upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-06-09 07:32:09 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

* Removed max-names (as well as DNS_R_ZONETOOLARGE, which was

Browse source 
never returned by any function and was presumably cruft
        related to max-names).
  * Made allow-notify part of the public source and documented it.
  * Made master server TSIG keys part of the public source and documented it.
  * Removed a define of DNS_OPT_NEWCODES supposedly used by GNS, with
        the approval of Mike.
  * Made DNS_ZONE_FORCELOAD flag, used by rndc reload, work in the
        public source.  After the NOMINUM_PUBLIC cleanup, I'll
        fix the rndc reload issues we've been discussing here at IETF.

I left in NOMIMUM_PUBLIC around the forward-notify stuff, with the
expectation that Michael will give the go-ahead next week to remove it.
This commit is contained in:
David Lawrence 2000-12-13 00:15:39 +00:00
parent 58082ab8a8
commit 10e6498d6d
22 changed files with 81 additions and 624 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
CHANGES
View file

@ -1,4 +1,8 @@
611. [func] allow-notify can be used to permit processing of
notify messages from hosts other than a slave's
masters.
610. [func] rndc dumpdb is now supported.
609. [bug] getrrsetbyname() would crash lwresd if the server
@ -870,6 +874,14 @@
dns_name_dup() when generating a TSIG
key using TKEY.
341. [func] Support 'key' clause in named.conf zone masters
statement to allow authentication via TSIG keys:
masters {
10.0.0.1 port 5353 key "foo";
10.0.0.2 ;
};
340. [bug] The top-level COPYRIGHT file was missing from
the distribution.

10
bin/named/lwresd.c
View file

@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: lwresd.c,v 1.26 2000/11/15 23:56:21 bwelling Exp $ */
/* $Id: lwresd.c,v 1.27 2000/12/13 00:15:02 tale Exp $ */
/*
* Main program for the Lightweight Resolver Daemon.
@ -214,11 +214,7 @@ ns_lwresd_parseresolvconf(isc_mem_t *mctx, dns_c_ctx_t **ctxp) {
port));
if (result != ISC_R_SUCCESS)
continue;
#ifndef NOMINUM_PUBLIC
CHECK(dns_c_iplist_append(forwarders, sa, NULL));
#else /* NOMINUM_PUBLIC */
CHECK(dns_c_iplist_append(forwarders, sa));
#endif /* NOMINUM_PUBLIC */
}
if (forwarders->nextidx != 0) {
@ -266,11 +262,7 @@ ns_lwresd_parseresolvconf(isc_mem_t *mctx, dns_c_ctx_t **ctxp) {
}
CHECK(dns_c_iplist_new(mctx, 1, &locallist));
#ifndef NOMINUM_PUBLIC
CHECK(dns_c_iplist_append(locallist, sa, NULL));
#else /* NOMINUM_PUBLIC */
CHECK(dns_c_iplist_append(locallist, sa));
#endif /* NOMINUM_PUBLIC */
CHECK(dns_c_lwres_setlistenon(lwres, locallist));
dns_c_iplist_detach(&locallist);

15
bin/named/zoneconf.c
View file

@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: zoneconf.c,v 1.77 2000/12/11 19:19:15 bwelling Exp $ */
/* $Id: zoneconf.c,v 1.78 2000/12/13 00:15:03 tale Exp $ */
#include <config.h>
@ -223,7 +223,6 @@ ns_zone_configure(dns_c_ctx_t *cctx, dns_c_view_t *cview,
dns_zone_setchecknames(zone, dns_c_severity_warn);
#endif
#ifndef NOMINUM_PUBLIC
if (czone->ztype == dns_c_zone_slave)
RETERR(configure_zone_acl(czone, cctx, cview, ac, zone,
dns_c_zone_getallownotify,
@ -231,7 +230,6 @@ ns_zone_configure(dns_c_ctx_t *cctx, dns_c_view_t *cview,
dns_c_ctx_getallownotify,
dns_zone_setnotifyacl,
dns_zone_clearnotifyacl));
#endif /* NOMINUM_PUBLIC */
/*
* XXXAG This probably does not make sense for stubs.
*/
@ -261,17 +259,6 @@ ns_zone_configure(dns_c_ctx_t *cctx, dns_c_view_t *cview,
dns_zone_setstatistics(zone, statistics);
#ifndef NOMINUM_PUBLIC
if (czone->ztype != dns_c_zone_stub) {
result = dns_c_zone_getmaxnames(czone, &uintval);
if (result != ISC_R_SUCCESS && cview != NULL)
result = dns_c_view_getmaxnames(cview, &uintval);
if (result != ISC_R_SUCCESS)
result = dns_c_ctx_getmaxnames(cctx, &uintval);
if (result != ISC_R_SUCCESS)
uintval = 0;
dns_zone_setmaxnames(zone, uintval);
}
if (czone->ztype == dns_c_zone_slave) {
isc_boolean_t boolean;

32
doc/arm/Bv9ARM-book.xml
View file

@ -2,7 +2,7 @@
<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.0//EN"
"http://www.oasis-open.org/docbook/xml/4.0/docbookx.dtd">
<!-- File: $Id: Bv9ARM-book.xml,v 1.66 2000/12/12 21:43:11 bwelling Exp $ -->
<!-- File: $Id: Bv9ARM-book.xml,v 1.67 2000/12/13 00:15:05 tale Exp $ -->
<book>
@ -1800,7 +1800,9 @@ for access control, defining listen-on ports, or as a topology,
and whether the element was negated.</para>
<para>When used as an access control list, a non-negated match allows
access and a negated match denies access. If there is no match,
access is denied. The clauses <command>allow-query</command>, <command>allow-transfer</command>, <command>allow-update</command> and <command>blackhole</command> all
access is denied. The clauses <command>allow-notify<command>,
<command>allow-query</command>, <command>allow-transfer</command>,
<command>allow-update</command> and <command>blackhole</command> all
use address match lists this. Similarly, the listen-on option will cause
the server to not accept queries on any of the machine's addresses
which do not match the list.</para>
@ -2455,6 +2457,7 @@ lookups performed on behalf of clients by a caching name server.</para></entry>
<optional> forward ( <replaceable>only</replaceable> | <replaceable>first</replaceable> ); </optional>
<optional> forwarders { <optional> <replaceable>in_addr</replaceable> ; <optional> <replaceable>in_addr</replaceable> ; ... </optional> </optional> }; </optional>
<optional> check-names ( <replaceable>master</replaceable> | <replaceable>slave</replaceable> | <replaceable> response</replaceable> )( <replaceable>warn</replaceable> | <replaceable>fail</replaceable> | <replaceable>ignore</replaceable> ); </optional>
<optional> allow-notify { <replaceable>address_match_list</replaceable> }; </optional>
<optional> allow-query { <replaceable>address_match_list</replaceable> }; </optional>
<optional> allow-transfer { <replaceable>address_match_list</replaceable> }; </optional>
<optional> allow-recursion { <replaceable>address_match_list</replaceable> }; </optional>
@ -2879,6 +2882,16 @@ details on how to specify IP address lists.</para>
<colspec colname = "2" colnum = "2" colsep = "0" colwidth = "3.125in"/>
<tbody>
<row rowsep = "0">
<entry colname = "1"><para><command>allow-notify</command></para></entry>
<entry colname = "2"><para>Specifies which hosts are allowed to
notify slaves of a zone change in addition to the zone masters.
<command>allow-notify</command> may also be specified in the
<command>zone</command> statement, in which case it overrides the
<command>options allow-notify</command> statement. It is only meaningful
for a slave zone. If not specified, the default is to process notify messages
only from a zone's master.</para></entry>
</row>
<row rowsep = "0">
<entry colname = "1"><para><command>allow-query</command></para></entry>
<entry colname = "2"><para>Specifies which hosts are allowed to
ask ordinary questions. <command>allow-query</command> may also
@ -3093,7 +3106,7 @@ except zone transfers are performed using IPv6.</para></entry>
which local source address, and optionally UDP port, will be used to
send NOTIFY messages.
This address must appear in the slave server's <command>masters</command>
zone clause.
zone clause or in an <command>allow-notify</command> clause.
This statement sets the <command>notify-source</command> for all zones,
but can be overridden on a per-zone / per-view basis by including a
<command>notify-source</command> statement within the <command>zone</command>
@ -3645,6 +3658,7 @@ view "external" {
Statement Grammar</title>
<programlisting>zone <replaceable>zone_name</replaceable> <optional><replaceable>class</replaceable></optional> <optional>{
type ( master | slave | hint | stub | forward ) ;
<optional> allow-notify { <replaceable>address_match_list</replaceable> } ; </optional>
<optional> allow-query { <replaceable>address_match_list</replaceable> } ; </optional>
<optional> allow-transfer { <replaceable>address_match_list</replaceable> } ; </optional>
<optional> allow-update { <replaceable>address_match_list</replaceable> } ; </optional>
@ -3659,7 +3673,7 @@ Statement Grammar</title>
<optional> ixfr-base <replaceable>string</replaceable> ; </optional>
<optional> ixfr-tmp-file <replaceable>string</replaceable> ; </optional>
<optional> maintain-ixfr-base <replaceable>yes_or_no</replaceable> ; </optional>
<optional> masters <optional>port <replaceable>ip_port</replaceable></optional> { <replaceable>ip_addr</replaceable> ; <optional><replaceable>ip_addr</replaceable> <optional>port <replaceable>ip_port</replaceable></optional> ; <optional>...</optional></optional> } ; </optional>
<optional> masters <optional>port <replaceable>ip_port</replaceable></optional> { <replaceable>ip_addr</replaceable> <optional>port <replaceable>ip_port</replaceable></optional> <optional>key <replaceable>key</replaceable></optional>; <optional>...</optional> } ; </optional>
<optional> max-ixfr-log-size <replaceable>number</replaceable> ; </optional>
<optional> max-transfer-idle-in <replaceable>number</replaceable> ; </optional>
<optional> max-transfer-idle-out <replaceable>number</replaceable> ; </optional>
@ -3699,6 +3713,7 @@ of master servers that the slave contacts to update its copy of the zone.
By default, transfers are made from port 53 on the servers; this can
be changed for all servers by specifying a port number before the
list of IP addresses, or on a per-server basis after the IP address.
Authentication to the master can also be done with per-server TSIG keys.
If a file is specified, then the
replica will be written to this file whenever the zone is changed,
and reloaded from this file on a server restart. Use of a file is
@ -3777,6 +3792,11 @@ in the mid-1970s. Zone data for it can be specified with the <literal>CHAOS</lit
<colspec colname = "1" colnum = "1" colsep = "0" colwidth = "1.653in"/>
<colspec colname = "2" colnum = "2" colsep = "0" colwidth = "2.847in"/>
<tbody>
<row rowsep = "0">
<entry colname = "1"><para><command>allow-notify</command></para></entry>
<entry colname = "2"><para>See the description of
<command>allow-notify</command> in <xref linkend="access_control"/></para></entry>
</row>
<row rowsep = "0">
<entry colname = "1"><para><command>allow-query</command></para></entry>
<entry colname = "2"><para>See the description of
@ -4606,7 +4626,9 @@ and not part of the standard zone file format.</para>
<chapter id="ch07"><title><acronym>BIND</acronym> 9 Security Considerations</title>
<sect1 id="Access_Control_Lists"><title>Access Control Lists</title>
<para>Access Control Lists (ACLs), are address match lists that
you can set up and nickname for future use in <command>allow-query</command>, <command>allow-recursion</command>, <command>blackhole</command>, <command>allow-transfer</command>,
you can set up and nickname for future use in <command>allow-notify</command>,
<command>allow-query</command>, <command>allow-recursion</command>,
<command>blackhole</command>, <command>allow-transfer</command>,
etc.</para>
<para>Using ACLs allows you to have finer control over who can access
your nameserver, without cluttering up your config files with huge

5
doc/misc/options
View file

@ -1,7 +1,7 @@
Copyright (C) 2000 Internet Software Consortium.
See COPYRIGHT in the source root or http://isc.org/copyright.html for terms.
$Id: options,v 1.52 2000/12/02 00:25:40 gson Exp $
$Id: options,v 1.53 2000/12/13 00:15:07 tale Exp $
This is a summary of the implementation status of the various named.conf
options in BIND 9.
@ -61,6 +61,7 @@ options {
[ forward ( only | first ); ] Yes
[ forwarders { [ in_addr ; [ in_addr ; ... ] ] }; ] Yes
[ check-names ... ] Obsolete
[ allow-notify { address_match_list }; ] Yes*
[ allow-query { address_match_list }; ] Yes@
[ allow-transfer { address_match_list }; ] Yes@
[ allow-recursion { address_match_list }; ] Yes@
@ -172,6 +173,7 @@ zone "domain_name" [ ( in | hs | hesiod | chaos ) ] {
[ forward ( only | first ); ] Yes
[ forwarders { [ ip_addr ; [ ip_addr ; ... ] ] }; ] Yes
[ check-names ( warn | fail | ignore ); ] Obsolete
[ allow-notify { address_match_list };] Yes*
[ allow-update { address_match_list }; ] Obsolete
[ allow-update-forwarding { address_match_list }; ] No*
[ allow-query { address_match_list }; ] Yes@
@ -242,6 +244,7 @@ view "view_name" [ ( in | hs | hesiod | chaos ) ] { Yes*
[ forward ( only | first ); ] Yes
[ forwarders { [ in_addr ; [ in_addr ; ... ] ] }; ] Yes
[ check-names ... ] Obsolete
[ allow-notify { address_match_list }; ] Yes
[ allow-query { address_match_list }; ] Yes
[ allow-transfer { address_match_list }; ] Yes
[ allow-recursion { address_match_list }; ] Yes

8
doc/private/CHANGES
View file

@ -1,8 +0,0 @@
341. [func] Support 'key' clause in named.conf zone masters
statement:
masters {
10.0.0.1 port 666 key "foo";
10.0.0.2 ;
};

19
doc/private/options
View file

@ -1,42 +1,25 @@
Copyright (C) 2000 Internet Software Consortium.
See COPYRIGHT in the source root or http://isc.org/copyright.html for terms.
$Id: options,v 1.3 2000/11/18 03:01:02 bwelling Exp $
$Id: options,v 1.4 2000/12/13 00:15:10 tale Exp $
options {
...
[ allow-notify { address_match_list }; ]
[ notify-forward yes_or_no; ]
};
view "view_name" [ ( in | hs | hesiod | chaos ) ] {
...
[ allow-notify { address_match_list }; ]
[ notify-forward yes_or_no; ]
};
zone "zone_name" {
type slave;
...
[ allow-notify { address_match_list };]
[ notify-forward yes_or_no; ]
[ max-names integer; ]
};
allow-notify:
Accept notify messages which match this acl in addition to
the zone masters. Zone masters implicitly do not match.
notify-forward:
If 'yes' forward notifies which match 'allow-notify' to zone
masters. If 'no' accept the notify which match 'allow-notify'
as if it came from a master. Default 'no'.
max-names:
The maximum number of names allowed in a slave zone.
If an incoming zone transfer contains more than this
many names, the zone will be unloaded.
Also, the "masters" list for slave zones can contain per-master TSIG keys
using a syntax like "masters { 1.2.3.4 port 5555 key "foo." };".

23
lib/dns/config/confctx.c
View file

@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: confctx.c,v 1.112 2000/12/12 21:33:15 bwelling Exp $ */
/* $Id: confctx.c,v 1.113 2000/12/13 00:15:18 tale Exp $ */
#include <config.h>
@ -1015,10 +1015,6 @@ dns_c_ctx_optionsprint(FILE *fp, int indent, dns_c_options_t *options)
PRINT_INTEGER(min_refresh_time, "min-refresh-time");
PRINT_INTEGER(max_refresh_time, "max-refresh-time");
#ifndef NOMINUM_PUBLIC
PRINT_INTEGER(max_names, "max-names");
#endif /* NOMINUM_PUBLIC */
PRINT_AS_SIZE_CLAUSE(max_cache_size, "max-cache-size");
PRINT_AS_SIZE_CLAUSE(data_size, "datasize");
@ -1091,9 +1087,7 @@ dns_c_ctx_optionsprint(FILE *fp, int indent, dns_c_options_t *options)
fprintf(fp, "\n");
#ifndef NOMINUM_PUBLIC
PRINT_IPMLIST(queryacl, "allow-notify");
#endif /* NOMINUM_PUBLIC */
PRINT_IPMLIST(queryacl, "allow-query");
PRINT_IPMLIST(transferacl, "allow-transfer");
PRINT_IPMLIST(recursionacl, "allow-recursion");
@ -1571,10 +1565,6 @@ dns_c_ctx_optionsnew(isc_mem_t *mem, dns_c_options_t **options)
opts->min_refresh_time = NULL;
opts->max_refresh_time = NULL;
#ifndef NOMINUM_PUBLIC
opts->max_names = NULL;
#endif /* NOMINUM_PUBLIC */
opts->expert_mode = NULL;
opts->fake_iquery = NULL;
opts->recursion = NULL;
@ -1623,9 +1613,7 @@ dns_c_ctx_optionsnew(isc_mem_t *mem, dns_c_options_t **options)
opts->transfer_format = NULL;
#ifndef NOMINUM_PUBLIC
opts->notifyacl = NULL;
#endif /* NOMINUM_PUBLIC */
opts->queryacl = NULL;
opts->transferacl = NULL;
opts->recursionacl = NULL;
@ -1752,7 +1740,6 @@ dns_c_ctx_optionsdelete(dns_c_options_t **opts)
FREEFIELD(max_refresh_time);
#ifndef NOMINUM_PUBLIC
FREEFIELD(max_names);
FREEFIELD(notify_forward);
#endif /* NOMINUM_PUBLIC */
@ -1780,9 +1767,7 @@ dns_c_ctx_optionsdelete(dns_c_options_t **opts)
FREEFIELD(transfer_format);
#ifndef NOMINUM_PUBLIC
FREEIPMLIST(notifyacl);
#endif /* NOMINUM_PUBLIC */
FREEIPMLIST(queryacl);
FREEIPMLIST(transferacl);
FREEIPMLIST(recursionacl);
@ -1874,10 +1859,6 @@ UINT32_FUNCS(maxretrytime, max_retry_time)
UINT32_FUNCS(minrefreshtime, min_refresh_time)
UINT32_FUNCS(maxrefreshtime, max_refresh_time)
#ifndef NOMINUM_PUBLIC
UINT32_FUNCS(maxnames, max_names)
#endif /* NOMINUM_PUBLIC */
BOOL_FUNCS(expertmode, expert_mode)
BOOL_FUNCS(fakeiquery, fake_iquery)
BOOL_FUNCS(recursion, recursion)
@ -2105,9 +2086,7 @@ dns_c_ctx_unsetchecknames(dns_c_ctx_t *cfg,
return (ISC_R_SUCCESS);
}
#ifndef NOMINUM_PUBLIC
IPMLIST_FUNCS(allownotify, notifyacl)
#endif /* NOMINUM_PUBLIC */
IPMLIST_FUNCS(allowquery, queryacl)
IPMLIST_FUNCS(allowtransfer, transferacl)
IPMLIST_FUNCS(allowrecursion, recursionacl)

34
lib/dns/config/confip.c
View file

@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: confip.c,v 1.37 2000/09/27 20:10:39 gson Exp $ */
/* $Id: confip.c,v 1.38 2000/12/13 00:15:21 tale Exp $ */
#include <config.h>
@ -778,9 +778,7 @@ isc_result_t
dns_c_iplist_new(isc_mem_t *mem, int length, dns_c_iplist_t **newlist) {
dns_c_iplist_t *list;
size_t bytes;
#ifndef NOMINUM_PUBLIC
int i;
#endif /* NOMINUM_PUBLIC */
REQUIRE(mem != NULL);
REQUIRE(length > 0);
REQUIRE(newlist != NULL);
@ -798,8 +796,6 @@ dns_c_iplist_new(isc_mem_t *mem, int length, dns_c_iplist_t **newlist) {
}
memset(list->ips, 0x0, bytes);
#ifndef NOMINUM_PUBLIC
bytes = sizeof(dns_name_t *) * length;
list->keys = isc_mem_get(mem, bytes);
if (list->keys == NULL) {
@ -809,7 +805,6 @@ dns_c_iplist_new(isc_mem_t *mem, int length, dns_c_iplist_t **newlist) {
}
for (i = 0 ; i < length ; i++)
list->keys[i] = NULL;
#endif /* NOMINUM_PUBLIC */
list->magic = DNS_C_IPLIST_MAGIC;
list->size = length;
@ -825,9 +820,7 @@ dns_c_iplist_new(isc_mem_t *mem, int length, dns_c_iplist_t **newlist) {
isc_result_t
dns_c_iplist_detach(dns_c_iplist_t **list) {
dns_c_iplist_t *l ;
#ifndef NOMINUM_PUBLIC
unsigned int i;
#endif /* NOMINUM_PUBLIC */
REQUIRE(list != NULL);
@ -841,7 +834,6 @@ dns_c_iplist_detach(dns_c_iplist_t **list) {
l->refcount--;
if (l->refcount == 0) {
#ifndef NOMINUM_PUBLIC
for (i = 0 ; i < l->size ; i++) {
if (l->keys[i] != NULL) {
dns_name_free(l->keys[i], l->mem);
@ -851,7 +843,6 @@ dns_c_iplist_detach(dns_c_iplist_t **list) {
}
}
isc_mem_put(l->mem, l->keys, sizeof(dns_name_t *) * l->size);
#endif /* NOMINUM_PUBLIC */
isc_mem_put(l->mem, l->ips, sizeof(isc_sockaddr_t) * l->size);
isc_mem_put(l->mem, l, sizeof(*l));
}
@ -861,7 +852,6 @@ dns_c_iplist_detach(dns_c_iplist_t **list) {
return (ISC_R_SUCCESS);
}
#ifndef NOMINUM_PUBLIC
isc_boolean_t
dns_c_iplist_haskeys(dns_c_iplist_t *list)
{
@ -877,7 +867,6 @@ dns_c_iplist_haskeys(dns_c_iplist_t *list)
return (ISC_FALSE);
}
#endif /* NOMINUM_PUBLIC */
void
dns_c_iplist_attach(dns_c_iplist_t *source, dns_c_iplist_t **target) {
@ -903,7 +892,6 @@ dns_c_iplist_copy(isc_mem_t *mem, dns_c_iplist_t **dest, dns_c_iplist_t *src) {
for (i = 0 ; i < src->nextidx ; i++) {
newl->ips[i] = src->ips[i];
#ifndef NOMINUM_PUBLIC
newl->keys[i] = NULL;
if (src->keys[i] != NULL) {
newl->keys[i] = isc_mem_get(mem, sizeof(dns_name_t));
@ -919,7 +907,6 @@ dns_c_iplist_copy(isc_mem_t *mem, dns_c_iplist_t **dest, dns_c_iplist_t *src) {
}
}
}
#endif /* NOMINUM_PUBLIC */
}
newl->nextidx = src->nextidx;
@ -943,7 +930,6 @@ dns_c_iplist_equal(dns_c_iplist_t *list1, dns_c_iplist_t *list2) {
if (!isc_sockaddr_equal(&list1->ips[i], &list2->ips[i]))
return (ISC_FALSE);
#ifndef NOMINUM_PUBLIC
if ((list1->keys[i] == NULL && list2->keys[i] != NULL) ||
(list1->keys[i] != NULL && list2->keys[i] == NULL))
return (ISC_FALSE);
@ -951,7 +937,6 @@ dns_c_iplist_equal(dns_c_iplist_t *list1, dns_c_iplist_t *list2) {
if (list1->keys[i] != NULL &&
!dns_name_equal(list1->keys[i], list2->keys[i]))
return (ISC_FALSE);
#endif /* NOMINUM_PUBLIC */
}
return (ISC_TRUE);
@ -1001,13 +986,11 @@ dns_c_iplist_printfully(FILE *fp, int indent, isc_boolean_t porttoo,
fprintf(fp, " port %d",
isc_sockaddr_getport(&list->ips[i]));
}
#ifndef NOMINUM_PUBLIC
if (list->keys[i] != NULL) {
fprintf(fp, " key \"");
dns_name_print(list->keys[i], fp);
fprintf(fp, "\" ");
}
#endif /* NOMINUM_PUBLIC */
fprintf(fp, ";\n");
}
dns_c_printtabs(fp, indent - 1);
@ -1022,15 +1005,10 @@ dns_c_iplist_print(FILE *fp, int indent, dns_c_iplist_t *list) {
dns_c_iplist_printfully(fp, indent, ISC_FALSE, list);
}
#ifndef NOMINUM_PUBLIC
isc_result_t
dns_c_iplist_append(dns_c_iplist_t *list, isc_sockaddr_t newaddr,
const char *key)
{
#else /* NOMINUM_PUBLIC */
isc_result_t
dns_c_iplist_append(dns_c_iplist_t *list, isc_sockaddr_t newaddr) {
#endif /* NOMINUM_PUBLIC */
isc_uint32_t i;
isc_result_t res;
@ -1047,9 +1025,7 @@ dns_c_iplist_append(dns_c_iplist_t *list, isc_sockaddr_t newaddr) {
if (list->nextidx == list->size) {
isc_sockaddr_t *newlist;
#ifndef NOMINUM_PUBLIC
dns_name_t **newkeys;
#endif /* NOMINUM_PUBLIC */
size_t newbytes;
size_t oldbytes = list->size * sizeof(list->ips[0]);
size_t newsize = list->size + 10;
@ -1065,7 +1041,6 @@ dns_c_iplist_append(dns_c_iplist_t *list, isc_sockaddr_t newaddr) {
isc_mem_put(list->mem, list->ips, oldbytes);
list->ips = newlist;
#ifndef NOMINUM_PUBLIC
oldbytes = sizeof(dns_name_t *) * list->size;
newbytes = sizeof(dns_name_t *) * newsize;
newkeys = isc_mem_get(list->mem, newbytes);
@ -1081,7 +1056,6 @@ dns_c_iplist_append(dns_c_iplist_t *list, isc_sockaddr_t newaddr) {
isc_mem_put(list->mem, list->keys, oldbytes);
list->keys = newkeys;
#endif /* NOMINUM_PUBLIC */
i = list->size;
list->size = newsize;
@ -1092,7 +1066,6 @@ dns_c_iplist_append(dns_c_iplist_t *list, isc_sockaddr_t newaddr) {
res = ISC_R_SUCCESS;
#ifndef NOMINUM_PUBLIC
if (key != NULL) {
if (list->keys[i] != NULL) {
dns_name_free(list->keys[i], list->mem);
@ -1103,7 +1076,6 @@ dns_c_iplist_append(dns_c_iplist_t *list, isc_sockaddr_t newaddr) {
res = dns_c_charptoname(list->mem, key, &list->keys[i]);
}
#endif /* NOMINUM_PUBLIC */
return (res);
}
@ -1128,18 +1100,14 @@ dns_c_iplist_remove(dns_c_iplist_t *list, isc_sockaddr_t newaddr) {
list->nextidx--;
#ifndef NOMINUM_PUBLIC
if (list->keys[i] != NULL) {
dns_name_reset(list->keys[i]);
isc_mem_put(list->mem, list->keys[i], sizeof(dns_name_t));
}
#endif /* NOMINUM_PUBLIC */
for ( /* nothing */ ; i < list->nextidx ; i++) {
list->ips[i] = list->ips[i + 1];
#ifndef NOMINUM_PUBLIC
list->keys[i] = list->keys[i + 1];
#endif /* NOMINUM_PUBLIC */
}
return (ISC_R_SUCCESS);

116
lib/dns/config/confparser.y.dirty
View file

@ -33,7 +33,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: confparser.y.dirty,v 1.42 2000/12/12 21:33:16 bwelling Exp $ */
/* $Id: confparser.y.dirty,v 1.43 2000/12/13 00:15:23 tale Exp $ */
#include <config.h>
@ -263,9 +263,7 @@ static isc_boolean_t int_too_big(isc_uint32_t base, isc_uint32_t mult);
%token L_ADDRESS
%token L_ALGID
%token L_ALLOW
#ifndef NOMINUM_PUBLIC
%token L_ALLOW_NOTIFY
#endif /* NOMINUM_PUBLIC */
%token L_ALLOW_QUERY
%token L_ALLOW_RECURSION
%token L_ALLOW_TRANSFER
@ -342,9 +340,6 @@ static isc_boolean_t int_too_big(isc_uint32_t base, isc_uint32_t mult);
%token L_MAX_CACHE_SIZE
%token L_MAX_CACHE_TTL
%token L_MAX_LOG_SIZE_IXFR
#ifndef NOMINUM_PUBLIC
%token L_MAX_NAMES
#endif /* NOMINUM_PUBLIC */
%token L_MAX_NCACHE_TTL
%token L_MAX_REFRESH_TIME
%token L_MAX_RETRY_TIME
@ -497,9 +492,7 @@ static isc_boolean_t int_too_big(isc_uint32_t base, isc_uint32_t mult);
%type <text> channel_name
%type <text> domain_name
%type <text> key_value
#ifndef NOMINUM_PUBLIC
%type <text> maybe_key
#endif /* NOMINUM_PUBLIC */
%type <kidlist> control_keys
%type <kidlist> keyid_list
%type <searchlist> searchlist
@ -1200,7 +1193,6 @@ option: /* Empty */
YYABORT;
}
}
#ifndef NOMINUM_PUBLIC
| L_ALLOW_NOTIFY L_LBRACE address_match_list L_RBRACE
{
if ($3 == NULL)
@ -1218,7 +1210,6 @@ option: /* Empty */
YYABORT;
}
}
#endif /* NOMINUM_PUBLIC */
| L_ALLOW_QUERY L_LBRACE address_match_list L_RBRACE
{
if ($3 == NULL)
@ -1654,21 +1645,6 @@ option: /* Empty */
YYABORT;
}
}
#ifndef NOMINUM_PUBLIC
| L_MAX_NAMES L_INTEGER
{
tmpres = dns_c_ctx_setmaxnames(currcfg, $2);
if (tmpres == ISC_R_EXISTS) {
parser_error(ISC_FALSE,
"cannot redefine max-names");
YYABORT;
} else if (tmpres != ISC_R_SUCCESS) {
parser_error(ISC_FALSE,
"failed to set max-names");
YYABORT;
}
}
#endif /* NOMINUM_PUBLIC */
| L_HEARTBEAT L_INTEGER
{
if (int_too_big($2, 60)) {
@ -1948,8 +1924,6 @@ transfer_format: L_ONE_ANSWER
}
;
#ifndef NOMINUM_PUBLIC
maybe_key: /* nothing */
{
$$ = NULL;
@ -1958,7 +1932,6 @@ maybe_key: /* nothing */
{
$$ = $2;
};
#endif /* NOMINUM_PUBLIC */
maybe_wild_addr: ip4_address
| ip6_address
@ -2062,11 +2035,7 @@ ip_and_port_element: ip_address maybe_zero_port
};
#ifndef NOMINUM_PUBLIC
ip_and_port_list: ip_and_port_element maybe_key L_EOS
#else /* NOMINUM_PUBLIC */
ip_and_port_list: ip_and_port_element L_EOS
#endif /* NOMINUM_PUBLIC */
{
dns_c_iplist_t *list;
@ -2077,47 +2046,31 @@ ip_and_port_list: ip_and_port_element L_EOS
YYABORT;
}
#ifndef NOMINUM_PUBLIC
tmpres = dns_c_iplist_append(list, $1, $2);
#else /* NOMINUM_PUBLIC */
tmpres = dns_c_iplist_append(list, $1);
#endif /* NOMINUM_PUBLIC */
if (tmpres != ISC_R_SUCCESS) {
parser_error(ISC_TRUE,
"failed to append master address");
YYABORT;
}
#ifndef NOMINUM_PUBLIC
if ($2 != NULL) {
isc_mem_free(memctx, $2);
}
#endif /* NOMINUM_PUBLIC */
$$ = list;
}
#ifndef NOMINUM_PUBLIC
| ip_and_port_list ip_and_port_element maybe_key L_EOS
#else /* NOMINUM_PUBLIC */
| ip_and_port_list ip_and_port_element L_EOS
#endif /* NOMINUM_PUBLIC */
{
#ifndef NOMINUM_PUBLIC
tmpres = dns_c_iplist_append($1, $2, $3);
#else /* NOMINUM_PUBLIC */
tmpres = dns_c_iplist_append($1, $2);
#endif /* NOMINUM_PUBLIC */
if (tmpres != ISC_R_SUCCESS) {
parser_error(ISC_TRUE,
"failed to append master address");
YYABORT;
}
#ifndef NOMINUM_PUBLIC
if ($3 != NULL) {
isc_mem_free(memctx, $3);
}
#endif /* NOMINUM_PUBLIC */
$$ = $1;
}
@ -2485,13 +2438,8 @@ forwarders_in_addr_list: forwarders_in_addr L_EOS
forwarders_in_addr: ip_address
{
#ifndef NOMINUM_PUBLIC
tmpres = dns_c_iplist_append(currcfg->options->forwarders,
$1, NULL);
#else /* NOMINUM_PUBLIC */
tmpres = dns_c_iplist_append(currcfg->options->forwarders,
$1);
#endif /* NOMINUM_PUBLIC */
if (tmpres != ISC_R_SUCCESS) {
parser_error(ISC_FALSE,
"failed to add forwarders "
@ -3774,7 +3722,6 @@ view_option: L_FORWARD zone_forward_opt
YYABORT;
}
}
#ifndef NOMINUM_PUBLIC
| L_ALLOW_NOTIFY L_LBRACE address_match_list L_RBRACE
{
dns_c_view_t *view = dns_c_ctx_getcurrview(currcfg);
@ -3794,7 +3741,6 @@ view_option: L_FORWARD zone_forward_opt
YYABORT;
}
}
#endif /* NOMINUM_PUBLIC */
| L_ALLOW_QUERY L_LBRACE address_match_list L_RBRACE
{
dns_c_view_t *view = dns_c_ctx_getcurrview(currcfg);
@ -4507,25 +4453,6 @@ view_option: L_FORWARD zone_forward_opt
YYABORT;
}
}
#ifndef NOMINUM_PUBLIC
| L_MAX_NAMES L_INTEGER
{
dns_c_view_t *view = dns_c_ctx_getcurrview(currcfg);
INSIST(view != NULL);
tmpres = dns_c_view_setmaxnames(view, $2);
if (tmpres == ISC_R_EXISTS) {
parser_error(ISC_FALSE,
"cannot redefine view max-names");
YYABORT;
} else if (tmpres != ISC_R_SUCCESS) {
parser_error(ISC_FALSE,
"failed to set view max-names");
YYABORT;
}
}
#endif /* NOMINUM_PUBLIC */
| L_SIG_VALIDITY_INTERVAL L_INTEGER
{
dns_c_view_t *view = dns_c_ctx_getcurrview(currcfg);
@ -5084,7 +5011,7 @@ zone_option_list: zone_option L_EOS
*/
zone_non_type_keywords: L_FILE | L_FILE_IXFR | L_IXFR_TMP | L_MASTERS |
L_TRANSFER_SOURCE | L_CHECK_NAMES | L_ALLOW_UPDATE |
L_ALLOW_UPDATE_FORWARDING | L_ALLOW_QUERY |
L_ALLOW_UPDATE_FORWARDING | L_ALLOW_NOTIFY | L_ALLOW_QUERY |
L_ALLOW_TRANSFER | L_FORWARD | L_FORWARDERS | L_MAX_TRANSFER_TIME_IN |
L_TCP_CLIENTS | L_RECURSIVE_CLIENTS | L_UPDATE_POLICY | L_DENY |
L_MAX_TRANSFER_TIME_OUT | L_MAX_TRANSFER_IDLE_IN |
@ -5092,10 +5019,9 @@ zone_non_type_keywords: L_FILE | L_FILE_IXFR | L_IXFR_TMP | L_MASTERS |
L_MAINTAIN_IXFR_BASE | L_PUBKEY | L_ALSO_NOTIFY | L_DIALUP |
L_ENABLE_ZONE | L_DATABASE | L_PORT | L_MIN_RETRY_TIME |
L_MAX_RETRY_TIME | L_MIN_REFRESH_TIME | L_MAX_REFRESH_TIME |
L_ZONE_STATISTICS | L_NOTIFY_SOURCE |
L_NOTIFY_SOURCE_V6
L_ZONE_STATISTICS | L_NOTIFY_SOURCE | L_NOTIFY_SOURCE_V6 |
#ifndef NOMINUM_PUBLIC
| L_ALLOW_NOTIFY | L_NOTIFY_FORWARD | L_MAX_NAMES
| L_NOTIFY_FORWARD
#endif /* NOMINUM_PUBLIC */
;
@ -5370,7 +5296,6 @@ zone_option: L_FILE L_QSTRING
YYABORT;
}
}
#ifndef NOMINUM_PUBLIC
| L_ALLOW_NOTIFY L_LBRACE address_match_list L_RBRACE
{
dns_c_zone_t *zone = dns_c_ctx_getcurrzone(currcfg);
@ -5389,7 +5314,6 @@ zone_option: L_FILE L_QSTRING
YYABORT;
}
}
#endif /* NOMINUM_PUBLIC */
| L_ALLOW_QUERY L_LBRACE address_match_list L_RBRACE
{
dns_c_zone_t *zone = dns_c_ctx_getcurrzone(currcfg);
@ -5668,25 +5592,6 @@ zone_option: L_FILE L_QSTRING
YYABORT;
}
}
#ifndef NOMINUM_PUBLIC
| L_MAX_NAMES L_INTEGER
{
dns_c_zone_t *zone = dns_c_ctx_getcurrzone(currcfg);
INSIST(zone != NULL);
tmpres = dns_c_zone_setmaxnames(zone, $2);
if (tmpres == ISC_R_EXISTS) {
parser_error(ISC_FALSE,
"cannot redefine zone max-names");
YYABORT;
} else if (tmpres != ISC_R_SUCCESS) {
parser_error(ISC_FALSE,
"failed to set zone max-names");
YYABORT;
}
}
#endif /* NOMINUM_PUBLIC */
| L_MAX_LOG_SIZE_IXFR L_INTEGER
{
dns_c_zone_t *zone = dns_c_ctx_getcurrzone(currcfg);
@ -5931,11 +5836,7 @@ in_addr_list: in_addr_elem L_EOS
YYABORT;
}
#ifndef NOMINUM_PUBLIC
tmpres = dns_c_iplist_append(list, $1, NULL);
#else /* NOMINUM_PUBLIC */
tmpres = dns_c_iplist_append(list, $1);
#endif /* NOMINUM_PUBLIC */
if (tmpres != ISC_R_SUCCESS) {
parser_error(ISC_TRUE,
"failed to append master address");
@ -5946,11 +5847,7 @@ in_addr_list: in_addr_elem L_EOS
}
| in_addr_list in_addr_elem L_EOS
{
#ifndef NOMINUM_PUBLIC
tmpres = dns_c_iplist_append($1, $2, NULL);
#else /* NOMINUM_PUBLIC */
tmpres = dns_c_iplist_append($1, $2);
#endif /* NOMINUM_PUBLIC */
if (tmpres != ISC_R_SUCCESS) {
parser_error(ISC_TRUE,
"failed to append master address");
@ -6232,9 +6129,7 @@ static struct token keyword_tokens [] = {
{ "address", L_ADDRESS },
{ "algorithm", L_ALGID },
{ "allow", L_ALLOW },
#ifndef NOMINUM_PUBLIC
{ "allow-notify", L_ALLOW_NOTIFY },
#endif /* NOMINUM_PUBLIC */
{ "allow-query", L_ALLOW_QUERY },
{ "allow-recursion", L_ALLOW_RECURSION },
{ "allow-transfer", L_ALLOW_TRANSFER },
@ -6316,9 +6211,6 @@ static struct token keyword_tokens [] = {
{ "max-retry-time", L_MAX_RETRY_TIME },
{ "min-refresh-time", L_MIN_REFRESH_TIME },
{ "max-refresh-time", L_MAX_REFRESH_TIME },
#ifndef NOMINUM_PUBLIC
{ "max-names", L_MAX_NAMES },
#endif /* NOMINUM_PUBLIC */
{ "maximal", L_MAXIMAL },
{ "memstatistics-file", L_MEMSTATS_FILE },
{ "min-roots", L_MIN_ROOTS },

20
lib/dns/config/confview.c
View file

@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: confview.c,v 1.65 2000/12/12 21:33:18 bwelling Exp $ */
/* $Id: confview.c,v 1.66 2000/12/13 00:15:24 tale Exp $ */
#include <config.h>
@ -530,9 +530,7 @@ dns_c_view_new(isc_mem_t *mem, const char *name, dns_rdataclass_t viewclass,
view->forwarders = NULL;
view->also_notify = NULL;
#ifndef NOMINUM_PUBLIC
view->allownotify = NULL;
#endif /* NOMINUM_PUBLIC */
view->allowquery = NULL;
view->allowupdateforwarding = NULL;
view->transferacl = NULL;
@ -582,7 +580,6 @@ dns_c_view_new(isc_mem_t *mem, const char *name, dns_rdataclass_t viewclass,
view->max_refresh_time = NULL;
#ifndef NOMINUM_PUBLIC
view->max_names = NULL;
view->notify_forward = NULL;
#endif /* NOMINUM_PUBLIC */
@ -773,9 +770,7 @@ dns_c_view_print(FILE *fp, int indent, dns_c_view_t *view) {
fprintf(fp, ";\n");
}
#ifndef NOMINUM_PUBLIC
PRINT_IPMLIST(allownotify, "allow-notify");
#endif /* NOMINUM_PUBLIC */
PRINT_IPMLIST(allowquery, "allow-query");
PRINT_IPMLIST(allowupdateforwarding, "allow-update-forwarding");
PRINT_IPMLIST(transferacl, "alllow-transfer");
@ -855,10 +850,6 @@ dns_c_view_print(FILE *fp, int indent, dns_c_view_t *view) {
PRINT_INT32(min_refresh_time, "min-refresh-time");
PRINT_INT32(max_refresh_time, "max-refresh-time");
#ifndef NOMINUM_PUBLIC
PRINT_INT32(max_names, "max-names");
#endif /* NOMINUM_PUBLIC */
PRINT_AS_SIZE_CLAUSE(max_cache_size, "max-cache-size");
if (view->additional_data != NULL) {
@ -953,9 +944,7 @@ dns_c_view_delete(dns_c_view_t **viewptr) {
dns_c_iplist_detach(&view->also_notify);
}
#ifndef NOMINUM_PUBLIC
FREEIPMLIST(allownotify);
#endif /* NOMINUM_PUBLIC */
FREEIPMLIST(allowquery);
FREEIPMLIST(allowupdateforwarding);
FREEIPMLIST(transferacl);
@ -1008,7 +997,6 @@ dns_c_view_delete(dns_c_view_t **viewptr) {
FREEFIELD(max_refresh_time);
#ifndef NOMINUM_PUBLIC
FREEFIELD(max_names);
FREEFIELD(notify_forward);
#endif /* NOMINUM_PUBLIC */
@ -1606,9 +1594,7 @@ dns_c_view_settrustedkeys(dns_c_view_t *view, dns_c_tkeylist_t *newval,
**
*/
#ifndef NOMINUM_PUBLIC
IPMLIST_FUNCS(allownotify, allownotify)
#endif /* NOMINUM_PUBLIC */
IPMLIST_FUNCS(allowquery, allowquery)
IPMLIST_FUNCS(allowupdateforwarding, allowupdateforwarding)
IPMLIST_FUNCS(transferacl, transferacl)
@ -1659,10 +1645,6 @@ UINT32_FUNCS(maxretrytime, max_retry_time)
UINT32_FUNCS(minrefreshtime, min_refresh_time)
UINT32_FUNCS(maxrefreshtime, max_refresh_time)
#ifndef NOMINUM_PUBLIC
UINT32_FUNCS(maxnames, max_names)
#endif /* NOMINUM_PUBLIC */
BYTYPE_FUNCS(dns_c_addata_t, additionaldata, additional_data)
BYTYPE_FUNCS(dns_transfer_format_t, transferformat, transfer_format)

148
lib/dns/config/confzone.c
View file

@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: confzone.c,v 1.71 2000/12/07 01:45:57 brister Exp $ */
/* $Id: confzone.c,v 1.72 2000/12/13 00:15:26 tale Exp $ */
#include <config.h>
@ -42,9 +42,7 @@
#define MZ_MAX_TRANS_TIME_OUT_BIT 6
#define MZ_MAX_TRANS_IDLE_OUT_BIT 7
#define MZ_SIG_VALID_INTERVAL_BIT 8
#ifndef NOMINUM_PUBLIC
#define MZ_MAX_NAMES_BIT 9
#endif /* NOMINUM_PUBLIC */
/* #define unused 9 */
#define MZ_MIN_RETRY_TIME_BIT 10
#define MZ_MAX_RETRY_TIME_BIT 11
#define MZ_MIN_REFRESH_TIME_BIT 12
@ -71,9 +69,7 @@
#define SZ_MAINT_IXFR_BASE_BIT 10
#define SZ_MAX_IXFR_LOG_BIT 11
#define SZ_FORWARD_BIT 12
#ifndef NOMINUM_PUBLIC
#define SZ_MAX_NAMES_BIT 13
#endif /* NOMINUM_PUBLIC */
/* #define unused 13 */
#define SZ_MIN_RETRY_TIME_BIT 14
#define SZ_MAX_RETRY_TIME_BIT 15
#define SZ_MIN_REFRESH_TIME_BIT 16
@ -1239,11 +1235,6 @@ dns_c_zone_getssuauth(dns_c_zone_t *zone, dns_ssutable_t **retval) {
}
#ifndef NOMINUM_PUBLIC
/*
*
*/
isc_result_t
dns_c_zone_setallownotify(dns_c_zone_t *zone,
dns_c_ipmatchlist_t *ipml,
@ -1351,10 +1342,6 @@ dns_c_zone_getallownotify(dns_c_zone_t *zone, dns_c_ipmatchlist_t **retval) {
return (res);
}
#endif /* NOMINUM_PUBLIC */
/*
*
*/
isc_result_t
dns_c_zone_setallowquery(dns_c_zone_t *zone,
@ -4159,117 +4146,6 @@ dns_c_zone_getmaxrefreshtime(dns_c_zone_t *zone, isc_uint32_t *retval) {
return (res);
}
#ifndef NOMINUM_PUBLIC
isc_result_t
dns_c_zone_setmaxnames(dns_c_zone_t *zone, isc_uint32_t newval) {
isc_boolean_t existed = ISC_FALSE;
REQUIRE(DNS_C_ZONE_VALID(zone));
switch (zone->ztype) {
case dns_c_zone_master:
zone->u.mzone.max_names = newval ;
existed = DNS_C_CHECKBIT(MZ_MAX_NAMES_BIT,
&zone->u.mzone.setflags);
DNS_C_SETBIT(MZ_MAX_NAMES_BIT,
&zone->u.mzone.setflags);
break;
case dns_c_zone_slave:
zone->u.szone.max_names = newval ;
existed = DNS_C_CHECKBIT(SZ_MAX_NAMES_BIT,
&zone->u.szone.setflags);
DNS_C_SETBIT(SZ_MAX_NAMES_BIT,
&zone->u.szone.setflags);
break;
case dns_c_zone_stub:
isc_log_write(dns_lctx, DNS_LOGCATEGORY_CONFIG,
DNS_LOGMODULE_CONFIG, ISC_LOG_CRITICAL,
"stub zones do not have a "
"max_names field");
return (ISC_R_FAILURE);
case dns_c_zone_hint:
isc_log_write(dns_lctx, DNS_LOGCATEGORY_CONFIG,
DNS_LOGMODULE_CONFIG, ISC_LOG_CRITICAL,
"hint zones do not have a "
"max_names field");
return (ISC_R_FAILURE);
case dns_c_zone_forward:
isc_log_write(dns_lctx, DNS_LOGCATEGORY_CONFIG,
DNS_LOGMODULE_CONFIG, ISC_LOG_CRITICAL,
"forward zones do not have a "
"max_names field");
return (ISC_R_FAILURE);
}
return (existed ? ISC_R_EXISTS : ISC_R_SUCCESS);
}
/*
*
*/
isc_result_t
dns_c_zone_getmaxnames(dns_c_zone_t *zone, isc_uint32_t *retval) {
isc_result_t res = ISC_R_SUCCESS;
REQUIRE(DNS_C_ZONE_VALID(zone));
REQUIRE(retval != NULL);
switch (zone->ztype) {
case dns_c_zone_master:
if (DNS_C_CHECKBIT(MZ_MAX_NAMES_BIT,
&zone->u.mzone.setflags)) {
*retval = zone->u.mzone.max_names;
res = ISC_R_SUCCESS;
} else {
res = ISC_R_NOTFOUND;
}
break;
case dns_c_zone_slave:
if (DNS_C_CHECKBIT(SZ_MAX_NAMES_BIT,
&zone->u.szone.setflags)) {
*retval = zone->u.szone.max_names;
res = ISC_R_SUCCESS;
} else {
res = ISC_R_NOTFOUND;
}
break;
case dns_c_zone_stub:
isc_log_write(dns_lctx, DNS_LOGCATEGORY_CONFIG,
DNS_LOGMODULE_CONFIG, ISC_LOG_CRITICAL,
"stub zones do not have a "
"max_names field");
return (ISC_R_FAILURE);
case dns_c_zone_hint:
isc_log_write(dns_lctx, DNS_LOGCATEGORY_CONFIG,
DNS_LOGMODULE_CONFIG, ISC_LOG_CRITICAL,
"hint zones do not have a "
"max_names field");
return (ISC_R_FAILURE);
case dns_c_zone_forward:
isc_log_write(dns_lctx, DNS_LOGCATEGORY_CONFIG,
DNS_LOGMODULE_CONFIG, ISC_LOG_CRITICAL,
"forward zones do not have a "
"max_names field");
return (ISC_R_FAILURE);
}
return (res);
}
#endif /* NOMINUM_PUBLIC */
/*
*
*/
@ -5092,13 +4968,6 @@ master_zone_print(FILE *fp, int indent, dns_c_masterzone_t *mzone) {
fprintf(fp, "max-refresh-time %d;\n", mzone->max_refresh_time);
}
#ifndef NOMINUM_PUBLIC
if (DNS_C_CHECKBIT(MZ_MAX_NAMES_BIT, &mzone->setflags)) {
dns_c_printtabs(fp, indent);
fprintf(fp, "max-names %d;\n", mzone->max_names);
}
#endif /* NOMINUM_PUBLIC */
if (mzone->pubkeylist != NULL) {
fprintf(fp, "\n");
dns_c_pklist_print(fp, indent, mzone->pubkeylist);
@ -5210,7 +5079,6 @@ slave_zone_print(FILE *fp, int indent, dns_c_slavezone_t *szone) {
fprintf(fp, ";\n");
}
#ifndef NOMINUM_PUBLIC
if (szone->allow_notify != NULL &&
!ISC_LIST_EMPTY(szone->allow_notify->elements)) {
dns_c_printtabs(fp, indent);
@ -5219,7 +5087,6 @@ slave_zone_print(FILE *fp, int indent, dns_c_slavezone_t *szone) {
szone->allow_notify);
fprintf(fp, ";\n");
}
#endif /* NOMINUM_PUBLIC */
if (szone->allow_query != NULL &&
!ISC_LIST_EMPTY(szone->allow_query->elements)) {
@ -5354,11 +5221,6 @@ slave_zone_print(FILE *fp, int indent, dns_c_slavezone_t *szone) {
}
#ifndef NOMINUM_PUBLIC
if (DNS_C_CHECKBIT(SZ_MAX_NAMES_BIT, &szone->setflags)) {
dns_c_printtabs(fp, indent);
fprintf(fp, "max-names %d;\n", szone->max_names);
}
if (DNS_C_CHECKBIT(SZ_NOTIFY_RELAY_BIT, &szone->setflags)) {
dns_c_printtabs(fp, indent);
fprintf(fp, "notify-forward %s;\n",
@ -5643,9 +5505,7 @@ slave_zone_init(dns_c_slavezone_t *szone) {
szone->master_ips = NULL;
szone->allow_update = NULL;
szone->allow_update_forwarding = NULL;
#ifndef NOMINUM_PUBLIC
szone->allow_notify = NULL;
#endif /* NOMINUM_PUBLIC */
szone->allow_query = NULL;
szone->allow_transfer = NULL;
szone->also_notify = NULL;
@ -5846,10 +5706,8 @@ slave_zone_clear(isc_mem_t *mem, dns_c_slavezone_t *szone) {
if (szone->allow_update_forwarding != NULL)
dns_c_ipmatchlist_detach(&szone->allow_update_forwarding);
#ifndef NOMINUM_PUBLIC
if (szone->allow_notify != NULL)
dns_c_ipmatchlist_detach(&szone->allow_notify);
#endif /* NOMINUM_PUBLIC */
if (szone->allow_query != NULL)
dns_c_ipmatchlist_detach(&szone->allow_query);

16
lib/dns/include/dns/confctx.h
View file

@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: confctx.h,v 1.59 2000/12/12 21:33:19 bwelling Exp $ */
/* $Id: confctx.h,v 1.60 2000/12/13 00:15:30 tale Exp $ */
#ifndef DNS_CONFCTX_H
#define DNS_CONFCTX_H 1
@ -158,10 +158,6 @@ struct dns_c_options {
isc_uint32_t *min_refresh_time;
isc_uint32_t *max_refresh_time;
#ifndef NOMINUM_PUBLIC
isc_uint32_t *max_names;
#endif /* NOMINUM_PUBLIC */
isc_boolean_t *expert_mode;
isc_boolean_t *fake_iquery;
isc_boolean_t *recursion;
@ -209,9 +205,7 @@ struct dns_c_options {
dns_transfer_format_t *transfer_format;
#ifndef NOMINUM_PUBLIC
dns_c_ipmatchlist_t *notifyacl;
#endif /* NOMINUM_PUBLIC */
dns_c_ipmatchlist_t *queryacl;
dns_c_ipmatchlist_t *transferacl;
dns_c_ipmatchlist_t *recursionacl;
@ -522,12 +516,6 @@ isc_result_t dns_c_ctx_getmaxrefreshtime(dns_c_ctx_t *cfg,
isc_uint32_t *retval);
isc_result_t dns_c_ctx_unsetmaxrefreshtime(dns_c_ctx_t *cfg);
#ifndef NOMINUM_PUBLIC
isc_result_t dns_c_ctx_setmaxnames(dns_c_ctx_t *cfg, isc_uint32_t newval);
isc_result_t dns_c_ctx_getmaxnames(dns_c_ctx_t *cfg, isc_uint32_t *retval);
isc_result_t dns_c_ctx_unsetmaxnames(dns_c_ctx_t *cfg);
#endif /* NOMINUM_PUBLIC */
isc_result_t dns_c_ctx_setmaxncachettl(dns_c_ctx_t *cfg, isc_uint32_t newval);
isc_result_t dns_c_ctx_getmaxncachettl(dns_c_ctx_t *cfg, isc_uint32_t *retval);
isc_result_t dns_c_ctx_unsetmaxncachettl(dns_c_ctx_t *cfg);
@ -759,13 +747,11 @@ isc_result_t dns_c_ctx_gettransferformat(dns_c_ctx_t *cfg,
dns_transfer_format_t *tformat);
isc_result_t dns_c_ctx_unsettransferformat(dns_c_ctx_t *cfg);
#ifndef NOMINUM_PUBLIC
isc_result_t dns_c_ctx_setallownotify(dns_c_ctx_t *cfg,
dns_c_ipmatchlist_t *iml);
isc_result_t dns_c_ctx_getallownotify(dns_c_ctx_t *cfg,
dns_c_ipmatchlist_t **list);
isc_result_t dns_c_ctx_unsetallownotify(dns_c_ctx_t *cfg);
#endif /* NOMINUM_PUBLIC */
isc_result_t dns_c_ctx_setallowquery(dns_c_ctx_t *cfg,
dns_c_ipmatchlist_t *iml);

11
lib/dns/include/dns/confip.h
View file

@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: confip.h,v 1.27 2000/08/01 01:23:53 tale Exp $ */
/* $Id: confip.h,v 1.28 2000/12/13 00:15:31 tale Exp $ */
#ifndef DNS_CONFIP_H
#define DNS_CONFIP_H 1
@ -95,9 +95,7 @@ struct dns_c_iplist {
isc_mem_t *mem;
int refcount;
isc_sockaddr_t *ips;
#ifndef NOMINUM_PUBLIC
dns_name_t **keys;
#endif /* NOMINUM_PUBLIC */
isc_uint32_t size;
isc_uint32_t nextidx;
};
@ -229,19 +227,12 @@ isc_result_t dns_c_iplist_detach(dns_c_iplist_t **list);
isc_result_t dns_c_iplist_copy(isc_mem_t *mem, dns_c_iplist_t **dest,
dns_c_iplist_t *src);
#ifndef NOMINUM_PUBLIC
isc_boolean_t dns_c_iplist_haskeys(dns_c_iplist_t *list);
#endif /* NOMINUM_PUBLIC */
void dns_c_iplist_attach(dns_c_iplist_t *source, dns_c_iplist_t **target);
#ifndef NOMINUM_PUBLIC
isc_result_t dns_c_iplist_append(dns_c_iplist_t *list,
isc_sockaddr_t newaddr, const char *key);
#else /* NOMINUM_PUBLIC */
isc_result_t dns_c_iplist_append(dns_c_iplist_t *list,
isc_sockaddr_t newaddr);
#endif /* NOMINUM_PUBLIC */
isc_result_t dns_c_iplist_remove(dns_c_iplist_t *list, isc_sockaddr_t newaddr);

19
lib/dns/include/dns/confview.h
View file

@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: confview.h,v 1.47 2000/12/12 21:33:20 bwelling Exp $ */
/* $Id: confview.h,v 1.48 2000/12/13 00:15:33 tale Exp $ */
#ifndef DNS_CONFVIEW_H
#define DNS_CONFVIEW_H 1
@ -102,9 +102,7 @@ struct dns_c_view {
dns_c_iplist_t *forwarders;
dns_c_iplist_t *also_notify;
#ifndef NOMINUM_PUBLIC
dns_c_ipmatchlist_t *allownotify;
#endif /* NOMINUM_PUBLIC */
dns_c_ipmatchlist_t *allowquery;
dns_c_ipmatchlist_t *allowupdateforwarding;
dns_c_ipmatchlist_t *transferacl;
@ -155,10 +153,6 @@ struct dns_c_view {
isc_uint32_t *min_refresh_time;
isc_uint32_t *max_refresh_time;
#ifndef NOMINUM_PUBLIC
isc_uint32_t *max_names;
#endif /* NOMINUM_PUBLIC */
dns_c_addata_t *additional_data;
dns_transfer_format_t *transfer_format;
@ -242,15 +236,11 @@ isc_result_t dns_c_view_unsetforwarders(dns_c_view_t *view);
isc_result_t dns_c_view_getforwarders(dns_c_view_t *view,
dns_c_iplist_t **ipl);
#ifndef NOMINUM_PUBLIC
isc_result_t dns_c_view_getallownotify(dns_c_view_t *view,
dns_c_ipmatchlist_t **retval);
isc_result_t dns_c_view_setallownotify(dns_c_view_t *view,
dns_c_ipmatchlist_t *newval);
isc_result_t dns_c_view_unsetallownotify(dns_c_view_t *view);
#endif /* NOMINUM_PUBLIC */
isc_result_t dns_c_view_getallowquery(dns_c_view_t *view,
dns_c_ipmatchlist_t **retval);
@ -557,13 +547,6 @@ isc_result_t dns_c_view_setmaxrefreshtime(dns_c_view_t *view,
isc_uint32_t newval);
isc_result_t dns_c_view_unsetmaxrefreshtime(dns_c_view_t *view);
#ifndef NOMINUM_PUBLIC
isc_result_t dns_c_view_getmaxnames(dns_c_view_t *view,
isc_uint32_t *retval);
isc_result_t dns_c_view_setmaxnames(dns_c_view_t *view,
isc_uint32_t newval);
isc_result_t dns_c_view_unsetmaxnames(dns_c_view_t *view);
#endif /* NOMINUM_PUBLIC */
isc_result_t dns_c_view_setadditionaldata(dns_c_view_t *view,
dns_c_addata_t newval);

25
lib/dns/include/dns/confzone.h
View file

@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: confzone.h,v 1.49 2000/11/28 22:42:37 gson Exp $ */
/* $Id: confzone.h,v 1.50 2000/12/13 00:15:34 tale Exp $ */
#ifndef DNS_CONFZONE_H
#define DNS_CONFZONE_H 1
@ -116,10 +116,6 @@ struct dns_c_master_zone {
isc_uint32_t max_trans_idle_out;
isc_uint32_t sig_valid_interval;
#ifndef NOMINUM_PUBLIC
isc_uint32_t max_names;
#endif /* NOMINUM_PUBLIC */
isc_sockaddr_t notify_source;
isc_sockaddr_t notify_source_v6;
isc_sockaddr_t transfer_source;
@ -141,9 +137,7 @@ struct dns_c_slave_zone {
dns_severity_t check_names;
dns_c_ipmatchlist_t *allow_update;
dns_c_ipmatchlist_t *allow_update_forwarding;
#ifndef NOMINUM_PUBLIC
dns_c_ipmatchlist_t *allow_notify;
#endif /* NOMINUM_PUBLIC */
dns_c_ipmatchlist_t *allow_query;
dns_c_ipmatchlist_t *allow_transfer;
dns_c_iplist_t *also_notify;
@ -169,10 +163,6 @@ struct dns_c_slave_zone {
isc_uint32_t max_trans_idle_in;
isc_uint32_t max_trans_idle_out;
#ifndef NOMINUM_PUBLIC
isc_uint32_t max_names;
#endif /* NOMINUM_PUBLIC */
isc_uint32_t min_retry_time;
isc_uint32_t max_retry_time;
isc_uint32_t min_refresh_time;
@ -327,14 +317,11 @@ isc_result_t dns_c_zone_getssuauth(dns_c_zone_t *zone,
dns_ssutable_t **ssutable);
#ifndef NOMINUM_PUBLIC
isc_result_t dns_c_zone_setallownotify(dns_c_zone_t *zone,
dns_c_ipmatchlist_t *ipml,
isc_boolean_t deepcopy);
isc_result_t dns_c_zone_getallownotify(dns_c_zone_t *zone,
dns_c_ipmatchlist_t **retval);
#endif /* NOMINUM_PUBLIC */
isc_result_t dns_c_zone_setallowquery(dns_c_zone_t *zone,
dns_c_ipmatchlist_t *ipml,
@ -486,16 +473,6 @@ isc_result_t dns_c_zone_setmaxrefreshtime(dns_c_zone_t *zone,
isc_result_t dns_c_zone_getmaxrefreshtime(dns_c_zone_t *zone,
isc_uint32_t *retval);
#ifndef NOMINUM_PUBLIC
isc_result_t dns_c_zone_setmaxnames(dns_c_zone_t *zone,
isc_uint32_t newval);
isc_result_t dns_c_zone_getmaxnames(dns_c_zone_t *zone,
isc_uint32_t *retval);
#endif /* NOMINUM_PUBLIC */
isc_result_t dns_c_zone_setmaxixfrlog(dns_c_zone_t *zone,
isc_uint32_t newval);
isc_result_t dns_c_zone_getmaxixfrlog(dns_c_zone_t *zone,

10
lib/dns/include/dns/opt.h
View file

@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: opt.h,v 1.5 2000/12/02 04:13:33 gson Exp $ */
/* $Id: opt.h,v 1.6 2000/12/13 00:15:36 tale Exp $ */
/* DNS_OPT_NEWCODES_KEEP */
@ -31,14 +31,6 @@
#include <dns/rdataset.h>
#include <dns/message.h>
#ifndef NOMINUM_PUBLIC
/*
* XXX For GNS, We're enabling the new option codes. This is
* internal use only.
*/
#define DNS_OPT_NEWCODES
#endif /* NOMINUM_PUBLIC */
/*
* XXX WARNING XXX These codes have not yet been assigned by IANA.
* These are here as placekeepers ONLY.

4
lib/dns/include/dns/result.h
View file

@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: result.h,v 1.74 2000/11/22 00:16:41 halley Exp $ */
/* $Id: result.h,v 1.75 2000/12/13 00:15:38 tale Exp $ */
#ifndef DNS_RESULT_H
#define DNS_RESULT_H 1
@ -98,7 +98,7 @@
#define DNS_R_NOVALIDSIG (ISC_RESULTCLASS_DNS + 59)
#define DNS_R_NOVALIDNXT (ISC_RESULTCLASS_DNS + 60)
#define DNS_R_NOTINSECURE (ISC_RESULTCLASS_DNS + 61)
#define DNS_R_ZONETOOLARGE (ISC_RESULTCLASS_DNS + 62)
/* #define DNS_R_unused (ISC_RESULTCLASS_DNS + 62) */
#define DNS_R_RECOVERABLE (ISC_RESULTCLASS_DNS + 63)
#define DNS_R_UNKNOWNOPT (ISC_RESULTCLASS_DNS + 64)
#define DNS_R_UNEXPECTEDID (ISC_RESULTCLASS_DNS + 65)

24
lib/dns/include/dns/zone.h
View file

@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: zone.h,v 1.93 2000/12/01 23:49:57 gson Exp $ */
/* $Id: zone.h,v 1.94 2000/12/13 00:15:39 tale Exp $ */
#ifndef DNS_ZONE_H
#define DNS_ZONE_H 1
@ -381,11 +381,9 @@ dns_zone_maintenance(dns_zone_t *zone);
isc_result_t
dns_zone_setmasters(dns_zone_t *zone, isc_sockaddr_t *masters,
isc_uint32_t count);
#ifndef NOMINUM_PUBLIC
isc_result_t
dns_zone_setmasterswithkeys(dns_zone_t *zone, isc_sockaddr_t *masters,
dns_name_t **keynames, isc_uint32_t count);
#endif /* NOMINUM_PUBLIC */
/*
* Set the list of master servers for the zone.
*
@ -393,21 +391,17 @@ dns_zone_setmasterswithkeys(dns_zone_t *zone, isc_sockaddr_t *masters,
* 'zone' to be a valid zone.
* 'masters' array of isc_sockaddr_t with port set or NULL.
* 'count' the number of masters.
#ifndef NOMINUM_PUBLIC
* 'keynames' array of dns_name_t's for tsig keys or NULL.
*
* dns_zone_setmasters() is just a wrapper to setmasterswithkeys(),
* passing NULL in the keynames field.
#endif NOMINUM_PUBLIC
*
* If 'masters' is NULL then 'count' must be zero.
*
* Returns:
* ISC_R_SUCCESS
* ISC_R_NOMEMORY
#ifndef NOMINUM_PUBLIC
* Any result dns_name_dup() can return, if keynames!=NULL
#endif NOMINUM_PUBLIC
*/
isc_result_t
@ -508,15 +502,6 @@ dns_zone_setmaxretrytime(dns_zone_t *zone, isc_uint32_t val);
* val > 0.
*/
#ifndef NOMINUM_PUBLIC
void
dns_zone_setmaxnames(dns_zone_t *zone, isc_uint32_t val);
isc_uint32_t dns_zone_getmaxnames(dns_zone_t *zone);
/*
* Set/get the maximum number of names allowed in the zone.
*/
#endif /* NOMINUM_PUBLIC */
isc_result_t
dns_zone_setxfrsource4(dns_zone_t *zone, isc_sockaddr_t *xfrsource);
/*
@ -609,7 +594,6 @@ dns_zone_getnotifysrc6(dns_zone_t *zone);
* 'zone' to be a valid zone.
*/
#ifndef NOMINUM_PUBLIC
void
dns_zone_setnotifyacl(dns_zone_t *zone, dns_acl_t *acl);
/*
@ -619,7 +603,7 @@ dns_zone_setnotifyacl(dns_zone_t *zone, dns_acl_t *acl);
* 'zone' to be a valid zone.
* 'acl' to be a valid acl.
*/
#endif /* NOMINUM_PUBLIC */
void
dns_zone_setqueryacl(dns_zone_t *zone, dns_acl_t *acl);
/*
@ -660,7 +644,6 @@ dns_zone_setxfracl(dns_zone_t *zone, dns_acl_t *acl);
* 'acl' to be valid acl.
*/
#ifndef NOMINUM_PUBLIC
dns_acl_t *
dns_zone_getnotifyacl(dns_zone_t *zone);
/*
@ -673,7 +656,6 @@ dns_zone_getnotifyacl(dns_zone_t *zone);
* acl a pointer to the acl.
* NULL
*/
#endif /* NOMINUM_PUBLIC */
dns_acl_t *
dns_zone_getqueryacl(dns_zone_t *zone);
@ -745,7 +727,6 @@ dns_zone_clearforwardacl(dns_zone_t *zone);
* 'zone' to be a valid zone.
*/
#ifndef NOMINUM_PUBLIC
void
dns_zone_clearnotifyacl(dns_zone_t *zone);
/*
@ -754,7 +735,6 @@ dns_zone_clearnotifyacl(dns_zone_t *zone);
* Require:
* 'zone' to be a valid zone.
*/
#endif /* NOMINUM_PUBLIC */
void
dns_zone_clearqueryacl(dns_zone_t *zone);

4
lib/dns/result.c
View file

@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: result.c,v 1.82 2000/12/11 19:24:22 bwelling Exp $ */
/* $Id: result.c,v 1.83 2000/12/13 00:15:13 tale Exp $ */
#include <config.h>
@ -100,7 +100,7 @@ static const char *text[DNS_R_NRESULTS] = {
"no valid NXT", /* 60 DNS_R_NOVALIDNXT */
"not insecure", /* 61 DNS_R_NOTINSECURE */
"zone too large", /* 62 DNS_R_ZONETOOLARGE */
"<unused 62> ", /* 62 unused */
"recoverable error occurred", /* 63 DNS_R_RECOVERABLE */
"unknown opt attribute record", /* 64 DNS_R_UNKNOWNOPT */

19
lib/dns/xfrin.c
View file

@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: xfrin.c,v 1.108 2000/12/11 19:24:27 bwelling Exp $ */
/* $Id: xfrin.c,v 1.109 2000/12/13 00:15:14 tale Exp $ */
#include <config.h>
@ -1169,23 +1169,6 @@ xfrin_recv_done(isc_task_t *task, isc_event_t *ev) {
}
}
#ifndef NOMINUM_PUBLIC
/*
* Check the database size. Note that xfr->db can still
* be NULL at this point, e.g. when doing an initial AXFR
* and the first response message contains only the SOA.
*/
if (xfr->db != NULL) {
unsigned int count = dns_db_nodecount(xfr->db);
unsigned int maxnames = dns_zone_getmaxnames(xfr->zone);
if (maxnames != 0 && count > maxnames) {
result = DNS_R_ZONETOOLARGE;
goto failure;
}
}
#endif /* NOMINUM_PUBLIC */
/*
* Update the number of messages received.
*/

131
lib/dns/zone.c
View file

@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: zone.c,v 1.275 2000/12/11 19:24:29 bwelling Exp $ */
/* $Id: zone.c,v 1.276 2000/12/13 00:15:16 tale Exp $ */
#include <config.h>
@ -159,14 +159,9 @@ struct dns_zone {
isc_uint32_t minrefresh;
isc_uint32_t maxretry;
isc_uint32_t minretry;
#ifndef NOMINUM_PUBLIC
isc_uint32_t maxnames;
#endif /* NOMINUM_PUBLIC */
isc_sockaddr_t *masters;
#ifndef NOMINUM_PUBLIC
dns_name_t **masterkeynames;
#endif /* NOMINUM_PUBLIC */
unsigned int masterscnt;
unsigned int curmaster;
unsigned int refreshcnt;
@ -184,9 +179,7 @@ struct dns_zone {
/* Access Control Lists */
dns_acl_t *update_acl;
dns_acl_t *forward_acl;
#ifndef NOMINUM_PUBLIC
dns_acl_t *notify_acl;
#endif /* NOMINUM_PUBLIC */
dns_acl_t *query_acl;
dns_acl_t *xfr_acl;
dns_severity_t check_names;
@ -369,9 +362,6 @@ static void zone_unload(dns_zone_t *zone);
static void zone_expire(dns_zone_t *zone);
static void zone_iattach(dns_zone_t *source, dns_zone_t **target);
void zone_idetach(dns_zone_t **zonep);
#ifndef NOMINUM_PUBLIC
static void zone_deletefile(dns_zone_t *zone);
#endif /* NOMINUM_PUBLIC */
static isc_result_t zone_replacedb(dns_zone_t *zone, dns_db_t *db,
isc_boolean_t dump);
static isc_result_t default_journal(dns_zone_t *zone);
@ -500,13 +490,8 @@ dns_zone_create(dns_zone_t **zonep, isc_mem_t *mctx) {
zone->minrefresh = DNS_ZONE_MINREFRESH;
zone->maxretry = DNS_ZONE_MAXRETRY;
zone->minretry = DNS_ZONE_MINRETRY;
#ifndef NOMINUM_PUBLIC
zone->maxnames = 0;
#endif /* NOMINUM_PUBLIC */
zone->masters = NULL;
#ifndef NOMINUM_PUBLIC
zone->masterkeynames = NULL;
#endif /* NOMINUM_PUBLIC */
zone->masterscnt = 0;
zone->curmaster = 0;
zone->refreshcnt = 0;
@ -516,9 +501,7 @@ dns_zone_create(dns_zone_t **zonep, isc_mem_t *mctx) {
zone->task = NULL;
zone->update_acl = NULL;
zone->forward_acl = NULL;
#ifndef NOMINUM_PUBLIC
zone->notify_acl = NULL;
#endif /* NOMINUM_PUBLIC */
zone->query_acl = NULL;
zone->xfr_acl = NULL;
zone->check_names = dns_severity_ignore;
@ -602,21 +585,15 @@ zone_free(dns_zone_t *zone) {
if (zone->db != NULL)
dns_db_detach(&zone->db);
zone_freedbargs(zone);
#ifndef NOMINUM_PUBLIC
dns_zone_setmasterswithkeys(zone, NULL, NULL, 0);
#else /* NOMINUM_PUBLIC */
dns_zone_setmasters(zone, NULL, 0);
#endif /* NOMINUM_PUBLIC */
dns_zone_setalsonotify(zone, NULL, 0);
zone->check_names = dns_severity_ignore;
if (zone->update_acl != NULL)
dns_acl_detach(&zone->update_acl);
if (zone->forward_acl != NULL)
dns_acl_detach(&zone->forward_acl);
#ifndef NOMINUM_PUBLIC
if (zone->notify_acl != NULL)
dns_acl_detach(&zone->notify_acl);
#endif /* NOMINUM_PUBLIC */
if (zone->query_acl != NULL)
dns_acl_detach(&zone->query_acl);
if (zone->xfr_acl != NULL)
@ -887,13 +864,14 @@ dns_zone_getjournal(dns_zone_t *zone) {
static isc_boolean_t
zone_isdynamic(dns_zone_t *zone) {
return (ISC_TF(zone->type == dns_zone_slave ||
zone->type == dns_zone_stub ||
zone->ssutable != NULL ||
(zone->update_acl != NULL &&
! (zone->update_acl->length == 0 &&
zone->update_acl->elements[0].negative == ISC_TRUE &&
zone->update_acl->elements[0].type ==
dns_aclelementtype_any))));
zone->type == dns_zone_stub ||
zone->ssutable != NULL ||
(zone->update_acl != NULL &&
! (zone->update_acl->length == 0 &&
zone->update_acl->elements[0].negative == ISC_TRUE
&&
zone->update_acl->elements[0].type ==
dns_aclelementtype_any))));
}
@ -1699,7 +1677,6 @@ dns_zone_setalsonotify(dns_zone_t *zone, isc_sockaddr_t *notify,
return (ISC_R_SUCCESS);
}
#ifndef NOMINUM_PUBLIC
isc_result_t
dns_zone_setmasters(dns_zone_t *zone, isc_sockaddr_t *masters,
isc_uint32_t count)
@ -1713,26 +1690,17 @@ dns_zone_setmasters(dns_zone_t *zone, isc_sockaddr_t *masters,
isc_result_t
dns_zone_setmasterswithkeys(dns_zone_t *zone, isc_sockaddr_t *masters,
dns_name_t **keynames, isc_uint32_t count)
#else /* NOMINUM_PUBLIC */
isc_result_t
dns_zone_setmasters(dns_zone_t *zone, isc_sockaddr_t *masters,
isc_uint32_t count)
#endif /* NOMINUM_PUBLIC */
{
isc_sockaddr_t *new;
isc_result_t result = ISC_R_SUCCESS;
#ifndef NOMINUM_PUBLIC
dns_name_t **newname;
unsigned int i;
#endif /* NOMINUM_PUBLIC */
REQUIRE(DNS_ZONE_VALID(zone));
REQUIRE(count == 0 || masters != NULL);
#ifndef NOMINUM_PUBLIC
if (keynames != NULL) {
REQUIRE(count != 0);
}
#endif /* NOMINUM_PUBLIC */
LOCK_ZONE(zone);
if (zone->masters != NULL) {
@ -1740,7 +1708,6 @@ dns_zone_setmasters(dns_zone_t *zone, isc_sockaddr_t *masters,
zone->masterscnt * sizeof *new);
zone->masters = NULL;
}
#ifndef NOMINUM_PUBLIC
if (zone->masterkeynames != NULL) {
for (i = 0; i < zone->masterscnt; i++) {
if (zone->masterkeynames[i] != NULL) {
@ -1756,7 +1723,6 @@ dns_zone_setmasters(dns_zone_t *zone, isc_sockaddr_t *masters,
zone->masterscnt * sizeof(dns_name_t *));
zone->masterkeynames = NULL;
}
#endif /* NOMINUM_PUBLIC */
zone->masterscnt = 0;
/*
* If count == 0, don't allocate any space for masters or keynames
@ -1779,7 +1745,6 @@ dns_zone_setmasters(dns_zone_t *zone, isc_sockaddr_t *masters,
zone->masterscnt = count;
DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_NOMASTERS);
#ifndef NOMINUM_PUBLIC
/*
* if keynames is non-NULL, it must contain count elements!
*/
@ -1820,7 +1785,6 @@ dns_zone_setmasters(dns_zone_t *zone, isc_sockaddr_t *masters,
}
zone->masterkeynames = newname;
}
#endif /* NOMINUM_PUBLIC */
unlock:
UNLOCK_ZONE(zone);
return (result);
@ -2199,36 +2163,6 @@ zone_unload(dns_zone_t *zone) {
DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_LOADED);
}
#ifndef NOMINUM_PUBLIC
/*
* Note: the only reason this is protected is to avoid a compiler warning
* about an unused static function. The protection can be removed if
* this is needed elsewhere.
*/
static void
zone_deletefile(dns_zone_t *zone) {
const char me[] = "zone_deletefile";
isc_result_t result;
/*
* Locked by caller.
*/
REQUIRE(LOCKED_ZONE(zone));
if (zone->masterfile == NULL)
return;
result = isc_file_remove(zone->masterfile);
if (result != ISC_R_SUCCESS) {
zone_log(zone, me, ISC_LOG_WARNING,
"failed to delete '%s': %s",
zone->masterfile, dns_result_totext(result));
}
if (zone->journal != NULL)
(void)isc_file_remove(zone->journal);
}
#endif /* NOMINUM_PUBLIC */
void
dns_zone_setminrefreshtime(dns_zone_t *zone, isc_uint32_t val) {
REQUIRE(DNS_ZONE_VALID(zone));
@ -2261,21 +2195,6 @@ dns_zone_setmaxretrytime(dns_zone_t *zone, isc_uint32_t val) {
zone->maxretry = val;
}
#ifndef NOMINUM_PUBLIC
void
dns_zone_setmaxnames(dns_zone_t *zone, isc_uint32_t val) {
REQUIRE(DNS_ZONE_VALID(zone));
zone->maxnames = val;
}
isc_uint32_t dns_zone_getmaxnames(dns_zone_t *zone) {
REQUIRE(DNS_ZONE_VALID(zone));
return (zone->maxnames);
}
#endif /* NOMINUM_PUBLIC */
static isc_boolean_t
notify_isqueued(dns_zone_t *zone, dns_name_t *name, isc_sockaddr_t *addr) {
dns_notify_t *notify;
@ -3239,9 +3158,7 @@ refresh_callback(isc_task_t *task, isc_event_t *event) {
zone_log(zone, me, ISC_LOG_DEBUG(1), "Serial: new %u, old %u",
serial, zone->serial);
if (!DNS_ZONE_FLAG(zone, DNS_ZONEFLG_LOADED) ||
#ifndef NOMINUM_PUBLIC
DNS_ZONE_FLAG(zone, DNS_ZONEFLG_FORCELOAD) ||
#endif /* NOMINUM_PUBLIC */
isc_serial_gt(serial, zone->serial)) {
tcp_transfer:
isc_event_free(&event);
@ -3964,9 +3881,9 @@ dns_zone_notifyreceive(dns_zone_t *zone, isc_sockaddr_t *from,
isc_result_t result;
isc_stdtime_t now;
char fromtext[ISC_SOCKADDR_FORMATSIZE];
#ifndef NOMINUM_PUBLIC
int match = 0;
isc_netaddr_t netaddr;
#ifdef NOMINUM_PUBLIC
isc_boolean_t forward = ISC_FALSE;
#endif /* NOMINUM_PUBLIC */
@ -4025,7 +3942,6 @@ dns_zone_notifyreceive(dns_zone_t *zone, isc_sockaddr_t *from,
if (isc_sockaddr_eqaddr(from, &zone->masters[i]))
break;
#ifndef NOMINUM_PUBLIC
/*
* Accept notify requests from non masters if they are on
* 'zone->notify_acl'. If DNS_ZONEOPT_NOTIFYFORWARD is set
@ -4035,13 +3951,12 @@ dns_zone_notifyreceive(dns_zone_t *zone, isc_sockaddr_t *from,
if (i >= zone->masterscnt && zone->notify_acl != NULL &&
dns_acl_match(&netaddr, NULL, zone->notify_acl, NULL, &match,
NULL) == ISC_R_SUCCESS && match > 0) {
#ifndef NOMINUM_PUBLIC
if (DNS_ZONE_OPTION(zone, DNS_ZONEOPT_NOTIFYFORWARD))
forward = ISC_TRUE;
/* Accept notify. */
} else
#endif /* NOMINUM_PUBLIC */
if (i >= zone->masterscnt) {
/* Accept notify. */
} else if (i >= zone->masterscnt) {
UNLOCK_ZONE(zone);
zone_log(zone, me, ISC_LOG_DEBUG(3),
"REFUSED notify from non master: %s", fromtext);
@ -4111,7 +4026,6 @@ dns_zone_notifyreceive(dns_zone_t *zone, isc_sockaddr_t *from,
return (ISC_R_SUCCESS);
}
#ifndef NOMINUM_PUBLIC
void
dns_zone_setnotifyacl(dns_zone_t *zone, dns_acl_t *acl) {
@ -4123,7 +4037,6 @@ dns_zone_setnotifyacl(dns_zone_t *zone, dns_acl_t *acl) {
dns_acl_attach(acl, &zone->notify_acl);
UNLOCK_ZONE(zone);
}
#endif /* NOMINUM_PUBLIC */
void
dns_zone_setqueryacl(dns_zone_t *zone, dns_acl_t *acl) {
@ -4173,7 +4086,6 @@ dns_zone_setxfracl(dns_zone_t *zone, dns_acl_t *acl) {
UNLOCK_ZONE(zone);
}
#ifndef NOMINUM_PUBLIC
dns_acl_t *
dns_zone_getnotifyacl(dns_zone_t *zone) {
@ -4181,7 +4093,6 @@ dns_zone_getnotifyacl(dns_zone_t *zone) {
return (zone->notify_acl);
}
#endif /* NOMINUM_PUBLIC */
dns_acl_t *
dns_zone_getqueryacl(dns_zone_t *zone) {
@ -4237,7 +4148,6 @@ dns_zone_clearforwardacl(dns_zone_t *zone) {
UNLOCK_ZONE(zone);
}
#ifndef NOMINUM_PUBLIC
void
dns_zone_clearnotifyacl(dns_zone_t *zone) {
@ -4248,7 +4158,6 @@ dns_zone_clearnotifyacl(dns_zone_t *zone) {
dns_acl_detach(&zone->notify_acl);
UNLOCK_ZONE(zone);
}
#endif /* NOMINUM_PUBLIC */
void
dns_zone_clearqueryacl(dns_zone_t *zone) {
@ -4723,18 +4632,6 @@ zone_xfrdone(dns_zone_t *zone, isc_result_t result) {
break;
#ifndef NOMINUM_PUBLIC
case DNS_R_ZONETOOLARGE:
zone_log(zone, me, ISC_LOG_WARNING,
"transfer aborted, zone unloaded",
dns_result_totext(result));
if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_LOADED)) {
zone_unload(zone);
zone_deletefile(zone);
}
break;
#endif /* NOMINUM_PUBLIC */
default:
zone->curmaster++;
same_master:
@ -4939,7 +4836,6 @@ got_transfer_quota(isc_task_t *task, isc_event_t *event) {
* Determine if we should attempt to sign the request with TSIG.
*/
result = ISC_R_NOTFOUND;
#ifndef NOMINUM_PUBLIC
/*
* First, look for a tsig key in the master statement, then
* try for a server key.
@ -4950,7 +4846,6 @@ got_transfer_quota(isc_task_t *task, isc_event_t *event) {
dns_name_t *keyname = zone->masterkeynames[zone->curmaster];
result = dns_view_gettsig(view, keyname, &tsigkey);
}
#endif /* NOMINUM_PUBLIC */
if (tsigkey == NULL)
result = dns_view_getpeertsig(zone->view, &masterip, &tsigkey);