}
static bool
-get_maps(const cfg_obj_t **maps, const char *name, const cfg_obj_t **obj) {
+get_maps(const cfg_obj_t **maps, enum cfg_clause name, const cfg_obj_t **obj) {
int i;
for (i = 0;; i++) {
if (maps[i] == NULL) {
}
obj = NULL;
- if (get_maps(maps, "check-dup-records", &obj)) {
+ if (get_maps(maps, CFG_CLAUSE_CHECK_DUP_RECORDS, &obj)) {
if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
zone_options |= DNS_ZONEOPT_CHECKDUPRR;
zone_options &= ~DNS_ZONEOPT_CHECKDUPRRFAIL;
}
obj = NULL;
- if (get_maps(maps, "check-mx", &obj)) {
+ if (get_maps(maps, CFG_CLAUSE_CHECK_MX, &obj)) {
if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
zone_options |= DNS_ZONEOPT_CHECKMX;
zone_options &= ~DNS_ZONEOPT_CHECKMXFAIL;
}
obj = NULL;
- if (get_maps(maps, "check-integrity", &obj)) {
+ if (get_maps(maps, CFG_CLAUSE_CHECK_INTEGRITY, &obj)) {
if (cfg_obj_asboolean(obj)) {
zone_options |= DNS_ZONEOPT_CHECKINTEGRITY;
} else {
}
obj = NULL;
- if (get_maps(maps, "check-mx-cname", &obj)) {
+ if (get_maps(maps, CFG_CLAUSE_CHECK_MX_CNAME, &obj)) {
if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
zone_options |= DNS_ZONEOPT_WARNMXCNAME;
zone_options &= ~DNS_ZONEOPT_IGNOREMXCNAME;
}
obj = NULL;
- if (get_maps(maps, "check-srv-cname", &obj)) {
+ if (get_maps(maps, CFG_CLAUSE_CHECK_SRV_CNAME, &obj)) {
if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
zone_options |= DNS_ZONEOPT_WARNSRVCNAME;
zone_options &= ~DNS_ZONEOPT_IGNORESRVCNAME;
}
obj = NULL;
- if (get_maps(maps, "check-sibling", &obj)) {
+ if (get_maps(maps, CFG_CLAUSE_CHECK_SIBLING, &obj)) {
if (cfg_obj_asboolean(obj)) {
zone_options |= DNS_ZONEOPT_CHECKSIBLING;
} else {
}
obj = NULL;
- if (get_maps(maps, "check-spf", &obj)) {
+ if (get_maps(maps, CFG_CLAUSE_CHECK_SPF, &obj)) {
if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
zone_options |= DNS_ZONEOPT_CHECKSPF;
} else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
}
obj = NULL;
- if (get_maps(maps, "check-svcb", &obj)) {
+ if (get_maps(maps, CFG_CLAUSE_CHECK_SVCB, &obj)) {
if (cfg_obj_asboolean(obj)) {
zone_options |= DNS_ZONEOPT_CHECKSVCB;
} else {
}
obj = NULL;
- if (get_maps(maps, "check-wildcard", &obj)) {
+ if (get_maps(maps, CFG_CLAUSE_CHECK_WILDCARD, &obj)) {
if (cfg_obj_asboolean(obj)) {
zone_options |= DNS_ZONEOPT_CHECKWILDCARD;
} else {
masterformat = dns_masterformat_text;
fmtobj = NULL;
- if (get_maps(maps, "masterfile-format", &fmtobj)) {
+ if (get_maps(maps, CFG_CLAUSE_MASTERFILE_FORMAT, &fmtobj)) {
const char *masterformatstr = cfg_obj_asstring(fmtobj);
if (strcasecmp(masterformatstr, "text") == 0) {
masterformat = dns_masterformat_text;
}
obj = NULL;
- if (get_maps(maps, "max-zone-ttl", &obj)) {
+ if (get_maps(maps, CFG_CLAUSE_MAX_ZONE_TTL, &obj)) {
maxttl = cfg_obj_asduration(obj);
zone_options |= DNS_ZONEOPT_CHECKTTL;
}
}
isc_result_t
-named_config_get(cfg_obj_t const *const *maps, const char *name,
+named_config_get(cfg_obj_t const *const *maps, enum cfg_clause name,
const cfg_obj_t **obj) {
int i;
isc_result_t
named_config_findopt(const cfg_obj_t *opts1, const cfg_obj_t *opts2,
- const char *name, const cfg_obj_t **objp) {
+ enum cfg_clause name, const cfg_obj_t **objp) {
isc_result_t result = ISC_R_NOTFOUND;
REQUIRE(*objp == NULL);
}
isc_result_t
-named_config_getremotesdef(const cfg_obj_t *cctx, const char *list,
+named_config_getremotesdef(const cfg_obj_t *cctx, enum cfg_clause list,
const char *name, const cfg_obj_t **ret) {
const cfg_obj_t *obj = NULL;
oldlen = newlen; \
}
-static const char *remotesnames[4] = { "remote-servers", "parental-agents",
- "primaries", "masters" };
+static const enum cfg_clause remotesnames[4] = {
+ CFG_CLAUSE_REMOTE_SERVERS, CFG_CLAUSE_PARENTAL_AGENTS,
+ CFG_CLAUSE_PRIMARIES, CFG_CLAUSE_MASTERS
+};
typedef struct {
isc_sockaddr_t *addrs;
/*
* Get system defaults.
*/
- CHECK(named_config_getport(config, "port", &def_port));
+ CHECK(named_config_getport(config, CFG_CLAUSE_PORT, &def_port));
- CHECK(named_config_getport(config, "tls-port", &def_tlsport));
+ CHECK(named_config_getport(config, CFG_CLAUSE_TLS_PORT, &def_tlsport));
/*
* Process the (nested) list(s).
}
isc_result_t
-named_config_getport(const cfg_obj_t *config, const char *type,
+named_config_getport(const cfg_obj_t *config, enum cfg_clause type,
in_port_t *portp) {
const cfg_obj_t *maps[3];
const cfg_obj_t *options = NULL;
#include <dns/types.h>
#include <dns/zone.h>
+#include <isccfg/clause.h>
#include <isccfg/cfg.h>
isc_result_t
named_config_parsefile(cfg_obj_t **conf);
isc_result_t
-named_config_get(cfg_obj_t const *const *maps, const char *name,
+named_config_get(cfg_obj_t const *const *maps, enum cfg_clause name,
const cfg_obj_t **obj);
isc_result_t
named_config_getzonetype(const cfg_obj_t *zonetypeobj);
isc_result_t
-named_config_getremotesdef(const cfg_obj_t *cctx, const char *list,
+named_config_getremotesdef(const cfg_obj_t *cctx, enum cfg_clause list,
const char *name, const cfg_obj_t **ret);
isc_result_t
isc_mem_t *mctx, dns_ipkeylist_t *ipkl);
isc_result_t
-named_config_getport(const cfg_obj_t *config, const char *type,
+named_config_getport(const cfg_obj_t *config, enum cfg_clause type,
in_port_t *portp);
isc_result_t
isc_result_t
named_config_findopt(const cfg_obj_t *opts1, const cfg_obj_t *opts2,
- const char *name, const cfg_obj_t **objp);
+ enum cfg_clause name, const cfg_obj_t **objp);
isc_result_t
named_config_effective(cfg_obj_t **effective, const cfg_obj_t *defaults,
cfg_aclconfctx_t *aclctx, dns_kasplist_t *kasplist);
static const cfg_obj_t *
-find_maplist(const cfg_obj_t *config, const char *listname, const char *name);
+find_maplist(const cfg_obj_t *config, enum cfg_clause listname,
+ const char *name);
static isc_result_t
add_keydata_zone(dns_view_t *view, const char *directory, isc_mem_t *mctx);
*/
static isc_result_t
configure_view_acl(const cfg_obj_t *vconfig, const cfg_obj_t *config,
- const char *aclname, const char *acltuplename,
+ enum cfg_clause aclname, const char *acltuplename,
cfg_aclconfctx_t *aclctx, isc_mem_t *mctx,
dns_acl_t **aclp) {
isc_result_t result;
static isc_result_t
configure_view_nametable(const cfg_obj_t *vconfig, const cfg_obj_t *config,
- const char *confname, const char *conftuplename,
+ enum cfg_clause confname, const char *conftuplename,
isc_mem_t *mctx, dns_nametree_t **ntp) {
isc_result_t result = ISC_R_SUCCESS;
const cfg_obj_t *maps[3];
if (*ntp != NULL) {
dns_nametree_detach(ntp);
}
- dns_nametree_create(mctx, DNS_NAMETREE_BOOL, confname, ntp);
+ dns_nametree_create(mctx, DNS_NAMETREE_BOOL,
+ cfg_clause_as_string[confname], ntp);
if (vconfig != NULL) {
maps[i++] = cfg_tuple_get(vconfig, "options");
* Add key zone for managed keys.
*/
obj = NULL;
- (void)named_config_get(maps, "managed-keys-directory", &obj);
+ (void)named_config_get(maps, CFG_CLAUSE_MANAGED_KEYS_DIRECTORY, &obj);
directory = (obj != NULL ? cfg_obj_asstring(obj) : NULL);
if (directory != NULL) {
result = isc_file_isdirectory(directory);
switch (af) {
case AF_INET:
- result = named_config_get(maps, "query-source", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_QUERY_SOURCE, &obj);
INSIST(result == ISC_R_SUCCESS);
break;
case AF_INET6:
- result = named_config_get(maps, "query-source-v6", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_QUERY_SOURCE_V6, &obj);
INSIST(result == ISC_R_SUCCESS);
break;
default:
} \
} while (0)
-#define CHECK_RRL_RATE(rate, def, max_rate, name) \
- do { \
- obj = NULL; \
- rrl->rate.str = name; \
- result = cfg_map_get(map, name, &obj); \
- if (result == ISC_R_SUCCESS) { \
- rrl->rate.r = cfg_obj_asuint32(obj); \
- CHECK_RRL(rrl->rate.r <= max_rate, name " %d > %d", \
- rrl->rate.r, max_rate); \
- } else { \
- rrl->rate.r = def; \
- } \
- rrl->rate.scaled = rrl->rate.r; \
+#define CHECK_RRL_RATE(rate, def, max_rate, name) \
+ do { \
+ obj = NULL; \
+ rrl->rate.str = cfg_clause_as_string[name]; \
+ result = cfg_map_get(map, name, &obj); \
+ if (result == ISC_R_SUCCESS) { \
+ rrl->rate.r = cfg_obj_asuint32(obj); \
+ if (!(rrl->rate.r <= max_rate)) { \
+ cfg_obj_log(obj, ISC_LOG_ERROR, \
+ "%s %d > %d", \
+ cfg_clause_as_string[name], \
+ rrl->rate.r, max_rate); \
+ result = ISC_R_RANGE; \
+ goto cleanup; \
+ } \
+ } else { \
+ rrl->rate.r = def; \
+ } \
+ rrl->rate.scaled = rrl->rate.r; \
} while (0)
static isc_result_t
rrl->max_entries = i;
CHECK_RRL_RATE(responses_per_second, 0, DNS_RRL_MAX_RATE,
- "responses-per-second");
+ CFG_CLAUSE_RESPONSES_PER_SECOND);
CHECK_RRL_RATE(referrals_per_second, rrl->responses_per_second.r,
- DNS_RRL_MAX_RATE, "referrals-per-second");
+ DNS_RRL_MAX_RATE, CFG_CLAUSE_REFERRALS_PER_SECOND);
CHECK_RRL_RATE(nodata_per_second, rrl->responses_per_second.r,
- DNS_RRL_MAX_RATE, "nodata-per-second");
+ DNS_RRL_MAX_RATE, CFG_CLAUSE_NODATA_PER_SECOND);
CHECK_RRL_RATE(nxdomains_per_second, rrl->responses_per_second.r,
- DNS_RRL_MAX_RATE, "nxdomains-per-second");
+ DNS_RRL_MAX_RATE, CFG_CLAUSE_NXDOMAINS_PER_SECOND);
CHECK_RRL_RATE(errors_per_second, rrl->responses_per_second.r,
- DNS_RRL_MAX_RATE, "errors-per-second");
+ DNS_RRL_MAX_RATE, CFG_CLAUSE_ERRORS_PER_SECOND);
- CHECK_RRL_RATE(all_per_second, 0, DNS_RRL_MAX_RATE, "all-per-second");
+ CHECK_RRL_RATE(all_per_second, 0, DNS_RRL_MAX_RATE,
+ CFG_CLAUSE_ALL_PER_SECOND);
- CHECK_RRL_RATE(slip, 2, DNS_RRL_MAX_SLIP, "slip");
+ CHECK_RRL_RATE(slip, 2, DNS_RRL_MAX_SLIP, CFG_CLAUSE_SLIP);
i = 15;
obj = NULL;
toptions = named_zone_templateopts(config, zoptions);
obj = NULL;
- (void)named_config_findopt(zoptions, toptions, "type", &obj);
+ (void)named_config_findopt(zoptions, toptions, CFG_CLAUSE_TYPE, &obj);
if (obj != NULL &&
strcasecmp(cfg_obj_asstring(obj), "forward") == 0)
{
obj = NULL;
(void)named_config_findopt(zoptions, toptions,
- "forward", &obj);
+ CFG_CLAUSE_FORWARD, &obj);
if (obj == NULL) {
continue;
}
unsigned int i;
struct fstrm_iothr_options *fopt = NULL;
- result = named_config_get(maps, "dnstap", &dlist);
+ result = named_config_get(maps, CFG_CLAUSE_DNSTAP, &dlist);
if (result != ISC_R_SUCCESS) {
return ISC_R_SUCCESS;
}
isc_log_rollsuffix_t suffix = isc_log_rollsuffix_increment;
obj = NULL;
- CHECKM(named_config_get(maps, "dnstap-output", &obj),
+ CHECKM(named_config_get(maps, CFG_CLAUSE_DNSTAP_OUTPUT, &obj),
"'dnstap-output' must be set if 'dnstap' is set");
obj2 = cfg_tuple_get(obj, "mode");
fopt, FSTRM_IOTHR_QUEUE_MODEL_MPSC);
obj = NULL;
- result = named_config_get(maps, "fstrm-set-buffer-hint", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_FSTRM_SET_BUFFER_HINT, &obj);
if (result == ISC_R_SUCCESS) {
i = cfg_obj_asuint32(obj);
fstrm_iothr_options_set_buffer_hint(fopt, i);
}
obj = NULL;
- result = named_config_get(maps, "fstrm-set-flush-timeout",
+ result = named_config_get(maps, CFG_CLAUSE_FSTRM_SET_FLUSH_TIMEOUT,
&obj);
if (result == ISC_R_SUCCESS) {
i = cfg_obj_asuint32(obj);
}
obj = NULL;
- result = named_config_get(maps, "fstrm-set-input-queue-size",
+ result = named_config_get(maps, CFG_CLAUSE_FSTRM_SET_INPUT_QUEUE_SIZE,
&obj);
if (result == ISC_R_SUCCESS) {
i = cfg_obj_asuint32(obj);
obj = NULL;
result = named_config_get(
- maps, "fstrm-set-output-notify-threshold", &obj);
+ maps, CFG_CLAUSE_FSTRM_SET_OUTPUT_NOTIFY_THRESHOLD, &obj);
if (result == ISC_R_SUCCESS) {
i = cfg_obj_asuint32(obj);
fstrm_iothr_options_set_queue_notify_threshold(fopt, i);
}
obj = NULL;
- result = named_config_get(maps, "fstrm-set-output-queue-model",
+ result = named_config_get(maps, CFG_CLAUSE_FSTRM_SET_OUTPUT_QUEUE_MODEL,
&obj);
if (result == ISC_R_SUCCESS) {
if (strcasecmp(cfg_obj_asstring(obj), "spsc") == 0) {
}
obj = NULL;
- result = named_config_get(maps, "fstrm-set-output-queue-size",
+ result = named_config_get(maps, CFG_CLAUSE_FSTRM_SET_OUTPUT_QUEUE_SIZE,
&obj);
if (result == ISC_R_SUCCESS) {
i = cfg_obj_asuint32(obj);
}
obj = NULL;
- result = named_config_get(maps, "fstrm-set-reopen-interval",
+ result = named_config_get(maps, CFG_CLAUSE_FSTRM_SET_REOPEN_INTERVAL,
&obj);
if (result == ISC_R_SUCCESS) {
i = cfg_obj_asduration(obj);
}
obj = NULL;
- result = named_config_get(maps, "dnstap-version", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_DNSTAP_VERSION, &obj);
if (result != ISC_R_SUCCESS) {
/* not specified; use the product and version */
dns_dt_setversion(named_g_server->dtenv, PACKAGE_STRING);
}
obj = NULL;
- result = named_config_get(maps, "dnstap-identity", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_DNSTAP_IDENTITY, &obj);
if (result == ISC_R_SUCCESS && cfg_obj_isboolean(obj)) {
/* "hostname" is interpreted as boolean true */
char buf[256];
/*
* Set the view's port number for outgoing queries.
*/
- CHECKM(named_config_getport(config, "port", &port), "port");
+ CHECKM(named_config_getport(config, CFG_CLAUSE_PORT, &port), "port");
dns_view_setdstport(view, port);
/*
*/
obj = NULL;
if (view->rdclass == dns_rdataclass_in &&
- named_config_get(maps, "response-policy", &obj) == ISC_R_SUCCESS)
+ named_config_get(maps, CFG_CLAUSE_RESPONSE_POLICY, &obj) == ISC_R_SUCCESS)
{
CHECK(configure_rpz(view, NULL, obj, &old_rpz_ok, first_time));
rpz_configured = true;
}
obj = NULL;
- if (named_config_get(maps, "catalog-zones", &obj) == ISC_R_SUCCESS) {
+ if (named_config_get(maps, CFG_CLAUSE_CATALOG_ZONES, &obj) == ISC_R_SUCCESS) {
CHECK(configure_catz(view, NULL, config, obj));
catz_configured = true;
}
* we can reuse/share an existing cache.
*/
obj = NULL;
- result = named_config_get(maps, "recursion", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_RECURSION, &obj);
INSIST(result == ISC_R_SUCCESS);
view->recursion = cfg_obj_asboolean(obj);
max_cache_size = named_g_maxcachesize;
} else {
obj = NULL;
- result = named_config_get(maps, "max-cache-size", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MAX_CACHE_SIZE, &obj);
INSIST(result == ISC_R_SUCCESS);
if (cfg_obj_isstring(obj) &&
strcasecmp(cfg_obj_asstring(obj), "default") == 0)
}
obj = NULL;
- result = named_config_get(maps, "zero-no-soa-ttl-cache", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_ZERO_NO_SOA_TTL_CACHE, &obj);
INSIST(result == ISC_R_SUCCESS);
zero_no_soattl = cfg_obj_asboolean(obj);
obj = NULL;
- result = named_config_get(maps, "resolver-use-dns64", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_RESOLVER_USE_DNS64, &obj);
INSIST(result == ISC_R_SUCCESS);
view->usedns64 = cfg_obj_asboolean(obj);
obj = NULL;
- result = named_config_get(maps, "dns64", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_DNS64, &obj);
if (result == ISC_R_SUCCESS && strcmp(view->name, "_bind") &&
strcmp(view->name, "_meta"))
{
const cfg_obj_t *myobj;
myobj = NULL;
- result = named_config_get(maps, "dns64-server", &myobj);
+ result = named_config_get(maps, CFG_CLAUSE_DNS64_SERVER, &myobj);
if (result == ISC_R_SUCCESS) {
server = cfg_obj_asstring(myobj);
} else {
}
myobj = NULL;
- result = named_config_get(maps, "dns64-contact", &myobj);
+ result = named_config_get(maps, CFG_CLAUSE_DNS64_CONTACT, &myobj);
if (result == ISC_R_SUCCESS) {
contact = cfg_obj_asstring(myobj);
} else {
}
obj = NULL;
- result = named_config_get(maps, "dnssec-accept-expired", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_DNSSEC_ACCEPT_EXPIRED, &obj);
INSIST(result == ISC_R_SUCCESS);
view->acceptexpired = cfg_obj_asboolean(obj);
obj = NULL;
- result = named_config_get(maps, "dnssec-validation", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_DNSSEC_VALIDATION, &obj);
INSIST(result == ISC_R_SUCCESS);
if (cfg_obj_isboolean(obj)) {
view->enablevalidation = cfg_obj_asboolean(obj);
}
obj = NULL;
- result = named_config_get(maps, "max-cache-ttl", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MAX_CACHE_TTL, &obj);
INSIST(result == ISC_R_SUCCESS);
view->maxcachettl = cfg_obj_asduration(obj);
obj = NULL;
- result = named_config_get(maps, "max-ncache-ttl", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MAX_NCACHE_TTL, &obj);
INSIST(result == ISC_R_SUCCESS);
view->maxncachettl = cfg_obj_asduration(obj);
obj = NULL;
- result = named_config_get(maps, "min-cache-ttl", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MIN_CACHE_TTL, &obj);
INSIST(result == ISC_R_SUCCESS);
view->mincachettl = cfg_obj_asduration(obj);
obj = NULL;
- result = named_config_get(maps, "min-ncache-ttl", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MIN_NCACHE_TTL, &obj);
INSIST(result == ISC_R_SUCCESS);
view->minncachettl = cfg_obj_asduration(obj);
obj = NULL;
- result = named_config_get(maps, "synth-from-dnssec", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_SYNTH_FROM_DNSSEC, &obj);
INSIST(result == ISC_R_SUCCESS);
view->synthfromdnssec = cfg_obj_asboolean(obj);
obj = NULL;
- result = named_config_get(maps, "stale-cache-enable", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_STALE_CACHE_ENABLE, &obj);
INSIST(result == ISC_R_SUCCESS);
if (cfg_obj_asboolean(obj)) {
obj = NULL;
- result = named_config_get(maps, "max-stale-ttl", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MAX_STALE_TTL, &obj);
INSIST(result == ISC_R_SUCCESS);
max_stale_ttl = ISC_MAX(cfg_obj_asduration(obj), 1);
}
*/
obj = NULL;
- result = named_config_get(maps, "stale-answer-enable", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_STALE_ANSWER_ENABLE, &obj);
INSIST(result == ISC_R_SUCCESS);
view->staleanswersenable = cfg_obj_asboolean(obj);
}
obj = NULL;
- result = named_config_get(maps, "stale-answer-client-timeout", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_STALE_ANSWER_CLIENT_TIMEOUT, &obj);
INSIST(result == ISC_R_SUCCESS);
if (cfg_obj_isstring(obj)) {
/*
}
obj = NULL;
- result = named_config_get(maps, "stale-refresh-time", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_STALE_REFRESH_TIME, &obj);
INSIST(result == ISC_R_SUCCESS);
stale_refresh_time = cfg_obj_asduration(obj);
* ensure these configuration options don't invalidate reusing/sharing.
*/
obj = NULL;
- result = named_config_get(maps, "attach-cache", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_ATTACH_CACHE, &obj);
if (result == ISC_R_SUCCESS) {
cachename = cfg_obj_asstring(obj);
} else {
dns_cache_detach(&cache);
obj = NULL;
- result = named_config_get(maps, "stale-answer-ttl", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_STALE_ANSWER_TTL, &obj);
INSIST(result == ISC_R_SUCCESS);
view->staleanswerttl = ISC_MAX(cfg_obj_asduration(obj), 1);
double low, high, discount;
obj = NULL;
- result = named_config_get(maps, "fetches-per-server", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_FETCHES_PER_SERVER, &obj);
INSIST(result == ISC_R_SUCCESS);
obj2 = cfg_tuple_get(obj, "fetches");
fps = cfg_obj_asuint32(obj2);
}
obj = NULL;
- result = named_config_get(maps, "fetch-quota-params", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_FETCH_QUOTA_PARAMS, &obj);
INSIST(result == ISC_R_SUCCESS);
obj2 = cfg_tuple_get(obj, "frequency");
* Set resolver's lame-ttl.
*/
obj = NULL;
- result = named_config_get(maps, "lame-ttl", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_LAME_TTL, &obj);
INSIST(result == ISC_R_SUCCESS);
lame_ttl = cfg_obj_asduration(obj);
if (lame_ttl > 0) {
* Set the resolver's query timeout.
*/
obj = NULL;
- result = named_config_get(maps, "resolver-query-timeout", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_RESOLVER_QUERY_TIMEOUT, &obj);
INSIST(result == ISC_R_SUCCESS);
query_timeout = cfg_obj_asuint32(obj);
dns_resolver_settimeout(view->resolver, query_timeout);
* Set the resolver's EDNS UDP size.
*/
obj = NULL;
- result = named_config_get(maps, "edns-udp-size", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_EDNS_UDP_SIZE, &obj);
INSIST(result == ISC_R_SUCCESS);
dns_view_setudpsize(view, (uint16_t)cfg_obj_asuint32(obj));
* Set the maximum UDP response size.
*/
obj = NULL;
- result = named_config_get(maps, "max-udp-size", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MAX_UDP_SIZE, &obj);
INSIST(result == ISC_R_SUCCESS);
view->maxudp = cfg_obj_asuint32(obj);
* Set the maximum UDP when a COOKIE is not provided.
*/
obj = NULL;
- result = named_config_get(maps, "nocookie-udp-size", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_NOCOOKIE_UDP_SIZE, &obj);
INSIST(result == ISC_R_SUCCESS);
view->nocookieudp = cfg_obj_asuint32(obj);
if (view->nocookieudp > view->maxudp) {
* Set supported DNSSEC algorithms.
*/
disabled = NULL;
- (void)named_config_get(maps, "disable-algorithms", &disabled);
+ (void)named_config_get(maps, CFG_CLAUSE_DISABLE_ALGORITHMS, &disabled);
if (disabled != NULL) {
CFG_LIST_FOREACH(disabled, element) {
CHECK(disable_algorithms(cfg_listelt_value(element),
* Set supported DS digest types.
*/
disabled = NULL;
- (void)named_config_get(maps, "disable-ds-digests", &disabled);
+ (void)named_config_get(maps, CFG_CLAUSE_DISABLE_DS_DIGESTS, &disabled);
if (disabled != NULL) {
CFG_LIST_FOREACH(disabled, element) {
CHECK(disable_ds_digests(cfg_listelt_value(element),
*/
forwardtype = NULL;
forwarders = NULL;
- (void)named_config_get(maps, "forward", &forwardtype);
- (void)named_config_get(maps, "forwarders", &forwarders);
+ (void)named_config_get(maps, CFG_CLAUSE_FORWARD, &forwardtype);
+ (void)named_config_get(maps, CFG_CLAUSE_FORWARDERS, &forwarders);
if (forwarders != NULL) {
CHECK(configure_forward(config, view, dns_rootname, forwarders,
forwardtype));
* Dual Stack Servers.
*/
alternates = NULL;
- (void)named_config_get(maps, "dual-stack-servers", &alternates);
+ (void)named_config_get(maps, CFG_CLAUSE_DUAL_STACK_SERVERS, &alternates);
if (alternates != NULL) {
CHECK(configure_alternates(config, view, alternates));
}
* Configure SIG(0) check limits when matching a DNS message to a view.
*/
obj = NULL;
- result = named_config_get(maps, "sig0key-checks-limit", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_SIG0KEY_CHECKS_LIMIT, &obj);
INSIST(result == ISC_R_SUCCESS);
view->sig0key_checks_limit = cfg_obj_asuint32(obj);
obj = NULL;
- result = named_config_get(maps, "sig0message-checks-limit", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_SIG0MESSAGE_CHECKS_LIMIT, &obj);
INSIST(result == ISC_R_SUCCESS);
view->sig0message_checks_limit = cfg_obj_asuint32(obj);
const cfg_obj_t *peers = NULL;
dns_peerlist_t *newpeers = NULL;
- (void)named_config_get(cfgmaps, "server", &peers);
+ (void)named_config_get(cfgmaps, CFG_CLAUSE_SERVER, &peers);
dns_peerlist_new(mctx, &newpeers);
CFG_LIST_FOREACH(peers, element) {
const cfg_obj_t *cpeer = cfg_listelt_value(element);
const cfg_obj_t *rrsetorder = NULL;
if (ISC_R_SUCCESS ==
- named_config_get(maps, "rrset-order", &rrsetorder))
+ named_config_get(maps, CFG_CLAUSE_RRSET_ORDER, &rrsetorder))
{
dns_order_create(mctx, &order);
CFG_LIST_FOREACH(rrsetorder, element) {
* must be passed so that named ACLs defined at the global level
* can be retrieved.)
*/
- CHECK(configure_view_acl(vconfig, config, "match-clients", NULL, aclctx,
+ CHECK(configure_view_acl(vconfig, config, CFG_CLAUSE_MATCH_CLIENTS, NULL, aclctx,
isc_g_mctx, &view->matchclients));
- CHECK(configure_view_acl(vconfig, config, "match-destinations", NULL,
+ CHECK(configure_view_acl(vconfig, config, CFG_CLAUSE_MATCH_DESTINATIONS, NULL,
aclctx, isc_g_mctx, &view->matchdestinations));
/*
* Configure the "match-recursive-only" option.
*/
obj = NULL;
- (void)named_config_get(maps, "match-recursive-only", &obj);
+ (void)named_config_get(maps, CFG_CLAUSE_MATCH_RECURSIVE_ONLY, &obj);
if (obj != NULL && cfg_obj_asboolean(obj)) {
view->matchrecursiveonly = true;
} else {
* Configure other configurable data.
*/
obj = NULL;
- result = named_config_get(maps, "qname-minimization", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_QNAME_MINIMIZATION, &obj);
INSIST(result == ISC_R_SUCCESS);
qminmode = cfg_obj_asstring(obj);
INSIST(qminmode != NULL);
}
obj = NULL;
- result = named_config_get(maps, "auth-nxdomain", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_AUTH_NXDOMAIN, &obj);
INSIST(result == ISC_R_SUCCESS);
view->auth_nxdomain = cfg_obj_asboolean(obj);
obj = NULL;
- result = named_config_get(maps, "minimal-any", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MINIMAL_ANY, &obj);
INSIST(result == ISC_R_SUCCESS);
view->minimal_any = cfg_obj_asboolean(obj);
obj = NULL;
- result = named_config_get(maps, "minimal-responses", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MINIMAL_RESPONSES, &obj);
INSIST(result == ISC_R_SUCCESS);
if (cfg_obj_isboolean(obj)) {
if (cfg_obj_asboolean(obj)) {
}
obj = NULL;
- result = named_config_get(maps, "transfer-format", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_TRANSFER_FORMAT, &obj);
INSIST(result == ISC_R_SUCCESS);
str = cfg_obj_asstring(obj);
if (strcasecmp(str, "many-answers") == 0) {
}
obj = NULL;
- result = named_config_get(maps, "trust-anchor-telemetry", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_TRUST_ANCHOR_TELEMETRY, &obj);
INSIST(result == ISC_R_SUCCESS);
view->trust_anchor_telemetry = cfg_obj_asboolean(obj);
obj = NULL;
- result = named_config_get(maps, "root-key-sentinel", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_ROOT_KEY_SENTINEL, &obj);
INSIST(result == ISC_R_SUCCESS);
view->root_key_sentinel = cfg_obj_asboolean(obj);
- CHECK(configure_view_acl(vconfig, config, "allow-query", NULL, aclctx,
+ CHECK(configure_view_acl(vconfig, config, CFG_CLAUSE_ALLOW_QUERY, NULL, aclctx,
isc_g_mctx, &view->queryacl));
- CHECK(configure_view_acl(vconfig, config, "allow-query-on", NULL,
+ CHECK(configure_view_acl(vconfig, config, CFG_CLAUSE_ALLOW_QUERY_ON, NULL,
aclctx, isc_g_mctx, &view->queryonacl));
- CHECK(configure_view_acl(vconfig, config, "allow-query-cache", NULL,
+ CHECK(configure_view_acl(vconfig, config, CFG_CLAUSE_ALLOW_QUERY_CACHE, NULL,
aclctx, isc_g_mctx, &view->cacheacl));
- CHECK(configure_view_acl(vconfig, config, "allow-query-cache-on", NULL,
+ CHECK(configure_view_acl(vconfig, config, CFG_CLAUSE_ALLOW_QUERY_CACHE_ON, NULL,
aclctx, isc_g_mctx, &view->cacheonacl));
- CHECK(configure_view_acl(vconfig, config, "allow-proxy", NULL, aclctx,
+ CHECK(configure_view_acl(vconfig, config, CFG_CLAUSE_ALLOW_PROXY, NULL, aclctx,
isc_g_mctx, &view->proxyacl));
- CHECK(configure_view_acl(vconfig, config, "allow-proxy-on", NULL,
+ CHECK(configure_view_acl(vconfig, config, CFG_CLAUSE_ALLOW_PROXY_ON, NULL,
aclctx, isc_g_mctx, &view->proxyonacl));
if (strcmp(view->name, "_bind") != 0 &&
view->rdclass != dns_rdataclass_chaos)
{
- CHECK(configure_view_acl(vconfig, config, "allow-recursion",
+ CHECK(configure_view_acl(vconfig, config, CFG_CLAUSE_ALLOW_RECURSION,
NULL, aclctx, isc_g_mctx,
&view->recursionacl));
- CHECK(configure_view_acl(vconfig, config, "allow-recursion-on",
+ CHECK(configure_view_acl(vconfig, config, CFG_CLAUSE_ALLOW_RECURSION_ON,
NULL, aclctx, isc_g_mctx,
&view->recursiononacl));
}
* clients. This causes case not always to be preserved,
* and is needed by some broken clients.
*/
- CHECK(configure_view_acl(vconfig, config, "no-case-compress", NULL,
+ CHECK(configure_view_acl(vconfig, config, CFG_CLAUSE_NO_CASE_COMPRESS, NULL,
aclctx, isc_g_mctx, &view->nocasecompress));
/*
* between CPU and network usage.
*/
obj = NULL;
- result = named_config_get(maps, "message-compression", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MESSAGE_COMPRESSION, &obj);
INSIST(result == ISC_R_SUCCESS);
view->msgcompression = cfg_obj_asboolean(obj);
/*
* Filter setting on addresses in the answer section.
*/
- CHECK(configure_view_acl(vconfig, config, "deny-answer-addresses",
+ CHECK(configure_view_acl(vconfig, config, CFG_CLAUSE_DENY_ANSWER_ADDRESSES,
"acl", aclctx, isc_g_mctx,
&view->denyansweracl));
- CHECK(configure_view_nametable(vconfig, config, "deny-answer-addresses",
+ CHECK(configure_view_nametable(vconfig, config, CFG_CLAUSE_DENY_ANSWER_ADDRESSES,
"except-from", isc_g_mctx,
&view->answeracl_exclude));
/*
* Filter setting on names (CNAME/DNAME targets) in the answer section.
*/
- CHECK(configure_view_nametable(vconfig, config, "deny-answer-aliases",
+ CHECK(configure_view_nametable(vconfig, config, CFG_CLAUSE_DENY_ANSWER_ALIASES,
"name", isc_g_mctx,
&view->denyanswernames));
- CHECK(configure_view_nametable(vconfig, config, "deny-answer-aliases",
+ CHECK(configure_view_nametable(vconfig, config, CFG_CLAUSE_DENY_ANSWER_ALIASES,
"except-from", isc_g_mctx,
&view->answernames_exclude));
* can be inherited by zones.
*/
if (view->transferacl == NULL) {
- CHECK(configure_view_acl(vconfig, config, "allow-transfer",
+ CHECK(configure_view_acl(vconfig, config, CFG_CLAUSE_ALLOW_TRANSFER,
NULL, aclctx, isc_g_mctx,
&view->transferacl));
}
if (view->notifyacl == NULL) {
- CHECK(configure_view_acl(vconfig, config, "allow-notify", NULL,
+ CHECK(configure_view_acl(vconfig, config, CFG_CLAUSE_ALLOW_NOTIFY, NULL,
aclctx, isc_g_mctx, &view->notifyacl));
}
obj = NULL;
- result = named_config_get(maps, "provide-ixfr", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_PROVIDE_IXFR, &obj);
INSIST(result == ISC_R_SUCCESS);
view->provideixfr = cfg_obj_asboolean(obj);
obj = NULL;
- result = named_config_get(maps, "request-nsid", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_REQUEST_NSID, &obj);
INSIST(result == ISC_R_SUCCESS);
view->requestnsid = cfg_obj_asboolean(obj);
obj = NULL;
- result = named_config_get(maps, "request-zoneversion", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_REQUEST_ZONEVERSION, &obj);
INSIST(result == ISC_R_SUCCESS);
view->requestzoneversion = cfg_obj_asboolean(obj);
obj = NULL;
- result = named_config_get(maps, "send-cookie", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_SEND_COOKIE, &obj);
INSIST(result == ISC_R_SUCCESS);
view->sendcookie = cfg_obj_asboolean(obj);
if (view->pad_acl != NULL) {
dns_acl_detach(&view->pad_acl);
}
- result = named_config_get(maps, "response-padding", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_RESPONSE_PADDING, &obj);
INSIST(result == ISC_R_SUCCESS);
padding = cfg_obj_asuint32(cfg_tuple_get(obj, "block-size"));
isc_g_mctx, 0, &view->pad_acl));
obj = NULL;
- result = named_config_get(maps, "require-server-cookie", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_REQUIRE_SERVER_COOKIE, &obj);
INSIST(result == ISC_R_SUCCESS);
view->requireservercookie = cfg_obj_asboolean(obj);
obj = NULL;
- result = named_config_get(maps, "v6-bias", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_V6_BIAS, &obj);
INSIST(result == ISC_R_SUCCESS);
view->v6bias = cfg_obj_asuint32(obj) * 1000;
obj = NULL;
- result = named_config_get(maps, "clients-per-query", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_CLIENTS_PER_QUERY, &obj);
INSIST(result == ISC_R_SUCCESS);
clients_per_query = cfg_obj_asuint32(obj);
obj = NULL;
- result = named_config_get(maps, "max-clients-per-query", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MAX_CLIENTS_PER_QUERY, &obj);
INSIST(result == ISC_R_SUCCESS);
max_clients_per_query = cfg_obj_asuint32(obj);
* for zone databases.
*/
obj = NULL;
- result = named_config_get(maps, "max-records-per-type", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MAX_RECORDS_PER_TYPE, &obj);
INSIST(result == ISC_R_SUCCESS);
dns_view_setmaxrrperset(view, cfg_obj_asuint32(obj));
* for zone databases.
*/
obj = NULL;
- result = named_config_get(maps, "max-types-per-name", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MAX_TYPES_PER_NAME, &obj);
INSIST(result == ISC_R_SUCCESS);
dns_view_setmaxtypepername(view, cfg_obj_asuint32(obj));
obj = NULL;
- result = named_config_get(maps, "max-recursion-depth", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MAX_RECURSION_DEPTH, &obj);
INSIST(result == ISC_R_SUCCESS);
dns_resolver_setmaxdepth(view->resolver, cfg_obj_asuint32(obj));
obj = NULL;
- result = named_config_get(maps, "max-recursion-queries", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MAX_RECURSION_QUERIES, &obj);
INSIST(result == ISC_R_SUCCESS);
dns_resolver_setmaxqueries(view->resolver, cfg_obj_asuint32(obj));
obj = NULL;
- result = named_config_get(maps, "max-query-restarts", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MAX_QUERY_RESTARTS, &obj);
INSIST(result == ISC_R_SUCCESS);
dns_view_setmaxrestarts(view, cfg_obj_asuint32(obj));
obj = NULL;
- result = named_config_get(maps, "max-query-count", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MAX_QUERY_COUNT, &obj);
INSIST(result == ISC_R_SUCCESS);
dns_view_setmaxqueries(view, cfg_obj_asuint32(obj));
obj = NULL;
- result = named_config_get(maps, "max-delegation-servers", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MAX_DELEGATION_SERVERS, &obj);
INSIST(result == ISC_R_SUCCESS);
CHECK(dns_view_setmaxdelegationservers(view, cfg_obj_asuint32(obj)));
obj = NULL;
- result = named_config_get(maps, "max-validations-per-fetch", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MAX_VALIDATIONS_PER_FETCH, &obj);
if (result == ISC_R_SUCCESS) {
dns_resolver_setmaxvalidations(view->resolver,
cfg_obj_asuint32(obj));
}
obj = NULL;
- result = named_config_get(maps, "max-validation-failures-per-fetch",
+ result = named_config_get(maps, CFG_CLAUSE_MAX_VALIDATION_FAILURES_PER_FETCH,
&obj);
if (result == ISC_R_SUCCESS) {
dns_resolver_setmaxvalidationfails(view->resolver,
}
obj = NULL;
- result = named_config_get(maps, "fetches-per-zone", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_FETCHES_PER_ZONE, &obj);
INSIST(result == ISC_R_SUCCESS);
obj2 = cfg_tuple_get(obj, "fetches");
dns_resolver_setfetchesperzone(view->resolver, cfg_obj_asuint32(obj2));
}
obj = NULL;
- result = named_config_get(maps, "prefetch", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_PREFETCH, &obj);
INSIST(result == ISC_R_SUCCESS);
prefetch_trigger = cfg_tuple_get(obj, "trigger");
view->prefetch_trigger = cfg_obj_asuint32(prefetch_trigger);
auto_root));
obj = NULL;
- result = named_config_get(maps, "nta-recheck", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_NTA_RECHECK, &obj);
INSIST(result == ISC_R_SUCCESS);
view->nta_recheck = cfg_obj_asduration(obj);
obj = NULL;
- result = named_config_get(maps, "nta-lifetime", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_NTA_LIFETIME, &obj);
INSIST(result == ISC_R_SUCCESS);
view->nta_lifetime = cfg_obj_asduration(obj);
obj = NULL;
- result = named_config_get(maps, "preferred-glue", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_PREFERRED_GLUE, &obj);
if (result == ISC_R_SUCCESS) {
str = cfg_obj_asstring(obj);
if (strcasecmp(str, "a") == 0) {
* they are disabled by default.
*/
obj = NULL;
- (void)named_config_get(maps, "empty-zones-enable", &obj);
- (void)named_config_get(maps, "disable-empty-zone", &disablelist);
+ (void)named_config_get(maps, CFG_CLAUSE_EMPTY_ZONES_ENABLE, &obj);
+ (void)named_config_get(maps, CFG_CLAUSE_DISABLE_EMPTY_ZONE, &disablelist);
if (obj == NULL && disablelist == NULL &&
view->rdclass == dns_rdataclass_in)
{
name = dns_fixedname_initname(&fixed);
obj = NULL;
- result = named_config_get(maps, "empty-server", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_EMPTY_SERVER, &obj);
if (result == ISC_R_SUCCESS) {
CHECK(dns_name_fromstring(name, cfg_obj_asstring(obj),
dns_rootname, 0, NULL));
}
obj = NULL;
- result = named_config_get(maps, "empty-contact", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_EMPTY_CONTACT, &obj);
if (result == ISC_R_SUCCESS) {
CHECK(dns_name_fromstring(name, cfg_obj_asstring(obj),
dns_rootname, 0, NULL));
}
obj = NULL;
- result = named_config_get(maps, "zone-statistics", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_ZONE_STATISTICS, &obj);
INSIST(result == ISC_R_SUCCESS);
if (cfg_obj_isboolean(obj)) {
if (cfg_obj_asboolean(obj)) {
obj = NULL;
if (view->rdclass == dns_rdataclass_in) {
- (void)named_config_get(maps, "ipv4only-enable", &obj);
+ (void)named_config_get(maps, CFG_CLAUSE_IPV4ONLY_ENABLE, &obj);
}
if (view->rdclass == dns_rdataclass_in && (obj != NULL)
? cfg_obj_asboolean(obj)
size_t ipv4only_zone;
obj = NULL;
- result = named_config_get(maps, "ipv4only-server", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_IPV4ONLY_SERVER, &obj);
if (result == ISC_R_SUCCESS) {
server = cfg_obj_asstring(obj);
} else {
}
obj = NULL;
- result = named_config_get(maps, "ipv4only-contact", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_IPV4ONLY_CONTACT, &obj);
if (result == ISC_R_SUCCESS) {
contact = cfg_obj_asstring(obj);
} else {
}
obj = NULL;
- result = named_config_get(maps, "rate-limit", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_RATE_LIMIT, &obj);
if (result == ISC_R_SUCCESS) {
CHECK(configure_rrl(view, config, obj, aclctx));
}
* Set the servfail-ttl.
*/
obj = NULL;
- result = named_config_get(maps, "servfail-ttl", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_SERVFAIL_TTL, &obj);
INSIST(result == ISC_R_SUCCESS);
fail_ttl = cfg_obj_asduration(obj);
if (fail_ttl > 30) {
* Name space to look up redirect information in.
*/
obj = NULL;
- result = named_config_get(maps, "nxdomain-redirect", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_NXDOMAIN_REDIRECT, &obj);
if (result == ISC_R_SUCCESS) {
dns_name_t *name = dns_fixedname_name(&view->redirectfixed);
CHECK(dns_name_fromstring(name, cfg_obj_asstring(obj),
* Exceptions to DNSSEC validation.
*/
obj = NULL;
- result = named_config_get(maps, "validate-except", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_VALIDATE_EXCEPT, &obj);
if (result == ISC_R_SUCCESS) {
result = dns_view_getntatable(view, &ntatable);
}
obj = NULL;
if (rpz_configured &&
pview->rdclass == dns_rdataclass_in &&
- named_config_get(maps, "response-policy", &obj) ==
+ named_config_get(maps, CFG_CLAUSE_RESPONSE_POLICY, &obj) ==
ISC_R_SUCCESS)
{
/*
obj = NULL;
if (catz_configured &&
pview->rdclass == dns_rdataclass_in &&
- named_config_get(maps, "catalog-zones", &obj) ==
+ named_config_get(maps, CFG_CLAUSE_CATALOG_ZONES, &obj) ==
ISC_R_SUCCESS)
{
/*
/*
* Determine which port to send requests to.
*/
- CHECKM(named_config_getport(config, "port", &port), "port");
+ CHECKM(named_config_getport(config, CFG_CLAUSE_PORT, &port), "port");
if (alternates != NULL) {
portobj = cfg_tuple_get(alternates, "port");
}
if (strcasecmp(str, "ephemeral") != 0) {
- const cfg_obj_t *tlsmap = find_maplist(config, "tls", str);
+ const cfg_obj_t *tlsmap = find_maplist(config, CFG_CLAUSE_TLS, str);
if (tlsmap == NULL) {
cfg_obj_log(obj, ISC_LOG_ERROR,
/*
* Determine which port to send forwarded requests to.
*/
- CHECKM(named_config_getport(config, "port", &port), "port");
- CHECKM(named_config_getport(config, "tls-port", &tls_port), "tls-port");
+ CHECKM(named_config_getport(config, CFG_CLAUSE_PORT, &port), "port");
+ CHECKM(named_config_getport(config, CFG_CLAUSE_TLS_PORT, &tls_port), "tls-port");
if (forwarders != NULL) {
portobj = cfg_tuple_get(forwarders, "port");
goto cleanup;
}
- (void)named_config_findopt(zoptions, toptions, "type", &typeobj);
+ (void)named_config_findopt(zoptions, toptions, CFG_CLAUSE_TYPE, &typeobj);
if (typeobj == NULL) {
cfg_obj_log(zconfig, ISC_LOG_ERROR,
"zone '%s' 'type' not specified", zname);
*/
if (strcasecmp(ztypestr, "hint") == 0) {
const cfg_obj_t *fileobj = NULL;
- (void)named_config_findopt(zoptions, toptions, "file",
+ (void)named_config_findopt(zoptions, toptions, CFG_CLAUSE_FILE,
&fileobj);
if (fileobj == NULL) {
isc_log_write(NAMED_LOGCATEGORY_GENERAL,
forwardtype = NULL;
forwarders = NULL;
- (void)named_config_findopt(zoptions, toptions, "forward",
+ (void)named_config_findopt(zoptions, toptions, CFG_CLAUSE_FORWARD,
&forwardtype);
- (void)named_config_findopt(zoptions, toptions, "forwarders",
+ (void)named_config_findopt(zoptions, toptions, CFG_CLAUSE_FORWARDERS,
&forwarders);
CHECK(configure_forward(config, view, origin, forwarders,
forwardtype));
* selective forwarding.
*/
forwarders = NULL;
- named_config_findopt(zoptions, toptions, "forwarders", &forwarders);
+ named_config_findopt(zoptions, toptions, CFG_CLAUSE_FORWARDERS, &forwarders);
if (forwarders != NULL) {
forwardtype = NULL;
- named_config_findopt(zoptions, toptions, "forward",
+ named_config_findopt(zoptions, toptions, CFG_CLAUSE_FORWARD,
&forwardtype);
CHECK(configure_forward(config, view, origin, forwarders,
forwardtype));
CHECK(dns_zone_link(zone, raw));
}
named_config_findopt(zoptions, toptions,
- "ixfr-from-differences", &ixfrfromdiffs);
+ CFG_CLAUSE_IXFR_FROM_DIFFERENCES, &ixfrfromdiffs);
if (ixfrfromdiffs != NULL) {
isc_log_write(NAMED_LOGCATEGORY_GENERAL,
NAMED_LOGMODULE_SERVER, ISC_LOG_INFO,
* Configure a single server quota.
*/
static void
-configure_server_quota(const cfg_obj_t **maps, const char *name,
+configure_server_quota(const cfg_obj_t **maps, enum cfg_clause name,
isc_quota_t *quota) {
const cfg_obj_t *obj = NULL;
isc_result_t result;
isc_result_t result;
obj = NULL;
- result = named_config_get(maps, "session-keyfile", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_SESSION_KEYFILE, &obj);
if (result == ISC_R_SUCCESS) {
if (cfg_obj_isvoid(obj)) {
keyfile = NULL; /* disable it */
}
obj = NULL;
- result = named_config_get(maps, "session-keyname", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_SESSION_KEYNAME, &obj);
INSIST(result == ISC_R_SUCCESS);
keynamestr = cfg_obj_asstring(obj);
isc_buffer_constinit(&buffer, keynamestr, strlen(keynamestr));
RETERR(dns_name_fromtext(keyname, &buffer, dns_rootname, 0));
obj = NULL;
- result = named_config_get(maps, "session-keyalg", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_SESSION_KEYALG, &obj);
INSIST(result == ISC_R_SUCCESS);
algstr = cfg_obj_asstring(obj);
result = named_config_getkeyalgorithm(algstr, &algtype, &bits);
}
maps[i] = NULL;
- result = named_config_get(maps, "allow-new-zones", &nz);
+ result = named_config_get(maps, CFG_CLAUSE_ALLOW_NEW_ZONES, &nz);
if (result == ISC_R_SUCCESS) {
view->newzone.allowed = cfg_obj_asboolean(nz);
}
* A non-empty catalog-zones statement implies allow-new-zones
*/
const cfg_obj_t *cz = NULL;
- result = named_config_get(maps, "catalog-zones", &cz);
+ result = named_config_get(maps, CFG_CLAUSE_CATALOG_ZONES, &cz);
if (result == ISC_R_SUCCESS) {
const cfg_listelt_t *e =
cfg_list_first(cfg_tuple_get(cz, "zone list"));
}
}
- result = named_config_get(maps, "new-zones-directory", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_NEW_ZONES_DIRECTORY, &obj);
if (result == ISC_R_SUCCESS) {
dir = cfg_obj_asstring(obj);
result = isc_file_isdirectory(dir);
uint64_t mapsize = 0ULL;
obj = NULL;
- result = named_config_get(maps, "lmdb-mapsize", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_LMDB_MAPSIZE, &obj);
if (result == ISC_R_SUCCESS && obj != NULL) {
mapsize = cfg_obj_asuint64(obj);
if (mapsize < (1ULL << 20)) { /* 1 megabyte */
#if HAVE_LIBNGHTTP2
obj = NULL;
- result = named_config_get(maps, "http-port", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_HTTP_PORT, &obj);
INSIST(result == ISC_R_SUCCESS);
named_g_httpport = (in_port_t)cfg_obj_asuint32(obj);
obj = NULL;
- result = named_config_get(maps, "https-port", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_HTTPS_PORT, &obj);
INSIST(result == ISC_R_SUCCESS);
named_g_httpsport = (in_port_t)cfg_obj_asuint32(obj);
obj = NULL;
- result = named_config_get(maps, "http-listener-clients", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_HTTP_LISTENER_CLIENTS, &obj);
INSIST(result == ISC_R_SUCCESS);
named_g_http_listener_clients = cfg_obj_asuint32(obj);
obj = NULL;
- result = named_config_get(maps, "http-streams-per-connection", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_HTTP_STREAMS_PER_CONNECTION, &obj);
INSIST(result == ISC_R_SUCCESS);
named_g_http_streams_per_conn = cfg_obj_asuint32(obj);
#endif
* ACLs that can't work.
*/
obj = NULL;
- result = named_config_get(maps, "geoip-directory", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_GEOIP_DIRECTORY, &obj);
INSIST(result == ISC_R_SUCCESS);
if (cfg_obj_isstring(obj)) {
char *dir = UNCONST(cfg_obj_asstring(obj));
/*
* Configure various server options.
*/
- configure_server_quota(maps, "transfers-out",
+ configure_server_quota(maps, CFG_CLAUSE_TRANSFERS_OUT,
&server->sctx->xfroutquota);
- configure_server_quota(maps, "tcp-clients", &server->sctx->tcpquota);
- configure_server_quota(maps, "recursive-clients",
+ configure_server_quota(maps, CFG_CLAUSE_TCP_CLIENTS, &server->sctx->tcpquota);
+ configure_server_quota(maps, CFG_CLAUSE_RECURSIVE_CLIENTS,
&server->sctx->recursionquota);
- configure_server_quota(maps, "update-quota", &server->sctx->updquota);
- configure_server_quota(maps, "sig0checks-quota",
+ configure_server_quota(maps, CFG_CLAUSE_UPDATE_QUOTA, &server->sctx->updquota);
+ configure_server_quota(maps, CFG_CLAUSE_SIG0CHECKS_QUOTA,
&server->sctx->sig0checksquota);
max = isc_quota_getmax(&server->sctx->recursionquota);
isc_quota_soft(&server->sctx->recursionquota, softquota);
obj = NULL;
- result = named_config_get(maps, "sig0checks-quota-exempt", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_SIG0CHECKS_QUOTA_EXEMPT, &obj);
if (result == ISC_R_SUCCESS) {
result = cfg_acl_fromconfig(
obj, effectiveconfig, aclctx, isc_g_mctx, 0,
* Set "blackhole". Only legal at options level; there is
* no default.
*/
- result = configure_view_acl(NULL, effectiveconfig, "blackhole", NULL,
+ result = configure_view_acl(NULL, effectiveconfig, CFG_CLAUSE_BLACKHOLE, NULL,
aclctx, isc_g_mctx,
&server->sctx->blackholeacl);
if (result != ISC_R_SUCCESS) {
}
obj = NULL;
- result = named_config_get(maps, "match-mapped-addresses", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MATCH_MAPPED_ADDRESSES, &obj);
INSIST(result == ISC_R_SUCCESS);
env->match_mapped = cfg_obj_asboolean(obj);
* Configure the network manager
*/
obj = NULL;
- result = named_config_get(maps, "tcp-initial-timeout", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_TCP_INITIAL_TIMEOUT, &obj);
INSIST(result == ISC_R_SUCCESS);
initial = cfg_obj_asuint32(obj) * 100;
if (initial > MAX_INITIAL_TIMEOUT) {
}
obj = NULL;
- result = named_config_get(maps, "tcp-idle-timeout", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_TCP_IDLE_TIMEOUT, &obj);
INSIST(result == ISC_R_SUCCESS);
idle = cfg_obj_asuint32(obj) * 100;
if (idle > MAX_IDLE_TIMEOUT) {
}
obj = NULL;
- result = named_config_get(maps, "tcp-keepalive-timeout", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_TCP_KEEPALIVE_TIMEOUT, &obj);
INSIST(result == ISC_R_SUCCESS);
keepalive = cfg_obj_asuint32(obj) * 100;
if (keepalive > MAX_KEEPALIVE_TIMEOUT) {
}
obj = NULL;
- result = named_config_get(maps, "tcp-advertised-timeout", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_TCP_ADVERTISED_TIMEOUT, &obj);
INSIST(result == ISC_R_SUCCESS);
advertised = cfg_obj_asuint32(obj) * 100;
if (advertised > MAX_ADVERTISED_TIMEOUT) {
}
obj = NULL;
- result = named_config_get(maps, "tcp-primaries-timeout", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_TCP_PRIMARIES_TIMEOUT, &obj);
INSIST(result == ISC_R_SUCCESS);
primaries = cfg_obj_asuint32(obj) * 100;
if (primaries > MAX_PRIMARIES_TIMEOUT) {
/* Set the kernel send and receive buffer sizes */
obj = NULL;
- result = named_config_get(maps, "tcp-receive-buffer", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_TCP_RECEIVE_BUFFER, &obj);
INSIST(result == ISC_R_SUCCESS);
recv_tcp_buffer_size = cfg_obj_asuint32(obj);
CAP_IF_NOT_ZERO(recv_tcp_buffer_size, 4096, INT32_MAX);
obj = NULL;
- result = named_config_get(maps, "tcp-send-buffer", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_TCP_SEND_BUFFER, &obj);
INSIST(result == ISC_R_SUCCESS);
send_tcp_buffer_size = cfg_obj_asuint32(obj);
CAP_IF_NOT_ZERO(send_tcp_buffer_size, 4096, INT32_MAX);
obj = NULL;
- result = named_config_get(maps, "udp-receive-buffer", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_UDP_RECEIVE_BUFFER, &obj);
INSIST(result == ISC_R_SUCCESS);
recv_udp_buffer_size = cfg_obj_asuint32(obj);
CAP_IF_NOT_ZERO(recv_udp_buffer_size, 4096, INT32_MAX);
obj = NULL;
- result = named_config_get(maps, "udp-send-buffer", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_UDP_SEND_BUFFER, &obj);
INSIST(result == ISC_R_SUCCESS);
send_udp_buffer_size = cfg_obj_asuint32(obj);
CAP_IF_NOT_ZERO(send_udp_buffer_size, 4096, INT32_MAX);
* Set the EDNS UDP size when we don't match a view.
*/
obj = NULL;
- result = named_config_get(maps, "edns-udp-size", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_EDNS_UDP_SIZE, &obj);
INSIST(result == ISC_R_SUCCESS);
server->sctx->udpsize = (uint16_t)cfg_obj_asuint32(obj);
/* Set the transfer message size for TCP */
obj = NULL;
- result = named_config_get(maps, "transfer-message-size", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_TRANSFER_MESSAGE_SIZE, &obj);
INSIST(result == ISC_R_SUCCESS);
transfer_message_size = cfg_obj_asuint32(obj);
if (transfer_message_size < 512) {
* Configure the zone manager.
*/
obj = NULL;
- result = named_config_get(maps, "transfers-in", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_TRANSFERS_IN, &obj);
INSIST(result == ISC_R_SUCCESS);
dns_zonemgr_settransfersin(server->zonemgr, cfg_obj_asuint32(obj));
obj = NULL;
- result = named_config_get(maps, "transfers-per-ns", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_TRANSFERS_PER_NS, &obj);
INSIST(result == ISC_R_SUCCESS);
dns_zonemgr_settransfersperns(server->zonemgr, cfg_obj_asuint32(obj));
obj = NULL;
- result = named_config_get(maps, "notify-rate", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_NOTIFY_RATE, &obj);
INSIST(result == ISC_R_SUCCESS);
dns_zonemgr_setnotifyrate(server->zonemgr, cfg_obj_asuint32(obj));
obj = NULL;
- result = named_config_get(maps, "startup-notify-rate", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_STARTUP_NOTIFY_RATE, &obj);
INSIST(result == ISC_R_SUCCESS);
dns_zonemgr_setstartupnotifyrate(server->zonemgr,
cfg_obj_asuint32(obj));
obj = NULL;
- result = named_config_get(maps, "serial-query-rate", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_SERIAL_QUERY_RATE, &obj);
INSIST(result == ISC_R_SUCCESS);
dns_zonemgr_setserialqueryrate(server->zonemgr, cfg_obj_asuint32(obj));
if (named_g_port != 0) {
listen_port = named_g_port;
} else {
- result = named_config_getport(effectiveconfig, "port",
+ result = named_config_getport(effectiveconfig, CFG_CLAUSE_PORT,
&listen_port);
if (result != ISC_R_SUCCESS) {
goto cleanup_portsets;
* Find the listen queue depth.
*/
obj = NULL;
- result = named_config_get(maps, "tcp-listen-queue", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_TCP_LISTEN_QUEUE, &obj);
INSIST(result == ISC_R_SUCCESS);
backlog = cfg_obj_asuint32(obj);
if ((backlog > 0) && (backlog < 10)) {
ns_interfacemgr_setbacklog(server->interfacemgr, backlog);
obj = NULL;
- result = named_config_get(maps, "reuseport", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_REUSEPORT, &obj);
INSIST(result == ISC_R_SUCCESS);
loadbalancesockets = cfg_obj_asboolean(obj);
#if HAVE_SO_REUSEPORT_LB
const cfg_obj_t *clistenon = NULL;
ns_listenlist_t *listenon = NULL;
- result = named_config_get(maps, "listen-on", &clistenon);
+ result = named_config_get(maps, CFG_CLAUSE_LISTEN_ON, &clistenon);
if (result != ISC_R_SUCCESS) {
goto cleanup_portsets;
}
const cfg_obj_t *clistenon = NULL;
ns_listenlist_t *listenon = NULL;
- result = named_config_get(maps, "listen-on-v6", &clistenon);
+ result = named_config_get(maps, CFG_CLAUSE_LISTEN_ON_V6, &clistenon);
if (result != ISC_R_SUCCESS) {
goto cleanup_portsets;
}
* as specified by the "interface-interval" option.
*/
obj = NULL;
- result = named_config_get(maps, "interface-interval", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_INTERFACE_INTERVAL, &obj);
INSIST(result == ISC_R_SUCCESS);
interface_interval = cfg_obj_asduration(obj);
server->interface_interval = interface_interval;
* Enable automatic interface scans.
*/
obj = NULL;
- result = named_config_get(maps, "automatic-interface-scan", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_AUTOMATIC_INTERFACE_SCAN, &obj);
INSIST(result == ISC_R_SUCCESS);
server->sctx->interface_auto = cfg_obj_asboolean(obj);
* Write the PID file.
*/
obj = NULL;
- if (named_config_get(maps, "pid-file", &obj) == ISC_R_SUCCESS) {
+ if (named_config_get(maps, CFG_CLAUSE_PID_FILE, &obj) == ISC_R_SUCCESS) {
if (cfg_obj_isvoid(obj)) {
named_os_writepidfile(NULL, first_time);
} else {
const cfg_obj_t *categories = NULL;
obj = NULL;
- if (named_config_get(maps, "querylog", &obj) == ISC_R_SUCCESS) {
+ if (named_config_get(maps, CFG_CLAUSE_QUERYLOG, &obj) == ISC_R_SUCCESS) {
ns_server_setoption(server->sctx, NS_SERVER_LOGQUERIES,
cfg_obj_asboolean(obj));
} else {
}
}
obj = NULL;
- result = named_config_get(maps, "responselog", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_RESPONSELOG, &obj);
if (result == ISC_R_SUCCESS) {
ns_server_setoption(server->sctx,
NS_SERVER_LOGRESPONSES,
}
obj = NULL;
- if (named_config_get(maps, "memstatistics-file", &obj) == ISC_R_SUCCESS)
+ if (named_config_get(maps, CFG_CLAUSE_MEMSTATISTICS_FILE, &obj) == ISC_R_SUCCESS)
{
named_main_setmemstats(cfg_obj_asstring(obj));
} else if (named_g_memstatistics) {
}
obj = NULL;
- result = named_config_get(maps, "statistics-file", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_STATISTICS_FILE, &obj);
INSIST(result == ISC_R_SUCCESS);
setstring(server, &server->statsfile, cfg_obj_asstring(obj));
obj = NULL;
- result = named_config_get(maps, "dump-file", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_DUMP_FILE, &obj);
INSIST(result == ISC_R_SUCCESS);
setstring(server, &server->dumpfile, cfg_obj_asstring(obj));
obj = NULL;
- result = named_config_get(maps, "secroots-file", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_SECROOTS_FILE, &obj);
INSIST(result == ISC_R_SUCCESS);
setstring(server, &server->secrootsfile, cfg_obj_asstring(obj));
obj = NULL;
- result = named_config_get(maps, "recursing-file", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_RECURSING_FILE, &obj);
INSIST(result == ISC_R_SUCCESS);
setstring(server, &server->recfile, cfg_obj_asstring(obj));
obj = NULL;
- result = named_config_get(maps, "version", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_VERSION, &obj);
if (result == ISC_R_SUCCESS) {
setoptstring(server, &server->version, obj);
server->version_set = true;
}
obj = NULL;
- result = named_config_get(maps, "hostname", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_HOSTNAME, &obj);
if (result == ISC_R_SUCCESS) {
setoptstring(server, &server->hostname, obj);
server->hostname_set = true;
}
obj = NULL;
- result = named_config_get(maps, "server-id", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_SERVER_ID, &obj);
server->sctx->usehostname = false;
if (result == ISC_R_SUCCESS && cfg_obj_isboolean(obj)) {
/* The parser translates "hostname" to true */
RUNTIME_CHECK(result == ISC_R_SUCCESS);
obj = NULL;
- result = named_config_get(maps, "flush-zones-on-shutdown", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_FLUSH_ZONES_ON_SHUTDOWN, &obj);
if (result == ISC_R_SUCCESS) {
server->flushonshutdown = cfg_obj_asboolean(obj);
} else {
}
obj = NULL;
- result = named_config_get(maps, "answer-cookie", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_ANSWER_COOKIE, &obj);
INSIST(result == ISC_R_SUCCESS);
server->sctx->answercookie = cfg_obj_asboolean(obj);
obj = NULL;
- result = named_config_get(maps, "cookie-algorithm", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_COOKIE_ALGORITHM, &obj);
INSIST(result == ISC_R_SUCCESS);
if (strcasecmp(cfg_obj_asstring(obj), "siphash24") == 0) {
server->sctx->cookiealg = ns_cookiealg_siphash24;
}
obj = NULL;
- result = named_config_get(maps, "cookie-secret", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_COOKIE_SECRET, &obj);
if (result == ISC_R_SUCCESS) {
const char *str;
bool first = true;
}
static const cfg_obj_t *
-find_maplist(const cfg_obj_t *config, const char *listname, const char *name) {
+find_maplist(const cfg_obj_t *config, enum cfg_clause listname,
+ const char *name) {
isc_result_t result;
const cfg_obj_t *maplist = NULL;
do_tls = true;
- tlsmap = find_maplist(config, "tls", tlsname);
+ tlsmap = find_maplist(config, CFG_CLAUSE_TLS, tlsname);
if (tlsmap == NULL) {
cfg_obj_log(tlsobj, ISC_LOG_ERROR,
"tls '%s' is not defined",
return ISC_R_FAILURE;
}
- http_server = find_maplist(config, "http", httpname);
+ http_server = find_maplist(config, CFG_CLAUSE_HTTP, httpname);
if (http_server == NULL && strcasecmp(httpname, "default") != 0)
{
cfg_obj_log(httpobj, ISC_LOG_ERROR,
port = named_g_httpsport;
} else {
RETERR(named_config_getport(
- config, "https-port", &port));
+ config, CFG_CLAUSE_HTTPS_PORT, &port));
}
} else if (http && !do_tls) {
if (named_g_httpport != 0) {
port = named_g_httpport;
} else {
- RETERR(named_config_getport(config, "http-port",
+ RETERR(named_config_getport(config, CFG_CLAUSE_HTTP_PORT,
&port));
}
} else if (do_tls) {
if (named_g_tlsport != 0) {
port = named_g_tlsport;
} else {
- RETERR(named_config_getport(config, "tls-port",
+ RETERR(named_config_getport(config, CFG_CLAUSE_TLS_PORT,
&port));
}
} else {
if (named_g_port != 0) {
port = named_g_port;
} else {
- RETERR(named_config_getport(config, "port",
+ RETERR(named_config_getport(config, CFG_CLAUSE_PORT,
&port));
}
}
list);
dns_transport_set_tlsname(transport, dohid);
- parse_transport_option(doh, transport, "key-file",
+ parse_transport_option(doh, transport, CFG_CLAUSE_KEY_FILE,
dns_transport_set_keyfile);
- parse_transport_option(doh, transport, "cert-file",
+ parse_transport_option(doh, transport, CFG_CLAUSE_CERT_FILE,
dns_transport_set_certfile);
- parse_transport_tls_versions(doh, transport, "protocols",
+ parse_transport_tls_versions(doh, transport,
+ CFG_CLAUSE_PROTOCOLS,
dns_transport_set_tls_versions);
- parse_transport_option(doh, transport, "ciphers",
+ parse_transport_option(doh, transport, CFG_CLAUSE_CIPHERS,
dns_transport_set_ciphers);
- parse_transport_option(doh, transport, "cipher-suites",
+ parse_transport_option(doh, transport, CFG_CLAUSE_CIPHER_SUITES,
dns_transport_set_cipher_suites);
parse_transport_bool_option(
- doh, transport, "prefer-server-ciphers",
+ doh, transport, CFG_CLAUSE_PREFER_SERVER_CIPHERS,
dns_transport_set_prefer_server_ciphers);
- parse_transport_option(doh, transport, "ca-file",
+ parse_transport_option(doh, transport, CFG_CLAUSE_CA_FILE,
dns_transport_set_cafile);
- parse_transport_option(doh, transport, "remote-hostname",
+ parse_transport_option(doh, transport,
+ CFG_CLAUSE_REMOTE_HOSTNAME,
dns_transport_set_remote_hostname);
}
transport = dns_transport_new(tlsname, DNS_TRANSPORT_TLS, list);
dns_transport_set_tlsname(transport, tlsid);
- parse_transport_option(tls, transport, "key-file",
+ parse_transport_option(tls, transport, CFG_CLAUSE_KEY_FILE,
dns_transport_set_keyfile);
- parse_transport_option(tls, transport, "cert-file",
+ parse_transport_option(tls, transport, CFG_CLAUSE_CERT_FILE,
dns_transport_set_certfile);
- parse_transport_tls_versions(tls, transport, "protocols",
+ parse_transport_tls_versions(tls, transport,
+ CFG_CLAUSE_PROTOCOLS,
dns_transport_set_tls_versions);
- parse_transport_option(tls, transport, "ciphers",
+ parse_transport_option(tls, transport, CFG_CLAUSE_CIPHERS,
dns_transport_set_ciphers);
- parse_transport_option(tls, transport, "cipher-suites",
+ parse_transport_option(tls, transport, CFG_CLAUSE_CIPHER_SUITES,
dns_transport_set_cipher_suites);
parse_transport_bool_option(
- tls, transport, "prefer-server-ciphers",
+ tls, transport, CFG_CLAUSE_PREFER_SERVER_CIPHERS,
dns_transport_set_prefer_server_ciphers);
- parse_transport_option(tls, transport, "ca-file",
+ parse_transport_option(tls, transport, CFG_CLAUSE_CA_FILE,
dns_transport_set_cafile);
- parse_transport_option(tls, transport, "remote-hostname",
+ parse_transport_option(tls, transport,
+ CFG_CLAUSE_REMOTE_HOSTNAME,
dns_transport_set_remote_hostname);
}
const cfg_obj_t *aclobj = NULL;
int i = 0;
dns_acl_t **aclp = NULL, *acl = NULL;
- const char *aclname;
+ enum cfg_clause aclname;
dns_view_t *view = NULL;
view = dns_zone_getview(zone);
if (view != NULL) {
aclp = &view->notifyacl;
}
- aclname = "allow-notify";
+ aclname = CFG_CLAUSE_ALLOW_NOTIFY;
break;
case allow_query:
if (view != NULL) {
aclp = &view->queryacl;
}
- aclname = "allow-query";
+ aclname = CFG_CLAUSE_ALLOW_QUERY;
break;
case allow_query_on:
if (view != NULL) {
aclp = &view->queryonacl;
}
- aclname = "allow-query-on";
+ aclname = CFG_CLAUSE_ALLOW_QUERY_ON;
break;
case allow_transfer:
if (view != NULL) {
aclp = &view->transferacl;
}
- aclname = "allow-transfer";
+ aclname = CFG_CLAUSE_ALLOW_TRANSFER;
break;
case allow_update:
if (view != NULL) {
aclp = &view->updateacl;
}
- aclname = "allow-update";
+ aclname = CFG_CLAUSE_ALLOW_UPDATE;
break;
case allow_update_forwarding:
if (view != NULL) {
aclp = &view->upfwdacl;
}
- aclname = "allow-update-forwarding";
+ aclname = CFG_CLAUSE_ALLOW_UPDATE_FORWARDING;
break;
default:
UNREACHABLE();
isc_buffer_init(&dbuf, debug, sizeof(debug));
isc_buffer_setmctx(&dbuf, mctx);
- (void)named_config_findopt(zconfig, tconfig, "update-policy",
+ (void)named_config_findopt(zconfig, tconfig, CFG_CLAUSE_UPDATE_POLICY,
&updatepolicy);
if (updatepolicy == NULL) {
dns_zone_setssutable(zone, NULL);
/* Prepare zone RRs from the configuration */
obj = NULL;
- (void)named_config_findopt(zconfig, tconfig, "server-addresses", &obj);
+ (void)named_config_findopt(zconfig, tconfig, CFG_CLAUSE_SERVER_ADDRESSES, &obj);
if (obj != NULL) {
CHECK(configure_staticstub_serveraddrs(obj, zone, &rdatalist_ns,
&rdatalist_a,
}
obj = NULL;
- (void)named_config_findopt(zconfig, tconfig, "server-names", &obj);
+ (void)named_config_findopt(zconfig, tconfig, CFG_CLAUSE_SERVER_NAMES, &obj);
if (obj != NULL) {
CHECK(configure_staticstub_servernames(obj, zone, &rdatalist_ns,
zname));
zonetype_fromconfig(const cfg_obj_t *zmap, const cfg_obj_t *tmap) {
const cfg_obj_t *obj = NULL;
- (void)named_config_findopt(zmap, tmap, "type", &obj);
+ (void)named_config_findopt(zmap, tmap, CFG_CLAUSE_TYPE, &obj);
INSIST(obj != NULL);
return named_config_getzonetype(obj);
}
* Only log a message if "notify" was set in the configuration
* hierarchy supplied in 'maps'.
*/
- if (named_config_get(maps, "notify", &obj) == ISC_R_SUCCESS) {
+ if (named_config_get(maps, CFG_CLAUSE_NOTIFY, &obj) == ISC_R_SUCCESS) {
cfg_obj_log(obj, ISC_LOG_INFO,
"'notify explicit;' will be used for mirror zone "
"'%s'",
}
obj = NULL;
- result = named_config_get(maps, "notify-delay", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_NOTIFY_DELAY, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setnotifydelay(zone, type, cfg_obj_asuint32(obj));
obj = NULL;
- result = named_config_get(maps, "notify-defer", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_NOTIFY_DEFER, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setnotifydefer(zone, type, cfg_obj_asuint32(obj));
obj = NULL;
- result = named_config_get(maps, "notify-source", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_NOTIFY_SOURCE, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setnotifysrc4(zone, type, cfg_obj_assockaddr(obj));
obj = NULL;
- result = named_config_get(maps, "notify-source-v6", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_NOTIFY_SOURCE_V6, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setnotifysrc6(zone, type, cfg_obj_assockaddr(obj));
}
isc_result_t result;
const cfg_obj_t *obj = NULL;
- result = named_config_get(maps, "notify-cfg", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_NOTIFY_CFG, &obj);
if (result == ISC_R_SUCCESS && obj != NULL) {
CFG_LIST_FOREACH(obj, element) {
const cfg_obj_t *nmaps[MAPS_SIZE + 1];
}
obj = NULL;
- result = named_config_get(nooptions, "database", &obj);
+ result = named_config_get(nooptions, CFG_CLAUSE_DATABASE, &obj);
if (result == ISC_R_SUCCESS) {
cpval = isc_mem_strdup(mctx, cfg_obj_asstring(obj));
}
obj = NULL;
- result = named_config_get(nooptions, "dlz", &obj);
+ result = named_config_get(nooptions, CFG_CLAUSE_DLZ, &obj);
if (result == ISC_R_SUCCESS) {
const char *dlzname = cfg_obj_asstring(obj);
size_t len = strlen(dlzname) + 5;
}
obj = NULL;
- result = named_config_get(nooptions, "file", &obj);
+ result = named_config_get(nooptions, CFG_CLAUSE_FILE, &obj);
if (result == ISC_R_SUCCESS) {
filename = cfg_obj_asstring(obj);
}
obj = NULL;
- result = named_config_get(nooptions, "initial-file", &obj);
+ result = named_config_get(nooptions, CFG_CLAUSE_INITIAL_FILE, &obj);
if (result == ISC_R_SUCCESS) {
initial_file = cfg_obj_asstring(obj);
}
masterformat = dns_masterformat_text;
}
obj = NULL;
- result = named_config_get(maps, "masterfile-format", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MASTERFILE_FORMAT, &obj);
if (result == ISC_R_SUCCESS) {
const char *masterformatstr = cfg_obj_asstring(obj);
}
obj = NULL;
- result = named_config_get(maps, "masterfile-style", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MASTERFILE_STYLE, &obj);
if (result == ISC_R_SUCCESS) {
const char *masterstylestr = cfg_obj_asstring(obj);
if (strcasecmp(masterstylestr, "full") == 0) {
}
obj = NULL;
- result = named_config_get(maps, "max-records", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MAX_RECORDS, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setmaxrecords(mayberaw, cfg_obj_asuint32(obj));
if (zone != mayberaw) {
}
obj = NULL;
- result = named_config_get(maps, "max-records-per-type", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MAX_RECORDS_PER_TYPE, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setmaxrrperset(mayberaw, cfg_obj_asuint32(obj));
if (zone != mayberaw) {
}
obj = NULL;
- result = named_config_get(maps, "max-types-per-name", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MAX_TYPES_PER_NAME, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setmaxtypepername(mayberaw, cfg_obj_asuint32(obj));
if (zone != mayberaw) {
}
obj = NULL;
- result = named_config_get(nooptions, "journal", &obj);
+ result = named_config_get(nooptions, CFG_CLAUSE_JOURNAL, &obj);
if (result == ISC_R_SUCCESS) {
dns_zone_setjournal(mayberaw, cfg_obj_asstring(obj));
}
dns_zone_clearqueryonacl));
obj = NULL;
- result = named_config_get(maps, "zone-statistics", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_ZONE_STATISTICS, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
if (cfg_obj_isboolean(obj)) {
if (cfg_obj_asboolean(obj)) {
dns_kasp_detach(&kasp);
obj = NULL;
- result = named_config_get(maps, "dnssec-policy", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_DNSSEC_POLICY, &obj);
if (result == ISC_R_SUCCESS) {
kaspname = cfg_obj_asstring(obj);
if (strcmp(kaspname, "none") != 0) {
}
obj = NULL;
- result = named_config_get(maps, "provide-zoneversion", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_PROVIDE_ZONEVERSION, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setoption(zone, DNS_ZONEOPT_ZONEVERSION,
cfg_obj_asboolean(obj));
obj = NULL;
- result = named_config_get(maps, "notify", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_NOTIFY, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
if (cfg_obj_isboolean(obj)) {
if (cfg_obj_asboolean(obj)) {
dns_zone_setnotifytype(zone, dns_rdatatype_soa, notifytype);
obj = NULL;
- result = named_config_get(maps, "also-notify", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_ALSO_NOTIFY, &obj);
if (result == ISC_R_SUCCESS &&
(notifytype == dns_notifytype_yes ||
notifytype == dns_notifytype_explicit ||
}
obj = NULL;
- result = named_config_get(maps, "parental-source", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_PARENTAL_SOURCE, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setparentalsrc4(zone, cfg_obj_assockaddr(obj));
obj = NULL;
- result = named_config_get(maps, "parental-source-v6", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_PARENTAL_SOURCE_V6, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setparentalsrc6(zone, cfg_obj_assockaddr(obj));
obj = NULL;
- result = named_config_get(maps, "notify-to-soa", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_NOTIFY_TO_SOA, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setoption(zone, DNS_ZONEOPT_NOTIFYTOSOA,
cfg_obj_asboolean(obj));
dns_zone_setxfracl, dns_zone_clearxfracl));
obj = NULL;
- result = named_config_get(maps, "max-transfer-time-out", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MAX_TRANSFER_TIME_OUT, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setmaxxfrout(
zone, transferinsecs ? cfg_obj_asuint32(obj)
: cfg_obj_asuint32(obj) * 60);
obj = NULL;
- result = named_config_get(maps, "max-transfer-idle-out", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MAX_TRANSFER_IDLE_OUT, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setidleout(zone, transferinsecs
? cfg_obj_asuint32(obj)
: cfg_obj_asuint32(obj) * 60);
obj = NULL;
- result = named_config_get(maps, "max-journal-size", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MAX_JOURNAL_SIZE, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
if (raw != NULL) {
dns_zone_setjournalsize(raw, -1);
dns_zone_setjournalsize(zone, journal_size);
obj = NULL;
- result = named_config_get(maps, "ixfr-from-differences", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_IXFR_FROM_DIFFERENCES, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
if (cfg_obj_isboolean(obj)) {
ixfrdiff = cfg_obj_asboolean(obj);
}
obj = NULL;
- result = named_config_get(maps, "max-ixfr-ratio", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MAX_IXFR_RATIO, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
if (cfg_obj_isstring(obj)) {
dns_zone_setixfrratio(zone, 0);
}
obj = NULL;
- result = named_config_get(maps, "request-expire", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_REQUEST_EXPIRE, &obj);
INSIST(result == ISC_R_SUCCESS);
dns_zone_setrequestexpire(zone, cfg_obj_asboolean(obj));
obj = NULL;
- result = named_config_get(maps, "request-ixfr", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_REQUEST_IXFR, &obj);
INSIST(result == ISC_R_SUCCESS);
dns_zone_setrequestixfr(zone, cfg_obj_asboolean(obj));
obj = NULL;
- result = named_config_get(maps, "request-ixfr-max-diffs", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_REQUEST_IXFR_MAX_DIFFS, &obj);
INSIST(result == ISC_R_SUCCESS);
dns_zone_setrequestixfrmaxdiffs(zone, cfg_obj_asuint32(obj));
}
obj = NULL;
- result = named_config_get(maps, "check-sibling", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_CHECK_SIBLING, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setoption(zone, DNS_ZONEOPT_CHECKSIBLING,
cfg_obj_asboolean(obj));
obj = NULL;
- result = named_config_get(maps, "check-spf", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_CHECK_SPF, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
check = true;
dns_zone_setoption(zone, DNS_ZONEOPT_CHECKSPF, check);
obj = NULL;
- result = named_config_get(maps, "check-svcb", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_CHECK_SVCB, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setoption(zone, DNS_ZONEOPT_CHECKSVCB,
cfg_obj_asboolean(obj));
obj = NULL;
- result = named_config_get(maps, "zero-no-soa-ttl", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_ZERO_NO_SOA_TTL, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setzeronosoattl(zone, cfg_obj_asboolean(obj));
obj = NULL;
- result = named_config_get(maps, "nsec3-test-zone", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_NSEC3_TEST_ZONE, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setoption(zone, DNS_ZONEOPT_NSEC3TESTZONE,
cfg_obj_asboolean(obj));
obj = NULL;
- result = named_config_get(nooptions, "log-report-channel",
+ result = named_config_get(nooptions, CFG_CLAUSE_LOG_REPORT_CHANNEL,
&obj);
if (result == ISC_R_SUCCESS) {
logreports = cfg_obj_asboolean(obj);
logreports);
}
obj = NULL;
- result = named_config_get(maps, "send-report-channel", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_SEND_REPORT_CHANNEL, &obj);
if (result == ISC_R_SUCCESS && obj != NULL) {
dns_fixedname_t fixed;
dns_name_t *rad = dns_fixedname_initname(&fixed);
dns_notifytype_no);
obj = NULL;
- result = named_config_get(maps, "max-journal-size", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MAX_JOURNAL_SIZE, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setjournalsize(zone, -1);
if (cfg_obj_isstring(obj)) {
maxttl = dns_kasp_zonemaxttl(dns_zone_getkasp(zone), false);
} else {
obj = NULL;
- result = named_config_get(maps, "max-zone-ttl", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MAX_ZONE_TTL, &obj);
if (result == ISC_R_SUCCESS) {
if (cfg_obj_isduration(obj)) {
maxttl = cfg_obj_asduration(obj);
}
obj = NULL;
- result = named_config_get(maps, "key-directory", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_KEY_DIRECTORY, &obj);
if (result == ISC_R_SUCCESS) {
filename = cfg_obj_asstring(obj);
dns_zone_setkeydirectory(zone, filename);
}
obj = NULL;
- result = named_config_get(maps, "sig-signing-signatures", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_SIG_SIGNING_SIGNATURES, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setsignatures(zone, cfg_obj_asuint32(obj));
obj = NULL;
- result = named_config_get(maps, "sig-signing-nodes", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_SIG_SIGNING_NODES, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setnodes(zone, cfg_obj_asuint32(obj));
obj = NULL;
- result = named_config_get(maps, "sig-signing-type", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_SIG_SIGNING_TYPE, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setprivatetype(zone, cfg_obj_asuint32(obj));
obj = NULL;
- result = named_config_get(maps, "dnssec-loadkeys-interval",
+ result = named_config_get(maps, CFG_CLAUSE_DNSSEC_LOADKEYS_INTERVAL,
&obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
CHECK(dns_zone_setrefreshkeyinterval(zone,
*/
if (ztype == dns_zone_primary || ztype == dns_zone_secondary) {
const cfg_obj_t *parentals = NULL;
- (void)named_config_get(nooptions, "parental-agents",
+ (void)named_config_get(nooptions, CFG_CLAUSE_PARENTAL_AGENTS,
&parentals);
if (parentals != NULL) {
dns_ipkeylist_t ipkl;
}
obj = NULL;
- result = named_config_get(maps, "checkds", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_CHECKDS, &obj);
if (result == ISC_R_SUCCESS) {
if (cfg_obj_isboolean(obj)) {
if (cfg_obj_asboolean(obj)) {
*/
if (ztype == dns_zone_primary) {
obj = NULL;
- result = named_config_get(maps, "check-wildcard", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_CHECK_WILDCARD, &obj);
if (result == ISC_R_SUCCESS) {
check = cfg_obj_asboolean(obj);
} else {
dns_zone_setoption(mayberaw, DNS_ZONEOPT_CHECKWILDCARD, check);
obj = NULL;
- result = named_config_get(maps, "check-dup-records", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_CHECK_DUP_RECORDS, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dupcheck = cfg_obj_asstring(obj);
if (strcasecmp(dupcheck, "warn") == 0) {
dns_zone_setoption(mayberaw, DNS_ZONEOPT_CHECKDUPRRFAIL, fail);
obj = NULL;
- result = named_config_get(maps, "check-mx", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_CHECK_MX, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
fail = false;
dns_zone_setoption(mayberaw, DNS_ZONEOPT_CHECKMXFAIL, fail);
obj = NULL;
- result = named_config_get(maps, "check-integrity", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_CHECK_INTEGRITY, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setoption(mayberaw, DNS_ZONEOPT_CHECKINTEGRITY,
cfg_obj_asboolean(obj));
obj = NULL;
- result = named_config_get(maps, "check-mx-cname", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_CHECK_MX_CNAME, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
warn = true;
dns_zone_setoption(mayberaw, DNS_ZONEOPT_IGNOREMXCNAME, ignore);
obj = NULL;
- result = named_config_get(maps, "check-srv-cname", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_CHECK_SRV_CNAME, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
warn = true;
ignore);
obj = NULL;
- result = named_config_get(maps, "serial-update-method", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_SERIAL_UPDATE_METHOD, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
if (strcasecmp(cfg_obj_asstring(obj), "unixtime") == 0) {
dns_zone_setserialupdatemethod(
* are explicitly enabled by zone configuration.
*/
obj = NULL;
- (void)named_config_get(nooptions, "allow-transfer", &obj);
+ (void)named_config_get(nooptions, CFG_CLAUSE_ALLOW_TRANSFER, &obj);
if (obj == NULL) {
dns_acl_t *none;
CHECK(dns_acl_none(mctx, &none));
case dns_zone_redirect:
count = 0;
obj = NULL;
- (void)named_config_get(nooptions, "primaries", &obj);
+ (void)named_config_get(nooptions, CFG_CLAUSE_PRIMARIES, &obj);
if (obj == NULL) {
- (void)named_config_get(nooptions, "masters", &obj);
+ (void)named_config_get(nooptions, CFG_CLAUSE_MASTERS, &obj);
}
/*
dns_name_equal(dns_zone_getorigin(zone), dns_rootname))
{
result = named_config_getremotesdef(
- config, "remote-servers",
+ config, CFG_CLAUSE_REMOTE_SERVERS,
DEFAULT_IANA_ROOT_ZONE_PRIMARIES, &obj);
CHECK(result);
}
multi = false;
if (count > 1) {
obj = NULL;
- result = named_config_get(maps, "multi-master", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MULTI_MASTER, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
multi = cfg_obj_asboolean(obj);
}
dns_zone_setoption(mayberaw, DNS_ZONEOPT_MULTIMASTER, multi);
obj = NULL;
- result = named_config_get(maps, "min-transfer-rate-in", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MIN_TRANSFER_RATE_IN, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
uint32_t traffic_bytes =
cfg_obj_asuint32(cfg_tuple_get(obj, "traffic_bytes"));
: time_minutes * 60);
obj = NULL;
- result = named_config_get(maps, "max-transfer-time-in", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MAX_TRANSFER_TIME_IN, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setmaxxfrin(
mayberaw, transferinsecs ? cfg_obj_asuint32(obj)
: cfg_obj_asuint32(obj) * 60);
obj = NULL;
- result = named_config_get(maps, "max-transfer-idle-in", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MAX_TRANSFER_IDLE_IN, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setidlein(mayberaw,
transferinsecs ? cfg_obj_asuint32(obj)
: cfg_obj_asuint32(obj) * 60);
obj = NULL;
- result = named_config_get(maps, "max-refresh-time", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MAX_REFRESH_TIME, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setmaxrefreshtime(mayberaw, cfg_obj_asuint32(obj));
obj = NULL;
- result = named_config_get(maps, "min-refresh-time", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MIN_REFRESH_TIME, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setminrefreshtime(mayberaw, cfg_obj_asuint32(obj));
obj = NULL;
- result = named_config_get(maps, "max-retry-time", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MAX_RETRY_TIME, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setmaxretrytime(mayberaw, cfg_obj_asuint32(obj));
obj = NULL;
- result = named_config_get(maps, "min-retry-time", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_MIN_RETRY_TIME, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setminretrytime(mayberaw, cfg_obj_asuint32(obj));
obj = NULL;
- result = named_config_get(maps, "transfer-source", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_TRANSFER_SOURCE, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setxfrsource4(mayberaw, cfg_obj_assockaddr(obj));
obj = NULL;
- result = named_config_get(maps, "transfer-source-v6", &obj);
+ result = named_config_get(maps, CFG_CLAUSE_TRANSFER_SOURCE_V6, &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setxfrsource6(mayberaw, cfg_obj_assockaddr(obj));
obj = NULL;
- (void)named_config_get(maps, "try-tcp-refresh", &obj);
+ (void)named_config_get(maps, CFG_CLAUSE_TRY_TCP_REFRESH, &obj);
dns_zone_setoption(mayberaw, DNS_ZONEOPT_TRYTCPREFRESH,
cfg_obj_asboolean(obj));
break;
}
obj = NULL;
- (void)named_config_findopt(zoptions, toptions, "file", &obj);
+ (void)named_config_findopt(zoptions, toptions, CFG_CLAUSE_FILE, &obj);
if (obj != NULL) {
cfilename = cfg_obj_asstring(obj);
} else {
/* Check the value in dnssec-policy. */
policy = NULL;
- res = named_config_get(maps, "dnssec-policy", &policy);
+ res = named_config_get(maps, CFG_CLAUSE_DNSSEC_POLICY, &policy);
/* If no dnssec-policy found, then zone is not using inline-signing. */
if (res != ISC_R_SUCCESS ||
strcmp(cfg_obj_asstring(policy), "none") == 0)
* dnssec-policy. This is a zone-only option, so look in the
* zone and template blocks only.
*/
- res = named_config_get(noopts, "inline-signing", &signing);
+ res = named_config_get(noopts, CFG_CLAUSE_INLINE_SIGNING, &signing);
if (res == ISC_R_SUCCESS && cfg_obj_isboolean(signing)) {
return cfg_obj_asboolean(signing);
}
isc_mem_t *mctx);
static const cfg_obj_t *
-find_maplist(const cfg_obj_t *config, const char *listname, const char *name);
+find_maplist(const cfg_obj_t *config, enum cfg_clause listname, const char *name);
static isc_result_t
validate_remotes(const cfg_obj_t *obj, const cfg_obj_t *voptions,
}
if (strcasecmp(str, "ephemeral") != 0) {
- const cfg_obj_t *tlsmap = find_maplist(config, "tls", str);
+ const cfg_obj_t *tlsmap = find_maplist(config, CFG_CLAUSE_TLS, str);
if (tlsmap == NULL) {
cfg_obj_log(obj, ISC_LOG_ERROR,
}
static isc_result_t
-checkacl(const char *aclname, cfg_aclconfctx_t *aclctx,
+checkacl(enum cfg_clause aclname, cfg_aclconfctx_t *aclctx,
const cfg_obj_t *zconfig, const cfg_obj_t *voptions,
const cfg_obj_t *config, isc_mem_t *mctx) {
isc_result_t result = ISC_R_SUCCESS;
dns_acl_detach(&acl);
}
- if (strcasecmp(aclname, "allow-transfer") == 0 &&
+ if (aclname == CFG_CLAUSE_ALLOW_TRANSFER &&
cfg_obj_istuple(aclobj))
{
const cfg_obj_t *obj_port = cfg_tuple_get(
isc_result_t result = ISC_R_SUCCESS, tresult;
int i = 0;
- static const char *acls[] = {
- "allow-proxy", "allow-proxy-on",
- "allow-query", "allow-query-on",
- "allow-query-cache", "allow-query-cache-on",
- "blackhole", "match-clients",
- "match-destinations", NULL
+ static const enum cfg_clause acls[] = {
+ CFG_CLAUSE_ALLOW_PROXY, CFG_CLAUSE_ALLOW_PROXY_ON,
+ CFG_CLAUSE_ALLOW_QUERY, CFG_CLAUSE_ALLOW_QUERY_ON,
+ CFG_CLAUSE_ALLOW_QUERY_CACHE, CFG_CLAUSE_ALLOW_QUERY_CACHE_ON,
+ CFG_CLAUSE_BLACKHOLE, CFG_CLAUSE_MATCH_CLIENTS,
+ CFG_CLAUSE_MATCH_DESTINATIONS,
};
- while (acls[i] != NULL) {
+ while (i < (int)ARRAY_SIZE(acls)) {
tresult = checkacl(acls[i++], aclctx, NULL, voptions, config,
mctx);
if (tresult != ISC_R_SUCCESS) {
int nbytes;
int i;
- static const char *acls[] = { "clients", "exclude", "mapped", NULL };
+ static const enum cfg_clause acls[] = { CFG_CLAUSE_CLIENTS, CFG_CLAUSE_EXCLUDE, CFG_CLAUSE_MAPPED };
if (voptions != NULL) {
cfg_map_get(voptions, CFG_CLAUSE_DNS64, &dns64);
continue;
}
- for (i = 0; acls[i] != NULL; i++) {
+ for (i = 0; i < (int)ARRAY_SIZE(acls); i++) {
obj = NULL;
(void)cfg_map_get(map, acls[i], &obj);
if (obj != NULL) {
} \
} while (0)
-#define CHECK_RRL_RATE(rate, def, max_rate, name) \
+#define CHECK_RRL_RATE(rate, def, max_rate, clause, name) \
do { \
obj = NULL; \
- mresult = cfg_map_get(map, name, &obj); \
+ mresult = cfg_map_get(map, clause, &obj); \
if (mresult == ISC_R_SUCCESS) { \
rate = cfg_obj_asuint32(obj); \
CHECK_RRL(rate <= max_rate, name " %d > %d", rate, \
}
CHECK_RRL_RATE(responses_per_second, 0, DNS_RRL_MAX_RATE,
- "responses-per-second");
+ CFG_CLAUSE_RESPONSES_PER_SECOND, "responses-per-second");
CHECK_RRL_RATE(referrals_per_second, responses_per_second,
- DNS_RRL_MAX_RATE, "referrals-per-second");
+ DNS_RRL_MAX_RATE, CFG_CLAUSE_REFERRALS_PER_SECOND, "referrals-per-second");
CHECK_RRL_RATE(nodata_per_second, responses_per_second,
- DNS_RRL_MAX_RATE, "nodata-per-second");
+ DNS_RRL_MAX_RATE, CFG_CLAUSE_NODATA_PER_SECOND, "nodata-per-second");
CHECK_RRL_RATE(nxdomains_per_second, responses_per_second,
- DNS_RRL_MAX_RATE, "nxdomains-per-second");
+ DNS_RRL_MAX_RATE, CFG_CLAUSE_NXDOMAINS_PER_SECOND, "nxdomains-per-second");
CHECK_RRL_RATE(errors_per_second, responses_per_second,
- DNS_RRL_MAX_RATE, "errors-per-second");
+ DNS_RRL_MAX_RATE, CFG_CLAUSE_ERRORS_PER_SECOND, "errors-per-second");
- CHECK_RRL_RATE(all_per_second, 0, DNS_RRL_MAX_RATE, "all-per-second");
+ CHECK_RRL_RATE(all_per_second, 0, DNS_RRL_MAX_RATE, CFG_CLAUSE_ALL_PER_SECOND, "all-per-second");
- CHECK_RRL_RATE(slip, 2, DNS_RRL_MAX_SLIP, "slip");
+ CHECK_RRL_RATE(slip, 2, DNS_RRL_MAX_SLIP, CFG_CLAUSE_SLIP, "slip");
obj = NULL;
mresult = cfg_map_get(map, CFG_CLAUSE_WINDOW, &obj);
const char *forview = " for view ";
int i = 0;
- static const char *acls[] = { "allow-recursion", "allow-recursion-on",
- NULL };
+ static const enum cfg_clause acls[] = { CFG_CLAUSE_ALLOW_RECURSION, CFG_CLAUSE_ALLOW_RECURSION_ON };
if (voptions != NULL) {
cfg_map_get(voptions, CFG_CLAUSE_RECURSION, &obj);
forview = "";
}
- for (i = 0; acls[i] != NULL; i++) {
+ for (i = 0; i < (int)ARRAY_SIZE(acls); i++) {
aclobj = options = NULL;
acl = NULL;
cfg_obj_log(aclobj, ISC_LOG_WARNING,
"both \"recursion no;\" and "
"\"%s\" active%s%s",
- acls[i], forview, viewname);
+ cfg_clause_as_string[acls[i]], forview, viewname);
}
if (acl != NULL) {
}
typedef struct {
- const char *name;
+ enum cfg_clause name;
unsigned int scale;
unsigned int max;
} intervaltable;
#ifdef HAVE_DNSTAP
typedef struct {
- const char *name;
+ enum cfg_clause name;
unsigned int min;
unsigned int max;
} fstrmtable;
}
static const cfg_obj_t *
-find_maplist(const cfg_obj_t *config, const char *listname, const char *name) {
+find_maplist(const cfg_obj_t *config, enum cfg_clause listname, const char *name) {
isc_result_t result = ISC_R_SUCCESS;
const cfg_obj_t *maplist = NULL;
do_tls = true;
- tlsmap = find_maplist(config, "tls", tlsname);
+ tlsmap = find_maplist(config, CFG_CLAUSE_TLS, tlsname);
if (tlsmap == NULL) {
cfg_obj_log(tlsobj, ISC_LOG_ERROR,
"tls '%s' is not defined",
result = ISC_R_FAILURE;
}
- http_server = find_maplist(config, "http", httpname);
+ http_server = find_maplist(config, CFG_CLAUSE_HTTP, httpname);
if (http_server == NULL && strcasecmp(httpname, "default") != 0)
{
cfg_obj_log(httpobj, ISC_LOG_ERROR,
}
static void
-check_range_uint32(const cfg_obj_t *map, isc_result_t *result, const char *name,
+check_range_uint32(const cfg_obj_t *map, isc_result_t *result, enum cfg_clause name,
uint32_t lower, uint32_t upper) {
const cfg_obj_t *obj = NULL;
(void)cfg_map_get(map, name, &obj);
uint32_t value = cfg_obj_asuint32(obj);
if (value < lower || value > upper) {
cfg_obj_log(obj, ISC_LOG_ERROR,
- "%s '%u' out of range (%u..%u)", name,
+ "%s '%u' out of range (%u..%u)", cfg_clause_as_string[name],
value, lower, upper);
if (*result == ISC_R_SUCCESS) {
*result = ISC_R_RANGE;
}
static isc_result_t
-check_port(const cfg_obj_t *options, const char *type, in_port_t *portp) {
+check_port(const cfg_obj_t *options, enum cfg_clause type, in_port_t *portp) {
const cfg_obj_t *portobj = NULL;
isc_result_t result = ISC_R_SUCCESS;
dns_keystorelist_t kslist;
const char *ccalg = "siphash24";
cfg_aclconfctx_t *aclctx = NULL;
- static const char *sources[] = {
- "query-source",
- "query-source-v6",
+ static const enum cfg_clause sources[] = {
+ CFG_CLAUSE_QUERY_SOURCE,
+ CFG_CLAUSE_QUERY_SOURCE_V6,
};
/*
* (scale * value) <= UINT32_MAX
*/
static intervaltable intervals[] = {
- { "interface-interval", 60, 28 * 24 * 60 }, /* 28 days */
- { "max-transfer-idle-in", 60, 28 * 24 * 60 }, /* 28 days */
- { "max-transfer-idle-out", 60, 28 * 24 * 60 }, /* 28 days */
- { "max-transfer-time-in", 60, 28 * 24 * 60 }, /* 28 days */
- { "max-transfer-time-out", 60, 28 * 24 * 60 }, /* 28 days */
+ { CFG_CLAUSE_INTERFACE_INTERVAL, 60, 28 * 24 * 60 }, /* 28 days */
+ { CFG_CLAUSE_MAX_TRANSFER_IDLE_IN, 60, 28 * 24 * 60 }, /* 28 days */
+ { CFG_CLAUSE_MAX_TRANSFER_IDLE_OUT, 60, 28 * 24 * 60 }, /* 28 days */
+ { CFG_CLAUSE_MAX_TRANSFER_TIME_IN, 60, 28 * 24 * 60 }, /* 28 days */
+ { CFG_CLAUSE_MAX_TRANSFER_TIME_OUT, 60, 28 * 24 * 60 }, /* 28 days */
/* minimum and maximum cache and negative cache TTLs */
- { "min-cache-ttl", 1, MAX_MIN_CACHE_TTL }, /* 90 secs */
- { "max-cache-ttl", 1, UINT32_MAX }, /* no limit */
- { "min-ncache-ttl", 1, MAX_MIN_NCACHE_TTL }, /* 90 secs */
- { "max-ncache-ttl", 1, MAX_MAX_NCACHE_TTL }, /* 7 days */
+ { CFG_CLAUSE_MIN_CACHE_TTL, 1, MAX_MIN_CACHE_TTL }, /* 90 secs */
+ { CFG_CLAUSE_MAX_CACHE_TTL, 1, UINT32_MAX }, /* no limit */
+ { CFG_CLAUSE_MIN_NCACHE_TTL, 1, MAX_MIN_NCACHE_TTL }, /* 90 secs */
+ { CFG_CLAUSE_MAX_NCACHE_TTL, 1, MAX_MAX_NCACHE_TTL }, /* 7 days */
};
- static const char *server_contact[] = { "empty-server", "empty-contact",
- "dns64-server", "dns64-contact",
- NULL };
+ static const enum cfg_clause server_contact[] = { CFG_CLAUSE_EMPTY_SERVER, CFG_CLAUSE_EMPTY_CONTACT,
+ CFG_CLAUSE_DNS64_SERVER, CFG_CLAUSE_DNS64_CONTACT };
#ifdef HAVE_DNSTAP
static fstrmtable fstrm[] = {
- { "fstrm-set-buffer-hint", FSTRM_IOTHR_BUFFER_HINT_MIN,
+ { CFG_CLAUSE_FSTRM_SET_BUFFER_HINT, FSTRM_IOTHR_BUFFER_HINT_MIN,
FSTRM_IOTHR_BUFFER_HINT_MAX },
- { "fstrm-set-flush-timeout", FSTRM_IOTHR_FLUSH_TIMEOUT_MIN,
+ { CFG_CLAUSE_FSTRM_SET_FLUSH_TIMEOUT, FSTRM_IOTHR_FLUSH_TIMEOUT_MIN,
FSTRM_IOTHR_FLUSH_TIMEOUT_MAX },
- { "fstrm-set-input-queue-size",
+ { CFG_CLAUSE_FSTRM_SET_INPUT_QUEUE_SIZE,
FSTRM_IOTHR_INPUT_QUEUE_SIZE_MIN,
FSTRM_IOTHR_INPUT_QUEUE_SIZE_MAX },
- { "fstrm-set-output-notify-threshold",
+ { CFG_CLAUSE_FSTRM_SET_OUTPUT_NOTIFY_THRESHOLD,
FSTRM_IOTHR_QUEUE_NOTIFY_THRESHOLD_MIN, 0 },
- { "fstrm-set-output-queue-size",
+ { CFG_CLAUSE_FSTRM_SET_OUTPUT_QUEUE_SIZE,
FSTRM_IOTHR_OUTPUT_QUEUE_SIZE_MIN,
FSTRM_IOTHR_OUTPUT_QUEUE_SIZE_MAX },
- { "fstrm-set-reopen-interval", FSTRM_IOTHR_REOPEN_INTERVAL_MIN,
+ { CFG_CLAUSE_FSTRM_SET_REOPEN_INTERVAL, FSTRM_IOTHR_REOPEN_INTERVAL_MIN,
FSTRM_IOTHR_REOPEN_INTERVAL_MAX }
};
#endif /* ifdef HAVE_DNSTAP */
/*
* Check port values, and record "port" for later use.
*/
- tresult = check_port(options, "port", &dnsport);
+ tresult = check_port(options, CFG_CLAUSE_PORT, &dnsport);
if (tresult != ISC_R_SUCCESS) {
result = tresult;
}
- tresult = check_port(options, "tls-port", NULL);
+ tresult = check_port(options, CFG_CLAUSE_TLS_PORT, NULL);
if (tresult != ISC_R_SUCCESS) {
result = tresult;
}
- tresult = check_port(options, "http-port", NULL);
+ tresult = check_port(options, CFG_CLAUSE_HTTP_PORT, NULL);
if (tresult != ISC_R_SUCCESS) {
result = tresult;
}
- tresult = check_port(options, "https-port", NULL);
+ tresult = check_port(options, CFG_CLAUSE_HTTPS_PORT, NULL);
if (tresult != ISC_R_SUCCESS) {
result = tresult;
}
if (val > intervals[i].max) {
cfg_obj_log(obj, ISC_LOG_ERROR,
"%s '%u' is out of range (0..%u)",
- intervals[i].name, val, intervals[i].max);
+ cfg_clause_as_string[intervals[i].name], val, intervals[i].max);
result = ISC_R_RANGE;
} else if (val > (UINT32_MAX / intervals[i].scale)) {
cfg_obj_log(obj, ISC_LOG_ERROR,
"%s '%d' is out of range",
- intervals[i].name, val);
+ cfg_clause_as_string[intervals[i].name], val);
result = ISC_R_RANGE;
}
}
/*
* Check server/contacts for syntactic validity.
*/
- for (i = 0; server_contact[i] != NULL; i++) {
+ for (i = 0; i < ARRAY_SIZE(server_contact); i++) {
obj = NULL;
(void)cfg_map_get(options, server_contact[i], &obj);
if (obj != NULL) {
if (check_name(str) != ISC_R_SUCCESS) {
cfg_obj_log(obj, ISC_LOG_ERROR,
"%s: invalid name '%s'",
- server_contact[i], str);
+ cfg_clause_as_string[server_contact[i]], str);
if (result == ISC_R_SUCCESS) {
result = ISC_R_FAILURE;
}
if (fstrm[i].max != 0U) {
cfg_obj_log(obj, ISC_LOG_ERROR,
"%s '%u' out of range (%u..%u)",
- fstrm[i].name, value, fstrm[i].min,
+ cfg_clause_as_string[fstrm[i].name], value, fstrm[i].min,
fstrm[i].max);
} else {
cfg_obj_log(obj, ISC_LOG_ERROR,
"%s out of range (%u < %u)",
- fstrm[i].name, value, fstrm[i].min);
+ cfg_clause_as_string[fstrm[i].name], value, fstrm[i].min);
}
if (result == ISC_R_SUCCESS) {
result = ISC_R_RANGE;
}
}
- if (strcmp(fstrm[i].name, "fstrm-set-input-queue-size") == 0) {
+ if (fstrm[i].name == CFG_CLAUSE_FSTRM_SET_INPUT_QUEUE_SIZE) {
int bits = 0;
do {
bits += value & 0x1;
if (bits != 1) {
cfg_obj_log(obj, ISC_LOG_ERROR,
"%s '%u' not a power-of-2",
- fstrm[i].name,
+ cfg_clause_as_string[fstrm[i].name],
cfg_obj_asuint32(obj));
if (result == ISC_R_SUCCESS) {
result = ISC_R_RANGE;
}
}
- check_range_uint32(options, &result, "max-query-restarts", 1, 255);
+ check_range_uint32(options, &result, CFG_CLAUSE_MAX_QUERY_RESTARTS, 1, 255);
obj = NULL;
(void)cfg_map_get(options, CFG_CLAUSE_PREFETCH, &obj);
}
}
- check_range_uint32(options, &result, "edns-udp-size", 512, 4096);
- check_range_uint32(options, &result, "max-udp-size", 512, 4096);
- check_range_uint32(options, &result, "nocookie-udp-size", 128,
+ check_range_uint32(options, &result, CFG_CLAUSE_EDNS_UDP_SIZE, 512, 4096);
+ check_range_uint32(options, &result, CFG_CLAUSE_MAX_UDP_SIZE, 512, 4096);
+ check_range_uint32(options, &result, CFG_CLAUSE_NOCOOKIE_UDP_SIZE, 128,
UINT32_MAX);
if (aclctx != NULL) {
* Check "remote-servers" style list.
*/
static isc_result_t
-check_remoteserverlist(const cfg_obj_t *cctx, const char *list,
+check_remoteserverlist(const cfg_obj_t *cctx, enum cfg_clause list,
isc_symtab_t *symtab, isc_mem_t *mctx) {
isc_symvalue_t symvalue;
isc_result_t result = ISC_R_SUCCESS, tresult;
cfg_obj_log(obj, ISC_LOG_ERROR,
"%s list '%s' is duplicated: "
"also defined at %s:%u",
- list, name, file, line);
+ cfg_clause_as_string[list], name, file, line);
isc_mem_free(mctx, tmp);
result = tresult;
break;
isc_symtab_create(mctx, freekey, mctx, false, &symtab);
- tresult = check_remoteserverlist(cctx, "remote-servers", symtab, mctx);
+ tresult = check_remoteserverlist(cctx, CFG_CLAUSE_REMOTE_SERVERS, symtab, mctx);
if (tresult != ISC_R_SUCCESS) {
result = tresult;
}
/* parental-agents, primaries, masters are treated as synonyms */
- tresult = check_remoteserverlist(cctx, "parental-agents", symtab, mctx);
+ tresult = check_remoteserverlist(cctx, CFG_CLAUSE_PARENTAL_AGENTS, symtab, mctx);
if (tresult != ISC_R_SUCCESS) {
result = tresult;
}
- tresult = check_remoteserverlist(cctx, "primaries", symtab, mctx);
+ tresult = check_remoteserverlist(cctx, CFG_CLAUSE_PRIMARIES, symtab, mctx);
if (tresult != ISC_R_SUCCESS) {
result = tresult;
}
- tresult = check_remoteserverlist(cctx, "masters", symtab, mctx);
+ tresult = check_remoteserverlist(cctx, CFG_CLAUSE_MASTERS, symtab, mctx);
if (tresult != ISC_R_SUCCESS) {
result = tresult;
}
}
static isc_result_t
-get_remotes(const cfg_obj_t *cctx, const char *list, const char *name,
+get_remotes(const cfg_obj_t *cctx, enum cfg_clause list, const char *name,
const cfg_obj_t **ret) {
const cfg_obj_t *obj = NULL;
const cfg_obj_t **ret) {
isc_result_t result;
- result = get_remotes(cctx, "remote-servers", name, ret);
+ result = get_remotes(cctx, CFG_CLAUSE_REMOTE_SERVERS, name, ret);
if (result == ISC_R_SUCCESS) {
return result;
}
- result = get_remotes(cctx, "primaries", name, ret);
+ result = get_remotes(cctx, CFG_CLAUSE_PRIMARIES, name, ret);
if (result == ISC_R_SUCCESS) {
return result;
}
- result = get_remotes(cctx, "parental-agents", name, ret);
+ result = get_remotes(cctx, CFG_CLAUSE_PARENTAL_AGENTS, name, ret);
if (result == ISC_R_SUCCESS) {
return result;
}
- return get_remotes(cctx, "masters", name, ret);
+ return get_remotes(cctx, CFG_CLAUSE_MASTERS, name, ret);
}
static bool
if (strcasecmp(str, "ephemeral") != 0) {
const cfg_obj_t *tlsmap = NULL;
- tlsmap = find_maplist(config, "tls", str);
+ tlsmap = find_maplist(config, CFG_CLAUSE_TLS, str);
if (tlsmap == NULL) {
cfg_obj_log(tls, ISC_LOG_ERROR,
"tls '%s' is not defined",
const cfg_obj_t *obj = NULL;
unsigned int i;
- static const char *nonzero[] = { "max-retry-time", "min-retry-time",
- "max-refresh-time",
- "min-refresh-time" };
+ static const enum cfg_clause nonzero[] = { CFG_CLAUSE_MAX_RETRY_TIME, CFG_CLAUSE_MIN_RETRY_TIME,
+ CFG_CLAUSE_MAX_REFRESH_TIME,
+ CFG_CLAUSE_MIN_REFRESH_TIME };
/*
* Check if value is zero.
*/
cfg_obj_asuint32(obj) == 0)
{
cfg_obj_log(obj, ISC_LOG_ERROR, "'%s' must not be zero",
- nonzero[i]);
+ cfg_clause_as_string[nonzero[i]]);
result = ISC_R_FAILURE;
}
}
*/
static isc_result_t
get_zoneopt(const cfg_obj_t *opts1, const cfg_obj_t *opts2,
- const cfg_obj_t *opts3, const cfg_obj_t *opts4, const char *name,
+ const cfg_obj_t *opts3, const cfg_obj_t *opts4, enum cfg_clause name,
const cfg_obj_t **objp) {
isc_result_t result = ISC_R_NOTFOUND;
const cfg_clausedef_t *option = NULL;
const char *kaspname = NULL;
const char *dir = NULL;
- static const char *acls[] = {
- "allow-notify",
- "allow-transfer",
- "allow-update",
- "allow-update-forwarding",
+ static const enum cfg_clause acls[] = {
+ CFG_CLAUSE_ALLOW_NOTIFY,
+ CFG_CLAUSE_ALLOW_TRANSFER,
+ CFG_CLAUSE_ALLOW_UPDATE,
+ CFG_CLAUSE_ALLOW_UPDATE_FORWARDING,
};
znamestr = cfg_obj_asstring(cfg_tuple_get(zconfig, "name"));
ztype = CFG_ZONE_INVIEW;
} else {
obj = NULL;
- (void)get_zoneopt(zoptions, toptions, NULL, NULL, "type", &obj);
+ (void)get_zoneopt(zoptions, toptions, NULL, NULL, CFG_CLAUSE_TYPE, &obj);
if (obj == NULL) {
cfg_obj_log(zconfig, ISC_LOG_ERROR,
"zone '%s': type not present", znamestr);
*/
obj = NULL;
(void)get_zoneopt(zoptions, toptions, voptions, goptions,
- "dnssec-policy", &obj);
+ CFG_CLAUSE_DNSSEC_POLICY, &obj);
if (obj != NULL) {
kaspname = cfg_obj_asstring(obj);
if (strcmp(kaspname, "default") == 0) {
if (has_dnssecpolicy) {
obj = NULL;
(void)get_zoneopt(zoptions, toptions, voptions, goptions,
- "max-zone-ttl", &obj);
+ CFG_CLAUSE_MAX_ZONE_TTL, &obj);
if (obj != NULL) {
cfg_obj_log(obj, ISC_LOG_ERROR,
"zone '%s': option 'max-zone-ttl' "
cfg_obj_log(obj, ISC_LOG_WARNING,
"option '%s' is not allowed "
"in '%s' zone '%s'%s%s%s",
- option->name, typestr, znamestr,
+ cfg_clause_as_string[option->name], typestr, znamestr,
topt ? " (referencing template '" : "",
topt ? tmplname : "", topt ? "')" : "");
result = ISC_R_FAILURE;
obj = NULL;
(void)get_zoneopt(zoptions, toptions, voptions, goptions,
- "notify", &obj);
+ CFG_CLAUSE_NOTIFY, &obj);
if (obj != NULL) {
if (cfg_obj_isboolean(obj)) {
donotify = cfg_obj_asboolean(obj);
}
obj = NULL;
- (void)get_zoneopt(zoptions, toptions, NULL, NULL, "also-notify",
+ (void)get_zoneopt(zoptions, toptions, NULL, NULL, CFG_CLAUSE_ALSO_NOTIFY,
&obj);
if (obj != NULL && !donotify) {
cfg_obj_log(zoptions, ISC_LOG_WARNING,
}
if (obj == NULL) {
(void)get_zoneopt(voptions, goptions, NULL, NULL,
- "also-notify", &obj);
+ CFG_CLAUSE_ALSO_NOTIFY, &obj);
}
if (obj != NULL && donotify) {
uint32_t count;
obj = NULL;
(void)get_zoneopt(zoptions, toptions, voptions, goptions,
- "notify-cfg", &obj);
+ CFG_CLAUSE_NOTIFY_CFG, &obj);
if (obj != NULL) {
CFG_LIST_FOREACH(obj, element) {
const cfg_obj_t *map =
!dns_name_equal(zname, dns_rootname)))
{
obj = NULL;
- (void)get_zoneopt(zoptions, toptions, NULL, NULL, "primaries",
+ (void)get_zoneopt(zoptions, toptions, NULL, NULL, CFG_CLAUSE_PRIMARIES,
&obj);
if (obj == NULL) {
/* If "primaries" was unset, check for "masters" */
(void)get_zoneopt(zoptions, toptions, NULL, NULL,
- "masters", &obj);
+ CFG_CLAUSE_MASTERS, &obj);
} else {
const cfg_obj_t *obj2 = NULL;
/* ...bug if it was set, "masters" must not be. */
(void)get_zoneopt(zoptions, toptions, NULL, NULL,
- "masters", &obj2);
+ CFG_CLAUSE_MASTERS, &obj2);
if (obj2 != NULL) {
cfg_obj_log(obj, ISC_LOG_ERROR,
"'primaries' and 'masters' cannot "
if (ztype == CFG_ZONE_PRIMARY || ztype == CFG_ZONE_SECONDARY) {
obj = NULL;
(void)get_zoneopt(zoptions, toptions, NULL, NULL,
- "parental-agents", &obj);
+ CFG_CLAUSE_PARENTAL_AGENTS, &obj);
if (obj != NULL) {
uint32_t count;
tresult = validate_remotes(obj, voptions, config,
const cfg_obj_t *au = NULL, *up = NULL;
(void)get_zoneopt(zoptions, toptions, NULL, NULL,
- "allow-update", &au);
+ CFG_CLAUSE_ALLOW_UPDATE, &au);
(void)get_zoneopt(zoptions, toptions, NULL, NULL,
- "update-policy", &up);
+ CFG_CLAUSE_UPDATE_POLICY, &up);
if (au != NULL && up != NULL) {
cfg_obj_log(au, ISC_LOG_ERROR,
*/
if (au == NULL) {
(void)get_zoneopt(voptions, goptions, NULL, NULL,
- "allow-update", &au);
+ CFG_CLAUSE_ALLOW_UPDATE, &au);
}
if (up != NULL) {
obj = NULL;
(void)get_zoneopt(zoptions, toptions, NULL, NULL,
- "inline-signing", &obj);
+ CFG_CLAUSE_INLINE_SIGNING, &obj);
if (obj != NULL) {
inline_signing = signing = cfg_obj_asboolean(obj);
} else if (has_dnssecpolicy) {
obj = NULL;
(void)get_zoneopt(zoptions, toptions, NULL, NULL,
- "sig-signing-type", &obj);
+ CFG_CLAUSE_SIG_SIGNING_TYPE, &obj);
if (obj != NULL) {
uint32_t type = cfg_obj_asuint32(obj);
if (type < 0xff00U || type > 0xffffU) {
obj = NULL;
(void)get_zoneopt(zoptions, toptions, NULL, NULL,
- "dnssec-loadkeys-interval", &obj);
+ CFG_CLAUSE_DNSSEC_LOADKEYS_INTERVAL, &obj);
if (obj != NULL && ztype == CFG_ZONE_SECONDARY && !signing) {
cfg_obj_log(obj, ISC_LOG_ERROR,
"dnssec-loadkeys-interval: requires "
*/
obj = NULL;
if (root) {
- (void)get_zoneopt(voptions, goptions, NULL, NULL, "forwarders",
+ (void)get_zoneopt(voptions, goptions, NULL, NULL, CFG_CLAUSE_FORWARDERS,
&obj);
}
if (check_forward(config, zoptions, obj) != ISC_R_SUCCESS) {
*/
if (ztype == CFG_ZONE_FORWARD && (rfc1918 || ula)) {
obj = NULL;
- (void)get_zoneopt(zoptions, toptions, NULL, NULL, "forward",
+ (void)get_zoneopt(zoptions, toptions, NULL, NULL, CFG_CLAUSE_FORWARD,
&obj);
if (obj == NULL) {
/*
* at the zone or template level.
*/
(void)get_zoneopt(voptions, goptions, NULL, NULL,
- "forward", &obj);
+ CFG_CLAUSE_FORWARD, &obj);
if (obj == NULL ||
strcasecmp(cfg_obj_asstring(obj), "first") == 0)
{
* Check validity of static stub server addresses.
*/
obj = NULL;
- (void)get_zoneopt(zoptions, toptions, NULL, NULL, "server-addresses",
+ (void)get_zoneopt(zoptions, toptions, NULL, NULL, CFG_CLAUSE_SERVER_ADDRESSES,
&obj);
if (ztype == CFG_ZONE_STATICSTUB && obj != NULL) {
CFG_LIST_FOREACH(obj, element) {
* Check validity of static stub server names.
*/
obj = NULL;
- (void)get_zoneopt(zoptions, toptions, NULL, NULL, "server-names", &obj);
+ (void)get_zoneopt(zoptions, toptions, NULL, NULL, CFG_CLAUSE_SERVER_NAMES, &obj);
if (zname != NULL && ztype == CFG_ZONE_STATICSTUB && obj != NULL) {
CFG_LIST_FOREACH(obj, element) {
const char *snamestr = NULL;
}
obj = NULL;
- (void)get_zoneopt(zoptions, toptions, NULL, NULL, "send-report-channel",
+ (void)get_zoneopt(zoptions, toptions, NULL, NULL, CFG_CLAUSE_SEND_REPORT_CHANNEL,
&obj);
if (obj != NULL) {
const char *str = cfg_obj_asstring(obj);
*/
obj = NULL;
(void)get_zoneopt(zoptions, toptions, voptions, goptions,
- "key-directory", &obj);
+ CFG_CLAUSE_KEY_DIRECTORY, &obj);
if (obj != NULL) {
dir = cfg_obj_asstring(obj);
if (ztype == CFG_ZONE_PRIMARY || ztype == CFG_ZONE_SECONDARY) {
obj = NULL;
(void)get_zoneopt(zoptions, toptions, NULL, NULL,
- "log-report-channel", &obj);
+ CFG_CLAUSE_LOG_REPORT_CHANNEL, &obj);
if (obj != NULL && cfg_obj_asboolean(obj) &&
dns_name_equal(zname, dns_rootname))
{
*/
obj = NULL;
dlz = false;
- (void)get_zoneopt(zoptions, toptions, NULL, NULL, "dlz", &obj);
+ (void)get_zoneopt(zoptions, toptions, NULL, NULL, CFG_CLAUSE_DLZ, &obj);
if (obj != NULL) {
dlz = true;
}
obj = NULL;
- (void)get_zoneopt(zoptions, toptions, NULL, NULL, "database", &obj);
+ (void)get_zoneopt(zoptions, toptions, NULL, NULL, CFG_CLAUSE_DATABASE, &obj);
if (dlz && obj != NULL) {
cfg_obj_log(zconfig, ISC_LOG_ERROR,
"zone '%s': cannot specify both 'dlz' "
strcmp(ZONEDB_DEFAULT, cfg_obj_asstring(obj)) == 0))
{
const cfg_obj_t *fileobj = NULL;
- (void)get_zoneopt(zoptions, toptions, NULL, NULL, "file",
+ (void)get_zoneopt(zoptions, toptions, NULL, NULL, CFG_CLAUSE_FILE,
&fileobj);
if (fileobj == NULL &&
(ztype == CFG_ZONE_PRIMARY || ztype == CFG_ZONE_HINT ||
*/
obj = NULL;
tresult = get_zoneopt(zoptions, toptions, voptions, goptions,
- "masterfile-format", &obj);
+ CFG_CLAUSE_MASTERFILE_FORMAT, &obj);
if (tresult == ISC_R_SUCCESS &&
strcasecmp(cfg_obj_asstring(obj), "raw") == 0)
{
obj = NULL;
tresult = get_zoneopt(zoptions, toptions, voptions, goptions,
- "masterfile-style", &obj);
+ CFG_CLAUSE_MASTERFILE_STYLE, &obj);
if (tresult == ISC_R_SUCCESS) {
cfg_obj_log(obj, ISC_LOG_ERROR,
"zone '%s': 'masterfile-style' "
obj = NULL;
(void)get_zoneopt(zoptions, toptions, voptions, goptions,
- "max-journal-size", &obj);
+ CFG_CLAUSE_MAX_JOURNAL_SIZE, &obj);
if (obj != NULL && cfg_obj_isuint64(obj)) {
uint64_t value = cfg_obj_asuint64(obj);
if (value > DNS_JOURNAL_SIZE_MAX) {
obj = NULL;
(void)get_zoneopt(zoptions, toptions, voptions, goptions,
- "min-transfer-rate-in", &obj);
+ CFG_CLAUSE_MIN_TRANSFER_RATE_IN, &obj);
if (obj != NULL) {
uint32_t traffic_bytes =
cfg_obj_asuint32(cfg_tuple_get(obj, "traffic_bytes"));
* iff the zone is using the same policy, or has no policy.
*/
(void)cfg_map_get(cfg_tuple_get(exist, "options"),
- "dnssec-policy", &kasp);
+ CFG_CLAUSE_DNSSEC_POLICY, &kasp);
if (kasp == NULL ||
strcmp(cfg_obj_asstring(kasp), "none") == 0 ||
strcmp(cfg_obj_asstring(kasp), kaspnamestr) == 0)
}
static struct {
- const char *v4;
- const char *v6;
-} sources[] = { { "transfer-source", "transfer-source-v6" },
- { "notify-source", "notify-source-v6" },
- { "parental-source", "parental-source-v6" },
- { "query-source", "query-source-v6" },
- { NULL, NULL } };
+ enum cfg_clause v4;
+ enum cfg_clause v6;
+} sources[] = { { CFG_CLAUSE_TRANSFER_SOURCE, CFG_CLAUSE_TRANSFER_SOURCE_V6 },
+ { CFG_CLAUSE_NOTIFY_SOURCE, CFG_CLAUSE_NOTIFY_SOURCE_V6 },
+ { CFG_CLAUSE_PARENTAL_SOURCE, CFG_CLAUSE_PARENTAL_SOURCE_V6 },
+ { CFG_CLAUSE_QUERY_SOURCE, CFG_CLAUSE_QUERY_SOURCE_V6 },
+ { CFG_CLAUSE__NONE, CFG_CLAUSE__NONE } };
static struct {
- const char *name;
+ enum cfg_clause name;
isc_result_t (*set)(dns_peer_t *peer, bool newval);
} bools[] = {
- { "bogus", dns_peer_setbogus },
- { "edns", dns_peer_setsupportedns },
- { "provide-ixfr", dns_peer_setprovideixfr },
- { "request-expire", dns_peer_setrequestexpire },
- { "request-ixfr", dns_peer_setrequestixfr },
- { "request-nsid", dns_peer_setrequestnsid },
- { "request-zoneversion", dns_peer_setrequestzoneversion },
- { "send-cookie", dns_peer_setsendcookie },
- { "tcp-keepalive", dns_peer_settcpkeepalive },
- { "tcp-only", dns_peer_setforcetcp },
+ { CFG_CLAUSE_BOGUS, dns_peer_setbogus },
+ { CFG_CLAUSE_EDNS, dns_peer_setsupportedns },
+ { CFG_CLAUSE_PROVIDE_IXFR, dns_peer_setprovideixfr },
+ { CFG_CLAUSE_REQUEST_EXPIRE, dns_peer_setrequestexpire },
+ { CFG_CLAUSE_REQUEST_IXFR, dns_peer_setrequestixfr },
+ { CFG_CLAUSE_REQUEST_NSID, dns_peer_setrequestnsid },
+ { CFG_CLAUSE_REQUEST_ZONEVERSION, dns_peer_setrequestzoneversion },
+ { CFG_CLAUSE_SEND_COOKIE, dns_peer_setsendcookie },
+ { CFG_CLAUSE_TCP_KEEPALIVE, dns_peer_settcpkeepalive },
+ { CFG_CLAUSE_TCP_ONLY, dns_peer_setforcetcp },
};
static struct {
- const char *name;
+ enum cfg_clause name;
isc_result_t (*set)(dns_peer_t *peer, uint32_t newval);
} uint32s[] = {
- { "request-ixfr-max-diffs", dns_peer_setrequestixfrmaxdiffs },
+ { CFG_CLAUSE_REQUEST_IXFR_MAX_DIFFS, dns_peer_setrequestixfrmaxdiffs },
};
static isc_result_t
const cfg_obj_t *keys = NULL;
char buf[ISC_NETADDR_FORMATSIZE];
char namebuf[DNS_NAME_FORMATSIZE];
- const char *xfr = NULL;
+ enum cfg_clause xfr = CFG_CLAUSE__NONE;
const char *keyval = NULL;
isc_buffer_t b;
int source;
isc_netaddr_format(&n1, buf, sizeof(buf));
cfg_obj_log(v1, ISC_LOG_ERROR,
"server '%s/%u': %s not legal", buf,
- p1, xfr);
+ p1, cfg_clause_as_string[xfr]);
result = ISC_R_FAILURE;
}
"specify the "
"DNS listener port "
"(%d)",
- xfr, port);
+ cfg_clause_as_string[xfr], port);
result = ISC_R_FAILURE;
}
} else {
"'none' is not a legal "
"'%s' parameter in a "
"server block",
- xfr);
+ cfg_clause_as_string[xfr]);
result = ISC_R_FAILURE;
}
}
- } while (sources[++source].v4 != NULL);
+ } while (sources[++source].v4 != CFG_CLAUSE__NONE);
const cfg_listelt_t *e2 = e1;
while ((e2 = cfg_list_next(e2)) != NULL) {
cfg_obj_log(opt, ISC_LOG_ERROR,
"setting server option "
"'%s' failed: %s",
- bools[i].name,
+ cfg_clause_as_string[bools[i].name],
isc_result_totext(tresult));
result = ISC_R_FAILURE;
}
cfg_obj_log(opt, ISC_LOG_ERROR,
"setting server option "
"'%s' failed: %s",
- uint32s[i].name,
+ cfg_clause_as_string[uint32s[i].name],
isc_result_totext(tresult));
result = ISC_R_FAILURE;
}
}
dns_peer_detach(&peer);
- check_range_uint32(v1, &result, "edns-udp-size", 512, 4096);
- check_range_uint32(v1, &result, "max-udp-size", 512, 4096);
- check_range_uint32(v1, &result, "edns-version", 0, 255);
- check_range_uint32(v1, &result, "padding", 0, 512);
+ check_range_uint32(v1, &result, CFG_CLAUSE_EDNS_UDP_SIZE, 512, 4096);
+ check_range_uint32(v1, &result, CFG_CLAUSE_MAX_UDP_SIZE, 512, 4096);
+ check_range_uint32(v1, &result, CFG_CLAUSE_EDNS_VERSION, 0, 255);
+ check_range_uint32(v1, &result, CFG_CLAUSE_PADDING, 0, 512);
}
return result;
}
#include <dst/dst.h>
+#include <isccfg/clause.h>
#include <isccfg/cfg.h>
#include <isccfg/duration.h>
#include <isccfg/kaspconf.h>
* Utility function for getting a configuration option.
*/
static isc_result_t
-confget(cfg_obj_t const *const *maps, const char *name, const cfg_obj_t **obj) {
+confget(cfg_obj_t const *const *maps, enum cfg_clause name,
+ const cfg_obj_t **obj) {
for (size_t i = 0;; i++) {
if (maps[i] == NULL) {
return ISC_R_NOTFOUND;
* Utility function for configuring durations.
*/
static uint32_t
-get_duration(const cfg_obj_t **maps, const char *option, const char *dfl) {
+get_duration(const cfg_obj_t **maps, enum cfg_clause option, const char *dfl) {
const cfg_obj_t *obj;
isc_result_t result;
obj = NULL;
* Utility function for configuring strings.
*/
static const char *
-get_string(const cfg_obj_t **maps, const char *option) {
+get_string(const cfg_obj_t **maps, enum cfg_clause option) {
const cfg_obj_t *obj;
isc_result_t result;
obj = NULL;
maps[i] = NULL;
/* Configuration: Signatures */
- sigjitter = get_duration(maps, "signatures-jitter",
+ sigjitter = get_duration(maps, CFG_CLAUSE_SIGNATURES_JITTER,
DNS_KASP_SIG_JITTER);
dns_kasp_setsigjitter(kasp, sigjitter);
- sigrefresh = get_duration(maps, "signatures-refresh",
+ sigrefresh = get_duration(maps, CFG_CLAUSE_SIGNATURES_REFRESH,
DNS_KASP_SIG_REFRESH);
dns_kasp_setsigrefresh(kasp, sigrefresh);
- sigvalidity = get_duration(maps, "signatures-validity-dnskey",
+ sigvalidity = get_duration(maps, CFG_CLAUSE_SIGNATURES_VALIDITY_DNSKEY,
DNS_KASP_SIG_VALIDITY_DNSKEY);
if (sigrefresh >= (sigvalidity * 0.9)) {
if (log_errors) {
result = ISC_R_FAILURE;
}
- sigvalidity = get_duration(maps, "signatures-validity",
+ sigvalidity = get_duration(maps, CFG_CLAUSE_SIGNATURES_VALIDITY,
DNS_KASP_SIG_VALIDITY);
if (sigrefresh >= (sigvalidity * 0.9)) {
if (log_errors) {
}
/* Configuration: Zone settings */
- (void)confget(maps, "inline-signing", &inlinesigning);
+ (void)confget(maps, CFG_CLAUSE_INLINE_SIGNING, &inlinesigning);
if (inlinesigning != NULL && cfg_obj_isboolean(inlinesigning)) {
dns_kasp_setinlinesigning(kasp,
cfg_obj_asboolean(inlinesigning));
}
obj = NULL;
- (void)confget(maps, "manual-mode", &obj);
+ (void)confget(maps, CFG_CLAUSE_MANUAL_MODE, &obj);
if (obj != NULL) {
manual_mode = cfg_obj_asboolean(obj);
}
dns_kasp_setmanualmode(kasp, manual_mode);
- maxttl = get_duration(maps, "max-zone-ttl", DNS_KASP_ZONE_MAXTTL);
+ maxttl = get_duration(maps, CFG_CLAUSE_MAX_ZONE_TTL, DNS_KASP_ZONE_MAXTTL);
dns_kasp_setzonemaxttl(kasp, maxttl);
- zonepropdelay = get_duration(maps, "zone-propagation-delay",
+ zonepropdelay = get_duration(maps, CFG_CLAUSE_ZONE_PROPAGATION_DELAY,
DNS_KASP_ZONE_PROPDELAY);
dns_kasp_setzonepropagationdelay(kasp, zonepropdelay);
/* Configuration: Parent settings */
- dsttl = get_duration(maps, "parent-ds-ttl", DNS_KASP_DS_TTL);
+ dsttl = get_duration(maps, CFG_CLAUSE_PARENT_DS_TTL, DNS_KASP_DS_TTL);
dns_kasp_setdsttl(kasp, dsttl);
- parentpropdelay = get_duration(maps, "parent-propagation-delay",
+ parentpropdelay = get_duration(maps, CFG_CLAUSE_PARENT_PROPAGATION_DELAY,
DNS_KASP_PARENT_PROPDELAY);
dns_kasp_setparentpropagationdelay(kasp, parentpropdelay);
/* Configuration: Keys */
obj = NULL;
- (void)confget(maps, "offline-ksk", &obj);
+ (void)confget(maps, CFG_CLAUSE_OFFLINE_KSK, &obj);
if (obj != NULL) {
offline_ksk = cfg_obj_asboolean(obj);
}
dns_kasp_setofflineksk(kasp, offline_ksk);
obj = NULL;
- (void)confget(maps, "cdnskey", &obj);
+ (void)confget(maps, CFG_CLAUSE_CDNSKEY, &obj);
if (obj != NULL) {
dns_kasp_setcdnskey(kasp, cfg_obj_asboolean(obj));
} else {
dns_kasp_setcdnskey(kasp, true);
}
- (void)confget(maps, "cds-digest-types", &cds);
+ (void)confget(maps, CFG_CLAUSE_CDS_DIGEST_TYPES, &cds);
if (cds != NULL) {
CFG_LIST_FOREACH(cds, element) {
CHECK(add_digest(kasp, cfg_listelt_value(element),
dns_kasp_adddigest(kasp, DNS_DSDIGEST_SHA256);
}
- dnskeyttl = get_duration(maps, "dnskey-ttl", DNS_KASP_KEY_TTL);
+ dnskeyttl = get_duration(maps, CFG_CLAUSE_DNSKEY_TTL, DNS_KASP_KEY_TTL);
dns_kasp_setdnskeyttl(kasp, dnskeyttl);
- publishsafety = get_duration(maps, "publish-safety",
+ publishsafety = get_duration(maps, CFG_CLAUSE_PUBLISH_SAFETY,
DNS_KASP_PUBLISH_SAFETY);
dns_kasp_setpublishsafety(kasp, publishsafety);
- retiresafety = get_duration(maps, "retire-safety",
+ retiresafety = get_duration(maps, CFG_CLAUSE_RETIRE_SAFETY,
DNS_KASP_RETIRE_SAFETY);
dns_kasp_setretiresafety(kasp, retiresafety);
dns_kasp_setpurgekeys(
- kasp, get_duration(maps, "purge-keys", DNS_KASP_PURGE_KEYS));
+ kasp, get_duration(maps, CFG_CLAUSE_PURGE_KEYS, DNS_KASP_PURGE_KEYS));
ipub = dnskeyttl + publishsafety + zonepropdelay;
iret = dsttl + retiresafety + parentpropdelay;
zonepropdelay;
zsk_min_lifetime = ISC_MAX(ipub, iret);
- (void)confget(maps, "keys", &keys);
+ (void)confget(maps, CFG_CLAUSE_KEYS, &keys);
if (keys != NULL) {
char role[DST_MAX_ALGS] = { 0 };
bool warn[DST_MAX_ALGS][2] = { { false } };
}
/* Configuration: NSEC3 */
- (void)confget(maps, "nsec3param", &nsec3);
+ (void)confget(maps, CFG_CLAUSE_NSEC3PARAM, &nsec3);
if (nsec3 == NULL) {
if (default_kasp != NULL && dns_kasp_nsec3(default_kasp)) {
dns_kasp_setnsec3param(
maps[i++] = koptions;
maps[i] = NULL;
dns_keystore_setdirectory(keystore,
- get_string(maps, "directory"));
+ get_string(maps, CFG_CLAUSE_DIRECTORY));
dns_keystore_setpkcs11uri(keystore,
- get_string(maps, "pkcs11-uri"));
+ get_string(maps, CFG_CLAUSE_PKCS11_URI));
}
/* Append it to the list for future lookups. */
}
if ((clause->flags & zonetype) == 0 ||
- strcasecmp(clause->name, "type") == 0)
+ clause->name == CFG_CLAUSE_TYPE)
{
continue;
}
cfg_print_indent(&pctx);
- cfg_print_cstr(&pctx, clause->name);
+ cfg_print_cstr(&pctx, cfg_clause_as_string[clause->name]);
cfg_print_cstr(&pctx, " ");
cfg_doc_obj(&pctx, clause->type);
cfg_print_cstr(&pctx, ";");
#include <isc/types.h>
#include <isc/util.h>
+#include <isccfg/clause.h>
#include <isccfg/cfg.h>
#include <isccfg/grammar.h>
#include <isccfg/namedconf.h>
}
static void
-test__querysource(const char *clause_name, const char *name,
+test__querysource(enum cfg_clause clause_name, enum cfg_clause name,
const char *expected) {
const cfg_clausedef_t *options_clause = NULL;
options_clause = cfg_map_findclause(&cfg_type_namedconf, clause_name);
}
ISC_RUN_TEST_IMPL(query_source) {
- test__querysource("options", "query-source",
+ test__querysource(CFG_CLAUSE_OPTIONS, CFG_CLAUSE_QUERY_SOURCE,
"[ address ] ( <ipv4_address> | * | none )");
}
ISC_RUN_TEST_IMPL(query_source_v6) {
- test__querysource("options", "query-source-v6",
+ test__querysource(CFG_CLAUSE_OPTIONS, CFG_CLAUSE_QUERY_SOURCE_V6,
"[ address ] ( <ipv6_address> | * | none )");
}
ISC_RUN_TEST_IMPL(server_query_source) {
- test__querysource("server", "query-source",
+ test__querysource(CFG_CLAUSE_SERVER, CFG_CLAUSE_QUERY_SOURCE,
"[ address ] ( <ipv4_address> | * )");
}
ISC_RUN_TEST_IMPL(server_query_source_v6) {
- test__querysource("server", "query-source-v6",
+ test__querysource(CFG_CLAUSE_SERVER, CFG_CLAUSE_QUERY_SOURCE_V6,
"[ address ] ( <ipv6_address> | * )");
}
projects / thirdparty / bind9.git / commitdiff
