Kea 3.1.0
d2_config.cc
Go to the documentation of this file.
1// Copyright (C) 2013-2024 Internet Systems Consortium, Inc. ("ISC")
2//
3// This Source Code Form is subject to the terms of the Mozilla Public
4// License, v. 2.0. If a copy of the MPL was not distributed with this
5// file, You can obtain one at http://mozilla.org/MPL/2.0/.
6
7#include <config.h>
8
9#include <asiolink/io_error.h>
10#include <d2srv/d2_log.h>
11#include <d2srv/d2_cfg_mgr.h>
14#include <util/filesystem.h>
15
16#include <boost/scoped_ptr.hpp>
17#include <boost/algorithm/string/predicate.hpp>
18
19#include <sstream>
20#include <string>
21
22using namespace isc::data;
23using namespace isc::process;
24using namespace isc::util;
25
26namespace isc {
27namespace d2 {
28
29// *********************** D2Params *************************
30
32 const size_t port,
33 const size_t dns_server_timeout,
34 const dhcp_ddns::NameChangeProtocol& ncr_protocol,
35 const dhcp_ddns::NameChangeFormat& ncr_format)
36 : ip_address_(ip_address),
37 port_(port),
38 dns_server_timeout_(dns_server_timeout),
39 ncr_protocol_(ncr_protocol),
40 ncr_format_(ncr_format) {
42}
43
45 : ip_address_(isc::asiolink::IOAddress("127.0.0.1")),
46 port_(53001), dns_server_timeout_(500),
47 ncr_protocol_(dhcp_ddns::NCR_UDP),
48 ncr_format_(dhcp_ddns::FMT_JSON) {
50}
51
53
54void
56 if (port_ == 0) {
57 isc_throw(D2CfgError, "D2Params: port cannot be 0");
58 }
59
60 if (dns_server_timeout_ < 1) {
62 "D2Params: DNS server timeout must be larger than 0");
63 }
64
65 if (ncr_format_ != dhcp_ddns::FMT_JSON) {
66 isc_throw(D2CfgError, "D2Params: NCR Format:"
67 << dhcp_ddns::ncrFormatToString(ncr_format_)
68 << " is not yet supported");
69 }
70
71 if (ncr_protocol_ != dhcp_ddns::NCR_UDP) {
72 isc_throw(D2CfgError, "D2Params: NCR Protocol:"
73 << dhcp_ddns::ncrProtocolToString(ncr_protocol_)
74 << " is not yet supported");
75 }
76}
77
78std::string
80 std::ostringstream s;
81 s << "listening on " << getIpAddress() << ", port " << getPort()
82 << ", using " << ncrProtocolToString(ncr_protocol_);
83 return (s.str());
84}
85
86bool
87D2Params::operator == (const D2Params& other) const {
88 return ((ip_address_ == other.ip_address_) &&
89 (port_ == other.port_) &&
90 (dns_server_timeout_ == other.dns_server_timeout_) &&
91 (ncr_protocol_ == other.ncr_protocol_) &&
92 (ncr_format_ == other.ncr_format_));
93}
94
95bool
96D2Params::operator != (const D2Params& other) const {
97 return (!(*this == other));
98}
99
100std::string
102 std::ostringstream stream;
103
104 stream << ", ip-address: " << ip_address_.toText()
105 << ", port: " << port_
106 << ", dns-server-timeout_: " << dns_server_timeout_
107 << ", ncr-protocol: "
108 << dhcp_ddns::ncrProtocolToString(ncr_protocol_)
109 << ", ncr-format: " << ncr_format_
110 << dhcp_ddns::ncrFormatToString(ncr_format_);
111
112 return (stream.str());
113}
114
115std::ostream&
116operator<<(std::ostream& os, const D2Params& config) {
117 os << config.toText();
118 return (os);
119}
120
121// *********************** TSIGKeyInfo *************************
122// Note these values match corresponding values for Bind9's
123// dnssec-keygen
124const char* TSIGKeyInfo::HMAC_MD5_STR = "HMAC-MD5";
125const char* TSIGKeyInfo::HMAC_SHA1_STR = "HMAC-SHA1";
126const char* TSIGKeyInfo::HMAC_SHA224_STR = "HMAC-SHA224";
127const char* TSIGKeyInfo::HMAC_SHA256_STR = "HMAC-SHA256";
128const char* TSIGKeyInfo::HMAC_SHA384_STR = "HMAC-SHA384";
129const char* TSIGKeyInfo::HMAC_SHA512_STR = "HMAC-SHA512";
130
131TSIGKeyInfo::TSIGKeyInfo(const std::string& name, const std::string& algorithm,
132 const std::string& secret, std::string secret_file,
133 uint32_t digestbits)
134 : name_(name), algorithm_(algorithm), secret_(secret),
135 secret_file_(secret_file), digestbits_(digestbits), tsig_key_() {
136 remakeKey();
137}
138
141
142const dns::Name&
143TSIGKeyInfo::stringToAlgorithmName(const std::string& algorithm_id) {
144 if (boost::iequals(algorithm_id, HMAC_MD5_STR)) {
146 } else if (boost::iequals(algorithm_id, HMAC_SHA1_STR)) {
148 } else if (boost::iequals(algorithm_id, HMAC_SHA224_STR)) {
150 } else if (boost::iequals(algorithm_id, HMAC_SHA256_STR)) {
152 } else if (boost::iequals(algorithm_id, HMAC_SHA384_STR)) {
154 } else if (boost::iequals(algorithm_id, HMAC_SHA512_STR)) {
156 }
157
158 isc_throw(BadValue, "Unknown TSIG Key algorithm: " << algorithm_id);
159}
160
161void
162TSIGKeyInfo::remakeKey() {
163 try {
164 // Since our secret value is base64 encoded already, we need to
165 // build the input string for the appropriate D2TsigKey constructor.
166 // If secret isn't a valid base64 value, the constructor will throw.
167 std::ostringstream stream;
168 stream << dns::Name(name_).toText() << ":"
169 << secret_ << ":"
170 << stringToAlgorithmName(algorithm_);
171 if (digestbits_ > 0) {
172 stream << ":" << digestbits_;
173 }
174
175 tsig_key_.reset(new D2TsigKey(stream.str()));
176 } catch (const std::exception& ex) {
177 isc_throw(D2CfgError, "Cannot make D2TsigKey: " << ex.what());
178 }
179}
180
184 // Set user-context
185 contextToElement(result);
186 // Set name
187 result->set("name", Element::create(name_));
188 // Set algorithm
189 result->set("algorithm", Element::create(algorithm_));
190 // Set secret[-file]
191 if (!secret_file_.empty()) {
192 result->set("secret-file", Element::create(secret_file_));
193 } else {
194 result->set("secret", Element::create(secret_));
195 }
196 // Set digest-bits
197 result->set("digest-bits",
198 Element::create(static_cast<int64_t>(digestbits_)));
199
200 return (result);
201}
202
203// *********************** DnsServerInfo *************************
204DnsServerInfo::DnsServerInfo(const std::string& hostname,
205 isc::asiolink::IOAddress ip_address,
206 uint32_t port,
207 bool enabled,
208 const TSIGKeyInfoPtr& tsig_key_info,
209 bool inherited_key)
210 : hostname_(hostname), ip_address_(ip_address), port_(port),
211 enabled_(enabled), tsig_key_info_(tsig_key_info),
212 inherited_key_(inherited_key) {
213}
214
217
218const std::string
220 if (tsig_key_info_) {
221 return (tsig_key_info_->getName());
222 }
223
224 return ("");
225}
226
227std::string
229 std::ostringstream stream;
230 stream << (getIpAddress().toText()) << " port:" << getPort();
231 return (stream.str());
232}
233
237 // Set user-context
238 contextToElement(result);
239 // Set hostname
240 result->set("hostname", Element::create(hostname_));
241 // Set ip-address
242 result->set("ip-address", Element::create(ip_address_.toText()));
243 // Set port
244 result->set("port", Element::create(static_cast<int64_t>(port_)));
245 // Set key-name
246 if (tsig_key_info_ && !inherited_key_) {
247 result->set("key-name", Element::create(tsig_key_info_->getName()));
248 }
249
250 return (result);
251}
252
253std::ostream&
254operator<<(std::ostream& os, const DnsServerInfo& server) {
255 os << server.toText();
256 return (os);
257}
258
259// *********************** DdnsDomain *************************
260
261DdnsDomain::DdnsDomain(const std::string& name,
263 const std::string& key_name)
264 : name_(name), servers_(servers), key_name_(key_name) {
265}
266
269
273 // Set user-context
274 contextToElement(result);
275 // Set name
276 result->set("name", Element::create(name_));
277 // Set servers
279 for (auto const& server : *servers_) {
280 ElementPtr dns_server = server->toElement();
281 servers->add(dns_server);
282 }
283 // the dns server list may not be empty
284 if (!servers->empty()) {
285 result->set("dns-servers", servers);
286 }
287 // Set key-name
288 if (!key_name_.empty()) {
289 result->set("key-name", Element::create(key_name_));
290 }
291
292 return (result);
293}
294
295// *********************** DdnsDomainLstMgr *************************
296
298
299DdnsDomainListMgr::DdnsDomainListMgr(const std::string& name) : name_(name),
300 domains_(new DdnsDomainMap()) {
301}
302
303
306
307void
309 if (!domains) {
311 "DdnsDomainListMgr::setDomains: Domain list may not be null");
312 }
313
314 domains_ = domains;
315
316 // Look for the wild card domain. If present, set the member variable
317 // to remember it. This saves us from having to look for it every time
318 // we attempt a match.
319 DdnsDomainMap::iterator gotit = domains_->find(wildcard_domain_name_);
320 if (gotit != domains_->end()) {
321 wildcard_domain_ = gotit->second;
322 }
323}
324
325bool
326DdnsDomainListMgr::matchDomain(const std::string& fqdn, DdnsDomainPtr& domain) {
327 // First check the case of one domain to rule them all.
328 if ((size() == 1) && (wildcard_domain_)) {
329 domain = wildcard_domain_;
330 return (true);
331 }
332
333 // Iterate over the domain map looking for the domain which matches
334 // the longest portion of the given fqdn.
335
336 size_t req_len = fqdn.size();
337 size_t match_len = 0;
338 DdnsDomainPtr best_match;
339 for (auto const& map_pair : *domains_) {
340 std::string domain_name = map_pair.first;
341 size_t dom_len = domain_name.size();
342
343 // If the domain name is longer than the fqdn, then it cant be match.
344 if (req_len < dom_len) {
345 continue;
346 }
347
348 // If the lengths are identical and the names match we're done.
349 if (req_len == dom_len) {
350 if (boost::iequals(fqdn, domain_name)) {
351 // exact match, done
352 domain = map_pair.second;
353 return (true);
354 }
355 } else {
356 // The fqdn is longer than the domain name. Adjust the start
357 // point of comparison by the excess in length. Only do the
358 // comparison if the adjustment lands on a boundary. This
359 // prevents "onetwo.net" from matching "two.net".
360 size_t offset = req_len - dom_len;
361 if ((fqdn[offset - 1] == '.') &&
362 (boost::iequals(fqdn.substr(offset), domain_name))) {
363 // Fqdn contains domain name, keep it if its better than
364 // any we have matched so far.
365 if (dom_len > match_len) {
366 match_len = dom_len;
367 best_match = map_pair.second;
368 }
369 }
370 }
371 }
372
373 if (!best_match) {
374 // There's no match. If they specified a wild card domain use it
375 // otherwise there's no domain for this entry.
376 if (wildcard_domain_) {
377 domain = wildcard_domain_;
378 return (true);
379 }
380
382 return (false);
383 }
384
385 domain = best_match;
386 return (true);
387}
388
392 // Iterate on ddns domains
393 for (auto const& domain : *domains_) {
394 ElementPtr ddns_domain = domain.second->toElement();
395 result->add(ddns_domain);
396 }
397
398 return (result);
399}
400
401// *************************** PARSERS ***********************************
402
403// *********************** TSIGKeyInfoParser *************************
404
407 std::string name = getString(key_config, "name");
408 std::string algorithm = getString(key_config, "algorithm");
409 uint32_t digestbits = getInteger(key_config, "digest-bits");
410 std::string secret_file;
411 std::string secret;
412 if (key_config->contains("secret-file")) {
413 secret_file = getString(key_config, "secret-file");
414 try {
415 secret = util::file::getContent(secret_file);
416 if (secret.empty()) {
417 isc_throw(BadValue, "Expected '" << secret_file
418 << "' to not be empty");
419 }
420 } catch (const std::exception& ex) {
421 isc_throw(D2CfgError, "tsig-key : " << ex.what()
422 << " (" << getPosition("secret-file", key_config)
423 << ")");
424 }
425 } else {
426 secret = getString(key_config, "secret");
428 isc_throw(D2CfgError, "use of clear text TSIG 'secret' is NOT SECURE"
429 << " (" << getPosition("secret", key_config)
430 << ")");
431 } else {
433 .arg(getPosition("secret", key_config).str());
434 }
435 }
436
437 ConstElementPtr user_context = key_config->get("user-context");
438
439 // Algorithm must be valid.
440 try {
442 } catch (const std::exception& ex) {
443 isc_throw(D2CfgError, "tsig-key : " << ex.what()
444 << " (" << getPosition("algorithm", key_config) << ")");
445 }
446
447 // Non-zero digest-bits must be an integral number of octets, greater
448 // than 80 and at least half of the algorithm key length. It defaults
449 // to zero and JSON parsing ensures it's a multiple of 8.
450 if ((digestbits > 0) &&
451 ((digestbits < 80) ||
452 (boost::iequals(algorithm, TSIGKeyInfo::HMAC_SHA224_STR)
453 && (digestbits < 112)) ||
454 (boost::iequals(algorithm, TSIGKeyInfo::HMAC_SHA256_STR)
455 && (digestbits < 128)) ||
456 (boost::iequals(algorithm, TSIGKeyInfo::HMAC_SHA384_STR)
457 && (digestbits < 192)) ||
458 (boost::iequals(algorithm, TSIGKeyInfo::HMAC_SHA512_STR)
459 && (digestbits < 256)))) {
460 isc_throw(D2CfgError, "tsig-key: digest-bits too small : ("
461 << getPosition("digest-bits", key_config)
462 << ")");
463 }
464
465 // Everything should be valid, so create the key instance.
466 // It is possible for the D2TsigKey constructor to fail such as
467 // with an invalid secret content.
468 TSIGKeyInfoPtr key_info;
469 try {
470 key_info.reset(new TSIGKeyInfo(name, algorithm, secret,
471 secret_file, digestbits));
472 } catch (const std::exception& ex) {
473 isc_throw(D2CfgError, ex.what() << " ("
474 << key_config->getPosition() << ")");
475 }
476
477 // Add user-context
478 if (user_context) {
479 key_info->setContext(user_context);
480 }
481
482 return (key_info);
483}
484
485// *********************** TSIGKeyInfoListParser *************************
486
490 TSIGKeyInfoParser key_parser;
491 for (auto const& key_config : key_list->listValue()) {
492 TSIGKeyInfoPtr key = key_parser.parse(key_config);
493
494 // Duplicates are not allowed and should be flagged as an error.
495 if (keys->find(key->getName()) != keys->end()) {
496 isc_throw(D2CfgError, "Duplicate TSIG key name specified : "
497 << key->getName()
498 << " (" << getPosition("name", key_config) << ")");
499 }
500
501 (*keys)[key->getName()] = key;
502 }
503
504 return (keys);
505}
506
507// *********************** DnsServerInfoParser *************************
508
511 ConstElementPtr domain_config,
512 const TSIGKeyInfoMapPtr keys) {
513 std::string hostname = getString(server_config, "hostname");
514 std::string ip_address = getString(server_config, "ip-address");
515 uint32_t port = getInteger(server_config, "port");
516 std::string key_name = getString(server_config, "key-name");
517 ConstElementPtr user_context = server_config->get("user-context");
518
519 // Key name is optional. If it is not blank, then find the key in the
520 // list of defined keys.
521 TSIGKeyInfoPtr tsig_key_info;
522 bool inherited_key = true;
523 if (key_name.empty()) {
524 std::string domain_key_name = getString(domain_config, "key-name");
525 if (!domain_key_name.empty()) {
526 key_name = domain_key_name;
527 }
528 } else {
529 inherited_key = false;
530 }
531 if (!key_name.empty()) {
532 if (keys) {
533 TSIGKeyInfoMap::iterator kit = keys->find(key_name);
534 if (kit != keys->end()) {
535 tsig_key_info = kit->second;
536 }
537 }
538
539 if (!tsig_key_info) {
540 if (inherited_key) {
541 isc_throw(D2CfgError, "DdnsDomain : specifies an "
542 << "undefined key: " << key_name << " ("
543 << getPosition("key-name", domain_config) << ")");
544 } else {
545 isc_throw(D2CfgError, "Dns Server : specifies an "
546 << "undefined key: " << key_name << " ("
547 << getPosition("key-name", server_config) << ")");
548 }
549 }
550 }
551
552 // The configuration must specify one or the other.
553 if (hostname.empty() == ip_address.empty()) {
554 isc_throw(D2CfgError, "Dns Server must specify one or the other"
555 " of hostname or IP address"
556 << " (" << server_config->getPosition() << ")");
557 }
558
559 DnsServerInfoPtr server_info;
560 if (!hostname.empty()) {
574 isc_throw(D2CfgError, "Dns Server : hostname is not yet supported"
575 << " (" << getPosition("hostname", server_config) << ")");
576 } else {
577 try {
578 // Create an IOAddress from the IP address string given and then
579 // create the DnsServerInfo.
580 isc::asiolink::IOAddress io_addr(ip_address);
581 server_info.reset(new DnsServerInfo(hostname, io_addr, port,
582 true, tsig_key_info,
583 inherited_key));
584 } catch (const isc::asiolink::IOError& ex) {
585 isc_throw(D2CfgError, "Dns Server : invalid IP address : "
586 << ip_address
587 << " (" << getPosition("ip-address", server_config) << ")");
588 }
589 }
590
591 // Add user-context
592 if (user_context) {
593 server_info->setContext(user_context);
594 }
595
596 return (server_info);
597}
598
599// *********************** DnsServerInfoListParser *************************
600
603 ConstElementPtr domain_config,
604 const TSIGKeyInfoMapPtr keys) {
606 DnsServerInfoParser parser;
607 for (auto const& server_config : server_list->listValue()) {
608 DnsServerInfoPtr server =
609 parser.parse(server_config, domain_config, keys);
610 servers->push_back(server);
611 }
612
613 return (servers);
614}
615
616// *********************** DdnsDomainParser *************************
617
619 const TSIGKeyInfoMapPtr keys) {
620 std::string name = getString(domain_config, "name");
621 std::string key_name = getString(domain_config, "key-name");
622 ConstElementPtr user_context = domain_config->get("user-context");
623
624 // Parse the list of DNS servers
625 ConstElementPtr servers_config;
626 try {
627 servers_config = domain_config->get("dns-servers");
628 } catch (const std::exception& ex) {
629 isc_throw(D2CfgError, "DdnsDomain : missing dns-server list"
630 << " (" << servers_config->getPosition() << ")");
631 }
632
633 DnsServerInfoListParser server_parser;
635 server_parser.parse(servers_config, domain_config, keys);
636 if (servers->size() == 0) {
637 isc_throw(D2CfgError, "DNS server list cannot be empty"
638 << servers_config->getPosition());
639 }
640
641 // Instantiate the new domain and add it to domain storage.
642 DdnsDomainPtr domain(new DdnsDomain(name, servers, key_name));
643
644 // Add user-context
645 if (user_context) {
646 domain->setContext(user_context);
647 }
648
649 return (domain);
650}
651
652// *********************** DdnsDomainListParser *************************
653
655 const TSIGKeyInfoMapPtr keys) {
656 DdnsDomainMapPtr domains(new DdnsDomainMap());
657 DdnsDomainParser parser;
658 for (auto const& domain_config : domain_list->listValue()) {
659 DdnsDomainPtr domain = parser.parse(domain_config, keys);
660
661 // Duplicates are not allowed
662 if (domains->find(domain->getName()) != domains->end()) {
663 isc_throw(D2CfgError, "Duplicate domain specified:"
664 << domain->getName()
665 << " (" << getPosition("name", domain_config) << ")");
666 }
667
668 (*domains)[domain->getName()] = domain;
669 }
670
671 return (domains);
672}
673
674// *********************** DdnsDomainListMgrParser *************************
675
678 const std::string& mgr_name,
679 const TSIGKeyInfoMapPtr keys) {
680 DdnsDomainListMgrPtr mgr(new DdnsDomainListMgr(mgr_name));
681
682 // Parse the list of domains
683 ConstElementPtr domains_config = mgr_config->get("ddns-domains");
684 if (domains_config) {
685 DdnsDomainListParser domain_parser;
686 DdnsDomainMapPtr domains = domain_parser.parse(domains_config, keys);
687
688 // Add the new domain to the domain storage.
689 mgr->setDomains(domains);
690 }
691
692 return(mgr);
693}
694
695} // end of isc::dhcp namespace
696} // end of isc namespace
static ElementPtr create(const Position &pos=ZERO_POSITION())
Definition data.cc:249
static ElementPtr createMap(const Position &pos=ZERO_POSITION())
Creates an empty MapElement type ElementPtr.
Definition data.cc:304
static ElementPtr createList(const Position &pos=ZERO_POSITION())
Creates an empty ListElement type ElementPtr.
Definition data.cc:299
A generic exception that is thrown if a parameter given to a method is considered invalid in that con...
Exception thrown when the error during configuration handling occurs.
Definition d2_config.h:136
Acts as a storage vault for D2 global scalar parameters.
Definition d2_config.h:143
D2Params()
Default constructor The default constructor creates an instance that has updates disabled.
Definition d2_config.cc:44
const isc::asiolink::IOAddress & getIpAddress() const
Return the IP address D2 listens on.
Definition d2_config.h:174
bool operator!=(const D2Params &other) const
Compares two D2Params's for inequality.
Definition d2_config.cc:96
size_t getPort() const
Return the TCP/UPD port D2 listens on.
Definition d2_config.h:179
bool operator==(const D2Params &other) const
Compares two D2Params's for equality.
Definition d2_config.cc:87
D2Params(const isc::asiolink::IOAddress &ip_address, const size_t port, const size_t dns_server_timeout, const dhcp_ddns::NameChangeProtocol &ncr_protocol, const dhcp_ddns::NameChangeFormat &ncr_format)
Constructor.
Definition d2_config.cc:31
virtual ~D2Params()
Destructor.
Definition d2_config.cc:52
std::string getConfigSummary() const
Return summary of the configuration used by D2.
Definition d2_config.cc:79
std::string toText() const
Generates a string representation of the class contents.
Definition d2_config.cc:101
virtual void validateContents()
Validates member values.
Definition d2_config.cc:55
DdnsDomainListMgrPtr parse(data::ConstElementPtr mgr_config, const std::string &mgr_name, const TSIGKeyInfoMapPtr keys)
Performs the actual parsing of the given manager element.
Definition d2_config.cc:677
Provides storage for and management of a list of DNS domains.
Definition d2_config.h:646
DdnsDomainListMgr(const std::string &name)
Constructor.
Definition d2_config.cc:299
virtual bool matchDomain(const std::string &fqdn, DdnsDomainPtr &domain)
Matches a given name to a domain based on a longest match scheme.
Definition d2_config.cc:326
void setDomains(DdnsDomainMapPtr domains)
Sets the manger's domain list to the given list of domains.
Definition d2_config.cc:308
static const char * wildcard_domain_name_
defines the domain name for denoting the wildcard domain.
Definition d2_config.h:649
virtual ~DdnsDomainListMgr()
Destructor.
Definition d2_config.cc:304
uint32_t size() const
Returns the number of domains in the domain list.
Definition d2_config.h:689
virtual isc::data::ElementPtr toElement() const
Unparse a configuration object.
Definition d2_config.cc:390
Parser for a list of DdnsDomains.
Definition d2_config.h:894
DdnsDomainMapPtr parse(data::ConstElementPtr domain_list_config, const TSIGKeyInfoMapPtr keys)
Performs the actual parsing of the given list "ddns-domain" elements.
Definition d2_config.cc:654
Parser for DdnsDomain.
Definition d2_config.h:875
DdnsDomainPtr parse(data::ConstElementPtr domain_config, const TSIGKeyInfoMapPtr keys)
Performs the actual parsing of the given "ddns-domain" element.
Definition d2_config.cc:618
Represents a DNS domain that is may be updated dynamically.
Definition d2_config.h:570
DdnsDomain(const std::string &name, DnsServerInfoStoragePtr servers, const std::string &key_name="")
Constructor.
Definition d2_config.cc:261
virtual ~DdnsDomain()
Destructor.
Definition d2_config.cc:267
virtual isc::data::ElementPtr toElement() const
Unparse a configuration object.
Definition d2_config.cc:271
Parser for a list of DnsServerInfos.
Definition d2_config.h:851
DnsServerInfoStoragePtr parse(data::ConstElementPtr server_list_config, data::ConstElementPtr domain_config, const TSIGKeyInfoMapPtr keys)
Performs the actual parsing of the given list "dns-server" elements.
Definition d2_config.cc:602
Parser for DnsServerInfo.
Definition d2_config.h:823
DnsServerInfoPtr parse(data::ConstElementPtr server_config, data::ConstElementPtr domain_config, const TSIGKeyInfoMapPtr keys)
Performs the actual parsing of the given "dns-server" element.
Definition d2_config.cc:510
Represents a specific DNS Server.
Definition d2_config.h:433
std::string toText() const
Returns a text representation for the server.
Definition d2_config.cc:228
const std::string getKeyName() const
Convenience method which returns the server's TSIG key name.
Definition d2_config.cc:219
DnsServerInfo(const std::string &hostname, isc::asiolink::IOAddress ip_address, uint32_t port=STANDARD_DNS_PORT, bool enabled=true, const TSIGKeyInfoPtr &tsig_key_info=TSIGKeyInfoPtr(), bool inherited_key=true)
Constructor.
Definition d2_config.cc:204
virtual isc::data::ElementPtr toElement() const
Unparse a configuration object.
Definition d2_config.cc:235
uint32_t getPort() const
Getter which returns the server's port number.
Definition d2_config.h:474
const isc::asiolink::IOAddress & getIpAddress() const
Getter which returns the server's ip_address.
Definition d2_config.h:481
virtual ~DnsServerInfo()
Destructor.
Definition d2_config.cc:215
TSIGKeyInfoMapPtr parse(data::ConstElementPtr key_list_config)
Performs the parsing of the given list "tsig-key" elements.
Definition d2_config.cc:488
Parser for TSIGKeyInfo.
Definition d2_config.h:784
TSIGKeyInfoPtr parse(data::ConstElementPtr key_config)
Performs the actual parsing of the given "tsig-key" element.
Definition d2_config.cc:406
Represents a TSIG Key.
Definition d2_config.h:266
static const char * HMAC_SHA224_STR
Definition d2_config.h:273
TSIGKeyInfo(const std::string &name, const std::string &algorithm, const std::string &secret, std::string secret_file="", uint32_t digestbits=0)
Constructor.
Definition d2_config.cc:131
virtual ~TSIGKeyInfo()
Destructor.
Definition d2_config.cc:139
static const char * HMAC_MD5_STR
Defines string values for the supported TSIG algorithms.
Definition d2_config.h:270
virtual isc::data::ElementPtr toElement() const
Unparse a configuration object.
Definition d2_config.cc:182
static const char * HMAC_SHA1_STR
Definition d2_config.h:271
static const char * HMAC_SHA256_STR
Definition d2_config.h:272
static const dns::Name & stringToAlgorithmName(const std::string &algorithm_id)
Converts algorithm id to dns::TSIGKey algorithm dns::Name.
Definition d2_config.cc:143
static const char * HMAC_SHA512_STR
Definition d2_config.h:275
static const char * HMAC_SHA384_STR
Definition d2_config.h:274
static const data::Element::Position & getPosition(const std::string &name, const data::ConstElementPtr parent)
Utility method that returns position of an element.
static std::string getString(isc::data::ConstElementPtr scope, const std::string &name)
Returns a string parameter from a scope.
static int64_t getInteger(isc::data::ConstElementPtr scope, const std::string &name)
Returns an integer parameter from a scope.
The Name class encapsulates DNS names.
Definition name.h:219
std::string toText(bool omit_final_dot=false) const
Convert the Name to a string.
Definition name.cc:503
static const Name & HMACMD5_NAME()
Well known algorithm names as defined in RFC2845 and RFC4635.
Definition tsigkey.cc:304
static const Name & HMACSHA224_NAME()
Definition tsigkey.cc:322
static const Name & HMACSHA256_NAME()
Definition tsigkey.cc:328
static const Name & HMACSHA1_NAME()
Definition tsigkey.cc:316
static const Name & HMACSHA512_NAME()
Definition tsigkey.cc:340
static const Name & HMACSHA384_NAME()
Definition tsigkey.cc:334
static bool shouldEnforceSecurity()
Indicates security checks should be enforced.
#define isc_throw(type, stream)
A shortcut macro to insert known values into exception arguments.
#define LOG_WARN(LOGGER, MESSAGE)
Macro to conveniently test warn output and log it.
Definition macros.h:26
boost::shared_ptr< DdnsDomainListMgr > DdnsDomainListMgrPtr
Defines a pointer for DdnsDomain instances.
Definition d2_cfg_mgr.h:175
boost::shared_ptr< DdnsDomain > DdnsDomainPtr
Defines a pointer for DdnsDomain instances.
Definition d2_config.h:624
boost::shared_ptr< DdnsDomainMap > DdnsDomainMapPtr
Defines a pointer to DdnsDomain storage containers.
Definition d2_config.h:633
const isc::log::MessageID DHCP_DDNS_TSIG_SECRET_SECURITY_WARNING
Definition d2_messages.h:90
boost::shared_ptr< DnsServerInfo > DnsServerInfoPtr
Defines a pointer for DnsServerInfo instances.
Definition d2_config.h:554
std::map< std::string, DdnsDomainPtr > DdnsDomainMap
Defines a map of DdnsDomains, keyed by the domain name.
Definition d2_config.h:627
isc::log::Logger dhcp_to_d2_logger("dhcp-to-d2")
Definition d2_log.h:19
boost::shared_ptr< TSIGKeyInfo > TSIGKeyInfoPtr
Defines a pointer for TSIGKeyInfo instances.
Definition d2_config.h:416
std::vector< DnsServerInfoPtr > DnsServerInfoStorage
Defines a storage container for DnsServerInfo pointers.
Definition d2_config.h:557
std::map< std::string, TSIGKeyInfoPtr > TSIGKeyInfoMap
Defines a map of TSIGKeyInfos, keyed by the name.
Definition d2_config.h:419
boost::shared_ptr< DnsServerInfoStorage > DnsServerInfoStoragePtr
Defines a pointer to DnsServerInfo storage containers.
Definition d2_config.h:560
const isc::log::MessageID DHCP_DDNS_NO_MATCH
Definition d2_messages.h:51
boost::shared_ptr< TSIGKeyInfoMap > TSIGKeyInfoMapPtr
Defines a pointer to map of TSIGkeyInfos.
Definition d2_config.h:425
boost::shared_ptr< const Element > ConstElementPtr
Definition data.h:29
boost::shared_ptr< Element > ElementPtr
Definition data.h:28
NameChangeFormat
Defines the list of data wire formats supported.
Definition ncr_msg.h:59
NameChangeProtocol
Defines the list of socket protocols supported.
Definition ncr_io.h:69
std::string ncrProtocolToString(NameChangeProtocol protocol)
Function which converts NameChangeProtocol enums to text labels.
Definition ncr_io.cc:36
std::string ncrFormatToString(NameChangeFormat format)
Function which converts NameChangeFormat enums to text labels.
Definition ncr_msg.cc:35
string getContent(string const &file_name)
Get the content of a regular file.
Definition filesystem.cc:33
Defines the logger used by the top-level component of kea-lfc.
void contextToElement(data::ElementPtr map) const
Merge unparse a user_context object.