- local-zone noview can be used to break out of the view to the

  global local zone contents, for queries for that zone.

git-svn-id: file:///svn/unbound/trunk@4540 be551aaa-1e26-0410-a405-d3ace91eadb9

diff --git a/doc/Changelog b/doc/Changelog
index 1ef8199db1356822d7822947ff821c6e97e875fe..28288d41cba470cf51ba1cf481cfe9cc939400ba 100644 (file)
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -1,6 +1,8 @@
 19 February 2018: Wouter
        - Fix #3505: Documentation for default local zones references
          wrong RFC.
+       - local-zone noview can be used to break out of the view to the
+         global local zone contents, for queries for that zone.
 
 16 February 2018: Wouter
        - Fixes for clang static analyzer, the missing ; in

diff --git a/doc/example.conf.in b/doc/example.conf.in
index aa063683c0d5ad29c41cfbd5151df3b7ee93818d..e764b50f1764e30464966de32b17847350ae0164 100644 (file)
--- a/doc/example.conf.in
+++ b/doc/example.conf.in
@@ -627,6 +627,7 @@ server:
        # o inform_deny drops queries and logs client IP address
        # o always_transparent, always_refuse, always_nxdomain, resolve in
        #   that way but ignore local data for that name.
+       # o noview breaks out of that view towards global local-zones.
        #
        # defaults are localhost address, reverse for 127.0.0.1 and ::1
        # and nxdomain for AS112 zones. If you configure one of these zones

diff --git a/doc/unbound.conf.5.in b/doc/unbound.conf.5.in
index 2cc02722bdb013811fa6c4748fdba3e18785bab9..f37477aa44f81b1330cbb19f2ad288f619acf3f1 100644 (file)
--- a/doc/unbound.conf.5.in
+++ b/doc/unbound.conf.5.in
@@ -1000,7 +1000,7 @@ address space are not validated.  This is usually required whenever
 Configure a local zone. The type determines the answer to give if
 there is no match from local\-data. The types are deny, refuse, static,
 transparent, redirect, nodefault, typetransparent, inform, inform_deny,
-always_transparent, always_refuse, always_nxdomain,
+always_transparent, always_refuse, always_nxdomain, noview,
 and are explained below. After that the default settings are listed. Use
 local\-data: to enter data into the local zone. Answers for local zones
 are authoritative DNS answers. By default the zones are class IN.
@@ -1070,6 +1070,13 @@ Like refuse, but ignores local data and refuses the query.
 \h'5'\fIalways_nxdomain\fR
 Like static, but ignores local data and returns nxdomain for the query.
 .TP 10
+\h'5'\fInoview\fR
+Breaks out of that view and moves towards the global local zones for answer
+to the query.  If the view first is no, it'll resolve normally.  If view first
+is enabled, it'll break perform that step and check the global answers.
+For when the view has view specific overrides but some zone has to be
+answered from global local zone contents. 
+.TP 10
 \h'5'\fInodefault\fR
 Used to turn off default contents for AS112 zones. The other types
 also turn off default contents for the zone. The 'nodefault' option

diff --git a/services/localzone.c b/services/localzone.c
index 90106d5c809b9ad0e7e5d1221bf211b507612819..af432ab5b1037d4984360838048b4528d965ea1d 100644 (file)
--- a/services/localzone.c
+++ b/services/localzone.c
@@ -1178,6 +1178,10 @@ void local_zones_print(struct local_zones* zones)
                        log_nametypeclass(0, "always_nxdomain zone", 
                                z->name, 0, z->dclass);
                        break;
+               case local_zone_noview:
+                       log_nametypeclass(0, "noview zone", 
+                               z->name, 0, z->dclass);
+                       break;
                default:
                        log_nametypeclass(0, "badtyped zone", 
                                z->name, 0, z->dclass);
@@ -1595,6 +1599,10 @@ local_zones_answer(struct local_zones* zones, struct module_env* env,
                        lock_rw_rdlock(&z->lock);
                        lzt = z->type;
                }
+               if(lzt == local_zone_noview) {
+                       lock_rw_unlock(&z->lock);
+                       z = NULL;
+               }
                if(view->local_zones && !z && !view->isfirst){
                        lock_rw_unlock(&view->lock);
                        return 0;
@@ -1652,6 +1660,7 @@ const char* local_zone_type2str(enum localzone_type t)
                case local_zone_always_transparent: return "always_transparent";
                case local_zone_always_refuse: return "always_refuse";
                case local_zone_always_nxdomain: return "always_nxdomain";
+               case local_zone_noview: return "noview";
        }
        return "badtyped"; 
 }
@@ -1680,6 +1689,8 @@ int local_zone_str2type(const char* type, enum localzone_type* t)
                *t = local_zone_always_refuse;
        else if(strcmp(type, "always_nxdomain") == 0)
                *t = local_zone_always_nxdomain;
+       else if(strcmp(type, "noview") == 0)
+               *t = local_zone_noview;
        else if(strcmp(type, "nodefault") == 0)
                *t = local_zone_nodefault;
        else return 0;

diff --git a/services/localzone.h b/services/localzone.h
index 0a8759268bb295a8513abda92c113906b1bbedaf..dd7aa584c4618f24faeaea282c29e5c6275c0cad 100644 (file)
--- a/services/localzone.h
+++ b/services/localzone.h
@@ -88,7 +88,9 @@ enum localzone_type {
        /** answer with error, even when there is local data */ 
        local_zone_always_refuse,
        /** answer with nxdomain, even when there is local data */
-       local_zone_always_nxdomain
+       local_zone_always_nxdomain,
+       /** answer not from the view, but global or no-answer */
+       local_zone_noview
 };
 
 /**