}
}
-isc_result_t
-named_config_getprimariesdef(const cfg_obj_t *cctx, const char *name,
- const cfg_obj_t **ret) {
+static isc_result_t
+getprimariesdef(const cfg_obj_t *cctx, const char *list, const char *name,
+ const cfg_obj_t **ret) {
isc_result_t result;
- const cfg_obj_t *primaries = NULL;
+ const cfg_obj_t *obj = NULL;
const cfg_listelt_t *elt;
- result = cfg_map_get(cctx, "primaries", &primaries);
- if (result != ISC_R_SUCCESS) {
- result = cfg_map_get(cctx, "masters", &primaries);
- }
+ REQUIRE(cctx != NULL);
+ REQUIRE(name != NULL);
+ REQUIRE(ret != NULL && *ret == NULL);
+
+ result = cfg_map_get(cctx, list, &obj);
if (result != ISC_R_SUCCESS) {
return (result);
}
-
- for (elt = cfg_list_first(primaries); elt != NULL;
- elt = cfg_list_next(elt)) {
- const cfg_obj_t *list;
- const char *listname;
-
- list = cfg_listelt_value(elt);
- listname = cfg_obj_asstring(cfg_tuple_get(list, "name"));
-
- if (strcasecmp(listname, name) == 0) {
- *ret = list;
+ elt = cfg_list_first(obj);
+ while (elt != NULL) {
+ obj = cfg_listelt_value(elt);
+ if (strcasecmp(cfg_obj_asstring(cfg_tuple_get(obj, "name")),
+ name) == 0) {
+ *ret = obj;
return (ISC_R_SUCCESS);
}
+ elt = cfg_list_next(elt);
}
return (ISC_R_NOTFOUND);
}
+isc_result_t
+named_config_getprimariesdef(const cfg_obj_t *cctx, const char *name,
+ const cfg_obj_t **ret) {
+ isc_result_t result;
+
+ result = getprimariesdef(cctx, "primaries", name, ret);
+ if (result != ISC_R_SUCCESS) {
+ result = getprimariesdef(cctx, "masters", name, ret);
+ }
+ return (result);
+}
+
isc_result_t
named_config_getipandkeylist(const cfg_obj_t *config, const cfg_obj_t *list,
isc_mem_t *mctx, dns_ipkeylist_t *ipkl) {
if (j < l) {
continue;
}
+ list = NULL;
tresult = named_config_getprimariesdef(config, listname,
&list);
if (tresult == ISC_R_NOTFOUND) {
--- /dev/null
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+primaries duplicate { 1.2.3.4; };
+primaries duplicate { 4.3.2.1; };
--- /dev/null
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+masters duplicate { 1.2.3.4; };
+primaries duplicate { 4.3.2.1; };
--- /dev/null
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+masters a { 1.2.3.4; };
+primaries b { 1.2.3.4; };
.nf
.ft C
masters string [ port integer ] [ dscp
- integer ] { ( masters | ipv4_address [
- port integer ] | ipv6_address [ port
+ integer ] { ( primaries | ipv4_address
+ [ port integer ] | ipv6_address [ port
integer ] ) [ key string ]; ... };
.ft P
.fi
allow\-transfer { address_match_element; ... };
allow\-update { address_match_element; ... };
allow\-update\-forwarding { address_match_element; ... };
- also\-notify [ port integer ] [ dscp integer ] { ( masters |
+ also\-notify [ port integer ] [ dscp integer ] { ( primaries |
ipv4_address [ port integer ] | ipv6_address [ port
integer ] ) [ key string ]; ... };
alt\-transfer\-source ( ipv4_address | * ) [ port ( integer | * )
blackhole { address_match_element; ... };
cache\-file quoted_string;
catalog\-zones { zone string [ default\-masters [ port integer ]
- [ dscp integer ] { ( masters | ipv4_address [ port
+ [ dscp integer ] { ( primaries | ipv4_address [ port
integer ] | ipv6_address [ port integer ] ) [ key
string ]; ... } ] [ zone\-directory quoted_string ] [
in\-memory boolean ] [ min\-update\-interval duration ]; ... };
new\-zones\-directory quoted_string;
no\-case\-compress { address_match_element; ... };
nocookie\-udp\-size integer;
- notify ( explicit | master\-only | boolean );
+ notify ( explicit | master\-only | primary\-only | boolean );
notify\-delay integer;
notify\-rate integer;
notify\-source ( ipv4_address | * ) [ port ( integer | * ) ] [
.fi
.UNINDENT
.UNINDENT
+.SS PRIMARIES
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+primaries string [ port integer ] [ dscp
+ integer ] { ( primaries | ipv4_address
+ [ port integer ] | ipv6_address [ port
+ integer ] ) [ key string ]; ... };
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
.SS SERVER
.INDENT 0.0
.INDENT 3.5
allow\-transfer { address_match_element; ... };
allow\-update { address_match_element; ... };
allow\-update\-forwarding { address_match_element; ... };
- also\-notify [ port integer ] [ dscp integer ] { ( masters |
+ also\-notify [ port integer ] [ dscp integer ] { ( primaries |
ipv4_address [ port integer ] | ipv6_address [ port
integer ] ) [ key string ]; ... };
alt\-transfer\-source ( ipv4_address | * ) [ port ( integer | * )
auto\-dnssec ( allow | maintain | off );
cache\-file quoted_string;
catalog\-zones { zone string [ default\-masters [ port integer ]
- [ dscp integer ] { ( masters | ipv4_address [ port
+ [ dscp integer ] { ( primaries | ipv4_address [ port
integer ] | ipv6_address [ port integer ] ) [ key
string ]; ... } ] [ zone\-directory quoted_string ] [
in\-memory boolean ] [ min\-update\-interval duration ]; ... };
new\-zones\-directory quoted_string;
no\-case\-compress { address_match_element; ... };
nocookie\-udp\-size integer;
- notify ( explicit | master\-only | boolean );
+ notify ( explicit | master\-only | primary\-only | boolean );
notify\-delay integer;
notify\-source ( ipv4_address | * ) [ port ( integer | * ) ] [
dscp integer ];
allow\-update { address_match_element; ... };
allow\-update\-forwarding { address_match_element; ... };
also\-notify [ port integer ] [ dscp integer ] { (
- masters | ipv4_address [ port integer ] |
+ primaries | ipv4_address [ port integer ] |
ipv6_address [ port integer ] ) [ key string ];
... };
alt\-transfer\-source ( ipv4_address | * ) [ port (
key\-directory quoted_string;
masterfile\-format ( map | raw | text );
masterfile\-style ( full | relative );
- masters [ port integer ] [ dscp integer ] { ( masters
- | ipv4_address [ port integer ] | ipv6_address [
- port integer ] ) [ key string ]; ... };
+ masters [ port integer ] [ dscp integer ] { (
+ primaries | ipv4_address [ port integer ] |
+ ipv6_address [ port integer ] ) [ key string ];
+ ... };
max\-ixfr\-ratio ( unlimited | percentage );
max\-journal\-size ( default | unlimited | sizeval );
max\-records integer;
min\-refresh\-time integer;
min\-retry\-time integer;
multi\-master boolean;
- notify ( explicit | master\-only | boolean );
+ notify ( explicit | master\-only | primary\-only | boolean );
notify\-delay integer;
notify\-source ( ipv4_address | * ) [ port ( integer | *
) ] [ dscp integer ];
notify\-source\-v6 ( ipv6_address | * ) [ port ( integer
| * ) ] [ dscp integer ];
notify\-to\-soa boolean;
+ primaries [ port integer ] [ dscp integer ] { (
+ primaries | ipv4_address [ port integer ] |
+ ipv6_address [ port integer ] ) [ key string ];
+ ... };
request\-expire boolean;
request\-ixfr boolean;
serial\-update\-method ( date | increment | unixtime );
allow\-transfer { address_match_element; ... };
allow\-update { address_match_element; ... };
allow\-update\-forwarding { address_match_element; ... };
- also\-notify [ port integer ] [ dscp integer ] { ( masters |
+ also\-notify [ port integer ] [ dscp integer ] { ( primaries |
ipv4_address [ port integer ] | ipv6_address [ port
integer ] ) [ key string ]; ... };
alt\-transfer\-source ( ipv4_address | * ) [ port ( integer | * )
key\-directory quoted_string;
masterfile\-format ( map | raw | text );
masterfile\-style ( full | relative );
- masters [ port integer ] [ dscp integer ] { ( masters |
+ masters [ port integer ] [ dscp integer ] { ( primaries |
ipv4_address [ port integer ] | ipv6_address [ port
integer ] ) [ key string ]; ... };
max\-ixfr\-ratio ( unlimited | percentage );
min\-refresh\-time integer;
min\-retry\-time integer;
multi\-master boolean;
- notify ( explicit | master\-only | boolean );
+ notify ( explicit | master\-only | primary\-only | boolean );
notify\-delay integer;
notify\-source ( ipv4_address | * ) [ port ( integer | * ) ] [
dscp integer ];
notify\-source\-v6 ( ipv6_address | * ) [ port ( integer | * ) ]
[ dscp integer ];
notify\-to\-soa boolean;
+ primaries [ port integer ] [ dscp integer ] { ( primaries |
+ ipv4_address [ port integer ] | ipv6_address [ port
+ integer ] ) [ key string ]; ... };
request\-expire boolean;
request\-ixfr boolean;
serial\-update\-method ( date | increment | unixtime );
dnssec-secure-to-insecure <boolean>;
dnssec-update-mode ( maintain | no-resign );
dnssec-validation ( yes | no | auto );
- dnstap { ( all | auth | client | forwarder |
- resolver | update ) [ ( query | response ) ];
- ... }; // not configured
- dnstap-identity ( <quoted_string> | none |
- hostname ); // not configured
- dnstap-output ( file | unix ) <quoted_string> [
- size ( unlimited | <size> ) ] [ versions (
- unlimited | <integer> ) ] [ suffix ( increment
- | timestamp ) ]; // not configured
- dnstap-version ( <quoted_string> | none ); // not configured
+ dnstap { ( all | auth | client | forwarder | resolver | update ) [
+ ( query | response ) ]; ... };
+ dnstap-identity ( <quoted_string> | none | hostname );
+ dnstap-output ( file | unix ) <quoted_string> [ size ( unlimited |
+ <size> ) ] [ versions ( unlimited | <integer> ) ] [ suffix (
+ increment | timestamp ) ];
+ dnstap-version ( <quoted_string> | none );
dscp <integer>;
dual-stack-servers [ port <integer> ] { ( <quoted_string> [ port
<integer> ] [ dscp <integer> ] | <ipv4_address> [ port
forward ( first | only );
forwarders [ port <integer> ] [ dscp <integer> ] { ( <ipv4_address>
| <ipv6_address> ) [ port <integer> ] [ dscp <integer> ]; ... };
- fstrm-set-buffer-hint <integer>; // not configured
- fstrm-set-flush-timeout <integer>; // not configured
- fstrm-set-input-queue-size <integer>; // not configured
- fstrm-set-output-notify-threshold <integer>; // not configured
- fstrm-set-output-queue-model ( mpsc | spsc ); // not configured
- fstrm-set-output-queue-size <integer>; // not configured
- fstrm-set-reopen-interval <duration>; // not configured
+ fstrm-set-buffer-hint <integer>;
+ fstrm-set-flush-timeout <integer>;
+ fstrm-set-input-queue-size <integer>;
+ fstrm-set-output-notify-threshold <integer>;
+ fstrm-set-output-queue-model ( mpsc | spsc );
+ fstrm-set-output-queue-size <integer>;
+ fstrm-set-reopen-interval <duration>;
geoip-directory ( <quoted_string> | none );
geoip-use-ecs <boolean>; // obsolete
glue-cache <boolean>;
dnssec-secure-to-insecure <boolean>;
dnssec-update-mode ( maintain | no-resign );
dnssec-validation ( yes | no | auto );
- dnstap { ( all | auth | client | forwarder |
- resolver | update ) [ ( query | response ) ];
- ... }; // not configured
+ dnstap { ( all | auth | client | forwarder | resolver | update ) [
+ ( query | response ) ]; ... };
dual-stack-servers [ port <integer> ] { ( <quoted_string> [ port
<integer> ] [ dscp <integer> ] | <ipv4_address> [ port
<integer> ] [ dscp <integer> ] | <ipv6_address> [ port
return (result);
}
+/*
+ * Check "primaries" style list.
+ */
static isc_result_t
-get_primaries_def(const cfg_obj_t *cctx, const char *name,
- const cfg_obj_t **ret) {
- isc_result_t result;
- const cfg_obj_t *primaries = NULL;
+bind9_check_primarylist(const cfg_obj_t *cctx, const char *list,
+ isc_log_t *logctx, isc_symtab_t *symtab,
+ isc_mem_t *mctx) {
+ isc_symvalue_t symvalue;
+ isc_result_t result, tresult;
+ const cfg_obj_t *obj = NULL;
const cfg_listelt_t *elt;
- result = cfg_map_get(cctx, "primaries", &primaries);
+ result = cfg_map_get(cctx, list, &obj);
if (result != ISC_R_SUCCESS) {
- result = cfg_map_get(cctx, "masters", &primaries);
+ return (ISC_R_SUCCESS);
+ }
+
+ elt = cfg_list_first(obj);
+ while (elt != NULL) {
+ char *tmp;
+ const char *name;
+
+ obj = cfg_listelt_value(elt);
+ name = cfg_obj_asstring(cfg_tuple_get(obj, "name"));
+
+ tmp = isc_mem_strdup(mctx, name);
+ symvalue.as_cpointer = obj;
+ tresult = isc_symtab_define(symtab, tmp, 1, symvalue,
+ isc_symexists_reject);
+ if (tresult == ISC_R_EXISTS) {
+ const char *file = NULL;
+ unsigned int line;
+
+ RUNTIME_CHECK(
+ isc_symtab_lookup(symtab, tmp, 1, &symvalue) ==
+ ISC_R_SUCCESS);
+ file = cfg_obj_file(symvalue.as_cpointer);
+ line = cfg_obj_line(symvalue.as_cpointer);
+
+ if (file == NULL) {
+ file = "<unknown file>";
+ }
+ cfg_obj_log(obj, logctx, ISC_LOG_ERROR,
+ "primaries list '%s' is duplicated: "
+ "also defined at %s:%u",
+ name, file, line);
+ isc_mem_free(mctx, tmp);
+ result = tresult;
+ break;
+ } else if (tresult != ISC_R_SUCCESS) {
+ isc_mem_free(mctx, tmp);
+ result = tresult;
+ break;
+ }
+
+ elt = cfg_list_next(elt);
}
+ return (result);
+}
+
+/*
+ * Check primaries lists for duplicates.
+ */
+static isc_result_t
+bind9_check_primarylists(const cfg_obj_t *cctx, isc_log_t *logctx,
+ isc_mem_t *mctx) {
+ isc_result_t result, tresult;
+ isc_symtab_t *symtab = NULL;
+
+ result = isc_symtab_create(mctx, 100, freekey, mctx, false, &symtab);
if (result != ISC_R_SUCCESS) {
return (result);
}
+ tresult = bind9_check_primarylist(cctx, "primaries", logctx, symtab,
+ mctx);
+ if (tresult != ISC_R_SUCCESS) {
+ result = tresult;
+ }
+ tresult = bind9_check_primarylist(cctx, "masters", logctx, symtab,
+ mctx);
+ if (tresult != ISC_R_SUCCESS) {
+ result = tresult;
+ }
+ isc_symtab_destroy(&symtab);
+ return (result);
+}
- for (elt = cfg_list_first(primaries); elt != NULL;
- elt = cfg_list_next(elt)) {
- const cfg_obj_t *list;
+static isc_result_t
+get_primaries(const cfg_obj_t *cctx, const char *list, const char *name,
+ const cfg_obj_t **ret) {
+ isc_result_t result;
+ const cfg_obj_t *obj = NULL;
+ const cfg_listelt_t *elt = NULL;
+
+ result = cfg_map_get(cctx, list, &obj);
+ if (result != ISC_R_SUCCESS) {
+ return (result);
+ }
+
+ elt = cfg_list_first(obj);
+ while (elt != NULL) {
const char *listname;
- list = cfg_listelt_value(elt);
- listname = cfg_obj_asstring(cfg_tuple_get(list, "name"));
+ obj = cfg_listelt_value(elt);
+ listname = cfg_obj_asstring(cfg_tuple_get(obj, "name"));
if (strcasecmp(listname, name) == 0) {
- *ret = list;
+ *ret = obj;
return (ISC_R_SUCCESS);
}
+
+ elt = cfg_list_next(elt);
}
+
return (ISC_R_NOTFOUND);
}
+static isc_result_t
+get_primaries_def(const cfg_obj_t *cctx, const char *name,
+ const cfg_obj_t **ret) {
+ isc_result_t result;
+
+ result = get_primaries(cctx, "primaries", name, ret);
+ if (result != ISC_R_SUCCESS) {
+ result = get_primaries(cctx, "masters", name, ret);
+ }
+ return (result);
+}
+
static isc_result_t
validate_primaries(const cfg_obj_t *obj, const cfg_obj_t *config,
uint32_t *countp, isc_log_t *logctx, isc_mem_t *mctx) {
result = ISC_R_FAILURE;
}
+ if (bind9_check_primarylists(config, logctx, mctx) != ISC_R_SUCCESS) {
+ result = ISC_R_FAILURE;
+ }
+
(void)cfg_map_get(config, "view", &views);
if (views != NULL && options != NULL) {
projects / thirdparty / bind9.git / commitdiff
