- Fix #1269: inconsistent use of built-in local zones with views.

- Add defaults for new local-zone trees added to views using unbound-control. git-svn-id: file:///svn/unbound/trunk@4199 be551aaa-1e26-0410-a405-d3ace91eadb9
2025-12-20 23:00:56 -05:00 · 2017-05-30 13:04:19 +00:00 · 2017-05-30 13:04:19 +00:00 · 486edb10db
commit 486edb10db
parent 8c4e7ffb14
7 changed files with 49 additions and 3 deletions
--- a/daemon/remote.c
+++ b/daemon/remote.c
@ -1393,6 +1393,14 @@ do_view_zone_add(SSL* ssl, struct worker* worker, char* arg)
 			ssl_printf(ssl,"error out of memory\n");
 			return;
 		}
+		if(!v->isfirst) {
+			/* Global local-zone is not used for this view,
+			 * therefore add defaults to this view-specic
+			 * local-zone. */
+			struct config_file lz_cfg;
+			memset(&lz_cfg, 0, sizeof(lz_cfg));
+			local_zone_enter_defaults(v->local_zones, &lz_cfg);
+		}
 	}
 	do_zone_add(ssl, v->local_zones, arg2);
 	lock_rw_unlock(&v->lock);
--- a/doc/Changelog
+++ b/doc/Changelog
@ -1,3 +1,8 @@
+30 May 2017: Ralph
+	- Fix #1269: inconsistent use of built-in local zones with views.
+	- Add defaults for new local-zone trees added to views using
+	  unbound-control.
+
 30 May 2017: Wouter
 	- Support for openssl EVP_DigestVerify.
 	- Support for the ED25519 algorithm with openssl (from openssl 1.1.1).
--- a/services/localzone.c
+++ b/services/localzone.c
@ -746,12 +746,15 @@ add_as112_default(struct local_zones* zones, struct config_file* cfg,
 }

 /** enter default zones */
-static int
-lz_enter_defaults(struct local_zones* zones, struct config_file* cfg)
+int local_zone_enter_defaults(struct local_zones* zones, struct config_file* cfg)
 {
 	struct local_zone* z;
 	const char** zstr;

+	/* Do not add any default */
+	if(cfg->local_zones_disable_default)
+		return 1;
+
 	/* this list of zones is from RFC 6303 and RFC 7686 */

 	/* block localhost level zones first, then onion and later the LAN zones */
@ -1021,7 +1024,7 @@ local_zones_apply_cfg(struct local_zones* zones, struct config_file* cfg)
 		return 0;
 	}
 	/* apply default zones+content (unless disabled, or overridden) */
-	if(!lz_enter_defaults(zones, cfg)) {
+	if(!local_zone_enter_defaults(zones, cfg)) {
 		return 0;
 	}
 	/* enter local zone overrides */
@ -1672,6 +1675,8 @@ int local_zone_str2type(const char* type, enum localzone_type* t)
 		*t = local_zone_always_refuse;
 	else if(strcmp(type, "always_nxdomain") == 0)
 		*t = local_zone_always_nxdomain;
+	else if(strcmp(type, "nodefault") == 0)
+		*t = local_zone_nodefault;
 	else return 0;
 	return 1;
 }
--- a/services/localzone.h
+++ b/services/localzone.h
@ -427,6 +427,15 @@ enum localzone_type local_data_find_tag_action(const uint8_t* taglist,
 	const uint8_t* tagactions, size_t tagactionssize,
 	enum localzone_type lzt, int* tag, char* const* tagname, int num_tags);

+/**
+ * Enter defaults to local zone.
+ * @param zones: to add defaults to
+ * @param cfg: containing list of zones to exclude from default set.
+ * @return 1 on success; 0 otherwise.
+ */
+int local_zone_enter_defaults(struct local_zones* zones,
+	struct config_file* cfg);
+
 /**
  * Parses resource record string into wire format, also returning its field values.
  * @param str: input resource record
--- a/services/view.c
+++ b/services/view.c
@ -167,6 +167,22 @@ views_apply_cfg(struct views* vs, struct config_file* cfg)
 			lz_cfg.local_data = cv->local_data;
 			lz_cfg.local_zones_nodefault =
 				cv->local_zones_nodefault;
+			if(v->isfirst) {
+				/* Do not add defaults to view-specific
+				 * local-zone when global local zone will be
+				 * used. */
+				struct config_strlist* nd;
+				lz_cfg.local_zones_disable_default = 1;
+				/* Add nodefault zones to list of zones to add,
+				 * so they will be used as if they are
+				 * configured as type transparent */
+				for(nd = cv->local_zones_nodefault; nd;
+					nd = nd->next) {
+					cfg_str2list_insert(&lz_cfg.local_zones,
+						strdup(nd->str),
+						strdup("nodefault"));
+				}
+			}
 			if(!local_zones_apply_cfg(v->local_zones, &lz_cfg)){
 				lock_rw_unlock(&v->lock);
 				return 0;
--- a/util/config_file.c
+++ b/util/config_file.c
@ -228,6 +228,7 @@ config_create(void)
 	cfg->neg_cache_size = 1 * 1024 * 1024;
 	cfg->local_zones = NULL;
 	cfg->local_zones_nodefault = NULL;
+	cfg->local_zones_disable_default = 0;
 	cfg->local_data = NULL;
 	cfg->local_zone_overrides = NULL;
 	cfg->unblock_lan_zones = 0;
--- a/util/config_file.h
+++ b/util/config_file.h
@ -319,6 +319,8 @@ struct config_file {
 	struct config_str2list* local_zones;
 	/** local zones nodefault list */
 	struct config_strlist* local_zones_nodefault;
+	/** do not add any default local zone */
+	int local_zones_disable_default;
 	/** local data RRs configured */
 	struct config_strlist* local_data;
 	/** local zone override types per netblock */