upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-05-28 04:34:54 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

fix "response-padding" configuration and remove optionmaps

Browse source 
Add a default "response-padding" option in the global defaults,
to disable the option, and simplify the configuration code so that
looks at the global defaults if the option is not set in named.conf.

This enables us to remove the 'optionmaps' variable in configure_view(),
which was used for options that only look in named.conf.

(cherry picked from commit cf409e814f)
This commit is contained in:
Evan Hunt 2025-10-28 21:33:03 -07:00
parent 0b39889b47
commit a107d77b33
2 changed files with 18 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
bin/named/config.c
View file

@ -188,6 +188,7 @@ options {\n\
parental-source *;\n\
parental-source-v6 *;\n\
provide-ixfr true;\n\
response-padding { none; } block-size 0;\n\
qname-minimization relaxed;\n\
query-source address *;\n\
query-source-v6 address *;\n\

40
bin/named/server.c
View file

@ -4166,7 +4166,6 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config,
bool first_time) {
const cfg_obj_t *maps[4];
const cfg_obj_t *cfgmaps[3];
const cfg_obj_t *optionmaps[3];
const cfg_obj_t *options = NULL;
const cfg_obj_t *voptions = NULL;
const cfg_obj_t *forwardtype;
@ -4225,6 +4224,7 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config,
const char *qminmode = NULL;
dns_adb_t *adb = NULL;
bool oldcache = false;
uint32_t padding;
REQUIRE(DNS_VIEW_VALID(view));
@ -4234,27 +4234,24 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config,
/*
* maps: view options, options, defaults
* cfgmaps: view options, config
* optionmaps: view options, options
* cfgmaps: view options, top-level config
*/
if (vconfig != NULL) {
voptions = cfg_tuple_get(vconfig, "options");
maps[i++] = voptions;
optionmaps[j++] = voptions;
cfgmaps[k++] = voptions;
}
if (options != NULL) {
maps[i++] = options;
optionmaps[j++] = options;
}
maps[i++] = named_g_defaults;
maps[i] = NULL;
optionmaps[j] = NULL;
if (config != NULL) {
cfgmaps[k++] = config;
cfgmaps[j++] = config;
}
cfgmaps[k] = NULL;
cfgmaps[j] = NULL;
/*
* Set the view's port number for outgoing queries.
@ -5617,22 +5614,19 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config,
if (view->pad_acl != NULL) {
dns_acl_detach(&view->pad_acl);
}
result = named_config_get(optionmaps, "response-padding", &obj);
if (result == ISC_R_SUCCESS) {
const cfg_obj_t *padobj = cfg_tuple_get(obj, "block-size");
const cfg_obj_t *aclobj = cfg_tuple_get(obj, "acl");
uint32_t padding = cfg_obj_asuint32(padobj);
if (padding > 512U) {
cfg_obj_log(obj, named_g_lctx, ISC_LOG_WARNING,
"response-padding block-size cannot "
"exceed 512: lowering");
padding = 512U;
}
view->padding = (uint16_t)padding;
CHECK(cfg_acl_fromconfig(aclobj, config, named_g_lctx, actx,
named_g_mctx, 0, &view->pad_acl));
result = named_config_get(maps, "response-padding", &obj);
INSIST(result == ISC_R_SUCCESS);
padding = cfg_obj_asuint32(cfg_tuple_get(obj, "block-size"));
if (padding > 512U) {
cfg_obj_log(obj, named_g_lctx, ISC_LOG_WARNING,
"response-padding block-size cannot "
"exceed 512: lowering");
padding = 512U;
}
view->padding = (uint16_t)padding;
CHECK(cfg_acl_fromconfig(cfg_tuple_get(obj, "acl"), config,
named_g_lctx, actx, named_g_mctx, 0,
&view->pad_acl));
obj = NULL;
result = named_config_get(maps, "require-server-cookie", &obj);