initialize queryonacl dns_view_t property

A dns_view_t has a queryonacl property, which is supposed to hold the
ACL matching the configuration "allow-query-on". However the code
parsing this configuration ACL was missing (or removed by mistake?),
hence this property was always NULL. The ACL was still built but
individually for each zone (which checks if the property exists in the
zone definition, view definition, and finally options definition).

It now create the ACL instance at the view level, enabling zones to
share the same (identical) ACL instead of having their own copies.

diff --git a/bin/named/server.c b/bin/named/server.c
index cccd19240523b2b5f84a6c6c4cd787793b271f5b..949059f801ed6d57b3d2b36655a7b62ca2c6537b 100644 (file)
--- a/bin/named/server.c
+++ b/bin/named/server.c
@@ -4885,6 +4885,10 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config,
        CHECK(configure_view_acl(vconfig, config, NULL, "allow-query-cache-on",
                                 NULL, actx, named_g_mctx, &view->cacheonacl));
 
+       CHECK(configure_view_acl(vconfig, config, named_g_config,
+                                "allow-query-on", NULL, actx, named_g_mctx,
+                                &view->queryonacl));
+
        CHECK(configure_view_acl(vconfig, config, named_g_config, "allow-proxy",
                                 NULL, actx, named_g_mctx, &view->proxyacl));