aboutsummaryrefslogtreecommitdiff
path: root/bin/named
diff options
context:
space:
mode:
Diffstat (limited to 'bin/named')
-rw-r--r--bin/named/Makefile.in5
-rw-r--r--bin/named/builtin.c17
-rw-r--r--bin/named/client.c227
-rw-r--r--bin/named/config.c16
-rw-r--r--bin/named/control.c9
-rw-r--r--bin/named/controlconf.c12
-rw-r--r--bin/named/include/named/globals.h1
-rw-r--r--bin/named/include/named/main.h6
-rw-r--r--bin/named/include/named/server.h7
-rw-r--r--bin/named/interfacemgr.c15
-rw-r--r--bin/named/logconf.c61
-rw-r--r--bin/named/lwaddr.c10
-rw-r--r--bin/named/lwdgnba.c6
-rw-r--r--bin/named/lwdgrbn.c21
-rw-r--r--bin/named/main.c26
-rw-r--r--bin/named/named.conf.58
-rw-r--r--bin/named/named.conf.docbook7
-rw-r--r--bin/named/named.conf.html36
-rw-r--r--bin/named/query.c30
-rw-r--r--bin/named/server.c552
-rw-r--r--bin/named/statschannel.c4
-rw-r--r--bin/named/unix/os.c5
-rw-r--r--bin/named/update.c18
-rw-r--r--bin/named/zoneconf.c8
24 files changed, 716 insertions, 391 deletions
diff --git a/bin/named/Makefile.in b/bin/named/Makefile.in
index e3ce3bd1547b..1db94da5790b 100644
--- a/bin/named/Makefile.in
+++ b/bin/named/Makefile.in
@@ -1,4 +1,4 @@
-# Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC")
+# Copyright (C) 2004-2014 Internet Systems Consortium, Inc. ("ISC")
# Copyright (C) 1998-2002 Internet Software Consortium.
#
# Permission to use, copy, modify, and/or distribute this software for any
@@ -102,7 +102,7 @@ SYMOBJS = symtbl.@O@
SRCS = builtin.c client.c config.c control.c \
controlconf.c interfacemgr.c \
listenlist.c log.c logconf.c main.c notify.c \
- query.c server.c sortlist.c statschannel.c symtbl.c symtbl-empty.c \
+ query.c server.c sortlist.c statschannel.c \
tkeyconf.c tsigconf.c update.c xfrout.c \
zoneconf.c \
lwaddr.c lwresd.c lwdclient.c lwderror.c lwdgabn.c \
@@ -124,6 +124,7 @@ main.@O@: main.c
-DDESCRIPTION=\"${DESCRIPTION}\" \
-DSRCID=\"${SRCID}\" \
-DCONFIGARGS="\"${CONFIGARGS}\"" \
+ -DBUILDER="\"make\"" \
-DNS_LOCALSTATEDIR=\"${localstatedir}\" \
-DNS_SYSCONFDIR=\"${sysconfdir}\" -c ${srcdir}/main.c
diff --git a/bin/named/builtin.c b/bin/named/builtin.c
index 14204cd295c6..65f4ba57ca02 100644
--- a/bin/named/builtin.c
+++ b/bin/named/builtin.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004, 2005, 2007, 2009-2012 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004, 2005, 2007, 2009-2014 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2001-2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -117,7 +117,7 @@ dns64_rdata(unsigned char *v, size_t start, unsigned char *rdata) {
rdata[j++] = decimal[c];
}
}
- memcpy(&rdata[j], "\07in-addr\04arpa", 14);
+ memmove(&rdata[j], "\07in-addr\04arpa", 14);
return (j + 14);
}
@@ -276,7 +276,8 @@ dns64_cname(const dns_name_t *zone, const dns_name_t *name,
*/
return (ISC_R_NOTFOUND);
}
- return (dns_sdb_putrdata(lookup, dns_rdatatype_cname, 600, rdata, len));
+ return (dns_sdb_putrdata(lookup, dns_rdatatype_cname, 600,
+ rdata, (unsigned int)len));
}
static isc_result_t
@@ -312,7 +313,7 @@ put_txt(dns_sdblookup_t *lookup, const char *text) {
if (len > 255)
len = 255; /* Silently truncate */
buf[0] = len;
- memcpy(&buf[1], text, len);
+ memmove(&buf[1], text, len);
return (dns_sdb_putrdata(lookup, dns_rdatatype_txt, 0, buf, len + 1));
}
@@ -492,11 +493,11 @@ builtin_create(const char *zone, int argc, char **argv,
isc_mem_put(ns_g_mctx, empty, sizeof (*empty));
} else {
if (strcmp(argv[0], "empty") == 0)
- memcpy(empty, &empty_builtin,
- sizeof (empty_builtin));
+ memmove(empty, &empty_builtin,
+ sizeof (empty_builtin));
else
- memcpy(empty, &dns64_builtin,
- sizeof (empty_builtin));
+ memmove(empty, &dns64_builtin,
+ sizeof (empty_builtin));
empty->server = server;
empty->contact = contact;
*dbdata = empty;
diff --git a/bin/named/client.c b/bin/named/client.c
index ff4ab691c184..4cc814efc0ba 100644
--- a/bin/named/client.c
+++ b/bin/named/client.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004-2012 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1999-2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -972,6 +972,7 @@ ns_client_send(ns_client_t *client) {
result = dns_compress_init(&cctx, -1, client->mctx);
if (result != ISC_R_SUCCESS)
goto done;
+ dns_compress_setsensitive(&cctx, ISC_TRUE);
cleanup_cctx = ISC_TRUE;
result = dns_message_renderbegin(client->message, &cctx, &buffer);
@@ -1188,62 +1189,30 @@ ns_client_error(ns_client_t *client, isc_result_t result) {
static inline isc_result_t
client_addopt(ns_client_t *client) {
- dns_rdataset_t *rdataset;
- dns_rdatalist_t *rdatalist;
- dns_rdata_t *rdata;
+ char nsid[BUFSIZ], *nsidp;
isc_result_t result;
dns_view_t *view;
dns_resolver_t *resolver;
isc_uint16_t udpsize;
+ dns_ednsopt_t ednsopts[2];
+ int count = 0;
+ unsigned int flags;
REQUIRE(client->opt == NULL); /* XXXRTH free old. */
- rdatalist = NULL;
- result = dns_message_gettemprdatalist(client->message, &rdatalist);
- if (result != ISC_R_SUCCESS)
- return (result);
- rdata = NULL;
- result = dns_message_gettemprdata(client->message, &rdata);
- if (result != ISC_R_SUCCESS)
- return (result);
- rdataset = NULL;
- result = dns_message_gettemprdataset(client->message, &rdataset);
- if (result != ISC_R_SUCCESS)
- return (result);
- dns_rdataset_init(rdataset);
-
- rdatalist->type = dns_rdatatype_opt;
- rdatalist->covers = 0;
-
- /*
- * Set the maximum UDP buffer size.
- */
view = client->view;
resolver = (view != NULL) ? view->resolver : NULL;
if (resolver != NULL)
udpsize = dns_resolver_getudpsize(resolver);
else
udpsize = ns_g_udpsize;
- rdatalist->rdclass = udpsize;
- /*
- * Set EXTENDED-RCODE, VERSION and Z to 0.
- */
- rdatalist->ttl = (client->extflags & DNS_MESSAGEEXTFLAG_REPLYPRESERVE);
+ flags = client->extflags & DNS_MESSAGEEXTFLAG_REPLYPRESERVE;
/* Set EDNS options if applicable */
- if (client->attributes & NS_CLIENTATTR_WANTNSID &&
+ if ((client->attributes & NS_CLIENTATTR_WANTNSID) != 0 &&
(ns_g_server->server_id != NULL ||
ns_g_server->server_usehostname)) {
- /*
- * Space required for NSID data:
- * 2 bytes for opt code
- * + 2 bytes for NSID length
- * + NSID itself
- */
- char nsid[BUFSIZ], *nsidp;
- isc_buffer_t *buffer = NULL;
-
if (ns_g_server->server_usehostname) {
isc_result_t result;
result = ns_os_gethostname(nsid, sizeof(nsid));
@@ -1254,35 +1223,15 @@ client_addopt(ns_client_t *client) {
} else
nsidp = ns_g_server->server_id;
- rdata->length = strlen(nsidp) + 4;
- result = isc_buffer_allocate(client->mctx, &buffer,
- rdata->length);
- if (result != ISC_R_SUCCESS)
- goto no_nsid;
-
- isc_buffer_putuint16(buffer, DNS_OPT_NSID);
- isc_buffer_putuint16(buffer, strlen(nsidp));
- isc_buffer_putstr(buffer, nsidp);
- rdata->data = buffer->base;
- dns_message_takebuffer(client->message, &buffer);
- } else {
-no_nsid:
- rdata->data = NULL;
- rdata->length = 0;
+ ednsopts[count].code = DNS_OPT_NSID;
+ ednsopts[count].length = strlen(nsidp);
+ ednsopts[count].value = (unsigned char *)nsidp;
+ count++;
}
-
- rdata->rdclass = rdatalist->rdclass;
- rdata->type = rdatalist->type;
- rdata->flags = 0;
-
- ISC_LIST_INIT(rdatalist->rdata);
- ISC_LIST_APPEND(rdatalist->rdata, rdata, link);
- RUNTIME_CHECK(dns_rdatalist_tordataset(rdatalist, rdataset)
- == ISC_R_SUCCESS);
-
- client->opt = rdataset;
-
- return (ISC_R_SUCCESS);
+ no_nsid:
+ result = dns_message_buildopt(client->message, &client->opt, 0,
+ udpsize, flags, ednsopts, count);
+ return (result);
}
static inline isc_boolean_t
@@ -1363,6 +1312,83 @@ ns_client_isself(dns_view_t *myview, dns_tsigkey_t *mykey,
return (ISC_TF(view == myview));
}
+static isc_result_t
+process_opt(ns_client_t *client, dns_rdataset_t *opt) {
+ dns_rdata_t rdata;
+ isc_buffer_t optbuf;
+ isc_result_t result;
+ isc_uint16_t optcode;
+ isc_uint16_t optlen;
+
+ /*
+ * Set the client's UDP buffer size.
+ */
+ client->udpsize = opt->rdclass;
+
+ /*
+ * If the requested UDP buffer size is less than 512,
+ * ignore it and use 512.
+ */
+ if (client->udpsize < 512)
+ client->udpsize = 512;
+
+ /*
+ * Get the flags out of the OPT record.
+ */
+ client->extflags = (isc_uint16_t)(opt->ttl & 0xFFFF);
+
+ /*
+ * Do we understand this version of EDNS?
+ *
+ * XXXRTH need library support for this!
+ */
+ client->ednsversion = (opt->ttl & 0x00FF0000) >> 16;
+ if (client->ednsversion > 0) {
+ isc_stats_increment(ns_g_server->nsstats,
+ dns_nsstatscounter_badednsver);
+ result = client_addopt(client);
+ if (result == ISC_R_SUCCESS)
+ result = DNS_R_BADVERS;
+ ns_client_error(client, result);
+ goto cleanup;
+ }
+
+ /* Check for NSID request */
+ result = dns_rdataset_first(opt);
+ if (result == ISC_R_SUCCESS) {
+ dns_rdata_init(&rdata);
+ dns_rdataset_current(opt, &rdata);
+ isc_buffer_init(&optbuf, rdata.data, rdata.length);
+ isc_buffer_add(&optbuf, rdata.length);
+ while (isc_buffer_remaininglength(&optbuf) >= 4) {
+ optcode = isc_buffer_getuint16(&optbuf);
+ optlen = isc_buffer_getuint16(&optbuf);
+ switch (optcode) {
+ case DNS_OPT_NSID:
+ client->attributes |= NS_CLIENTATTR_WANTNSID;
+ isc_buffer_forward(&optbuf, optlen);
+ break;
+ default:
+ isc_buffer_forward(&optbuf, optlen);
+ break;
+ }
+ }
+ }
+
+ isc_stats_increment(ns_g_server->nsstats, dns_nsstatscounter_edns0in);
+
+ /*
+ * Create an OPT for our reply.
+ */
+ result = client_addopt(client);
+ if (result != ISC_R_SUCCESS) {
+ ns_client_error(client, result);
+ goto cleanup;
+ }
+ cleanup:
+ return (result);
+}
+
/*
* Handle an incoming request event from the socket (UDP case)
* or tcpmsg (TCP case).
@@ -1384,8 +1410,6 @@ client_request(isc_task_t *task, isc_event_t *event) {
dns_messageid_t id;
unsigned int flags;
isc_boolean_t notimp;
- dns_rdata_t rdata;
- isc_uint16_t optcode;
REQUIRE(event != NULL);
client = event->ev_arg;
@@ -1585,67 +1609,9 @@ client_request(isc_task_t *task, isc_event_t *event) {
*/
opt = dns_message_getopt(client->message);
if (opt != NULL) {
- /*
- * Set the client's UDP buffer size.
- */
- client->udpsize = opt->rdclass;
-
- /*
- * If the requested UDP buffer size is less than 512,
- * ignore it and use 512.
- */
- if (client->udpsize < 512)
- client->udpsize = 512;
-
- /*
- * Get the flags out of the OPT record.
- */
- client->extflags = (isc_uint16_t)(opt->ttl & 0xFFFF);
-
- /*
- * Do we understand this version of EDNS?
- *
- * XXXRTH need library support for this!
- */
- client->ednsversion = (opt->ttl & 0x00FF0000) >> 16;
- if (client->ednsversion > 0) {
- isc_stats_increment(ns_g_server->nsstats,
- dns_nsstatscounter_badednsver);
- result = client_addopt(client);
- if (result == ISC_R_SUCCESS)
- result = DNS_R_BADVERS;
- ns_client_error(client, result);
- goto cleanup;
- }
-
- /* Check for NSID request */
- result = dns_rdataset_first(opt);
- if (result == ISC_R_SUCCESS) {
- dns_rdata_init(&rdata);
- dns_rdataset_current(opt, &rdata);
- if (rdata.length >= 2) {
- isc_buffer_t nsidbuf;
- isc_buffer_init(&nsidbuf,
- rdata.data, rdata.length);
- isc_buffer_add(&nsidbuf, rdata.length);
- optcode = isc_buffer_getuint16(&nsidbuf);
- if (optcode == DNS_OPT_NSID)
- client->attributes |=
- NS_CLIENTATTR_WANTNSID;
- }
- }
-
- isc_stats_increment(ns_g_server->nsstats,
- dns_nsstatscounter_edns0in);
-
- /*
- * Create an OPT for our reply.
- */
- result = client_addopt(client);
- if (result != ISC_R_SUCCESS) {
- ns_client_error(client, result);
+ result = process_opt(client, opt);
+ if (result != ISC_R_SUCCESS)
goto cleanup;
- }
}
if (client->message->rdclass == 0) {
@@ -2691,7 +2657,8 @@ ns_client_checkacl(ns_client_t *client, isc_sockaddr_t *sockaddr,
static void
ns_client_name(ns_client_t *client, char *peerbuf, size_t len) {
if (client->peeraddr_valid)
- isc_sockaddr_format(&client->peeraddr, peerbuf, len);
+ isc_sockaddr_format(&client->peeraddr, peerbuf,
+ (unsigned int)len);
else
snprintf(peerbuf, len, "@%p", client);
}
diff --git a/bin/named/config.c b/bin/named/config.c
index 25ebac4db0c1..757bd5f8754e 100644
--- a/bin/named/config.c
+++ b/bin/named/config.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004-2014 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2001-2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -97,7 +97,7 @@ options {\n\
statistics-file \"named.stats\";\n\
statistics-interval 60;\n\
tcp-clients 100;\n\
- tcp-listen-queue 3;\n\
+ tcp-listen-queue 10;\n\
# tkey-dhkey <none>\n\
# tkey-gssapi-credential <none>\n\
# tkey-domain <none>\n\
@@ -555,7 +555,7 @@ ns_config_getipandkeylist(const cfg_obj_t *config, const cfg_obj_t *list,
if (new == NULL)
goto cleanup;
if (listcount != 0) {
- memcpy(new, lists, oldsize);
+ memmove(new, lists, oldsize);
isc_mem_put(mctx, lists, oldsize);
}
lists = new;
@@ -590,7 +590,7 @@ ns_config_getipandkeylist(const cfg_obj_t *config, const cfg_obj_t *list,
if (new == NULL)
goto cleanup;
if (stackcount != 0) {
- memcpy(new, stack, oldsize);
+ memmove(new, stack, oldsize);
isc_mem_put(mctx, stack, oldsize);
}
stack = new;
@@ -617,7 +617,7 @@ ns_config_getipandkeylist(const cfg_obj_t *config, const cfg_obj_t *list,
if (new == NULL)
goto cleanup;
if (addrcount != 0) {
- memcpy(new, addrs, oldsize);
+ memmove(new, addrs, oldsize);
isc_mem_put(mctx, addrs, oldsize);
}
addrs = new;
@@ -629,7 +629,7 @@ ns_config_getipandkeylist(const cfg_obj_t *config, const cfg_obj_t *list,
if (new == NULL)
goto cleanup;
if (keycount != 0) {
- memcpy(new, keys, oldsize);
+ memmove(new, keys, oldsize);
isc_mem_put(mctx, keys, oldsize);
}
keys = new;
@@ -677,7 +677,7 @@ ns_config_getipandkeylist(const cfg_obj_t *config, const cfg_obj_t *list,
new = isc_mem_get(mctx, newsize);
if (new == NULL)
goto cleanup;
- memcpy(new, addrs, newsize);
+ memmove(new, addrs, newsize);
} else
new = NULL;
isc_mem_put(mctx, addrs, oldsize);
@@ -690,7 +690,7 @@ ns_config_getipandkeylist(const cfg_obj_t *config, const cfg_obj_t *list,
new = isc_mem_get(mctx, newsize);
if (new == NULL)
goto cleanup;
- memcpy(new, keys, newsize);
+ memmove(new, keys, newsize);
} else
new = NULL;
isc_mem_put(mctx, keys, oldsize);
diff --git a/bin/named/control.c b/bin/named/control.c
index 2a1a5a8e734e..c98c92f7bed1 100644
--- a/bin/named/control.c
+++ b/bin/named/control.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004-2007, 2009, 2010, 2012 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004-2007, 2009, 2010, 2012, 2013 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2001-2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -105,7 +105,8 @@ ns_control_docommand(isccc_sexpr_t *message, isc_buffer_t *text) {
} else if (command_compare(command, NS_COMMAND_REFRESH)) {
result = ns_server_refreshcommand(ns_g_server, command, text);
} else if (command_compare(command, NS_COMMAND_RETRANSFER)) {
- result = ns_server_retransfercommand(ns_g_server, command);
+ result = ns_server_retransfercommand(ns_g_server,
+ command, text);
} else if (command_compare(command, NS_COMMAND_HALT)) {
#ifdef HAVE_LIBSCF
/*
@@ -196,11 +197,11 @@ ns_control_docommand(isccc_sexpr_t *message, isc_buffer_t *text) {
result = ns_server_validation(ns_g_server, command);
} else if (command_compare(command, NS_COMMAND_SIGN) ||
command_compare(command, NS_COMMAND_LOADKEYS)) {
- result = ns_server_rekey(ns_g_server, command);
+ result = ns_server_rekey(ns_g_server, command, text);
} else if (command_compare(command, NS_COMMAND_ADDZONE)) {
result = ns_server_add_zone(ns_g_server, command);
} else if (command_compare(command, NS_COMMAND_DELZONE)) {
- result = ns_server_del_zone(ns_g_server, command);
+ result = ns_server_del_zone(ns_g_server, command, text);
} else {
isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
NS_LOGMODULE_CONTROL, ISC_LOG_WARNING,
diff --git a/bin/named/controlconf.c b/bin/named/controlconf.c
index 73c0f37e9737..b5e8b7f56670 100644
--- a/bin/named/controlconf.c
+++ b/bin/named/controlconf.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004-2008, 2011-2013 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004-2008, 2011-2014 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2001-2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -367,7 +367,7 @@ control_recvmessage(isc_task_t *task, isc_event_t *event) {
secret.rstart = isc_mem_get(listener->mctx, key->secret.length);
if (secret.rstart == NULL)
goto cleanup;
- memcpy(secret.rstart, key->secret.base, key->secret.length);
+ memmove(secret.rstart, key->secret.base, key->secret.length);
secret.rend = secret.rstart + key->secret.length;
result = isccc_cc_fromwire(&ccregion, &request, &secret);
if (result == ISC_R_SUCCESS)
@@ -784,8 +784,8 @@ register_keys(const cfg_obj_t *control, const cfg_obj_t *keylist,
free_controlkey(keyid, mctx);
break;
}
- memcpy(keyid->secret.base, isc_buffer_base(&b),
- keyid->secret.length);
+ memmove(keyid->secret.base, isc_buffer_base(&b),
+ keyid->secret.length);
}
}
}
@@ -864,8 +864,8 @@ get_rndckey(isc_mem_t *mctx, controlkeylist_t *keyids) {
"out of memory", keyid->keyname);
CHECK(ISC_R_NOMEMORY);
}
- memcpy(keyid->secret.base, isc_buffer_base(&b),
- keyid->secret.length);
+ memmove(keyid->secret.base, isc_buffer_base(&b),
+ keyid->secret.length);
ISC_LIST_APPEND(*keyids, keyid, link);
keyid = NULL;
result = ISC_R_SUCCESS;
diff --git a/bin/named/include/named/globals.h b/bin/named/include/named/globals.h
index 39307f36996b..b632ad6c1a65 100644
--- a/bin/named/include/named/globals.h
+++ b/bin/named/include/named/globals.h
@@ -70,6 +70,7 @@ EXTERN const char * ns_g_product INIT(PRODUCT);
EXTERN const char * ns_g_description INIT(DESCRIPTION);
EXTERN const char * ns_g_srcid INIT(SRCID);
EXTERN const char * ns_g_configargs INIT(CONFIGARGS);
+EXTERN const char * ns_g_builder INIT(BUILDER);
EXTERN in_port_t ns_g_port INIT(0);
EXTERN in_port_t lwresd_g_listenport INIT(0);
diff --git a/bin/named/include/named/main.h b/bin/named/include/named/main.h
index 44251fa825c6..1537fb641da6 100644
--- a/bin/named/include/named/main.h
+++ b/bin/named/include/named/main.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004, 2005, 2007, 2009 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004, 2005, 2007, 2009, 2013 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1999-2002 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -22,6 +22,10 @@
/*! \file */
+#ifdef ISC_MAIN_HOOK
+#define main(argc, argv) bindmain(argc, argv)
+#endif
+
ISC_PLATFORM_NORETURN_PRE void
ns_main_earlyfatal(const char *format, ...)
ISC_FORMAT_PRINTF(1, 2) ISC_PLATFORM_NORETURN_POST;
diff --git a/bin/named/include/named/server.h b/bin/named/include/named/server.h
index 9982e88e09e4..aa5a76b54721 100644
--- a/bin/named/include/named/server.h
+++ b/bin/named/include/named/server.h
@@ -224,7 +224,8 @@ ns_server_refreshcommand(ns_server_t *server, char *args, isc_buffer_t *text);
*/
isc_result_t
-ns_server_retransfercommand(ns_server_t *server, char *args);
+ns_server_retransfercommand(ns_server_t *server, char *args,
+ isc_buffer_t *text);
/*%<
* Act on a "retransfer" command from the command channel.
*/
@@ -304,7 +305,7 @@ ns_server_freeze(ns_server_t *server, isc_boolean_t freeze, char *args,
* take place incrementally.
*/
isc_result_t
-ns_server_rekey(ns_server_t *server, char *args);
+ns_server_rekey(ns_server_t *server, char *args, isc_buffer_t *text);
/*%
* Dump the current recursive queries.
@@ -334,6 +335,6 @@ ns_server_add_zone(ns_server_t *server, char *args);
* Deletes a zone from a running process
*/
isc_result_t
-ns_server_del_zone(ns_server_t *server, char *args);
+ns_server_del_zone(ns_server_t *server, char *args, isc_buffer_t *text);
#endif /* NAMED_SERVER_H */
diff --git a/bin/named/interfacemgr.c b/bin/named/interfacemgr.c
index 15ffe00aa51a..9cf3cde697b5 100644
--- a/bin/named/interfacemgr.c
+++ b/bin/named/interfacemgr.c
@@ -525,15 +525,22 @@ setup_locals(ns_interfacemgr_t *mgr, isc_interface_t *interface) {
return (result);
if (result != ISC_R_SUCCESS) {
- isc_log_write(IFMGR_COMMON_LOGARGS,
- ISC_LOG_WARNING,
+ isc_log_write(IFMGR_COMMON_LOGARGS, ISC_LOG_WARNING,
"omitting IPv4 interface %s from "
- "localnets ACL: %s",
- interface->name,
+ "localnets ACL: %s", interface->name,
isc_result_totext(result));
return (ISC_R_SUCCESS);
}
+ if (prefixlen == 0U) {
+ isc_log_write(IFMGR_COMMON_LOGARGS, ISC_LOG_WARNING,
+ "omitting %s interface %s from localnets ACL: "
+ "zero prefix length detected",
+ (netaddr->family == AF_INET) ? "IPv4" : "IPv6",
+ interface->name);
+ return (ISC_R_SUCCESS);
+ }
+
result = dns_iptable_addprefix(mgr->aclenv.localnets->iptable,
netaddr, prefixlen, ISC_TRUE);
if (result != ISC_R_SUCCESS)
diff --git a/bin/named/logconf.c b/bin/named/logconf.c
index f02b97fcddee..592a7ae92b17 100644
--- a/bin/named/logconf.c
+++ b/bin/named/logconf.c
@@ -41,10 +41,10 @@
/*%
* Set up a logging category according to the named.conf data
- * in 'ccat' and add it to 'lctx'.
+ * in 'ccat' and add it to 'logconfig'.
*/
static isc_result_t
-category_fromconf(const cfg_obj_t *ccat, isc_logconfig_t *lctx) {
+category_fromconf(const cfg_obj_t *ccat, isc_logconfig_t *logconfig) {
isc_result_t result;
const char *catname;
isc_logcategory_t *category;
@@ -64,6 +64,9 @@ category_fromconf(const cfg_obj_t *ccat, isc_logconfig_t *lctx) {
return (ISC_R_SUCCESS);
}
+ if (logconfig == NULL)
+ return (ISC_R_SUCCESS);
+
module = NULL;
destinations = cfg_tuple_get(ccat, "destinations");
@@ -74,7 +77,7 @@ category_fromconf(const cfg_obj_t *ccat, isc_logconfig_t *lctx) {
const cfg_obj_t *channel = cfg_listelt_value(element);
const char *channelname = cfg_obj_asstring(channel);
- result = isc_log_usechannel(lctx, channelname, category,
+ result = isc_log_usechannel(logconfig, channelname, category,
module);
if (result != ISC_R_SUCCESS) {
isc_log_write(ns_g_lctx, CFG_LOGCATEGORY_CONFIG,
@@ -89,10 +92,11 @@ category_fromconf(const cfg_obj_t *ccat, isc_logconfig_t *lctx) {
/*%
* Set up a logging channel according to the named.conf data
- * in 'cchan' and add it to 'lctx'.
+ * in 'cchan' and add it to 'logconfig'.
*/
static isc_result_t
-channel_fromconf(const cfg_obj_t *channel, isc_logconfig_t *lctx) {
+channel_fromconf(const cfg_obj_t *channel, isc_logconfig_t *logconfig)
+{
isc_result_t result;
isc_logdestination_t dest;
unsigned int type;
@@ -215,8 +219,11 @@ channel_fromconf(const cfg_obj_t *channel, isc_logconfig_t *lctx) {
level = cfg_obj_asuint32(severity);
}
- result = isc_log_createchannel(lctx, channelname,
- type, level, &dest, flags);
+ if (logconfig == NULL)
+ result = ISC_R_SUCCESS;
+ else
+ result = isc_log_createchannel(logconfig, channelname,
+ type, level, &dest, flags);
if (result == ISC_R_SUCCESS && type == ISC_LOG_TOFILE) {
FILE *fp;
@@ -226,32 +233,31 @@ channel_fromconf(const cfg_obj_t *channel, isc_logconfig_t *lctx) {
* Fix defect #22771
*/
result = isc_file_isplainfile(dest.file.name);
- if (result == ISC_R_SUCCESS ||
- result == ISC_R_FILENOTFOUND) {
+ if (result == ISC_R_SUCCESS || result == ISC_R_FILENOTFOUND) {
/*
* Test that the file can be opened, since
* isc_log_open() can't effectively report
- * failures when called in
- * isc_log_doit().
+ * failures when called in isc_log_doit().
*/
result = isc_stdio_open(dest.file.name, "a", &fp);
if (result != ISC_R_SUCCESS) {
- syslog(LOG_ERR,
- "isc_stdio_open '%s' failed: %s",
- dest.file.name,
- isc_result_totext(result));
+ if (logconfig != NULL && !ns_g_nosyslog)
+ syslog(LOG_ERR,
+ "isc_stdio_open '%s' failed: "
+ "%s", dest.file.name,
+ isc_result_totext(result));
fprintf(stderr,
- "isc_stdio_open '%s' failed: %s",
+ "isc_stdio_open '%s' failed: %s\n",
dest.file.name,
isc_result_totext(result));
} else
(void)isc_stdio_close(fp);
goto done;
}
- if (!ns_g_nosyslog)
+ if (logconfig != NULL && !ns_g_nosyslog)
syslog(LOG_ERR, "isc_file_isplainfile '%s' failed: %s",
dest.file.name, isc_result_totext(result));
- fprintf(stderr, "isc_file_isplainfile '%s' failed: %s",
+ fprintf(stderr, "isc_file_isplainfile '%s' failed: %s\n",
dest.file.name, isc_result_totext(result));
}
@@ -260,7 +266,7 @@ channel_fromconf(const cfg_obj_t *channel, isc_logconfig_t *lctx) {
}
isc_result_t
-ns_log_configure(isc_logconfig_t *logconf, const cfg_obj_t *logstmt) {
+ns_log_configure(isc_logconfig_t *logconfig, const cfg_obj_t *logstmt) {
isc_result_t result;
const cfg_obj_t *channels = NULL;
const cfg_obj_t *categories = NULL;
@@ -269,7 +275,8 @@ ns_log_configure(isc_logconfig_t *logconf, const cfg_obj_t *logstmt) {
isc_boolean_t unmatched_set = ISC_FALSE;
const cfg_obj_t *catname;
- CHECK(ns_log_setdefaultchannels(logconf));
+ if (logconfig != NULL)
+ CHECK(ns_log_setdefaultchannels(logconfig));
(void)cfg_map_get(logstmt, "channel", &channels);
for (element = cfg_list_first(channels);
@@ -277,7 +284,7 @@ ns_log_configure(isc_logconfig_t *logconf, const cfg_obj_t *logstmt) {
element = cfg_list_next(element))
{
const cfg_obj_t *channel = cfg_listelt_value(element);
- CHECK(channel_fromconf(channel, logconf));
+ CHECK(channel_fromconf(channel, logconfig));
}
(void)cfg_map_get(logstmt, "category", &categories);
@@ -286,7 +293,7 @@ ns_log_configure(isc_logconfig_t *logconf, const cfg_obj_t *logstmt) {
element = cfg_list_next(element))
{
const cfg_obj_t *category = cfg_listelt_value(element);
- CHECK(category_fromconf(category, logconf));
+ CHECK(category_fromconf(category, logconfig));
if (!default_set) {
catname = cfg_tuple_get(category, "name");
if (strcmp(cfg_obj_asstring(catname), "default") == 0)
@@ -299,16 +306,14 @@ ns_log_configure(isc_logconfig_t *logconf, const cfg_obj_t *logstmt) {
}
}
- if (!default_set)
- CHECK(ns_log_setdefaultcategory(logconf));
+ if (logconfig != NULL && !default_set)
+ CHECK(ns_log_setdefaultcategory(logconfig));
- if (!unmatched_set)
- CHECK(ns_log_setunmatchedcategory(logconf));
+ if (logconfig != NULL && !unmatched_set)
+ CHECK(ns_log_setunmatchedcategory(logconfig));
return (ISC_R_SUCCESS);
cleanup:
- if (logconf != NULL)
- isc_logconfig_destroy(&logconf);
return (result);
}
diff --git a/bin/named/lwaddr.c b/bin/named/lwaddr.c
index ed7880ac2682..aecccce21172 100644
--- a/bin/named/lwaddr.c
+++ b/bin/named/lwaddr.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004, 2005, 2007, 2008 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004, 2005, 2007, 2008, 2014 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2000, 2001 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -41,11 +41,11 @@ lwaddr_netaddr_fromlwresaddr(isc_netaddr_t *na, lwres_addr_t *la) {
if (la->family == LWRES_ADDRTYPE_V4) {
struct in_addr ina;
- memcpy(&ina.s_addr, la->address, 4);
+ memmove(&ina.s_addr, la->address, 4);
isc_netaddr_fromin(na, &ina);
} else {
struct in6_addr ina6;
- memcpy(&ina6.s6_addr, la->address, 16);
+ memmove(&ina6.s6_addr, la->address, 16);
isc_netaddr_fromin6(na, &ina6);
}
return (ISC_R_SUCCESS);
@@ -77,11 +77,11 @@ lwaddr_lwresaddr_fromnetaddr(lwres_addr_t *la, isc_netaddr_t *na) {
if (na->family == AF_INET) {
la->family = LWRES_ADDRTYPE_V4;
la->length = 4;
- memcpy(la->address, &na->type.in, 4);
+ memmove(la->address, &na->type.in, 4);
} else {
la->family = LWRES_ADDRTYPE_V6;
la->length = 16;
- memcpy(la->address, &na->type.in6, 16);
+ memmove(la->address, &na->type.in6, 16);
}
return (ISC_R_SUCCESS);
}
diff --git a/bin/named/lwdgnba.c b/bin/named/lwdgnba.c
index dfc2ad654399..2de5287d63df 100644
--- a/bin/named/lwdgnba.c
+++ b/bin/named/lwdgnba.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004, 2005, 2007, 2008 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004, 2005, 2007, 2008, 2014 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2000-2002 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -226,12 +226,12 @@ ns_lwdclient_processgnba(ns_lwdclient_t *client, lwres_buffer_t *b) {
client->na.family = AF_INET;
if (req->addr.length != 4)
goto out;
- memcpy(&client->na.type.in, req->addr.address, 4);
+ memmove(&client->na.type.in, req->addr.address, 4);
} else if (req->addr.family == LWRES_ADDRTYPE_V6) {
client->na.family = AF_INET6;
if (req->addr.length != 16)
goto out;
- memcpy(&client->na.type.in6, req->addr.address, 16);
+ memmove(&client->na.type.in6, req->addr.address, 16);
} else {
goto out;
}
diff --git a/bin/named/lwdgrbn.c b/bin/named/lwdgrbn.c
index 5c858cbedacd..3e7b15bbdbbf 100644
--- a/bin/named/lwdgrbn.c
+++ b/bin/named/lwdgrbn.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004-2007, 2009 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004-2007, 2009, 2013, 2014 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2000, 2001, 2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -124,8 +124,8 @@ iterate_node(lwres_grbnresponse_t *grbn, dns_db_t *db, dns_dbnode_t *node,
lens = isc_mem_get(mctx, size * sizeof(*lens));
if (lens == NULL)
goto out;
- memcpy(rdatas, oldrdatas, used * sizeof(*rdatas));
- memcpy(lens, oldlens, used * sizeof(*lens));
+ memmove(rdatas, oldrdatas, used * sizeof(*rdatas));
+ memmove(lens, oldlens, used * sizeof(*lens));
isc_mem_put(mctx, oldrdatas,
oldsize * sizeof(*oldrdatas));
isc_mem_put(mctx, oldlens, oldsize * sizeof(*oldlens));
@@ -158,8 +158,8 @@ iterate_node(lwres_grbnresponse_t *grbn, dns_db_t *db, dns_dbnode_t *node,
newlens = isc_mem_get(mctx, used * sizeof(*lens));
if (newlens == NULL)
goto out;
- memcpy(newrdatas, rdatas, used * sizeof(*rdatas));
- memcpy(newlens, lens, used * sizeof(*lens));
+ memmove(newrdatas, rdatas, used * sizeof(*rdatas));
+ memmove(newlens, lens, used * sizeof(*lens));
isc_mem_put(mctx, rdatas, size * sizeof(*rdatas));
isc_mem_put(mctx, lens, size * sizeof(*lens));
grbn->rdatas = newrdatas;
@@ -204,6 +204,8 @@ lookup_done(isc_task_t *task, isc_event_t *event) {
lwres_grbnresponse_t *grbn;
int i;
+ REQUIRE(event != NULL);
+
UNUSED(task);
lwb.base = NULL;
@@ -324,9 +326,6 @@ lookup_done(isc_task_t *task, isc_event_t *event) {
(grbn->nsigs == 1) ? "" : "s");
}
- dns_lookup_destroy(&client->lookup);
- isc_event_free(&event);
-
/*
* Render the packet.
*/
@@ -362,6 +361,9 @@ lookup_done(isc_task_t *task, isc_event_t *event) {
NS_LWDCLIENT_SETSEND(client);
+ dns_lookup_destroy(&client->lookup);
+ isc_event_free(&event);
+
return;
out:
@@ -384,8 +386,7 @@ lookup_done(isc_task_t *task, isc_event_t *event) {
if (lwb.base != NULL)
lwres_context_freemem(cm->lwctx, lwb.base, lwb.length);
- if (event != NULL)
- isc_event_free(&event);
+ isc_event_free(&event);
ns_lwdclient_log(50, "error constructing getrrsetbyname response");
ns_lwdclient_errorpktsend(client, LWRES_R_FAILURE);
diff --git a/bin/named/main.c b/bin/named/main.c
index f6c929e5b967..d3d9fa23a7a3 100644
--- a/bin/named/main.c
+++ b/bin/named/main.c
@@ -390,7 +390,7 @@ set_flags(const char *arg, struct flag_def *defs, unsigned int *ret) {
int arglen;
if (end == NULL)
end = arg + strlen(arg);
- arglen = end - arg;
+ arglen = (int)(end - arg);
for (def = defs; def->name != NULL; def++) {
if (arglen == (int)strlen(def->name) &&
memcmp(arg, def->name, arglen) == 0) {
@@ -415,6 +415,7 @@ parse_command_line(int argc, char *argv[]) {
save_command_line(argc, argv);
+ /* PLEASE keep options synchronized when main is hooked! */
isc_commandline_errprint = ISC_FALSE;
while ((ch = isc_commandline_parse(argc, argv,
"46c:C:d:E:fFgi:lm:n:N:p:P:"
@@ -544,8 +545,25 @@ parse_command_line(int argc, char *argv[]) {
printf("%s %s", ns_g_product, ns_g_version);
if (*ns_g_description != 0)
printf(" %s", ns_g_description);
- printf(" <id:%s> built with %s\n", ns_g_srcid,
- ns_g_configargs);
+ printf(" <id:%s> built by %s with %s\n", ns_g_srcid,
+ ns_g_builder, ns_g_configargs);
+#ifdef __clang__
+ printf("compiled by CLANG %s\n", __VERSION__);
+#else
+#if defined(__ICC) || defined(__INTEL_COMPILER)
+ printf("compiled by ICC %s\n", __VERSION__);
+#else
+#ifdef __GNUC__
+ printf("compiled by GCC %s\n", __VERSION__);
+#endif
+#endif
+#endif
+#ifdef _MSC_VER
+ printf("compiled by MSVC %d\n", _MSC_VER);
+#endif
+#ifdef __SUNPRO_C
+ printf("compiled by Solaris Studio %x\n", __SUNPRO_C);
+#endif
#ifdef OPENSSL
printf("using OpenSSL version: %s\n",
OPENSSL_VERSION_TEXT);
@@ -1026,6 +1044,8 @@ ns_smf_get_instance(char **ins_name, int debug, isc_mem_t *mctx) {
}
#endif /* HAVE_LIBSCF */
+/* main entry point, possibly hooked */
+
int
main(int argc, char *argv[]) {
isc_result_t result;
diff --git a/bin/named/named.conf.5 b/bin/named/named.conf.5
index 09b147ee7de2..e03021a1e878 100644
--- a/bin/named/named.conf.5
+++ b/bin/named/named.conf.5
@@ -1,4 +1,4 @@
-.\" Copyright (C) 2004-2011, 2013 Internet Systems Consortium, Inc. ("ISC")
+.\" Copyright (C) 2004-2011, 2013, 2014 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" Permission to use, copy, modify, and/or distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
@@ -187,7 +187,7 @@ options {
random\-device \fIquoted_string\fR;
recursive\-clients \fIinteger\fR;
serial\-query\-rate \fIinteger\fR;
- server\-id ( \fIquoted_string\fR | none );
+ server\-id ( \fIquoted_string\fR | hostname | none );
stacksize \fIsize\fR;
statistics\-file \fIquoted_string\fR;
statistics\-interval \fIinteger\fR; // not yet implemented
@@ -322,7 +322,7 @@ options {
zone\-statistics \fIboolean\fR;
key\-directory \fIquoted_string\fR;
managed\-keys\-directory \fIquoted_string\fR;
- auto\-dnssec \fBallow\fR|\fBmaintain\fR|\fBcreate\fR|\fBoff\fR;
+ auto\-dnssec \fBallow\fR|\fBmaintain\fR|\fBoff\fR;
try\-tcp\-refresh \fIboolean\fR;
zero\-no\-soa\-ttl \fIboolean\fR;
zero\-no\-soa\-ttl\-cache \fIboolean\fR;
@@ -592,5 +592,5 @@ zone \fIstring\fR \fIoptional_class\fR {
\fBrndc\fR(8),
BIND 9 Administrator Reference Manual.
.SH "COPYRIGHT"
-Copyright \(co 2004\-2011, 2013 Internet Systems Consortium, Inc. ("ISC")
+Copyright \(co 2004\-2011, 2013, 2014 Internet Systems Consortium, Inc. ("ISC")
.br
diff --git a/bin/named/named.conf.docbook b/bin/named/named.conf.docbook
index 2527ac3ae7e8..ad0b90c143a7 100644
--- a/bin/named/named.conf.docbook
+++ b/bin/named/named.conf.docbook
@@ -2,7 +2,7 @@
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"
[<!ENTITY mdash "&#8212;">]>
<!--
- - Copyright (C) 2004-2011, 2013 Internet Systems Consortium, Inc. ("ISC")
+ - Copyright (C) 2004-2011, 2013, 2014 Internet Systems Consortium, Inc. ("ISC")
-
- Permission to use, copy, modify, and/or distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
@@ -45,6 +45,7 @@
<year>2010</year>
<year>2011</year>
<year>2013</year>
+ <year>2014</year>
<holder>Internet Systems Consortium, Inc. ("ISC")</holder>
</copyright>
</docinfo>
@@ -219,7 +220,7 @@ options {
random-device <replaceable>quoted_string</replaceable>;
recursive-clients <replaceable>integer</replaceable>;
serial-query-rate <replaceable>integer</replaceable>;
- server-id ( <replaceable>quoted_string</replaceable> | none );
+ server-id ( <replaceable>quoted_string</replaceable> | hostname | none );
stacksize <replaceable>size</replaceable>;
statistics-file <replaceable>quoted_string</replaceable>;
statistics-interval <replaceable>integer</replaceable>; // not yet implemented
@@ -365,7 +366,7 @@ options {
zone-statistics <replaceable>boolean</replaceable>;
key-directory <replaceable>quoted_string</replaceable>;
managed-keys-directory <replaceable>quoted_string</replaceable>;
- auto-dnssec <constant>allow</constant>|<constant>maintain</constant>|<constant>create</constant>|<constant>off</constant>;
+ auto-dnssec <constant>allow</constant>|<constant>maintain</constant>|<constant>off</constant>;
try-tcp-refresh <replaceable>boolean</replaceable>;
zero-no-soa-ttl <replaceable>boolean</replaceable>;
zero-no-soa-ttl-cache <replaceable>boolean</replaceable>;
diff --git a/bin/named/named.conf.html b/bin/named/named.conf.html
index a8b35edc8602..0fa370a4bda6 100644
--- a/bin/named/named.conf.html
+++ b/bin/named/named.conf.html
@@ -1,5 +1,5 @@
<!--
- - Copyright (C) 2004-2011, 2013 Internet Systems Consortium, Inc. ("ISC")
+ - Copyright (C) 2004-2011, 2013, 2014 Internet Systems Consortium, Inc. ("ISC")
-
- Permission to use, copy, modify, and/or distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
@@ -31,7 +31,7 @@
<div class="cmdsynopsis"><p><code class="command">named.conf</code> </p></div>
</div>
<div class="refsect1" lang="en">
-<a name="id2543356"></a><h2>DESCRIPTION</h2>
+<a name="id2543360"></a><h2>DESCRIPTION</h2>
<p><code class="filename">named.conf</code> is the configuration file
for
<span><strong class="command">named</strong></span>. Statements are enclosed
@@ -50,14 +50,14 @@
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543384"></a><h2>ACL</h2>
+<a name="id2543387"></a><h2>ACL</h2>
<div class="literallayout"><p><br>
acl <em class="replaceable"><code>string</code></em> { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
<br>
</p></div>
</div>
<div class="refsect1" lang="en">
-<a name="id2543400"></a><h2>KEY</h2>
+<a name="id2543403"></a><h2>KEY</h2>
<div class="literallayout"><p><br>
key <em class="replaceable"><code>domain_name</code></em> {<br>
algorithm <em class="replaceable"><code>string</code></em>;<br>
@@ -66,7 +66,7 @@ key <em class="replaceable"><code>domain_name</code></em> {<br>
</p></div>
</div>
<div class="refsect1" lang="en">
-<a name="id2543419"></a><h2>MASTERS</h2>
+<a name="id2543422"></a><h2>MASTERS</h2>
<div class="literallayout"><p><br>
masters <em class="replaceable"><code>string</code></em> [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] {<br>
( <em class="replaceable"><code>masters</code></em> | <em class="replaceable"><code>ipv4_address</code></em> [<span class="optional">port <em class="replaceable"><code>integer</code></em></span>] |<br>
@@ -75,7 +75,7 @@ masters <em class="replaceable"><code>string</code></em> [<span class="optional"
</p></div>
</div>
<div class="refsect1" lang="en">
-<a name="id2543465"></a><h2>SERVER</h2>
+<a name="id2543468"></a><h2>SERVER</h2>
<div class="literallayout"><p><br>
server ( <em class="replaceable"><code>ipv4_address[<span class="optional">/prefixlen</span>]</code></em> | <em class="replaceable"><code>ipv6_address[<span class="optional">/prefixlen</span>]</code></em> ) {<br>
bogus <em class="replaceable"><code>boolean</code></em>;<br>
@@ -97,7 +97,7 @@ server ( <em class="replaceable"><code>ipv4_address[<span class="optional">/pref
</p></div>
</div>
<div class="refsect1" lang="en">
-<a name="id2543533"></a><h2>TRUSTED-KEYS</h2>
+<a name="id2543537"></a><h2>TRUSTED-KEYS</h2>
<div class="literallayout"><p><br>
trusted-keys {<br>
<em class="replaceable"><code>domain_name</code></em> <em class="replaceable"><code>flags</code></em> <em class="replaceable"><code>protocol</code></em> <em class="replaceable"><code>algorithm</code></em> <em class="replaceable"><code>key</code></em>; ... <br>
@@ -105,7 +105,7 @@ trusted-keys {<br>
</p></div>
</div>
<div class="refsect1" lang="en">
-<a name="id2543559"></a><h2>MANAGED-KEYS</h2>
+<a name="id2543562"></a><h2>MANAGED-KEYS</h2>
<div class="literallayout"><p><br>
managed-keys {<br>
<em class="replaceable"><code>domain_name</code></em> <code class="constant">initial-key</code> <em class="replaceable"><code>flags</code></em> <em class="replaceable"><code>protocol</code></em> <em class="replaceable"><code>algorithm</code></em> <em class="replaceable"><code>key</code></em>; ... <br>
@@ -113,7 +113,7 @@ managed-keys {<br>
</p></div>
</div>
<div class="refsect1" lang="en">
-<a name="id2543588"></a><h2>CONTROLS</h2>
+<a name="id2543591"></a><h2>CONTROLS</h2>
<div class="literallayout"><p><br>
controls {<br>
inet ( <em class="replaceable"><code>ipv4_address</code></em> | <em class="replaceable"><code>ipv6_address</code></em> | * )<br>
@@ -125,7 +125,7 @@ controls {<br>
</p></div>
</div>
<div class="refsect1" lang="en">
-<a name="id2543623"></a><h2>LOGGING</h2>
+<a name="id2543626"></a><h2>LOGGING</h2>
<div class="literallayout"><p><br>
logging {<br>
channel <em class="replaceable"><code>string</code></em> {<br>
@@ -143,7 +143,7 @@ logging {<br>
</p></div>
</div>
<div class="refsect1" lang="en">
-<a name="id2543661"></a><h2>LWRES</h2>
+<a name="id2543665"></a><h2>LWRES</h2>
<div class="literallayout"><p><br>
lwres {<br>
listen-on [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] {<br>
@@ -156,7 +156,7 @@ lwres {<br>
</p></div>
</div>
<div class="refsect1" lang="en">
-<a name="id2543703"></a><h2>OPTIONS</h2>
+<a name="id2543706"></a><h2>OPTIONS</h2>
<div class="literallayout"><p><br>
options {<br>
avoid-v4-udp-ports { <em class="replaceable"><code>port</code></em>; ... };<br>
@@ -184,7 +184,7 @@ options {<br>
random-device <em class="replaceable"><code>quoted_string</code></em>;<br>
recursive-clients <em class="replaceable"><code>integer</code></em>;<br>
serial-query-rate <em class="replaceable"><code>integer</code></em>;<br>
- server-id ( <em class="replaceable"><code>quoted_string</code></em> | none );<br>
+ server-id ( <em class="replaceable"><code>quoted_string</code></em> | hostname | none );<br>
stacksize <em class="replaceable"><code>size</code></em>;<br>
statistics-file <em class="replaceable"><code>quoted_string</code></em>;<br>
statistics-interval <em class="replaceable"><code>integer</code></em>; // not yet implemented<br>
@@ -330,7 +330,7 @@ options {<br>
zone-statistics <em class="replaceable"><code>boolean</code></em>;<br>
key-directory <em class="replaceable"><code>quoted_string</code></em>;<br>
managed-keys-directory <em class="replaceable"><code>quoted_string</code></em>;<br>
- auto-dnssec <code class="constant">allow</code>|<code class="constant">maintain</code>|<code class="constant">create</code>|<code class="constant">off</code>;<br>
+ auto-dnssec <code class="constant">allow</code>|<code class="constant">maintain</code>|<code class="constant">off</code>;<br>
try-tcp-refresh <em class="replaceable"><code>boolean</code></em>;<br>
zero-no-soa-ttl <em class="replaceable"><code>boolean</code></em>;<br>
zero-no-soa-ttl-cache <em class="replaceable"><code>boolean</code></em>;<br>
@@ -360,7 +360,7 @@ options {<br>
</p></div>
</div>
<div class="refsect1" lang="en">
-<a name="id2544578"></a><h2>VIEW</h2>
+<a name="id2544579"></a><h2>VIEW</h2>
<div class="literallayout"><p><br>
view <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>optional_class</code></em> {<br>
match-clients { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
@@ -523,7 +523,7 @@ view <em class="replaceable"><code>string</code></em> <em class="replaceable"><c
</p></div>
</div>
<div class="refsect1" lang="en">
-<a name="id2545287"></a><h2>ZONE</h2>
+<a name="id2545288"></a><h2>ZONE</h2>
<div class="literallayout"><p><br>
zone <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>optional_class</code></em> {<br>
type ( master | slave | stub | hint |<br>
@@ -618,12 +618,12 @@ zone <em class="replaceable"><code>string</code></em> <em class="replaceable"><c
</p></div>
</div>
<div class="refsect1" lang="en">
-<a name="id2545667"></a><h2>FILES</h2>
+<a name="id2545668"></a><h2>FILES</h2>
<p><code class="filename">/etc/named.conf</code>
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2545678"></a><h2>SEE ALSO</h2>
+<a name="id2545680"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">named-checkconf</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">rndc</span>(8)</span>,
diff --git a/bin/named/query.c b/bin/named/query.c
index 8c589841396b..c582e4c8a61b 100644
--- a/bin/named/query.c
+++ b/bin/named/query.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004-2014 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1999-2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -773,7 +773,7 @@ query_validatezonedb(ns_client_t *client, dns_name_t *name,
if (queryonacl == NULL)
queryonacl = client->view->queryonacl;
- result = ns_client_checkaclsilent(client, NULL,
+ result = ns_client_checkaclsilent(client, &client->destaddr,
queryonacl, ISC_TRUE);
if ((options & DNS_GETDB_NOLOG) == 0 &&
result != ISC_R_SUCCESS)
@@ -4900,12 +4900,12 @@ rdata_tonetaddr(const dns_rdata_t *rdata, isc_netaddr_t *netaddr) {
switch (rdata->type) {
case dns_rdatatype_a:
INSIST(rdata->length == 4);
- memcpy(&ina.s_addr, rdata->data, 4);
+ memmove(&ina.s_addr, rdata->data, 4);
isc_netaddr_fromin(netaddr, &ina);
return (ISC_R_SUCCESS);
case dns_rdatatype_aaaa:
INSIST(rdata->length == 16);
- memcpy(in6a.s6_addr, rdata->data, 16);
+ memmove(in6a.s6_addr, rdata->data, 16);
isc_netaddr_fromin6(netaddr, &in6a);
return (ISC_R_SUCCESS);
default:
@@ -5178,8 +5178,7 @@ query_findclosestnsec3(dns_name_t *qname, dns_db_t *db,
dns_fixedname_t fixed;
dns_hash_t hash;
dns_name_t name;
- int order;
- unsigned int count;
+ unsigned int skip = 0, labels;
dns_rdata_nsec3_t nsec3;
dns_rdata_t rdata = DNS_RDATA_INIT;
isc_boolean_t optout;
@@ -5192,6 +5191,7 @@ query_findclosestnsec3(dns_name_t *qname, dns_db_t *db,
dns_name_init(&name, NULL);
dns_name_clone(qname, &name);
+ labels = dns_name_countlabels(&name);
/*
* Map unknown algorithm to known value.
@@ -5223,13 +5223,14 @@ query_findclosestnsec3(dns_name_t *qname, dns_db_t *db,
dns_rdata_reset(&rdata);
optout = ISC_TF((nsec3.flags & DNS_NSEC3FLAG_OPTOUT) != 0);
if (found != NULL && optout &&
- dns_name_fullcompare(&name, dns_db_origin(db), &order,
- &count) == dns_namereln_subdomain) {
+ dns_name_issubdomain(&name, dns_db_origin(db)))
+ {
dns_rdataset_disassociate(rdataset);
if (dns_rdataset_isassociated(sigrdataset))
dns_rdataset_disassociate(sigrdataset);
- count = dns_name_countlabels(&name) - 1;
- dns_name_getlabelsequence(&name, 1, count, &name);
+ skip++;
+ dns_name_getlabelsequence(qname, skip, labels - skip,
+ &name);
ns_client_log(client, DNS_LOGCATEGORY_DNSSEC,
NS_LOGMODULE_QUERY, ISC_LOG_DEBUG(3),
"looking for closest provable encloser");
@@ -5247,7 +5248,11 @@ query_findclosestnsec3(dns_name_t *qname, dns_db_t *db,
ns_client_log(client, DNS_LOGCATEGORY_DNSSEC,
NS_LOGMODULE_QUERY, ISC_LOG_WARNING,
"expected covering NSEC3, got an exact match");
- if (found != NULL)
+ if (found == qname) {
+ if (skip != 0U)
+ dns_name_getlabelsequence(qname, skip, labels - skip,
+ found);
+ } else if (found != NULL)
dns_name_copy(&name, found, NULL);
return;
}
@@ -6814,7 +6819,8 @@ query_find(ns_client_t *client, dns_fetchevent_t *event, dns_rdatatype_t qtype)
goto addauth;
}
- if (dns_db_issecure(db)) {
+ if (qtype == dns_rdatatype_rrsig &&
+ dns_db_issecure(db)) {
char namebuf[DNS_NAME_FORMATSIZE];
dns_name_format(client->query.qname,
namebuf,
diff --git a/bin/named/server.c b/bin/named/server.c
index 05c68b992ec4..bc1e76e951e6 100644
--- a/bin/named/server.c
+++ b/bin/named/server.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004-2014 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1999-2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -74,11 +74,13 @@
#include <dns/portlist.h>
#include <dns/rbt.h>
#include <dns/rdataclass.h>
+#include <dns/rdatalist.h>
#include <dns/rdataset.h>
#include <dns/rdatastruct.h>
#include <dns/resolver.h>
#include <dns/rootns.h>
#include <dns/secalg.h>
+#include <dns/soa.h>
#include <dns/stats.h>
#include <dns/tkey.h>
#include <dns/tsig.h>
@@ -370,6 +372,12 @@ end_reserved_dispatches(ns_server_t *server, isc_boolean_t all);
static void
newzone_cfgctx_destroy(void **cfgp);
+static isc_result_t
+putstr(isc_buffer_t *b, const char *str);
+
+isc_result_t
+add_comment(FILE *fp, const char *viewname);
+
/*%
* Configure a single view ACL at '*aclp'. Get its configuration from
* 'vconfig' (for per-view configuration) and maybe from 'config'
@@ -1302,26 +1310,22 @@ on_disable_list(const cfg_obj_t *disablelist, dns_name_t *zonename) {
return (ISC_FALSE);
}
-static void
-check_dbtype(dns_zone_t **zonep, unsigned int dbtypec, const char **dbargv,
+static isc_result_t
+check_dbtype(dns_zone_t *zone, unsigned int dbtypec, const char **dbargv,
isc_mem_t *mctx)
{
char **argv = NULL;
unsigned int i;
- isc_result_t result;
+ isc_result_t result = ISC_R_SUCCESS;
- result = dns_zone_getdbtype(*zonep, &argv, mctx);
- if (result != ISC_R_SUCCESS) {
- dns_zone_detach(zonep);
- return;
- }
+ CHECK(dns_zone_getdbtype(zone, &argv, mctx));
/*
* Check that all the arguments match.
*/
for (i = 0; i < dbtypec; i++)
if (argv[i] == NULL || strcmp(argv[i], dbargv[i]) != 0) {
- dns_zone_detach(zonep);
+ CHECK(ISC_R_FAILURE);
break;
}
@@ -1329,8 +1333,11 @@ check_dbtype(dns_zone_t **zonep, unsigned int dbtypec, const char **dbargv,
* Check that there are not extra arguments.
*/
if (i == dbtypec && argv[i] != NULL)
- dns_zone_detach(zonep);
+ result = ISC_R_FAILURE;
+
+ cleanup:
isc_mem_free(mctx, argv);
+ return (result);
}
static isc_result_t
@@ -1623,6 +1630,235 @@ configure_rpz(dns_view_t *view, const cfg_listelt_t *element,
return (ISC_R_SUCCESS);
}
+static isc_result_t
+add_soa(dns_db_t *db, dns_dbversion_t *version, dns_name_t *name,
+ dns_name_t *origin, dns_name_t *contact)
+{
+ dns_dbnode_t *node = NULL;
+ dns_rdata_t rdata = DNS_RDATA_INIT;
+ dns_rdatalist_t rdatalist;
+ dns_rdataset_t rdataset;
+ isc_result_t result;
+ unsigned char buf[DNS_SOA_BUFFERSIZE];
+
+ dns_rdataset_init(&rdataset);
+ dns_rdatalist_init(&rdatalist);
+ CHECK(dns_soa_buildrdata(origin, contact, dns_db_class(db),
+ 0, 28800, 7200, 604800, 86400, buf, &rdata));
+ rdatalist.type = rdata.type;
+ rdatalist.covers = 0;
+ rdatalist.rdclass = rdata.rdclass;
+ rdatalist.ttl = 86400;
+ ISC_LIST_APPEND(rdatalist.rdata, &rdata, link);
+ CHECK(dns_rdatalist_tordataset(&rdatalist, &rdataset));
+ CHECK(dns_db_findnode(db, name, ISC_TRUE, &node));
+ CHECK(dns_db_addrdataset(db, node, version, 0, &rdataset, 0, NULL));
+ cleanup:
+ if (node != NULL)
+ dns_db_detachnode(db, &node);
+ return (result);
+}
+
+static isc_result_t
+add_ns(dns_db_t *db, dns_dbversion_t *version, dns_name_t *name,
+ dns_name_t *nsname)
+{
+ dns_dbnode_t *node = NULL;
+ dns_rdata_ns_t ns;
+ dns_rdata_t rdata = DNS_RDATA_INIT;
+ dns_rdatalist_t rdatalist;
+ dns_rdataset_t rdataset;
+ isc_result_t result;
+ isc_buffer_t b;
+ unsigned char buf[DNS_NAME_MAXWIRE];
+
+ isc_buffer_init(&b, buf, sizeof(buf));
+
+ dns_rdataset_init(&rdataset);
+ dns_rdatalist_init(&rdatalist);
+ ns.common.rdtype = dns_rdatatype_ns;
+ ns.common.rdclass = dns_db_class(db);
+ ns.mctx = NULL;
+ dns_name_init(&ns.name, NULL);
+ dns_name_clone(nsname, &ns.name);
+ CHECK(dns_rdata_fromstruct(&rdata, dns_db_class(db), dns_rdatatype_ns,
+ &ns, &b));
+ rdatalist.type = rdata.type;
+ rdatalist.covers = 0;
+ rdatalist.rdclass = rdata.rdclass;
+ rdatalist.ttl = 86400;
+ ISC_LIST_APPEND(rdatalist.rdata, &rdata, link);
+ CHECK(dns_rdatalist_tordataset(&rdatalist, &rdataset));
+ CHECK(dns_db_findnode(db, name, ISC_TRUE, &node));
+ CHECK(dns_db_addrdataset(db, node, version, 0, &rdataset, 0, NULL));
+ cleanup:
+ if (node != NULL)
+ dns_db_detachnode(db, &node);
+ return (result);
+}
+
+static isc_result_t
+create_empty_zone(dns_zone_t *zone, dns_name_t *name, dns_view_t *view,
+ const cfg_obj_t *zonelist, const char **empty_dbtype,
+ int empty_dbtypec, isc_boolean_t zonestats_on)
+{
+ char namebuf[DNS_NAME_FORMATSIZE];
+ const cfg_listelt_t *element;
+ const cfg_obj_t *obj;
+ const cfg_obj_t *zconfig;
+ const cfg_obj_t *zoptions;
+ const char *rbt_dbtype[4] = { "rbt" };
+ const char *sep = ": view ";
+ const char *str;
+ const char *viewname = view->name;
+ dns_db_t *db = NULL;
+ dns_dbversion_t *version = NULL;
+ dns_fixedname_t cfixed;
+ dns_fixedname_t fixed;
+ dns_fixedname_t nsfixed;
+ dns_name_t *contact;
+ dns_name_t *ns;
+ dns_name_t *zname;
+ dns_zone_t *myzone = NULL;
+ int rbt_dbtypec = 1;
+ isc_result_t result;
+ dns_namereln_t namereln;
+ int order;
+ unsigned int nlabels;
+
+ dns_fixedname_init(&fixed);
+ zname = dns_fixedname_name(&fixed);
+ dns_fixedname_init(&nsfixed);
+ ns = dns_fixedname_name(&nsfixed);
+ dns_fixedname_init(&cfixed);
+ contact = dns_fixedname_name(&cfixed);
+
+ /*
+ * Look for forward "zones" beneath this empty zone and if so
+ * create a custom db for the empty zone.
+ */
+ for (element = cfg_list_first(zonelist);
+ element != NULL;
+ element = cfg_list_next(element)) {
+
+ zconfig = cfg_listelt_value(element);
+ str = cfg_obj_asstring(cfg_tuple_get(zconfig, "name"));
+ CHECK(dns_name_fromstring(zname, str, 0, NULL));
+ namereln = dns_name_fullcompare(zname, name, &order, &nlabels);
+ if (namereln != dns_namereln_subdomain)
+ continue;
+
+ zoptions = cfg_tuple_get(zconfig, "options");
+
+ obj = NULL;
+ (void)cfg_map_get(zoptions, "type", &obj);
+ INSIST(obj != NULL);
+ if (strcasecmp(cfg_obj_asstring(obj), "forward") == 0) {
+ obj = NULL;
+ (void)cfg_map_get(zoptions, "forward", &obj);
+ if (obj == NULL)
+ continue;
+ if (strcasecmp(cfg_obj_asstring(obj), "only") != 0)
+ continue;
+ }
+ if (db == NULL) {
+ CHECK(dns_db_create(view->mctx, "rbt", name,
+ dns_dbtype_zone, view->rdclass,
+ 0, NULL, &db));
+ CHECK(dns_db_newversion(db, &version));
+ if (strcmp(empty_dbtype[2], "@") == 0)
+ dns_name_clone(name, ns);
+ else
+ CHECK(dns_name_fromstring(ns, empty_dbtype[2],
+ 0, NULL));
+ CHECK(dns_name_fromstring(contact, empty_dbtype[3],
+ 0, NULL));
+ CHECK(add_soa(db, version, name, ns, contact));
+ CHECK(add_ns(db, version, name, ns));
+ }
+ CHECK(add_ns(db, version, zname, dns_rootname));
+ }
+
+ /*
+ * Is the existing zone the ok to use?
+ */
+ if (zone != NULL) {
+ unsigned int typec;
+ const char **dbargv;
+
+ if (db != NULL) {
+ typec = rbt_dbtypec;
+ dbargv = rbt_dbtype;
+ } else {
+ typec = empty_dbtypec;
+ dbargv = empty_dbtype;
+ }
+
+ result = check_dbtype(zone, typec, dbargv, view->mctx);
+ if (result != ISC_R_SUCCESS)
+ zone = NULL;
+
+ if (zone != NULL && dns_zone_gettype(zone) != dns_zone_master)
+ zone = NULL;
+ if (zone != NULL && dns_zone_getfile(zone) != NULL)
+ zone = NULL;
+ }
+
+ if (zone == NULL) {
+ CHECK(dns_zone_create(&myzone, view->mctx));
+ zone = myzone;
+ CHECK(dns_zone_setorigin(zone, name));
+ CHECK(dns_zonemgr_managezone(ns_g_server->zonemgr, zone));
+ if (db == NULL)
+ CHECK(dns_zone_setdbtype(zone, empty_dbtypec,
+ empty_dbtype));
+ dns_zone_setclass(zone, view->rdclass);
+ dns_zone_settype(zone, dns_zone_master);
+ dns_zone_setstats(zone, ns_g_server->zonestats);
+ }
+
+ dns_zone_setoption(zone, ~DNS_ZONEOPT_NOCHECKNS, ISC_FALSE);
+ dns_zone_setoption(zone, DNS_ZONEOPT_NOCHECKNS, ISC_TRUE);
+ dns_zone_setnotifytype(zone, dns_notifytype_no);
+ dns_zone_setdialup(zone, dns_dialuptype_no);
+ if (view->queryacl)
+ dns_zone_setqueryacl(zone, view->queryacl);
+ else
+ dns_zone_clearqueryacl(zone);
+ if (view->queryonacl)
+ dns_zone_setqueryonacl(zone, view->queryonacl);
+ else
+ dns_zone_clearqueryonacl(zone);
+ dns_zone_clearupdateacl(zone);
+ dns_zone_clearxfracl(zone);
+
+ CHECK(setquerystats(zone, view->mctx, zonestats_on));
+ if (db != NULL) {
+ dns_db_closeversion(db, &version, ISC_TRUE);
+ CHECK(dns_zone_replacedb(zone, db, ISC_FALSE));
+ }
+ dns_zone_setview(zone, view);
+ CHECK(dns_view_addzone(view, zone));
+
+ if (!strcmp(viewname, "_default")) {
+ sep = "";
+ viewname = "";
+ }
+ dns_name_format(name, namebuf, sizeof(namebuf));
+ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER,
+ ISC_LOG_INFO, "automatic empty zone%s%s: %s",
+ sep, viewname, namebuf);
+
+ cleanup:
+ if (myzone != NULL)
+ dns_zone_detach(&myzone);
+ if (version != NULL)
+ dns_db_closeversion(db, &version, ISC_FALSE);
+ if (db != NULL)
+ dns_db_detach(&db);
+ return (result);
+}
+
/*
* Configure 'view' according to 'vconfig', taking defaults from 'config'
* where values are missing in 'vconfig'.
@@ -1676,7 +1912,6 @@ configure_view(dns_view_t *view, cfg_obj_t *config, cfg_obj_t *vconfig,
isc_uint32_t max_clients_per_query;
const char *sep = ": view ";
const char *viewname = view->name;
- const char *forview = " for view ";
isc_boolean_t rfc1918;
isc_boolean_t empty_zones_enable;
const cfg_obj_t *disablelist = NULL;
@@ -1722,8 +1957,6 @@ configure_view(dns_view_t *view, cfg_obj_t *config, cfg_obj_t *vconfig,
if (!strcmp(viewname, "_default")) {
sep = "";
viewname = "";
- forview = "";
- POST(forview);
}
/*
@@ -2980,44 +3213,13 @@ configure_view(dns_view_t *view, cfg_obj_t *config, cfg_obj_t *vconfig,
if (pview != NULL) {
(void)dns_view_findzone(pview, name, &zone);
dns_view_detach(&pview);
- if (zone != NULL)
- check_dbtype(&zone, empty_dbtypec,
- empty_dbtype, mctx);
- if (zone != NULL) {
- dns_zone_setview(zone, view);
- CHECK(dns_view_addzone(view, zone));
- CHECK(setquerystats(zone, mctx,
- zonestats_on));
- dns_zone_detach(&zone);
- continue;
- }
}
- CHECK(dns_zone_create(&zone, mctx));
- CHECK(dns_zone_setorigin(zone, name));
- dns_zone_setview(zone, view);
- CHECK(dns_zonemgr_managezone(ns_g_server->zonemgr,
- zone));
- dns_zone_setclass(zone, view->rdclass);
- dns_zone_settype(zone, dns_zone_master);
- dns_zone_setstats(zone, ns_g_server->zonestats);
- CHECK(dns_zone_setdbtype(zone, empty_dbtypec,
- empty_dbtype));
- if (view->queryacl != NULL)
- dns_zone_setqueryacl(zone, view->queryacl);
- if (view->queryonacl != NULL)
- dns_zone_setqueryonacl(zone, view->queryonacl);
- dns_zone_setdialup(zone, dns_dialuptype_no);
- dns_zone_setnotifytype(zone, dns_notifytype_no);
- dns_zone_setoption(zone, DNS_ZONEOPT_NOCHECKNS,
- ISC_TRUE);
- CHECK(setquerystats(zone, mctx, zonestats_on));
- CHECK(dns_view_addzone(view, zone));
- isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
- NS_LOGMODULE_SERVER, ISC_LOG_INFO,
- "automatic empty zone%s%s: %s",
- sep, viewname, empty);
- dns_zone_detach(&zone);
+ CHECK(create_empty_zone(zone, name, view, zonelist,
+ empty_dbtype, empty_dbtypec,
+ zonestats_on));
+ if (zone != NULL)
+ dns_zone_detach(&zone);
}
}
@@ -4437,7 +4639,10 @@ load_configuration(const char *filename, ns_server_t *server,
dns_viewlist_t viewlist, builtin_viewlist;
in_port_t listen_port, udpport_low, udpport_high;
int i;
+ int num_zones = 0;
+ isc_boolean_t exclusive = ISC_FALSE;
isc_interval_t interval;
+ isc_logconfig_t *logc = NULL;
isc_portset_t *v4portset = NULL;
isc_portset_t *v6portset = NULL;
isc_resourcevalue_t nfiles;
@@ -4446,12 +4651,10 @@ load_configuration(const char *filename, ns_server_t *server,
isc_uint32_t interface_interval;
isc_uint32_t reserved;
isc_uint32_t udpsize;
- ns_cachelist_t cachelist, tmpcachelist;
- unsigned int maxsocks;
ns_cache_t *nsc;
+ ns_cachelist_t cachelist, tmpcachelist;
struct cfg_context *nzctx;
- int num_zones = 0;
- isc_boolean_t exclusive = ISC_FALSE;
+ unsigned int maxsocks;
ISC_LIST_INIT(viewlist);
ISC_LIST_INIT(builtin_viewlist);
@@ -4739,8 +4942,8 @@ load_configuration(const char *filename, ns_server_t *server,
result = ns_config_get(maps, "tcp-listen-queue", &obj);
INSIST(result == ISC_R_SUCCESS);
ns_g_listen = cfg_obj_asuint32(obj);
- if (ns_g_listen < 3)
- ns_g_listen = 3;
+ if ((ns_g_listen > 0) && (ns_g_listen < 10))
+ ns_g_listen = 10;
/*
* Configure the interface manager according to the "listen-on"
@@ -5112,13 +5315,30 @@ load_configuration(const char *filename, ns_server_t *server,
* unprivileged user, not root.
*/
if (ns_g_logstderr) {
+ const cfg_obj_t *logobj = NULL;
+
isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
NS_LOGMODULE_SERVER, ISC_LOG_INFO,
- "ignoring config file logging "
- "statement due to -g option");
+ "not using config file logging "
+ "statement for logging due to "
+ "-g option");
+
+ (void)cfg_map_get(config, "logging", &logobj);
+ if (logobj != NULL) {
+ result = ns_log_configure(NULL, logobj);
+ if (result != ISC_R_SUCCESS) {
+ isc_log_write(ns_g_lctx,
+ NS_LOGCATEGORY_GENERAL,
+ NS_LOGMODULE_SERVER,
+ ISC_LOG_ERROR,
+ "checking logging configuration "
+ "failed: %s",
+ isc_result_totext(result));
+ goto cleanup;
+ }
+ }
} else {
const cfg_obj_t *logobj = NULL;
- isc_logconfig_t *logc = NULL;
CHECKM(isc_logconfig_create(ns_g_lctx, &logc),
"creating new logging configuration");
@@ -5137,11 +5357,9 @@ load_configuration(const char *filename, ns_server_t *server,
"setting up default 'category default'");
}
- result = isc_logconfig_use(ns_g_lctx, logc);
- if (result != ISC_R_SUCCESS) {
- isc_logconfig_destroy(&logc);
- CHECKM(result, "installing logging configuration");
- }
+ CHECKM(isc_logconfig_use(ns_g_lctx, logc),
+ "installing logging configuration");
+ logc = NULL;
isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
NS_LOGMODULE_SERVER, ISC_LOG_DEBUG(1),
@@ -5273,6 +5491,9 @@ load_configuration(const char *filename, ns_server_t *server,
result = ISC_R_SUCCESS;
cleanup:
+ if (logc != NULL)
+ isc_logconfig_destroy(&logc);
+
if (v4portset != NULL)
isc_portset_destroy(ns_g_mctx, &v4portset);
@@ -5971,17 +6192,18 @@ next_token(char **stringp, const char *delim) {
*/
static isc_result_t
zone_from_args(ns_server_t *server, char *args, dns_zone_t **zonep,
- const char **zonename)
+ const char **zonename, isc_buffer_t *text)
{
char *input, *ptr;
const char *zonetxt;
char *classtxt;
const char *viewtxt = NULL;
- dns_fixedname_t name;
+ dns_fixedname_t fname;
+ dns_name_t *name;
isc_result_t result;
- isc_buffer_t buf;
dns_view_t *view = NULL;
dns_rdataclass_t rdclass;
+ char problem[DNS_NAME_FORMATSIZE + 500] = "";
REQUIRE(zonep != NULL && *zonep == NULL);
REQUIRE(zonename == NULL || *zonename == NULL);
@@ -6007,38 +6229,40 @@ zone_from_args(ns_server_t *server, char *args, dns_zone_t **zonep,
viewtxt = next_token(&input, " \t");
}
- isc_buffer_constinit(&buf, zonetxt, strlen(zonetxt));
- isc_buffer_add(&buf, strlen(zonetxt));
- dns_fixedname_init(&name);
- result = dns_name_fromtext(dns_fixedname_name(&name),
- &buf, dns_rootname, 0, NULL);
- if (result != ISC_R_SUCCESS)
- goto fail1;
+ dns_fixedname_init(&fname);
+ name = dns_fixedname_name(&fname);
+ CHECK(dns_name_fromstring(name, zonetxt, 0, NULL));
if (classtxt != NULL) {
isc_textregion_t r;
r.base = classtxt;
r.length = strlen(classtxt);
- result = dns_rdataclass_fromtext(&rdclass, &r);
- if (result != ISC_R_SUCCESS)
- goto fail1;
+ CHECK(dns_rdataclass_fromtext(&rdclass, &r));
} else
rdclass = dns_rdataclass_in;
if (viewtxt == NULL) {
- result = dns_viewlist_findzone(&server->viewlist,
- dns_fixedname_name(&name),
+ result = dns_viewlist_findzone(&server->viewlist, name,
ISC_TF(classtxt == NULL),
rdclass, zonep);
+ if (result == ISC_R_NOTFOUND)
+ snprintf(problem, sizeof(problem),
+ "no matching zone '%s' in any view",
+ zonetxt);
} else {
result = dns_viewlist_find(&server->viewlist, viewtxt,
rdclass, &view);
- if (result != ISC_R_SUCCESS)
- goto fail1;
+ if (result != ISC_R_SUCCESS) {
+ snprintf(problem, sizeof(problem),
+ "no matching view '%s'", viewtxt);
+ goto report;
+ }
- result = dns_zt_find(view->zonetable, dns_fixedname_name(&name),
- 0, NULL, zonep);
- dns_view_detach(&view);
+ result = dns_zt_find(view->zonetable, name, 0, NULL, zonep);
+ if (result != ISC_R_SUCCESS)
+ snprintf(problem, sizeof(problem),
+ "no matching zone '%s' in view '%s'",
+ zonetxt, viewtxt);
}
/* Partial match? */
@@ -6046,7 +6270,20 @@ zone_from_args(ns_server_t *server, char *args, dns_zone_t **zonep,
dns_zone_detach(zonep);
if (result == DNS_R_PARTIALMATCH)
result = ISC_R_NOTFOUND;
- fail1:
+ report:
+ if (result != ISC_R_SUCCESS) {
+ isc_result_t tresult;
+
+ tresult = putstr(text, problem);
+ if (tresult == ISC_R_SUCCESS &&
+ isc_buffer_availablelength(text) > 0U)
+ isc_buffer_putuint8(text, 0);
+ }
+
+ cleanup:
+ if (view != NULL)
+ dns_view_detach(&view);
+
return (result);
}
@@ -6054,12 +6291,14 @@ zone_from_args(ns_server_t *server, char *args, dns_zone_t **zonep,
* Act on a "retransfer" command from the command channel.
*/
isc_result_t
-ns_server_retransfercommand(ns_server_t *server, char *args) {
+ns_server_retransfercommand(ns_server_t *server, char *args,
+ isc_buffer_t *text)
+{
isc_result_t result;
dns_zone_t *zone = NULL;
dns_zonetype_t type;
- result = zone_from_args(server, args, &zone, NULL);
+ result = zone_from_args(server, args, &zone, NULL, text);
if (result != ISC_R_SUCCESS)
return (result);
if (zone == NULL)
@@ -6083,7 +6322,7 @@ ns_server_reloadcommand(ns_server_t *server, char *args, isc_buffer_t *text) {
dns_zonetype_t type;
const char *msg = NULL;
- result = zone_from_args(server, args, &zone, NULL);
+ result = zone_from_args(server, args, &zone, NULL, text);
if (result != ISC_R_SUCCESS)
return (result);
if (zone == NULL) {
@@ -6143,7 +6382,7 @@ ns_server_notifycommand(ns_server_t *server, char *args, isc_buffer_t *text) {
dns_zone_t *zone = NULL;
const unsigned char msg[] = "zone notify queued";
- result = zone_from_args(server, args, &zone, NULL);
+ result = zone_from_args(server, args, &zone, NULL, text);
if (result != ISC_R_SUCCESS)
return (result);
if (zone == NULL)
@@ -6168,7 +6407,7 @@ ns_server_refreshcommand(ns_server_t *server, char *args, isc_buffer_t *text) {
const unsigned char msg2[] = "not a slave or stub zone";
dns_zonetype_t type;
- result = zone_from_args(server, args, &zone, NULL);
+ result = zone_from_args(server, args, &zone, NULL, text);
if (result != ISC_R_SUCCESS)
return (result);
if (zone == NULL)
@@ -7001,7 +7240,7 @@ ns_server_status(ns_server_t *server, isc_buffer_t *text) {
n = snprintf((char *)isc_buffer_used(text),
isc_buffer_availablelength(text),
- "version: %s%s%s%s\n"
+ "version: %s%s%s%s <id:%s>\n"
#ifdef ISC_PLATFORM_USETHREADS
"CPUs found: %u\n"
"worker threads: %u\n"
@@ -7015,7 +7254,7 @@ ns_server_status(ns_server_t *server, isc_buffer_t *text) {
"recursive clients: %d/%d/%d\n"
"tcp clients: %d/%d\n"
"server is up and running",
- ns_g_version, ob, alt, cb,
+ ns_g_version, ob, alt, cb, ns_g_srcid,
#ifdef ISC_PLATFORM_USETHREADS
ns_g_cpus_detected, ns_g_cpus,
#endif
@@ -7259,7 +7498,7 @@ ns_server_tsiglist(ns_server_t *server, isc_buffer_t *text) {
* Act on a "sign" or "loadkeys" command from the command channel.
*/
isc_result_t
-ns_server_rekey(ns_server_t *server, char *args) {
+ns_server_rekey(ns_server_t *server, char *args, isc_buffer_t *text) {
isc_result_t result;
dns_zone_t *zone = NULL;
dns_zonetype_t type;
@@ -7269,7 +7508,7 @@ ns_server_rekey(ns_server_t *server, char *args) {
if (strncasecmp(args, NS_COMMAND_SIGN, strlen(NS_COMMAND_SIGN)) == 0)
fullsign = ISC_TRUE;
- result = zone_from_args(server, args, &zone, NULL);
+ result = zone_from_args(server, args, &zone, NULL, text);
if (result != ISC_R_SUCCESS)
return (result);
if (zone == NULL)
@@ -7313,7 +7552,7 @@ ns_server_freeze(ns_server_t *server, isc_boolean_t freeze, char *args,
isc_boolean_t frozen;
const char *msg = NULL;
- result = zone_from_args(server, args, &zone, NULL);
+ result = zone_from_args(server, args, &zone, NULL, text);
if (result != ISC_R_SUCCESS)
return (result);
if (zone == NULL) {
@@ -7433,6 +7672,23 @@ ns_smf_add_message(isc_buffer_t *text) {
#endif /* HAVE_LIBSCF */
/*
+ * Emit a comment at the top of the nzf file containing the viewname
+ * Expects the fp to already be open for writing
+ */
+#define HEADER1 "# New zone file for view: "
+#define HEADER2 "\n# This file contains configuration for zones added by\n" \
+ "# the 'rndc addzone' command. DO NOT EDIT BY HAND.\n"
+isc_result_t
+add_comment(FILE *fp, const char *viewname) {
+ isc_result_t result;
+ CHECK(isc_stdio_write(HEADER1, sizeof(HEADER1) - 1, 1, fp, NULL));
+ CHECK(isc_stdio_write(viewname, strlen(viewname), 1, fp, NULL));
+ CHECK(isc_stdio_write(HEADER2, sizeof(HEADER2) - 1, 1, fp, NULL));
+ cleanup:
+ return (result);
+}
+
+/*
* Act on an "addzone" command from the command channel.
*/
isc_result_t
@@ -7453,15 +7709,18 @@ ns_server_add_zone(ns_server_t *server, char *args) {
const char *viewname = NULL;
dns_rdataclass_t rdclass;
dns_view_t *view = 0;
- isc_buffer_t buf, *nbuf = NULL;
- dns_name_t dnsname;
+ isc_buffer_t buf;
+ dns_fixedname_t fname;
+ dns_name_t *dnsname;
dns_zone_t *zone = NULL;
FILE *fp = NULL;
struct cfg_context *cfg = NULL;
+ char namebuf[DNS_NAME_FORMATSIZE];
+ off_t offset;
/* Try to parse the argument string */
arglen = strlen(args);
- isc_buffer_init(&argbuf, args, arglen);
+ isc_buffer_init(&argbuf, args, (unsigned int)arglen);
isc_buffer_add(&argbuf, strlen(args));
CHECK(cfg_parser_create(server->mctx, ns_g_lctx, &parser));
CHECK(cfg_parse_buffer(parser, &argbuf, &cfg_type_addzoneconf,
@@ -7471,10 +7730,10 @@ ns_server_add_zone(ns_server_t *server, char *args) {
zonename = cfg_obj_asstring(cfg_tuple_get(parms, "name"));
isc_buffer_constinit(&buf, zonename, strlen(zonename));
isc_buffer_add(&buf, strlen(zonename));
- dns_name_init(&dnsname, NULL);
- isc_buffer_allocate(server->mctx, &nbuf, 256);
- dns_name_setbuffer(&dnsname, nbuf);
- CHECK(dns_name_fromtext(&dnsname, &buf, dns_rootname, ISC_FALSE, NULL));
+
+ dns_fixedname_init(&fname);
+ dnsname = dns_fixedname_name(&fname);
+ CHECK(dns_name_fromtext(dnsname, &buf, dns_rootname, ISC_FALSE, NULL));
/* Make sense of optional class argument */
obj = cfg_tuple_get(parms, "class");
@@ -7503,7 +7762,7 @@ ns_server_add_zone(ns_server_t *server, char *args) {
}
/* Zone shouldn't already exist */
- result = dns_zt_find(view->zonetable, &dnsname, 0, NULL, &zone);
+ result = dns_zt_find(view->zonetable, dnsname, 0, NULL, &zone);
if (result == ISC_R_SUCCESS) {
result = ISC_R_EXISTS;
goto cleanup;
@@ -7531,6 +7790,9 @@ ns_server_add_zone(ns_server_t *server, char *args) {
/* Open save file for write configuration */
CHECK(isc_stdio_open(view->new_zone_file, "a", &fp));
+ CHECK(isc_stdio_tell(fp, &offset));
+ if (offset == 0)
+ CHECK(add_comment(fp, view->name));
/* Mark view unfrozen so that zone can be added */
result = isc_task_beginexclusive(server->task);
@@ -7544,7 +7806,7 @@ ns_server_add_zone(ns_server_t *server, char *args) {
goto cleanup;
/* Is it there yet? */
- CHECK(dns_zt_find(view->zonetable, &dnsname, 0, NULL, &zone));
+ CHECK(dns_zt_find(view->zonetable, dnsname, 0, NULL, &zone));
/*
* Load the zone from the master file. If this fails, we'll
@@ -7572,10 +7834,13 @@ ns_server_add_zone(ns_server_t *server, char *args) {
/* Flag the zone as having been added at runtime */
dns_zone_setadded(zone, ISC_TRUE);
- /* Emit just the zone name from args */
- CHECK(isc_stdio_write("zone ", 5, 1, fp, NULL));
- CHECK(isc_stdio_write(zonename, strlen(zonename), 1, fp, NULL));
- CHECK(isc_stdio_write(" ", 1, 1, fp, NULL));
+ /* Emit the zone name, quoted and escaped */
+ isc_buffer_init(&buf, namebuf, sizeof(namebuf));
+ CHECK(dns_name_totext(dnsname, ISC_TRUE, &buf));
+ isc_buffer_putuint8(&buf, 0);
+ CHECK(isc_stdio_write("zone \"", 6, 1, fp, NULL));
+ CHECK(isc_stdio_write(namebuf, strlen(namebuf), 1, fp, NULL));
+ CHECK(isc_stdio_write("\" ", 2, 1, fp, NULL));
/* Classname, if not default */
if (classname != NULL && *classname != '\0') {
@@ -7619,8 +7884,6 @@ ns_server_add_zone(ns_server_t *server, char *args) {
dns_zone_detach(&zone);
if (view != NULL)
dns_view_detach(&view);
- if (nbuf != NULL)
- isc_buffer_free(&nbuf);
return (result);
}
@@ -7629,20 +7892,21 @@ ns_server_add_zone(ns_server_t *server, char *args) {
* Act on a "delzone" command from the command channel.
*/
isc_result_t
-ns_server_del_zone(ns_server_t *server, char *args) {
- isc_result_t result;
- dns_zone_t *zone = NULL;
- dns_view_t *view = NULL;
- dns_db_t *dbp = NULL;
- const char *filename = NULL;
- char *tmpname = NULL;
- char buf[1024];
- const char *zonename = NULL;
- size_t znamelen = 0;
- FILE *ifp = NULL, *ofp = NULL;
+ns_server_del_zone(ns_server_t *server, char *args, isc_buffer_t *text) {
+ isc_result_t result;
+ dns_zone_t *zone = NULL;
+ dns_view_t *view = NULL;
+ dns_db_t *dbp = NULL;
+ const char *filename = NULL;
+ char *tmpname = NULL;
+ char buf[1024];
+ const char *zonename = NULL;
+ size_t znamelen = 0;
+ FILE *ifp = NULL, *ofp = NULL;
+ isc_boolean_t inheader = ISC_TRUE;
/* Parse parameters */
- CHECK(zone_from_args(server, args, &zone, &zonename));
+ CHECK(zone_from_args(server, args, &zone, &zonename, text));
if (zone == NULL) {
result = ISC_R_UNEXPECTEDEND;
@@ -7684,28 +7948,44 @@ ns_server_del_zone(ns_server_t *server, char *args) {
goto cleanup;
}
CHECK(isc_stdio_open(tmpname, "w", &ofp));
+ CHECK(add_comment(ofp, view->name));
/* Look for the entry for that zone */
while (fgets(buf, 1024, ifp)) {
- /* A 'zone' line */
- if (strncasecmp(buf, "zone", 4)) {
+ /* Skip initial comment, if any */
+ if (inheader && *buf == '#')
+ continue;
+ if (*buf != '#')
+ inheader = ISC_FALSE;
+
+ /*
+ * Any other lines not starting with zone, copy
+ * them out and continue.
+ */
+ if (strncasecmp(buf, "zone", 4) != 0) {
fputs(buf, ofp);
continue;
}
p = buf+4;
- /* Locate a name */
+ /* This is a zone; find its name. */
while (*p &&
((*p == '"') || isspace((unsigned char)*p)))
p++;
- /* Is that the zone we're looking for */
- if (strncasecmp(p, zonename, znamelen)) {
+ /*
+ * If it's not the zone we're looking for, copy
+ * it out and continue
+ */
+ if (strncasecmp(p, zonename, znamelen) != 0) {
fputs(buf, ofp);
continue;
}
- /* And nothing else? */
+ /*
+ * But if it is the zone we want, skip over it
+ * so it will be omitted from the new file
+ */
p += znamelen;
if (isspace((unsigned char)*p) ||
*p == '"' || *p == '{') {
@@ -7714,7 +7994,7 @@ ns_server_del_zone(ns_server_t *server, char *args) {
break;
}
- /* Spit it out, keep looking */
+ /* Copy the rest of the buffer out and continue */
fputs(buf, ofp);
}
@@ -7809,3 +8089,17 @@ newzone_cfgctx_destroy(void **cfgp) {
isc_mem_putanddetach(&cfg->mctx, cfg, sizeof(*cfg));
*cfgp = NULL;
}
+
+static isc_result_t
+putstr(isc_buffer_t *b, const char *str) {
+ size_t l = strlen(str);
+
+ /*
+ * Use >= to leave space for NUL termination.
+ */
+ if (l >= isc_buffer_availablelength(b))
+ return (ISC_R_NOSPACE);
+
+ isc_buffer_putmem(b, (const unsigned char *)str, l);
+ return (ISC_R_SUCCESS);
+}
diff --git a/bin/named/statschannel.c b/bin/named/statschannel.c
index 8d30b452f2bd..e4f56e210f44 100644
--- a/bin/named/statschannel.c
+++ b/bin/named/statschannel.c
@@ -958,6 +958,8 @@ generatexml(ns_server_t *server, int *buflen, xmlChar **buf) {
xmlFreeTextWriter(writer);
xmlDocDumpFormatMemoryEnc(doc, buf, buflen, "UTF-8", 1);
+ if (*buf == NULL)
+ goto error;
xmlFreeDoc(doc);
return (ISC_R_SUCCESS);
@@ -982,7 +984,7 @@ render_index(const char *url, const char *querystring, void *arg,
isc_buffer_t *b, isc_httpdfree_t **freecb,
void **freecb_args)
{
- unsigned char *msg;
+ unsigned char *msg = NULL;
int msglen;
ns_server_t *server = arg;
isc_result_t result;
diff --git a/bin/named/unix/os.c b/bin/named/unix/os.c
index 9637ded473e5..0b7fd31a8bd7 100644
--- a/bin/named/unix/os.c
+++ b/bin/named/unix/os.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004-2011 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004-2011, 2013 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1999-2002 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -120,6 +120,9 @@ static isc_boolean_t non_root_caps = ISC_FALSE;
#ifdef HAVE_SYS_CAPABILITY_H
#include <sys/capability.h>
#else
+#ifdef HAVE_LINUX_TYPES_H
+#include <linux/types.h>
+#endif
/*%
* We define _LINUX_FS_H to prevent it from being included. We don't need
* anything from it, and the files it includes cause warnings with 2.2
diff --git a/bin/named/update.c b/bin/named/update.c
index abf5c08c6d30..f6b0f5fdf739 100644
--- a/bin/named/update.c
+++ b/bin/named/update.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004-2012 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1999-2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -398,7 +398,6 @@ do_one_tuple(dns_difftuple_t **tuple, dns_db_t *db, dns_dbversion_t *ver,
* Create a singleton diff.
*/
dns_diff_init(diff->mctx, &temp_diff);
- temp_diff.resign = diff->resign;
ISC_LIST_APPEND(temp_diff.tuples, *tuple, link);
/*
@@ -2004,7 +2003,8 @@ del_keysigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name,
for (i = 0; i < nkeys; i++) {
if (rrsig.keyid == dst_key_id(keys[i])) {
found = ISC_TRUE;
- if (!dst_key_isprivate(keys[i])) {
+ if (!dst_key_inactive(keys[i]) &&
+ !dst_key_isprivate(keys[i])) {
/*
* The re-signing code in zone.c
* will mark this as offline.
@@ -2147,7 +2147,6 @@ update_signatures(ns_client_t *client, dns_zone_t *zone, dns_db_t *db,
dns_diff_init(client->mctx, &affected);
dns_diff_init(client->mctx, &sig_diff);
- sig_diff.resign = dns_zone_getsigresigninginterval(zone);
dns_diff_init(client->mctx, &nsec_diff);
dns_diff_init(client->mctx, &nsec_mindiff);
@@ -4467,6 +4466,8 @@ forward_action(isc_task_t *task, isc_event_t *event) {
static isc_result_t
send_forward_event(ns_client_t *client, dns_zone_t *zone) {
+ char namebuf[DNS_NAME_FORMATSIZE];
+ char classbuf[DNS_RDATACLASS_FORMATSIZE];
isc_result_t result = ISC_R_SUCCESS;
update_event_t *event = NULL;
isc_task_t *zonetask = NULL;
@@ -4492,6 +4493,15 @@ send_forward_event(ns_client_t *client, dns_zone_t *zone) {
client->nupdates++;
event->ev_arg = evclient;
+ dns_name_format(dns_zone_getorigin(zone), namebuf,
+ sizeof(namebuf));
+ dns_rdataclass_format(dns_zone_getclass(zone), classbuf,
+ sizeof(classbuf));
+
+ ns_client_log(client, NS_LOGCATEGORY_UPDATE, NS_LOGMODULE_UPDATE,
+ LOGLEVEL_PROTOCOL, "forwarding update for zone '%s/%s'",
+ namebuf, classbuf);
+
dns_zone_gettask(zone, &zonetask);
isc_task_send(zonetask, ISC_EVENT_PTR(&event));
diff --git a/bin/named/zoneconf.c b/bin/named/zoneconf.c
index 404c238f02a4..d8d3b4c2756e 100644
--- a/bin/named/zoneconf.c
+++ b/bin/named/zoneconf.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004-2014 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1999-2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -462,7 +462,7 @@ configure_staticstub_serveraddrs(const cfg_obj_t *zconfig, dns_zone_t *zone,
if (rdata == NULL)
return (ISC_R_NOMEMORY);
region.base = (unsigned char *)(rdata + 1);
- memcpy(region.base, &na.type, region.length);
+ memmove(region.base, &na.type, region.length);
dns_rdata_init(rdata);
dns_rdata_fromregion(rdata, dns_zone_getclass(zone),
rdatalist->type, &region);
@@ -490,7 +490,7 @@ configure_staticstub_serveraddrs(const cfg_obj_t *zconfig, dns_zone_t *zone,
}
region.length = sregion.length;
region.base = (unsigned char *)(rdata + 1);
- memcpy(region.base, sregion.base, region.length);
+ memmove(region.base, sregion.base, region.length);
dns_rdata_init(rdata);
dns_rdata_fromregion(rdata, dns_zone_getclass(zone),
dns_rdatatype_ns, &region);
@@ -554,7 +554,7 @@ configure_staticstub_servernames(const cfg_obj_t *zconfig, dns_zone_t *zone,
return (ISC_R_NOMEMORY);
region.length = sregion.length;
region.base = (unsigned char *)(rdata + 1);
- memcpy(region.base, sregion.base, region.length);
+ memmove(region.base, sregion.base, region.length);
dns_rdata_init(rdata);
dns_rdata_fromregion(rdata, dns_zone_getclass(zone),
dns_rdatatype_ns, &region);
generated by cgit v1.2.3 (git 2.25.1) at 2026-03-22 02:52:09 +0000