diff --git a/bin/named/Makefile.in b/bin/named/Makefile.in index 4b2ab1c819..3b3a855cb0 100644 --- a/bin/named/Makefile.in +++ b/bin/named/Makefile.in @@ -88,12 +88,11 @@ SUBDIRS = unix TARGETS = named@EXEEXT@ -GEOIPLINKOBJS = geoip.@O@ GEOIP2LINKOBJS = geoip.@O@ OBJS = builtin.@O@ config.@O@ control.@O@ \ controlconf.@O@ fuzz.@O@ \ - @GEOIPLINKOBJS@ @GEOIP2LINKOBJS@ \ + @GEOIP2LINKOBJS@ \ log.@O@ logconf.@O@ main.@O@ \ server.@O@ statschannel.@O@ \ tkeyconf.@O@ tsigconf.@O@ zoneconf.@O@ \ @@ -103,12 +102,11 @@ UOBJS = unix/os.@O@ unix/dlz_dlopen_driver.@O@ SYMOBJS = symtbl.@O@ -GEOIPLINKSRCS = geoip.c GEOIP2LINKSRCS = geoip.c SRCS = builtin.c config.c control.c \ controlconf.c fuzz.c \ - @GEOIPLINKSRCS@ @GEOIP2LINKSRCS@ \ + @GEOIP2LINKSRCS@ \ log.c logconf.c main.c \ server.c statschannel.c \ tkeyconf.c tsigconf.c zoneconf.c \ diff --git a/bin/named/geoip.c b/bin/named/geoip.c index cc678527b4..f72895ee17 100644 --- a/bin/named/geoip.c +++ b/bin/named/geoip.c @@ -13,9 +13,6 @@ #if defined(HAVE_GEOIP2) #include -#elif defined(HAVE_GEOIP) -#include -#include #endif #include @@ -29,62 +26,7 @@ static dns_geoip_databases_t geoip_table = DNS_GEOIP_DATABASE_INIT; -#if defined(HAVE_GEOIP) -static void -init_geoip_db(void **dbp, GeoIPDBTypes edition, GeoIPDBTypes fallback, - GeoIPOptions method, const char *name) -{ - char *info; - GeoIP *db; - - REQUIRE(dbp != NULL); - - db = (GeoIP *)*dbp; - - if (db != NULL) { - GeoIP_delete(db); - db = *dbp = NULL; - } - - if (! GeoIP_db_avail(edition)) { - isc_log_write(named_g_lctx, NAMED_LOGCATEGORY_GENERAL, - NAMED_LOGMODULE_SERVER, ISC_LOG_INFO, - "GeoIP %s (type %d) DB not available", name, edition); - goto fail; - } - - isc_log_write(named_g_lctx, NAMED_LOGCATEGORY_GENERAL, - NAMED_LOGMODULE_SERVER, ISC_LOG_INFO, - "initializing GeoIP %s (type %d) DB", name, edition); - - db = GeoIP_open_type(edition, method); - if (db == NULL) { - isc_log_write(named_g_lctx, NAMED_LOGCATEGORY_GENERAL, - NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR, - "failed to initialize GeoIP %s (type %d) DB%s", - name, edition, fallback == 0 - ? "geoip matches using this database will fail" : ""); - goto fail; - } - - info = GeoIP_database_info(db); - if (info != NULL) { - isc_log_write(named_g_lctx, NAMED_LOGCATEGORY_GENERAL, - NAMED_LOGMODULE_SERVER, ISC_LOG_INFO, - "%s", info); - free(info); - } - - *dbp = db; - return; - - fail: - if (fallback != 0) { - init_geoip_db(dbp, fallback, 0, method, name); - } - -} -#elif defined(HAVE_GEOIP2) +#if defined(HAVE_GEOIP2) static MMDB_s geoip_country, geoip_city, geoip_as, geoip_isp, geoip_domain; static MMDB_s * @@ -122,13 +64,10 @@ open_geoip2(const char *dir, const char *dbfile, MMDB_s *mmdb) { void named_geoip_init(void) { -#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) +#if defined(HAVE_GEOIP2) if (named_g_geoip == NULL) { named_g_geoip = &geoip_table; } -#if defined(HAVE_GEOIP) - GeoIP_cleanup(); -#endif #else return; #endif @@ -163,50 +102,6 @@ named_geoip_load(char *dir) { named_g_geoip->isp = open_geoip2(dir, "GeoIP2-ISP.mmdb", &geoip_isp); named_g_geoip->domain = open_geoip2(dir, "GeoIP2-Domain.mmdb", &geoip_domain); -#elif defined(HAVE_GEOIP) - GeoIPOptions method; - -#ifdef _WIN32 - method = GEOIP_STANDARD; -#else - method = GEOIP_MMAP_CACHE; -#endif - - named_geoip_init(); - if (dir != NULL) { - isc_log_write(named_g_lctx, NAMED_LOGCATEGORY_GENERAL, - NAMED_LOGMODULE_SERVER, ISC_LOG_INFO, - "using \"%s\" as GeoIP directory", dir); - GeoIP_setup_custom_directory(dir); - } - - init_geoip_db(&named_g_geoip->country_v4, GEOIP_COUNTRY_EDITION, 0, - method, "Country (IPv4)"); -#ifdef HAVE_GEOIP_V6 - init_geoip_db(&named_g_geoip->country_v6, GEOIP_COUNTRY_EDITION_V6, 0, - method, "Country (IPv6)"); -#endif - - init_geoip_db(&named_g_geoip->city_v4, GEOIP_CITY_EDITION_REV1, - GEOIP_CITY_EDITION_REV0, method, "City (IPv4)"); -#if defined(HAVE_GEOIP_V6) && defined(HAVE_GEOIP_CITY_V6) - init_geoip_db(&named_g_geoip->city_v6, GEOIP_CITY_EDITION_REV1_V6, - GEOIP_CITY_EDITION_REV0_V6, method, "City (IPv6)"); -#endif - - init_geoip_db(&named_g_geoip->region, GEOIP_REGION_EDITION_REV1, - GEOIP_REGION_EDITION_REV0, method, "Region"); - - init_geoip_db(&named_g_geoip->isp, GEOIP_ISP_EDITION, 0, - method, "ISP"); - init_geoip_db(&named_g_geoip->org, GEOIP_ORG_EDITION, 0, - method, "Org"); - init_geoip_db(&named_g_geoip->as, GEOIP_ASNUM_EDITION, 0, - method, "AS"); - init_geoip_db(&named_g_geoip->domain, GEOIP_DOMAIN_EDITION, 0, - method, "Domain"); - init_geoip_db(&named_g_geoip->netspeed, GEOIP_NETSPEED_EDITION, 0, - method, "NetSpeed"); #else UNUSED(dir); diff --git a/bin/named/include/named/globals.h b/bin/named/include/named/globals.h index 49e75a1523..8c73379834 100644 --- a/bin/named/include/named/globals.h +++ b/bin/named/include/named/globals.h @@ -154,7 +154,7 @@ EXTERN bool named_g_keepstderr INIT(false); EXTERN unsigned int named_g_tat_interval INIT(24*3600); -#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) +#if defined(HAVE_GEOIP2) EXTERN dns_geoip_databases_t *named_g_geoip INIT(NULL); #endif diff --git a/bin/named/server.c b/bin/named/server.c index 6332b05411..a8f0872992 100644 --- a/bin/named/server.c +++ b/bin/named/server.c @@ -105,9 +105,9 @@ #include #include -#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) +#if defined(HAVE_GEOIP2) #include -#endif /* HAVE_GEOIP || HAVE_GEOIP2 */ +#endif /* HAVE_GEOIP2 */ #include #include #include @@ -8261,7 +8261,7 @@ load_configuration(const char *filename, named_server_t *server, } isc_socketmgr_setreserved(named_g_socketmgr, reserved); -#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) +#if defined(HAVE_GEOIP2) /* * Initialize GeoIP databases from the configured location. * This should happen before configuring any ACLs, so that we @@ -8278,7 +8278,7 @@ load_configuration(const char *filename, named_server_t *server, named_geoip_load(NULL); } named_g_aclconfctx->geoip = named_g_geoip; -#endif /* HAVE_GEOIP || HAVE_GEOIP2 */ +#endif /* HAVE_GEOIP2 */ /* * Configure various server options. @@ -9492,7 +9492,7 @@ run_server(isc_task_t *task, isc_event_t *event) { dns_dispatchmgr_setstats(named_g_dispatchmgr, server->resolverstats); -#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) +#if defined(HAVE_GEOIP2) geoip = named_g_geoip; #else geoip = NULL; @@ -9626,9 +9626,9 @@ shutdown_server(isc_task_t *task, isc_event_t *event) { #ifdef HAVE_DNSTAP dns_dt_shutdown(); #endif -#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) +#if defined(HAVE_GEOIP2) named_geoip_shutdown(); -#endif /* HAVE_GEOIP || HAVE_GEOIP2 */ +#endif /* HAVE_GEOIP2 */ dns_db_detach(&server->in_roothints); @@ -9744,14 +9744,14 @@ named_server_create(isc_mem_t *mctx, named_server_t **serverp) { &server->sctx), "creating server context"); -#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) +#if defined(HAVE_GEOIP2) /* * GeoIP must be initialized before the interface * manager (which includes the ACL environment) * is created */ named_geoip_init(); -#endif /* HAVE_GEOIP || HAVE_GEOIP2 */ +#endif /* HAVE_GEOIP2 */ #ifdef ENABLE_AFL server->sctx->fuzztype = named_g_fuzz_type; diff --git a/bin/tests/system/conf.sh.common b/bin/tests/system/conf.sh.common index 074b53f977..921c349a57 100644 --- a/bin/tests/system/conf.sh.common +++ b/bin/tests/system/conf.sh.common @@ -63,7 +63,7 @@ PARALLEL_COMMON="dnssec rpzrecurse serve-stale \ dns64 dscp dsdigest dyndb \ ednscompliance emptyzones \ fetchlimit filter-aaaa formerr forward \ - geoip geoip2 glue idna inline integrity ixfr \ + geoip2 glue idna inline integrity ixfr \ keepalive legacy limits \ masterfile masterformat metadata mirror mkeys \ names notify nslookup nsupdate nzd2nzf \ diff --git a/bin/tests/system/feature-test.c b/bin/tests/system/feature-test.c index 35469d0db9..1c6486f802 100644 --- a/bin/tests/system/feature-test.c +++ b/bin/tests/system/feature-test.c @@ -40,7 +40,7 @@ usage() { fprintf(stderr, " --gethostname\n"); fprintf(stderr, " --gssapi\n"); fprintf(stderr, " --have-dlopen\n"); - fprintf(stderr, " --have-geoip\n"); + fprintf(stderr, " --have-geoip2\n"); fprintf(stderr, " --have-libxml2\n"); fprintf(stderr, " --ipv6only=no\n"); fprintf(stderr, " --with-idn\n"); @@ -117,14 +117,6 @@ main(int argc, char **argv) { #endif } - if (strcmp(argv[1], "--have-geoip") == 0) { -#ifdef HAVE_GEOIP - return (0); -#else - return (1); -#endif - } - if (strcmp(argv[1], "--have-geoip2") == 0) { #ifdef HAVE_GEOIP2 return (0); diff --git a/bin/tests/system/geoip/clean.sh b/bin/tests/system/geoip/clean.sh deleted file mode 100644 index 85caf2f86f..0000000000 --- a/bin/tests/system/geoip/clean.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/sh -# -# Copyright (C) Internet Systems Consortium, Inc. ("ISC") -# -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. -# -# See the COPYRIGHT file distributed with this work for additional -# information regarding copyright ownership. - -rm -f ns2/named.conf -rm -f ns2/example*.db -rm -f dig.out.* rndc.out.* -rm -f data2/*dat -[ -d data2 ] && rmdir data2 -rm -f ns?/named.run -rm -f ns?/named.memstats -rm -f ns*/named.lock -rm -f ns*/managed-keys.bind* ns*/*.mkeys* diff --git a/bin/tests/system/geoip/data/GeoIP.csv b/bin/tests/system/geoip/data/GeoIP.csv deleted file mode 100644 index 8e718540df..0000000000 --- a/bin/tests/system/geoip/data/GeoIP.csv +++ /dev/null @@ -1,8 +0,0 @@ -10.53.0.1/32 AU -10.53.0.2/32 US -10.53.0.3/32 GB -10.53.0.4/32 CA -10.53.0.5/32 CL -10.53.0.6/32 DE -10.53.0.7/32 EH -192.0.2/24 O1 diff --git a/bin/tests/system/geoip/data/GeoIP.dat b/bin/tests/system/geoip/data/GeoIP.dat deleted file mode 100644 index 345092f371..0000000000 Binary files a/bin/tests/system/geoip/data/GeoIP.dat and /dev/null differ diff --git a/bin/tests/system/geoip/data/GeoIPASNum.csv b/bin/tests/system/geoip/data/GeoIPASNum.csv deleted file mode 100644 index 774edd1076..0000000000 --- a/bin/tests/system/geoip/data/GeoIPASNum.csv +++ /dev/null @@ -1,7 +0,0 @@ -10.53.0.1/32 AS100001 One Systems, Inc. -10.53.0.2/32 AS100002 Two Technology Ltd. -10.53.0.3/32 AS100003 Three Network Labs -10.53.0.4/32 AS100004 Four University -10.53.0.5/32 AS100005 Five Telecom -10.53.0.6/32 AS100006 Six Company -10.53.0.7/32 AS100007 Seven Communications diff --git a/bin/tests/system/geoip/data/GeoIPASNum.dat b/bin/tests/system/geoip/data/GeoIPASNum.dat deleted file mode 100644 index 2fd3938a2b..0000000000 Binary files a/bin/tests/system/geoip/data/GeoIPASNum.dat and /dev/null differ diff --git a/bin/tests/system/geoip/data/GeoIPASNumv6.csv b/bin/tests/system/geoip/data/GeoIPASNumv6.csv deleted file mode 100644 index 40742895ba..0000000000 --- a/bin/tests/system/geoip/data/GeoIPASNumv6.csv +++ /dev/null @@ -1,7 +0,0 @@ -fd92:7065:b8e:ffff::1/128,AS100001 One Systems, Inc. -fd92:7065:b8e:ffff::2/128,AS100002 Two Technology Ltd. -fd92:7065:b8e:ffff::3/128,AS100003 Three Network Labs -fd92:7065:b8e:ffff::4/128,AS100004 Four University -fd92:7065:b8e:ffff::5/128,AS100005 Five Telecom -fd92:7065:b8e:ffff::6/128,AS100006 Six Company -fd92:7065:b8e:ffff::7/128,AS100007 Seven Communications diff --git a/bin/tests/system/geoip/data/GeoIPASNumv6.dat b/bin/tests/system/geoip/data/GeoIPASNumv6.dat deleted file mode 100644 index 8b9504a0cf..0000000000 Binary files a/bin/tests/system/geoip/data/GeoIPASNumv6.dat and /dev/null differ diff --git a/bin/tests/system/geoip/data/GeoIPCity.csv b/bin/tests/system/geoip/data/GeoIPCity.csv deleted file mode 100644 index 14900d5ff5..0000000000 --- a/bin/tests/system/geoip/data/GeoIPCity.csv +++ /dev/null @@ -1,7 +0,0 @@ -10.53.0.1/32,US,CA,"Redwood City",94063,37.4914,-122.2110,807,650 -10.53.0.2/32,US,CA,"Santa Cruz",95060,37.0448,-122.1021,828,831 -10.53.0.3/32,US,OK,"Oklahoma City",73120,35.5798,-97.5731,650,405 -10.53.0.4/32,US,VA,Ashland,23005,37.7563,-77.4888,556,804 -10.53.0.5/32,US,GA,Atlanta,30345,33.8477,-84.2814,524,404 -10.53.0.6/32,US,CO,Morrison,80465,39.6081,-105.2072,751,303 -10.53.0.7/32,US,AK,Ketchikan,99901,55.6153,-131.5848,747,907 diff --git a/bin/tests/system/geoip/data/GeoIPCity.dat b/bin/tests/system/geoip/data/GeoIPCity.dat deleted file mode 100644 index a22ff7d8dd..0000000000 Binary files a/bin/tests/system/geoip/data/GeoIPCity.dat and /dev/null differ diff --git a/bin/tests/system/geoip/data/GeoIPCityv6.csv b/bin/tests/system/geoip/data/GeoIPCityv6.csv deleted file mode 100644 index 5f09e62d6b..0000000000 --- a/bin/tests/system/geoip/data/GeoIPCityv6.csv +++ /dev/null @@ -1,7 +0,0 @@ -"fd92:7065:b8e:ffff::1","fd92:7065:b8e:ffff::1","US","CA","Redwood City","94063",37.4914,-122.2110,807,650 -"fd92:7065:b8e:ffff::2","fd92:7065:b8e:ffff::2","US","CA","Santa Cruz","95060",37.0448,-122.1021,828,831 -"fd92:7065:b8e:ffff::3","fd92:7065:b8e:ffff::3","US","OK","Oklahoma City","73120",35.5798,-97.5731,650,405 -"fd92:7065:b8e:ffff::4","fd92:7065:b8e:ffff::4","DE","07","Lotte","",52.2833,7.9167,0,0 -"fd92:7065:b8e:ffff::5","fd92:7065:b8e:ffff::5","US","GA","Atlanta","30345",33.8477,-84.2814,524,404 -"fd92:7065:b8e:ffff::6","fd92:7065:b8e:ffff::6","US","CO","Morrison","80465",39.6081,-105.2072,751,303 -"fd92:7065:b8e:ffff::7","fd92:7065:b8e:ffff::7","US","AK","Ketchikan","99901",55.6153,-131.5848,747,907 diff --git a/bin/tests/system/geoip/data/GeoIPCityv6.dat b/bin/tests/system/geoip/data/GeoIPCityv6.dat deleted file mode 100644 index ab9110f166..0000000000 Binary files a/bin/tests/system/geoip/data/GeoIPCityv6.dat and /dev/null differ diff --git a/bin/tests/system/geoip/data/GeoIPDomain.csv b/bin/tests/system/geoip/data/GeoIPDomain.csv deleted file mode 100644 index 8611d656f1..0000000000 --- a/bin/tests/system/geoip/data/GeoIPDomain.csv +++ /dev/null @@ -1,7 +0,0 @@ -10.53.0.1/32 one.de -10.53.0.2/32 two.com -10.53.0.3/32 three.com -10.53.0.4/32 four.com -10.53.0.5/32 five.es -10.53.0.6/32 six.it -10.53.0.7/32 seven.org diff --git a/bin/tests/system/geoip/data/GeoIPDomain.dat b/bin/tests/system/geoip/data/GeoIPDomain.dat deleted file mode 100644 index e63629b094..0000000000 Binary files a/bin/tests/system/geoip/data/GeoIPDomain.dat and /dev/null differ diff --git a/bin/tests/system/geoip/data/GeoIPISP.csv b/bin/tests/system/geoip/data/GeoIPISP.csv deleted file mode 100644 index 3d5b4fa2e9..0000000000 --- a/bin/tests/system/geoip/data/GeoIPISP.csv +++ /dev/null @@ -1,7 +0,0 @@ -10.53.0.1/32 One Systems, Inc. -10.53.0.2/32 Two Technology Ltd. -10.53.0.3/32 Three Network Labs -10.53.0.4/32 Four University -10.53.0.5/32 Five Telecom -10.53.0.6/32 Six Company -10.53.0.7/32 Seven Communications diff --git a/bin/tests/system/geoip/data/GeoIPISP.dat b/bin/tests/system/geoip/data/GeoIPISP.dat deleted file mode 100644 index 3b1761c2ae..0000000000 Binary files a/bin/tests/system/geoip/data/GeoIPISP.dat and /dev/null differ diff --git a/bin/tests/system/geoip/data/GeoIPNetSpeed.csv b/bin/tests/system/geoip/data/GeoIPNetSpeed.csv deleted file mode 100644 index 4ede1377aa..0000000000 --- a/bin/tests/system/geoip/data/GeoIPNetSpeed.csv +++ /dev/null @@ -1,7 +0,0 @@ -10.53.0.1/32 0 -10.53.0.2/32 1 -10.53.0.3/32 2 -10.53.0.4/32 3 -10.53.0.5/32 0 -10.53.0.6/32 1 -10.53.0.7/32 2 diff --git a/bin/tests/system/geoip/data/GeoIPNetSpeed.dat b/bin/tests/system/geoip/data/GeoIPNetSpeed.dat deleted file mode 100644 index 13d80a9848..0000000000 Binary files a/bin/tests/system/geoip/data/GeoIPNetSpeed.dat and /dev/null differ diff --git a/bin/tests/system/geoip/data/GeoIPOrg.csv b/bin/tests/system/geoip/data/GeoIPOrg.csv deleted file mode 100644 index 3d5b4fa2e9..0000000000 --- a/bin/tests/system/geoip/data/GeoIPOrg.csv +++ /dev/null @@ -1,7 +0,0 @@ -10.53.0.1/32 One Systems, Inc. -10.53.0.2/32 Two Technology Ltd. -10.53.0.3/32 Three Network Labs -10.53.0.4/32 Four University -10.53.0.5/32 Five Telecom -10.53.0.6/32 Six Company -10.53.0.7/32 Seven Communications diff --git a/bin/tests/system/geoip/data/GeoIPOrg.dat b/bin/tests/system/geoip/data/GeoIPOrg.dat deleted file mode 100644 index 9fcc25dbc3..0000000000 Binary files a/bin/tests/system/geoip/data/GeoIPOrg.dat and /dev/null differ diff --git a/bin/tests/system/geoip/data/GeoIPRegion.csv b/bin/tests/system/geoip/data/GeoIPRegion.csv deleted file mode 100644 index 0bcd872fef..0000000000 --- a/bin/tests/system/geoip/data/GeoIPRegion.csv +++ /dev/null @@ -1,7 +0,0 @@ -10.53.0.1/32 US CA -10.53.0.2/32 CA BC -10.53.0.3/32 US OK -10.53.0.4/32 AU -10.53.0.5/32 US CO -10.53.0.6/32 CA ON -10.53.0.7/32 NL diff --git a/bin/tests/system/geoip/data/GeoIPRegion.dat b/bin/tests/system/geoip/data/GeoIPRegion.dat deleted file mode 100644 index 8e2d12caed..0000000000 Binary files a/bin/tests/system/geoip/data/GeoIPRegion.dat and /dev/null differ diff --git a/bin/tests/system/geoip/data/GeoIPv6.csv b/bin/tests/system/geoip/data/GeoIPv6.csv deleted file mode 100644 index 919bf860a5..0000000000 --- a/bin/tests/system/geoip/data/GeoIPv6.csv +++ /dev/null @@ -1,7 +0,0 @@ -"fd92:7065:b8e:ffff::1/128",AU -"fd92:7065:b8e:ffff::2/128",US -"fd92:7065:b8e:ffff::3/128",GB -"fd92:7065:b8e:ffff::4/128",CA -"fd92:7065:b8e:ffff::5/128",CL -"fd92:7065:b8e:ffff::6/128",DE -"fd92:7065:b8e:ffff::7/128",EH diff --git a/bin/tests/system/geoip/data/GeoIPv6.dat b/bin/tests/system/geoip/data/GeoIPv6.dat deleted file mode 100644 index 6781a8563d..0000000000 Binary files a/bin/tests/system/geoip/data/GeoIPv6.dat and /dev/null differ diff --git a/bin/tests/system/geoip/data/README b/bin/tests/system/geoip/data/README deleted file mode 100644 index 7ed1d612e7..0000000000 --- a/bin/tests/system/geoip/data/README +++ /dev/null @@ -1,34 +0,0 @@ -Copyright (C) Internet Systems Consortium, Inc. ("ISC") - -See COPYRIGHT in the source root or http://isc.org/copyright.html for terms. - -The data data files in this directory are sample GeoIP databases, -generated from the corresponding CSV files. Thanks to MaxMind, Inc. -for assistance with producing these files. - -Unless otherwise noted, the databases only support IPv4: - -GeoIP.dat: Country (IPv4) -GeoIPv6.dat: Country (IPv6) -GeoIPCity.dat: City (IPv4) -GeoIPCityv6.dat: City (IPv6) -GeoIPRegion.dat: Region -GeoIPISP.dat: ISP -GeoIPOrg.dat: Organization -GeoIPDoain.dat: Domain Name -GeoIPASNum.dat: AS Number -GeoIPNetSpeed.dat: Net Speed - -GeoIP.dat can also be egenerated using the open source 'geoip-csv-to-dat' -utility (also known in some packages as "geoip-generator"): - -$ geoip-csv-to-dat -i "BIND9 geoip test data v1" -o GeoIP.dat << EOF -"10.53.0.1","10.53.0.1","171245569","171245569","AU","Australia" -"10.53.0.2","10.53.0.2","171245570","171245570","US","United States" -"10.53.0.3","10.53.0.3","171245571","171245571","GB","United Kingdom" -"10.53.0.4","10.53.0.4","171245572","171245572","CA","Canada" -"10.53.0.5","10.53.0.5","171245573","171245573","CL","Chile" -"10.53.0.6","10.53.0.6","171245574","171245574","DE","Germany" -"10.53.0.7","10.53.0.7","171245575","171245575","EH","Western Sahara" -"192.0.2.0","192.0.2.255","3221225984","3221226239","O1","Other" -EOF diff --git a/bin/tests/system/geoip/ns2/example.db.in b/bin/tests/system/geoip/ns2/example.db.in deleted file mode 100644 index 836359dc56..0000000000 --- a/bin/tests/system/geoip/ns2/example.db.in +++ /dev/null @@ -1,19 +0,0 @@ -; Copyright (C) Internet Systems Consortium, Inc. ("ISC") -; -; This Source Code Form is subject to the terms of the Mozilla Public -; License, v. 2.0. If a copy of the MPL was not distributed with this -; file, You can obtain one at http://mozilla.org/MPL/2.0/. -; -; See the COPYRIGHT file distributed with this work for additional -; information regarding copyright ownership. - -$TTL 300 ; 5 minutes -@ IN SOA mname1. . ( - 2000042407 ; serial - 20 ; refresh (20 seconds) - 20 ; retry (20 seconds) - 1814400 ; expire (3 weeks) - 3600 ; minimum (1 hour) - ) - NS ns2 -ns2 A 10.53.0.2 diff --git a/bin/tests/system/geoip/ns2/named1.conf.in b/bin/tests/system/geoip/ns2/named1.conf.in deleted file mode 100644 index e926f683d0..0000000000 --- a/bin/tests/system/geoip/ns2/named1.conf.in +++ /dev/null @@ -1,106 +0,0 @@ -/* - * Copyright (C) Internet Systems Consortium, Inc. ("ISC") - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. - * - * See the COPYRIGHT file distributed with this work for additional - * information regarding copyright ownership. - */ - -// NS2 - -options { - query-source address 10.53.0.2; - notify-source 10.53.0.2; - transfer-source 10.53.0.2; - port @PORT@; - pid-file "named.pid"; - listen-on { 10.53.0.2; }; - listen-on-v6 { none; }; - recursion no; - dnssec-validation no; - geoip-directory "../data"; -}; - -key rndc_key { - secret "1234abcd8765"; - algorithm hmac-sha256; -}; - -controls { - inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; -}; - -view one { - match-clients { geoip db country country AU; }; - zone "example" { - type master; - file "example1.db"; - }; -}; - -view two { - match-clients { geoip db country country US; }; - zone "example" { - type master; - file "example2.db"; - }; -}; - -view three { - match-clients { geoip db country country GB; }; - zone "example" { - type master; - file "example3.db"; - }; -}; - -view four { - match-clients { geoip db country country CA; }; - zone "example" { - type master; - file "example4.db"; - }; -}; - -view five { - match-clients { geoip db country country CL; }; - zone "example" { - type master; - file "example5.db"; - }; -}; - -view six { - match-clients { geoip db country country DE; }; - zone "example" { - type master; - file "example6.db"; - }; -}; - -view seven { - match-clients { geoip db country country EH; }; - zone "example" { - type master; - file "example7.db"; - }; -}; - -view other { - match-clients { geoip db country country O1; }; - zone "example" { - type master; - file "exampleother.db"; - }; -}; - -view none { - match-clients { any; }; - zone "example" { - type master; - file "example.db.in"; - }; -}; diff --git a/bin/tests/system/geoip/ns2/named10.conf.in b/bin/tests/system/geoip/ns2/named10.conf.in deleted file mode 100644 index 75f86bb223..0000000000 --- a/bin/tests/system/geoip/ns2/named10.conf.in +++ /dev/null @@ -1,98 +0,0 @@ -/* - * Copyright (C) Internet Systems Consortium, Inc. ("ISC") - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. - * - * See the COPYRIGHT file distributed with this work for additional - * information regarding copyright ownership. - */ - -// NS2 - -options { - query-source address 10.53.0.2; - notify-source 10.53.0.2; - transfer-source 10.53.0.2; - port @PORT@; - pid-file "named.pid"; - listen-on { 10.53.0.2; }; - listen-on-v6 { none; }; - recursion no; - dnssec-validation no; - geoip-directory "../data"; -}; - -key rndc_key { - secret "1234abcd8765"; - algorithm hmac-sha256; -}; - -controls { - inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; -}; - -view one { - match-clients { geoip asnum "AS100001"; }; - zone "example" { - type master; - file "example1.db"; - }; -}; - -view two { - match-clients { geoip asnum "AS100002"; }; - zone "example" { - type master; - file "example2.db"; - }; -}; - -view three { - match-clients { geoip asnum "AS100003"; }; - zone "example" { - type master; - file "example3.db"; - }; -}; - -view four { - match-clients { geoip asnum "AS100004"; }; - zone "example" { - type master; - file "example4.db"; - }; -}; - -view five { - match-clients { geoip asnum "AS100005"; }; - zone "example" { - type master; - file "example5.db"; - }; -}; - -view six { - match-clients { geoip asnum "AS100006"; }; - zone "example" { - type master; - file "example6.db"; - }; -}; - -view seven { - match-clients { geoip asnum "AS100007"; }; - zone "example" { - type master; - file "example7.db"; - }; -}; - -view none { - match-clients { any; }; - zone "example" { - type master; - file "example.db.in"; - }; -}; diff --git a/bin/tests/system/geoip/ns2/named11.conf.in b/bin/tests/system/geoip/ns2/named11.conf.in deleted file mode 100644 index 694b163b63..0000000000 --- a/bin/tests/system/geoip/ns2/named11.conf.in +++ /dev/null @@ -1,98 +0,0 @@ -/* - * Copyright (C) Internet Systems Consortium, Inc. ("ISC") - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. - * - * See the COPYRIGHT file distributed with this work for additional - * information regarding copyright ownership. - */ - -// NS2 - -options { - query-source address 10.53.0.2; - notify-source 10.53.0.2; - transfer-source 10.53.0.2; - port @PORT@; - pid-file "named.pid"; - listen-on { 10.53.0.2; }; - listen-on-v6 { none; }; - recursion no; - dnssec-validation no; - geoip-directory "../data"; -}; - -key rndc_key { - secret "1234abcd8765"; - algorithm hmac-sha256; -}; - -controls { - inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; -}; - -view one { - match-clients { geoip domain one.de; }; - zone "example" { - type master; - file "example1.db"; - }; -}; - -view two { - match-clients { geoip domain two.com; }; - zone "example" { - type master; - file "example2.db"; - }; -}; - -view three { - match-clients { geoip domain three.com; }; - zone "example" { - type master; - file "example3.db"; - }; -}; - -view four { - match-clients { geoip domain four.com; }; - zone "example" { - type master; - file "example4.db"; - }; -}; - -view five { - match-clients { geoip domain five.es; }; - zone "example" { - type master; - file "example5.db"; - }; -}; - -view six { - match-clients { geoip domain six.it; }; - zone "example" { - type master; - file "example6.db"; - }; -}; - -view seven { - match-clients { geoip domain seven.org; }; - zone "example" { - type master; - file "example7.db"; - }; -}; - -view none { - match-clients { any; }; - zone "example" { - type master; - file "example.db.in"; - }; -}; diff --git a/bin/tests/system/geoip/ns2/named12.conf.in b/bin/tests/system/geoip/ns2/named12.conf.in deleted file mode 100644 index c731d8bcb4..0000000000 --- a/bin/tests/system/geoip/ns2/named12.conf.in +++ /dev/null @@ -1,74 +0,0 @@ -/* - * Copyright (C) Internet Systems Consortium, Inc. ("ISC") - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. - * - * See the COPYRIGHT file distributed with this work for additional - * information regarding copyright ownership. - */ - -// NS2 - -options { - query-source address 10.53.0.2; - notify-source 10.53.0.2; - transfer-source 10.53.0.2; - port @PORT@; - pid-file "named.pid"; - listen-on { 10.53.0.2; }; - listen-on-v6 { none; }; - recursion no; - dnssec-validation no; - geoip-directory "../data"; -}; - -key rndc_key { - secret "1234abcd8765"; - algorithm hmac-sha256; -}; - -controls { - inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; -}; - -view one { - match-clients { geoip netspeed 0; }; - zone "example" { - type master; - file "example1.db"; - }; -}; - -view two { - match-clients { geoip netspeed 1; }; - zone "example" { - type master; - file "example2.db"; - }; -}; - -view three { - match-clients { geoip netspeed 2; }; - zone "example" { - type master; - file "example3.db"; - }; -}; - -view four { - match-clients { geoip netspeed 3; }; - zone "example" { - type master; - file "example4.db"; - }; -}; - -view none { - match-clients { any; }; - zone "example" { - type master; - file "example.db.in"; - }; -}; diff --git a/bin/tests/system/geoip/ns2/named13.conf.in b/bin/tests/system/geoip/ns2/named13.conf.in deleted file mode 100644 index 9f25514c9b..0000000000 --- a/bin/tests/system/geoip/ns2/named13.conf.in +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright (C) Internet Systems Consortium, Inc. ("ISC") - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. - * - * See the COPYRIGHT file distributed with this work for additional - * information regarding copyright ownership. - */ - -// NS2 - -acl blocking { - geoip db country country AU; -}; - -options { - query-source address 10.53.0.2; - notify-source 10.53.0.2; - transfer-source 10.53.0.2; - port @PORT@; - pid-file "named.pid"; - listen-on { 10.53.0.2; }; - listen-on-v6 { none; }; - recursion no; - dnssec-validation no; - geoip-directory "../data"; - blackhole { blocking; }; -}; - -key rndc_key { - secret "1234abcd8765"; - algorithm hmac-sha256; -}; - -controls { - inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; -}; diff --git a/bin/tests/system/geoip/ns2/named14.conf.in b/bin/tests/system/geoip/ns2/named14.conf.in deleted file mode 100644 index 34902f47ff..0000000000 --- a/bin/tests/system/geoip/ns2/named14.conf.in +++ /dev/null @@ -1,106 +0,0 @@ -/* - * Copyright (C) Internet Systems Consortium, Inc. ("ISC") - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. - * - * See the COPYRIGHT file distributed with this work for additional - * information regarding copyright ownership. - */ - -// NS2 - -options { - query-source address 10.53.0.2; - notify-source 10.53.0.2; - transfer-source 10.53.0.2; - port @PORT@; - pid-file "named.pid"; - listen-on { 127.0.0.1; 10.53.0.2; }; - listen-on-v6 { none; }; - recursion no; - dnssec-validation no; - geoip-directory "../data"; -}; - -key rndc_key { - secret "1234abcd8765"; - algorithm hmac-sha256; -}; - -controls { - inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; -}; - -acl gAU { geoip db country country AU; }; -acl gUS { geoip db country country US; }; -acl gGB { geoip db country country GB; }; -acl gCA { geoip db country country CA; }; -acl gCL { geoip db country country CL; }; -acl gDE { geoip db country country DE; }; -acl gEH { geoip db country country EH; }; - -view one { - match-clients { gAU; }; - zone "example" { - type master; - file "example1.db"; - }; -}; - -view two { - match-clients { gUS; }; - zone "example" { - type master; - file "example2.db"; - }; -}; - -view three { - match-clients { gGB; }; - zone "example" { - type master; - file "example3.db"; - }; -}; - -view four { - match-clients { gCA; }; - zone "example" { - type master; - file "example4.db"; - }; -}; - -view five { - match-clients { gCL; }; - zone "example" { - type master; - file "example5.db"; - }; -}; - -view six { - match-clients { gDE; }; - zone "example" { - type master; - file "example6.db"; - }; -}; - -view seven { - match-clients { gEH; }; - zone "example" { - type master; - file "example7.db"; - }; -}; - -view none { - match-clients { any; }; - zone "example" { - type master; - file "examplebogus.db"; - }; -}; diff --git a/bin/tests/system/geoip/ns2/named15.conf.in b/bin/tests/system/geoip/ns2/named15.conf.in deleted file mode 100644 index 6481ceb8d4..0000000000 --- a/bin/tests/system/geoip/ns2/named15.conf.in +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright (C) Internet Systems Consortium, Inc. ("ISC") - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. - * - * See the COPYRIGHT file distributed with this work for additional - * information regarding copyright ownership. - */ - -// NS2 - -options { - query-source address 10.53.0.2; - notify-source 10.53.0.2; - transfer-source 10.53.0.2; - port @PORT@; - pid-file "named.pid"; - listen-on { 10.53.0.2; }; - listen-on-v6 { fd92:7065:b8e:ffff::2; }; - recursion no; - dnssec-validation no; - geoip-directory "../data2"; -}; - -key rndc_key { - secret "1234abcd8765"; - algorithm hmac-sha256; -}; - -controls { - inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; -}; - -view two { - match-clients { geoip country US; }; - zone "example" { - type master; - file "../ns2/example2.db"; - }; -}; - -view none { - zone "example" { - type master; - file "examplebogus.db"; - }; -}; diff --git a/bin/tests/system/geoip/ns2/named2.conf.in b/bin/tests/system/geoip/ns2/named2.conf.in deleted file mode 100644 index 41514d2663..0000000000 --- a/bin/tests/system/geoip/ns2/named2.conf.in +++ /dev/null @@ -1,98 +0,0 @@ -/* - * Copyright (C) Internet Systems Consortium, Inc. ("ISC") - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. - * - * See the COPYRIGHT file distributed with this work for additional - * information regarding copyright ownership. - */ - -// NS2 - -options { - query-source address 10.53.0.2; - notify-source 10.53.0.2; - transfer-source 10.53.0.2; - port @PORT@; - pid-file "named.pid"; - listen-on { 10.53.0.2; }; - listen-on-v6 { none; }; - recursion no; - dnssec-validation no; - geoip-directory "../data"; -}; - -key rndc_key { - secret "1234abcd8765"; - algorithm hmac-sha256; -}; - -controls { - inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; -}; - -view one { - match-clients { geoip db country country AUS; }; - zone "example" { - type master; - file "example1.db"; - }; -}; - -view two { - match-clients { geoip db country country USA; }; - zone "example" { - type master; - file "example2.db"; - }; -}; - -view three { - match-clients { geoip db country country GBR; }; - zone "example" { - type master; - file "example3.db"; - }; -}; - -view four { - match-clients { geoip db country country CAN; }; - zone "example" { - type master; - file "example4.db"; - }; -}; - -view five { - match-clients { geoip db country country CHL; }; - zone "example" { - type master; - file "example5.db"; - }; -}; - -view six { - match-clients { geoip db country country DEU; }; - zone "example" { - type master; - file "example6.db"; - }; -}; - -view seven { - match-clients { geoip db country country ESH; }; - zone "example" { - type master; - file "example7.db"; - }; -}; - -view none { - match-clients { any; }; - zone "example" { - type master; - file "example.db.in"; - }; -}; diff --git a/bin/tests/system/geoip/ns2/named3.conf.in b/bin/tests/system/geoip/ns2/named3.conf.in deleted file mode 100644 index bc45fde7e9..0000000000 --- a/bin/tests/system/geoip/ns2/named3.conf.in +++ /dev/null @@ -1,98 +0,0 @@ -/* - * Copyright (C) Internet Systems Consortium, Inc. ("ISC") - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. - * - * See the COPYRIGHT file distributed with this work for additional - * information regarding copyright ownership. - */ - -// NS2 - -options { - query-source address 10.53.0.2; - notify-source 10.53.0.2; - transfer-source 10.53.0.2; - port @PORT@; - pid-file "named.pid"; - listen-on { 10.53.0.2; }; - listen-on-v6 { none; }; - recursion no; - dnssec-validation no; - geoip-directory "../data"; -}; - -key rndc_key { - secret "1234abcd8765"; - algorithm hmac-sha256; -}; - -controls { - inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; -}; - -view one { - match-clients { geoip db country country Australia; }; - zone "example" { - type master; - file "example1.db"; - }; -}; - -view two { - match-clients { geoip db country country "United States"; }; - zone "example" { - type master; - file "example2.db"; - }; -}; - -view three { - match-clients { geoip db country country "United Kingdom"; }; - zone "example" { - type master; - file "example3.db"; - }; -}; - -view four { - match-clients { geoip db country country Canada; }; - zone "example" { - type master; - file "example4.db"; - }; -}; - -view five { - match-clients { geoip db country country Chile; }; - zone "example" { - type master; - file "example5.db"; - }; -}; - -view six { - match-clients { geoip db country country Germany; }; - zone "example" { - type master; - file "example6.db"; - }; -}; - -view seven { - match-clients { geoip db country country "Western Sahara"; }; - zone "example" { - type master; - file "example7.db"; - }; -}; - -view none { - match-clients { any; }; - zone "example" { - type master; - file "example.db.in"; - }; -}; diff --git a/bin/tests/system/geoip/ns2/named4.conf.in b/bin/tests/system/geoip/ns2/named4.conf.in deleted file mode 100644 index 4b9881e237..0000000000 --- a/bin/tests/system/geoip/ns2/named4.conf.in +++ /dev/null @@ -1,90 +0,0 @@ -/* - * Copyright (C) Internet Systems Consortium, Inc. ("ISC") - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. - * - * See the COPYRIGHT file distributed with this work for additional - * information regarding copyright ownership. - */ - -// NS2 - -options { - query-source address 10.53.0.2; - notify-source 10.53.0.2; - transfer-source 10.53.0.2; - port @PORT@; - pid-file "named.pid"; - listen-on { 10.53.0.2; }; - listen-on-v6 { none; }; - recursion no; - dnssec-validation no; - geoip-directory "../data"; -}; - -key rndc_key { - secret "1234abcd8765"; - algorithm hmac-sha256; -}; - -controls { - inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; -}; - -view one { - match-clients { geoip region CA; }; - zone "example" { - type master; - file "example1.db"; - }; -}; - -view three { - match-clients { geoip region OK; }; - zone "example" { - type master; - file "example3.db"; - }; -}; - -view four { - match-clients { geoip region VA; }; - zone "example" { - type master; - file "example4.db"; - }; -}; - -view five { - match-clients { geoip region GA; }; - zone "example" { - type master; - file "example5.db"; - }; -}; - -view six { - match-clients { geoip region CO; }; - zone "example" { - type master; - file "example6.db"; - }; -}; - -view seven { - match-clients { geoip region AK; }; - zone "example" { - type master; - file "example7.db"; - }; -}; - -view none { - match-clients { any; }; - zone "example" { - type master; - file "example.db.in"; - }; -}; diff --git a/bin/tests/system/geoip/ns2/named5.conf.in b/bin/tests/system/geoip/ns2/named5.conf.in deleted file mode 100644 index a9091c5968..0000000000 --- a/bin/tests/system/geoip/ns2/named5.conf.in +++ /dev/null @@ -1,98 +0,0 @@ -/* - * Copyright (C) Internet Systems Consortium, Inc. ("ISC") - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. - * - * See the COPYRIGHT file distributed with this work for additional - * information regarding copyright ownership. - */ - -// NS2 - -options { - query-source address 10.53.0.2; - notify-source 10.53.0.2; - transfer-source 10.53.0.2; - port @PORT@; - pid-file "named.pid"; - listen-on { 10.53.0.2; }; - listen-on-v6 { none; }; - recursion no; - dnssec-validation no; - geoip-directory "../data"; -}; - -key rndc_key { - secret "1234abcd8765"; - algorithm hmac-sha256; -}; - -controls { - inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; -}; - -view one { - match-clients { geoip db region region "California"; }; - zone "example" { - type master; - file "example1.db"; - }; -}; - -view two { - match-clients { geoip db region region "British Columbia"; }; - zone "example" { - type master; - file "example2.db"; - }; -}; - -view three { - match-clients { geoip db region region "Oklahoma"; }; - zone "example" { - type master; - file "example3.db"; - }; -}; - -view four { - match-clients { geoip db region country AU; }; - zone "example" { - type master; - file "example4.db"; - }; -}; - -view five { - match-clients { geoip db region region "Colorado"; }; - zone "example" { - type master; - file "example5.db"; - }; -}; - -view six { - match-clients { geoip db region region "Ontario"; }; - zone "example" { - type master; - file "example6.db"; - }; -}; - -view seven { - match-clients { geoip db region country NL; }; - zone "example" { - type master; - file "example7.db"; - }; -}; - -view none { - match-clients { any; }; - zone "example" { - type master; - file "example.db.in"; - }; -}; diff --git a/bin/tests/system/geoip/ns2/named6.conf.in b/bin/tests/system/geoip/ns2/named6.conf.in deleted file mode 100644 index 035e088b6d..0000000000 --- a/bin/tests/system/geoip/ns2/named6.conf.in +++ /dev/null @@ -1,98 +0,0 @@ -/* - * Copyright (C) Internet Systems Consortium, Inc. ("ISC") - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. - * - * See the COPYRIGHT file distributed with this work for additional - * information regarding copyright ownership. - */ - -// NS2 - -options { - query-source address 10.53.0.2; - notify-source 10.53.0.2; - transfer-source 10.53.0.2; - port @PORT@; - pid-file "named.pid"; - listen-on { 10.53.0.2; }; - listen-on-v6 { fd92:7065:b8e:ffff::1; }; - recursion no; - dnssec-validation no; - geoip-directory "../data"; -}; - -key rndc_key { - secret "1234abcd8765"; - algorithm hmac-sha256; -}; - -controls { - inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; -}; - -view one { - match-clients { geoip city "Redwood City"; }; - zone "example" { - type master; - file "example1.db"; - }; -}; - -view two { - match-clients { geoip city "Santa Cruz"; }; - zone "example" { - type master; - file "example2.db"; - }; -}; - -view three { - match-clients { geoip city "Oklahoma City"; }; - zone "example" { - type master; - file "example3.db"; - }; -}; - -view four { - match-clients { geoip city "Ashland"; }; - zone "example" { - type master; - file "example4.db"; - }; -}; - -view five { - match-clients { geoip city "Atlanta"; }; - zone "example" { - type master; - file "example5.db"; - }; -}; - -view six { - match-clients { geoip city "Morrison"; }; - zone "example" { - type master; - file "example6.db"; - }; -}; - -view seven { - match-clients { geoip city "Ketchikan"; }; - zone "example" { - type master; - file "example7.db"; - }; -}; - -view none { - match-clients { any; }; - zone "example" { - type master; - file "example.db.in"; - }; -}; diff --git a/bin/tests/system/geoip/ns2/named7.conf.in b/bin/tests/system/geoip/ns2/named7.conf.in deleted file mode 100644 index 511e0277b3..0000000000 --- a/bin/tests/system/geoip/ns2/named7.conf.in +++ /dev/null @@ -1,98 +0,0 @@ -/* - * Copyright (C) Internet Systems Consortium, Inc. ("ISC") - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. - * - * See the COPYRIGHT file distributed with this work for additional - * information regarding copyright ownership. - */ - -// NS2 - -options { - query-source address 10.53.0.2; - notify-source 10.53.0.2; - transfer-source 10.53.0.2; - port @PORT@; - pid-file "named.pid"; - listen-on { 10.53.0.2; }; - listen-on-v6 { none; }; - recursion no; - dnssec-validation no; - geoip-directory "../data"; -}; - -key rndc_key { - secret "1234abcd8765"; - algorithm hmac-sha256; -}; - -controls { - inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; -}; - -view one { - match-clients { geoip isp "One Systems, Inc."; }; - zone "example" { - type master; - file "example1.db"; - }; -}; - -view two { - match-clients { geoip isp "Two Technology Ltd."; }; - zone "example" { - type master; - file "example2.db"; - }; -}; - -view three { - match-clients { geoip isp "Three Network Labs"; }; - zone "example" { - type master; - file "example3.db"; - }; -}; - -view four { - match-clients { geoip isp "Four University"; }; - zone "example" { - type master; - file "example4.db"; - }; -}; - -view five { - match-clients { geoip isp "Five Telecom"; }; - zone "example" { - type master; - file "example5.db"; - }; -}; - -view six { - match-clients { geoip isp "Six Company"; }; - zone "example" { - type master; - file "example6.db"; - }; -}; - -view seven { - match-clients { geoip isp "Seven Communications"; }; - zone "example" { - type master; - file "example7.db"; - }; -}; - -view none { - match-clients { any; }; - zone "example" { - type master; - file "example.db.in"; - }; -}; diff --git a/bin/tests/system/geoip/ns2/named8.conf.in b/bin/tests/system/geoip/ns2/named8.conf.in deleted file mode 100644 index 7297c0f20e..0000000000 --- a/bin/tests/system/geoip/ns2/named8.conf.in +++ /dev/null @@ -1,98 +0,0 @@ -/* - * Copyright (C) Internet Systems Consortium, Inc. ("ISC") - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. - * - * See the COPYRIGHT file distributed with this work for additional - * information regarding copyright ownership. - */ - -// NS2 - -options { - query-source address 10.53.0.2; - notify-source 10.53.0.2; - transfer-source 10.53.0.2; - port @PORT@; - pid-file "named.pid"; - listen-on { 10.53.0.2; }; - listen-on-v6 { none; }; - recursion no; - dnssec-validation no; - geoip-directory "../data"; -}; - -key rndc_key { - secret "1234abcd8765"; - algorithm hmac-sha256; -}; - -controls { - inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; -}; - -view one { - match-clients { geoip org "One Systems, Inc."; }; - zone "example" { - type master; - file "example1.db"; - }; -}; - -view two { - match-clients { geoip org "Two Technology Ltd."; }; - zone "example" { - type master; - file "example2.db"; - }; -}; - -view three { - match-clients { geoip org "Three Network Labs"; }; - zone "example" { - type master; - file "example3.db"; - }; -}; - -view four { - match-clients { geoip org "Four University"; }; - zone "example" { - type master; - file "example4.db"; - }; -}; - -view five { - match-clients { geoip org "Five Telecom"; }; - zone "example" { - type master; - file "example5.db"; - }; -}; - -view six { - match-clients { geoip org "Six Company"; }; - zone "example" { - type master; - file "example6.db"; - }; -}; - -view seven { - match-clients { geoip org "Seven Communications"; }; - zone "example" { - type master; - file "example7.db"; - }; -}; - -view none { - match-clients { any; }; - zone "example" { - type master; - file "example.db.in"; - }; -}; diff --git a/bin/tests/system/geoip/ns2/named9.conf.in b/bin/tests/system/geoip/ns2/named9.conf.in deleted file mode 100644 index 93b40ff533..0000000000 --- a/bin/tests/system/geoip/ns2/named9.conf.in +++ /dev/null @@ -1,98 +0,0 @@ -/* - * Copyright (C) Internet Systems Consortium, Inc. ("ISC") - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. - * - * See the COPYRIGHT file distributed with this work for additional - * information regarding copyright ownership. - */ - -// NS2 - -options { - query-source address 10.53.0.2; - notify-source 10.53.0.2; - transfer-source 10.53.0.2; - port @PORT@; - pid-file "named.pid"; - listen-on { 10.53.0.2; }; - listen-on-v6 { none; }; - recursion no; - dnssec-validation no; - geoip-directory "../data"; -}; - -key rndc_key { - secret "1234abcd8765"; - algorithm hmac-sha256; -}; - -controls { - inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; -}; - -view one { - match-clients { geoip asnum "AS100001 One Systems, Inc."; }; - zone "example" { - type master; - file "example1.db"; - }; -}; - -view two { - match-clients { geoip asnum "AS100002 Two Technology Ltd."; }; - zone "example" { - type master; - file "example2.db"; - }; -}; - -view three { - match-clients { geoip asnum "AS100003 Three Network Labs"; }; - zone "example" { - type master; - file "example3.db"; - }; -}; - -view four { - match-clients { geoip asnum "AS100004 Four University"; }; - zone "example" { - type master; - file "example4.db"; - }; -}; - -view five { - match-clients { geoip asnum "AS100005 Five Telecom"; }; - zone "example" { - type master; - file "example5.db"; - }; -}; - -view six { - match-clients { geoip asnum "AS100006 Six Company"; }; - zone "example" { - type master; - file "example6.db"; - }; -}; - -view seven { - match-clients { geoip asnum "AS100007 Seven Communications"; }; - zone "example" { - type master; - file "example7.db"; - }; -}; - -view none { - match-clients { any; }; - zone "example" { - type master; - file "example.db.in"; - }; -}; diff --git a/bin/tests/system/geoip/options.conf b/bin/tests/system/geoip/options.conf deleted file mode 100644 index 95df0af164..0000000000 --- a/bin/tests/system/geoip/options.conf +++ /dev/null @@ -1,37 +0,0 @@ -/* - * Copyright (C) Internet Systems Consortium, Inc. ("ISC") - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. - * - * See the COPYRIGHT file distributed with this work for additional - * information regarding copyright ownership. - */ - -// NS2 - -controls { /* empty */ }; - -options { - query-source address 10.53.0.2; - notify-source 10.53.0.2; - transfer-source 10.53.0.2; - port 5300; - pid-file "named.pid"; - listen-on { 10.53.0.2; }; - listen-on-v6 { none; }; - recursion no; - geoip-directory "data"; - allow-query { - geoip area 831; - geoip areacode 831; - geoip metro 828; - geoip metrocode 828; - geoip tz PST; - geoip timezone PST; - geoip postal 95060; - geoip postalcode 95060; - }; -}; - diff --git a/bin/tests/system/geoip/prereq.sh b/bin/tests/system/geoip/prereq.sh deleted file mode 100644 index 9bd44297b2..0000000000 --- a/bin/tests/system/geoip/prereq.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/sh -# -# Copyright (C) Internet Systems Consortium, Inc. ("ISC") -# -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. -# -# See the COPYRIGHT file distributed with this work for additional -# information regarding copyright ownership. - -SYSTEMTESTTOP=.. -. $SYSTEMTESTTOP/conf.sh - -$FEATURETEST --have-geoip || { - echo_i "This test requires GeoIP support." >&2 - exit 255 -} -exit 0 diff --git a/bin/tests/system/geoip/setup.sh b/bin/tests/system/geoip/setup.sh deleted file mode 100644 index c85dd90519..0000000000 --- a/bin/tests/system/geoip/setup.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/sh -# -# Copyright (C) Internet Systems Consortium, Inc. ("ISC") -# -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. -# -# See the COPYRIGHT file distributed with this work for additional -# information regarding copyright ownership. - -SYSTEMTESTTOP=.. -. $SYSTEMTESTTOP/conf.sh - -$SHELL clean.sh - -copy_setports ns2/named1.conf.in ns2/named.conf - -for i in 1 2 3 4 5 6 7 other bogus; do - cp ns2/example.db.in ns2/example${i}.db - echo "@ IN TXT \"$i\"" >> ns2/example$i.db -done - -mkdir -p data2 -cp data/GeoIPv6.dat data2/ diff --git a/bin/tests/system/geoip/tests.sh b/bin/tests/system/geoip/tests.sh deleted file mode 100644 index a0c6d0640c..0000000000 --- a/bin/tests/system/geoip/tests.sh +++ /dev/null @@ -1,324 +0,0 @@ -#!/bin/sh -# -# Copyright (C) Internet Systems Consortium, Inc. ("ISC") -# -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. -# -# See the COPYRIGHT file distributed with this work for additional -# information regarding copyright ownership. - -SYSTEMTESTTOP=.. -. $SYSTEMTESTTOP/conf.sh - -status=0 -n=0 - -rm -f dig.out.* - -DIGOPTS="+tcp +short -p ${PORT} @10.53.0.2" -DIGOPTS6="+tcp +short -p ${PORT} @fd92:7065:b8e:ffff::2" -RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" - -n=`expr $n + 1` -echo_i "checking GeoIP country database by code ($n)" -ret=0 -lret=0 -for i in 1 2 3 4 5 6 7; do - $DIG $DIGOPTS txt example -b 10.53.0.$i > dig.out.ns2.test$n.$i || lret=1 - j=`cat dig.out.ns2.test$n.$i | tr -d '"'` - [ "$i" = "$j" ] || lret=1 - [ $lret -eq 1 ] && break -done -[ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo_i "failed" -status=`expr $status + $ret` - -echo_i "reloading server" -copy_setports ns2/named2.conf.in ns2/named.conf -rndc_reload ns2 10.53.0.2 -sleep 3 - -n=`expr $n + 1` -echo_i "checking GeoIP country database by three-letter code ($n)" -ret=0 -lret=0 -for i in 1 2 3 4 5 6 7; do - $DIG $DIGOPTS txt example -b 10.53.0.$i > dig.out.ns2.test$n.$i || lret=1 - j=`cat dig.out.ns2.test$n.$i | tr -d '"'` - [ "$i" = "$j" ] || lret=1 - [ $lret -eq 1 ] && break -done -[ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo_i "failed" -status=`expr $status + $ret` - -echo_i "reloading server" -copy_setports ns2/named3.conf.in ns2/named.conf -rndc_reload ns2 10.53.0.2 -sleep 3 - -n=`expr $n + 1` -echo_i "checking GeoIP country database by name ($n)" -ret=0 -lret=0 -for i in 1 2 3 4 5 6 7; do - $DIG $DIGOPTS txt example -b 10.53.0.$i > dig.out.ns2.test$n.$i || lret=1 - j=`cat dig.out.ns2.test$n.$i | tr -d '"'` - [ "$i" = "$j" ] || lret=1 - [ $lret -eq 1 ] && break -done -[ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo_i "failed" -status=`expr $status + $ret` - -echo_i "reloading server" -copy_setports ns2/named4.conf.in ns2/named.conf -rndc_reload ns2 10.53.0.2 -sleep 3 - -n=`expr $n + 1` -echo_i "checking GeoIP region code, no specified database ($n)" -ret=0 -lret=0 -# skipping 2 on purpose here; it has the same region code as 1 -for i in 1 3 4 5 6 7; do - $DIG $DIGOPTS txt example -b 10.53.0.$i > dig.out.ns2.test$n.$i || lret=1 - j=`cat dig.out.ns2.test$n.$i | tr -d '"'` - [ "$i" = "$j" ] || lret=1 - [ $lret -eq 1 ] && break -done -[ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo_i "failed" -status=`expr $status + $ret` - -echo_i "reloading server" -copy_setports ns2/named5.conf.in ns2/named.conf -rndc_reload ns2 10.53.0.2 -sleep 3 - -n=`expr $n + 1` -echo_i "checking GeoIP region database by region name and country code ($n)" -ret=0 -lret=0 -for i in 1 2 3 4 5 6 7; do - $DIG $DIGOPTS txt example -b 10.53.0.$i > dig.out.ns2.test$n.$i || lret=1 - j=`cat dig.out.ns2.test$n.$i | tr -d '"'` - [ "$i" = "$j" ] || lret=1 - [ $lret -eq 1 ] && break -done -[ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo_i "failed" -status=`expr $status + $ret` - -n=`expr $n + 1` -echo_i "reloading server" -copy_setports ns2/named6.conf.in ns2/named.conf -rndc_reload ns2 10.53.0.2 -sleep 3 - -if $TESTSOCK6 fd92:7065:b8e:ffff::3 -then - n=`expr $n + 1` - echo_i "checking GeoIP city database by city name using IPv6 ($n)" - ret=0 - $DIG +tcp +short -p ${PORT} @fd92:7065:b8e:ffff::1 -6 txt example -b fd92:7065:b8e:ffff::2 > dig.out.ns2.test$n || ret=1 - [ $ret -eq 0 ] || echo_i "failed" - status=`expr $status + $ret` -else - echo_i "IPv6 unavailable; skipping" -fi - -n=`expr $n + 1` -echo_i "checking GeoIP city database by city name ($n)" -ret=0 -lret=0 -for i in 1 2 3 4 5 6 7; do - $DIG $DIGOPTS txt example -b 10.53.0.$i > dig.out.ns2.test$n.$i || lret=1 - j=`cat dig.out.ns2.test$n.$i | tr -d '"'` - [ "$i" = "$j" ] || lret=1 - [ $lret -eq 1 ] && break -done -[ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo_i "failed" -status=`expr $status + $ret` - -echo_i "reloading server" -copy_setports ns2/named7.conf.in ns2/named.conf -rndc_reload ns2 10.53.0.2 -sleep 3 - -n=`expr $n + 1` -echo_i "checking GeoIP isp database ($n)" -ret=0 -lret=0 -for i in 1 2 3 4 5 6 7; do - $DIG $DIGOPTS txt example -b 10.53.0.$i > dig.out.ns2.test$n.$i || lret=1 - j=`cat dig.out.ns2.test$n.$i | tr -d '"'` - [ "$i" = "$j" ] || lret=1 - [ $lret -eq 1 ] && break -done -[ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo_i "failed" -status=`expr $status + $ret` - -echo_i "reloading server" -copy_setports ns2/named8.conf.in ns2/named.conf -rndc_reload ns2 10.53.0.2 -sleep 3 - -n=`expr $n + 1` -echo_i "checking GeoIP org database ($n)" -ret=0 -lret=0 -for i in 1 2 3 4 5 6 7; do - $DIG $DIGOPTS txt example -b 10.53.0.$i > dig.out.ns2.test$n.$i || lret=1 - j=`cat dig.out.ns2.test$n.$i | tr -d '"'` - [ "$i" = "$j" ] || lret=1 - [ $lret -eq 1 ] && break -done -[ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo_i "failed" -status=`expr $status + $ret` - -echo_i "reloading server" -copy_setports ns2/named9.conf.in ns2/named.conf -rndc_reload ns2 10.53.0.2 -sleep 3 - -n=`expr $n + 1` -echo_i "checking GeoIP asnum database ($n)" -ret=0 -lret=0 -for i in 1 2 3 4 5 6 7; do - $DIG $DIGOPTS txt example -b 10.53.0.$i > dig.out.ns2.test$n.$i || lret=1 - j=`cat dig.out.ns2.test$n.$i | tr -d '"'` - [ "$i" = "$j" ] || lret=1 - [ $lret -eq 1 ] && break -done -[ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo_i "failed" -status=`expr $status + $ret` - -echo_i "reloading server" -copy_setports ns2/named10.conf.in ns2/named.conf -rndc_reload ns2 10.53.0.2 -sleep 3 - -n=`expr $n + 1` -echo_i "checking GeoIP asnum database - ASNNNN only ($n)" -ret=0 -lret=0 -for i in 1 2 3 4 5 6 7; do - $DIG $DIGOPTS txt example -b 10.53.0.$i > dig.out.ns2.test$n.$i || lret=1 - j=`cat dig.out.ns2.test$n.$i | tr -d '"'` - [ "$i" = "$j" ] || lret=1 - [ $lret -eq 1 ] && break -done -[ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo_i "failed" -status=`expr $status + $ret` - -echo_i "reloading server" -copy_setports ns2/named11.conf.in ns2/named.conf -rndc_reload ns2 10.53.0.2 -sleep 3 - -n=`expr $n + 1` -echo_i "checking GeoIP domain database ($n)" -ret=0 -lret=0 -for i in 1 2 3 4 5 6 7; do - $DIG $DIGOPTS txt example -b 10.53.0.$i > dig.out.ns2.test$n.$i || lret=1 - j=`cat dig.out.ns2.test$n.$i | tr -d '"'` - [ "$i" = "$j" ] || lret=1 - [ $lret -eq 1 ] && break -done -[ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo_i "failed" -status=`expr $status + $ret` - -echo_i "reloading server" -copy_setports ns2/named12.conf.in ns2/named.conf -rndc_reload ns2 10.53.0.2 -sleep 3 - -n=`expr $n + 1` -echo_i "checking GeoIP netspeed database ($n)" -ret=0 -lret=0 -for i in 1 2 3 4; do - $DIG $DIGOPTS txt example -b 10.53.0.$i > dig.out.ns2.test$n.$i || lret=1 - j=`cat dig.out.ns2.test$n.$i | tr -d '"'` - [ "$i" = "$j" ] || lret=1 - [ $lret -eq 1 ] && break -done -[ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo_i "failed" -status=`expr $status + $ret` - -echo_i "reloading server" -copy_setports ns2/named13.conf.in ns2/named.conf -rndc_reload ns2 10.53.0.2 -sleep 3 - -n=`expr $n + 1` -echo_i "checking GeoIP blackhole ACL ($n)" -ret=0 -$DIG $DIGOPTS txt example -b 10.53.0.$i > dig.out.ns2.test$n || ret=1 -$RNDCCMD 10.53.0.2 status 2>&1 > rndc.out.ns2.test$n || ret=1 -[ $ret -eq 0 ] || echo_i "failed" -status=`expr $status + $ret` - -echo_i "reloading server" -copy_setports ns2/named14.conf.in ns2/named.conf -rndc_reload ns2 10.53.0.2 -sleep 3 - -n=`expr $n + 1` -echo_i "checking GeoIP country database by code (using nested ACLs) ($n)" -ret=0 -lret=0 -for i in 1 2 3 4 5 6 7; do - $DIG $DIGOPTS txt example -b 10.53.0.$i > dig.out.ns2.test$n.$i || lret=1 - j=`cat dig.out.ns2.test$n.$i | tr -d '"'` - [ "$i" = "$j" ] || lret=1 - [ $lret -eq 1 ] && break -done -[ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo_i "failed" -status=`expr $status + $ret` - -n=`expr $n + 1` -echo_i "reloading server with different geoip-directory ($n)" -copy_setports ns2/named15.conf.in ns2/named.conf -rndc_reload ns2 10.53.0.2 -sleep 3 -awk '/using "..\/data2" as GeoIP directory/ {m=1} ; { if (m>0) { print } }' ns2/named.run | grep "GeoIP City .* DB not available" > /dev/null || ret=1 -[ $ret -eq 0 ] || echo_i "failed" -status=`expr $status + $ret` - -n=`expr $n + 1` -echo_i "checking GeoIP v4/v6 when only IPv6 database is available ($n)" -ret=0 -$DIG $DIGOPTS -4 txt example -b 10.53.0.2 > dig.out.ns2.test$n.1 || ret=1 -j=`cat dig.out.ns2.test$n.1 | tr -d '"'` -[ "$j" = "bogus" ] || ret=1 -if $TESTSOCK6 fd92:7065:b8e:ffff::2; then - $DIG $DIGOPTS6 txt example -b fd92:7065:b8e:ffff::2 > dig.out.ns2.test$n.2 || ret=1 - j=`cat dig.out.ns2.test$n.2 | tr -d '"'` - [ "$j" = "2" ] || ret=1 -fi -[ $ret -eq 0 ] || echo_i "failed" -status=`expr $status + $ret` - -n=`expr $n + 1` -echo_i "checking other GeoIP options are parsed correctly ($n)" -ret=0 -$CHECKCONF options.conf || ret=1 -[ $ret -eq 0 ] || echo_i "failed" -status=`expr $status + $ret` - -echo_i "exit status: $status" -[ $status -eq 0 ] || exit 1 diff --git a/config.h.in b/config.h.in index 9dd11bc328..de8d128b5b 100644 --- a/config.h.in +++ b/config.h.in @@ -168,18 +168,9 @@ /* Define to 1 if fseeko (and presumably ftello) exists and is declared. */ #undef HAVE_FSEEKO -/* Build with GeoIP support */ -#undef HAVE_GEOIP - /* Build with GeoIP2 support */ #undef HAVE_GEOIP2 -/* Build with GeoIP City IPv6 support */ -#undef HAVE_GEOIP_CITY_V6 - -/* Build with GeoIP Country IPv6 support */ -#undef HAVE_GEOIP_V6 - /* Define to 1 if you have the `getc_unlocked' function. */ #undef HAVE_GETC_UNLOCKED diff --git a/config.h.win32 b/config.h.win32 index b95d77f9a0..0fe66c5f19 100644 --- a/config.h.win32 +++ b/config.h.win32 @@ -313,15 +313,12 @@ typedef __int64 off_t; /* Build with GeoIP support */ @HAVE_GEOIP@ +/* Build with GeoIP2 support */ +@HAVE_GEOIP2@ + /* define if idnkit support is to be included. */ @WITH_IDN@ -/* Build with GeoIP City IPv6 support */ -@HAVE_GEOIP_CITY_V6@ - -/* Build with GeoIP Country IPv6 support */ -@HAVE_GEOIP_V6@ - /* Define if zlib was found */ @HAVE_ZLIB@ diff --git a/configure b/configure index 34ae3b34de..c42dce3a31 100755 --- a/configure +++ b/configure @@ -752,8 +752,6 @@ PTHREAD_CFLAGS PTHREAD_LIBS PTHREAD_CC ax_pthread_config -GEOIPLINKOBJS -GEOIPLINKSRCS GEOIP2LINKOBJS GEOIP2LINKSRCS MAXMINDDB_PREFIX @@ -852,6 +850,7 @@ infodir docdir oldincludedir includedir +runstatedir localstatedir sharedstatedir sysconfdir @@ -904,7 +903,6 @@ with_python_install_dir enable_kqueue enable_epoll enable_devpoll -with_geoip with_geoip2 with_locktype with_libtool @@ -1019,6 +1017,7 @@ datadir='${datarootdir}' sysconfdir='${prefix}/etc' sharedstatedir='${prefix}/com' localstatedir='${prefix}/var' +runstatedir='${localstatedir}/run' includedir='${prefix}/include' oldincludedir='/usr/include' docdir='${datarootdir}/doc/${PACKAGE_TARNAME}' @@ -1271,6 +1270,15 @@ do | -silent | --silent | --silen | --sile | --sil) silent=yes ;; + -runstatedir | --runstatedir | --runstatedi | --runstated \ + | --runstate | --runstat | --runsta | --runst | --runs \ + | --run | --ru | --r) + ac_prev=runstatedir ;; + -runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \ + | --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \ + | --run=* | --ru=* | --r=*) + runstatedir=$ac_optarg ;; + -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) ac_prev=sbindir ;; -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ @@ -1408,7 +1416,7 @@ fi for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \ datadir sysconfdir sharedstatedir localstatedir includedir \ oldincludedir docdir infodir htmldir dvidir pdfdir psdir \ - libdir localedir mandir + libdir localedir mandir runstatedir do eval ac_val=\$$ac_var # Remove trailing slashes. @@ -1561,6 +1569,7 @@ Fine tuning of the installation directories: --sysconfdir=DIR read-only single-machine data [PREFIX/etc] --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] --localstatedir=DIR modifiable single-machine data [PREFIX/var] + --runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run] --libdir=DIR object code libraries [EPREFIX/lib] --includedir=DIR C header files [PREFIX/include] --oldincludedir=DIR C header files for non-gcc [/usr/include] @@ -1651,9 +1660,8 @@ Optional Packages: --with-python=PATH specify path to Python interpreter --with-python-install-dir=PATH installation directory for Python modules - --with-geoip=PATH Build with legacy GeoIP support (yes|no|path) --with-geoip2=PATH Build with MaxMind GeoIP2 support (auto|yes|no|path) - [default=$geoip2_default] + [default=auto] --with-locktype=ARG Specify mutex lock type (adaptive or standard) --with-libtool use GNU libtool --with-openssl=DIR root of the OpenSSL directory @@ -3997,7 +4005,7 @@ else We can't simply define LARGE_OFF_T to be 9223372036854775807, since some C++ compilers masquerading as C compilers incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) +#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31)) int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 && LARGE_OFF_T % 2147483647 == 1) ? 1 : -1]; @@ -4043,7 +4051,7 @@ else We can't simply define LARGE_OFF_T to be 9223372036854775807, since some C++ compilers masquerading as C compilers incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) +#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31)) int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 && LARGE_OFF_T % 2147483647 == 1) ? 1 : -1]; @@ -4067,7 +4075,7 @@ rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext We can't simply define LARGE_OFF_T to be 9223372036854775807, since some C++ compilers masquerading as C compilers incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) +#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31)) int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 && LARGE_OFF_T % 2147483647 == 1) ? 1 : -1]; @@ -4112,7 +4120,7 @@ else We can't simply define LARGE_OFF_T to be 9223372036854775807, since some C++ compilers masquerading as C compilers incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) +#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31)) int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 && LARGE_OFF_T % 2147483647 == 1) ? 1 : -1]; @@ -4136,7 +4144,7 @@ rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext We can't simply define LARGE_OFF_T to be 9223372036854775807, since some C++ compilers masquerading as C compilers incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) +#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31)) int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 && LARGE_OFF_T % 2147483647 == 1) ? 1 : -1]; @@ -14436,37 +14444,16 @@ $as_echo "#define AC_APPLE_UNIVERSAL_BUILD 1" >>confdefs.h # # GeoIP support? # -geoip2_default="auto" - -# Check whether --with-geoip was given. -if test "${with_geoip+set}" = set; then : - withval=$with_geoip; - use_geoip="$withval" - geoip2_default="no" - -else - use_geoip="no" -fi - # Check whether --with-geoip2 was given. if test "${with_geoip2+set}" = set; then : withval=$with_geoip2; else - with_geoip2="$geoip2_default" + with_geoip2="auto" fi # --with-geoip2 should be turned on by default if the library exists. -# -# --with-geoip is not on by default, but can be turned on if the library -# exists. if it is turned on, --with-geoip2 is suppressed. -# -# specifying both --with-geoip and --with-geoip2 is an error. -if test "no" != "$with_geoip2" && test "no" != "$use_geoip"; then : - as_fn_error $? "--with-geoip and --with-geoip2 are incompatible" "$LINENO" 5 -fi - GEOIP2LINKSRCS= GEOIP2LINKOBJS= case $with_geoip2 in #( @@ -14843,250 +14830,6 @@ esac -GEOIPLINKSRCS= -GEOIPLINKOBJS= -if test "yes" = "$use_geoip" -then - for d in /usr /usr/local /opt/local - do - if test -f $d/include/GeoIP.h - then - use_geoip=$d - break - fi - done -fi - -case "$use_geoip" in - no|'') - ;; - *) - if test -d "$use_geoip" -o -L "$use_geoip" - then - CFLAGS="$CFLAGS -I$use_geoip/include" - CPPFLAGS="$CPPFLAGS -I$use_geoip/include" - LIBS="$LIBS -L$use_geoip/lib" - case "$host_os" in - netbsd*|openbsd*|solaris*) - LIBS="$LIBS -Wl,-rpath=$use_geoip/lib" - ;; - esac - elif test "yes" = "$use_geoip" - then - as_fn_error $? "GeoIP path not found" "$LINENO" 5 - else - as_fn_error $? "GeoIP path $use_geoip does not exist" "$LINENO" 5 - fi - ac_fn_c_check_header_mongrel "$LINENO" "GeoIP.h" "ac_cv_header_GeoIP_h" "$ac_includes_default" -if test "x$ac_cv_header_GeoIP_h" = xyes; then : - -else - as_fn_error $? "GeoIP header file not found" "$LINENO" 5 - -fi - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing GeoIP_id_by_addr_gl" >&5 -$as_echo_n "checking for library containing GeoIP_id_by_addr_gl... " >&6; } -if ${ac_cv_search_GeoIP_id_by_addr_gl+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_func_search_save_LIBS=$LIBS -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char GeoIP_id_by_addr_gl (); -int -main () -{ -return GeoIP_id_by_addr_gl (); - ; - return 0; -} -_ACEOF -for ac_lib in '' GeoIP; do - if test -z "$ac_lib"; then - ac_res="none required" - else - ac_res=-l$ac_lib - LIBS="-l$ac_lib $ac_func_search_save_LIBS" - fi - if ac_fn_c_try_link "$LINENO"; then : - ac_cv_search_GeoIP_id_by_addr_gl=$ac_res -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext - if ${ac_cv_search_GeoIP_id_by_addr_gl+:} false; then : - break -fi -done -if ${ac_cv_search_GeoIP_id_by_addr_gl+:} false; then : - -else - ac_cv_search_GeoIP_id_by_addr_gl=no -fi -rm conftest.$ac_ext -LIBS=$ac_func_search_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_GeoIP_id_by_addr_gl" >&5 -$as_echo "$ac_cv_search_GeoIP_id_by_addr_gl" >&6; } -ac_res=$ac_cv_search_GeoIP_id_by_addr_gl -if test "$ac_res" != no; then : - test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" - -else - as_fn_error $? "suitable GeoIP library not found" "$LINENO" 5 - -fi - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing fabsf" >&5 -$as_echo_n "checking for library containing fabsf... " >&6; } -if ${ac_cv_search_fabsf+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_func_search_save_LIBS=$LIBS -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char fabsf (); -int -main () -{ -return fabsf (); - ; - return 0; -} -_ACEOF -for ac_lib in '' m; do - if test -z "$ac_lib"; then - ac_res="none required" - else - ac_res=-l$ac_lib - LIBS="-l$ac_lib $ac_func_search_save_LIBS" - fi - if ac_fn_c_try_link "$LINENO"; then : - ac_cv_search_fabsf=$ac_res -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext - if ${ac_cv_search_fabsf+:} false; then : - break -fi -done -if ${ac_cv_search_fabsf+:} false; then : - -else - ac_cv_search_fabsf=no -fi -rm conftest.$ac_ext -LIBS=$ac_func_search_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_fabsf" >&5 -$as_echo "$ac_cv_search_fabsf" >&6; } -ac_res=$ac_cv_search_fabsf -if test "$ac_res" != no; then : - test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" - -else - as_fn_error $? "Math library not found" "$LINENO" 5 - -fi - - -$as_echo "#define HAVE_GEOIP 1" >>confdefs.h - - GEOIPLINKSRCS='${GEOIPLINKSRCS}' - GEOIPLINKOBJS='${GEOIPLINKOBJS}' - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for GeoIP support" >&5 -$as_echo_n "checking for GeoIP support... " >&6; } - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for GeoIP Country IPv6 support" >&5 -$as_echo_n "checking for GeoIP Country IPv6 support... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - - #include - #include - -int -main () -{ - - struct in6_addr in6; - GeoIP_country_name_by_ipnum_v6(NULL, in6); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -$as_echo "#define HAVE_GEOIP_V6 1" >>confdefs.h - - -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for GeoIP City IPv6 support" >&5 -$as_echo_n "checking for GeoIP City IPv6 support... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - - #include - #include - #include - -int -main () -{ - - struct in6_addr in6; - int i = GEOIP_CITY_EDITION_REV0_V6; - GeoIP_record_by_ipnum_v6(NULL, in6); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -$as_echo "#define HAVE_GEOIP_CITY_V6 1" >>confdefs.h - - -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - ;; -esac - - # # Do we have arc4random(), etc ? @@ -25731,7 +25474,6 @@ report() { test "no" = "$use_dnstap" || \ echo " Allow 'dnstap' packet logging (--enable-dnstap)" test -z "$MAXMINDDB_LIBS" || echo " GeoIP2 access control (--with-geoip2)" - test "no" = "$use_geoip" || echo " Legacy GeoIP access control (--with-geoip)" test "no" = "$use_gssapi" || echo " GSS-API (--with-gssapi)" if test "yes" = "$enable_full_report" -o "aes" != "$with_cc_alg"; then echo " Algorithm: $with_cc_alg" diff --git a/configure.ac b/configure.ac index c268b02a58..4cbda235e4 100644 --- a/configure.ac +++ b/configure.ac @@ -510,29 +510,12 @@ AC_C_BIGENDIAN # # GeoIP support? # -geoip2_default="auto" -AC_ARG_WITH(geoip, - AS_HELP_STRING([--with-geoip=PATH], - [Build with legacy GeoIP support (yes|no|path)]), - [ - use_geoip="$withval" - geoip2_default="no" - ], - [use_geoip="no"]) AC_ARG_WITH([geoip2], [AS_HELP_STRING([--with-geoip2=PATH], - [Build with MaxMind GeoIP2 support (auto|yes|no|path) [default=$geoip2_default]])], - [], with_geoip2="$geoip2_default") + [Build with MaxMind GeoIP2 support (auto|yes|no|path) [default=auto]])], + [], with_geoip2="auto") # --with-geoip2 should be turned on by default if the library exists. -# -# --with-geoip is not on by default, but can be turned on if the library -# exists. if it is turned on, --with-geoip2 is suppressed. -# -# specifying both --with-geoip and --with-geoip2 is an error. -AS_IF([test "no" != "$with_geoip2" && test "no" != "$use_geoip"], - [AC_MSG_ERROR([--with-geoip and --with-geoip2 are incompatible])]) - GEOIP2LINKSRCS= GEOIP2LINKOBJS= AS_CASE([$with_geoip2], @@ -571,92 +554,6 @@ AC_SUBST([MAXMINDDB_LIBS]) AC_SUBST([GEOIP2LINKSRCS]) AC_SUBST([GEOIP2LINKOBJS]) -GEOIPLINKSRCS= -GEOIPLINKOBJS= -if test "yes" = "$use_geoip" -then - for d in /usr /usr/local /opt/local - do - if test -f $d/include/GeoIP.h - then - use_geoip=$d - break - fi - done -fi - -case "$use_geoip" in - no|'') - ;; - *) - if test -d "$use_geoip" -o -L "$use_geoip" - then - CFLAGS="$CFLAGS -I$use_geoip/include" - CPPFLAGS="$CPPFLAGS -I$use_geoip/include" - LIBS="$LIBS -L$use_geoip/lib" - case "$host_os" in - netbsd*|openbsd*|solaris*) - LIBS="$LIBS -Wl,-rpath=$use_geoip/lib" - ;; - esac - elif test "yes" = "$use_geoip" - then - AC_MSG_ERROR([GeoIP path not found]) - else - AC_MSG_ERROR([GeoIP path $use_geoip does not exist]) - fi - AC_CHECK_HEADER(GeoIP.h, [], - [AC_MSG_ERROR([GeoIP header file not found])] - ) - AC_SEARCH_LIBS(GeoIP_id_by_addr_gl, GeoIP, [], - [AC_MSG_ERROR([suitable GeoIP library not found])] - ) - AC_SEARCH_LIBS(fabsf, m, [], - [AC_MSG_ERROR([Math library not found])] - ) - AC_DEFINE(HAVE_GEOIP, 1, Build with GeoIP support) - GEOIPLINKSRCS='${GEOIPLINKSRCS}' - GEOIPLINKOBJS='${GEOIPLINKOBJS}' - AC_MSG_CHECKING([for GeoIP support]) - AC_MSG_RESULT([yes]) - - AC_MSG_CHECKING([for GeoIP Country IPv6 support]) - AC_COMPILE_IFELSE( - [AC_LANG_PROGRAM([ - #include - #include - ], [ - struct in6_addr in6; - GeoIP_country_name_by_ipnum_v6(NULL, in6); - ])], - [ - AC_MSG_RESULT([yes]) - AC_DEFINE(HAVE_GEOIP_V6, 1, Build with GeoIP Country IPv6 support) - ], - [AC_MSG_RESULT([no])] - ) - - AC_MSG_CHECKING([for GeoIP City IPv6 support]) - AC_COMPILE_IFELSE( - [AC_LANG_PROGRAM([ - #include - #include - #include - ], [ - struct in6_addr in6; - int i = GEOIP_CITY_EDITION_REV0_V6; - GeoIP_record_by_ipnum_v6(NULL, in6); - ])], - [ - AC_MSG_RESULT([yes]) - AC_DEFINE(HAVE_GEOIP_CITY_V6, 1, Build with GeoIP City IPv6 support) - ], - [AC_MSG_RESULT([no])] - ) - ;; -esac -AC_SUBST(GEOIPLINKSRCS) -AC_SUBST(GEOIPLINKOBJS) # # Do we have arc4random(), etc ? @@ -3010,7 +2907,6 @@ report() { test "no" = "$use_dnstap" || \ echo " Allow 'dnstap' packet logging (--enable-dnstap)" test -z "$MAXMINDDB_LIBS" || echo " GeoIP2 access control (--with-geoip2)" - test "no" = "$use_geoip" || echo " Legacy GeoIP access control (--with-geoip)" test "no" = "$use_gssapi" || echo " GSS-API (--with-gssapi)" if test "yes" = "$enable_full_report" -o "aes" != "$with_cc_alg"; then echo " Algorithm: $with_cc_alg" diff --git a/lib/dns/Makefile.in b/lib/dns/Makefile.in index 9afdc10dc6..d99b54919a 100644 --- a/lib/dns/Makefile.in +++ b/lib/dns/Makefile.in @@ -54,7 +54,6 @@ DSTOBJS = @DST_EXTRA_OBJS@ \ pkcs11ecdsa_link.@O@ pkcs11eddsa_link.@O@ pkcs11.@O@ \ key.@O@ -GEOIPLINKOBJS = geoip.@O@ GEOIP2LINKOBJS = geoip2.@O@ DNSTAPOBJS = dnstap.@O@ dnstap.pb-c.@O@ @@ -82,7 +81,7 @@ DNSOBJS = acl.@O@ adb.@O@ badcache.@O@ byaddr.@O@ \ PORTDNSOBJS = client.@O@ ecdb.@O@ OBJS= @DNSTAPOBJS@ ${DNSOBJS} ${OTHEROBJS} ${DSTOBJS} \ - ${PORTDNSOBJS} @GEOIPLINKOBJS@ @GEOIP2LINKOBJS@ + ${PORTDNSOBJS} @GEOIP2LINKOBJS@ DSTSRCS = @DST_EXTRA_SRCS@ @PKCS11LINKSRCS@ \ dst_api.c dst_parse.c \ @@ -93,7 +92,6 @@ DSTSRCS = @DST_EXTRA_SRCS@ @PKCS11LINKSRCS@ \ pkcs11ecdsa_link.c pkcs11eddsa_link.c pkcs11.c \ key.c -GEOIPLINKSRCS = geoip.c GEOIPL2INKSRCS = geoip2.c DNSTAPSRCS = dnstap.c dnstap.pb-c.c @@ -118,7 +116,7 @@ DNSSRCS = acl.c adb.c badcache. byaddr.c \ PORTDNSSRCS = client.c ecdb.c SRCS = ${DSTSRCS} ${DNSSRCS} \ - ${PORTDNSSRCS} @DNSTAPSRCS@ @GEOIPLINKSRCS@ @GEOIP2LINKSRCS@ + ${PORTDNSSRCS} @DNSTAPSRCS@ @GEOIP2LINKSRCS@ SUBDIRS = include TARGETS = timestamp diff --git a/lib/dns/acl.c b/lib/dns/acl.c index 0004490a79..32ad193380 100644 --- a/lib/dns/acl.c +++ b/lib/dns/acl.c @@ -329,7 +329,7 @@ dns_acl_merge(dns_acl_t *dest, dns_acl_t *source, bool pos) return result; } -#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) +#if defined(HAVE_GEOIP2) /* Duplicate GeoIP data */ if (source->elements[i].type == dns_aclelementtype_geoip) { dest->elements[nelem + i].geoip_elem = @@ -407,7 +407,7 @@ dns_aclelement_match(const isc_netaddr_t *reqaddr, inner = env->localnets; break; -#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) +#if defined(HAVE_GEOIP2) case dns_aclelementtype_geoip: if (env == NULL || env->geoip == NULL) return (false); @@ -583,7 +583,7 @@ dns_acl_isinsecure(const dns_acl_t *a) { return (true); continue; -#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) +#if defined(HAVE_GEOIP2) case dns_aclelementtype_geoip: #endif case dns_aclelementtype_localnets: @@ -636,7 +636,7 @@ dns_aclenv_init(isc_mem_t *mctx, dns_aclenv_t *env) { if (result != ISC_R_SUCCESS) goto cleanup_localhost; env->match_mapped = false; -#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) +#if defined(HAVE_GEOIP2) env->geoip = NULL; #endif return (ISC_R_SUCCESS); @@ -654,7 +654,7 @@ dns_aclenv_copy(dns_aclenv_t *t, dns_aclenv_t *s) { dns_acl_detach(&t->localnets); dns_acl_attach(s->localnets, &t->localnets); t->match_mapped = s->match_mapped; -#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) +#if defined(HAVE_GEOIP2) t->geoip = s->geoip; #endif } diff --git a/lib/dns/geoip.c b/lib/dns/geoip.c deleted file mode 100644 index 96a1128f9e..0000000000 --- a/lib/dns/geoip.c +++ /dev/null @@ -1,827 +0,0 @@ -/* - * Copyright (C) Internet Systems Consortium, Inc. ("ISC") - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. - * - * See the COPYRIGHT file distributed with this work for additional - * information regarding copyright ownership. - */ - -/*! \file */ - -#include -#include - -#include - -#include -#include -#include - -#include -#include - -#include -#include -#ifndef WIN32 -#include -#else -#ifndef _WINSOCKAPI_ -#define _WINSOCKAPI_ /* Prevent inclusion of winsock.h in windows.h */ -#endif -#include -#endif /* WIN32 */ -#include - -#ifdef HAVE_GEOIP -#include -#include - -/* - * This structure preserves state from the previous GeoIP lookup, - * so that successive lookups for the same data from the same IP - * address will not require repeated calls into the GeoIP library - * to look up data in the database. This should improve performance - * somewhat. - * - * For lookups in the City and Region databases, we preserve pointers - * to the GeoIPRecord and GeoIPregion structures; these will need to be - * freed by GeoIPRecord_delete() and GeoIPRegion_delete(). - * - * for lookups in ISP, AS, Org and Domain we prserve a pointer to - * the returned name; these must be freed by free(). - * - * For lookups in Country we preserve a pointer to the text of - * the country code, name, etc (we use a different pointer for this - * than for the names returned by Org, ISP, etc, because those need - * to be freed but country lookups do not). - * - * For lookups in Netspeed we preserve the returned ID. - * - * XXX: Currently this mechanism is only used for IPv4 lookups; the - * family and addr6 fields are to be used IPv6 is added. - */ -typedef struct geoip_state { - uint16_t subtype; - unsigned int family; - uint32_t ipnum; - geoipv6_t ipnum6; - GeoIPRecord *record; - GeoIPRegion *region; - const char *text; - char *name; - int id; - isc_mem_t *mctx; -} geoip_state_t; - -static isc_mutex_t key_mutex; -static bool state_key_initialized = false; -static isc_thread_key_t state_key; -static isc_once_t mutex_once = ISC_ONCE_INIT; -static isc_mem_t *state_mctx = NULL; - -static void -key_mutex_init(void) { - isc_mutex_init(&key_mutex); -} - -static void -free_state(void *arg) { - geoip_state_t *state = arg; - if (state != NULL && state->record != NULL) - GeoIPRecord_delete(state->record); - if (state != NULL) - isc_mem_putanddetach(&state->mctx, - state, sizeof(geoip_state_t)); - isc_thread_key_setspecific(state_key, NULL); -} - -static isc_result_t -state_key_init(void) { - isc_result_t result; - - result = isc_once_do(&mutex_once, key_mutex_init); - if (result != ISC_R_SUCCESS) - return (result); - - if (!state_key_initialized) { - LOCK(&key_mutex); - if (!state_key_initialized) { - int ret; - - if (state_mctx == NULL) - result = isc_mem_create(0, 0, &state_mctx); - if (result != ISC_R_SUCCESS) - goto unlock; - isc_mem_setname(state_mctx, "geoip_state", NULL); - isc_mem_setdestroycheck(state_mctx, false); - - ret = isc_thread_key_create(&state_key, free_state); - if (ret == 0) - state_key_initialized = true; - else - result = ISC_R_FAILURE; - } - unlock: - UNLOCK(&key_mutex); - } - - return (result); -} - -static void -clean_state(geoip_state_t *state) { - if (state == NULL) - return; - - if (state->record != NULL) { - GeoIPRecord_delete(state->record); - state->record = NULL; - } - if (state->region != NULL) { - GeoIPRegion_delete(state->region); - state->region = NULL; - } - if (state->name != NULL) { - free (state->name); - state->name = NULL; - } - state->ipnum = 0; - state->text = NULL; - state->id = 0; -} - -static isc_result_t -set_state(unsigned int family, uint32_t ipnum, const geoipv6_t *ipnum6, - dns_geoip_subtype_t subtype, GeoIPRecord *record, - GeoIPRegion *region, char *name, const char *text, int id) -{ - geoip_state_t *state = NULL; - isc_result_t result; - - result = state_key_init(); - if (result != ISC_R_SUCCESS) - return (result); - - state = (geoip_state_t *) isc_thread_key_getspecific(state_key); - if (state == NULL) { - state = (geoip_state_t *) isc_mem_get(state_mctx, - sizeof(geoip_state_t)); - if (state == NULL) - return (ISC_R_NOMEMORY); - memset(state, 0, sizeof(*state)); - - result = isc_thread_key_setspecific(state_key, state); - if (result != ISC_R_SUCCESS) { - isc_mem_put(state_mctx, state, sizeof(geoip_state_t)); - return (result); - } - - isc_mem_attach(state_mctx, &state->mctx); - } else - clean_state(state); - - if (family == AF_INET) { - state->ipnum = ipnum; - } else { - INSIST(ipnum6 != NULL); - state->ipnum6 = *ipnum6; - } - - state->family = family; - state->subtype = subtype; - state->record = record; - state->region = region; - state->name = name; - state->text = text; - state->id = id; - - return (ISC_R_SUCCESS); -} - -static geoip_state_t * -get_state_for(unsigned int family, uint32_t ipnum, - const geoipv6_t *ipnum6) -{ - geoip_state_t *state; - - isc_result_t result; - - result = state_key_init(); - if (result != ISC_R_SUCCESS) - return (NULL); - - state = (geoip_state_t *) isc_thread_key_getspecific(state_key); - if (state == NULL) - return (NULL); - - if (state->family == family && - ((state->family == AF_INET && state->ipnum == ipnum) || - (state->family == AF_INET6 && ipnum6 != NULL && - memcmp(state->ipnum6.s6_addr, ipnum6->s6_addr, 16) == 0))) - return (state); - - return (NULL); -} - -/* - * Country lookups are performed if the previous lookup was from a - * different IP address than the current, or was for a search of a - * different subtype. - */ -static const char * -country_lookup(GeoIP *db, dns_geoip_subtype_t subtype, - unsigned int family, - uint32_t ipnum, const geoipv6_t *ipnum6) -{ - geoip_state_t *prev_state = NULL; - const char *text = NULL; - - REQUIRE(db != NULL); - -#ifndef HAVE_GEOIP_V6 - /* no IPv6 support? give up now */ - if (family == AF_INET6) - return (NULL); -#endif - - prev_state = get_state_for(family, ipnum, ipnum6); - if (prev_state != NULL && prev_state->subtype == subtype) { - text = prev_state->text; - } - - if (text == NULL) { - switch (subtype) { - case dns_geoip_country_code: - if (family == AF_INET) - text = GeoIP_country_code_by_ipnum(db, ipnum); -#ifdef HAVE_GEOIP_V6 - else - text = GeoIP_country_code_by_ipnum_v6(db, - *ipnum6); -#endif - break; - case dns_geoip_country_code3: - if (family == AF_INET) - text = GeoIP_country_code3_by_ipnum(db, ipnum); -#ifdef HAVE_GEOIP_V6 - else - text = GeoIP_country_code3_by_ipnum_v6(db, - *ipnum6); -#endif - break; - case dns_geoip_country_name: - if (family == AF_INET) - text = GeoIP_country_name_by_ipnum(db, ipnum); -#ifdef HAVE_GEOIP_V6 - else - text = GeoIP_country_name_by_ipnum_v6(db, - *ipnum6); -#endif - break; - default: - INSIST(0); - ISC_UNREACHABLE(); - } - - if (text == NULL) - return (NULL); - - set_state(family, ipnum, ipnum6, subtype, - NULL, NULL, NULL, text, 0); - } - - return (text); -} - -static char * -city_string(GeoIPRecord *record, dns_geoip_subtype_t subtype, int *maxlen) { - const char *s; - char *deconst; - - REQUIRE(record != NULL); - REQUIRE(maxlen != NULL); - - /* Set '*maxlen' to the maximum length of this subtype, if any */ - switch (subtype) { - case dns_geoip_city_countrycode: - case dns_geoip_city_region: - case dns_geoip_city_continentcode: - *maxlen = 2; - break; - - case dns_geoip_city_countrycode3: - *maxlen = 3; - break; - - default: - /* No fixed length; just use strcasecmp() for comparison */ - *maxlen = 255; - } - - switch (subtype) { - case dns_geoip_city_countrycode: - return (record->country_code); - case dns_geoip_city_countrycode3: - return (record->country_code3); - case dns_geoip_city_countryname: - return (record->country_name); - case dns_geoip_city_region: - return (record->region); - case dns_geoip_city_regionname: - s = GeoIP_region_name_by_code(record->country_code, - record->region); - DE_CONST(s, deconst); - return (deconst); - case dns_geoip_city_name: - return (record->city); - case dns_geoip_city_postalcode: - return (record->postal_code); - case dns_geoip_city_continentcode: - return (record->continent_code); - case dns_geoip_city_timezonecode: - s = GeoIP_time_zone_by_country_and_region(record->country_code, - record->region); - DE_CONST(s, deconst); - return (deconst); - default: - INSIST(0); - ISC_UNREACHABLE(); - } -} - -static bool -is_city(dns_geoip_subtype_t subtype) { - switch (subtype) { - case dns_geoip_city_countrycode: - case dns_geoip_city_countrycode3: - case dns_geoip_city_countryname: - case dns_geoip_city_region: - case dns_geoip_city_regionname: - case dns_geoip_city_name: - case dns_geoip_city_postalcode: - case dns_geoip_city_continentcode: - case dns_geoip_city_timezonecode: - case dns_geoip_city_metrocode: - case dns_geoip_city_areacode: - return (true); - default: - return (false); - } -} - -/* - * GeoIPRecord lookups are performed if the previous lookup was - * from a different IP address than the current, or was for a search - * outside the City database. - */ -static GeoIPRecord * -city_lookup(GeoIP *db, dns_geoip_subtype_t subtype, - unsigned int family, uint32_t ipnum, - const geoipv6_t *ipnum6) -{ - GeoIPRecord *record = NULL; - geoip_state_t *prev_state = NULL; - - REQUIRE(db != NULL); - -#ifndef HAVE_GEOIP_V6 - /* no IPv6 support? give up now */ - if (family == AF_INET6) - return (NULL); -#endif - - prev_state = get_state_for(family, ipnum, ipnum6); - if (prev_state != NULL && is_city(prev_state->subtype)) { - record = prev_state->record; - } - - if (record == NULL) { - if (family == AF_INET) - record = GeoIP_record_by_ipnum(db, ipnum); -#ifdef HAVE_GEOIP_V6 - else - record = GeoIP_record_by_ipnum_v6(db, *ipnum6); -#endif - if (record == NULL) - return (NULL); - - set_state(family, ipnum, ipnum6, subtype, record, - NULL, NULL, NULL, 0); - } - - return (record); -} - -static char * region_string(GeoIPRegion *region, dns_geoip_subtype_t subtype, int *maxlen) { - const char *s; - char *deconst; - - REQUIRE(region != NULL); - REQUIRE(maxlen != NULL); - - switch (subtype) { - case dns_geoip_region_countrycode: - *maxlen = 2; - return (region->country_code); - case dns_geoip_region_code: - *maxlen = 2; - return (region->region); - case dns_geoip_region_name: - *maxlen = 255; - s = GeoIP_region_name_by_code(region->country_code, - region->region); - DE_CONST(s, deconst); - return (deconst); - default: - INSIST(0); - ISC_UNREACHABLE(); - } -} - -static bool -is_region(dns_geoip_subtype_t subtype) { - switch (subtype) { - case dns_geoip_region_countrycode: - case dns_geoip_region_code: - return (true); - default: - return (false); - } -} - -/* - * GeoIPRegion lookups are performed if the previous lookup was - * from a different IP address than the current, or was for a search - * outside the Region database. - */ -static GeoIPRegion * -region_lookup(GeoIP *db, dns_geoip_subtype_t subtype, uint32_t ipnum) { - GeoIPRegion *region = NULL; - geoip_state_t *prev_state = NULL; - - REQUIRE(db != NULL); - - prev_state = get_state_for(AF_INET, ipnum, NULL); - if (prev_state != NULL && is_region(prev_state->subtype)) { - region = prev_state->region; - } - - if (region == NULL) { - region = GeoIP_region_by_ipnum(db, ipnum); - if (region == NULL) - return (NULL); - - set_state(AF_INET, ipnum, NULL, subtype, NULL, - region, NULL, NULL, 0); - } - - return (region); -} - -/* - * ISP, Organization, AS Number and Domain lookups are performed if - * the previous lookup was from a different IP address than the current, - * or was for a search of a different subtype. - */ -static char * -name_lookup(GeoIP *db, dns_geoip_subtype_t subtype, uint32_t ipnum) { - char *name = NULL; - geoip_state_t *prev_state = NULL; - - REQUIRE(db != NULL); - - prev_state = get_state_for(AF_INET, ipnum, NULL); - if (prev_state != NULL && prev_state->subtype == subtype) { - name = prev_state->name; - } - - if (name == NULL) { - name = GeoIP_name_by_ipnum(db, ipnum); - if (name == NULL) - return (NULL); - - set_state(AF_INET, ipnum, NULL, subtype, NULL, NULL, - name, NULL, 0); - } - - return (name); -} - -/* - * Netspeed lookups are performed if the previous lookup was from a - * different IP address than the current, or was for a search of a - * different subtype. - */ -static int -netspeed_lookup(GeoIP *db, dns_geoip_subtype_t subtype, uint32_t ipnum) { - geoip_state_t *prev_state = NULL; - bool found = false; - int id = -1; - - REQUIRE(db != NULL); - - prev_state = get_state_for(AF_INET, ipnum, NULL); - if (prev_state != NULL && prev_state->subtype == subtype) { - id = prev_state->id; - found = true; - } - - if (!found) { - id = GeoIP_id_by_ipnum(db, ipnum); - if (id == 0) - return (0); - - set_state(AF_INET, ipnum, NULL, subtype, NULL, - NULL, NULL, NULL, id); - } - - return (id); -} -#endif /* HAVE_GEOIP */ - -#define DB46(addr, geoip, name) \ - ((addr->family == AF_INET) ? (geoip->name##_v4) : (geoip->name##_v6)) - -#ifdef HAVE_GEOIP -/* - * Find the best database to answer a generic subtype - */ -static dns_geoip_subtype_t -fix_subtype(const isc_netaddr_t *reqaddr, const dns_geoip_databases_t *geoip, - dns_geoip_subtype_t subtype) -{ - dns_geoip_subtype_t ret = subtype; - - switch (subtype) { - case dns_geoip_countrycode: - if (DB46(reqaddr, geoip, city) != NULL) - ret = dns_geoip_city_countrycode; - else if (reqaddr->family == AF_INET && geoip->region != NULL) - ret = dns_geoip_region_countrycode; - else if (DB46(reqaddr, geoip, country) != NULL) - ret = dns_geoip_country_code; - break; - case dns_geoip_countrycode3: - if (DB46(reqaddr, geoip, city) != NULL) - ret = dns_geoip_city_countrycode3; - else if (DB46(reqaddr, geoip, country) != NULL) - ret = dns_geoip_country_code3; - break; - case dns_geoip_countryname: - if (DB46(reqaddr, geoip, city) != NULL) - ret = dns_geoip_city_countryname; - else if (DB46(reqaddr, geoip, country) != NULL) - ret = dns_geoip_country_name; - break; - case dns_geoip_region: - if (DB46(reqaddr, geoip, city) != NULL) - ret = dns_geoip_city_region; - else if (reqaddr->family == AF_INET && geoip->region != NULL) - ret = dns_geoip_region_code; - break; - case dns_geoip_regionname: - if (DB46(reqaddr, geoip, city) != NULL) - ret = dns_geoip_city_regionname; - else if (reqaddr->family == AF_INET && geoip->region != NULL) - ret = dns_geoip_region_name; - break; - default: - break; - } - - return (ret); -} -#endif /* HAVE_GEOIP */ - -bool -dns_geoip_match(const isc_netaddr_t *reqaddr, - const dns_geoip_databases_t *geoip, - const dns_geoip_elem_t *elt) -{ -#ifndef HAVE_GEOIP - UNUSED(reqaddr); - UNUSED(geoip); - UNUSED(elt); - - return (false); -#else - GeoIP *db; - GeoIPRecord *record; - GeoIPRegion *region; - dns_geoip_subtype_t subtype; - uint32_t ipnum = 0; - int maxlen = 0, id, family; - const char *cs; - char *s; -#ifdef HAVE_GEOIP_V6 - const geoipv6_t *ipnum6 = NULL; -#else - const void *ipnum6 = NULL; -#endif - - INSIST(geoip != NULL); - - family = reqaddr->family; - switch (family) { - case AF_INET: - ipnum = ntohl(reqaddr->type.in.s_addr); - break; - case AF_INET6: -#ifdef HAVE_GEOIP_V6 - ipnum6 = &reqaddr->type.in6; - break; -#else - return (false); -#endif - default: - return (false); - } - - subtype = fix_subtype(reqaddr, geoip, elt->subtype); - - switch (subtype) { - case dns_geoip_country_code: - maxlen = 2; - goto getcountry; - - case dns_geoip_country_code3: - maxlen = 3; - goto getcountry; - - case dns_geoip_country_name: - maxlen = 255; - getcountry: - db = DB46(reqaddr, geoip, country); - if (db == NULL) - return (false); - - INSIST(elt->as_string != NULL); - - cs = country_lookup(db, subtype, family, ipnum, ipnum6); - if (cs != NULL && strncasecmp(elt->as_string, cs, maxlen) == 0) - return (true); - break; - - case dns_geoip_city_countrycode: - case dns_geoip_city_countrycode3: - case dns_geoip_city_countryname: - case dns_geoip_city_region: - case dns_geoip_city_regionname: - case dns_geoip_city_name: - case dns_geoip_city_postalcode: - case dns_geoip_city_continentcode: - case dns_geoip_city_timezonecode: - INSIST(elt->as_string != NULL); - - db = DB46(reqaddr, geoip, city); - if (db == NULL) - return (false); - - record = city_lookup(db, subtype, family, - ipnum, ipnum6); - if (record == NULL) - break; - - s = city_string(record, subtype, &maxlen); - INSIST(maxlen != 0); - if (s != NULL && strncasecmp(elt->as_string, s, maxlen) == 0) - return (true); - break; - - case dns_geoip_city_metrocode: - db = DB46(reqaddr, geoip, city); - if (db == NULL) - return (false); - - record = city_lookup(db, subtype, family, - ipnum, ipnum6); - if (record == NULL) - break; - - if (elt->as_int == record->metro_code) - return (true); - break; - - case dns_geoip_city_areacode: - db = DB46(reqaddr, geoip, city); - if (db == NULL) - return (false); - - record = city_lookup(db, subtype, family, - ipnum, ipnum6); - if (record == NULL) - break; - - if (elt->as_int == record->area_code) - return (true); - break; - - case dns_geoip_region_countrycode: - case dns_geoip_region_code: - case dns_geoip_region_name: - case dns_geoip_region: - if (geoip->region == NULL) - return (false); - - INSIST(elt->as_string != NULL); - - /* Region DB is not supported for IPv6 */ - if (family == AF_INET6) - return (false); - - region = region_lookup(geoip->region, subtype, ipnum); - if (region == NULL) - break; - - s = region_string(region, subtype, &maxlen); - INSIST(maxlen != 0); - if (s != NULL && strncasecmp(elt->as_string, s, maxlen) == 0) - return (true); - break; - - case dns_geoip_isp_name: - db = geoip->isp; - goto getname; - - case dns_geoip_org_name: - db = geoip->org; - goto getname; - - case dns_geoip_as_asnum: - db = geoip->as; - goto getname; - - case dns_geoip_domain_name: - db = geoip->domain; - - getname: - if (db == NULL) - return (false); - - INSIST(elt->as_string != NULL); - /* ISP, Org, AS, and Domain are not supported for IPv6 */ - if (family == AF_INET6) - return (false); - - s = name_lookup(db, subtype, ipnum); - if (s != NULL) { - size_t l; - if (strcasecmp(elt->as_string, s) == 0) - return (true); - if (subtype != dns_geoip_as_asnum) - break; - /* - * Just check if the ASNNNN value matches. - */ - l = strlen(elt->as_string); - if (l > 0U && strchr(elt->as_string, ' ') == NULL && - strncasecmp(elt->as_string, s, l) == 0 && - s[l] == ' ') - return (true); - } - break; - - case dns_geoip_netspeed_id: - INSIST(geoip->netspeed != NULL); - - /* Netspeed DB is not supported for IPv6 */ - if (family == AF_INET6) - return (false); - - id = netspeed_lookup(geoip->netspeed, subtype, ipnum); - if (id == elt->as_int) - return (true); - break; - - case dns_geoip_countrycode: - case dns_geoip_countrycode3: - case dns_geoip_countryname: - case dns_geoip_regionname: - /* - * If these were not remapped by fix_subtype(), - * the database was unavailable. Always return false. - */ - break; - - default: - INSIST(0); - ISC_UNREACHABLE(); - } - - return (false); -#endif -} - -void -dns_geoip_shutdown(void) { -#ifdef HAVE_GEOIP - GeoIP_cleanup(); - if (state_mctx != NULL) - isc_mem_detach(&state_mctx); -#else - return; -#endif -} diff --git a/lib/dns/include/dns/acl.h b/lib/dns/include/dns/acl.h index f85541c1b2..92bf20e181 100644 --- a/lib/dns/include/dns/acl.h +++ b/lib/dns/include/dns/acl.h @@ -32,9 +32,7 @@ #include #include -#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) #include -#endif #include #include #include @@ -49,9 +47,9 @@ typedef enum { dns_aclelementtype_nestedacl, dns_aclelementtype_localhost, dns_aclelementtype_localnets, -#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) +#if defined(HAVE_GEOIP2) dns_aclelementtype_geoip, -#endif /* HAVE_GEOIP || HAVE_GEOIP2 */ +#endif /* HAVE_GEOIP2 */ dns_aclelementtype_any } dns_aclelementtype_t; @@ -66,9 +64,9 @@ struct dns_aclelement { dns_aclelementtype_t type; bool negative; dns_name_t keyname; -#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) +#if defined(HAVE_GEOIP2) dns_geoip_elem_t geoip_elem; -#endif /* HAVE_GEOIP || HAVE_GEOIP2 */ +#endif /* HAVE_GEOIP2 */ dns_acl_t *nestedacl; int node_num; }; @@ -91,9 +89,9 @@ struct dns_aclenv { dns_acl_t *localhost; dns_acl_t *localnets; bool match_mapped; -#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) +#if defined(HAVE_GEOIP2) dns_geoip_databases_t *geoip; -#endif +#endif /* HAVE_GEOIP2 */ }; #define DNS_ACL_MAGIC ISC_MAGIC('D','a','c','l') diff --git a/lib/dns/include/dns/geoip.h b/lib/dns/include/dns/geoip.h index d79a85c9fd..0b7a99ec19 100644 --- a/lib/dns/include/dns/geoip.h +++ b/lib/dns/include/dns/geoip.h @@ -21,7 +21,7 @@ * GeoIP/GeoIP2 data types and function prototypes. */ -#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) +#if defined(HAVE_GEOIP2) /*** *** Imports @@ -87,7 +87,6 @@ typedef struct dns_geoip_elem { } dns_geoip_elem_t; struct dns_geoip_databases { -#ifdef HAVE_GEOIP2 void *country; /* GeoIP2-Country or GeoLite2-Country */ void *city; /* GeoIP2-CIty or GeoLite2-City */ void *domain; /* GeoIP2-Domain */ @@ -95,20 +94,6 @@ struct dns_geoip_databases { void *as; /* GeoIP2-ASN or GeoLite2-ASN */ #define DNS_GEOIP_DATABASE_INIT \ { NULL, NULL, NULL, NULL, NULL } -#else /* HAVE_GEOIP */ - void *country_v4; /* GeoIP DB 1 */ - void *city_v4; /* GeoIP DB 2 or 6 */ - void *region; /* GeoIP DB 3 or 7 */ - void *isp; /* GeoIP DB 4 */ - void *org; /* GeoIP DB 5 */ - void *as; /* GeoIP DB 9 */ - void *netspeed; /* GeoIP DB 10 */ - void *domain; /* GeoIP DB 11 */ - void *country_v6; /* GeoIP DB 12 */ - void *city_v6; /* GeoIP DB 30 or 31 */ -#define DNS_GEOIP_DATABASE_INIT \ - { NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL } -#endif /* HAVE_GEOIP */ }; /*** @@ -127,6 +112,6 @@ dns_geoip_shutdown(void); ISC_LANG_ENDDECLS -#endif /* HAVE_GEOIP | HAVE_GEOIP2 */ +#endif /* HAVE_GEOIP2 */ #endif /* DNS_GEOIP_H */ diff --git a/lib/dns/tests/acl_test.c b/lib/dns/tests/acl_test.c index 8ee69abef0..056e6469d2 100644 --- a/lib/dns/tests/acl_test.c +++ b/lib/dns/tests/acl_test.c @@ -64,11 +64,11 @@ dns_acl_isinsecure_test(void **state) { dns_acl_t *none = NULL; dns_acl_t *notnone = NULL; dns_acl_t *notany = NULL; -#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) +#if defined(HAVE_GEOIP2) dns_acl_t *geoip = NULL; dns_acl_t *notgeoip = NULL; dns_aclelement_t *de; -#endif /* HAVE_GEOIP || HAVE_GEOIP2 */ +#endif /* HAVE_GEOIP2 */ UNUSED(state); @@ -90,7 +90,7 @@ dns_acl_isinsecure_test(void **state) { result = dns_acl_merge(notany, any, false); assert_int_equal(result, ISC_R_SUCCESS); -#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) +#if defined(HAVE_GEOIP2) result = dns_acl_create(dt_mctx, 1, &geoip); assert_int_equal(result, ISC_R_SUCCESS); @@ -111,26 +111,26 @@ dns_acl_isinsecure_test(void **state) { result = dns_acl_merge(notgeoip, geoip, false); assert_int_equal(result, ISC_R_SUCCESS); -#endif /* HAVE_GEOIP || HAVE_GEOIP2 */ +#endif /* HAVE_GEOIP2 */ assert_true(dns_acl_isinsecure(any)); /* any; */ assert_false(dns_acl_isinsecure(none)); /* none; */ assert_false(dns_acl_isinsecure(notany)); /* !any; */ assert_false(dns_acl_isinsecure(notnone)); /* !none; */ -#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) +#if defined(HAVE_GEOIP2) assert_true(dns_acl_isinsecure(geoip)); /* geoip; */ assert_false(dns_acl_isinsecure(notgeoip)); /* !geoip; */ -#endif /* HAVE_GEOIP || HAVE_GEOIP2 */ +#endif /* HAVE_GEOIP2 */ dns_acl_detach(&any); dns_acl_detach(&none); dns_acl_detach(¬any); dns_acl_detach(¬none); -#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) +#if defined(HAVE_GEOIP2) dns_acl_detach(&geoip); dns_acl_detach(¬geoip); -#endif /* HAVE_GEOIP || HAVE_GEOIP2 */ +#endif /* HAVE_GEOIP2 */ } int diff --git a/lib/dns/tests/geoip_test.c b/lib/dns/tests/geoip_test.c index 71b447bbc3..317032d6ea 100644 --- a/lib/dns/tests/geoip_test.c +++ b/lib/dns/tests/geoip_test.c @@ -37,14 +37,11 @@ /* Use GeoIP2 databases from the 'geoip2' system test */ #define TEST_GEOIP_DATA "../../../bin/tests/system/geoip2/data" -#elif defined(HAVE_GEOIP) -#include -/* Use GeoIP databases from the 'geoip' system test */ -#define TEST_GEOIP_DATA "../../../bin/tests/system/geoip/data" -#endif +static dns_geoip_databases_t geoip = DNS_GEOIP_DATABASE_INIT; + +static MMDB_s geoip_country, geoip_city, geoip_as, geoip_isp, geoip_domain; -#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) static int _setup(void **state) { isc_result_t result; @@ -66,12 +63,6 @@ _teardown(void **state) { return (0); } -static dns_geoip_databases_t geoip = DNS_GEOIP_DATABASE_INIT; -#endif /* HAVE_GEOIP || HAVE_GEOIP2 */ - -#if defined(HAVE_GEOIP2) -static MMDB_s geoip_country, geoip_city, geoip_as, geoip_isp, geoip_domain; - static MMDB_s * open_geoip2(const char *dir, const char *dbfile, MMDB_s *mmdb) { char pathbuf[PATH_MAX]; @@ -95,105 +86,7 @@ load_geoip(const char *dir) { geoip.isp = open_geoip2(dir, "GeoIP2-ISP.mmdb", &geoip_isp); geoip.domain = open_geoip2(dir, "GeoIP2-Domain.mmdb", &geoip_domain); } -#elif defined(HAVE_GEOIP) -/* - * Helper functions (mostly copied from bin/named/geoip.c) - */ -static void -init_geoip_db(void **dbp, GeoIPDBTypes edition, GeoIPDBTypes fallback, - GeoIPOptions method, const char *name) -{ - GeoIP *db; - REQUIRE(dbp != NULL); - - db = (GeoIP *)*dbp; - - if (db != NULL) { - GeoIP_delete(db); - db = *dbp = NULL; - } - - if (! GeoIP_db_avail(edition)) { - goto fail; - } - - db = GeoIP_open_type(edition, method); - if (db == NULL) { - goto fail; - } - - *dbp = db; - return; - - fail: - if (fallback != 0) { - init_geoip_db(dbp, fallback, 0, method, name); - } -} - -static void -load_geoip(const char *dir) { - GeoIPOptions method; - -#ifdef _WIN32 - method = GEOIP_STANDARD; -#else - method = GEOIP_MMAP_CACHE; -#endif - - if (dir != NULL) { - char *p; - DE_CONST(dir, p); - GeoIP_setup_custom_directory(p); - } - - init_geoip_db(&geoip.country_v4, GEOIP_COUNTRY_EDITION, 0, - method, "Country (IPv4)"); -#ifdef HAVE_GEOIP_V6 - init_geoip_db(&geoip.country_v6, GEOIP_COUNTRY_EDITION_V6, 0, - method, "Country (IPv6)"); -#endif - - init_geoip_db(&geoip.city_v4, GEOIP_CITY_EDITION_REV1, - GEOIP_CITY_EDITION_REV0, method, "City (IPv4)"); -#if defined(HAVE_GEOIP_V6) && defined(HAVE_GEOIP_CITY_V6) - init_geoip_db(&geoip.city_v6, GEOIP_CITY_EDITION_REV1_V6, - GEOIP_CITY_EDITION_REV0_V6, method, "City (IPv6)"); -#endif - - init_geoip_db(&geoip.region, GEOIP_REGION_EDITION_REV1, - GEOIP_REGION_EDITION_REV0, method, "Region"); - init_geoip_db(&geoip.isp, GEOIP_ISP_EDITION, 0, - method, "ISP"); - init_geoip_db(&geoip.org, GEOIP_ORG_EDITION, 0, - method, "Org"); - init_geoip_db(&geoip.as, GEOIP_ASNUM_EDITION, 0, - method, "AS"); - init_geoip_db(&geoip.domain, GEOIP_DOMAIN_EDITION, 0, - method, "Domain"); - init_geoip_db(&geoip.netspeed, GEOIP_NETSPEED_EDITION, 0, - method, "NetSpeed"); -} - -static bool -do_lookup_int(const char *addr, dns_geoip_subtype_t subtype, int id) { - dns_geoip_elem_t elt; - struct in_addr in4; - isc_netaddr_t na; - - inet_pton(AF_INET, addr, &in4); - isc_netaddr_fromin(&na, &in4); - - elt.subtype = subtype; - elt.as_int = id; - - return (dns_geoip_match(&na, &geoip, &elt)); -} - -#endif /* HAVE_GEOIP */ - -#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) static bool do_lookup_string(const char *addr, dns_geoip_subtype_t subtype, const char *string) @@ -238,15 +131,9 @@ country(void **state) { /* Use databases from the geoip system test */ load_geoip(TEST_GEOIP_DATA); -#ifdef HAVE_GEOIP2 if (geoip.country == NULL) { skip(); } -#else /* HAVE_GEOIP */ - if (geoip.country_v4 == NULL) { - skip(); - } -#endif /* HAVE_GEOIP */ match = do_lookup_string("10.53.0.1", dns_geoip_country_code, "AU"); assert_true(match); @@ -273,15 +160,9 @@ country_v6(void **state) { /* Use databases from the geoip system test */ load_geoip(TEST_GEOIP_DATA); -#ifdef HAVE_GEOIP2 if (geoip.country == NULL) { skip(); } -#else /* HAVE_GEOIP */ - if (geoip.country_v6 == NULL) { - skip(); - } -#endif /* HAVE_GEOIP */ match = do_lookup_string_v6("fd92:7065:b8e:ffff::1", dns_geoip_country_code, "AU"); @@ -302,15 +183,9 @@ city(void **state) { /* Use databases from the geoip system test */ load_geoip(TEST_GEOIP_DATA); -#ifdef HAVE_GEOIP2 if (geoip.city == NULL) { skip(); } -#else /* HAVE_GEOIP */ - if (geoip.city_v4 == NULL) { - skip(); - } -#endif /* HAVE_GEOIP */ match = do_lookup_string("10.53.0.1", dns_geoip_city_continentcode, "NA"); @@ -339,14 +214,6 @@ city(void **state) { match = do_lookup_string("10.53.0.1", dns_geoip_city_postalcode, "94063"); assert_true(match); - -#ifdef HAVE_GEOIP - match = do_lookup_int("10.53.0.1", dns_geoip_city_areacode, 650); - assert_true(match); - - match = do_lookup_int("10.53.0.1", dns_geoip_city_metrocode, 807); - assert_true(match); -#endif } /* GeoIP city (ipv6) matching */ @@ -359,15 +226,9 @@ city_v6(void **state) { /* Use databases from the geoip system test */ load_geoip(TEST_GEOIP_DATA); -#ifdef HAVE_GEOIP2 if (geoip.city == NULL) { skip(); } -#else /* HAVE_GEOIP */ - if (geoip.city_v6 == NULL) { - skip(); - } -#endif /* HAVE_GEOIP */ match = do_lookup_string_v6("fd92:7065:b8e:ffff::1", dns_geoip_city_continentcode, "NA"); @@ -447,15 +308,9 @@ org(void **state) { /* Use databases from the geoip system test */ load_geoip(TEST_GEOIP_DATA); -#ifdef HAVE_GEOIP2 if (geoip.as == NULL) { skip(); } -#else /* HAVE_GEOIP */ - if (geoip.org == NULL) { - skip(); - } -#endif /* HAVE_GEOIP */ match = do_lookup_string("10.53.0.2", dns_geoip_org_name, "Two Technology Ltd."); @@ -480,141 +335,11 @@ domain(void **state) { dns_geoip_domain_name, "five.es"); assert_true(match); } -#endif /* HAVE_GEOIP || HAVE_GEOIP2 */ - -#ifdef HAVE_GEOIP -/* GeoIP region matching */ -static void -region(void **state) { - bool match; - - UNUSED(state); - - /* Use databases from the geoip system test */ - load_geoip(TEST_GEOIP_DATA); - - if (geoip.region == NULL) { - skip(); - } - - match = do_lookup_string("10.53.0.1", - dns_geoip_region_code, "CA"); - assert_true(match); - - match = do_lookup_string("10.53.0.1", - dns_geoip_region_name, "California"); - assert_true(match); - - match = do_lookup_string("10.53.0.1", - dns_geoip_region_countrycode, "US"); - assert_true(match); -} - -/* GeoIP netspeed matching */ -static void -netspeed(void **state) { - bool match; - - UNUSED(state); - - /* Use databases from the geoip system test */ - load_geoip(TEST_GEOIP_DATA); - - if (geoip.netspeed == NULL) { - skip(); - } - - match = do_lookup_int("10.53.0.1", dns_geoip_netspeed_id, 0); - assert_true(match); - - match = do_lookup_int("10.53.0.2", dns_geoip_netspeed_id, 1); - assert_true(match); - - match = do_lookup_int("10.53.0.3", dns_geoip_netspeed_id, 2); - assert_true(match); - - match = do_lookup_int("10.53.0.4", dns_geoip_netspeed_id, 3); - assert_true(match); -} - -/* - * GeoIP best-database matching - * (With no specified databse and a city database available, answers - * should come from city database. With city database unavailable, region - * database. Region database unavailable, country database.) - */ -static void -best(void **state) { - bool match; - - UNUSED(state); - - /* Use databases from the geoip system test */ - load_geoip(TEST_GEOIP_DATA); - - if (geoip.region == NULL) { - skip(); - } - - match = do_lookup_string("10.53.0.4", - dns_geoip_countrycode, "US"); - assert_true(match); - - match = do_lookup_string("10.53.0.4", - dns_geoip_countrycode3, "USA"); - assert_true(match); - - match = do_lookup_string("10.53.0.4", - dns_geoip_countryname, "United States"); - assert_true(match); - - match = do_lookup_string("10.53.0.4", - dns_geoip_regionname, "Virginia"); - assert_true(match); - - match = do_lookup_string("10.53.0.4", - dns_geoip_region, "VA"); - assert_true(match); - - GeoIP_delete(geoip.city_v4); - geoip.city_v4 = NULL; - - match = do_lookup_string("10.53.0.4", - dns_geoip_countrycode, "AU"); - assert_true(match); - - /* - * Note, region doesn't support code3 or countryname, so - * the next two would be answered from the country database instead - */ - match = do_lookup_string("10.53.0.4", - dns_geoip_countrycode3, "CAN"); - assert_true(match); - - match = do_lookup_string("10.53.0.4", - dns_geoip_countryname, "Canada"); - assert_true(match); - - GeoIP_delete(geoip.region); - geoip.region = NULL; - - match = do_lookup_string("10.53.0.4", - dns_geoip_countrycode, "CA"); - assert_true(match); - - match = do_lookup_string("10.53.0.4", - dns_geoip_countrycode3, "CAN"); - assert_true(match); - - match = do_lookup_string("10.53.0.4", - dns_geoip_countryname, "Canada"); - assert_true(match); -} -#endif /* HAVE_GEOIP */ +#endif /* HAVE_GEOIP2 */ int main(void) { -#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) +#if defined(HAVE_GEOIP2) const struct CMUnitTest tests[] = { cmocka_unit_test_setup_teardown(country, _setup, _teardown), cmocka_unit_test_setup_teardown(country_v6, _setup, _teardown), @@ -624,11 +349,6 @@ main(void) { cmocka_unit_test_setup_teardown(isp, _setup, _teardown), cmocka_unit_test_setup_teardown(org, _setup, _teardown), cmocka_unit_test_setup_teardown(domain, _setup, _teardown), -#ifdef HAVE_GEOIP - cmocka_unit_test_setup_teardown(region, _setup, _teardown), - cmocka_unit_test_setup_teardown(netspeed, _setup, _teardown), - cmocka_unit_test_setup_teardown(best, _setup, _teardown), -#endif /* HAVE_GEOIP */ }; return (cmocka_run_group_tests(tests, NULL, NULL)); diff --git a/lib/isccfg/aclconf.c b/lib/isccfg/aclconf.c index 7b26c68471..e69f1e82a7 100644 --- a/lib/isccfg/aclconf.c +++ b/lib/isccfg/aclconf.c @@ -37,19 +37,7 @@ static const char *geoip_dbnames[] = { "domain", NULL, }; -#elif defined(HAVE_GEOIP) -static const char *geoip_dbnames[] = { - "country", - "city", - "region", - "asnum", - "isp", - "domain", - "netspeed", - "org", - NULL, -}; -#endif /* HAVE_GEOIP */ +#endif isc_result_t cfg_aclconfctx_create(isc_mem_t *mctx, cfg_aclconfctx_t **ret) { @@ -68,7 +56,7 @@ cfg_aclconfctx_create(isc_mem_t *mctx, cfg_aclconfctx_t **ret) { isc_mem_attach(mctx, &actx->mctx); ISC_LIST_INIT(actx->named_acl_cache); -#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) +#if defined(HAVE_GEOIP2) actx->geoip = NULL; #endif @@ -266,12 +254,12 @@ count_acl_elements(const cfg_obj_t *caml, const cfg_obj_t *cctx, n += sub; if (negative) n++; -#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) +#if defined(HAVE_GEOIP2) } else if (cfg_obj_istuple(ce) && cfg_obj_isvoid(cfg_tuple_get(ce, "negated"))) { n++; -#endif /* HAVE_GEOIP || HAVE_GEOIP2 */ +#endif /* HAVE_GEOIP2 */ } else if (cfg_obj_isstring(ce)) { const char *name = cfg_obj_asstring(ce); if (strcasecmp(name, "localhost") == 0 || @@ -640,350 +628,7 @@ parse_geoip_element(const cfg_obj_t *obj, isc_log_t *lctx, return (ISC_R_SUCCESS); } -#elif defined(HAVE_GEOIP) -static dns_geoip_subtype_t -get_subtype(const cfg_obj_t *obj, isc_log_t *lctx, - dns_geoip_subtype_t subtype, const char *dbname) -{ - if (dbname == NULL) - return (subtype); - - switch (subtype) { - case dns_geoip_countrycode: - if (strcasecmp(dbname, "city") == 0) - return (dns_geoip_city_countrycode); - else if (strcasecmp(dbname, "region") == 0) - return (dns_geoip_region_countrycode); - else if (strcasecmp(dbname, "country") == 0) - return (dns_geoip_country_code); - cfg_obj_log(obj, lctx, ISC_LOG_ERROR, - "invalid GeoIP DB specified for " - "country search: ignored"); - return (subtype); - case dns_geoip_countrycode3: - if (strcasecmp(dbname, "city") == 0) - return (dns_geoip_city_countrycode3); - else if (strcasecmp(dbname, "country") == 0) - return (dns_geoip_country_code3); - cfg_obj_log(obj, lctx, ISC_LOG_ERROR, - "invalid GeoIP DB specified for " - "country search: ignored"); - return (subtype); - case dns_geoip_countryname: - if (strcasecmp(dbname, "city") == 0) - return (dns_geoip_city_countryname); - else if (strcasecmp(dbname, "country") == 0) - return (dns_geoip_country_name); - cfg_obj_log(obj, lctx, ISC_LOG_ERROR, - "invalid GeoIP DB specified for " - "country search: ignored"); - return (subtype); - case dns_geoip_region: - if (strcasecmp(dbname, "city") == 0) - return (dns_geoip_city_region); - else if (strcasecmp(dbname, "region") == 0) - return (dns_geoip_region_code); - cfg_obj_log(obj, lctx, ISC_LOG_ERROR, - "invalid GeoIP DB specified for " - "region search: ignored"); - return (subtype); - case dns_geoip_regionname: - if (strcasecmp(dbname, "city") == 0) - return (dns_geoip_city_region); - else if (strcasecmp(dbname, "region") == 0) - return (dns_geoip_region_name); - cfg_obj_log(obj, lctx, ISC_LOG_ERROR, - "invalid GeoIP DB specified for " - "region search: ignored"); - return (subtype); - - /* - * Log a warning if the wrong database was specified - * on an unambiguous query - */ - case dns_geoip_city_name: - case dns_geoip_city_postalcode: - case dns_geoip_city_metrocode: - case dns_geoip_city_areacode: - case dns_geoip_city_continentcode: - case dns_geoip_city_timezonecode: - if (strcasecmp(dbname, "city") != 0) - cfg_obj_log(obj, lctx, ISC_LOG_WARNING, - "invalid GeoIP DB specified for " - "a 'city'-only search type: ignoring"); - return (subtype); - case dns_geoip_isp_name: - if (strcasecmp(dbname, "isp") != 0) - cfg_obj_log(obj, lctx, ISC_LOG_WARNING, - "invalid GeoIP DB specified for " - "an 'isp' search: ignoring"); - return (subtype); - case dns_geoip_org_name: - if (strcasecmp(dbname, "org") != 0) - cfg_obj_log(obj, lctx, ISC_LOG_WARNING, - "invalid GeoIP DB specified for " - "an 'org' search: ignoring"); - return (subtype); - case dns_geoip_as_asnum: - if (strcasecmp(dbname, "asnum") != 0) - cfg_obj_log(obj, lctx, ISC_LOG_WARNING, - "invalid GeoIP DB specified for " - "an 'asnum' search: ignoring"); - return (subtype); - case dns_geoip_domain_name: - if (strcasecmp(dbname, "domain") != 0) - cfg_obj_log(obj, lctx, ISC_LOG_WARNING, - "invalid GeoIP DB specified for " - "a 'domain' search: ignoring"); - return (subtype); - case dns_geoip_netspeed_id: - if (strcasecmp(dbname, "netspeed") != 0) - cfg_obj_log(obj, lctx, ISC_LOG_WARNING, - "invalid GeoIP DB specified for " - "a 'netspeed' search: ignoring"); - return (subtype); - default: - INSIST(0); - ISC_UNREACHABLE(); - } -} - -static bool -geoip_can_answer(dns_aclelement_t *elt, cfg_aclconfctx_t *ctx) { - if (ctx->geoip == NULL) - return (true); - - switch (elt->geoip_elem.subtype) { - case dns_geoip_countrycode: - case dns_geoip_countrycode3: - case dns_geoip_countryname: - if (ctx->geoip->city_v4 != NULL || - ctx->geoip->city_v6 != NULL || - ctx->geoip->country_v4 != NULL || - ctx->geoip->country_v6 != NULL || - ctx->geoip->region != NULL) - return (true); - /* FALLTHROUGH */ - case dns_geoip_region: - case dns_geoip_regionname: - if (ctx->geoip->city_v4 != NULL || - ctx->geoip->city_v6 != NULL || - ctx->geoip->region != NULL) - return (true); - /* FALLTHROUGH */ - case dns_geoip_country_code: - case dns_geoip_country_code3: - case dns_geoip_country_name: - if (ctx->geoip->country_v4 != NULL || - ctx->geoip->country_v6 != NULL) - return (true); - /* FALLTHROUGH */ - case dns_geoip_region_countrycode: - case dns_geoip_region_code: - case dns_geoip_region_name: - if (ctx->geoip->region != NULL) - return (true); - /* FALLTHROUGH */ - case dns_geoip_city_countrycode: - case dns_geoip_city_countrycode3: - case dns_geoip_city_countryname: - case dns_geoip_city_region: - case dns_geoip_city_regionname: - case dns_geoip_city_name: - case dns_geoip_city_postalcode: - case dns_geoip_city_metrocode: - case dns_geoip_city_areacode: - case dns_geoip_city_continentcode: - case dns_geoip_city_timezonecode: - if (ctx->geoip->city_v4 != NULL || - ctx->geoip->city_v6 != NULL) - return (true); - /* FALLTHROUGH */ - case dns_geoip_isp_name: - if (ctx->geoip->isp != NULL) - return (true); - /* FALLTHROUGH */ - case dns_geoip_org_name: - if (ctx->geoip->org != NULL) - return (true); - /* FALLTHROUGH */ - case dns_geoip_as_asnum: - if (ctx->geoip->as != NULL) - return (true); - /* FALLTHROUGH */ - case dns_geoip_domain_name: - if (ctx->geoip->domain != NULL) - return (true); - /* FALLTHROUGH */ - case dns_geoip_netspeed_id: - if (ctx->geoip->netspeed != NULL) - return (true); - /* FALLTHROUGH */ - /* - * The following enums are only valid with GeoIP2, - * not legacy GeoIP. - */ - case dns_geoip_continentcode: - case dns_geoip_continent: - case dns_geoip_country_continentcode: - case dns_geoip_country_continent: - case dns_geoip_city_continent: - INSIST(0); - } - - return (false); -} - -static isc_result_t -parse_geoip_element(const cfg_obj_t *obj, isc_log_t *lctx, - cfg_aclconfctx_t *ctx, dns_aclelement_t *dep) -{ - const cfg_obj_t *ge; - const char *dbname = NULL; - const char *stype = NULL, *search = NULL; - dns_geoip_subtype_t subtype; - dns_aclelement_t de; - size_t len; - - REQUIRE(dep != NULL); - - de = *dep; - - ge = cfg_tuple_get(obj, "db"); - if (!cfg_obj_isvoid(ge)) { - int i; - - dbname = cfg_obj_asstring(ge); - - for (i = 0; geoip_dbnames[i] != NULL; i++) { - if (strcasecmp(dbname, geoip_dbnames[i]) == 0) { - break; - } - } - if (geoip_dbnames[i] == NULL) { - cfg_obj_log(obj, lctx, ISC_LOG_ERROR, - "database '%s' is not defined for GeoIP", - dbname); - return (ISC_R_UNEXPECTED); - } - } - - stype = cfg_obj_asstring(cfg_tuple_get(obj, "subtype")); - search = cfg_obj_asstring(cfg_tuple_get(obj, "search")); - len = strlen(search); - - if (len == 0) { - cfg_obj_log(obj, lctx, ISC_LOG_ERROR, - "zero-length geoip search field"); - return (ISC_R_FAILURE); - } - - if (strcasecmp(stype, "country") == 0 && len == 2) { - /* Two-letter country code */ - subtype = dns_geoip_countrycode; - strlcpy(de.geoip_elem.as_string, search, - sizeof(de.geoip_elem.as_string)); - } else if (strcasecmp(stype, "country") == 0 && len == 3) { - /* Three-letter country code */ - subtype = dns_geoip_countrycode3; - strlcpy(de.geoip_elem.as_string, search, - sizeof(de.geoip_elem.as_string)); - } else if (strcasecmp(stype, "country") == 0) { - /* Country name */ - subtype = dns_geoip_countryname; - strlcpy(de.geoip_elem.as_string, search, - sizeof(de.geoip_elem.as_string)); - } else if (strcasecmp(stype, "region") == 0 && len == 2) { - /* Two-letter region code */ - subtype = dns_geoip_region; - strlcpy(de.geoip_elem.as_string, search, - sizeof(de.geoip_elem.as_string)); - } else if (strcasecmp(stype, "region") == 0) { - /* Region name */ - subtype = dns_geoip_regionname; - strlcpy(de.geoip_elem.as_string, search, - sizeof(de.geoip_elem.as_string)); - } else if (strcasecmp(stype, "city") == 0) { - /* City name */ - subtype = dns_geoip_city_name; - strlcpy(de.geoip_elem.as_string, search, - sizeof(de.geoip_elem.as_string)); - } else if (strcasecmp(stype, "postal") == 0 || - strcasecmp(stype, "postalcode") == 0) - { - if (len < 7) { - subtype = dns_geoip_city_postalcode; - strlcpy(de.geoip_elem.as_string, search, - sizeof(de.geoip_elem.as_string)); - } else { - cfg_obj_log(obj, lctx, ISC_LOG_ERROR, - "geoiop postal code (%s) too long", - search); - return (ISC_R_FAILURE); - } - } else if (strcasecmp(stype, "metro") == 0 || - strcasecmp(stype, "metrocode") == 0) - { - subtype = dns_geoip_city_metrocode; - de.geoip_elem.as_int = atoi(search); - } else if (strcasecmp(stype, "area") == 0 || - strcasecmp(stype, "areacode") == 0) - { - subtype = dns_geoip_city_areacode; - de.geoip_elem.as_int = atoi(search); - } else if (strcasecmp(stype, "tz") == 0 || - strcasecmp(stype, "timezone") == 0) - { - subtype = dns_geoip_city_timezonecode; - strlcpy(de.geoip_elem.as_string, search, - sizeof(de.geoip_elem.as_string)); - } else if (strcasecmp(stype, "continent") == 0 && len == 2) { - /* Two-letter continent code */ - subtype = dns_geoip_city_continentcode; - strlcpy(de.geoip_elem.as_string, search, - sizeof(de.geoip_elem.as_string)); - } else if (strcasecmp(stype, "continent") == 0) { - cfg_obj_log(obj, lctx, ISC_LOG_ERROR, - "geoiop continent code (%s) too long", search); - return (ISC_R_FAILURE); - } else if (strcasecmp(stype, "isp") == 0) { - subtype = dns_geoip_isp_name; - strlcpy(de.geoip_elem.as_string, search, - sizeof(de.geoip_elem.as_string)); - } else if (strcasecmp(stype, "asnum") == 0) { - subtype = dns_geoip_as_asnum; - strlcpy(de.geoip_elem.as_string, search, - sizeof(de.geoip_elem.as_string)); - } else if (strcasecmp(stype, "org") == 0) { - subtype = dns_geoip_org_name; - strlcpy(de.geoip_elem.as_string, search, - sizeof(de.geoip_elem.as_string)); - } else if (strcasecmp(stype, "domain") == 0) { - subtype = dns_geoip_domain_name; - strlcpy(de.geoip_elem.as_string, search, - sizeof(de.geoip_elem.as_string)); - } else if (strcasecmp(stype, "netspeed") == 0) { - subtype = dns_geoip_netspeed_id; - de.geoip_elem.as_int = atoi(search); - } else { - INSIST(0); - ISC_UNREACHABLE(); - } - - de.geoip_elem.subtype = get_subtype(obj, lctx, subtype, dbname); - - if (! geoip_can_answer(&de, ctx)) { - cfg_obj_log(obj, lctx, ISC_LOG_ERROR, - "no GeoIP database installed which can answer " - "queries of type '%s'", stype); - return (ISC_R_FAILURE); - } - - *dep = de; - - return (ISC_R_SUCCESS); -} -#endif /* HAVE_GEOIP */ +#endif /* HAVE_GEOIP2 */ isc_result_t cfg_acl_fromconfig(const cfg_obj_t *caml, const cfg_obj_t *cctx, @@ -1178,7 +823,7 @@ nested_acl: if (result != ISC_R_SUCCESS) { goto cleanup; } -#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) +#if defined(HAVE_GEOIP2) } else if (cfg_obj_istuple(ce) && cfg_obj_isvoid(cfg_tuple_get(ce, "negated"))) { @@ -1189,7 +834,7 @@ nested_acl: } de->type = dns_aclelementtype_geoip; de->negative = neg; -#endif /* HAVE_GEOIP || HAVE_GEOIP2 */ +#endif /* HAVE_GEOIP2 */ } else if (cfg_obj_isstring(ce)) { /* ACL name. */ const char *name = cfg_obj_asstring(ce); diff --git a/lib/isccfg/include/isccfg/aclconf.h b/lib/isccfg/include/isccfg/aclconf.h index 968c51e865..04f110891a 100644 --- a/lib/isccfg/include/isccfg/aclconf.h +++ b/lib/isccfg/include/isccfg/aclconf.h @@ -25,7 +25,7 @@ typedef struct cfg_aclconfctx { ISC_LIST(dns_acl_t) named_acl_cache; isc_mem_t *mctx; -#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) +#if defined(HAVE_GEOIP2) dns_geoip_databases_t *geoip; #endif isc_refcount_t references; diff --git a/lib/isccfg/namedconf.c b/lib/isccfg/namedconf.c index f5afd1fecf..bffdce6114 100644 --- a/lib/isccfg/namedconf.c +++ b/lib/isccfg/namedconf.c @@ -1075,12 +1075,12 @@ options_clauses[] = { { "fstrm-set-reopen-interval", &cfg_type_ttlval, CFG_CLAUSEFLAG_NOTCONFIGURED }, #endif /* HAVE_DNSTAP */ -#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) +#if defined(HAVE_GEOIP2) { "geoip-directory", &cfg_type_qstringornone, 0 }, #else { "geoip-directory", &cfg_type_qstringornone, CFG_CLAUSEFLAG_NOTCONFIGURED }, -#endif /* HAVE_GEOIP */ +#endif /* HAVE_GEOIP2 */ { "geoip-use-ecs", &cfg_type_boolean, CFG_CLAUSEFLAG_OBSOLETE }, { "has-old-clients", &cfg_type_boolean, CFG_CLAUSEFLAG_ANCIENT }, { "heartbeat-interval", &cfg_type_uint32, 0 }, diff --git a/lib/isccfg/parser.c b/lib/isccfg/parser.c index 7d7cff4cd5..2d95ffaf15 100644 --- a/lib/isccfg/parser.c +++ b/lib/isccfg/parser.c @@ -100,7 +100,7 @@ static void parser_complain(cfg_parser_t *pctx, bool is_warning, unsigned int flags, const char *format, va_list args); -#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) +#if defined(HAVE_GEOIP2) static isc_result_t parse_geoip(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret); @@ -109,7 +109,7 @@ print_geoip(cfg_printer_t *pctx, const cfg_obj_t *obj); static void doc_geoip(cfg_printer_t *pctx, const cfg_type_t *type); -#endif /* HAVE_GEOIP || HAVE_GEOIP2 */ +#endif /* HAVE_GEOIP2 */ /* * Data representations. These correspond to members of the @@ -1324,7 +1324,7 @@ LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_bracketed_text = { &cfg_rep_string, NULL }; -#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) +#if defined(HAVE_GEOIP2) /* * "geoip" ACL element: * geoip [ db ] search-type @@ -1409,7 +1409,7 @@ doc_geoip(cfg_printer_t *pctx, const cfg_type_t *type) { cfg_print_cstr(pctx, " "); cfg_doc_obj(pctx, &cfg_type_astring); } -#endif /* HAVE_GEOIP || HAVE_GEOIP2 */ +#endif /* HAVE_GEOIP2 */ static cfg_type_t cfg_type_addrmatchelt; static cfg_type_t cfg_type_negated; @@ -1430,7 +1430,7 @@ parse_addrmatchelt(cfg_parser_t *pctx, const cfg_type_t *type, CHECK(cfg_parse_obj(pctx, &cfg_type_keyref, ret)); } else if (pctx->token.type == isc_tokentype_string && (strcasecmp(TOKEN_STRING(pctx), "geoip") == 0)) { -#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) +#if defined(HAVE_GEOIP2) CHECK(cfg_gettoken(pctx, 0)); CHECK(cfg_parse_obj(pctx, &cfg_type_geoip, ret)); #else diff --git a/lib/ns/interfacemgr.c b/lib/ns/interfacemgr.c index 47978819b4..2601fb800a 100644 --- a/lib/ns/interfacemgr.c +++ b/lib/ns/interfacemgr.c @@ -230,7 +230,7 @@ ns_interfacemgr_create(isc_mem_t *mctx, result = dns_aclenv_init(mctx, &mgr->aclenv); if (result != ISC_R_SUCCESS) goto cleanup_listenon; -#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) +#if defined(HAVE_GEOIP2) mgr->aclenv.geoip = geoip; #else UNUSED(geoip); diff --git a/util/copyrights b/util/copyrights index 835d7db1aa..db7f895ff6 100644 --- a/util/copyrights +++ b/util/copyrights @@ -659,33 +659,6 @@ ./bin/tests/system/forward/setup.sh SH 2018,2019 ./bin/tests/system/forward/tests.sh SH 2000,2001,2004,2007,2011,2012,2013,2014,2016,2018,2019 ./bin/tests/system/genzone.sh SH 2001,2002,2003,2004,2007,2009,2011,2012,2013,2014,2015,2016,2017,2018,2019 -./bin/tests/system/geoip/clean.sh SH 2013,2014,2016,2018,2019 -./bin/tests/system/geoip/data/GeoIP.csv X 2013,2014,2018,2019 -./bin/tests/system/geoip/data/GeoIP.dat X 2013,2014,2018,2019 -./bin/tests/system/geoip/data/GeoIPASNum.csv X 2013,2018,2019 -./bin/tests/system/geoip/data/GeoIPASNum.dat X 2013,2018,2019 -./bin/tests/system/geoip/data/GeoIPASNumv6.csv X 2013,2018,2019 -./bin/tests/system/geoip/data/GeoIPASNumv6.dat X 2013,2018,2019 -./bin/tests/system/geoip/data/GeoIPCity.csv X 2013,2018,2019 -./bin/tests/system/geoip/data/GeoIPCity.dat X 2013,2018,2019 -./bin/tests/system/geoip/data/GeoIPCityv6.csv X 2013,2018,2019 -./bin/tests/system/geoip/data/GeoIPCityv6.dat X 2013,2018,2019 -./bin/tests/system/geoip/data/GeoIPDomain.csv X 2013,2018,2019 -./bin/tests/system/geoip/data/GeoIPDomain.dat X 2013,2018,2019 -./bin/tests/system/geoip/data/GeoIPISP.csv X 2013,2018,2019 -./bin/tests/system/geoip/data/GeoIPISP.dat X 2013,2018,2019 -./bin/tests/system/geoip/data/GeoIPNetSpeed.csv X 2013,2018,2019 -./bin/tests/system/geoip/data/GeoIPNetSpeed.dat X 2013,2018,2019 -./bin/tests/system/geoip/data/GeoIPOrg.csv X 2013,2018,2019 -./bin/tests/system/geoip/data/GeoIPOrg.dat X 2013,2018,2019 -./bin/tests/system/geoip/data/GeoIPRegion.csv X 2013,2018,2019 -./bin/tests/system/geoip/data/GeoIPRegion.dat X 2013,2018,2019 -./bin/tests/system/geoip/data/GeoIPv6.csv X 2013,2018,2019 -./bin/tests/system/geoip/data/GeoIPv6.dat X 2013,2018,2019 -./bin/tests/system/geoip/data/README TXT.BRIEF 2013,2014,2016,2018,2019 -./bin/tests/system/geoip/prereq.sh SH 2013,2014,2016,2018,2019 -./bin/tests/system/geoip/setup.sh SH 2013,2014,2016,2018,2019 -./bin/tests/system/geoip/tests.sh SH 2013,2014,2015,2016,2018,2019 ./bin/tests/system/geoip2/clean.sh SH 2019 ./bin/tests/system/geoip2/data/GeoIP2-City.json X 2019 ./bin/tests/system/geoip2/data/GeoIP2-City.mmdb X 2019 @@ -1664,7 +1637,6 @@ ./lib/dns/gen-unix.h C 1999,2000,2001,2004,2005,2007,2009,2016,2018,2019 ./lib/dns/gen-win32.h C 1999,2000,2001,2004,2005,2006,2007,2009,2014,2016,2018,2019 ./lib/dns/gen.c C 1998,1999,2000,2001,2002,2003,2004,2005,2006,2007,2008,2009,2012,2013,2014,2015,2016,2017,2018,2019 -./lib/dns/geoip.c C 2013,2014,2015,2016,2018,2019 ./lib/dns/geoip2.c C 2019 ./lib/dns/gssapi_link.c C 2000,2001,2002,2004,2005,2006,2007,2008,2009,2011,2012,2013,2014,2015,2016,2018,2019 ./lib/dns/gssapictx.c C 2000,2001,2004,2005,2006,2007,2008,2009,2010,2011,2012,2013,2014,2015,2016,2017,2018,2019