From 50dd6aad3472a58c8cf7caa1458b03883c1cc91f Mon Sep 17 00:00:00 2001 From: Evan Hunt Date: Mon, 2 Oct 2023 13:52:58 -0700 Subject: [PATCH 1/6] remove unused functions in dns_master dns_master_dumpnode() and dns_master_dumpnodetostream() were never used and can be removed. --- lib/dns/include/dns/masterdump.h | 11 ---- lib/dns/masterdump.c | 87 -------------------------------- 2 files changed, 98 deletions(-) diff --git a/lib/dns/include/dns/masterdump.h b/lib/dns/include/dns/masterdump.h index 973f31fafd..a030924e73 100644 --- a/lib/dns/include/dns/masterdump.h +++ b/lib/dns/include/dns/masterdump.h @@ -336,17 +336,6 @@ dns_master_questiontotext(const dns_name_t *owner_name, const dns_master_style_t *style, isc_buffer_t *target); -isc_result_t -dns_master_dumpnodetostream(isc_mem_t *mctx, dns_db_t *db, - dns_dbversion_t *version, dns_dbnode_t *node, - const dns_name_t *name, - const dns_master_style_t *style, FILE *f); - -isc_result_t -dns_master_dumpnode(isc_mem_t *mctx, dns_db_t *db, dns_dbversion_t *version, - dns_dbnode_t *node, const dns_name_t *name, - const dns_master_style_t *style, const char *filename); - dns_masterstyle_flags_t dns_master_styleflags(const dns_master_style_t *style); diff --git a/lib/dns/masterdump.c b/lib/dns/masterdump.c index 32b13b630f..6418420dc5 100644 --- a/lib/dns/masterdump.c +++ b/lib/dns/masterdump.c @@ -1908,93 +1908,6 @@ cleanup: return (result); } -/* - * Dump a database node into a master file. - * XXX: this function assumes the text format. - */ -isc_result_t -dns_master_dumpnodetostream(isc_mem_t *mctx, dns_db_t *db, - dns_dbversion_t *version, dns_dbnode_t *node, - const dns_name_t *name, - const dns_master_style_t *style, FILE *f) { - isc_result_t result; - isc_buffer_t buffer; - char *bufmem; - isc_stdtime_t now = isc_stdtime_now(); - dns_totext_ctx_t ctx; - dns_rdatasetiter_t *rdsiter = NULL; - unsigned int options = DNS_DB_STALEOK; - - if ((style->flags & DNS_STYLEFLAG_EXPIRED) != 0) { - options |= DNS_DB_EXPIREDOK; - } - - result = totext_ctx_init(style, NULL, &ctx); - if (result != ISC_R_SUCCESS) { - UNEXPECTED_ERROR("could not set master file style"); - return (ISC_R_UNEXPECTED); - } - - bufmem = isc_mem_get(mctx, initial_buffer_length); - - isc_buffer_init(&buffer, bufmem, initial_buffer_length); - - result = dns_db_allrdatasets(db, node, version, options, now, &rdsiter); - if (result != ISC_R_SUCCESS) { - goto failure; - } - result = dump_rdatasets_text(mctx, name, rdsiter, &ctx, &buffer, f); - if (result != ISC_R_SUCCESS) { - goto failure; - } - dns_rdatasetiter_destroy(&rdsiter); - - result = ISC_R_SUCCESS; - -failure: - isc_mem_put(mctx, buffer.base, buffer.length); - return (result); -} - -isc_result_t -dns_master_dumpnode(isc_mem_t *mctx, dns_db_t *db, dns_dbversion_t *version, - dns_dbnode_t *node, const dns_name_t *name, - const dns_master_style_t *style, const char *filename) { - FILE *f = NULL; - isc_result_t result; - - result = isc_stdio_open(filename, "w", &f); - if (result != ISC_R_SUCCESS) { - isc_log_write(dns_lctx, ISC_LOGCATEGORY_GENERAL, - DNS_LOGMODULE_MASTERDUMP, ISC_LOG_ERROR, - "dumping node to file: %s: open: %s", filename, - isc_result_totext(result)); - return (ISC_R_UNEXPECTED); - } - - result = dns_master_dumpnodetostream(mctx, db, version, node, name, - style, f); - if (result != ISC_R_SUCCESS) { - isc_log_write(dns_lctx, ISC_LOGCATEGORY_GENERAL, - DNS_LOGMODULE_MASTERDUMP, ISC_LOG_ERROR, - "dumping master file: %s: dump: %s", filename, - isc_result_totext(result)); - (void)isc_stdio_close(f); - return (ISC_R_UNEXPECTED); - } - - result = isc_stdio_close(f); - if (result != ISC_R_SUCCESS) { - isc_log_write(dns_lctx, ISC_LOGCATEGORY_GENERAL, - DNS_LOGMODULE_MASTERDUMP, ISC_LOG_ERROR, - "dumping master file: %s: close: %s", filename, - isc_result_totext(result)); - return (ISC_R_UNEXPECTED); - } - - return (result); -} - dns_masterstyle_flags_t dns_master_styleflags(const dns_master_style_t *style) { REQUIRE(style != NULL); From 7d05590a6f305c0e165d4f912768976b719428c7 Mon Sep 17 00:00:00 2001 From: Evan Hunt Date: Tue, 31 Oct 2023 14:20:51 +0100 Subject: [PATCH 2/6] clean up client.c - make dns_client_startresolve() static since it's only used internally - remove outdated comments --- lib/dns/client.c | 88 ++++++++++++++++-------------------- lib/dns/include/dns/client.h | 14 +----- 2 files changed, 40 insertions(+), 62 deletions(-) diff --git a/lib/dns/client.c b/lib/dns/client.c index 486cda4af7..f65cb5ef3c 100644 --- a/lib/dns/client.c +++ b/lib/dns/client.c @@ -70,7 +70,6 @@ * DNS client object */ struct dns_client { - /* Unlocked */ unsigned int magic; unsigned int attributes; isc_mem_t *mctx; @@ -432,10 +431,6 @@ start_fetch(resctx_t *rctx) { isc_result_t result; int fopts = 0; - /* - * The caller must be holding the rctx's lock. - */ - REQUIRE(rctx->fetch == NULL); if (!rctx->want_cdflag) { @@ -859,45 +854,11 @@ resolve_done(void *arg) { isc_mem_putanddetach(&resarg->mctx, resarg, sizeof(*resarg)); } -isc_result_t -dns_client_resolve(dns_client_t *client, const dns_name_t *name, - dns_rdataclass_t rdclass, dns_rdatatype_t type, - unsigned int options, dns_namelist_t *namelist, - dns_client_resolve_cb resolve_cb) { - isc_result_t result; - resarg_t *resarg = NULL; - - REQUIRE(DNS_CLIENT_VALID(client)); - REQUIRE(namelist != NULL && ISC_LIST_EMPTY(*namelist)); - REQUIRE(rdclass == dns_rdataclass_in); - - resarg = isc_mem_get(client->mctx, sizeof(*resarg)); - - *resarg = (resarg_t){ - .client = client, - .name = name, - .result = DNS_R_SERVFAIL, - .namelist = namelist, - .resolve_cb = resolve_cb, - }; - - isc_mem_attach(client->mctx, &resarg->mctx); - - result = dns_client_startresolve(client, name, rdclass, type, options, - resolve_done, resarg, &resarg->trans); - if (result != ISC_R_SUCCESS) { - isc_mem_put(client->mctx, resarg, sizeof(*resarg)); - return (result); - } - - return (result); -} - -isc_result_t -dns_client_startresolve(dns_client_t *client, const dns_name_t *name, - dns_rdataclass_t rdclass, dns_rdatatype_t type, - unsigned int options, isc_job_cb cb, void *arg, - dns_clientrestrans_t **transp) { +static isc_result_t +startresolve(dns_client_t *client, const dns_name_t *name, + dns_rdataclass_t rdclass, dns_rdatatype_t type, + unsigned int options, isc_job_cb cb, void *arg, + dns_clientrestrans_t **transp) { dns_clientresume_t *rev = NULL; resctx_t *rctx = NULL; isc_mem_t *mctx = NULL; @@ -981,6 +942,40 @@ cleanup: return (result); } +isc_result_t +dns_client_resolve(dns_client_t *client, const dns_name_t *name, + dns_rdataclass_t rdclass, dns_rdatatype_t type, + unsigned int options, dns_namelist_t *namelist, + dns_client_resolve_cb resolve_cb) { + isc_result_t result; + resarg_t *resarg = NULL; + + REQUIRE(DNS_CLIENT_VALID(client)); + REQUIRE(namelist != NULL && ISC_LIST_EMPTY(*namelist)); + REQUIRE(rdclass == dns_rdataclass_in); + + resarg = isc_mem_get(client->mctx, sizeof(*resarg)); + + *resarg = (resarg_t){ + .client = client, + .name = name, + .result = DNS_R_SERVFAIL, + .namelist = namelist, + .resolve_cb = resolve_cb, + }; + + isc_mem_attach(client->mctx, &resarg->mctx); + + result = startresolve(client, name, rdclass, type, options, + resolve_done, resarg, &resarg->trans); + if (result != ISC_R_SUCCESS) { + isc_mem_put(client->mctx, resarg, sizeof(*resarg)); + return (result); + } + + return (result); +} + void dns_client_freeresanswer(dns_client_t *client, dns_namelist_t *namelist) { dns_name_t *name; @@ -1027,11 +1022,6 @@ destroyrestrans(dns_clientrestrans_t **transp) { mctx = client->mctx; dns_view_detach(&rctx->view); - /* - * Wait for the lock in client_resfind to be released before - * destroying the lock. - */ - INSIST(ISC_LINK_LINKED(rctx, link)); ISC_LIST_UNLINK(client->resctxs, rctx, link); diff --git a/lib/dns/include/dns/client.h b/lib/dns/include/dns/client.h index f5aef0a4a6..148578f4b7 100644 --- a/lib/dns/include/dns/client.h +++ b/lib/dns/include/dns/client.h @@ -55,7 +55,7 @@ ISC_LANG_BEGINDECLS ***/ /*% - * Optional flags for dns_client_(start)resolve. + * Optional flags for dns_client_resolve. */ /*%< Do not return DNSSEC data (e.g. RRSIGS) with response. */ #define DNS_CLIENTRESOPT_NODNSSEC 0x01 @@ -185,11 +185,6 @@ dns_client_resolve(dns_client_t *client, const dns_name_t *name, unsigned int options, dns_namelist_t *namelist, dns_client_resolve_cb resolve_cb); -isc_result_t -dns_client_startresolve(dns_client_t *client, const dns_name_t *name, - dns_rdataclass_t rdclass, dns_rdatatype_t type, - unsigned int options, isc_job_cb cb, void *arg, - dns_clientrestrans_t **transp); /*%< * Perform name resolution for 'name', 'rdclass', and 'type'. * @@ -215,13 +210,6 @@ dns_client_startresolve(dns_client_t *client, const dns_name_t *name, * It is expected that the client object passed to dns_client_resolve() was * created via dns_client_create() and has external managers and contexts. * - * dns_client_startresolve() is an asynchronous version of dns_client_resolve() - * and does not block. When name resolution is completed, 'cb' will be - * called with the argument of a 'dns_clientresume_t' object, which contains - * the resulting list of answer names (on success), and a also contains - * a pointer to 'arg'. On return, '*transp' is set to an opaque transaction - * ID so that the caller can cancel this resolution process. - * * Requires: * *\li 'client' is a valid client. From 03daed4d119a15847bb10a8f12eaa7a4315c5796 Mon Sep 17 00:00:00 2001 From: Evan Hunt Date: Tue, 31 Oct 2023 14:25:54 +0100 Subject: [PATCH 3/6] remove bin/rndc/rndc.conf this file was no longer used. --- bin/rndc/rndc.conf | 41 ----------------------------------------- 1 file changed, 41 deletions(-) delete mode 100644 bin/rndc/rndc.conf diff --git a/bin/rndc/rndc.conf b/bin/rndc/rndc.conf deleted file mode 100644 index 78ee858515..0000000000 --- a/bin/rndc/rndc.conf +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright (C) Internet Systems Consortium, Inc. ("ISC") - * - * SPDX-License-Identifier: MPL-2.0 - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, you can obtain one at https://mozilla.org/MPL/2.0/. - * - * See the COPYRIGHT file distributed with this work for additional - * information regarding copyright ownership. - */ - -/* - * Sample rndc configuration file. - */ - -options { - default-server localhost; - default-key "key"; -}; - -server localhost { - key "key"; -}; - -key "cc64b3d1db63fc88d7cb5d2f9f57d258" { - algorithm hmac-sha256; - secret "34f88008d07deabbe65bd01f1d233d47"; -}; - -server "test1" { - key "cc64b3d1db63fc88d7cb5d2f9f57d258"; - port 5353; - addresses { 10.53.0.1; }; -}; - -key "key" { - algorithm hmac-sha256; - secret "c3Ryb25nIGVub3VnaCBmb3IgYSBtYW4gYnV0IG1hZGUgZm9yIGEgd29tYW4K"; -}; From 90a16b3e65a67f367b39be2791fb5435781106e9 Mon Sep 17 00:00:00 2001 From: Evan Hunt Date: Wed, 1 Nov 2023 08:37:44 +0100 Subject: [PATCH 4/6] fix unnecessary capitalization there was a typo in the copyright header. --- bin/tests/system/enginepkcs11/ns1/template.db.in | 2 +- bin/tests/system/keyfromlabel/template.db.in | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/bin/tests/system/enginepkcs11/ns1/template.db.in b/bin/tests/system/enginepkcs11/ns1/template.db.in index 7941903808..f2baaa78a1 100644 --- a/bin/tests/system/enginepkcs11/ns1/template.db.in +++ b/bin/tests/system/enginepkcs11/ns1/template.db.in @@ -4,7 +4,7 @@ ; ; This Source Code Form is subject to the terms of the Mozilla Public ; License, v. 2.0. If a copy of the MPL was not distributed with this -; file, You can obtain one at http://mozilla.org/MPL/2.0/. +; file, you can obtain one at http://mozilla.org/MPL/2.0/. ; ; See the COPYRIGHT file distributed with this work for additional ; information regarding copyright ownership. diff --git a/bin/tests/system/keyfromlabel/template.db.in b/bin/tests/system/keyfromlabel/template.db.in index 7941903808..f2baaa78a1 100644 --- a/bin/tests/system/keyfromlabel/template.db.in +++ b/bin/tests/system/keyfromlabel/template.db.in @@ -4,7 +4,7 @@ ; ; This Source Code Form is subject to the terms of the Mozilla Public ; License, v. 2.0. If a copy of the MPL was not distributed with this -; file, You can obtain one at http://mozilla.org/MPL/2.0/. +; file, you can obtain one at http://mozilla.org/MPL/2.0/. ; ; See the COPYRIGHT file distributed with this work for additional ; information regarding copyright ownership. From ced8a825036f58e746bc883fc777931bd9851072 Mon Sep 17 00:00:00 2001 From: Evan Hunt Date: Wed, 1 Nov 2023 17:00:45 +0100 Subject: [PATCH 5/6] fix consistency check for delv +ns and +qmin the code to prevent +qmin from being used without +ns was in the wrong place, resulting in it only working correctly if +ns was specified first. --- bin/delv/delv.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/bin/delv/delv.c b/bin/delv/delv.c index 25ff05e857..16e005ab7f 100644 --- a/bin/delv/delv.c +++ b/bin/delv/delv.c @@ -1378,10 +1378,6 @@ plus_option(char *option) { fprintf(stderr, "Invalid option: +%s\n", option); usage(); } - - if (qmin && !fulltrace) { - fatal("'+qmin' cannot be used without '+ns'"); - } return; } @@ -1730,6 +1726,11 @@ parse_args(int argc, char **argv) { } } + /* check consistency */ + if (qmin && !fulltrace) { + fatal("'+qmin' cannot be used without '+ns'"); + } + /* * If no qname or qtype specified, search for root/NS * If no qtype specified, use A From c8f43b9160c9255b76d84170d44b13895496395b Mon Sep 17 00:00:00 2001 From: Evan Hunt Date: Wed, 1 Nov 2023 17:09:16 +0100 Subject: [PATCH 6/6] remove some long-deprecated arguments from dig certain dig options which were deprecated and became nonoperational several releases ago still had documentation in the dig man page and warnings printed when they were used: these included +mapped, +sigchase, +topdown, +unexpected, +trusted-key, and the -i and -n options. these are now all fatal errors. another option was described as deprecated in the man page, but the code to print a warning was never added. it has been added now. --- bin/dig/dig.c | 36 ++++++++++++---------------------- bin/dig/dig.rst | 34 +++++++++++--------------------- bin/tests/system/idna/tests.sh | 3 +-- bin/tools/mdig.c | 3 +-- 4 files changed, 26 insertions(+), 50 deletions(-) diff --git a/bin/dig/dig.c b/bin/dig/dig.c index 54d1425ea5..5274a7a9c0 100644 --- a/bin/dig/dig.c +++ b/bin/dig/dig.c @@ -306,8 +306,7 @@ help(void) { " +[no]tls-keyfile=file (Load client TLS " "private key from file)\n" " +[no]trace (Trace delegation down " - "from root " - "[+dnssec])\n" + "from root [implies +dnssec])\n" " +tries=### (Set number of UDP " "attempts) [3]\n" " +[no]ttlid (Control display of ttls " @@ -1670,6 +1669,8 @@ plus_option(char *option, bool is_batchfile, bool *need_clone, switch (cmd[1]) { case 'e': /* defname */ FULLCHECK("defname"); + fprintf(stderr, ";; +[no]defname option is " + "deprecated; use +[no]search\n"); if (!lookup->trace) { usesearch = state; } @@ -2044,12 +2045,11 @@ plus_option(char *option, bool is_batchfile, bool *need_clone, goto invalid_option; } break; - case 'm': /* multiline */ + case 'm': switch (cmd[1]) { case 'a': FULLCHECK("mapped"); - fprintf(stderr, ";; +mapped option is deprecated"); - break; + fatal("+mapped option no longer supported"); case 'u': FULLCHECK("multiline"); lookup->multiline = state; @@ -2303,8 +2303,7 @@ plus_option(char *option, bool is_batchfile, bool *need_clone, break; case 'i': /* sigchase */ FULLCHECK("sigchase"); - fprintf(stderr, ";; +sigchase option is deprecated"); - break; + fatal("+sigchase option no longer supported"); case 'p': /* split */ FULLCHECK("split"); if (value != NULL && !state) { @@ -2428,8 +2427,7 @@ plus_option(char *option, bool is_batchfile, bool *need_clone, break; case 'o': FULLCHECK("topdown"); - fprintf(stderr, ";; +topdown option is deprecated"); - break; + fatal("+topdown option no longer supported"); case 'r': switch (cmd[2]) { case 'a': /* trace */ @@ -2470,9 +2468,8 @@ plus_option(char *option, bool is_batchfile, bool *need_clone, break; case 'u': /* trusted-key */ FULLCHECK("trusted-key"); - fprintf(stderr, ";; +trusted-key option is " - "deprecated"); - break; + fatal("+trusted-key option " + "no longer supported"); default: goto invalid_option; } @@ -2509,9 +2506,8 @@ plus_option(char *option, bool is_batchfile, bool *need_clone, switch (cmd[2]) { case 'e': FULLCHECK("unexpected"); - fprintf(stderr, ";; +unexpected option " - "is deprecated"); - break; + fatal("+unexpected option " + "no longer supported"); case 'k': FULLCHECK("unknownformat"); lookup->print_unknown_format = state; @@ -2519,11 +2515,7 @@ plus_option(char *option, bool is_batchfile, bool *need_clone, default: goto invalid_option; } - break; - default: - goto invalid_option; } - break; case 'v': FULLCHECK("vc"); @@ -2629,14 +2621,12 @@ dash_option(char *option, char *next, dig_lookup_t **lookup, exit(0); break; case 'i': - /* deprecated */ - break; + fatal("-%c removed", option[0]); case 'm': /* memdebug */ /* memdebug is handled in preparse_args() */ break; case 'n': - /* deprecated */ - break; + fatal("-%c removed", option[0]); case 'r': debug("digrc (late)"); digrc = false; diff --git a/bin/dig/dig.rst b/bin/dig/dig.rst index 71dce3ec36..83c0ab7acf 100644 --- a/bin/dig/dig.rst +++ b/bin/dig/dig.rst @@ -614,11 +614,6 @@ abbreviation is unambiguous; for example, :option:`+cd` is equivalent to This option performs [or does not perform] a search showing intermediate results. -.. option:: +sigchase, +nosigchase - - This feature is now obsolete and has been removed; use :iscman:`delv` - instead. - .. option:: +split=W This option splits long hex- or base64-formatted fields in resource records into @@ -688,25 +683,23 @@ abbreviation is unambiguous; for example, :option:`+cd` is equivalent to server TLS certificate verification. Otherwise, the DNS server name is used. This option has no effect if :option:`+tls-ca` is not specified. -.. option:: +topdown, +notopdown - - This feature is related to :option:`dig +sigchase`, which is obsolete and - has been removed. Use :iscman:`delv` instead. - .. option:: +trace, +notrace - This option toggles tracing of the delegation path from the root name servers for - the name being looked up. Tracing is disabled by default. When - tracing is enabled, :program:`dig` makes iterative queries to resolve the - name being looked up. It follows referrals from the root servers, - showing the answer from each server that was used to resolve the - lookup. + This option toggles tracing of the delegation path from the root name + servers for the name being looked up. Tracing is disabled by default. + When tracing is enabled, :program:`dig` makes iterative queries to + resolve the name being looked up. It follows referrals from the root + servers, showing the answer from each server that was used to resolve + the lookup. If ``@server`` is also specified, it affects only the initial query for the root zone name servers. - :option:`+dnssec` is also set when :option:`+trace` is set, to better emulate the - default queries from a name server. + :option:`+dnssec` is set when :option:`+trace` is set, to better + emulate the default queries from a name server. + + Note that the ``delv +ns`` option can also be used for tracing the + resolution of a name from the root (see :iscman:`delv`). .. option:: +tries=T @@ -714,11 +707,6 @@ abbreviation is unambiguous; for example, :option:`+cd` is equivalent to instead of the default, 3. If ``T`` is less than or equal to zero, the number of tries is silently rounded up to 1. -.. option:: +trusted-key=#### - - This option formerly specified trusted keys for use with :option:`dig +sigchase`. This - feature is now obsolete and has been removed; use :iscman:`delv` instead. - .. option:: +ttlid, +nottlid This option displays [or does not display] the TTL when printing the record. diff --git a/bin/tests/system/idna/tests.sh b/bin/tests/system/idna/tests.sh index d83dae76be..4a8dc512b0 100644 --- a/bin/tests/system/idna/tests.sh +++ b/bin/tests/system/idna/tests.sh @@ -53,8 +53,7 @@ export LC_ALL # 1. http://www.unicode.org/reports/tr46/#Deviations # 2. http://www.unicode.org/reports/tr46/#IDNAComparison -# Using dig insecure mode as we are not testing DNSSEC here -DIGCMD="$DIG -i -p ${PORT} @10.53.0.1" +DIGCMD="$DIG -p ${PORT} @10.53.0.1" # Initialize test count and status return n=0 diff --git a/bin/tools/mdig.c b/bin/tools/mdig.c index 094c4e0dcd..1c36679403 100644 --- a/bin/tools/mdig.c +++ b/bin/tools/mdig.c @@ -1693,8 +1693,7 @@ dash_option(const char *option, char *next, struct query *query, bool global, exit(0); break; case 'i': - /* deprecated */ - break; + fatal("-%c removed", opt); case 'm': /* * handled by preparse_args()