diff --git a/CHANGES b/CHANGES index 69c542329f..70393a035f 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,7 @@ +6055. [cleanup] Remove setting alternate transfer sources, make options + alt-transfer-source, alt-transfer-transfer-source-v6, + and use-alt-transfer-source ancient. [GL #3714] + 6054. [func] Refactor remote servers (primaries, parental-agents) in zone.c. Store common code in new source files remote.c and remote.h. Introduce a new way to set the diff --git a/bin/named/config.c b/bin/named/config.c index 6dda569921..f75d862acf 100644 --- a/bin/named/config.c +++ b/bin/named/config.c @@ -208,8 +208,6 @@ options {\n\ allow-query-on {any;};\n\ allow-transfer {any;};\n\ # also-notify \n\ - alt-transfer-source *;\n\ - alt-transfer-source-v6 *;\n\ check-integrity yes;\n\ check-mx-cname warn;\n\ check-sibling yes;\n\ diff --git a/bin/named/zoneconf.c b/bin/named/zoneconf.c index af017f3198..a046f58ad0 100644 --- a/bin/named/zoneconf.c +++ b/bin/named/zoneconf.c @@ -891,8 +891,6 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig, int i; int32_t journal_size; bool multi; - bool alt; - dns_view_t *view = NULL; dns_kasp_t *kasp = NULL; bool check = false, fail = false; bool warn = false, ignore = false; @@ -1966,47 +1964,6 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig, named_add_reserved_dispatch(named_g_server, cfg_obj_assockaddr(obj)); - obj = NULL; - result = named_config_get(maps, "alt-transfer-source", &obj); - INSIST(result == ISC_R_SUCCESS && obj != NULL); - RETERR(dns_zone_setaltxfrsource4(mayberaw, - cfg_obj_assockaddr(obj))); - dscp = cfg_obj_getdscp(obj); - if (dscp == -1) { - dscp = named_g_dscp; - } - RETERR(dns_zone_setaltxfrsource4dscp(mayberaw, dscp)); - - obj = NULL; - result = named_config_get(maps, "alt-transfer-source-v6", &obj); - INSIST(result == ISC_R_SUCCESS && obj != NULL); - RETERR(dns_zone_setaltxfrsource6(mayberaw, - cfg_obj_assockaddr(obj))); - dscp = cfg_obj_getdscp(obj); - if (dscp == -1) { - dscp = named_g_dscp; - } - RETERR(dns_zone_setaltxfrsource6dscp(mayberaw, dscp)); - - obj = NULL; - (void)named_config_get(maps, "use-alt-transfer-source", &obj); - if (obj == NULL) { - /* - * Default off when views are in use otherwise - * on for BIND 8 compatibility. - */ - view = dns_zone_getview(zone); - if (view != NULL && strcmp(view->name, "_default") == 0) - { - alt = true; - } else { - alt = false; - } - } else { - alt = cfg_obj_asboolean(obj); - } - dns_zone_setoption(mayberaw, DNS_ZONEOPT_USEALTXFRSRC, alt); - obj = NULL; (void)named_config_get(maps, "try-tcp-refresh", &obj); dns_zone_setoption(mayberaw, DNS_ZONEOPT_TRYTCPREFRESH, diff --git a/bin/tests/system/dscp/ns5/named.conf.in b/bin/tests/system/dscp/ns5/named.conf.in index 2d1db3c714..185849354d 100644 --- a/bin/tests/system/dscp/ns5/named.conf.in +++ b/bin/tests/system/dscp/ns5/named.conf.in @@ -16,7 +16,6 @@ options { query-source dscp 46 address 10.53.0.5; notify-source 10.53.0.5 dscp 46; transfer-source 10.53.0.5 dscp 46; - alt-transfer-source 10.53.0.5 dscp 46; port @PORT@; pid-file "named.pid"; listen-on dscp 46 { 10.53.0.5; }; diff --git a/bin/tests/system/dscp/ns7/named.conf.in b/bin/tests/system/dscp/ns7/named.conf.in index cbf7096ce9..3dc7010f8c 100644 --- a/bin/tests/system/dscp/ns7/named.conf.in +++ b/bin/tests/system/dscp/ns7/named.conf.in @@ -16,7 +16,6 @@ options { query-source dscp 46 address 10.53.0.7; notify-source 10.53.0.7 dscp 47; transfer-source 10.53.0.7 dscp 47; - alt-transfer-source 10.53.0.7 dscp 47; port @PORT@; pid-file "named.pid"; listen-on dscp 46 { 10.53.0.7; }; @@ -31,6 +30,5 @@ zone "." { file "root.bk"; transfer-source 10.53.0.7 dscp 46; notify-source 10.53.0.7 dscp 46; - alt-transfer-source 10.53.0.7 dscp 46; primaries { 10.53.0.4; }; }; diff --git a/bin/tests/system/mirror/ns3/named.conf.in b/bin/tests/system/mirror/ns3/named.conf.in index 7bc8d5d854..a22835019f 100644 --- a/bin/tests/system/mirror/ns3/named.conf.in +++ b/bin/tests/system/mirror/ns3/named.conf.in @@ -49,7 +49,6 @@ zone "initially-unavailable" { type mirror; primaries { 10.53.0.2; }; file "initially-unavailable.db.mirror"; - use-alt-transfer-source no; }; zone "verify-axfr" { diff --git a/doc/arm/reference.rst b/doc/arm/reference.rst index de69a4c0b6..a13d1fd94b 100644 --- a/doc/arm/reference.rst +++ b/doc/arm/reference.rst @@ -3576,32 +3576,6 @@ options apply to zone transfers. This option is the same as :any:`transfer-source`, except zone transfers are performed using IPv6. -.. namedconf:statement:: alt-transfer-source - :tags: deprecated - :short: Defines alternate local IPv4 address(es) to be used by the server for inbound zone transfers, if the address(es) defined by :any:`transfer-source` fail and :any:`use-alt-transfer-source` is enabled. - - This indicates an alternate transfer source if the one listed in :any:`transfer-source` - fails and :any:`use-alt-transfer-source` is set. - - .. note:: To avoid using the alternate transfer source, - set :any:`use-alt-transfer-source` appropriately and - do not depend upon getting an answer back to the first refresh - query. - -.. namedconf:statement:: alt-transfer-source-v6 - :tags: deprecated - :short: Defines alternate local IPv6 address(es) to be used by the server for inbound zone transfers. - - This indicates an alternate transfer source if the one listed in - :any:`transfer-source-v6` fails and :any:`use-alt-transfer-source` is set. - -.. namedconf:statement:: use-alt-transfer-source - :tags: deprecated - :short: Indicates whether :any:`alt-transfer-source` and :any:`alt-transfer-source-v6` can be used. - - This indicates whether the alternate transfer sources should be used. If views are specified, - this defaults to ``no``; otherwise, it defaults to ``yes``. - .. namedconf:statement:: notify-source :tags: transfer :short: Defines the IPv4 address (and optional port) to be used for outgoing ``NOTIFY`` messages. @@ -7192,15 +7166,6 @@ Zone Options :any:`transfer-source-v6` See the description of :any:`transfer-source-v6` in :ref:`zone_transfers`. -:any:`alt-transfer-source` - See the description of :any:`alt-transfer-source` in :ref:`zone_transfers`. - -:any:`alt-transfer-source-v6` - See the description of :any:`alt-transfer-source-v6` in :ref:`zone_transfers`. - -:any:`use-alt-transfer-source` - See the description of :any:`use-alt-transfer-source` in :ref:`zone_transfers`. - :any:`notify-source` See the description of :any:`notify-source` in :ref:`zone_transfers`. diff --git a/doc/man/named.conf.5in b/doc/man/named.conf.5in index a1fbfa5d3b..4abf55f31f 100644 --- a/doc/man/named.conf.5in +++ b/doc/man/named.conf.5in @@ -127,8 +127,6 @@ options { allow\-update { ; ... }; allow\-update\-forwarding { ; ... }; also\-notify [ port ] [ dscp ] [ source ( | * ) [ port ( | * ) ] [ dscp ] ] [ source\-v6 ( | * ) [ port ( | * ) ] [ dscp ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; - alt\-transfer\-source ( | * ) [ port ( | * ) ] [ dscp ]; // deprecated - alt\-transfer\-source\-v6 ( | * ) [ port ( | * ) ] [ dscp ]; // deprecated answer\-cookie ; attach\-cache ; auth\-nxdomain ; @@ -362,7 +360,6 @@ options { udp\-receive\-buffer ; udp\-send\-buffer ; update\-check\-ksk ; - use\-alt\-transfer\-source ; // deprecated use\-v4\-udp\-ports { ; ... }; use\-v6\-udp\-ports { ; ... }; v6\-bias ; @@ -438,8 +435,6 @@ view [ ] { allow\-update { ; ... }; allow\-update\-forwarding { ; ... }; also\-notify [ port ] [ dscp ] [ source ( | * ) [ port ( | * ) ] [ dscp ] ] [ source\-v6 ( | * ) [ port ( | * ) ] [ dscp ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; - alt\-transfer\-source ( | * ) [ port ( | * ) ] [ dscp ]; // deprecated - alt\-transfer\-source\-v6 ( | * ) [ port ( | * ) ] [ dscp ]; // deprecated attach\-cache ; auth\-nxdomain ; auto\-dnssec ( allow | maintain | off ); // deprecated @@ -640,7 +635,6 @@ view [ ] { trusted\-keys { ; ... }; // may occur multiple times, deprecated try\-tcp\-refresh ; update\-check\-ksk ; - use\-alt\-transfer\-source ; // deprecated v6\-bias ; validate\-except { ; ... }; zero\-no\-soa\-ttl ; @@ -667,8 +661,6 @@ zone [ ] { allow\-transfer [ port ] [ transport ] { ; ... }; allow\-update { ; ... }; also\-notify [ port ] [ dscp ] [ source ( | * ) [ port ( | * ) ] [ dscp ] ] [ source\-v6 ( | * ) [ port ( | * ) ] [ dscp ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; - alt\-transfer\-source ( | * ) [ port ( | * ) ] [ dscp ]; // deprecated - alt\-transfer\-source\-v6 ( | * ) [ port ( | * ) ] [ dscp ]; // deprecated auto\-dnssec ( allow | maintain | off ); // deprecated check\-dup\-records ( fail | warn | ignore ); check\-integrity ; @@ -741,8 +733,6 @@ zone [ ] { allow\-transfer [ port ] [ transport ] { ; ... }; allow\-update\-forwarding { ; ... }; also\-notify [ port ] [ dscp ] [ source ( | * ) [ port ( | * ) ] [ dscp ] ] [ source\-v6 ( | * ) [ port ( | * ) ] [ dscp ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; - alt\-transfer\-source ( | * ) [ port ( | * ) ] [ dscp ]; // deprecated - alt\-transfer\-source\-v6 ( | * ) [ port ( | * ) ] [ dscp ]; // deprecated auto\-dnssec ( allow | maintain | off ); // deprecated check\-names ( fail | warn | ignore ); database ; @@ -794,7 +784,6 @@ zone [ ] { transfer\-source\-v6 ( | * ) [ port ( | * ) ] [ dscp ]; try\-tcp\-refresh ; update\-check\-ksk ; - use\-alt\-transfer\-source ; // deprecated zero\-no\-soa\-ttl ; zone\-statistics ( full | terse | none | ); }; @@ -816,8 +805,6 @@ zone [ ] { allow\-transfer [ port ] [ transport ] { ; ... }; allow\-update\-forwarding { ; ... }; also\-notify [ port ] [ dscp ] [ source ( | * ) [ port ( | * ) ] [ dscp ] ] [ source\-v6 ( | * ) [ port ( | * ) ] [ dscp ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; - alt\-transfer\-source ( | * ) [ port ( | * ) ] [ dscp ]; // deprecated - alt\-transfer\-source\-v6 ( | * ) [ port ( | * ) ] [ dscp ]; // deprecated check\-names ( fail | warn | ignore ); database ; file ; @@ -847,7 +834,6 @@ zone [ ] { transfer\-source ( | * ) [ port ( | * ) ] [ dscp ]; transfer\-source\-v6 ( | * ) [ port ( | * ) ] [ dscp ]; try\-tcp\-refresh ; - use\-alt\-transfer\-source ; // deprecated zero\-no\-soa\-ttl ; zone\-statistics ( full | terse | none | ); }; @@ -961,7 +947,6 @@ zone [ ] { primaries [ port ] [ dscp ] [ source ( | * ) [ port ( | * ) ] [ dscp ] ] [ source\-v6 ( | * ) [ port ( | * ) ] [ dscp ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; transfer\-source ( | * ) [ port ( | * ) ] [ dscp ]; transfer\-source\-v6 ( | * ) [ port ( | * ) ] [ dscp ]; - use\-alt\-transfer\-source ; // deprecated zone\-statistics ( full | terse | none | ); }; diff --git a/doc/misc/mirror.zoneopt b/doc/misc/mirror.zoneopt index 959a733193..a0aeb46e8e 100644 --- a/doc/misc/mirror.zoneopt +++ b/doc/misc/mirror.zoneopt @@ -6,8 +6,6 @@ zone [ ] { allow-transfer [ port ] [ transport ] { ; ... }; allow-update-forwarding { ; ... }; also-notify [ port ] [ dscp ] [ source ( | * ) [ port ( | * ) ] [ dscp ] ] [ source-v6 ( | * ) [ port ( | * ) ] [ dscp ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; - alt-transfer-source ( | * ) [ port ( | * ) ] [ dscp ]; // deprecated - alt-transfer-source-v6 ( | * ) [ port ( | * ) ] [ dscp ]; // deprecated check-names ( fail | warn | ignore ); database ; file ; @@ -37,7 +35,6 @@ zone [ ] { transfer-source ( | * ) [ port ( | * ) ] [ dscp ]; transfer-source-v6 ( | * ) [ port ( | * ) ] [ dscp ]; try-tcp-refresh ; - use-alt-transfer-source ; // deprecated zero-no-soa-ttl ; zone-statistics ( full | terse | none | ); }; diff --git a/doc/misc/options b/doc/misc/options index ea1f7d770f..fb970713f3 100644 --- a/doc/misc/options +++ b/doc/misc/options @@ -70,8 +70,6 @@ options { allow-update { ; ... }; allow-update-forwarding { ; ... }; also-notify [ port ] [ dscp ] [ source ( | * ) [ port ( | * ) ] [ dscp ] ] [ source-v6 ( | * ) [ port ( | * ) ] [ dscp ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; - alt-transfer-source ( | * ) [ port ( | * ) ] [ dscp ]; // deprecated - alt-transfer-source-v6 ( | * ) [ port ( | * ) ] [ dscp ]; // deprecated answer-cookie ; attach-cache ; auth-nxdomain ; @@ -305,7 +303,6 @@ options { udp-receive-buffer ; udp-send-buffer ; update-check-ksk ; - use-alt-transfer-source ; // deprecated use-v4-udp-ports { ; ... }; use-v6-udp-ports { ; ... }; v6-bias ; @@ -381,8 +378,6 @@ view [ ] { allow-update { ; ... }; allow-update-forwarding { ; ... }; also-notify [ port ] [ dscp ] [ source ( | * ) [ port ( | * ) ] [ dscp ] ] [ source-v6 ( | * ) [ port ( | * ) ] [ dscp ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; - alt-transfer-source ( | * ) [ port ( | * ) ] [ dscp ]; // deprecated - alt-transfer-source-v6 ( | * ) [ port ( | * ) ] [ dscp ]; // deprecated attach-cache ; auth-nxdomain ; auto-dnssec ( allow | maintain | off ); // deprecated @@ -583,7 +578,6 @@ view [ ] { trusted-keys { ; ... }; // may occur multiple times, deprecated try-tcp-refresh ; update-check-ksk ; - use-alt-transfer-source ; // deprecated v6-bias ; validate-except { ; ... }; zero-no-soa-ttl ; diff --git a/doc/misc/primary.zoneopt b/doc/misc/primary.zoneopt index 75d1bccadf..5c78fc5b99 100644 --- a/doc/misc/primary.zoneopt +++ b/doc/misc/primary.zoneopt @@ -5,8 +5,6 @@ zone [ ] { allow-transfer [ port ] [ transport ] { ; ... }; allow-update { ; ... }; also-notify [ port ] [ dscp ] [ source ( | * ) [ port ( | * ) ] [ dscp ] ] [ source-v6 ( | * ) [ port ( | * ) ] [ dscp ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; - alt-transfer-source ( | * ) [ port ( | * ) ] [ dscp ]; // deprecated - alt-transfer-source-v6 ( | * ) [ port ( | * ) ] [ dscp ]; // deprecated auto-dnssec ( allow | maintain | off ); // deprecated check-dup-records ( fail | warn | ignore ); check-integrity ; diff --git a/doc/misc/secondary.zoneopt b/doc/misc/secondary.zoneopt index f20c5d1d0c..7c265b37a5 100644 --- a/doc/misc/secondary.zoneopt +++ b/doc/misc/secondary.zoneopt @@ -6,8 +6,6 @@ zone [ ] { allow-transfer [ port ] [ transport ] { ; ... }; allow-update-forwarding { ; ... }; also-notify [ port ] [ dscp ] [ source ( | * ) [ port ( | * ) ] [ dscp ] ] [ source-v6 ( | * ) [ port ( | * ) ] [ dscp ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; - alt-transfer-source ( | * ) [ port ( | * ) ] [ dscp ]; // deprecated - alt-transfer-source-v6 ( | * ) [ port ( | * ) ] [ dscp ]; // deprecated auto-dnssec ( allow | maintain | off ); // deprecated check-names ( fail | warn | ignore ); database ; @@ -59,7 +57,6 @@ zone [ ] { transfer-source-v6 ( | * ) [ port ( | * ) ] [ dscp ]; try-tcp-refresh ; update-check-ksk ; - use-alt-transfer-source ; // deprecated zero-no-soa-ttl ; zone-statistics ( full | terse | none | ); }; diff --git a/doc/misc/stub.zoneopt b/doc/misc/stub.zoneopt index 74e2c73317..31a1df3ab7 100644 --- a/doc/misc/stub.zoneopt +++ b/doc/misc/stub.zoneopt @@ -22,6 +22,5 @@ zone [ ] { primaries [ port ] [ dscp ] [ source ( | * ) [ port ( | * ) ] [ dscp ] ] [ source-v6 ( | * ) [ port ( | * ) ] [ dscp ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; transfer-source ( | * ) [ port ( | * ) ] [ dscp ]; transfer-source-v6 ( | * ) [ port ( | * ) ] [ dscp ]; - use-alt-transfer-source ; // deprecated zone-statistics ( full | terse | none | ); }; diff --git a/doc/notes/notes-9.19.8.rst b/doc/notes/notes-9.19.8.rst index 678274d261..97530147b6 100644 --- a/doc/notes/notes-9.19.8.rst +++ b/doc/notes/notes-9.19.8.rst @@ -43,8 +43,8 @@ Feature Changes :any:`dnssec-policy`. :gl:`#3667` - Setting alternate local addresses for inbound zone transfers has been - deprecated. The relevant options (:any:`alt-transfer-source`, - :any:`alt-transfer-source-v6`, and :any:`use-alt-transfer-source`) + deprecated. The relevant options (``alt-transfer-source``, + ``alt-transfer-source-v6``, and ``use-alt-transfer-source``) will be removed in a future BIND 9.19.x release. :gl:`#3694` - On startup, :iscman:`named` now sets the limit on the number of open diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst index 99305ea1ee..f6c1447c11 100644 --- a/doc/notes/notes-current.rst +++ b/doc/notes/notes-current.rst @@ -27,6 +27,10 @@ Removed Features - None. +- The options to set alternate local addresses for inbound zone transfers + are removed (``alt-transfer-source``, ``alt-transfer-source-v6``, + ``use-alt-transfer-source``). :gl:`#3694` + Feature Changes ~~~~~~~~~~~~~~~ diff --git a/lib/dns/include/dns/remote.h b/lib/dns/include/dns/remote.h index bf13767954..6af58bcebd 100644 --- a/lib/dns/include/dns/remote.h +++ b/lib/dns/include/dns/remote.h @@ -207,15 +207,6 @@ dns_remote_tlsname(dns_remote_t *remote); * 'remote' is a valid remote structure. */ -bool -dns_remote_allgood(dns_remote_t *remote); -/*%< - * Return 'true' if all the addresses are considered good. - * - * Requires: - * 'remote' is a valid remote structure. - */ - void dns_remote_mark(dns_remote_t *remote, bool good); /*%< @@ -227,17 +218,6 @@ dns_remote_mark(dns_remote_t *remote, bool good); * The current address index is lower than the address count. */ -bool -dns_remote_addrok(dns_remote_t *remote); -/*%< - * Return 'true' if the current address is marked good, 'false' - * otherwise. Also return 'true' if marking servers is not used. - * - * Requires: - * 'remote' is a valid remote structure. - * The current address index is lower than the address count. - */ - bool dns_remote_done(dns_remote_t *remote); /*%< diff --git a/lib/dns/include/dns/zone.h b/lib/dns/include/dns/zone.h index bbbf84d7e1..5faf95f8be 100644 --- a/lib/dns/include/dns/zone.h +++ b/lib/dns/include/dns/zone.h @@ -71,8 +71,8 @@ typedef enum { DNS_ZONEOPT_FATALNS = 1 << 4, /*%< DNS_ZONEOPT_CHECKNS is fatal */ DNS_ZONEOPT_MULTIMASTER = 1 << 5, /*%< this zone has multiple primaries */ - DNS_ZONEOPT_USEALTXFRSRC = 1 << 6, /*%< use alternate transfer sources - */ + DNS_ZONEOPT_USEALTXFRSRC = 1 << 6, /*%< use alternate transfer sources. + Obsoleted. */ DNS_ZONEOPT_CHECKNAMES = 1 << 7, /*%< check-names */ DNS_ZONEOPT_CHECKNAMESFAIL = 1 << 8, /*%< fatal check-name failures */ DNS_ZONEOPT_CHECKWILDCARD = 1 << 9, /*%< check for internal wildcards */ @@ -804,8 +804,6 @@ dns_zone_setmaxretrytime(dns_zone_t *zone, uint32_t val); isc_result_t dns_zone_setxfrsource4(dns_zone_t *zone, const isc_sockaddr_t *xfrsource); -isc_result_t -dns_zone_setaltxfrsource4(dns_zone_t *zone, const isc_sockaddr_t *xfrsource); /*%< * Set the source address to be used in IPv4 zone transfers. * @@ -819,8 +817,6 @@ dns_zone_setaltxfrsource4(dns_zone_t *zone, const isc_sockaddr_t *xfrsource); isc_sockaddr_t * dns_zone_getxfrsource4(dns_zone_t *zone); -isc_sockaddr_t * -dns_zone_getaltxfrsource4(dns_zone_t *zone); /*%< * Returns the source address set by a previous dns_zone_setxfrsource4 * call, or the default of inaddr_any, port 0. @@ -831,10 +827,8 @@ dns_zone_getaltxfrsource4(dns_zone_t *zone); isc_result_t dns_zone_setxfrsource4dscp(dns_zone_t *zone, isc_dscp_t dscp); -isc_result_t -dns_zone_setaltxfrsource4dscp(dns_zone_t *zone, isc_dscp_t dscp); /*%< - * Set the DSCP value associated with the transfer/alt-transfer source. + * Set the DSCP value associated with the transfer source. * * Require: *\li 'zone' to be a valid zone. @@ -845,10 +839,8 @@ dns_zone_setaltxfrsource4dscp(dns_zone_t *zone, isc_dscp_t dscp); isc_dscp_t dns_zone_getxfrsource4dscp(dns_zone_t *zone); -isc_dscp_t -dns_zone_getaltxfrsource4dscp(dns_zone_t *zone); /*%/ - * Get the DSCP value associated with the transfer/alt-transfer source. + * Get the DSCP value associated with the transfer source. * * Require: *\li 'zone' to be a valid zone. @@ -856,8 +848,6 @@ dns_zone_getaltxfrsource4dscp(dns_zone_t *zone); isc_result_t dns_zone_setxfrsource6(dns_zone_t *zone, const isc_sockaddr_t *xfrsource); -isc_result_t -dns_zone_setaltxfrsource6(dns_zone_t *zone, const isc_sockaddr_t *xfrsource); /*%< * Set the source address to be used in IPv6 zone transfers. * @@ -871,8 +861,6 @@ dns_zone_setaltxfrsource6(dns_zone_t *zone, const isc_sockaddr_t *xfrsource); isc_sockaddr_t * dns_zone_getxfrsource6(dns_zone_t *zone); -isc_sockaddr_t * -dns_zone_getaltxfrsource6(dns_zone_t *zone); /*%< * Returns the source address set by a previous dns_zone_setxfrsource6 * call, or the default of in6addr_any, port 0. @@ -883,10 +871,8 @@ dns_zone_getaltxfrsource6(dns_zone_t *zone); isc_dscp_t dns_zone_getxfrsource6dscp(dns_zone_t *zone); -isc_dscp_t -dns_zone_getaltxfrsource6dscp(dns_zone_t *zone); /*%/ - * Get the DSCP value associated with the transfer/alt-transfer source. + * Get the DSCP value associated with the transfer source. * * Require: *\li 'zone' to be a valid zone. @@ -894,10 +880,8 @@ dns_zone_getaltxfrsource6dscp(dns_zone_t *zone); isc_result_t dns_zone_setxfrsource6dscp(dns_zone_t *zone, isc_dscp_t dscp); -isc_result_t -dns_zone_setaltxfrsource6dscp(dns_zone_t *zone, isc_dscp_t dscp); /*%< - * Set the DSCP value associated with the transfer/alt-transfer source. + * Set the DSCP value associated with the transfer source. * * Require: *\li 'zone' to be a valid zone. diff --git a/lib/dns/remote.c b/lib/dns/remote.c index 87974d885c..c7691bc376 100644 --- a/lib/dns/remote.c +++ b/lib/dns/remote.c @@ -410,35 +410,6 @@ dns_remote_done(dns_remote_t *remote) { return (remote->curraddr >= remote->addrcnt); } -bool -dns_remote_allgood(dns_remote_t *remote) { - REQUIRE(DNS_REMOTE_VALID(remote)); - - if (remote->ok == NULL) { - return (true); - } - - for (unsigned int i = 0; i < remote->addrcnt; i++) { - if (!remote->ok[i]) { - return (false); - } - } - - return (true); -} - -bool -dns_remote_addrok(dns_remote_t *remote) { - REQUIRE(DNS_REMOTE_VALID(remote)); - REQUIRE(remote->curraddr < remote->addrcnt); - - if (remote->ok == NULL) { - return (true); - } - - return (remote->ok[remote->curraddr]); -} - void dns_remote_mark(dns_remote_t *remote, bool good) { REQUIRE(DNS_REMOTE_VALID(remote)); diff --git a/lib/dns/zone.c b/lib/dns/zone.c index 3198a8fd3d..1380bb3b70 100644 --- a/lib/dns/zone.c +++ b/lib/dns/zone.c @@ -334,8 +334,6 @@ struct dns_zone { isc_sockaddr_t parentalsrc6; isc_sockaddr_t xfrsource4; isc_sockaddr_t xfrsource6; - isc_sockaddr_t altxfrsource4; - isc_sockaddr_t altxfrsource6; isc_sockaddr_t sourceaddr; isc_dscp_t notifysrc4dscp; isc_dscp_t notifysrc6dscp; @@ -343,8 +341,6 @@ struct dns_zone { isc_dscp_t parentalsrc6dscp; isc_dscp_t xfrsource4dscp; isc_dscp_t xfrsource6dscp; - isc_dscp_t altxfrsource4dscp; - isc_dscp_t altxfrsource6dscp; dns_xfrin_ctx_t *xfr; /* task locked */ dns_tsigkey_t *tsigkey; /* key used for xfr */ @@ -554,7 +550,7 @@ typedef enum { DNS_ZONEFLG_NOIXFR = 0x00100000U, /*%< IXFR failed, force AXFR */ DNS_ZONEFLG_FLUSH = 0x00200000U, DNS_ZONEFLG_NOEDNS = 0x00400000U, - DNS_ZONEFLG_USEALTXFRSRC = 0x00800000U, + DNS_ZONEFLG_USEALTXFRSRC = 0x00800000U, /*%< Obsoleted. */ DNS_ZONEFLG_SOABEFOREAXFR = 0x01000000U, DNS_ZONEFLG_NEEDCOMPACT = 0x02000000U, DNS_ZONEFLG_REFRESHING = 0x04000000U, /*%< Refreshing keydata */ @@ -1128,8 +1124,6 @@ dns_zone_create(dns_zone_t **zonep, isc_mem_t *mctx, unsigned int tid) { .parentalsrc6dscp = -1, .xfrsource4dscp = -1, .xfrsource6dscp = -1, - .altxfrsource4dscp = -1, - .altxfrsource6dscp = -1, .maxxfrin = MAX_XFER_TIME, .maxxfrout = MAX_XFER_TIME, .sigvalidityinterval = 30 * 24 * 3600, @@ -1194,8 +1188,6 @@ dns_zone_create(dns_zone_t **zonep, isc_mem_t *mctx, unsigned int tid) { isc_sockaddr_any6(&zone->parentalsrc6); isc_sockaddr_any(&zone->xfrsource4); isc_sockaddr_any6(&zone->xfrsource6); - isc_sockaddr_any(&zone->altxfrsource4); - isc_sockaddr_any6(&zone->altxfrsource6); ISC_LINK_INIT(zone, statelink); ISC_LIST_INIT(zone->signing); ISC_LIST_INIT(zone->nsec3chain); @@ -6054,76 +6046,6 @@ dns_zone_setxfrsource6dscp(dns_zone_t *zone, isc_dscp_t dscp) { return (ISC_R_SUCCESS); } -isc_result_t -dns_zone_setaltxfrsource4(dns_zone_t *zone, - const isc_sockaddr_t *altxfrsource) { - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - zone->altxfrsource4 = *altxfrsource; - UNLOCK_ZONE(zone); - - return (ISC_R_SUCCESS); -} - -isc_sockaddr_t * -dns_zone_getaltxfrsource4(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - return (&zone->altxfrsource4); -} - -isc_result_t -dns_zone_setaltxfrsource4dscp(dns_zone_t *zone, isc_dscp_t dscp) { - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - zone->altxfrsource4dscp = dscp; - UNLOCK_ZONE(zone); - - return (ISC_R_SUCCESS); -} - -isc_dscp_t -dns_zone_getaltxfrsource4dscp(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - return (zone->altxfrsource4dscp); -} - -isc_result_t -dns_zone_setaltxfrsource6(dns_zone_t *zone, - const isc_sockaddr_t *altxfrsource) { - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - zone->altxfrsource6 = *altxfrsource; - UNLOCK_ZONE(zone); - - return (ISC_R_SUCCESS); -} - -isc_sockaddr_t * -dns_zone_getaltxfrsource6(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - return (&zone->altxfrsource6); -} - -isc_result_t -dns_zone_setaltxfrsource6dscp(dns_zone_t *zone, isc_dscp_t dscp) { - REQUIRE(DNS_ZONE_VALID(zone)); - - LOCK_ZONE(zone); - zone->altxfrsource6dscp = dscp; - UNLOCK_ZONE(zone); - - return (ISC_R_SUCCESS); -} - -isc_dscp_t -dns_zone_getaltxfrsource6dscp(dns_zone_t *zone) { - REQUIRE(DNS_ZONE_VALID(zone)); - return (zone->altxfrsource6dscp); -} - isc_result_t dns_zone_setparentalsrc4(dns_zone_t *zone, const isc_sockaddr_t *parentalsrc) { REQUIRE(DNS_ZONE_VALID(zone)); @@ -11644,7 +11566,6 @@ zone_refresh(dns_zone_t *zone) { } DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_REFRESH); DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_NOEDNS); - DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_USEALTXFRSRC); if ((oldflags & (DNS_ZONEFLG_REFRESH | DNS_ZONEFLG_LOADING)) != 0) { return; } @@ -13833,32 +13754,9 @@ next_primary: dns_remote_next(&zone->primaries, true); DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_NOEDNS); if (exiting || dns_remote_done(&zone->primaries)) { - bool done = true; - if (!exiting && - DNS_ZONE_OPTION(zone, DNS_ZONEOPT_USEALTXFRSRC) && - !DNS_ZONE_FLAG(zone, DNS_ZONEFLG_USEALTXFRSRC)) - { - /* - * Did we get a good answer from all the primaries? - */ - done = dns_remote_allgood(&zone->primaries); - } - if (!done) { - dns_remote_reset(&zone->primaries, false); - - /* - * Find the next failed primary. - */ - if (dns_remote_addrok(&zone->primaries)) { - dns_remote_next(&zone->primaries, true); - } - DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_USEALTXFRSRC); - } else { - DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_REFRESH); - - zone_settimer(zone, &now); - goto free_stub; - } + DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_REFRESH); + zone_settimer(zone, &now); + goto free_stub; } queue_soa_query(zone); goto free_stub; @@ -14363,37 +14261,15 @@ next_primary: dns_remote_next(&zone->primaries, true); DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_NOEDNS); if (dns_remote_done(&zone->primaries)) { - bool done = true; - if (DNS_ZONE_OPTION(zone, DNS_ZONEOPT_USEALTXFRSRC) && - !DNS_ZONE_FLAG(zone, DNS_ZONEFLG_USEALTXFRSRC)) - { - /* - * Did we get a good answer from all the primaries? - */ - done = dns_remote_allgood(&zone->primaries); - } - if (!done) { - DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_USEALTXFRSRC); - dns_remote_reset(&zone->primaries, false); - /* - * Find the next failed primary. - */ - if (dns_remote_addrok(&zone->primaries)) { - dns_remote_next(&zone->primaries, true); - } - goto requeue; - } DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_REFRESH); if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_NEEDREFRESH)) { DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_NEEDREFRESH); zone->refreshtime = now; } - DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_USEALTXFRSRC); zone_settimer(zone, &now); goto detach; } -requeue: queue_soa_query(zone); goto detach; @@ -17687,20 +17563,6 @@ again: same_primary: if (dns_remote_done(&zone->primaries)) { dns_remote_reset(&zone->primaries, false); - if (DNS_ZONE_OPTION(zone, DNS_ZONEOPT_USEALTXFRSRC) && - !DNS_ZONE_FLAG(zone, DNS_ZONEFLG_USEALTXFRSRC)) - { - DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_REFRESH); - DNS_ZONE_SETFLAG(zone, - DNS_ZONEFLG_USEALTXFRSRC); - if (dns_remote_addrok(&zone->primaries)) { - dns_remote_next(&zone->primaries, true); - } - again = true; - } else { - DNS_ZONE_CLRFLAG(zone, - DNS_ZONEFLG_USEALTXFRSRC); - } } else { DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_REFRESH); again = true; diff --git a/lib/isccfg/namedconf.c b/lib/isccfg/namedconf.c index 0f2cdd224b..d411fcf8db 100644 --- a/lib/isccfg/namedconf.c +++ b/lib/isccfg/namedconf.c @@ -2250,10 +2250,10 @@ static cfg_clausedef_t zone_clauses[] = { CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR }, { "alt-transfer-source", &cfg_type_sockaddr4wild, CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR | - CFG_CLAUSEFLAG_DEPRECATED }, + CFG_CLAUSEFLAG_ANCIENT }, { "alt-transfer-source-v6", &cfg_type_sockaddr6wild, CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR | - CFG_CLAUSEFLAG_DEPRECATED }, + CFG_CLAUSEFLAG_ANCIENT }, { "auto-dnssec", &cfg_type_autodnssec, CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_CLAUSEFLAG_DEPRECATED }, { "check-dup-records", &cfg_type_checkmode, CFG_ZONE_PRIMARY }, @@ -2361,7 +2361,7 @@ static cfg_clausedef_t zone_clauses[] = { CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY }, { "use-alt-transfer-source", &cfg_type_boolean, CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR | CFG_ZONE_STUB | - CFG_CLAUSEFLAG_DEPRECATED }, + CFG_CLAUSEFLAG_ANCIENT }, { "zero-no-soa-ttl", &cfg_type_boolean, CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR }, { "zone-statistics", &cfg_type_zonestat,