diff options
Diffstat (limited to 'contrib/bind/bin/named/ns_ctl.c')
-rw-r--r-- | contrib/bind/bin/named/ns_ctl.c | 87 |
1 files changed, 79 insertions, 8 deletions
diff --git a/contrib/bind/bin/named/ns_ctl.c b/contrib/bind/bin/named/ns_ctl.c index 259093b..66cb862 100644 --- a/contrib/bind/bin/named/ns_ctl.c +++ b/contrib/bind/bin/named/ns_ctl.c @@ -1,9 +1,9 @@ #if !defined(lint) && !defined(SABER) -static const char rcsid[] = "$Id: ns_ctl.c,v 8.28 1999/10/13 16:39:04 vixie Exp $"; +static const char rcsid[] = "$Id: ns_ctl.c,v 8.34 2000/04/21 06:54:05 vixie Exp $"; #endif /* not lint */ /* - * Copyright (c) 1997-1999 by Internet Software Consortium. + * Copyright (c) 1997-2000 by Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -68,12 +68,14 @@ struct control { struct sockaddr_in in; ip_match_list allow; } v_inet; +#ifndef NO_SOCKADDR_UN struct { struct sockaddr_un un; mode_t mode; uid_t owner; gid_t group; } v_unix; +#endif } var; }; @@ -150,7 +152,7 @@ static struct ctl_verb verbs[] = { { "stop", verb_stop, "stop"}, { "exec", verb_exec, "exec"}, { "reload", verb_reload, "reload [zone] ..."}, - { "reconfig", verb_reconfig, "reconfig (just sees new/gone zones)"}, + { "reconfig", verb_reconfig, "reconfig [-noexpired] (just sees new/gone zones)"}, { "dumpdb", verb_dumpdb, "dumpdb"}, { "stats", verb_stats, "stats"}, { "trace", verb_trace, "trace [level]"}, @@ -177,7 +179,29 @@ ns_ctl_shutdown(void) { void ns_ctl_defaults(controls *list) { +#ifdef NO_SOCKADDR_UN + struct in_addr saddr; + ip_match_list iml; + ip_match_element ime; + + /* + * If the operating system does not support local domain sockets, + * connect with ndc on 127.0.0.1, port 101, and only allow + * connections from 127.0.0.1. + */ + saddr.s_addr = htonl (INADDR_LOOPBACK); + iml = new_ip_match_list(); + ime = new_ip_match_pattern(saddr, 32); + add_to_ip_match_list(iml, ime); + + ns_ctl_add(list, ns_ctl_new_inet(saddr, htons (101), iml)); +#else +#ifdef NEED_SECURE_DIRECTORY + ns_ctl_add(list, ns_ctl_new_unix(_PATH_NDCSOCK, 0700, 0, 0)); +#else ns_ctl_add(list, ns_ctl_new_unix(_PATH_NDCSOCK, 0600, 0, 0)); +#endif +#endif /*NO_SOCKADDR_UN*/ } void @@ -200,6 +224,7 @@ ns_ctl_new_inet(struct in_addr saddr, u_int sport, ip_match_list allow) { return (new); } +#ifndef NO_SOCKADDR_UN control ns_ctl_new_unix(char *path, mode_t mode, uid_t owner, gid_t group) { control new = new_control(); @@ -215,6 +240,7 @@ ns_ctl_new_unix(char *path, mode_t mode, uid_t owner, gid_t group) { new->var.v_unix.group = group; return (new); } +#endif void ns_ctl_install(controls *new) { @@ -288,6 +314,7 @@ free_control(controls *list, control this) { this->var.v_inet.allow = NULL; } break; +#ifndef NO_SOCKADDR_UN case t_unix: /* XXX Race condition. */ if (was_live && @@ -297,6 +324,7 @@ free_control(controls *list, control this) { unlink(this->var.v_unix.un.sun_path); } break; +#endif default: panic("impossible type in free_control", NULL); /* NOTREACHED */ @@ -333,6 +361,7 @@ match_control(control l, control r) { r->var.v_inet.in.sin_addr.s_addr) match = 0; break; +#ifndef NO_SOCKADDR_UN case t_unix: if (l->var.v_unix.un.sun_family != r->var.v_unix.un.sun_family || @@ -340,6 +369,7 @@ match_control(control l, control r) { r->var.v_unix.un.sun_path) != 0) match = 0; break; +#endif default: panic("impossible type in match_control", NULL); /* NOTREACHED */ @@ -370,6 +400,7 @@ propagate_changes(const control diff, control base) { diff->var.v_inet.allow = NULL; need_install++; break; +#ifndef NO_SOCKADDR_UN case t_unix: if (base->var.v_unix.mode != diff->var.v_unix.mode) { base->var.v_unix.mode = diff->var.v_unix.mode; @@ -384,6 +415,7 @@ propagate_changes(const control diff, control base) { need_install++; } break; +#endif default: panic("impossible type in ns_ctl::propagate_changes", NULL); /* NOTREACHED */ @@ -398,9 +430,11 @@ install(control ctl) { case t_inet: install_inet(ctl); break; +#ifndef NO_SOCKADDR_UN case t_unix: install_unix(ctl); break; +#endif default: panic("impossible type in ns_ctl::install", NULL); /* NOTREACHED */ @@ -416,6 +450,7 @@ install_inet(control ctl) { } } +#ifndef NO_SOCKADDR_UN /* * Unattach an old unix domain socket if it exists. */ @@ -478,6 +513,35 @@ unattach(control ctl) { static void install_unix(control ctl) { + char *path; +#ifdef NEED_SECURE_DIRECTORY + char *slash; + + path = savestr(ctl->var.v_unix.un.sun_path, 1); + + slash = strrchr(path, '/'); + if (slash != NULL) { + if (slash != path) + *slash = '\0'; + else { + freestr(path); + path = savestr("/", 1); + } + } else { + freestr(path); + path = savestr(".", 1); + } + if (mkdir(path, ctl->var.v_unix.mode) < 0) { + if (errno != EEXIST) { + ns_warning(ns_log_config, + "unix control \"%s\" mkdir failed: %s", + path, strerror(errno)); + } + } +#else + path = ctl->var.v_unix.un.sun_path; +#endif + if (ctl->sctx == NULL) { unattach(ctl); ctl->sctx = mksrvr(ctl, @@ -486,15 +550,13 @@ install_unix(control ctl) { } if (ctl->sctx != NULL) { /* XXX Race condition. */ - if (chmod(ctl->var.v_unix.un.sun_path, - ctl->var.v_unix.mode) < 0) { + if (chmod(path, ctl->var.v_unix.mode) < 0) { ns_warning(ns_log_config, "chmod(\"%s\", 0%03o): %s", ctl->var.v_unix.un.sun_path, ctl->var.v_unix.mode, strerror(errno)); } - if (chown(ctl->var.v_unix.un.sun_path, - ctl->var.v_unix.owner, + if (chown(path, ctl->var.v_unix.owner, ctl->var.v_unix.group) < 0) { ns_warning(ns_log_config, "chown(\"%s\", %d, %d): %s", ctl->var.v_unix.un.sun_path, @@ -503,7 +565,11 @@ install_unix(control ctl) { strerror(errno)); } } +#ifdef NEED_SECURE_DIRECTORY + freestr(path); +#endif } +#endif static void logger(enum ctl_severity ctlsev, const char *format, ...) { @@ -747,6 +813,8 @@ verb_reload(struct ctl_sctx *ctl, struct ctl_sess *sess, case z_slave: case z_stub: ns_stopxfrs(zp); + if (zonefile_changed_p(zp)) + zp->z_serial = 0; /* force xfer */ addxfer(zp); code = 251; msg = "Slave transfer queued."; @@ -770,7 +838,10 @@ verb_reconfig(struct ctl_sctx *ctl, struct ctl_sess *sess, const struct ctl_verb *verb, const char *rest, u_int respflags, void *respctx, void *uctx) { - ns_need(main_need_reconfig); + if (strcmp(rest, "-noexpired") != 0) + ns_need(main_need_reconfig); + else + ns_need(main_need_noexpired); ctl_response(sess, 250, "Reconfig initiated.", 0, NULL, NULL, NULL, NULL, 0); } |