aboutsummaryrefslogtreecommitdiff
path: root/contrib/bind9/bin/named/config.c
diff options
context:
space:
mode:
Diffstat (limited to 'contrib/bind9/bin/named/config.c')
-rw-r--r--contrib/bind9/bin/named/config.c40
1 files changed, 24 insertions, 16 deletions
diff --git a/contrib/bind9/bin/named/config.c b/contrib/bind9/bin/named/config.c
index 9e453ade3bc6..fa349eeade2f 100644
--- a/contrib/bind9/bin/named/config.c
+++ b/contrib/bind9/bin/named/config.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004-2012 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2001-2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: config.c,v 1.113.16.2 2011/02/28 01:19:58 tbox Exp $ */
+/* $Id: config.c,v 1.123 2012/01/06 23:46:41 tbox Exp $ */
/*! \file */
@@ -73,6 +73,7 @@ options {\n\
listen-on {any;};\n\
listen-on-v6 {none;};\n\
match-mapped-addresses no;\n\
+ max-rsa-exponent-size 0; /* no limit */\n\
memstatistics-file \"named.memstats\";\n\
multiple-cnames no;\n\
# named-xfer <obsolete>;\n\
@@ -90,7 +91,7 @@ options {\n\
"\
recursive-clients 1000;\n\
resolver-query-timeout 10;\n\
- rrset-order {type NS order random; order cyclic; };\n\
+ rrset-order { order random; };\n\
serial-queries 20;\n\
serial-query-rate 20;\n\
server-id none;\n\
@@ -150,6 +151,7 @@ options {\n\
check-names response ignore;\n\
check-dup-records warn;\n\
check-mx warn;\n\
+ check-spf warn;\n\
acache-enable no;\n\
acache-cleaning-interval 60;\n\
max-acache-size 16M;\n\
@@ -199,7 +201,8 @@ options {\n\
sig-signing-nodes 100;\n\
sig-signing-signatures 10;\n\
sig-signing-type 65534;\n\
- zone-statistics false;\n\
+ inline-signing no;\n\
+ zone-statistics terse;\n\
max-journal-size unlimited;\n\
ixfr-from-differences false;\n\
check-wildcard yes;\n\
@@ -209,7 +212,10 @@ options {\n\
check-srv-cname warn;\n\
zero-no-soa-ttl yes;\n\
update-check-ksk yes;\n\
+ serial-update-method increment;\n\
+ dnssec-update-mode maintain;\n\
dnssec-dnskey-kskonly no;\n\
+ dnssec-loadkeys-interval 60;\n\
try-tcp-refresh yes; /* BIND 8 compat */\n\
};\n\
"
@@ -291,7 +297,8 @@ ns_checknames_get(const cfg_obj_t **maps, const char *which,
if (maps[i] == NULL)
return (ISC_R_NOTFOUND);
checknames = NULL;
- if (cfg_map_get(maps[i], "check-names", &checknames) == ISC_R_SUCCESS) {
+ if (cfg_map_get(maps[i], "check-names",
+ &checknames) == ISC_R_SUCCESS) {
/*
* Zone map entry is not a list.
*/
@@ -304,7 +311,8 @@ ns_checknames_get(const cfg_obj_t **maps, const char *which,
element = cfg_list_next(element)) {
value = cfg_listelt_value(element);
type = cfg_tuple_get(value, "type");
- if (strcasecmp(cfg_obj_asstring(type), which) == 0) {
+ if (strcasecmp(cfg_obj_asstring(type),
+ which) == 0) {
*obj = cfg_tuple_get(value, "mode");
return (ISC_R_SUCCESS);
}
@@ -377,6 +385,8 @@ ns_config_getzonetype(const cfg_obj_t *zonetypeobj) {
ztype = dns_zone_stub;
else if (strcasecmp(str, "static-stub") == 0)
ztype = dns_zone_staticstub;
+ else if (strcasecmp(str, "redirect") == 0)
+ ztype = dns_zone_redirect;
else
INSIST(0);
return (ztype);
@@ -639,17 +649,16 @@ ns_config_getipandkeylist(const cfg_obj_t *config, const cfg_obj_t *list,
if (isc_sockaddr_getport(&addrs[i]) == 0)
isc_sockaddr_setport(&addrs[i], port);
keys[i] = NULL;
- if (!cfg_obj_isstring(key)) {
- i++;
+ i++; /* Increment here so that cleanup on error works. */
+ if (!cfg_obj_isstring(key))
continue;
- }
- keys[i] = isc_mem_get(mctx, sizeof(dns_name_t));
- if (keys[i] == NULL)
+ keys[i - 1] = isc_mem_get(mctx, sizeof(dns_name_t));
+ if (keys[i - 1] == NULL)
goto cleanup;
- dns_name_init(keys[i], NULL);
+ dns_name_init(keys[i - 1], NULL);
keystr = cfg_obj_asstring(key);
- isc_buffer_init(&b, keystr, strlen(keystr));
+ isc_buffer_constinit(&b, keystr, strlen(keystr));
isc_buffer_add(&b, strlen(keystr));
dns_fixedname_init(&fname);
result = dns_name_fromtext(dns_fixedname_name(&fname), &b,
@@ -657,10 +666,9 @@ ns_config_getipandkeylist(const cfg_obj_t *config, const cfg_obj_t *list,
if (result != ISC_R_SUCCESS)
goto cleanup;
result = dns_name_dup(dns_fixedname_name(&fname), mctx,
- keys[i]);
+ keys[i - 1]);
if (result != ISC_R_SUCCESS)
goto cleanup;
- i++;
}
if (pushed != 0) {
pushed--;
@@ -716,7 +724,7 @@ ns_config_getipandkeylist(const cfg_obj_t *config, const cfg_obj_t *list,
if (addrs != NULL)
isc_mem_put(mctx, addrs, addrcount * sizeof(isc_sockaddr_t));
if (keys != NULL) {
- for (j = 0; j <= i; j++) {
+ for (j = 0; j < i; j++) {
if (keys[j] == NULL)
continue;
if (dns_name_dynamic(keys[j]))