From: Mark Andrews Date: Mon, 25 Jan 2021 05:14:02 +0000 (+1100) Subject: Pass an afg_aclconfctx_t structure to cfg_acl_fromconfig X-Git-Tag: v9.17.10~17^2~4 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2b3fcd7156808b9423cf91655dae45c08c180638;p=thirdparty%2Fbind9.git Pass an afg_aclconfctx_t structure to cfg_acl_fromconfig in named_zone_inlinesigning. A NULL pointer does not work. --- diff --git a/bin/named/include/named/zoneconf.h b/bin/named/include/named/zoneconf.h index 962d5a229af..fadb3e1f38d 100644 --- a/bin/named/include/named/zoneconf.h +++ b/bin/named/include/named/zoneconf.h @@ -44,7 +44,8 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig, bool named_zone_reusable(dns_zone_t *zone, const cfg_obj_t *zconfig, - const cfg_obj_t *vconfig, const cfg_obj_t *config); + const cfg_obj_t *vconfig, const cfg_obj_t *config, + cfg_aclconfctx_t *actx); /*%< * If 'zone' can be safely reconfigured according to the configuration * data in 'zconfig', return true. If the configuration data is so @@ -54,7 +55,8 @@ named_zone_reusable(dns_zone_t *zone, const cfg_obj_t *zconfig, bool named_zone_inlinesigning(dns_zone_t *zone, const cfg_obj_t *zconfig, - const cfg_obj_t *vconfig, const cfg_obj_t *config); + const cfg_obj_t *vconfig, const cfg_obj_t *config, + cfg_aclconfctx_t *actx); /*%< * Determine if zone uses inline-signing. This is true if inline-signing * is set to yes, or if there is a dnssec-policy on a non-dynamic zone. diff --git a/bin/named/server.c b/bin/named/server.c index 93f5ab839b1..2354a55ca2c 100644 --- a/bin/named/server.c +++ b/bin/named/server.c @@ -6578,7 +6578,8 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, } if (zone != NULL && - !named_zone_reusable(zone, zconfig, vconfig, config)) { + !named_zone_reusable(zone, zconfig, vconfig, config, aclconf)) + { dns_zone_detach(&zone); } @@ -6658,8 +6659,8 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, strcasecmp(ztypestr, "slave") == 0)); if (zone_maybe_inline) { - inline_signing = named_zone_inlinesigning(zone, zconfig, - vconfig, config); + inline_signing = named_zone_inlinesigning( + zone, zconfig, vconfig, config, aclconf); } if (inline_signing) { dns_zone_getraw(zone, &raw); diff --git a/bin/named/zoneconf.c b/bin/named/zoneconf.c index 74a5c9c8cfe..9ad830b3164 100644 --- a/bin/named/zoneconf.c +++ b/bin/named/zoneconf.c @@ -176,7 +176,7 @@ configure_zone_acl(const cfg_obj_t *zconfig, const cfg_obj_t *vconfig, parse_acl: result = cfg_acl_fromconfig(aclobj, config, named_g_lctx, actx, - dns_zone_getmctx(zone), 0, &acl); + named_g_mctx, 0, &acl); if (result != ISC_R_SUCCESS) { return (result); } @@ -2068,7 +2068,8 @@ named_zone_configure_writeable_dlz(dns_dlzdb_t *dlzdatabase, dns_zone_t *zone, bool named_zone_reusable(dns_zone_t *zone, const cfg_obj_t *zconfig, - const cfg_obj_t *vconfig, const cfg_obj_t *config) { + const cfg_obj_t *vconfig, const cfg_obj_t *config, + cfg_aclconfctx_t *actx) { const cfg_obj_t *zoptions = NULL; const cfg_obj_t *obj = NULL; const char *cfilename; @@ -2103,7 +2104,7 @@ named_zone_reusable(dns_zone_t *zone, const cfg_obj_t *zconfig, } inline_signing = named_zone_inlinesigning(zone, zconfig, vconfig, - config); + config, actx); if (!inline_signing && has_raw) { dns_zone_log(zone, ISC_LOG_DEBUG(1), "not reusable: old zone was inline-signing"); @@ -2141,7 +2142,8 @@ named_zone_reusable(dns_zone_t *zone, const cfg_obj_t *zconfig, bool named_zone_inlinesigning(dns_zone_t *zone, const cfg_obj_t *zconfig, - const cfg_obj_t *vconfig, const cfg_obj_t *config) { + const cfg_obj_t *vconfig, const cfg_obj_t *config, + cfg_aclconfctx_t *actx) { isc_result_t res; const cfg_obj_t *zoptions = NULL; const cfg_obj_t *voptions = NULL; @@ -2181,7 +2183,6 @@ named_zone_inlinesigning(dns_zone_t *zone, const cfg_obj_t *zconfig, } if (res == ISC_R_SUCCESS) { dns_acl_t *acl = NULL; - cfg_aclconfctx_t *actx = NULL; res = cfg_acl_fromconfig( allowupdate, config, named_g_lctx, actx, dns_zone_getmctx(zone), 0, &acl);