]> git.ipfire.org Git - thirdparty/bind9.git/commitdiff
Parse and store new 'source[-v6]' option
authorMatthijs Mekking <matthijs@isc.org>
Tue, 22 Nov 2022 10:55:49 +0000 (11:55 +0100)
committerMatthijs Mekking <matthijs@isc.org>
Fri, 23 Dec 2022 13:36:50 +0000 (13:36 +0000)
Parse the new 'source' and 'source-v6' options and store them with
the corresponding remote servers (parental-agents, primaries, ...).

bin/named/config.c
bin/named/zoneconf.c
lib/dns/include/dns/ipkeylist.h
lib/dns/include/dns/remote.h
lib/dns/include/dns/zone.h
lib/dns/ipkeylist.c
lib/dns/remote.c
lib/dns/zone.c

index 9472495214b263cf0f0d529929d89acff67d511d..6dda56992164c49442f8913fb372d80d209d67fe 100644 (file)
@@ -599,30 +599,41 @@ isc_result_t
 named_config_getipandkeylist(const cfg_obj_t *config, const char *listtype,
                             const cfg_obj_t *list, isc_mem_t *mctx,
                             dns_ipkeylist_t *ipkl) {
-       uint32_t addrcount = 0, dscpcount = 0, keycount = 0, tlscount = 0,
-                i = 0;
-       uint32_t listcount = 0, l = 0, j;
+       uint32_t addrcount = 0, srccount = 0, dscpcount = 0;
+       uint32_t keycount = 0, tlscount = 0;
+       uint32_t listcount = 0, l = 0, i = 0;
        uint32_t stackcount = 0, pushed = 0;
        isc_result_t result;
        const cfg_listelt_t *element;
        const cfg_obj_t *addrlist;
        const cfg_obj_t *portobj;
        const cfg_obj_t *dscpobj;
+       const cfg_obj_t *src4obj;
+       const cfg_obj_t *src6obj;
        in_port_t port = (in_port_t)0;
        in_port_t def_port;
        in_port_t def_tlsport;
+       isc_sockaddr_t src4;
+       isc_sockaddr_t src6;
        isc_dscp_t dscp = -1;
        isc_sockaddr_t *addrs = NULL;
+       isc_sockaddr_t *sources = NULL;
        isc_dscp_t *dscps = NULL;
        dns_name_t **keys = NULL;
        dns_name_t **tlss = NULL;
        struct {
                const char *name;
+               in_port_t port;
+               isc_dscp_t dscp;
+               isc_sockaddr_t *src4s;
+               isc_sockaddr_t *src6s;
        } *lists = NULL;
        struct {
                const cfg_listelt_t *element;
                in_port_t port;
                isc_dscp_t dscp;
+               isc_sockaddr_t src4;
+               isc_sockaddr_t src6;
        } *stack = NULL;
 
        REQUIRE(ipkl != NULL);
@@ -656,6 +667,8 @@ newlist:
        addrlist = cfg_tuple_get(list, "addresses");
        portobj = cfg_tuple_get(list, "port");
        dscpobj = cfg_tuple_get(list, "dscp");
+       src4obj = cfg_tuple_get(list, "source");
+       src6obj = cfg_tuple_get(list, "source-v6");
 
        if (cfg_obj_isuint32(portobj)) {
                uint32_t val = cfg_obj_asuint32(portobj);
@@ -679,6 +692,18 @@ newlist:
                dscp = (isc_dscp_t)cfg_obj_asuint32(dscpobj);
        }
 
+       if (src4obj != NULL && cfg_obj_issockaddr(src4obj)) {
+               src4 = *cfg_obj_assockaddr(src4obj);
+       } else {
+               isc_sockaddr_any(&src4);
+       }
+
+       if (src6obj != NULL && cfg_obj_issockaddr(src6obj)) {
+               src6 = *cfg_obj_assockaddr(src6obj);
+       } else {
+               isc_sockaddr_any6(&src6);
+       }
+
        result = ISC_R_NOMEMORY;
 
        element = cfg_list_first(addrlist);
@@ -696,6 +721,7 @@ resume:
                if (!cfg_obj_issockaddr(addr)) {
                        const char *listname = cfg_obj_asstring(addr);
                        isc_result_t tresult;
+                       uint32_t j;
 
                        /* Grow lists? */
                        grow_array(mctx, lists, l, listcount);
@@ -733,6 +759,8 @@ resume:
                        stack[pushed].element = cfg_list_next(element);
                        stack[pushed].port = port;
                        stack[pushed].dscp = dscp;
+                       stack[pushed].src4 = src4;
+                       stack[pushed].src6 = src6;
                        pushed++;
                        goto newlist;
                }
@@ -741,6 +769,7 @@ resume:
                grow_array(mctx, dscps, i, dscpcount);
                grow_array(mctx, keys, i, keycount);
                grow_array(mctx, tlss, i, tlscount);
+               grow_array(mctx, sources, i, srccount);
 
                addrs[i] = *cfg_obj_assockaddr(addr);
                dscps[i] = cfg_obj_getdscp(addr);
@@ -778,6 +807,20 @@ resume:
                        isc_sockaddr_setport(&addrs[i], addr_port);
                }
 
+               switch (isc_sockaddr_pf(&addrs[i])) {
+               case PF_INET:
+                       sources[i] = src4;
+                       break;
+               case PF_INET6:
+                       sources[i] = src6;
+                       break;
+               default:
+                       i++; /* Increment here so that cleanup on error works.
+                             */
+                       result = ISC_R_NOTIMPLEMENTED;
+                       goto cleanup;
+               }
+
                i++;
        }
        if (pushed != 0) {
@@ -785,6 +828,8 @@ resume:
                element = stack[pushed].element;
                port = stack[pushed].port;
                dscp = stack[pushed].dscp;
+               src4 = stack[pushed].src4;
+               src6 = stack[pushed].src6;
                goto resume;
        }
 
@@ -792,6 +837,7 @@ resume:
        shrink_array(mctx, dscps, i, dscpcount);
        shrink_array(mctx, keys, i, keycount);
        shrink_array(mctx, tlss, i, tlscount);
+       shrink_array(mctx, sources, i, srccount);
 
        if (lists != NULL) {
                isc_mem_put(mctx, lists, listcount * sizeof(lists[0]));
@@ -803,12 +849,14 @@ resume:
        INSIST(dscpcount == addrcount);
        INSIST(keycount == addrcount);
        INSIST(tlscount == addrcount);
+       INSIST(srccount == addrcount);
        INSIST(keycount == dscpcount);
 
        ipkl->addrs = addrs;
        ipkl->dscps = dscps;
        ipkl->keys = keys;
        ipkl->tlss = tlss;
+       ipkl->sources = sources;
        ipkl->count = addrcount;
        ipkl->allocated = addrcount;
 
@@ -822,7 +870,7 @@ cleanup:
                isc_mem_put(mctx, dscps, dscpcount * sizeof(dscps[0]));
        }
        if (keys != NULL) {
-               for (j = 0; j < i; j++) {
+               for (size_t j = 0; j < i; j++) {
                        if (keys[j] == NULL) {
                                continue;
                        }
@@ -834,7 +882,7 @@ cleanup:
                isc_mem_put(mctx, keys, keycount * sizeof(keys[0]));
        }
        if (tlss != NULL) {
-               for (j = 0; j < i; j++) {
+               for (size_t j = 0; j < i; j++) {
                        if (tlss[j] == NULL) {
                                continue;
                        }
@@ -845,6 +893,9 @@ cleanup:
                }
                isc_mem_put(mctx, tlss, tlscount * sizeof(tlss[0]));
        }
+       if (sources != NULL) {
+               isc_mem_put(mctx, sources, srccount * sizeof(sources[0]));
+       }
        if (lists != NULL) {
                isc_mem_put(mctx, lists, listcount * sizeof(lists[0]));
        }
index 795db7bf6eb6c8e4ad586c989da44af63c313071..af017f3198dbbaa8deb8216fabdb187273033340 100644 (file)
@@ -1268,12 +1268,13 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
 
                        RETERR(named_config_getipandkeylist(config, "primaries",
                                                            obj, mctx, &ipkl));
-                       dns_zone_setalsonotify(zone, ipkl.addrs, ipkl.dscps,
-                                              ipkl.keys, ipkl.tlss,
+                       dns_zone_setalsonotify(zone, ipkl.addrs, ipkl.sources,
+                                              ipkl.dscps, ipkl.keys, ipkl.tlss,
                                               ipkl.count);
                        dns_ipkeylist_clear(mctx, &ipkl);
                } else {
-                       dns_zone_setalsonotify(zone, NULL, NULL, NULL, NULL, 0);
+                       dns_zone_setalsonotify(zone, NULL, NULL, NULL, NULL,
+                                              NULL, 0);
                }
 
                obj = NULL;
@@ -1722,11 +1723,11 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
                        dns_ipkeylist_init(&ipkl);
                        RETERR(named_config_getipandkeylist(
                                config, "parental-agents", obj, mctx, &ipkl));
-                       dns_zone_setparentals(zone, ipkl.addrs, ipkl.keys,
-                                             ipkl.tlss, ipkl.count);
+                       dns_zone_setparentals(zone, ipkl.addrs, ipkl.sources,
+                                             ipkl.keys, ipkl.tlss, ipkl.count);
                        dns_ipkeylist_clear(mctx, &ipkl);
                } else {
-                       dns_zone_setparentals(zone, NULL, NULL, NULL, 0);
+                       dns_zone_setparentals(zone, NULL, NULL, NULL, NULL, 0);
                }
        }
 
@@ -1890,12 +1891,14 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
 
                        RETERR(named_config_getipandkeylist(config, "primaries",
                                                            obj, mctx, &ipkl));
-                       dns_zone_setprimaries(mayberaw, ipkl.addrs, ipkl.keys,
+                       dns_zone_setprimaries(mayberaw, ipkl.addrs,
+                                             ipkl.sources, ipkl.keys,
                                              ipkl.tlss, ipkl.count);
                        count = ipkl.count;
                        dns_ipkeylist_clear(mctx, &ipkl);
                } else {
-                       dns_zone_setprimaries(mayberaw, NULL, NULL, NULL, 0);
+                       dns_zone_setprimaries(mayberaw, NULL, NULL, NULL, NULL,
+                                             0);
                }
 
                multi = false;
index 5a87cdb11aa709c47a69a5df57e9101b33347219..e74f293fe83a9b6cb63e10d6b5b1bc91dd2259e7 100644 (file)
@@ -26,6 +26,7 @@
 struct dns_ipkeylist {
        isc_sockaddr_t *addrs;
        isc_dscp_t     *dscps;
+       isc_sockaddr_t *sources;
        dns_name_t    **keys;
        dns_name_t    **tlss;
        dns_name_t    **labels;
index 3c25e155ad86f9db9479bcf90cf4e56977a3b942..47115b80ef2ac0f62c26abd0045a198c2d2aff99 100644 (file)
@@ -32,6 +32,7 @@ struct dns_remote {
        unsigned int    magic;
        isc_mem_t      *mctx;
        isc_sockaddr_t *addresses;
+       isc_sockaddr_t *sources;
        isc_dscp_t     *dscps;
        dns_name_t    **keynames;
        dns_name_t    **tlsnames;
@@ -49,6 +50,15 @@ dns_remote_addresses(dns_remote_t *remote);
  *             'remote' is a valid remote structure.
  */
 
+isc_sockaddr_t *
+dns_remote_sources(dns_remote_t *remote);
+/*%<
+ *     Return the source addresses to be used for the remote server.
+ *
+ *     Requires:
+ *             'remote' is a valid remote structure.
+ */
+
 unsigned int
 dns_remote_count(dns_remote_t *remote);
 /*%<
@@ -78,15 +88,16 @@ dns_remote_tlsnames(dns_remote_t *remote);
 
 void
 dns_remote_init(dns_remote_t *remote, unsigned int count,
-               const isc_sockaddr_t *addrs, const isc_dscp_t *dscp,
-               dns_name_t **keynames, dns_name_t **tlsnames, bool mark,
-               isc_mem_t *mctx);
+               const isc_sockaddr_t *addrs, const isc_sockaddr_t *srcs,
+               const isc_dscp_t *dscp, dns_name_t **keynames,
+               dns_name_t **tlsnames, bool mark, isc_mem_t *mctx);
 
 /*%<
  *     Initialize a remote server. Set the provided addresses (addrs),
- *     dscp's (dscp), key names (keynames) and tls names (tlsnames). Use the
- *     provided memory context (mctx) for allocations. If 'mark' is 'true',
- *     set up a list of boolean values to mark the server bad or good.
+ *     source addresses (srcs), dscp's (dscp), key names (keynames) and
+ *     tls names (tlsnames). Use the provided memory context (mctx) for
+ *     allocations. If 'mark' is 'true', set up a list of boolean values to
+ *     mark the server bad or good.
  *
  *     Requires:
  *             'remote' is a valid remote structure.
@@ -146,6 +157,16 @@ dns_remote_curraddr(dns_remote_t *remote);
  *             'remote->addresses' is not NULL.
  */
 
+isc_sockaddr_t
+dns_remote_sourceaddr(dns_remote_t *remote);
+/*%<
+ *     Return the current source address.
+ *
+ *     Requires:
+ *             'remote' is a valid remote structure.
+ *             'remote->sources' is not NULL.
+ */
+
 isc_sockaddr_t
 dns_remote_addr(dns_remote_t *remote, unsigned int i);
 /*%<
index d077806e071762c639492c0ba1887cf25336109d..bbbf84d7e15481a2d1c8589678c3332f8d73c26d 100644 (file)
@@ -635,8 +635,8 @@ dns_zone_dumptostream(dns_zone_t *zone, FILE *fd, dns_masterformat_t format,
 
 void
 dns_zone_setprimaries(dns_zone_t *zone, isc_sockaddr_t *addresses,
-                     dns_name_t **keynames, dns_name_t **tlsnames,
-                     uint32_t count);
+                     isc_sockaddr_t *sources, dns_name_t **keynames,
+                     dns_name_t **tlsnames, uint32_t count);
 /*%<
  *     Set the list of primary servers for the zone.
  *
@@ -656,8 +656,8 @@ dns_zone_setprimaries(dns_zone_t *zone, isc_sockaddr_t *addresses,
 
 void
 dns_zone_setparentals(dns_zone_t *zone, isc_sockaddr_t *addresses,
-                     dns_name_t **keynames, dns_name_t **tlsnames,
-                     uint32_t count);
+                     isc_sockaddr_t *sources, dns_name_t **keynames,
+                     dns_name_t **tlsnames, uint32_t count);
 /*%<
  *     Set the list of parental agents for the zone.
  *
@@ -677,8 +677,9 @@ dns_zone_setparentals(dns_zone_t *zone, isc_sockaddr_t *addresses,
 
 void
 dns_zone_setalsonotify(dns_zone_t *zone, isc_sockaddr_t *addresses,
-                      isc_dscp_t *dscps, dns_name_t **keynames,
-                      dns_name_t **tlsnames, uint32_t count);
+                      isc_sockaddr_t *sources, isc_dscp_t *dscps,
+                      dns_name_t **keynames, dns_name_t **tlsnames,
+                      uint32_t count);
 /*%<
  *     Set the list of additional servers to be notified when
  *     a zone changes.  To clear the list use 'count = 0'.
index f773c1b616f7409f24c3bf5a56c4edfe638654c5..b12656b3189c179342e4b75e54d7a5ec1ad84cb8 100644 (file)
@@ -26,6 +26,7 @@ dns_ipkeylist_init(dns_ipkeylist_t *ipkl) {
        ipkl->count = 0;
        ipkl->allocated = 0;
        ipkl->addrs = NULL;
+       ipkl->sources = NULL;
        ipkl->dscps = NULL;
        ipkl->keys = NULL;
        ipkl->tlss = NULL;
@@ -47,11 +48,21 @@ dns_ipkeylist_clear(isc_mem_t *mctx, dns_ipkeylist_t *ipkl) {
                            ipkl->allocated * sizeof(isc_sockaddr_t));
        }
 
+       if (ipkl->sources != NULL) {
+               isc_mem_put(mctx, ipkl->sources,
+                           ipkl->allocated * sizeof(isc_sockaddr_t));
+       }
+
        if (ipkl->dscps != NULL) {
                isc_mem_put(mctx, ipkl->dscps,
                            ipkl->allocated * sizeof(isc_dscp_t));
        }
 
+       if (ipkl->addrs != NULL) {
+               isc_mem_put(mctx, ipkl->addrs,
+                           ipkl->allocated * sizeof(isc_sockaddr_t));
+       }
+
        if (ipkl->keys != NULL) {
                for (i = 0; i < ipkl->allocated; i++) {
                        if (ipkl->keys[i] == NULL) {
@@ -118,6 +129,11 @@ dns_ipkeylist_copy(isc_mem_t *mctx, const dns_ipkeylist_t *src,
 
        memmove(dst->addrs, src->addrs, src->count * sizeof(isc_sockaddr_t));
 
+       if (src->sources != NULL) {
+               memmove(dst->sources, src->sources,
+                       src->count * sizeof(isc_sockaddr_t));
+       }
+
        if (src->dscps != NULL) {
                memmove(dst->dscps, src->dscps,
                        src->count * sizeof(isc_dscp_t));
@@ -169,6 +185,7 @@ dns_ipkeylist_copy(isc_mem_t *mctx, const dns_ipkeylist_t *src,
 isc_result_t
 dns_ipkeylist_resize(isc_mem_t *mctx, dns_ipkeylist_t *ipkl, unsigned int n) {
        isc_sockaddr_t *addrs = NULL;
+       isc_sockaddr_t *sources = NULL;
        isc_dscp_t *dscps = NULL;
        dns_name_t **keys = NULL;
        dns_name_t **tlss = NULL;
@@ -182,6 +199,7 @@ dns_ipkeylist_resize(isc_mem_t *mctx, dns_ipkeylist_t *ipkl, unsigned int n) {
        }
 
        addrs = isc_mem_get(mctx, n * sizeof(isc_sockaddr_t));
+       sources = isc_mem_get(mctx, n * sizeof(isc_sockaddr_t));
        dscps = isc_mem_get(mctx, n * sizeof(isc_dscp_t));
        keys = isc_mem_get(mctx, n * sizeof(dns_name_t *));
        tlss = isc_mem_get(mctx, n * sizeof(dns_name_t *));
@@ -197,6 +215,16 @@ dns_ipkeylist_resize(isc_mem_t *mctx, dns_ipkeylist_t *ipkl, unsigned int n) {
        memset(&ipkl->addrs[ipkl->allocated], 0,
               (n - ipkl->allocated) * sizeof(isc_sockaddr_t));
 
+       if (ipkl->sources != NULL) {
+               memmove(sources, ipkl->sources,
+                       ipkl->allocated * sizeof(isc_sockaddr_t));
+               isc_mem_put(mctx, ipkl->sources,
+                           ipkl->allocated * sizeof(isc_sockaddr_t));
+       }
+       ipkl->sources = sources;
+       memset(&ipkl->sources[ipkl->allocated], 0,
+              (n - ipkl->allocated) * sizeof(isc_sockaddr_t));
+
        if (ipkl->dscps != NULL) {
                memmove(dscps, ipkl->dscps,
                        ipkl->allocated * sizeof(isc_dscp_t));
@@ -241,6 +269,7 @@ dns_ipkeylist_resize(isc_mem_t *mctx, dns_ipkeylist_t *ipkl, unsigned int n) {
        return (ISC_R_SUCCESS);
 
        isc_mem_put(mctx, addrs, n * sizeof(isc_sockaddr_t));
+       isc_mem_put(mctx, sources, n * sizeof(isc_sockaddr_t));
        isc_mem_put(mctx, dscps, n * sizeof(isc_dscp_t));
        isc_mem_put(mctx, tlss, n * sizeof(dns_name_t *));
        isc_mem_put(mctx, keys, n * sizeof(dns_name_t *));
index 15b311743f111300806e31ba391e9b9941e149d4..87974d885c15e4a34c111f45fe216b8cf2cc0ca2 100644 (file)
@@ -31,6 +31,12 @@ dns_remote_addresses(dns_remote_t *remote) {
        return (remote->addresses);
 }
 
+isc_sockaddr_t *
+dns_remote_sources(dns_remote_t *remote) {
+       REQUIRE(DNS_REMOTE_VALID(remote));
+       return (remote->sources);
+}
+
 unsigned int
 dns_remote_count(dns_remote_t *remote) {
        REQUIRE(DNS_REMOTE_VALID(remote));
@@ -51,9 +57,9 @@ dns_remote_tlsnames(dns_remote_t *remote) {
 
 void
 dns_remote_init(dns_remote_t *remote, unsigned int count,
-               const isc_sockaddr_t *addrs, const isc_dscp_t *dscp,
-               dns_name_t **keynames, dns_name_t **tlsnames, bool mark,
-               isc_mem_t *mctx) {
+               const isc_sockaddr_t *addrs, const isc_sockaddr_t *srcs,
+               const isc_dscp_t *dscp, dns_name_t **keynames,
+               dns_name_t **tlsnames, bool mark, isc_mem_t *mctx) {
        unsigned int i;
 
        REQUIRE(DNS_REMOTE_VALID(remote));
@@ -74,6 +80,14 @@ dns_remote_init(dns_remote_t *remote, unsigned int count,
                remote->addresses = NULL;
        }
 
+       if (srcs != NULL) {
+               remote->sources = isc_mem_get(mctx,
+                                             count * sizeof(isc_sockaddr_t));
+               memmove(remote->sources, srcs, count * sizeof(isc_sockaddr_t));
+       } else {
+               remote->sources = NULL;
+       }
+
        if (dscp != NULL) {
                remote->dscps = isc_mem_get(mctx, count * sizeof(isc_dscp_t));
                memmove(remote->dscps, dscp, count * sizeof(isc_dscp_t));
@@ -219,6 +233,12 @@ dns_remote_clear(dns_remote_t *remote) {
                remote->addresses = NULL;
        }
 
+       if (remote->sources != NULL) {
+               isc_mem_put(mctx, remote->sources,
+                           count * sizeof(isc_sockaddr_t));
+               remote->sources = NULL;
+       }
+
        if (remote->dscps != NULL) {
                isc_mem_put(mctx, remote->dscps, count * sizeof(isc_dscp_t));
                remote->dscps = NULL;
@@ -316,6 +336,15 @@ dns_remote_addr(dns_remote_t *remote, unsigned int i) {
        return (remote->addresses[i]);
 }
 
+isc_sockaddr_t
+dns_remote_sourceaddr(dns_remote_t *remote) {
+       REQUIRE(DNS_REMOTE_VALID(remote));
+       REQUIRE(remote->sources != NULL);
+       REQUIRE(remote->curraddr < remote->addrcnt);
+
+       return (remote->sources[remote->curraddr]);
+}
+
 isc_dscp_t
 dns_remote_dscp(dns_remote_t *remote) {
        REQUIRE(DNS_REMOTE_VALID(remote));
index 898c1b2673b50fc8c095288182ba46f4d5cae20c..bd2baf489a8644fc88468b9f0ef09bfd447a78a4 100644 (file)
@@ -6260,8 +6260,9 @@ dns_zone_getnotifysrc6dscp(dns_zone_t *zone) {
 
 void
 dns_zone_setalsonotify(dns_zone_t *zone, isc_sockaddr_t *addresses,
-                      isc_dscp_t *dscps, dns_name_t **keynames,
-                      dns_name_t **tlsnames, uint32_t count) {
+                      isc_sockaddr_t *sources, isc_dscp_t *dscps,
+                      dns_name_t **keynames, dns_name_t **tlsnames,
+                      uint32_t count) {
        dns_remote_t remote;
 
        REQUIRE(DNS_ZONE_VALID(zone));
@@ -6270,6 +6271,7 @@ dns_zone_setalsonotify(dns_zone_t *zone, isc_sockaddr_t *addresses,
 
        remote.magic = DNS_REMOTE_MAGIC;
        remote.addresses = addresses;
+       remote.sources = sources;
        remote.dscps = dscps;
        remote.keynames = keynames;
        remote.tlsnames = tlsnames;
@@ -6291,8 +6293,8 @@ dns_zone_setalsonotify(dns_zone_t *zone, isc_sockaddr_t *addresses,
        /*
         * Now set up the notify address and key lists.
         */
-       dns_remote_init(&zone->notify, count, addresses, dscps, keynames,
-                       tlsnames, true, zone->mctx);
+       dns_remote_init(&zone->notify, count, addresses, sources, dscps,
+                       keynames, tlsnames, true, zone->mctx);
 
 unlock:
        UNLOCK_ZONE(zone);
@@ -6300,8 +6302,8 @@ unlock:
 
 void
 dns_zone_setprimaries(dns_zone_t *zone, isc_sockaddr_t *addresses,
-                     dns_name_t **keynames, dns_name_t **tlsnames,
-                     uint32_t count) {
+                     isc_sockaddr_t *sources, dns_name_t **keynames,
+                     dns_name_t **tlsnames, uint32_t count) {
        dns_remote_t remote;
 
        REQUIRE(DNS_ZONE_VALID(zone));
@@ -6310,6 +6312,7 @@ dns_zone_setprimaries(dns_zone_t *zone, isc_sockaddr_t *addresses,
 
        remote.magic = DNS_REMOTE_MAGIC;
        remote.addresses = addresses;
+       remote.sources = sources;
        remote.dscps = NULL;
        remote.keynames = keynames;
        remote.tlsnames = tlsnames;
@@ -6341,8 +6344,8 @@ dns_zone_setprimaries(dns_zone_t *zone, isc_sockaddr_t *addresses,
        /*
         * Now set up the primaries and primary key lists.
         */
-       dns_remote_init(&zone->primaries, count, addresses, NULL, keynames,
-                       tlsnames, true, zone->mctx);
+       dns_remote_init(&zone->primaries, count, addresses, sources, NULL,
+                       keynames, tlsnames, true, zone->mctx);
 
        DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_NOPRIMARIES);
 
@@ -6352,8 +6355,8 @@ unlock:
 
 void
 dns_zone_setparentals(dns_zone_t *zone, isc_sockaddr_t *addresses,
-                     dns_name_t **keynames, dns_name_t **tlsnames,
-                     uint32_t count) {
+                     isc_sockaddr_t *sources, dns_name_t **keynames,
+                     dns_name_t **tlsnames, uint32_t count) {
        dns_remote_t remote;
 
        REQUIRE(DNS_ZONE_VALID(zone));
@@ -6362,6 +6365,7 @@ dns_zone_setparentals(dns_zone_t *zone, isc_sockaddr_t *addresses,
 
        remote.magic = DNS_REMOTE_MAGIC;
        remote.addresses = addresses;
+       remote.sources = sources;
        remote.dscps = NULL;
        remote.keynames = keynames;
        remote.tlsnames = tlsnames;
@@ -6383,8 +6387,8 @@ dns_zone_setparentals(dns_zone_t *zone, isc_sockaddr_t *addresses,
        /*
         * Now set up the parentals and parental key lists.
         */
-       dns_remote_init(&zone->parentals, count, addresses, NULL, keynames,
-                       tlsnames, true, zone->mctx);
+       dns_remote_init(&zone->parentals, count, addresses, sources, NULL,
+                       keynames, tlsnames, true, zone->mctx);
 
        dns_zone_log(zone, ISC_LOG_NOTICE, "checkds: set %u parentals", count);