From 475c936d4cd0fb83700eb3e022aaecc5626b9b4f Mon Sep 17 00:00:00 2001 From: James Brister Date: Fri, 7 Jul 2000 23:11:48 +0000 Subject: [PATCH] 314. [func] Inet controls named.conf statement can now have any non-negative number of keys specified. --- CHANGES | 3 +++ bin/tests/named.conf | 4 +-- lib/dns/config/confctl.c | 30 ++++++++++------------ lib/dns/config/confkeys.c | 4 +-- lib/dns/config/confparser.y | 48 +++++++++++++++++++++++++++-------- lib/dns/include/dns/confctl.h | 7 ++--- 6 files changed, 63 insertions(+), 33 deletions(-) diff --git a/CHANGES b/CHANGES index b7d4da53d8..662c05e8c6 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,6 @@ + 314. [func] Inet controls named.conf statement can now have + any non-negative number of keys specified. + 313. [bug] When parsing resolv.conf, don't terminate on an error. Instead, parse as much as possible, but still return an error if one was found. diff --git a/bin/tests/named.conf b/bin/tests/named.conf index 0f6650710a..3e7c85e1f8 100644 --- a/bin/tests/named.conf +++ b/bin/tests/named.conf @@ -15,7 +15,7 @@ * SOFTWARE. */ -/* $Id: named.conf,v 1.39 2000/07/07 13:56:09 brister Exp $ */ +/* $Id: named.conf,v 1.40 2000/07/07 23:11:41 brister Exp $ */ /* * This is a worthless, nonrunnable example of a named.conf file that has @@ -200,7 +200,7 @@ options { controls { inet * port 52 allow { any; }; // a bad idea inet 10.0.0.1 allow { any; }; // a bad idea - inet 10.0.0.2 allow { none; } keys "foo"; // a bad idea + inet 10.0.0.2 allow { none; } keys { "key-1"; "key-2"; };// a bad idea unix "/var/run/ndc" perm 0600 owner 0 group 0; // the default }; diff --git a/lib/dns/config/confctl.c b/lib/dns/config/confctl.c index 627811e861..dd78ee74a9 100644 --- a/lib/dns/config/confctl.c +++ b/lib/dns/config/confctl.c @@ -15,7 +15,7 @@ * SOFTWARE. */ -/* $Id: confctl.c,v 1.22 2000/07/07 14:30:00 brister Exp $ */ +/* $Id: confctl.c,v 1.23 2000/07/07 23:11:42 brister Exp $ */ #include @@ -105,7 +105,7 @@ dns_c_ctrllist_delete(dns_c_ctrllist_t **list) { isc_result_t dns_c_ctrlinet_new(isc_mem_t *mem, dns_c_ctrl_t **control, isc_sockaddr_t addr, in_port_t port, - dns_c_ipmatchlist_t *iml, const char *key, + dns_c_ipmatchlist_t *iml, dns_c_kidlist_t *keylist, isc_boolean_t copy) { dns_c_ctrl_t *ctrl; @@ -124,14 +124,10 @@ dns_c_ctrlinet_new(isc_mem_t *mem, dns_c_ctrl_t **control, ctrl->control_type = dns_c_inet_control; ctrl->u.inet_v.addr = addr; ctrl->u.inet_v.port = port; - ctrl->u.inet_v.key = NULL; + ctrl->keyidlist = NULL; - if (key != NULL) { - ctrl->u.inet_v.key = isc_mem_strdup(mem, key); - if (ctrl->u.inet_v.key == NULL) { - isc_mem_put(mem, ctrl, sizeof *ctrl); - return (ISC_R_NOMEMORY); - } + if (keylist != NULL) { + ctrl->keyidlist = keylist; } if (copy) { @@ -177,6 +173,8 @@ dns_c_ctrlunix_new(isc_mem_t *mem, dns_c_ctrl_t **control, ctrl->u.unix_v.perm = perm; ctrl->u.unix_v.owner = uid; ctrl->u.unix_v.group = gid; + + ctrl->keyidlist = NULL; *control = ctrl; @@ -206,10 +204,6 @@ dns_c_ctrl_delete(dns_c_ctrl_t **control) { else res = ISC_R_SUCCESS; - if (ctrl->u.inet_v.key != NULL) { - isc_mem_free(mem, ctrl->u.inet_v.key); - } - break; case dns_c_unix_control: @@ -218,6 +212,10 @@ dns_c_ctrl_delete(dns_c_ctrl_t **control) { break; } + if (ctrl->keyidlist != NULL) { + dns_c_kidlist_delete(&ctrl->keyidlist); + } + ctrl->magic = 0; isc_mem_put(mem, ctrl, sizeof *ctrl); @@ -253,11 +251,11 @@ dns_c_ctrl_print(FILE *fp, int indent, dns_c_ctrl_t *ctl) { fprintf(fp, "allow "); dns_c_ipmatchlist_print(fp, indent + 2, iml); - if (ctl->u.inet_v.key != NULL) { + if (ctl->keyidlist != NULL) { fprintf(fp, "\n"); - dns_c_printtabs(fp, indent + 1); - fprintf(fp, "keys { \"%s\" ; }", ctl->u.inet_v.key); + dns_c_kidlist_print(fp, indent + 1, ctl->keyidlist); } + fprintf(fp, ";\n"); } else { /* The "#" means force a leading zero */ diff --git a/lib/dns/config/confkeys.c b/lib/dns/config/confkeys.c index 05591e0dd6..f18cd908cb 100644 --- a/lib/dns/config/confkeys.c +++ b/lib/dns/config/confkeys.c @@ -15,7 +15,7 @@ * SOFTWARE. */ -/* $Id: confkeys.c,v 1.23 2000/06/05 09:17:07 brister Exp $ */ +/* $Id: confkeys.c,v 1.24 2000/07/07 23:11:43 brister Exp $ */ #include @@ -558,7 +558,7 @@ dns_c_kidlist_print(FILE *fp, int indent, } dns_c_printtabs(fp, indent); - fprintf(fp, "};\n"); + fprintf(fp, "}"); } diff --git a/lib/dns/config/confparser.y b/lib/dns/config/confparser.y index b17a8806d7..06d503566b 100644 --- a/lib/dns/config/confparser.y +++ b/lib/dns/config/confparser.y @@ -16,7 +16,7 @@ * SOFTWARE. */ -/* $Id: confparser.y,v 1.100 2000/07/07 13:56:11 brister Exp $ */ +/* $Id: confparser.y,v 1.101 2000/07/07 23:11:45 brister Exp $ */ #include @@ -226,6 +226,7 @@ static isc_boolean_t int_too_big(isc_uint32_t base, isc_uint32_t mult); dns_rdataclass_t orderclass; dns_c_ordering_t ordering; dns_c_iplist_t *iplist; + dns_c_kidlist_t *kidlist; } /* Misc */ @@ -443,7 +444,8 @@ static isc_boolean_t int_too_big(isc_uint32_t base, isc_uint32_t mult); %type channel_name %type domain_name %type key_value -%type control_key +%type control_keys +%type keyid_list %type ordering_name %type secret %type transfer_format @@ -1491,17 +1493,13 @@ controls: control L_EOS control: /* Empty */ | L_INET maybe_wild_addr control_port - L_ALLOW L_LBRACE address_match_list L_RBRACE control_key + L_ALLOW L_LBRACE address_match_list L_RBRACE control_keys { dns_c_ctrl_t *control; tmpres = dns_c_ctrlinet_new(currcfg->mem, &control, $2, $3, $6, $8, ISC_FALSE); - if ($8 != NULL) { - isc_mem_free(memctx, $8); - } - if (tmpres != ISC_R_SUCCESS) { parser_error(ISC_FALSE, "failed to build inet control structure"); @@ -1529,13 +1527,13 @@ control: /* Empty */ ; -control_key: /* nothing */ +control_keys: /* nothing */ { $$ = NULL; } - | L_KEYS key_value + | L_KEYS L_LBRACE keyid_list L_RBRACE { - $$ = $2; + $$ = $3; }; @@ -2867,6 +2865,36 @@ key_value: L_LBRACE any_string maybe_eos L_RBRACE }; +keyid_list: /* nothing */ + { + dns_c_kidlist_t *kidlist = NULL; + + tmpres = dns_c_kidlist_new(currcfg->mem, &kidlist); + if (tmpres != ISC_R_SUCCESS) { + parser_error(ISC_FALSE, "failed to create kidlist"); + YYABORT; + } + + $$ = kidlist; + } + | keyid_list any_string L_EOS + { + dns_c_kid_t *kid = NULL; + + tmpres = dns_c_kid_new($$->mem, $2, &kid); + if (tmpres != ISC_R_SUCCESS) { + parser_error(ISC_FALSE, "failed to create key id"); + dns_c_kidlist_delete(&$$); + $$ = NULL; + YYABORT; + } + + isc_mem_free(memctx, $2); + + dns_c_kidlist_append($$, kid); + }; + + /* * Address Matching */ diff --git a/lib/dns/include/dns/confctl.h b/lib/dns/include/dns/confctl.h index 3577b2699a..6102ef31c4 100644 --- a/lib/dns/include/dns/confctl.h +++ b/lib/dns/include/dns/confctl.h @@ -15,7 +15,7 @@ * SOFTWARE. */ -/* $Id: confctl.h,v 1.16 2000/07/07 13:56:13 brister Exp $ */ +/* $Id: confctl.h,v 1.17 2000/07/07 23:11:47 brister Exp $ */ #ifndef DNS_CONFCTL_H #define DNS_CONFCTL_H 1 @@ -61,6 +61,7 @@ #include #include +#include #define DNS_C_CONFCTL_MAGIC 0x4363746cU #define DNS_C_CONFCTLLIST_MAGIC 0x4354424cU @@ -87,7 +88,6 @@ struct dns_c_ctrl { isc_sockaddr_t addr; in_port_t port; dns_c_ipmatchlist_t *matchlist; - char *key; } inet_v; /* when control_type == dns_c_inet_control */ struct { char *pathname; @@ -96,6 +96,7 @@ struct dns_c_ctrl { gid_t group; } unix_v; /* when control_type == dns_c_unix_control */ } u; + dns_c_kidlist_t *keyidlist; ISC_LINK(dns_c_ctrl_t) next; }; @@ -117,7 +118,7 @@ ISC_LANG_BEGINDECLS isc_result_t dns_c_ctrlinet_new(isc_mem_t *mem, dns_c_ctrl_t **control, isc_sockaddr_t addr, in_port_t port, - dns_c_ipmatchlist_t *iml, const char *key, + dns_c_ipmatchlist_t *iml, dns_c_kidlist_t *keylist, isc_boolean_t copy); /* * Creates a new INET control object. If COPY is true then a deep copy is