diff options
Diffstat (limited to 'contrib/bind9/bin/named/interfacemgr.c')
| -rw-r--r-- | contrib/bind9/bin/named/interfacemgr.c | 53 |
1 files changed, 24 insertions, 29 deletions
diff --git a/contrib/bind9/bin/named/interfacemgr.c b/contrib/bind9/bin/named/interfacemgr.c index 08d33d9..46eb96e 100644 --- a/contrib/bind9/bin/named/interfacemgr.c +++ b/contrib/bind9/bin/named/interfacemgr.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2006, 2008 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: interfacemgr.c,v 1.76.18.11 2008/07/23 23:33:02 marka Exp $ */ +/* $Id: interfacemgr.c,v 1.93.70.2 2009/01/18 23:47:34 tbox Exp $ */ /*! \file */ @@ -304,6 +304,7 @@ ns_interface_accepttcp(ns_interface_t *ifp) { isc_result_totext(result)); goto tcp_socket_failure; } + isc_socket_setname(ifp->tcpsocket, "dispatcher", NULL); #ifndef ISC_ALLOW_MAPPED isc_socket_ipv6only(ifp->tcpsocket, ISC_TRUE); #endif @@ -483,7 +484,7 @@ static isc_result_t clearacl(isc_mem_t *mctx, dns_acl_t **aclp) { dns_acl_t *newacl = NULL; isc_result_t result; - result = dns_acl_create(mctx, 10, &newacl); + result = dns_acl_create(mctx, 0, &newacl); if (result != ISC_R_SUCCESS) return (result); dns_acl_detach(aclp); @@ -494,36 +495,31 @@ clearacl(isc_mem_t *mctx, dns_acl_t **aclp) { static isc_boolean_t listenon_is_ip6_any(ns_listenelt_t *elt) { - if (elt->acl->length != 1) - return (ISC_FALSE); - if (elt->acl->elements[0].negative == ISC_FALSE && - elt->acl->elements[0].type == dns_aclelementtype_any) - return (ISC_TRUE); /* listen-on-v6 { any; } */ - return (ISC_FALSE); /* All others */ + REQUIRE(elt && elt->acl); + return dns_acl_isany(elt->acl); } static isc_result_t setup_locals(ns_interfacemgr_t *mgr, isc_interface_t *interface) { isc_result_t result; - dns_aclelement_t elt; - unsigned int family; unsigned int prefixlen; + isc_netaddr_t *netaddr; - family = interface->address.family; + netaddr = &interface->address; - elt.type = dns_aclelementtype_ipprefix; - elt.negative = ISC_FALSE; - elt.u.ip_prefix.address = interface->address; - elt.u.ip_prefix.prefixlen = (family == AF_INET) ? 32 : 128; - result = dns_acl_appendelement(mgr->aclenv.localhost, &elt); + /* First add localhost address */ + prefixlen = (netaddr->family == AF_INET) ? 32 : 128; + result = dns_iptable_addprefix(mgr->aclenv.localhost->iptable, + netaddr, prefixlen, ISC_TRUE); if (result != ISC_R_SUCCESS) return (result); + /* Then add localnets prefix */ result = isc_netaddr_masktoprefixlen(&interface->netmask, &prefixlen); - /* Non contigious netmasks not allowed by IPv6 arch. */ - if (result != ISC_R_SUCCESS && family == AF_INET6) + /* Non contiguous netmasks not allowed by IPv6 arch. */ + if (result != ISC_R_SUCCESS && netaddr->family == AF_INET6) return (result); if (result != ISC_R_SUCCESS) { @@ -533,17 +529,14 @@ setup_locals(ns_interfacemgr_t *mgr, isc_interface_t *interface) { "localnets ACL: %s", interface->name, isc_result_totext(result)); - } else { - elt.u.ip_prefix.prefixlen = prefixlen; - if (dns_acl_elementmatch(mgr->aclenv.localnets, &elt, - NULL) == ISC_R_NOTFOUND) { - result = dns_acl_appendelement(mgr->aclenv.localnets, - &elt); - if (result != ISC_R_SUCCESS) - return (result); - } + return (ISC_R_SUCCESS); } + result = dns_iptable_addprefix(mgr->aclenv.localnets->iptable, + netaddr, prefixlen, ISC_TRUE); + if (result != ISC_R_SUCCESS) + return (result); + return (ISC_R_SUCCESS); } @@ -803,7 +796,9 @@ do_scan(ns_interfacemgr_t *mgr, ns_listenlist_t *ext_listen, (void)dns_acl_match(&listen_netaddr, NULL, ele->acl, NULL, &match, NULL); - if (match > 0 && ele->port == le->port) + if (match > 0 && + (ele->port == le->port || + ele->port == 0)) break; else match = 0; |
