From: Colin Vidal <colin@isc.org>
Date: Thu, 16 Oct 2025 15:25:14 +0000 (+0200)
Subject: enable effective configuration
X-Git-Tag: v9.21.15~22^2~4
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=07793a1bfa76e14f4744cab513f0f72704856415;p=thirdparty%2Fbind9.git

enable effective configuration

The effective configuration now contains the actual named configuration
as a unified user/global single tree instance.  We now provide this to
apply_configuration() instead of the user configuration.
---

diff --git a/bin/named/config.c b/bin/named/config.c
index 3fd69eaf064..ab4bbe33cc3 100644
--- a/bin/named/config.c
+++ b/bin/named/config.c
@@ -618,7 +618,6 @@ named_config_getport(const cfg_obj_t *config, const char *type,
 	if (options != NULL) {
 		maps[i++] = options;
 	}
-	maps[i++] = named_g_defaultoptions;
 	maps[i] = NULL;
 
 	result = named_config_get(maps, type, &portobj);
diff --git a/bin/named/include/named/config.h b/bin/named/include/named/config.h
index 4a9415df5a9..c9647e9cf21 100644
--- a/bin/named/include/named/config.h
+++ b/bin/named/include/named/config.h
@@ -69,3 +69,7 @@ named_config_getkeyalgorithm(const char *str, unsigned int *typep,
 isc_result_t
 named_config_findopt(const cfg_obj_t *opts1, const cfg_obj_t *opts2,
 		     const char *name, const cfg_obj_t **objp);
+
+isc_result_t
+named_config_effective(cfg_obj_t **effective, const cfg_obj_t *defaults,
+		       const cfg_obj_t *user);
diff --git a/bin/named/server.c b/bin/named/server.c
index 5aec16d3798..39f9bbd5756 100644
--- a/bin/named/server.c
+++ b/bin/named/server.c
@@ -1119,7 +1119,6 @@ configure_view_dnsseckeys(dns_view_t *view, const cfg_obj_t *vconfig,
 		}
 	}
 
-	maps[i++] = named_g_defaultoptions;
 	maps[i] = NULL;
 
 	dns_view_initsecroots(view);
@@ -1160,8 +1159,8 @@ configure_view_dnsseckeys(dns_view_t *view, const cfg_obj_t *vconfig,
 				      "using built-in root key for view %s",
 				      view->name);
 
-			(void)cfg_map_get(named_g_defaultconfig,
-					  "trust-anchors", &builtin_keys);
+			(void)cfg_map_get(config, "trust-anchors",
+					  &builtin_keys);
 		}
 
 		if (builtin_keys != NULL) {
@@ -3831,7 +3830,6 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config,
 	if (options != NULL) {
 		maps[i++] = options;
 	}
-	maps[i++] = named_g_defaultoptions;
 
 	if (config != NULL) {
 		cfgmaps[j++] = config;
@@ -7185,7 +7183,6 @@ setup_newzones(dns_view_t *view, cfg_obj_t *config, cfg_obj_t *vconfig,
 	if (result == ISC_R_SUCCESS) {
 		maps[i++] = options;
 	}
-	maps[i++] = named_g_defaultoptions;
 	maps[i] = NULL;
 
 	result = named_config_get(maps, "allow-new-zones", &nz);
@@ -7904,7 +7901,6 @@ apply_configuration(cfg_obj_t *config, cfg_obj_t *bindkeys,
 	if (result == ISC_R_SUCCESS) {
 		maps[i++] = options;
 	}
-	maps[i++] = named_g_defaultoptions;
 	maps[i] = NULL;
 
 	/* Create the ACL configuration context */
@@ -9020,13 +9016,14 @@ cleanup_aclctx:
 		      ISC_LOG_DEBUG(1), "apply_configuration: %s",
 		      isc_result_totext(result));
 
+	cfg_obj_detach(&config);
 	return result;
 }
 
 static isc_result_t
 load_configuration(named_server_t *server, bool first_time) {
 	isc_result_t result;
-	cfg_obj_t *config = NULL, *bindkeys = NULL;
+	cfg_obj_t *config = NULL, *bindkeys = NULL, *effective = NULL;
 
 	isc_log_write(NAMED_LOGCATEGORY_GENERAL, NAMED_LOGMODULE_SERVER,
 		      ISC_LOG_DEBUG(1), "load_configuration");
@@ -9063,7 +9060,8 @@ load_configuration(named_server_t *server, bool first_time) {
 		}
 	}
 
-	result = apply_configuration(config, bindkeys, server, first_time);
+	effective = cfg_effective_config(config, named_g_defaultconfig);
+	result = apply_configuration(effective, bindkeys, server, first_time);
 
 cleanup:
 	if (bindkeys != NULL) {
diff --git a/bin/named/zoneconf.c b/bin/named/zoneconf.c
index f1eb90b0d4a..bfe72665b9b 100644
--- a/bin/named/zoneconf.c
+++ b/bin/named/zoneconf.c
@@ -167,7 +167,6 @@ configure_zone_acl(const cfg_obj_t *zconfig, const cfg_obj_t *vconfig,
 			maps[i++] = options;
 		}
 	}
-	maps[i++] = named_g_defaultoptions;
 	maps[i] = NULL;
 
 	(void)named_config_get(maps, aclname, &aclobj);
@@ -954,7 +953,6 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
 	}
 
 	nodefault[i] = NULL;
-	maps[i++] = named_g_defaultoptions;
 	maps[i] = NULL;
 
 	if (vconfig != NULL) {
@@ -1816,7 +1814,7 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
 		    dns_name_equal(dns_zone_getorigin(zone), dns_rootname))
 		{
 			result = named_config_getremotesdef(
-				named_g_defaultconfig, "remote-servers",
+				config, "remote-servers",
 				DEFAULT_IANA_ROOT_ZONE_PRIMARIES, &obj);
 			CHECK(result);
 		}