recursing-file \"named.recursing\";\n\
recursive-clients 1000;\n\
request-nsid false;\n\
+ request-zoneversion false;\n\
resolver-query-timeout 10;\n\
# responselog <boolean>;\n\
rrset-order { order random; };\n\
CHECK(dns_peer_setrequestnsid(peer, cfg_obj_asboolean(obj)));
}
+ obj = NULL;
+ (void)cfg_map_get(cpeer, "request-zoneversion", &obj);
+ if (obj != NULL) {
+ CHECK(dns_peer_setrequestzoneversion(peer,
+ cfg_obj_asboolean(obj)));
+ }
+
obj = NULL;
(void)cfg_map_get(cpeer, "send-cookie", &obj);
if (obj != NULL) {
INSIST(result == ISC_R_SUCCESS);
view->requestnsid = cfg_obj_asboolean(obj);
+ obj = NULL;
+ result = named_config_get(maps, "request-zoneversion", &obj);
+ INSIST(result == ISC_R_SUCCESS);
+ view->requestzoneversion = cfg_obj_asboolean(obj);
+
obj = NULL;
result = named_config_get(maps, "send-cookie", &obj);
INSIST(result == ISC_R_SUCCESS);
request-ixfr no;
request-ixfr-max-diffs 0;
request-nsid no;
+ request-zoneversion no;
require-cookie no;
send-cookie no;
tcp-keepalive no;
request-ixfr no;
request-ixfr-max-diffs 0;
request-nsid no;
+ request-zoneversion no;
require-cookie no;
send-cookie no;
tcp-keepalive no;
``zoneload``
Loading of zones and creation of automatic empty zones.
+
+``zoneversion``
+ ZONEVERSION options received from upstream servers.
+
option in its response, then its contents are logged in the ``nsid``
category at level ``info``. The default is ``no``.
+.. namedconf:statement:: request-zoneversion
+ :tags: query
+ :short: Controls whether an empty EDNS(0) ZONEVERSION option is sent with all queries to authoritative name servers during iterative resolution.
+
+ If ``yes``, then an empty EDNS(0) ZONEVERSION option is sent
+ with all queries to authoritative name servers during iterative
+ resolution. If the authoritative server returns an ZONEVERSION
+ option in its response, then its contents are logged in the
+ ``zoneversion`` category at level ``info``. If the NSID has
+ also been requested and it is returned then that is appended to
+ the log message. The default is ``no``.
+
.. namedconf:statement:: require-cookie
:tags: query
:short: Controls whether responses without a server cookie are accepted.
- :namedconf:ref:`request-expire`
- :namedconf:ref:`request-ixfr`
- :namedconf:ref:`request-nsid`
+ - :namedconf:ref:`request-zoneversion`
- :namedconf:ref:`require-cookie`
- :namedconf:ref:`send-cookie`
- :namedconf:ref:`transfer-format`
request-ixfr <boolean>;
request-ixfr-max-diffs <integer>;
request-nsid <boolean>;
+ request-zoneversion <boolean>;
require-server-cookie <boolean>;
resolver-query-timeout <integer>;
resolver-use-dns64 <boolean>;
request-ixfr <boolean>;
request-ixfr-max-diffs <integer>;
request-nsid <boolean>;
+ request-zoneversion <boolean>;
require-cookie <boolean>;
send-cookie <boolean>;
tcp-keepalive <boolean>;
request-ixfr <boolean>;
request-ixfr-max-diffs <integer>;
request-nsid <boolean>;
+ request-zoneversion <boolean>;
require-server-cookie <boolean>;
resolver-query-timeout <integer>;
resolver-use-dns64 <boolean>;
request-ixfr <boolean>;
request-ixfr-max-diffs <integer>;
request-nsid <boolean>;
+ request-zoneversion <boolean>;
require-cookie <boolean>;
send-cookie <boolean>;
tcp-keepalive <boolean>;
isc_result_t
dns_peer_getrequestnsid(dns_peer_t *peer, bool *retval);
+isc_result_t
+dns_peer_setrequestzoneversion(dns_peer_t *peer, bool newval);
+
+isc_result_t
+dns_peer_getrequestzoneversion(dns_peer_t *peer, bool *retval);
+
isc_result_t
dns_peer_setsendcookie(dns_peer_t *peer, bool newval);
* Options that modify how a 'fetch' is done.
*/
enum {
- DNS_FETCHOPT_TCP = 1 << 0, /*%< Use TCP. */
- DNS_FETCHOPT_UNSHARED = 1 << 1, /*%< See below. */
- DNS_FETCHOPT_RECURSIVE = 1 << 2, /*%< Set RD? */
- DNS_FETCHOPT_NOEDNS0 = 1 << 3, /*%< Do not use EDNS. */
- DNS_FETCHOPT_FORWARDONLY = 1 << 4, /*%< Only use forwarders. */
- DNS_FETCHOPT_NOVALIDATE = 1 << 5, /*%< Disable validation. */
- DNS_FETCHOPT_WANTNSID = 1 << 6, /*%< Request NSID */
- DNS_FETCHOPT_PREFETCH = 1 << 7, /*%< Do prefetch */
- DNS_FETCHOPT_NOCDFLAG = 1 << 8, /*%< Don't set CD flag. */
- DNS_FETCHOPT_NONTA = 1 << 9, /*%< Ignore NTA table. */
- DNS_FETCHOPT_NOCACHED = 1 << 10, /*%< Force cache update. */
- DNS_FETCHOPT_QMINIMIZE = 1 << 11, /*%< Use qname minimization. */
- DNS_FETCHOPT_NOFOLLOW = 1 << 12, /*%< Don't retrieve the NS RRset
- * from the child zone when a
- * delegation is returned in
- * response to a NS query. */
- DNS_FETCHOPT_QMIN_STRICT = 1 << 13, /*%< Do not work around servers
- * that return errors on
- * non-empty terminals. */
- DNS_FETCHOPT_QMIN_SKIP_IP6A = 1 << 14, /*%< Skip some labels when
- * doing qname minimization
- * on ip6.arpa. */
- DNS_FETCHOPT_NOFORWARD = 1 << 15, /*%< Do not use forwarders if
- * possible. */
- DNS_FETCHOPT_QMINFETCH = 1 << 16, /*%< Qmin fetch */
+ DNS_FETCHOPT_TCP = 1 << 0, /*%< Use TCP. */
+ DNS_FETCHOPT_UNSHARED = 1 << 1, /*%< See below. */
+ DNS_FETCHOPT_RECURSIVE = 1 << 2, /*%< Set RD? */
+ DNS_FETCHOPT_NOEDNS0 = 1 << 3, /*%< Do not use EDNS. */
+ DNS_FETCHOPT_FORWARDONLY = 1 << 4, /*%< Only use forwarders. */
+ DNS_FETCHOPT_NOVALIDATE = 1 << 5, /*%< Disable validation. */
+ DNS_FETCHOPT_WANTNSID = 1 << 6, /*%< Request NSID */
+ DNS_FETCHOPT_PREFETCH = 1 << 7, /*%< Do prefetch */
+ DNS_FETCHOPT_NOCDFLAG = 1 << 8, /*%< Don't set CD flag. */
+ DNS_FETCHOPT_NONTA = 1 << 9, /*%< Ignore NTA table. */
+ DNS_FETCHOPT_NOCACHED = 1 << 10, /*%< Force cache update. */
+ DNS_FETCHOPT_QMINIMIZE = 1 << 11, /*%< Use qname minimization. */
+ DNS_FETCHOPT_NOFOLLOW = 1 << 12, /*%< Don't retrieve the NS RRset
+ * from the child zone when a
+ * delegation is returned in
+ * response to a NS query. */
+ DNS_FETCHOPT_QMIN_STRICT = 1 << 13, /*%< Do not work around servers
+ * that return errors on
+ * non-empty terminals. */
+ DNS_FETCHOPT_QMIN_SKIP_IP6A = 1 << 14, /*%< Skip some labels when
+ * doing qname minimization
+ * on ip6.arpa. */
+ DNS_FETCHOPT_NOFORWARD = 1 << 15, /*%< Do not use forwarders if
+ * possible. */
+ DNS_FETCHOPT_QMINFETCH = 1 << 16, /*%< Qmin fetch */
+ DNS_FETCHOPT_WANTZONEVERSION = 1 << 17, /*%< Request ZONEVERSION */
/*% EDNS version bits: */
DNS_FETCHOPT_EDNSVERSIONSET = 1 << 23,
dns_rrl_t *rrl;
bool provideixfr;
bool requestnsid;
+ bool requestzoneversion;
bool sendcookie;
dns_ttl_t maxcachettl;
dns_ttl_t maxncachettl;
bool request_ixfr;
bool support_edns;
bool request_nsid;
+ bool request_zoneversion;
bool send_cookie;
bool require_cookie;
bool request_expire;
SERVER_PADDING_BIT,
REQUEST_TCP_KEEPALIVE_BIT,
REQUIRE_COOKIE_BIT,
- DNS_PEER_FLAGS_COUNT
+ DNS_PEER_FLAGS_COUNT,
+ REQUEST_ZONEVERSION
};
STATIC_ASSERT(DNS_PEER_FLAGS_COUNT <= CHAR_BIT * sizeof(uint32_t),
ACCESS_OPTION(requestixfrmaxdiffs, REQUEST_IXFRMAXDIFFS_BIT, uint32_t,
request_ixfr_maxdiffs)
ACCESS_OPTION(requestnsid, REQUEST_NSID_BIT, bool, request_nsid)
+ACCESS_OPTION(requestzoneversion, REQUEST_ZONEVERSION, bool,
+ request_zoneversion)
ACCESS_OPTION(requirecookie, REQUIRE_COOKIE_BIT, bool, require_cookie)
ACCESS_OPTION(sendcookie, SEND_COOKIE_BIT, bool, send_cookie)
ACCESS_OPTION(supportedns, SUPPORT_EDNS_BIT, bool, support_edns)
#include <isc/counter.h>
#include <isc/hash.h>
#include <isc/hashmap.h>
+#include <isc/hex.h>
#include <isc/log.h>
#include <isc/loop.h>
#include <isc/mutex.h>
unsigned int flags = query->addrinfo->flags;
bool reqnsid = res->view->requestnsid;
bool sendcookie = res->view->sendcookie;
+ bool reqzoneversion = res->view->requestzoneversion;
bool tcpkeepalive = false;
unsigned char cookie[COOKIE_BUFFER_SIZE];
uint16_t padding = 0;
*/
if (peer != NULL) {
uint8_t ednsversion;
- (void)dns_peer_getrequestnsid(peer, &reqnsid);
- (void)dns_peer_getsendcookie(peer, &sendcookie);
result = dns_peer_getednsversion(peer,
&ednsversion);
if (result == ISC_R_SUCCESS &&
{
version = ednsversion;
}
+ (void)dns_peer_getrequestnsid(peer, &reqnsid);
+ (void)dns_peer_getrequestzoneversion(
+ peer, &reqzoneversion);
+ (void)dns_peer_getsendcookie(peer, &sendcookie);
}
if (NOCOOKIE(query->addrinfo)) {
sendcookie = false;
ednsopts[ednsopt].value = NULL;
ednsopt++;
}
+ if (reqzoneversion) {
+ INSIST(ednsopt < DNS_EDNSOPTIONS);
+ ednsopts[ednsopt].code = DNS_OPT_ZONEVERSION;
+ ednsopts[ednsopt].length = 0;
+ ednsopts[ednsopt].value = NULL;
+ ednsopt++;
+ }
if (sendcookie) {
INSIST(ednsopt < DNS_EDNSOPTIONS);
ednsopts[ednsopt].code = DNS_OPT_COOKIE;
query->ednsversion = version;
result = fctx_addopt(fctx->qmessage, version, udpsize,
ednsopts, ednsopt);
- if (reqnsid && result == ISC_R_SUCCESS) {
- query->options |= DNS_FETCHOPT_WANTNSID;
+ if (result == ISC_R_SUCCESS) {
+ if (reqnsid) {
+ query->options |= DNS_FETCHOPT_WANTNSID;
+ }
+ if (reqzoneversion) {
+ query->options |=
+ DNS_FETCHOPT_WANTZONEVERSION;
+ }
} else if (result != ISC_R_SUCCESS) {
/*
* We couldn't add the OPT, but we'll
checknamessection(message, DNS_SECTION_ADDITIONAL);
}
+static void
+make_hex(unsigned char *src, size_t srclen, char *buf, size_t buflen) {
+ isc_buffer_t b;
+ isc_region_t r;
+ isc_result_t result;
+
+ r.base = src;
+ r.length = srclen;
+ isc_buffer_init(&b, buf, buflen);
+ result = isc_hex_totext(&r, 0, "", &b);
+ RUNTIME_CHECK(result == ISC_R_SUCCESS);
+ isc_buffer_putuint8(&b, '\0');
+}
+
+static void
+make_printable(unsigned char *src, size_t srclen, char *buf, size_t buflen) {
+ INSIST(buflen > srclen);
+ while (srclen-- > 0) {
+ unsigned char c = *src++;
+ *buf++ = isprint(c) ? c : '.';
+ }
+ *buf = '\0';
+}
+
/*
* Log server NSID at log level 'level'
*/
static void
log_nsid(isc_buffer_t *opt, size_t nsid_len, resquery_t *query, int level,
isc_mem_t *mctx) {
- static const char hex[17] = "0123456789abcdef";
- char addrbuf[ISC_SOCKADDR_FORMATSIZE];
+ char addrbuf[ISC_SOCKADDR_FORMATSIZE], *buf = NULL, *pbuf = NULL;
size_t buflen;
- unsigned char *p, *nsid;
- unsigned char *buf = NULL, *pbuf = NULL;
REQUIRE(nsid_len <= UINT16_MAX);
pbuf = isc_mem_get(mctx, nsid_len + 1);
/* Convert to hex */
- p = buf;
- nsid = isc_buffer_current(opt);
- for (size_t i = 0; i < nsid_len; i++) {
- *p++ = hex[(nsid[i] >> 4) & 0xf];
- *p++ = hex[nsid[i] & 0xf];
- }
- *p = '\0';
+ make_hex(isc_buffer_current(opt), nsid_len, buf, buflen);
/* Make printable version */
- p = pbuf;
- for (size_t i = 0; i < nsid_len; i++) {
- *p++ = isprint(nsid[i]) ? nsid[i] : '.';
- }
- *p = '\0';
+ make_printable(isc_buffer_current(opt), nsid_len, pbuf, nsid_len + 1);
isc_sockaddr_format(&query->addrinfo->sockaddr, addrbuf,
sizeof(addrbuf));
isc_mem_put(mctx, buf, buflen);
}
+static void
+log_zoneversion(unsigned char *version, size_t version_len, unsigned char *nsid,
+ size_t nsid_len, resquery_t *query, int level,
+ isc_mem_t *mctx) {
+ char addrbuf[ISC_SOCKADDR_FORMATSIZE];
+ char namebuf[DNS_NAME_FORMATSIZE];
+ size_t nsid_buflen = 0;
+ char *nsid_buf = NULL;
+ char *nsid_pbuf = NULL;
+ const char *nsid_hex = "";
+ const char *nsid_print = "";
+ const char *sep_1 = "";
+ const char *sep_2 = "";
+ const char *sep_3 = "";
+ dns_name_t suffix = DNS_NAME_INITEMPTY;
+ unsigned int labels;
+
+ REQUIRE(version_len <= UINT16_MAX);
+
+ /*
+ * Don't log reflected ZONEVERSION option.
+ */
+ if (version_len == 0) {
+ return;
+ }
+
+ /* Enforced by dns_rdata_fromwire. */
+ INSIST(version_len >= 2);
+
+ /*
+ * Sanity check on label count.
+ */
+ labels = version[0] + 1;
+ if (dns_name_countlabels(query->fctx->name) < labels) {
+ return;
+ }
+
+ /*
+ * Get zone name.
+ */
+ dns_name_split(query->fctx->name, labels, NULL, &suffix);
+ dns_name_format(&suffix, namebuf, sizeof(namebuf));
+
+ if (nsid != NULL) {
+ nsid_buflen = nsid_len * 2 + 1;
+ nsid_hex = nsid_buf = isc_mem_get(mctx, nsid_buflen);
+ nsid_print = nsid_pbuf = isc_mem_get(mctx, nsid_len + 1);
+
+ /* Convert to hex */
+ make_hex(nsid, nsid_len, nsid_buf, nsid_buflen);
+
+ /* Convert to printable */
+ make_printable(nsid, nsid_len, nsid_pbuf, nsid_len + 1);
+
+ sep_1 = " (NSID ";
+ sep_2 = " (";
+ sep_3 = "))";
+ }
+
+ isc_sockaddr_format(&query->addrinfo->sockaddr, addrbuf,
+ sizeof(addrbuf));
+ if (version[1] == 0 && version_len == 6) {
+ uint32_t serial = version[2] << 24 | version[3] << 2 |
+ version[4] << 8 | version[5];
+ isc_log_write(DNS_LOGCATEGORY_ZONEVERSION,
+ DNS_LOGMODULE_RESOLVER, level,
+ "received ZONEVERSION serial %u from %s for %s "
+ "zone %s%s%s%s%s%s",
+ serial, addrbuf, query->fctx->info, namebuf,
+ sep_1, nsid_hex, sep_2, nsid_print, sep_3);
+ } else {
+ size_t version_buflen = version_len * 2 + 1;
+ char *version_hex = isc_mem_get(mctx, version_buflen);
+ char *version_pbuf = isc_mem_get(mctx, version_len - 1);
+
+ /* Convert to hex */
+ make_hex(version + 2, version_len - 2, version_hex,
+ version_buflen);
+
+ /* Convert to printable */
+ make_printable(version + 2, version_len - 2, version_pbuf,
+ version_len - 1);
+
+ isc_log_write(DNS_LOGCATEGORY_ZONEVERSION,
+ DNS_LOGMODULE_RESOLVER, level,
+ "received ZONEVERSION type %u value %s (%s) from "
+ "%s for %s zone %s%s%s%s%s%s",
+ version[1], version_hex, version_pbuf, addrbuf,
+ query->fctx->info, namebuf, sep_1, nsid_hex,
+ sep_2, nsid_print, sep_3);
+ isc_mem_put(mctx, version_hex, version_buflen);
+ isc_mem_put(mctx, version_pbuf, version_len - 1);
+ }
+
+ if (nsid_pbuf != NULL) {
+ isc_mem_put(mctx, nsid_pbuf, nsid_len + 1);
+ }
+ if (nsid_buf != NULL) {
+ isc_mem_put(mctx, nsid_buf, nsid_buflen);
+ }
+}
+
static bool
betterreferral(respctx_t *rctx) {
isc_result_t result;
isc_result_t result;
bool seen_cookie = false;
bool seen_nsid = false;
+ bool seen_zoneversion = false;
+ unsigned char *nsid = NULL;
+ uint16_t nsidlen = 0;
+ unsigned char *zoneversion = NULL;
+ uint16_t zoneversionlen = 0;
result = dns_rdataset_first(rctx->opt);
if (result != ISC_R_SUCCESS) {
break;
}
seen_nsid = true;
-
+ nsid = isc_buffer_current(&optbuf);
+ nsidlen = optlen;
if ((query->options & DNS_FETCHOPT_WANTNSID) != 0) {
log_nsid(&optbuf, optlen, query, ISC_LOG_INFO,
fctx->mctx);
optvalue, optlen);
}
break;
+ case DNS_OPT_ZONEVERSION:
+ if (seen_zoneversion) {
+ break;
+ }
+ seen_zoneversion = true;
+ zoneversion = isc_buffer_current(&optbuf);
+ zoneversionlen = optlen;
+ break;
default:
break;
}
isc_buffer_forward(&optbuf, optlen);
}
INSIST(isc_buffer_remaininglength(&optbuf) == 0U);
+
+ if ((query->options & DNS_FETCHOPT_WANTZONEVERSION) != 0 &&
+ zoneversion != NULL)
+ {
+ log_zoneversion(zoneversion, zoneversionlen, nsid, nsidlen,
+ query, ISC_LOG_INFO, fctx->mctx);
+ }
}
/*
NAMED_LOGCATEGORY_GENERAL = ISC_LOGCATEGORY_GENERAL,
ISC_LOGCATEGORY_SSLKEYLOG,
/* dns categories */
- DNS_LOGCATEGORY_NOTIFY,
+ DNS_LOGCATEGORY_CNAME,
DNS_LOGCATEGORY_DATABASE,
- DNS_LOGCATEGORY_SECURITY,
- DNS_LOGCATEGORY_DNSSEC,
- DNS_LOGCATEGORY_RESOLVER,
- DNS_LOGCATEGORY_XFER_IN,
- DNS_LOGCATEGORY_XFER_OUT,
DNS_LOGCATEGORY_DISPATCH,
- DNS_LOGCATEGORY_LAME_SERVERS,
+ DNS_LOGCATEGORY_DNSSEC,
+ DNS_LOGCATEGORY_DNSTAP,
DNS_LOGCATEGORY_EDNS_DISABLED,
+ DNS_LOGCATEGORY_LAME_SERVERS,
+ DNS_LOGCATEGORY_NOTIFY,
+ DNS_LOGCATEGORY_NSID,
+ DNS_LOGCATEGORY_RESOLVER,
DNS_LOGCATEGORY_RPZ,
+ DNS_LOGCATEGORY_RPZ_PASSTHRU,
DNS_LOGCATEGORY_RRL,
- DNS_LOGCATEGORY_CNAME,
+ DNS_LOGCATEGORY_SECURITY,
DNS_LOGCATEGORY_SPILL,
- DNS_LOGCATEGORY_DNSTAP,
- DNS_LOGCATEGORY_ZONELOAD,
- DNS_LOGCATEGORY_NSID,
- DNS_LOGCATEGORY_RPZ_PASSTHRU,
DNS_LOGCATEGORY_UPDATE_POLICY,
+ DNS_LOGCATEGORY_XFER_IN,
+ DNS_LOGCATEGORY_XFER_OUT,
+ DNS_LOGCATEGORY_ZONELOAD,
+ DNS_LOGCATEGORY_ZONEVERSION,
/* ns categories */
NS_LOGCATEGORY_CLIENT,
+ NS_LOGCATEGORY_DRA,
NS_LOGCATEGORY_NETWORK,
- NS_LOGCATEGORY_UPDATE,
NS_LOGCATEGORY_QUERIES,
- NS_LOGCATEGORY_UPDATE_SECURITY,
NS_LOGCATEGORY_QUERY_ERRORS,
- NS_LOGCATEGORY_TAT,
- NS_LOGCATEGORY_SERVE_STALE,
NS_LOGCATEGORY_RESPONSES,
- NS_LOGCATEGORY_DRA,
+ NS_LOGCATEGORY_SERVE_STALE,
+ NS_LOGCATEGORY_TAT,
+ NS_LOGCATEGORY_UPDATE,
+ NS_LOGCATEGORY_UPDATE_SECURITY,
/* cfg categories */
CFG_LOGCATEGORY_CONFIG,
/* named categories */
[ISC_LOGCATEGORY_GENERAL] = "general",
[ISC_LOGCATEGORY_SSLKEYLOG] = "sslkeylog",
/* dns categories */
- [DNS_LOGCATEGORY_NOTIFY] = "notify",
+ [DNS_LOGCATEGORY_CNAME] = "cname",
[DNS_LOGCATEGORY_DATABASE] = "database",
- [DNS_LOGCATEGORY_SECURITY] = "security",
- [DNS_LOGCATEGORY_DNSSEC] = "dnssec",
- [DNS_LOGCATEGORY_RESOLVER] = "resolver",
- [DNS_LOGCATEGORY_XFER_IN] = "xfer-in",
- [DNS_LOGCATEGORY_XFER_OUT] = "xfer-out",
[DNS_LOGCATEGORY_DISPATCH] = "dispatch",
- [DNS_LOGCATEGORY_LAME_SERVERS] = "lame-servers",
+ [DNS_LOGCATEGORY_DNSSEC] = "dnssec",
+ [DNS_LOGCATEGORY_DNSTAP] = "dnstap",
[DNS_LOGCATEGORY_EDNS_DISABLED] = "edns-disabled",
+ [DNS_LOGCATEGORY_LAME_SERVERS] = "lame-servers",
+ [DNS_LOGCATEGORY_NOTIFY] = "notify",
+ [DNS_LOGCATEGORY_NSID] = "nsid",
+ [DNS_LOGCATEGORY_RESOLVER] = "resolver",
[DNS_LOGCATEGORY_RPZ] = "rpz",
+ [DNS_LOGCATEGORY_RPZ_PASSTHRU] = "rpz-passthru",
[DNS_LOGCATEGORY_RRL] = "rate-limit",
- [DNS_LOGCATEGORY_CNAME] = "cname",
+ [DNS_LOGCATEGORY_SECURITY] = "security",
[DNS_LOGCATEGORY_SPILL] = "spill",
- [DNS_LOGCATEGORY_DNSTAP] = "dnstap",
- [DNS_LOGCATEGORY_ZONELOAD] = "zoneload",
- [DNS_LOGCATEGORY_NSID] = "nsid",
- [DNS_LOGCATEGORY_RPZ_PASSTHRU] = "rpz-passthru",
[DNS_LOGCATEGORY_UPDATE_POLICY] = "update-policy",
+ [DNS_LOGCATEGORY_XFER_IN] = "xfer-in",
+ [DNS_LOGCATEGORY_XFER_OUT] = "xfer-out",
+ [DNS_LOGCATEGORY_ZONELOAD] = "zoneload",
+ [DNS_LOGCATEGORY_ZONEVERSION] = "zoneversion",
/* ns categories */
[NS_LOGCATEGORY_CLIENT] = "client",
+ [NS_LOGCATEGORY_DRA] = "dns-reporting-agent",
[NS_LOGCATEGORY_NETWORK] = "network",
- [NS_LOGCATEGORY_UPDATE] = "update",
[NS_LOGCATEGORY_QUERIES] = "queries",
- [NS_LOGCATEGORY_UPDATE_SECURITY] = "update-security",
[NS_LOGCATEGORY_QUERY_ERRORS] = "query-errors",
- [NS_LOGCATEGORY_TAT] = "trust-anchor-telemetry",
- [NS_LOGCATEGORY_DRA] = "dns-reporting-agent",
- [NS_LOGCATEGORY_SERVE_STALE] = "serve-stale",
[NS_LOGCATEGORY_RESPONSES] = "responses",
+ [NS_LOGCATEGORY_SERVE_STALE] = "serve-stale",
+ [NS_LOGCATEGORY_TAT] = "trust-anchor-telemetry",
+ [NS_LOGCATEGORY_UPDATE] = "update",
+ [NS_LOGCATEGORY_UPDATE_SECURITY] = "update-security",
/* cfg categories */
[CFG_LOGCATEGORY_CONFIG] = "config",
/* named categories */
{ "request-expire", dns_peer_setrequestexpire },
{ "request-ixfr", dns_peer_setrequestixfr },
{ "request-nsid", dns_peer_setrequestnsid },
+ { "request-zoneversion", dns_peer_setrequestzoneversion },
{ "send-cookie", dns_peer_setsendcookie },
{ "tcp-keepalive", dns_peer_settcpkeepalive },
{ "tcp-only", dns_peer_setforcetcp },
{ "recursion", &cfg_type_boolean, 0 },
{ "request-nsid", &cfg_type_boolean, 0 },
{ "request-sit", NULL, CFG_CLAUSEFLAG_ANCIENT },
+ { "request-zoneversion", &cfg_type_boolean, 0 },
{ "require-server-cookie", &cfg_type_boolean, 0 },
{ "resolver-nonbackoff-tries", NULL, CFG_CLAUSEFLAG_ANCIENT },
{ "resolver-query-timeout", &cfg_type_uint32, 0 },
{ "request-ixfr", &cfg_type_boolean, 0 },
{ "request-ixfr-max-diffs", &cfg_type_uint32, 0 },
{ "request-nsid", &cfg_type_boolean, 0 },
+ { "request-zoneversion", &cfg_type_boolean, 0 },
{ "request-sit", NULL, CFG_CLAUSEFLAG_ANCIENT },
{ "require-cookie", &cfg_type_boolean, 0 },
{ "send-cookie", &cfg_type_boolean, 0 },
projects / thirdparty / bind9.git / commitdiff
