dnsdist: Make SNMP configuration immutable

PowerDNS · Jan 16, 2025 · 1ca68f9 · 1ca68f9
1 parent 373554e
commit 1ca68f9
Show file tree

Hide file tree

Showing 8 changed files with 19 additions and 25 deletions.
diff --git a/pdns/dnsdistdist/dnsdist-backend.cc b/pdns/dnsdistdist/dnsdist-backend.cc
@@ -867,7 +867,7 @@ void DownstreamState::submitHealthCheckResult(bool initial, bool newResult)
     }
 
     setUpStatus(newState);
-    if (g_snmpAgent != nullptr && dnsdist::configuration::getCurrentRuntimeConfiguration().d_snmpTrapsEnabled) {
+    if (g_snmpAgent != nullptr && dnsdist::configuration::getImmutableConfiguration().d_snmpTrapsEnabled) {
       g_snmpAgent->sendBackendStatusChangeTrap(*this);
     }
   }

diff --git a/pdns/dnsdistdist/dnsdist-configuration.hh b/pdns/dnsdistdist/dnsdist-configuration.hh
@@ -59,6 +59,7 @@ struct ImmutableConfiguration
   std::set<std::string> d_capabilitiesToRetain;
   std::vector<uint32_t> d_tcpFastOpenKey;
   std::vector<std::shared_ptr<ClientState>> d_frontends;
+  std::string d_snmpDaemonSocketPath;
 #ifdef __linux__
   // On Linux this gives us 128k pending queries (default is 8192 queries),
   // which should be enough to deal with huge spikes
@@ -93,6 +94,8 @@ struct ImmutableConfiguration
   bool d_randomizeIDsToBackend{false};
   bool d_ringsRecordQueries{true};
   bool d_ringsRecordResponses{true};
+  bool d_snmpEnabled{false};
+  bool d_snmpTrapsEnabled{false};
 };
 
 /* this part of the configuration can be updated at runtime via
@@ -152,8 +155,6 @@ struct RuntimeConfiguration
   bool d_servFailOnNoPolicy{false};
   bool d_allowEmptyResponse{false};
   bool d_dropEmptyQueries{false};
-  bool d_snmpEnabled{false};
-  bool d_snmpTrapsEnabled{false};
   bool d_consoleEnabled{false};
   bool d_logConsoleConnections{true};
   bool d_addEDNSToSelfGeneratedResponses{true};

diff --git a/pdns/dnsdistdist/dnsdist-lua-actions.cc b/pdns/dnsdistdist/dnsdist-lua-actions.cc
@@ -1712,7 +1712,7 @@ class SNMPTrapAction : public DNSAction
   }
   DNSAction::Action operator()(DNSQuestion* dnsquestion, std::string* ruleresult) const override
   {
-    if (g_snmpAgent != nullptr && dnsdist::configuration::getCurrentRuntimeConfiguration().d_snmpTrapsEnabled) {
+    if (g_snmpAgent != nullptr && dnsdist::configuration::getImmutableConfiguration().d_snmpTrapsEnabled) {
       g_snmpAgent->sendDNSTrap(*dnsquestion, d_reason);
     }
 
@@ -1919,7 +1919,7 @@ class SNMPTrapResponseAction : public DNSResponseAction
   }
   DNSResponseAction::Action operator()(DNSResponse* response, std::string* ruleresult) const override
   {
-    if (g_snmpAgent != nullptr && dnsdist::configuration::getCurrentRuntimeConfiguration().d_snmpTrapsEnabled) {
+    if (g_snmpAgent != nullptr && dnsdist::configuration::getImmutableConfiguration().d_snmpTrapsEnabled) {
       g_snmpAgent->sendDNSTrap(*response, d_reason);
     }
 

diff --git a/pdns/dnsdistdist/dnsdist-lua-bindings-dnsquestion.cc b/pdns/dnsdistdist/dnsdist-lua-bindings-dnsquestion.cc
@@ -174,7 +174,7 @@ void setupLuaBindingsDNSQuestion(LuaContext& luaCtx)
 
   luaCtx.registerFunction<void (DNSQuestion::*)(std::string)>("sendTrap", [](const DNSQuestion& dnsQuestion, boost::optional<std::string> reason) {
 #ifdef HAVE_NET_SNMP
-    if (g_snmpAgent != nullptr && dnsdist::configuration::getCurrentRuntimeConfiguration().d_snmpTrapsEnabled) {
+    if (g_snmpAgent != nullptr && dnsdist::configuration::getImmutableConfiguration().d_snmpTrapsEnabled) {
       g_snmpAgent->sendDNSTrap(dnsQuestion, reason ? *reason : "");
     }
 #endif /* HAVE_NET_SNMP */
@@ -505,7 +505,7 @@ void setupLuaBindingsDNSQuestion(LuaContext& luaCtx)
 
   luaCtx.registerFunction<void (DNSResponse::*)(std::string)>("sendTrap", [](const DNSResponse& dnsResponse, boost::optional<std::string> reason) {
 #ifdef HAVE_NET_SNMP
-    if (g_snmpAgent != nullptr && dnsdist::configuration::getCurrentRuntimeConfiguration().d_snmpTrapsEnabled) {
+    if (g_snmpAgent != nullptr && dnsdist::configuration::getImmutableConfiguration().d_snmpTrapsEnabled) {
       g_snmpAgent->sendDNSTrap(dnsResponse, reason ? *reason : "");
     }
 #endif /* HAVE_NET_SNMP */

diff --git a/pdns/dnsdistdist/dnsdist-lua-ffi.cc b/pdns/dnsdistdist/dnsdist-lua-ffi.cc
@@ -637,7 +637,7 @@ bool dnsdist_ffi_dnsquestion_set_trailing_data(dnsdist_ffi_dnsquestion_t* dq, co
 
 void dnsdist_ffi_dnsquestion_send_trap(dnsdist_ffi_dnsquestion_t* dq, const char* reason, size_t reasonLen)
 {
-  if (g_snmpAgent != nullptr && dnsdist::configuration::getCurrentRuntimeConfiguration().d_snmpTrapsEnabled) {
+  if (g_snmpAgent != nullptr && dnsdist::configuration::getImmutableConfiguration().d_snmpTrapsEnabled) {
     g_snmpAgent->sendDNSTrap(*dq->dq, std::string(reason, reasonLen));
   }
 }

diff --git a/pdns/dnsdistdist/dnsdist-lua.cc b/pdns/dnsdistdist/dnsdist-lua.cc
@@ -2242,28 +2242,18 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck)
     if (client || configCheck) {
       return;
     }
-    if (!checkConfigurationTime("snmpAgent")) {
-      return;
-    }
 
-    {
-      if (dnsdist::configuration::getCurrentRuntimeConfiguration().d_snmpEnabled) {
-        errlog("snmpAgent() cannot be used twice!");
-        g_outputBuffer = "snmpAgent() cannot be used twice!\n";
-        return;
-      }
-    }
-
-    dnsdist::configuration::updateRuntimeConfiguration([enableTraps](dnsdist::configuration::RuntimeConfiguration& config) {
+    dnsdist::configuration::updateImmutableConfiguration([enableTraps, &daemonSocket](dnsdist::configuration::ImmutableConfiguration& config) {
       config.d_snmpEnabled = true;
       config.d_snmpTrapsEnabled = enableTraps;
+      if (daemonSocket) {
+        config.d_snmpDaemonSocketPath = *daemonSocket;
+      }
     });
-
-    g_snmpAgent = std::make_unique<DNSDistSNMPAgent>("dnsdist", daemonSocket ? *daemonSocket : std::string());
   });
 
   luaCtx.writeFunction("sendCustomTrap", [](const std::string& str) {
-    if (g_snmpAgent != nullptr && dnsdist::configuration::getCurrentRuntimeConfiguration().d_snmpTrapsEnabled) {
+    if (g_snmpAgent != nullptr && dnsdist::configuration::getImmutableConfiguration().d_snmpTrapsEnabled) {
       g_snmpAgent->sendCustomTrap(str);
     }
   });

diff --git a/pdns/dnsdistdist/dnsdist.cc b/pdns/dnsdistdist/dnsdist.cc
@@ -3444,9 +3444,12 @@ int main(int argc, char** argv)
     g_delay = std::make_unique<DelayPipe<DelayedPacket>>();
 #endif /* DISABLE_DELAY_PIPE */
 
-    if (g_snmpAgent != nullptr) {
+#if defined(HAVE_NET_SNMP)
+    if (dnsdist::configuration::getImmutableConfiguration().d_snmpEnabled) {
+      g_snmpAgent = std::make_unique<DNSDistSNMPAgent>("dnsdist", dnsdist::configuration::getImmutableConfiguration().d_snmpDaemonSocketPath);
       g_snmpAgent->run();
     }
+#endif /* HAVE_NET_SNMP */
 
     /* we need to create the TCP worker threads before the
        acceptor ones, otherwise we might crash when processing

diff --git a/pdns/fstrm_logger.hh b/pdns/fstrm_logger.hh
@@ -36,7 +36,7 @@
 class FrameStreamLogger : public RemoteLoggerInterface
 {
 public:
-  FrameStreamLogger(int family, std::string address, bool connect, const std::unordered_map<string, unsigned>& options = std::unordered_map<string, unsigned>());
+  FrameStreamLogger(int family, std::string address, bool connect, const std::unordered_map<string, unsigned int>& options = std::unordered_map<string, unsigned int>());
   FrameStreamLogger(const FrameStreamLogger&) = delete;
   FrameStreamLogger(FrameStreamLogger&&) = delete;
   FrameStreamLogger& operator=(const FrameStreamLogger&) = delete;