Commit 4bc0c6d6 authored by Karel Slaný's avatar Karel Slaný Committed by Ondřej Surý
Browse files

Renamed cookie related modules. Some code refactoring.

parent e16793f3
......@@ -471,7 +471,7 @@ static int init_resolver(struct engine *engine)
}
/* Load basic modules */
engine_register(engine, "cookies", NULL, NULL);
engine_register(engine, "cookiemonster", NULL, NULL);
engine_register(engine, "iterate", NULL, NULL);
engine_register(engine, "validate", NULL, NULL);
engine_register(engine, "rrcache", NULL, NULL);
......
......@@ -451,7 +451,7 @@ static bool subreq_update_cookies(uv_udp_t *handle, struct sockaddr *srvr_addr,
assert(pkt);
/* Cookies disabled or packet has no ENDS section. */
if (!kr_cookies_control.enabled || !pkt->opt_rr) {
if (!kr_glob_cookie_ctx.enabled || !pkt->opt_rr) {
return true;
}
......@@ -473,7 +473,7 @@ static bool subreq_update_cookies(uv_udp_t *handle, struct sockaddr *srvr_addr,
sockaddr_ptr = NULL;
}
kr_request_put_cookie(&kr_cookies_control, cookie_cache,
kr_request_put_cookie(&kr_glob_cookie_ctx, cookie_cache,
(struct sockaddr*) sockaddr_ptr, srvr_addr, pkt);
return true;
......
......@@ -221,7 +221,8 @@ int kr_cookie_cache_insert_cookie(struct kr_cache_txn *txn, const void *sockaddr
.count = 1 /* Only one entry. */
};
size_t cookie_opt_size = knot_edns_opt_get_length(cookie->cookie_opt) + KNOT_EDNS_OPTION_HDRLEN;
size_t cookie_opt_size = KNOT_EDNS_OPTION_HDRLEN +
knot_edns_opt_get_length(cookie->cookie_opt);
knot_db_val_t data = { (uint8_t *) cookie->cookie_opt, cookie_opt_size };
return kr_cookie_cache_insert(txn, KR_CACHE_COOKIE, sockaddr, &header,
......
......@@ -14,6 +14,8 @@
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
//#define MODULE_DEBUG_MSGS 1 /* Comment out if debug messages are not desired. */
#include <arpa/inet.h> /* inet_ntop() */
#include <sys/socket.h>
#include <netinet/in.h>
......@@ -28,15 +30,19 @@
#include "lib/layer.h"
#include "lib/utils.h"
#define DEBUG_MSG(qry, fmt...) QRDEBUG(qry, "cookies_control", fmt)
#if defined MODULE_DEBUG_MSGS
# define DEBUG_MSG(qry, fmt...) QRDEBUG(qry, "cookies_control", fmt)
#else /* !defined MODULE_DEBUG_MSGS */
# define DEBUG_MSG(qry, fmt...) do { } while (0)
#endif /* defined MODULE_DEBUG_MSGS */
/* Default client secret. */
struct secret_quantity dflt_cs = {
struct kr_cookie_secret dflt_cs = {
.size = KNOT_OPT_COOKIE_CLNT,
.data = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}
};
struct cookies_control kr_cookies_control = {
struct kr_cookie_ctx kr_glob_cookie_ctx = {
.enabled = false,
.current_cs = &dflt_cs
};
......@@ -129,7 +135,7 @@ int kr_address_bytes(const void *sockaddr, const uint8_t **addr, size_t *len)
int kr_client_cokie_fnv64(uint8_t cc_buf[KNOT_OPT_COOKIE_CLNT],
const void *clnt_sockaddr, const void *srvr_sockaddr,
const struct secret_quantity *secret)
const struct kr_cookie_secret *secret)
{
if (!cc_buf) {
return kr_error(EINVAL);
......@@ -207,7 +213,7 @@ static const uint8_t *peek_and_check_cc(struct kr_cache_txn *txn,
return NULL;
}
int kr_request_put_cookie(const struct cookies_control *cntrl,
int kr_request_put_cookie(const struct kr_cookie_ctx *cntrl,
struct kr_cache *cookie_cache,
const void *clnt_sockaddr, const void *srvr_sockaddr,
knot_pkt_t *pkt)
......@@ -234,7 +240,10 @@ int kr_request_put_cookie(const struct cookies_control *cntrl,
}
struct kr_cache_txn txn;
kr_cache_txn_begin(cookie_cache, &txn, KNOT_DB_RDONLY);
ret = kr_cache_txn_begin(cookie_cache, &txn, KNOT_DB_RDONLY);
if (ret != kr_ok()) {
return kr_error(EIO);
}
const uint8_t *cached_cookie = peek_and_check_cc(&txn, srvr_sockaddr,
cc);
......
......@@ -23,31 +23,32 @@
#include "lib/cache.h"
#include "lib/defines.h"
#define KR_COOKIE_PLD_MAX 44 /* TODO -- Define in libknot. */
/** Maximal size of a cookie option. */
#define KR_COOKIE_OPT_MAX_LEN (KNOT_EDNS_OPTION_HDRLEN + KNOT_OPT_COOKIE_CLNT + KNOT_OPT_COOKIE_SRVR_MAX)
/** Holds secret quantity. */
struct secret_quantity {
struct kr_cookie_secret {
size_t size; /*!< Secret quantity size. */
uint8_t data[]; /*!< Secret quantity data. */
};
/* Default client secret. */
/** Default client secret. */
KR_EXPORT
extern struct secret_quantity dflt_cs;
extern struct kr_cookie_secret dflt_cs;
/** DNSSEC cookies controlling structure. */
struct cookies_control {
/** DNS cookies controlling structure. */
struct kr_cookie_ctx {
bool enabled; /*!< Enabled/disables DNS cookies functionality. */
struct secret_quantity *current_cs; /*!< current client secret */
struct secret_quantity *recent_cs; /*!< recent client secret */
struct kr_cookie_secret *current_cs; /*!< current client secret */
struct kr_cookie_secret *recent_cs; /*!< recent client secret */
// struct kr_cache cache; /*!< Server cookies cache. */
};
/** Global cookies control. */
/** Global cookie control context. */
KR_EXPORT
extern struct cookies_control kr_cookies_control;
extern struct kr_cookie_ctx kr_glob_cookie_ctx;
/**
* Get pointers to IP address bytes.
......@@ -68,7 +69,7 @@ int kr_address_bytes(const void *sockaddr, const uint8_t **addr, size_t *len);
KR_EXPORT
int kr_client_cokie_fnv64(uint8_t cc_buf[KNOT_OPT_COOKIE_CLNT],
const void *clnt_sockaddr, const void *srvr_sockaddr,
const struct secret_quantity *secret);
const struct kr_cookie_secret *secret);
/**
* Insert a DNS cookie into query packet.
......@@ -80,7 +81,7 @@ int kr_client_cokie_fnv64(uint8_t cc_buf[KNOT_OPT_COOKIE_CLNT],
* @param pkt DNS request packet.
*/
KR_EXPORT
int kr_request_put_cookie(const struct cookies_control *cntrl,
int kr_request_put_cookie(const struct kr_cookie_ctx *cntrl,
struct kr_cache *cookie_cache,
const void *clnt_sockaddr, const void *srvr_sockaddr,
knot_pkt_t *pkt);
......@@ -30,24 +30,29 @@
#include "lib/module.h"
#include "lib/layer.h"
#define DEBUG_MSG(qry, fmt...) QRDEBUG(qry, "cookies", fmt)
#define DEBUG_MSG(qry, fmt...) QRDEBUG(qry, "cookiemonster", fmt)
/* TODO -- The context must store sent cookies and server addresses in order
* to make the process more reliable. */
/**
* Check whether supplied client cookie was generated from given client secret
* and address.
*
* TODO -- The context must store sent cookies and server addresses in order
* to make the process more reliable.
* @param cc client cookie
* @param clnt_sockaddr client socket address (i.e. resolver address)
* @param srvr_sockaddr server socket address
* @param csecr client secret
* @return kr_ok() or error code
*/
static int check_client_cookie(const uint8_t cc[KNOT_OPT_COOKIE_CLNT],
const void *clnt_sockaddr,
const void *srvr_sockaddr,
const struct secret_quantity *secret)
const struct kr_cookie_secret *csecr)
{
uint8_t generated_cc[KNOT_OPT_COOKIE_CLNT] = {0, };
int ret = kr_client_cokie_fnv64(generated_cc, clnt_sockaddr,
srvr_sockaddr, secret);
srvr_sockaddr, csecr);
if (ret != kr_ok()) {
return ret;
}
......@@ -62,6 +67,8 @@ static int check_client_cookie(const uint8_t cc[KNOT_OPT_COOKIE_CLNT],
/**
* Obtain address from query/response context if if can be obtained.
* @param qry query context
* @return pointer to where the server socket address, NULL if not provided within context
*/
static const struct sockaddr *passed_server_sockaddr(const struct kr_query *qry)
{
......@@ -71,19 +78,6 @@ static const struct sockaddr *passed_server_sockaddr(const struct kr_query *qry)
if (qry->rsource.ip4.sin_family == AF_INET ||
qry->rsource.ip4.sin_family == AF_INET6) {
tmp_sockaddr = (struct sockaddr *) &qry->rsource.ip4;
WITH_DEBUG {
char addr_str[INET6_ADDRSTRLEN];
(void *) &qry->rsource.ip4.sin_addr;
(void *) &qry->rsource.ip6.sin6_addr;
inet_ntop(tmp_sockaddr->sa_family,
(tmp_sockaddr->sa_family == AF_INET) ?
(void *) &qry->rsource.ip4.sin_addr :
(void *) &qry->rsource.ip6.sin6_addr,
addr_str, sizeof(addr_str));
DEBUG_MSG(NULL,
"obtained response address '%s' from query context \n",
addr_str);
}
}
return tmp_sockaddr;
......@@ -91,12 +85,16 @@ static const struct sockaddr *passed_server_sockaddr(const struct kr_query *qry)
/**
* Tries to guess the name server address from the reputation mechanism.
* @param nsrep name server reputation context
* @param cc client cookie data
* @param csecr client secret
* @return pointer to address if a matching found, NULL if none matches
*/
static const struct sockaddr *guess_server_addr(const struct kr_nsrep *nsrep,
const uint8_t cc[KNOT_OPT_COOKIE_CLNT],
const struct secret_quantity *secret)
const struct kr_cookie_secret *csecr)
{
assert(nsrep && cc && secret);
assert(nsrep && cc && csecr);
const struct sockaddr *sockaddr = NULL;
......@@ -105,14 +103,7 @@ static const struct sockaddr *guess_server_addr(const struct kr_nsrep *nsrep,
if (nsrep->addr[i].ip.sa_family == AF_UNSPEC) {
break;
}
int ret = check_client_cookie(cc, NULL, &nsrep->addr[i], secret);
WITH_DEBUG {
char addr_str[INET6_ADDRSTRLEN];
inet_ntop(nsrep->addr[i].ip.sa_family,
kr_nsrep_inaddr(nsrep->addr[i]), addr_str,
sizeof(addr_str));
DEBUG_MSG(NULL, "nsrep address '%s' %d\n", addr_str, ret);
}
int ret = check_client_cookie(cc, NULL, &nsrep->addr[i], csecr);
if (ret == kr_ok()) {
sockaddr = (struct sockaddr *) &nsrep->addr[i];
break;
......@@ -133,7 +124,7 @@ static const struct sockaddr *guess_server_addr(const struct kr_nsrep *nsrep,
static int srvr_sockaddr_cc_check(const struct sockaddr **sockaddr, bool *is_current,
const struct kr_query *qry,
const uint8_t cc[KNOT_OPT_COOKIE_CLNT],
const struct cookies_control *cntrl)
const struct kr_cookie_ctx *cntrl)
{
assert(sockaddr && is_current && qry && cc && cntrl);
......@@ -178,16 +169,20 @@ static int srvr_sockaddr_cc_check(const struct sockaddr **sockaddr, bool *is_cur
return tmp_sockaddr ? kr_ok() : kr_error(EINVAL);
}
#define MAX_COOKIE_OPT_LEN (KNOT_EDNS_OPTION_HDRLEN + KNOT_OPT_COOKIE_CLNT + KNOT_OPT_COOKIE_SRVR_MAX)
/**
* Obtain cookie from cache.
* @note The ttl and current time are respected. Outdated entries are ignored.
* @param cache cache context
* @param sockaddr key value
* @param timestamp current time
* @param remove_outdated true if outdated entries should be removed
* @param cookie_opt entire EDNS cookie option (including header)
* @return true if a cookie exists in cache
*/
static bool materialise_cookie_opt(struct kr_cache *cache,
const struct sockaddr *sockaddr,
uint32_t timestamp, bool remove_outdated,
uint8_t cookie_opt[MAX_COOKIE_OPT_LEN])
uint8_t cookie_opt[KR_COOKIE_OPT_MAX_LEN])
{
assert(cache && sockaddr);
......@@ -195,8 +190,11 @@ static bool materialise_cookie_opt(struct kr_cache *cache,
struct timed_cookie timed_cookie = { 0, };
struct kr_cache_txn txn;
kr_cache_txn_begin(cache, &txn, KNOT_DB_RDONLY);
int ret = kr_cookie_cache_peek_cookie(&txn, sockaddr, &timed_cookie,
int ret = kr_cache_txn_begin(cache, &txn, KNOT_DB_RDONLY);
if (ret != kr_ok()) {
return false;
}
ret = kr_cookie_cache_peek_cookie(&txn, sockaddr, &timed_cookie,
&timestamp);
if (ret != kr_ok()) {
kr_cache_txn_abort(&txn);
......@@ -207,15 +205,18 @@ static bool materialise_cookie_opt(struct kr_cache *cache,
if (remove_outdated && (timed_cookie.ttl < timestamp)) {
/* Outdated entries must be removed. */
kr_cache_txn_abort(&txn);
kr_cache_txn_begin(cache, &txn, 0);
DEBUG_MSG(NULL, "%s\n", "removing outdated entry from cache");
kr_cookie_cache_remove_cookie(&txn, sockaddr);
kr_cache_txn_commit(&txn);
if (kr_cache_txn_begin(cache, &txn, 0) == kr_ok()) {
DEBUG_MSG(NULL, "%s\n",
"removing outdated entry from cache");
kr_cookie_cache_remove_cookie(&txn, sockaddr);
kr_cache_txn_commit(&txn);
}
return false;
}
size_t cookie_opt_size = knot_edns_opt_get_length(timed_cookie.cookie_opt) + KNOT_EDNS_OPTION_HDRLEN;
assert(cookie_opt_size <= MAX_COOKIE_OPT_LEN);
size_t cookie_opt_size = KNOT_EDNS_OPTION_HDRLEN +
knot_edns_opt_get_length(timed_cookie.cookie_opt);
assert(cookie_opt_size <= KR_COOKIE_OPT_MAX_LEN);
if (cookie_opt) {
memcpy(cookie_opt, timed_cookie.cookie_opt, cookie_opt_size);
......@@ -224,64 +225,48 @@ static bool materialise_cookie_opt(struct kr_cache *cache,
return true;
}
/**
* Check whether the supplied cookie is cached under the given key.
* @param cache cache context
* @param sockaddr key value
* @param timestamp current time
* @param cookie_opt cookie option to search for
*/
static bool is_cookie_cached(struct kr_cache *cache,
const struct sockaddr *sockaddr,
uint32_t timestamp,
const uint8_t *pkt_cookie_opt)
const uint8_t *cookie_opt)
{
assert(cache && sockaddr && pkt_cookie_opt);
assert(cache && sockaddr && cookie_opt);
uint8_t cached_cookie_opt[MAX_COOKIE_OPT_LEN];
uint8_t cached_opt[KR_COOKIE_OPT_MAX_LEN];
bool have_cached = materialise_cookie_opt(cache, sockaddr, timestamp,
false, cached_cookie_opt);
false, cached_opt);
if (!have_cached) {
return false;
}
uint16_t pkt_cookie_opt_size = knot_edns_opt_get_length(pkt_cookie_opt) + KNOT_EDNS_OPTION_HDRLEN;
uint16_t cached_cookie_size = knot_edns_opt_get_length(cached_cookie_opt) + KNOT_EDNS_OPTION_HDRLEN;
uint16_t cookie_opt_size = KNOT_EDNS_OPTION_HDRLEN +
knot_edns_opt_get_length(cookie_opt);
uint16_t cached_opt_size = KNOT_EDNS_OPTION_HDRLEN +
knot_edns_opt_get_length(cached_opt);
if (pkt_cookie_opt_size != cached_cookie_size) {
if (cookie_opt_size != cached_opt_size) {
return false;
}
return memcmp(pkt_cookie_opt, cached_cookie_opt, pkt_cookie_opt_size) == 0;
return memcmp(cookie_opt, cached_opt, cookie_opt_size) == 0;
}
/** Process response. */
static int check_response(knot_layer_t *ctx, knot_pkt_t *pkt)
/**
* Check cookie content and store it to cache.
*/
static bool check_cookie_content_and_cache(struct kr_query *qry,
uint8_t *pkt_cookie_opt,
struct kr_cache *cache)
{
if (!kr_cookies_control.enabled) {
return ctx->state;
}
/* Obtain cookie if present in response. Don't check content. */
uint8_t *pkt_cookie_opt = NULL;
if (knot_pkt_has_edns(pkt)) {
pkt_cookie_opt = knot_edns_get_option(pkt->opt_rr,
KNOT_EDNS_OPTION_COOKIE);
}
struct kr_request *req = ctx->data;
struct kr_query *qry = req->current_query;
struct kr_cache *cookie_cache = &req->ctx->cache; //&kr_cookies_control.cache;
const struct sockaddr *srvr_sockaddr = passed_server_sockaddr(qry);
if (!pkt_cookie_opt && srvr_sockaddr &&
materialise_cookie_opt(cookie_cache, srvr_sockaddr, qry->timestamp.tv_sec,
true, NULL)) {
/* We haven't received any cookies although we should. */
DEBUG_MSG(NULL, "%s\n", "expected to receive a cookie but none received");
return KNOT_STATE_FAIL;
}
if (!pkt_cookie_opt) {
/* Don't do anything if no cookies received. */
return ctx->state;
}
assert(pkt_cookie_opt);
uint8_t *pkt_cookie_data = knot_edns_opt_get_data(pkt_cookie_opt);
uint16_t pkt_cookie_len = knot_edns_opt_get_length(pkt_cookie_opt);
......@@ -290,52 +275,90 @@ static int check_response(knot_layer_t *ctx, knot_pkt_t *pkt)
const uint8_t *pkt_cc = NULL, *pkt_sc = NULL;
uint16_t pkt_cc_len = 0, pkt_sc_len = 0;
/* Check cookie semantics. */
int ret = knot_edns_opt_cookie_parse(pkt_cookie_data, pkt_cookie_len,
&pkt_cc, &pkt_cc_len,
&pkt_sc, &pkt_sc_len);
if (ret != KNOT_EOK || !pkt_sc) {
DEBUG_MSG(NULL, "%s\n", "received malformed DNS cookie or server cookie missing");
return KNOT_STATE_FAIL;
DEBUG_MSG(NULL, "%s\n",
"got malformed DNS cookie or server cookie missing");
return false;
}
assert(pkt_cc_len == KNOT_OPT_COOKIE_CLNT);
DEBUG_MSG(NULL, "%s\n", "checking response for received cookies");
/* Check server address against received client cookie. */
srvr_sockaddr = NULL;
const struct sockaddr *srvr_sockaddr = NULL;
bool returned_current = false;
ret = srvr_sockaddr_cc_check(&srvr_sockaddr, &returned_current, qry,
pkt_cc, &kr_cookies_control);
pkt_cc, &kr_glob_cookie_ctx);
if (ret != kr_ok()) {
DEBUG_MSG(NULL, "%s\n", "could not match received cookie");
return KNOT_STATE_FAIL;
return false;
}
assert(srvr_sockaddr);
/* Don't cache received cookies that don't match the current secret. */
if (returned_current &&
!is_cookie_cached(cookie_cache, srvr_sockaddr, qry->timestamp.tv_sec,
!is_cookie_cached(cache, srvr_sockaddr, qry->timestamp.tv_sec,
pkt_cookie_opt)) {
DEBUG_MSG(NULL, "%s\n", "caching server cookie");
struct kr_cache_txn txn;
if (kr_cache_txn_begin(cookie_cache, &txn, 0) != 0) {
/* Could not acquire cache. */
return ctx->state;
if (kr_cache_txn_begin(cache, &txn, 0) == kr_ok()) {
struct timed_cookie timed_cookie = { COOKIE_TTL, pkt_cookie_opt };
ret = kr_cookie_cache_insert_cookie(&txn, srvr_sockaddr,
&timed_cookie,
qry->timestamp.tv_sec);
if (ret != kr_ok()) {
DEBUG_MSG(NULL, "%s\n", "failed caching cookie");
kr_cache_txn_abort(&txn);
} else {
DEBUG_MSG(NULL, "%s\n", "cookie cached");
kr_cache_txn_commit(&txn);
}
}
}
struct timed_cookie timed_cookie = { COOKIE_TTL, pkt_cookie_opt };
return true;
}
ret = kr_cookie_cache_insert_cookie(&txn, srvr_sockaddr,
&timed_cookie,
qry->timestamp.tv_sec);
if (ret != kr_ok()) {
kr_cache_txn_abort(&txn);
} else {
DEBUG_MSG(NULL, "%s\n", "cookie_cached");
kr_cache_txn_commit(&txn);
}
/** Process incoming response. */
static int check_response(knot_layer_t *ctx, knot_pkt_t *pkt)
{
struct kr_request *req = ctx->data;
struct kr_query *qry = req->current_query;
if (!kr_glob_cookie_ctx.enabled || (qry->flags & QUERY_TCP)) {
return ctx->state;
}
/* Obtain cookie if present in response. Don't check actual content. */
uint8_t *pkt_cookie_opt = NULL;
if (knot_pkt_has_edns(pkt)) {
pkt_cookie_opt = knot_edns_get_option(pkt->opt_rr,
KNOT_EDNS_OPTION_COOKIE);
}
struct kr_cache *cookie_cache = &req->ctx->cache; //&kr_glob_cookie_ctx.cache;
const struct sockaddr *srvr_sockaddr = passed_server_sockaddr(qry);
if (!pkt_cookie_opt && srvr_sockaddr &&
materialise_cookie_opt(cookie_cache, srvr_sockaddr,
qry->timestamp.tv_sec, true, NULL)) {
/* We haven't received any cookies although we should. */
DEBUG_MSG(NULL, "%s\n",
"expected to receive a cookie but none received");
return KNOT_STATE_FAIL;
}
if (!pkt_cookie_opt) {
/* Don't do anything if no cookies expected and received. */
return ctx->state;
}
if (!check_cookie_content_and_cache(qry, pkt_cookie_opt,
cookie_cache)) {
return KNOT_STATE_FAIL;
}
uint16_t rcode = knot_pkt_get_ext_rcode(pkt);
......@@ -369,7 +392,7 @@ static int check_response(knot_layer_t *ctx, knot_pkt_t *pkt)
/** Module implementation. */
KR_EXPORT
const knot_layer_api_t *cookies_layer(struct kr_module *module)
const knot_layer_api_t *cookiemonster_layer(struct kr_module *module)
{
static knot_layer_api_t _layer = {
.consume = &check_response
......@@ -379,4 +402,4 @@ const knot_layer_api_t *cookies_layer(struct kr_module *module)
return &_layer;
}
KR_MODULE_EXPORT(cookies)
KR_MODULE_EXPORT(cookiemonster)
libkres_SOURCES := \
contrib/fnv/hash_64a.c \
lib/generic/map.c \
lib/layer/cookies.c \
lib/layer/cookiemonster.c \
lib/layer/iterate.c \
lib/layer/validate.c \
lib/layer/rrcache.c \
......
......@@ -24,13 +24,13 @@
#include "lib/module.h"
/* List of embedded modules */
const knot_layer_api_t *cookies_layer(struct kr_module *module);
const knot_layer_api_t *cookiemonster_layer(struct kr_module *module);
const knot_layer_api_t *iterate_layer(struct kr_module *module);
const knot_layer_api_t *validate_layer(struct kr_module *module);
const knot_layer_api_t *rrcache_layer(struct kr_module *module);
const knot_layer_api_t *pktcache_layer(struct kr_module *module);
static const struct kr_module embedded_modules[] = {
{ "cookies", NULL, NULL, NULL, cookies_layer, NULL, NULL, NULL },
{ "cookiemonster", NULL, NULL, NULL, cookiemonster_layer, NULL, NULL, NULL },
{ "iterate", NULL, NULL, NULL, iterate_layer, NULL, NULL, NULL },
{ "validate", NULL, NULL, NULL, validate_layer, NULL, NULL, NULL },
{ "rrcache", NULL, NULL, NULL, rrcache_layer, NULL, NULL, NULL },
......
......@@ -268,8 +268,8 @@ static int edns_create(knot_pkt_t *pkt, knot_pkt_t *template, struct kr_request
{
pkt->opt_rr = knot_rrset_copy(req->ctx->opt_rr, &pkt->mm);
size_t wire_size = knot_edns_wire_size(pkt->opt_rr);
if (kr_cookies_control.enabled) {
wire_size += KR_COOKIE_PLD_MAX;
if (kr_glob_cookie_ctx.enabled) {
wire_size += KR_COOKIE_OPT_MAX_LEN;
}
return knot_pkt_reserve(pkt, wire_size);
}
......
......@@ -24,7 +24,7 @@
#include "lib/cookies/control.h"
#include "lib/layer.h"
#define DEBUG_MSG(qry, fmt...) QRDEBUG(qry, "cookies_control", fmt)
#define DEBUG_MSG(qry, fmt...) QRDEBUG(qry, "cookiectl", fmt)
/** Find storage API with given prefix. */
static struct storage_api *find_storage_api(const storage_registry_t *registry,
......@@ -46,7 +46,7 @@ static struct storage_api *find_storage_api(const storage_registry_t *registry,
#define NAME_ENABLED "enabled"
#define NAME_CLIENT_SECRET "client_secret"
static bool aply_enabled(struct cookies_control *cntrl, const JsonNode *node)
static bool aply_enabled(struct kr_cookie_ctx *cntrl, const JsonNode *node)
{
if (node->tag == JSON_BOOL) {
cntrl->enabled = node->bool_;
......@@ -56,13 +56,13 @@ static bool aply_enabled(struct cookies_control *cntrl, const JsonNode *node)
return false;
}
static struct secret_quantity *new_sq_str(const JsonNode *node)
static struct kr_cookie_secret *new_sq_str(const JsonNode *node)
{
assert(node && node->tag == JSON_STRING);
size_t len = strlen(node->string_);
struct secret_quantity *sq = malloc(sizeof(*sq) + len);
struct kr_cookie_secret *sq = malloc(sizeof(*sq) + len);
if (!sq) {
return NULL;
}
......@@ -74,7 +74,7 @@ static struct secret_quantity *new_sq_str(const JsonNode *node)
#define holds_char(x) ((x) >= 0 && (x) <= 255)