upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-06-10 22:39:58 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Maintain separate notify contexts for SOA and CDS

Browse source 
With Generalized DNS Notifications, a zone may need to send different
NOTIFY messages for different reasons. Introduce a method to
initialize a notify context and maintain a notify contexts per RRtype.
This commit is contained in:
Matthijs Mekking 2025-10-28 08:30:05 +01:00
parent f1b2646f2b
commit 8d83fbaf85
3 changed files with 54 additions and 32 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
lib/dns/include/dns/notify.h
View file

@ -29,6 +29,8 @@
struct dns_notifyctx {
dns_acl_t *notify_acl;
dns_rdatatype_t type;
isc_sockaddr_t notifyfrom;
dns_notifylist_t notifies;
@ -63,6 +65,16 @@ typedef enum dns_notify_flags {
DNS_NOTIFY_TCP = 1 << 2,
} dns_notify_flags_t;
void
dns_notifyctx_init(dns_notifyctx_t *nctx, dns_rdatatype_t type);
/*%
* Initializes a notify context for the RRtype 'type'.
*
* Requires:
* 'nctx' is not NULL.
*
*/
void
dns_notify_create(isc_mem_t *mctx, unsigned int flags, dns_notify_t **notifyp);
/*%<

13
lib/dns/notify.c
View file

@ -39,6 +39,19 @@ notify_log(dns_notify_t *notify, int level, const char *fmt, ...) {
va_end(ap);
}
void
dns_notifyctx_init(dns_notifyctx_t *nctx, dns_rdatatype_t type) {
dns_notifyctx_t ctx = {
.type = type,
.notifytype = dns_notifytype_yes,
.notifies = ISC_LIST_INITIALIZER,
};
isc_sockaddr_any(&ctx.notifysrc4);
isc_sockaddr_any6(&ctx.notifysrc6);
*nctx = ctx;
}
void
dns_notify_create(isc_mem_t *mctx, unsigned int flags, dns_notify_t **notifyp) {
dns_notify_t *notify;

61
lib/dns/zone.c
View file

@ -340,7 +340,8 @@ struct dns_zone {
uint32_t fetchcount[ZONEFETCHTYPE_COUNT];
dns_remote_t alsonotify;
dns_notifyctx_t notifyctx;
dns_notifyctx_t notifysoa;
dns_notifyctx_t notifycds;
isc_sockaddr_t parentalsrc4;
isc_sockaddr_t parentalsrc6;
@ -1085,13 +1086,6 @@ dns_zone_create(dns_zone_t **zonep, isc_mem_t *mctx, isc_tid_t tid) {
dns_remote_t r = {
.magic = DNS_REMOTE_MAGIC,
};
dns_notifyctx_t nc = {
.notifytype = dns_notifytype_yes,
.notifies = ISC_LIST_INITIALIZER,
};
isc_sockaddr_any(&nc.notifysrc4);
isc_sockaddr_any6(&nc.notifysrc6);
zone->notifyctx = nc;
isc_mem_attach(mctx, &zone->mctx);
isc_mutex_init(&zone->lock);
@ -1111,6 +1105,9 @@ dns_zone_create(dns_zone_t **zonep, isc_mem_t *mctx, isc_tid_t tid) {
zone->defaultkasp = NULL;
ISC_LIST_INIT(zone->keyring);
dns_notifyctx_init(&zone->notifysoa, dns_rdatatype_soa);
dns_notifyctx_init(&zone->notifycds, dns_rdatatype_cds);
isc_stats_create(mctx, &zone->gluecachestats,
dns_gluecachestatscounter_max);
@ -1251,8 +1248,8 @@ dns__zone_free(dns_zone_t *zone) {
if (zone->forward_acl != NULL) {
dns_acl_detach(&zone->forward_acl);
}
if (zone->notifyctx.notify_acl != NULL) {
dns_acl_detach(&zone->notifyctx.notify_acl);
if (zone->notifysoa.notify_acl != NULL) {
dns_acl_detach(&zone->notifysoa.notify_acl);
}
if (zone->query_acl != NULL) {
dns_acl_detach(&zone->query_acl);
@ -1370,7 +1367,7 @@ dns_zone_setnotifytype(dns_zone_t *zone, dns_notifytype_t notifytype) {
REQUIRE(DNS_ZONE_VALID(zone));
LOCK_ZONE(zone);
zone->notifyctx.notifytype = notifytype;
zone->notifysoa.notifytype = notifytype;
UNLOCK_ZONE(zone);
}
@ -6339,7 +6336,7 @@ dns_zone_setnotifysrc4(dns_zone_t *zone, const isc_sockaddr_t *notifysrc) {
REQUIRE(notifysrc != NULL);
LOCK_ZONE(zone);
zone->notifyctx.notifysrc4 = *notifysrc;
zone->notifysoa.notifysrc4 = *notifysrc;
UNLOCK_ZONE(zone);
}
@ -6349,7 +6346,7 @@ dns_zone_getnotifysrc4(dns_zone_t *zone, isc_sockaddr_t *notifysrc) {
REQUIRE(notifysrc != NULL);
LOCK_ZONE(zone);
*notifysrc = zone->notifyctx.notifysrc4;
*notifysrc = zone->notifysoa.notifysrc4;
UNLOCK_ZONE(zone);
}
@ -6359,7 +6356,7 @@ dns_zone_setnotifysrc6(dns_zone_t *zone, const isc_sockaddr_t *notifysrc) {
REQUIRE(notifysrc != NULL);
LOCK_ZONE(zone);
zone->notifyctx.notifysrc6 = *notifysrc;
zone->notifysoa.notifysrc6 = *notifysrc;
UNLOCK_ZONE(zone);
}
@ -6369,7 +6366,7 @@ dns_zone_getnotifysrc6(dns_zone_t *zone, isc_sockaddr_t *notifysrc) {
REQUIRE(notifysrc != NULL);
LOCK_ZONE(zone);
*notifysrc = zone->notifyctx.notifysrc6;
*notifysrc = zone->notifysoa.notifysrc6;
UNLOCK_ZONE(zone);
}
@ -12463,7 +12460,7 @@ zone_notify(dns_zone_t *zone, isc_time_t *now) {
DNS_ZONEFLG_NEEDSTARTUPNOTIFY |
DNS_ZONEFLG_NOTIFYNODEFER |
DNS_ZONEFLG_NOTIFYDEFERRED);
notifytype = zone->notifyctx.notifytype;
notifytype = zone->notifysoa.notifytype;
DNS_ZONE_TIME_ADD(now, zone->notifydelay, &zone->notifytime);
UNLOCK_ZONE(zone);
@ -12582,7 +12579,7 @@ zone_notify(dns_zone_t *zone, isc_time_t *now) {
goto next;
}
if (dns_notify_isqueued(&zone->notifyctx, flags, NULL, &dst,
if (dns_notify_isqueued(&zone->notifysoa, flags, NULL, &dst,
key, transport))
{
if (key != NULL) {
@ -12612,7 +12609,7 @@ zone_notify(dns_zone_t *zone, isc_time_t *now) {
transport = NULL;
}
ISC_LIST_APPEND(zone->notifyctx.notifies, notify, link);
ISC_LIST_APPEND(zone->notifysoa.notifies, notify, link);
result = dns_notify_queue(notify, startup);
if (result != ISC_R_SUCCESS) {
dns_notify_destroy(notify, true);
@ -12671,7 +12668,7 @@ zone_notify(dns_zone_t *zone, isc_time_t *now) {
}
LOCK_ZONE(zone);
isqueued = dns_notify_isqueued(&zone->notifyctx, flags,
isqueued = dns_notify_isqueued(&zone->notifysoa, flags,
&ns.name, NULL, NULL, NULL);
UNLOCK_ZONE(zone);
if (isqueued) {
@ -12681,7 +12678,7 @@ zone_notify(dns_zone_t *zone, isc_time_t *now) {
dns_zone_iattach(zone, &notify->zone);
dns_name_dup(&ns.name, zone->mctx, &notify->ns);
LOCK_ZONE(zone);
ISC_LIST_APPEND(zone->notifyctx.notifies, notify, link);
ISC_LIST_APPEND(zone->notifysoa.notifies, notify, link);
UNLOCK_ZONE(zone);
dns_notify_find_address(notify);
}
@ -14609,7 +14606,7 @@ zone_shutdown(void *arg) {
checkds_cancel(zone);
dns_notify_cancel(&zone->notifyctx);
dns_notify_cancel(&zone->notifysoa);
forward_cancel(zone);
@ -15000,13 +14997,13 @@ dns_zone_notifyreceive(dns_zone_t *zone, isc_sockaddr_t *from,
/*
* Accept notify requests from non primaries if they are on
* 'zone->notifyctx.notify_acl'.
* 'zone->notifysoa.notify_acl'.
*/
tsigkey = dns_message_gettsigkey(msg);
tsig = dns_tsigkey_identity(tsigkey);
if (i >= dns_remote_count(&zone->primaries) &&
zone->notifyctx.notify_acl != NULL &&
(dns_acl_match(&netaddr, tsig, zone->notifyctx.notify_acl,
zone->notifysoa.notify_acl != NULL &&
(dns_acl_match(&netaddr, tsig, zone->notifysoa.notify_acl,
zone->view->aclenv, &match,
NULL) == ISC_R_SUCCESS) &&
match > 0)
@ -15070,7 +15067,7 @@ dns_zone_notifyreceive(dns_zone_t *zone, isc_sockaddr_t *from,
*/
if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_REFRESH)) {
DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_NEEDREFRESH);
zone->notifyctx.notifyfrom = *from;
zone->notifysoa.notifyfrom = *from;
UNLOCK_ZONE(zone);
if (have_serial) {
dns_zone_logc(zone, DNS_LOGCATEGORY_XFER_IN,
@ -15096,7 +15093,7 @@ dns_zone_notifyreceive(dns_zone_t *zone, isc_sockaddr_t *from,
dns_zone_logc(zone, DNS_LOGCATEGORY_XFER_IN, ISC_LOG_INFO,
"notify from %s: no serial", fromtext);
}
zone->notifyctx.notifyfrom = *from;
zone->notifysoa.notifyfrom = *from;
UNLOCK_ZONE(zone);
if (to != NULL) {
@ -15111,10 +15108,10 @@ dns_zone_setnotifyacl(dns_zone_t *zone, dns_acl_t *acl) {
REQUIRE(DNS_ZONE_VALID(zone));
LOCK_ZONE(zone);
if (zone->notifyctx.notify_acl != NULL) {
dns_acl_detach(&zone->notifyctx.notify_acl);
if (zone->notifysoa.notify_acl != NULL) {
dns_acl_detach(&zone->notifysoa.notify_acl);
}
dns_acl_attach(acl, &zone->notifyctx.notify_acl);
dns_acl_attach(acl, &zone->notifysoa.notify_acl);
UNLOCK_ZONE(zone);
}
@ -15240,8 +15237,8 @@ dns_zone_clearnotifyacl(dns_zone_t *zone) {
REQUIRE(DNS_ZONE_VALID(zone));
LOCK_ZONE(zone);
if (zone->notifyctx.notify_acl != NULL) {
dns_acl_detach(&zone->notifyctx.notify_acl);
if (zone->notifysoa.notify_acl != NULL) {
dns_acl_detach(&zone->notifysoa.notify_acl);
}
UNLOCK_ZONE(zone);
}
@ -15666,7 +15663,7 @@ dns_notifyctx_t *
dns__zone_getnotifyctx(dns_zone_t *zone) {
REQUIRE(DNS_ZONE_VALID(zone));
return &zone->notifyctx;
return &zone->notifysoa;
}
void