- local-zone noview can be used to break out of the view to the

global local zone contents, for queries for that zone.


git-svn-id: file:///svn/unbound/trunk@4540 be551aaa-1e26-0410-a405-d3ace91eadb9

doc/Changelog

@@ -1,6 +1,8 @@
 19 February 2018: Wouter
 	- Fix #3505: Documentation for default local zones references
 	  wrong RFC.
+	- local-zone noview can be used to break out of the view to the
+	  global local zone contents, for queries for that zone.
 
 16 February 2018: Wouter
 	- Fixes for clang static analyzer, the missing ; in

doc/example.conf.in

@@ -627,6 +627,7 @@ server:
 	# o inform_deny drops queries and logs client IP address
 	# o always_transparent, always_refuse, always_nxdomain, resolve in
 	#   that way but ignore local data for that name.
+	# o noview breaks out of that view towards global local-zones.
 	#
 	# defaults are localhost address, reverse for 127.0.0.1 and ::1
 	# and nxdomain for AS112 zones. If you configure one of these zones

doc/unbound.conf.5.in

@@ -1000,7 +1000,7 @@ address space are not validated.  This is usually required whenever
 Configure a local zone. The type determines the answer to give if
 there is no match from local\-data. The types are deny, refuse, static,
 transparent, redirect, nodefault, typetransparent, inform, inform_deny,
-always_transparent, always_refuse, always_nxdomain,
+always_transparent, always_refuse, always_nxdomain, noview,
 and are explained below. After that the default settings are listed. Use
 local\-data: to enter data into the local zone. Answers for local zones
 are authoritative DNS answers. By default the zones are class IN.
@@ -1070,6 +1070,13 @@ Like refuse, but ignores local data and refuses the query.
 \h'5'\fIalways_nxdomain\fR
 Like static, but ignores local data and returns nxdomain for the query.
 .TP 10
+\h'5'\fInoview\fR
+Breaks out of that view and moves towards the global local zones for answer
+to the query.  If the view first is no, it'll resolve normally.  If view first
+is enabled, it'll break perform that step and check the global answers.
+For when the view has view specific overrides but some zone has to be
+answered from global local zone contents. 
+.TP 10
 \h'5'\fInodefault\fR
 Used to turn off default contents for AS112 zones. The other types
 also turn off default contents for the zone. The 'nodefault' option

services/localzone.c

@@ -1178,6 +1178,10 @@ void local_zones_print(struct local_zones* zones)
 			log_nametypeclass(0, "always_nxdomain zone", 
 				z->name, 0, z->dclass);
 			break;
+		case local_zone_noview:
+			log_nametypeclass(0, "noview zone", 
+				z->name, 0, z->dclass);
+			break;
 		default:
 			log_nametypeclass(0, "badtyped zone", 
 				z->name, 0, z->dclass);
@@ -1595,6 +1599,10 @@ local_zones_answer(struct local_zones* zones, struct module_env* env,
 			lock_rw_rdlock(&z->lock);
 			lzt = z->type;
 		}
+		if(lzt == local_zone_noview) {
+			lock_rw_unlock(&z->lock);
+			z = NULL;
+		}
 		if(view->local_zones && !z && !view->isfirst){
 			lock_rw_unlock(&view->lock);
 			return 0;
@@ -1652,6 +1660,7 @@ const char* local_zone_type2str(enum localzone_type t)
 		case local_zone_always_transparent: return "always_transparent";
 		case local_zone_always_refuse: return "always_refuse";
 		case local_zone_always_nxdomain: return "always_nxdomain";
+		case local_zone_noview: return "noview";
 	}
 	return "badtyped"; 
 }
@@ -1680,6 +1689,8 @@ int local_zone_str2type(const char* type, enum localzone_type* t)
 		*t = local_zone_always_refuse;
 	else if(strcmp(type, "always_nxdomain") == 0)
 		*t = local_zone_always_nxdomain;
+	else if(strcmp(type, "noview") == 0)
+		*t = local_zone_noview;
 	else if(strcmp(type, "nodefault") == 0)
 		*t = local_zone_nodefault;
 	else return 0;

services/localzone.h

@@ -88,7 +88,9 @@ enum localzone_type {
 	/** answer with error, even when there is local data */	
 	local_zone_always_refuse,
 	/** answer with nxdomain, even when there is local data */
-	local_zone_always_nxdomain
+	local_zone_always_nxdomain,
+	/** answer not from the view, but global or no-answer */
+	local_zone_noview
 };
 
 /**