+1051. [bug] Do not ignore a network interface completely just
+ because it has a noncontiguous netmask. Instead,
+ omit it from the localnets ACL and issue a warning.
+ [RT #1891]
+
1047. [bug] When a request was refused due to being signed with
a TSIG key derived from an unsigned TKEY negotiation,
the response could have an rcode of SUCCESS rather
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: interfacemgr.c,v 1.54.2.2 2001/10/11 01:23:40 marka Exp $ */
+/* $Id: interfacemgr.c,v 1.54.2.3 2001/10/13 04:00:12 marka Exp $ */
#include <config.h>
if ((interface.flags & INTERFACE_F_UP) == 0)
continue;
- result = isc_netaddr_masktoprefixlen(&interface.netmask,
- &prefixlen);
- if (result != ISC_R_SUCCESS)
- goto ignore_interface;
elt.type = dns_aclelementtype_ipprefix;
elt.negative = ISC_FALSE;
elt.u.ip_prefix.address = interface.address;
- elt.u.ip_prefix.prefixlen = prefixlen;
- /* XXX suppress duplicates */
- result = dns_acl_appendelement(mgr->aclenv.localnets, &elt);
- if (result != ISC_R_SUCCESS)
- goto ignore_interface;
elt.u.ip_prefix.prefixlen = 32;
result = dns_acl_appendelement(mgr->aclenv.localhost, &elt);
if (result != ISC_R_SUCCESS)
goto ignore_interface;
+ result = isc_netaddr_masktoprefixlen(&interface.netmask,
+ &prefixlen);
+ if (result != ISC_R_SUCCESS) {
+ isc_log_write(IFMGR_COMMON_LOGARGS,
+ ISC_LOG_WARNING,
+ "omitting IPv4 interface %s from "
+ "localnets ACL: %s",
+ interface.name,
+ isc_result_totext(result));
+ } else {
+ elt.u.ip_prefix.prefixlen = prefixlen;
+ /* XXX suppress duplicates */
+ result = dns_acl_appendelement(mgr->aclenv.localnets,
+ &elt);
+ if (result != ISC_R_SUCCESS)
+ goto ignore_interface;
+ }
+
for (le = ISC_LIST_HEAD(mgr->listenon4->elts);
le != NULL;
le = ISC_LIST_NEXT(le, link))
projects / thirdparty / bind9.git / commitdiff
