From: Matthijs Mekking Date: Tue, 8 Dec 2020 14:08:32 +0000 (+0100) Subject: Remove a lot of obsoleted options X-Git-Tag: v9.17.10~31^2~5 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=87744f218d3cc76d2e73c9d6a9c7cd01407f327f;p=thirdparty%2Fbind9.git Remove a lot of obsoleted options These options were ancient or made obsolete a long time ago, it is safe to remove them. Also stop printing ancient options, they should be treated the same as unknown options. Removed options: lwres, geoip-use-ecs, sit-secret, use-ixfr, acache-cleaning-interval, acache-enable, additional-from-auth, additional-from-cache, allow-v6-synthesis, dnssec-enable, max-acache-size, nosit-udp-size, queryport-pool-ports, queryport-pool-updateinterval, request-sit, use-queryport-pool, and support-ixfr. --- diff --git a/bin/named/config.c b/bin/named/config.c index ccea2dbf4dc..77c0abaaa54 100644 --- a/bin/named/config.c +++ b/bin/named/config.c @@ -131,7 +131,6 @@ options {\n\ # treat-cr-as-space ;\n\ trust-anchor-telemetry yes;\n\ # use-id-pool ;\n\ -# use-ixfr ;\n\ \n\ /* view */\n\ allow-new-zones no;\n\ @@ -141,7 +140,6 @@ options {\n\ allow-recursion { localnets; localhost; };\n\ allow-recursion-on { any; };\n\ allow-update-forwarding {none;};\n\ -# allow-v6-synthesis ;\n\ auth-nxdomain false;\n\ check-dup-records warn;\n\ check-mx warn;\n\ diff --git a/bin/tests/named.conf b/bin/tests/named.conf index 928dd9e96a2..6a5f6543ff7 100644 --- a/bin/tests/named.conf +++ b/bin/tests/named.conf @@ -26,9 +26,6 @@ // watch out for ";" -- it's important! options { - additional-from-auth true; - additional-from-cache false; - version "my version string"; random-device "/dev/random"; directory "/tmp"; @@ -265,8 +262,6 @@ view "test-view" in { sig-validity-interval 45; max-cache-size 100000; allow-query { 10.0.0.30;}; - additional-from-cache false; - additional-from-auth no; match-clients { 10.0.0.1 ; }; check-names master warn; check-names slave ignore; @@ -418,9 +413,6 @@ server 1.2.3.4 { keys { "sample_key" }; // for TSIG; supported by the parser // but not yet implemented in the // rest of the server -# Now called 'request-ixfr' -# support-ixfr yes; // for IXFR supported by server - // if yes, the listed server talks IXFR }; logging { diff --git a/bin/tests/system/checkconf/bad-geoip-use-ecs.conf b/bin/tests/system/checkconf/bad-geoip-use-ecs.conf deleted file mode 100644 index 37ecfdee6b9..00000000000 --- a/bin/tests/system/checkconf/bad-geoip-use-ecs.conf +++ /dev/null @@ -1,14 +0,0 @@ -/* - * Copyright (C) Internet Systems Consortium, Inc. ("ISC") - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. - * - * See the COPYRIGHT file distributed with this work for additional - * information regarding copyright ownership. - */ - -options { - geoip-use-ecs yes; -}; diff --git a/bin/tests/system/checkconf/dnssec.1 b/bin/tests/system/checkconf/dnssec.1 index 82f4414973f..edef76fde7c 100644 --- a/bin/tests/system/checkconf/dnssec.1 +++ b/bin/tests/system/checkconf/dnssec.1 @@ -9,6 +9,17 @@ * information regarding copyright ownership. */ -options { - dnssec-enable no; +view view1 { + match-clients { any; }; + dnssec-validation yes; +}; + +view view2 { + match-clients { none; }; + dnssec-validation auto; +}; + +view view3 { + match-clients { none; }; + auto-dnssec maintain; }; diff --git a/bin/tests/system/checkconf/dnssec.2 b/bin/tests/system/checkconf/dnssec.2 index edef76fde7c..56c4a52fe69 100644 --- a/bin/tests/system/checkconf/dnssec.2 +++ b/bin/tests/system/checkconf/dnssec.2 @@ -11,15 +11,22 @@ view view1 { match-clients { any; }; - dnssec-validation yes; }; view view2 { match-clients { none; }; - dnssec-validation auto; }; view view3 { match-clients { none; }; - auto-dnssec maintain; + dnssec-validation auto; +}; + +view view4 { + match-clients { none; }; +}; + +view view5 { + match-clients { none; }; + auto-dnssec off; }; diff --git a/bin/tests/system/checkconf/dnssec.3 b/bin/tests/system/checkconf/dnssec.3 deleted file mode 100644 index 56c4a52fe69..00000000000 --- a/bin/tests/system/checkconf/dnssec.3 +++ /dev/null @@ -1,32 +0,0 @@ -/* - * Copyright (C) Internet Systems Consortium, Inc. ("ISC") - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. - * - * See the COPYRIGHT file distributed with this work for additional - * information regarding copyright ownership. - */ - -view view1 { - match-clients { any; }; -}; - -view view2 { - match-clients { none; }; -}; - -view view3 { - match-clients { none; }; - dnssec-validation auto; -}; - -view view4 { - match-clients { none; }; -}; - -view view5 { - match-clients { none; }; - auto-dnssec off; -}; diff --git a/bin/tests/system/checkconf/tests.sh b/bin/tests/system/checkconf/tests.sh index 2f613d8877b..d2350d4e5bd 100644 --- a/bin/tests/system/checkconf/tests.sh +++ b/bin/tests/system/checkconf/tests.sh @@ -113,14 +113,11 @@ status=`expr $status + $ret` n=`expr $n + 1` echo_i "checking named-checkconf dnssec warnings ($n)" ret=0 -# dnssec.1: dnssec-enable is obsolete -$CHECKCONF dnssec.1 > checkconf.out$n.1 2>&1 -grep "'dnssec-enable' is obsolete and should be removed" < checkconf.out$n.1 > /dev/null || ret=1 -# dnssec.2: auto-dnssec warning -$CHECKCONF dnssec.2 > checkconf.out$n.2 2>&1 +# dnssec.1: auto-dnssec warning +$CHECKCONF dnssec.1 > checkconf.out$n.2 2>&1 grep 'auto-dnssec may only be ' < checkconf.out$n.2 > /dev/null || ret=1 -# dnssec.3: should have no warnings -$CHECKCONF dnssec.3 > checkconf.out$n.3 2>&1 +# dnssec.2: should have no warnings +$CHECKCONF dnssec.2 > checkconf.out$n.3 2>&1 grep '.*' < checkconf.out$n.3 > /dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` @@ -460,15 +457,6 @@ grep "use of managed-keys is not allowed" checkconf.out$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` -n=`expr $n + 1` -echo_i "check that 'geoip-use-ecs no' generates a warning ($n)" -ret=0 -$CHECKCONF warn-geoip-use-ecs.conf > checkconf.out$n 2>/dev/null || ret=1 -[ -s checkconf.out$n ] || ret=1 -grep "'geoip-use-ecs' is obsolete" < checkconf.out$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi -status=`expr $status + $ret` - n=`expr $n + 1` echo_i "checking named-checkconf kasp errors ($n)" ret=0 diff --git a/bin/tests/system/checkconf/warn-geoip-use-ecs.conf b/bin/tests/system/checkconf/warn-geoip-use-ecs.conf deleted file mode 100644 index 9e2c76499da..00000000000 --- a/bin/tests/system/checkconf/warn-geoip-use-ecs.conf +++ /dev/null @@ -1,14 +0,0 @@ -/* - * Copyright (C) Internet Systems Consortium, Inc. ("ISC") - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. - * - * See the COPYRIGHT file distributed with this work for additional - * information regarding copyright ownership. - */ - -options { - geoip-use-ecs no; -}; diff --git a/bin/tests/system/keepalive/ns2/named.conf.in b/bin/tests/system/keepalive/ns2/named.conf.in index c24fbdcabdd..b753284875d 100644 --- a/bin/tests/system/keepalive/ns2/named.conf.in +++ b/bin/tests/system/keepalive/ns2/named.conf.in @@ -27,7 +27,6 @@ options { listen-on { 10.53.0.2; }; listen-on-v6 { none; }; recursion yes; - acache-enable yes; send-cookie yes; tcp-advertised-timeout 150; }; diff --git a/bin/tests/system/padding/ns2/named.conf.in b/bin/tests/system/padding/ns2/named.conf.in index 89fa9536515..fba1fcaf735 100644 --- a/bin/tests/system/padding/ns2/named.conf.in +++ b/bin/tests/system/padding/ns2/named.conf.in @@ -27,7 +27,6 @@ options { listen-on { 10.53.0.2; }; listen-on-v6 { none; }; recursion yes; - acache-enable yes; send-cookie yes; response-padding { !10.53.0.8; any; } block-size 64; }; diff --git a/bin/tests/system/rrl/tests.sh b/bin/tests/system/rrl/tests.sh index 764ccb8e692..846f692989b 100644 --- a/bin/tests/system/rrl/tests.sh +++ b/bin/tests/system/rrl/tests.sh @@ -163,8 +163,7 @@ ckstats () { ######### sec_start -# Tests of referrals to "." must be done before the hints are loaded -# or with "additional-from-cache no" +# Tests of referrals to "." must be done before the hints are loaded. burst 5 a1.tld3 +norec # basic rate limiting burst 3 a1.tld2 diff --git a/doc/arm/reference.rst b/doc/arm/reference.rst index 652c71903ac..96416d320e8 100644 --- a/doc/arm/reference.rst +++ b/doc/arm/reference.rst @@ -1658,16 +1658,6 @@ Boolean Options flush any pending zone writes. The default is ``flush-zones-on-shutdown no``. -``geoip-use-ecs`` - This option was part of an experimental implementation of the EDNS - CLIENT-SUBNET for authoritative servers, but is now obsolete. - -``ipv4only-enable`` - Create the IPV4ONLY.ARPA zone as described in RFC 8880. By - default the zone is only created if a DNS64 prefix is configured. - Control the SOA contact and server values with ``ipv4only-contact`` - and ``ipv4only-server`` respectively. - ``root-key-sentinel`` If ``yes``, respond to root key sentinel probes as described in draft-ietf-dnsop-kskroll-sentinel-08. The default is ``yes``. @@ -1781,9 +1771,6 @@ Boolean Options option in its response, then its contents are logged in the ``nsid`` category at level ``info``. The default is ``no``. -``request-sit`` - This experimental option is obsolete. - ``require-server-cookie`` If ``yes``, require a valid server cookie before sending a full response to a UDP request from a cookie-aware client. BADCOOKIE is sent if there is a @@ -1868,9 +1855,6 @@ Boolean Options option may further limit the response size as the default for ``max-udp-size`` is 1232. -``sit-secret`` - This experimental option is obsolete. - ``cookie-algorithm`` This sets the algorithm to be used when generating the server cookie; the options are "aes", "sha1", or "sha256". The default is "aes" if supported by @@ -1924,12 +1908,6 @@ Boolean Options The default is ``yes``. -``use-ixfr`` - *This option is obsolete*. To disable IXFR to a - particular server or servers, see the information on the - ``provide-ixfr`` option in :ref:`server_statement_definition_and_usage`. - See also :ref:`incremental_zone_transfers`. - ``provide-ixfr`` See the description of ``provide-ixfr`` in :ref:`server_statement_definition_and_usage`. @@ -2003,9 +1981,6 @@ Boolean Options The default setting is ``auto-dnssec off``. -``dnssec-enable`` - This option is obsolete and has no effect. - .. _dnssec-validation-option: ``dnssec-validation`` @@ -2369,12 +2344,6 @@ for details on how to specify IP address lists. and inherited by zones, this can lead to some zones unintentionally forwarding updates. -``allow-v6-synthesis`` - This option was introduced for the smooth transition from AAAA to A6 - and from "nibble labels" to binary labels. However, since both A6 and - binary labels were then deprecated, this option was also deprecated. - It is now ignored with some warning messages. - .. _allow-transfer-access: ``allow-transfer`` @@ -2534,6 +2503,14 @@ system default range; otherwise, it uses its own defaults: use-v4-udp-ports { range 1024 65535; }; use-v6-udp-ports { range 1024 65535; }; +The defaults of the ``avoid-v4-udp-ports`` and ``avoid-v6-udp-ports`` +options are: + +:: + + avoid-v4-udp-ports {}; + avoid-v6-udp-ports {}; + .. note:: Make sure the ranges are sufficiently large for security. A desirable size depends on several parameters, but we generally recommend it contain at least 16384 ports (14 bits of entropy). Note also that the @@ -2553,38 +2530,14 @@ system default range; otherwise, it uses its own defaults: set of ports that can be safely used in the expected operational environment. -The defaults of the ``avoid-v4-udp-ports`` and ``avoid-v6-udp-ports`` -options are: - -:: - - avoid-v4-udp-ports {}; - avoid-v6-udp-ports {}; - -.. note:: BIND 9.5.0 introduced the ``use-queryport-pool`` option to support - a pool of such random ports, but this option is now obsolete because - reusing the same ports in the pool may not be sufficiently secure. For - the same reason, it is generally strongly discouraged to specify a - particular port for the ``query-source`` or ``query-source-v6`` options; - it implicitly disables the use of randomized port numbers. - -``use-queryport-pool`` - This option is obsolete. - -``queryport-pool-ports`` - This option is obsolete. - -``queryport-pool-updateinterval`` - This option is obsolete. - - .. note:: The address specified in the ``query-source`` option is used for both - UDP and TCP queries, but the port applies only to UDP queries. TCP - queries always use a random unprivileged port. +.. note:: The address specified in the ``query-source`` option is used for both + UDP and TCP queries, but the port applies only to UDP queries. TCP + queries always use a random unprivileged port. - .. note:: Solaris 2.5.1 and earlier does not support setting the source address - for TCP sockets. +.. note:: Solaris 2.5.1 and earlier does not support setting the source address + for TCP sockets. - .. note:: See also ``transfer-source`` and ``notify-source``. +.. note:: See also ``transfer-source`` and ``notify-source``. .. _zone_transfers: diff --git a/lib/bind9/check.c b/lib/bind9/check.c index 1473b5385b5..e789aaadd1c 100644 --- a/lib/bind9/check.c +++ b/lib/bind9/check.c @@ -1557,17 +1557,6 @@ check_options(const cfg_obj_t *options, isc_log_t *logctx, isc_mem_t *mctx, } } - obj = NULL; - (void)cfg_map_get(options, "geoip-use-ecs", &obj); - if (obj != NULL && cfg_obj_asboolean(obj)) { - cfg_obj_log(obj, logctx, ISC_LOG_ERROR, - "'geoip-use-ecs yes': " - "ECS can no longer be used in geoip ACLs"); - if (result == ISC_R_SUCCESS) { - result = ISC_R_FAILURE; - } - } - obj = NULL; (void)cfg_map_get(options, "max-ixfr-ratio", &obj); if (obj != NULL && cfg_obj_ispercentage(obj)) { diff --git a/lib/isccfg/namedconf.c b/lib/isccfg/namedconf.c index e37cc25ed35..f85c698e613 100644 --- a/lib/isccfg/namedconf.c +++ b/lib/isccfg/namedconf.c @@ -235,20 +235,6 @@ static cfg_type_t cfg_type_portiplist = { "portiplist", cfg_parse_tuple, cfg_print_tuple, cfg_doc_tuple, &cfg_rep_tuple, portiplist_fields }; -/* - * Obsolete format for the "pubkey" statement. - */ -static cfg_tuplefielddef_t pubkey_fields[] = { - { "flags", &cfg_type_uint32, 0 }, - { "protocol", &cfg_type_uint32, 0 }, - { "algorithm", &cfg_type_uint32, 0 }, - { "key", &cfg_type_qstring, 0 }, - { NULL, NULL, 0 } -}; -static cfg_type_t cfg_type_pubkey = { "pubkey", cfg_parse_tuple, - cfg_print_tuple, cfg_doc_tuple, - &cfg_rep_tuple, pubkey_fields }; - /*% * A list of RR types, used in grant statements. * Note that the old parser allows quotes around the RR type names. @@ -1102,8 +1088,7 @@ static cfg_clausedef_t namedconf_clauses[] = { { "controls", &cfg_type_controls, CFG_CLAUSEFLAG_MULTI }, { "dnssec-policy", &cfg_type_dnssecpolicy, CFG_CLAUSEFLAG_MULTI }, { "logging", &cfg_type_logging, 0 }, - { "lwres", &cfg_type_bracketed_text, - CFG_CLAUSEFLAG_MULTI | CFG_CLAUSEFLAG_OBSOLETE }, + { "lwres", NULL, CFG_CLAUSEFLAG_MULTI | CFG_CLAUSEFLAG_ANCIENT }, { "masters", &cfg_type_primaries, CFG_CLAUSEFLAG_MULTI }, { "options", &cfg_type_options, 0 }, { "primaries", &cfg_type_primaries, CFG_CLAUSEFLAG_MULTI }, @@ -1165,7 +1150,7 @@ static cfg_clausedef_t options_clauses[] = { { "cookie-secret", &cfg_type_sstring, CFG_CLAUSEFLAG_MULTI }, { "coresize", &cfg_type_size, 0 }, { "datasize", &cfg_type_size, 0 }, - { "deallocate-on-exit", &cfg_type_boolean, CFG_CLAUSEFLAG_ANCIENT }, + { "deallocate-on-exit", NULL, CFG_CLAUSEFLAG_ANCIENT }, { "directory", &cfg_type_qstring, CFG_CLAUSEFLAG_CALLBACK }, #ifdef HAVE_DNSTAP { "dnstap-output", &cfg_type_dnstapoutput, 0 }, @@ -1180,7 +1165,7 @@ static cfg_clausedef_t options_clauses[] = { #endif /* ifdef HAVE_DNSTAP */ { "dscp", &cfg_type_uint32, 0 }, { "dump-file", &cfg_type_qstring, 0 }, - { "fake-iquery", &cfg_type_boolean, CFG_CLAUSEFLAG_ANCIENT }, + { "fake-iquery", NULL, CFG_CLAUSEFLAG_ANCIENT }, { "files", &cfg_type_size, 0 }, { "flush-zones-on-shutdown", &cfg_type_boolean, 0 }, #ifdef HAVE_DNSTAP @@ -1213,11 +1198,11 @@ static cfg_clausedef_t options_clauses[] = { { "geoip-directory", &cfg_type_qstringornone, CFG_CLAUSEFLAG_NOTCONFIGURED }, #endif /* HAVE_GEOIP2 */ - { "geoip-use-ecs", &cfg_type_boolean, CFG_CLAUSEFLAG_OBSOLETE }, - { "has-old-clients", &cfg_type_boolean, CFG_CLAUSEFLAG_ANCIENT }, + { "geoip-use-ecs", NULL, CFG_CLAUSEFLAG_ANCIENT }, + { "has-old-clients", NULL, CFG_CLAUSEFLAG_ANCIENT }, { "heartbeat-interval", &cfg_type_uint32, 0 }, - { "host-statistics", &cfg_type_boolean, CFG_CLAUSEFLAG_ANCIENT }, - { "host-statistics-max", &cfg_type_uint32, CFG_CLAUSEFLAG_ANCIENT }, + { "host-statistics", NULL, CFG_CLAUSEFLAG_ANCIENT }, + { "host-statistics-max", NULL, CFG_CLAUSEFLAG_ANCIENT }, { "hostname", &cfg_type_qstringornone, 0 }, { "interface-interval", &cfg_type_duration, 0 }, { "keep-response-order", &cfg_type_bracketed_aml, 0 }, @@ -1229,8 +1214,8 @@ static cfg_clausedef_t options_clauses[] = { { "max-rsa-exponent-size", &cfg_type_uint32, 0 }, { "memstatistics", &cfg_type_boolean, 0 }, { "memstatistics-file", &cfg_type_qstring, 0 }, - { "multiple-cnames", &cfg_type_boolean, CFG_CLAUSEFLAG_ANCIENT }, - { "named-xfer", &cfg_type_qstring, CFG_CLAUSEFLAG_ANCIENT }, + { "multiple-cnames", NULL, CFG_CLAUSEFLAG_ANCIENT }, + { "named-xfer", NULL, CFG_CLAUSEFLAG_ANCIENT }, { "notify-rate", &cfg_type_uint32, 0 }, { "pid-file", &cfg_type_qstringornone, 0 }, { "port", &cfg_type_uint32, 0 }, @@ -1241,17 +1226,17 @@ static cfg_clausedef_t options_clauses[] = { { "recursive-clients", &cfg_type_uint32, 0 }, { "reserved-sockets", &cfg_type_uint32, 0 }, { "secroots-file", &cfg_type_qstring, 0 }, - { "serial-queries", &cfg_type_uint32, CFG_CLAUSEFLAG_ANCIENT }, + { "serial-queries", NULL, CFG_CLAUSEFLAG_ANCIENT }, { "serial-query-rate", &cfg_type_uint32, 0 }, { "server-id", &cfg_type_serverid, 0 }, { "session-keyalg", &cfg_type_astring, 0 }, { "session-keyfile", &cfg_type_qstringornone, 0 }, { "session-keyname", &cfg_type_astring, 0 }, - { "sit-secret", &cfg_type_sstring, CFG_CLAUSEFLAG_OBSOLETE }, + { "sit-secret", NULL, CFG_CLAUSEFLAG_ANCIENT }, { "stacksize", &cfg_type_size, 0 }, { "startup-notify-rate", &cfg_type_uint32, 0 }, { "statistics-file", &cfg_type_qstring, 0 }, - { "statistics-interval", &cfg_type_uint32, CFG_CLAUSEFLAG_ANCIENT }, + { "statistics-interval", NULL, CFG_CLAUSEFLAG_ANCIENT }, { "tcp-advertised-timeout", &cfg_type_uint32, 0 }, { "tcp-clients", &cfg_type_uint32, 0 }, { "tcp-idle-timeout", &cfg_type_uint32, 0 }, @@ -1266,9 +1251,9 @@ static cfg_clausedef_t options_clauses[] = { { "transfers-in", &cfg_type_uint32, 0 }, { "transfers-out", &cfg_type_uint32, 0 }, { "transfers-per-ns", &cfg_type_uint32, 0 }, - { "treat-cr-as-space", &cfg_type_boolean, CFG_CLAUSEFLAG_ANCIENT }, - { "use-id-pool", &cfg_type_boolean, CFG_CLAUSEFLAG_ANCIENT }, - { "use-ixfr", &cfg_type_boolean, CFG_CLAUSEFLAG_OBSOLETE }, + { "treat-cr-as-space", NULL, CFG_CLAUSEFLAG_ANCIENT }, + { "use-id-pool", NULL, CFG_CLAUSEFLAG_ANCIENT }, + { "use-ixfr", NULL, CFG_CLAUSEFLAG_ANCIENT }, { "use-v4-udp-ports", &cfg_type_bracketed_portlist, 0 }, { "use-v6-udp-ports", &cfg_type_bracketed_portlist, 0 }, { "version", &cfg_type_qstringornone, 0 }, @@ -1920,24 +1905,22 @@ static cfg_type_t cfg_type_dns64 = { "dns64", cfg_parse_netprefix_map, */ static cfg_clausedef_t view_clauses[] = { - { "acache-cleaning-interval", &cfg_type_uint32, - CFG_CLAUSEFLAG_OBSOLETE }, - { "acache-enable", &cfg_type_boolean, CFG_CLAUSEFLAG_OBSOLETE }, - { "additional-from-auth", &cfg_type_boolean, CFG_CLAUSEFLAG_OBSOLETE }, - { "additional-from-cache", &cfg_type_boolean, CFG_CLAUSEFLAG_OBSOLETE }, + { "acache-cleaning-interval", NULL, CFG_CLAUSEFLAG_ANCIENT }, + { "acache-enable", NULL, CFG_CLAUSEFLAG_ANCIENT }, + { "additional-from-auth", NULL, CFG_CLAUSEFLAG_ANCIENT }, + { "additional-from-cache", NULL, CFG_CLAUSEFLAG_ANCIENT }, { "allow-new-zones", &cfg_type_boolean, 0 }, { "allow-query-cache", &cfg_type_bracketed_aml, 0 }, { "allow-query-cache-on", &cfg_type_bracketed_aml, 0 }, { "allow-recursion", &cfg_type_bracketed_aml, 0 }, { "allow-recursion-on", &cfg_type_bracketed_aml, 0 }, - { "allow-v6-synthesis", &cfg_type_bracketed_aml, - CFG_CLAUSEFLAG_OBSOLETE }, + { "allow-v6-synthesis", NULL, CFG_CLAUSEFLAG_ANCIENT }, { "attach-cache", &cfg_type_astring, 0 }, { "auth-nxdomain", &cfg_type_boolean, 0 }, { "cache-file", &cfg_type_qstring, 0 }, { "catalog-zones", &cfg_type_catz, 0 }, { "check-names", &cfg_type_checknames, CFG_CLAUSEFLAG_MULTI }, - { "cleaning-interval", &cfg_type_uint32, CFG_CLAUSEFLAG_ANCIENT }, + { "cleaning-interval", NULL, CFG_CLAUSEFLAG_ANCIENT }, { "clients-per-query", &cfg_type_uint32, 0 }, { "deny-answer-addresses", &cfg_type_denyaddresses, 0 }, { "deny-answer-aliases", &cfg_type_denyaliases, 0 }, @@ -1958,8 +1941,9 @@ static cfg_clausedef_t view_clauses[] = { CFG_CLAUSEFLAG_NOTCONFIGURED }, #endif /* ifdef USE_DNSRPS */ { "dnssec-accept-expired", &cfg_type_boolean, 0 }, - { "dnssec-enable", &cfg_type_boolean, CFG_CLAUSEFLAG_OBSOLETE }, - { "dnssec-lookaside", NULL, CFG_CLAUSEFLAG_MULTI | CFG_CLAUSEFLAG_ANCIENT }, + { "dnssec-enable", NULL, CFG_CLAUSEFLAG_ANCIENT }, + { "dnssec-lookaside", NULL, + CFG_CLAUSEFLAG_MULTI | CFG_CLAUSEFLAG_ANCIENT }, { "dnssec-must-be-secure", &cfg_type_mustbesecure, CFG_CLAUSEFLAG_MULTI }, { "dnssec-validation", &cfg_type_boolorauto, 0 }, @@ -1973,7 +1957,7 @@ static cfg_clausedef_t view_clauses[] = { { "empty-contact", &cfg_type_astring, 0 }, { "empty-server", &cfg_type_astring, 0 }, { "empty-zones-enable", &cfg_type_boolean, 0 }, - { "fetch-glue", &cfg_type_boolean, CFG_CLAUSEFLAG_ANCIENT }, + { "fetch-glue", NULL, CFG_CLAUSEFLAG_ANCIENT }, { "fetch-quota-params", &cfg_type_fetchquota, 0 }, { "fetches-per-server", &cfg_type_fetchesper, 0 }, { "fetches-per-zone", &cfg_type_fetchesper, 0 }, @@ -1991,7 +1975,7 @@ static cfg_clausedef_t view_clauses[] = { #else /* ifdef HAVE_LMDB */ { "lmdb-mapsize", &cfg_type_sizeval, CFG_CLAUSEFLAG_NOTCONFIGURED }, #endif /* ifdef HAVE_LMDB */ - { "max-acache-size", &cfg_type_sizenodefault, CFG_CLAUSEFLAG_OBSOLETE }, + { "max-acache-size", NULL, CFG_CLAUSEFLAG_ANCIENT }, { "max-cache-size", &cfg_type_sizeorpercent, 0 }, { "max-cache-ttl", &cfg_type_duration, 0 }, { "max-clients-per-query", &cfg_type_uint32, 0 }, @@ -2003,13 +1987,13 @@ static cfg_clausedef_t view_clauses[] = { { "message-compression", &cfg_type_boolean, 0 }, { "min-cache-ttl", &cfg_type_duration, 0 }, { "min-ncache-ttl", &cfg_type_duration, 0 }, - { "min-roots", &cfg_type_uint32, CFG_CLAUSEFLAG_ANCIENT }, + { "min-roots", NULL, CFG_CLAUSEFLAG_ANCIENT }, { "minimal-any", &cfg_type_boolean, 0 }, { "minimal-responses", &cfg_type_minimal, 0 }, { "new-zones-directory", &cfg_type_qstring, 0 }, { "no-case-compress", &cfg_type_bracketed_aml, 0 }, { "nocookie-udp-size", &cfg_type_uint32, 0 }, - { "nosit-udp-size", &cfg_type_uint32, CFG_CLAUSEFLAG_OBSOLETE }, + { "nosit-udp-size", NULL, CFG_CLAUSEFLAG_ANCIENT }, { "nta-lifetime", &cfg_type_duration, 0 }, { "nta-recheck", &cfg_type_duration, 0 }, { "nxdomain-redirect", &cfg_type_astring, 0 }, @@ -2023,20 +2007,19 @@ static cfg_clausedef_t view_clauses[] = { */ { "query-source", &cfg_type_querysource4, 0 }, { "query-source-v6", &cfg_type_querysource6, 0 }, - { "queryport-pool-ports", &cfg_type_uint32, CFG_CLAUSEFLAG_OBSOLETE }, - { "queryport-pool-updateinterval", &cfg_type_uint32, - CFG_CLAUSEFLAG_OBSOLETE }, + { "queryport-pool-ports", NULL, CFG_CLAUSEFLAG_ANCIENT }, + { "queryport-pool-updateinterval", NULL, CFG_CLAUSEFLAG_ANCIENT }, { "rate-limit", &cfg_type_rrl, 0 }, { "recursion", &cfg_type_boolean, 0 }, { "request-nsid", &cfg_type_boolean, 0 }, - { "request-sit", &cfg_type_boolean, CFG_CLAUSEFLAG_OBSOLETE }, + { "request-sit", NULL, CFG_CLAUSEFLAG_ANCIENT }, { "require-server-cookie", &cfg_type_boolean, 0 }, { "resolver-nonbackoff-tries", &cfg_type_uint32, 0 }, { "resolver-query-timeout", &cfg_type_uint32, 0 }, { "resolver-retry-interval", &cfg_type_uint32, 0 }, { "response-padding", &cfg_type_resppadding, 0 }, { "response-policy", &cfg_type_rpz, 0 }, - { "rfc2308-type1", &cfg_type_boolean, CFG_CLAUSEFLAG_ANCIENT }, + { "rfc2308-type1", NULL, CFG_CLAUSEFLAG_ANCIENT }, { "root-delegation-only", &cfg_type_optional_exclude, 0 }, { "root-key-sentinel", &cfg_type_boolean, 0 }, { "rrset-order", &cfg_type_rrsetorder, 0 }, @@ -2050,11 +2033,11 @@ static cfg_clausedef_t view_clauses[] = { { "suppress-initial-notify", &cfg_type_boolean, CFG_CLAUSEFLAG_OBSOLETE }, { "synth-from-dnssec", &cfg_type_boolean, 0 }, - { "topology", &cfg_type_bracketed_aml, CFG_CLAUSEFLAG_ANCIENT }, + { "topology", NULL, CFG_CLAUSEFLAG_ANCIENT }, { "transfer-format", &cfg_type_transferformat, 0 }, { "trust-anchor-telemetry", &cfg_type_boolean, CFG_CLAUSEFLAG_EXPERIMENTAL }, - { "use-queryport-pool", &cfg_type_boolean, CFG_CLAUSEFLAG_OBSOLETE }, + { "use-queryport-pool", NULL, CFG_CLAUSEFLAG_ANCIENT }, { "validate-except", &cfg_type_namelist, 0 }, { "v6-bias", &cfg_type_uint32, 0 }, { "zero-no-soa-ttl-cache", &cfg_type_boolean, 0 }, @@ -2165,14 +2148,14 @@ static cfg_clausedef_t zone_clauses[] = { CFG_ZONE_MASTER | CFG_ZONE_SLAVE }, { "key-directory", &cfg_type_qstring, CFG_ZONE_MASTER | CFG_ZONE_SLAVE }, - { "maintain-ixfr-base", &cfg_type_boolean, CFG_CLAUSEFLAG_ANCIENT }, + { "maintain-ixfr-base", NULL, CFG_CLAUSEFLAG_ANCIENT }, { "masterfile-format", &cfg_type_masterformat, CFG_ZONE_MASTER | CFG_ZONE_SLAVE | CFG_ZONE_MIRROR | CFG_ZONE_STUB | CFG_ZONE_REDIRECT }, { "masterfile-style", &cfg_type_masterstyle, CFG_ZONE_MASTER | CFG_ZONE_SLAVE | CFG_ZONE_MIRROR | CFG_ZONE_STUB | CFG_ZONE_REDIRECT }, - { "max-ixfr-log-size", &cfg_type_size, CFG_CLAUSEFLAG_ANCIENT }, + { "max-ixfr-log-size", NULL, CFG_CLAUSEFLAG_ANCIENT }, { "max-ixfr-ratio", &cfg_type_ixfrratio, CFG_ZONE_MASTER | CFG_ZONE_SLAVE | CFG_ZONE_MIRROR }, { "max-journal-size", &cfg_type_size, @@ -2272,10 +2255,10 @@ static cfg_clausedef_t zone_only_clauses[] = { CFG_ZONE_MASTER | CFG_ZONE_SLAVE | CFG_ZONE_MIRROR | CFG_ZONE_STUB | CFG_ZONE_HINT | CFG_ZONE_REDIRECT }, { "in-view", &cfg_type_astring, CFG_ZONE_INVIEW }, - { "ixfr-base", &cfg_type_qstring, CFG_CLAUSEFLAG_ANCIENT }, + { "ixfr-base", NULL, CFG_CLAUSEFLAG_ANCIENT }, { "ixfr-from-differences", &cfg_type_boolean, CFG_ZONE_MASTER | CFG_ZONE_SLAVE | CFG_ZONE_MIRROR }, - { "ixfr-tmp-file", &cfg_type_qstring, CFG_CLAUSEFLAG_ANCIENT }, + { "ixfr-tmp-file", NULL, CFG_CLAUSEFLAG_ANCIENT }, { "journal", &cfg_type_qstring, CFG_ZONE_MASTER | CFG_ZONE_SLAVE | CFG_ZONE_MIRROR }, { "masters", &cfg_type_namesockaddrkeylist, @@ -2284,7 +2267,7 @@ static cfg_clausedef_t zone_only_clauses[] = { { "primaries", &cfg_type_namesockaddrkeylist, CFG_ZONE_SLAVE | CFG_ZONE_MIRROR | CFG_ZONE_STUB | CFG_ZONE_REDIRECT }, - { "pubkey", &cfg_type_pubkey, CFG_CLAUSEFLAG_ANCIENT }, + { "pubkey", NULL, CFG_CLAUSEFLAG_ANCIENT }, { "server-addresses", &cfg_type_bracketed_netaddrlist, CFG_ZONE_STATICSTUB }, { "server-names", &cfg_type_namelist, CFG_ZONE_STATICSTUB }, @@ -2420,9 +2403,9 @@ static cfg_clausedef_t server_clauses[] = { { "request-expire", &cfg_type_boolean, 0 }, { "request-ixfr", &cfg_type_boolean, 0 }, { "request-nsid", &cfg_type_boolean, 0 }, - { "request-sit", &cfg_type_boolean, CFG_CLAUSEFLAG_OBSOLETE }, + { "request-sit", NULL, CFG_CLAUSEFLAG_ANCIENT }, { "send-cookie", &cfg_type_boolean, 0 }, - { "support-ixfr", &cfg_type_boolean, CFG_CLAUSEFLAG_OBSOLETE }, + { "support-ixfr", NULL, CFG_CLAUSEFLAG_ANCIENT }, { "tcp-keepalive", &cfg_type_boolean, 0 }, { "tcp-only", &cfg_type_boolean, 0 }, { "transfer-format", &cfg_type_transferformat, 0 }, @@ -3789,11 +3772,14 @@ cfg_print_zonegrammar(const unsigned int zonetype, unsigned int flags, for (clause = clauses; clause->name != NULL; clause++) { if (((pctx.flags & CFG_PRINTER_ACTIVEONLY) != 0) && (((clause->flags & CFG_CLAUSEFLAG_OBSOLETE) != 0) || - ((clause->flags & CFG_CLAUSEFLAG_ANCIENT) != 0) || ((clause->flags & CFG_CLAUSEFLAG_TESTONLY) != 0))) { continue; } + if ((clause->flags & CFG_CLAUSEFLAG_ANCIENT) != 0) { + continue; + } + if ((clause->flags & zonetype) == 0 || strcasecmp(clause->name, "type") == 0) { continue; diff --git a/lib/isccfg/parser.c b/lib/isccfg/parser.c index 9fd049553f7..435531f17f4 100644 --- a/lib/isccfg/parser.c +++ b/lib/isccfg/parser.c @@ -2743,11 +2743,13 @@ cfg_doc_mapbody(cfg_printer_t *pctx, const cfg_type_t *type) { for (clause = *clauseset; clause->name != NULL; clause++) { if (((pctx->flags & CFG_PRINTER_ACTIVEONLY) != 0) && (((clause->flags & CFG_CLAUSEFLAG_OBSOLETE) != 0) || - ((clause->flags & CFG_CLAUSEFLAG_ANCIENT) != 0) || ((clause->flags & CFG_CLAUSEFLAG_TESTONLY) != 0))) { continue; } + if ((clause->flags & CFG_CLAUSEFLAG_ANCIENT) != 0) { + continue; + } cfg_print_cstr(pctx, clause->name); cfg_print_cstr(pctx, " "); cfg_doc_obj(pctx, clause->type); @@ -2797,11 +2799,13 @@ cfg_doc_map(cfg_printer_t *pctx, const cfg_type_t *type) { for (clause = *clauseset; clause->name != NULL; clause++) { if (((pctx->flags & CFG_PRINTER_ACTIVEONLY) != 0) && (((clause->flags & CFG_CLAUSEFLAG_OBSOLETE) != 0) || - ((clause->flags & CFG_CLAUSEFLAG_ANCIENT) != 0) || ((clause->flags & CFG_CLAUSEFLAG_TESTONLY) != 0))) { continue; } + if ((clause->flags & CFG_CLAUSEFLAG_ANCIENT) != 0) { + continue; + } cfg_print_indent(pctx); cfg_print_cstr(pctx, clause->name); if (clause->type->print != cfg_print_void) { diff --git a/lib/ns/query.c b/lib/ns/query.c index bbaf1c91b15..ae0a7bef4b6 100644 --- a/lib/ns/query.c +++ b/lib/ns/query.c @@ -6691,7 +6691,7 @@ query_checkrrl(query_ctx_t *qctx, isc_result_t result) { /* * Handle referral to ".", including when recursion * is off or not requested and the hints have not - * been loaded or we have "additional-from-cache no". + * been loaded. */ constname = dns_rootname; resp_result = DNS_R_DELEGATION;