Support 64 RPZ zones by default from 9.13 onwards

diff --git a/OPTIONS b/OPTIONS
index 317f2c35676115c27480d80e19bd95f0feb4de1c..21e74d4264aa9313b42d2391f82f76311a4ab1d1 100644 (file)
--- a/OPTIONS
+++ b/OPTIONS
@@ -19,9 +19,6 @@ Setting                   Description
                           named-checkzone
 -DNS_RUN_PID_DIR=0        Create default PID files in ${localstatedir}/run
                           rather than ${localstatedir}/run/named/
-                          Increase the maximum number of configurable
--DNS_RPZ_MAX_ZONES=64     response policy zones from 32 to 64; this is the
-                          highest possible setting
                           Disable the use of inline functions to implement
 -DISC_BUFFER_USEINLINE=0  the isc_buffer API: this reduces performance but
                           may be useful when debugging

diff --git a/OPTIONS.md b/OPTIONS.md
index 95709e0e6416640677cd0dd76178e943e4f8a85f..0382c6d7fc9cd574179dd4a703089c2dd43a99d6 100644 (file)
--- a/OPTIONS.md
+++ b/OPTIONS.md
@@ -23,6 +23,5 @@ Some of these settings are:
 |`-DCHECK_SIBLING=0`|Don't check sibling glue in `named-checkzone`|
 |`-DCHECK_LOCAL=0`|Don't check out-of-zone addresses in `named-checkzone`|
 |`-DNS_RUN_PID_DIR=0`|Create default PID files in `${localstatedir}/run` rather than `${localstatedir}/run/named/`|
-|`-DNS_RPZ_MAX_ZONES=64`|Increase the maximum number of configurable response policy zones from 32 to 64; this is the highest possible setting|
 |`-DISC_BUFFER_USEINLINE=0`|Disable the use of inline functions to implement the `isc_buffer` API: this reduces performance but may be useful when debugging |
 |`-DISC_HEAP_CHECK`|Test heap consistency after every heap operation; used when debugging|

diff --git a/lib/dns/include/dns/rpz.h b/lib/dns/include/dns/rpz.h
index 7e98837d4d16d7b08c1c1ff455e153a051d49182..64311550d22e6d5abeacd834229e9c5d39dd87d3 100644 (file)
--- a/lib/dns/include/dns/rpz.h
+++ b/lib/dns/include/dns/rpz.h
@@ -76,15 +76,12 @@ typedef enum {
 
 typedef isc_uint8_t        dns_rpz_num_t;
 
-#define DNS_RPZ_MAX_ZONES   32
-#if DNS_RPZ_MAX_ZONES > 32
-# if DNS_RPZ_MAX_ZONES > 64
-#  error "rpz zone bit masks must fit in a word"
-# endif
+#define DNS_RPZ_MAX_ZONES   64
+/*
+ * Type dns_rpz_zbits_t must be an unsigned int wide enough to contain
+ * at least DNS_RPZ_MAX_ZONES bits.
+ */
 typedef isc_uint64_t       dns_rpz_zbits_t;
-#else
-typedef isc_uint32_t       dns_rpz_zbits_t;
-#endif
 
 #define DNS_RPZ_ALL_ZBITS   ((dns_rpz_zbits_t)-1)
 

diff --git a/lib/dns/rpz.c b/lib/dns/rpz.c
index 97c0a1b7a87a852c9648afc09638b44a14a9790b..0560f5b242bce0651d39ee22b7f83065581cb491 100644 (file)
--- a/lib/dns/rpz.c
+++ b/lib/dns/rpz.c
@@ -283,12 +283,10 @@ zbit_to_num(dns_rpz_zbits_t zbit) {
 
        REQUIRE(zbit != 0);
        rpz_num = 0;
-#if DNS_RPZ_MAX_ZONES > 32
-       if ((zbit & 0xffffffff00000000L) != 0) {
+       if ((zbit & 0xffffffff00000000ULL) != 0) {
                zbit >>= 32;
                rpz_num += 32;
        }
-#endif
        if ((zbit & 0xffff0000) != 0) {
                zbit >>= 16;
                rpz_num += 16;
@@ -505,9 +503,7 @@ fix_qname_skip_recurse(dns_rpz_zones_t *rpzs) {
                req_mask |= req_mask >> 4;
                req_mask |= req_mask >> 8;
                req_mask |= req_mask >> 16;
-#if DNS_RPZ_MAX_ZONES > 32
                req_mask |= req_mask >> 32;
-#endif
 
                /*
                 * There's no point in skipping recursion for a later