJECTED,
+ self._request_type, format_addrinfo(self._remote),
+ format_zone_str(zone_name, zone_class))
return Rcode.REFUSED(), msg
return rcode, msg
@@ -504,19 +505,18 @@ class XfroutSession():
format_addrinfo(self._remote), zone_str, ex)
rcode_ = Rcode.SERVFAIL()
if rcode_ != Rcode.NOERROR():
- logger.info(XFROUT_AXFR_TRANSFER_FAILED, self._request_typestr,
+ logger.info(XFROUT_XFR_TRANSFER_FAILED, self._request_typestr,
format_addrinfo(self._remote), zone_str, rcode_)
return self._reply_query_with_error_rcode(msg, sock_fd, rcode_)
try:
- logger.info(XFROUT_AXFR_TRANSFER_STARTED, self._request_typestr,
+ logger.info(XFROUT_XFR_TRANSFER_STARTED, self._request_typestr,
format_addrinfo(self._remote), zone_str)
self._reply_xfrout_query(msg, sock_fd)
except Exception as err:
- logger.error(XFROUT_AXFR_TRANSFER_ERROR, self._request_typestr,
+ logger.error(XFROUT_XFR_TRANSFER_ERROR, self._request_typestr,
format_addrinfo(self._remote), zone_str, err)
- pass
- logger.info(XFROUT_AXFR_TRANSFER_DONE, self._request_typestr,
+ logger.info(XFROUT_XFR_TRANSFER_DONE, self._request_typestr,
format_addrinfo(self._remote), zone_str)
def _clear_message(self, msg):
@@ -667,7 +667,7 @@ class UnixSockServer(socketserver_mixin.NoPollMixIn,
try:
self.process_request(request)
except Exception as pre:
- log.error(XFROUT_PROCESS_REQUEST_ERROR, str(pre))
+ logger.error(XFROUT_PROCESS_REQUEST_ERROR, str(pre))
break
def _handle_request_noblock(self):
diff --git a/src/bin/xfrout/xfrout_messages.mes b/src/bin/xfrout/xfrout_messages.mes
index f6cca9d..fcc2e59 100644
--- a/src/bin/xfrout/xfrout_messages.mes
+++ b/src/bin/xfrout/xfrout_messages.mes
@@ -15,37 +15,6 @@
# No namespace declaration - these constants go in the global namespace
# of the xfrout messages python module.
-% XFROUT_AXFR_TRANSFER_DONE %1 client %2: transfer of %3 complete
-The transfer of the given zone has been completed successfully, or was
-aborted due to a shutdown event.
-
-% XFROUT_AXFR_TRANSFER_ERROR %1 client %2: error transferring zone %3: %4
-An uncaught exception was encountered while sending the response to
-an AXFR query. The error message of the exception is included in the
-log message, but this error most likely points to incomplete exception
-handling in the code.
-
-% XFROUT_XFR_TRANSFER_CHECK_ERROR %1 client %2: check for transfer of %3 failed: %4
-Pre-response check for an incomding XFR request failed unexpectedly.
-The most likely cause of this is that some low level error in the data
-source, but it may also be other general (more unlikely) errors such
-as memory shortage. Some detail of the error is also included in the
-message. The xfrout server tries to return a SERVFAIL response in this case.
-
-% XFROUT_AXFR_TRANSFER_FAILED %1 client %2: transfer of %3 failed, rcode: %4
-A transfer out for the given zone failed. An error response is sent
-to the client. The given rcode is the rcode that is set in the error
-response. This is either NOTAUTH (we are not authoritative for the
-zone), SERVFAIL (our internal database is missing the SOA record for
-the zone), or REFUSED (the limit of simultaneous outgoing AXFR
-transfers, as specified by the configuration value
-Xfrout/max_transfers_out, has been reached).
-# Still a TODO, but when implemented, REFUSED can also mean
-# the client is not allowed to transfer the zone
-
-% XFROUT_AXFR_TRANSFER_STARTED %1 client %2: transfer of zone %3 has started
-A transfer out of the given zone has started.
-
% XFROUT_BAD_TSIG_KEY_STRING bad TSIG key string: %1
The TSIG key string as read from the configuration does not represent
a valid TSIG key.
@@ -178,6 +147,37 @@ on, but the file is in use. The most likely cause is that another
xfrout daemon process is still running. This xfrout daemon (the one
printing this message) will not start.
+% XFROUT_XFR_TRANSFER_DONE %1 client %2: transfer of %3 complete
+The transfer of the given zone has been completed successfully, or was
+aborted due to a shutdown event.
+
+% XFROUT_XFR_TRANSFER_ERROR %1 client %2: error transferring zone %3: %4
+An uncaught exception was encountered while sending the response to
+an AXFR query. The error message of the exception is included in the
+log message, but this error most likely points to incomplete exception
+handling in the code.
+
+% XFROUT_XFR_TRANSFER_CHECK_ERROR %1 client %2: check for transfer of %3 failed: %4
+Pre-response check for an incomding XFR request failed unexpectedly.
+The most likely cause of this is that some low level error in the data
+source, but it may also be other general (more unlikely) errors such
+as memory shortage. Some detail of the error is also included in the
+message. The xfrout server tries to return a SERVFAIL response in this case.
+
+% XFROUT_XFR_TRANSFER_FAILED %1 client %2: transfer of %3 failed, rcode: %4
+A transfer out for the given zone failed. An error response is sent
+to the client. The given rcode is the rcode that is set in the error
+response. This is either NOTAUTH (we are not authoritative for the
+zone), SERVFAIL (our internal database is missing the SOA record for
+the zone), or REFUSED (the limit of simultaneous outgoing AXFR
+transfers, as specified by the configuration value
+Xfrout/max_transfers_out, has been reached).
+# Still a TODO, but when implemented, REFUSED can also mean
+# the client is not allowed to transfer the zone
+
+% XFROUT_XFR_TRANSFER_STARTED %1 client %2: transfer of zone %3 has started
+A transfer out of the given zone has started.
+
% XFROUT_IXFR_MULTIPLE_SOA IXFR client %1: authority section has multiple SOAs
An IXFR request was received with more than one SOA RRs in the authority
section. The xfrout daemon rejects the request with an RCODE of
@@ -216,4 +216,3 @@ happens often, it's advisable to check whether the data source is
valid for this zone. The xfrout daemon considers it a possible,
though unlikely, event, and returns a response with an RCODE of
NOTAUTH.
-
More information about the bind10-changes
mailing list