upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-20 23:00:56 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

- Fix #1269: inconsistent use of built-in local zones with views.

Browse source 
- Add defaults for new local-zone trees added to views using unbound-control.


git-svn-id: file:///svn/unbound/trunk@4199 be551aaa-1e26-0410-a405-d3ace91eadb9
This commit is contained in:
Ralph Dolmans 2017-05-30 13:04:19 +00:00
parent 8c4e7ffb14
commit 486edb10db
7 changed files with 49 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
daemon/remote.c
View file

@ -1393,6 +1393,14 @@ do_view_zone_add(SSL* ssl, struct worker* worker, char* arg)
ssl_printf(ssl,"error out of memory\n"); ssl_printf(ssl,"error out of memory\n");
return; return;
} }
if(!v->isfirst) {
/* Global local-zone is not used for this view,
* therefore add defaults to this view-specic
* local-zone. */
struct config_file lz_cfg;
memset(&lz_cfg, 0, sizeof(lz_cfg));
local_zone_enter_defaults(v->local_zones, &lz_cfg);
}
} }
do_zone_add(ssl, v->local_zones, arg2); do_zone_add(ssl, v->local_zones, arg2);
lock_rw_unlock(&v->lock); lock_rw_unlock(&v->lock);

5
doc/Changelog
View file

@ -1,3 +1,8 @@
30 May 2017: Ralph
- Fix #1269: inconsistent use of built-in local zones with views.
- Add defaults for new local-zone trees added to views using
unbound-control.
30 May 2017: Wouter 30 May 2017: Wouter
- Support for openssl EVP_DigestVerify. - Support for openssl EVP_DigestVerify.
- Support for the ED25519 algorithm with openssl (from openssl 1.1.1). - Support for the ED25519 algorithm with openssl (from openssl 1.1.1).

11
services/localzone.c
View file

@ -746,12 +746,15 @@ add_as112_default(struct local_zones* zones, struct config_file* cfg,
} }
/** enter default zones */ /** enter default zones */
static int int local_zone_enter_defaults(struct local_zones* zones, struct config_file* cfg)
lz_enter_defaults(struct local_zones* zones, struct config_file* cfg)
{ {
struct local_zone* z; struct local_zone* z;
const char** zstr; const char** zstr;
/* Do not add any default */
if(cfg->local_zones_disable_default)
return 1;
/* this list of zones is from RFC 6303 and RFC 7686 */ /* this list of zones is from RFC 6303 and RFC 7686 */
/* block localhost level zones first, then onion and later the LAN zones */ /* block localhost level zones first, then onion and later the LAN zones */
@ -1021,7 +1024,7 @@ local_zones_apply_cfg(struct local_zones* zones, struct config_file* cfg)
return 0; return 0;
} }
/* apply default zones+content (unless disabled, or overridden) */ /* apply default zones+content (unless disabled, or overridden) */
if(!lz_enter_defaults(zones, cfg)) { if(!local_zone_enter_defaults(zones, cfg)) {
return 0; return 0;
} }
/* enter local zone overrides */ /* enter local zone overrides */
@ -1672,6 +1675,8 @@ int local_zone_str2type(const char* type, enum localzone_type* t)
*t = local_zone_always_refuse; *t = local_zone_always_refuse;
else if(strcmp(type, "always_nxdomain") == 0) else if(strcmp(type, "always_nxdomain") == 0)
*t = local_zone_always_nxdomain; *t = local_zone_always_nxdomain;
else if(strcmp(type, "nodefault") == 0)
*t = local_zone_nodefault;
else return 0; else return 0;
return 1; return 1;
} }

9
services/localzone.h
View file

@ -427,6 +427,15 @@ enum localzone_type local_data_find_tag_action(const uint8_t* taglist,
const uint8_t* tagactions, size_t tagactionssize, const uint8_t* tagactions, size_t tagactionssize,
enum localzone_type lzt, int* tag, char* const* tagname, int num_tags); enum localzone_type lzt, int* tag, char* const* tagname, int num_tags);
/**
* Enter defaults to local zone.
* @param zones: to add defaults to
* @param cfg: containing list of zones to exclude from default set.
* @return 1 on success; 0 otherwise.
*/
int local_zone_enter_defaults(struct local_zones* zones,
struct config_file* cfg);
/** /**
* Parses resource record string into wire format, also returning its field values. * Parses resource record string into wire format, also returning its field values.
* @param str: input resource record * @param str: input resource record

16
services/view.c
View file

@ -167,6 +167,22 @@ views_apply_cfg(struct views* vs, struct config_file* cfg)
lz_cfg.local_data = cv->local_data; lz_cfg.local_data = cv->local_data;
lz_cfg.local_zones_nodefault = lz_cfg.local_zones_nodefault =
cv->local_zones_nodefault; cv->local_zones_nodefault;
if(v->isfirst) {
/* Do not add defaults to view-specific
* local-zone when global local zone will be
* used. */
struct config_strlist* nd;
lz_cfg.local_zones_disable_default = 1;
/* Add nodefault zones to list of zones to add,
* so they will be used as if they are
* configured as type transparent */
for(nd = cv->local_zones_nodefault; nd;
nd = nd->next) {
cfg_str2list_insert(&lz_cfg.local_zones,
strdup(nd->str),
strdup("nodefault"));
}
}
if(!local_zones_apply_cfg(v->local_zones, &lz_cfg)){ if(!local_zones_apply_cfg(v->local_zones, &lz_cfg)){
lock_rw_unlock(&v->lock); lock_rw_unlock(&v->lock);
return 0; return 0;

1
util/config_file.c
View file

@ -228,6 +228,7 @@ config_create(void)
cfg->neg_cache_size = 1 * 1024 * 1024; cfg->neg_cache_size = 1 * 1024 * 1024;
cfg->local_zones = NULL; cfg->local_zones = NULL;
cfg->local_zones_nodefault = NULL; cfg->local_zones_nodefault = NULL;
cfg->local_zones_disable_default = 0;
cfg->local_data = NULL; cfg->local_data = NULL;
cfg->local_zone_overrides = NULL; cfg->local_zone_overrides = NULL;
cfg->unblock_lan_zones = 0; cfg->unblock_lan_zones = 0;

2
util/config_file.h
View file

@ -319,6 +319,8 @@ struct config_file {
struct config_str2list* local_zones; struct config_str2list* local_zones;
/** local zones nodefault list */ /** local zones nodefault list */
struct config_strlist* local_zones_nodefault; struct config_strlist* local_zones_nodefault;
/** do not add any default local zone */
int local_zones_disable_default;
/** local data RRs configured */ /** local data RRs configured */
struct config_strlist* local_data; struct config_strlist* local_data;
/** local zone override types per netblock */ /** local zone override types per netblock */