--- 9.9.0 released ---
+3270. [bug] "rndc reload" didn't reuse existing zones correctly
+ when inline-signing was in use. [RT #27650]
+
3269. [port] darwin 11 and later now built threaded by default.
3268. [bug] Convert RRSIG expiry times to 64 timestamps to work
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: server.c,v 1.638 2012/01/25 02:46:53 marka Exp $ */
+/* $Id: server.c,v 1.638.4.1 2012/01/31 01:11:54 each Exp $ */
/*! \file */
result = dns_view_findzone(pview, origin, &zone);
if (result != ISC_R_NOTFOUND && result != ISC_R_SUCCESS)
goto cleanup;
+
if (zone != NULL && !ns_zone_reusable(zone, zconfig))
dns_zone_detach(&zone);
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: zoneconf.c,v 1.186 2011/12/20 00:06:54 marka Exp $ */
+/* $Id: zoneconf.c,v 1.186.22.1 2012/01/31 01:11:54 each Exp $ */
/*% */
const char *zfilename;
dns_zone_t *raw = NULL;
isc_boolean_t has_raw;
+ dns_zonetype_t ztype;
zoptions = cfg_tuple_get(zconfig, "options");
- if (zonetype_fromconfig(zoptions) != dns_zone_gettype(zone))
- return (ISC_FALSE);
-
/*
* We always reconfigure a static-stub zone for simplicity, assuming
* the amount of data to be loaded is small.
*/
- if (zonetype_fromconfig(zoptions) == dns_zone_staticstub)
- return (ISC_FALSE);
-
- obj = NULL;
- (void)cfg_map_get(zoptions, "file", &obj);
- if (obj != NULL)
- cfilename = cfg_obj_asstring(obj);
- else
- cfilename = NULL;
- zfilename = dns_zone_getfile(zone);
- if (!((cfilename == NULL && zfilename == NULL) ||
- (cfilename != NULL && zfilename != NULL &&
- strcmp(cfilename, zfilename) == 0)))
+ if (zonetype_fromconfig(zoptions) == dns_zone_staticstub) {
+ dns_zone_log(zone, ISC_LOG_DEBUG(1),
+ "not reusable: staticstub");
return (ISC_FALSE);
+ }
+ /* If there's a raw zone, use that for filename and type comparison */
dns_zone_getraw(zone, &raw);
if (raw != NULL) {
+ zfilename = dns_zone_getfile(raw);
+ ztype = dns_zone_gettype(raw);
dns_zone_detach(&raw);
has_raw = ISC_TRUE;
- } else
+ } else {
+ zfilename = dns_zone_getfile(zone);
+ ztype = dns_zone_gettype(zone);
has_raw = ISC_FALSE;
+ }
obj = NULL;
(void)cfg_map_get(zoptions, "inline-signing", &obj);
- if ((obj == NULL || !cfg_obj_asboolean(obj)) && has_raw)
+ if ((obj == NULL || !cfg_obj_asboolean(obj)) && has_raw) {
+ dns_zone_log(zone, ISC_LOG_DEBUG(1),
+ "not reusable: old zone was inline-signing");
return (ISC_FALSE);
- if ((obj != NULL && cfg_obj_asboolean(obj)) && !has_raw)
+ } else if ((obj != NULL && cfg_obj_asboolean(obj)) && !has_raw) {
+ dns_zone_log(zone, ISC_LOG_DEBUG(1),
+ "not reusable: old zone was not inline-signing");
return (ISC_FALSE);
+ }
+
+ if (zonetype_fromconfig(zoptions) != ztype) {
+ dns_zone_log(zone, ISC_LOG_DEBUG(1),
+ "not reusable: type mismatch");
+ return (ISC_FALSE);
+ }
+
+ obj = NULL;
+ (void)cfg_map_get(zoptions, "file", &obj);
+ if (obj != NULL)
+ cfilename = cfg_obj_asstring(obj);
+ else
+ cfilename = NULL;
+ if (!((cfilename == NULL && zfilename == NULL) ||
+ (cfilename != NULL && zfilename != NULL &&
+ strcmp(cfilename, zfilename) == 0)))
+ {
+ dns_zone_log(zone, ISC_LOG_DEBUG(1),
+ "not reusable: filename mismatch");
+ return (ISC_FALSE);
+ }
return (ISC_TRUE);
}
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
-# $Id: tests.sh,v 1.16 2012/01/17 08:26:03 marka Exp $
+# $Id: tests.sh,v 1.16.12.1 2012/01/31 01:11:54 each Exp $
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
n=`expr $n + 1`
echo "I:check adding of record to unsigned master ($n)"
ret=0
-sleep 1
cp ns3/master2.db.in ns3/master.db
$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 reload master || ret=1
-
for i in 1 2 3 4 5 6 7 8 9
do
ans=0
sleep 1
done
[ $ans = 0 ] || ret=1
+if [ $ret != 0 ]; then echo "I:failed"; fi
+status=`expr $status + $ret`
+n=`expr $n + 1`
+echo "I:check adding record fails when SOA serial not changed ($n)"
+ret=0
+echo "c A 10.0.0.3" >> ns3/master.db
+$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 reload || ret=1
+sleep 1
+$DIG $DIGOPTS @10.53.0.3 -p 5300 c.master A > dig.out.ns3.test$n
+grep "NXDOMAIN" dig.out.ns3.test$n > /dev/null || ret=1
+if [ $ret != 0 ]; then echo "I:failed"; fi
+status=`expr $status + $ret`
+
+n=`expr $n + 1`
+echo "I:check adding record works after updating SOA serial ($n)"
+ret=0
+cp ns3/master3.db.in ns3/master.db
+$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 reload master || ret=1
+for i in 1 2 3 4 5 6 7 8 9
+do
+ ans=0
+ $DIG $DIGOPTS @10.53.0.3 -p 5300 c.master A > dig.out.ns3.test$n
+ grep "10.0.0.3" dig.out.ns3.test$n > /dev/null || ans=1
+ grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ans=1
+ [ $ans = 1 ] || break
+ sleep 1
+done
+[ $ans = 0 ] || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
+n=`expr $n + 1`
+echo "I:check rndc reload allows reuse of inline-signing zones ($n)"
+ret=0
+{ $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 reload 2>&1 || ret=1 ; } |
+sed 's/^/I:ns3 /'
+grep "not reusable" ns3/named.run > /dev/null 2>&1 && ret=1
+if [ $ret != 0 ]; then echo "I:failed"; fi
+status=`expr $status + $ret`
+
n=`expr $n + 1`
echo "I:check rndc sync removes both signed and unsigned journals ($n)"
ret=0
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: zone.c,v 1.667 2012/01/30 00:06:13 marka Exp $ */
+/* $Id: zone.c,v 1.667.2.1 2012/01/31 01:11:55 each Exp $ */
/*! \file */
}
}
- zone->loadtime = loadtime;
-
- dns_zone_log(zone, ISC_LOG_DEBUG(1), "loaded");
+ dns_zone_log(zone, ISC_LOG_DEBUG(1), "loaded; checking validity");
/*
* Master / Slave / Stub zones require both NS and SOA records at
dns_zone_log(zone, ISC_LOG_INFO, "loaded serial %u%s", serial,
dns_db_issecure(db) ? " (DNSSEC signed)" : "");
+ zone->loadtime = loadtime;
DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_LOADPENDING);
return (result);
projects / thirdparty / bind9.git / commitdiff
