isc_log_write(named_g_lctx, NAMED_LOGCATEGORY_GENERAL,
NAMED_LOGMODULE_CONTROL, ISC_LOG_NOTICE,
"stopping command channel on %s", socktext);
-#if 0
- /* XXX: no unix domain socket support */
- if (listener->type == isc_socktype_unix) {
- isc_socket_cleanunix(&listener->address, true);
- }
-#endif
+
listener->exiting = true;
}
isc_result_t result;
int match;
- /* ACL doesn't apply to unix domain sockets */
- if (listener->type != isc_socktype_tcp) {
- return (true);
- }
-
isc_netaddr_fromsockaddr(&netaddr, sockaddr);
result = dns_acl_match(&netaddr, NULL, listener->acl, env, &match,
socktext, isc_result_totext(result));
}
-#if 0
- /* XXX: no unix socket support yet */
- if (result == ISC_R_SUCCESS && type == isc_socktype_unix) {
- uint32_t perm, owner, group;
- perm = cfg_obj_asuint32(cfg_tuple_get(control, "perm"));
- owner = cfg_obj_asuint32(cfg_tuple_get(control, "owner"));
- group = cfg_obj_asuint32(cfg_tuple_get(control, "group"));
- result = ISC_R_SUCCESS;
- if (listener->perm != perm || listener->owner != owner ||
- listener->group != group)
- {
- result = isc_socket_permunix(&listener->address, perm,
- owner, group);
- }
- if (result == ISC_R_SUCCESS) {
- listener->perm = perm;
- listener->owner = owner;
- listener->group = group;
- } else if (control != NULL) {
- cfg_obj_log(control, named_g_lctx, ISC_LOG_WARNING,
- "couldn't update ownership/permission for "
- "command channel %s",
- socktext);
- }
- }
-#endif
-
*listenerp = listener;
}
pf = isc_sockaddr_pf(&listener->address);
if ((pf == AF_INET && isc_net_probeipv4() != ISC_R_SUCCESS) ||
- (pf == AF_UNIX && isc_net_probeunix() != ISC_R_SUCCESS) ||
(pf == AF_INET6 && isc_net_probeipv6() != ISC_R_SUCCESS))
{
CHECK(ISC_R_FAMILYNOSUPPORT);
}
-#if 0
- /* XXX: no unix socket support yet */
- if (type == isc_socktype_unix) {
- isc_socket_cleanunix(&listener->address, false);
- }
-#endif
-
CHECK(isc_nm_listentcp(named_g_netmgr, ISC_NM_LISTEN_ONE,
&listener->address, control_newconn, listener, 5,
NULL, &listener->sock));
-#if 0
- /* XXX: no unix socket support yet */
- if (type == isc_socktype_unix) {
- listener->perm =
- cfg_obj_asuint32(cfg_tuple_get(control, "perm"));
- listener->owner =
- cfg_obj_asuint32(cfg_tuple_get(control, "owner"));
- listener->group =
- cfg_obj_asuint32(cfg_tuple_get(control, "group"));
- result = isc_socket_permunix(&listener->address, listener->perm,
- listener->owner, listener->group);
- }
-#endif
isc_log_write(named_g_lctx, NAMED_LOGCATEGORY_GENERAL,
NAMED_LOGMODULE_CONTROL, ISC_LOG_NOTICE,
{
const cfg_obj_t *controls = NULL;
const cfg_obj_t *inetcontrols = NULL;
+ const cfg_obj_t *unixcontrols = NULL;
controls = cfg_listelt_value(element);
+
+ (void)cfg_map_get(controls, "unix", &unixcontrols);
+ if (unixcontrols != NULL) {
+ cfg_obj_log(controls, named_g_lctx,
+ ISC_LOG_ERROR,
+ "UNIX domain sockets are not "
+ "supported");
+ return (ISC_R_FAILURE);
+ }
+
(void)cfg_map_get(controls, "inet", &inetcontrols);
if (inetcontrols == NULL) {
continue;
/*
* The parser handles BIND 8 configuration file
- * syntax, so it allows unix phrases as well
- * inet phrases with no keys{} clause.
+ * syntax, so it allows inet phrases with no
+ * keys{} clause.
*/
control = cfg_listelt_value(element2);
}
}
}
- for (element = cfg_list_first(controlslist); element != NULL;
- element = cfg_list_next(element))
- {
- const cfg_obj_t *controls = NULL;
- const cfg_obj_t *unixcontrols = NULL;
-
- controls = cfg_listelt_value(element);
- (void)cfg_map_get(controls, "unix", &unixcontrols);
- if (unixcontrols == NULL) {
- continue;
- }
-
- cfg_obj_log(controls, named_g_lctx, ISC_LOG_ERROR,
- "UNIX domain sockets not yet supported");
- return (ISC_R_FAILURE);
-
-#if 0
- /* XXX: no unix domain socket support in netmgr */
- for (element2 = cfg_list_first(unixcontrols);
- element2 != NULL;
- element2 = cfg_list_next(element2))
- {
- const cfg_obj_t *control = NULL;
- const cfg_obj_t *path = NULL;
- isc_sockaddr_t addr;
- isc_result_t result;
-
- /*
- * The parser handles BIND 8 configuration file
- * syntax, so it allows unix phrases as well
- * inet phrases with no keys{} clause.
- */
- control = cfg_listelt_value(element2);
-
- path = cfg_tuple_get(control, "path");
- result = isc_sockaddr_frompath(
- &addr, cfg_obj_asstring(path));
- if (result != ISC_R_SUCCESS) {
- isc_log_write(
- named_g_lctx,
- NAMED_LOGCATEGORY_GENERAL,
- NAMED_LOGMODULE_CONTROL,
- ISC_LOG_DEBUG(9),
- "control channel '%s': %s",
- cfg_obj_asstring(path),
- isc_result_totext(result));
- continue;
- }
-
- isc_log_write(named_g_lctx,
- NAMED_LOGCATEGORY_GENERAL,
- NAMED_LOGMODULE_CONTROL,
- ISC_LOG_DEBUG(9),
- "processing control channel '%s'",
- cfg_obj_asstring(path));
-
- update_listener(cp, &listener, control, config,
- &addr, aclconfctx,
- cfg_obj_asstring(path),
- isc_socktype_unix);
-
- if (listener != NULL) {
- /*
- * Remove the listener from the old
- * list, so it won't be shut down.
- */
- ISC_LIST_UNLINK(cp->listeners, listener,
- link);
- } else {
- /*
- * This is a new listener.
- */
- add_listener(cp, &listener, control,
- config, &addr, aclconfctx,
- cfg_obj_asstring(path),
- isc_socktype_unix);
- }
-
- if (listener != NULL) {
- ISC_LIST_APPEND(new_listeners, listener,
- link);
- }
- }
-#endif
- }
} else {
int i;
SET_SOCKSTATDESC(udp6open, "UDP/IPv6 sockets opened", "UDP6Open");
SET_SOCKSTATDESC(tcp4open, "TCP/IPv4 sockets opened", "TCP4Open");
SET_SOCKSTATDESC(tcp6open, "TCP/IPv6 sockets opened", "TCP6Open");
- SET_SOCKSTATDESC(unixopen, "Unix domain sockets opened", "UnixOpen");
SET_SOCKSTATDESC(rawopen, "Raw sockets opened", "RawOpen");
SET_SOCKSTATDESC(udp4openfail, "UDP/IPv4 socket open failures",
"UDP4OpenFail");
"TCP4OpenFail");
SET_SOCKSTATDESC(tcp6openfail, "TCP/IPv6 socket open failures",
"TCP6OpenFail");
- SET_SOCKSTATDESC(unixopenfail, "Unix domain socket open failures",
- "UnixOpenFail");
SET_SOCKSTATDESC(rawopenfail, "Raw socket open failures",
"RawOpenFail");
SET_SOCKSTATDESC(udp4close, "UDP/IPv4 sockets closed", "UDP4Close");
SET_SOCKSTATDESC(udp6close, "UDP/IPv6 sockets closed", "UDP6Close");
SET_SOCKSTATDESC(tcp4close, "TCP/IPv4 sockets closed", "TCP4Close");
SET_SOCKSTATDESC(tcp6close, "TCP/IPv6 sockets closed", "TCP6Close");
- SET_SOCKSTATDESC(unixclose, "Unix domain sockets closed", "UnixClose");
SET_SOCKSTATDESC(fdwatchclose, "FDwatch sockets closed",
"FDWatchClose");
SET_SOCKSTATDESC(rawclose, "Raw sockets closed", "RawClose");
"TCP4BindFail");
SET_SOCKSTATDESC(tcp6bindfail, "TCP/IPv6 socket bind failures",
"TCP6BindFail");
- SET_SOCKSTATDESC(unixbindfail, "Unix domain socket bind failures",
- "UnixBindFail");
SET_SOCKSTATDESC(fdwatchbindfail, "FDwatch socket bind failures",
"FdwatchBindFail");
SET_SOCKSTATDESC(udp4connectfail, "UDP/IPv4 socket connect failures",
"TCP4ConnFail");
SET_SOCKSTATDESC(tcp6connectfail, "TCP/IPv6 socket connect failures",
"TCP6ConnFail");
- SET_SOCKSTATDESC(unixconnectfail, "Unix domain socket connect failures",
- "UnixConnFail");
SET_SOCKSTATDESC(fdwatchconnectfail, "FDwatch socket connect failures",
"FDwatchConnFail");
SET_SOCKSTATDESC(udp4connect, "UDP/IPv4 connections established",
"TCP4Conn");
SET_SOCKSTATDESC(tcp6connect, "TCP/IPv6 connections established",
"TCP6Conn");
- SET_SOCKSTATDESC(unixconnect, "Unix domain connections established",
- "UnixConn");
SET_SOCKSTATDESC(fdwatchconnect,
"FDwatch domain connections established",
"FDwatchConn");
"TCP4AcceptFail");
SET_SOCKSTATDESC(tcp6acceptfail, "TCP/IPv6 connection accept failures",
"TCP6AcceptFail");
- SET_SOCKSTATDESC(unixacceptfail,
- "Unix domain connection accept failures",
- "UnixAcceptFail");
SET_SOCKSTATDESC(tcp4accept, "TCP/IPv4 connections accepted",
"TCP4Accept");
SET_SOCKSTATDESC(tcp6accept, "TCP/IPv6 connections accepted",
"TCP6Accept");
- SET_SOCKSTATDESC(unixaccept, "Unix domain connections accepted",
- "UnixAccept");
SET_SOCKSTATDESC(udp4sendfail, "UDP/IPv4 send errors", "UDP4SendErr");
SET_SOCKSTATDESC(udp6sendfail, "UDP/IPv6 send errors", "UDP6SendErr");
SET_SOCKSTATDESC(tcp4sendfail, "TCP/IPv4 send errors", "TCP4SendErr");
SET_SOCKSTATDESC(tcp6sendfail, "TCP/IPv6 send errors", "TCP6SendErr");
- SET_SOCKSTATDESC(unixsendfail, "Unix domain send errors",
- "UnixSendErr");
SET_SOCKSTATDESC(fdwatchsendfail, "FDwatch send errors",
"FDwatchSendErr");
SET_SOCKSTATDESC(udp4recvfail, "UDP/IPv4 recv errors", "UDP4RecvErr");
SET_SOCKSTATDESC(udp6recvfail, "UDP/IPv6 recv errors", "UDP6RecvErr");
SET_SOCKSTATDESC(tcp4recvfail, "TCP/IPv4 recv errors", "TCP4RecvErr");
SET_SOCKSTATDESC(tcp6recvfail, "TCP/IPv6 recv errors", "TCP6RecvErr");
- SET_SOCKSTATDESC(unixrecvfail, "Unix domain recv errors",
- "UnixRecvErr");
SET_SOCKSTATDESC(fdwatchrecvfail, "FDwatch recv errors",
"FDwatchRecvErr");
SET_SOCKSTATDESC(rawrecvfail, "Raw recv errors", "RawRecvErr");
SET_SOCKSTATDESC(udp6active, "UDP/IPv6 sockets active", "UDP6Active");
SET_SOCKSTATDESC(tcp4active, "TCP/IPv4 sockets active", "TCP4Active");
SET_SOCKSTATDESC(tcp6active, "TCP/IPv6 sockets active", "TCP6Active");
- SET_SOCKSTATDESC(unixactive, "Unix domain sockets active",
- "UnixActive");
SET_SOCKSTATDESC(rawactive, "Raw sockets active", "RawActive");
INSIST(i == isc_sockstatscounter_max);
REQUIRE(host != NULL);
- if (*host == '/') {
- result = isc_sockaddr_frompath(&serveraddrs[nserveraddrs],
- host);
- if (result == ISC_R_SUCCESS) {
- nserveraddrs++;
- }
- } else {
- count = SERVERADDRS - nserveraddrs;
- result = isc_getaddresses(
- host, port, &serveraddrs[nserveraddrs], count, &found);
- nserveraddrs += found;
- }
+ count = SERVERADDRS - nserveraddrs;
+ result = isc_getaddresses(host, port, &serveraddrs[nserveraddrs], count,
+ &found);
+ nserveraddrs += found;
+
if (result != ISC_R_SUCCESS) {
fatal("couldn't get address for '%s': %s", host,
isc_result_totext(result));
case AF_INET6:
local = &local6;
break;
- case AF_UNIX:
- /*
- * TODO: support UNIX domain sockets in netgmr.
- */
- fatal("UNIX domain sockets not currently supported");
default:
UNREACHABLE();
}
--- /dev/null
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * SPDX-License-Identifier: MPL-2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+controls {
+ unix "/tmp/socket" perm 0700 owner 0 group 0;
+};
and retrieve non-DNS results from a name server.
.. namedconf:statement:: unix
- :tags: server
+ :tags: obsolete
:short: Specifies a Unix domain socket as a control channel.
- A :any:`unix` control channel is a Unix domain socket listening at the
- specified path in the file system. Access to the socket is specified by
- the ``perm``, ``owner``, and ``group`` clauses. Note that on some platforms
- (SunOS and Solaris), the permissions (``perm``) are applied to the parent
- directory as the permissions on the socket itself are ignored.
-
+ This option has been removed and using it will cause a fatal error.
.. namedconf:statement:: inet
:tags: server
Socket I/O statistics counters are defined per socket type, which are
``UDP4`` (UDP/IPv4), ``UDP6`` (UDP/IPv6), ``TCP4`` (TCP/IPv4), ``TCP6``
-(TCP/IPv6), ``Unix`` (Unix Domain), and ``FDwatch`` (sockets opened
+(TCP/IPv6), and ``FDwatch`` (sockets opened
outside the socket module). In the following list, ``<TYPE>`` represents
a socket type. Not all counters are available for all socket types;
exceptions are noted in the descriptions.
void
isc_net_enableipv6(void);
-isc_result_t
-isc_net_probeunix(void);
-/*
- * Returns whether UNIX domain sockets are supported.
- */
-
isc_result_t
isc_net_getudpportrange(int af, in_port_t *low, in_port_t *high);
/*%<
void
isc_netaddr_fromin6(isc_netaddr_t *netaddr, const struct in6_addr *ina6);
-isc_result_t
-isc_netaddr_frompath(isc_netaddr_t *netaddr, const char *path);
-
void
isc_netaddr_setzone(isc_netaddr_t *netaddr, uint32_t zone);
struct sockaddr_in sin;
struct sockaddr_in6 sin6;
struct sockaddr_storage ss;
- struct sockaddr_un sunix;
} type;
unsigned int length; /* XXXRTH beginning? */
ISC_LINK(struct isc_sockaddr) link;
* Returns true if the address is in net zero.
*/
-isc_result_t
-isc_sockaddr_frompath(isc_sockaddr_t *sockaddr, const char *path);
-/*
- * Create a UNIX domain sockaddr that refers to path.
- *
- * Returns:
- * \li ISC_R_NOSPACE
- * \li ISC_R_NOTIMPLEMENTED
- * \li ISC_R_SUCCESS
- */
-
isc_result_t
isc_sockaddr_fromsockaddr(isc_sockaddr_t *isa, const struct sockaddr *sa);
* Socket statistics counters.
*/
isc_sockstatscounter_udp4open = 0,
- isc_sockstatscounter_udp6open = 1,
- isc_sockstatscounter_tcp4open = 2,
- isc_sockstatscounter_tcp6open = 3,
- isc_sockstatscounter_unixopen = 4,
-
- isc_sockstatscounter_udp4openfail = 5,
- isc_sockstatscounter_udp6openfail = 6,
- isc_sockstatscounter_tcp4openfail = 7,
- isc_sockstatscounter_tcp6openfail = 8,
- isc_sockstatscounter_unixopenfail = 9,
-
- isc_sockstatscounter_udp4close = 10,
- isc_sockstatscounter_udp6close = 11,
- isc_sockstatscounter_tcp4close = 12,
- isc_sockstatscounter_tcp6close = 13,
- isc_sockstatscounter_unixclose = 14,
- isc_sockstatscounter_fdwatchclose = 15,
-
- isc_sockstatscounter_udp4bindfail = 16,
- isc_sockstatscounter_udp6bindfail = 17,
- isc_sockstatscounter_tcp4bindfail = 18,
- isc_sockstatscounter_tcp6bindfail = 19,
- isc_sockstatscounter_unixbindfail = 20,
- isc_sockstatscounter_fdwatchbindfail = 21,
-
- isc_sockstatscounter_udp4connect = 22,
- isc_sockstatscounter_udp6connect = 23,
- isc_sockstatscounter_tcp4connect = 24,
- isc_sockstatscounter_tcp6connect = 25,
- isc_sockstatscounter_unixconnect = 26,
- isc_sockstatscounter_fdwatchconnect = 27,
-
- isc_sockstatscounter_udp4connectfail = 28,
- isc_sockstatscounter_udp6connectfail = 29,
- isc_sockstatscounter_tcp4connectfail = 30,
- isc_sockstatscounter_tcp6connectfail = 31,
- isc_sockstatscounter_unixconnectfail = 32,
- isc_sockstatscounter_fdwatchconnectfail = 33,
-
- isc_sockstatscounter_tcp4accept = 34,
- isc_sockstatscounter_tcp6accept = 35,
- isc_sockstatscounter_unixaccept = 36,
-
- isc_sockstatscounter_tcp4acceptfail = 37,
- isc_sockstatscounter_tcp6acceptfail = 38,
- isc_sockstatscounter_unixacceptfail = 39,
-
- isc_sockstatscounter_udp4sendfail = 40,
- isc_sockstatscounter_udp6sendfail = 41,
- isc_sockstatscounter_tcp4sendfail = 42,
- isc_sockstatscounter_tcp6sendfail = 43,
- isc_sockstatscounter_unixsendfail = 44,
- isc_sockstatscounter_fdwatchsendfail = 45,
-
- isc_sockstatscounter_udp4recvfail = 46,
- isc_sockstatscounter_udp6recvfail = 47,
- isc_sockstatscounter_tcp4recvfail = 48,
- isc_sockstatscounter_tcp6recvfail = 49,
- isc_sockstatscounter_unixrecvfail = 50,
- isc_sockstatscounter_fdwatchrecvfail = 51,
-
- isc_sockstatscounter_udp4active = 52,
- isc_sockstatscounter_udp6active = 53,
- isc_sockstatscounter_tcp4active = 54,
- isc_sockstatscounter_tcp6active = 55,
- isc_sockstatscounter_unixactive = 56,
-
- isc_sockstatscounter_rawopen = 57,
- isc_sockstatscounter_rawopenfail = 58,
- isc_sockstatscounter_rawclose = 59,
- isc_sockstatscounter_rawrecvfail = 60,
- isc_sockstatscounter_rawactive = 61,
-
- isc_sockstatscounter_max = 62
+ isc_sockstatscounter_udp6open,
+ isc_sockstatscounter_tcp4open,
+ isc_sockstatscounter_tcp6open,
+
+ isc_sockstatscounter_udp4openfail,
+ isc_sockstatscounter_udp6openfail,
+ isc_sockstatscounter_tcp4openfail,
+ isc_sockstatscounter_tcp6openfail,
+
+ isc_sockstatscounter_udp4close,
+ isc_sockstatscounter_udp6close,
+ isc_sockstatscounter_tcp4close,
+ isc_sockstatscounter_tcp6close,
+ isc_sockstatscounter_fdwatchclose,
+
+ isc_sockstatscounter_udp4bindfail,
+ isc_sockstatscounter_udp6bindfail,
+ isc_sockstatscounter_tcp4bindfail,
+ isc_sockstatscounter_tcp6bindfail,
+ isc_sockstatscounter_fdwatchbindfail,
+
+ isc_sockstatscounter_udp4connect,
+ isc_sockstatscounter_udp6connect,
+ isc_sockstatscounter_tcp4connect,
+ isc_sockstatscounter_tcp6connect,
+ isc_sockstatscounter_fdwatchconnect,
+
+ isc_sockstatscounter_udp4connectfail,
+ isc_sockstatscounter_udp6connectfail,
+ isc_sockstatscounter_tcp4connectfail,
+ isc_sockstatscounter_tcp6connectfail,
+ isc_sockstatscounter_fdwatchconnectfail,
+
+ isc_sockstatscounter_tcp4accept,
+ isc_sockstatscounter_tcp6accept,
+
+ isc_sockstatscounter_tcp4acceptfail,
+ isc_sockstatscounter_tcp6acceptfail,
+
+ isc_sockstatscounter_udp4sendfail,
+ isc_sockstatscounter_udp6sendfail,
+ isc_sockstatscounter_tcp4sendfail,
+ isc_sockstatscounter_tcp6sendfail,
+ isc_sockstatscounter_fdwatchsendfail,
+
+ isc_sockstatscounter_udp4recvfail,
+ isc_sockstatscounter_udp6recvfail,
+ isc_sockstatscounter_tcp4recvfail,
+ isc_sockstatscounter_tcp6recvfail,
+ isc_sockstatscounter_fdwatchrecvfail,
+
+ isc_sockstatscounter_udp4active,
+ isc_sockstatscounter_udp6active,
+ isc_sockstatscounter_tcp4active,
+ isc_sockstatscounter_tcp6active,
+
+ isc_sockstatscounter_max,
};
ISC_LANG_BEGINDECLS
static isc_result_t ipv4_result = ISC_R_NOTFOUND;
static isc_result_t ipv6_result = ISC_R_NOTFOUND;
-static isc_result_t unix_result = ISC_R_NOTFOUND;
static isc_result_t ipv6only_result = ISC_R_NOTFOUND;
static isc_result_t ipv6pktinfo_result = ISC_R_NOTFOUND;
initialize_action(void) {
ipv4_result = try_proto(PF_INET);
ipv6_result = try_proto(PF_INET6);
- unix_result = try_proto(PF_UNIX);
}
static void
return (ipv6_result);
}
-isc_result_t
-isc_net_probeunix(void) {
- initialize();
- return (unix_result);
-}
-
static void
try_ipv6only(void) {
#ifdef IPV6_V6ONLY
return (false);
}
break;
- case AF_UNIX:
- if (strcmp(a->type.un, b->type.un) != 0) {
- return (false);
- }
- break;
default:
return (false);
}
case AF_INET6:
type = &netaddr->type.in6;
break;
- case AF_UNIX:
- alen = strlen(netaddr->type.un);
- if (alen > isc_buffer_availablelength(target)) {
- return (ISC_R_NOSPACE);
- }
- isc_buffer_putmem(target,
- (const unsigned char *)(netaddr->type.un),
- alen);
- return (ISC_R_SUCCESS);
default:
return (ISC_R_FAILURE);
}
netaddr->type.in6 = *ina6;
}
-isc_result_t
-isc_netaddr_frompath(isc_netaddr_t *netaddr, const char *path) {
- if (strlen(path) > sizeof(netaddr->type.un) - 1) {
- return (ISC_R_NOSPACE);
- }
-
- memset(netaddr, 0, sizeof(*netaddr));
- netaddr->family = AF_UNIX;
- strlcpy(netaddr->type.un, path, sizeof(netaddr->type.un));
- netaddr->zone = 0;
- return (ISC_R_SUCCESS);
-}
-
void
isc_netaddr_setzone(isc_netaddr_t *netaddr, uint32_t zone) {
/* we currently only support AF_INET6. */
memmove(&t->type.in6, &s->type.sin6.sin6_addr, 16);
t->zone = s->type.sin6.sin6_scope_id;
break;
- case AF_UNIX:
- memmove(t->type.un, s->type.sunix.sun_path, sizeof(t->type.un));
- t->zone = 0;
- break;
default:
UNREACHABLE();
}
isc_sockstatscounter_tcp6active
};
-#if 0
-/* XXX: not currently used */
-static const isc_statscounter_t unixstatsindex[] = {
- isc_sockstatscounter_unixopen,
- isc_sockstatscounter_unixopenfail,
- isc_sockstatscounter_unixclose,
- isc_sockstatscounter_unixbindfail,
- isc_sockstatscounter_unixconnectfail,
- isc_sockstatscounter_unixconnect,
- isc_sockstatscounter_unixacceptfail,
- isc_sockstatscounter_unixaccept,
- isc_sockstatscounter_unixsendfail,
- isc_sockstatscounter_unixrecvfail,
- isc_sockstatscounter_unixactive
-};
-#endif /* if 0 */
-
static void
nmsocket_maybe_destroy(isc_nmsocket_t *sock FLARG);
static void
snprintf(pbuf, sizeof(pbuf), "%u",
ntohs(sockaddr->type.sin6.sin6_port));
break;
- case AF_UNIX:
- plen = strlen(sockaddr->type.sunix.sun_path);
- if (plen >= isc_buffer_availablelength(target)) {
- return (ISC_R_NOSPACE);
- }
-
- isc_buffer_putmem(
- target,
- (const unsigned char *)sockaddr->type.sunix.sun_path,
- plen);
-
- /*
- * Null terminate after used region.
- */
- isc_buffer_availableregion(target, &avail);
- INSIST(avail.length >= 1);
- avail.base[0] = '\0';
-
- return (ISC_R_SUCCESS);
default:
return (ISC_R_FAILURE);
}
return (false);
}
-isc_result_t
-isc_sockaddr_frompath(isc_sockaddr_t *sockaddr, const char *path) {
- if (strlen(path) >= sizeof(sockaddr->type.sunix.sun_path)) {
- return (ISC_R_NOSPACE);
- }
- memset(sockaddr, 0, sizeof(*sockaddr));
- sockaddr->length = sizeof(sockaddr->type.sunix);
- sockaddr->type.sunix.sun_family = AF_UNIX;
- strlcpy(sockaddr->type.sunix.sun_path, path,
- sizeof(sockaddr->type.sunix.sun_path));
- return (ISC_R_SUCCESS);
-}
-
isc_result_t
isc_sockaddr_fromsockaddr(isc_sockaddr_t *isa, const struct sockaddr *sa) {
unsigned int length = 0;
case AF_INET6:
length = sizeof(isa->type.sin6);
break;
- case AF_UNIX:
- length = sizeof(isa->type.sunix);
- break;
default:
return (ISC_R_NOTIMPLEMENTED);
}
const cfg_obj_t *unixcontrols;
const cfg_obj_t *keylist = NULL;
const char *path;
- uint32_t perm, mask;
dns_acl_t *acl = NULL;
- isc_sockaddr_t addr;
- int i;
(void)cfg_map_get(config, "controls", &controlslist);
if (controlslist == NULL) {
/*
* INET: Check allow clause.
- * UNIX: Check "perm" for sanity, check path length.
+ * UNIX: Not supported.
*/
for (element = cfg_list_first(controlslist); element != NULL;
element = cfg_list_next(element))
{
control = cfg_listelt_value(element2);
path = cfg_obj_asstring(cfg_tuple_get(control, "path"));
- tresult = isc_sockaddr_frompath(&addr, path);
- if (tresult == ISC_R_NOSPACE) {
- cfg_obj_log(control, logctx, ISC_LOG_ERROR,
- "unix control '%s': path too long",
- path);
- result = ISC_R_NOSPACE;
- }
- perm = cfg_obj_asuint32(cfg_tuple_get(control, "perm"));
- for (i = 0; i < 3; i++) {
-#ifdef NEED_SECURE_DIRECTORY
- mask = (0x1 << (i * 3)); /* SEARCH */
-#else /* ifdef NEED_SECURE_DIRECTORY */
- mask = (0x6 << (i * 3)); /* READ + WRITE */
-#endif /* ifdef NEED_SECURE_DIRECTORY */
- if ((perm & mask) == mask) {
- break;
- }
- }
- if (i == 0) {
- cfg_obj_log(control, logctx, ISC_LOG_WARNING,
- "unix control '%s' allows access "
- "to everyone",
- path);
- } else if (i == 3) {
- cfg_obj_log(control, logctx, ISC_LOG_WARNING,
- "unix control '%s' allows access "
- "to nobody",
- path);
- }
- tresult = check_controlskeys(control, keylist, logctx);
- if (tresult != ISC_R_SUCCESS) {
- result = tresult;
- }
+ cfg_obj_log(control, logctx, ISC_LOG_ERROR,
+ "unix control '%s': not supported", path);
+ result = ISC_R_FAMILYNOSUPPORT;
}
}
cfg_aclconfctx_detach(&actx);
projects / thirdparty / bind9.git / commitdiff
