From c84a2342f416579e8c80f72b98939c1559080763 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20K=C4=99pie=C5=84?= Date: Fri, 24 Aug 2018 10:18:59 +0200 Subject: [PATCH 1/2] Log a message when "ixfr-from-differences" is set for an inline-signed zone For inline-signed zones, the value of "ixfr-from-differences" is hardcoded to: - "yes" for the raw version of the zone, - "no" for the signed version of the zone. In other words, any user-provided "ixfr-from-differences" setting is effectively ignored for an inline-signed zone. Ensure the user is aware of that by adding a note to the ARM and logging a message when an "ixfr-from-differences" option is found at the zone level. (cherry picked from commit 087157d14fb201a61207599698097b08bbc6feae) --- bin/named/server.c | 10 ++++++++++ doc/arm/Bv9ARM-book.xml | 5 +++++ 2 files changed, 15 insertions(+) diff --git a/bin/named/server.c b/bin/named/server.c index 9f88a4088a..e3da808bbb 100644 --- a/bin/named/server.c +++ b/bin/named/server.c @@ -5304,6 +5304,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, const cfg_obj_t *typeobj = NULL; const cfg_obj_t *forwarders = NULL; const cfg_obj_t *forwardtype = NULL; + const cfg_obj_t *ixfrfromdiffs = NULL; const cfg_obj_t *only = NULL; const cfg_obj_t *signing = NULL; const cfg_obj_t *viewobj = NULL; @@ -5657,6 +5658,15 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, dns_zone_setstats(raw, ns_g_server->zonestats); CHECK(dns_zone_link(zone, raw)); } + if (cfg_map_get(zoptions, "ixfr-from-differences", + &ixfrfromdiffs) == ISC_R_SUCCESS) + { + isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, + NS_LOGMODULE_SERVER, ISC_LOG_INFO, + "zone '%s': 'ixfr-from-differences' is " + "ignored for inline-signed zones", + zname); + } } /* diff --git a/doc/arm/Bv9ARM-book.xml b/doc/arm/Bv9ARM-book.xml index 3ecdc046d0..884b855001 100644 --- a/doc/arm/Bv9ARM-book.xml +++ b/doc/arm/Bv9ARM-book.xml @@ -6608,6 +6608,11 @@ options { slave zones respectively. It is off by default. + + Note: if inline signing is enabled for a zone, the + user-provided ixfr-from-differences + setting is ignored for that zone. + From 285736bd18350eda5f3b16adc92ef67267c3f846 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20K=C4=99pie=C5=84?= Date: Fri, 24 Aug 2018 10:18:59 +0200 Subject: [PATCH 2/2] Add CHANGES entry 5019. [cleanup] A message is now logged when ixfr-from-differences is set at zone level for an inline-signed zone. [GL #470] (cherry picked from commit 4fb5d072c2c930e1904a3968bc71dc60259131de) --- CHANGES | 3 +++ 1 file changed, 3 insertions(+) diff --git a/CHANGES b/CHANGES index 98c50b7553..a9b9df7816 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,6 @@ +5019. [cleanup] A message is now logged when ixfr-from-differences is + set at zone level for an inline-signed zone. [GL #470] + 5018. [bug] Fix incorrect sizeof arguments in lib/isc/pk11.c. [GL !588]