upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-06-11 02:49:59 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Implement additional-from-{glue,auth} [ yes | no ] ;

Browse source 
with yes being the default.  These control searching in the cache and
other zones we are authorative for.  This is mostly for gdib, but
may be useful elsewhere.

The config changes are renaming from glue-from-* to additional-from-*,
since this also prevents DNAME, CNAME, NS, MX, etc. additional data
from being followed.
This commit is contained in:
Michael Graff 2000-07-31 21:07:07 +00:00
parent 23b251fbf2
commit 6d3496c045
10 changed files with 140 additions and 82 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
bin/named/include/named/query.h
View file

@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: query.h,v 1.19 2000/07/27 09:37:23 tale Exp $ */
/* $Id: query.h,v 1.20 2000/07/31 21:06:58 explorer Exp $ */
#ifndef NAMED_QUERY_H
#define NAMED_QUERY_H 1
@ -44,6 +44,7 @@ struct ns_query {
unsigned int dboptions;
unsigned int fetchoptions;
dns_db_t * gluedb;
dns_db_t * authdb;
dns_fetch_t * fetch;
dns_a6context_t a6ctx;
isc_bufferlist_t namebufs;

44
bin/named/query.c
View file

@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: query.c,v 1.118 2000/07/27 09:37:06 tale Exp $ */
/* $Id: query.c,v 1.119 2000/07/31 21:06:55 explorer Exp $ */
#include <config.h>
@ -131,6 +131,9 @@ query_reset(ns_client_t *client, isc_boolean_t everything) {
}
ISC_LIST_INIT(client->query.activeversions);
if (client->query.authdb != NULL)
dns_db_detach(&client->query.authdb);
/*
* Clean up free versions.
*/
@ -171,6 +174,7 @@ query_reset(ns_client_t *client, isc_boolean_t everything) {
client->query.dboptions = 0;
client->query.fetchoptions = 0;
client->query.gluedb = NULL;
client->query.authdb = NULL;
}
static void
@ -395,6 +399,7 @@ ns_query_init(ns_client_t *client) {
client->query.restarts = 0;
client->query.qname = NULL;
client->query.fetch = NULL;
client->query.authdb = NULL;
query_reset(client, ISC_FALSE);
result = query_newdbversion(client, 3);
if (result != ISC_R_SUCCESS)
@ -420,7 +425,8 @@ query_findversion(ns_client_t *client, dns_db_t *db,
dbversion = ISC_LIST_NEXT(dbversion, link)) {
if (dbversion->db == db)
break;
}
}
if (dbversion == NULL) {
/*
* This is a new zone for this query. Add it to
@ -465,6 +471,31 @@ query_getzonedb(ns_client_t *client, dns_name_t *name, unsigned int options,
if (result != ISC_R_SUCCESS)
return (result);
/*
* If this is the first time we are called (that is, looking up
* the actual name in the query section) remember this database.
*
* If authdb is non-NULL, we have been here before, and the
* found database is always returned.
*
* This limits our searching to the zone where the first name
* (the query target) is found. This prevents following CNAMES
* or DNAMES into other zones and prevents returning additional
* data from other zones.
*/
if (!client->view->additionalfromauth) {
if (client->query.authdb != NULL) {
if (*dbp != client->query.authdb) {
dns_zone_detach(zonep);
dns_db_detach(dbp);
return (DNS_R_REFUSED);
}
dns_db_attach(client->query.authdb, dbp);
} else {
dns_db_attach(*dbp, &client->query.authdb);
}
}
/*
* If the zone has an ACL, we'll check it, otherwise
* we use the view's "allow-query" ACL. Each ACL is only checked
@ -533,7 +564,7 @@ query_getzonedb(ns_client_t *client, dns_name_t *name, unsigned int options,
* the NS_QUERYATTR_QUERYOK attribute is now valid.
*/
client->query.attributes |= NS_QUERYATTR_QUERYOKVALID;
}
}
} else
result = ISC_R_SUCCESS;
@ -543,12 +574,10 @@ query_getzonedb(ns_client_t *client, dns_name_t *name, unsigned int options,
*/
if (result == ISC_R_SUCCESS)
dbversion->queryok = ISC_TRUE;
return (result);
}
static inline isc_result_t
query_getcachedb(ns_client_t *client, dns_db_t **dbp, unsigned int options)
{
@ -2859,7 +2888,8 @@ ns_query_start(ns_client_t *client) {
*/
client->next = query_next;
if (client->view->cachedb == NULL) {
if ((client->view->cachedb == NULL)
|| (!client->view->additionalfromcache)) {
/*
* We don't have a cache. Turn off cache support and
* recursion.

25
bin/named/server.c
View file

@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: server.c,v 1.205 2000/07/27 09:37:07 tale Exp $ */
/* $Id: server.c,v 1.206 2000/07/31 21:06:56 explorer Exp $ */
#include <config.h>
@ -616,6 +616,29 @@ configure_view(dns_view_t *view, dns_c_ctx_t *cctx, dns_c_view_t *cview,
if (result != ISC_R_SUCCESS)
view->transfer_format = dns_many_answers;
/*
* Set sources where additional data, CNAMEs, and DNAMEs may be found.
*/
result = ISC_R_NOTFOUND;
if (cview != NULL)
result = dns_c_view_getadditionalfromauth(cview,
&view->additionalfromauth);
if (result != ISC_R_SUCCESS)
result = dns_c_ctx_getadditionalfromauth(cctx,
&view->additionalfromauth);
if (result != ISC_R_SUCCESS)
view->additionalfromauth = ISC_TRUE;
result = ISC_R_NOTFOUND;
if (cview != NULL)
result = dns_c_view_getadditionalfromcache(cview,
&view->additionalfromcache);
if (result != ISC_R_SUCCESS)
result = dns_c_ctx_getadditionalfromcache(cctx,
&view->additionalfromcache);
if (result != ISC_R_SUCCESS)
view->additionalfromcache = ISC_TRUE;
CHECK(configure_view_acl(cview, cctx, actx, ns_g_mctx,
dns_c_view_getallowquery,
dns_c_ctx_getallowquery,

26
lib/dns/config/confctx.c
View file

@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: confctx.c,v 1.77 2000/07/27 09:47:01 tale Exp $ */
/* $Id: confctx.c,v 1.78 2000/07/31 21:07:00 explorer Exp $ */
#include <config.h>
@ -982,8 +982,8 @@ dns_c_ctx_optionsprint(FILE *fp, int indent, dns_c_options_t *options)
PRINT_AS_BOOLEAN(request_ixfr, "request-ixfr");
PRINT_AS_BOOLEAN(provide_ixfr, "provide-ixfr");
PRINT_AS_BOOLEAN(treat_cr_as_space, "treat-cr-as-space");
PRINT_AS_BOOLEAN(glue_from_auth, "glue-from-auth");
PRINT_AS_BOOLEAN(glue_from_cache, "glue-from-cache");
PRINT_AS_BOOLEAN(additional_from_auth, "additional-from-auth");
PRINT_AS_BOOLEAN(additional_from_cache, "additional-from-cache");
if (options->transfer_format != NULL) {
dns_c_printtabs(fp, indent + 1);
@ -1499,8 +1499,8 @@ dns_c_ctx_optionsnew(isc_mem_t *mem, dns_c_options_t **options)
opts->request_ixfr = NULL;
opts->provide_ixfr = NULL;
opts->treat_cr_as_space = NULL;
opts->glue_from_auth = NULL;
opts->glue_from_cache = NULL;
opts->additional_from_auth = NULL;
opts->additional_from_cache = NULL;
opts->transfer_source = NULL;
opts->transfer_source_v6 = NULL;
@ -1607,8 +1607,8 @@ dns_c_ctx_optionsdelete(dns_c_options_t **opts)
FREEFIELD(request_ixfr);
FREEFIELD(provide_ixfr);
FREEFIELD(treat_cr_as_space);
FREEFIELD(glue_from_cache);
FREEFIELD(glue_from_auth);
FREEFIELD(additional_from_cache);
FREEFIELD(additional_from_auth);
FREEFIELD(port);
@ -1975,14 +1975,14 @@ SETBOOL(treatcrasspace, treat_cr_as_space)
UNSETBOOL(treatcrasspace, treat_cr_as_space)
GETBOOL(gluefromauth, glue_from_auth)
SETBOOL(gluefromauth, glue_from_auth)
UNSETBOOL(gluefromauth, glue_from_auth)
GETBOOL(additionalfromauth, additional_from_auth)
SETBOOL(additionalfromauth, additional_from_auth)
UNSETBOOL(additionalfromauth, additional_from_auth)
GETBOOL(gluefromcache, glue_from_cache)
SETBOOL(gluefromcache, glue_from_cache)
UNSETBOOL(gluefromcache, glue_from_cache)
GETBOOL(additionalfromcache, additional_from_cache)
SETBOOL(additionalfromcache, additional_from_cache)
UNSETBOOL(additionalfromcache, additional_from_cache)
GETSOCKADDR(transfersource, transfer_source)

38
lib/dns/config/confparser.y.dirty
View file

@ -16,7 +16,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: confparser.y.dirty,v 1.4 2000/07/31 19:35:31 explorer Exp $ */
/* $Id: confparser.y.dirty,v 1.5 2000/07/31 21:07:02 explorer Exp $ */
#include <config.h>
@ -283,8 +283,8 @@ static isc_boolean_t int_too_big(isc_uint32_t base, isc_uint32_t mult);
%token L_FIRST
%token L_FORWARD
%token L_FORWARDERS
%token L_GLUE_FROM_AUTH
%token L_GLUE_FROM_CACHE
%token L_ADDITIONAL_FROM_AUTH
%token L_ADDITIONAL_FROM_CACHE
%token L_GRANT
%token L_GROUP
%token L_HAS_OLD_CLIENTS
@ -890,21 +890,21 @@ option: /* Empty */
YYABORT;
}
}
| L_GLUE_FROM_CACHE yea_or_nay
| L_ADDITIONAL_FROM_CACHE yea_or_nay
{
tmpres = dns_c_ctx_setgluefromcache(currcfg, $2);
tmpres = dns_c_ctx_setadditionalfromcache(currcfg, $2);
if (tmpres == ISC_R_EXISTS) {
parser_error(ISC_FALSE,
"cannot redefine glue-from-cache");
"cannot redefine additional-from-cache");
YYABORT;
}
}
| L_GLUE_FROM_AUTH yea_or_nay
| L_ADDITIONAL_FROM_AUTH yea_or_nay
{
tmpres = dns_c_ctx_setgluefromauth(currcfg, $2);
tmpres = dns_c_ctx_setadditionalfromauth(currcfg, $2);
if (tmpres == ISC_R_EXISTS) {
parser_error(ISC_FALSE,
"cannot redefine glue-from-auth");
"cannot redefine additional-from-auth");
YYABORT;
}
}
@ -3712,37 +3712,37 @@ view_option: L_FORWARD zone_forward_opt
YYABORT;
}
}
| L_GLUE_FROM_CACHE yea_or_nay
| L_ADDITIONAL_FROM_CACHE yea_or_nay
{
dns_c_view_t *view = dns_c_ctx_getcurrview(currcfg);
INSIST(view != NULL);
tmpres = dns_c_view_setgluefromcache(view, $2);
tmpres = dns_c_view_setadditionalfromcache(view, $2);
if (tmpres == ISC_R_EXISTS) {
parser_error(ISC_FALSE,
"cannot redefine view glue-from-cache");
"cannot redefine view additional-from-cache");
YYABORT;
} else if (tmpres != ISC_R_SUCCESS) {
parser_error(ISC_FALSE,
"failed to set view glue-from-cache");
"failed to set view additional-from-cache");
YYABORT;
}
}
| L_GLUE_FROM_AUTH yea_or_nay
| L_ADDITIONAL_FROM_AUTH yea_or_nay
{
dns_c_view_t *view = dns_c_ctx_getcurrview(currcfg);
INSIST(view != NULL);
tmpres = dns_c_view_setgluefromauth(view, $2);
tmpres = dns_c_view_setadditionalfromauth(view, $2);
if (tmpres == ISC_R_EXISTS) {
parser_error(ISC_FALSE,
"cannot redefine view glue-from-auth");
"cannot redefine view additional-from-auth");
YYABORT;
} else if (tmpres != ISC_R_SUCCESS) {
parser_error(ISC_FALSE,
"failed to set view glue-from-auth");
"failed to set view additional-from-auth");
YYABORT;
}
}
@ -5309,8 +5309,8 @@ static struct token keyword_tokens [] = {
{ "first", L_FIRST },
{ "forward", L_FORWARD },
{ "forwarders", L_FORWARDERS },
{ "glue-from-auth", L_GLUE_FROM_AUTH },
{ "glue-from-cache", L_GLUE_FROM_CACHE },
{ "additional-from-auth", L_ADDITIONAL_FROM_AUTH },
{ "additional-from-cache", L_ADDITIONAL_FROM_CACHE },
{ "grant", L_GRANT },
{ "group", L_GROUP },
{ "has-old-clients", L_HAS_OLD_CLIENTS },

26
lib/dns/config/confview.c
View file

@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: confview.c,v 1.40 2000/07/27 09:47:13 tale Exp $ */
/* $Id: confview.c,v 1.41 2000/07/31 21:07:03 explorer Exp $ */
#include <config.h>
@ -474,8 +474,8 @@ dns_c_view_new(isc_mem_t *mem, const char *name, dns_rdataclass_t viewclass,
view->fetch_glue = NULL;
view->notify = NULL;
view->rfc2308_type1 = NULL;
view->glue_from_cache = NULL;
view->glue_from_auth = NULL;
view->additional_from_cache = NULL;
view->additional_from_auth = NULL;
view->transfer_source = NULL;
view->transfer_source_v6 = NULL;
@ -667,8 +667,8 @@ dns_c_view_print(FILE *fp, int indent, dns_c_view_t *view) {
PRINT_AS_BOOLEAN(fetch_glue, "fetch-glue");
PRINT_AS_BOOLEAN(notify, "notify");
PRINT_AS_BOOLEAN(rfc2308_type1, "rfc2308-type1");
PRINT_AS_BOOLEAN(glue_from_auth, "glue-from-auth");
PRINT_AS_BOOLEAN(glue_from_cache, "glue-from-cache");
PRINT_AS_BOOLEAN(additional_from_auth, "additional-from-auth");
PRINT_AS_BOOLEAN(additional_from_cache, "additional-from-cache");
PRINT_IP(transfer_source, "transfer-source");
@ -806,8 +806,8 @@ dns_c_view_delete(dns_c_view_t **viewptr) {
FREEFIELD(fetch_glue);
FREEFIELD(notify);
FREEFIELD(rfc2308_type1);
FREEFIELD(glue_from_auth);
FREEFIELD(glue_from_cache);
FREEFIELD(additional_from_auth);
FREEFIELD(additional_from_cache);
FREEFIELD(transfer_source);
FREEFIELD(transfer_source_v6);
@ -1477,13 +1477,13 @@ SETBOOL(rfc2308type1, rfc2308_type1)
GETBOOL(rfc2308type1, rfc2308_type1)
UNSETBOOL(rfc2308type1, rfc2308_type1)
SETBOOL(gluefromcache, glue_from_cache)
GETBOOL(gluefromcache, glue_from_cache)
UNSETBOOL(gluefromcache, glue_from_cache)
SETBOOL(additionalfromcache, additional_from_cache)
GETBOOL(additionalfromcache, additional_from_cache)
UNSETBOOL(additionalfromcache, additional_from_cache)
SETBOOL(gluefromauth, glue_from_auth)
GETBOOL(gluefromauth, glue_from_auth)
UNSETBOOL(gluefromauth, glue_from_auth)
SETBOOL(additionalfromauth, additional_from_auth)
GETBOOL(additionalfromauth, additional_from_auth)
UNSETBOOL(additionalfromauth, additional_from_auth)
GETSOCKADDR(transfersource, transfer_source)
SETSOCKADDR(transfersource, transfer_source)

26
lib/dns/include/dns/confctx.h
View file

@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: confctx.h,v 1.46 2000/07/27 09:47:34 tale Exp $ */
/* $Id: confctx.h,v 1.47 2000/07/31 21:07:04 explorer Exp $ */
#ifndef DNS_CONFCTX_H
#define DNS_CONFCTX_H 1
@ -167,8 +167,8 @@ struct dns_c_options {
isc_boolean_t *request_ixfr;
isc_boolean_t *provide_ixfr;
isc_boolean_t *treat_cr_as_space;
isc_boolean_t *glue_from_cache;
isc_boolean_t *glue_from_auth;
isc_boolean_t *additional_from_cache;
isc_boolean_t *additional_from_auth;
isc_sockaddr_t *transfer_source;
isc_sockaddr_t *transfer_source_v6;
@ -587,18 +587,18 @@ isc_result_t dns_c_ctx_gettreatcrasspace(dns_c_ctx_t *cfg,
isc_boolean_t *retval);
isc_result_t dns_c_ctx_getgluefromcache(dns_c_ctx_t *cfg,
isc_boolean_t *retval);
isc_result_t dns_c_ctx_setgluefromcache(dns_c_ctx_t *cfg,
isc_boolean_t newval);
isc_result_t dns_c_ctx_unsetgluefromcache(dns_c_ctx_t *ctx);
isc_result_t dns_c_ctx_getadditionalfromcache(dns_c_ctx_t *cfg,
isc_boolean_t *retval);
isc_result_t dns_c_ctx_setadditionalfromcache(dns_c_ctx_t *cfg,
isc_boolean_t newval);
isc_result_t dns_c_ctx_unsetadditionalfromcache(dns_c_ctx_t *ctx);
isc_result_t dns_c_ctx_getgluefromauth(dns_c_ctx_t *cfg,
isc_boolean_t *retval);
isc_result_t dns_c_ctx_setgluefromauth(dns_c_ctx_t *cfg,
isc_boolean_t newval);
isc_result_t dns_c_ctx_unsetgluefromauth(dns_c_ctx_t *ctx);
isc_result_t dns_c_ctx_getadditionalfromauth(dns_c_ctx_t *cfg,
isc_boolean_t *retval);
isc_result_t dns_c_ctx_setadditionalfromauth(dns_c_ctx_t *cfg,
isc_boolean_t newval);
isc_result_t dns_c_ctx_unsetadditionalfromauth(dns_c_ctx_t *ctx);
isc_result_t dns_c_ctx_unsettreatcrasspace(dns_c_ctx_t *cfg);

26
lib/dns/include/dns/confview.h
View file

@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: confview.h,v 1.34 2000/07/27 09:47:44 tale Exp $ */
/* $Id: confview.h,v 1.35 2000/07/31 21:07:06 explorer Exp $ */
#ifndef DNS_CONFVIEW_H
#define DNS_CONFVIEW_H 1
@ -124,8 +124,8 @@ struct dns_c_view {
isc_boolean_t *fetch_glue;
isc_boolean_t *notify;
isc_boolean_t *rfc2308_type1;
isc_boolean_t *glue_from_auth;
isc_boolean_t *glue_from_cache;
isc_boolean_t *additional_from_auth;
isc_boolean_t *additional_from_cache;
isc_sockaddr_t *query_source;
isc_sockaddr_t *query_source_v6;
@ -351,18 +351,18 @@ isc_result_t dns_c_view_setrfc2308type1(dns_c_view_t *view,
isc_result_t dns_c_view_unsetrfc2308type1(dns_c_view_t *view);
isc_result_t dns_c_view_getgluefromauth(dns_c_view_t *view,
isc_boolean_t *retval);
isc_result_t dns_c_view_setgluefromauth(dns_c_view_t *view,
isc_boolean_t newval);
isc_result_t dns_c_view_unsetgluefromauth(dns_c_view_t *view);
isc_result_t dns_c_view_getadditionalfromauth(dns_c_view_t *view,
isc_boolean_t *retval);
isc_result_t dns_c_view_setadditionalfromauth(dns_c_view_t *view,
isc_boolean_t newval);
isc_result_t dns_c_view_unsetadditionalfromauth(dns_c_view_t *view);
isc_result_t dns_c_view_getgluefromcache(dns_c_view_t *view,
isc_boolean_t *retval);
isc_result_t dns_c_view_setgluefromcache(dns_c_view_t *view,
isc_boolean_t newval);
isc_result_t dns_c_view_unsetgluefromcache(dns_c_view_t *view);
isc_result_t dns_c_view_getadditionalfromcache(dns_c_view_t *view,
isc_boolean_t *retval);
isc_result_t dns_c_view_setadditionalfromcache(dns_c_view_t *view,
isc_boolean_t newval);
isc_result_t dns_c_view_unsetadditionalfromcache(dns_c_view_t *view);

4
lib/dns/include/dns/view.h
View file

@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: view.h,v 1.45 2000/07/27 09:48:38 tale Exp $ */
/* $Id: view.h,v 1.46 2000/07/31 21:07:07 explorer Exp $ */
#ifndef DNS_VIEW_H
#define DNS_VIEW_H 1
@ -100,6 +100,8 @@ struct dns_view {
dns_peerlist_t * peers;
isc_boolean_t recursion;
isc_boolean_t auth_nxdomain;
isc_boolean_t additionalfromcache;
isc_boolean_t additionalfromauth;
dns_transfer_format_t transfer_format;
dns_acl_t * queryacl;
dns_acl_t * recursionacl;

4
lib/dns/view.c
View file

@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: view.c,v 1.72 2000/07/27 09:46:49 tale Exp $ */
/* $Id: view.c,v 1.73 2000/07/31 21:06:59 explorer Exp $ */
#include <config.h>
@ -139,6 +139,8 @@ dns_view_create(isc_mem_t *mctx, dns_rdataclass_t rdclass,
*/
view->recursion = ISC_TRUE;
view->auth_nxdomain = ISC_FALSE; /* Was true in BIND 8 */
view->additionalfromcache = ISC_TRUE;
view->additionalfromauth = ISC_TRUE;
view->transfer_format = dns_one_answer;
view->queryacl = NULL;
view->recursionacl = NULL;