20618548088

Committed 31 Dec 2025 12:00PM UTC coverage: 72.648% (-0.7%) from 73.336%

Build # 20618548088

Build Type

Pull #16693

github

Committed by

web-flow

Commit Message

Merge 3f7d9a75b into 65de281db

Pull Request Pull Request #16693: auth: plumbing for structured logging

Run Details

39009 of 65430 branches covered (59.62%)

Branch coverage included in aggregate %.

807 of 2400 new or added lines in 58 files covered. (33.63%)

200 existing lines in 39 files now uncovered.

129187 of 166092 relevant lines covered (77.78%)

5266744.49 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

0.0

/modules/ldapbackend/primary.cc

/*
 * This file is part of PowerDNS or dnsdist.
 * Copyright -- PowerDNS.COM B.V. and its contributors
 * originally authored by Norbert Sendetzky
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of version 2 of the GNU General Public License as
 * published by the Free Software Foundation.
 *
 * In addition, for the avoidance of any doubt, permission is granted to
 * link this program with OpenSSL and to (re)distribute the binaries
 * produced as the result of such linking.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 */
#include "exceptions.hh"
#include "ldapbackend.hh"
#include <cstdlib>

void LdapBackend::getUpdatedPrimaries(vector<DomainInfo>& domains, std::unordered_set<DNSName>& catalogs, CatalogHashMap& catalogHashes)
{
  string filter;
  PowerLDAP::SearchResult::Ptr search;
  PowerLDAP::sentry_t result;
  const char* attronly[] = {
    "associatedDomain",
    NULL};

  try {
    // First get all domains on which we are primary.
    filter = strbind(":target:", "&(SOARecord=*)(PdnsDomainId=*)", getArg("filter-axfr"));
    search = d_pldap->search(getArg("basedn"), LDAP_SCOPE_SUBTREE, filter, attronly);
  }
  catch (LDAPTimeout& lt) {
    SLOG(g_log << Logger::Warning << d_myname << " Unable to search LDAP directory: " << lt.what() << endl,
         d_slog->error(Logr::Warning, lt.what(), "unable to search LDAP directory"));
    throw DBException("LDAP server timeout");
  }
  catch (LDAPNoConnection& lnc) {
    SLOG(g_log << Logger::Warning << d_myname << " Connection to LDAP lost, trying to reconnect" << endl,
         d_slog->error(Logr::Warning, lnc.what(), "LDAP connection lost, trying to reconnect"));
    if (reconnect()) {
      return this->getUpdatedPrimaries(domains, catalogs, catalogHashes);
    }
    throw PDNSException("Failed to reconnect to LDAP server");
  }
  catch (LDAPException& le) {
    SLOG(g_log << Logger::Error << d_myname << " Unable to search LDAP directory: " << le.what() << endl,
         d_slog->error(Logr::Warning, le.what(), "unable to search LDAP directory"));
    throw PDNSException("LDAP server unreachable"); // try to reconnect to another server
  }
  catch (std::exception& e) {
    throw DBException("STL exception");
  }

  while (search->getNext(result)) {
    if (!result.count("associatedDomain") || result["associatedDomain"].empty())
      continue;

    DomainInfo di;
    if (!getDomainInfo(ZoneName(result["associatedDomain"][0]), di)) {
      continue;
    }

    if (di.notified_serial < di.serial)
      domains.push_back(di);
  }
}

// NOLINTNEXTLINE(readability-identifier-length)
void LdapBackend::setNotified(domainid_t id, uint32_t serial)
{
  string filter;
  PowerLDAP::SearchResult::Ptr search;
  PowerLDAP::sresult_t results;
  PowerLDAP::sentry_t entry;
  const char* attronly[] = {"associatedDomain", NULL};

  try {
    // Try to find the notified domain
    filter = strbind(":target:", "PdnsDomainId=" + std::to_string(id), getArg("filter-axfr"));
    search = d_pldap->search(getArg("basedn"), LDAP_SCOPE_SUBTREE, filter, attronly);
    search->getAll(results, true);
  }
  catch (LDAPTimeout& lt) {
    SLOG(g_log << Logger::Warning << d_myname << " Unable to search LDAP directory: " << lt.what() << endl,
         d_slog->error(Logr::Warning, lt.what(), "unable to search LDAP directory"));
    throw DBException("LDAP server timeout");
  }
  catch (LDAPNoConnection& lnc) {
    SLOG(g_log << Logger::Warning << d_myname << " Connection to LDAP lost, trying to reconnect" << endl,
         d_slog->error(Logr::Warning, lnc.what(), "LDAP connection lost, trying to reconnect"));
    if (reconnect()) {
      this->setNotified(id, serial);
      return;
    }
    throw PDNSException("Failed to reconnect to LDAP server");
  }
  catch (LDAPException& le) {
    SLOG(g_log << Logger::Error << d_myname << " Unable to search LDAP directory: " << le.what() << endl,
         d_slog->error(Logr::Warning, le.what(), "unable to search LDAP directory"));
    throw PDNSException("LDAP server unreachable"); // try to reconnect to another server
  }
  catch (std::exception& e) {
    throw DBException("STL exception");
  }

  if (results.empty())
    throw PDNSException("No results found when trying to update domain notified_serial for ID " + std::to_string(id));

  entry = results.front();
  string dn = entry["dn"][0];
  string serialStr = std::to_string(serial);
  LDAPMod* mods[2];
  LDAPMod mod;
  char* vals[2];

  mod.mod_op = LDAP_MOD_REPLACE;
  mod.mod_type = (char*)"PdnsDomainNotifiedSerial";
  vals[0] = const_cast<char*>(serialStr.c_str());
  vals[1] = NULL;
  mod.mod_values = vals;

  mods[0] = &mod;
  mods[1] = NULL;

  try {
    d_pldap->modify(dn, mods);
  }
  catch (LDAPNoConnection& lnc) {
    SLOG(g_log << Logger::Warning << d_myname << " Connection to LDAP lost, trying to reconnect" << endl,
         d_slog->error(Logr::Warning, lnc.what(), "LDAP connection lost, trying to reconnect"));
    if (reconnect()) {
      this->setNotified(id, serial);
      return;
    }
    throw PDNSException("Failed to reconnect to LDAP server");
  }
  catch (LDAPException& le) {
    SLOG(g_log << Logger::Error << d_myname << " Unable to search LDAP directory: " << le.what() << endl,
         d_slog->error(Logr::Warning, le.what(), "unable to search LDAP directory"));
    throw PDNSException("LDAP server unreachable"); // try to reconnect to another server
  }
  catch (std::exception& e) {
    throw DBException("STL exception");
  }
}

1	/*
2	* This file is part of PowerDNS or dnsdist.
3	* Copyright -- PowerDNS.COM B.V. and its contributors
4	* originally authored by Norbert Sendetzky
5	*
6	* This program is free software; you can redistribute it and/or modify
7	* it under the terms of version 2 of the GNU General Public License as
8	* published by the Free Software Foundation.
9	*
10	* In addition, for the avoidance of any doubt, permission is granted to
11	* link this program with OpenSSL and to (re)distribute the binaries
12	* produced as the result of such linking.
13	*
14	* This program is distributed in the hope that it will be useful,
15	* but WITHOUT ANY WARRANTY; without even the implied warranty of
16	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17	* GNU General Public License for more details.
18	*
19	* You should have received a copy of the GNU General Public License
20	* along with this program; if not, write to the Free Software
21	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22	*/
23	#include "exceptions.hh"
24	#include "ldapbackend.hh"
25	#include <cstdlib>
26
27	void LdapBackend::getUpdatedPrimaries(vector<DomainInfo>& domains, std::unordered_set<DNSName>& catalogs, CatalogHashMap& catalogHashes)
28	{	×
29	string filter;	×
30	PowerLDAP::SearchResult::Ptr search;	×
31	PowerLDAP::sentry_t result;	×
32	const char* attronly[] = {	×
33	"associatedDomain",	×
34	NULL};	×
35
36	try {	×
37	// First get all domains on which we are primary.
38	filter = strbind(":target:", "&(SOARecord=)(PdnsDomainId=)", getArg("filter-axfr"));	×
39	search = d_pldap->search(getArg("basedn"), LDAP_SCOPE_SUBTREE, filter, attronly);	×
40	}	×
41	catch (LDAPTimeout& lt) {	×
NEW 42	SLOG(g_log << Logger::Warning << d_myname << " Unable to search LDAP directory: " << lt.what() << endl,	×
NEW 43	d_slog->error(Logr::Warning, lt.what(), "unable to search LDAP directory"));	×
44	throw DBException("LDAP server timeout");	×
45	}	×
46	catch (LDAPNoConnection& lnc) {	×
NEW 47	SLOG(g_log << Logger::Warning << d_myname << " Connection to LDAP lost, trying to reconnect" << endl,	×
NEW 48	d_slog->error(Logr::Warning, lnc.what(), "LDAP connection lost, trying to reconnect"));	×
49	if (reconnect()) {	×
50	return this->getUpdatedPrimaries(domains, catalogs, catalogHashes);	×
51	}	×
52	throw PDNSException("Failed to reconnect to LDAP server");	×
53	}	×
54	catch (LDAPException& le) {	×
NEW 55	SLOG(g_log << Logger::Error << d_myname << " Unable to search LDAP directory: " << le.what() << endl,	×
NEW 56	d_slog->error(Logr::Warning, le.what(), "unable to search LDAP directory"));	×
57	throw PDNSException("LDAP server unreachable"); // try to reconnect to another server	×
58	}	×
59	catch (std::exception& e) {	×
60	throw DBException("STL exception");	×
61	}	×
62
63	while (search->getNext(result)) {	×
64	if (!result.count("associatedDomain") \|\| result["associatedDomain"].empty())	×
65	continue;	×
66
67	DomainInfo di;	×
68	if (!getDomainInfo(ZoneName(result["associatedDomain"][0]), di)) {	×
69	continue;	×
70	}	×
71
72	if (di.notified_serial < di.serial)	×
73	domains.push_back(di);	×
74	}	×
75	}	×
76
77	// NOLINTNEXTLINE(readability-identifier-length)
78	void LdapBackend::setNotified(domainid_t id, uint32_t serial)
79	{	×
80	string filter;	×
81	PowerLDAP::SearchResult::Ptr search;	×
82	PowerLDAP::sresult_t results;	×
83	PowerLDAP::sentry_t entry;	×
84	const char* attronly[] = {"associatedDomain", NULL};	×
85
86	try {	×
87	// Try to find the notified domain
88	filter = strbind(":target:", "PdnsDomainId=" + std::to_string(id), getArg("filter-axfr"));	×
89	search = d_pldap->search(getArg("basedn"), LDAP_SCOPE_SUBTREE, filter, attronly);	×
90	search->getAll(results, true);	×
91	}	×
92	catch (LDAPTimeout& lt) {	×
NEW 93	SLOG(g_log << Logger::Warning << d_myname << " Unable to search LDAP directory: " << lt.what() << endl,	×
NEW 94	d_slog->error(Logr::Warning, lt.what(), "unable to search LDAP directory"));	×
95	throw DBException("LDAP server timeout");	×
96	}	×
97	catch (LDAPNoConnection& lnc) {	×
NEW 98	SLOG(g_log << Logger::Warning << d_myname << " Connection to LDAP lost, trying to reconnect" << endl,	×
NEW 99	d_slog->error(Logr::Warning, lnc.what(), "LDAP connection lost, trying to reconnect"));	×
100	if (reconnect()) {	×
101	this->setNotified(id, serial);	×
102	return;	×
103	}	×
104	throw PDNSException("Failed to reconnect to LDAP server");	×
105	}	×
106	catch (LDAPException& le) {	×
NEW 107	SLOG(g_log << Logger::Error << d_myname << " Unable to search LDAP directory: " << le.what() << endl,	×
NEW 108	d_slog->error(Logr::Warning, le.what(), "unable to search LDAP directory"));	×
109	throw PDNSException("LDAP server unreachable"); // try to reconnect to another server	×
110	}	×
111	catch (std::exception& e) {	×
112	throw DBException("STL exception");	×
113	}	×
114
115	if (results.empty())	×
116	throw PDNSException("No results found when trying to update domain notified_serial for ID " + std::to_string(id));	×
117
118	entry = results.front();	×
119	string dn = entry["dn"][0];	×
120	string serialStr = std::to_string(serial);	×
121	LDAPMod* mods[2];	×
122	LDAPMod mod;	×
123	char* vals[2];	×
124
125	mod.mod_op = LDAP_MOD_REPLACE;	×
126	mod.mod_type = (char*)"PdnsDomainNotifiedSerial";	×
127	vals[0] = const_cast<char*>(serialStr.c_str());	×
128	vals[1] = NULL;	×
129	mod.mod_values = vals;	×
130
131	mods[0] = &mod;	×
132	mods[1] = NULL;	×
133
134	try {	×
135	d_pldap->modify(dn, mods);	×
136	}	×
137	catch (LDAPNoConnection& lnc) {	×
NEW 138	SLOG(g_log << Logger::Warning << d_myname << " Connection to LDAP lost, trying to reconnect" << endl,	×
NEW 139	d_slog->error(Logr::Warning, lnc.what(), "LDAP connection lost, trying to reconnect"));	×
140	if (reconnect()) {	×
141	this->setNotified(id, serial);	×
142	return;	×
143	}	×
144	throw PDNSException("Failed to reconnect to LDAP server");	×
145	}	×
146	catch (LDAPException& le) {	×
NEW 147	SLOG(g_log << Logger::Error << d_myname << " Unable to search LDAP directory: " << le.what() << endl,	×
NEW 148	d_slog->error(Logr::Warning, le.what(), "unable to search LDAP directory"));	×
149	throw PDNSException("LDAP server unreachable"); // try to reconnect to another server	×
150	}	×
151	catch (std::exception& e) {	×
152	throw DBException("STL exception");	×
153	}	×
154	}	×

PowerDNS / pdns / 20618548088

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous