- unbound-control auth_zone_reload _zone_ option rereads the zonefile.

git-svn-id: file:///svn/unbound/trunk@4735 be551aaa-1e26-0410-a405-d3ace91eadb9

daemon/remote.c

@@ -2404,6 +2404,39 @@ do_log_reopen(RES* ssl, struct worker* worker)
 	log_init(cfg->logfile, cfg->use_syslog, cfg->chrootdir);
 }
 
+/** do the auth_zone_reload command */
+static void
+do_auth_zone_reload(RES* ssl, struct worker* worker, char* arg)
+{
+	size_t nmlen;
+	int nmlabs;
+	uint8_t* nm = NULL;
+	struct auth_zones* az = worker->env.auth_zones;
+	struct auth_zone* z = NULL;
+	if(!parse_arg_name(ssl, arg, &nm, &nmlen, &nmlabs))
+		return;
+	if(az) {
+		lock_rw_rdlock(&az->lock);
+		z = auth_zone_find(az, nm, nmlen, LDNS_RR_CLASS_IN);
+		if(z) {
+			lock_rw_wrlock(&z->lock);
+		}
+		lock_rw_unlock(&az->lock);
+	}
+	free(nm);
+	if(!z) {
+		(void)ssl_printf(ssl, "error no auth-zone %s\n", arg);
+		return;
+	}
+	if(!auth_zone_read_zonefile(z)) {
+		lock_rw_unlock(&z->lock);
+		(void)ssl_printf(ssl, "error failed to read %s\n", arg);
+		return;
+	}
+	lock_rw_unlock(&z->lock);
+	send_ok(ssl);
+}
+
 /** do the set_option command */
 static void
 do_set_option(RES* ssl, struct worker* worker, char* arg)
@@ -2794,6 +2827,9 @@ execute_cmd(struct daemon_remote* rc, RES* ssl, char* cmd,
 	} else if(cmdcmp(p, "list_auth_zones", 15)) {
 		do_list_auth_zones(ssl, worker->env.auth_zones);
 		return;
+	} else if(cmdcmp(p, "auth_zone_reload", 16)) {
+		do_auth_zone_reload(ssl, worker, skipwhite(p+16));
+		return;
 	} else if(cmdcmp(p, "stub_add", 8)) {
 		/* must always distribute this cmd */
 		if(rc) distribute_cmd(rc, ssl, cmd);

doc/Changelog

@@ -1,6 +1,7 @@
 15 June 2018: Wouter
 	- tag for 1.7.3rc1.
 	- trunk has 1.7.4.
+	- unbound-control auth_zone_reload _zone_ option rereads the zonefile.
 
 14 June 2018: Wouter
 	- #4103: Fix that auth-zone does not insist on SOA record first in

doc/unbound-control.8.in

@@ -293,6 +293,13 @@ ips are dropped before checking the cache.
 List the auth zones that are configured.  Printed one per line with a
 status, indicating if the zone is expired and current serial number.
 .TP
+.B auth_zone_reload \fIzone\fR
+Reload the auth zone from zonefile.  The zonefile is read in overwriting
+the current contents of the zone in memory.  This changes the auth zone
+contents itself, not the cache contents.  Such cache contents exists if
+you set unbound to validate with for-upstream yes and that can be cleared
+with \fBflush_zone\fR \fIzone\fR.
+.TP
 .B view_list_local_zones \fIview\fR
 \fIlist_local_zones\fR for given view.
 .TP

smallapp/unbound-control.c

@@ -143,6 +143,7 @@ usage(void)
 	printf("  ip_ratelimit_list [+a]	list ratelimited ip addresses\n");
 	printf("		+a		list all, also not ratelimited\n");
 	printf("  list_auth_zones		list auth zones\n");
+	printf("  auth_zone_reload zone		reload auth zone from zonefile\n");
 	printf("  view_list_local_zones	view	list local-zones in view\n");
 	printf("  view_list_local_data	view	list local-data RRs in view\n");
 	printf("  view_local_zone view name type  	add local-zone in view\n");