Merge changes.diff -r1.4 -r1.5 src/external/bsd/bind/Makefile.inc
(christos)
--- src/external/bsd/bind/Attic/Makefile.inc 2009/10/25 00:18:38 1.4
+++ src/external/bsd/bind/Attic/Makefile.inc 2010/08/06 10:58:03 1.5
@@ -1,32 +1,34 @@ | @@ -1,32 +1,34 @@ | |||
1 | # $NetBSD: Makefile.inc,v 1.4 2009/10/25 00:18:38 christos Exp $ | 1 | # $NetBSD: Makefile.inc,v 1.5 2010/08/06 10:58:03 christos Exp $ | |
2 | 2 | |||
3 | .if !defined(BIND9_MAKEFILE_INC) | 3 | .if !defined(BIND9_MAKEFILE_INC) | |
4 | BIND9_MAKEFILE_INC=yes | 4 | BIND9_MAKEFILE_INC=yes | |
5 | 5 | |||
6 | #NAMED_DEBUG=1 | |||
7 | ||||
6 | USE_FORT?= yes # network client/server | 8 | USE_FORT?= yes # network client/server | |
7 | 9 | |||
8 | WARNS?= 1 | 10 | WARNS?= 1 | |
9 | 11 | |||
10 | .include <bsd.own.mk> | 12 | .include <bsd.own.mk> | |
11 | 13 | |||
12 | .if ${MKCRYPTO} == "no" | 14 | .if ${MKCRYPTO} == "no" | |
13 | NAMED_USE_OPENSSL?=no | 15 | NAMED_USE_OPENSSL?=no | |
16 | .else | |||
17 | NAMED_USE_OPENSSL?=yes | |||
14 | .endif | 18 | .endif | |
15 | 19 | |||
16 | NAMED_USE_PTHREADS?=yes | 20 | NAMED_USE_PTHREADS?=yes | |
17 | 21 | |||
18 | NAMED_USE_OPENSSL?=yes | |||
19 | ||||
20 | IDIST= ${NETBSDSRCDIR}/external/bsd/bind/dist | 22 | IDIST= ${NETBSDSRCDIR}/external/bsd/bind/dist | |
21 | BIND_SRCDIR= ${NETBSDSRCDIR}/external/bsd/bind | 23 | BIND_SRCDIR= ${NETBSDSRCDIR}/external/bsd/bind | |
22 | BIND_HTMLDIR= /usr/share/doc/html/bind9 | 24 | BIND_HTMLDIR= /usr/share/doc/html/bind9 | |
23 | 25 | |||
24 | .include "${IDIST}/version" | 26 | .include "${IDIST}/version" | |
25 | 27 | |||
26 | VERSION=${MAJORVER}.${MINORVER}.${PATCHVER}${RELEASETYPE}${RELEASEVER} | 28 | VERSION=${MAJORVER}.${MINORVER}.${PATCHVER}${RELEASETYPE}${RELEASEVER} | |
27 | SYSCONFDIR=/etc | 29 | SYSCONFDIR=/etc | |
28 | LOCALSTATEDIR=/var | 30 | LOCALSTATEDIR=/var | |
29 | 31 | |||
30 | CPPFLAGS+=-I${BIND_SRCDIR}/include \ | 32 | CPPFLAGS+=-I${BIND_SRCDIR}/include \ | |
31 | -I${IDIST} \ | 33 | -I${IDIST} \ | |
32 | -I${IDIST}/lib/dns/include -I${IDIST}/lib/dns/unix/include \ | 34 | -I${IDIST}/lib/dns/include -I${IDIST}/lib/dns/unix/include \ | |
@@ -39,31 +41,39 @@ CPPFLAGS+=-I${BIND_SRCDIR}/include \ | @@ -39,31 +41,39 @@ CPPFLAGS+=-I${BIND_SRCDIR}/include \ | |||
39 | -DNS_LOCALSTATEDIR=\"${LOCALSTATEDIR}\" \ | 41 | -DNS_LOCALSTATEDIR=\"${LOCALSTATEDIR}\" \ | |
40 | -DNS_SYSCONFDIR=\"${SYSCONFDIR}\" \ | 42 | -DNS_SYSCONFDIR=\"${SYSCONFDIR}\" \ | |
41 | -DSESSION_KEYFILE=\"${LOCALSTATEDIR}/run/named/session.key\" \ | 43 | -DSESSION_KEYFILE=\"${LOCALSTATEDIR}/run/named/session.key\" \ | |
42 | -DVERSION=\"${VERSION}\" -DBIND9 | 44 | -DVERSION=\"${VERSION}\" -DBIND9 | |
43 | 45 | |||
44 | .if (${USE_INET6} != "no") | 46 | .if (${USE_INET6} != "no") | |
45 | CPPFLAGS+= -DWANT_IPV6 | 47 | CPPFLAGS+= -DWANT_IPV6 | |
46 | .endif | 48 | .endif | |
47 | 49 | |||
48 | .if defined(HAVE_GCC) && ${HAVE_GCC} == 4 | 50 | .if defined(HAVE_GCC) && ${HAVE_GCC} == 4 | |
49 | COPTS+= -Wno-pointer-sign | 51 | COPTS+= -Wno-pointer-sign | |
50 | .endif | 52 | .endif | |
51 | 53 | |||
54 | .if defined(NAMED_DEBUG) | |||
55 | DBG=-g3 -gstabs | |||
56 | .endif | |||
57 | ||||
52 | .if !defined(LIB) || empty(LIB) | 58 | .if !defined(LIB) || empty(LIB) | |
53 | # NOTE: the order of these libraries is important... | 59 | # NOTE: the order of these libraries is important... | |
60 | .if defined(NAMED_DEBUG) | |||
61 | LDADD+= -lbind9_g -ldns_g -llwres_g -lisccfg_g -lisccc_g -lisc_g | |||
62 | .else | |||
54 | LDADD+= -lbind9 -ldns -llwres -lisccfg -lisccc -lisc | 63 | LDADD+= -lbind9 -ldns -llwres -lisccfg -lisccc -lisc | |
55 | DPADD+= ${LIBBIND9} ${LIBDNS} ${LIBLWRES} | 64 | DPADD+= ${LIBBIND9} ${LIBDNS} ${LIBLWRES} | |
56 | DPADD+= ${LIBISCCFG} ${LIBISCCC} ${LIBISC} | 65 | DPADD+= ${LIBISCCFG} ${LIBISCCC} ${LIBISC} | |
66 | .endif | |||
57 | .else | 67 | .else | |
58 | CPPFLAGS+= -DLIBINTERFACE=${LIBINTERFACE} \ | 68 | CPPFLAGS+= -DLIBINTERFACE=${LIBINTERFACE} \ | |
59 | -DLIBREVISION=${LIBREVISION} -DLIBAGE=${LIBAGE} | 69 | -DLIBREVISION=${LIBREVISION} -DLIBAGE=${LIBAGE} | |
60 | .endif | 70 | .endif | |
61 | #CPPFLAGS+= -DUSE_MEMIMPREGISTER -DUSE_APPIMPREGISTER -DUSE_SOCKETIMPREGISTER \ | 71 | #CPPFLAGS+= -DUSE_MEMIMPREGISTER -DUSE_APPIMPREGISTER -DUSE_SOCKETIMPREGISTER \ | |
62 | # -DUSE_TIMERIMPREGISTER | 72 | # -DUSE_TIMERIMPREGISTER | |
63 | 73 | |||
64 | .if ${NAMED_USE_PTHREADS} == "yes" | 74 | .if ${NAMED_USE_PTHREADS} == "yes" | |
65 | # XXX: Not ready yet | 75 | # XXX: Not ready yet | |
66 | # CPPFLAGS+= -DISC_PLATFORM_USE_NATIVE_RWLOCKS | 76 | # CPPFLAGS+= -DISC_PLATFORM_USE_NATIVE_RWLOCKS | |
67 | .if !defined (LIB) || empty(LIB) | 77 | .if !defined (LIB) || empty(LIB) | |
68 | LDADD+= -lpthread | 78 | LDADD+= -lpthread | |
69 | DPADD+= ${LIBPTHREAD} | 79 | DPADD+= ${LIBPTHREAD} |
--- src/external/bsd/bind/dist/Attic/binclude4netbsd 2009/04/12 15:05:59 1.2
+++ src/external/bsd/bind/dist/Attic/binclude4netbsd 2010/08/06 10:58:03 1.3
@@ -1,48 +1,56 @@ | @@ -1,48 +1,56 @@ | |||
1 | #!/bin/sh | 1 | #!/bin/sh | |
2 | # | 2 | # | |
3 | # Use this script to update the bind include files used in the nameserver, | 3 | # Use this script to update the bind include files used in the nameserver, | |
4 | # after you've imported and built the latest bind code. After you run this, | 4 | # after you've imported and built the latest bind code. After you run this, | |
5 | # cvs import the resulting directory | 5 | # cvs import the resulting directory | |
6 | # | 6 | # | |
7 | # $ cd /usr/src/external/bsd/bind/dist | 7 | # $ cd bind-X.Y.Z | |
8 | # $ configure | 8 | # $ configure | |
9 | # $ make | 9 | # $ make | |
10 | # $ ./binclude4netbsd . /tmp/include | 10 | # $ ./binclude4netbsd . /tmp/include | |
11 | # Fix manually the config.h file to disable things controlled by the Makefiles | 11 | # Fix manually the config.h file to disable things controlled by the Makefiles | |
12 | # $ cd /tmp/include | 12 | # $ cd /tmp/include | |
13 | # $ cvs -d cvs.netbsd.org:/cvsroot import src/usr.sbin/bind/include \ | 13 | # $ cvs -d cvs.netbsd.org:/cvsroot import src/external/bsd/bind/include -m "Include files for bind-X-Y-Z" ISC bind-X-Y-Z | |
14 | # ISC bind-X-Y-Z | |||
15 | # | 14 | # | |
16 | 15 | |||
17 | PROG=$(basename $0) | 16 | PROG=$(basename $0) | |
18 | if [ \( -z "$1" \) -o \( -z "$2" \) ] | 17 | if [ \( -z "$1" \) -o \( -z "$2" \) ] | |
19 | then | 18 | then | |
20 | echo "Usage: $PROG <bind-src> <include-dest>" 1>&2 | 19 | echo "Usage: $PROG <bind-src> <include-dest>" 1>&2 | |
21 | exit 1 | 20 | exit 1 | |
22 | fi | 21 | fi | |
23 | 22 | |||
24 | BIND=$1 | 23 | BIND=$1 | |
25 | INCLUDE=$2 | 24 | INCLUDE=$2 | |
26 | 25 | |||
26 | copy() { | |||
27 | f="$(basename "$1")" | |||
28 | sed -e 's/\$\(Id.*\) \$/\1/' \ | |||
29 | -e 's/\$\(Created.*\) \$/\1/' \ | |||
30 | -e 's/\$\(Header.*\) \$/\1/' \ | |||
31 | -e 's/\$\(Revision.*\) \$/\1/' \ | |||
32 | < "$1" > "$2/$f" | |||
33 | } | |||
34 | ||||
27 | mkdir -p $INCLUDE | 35 | mkdir -p $INCLUDE | |
28 | cp $BIND/config.h $INCLUDE | 36 | copy $BIND/config.h $INCLUDE | |
29 | 37 | |||
30 | mkdir -p $INCLUDE/dns | 38 | mkdir -p $INCLUDE/dns | |
31 | 39 | |||
32 | cp $BIND/lib/dns/code.h $INCLUDE/dns | 40 | copy $BIND/lib/dns/code.h $INCLUDE/dns | |
33 | 41 | |||
34 | for i in enumclass.h enumtype.h rdatastruct.h | 42 | for i in enumclass.h enumtype.h rdatastruct.h | |
35 | do | 43 | do | |
36 | cp $BIND/lib/dns/include/dns/$i $INCLUDE/dns | 44 | copy $BIND/lib/dns/include/dns/$i $INCLUDE/dns | |
37 | done | 45 | done | |
38 | 46 | |||
39 | mkdir -p $INCLUDE/isc | 47 | mkdir -p $INCLUDE/isc | |
40 | 48 | |||
41 | cp $BIND/lib/isc/include/isc/platform.h $INCLUDE/isc | 49 | copy $BIND/lib/isc/include/isc/platform.h $INCLUDE/isc | |
42 | 50 | |||
43 | mkdir -p $INCLUDE/lwres | 51 | mkdir -p $INCLUDE/lwres | |
44 | 52 | |||
45 | for i in netdb.h platform.h | 53 | for i in netdb.h platform.h | |
46 | do | 54 | do | |
47 | cp $BIND/lib/lwres/include/lwres/$i $INCLUDE/lwres | 55 | copy $BIND/lib/lwres/include/lwres/$i $INCLUDE/lwres | |
48 | done | 56 | done |
--- src/external/bsd/bind/dist/Attic/bind2netbsd 2009/04/12 15:23:22 1.3
+++ src/external/bsd/bind/dist/Attic/bind2netbsd 2010/08/06 10:58:03 1.4
@@ -1,16 +1,16 @@ | @@ -1,16 +1,16 @@ | |||
1 | #! /bin/sh | 1 | #! /bin/sh | |
2 | # | 2 | # | |
3 | # $NetBSD: bind2netbsd,v 1.3 2009/04/12 15:23:22 christos Exp $ | 3 | # $NetBSD: bind2netbsd,v 1.4 2010/08/06 10:58:03 christos Exp $ | |
4 | # | 4 | # | |
5 | # Copyright (c) 2000 The NetBSD Foundation, Inc. | 5 | # Copyright (c) 2000 The NetBSD Foundation, Inc. | |
6 | # All rights reserved. | 6 | # All rights reserved. | |
7 | # | 7 | # | |
8 | # Redistribution and use in source and binary forms, with or without | 8 | # Redistribution and use in source and binary forms, with or without | |
9 | # modification, are permitted provided that the following conditions | 9 | # modification, are permitted provided that the following conditions | |
10 | # are met: | 10 | # are met: | |
11 | # 1. Redistributions of source code must retain the above copyright | 11 | # 1. Redistributions of source code must retain the above copyright | |
12 | # notice, this list of conditions and the following disclaimer. | 12 | # notice, this list of conditions and the following disclaimer. | |
13 | # 2. Redistributions in binary form must reproduce the above copyright | 13 | # 2. Redistributions in binary form must reproduce the above copyright | |
14 | # notice, this list of conditions and the following disclaimer in the | 14 | # notice, this list of conditions and the following disclaimer in the | |
15 | # documentation and/or other materials provided with the distribution. | 15 | # documentation and/or other materials provided with the distribution. | |
16 | # | 16 | # | |
@@ -26,32 +26,32 @@ | @@ -26,32 +26,32 @@ | |||
26 | # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE | 26 | # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE | |
27 | # POSSIBILITY OF SUCH DAMAGE. | 27 | # POSSIBILITY OF SUCH DAMAGE. | |
28 | # | 28 | # | |
29 | # bind2netbsd: convert a bind tree into a | 29 | # bind2netbsd: convert a bind tree into a | |
30 | # netbsd bind source tree, under src/external/bsd/bind/dist, | 30 | # netbsd bind source tree, under src/external/bsd/bind/dist, | |
31 | # based on bind2netbsd by Bernd Ernesti and changes by Simon Burge | 31 | # based on bind2netbsd by Bernd Ernesti and changes by Simon Burge | |
32 | # | 32 | # | |
33 | # Rough instructions for importing new bind release: | 33 | # Rough instructions for importing new bind release: | |
34 | # | 34 | # | |
35 | # $ cd /some/where/temporary | 35 | # $ cd /some/where/temporary | |
36 | # $ tar xpfz /new/bind/release/tar/file | 36 | # $ tar xpfz /new/bind/release/tar/file | |
37 | # $ sh /usr/src/external/bsd/bind/dist/bind2netbsd bind-9.x.y `pwd` | 37 | # $ sh /usr/src/external/bsd/bind/dist/bind2netbsd bind-9.x.y `pwd` | |
38 | # $ cd src/external/bsd/bind/dist | 38 | # $ cd src/external/bsd/bind/dist | |
39 | # $ cvs import -m "Import bind 9.x.y" src/external/bsd/bind/dist ISC bind-9-x-y | 39 | # $ cvs -d cvs.netbsd.org:/cvsroot import -m "Import bind 9.x.y" src/external/bsd/bind/dist ISC bind-9-x-y | |
40 | # $ cd ../../../../../bind-9.x.y | 40 | # $ cd ../../../../../bind-9.x.y | |
41 | # $ run ./configure | 41 | # $ run ./configure | |
42 | # $ run make | 42 | # $ run make | |
43 | # - use the binclude4netbsd to create and import the new headers in | 43 | # - use the binclude4netbsd to create and import the new headers in | |
44 | # /usr/src/usr.sbin/bind/include | 44 | # /usr/src/external/bsd/bind/include | |
45 | # - check makefiles to see if any extra sources have been added. | 45 | # - check makefiles to see if any extra sources have been added. | |
46 | # - update distrib/sets if necessary. | 46 | # - update distrib/sets if necessary. | |
47 | 47 | |||
48 | if [ $# -ne 2 ]; then echo "bind2netbsd src dest"; exit 1; fi | 48 | if [ $# -ne 2 ]; then echo "bind2netbsd src dest"; exit 1; fi | |
49 | 49 | |||
50 | r=$1 | 50 | r=$1 | |
51 | d=$2/src/external/bsd/bind/dist | 51 | d=$2/src/external/bsd/bind/dist | |
52 | 52 | |||
53 | case "$d" in | 53 | case "$d" in | |
54 | /*) | 54 | /*) | |
55 | ;; | 55 | ;; | |
56 | *) | 56 | *) | |
57 | d=`/bin/pwd`/$d | 57 | d=`/bin/pwd`/$d |
--- src/external/bsd/bind/dist/bin/dig/Attic/dighost.c 2009/12/26 23:08:21 1.4
+++ src/external/bsd/bind/dist/bin/dig/Attic/dighost.c 2010/08/06 10:58:03 1.5
@@ -1,33 +1,33 @@ | @@ -1,33 +1,33 @@ | |||
1 | /* $NetBSD: dighost.c,v 1.4 2009/12/26 23:08:21 christos Exp $ */ | 1 | /* $NetBSD: dighost.c,v 1.5 2010/08/06 10:58:03 christos Exp $ */ | |
2 | 2 | |||
3 | /* | 3 | /* | |
4 | * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") | 4 | * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") | |
5 | * Copyright (C) 2000-2003 Internet Software Consortium. | 5 | * Copyright (C) 2000-2003 Internet Software Consortium. | |
6 | * | 6 | * | |
7 | * Permission to use, copy, modify, and/or distribute this software for any | 7 | * Permission to use, copy, modify, and/or distribute this software for any | |
8 | * purpose with or without fee is hereby granted, provided that the above | 8 | * purpose with or without fee is hereby granted, provided that the above | |
9 | * copyright notice and this permission notice appear in all copies. | 9 | * copyright notice and this permission notice appear in all copies. | |
10 | * | 10 | * | |
11 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | 11 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | |
12 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | 12 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | |
13 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | 13 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | |
14 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | 14 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | |
15 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | 15 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | |
16 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | 16 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | |
17 | * PERFORMANCE OF THIS SOFTWARE. | 17 | * PERFORMANCE OF THIS SOFTWARE. | |
18 | */ | 18 | */ | |
19 | 19 | |||
20 | /* Id: dighost.c,v 1.328 2009/11/10 17:27:40 each Exp */ | 20 | /* Id: dighost.c,v 1.328.22.3 2010/06/24 07:29:07 marka Exp */ | |
21 | 21 | |||
22 | /*! \file | 22 | /*! \file | |
23 | * \note | 23 | * \note | |
24 | * Notice to programmers: Do not use this code as an example of how to | 24 | * Notice to programmers: Do not use this code as an example of how to | |
25 | * use the ISC library to perform DNS lookups. Dig and Host both operate | 25 | * use the ISC library to perform DNS lookups. Dig and Host both operate | |
26 | * on the request level, since they allow fine-tuning of output and are | 26 | * on the request level, since they allow fine-tuning of output and are | |
27 | * intended as debugging tools. As a result, they perform many of the | 27 | * intended as debugging tools. As a result, they perform many of the | |
28 | * functions which could be better handled using the dns_resolver | 28 | * functions which could be better handled using the dns_resolver | |
29 | * functions in most applications. | 29 | * functions in most applications. | |
30 | */ | 30 | */ | |
31 | 31 | |||
32 | #include <config.h> | 32 | #include <config.h> | |
33 | #include <stdlib.h> | 33 | #include <stdlib.h> | |
@@ -1154,32 +1154,41 @@ static dig_searchlist_t * | @@ -1154,32 +1154,41 @@ static dig_searchlist_t * | |||
1154 | make_searchlist_entry(char *domain) { | 1154 | make_searchlist_entry(char *domain) { | |
1155 | dig_searchlist_t *search; | 1155 | dig_searchlist_t *search; | |
1156 | search = isc_mem_allocate(mctx, sizeof(*search)); | 1156 | search = isc_mem_allocate(mctx, sizeof(*search)); | |
1157 | if (search == NULL) | 1157 | if (search == NULL) | |
1158 | fatal("memory allocation failure in %s:%d", | 1158 | fatal("memory allocation failure in %s:%d", | |
1159 | __FILE__, __LINE__); | 1159 | __FILE__, __LINE__); | |
1160 | strncpy(search->origin, domain, MXNAME); | 1160 | strncpy(search->origin, domain, MXNAME); | |
1161 | search->origin[MXNAME-1] = 0; | 1161 | search->origin[MXNAME-1] = 0; | |
1162 | ISC_LINK_INIT(search, link); | 1162 | ISC_LINK_INIT(search, link); | |
1163 | return (search); | 1163 | return (search); | |
1164 | } | 1164 | } | |
1165 | 1165 | |||
1166 | static void | 1166 | static void | |
1167 | clear_searchlist(void) { | |||
1168 | dig_searchlist_t *search; | |||
1169 | while ((search = ISC_LIST_HEAD(search_list)) != NULL) { | |||
1170 | ISC_LIST_UNLINK(search_list, search, link); | |||
1171 | isc_mem_free(mctx, search); | |||
1172 | } | |||
1173 | } | |||
1174 | ||||
1175 | static void | |||
1167 | create_search_list(lwres_conf_t *confdata) { | 1176 | create_search_list(lwres_conf_t *confdata) { | |
1168 | int i; | 1177 | int i; | |
1169 | dig_searchlist_t *search; | 1178 | dig_searchlist_t *search; | |
1170 | 1179 | |||
1171 | debug("create_search_list()"); | 1180 | debug("create_search_list()"); | |
1172 | ISC_LIST_INIT(search_list); | 1181 | clear_searchlist(); | |
1173 | 1182 | |||
1174 | for (i = 0; i < confdata->searchnxt; i++) { | 1183 | for (i = 0; i < confdata->searchnxt; i++) { | |
1175 | search = make_searchlist_entry(confdata->search[i]); | 1184 | search = make_searchlist_entry(confdata->search[i]); | |
1176 | ISC_LIST_APPEND(search_list, search, link); | 1185 | ISC_LIST_APPEND(search_list, search, link); | |
1177 | } | 1186 | } | |
1178 | } | 1187 | } | |
1179 | 1188 | |||
1180 | /*% | 1189 | /*% | |
1181 | * Setup the system as a whole, reading key information and resolv.conf | 1190 | * Setup the system as a whole, reading key information and resolv.conf | |
1182 | * settings. | 1191 | * settings. | |
1183 | */ | 1192 | */ | |
1184 | void | 1193 | void | |
1185 | setup_system(void) { | 1194 | setup_system(void) { | |
@@ -1202,27 +1211,27 @@ setup_system(void) { | @@ -1202,27 +1211,27 @@ setup_system(void) { | |||
1202 | 1211 | |||
1203 | lwresult = lwres_conf_parse(lwctx, RESOLV_CONF); | 1212 | lwresult = lwres_conf_parse(lwctx, RESOLV_CONF); | |
1204 | if (lwresult != LWRES_R_SUCCESS && lwresult != LWRES_R_NOTFOUND) | 1213 | if (lwresult != LWRES_R_SUCCESS && lwresult != LWRES_R_NOTFOUND) | |
1205 | fatal("parse of %s failed", RESOLV_CONF); | 1214 | fatal("parse of %s failed", RESOLV_CONF); | |
1206 | 1215 | |||
1207 | lwconf = lwres_conf_get(lwctx); | 1216 | lwconf = lwres_conf_get(lwctx); | |
1208 | 1217 | |||
1209 | /* Make the search list */ | 1218 | /* Make the search list */ | |
1210 | if (lwconf->searchnxt > 0) | 1219 | if (lwconf->searchnxt > 0) | |
1211 | create_search_list(lwconf); | 1220 | create_search_list(lwconf); | |
1212 | else { /* No search list. Use the domain name if any */ | 1221 | else { /* No search list. Use the domain name if any */ | |
1213 | if (lwconf->domainname != NULL) { | 1222 | if (lwconf->domainname != NULL) { | |
1214 | domain = make_searchlist_entry(lwconf->domainname); | 1223 | domain = make_searchlist_entry(lwconf->domainname); | |
1215 | ISC_LIST_INITANDAPPEND(search_list, domain, link); | 1224 | ISC_LIST_APPEND(search_list, domain, link); | |
1216 | domain = NULL; | 1225 | domain = NULL; | |
1217 | } | 1226 | } | |
1218 | } | 1227 | } | |
1219 | 1228 | |||
1220 | if (ndots == -1) { | 1229 | if (ndots == -1) { | |
1221 | ndots = lwconf->ndots; | 1230 | ndots = lwconf->ndots; | |
1222 | debug("ndots is %d.", ndots); | 1231 | debug("ndots is %d.", ndots); | |
1223 | } | 1232 | } | |
1224 | 1233 | |||
1225 | /* If user doesn't specify server use nameservers from resolv.conf. */ | 1234 | /* If user doesn't specify server use nameservers from resolv.conf. */ | |
1226 | if (ISC_LIST_EMPTY(server_list)) | 1235 | if (ISC_LIST_EMPTY(server_list)) | |
1227 | copy_server_list(lwconf, &server_list); | 1236 | copy_server_list(lwconf, &server_list); | |
1228 | 1237 | |||
@@ -1257,35 +1266,26 @@ setup_system(void) { | @@ -1257,35 +1266,26 @@ setup_system(void) { | |||
1257 | dns_name_init(&chase_name, NULL); | 1266 | dns_name_init(&chase_name, NULL); | |
1258 | #if DIG_SIGCHASE_TD | 1267 | #if DIG_SIGCHASE_TD | |
1259 | dns_name_init(&chase_current_name, NULL); | 1268 | dns_name_init(&chase_current_name, NULL); | |
1260 | dns_name_init(&chase_authority_name, NULL); | 1269 | dns_name_init(&chase_authority_name, NULL); | |
1261 | #endif | 1270 | #endif | |
1262 | #if DIG_SIGCHASE_BU | 1271 | #if DIG_SIGCHASE_BU | |
1263 | dns_name_init(&chase_signame, NULL); | 1272 | dns_name_init(&chase_signame, NULL); | |
1264 | #endif | 1273 | #endif | |
1265 | 1274 | |||
1266 | #endif | 1275 | #endif | |
1267 | 1276 | |||
1268 | } | 1277 | } | |
1269 | 1278 | |||
1270 | static void | |||
1271 | clear_searchlist(void) { | |||
1272 | dig_searchlist_t *search; | |||
1273 | while ((search = ISC_LIST_HEAD(search_list)) != NULL) { | |||
1274 | ISC_LIST_UNLINK(search_list, search, link); | |||
1275 | isc_mem_free(mctx, search); | |||
1276 | } | |||
1277 | } | |||
1278 | ||||
1279 | /*% | 1279 | /*% | |
1280 | * Override the search list derived from resolv.conf by 'domain'. | 1280 | * Override the search list derived from resolv.conf by 'domain'. | |
1281 | */ | 1281 | */ | |
1282 | void | 1282 | void | |
1283 | set_search_domain(char *domain) { | 1283 | set_search_domain(char *domain) { | |
1284 | dig_searchlist_t *search; | 1284 | dig_searchlist_t *search; | |
1285 | 1285 | |||
1286 | clear_searchlist(); | 1286 | clear_searchlist(); | |
1287 | search = make_searchlist_entry(domain); | 1287 | search = make_searchlist_entry(domain); | |
1288 | ISC_LIST_APPEND(search_list, search, link); | 1288 | ISC_LIST_APPEND(search_list, search, link); | |
1289 | } | 1289 | } | |
1290 | 1290 | |||
1291 | /*% | 1291 | /*% | |
@@ -2393,50 +2393,59 @@ bringup_timer(dig_query_t *query, unsign | @@ -2393,50 +2393,59 @@ bringup_timer(dig_query_t *query, unsign | |||
2393 | 2393 | |||
2394 | static void | 2394 | static void | |
2395 | force_timeout(dig_lookup_t *l, dig_query_t *query) { | 2395 | force_timeout(dig_lookup_t *l, dig_query_t *query) { | |
2396 | isc_event_t *event; | 2396 | isc_event_t *event; | |
2397 | 2397 | |||
2398 | event = isc_event_allocate(mctx, query, ISC_TIMEREVENT_IDLE, | 2398 | event = isc_event_allocate(mctx, query, ISC_TIMEREVENT_IDLE, | |
2399 | connect_timeout, l, | 2399 | connect_timeout, l, | |
2400 | sizeof(isc_event_t)); | 2400 | sizeof(isc_event_t)); | |
2401 | if (event == NULL) { | 2401 | if (event == NULL) { | |
2402 | fatal("isc_event_allocate: %s", | 2402 | fatal("isc_event_allocate: %s", | |
2403 | isc_result_totext(ISC_R_NOMEMORY)); | 2403 | isc_result_totext(ISC_R_NOMEMORY)); | |
2404 | } | 2404 | } | |
2405 | isc_task_send(global_task, &event); | 2405 | isc_task_send(global_task, &event); | |
2406 | ||||
2407 | /* | |||
2408 | * The timer may have expired if, for example, get_address() takes | |||
2409 | * long time and the timer was running on a different thread. | |||
2410 | * We need to cancel the possible timeout event not to confuse | |||
2411 | * ourselves due to the duplicate events. | |||
2412 | */ | |||
2413 | if (l->timer != NULL) | |||
2414 | isc_timer_detach(&l->timer); | |||
2406 | } | 2415 | } | |
2407 | 2416 | |||
2408 | 2417 | |||
2409 | static void | 2418 | static void | |
2410 | connect_done(isc_task_t *task, isc_event_t *event); | 2419 | connect_done(isc_task_t *task, isc_event_t *event); | |
2411 | 2420 | |||
2412 | /*% | 2421 | /*% | |
2413 | * Unlike send_udp, this can't be called multiple times with the same | 2422 | * Unlike send_udp, this can't be called multiple times with the same | |
2414 | * query. When we retry TCP, we requeue the whole lookup, which should | 2423 | * query. When we retry TCP, we requeue the whole lookup, which should | |
2415 | * start anew. | 2424 | * start anew. | |
2416 | */ | 2425 | */ | |
2417 | static void | 2426 | static void | |
2418 | send_tcp_connect(dig_query_t *query) { | 2427 | send_tcp_connect(dig_query_t *query) { | |
2419 | isc_result_t result; | 2428 | isc_result_t result; | |
2420 | dig_query_t *next; | 2429 | dig_query_t *next; | |
2421 | dig_lookup_t *l; | 2430 | dig_lookup_t *l; | |
2422 | 2431 | |||
2423 | debug("send_tcp_connect(%p)", query); | 2432 | debug("send_tcp_connect(%p)", query); | |
2424 | 2433 | |||
2425 | l = query->lookup; | 2434 | l = query->lookup; | |
2426 | query->waiting_connect = ISC_TRUE; | 2435 | query->waiting_connect = ISC_TRUE; | |
2427 | query->lookup->current_query = query; | 2436 | query->lookup->current_query = query; | |
2428 | result = get_address(query->servname, port, &query->sockaddr); | 2437 | result = get_address(query->servname, port, &query->sockaddr); | |
2429 | if (result == ISC_R_NOTFOUND) { | 2438 | if (result != ISC_R_SUCCESS) { | |
2430 | /* | 2439 | /* | |
2431 | * This servname doesn't have an address. Try the next server | 2440 | * This servname doesn't have an address. Try the next server | |
2432 | * by triggering an immediate 'timeout' (we lie, but the effect | 2441 | * by triggering an immediate 'timeout' (we lie, but the effect | |
2433 | * is the same). | 2442 | * is the same). | |
2434 | */ | 2443 | */ | |
2435 | force_timeout(l, query); | 2444 | force_timeout(l, query); | |
2436 | return; | 2445 | return; | |
2437 | } | 2446 | } | |
2438 | 2447 | |||
2439 | if (specified_source && | 2448 | if (specified_source && | |
2440 | (isc_sockaddr_pf(&query->sockaddr) != | 2449 | (isc_sockaddr_pf(&query->sockaddr) != | |
2441 | isc_sockaddr_pf(&bind_address))) { | 2450 | isc_sockaddr_pf(&bind_address))) { | |
2442 | printf(";; Skipping server %s, incompatible " | 2451 | printf(";; Skipping server %s, incompatible " | |
@@ -2498,27 +2507,27 @@ send_udp(dig_query_t *query) { | @@ -2498,27 +2507,27 @@ send_udp(dig_query_t *query) { | |||
2498 | dig_lookup_t *l = NULL; | 2507 | dig_lookup_t *l = NULL; | |
2499 | isc_result_t result; | 2508 | isc_result_t result; | |
2500 | 2509 | |||
2501 | debug("send_udp(%p)", query); | 2510 | debug("send_udp(%p)", query); | |
2502 | 2511 | |||
2503 | l = query->lookup; | 2512 | l = query->lookup; | |
2504 | bringup_timer(query, UDP_TIMEOUT); | 2513 | bringup_timer(query, UDP_TIMEOUT); | |
2505 | l->current_query = query; | 2514 | l->current_query = query; | |
2506 | debug("working on lookup %p, query %p", query->lookup, query); | 2515 | debug("working on lookup %p, query %p", query->lookup, query); | |
2507 | if (!query->recv_made) { | 2516 | if (!query->recv_made) { | |
2508 | /* XXX Check the sense of this, need assertion? */ | 2517 | /* XXX Check the sense of this, need assertion? */ | |
2509 | query->waiting_connect = ISC_FALSE; | 2518 | query->waiting_connect = ISC_FALSE; | |
2510 | result = get_address(query->servname, port, &query->sockaddr); | 2519 | result = get_address(query->servname, port, &query->sockaddr); | |
2511 | if (result == ISC_R_NOTFOUND) { | 2520 | if (result != ISC_R_SUCCESS) { | |
2512 | /* This servname doesn't have an address. */ | 2521 | /* This servname doesn't have an address. */ | |
2513 | force_timeout(l, query); | 2522 | force_timeout(l, query); | |
2514 | return; | 2523 | return; | |
2515 | } | 2524 | } | |
2516 | 2525 | |||
2517 | result = isc_socket_create(socketmgr, | 2526 | result = isc_socket_create(socketmgr, | |
2518 | isc_sockaddr_pf(&query->sockaddr), | 2527 | isc_sockaddr_pf(&query->sockaddr), | |
2519 | isc_sockettype_udp, &query->sock); | 2528 | isc_sockettype_udp, &query->sock); | |
2520 | check_result(result, "isc_socket_create"); | 2529 | check_result(result, "isc_socket_create"); | |
2521 | sockcount++; | 2530 | sockcount++; | |
2522 | debug("sockcount=%d", sockcount); | 2531 | debug("sockcount=%d", sockcount); | |
2523 | if (specified_source) { | 2532 | if (specified_source) { | |
2524 | result = isc_socket_bind(query->sock, &bind_address, | 2533 | result = isc_socket_bind(query->sock, &bind_address, |
--- src/external/bsd/bind/dist/bin/dnssec/Attic/dnssec-keyfromlabel.c 2009/12/26 23:08:21 1.3
+++ src/external/bsd/bind/dist/bin/dnssec/Attic/dnssec-keyfromlabel.c 2010/08/06 10:58:03 1.4
@@ -1,49 +1,50 @@ | @@ -1,49 +1,50 @@ | |||
1 | /* $NetBSD: dnssec-keyfromlabel.c,v 1.3 2009/12/26 23:08:21 christos Exp $ */ | 1 | /* $NetBSD: dnssec-keyfromlabel.c,v 1.4 2010/08/06 10:58:03 christos Exp $ */ | |
2 | 2 | |||
3 | /* | 3 | /* | |
4 | * Copyright (C) 2007-2009 Internet Systems Consortium, Inc. ("ISC") | 4 | * Copyright (C) 2007-2010 Internet Systems Consortium, Inc. ("ISC") | |
5 | * | 5 | * | |
6 | * Permission to use, copy, modify, and/or distribute this software for any | 6 | * Permission to use, copy, modify, and/or distribute this software for any | |
7 | * purpose with or without fee is hereby granted, provided that the above | 7 | * purpose with or without fee is hereby granted, provided that the above | |
8 | * copyright notice and this permission notice appear in all copies. | 8 | * copyright notice and this permission notice appear in all copies. | |
9 | * | 9 | * | |
10 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | 10 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | |
11 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | 11 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | |
12 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | 12 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | |
13 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | 13 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | |
14 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | 14 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | |
15 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | 15 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | |
16 | * PERFORMANCE OF THIS SOFTWARE. | 16 | * PERFORMANCE OF THIS SOFTWARE. | |
17 | */ | 17 | */ | |
18 | 18 | |||
19 | /* Id: dnssec-keyfromlabel.c,v 1.29 2009/11/25 23:00:32 marka Exp */ | 19 | /* Id: dnssec-keyfromlabel.c,v 1.29.8.2 2010/01/19 23:48:12 tbox Exp */ | |
20 | 20 | |||
21 | /*! \file */ | 21 | /*! \file */ | |
22 | 22 | |||
23 | #include <config.h> | 23 | #include <config.h> | |
24 | 24 | |||
25 | #include <ctype.h> | 25 | #include <ctype.h> | |
26 | #include <stdlib.h> | 26 | #include <stdlib.h> | |
27 | 27 | |||
28 | #include <isc/buffer.h> | 28 | #include <isc/buffer.h> | |
29 | #include <isc/commandline.h> | 29 | #include <isc/commandline.h> | |
30 | #include <isc/entropy.h> | 30 | #include <isc/entropy.h> | |
31 | #include <isc/mem.h> | 31 | #include <isc/mem.h> | |
32 | #include <isc/region.h> | 32 | #include <isc/region.h> | |
33 | #include <isc/print.h> | 33 | #include <isc/print.h> | |
34 | #include <isc/string.h> | 34 | #include <isc/string.h> | |
35 | #include <isc/util.h> | 35 | #include <isc/util.h> | |
36 | 36 | |||
37 | #include <dns/dnssec.h> | |||
37 | #include <dns/fixedname.h> | 38 | #include <dns/fixedname.h> | |
38 | #include <dns/keyvalues.h> | 39 | #include <dns/keyvalues.h> | |
39 | #include <dns/log.h> | 40 | #include <dns/log.h> | |
40 | #include <dns/name.h> | 41 | #include <dns/name.h> | |
41 | #include <dns/rdataclass.h> | 42 | #include <dns/rdataclass.h> | |
42 | #include <dns/result.h> | 43 | #include <dns/result.h> | |
43 | #include <dns/secalg.h> | 44 | #include <dns/secalg.h> | |
44 | 45 | |||
45 | #include <dst/dst.h> | 46 | #include <dst/dst.h> | |
46 | 47 | |||
47 | #include "dnssectool.h" | 48 | #include "dnssectool.h" | |
48 | 49 | |||
49 | #define MAX_RSA 4096 /* should be long enough... */ | 50 | #define MAX_RSA 4096 /* should be long enough... */ | |
@@ -74,33 +75,34 @@ usage(void) { | @@ -74,33 +75,34 @@ usage(void) { | |||
74 | fprintf(stderr, " -a algorithm: %s\n", algs); | 75 | fprintf(stderr, " -a algorithm: %s\n", algs); | |
75 | fprintf(stderr, " (default: RSASHA1, or " | 76 | fprintf(stderr, " (default: RSASHA1, or " | |
76 | "NSEC3RSASHA1 if using -3)\n"); | 77 | "NSEC3RSASHA1 if using -3)\n"); | |
77 | fprintf(stderr, " -3: use NSEC3-capable algorithm\n"); | 78 | fprintf(stderr, " -3: use NSEC3-capable algorithm\n"); | |
78 | fprintf(stderr, " -c class (default: IN)\n"); | 79 | fprintf(stderr, " -c class (default: IN)\n"); | |
79 | #ifdef USE_PKCS11 | 80 | #ifdef USE_PKCS11 | |
80 | fprintf(stderr, " -E enginename (default: pkcs11)\n"); | 81 | fprintf(stderr, " -E enginename (default: pkcs11)\n"); | |
81 | #else | 82 | #else | |
82 | fprintf(stderr, " -E enginename\n"); | 83 | fprintf(stderr, " -E enginename\n"); | |
83 | #endif | 84 | #endif | |
84 | fprintf(stderr, " -f keyflag: KSK | REVOKE\n"); | 85 | fprintf(stderr, " -f keyflag: KSK | REVOKE\n"); | |
85 | fprintf(stderr, " -K directory: directory in which to place " | 86 | fprintf(stderr, " -K directory: directory in which to place " | |
86 | "key files\n"); | 87 | "key files\n"); | |
87 | fprintf(stderr, " -k : generate a TYPE=KEY key\n"); | 88 | fprintf(stderr, " -k: generate a TYPE=KEY key\n"); | |
88 | fprintf(stderr, " -n nametype: ZONE | HOST | ENTITY | USER | OTHER\n"); | 89 | fprintf(stderr, " -n nametype: ZONE | HOST | ENTITY | USER | OTHER\n"); | |
89 | fprintf(stderr, " (DNSKEY generation defaults to ZONE\n"); | 90 | fprintf(stderr, " (DNSKEY generation defaults to ZONE\n"); | |
90 | fprintf(stderr, " -p protocol: default: 3 [dnssec]\n"); | 91 | fprintf(stderr, " -p protocol: default: 3 [dnssec]\n"); | |
91 | fprintf(stderr, " -t type: " | 92 | fprintf(stderr, " -t type: " | |
92 | "AUTHCONF | NOAUTHCONF | NOAUTH | NOCONF " | 93 | "AUTHCONF | NOAUTHCONF | NOAUTH | NOCONF " | |
93 | "(default: AUTHCONF)\n"); | 94 | "(default: AUTHCONF)\n"); | |
95 | fprintf(stderr, " -y: permit keys that might collide\n"); | |||
94 | fprintf(stderr, " -v verbose level\n"); | 96 | fprintf(stderr, " -v verbose level\n"); | |
95 | fprintf(stderr, "Date options:\n"); | 97 | fprintf(stderr, "Date options:\n"); | |
96 | fprintf(stderr, " -P date/[+-]offset: set key publication date\n"); | 98 | fprintf(stderr, " -P date/[+-]offset: set key publication date\n"); | |
97 | fprintf(stderr, " -A date/[+-]offset: set key activation date\n"); | 99 | fprintf(stderr, " -A date/[+-]offset: set key activation date\n"); | |
98 | fprintf(stderr, " -R date/[+-]offset: set key revocation date\n"); | 100 | fprintf(stderr, " -R date/[+-]offset: set key revocation date\n"); | |
99 | fprintf(stderr, " -I date/[+-]offset: set key inactivation date\n"); | 101 | fprintf(stderr, " -I date/[+-]offset: set key inactivation date\n"); | |
100 | fprintf(stderr, " -D date/[+-]offset: set key deletion date\n"); | 102 | fprintf(stderr, " -D date/[+-]offset: set key deletion date\n"); | |
101 | fprintf(stderr, " -G: generate key only; do not set -P or -A\n"); | 103 | fprintf(stderr, " -G: generate key only; do not set -P or -A\n"); | |
102 | fprintf(stderr, " -C: generate a backward-compatible key, omitting" | 104 | fprintf(stderr, " -C: generate a backward-compatible key, omitting" | |
103 | " all dates\n"); | 105 | " all dates\n"); | |
104 | fprintf(stderr, "Output:\n"); | 106 | fprintf(stderr, "Output:\n"); | |
105 | fprintf(stderr, " K<name>+<alg>+<id>.key, " | 107 | fprintf(stderr, " K<name>+<alg>+<id>.key, " | |
106 | "K<name>+<alg>+<id>.private\n"); | 108 | "K<name>+<alg>+<id>.private\n"); | |
@@ -109,27 +111,27 @@ usage(void) { | @@ -109,27 +111,27 @@ usage(void) { | |||
109 | } | 111 | } | |
110 | 112 | |||
111 | int | 113 | int | |
112 | main(int argc, char **argv) { | 114 | main(int argc, char **argv) { | |
113 | char *algname = NULL, *nametype = NULL, *type = NULL; | 115 | char *algname = NULL, *nametype = NULL, *type = NULL; | |
114 | const char *directory = NULL; | 116 | const char *directory = NULL; | |
115 | #ifdef USE_PKCS11 | 117 | #ifdef USE_PKCS11 | |
116 | const char *engine = "pkcs11"; | 118 | const char *engine = "pkcs11"; | |
117 | #else | 119 | #else | |
118 | const char *engine = NULL; | 120 | const char *engine = NULL; | |
119 | #endif | 121 | #endif | |
120 | char *classname = NULL; | 122 | char *classname = NULL; | |
121 | char *endp; | 123 | char *endp; | |
122 | dst_key_t *key = NULL, *oldkey = NULL; | 124 | dst_key_t *key = NULL; | |
123 | dns_fixedname_t fname; | 125 | dns_fixedname_t fname; | |
124 | dns_name_t *name; | 126 | dns_name_t *name; | |
125 | isc_uint16_t flags = 0, kskflag = 0, revflag = 0; | 127 | isc_uint16_t flags = 0, kskflag = 0, revflag = 0; | |
126 | dns_secalg_t alg; | 128 | dns_secalg_t alg; | |
127 | isc_boolean_t oldstyle = ISC_FALSE; | 129 | isc_boolean_t oldstyle = ISC_FALSE; | |
128 | isc_mem_t *mctx = NULL; | 130 | isc_mem_t *mctx = NULL; | |
129 | int ch; | 131 | int ch; | |
130 | int protocol = -1, signatory = 0; | 132 | int protocol = -1, signatory = 0; | |
131 | isc_result_t ret; | 133 | isc_result_t ret; | |
132 | isc_textregion_t r; | 134 | isc_textregion_t r; | |
133 | char filename[255]; | 135 | char filename[255]; | |
134 | isc_buffer_t buf; | 136 | isc_buffer_t buf; | |
135 | isc_log_t *log = NULL; | 137 | isc_log_t *log = NULL; | |
@@ -138,41 +140,43 @@ main(int argc, char **argv) { | @@ -138,41 +140,43 @@ main(int argc, char **argv) { | |||
138 | int options = DST_TYPE_PRIVATE | DST_TYPE_PUBLIC; | 140 | int options = DST_TYPE_PRIVATE | DST_TYPE_PUBLIC; | |
139 | char *label = NULL; | 141 | char *label = NULL; | |
140 | isc_stdtime_t publish = 0, activate = 0, revoke = 0; | 142 | isc_stdtime_t publish = 0, activate = 0, revoke = 0; | |
141 | isc_stdtime_t inactive = 0, delete = 0; | 143 | isc_stdtime_t inactive = 0, delete = 0; | |
142 | isc_stdtime_t now; | 144 | isc_stdtime_t now; | |
143 | isc_boolean_t setpub = ISC_FALSE, setact = ISC_FALSE; | 145 | isc_boolean_t setpub = ISC_FALSE, setact = ISC_FALSE; | |
144 | isc_boolean_t setrev = ISC_FALSE, setinact = ISC_FALSE; | 146 | isc_boolean_t setrev = ISC_FALSE, setinact = ISC_FALSE; | |
145 | isc_boolean_t setdel = ISC_FALSE; | 147 | isc_boolean_t setdel = ISC_FALSE; | |
146 | isc_boolean_t unsetpub = ISC_FALSE, unsetact = ISC_FALSE; | 148 | isc_boolean_t unsetpub = ISC_FALSE, unsetact = ISC_FALSE; | |
147 | isc_boolean_t unsetrev = ISC_FALSE, unsetinact = ISC_FALSE; | 149 | isc_boolean_t unsetrev = ISC_FALSE, unsetinact = ISC_FALSE; | |
148 | isc_boolean_t unsetdel = ISC_FALSE; | 150 | isc_boolean_t unsetdel = ISC_FALSE; | |
149 | isc_boolean_t genonly = ISC_FALSE; | 151 | isc_boolean_t genonly = ISC_FALSE; | |
150 | isc_boolean_t use_nsec3 = ISC_FALSE; | 152 | isc_boolean_t use_nsec3 = ISC_FALSE; | |
153 | isc_boolean_t avoid_collisions = ISC_TRUE; | |||
154 | isc_boolean_t exact; | |||
151 | unsigned char c; | 155 | unsigned char c; | |
152 | 156 | |||
153 | if (argc == 1) | 157 | if (argc == 1) | |
154 | usage(); | 158 | usage(); | |
155 | 159 | |||
156 | RUNTIME_CHECK(isc_mem_create(0, 0, &mctx) == ISC_R_SUCCESS); | 160 | RUNTIME_CHECK(isc_mem_create(0, 0, &mctx) == ISC_R_SUCCESS); | |
157 | 161 | |||
158 | dns_result_register(); | 162 | dns_result_register(); | |
159 | 163 | |||
160 | isc_commandline_errprint = ISC_FALSE; | 164 | isc_commandline_errprint = ISC_FALSE; | |
161 | 165 | |||
162 | isc_stdtime_get(&now); | 166 | isc_stdtime_get(&now); | |
163 | 167 | |||
164 | while ((ch = isc_commandline_parse(argc, argv, | 168 | while ((ch = isc_commandline_parse(argc, argv, | |
165 | "3a:Cc:E:f:K:kl:n:p:t:v:FhGP:A:R:I:D:")) != -1) | 169 | "3a:Cc:E:f:K:kl:n:p:t:v:yFhGP:A:R:I:D:")) != -1) | |
166 | { | 170 | { | |
167 | switch (ch) { | 171 | switch (ch) { | |
168 | case '3': | 172 | case '3': | |
169 | use_nsec3 = ISC_TRUE; | 173 | use_nsec3 = ISC_TRUE; | |
170 | break; | 174 | break; | |
171 | case 'a': | 175 | case 'a': | |
172 | algname = isc_commandline_argument; | 176 | algname = isc_commandline_argument; | |
173 | break; | 177 | break; | |
174 | case 'C': | 178 | case 'C': | |
175 | oldstyle = ISC_TRUE; | 179 | oldstyle = ISC_TRUE; | |
176 | break; | 180 | break; | |
177 | case 'c': | 181 | case 'c': | |
178 | classname = isc_commandline_argument; | 182 | classname = isc_commandline_argument; | |
@@ -210,26 +214,29 @@ main(int argc, char **argv) { | @@ -210,26 +214,29 @@ main(int argc, char **argv) { | |||
210 | protocol = strtol(isc_commandline_argument, &endp, 10); | 214 | protocol = strtol(isc_commandline_argument, &endp, 10); | |
211 | if (*endp != '\0' || protocol < 0 || protocol > 255) | 215 | if (*endp != '\0' || protocol < 0 || protocol > 255) | |
212 | fatal("-p must be followed by a number " | 216 | fatal("-p must be followed by a number " | |
213 | "[0..255]"); | 217 | "[0..255]"); | |
214 | break; | 218 | break; | |
215 | case 't': | 219 | case 't': | |
216 | type = isc_commandline_argument; | 220 | type = isc_commandline_argument; | |
217 | break; | 221 | break; | |
218 | case 'v': | 222 | case 'v': | |
219 | verbose = strtol(isc_commandline_argument, &endp, 0); | 223 | verbose = strtol(isc_commandline_argument, &endp, 0); | |
220 | if (*endp != '\0') | 224 | if (*endp != '\0') | |
221 | fatal("-v must be followed by a number"); | 225 | fatal("-v must be followed by a number"); | |
222 | break; | 226 | break; | |
227 | case 'y': | |||
228 | avoid_collisions = ISC_FALSE; | |||
229 | break; | |||
223 | case 'G': | 230 | case 'G': | |
224 | genonly = ISC_TRUE; | 231 | genonly = ISC_TRUE; | |
225 | break; | 232 | break; | |
226 | case 'P': | 233 | case 'P': | |
227 | if (setpub || unsetpub) | 234 | if (setpub || unsetpub) | |
228 | fatal("-P specified more than once"); | 235 | fatal("-P specified more than once"); | |
229 | 236 | |||
230 | if (strcasecmp(isc_commandline_argument, "none")) { | 237 | if (strcasecmp(isc_commandline_argument, "none")) { | |
231 | setpub = ISC_TRUE; | 238 | setpub = ISC_TRUE; | |
232 | publish = strtotime(isc_commandline_argument, | 239 | publish = strtotime(isc_commandline_argument, | |
233 | now, now); | 240 | now, now); | |
234 | } else { | 241 | } else { | |
235 | unsetpub = ISC_TRUE; | 242 | unsetpub = ISC_TRUE; | |
@@ -494,36 +501,46 @@ main(int argc, char **argv) { | @@ -494,36 +501,46 @@ main(int argc, char **argv) { | |||
494 | if (setpub || setact || setrev || setinact || | 501 | if (setpub || setact || setrev || setinact || | |
495 | setdel || unsetpub || unsetact || | 502 | setdel || unsetpub || unsetact || | |
496 | unsetrev || unsetinact || unsetdel || genonly) | 503 | unsetrev || unsetinact || unsetdel || genonly) | |
497 | fatal("cannot use -C together with " | 504 | fatal("cannot use -C together with " | |
498 | "-P, -A, -R, -I, -D, or -G options"); | 505 | "-P, -A, -R, -I, -D, or -G options"); | |
499 | /* | 506 | /* | |
500 | * Compatibility mode: Private-key-format | 507 | * Compatibility mode: Private-key-format | |
501 | * should be set to 1.2. | 508 | * should be set to 1.2. | |
502 | */ | 509 | */ | |
503 | dst_key_setprivateformat(key, 1, 2); | 510 | dst_key_setprivateformat(key, 1, 2); | |
504 | } | 511 | } | |
505 | 512 | |||
506 | /* | 513 | /* | |
507 | * Try to read a key with the same name, alg and id from disk. | 514 | * Do not overwrite an existing key. Warn LOUDLY if there | |
508 | * If there is one we must return failure. | 515 | * is a risk of ID collision due to this key or another key | |
516 | * being revoked. | |||
509 | */ | 517 | */ | |
510 | ret = dst_key_fromfile(name, dst_key_id(key), alg, | 518 | if (key_collision(dst_key_id(key), name, directory, alg, mctx, &exact)) | |
511 | DST_TYPE_PRIVATE, directory, mctx, &oldkey); | 519 | { | |
512 | /* do not overwrite an existing key */ | |||
513 | if (ret == ISC_R_SUCCESS) { | |||
514 | isc_buffer_clear(&buf); | 520 | isc_buffer_clear(&buf); | |
515 | ret = dst_key_buildfilename(key, 0, directory, &buf); | 521 | ret = dst_key_buildfilename(key, 0, directory, &buf); | |
516 | fatal("%s: %s already exists\n", program, filename); | 522 | if (exact) | |
523 | fatal("%s: %s already exists\n", program, filename); | |||
524 | ||||
525 | if (avoid_collisions) | |||
526 | fatal("%s: %s could collide with another key upon " | |||
527 | "revokation\n", program, filename); | |||
528 | ||||
529 | fprintf(stderr, "%s: WARNING: Key %s could collide with " | |||
530 | "another key upon revokation. If you plan " | |||
531 | "to revoke keys, destroy this key and " | |||
532 | "generate a different one.\n", | |||
533 | program, filename); | |||
517 | } | 534 | } | |
518 | 535 | |||
519 | ret = dst_key_tofile(key, options, directory); | 536 | ret = dst_key_tofile(key, options, directory); | |
520 | if (ret != ISC_R_SUCCESS) { | 537 | if (ret != ISC_R_SUCCESS) { | |
521 | char keystr[DST_KEY_FORMATSIZE]; | 538 | char keystr[DST_KEY_FORMATSIZE]; | |
522 | dst_key_format(key, keystr, sizeof(keystr)); | 539 | dst_key_format(key, keystr, sizeof(keystr)); | |
523 | fatal("failed to write key %s: %s\n", keystr, | 540 | fatal("failed to write key %s: %s\n", keystr, | |
524 | isc_result_totext(ret)); | 541 | isc_result_totext(ret)); | |
525 | } | 542 | } | |
526 | 543 | |||
527 | isc_buffer_clear(&buf); | 544 | isc_buffer_clear(&buf); | |
528 | ret = dst_key_buildfilename(key, 0, NULL, &buf); | 545 | ret = dst_key_buildfilename(key, 0, NULL, &buf); | |
529 | printf("%s\n", filename); | 546 | printf("%s\n", filename); |
--- src/external/bsd/bind/dist/bin/dnssec/Attic/dnssec-keygen.c 2009/12/26 23:08:21 1.3
+++ src/external/bsd/bind/dist/bin/dnssec/Attic/dnssec-keygen.c 2010/08/06 10:58:03 1.4
@@ -1,17 +1,17 @@ | @@ -1,17 +1,17 @@ | |||
1 | /* $NetBSD: dnssec-keygen.c,v 1.3 2009/12/26 23:08:21 christos Exp $ */ | 1 | /* $NetBSD: dnssec-keygen.c,v 1.4 2010/08/06 10:58:03 christos Exp $ */ | |
2 | 2 | |||
3 | /* | 3 | /* | |
4 | * Portions Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") | 4 | * Portions Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") | |
5 | * Portions Copyright (C) 1999-2003 Internet Software Consortium. | 5 | * Portions Copyright (C) 1999-2003 Internet Software Consortium. | |
6 | * | 6 | * | |
7 | * Permission to use, copy, modify, and/or distribute this software for any | 7 | * Permission to use, copy, modify, and/or distribute this software for any | |
8 | * purpose with or without fee is hereby granted, provided that the above | 8 | * purpose with or without fee is hereby granted, provided that the above | |
9 | * copyright notice and this permission notice appear in all copies. | 9 | * copyright notice and this permission notice appear in all copies. | |
10 | * | 10 | * | |
11 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS | 11 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS | |
12 | * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED | 12 | * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED | |
13 | * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE | 13 | * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE | |
14 | * FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | 14 | * FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | |
15 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | 15 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | |
16 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR | 16 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR | |
17 | * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 17 | * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | |
@@ -21,69 +21,65 @@ | @@ -21,69 +21,65 @@ | |||
21 | * Permission to use, copy, modify, and/or distribute this software for any | 21 | * Permission to use, copy, modify, and/or distribute this software for any | |
22 | * purpose with or without fee is hereby granted, provided that the above | 22 | * purpose with or without fee is hereby granted, provided that the above | |
23 | * copyright notice and this permission notice appear in all copies. | 23 | * copyright notice and this permission notice appear in all copies. | |
24 | * | 24 | * | |
25 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS | 25 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS | |
26 | * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED | 26 | * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED | |
27 | * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE | 27 | * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE | |
28 | * FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | 28 | * FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | |
29 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | 29 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | |
30 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR | 30 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR | |
31 | * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 31 | * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | |
32 | */ | 32 | */ | |
33 | 33 | |||
34 | /* Id: dnssec-keygen.c,v 1.108 2009/11/25 22:58:48 marka Exp */ | 34 | /* Id: dnssec-keygen.c,v 1.108.8.4 2010/01/19 23:48:12 tbox Exp */ | |
35 | 35 | |||
36 | /*! \file */ | 36 | /*! \file */ | |
37 | 37 | |||
38 | #include <config.h> | 38 | #include <config.h> | |
39 | 39 | |||
40 | #include <ctype.h> | 40 | #include <ctype.h> | |
41 | #include <stdlib.h> | 41 | #include <stdlib.h> | |
42 | #include <unistd.h> | 42 | #include <unistd.h> | |
43 | 43 | |||
44 | #include <isc/buffer.h> | 44 | #include <isc/buffer.h> | |
45 | #include <isc/commandline.h> | 45 | #include <isc/commandline.h> | |
46 | #include <isc/entropy.h> | 46 | #include <isc/entropy.h> | |
47 | #include <isc/mem.h> | 47 | #include <isc/mem.h> | |
48 | #include <isc/region.h> | 48 | #include <isc/region.h> | |
49 | #include <isc/string.h> | 49 | #include <isc/string.h> | |
50 | #include <isc/util.h> | 50 | #include <isc/util.h> | |
51 | 51 | |||
52 | #include <dns/dnssec.h> | |||
52 | #include <dns/fixedname.h> | 53 | #include <dns/fixedname.h> | |
53 | #include <dns/keyvalues.h> | 54 | #include <dns/keyvalues.h> | |
54 | #include <dns/log.h> | 55 | #include <dns/log.h> | |
55 | #include <dns/name.h> | 56 | #include <dns/name.h> | |
56 | #include <dns/rdataclass.h> | 57 | #include <dns/rdataclass.h> | |
57 | #include <dns/result.h> | 58 | #include <dns/result.h> | |
58 | #include <dns/secalg.h> | 59 | #include <dns/secalg.h> | |
59 | 60 | |||
60 | #include <dst/dst.h> | 61 | #include <dst/dst.h> | |
61 | 62 | |||
62 | #include "dnssectool.h" | 63 | #include "dnssectool.h" | |
63 | 64 | |||
64 | #define MAX_RSA 4096 /* should be long enough... */ | 65 | #define MAX_RSA 4096 /* should be long enough... */ | |
65 | 66 | |||
66 | const char *program = "dnssec-keygen"; | 67 | const char *program = "dnssec-keygen"; | |
67 | int verbose; | 68 | int verbose; | |
68 | 69 | |||
69 | #define DEFAULT_ALGORITHM "RSASHA1" | 70 | #define DEFAULT_ALGORITHM "RSASHA1" | |
70 | #define DEFAULT_NSEC3_ALGORITHM "NSEC3RSASHA1" | 71 | #define DEFAULT_NSEC3_ALGORITHM "NSEC3RSASHA1" | |
71 | 72 | |||
72 | static isc_boolean_t | |||
73 | dsa_size_ok(int size) { | |||
74 | return (ISC_TF(size >= 512 && size <= 1024 && size % 64 == 0)); | |||
75 | } | |||
76 | ||||
77 | ISC_PLATFORM_NORETURN_PRE static void | 73 | ISC_PLATFORM_NORETURN_PRE static void | |
78 | usage(void) ISC_PLATFORM_NORETURN_POST; | 74 | usage(void) ISC_PLATFORM_NORETURN_POST; | |
79 | 75 | |||
80 | static void progress(int p); | 76 | static void progress(int p); | |
81 | 77 | |||
82 | static void | 78 | static void | |
83 | usage(void) { | 79 | usage(void) { | |
84 | fprintf(stderr, "Usage:\n"); | 80 | fprintf(stderr, "Usage:\n"); | |
85 | fprintf(stderr, " %s [options] name\n\n", program); | 81 | fprintf(stderr, " %s [options] name\n\n", program); | |
86 | fprintf(stderr, "Version: %s\n", VERSION); | 82 | fprintf(stderr, "Version: %s\n", VERSION); | |
87 | fprintf(stderr, " name: owner of the key\n"); | 83 | fprintf(stderr, " name: owner of the key\n"); | |
88 | fprintf(stderr, "Options:\n"); | 84 | fprintf(stderr, "Options:\n"); | |
89 | fprintf(stderr, " -K <directory>: write keys into directory\n"); | 85 | fprintf(stderr, " -K <directory>: write keys into directory\n"); | |
@@ -134,44 +130,51 @@ usage(void) { | @@ -134,44 +130,51 @@ usage(void) { | |||
134 | fprintf(stderr, " -s <strength>: strength value this key signs DNS " | 130 | fprintf(stderr, " -s <strength>: strength value this key signs DNS " | |
135 | "records with (default: 0)\n"); | 131 | "records with (default: 0)\n"); | |
136 | fprintf(stderr, " -T <rrtype>: DNSKEY | KEY (default: DNSKEY; " | 132 | fprintf(stderr, " -T <rrtype>: DNSKEY | KEY (default: DNSKEY; " | |
137 | "use KEY for SIG(0))\n"); | 133 | "use KEY for SIG(0))\n"); | |
138 | fprintf(stderr, " -t <type>: " | 134 | fprintf(stderr, " -t <type>: " | |
139 | "AUTHCONF | NOAUTHCONF | NOAUTH | NOCONF " | 135 | "AUTHCONF | NOAUTHCONF | NOAUTH | NOCONF " | |
140 | "(default: AUTHCONF)\n"); | 136 | "(default: AUTHCONF)\n"); | |
141 | fprintf(stderr, " -r <randomdev>: a file containing random data\n"); | 137 | fprintf(stderr, " -r <randomdev>: a file containing random data\n"); | |
142 | 138 | |||
143 | fprintf(stderr, " -h: print usage and exit\n"); | 139 | fprintf(stderr, " -h: print usage and exit\n"); | |
144 | fprintf(stderr, " -m <memory debugging mode>:\n"); | 140 | fprintf(stderr, " -m <memory debugging mode>:\n"); | |
145 | fprintf(stderr, " usage | trace | record | size | mctx\n"); | 141 | fprintf(stderr, " usage | trace | record | size | mctx\n"); | |
146 | fprintf(stderr, " -v <level>: set verbosity level (0 - 10)\n"); | 142 | fprintf(stderr, " -v <level>: set verbosity level (0 - 10)\n"); | |
147 | fprintf(stderr, "Date options:\n"); | 143 | fprintf(stderr, "Timing options:\n"); | |
148 | fprintf(stderr, " -P date/[+-]offset: set key publication date " | 144 | fprintf(stderr, " -P date/[+-]offset/none: set key publication date " | |
149 | "(default: now)\n"); | 145 | "(default: now)\n"); | |
150 | fprintf(stderr, " -A date/[+-]offset: set key activation date " | 146 | fprintf(stderr, " -A date/[+-]offset/none: set key activation date " | |
151 | "(default: now)\n"); | 147 | "(default: now)\n"); | |
152 | fprintf(stderr, " -R date/[+-]offset: set key revocation date\n"); | 148 | fprintf(stderr, " -R date/[+-]offset/none: set key " | |
153 | fprintf(stderr, " -I date/[+-]offset: set key inactivation date\n"); | 149 | "revocation date\n"); | |
154 | fprintf(stderr, " -D date/[+-]offset: set key deletion date\n"); | 150 | fprintf(stderr, " -I date/[+-]offset/none: set key " | |
151 | "inactivation date\n"); | |||
152 | fprintf(stderr, " -D date/[+-]offset/none: set key deletion date\n"); | |||
155 | fprintf(stderr, " -G: generate key only; do not set -P or -A\n"); | 153 | fprintf(stderr, " -G: generate key only; do not set -P or -A\n"); | |
156 | fprintf(stderr, " -C: generate a backward-compatible key, omitting " | 154 | fprintf(stderr, " -C: generate a backward-compatible key, omitting " | |
157 | "all dates\n"); | 155 | "all dates\n"); | |
158 | fprintf(stderr, "Output:\n"); | 156 | fprintf(stderr, "Output:\n"); | |
159 | fprintf(stderr, " K<name>+<alg>+<id>.key, " | 157 | fprintf(stderr, " K<name>+<alg>+<id>.key, " | |
160 | "K<name>+<alg>+<id>.private\n"); | 158 | "K<name>+<alg>+<id>.private\n"); | |
161 | 159 | |||
162 | exit (-1); | 160 | exit (-1); | |
163 | } | 161 | } | |
164 | 162 | |||
163 | static isc_boolean_t | |||
164 | dsa_size_ok(int size) { | |||
165 | return (ISC_TF(size >= 512 && size <= 1024 && size % 64 == 0)); | |||
166 | } | |||
167 | ||||
165 | static void | 168 | static void | |
166 | progress(int p) | 169 | progress(int p) | |
167 | { | 170 | { | |
168 | char c = '*'; | 171 | char c = '*'; | |
169 | 172 | |||
170 | switch (p) { | 173 | switch (p) { | |
171 | case 0: | 174 | case 0: | |
172 | c = '.'; | 175 | c = '.'; | |
173 | break; | 176 | break; | |
174 | case 1: | 177 | case 1: | |
175 | c = '+'; | 178 | c = '+'; | |
176 | break; | 179 | break; | |
177 | case 2: | 180 | case 2: | |
@@ -182,27 +185,27 @@ progress(int p) | @@ -182,27 +185,27 @@ progress(int p) | |||
182 | break; | 185 | break; | |
183 | default: | 186 | default: | |
184 | break; | 187 | break; | |
185 | } | 188 | } | |
186 | (void) putc(c, stderr); | 189 | (void) putc(c, stderr); | |
187 | (void) fflush(stderr); | 190 | (void) fflush(stderr); | |
188 | } | 191 | } | |
189 | 192 | |||
190 | int | 193 | int | |
191 | main(int argc, char **argv) { | 194 | main(int argc, char **argv) { | |
192 | char *algname = NULL, *nametype = NULL, *type = NULL; | 195 | char *algname = NULL, *nametype = NULL, *type = NULL; | |
193 | char *classname = NULL; | 196 | char *classname = NULL; | |
194 | char *endp; | 197 | char *endp; | |
195 | dst_key_t *key = NULL, *oldkey; | 198 | dst_key_t *key = NULL; | |
196 | dns_fixedname_t fname; | 199 | dns_fixedname_t fname; | |
197 | dns_name_t *name; | 200 | dns_name_t *name; | |
198 | isc_uint16_t flags = 0, kskflag = 0, revflag = 0; | 201 | isc_uint16_t flags = 0, kskflag = 0, revflag = 0; | |
199 | dns_secalg_t alg; | 202 | dns_secalg_t alg; | |
200 | isc_boolean_t conflict = ISC_FALSE, null_key = ISC_FALSE; | 203 | isc_boolean_t conflict = ISC_FALSE, null_key = ISC_FALSE; | |
201 | isc_boolean_t oldstyle = ISC_FALSE; | 204 | isc_boolean_t oldstyle = ISC_FALSE; | |
202 | isc_mem_t *mctx = NULL; | 205 | isc_mem_t *mctx = NULL; | |
203 | int ch, rsa_exp = 0, generator = 0, param = 0; | 206 | int ch, rsa_exp = 0, generator = 0, param = 0; | |
204 | int protocol = -1, size = -1, signatory = 0; | 207 | int protocol = -1, size = -1, signatory = 0; | |
205 | isc_result_t ret; | 208 | isc_result_t ret; | |
206 | isc_textregion_t r; | 209 | isc_textregion_t r; | |
207 | char filename[255]; | 210 | char filename[255]; | |
208 | const char *directory = NULL; | 211 | const char *directory = NULL; | |
@@ -720,27 +723,26 @@ main(int argc, char **argv) { | @@ -720,27 +723,26 @@ main(int argc, char **argv) { | |||
720 | case DST_ALG_HMACSHA384: | 723 | case DST_ALG_HMACSHA384: | |
721 | case DST_ALG_HMACSHA512: | 724 | case DST_ALG_HMACSHA512: | |
722 | param = 0; | 725 | param = 0; | |
723 | break; | 726 | break; | |
724 | } | 727 | } | |
725 | 728 | |||
726 | if ((flags & DNS_KEYFLAG_TYPEMASK) == DNS_KEYTYPE_NOKEY) | 729 | if ((flags & DNS_KEYFLAG_TYPEMASK) == DNS_KEYTYPE_NOKEY) | |
727 | null_key = ISC_TRUE; | 730 | null_key = ISC_TRUE; | |
728 | 731 | |||
729 | isc_buffer_init(&buf, filename, sizeof(filename) - 1); | 732 | isc_buffer_init(&buf, filename, sizeof(filename) - 1); | |
730 | 733 | |||
731 | do { | 734 | do { | |
732 | conflict = ISC_FALSE; | 735 | conflict = ISC_FALSE; | |
733 | oldkey = NULL; | |||
734 | 736 | |||
735 | if (!quiet && show_progress) { | 737 | if (!quiet && show_progress) { | |
736 | fprintf(stderr, "Generating key pair."); | 738 | fprintf(stderr, "Generating key pair."); | |
737 | ret = dst_key_generate2(name, alg, size, param, flags, | 739 | ret = dst_key_generate2(name, alg, size, param, flags, | |
738 | protocol, rdclass, mctx, &key, | 740 | protocol, rdclass, mctx, &key, | |
739 | &progress); | 741 | &progress); | |
740 | putc('\n', stderr); | 742 | putc('\n', stderr); | |
741 | fflush(stderr); | 743 | fflush(stderr); | |
742 | } else { | 744 | } else { | |
743 | ret = dst_key_generate2(name, alg, size, param, flags, | 745 | ret = dst_key_generate2(name, alg, size, param, flags, | |
744 | protocol, rdclass, mctx, &key, | 746 | protocol, rdclass, mctx, &key, | |
745 | NULL); | 747 | NULL); | |
746 | } | 748 | } | |
@@ -808,57 +810,55 @@ main(int argc, char **argv) { | @@ -808,57 +810,55 @@ main(int argc, char **argv) { | |||
808 | if (setpub || setact || setrev || setinact || | 810 | if (setpub || setact || setrev || setinact || | |
809 | setdel || unsetpub || unsetact || | 811 | setdel || unsetpub || unsetact || | |
810 | unsetrev || unsetinact || unsetdel || genonly) | 812 | unsetrev || unsetinact || unsetdel || genonly) | |
811 | fatal("cannot use -C together with " | 813 | fatal("cannot use -C together with " | |
812 | "-P, -A, -R, -I, -D, or -G options"); | 814 | "-P, -A, -R, -I, -D, or -G options"); | |
813 | /* | 815 | /* | |
814 | * Compatibility mode: Private-key-format | 816 | * Compatibility mode: Private-key-format | |
815 | * should be set to 1.2. | 817 | * should be set to 1.2. | |
816 | */ | 818 | */ | |
817 | dst_key_setprivateformat(key, 1, 2); | 819 | dst_key_setprivateformat(key, 1, 2); | |
818 | } | 820 | } | |
819 | 821 | |||
820 | /* | 822 | /* | |
821 | * Try to read a key with the same name, alg and id from disk. | 823 | * Do not overwrite an existing key, or create a key | |
822 | * If there is one we must continue generating a different | 824 | * if there is a risk of ID collision due to this key | |
823 | * key unless we were asked to generate a null key, in which | 825 | * or another key being revoked. | |
824 | * case we return failure. | |||
825 | */ | 826 | */ | |
826 | ret = dst_key_fromfile(name, dst_key_id(key), alg, | 827 | if (key_collision(dst_key_id(key), name, directory, | |
827 | DST_TYPE_PRIVATE, directory, | 828 | alg, mctx, NULL)) { | |
828 | mctx, &oldkey); | |||
829 | /* do not overwrite an existing key */ | |||
830 | if (ret == ISC_R_SUCCESS) { | |||
831 | dst_key_free(&oldkey); | |||
832 | conflict = ISC_TRUE; | 829 | conflict = ISC_TRUE; | |
833 | if (null_key) | 830 | if (null_key) { | |
831 | dst_key_free(&key); | |||
834 | break; | 832 | break; | |
835 | } | 833 | } | |
836 | if (conflict == ISC_TRUE) { | 834 | ||
837 | if (verbose > 0) { | 835 | if (verbose > 0) { | |
838 | isc_buffer_clear(&buf); | 836 | isc_buffer_clear(&buf); | |
839 | dst_key_buildfilename(key, 0, directory, &buf); | 837 | dst_key_buildfilename(key, 0, directory, &buf); | |
840 | fprintf(stderr, | 838 | fprintf(stderr, | |
841 | "%s: %s already exists, " | 839 | "%s: %s already exists, or might " | |
842 | "generating a new key\n", | 840 | "collide with another key upon " | |
841 | "revokation. Generating a new key\n", | |||
843 | program, filename); | 842 | program, filename); | |
844 | } | 843 | } | |
844 | ||||
845 | dst_key_free(&key); | 845 | dst_key_free(&key); | |
846 | } | 846 | } | |
847 | } while (conflict == ISC_TRUE); | 847 | } while (conflict == ISC_TRUE); | |
848 | 848 | |||
849 | if (conflict) | 849 | if (conflict) | |
850 | fatal("cannot generate a null key when a key with id 0 " | 850 | fatal("cannot generate a null key due to possible key ID " | |
851 | "already exists"); | 851 | "collision"); | |
852 | 852 | |||
853 | ret = dst_key_tofile(key, options, directory); | 853 | ret = dst_key_tofile(key, options, directory); | |
854 | if (ret != ISC_R_SUCCESS) { | 854 | if (ret != ISC_R_SUCCESS) { | |
855 | char keystr[DST_KEY_FORMATSIZE]; | 855 | char keystr[DST_KEY_FORMATSIZE]; | |
856 | dst_key_format(key, keystr, sizeof(keystr)); | 856 | dst_key_format(key, keystr, sizeof(keystr)); | |
857 | fatal("failed to write key %s: %s\n", keystr, | 857 | fatal("failed to write key %s: %s\n", keystr, | |
858 | isc_result_totext(ret)); | 858 | isc_result_totext(ret)); | |
859 | } | 859 | } | |
860 | 860 | |||
861 | isc_buffer_clear(&buf); | 861 | isc_buffer_clear(&buf); | |
862 | ret = dst_key_buildfilename(key, 0, NULL, &buf); | 862 | ret = dst_key_buildfilename(key, 0, NULL, &buf); | |
863 | printf("%s\n", filename); | 863 | printf("%s\n", filename); | |
864 | dst_key_free(&key); | 864 | dst_key_free(&key); |
--- src/external/bsd/bind/dist/bin/dnssec/Attic/dnssec-signzone.c 2009/12/26 23:08:21 1.2
+++ src/external/bsd/bind/dist/bin/dnssec/Attic/dnssec-signzone.c 2010/08/06 10:58:03 1.3
@@ -1,17 +1,17 @@ | @@ -1,17 +1,17 @@ | |||
1 | /* $NetBSD: dnssec-signzone.c,v 1.2 2009/12/26 23:08:21 christos Exp $ */ | 1 | /* $NetBSD: dnssec-signzone.c,v 1.3 2010/08/06 10:58:03 christos Exp $ */ | |
2 | 2 | |||
3 | /* | 3 | /* | |
4 | * Portions Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") | 4 | * Portions Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") | |
5 | * Portions Copyright (C) 1999-2003 Internet Software Consortium. | 5 | * Portions Copyright (C) 1999-2003 Internet Software Consortium. | |
6 | * | 6 | * | |
7 | * Permission to use, copy, modify, and/or distribute this software for any | 7 | * Permission to use, copy, modify, and/or distribute this software for any | |
8 | * purpose with or without fee is hereby granted, provided that the above | 8 | * purpose with or without fee is hereby granted, provided that the above | |
9 | * copyright notice and this permission notice appear in all copies. | 9 | * copyright notice and this permission notice appear in all copies. | |
10 | * | 10 | * | |
11 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS | 11 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS | |
12 | * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED | 12 | * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED | |
13 | * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE | 13 | * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE | |
14 | * FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | 14 | * FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | |
15 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | 15 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | |
16 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR | 16 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR | |
17 | * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 17 | * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | |
@@ -21,27 +21,27 @@ | @@ -21,27 +21,27 @@ | |||
21 | * Permission to use, copy, modify, and/or distribute this software for any | 21 | * Permission to use, copy, modify, and/or distribute this software for any | |
22 | * purpose with or without fee is hereby granted, provided that the above | 22 | * purpose with or without fee is hereby granted, provided that the above | |
23 | * copyright notice and this permission notice appear in all copies. | 23 | * copyright notice and this permission notice appear in all copies. | |
24 | * | 24 | * | |
25 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS | 25 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS | |
26 | * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED | 26 | * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED | |
27 | * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE | 27 | * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE | |
28 | * FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | 28 | * FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | |
29 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | 29 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | |
30 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR | 30 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR | |
31 | * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 31 | * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | |
32 | */ | 32 | */ | |
33 | 33 | |||
34 | /* Id: dnssec-signzone.c,v 1.258 2009/12/04 22:06:37 tbox Exp */ | 34 | /* Id: dnssec-signzone.c,v 1.258.4.4 2010/06/03 23:49:23 tbox Exp */ | |
35 | 35 | |||
36 | /*! \file */ | 36 | /*! \file */ | |
37 | 37 | |||
38 | #include <config.h> | 38 | #include <config.h> | |
39 | 39 | |||
40 | #include <stdlib.h> | 40 | #include <stdlib.h> | |
41 | #include <time.h> | 41 | #include <time.h> | |
42 | 42 | |||
43 | #include <isc/app.h> | 43 | #include <isc/app.h> | |
44 | #include <isc/base32.h> | 44 | #include <isc/base32.h> | |
45 | #include <isc/commandline.h> | 45 | #include <isc/commandline.h> | |
46 | #include <isc/entropy.h> | 46 | #include <isc/entropy.h> | |
47 | #include <isc/event.h> | 47 | #include <isc/event.h> | |
@@ -1647,26 +1647,35 @@ verifyzone(void) { | @@ -1647,26 +1647,35 @@ verifyzone(void) { | |||
1647 | zonecut = NULL; | 1647 | zonecut = NULL; | |
1648 | 1648 | |||
1649 | result = dns_db_createiterator(gdb, DNS_DB_NONSEC3, &dbiter); | 1649 | result = dns_db_createiterator(gdb, DNS_DB_NONSEC3, &dbiter); | |
1650 | check_result(result, "dns_db_createiterator()"); | 1650 | check_result(result, "dns_db_createiterator()"); | |
1651 | 1651 | |||
1652 | result = dns_dbiterator_first(dbiter); | 1652 | result = dns_dbiterator_first(dbiter); | |
1653 | check_result(result, "dns_dbiterator_first()"); | 1653 | check_result(result, "dns_dbiterator_first()"); | |
1654 | 1654 | |||
1655 | while (!done) { | 1655 | while (!done) { | |
1656 | isc_boolean_t isdelegation = ISC_FALSE; | 1656 | isc_boolean_t isdelegation = ISC_FALSE; | |
1657 | 1657 | |||
1658 | result = dns_dbiterator_current(dbiter, &node, name); | 1658 | result = dns_dbiterator_current(dbiter, &node, name); | |
1659 | check_dns_dbiterator_current(result); | 1659 | check_dns_dbiterator_current(result); | |
1660 | if (!dns_name_issubdomain(name, gorigin)) { | |||
1661 | dns_db_detachnode(gdb, &node); | |||
1662 | result = dns_dbiterator_next(dbiter); | |||
1663 | if (result == ISC_R_NOMORE) | |||
1664 | done = ISC_TRUE; | |||
1665 | else | |||
1666 | check_result(result, "dns_dbiterator_next()"); | |||
1667 | continue; | |||
1668 | } | |||
1660 | if (delegation(name, node, NULL)) { | 1669 | if (delegation(name, node, NULL)) { | |
1661 | zonecut = dns_fixedname_name(&fzonecut); | 1670 | zonecut = dns_fixedname_name(&fzonecut); | |
1662 | dns_name_copy(name, zonecut, NULL); | 1671 | dns_name_copy(name, zonecut, NULL); | |
1663 | isdelegation = ISC_TRUE; | 1672 | isdelegation = ISC_TRUE; | |
1664 | } | 1673 | } | |
1665 | verifynode(name, node, isdelegation, &rdataset, | 1674 | verifynode(name, node, isdelegation, &rdataset, | |
1666 | ksk_algorithms, bad_algorithms); | 1675 | ksk_algorithms, bad_algorithms); | |
1667 | result = dns_dbiterator_next(dbiter); | 1676 | result = dns_dbiterator_next(dbiter); | |
1668 | nextnode = NULL; | 1677 | nextnode = NULL; | |
1669 | while (result == ISC_R_SUCCESS) { | 1678 | while (result == ISC_R_SUCCESS) { | |
1670 | result = dns_dbiterator_current(dbiter, &nextnode, | 1679 | result = dns_dbiterator_current(dbiter, &nextnode, | |
1671 | nextname); | 1680 | nextname); | |
1672 | check_dns_dbiterator_current(result); | 1681 | check_dns_dbiterator_current(result); | |
@@ -1982,26 +1991,66 @@ add_ds(dns_name_t *name, dns_dbnode_t *n | @@ -1982,26 +1991,66 @@ add_ds(dns_name_t *name, dns_dbnode_t *n | |||
1982 | check_result(result, "dns_db_addrdataset"); | 1991 | check_result(result, "dns_db_addrdataset"); | |
1983 | dns_rdataset_disassociate(&dsset); | 1992 | dns_rdataset_disassociate(&dsset); | |
1984 | if (dns_rdataset_isassociated(&sigdsset)) | 1993 | if (dns_rdataset_isassociated(&sigdsset)) | |
1985 | dns_rdataset_disassociate(&sigdsset); | 1994 | dns_rdataset_disassociate(&sigdsset); | |
1986 | } else if (dns_rdataset_isassociated(&sigdsset)) { | 1995 | } else if (dns_rdataset_isassociated(&sigdsset)) { | |
1987 | result = dns_db_deleterdataset(gdb, node, gversion, | 1996 | result = dns_db_deleterdataset(gdb, node, gversion, | |
1988 | dns_rdatatype_rrsig, | 1997 | dns_rdatatype_rrsig, | |
1989 | dns_rdatatype_ds); | 1998 | dns_rdatatype_ds); | |
1990 | check_result(result, "dns_db_deleterdataset"); | 1999 | check_result(result, "dns_db_deleterdataset"); | |
1991 | dns_rdataset_disassociate(&sigdsset); | 2000 | dns_rdataset_disassociate(&sigdsset); | |
1992 | } | 2001 | } | |
1993 | } | 2002 | } | |
1994 | 2003 | |||
2004 | /* | |||
2005 | * Remove records of the given type and their signatures. | |||
2006 | */ | |||
2007 | static void | |||
2008 | remove_records(dns_dbnode_t *node, dns_rdatatype_t which) { | |||
2009 | isc_result_t result; | |||
2010 | dns_rdatatype_t type, covers; | |||
2011 | dns_rdatasetiter_t *rdsiter = NULL; | |||
2012 | dns_rdataset_t rdataset; | |||
2013 | ||||
2014 | dns_rdataset_init(&rdataset); | |||
2015 | ||||
2016 | /* | |||
2017 | * Delete any records of the given type at the apex. | |||
2018 | */ | |||
2019 | result = dns_db_allrdatasets(gdb, node, gversion, 0, &rdsiter); | |||
2020 | check_result(result, "dns_db_allrdatasets()"); | |||
2021 | for (result = dns_rdatasetiter_first(rdsiter); | |||
2022 | result == ISC_R_SUCCESS; | |||
2023 | result = dns_rdatasetiter_next(rdsiter)) { | |||
2024 | dns_rdatasetiter_current(rdsiter, &rdataset); | |||
2025 | type = rdataset.type; | |||
2026 | covers = rdataset.covers; | |||
2027 | dns_rdataset_disassociate(&rdataset); | |||
2028 | if (type == which || covers == which) { | |||
2029 | if (which == dns_rdatatype_nsec && !update_chain) | |||
2030 | fatal("Zone contains NSEC records. Use -u " | |||
2031 | "to update to NSEC3."); | |||
2032 | if (which == dns_rdatatype_nsec3param && !update_chain) | |||
2033 | fatal("Zone contains NSEC3 chains. Use -u " | |||
2034 | "to update to NSEC."); | |||
2035 | result = dns_db_deleterdataset(gdb, node, gversion, | |||
2036 | type, covers); | |||
2037 | check_result(result, "dns_db_deleterdataset()"); | |||
2038 | continue; | |||
2039 | } | |||
2040 | } | |||
2041 | dns_rdatasetiter_destroy(&rdsiter); | |||
2042 | } | |||
2043 | ||||
1995 | /*% | 2044 | /*% | |
1996 | * Generate NSEC records for the zone and remove NSEC3/NSEC3PARAM records. | 2045 | * Generate NSEC records for the zone and remove NSEC3/NSEC3PARAM records. | |
1997 | */ | 2046 | */ | |
1998 | static void | 2047 | static void | |
1999 | nsecify(void) { | 2048 | nsecify(void) { | |
2000 | dns_dbiterator_t *dbiter = NULL; | 2049 | dns_dbiterator_t *dbiter = NULL; | |
2001 | dns_dbnode_t *node = NULL, *nextnode = NULL; | 2050 | dns_dbnode_t *node = NULL, *nextnode = NULL; | |
2002 | dns_fixedname_t fname, fnextname, fzonecut; | 2051 | dns_fixedname_t fname, fnextname, fzonecut; | |
2003 | dns_name_t *name, *nextname, *zonecut; | 2052 | dns_name_t *name, *nextname, *zonecut; | |
2004 | dns_rdataset_t rdataset; | 2053 | dns_rdataset_t rdataset; | |
2005 | dns_rdatasetiter_t *rdsiter = NULL; | 2054 | dns_rdatasetiter_t *rdsiter = NULL; | |
2006 | dns_rdatatype_t type, covers; | 2055 | dns_rdatatype_t type, covers; | |
2007 | isc_boolean_t done = ISC_FALSE; | 2056 | isc_boolean_t done = ISC_FALSE; | |
@@ -2041,56 +2090,45 @@ nsecify(void) { | @@ -2041,56 +2090,45 @@ nsecify(void) { | |||
2041 | "dns_db_deleterdataset(nsec3param/rrsig)"); | 2090 | "dns_db_deleterdataset(nsec3param/rrsig)"); | |
2042 | } | 2091 | } | |
2043 | dns_rdatasetiter_destroy(&rdsiter); | 2092 | dns_rdatasetiter_destroy(&rdsiter); | |
2044 | dns_db_detachnode(gdb, &node); | 2093 | dns_db_detachnode(gdb, &node); | |
2045 | } | 2094 | } | |
2046 | dns_dbiterator_destroy(&dbiter); | 2095 | dns_dbiterator_destroy(&dbiter); | |
2047 | 2096 | |||
2048 | result = dns_db_createiterator(gdb, DNS_DB_NONSEC3, &dbiter); | 2097 | result = dns_db_createiterator(gdb, DNS_DB_NONSEC3, &dbiter); | |
2049 | check_result(result, "dns_db_createiterator()"); | 2098 | check_result(result, "dns_db_createiterator()"); | |
2050 | 2099 | |||
2051 | result = dns_dbiterator_first(dbiter); | 2100 | result = dns_dbiterator_first(dbiter); | |
2052 | check_result(result, "dns_dbiterator_first()"); | 2101 | check_result(result, "dns_dbiterator_first()"); | |
2053 | 2102 | |||
2054 | result = dns_dbiterator_current(dbiter, &node, name); | |||
2055 | check_dns_dbiterator_current(result); | |||
2056 | ||||
2057 | /* | |||
2058 | * Delete any NSEC3PARAM records at the apex. | |||
2059 | */ | |||
2060 | result = dns_db_allrdatasets(gdb, node, gversion, 0, &rdsiter); | |||
2061 | check_result(result, "dns_db_allrdatasets()"); | |||
2062 | for (result = dns_rdatasetiter_first(rdsiter); | |||
2063 | result == ISC_R_SUCCESS; | |||
2064 | result = dns_rdatasetiter_next(rdsiter)) { | |||
2065 | dns_rdatasetiter_current(rdsiter, &rdataset); | |||
2066 | type = rdataset.type; | |||
2067 | covers = rdataset.covers; | |||
2068 | dns_rdataset_disassociate(&rdataset); | |||
2069 | if (type == dns_rdatatype_nsec3param || | |||
2070 | covers == dns_rdatatype_nsec3param) { | |||
2071 | result = dns_db_deleterdataset(gdb, node, gversion, | |||
2072 | type, covers); | |||
2073 | check_result(result, | |||
2074 | "dns_db_deleterdataset(nsec3param/rrsig)"); | |||
2075 | continue; | |||
2076 | } | |||
2077 | } | |||
2078 | dns_rdatasetiter_destroy(&rdsiter); | |||
2079 | dns_db_detachnode(gdb, &node); | |||
2080 | ||||
2081 | while (!done) { | 2103 | while (!done) { | |
2082 | result = dns_dbiterator_current(dbiter, &node, name); | 2104 | result = dns_dbiterator_current(dbiter, &node, name); | |
2083 | check_dns_dbiterator_current(result); | 2105 | check_dns_dbiterator_current(result); | |
2106 | /* | |||
2107 | * Skip out-of-zone records. | |||
2108 | */ | |||
2109 | if (!dns_name_issubdomain(name, gorigin)) { | |||
2110 | result = dns_dbiterator_next(dbiter); | |||
2111 | if (result == ISC_R_NOMORE) | |||
2112 | done = ISC_TRUE; | |||
2113 | else | |||
2114 | check_result(result, "dns_dbiterator_next()"); | |||
2115 | dns_db_detachnode(gdb, &node); | |||
2116 | continue; | |||
2117 | } | |||
2118 | ||||
2119 | if (dns_name_equal(name, gorigin)) | |||
2120 | remove_records(node, dns_rdatatype_nsec3param); | |||
2121 | ||||
2084 | if (delegation(name, node, &nsttl)) { | 2122 | if (delegation(name, node, &nsttl)) { | |
2085 | zonecut = dns_fixedname_name(&fzonecut); | 2123 | zonecut = dns_fixedname_name(&fzonecut); | |
2086 | dns_name_copy(name, zonecut, NULL); | 2124 | dns_name_copy(name, zonecut, NULL); | |
2087 | if (generateds) | 2125 | if (generateds) | |
2088 | add_ds(name, node, nsttl); | 2126 | add_ds(name, node, nsttl); | |
2089 | } | 2127 | } | |
2090 | result = dns_dbiterator_next(dbiter); | 2128 | result = dns_dbiterator_next(dbiter); | |
2091 | nextnode = NULL; | 2129 | nextnode = NULL; | |
2092 | while (result == ISC_R_SUCCESS) { | 2130 | while (result == ISC_R_SUCCESS) { | |
2093 | isc_boolean_t active = ISC_FALSE; | 2131 | isc_boolean_t active = ISC_FALSE; | |
2094 | result = dns_dbiterator_current(dbiter, &nextnode, | 2132 | result = dns_dbiterator_current(dbiter, &nextnode, | |
2095 | nextname); | 2133 | nextname); | |
2096 | check_dns_dbiterator_current(result); | 2134 | check_dns_dbiterator_current(result); | |
@@ -2443,86 +2481,69 @@ remove_duplicates(void) { | @@ -2443,86 +2481,69 @@ remove_duplicates(void) { | |||
2443 | 2481 | |||
2444 | /* | 2482 | /* | |
2445 | * Generate NSEC3 records for the zone. | 2483 | * Generate NSEC3 records for the zone. | |
2446 | */ | 2484 | */ | |
2447 | static void | 2485 | static void | |
2448 | nsec3ify(unsigned int hashalg, unsigned int iterations, | 2486 | nsec3ify(unsigned int hashalg, unsigned int iterations, | |
2449 | const unsigned char *salt, size_t salt_length, hashlist_t *hashlist) | 2487 | const unsigned char *salt, size_t salt_length, hashlist_t *hashlist) | |
2450 | { | 2488 | { | |
2451 | dns_dbiterator_t *dbiter = NULL; | 2489 | dns_dbiterator_t *dbiter = NULL; | |
2452 | dns_dbnode_t *node = NULL, *nextnode = NULL; | 2490 | dns_dbnode_t *node = NULL, *nextnode = NULL; | |
2453 | dns_fixedname_t fname, fnextname, fzonecut; | 2491 | dns_fixedname_t fname, fnextname, fzonecut; | |
2454 | dns_name_t *name, *nextname, *zonecut; | 2492 | dns_name_t *name, *nextname, *zonecut; | |
2455 | dns_rdataset_t rdataset; | 2493 | dns_rdataset_t rdataset; | |
2456 | dns_rdatasetiter_t *rdsiter = NULL; | |||
2457 | dns_rdatatype_t type, covers; | |||
2458 | int order; | 2494 | int order; | |
2459 | isc_boolean_t active; | 2495 | isc_boolean_t active; | |
2460 | isc_boolean_t done = ISC_FALSE; | 2496 | isc_boolean_t done = ISC_FALSE; | |
2461 | isc_result_t result; | 2497 | isc_result_t result; | |
2462 | isc_uint32_t nsttl = 0; | 2498 | isc_uint32_t nsttl = 0; | |
2463 | unsigned int count, nlabels; | 2499 | unsigned int count, nlabels; | |
2464 | 2500 | |||
2465 | dns_rdataset_init(&rdataset); | 2501 | dns_rdataset_init(&rdataset); | |
2466 | dns_fixedname_init(&fname); | 2502 | dns_fixedname_init(&fname); | |
2467 | name = dns_fixedname_name(&fname); | 2503 | name = dns_fixedname_name(&fname); | |
2468 | dns_fixedname_init(&fnextname); | 2504 | dns_fixedname_init(&fnextname); | |
2469 | nextname = dns_fixedname_name(&fnextname); | 2505 | nextname = dns_fixedname_name(&fnextname); | |
2470 | dns_fixedname_init(&fzonecut); | 2506 | dns_fixedname_init(&fzonecut); | |
2471 | zonecut = NULL; | 2507 | zonecut = NULL; | |
2472 | 2508 | |||
2473 | /* | 2509 | /* | |
2474 | * Walk the zone generating the hash names. | 2510 | * Walk the zone generating the hash names. | |
2475 | */ | 2511 | */ | |
2476 | result = dns_db_createiterator(gdb, DNS_DB_NONSEC3, &dbiter); | 2512 | result = dns_db_createiterator(gdb, DNS_DB_NONSEC3, &dbiter); | |
2477 | check_result(result, "dns_db_createiterator()"); | 2513 | check_result(result, "dns_db_createiterator()"); | |
2478 | 2514 | |||
2479 | result = dns_dbiterator_first(dbiter); | 2515 | result = dns_dbiterator_first(dbiter); | |
2480 | check_result(result, "dns_dbiterator_first()"); | 2516 | check_result(result, "dns_dbiterator_first()"); | |
2481 | 2517 | |||
2482 | result = dns_dbiterator_current(dbiter, &node, name); | |||
2483 | check_dns_dbiterator_current(result); | |||
2484 | ||||
2485 | /* | |||
2486 | * Delete any NSEC records at the apex. | |||
2487 | */ | |||
2488 | result = dns_db_allrdatasets(gdb, node, gversion, 0, &rdsiter); | |||
2489 | check_result(result, "dns_db_allrdatasets()"); | |||
2490 | for (result = dns_rdatasetiter_first(rdsiter); | |||
2491 | result == ISC_R_SUCCESS; | |||
2492 | result = dns_rdatasetiter_next(rdsiter)) { | |||
2493 | dns_rdatasetiter_current(rdsiter, &rdataset); | |||
2494 | type = rdataset.type; | |||
2495 | covers = rdataset.covers; | |||
2496 | dns_rdataset_disassociate(&rdataset); | |||
2497 | if (type == dns_rdatatype_nsec || | |||
2498 | covers == dns_rdatatype_nsec) { | |||
2499 | if (!update_chain) | |||
2500 | fatal("Zone contains NSEC records. Use -u " | |||
2501 | "to update to NSEC3."); | |||
2502 | ||||
2503 | result = dns_db_deleterdataset(gdb, node, gversion, | |||
2504 | type, covers); | |||
2505 | check_result(result, | |||
2506 | "dns_db_deleterdataset(nsec3param/rrsig)"); | |||
2507 | continue; | |||
2508 | } | |||
2509 | } | |||
2510 | dns_rdatasetiter_destroy(&rdsiter); | |||
2511 | dns_db_detachnode(gdb, &node); | |||
2512 | ||||
2513 | while (!done) { | 2518 | while (!done) { | |
2514 | result = dns_dbiterator_current(dbiter, &node, name); | 2519 | result = dns_dbiterator_current(dbiter, &node, name); | |
2515 | check_dns_dbiterator_current(result); | 2520 | check_dns_dbiterator_current(result); | |
2521 | /* | |||
2522 | * Skip out-of-zone records. | |||
2523 | */ | |||
2524 | if (!dns_name_issubdomain(name, gorigin)) { | |||
2525 | result = dns_dbiterator_next(dbiter); | |||
2526 | if (result == ISC_R_NOMORE) | |||
2527 | done = ISC_TRUE; | |||
2528 | else | |||
2529 | check_result(result, "dns_dbiterator_next()"); | |||
2530 | dns_db_detachnode(gdb, &node); | |||
2531 | continue; | |||
2532 | } | |||
2533 | ||||
2534 | if (dns_name_equal(name, gorigin)) | |||
2535 | remove_records(node, dns_rdatatype_nsec); | |||
2536 | ||||
2516 | result = dns_dbiterator_next(dbiter); | 2537 | result = dns_dbiterator_next(dbiter); | |
2517 | nextnode = NULL; | 2538 | nextnode = NULL; | |
2518 | while (result == ISC_R_SUCCESS) { | 2539 | while (result == ISC_R_SUCCESS) { | |
2519 | result = dns_dbiterator_current(dbiter, &nextnode, | 2540 | result = dns_dbiterator_current(dbiter, &nextnode, | |
2520 | nextname); | 2541 | nextname); | |
2521 | check_dns_dbiterator_current(result); | 2542 | check_dns_dbiterator_current(result); | |
2522 | active = active_node(nextnode); | 2543 | active = active_node(nextnode); | |
2523 | if (!active) { | 2544 | if (!active) { | |
2524 | dns_db_detachnode(gdb, &nextnode); | 2545 | dns_db_detachnode(gdb, &nextnode); | |
2525 | result = dns_dbiterator_next(dbiter); | 2546 | result = dns_dbiterator_next(dbiter); | |
2526 | continue; | 2547 | continue; | |
2527 | } | 2548 | } | |
2528 | if (!dns_name_issubdomain(nextname, gorigin) || | 2549 | if (!dns_name_issubdomain(nextname, gorigin) || | |
@@ -2619,26 +2640,38 @@ nsec3ify(unsigned int hashalg, unsigned | @@ -2619,26 +2640,38 @@ nsec3ify(unsigned int hashalg, unsigned | |||
2619 | 2640 | |||
2620 | /* | 2641 | /* | |
2621 | * Generate / complete the new chain. | 2642 | * Generate / complete the new chain. | |
2622 | */ | 2643 | */ | |
2623 | result = dns_db_createiterator(gdb, DNS_DB_NONSEC3, &dbiter); | 2644 | result = dns_db_createiterator(gdb, DNS_DB_NONSEC3, &dbiter); | |
2624 | check_result(result, "dns_db_createiterator()"); | 2645 | check_result(result, "dns_db_createiterator()"); | |
2625 | 2646 | |||
2626 | result = dns_dbiterator_first(dbiter); | 2647 | result = dns_dbiterator_first(dbiter); | |
2627 | check_result(result, "dns_dbiterator_first()"); | 2648 | check_result(result, "dns_dbiterator_first()"); | |
2628 | 2649 | |||
2629 | while (!done) { | 2650 | while (!done) { | |
2630 | result = dns_dbiterator_current(dbiter, &node, name); | 2651 | result = dns_dbiterator_current(dbiter, &node, name); | |
2631 | check_dns_dbiterator_current(result); | 2652 | check_dns_dbiterator_current(result); | |
2653 | /* | |||
2654 | * Skip out-of-zone records. | |||
2655 | */ | |||
2656 | if (!dns_name_issubdomain(name, gorigin)) { | |||
2657 | result = dns_dbiterator_next(dbiter); | |||
2658 | if (result == ISC_R_NOMORE) | |||
2659 | done = ISC_TRUE; | |||
2660 | else | |||
2661 | check_result(result, "dns_dbiterator_next()"); | |||
2662 | dns_db_detachnode(gdb, &node); | |||
2663 | continue; | |||
2664 | } | |||
2632 | result = dns_dbiterator_next(dbiter); | 2665 | result = dns_dbiterator_next(dbiter); | |
2633 | nextnode = NULL; | 2666 | nextnode = NULL; | |
2634 | while (result == ISC_R_SUCCESS) { | 2667 | while (result == ISC_R_SUCCESS) { | |
2635 | result = dns_dbiterator_current(dbiter, &nextnode, | 2668 | result = dns_dbiterator_current(dbiter, &nextnode, | |
2636 | nextname); | 2669 | nextname); | |
2637 | check_dns_dbiterator_current(result); | 2670 | check_dns_dbiterator_current(result); | |
2638 | active = active_node(nextnode); | 2671 | active = active_node(nextnode); | |
2639 | if (!active) { | 2672 | if (!active) { | |
2640 | dns_db_detachnode(gdb, &nextnode); | 2673 | dns_db_detachnode(gdb, &nextnode); | |
2641 | result = dns_dbiterator_next(dbiter); | 2674 | result = dns_dbiterator_next(dbiter); | |
2642 | continue; | 2675 | continue; | |
2643 | } | 2676 | } | |
2644 | if (!dns_name_issubdomain(nextname, gorigin) || | 2677 | if (!dns_name_issubdomain(nextname, gorigin) || | |
@@ -3248,27 +3281,27 @@ usage(void) { | @@ -3248,27 +3281,27 @@ usage(void) { | |||
3248 | fprintf(stderr, "verify generated signatures\n"); | 3281 | fprintf(stderr, "verify generated signatures\n"); | |
3249 | fprintf(stderr, "\t-c class (IN)\n"); | 3282 | fprintf(stderr, "\t-c class (IN)\n"); | |
3250 | fprintf(stderr, "\t-E engine:\n"); | 3283 | fprintf(stderr, "\t-E engine:\n"); | |
3251 | #ifdef USE_PKCS11 | 3284 | #ifdef USE_PKCS11 | |
3252 | fprintf(stderr, "\t\tname of an OpenSSL engine to use " | 3285 | fprintf(stderr, "\t\tname of an OpenSSL engine to use " | |
3253 | "(default is \"pkcs11\")\n"); | 3286 | "(default is \"pkcs11\")\n"); | |
3254 | #else | 3287 | #else | |
3255 | fprintf(stderr, "\t\tname of an OpenSSL engine to use\n"); | 3288 | fprintf(stderr, "\t\tname of an OpenSSL engine to use\n"); | |
3256 | #endif | 3289 | #endif | |
3257 | fprintf(stderr, "\t-p:\t"); | 3290 | fprintf(stderr, "\t-p:\t"); | |
3258 | fprintf(stderr, "use pseudorandom data (faster but less secure)\n"); | 3291 | fprintf(stderr, "use pseudorandom data (faster but less secure)\n"); | |
3259 | fprintf(stderr, "\t-P:\t"); | 3292 | fprintf(stderr, "\t-P:\t"); | |
3260 | fprintf(stderr, "disable post-sign verification\n"); | 3293 | fprintf(stderr, "disable post-sign verification\n"); | |
3261 | fprintf(stderr, "\t-T TTL:\tTTL for newly added DNSKEYs"); | 3294 | fprintf(stderr, "\t-T TTL:\tTTL for newly added DNSKEYs\n"); | |
3262 | fprintf(stderr, "\t-t:\t"); | 3295 | fprintf(stderr, "\t-t:\t"); | |
3263 | fprintf(stderr, "print statistics\n"); | 3296 | fprintf(stderr, "print statistics\n"); | |
3264 | fprintf(stderr, "\t-u:\t"); | 3297 | fprintf(stderr, "\t-u:\t"); | |
3265 | fprintf(stderr, "update or replace an existing NSEC/NSEC3 chain\n"); | 3298 | fprintf(stderr, "update or replace an existing NSEC/NSEC3 chain\n"); | |
3266 | fprintf(stderr, "\t-x:\tsign DNSKEY record with KSKs only, not ZSKs\n"); | 3299 | fprintf(stderr, "\t-x:\tsign DNSKEY record with KSKs only, not ZSKs\n"); | |
3267 | fprintf(stderr, "\t-z:\tsign all records with KSKs\n"); | 3300 | fprintf(stderr, "\t-z:\tsign all records with KSKs\n"); | |
3268 | fprintf(stderr, "\t-C:\tgenerate a keyset file, for compatibility\n" | 3301 | fprintf(stderr, "\t-C:\tgenerate a keyset file, for compatibility\n" | |
3269 | "\t\twith older versions of dnssec-signzone -g\n"); | 3302 | "\t\twith older versions of dnssec-signzone -g\n"); | |
3270 | fprintf(stderr, "\t-n ncpus (number of cpus present)\n"); | 3303 | fprintf(stderr, "\t-n ncpus (number of cpus present)\n"); | |
3271 | fprintf(stderr, "\t-k key_signing_key\n"); | 3304 | fprintf(stderr, "\t-k key_signing_key\n"); | |
3272 | fprintf(stderr, "\t-l lookasidezone\n"); | 3305 | fprintf(stderr, "\t-l lookasidezone\n"); | |
3273 | fprintf(stderr, "\t-3 NSEC3 salt\n"); | 3306 | fprintf(stderr, "\t-3 NSEC3 salt\n"); | |
3274 | fprintf(stderr, "\t-H NSEC3 iterations (10)\n"); | 3307 | fprintf(stderr, "\t-H NSEC3 iterations (10)\n"); |
--- src/external/bsd/bind/dist/bin/named/Attic/main.c 2009/10/25 00:14:31 1.4
+++ src/external/bsd/bind/dist/bin/named/Attic/main.c 2010/08/06 10:58:04 1.5
@@ -1,33 +1,33 @@ | @@ -1,33 +1,33 @@ | |||
1 | /* $NetBSD: main.c,v 1.4 2009/10/25 00:14:31 christos Exp $ */ | 1 | /* $NetBSD: main.c,v 1.5 2010/08/06 10:58:04 christos Exp $ */ | |
2 | 2 | |||
3 | /* | 3 | /* | |
4 | * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") | 4 | * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") | |
5 | * Copyright (C) 1999-2003 Internet Software Consortium. | 5 | * Copyright (C) 1999-2003 Internet Software Consortium. | |
6 | * | 6 | * | |
7 | * Permission to use, copy, modify, and/or distribute this software for any | 7 | * Permission to use, copy, modify, and/or distribute this software for any | |
8 | * purpose with or without fee is hereby granted, provided that the above | 8 | * purpose with or without fee is hereby granted, provided that the above | |
9 | * copyright notice and this permission notice appear in all copies. | 9 | * copyright notice and this permission notice appear in all copies. | |
10 | * | 10 | * | |
11 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | 11 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | |
12 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | 12 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | |
13 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | 13 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | |
14 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | 14 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | |
15 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | 15 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | |
16 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | 16 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | |
17 | * PERFORMANCE OF THIS SOFTWARE. | 17 | * PERFORMANCE OF THIS SOFTWARE. | |
18 | */ | 18 | */ | |
19 | 19 | |||
20 | /* Id: main.c,v 1.175 2009/10/05 17:30:49 fdupont Exp */ | 20 | /* Id: main.c,v 1.175.60.3 2010/06/26 23:46:27 tbox Exp */ | |
21 | 21 | |||
22 | /*! \file */ | 22 | /*! \file */ | |
23 | 23 | |||
24 | #include <config.h> | 24 | #include <config.h> | |
25 | 25 | |||
26 | #include <ctype.h> | 26 | #include <ctype.h> | |
27 | #include <stdlib.h> | 27 | #include <stdlib.h> | |
28 | #include <string.h> | 28 | #include <string.h> | |
29 | 29 | |||
30 | #include <isc/app.h> | 30 | #include <isc/app.h> | |
31 | #include <isc/backtrace.h> | 31 | #include <isc/backtrace.h> | |
32 | #include <isc/commandline.h> | 32 | #include <isc/commandline.h> | |
33 | #include <isc/dir.h> | 33 | #include <isc/dir.h> | |
@@ -492,33 +492,35 @@ parse_command_line(int argc, char *argv[ | @@ -492,33 +492,35 @@ parse_command_line(int argc, char *argv[ | |||
492 | break; | 492 | break; | |
493 | case 's': | 493 | case 's': | |
494 | /* XXXRTH temporary syntax */ | 494 | /* XXXRTH temporary syntax */ | |
495 | want_stats = ISC_TRUE; | 495 | want_stats = ISC_TRUE; | |
496 | break; | 496 | break; | |
497 | case 'S': | 497 | case 'S': | |
498 | maxsocks = parse_int(isc_commandline_argument, | 498 | maxsocks = parse_int(isc_commandline_argument, | |
499 | "max number of sockets"); | 499 | "max number of sockets"); | |
500 | break; | 500 | break; | |
501 | case 't': | 501 | case 't': | |
502 | /* XXXJAB should we make a copy? */ | 502 | /* XXXJAB should we make a copy? */ | |
503 | ns_g_chrootdir = isc_commandline_argument; | 503 | ns_g_chrootdir = isc_commandline_argument; | |
504 | break; | 504 | break; | |
505 | case 'T': | 505 | case 'T': /* NOT DOCUMENTED */ | |
506 | /* | 506 | /* | |
507 | * clienttest: make clients single shot with their | 507 | * clienttest: make clients single shot with their | |
508 | * own memory context. | 508 | * own memory context. | |
509 | */ | 509 | */ | |
510 | if (!strcmp(isc_commandline_argument, "clienttest")) | 510 | if (!strcmp(isc_commandline_argument, "clienttest")) | |
511 | ns_g_clienttest = ISC_TRUE; | 511 | ns_g_clienttest = ISC_TRUE; | |
512 | else if (!strcmp(isc_commandline_argument, "nosoa")) | |||
513 | ns_g_nosoa = ISC_TRUE; | |||
512 | else if (!strcmp(isc_commandline_argument, "maxudp512")) | 514 | else if (!strcmp(isc_commandline_argument, "maxudp512")) | |
513 | maxudp = 512; | 515 | maxudp = 512; | |
514 | else if (!strcmp(isc_commandline_argument, "maxudp1460")) | 516 | else if (!strcmp(isc_commandline_argument, "maxudp1460")) | |
515 | maxudp = 1460; | 517 | maxudp = 1460; | |
516 | else | 518 | else | |
517 | fprintf(stderr, "unknown -T flag '%s\n", | 519 | fprintf(stderr, "unknown -T flag '%s\n", | |
518 | isc_commandline_argument); | 520 | isc_commandline_argument); | |
519 | break; | 521 | break; | |
520 | case 'u': | 522 | case 'u': | |
521 | ns_g_username = isc_commandline_argument; | 523 | ns_g_username = isc_commandline_argument; | |
522 | break; | 524 | break; | |
523 | case 'v': | 525 | case 'v': | |
524 | printf("BIND %s\n", ns_g_version); | 526 | printf("BIND %s\n", ns_g_version); |
--- src/external/bsd/bind/dist/bin/named/Attic/named.conf.5 2009/12/26 23:08:21 1.4
+++ src/external/bsd/bind/dist/bin/named/Attic/named.conf.5 2010/08/06 10:58:04 1.5
@@ -1,30 +1,30 @@ | @@ -1,30 +1,30 @@ | |||
1 | .\" $NetBSD: named.conf.5,v 1.4 2009/12/26 23:08:21 christos Exp $ | 1 | .\" $NetBSD: named.conf.5,v 1.5 2010/08/06 10:58:04 christos Exp $ | |
2 | .\" | 2 | .\" | |
3 | .\" Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") | 3 | .\" Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") | |
4 | .\" | 4 | .\" | |
5 | .\" Permission to use, copy, modify, and/or distribute this software for any | 5 | .\" Permission to use, copy, modify, and/or distribute this software for any | |
6 | .\" purpose with or without fee is hereby granted, provided that the above | 6 | .\" purpose with or without fee is hereby granted, provided that the above | |
7 | .\" copyright notice and this permission notice appear in all copies. | 7 | .\" copyright notice and this permission notice appear in all copies. | |
8 | .\" | 8 | .\" | |
9 | .\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | 9 | .\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | |
10 | .\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | 10 | .\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | |
11 | .\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | 11 | .\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | |
12 | .\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | 12 | .\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | |
13 | .\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | 13 | .\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | |
14 | .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | 14 | .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | |
15 | .\" PERFORMANCE OF THIS SOFTWARE. | 15 | .\" PERFORMANCE OF THIS SOFTWARE. | |
16 | .\" | 16 | .\" | |
17 | .\" Id: named.conf.5,v 1.41 2009/12/04 01:13:44 tbox Exp | 17 | .\" Id: named.conf.5,v 1.41.4.1 2010/05/15 02:41:59 tbox Exp | |
18 | .\" | 18 | .\" | |
19 | .hy 0 | 19 | .hy 0 | |
20 | .ad l | 20 | .ad l | |
21 | .\" Title: \fInamed.conf\fR | 21 | .\" Title: \fInamed.conf\fR | |
22 | .\" Author: | 22 | .\" Author: | |
23 | .\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/> | 23 | .\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/> | |
24 | .\" Date: Aug 13, 2004 | 24 | .\" Date: Aug 13, 2004 | |
25 | .\" Manual: BIND9 | 25 | .\" Manual: BIND9 | |
26 | .\" Source: BIND9 | 26 | .\" Source: BIND9 | |
27 | .\" | 27 | .\" | |
28 | .TH "\fINAMED.CONF\fR" "5" "Aug 13, 2004" "BIND9" "BIND9" | 28 | .TH "\fINAMED.CONF\fR" "5" "Aug 13, 2004" "BIND9" "BIND9" | |
29 | .\" disable hyphenation | 29 | .\" disable hyphenation | |
30 | .nh | 30 | .nh | |
@@ -302,26 +302,27 @@ options { | @@ -302,26 +302,27 @@ options { | |||
302 | sig\-signing\-signatures \fIinteger\fR; | 302 | sig\-signing\-signatures \fIinteger\fR; | |
303 | sig\-signing\-type \fIinteger\fR; | 303 | sig\-signing\-type \fIinteger\fR; | |
304 | transfer\-source ( \fIipv4_address\fR | * ) | 304 | transfer\-source ( \fIipv4_address\fR | * ) | |
305 | [ port ( \fIinteger\fR | * ) ]; | 305 | [ port ( \fIinteger\fR | * ) ]; | |
306 | transfer\-source\-v6 ( \fIipv6_address\fR | * ) | 306 | transfer\-source\-v6 ( \fIipv6_address\fR | * ) | |
307 | [ port ( \fIinteger\fR | * ) ]; | 307 | [ port ( \fIinteger\fR | * ) ]; | |
308 | alt\-transfer\-source ( \fIipv4_address\fR | * ) | 308 | alt\-transfer\-source ( \fIipv4_address\fR | * ) | |
309 | [ port ( \fIinteger\fR | * ) ]; | 309 | [ port ( \fIinteger\fR | * ) ]; | |
310 | alt\-transfer\-source\-v6 ( \fIipv6_address\fR | * ) | 310 | alt\-transfer\-source\-v6 ( \fIipv6_address\fR | * ) | |
311 | [ port ( \fIinteger\fR | * ) ]; | 311 | [ port ( \fIinteger\fR | * ) ]; | |
312 | use\-alt\-transfer\-source \fIboolean\fR; | 312 | use\-alt\-transfer\-source \fIboolean\fR; | |
313 | zone\-statistics \fIboolean\fR; | 313 | zone\-statistics \fIboolean\fR; | |
314 | key\-directory \fIquoted_string\fR; | 314 | key\-directory \fIquoted_string\fR; | |
315 | managed\-keys\-directory \fIquoted_string\fR; | |||
315 | auto\-dnssec \fBallow\fR|\fBmaintain\fR|\fBcreate\fR|\fBoff\fR; | 316 | auto\-dnssec \fBallow\fR|\fBmaintain\fR|\fBcreate\fR|\fBoff\fR; | |
316 | try\-tcp\-refresh \fIboolean\fR; | 317 | try\-tcp\-refresh \fIboolean\fR; | |
317 | zero\-no\-soa\-ttl \fIboolean\fR; | 318 | zero\-no\-soa\-ttl \fIboolean\fR; | |
318 | zero\-no\-soa\-ttl\-cache \fIboolean\fR; | 319 | zero\-no\-soa\-ttl\-cache \fIboolean\fR; | |
319 | dnssec\-secure\-to\-insecure \fIboolean\fR; | 320 | dnssec\-secure\-to\-insecure \fIboolean\fR; | |
320 | deny\-answer\-addresses { | 321 | deny\-answer\-addresses { | |
321 | \fIaddress_match_list\fR | 322 | \fIaddress_match_list\fR | |
322 | } [ except\-from { \fInamelist\fR } ]; | 323 | } [ except\-from { \fInamelist\fR } ]; | |
323 | deny\-answer\-aliases { | 324 | deny\-answer\-aliases { | |
324 | \fInamelist\fR | 325 | \fInamelist\fR | |
325 | } [ except\-from { \fInamelist\fR } ]; | 326 | } [ except\-from { \fInamelist\fR } ]; | |
326 | nsec3\-test\-zone \fIboolean\fR; // testing only | 327 | nsec3\-test\-zone \fIboolean\fR; // testing only | |
327 | allow\-v6\-synthesis { \fIaddress_match_element\fR; ... }; // obsolete | 328 | allow\-v6\-synthesis { \fIaddress_match_element\fR; ... }; // obsolete | |
@@ -561,15 +562,15 @@ zone \fIstring\fR \fIoptional_class\fR { | @@ -561,15 +562,15 @@ zone \fIstring\fR \fIoptional_class\fR { | |||
561 | }; | 562 | }; | |
562 | .fi | 563 | .fi | |
563 | .RE | 564 | .RE | |
564 | .SH "FILES" | 565 | .SH "FILES" | |
565 | .PP | 566 | .PP | |
566 | \fI/etc/named.conf\fR | 567 | \fI/etc/named.conf\fR | |
567 | .SH "SEE ALSO" | 568 | .SH "SEE ALSO" | |
568 | .PP | 569 | .PP | |
569 | \fBnamed\fR(8), | 570 | \fBnamed\fR(8), | |
570 | \fBnamed\-checkconf\fR(8), | 571 | \fBnamed\-checkconf\fR(8), | |
571 | \fBrndc\fR(8), | 572 | \fBrndc\fR(8), | |
572 | BIND 9 Administrator Reference Manual. | 573 | BIND 9 Administrator Reference Manual. | |
573 | .SH "COPYRIGHT" | 574 | .SH "COPYRIGHT" | |
574 | Copyright \(co 2004\-2009 Internet Systems Consortium, Inc. ("ISC") | 575 | Copyright \(co 2004\-2010 Internet Systems Consortium, Inc. ("ISC") | |
575 | .br | 576 | .br |
--- src/external/bsd/bind/dist/bin/named/Attic/named.conf.docbook 2009/12/26 23:08:21 1.4
+++ src/external/bsd/bind/dist/bin/named/Attic/named.conf.docbook 2010/08/06 10:58:04 1.5
@@ -1,57 +1,58 @@ | @@ -1,57 +1,58 @@ | |||
1 | <!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" | 1 | <!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" | |
2 | "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" | 2 | "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" | |
3 | [<!ENTITY mdash "—">]> | 3 | [<!ENTITY mdash "—">]> | |
4 | <!-- | 4 | <!-- | |
5 | - Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") | 5 | - Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") | |
6 | - | 6 | - | |
7 | - Permission to use, copy, modify, and/or distribute this software for any | 7 | - Permission to use, copy, modify, and/or distribute this software for any | |
8 | - purpose with or without fee is hereby granted, provided that the above | 8 | - purpose with or without fee is hereby granted, provided that the above | |
9 | - copyright notice and this permission notice appear in all copies. | 9 | - copyright notice and this permission notice appear in all copies. | |
10 | - | 10 | - | |
11 | - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | 11 | - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | |
12 | - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | 12 | - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | |
13 | - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | 13 | - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | |
14 | - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | 14 | - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | |
15 | - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | 15 | - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | |
16 | - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | 16 | - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | |
17 | - PERFORMANCE OF THIS SOFTWARE. | 17 | - PERFORMANCE OF THIS SOFTWARE. | |
18 | --> | 18 | --> | |
19 | 19 | |||
20 | <!-- Id: named.conf.docbook,v 1.44 2009/12/03 23:18:16 each Exp --> | 20 | <!-- Id: named.conf.docbook,v 1.44.4.2 2010/05/14 23:49:18 tbox Exp --> | |
21 | <refentry> | 21 | <refentry> | |
22 | <refentryinfo> | 22 | <refentryinfo> | |
23 | <date>Aug 13, 2004</date> | 23 | <date>Aug 13, 2004</date> | |
24 | </refentryinfo> | 24 | </refentryinfo> | |
25 | 25 | |||
26 | <refmeta> | 26 | <refmeta> | |
27 | <refentrytitle><filename>named.conf</filename></refentrytitle> | 27 | <refentrytitle><filename>named.conf</filename></refentrytitle> | |
28 | <manvolnum>5</manvolnum> | 28 | <manvolnum>5</manvolnum> | |
29 | <refmiscinfo>BIND9</refmiscinfo> | 29 | <refmiscinfo>BIND9</refmiscinfo> | |
30 | </refmeta> | 30 | </refmeta> | |
31 | 31 | |||
32 | <refnamediv> | 32 | <refnamediv> | |
33 | <refname><filename>named.conf</filename></refname> | 33 | <refname><filename>named.conf</filename></refname> | |
34 | <refpurpose>configuration file for named</refpurpose> | 34 | <refpurpose>configuration file for named</refpurpose> | |
35 | </refnamediv> | 35 | </refnamediv> | |
36 | 36 | |||
37 | <docinfo> | 37 | <docinfo> | |
38 | <copyright> | 38 | <copyright> | |
39 | <year>2004</year> | 39 | <year>2004</year> | |
40 | <year>2005</year> | 40 | <year>2005</year> | |
41 | <year>2006</year> | 41 | <year>2006</year> | |
42 | <year>2007</year> | 42 | <year>2007</year> | |
43 | <year>2008</year> | 43 | <year>2008</year> | |
44 | <year>2009</year> | 44 | <year>2009</year> | |
45 | <year>2010</year> | |||
45 | <holder>Internet Systems Consortium, Inc. ("ISC")</holder> | 46 | <holder>Internet Systems Consortium, Inc. ("ISC")</holder> | |
46 | </copyright> | 47 | </copyright> | |
47 | </docinfo> | 48 | </docinfo> | |
48 | 49 | |||
49 | <refsynopsisdiv> | 50 | <refsynopsisdiv> | |
50 | <cmdsynopsis> | 51 | <cmdsynopsis> | |
51 | <command>named.conf</command> | 52 | <command>named.conf</command> | |
52 | </cmdsynopsis> | 53 | </cmdsynopsis> | |
53 | </refsynopsisdiv> | 54 | </refsynopsisdiv> | |
54 | 55 | |||
55 | <refsect1> | 56 | <refsect1> | |
56 | <title>DESCRIPTION</title> | 57 | <title>DESCRIPTION</title> | |
57 | <para><filename>named.conf</filename> is the configuration file | 58 | <para><filename>named.conf</filename> is the configuration file | |
@@ -339,26 +340,27 @@ options { | @@ -339,26 +340,27 @@ options { | |||
339 | transfer-source ( <replaceable>ipv4_address</replaceable> | * ) | 340 | transfer-source ( <replaceable>ipv4_address</replaceable> | * ) | |
340 | <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; | 341 | <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; | |
341 | transfer-source-v6 ( <replaceable>ipv6_address</replaceable> | * ) | 342 | transfer-source-v6 ( <replaceable>ipv6_address</replaceable> | * ) | |
342 | <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; | 343 | <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; | |
343 | 344 | |||
344 | alt-transfer-source ( <replaceable>ipv4_address</replaceable> | * ) | 345 | alt-transfer-source ( <replaceable>ipv4_address</replaceable> | * ) | |
345 | <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; | 346 | <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; | |
346 | alt-transfer-source-v6 ( <replaceable>ipv6_address</replaceable> | * ) | 347 | alt-transfer-source-v6 ( <replaceable>ipv6_address</replaceable> | * ) | |
347 | <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; | 348 | <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; | |
348 | use-alt-transfer-source <replaceable>boolean</replaceable>; | 349 | use-alt-transfer-source <replaceable>boolean</replaceable>; | |
349 | 350 | |||
350 | zone-statistics <replaceable>boolean</replaceable>; | 351 | zone-statistics <replaceable>boolean</replaceable>; | |
351 | key-directory <replaceable>quoted_string</replaceable>; | 352 | key-directory <replaceable>quoted_string</replaceable>; | |
353 | managed-keys-directory <replaceable>quoted_string</replaceable>; | |||
352 | auto-dnssec <constant>allow</constant>|<constant>maintain</constant>|<constant>create</constant>|<constant>off</constant>; | 354 | auto-dnssec <constant>allow</constant>|<constant>maintain</constant>|<constant>create</constant>|<constant>off</constant>; | |
353 | try-tcp-refresh <replaceable>boolean</replaceable>; | 355 | try-tcp-refresh <replaceable>boolean</replaceable>; | |
354 | zero-no-soa-ttl <replaceable>boolean</replaceable>; | 356 | zero-no-soa-ttl <replaceable>boolean</replaceable>; | |
355 | zero-no-soa-ttl-cache <replaceable>boolean</replaceable>; | 357 | zero-no-soa-ttl-cache <replaceable>boolean</replaceable>; | |
356 | dnssec-secure-to-insecure <replaceable>boolean</replaceable>; | 358 | dnssec-secure-to-insecure <replaceable>boolean</replaceable>; | |
357 | deny-answer-addresses { | 359 | deny-answer-addresses { | |
358 | <replaceable>address_match_list</replaceable> | 360 | <replaceable>address_match_list</replaceable> | |
359 | } <optional> except-from { <replaceable>namelist</replaceable> } </optional>; | 361 | } <optional> except-from { <replaceable>namelist</replaceable> } </optional>; | |
360 | deny-answer-aliases { | 362 | deny-answer-aliases { | |
361 | <replaceable>namelist</replaceable> | 363 | <replaceable>namelist</replaceable> | |
362 | } <optional> except-from { <replaceable>namelist</replaceable> } </optional>; | 364 | } <optional> except-from { <replaceable>namelist</replaceable> } </optional>; | |
363 | 365 | |||
364 | nsec3-test-zone <replaceable>boolean</replaceable>; // testing only | 366 | nsec3-test-zone <replaceable>boolean</replaceable>; // testing only |
--- src/external/bsd/bind/dist/bin/named/Attic/named.conf.html 2009/12/26 23:08:21 1.4
+++ src/external/bsd/bind/dist/bin/named/Attic/named.conf.html 2010/08/06 10:58:04 1.5
@@ -1,172 +1,172 @@ | @@ -1,172 +1,172 @@ | |||
1 | <!-- | 1 | <!-- | |
2 | - Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") | 2 | - Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") | |
3 | - | 3 | - | |
4 | - Permission to use, copy, modify, and/or distribute this software for any | 4 | - Permission to use, copy, modify, and/or distribute this software for any | |
5 | - purpose with or without fee is hereby granted, provided that the above | 5 | - purpose with or without fee is hereby granted, provided that the above | |
6 | - copyright notice and this permission notice appear in all copies. | 6 | - copyright notice and this permission notice appear in all copies. | |
7 | - | 7 | - | |
8 | - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | 8 | - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | |
9 | - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | 9 | - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | |
10 | - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | 10 | - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | |
11 | - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | 11 | - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | |
12 | - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | 12 | - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | |
13 | - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | 13 | - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | |
14 | - PERFORMANCE OF THIS SOFTWARE. | 14 | - PERFORMANCE OF THIS SOFTWARE. | |
15 | --> | 15 | --> | |
16 | <!-- Id: named.conf.html,v 1.50 2009/12/04 01:13:44 tbox Exp --> | 16 | <!-- Id: named.conf.html,v 1.50.4.1 2010/05/15 02:41:59 tbox Exp --> | |
17 | <html> | 17 | <html> | |
18 | <head> | 18 | <head> | |
19 | <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> | 19 | <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> | |
20 | <title>named.conf</title> | 20 | <title>named.conf</title> | |
21 | <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> | 21 | <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> | |
22 | </head> | 22 | </head> | |
23 | <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> | 23 | <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> | |
24 | <a name="id2476275"></a><div class="titlepage"></div> | 24 | <a name="id2476275"></a><div class="titlepage"></div> | |
25 | <div class="refnamediv"> | 25 | <div class="refnamediv"> | |
26 | <h2>Name</h2> | 26 | <h2>Name</h2> | |
27 | <p><code class="filename">named.conf</code> — configuration file for named</p> | 27 | <p><code class="filename">named.conf</code> — configuration file for named</p> | |
28 | </div> | 28 | </div> | |
29 | <div class="refsynopsisdiv"> | 29 | <div class="refsynopsisdiv"> | |
30 | <h2>Synopsis</h2> | 30 | <h2>Synopsis</h2> | |
31 | <div class="cmdsynopsis"><p><code class="command">named.conf</code> </p></div> | 31 | <div class="cmdsynopsis"><p><code class="command">named.conf</code> </p></div> | |
32 | </div> | 32 | </div> | |
33 | <div class="refsect1" lang="en"> | 33 | <div class="refsect1" lang="en"> | |
34 | <a name="id2543346"></a><h2>DESCRIPTION</h2> | 34 | <a name="id2543349"></a><h2>DESCRIPTION</h2> | |
35 | <p><code class="filename">named.conf</code> is the configuration file | 35 | <p><code class="filename">named.conf</code> is the configuration file | |
36 | for | 36 | for | |
37 | <span><strong class="command">named</strong></span>. Statements are enclosed | 37 | <span><strong class="command">named</strong></span>. Statements are enclosed | |
38 | in braces and terminated with a semi-colon. Clauses in | 38 | in braces and terminated with a semi-colon. Clauses in | |
39 | the statements are also semi-colon terminated. The usual | 39 | the statements are also semi-colon terminated. The usual | |
40 | comment styles are supported: | 40 | comment styles are supported: | |
41 | </p> | 41 | </p> | |
42 | <p> | 42 | <p> | |
43 | C style: /* */ | 43 | C style: /* */ | |
44 | </p> | 44 | </p> | |
45 | <p> | 45 | <p> | |
46 | C++ style: // to end of line | 46 | C++ style: // to end of line | |
47 | </p> | 47 | </p> | |
48 | <p> | 48 | <p> | |
49 | Unix style: # to end of line | 49 | Unix style: # to end of line | |
50 | </p> | 50 | </p> | |
51 | </div> | 51 | </div> | |
52 | <div class="refsect1" lang="en"> | 52 | <div class="refsect1" lang="en"> | |
53 | <a name="id2543373"></a><h2>ACL</h2> | 53 | <a name="id2543377"></a><h2>ACL</h2> | |
54 | <div class="literallayout"><p><br> | 54 | <div class="literallayout"><p><br> | |
55 | acl <em class="replaceable"><code>string</code></em> { <em class="replaceable"><code>address_match_element</code></em>; ... };<br> | 55 | acl <em class="replaceable"><code>string</code></em> { <em class="replaceable"><code>address_match_element</code></em>; ... };<br> | |
56 | <br> | 56 | <br> | |
57 | </p></div> | 57 | </p></div> | |
58 | </div> | 58 | </div> | |
59 | <div class="refsect1" lang="en"> | 59 | <div class="refsect1" lang="en"> | |
60 | <a name="id2543389"></a><h2>KEY</h2> | 60 | <a name="id2543393"></a><h2>KEY</h2> | |
61 | <div class="literallayout"><p><br> | 61 | <div class="literallayout"><p><br> | |
62 | key <em class="replaceable"><code>domain_name</code></em> {<br> | 62 | key <em class="replaceable"><code>domain_name</code></em> {<br> | |
63 | algorithm <em class="replaceable"><code>string</code></em>;<br> | 63 | algorithm <em class="replaceable"><code>string</code></em>;<br> | |
64 | secret <em class="replaceable"><code>string</code></em>;<br> | 64 | secret <em class="replaceable"><code>string</code></em>;<br> | |
65 | };<br> | 65 | };<br> | |
66 | </p></div> | 66 | </p></div> | |
67 | </div> | 67 | </div> | |
68 | <div class="refsect1" lang="en"> | 68 | <div class="refsect1" lang="en"> | |
69 | <a name="id2543409"></a><h2>MASTERS</h2> | 69 | <a name="id2543412"></a><h2>MASTERS</h2> | |
70 | <div class="literallayout"><p><br> | 70 | <div class="literallayout"><p><br> | |
71 | masters <em class="replaceable"><code>string</code></em> [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] {<br> | 71 | masters <em class="replaceable"><code>string</code></em> [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] {<br> | |
72 | ( <em class="replaceable"><code>masters</code></em> | <em class="replaceable"><code>ipv4_address</code></em> [<span class="optional">port <em class="replaceable"><code>integer</code></em></span>] |<br> | 72 | ( <em class="replaceable"><code>masters</code></em> | <em class="replaceable"><code>ipv4_address</code></em> [<span class="optional">port <em class="replaceable"><code>integer</code></em></span>] |<br> | |
73 | <em class="replaceable"><code>ipv6_address</code></em> [<span class="optional">port <em class="replaceable"><code>integer</code></em></span>] ) [<span class="optional"> key <em class="replaceable"><code>string</code></em> </span>]; ...<br> | 73 | <em class="replaceable"><code>ipv6_address</code></em> [<span class="optional">port <em class="replaceable"><code>integer</code></em></span>] ) [<span class="optional"> key <em class="replaceable"><code>string</code></em> </span>]; ...<br> | |
74 | };<br> | 74 | };<br> | |
75 | </p></div> | 75 | </p></div> | |
76 | </div> | 76 | </div> | |
77 | <div class="refsect1" lang="en"> | 77 | <div class="refsect1" lang="en"> | |
78 | <a name="id2543454"></a><h2>SERVER</h2> | 78 | <a name="id2543458"></a><h2>SERVER</h2> | |
79 | <div class="literallayout"><p><br> | 79 | <div class="literallayout"><p><br> | |
80 | server ( <em class="replaceable"><code>ipv4_address[<span class="optional">/prefixlen</span>]</code></em> | <em class="replaceable"><code>ipv6_address[<span class="optional">/prefixlen</span>]</code></em> ) {<br> | 80 | server ( <em class="replaceable"><code>ipv4_address[<span class="optional">/prefixlen</span>]</code></em> | <em class="replaceable"><code>ipv6_address[<span class="optional">/prefixlen</span>]</code></em> ) {<br> | |
81 | bogus <em class="replaceable"><code>boolean</code></em>;<br> | 81 | bogus <em class="replaceable"><code>boolean</code></em>;<br> | |
82 | edns <em class="replaceable"><code>boolean</code></em>;<br> | 82 | edns <em class="replaceable"><code>boolean</code></em>;<br> | |
83 | edns-udp-size <em class="replaceable"><code>integer</code></em>;<br> | 83 | edns-udp-size <em class="replaceable"><code>integer</code></em>;<br> | |
84 | max-udp-size <em class="replaceable"><code>integer</code></em>;<br> | 84 | max-udp-size <em class="replaceable"><code>integer</code></em>;<br> | |
85 | provide-ixfr <em class="replaceable"><code>boolean</code></em>;<br> | 85 | provide-ixfr <em class="replaceable"><code>boolean</code></em>;<br> | |
86 | request-ixfr <em class="replaceable"><code>boolean</code></em>;<br> | 86 | request-ixfr <em class="replaceable"><code>boolean</code></em>;<br> | |
87 | keys <em class="replaceable"><code>server_key</code></em>;<br> | 87 | keys <em class="replaceable"><code>server_key</code></em>;<br> | |
88 | transfers <em class="replaceable"><code>integer</code></em>;<br> | 88 | transfers <em class="replaceable"><code>integer</code></em>;<br> | |
89 | transfer-format ( many-answers | one-answer );<br> | 89 | transfer-format ( many-answers | one-answer );<br> | |
90 | transfer-source ( <em class="replaceable"><code>ipv4_address</code></em> | * )<br> | 90 | transfer-source ( <em class="replaceable"><code>ipv4_address</code></em> | * )<br> | |
91 | [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br> | 91 | [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br> | |
92 | transfer-source-v6 ( <em class="replaceable"><code>ipv6_address</code></em> | * )<br> | 92 | transfer-source-v6 ( <em class="replaceable"><code>ipv6_address</code></em> | * )<br> | |
93 | [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br> | 93 | [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br> | |
94 | <br> | 94 | <br> | |
95 | support-ixfr <em class="replaceable"><code>boolean</code></em>; // obsolete<br> | 95 | support-ixfr <em class="replaceable"><code>boolean</code></em>; // obsolete<br> | |
96 | };<br> | 96 | };<br> | |
97 | </p></div> | 97 | </p></div> | |
98 | </div> | 98 | </div> | |
99 | <div class="refsect1" lang="en"> | 99 | <div class="refsect1" lang="en"> | |
100 | <a name="id2543523"></a><h2>TRUSTED-KEYS</h2> | 100 | <a name="id2543526"></a><h2>TRUSTED-KEYS</h2> | |
101 | <div class="literallayout"><p><br> | 101 | <div class="literallayout"><p><br> | |
102 | trusted-keys {<br> | 102 | trusted-keys {<br> | |
103 | <em class="replaceable"><code>domain_name</code></em> <em class="replaceable"><code>flags</code></em> <em class="replaceable"><code>protocol</code></em> <em class="replaceable"><code>algorithm</code></em> <em class="replaceable"><code>key</code></em>; ... <br> | 103 | <em class="replaceable"><code>domain_name</code></em> <em class="replaceable"><code>flags</code></em> <em class="replaceable"><code>protocol</code></em> <em class="replaceable"><code>algorithm</code></em> <em class="replaceable"><code>key</code></em>; ... <br> | |
104 | };<br> | 104 | };<br> | |
105 | </p></div> | 105 | </p></div> | |
106 | </div> | 106 | </div> | |
107 | <div class="refsect1" lang="en"> | 107 | <div class="refsect1" lang="en"> | |
108 | <a name="id2543548"></a><h2>MANAGED-KEYS</h2> | 108 | <a name="id2543552"></a><h2>MANAGED-KEYS</h2> | |
109 | <div class="literallayout"><p><br> | 109 | <div class="literallayout"><p><br> | |
110 | managed-keys {<br> | 110 | managed-keys {<br> | |
111 | <em class="replaceable"><code>domain_name</code></em> <code class="constant">initial-key</code> <em class="replaceable"><code>flags</code></em> <em class="replaceable"><code>protocol</code></em> <em class="replaceable"><code>algorithm</code></em> <em class="replaceable"><code>key</code></em>; ... <br> | 111 | <em class="replaceable"><code>domain_name</code></em> <code class="constant">initial-key</code> <em class="replaceable"><code>flags</code></em> <em class="replaceable"><code>protocol</code></em> <em class="replaceable"><code>algorithm</code></em> <em class="replaceable"><code>key</code></em>; ... <br> | |
112 | };<br> | 112 | };<br> | |
113 | </p></div> | 113 | </p></div> | |
114 | </div> | 114 | </div> | |
115 | <div class="refsect1" lang="en"> | 115 | <div class="refsect1" lang="en"> | |
116 | <a name="id2543577"></a><h2>CONTROLS</h2> | 116 | <a name="id2543580"></a><h2>CONTROLS</h2> | |
117 | <div class="literallayout"><p><br> | 117 | <div class="literallayout"><p><br> | |
118 | controls {<br> | 118 | controls {<br> | |
119 | inet ( <em class="replaceable"><code>ipv4_address</code></em> | <em class="replaceable"><code>ipv6_address</code></em> | * )<br> | 119 | inet ( <em class="replaceable"><code>ipv4_address</code></em> | <em class="replaceable"><code>ipv6_address</code></em> | * )<br> | |
120 | [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>]<br> | 120 | [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>]<br> | |
121 | allow { <em class="replaceable"><code>address_match_element</code></em>; ... }<br> | 121 | allow { <em class="replaceable"><code>address_match_element</code></em>; ... }<br> | |
122 | [<span class="optional"> keys { <em class="replaceable"><code>string</code></em>; ... } </span>];<br> | 122 | [<span class="optional"> keys { <em class="replaceable"><code>string</code></em>; ... } </span>];<br> | |
123 | unix <em class="replaceable"><code>unsupported</code></em>; // not implemented<br> | 123 | unix <em class="replaceable"><code>unsupported</code></em>; // not implemented<br> | |
124 | };<br> | 124 | };<br> | |
125 | </p></div> | 125 | </p></div> | |
126 | </div> | 126 | </div> | |
127 | <div class="refsect1" lang="en"> | 127 | <div class="refsect1" lang="en"> | |
128 | <a name="id2543612"></a><h2>LOGGING</h2> | 128 | <a name="id2543616"></a><h2>LOGGING</h2> | |
129 | <div class="literallayout"><p><br> | 129 | <div class="literallayout"><p><br> | |
130 | logging {<br> | 130 | logging {<br> | |
131 | channel <em class="replaceable"><code>string</code></em> {<br> | 131 | channel <em class="replaceable"><code>string</code></em> {<br> | |
132 | file <em class="replaceable"><code>log_file</code></em>;<br> | 132 | file <em class="replaceable"><code>log_file</code></em>;<br> | |
133 | syslog <em class="replaceable"><code>optional_facility</code></em>;<br> | 133 | syslog <em class="replaceable"><code>optional_facility</code></em>;<br> | |
134 | null;<br> | 134 | null;<br> | |
135 | stderr;<br> | 135 | stderr;<br> | |
136 | severity <em class="replaceable"><code>log_severity</code></em>;<br> | 136 | severity <em class="replaceable"><code>log_severity</code></em>;<br> | |
137 | print-time <em class="replaceable"><code>boolean</code></em>;<br> | 137 | print-time <em class="replaceable"><code>boolean</code></em>;<br> | |
138 | print-severity <em class="replaceable"><code>boolean</code></em>;<br> | 138 | print-severity <em class="replaceable"><code>boolean</code></em>;<br> | |
139 | print-category <em class="replaceable"><code>boolean</code></em>;<br> | 139 | print-category <em class="replaceable"><code>boolean</code></em>;<br> | |
140 | };<br> | 140 | };<br> | |
141 | category <em class="replaceable"><code>string</code></em> { <em class="replaceable"><code>string</code></em>; ... };<br> | 141 | category <em class="replaceable"><code>string</code></em> { <em class="replaceable"><code>string</code></em>; ... };<br> | |
142 | };<br> | 142 | };<br> | |
143 | </p></div> | 143 | </p></div> | |
144 | </div> | 144 | </div> | |
145 | <div class="refsect1" lang="en"> | 145 | <div class="refsect1" lang="en"> | |
146 | <a name="id2543651"></a><h2>LWRES</h2> | 146 | <a name="id2543654"></a><h2>LWRES</h2> | |
147 | <div class="literallayout"><p><br> | 147 | <div class="literallayout"><p><br> | |
148 | lwres {<br> | 148 | lwres {<br> | |
149 | listen-on [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] {<br> | 149 | listen-on [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] {<br> | |
150 | ( <em class="replaceable"><code>ipv4_address</code></em> | <em class="replaceable"><code>ipv6_address</code></em> ) [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>]; ...<br> | 150 | ( <em class="replaceable"><code>ipv4_address</code></em> | <em class="replaceable"><code>ipv6_address</code></em> ) [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>]; ...<br> | |
151 | };<br> | 151 | };<br> | |
152 | view <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>optional_class</code></em>;<br> | 152 | view <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>optional_class</code></em>;<br> | |
153 | search { <em class="replaceable"><code>string</code></em>; ... };<br> | 153 | search { <em class="replaceable"><code>string</code></em>; ... };<br> | |
154 | ndots <em class="replaceable"><code>integer</code></em>;<br> | 154 | ndots <em class="replaceable"><code>integer</code></em>;<br> | |
155 | };<br> | 155 | };<br> | |
156 | </p></div> | 156 | </p></div> | |
157 | </div> | 157 | </div> | |
158 | <div class="refsect1" lang="en"> | 158 | <div class="refsect1" lang="en"> | |
159 | <a name="id2543692"></a><h2>OPTIONS</h2> | 159 | <a name="id2543696"></a><h2>OPTIONS</h2> | |
160 | <div class="literallayout"><p><br> | 160 | <div class="literallayout"><p><br> | |
161 | options {<br> | 161 | options {<br> | |
162 | avoid-v4-udp-ports { <em class="replaceable"><code>port</code></em>; ... };<br> | 162 | avoid-v4-udp-ports { <em class="replaceable"><code>port</code></em>; ... };<br> | |
163 | avoid-v6-udp-ports { <em class="replaceable"><code>port</code></em>; ... };<br> | 163 | avoid-v6-udp-ports { <em class="replaceable"><code>port</code></em>; ... };<br> | |
164 | blackhole { <em class="replaceable"><code>address_match_element</code></em>; ... };<br> | 164 | blackhole { <em class="replaceable"><code>address_match_element</code></em>; ... };<br> | |
165 | coresize <em class="replaceable"><code>size</code></em>;<br> | 165 | coresize <em class="replaceable"><code>size</code></em>;<br> | |
166 | datasize <em class="replaceable"><code>size</code></em>;<br> | 166 | datasize <em class="replaceable"><code>size</code></em>;<br> | |
167 | directory <em class="replaceable"><code>quoted_string</code></em>;<br> | 167 | directory <em class="replaceable"><code>quoted_string</code></em>;<br> | |
168 | dump-file <em class="replaceable"><code>quoted_string</code></em>;<br> | 168 | dump-file <em class="replaceable"><code>quoted_string</code></em>;<br> | |
169 | files <em class="replaceable"><code>size</code></em>;<br> | 169 | files <em class="replaceable"><code>size</code></em>;<br> | |
170 | heartbeat-interval <em class="replaceable"><code>integer</code></em>;<br> | 170 | heartbeat-interval <em class="replaceable"><code>integer</code></em>;<br> | |
171 | host-statistics <em class="replaceable"><code>boolean</code></em>; // not implemented<br> | 171 | host-statistics <em class="replaceable"><code>boolean</code></em>; // not implemented<br> | |
172 | host-statistics-max <em class="replaceable"><code>number</code></em>; // not implemented<br> | 172 | host-statistics-max <em class="replaceable"><code>number</code></em>; // not implemented<br> | |
@@ -307,26 +307,27 @@ options { | @@ -307,26 +307,27 @@ options { | |||
307 | transfer-source ( <em class="replaceable"><code>ipv4_address</code></em> | * )<br> | 307 | transfer-source ( <em class="replaceable"><code>ipv4_address</code></em> | * )<br> | |
308 | [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br> | 308 | [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br> | |
309 | transfer-source-v6 ( <em class="replaceable"><code>ipv6_address</code></em> | * )<br> | 309 | transfer-source-v6 ( <em class="replaceable"><code>ipv6_address</code></em> | * )<br> | |
310 | [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br> | 310 | [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br> | |
311 | <br> | 311 | <br> | |
312 | alt-transfer-source ( <em class="replaceable"><code>ipv4_address</code></em> | * )<br> | 312 | alt-transfer-source ( <em class="replaceable"><code>ipv4_address</code></em> | * )<br> | |
313 | [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br> | 313 | [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br> | |
314 | alt-transfer-source-v6 ( <em class="replaceable"><code>ipv6_address</code></em> | * )<br> | 314 | alt-transfer-source-v6 ( <em class="replaceable"><code>ipv6_address</code></em> | * )<br> | |
315 | [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br> | 315 | [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br> | |
316 | use-alt-transfer-source <em class="replaceable"><code>boolean</code></em>;<br> | 316 | use-alt-transfer-source <em class="replaceable"><code>boolean</code></em>;<br> | |
317 | <br> | 317 | <br> | |
318 | zone-statistics <em class="replaceable"><code>boolean</code></em>;<br> | 318 | zone-statistics <em class="replaceable"><code>boolean</code></em>;<br> | |
319 | key-directory <em class="replaceable"><code>quoted_string</code></em>;<br> | 319 | key-directory <em class="replaceable"><code>quoted_string</code></em>;<br> | |
320 | managed-keys-directory <em class="replaceable"><code>quoted_string</code></em>;<br> | |||
320 | auto-dnssec <code class="constant">allow</code>|<code class="constant">maintain</code>|<code class="constant">create</code>|<code class="constant">off</code>;<br> | 321 | auto-dnssec <code class="constant">allow</code>|<code class="constant">maintain</code>|<code class="constant">create</code>|<code class="constant">off</code>;<br> | |
321 | try-tcp-refresh <em class="replaceable"><code>boolean</code></em>;<br> | 322 | try-tcp-refresh <em class="replaceable"><code>boolean</code></em>;<br> | |
322 | zero-no-soa-ttl <em class="replaceable"><code>boolean</code></em>;<br> | 323 | zero-no-soa-ttl <em class="replaceable"><code>boolean</code></em>;<br> | |
323 | zero-no-soa-ttl-cache <em class="replaceable"><code>boolean</code></em>;<br> | 324 | zero-no-soa-ttl-cache <em class="replaceable"><code>boolean</code></em>;<br> | |
324 | dnssec-secure-to-insecure <em class="replaceable"><code>boolean</code></em>;<br> | 325 | dnssec-secure-to-insecure <em class="replaceable"><code>boolean</code></em>;<br> | |
325 | deny-answer-addresses {<br> | 326 | deny-answer-addresses {<br> | |
326 | <em class="replaceable"><code>address_match_list</code></em><br> | 327 | <em class="replaceable"><code>address_match_list</code></em><br> | |
327 | } [<span class="optional"> except-from { <em class="replaceable"><code>namelist</code></em> } </span>];<br> | 328 | } [<span class="optional"> except-from { <em class="replaceable"><code>namelist</code></em> } </span>];<br> | |
328 | deny-answer-aliases {<br> | 329 | deny-answer-aliases {<br> | |
329 | <em class="replaceable"><code>namelist</code></em><br> | 330 | <em class="replaceable"><code>namelist</code></em><br> | |
330 | } [<span class="optional"> except-from { <em class="replaceable"><code>namelist</code></em> } </span>];<br> | 331 | } [<span class="optional"> except-from { <em class="replaceable"><code>namelist</code></em> } </span>];<br> | |
331 | <br> | 332 | <br> | |
332 | nsec3-test-zone <em class="replaceable"><code>boolean</code></em>; // testing only<br> | 333 | nsec3-test-zone <em class="replaceable"><code>boolean</code></em>; // testing only<br> | |
@@ -337,27 +338,27 @@ options { | @@ -337,27 +338,27 @@ options { | |||
337 | fetch-glue <em class="replaceable"><code>boolean</code></em>; // obsolete<br> | 338 | fetch-glue <em class="replaceable"><code>boolean</code></em>; // obsolete<br> | |
338 | has-old-clients <em class="replaceable"><code>boolean</code></em>; // obsolete<br> | 339 | has-old-clients <em class="replaceable"><code>boolean</code></em>; // obsolete<br> | |
339 | maintain-ixfr-base <em class="replaceable"><code>boolean</code></em>; // obsolete<br> | 340 | maintain-ixfr-base <em class="replaceable"><code>boolean</code></em>; // obsolete<br> | |
340 | max-ixfr-log-size <em class="replaceable"><code>size</code></em>; // obsolete<br> | 341 | max-ixfr-log-size <em class="replaceable"><code>size</code></em>; // obsolete<br> | |
341 | multiple-cnames <em class="replaceable"><code>boolean</code></em>; // obsolete<br> | 342 | multiple-cnames <em class="replaceable"><code>boolean</code></em>; // obsolete<br> | |
342 | named-xfer <em class="replaceable"><code>quoted_string</code></em>; // obsolete<br> | 343 | named-xfer <em class="replaceable"><code>quoted_string</code></em>; // obsolete<br> | |
343 | serial-queries <em class="replaceable"><code>integer</code></em>; // obsolete<br> | 344 | serial-queries <em class="replaceable"><code>integer</code></em>; // obsolete<br> | |
344 | treat-cr-as-space <em class="replaceable"><code>boolean</code></em>; // obsolete<br> | 345 | treat-cr-as-space <em class="replaceable"><code>boolean</code></em>; // obsolete<br> | |
345 | use-id-pool <em class="replaceable"><code>boolean</code></em>; // obsolete<br> | 346 | use-id-pool <em class="replaceable"><code>boolean</code></em>; // obsolete<br> | |
346 | };<br> | 347 | };<br> | |
347 | </p></div> | 348 | </p></div> | |
348 | </div> | 349 | </div> | |
349 | <div class="refsect1" lang="en"> | 350 | <div class="refsect1" lang="en"> | |
350 | <a name="id2544532"></a><h2>VIEW</h2> | 351 | <a name="id2544538"></a><h2>VIEW</h2> | |
351 | <div class="literallayout"><p><br> | 352 | <div class="literallayout"><p><br> | |
352 | view <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>optional_class</code></em> {<br> | 353 | view <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>optional_class</code></em> {<br> | |
353 | match-clients { <em class="replaceable"><code>address_match_element</code></em>; ... };<br> | 354 | match-clients { <em class="replaceable"><code>address_match_element</code></em>; ... };<br> | |
354 | match-destinations { <em class="replaceable"><code>address_match_element</code></em>; ... };<br> | 355 | match-destinations { <em class="replaceable"><code>address_match_element</code></em>; ... };<br> | |
355 | match-recursive-only <em class="replaceable"><code>boolean</code></em>;<br> | 356 | match-recursive-only <em class="replaceable"><code>boolean</code></em>;<br> | |
356 | <br> | 357 | <br> | |
357 | key <em class="replaceable"><code>string</code></em> {<br> | 358 | key <em class="replaceable"><code>string</code></em> {<br> | |
358 | algorithm <em class="replaceable"><code>string</code></em>;<br> | 359 | algorithm <em class="replaceable"><code>string</code></em>;<br> | |
359 | secret <em class="replaceable"><code>string</code></em>;<br> | 360 | secret <em class="replaceable"><code>string</code></em>;<br> | |
360 | };<br> | 361 | };<br> | |
361 | <br> | 362 | <br> | |
362 | zone <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>optional_class</code></em> {<br> | 363 | zone <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>optional_class</code></em> {<br> | |
363 | ...<br> | 364 | ...<br> | |
@@ -488,27 +489,27 @@ view strin | @@ -488,27 +489,27 @@ view strin | |||
488 | key-directory <em class="replaceable"><code>quoted_string</code></em>;<br> | 489 | key-directory <em class="replaceable"><code>quoted_string</code></em>;<br> | |
489 | zero-no-soa-ttl <em class="replaceable"><code>boolean</code></em>;<br> | 490 | zero-no-soa-ttl <em class="replaceable"><code>boolean</code></em>;<br> | |
490 | zero-no-soa-ttl-cache <em class="replaceable"><code>boolean</code></em>;<br> | 491 | zero-no-soa-ttl-cache <em class="replaceable"><code>boolean</code></em>;<br> | |
491 | dnssec-secure-to-insecure <em class="replaceable"><code>boolean</code></em>;<br> | 492 | dnssec-secure-to-insecure <em class="replaceable"><code>boolean</code></em>;<br> | |
492 | <br> | 493 | <br> | |
493 | allow-v6-synthesis { <em class="replaceable"><code>address_match_element</code></em>; ... }; // obsolete<br> | 494 | allow-v6-synthesis { <em class="replaceable"><code>address_match_element</code></em>; ... }; // obsolete<br> | |
494 | fetch-glue <em class="replaceable"><code>boolean</code></em>; // obsolete<br> | 495 | fetch-glue <em class="replaceable"><code>boolean</code></em>; // obsolete<br> | |
495 | maintain-ixfr-base <em class="replaceable"><code>boolean</code></em>; // obsolete<br> | 496 | maintain-ixfr-base <em class="replaceable"><code>boolean</code></em>; // obsolete<br> | |
496 | max-ixfr-log-size <em class="replaceable"><code>size</code></em>; // obsolete<br> | 497 | max-ixfr-log-size <em class="replaceable"><code>size</code></em>; // obsolete<br> | |
497 | };<br> | 498 | };<br> | |
498 | </p></div> | 499 | </p></div> | |
499 | </div> | 500 | </div> | |
500 | <div class="refsect1" lang="en"> | 501 | <div class="refsect1" lang="en"> | |
501 | <a name="id2545203"></a><h2>ZONE</h2> | 502 | <a name="id2545209"></a><h2>ZONE</h2> | |
502 | <div class="literallayout"><p><br> | 503 | <div class="literallayout"><p><br> | |
503 | zone <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>optional_class</code></em> {<br> | 504 | zone <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>optional_class</code></em> {<br> | |
504 | type ( master | slave | stub | hint |<br> | 505 | type ( master | slave | stub | hint |<br> | |
505 | forward | delegation-only );<br> | 506 | forward | delegation-only );<br> | |
506 | file <em class="replaceable"><code>quoted_string</code></em>;<br> | 507 | file <em class="replaceable"><code>quoted_string</code></em>;<br> | |
507 | <br> | 508 | <br> | |
508 | masters [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] {<br> | 509 | masters [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] {<br> | |
509 | ( <em class="replaceable"><code>masters</code></em> |<br> | 510 | ( <em class="replaceable"><code>masters</code></em> |<br> | |
510 | <em class="replaceable"><code>ipv4_address</code></em> [<span class="optional">port <em class="replaceable"><code>integer</code></em></span>] |<br> | 511 | <em class="replaceable"><code>ipv4_address</code></em> [<span class="optional">port <em class="replaceable"><code>integer</code></em></span>] |<br> | |
511 | <em class="replaceable"><code>ipv6_address</code></em> [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] ) [<span class="optional"> key <em class="replaceable"><code>string</code></em> </span>]; ...<br> | 512 | <em class="replaceable"><code>ipv6_address</code></em> [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] ) [<span class="optional"> key <em class="replaceable"><code>string</code></em> </span>]; ...<br> | |
512 | };<br> | 513 | };<br> | |
513 | <br> | 514 | <br> | |
514 | database <em class="replaceable"><code>string</code></em>;<br> | 515 | database <em class="replaceable"><code>string</code></em>;<br> | |
@@ -583,27 +584,27 @@ zone strin | @@ -583,27 +584,27 @@ zone strin | |||
583 | key-directory <em class="replaceable"><code>quoted_string</code></em>;<br> | 584 | key-directory <em class="replaceable"><code>quoted_string</code></em>;<br> | |
584 | <br> | 585 | <br> | |
585 | nsec3-test-zone <em class="replaceable"><code>boolean</code></em>; // testing only<br> | 586 | nsec3-test-zone <em class="replaceable"><code>boolean</code></em>; // testing only<br> | |
586 | <br> | 587 | <br> | |
587 | ixfr-base <em class="replaceable"><code>quoted_string</code></em>; // obsolete<br> | 588 | ixfr-base <em class="replaceable"><code>quoted_string</code></em>; // obsolete<br> | |
588 | ixfr-tmp-file <em class="replaceable"><code>quoted_string</code></em>; // obsolete<br> | 589 | ixfr-tmp-file <em class="replaceable"><code>quoted_string</code></em>; // obsolete<br> | |
589 | maintain-ixfr-base <em class="replaceable"><code>boolean</code></em>; // obsolete<br> | 590 | maintain-ixfr-base <em class="replaceable"><code>boolean</code></em>; // obsolete<br> | |
590 | max-ixfr-log-size <em class="replaceable"><code>size</code></em>; // obsolete<br> | 591 | max-ixfr-log-size <em class="replaceable"><code>size</code></em>; // obsolete<br> | |
591 | pubkey <em class="replaceable"><code>integer</code></em> <em class="replaceable"><code>integer</code></em> <em class="replaceable"><code>integer</code></em> <em class="replaceable"><code>quoted_string</code></em>; // obsolete<br> | 592 | pubkey <em class="replaceable"><code>integer</code></em> <em class="replaceable"><code>integer</code></em> <em class="replaceable"><code>integer</code></em> <em class="replaceable"><code>quoted_string</code></em>; // obsolete<br> | |
592 | };<br> | 593 | };<br> | |
593 | </p></div> | 594 | </p></div> | |
594 | </div> | 595 | </div> | |
595 | <div class="refsect1" lang="en"> | 596 | <div class="refsect1" lang="en"> | |
596 | <a name="id2545514"></a><h2>FILES</h2> | 597 | <a name="id2545521"></a><h2>FILES</h2> | |
597 | <p><code class="filename">/etc/named.conf</code> | 598 | <p><code class="filename">/etc/named.conf</code> | |
598 | </p> | 599 | </p> | |
599 | </div> | 600 | </div> | |
600 | <div class="refsect1" lang="en"> | 601 | <div class="refsect1" lang="en"> | |
601 | <a name="id2545526"></a><h2>SEE ALSO</h2> | 602 | <a name="id2545601"></a><h2>SEE ALSO</h2> | |
602 | <p><span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>, | 603 | <p><span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>, | |
603 | <span class="citerefentry"><span class="refentrytitle">named-checkconf</span>(8)</span>, | 604 | <span class="citerefentry"><span class="refentrytitle">named-checkconf</span>(8)</span>, | |
604 | <span class="citerefentry"><span class="refentrytitle">rndc</span>(8)</span>, | 605 | <span class="citerefentry"><span class="refentrytitle">rndc</span>(8)</span>, | |
605 | <em class="citetitle">BIND 9 Administrator Reference Manual</em>. | 606 | <em class="citetitle">BIND 9 Administrator Reference Manual</em>. | |
606 | </p> | 607 | </p> | |
607 | </div> | 608 | </div> | |
608 | </div></body> | 609 | </div></body> | |
609 | </html> | 610 | </html> |
--- src/external/bsd/bind/dist/bin/named/Attic/server.c 2009/12/26 23:08:21 1.4
+++ src/external/bsd/bind/dist/bin/named/Attic/server.c 2010/08/06 10:58:04 1.5
@@ -1,53 +1,58 @@ | @@ -1,53 +1,58 @@ | |||
1 | /* $NetBSD: server.c,v 1.4 2009/12/26 23:08:21 christos Exp $ */ | 1 | /* $NetBSD: server.c,v 1.5 2010/08/06 10:58:04 christos Exp $ */ | |
2 | 2 | |||
3 | /* | 3 | /* | |
4 | * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") | 4 | * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") | |
5 | * Copyright (C) 1999-2003 Internet Software Consortium. | 5 | * Copyright (C) 1999-2003 Internet Software Consortium. | |
6 | * | 6 | * | |
7 | * Permission to use, copy, modify, and/or distribute this software for any | 7 | * Permission to use, copy, modify, and/or distribute this software for any | |
8 | * purpose with or without fee is hereby granted, provided that the above | 8 | * purpose with or without fee is hereby granted, provided that the above | |
9 | * copyright notice and this permission notice appear in all copies. | 9 | * copyright notice and this permission notice appear in all copies. | |
10 | * | 10 | * | |
11 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | 11 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | |
12 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | 12 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | |
13 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | 13 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | |
14 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | 14 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | |
15 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | 15 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | |
16 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | 16 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | |
17 | * PERFORMANCE OF THIS SOFTWARE. | 17 | * PERFORMANCE OF THIS SOFTWARE. | |
18 | */ | 18 | */ | |
19 | 19 | |||
20 | /* Id: server.c,v 1.556 2009/11/28 15:57:36 vjs Exp */ | 20 | /* Id: server.c,v 1.556.8.20 2010/07/19 06:14:11 marka Exp */ | |
21 | 21 | |||
22 | /*! \file */ | 22 | /*! \file */ | |
23 | 23 | |||
24 | #include <config.h> | 24 | #include <config.h> | |
25 | 25 | |||
26 | #include <stdlib.h> | 26 | #include <stdlib.h> | |
27 | #include <unistd.h> | 27 | #include <unistd.h> | |
28 | #include <limits.h> | |||
29 | #include <ctype.h> | |||
30 | #include <sys/types.h> | |||
31 | #include <sys/stat.h> | |||
28 | 32 | |||
29 | #include <isc/app.h> | 33 | #include <isc/app.h> | |
30 | #include <isc/base64.h> | 34 | #include <isc/base64.h> | |
31 | #include <isc/dir.h> | 35 | #include <isc/dir.h> | |
32 | #include <isc/entropy.h> | 36 | #include <isc/entropy.h> | |
33 | #include <isc/file.h> | 37 | #include <isc/file.h> | |
34 | #include <isc/hash.h> | 38 | #include <isc/hash.h> | |
35 | #include <isc/httpd.h> | 39 | #include <isc/httpd.h> | |
36 | #include <isc/lex.h> | 40 | #include <isc/lex.h> | |
37 | #include <isc/parseint.h> | 41 | #include <isc/parseint.h> | |
38 | #include <isc/portset.h> | 42 | #include <isc/portset.h> | |
39 | #include <isc/print.h> | 43 | #include <isc/print.h> | |
40 | #include <isc/resource.h> | 44 | #include <isc/resource.h> | |
45 | #include <isc/sha2.h> | |||
41 | #include <isc/socket.h> | 46 | #include <isc/socket.h> | |
42 | #include <isc/stat.h> | 47 | #include <isc/stat.h> | |
43 | #include <isc/stats.h> | 48 | #include <isc/stats.h> | |
44 | #include <isc/stdio.h> | 49 | #include <isc/stdio.h> | |
45 | #include <isc/string.h> | 50 | #include <isc/string.h> | |
46 | #include <isc/task.h> | 51 | #include <isc/task.h> | |
47 | #include <isc/timer.h> | 52 | #include <isc/timer.h> | |
48 | #include <isc/util.h> | 53 | #include <isc/util.h> | |
49 | #include <isc/xml.h> | 54 | #include <isc/xml.h> | |
50 | 55 | |||
51 | #include <isccfg/namedconf.h> | 56 | #include <isccfg/namedconf.h> | |
52 | 57 | |||
53 | #include <bind9/check.h> | 58 | #include <bind9/check.h> | |
@@ -96,26 +101,30 @@ | @@ -96,26 +101,30 @@ | |||
96 | #include <named/lwresd.h> | 101 | #include <named/lwresd.h> | |
97 | #include <named/main.h> | 102 | #include <named/main.h> | |
98 | #include <named/os.h> | 103 | #include <named/os.h> | |
99 | #include <named/server.h> | 104 | #include <named/server.h> | |
100 | #include <named/statschannel.h> | 105 | #include <named/statschannel.h> | |
101 | #include <named/tkeyconf.h> | 106 | #include <named/tkeyconf.h> | |
102 | #include <named/tsigconf.h> | 107 | #include <named/tsigconf.h> | |
103 | #include <named/zoneconf.h> | 108 | #include <named/zoneconf.h> | |
104 | #ifdef HAVE_LIBSCF | 109 | #ifdef HAVE_LIBSCF | |
105 | #include <named/ns_smf_globals.h> | 110 | #include <named/ns_smf_globals.h> | |
106 | #include <stdlib.h> | 111 | #include <stdlib.h> | |
107 | #endif | 112 | #endif | |
108 | 113 | |||
114 | #ifndef PATH_MAX | |||
115 | #define PATH_MAX 1024 | |||
116 | #endif | |||
117 | ||||
109 | /*% | 118 | /*% | |
110 | * Check an operation for failure. Assumes that the function | 119 | * Check an operation for failure. Assumes that the function | |
111 | * using it has a 'result' variable and a 'cleanup' label. | 120 | * using it has a 'result' variable and a 'cleanup' label. | |
112 | */ | 121 | */ | |
113 | #define CHECK(op) \ | 122 | #define CHECK(op) \ | |
114 | do { result = (op); \ | 123 | do { result = (op); \ | |
115 | if (result != ISC_R_SUCCESS) goto cleanup; \ | 124 | if (result != ISC_R_SUCCESS) goto cleanup; \ | |
116 | } while (0) | 125 | } while (0) | |
117 | 126 | |||
118 | #define CHECKM(op, msg) \ | 127 | #define CHECKM(op, msg) \ | |
119 | do { result = (op); \ | 128 | do { result = (op); \ | |
120 | if (result != ISC_R_SUCCESS) { \ | 129 | if (result != ISC_R_SUCCESS) { \ | |
121 | isc_log_write(ns_g_lctx, \ | 130 | isc_log_write(ns_g_lctx, \ | |
@@ -215,43 +224,51 @@ static const struct { | @@ -215,43 +224,51 @@ static const struct { | |||
215 | { "22.172.IN-ADDR.ARPA", ISC_TRUE }, | 224 | { "22.172.IN-ADDR.ARPA", ISC_TRUE }, | |
216 | { "23.172.IN-ADDR.ARPA", ISC_TRUE }, | 225 | { "23.172.IN-ADDR.ARPA", ISC_TRUE }, | |
217 | { "24.172.IN-ADDR.ARPA", ISC_TRUE }, | 226 | { "24.172.IN-ADDR.ARPA", ISC_TRUE }, | |
218 | { "25.172.IN-ADDR.ARPA", ISC_TRUE }, | 227 | { "25.172.IN-ADDR.ARPA", ISC_TRUE }, | |
219 | { "26.172.IN-ADDR.ARPA", ISC_TRUE }, | 228 | { "26.172.IN-ADDR.ARPA", ISC_TRUE }, | |
220 | { "27.172.IN-ADDR.ARPA", ISC_TRUE }, | 229 | { "27.172.IN-ADDR.ARPA", ISC_TRUE }, | |
221 | { "28.172.IN-ADDR.ARPA", ISC_TRUE }, | 230 | { "28.172.IN-ADDR.ARPA", ISC_TRUE }, | |
222 | { "29.172.IN-ADDR.ARPA", ISC_TRUE }, | 231 | { "29.172.IN-ADDR.ARPA", ISC_TRUE }, | |
223 | { "30.172.IN-ADDR.ARPA", ISC_TRUE }, | 232 | { "30.172.IN-ADDR.ARPA", ISC_TRUE }, | |
224 | { "31.172.IN-ADDR.ARPA", ISC_TRUE }, | 233 | { "31.172.IN-ADDR.ARPA", ISC_TRUE }, | |
225 | { "168.192.IN-ADDR.ARPA", ISC_TRUE }, | 234 | { "168.192.IN-ADDR.ARPA", ISC_TRUE }, | |
226 | #endif | 235 | #endif | |
227 | 236 | |||
228 | /* RFC 3330 */ | 237 | /* RFC 5735 and RFC 5737 */ | |
229 | { "0.IN-ADDR.ARPA", ISC_FALSE }, /* THIS NETWORK */ | 238 | { "0.IN-ADDR.ARPA", ISC_FALSE }, /* THIS NETWORK */ | |
230 | { "127.IN-ADDR.ARPA", ISC_FALSE }, /* LOOPBACK */ | 239 | { "127.IN-ADDR.ARPA", ISC_FALSE }, /* LOOPBACK */ | |
231 | { "254.169.IN-ADDR.ARPA", ISC_FALSE }, /* LINK LOCAL */ | 240 | { "254.169.IN-ADDR.ARPA", ISC_FALSE }, /* LINK LOCAL */ | |
232 | { "2.0.192.IN-ADDR.ARPA", ISC_FALSE }, /* TEST NET */ | 241 | { "2.0.192.IN-ADDR.ARPA", ISC_FALSE }, /* TEST NET */ | |
242 | { "100.51.198.IN-ADDR.ARPA", ISC_FALSE }, /* TEST NET 2 */ | |||
243 | { "113.0.203.IN-ADDR.ARPA", ISC_FALSE }, /* TEST NET 3 */ | |||
233 | { "255.255.255.255.IN-ADDR.ARPA", ISC_FALSE }, /* BROADCAST */ | 244 | { "255.255.255.255.IN-ADDR.ARPA", ISC_FALSE }, /* BROADCAST */ | |
234 | 245 | |||
235 | /* Local IPv6 Unicast Addresses */ | 246 | /* Local IPv6 Unicast Addresses */ | |
236 | { "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA", ISC_FALSE }, | 247 | { "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA", ISC_FALSE }, | |
237 | { "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA", ISC_FALSE }, | 248 | { "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA", ISC_FALSE }, | |
238 | /* LOCALLY ASSIGNED LOCAL ADDRESS SCOPE */ | 249 | /* LOCALLY ASSIGNED LOCAL ADDRESS SCOPE */ | |
239 | { "D.F.IP6.ARPA", ISC_FALSE }, | 250 | { "D.F.IP6.ARPA", ISC_FALSE }, | |
240 | { "8.E.F.IP6.ARPA", ISC_FALSE }, /* LINK LOCAL */ | 251 | { "8.E.F.IP6.ARPA", ISC_FALSE }, /* LINK LOCAL */ | |
241 | { "9.E.F.IP6.ARPA", ISC_FALSE }, /* LINK LOCAL */ | 252 | { "9.E.F.IP6.ARPA", ISC_FALSE }, /* LINK LOCAL */ | |
242 | { "A.E.F.IP6.ARPA", ISC_FALSE }, /* LINK LOCAL */ | 253 | { "A.E.F.IP6.ARPA", ISC_FALSE }, /* LINK LOCAL */ | |
243 | { "B.E.F.IP6.ARPA", ISC_FALSE }, /* LINK LOCAL */ | 254 | { "B.E.F.IP6.ARPA", ISC_FALSE }, /* LINK LOCAL */ | |
244 | 255 | |||
256 | /* Example Prefix, RFC 3849. */ | |||
257 | { "8.B.D.0.1.0.0.2.IP6.ARPA", ISC_FALSE }, | |||
258 | ||||
259 | /* ORCHID Prefix, RFC 4843. */ | |||
260 | { "0.1.1.0.0.2.IP6.ARPA", ISC_FALSE }, | |||
261 | ||||
245 | { NULL, ISC_FALSE } | 262 | { NULL, ISC_FALSE } | |
246 | }; | 263 | }; | |
247 | 264 | |||
248 | ISC_PLATFORM_NORETURN_PRE static void | 265 | ISC_PLATFORM_NORETURN_PRE static void | |
249 | fatal(const char *msg, isc_result_t result) ISC_PLATFORM_NORETURN_POST; | 266 | fatal(const char *msg, isc_result_t result) ISC_PLATFORM_NORETURN_POST; | |
250 | 267 | |||
251 | static void | 268 | static void | |
252 | ns_server_reload(isc_task_t *task, isc_event_t *event); | 269 | ns_server_reload(isc_task_t *task, isc_event_t *event); | |
253 | 270 | |||
254 | static isc_result_t | 271 | static isc_result_t | |
255 | ns_listenelt_fromconfig(const cfg_obj_t *listener, const cfg_obj_t *config, | 272 | ns_listenelt_fromconfig(const cfg_obj_t *listener, const cfg_obj_t *config, | |
256 | cfg_aclconfctx_t *actx, | 273 | cfg_aclconfctx_t *actx, | |
257 | isc_mem_t *mctx, ns_listenelt_t **target); | 274 | isc_mem_t *mctx, ns_listenelt_t **target); | |
@@ -264,31 +281,40 @@ static isc_result_t | @@ -264,31 +281,40 @@ static isc_result_t | |||
264 | configure_forward(const cfg_obj_t *config, dns_view_t *view, dns_name_t *origin, | 281 | configure_forward(const cfg_obj_t *config, dns_view_t *view, dns_name_t *origin, | |
265 | const cfg_obj_t *forwarders, const cfg_obj_t *forwardtype); | 282 | const cfg_obj_t *forwarders, const cfg_obj_t *forwardtype); | |
266 | 283 | |||
267 | static isc_result_t | 284 | static isc_result_t | |
268 | configure_alternates(const cfg_obj_t *config, dns_view_t *view, | 285 | configure_alternates(const cfg_obj_t *config, dns_view_t *view, | |
269 | const cfg_obj_t *alternates); | 286 | const cfg_obj_t *alternates); | |
270 | 287 | |||
271 | static isc_result_t | 288 | static isc_result_t | |
272 | configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, | 289 | configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, | |
273 | const cfg_obj_t *vconfig, isc_mem_t *mctx, dns_view_t *view, | 290 | const cfg_obj_t *vconfig, isc_mem_t *mctx, dns_view_t *view, | |
274 | cfg_aclconfctx_t *aclconf); | 291 | cfg_aclconfctx_t *aclconf); | |
275 | 292 | |||
276 | static isc_result_t | 293 | static isc_result_t | |
277 | add_keydata_zone(dns_view_t *view, isc_mem_t *mctx); | 294 | add_keydata_zone(dns_view_t *view, const char *directory, isc_mem_t *mctx); | |
278 | 295 | |||
279 | static void | 296 | static void | |
280 | end_reserved_dispatches(ns_server_t *server, isc_boolean_t all); | 297 | end_reserved_dispatches(ns_server_t *server, isc_boolean_t all); | |
281 | 298 | |||
299 | /* | |||
300 | * Stores config for building zones after the fact | |||
301 | */ | |||
302 | static cfg_obj_t *nzf_config = NULL; | |||
303 | static cfg_parser_t *nzf_parser = NULL; | |||
304 | static const char *nzf_file = NULL; | |||
305 | static const cfg_obj_t *nzf_option = NULL; | |||
306 | static cfg_aclconfctx_t nzf_actx; | |||
307 | ||||
282 | /*% | 308 | /*% | |
283 | * Configure a single view ACL at '*aclp'. Get its configuration from | 309 | * Configure a single view ACL at '*aclp'. Get its configuration from | |
284 | * 'vconfig' (for per-view configuration) and maybe from 'config' | 310 | * 'vconfig' (for per-view configuration) and maybe from 'config' | |
285 | */ | 311 | */ | |
286 | static isc_result_t | 312 | static isc_result_t | |
287 | configure_view_acl(const cfg_obj_t *vconfig, const cfg_obj_t *config, | 313 | configure_view_acl(const cfg_obj_t *vconfig, const cfg_obj_t *config, | |
288 | const char *aclname, const char *acltuplename, | 314 | const char *aclname, const char *acltuplename, | |
289 | cfg_aclconfctx_t *actx, isc_mem_t *mctx, dns_acl_t **aclp) | 315 | cfg_aclconfctx_t *actx, isc_mem_t *mctx, dns_acl_t **aclp) | |
290 | { | 316 | { | |
291 | isc_result_t result; | 317 | isc_result_t result; | |
292 | const cfg_obj_t *maps[3]; | 318 | const cfg_obj_t *maps[3]; | |
293 | const cfg_obj_t *aclobj = NULL; | 319 | const cfg_obj_t *aclobj = NULL; | |
294 | int i = 0; | 320 | int i = 0; | |
@@ -471,27 +497,27 @@ dstkey_fromconfig(const cfg_obj_t *vconf | @@ -471,27 +497,27 @@ dstkey_fromconfig(const cfg_obj_t *vconf | |||
471 | 497 | |||
472 | INSIST(target != NULL && *target == NULL); | 498 | INSIST(target != NULL && *target == NULL); | |
473 | 499 | |||
474 | flags = cfg_obj_asuint32(cfg_tuple_get(key, "flags")); | 500 | flags = cfg_obj_asuint32(cfg_tuple_get(key, "flags")); | |
475 | proto = cfg_obj_asuint32(cfg_tuple_get(key, "protocol")); | 501 | proto = cfg_obj_asuint32(cfg_tuple_get(key, "protocol")); | |
476 | alg = cfg_obj_asuint32(cfg_tuple_get(key, "algorithm")); | 502 | alg = cfg_obj_asuint32(cfg_tuple_get(key, "algorithm")); | |
477 | keyname = dns_fixedname_name(&fkeyname); | 503 | keyname = dns_fixedname_name(&fkeyname); | |
478 | keynamestr = cfg_obj_asstring(cfg_tuple_get(key, "name")); | 504 | keynamestr = cfg_obj_asstring(cfg_tuple_get(key, "name")); | |
479 | 505 | |||
480 | if (managed) { | 506 | if (managed) { | |
481 | const char *initmethod; | 507 | const char *initmethod; | |
482 | initmethod = cfg_obj_asstring(cfg_tuple_get(key, "init")); | 508 | initmethod = cfg_obj_asstring(cfg_tuple_get(key, "init")); | |
483 | 509 | |||
484 | if (strcmp(initmethod, "initial-key") != 0) { | 510 | if (strcasecmp(initmethod, "initial-key") != 0) { | |
485 | cfg_obj_log(key, ns_g_lctx, ISC_LOG_ERROR, | 511 | cfg_obj_log(key, ns_g_lctx, ISC_LOG_ERROR, | |
486 | "managed key '%s': " | 512 | "managed key '%s': " | |
487 | "invalid initialization method '%s'", | 513 | "invalid initialization method '%s'", | |
488 | keynamestr, initmethod); | 514 | keynamestr, initmethod); | |
489 | result = ISC_R_FAILURE; | 515 | result = ISC_R_FAILURE; | |
490 | goto cleanup; | 516 | goto cleanup; | |
491 | } | 517 | } | |
492 | } | 518 | } | |
493 | 519 | |||
494 | if (vconfig == NULL) | 520 | if (vconfig == NULL) | |
495 | viewclass = dns_rdataclass_in; | 521 | viewclass = dns_rdataclass_in; | |
496 | else { | 522 | else { | |
497 | const cfg_obj_t *classobj = cfg_tuple_get(vconfig, "class"); | 523 | const cfg_obj_t *classobj = cfg_tuple_get(vconfig, "class"); | |
@@ -619,114 +645,120 @@ load_view_keys(const cfg_obj_t *keys, co | @@ -619,114 +645,120 @@ load_view_keys(const cfg_obj_t *keys, co | |||
619 | * Configure DNSSEC keys for a view. | 645 | * Configure DNSSEC keys for a view. | |
620 | * | 646 | * | |
621 | * The per-view configuration values and the server-global defaults are read | 647 | * The per-view configuration values and the server-global defaults are read | |
622 | * from 'vconfig' and 'config'. | 648 | * from 'vconfig' and 'config'. | |
623 | */ | 649 | */ | |
624 | static isc_result_t | 650 | static isc_result_t | |
625 | configure_view_dnsseckeys(dns_view_t *view, const cfg_obj_t *vconfig, | 651 | configure_view_dnsseckeys(dns_view_t *view, const cfg_obj_t *vconfig, | |
626 | const cfg_obj_t *config, const cfg_obj_t *bindkeys, | 652 | const cfg_obj_t *config, const cfg_obj_t *bindkeys, | |
627 | isc_boolean_t auto_dlv, isc_mem_t *mctx) | 653 | isc_boolean_t auto_dlv, isc_mem_t *mctx) | |
628 | { | 654 | { | |
629 | isc_result_t result = ISC_R_SUCCESS; | 655 | isc_result_t result = ISC_R_SUCCESS; | |
630 | const cfg_obj_t *view_keys = NULL; | 656 | const cfg_obj_t *view_keys = NULL; | |
631 | const cfg_obj_t *global_keys = NULL; | 657 | const cfg_obj_t *global_keys = NULL; | |
658 | const cfg_obj_t *view_managed_keys = NULL; | |||
632 | const cfg_obj_t *global_managed_keys = NULL; | 659 | const cfg_obj_t *global_managed_keys = NULL; | |
633 | const cfg_obj_t *builtin_keys = NULL; | 660 | const cfg_obj_t *builtin_keys = NULL; | |
634 | const cfg_obj_t *builtin_managed_keys = NULL; | 661 | const cfg_obj_t *builtin_managed_keys = NULL; | |
635 | const cfg_obj_t *maps[4]; | 662 | const cfg_obj_t *maps[4]; | |
636 | const cfg_obj_t *voptions = NULL; | 663 | const cfg_obj_t *voptions = NULL; | |
637 | const cfg_obj_t *options = NULL; | 664 | const cfg_obj_t *options = NULL; | |
638 | isc_boolean_t meta; | 665 | const cfg_obj_t *obj = NULL; | |
666 | const char *directory; | |||
639 | int i = 0; | 667 | int i = 0; | |
640 | 668 | |||
641 | /* We don't need trust anchors for the _bind view */ | 669 | /* We don't need trust anchors for the _bind view */ | |
642 | if (strcmp(view->name, "_bind") == 0 && | 670 | if (strcmp(view->name, "_bind") == 0 && | |
643 | view->rdclass == dns_rdataclass_chaos) { | 671 | view->rdclass == dns_rdataclass_chaos) { | |
644 | return (ISC_R_SUCCESS); | 672 | return (ISC_R_SUCCESS); | |
645 | } | 673 | } | |
646 | 674 | |||
647 | meta = ISC_TF(strcmp(view->name, "_meta") == 0 && | |||
648 | view->rdclass == dns_rdataclass_in); | |||
649 | ||||
650 | if (vconfig != NULL) { | 675 | if (vconfig != NULL) { | |
651 | voptions = cfg_tuple_get(vconfig, "options"); | 676 | voptions = cfg_tuple_get(vconfig, "options"); | |
652 | if (voptions != NULL) { | 677 | if (voptions != NULL) { | |
653 | (void) cfg_map_get(voptions, "trusted-keys", | 678 | (void) cfg_map_get(voptions, "trusted-keys", | |
654 | &view_keys); | 679 | &view_keys); | |
680 | (void) cfg_map_get(voptions, "managed-keys", | |||
681 | &view_managed_keys); | |||
655 | maps[i++] = voptions; | 682 | maps[i++] = voptions; | |
656 | } | 683 | } | |
657 | } | 684 | } | |
658 | 685 | |||
659 | if (config != NULL) { | 686 | if (config != NULL) { | |
660 | (void)cfg_map_get(config, "trusted-keys", &global_keys); | 687 | (void)cfg_map_get(config, "trusted-keys", &global_keys); | |
661 | (void)cfg_map_get(config, "managed-keys", &global_managed_keys); | 688 | (void)cfg_map_get(config, "managed-keys", &global_managed_keys); | |
662 | (void)cfg_map_get(config, "options", &options); | 689 | (void)cfg_map_get(config, "options", &options); | |
663 | if (options != NULL) { | 690 | if (options != NULL) { | |
664 | maps[i++] = options; | 691 | maps[i++] = options; | |
665 | } | 692 | } | |
666 | } | 693 | } | |
667 | 694 | |||
668 | maps[i++] = ns_g_defaults; | 695 | maps[i++] = ns_g_defaults; | |
669 | maps[i] = NULL; | 696 | maps[i] = NULL; | |
670 | 697 | |||
671 | result = dns_view_initsecroots(view, mctx); | 698 | result = dns_view_initsecroots(view, mctx); | |
672 | if (result != ISC_R_SUCCESS) { | 699 | if (result != ISC_R_SUCCESS) { | |
673 | isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, | 700 | isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, | |
674 | NS_LOGMODULE_SERVER, ISC_LOG_ERROR, | 701 | NS_LOGMODULE_SERVER, ISC_LOG_ERROR, | |
675 | "couldn't create keytable"); | 702 | "couldn't create keytable"); | |
676 | return (ISC_R_UNEXPECTED); | 703 | return (ISC_R_UNEXPECTED); | |
677 | } | 704 | } | |
678 | 705 | |||
679 | if (global_managed_keys != NULL) | 706 | if (auto_dlv && view->rdclass == dns_rdataclass_in) { | |
680 | ns_g_server->managedkeys = ISC_TRUE; | |||
681 | ||||
682 | if (auto_dlv) { | |||
683 | isc_log_write(ns_g_lctx, DNS_LOGCATEGORY_SECURITY, | 707 | isc_log_write(ns_g_lctx, DNS_LOGCATEGORY_SECURITY, | |
684 | NS_LOGMODULE_SERVER, ISC_LOG_WARNING, | 708 | NS_LOGMODULE_SERVER, ISC_LOG_WARNING, | |
685 | "using built-in trusted-keys for view %s", | 709 | "using built-in trusted-keys for view %s", | |
686 | view->name); | 710 | view->name); | |
687 | 711 | |||
688 | /* | 712 | /* | |
689 | * If bind.keys exists, it overrides the managed-keys | 713 | * If bind.keys exists, it overrides the managed-keys | |
690 | * clause hard-coded in ns_g_config. | 714 | * clause hard-coded in ns_g_config. | |
691 | */ | 715 | */ | |
692 | if (bindkeys != NULL) { | 716 | if (bindkeys != NULL) { | |
693 | (void)cfg_map_get(bindkeys, "trusted-keys", | 717 | (void)cfg_map_get(bindkeys, "trusted-keys", | |
694 | &builtin_keys); | 718 | &builtin_keys); | |
695 | (void)cfg_map_get(bindkeys, "managed-keys", | 719 | (void)cfg_map_get(bindkeys, "managed-keys", | |
696 | &builtin_managed_keys); | 720 | &builtin_managed_keys); | |
697 | } else { | 721 | } else { | |
698 | (void)cfg_map_get(ns_g_config, "trusted-keys", | 722 | (void)cfg_map_get(ns_g_config, "trusted-keys", | |
699 | &builtin_keys); | 723 | &builtin_keys); | |
700 | (void)cfg_map_get(ns_g_config, "managed-keys", | 724 | (void)cfg_map_get(ns_g_config, "managed-keys", | |
701 | &builtin_managed_keys); | 725 | &builtin_managed_keys); | |
702 | } | 726 | } | |
703 | 727 | |||
728 | if (builtin_keys != NULL) | |||
729 | CHECK(load_view_keys(builtin_keys, vconfig, view, | |||
730 | ISC_FALSE, mctx)); | |||
704 | if (builtin_managed_keys != NULL) | 731 | if (builtin_managed_keys != NULL) | |
705 | ns_g_server->managedkeys = ISC_TRUE; | |||
706 | CHECK(load_view_keys(builtin_keys, vconfig, view, | |||
707 | ISC_FALSE, mctx)); | |||
708 | ||||
709 | if (meta) | |||
710 | CHECK(load_view_keys(builtin_managed_keys, vconfig, | 732 | CHECK(load_view_keys(builtin_managed_keys, vconfig, | |
711 | view, ISC_TRUE, mctx)); | 733 | view, ISC_TRUE, mctx)); | |
712 | } | 734 | } | |
713 | 735 | |||
714 | CHECK(load_view_keys(view_keys, vconfig, view, ISC_FALSE, mctx)); | 736 | CHECK(load_view_keys(view_keys, vconfig, view, ISC_FALSE, mctx)); | |
715 | CHECK(load_view_keys(global_keys, vconfig, view, ISC_FALSE, mctx)); | 737 | CHECK(load_view_keys(view_managed_keys, vconfig, view, ISC_TRUE, mctx)); | |
716 | 738 | if (view->rdclass == dns_rdataclass_in) { | ||
717 | if (meta) | 739 | CHECK(load_view_keys(global_keys, vconfig, view, ISC_FALSE, | |
740 | mctx)); | |||
718 | CHECK(load_view_keys(global_managed_keys, vconfig, view, | 741 | CHECK(load_view_keys(global_managed_keys, vconfig, view, | |
719 | ISC_TRUE, mctx)); | 742 | ISC_TRUE, mctx)); | |
743 | } | |||
744 | ||||
745 | /* | |||
746 | * Add key zone for managed-keys. | |||
747 | */ | |||
748 | obj = NULL; | |||
749 | (void)ns_config_get(maps, "managed-keys-directory", &obj); | |||
750 | directory = obj != NULL ? cfg_obj_asstring(obj) : NULL; | |||
751 | CHECK(add_keydata_zone(view, directory, ns_g_mctx)); | |||
720 | 752 | |||
721 | cleanup: | 753 | cleanup: | |
722 | return (result); | 754 | return (result); | |
723 | } | 755 | } | |
724 | 756 | |||
725 | static isc_result_t | 757 | static isc_result_t | |
726 | mustbesecure(const cfg_obj_t *mbs, dns_resolver_t *resolver) { | 758 | mustbesecure(const cfg_obj_t *mbs, dns_resolver_t *resolver) { | |
727 | const cfg_listelt_t *element; | 759 | const cfg_listelt_t *element; | |
728 | const cfg_obj_t *obj; | 760 | const cfg_obj_t *obj; | |
729 | const char *str; | 761 | const char *str; | |
730 | dns_fixedname_t fixed; | 762 | dns_fixedname_t fixed; | |
731 | dns_name_t *name; | 763 | dns_name_t *name; | |
732 | isc_boolean_t value; | 764 | isc_boolean_t value; | |
@@ -2100,28 +2132,30 @@ configure_view(dns_view_t *view, const c | @@ -2100,28 +2132,30 @@ configure_view(dns_view_t *view, const c | |||
2100 | INSIST(result == ISC_R_SUCCESS); | 2132 | INSIST(result == ISC_R_SUCCESS); | |
2101 | if (cfg_obj_isboolean(obj)) { | 2133 | if (cfg_obj_isboolean(obj)) { | |
2102 | if (cfg_obj_asboolean(obj)) | 2134 | if (cfg_obj_asboolean(obj)) | |
2103 | view->v4_aaaa = dns_v4_aaaa_filter; | 2135 | view->v4_aaaa = dns_v4_aaaa_filter; | |
2104 | else | 2136 | else | |
2105 | view->v4_aaaa = dns_v4_aaaa_ok; | 2137 | view->v4_aaaa = dns_v4_aaaa_ok; | |
2106 | } else { | 2138 | } else { | |
2107 | const char *v4_aaaastr = cfg_obj_asstring(obj); | 2139 | const char *v4_aaaastr = cfg_obj_asstring(obj); | |
2108 | if (strcasecmp(v4_aaaastr, "break-dnssec") == 0) | 2140 | if (strcasecmp(v4_aaaastr, "break-dnssec") == 0) | |
2109 | view->v4_aaaa = dns_v4_aaaa_break_dnssec; | 2141 | view->v4_aaaa = dns_v4_aaaa_break_dnssec; | |
2110 | else | 2142 | else | |
2111 | INSIST(0); | 2143 | INSIST(0); | |
2112 | } | 2144 | } | |
2113 | 2145 | CHECK(configure_view_acl(vconfig, config, "filter-aaaa", NULL, | ||
2146 | actx, ns_g_mctx, &view->v4_aaaa_acl)); | |||
2114 | #endif | 2147 | #endif | |
2148 | ||||
2115 | obj = NULL; | 2149 | obj = NULL; | |
2116 | result = ns_config_get(maps, "dnssec-enable", &obj); | 2150 | result = ns_config_get(maps, "dnssec-enable", &obj); | |
2117 | INSIST(result == ISC_R_SUCCESS); | 2151 | INSIST(result == ISC_R_SUCCESS); | |
2118 | view->enablednssec = cfg_obj_asboolean(obj); | 2152 | view->enablednssec = cfg_obj_asboolean(obj); | |
2119 | 2153 | |||
2120 | obj = NULL; | 2154 | obj = NULL; | |
2121 | result = ns_config_get(optionmaps, "dnssec-lookaside", &obj); | 2155 | result = ns_config_get(optionmaps, "dnssec-lookaside", &obj); | |
2122 | if (result == ISC_R_SUCCESS) { | 2156 | if (result == ISC_R_SUCCESS) { | |
2123 | /* If set to "auto", use the version from the defaults */ | 2157 | /* If set to "auto", use the version from the defaults */ | |
2124 | const cfg_obj_t *dlvobj; | 2158 | const cfg_obj_t *dlvobj; | |
2125 | dlvobj = cfg_listelt_value(cfg_list_first(obj)); | 2159 | dlvobj = cfg_listelt_value(cfg_list_first(obj)); | |
2126 | if (!strcmp(cfg_obj_asstring(cfg_tuple_get(dlvobj, "domain")), | 2160 | if (!strcmp(cfg_obj_asstring(cfg_tuple_get(dlvobj, "domain")), | |
2127 | "auto") && | 2161 | "auto") && | |
@@ -2913,78 +2947,84 @@ configure_zone(const cfg_obj_t *config, | @@ -2913,78 +2947,84 @@ configure_zone(const cfg_obj_t *config, | |||
2913 | if (zone != NULL) | 2947 | if (zone != NULL) | |
2914 | dns_zone_detach(&zone); | 2948 | dns_zone_detach(&zone); | |
2915 | if (pview != NULL) | 2949 | if (pview != NULL) | |
2916 | dns_view_detach(&pview); | 2950 | dns_view_detach(&pview); | |
2917 | 2951 | |||
2918 | return (result); | 2952 | return (result); | |
2919 | } | 2953 | } | |
2920 | 2954 | |||
2921 | /* | 2955 | /* | |
2922 | * Configure built-in zone for storing managed-key data. | 2956 | * Configure built-in zone for storing managed-key data. | |
2923 | */ | 2957 | */ | |
2924 | 2958 | |||
2925 | #define KEYZONE "managed-keys.bind" | 2959 | #define KEYZONE "managed-keys.bind" | |
2960 | #define MKEYS ".mkeys" | |||
2926 | 2961 | |||
2927 | static isc_result_t | 2962 | static isc_result_t | |
2928 | add_keydata_zone(dns_view_t *view, isc_mem_t *mctx) { | 2963 | add_keydata_zone(dns_view_t *view, const char *directory, isc_mem_t *mctx) { | |
2929 | isc_result_t result; | 2964 | isc_result_t result; | |
2930 | dns_zone_t *zone = NULL; | 2965 | dns_zone_t *zone = NULL; | |
2931 | dns_acl_t *none = NULL; | 2966 | dns_acl_t *none = NULL; | |
2932 | dns_name_t zname; | 2967 | char filename[PATH_MAX]; | |
2933 | 2968 | char buffer[ISC_SHA256_DIGESTSTRINGLENGTH + sizeof(MKEYS)]; | ||
2934 | if (!ns_g_server->managedkeys) | 2969 | int n; | |
2935 | return (ISC_R_SUCCESS); | |||
2936 | 2970 | |||
2937 | REQUIRE(view != NULL); | 2971 | REQUIRE(view != NULL); | |
2938 | 2972 | |||
2939 | CHECK(dns_zone_create(&zone, mctx)); | 2973 | CHECK(dns_zone_create(&zone, mctx)); | |
2940 | 2974 | |||
2941 | dns_name_init(&zname, NULL); | 2975 | CHECK(dns_zone_setorigin(zone, dns_rootname)); | |
2942 | CHECK(dns_name_fromstring(&zname, KEYZONE, 0, mctx)); | |||
2943 | CHECK(dns_zone_setorigin(zone, &zname)); | |||
2944 | dns_name_free(&zname, mctx); | |||
2945 | ||||
2946 | CHECK(dns_zone_setfile(zone, KEYZONE)); | |||
2947 | 2976 | |||
2948 | if (view->hints == NULL) | 2977 | isc_sha256_data((void *)view->name, strlen(view->name), buffer); | |
2949 | dns_view_sethints(view, ns_g_server->in_roothints); | 2978 | strcat(buffer, MKEYS); | |
2979 | n = snprintf(filename, sizeof(filename), "%s%s%s", | |||
2980 | directory ? directory : "", directory ? "/" : "", | |||
2981 | strcmp(view->name, "_default") == 0 ? KEYZONE : buffer); | |||
2982 | if (n < 0 || (size_t)n >= sizeof(filename)) { | |||
2983 | result = (n < 0) ? ISC_R_FAILURE : ISC_R_NOSPACE; | |||
2984 | goto cleanup; | |||
2985 | } | |||
2986 | CHECK(dns_zone_setfile(zone, filename)); | |||
2950 | 2987 | |||
2951 | dns_zone_setview(zone, view); | 2988 | dns_zone_setview(zone, view); | |
2952 | dns_zone_settype(zone, dns_zone_key); | 2989 | dns_zone_settype(zone, dns_zone_key); | |
2953 | dns_zone_setclass(zone, view->rdclass); | 2990 | dns_zone_setclass(zone, view->rdclass); | |
2954 | 2991 | |||
2955 | CHECK(dns_zonemgr_managezone(ns_g_server->zonemgr, zone)); | 2992 | CHECK(dns_zonemgr_managezone(ns_g_server->zonemgr, zone)); | |
2956 | 2993 | |||
2957 | if (view->acache != NULL) | 2994 | if (view->acache != NULL) | |
2958 | dns_zone_setacache(zone, view->acache); | 2995 | dns_zone_setacache(zone, view->acache); | |
2959 | 2996 | |||
2960 | CHECK(dns_acl_none(mctx, &none)); | 2997 | CHECK(dns_acl_none(mctx, &none)); | |
2961 | dns_zone_setqueryacl(zone, none); | 2998 | dns_zone_setqueryacl(zone, none); | |
2962 | dns_zone_setqueryonacl(zone, none); | 2999 | dns_zone_setqueryonacl(zone, none); | |
2963 | dns_acl_detach(&none); | 3000 | dns_acl_detach(&none); | |
2964 | 3001 | |||
2965 | dns_zone_setdialup(zone, dns_dialuptype_no); | 3002 | dns_zone_setdialup(zone, dns_dialuptype_no); | |
2966 | dns_zone_setnotifytype(zone, dns_notifytype_no); | 3003 | dns_zone_setnotifytype(zone, dns_notifytype_no); | |
2967 | dns_zone_setoption(zone, DNS_ZONEOPT_NOCHECKNS, ISC_TRUE); | 3004 | dns_zone_setoption(zone, DNS_ZONEOPT_NOCHECKNS, ISC_TRUE); | |
2968 | dns_zone_setjournalsize(zone, 0); | 3005 | dns_zone_setjournalsize(zone, 0); | |
2969 | 3006 | |||
2970 | dns_zone_setstats(zone, ns_g_server->zonestats); | 3007 | dns_zone_setstats(zone, ns_g_server->zonestats); | |
2971 | CHECK(setquerystats(zone, mctx, ISC_FALSE)); | 3008 | CHECK(setquerystats(zone, mctx, ISC_FALSE)); | |
2972 | 3009 | |||
2973 | CHECK(dns_view_addzone(view, zone)); | 3010 | if (view->managed_keys != NULL) | |
3011 | dns_zone_detach(&view->managed_keys); | |||
3012 | dns_zone_attach(zone, &view->managed_keys); | |||
2974 | 3013 | |||
2975 | isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, | 3014 | isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, | |
2976 | NS_LOGMODULE_SERVER, ISC_LOG_INFO, | 3015 | NS_LOGMODULE_SERVER, ISC_LOG_INFO, | |
2977 | "set up %s meta-zone", KEYZONE); | 3016 | "set up managed keys zone for view %s, file '%s'", | |
3017 | view->name, filename); | |||
2978 | 3018 | |||
2979 | cleanup: | 3019 | cleanup: | |
2980 | if (zone != NULL) | 3020 | if (zone != NULL) | |
2981 | dns_zone_detach(&zone); | 3021 | dns_zone_detach(&zone); | |
2982 | if (none != NULL) | 3022 | if (none != NULL) | |
2983 | dns_acl_detach(&none); | 3023 | dns_acl_detach(&none); | |
2984 | 3024 | |||
2985 | return (result); | 3025 | return (result); | |
2986 | } | 3026 | } | |
2987 | 3027 | |||
2988 | /* | 3028 | /* | |
2989 | * Configure a single server quota. | 3029 | * Configure a single server quota. | |
2990 | */ | 3030 | */ | |
@@ -3963,26 +4003,37 @@ load_configuration(const char *filename, | @@ -3963,26 +4003,37 @@ load_configuration(const char *filename, | |||
3963 | * Not specified, use default. | 4003 | * Not specified, use default. | |
3964 | */ | 4004 | */ | |
3965 | enable = ISC_TF(isc_net_probeipv4() != ISC_R_SUCCESS); | 4005 | enable = ISC_TF(isc_net_probeipv4() != ISC_R_SUCCESS); | |
3966 | CHECK(ns_listenlist_default(ns_g_mctx, listen_port, | 4006 | CHECK(ns_listenlist_default(ns_g_mctx, listen_port, | |
3967 | enable, &listenon)); | 4007 | enable, &listenon)); | |
3968 | } | 4008 | } | |
3969 | if (listenon != NULL) { | 4009 | if (listenon != NULL) { | |
3970 | ns_interfacemgr_setlistenon6(server->interfacemgr, | 4010 | ns_interfacemgr_setlistenon6(server->interfacemgr, | |
3971 | listenon); | 4011 | listenon); | |
3972 | ns_listenlist_detach(&listenon); | 4012 | ns_listenlist_detach(&listenon); | |
3973 | } | 4013 | } | |
3974 | } | 4014 | } | |
3975 | 4015 | |||
4016 | /* Are we preserving config for adding zones dynamically? */ | |||
4017 | obj = NULL; | |||
4018 | result = cfg_map_get(options, "new-zone-file", &obj); | |||
4019 | if (obj && nzf_option == NULL) { | |||
4020 | nzf_file = cfg_obj_asstring(obj); | |||
4021 | if (nzf_file && *nzf_file) { | |||
4022 | /* Remember this configuration */ | |||
4023 | nzf_option = config; | |||
4024 | } | |||
4025 | } | |||
4026 | ||||
3976 | /* | 4027 | /* | |
3977 | * Rescan the interface list to pick up changes in the | 4028 | * Rescan the interface list to pick up changes in the | |
3978 | * listen-on option. It's important that we do this before we try | 4029 | * listen-on option. It's important that we do this before we try | |
3979 | * to configure the query source, since the dispatcher we use might | 4030 | * to configure the query source, since the dispatcher we use might | |
3980 | * be shared with an interface. | 4031 | * be shared with an interface. | |
3981 | */ | 4032 | */ | |
3982 | scan_interfaces(server, ISC_TRUE); | 4033 | scan_interfaces(server, ISC_TRUE); | |
3983 | 4034 | |||
3984 | /* | 4035 | /* | |
3985 | * Arrange for further interface scanning to occur periodically | 4036 | * Arrange for further interface scanning to occur periodically | |
3986 | * as specified by the "interface-interval" option. | 4037 | * as specified by the "interface-interval" option. | |
3987 | */ | 4038 | */ | |
3988 | obj = NULL; | 4039 | obj = NULL; | |
@@ -4058,72 +4109,79 @@ load_configuration(const char *filename, | @@ -4058,72 +4109,79 @@ load_configuration(const char *filename, | |||
4058 | (void)cfg_map_get(config, "view", &views); | 4109 | (void)cfg_map_get(config, "view", &views); | |
4059 | for (element = cfg_list_first(views); | 4110 | for (element = cfg_list_first(views); | |
4060 | element != NULL; | 4111 | element != NULL; | |
4061 | element = cfg_list_next(element)) | 4112 | element = cfg_list_next(element)) | |
4062 | { | 4113 | { | |
4063 | const cfg_obj_t *vconfig = cfg_listelt_value(element); | 4114 | const cfg_obj_t *vconfig = cfg_listelt_value(element); | |
4064 | view = NULL; | 4115 | view = NULL; | |
4065 | 4116 | |||
4066 | CHECK(create_view(vconfig, &viewlist, &view)); | 4117 | CHECK(create_view(vconfig, &viewlist, &view)); | |
4067 | INSIST(view != NULL); | 4118 | INSIST(view != NULL); | |
4068 | CHECK(configure_view(view, config, vconfig, | 4119 | CHECK(configure_view(view, config, vconfig, | |
4069 | &cachelist, bindkeys, | 4120 | &cachelist, bindkeys, | |
4070 | ns_g_mctx, &aclconfctx, ISC_TRUE)); | 4121 | ns_g_mctx, &aclconfctx, ISC_TRUE)); | |
4122 | ||||
4123 | if (vconfig != NULL) { | |||
4124 | /* | |||
4125 | * Are we preserving config for dynamically added | |||
4126 | * zones? | |||
4127 | */ | |||
4128 | const cfg_obj_t *voptions; | |||
4129 | voptions = cfg_tuple_get(vconfig, "options"); | |||
4130 | obj = NULL; | |||
4131 | result = cfg_map_get(voptions, "new-zone-file", &obj); | |||
4132 | if (obj && nzf_option == NULL) | |||
4133 | nzf_option = config; | |||
4134 | } | |||
4135 | ||||
4071 | dns_view_freeze(view); | 4136 | dns_view_freeze(view); | |
4072 | dns_view_detach(&view); | 4137 | dns_view_detach(&view); | |
4073 | } | 4138 | } | |
4074 | 4139 | |||
4075 | /* | 4140 | /* | |
4076 | * Make sure we have a default view if and only if there | 4141 | * Make sure we have a default view if and only if there | |
4077 | * were no explicit views. | 4142 | * were no explicit views. | |
4078 | */ | 4143 | */ | |
4079 | if (views == NULL) { | 4144 | if (views == NULL) { | |
4080 | /* | 4145 | /* | |
4081 | * No explicit views; there ought to be a default view. | 4146 | * No explicit views; there ought to be a default view. | |
4082 | * There may already be one created as a side effect | 4147 | * There may already be one created as a side effect | |
4083 | * of zone statements, or we may have to create one. | 4148 | * of zone statements, or we may have to create one. | |
4084 | * In either case, we need to configure and freeze it. | 4149 | * In either case, we need to configure and freeze it. | |
4085 | */ | 4150 | */ | |
4086 | CHECK(create_view(NULL, &viewlist, &view)); | 4151 | CHECK(create_view(NULL, &viewlist, &view)); | |
4087 | CHECK(configure_view(view, config, NULL, | 4152 | CHECK(configure_view(view, config, NULL, | |
4088 | &cachelist, bindkeys, | 4153 | &cachelist, bindkeys, | |
4089 | ns_g_mctx, &aclconfctx, ISC_TRUE)); | 4154 | ns_g_mctx, &aclconfctx, ISC_TRUE)); | |
4090 | dns_view_freeze(view); | 4155 | dns_view_freeze(view); | |
4091 | dns_view_detach(&view); | 4156 | dns_view_detach(&view); | |
4092 | } | 4157 | } | |
4093 | 4158 | |||
4094 | /* | 4159 | /* | |
4095 | * Create (or recreate) the built-in views. Currently | 4160 | * Create (or recreate) the built-in views. | |
4096 | * there is only one, the _bind view, but allow for others. | |||
4097 | */ | 4161 | */ | |
4098 | builtin_views = NULL; | 4162 | builtin_views = NULL; | |
4099 | RUNTIME_CHECK(cfg_map_get(ns_g_config, "view", | 4163 | RUNTIME_CHECK(cfg_map_get(ns_g_config, "view", | |
4100 | &builtin_views) == ISC_R_SUCCESS); | 4164 | &builtin_views) == ISC_R_SUCCESS); | |
4101 | for (element = cfg_list_first(builtin_views); | 4165 | for (element = cfg_list_first(builtin_views); | |
4102 | element != NULL; | 4166 | element != NULL; | |
4103 | element = cfg_list_next(element)) | 4167 | element = cfg_list_next(element)) | |
4104 | { | 4168 | { | |
4105 | const cfg_obj_t *vconfig = cfg_listelt_value(element); | 4169 | const cfg_obj_t *vconfig = cfg_listelt_value(element); | |
4106 | 4170 | |||
4107 | CHECK(create_view(vconfig, &builtin_viewlist, &view)); | 4171 | CHECK(create_view(vconfig, &builtin_viewlist, &view)); | |
4108 | CHECK(configure_view(view, config, vconfig, | 4172 | CHECK(configure_view(view, config, vconfig, | |
4109 | &cachelist, bindkeys, | 4173 | &cachelist, bindkeys, | |
4110 | ns_g_mctx, &aclconfctx, ISC_FALSE)); | 4174 | ns_g_mctx, &aclconfctx, ISC_FALSE)); | |
4111 | ||||
4112 | if (!strcmp(view->name, "_meta")) { | |||
4113 | result = add_keydata_zone(view, ns_g_mctx); | |||
4114 | RUNTIME_CHECK(result == ISC_R_SUCCESS); | |||
4115 | } | |||
4116 | ||||
4117 | dns_view_freeze(view); | 4175 | dns_view_freeze(view); | |
4118 | dns_view_detach(&view); | 4176 | dns_view_detach(&view); | |
4119 | view = NULL; | 4177 | view = NULL; | |
4120 | } | 4178 | } | |
4121 | 4179 | |||
4122 | /* Now combine the two viewlists into one */ | 4180 | /* Now combine the two viewlists into one */ | |
4123 | ISC_LIST_APPENDLIST(viewlist, builtin_viewlist, link); | 4181 | ISC_LIST_APPENDLIST(viewlist, builtin_viewlist, link); | |
4124 | 4182 | |||
4125 | /* Swap our new view list with the production one. */ | 4183 | /* Swap our new view list with the production one. */ | |
4126 | tmpviewlist = server->viewlist; | 4184 | tmpviewlist = server->viewlist; | |
4127 | server->viewlist = viewlist; | 4185 | server->viewlist = viewlist; | |
4128 | viewlist = tmpviewlist; | 4186 | viewlist = tmpviewlist; | |
4129 | 4187 | |||
@@ -4326,26 +4384,32 @@ load_configuration(const char *filename, | @@ -4326,26 +4384,32 @@ load_configuration(const char *filename, | |||
4326 | obj = NULL; | 4384 | obj = NULL; | |
4327 | result = ns_config_get(maps, "statistics-file", &obj); | 4385 | result = ns_config_get(maps, "statistics-file", &obj); | |
4328 | INSIST(result == ISC_R_SUCCESS); | 4386 | INSIST(result == ISC_R_SUCCESS); | |
4329 | CHECKM(setstring(server, &server->statsfile, cfg_obj_asstring(obj)), | 4387 | CHECKM(setstring(server, &server->statsfile, cfg_obj_asstring(obj)), | |
4330 | "strdup"); | 4388 | "strdup"); | |
4331 | 4389 | |||
4332 | obj = NULL; | 4390 | obj = NULL; | |
4333 | result = ns_config_get(maps, "dump-file", &obj); | 4391 | result = ns_config_get(maps, "dump-file", &obj); | |
4334 | INSIST(result == ISC_R_SUCCESS); | 4392 | INSIST(result == ISC_R_SUCCESS); | |
4335 | CHECKM(setstring(server, &server->dumpfile, cfg_obj_asstring(obj)), | 4393 | CHECKM(setstring(server, &server->dumpfile, cfg_obj_asstring(obj)), | |
4336 | "strdup"); | 4394 | "strdup"); | |
4337 | 4395 | |||
4338 | obj = NULL; | 4396 | obj = NULL; | |
4397 | result = ns_config_get(maps, "secroots-file", &obj); | |||
4398 | INSIST(result == ISC_R_SUCCESS); | |||
4399 | CHECKM(setstring(server, &server->secrootsfile, cfg_obj_asstring(obj)), | |||
4400 | "strdup"); | |||
4401 | ||||
4402 | obj = NULL; | |||
4339 | result = ns_config_get(maps, "recursing-file", &obj); | 4403 | result = ns_config_get(maps, "recursing-file", &obj); | |
4340 | INSIST(result == ISC_R_SUCCESS); | 4404 | INSIST(result == ISC_R_SUCCESS); | |
4341 | CHECKM(setstring(server, &server->recfile, cfg_obj_asstring(obj)), | 4405 | CHECKM(setstring(server, &server->recfile, cfg_obj_asstring(obj)), | |
4342 | "strdup"); | 4406 | "strdup"); | |
4343 | 4407 | |||
4344 | obj = NULL; | 4408 | obj = NULL; | |
4345 | result = ns_config_get(maps, "version", &obj); | 4409 | result = ns_config_get(maps, "version", &obj); | |
4346 | if (result == ISC_R_SUCCESS) { | 4410 | if (result == ISC_R_SUCCESS) { | |
4347 | CHECKM(setoptstring(server, &server->version, obj), "strdup"); | 4411 | CHECKM(setoptstring(server, &server->version, obj), "strdup"); | |
4348 | server->version_set = ISC_TRUE; | 4412 | server->version_set = ISC_TRUE; | |
4349 | } else { | 4413 | } else { | |
4350 | server->version_set = ISC_FALSE; | 4414 | server->version_set = ISC_FALSE; | |
4351 | } | 4415 | } | |
@@ -4382,27 +4446,36 @@ load_configuration(const char *filename, | @@ -4382,27 +4446,36 @@ load_configuration(const char *filename, | |||
4382 | } else { | 4446 | } else { | |
4383 | server->flushonshutdown = ISC_FALSE; | 4447 | server->flushonshutdown = ISC_FALSE; | |
4384 | } | 4448 | } | |
4385 | 4449 | |||
4386 | result = ISC_R_SUCCESS; | 4450 | result = ISC_R_SUCCESS; | |
4387 | 4451 | |||
4388 | cleanup: | 4452 | cleanup: | |
4389 | if (v4portset != NULL) | 4453 | if (v4portset != NULL) | |
4390 | isc_portset_destroy(ns_g_mctx, &v4portset); | 4454 | isc_portset_destroy(ns_g_mctx, &v4portset); | |
4391 | 4455 | |||
4392 | if (v6portset != NULL) | 4456 | if (v6portset != NULL) | |
4393 | isc_portset_destroy(ns_g_mctx, &v6portset); | 4457 | isc_portset_destroy(ns_g_mctx, &v6portset); | |
4394 | 4458 | |||
4395 | cfg_aclconfctx_destroy(&aclconfctx); | 4459 | /* Preserve config, we'll need it when adding zones */ | |
4460 | if (nzf_option != NULL) { | |||
4461 | nzf_parser = conf_parser; | |||
4462 | conf_parser = NULL; | |||
4463 | nzf_config = config; | |||
4464 | config = NULL; | |||
4465 | memcpy(&nzf_actx, &aclconfctx, sizeof(cfg_aclconfctx_t)); | |||
4466 | } else { | |||
4467 | cfg_aclconfctx_destroy(&aclconfctx); | |||
4468 | } | |||
4396 | 4469 | |||
4397 | if (conf_parser != NULL) { | 4470 | if (conf_parser != NULL) { | |
4398 | if (config != NULL) | 4471 | if (config != NULL) | |
4399 | cfg_obj_destroy(conf_parser, &config); | 4472 | cfg_obj_destroy(conf_parser, &config); | |
4400 | cfg_parser_destroy(&conf_parser); | 4473 | cfg_parser_destroy(&conf_parser); | |
4401 | } | 4474 | } | |
4402 | 4475 | |||
4403 | if (bindkeys_parser != NULL) { | 4476 | if (bindkeys_parser != NULL) { | |
4404 | if (bindkeys != NULL) | 4477 | if (bindkeys != NULL) | |
4405 | cfg_obj_destroy(bindkeys_parser, &bindkeys); | 4478 | cfg_obj_destroy(bindkeys_parser, &bindkeys); | |
4406 | cfg_parser_destroy(&bindkeys_parser); | 4479 | cfg_parser_destroy(&bindkeys_parser); | |
4407 | } | 4480 | } | |
4408 | 4481 | |||
@@ -4456,26 +4529,28 @@ load_zones(ns_server_t *server, isc_bool | @@ -4456,26 +4529,28 @@ load_zones(ns_server_t *server, isc_bool | |||
4456 | dns_view_t *view; | 4529 | dns_view_t *view; | |
4457 | 4530 | |||
4458 | result = isc_task_beginexclusive(server->task); | 4531 | result = isc_task_beginexclusive(server->task); | |
4459 | RUNTIME_CHECK(result == ISC_R_SUCCESS); | 4532 | RUNTIME_CHECK(result == ISC_R_SUCCESS); | |
4460 | 4533 | |||
4461 | /* | 4534 | /* | |
4462 | * Load zone data from disk. | 4535 | * Load zone data from disk. | |
4463 | */ | 4536 | */ | |
4464 | for (view = ISC_LIST_HEAD(server->viewlist); | 4537 | for (view = ISC_LIST_HEAD(server->viewlist); | |
4465 | view != NULL; | 4538 | view != NULL; | |
4466 | view = ISC_LIST_NEXT(view, link)) | 4539 | view = ISC_LIST_NEXT(view, link)) | |
4467 | { | 4540 | { | |
4468 | CHECK(dns_view_load(view, stop)); | 4541 | CHECK(dns_view_load(view, stop)); | |
4542 | if (view->managed_keys != NULL) | |||
4543 | CHECK(dns_zone_load(view->managed_keys)); | |||
4469 | } | 4544 | } | |
4470 | 4545 | |||
4471 | /* | 4546 | /* | |
4472 | * Force zone maintenance. Do this after loading | 4547 | * Force zone maintenance. Do this after loading | |
4473 | * so that we know when we need to force AXFR of | 4548 | * so that we know when we need to force AXFR of | |
4474 | * slave zones whose master files are missing. | 4549 | * slave zones whose master files are missing. | |
4475 | */ | 4550 | */ | |
4476 | CHECK(dns_zonemgr_forcemaint(server->zonemgr)); | 4551 | CHECK(dns_zonemgr_forcemaint(server->zonemgr)); | |
4477 | cleanup: | 4552 | cleanup: | |
4478 | isc_task_endexclusive(server->task); | 4553 | isc_task_endexclusive(server->task); | |
4479 | return (result); | 4554 | return (result); | |
4480 | } | 4555 | } | |
4481 | 4556 | |||
@@ -4588,26 +4663,32 @@ shutdown_server(isc_task_t *task, isc_ev | @@ -4588,26 +4663,32 @@ shutdown_server(isc_task_t *task, isc_ev | |||
4588 | 4663 | |||
4589 | isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, | 4664 | isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, | |
4590 | ISC_LOG_INFO, "shutting down%s", | 4665 | ISC_LOG_INFO, "shutting down%s", | |
4591 | flush ? ": flushing changes" : ""); | 4666 | flush ? ": flushing changes" : ""); | |
4592 | 4667 | |||
4593 | ns_statschannels_shutdown(server); | 4668 | ns_statschannels_shutdown(server); | |
4594 | ns_controls_shutdown(server->controls); | 4669 | ns_controls_shutdown(server->controls); | |
4595 | end_reserved_dispatches(server, ISC_TRUE); | 4670 | end_reserved_dispatches(server, ISC_TRUE); | |
4596 | cleanup_session_key(server, server->mctx); | 4671 | cleanup_session_key(server, server->mctx); | |
4597 | 4672 | |||
4598 | cfg_obj_destroy(ns_g_parser, &ns_g_config); | 4673 | cfg_obj_destroy(ns_g_parser, &ns_g_config); | |
4599 | cfg_parser_destroy(&ns_g_parser); | 4674 | cfg_parser_destroy(&ns_g_parser); | |
4600 | 4675 | |||
4676 | if (nzf_config) { | |||
4677 | cfg_aclconfctx_destroy(&nzf_actx); | |||
4678 | cfg_obj_destroy(nzf_parser, &nzf_config); | |||
4679 | cfg_parser_destroy(&nzf_parser); | |||
4680 | } | |||
4681 | ||||
4601 | for (view = ISC_LIST_HEAD(server->viewlist); | 4682 | for (view = ISC_LIST_HEAD(server->viewlist); | |
4602 | view != NULL; | 4683 | view != NULL; | |
4603 | view = view_next) { | 4684 | view = view_next) { | |
4604 | view_next = ISC_LIST_NEXT(view, link); | 4685 | view_next = ISC_LIST_NEXT(view, link); | |
4605 | ISC_LIST_UNLINK(server->viewlist, view, link); | 4686 | ISC_LIST_UNLINK(server->viewlist, view, link); | |
4606 | if (flush) | 4687 | if (flush) | |
4607 | dns_view_flushanddetach(&view); | 4688 | dns_view_flushanddetach(&view); | |
4608 | else | 4689 | else | |
4609 | dns_view_detach(&view); | 4690 | dns_view_detach(&view); | |
4610 | } | 4691 | } | |
4611 | 4692 | |||
4612 | while ((nsc = ISC_LIST_HEAD(server->cachelist)) != NULL) { | 4693 | while ((nsc = ISC_LIST_HEAD(server->cachelist)) != NULL) { | |
4613 | ISC_LIST_UNLINK(server->cachelist, nsc, link); | 4694 | ISC_LIST_UNLINK(server->cachelist, nsc, link); | |
@@ -4730,32 +4811,35 @@ ns_server_create(isc_mem_t *mctx, ns_ser | @@ -4730,32 +4811,35 @@ ns_server_create(isc_mem_t *mctx, ns_ser | |||
4730 | server->zonestats = NULL; | 4811 | server->zonestats = NULL; | |
4731 | server->resolverstats = NULL; | 4812 | server->resolverstats = NULL; | |
4732 | server->sockstats = NULL; | 4813 | server->sockstats = NULL; | |
4733 | CHECKFATAL(isc_stats_create(server->mctx, &server->sockstats, | 4814 | CHECKFATAL(isc_stats_create(server->mctx, &server->sockstats, | |
4734 | isc_sockstatscounter_max), | 4815 | isc_sockstatscounter_max), | |
4735 | "isc_stats_create"); | 4816 | "isc_stats_create"); | |
4736 | isc_socketmgr_setstats(ns_g_socketmgr, server->sockstats); | 4817 | isc_socketmgr_setstats(ns_g_socketmgr, server->sockstats); | |
4737 | 4818 | |||
4738 | server->bindkeysfile = isc_mem_strdup(server->mctx, "bind.keys"); | 4819 | server->bindkeysfile = isc_mem_strdup(server->mctx, "bind.keys"); | |
4739 | CHECKFATAL(server->bindkeysfile == NULL ? ISC_R_NOMEMORY : | 4820 | CHECKFATAL(server->bindkeysfile == NULL ? ISC_R_NOMEMORY : | |
4740 | ISC_R_SUCCESS, | 4821 | ISC_R_SUCCESS, | |
4741 | "isc_mem_strdup"); | 4822 | "isc_mem_strdup"); | |
4742 | 4823 | |||
4743 | server->managedkeys = ISC_FALSE; | |||
4744 | ||||
4745 | server->dumpfile = isc_mem_strdup(server->mctx, "named_dump.db"); | 4824 | server->dumpfile = isc_mem_strdup(server->mctx, "named_dump.db"); | |
4746 | CHECKFATAL(server->dumpfile == NULL ? ISC_R_NOMEMORY : ISC_R_SUCCESS, | 4825 | CHECKFATAL(server->dumpfile == NULL ? ISC_R_NOMEMORY : ISC_R_SUCCESS, | |
4747 | "isc_mem_strdup"); | 4826 | "isc_mem_strdup"); | |
4748 | 4827 | |||
4828 | server->secrootsfile = isc_mem_strdup(server->mctx, "named.secroots"); | |||
4829 | CHECKFATAL(server->secrootsfile == NULL ? ISC_R_NOMEMORY : | |||
4830 | ISC_R_SUCCESS, | |||
4831 | "isc_mem_strdup"); | |||
4832 | ||||
4749 | server->recfile = isc_mem_strdup(server->mctx, "named.recursing"); | 4833 | server->recfile = isc_mem_strdup(server->mctx, "named.recursing"); | |
4750 | CHECKFATAL(server->recfile == NULL ? ISC_R_NOMEMORY : ISC_R_SUCCESS, | 4834 | CHECKFATAL(server->recfile == NULL ? ISC_R_NOMEMORY : ISC_R_SUCCESS, | |
4751 | "isc_mem_strdup"); | 4835 | "isc_mem_strdup"); | |
4752 | 4836 | |||
4753 | server->hostname_set = ISC_FALSE; | 4837 | server->hostname_set = ISC_FALSE; | |
4754 | server->hostname = NULL; | 4838 | server->hostname = NULL; | |
4755 | server->version_set = ISC_FALSE; | 4839 | server->version_set = ISC_FALSE; | |
4756 | server->version = NULL; | 4840 | server->version = NULL; | |
4757 | server->server_usehostname = ISC_FALSE; | 4841 | server->server_usehostname = ISC_FALSE; | |
4758 | server->server_id = NULL; | 4842 | server->server_id = NULL; | |
4759 | 4843 | |||
4760 | CHECKFATAL(isc_stats_create(ns_g_mctx, &server->nsstats, | 4844 | CHECKFATAL(isc_stats_create(ns_g_mctx, &server->nsstats, | |
4761 | dns_nsstatscounter_max), | 4845 | dns_nsstatscounter_max), | |
@@ -4806,26 +4890,27 @@ ns_server_destroy(ns_server_t **serverp) | @@ -4806,26 +4890,27 @@ ns_server_destroy(ns_server_t **serverp) | |||
4806 | 4890 | |||
4807 | ns_controls_destroy(&server->controls); | 4891 | ns_controls_destroy(&server->controls); | |
4808 | 4892 | |||
4809 | isc_stats_detach(&server->nsstats); | 4893 | isc_stats_detach(&server->nsstats); | |
4810 | dns_stats_detach(&server->rcvquerystats); | 4894 | dns_stats_detach(&server->rcvquerystats); | |
4811 | dns_stats_detach(&server->opcodestats); | 4895 | dns_stats_detach(&server->opcodestats); | |
4812 | isc_stats_detach(&server->zonestats); | 4896 | isc_stats_detach(&server->zonestats); | |
4813 | isc_stats_detach(&server->resolverstats); | 4897 | isc_stats_detach(&server->resolverstats); | |
4814 | isc_stats_detach(&server->sockstats); | 4898 | isc_stats_detach(&server->sockstats); | |
4815 | 4899 | |||
4816 | isc_mem_free(server->mctx, server->statsfile); | 4900 | isc_mem_free(server->mctx, server->statsfile); | |
4817 | isc_mem_free(server->mctx, server->bindkeysfile); | 4901 | isc_mem_free(server->mctx, server->bindkeysfile); | |
4818 | isc_mem_free(server->mctx, server->dumpfile); | 4902 | isc_mem_free(server->mctx, server->dumpfile); | |
4903 | isc_mem_free(server->mctx, server->secrootsfile); | |||
4819 | isc_mem_free(server->mctx, server->recfile); | 4904 | isc_mem_free(server->mctx, server->recfile); | |
4820 | 4905 | |||
4821 | if (server->version != NULL) | 4906 | if (server->version != NULL) | |
4822 | isc_mem_free(server->mctx, server->version); | 4907 | isc_mem_free(server->mctx, server->version); | |
4823 | if (server->hostname != NULL) | 4908 | if (server->hostname != NULL) | |
4824 | isc_mem_free(server->mctx, server->hostname); | 4909 | isc_mem_free(server->mctx, server->hostname); | |
4825 | if (server->server_id != NULL) | 4910 | if (server->server_id != NULL) | |
4826 | isc_mem_free(server->mctx, server->server_id); | 4911 | isc_mem_free(server->mctx, server->server_id); | |
4827 | 4912 | |||
4828 | dns_zonemgr_detach(&server->zonemgr); | 4913 | dns_zonemgr_detach(&server->zonemgr); | |
4829 | 4914 | |||
4830 | if (server->tkeyctx != NULL) | 4915 | if (server->tkeyctx != NULL) | |
4831 | dns_tkeyctx_destroy(&server->tkeyctx); | 4916 | dns_tkeyctx_destroy(&server->tkeyctx); | |
@@ -5057,50 +5142,54 @@ next_token(char **stringp, const char *d | @@ -5057,50 +5142,54 @@ next_token(char **stringp, const char *d | |||
5057 | res = strsep(stringp, delim); | 5142 | res = strsep(stringp, delim); | |
5058 | if (res == NULL) | 5143 | if (res == NULL) | |
5059 | break; | 5144 | break; | |
5060 | } while (*res == '\0'); | 5145 | } while (*res == '\0'); | |
5061 | return (res); | 5146 | return (res); | |
5062 | } | 5147 | } | |
5063 | 5148 | |||
5064 | /* | 5149 | /* | |
5065 | * Find the zone specified in the control channel command 'args', | 5150 | * Find the zone specified in the control channel command 'args', | |
5066 | * if any. If a zone is specified, point '*zonep' at it, otherwise | 5151 | * if any. If a zone is specified, point '*zonep' at it, otherwise | |
5067 | * set '*zonep' to NULL. | 5152 | * set '*zonep' to NULL. | |
5068 | */ | 5153 | */ | |
5069 | static isc_result_t | 5154 | static isc_result_t | |
5070 | zone_from_args(ns_server_t *server, char *args, dns_zone_t **zonep) { | 5155 | zone_from_args(ns_server_t *server, char *args, dns_zone_t **zonep, | |
5156 | const char **zonename) | |||
5157 | { | |||
5071 | char *input, *ptr; | 5158 | char *input, *ptr; | |
5072 | const char *zonetxt; | 5159 | const char *zonetxt; | |
5073 | char *classtxt; | 5160 | char *classtxt; | |
5074 | const char *viewtxt = NULL; | 5161 | const char *viewtxt = NULL; | |
5075 | dns_fixedname_t name; | 5162 | dns_fixedname_t name; | |
5076 | isc_result_t result; | 5163 | isc_result_t result; | |
5077 | isc_buffer_t buf; | 5164 | isc_buffer_t buf; | |
5078 | dns_view_t *view = NULL; | 5165 | dns_view_t *view = NULL; | |
5079 | dns_rdataclass_t rdclass; | 5166 | dns_rdataclass_t rdclass; | |
5080 | 5167 | |||
5081 | REQUIRE(zonep != NULL && *zonep == NULL); | 5168 | REQUIRE(zonep != NULL && *zonep == NULL); | |
5082 | 5169 | |||
5083 | input = args; | 5170 | input = args; | |
5084 | 5171 | |||
5085 | /* Skip the command name. */ | 5172 | /* Skip the command name. */ | |
5086 | ptr = next_token(&input, " \t"); | 5173 | ptr = next_token(&input, " \t"); | |
5087 | if (ptr == NULL) | 5174 | if (ptr == NULL) | |
5088 | return (ISC_R_UNEXPECTEDEND); | 5175 | return (ISC_R_UNEXPECTEDEND); | |
5089 | 5176 | |||
5090 | /* Look for the zone name. */ | 5177 | /* Look for the zone name. */ | |
5091 | zonetxt = next_token(&input, " \t"); | 5178 | zonetxt = next_token(&input, " \t"); | |
5092 | if (zonetxt == NULL) | 5179 | if (zonetxt == NULL) | |
5093 | return (ISC_R_SUCCESS); | 5180 | return (ISC_R_SUCCESS); | |
5181 | if (zonename) | |||
5182 | *zonename = zonetxt; | |||
5094 | 5183 | |||
5095 | /* Look for the optional class name. */ | 5184 | /* Look for the optional class name. */ | |
5096 | classtxt = next_token(&input, " \t"); | 5185 | classtxt = next_token(&input, " \t"); | |
5097 | if (classtxt != NULL) { | 5186 | if (classtxt != NULL) { | |
5098 | /* Look for the optional view name. */ | 5187 | /* Look for the optional view name. */ | |
5099 | viewtxt = next_token(&input, " \t"); | 5188 | viewtxt = next_token(&input, " \t"); | |
5100 | } | 5189 | } | |
5101 | 5190 | |||
5102 | isc_buffer_init(&buf, zonetxt, strlen(zonetxt)); | 5191 | isc_buffer_init(&buf, zonetxt, strlen(zonetxt)); | |
5103 | isc_buffer_add(&buf, strlen(zonetxt)); | 5192 | isc_buffer_add(&buf, strlen(zonetxt)); | |
5104 | dns_fixedname_init(&name); | 5193 | dns_fixedname_init(&name); | |
5105 | result = dns_name_fromtext(dns_fixedname_name(&name), | 5194 | result = dns_name_fromtext(dns_fixedname_name(&name), | |
5106 | &buf, dns_rootname, 0, NULL); | 5195 | &buf, dns_rootname, 0, NULL); | |
@@ -5126,64 +5215,66 @@ zone_from_args(ns_server_t *server, char | @@ -5126,64 +5215,66 @@ zone_from_args(ns_server_t *server, char | |||
5126 | result = dns_viewlist_find(&server->viewlist, viewtxt, | 5215 | result = dns_viewlist_find(&server->viewlist, viewtxt, | |
5127 | rdclass, &view); | 5216 | rdclass, &view); | |
5128 | if (result != ISC_R_SUCCESS) | 5217 | if (result != ISC_R_SUCCESS) | |
5129 | goto fail1; | 5218 | goto fail1; | |
5130 | 5219 | |||
5131 | result = dns_zt_find(view->zonetable, dns_fixedname_name(&name), | 5220 | result = dns_zt_find(view->zonetable, dns_fixedname_name(&name), | |
5132 | 0, NULL, zonep); | 5221 | 0, NULL, zonep); | |
5133 | dns_view_detach(&view); | 5222 | dns_view_detach(&view); | |
5134 | } | 5223 | } | |
5135 | 5224 | |||
5136 | /* Partial match? */ | 5225 | /* Partial match? */ | |
5137 | if (result != ISC_R_SUCCESS && *zonep != NULL) | 5226 | if (result != ISC_R_SUCCESS && *zonep != NULL) | |
5138 | dns_zone_detach(zonep); | 5227 | dns_zone_detach(zonep); | |
5228 | if (result == DNS_R_PARTIALMATCH) | |||
5229 | result = ISC_R_NOTFOUND; | |||
5139 | fail1: | 5230 | fail1: | |
5140 | return (result); | 5231 | return (result); | |
5141 | } | 5232 | } | |
5142 | 5233 | |||
5143 | /* | 5234 | /* | |
5144 | * Act on a "retransfer" command from the command channel. | 5235 | * Act on a "retransfer" command from the command channel. | |
5145 | */ | 5236 | */ | |
5146 | isc_result_t | 5237 | isc_result_t | |
5147 | ns_server_retransfercommand(ns_server_t *server, char *args) { | 5238 | ns_server_retransfercommand(ns_server_t *server, char *args) { | |
5148 | isc_result_t result; | 5239 | isc_result_t result; | |
5149 | dns_zone_t *zone = NULL; | 5240 | dns_zone_t *zone = NULL; | |
5150 | dns_zonetype_t type; | 5241 | dns_zonetype_t type; | |
5151 | 5242 | |||
5152 | result = zone_from_args(server, args, &zone); | 5243 | result = zone_from_args(server, args, &zone, NULL); | |
5153 | if (result != ISC_R_SUCCESS) | 5244 | if (result != ISC_R_SUCCESS) | |
5154 | return (result); | 5245 | return (result); | |
5155 | if (zone == NULL) | 5246 | if (zone == NULL) | |
5156 | return (ISC_R_UNEXPECTEDEND); | 5247 | return (ISC_R_UNEXPECTEDEND); | |
5157 | type = dns_zone_gettype(zone); | 5248 | type = dns_zone_gettype(zone); | |
5158 | if (type == dns_zone_slave || type == dns_zone_stub) | 5249 | if (type == dns_zone_slave || type == dns_zone_stub) | |
5159 | dns_zone_forcereload(zone); | 5250 | dns_zone_forcereload(zone); | |
5160 | else | 5251 | else | |
5161 | result = ISC_R_NOTFOUND; | 5252 | result = ISC_R_NOTFOUND; | |
5162 | dns_zone_detach(&zone); | 5253 | dns_zone_detach(&zone); | |
5163 | return (result); | 5254 | return (result); | |
5164 | } | 5255 | } | |
5165 | 5256 | |||
5166 | /* | 5257 | /* | |
5167 | * Act on a "reload" command from the command channel. | 5258 | * Act on a "reload" command from the command channel. | |
5168 | */ | 5259 | */ | |
5169 | isc_result_t | 5260 | isc_result_t | |
5170 | ns_server_reloadcommand(ns_server_t *server, char *args, isc_buffer_t *text) { | 5261 | ns_server_reloadcommand(ns_server_t *server, char *args, isc_buffer_t *text) { | |
5171 | isc_result_t result; | 5262 | isc_result_t result; | |
5172 | dns_zone_t *zone = NULL; | 5263 | dns_zone_t *zone = NULL; | |
5173 | dns_zonetype_t type; | 5264 | dns_zonetype_t type; | |
5174 | const char *msg = NULL; | 5265 | const char *msg = NULL; | |
5175 | 5266 | |||
5176 | result = zone_from_args(server, args, &zone); | 5267 | result = zone_from_args(server, args, &zone, NULL); | |
5177 | if (result != ISC_R_SUCCESS) | 5268 | if (result != ISC_R_SUCCESS) | |
5178 | return (result); | 5269 | return (result); | |
5179 | if (zone == NULL) { | 5270 | if (zone == NULL) { | |
5180 | result = reload(server); | 5271 | result = reload(server); | |
5181 | if (result == ISC_R_SUCCESS) | 5272 | if (result == ISC_R_SUCCESS) | |
5182 | msg = "server reload successful"; | 5273 | msg = "server reload successful"; | |
5183 | } else { | 5274 | } else { | |
5184 | type = dns_zone_gettype(zone); | 5275 | type = dns_zone_gettype(zone); | |
5185 | if (type == dns_zone_slave || type == dns_zone_stub) { | 5276 | if (type == dns_zone_slave || type == dns_zone_stub) { | |
5186 | dns_zone_refresh(zone); | 5277 | dns_zone_refresh(zone); | |
5187 | dns_zone_detach(&zone); | 5278 | dns_zone_detach(&zone); | |
5188 | msg = "zone refresh queued"; | 5279 | msg = "zone refresh queued"; | |
5189 | } else { | 5280 | } else { | |
@@ -5223,52 +5314,52 @@ ns_server_reconfigcommand(ns_server_t *s | @@ -5223,52 +5314,52 @@ ns_server_reconfigcommand(ns_server_t *s | |||
5223 | reconfig(server); | 5314 | reconfig(server); | |
5224 | return (ISC_R_SUCCESS); | 5315 | return (ISC_R_SUCCESS); | |
5225 | } | 5316 | } | |
5226 | 5317 | |||
5227 | /* | 5318 | /* | |
5228 | * Act on a "notify" command from the command channel. | 5319 | * Act on a "notify" command from the command channel. | |
5229 | */ | 5320 | */ | |
5230 | isc_result_t | 5321 | isc_result_t | |
5231 | ns_server_notifycommand(ns_server_t *server, char *args, isc_buffer_t *text) { | 5322 | ns_server_notifycommand(ns_server_t *server, char *args, isc_buffer_t *text) { | |
5232 | isc_result_t result; | 5323 | isc_result_t result; | |
5233 | dns_zone_t *zone = NULL; | 5324 | dns_zone_t *zone = NULL; | |
5234 | const unsigned char msg[] = "zone notify queued"; | 5325 | const unsigned char msg[] = "zone notify queued"; | |
5235 | 5326 | |||
5236 | result = zone_from_args(server, args, &zone); | 5327 | result = zone_from_args(server, args, &zone, NULL); | |
5237 | if (result != ISC_R_SUCCESS) | 5328 | if (result != ISC_R_SUCCESS) | |
5238 | return (result); | 5329 | return (result); | |
5239 | if (zone == NULL) | 5330 | if (zone == NULL) | |
5240 | return (ISC_R_UNEXPECTEDEND); | 5331 | return (ISC_R_UNEXPECTEDEND); | |
5241 | 5332 | |||
5242 | dns_zone_notify(zone); | 5333 | dns_zone_notify(zone); | |
5243 | dns_zone_detach(&zone); | 5334 | dns_zone_detach(&zone); | |
5244 | if (sizeof(msg) <= isc_buffer_availablelength(text)) | 5335 | if (sizeof(msg) <= isc_buffer_availablelength(text)) | |
5245 | isc_buffer_putmem(text, msg, sizeof(msg)); | 5336 | isc_buffer_putmem(text, msg, sizeof(msg)); | |
5246 | 5337 | |||
5247 | return (ISC_R_SUCCESS); | 5338 | return (ISC_R_SUCCESS); | |
5248 | } | 5339 | } | |
5249 | 5340 | |||
5250 | /* | 5341 | /* | |
5251 | * Act on a "refresh" command from the command channel. | 5342 | * Act on a "refresh" command from the command channel. | |
5252 | */ | 5343 | */ | |
5253 | isc_result_t | 5344 | isc_result_t | |
5254 | ns_server_refreshcommand(ns_server_t *server, char *args, isc_buffer_t *text) { | 5345 | ns_server_refreshcommand(ns_server_t *server, char *args, isc_buffer_t *text) { | |
5255 | isc_result_t result; | 5346 | isc_result_t result; | |
5256 | dns_zone_t *zone = NULL; | 5347 | dns_zone_t *zone = NULL; | |
5257 | const unsigned char msg1[] = "zone refresh queued"; | 5348 | const unsigned char msg1[] = "zone refresh queued"; | |
5258 | const unsigned char msg2[] = "not a slave or stub zone"; | 5349 | const unsigned char msg2[] = "not a slave or stub zone"; | |
5259 | dns_zonetype_t type; | 5350 | dns_zonetype_t type; | |
5260 | 5351 | |||
5261 | result = zone_from_args(server, args, &zone); | 5352 | result = zone_from_args(server, args, &zone, NULL); | |
5262 | if (result != ISC_R_SUCCESS) | 5353 | if (result != ISC_R_SUCCESS) | |
5263 | return (result); | 5354 | return (result); | |
5264 | if (zone == NULL) | 5355 | if (zone == NULL) | |
5265 | return (ISC_R_UNEXPECTEDEND); | 5356 | return (ISC_R_UNEXPECTEDEND); | |
5266 | 5357 | |||
5267 | type = dns_zone_gettype(zone); | 5358 | type = dns_zone_gettype(zone); | |
5268 | if (type == dns_zone_slave || type == dns_zone_stub) { | 5359 | if (type == dns_zone_slave || type == dns_zone_stub) { | |
5269 | dns_zone_refresh(zone); | 5360 | dns_zone_refresh(zone); | |
5270 | dns_zone_detach(&zone); | 5361 | dns_zone_detach(&zone); | |
5271 | if (sizeof(msg1) <= isc_buffer_availablelength(text)) | 5362 | if (sizeof(msg1) <= isc_buffer_availablelength(text)) | |
5272 | isc_buffer_putmem(text, msg1, sizeof(msg1)); | 5363 | isc_buffer_putmem(text, msg1, sizeof(msg1)); | |
5273 | return (ISC_R_SUCCESS); | 5364 | return (ISC_R_SUCCESS); | |
5274 | } | 5365 | } | |
@@ -5521,26 +5612,28 @@ dumpdone(void *arg, isc_result_t result) | @@ -5521,26 +5612,28 @@ dumpdone(void *arg, isc_result_t result) | |||
5521 | dumpdone, dctx, | 5612 | dumpdone, dctx, | |
5522 | &dctx->mdctx); | 5613 | &dctx->mdctx); | |
5523 | if (result == DNS_R_CONTINUE) | 5614 | if (result == DNS_R_CONTINUE) | |
5524 | return; | 5615 | return; | |
5525 | if (result == ISC_R_NOTIMPLEMENTED) | 5616 | if (result == ISC_R_NOTIMPLEMENTED) | |
5526 | fprintf(dctx->fp, "; %s\n", | 5617 | fprintf(dctx->fp, "; %s\n", | |
5527 | dns_result_totext(result)); | 5618 | dns_result_totext(result)); | |
5528 | else if (result != ISC_R_SUCCESS) | 5619 | else if (result != ISC_R_SUCCESS) | |
5529 | goto cleanup; | 5620 | goto cleanup; | |
5530 | } | 5621 | } | |
5531 | } | 5622 | } | |
5532 | if (dctx->cache != NULL) { | 5623 | if (dctx->cache != NULL) { | |
5533 | dns_adb_dump(dctx->view->view->adb, dctx->fp); | 5624 | dns_adb_dump(dctx->view->view->adb, dctx->fp); | |
5625 | dns_resolver_printbadcache(dctx->view->view->resolver, | |||
5626 | dctx->fp); | |||
5534 | dns_db_detach(&dctx->cache); | 5627 | dns_db_detach(&dctx->cache); | |
5535 | } | 5628 | } | |
5536 | if (dctx->dumpzones) { | 5629 | if (dctx->dumpzones) { | |
5537 | style = &dns_master_style_full; | 5630 | style = &dns_master_style_full; | |
5538 | nextzone: | 5631 | nextzone: | |
5539 | if (dctx->version != NULL) | 5632 | if (dctx->version != NULL) | |
5540 | dns_db_closeversion(dctx->db, &dctx->version, | 5633 | dns_db_closeversion(dctx->db, &dctx->version, | |
5541 | ISC_FALSE); | 5634 | ISC_FALSE); | |
5542 | if (dctx->db != NULL) | 5635 | if (dctx->db != NULL) | |
5543 | dns_db_detach(&dctx->db); | 5636 | dns_db_detach(&dctx->db); | |
5544 | if (dctx->zone == NULL) | 5637 | if (dctx->zone == NULL) | |
5545 | dctx->zone = ISC_LIST_HEAD(dctx->view->zonelist); | 5638 | dctx->zone = ISC_LIST_HEAD(dctx->view->zonelist); | |
5546 | else | 5639 | else | |
@@ -5663,26 +5756,88 @@ ns_server_dumpdb(ns_server_t *server, ch | @@ -5663,26 +5756,88 @@ ns_server_dumpdb(ns_server_t *server, ch | |||
5663 | if (ptr != NULL) | 5756 | if (ptr != NULL) | |
5664 | goto nextview; | 5757 | goto nextview; | |
5665 | } | 5758 | } | |
5666 | dumpdone(dctx, ISC_R_SUCCESS); | 5759 | dumpdone(dctx, ISC_R_SUCCESS); | |
5667 | return (ISC_R_SUCCESS); | 5760 | return (ISC_R_SUCCESS); | |
5668 | 5761 | |||
5669 | cleanup: | 5762 | cleanup: | |
5670 | if (dctx != NULL) | 5763 | if (dctx != NULL) | |
5671 | dumpcontext_destroy(dctx); | 5764 | dumpcontext_destroy(dctx); | |
5672 | return (result); | 5765 | return (result); | |
5673 | } | 5766 | } | |
5674 | 5767 | |||
5675 | isc_result_t | 5768 | isc_result_t | |
5769 | ns_server_dumpsecroots(ns_server_t *server, char *args) { | |||
5770 | dns_view_t *view; | |||
5771 | dns_keytable_t *secroots = NULL; | |||
5772 | isc_result_t result; | |||
5773 | char *ptr; | |||
5774 | FILE *fp = NULL; | |||
5775 | isc_time_t now; | |||
5776 | char tbuf[64]; | |||
5777 | ||||
5778 | /* Skip the command name. */ | |||
5779 | ptr = next_token(&args, " \t"); | |||
5780 | if (ptr == NULL) | |||
5781 | return (ISC_R_UNEXPECTEDEND); | |||
5782 | ptr = next_token(&args, " \t"); | |||
5783 | ||||
5784 | CHECKMF(isc_stdio_open(server->secrootsfile, "w", &fp), | |||
5785 | "could not open secroots dump file", server->secrootsfile); | |||
5786 | TIME_NOW(&now); | |||
5787 | isc_time_formattimestamp(&now, tbuf, sizeof(tbuf)); | |||
5788 | fprintf(fp, "%s\n", tbuf); | |||
5789 | ||||
5790 | nextview: | |||
5791 | for (view = ISC_LIST_HEAD(server->viewlist); | |||
5792 | view != NULL; | |||
5793 | view = ISC_LIST_NEXT(view, link)) | |||
5794 | { | |||
5795 | if (ptr != NULL && strcmp(view->name, ptr) != 0) | |||
5796 | continue; | |||
5797 | if (secroots != NULL) | |||
5798 | dns_keytable_detach(&secroots); | |||
5799 | result = dns_view_getsecroots(view, &secroots); | |||
5800 | if (result == ISC_R_NOTFOUND) { | |||
5801 | result = ISC_R_SUCCESS; | |||
5802 | continue; | |||
5803 | } | |||
5804 | fprintf(fp, "\n Start view %s\n\n", view->name); | |||
5805 | CHECK(dns_keytable_dump(secroots, fp)); | |||
5806 | } | |||
5807 | if (ptr != NULL) { | |||
5808 | ptr = next_token(&args, " \t"); | |||
5809 | if (ptr != NULL) | |||
5810 | goto nextview; | |||
5811 | } | |||
5812 | ||||
5813 | cleanup: | |||
5814 | if (secroots != NULL) | |||
5815 | dns_keytable_detach(&secroots); | |||
5816 | if (fp != NULL) | |||
5817 | (void)isc_stdio_close(fp); | |||
5818 | if (result == ISC_R_SUCCESS) | |||
5819 | isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, | |||
5820 | NS_LOGMODULE_SERVER, ISC_LOG_INFO, | |||
5821 | "dumpsecroots complete"); | |||
5822 | else | |||
5823 | isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, | |||
5824 | NS_LOGMODULE_SERVER, ISC_LOG_ERROR, | |||
5825 | "dumpsecroots failed: %s", | |||
5826 | dns_result_totext(result)); | |||
5827 | return (result); | |||
5828 | } | |||
5829 | ||||
5830 | isc_result_t | |||
5676 | ns_server_dumprecursing(ns_server_t *server) { | 5831 | ns_server_dumprecursing(ns_server_t *server) { | |
5677 | FILE *fp = NULL; | 5832 | FILE *fp = NULL; | |
5678 | isc_result_t result; | 5833 | isc_result_t result; | |
5679 | 5834 | |||
5680 | CHECKMF(isc_stdio_open(server->recfile, "w", &fp), | 5835 | CHECKMF(isc_stdio_open(server->recfile, "w", &fp), | |
5681 | "could not open dump file", server->recfile); | 5836 | "could not open dump file", server->recfile); | |
5682 | fprintf(fp,";\n; Recursing Queries\n;\n"); | 5837 | fprintf(fp,";\n; Recursing Queries\n;\n"); | |
5683 | ns_interfacemgr_dumprecursing(fp, server->interfacemgr); | 5838 | ns_interfacemgr_dumprecursing(fp, server->interfacemgr); | |
5684 | fprintf(fp, "; Dump complete\n"); | 5839 | fprintf(fp, "; Dump complete\n"); | |
5685 | 5840 | |||
5686 | cleanup: | 5841 | cleanup: | |
5687 | if (fp != NULL) | 5842 | if (fp != NULL) | |
5688 | result = isc_stdio_close(fp); | 5843 | result = isc_stdio_close(fp); | |
@@ -6145,30 +6300,28 @@ ns_server_tsigdelete(ns_server_t *server | @@ -6145,30 +6300,28 @@ ns_server_tsigdelete(ns_server_t *server | |||
6145 | RWUNLOCK(&view->dynamickeys->lock, | 6300 | RWUNLOCK(&view->dynamickeys->lock, | |
6146 | isc_rwlocktype_write); | 6301 | isc_rwlocktype_write); | |
6147 | if (result != ISC_R_SUCCESS) { | 6302 | if (result != ISC_R_SUCCESS) { | |
6148 | isc_task_endexclusive(server->task); | 6303 | isc_task_endexclusive(server->task); | |
6149 | return (result); | 6304 | return (result); | |
6150 | } | 6305 | } | |
6151 | } | 6306 | } | |
6152 | } | 6307 | } | |
6153 | isc_task_endexclusive(server->task); | 6308 | isc_task_endexclusive(server->task); | |
6154 | 6309 | |||
6155 | n = snprintf((char *)isc_buffer_used(text), | 6310 | n = snprintf((char *)isc_buffer_used(text), | |
6156 | isc_buffer_availablelength(text), | 6311 | isc_buffer_availablelength(text), | |
6157 | "%d tsig keys deleted.\n", foundkeys); | 6312 | "%d tsig keys deleted.\n", foundkeys); | |
6158 | if (n >= isc_buffer_availablelength(text)) { | 6313 | if (n >= isc_buffer_availablelength(text)) | |
6159 | isc_task_endexclusive(server->task); | |||
6160 | return (ISC_R_NOSPACE); | 6314 | return (ISC_R_NOSPACE); | |
6161 | } | |||
6162 | isc_buffer_add(text, n); | 6315 | isc_buffer_add(text, n); | |
6163 | 6316 | |||
6164 | return (ISC_R_SUCCESS); | 6317 | return (ISC_R_SUCCESS); | |
6165 | } | 6318 | } | |
6166 | 6319 | |||
6167 | static isc_result_t | 6320 | static isc_result_t | |
6168 | list_keynames(dns_view_t *view, dns_tsig_keyring_t *ring, isc_buffer_t *text, | 6321 | list_keynames(dns_view_t *view, dns_tsig_keyring_t *ring, isc_buffer_t *text, | |
6169 | unsigned int *foundkeys) | 6322 | unsigned int *foundkeys) | |
6170 | { | 6323 | { | |
6171 | char namestr[DNS_NAME_FORMATSIZE]; | 6324 | char namestr[DNS_NAME_FORMATSIZE]; | |
6172 | char creatorstr[DNS_NAME_FORMATSIZE]; | 6325 | char creatorstr[DNS_NAME_FORMATSIZE]; | |
6173 | isc_result_t result; | 6326 | isc_result_t result; | |
6174 | dns_rbtnodechain_t chain; | 6327 | dns_rbtnodechain_t chain; | |
@@ -6264,87 +6417,85 @@ ns_server_tsiglist(ns_server_t *server, | @@ -6264,87 +6417,85 @@ ns_server_tsiglist(ns_server_t *server, | |||
6264 | &foundkeys); | 6417 | &foundkeys); | |
6265 | RWUNLOCK(&view->dynamickeys->lock, isc_rwlocktype_read); | 6418 | RWUNLOCK(&view->dynamickeys->lock, isc_rwlocktype_read); | |
6266 | if (result != ISC_R_SUCCESS) { | 6419 | if (result != ISC_R_SUCCESS) { | |
6267 | isc_task_endexclusive(server->task); | 6420 | isc_task_endexclusive(server->task); | |
6268 | return (result); | 6421 | return (result); | |
6269 | } | 6422 | } | |
6270 | } | 6423 | } | |
6271 | isc_task_endexclusive(server->task); | 6424 | isc_task_endexclusive(server->task); | |
6272 | 6425 | |||
6273 | if (foundkeys == 0) { | 6426 | if (foundkeys == 0) { | |
6274 | n = snprintf((char *)isc_buffer_used(text), | 6427 | n = snprintf((char *)isc_buffer_used(text), | |
6275 | isc_buffer_availablelength(text), | 6428 | isc_buffer_availablelength(text), | |
6276 | "no tsig keys found.\n"); | 6429 | "no tsig keys found.\n"); | |
6277 | if (n >= isc_buffer_availablelength(text)) { | 6430 | if (n >= isc_buffer_availablelength(text)) | |
6278 | isc_task_endexclusive(server->task); | |||
6279 | return (ISC_R_NOSPACE); | 6431 | return (ISC_R_NOSPACE); | |
6280 | } | |||
6281 | isc_buffer_add(text, n); | 6432 | isc_buffer_add(text, n); | |
6282 | } | 6433 | } | |
6283 | 6434 | |||
6284 | return (ISC_R_SUCCESS); | 6435 | return (ISC_R_SUCCESS); | |
6285 | } | 6436 | } | |
6286 | 6437 | |||
6287 | /* | 6438 | /* | |
6288 | * Act on a "sign" command from the command channel. | 6439 | * Act on a "sign" command from the command channel. | |
6289 | */ | 6440 | */ | |
6290 | isc_result_t | 6441 | isc_result_t | |
6291 | ns_server_sign(ns_server_t *server, char *args) { | 6442 | ns_server_sign(ns_server_t *server, char *args) { | |
6292 | isc_result_t result; | 6443 | isc_result_t result; | |
6293 | dns_zone_t *zone = NULL; | 6444 | dns_zone_t *zone = NULL; | |
6294 | dns_zonetype_t type; | 6445 | dns_zonetype_t type; | |
6295 | isc_uint16_t keyopts; | 6446 | isc_uint16_t keyopts; | |
6296 | 6447 | |||
6297 | result = zone_from_args(server, args, &zone); | 6448 | result = zone_from_args(server, args, &zone, NULL); | |
6298 | if (result != ISC_R_SUCCESS) | 6449 | if (result != ISC_R_SUCCESS) | |
6299 | return (result); | 6450 | return (result); | |
6300 | if (zone == NULL) | 6451 | if (zone == NULL) | |
6301 | return (ISC_R_UNEXPECTEDEND); /* XXX: or do all zones? */ | 6452 | return (ISC_R_UNEXPECTEDEND); /* XXX: or do all zones? */ | |
6302 | 6453 | |||
6303 | type = dns_zone_gettype(zone); | 6454 | type = dns_zone_gettype(zone); | |
6304 | if (type != dns_zone_master) { | 6455 | if (type != dns_zone_master) { | |
6305 | dns_zone_detach(&zone); | 6456 | dns_zone_detach(&zone); | |
6306 | return (DNS_R_NOTMASTER); | 6457 | return (DNS_R_NOTMASTER); | |
6307 | } | 6458 | } | |
6308 | 6459 | |||
6309 | keyopts = dns_zone_getkeyopts(zone); | 6460 | keyopts = dns_zone_getkeyopts(zone); | |
6310 | if ((keyopts & DNS_ZONEKEY_ALLOW) != 0) | 6461 | if ((keyopts & DNS_ZONEKEY_ALLOW) != 0) | |
6311 | result = dns_zone_rekey(zone); | 6462 | dns_zone_rekey(zone); | |
6312 | else | 6463 | else | |
6313 | result = ISC_R_NOPERM; | 6464 | result = ISC_R_NOPERM; | |
6314 | 6465 | |||
6315 | dns_zone_detach(&zone); | 6466 | dns_zone_detach(&zone); | |
6316 | return (result); | 6467 | return (result); | |
6317 | } | 6468 | } | |
6318 | 6469 | |||
6319 | /* | 6470 | /* | |
6320 | * Act on a "freeze" or "thaw" command from the command channel. | 6471 | * Act on a "freeze" or "thaw" command from the command channel. | |
6321 | */ | 6472 | */ | |
6322 | isc_result_t | 6473 | isc_result_t | |
6323 | ns_server_freeze(ns_server_t *server, isc_boolean_t freeze, char *args, | 6474 | ns_server_freeze(ns_server_t *server, isc_boolean_t freeze, char *args, | |
6324 | isc_buffer_t *text) | 6475 | isc_buffer_t *text) | |
6325 | { | 6476 | { | |
6326 | isc_result_t result, tresult; | 6477 | isc_result_t result, tresult; | |
6327 | dns_zone_t *zone = NULL; | 6478 | dns_zone_t *zone = NULL; | |
6328 | dns_zonetype_t type; | 6479 | dns_zonetype_t type; | |
6329 | char classstr[DNS_RDATACLASS_FORMATSIZE]; | 6480 | char classstr[DNS_RDATACLASS_FORMATSIZE]; | |
6330 | char zonename[DNS_NAME_FORMATSIZE]; | 6481 | char zonename[DNS_NAME_FORMATSIZE]; | |
6331 | dns_view_t *view; | 6482 | dns_view_t *view; | |
6332 | char *journal; | 6483 | char *journal; | |
6333 | const char *vname, *sep; | 6484 | const char *vname, *sep; | |
6334 | isc_boolean_t frozen; | 6485 | isc_boolean_t frozen; | |
6335 | const char *msg = NULL; | 6486 | const char *msg = NULL; | |
6336 | 6487 | |||
6337 | result = zone_from_args(server, args, &zone); | 6488 | result = zone_from_args(server, args, &zone, NULL); | |
6338 | if (result != ISC_R_SUCCESS) | 6489 | if (result != ISC_R_SUCCESS) | |
6339 | return (result); | 6490 | return (result); | |
6340 | if (zone == NULL) { | 6491 | if (zone == NULL) { | |
6341 | result = isc_task_beginexclusive(server->task); | 6492 | result = isc_task_beginexclusive(server->task); | |
6342 | RUNTIME_CHECK(result == ISC_R_SUCCESS); | 6493 | RUNTIME_CHECK(result == ISC_R_SUCCESS); | |
6343 | tresult = ISC_R_SUCCESS; | 6494 | tresult = ISC_R_SUCCESS; | |
6344 | for (view = ISC_LIST_HEAD(server->viewlist); | 6495 | for (view = ISC_LIST_HEAD(server->viewlist); | |
6345 | view != NULL; | 6496 | view != NULL; | |
6346 | view = ISC_LIST_NEXT(view, link)) { | 6497 | view = ISC_LIST_NEXT(view, link)) { | |
6347 | result = dns_view_freezezones(view, freeze); | 6498 | result = dns_view_freezezones(view, freeze); | |
6348 | if (result != ISC_R_SUCCESS && | 6499 | if (result != ISC_R_SUCCESS && | |
6349 | tresult == ISC_R_SUCCESS) | 6500 | tresult == ISC_R_SUCCESS) | |
6350 | tresult = result; | 6501 | tresult = result; | |
@@ -6353,26 +6504,28 @@ ns_server_freeze(ns_server_t *server, is | @@ -6353,26 +6504,28 @@ ns_server_freeze(ns_server_t *server, is | |||
6353 | isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, | 6504 | isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, | |
6354 | NS_LOGMODULE_SERVER, ISC_LOG_INFO, | 6505 | NS_LOGMODULE_SERVER, ISC_LOG_INFO, | |
6355 | "%s all zones: %s", | 6506 | "%s all zones: %s", | |
6356 | freeze ? "freezing" : "thawing", | 6507 | freeze ? "freezing" : "thawing", | |
6357 | isc_result_totext(tresult)); | 6508 | isc_result_totext(tresult)); | |
6358 | return (tresult); | 6509 | return (tresult); | |
6359 | } | 6510 | } | |
6360 | type = dns_zone_gettype(zone); | 6511 | type = dns_zone_gettype(zone); | |
6361 | if (type != dns_zone_master) { | 6512 | if (type != dns_zone_master) { | |
6362 | dns_zone_detach(&zone); | 6513 | dns_zone_detach(&zone); | |
6363 | return (DNS_R_NOTMASTER); | 6514 | return (DNS_R_NOTMASTER); | |
6364 | } | 6515 | } | |
6365 | 6516 | |||
6517 | result = isc_task_beginexclusive(server->task); | |||
6518 | RUNTIME_CHECK(result == ISC_R_SUCCESS); | |||
6366 | frozen = dns_zone_getupdatedisabled(zone); | 6519 | frozen = dns_zone_getupdatedisabled(zone); | |
6367 | if (freeze) { | 6520 | if (freeze) { | |
6368 | if (frozen) { | 6521 | if (frozen) { | |
6369 | msg = "WARNING: The zone was already frozen.\n" | 6522 | msg = "WARNING: The zone was already frozen.\n" | |
6370 | "Someone else may be editing it or " | 6523 | "Someone else may be editing it or " | |
6371 | "it may still be re-loading."; | 6524 | "it may still be re-loading."; | |
6372 | result = DNS_R_FROZEN; | 6525 | result = DNS_R_FROZEN; | |
6373 | } | 6526 | } | |
6374 | if (result == ISC_R_SUCCESS) { | 6527 | if (result == ISC_R_SUCCESS) { | |
6375 | result = dns_zone_flush(zone); | 6528 | result = dns_zone_flush(zone); | |
6376 | if (result != ISC_R_SUCCESS) | 6529 | if (result != ISC_R_SUCCESS) | |
6377 | msg = "Flushing the zone updates to " | 6530 | msg = "Flushing the zone updates to " | |
6378 | "disk failed."; | 6531 | "disk failed."; | |
@@ -6392,35 +6545,35 @@ ns_server_freeze(ns_server_t *server, is | @@ -6392,35 +6545,35 @@ ns_server_freeze(ns_server_t *server, is | |||
6392 | case DNS_R_UPTODATE: | 6545 | case DNS_R_UPTODATE: | |
6393 | msg = "The zone reload and thaw was " | 6546 | msg = "The zone reload and thaw was " | |
6394 | "successful."; | 6547 | "successful."; | |
6395 | result = ISC_R_SUCCESS; | 6548 | result = ISC_R_SUCCESS; | |
6396 | break; | 6549 | break; | |
6397 | case DNS_R_CONTINUE: | 6550 | case DNS_R_CONTINUE: | |
6398 | msg = "A zone reload and thaw was started.\n" | 6551 | msg = "A zone reload and thaw was started.\n" | |
6399 | "Check the logs to see the result."; | 6552 | "Check the logs to see the result."; | |
6400 | result = ISC_R_SUCCESS; | 6553 | result = ISC_R_SUCCESS; | |
6401 | break; | 6554 | break; | |
6402 | } | 6555 | } | |
6403 | } | 6556 | } | |
6404 | } | 6557 | } | |
6558 | isc_task_endexclusive(server->task); | |||
6405 | 6559 | |||
6406 | if (msg != NULL && strlen(msg) < isc_buffer_availablelength(text)) | 6560 | if (msg != NULL && strlen(msg) < isc_buffer_availablelength(text)) | |
6407 | isc_buffer_putmem(text, (const unsigned char *)msg, | 6561 | isc_buffer_putmem(text, (const unsigned char *)msg, | |
6408 | strlen(msg) + 1); | 6562 | strlen(msg) + 1); | |
6409 | 6563 | |||
6410 | view = dns_zone_getview(zone); | 6564 | view = dns_zone_getview(zone); | |
6411 | if (strcmp(view->name, "_default") == 0 || | 6565 | if (strcmp(view->name, "_default") == 0 || | |
6412 | strcmp(view->name, "_bind") == 0 || | 6566 | strcmp(view->name, "_bind") == 0) | |
6413 | strcmp(view->name, "_meta")) | |||
6414 | { | 6567 | { | |
6415 | vname = ""; | 6568 | vname = ""; | |
6416 | sep = ""; | 6569 | sep = ""; | |
6417 | } else { | 6570 | } else { | |
6418 | vname = view->name; | 6571 | vname = view->name; | |
6419 | sep = " "; | 6572 | sep = " "; | |
6420 | } | 6573 | } | |
6421 | dns_rdataclass_format(dns_zone_getclass(zone), classstr, | 6574 | dns_rdataclass_format(dns_zone_getclass(zone), classstr, | |
6422 | sizeof(classstr)); | 6575 | sizeof(classstr)); | |
6423 | dns_name_format(dns_zone_getorigin(zone), | 6576 | dns_name_format(dns_zone_getorigin(zone), | |
6424 | zonename, sizeof(zonename)); | 6577 | zonename, sizeof(zonename)); | |
6425 | isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, | 6578 | isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, | |
6426 | NS_LOGMODULE_SERVER, ISC_LOG_INFO, | 6579 | NS_LOGMODULE_SERVER, ISC_LOG_INFO, | |
@@ -6440,13 +6593,516 @@ ns_server_freeze(ns_server_t *server, is | @@ -6440,13 +6593,516 @@ ns_server_freeze(ns_server_t *server, is | |||
6440 | isc_result_t | 6593 | isc_result_t | |
6441 | ns_smf_add_message(isc_buffer_t *text) { | 6594 | ns_smf_add_message(isc_buffer_t *text) { | |
6442 | unsigned int n; | 6595 | unsigned int n; | |
6443 | 6596 | |||
6444 | n = snprintf((char *)isc_buffer_used(text), | 6597 | n = snprintf((char *)isc_buffer_used(text), | |
6445 | isc_buffer_availablelength(text), | 6598 | isc_buffer_availablelength(text), | |
6446 | "use svcadm(1M) to manage named"); | 6599 | "use svcadm(1M) to manage named"); | |
6447 | if (n >= isc_buffer_availablelength(text)) | 6600 | if (n >= isc_buffer_availablelength(text)) | |
6448 | return (ISC_R_NOSPACE); | 6601 | return (ISC_R_NOSPACE); | |
6449 | isc_buffer_add(text, n); | 6602 | isc_buffer_add(text, n); | |
6450 | return (ISC_R_SUCCESS); | 6603 | return (ISC_R_SUCCESS); | |
6451 | } | 6604 | } | |
6452 | #endif /* HAVE_LIBSCF */ | 6605 | #endif /* HAVE_LIBSCF */ | |
6606 | ||||
6607 | /* | |||
6608 | * Act on an "addzone" command from the command channel. | |||
6609 | */ | |||
6610 | isc_result_t | |||
6611 | ns_server_add_zone(ns_server_t *server, char *args) { | |||
6612 | isc_result_t result; | |||
6613 | isc_buffer_t argbuf; | |||
6614 | size_t arglen, len; | |||
6615 | cfg_parser_t *parser = NULL; | |||
6616 | cfg_obj_t *config = NULL; | |||
6617 | const cfg_obj_t *vconfig = NULL; | |||
6618 | const cfg_obj_t *views = NULL; | |||
6619 | const cfg_listelt_t *element; | |||
6620 | const cfg_obj_t *parms = NULL; | |||
6621 | const cfg_obj_t *obj = NULL; | |||
6622 | const char *zonename; | |||
6623 | const char *classname = NULL; | |||
6624 | const char *argp; | |||
6625 | const char *viewname = NULL; | |||
6626 | dns_rdataclass_t rdclass; | |||
6627 | dns_view_t *view = 0; | |||
6628 | isc_buffer_t buf, *nbuf = NULL; | |||
6629 | dns_name_t dnsname; | |||
6630 | const char *filename = 0; | |||
6631 | const char *filepart = NULL; | |||
6632 | char fnamebuf[512]; | |||
6633 | struct stat sb; | |||
6634 | dns_zone_t *zone = NULL; | |||
6635 | FILE *fp = NULL; | |||
6636 | ||||
6637 | /* Are we accepting new zones? */ | |||
6638 | if (nzf_option == NULL) | |||
6639 | return (ISC_R_FAILURE); | |||
6640 | ||||
6641 | /* Try to parse the argument string */ | |||
6642 | arglen = strlen(args); | |||
6643 | isc_buffer_init(&argbuf, args, arglen); | |||
6644 | isc_buffer_add(&argbuf, strlen(args)); | |||
6645 | CHECK(cfg_parser_create(server->mctx, ns_g_lctx, &parser)); | |||
6646 | CHECK(cfg_parse_buffer(parser, &argbuf, &cfg_type_addzoneconf, | |||
6647 | &config)); | |||
6648 | CHECK(cfg_map_get(config, "addzone", &parms)); | |||
6649 | ||||
6650 | zonename = cfg_obj_asstring(cfg_tuple_get(parms, "name")); | |||
6651 | isc_buffer_init(&buf, zonename, strlen(zonename)); | |||
6652 | isc_buffer_add(&buf, strlen(zonename)); | |||
6653 | dns_name_init(&dnsname, NULL); | |||
6654 | isc_buffer_allocate(server->mctx, &nbuf, 256); | |||
6655 | dns_name_setbuffer(&dnsname, nbuf); | |||
6656 | CHECK(dns_name_fromtext(&dnsname, &buf, dns_rootname, ISC_FALSE, NULL)); | |||
6657 | ||||
6658 | /* | |||
6659 | * If new-zone-file indicates a directory rather than a file, | |||
6660 | * then "filepart" is the filename in the directory in which to | |||
6661 | * write the zone configuration text. | |||
6662 | */ | |||
6663 | obj = cfg_tuple_get(parms, "filepart"); | |||
6664 | if (obj && cfg_obj_isstring(obj)) | |||
6665 | filepart = cfg_obj_asstring(obj); | |||
6666 | ||||
6667 | if (filepart != NULL && *filepart != '\0') { | |||
6668 | /* No hidden fles or full paths */ | |||
6669 | if (*filepart == '.' || | |||
6670 | #ifdef WIN32 | |||
6671 | *filepart == '\\' || | |||
6672 | #endif | |||
6673 | *filepart == '/') | |||
6674 | { | |||
6675 | result = ISC_R_INVALIDFILE; | |||
6676 | goto cleanup; | |||
6677 | } | |||
6678 | /* No crawling up the directory tree */ | |||
6679 | if (strstr(filepart, "..") != NULL) { | |||
6680 | result = ISC_R_INVALIDFILE; | |||
6681 | goto cleanup; | |||
6682 | } | |||
6683 | } | |||
6684 | ||||
6685 | /* Make sense of optional class argument */ | |||
6686 | obj = cfg_tuple_get(parms, "class"); | |||
6687 | CHECK(ns_config_getclass(obj, dns_rdataclass_in, &rdclass)); | |||
6688 | if (rdclass != dns_rdataclass_in && obj) | |||
6689 | classname = cfg_obj_asstring(obj); | |||
6690 | ||||
6691 | /* Make sense of optional view argument */ | |||
6692 | obj = cfg_tuple_get(parms, "view"); | |||
6693 | if (obj && cfg_obj_isstring(obj)) | |||
6694 | viewname = cfg_obj_asstring(obj); | |||
6695 | if (viewname == NULL || *viewname == '\0') | |||
6696 | viewname = "_default"; | |||
6697 | CHECK(dns_viewlist_find(&server->viewlist, viewname, rdclass, &view)); | |||
6698 | ||||
6699 | /* Zone shouldn't already exist */ | |||
6700 | result = dns_zt_find(view->zonetable, &dnsname, 0, NULL, &zone); | |||
6701 | if (result == ISC_R_SUCCESS) { | |||
6702 | result = ISC_R_EXISTS; | |||
6703 | goto cleanup; | |||
6704 | } else if (result == DNS_R_PARTIALMATCH) { | |||
6705 | /* Create our sub-zone anyway */ | |||
6706 | dns_zone_detach(&zone); | |||
6707 | zone = NULL; | |||
6708 | } | |||
6709 | else if (result != ISC_R_NOTFOUND) | |||
6710 | goto cleanup; | |||
6711 | ||||
6712 | /* Find configuration for this view */ | |||
6713 | (void)cfg_map_get(nzf_config, "view", &views); | |||
6714 | for (element = cfg_list_first(views); | |||
6715 | element != NULL; | |||
6716 | element = cfg_list_next(element)) | |||
6717 | { | |||
6718 | const char *vname; | |||
6719 | ||||
6720 | vconfig = cfg_listelt_value(element); | |||
6721 | vname = cfg_obj_asstring(cfg_tuple_get(vconfig, "name")); | |||
6722 | if (vname && !strcasecmp(vname, viewname)) { | |||
6723 | /* What is save file for this view? */ | |||
6724 | if (vconfig != NULL) { | |||
6725 | const cfg_obj_t *voptions; | |||
6726 | voptions = cfg_tuple_get(vconfig, "options"); | |||
6727 | if (voptions) { | |||
6728 | obj = NULL; | |||
6729 | result = cfg_map_get(voptions, | |||
6730 | "new-zone-file", | |||
6731 | &obj); | |||
6732 | if (result == ISC_R_SUCCESS) | |||
6733 | filename = | |||
6734 | cfg_obj_asstring(obj); | |||
6735 | } | |||
6736 | } | |||
6737 | break; | |||
6738 | } | |||
6739 | vconfig = NULL; | |||
6740 | } | |||
6741 | ||||
6742 | /* Can we add and remove zones in this view? */ | |||
6743 | if (filename == NULL || *filename == '\0') | |||
6744 | filename = nzf_file; | |||
6745 | ||||
6746 | if (filename == NULL || *filename == '\0') { | |||
6747 | /* No adding zones in this view */ | |||
6748 | result = ISC_R_FAILURE; | |||
6749 | goto cleanup; | |||
6750 | } | |||
6751 | ||||
6752 | /* Possibly contruct a full path */ | |||
6753 | if (filepart != NULL && *filepart != '\0') { | |||
6754 | snprintf(fnamebuf, 512, "%s/%s", filename, filepart); | |||
6755 | filename = fnamebuf; | |||
6756 | } | |||
6757 | ||||
6758 | /* Path must be an existing file */ | |||
6759 | if (stat(filename, &sb) < 0) { | |||
6760 | result = ISC_R_FILENOTFOUND; | |||
6761 | goto cleanup; | |||
6762 | } | |||
6763 | if (!S_ISREG(sb.st_mode)) { | |||
6764 | result = ISC_R_FILENOTFOUND; | |||
6765 | goto cleanup; | |||
6766 | } | |||
6767 | ||||
6768 | /* Mark zone unfrozen so that zone can be added. */ | |||
6769 | dns_view_thaw(view); | |||
6770 | result = configure_zone(nzf_option, parms, vconfig, | |||
6771 | server->mctx, view, &nzf_actx); | |||
6772 | dns_view_freeze(view); | |||
6773 | if (result != ISC_R_SUCCESS) { | |||
6774 | goto cleanup; | |||
6775 | } | |||
6776 | ||||
6777 | /* Is it there yet? */ | |||
6778 | CHECK(dns_zt_find(view->zonetable, &dnsname, 0, NULL, &zone)); | |||
6779 | ||||
6780 | /* | |||
6781 | * Load the zone from the master file. If this fails, we'll | |||
6782 | * need to undo the configuration we've done already. | |||
6783 | */ | |||
6784 | result = dns_zone_loadnew(zone); | |||
6785 | if (result != ISC_R_SUCCESS) { | |||
6786 | dns_db_t *dbp = NULL; | |||
6787 | ||||
6788 | isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, | |||
6789 | NS_LOGMODULE_SERVER, ISC_LOG_INFO, | |||
6790 | "addzone failed; reverting."); | |||
6791 | ||||
6792 | /* If the zone loaded partially, unload it */ | |||
6793 | if (dns_zone_getdb(zone, &dbp) == ISC_R_SUCCESS) { | |||
6794 | dns_db_detach(&dbp); | |||
6795 | dns_zone_unload(zone); | |||
6796 | } | |||
6797 | ||||
6798 | /* Remove the zone from the zone table */ | |||
6799 | dns_zt_unmount(view->zonetable, zone); | |||
6800 | goto cleanup; | |||
6801 | } | |||
6802 | ||||
6803 | /* Write zone configuration out to our save file */ | |||
6804 | CHECK(isc_stdio_open(filename, "a", &fp)); | |||
6805 | ||||
6806 | /* Emit just the zone name from args */ | |||
6807 | CHECK(isc_stdio_write("zone ", 5, 1, fp, &len)); | |||
6808 | CHECK(isc_stdio_write(zonename, strlen(zonename), 1, fp, &len)); | |||
6809 | CHECK(isc_stdio_write(" ", 1, 1, fp, &len)); | |||
6810 | ||||
6811 | /* Classname, if not default */ | |||
6812 | if (classname != NULL && *classname != '\0') { | |||
6813 | CHECK(isc_stdio_write(classname, strlen(classname), 1, fp, | |||
6814 | &len)); | |||
6815 | CHECK(isc_stdio_write(" ", 1, 1, fp, &len)); | |||
6816 | } | |||
6817 | ||||
6818 | /* Find beginning of option block from args */ | |||
6819 | for (argp = args; *argp; argp++, arglen--) { | |||
6820 | if (*argp == '{') { /* Assume matching '}' */ | |||
6821 | /* Add that to our file */ | |||
6822 | CHECK(isc_stdio_write(argp, arglen, 1, fp, &len)); | |||
6823 | ||||
6824 | /* Make sure we end with a LF */ | |||
6825 | if (argp[arglen-1] != '\n') { | |||
6826 | CHECK(isc_stdio_write("\n", 1, 1, fp, &len)); | |||
6827 | } | |||
6828 | break; | |||
6829 | } | |||
6830 | } | |||
6831 | ||||
6832 | CHECK(isc_stdio_close(fp)); | |||
6833 | fp = NULL; | |||
6834 | isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, | |||
6835 | NS_LOGMODULE_SERVER, ISC_LOG_INFO, | |||
6836 | "zone %s added to view %s via addzone", | |||
6837 | zonename, viewname); | |||
6838 | ||||
6839 | result = ISC_R_SUCCESS; | |||
6840 | ||||
6841 | cleanup: | |||
6842 | if (fp != NULL) | |||
6843 | isc_stdio_close(fp); | |||
6844 | if (parser != NULL) { | |||
6845 | if (config != NULL) | |||
6846 | cfg_obj_destroy(parser, &config); | |||
6847 | cfg_parser_destroy(&parser); | |||
6848 | } | |||
6849 | if (zone != NULL) | |||
6850 | dns_zone_detach(&zone); | |||
6851 | if (view != NULL) | |||
6852 | dns_view_detach(&view); | |||
6853 | if (nbuf != NULL) | |||
6854 | isc_buffer_free(&nbuf); | |||
6855 | ||||
6856 | return (result); | |||
6857 | } | |||
6858 | ||||
6859 | /* | |||
6860 | * Pull an optional quoted filepart out of an arglist, shuffling memory | |||
6861 | * so we can hand it off to zone_from_args() later | |||
6862 | */ | |||
6863 | static char * | |||
6864 | extract_optional_qstring(char **args) { | |||
6865 | char *p = *args; | |||
6866 | char *str, *d; | |||
6867 | char quote; | |||
6868 | ||||
6869 | /* Skip past the command name */ | |||
6870 | while (isspace((unsigned char)*p)) | |||
6871 | p++; | |||
6872 | while (*p && !isspace((unsigned char)*p)) | |||
6873 | p++; | |||
6874 | ||||
6875 | /* Look for an open quote */ | |||
6876 | while (isspace((unsigned char)*p)) | |||
6877 | p++; | |||
6878 | if (*p != '\'' && *p != '"') | |||
6879 | return (NULL); | |||
6880 | ||||
6881 | /* Move that string to the front of the buf */ | |||
6882 | quote = *p++; | |||
6883 | str = d = *args; | |||
6884 | while (*p && *p != quote) | |||
6885 | *d++ = *p++; | |||
6886 | if (!*p) | |||
6887 | return (NULL); /* No matching close quote */ | |||
6888 | ||||
6889 | /* End that string */ | |||
6890 | *d++ = 0; | |||
6891 | *args = d; | |||
6892 | ||||
6893 | /* A bogus command name to placate zone_from_args() */ | |||
6894 | *d++ = 'X'; | |||
6895 | ||||
6896 | /* Cover over any remainder with spaces */ | |||
6897 | while (d <= p) | |||
6898 | *d++ = ' '; | |||
6899 | ||||
6900 | return (str); | |||
6901 | } | |||
6902 | ||||
6903 | /* | |||
6904 | * Act on a "delzone" command from the command channel. | |||
6905 | */ | |||
6906 | isc_result_t | |||
6907 | ns_server_del_zone(ns_server_t *server, char *args) { | |||
6908 | isc_result_t result; | |||
6909 | dns_zone_t *zone = NULL; | |||
6910 | dns_view_t *view = NULL; | |||
6911 | const cfg_obj_t *views = NULL; | |||
6912 | const cfg_obj_t *obj = NULL; | |||
6913 | const cfg_obj_t *vconfig = NULL; | |||
6914 | dns_db_t *dbp = NULL; | |||
6915 | const char *filename = NULL; | |||
6916 | char *filepart = NULL; | |||
6917 | char fnamebuf[512]; | |||
6918 | char *tmpname = NULL; | |||
6919 | const cfg_listelt_t *element; | |||
6920 | char buf[1024]; | |||
6921 | const char *zonename = NULL; | |||
6922 | size_t znamelen = 0; | |||
6923 | FILE *ifp = NULL, *ofp = NULL; | |||
6924 | ||||
6925 | /* Only accept removes if we're accepting adds */ | |||
6926 | if (nzf_option == NULL) | |||
6927 | return (ISC_R_FAILURE); | |||
6928 | ||||
6929 | /* Possibly a filename in quotes */ | |||
6930 | filepart = extract_optional_qstring(&args); | |||
6931 | if (filepart != NULL && *filepart != '\0') { | |||
6932 | /* No hidden fles or full paths */ | |||
6933 | if (*filepart == '.' || | |||
6934 | #ifdef WIN32 | |||
6935 | *filepart == '\\' || | |||
6936 | #endif | |||
6937 | *filepart == '/') | |||
6938 | { | |||
6939 | result = ISC_R_INVALIDFILE; | |||
6940 | goto cleanup; | |||
6941 | } | |||
6942 | /* No crawling up the directory tree */ | |||
6943 | if (strstr(filepart, "..") != NULL) { | |||
6944 | result = ISC_R_INVALIDFILE; | |||
6945 | goto cleanup; | |||
6946 | } | |||
6947 | } | |||
6948 | ||||
6949 | /* Make sense of rest of params */ | |||
6950 | CHECK(zone_from_args(server, args, &zone, &zonename)); | |||
6951 | if (result != ISC_R_SUCCESS) | |||
6952 | return (result); | |||
6953 | if (zone == NULL) { | |||
6954 | result = ISC_R_UNEXPECTEDEND; | |||
6955 | goto cleanup; | |||
6956 | } | |||
6957 | ||||
6958 | if (zonename != NULL && *zonename != '\0') | |||
6959 | znamelen = strlen(zonename); | |||
6960 | ||||
6961 | /* Dig out configuration for this zone */ | |||
6962 | view = dns_zone_getview(zone); | |||
6963 | (void)cfg_map_get(nzf_config, "view", &views); | |||
6964 | for (element = cfg_list_first(views); | |||
6965 | element != NULL; | |||
6966 | element = cfg_list_next(element)) | |||
6967 | { | |||
6968 | const char *vname; | |||
6969 | ||||
6970 | vconfig = cfg_listelt_value(element); | |||
6971 | vname = cfg_obj_asstring(cfg_tuple_get(vconfig, "name")); | |||
6972 | if (vname != NULL && !strcasecmp(vname, view->name)) { | |||
6973 | /* What is save file for this view? */ | |||
6974 | if (vconfig != NULL) { | |||
6975 | const cfg_obj_t *voptions; | |||
6976 | voptions = cfg_tuple_get(vconfig, "options"); | |||
6977 | if (voptions != NULL) { | |||
6978 | obj = NULL; | |||
6979 | result = cfg_map_get(voptions, | |||
6980 | "new-zone-file", | |||
6981 | &obj); | |||
6982 | if (result == ISC_R_SUCCESS) | |||
6983 | filename = | |||
6984 | cfg_obj_asstring(obj); | |||
6985 | } | |||
6986 | } | |||
6987 | break; | |||
6988 | } | |||
6989 | vconfig = NULL; | |||
6990 | } | |||
6991 | ||||
6992 | /* Can we add and remove zones in this view? */ | |||
6993 | if (filename == NULL || *filename == '\0') | |||
6994 | filename = nzf_file; | |||
6995 | ||||
6996 | if (filename == NULL || *filename == '\0') { | |||
6997 | /* No adding zones in this view */ | |||
6998 | result = ISC_R_FAILURE; | |||
6999 | goto cleanup; | |||
7000 | } | |||
7001 | ||||
7002 | /* Possibly contruct a full path */ | |||
7003 | if (filepart != NULL && *filepart != '\0') { | |||
7004 | snprintf(fnamebuf, 512, "%s/%s", filename, filepart); | |||
7005 | filename = fnamebuf; | |||
7006 | } | |||
7007 | ||||
7008 | /* Rewrite zone list */ | |||
7009 | result = isc_stdio_open(filename, "r", &ifp); | |||
7010 | if (ifp != NULL && result == ISC_R_SUCCESS) { | |||
7011 | char *found = NULL, *p; | |||
7012 | size_t n; | |||
7013 | ||||
7014 | /* Create a temporary file */ | |||
7015 | CHECK(isc_string_printf(buf, 1023, "%s.%d", filename, | |||
7016 | getpid())); | |||
7017 | if (!(tmpname = isc_mem_strdup(server->mctx, buf))) { | |||
7018 | result = ISC_R_NOMEMORY; | |||
7019 | goto cleanup; | |||
7020 | } | |||
7021 | CHECK(isc_stdio_open(tmpname, "w", &ofp)); | |||
7022 | ||||
7023 | /* Look for the entry for that zone */ | |||
7024 | while (fgets(buf, 1024, ifp)) { | |||
7025 | /* A 'zone' line */ | |||
7026 | if (strncasecmp(buf, "zone", 4)) { | |||
7027 | fputs(buf, ofp); | |||
7028 | continue; | |||
7029 | } | |||
7030 | p = buf+4; | |||
7031 | ||||
7032 | /* Locate a name */ | |||
7033 | while (*p && | |||
7034 | ((*p == '"') || isspace((unsigned char)*p))) | |||
7035 | p++; | |||
7036 | ||||
7037 | /* Is that the zone we're looking for */ | |||
7038 | if (strncasecmp(p, zonename, znamelen)) { | |||
7039 | fputs(buf, ofp); | |||
7040 | continue; | |||
7041 | } | |||
7042 | ||||
7043 | /* And nothing else? */ | |||
7044 | p += znamelen; | |||
7045 | if (isspace((unsigned char)*p) || | |||
7046 | *p == '"' || *p == '{') { | |||
7047 | /* This must be the entry */ | |||
7048 | found = p; | |||
7049 | break; | |||
7050 | } | |||
7051 | ||||
7052 | /* Spit it out, keep looking */ | |||
7053 | fputs(buf, ofp); | |||
7054 | } | |||
7055 | ||||
7056 | /* Skip over an option block (matching # of braces) */ | |||
7057 | if (found) { | |||
7058 | int obrace = 0, cbrace = 0; | |||
7059 | while (1) { | |||
7060 | while (*p) { | |||
7061 | if (*p == '{') obrace++; | |||
7062 | if (*p == '}') cbrace++; | |||
7063 | p++; | |||
7064 | } | |||
7065 | if (obrace && (obrace == cbrace)) | |||
7066 | break; | |||
7067 | if (!fgets(buf, 1024, ifp)) | |||
7068 | break; | |||
7069 | p = buf; | |||
7070 | } | |||
7071 | } | |||
7072 | ||||
7073 | /* Just spool the remainder of the file out */ | |||
7074 | while ((n = fread(buf, 1, 1024, ifp)) > 0U) | |||
7075 | fwrite(buf, 1, n, ofp); | |||
7076 | ||||
7077 | /* Move temporary into place */ | |||
7078 | CHECK(isc_file_rename(tmpname, filename)); | |||
7079 | } | |||
7080 | ||||
7081 | /* Stop answering for this zone */ | |||
7082 | if (dns_zone_getdb(zone, &dbp) == ISC_R_SUCCESS) { | |||
7083 | dns_db_detach(&dbp); | |||
7084 | dns_zone_unload(zone); | |||
7085 | } | |||
7086 | ||||
7087 | CHECK(dns_zt_unmount(view->zonetable, zone)); | |||
7088 | ||||
7089 | isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, | |||
7090 | NS_LOGMODULE_SERVER, ISC_LOG_INFO, | |||
7091 | "zone %s removed via delzone", zonename); | |||
7092 | ||||
7093 | result = ISC_R_SUCCESS; | |||
7094 | ||||
7095 | cleanup: | |||
7096 | if (ifp != NULL) | |||
7097 | isc_stdio_close(ifp); | |||
7098 | if (ofp != NULL) { | |||
7099 | isc_stdio_close(ofp); | |||
7100 | isc_file_remove(tmpname); | |||
7101 | } | |||
7102 | if (tmpname != NULL) | |||
7103 | isc_mem_free(server->mctx, tmpname); | |||
7104 | if (zone != NULL) | |||
7105 | dns_zone_detach(&zone); | |||
7106 | ||||
7107 | return (result); | |||
7108 | } |
--- src/external/bsd/bind/dist/lib/dns/Attic/keytable.c 2009/12/26 23:08:22 1.3
+++ src/external/bsd/bind/dist/lib/dns/Attic/keytable.c 2010/08/06 10:58:11 1.4
@@ -1,33 +1,33 @@ | @@ -1,33 +1,33 @@ | |||
1 | /* $NetBSD: keytable.c,v 1.3 2009/12/26 23:08:22 christos Exp $ */ | 1 | /* $NetBSD: keytable.c,v 1.4 2010/08/06 10:58:11 christos Exp $ */ | |
2 | 2 | |||
3 | /* | 3 | /* | |
4 | * Copyright (C) 2004, 2005, 2007, 2009 Internet Systems Consortium, Inc. ("ISC") | 4 | * Copyright (C) 2004, 2005, 2007, 2009, 2010 Internet Systems Consortium, Inc. ("ISC") | |
5 | * Copyright (C) 2000, 2001 Internet Software Consortium. | 5 | * Copyright (C) 2000, 2001 Internet Software Consortium. | |
6 | * | 6 | * | |
7 | * Permission to use, copy, modify, and/or distribute this software for any | 7 | * Permission to use, copy, modify, and/or distribute this software for any | |
8 | * purpose with or without fee is hereby granted, provided that the above | 8 | * purpose with or without fee is hereby granted, provided that the above | |
9 | * copyright notice and this permission notice appear in all copies. | 9 | * copyright notice and this permission notice appear in all copies. | |
10 | * | 10 | * | |
11 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | 11 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | |
12 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | 12 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | |
13 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | 13 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | |
14 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | 14 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | |
15 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | 15 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | |
16 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | 16 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | |
17 | * PERFORMANCE OF THIS SOFTWARE. | 17 | * PERFORMANCE OF THIS SOFTWARE. | |
18 | */ | 18 | */ | |
19 | 19 | |||
20 | /* Id: keytable.c,v 1.39 2009/12/03 15:40:02 each Exp */ | 20 | /* Id: keytable.c,v 1.39.4.2 2010/06/25 23:46:33 tbox Exp */ | |
21 | 21 | |||
22 | /*! \file */ | 22 | /*! \file */ | |
23 | 23 | |||
24 | #include <config.h> | 24 | #include <config.h> | |
25 | 25 | |||
26 | #include <isc/mem.h> | 26 | #include <isc/mem.h> | |
27 | #include <isc/rwlock.h> | 27 | #include <isc/rwlock.h> | |
28 | #include <isc/string.h> /* Required for HP/UX (and others?) */ | 28 | #include <isc/string.h> /* Required for HP/UX (and others?) */ | |
29 | #include <isc/util.h> | 29 | #include <isc/util.h> | |
30 | 30 | |||
31 | #include <dns/keytable.h> | 31 | #include <dns/keytable.h> | |
32 | #include <dns/fixedname.h> | 32 | #include <dns/fixedname.h> | |
33 | #include <dns/rbt.h> | 33 | #include <dns/rbt.h> | |
@@ -545,26 +545,64 @@ dns_keytable_issecuredomain(dns_keytable | @@ -545,26 +545,64 @@ dns_keytable_issecuredomain(dns_keytable | |||
545 | INSIST(data != NULL); | 545 | INSIST(data != NULL); | |
546 | *wantdnssecp = ISC_TRUE; | 546 | *wantdnssecp = ISC_TRUE; | |
547 | result = ISC_R_SUCCESS; | 547 | result = ISC_R_SUCCESS; | |
548 | } else if (result == ISC_R_NOTFOUND) { | 548 | } else if (result == ISC_R_NOTFOUND) { | |
549 | *wantdnssecp = ISC_FALSE; | 549 | *wantdnssecp = ISC_FALSE; | |
550 | result = ISC_R_SUCCESS; | 550 | result = ISC_R_SUCCESS; | |
551 | } | 551 | } | |
552 | 552 | |||
553 | RWUNLOCK(&keytable->rwlock, isc_rwlocktype_read); | 553 | RWUNLOCK(&keytable->rwlock, isc_rwlocktype_read); | |
554 | 554 | |||
555 | return (result); | 555 | return (result); | |
556 | } | 556 | } | |
557 | 557 | |||
558 | isc_result_t | |||
559 | dns_keytable_dump(dns_keytable_t *keytable, FILE *fp) | |||
560 | { | |||
561 | isc_result_t result; | |||
562 | dns_keynode_t *knode; | |||
563 | dns_rbtnode_t *node; | |||
564 | dns_rbtnodechain_t chain; | |||
565 | ||||
566 | REQUIRE(VALID_KEYTABLE(keytable)); | |||
567 | ||||
568 | RWLOCK(&keytable->rwlock, isc_rwlocktype_read); | |||
569 | dns_rbtnodechain_init(&chain, keytable->mctx); | |||
570 | result = dns_rbtnodechain_first(&chain, keytable->table, NULL, NULL); | |||
571 | if (result != ISC_R_SUCCESS && result != DNS_R_NEWORIGIN) | |||
572 | goto cleanup; | |||
573 | for (;;) { | |||
574 | char pbuf[DST_KEY_FORMATSIZE]; | |||
575 | ||||
576 | dns_rbtnodechain_current(&chain, NULL, NULL, &node); | |||
577 | for (knode = node->data; knode != NULL; knode = knode->next) { | |||
578 | dst_key_format(knode->key, pbuf, sizeof(pbuf)); | |||
579 | fprintf(fp, "%s ; %s\n", pbuf, | |||
580 | knode->managed ? "managed" : "trusted"); | |||
581 | } | |||
582 | result = dns_rbtnodechain_next(&chain, NULL, NULL); | |||
583 | if (result != ISC_R_SUCCESS && result != DNS_R_NEWORIGIN) { | |||
584 | if (result == ISC_R_NOMORE) | |||
585 | result = ISC_R_SUCCESS; | |||
586 | break; | |||
587 | } | |||
588 | } | |||
589 | ||||
590 | cleanup: | |||
591 | dns_rbtnodechain_invalidate(&chain); | |||
592 | RWUNLOCK(&keytable->rwlock, isc_rwlocktype_read); | |||
593 | return (result); | |||
594 | } | |||
595 | ||||
558 | dst_key_t * | 596 | dst_key_t * | |
559 | dns_keynode_key(dns_keynode_t *keynode) { | 597 | dns_keynode_key(dns_keynode_t *keynode) { | |
560 | 598 | |||
561 | /* | 599 | /* | |
562 | * Get the DST key associated with keynode. | 600 | * Get the DST key associated with keynode. | |
563 | */ | 601 | */ | |
564 | 602 | |||
565 | REQUIRE(VALID_KEYNODE(keynode)); | 603 | REQUIRE(VALID_KEYNODE(keynode)); | |
566 | 604 | |||
567 | return (keynode->key); | 605 | return (keynode->key); | |
568 | } | 606 | } | |
569 | 607 | |||
570 | isc_boolean_t | 608 | isc_boolean_t |
--- src/external/bsd/bind/dist/lib/dns/Attic/message.c 2009/12/26 23:08:22 1.4
+++ src/external/bsd/bind/dist/lib/dns/Attic/message.c 2010/08/06 10:58:12 1.5
@@ -1,33 +1,33 @@ | @@ -1,33 +1,33 @@ | |||
1 | /* $NetBSD: message.c,v 1.4 2009/12/26 23:08:22 christos Exp $ */ | 1 | /* $NetBSD: message.c,v 1.5 2010/08/06 10:58:12 christos Exp $ */ | |
2 | 2 | |||
3 | /* | 3 | /* | |
4 | * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") | 4 | * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") | |
5 | * Copyright (C) 1999-2003 Internet Software Consortium. | 5 | * Copyright (C) 1999-2003 Internet Software Consortium. | |
6 | * | 6 | * | |
7 | * Permission to use, copy, modify, and/or distribute this software for any | 7 | * Permission to use, copy, modify, and/or distribute this software for any | |
8 | * purpose with or without fee is hereby granted, provided that the above | 8 | * purpose with or without fee is hereby granted, provided that the above | |
9 | * copyright notice and this permission notice appear in all copies. | 9 | * copyright notice and this permission notice appear in all copies. | |
10 | * | 10 | * | |
11 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | 11 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | |
12 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | 12 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | |
13 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | 13 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | |
14 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | 14 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | |
15 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | 15 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | |
16 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | 16 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | |
17 | * PERFORMANCE OF THIS SOFTWARE. | 17 | * PERFORMANCE OF THIS SOFTWARE. | |
18 | */ | 18 | */ | |
19 | 19 | |||
20 | /* Id: message.c,v 1.249 2009/11/24 03:20:02 marka Exp */ | 20 | /* Id: message.c,v 1.249.10.4 2010/06/03 05:27:59 marka Exp */ | |
21 | 21 | |||
22 | /*! \file */ | 22 | /*! \file */ | |
23 | 23 | |||
24 | /*** | 24 | /*** | |
25 | *** Imports | 25 | *** Imports | |
26 | ***/ | 26 | ***/ | |
27 | 27 | |||
28 | #include <config.h> | 28 | #include <config.h> | |
29 | #include <ctype.h> | 29 | #include <ctype.h> | |
30 | 30 | |||
31 | #include <isc/buffer.h> | 31 | #include <isc/buffer.h> | |
32 | #include <isc/mem.h> | 32 | #include <isc/mem.h> | |
33 | #include <isc/print.h> | 33 | #include <isc/print.h> | |
@@ -1523,26 +1523,28 @@ getsection(isc_buffer_t *source, dns_mes | @@ -1523,26 +1523,28 @@ getsection(isc_buffer_t *source, dns_mes | |||
1523 | * If this is an SIG(0) or TSIG record, remember it. Note | 1523 | * If this is an SIG(0) or TSIG record, remember it. Note | |
1524 | * that msg->sig0 or msg->tsig will only be set if best-effort | 1524 | * that msg->sig0 or msg->tsig will only be set if best-effort | |
1525 | * parsing is enabled. | 1525 | * parsing is enabled. | |
1526 | */ | 1526 | */ | |
1527 | if (issigzero && msg->sig0 == NULL) { | 1527 | if (issigzero && msg->sig0 == NULL) { | |
1528 | msg->sig0 = rdataset; | 1528 | msg->sig0 = rdataset; | |
1529 | msg->sig0name = name; | 1529 | msg->sig0name = name; | |
1530 | rdataset = NULL; | 1530 | rdataset = NULL; | |
1531 | free_rdataset = ISC_FALSE; | 1531 | free_rdataset = ISC_FALSE; | |
1532 | free_name = ISC_FALSE; | 1532 | free_name = ISC_FALSE; | |
1533 | } else if (rdtype == dns_rdatatype_tsig && msg->tsig == NULL) { | 1533 | } else if (rdtype == dns_rdatatype_tsig && msg->tsig == NULL) { | |
1534 | msg->tsig = rdataset; | 1534 | msg->tsig = rdataset; | |
1535 | msg->tsigname = name; | 1535 | msg->tsigname = name; | |
1536 | /* Windows doesn't like TSIG names to be compressed. */ | |||
1537 | msg->tsigname->attributes |= DNS_NAMEATTR_NOCOMPRESS; | |||
1536 | rdataset = NULL; | 1538 | rdataset = NULL; | |
1537 | free_rdataset = ISC_FALSE; | 1539 | free_rdataset = ISC_FALSE; | |
1538 | free_name = ISC_FALSE; | 1540 | free_name = ISC_FALSE; | |
1539 | } | 1541 | } | |
1540 | 1542 | |||
1541 | if (seen_problem) { | 1543 | if (seen_problem) { | |
1542 | if (free_name) | 1544 | if (free_name) | |
1543 | isc_mempool_put(msg->namepool, name); | 1545 | isc_mempool_put(msg->namepool, name); | |
1544 | if (free_rdataset) | 1546 | if (free_rdataset) | |
1545 | isc_mempool_put(msg->rdspool, rdataset); | 1547 | isc_mempool_put(msg->rdspool, rdataset); | |
1546 | free_name = free_rdataset = ISC_FALSE; | 1548 | free_name = free_rdataset = ISC_FALSE; | |
1547 | } | 1549 | } | |
1548 | INSIST(free_name == ISC_FALSE); | 1550 | INSIST(free_name == ISC_FALSE); | |
@@ -2517,27 +2519,29 @@ dns_message_peekheader(isc_buffer_t *sou | @@ -2517,27 +2519,29 @@ dns_message_peekheader(isc_buffer_t *sou | |||
2517 | isc_result_t | 2519 | isc_result_t | |
2518 | dns_message_reply(dns_message_t *msg, isc_boolean_t want_question_section) { | 2520 | dns_message_reply(dns_message_t *msg, isc_boolean_t want_question_section) { | |
2519 | unsigned int first_section; | 2521 | unsigned int first_section; | |
2520 | isc_result_t result; | 2522 | isc_result_t result; | |
2521 | 2523 | |||
2522 | REQUIRE(DNS_MESSAGE_VALID(msg)); | 2524 | REQUIRE(DNS_MESSAGE_VALID(msg)); | |
2523 | REQUIRE((msg->flags & DNS_MESSAGEFLAG_QR) == 0); | 2525 | REQUIRE((msg->flags & DNS_MESSAGEFLAG_QR) == 0); | |
2524 | 2526 | |||
2525 | if (!msg->header_ok) | 2527 | if (!msg->header_ok) | |
2526 | return (DNS_R_FORMERR); | 2528 | return (DNS_R_FORMERR); | |
2527 | if (msg->opcode != dns_opcode_query && | 2529 | if (msg->opcode != dns_opcode_query && | |
2528 | msg->opcode != dns_opcode_notify) | 2530 | msg->opcode != dns_opcode_notify) | |
2529 | want_question_section = ISC_FALSE; | 2531 | want_question_section = ISC_FALSE; | |
2530 | if (want_question_section) { | 2532 | if (msg->opcode == dns_opcode_update) | |
2533 | first_section = DNS_SECTION_ADDITIONAL; | |||
2534 | else if (want_question_section) { | |||
2531 | if (!msg->question_ok) | 2535 | if (!msg->question_ok) | |
2532 | return (DNS_R_FORMERR); | 2536 | return (DNS_R_FORMERR); | |
2533 | first_section = DNS_SECTION_ANSWER; | 2537 | first_section = DNS_SECTION_ANSWER; | |
2534 | } else | 2538 | } else | |
2535 | first_section = DNS_SECTION_QUESTION; | 2539 | first_section = DNS_SECTION_QUESTION; | |
2536 | msg->from_to_wire = DNS_MESSAGE_INTENTRENDER; | 2540 | msg->from_to_wire = DNS_MESSAGE_INTENTRENDER; | |
2537 | msgresetnames(msg, first_section); | 2541 | msgresetnames(msg, first_section); | |
2538 | msgresetopt(msg); | 2542 | msgresetopt(msg); | |
2539 | msgresetsigs(msg, ISC_TRUE); | 2543 | msgresetsigs(msg, ISC_TRUE); | |
2540 | msginitprivate(msg); | 2544 | msginitprivate(msg); | |
2541 | /* | 2545 | /* | |
2542 | * We now clear most flags and then set QR, ensuring that the | 2546 | * We now clear most flags and then set QR, ensuring that the | |
2543 | * reply's flags will be in a reasonable state. | 2547 | * reply's flags will be in a reasonable state. | |
@@ -3194,80 +3198,85 @@ dns_message_pseudosectiontotext(dns_mess | @@ -3194,80 +3198,85 @@ dns_message_pseudosectiontotext(dns_mess | |||
3194 | case DNS_PSEUDOSECTION_OPT: | 3198 | case DNS_PSEUDOSECTION_OPT: | |
3195 | ps = dns_message_getopt(msg); | 3199 | ps = dns_message_getopt(msg); | |
3196 | if (ps == NULL) | 3200 | if (ps == NULL) | |
3197 | return (ISC_R_SUCCESS); | 3201 | return (ISC_R_SUCCESS); | |
3198 | if ((flags & DNS_MESSAGETEXTFLAG_NOCOMMENTS) == 0) | 3202 | if ((flags & DNS_MESSAGETEXTFLAG_NOCOMMENTS) == 0) | |
3199 | ADD_STRING(target, ";; OPT PSEUDOSECTION:\n"); | 3203 | ADD_STRING(target, ";; OPT PSEUDOSECTION:\n"); | |
3200 | ADD_STRING(target, "; EDNS: version: "); | 3204 | ADD_STRING(target, "; EDNS: version: "); | |
3201 | snprintf(buf, sizeof(buf), "%u", | 3205 | snprintf(buf, sizeof(buf), "%u", | |
3202 | (unsigned int)((ps->ttl & 0x00ff0000) >> 16)); | 3206 | (unsigned int)((ps->ttl & 0x00ff0000) >> 16)); | |
3203 | ADD_STRING(target, buf); | 3207 | ADD_STRING(target, buf); | |
3204 | ADD_STRING(target, ", flags:"); | 3208 | ADD_STRING(target, ", flags:"); | |
3205 | if ((ps->ttl & DNS_MESSAGEEXTFLAG_DO) != 0) | 3209 | if ((ps->ttl & DNS_MESSAGEEXTFLAG_DO) != 0) | |
3206 | ADD_STRING(target, " do"); | 3210 | ADD_STRING(target, " do"); | |
3207 | mbz = ps->ttl & ~DNS_MESSAGEEXTFLAG_DO & 0xffff; | 3211 | mbz = ps->ttl & 0xffff; | |
3212 | mbz &= ~DNS_MESSAGEEXTFLAG_DO; /* Known Flags. */ | |||
3208 | if (mbz != 0) { | 3213 | if (mbz != 0) { | |
3209 | ADD_STRING(target, "; MBZ: "); | 3214 | ADD_STRING(target, "; MBZ: "); | |
3210 | snprintf(buf, sizeof(buf), "%.4x ", mbz); | 3215 | snprintf(buf, sizeof(buf), "%.4x ", mbz); | |
3211 | ADD_STRING(target, buf); | 3216 | ADD_STRING(target, buf); | |
3212 | ADD_STRING(target, ", udp: "); | 3217 | ADD_STRING(target, ", udp: "); | |
3213 | } else | 3218 | } else | |
3214 | ADD_STRING(target, "; udp: "); | 3219 | ADD_STRING(target, "; udp: "); | |
3215 | snprintf(buf, sizeof(buf), "%u\n", (unsigned int)ps->rdclass); | 3220 | snprintf(buf, sizeof(buf), "%u\n", (unsigned int)ps->rdclass); | |
3216 | ADD_STRING(target, buf); | 3221 | ADD_STRING(target, buf); | |
3217 | 3222 | |||
3218 | result = dns_rdataset_first(ps); | 3223 | result = dns_rdataset_first(ps); | |
3219 | if (result != ISC_R_SUCCESS) | 3224 | if (result != ISC_R_SUCCESS) | |
3220 | return (ISC_R_SUCCESS); | 3225 | return (ISC_R_SUCCESS); | |
3221 | 3226 | |||
3222 | /* Print EDNS info, if any */ | 3227 | /* Print EDNS info, if any */ | |
3223 | dns_rdata_init(&rdata); | 3228 | dns_rdata_init(&rdata); | |
3224 | dns_rdataset_current(ps, &rdata); | 3229 | dns_rdataset_current(ps, &rdata); | |
3225 | if (rdata.length < 4) | |||
3226 | return (ISC_R_SUCCESS); | |||
3227 | 3230 | |||
3228 | isc_buffer_init(&optbuf, rdata.data, rdata.length); | 3231 | isc_buffer_init(&optbuf, rdata.data, rdata.length); | |
3229 | isc_buffer_add(&optbuf, rdata.length); | 3232 | isc_buffer_add(&optbuf, rdata.length); | |
3230 | optcode = isc_buffer_getuint16(&optbuf); | 3233 | while (isc_buffer_remaininglength(&optbuf) != 0) { | |
3231 | optlen = isc_buffer_getuint16(&optbuf); | 3234 | INSIST(isc_buffer_remaininglength(&optbuf) >= 4U); | |
3235 | optcode = isc_buffer_getuint16(&optbuf); | |||
3236 | optlen = isc_buffer_getuint16(&optbuf); | |||
3237 | INSIST(isc_buffer_remaininglength(&optbuf) >= optlen); | |||
3232 | 3238 | |||
3233 | if (optcode == DNS_OPT_NSID) { | 3239 | if (optcode == DNS_OPT_NSID) { | |
3234 | ADD_STRING(target, "; NSID"); | 3240 | ADD_STRING(target, "; NSID"); | |
3235 | } else { | 3241 | } else { | |
3236 | ADD_STRING(target, "; OPT="); | 3242 | ADD_STRING(target, "; OPT="); | |
3237 | sprintf(buf, "%u", optcode); | 3243 | sprintf(buf, "%u", optcode); | |
3238 | ADD_STRING(target, buf); | |||
3239 | } | |||
3240 | ||||
3241 | if (optlen != 0) { | |||
3242 | int i; | |||
3243 | ADD_STRING(target, ": "); | |||
3244 | ||||
3245 | optdata = rdata.data + 4; | |||
3246 | for (i = 0; i < optlen; i++) { | |||
3247 | sprintf(buf, "%02x ", optdata[i]); | |||
3248 | ADD_STRING(target, buf); | 3244 | ADD_STRING(target, buf); | |
3249 | } | 3245 | } | |
3250 | for (i = 0; i < optlen; i++) { | 3246 | ||
3251 | ADD_STRING(target, " ("); | 3247 | if (optlen != 0) { | |
3252 | if (isprint(optdata[i])) | 3248 | int i; | |
3253 | isc_buffer_putmem(target, &optdata[i], | 3249 | ADD_STRING(target, ": "); | |
3254 | 1); | 3250 | ||
3255 | else | 3251 | optdata = isc_buffer_current(&optbuf); | |
3256 | isc_buffer_putstr(target, "."); | 3252 | for (i = 0; i < optlen; i++) { | |
3257 | ADD_STRING(target, ")"); | 3253 | sprintf(buf, "%02x ", optdata[i]); | |
3254 | ADD_STRING(target, buf); | |||
3255 | } | |||
3256 | for (i = 0; i < optlen; i++) { | |||
3257 | ADD_STRING(target, " ("); | |||
3258 | if (isprint(optdata[i])) | |||
3259 | isc_buffer_putmem(target, | |||
3260 | &optdata[i], | |||
3261 | 1); | |||
3262 | else | |||
3263 | isc_buffer_putstr(target, "."); | |||
3264 | ADD_STRING(target, ")"); | |||
3265 | } | |||
3266 | isc_buffer_forward(&optbuf, optlen); | |||
3258 | } | 3267 | } | |
3268 | ADD_STRING(target, "\n"); | |||
3259 | } | 3269 | } | |
3260 | ADD_STRING(target, "\n"); | |||
3261 | return (ISC_R_SUCCESS); | 3270 | return (ISC_R_SUCCESS); | |
3262 | case DNS_PSEUDOSECTION_TSIG: | 3271 | case DNS_PSEUDOSECTION_TSIG: | |
3263 | ps = dns_message_gettsig(msg, &name); | 3272 | ps = dns_message_gettsig(msg, &name); | |
3264 | if (ps == NULL) | 3273 | if (ps == NULL) | |
3265 | return (ISC_R_SUCCESS); | 3274 | return (ISC_R_SUCCESS); | |
3266 | if ((flags & DNS_MESSAGETEXTFLAG_NOCOMMENTS) == 0) | 3275 | if ((flags & DNS_MESSAGETEXTFLAG_NOCOMMENTS) == 0) | |
3267 | ADD_STRING(target, ";; TSIG PSEUDOSECTION:\n"); | 3276 | ADD_STRING(target, ";; TSIG PSEUDOSECTION:\n"); | |
3268 | result = dns_master_rdatasettotext(name, ps, style, target); | 3277 | result = dns_master_rdatasettotext(name, ps, style, target); | |
3269 | if ((flags & DNS_MESSAGETEXTFLAG_NOHEADERS) == 0 && | 3278 | if ((flags & DNS_MESSAGETEXTFLAG_NOHEADERS) == 0 && | |
3270 | (flags & DNS_MESSAGETEXTFLAG_NOCOMMENTS) == 0) | 3279 | (flags & DNS_MESSAGETEXTFLAG_NOCOMMENTS) == 0) | |
3271 | ADD_STRING(target, "\n"); | 3280 | ADD_STRING(target, "\n"); | |
3272 | return (result); | 3281 | return (result); | |
3273 | case DNS_PSEUDOSECTION_SIG0: | 3282 | case DNS_PSEUDOSECTION_SIG0: | |
@@ -3297,41 +3306,46 @@ dns_message_totext(dns_message_t *msg, c | @@ -3297,41 +3306,46 @@ dns_message_totext(dns_message_t *msg, c | |||
3297 | if ((flags & DNS_MESSAGETEXTFLAG_NOHEADERS) == 0) { | 3306 | if ((flags & DNS_MESSAGETEXTFLAG_NOHEADERS) == 0) { | |
3298 | ADD_STRING(target, ";; ->>HEADER<<- opcode: "); | 3307 | ADD_STRING(target, ";; ->>HEADER<<- opcode: "); | |
3299 | ADD_STRING(target, opcodetext[msg->opcode]); | 3308 | ADD_STRING(target, opcodetext[msg->opcode]); | |
3300 | ADD_STRING(target, ", status: "); | 3309 | ADD_STRING(target, ", status: "); | |
3301 | if (msg->rcode < (sizeof(rcodetext)/sizeof(rcodetext[0]))) { | 3310 | if (msg->rcode < (sizeof(rcodetext)/sizeof(rcodetext[0]))) { | |
3302 | ADD_STRING(target, rcodetext[msg->rcode]); | 3311 | ADD_STRING(target, rcodetext[msg->rcode]); | |
3303 | } else { | 3312 | } else { | |
3304 | snprintf(buf, sizeof(buf), "%4u", msg->rcode); | 3313 | snprintf(buf, sizeof(buf), "%4u", msg->rcode); | |
3305 | ADD_STRING(target, buf); | 3314 | ADD_STRING(target, buf); | |
3306 | } | 3315 | } | |
3307 | ADD_STRING(target, ", id: "); | 3316 | ADD_STRING(target, ", id: "); | |
3308 | snprintf(buf, sizeof(buf), "%6u", msg->id); | 3317 | snprintf(buf, sizeof(buf), "%6u", msg->id); | |
3309 | ADD_STRING(target, buf); | 3318 | ADD_STRING(target, buf); | |
3310 | ADD_STRING(target, "\n;; flags: "); | 3319 | ADD_STRING(target, "\n;; flags:"); | |
3311 | if ((msg->flags & DNS_MESSAGEFLAG_QR) != 0) | 3320 | if ((msg->flags & DNS_MESSAGEFLAG_QR) != 0) | |
3312 | ADD_STRING(target, "qr "); | 3321 | ADD_STRING(target, " qr"); | |
3313 | if ((msg->flags & DNS_MESSAGEFLAG_AA) != 0) | 3322 | if ((msg->flags & DNS_MESSAGEFLAG_AA) != 0) | |
3314 | ADD_STRING(target, "aa "); | 3323 | ADD_STRING(target, " aa"); | |
3315 | if ((msg->flags & DNS_MESSAGEFLAG_TC) != 0) | 3324 | if ((msg->flags & DNS_MESSAGEFLAG_TC) != 0) | |
3316 | ADD_STRING(target, "tc "); | 3325 | ADD_STRING(target, " tc"); | |
3317 | if ((msg->flags & DNS_MESSAGEFLAG_RD) != 0) | 3326 | if ((msg->flags & DNS_MESSAGEFLAG_RD) != 0) | |
3318 | ADD_STRING(target, "rd "); | 3327 | ADD_STRING(target, " rd"); | |
3319 | if ((msg->flags & DNS_MESSAGEFLAG_RA) != 0) | 3328 | if ((msg->flags & DNS_MESSAGEFLAG_RA) != 0) | |
3320 | ADD_STRING(target, "ra "); | 3329 | ADD_STRING(target, " ra"); | |
3321 | if ((msg->flags & DNS_MESSAGEFLAG_AD) != 0) | 3330 | if ((msg->flags & DNS_MESSAGEFLAG_AD) != 0) | |
3322 | ADD_STRING(target, "ad "); | 3331 | ADD_STRING(target, " ad"); | |
3323 | if ((msg->flags & DNS_MESSAGEFLAG_CD) != 0) | 3332 | if ((msg->flags & DNS_MESSAGEFLAG_CD) != 0) | |
3324 | ADD_STRING(target, "cd "); | 3333 | ADD_STRING(target, " cd"); | |
3334 | /* | |||
3335 | * The final unnamed flag must be zero. | |||
3336 | */ | |||
3337 | if ((msg->flags & 0x0040U) != 0) | |||
3338 | ADD_STRING(target, "; MBZ: 0x4"); | |||
3325 | if (msg->opcode != dns_opcode_update) { | 3339 | if (msg->opcode != dns_opcode_update) { | |
3326 | ADD_STRING(target, "; QUESTION: "); | 3340 | ADD_STRING(target, "; QUESTION: "); | |
3327 | } else { | 3341 | } else { | |
3328 | ADD_STRING(target, "; ZONE: "); | 3342 | ADD_STRING(target, "; ZONE: "); | |
3329 | } | 3343 | } | |
3330 | snprintf(buf, sizeof(buf), "%1u", | 3344 | snprintf(buf, sizeof(buf), "%1u", | |
3331 | msg->counts[DNS_SECTION_QUESTION]); | 3345 | msg->counts[DNS_SECTION_QUESTION]); | |
3332 | ADD_STRING(target, buf); | 3346 | ADD_STRING(target, buf); | |
3333 | if (msg->opcode != dns_opcode_update) { | 3347 | if (msg->opcode != dns_opcode_update) { | |
3334 | ADD_STRING(target, ", ANSWER: "); | 3348 | ADD_STRING(target, ", ANSWER: "); | |
3335 | } else { | 3349 | } else { | |
3336 | ADD_STRING(target, ", PREREQ: "); | 3350 | ADD_STRING(target, ", PREREQ: "); | |
3337 | } | 3351 | } |
--- src/external/bsd/bind/dist/lib/dns/Attic/rbtdb.c 2009/12/26 23:08:22 1.4
+++ src/external/bsd/bind/dist/lib/dns/Attic/rbtdb.c 2010/08/06 10:58:12 1.5
@@ -1,33 +1,33 @@ | @@ -1,33 +1,33 @@ | |||
1 | /* $NetBSD: rbtdb.c,v 1.4 2009/12/26 23:08:22 christos Exp $ */ | 1 | /* $NetBSD: rbtdb.c,v 1.5 2010/08/06 10:58:12 christos Exp $ */ | |
2 | 2 | |||
3 | /* | 3 | /* | |
4 | * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") | 4 | * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") | |
5 | * Copyright (C) 1999-2003 Internet Software Consortium. | 5 | * Copyright (C) 1999-2003 Internet Software Consortium. | |
6 | * | 6 | * | |
7 | * Permission to use, copy, modify, and/or distribute this software for any | 7 | * Permission to use, copy, modify, and/or distribute this software for any | |
8 | * purpose with or without fee is hereby granted, provided that the above | 8 | * purpose with or without fee is hereby granted, provided that the above | |
9 | * copyright notice and this permission notice appear in all copies. | 9 | * copyright notice and this permission notice appear in all copies. | |
10 | * | 10 | * | |
11 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | 11 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | |
12 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | 12 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | |
13 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | 13 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | |
14 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | 14 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | |
15 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | 15 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | |
16 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | 16 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | |
17 | * PERFORMANCE OF THIS SOFTWARE. | 17 | * PERFORMANCE OF THIS SOFTWARE. | |
18 | */ | 18 | */ | |
19 | 19 | |||
20 | /* Id: rbtdb.c,v 1.292 2009/11/26 23:48:14 tbox Exp */ | 20 | /* Id: rbtdb.c,v 1.292.8.9 2010/05/10 01:41:11 marka Exp */ | |
21 | 21 | |||
22 | /*! \file */ | 22 | /*! \file */ | |
23 | 23 | |||
24 | /* | 24 | /* | |
25 | * Principal Author: Bob Halley | 25 | * Principal Author: Bob Halley | |
26 | */ | 26 | */ | |
27 | 27 | |||
28 | #include <config.h> | 28 | #include <config.h> | |
29 | 29 | |||
30 | /* #define inline */ | 30 | /* #define inline */ | |
31 | 31 | |||
32 | #include <isc/event.h> | 32 | #include <isc/event.h> | |
33 | #include <isc/heap.h> | 33 | #include <isc/heap.h> | |
@@ -514,41 +514,45 @@ static isc_result_t rdataset_putaddition | @@ -514,41 +514,45 @@ static isc_result_t rdataset_putaddition | |||
514 | dns_rdatasetadditional_t type, | 514 | dns_rdatasetadditional_t type, | |
515 | dns_rdatatype_t qtype); | 515 | dns_rdatatype_t qtype); | |
516 | static inline isc_boolean_t need_headerupdate(rdatasetheader_t *header, | 516 | static inline isc_boolean_t need_headerupdate(rdatasetheader_t *header, | |
517 | isc_stdtime_t now); | 517 | isc_stdtime_t now); | |
518 | static void update_header(dns_rbtdb_t *rbtdb, rdatasetheader_t *header, | 518 | static void update_header(dns_rbtdb_t *rbtdb, rdatasetheader_t *header, | |
519 | isc_stdtime_t now); | 519 | isc_stdtime_t now); | |
520 | static void expire_header(dns_rbtdb_t *rbtdb, rdatasetheader_t *header, | 520 | static void expire_header(dns_rbtdb_t *rbtdb, rdatasetheader_t *header, | |
521 | isc_boolean_t tree_locked); | 521 | isc_boolean_t tree_locked); | |
522 | static void overmem_purge(dns_rbtdb_t *rbtdb, unsigned int locknum_start, | 522 | static void overmem_purge(dns_rbtdb_t *rbtdb, unsigned int locknum_start, | |
523 | isc_stdtime_t now, isc_boolean_t tree_locked); | 523 | isc_stdtime_t now, isc_boolean_t tree_locked); | |
524 | static isc_result_t resign_insert(dns_rbtdb_t *rbtdb, int idx, | 524 | static isc_result_t resign_insert(dns_rbtdb_t *rbtdb, int idx, | |
525 | rdatasetheader_t *newheader); | 525 | rdatasetheader_t *newheader); | |
526 | static void prune_tree(isc_task_t *task, isc_event_t *event); | 526 | static void prune_tree(isc_task_t *task, isc_event_t *event); | |
527 | static void rdataset_settrust(dns_rdataset_t *rdataset, dns_trust_t trust); | |||
528 | static void rdataset_expire(dns_rdataset_t *rdataset); | |||
527 | 529 | |||
528 | static dns_rdatasetmethods_t rdataset_methods = { | 530 | static dns_rdatasetmethods_t rdataset_methods = { | |
529 | rdataset_disassociate, | 531 | rdataset_disassociate, | |
530 | rdataset_first, | 532 | rdataset_first, | |
531 | rdataset_next, | 533 | rdataset_next, | |
532 | rdataset_current, | 534 | rdataset_current, | |
533 | rdataset_clone, | 535 | rdataset_clone, | |
534 | rdataset_count, | 536 | rdataset_count, | |
535 | NULL, | 537 | NULL, | |
536 | rdataset_getnoqname, | 538 | rdataset_getnoqname, | |
537 | NULL, | 539 | NULL, | |
538 | rdataset_getclosest, | 540 | rdataset_getclosest, | |
539 | rdataset_getadditional, | 541 | rdataset_getadditional, | |
540 | rdataset_setadditional, | 542 | rdataset_setadditional, | |
541 | rdataset_putadditional | 543 | rdataset_putadditional, | |
544 | rdataset_settrust, | |||
545 | rdataset_expire | |||
542 | }; | 546 | }; | |
543 | 547 | |||
544 | static void rdatasetiter_destroy(dns_rdatasetiter_t **iteratorp); | 548 | static void rdatasetiter_destroy(dns_rdatasetiter_t **iteratorp); | |
545 | static isc_result_t rdatasetiter_first(dns_rdatasetiter_t *iterator); | 549 | static isc_result_t rdatasetiter_first(dns_rdatasetiter_t *iterator); | |
546 | static isc_result_t rdatasetiter_next(dns_rdatasetiter_t *iterator); | 550 | static isc_result_t rdatasetiter_next(dns_rdatasetiter_t *iterator); | |
547 | static void rdatasetiter_current(dns_rdatasetiter_t *iterator, | 551 | static void rdatasetiter_current(dns_rdatasetiter_t *iterator, | |
548 | dns_rdataset_t *rdataset); | 552 | dns_rdataset_t *rdataset); | |
549 | 553 | |||
550 | static dns_rdatasetitermethods_t rdatasetiter_methods = { | 554 | static dns_rdatasetitermethods_t rdatasetiter_methods = { | |
551 | rdatasetiter_destroy, | 555 | rdatasetiter_destroy, | |
552 | rdatasetiter_first, | 556 | rdatasetiter_first, | |
553 | rdatasetiter_next, | 557 | rdatasetiter_next, | |
554 | rdatasetiter_current | 558 | rdatasetiter_current | |
@@ -2098,26 +2102,54 @@ setnsec3parameters(dns_db_t *db, rbtdb_v | @@ -2098,26 +2102,54 @@ setnsec3parameters(dns_db_t *db, rbtdb_v | |||
2098 | if (nsec3param.hash != DNS_NSEC3_UNKNOWNALG) | 2102 | if (nsec3param.hash != DNS_NSEC3_UNKNOWNALG) | |
2099 | goto unlock; | 2103 | goto unlock; | |
2100 | } | 2104 | } | |
2101 | } | 2105 | } | |
2102 | } | 2106 | } | |
2103 | unlock: | 2107 | unlock: | |
2104 | NODE_UNLOCK(&(rbtdb->node_locks[node->locknum].lock), | 2108 | NODE_UNLOCK(&(rbtdb->node_locks[node->locknum].lock), | |
2105 | isc_rwlocktype_read); | 2109 | isc_rwlocktype_read); | |
2106 | RWUNLOCK(&rbtdb->tree_lock, isc_rwlocktype_read); | 2110 | RWUNLOCK(&rbtdb->tree_lock, isc_rwlocktype_read); | |
2107 | } | 2111 | } | |
2108 | #endif | 2112 | #endif | |
2109 | 2113 | |||
2110 | static void | 2114 | static void | |
2115 | cleanup_dead_nodes_callback(isc_task_t *task, isc_event_t *event) { | |||
2116 | dns_rbtdb_t *rbtdb = event->ev_arg; | |||
2117 | isc_boolean_t again = ISC_FALSE; | |||
2118 | unsigned int locknum; | |||
2119 | unsigned int refs; | |||
2120 | ||||
2121 | RBTDB_LOCK(&rbtdb->lock, isc_rwlocktype_write); | |||
2122 | for (locknum = 0; locknum < rbtdb->node_lock_count; locknum++) { | |||
2123 | NODE_LOCK(&rbtdb->node_locks[locknum].lock, | |||
2124 | isc_rwlocktype_write); | |||
2125 | cleanup_dead_nodes(rbtdb, locknum); | |||
2126 | if (ISC_LIST_HEAD(rbtdb->deadnodes[locknum]) != NULL) | |||
2127 | again = ISC_TRUE; | |||
2128 | NODE_UNLOCK(&rbtdb->node_locks[locknum].lock, | |||
2129 | isc_rwlocktype_write); | |||
2130 | } | |||
2131 | RBTDB_UNLOCK(&rbtdb->lock, isc_rwlocktype_write); | |||
2132 | if (again) | |||
2133 | isc_task_send(task, &event); | |||
2134 | else { | |||
2135 | isc_event_free(&event); | |||
2136 | isc_refcount_decrement(&rbtdb->references, &refs); | |||
2137 | if (refs == 0) | |||
2138 | maybe_free_rbtdb(rbtdb); | |||
2139 | } | |||
2140 | } | |||
2141 | ||||
2142 | static void | |||
2111 | closeversion(dns_db_t *db, dns_dbversion_t **versionp, isc_boolean_t commit) { | 2143 | closeversion(dns_db_t *db, dns_dbversion_t **versionp, isc_boolean_t commit) { | |
2112 | dns_rbtdb_t *rbtdb = (dns_rbtdb_t *)db; | 2144 | dns_rbtdb_t *rbtdb = (dns_rbtdb_t *)db; | |
2113 | rbtdb_version_t *version, *cleanup_version, *least_greater; | 2145 | rbtdb_version_t *version, *cleanup_version, *least_greater; | |
2114 | isc_boolean_t rollback = ISC_FALSE; | 2146 | isc_boolean_t rollback = ISC_FALSE; | |
2115 | rbtdb_changedlist_t cleanup_list; | 2147 | rbtdb_changedlist_t cleanup_list; | |
2116 | rdatasetheaderlist_t resigned_list; | 2148 | rdatasetheaderlist_t resigned_list; | |
2117 | rbtdb_changed_t *changed, *next_changed; | 2149 | rbtdb_changed_t *changed, *next_changed; | |
2118 | rbtdb_serial_t serial, least_serial; | 2150 | rbtdb_serial_t serial, least_serial; | |
2119 | dns_rbtnode_t *rbtnode; | 2151 | dns_rbtnode_t *rbtnode; | |
2120 | unsigned int refs; | 2152 | unsigned int refs; | |
2121 | rdatasetheader_t *header; | 2153 | rdatasetheader_t *header; | |
2122 | isc_boolean_t writer; | 2154 | isc_boolean_t writer; | |
2123 | 2155 | |||
@@ -2297,63 +2329,81 @@ closeversion(dns_db_t *db, dns_dbversion | @@ -2297,63 +2329,81 @@ closeversion(dns_db_t *db, dns_dbversion | |||
2297 | ISC_LIST_UNLINK(resigned_list, header, link); | 2329 | ISC_LIST_UNLINK(resigned_list, header, link); | |
2298 | 2330 | |||
2299 | lock = &rbtdb->node_locks[header->node->locknum].lock; | 2331 | lock = &rbtdb->node_locks[header->node->locknum].lock; | |
2300 | NODE_LOCK(lock, isc_rwlocktype_write); | 2332 | NODE_LOCK(lock, isc_rwlocktype_write); | |
2301 | if (rollback) | 2333 | if (rollback) | |
2302 | resign_insert(rbtdb, header->node->locknum, header); | 2334 | resign_insert(rbtdb, header->node->locknum, header); | |
2303 | decrement_reference(rbtdb, header->node, least_serial, | 2335 | decrement_reference(rbtdb, header->node, least_serial, | |
2304 | isc_rwlocktype_write, isc_rwlocktype_none, | 2336 | isc_rwlocktype_write, isc_rwlocktype_none, | |
2305 | ISC_FALSE); | 2337 | ISC_FALSE); | |
2306 | NODE_UNLOCK(lock, isc_rwlocktype_write); | 2338 | NODE_UNLOCK(lock, isc_rwlocktype_write); | |
2307 | } | 2339 | } | |
2308 | 2340 | |||
2309 | if (!EMPTY(cleanup_list)) { | 2341 | if (!EMPTY(cleanup_list)) { | |
2310 | /* | 2342 | isc_event_t *event = NULL; | |
2311 | * We acquire a tree write lock here in order to make sure | 2343 | isc_rwlocktype_t tlock = isc_rwlocktype_none; | |
2312 | * that stale nodes will be removed in decrement_reference(). | 2344 | ||
2313 | * If we didn't have the lock, those nodes could miss the | 2345 | if (rbtdb->task != NULL) | |
2314 | * chance to be removed until the server stops. The write lock | 2346 | event = isc_event_allocate(rbtdb->common.mctx, NULL, | |
2315 | * is expensive, but this event should be rare enough to justify | 2347 | DNS_EVENT_RBTDEADNODES, | |
2316 | * the cost. | 2348 | cleanup_dead_nodes_callback, | |
2317 | */ | 2349 | rbtdb, sizeof(isc_event_t)); | |
2318 | RWLOCK(&rbtdb->tree_lock, isc_rwlocktype_write); | 2350 | if (event == NULL) { | |
2351 | /* | |||
2352 | * We acquire a tree write lock here in order to make | |||
2353 | * sure that stale nodes will be removed in | |||
2354 | * decrement_reference(). If we didn't have the lock, | |||
2355 | * those nodes could miss the chance to be removed | |||
2356 | * until the server stops. The write lock is | |||
2357 | * expensive, but this event should be rare enough | |||
2358 | * to justify the cost. | |||
2359 | */ | |||
2360 | RWLOCK(&rbtdb->tree_lock, isc_rwlocktype_write); | |||
2361 | tlock = isc_rwlocktype_write; | |||
2362 | } | |||
2363 | ||||
2319 | for (changed = HEAD(cleanup_list); | 2364 | for (changed = HEAD(cleanup_list); | |
2320 | changed != NULL; | 2365 | changed != NULL; | |
2321 | changed = next_changed) { | 2366 | changed = next_changed) { | |
2322 | nodelock_t *lock; | 2367 | nodelock_t *lock; | |
2323 | 2368 | |||
2324 | next_changed = NEXT(changed, link); | 2369 | next_changed = NEXT(changed, link); | |
2325 | rbtnode = changed->node; | 2370 | rbtnode = changed->node; | |
2326 | lock = &rbtdb->node_locks[rbtnode->locknum].lock; | 2371 | lock = &rbtdb->node_locks[rbtnode->locknum].lock; | |
2327 | 2372 | |||
2328 | NODE_LOCK(lock, isc_rwlocktype_write); | 2373 | NODE_LOCK(lock, isc_rwlocktype_write); | |
2329 | /* | 2374 | /* | |
2330 | * This is a good opportunity to purge any dead nodes, | 2375 | * This is a good opportunity to purge any dead nodes, | |
2331 | * so use it. | 2376 | * so use it. | |
2332 | */ | 2377 | */ | |
2333 | cleanup_dead_nodes(rbtdb, rbtnode->locknum); | 2378 | if (event == NULL) | |
2379 | cleanup_dead_nodes(rbtdb, rbtnode->locknum); | |||
2334 | 2380 | |||
2335 | if (rollback) | 2381 | if (rollback) | |
2336 | rollback_node(rbtnode, serial); | 2382 | rollback_node(rbtnode, serial); | |
2337 | decrement_reference(rbtdb, rbtnode, least_serial, | 2383 | decrement_reference(rbtdb, rbtnode, least_serial, | |
2338 | isc_rwlocktype_write, | 2384 | isc_rwlocktype_write, tlock, | |
2339 | isc_rwlocktype_write, ISC_FALSE); | 2385 | ISC_FALSE); | |
2340 | 2386 | |||
2341 | NODE_UNLOCK(lock, isc_rwlocktype_write); | 2387 | NODE_UNLOCK(lock, isc_rwlocktype_write); | |
2342 | 2388 | |||
2343 | isc_mem_put(rbtdb->common.mctx, changed, | 2389 | isc_mem_put(rbtdb->common.mctx, changed, | |
2344 | sizeof(*changed)); | 2390 | sizeof(*changed)); | |
2345 | } | 2391 | } | |
2346 | RWUNLOCK(&rbtdb->tree_lock, isc_rwlocktype_write); | 2392 | if (event != NULL) { | |
2393 | isc_refcount_increment(&rbtdb->references, NULL); | |||
2394 | isc_task_send(rbtdb->task, &event); | |||
2395 | } else | |||
2396 | RWUNLOCK(&rbtdb->tree_lock, isc_rwlocktype_write); | |||
2347 | } | 2397 | } | |
2348 | 2398 | |||
2349 | end: | 2399 | end: | |
2350 | *versionp = NULL; | 2400 | *versionp = NULL; | |
2351 | } | 2401 | } | |
2352 | 2402 | |||
2353 | /* | 2403 | /* | |
2354 | * Add the necessary magic for the wildcard name 'name' | 2404 | * Add the necessary magic for the wildcard name 'name' | |
2355 | * to be found in 'rbtdb'. | 2405 | * to be found in 'rbtdb'. | |
2356 | * | 2406 | * | |
2357 | * In order for wildcard matching to work correctly in | 2407 | * In order for wildcard matching to work correctly in | |
2358 | * zone_find(), we must ensure that a node for the wildcarding | 2408 | * zone_find(), we must ensure that a node for the wildcarding | |
2359 | * level exists in the database, and has its 'find_callback' | 2409 | * level exists in the database, and has its 'find_callback' | |
@@ -2369,27 +2419,28 @@ add_wildcard_magic(dns_rbtdb_t *rbtdb, d | @@ -2369,27 +2419,28 @@ add_wildcard_magic(dns_rbtdb_t *rbtdb, d | |||
2369 | dns_name_t foundname; | 2419 | dns_name_t foundname; | |
2370 | dns_offsets_t offsets; | 2420 | dns_offsets_t offsets; | |
2371 | unsigned int n; | 2421 | unsigned int n; | |
2372 | dns_rbtnode_t *node = NULL; | 2422 | dns_rbtnode_t *node = NULL; | |
2373 | 2423 | |||
2374 | dns_name_init(&foundname, offsets); | 2424 | dns_name_init(&foundname, offsets); | |
2375 | n = dns_name_countlabels(name); | 2425 | n = dns_name_countlabels(name); | |
2376 | INSIST(n >= 2); | 2426 | INSIST(n >= 2); | |
2377 | n--; | 2427 | n--; | |
2378 | dns_name_getlabelsequence(name, 1, n, &foundname); | 2428 | dns_name_getlabelsequence(name, 1, n, &foundname); | |
2379 | result = dns_rbt_addnode(rbtdb->tree, &foundname, &node); | 2429 | result = dns_rbt_addnode(rbtdb->tree, &foundname, &node); | |
2380 | if (result != ISC_R_SUCCESS && result != ISC_R_EXISTS) | 2430 | if (result != ISC_R_SUCCESS && result != ISC_R_EXISTS) | |
2381 | return (result); | 2431 | return (result); | |
2382 | node->nsec = DNS_RBT_NSEC_NORMAL; | 2432 | if (result == ISC_R_SUCCESS) | |
2433 | node->nsec = DNS_RBT_NSEC_NORMAL; | |||
2383 | node->find_callback = 1; | 2434 | node->find_callback = 1; | |
2384 | node->wild = 1; | 2435 | node->wild = 1; | |
2385 | return (ISC_R_SUCCESS); | 2436 | return (ISC_R_SUCCESS); | |
2386 | } | 2437 | } | |
2387 | 2438 | |||
2388 | static isc_result_t | 2439 | static isc_result_t | |
2389 | add_empty_wildcards(dns_rbtdb_t *rbtdb, dns_name_t *name) { | 2440 | add_empty_wildcards(dns_rbtdb_t *rbtdb, dns_name_t *name) { | |
2390 | isc_result_t result; | 2441 | isc_result_t result; | |
2391 | dns_name_t foundname; | 2442 | dns_name_t foundname; | |
2392 | dns_offsets_t offsets; | 2443 | dns_offsets_t offsets; | |
2393 | unsigned int n, l, i; | 2444 | unsigned int n, l, i; | |
2394 | 2445 | |||
2395 | dns_name_init(&foundname, offsets); | 2446 | dns_name_init(&foundname, offsets); | |
@@ -2397,27 +2448,28 @@ add_empty_wildcards(dns_rbtdb_t *rbtdb, | @@ -2397,27 +2448,28 @@ add_empty_wildcards(dns_rbtdb_t *rbtdb, | |||
2397 | l = dns_name_countlabels(&rbtdb->common.origin); | 2448 | l = dns_name_countlabels(&rbtdb->common.origin); | |
2398 | i = l + 1; | 2449 | i = l + 1; | |
2399 | while (i < n) { | 2450 | while (i < n) { | |
2400 | dns_rbtnode_t *node = NULL; /* dummy */ | 2451 | dns_rbtnode_t *node = NULL; /* dummy */ | |
2401 | dns_name_getlabelsequence(name, n - i, i, &foundname); | 2452 | dns_name_getlabelsequence(name, n - i, i, &foundname); | |
2402 | if (dns_name_iswildcard(&foundname)) { | 2453 | if (dns_name_iswildcard(&foundname)) { | |
2403 | result = add_wildcard_magic(rbtdb, &foundname); | 2454 | result = add_wildcard_magic(rbtdb, &foundname); | |
2404 | if (result != ISC_R_SUCCESS) | 2455 | if (result != ISC_R_SUCCESS) | |
2405 | return (result); | 2456 | return (result); | |
2406 | result = dns_rbt_addnode(rbtdb->tree, &foundname, | 2457 | result = dns_rbt_addnode(rbtdb->tree, &foundname, | |
2407 | &node); | 2458 | &node); | |
2408 | if (result != ISC_R_SUCCESS && result != ISC_R_EXISTS) | 2459 | if (result != ISC_R_SUCCESS && result != ISC_R_EXISTS) | |
2409 | return (result); | 2460 | return (result); | |
2410 | node->nsec = DNS_RBT_NSEC_NORMAL; | 2461 | if (result == ISC_R_SUCCESS) | |
2462 | node->nsec = DNS_RBT_NSEC_NORMAL; | |||
2411 | } | 2463 | } | |
2412 | i++; | 2464 | i++; | |
2413 | } | 2465 | } | |
2414 | return (ISC_R_SUCCESS); | 2466 | return (ISC_R_SUCCESS); | |
2415 | } | 2467 | } | |
2416 | 2468 | |||
2417 | static isc_result_t | 2469 | static isc_result_t | |
2418 | findnode(dns_db_t *db, dns_name_t *name, isc_boolean_t create, | 2470 | findnode(dns_db_t *db, dns_name_t *name, isc_boolean_t create, | |
2419 | dns_dbnode_t **nodep) | 2471 | dns_dbnode_t **nodep) | |
2420 | { | 2472 | { | |
2421 | dns_rbtdb_t *rbtdb = (dns_rbtdb_t *)db; | 2473 | dns_rbtdb_t *rbtdb = (dns_rbtdb_t *)db; | |
2422 | dns_rbtnode_t *node = NULL; | 2474 | dns_rbtnode_t *node = NULL; | |
2423 | dns_name_t nodename; | 2475 | dns_name_t nodename; | |
@@ -3227,28 +3279,36 @@ matchparams(rdatasetheader_t *header, rb | @@ -3227,28 +3279,36 @@ matchparams(rdatasetheader_t *header, rb | |||
3227 | } | 3279 | } | |
3228 | 3280 | |||
3229 | static inline isc_result_t | 3281 | static inline isc_result_t | |
3230 | previous_closest_nsec(dns_rdatatype_t type, rbtdb_search_t *search, | 3282 | previous_closest_nsec(dns_rdatatype_t type, rbtdb_search_t *search, | |
3231 | dns_name_t *name, dns_name_t *origin, | 3283 | dns_name_t *name, dns_name_t *origin, | |
3232 | dns_rbtnode_t **nodep, dns_rbtnodechain_t *nsecchain, | 3284 | dns_rbtnode_t **nodep, dns_rbtnodechain_t *nsecchain, | |
3233 | isc_boolean_t *firstp) | 3285 | isc_boolean_t *firstp) | |
3234 | { | 3286 | { | |
3235 | dns_fixedname_t ftarget; | 3287 | dns_fixedname_t ftarget; | |
3236 | dns_name_t *target; | 3288 | dns_name_t *target; | |
3237 | dns_rbtnode_t *nsecnode; | 3289 | dns_rbtnode_t *nsecnode; | |
3238 | isc_result_t result; | 3290 | isc_result_t result; | |
3239 | 3291 | |||
3240 | if (type == dns_rdatatype_nsec3) | 3292 | if (type == dns_rdatatype_nsec3) { | |
3241 | return (dns_rbtnodechain_prev(&search->chain, NULL, NULL)); | 3293 | result = dns_rbtnodechain_prev(&search->chain, NULL, NULL); | |
3294 | if (result != ISC_R_SUCCESS && result != DNS_R_NEWORIGIN) | |||
3295 | return (result); | |||
3296 | result = dns_rbtnodechain_current(&search->chain, name, origin, | |||
3297 | nodep); | |||
3298 | if (result != ISC_R_SUCCESS) | |||
3299 | return (result); | |||
3300 | return (ISC_R_SUCCESS); | |||
3301 | } | |||
3242 | 3302 | |||
3243 | dns_fixedname_init(&ftarget); | 3303 | dns_fixedname_init(&ftarget); | |
3244 | target = dns_fixedname_name(&ftarget); | 3304 | target = dns_fixedname_name(&ftarget); | |
3245 | 3305 | |||
3246 | for (;;) { | 3306 | for (;;) { | |
3247 | if (*firstp) { | 3307 | if (*firstp) { | |
3248 | /* | 3308 | /* | |
3249 | * Construct the name of the second node to check. | 3309 | * Construct the name of the second node to check. | |
3250 | * It is the first node sought in the NSEC tree. | 3310 | * It is the first node sought in the NSEC tree. | |
3251 | */ | 3311 | */ | |
3252 | *firstp = ISC_FALSE; | 3312 | *firstp = ISC_FALSE; | |
3253 | dns_rbtnodechain_init(nsecchain, NULL); | 3313 | dns_rbtnodechain_init(nsecchain, NULL); | |
3254 | result = dns_name_concatenate(name, origin, | 3314 | result = dns_name_concatenate(name, origin, | |
@@ -4662,27 +4722,27 @@ cache_find(dns_db_t *db, dns_name_t *nam | @@ -4662,27 +4722,27 @@ cache_find(dns_db_t *db, dns_name_t *nam | |||
4662 | /* | 4722 | /* | |
4663 | * We have an exact match for the name, but there are no | 4723 | * We have an exact match for the name, but there are no | |
4664 | * extant rdatasets. That means that this node doesn't | 4724 | * extant rdatasets. That means that this node doesn't | |
4665 | * meaningfully exist, and that we really have a partial match. | 4725 | * meaningfully exist, and that we really have a partial match. | |
4666 | */ | 4726 | */ | |
4667 | NODE_UNLOCK(lock, locktype); | 4727 | NODE_UNLOCK(lock, locktype); | |
4668 | goto find_ns; | 4728 | goto find_ns; | |
4669 | } | 4729 | } | |
4670 | 4730 | |||
4671 | /* | 4731 | /* | |
4672 | * If we didn't find what we were looking for... | 4732 | * If we didn't find what we were looking for... | |
4673 | */ | 4733 | */ | |
4674 | if (found == NULL || | 4734 | if (found == NULL || | |
4675 | (found->trust == dns_trust_additional && | 4735 | (DNS_TRUST_ADDITIONAL(found->trust) && | |
4676 | ((options & DNS_DBFIND_ADDITIONALOK) == 0)) || | 4736 | ((options & DNS_DBFIND_ADDITIONALOK) == 0)) || | |
4677 | (found->trust == dns_trust_glue && | 4737 | (found->trust == dns_trust_glue && | |
4678 | ((options & DNS_DBFIND_GLUEOK) == 0)) || | 4738 | ((options & DNS_DBFIND_GLUEOK) == 0)) || | |
4679 | (DNS_TRUST_PENDING(found->trust) && | 4739 | (DNS_TRUST_PENDING(found->trust) && | |
4680 | ((options & DNS_DBFIND_PENDINGOK) == 0))) { | 4740 | ((options & DNS_DBFIND_PENDINGOK) == 0))) { | |
4681 | /* | 4741 | /* | |
4682 | * If there is an NS rdataset at this node, then this is the | 4742 | * If there is an NS rdataset at this node, then this is the | |
4683 | * deepest zone cut. | 4743 | * deepest zone cut. | |
4684 | */ | 4744 | */ | |
4685 | if (nsheader != NULL) { | 4745 | if (nsheader != NULL) { | |
4686 | if (nodep != NULL) { | 4746 | if (nodep != NULL) { | |
4687 | new_reference(search.rbtdb, node); | 4747 | new_reference(search.rbtdb, node); | |
4688 | INSIST(!ISC_LINK_LINKED(node, deadlink)); | 4748 | INSIST(!ISC_LINK_LINKED(node, deadlink)); | |
@@ -5746,26 +5806,27 @@ add(dns_rbtdb_t *rbtdb, dns_rbtnode_t *r | @@ -5746,26 +5806,27 @@ add(dns_rbtdb_t *rbtdb, dns_rbtnode_t *r | |||
5746 | flags, &merged); | 5806 | flags, &merged); | |
5747 | if (result == ISC_R_SUCCESS) { | 5807 | if (result == ISC_R_SUCCESS) { | |
5748 | /* | 5808 | /* | |
5749 | * If 'header' has the same serial number as | 5809 | * If 'header' has the same serial number as | |
5750 | * we do, we could clean it up now if we knew | 5810 | * we do, we could clean it up now if we knew | |
5751 | * that our caller had no references to it. | 5811 | * that our caller had no references to it. | |
5752 | * We don't know this, however, so we leave it | 5812 | * We don't know this, however, so we leave it | |
5753 | * alone. It will get cleaned up when | 5813 | * alone. It will get cleaned up when | |
5754 | * clean_zone_node() runs. | 5814 | * clean_zone_node() runs. | |
5755 | */ | 5815 | */ | |
5756 | free_rdataset(rbtdb, rbtdb->common.mctx, | 5816 | free_rdataset(rbtdb, rbtdb->common.mctx, | |
5757 | newheader); | 5817 | newheader); | |
5758 | newheader = (rdatasetheader_t *)merged; | 5818 | newheader = (rdatasetheader_t *)merged; | |
5819 | init_rdataset(rbtdb, newheader); | |||
5759 | if (loading && RESIGN(newheader) && | 5820 | if (loading && RESIGN(newheader) && | |
5760 | RESIGN(header) && | 5821 | RESIGN(header) && | |
5761 | header->resign < newheader->resign) | 5822 | header->resign < newheader->resign) | |
5762 | newheader->resign = header->resign; | 5823 | newheader->resign = header->resign; | |
5763 | } else { | 5824 | } else { | |
5764 | free_rdataset(rbtdb, rbtdb->common.mctx, | 5825 | free_rdataset(rbtdb, rbtdb->common.mctx, | |
5765 | newheader); | 5826 | newheader); | |
5766 | return (result); | 5827 | return (result); | |
5767 | } | 5828 | } | |
5768 | } | 5829 | } | |
5769 | /* | 5830 | /* | |
5770 | * Don't replace existing NS, A and AAAA RRsets | 5831 | * Don't replace existing NS, A and AAAA RRsets | |
5771 | * in the cache if they are already exist. This | 5832 | * in the cache if they are already exist. This | |
@@ -6496,45 +6557,45 @@ loadnode(dns_rbtdb_t *rbtdb, dns_name_t | @@ -6496,45 +6557,45 @@ loadnode(dns_rbtdb_t *rbtdb, dns_name_t | |||
6496 | { | 6557 | { | |
6497 | isc_result_t noderesult, nsecresult; | 6558 | isc_result_t noderesult, nsecresult; | |
6498 | dns_rbtnode_t *nsecnode; | 6559 | dns_rbtnode_t *nsecnode; | |
6499 | 6560 | |||
6500 | noderesult = dns_rbt_addnode(rbtdb->tree, name, nodep); | 6561 | noderesult = dns_rbt_addnode(rbtdb->tree, name, nodep); | |
6501 | if (!hasnsec) | 6562 | if (!hasnsec) | |
6502 | return (noderesult); | 6563 | return (noderesult); | |
6503 | if (noderesult == ISC_R_EXISTS) { | 6564 | if (noderesult == ISC_R_EXISTS) { | |
6504 | /* | 6565 | /* | |
6505 | * Add a node to the auxiliary NSEC tree for an old node | 6566 | * Add a node to the auxiliary NSEC tree for an old node | |
6506 | * just now getting an NSEC record. | 6567 | * just now getting an NSEC record. | |
6507 | */ | 6568 | */ | |
6508 | if ((*nodep)->nsec == DNS_RBT_NSEC_HAS_NSEC) | 6569 | if ((*nodep)->nsec == DNS_RBT_NSEC_HAS_NSEC) | |
6509 | return noderesult; | 6570 | return (noderesult); | |
6510 | } else if (noderesult != ISC_R_SUCCESS) { | 6571 | } else if (noderesult != ISC_R_SUCCESS) { | |
6511 | return (noderesult); | 6572 | return (noderesult); | |
6512 | } | 6573 | } | |
6513 | 6574 | |||
6514 | /* | 6575 | /* | |
6515 | * Build the auxiliary tree for NSECs as we go. | 6576 | * Build the auxiliary tree for NSECs as we go. | |
6516 | * This tree speeds searches for closest NSECs that would otherwise | 6577 | * This tree speeds searches for closest NSECs that would otherwise | |
6517 | * need to examine many irrelevant nodes in large TLDs. | 6578 | * need to examine many irrelevant nodes in large TLDs. | |
6518 | * | 6579 | * | |
6519 | * Add nodes to the auxiliary tree after corresponding nodes have | 6580 | * Add nodes to the auxiliary tree after corresponding nodes have | |
6520 | * been added to the main tree. | 6581 | * been added to the main tree. | |
6521 | */ | 6582 | */ | |
6522 | nsecnode = NULL; | 6583 | nsecnode = NULL; | |
6523 | nsecresult = dns_rbt_addnode(rbtdb->nsec, name, &nsecnode); | 6584 | nsecresult = dns_rbt_addnode(rbtdb->nsec, name, &nsecnode); | |
6524 | if (nsecresult == ISC_R_SUCCESS) { | 6585 | if (nsecresult == ISC_R_SUCCESS) { | |
6525 | nsecnode->nsec = DNS_RBT_NSEC_NSEC; | 6586 | nsecnode->nsec = DNS_RBT_NSEC_NSEC; | |
6526 | (*nodep)->nsec = DNS_RBT_NSEC_HAS_NSEC; | 6587 | (*nodep)->nsec = DNS_RBT_NSEC_HAS_NSEC; | |
6527 | return (ISC_R_SUCCESS); | 6588 | return (noderesult); | |
6528 | } | 6589 | } | |
6529 | 6590 | |||
6530 | if (nsecresult == ISC_R_EXISTS) { | 6591 | if (nsecresult == ISC_R_EXISTS) { | |
6531 | #if 1 /* 0 */ | 6592 | #if 1 /* 0 */ | |
6532 | isc_log_write(dns_lctx, | 6593 | isc_log_write(dns_lctx, | |
6533 | DNS_LOGCATEGORY_DATABASE, | 6594 | DNS_LOGCATEGORY_DATABASE, | |
6534 | DNS_LOGMODULE_CACHE, | 6595 | DNS_LOGMODULE_CACHE, | |
6535 | ISC_LOG_WARNING, | 6596 | ISC_LOG_WARNING, | |
6536 | "addnode: NSEC node already exists"); | 6597 | "addnode: NSEC node already exists"); | |
6537 | #endif | 6598 | #endif | |
6538 | (*nodep)->nsec = DNS_RBT_NSEC_HAS_NSEC; | 6599 | (*nodep)->nsec = DNS_RBT_NSEC_HAS_NSEC; | |
6539 | return (noderesult); | 6600 | return (noderesult); | |
6540 | } | 6601 | } | |
@@ -6916,67 +6977,75 @@ setsigningtime(dns_db_t *db, dns_rdatase | @@ -6916,67 +6977,75 @@ setsigningtime(dns_db_t *db, dns_rdatase | |||
6916 | isc_rwlocktype_write); | 6977 | isc_rwlocktype_write); | |
6917 | 6978 | |||
6918 | oldresign = header->resign; | 6979 | oldresign = header->resign; | |
6919 | header->resign = resign; | 6980 | header->resign = resign; | |
6920 | if (header->heap_index != 0) { | 6981 | if (header->heap_index != 0) { | |
6921 | INSIST(RESIGN(header)); | 6982 | INSIST(RESIGN(header)); | |
6922 | if (resign == 0) { | 6983 | if (resign == 0) { | |
6923 | isc_heap_delete(rbtdb->heaps[header->node->locknum], | 6984 | isc_heap_delete(rbtdb->heaps[header->node->locknum], | |
6924 | header->heap_index); | 6985 | header->heap_index); | |
6925 | header->heap_index = 0; | 6986 | header->heap_index = 0; | |
6926 | } else if (resign < oldresign) | 6987 | } else if (resign < oldresign) | |
6927 | isc_heap_increased(rbtdb->heaps[header->node->locknum], | 6988 | isc_heap_increased(rbtdb->heaps[header->node->locknum], | |
6928 | header->heap_index); | 6989 | header->heap_index); | |
6929 | else | 6990 | else if (resign > oldresign) | |
6930 | isc_heap_decreased(rbtdb->heaps[header->node->locknum], | 6991 | isc_heap_decreased(rbtdb->heaps[header->node->locknum], | |
6931 | header->heap_index); | 6992 | header->heap_index); | |
6932 | } else if (resign && header->heap_index == 0) { | 6993 | } else if (resign && header->heap_index == 0) { | |
6933 | header->attributes |= RDATASET_ATTR_RESIGN; | 6994 | header->attributes |= RDATASET_ATTR_RESIGN; | |
6934 | result = resign_insert(rbtdb, header->node->locknum, header); | 6995 | result = resign_insert(rbtdb, header->node->locknum, header); | |
6935 | } | 6996 | } | |
6936 | NODE_UNLOCK(&rbtdb->node_locks[header->node->locknum].lock, | 6997 | NODE_UNLOCK(&rbtdb->node_locks[header->node->locknum].lock, | |
6937 | isc_rwlocktype_write); | 6998 | isc_rwlocktype_write); | |
6938 | return (result); | 6999 | return (result); | |
6939 | } | 7000 | } | |
6940 | 7001 | |||
6941 | static isc_result_t | 7002 | static isc_result_t | |
6942 | getsigningtime(dns_db_t *db, dns_rdataset_t *rdataset, | 7003 | getsigningtime(dns_db_t *db, dns_rdataset_t *rdataset, | |
6943 | dns_name_t *foundname) | 7004 | dns_name_t *foundname) | |
6944 | { | 7005 | { | |
6945 | dns_rbtdb_t *rbtdb = (dns_rbtdb_t *)db; | 7006 | dns_rbtdb_t *rbtdb = (dns_rbtdb_t *)db; | |
6946 | rdatasetheader_t *header = NULL, *this; | 7007 | rdatasetheader_t *header = NULL, *this; | |
6947 | unsigned int i; | 7008 | unsigned int i; | |
6948 | isc_result_t result = ISC_R_NOTFOUND; | 7009 | isc_result_t result = ISC_R_NOTFOUND; | |
7010 | unsigned int locknum; | |||
6949 | 7011 | |||
6950 | REQUIRE(VALID_RBTDB(rbtdb)); | 7012 | REQUIRE(VALID_RBTDB(rbtdb)); | |
6951 | 7013 | |||
6952 | RBTDB_LOCK(&rbtdb->lock, isc_rwlocktype_read); | 7014 | RBTDB_LOCK(&rbtdb->lock, isc_rwlocktype_read); | |
6953 | 7015 | |||
6954 | for (i = 0; i < rbtdb->node_lock_count; i++) { | 7016 | for (i = 0; i < rbtdb->node_lock_count; i++) { | |
7017 | NODE_LOCK(&rbtdb->node_locks[i].lock, isc_rwlocktype_read); | |||
6955 | this = isc_heap_element(rbtdb->heaps[i], 1); | 7018 | this = isc_heap_element(rbtdb->heaps[i], 1); | |
6956 | if (this == NULL) | 7019 | if (this == NULL) { | |
7020 | NODE_UNLOCK(&rbtdb->node_locks[i].lock, | |||
7021 | isc_rwlocktype_read); | |||
6957 | continue; | 7022 | continue; | |
7023 | } | |||
6958 | if (header == NULL) | 7024 | if (header == NULL) | |
6959 | header = this; | 7025 | header = this; | |
6960 | else if (isc_serial_lt(this->resign, header->resign)) | 7026 | else if (isc_serial_lt(this->resign, header->resign)) { | |
7027 | locknum = header->node->locknum; | |||
7028 | NODE_UNLOCK(&rbtdb->node_locks[locknum].lock, | |||
7029 | isc_rwlocktype_read); | |||
6961 | header = this; | 7030 | header = this; | |
7031 | } else | |||
7032 | NODE_UNLOCK(&rbtdb->node_locks[i].lock, | |||
7033 | isc_rwlocktype_read); | |||
6962 | } | 7034 | } | |
6963 | 7035 | |||
6964 | if (header == NULL) | 7036 | if (header == NULL) | |
6965 | goto unlock; | 7037 | goto unlock; | |
6966 | 7038 | |||
6967 | NODE_LOCK(&rbtdb->node_locks[header->node->locknum].lock, | |||
6968 | isc_rwlocktype_read); | |||
6969 | ||||
6970 | bind_rdataset(rbtdb, header->node, header, 0, rdataset); | 7039 | bind_rdataset(rbtdb, header->node, header, 0, rdataset); | |
6971 | 7040 | |||
6972 | if (foundname != NULL) | 7041 | if (foundname != NULL) | |
6973 | dns_rbt_fullnamefromnode(header->node, foundname); | 7042 | dns_rbt_fullnamefromnode(header->node, foundname); | |
6974 | 7043 | |||
6975 | NODE_UNLOCK(&rbtdb->node_locks[header->node->locknum].lock, | 7044 | NODE_UNLOCK(&rbtdb->node_locks[header->node->locknum].lock, | |
6976 | isc_rwlocktype_read); | 7045 | isc_rwlocktype_read); | |
6977 | 7046 | |||
6978 | result = ISC_R_SUCCESS; | 7047 | result = ISC_R_SUCCESS; | |
6979 | 7048 | |||
6980 | unlock: | 7049 | unlock: | |
6981 | RBTDB_UNLOCK(&rbtdb->lock, isc_rwlocktype_read); | 7050 | RBTDB_UNLOCK(&rbtdb->lock, isc_rwlocktype_read); | |
6982 | 7051 | |||
@@ -7635,26 +7704,54 @@ rdataset_getclosest(dns_rdataset_t *rdat | @@ -7635,26 +7704,54 @@ rdataset_getclosest(dns_rdataset_t *rdat | |||
7635 | nsecsig->private1 = rdataset->private1; | 7704 | nsecsig->private1 = rdataset->private1; | |
7636 | nsecsig->private2 = rdataset->private2; | 7705 | nsecsig->private2 = rdataset->private2; | |
7637 | nsecsig->private3 = closest->negsig; | 7706 | nsecsig->private3 = closest->negsig; | |
7638 | nsecsig->privateuint4 = 0; | 7707 | nsecsig->privateuint4 = 0; | |
7639 | nsecsig->private5 = NULL; | 7708 | nsecsig->private5 = NULL; | |
7640 | nsec->private6 = NULL; | 7709 | nsec->private6 = NULL; | |
7641 | nsec->private7 = NULL; | 7710 | nsec->private7 = NULL; | |
7642 | 7711 | |||
7643 | dns_name_clone(&closest->name, name); | 7712 | dns_name_clone(&closest->name, name); | |
7644 | 7713 | |||
7645 | return (ISC_R_SUCCESS); | 7714 | return (ISC_R_SUCCESS); | |
7646 | } | 7715 | } | |
7647 | 7716 | |||
7717 | static void | |||
7718 | rdataset_settrust(dns_rdataset_t *rdataset, dns_trust_t trust) { | |||
7719 | dns_rbtdb_t *rbtdb = rdataset->private1; | |||
7720 | dns_rbtnode_t *rbtnode = rdataset->private2; | |||
7721 | rdatasetheader_t *header = rdataset->private3; | |||
7722 | ||||
7723 | header--; | |||
7724 | NODE_LOCK(&rbtdb->node_locks[rbtnode->locknum].lock, | |||
7725 | isc_rwlocktype_write); | |||
7726 | header->trust = rdataset->trust = trust; | |||
7727 | NODE_UNLOCK(&rbtdb->node_locks[rbtnode->locknum].lock, | |||
7728 | isc_rwlocktype_write); | |||
7729 | } | |||
7730 | ||||
7731 | static void | |||
7732 | rdataset_expire(dns_rdataset_t *rdataset) { | |||
7733 | dns_rbtdb_t *rbtdb = rdataset->private1; | |||
7734 | dns_rbtnode_t *rbtnode = rdataset->private2; | |||
7735 | rdatasetheader_t *header = rdataset->private3; | |||
7736 | ||||
7737 | header--; | |||
7738 | NODE_LOCK(&rbtdb->node_locks[rbtnode->locknum].lock, | |||
7739 | isc_rwlocktype_write); | |||
7740 | expire_header(rbtdb, header, ISC_FALSE); | |||
7741 | NODE_UNLOCK(&rbtdb->node_locks[rbtnode->locknum].lock, | |||
7742 | isc_rwlocktype_write); | |||
7743 | } | |||
7744 | ||||
7648 | /* | 7745 | /* | |
7649 | * Rdataset Iterator Methods | 7746 | * Rdataset Iterator Methods | |
7650 | */ | 7747 | */ | |
7651 | 7748 | |||
7652 | static void | 7749 | static void | |
7653 | rdatasetiter_destroy(dns_rdatasetiter_t **iteratorp) { | 7750 | rdatasetiter_destroy(dns_rdatasetiter_t **iteratorp) { | |
7654 | rbtdb_rdatasetiter_t *rbtiterator; | 7751 | rbtdb_rdatasetiter_t *rbtiterator; | |
7655 | 7752 | |||
7656 | rbtiterator = (rbtdb_rdatasetiter_t *)(*iteratorp); | 7753 | rbtiterator = (rbtdb_rdatasetiter_t *)(*iteratorp); | |
7657 | 7754 | |||
7658 | if (rbtiterator->common.version != NULL) | 7755 | if (rbtiterator->common.version != NULL) | |
7659 | closeversion(rbtiterator->common.db, | 7756 | closeversion(rbtiterator->common.db, | |
7660 | &rbtiterator->common.version, ISC_FALSE); | 7757 | &rbtiterator->common.version, ISC_FALSE); |
--- src/external/bsd/bind/dist/lib/dns/Attic/resolver.c 2009/12/26 23:08:22 1.5
+++ src/external/bsd/bind/dist/lib/dns/Attic/resolver.c 2010/08/06 10:58:12 1.6
@@ -1,33 +1,33 @@ | @@ -1,33 +1,33 @@ | |||
1 | /* $NetBSD: resolver.c,v 1.5 2009/12/26 23:08:22 christos Exp $ */ | 1 | /* $NetBSD: resolver.c,v 1.6 2010/08/06 10:58:12 christos Exp $ */ | |
2 | 2 | |||
3 | /* | 3 | /* | |
4 | * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") | 4 | * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") | |
5 | * Copyright (C) 1999-2003 Internet Software Consortium. | 5 | * Copyright (C) 1999-2003 Internet Software Consortium. | |
6 | * | 6 | * | |
7 | * Permission to use, copy, modify, and/or distribute this software for any | 7 | * Permission to use, copy, modify, and/or distribute this software for any | |
8 | * purpose with or without fee is hereby granted, provided that the above | 8 | * purpose with or without fee is hereby granted, provided that the above | |
9 | * copyright notice and this permission notice appear in all copies. | 9 | * copyright notice and this permission notice appear in all copies. | |
10 | * | 10 | * | |
11 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | 11 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | |
12 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | 12 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | |
13 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | 13 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | |
14 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | 14 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | |
15 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | 15 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | |
16 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | 16 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | |
17 | * PERFORMANCE OF THIS SOFTWARE. | 17 | * PERFORMANCE OF THIS SOFTWARE. | |
18 | */ | 18 | */ | |
19 | 19 | |||
20 | /* Id: resolver.c,v 1.413 2009/11/18 23:48:07 tbox Exp */ | 20 | /* Id: resolver.c,v 1.413.14.11 2010/07/11 00:12:18 each Exp */ | |
21 | 21 | |||
22 | /*! \file */ | 22 | /*! \file */ | |
23 | 23 | |||
24 | #include <config.h> | 24 | #include <config.h> | |
25 | 25 | |||
26 | #include <isc/platform.h> | 26 | #include <isc/platform.h> | |
27 | #include <isc/print.h> | 27 | #include <isc/print.h> | |
28 | #include <isc/string.h> | 28 | #include <isc/string.h> | |
29 | #include <isc/random.h> | 29 | #include <isc/random.h> | |
30 | #include <isc/task.h> | 30 | #include <isc/task.h> | |
31 | #include <isc/stats.h> | 31 | #include <isc/stats.h> | |
32 | #include <isc/timer.h> | 32 | #include <isc/timer.h> | |
33 | #include <isc/util.h> | 33 | #include <isc/util.h> | |
@@ -195,26 +195,27 @@ struct fetchctx { | @@ -195,26 +195,27 @@ struct fetchctx { | |||
195 | dns_message_t * rmessage; | 195 | dns_message_t * rmessage; | |
196 | ISC_LIST(resquery_t) queries; | 196 | ISC_LIST(resquery_t) queries; | |
197 | dns_adbfindlist_t finds; | 197 | dns_adbfindlist_t finds; | |
198 | dns_adbfind_t * find; | 198 | dns_adbfind_t * find; | |
199 | dns_adbfindlist_t altfinds; | 199 | dns_adbfindlist_t altfinds; | |
200 | dns_adbfind_t * altfind; | 200 | dns_adbfind_t * altfind; | |
201 | dns_adbaddrinfolist_t forwaddrs; | 201 | dns_adbaddrinfolist_t forwaddrs; | |
202 | dns_adbaddrinfolist_t altaddrs; | 202 | dns_adbaddrinfolist_t altaddrs; | |
203 | isc_sockaddrlist_t forwarders; | 203 | isc_sockaddrlist_t forwarders; | |
204 | dns_fwdpolicy_t fwdpolicy; | 204 | dns_fwdpolicy_t fwdpolicy; | |
205 | isc_sockaddrlist_t bad; | 205 | isc_sockaddrlist_t bad; | |
206 | isc_sockaddrlist_t edns; | 206 | isc_sockaddrlist_t edns; | |
207 | isc_sockaddrlist_t edns512; | 207 | isc_sockaddrlist_t edns512; | |
208 | isc_sockaddrlist_t bad_edns; | |||
208 | dns_validator_t *validator; | 209 | dns_validator_t *validator; | |
209 | ISC_LIST(dns_validator_t) validators; | 210 | ISC_LIST(dns_validator_t) validators; | |
210 | dns_db_t * cache; | 211 | dns_db_t * cache; | |
211 | dns_adb_t * adb; | 212 | dns_adb_t * adb; | |
212 | 213 | |||
213 | /*% | 214 | /*% | |
214 | * The number of events we're waiting for. | 215 | * The number of events we're waiting for. | |
215 | */ | 216 | */ | |
216 | unsigned int pending; | 217 | unsigned int pending; | |
217 | 218 | |||
218 | /*% | 219 | /*% | |
219 | * The number of times we've "restarted" the current | 220 | * The number of times we've "restarted" the current | |
220 | * nameserver set. This acts as a failsafe to prevent | 221 | * nameserver set. This acts as a failsafe to prevent | |
@@ -328,26 +329,38 @@ typedef struct fctxbucket { | @@ -328,26 +329,38 @@ typedef struct fctxbucket { | |||
328 | 329 | |||
329 | typedef struct alternate { | 330 | typedef struct alternate { | |
330 | isc_boolean_t isaddress; | 331 | isc_boolean_t isaddress; | |
331 | union { | 332 | union { | |
332 | isc_sockaddr_t addr; | 333 | isc_sockaddr_t addr; | |
333 | struct { | 334 | struct { | |
334 | dns_name_t name; | 335 | dns_name_t name; | |
335 | in_port_t port; | 336 | in_port_t port; | |
336 | } _n; | 337 | } _n; | |
337 | } _u; | 338 | } _u; | |
338 | ISC_LINK(struct alternate) link; | 339 | ISC_LINK(struct alternate) link; | |
339 | } alternate_t; | 340 | } alternate_t; | |
340 | 341 | |||
342 | typedef struct dns_badcache dns_badcache_t; | |||
343 | struct dns_badcache { | |||
344 | dns_badcache_t * next; | |||
345 | dns_rdatatype_t type; | |||
346 | isc_time_t expire; | |||
347 | unsigned int hashval; | |||
348 | dns_name_t name; | |||
349 | }; | |||
350 | #define DNS_BADCACHE_SIZE 1021 | |||
351 | #define DNS_BADCACHE_TTL(fctx) \ | |||
352 | (((fctx)->res->lame_ttl > 30 ) ? (fctx)->res->lame_ttl : 30) | |||
353 | ||||
341 | struct dns_resolver { | 354 | struct dns_resolver { | |
342 | /* Unlocked. */ | 355 | /* Unlocked. */ | |
343 | unsigned int magic; | 356 | unsigned int magic; | |
344 | isc_mem_t * mctx; | 357 | isc_mem_t * mctx; | |
345 | isc_mutex_t lock; | 358 | isc_mutex_t lock; | |
346 | isc_mutex_t nlock; | 359 | isc_mutex_t nlock; | |
347 | isc_mutex_t primelock; | 360 | isc_mutex_t primelock; | |
348 | dns_rdataclass_t rdclass; | 361 | dns_rdataclass_t rdclass; | |
349 | isc_socketmgr_t * socketmgr; | 362 | isc_socketmgr_t * socketmgr; | |
350 | isc_timermgr_t * timermgr; | 363 | isc_timermgr_t * timermgr; | |
351 | isc_taskmgr_t * taskmgr; | 364 | isc_taskmgr_t * taskmgr; | |
352 | dns_view_t * view; | 365 | dns_view_t * view; | |
353 | isc_boolean_t frozen; | 366 | isc_boolean_t frozen; | |
@@ -374,26 +387,33 @@ struct dns_resolver { | @@ -374,26 +387,33 @@ struct dns_resolver { | |||
374 | unsigned int spillatmax; | 387 | unsigned int spillatmax; | |
375 | unsigned int spillatmin; | 388 | unsigned int spillatmin; | |
376 | isc_timer_t * spillattimer; | 389 | isc_timer_t * spillattimer; | |
377 | isc_boolean_t zero_no_soa_ttl; | 390 | isc_boolean_t zero_no_soa_ttl; | |
378 | 391 | |||
379 | /* Locked by lock. */ | 392 | /* Locked by lock. */ | |
380 | unsigned int references; | 393 | unsigned int references; | |
381 | isc_boolean_t exiting; | 394 | isc_boolean_t exiting; | |
382 | isc_eventlist_t whenshutdown; | 395 | isc_eventlist_t whenshutdown; | |
383 | unsigned int activebuckets; | 396 | unsigned int activebuckets; | |
384 | isc_boolean_t priming; | 397 | isc_boolean_t priming; | |
385 | unsigned int spillat; /* clients-per-query */ | 398 | unsigned int spillat; /* clients-per-query */ | |
386 | unsigned int nextdisp; | 399 | unsigned int nextdisp; | |
400 | ||||
401 | /* Bad cache. */ | |||
402 | dns_badcache_t ** badcache; | |||
403 | unsigned int badcount; | |||
404 | unsigned int badhash; | |||
405 | unsigned int badsweep; | |||
406 | ||||
387 | /* Locked by primelock. */ | 407 | /* Locked by primelock. */ | |
388 | dns_fetch_t * primefetch; | 408 | dns_fetch_t * primefetch; | |
389 | /* Locked by nlock. */ | 409 | /* Locked by nlock. */ | |
390 | unsigned int nfctx; | 410 | unsigned int nfctx; | |
391 | }; | 411 | }; | |
392 | 412 | |||
393 | #define RES_MAGIC ISC_MAGIC('R', 'e', 's', '!') | 413 | #define RES_MAGIC ISC_MAGIC('R', 'e', 's', '!') | |
394 | #define VALID_RESOLVER(res) ISC_MAGIC_VALID(res, RES_MAGIC) | 414 | #define VALID_RESOLVER(res) ISC_MAGIC_VALID(res, RES_MAGIC) | |
395 | 415 | |||
396 | /*% | 416 | /*% | |
397 | * Private addrinfo flags. These must not conflict with DNS_FETCHOPT_NOEDNS0, | 417 | * Private addrinfo flags. These must not conflict with DNS_FETCHOPT_NOEDNS0, | |
398 | * which we also use as an addrinfo flag. | 418 | * which we also use as an addrinfo flag. | |
399 | */ | 419 | */ | |
@@ -404,27 +424,28 @@ struct dns_resolver { | @@ -404,27 +424,28 @@ struct dns_resolver { | |||
404 | == 0) | 424 | == 0) | |
405 | #define ISFORWARDER(a) (((a)->flags & \ | 425 | #define ISFORWARDER(a) (((a)->flags & \ | |
406 | FCTX_ADDRINFO_FORWARDER) != 0) | 426 | FCTX_ADDRINFO_FORWARDER) != 0) | |
407 | #define TRIED(a) (((a)->flags & \ | 427 | #define TRIED(a) (((a)->flags & \ | |
408 | FCTX_ADDRINFO_TRIED) != 0) | 428 | FCTX_ADDRINFO_TRIED) != 0) | |
409 | 429 | |||
410 | #define NXDOMAIN(r) (((r)->attributes & DNS_RDATASETATTR_NXDOMAIN) != 0) | 430 | #define NXDOMAIN(r) (((r)->attributes & DNS_RDATASETATTR_NXDOMAIN) != 0) | |
411 | 431 | |||
412 | static void destroy(dns_resolver_t *res); | 432 | static void destroy(dns_resolver_t *res); | |
413 | static void empty_bucket(dns_resolver_t *res); | 433 | static void empty_bucket(dns_resolver_t *res); | |
414 | static isc_result_t resquery_send(resquery_t *query); | 434 | static isc_result_t resquery_send(resquery_t *query); | |
415 | static void resquery_response(isc_task_t *task, isc_event_t *event); | 435 | static void resquery_response(isc_task_t *task, isc_event_t *event); | |
416 | static void resquery_connected(isc_task_t *task, isc_event_t *event); | 436 | static void resquery_connected(isc_task_t *task, isc_event_t *event); | |
417 | static void fctx_try(fetchctx_t *fctx, isc_boolean_t retrying); | 437 | static void fctx_try(fetchctx_t *fctx, isc_boolean_t retrying, | |
438 | isc_boolean_t badcache); | |||
418 | static isc_boolean_t fctx_destroy(fetchctx_t *fctx); | 439 | static isc_boolean_t fctx_destroy(fetchctx_t *fctx); | |
419 | static isc_result_t ncache_adderesult(dns_message_t *message, | 440 | static isc_result_t ncache_adderesult(dns_message_t *message, | |
420 | dns_db_t *cache, dns_dbnode_t *node, | 441 | dns_db_t *cache, dns_dbnode_t *node, | |
421 | dns_rdatatype_t covers, | 442 | dns_rdatatype_t covers, | |
422 | isc_stdtime_t now, dns_ttl_t maxttl, | 443 | isc_stdtime_t now, dns_ttl_t maxttl, | |
423 | isc_boolean_t optout, | 444 | isc_boolean_t optout, | |
424 | dns_rdataset_t *ardataset, | 445 | dns_rdataset_t *ardataset, | |
425 | isc_result_t *eresultp); | 446 | isc_result_t *eresultp); | |
426 | static void validated(isc_task_t *task, isc_event_t *event); | 447 | static void validated(isc_task_t *task, isc_event_t *event); | |
427 | static void maybe_destroy(fetchctx_t *fctx); | 448 | static void maybe_destroy(fetchctx_t *fctx); | |
428 | static void add_bad(fetchctx_t *fctx, dns_adbaddrinfo_t *addrinfo, | 449 | static void add_bad(fetchctx_t *fctx, dns_adbaddrinfo_t *addrinfo, | |
429 | isc_result_t reason, badnstype_t badtype); | 450 | isc_result_t reason, badnstype_t badtype); | |
430 | 451 | |||
@@ -456,27 +477,27 @@ valcreate(fetchctx_t *fctx, dns_adbaddri | @@ -456,27 +477,27 @@ valcreate(fetchctx_t *fctx, dns_adbaddri | |||
456 | valarg->addrinfo = addrinfo; | 477 | valarg->addrinfo = addrinfo; | |
457 | 478 | |||
458 | if (!ISC_LIST_EMPTY(fctx->validators)) | 479 | if (!ISC_LIST_EMPTY(fctx->validators)) | |
459 | INSIST((valoptions & DNS_VALIDATOR_DEFER) != 0); | 480 | INSIST((valoptions & DNS_VALIDATOR_DEFER) != 0); | |
460 | 481 | |||
461 | result = dns_validator_create(fctx->res->view, name, type, rdataset, | 482 | result = dns_validator_create(fctx->res->view, name, type, rdataset, | |
462 | sigrdataset, fctx->rmessage, | 483 | sigrdataset, fctx->rmessage, | |
463 | valoptions, task, validated, valarg, | 484 | valoptions, task, validated, valarg, | |
464 | &validator); | 485 | &validator); | |
465 | if (result == ISC_R_SUCCESS) { | 486 | if (result == ISC_R_SUCCESS) { | |
466 | inc_stats(fctx->res, dns_resstatscounter_val); | 487 | inc_stats(fctx->res, dns_resstatscounter_val); | |
467 | if ((valoptions & DNS_VALIDATOR_DEFER) == 0) { | 488 | if ((valoptions & DNS_VALIDATOR_DEFER) == 0) { | |
468 | INSIST(fctx->validator == NULL); | 489 | INSIST(fctx->validator == NULL); | |
469 | fctx->validator = validator; | 490 | fctx->validator = validator; | |
470 | } | 491 | } | |
471 | ISC_LIST_APPEND(fctx->validators, validator, link); | 492 | ISC_LIST_APPEND(fctx->validators, validator, link); | |
472 | } else | 493 | } else | |
473 | isc_mem_put(fctx->res->buckets[fctx->bucketnum].mctx, | 494 | isc_mem_put(fctx->res->buckets[fctx->bucketnum].mctx, | |
474 | valarg, sizeof(*valarg)); | 495 | valarg, sizeof(*valarg)); | |
475 | return (result); | 496 | return (result); | |
476 | } | 497 | } | |
477 | 498 | |||
478 | static isc_boolean_t | 499 | static isc_boolean_t | |
479 | rrsig_fromchildzone(fetchctx_t *fctx, dns_rdataset_t *rdataset) { | 500 | rrsig_fromchildzone(fetchctx_t *fctx, dns_rdataset_t *rdataset) { | |
480 | dns_namereln_t namereln; | 501 | dns_namereln_t namereln; | |
481 | dns_rdata_rrsig_t rrsig; | 502 | dns_rdata_rrsig_t rrsig; | |
482 | dns_rdata_t rdata = DNS_RDATA_INIT; | 503 | dns_rdata_t rdata = DNS_RDATA_INIT; | |
@@ -1166,27 +1187,27 @@ process_sendevent(resquery_t *query, isc | @@ -1166,27 +1187,27 @@ process_sendevent(resquery_t *query, isc | |||
1166 | 1187 | |||
1167 | isc_event_free(&event); | 1188 | isc_event_free(&event); | |
1168 | 1189 | |||
1169 | if (retry) { | 1190 | if (retry) { | |
1170 | /* | 1191 | /* | |
1171 | * Behave as if the idle timer has expired. For TCP | 1192 | * Behave as if the idle timer has expired. For TCP | |
1172 | * this may not actually reflect the latest timer. | 1193 | * this may not actually reflect the latest timer. | |
1173 | */ | 1194 | */ | |
1174 | fctx->attributes &= ~FCTX_ATTR_ADDRWAIT; | 1195 | fctx->attributes &= ~FCTX_ATTR_ADDRWAIT; | |
1175 | result = fctx_stopidletimer(fctx); | 1196 | result = fctx_stopidletimer(fctx); | |
1176 | if (result != ISC_R_SUCCESS) | 1197 | if (result != ISC_R_SUCCESS) | |
1177 | fctx_done(fctx, result, __LINE__); | 1198 | fctx_done(fctx, result, __LINE__); | |
1178 | else | 1199 | else | |
1179 | fctx_try(fctx, ISC_TRUE); | 1200 | fctx_try(fctx, ISC_TRUE, ISC_FALSE); | |
1180 | } | 1201 | } | |
1181 | } | 1202 | } | |
1182 | 1203 | |||
1183 | static void | 1204 | static void | |
1184 | resquery_udpconnected(isc_task_t *task, isc_event_t *event) { | 1205 | resquery_udpconnected(isc_task_t *task, isc_event_t *event) { | |
1185 | resquery_t *query = event->ev_arg; | 1206 | resquery_t *query = event->ev_arg; | |
1186 | 1207 | |||
1187 | REQUIRE(event->ev_type == ISC_SOCKEVENT_CONNECT); | 1208 | REQUIRE(event->ev_type == ISC_SOCKEVENT_CONNECT); | |
1188 | 1209 | |||
1189 | QTRACE("udpconnected"); | 1210 | QTRACE("udpconnected"); | |
1190 | 1211 | |||
1191 | UNUSED(task); | 1212 | UNUSED(task); | |
1192 | 1213 | |||
@@ -1536,26 +1557,56 @@ fctx_query(fetchctx_t *fctx, dns_adbaddr | @@ -1536,26 +1557,56 @@ fctx_query(fetchctx_t *fctx, dns_adbaddr | |||
1536 | 1557 | |||
1537 | cleanup_query: | 1558 | cleanup_query: | |
1538 | query->magic = 0; | 1559 | query->magic = 0; | |
1539 | isc_mem_put(res->buckets[fctx->bucketnum].mctx, | 1560 | isc_mem_put(res->buckets[fctx->bucketnum].mctx, | |
1540 | query, sizeof(*query)); | 1561 | query, sizeof(*query)); | |
1541 | 1562 | |||
1542 | stop_idle_timer: | 1563 | stop_idle_timer: | |
1543 | RUNTIME_CHECK(fctx_stopidletimer(fctx) == ISC_R_SUCCESS); | 1564 | RUNTIME_CHECK(fctx_stopidletimer(fctx) == ISC_R_SUCCESS); | |
1544 | 1565 | |||
1545 | return (result); | 1566 | return (result); | |
1546 | } | 1567 | } | |
1547 | 1568 | |||
1548 | static isc_boolean_t | 1569 | static isc_boolean_t | |
1570 | bad_edns(fetchctx_t *fctx, isc_sockaddr_t *address) { | |||
1571 | isc_sockaddr_t *sa; | |||
1572 | ||||
1573 | for (sa = ISC_LIST_HEAD(fctx->bad_edns); | |||
1574 | sa != NULL; | |||
1575 | sa = ISC_LIST_NEXT(sa, link)) { | |||
1576 | if (isc_sockaddr_equal(sa, address)) | |||
1577 | return (ISC_TRUE); | |||
1578 | } | |||
1579 | ||||
1580 | return (ISC_FALSE); | |||
1581 | } | |||
1582 | ||||
1583 | static void | |||
1584 | add_bad_edns(fetchctx_t *fctx, isc_sockaddr_t *address) { | |||
1585 | isc_sockaddr_t *sa; | |||
1586 | ||||
1587 | if (bad_edns(fctx, address)) | |||
1588 | return; | |||
1589 | ||||
1590 | sa = isc_mem_get(fctx->res->buckets[fctx->bucketnum].mctx, | |||
1591 | sizeof(*sa)); | |||
1592 | if (sa == NULL) | |||
1593 | return; | |||
1594 | ||||
1595 | *sa = *address; | |||
1596 | ISC_LIST_INITANDAPPEND(fctx->bad_edns, sa, link); | |||
1597 | } | |||
1598 | ||||
1599 | static isc_boolean_t | |||
1549 | triededns(fetchctx_t *fctx, isc_sockaddr_t *address) { | 1600 | triededns(fetchctx_t *fctx, isc_sockaddr_t *address) { | |
1550 | isc_sockaddr_t *sa; | 1601 | isc_sockaddr_t *sa; | |
1551 | 1602 | |||
1552 | for (sa = ISC_LIST_HEAD(fctx->edns); | 1603 | for (sa = ISC_LIST_HEAD(fctx->edns); | |
1553 | sa != NULL; | 1604 | sa != NULL; | |
1554 | sa = ISC_LIST_NEXT(sa, link)) { | 1605 | sa = ISC_LIST_NEXT(sa, link)) { | |
1555 | if (isc_sockaddr_equal(sa, address)) | 1606 | if (isc_sockaddr_equal(sa, address)) | |
1556 | return (ISC_TRUE); | 1607 | return (ISC_TRUE); | |
1557 | } | 1608 | } | |
1558 | 1609 | |||
1559 | return (ISC_FALSE); | 1610 | return (ISC_FALSE); | |
1560 | } | 1611 | } | |
1561 | 1612 | |||
@@ -2067,27 +2118,27 @@ resquery_connected(isc_task_t *task, isc | @@ -2067,27 +2118,27 @@ resquery_connected(isc_task_t *task, isc | |||
2067 | 2118 | |||
2068 | isc_event_free(&event); | 2119 | isc_event_free(&event); | |
2069 | 2120 | |||
2070 | if (retry) { | 2121 | if (retry) { | |
2071 | /* | 2122 | /* | |
2072 | * Behave as if the idle timer has expired. For TCP | 2123 | * Behave as if the idle timer has expired. For TCP | |
2073 | * connections this may not actually reflect the latest timer. | 2124 | * connections this may not actually reflect the latest timer. | |
2074 | */ | 2125 | */ | |
2075 | fctx->attributes &= ~FCTX_ATTR_ADDRWAIT; | 2126 | fctx->attributes &= ~FCTX_ATTR_ADDRWAIT; | |
2076 | result = fctx_stopidletimer(fctx); | 2127 | result = fctx_stopidletimer(fctx); | |
2077 | if (result != ISC_R_SUCCESS) | 2128 | if (result != ISC_R_SUCCESS) | |
2078 | fctx_done(fctx, result, __LINE__); | 2129 | fctx_done(fctx, result, __LINE__); | |
2079 | else | 2130 | else | |
2080 | fctx_try(fctx, ISC_TRUE); | 2131 | fctx_try(fctx, ISC_TRUE, ISC_FALSE); | |
2081 | } | 2132 | } | |
2082 | } | 2133 | } | |
2083 | 2134 | |||
2084 | static void | 2135 | static void | |
2085 | fctx_finddone(isc_task_t *task, isc_event_t *event) { | 2136 | fctx_finddone(isc_task_t *task, isc_event_t *event) { | |
2086 | fetchctx_t *fctx; | 2137 | fetchctx_t *fctx; | |
2087 | dns_adbfind_t *find; | 2138 | dns_adbfind_t *find; | |
2088 | dns_resolver_t *res; | 2139 | dns_resolver_t *res; | |
2089 | isc_boolean_t want_try = ISC_FALSE; | 2140 | isc_boolean_t want_try = ISC_FALSE; | |
2090 | isc_boolean_t want_done = ISC_FALSE; | 2141 | isc_boolean_t want_done = ISC_FALSE; | |
2091 | isc_boolean_t bucket_empty = ISC_FALSE; | 2142 | isc_boolean_t bucket_empty = ISC_FALSE; | |
2092 | unsigned int bucketnum; | 2143 | unsigned int bucketnum; | |
2093 | 2144 | |||
@@ -2129,27 +2180,27 @@ fctx_finddone(isc_task_t *task, isc_even | @@ -2129,27 +2180,27 @@ fctx_finddone(isc_task_t *task, isc_even | |||
2129 | /* | 2180 | /* | |
2130 | * Note that we had to wait until we had the lock before | 2181 | * Note that we had to wait until we had the lock before | |
2131 | * looking at fctx->references. | 2182 | * looking at fctx->references. | |
2132 | */ | 2183 | */ | |
2133 | if (fctx->references == 0) | 2184 | if (fctx->references == 0) | |
2134 | bucket_empty = fctx_destroy(fctx); | 2185 | bucket_empty = fctx_destroy(fctx); | |
2135 | UNLOCK(&res->buckets[bucketnum].lock); | 2186 | UNLOCK(&res->buckets[bucketnum].lock); | |
2136 | } | 2187 | } | |
2137 | 2188 | |||
2138 | isc_event_free(&event); | 2189 | isc_event_free(&event); | |
2139 | dns_adb_destroyfind(&find); | 2190 | dns_adb_destroyfind(&find); | |
2140 | 2191 | |||
2141 | if (want_try) | 2192 | if (want_try) | |
2142 | fctx_try(fctx, ISC_TRUE); | 2193 | fctx_try(fctx, ISC_TRUE, ISC_FALSE); | |
2143 | else if (want_done) | 2194 | else if (want_done) | |
2144 | fctx_done(fctx, ISC_R_FAILURE, __LINE__); | 2195 | fctx_done(fctx, ISC_R_FAILURE, __LINE__); | |
2145 | else if (bucket_empty) | 2196 | else if (bucket_empty) | |
2146 | empty_bucket(res); | 2197 | empty_bucket(res); | |
2147 | } | 2198 | } | |
2148 | 2199 | |||
2149 | 2200 | |||
2150 | static inline isc_boolean_t | 2201 | static inline isc_boolean_t | |
2151 | bad_server(fetchctx_t *fctx, isc_sockaddr_t *address) { | 2202 | bad_server(fetchctx_t *fctx, isc_sockaddr_t *address) { | |
2152 | isc_sockaddr_t *sa; | 2203 | isc_sockaddr_t *sa; | |
2153 | 2204 | |||
2154 | for (sa = ISC_LIST_HEAD(fctx->bad); | 2205 | for (sa = ISC_LIST_HEAD(fctx->bad); | |
2155 | sa != NULL; | 2206 | sa != NULL; | |
@@ -2537,27 +2588,27 @@ findname(fetchctx_t *fctx, dns_name_t *n | @@ -2537,27 +2588,27 @@ findname(fetchctx_t *fctx, dns_name_t *n | |||
2537 | } | 2588 | } | |
2538 | 2589 | |||
2539 | static isc_boolean_t | 2590 | static isc_boolean_t | |
2540 | isstrictsubdomain(dns_name_t *name1, dns_name_t *name2) { | 2591 | isstrictsubdomain(dns_name_t *name1, dns_name_t *name2) { | |
2541 | int order; | 2592 | int order; | |
2542 | unsigned int nlabels; | 2593 | unsigned int nlabels; | |
2543 | dns_namereln_t namereln; | 2594 | dns_namereln_t namereln; | |
2544 | 2595 | |||
2545 | namereln = dns_name_fullcompare(name1, name2, &order, &nlabels); | 2596 | namereln = dns_name_fullcompare(name1, name2, &order, &nlabels); | |
2546 | return (ISC_TF(namereln == dns_namereln_subdomain)); | 2597 | return (ISC_TF(namereln == dns_namereln_subdomain)); | |
2547 | } | 2598 | } | |
2548 | 2599 | |||
2549 | static isc_result_t | 2600 | static isc_result_t | |
2550 | fctx_getaddresses(fetchctx_t *fctx) { | 2601 | fctx_getaddresses(fetchctx_t *fctx, isc_boolean_t badcache) { | |
2551 | dns_rdata_t rdata = DNS_RDATA_INIT; | 2602 | dns_rdata_t rdata = DNS_RDATA_INIT; | |
2552 | isc_result_t result; | 2603 | isc_result_t result; | |
2553 | dns_resolver_t *res; | 2604 | dns_resolver_t *res; | |
2554 | isc_stdtime_t now; | 2605 | isc_stdtime_t now; | |
2555 | unsigned int stdoptions; | 2606 | unsigned int stdoptions; | |
2556 | isc_sockaddr_t *sa; | 2607 | isc_sockaddr_t *sa; | |
2557 | dns_adbaddrinfo_t *ai; | 2608 | dns_adbaddrinfo_t *ai; | |
2558 | isc_boolean_t all_bad; | 2609 | isc_boolean_t all_bad; | |
2559 | dns_rdata_ns_t ns; | 2610 | dns_rdata_ns_t ns; | |
2560 | isc_boolean_t need_alternate = ISC_FALSE; | 2611 | isc_boolean_t need_alternate = ISC_FALSE; | |
2561 | 2612 | |||
2562 | FCTXTRACE("getaddresses"); | 2613 | FCTXTRACE("getaddresses"); | |
2563 | 2614 | |||
@@ -2756,32 +2807,44 @@ fctx_getaddresses(fetchctx_t *fctx) { | @@ -2756,32 +2807,44 @@ fctx_getaddresses(fetchctx_t *fctx) { | |||
2756 | * How are we doing? | 2807 | * How are we doing? | |
2757 | */ | 2808 | */ | |
2758 | if (all_bad) { | 2809 | if (all_bad) { | |
2759 | /* | 2810 | /* | |
2760 | * We've got no addresses. | 2811 | * We've got no addresses. | |
2761 | */ | 2812 | */ | |
2762 | if (fctx->pending > 0) { | 2813 | if (fctx->pending > 0) { | |
2763 | /* | 2814 | /* | |
2764 | * We're fetching the addresses, but don't have any | 2815 | * We're fetching the addresses, but don't have any | |
2765 | * yet. Tell the caller to wait for an answer. | 2816 | * yet. Tell the caller to wait for an answer. | |
2766 | */ | 2817 | */ | |
2767 | result = DNS_R_WAIT; | 2818 | result = DNS_R_WAIT; | |
2768 | } else { | 2819 | } else { | |
2820 | isc_time_t expire; | |||
2821 | isc_interval_t i; | |||
2769 | /* | 2822 | /* | |
2770 | * We've lost completely. We don't know any | 2823 | * We've lost completely. We don't know any | |
2771 | * addresses, and the ADB has told us it can't get | 2824 | * addresses, and the ADB has told us it can't get | |
2772 | * them. | 2825 | * them. | |
2773 | */ | 2826 | */ | |
2774 | FCTXTRACE("no addresses"); | 2827 | FCTXTRACE("no addresses"); | |
2828 | isc_interval_set(&i, DNS_BADCACHE_TTL(fctx), 0); | |||
2829 | result = isc_time_nowplusinterval(&expire, &i); | |||
2830 | if (badcache && | |||
2831 | (fctx->type == dns_rdatatype_dnskey || | |||
2832 | fctx->type == dns_rdatatype_dlv || | |||
2833 | fctx->type == dns_rdatatype_ds) && | |||
2834 | result == ISC_R_SUCCESS) | |||
2835 | dns_resolver_addbadcache(fctx->res, | |||
2836 | &fctx->name, | |||
2837 | fctx->type, &expire); | |||
2775 | result = ISC_R_FAILURE; | 2838 | result = ISC_R_FAILURE; | |
2776 | } | 2839 | } | |
2777 | } else { | 2840 | } else { | |
2778 | /* | 2841 | /* | |
2779 | * We've found some addresses. We might still be looking | 2842 | * We've found some addresses. We might still be looking | |
2780 | * for more addresses. | 2843 | * for more addresses. | |
2781 | */ | 2844 | */ | |
2782 | sort_finds(fctx, &fctx->finds); | 2845 | sort_finds(fctx, &fctx->finds); | |
2783 | sort_finds(fctx, &fctx->altfinds); | 2846 | sort_finds(fctx, &fctx->altfinds); | |
2784 | result = ISC_R_SUCCESS; | 2847 | result = ISC_R_SUCCESS; | |
2785 | } | 2848 | } | |
2786 | 2849 | |||
2787 | return (result); | 2850 | return (result); | |
@@ -2984,45 +3047,45 @@ fctx_nextaddress(fetchctx_t *fctx) { | @@ -2984,45 +3047,45 @@ fctx_nextaddress(fetchctx_t *fctx) { | |||
2984 | break; | 3047 | break; | |
2985 | } | 3048 | } | |
2986 | } | 3049 | } | |
2987 | 3050 | |||
2988 | if (addrinfo == NULL) { | 3051 | if (addrinfo == NULL) { | |
2989 | addrinfo = faddrinfo; | 3052 | addrinfo = faddrinfo; | |
2990 | fctx->altfind = find; | 3053 | fctx->altfind = find; | |
2991 | } | 3054 | } | |
2992 | 3055 | |||
2993 | return (addrinfo); | 3056 | return (addrinfo); | |
2994 | } | 3057 | } | |
2995 | 3058 | |||
2996 | static void | 3059 | static void | |
2997 | fctx_try(fetchctx_t *fctx, isc_boolean_t retrying) { | 3060 | fctx_try(fetchctx_t *fctx, isc_boolean_t retrying, isc_boolean_t badcache) { | |
2998 | isc_result_t result; | 3061 | isc_result_t result; | |
2999 | dns_adbaddrinfo_t *addrinfo; | 3062 | dns_adbaddrinfo_t *addrinfo; | |
3000 | 3063 | |||
3001 | FCTXTRACE("try"); | 3064 | FCTXTRACE("try"); | |
3002 | 3065 | |||
3003 | REQUIRE(!ADDRWAIT(fctx)); | 3066 | REQUIRE(!ADDRWAIT(fctx)); | |
3004 | 3067 | |||
3005 | addrinfo = fctx_nextaddress(fctx); | 3068 | addrinfo = fctx_nextaddress(fctx); | |
3006 | if (addrinfo == NULL) { | 3069 | if (addrinfo == NULL) { | |
3007 | /* | 3070 | /* | |
3008 | * We have no more addresses. Start over. | 3071 | * We have no more addresses. Start over. | |
3009 | */ | 3072 | */ | |
3010 | fctx_cancelqueries(fctx, ISC_TRUE); | 3073 | fctx_cancelqueries(fctx, ISC_TRUE); | |
3011 | fctx_cleanupfinds(fctx); | 3074 | fctx_cleanupfinds(fctx); | |
3012 | fctx_cleanupaltfinds(fctx); | 3075 | fctx_cleanupaltfinds(fctx); | |
3013 | fctx_cleanupforwaddrs(fctx); | 3076 | fctx_cleanupforwaddrs(fctx); | |
3014 | fctx_cleanupaltaddrs(fctx); | 3077 | fctx_cleanupaltaddrs(fctx); | |
3015 | result = fctx_getaddresses(fctx); | 3078 | result = fctx_getaddresses(fctx, badcache); | |
3016 | if (result == DNS_R_WAIT) { | 3079 | if (result == DNS_R_WAIT) { | |
3017 | /* | 3080 | /* | |
3018 | * Sleep waiting for addresses. | 3081 | * Sleep waiting for addresses. | |
3019 | */ | 3082 | */ | |
3020 | FCTXTRACE("addrwait"); | 3083 | FCTXTRACE("addrwait"); | |
3021 | fctx->attributes |= FCTX_ATTR_ADDRWAIT; | 3084 | fctx->attributes |= FCTX_ATTR_ADDRWAIT; | |
3022 | return; | 3085 | return; | |
3023 | } else if (result != ISC_R_SUCCESS) { | 3086 | } else if (result != ISC_R_SUCCESS) { | |
3024 | /* | 3087 | /* | |
3025 | * Something bad happened. | 3088 | * Something bad happened. | |
3026 | */ | 3089 | */ | |
3027 | fctx_done(fctx, result, __LINE__); | 3090 | fctx_done(fctx, result, __LINE__); | |
3028 | return; | 3091 | return; | |
@@ -3091,26 +3154,34 @@ fctx_destroy(fetchctx_t *fctx) { | @@ -3091,26 +3154,34 @@ fctx_destroy(fetchctx_t *fctx) { | |||
3091 | next_sa = ISC_LIST_NEXT(sa, link); | 3154 | next_sa = ISC_LIST_NEXT(sa, link); | |
3092 | ISC_LIST_UNLINK(fctx->edns, sa, link); | 3155 | ISC_LIST_UNLINK(fctx->edns, sa, link); | |
3093 | isc_mem_put(res->buckets[bucketnum].mctx, sa, sizeof(*sa)); | 3156 | isc_mem_put(res->buckets[bucketnum].mctx, sa, sizeof(*sa)); | |
3094 | } | 3157 | } | |
3095 | 3158 | |||
3096 | for (sa = ISC_LIST_HEAD(fctx->edns512); | 3159 | for (sa = ISC_LIST_HEAD(fctx->edns512); | |
3097 | sa != NULL; | 3160 | sa != NULL; | |
3098 | sa = next_sa) { | 3161 | sa = next_sa) { | |
3099 | next_sa = ISC_LIST_NEXT(sa, link); | 3162 | next_sa = ISC_LIST_NEXT(sa, link); | |
3100 | ISC_LIST_UNLINK(fctx->edns512, sa, link); | 3163 | ISC_LIST_UNLINK(fctx->edns512, sa, link); | |
3101 | isc_mem_put(res->buckets[bucketnum].mctx, sa, sizeof(*sa)); | 3164 | isc_mem_put(res->buckets[bucketnum].mctx, sa, sizeof(*sa)); | |
3102 | } | 3165 | } | |
3103 | 3166 | |||
3167 | for (sa = ISC_LIST_HEAD(fctx->bad_edns); | |||
3168 | sa != NULL; | |||
3169 | sa = next_sa) { | |||
3170 | next_sa = ISC_LIST_NEXT(sa, link); | |||
3171 | ISC_LIST_UNLINK(fctx->bad_edns, sa, link); | |||
3172 | isc_mem_put(res->buckets[bucketnum].mctx, sa, sizeof(*sa)); | |||
3173 | } | |||
3174 | ||||
3104 | isc_timer_detach(&fctx->timer); | 3175 | isc_timer_detach(&fctx->timer); | |
3105 | dns_message_destroy(&fctx->rmessage); | 3176 | dns_message_destroy(&fctx->rmessage); | |
3106 | dns_message_destroy(&fctx->qmessage); | 3177 | dns_message_destroy(&fctx->qmessage); | |
3107 | if (dns_name_countlabels(&fctx->domain) > 0) | 3178 | if (dns_name_countlabels(&fctx->domain) > 0) | |
3108 | dns_name_free(&fctx->domain, res->buckets[bucketnum].mctx); | 3179 | dns_name_free(&fctx->domain, res->buckets[bucketnum].mctx); | |
3109 | if (dns_rdataset_isassociated(&fctx->nameservers)) | 3180 | if (dns_rdataset_isassociated(&fctx->nameservers)) | |
3110 | dns_rdataset_disassociate(&fctx->nameservers); | 3181 | dns_rdataset_disassociate(&fctx->nameservers); | |
3111 | dns_name_free(&fctx->name, res->buckets[bucketnum].mctx); | 3182 | dns_name_free(&fctx->name, res->buckets[bucketnum].mctx); | |
3112 | dns_db_detach(&fctx->cache); | 3183 | dns_db_detach(&fctx->cache); | |
3113 | dns_adb_detach(&fctx->adb); | 3184 | dns_adb_detach(&fctx->adb); | |
3114 | isc_mem_free(res->buckets[bucketnum].mctx, fctx->info); | 3185 | isc_mem_free(res->buckets[bucketnum].mctx, fctx->info); | |
3115 | isc_mem_put(res->buckets[bucketnum].mctx, fctx, sizeof(*fctx)); | 3186 | isc_mem_put(res->buckets[bucketnum].mctx, fctx, sizeof(*fctx)); | |
3116 | 3187 | |||
@@ -3167,27 +3238,27 @@ fctx_timeout(isc_task_t *task, isc_event | @@ -3167,27 +3238,27 @@ fctx_timeout(isc_task_t *task, isc_event | |||
3167 | } | 3238 | } | |
3168 | fctx->attributes &= ~FCTX_ATTR_ADDRWAIT; | 3239 | fctx->attributes &= ~FCTX_ATTR_ADDRWAIT; | |
3169 | /* | 3240 | /* | |
3170 | * Our timer has triggered. Reestablish the fctx lifetime | 3241 | * Our timer has triggered. Reestablish the fctx lifetime | |
3171 | * timer. | 3242 | * timer. | |
3172 | */ | 3243 | */ | |
3173 | result = fctx_starttimer(fctx); | 3244 | result = fctx_starttimer(fctx); | |
3174 | if (result != ISC_R_SUCCESS) | 3245 | if (result != ISC_R_SUCCESS) | |
3175 | fctx_done(fctx, result, __LINE__); | 3246 | fctx_done(fctx, result, __LINE__); | |
3176 | else | 3247 | else | |
3177 | /* | 3248 | /* | |
3178 | * Keep trying. | 3249 | * Keep trying. | |
3179 | */ | 3250 | */ | |
3180 | fctx_try(fctx, ISC_TRUE); | 3251 | fctx_try(fctx, ISC_TRUE, ISC_FALSE); | |
3181 | } | 3252 | } | |
3182 | 3253 | |||
3183 | isc_event_free(&event); | 3254 | isc_event_free(&event); | |
3184 | } | 3255 | } | |
3185 | 3256 | |||
3186 | static void | 3257 | static void | |
3187 | fctx_shutdown(fetchctx_t *fctx) { | 3258 | fctx_shutdown(fetchctx_t *fctx) { | |
3188 | isc_event_t *cevent; | 3259 | isc_event_t *cevent; | |
3189 | 3260 | |||
3190 | /* | 3261 | /* | |
3191 | * Start the shutdown process for fctx, if it isn't already underway. | 3262 | * Start the shutdown process for fctx, if it isn't already underway. | |
3192 | */ | 3263 | */ | |
3193 | 3264 | |||
@@ -3337,27 +3408,27 @@ fctx_start(isc_task_t *task, isc_event_t | @@ -3337,27 +3408,27 @@ fctx_start(isc_task_t *task, isc_event_t | |||
3337 | 3408 | |||
3338 | UNLOCK(&res->buckets[bucketnum].lock); | 3409 | UNLOCK(&res->buckets[bucketnum].lock); | |
3339 | 3410 | |||
3340 | if (!done) { | 3411 | if (!done) { | |
3341 | isc_result_t result; | 3412 | isc_result_t result; | |
3342 | 3413 | |||
3343 | /* | 3414 | /* | |
3344 | * All is well. Start working on the fetch. | 3415 | * All is well. Start working on the fetch. | |
3345 | */ | 3416 | */ | |
3346 | result = fctx_starttimer(fctx); | 3417 | result = fctx_starttimer(fctx); | |
3347 | if (result != ISC_R_SUCCESS) | 3418 | if (result != ISC_R_SUCCESS) | |
3348 | fctx_done(fctx, result, __LINE__); | 3419 | fctx_done(fctx, result, __LINE__); | |
3349 | else | 3420 | else | |
3350 | fctx_try(fctx, ISC_FALSE); | 3421 | fctx_try(fctx, ISC_FALSE, ISC_FALSE); | |
3351 | } else if (bucket_empty) | 3422 | } else if (bucket_empty) | |
3352 | empty_bucket(res); | 3423 | empty_bucket(res); | |
3353 | } | 3424 | } | |
3354 | 3425 | |||
3355 | /* | 3426 | /* | |
3356 | * Fetch Creation, Joining, and Cancelation. | 3427 | * Fetch Creation, Joining, and Cancelation. | |
3357 | */ | 3428 | */ | |
3358 | 3429 | |||
3359 | static inline isc_result_t | 3430 | static inline isc_result_t | |
3360 | fctx_join(fetchctx_t *fctx, isc_task_t *task, isc_sockaddr_t *client, | 3431 | fctx_join(fetchctx_t *fctx, isc_task_t *task, isc_sockaddr_t *client, | |
3361 | dns_messageid_t id, isc_taskaction_t action, void *arg, | 3432 | dns_messageid_t id, isc_taskaction_t action, void *arg, | |
3362 | dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset, | 3433 | dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset, | |
3363 | dns_fetch_t *fetch) | 3434 | dns_fetch_t *fetch) | |
@@ -3462,26 +3533,27 @@ fctx_create(dns_resolver_t *res, dns_nam | @@ -3462,26 +3533,27 @@ fctx_create(dns_resolver_t *res, dns_nam | |||
3462 | fctx->state = fetchstate_init; | 3533 | fctx->state = fetchstate_init; | |
3463 | fctx->want_shutdown = ISC_FALSE; | 3534 | fctx->want_shutdown = ISC_FALSE; | |
3464 | fctx->cloned = ISC_FALSE; | 3535 | fctx->cloned = ISC_FALSE; | |
3465 | ISC_LIST_INIT(fctx->queries); | 3536 | ISC_LIST_INIT(fctx->queries); | |
3466 | ISC_LIST_INIT(fctx->finds); | 3537 | ISC_LIST_INIT(fctx->finds); | |
3467 | ISC_LIST_INIT(fctx->altfinds); | 3538 | ISC_LIST_INIT(fctx->altfinds); | |
3468 | ISC_LIST_INIT(fctx->forwaddrs); | 3539 | ISC_LIST_INIT(fctx->forwaddrs); | |
3469 | ISC_LIST_INIT(fctx->altaddrs); | 3540 | ISC_LIST_INIT(fctx->altaddrs); | |
3470 | ISC_LIST_INIT(fctx->forwarders); | 3541 | ISC_LIST_INIT(fctx->forwarders); | |
3471 | fctx->fwdpolicy = dns_fwdpolicy_none; | 3542 | fctx->fwdpolicy = dns_fwdpolicy_none; | |
3472 | ISC_LIST_INIT(fctx->bad); | 3543 | ISC_LIST_INIT(fctx->bad); | |
3473 | ISC_LIST_INIT(fctx->edns); | 3544 | ISC_LIST_INIT(fctx->edns); | |
3474 | ISC_LIST_INIT(fctx->edns512); | 3545 | ISC_LIST_INIT(fctx->edns512); | |
3546 | ISC_LIST_INIT(fctx->bad_edns); | |||
3475 | ISC_LIST_INIT(fctx->validators); | 3547 | ISC_LIST_INIT(fctx->validators); | |
3476 | fctx->validator = NULL; | 3548 | fctx->validator = NULL; | |
3477 | fctx->find = NULL; | 3549 | fctx->find = NULL; | |
3478 | fctx->altfind = NULL; | 3550 | fctx->altfind = NULL; | |
3479 | fctx->pending = 0; | 3551 | fctx->pending = 0; | |
3480 | fctx->restarts = 0; | 3552 | fctx->restarts = 0; | |
3481 | fctx->querysent = 0; | 3553 | fctx->querysent = 0; | |
3482 | fctx->referrals = 0; | 3554 | fctx->referrals = 0; | |
3483 | TIME_NOW(&fctx->start); | 3555 | TIME_NOW(&fctx->start); | |
3484 | fctx->timeouts = 0; | 3556 | fctx->timeouts = 0; | |
3485 | fctx->lamecount = 0; | 3557 | fctx->lamecount = 0; | |
3486 | fctx->adberr = 0; | 3558 | fctx->adberr = 0; | |
3487 | fctx->neterr = 0; | 3559 | fctx->neterr = 0; | |
@@ -3873,34 +3945,26 @@ maybe_destroy(fetchctx_t *fctx) { | @@ -3873,34 +3945,26 @@ maybe_destroy(fetchctx_t *fctx) { | |||
3873 | isc_boolean_t bucket_empty = ISC_FALSE; | 3945 | isc_boolean_t bucket_empty = ISC_FALSE; | |
3874 | dns_resolver_t *res = fctx->res; | 3946 | dns_resolver_t *res = fctx->res; | |
3875 | dns_validator_t *validator, *next_validator; | 3947 | dns_validator_t *validator, *next_validator; | |
3876 | 3948 | |||
3877 | REQUIRE(SHUTTINGDOWN(fctx)); | 3949 | REQUIRE(SHUTTINGDOWN(fctx)); | |
3878 | 3950 | |||
3879 | if (fctx->pending != 0 || fctx->nqueries != 0) | 3951 | if (fctx->pending != 0 || fctx->nqueries != 0) | |
3880 | return; | 3952 | return; | |
3881 | 3953 | |||
3882 | for (validator = ISC_LIST_HEAD(fctx->validators); | 3954 | for (validator = ISC_LIST_HEAD(fctx->validators); | |
3883 | validator != NULL; validator = next_validator) { | 3955 | validator != NULL; validator = next_validator) { | |
3884 | next_validator = ISC_LIST_NEXT(validator, link); | 3956 | next_validator = ISC_LIST_NEXT(validator, link); | |
3885 | dns_validator_cancel(validator); | 3957 | dns_validator_cancel(validator); | |
3886 | /* | |||
3887 | * If this is a active validator wait for the cancel | |||
3888 | * to complete before calling dns_validator_destroy(). | |||
3889 | */ | |||
3890 | if (validator == fctx->validator) | |||
3891 | continue; | |||
3892 | ISC_LIST_UNLINK(fctx->validators, validator, link); | |||
3893 | dns_validator_destroy(&validator); | |||
3894 | } | 3958 | } | |
3895 | 3959 | |||
3896 | bucketnum = fctx->bucketnum; | 3960 | bucketnum = fctx->bucketnum; | |
3897 | LOCK(&res->buckets[bucketnum].lock); | 3961 | LOCK(&res->buckets[bucketnum].lock); | |
3898 | if (fctx->references == 0 && ISC_LIST_EMPTY(fctx->validators)) | 3962 | if (fctx->references == 0 && ISC_LIST_EMPTY(fctx->validators)) | |
3899 | bucket_empty = fctx_destroy(fctx); | 3963 | bucket_empty = fctx_destroy(fctx); | |
3900 | UNLOCK(&res->buckets[bucketnum].lock); | 3964 | UNLOCK(&res->buckets[bucketnum].lock); | |
3901 | 3965 | |||
3902 | if (bucket_empty) | 3966 | if (bucket_empty) | |
3903 | empty_bucket(res); | 3967 | empty_bucket(res); | |
3904 | } | 3968 | } | |
3905 | 3969 | |||
3906 | /* | 3970 | /* | |
@@ -3959,26 +4023,28 @@ validated(isc_task_t *task, isc_event_t | @@ -3959,26 +4023,28 @@ validated(isc_task_t *task, isc_event_t | |||
3959 | 4023 | |||
3960 | /* | 4024 | /* | |
3961 | * If shutting down, ignore the results. Check to see if we're | 4025 | * If shutting down, ignore the results. Check to see if we're | |
3962 | * done waiting for validator completions and ADB pending events; if | 4026 | * done waiting for validator completions and ADB pending events; if | |
3963 | * so, destroy the fctx. | 4027 | * so, destroy the fctx. | |
3964 | */ | 4028 | */ | |
3965 | if (SHUTTINGDOWN(fctx) && !sentresponse) { | 4029 | if (SHUTTINGDOWN(fctx) && !sentresponse) { | |
3966 | maybe_destroy(fctx); /* Locks bucket. */ | 4030 | maybe_destroy(fctx); /* Locks bucket. */ | |
3967 | goto cleanup_event; | 4031 | goto cleanup_event; | |
3968 | } | 4032 | } | |
3969 | 4033 | |||
3970 | LOCK(&fctx->res->buckets[fctx->bucketnum].lock); | 4034 | LOCK(&fctx->res->buckets[fctx->bucketnum].lock); | |
3971 | 4035 | |||
4036 | isc_stdtime_get(&now); | |||
4037 | ||||
3972 | /* | 4038 | /* | |
3973 | * If chaining, we need to make sure that the right result code is | 4039 | * If chaining, we need to make sure that the right result code is | |
3974 | * returned, and that the rdatasets are bound. | 4040 | * returned, and that the rdatasets are bound. | |
3975 | */ | 4041 | */ | |
3976 | if (vevent->result == ISC_R_SUCCESS && | 4042 | if (vevent->result == ISC_R_SUCCESS && | |
3977 | !negative && | 4043 | !negative && | |
3978 | vevent->rdataset != NULL && | 4044 | vevent->rdataset != NULL && | |
3979 | CHAINING(vevent->rdataset)) | 4045 | CHAINING(vevent->rdataset)) | |
3980 | { | 4046 | { | |
3981 | if (vevent->rdataset->type == dns_rdatatype_cname) | 4047 | if (vevent->rdataset->type == dns_rdatatype_cname) | |
3982 | eresult = DNS_R_CNAME; | 4048 | eresult = DNS_R_CNAME; | |
3983 | else { | 4049 | else { | |
3984 | INSIST(vevent->rdataset->type == dns_rdatatype_dname); | 4050 | INSIST(vevent->rdataset->type == dns_rdatatype_dname); | |
@@ -4005,55 +4071,100 @@ validated(isc_task_t *task, isc_event_t | @@ -4005,55 +4071,100 @@ validated(isc_task_t *task, isc_event_t | |||
4005 | * will iterate the node. | 4071 | * will iterate the node. | |
4006 | */ | 4072 | */ | |
4007 | } else { | 4073 | } else { | |
4008 | ardataset = hevent->rdataset; | 4074 | ardataset = hevent->rdataset; | |
4009 | asigrdataset = hevent->sigrdataset; | 4075 | asigrdataset = hevent->sigrdataset; | |
4010 | } | 4076 | } | |
4011 | } | 4077 | } | |
4012 | 4078 | |||
4013 | if (vevent->result != ISC_R_SUCCESS) { | 4079 | if (vevent->result != ISC_R_SUCCESS) { | |
4014 | FCTXTRACE("validation failed"); | 4080 | FCTXTRACE("validation failed"); | |
4015 | inc_stats(fctx->res, dns_resstatscounter_valfail); | 4081 | inc_stats(fctx->res, dns_resstatscounter_valfail); | |
4016 | fctx->valfail++; | 4082 | fctx->valfail++; | |
4017 | fctx->vresult = vevent->result; | 4083 | fctx->vresult = vevent->result; | |
4018 | result = ISC_R_NOTFOUND; | 4084 | if (fctx->vresult != DNS_R_BROKENCHAIN) { | |
4019 | if (vevent->rdataset != NULL) | 4085 | result = ISC_R_NOTFOUND; | |
4020 | result = dns_db_findnode(fctx->cache, vevent->name, | 4086 | if (vevent->rdataset != NULL) | |
4021 | ISC_TRUE, &node); | 4087 | result = dns_db_findnode(fctx->cache, | |
4022 | if (result == ISC_R_SUCCESS) | 4088 | vevent->name, | |
4023 | (void)dns_db_deleterdataset(fctx->cache, node, NULL, | 4089 | ISC_TRUE, &node); | |
4024 | vevent->type, 0); | 4090 | if (result == ISC_R_SUCCESS) | |
4025 | if (result == ISC_R_SUCCESS && vevent->sigrdataset != NULL) | 4091 | (void)dns_db_deleterdataset(fctx->cache, node, | |
4026 | (void)dns_db_deleterdataset(fctx->cache, node, NULL, | 4092 | NULL, | |
4027 | dns_rdatatype_rrsig, | 4093 | vevent->type, 0); | |
4028 | vevent->type); | 4094 | if (result == ISC_R_SUCCESS && | |
4029 | if (result == ISC_R_SUCCESS) | 4095 | vevent->sigrdataset != NULL) | |
4030 | dns_db_detachnode(fctx->cache, &node); | 4096 | (void)dns_db_deleterdataset(fctx->cache, node, | |
4031 | result = vevent->result; | 4097 | NULL, | |
4098 | dns_rdatatype_rrsig, | |||
4099 | vevent->type); | |||
4100 | if (result == ISC_R_SUCCESS) | |||
4101 | dns_db_detachnode(fctx->cache, &node); | |||
4102 | } | |||
4103 | if (fctx->vresult == DNS_R_BROKENCHAIN && !negative) { | |||
4104 | /* | |||
4105 | * Cache the data as pending for later validation. | |||
4106 | */ | |||
4107 | result = ISC_R_NOTFOUND; | |||
4108 | if (vevent->rdataset != NULL) | |||
4109 | result = dns_db_findnode(fctx->cache, | |||
4110 | vevent->name, | |||
4111 | ISC_TRUE, &node); | |||
4112 | if (result == ISC_R_SUCCESS) { | |||
4113 | (void)dns_db_addrdataset(fctx->cache, node, | |||
4114 | NULL, now, | |||
4115 | vevent->rdataset, 0, | |||
4116 | NULL); | |||
4117 | } | |||
4118 | if (result == ISC_R_SUCCESS && | |||
4119 | vevent->sigrdataset != NULL) | |||
4120 | (void)dns_db_addrdataset(fctx->cache, node, | |||
4121 | NULL, now, | |||
4122 | vevent->sigrdataset, | |||
4123 | 0, NULL); | |||
4124 | if (result == ISC_R_SUCCESS) | |||
4125 | dns_db_detachnode(fctx->cache, &node); | |||
4126 | } | |||
4127 | result = fctx->vresult; | |||
4032 | add_bad(fctx, addrinfo, result, badns_validation); | 4128 | add_bad(fctx, addrinfo, result, badns_validation); | |
4033 | isc_event_free(&event); | 4129 | isc_event_free(&event); | |
4034 | UNLOCK(&fctx->res->buckets[fctx->bucketnum].lock); | 4130 | UNLOCK(&fctx->res->buckets[fctx->bucketnum].lock); | |
4035 | INSIST(fctx->validator == NULL); | 4131 | INSIST(fctx->validator == NULL); | |
4036 | fctx->validator = ISC_LIST_HEAD(fctx->validators); | 4132 | fctx->validator = ISC_LIST_HEAD(fctx->validators); | |
4037 | if (fctx->validator != NULL) { | 4133 | if (fctx->validator != NULL) | |
4038 | dns_validator_send(fctx->validator); | 4134 | dns_validator_send(fctx->validator); | |
4039 | } else if (sentresponse) | 4135 | else if (sentresponse) | |
4040 | fctx_done(fctx, result, __LINE__); /* Locks bucket. */ | 4136 | fctx_done(fctx, result, __LINE__); /* Locks bucket. */ | |
4041 | else | 4137 | else if (result == DNS_R_BROKENCHAIN) { | |
4042 | fctx_try(fctx, ISC_TRUE); /* Locks bucket. */ | 4138 | isc_result_t tresult; | |
4139 | isc_time_t expire; | |||
4140 | isc_interval_t i; | |||
4141 | ||||
4142 | isc_interval_set(&i, DNS_BADCACHE_TTL(fctx), 0); | |||
4143 | tresult = isc_time_nowplusinterval(&expire, &i); | |||
4144 | if (negative && | |||
4145 | (fctx->type == dns_rdatatype_dnskey || | |||
4146 | fctx->type == dns_rdatatype_dlv || | |||
4147 | fctx->type == dns_rdatatype_ds) && | |||
4148 | tresult == ISC_R_SUCCESS) | |||
4149 | dns_resolver_addbadcache(fctx->res, | |||
4150 | &fctx->name, | |||
4151 | fctx->type, &expire); | |||
4152 | fctx_done(fctx, result, __LINE__); /* Locks bucket. */ | |||
4153 | } else | |||
4154 | fctx_try(fctx, ISC_TRUE, ISC_TRUE); /* Locks bucket. */ | |||
4043 | return; | 4155 | return; | |
4044 | } | 4156 | } | |
4045 | 4157 | |||
4046 | isc_stdtime_get(&now); | |||
4047 | 4158 | |||
4048 | if (negative) { | 4159 | if (negative) { | |
4049 | dns_rdatatype_t covers; | 4160 | dns_rdatatype_t covers; | |
4050 | FCTXTRACE("nonexistence validation OK"); | 4161 | FCTXTRACE("nonexistence validation OK"); | |
4051 | 4162 | |||
4052 | inc_stats(fctx->res, dns_resstatscounter_valnegsuccess); | 4163 | inc_stats(fctx->res, dns_resstatscounter_valnegsuccess); | |
4053 | 4164 | |||
4054 | if (fctx->rmessage->rcode == dns_rcode_nxdomain) | 4165 | if (fctx->rmessage->rcode == dns_rcode_nxdomain) | |
4055 | covers = dns_rdatatype_any; | 4166 | covers = dns_rdatatype_any; | |
4056 | else | 4167 | else | |
4057 | covers = fctx->type; | 4168 | covers = fctx->type; | |
4058 | 4169 | |||
4059 | result = dns_db_findnode(fctx->cache, vevent->name, ISC_TRUE, | 4170 | result = dns_db_findnode(fctx->cache, vevent->name, ISC_TRUE, | |
@@ -4353,31 +4464,39 @@ cache_name(fetchctx_t *fctx, dns_name_t | @@ -4353,31 +4464,39 @@ cache_name(fetchctx_t *fctx, dns_name_t | |||
4353 | return (DNS_R_BADNAME); | 4464 | return (DNS_R_BADNAME); | |
4354 | } | 4465 | } | |
4355 | continue; | 4466 | continue; | |
4356 | } | 4467 | } | |
4357 | } | 4468 | } | |
4358 | 4469 | |||
4359 | /* | 4470 | /* | |
4360 | * Enforce the configure maximum cache TTL. | 4471 | * Enforce the configure maximum cache TTL. | |
4361 | */ | 4472 | */ | |
4362 | if (rdataset->ttl > res->view->maxcachettl) | 4473 | if (rdataset->ttl > res->view->maxcachettl) | |
4363 | rdataset->ttl = res->view->maxcachettl; | 4474 | rdataset->ttl = res->view->maxcachettl; | |
4364 | 4475 | |||
4365 | /* | 4476 | /* | |
4366 | * If this rrset is in a secure domain, do DNSSEC validation | 4477 | * If this RRset is in a secure domain, is in bailiwick, | |
4367 | * for it, unless it is glue. | 4478 | * and is not glue, attempt DNSSEC validation. (We do not | |
4479 | * attempt to validate glue or out-of-bailiwick data--even | |||
4480 | * though there might be some performance benefit to doing | |||
4481 | * so--because it makes it simpler and safer to ensure that | |||
4482 | * records from a secure domain are only cached if validated | |||
4483 | * within the context of a query to the domain that owns | |||
4484 | * them.) | |||
4368 | */ | 4485 | */ | |
4369 | if (secure_domain && rdataset->trust != dns_trust_glue) { | 4486 | if (secure_domain && rdataset->trust != dns_trust_glue && | |
4487 | !EXTERNAL(rdataset)) { | |||
4370 | dns_trust_t trust; | 4488 | dns_trust_t trust; | |
4489 | ||||
4371 | /* | 4490 | /* | |
4372 | * RRSIGs are validated as part of validating the | 4491 | * RRSIGs are validated as part of validating the | |
4373 | * type they cover. | 4492 | * type they cover. | |
4374 | */ | 4493 | */ | |
4375 | if (rdataset->type == dns_rdatatype_rrsig) | 4494 | if (rdataset->type == dns_rdatatype_rrsig) | |
4376 | continue; | 4495 | continue; | |
4377 | /* | 4496 | /* | |
4378 | * Find the SIG for this rdataset, if we have it. | 4497 | * Find the SIG for this rdataset, if we have it. | |
4379 | */ | 4498 | */ | |
4380 | for (sigrdataset = ISC_LIST_HEAD(name->list); | 4499 | for (sigrdataset = ISC_LIST_HEAD(name->list); | |
4381 | sigrdataset != NULL; | 4500 | sigrdataset != NULL; | |
4382 | sigrdataset = ISC_LIST_NEXT(sigrdataset, link)) { | 4501 | sigrdataset = ISC_LIST_NEXT(sigrdataset, link)) { | |
4383 | if (sigrdataset->type == dns_rdatatype_rrsig && | 4502 | if (sigrdataset->type == dns_rdatatype_rrsig && | |
@@ -4394,42 +4513,26 @@ cache_name(fetchctx_t *fctx, dns_name_t | @@ -4394,42 +4513,26 @@ cache_name(fetchctx_t *fctx, dns_name_t | |||
4394 | } | 4513 | } | |
4395 | } | 4514 | } | |
4396 | 4515 | |||
4397 | /* | 4516 | /* | |
4398 | * Normalize the rdataset and sigrdataset TTLs. | 4517 | * Normalize the rdataset and sigrdataset TTLs. | |
4399 | */ | 4518 | */ | |
4400 | if (sigrdataset != NULL) { | 4519 | if (sigrdataset != NULL) { | |
4401 | rdataset->ttl = ISC_MIN(rdataset->ttl, | 4520 | rdataset->ttl = ISC_MIN(rdataset->ttl, | |
4402 | sigrdataset->ttl); | 4521 | sigrdataset->ttl); | |
4403 | sigrdataset->ttl = rdataset->ttl; | 4522 | sigrdataset->ttl = rdataset->ttl; | |
4404 | } | 4523 | } | |
4405 | 4524 | |||
4406 | /* | 4525 | /* | |
4407 | * Reject out of bailiwick additional records | |||
4408 | * without RRSIGs as they can't possibly validate | |||
4409 | * as "secure" and as we will never never want to | |||
4410 | * store these as "answers" after validation. | |||
4411 | */ | |||
4412 | if (rdataset->trust == dns_trust_additional && | |||
4413 | sigrdataset == NULL && EXTERNAL(rdataset)) | |||
4414 | continue; | |||
4415 | ||||
4416 | /* | |||
4417 | * XXXMPA: If we store as "answer" after validating | |||
4418 | * then we need to do bailiwick processing and | |||
4419 | * also need to track whether RRsets are in or | |||
4420 | * out of bailiwick. This will require a another | |||
4421 | * pending trust level. | |||
4422 | * | |||
4423 | * Cache this rdataset/sigrdataset pair as | 4526 | * Cache this rdataset/sigrdataset pair as | |
4424 | * pending data. Track whether it was additional | 4527 | * pending data. Track whether it was additional | |
4425 | * or not. | 4528 | * or not. | |
4426 | */ | 4529 | */ | |
4427 | if (rdataset->trust == dns_trust_additional) | 4530 | if (rdataset->trust == dns_trust_additional) | |
4428 | trust = dns_trust_pending_additional; | 4531 | trust = dns_trust_pending_additional; | |
4429 | else | 4532 | else | |
4430 | trust = dns_trust_pending_answer; | 4533 | trust = dns_trust_pending_answer; | |
4431 | 4534 | |||
4432 | rdataset->trust = trust; | 4535 | rdataset->trust = trust; | |
4433 | if (sigrdataset != NULL) | 4536 | if (sigrdataset != NULL) | |
4434 | sigrdataset->trust = trust; | 4537 | sigrdataset->trust = trust; | |
4435 | if (!need_validation || !ANSWER(rdataset)) { | 4538 | if (!need_validation || !ANSWER(rdataset)) { | |
@@ -5778,29 +5881,27 @@ answer_response(fetchctx_t *fctx) { | @@ -5778,29 +5881,27 @@ answer_response(fetchctx_t *fctx) { | |||
5778 | if (aflag == | 5881 | if (aflag == | |
5779 | DNS_RDATASETATTR_ANSWER) | 5882 | DNS_RDATASETATTR_ANSWER) | |
5780 | have_answer = ISC_TRUE; | 5883 | have_answer = ISC_TRUE; | |
5781 | name->attributes |= | 5884 | name->attributes |= | |
5782 | DNS_NAMEATTR_ANSWER; | 5885 | DNS_NAMEATTR_ANSWER; | |
5783 | rdataset->attributes |= aflag; | 5886 | rdataset->attributes |= aflag; | |
5784 | if (aa) | 5887 | if (aa) | |
5785 | rdataset->trust = | 5888 | rdataset->trust = | |
5786 | dns_trust_authanswer; | 5889 | dns_trust_authanswer; | |
5787 | } else if (external) { | 5890 | } else if (external) { | |
5788 | /* | 5891 | /* | |
5789 | * This data is outside of | 5892 | * This data is outside of | |
5790 | * our query domain, and | 5893 | * our query domain, and | |
5791 | * may only be cached if it | 5894 | * may not be cached. | |
5792 | * comes from a secure zone | |||
5793 | * and validates. | |||
5794 | */ | 5895 | */ | |
5795 | rdataset->attributes |= | 5896 | rdataset->attributes |= | |
5796 | DNS_RDATASETATTR_EXTERNAL; | 5897 | DNS_RDATASETATTR_EXTERNAL; | |
5797 | } | 5898 | } | |
5798 | 5899 | |||
5799 | /* | 5900 | /* | |
5800 | * Mark any additional data related | 5901 | * Mark any additional data related | |
5801 | * to this rdataset. | 5902 | * to this rdataset. | |
5802 | */ | 5903 | */ | |
5803 | (void)dns_rdataset_additionaldata( | 5904 | (void)dns_rdataset_additionaldata( | |
5804 | rdataset, | 5905 | rdataset, | |
5805 | check_related, | 5906 | check_related, | |
5806 | fctx); | 5907 | fctx); | |
@@ -6052,33 +6153,60 @@ answer_response(fetchctx_t *fctx) { | @@ -6052,33 +6153,60 @@ answer_response(fetchctx_t *fctx) { | |||
6052 | fctx); | 6153 | fctx); | |
6053 | done = ISC_TRUE; | 6154 | done = ISC_TRUE; | |
6054 | } | 6155 | } | |
6055 | } | 6156 | } | |
6056 | } | 6157 | } | |
6057 | result = dns_message_nextname(message, DNS_SECTION_AUTHORITY); | 6158 | result = dns_message_nextname(message, DNS_SECTION_AUTHORITY); | |
6058 | } | 6159 | } | |
6059 | if (result == ISC_R_NOMORE) | 6160 | if (result == ISC_R_NOMORE) | |
6060 | result = ISC_R_SUCCESS; | 6161 | result = ISC_R_SUCCESS; | |
6061 | 6162 | |||
6062 | return (result); | 6163 | return (result); | |
6063 | } | 6164 | } | |
6064 | 6165 | |||
6166 | static isc_boolean_t | |||
6167 | fctx_decreference(fetchctx_t *fctx) { | |||
6168 | isc_boolean_t bucket_empty = ISC_FALSE; | |||
6169 | ||||
6170 | INSIST(fctx->references > 0); | |||
6171 | fctx->references--; | |||
6172 | if (fctx->references == 0) { | |||
6173 | /* | |||
6174 | * No one cares about the result of this fetch anymore. | |||
6175 | */ | |||
6176 | if (fctx->pending == 0 && fctx->nqueries == 0 && | |||
6177 | ISC_LIST_EMPTY(fctx->validators) && SHUTTINGDOWN(fctx)) { | |||
6178 | /* | |||
6179 | * This fctx is already shutdown; we were just | |||
6180 | * waiting for the last reference to go away. | |||
6181 | */ | |||
6182 | bucket_empty = fctx_destroy(fctx); | |||
6183 | } else { | |||
6184 | /* | |||
6185 | * Initiate shutdown. | |||
6186 | */ | |||
6187 | fctx_shutdown(fctx); | |||
6188 | } | |||
6189 | } | |||
6190 | return (bucket_empty); | |||
6191 | } | |||
6192 | ||||
6065 | static void | 6193 | static void | |
6066 | resume_dslookup(isc_task_t *task, isc_event_t *event) { | 6194 | resume_dslookup(isc_task_t *task, isc_event_t *event) { | |
6067 | dns_fetchevent_t *fevent; | 6195 | dns_fetchevent_t *fevent; | |
6068 | dns_resolver_t *res; | 6196 | dns_resolver_t *res; | |
6069 | fetchctx_t *fctx; | 6197 | fetchctx_t *fctx; | |
6070 | isc_result_t result; | 6198 | isc_result_t result; | |
6071 | isc_boolean_t bucket_empty = ISC_FALSE; | 6199 | isc_boolean_t bucket_empty; | |
6072 | isc_boolean_t locked = ISC_FALSE; | 6200 | isc_boolean_t locked = ISC_FALSE; | |
6073 | unsigned int bucketnum; | 6201 | unsigned int bucketnum; | |
6074 | dns_rdataset_t nameservers; | 6202 | dns_rdataset_t nameservers; | |
6075 | dns_fixedname_t fixed; | 6203 | dns_fixedname_t fixed; | |
6076 | dns_name_t *domain; | 6204 | dns_name_t *domain; | |
6077 | 6205 | |||
6078 | REQUIRE(event->ev_type == DNS_EVENT_FETCHDONE); | 6206 | REQUIRE(event->ev_type == DNS_EVENT_FETCHDONE); | |
6079 | fevent = (dns_fetchevent_t *)event; | 6207 | fevent = (dns_fetchevent_t *)event; | |
6080 | fctx = event->ev_arg; | 6208 | fctx = event->ev_arg; | |
6081 | REQUIRE(VALID_FCTX(fctx)); | 6209 | REQUIRE(VALID_FCTX(fctx)); | |
6082 | res = fctx->res; | 6210 | res = fctx->res; | |
6083 | 6211 | |||
6084 | UNUSED(task); | 6212 | UNUSED(task); | |
@@ -6106,27 +6234,27 @@ resume_dslookup(isc_task_t *task, isc_ev | @@ -6106,27 +6234,27 @@ resume_dslookup(isc_task_t *task, isc_ev | |||
6106 | dns_name_free(&fctx->domain, | 6234 | dns_name_free(&fctx->domain, | |
6107 | fctx->res->buckets[bucketnum].mctx); | 6235 | fctx->res->buckets[bucketnum].mctx); | |
6108 | dns_name_init(&fctx->domain, NULL); | 6236 | dns_name_init(&fctx->domain, NULL); | |
6109 | result = dns_name_dup(&fctx->nsname, | 6237 | result = dns_name_dup(&fctx->nsname, | |
6110 | fctx->res->buckets[bucketnum].mctx, | 6238 | fctx->res->buckets[bucketnum].mctx, | |
6111 | &fctx->domain); | 6239 | &fctx->domain); | |
6112 | if (result != ISC_R_SUCCESS) { | 6240 | if (result != ISC_R_SUCCESS) { | |
6113 | fctx_done(fctx, DNS_R_SERVFAIL, __LINE__); | 6241 | fctx_done(fctx, DNS_R_SERVFAIL, __LINE__); | |
6114 | goto cleanup; | 6242 | goto cleanup; | |
6115 | } | 6243 | } | |
6116 | /* | 6244 | /* | |
6117 | * Try again. | 6245 | * Try again. | |
6118 | */ | 6246 | */ | |
6119 | fctx_try(fctx, ISC_TRUE); | 6247 | fctx_try(fctx, ISC_TRUE, ISC_FALSE); | |
6120 | } else { | 6248 | } else { | |
6121 | unsigned int n; | 6249 | unsigned int n; | |
6122 | dns_rdataset_t *nsrdataset = NULL; | 6250 | dns_rdataset_t *nsrdataset = NULL; | |
6123 | 6251 | |||
6124 | /* | 6252 | /* | |
6125 | * Retrieve state from fctx->nsfetch before we destroy it. | 6253 | * Retrieve state from fctx->nsfetch before we destroy it. | |
6126 | */ | 6254 | */ | |
6127 | dns_fixedname_init(&fixed); | 6255 | dns_fixedname_init(&fixed); | |
6128 | domain = dns_fixedname_name(&fixed); | 6256 | domain = dns_fixedname_name(&fixed); | |
6129 | dns_name_copy(&fctx->nsfetch->private->domain, domain, NULL); | 6257 | dns_name_copy(&fctx->nsfetch->private->domain, domain, NULL); | |
6130 | if (dns_name_equal(&fctx->nsname, domain)) { | 6258 | if (dns_name_equal(&fctx->nsname, domain)) { | |
6131 | fctx_done(fctx, DNS_R_SERVFAIL, __LINE__); | 6259 | fctx_done(fctx, DNS_R_SERVFAIL, __LINE__); | |
6132 | dns_resolver_destroyfetch(&fctx->nsfetch); | 6260 | dns_resolver_destroyfetch(&fctx->nsfetch); | |
@@ -6162,29 +6290,27 @@ resume_dslookup(isc_task_t *task, isc_ev | @@ -6162,29 +6290,27 @@ resume_dslookup(isc_task_t *task, isc_ev | |||
6162 | fctx->references++; | 6290 | fctx->references++; | |
6163 | } | 6291 | } | |
6164 | } | 6292 | } | |
6165 | 6293 | |||
6166 | cleanup: | 6294 | cleanup: | |
6167 | if (dns_rdataset_isassociated(&nameservers)) | 6295 | if (dns_rdataset_isassociated(&nameservers)) | |
6168 | dns_rdataset_disassociate(&nameservers); | 6296 | dns_rdataset_disassociate(&nameservers); | |
6169 | if (dns_rdataset_isassociated(fevent->rdataset)) | 6297 | if (dns_rdataset_isassociated(fevent->rdataset)) | |
6170 | dns_rdataset_disassociate(fevent->rdataset); | 6298 | dns_rdataset_disassociate(fevent->rdataset); | |
6171 | INSIST(fevent->sigrdataset == NULL); | 6299 | INSIST(fevent->sigrdataset == NULL); | |
6172 | isc_event_free(&event); | 6300 | isc_event_free(&event); | |
6173 | if (!locked) | 6301 | if (!locked) | |
6174 | LOCK(&res->buckets[bucketnum].lock); | 6302 | LOCK(&res->buckets[bucketnum].lock); | |
6175 | fctx->references--; | 6303 | bucket_empty = fctx_decreference(fctx); | |
6176 | if (fctx->references == 0) | |||
6177 | bucket_empty = fctx_destroy(fctx); | |||
6178 | UNLOCK(&res->buckets[bucketnum].lock); | 6304 | UNLOCK(&res->buckets[bucketnum].lock); | |
6179 | if (bucket_empty) | 6305 | if (bucket_empty) | |
6180 | empty_bucket(res); | 6306 | empty_bucket(res); | |
6181 | } | 6307 | } | |
6182 | 6308 | |||
6183 | static inline void | 6309 | static inline void | |
6184 | checknamessection(dns_message_t *message, dns_section_t section) { | 6310 | checknamessection(dns_message_t *message, dns_section_t section) { | |
6185 | isc_result_t result; | 6311 | isc_result_t result; | |
6186 | dns_name_t *name; | 6312 | dns_name_t *name; | |
6187 | dns_rdata_t rdata = DNS_RDATA_INIT; | 6313 | dns_rdata_t rdata = DNS_RDATA_INIT; | |
6188 | dns_rdataset_t *rdataset; | 6314 | dns_rdataset_t *rdataset; | |
6189 | 6315 | |||
6190 | for (result = dns_message_firstname(message, section); | 6316 | for (result = dns_message_firstname(message, section); | |
@@ -6337,48 +6463,50 @@ resquery_response(isc_task_t *task, isc_ | @@ -6337,48 +6463,50 @@ resquery_response(isc_task_t *task, isc_ | |||
6337 | isc_boolean_t truncated; | 6463 | isc_boolean_t truncated; | |
6338 | dns_message_t *message; | 6464 | dns_message_t *message; | |
6339 | dns_rdataset_t *opt; | 6465 | dns_rdataset_t *opt; | |
6340 | fetchctx_t *fctx; | 6466 | fetchctx_t *fctx; | |
6341 | dns_name_t *fname; | 6467 | dns_name_t *fname; | |
6342 | dns_fixedname_t foundname; | 6468 | dns_fixedname_t foundname; | |
6343 | isc_stdtime_t now; | 6469 | isc_stdtime_t now; | |
6344 | isc_time_t tnow, *finish; | 6470 | isc_time_t tnow, *finish; | |
6345 | dns_adbaddrinfo_t *addrinfo; | 6471 | dns_adbaddrinfo_t *addrinfo; | |
6346 | unsigned int options; | 6472 | unsigned int options; | |
6347 | unsigned int findoptions; | 6473 | unsigned int findoptions; | |
6348 | isc_result_t broken_server; | 6474 | isc_result_t broken_server; | |
6349 | badnstype_t broken_type = badns_response; | 6475 | badnstype_t broken_type = badns_response; | |
6476 | isc_boolean_t no_response; | |||
6350 | 6477 | |||
6351 | REQUIRE(VALID_QUERY(query)); | 6478 | REQUIRE(VALID_QUERY(query)); | |
6352 | fctx = query->fctx; | 6479 | fctx = query->fctx; | |
6353 | options = query->options; | 6480 | options = query->options; | |
6354 | REQUIRE(VALID_FCTX(fctx)); | 6481 | REQUIRE(VALID_FCTX(fctx)); | |
6355 | REQUIRE(event->ev_type == DNS_EVENT_DISPATCH); | 6482 | REQUIRE(event->ev_type == DNS_EVENT_DISPATCH); | |
6356 | 6483 | |||
6357 | QTRACE("response"); | 6484 | QTRACE("response"); | |
6358 | 6485 | |||
6359 | if (isc_sockaddr_pf(&query->addrinfo->sockaddr) == PF_INET) | 6486 | if (isc_sockaddr_pf(&query->addrinfo->sockaddr) == PF_INET) | |
6360 | inc_stats(fctx->res, dns_resstatscounter_responsev4); | 6487 | inc_stats(fctx->res, dns_resstatscounter_responsev4); | |
6361 | else | 6488 | else | |
6362 | inc_stats(fctx->res, dns_resstatscounter_responsev6); | 6489 | inc_stats(fctx->res, dns_resstatscounter_responsev6); | |
6363 | 6490 | |||
6364 | (void)isc_timer_touch(fctx->timer); | 6491 | (void)isc_timer_touch(fctx->timer); | |
6365 | 6492 | |||
6366 | keep_trying = ISC_FALSE; | 6493 | keep_trying = ISC_FALSE; | |
6367 | broken_server = ISC_R_SUCCESS; | 6494 | broken_server = ISC_R_SUCCESS; | |
6368 | get_nameservers = ISC_FALSE; | 6495 | get_nameservers = ISC_FALSE; | |
6369 | resend = ISC_FALSE; | 6496 | resend = ISC_FALSE; | |
6370 | truncated = ISC_FALSE; | 6497 | truncated = ISC_FALSE; | |
6371 | finish = NULL; | 6498 | finish = NULL; | |
6499 | no_response = ISC_FALSE; | |||
6372 | 6500 | |||
6373 | if (fctx->res->exiting) { | 6501 | if (fctx->res->exiting) { | |
6374 | result = ISC_R_SHUTTINGDOWN; | 6502 | result = ISC_R_SHUTTINGDOWN; | |
6375 | goto done; | 6503 | goto done; | |
6376 | } | 6504 | } | |
6377 | 6505 | |||
6378 | fctx->timeouts = 0; | 6506 | fctx->timeouts = 0; | |
6379 | fctx->timeout = ISC_FALSE; | 6507 | fctx->timeout = ISC_FALSE; | |
6380 | fctx->addrinfo = query->addrinfo; | 6508 | fctx->addrinfo = query->addrinfo; | |
6381 | 6509 | |||
6382 | /* | 6510 | /* | |
6383 | * XXXRTH We should really get the current time just once. We | 6511 | * XXXRTH We should really get the current time just once. We | |
6384 | * need a routine to convert from an isc_time_t to an | 6512 | * need a routine to convert from an isc_time_t to an | |
@@ -6407,35 +6535,39 @@ resquery_response(isc_task_t *task, isc_ | @@ -6407,35 +6535,39 @@ resquery_response(isc_task_t *task, isc_ | |||
6407 | dns_adb_changeflags(fctx->adb, | 6535 | dns_adb_changeflags(fctx->adb, | |
6408 | query->addrinfo, | 6536 | query->addrinfo, | |
6409 | DNS_FETCHOPT_NOEDNS0, | 6537 | DNS_FETCHOPT_NOEDNS0, | |
6410 | DNS_FETCHOPT_NOEDNS0); | 6538 | DNS_FETCHOPT_NOEDNS0); | |
6411 | } else { | 6539 | } else { | |
6412 | /* | 6540 | /* | |
6413 | * There's no hope for this query. | 6541 | * There's no hope for this query. | |
6414 | */ | 6542 | */ | |
6415 | keep_trying = ISC_TRUE; | 6543 | keep_trying = ISC_TRUE; | |
6416 | 6544 | |||
6417 | /* | 6545 | /* | |
6418 | * If this is a network error on an exclusive query | 6546 | * If this is a network error on an exclusive query | |
6419 | * socket, mark the server as bad so that we won't try | 6547 | * socket, mark the server as bad so that we won't try | |
6420 | * it for this fetch again. | 6548 | * it for this fetch again. Also adjust finish and | |
6549 | * no_response so that we penalize this address in SRTT | |||
6550 | * adjustment later. | |||
6421 | */ | 6551 | */ | |
6422 | if (query->exclusivesocket && | 6552 | if (query->exclusivesocket && | |
6423 | (devent->result == ISC_R_HOSTUNREACH || | 6553 | (devent->result == ISC_R_HOSTUNREACH || | |
6424 | devent->result == ISC_R_NETUNREACH || | 6554 | devent->result == ISC_R_NETUNREACH || | |
6425 | devent->result == ISC_R_CONNREFUSED || | 6555 | devent->result == ISC_R_CONNREFUSED || | |
6426 | devent->result == ISC_R_CANCELED)) { | 6556 | devent->result == ISC_R_CANCELED)) { | |
6427 | broken_server = devent->result; | 6557 | broken_server = devent->result; | |
6428 | broken_type = badns_unreachable; | 6558 | broken_type = badns_unreachable; | |
6559 | finish = NULL; | |||
6560 | no_response = ISC_TRUE; | |||
6429 | } | 6561 | } | |
6430 | } | 6562 | } | |
6431 | goto done; | 6563 | goto done; | |
6432 | } | 6564 | } | |
6433 | 6565 | |||
6434 | message = fctx->rmessage; | 6566 | message = fctx->rmessage; | |
6435 | 6567 | |||
6436 | if (query->tsig != NULL) { | 6568 | if (query->tsig != NULL) { | |
6437 | result = dns_message_setquerytsig(message, query->tsig); | 6569 | result = dns_message_setquerytsig(message, query->tsig); | |
6438 | if (result != ISC_R_SUCCESS) | 6570 | if (result != ISC_R_SUCCESS) | |
6439 | goto done; | 6571 | goto done; | |
6440 | } | 6572 | } | |
6441 | 6573 | |||
@@ -6547,26 +6679,45 @@ resquery_response(isc_task_t *task, isc_ | @@ -6547,26 +6679,45 @@ resquery_response(isc_task_t *task, isc_ | |||
6547 | 6679 | |||
6548 | /* | 6680 | /* | |
6549 | * The dispatcher should ensure we only get responses with QR set. | 6681 | * The dispatcher should ensure we only get responses with QR set. | |
6550 | */ | 6682 | */ | |
6551 | INSIST((message->flags & DNS_MESSAGEFLAG_QR) != 0); | 6683 | INSIST((message->flags & DNS_MESSAGEFLAG_QR) != 0); | |
6552 | /* | 6684 | /* | |
6553 | * INSIST() that the message comes from the place we sent it to, | 6685 | * INSIST() that the message comes from the place we sent it to, | |
6554 | * since the dispatch code should ensure this. | 6686 | * since the dispatch code should ensure this. | |
6555 | * | 6687 | * | |
6556 | * INSIST() that the message id is correct (this should also be | 6688 | * INSIST() that the message id is correct (this should also be | |
6557 | * ensured by the dispatch code). | 6689 | * ensured by the dispatch code). | |
6558 | */ | 6690 | */ | |
6559 | 6691 | |||
6692 | /* | |||
6693 | * We have an affirmative response to the query and we have | |||
6694 | * previously got a response from this server which indicated | |||
6695 | * EDNS may not be supported so we can now cache the lack of | |||
6696 | * EDNS support. | |||
6697 | */ | |||
6698 | if (opt == NULL && | |||
6699 | (message->rcode == dns_rcode_noerror || | |||
6700 | message->rcode == dns_rcode_nxdomain || | |||
6701 | message->rcode == dns_rcode_refused || | |||
6702 | message->rcode == dns_rcode_yxdomain) && | |||
6703 | bad_edns(fctx, &query->addrinfo->sockaddr)) { | |||
6704 | char addrbuf[ISC_SOCKADDR_FORMATSIZE]; | |||
6705 | isc_sockaddr_format(&query->addrinfo->sockaddr, addrbuf, | |||
6706 | sizeof(addrbuf)); | |||
6707 | dns_adb_changeflags(fctx->adb, query->addrinfo, | |||
6708 | DNS_FETCHOPT_NOEDNS0, | |||
6709 | DNS_FETCHOPT_NOEDNS0); | |||
6710 | } | |||
6560 | 6711 | |||
6561 | /* | 6712 | /* | |
6562 | * Deal with truncated responses by retrying using TCP. | 6713 | * Deal with truncated responses by retrying using TCP. | |
6563 | */ | 6714 | */ | |
6564 | if ((message->flags & DNS_MESSAGEFLAG_TC) != 0) | 6715 | if ((message->flags & DNS_MESSAGEFLAG_TC) != 0) | |
6565 | truncated = ISC_TRUE; | 6716 | truncated = ISC_TRUE; | |
6566 | 6717 | |||
6567 | if (truncated) { | 6718 | if (truncated) { | |
6568 | inc_stats(fctx->res, dns_resstatscounter_truncated); | 6719 | inc_stats(fctx->res, dns_resstatscounter_truncated); | |
6569 | if ((options & DNS_FETCHOPT_TCP) != 0) { | 6720 | if ((options & DNS_FETCHOPT_TCP) != 0) { | |
6570 | broken_server = DNS_R_TRUNCATEDTCP; | 6721 | broken_server = DNS_R_TRUNCATEDTCP; | |
6571 | keep_trying = ISC_TRUE; | 6722 | keep_trying = ISC_TRUE; | |
6572 | } else { | 6723 | } else { | |
@@ -6602,50 +6753,47 @@ resquery_response(isc_task_t *task, isc_ | @@ -6602,50 +6753,47 @@ resquery_response(isc_task_t *task, isc_ | |||
6602 | break; | 6753 | break; | |
6603 | default: | 6754 | default: | |
6604 | inc_stats(fctx->res, dns_resstatscounter_othererror); | 6755 | inc_stats(fctx->res, dns_resstatscounter_othererror); | |
6605 | break; | 6756 | break; | |
6606 | } | 6757 | } | |
6607 | } | 6758 | } | |
6608 | 6759 | |||
6609 | /* | 6760 | /* | |
6610 | * Is the remote server broken, or does it dislike us? | 6761 | * Is the remote server broken, or does it dislike us? | |
6611 | */ | 6762 | */ | |
6612 | if (message->rcode != dns_rcode_noerror && | 6763 | if (message->rcode != dns_rcode_noerror && | |
6613 | message->rcode != dns_rcode_nxdomain) { | 6764 | message->rcode != dns_rcode_nxdomain) { | |
6614 | if (((message->rcode == dns_rcode_formerr || | 6765 | if (((message->rcode == dns_rcode_formerr || | |
6615 | message->rcode == dns_rcode_notimp) || | 6766 | message->rcode == dns_rcode_notimp) || | |
6616 | (message->rcode == dns_rcode_servfail && | 6767 | (message->rcode == dns_rcode_servfail && | |
6617 | dns_message_getopt(message) == NULL)) && | 6768 | dns_message_getopt(message) == NULL)) && | |
6618 | (query->options & DNS_FETCHOPT_NOEDNS0) == 0) { | 6769 | (query->options & DNS_FETCHOPT_NOEDNS0) == 0) { | |
6619 | /* | 6770 | /* | |
6620 | * It's very likely they don't like EDNS0. | 6771 | * It's very likely they don't like EDNS0. | |
6621 | * If the response code is SERVFAIL, also check if the | 6772 | * If the response code is SERVFAIL, also check if the | |
6622 | * response contains an OPT RR and don't cache the | 6773 | * response contains an OPT RR and don't cache the | |
6623 | * failure since it can be returned for various other | 6774 | * failure since it can be returned for various other | |
6624 | * reasons. | 6775 | * reasons. | |
6625 | * | 6776 | * | |
6626 | * XXXRTH We should check if the question | 6777 | * XXXRTH We should check if the question | |
6627 | * we're asking requires EDNS0, and | 6778 | * we're asking requires EDNS0, and | |
6628 | * if so, we should bail out. | 6779 | * if so, we should bail out. | |
6629 | */ | 6780 | */ | |
6630 | options |= DNS_FETCHOPT_NOEDNS0; | 6781 | options |= DNS_FETCHOPT_NOEDNS0; | |
6631 | resend = ISC_TRUE; | 6782 | resend = ISC_TRUE; | |
6632 | /* | 6783 | /* | |
6633 | * Remember that they don't like EDNS0. | 6784 | * Remember that they may not like EDNS0. | |
6634 | */ | 6785 | */ | |
6635 | if (message->rcode != dns_rcode_servfail) | 6786 | add_bad_edns(fctx, &query->addrinfo->sockaddr); | |
6636 | dns_adb_changeflags(fctx->adb, query->addrinfo, | |||
6637 | DNS_FETCHOPT_NOEDNS0, | |||
6638 | DNS_FETCHOPT_NOEDNS0); | |||
6639 | inc_stats(fctx->res, dns_resstatscounter_edns0fail); | 6787 | inc_stats(fctx->res, dns_resstatscounter_edns0fail); | |
6640 | } else if (message->rcode == dns_rcode_formerr) { | 6788 | } else if (message->rcode == dns_rcode_formerr) { | |
6641 | if (ISFORWARDER(query->addrinfo)) { | 6789 | if (ISFORWARDER(query->addrinfo)) { | |
6642 | /* | 6790 | /* | |
6643 | * This forwarder doesn't understand us, | 6791 | * This forwarder doesn't understand us, | |
6644 | * but other forwarders might. Keep trying. | 6792 | * but other forwarders might. Keep trying. | |
6645 | */ | 6793 | */ | |
6646 | broken_server = DNS_R_REMOTEFORMERR; | 6794 | broken_server = DNS_R_REMOTEFORMERR; | |
6647 | keep_trying = ISC_TRUE; | 6795 | keep_trying = ISC_TRUE; | |
6648 | } else { | 6796 | } else { | |
6649 | /* | 6797 | /* | |
6650 | * The server doesn't understand us. Since | 6798 | * The server doesn't understand us. Since | |
6651 | * all servers for a zone need similar | 6799 | * all servers for a zone need similar | |
@@ -6918,27 +7066,27 @@ resquery_response(isc_task_t *task, isc_ | @@ -6918,27 +7066,27 @@ resquery_response(isc_task_t *task, isc_ | |||
6918 | 7066 | |||
6919 | done: | 7067 | done: | |
6920 | /* | 7068 | /* | |
6921 | * Remember the query's addrinfo, in case we need to mark the | 7069 | * Remember the query's addrinfo, in case we need to mark the | |
6922 | * server as broken. | 7070 | * server as broken. | |
6923 | */ | 7071 | */ | |
6924 | addrinfo = query->addrinfo; | 7072 | addrinfo = query->addrinfo; | |
6925 | 7073 | |||
6926 | /* | 7074 | /* | |
6927 | * Cancel the query. | 7075 | * Cancel the query. | |
6928 | * | 7076 | * | |
6929 | * XXXRTH Don't cancel the query if waiting for validation? | 7077 | * XXXRTH Don't cancel the query if waiting for validation? | |
6930 | */ | 7078 | */ | |
6931 | fctx_cancelquery(&query, &devent, finish, ISC_FALSE); | 7079 | fctx_cancelquery(&query, &devent, finish, no_response); | |
6932 | 7080 | |||
6933 | if (keep_trying) { | 7081 | if (keep_trying) { | |
6934 | if (result == DNS_R_FORMERR) | 7082 | if (result == DNS_R_FORMERR) | |
6935 | broken_server = DNS_R_FORMERR; | 7083 | broken_server = DNS_R_FORMERR; | |
6936 | if (broken_server != ISC_R_SUCCESS) { | 7084 | if (broken_server != ISC_R_SUCCESS) { | |
6937 | /* | 7085 | /* | |
6938 | * Add this server to the list of bad servers for | 7086 | * Add this server to the list of bad servers for | |
6939 | * this fctx. | 7087 | * this fctx. | |
6940 | */ | 7088 | */ | |
6941 | add_bad(fctx, addrinfo, broken_server, broken_type); | 7089 | add_bad(fctx, addrinfo, broken_server, broken_type); | |
6942 | } | 7090 | } | |
6943 | 7091 | |||
6944 | if (get_nameservers) { | 7092 | if (get_nameservers) { | |
@@ -6985,27 +7133,27 @@ resquery_response(isc_task_t *task, isc_ | @@ -6985,27 +7133,27 @@ resquery_response(isc_task_t *task, isc_ | |||
6985 | if (result != ISC_R_SUCCESS) { | 7133 | if (result != ISC_R_SUCCESS) { | |
6986 | fctx_done(fctx, DNS_R_SERVFAIL, __LINE__); | 7134 | fctx_done(fctx, DNS_R_SERVFAIL, __LINE__); | |
6987 | return; | 7135 | return; | |
6988 | } | 7136 | } | |
6989 | fctx_cancelqueries(fctx, ISC_TRUE); | 7137 | fctx_cancelqueries(fctx, ISC_TRUE); | |
6990 | fctx_cleanupfinds(fctx); | 7138 | fctx_cleanupfinds(fctx); | |
6991 | fctx_cleanupaltfinds(fctx); | 7139 | fctx_cleanupaltfinds(fctx); | |
6992 | fctx_cleanupforwaddrs(fctx); | 7140 | fctx_cleanupforwaddrs(fctx); | |
6993 | fctx_cleanupaltaddrs(fctx); | 7141 | fctx_cleanupaltaddrs(fctx); | |
6994 | } | 7142 | } | |
6995 | /* | 7143 | /* | |
6996 | * Try again. | 7144 | * Try again. | |
6997 | */ | 7145 | */ | |
6998 | fctx_try(fctx, !get_nameservers); | 7146 | fctx_try(fctx, !get_nameservers, ISC_FALSE); | |
6999 | } else if (resend) { | 7147 | } else if (resend) { | |
7000 | /* | 7148 | /* | |
7001 | * Resend (probably with changed options). | 7149 | * Resend (probably with changed options). | |
7002 | */ | 7150 | */ | |
7003 | FCTXTRACE("resend"); | 7151 | FCTXTRACE("resend"); | |
7004 | inc_stats(fctx->res, dns_resstatscounter_retry); | 7152 | inc_stats(fctx->res, dns_resstatscounter_retry); | |
7005 | result = fctx_query(fctx, addrinfo, options); | 7153 | result = fctx_query(fctx, addrinfo, options); | |
7006 | if (result != ISC_R_SUCCESS) | 7154 | if (result != ISC_R_SUCCESS) | |
7007 | fctx_done(fctx, result, __LINE__); | 7155 | fctx_done(fctx, result, __LINE__); | |
7008 | } else if (result == ISC_R_SUCCESS && !HAVE_ANSWER(fctx)) { | 7156 | } else if (result == ISC_R_SUCCESS && !HAVE_ANSWER(fctx)) { | |
7009 | /* | 7157 | /* | |
7010 | * All has gone well so far, but we are waiting for the | 7158 | * All has gone well so far, but we are waiting for the | |
7011 | * DNSSEC validator to validate the answer. | 7159 | * DNSSEC validator to validate the answer. | |
@@ -7029,44 +7177,67 @@ resquery_response(isc_task_t *task, isc_ | @@ -7029,44 +7177,67 @@ resquery_response(isc_task_t *task, isc_ | |||
7029 | n = dns_name_countlabels(&fctx->name); | 7177 | n = dns_name_countlabels(&fctx->name); | |
7030 | dns_name_getlabelsequence(&fctx->name, 1, n - 1, &fctx->nsname); | 7178 | dns_name_getlabelsequence(&fctx->name, 1, n - 1, &fctx->nsname); | |
7031 | 7179 | |||
7032 | FCTXTRACE("suspending DS lookup to find parent's NS records"); | 7180 | FCTXTRACE("suspending DS lookup to find parent's NS records"); | |
7033 | 7181 | |||
7034 | result = dns_resolver_createfetch(fctx->res, &fctx->nsname, | 7182 | result = dns_resolver_createfetch(fctx->res, &fctx->nsname, | |
7035 | dns_rdatatype_ns, | 7183 | dns_rdatatype_ns, | |
7036 | NULL, NULL, NULL, 0, task, | 7184 | NULL, NULL, NULL, 0, task, | |
7037 | resume_dslookup, fctx, | 7185 | resume_dslookup, fctx, | |
7038 | &fctx->nsrrset, NULL, | 7186 | &fctx->nsrrset, NULL, | |
7039 | &fctx->nsfetch); | 7187 | &fctx->nsfetch); | |
7040 | if (result != ISC_R_SUCCESS) | 7188 | if (result != ISC_R_SUCCESS) | |
7041 | fctx_done(fctx, result, __LINE__); | 7189 | fctx_done(fctx, result, __LINE__); | |
7042 | LOCK(&fctx->res->buckets[fctx->bucketnum].lock); | 7190 | else { | |
7043 | fctx->references++; | 7191 | LOCK(&fctx->res->buckets[fctx->bucketnum].lock); | |
7044 | UNLOCK(&fctx->res->buckets[fctx->bucketnum].lock); | 7192 | fctx->references++; | |
7045 | result = fctx_stopidletimer(fctx); | 7193 | UNLOCK(&fctx->res->buckets[fctx->bucketnum].lock); | |
7046 | if (result != ISC_R_SUCCESS) | 7194 | result = fctx_stopidletimer(fctx); | |
7047 | fctx_done(fctx, result, __LINE__); | 7195 | if (result != ISC_R_SUCCESS) | |
7196 | fctx_done(fctx, result, __LINE__); | |||
7197 | } | |||
7048 | } else { | 7198 | } else { | |
7049 | /* | 7199 | /* | |
7050 | * We're done. | 7200 | * We're done. | |
7051 | */ | 7201 | */ | |
7052 | fctx_done(fctx, result, __LINE__); | 7202 | fctx_done(fctx, result, __LINE__); | |
7053 | } | 7203 | } | |
7054 | } | 7204 | } | |
7055 | 7205 | |||
7056 | 7206 | |||
7057 | /*** | 7207 | /*** | |
7058 | *** Resolver Methods | 7208 | *** Resolver Methods | |
7059 | ***/ | 7209 | ***/ | |
7210 | static void | |||
7211 | destroy_badcache(dns_resolver_t *res) { | |||
7212 | dns_badcache_t *bad, *next; | |||
7213 | unsigned int i; | |||
7214 | ||||
7215 | if (res->badcache != NULL) { | |||
7216 | for (i = 0; i < res->badhash; i++) | |||
7217 | for (bad = res->badcache[i]; bad != NULL; | |||
7218 | bad = next) { | |||
7219 | next = bad->next; | |||
7220 | isc_mem_put(res->mctx, bad, sizeof(*bad) + | |||
7221 | bad->name.length); | |||
7222 | res->badcount--; | |||
7223 | } | |||
7224 | isc_mem_put(res->mctx, res->badcache, | |||
7225 | sizeof(*res->badcache) * res->badhash); | |||
7226 | res->badcache = NULL; | |||
7227 | res->badhash = 0; | |||
7228 | INSIST(res->badcount == 0); | |||
7229 | } | |||
7230 | } | |||
7060 | 7231 | |||
7061 | static void | 7232 | static void | |
7062 | destroy(dns_resolver_t *res) { | 7233 | destroy(dns_resolver_t *res) { | |
7063 | unsigned int i; | 7234 | unsigned int i; | |
7064 | alternate_t *a; | 7235 | alternate_t *a; | |
7065 | 7236 | |||
7066 | REQUIRE(res->references == 0); | 7237 | REQUIRE(res->references == 0); | |
7067 | REQUIRE(!res->priming); | 7238 | REQUIRE(!res->priming); | |
7068 | REQUIRE(res->primefetch == NULL); | 7239 | REQUIRE(res->primefetch == NULL); | |
7069 | 7240 | |||
7070 | RTRACE("destroy"); | 7241 | RTRACE("destroy"); | |
7071 | 7242 | |||
7072 | INSIST(res->nfctx == 0); | 7243 | INSIST(res->nfctx == 0); | |
@@ -7084,26 +7255,27 @@ destroy(dns_resolver_t *res) { | @@ -7084,26 +7255,27 @@ destroy(dns_resolver_t *res) { | |||
7084 | isc_mem_put(res->mctx, res->buckets, | 7255 | isc_mem_put(res->mctx, res->buckets, | |
7085 | res->nbuckets * sizeof(fctxbucket_t)); | 7256 | res->nbuckets * sizeof(fctxbucket_t)); | |
7086 | if (res->dispatchv4 != NULL) | 7257 | if (res->dispatchv4 != NULL) | |
7087 | dns_dispatch_detach(&res->dispatchv4); | 7258 | dns_dispatch_detach(&res->dispatchv4); | |
7088 | if (res->dispatchv6 != NULL) | 7259 | if (res->dispatchv6 != NULL) | |
7089 | dns_dispatch_detach(&res->dispatchv6); | 7260 | dns_dispatch_detach(&res->dispatchv6); | |
7090 | while ((a = ISC_LIST_HEAD(res->alternates)) != NULL) { | 7261 | while ((a = ISC_LIST_HEAD(res->alternates)) != NULL) { | |
7091 | ISC_LIST_UNLINK(res->alternates, a, link); | 7262 | ISC_LIST_UNLINK(res->alternates, a, link); | |
7092 | if (!a->isaddress) | 7263 | if (!a->isaddress) | |
7093 | dns_name_free(&a->_u._n.name, res->mctx); | 7264 | dns_name_free(&a->_u._n.name, res->mctx); | |
7094 | isc_mem_put(res->mctx, a, sizeof(*a)); | 7265 | isc_mem_put(res->mctx, a, sizeof(*a)); | |
7095 | } | 7266 | } | |
7096 | dns_resolver_reset_algorithms(res); | 7267 | dns_resolver_reset_algorithms(res); | |
7268 | destroy_badcache(res); | |||
7097 | dns_resolver_resetmustbesecure(res); | 7269 | dns_resolver_resetmustbesecure(res); | |
7098 | #if USE_ALGLOCK | 7270 | #if USE_ALGLOCK | |
7099 | isc_rwlock_destroy(&res->alglock); | 7271 | isc_rwlock_destroy(&res->alglock); | |
7100 | #endif | 7272 | #endif | |
7101 | #if USE_MBSLOCK | 7273 | #if USE_MBSLOCK | |
7102 | isc_rwlock_destroy(&res->mbslock); | 7274 | isc_rwlock_destroy(&res->mbslock); | |
7103 | #endif | 7275 | #endif | |
7104 | isc_timer_detach(&res->spillattimer); | 7276 | isc_timer_detach(&res->spillattimer); | |
7105 | res->magic = 0; | 7277 | res->magic = 0; | |
7106 | isc_mem_put(res->mctx, res, sizeof(*res)); | 7278 | isc_mem_put(res->mctx, res, sizeof(*res)); | |
7107 | } | 7279 | } | |
7108 | 7280 | |||
7109 | static void | 7281 | static void | |
@@ -7207,26 +7379,30 @@ dns_resolver_create(dns_view_t *view, | @@ -7207,26 +7379,30 @@ dns_resolver_create(dns_view_t *view, | |||
7207 | RTRACE("create"); | 7379 | RTRACE("create"); | |
7208 | res->mctx = view->mctx; | 7380 | res->mctx = view->mctx; | |
7209 | res->rdclass = view->rdclass; | 7381 | res->rdclass = view->rdclass; | |
7210 | res->socketmgr = socketmgr; | 7382 | res->socketmgr = socketmgr; | |
7211 | res->timermgr = timermgr; | 7383 | res->timermgr = timermgr; | |
7212 | res->taskmgr = taskmgr; | 7384 | res->taskmgr = taskmgr; | |
7213 | res->dispatchmgr = dispatchmgr; | 7385 | res->dispatchmgr = dispatchmgr; | |
7214 | res->view = view; | 7386 | res->view = view; | |
7215 | res->options = options; | 7387 | res->options = options; | |
7216 | res->lame_ttl = 0; | 7388 | res->lame_ttl = 0; | |
7217 | ISC_LIST_INIT(res->alternates); | 7389 | ISC_LIST_INIT(res->alternates); | |
7218 | res->udpsize = RECV_BUFFER_SIZE; | 7390 | res->udpsize = RECV_BUFFER_SIZE; | |
7219 | res->algorithms = NULL; | 7391 | res->algorithms = NULL; | |
7392 | res->badcache = NULL; | |||
7393 | res->badcount = 0; | |||
7394 | res->badhash = 0; | |||
7395 | res->badsweep = 0; | |||
7220 | res->mustbesecure = NULL; | 7396 | res->mustbesecure = NULL; | |
7221 | res->spillatmin = res->spillat = 10; | 7397 | res->spillatmin = res->spillat = 10; | |
7222 | res->spillatmax = 100; | 7398 | res->spillatmax = 100; | |
7223 | res->spillattimer = NULL; | 7399 | res->spillattimer = NULL; | |
7224 | res->zero_no_soa_ttl = ISC_FALSE; | 7400 | res->zero_no_soa_ttl = ISC_FALSE; | |
7225 | res->ndisps = 0; | 7401 | res->ndisps = 0; | |
7226 | res->nextdisp = 0; /* meaningless at this point, but init it */ | 7402 | res->nextdisp = 0; /* meaningless at this point, but init it */ | |
7227 | res->nbuckets = ntasks; | 7403 | res->nbuckets = ntasks; | |
7228 | res->activebuckets = ntasks; | 7404 | res->activebuckets = ntasks; | |
7229 | res->buckets = isc_mem_get(view->mctx, | 7405 | res->buckets = isc_mem_get(view->mctx, | |
7230 | ntasks * sizeof(fctxbucket_t)); | 7406 | ntasks * sizeof(fctxbucket_t)); | |
7231 | if (res->buckets == NULL) { | 7407 | if (res->buckets == NULL) { | |
7232 | result = ISC_R_NOMEMORY; | 7408 | result = ISC_R_NOMEMORY; | |
@@ -7473,33 +7649,31 @@ dns_resolver_prime(dns_resolver_t *res) | @@ -7473,33 +7649,31 @@ dns_resolver_prime(dns_resolver_t *res) | |||
7473 | UNLOCK(&res->primelock); | 7649 | UNLOCK(&res->primelock); | |
7474 | if (result != ISC_R_SUCCESS) { | 7650 | if (result != ISC_R_SUCCESS) { | |
7475 | LOCK(&res->lock); | 7651 | LOCK(&res->lock); | |
7476 | INSIST(res->priming); | 7652 | INSIST(res->priming); | |
7477 | res->priming = ISC_FALSE; | 7653 | res->priming = ISC_FALSE; | |
7478 | UNLOCK(&res->lock); | 7654 | UNLOCK(&res->lock); | |
7479 | } | 7655 | } | |
7480 | } | 7656 | } | |
7481 | } | 7657 | } | |
7482 | #endif /* BIND9 */ | 7658 | #endif /* BIND9 */ | |
7483 | 7659 | |||
7484 | void | 7660 | void | |
7485 | dns_resolver_freeze(dns_resolver_t *res) { | 7661 | dns_resolver_freeze(dns_resolver_t *res) { | |
7486 | ||||
7487 | /* | 7662 | /* | |
7488 | * Freeze resolver. | 7663 | * Freeze resolver. | |
7489 | */ | 7664 | */ | |
7490 | 7665 | |||
7491 | REQUIRE(VALID_RESOLVER(res)); | 7666 | REQUIRE(VALID_RESOLVER(res)); | |
7492 | REQUIRE(!res->frozen); | |||
7493 | 7667 | |||
7494 | res->frozen = ISC_TRUE; | 7668 | res->frozen = ISC_TRUE; | |
7495 | } | 7669 | } | |
7496 | 7670 | |||
7497 | void | 7671 | void | |
7498 | dns_resolver_attach(dns_resolver_t *source, dns_resolver_t **targetp) { | 7672 | dns_resolver_attach(dns_resolver_t *source, dns_resolver_t **targetp) { | |
7499 | REQUIRE(VALID_RESOLVER(source)); | 7673 | REQUIRE(VALID_RESOLVER(source)); | |
7500 | REQUIRE(targetp != NULL && *targetp == NULL); | 7674 | REQUIRE(targetp != NULL && *targetp == NULL); | |
7501 | 7675 | |||
7502 | RRTRACE(source, "attach"); | 7676 | RRTRACE(source, "attach"); | |
7503 | LOCK(&source->lock); | 7677 | LOCK(&source->lock); | |
7504 | REQUIRE(!source->exiting); | 7678 | REQUIRE(!source->exiting); | |
7505 | 7679 | |||
@@ -7855,27 +8029,27 @@ dns_resolver_cancelfetch(dns_fetch_t *fe | @@ -7855,27 +8029,27 @@ dns_resolver_cancelfetch(dns_fetch_t *fe | |||
7855 | * the answer is still cached. | 8029 | * the answer is still cached. | |
7856 | */ | 8030 | */ | |
7857 | 8031 | |||
7858 | UNLOCK(&res->buckets[fctx->bucketnum].lock); | 8032 | UNLOCK(&res->buckets[fctx->bucketnum].lock); | |
7859 | } | 8033 | } | |
7860 | 8034 | |||
7861 | void | 8035 | void | |
7862 | dns_resolver_destroyfetch(dns_fetch_t **fetchp) { | 8036 | dns_resolver_destroyfetch(dns_fetch_t **fetchp) { | |
7863 | dns_fetch_t *fetch; | 8037 | dns_fetch_t *fetch; | |
7864 | dns_resolver_t *res; | 8038 | dns_resolver_t *res; | |
7865 | dns_fetchevent_t *event, *next_event; | 8039 | dns_fetchevent_t *event, *next_event; | |
7866 | fetchctx_t *fctx; | 8040 | fetchctx_t *fctx; | |
7867 | unsigned int bucketnum; | 8041 | unsigned int bucketnum; | |
7868 | isc_boolean_t bucket_empty = ISC_FALSE; | 8042 | isc_boolean_t bucket_empty; | |
7869 | 8043 | |||
7870 | REQUIRE(fetchp != NULL); | 8044 | REQUIRE(fetchp != NULL); | |
7871 | fetch = *fetchp; | 8045 | fetch = *fetchp; | |
7872 | REQUIRE(DNS_FETCH_VALID(fetch)); | 8046 | REQUIRE(DNS_FETCH_VALID(fetch)); | |
7873 | fctx = fetch->private; | 8047 | fctx = fetch->private; | |
7874 | REQUIRE(VALID_FCTX(fctx)); | 8048 | REQUIRE(VALID_FCTX(fctx)); | |
7875 | res = fctx->res; | 8049 | res = fctx->res; | |
7876 | 8050 | |||
7877 | FTRACE("destroyfetch"); | 8051 | FTRACE("destroyfetch"); | |
7878 | 8052 | |||
7879 | bucketnum = fctx->bucketnum; | 8053 | bucketnum = fctx->bucketnum; | |
7880 | LOCK(&res->buckets[bucketnum].lock); | 8054 | LOCK(&res->buckets[bucketnum].lock); | |
7881 | 8055 | |||
@@ -7883,47 +8057,27 @@ dns_resolver_destroyfetch(dns_fetch_t ** | @@ -7883,47 +8057,27 @@ dns_resolver_destroyfetch(dns_fetch_t ** | |||
7883 | * Sanity check: the caller should have gotten its event before | 8057 | * Sanity check: the caller should have gotten its event before | |
7884 | * trying to destroy the fetch. | 8058 | * trying to destroy the fetch. | |
7885 | */ | 8059 | */ | |
7886 | event = NULL; | 8060 | event = NULL; | |
7887 | if (fctx->state != fetchstate_done) { | 8061 | if (fctx->state != fetchstate_done) { | |
7888 | for (event = ISC_LIST_HEAD(fctx->events); | 8062 | for (event = ISC_LIST_HEAD(fctx->events); | |
7889 | event != NULL; | 8063 | event != NULL; | |
7890 | event = next_event) { | 8064 | event = next_event) { | |
7891 | next_event = ISC_LIST_NEXT(event, ev_link); | 8065 | next_event = ISC_LIST_NEXT(event, ev_link); | |
7892 | RUNTIME_CHECK(event->fetch != fetch); | 8066 | RUNTIME_CHECK(event->fetch != fetch); | |
7893 | } | 8067 | } | |
7894 | } | 8068 | } | |
7895 | 8069 | |||
7896 | INSIST(fctx->references > 0); | 8070 | bucket_empty = fctx_decreference(fctx); | |
7897 | fctx->references--; | |||
7898 | if (fctx->references == 0) { | |||
7899 | /* | |||
7900 | * No one cares about the result of this fetch anymore. | |||
7901 | */ | |||
7902 | if (fctx->pending == 0 && fctx->nqueries == 0 && | |||
7903 | ISC_LIST_EMPTY(fctx->validators) && | |||
7904 | SHUTTINGDOWN(fctx)) { | |||
7905 | /* | |||
7906 | * This fctx is already shutdown; we were just | |||
7907 | * waiting for the last reference to go away. | |||
7908 | */ | |||
7909 | bucket_empty = fctx_destroy(fctx); | |||
7910 | } else { | |||
7911 | /* | |||
7912 | * Initiate shutdown. | |||
7913 | */ | |||
7914 | fctx_shutdown(fctx); | |||
7915 | } | |||
7916 | } | |||
7917 | 8071 | |||
7918 | UNLOCK(&res->buckets[bucketnum].lock); | 8072 | UNLOCK(&res->buckets[bucketnum].lock); | |
7919 | 8073 | |||
7920 | isc_mem_put(res->mctx, fetch, sizeof(*fetch)); | 8074 | isc_mem_put(res->mctx, fetch, sizeof(*fetch)); | |
7921 | *fetchp = NULL; | 8075 | *fetchp = NULL; | |
7922 | 8076 | |||
7923 | if (bucket_empty) | 8077 | if (bucket_empty) | |
7924 | empty_bucket(res); | 8078 | empty_bucket(res); | |
7925 | } | 8079 | } | |
7926 | 8080 | |||
7927 | void | 8081 | void | |
7928 | dns_resolver_logfetch(dns_fetch_t *fetch, isc_log_t *lctx, | 8082 | dns_resolver_logfetch(dns_fetch_t *fetch, isc_log_t *lctx, | |
7929 | isc_logcategory_t *category, isc_logmodule_t *module, | 8083 | isc_logcategory_t *category, isc_logmodule_t *module, | |
@@ -8050,26 +8204,276 @@ dns_resolver_addalternate(dns_resolver_t | @@ -8050,26 +8204,276 @@ dns_resolver_addalternate(dns_resolver_t | |||
8050 | 8204 | |||
8051 | void | 8205 | void | |
8052 | dns_resolver_setudpsize(dns_resolver_t *resolver, isc_uint16_t udpsize) { | 8206 | dns_resolver_setudpsize(dns_resolver_t *resolver, isc_uint16_t udpsize) { | |
8053 | REQUIRE(VALID_RESOLVER(resolver)); | 8207 | REQUIRE(VALID_RESOLVER(resolver)); | |
8054 | resolver->udpsize = udpsize; | 8208 | resolver->udpsize = udpsize; | |
8055 | } | 8209 | } | |
8056 | 8210 | |||
8057 | isc_uint16_t | 8211 | isc_uint16_t | |
8058 | dns_resolver_getudpsize(dns_resolver_t *resolver) { | 8212 | dns_resolver_getudpsize(dns_resolver_t *resolver) { | |
8059 | REQUIRE(VALID_RESOLVER(resolver)); | 8213 | REQUIRE(VALID_RESOLVER(resolver)); | |
8060 | return (resolver->udpsize); | 8214 | return (resolver->udpsize); | |
8061 | } | 8215 | } | |
8062 | 8216 | |||
8217 | void | |||
8218 | dns_resolver_flushbadcache(dns_resolver_t *resolver, dns_name_t *name) { | |||
8219 | unsigned int i; | |||
8220 | dns_badcache_t *bad, *prev, *next; | |||
8221 | ||||
8222 | REQUIRE(VALID_RESOLVER(resolver)); | |||
8223 | ||||
8224 | LOCK(&resolver->lock); | |||
8225 | if (resolver->badcache == NULL) | |||
8226 | goto unlock; | |||
8227 | ||||
8228 | if (name != NULL) { | |||
8229 | isc_time_t now; | |||
8230 | isc_result_t result; | |||
8231 | result = isc_time_now(&now); | |||
8232 | if (result != ISC_R_SUCCESS) | |||
8233 | isc_time_settoepoch(&now); | |||
8234 | i = dns_name_hash(name, ISC_FALSE) % resolver->badhash; | |||
8235 | prev = NULL; | |||
8236 | for (bad = resolver->badcache[i]; bad != NULL; bad = next) { | |||
8237 | int n; | |||
8238 | next = bad->next; | |||
8239 | n = isc_time_compare(&bad->expire, &now); | |||
8240 | if (n < 0 || dns_name_equal(name, &bad->name)) { | |||
8241 | if (prev == NULL) | |||
8242 | resolver->badcache[i] = bad->next; | |||
8243 | else | |||
8244 | prev->next = bad->next; | |||
8245 | isc_mem_put(resolver->mctx, bad, sizeof(*bad) + | |||
8246 | bad->name.length); | |||
8247 | resolver->badcount--; | |||
8248 | } else | |||
8249 | prev = bad; | |||
8250 | } | |||
8251 | } else | |||
8252 | destroy_badcache(resolver); | |||
8253 | ||||
8254 | unlock: | |||
8255 | UNLOCK(&resolver->lock); | |||
8256 | ||||
8257 | } | |||
8258 | ||||
8259 | static void | |||
8260 | resizehash(dns_resolver_t *resolver, isc_time_t *now, isc_boolean_t grow) { | |||
8261 | unsigned int newsize; | |||
8262 | dns_badcache_t **new, *bad, *next; | |||
8263 | unsigned int i; | |||
8264 | ||||
8265 | if (grow) | |||
8266 | newsize = resolver->badhash * 2 + 1; | |||
8267 | else | |||
8268 | newsize = (resolver->badhash - 1) / 2; | |||
8269 | ||||
8270 | new = isc_mem_get(resolver->mctx, | |||
8271 | sizeof(*resolver->badcache) * newsize); | |||
8272 | if (new == NULL) | |||
8273 | return; | |||
8274 | memset(new, 0, sizeof(*resolver->badcache) * newsize); | |||
8275 | for (i = 0; i < resolver->badhash; i++) { | |||
8276 | for (bad = resolver->badcache[i]; bad != NULL; bad = next) { | |||
8277 | next = bad->next; | |||
8278 | if (isc_time_compare(&bad->expire, now) < 0) { | |||
8279 | isc_mem_put(resolver->mctx, bad, sizeof(*bad) + | |||
8280 | bad->name.length); | |||
8281 | resolver->badcount--; | |||
8282 | } else { | |||
8283 | bad->next = new[bad->hashval % newsize]; | |||
8284 | new[bad->hashval % newsize] = bad; | |||
8285 | } | |||
8286 | } | |||
8287 | } | |||
8288 | isc_mem_put(resolver->mctx, resolver->badcache, | |||
8289 | sizeof(*resolver->badcache) * resolver->badhash); | |||
8290 | resolver->badhash = newsize; | |||
8291 | resolver->badcache = new; | |||
8292 | } | |||
8293 | ||||
8294 | void | |||
8295 | dns_resolver_addbadcache(dns_resolver_t *resolver, dns_name_t *name, | |||
8296 | dns_rdatatype_t type, isc_time_t *expire) | |||
8297 | { | |||
8298 | isc_time_t now; | |||
8299 | isc_result_t result = ISC_R_SUCCESS; | |||
8300 | unsigned int i, hashval; | |||
8301 | dns_badcache_t *bad, *prev, *next; | |||
8302 | ||||
8303 | REQUIRE(VALID_RESOLVER(resolver)); | |||
8304 | ||||
8305 | LOCK(&resolver->lock); | |||
8306 | if (resolver->badcache == NULL) { | |||
8307 | resolver->badcache = isc_mem_get(resolver->mctx, | |||
8308 | sizeof(*resolver->badcache) * | |||
8309 | DNS_BADCACHE_SIZE); | |||
8310 | if (resolver->badcache == NULL) { | |||
8311 | result = ISC_R_NOMEMORY; | |||
8312 | goto cleanup; | |||
8313 | } | |||
8314 | resolver->badhash = DNS_BADCACHE_SIZE; | |||
8315 | memset(resolver->badcache, 0, sizeof(*resolver->badcache) * | |||
8316 | resolver->badhash); | |||
8317 | } | |||
8318 | ||||
8319 | result = isc_time_now(&now); | |||
8320 | if (result != ISC_R_SUCCESS) | |||
8321 | isc_time_settoepoch(&now); | |||
8322 | hashval = dns_name_hash(name, ISC_FALSE); | |||
8323 | i = hashval % resolver->badhash; | |||
8324 | prev = NULL; | |||
8325 | for (bad = resolver->badcache[i]; bad != NULL; bad = next) { | |||
8326 | next = bad->next; | |||
8327 | if (bad->type == type && dns_name_equal(name, &bad->name)) | |||
8328 | break; | |||
8329 | if (isc_time_compare(&bad->expire, &now) < 0) { | |||
8330 | if (prev == NULL) | |||
8331 | resolver->badcache[i] = bad->next; | |||
8332 | else | |||
8333 | prev->next = bad->next; | |||
8334 | isc_mem_put(resolver->mctx, bad, sizeof(*bad) + | |||
8335 | bad->name.length); | |||
8336 | resolver->badcount--; | |||
8337 | } else | |||
8338 | prev = bad; | |||
8339 | } | |||
8340 | if (bad == NULL) { | |||
8341 | isc_buffer_t buffer; | |||
8342 | bad = isc_mem_get(resolver->mctx, sizeof(*bad) + name->length); | |||
8343 | if (bad == NULL) { | |||
8344 | result = ISC_R_NOMEMORY; | |||
8345 | goto cleanup; | |||
8346 | } | |||
8347 | bad->type = type; | |||
8348 | bad->hashval = hashval; | |||
8349 | isc_buffer_init(&buffer, bad + 1, name->length); | |||
8350 | dns_name_init(&bad->name, NULL); | |||
8351 | dns_name_copy(name, &bad->name, &buffer); | |||
8352 | bad->next = resolver->badcache[i]; | |||
8353 | resolver->badcache[i] = bad; | |||
8354 | resolver->badcount++; | |||
8355 | if (resolver->badcount > resolver->badhash * 8) | |||
8356 | resizehash(resolver, &now, ISC_TRUE); | |||
8357 | if (resolver->badcount < resolver->badhash * 2 && | |||
8358 | resolver->badhash > DNS_BADCACHE_SIZE) | |||
8359 | resizehash(resolver, &now, ISC_FALSE); | |||
8360 | } | |||
8361 | bad->expire = *expire; | |||
8362 | cleanup: | |||
8363 | UNLOCK(&resolver->lock); | |||
8364 | } | |||
8365 | ||||
8366 | isc_boolean_t | |||
8367 | dns_resolver_getbadcache(dns_resolver_t *resolver, dns_name_t *name, | |||
8368 | dns_rdatatype_t type, isc_time_t *now) | |||
8369 | { | |||
8370 | dns_badcache_t *bad, *prev, *next; | |||
8371 | isc_boolean_t answer = ISC_FALSE; | |||
8372 | unsigned int i; | |||
8373 | ||||
8374 | REQUIRE(VALID_RESOLVER(resolver)); | |||
8375 | ||||
8376 | LOCK(&resolver->lock); | |||
8377 | if (resolver->badcache == NULL) | |||
8378 | goto unlock; | |||
8379 | ||||
8380 | i = dns_name_hash(name, ISC_FALSE) % resolver->badhash; | |||
8381 | prev = NULL; | |||
8382 | for (bad = resolver->badcache[i]; bad != NULL; bad = next) { | |||
8383 | next = bad->next; | |||
8384 | /* | |||
8385 | * Search the hash list. Clean out expired records as we go. | |||
8386 | */ | |||
8387 | if (isc_time_compare(&bad->expire, now) < 0) { | |||
8388 | if (prev != NULL) | |||
8389 | prev->next = bad->next; | |||
8390 | else | |||
8391 | resolver->badcache[i] = bad->next; | |||
8392 | isc_mem_put(resolver->mctx, bad, sizeof(*bad) + | |||
8393 | bad->name.length); | |||
8394 | resolver->badcount--; | |||
8395 | continue; | |||
8396 | } | |||
8397 | if (bad->type == type && dns_name_equal(name, &bad->name)) { | |||
8398 | answer = ISC_TRUE; | |||
8399 | break; | |||
8400 | } | |||
8401 | prev = bad; | |||
8402 | } | |||
8403 | ||||
8404 | /* | |||
8405 | * Slow sweep to clean out stale records. | |||
8406 | */ | |||
8407 | i = resolver->badsweep++ % resolver->badhash; | |||
8408 | bad = resolver->badcache[i]; | |||
8409 | if (bad != NULL && isc_time_compare(&bad->expire, now) < 0) { | |||
8410 | resolver->badcache[i] = bad->next; | |||
8411 | isc_mem_put(resolver->mctx, bad, sizeof(*bad) + | |||
8412 | bad->name.length); | |||
8413 | resolver->badcount--; | |||
8414 | } | |||
8415 | ||||
8416 | unlock: | |||
8417 | UNLOCK(&resolver->lock); | |||
8418 | return (answer); | |||
8419 | } | |||
8420 | ||||
8421 | void | |||
8422 | dns_resolver_printbadcache(dns_resolver_t *resolver, FILE *fp) { | |||
8423 | char namebuf[DNS_NAME_FORMATSIZE]; | |||
8424 | char typebuf[DNS_RDATATYPE_FORMATSIZE]; | |||
8425 | dns_badcache_t *bad, *next, *prev; | |||
8426 | isc_time_t now; | |||
8427 | unsigned int i; | |||
8428 | isc_uint64_t t; | |||
8429 | ||||
8430 | LOCK(&resolver->lock); | |||
8431 | fprintf(fp, ";\n; Bad cache\n;\n"); | |||
8432 | ||||
8433 | if (resolver->badcache == NULL) | |||
8434 | goto unlock; | |||
8435 | ||||
8436 | TIME_NOW(&now); | |||
8437 | for (i = 0; i < resolver->badhash; i++) { | |||
8438 | prev = NULL; | |||
8439 | for (bad = resolver->badcache[i]; bad != NULL; bad = next) { | |||
8440 | next = bad->next; | |||
8441 | if (isc_time_compare(&bad->expire, &now) < 0) { | |||
8442 | if (prev != NULL) | |||
8443 | prev->next = bad->next; | |||
8444 | else | |||
8445 | resolver->badcache[i] = bad->next; | |||
8446 | isc_mem_put(resolver->mctx, bad, sizeof(*bad) + | |||
8447 | bad->name.length); | |||
8448 | resolver->badcount--; | |||
8449 | continue; | |||
8450 | } | |||
8451 | prev = bad; | |||
8452 | dns_name_format(&bad->name, namebuf, sizeof(namebuf)); | |||
8453 | dns_rdatatype_format(bad->type, typebuf, | |||
8454 | sizeof(typebuf)); | |||
8455 | t = isc_time_microdiff(&bad->expire, &now); | |||
8456 | t /= 1000; | |||
8457 | fprintf(fp, "; %s/%s [ttl " | |||
8458 | "%" ISC_PLATFORM_QUADFORMAT "u]\n", | |||
8459 | namebuf, typebuf, t); | |||
8460 | } | |||
8461 | } | |||
8462 | ||||
8463 | unlock: | |||
8464 | UNLOCK(&resolver->lock); | |||
8465 | } | |||
8466 | ||||
8063 | static void | 8467 | static void | |
8064 | free_algorithm(void *node, void *arg) { | 8468 | free_algorithm(void *node, void *arg) { | |
8065 | unsigned char *algorithms = node; | 8469 | unsigned char *algorithms = node; | |
8066 | isc_mem_t *mctx = arg; | 8470 | isc_mem_t *mctx = arg; | |
8067 | 8471 | |||
8068 | isc_mem_put(mctx, algorithms, *algorithms); | 8472 | isc_mem_put(mctx, algorithms, *algorithms); | |
8069 | } | 8473 | } | |
8070 | 8474 | |||
8071 | void | 8475 | void | |
8072 | dns_resolver_reset_algorithms(dns_resolver_t *resolver) { | 8476 | dns_resolver_reset_algorithms(dns_resolver_t *resolver) { | |
8073 | 8477 | |||
8074 | REQUIRE(VALID_RESOLVER(resolver)); | 8478 | REQUIRE(VALID_RESOLVER(resolver)); | |
8075 | 8479 |
--- src/external/bsd/bind/dist/lib/dns/include/dns/Attic/name.h 2009/10/25 00:14:33 1.3
+++ src/external/bsd/bind/dist/lib/dns/include/dns/Attic/name.h 2010/08/06 10:58:12 1.4
@@ -1,33 +1,33 @@ | @@ -1,33 +1,33 @@ | |||
1 | /* $NetBSD: name.h,v 1.3 2009/10/25 00:14:33 christos Exp $ */ | 1 | /* $NetBSD: name.h,v 1.4 2010/08/06 10:58:12 christos Exp $ */ | |
2 | 2 | |||
3 | /* | 3 | /* | |
4 | * Copyright (C) 2004-2007, 2009 Internet Systems Consortium, Inc. ("ISC") | 4 | * Copyright (C) 2004-2007, 2009, 2010 Internet Systems Consortium, Inc. ("ISC") | |
5 | * Copyright (C) 1998-2003 Internet Software Consortium. | 5 | * Copyright (C) 1998-2003 Internet Software Consortium. | |
6 | * | 6 | * | |
7 | * Permission to use, copy, modify, and/or distribute this software for any | 7 | * Permission to use, copy, modify, and/or distribute this software for any | |
8 | * purpose with or without fee is hereby granted, provided that the above | 8 | * purpose with or without fee is hereby granted, provided that the above | |
9 | * copyright notice and this permission notice appear in all copies. | 9 | * copyright notice and this permission notice appear in all copies. | |
10 | * | 10 | * | |
11 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | 11 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | |
12 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | 12 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | |
13 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | 13 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | |
14 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | 14 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | |
15 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | 15 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | |
16 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | 16 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | |
17 | * PERFORMANCE OF THIS SOFTWARE. | 17 | * PERFORMANCE OF THIS SOFTWARE. | |
18 | */ | 18 | */ | |
19 | 19 | |||
20 | /* Id: name.h,v 1.132 2009/09/01 17:36:51 jinmei Exp */ | 20 | /* Id: name.h,v 1.132.104.3 2010/07/09 23:46:27 tbox Exp */ | |
21 | 21 | |||
22 | #ifndef DNS_NAME_H | 22 | #ifndef DNS_NAME_H | |
23 | #define DNS_NAME_H 1 | 23 | #define DNS_NAME_H 1 | |
24 | 24 | |||
25 | /***** | 25 | /***** | |
26 | ***** Module Info | 26 | ***** Module Info | |
27 | *****/ | 27 | *****/ | |
28 | 28 | |||
29 | /*! \file dns/name.h | 29 | /*! \file dns/name.h | |
30 | * \brief | 30 | * \brief | |
31 | * Provides facilities for manipulating DNS names and labels, including | 31 | * Provides facilities for manipulating DNS names and labels, including | |
32 | * conversions to and from wire format and text format. | 32 | * conversions to and from wire format and text format. | |
33 | * | 33 | * | |
@@ -91,32 +91,26 @@ ISC_LANG_BEGINDECLS | @@ -91,32 +91,26 @@ ISC_LANG_BEGINDECLS | |||
91 | ***** label of type 00 (ordinary). | 91 | ***** label of type 00 (ordinary). | |
92 | *****/ | 92 | *****/ | |
93 | 93 | |||
94 | /***** | 94 | /***** | |
95 | ***** Names | 95 | ***** Names | |
96 | ***** | 96 | ***** | |
97 | ***** A 'name' is a handle to a binary region. It contains a sequence of one | 97 | ***** A 'name' is a handle to a binary region. It contains a sequence of one | |
98 | ***** or more DNS wire format labels of type 00 (ordinary). | 98 | ***** or more DNS wire format labels of type 00 (ordinary). | |
99 | ***** Note that all names are not required to end with the root label, | 99 | ***** Note that all names are not required to end with the root label, | |
100 | ***** as they are in the actual DNS wire protocol. | 100 | ***** as they are in the actual DNS wire protocol. | |
101 | *****/ | 101 | *****/ | |
102 | 102 | |||
103 | /*** | 103 | /*** | |
104 | *** Compression pointer chaining limit | |||
105 | ***/ | |||
106 | ||||
107 | #define DNS_POINTER_MAXHOPS 16 | |||
108 | ||||
109 | /*** | |||
110 | *** Types | 104 | *** Types | |
111 | ***/ | 105 | ***/ | |
112 | 106 | |||
113 | /*% | 107 | /*% | |
114 | * Clients are strongly discouraged from using this type directly, with | 108 | * Clients are strongly discouraged from using this type directly, with | |
115 | * the exception of the 'link' and 'list' fields which may be used directly | 109 | * the exception of the 'link' and 'list' fields which may be used directly | |
116 | * for whatever purpose the client desires. | 110 | * for whatever purpose the client desires. | |
117 | */ | 111 | */ | |
118 | struct dns_name { | 112 | struct dns_name { | |
119 | unsigned int magic; | 113 | unsigned int magic; | |
120 | unsigned char * ndata; | 114 | unsigned char * ndata; | |
121 | unsigned int length; | 115 | unsigned int length; | |
122 | unsigned int labels; | 116 | unsigned int labels; | |
@@ -800,36 +794,51 @@ dns_name_fromtext(dns_name_t *name, isc_ | @@ -800,36 +794,51 @@ dns_name_fromtext(dns_name_t *name, isc_ | |||
800 | * | 794 | * | |
801 | * Result: | 795 | * Result: | |
802 | *\li #ISC_R_SUCCESS | 796 | *\li #ISC_R_SUCCESS | |
803 | *\li #DNS_R_EMPTYLABEL | 797 | *\li #DNS_R_EMPTYLABEL | |
804 | *\li #DNS_R_LABELTOOLONG | 798 | *\li #DNS_R_LABELTOOLONG | |
805 | *\li #DNS_R_BADESCAPE | 799 | *\li #DNS_R_BADESCAPE | |
806 | *\li (#DNS_R_BADBITSTRING: should not be returned) | 800 | *\li (#DNS_R_BADBITSTRING: should not be returned) | |
807 | *\li (#DNS_R_BITSTRINGTOOLONG: should not be returned) | 801 | *\li (#DNS_R_BITSTRINGTOOLONG: should not be returned) | |
808 | *\li #DNS_R_BADDOTTEDQUAD | 802 | *\li #DNS_R_BADDOTTEDQUAD | |
809 | *\li #ISC_R_NOSPACE | 803 | *\li #ISC_R_NOSPACE | |
810 | *\li #ISC_R_UNEXPECTEDEND | 804 | *\li #ISC_R_UNEXPECTEDEND | |
811 | */ | 805 | */ | |
812 | 806 | |||
807 | #define DNS_NAME_OMITFINALDOT 0x01U | |||
808 | #define DNS_NAME_MASTERFILE 0x02U /* escape $ and @ */ | |||
809 | ||||
810 | isc_result_t | |||
811 | dns_name_toprincipal(dns_name_t *name, isc_buffer_t *target); | |||
812 | ||||
813 | isc_result_t | 813 | isc_result_t | |
814 | dns_name_totext(dns_name_t *name, isc_boolean_t omit_final_dot, | 814 | dns_name_totext(dns_name_t *name, isc_boolean_t omit_final_dot, | |
815 | isc_buffer_t *target); | 815 | isc_buffer_t *target); | |
816 | ||||
817 | isc_result_t | |||
818 | dns_name_totext2(dns_name_t *name, unsigned int options, isc_buffer_t *target); | |||
816 | /*%< | 819 | /*%< | |
817 | * Convert 'name' into text format, storing the result in 'target'. | 820 | * Convert 'name' into text format, storing the result in 'target'. | |
818 | * | 821 | * | |
819 | * Notes: | 822 | * Notes: | |
820 | *\li If 'omit_final_dot' is true, then the final '.' in absolute | 823 | *\li If 'omit_final_dot' is true, then the final '.' in absolute | |
821 | * names other than the root name will be omitted. | 824 | * names other than the root name will be omitted. | |
822 | * | 825 | * | |
826 | *\li If DNS_NAME_OMITFINALDOT is set in options, then the final '.' | |||
827 | * in absolute names other than the root name will be omitted. | |||
828 | * | |||
829 | *\li If DNS_NAME_MASTERFILE is set in options, '$' and '@' will also | |||
830 | * be escaped. | |||
831 | * | |||
823 | *\li If dns_name_countlabels == 0, the name will be "@", representing the | 832 | *\li If dns_name_countlabels == 0, the name will be "@", representing the | |
824 | * current origin as described by RFC1035. | 833 | * current origin as described by RFC1035. | |
825 | * | 834 | * | |
826 | *\li The name is not NUL terminated. | 835 | *\li The name is not NUL terminated. | |
827 | * | 836 | * | |
828 | * Requires: | 837 | * Requires: | |
829 | * | 838 | * | |
830 | *\li 'name' is a valid name | 839 | *\li 'name' is a valid name | |
831 | * | 840 | * | |
832 | *\li 'target' is a valid buffer. | 841 | *\li 'target' is a valid buffer. | |
833 | * | 842 | * | |
834 | *\li if dns_name_isabsolute == FALSE, then omit_final_dot == FALSE | 843 | *\li if dns_name_isabsolute == FALSE, then omit_final_dot == FALSE | |
835 | * | 844 | * |
--- src/external/bsd/bind/dist/lib/dns/include/dns/Attic/zone.h 2009/12/26 23:08:23 1.4
+++ src/external/bsd/bind/dist/lib/dns/include/dns/Attic/zone.h 2010/08/06 10:58:12 1.5
@@ -1,33 +1,33 @@ | @@ -1,33 +1,33 @@ | |||
1 | /* $NetBSD: zone.h,v 1.4 2009/12/26 23:08:23 christos Exp $ */ | 1 | /* $NetBSD: zone.h,v 1.5 2010/08/06 10:58:12 christos Exp $ */ | |
2 | 2 | |||
3 | /* | 3 | /* | |
4 | * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") | 4 | * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") | |
5 | * Copyright (C) 1999-2003 Internet Software Consortium. | 5 | * Copyright (C) 1999-2003 Internet Software Consortium. | |
6 | * | 6 | * | |
7 | * Permission to use, copy, modify, and/or distribute this software for any | 7 | * Permission to use, copy, modify, and/or distribute this software for any | |
8 | * purpose with or without fee is hereby granted, provided that the above | 8 | * purpose with or without fee is hereby granted, provided that the above | |
9 | * copyright notice and this permission notice appear in all copies. | 9 | * copyright notice and this permission notice appear in all copies. | |
10 | * | 10 | * | |
11 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | 11 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | |
12 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | 12 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | |
13 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | 13 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | |
14 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | 14 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | |
15 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | 15 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | |
16 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | 16 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | |
17 | * PERFORMANCE OF THIS SOFTWARE. | 17 | * PERFORMANCE OF THIS SOFTWARE. | |
18 | */ | 18 | */ | |
19 | 19 | |||
20 | /* Id: zone.h,v 1.174 2009/12/04 22:06:37 tbox Exp */ | 20 | /* Id: zone.h,v 1.174.4.1 2009/12/29 22:23:00 marka Exp */ | |
21 | 21 | |||
22 | #ifndef DNS_ZONE_H | 22 | #ifndef DNS_ZONE_H | |
23 | #define DNS_ZONE_H 1 | 23 | #define DNS_ZONE_H 1 | |
24 | 24 | |||
25 | /*! \file dns/zone.h */ | 25 | /*! \file dns/zone.h */ | |
26 | 26 | |||
27 | /*** | 27 | /*** | |
28 | *** Imports | 28 | *** Imports | |
29 | ***/ | 29 | ***/ | |
30 | 30 | |||
31 | #include <stdio.h> | 31 | #include <stdio.h> | |
32 | 32 | |||
33 | #include <isc/formatcheck.h> | 33 | #include <isc/formatcheck.h> | |
@@ -1770,27 +1770,27 @@ dns_zone_addnsec3chain(dns_zone_t *zone, | @@ -1770,27 +1770,27 @@ dns_zone_addnsec3chain(dns_zone_t *zone, | |||
1770 | /*%< | 1770 | /*%< | |
1771 | * Incrementally add a NSEC3 chain that corresponds to nsec3param. | 1771 | * Incrementally add a NSEC3 chain that corresponds to nsec3param. | |
1772 | */ | 1772 | */ | |
1773 | 1773 | |||
1774 | void | 1774 | void | |
1775 | dns_zone_setprivatetype(dns_zone_t *zone, dns_rdatatype_t type); | 1775 | dns_zone_setprivatetype(dns_zone_t *zone, dns_rdatatype_t type); | |
1776 | dns_rdatatype_t | 1776 | dns_rdatatype_t | |
1777 | dns_zone_getprivatetype(dns_zone_t *zone); | 1777 | dns_zone_getprivatetype(dns_zone_t *zone); | |
1778 | /* | 1778 | /* | |
1779 | * Get/Set the private record type. It is expected that these interfaces | 1779 | * Get/Set the private record type. It is expected that these interfaces | |
1780 | * will not be permanent. | 1780 | * will not be permanent. | |
1781 | */ | 1781 | */ | |
1782 | 1782 | |||
1783 | isc_result_t | 1783 | void | |
1784 | dns_zone_rekey(dns_zone_t *zone); | 1784 | dns_zone_rekey(dns_zone_t *zone); | |
1785 | /*%< | 1785 | /*%< | |
1786 | * Update the zone's DNSKEY set from the key repository. | 1786 | * Update the zone's DNSKEY set from the key repository. | |
1787 | */ | 1787 | */ | |
1788 | 1788 | |||
1789 | isc_result_t | 1789 | isc_result_t | |
1790 | dns_zone_nscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version, | 1790 | dns_zone_nscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version, | |
1791 | unsigned int *errors); | 1791 | unsigned int *errors); | |
1792 | /*% | 1792 | /*% | |
1793 | * Check if the name servers for the zone are sane (have address, don't | 1793 | * Check if the name servers for the zone are sane (have address, don't | |
1794 | * refer to CNAMEs/DNAMEs. The number of constiancy errors detected in | 1794 | * refer to CNAMEs/DNAMEs. The number of constiancy errors detected in | |
1795 | * returned in '*errors' | 1795 | * returned in '*errors' | |
1796 | * | 1796 | * |
--- src/external/bsd/bind/dist/lib/isc/include/isc/Attic/mem.h 2009/10/25 00:14:33 1.3
+++ src/external/bsd/bind/dist/lib/isc/include/isc/Attic/mem.h 2010/08/06 10:58:12 1.4
@@ -1,33 +1,33 @@ | @@ -1,33 +1,33 @@ | |||
1 | /* $NetBSD: mem.h,v 1.3 2009/10/25 00:14:33 christos Exp $ */ | 1 | /* $NetBSD: mem.h,v 1.4 2010/08/06 10:58:12 christos Exp $ */ | |
2 | 2 | |||
3 | /* | 3 | /* | |
4 | * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") | 4 | * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") | |
5 | * Copyright (C) 1997-2001 Internet Software Consortium. | 5 | * Copyright (C) 1997-2001 Internet Software Consortium. | |
6 | * | 6 | * | |
7 | * Permission to use, copy, modify, and/or distribute this software for any | 7 | * Permission to use, copy, modify, and/or distribute this software for any | |
8 | * purpose with or without fee is hereby granted, provided that the above | 8 | * purpose with or without fee is hereby granted, provided that the above | |
9 | * copyright notice and this permission notice appear in all copies. | 9 | * copyright notice and this permission notice appear in all copies. | |
10 | * | 10 | * | |
11 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | 11 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | |
12 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | 12 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | |
13 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | 13 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | |
14 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | 14 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | |
15 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | 15 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | |
16 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | 16 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | |
17 | * PERFORMANCE OF THIS SOFTWARE. | 17 | * PERFORMANCE OF THIS SOFTWARE. | |
18 | */ | 18 | */ | |
19 | 19 | |||
20 | /* Id: mem.h,v 1.86 2009/09/04 18:51:37 jinmei Exp */ | 20 | /* Id: mem.h,v 1.86.102.2 2010/03/04 23:49:20 tbox Exp */ | |
21 | 21 | |||
22 | #ifndef ISC_MEM_H | 22 | #ifndef ISC_MEM_H | |
23 | #define ISC_MEM_H 1 | 23 | #define ISC_MEM_H 1 | |
24 | 24 | |||
25 | /*! \file isc/mem.h */ | 25 | /*! \file isc/mem.h */ | |
26 | 26 | |||
27 | #include <stdio.h> | 27 | #include <stdio.h> | |
28 | 28 | |||
29 | #include <isc/lang.h> | 29 | #include <isc/lang.h> | |
30 | #include <isc/mutex.h> | 30 | #include <isc/mutex.h> | |
31 | #include <isc/platform.h> | 31 | #include <isc/platform.h> | |
32 | #include <isc/types.h> | 32 | #include <isc/types.h> | |
33 | #include <isc/xml.h> | 33 | #include <isc/xml.h> | |
@@ -113,27 +113,27 @@ LIBISC_EXTERNAL_DATA extern unsigned int | @@ -113,27 +113,27 @@ LIBISC_EXTERNAL_DATA extern unsigned int | |||
113 | * | 113 | * | |
114 | * \li #ISC_MEM_DEBUGSIZE | 114 | * \li #ISC_MEM_DEBUGSIZE | |
115 | * Check the size argument being passed to isc_mem_put() matches | 115 | * Check the size argument being passed to isc_mem_put() matches | |
116 | * that passed to isc_mem_get(). | 116 | * that passed to isc_mem_get(). | |
117 | * | 117 | * | |
118 | * \li #ISC_MEM_DEBUGCTX | 118 | * \li #ISC_MEM_DEBUGCTX | |
119 | * Check the mctx argument being passed to isc_mem_put() matches | 119 | * Check the mctx argument being passed to isc_mem_put() matches | |
120 | * that passed to isc_mem_get(). | 120 | * that passed to isc_mem_get(). | |
121 | */ | 121 | */ | |
122 | /*@}*/ | 122 | /*@}*/ | |
123 | 123 | |||
124 | #if ISC_MEM_TRACKLINES | 124 | #if ISC_MEM_TRACKLINES | |
125 | #define _ISC_MEM_FILELINE , __FILE__, __LINE__ | 125 | #define _ISC_MEM_FILELINE , __FILE__, __LINE__ | |
126 | #define _ISC_MEM_FLARG , const char *, int | 126 | #define _ISC_MEM_FLARG , const char *, unsigned int | |
127 | #else | 127 | #else | |
128 | #define _ISC_MEM_FILELINE | 128 | #define _ISC_MEM_FILELINE | |
129 | #define _ISC_MEM_FLARG | 129 | #define _ISC_MEM_FLARG | |
130 | #endif | 130 | #endif | |
131 | 131 | |||
132 | /*! | 132 | /*! | |
133 | * Define ISC_MEM_USE_INTERNAL_MALLOC=1 to use the internal malloc() | 133 | * Define ISC_MEM_USE_INTERNAL_MALLOC=1 to use the internal malloc() | |
134 | * implementation in preference to the system one. The internal malloc() | 134 | * implementation in preference to the system one. The internal malloc() | |
135 | * is very space-efficient, and quite fast on uniprocessor systems. It | 135 | * is very space-efficient, and quite fast on uniprocessor systems. It | |
136 | * performs poorly on multiprocessor machines. | 136 | * performs poorly on multiprocessor machines. | |
137 | * JT: we can overcome the performance issue on multiprocessor machines | 137 | * JT: we can overcome the performance issue on multiprocessor machines | |
138 | * by carefully separating memory contexts. | 138 | * by carefully separating memory contexts. | |
139 | */ | 139 | */ |
--- src/external/bsd/bind/dist/lib/isc/include/isc/Attic/util.h 2009/04/12 03:46:08 1.2
+++ src/external/bsd/bind/dist/lib/isc/include/isc/Attic/util.h 2010/08/06 10:58:12 1.3
@@ -1,33 +1,33 @@ | @@ -1,33 +1,33 @@ | |||
1 | /* $NetBSD: util.h,v 1.2 2009/04/12 03:46:08 christos Exp $ */ | 1 | /* $NetBSD: util.h,v 1.3 2010/08/06 10:58:12 christos Exp $ */ | |
2 | 2 | |||
3 | /* | 3 | /* | |
4 | * Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") | 4 | * Copyright (C) 2004-2007, 2010 Internet Systems Consortium, Inc. ("ISC") | |
5 | * Copyright (C) 1998-2001 Internet Software Consortium. | 5 | * Copyright (C) 1998-2001 Internet Software Consortium. | |
6 | * | 6 | * | |
7 | * Permission to use, copy, modify, and/or distribute this software for any | 7 | * Permission to use, copy, modify, and/or distribute this software for any | |
8 | * purpose with or without fee is hereby granted, provided that the above | 8 | * purpose with or without fee is hereby granted, provided that the above | |
9 | * copyright notice and this permission notice appear in all copies. | 9 | * copyright notice and this permission notice appear in all copies. | |
10 | * | 10 | * | |
11 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | 11 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | |
12 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | 12 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | |
13 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | 13 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | |
14 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | 14 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | |
15 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | 15 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | |
16 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | 16 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | |
17 | * PERFORMANCE OF THIS SOFTWARE. | 17 | * PERFORMANCE OF THIS SOFTWARE. | |
18 | */ | 18 | */ | |
19 | 19 | |||
20 | /* Id: util.h,v 1.30 2007/06/19 23:47:18 tbox Exp */ | 20 | /* Id: util.h,v 1.30.558.1 2010/01/13 19:31:53 each Exp */ | |
21 | 21 | |||
22 | #ifndef ISC_UTIL_H | 22 | #ifndef ISC_UTIL_H | |
23 | #define ISC_UTIL_H 1 | 23 | #define ISC_UTIL_H 1 | |
24 | 24 | |||
25 | /*! \file isc/util.h | 25 | /*! \file isc/util.h | |
26 | * NOTE: | 26 | * NOTE: | |
27 | * | 27 | * | |
28 | * This file is not to be included from any <isc/???.h> (or other) library | 28 | * This file is not to be included from any <isc/???.h> (or other) library | |
29 | * files. | 29 | * files. | |
30 | * | 30 | * | |
31 | * \brief | 31 | * \brief | |
32 | * Including this file puts several macros in your name space that are | 32 | * Including this file puts several macros in your name space that are | |
33 | * not protected (as all the other ISC functions/macros do) by prepending | 33 | * not protected (as all the other ISC functions/macros do) by prepending | |
@@ -222,14 +222,24 @@ | @@ -222,14 +222,24 @@ | |||
222 | 222 | |||
223 | /*% Unexpected Error */ | 223 | /*% Unexpected Error */ | |
224 | #define UNEXPECTED_ERROR isc_error_unexpected | 224 | #define UNEXPECTED_ERROR isc_error_unexpected | |
225 | /*% Fatal Error */ | 225 | /*% Fatal Error */ | |
226 | #define FATAL_ERROR isc_error_fatal | 226 | #define FATAL_ERROR isc_error_fatal | |
227 | /*% Runtime Check */ | 227 | /*% Runtime Check */ | |
228 | #define RUNTIME_CHECK(cond) ISC_ERROR_RUNTIMECHECK(cond) | 228 | #define RUNTIME_CHECK(cond) ISC_ERROR_RUNTIMECHECK(cond) | |
229 | 229 | |||
230 | /*% | 230 | /*% | |
231 | * Time | 231 | * Time | |
232 | */ | 232 | */ | |
233 | #define TIME_NOW(tp) RUNTIME_CHECK(isc_time_now((tp)) == ISC_R_SUCCESS) | 233 | #define TIME_NOW(tp) RUNTIME_CHECK(isc_time_now((tp)) == ISC_R_SUCCESS) | |
234 | 234 | |||
235 | /*% | |||
236 | * Prevent Linux spurious warnings | |||
237 | */ | |||
238 | #if defined(__GNUC__) && (__GNUC__ > 3) | |||
239 | #define isc_util_fwrite(a, b, c, d) \ | |||
240 | __builtin_expect(fwrite((a), (b), (c), (d)), (c)) | |||
241 | #else | |||
242 | #define isc_util_fwrite(a, b, c, d) fwrite((a), (b), (c), (d)) | |||
243 | #endif | |||
244 | ||||
235 | #endif /* ISC_UTIL_H */ | 245 | #endif /* ISC_UTIL_H */ |
--- src/external/bsd/bind/dist/lib/isc/unix/Attic/socket.c 2009/12/26 23:08:23 1.3
+++ src/external/bsd/bind/dist/lib/isc/unix/Attic/socket.c 2010/08/06 10:58:12 1.4
@@ -1,33 +1,33 @@ | @@ -1,33 +1,33 @@ | |||
1 | /* $NetBSD: socket.c,v 1.3 2009/12/26 23:08:23 christos Exp $ */ | 1 | /* $NetBSD: socket.c,v 1.4 2010/08/06 10:58:12 christos Exp $ */ | |
2 | 2 | |||
3 | /* | 3 | /* | |
4 | * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") | 4 | * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") | |
5 | * Copyright (C) 1998-2003 Internet Software Consortium. | 5 | * Copyright (C) 1998-2003 Internet Software Consortium. | |
6 | * | 6 | * | |
7 | * Permission to use, copy, modify, and/or distribute this software for any | 7 | * Permission to use, copy, modify, and/or distribute this software for any | |
8 | * purpose with or without fee is hereby granted, provided that the above | 8 | * purpose with or without fee is hereby granted, provided that the above | |
9 | * copyright notice and this permission notice appear in all copies. | 9 | * copyright notice and this permission notice appear in all copies. | |
10 | * | 10 | * | |
11 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | 11 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | |
12 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | 12 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | |
13 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | 13 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | |
14 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | 14 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | |
15 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | 15 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | |
16 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | 16 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | |
17 | * PERFORMANCE OF THIS SOFTWARE. | 17 | * PERFORMANCE OF THIS SOFTWARE. | |
18 | */ | 18 | */ | |
19 | 19 | |||
20 | /* Id: socket.c,v 1.326 2009/11/13 00:41:58 each Exp */ | 20 | /* Id: socket.c,v 1.326.20.4 2010/03/12 03:25:20 marka Exp */ | |
21 | 21 | |||
22 | /*! \file */ | 22 | /*! \file */ | |
23 | 23 | |||
24 | #include <config.h> | 24 | #include <config.h> | |
25 | 25 | |||
26 | #include <sys/param.h> | 26 | #include <sys/param.h> | |
27 | #include <sys/types.h> | 27 | #include <sys/types.h> | |
28 | #include <sys/socket.h> | 28 | #include <sys/socket.h> | |
29 | #include <sys/stat.h> | 29 | #include <sys/stat.h> | |
30 | #include <sys/time.h> | 30 | #include <sys/time.h> | |
31 | #include <sys/uio.h> | 31 | #include <sys/uio.h> | |
32 | 32 | |||
33 | #include <errno.h> | 33 | #include <errno.h> | |
@@ -798,26 +798,27 @@ watch_fd(isc__socketmgr_t *manager, int | @@ -798,26 +798,27 @@ watch_fd(isc__socketmgr_t *manager, int | |||
798 | evchange.flags = EV_ADD; | 798 | evchange.flags = EV_ADD; | |
799 | evchange.ident = fd; | 799 | evchange.ident = fd; | |
800 | if (kevent(manager->kqueue_fd, &evchange, 1, NULL, 0, NULL) != 0) | 800 | if (kevent(manager->kqueue_fd, &evchange, 1, NULL, 0, NULL) != 0) | |
801 | result = isc__errno2result(errno); | 801 | result = isc__errno2result(errno); | |
802 | 802 | |||
803 | return (result); | 803 | return (result); | |
804 | #elif defined(USE_EPOLL) | 804 | #elif defined(USE_EPOLL) | |
805 | struct epoll_event event; | 805 | struct epoll_event event; | |
806 | 806 | |||
807 | if (msg == SELECT_POKE_READ) | 807 | if (msg == SELECT_POKE_READ) | |
808 | event.events = EPOLLIN; | 808 | event.events = EPOLLIN; | |
809 | else | 809 | else | |
810 | event.events = EPOLLOUT; | 810 | event.events = EPOLLOUT; | |
811 | memset(&event.data, 0, sizeof(event.data)); | |||
811 | event.data.fd = fd; | 812 | event.data.fd = fd; | |
812 | if (epoll_ctl(manager->epoll_fd, EPOLL_CTL_ADD, fd, &event) == -1 && | 813 | if (epoll_ctl(manager->epoll_fd, EPOLL_CTL_ADD, fd, &event) == -1 && | |
813 | errno != EEXIST) { | 814 | errno != EEXIST) { | |
814 | result = isc__errno2result(errno); | 815 | result = isc__errno2result(errno); | |
815 | } | 816 | } | |
816 | 817 | |||
817 | return (result); | 818 | return (result); | |
818 | #elif defined(USE_DEVPOLL) | 819 | #elif defined(USE_DEVPOLL) | |
819 | struct pollfd pfd; | 820 | struct pollfd pfd; | |
820 | int lockid = FDLOCK_ID(fd); | 821 | int lockid = FDLOCK_ID(fd); | |
821 | 822 | |||
822 | memset(&pfd, 0, sizeof(pfd)); | 823 | memset(&pfd, 0, sizeof(pfd)); | |
823 | if (msg == SELECT_POKE_READ) | 824 | if (msg == SELECT_POKE_READ) | |
@@ -865,26 +866,27 @@ unwatch_fd(isc__socketmgr_t *manager, in | @@ -865,26 +866,27 @@ unwatch_fd(isc__socketmgr_t *manager, in | |||
865 | evchange.flags = EV_DELETE; | 866 | evchange.flags = EV_DELETE; | |
866 | evchange.ident = fd; | 867 | evchange.ident = fd; | |
867 | if (kevent(manager->kqueue_fd, &evchange, 1, NULL, 0, NULL) != 0) | 868 | if (kevent(manager->kqueue_fd, &evchange, 1, NULL, 0, NULL) != 0) | |
868 | result = isc__errno2result(errno); | 869 | result = isc__errno2result(errno); | |
869 | 870 | |||
870 | return (result); | 871 | return (result); | |
871 | #elif defined(USE_EPOLL) | 872 | #elif defined(USE_EPOLL) | |
872 | struct epoll_event event; | 873 | struct epoll_event event; | |
873 | 874 | |||
874 | if (msg == SELECT_POKE_READ) | 875 | if (msg == SELECT_POKE_READ) | |
875 | event.events = EPOLLIN; | 876 | event.events = EPOLLIN; | |
876 | else | 877 | else | |
877 | event.events = EPOLLOUT; | 878 | event.events = EPOLLOUT; | |
879 | memset(&event.data, 0, sizeof(event.data)); | |||
878 | event.data.fd = fd; | 880 | event.data.fd = fd; | |
879 | if (epoll_ctl(manager->epoll_fd, EPOLL_CTL_DEL, fd, &event) == -1 && | 881 | if (epoll_ctl(manager->epoll_fd, EPOLL_CTL_DEL, fd, &event) == -1 && | |
880 | errno != ENOENT) { | 882 | errno != ENOENT) { | |
881 | char strbuf[ISC_STRERRORSIZE]; | 883 | char strbuf[ISC_STRERRORSIZE]; | |
882 | isc__strerror(errno, strbuf, sizeof(strbuf)); | 884 | isc__strerror(errno, strbuf, sizeof(strbuf)); | |
883 | UNEXPECTED_ERROR(__FILE__, __LINE__, | 885 | UNEXPECTED_ERROR(__FILE__, __LINE__, | |
884 | "epoll_ctl(DEL), %d: %s", fd, strbuf); | 886 | "epoll_ctl(DEL), %d: %s", fd, strbuf); | |
885 | result = ISC_R_UNEXPECTED; | 887 | result = ISC_R_UNEXPECTED; | |
886 | } | 888 | } | |
887 | return (result); | 889 | return (result); | |
888 | #elif defined(USE_DEVPOLL) | 890 | #elif defined(USE_DEVPOLL) | |
889 | struct pollfd pfds[2]; | 891 | struct pollfd pfds[2]; | |
890 | size_t writelen = sizeof(pfds[0]); | 892 | size_t writelen = sizeof(pfds[0]); | |
@@ -1666,32 +1668,42 @@ doio_recv(isc__socket_t *sock, isc_socke | @@ -1666,32 +1668,42 @@ doio_recv(isc__socket_t *sock, isc_socke | |||
1666 | #endif | 1668 | #endif | |
1667 | SOFT_OR_HARD(EINVAL, ISC_R_HOSTUNREACH); | 1669 | SOFT_OR_HARD(EINVAL, ISC_R_HOSTUNREACH); | |
1668 | 1670 | |||
1669 | #undef SOFT_OR_HARD | 1671 | #undef SOFT_OR_HARD | |
1670 | #undef ALWAYS_HARD | 1672 | #undef ALWAYS_HARD | |
1671 | 1673 | |||
1672 | dev->result = isc__errno2result(recv_errno); | 1674 | dev->result = isc__errno2result(recv_errno); | |
1673 | inc_stats(sock->manager->stats, | 1675 | inc_stats(sock->manager->stats, | |
1674 | sock->statsindex[STATID_RECVFAIL]); | 1676 | sock->statsindex[STATID_RECVFAIL]); | |
1675 | return (DOIO_HARD); | 1677 | return (DOIO_HARD); | |
1676 | } | 1678 | } | |
1677 | 1679 | |||
1678 | /* | 1680 | /* | |
1679 | * On TCP, zero length reads indicate EOF, while on | 1681 | * On TCP and UNIX sockets, zero length reads indicate EOF, | |
1680 | * UDP, zero length reads are perfectly valid, although | 1682 | * while on UDP sockets, zero length reads are perfectly valid, | |
1681 | * strange. | 1683 | * although strange. | |
1682 | */ | 1684 | */ | |
1683 | if ((sock->type == isc_sockettype_tcp) && (cc == 0)) | 1685 | switch (sock->type) { | |
1684 | return (DOIO_EOF); | 1686 | case isc_sockettype_tcp: | |
1687 | case isc_sockettype_unix: | |||
1688 | if (cc == 0) | |||
1689 | return (DOIO_EOF); | |||
1690 | break; | |||
1691 | case isc_sockettype_udp: | |||
1692 | break; | |||
1693 | case isc_sockettype_fdwatch: | |||
1694 | default: | |||
1695 | INSIST(0); | |||
1696 | } | |||
1685 | 1697 | |||
1686 | if (sock->type == isc_sockettype_udp) { | 1698 | if (sock->type == isc_sockettype_udp) { | |
1687 | dev->address.length = msghdr.msg_namelen; | 1699 | dev->address.length = msghdr.msg_namelen; | |
1688 | if (isc_sockaddr_getport(&dev->address) == 0) { | 1700 | if (isc_sockaddr_getport(&dev->address) == 0) { | |
1689 | if (isc_log_wouldlog(isc_lctx, IOEVENT_LEVEL)) { | 1701 | if (isc_log_wouldlog(isc_lctx, IOEVENT_LEVEL)) { | |
1690 | socket_log(sock, &dev->address, IOEVENT, | 1702 | socket_log(sock, &dev->address, IOEVENT, | |
1691 | isc_msgcat, ISC_MSGSET_SOCKET, | 1703 | isc_msgcat, ISC_MSGSET_SOCKET, | |
1692 | ISC_MSG_ZEROPORT, | 1704 | ISC_MSG_ZEROPORT, | |
1693 | "dropping source port zero packet"); | 1705 | "dropping source port zero packet"); | |
1694 | } | 1706 | } | |
1695 | return (DOIO_SOFT); | 1707 | return (DOIO_SOFT); | |
1696 | } | 1708 | } | |
1697 | /* | 1709 | /* | |
@@ -2378,26 +2390,46 @@ opensocket(isc__socketmgr_t *manager, is | @@ -2378,26 +2390,46 @@ opensocket(isc__socketmgr_t *manager, is | |||
2378 | "failed"), | 2390 | "failed"), | |
2379 | strbuf); | 2391 | strbuf); | |
2380 | } | 2392 | } | |
2381 | #endif /* IPV6_RECVPKTINFO */ | 2393 | #endif /* IPV6_RECVPKTINFO */ | |
2382 | #endif /* ISC_PLATFORM_HAVEIN6PKTINFO */ | 2394 | #endif /* ISC_PLATFORM_HAVEIN6PKTINFO */ | |
2383 | #ifdef IPV6_USE_MIN_MTU /* RFC 3542, not too common yet*/ | 2395 | #ifdef IPV6_USE_MIN_MTU /* RFC 3542, not too common yet*/ | |
2384 | /* use minimum MTU */ | 2396 | /* use minimum MTU */ | |
2385 | if (sock->pf == AF_INET6) { | 2397 | if (sock->pf == AF_INET6) { | |
2386 | (void)setsockopt(sock->fd, IPPROTO_IPV6, | 2398 | (void)setsockopt(sock->fd, IPPROTO_IPV6, | |
2387 | IPV6_USE_MIN_MTU, | 2399 | IPV6_USE_MIN_MTU, | |
2388 | (void *)&on, sizeof(on)); | 2400 | (void *)&on, sizeof(on)); | |
2389 | } | 2401 | } | |
2390 | #endif | 2402 | #endif | |
2403 | #if defined(IPV6_MTU) | |||
2404 | /* | |||
2405 | * Use minimum MTU on IPv6 sockets. | |||
2406 | */ | |||
2407 | if (sock->pf == AF_INET6) { | |||
2408 | int mtu = 1280; | |||
2409 | (void)setsockopt(sock->fd, IPPROTO_IPV6, IPV6_MTU, | |||
2410 | &mtu, sizeof(mtu)); | |||
2411 | } | |||
2412 | #endif | |||
2413 | #if defined(IPV6_MTU_DISCOVER) && defined(IPV6_PMTUDISC_DONT) | |||
2414 | /* | |||
2415 | * Turn off Path MTU discovery on IPv6/UDP sockets. | |||
2416 | */ | |||
2417 | if (sock->pf == AF_INET6) { | |||
2418 | int action = IPV6_PMTUDISC_DONT; | |||
2419 | (void)setsockopt(sock->fd, IPPROTO_IPV6, IPV6_MTU_DISCOVER, | |||
2420 | &action, sizeof(action)); | |||
2421 | } | |||
2422 | #endif | |||
2391 | #endif /* ISC_PLATFORM_HAVEIPV6 */ | 2423 | #endif /* ISC_PLATFORM_HAVEIPV6 */ | |
2392 | #endif /* defined(USE_CMSG) */ | 2424 | #endif /* defined(USE_CMSG) */ | |
2393 | 2425 | |||
2394 | #if defined(IP_MTU_DISCOVER) && defined(IP_PMTUDISC_DONT) | 2426 | #if defined(IP_MTU_DISCOVER) && defined(IP_PMTUDISC_DONT) | |
2395 | /* | 2427 | /* | |
2396 | * Turn off Path MTU discovery on IPv4/UDP sockets. | 2428 | * Turn off Path MTU discovery on IPv4/UDP sockets. | |
2397 | */ | 2429 | */ | |
2398 | if (sock->pf == AF_INET) { | 2430 | if (sock->pf == AF_INET) { | |
2399 | int action = IP_PMTUDISC_DONT; | 2431 | int action = IP_PMTUDISC_DONT; | |
2400 | (void)setsockopt(sock->fd, IPPROTO_IP, IP_MTU_DISCOVER, | 2432 | (void)setsockopt(sock->fd, IPPROTO_IP, IP_MTU_DISCOVER, | |
2401 | &action, sizeof(action)); | 2433 | &action, sizeof(action)); | |
2402 | } | 2434 | } | |
2403 | #endif | 2435 | #endif |
--- src/external/bsd/bind/include/Attic/config.h 2009/12/26 23:08:23 1.3
+++ src/external/bsd/bind/include/Attic/config.h 2010/08/06 10:58:12 1.4
@@ -7,27 +7,27 @@ | @@ -7,27 +7,27 @@ | |||
7 | * Permission to use, copy, modify, and/or distribute this software for any | 7 | * Permission to use, copy, modify, and/or distribute this software for any | |
8 | * purpose with or without fee is hereby granted, provided that the above | 8 | * purpose with or without fee is hereby granted, provided that the above | |
9 | * copyright notice and this permission notice appear in all copies. | 9 | * copyright notice and this permission notice appear in all copies. | |
10 | * | 10 | * | |
11 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | 11 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | |
12 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | 12 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | |
13 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | 13 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | |
14 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | 14 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | |
15 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | 15 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | |
16 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | 16 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | |
17 | * PERFORMANCE OF THIS SOFTWARE. | 17 | * PERFORMANCE OF THIS SOFTWARE. | |
18 | */ | 18 | */ | |
19 | 19 | |||
20 | /* Id: config.h.in,v 1.122 2009/10/27 22:26:05 marka Exp */ | 20 | /* Id: config.h.in,v 1.122.32.10 2010/06/22 04:04:22 marka Exp */ | |
21 | 21 | |||
22 | /*! \file */ | 22 | /*! \file */ | |
23 | 23 | |||
24 | /*** | 24 | /*** | |
25 | *** This file is not to be included by any public header files, because | 25 | *** This file is not to be included by any public header files, because | |
26 | *** it does not get installed. | 26 | *** it does not get installed. | |
27 | ***/ | 27 | ***/ | |
28 | 28 | |||
29 | /** define on DEC OSF to enable 4.4BSD style sa_len support */ | 29 | /** define on DEC OSF to enable 4.4BSD style sa_len support */ | |
30 | /* #undef _SOCKADDR_LEN */ | 30 | /* #undef _SOCKADDR_LEN */ | |
31 | 31 | |||
32 | /** define if your system needs pthread_init() before using pthreads */ | 32 | /** define if your system needs pthread_init() before using pthreads */ | |
33 | /* #undef NEED_PTHREAD_INIT */ | 33 | /* #undef NEED_PTHREAD_INIT */ | |
@@ -160,50 +160,68 @@ int sigwait(const unsigned int *set, int | @@ -160,50 +160,68 @@ int sigwait(const unsigned int *set, int | |||
160 | /* Define if recvmsg() does not meet all of the BSD socket API specifications. | 160 | /* Define if recvmsg() does not meet all of the BSD socket API specifications. | |
161 | */ | 161 | */ | |
162 | /* #undef BROKEN_RECVMSG */ | 162 | /* #undef BROKEN_RECVMSG */ | |
163 | 163 | |||
164 | /* Define if you cannot bind() before connect() for TCP sockets. */ | 164 | /* Define if you cannot bind() before connect() for TCP sockets. */ | |
165 | /* #undef BROKEN_TCP_BIND_BEFORE_CONNECT */ | 165 | /* #undef BROKEN_TCP_BIND_BEFORE_CONNECT */ | |
166 | 166 | |||
167 | /* Define to enable "rrset-order fixed" syntax. */ | 167 | /* Define to enable "rrset-order fixed" syntax. */ | |
168 | #define DNS_RDATASET_FIXED 1 | 168 | #define DNS_RDATASET_FIXED 1 | |
169 | 169 | |||
170 | /* Solaris hack to get select_large_fdset. */ | 170 | /* Solaris hack to get select_large_fdset. */ | |
171 | /* #undef FD_SETSIZE */ | 171 | /* #undef FD_SETSIZE */ | |
172 | 172 | |||
173 | /* Define to nothing if C supports flexible array members, and to 1 if it does | |||
174 | not. That way, with a declaration like `struct s { int n; double | |||
175 | d[FLEXIBLE_ARRAY_MEMBER]; };', the struct hack can be used with pre-C99 | |||
176 | compilers. When computing the size of such an object, don't use 'sizeof | |||
177 | (struct s)' as it overestimates the size. Use 'offsetof (struct s, d)' | |||
178 | instead. Don't use 'offsetof (struct s, d[0])', as this doesn't work with | |||
179 | MSVC and with C++ compilers. */ | |||
180 | #define FLEXIBLE_ARRAY_MEMBER /**/ | |||
181 | ||||
173 | /* Define to 1 if you have the `chroot' function. */ | 182 | /* Define to 1 if you have the `chroot' function. */ | |
174 | #define HAVE_CHROOT 1 | 183 | #define HAVE_CHROOT 1 | |
175 | 184 | |||
176 | /* Define to 1 if you have the <dlfcn.h> header file. */ | 185 | /* Define to 1 if you have the <dlfcn.h> header file. */ | |
177 | #define HAVE_DLFCN_H 1 | 186 | #define HAVE_DLFCN_H 1 | |
178 | 187 | |||
179 | /* Define to 1 if you have the `EVP_sha256' function. */ | 188 | /* Define to 1 if you have the `EVP_sha256' function. */ | |
180 | #define HAVE_EVP_SHA256 1 | 189 | #define HAVE_EVP_SHA256 1 | |
181 | 190 | |||
182 | /* Define to 1 if you have the `EVP_sha512' function. */ | 191 | /* Define to 1 if you have the `EVP_sha512' function. */ | |
183 | #define HAVE_EVP_SHA512 1 | 192 | #define HAVE_EVP_SHA512 1 | |
184 | 193 | |||
185 | /* Define to 1 if you have the <fcntl.h> header file. */ | 194 | /* Define to 1 if you have the <fcntl.h> header file. */ | |
186 | #define HAVE_FCNTL_H 1 | 195 | #define HAVE_FCNTL_H 1 | |
187 | 196 | |||
188 | /* Define to 1 if you have the <gssapi/gssapi.h> header file. */ | 197 | /* Define to 1 if you have the <gssapi/gssapi.h> header file. */ | |
189 | #define HAVE_GSSAPI_GSSAPI_H 1 | 198 | #define HAVE_GSSAPI_GSSAPI_H 1 | |
190 | 199 | |||
191 | /* Define to 1 if you have the <gssapi.h> header file. */ | 200 | /* Define to 1 if you have the <gssapi.h> header file. */ | |
192 | #define HAVE_GSSAPI_H 1 | 201 | #define HAVE_GSSAPI_H 1 | |
193 | 202 | |||
194 | /* Define to 1 if you have the <inttypes.h> header file. */ | 203 | /* Define to 1 if you have the <inttypes.h> header file. */ | |
195 | #define HAVE_INTTYPES_H 1 | 204 | #define HAVE_INTTYPES_H 1 | |
196 | 205 | |||
206 | /* Define to 1 if you have the <kerberosv5/krb5.h> header file. */ | |||
207 | /* #undef HAVE_KERBEROSV5_KRB5_H */ | |||
208 | ||||
209 | /* Define to 1 if you have the <krb5.h> header file. */ | |||
210 | /* #undef HAVE_KRB5_H */ | |||
211 | ||||
212 | /* Define to 1 if you have the <krb5/krb5.h> header file. */ | |||
213 | #define HAVE_KRB5_KRB5_H 1 | |||
214 | ||||
197 | /* Define to 1 if you have the `c' library (-lc). */ | 215 | /* Define to 1 if you have the `c' library (-lc). */ | |
198 | /* #undef HAVE_LIBC */ | 216 | /* #undef HAVE_LIBC */ | |
199 | 217 | |||
200 | /* Define to 1 if you have the `cap' library (-lcap). */ | 218 | /* Define to 1 if you have the `cap' library (-lcap). */ | |
201 | /* #undef HAVE_LIBCAP */ | 219 | /* #undef HAVE_LIBCAP */ | |
202 | 220 | |||
203 | /* if system have backtrace function */ | 221 | /* if system have backtrace function */ | |
204 | /* #undef HAVE_LIBCTRACE */ | 222 | /* #undef HAVE_LIBCTRACE */ | |
205 | 223 | |||
206 | /* Define to 1 if you have the `c_r' library (-lc_r). */ | 224 | /* Define to 1 if you have the `c_r' library (-lc_r). */ | |
207 | /* #undef HAVE_LIBC_R */ | 225 | /* #undef HAVE_LIBC_R */ | |
208 | 226 | |||
209 | /* Define to 1 if you have the `nsl' library (-lnsl). */ | 227 | /* Define to 1 if you have the `nsl' library (-lnsl). */ | |
@@ -301,27 +319,27 @@ int sigwait(const unsigned int *set, int | @@ -301,27 +319,27 @@ int sigwait(const unsigned int *set, int | |||
301 | 319 | |||
302 | /* Define to 1 if you have the <sys/types.h> header file. */ | 320 | /* Define to 1 if you have the <sys/types.h> header file. */ | |
303 | #define HAVE_SYS_TYPES_H 1 | 321 | #define HAVE_SYS_TYPES_H 1 | |
304 | 322 | |||
305 | /* Define to 1 if you have the <sys/un.h> header file. */ | 323 | /* Define to 1 if you have the <sys/un.h> header file. */ | |
306 | #define HAVE_SYS_UN_H 1 | 324 | #define HAVE_SYS_UN_H 1 | |
307 | 325 | |||
308 | /* Define if running under Compaq TruCluster */ | 326 | /* Define if running under Compaq TruCluster */ | |
309 | /* #undef HAVE_TRUCLUSTER */ | 327 | /* #undef HAVE_TRUCLUSTER */ | |
310 | 328 | |||
311 | /* Define to 1 if you have the <unistd.h> header file. */ | 329 | /* Define to 1 if you have the <unistd.h> header file. */ | |
312 | #define HAVE_UNISTD_H 1 | 330 | #define HAVE_UNISTD_H 1 | |
313 | 331 | |||
314 | /* return type of gai_srerror */ | 332 | /* return type of gai_strerror */ | |
315 | #define IRS_GAISTRERROR_RETURN_T const char * | 333 | #define IRS_GAISTRERROR_RETURN_T const char * | |
316 | 334 | |||
317 | /* Define to the buffer length type used by getnameinfo(3). */ | 335 | /* Define to the buffer length type used by getnameinfo(3). */ | |
318 | #define IRS_GETNAMEINFO_BUFLEN_T socklen_t | 336 | #define IRS_GETNAMEINFO_BUFLEN_T socklen_t | |
319 | 337 | |||
320 | /* Define to the flags type used by getnameinfo(3). */ | 338 | /* Define to the flags type used by getnameinfo(3). */ | |
321 | #define IRS_GETNAMEINFO_FLAGS_T int | 339 | #define IRS_GETNAMEINFO_FLAGS_T int | |
322 | 340 | |||
323 | /* Defined if extern char *optarg is not declared. */ | 341 | /* Defined if extern char *optarg is not declared. */ | |
324 | /* #undef NEED_OPTARG */ | 342 | /* #undef NEED_OPTARG */ | |
325 | 343 | |||
326 | /* Define if connect does not honour the permission on the UNIX domain socket. | 344 | /* Define if connect does not honour the permission on the UNIX domain socket. | |
327 | */ | 345 | */ | |
@@ -365,27 +383,27 @@ int sigwait(const unsigned int *set, int | @@ -365,27 +383,27 @@ int sigwait(const unsigned int *set, int | |||
365 | /* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most | 383 | /* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most | |
366 | significant byte first (like Motorola and SPARC, unlike Intel and VAX). */ | 384 | significant byte first (like Motorola and SPARC, unlike Intel and VAX). */ | |
367 | #include <sys/endian.h> | 385 | #include <sys/endian.h> | |
368 | #if _BYTE_ORDER == _BIG_ENDIAN | 386 | #if _BYTE_ORDER == _BIG_ENDIAN | |
369 | #define WORDS_BIGENDIAN | 387 | #define WORDS_BIGENDIAN | |
370 | #endif | 388 | #endif | |
371 | 389 | |||
372 | /* Define to empty if `const' does not conform to ANSI C. */ | 390 | /* Define to empty if `const' does not conform to ANSI C. */ | |
373 | /* #undef const */ | 391 | /* #undef const */ | |
374 | 392 | |||
375 | /* Define to `__inline__' or `__inline' if that's what the C compiler | 393 | /* Define to `__inline__' or `__inline' if that's what the C compiler | |
376 | calls it, or to nothing if 'inline' is not supported under any name. */ | 394 | calls it, or to nothing if 'inline' is not supported under any name. */ | |
377 | #ifndef __cplusplus | 395 | #ifndef __cplusplus | |
378 | /* #undef inline */ | 396 | /* #define inline */ | |
379 | #endif | 397 | #endif | |
380 | 398 | |||
381 | /* Define to `unsigned int' if <sys/types.h> does not define. */ | 399 | /* Define to `unsigned int' if <sys/types.h> does not define. */ | |
382 | /* #undef size_t */ | 400 | /* #undef size_t */ | |
383 | 401 | |||
384 | /* Define to `int' if <sys/types.h> does not define. */ | 402 | /* Define to `int' if <sys/types.h> does not define. */ | |
385 | /* #undef ssize_t */ | 403 | /* #undef ssize_t */ | |
386 | 404 | |||
387 | /* Define to `unsigned long' if <sys/types.h> does not define. */ | 405 | /* Define to `unsigned long' if <sys/types.h> does not define. */ | |
388 | /* #undef uintptr_t */ | 406 | /* #undef uintptr_t */ | |
389 | 407 | |||
390 | /* Define to empty if the keyword `volatile' does not work. Warning: valid | 408 | /* Define to empty if the keyword `volatile' does not work. Warning: valid | |
391 | code using `volatile' can become incorrect without. Disable with care. */ | 409 | code using `volatile' can become incorrect without. Disable with care. */ |
--- src/external/bsd/bind/include/dns/Attic/code.h 2009/12/26 23:08:23 1.3
+++ src/external/bsd/bind/include/dns/Attic/code.h 2010/08/06 10:58:13 1.4
@@ -1,15 +1,15 @@ | @@ -1,15 +1,15 @@ | |||
1 | /* | 1 | /* | |
2 | * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") | 2 | * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") | |
3 | * Copyright (C) 1998-2003 Internet Software Consortium. | 3 | * Copyright (C) 1998-2003 Internet Software Consortium. | |
4 | * | 4 | * | |
5 | * Permission to use, copy, modify, and distribute this software for any | 5 | * Permission to use, copy, modify, and distribute this software for any | |
6 | * purpose with or without fee is hereby granted, provided that the above | 6 | * purpose with or without fee is hereby granted, provided that the above | |
7 | * copyright notice and this permission notice appear in all copies. | 7 | * copyright notice and this permission notice appear in all copies. | |
8 | * | 8 | * | |
9 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | 9 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | |
10 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | 10 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | |
11 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | 11 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | |
12 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | 12 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | |
13 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | 13 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | |
14 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | 14 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | |
15 | * PERFORMANCE OF THIS SOFTWARE. | 15 | * PERFORMANCE OF THIS SOFTWARE. |
--- src/external/bsd/bind/include/dns/Attic/enumclass.h 2009/04/12 03:46:09 1.1
+++ src/external/bsd/bind/include/dns/Attic/enumclass.h 2010/08/06 10:58:13 1.2
@@ -1,15 +1,15 @@ | @@ -1,15 +1,15 @@ | |||
1 | /* | 1 | /* | |
2 | * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") | 2 | * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") | |
3 | * Copyright (C) 1998-2003 Internet Software Consortium. | 3 | * Copyright (C) 1998-2003 Internet Software Consortium. | |
4 | * | 4 | * | |
5 | * Permission to use, copy, modify, and distribute this software for any | 5 | * Permission to use, copy, modify, and distribute this software for any | |
6 | * purpose with or without fee is hereby granted, provided that the above | 6 | * purpose with or without fee is hereby granted, provided that the above | |
7 | * copyright notice and this permission notice appear in all copies. | 7 | * copyright notice and this permission notice appear in all copies. | |
8 | * | 8 | * | |
9 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | 9 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | |
10 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | 10 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | |
11 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | 11 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | |
12 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | 12 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | |
13 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | 13 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | |
14 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | 14 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | |
15 | * PERFORMANCE OF THIS SOFTWARE. | 15 | * PERFORMANCE OF THIS SOFTWARE. |
--- src/external/bsd/bind/include/dns/Attic/enumtype.h 2009/10/25 00:18:39 1.2
+++ src/external/bsd/bind/include/dns/Attic/enumtype.h 2010/08/06 10:58:13 1.3
@@ -1,15 +1,15 @@ | @@ -1,15 +1,15 @@ | |||
1 | /* | 1 | /* | |
2 | * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") | 2 | * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") | |
3 | * Copyright (C) 1998-2003 Internet Software Consortium. | 3 | * Copyright (C) 1998-2003 Internet Software Consortium. | |
4 | * | 4 | * | |
5 | * Permission to use, copy, modify, and distribute this software for any | 5 | * Permission to use, copy, modify, and distribute this software for any | |
6 | * purpose with or without fee is hereby granted, provided that the above | 6 | * purpose with or without fee is hereby granted, provided that the above | |
7 | * copyright notice and this permission notice appear in all copies. | 7 | * copyright notice and this permission notice appear in all copies. | |
8 | * | 8 | * | |
9 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | 9 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | |
10 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | 10 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | |
11 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | 11 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | |
12 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | 12 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | |
13 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | 13 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | |
14 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | 14 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | |
15 | * PERFORMANCE OF THIS SOFTWARE. | 15 | * PERFORMANCE OF THIS SOFTWARE. |
--- src/external/bsd/bind/include/dns/Attic/rdatastruct.h 2009/10/25 00:18:39 1.2
+++ src/external/bsd/bind/include/dns/Attic/rdatastruct.h 2010/08/06 10:58:13 1.3
@@ -1,15 +1,15 @@ | @@ -1,15 +1,15 @@ | |||
1 | /* | 1 | /* | |
2 | * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") | 2 | * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") | |
3 | * Copyright (C) 1998-2003 Internet Software Consortium. | 3 | * Copyright (C) 1998-2003 Internet Software Consortium. | |
4 | * | 4 | * | |
5 | * Permission to use, copy, modify, and distribute this software for any | 5 | * Permission to use, copy, modify, and distribute this software for any | |
6 | * purpose with or without fee is hereby granted, provided that the above | 6 | * purpose with or without fee is hereby granted, provided that the above | |
7 | * copyright notice and this permission notice appear in all copies. | 7 | * copyright notice and this permission notice appear in all copies. | |
8 | * | 8 | * | |
9 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | 9 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | |
10 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | 10 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | |
11 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | 11 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | |
12 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | 12 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | |
13 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | 13 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | |
14 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | 14 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | |
15 | * PERFORMANCE OF THIS SOFTWARE. | 15 | * PERFORMANCE OF THIS SOFTWARE. |
--- src/external/bsd/bind/include/isc/Attic/platform.h 2009/10/25 00:18:39 1.4
+++ src/external/bsd/bind/include/isc/Attic/platform.h 2010/08/06 10:58:13 1.5
@@ -1,31 +1,31 @@ | @@ -1,31 +1,31 @@ | |||
1 | /* | 1 | /* | |
2 | * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") | 2 | * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") | |
3 | * Copyright (C) 1999-2003 Internet Software Consortium. | 3 | * Copyright (C) 1999-2003 Internet Software Consortium. | |
4 | * | 4 | * | |
5 | * Permission to use, copy, modify, and/or distribute this software for any | 5 | * Permission to use, copy, modify, and/or distribute this software for any | |
6 | * purpose with or without fee is hereby granted, provided that the above | 6 | * purpose with or without fee is hereby granted, provided that the above | |
7 | * copyright notice and this permission notice appear in all copies. | 7 | * copyright notice and this permission notice appear in all copies. | |
8 | * | 8 | * | |
9 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | 9 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | |
10 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | 10 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | |
11 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | 11 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | |
12 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | 12 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | |
13 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | 13 | * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE | |
14 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | 14 | * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR | |
15 | * PERFORMANCE OF THIS SOFTWARE. | 15 | * PERFORMANCE OF THIS SOFTWARE. | |
16 | */ | 16 | */ | |
17 | 17 | |||
18 | /* Id: platform.h.in,v 1.53 2009/09/29 15:06:07 fdupont Exp */ | 18 | /* Id: platform.h.in,v 1.53.66.2 2010/06/03 23:49:23 tbox Exp */ | |
19 | 19 | |||
20 | #ifndef ISC_PLATFORM_H | 20 | #ifndef ISC_PLATFORM_H | |
21 | #define ISC_PLATFORM_H 1 | 21 | #define ISC_PLATFORM_H 1 | |
22 | 22 | |||
23 | /*! \file */ | 23 | /*! \file */ | |
24 | 24 | |||
25 | /***** | 25 | /***** | |
26 | ***** Platform-dependent defines. | 26 | ***** Platform-dependent defines. | |
27 | *****/ | 27 | *****/ | |
28 | #include <sys/atomic.h> | 28 | #include <sys/atomic.h> | |
29 | 29 | |||
30 | /*** | 30 | /*** | |
31 | *** Network. | 31 | *** Network. | |
@@ -211,26 +211,32 @@ | @@ -211,26 +211,32 @@ | |||
211 | 211 | |||
212 | /* | 212 | /* | |
213 | * Defined if unistd.h does not cause fd_set to be delared. | 213 | * Defined if unistd.h does not cause fd_set to be delared. | |
214 | */ | 214 | */ | |
215 | #undef ISC_PLATFORM_NEEDSYSSELECTH | 215 | #undef ISC_PLATFORM_NEEDSYSSELECTH | |
216 | 216 | |||
217 | /* | 217 | /* | |
218 | * Defined to <gssapi.h> or <gssapi/gssapi.h> for how to include | 218 | * Defined to <gssapi.h> or <gssapi/gssapi.h> for how to include | |
219 | * the GSSAPI header. | 219 | * the GSSAPI header. | |
220 | */ | 220 | */ | |
221 | 221 | |||
222 | 222 | |||
223 | /* | 223 | /* | |
224 | * Defined to <krb5.h> or <krb5/krb5.h> for how to include | |||
225 | * the KRB5 header. | |||
226 | */ | |||
227 | ||||
228 | ||||
229 | /* | |||
224 | * Type used for resource limits. | 230 | * Type used for resource limits. | |
225 | */ | 231 | */ | |
226 | #define ISC_PLATFORM_RLIMITTYPE rlim_t | 232 | #define ISC_PLATFORM_RLIMITTYPE rlim_t | |
227 | 233 | |||
228 | /* | 234 | /* | |
229 | * Define if your compiler supports "long long int". | 235 | * Define if your compiler supports "long long int". | |
230 | */ | 236 | */ | |
231 | #define ISC_PLATFORM_HAVELONGLONG 1 | 237 | #define ISC_PLATFORM_HAVELONGLONG 1 | |
232 | 238 | |||
233 | /* | 239 | /* | |
234 | * Define if PTHREAD_ONCE_INIT should be surrounded by braces to | 240 | * Define if PTHREAD_ONCE_INIT should be surrounded by braces to | |
235 | * prevent compiler warnings (such as with gcc on Solaris 2.8). | 241 | * prevent compiler warnings (such as with gcc on Solaris 2.8). | |
236 | */ | 242 | */ | |
@@ -240,27 +246,29 @@ | @@ -240,27 +246,29 @@ | |||
240 | * Used to control how extern data is linked; needed for Win32 platforms. | 246 | * Used to control how extern data is linked; needed for Win32 platforms. | |
241 | */ | 247 | */ | |
242 | #undef ISC_PLATFORM_USEDECLSPEC | 248 | #undef ISC_PLATFORM_USEDECLSPEC | |
243 | 249 | |||
244 | /* | 250 | /* | |
245 | * Define if the platform has <sys/un.h>. | 251 | * Define if the platform has <sys/un.h>. | |
246 | */ | 252 | */ | |
247 | #define ISC_PLATFORM_HAVESYSUNH 1 | 253 | #define ISC_PLATFORM_HAVESYSUNH 1 | |
248 | 254 | |||
249 | /* | 255 | /* | |
250 | * If the "xadd" operation is available on this architecture, | 256 | * If the "xadd" operation is available on this architecture, | |
251 | * ISC_PLATFORM_HAVEXADD will be defined. | 257 | * ISC_PLATFORM_HAVEXADD will be defined. | |
252 | */ | 258 | */ | |
259 | #ifdef __HAVE_ATOMIC64_OPS | |||
253 | #define ISC_PLATFORM_HAVEXADD 1 | 260 | #define ISC_PLATFORM_HAVEXADD 1 | |
261 | #endif | |||
254 | 262 | |||
255 | /* | 263 | /* | |
256 | * If the "xaddq" operation (64bit xadd) is available on this architecture, | 264 | * If the "xaddq" operation (64bit xadd) is available on this architecture, | |
257 | * ISC_PLATFORM_HAVEXADDQ will be defined. | 265 | * ISC_PLATFORM_HAVEXADDQ will be defined. | |
258 | */ | 266 | */ | |
259 | #ifdef __HAVE_ATOMIC64_OPS | 267 | #ifdef __HAVE_ATOMIC64_OPS | |
260 | #define ISC_PLATFORM_HAVEXADDQ 1 | 268 | #define ISC_PLATFORM_HAVEXADDQ 1 | |
261 | #endif | 269 | #endif | |
262 | 270 | |||
263 | /* | 271 | /* | |
264 | * If the "atomic swap" operation is available on this architecture, | 272 | * If the "atomic swap" operation is available on this architecture, | |
265 | * ISC_PLATFORM_HAVEATOMICSTORE" will be defined. | 273 | * ISC_PLATFORM_HAVEATOMICSTORE" will be defined. | |
266 | */ | 274 | */ |