upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-04-22 06:37:42 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Reconfigure catz member zones during named reconfiguration

Browse source 
During a reconfiguration named doesn't reconfigure catalog zones
member zones. Implement the necessary code to reconfigure catz
member zones.
This commit is contained in:
Aram Sargsyan 2024-05-24 13:18:15 +00:00 committed by Petr Špaček
parent f6dd701b83
commit 730fd32ee6
3 changed files with 126 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

122
bin/named/server.c
View file

@ -342,6 +342,12 @@ typedef struct catz_chgzone {
bool mod;
} catz_chgzone_t;
typedef struct catz_reconfig_data {
dns_catz_zone_t *catz;
const cfg_obj_t *config;
catz_cb_data_t *cbd;
} catz_reconfig_data_t;
typedef enum {
CATZ_ADDZONE,
CATZ_MODZONE,
@ -469,7 +475,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig,
const cfg_obj_t *vconfig, dns_view_t *view,
dns_viewlist_t *viewlist, dns_kasplist_t *kasplist,
dns_keystorelist_t *keystores, cfg_aclconfctx_t *aclconf,
bool added, bool old_rpz_ok, bool modify);
bool added, bool old_rpz_ok, bool is_catz_member, bool modify);
static void
configure_zone_setviewcommit(isc_result_t result, const cfg_obj_t *zconfig,
@ -2798,7 +2804,7 @@ catz_addmodzone_cb(void *arg) {
isc_buffer_free(&confbuf);
}
/*
* Fail if either dns_catz_generate_zonecfg() or cfg_parse_buffer3()
* Fail if either dns_catz_generate_zonecfg() or cfg_parse_buffer()
* failed.
*/
if (result != ISC_R_SUCCESS) {
@ -2824,7 +2830,7 @@ catz_addmodzone_cb(void *arg) {
&cz->cbd->server->viewlist,
&cz->cbd->server->kasplist,
&cz->cbd->server->keystorelist, cfg->actx, true,
false, cz->mod);
false, true, cz->mod);
dns_view_freeze(cz->view);
isc_loopmgr_resume(named_g_loopmgr);
@ -3036,6 +3042,89 @@ catz_changeview(dns_catz_entry_t *entry, void *arg1, void *arg2) {
dns_zone_detach(&zone);
}
static void
catz_reconfigure(dns_catz_entry_t *entry, void *arg1, void *arg2) {
dns_view_t *view = arg1;
catz_reconfig_data_t *data = arg2;
isc_buffer_t namebuf;
isc_buffer_t *confbuf = NULL;
const cfg_obj_t *zlist = NULL;
char nameb[DNS_NAME_FORMATSIZE];
cfg_obj_t *zoneconf = NULL;
cfg_obj_t *zoneobj = NULL;
ns_cfgctx_t *cfg = NULL;
dns_zone_t *zone = NULL;
isc_result_t result;
isc_buffer_init(&namebuf, nameb, DNS_NAME_FORMATSIZE);
dns_name_totext(dns_catz_entry_getname(entry), DNS_NAME_OMITFINALDOT,
&namebuf);
isc_buffer_putuint8(&namebuf, 0);
result = dns_view_findzone(view, dns_catz_entry_getname(entry),
DNS_ZTFIND_EXACT, &zone);
if (result != ISC_R_SUCCESS) {
return;
}
cfg = (ns_cfgctx_t *)view->new_zone_config;
if (cfg == NULL) {
isc_log_write(named_g_lctx, NAMED_LOGCATEGORY_GENERAL,
NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR,
"catz_reconfigure: allow-new-zones statement "
"missing from config; cannot reconfigure a "
"member zone");
goto cleanup;
}
result = dns_catz_generate_zonecfg(data->catz, entry, &confbuf);
if (result == ISC_R_SUCCESS) {
cfg_parser_reset(cfg->add_parser);
result = cfg_parse_buffer(cfg->add_parser, confbuf, "catz", 0,
&cfg_type_addzoneconf, 0, &zoneconf);
isc_buffer_free(&confbuf);
}
/*
* Fail if either dns_catz_generate_zonecfg() or cfg_parse_buffer()
* failed.
*/
if (result != ISC_R_SUCCESS) {
isc_log_write(named_g_lctx, NAMED_LOGCATEGORY_GENERAL,
NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR,
"catz_reconfigure: error \"%s\" while trying to "
"generate config for member zone '%s'",
isc_result_totext(result), nameb);
goto cleanup;
}
CHECK(cfg_map_get(zoneconf, "zone", &zlist));
if (!cfg_obj_islist(zlist)) {
CHECK(ISC_R_FAILURE);
}
zoneobj = cfg_listelt_value(cfg_list_first(zlist));
result = configure_zone(data->config, zoneobj, cfg->vconfig, view,
&data->cbd->server->viewlist,
&data->cbd->server->kasplist,
&data->cbd->server->keystorelist, cfg->actx,
true, false, true, true);
if (result != ISC_R_SUCCESS) {
isc_log_write(named_g_lctx, NAMED_LOGCATEGORY_GENERAL,
NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR,
"catz_reconfigure : error \"%s\" while trying to "
"reconfigure member zone '%s'",
isc_result_totext(result), nameb);
goto cleanup;
}
cleanup:
if (zoneconf != NULL) {
cfg_obj_destroy(cfg->add_parser, &zoneconf);
}
dns_zone_detach(&zone);
}
static isc_result_t
configure_catz_zone(dns_view_t *view, dns_view_t *pview,
const cfg_obj_t *config, const cfg_listelt_t *element) {
@ -3065,12 +3154,21 @@ configure_catz_zone(dns_view_t *view, dns_view_t *pview,
result = dns_catz_zone_add(view->catzs, &origin, &zone);
if (result == ISC_R_EXISTS) {
catz_reconfig_data_t data = {
.catz = zone,
.config = config,
.cbd = (catz_cb_data_t *)dns_catz_zones_get_udata(
view->catzs),
};
/*
* We have to walk through all the member zones and re-attach
* them to current view
* We have to walk through all the member zones, re-attach
* them to the current view and reconfigure
*/
dns_catz_zone_for_each_entry2(zone, catz_changeview, pview,
view);
dns_catz_zone_for_each_entry2(zone, catz_reconfigure, view,
&data);
}
dns_catz_zone_resetdefoptions(zone);
@ -4161,7 +4259,7 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config,
const cfg_obj_t *zconfig = cfg_listelt_value(element);
CHECK(configure_zone(config, zconfig, vconfig, view, viewlist,
kasplist, keystores, actx, false,
old_rpz_ok, false));
old_rpz_ok, false, false));
zone_element_latest = element;
}
@ -6500,7 +6598,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig,
const cfg_obj_t *vconfig, dns_view_t *view,
dns_viewlist_t *viewlist, dns_kasplist_t *kasplist,
dns_keystorelist_t *keystores, cfg_aclconfctx_t *aclconf,
bool added, bool old_rpz_ok, bool modify) {
bool added, bool old_rpz_ok, bool is_catz_member, bool modify) {
dns_view_t *pview = NULL; /* Production view */
dns_zone_t *zone = NULL; /* New or reused zone */
dns_zone_t *raw = NULL; /* New or reused raw zone */
@ -6736,7 +6834,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig,
}
}
if (view->catzs != NULL &&
if (!is_catz_member && view->catzs != NULL &&
dns_catz_zone_get(view->catzs, origin) != NULL)
{
zone_is_catz = true;
@ -7872,7 +7970,7 @@ configure_newzones(dns_view_t *view, cfg_obj_t *config, cfg_obj_t *vconfig,
&named_g_server->viewlist,
&named_g_server->kasplist,
&named_g_server->keystorelist, actx, true,
false, false));
false, false, false));
}
result = ISC_R_SUCCESS;
@ -8057,7 +8155,7 @@ configure_newzone(const cfg_obj_t *zconfig, cfg_obj_t *config,
return (configure_zone(
config, zconfig, vconfig, view, &named_g_server->viewlist,
&named_g_server->kasplist, &named_g_server->keystorelist, actx,
true, false, false));
true, false, false, false));
}
/*%
@ -13731,7 +13829,7 @@ do_addzone(named_server_t *server, ns_cfgctx_t *cfg, dns_view_t *view,
result = configure_zone(cfg->config, zoneobj, cfg->vconfig, view,
&server->viewlist, &server->kasplist,
&server->keystorelist, cfg->actx, true, false,
false);
false, false);
dns_view_freeze(view);
isc_loopmgr_resume(named_g_loopmgr);
@ -13917,7 +14015,7 @@ do_modzone(named_server_t *server, ns_cfgctx_t *cfg, dns_view_t *view,
result = configure_zone(cfg->config, zoneobj, cfg->vconfig, view,
&server->viewlist, &server->kasplist,
&server->keystorelist, cfg->actx, true, false,
true);
false, true);
dns_view_freeze(view);
isc_loopmgr_resume(named_g_loopmgr);

7
lib/dns/catz.c
View file

@ -801,6 +801,13 @@ dns_catz_zones_new(isc_mem_t *mctx, isc_loopmgr_t *loopmgr,
return (catzs);
}
void *
dns_catz_zones_get_udata(dns_catz_zones_t *catzs) {
REQUIRE(DNS_CATZ_ZONES_VALID(catzs));
return (catzs->zmm->udata);
}
void
dns_catz_catzs_set_view(dns_catz_zones_t *catzs, dns_view_t *view) {
REQUIRE(DNS_CATZ_ZONES_VALID(catzs));

9
lib/dns/include/dns/catz.h
View file

@ -298,6 +298,15 @@ dns_catz_zones_new(isc_mem_t *mctx, isc_loopmgr_t *loopmgr,
*
*/
void *
dns_catz_zones_get_udata(dns_catz_zones_t *catzs);
/*%<
* Get the 'udata' member of the zone methods which was set when creating catzs.
*
* Requires:
* \li 'catzs' is a valid dns_catz_zones_t.
*/
isc_result_t
dns_catz_zone_add(dns_catz_zones_t *catzs, const dns_name_t *name,
dns_catz_zone_t **catzp);