diff options
Diffstat (limited to 'contrib/bind9/bin/named')
38 files changed, 832 insertions, 592 deletions
diff --git a/contrib/bind9/bin/named/aclconf.c b/contrib/bind9/bin/named/aclconf.c index 8b6d0c7..102a891 100644 --- a/contrib/bind9/bin/named/aclconf.c +++ b/contrib/bind9/bin/named/aclconf.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: aclconf.c,v 1.27.12.5 2005/03/17 03:58:25 marka Exp $ */ +/* $Id: aclconf.c,v 1.27.12.7 2006/03/02 00:37:20 marka Exp $ */ #include <config.h> @@ -54,10 +54,10 @@ ns_aclconfctx_destroy(ns_aclconfctx_t *ctx) { * Find the definition of the named acl whose name is "name". */ static isc_result_t -get_acl_def(cfg_obj_t *cctx, char *name, cfg_obj_t **ret) { +get_acl_def(const cfg_obj_t *cctx, const char *name, const cfg_obj_t **ret) { isc_result_t result; - cfg_obj_t *acls = NULL; - cfg_listelt_t *elt; + const cfg_obj_t *acls = NULL; + const cfg_listelt_t *elt; result = cfg_map_get(cctx, "acl", &acls); if (result != ISC_R_SUCCESS) @@ -65,7 +65,7 @@ get_acl_def(cfg_obj_t *cctx, char *name, cfg_obj_t **ret) { for (elt = cfg_list_first(acls); elt != NULL; elt = cfg_list_next(elt)) { - cfg_obj_t *acl = cfg_listelt_value(elt); + const cfg_obj_t *acl = cfg_listelt_value(elt); const char *aclname = cfg_obj_asstring(cfg_tuple_get(acl, "name")); if (strcasecmp(aclname, name) == 0) { *ret = cfg_tuple_get(acl, "value"); @@ -76,15 +76,15 @@ get_acl_def(cfg_obj_t *cctx, char *name, cfg_obj_t **ret) { } static isc_result_t -convert_named_acl(cfg_obj_t *nameobj, cfg_obj_t *cctx, +convert_named_acl(const cfg_obj_t *nameobj, const cfg_obj_t *cctx, ns_aclconfctx_t *ctx, isc_mem_t *mctx, dns_acl_t **target) { isc_result_t result; - cfg_obj_t *cacl = NULL; + const cfg_obj_t *cacl = NULL; dns_acl_t *dacl; dns_acl_t loop; - char *aclname = cfg_obj_asstring(nameobj); + const char *aclname = cfg_obj_asstring(nameobj); /* Look for an already-converted version. */ for (dacl = ISC_LIST_HEAD(ctx->named_acl_cache); @@ -113,7 +113,7 @@ convert_named_acl(cfg_obj_t *nameobj, cfg_obj_t *cctx, */ memset(&loop, 0, sizeof(loop)); ISC_LINK_INIT(&loop, nextincache); - loop.name = aclname; + DE_CONST(aclname, loop.name); loop.magic = LOOP_MAGIC; ISC_LIST_APPEND(ctx->named_acl_cache, &loop, nextincache); result = ns_acl_fromconfig(cacl, cctx, ctx, mctx, &dacl); @@ -131,7 +131,7 @@ convert_named_acl(cfg_obj_t *nameobj, cfg_obj_t *cctx, } static isc_result_t -convert_keyname(cfg_obj_t *keyobj, isc_mem_t *mctx, dns_name_t *dnsname) { +convert_keyname(const cfg_obj_t *keyobj, isc_mem_t *mctx, dns_name_t *dnsname) { isc_result_t result; isc_buffer_t buf; dns_fixedname_t fixname; @@ -154,8 +154,8 @@ convert_keyname(cfg_obj_t *keyobj, isc_mem_t *mctx, dns_name_t *dnsname) { } isc_result_t -ns_acl_fromconfig(cfg_obj_t *caml, - cfg_obj_t *cctx, +ns_acl_fromconfig(const cfg_obj_t *caml, + const cfg_obj_t *cctx, ns_aclconfctx_t *ctx, isc_mem_t *mctx, dns_acl_t **target) @@ -164,7 +164,7 @@ ns_acl_fromconfig(cfg_obj_t *caml, unsigned int count; dns_acl_t *dacl = NULL; dns_aclelement_t *de; - cfg_listelt_t *elt; + const cfg_listelt_t *elt; REQUIRE(target != NULL && *target == NULL); @@ -183,7 +183,7 @@ ns_acl_fromconfig(cfg_obj_t *caml, elt != NULL; elt = cfg_list_next(elt)) { - cfg_obj_t *ce = cfg_listelt_value(elt); + const cfg_obj_t *ce = cfg_listelt_value(elt); if (cfg_obj_istuple(ce)) { /* This must be a negated element. */ ce = cfg_tuple_get(ce, "value"); @@ -215,7 +215,7 @@ ns_acl_fromconfig(cfg_obj_t *caml, goto cleanup; } else if (cfg_obj_isstring(ce)) { /* ACL name */ - char *name = cfg_obj_asstring(ce); + const char *name = cfg_obj_asstring(ce); if (strcasecmp(name, "localhost") == 0) { de->type = dns_aclelementtype_localhost; } else if (strcasecmp(name, "localnets") == 0) { diff --git a/contrib/bind9/bin/named/client.c b/contrib/bind9/bin/named/client.c index baecc23..b0ce793 100644 --- a/contrib/bind9/bin/named/client.c +++ b/contrib/bind9/bin/named/client.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: client.c,v 1.176.2.13.4.26 2005/07/27 02:53:14 marka Exp $ */ +/* $Id: client.c,v 1.176.2.13.4.31 2006/07/22 01:09:38 marka Exp $ */ #include <config.h> @@ -164,6 +164,12 @@ struct ns_clientmgr { * Must be greater than any valid state. */ +/* + * Enable ns_client_dropport() by default. + */ +#ifndef NS_CLIENT_DROPPORT +#define NS_CLIENT_DROPPORT 1 +#endif static void client_read(ns_client_t *client); static void client_accept(ns_client_t *client); @@ -285,8 +291,17 @@ exit_check(ns_client_t *client) { } /* * I/O cancel is complete. Burn down all state - * related to the current request. + * related to the current request. Ensure that + * the client is on the active list and not the + * recursing list. */ + LOCK(&client->manager->lock); + if (client->list == &client->manager->recursing) { + ISC_LIST_UNLINK(*client->list, client, link); + ISC_LIST_APPEND(client->manager->active, client, link); + client->list = &client->manager->active; + } + UNLOCK(&client->manager->lock); ns_client_endrequest(client); client->state = NS_CLIENTSTATE_READING; @@ -972,6 +987,34 @@ ns_client_send(ns_client_t *client) { ns_client_next(client, result); } +#if NS_CLIENT_DROPPORT +#define DROPPORT_NO 0 +#define DROPPORT_REQUEST 1 +#define DROPPORT_RESPONSE 2 +/*% + * ns_client_dropport determines if certain requests / responses + * should be dropped based on the port number. + * + * Returns: + * \li 0: Don't drop. + * \li 1: Drop request. + * \li 2: Drop (error) response. + */ +static int +ns_client_dropport(in_port_t port) { + switch (port) { + case 7: /* echo */ + case 13: /* daytime */ + case 19: /* chargen */ + case 37: /* time */ + return (DROPPORT_REQUEST); + case 464: /* kpasswd */ + return (DROPPORT_RESPONSE); + } + return (DROPPORT_NO); +} +#endif + void ns_client_error(ns_client_t *client, isc_result_t result) { dns_rcode_t rcode; @@ -984,6 +1027,28 @@ ns_client_error(ns_client_t *client, isc_result_t result) { message = client->message; rcode = dns_result_torcode(result); +#if NS_CLIENT_DROPPORT + /* + * Don't send FORMERR to ports on the drop port list. + */ + if (rcode == dns_rcode_formerr && + ns_client_dropport(isc_sockaddr_getport(&client->peeraddr)) != + DROPPORT_NO) { + char buf[64]; + isc_buffer_t b; + + isc_buffer_init(&b, buf, sizeof(buf) - 1); + if (dns_rcode_totext(rcode, &b) != ISC_R_SUCCESS) + isc_buffer_putstr(&b, "UNKNOWN RCODE"); + ns_client_log(client, DNS_LOGCATEGORY_SECURITY, + NS_LOGMODULE_CLIENT, ISC_LOG_DEBUG(10), + "dropped error (%.*s) response: suspicious port", + (int)isc_buffer_usedlength(&b), buf); + ns_client_next(client, ISC_R_SUCCESS); + return; + } +#endif + /* * Message may be an in-progress reply that we had trouble * with, in which case QR will be set. We need to clear QR before @@ -1208,6 +1273,17 @@ client_request(isc_task_t *task, isc_event_t *event) { isc_netaddr_fromsockaddr(&netaddr, &client->peeraddr); +#if NS_CLIENT_DROPPORT + if (ns_client_dropport(isc_sockaddr_getport(&client->peeraddr)) == + DROPPORT_REQUEST) { + ns_client_log(client, DNS_LOGCATEGORY_SECURITY, + NS_LOGMODULE_CLIENT, ISC_LOG_DEBUG(10), + "dropped request: suspicious port"); + ns_client_next(client, ISC_R_SUCCESS); + goto cleanup; + } +#endif + ns_client_log(client, NS_LOGCATEGORY_CLIENT, NS_LOGMODULE_CLIENT, ISC_LOG_DEBUG(3), "%s request", @@ -1242,6 +1318,7 @@ client_request(isc_task_t *task, isc_event_t *event) { NS_LOGMODULE_CLIENT, ISC_LOG_DEBUG(2), "dropping multicast request"); ns_client_next(client, DNS_R_REFUSED); + goto cleanup; } result = dns_message_peekheader(buffer, &id, &flags); @@ -1532,12 +1609,15 @@ client_request(isc_task_t *task, isc_event_t *event) { * Decide whether recursive service is available to this client. * We do this here rather than in the query code so that we can * set the RA bit correctly on all kinds of responses, not just - * responses to ordinary queries. + * responses to ordinary queries. Note if you can't query the + * cache there is no point in setting RA. */ ra = ISC_FALSE; if (client->view->resolver != NULL && client->view->recursion == ISC_TRUE && ns_client_checkaclsilent(client, client->view->recursionacl, + ISC_TRUE) == ISC_R_SUCCESS && + ns_client_checkaclsilent(client, client->view->queryacl, ISC_TRUE) == ISC_R_SUCCESS) ra = ISC_TRUE; @@ -2364,3 +2444,20 @@ ns_client_dumprecursing(FILE *f, ns_clientmgr_t *manager) { } UNLOCK(&manager->lock); } + +void +ns_client_qnamereplace(ns_client_t *client, dns_name_t *name) { + + if (client->manager != NULL) + LOCK(&client->manager->lock); + if (client->query.restarts > 0) { + /* + * client->query.qname was dynamically allocated. + */ + dns_message_puttempname(client->message, + &client->query.qname); + } + client->query.qname = name; + if (client->manager != NULL) + UNLOCK(&client->manager->lock); +} diff --git a/contrib/bind9/bin/named/config.c b/contrib/bind9/bin/named/config.c index 99e5ffa..7b5b99e 100644 --- a/contrib/bind9/bin/named/config.c +++ b/contrib/bind9/bin/named/config.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2001-2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: config.c,v 1.11.2.4.8.29 2004/10/05 02:52:26 marka Exp $ */ +/* $Id: config.c,v 1.11.2.4.8.32 2006/02/28 06:32:53 marka Exp $ */ #include <config.h> @@ -196,7 +196,7 @@ ns_config_parsedefaults(cfg_parser_t *parser, cfg_obj_t **conf) { } isc_result_t -ns_config_get(cfg_obj_t **maps, const char *name, cfg_obj_t **obj) { +ns_config_get(const cfg_obj_t **maps, const char *name, const cfg_obj_t **obj) { int i; for (i = 0;; i++) { @@ -208,11 +208,13 @@ ns_config_get(cfg_obj_t **maps, const char *name, cfg_obj_t **obj) { } isc_result_t -ns_checknames_get(cfg_obj_t **maps, const char *which, cfg_obj_t **obj) { - cfg_listelt_t *element; - cfg_obj_t *checknames; - cfg_obj_t *type; - cfg_obj_t *value; +ns_checknames_get(const cfg_obj_t **maps, const char *which, + const cfg_obj_t **obj) +{ + const cfg_listelt_t *element; + const cfg_obj_t *checknames; + const cfg_obj_t *type; + const cfg_obj_t *value; int i; for (i = 0;; i++) { @@ -243,8 +245,8 @@ ns_checknames_get(cfg_obj_t **maps, const char *which, cfg_obj_t **obj) { } int -ns_config_listcount(cfg_obj_t *list) { - cfg_listelt_t *e; +ns_config_listcount(const cfg_obj_t *list) { + const cfg_listelt_t *e; int i = 0; for (e = cfg_list_first(list); e != NULL; e = cfg_list_next(e)) @@ -254,9 +256,9 @@ ns_config_listcount(cfg_obj_t *list) { } isc_result_t -ns_config_getclass(cfg_obj_t *classobj, dns_rdataclass_t defclass, +ns_config_getclass(const cfg_obj_t *classobj, dns_rdataclass_t defclass, dns_rdataclass_t *classp) { - char *str; + const char *str; isc_textregion_t r; isc_result_t result; @@ -265,7 +267,7 @@ ns_config_getclass(cfg_obj_t *classobj, dns_rdataclass_t defclass, return (ISC_R_SUCCESS); } str = cfg_obj_asstring(classobj); - r.base = str; + DE_CONST(str, r.base); r.length = strlen(str); result = dns_rdataclass_fromtext(classp, &r); if (result != ISC_R_SUCCESS) @@ -275,9 +277,9 @@ ns_config_getclass(cfg_obj_t *classobj, dns_rdataclass_t defclass, } isc_result_t -ns_config_gettype(cfg_obj_t *typeobj, dns_rdatatype_t deftype, +ns_config_gettype(const cfg_obj_t *typeobj, dns_rdatatype_t deftype, dns_rdatatype_t *typep) { - char *str; + const char *str; isc_textregion_t r; isc_result_t result; @@ -286,7 +288,7 @@ ns_config_gettype(cfg_obj_t *typeobj, dns_rdatatype_t deftype, return (ISC_R_SUCCESS); } str = cfg_obj_asstring(typeobj); - r.base = str; + DE_CONST(str, r.base); r.length = strlen(str); result = dns_rdatatype_fromtext(typep, &r); if (result != ISC_R_SUCCESS) @@ -296,9 +298,9 @@ ns_config_gettype(cfg_obj_t *typeobj, dns_rdatatype_t deftype, } dns_zonetype_t -ns_config_getzonetype(cfg_obj_t *zonetypeobj) { +ns_config_getzonetype(const cfg_obj_t *zonetypeobj) { dns_zonetype_t ztype = dns_zone_none; - char *str; + const char *str; str = cfg_obj_asstring(zonetypeobj); if (strcasecmp(str, "master") == 0) @@ -313,14 +315,14 @@ ns_config_getzonetype(cfg_obj_t *zonetypeobj) { } isc_result_t -ns_config_getiplist(cfg_obj_t *config, cfg_obj_t *list, +ns_config_getiplist(const cfg_obj_t *config, const cfg_obj_t *list, in_port_t defport, isc_mem_t *mctx, isc_sockaddr_t **addrsp, isc_uint32_t *countp) { int count, i = 0; - cfg_obj_t *addrlist; - cfg_obj_t *portobj; - cfg_listelt_t *element; + const cfg_obj_t *addrlist; + const cfg_obj_t *portobj; + const cfg_listelt_t *element; isc_sockaddr_t *addrs; in_port_t port; isc_result_t result; @@ -380,10 +382,12 @@ ns_config_putiplist(isc_mem_t *mctx, isc_sockaddr_t **addrsp, } static isc_result_t -get_masters_def(cfg_obj_t *cctx, char *name, cfg_obj_t **ret) { +get_masters_def(const cfg_obj_t *cctx, const char *name, + const cfg_obj_t **ret) +{ isc_result_t result; - cfg_obj_t *masters = NULL; - cfg_listelt_t *elt; + const cfg_obj_t *masters = NULL; + const cfg_listelt_t *elt; result = cfg_map_get(cctx, "masters", &masters); if (result != ISC_R_SUCCESS) @@ -391,7 +395,7 @@ get_masters_def(cfg_obj_t *cctx, char *name, cfg_obj_t **ret) { for (elt = cfg_list_first(masters); elt != NULL; elt = cfg_list_next(elt)) { - cfg_obj_t *list; + const cfg_obj_t *list; const char *listname; list = cfg_listelt_value(elt); @@ -406,24 +410,24 @@ get_masters_def(cfg_obj_t *cctx, char *name, cfg_obj_t **ret) { } isc_result_t -ns_config_getipandkeylist(cfg_obj_t *config, cfg_obj_t *list, isc_mem_t *mctx, - isc_sockaddr_t **addrsp, dns_name_t ***keysp, - isc_uint32_t *countp) +ns_config_getipandkeylist(const cfg_obj_t *config, const cfg_obj_t *list, + isc_mem_t *mctx, isc_sockaddr_t **addrsp, + dns_name_t ***keysp, isc_uint32_t *countp) { isc_uint32_t addrcount = 0, keycount = 0, i = 0; isc_uint32_t listcount = 0, l = 0, j; isc_uint32_t stackcount = 0, pushed = 0; isc_result_t result; - cfg_listelt_t *element; - cfg_obj_t *addrlist; - cfg_obj_t *portobj; + const cfg_listelt_t *element; + const cfg_obj_t *addrlist; + const cfg_obj_t *portobj; in_port_t port; dns_fixedname_t fname; isc_sockaddr_t *addrs = NULL; dns_name_t **keys = NULL; - char **lists = NULL; + const char **lists = NULL; struct { - cfg_listelt_t *element; + const cfg_listelt_t *element; in_port_t port; } *stack = NULL; @@ -439,13 +443,14 @@ ns_config_getipandkeylist(cfg_obj_t *config, cfg_obj_t *list, isc_mem_t *mctx, if (val > ISC_UINT16_MAX) { cfg_obj_log(portobj, ns_g_lctx, ISC_LOG_ERROR, "port '%u' out of range", val); - return (ISC_R_RANGE); + result = ISC_R_RANGE; + goto cleanup; } port = (in_port_t) val; } else { result = ns_config_getport(config, &port); if (result != ISC_R_SUCCESS) - return (result); + goto cleanup; } result = ISC_R_NOMEMORY; @@ -456,9 +461,9 @@ ns_config_getipandkeylist(cfg_obj_t *config, cfg_obj_t *list, isc_mem_t *mctx, element != NULL; element = cfg_list_next(element)) { - cfg_obj_t *addr; - cfg_obj_t *key; - char *keystr; + const cfg_obj_t *addr; + const cfg_obj_t *key; + const char *keystr; isc_buffer_t b; addr = cfg_tuple_get(cfg_listelt_value(element), @@ -466,7 +471,7 @@ ns_config_getipandkeylist(cfg_obj_t *config, cfg_obj_t *list, isc_mem_t *mctx, key = cfg_tuple_get(cfg_listelt_value(element), "key"); if (!cfg_obj_issockaddr(addr)) { - char *listname = cfg_obj_asstring(addr); + const char *listname = cfg_obj_asstring(addr); isc_result_t tresult; /* Grow lists? */ @@ -606,9 +611,9 @@ ns_config_getipandkeylist(cfg_obj_t *config, cfg_obj_t *list, isc_mem_t *mctx, if (new == NULL) goto cleanup; memcpy(new, addrs, newsize); - isc_mem_put(mctx, addrs, oldsize); } else new = NULL; + isc_mem_put(mctx, addrs, oldsize); addrs = new; addrcount = i; @@ -619,9 +624,9 @@ ns_config_getipandkeylist(cfg_obj_t *config, cfg_obj_t *list, isc_mem_t *mctx, if (new == NULL) goto cleanup; memcpy(new, keys, newsize); - isc_mem_put(mctx, keys, oldsize); } else new = NULL; + isc_mem_put(mctx, keys, oldsize); keys = new; keycount = i; } @@ -682,10 +687,10 @@ ns_config_putipandkeylist(isc_mem_t *mctx, isc_sockaddr_t **addrsp, } isc_result_t -ns_config_getport(cfg_obj_t *config, in_port_t *portp) { - cfg_obj_t *maps[3]; - cfg_obj_t *options = NULL; - cfg_obj_t *portobj = NULL; +ns_config_getport(const cfg_obj_t *config, in_port_t *portp) { + const cfg_obj_t *maps[3]; + const cfg_obj_t *options = NULL; + const cfg_obj_t *portobj = NULL; isc_result_t result; int i; diff --git a/contrib/bind9/bin/named/controlconf.c b/contrib/bind9/bin/named/controlconf.c index 5b87fb9..b6bcc16 100644 --- a/contrib/bind9/bin/named/controlconf.c +++ b/contrib/bind9/bin/named/controlconf.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2001-2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: controlconf.c,v 1.28.2.9.2.6 2004/03/08 09:04:14 marka Exp $ */ +/* $Id: controlconf.c,v 1.28.2.9.2.10 2006/02/28 06:32:53 marka Exp $ */ #include <config.h> @@ -356,6 +356,9 @@ control_recvmessage(isc_task_t *task, isc_event_t *event) { { ccregion.rstart = isc_buffer_base(&conn->ccmsg.buffer); ccregion.rend = isc_buffer_used(&conn->ccmsg.buffer); + if (secret.rstart != NULL) + isc_mem_put(listener->mctx, secret.rstart, + REGION_SIZE(secret)); secret.rstart = isc_mem_get(listener->mctx, key->secret.length); if (secret.rstart == NULL) goto cleanup; @@ -371,8 +374,6 @@ control_recvmessage(isc_task_t *task, isc_event_t *event) { */ if (request != NULL) isccc_sexpr_free(&request); - isc_mem_put(listener->mctx, secret.rstart, - REGION_SIZE(secret)); } else { log_invalid(&conn->ccmsg, result); goto cleanup; @@ -649,10 +650,12 @@ ns_controls_shutdown(ns_controls_t *controls) { } static isc_result_t -cfgkeylist_find(cfg_obj_t *keylist, const char *keyname, cfg_obj_t **objp) { - cfg_listelt_t *element; +cfgkeylist_find(const cfg_obj_t *keylist, const char *keyname, + const cfg_obj_t **objp) +{ + const cfg_listelt_t *element; const char *str; - cfg_obj_t *obj; + const cfg_obj_t *obj; for (element = cfg_list_first(keylist); element != NULL; @@ -671,13 +674,13 @@ cfgkeylist_find(cfg_obj_t *keylist, const char *keyname, cfg_obj_t **objp) { } static isc_result_t -controlkeylist_fromcfg(cfg_obj_t *keylist, isc_mem_t *mctx, +controlkeylist_fromcfg(const cfg_obj_t *keylist, isc_mem_t *mctx, controlkeylist_t *keyids) { - cfg_listelt_t *element; + const cfg_listelt_t *element; char *newstr = NULL; const char *str; - cfg_obj_t *obj; + const cfg_obj_t *obj; controlkey_t *key = NULL; for (element = cfg_list_first(keylist); @@ -712,11 +715,11 @@ controlkeylist_fromcfg(cfg_obj_t *keylist, isc_mem_t *mctx, } static void -register_keys(cfg_obj_t *control, cfg_obj_t *keylist, +register_keys(const cfg_obj_t *control, const cfg_obj_t *keylist, controlkeylist_t *keyids, isc_mem_t *mctx, const char *socktext) { controlkey_t *keyid, *next; - cfg_obj_t *keydef; + const cfg_obj_t *keydef; char secret[1024]; isc_buffer_t b; isc_result_t result; @@ -736,10 +739,10 @@ register_keys(cfg_obj_t *control, cfg_obj_t *keylist, ISC_LIST_UNLINK(*keyids, keyid, link); free_controlkey(keyid, mctx); } else { - cfg_obj_t *algobj = NULL; - cfg_obj_t *secretobj = NULL; - char *algstr = NULL; - char *secretstr = NULL; + const cfg_obj_t *algobj = NULL; + const cfg_obj_t *secretobj = NULL; + const char *algstr = NULL; + const char *secretstr = NULL; (void)cfg_map_get(keydef, "algorithm", &algobj); (void)cfg_map_get(keydef, "secret", &secretobj); @@ -805,11 +808,11 @@ get_rndckey(isc_mem_t *mctx, controlkeylist_t *keyids) { isc_result_t result; cfg_parser_t *pctx = NULL; cfg_obj_t *config = NULL; - cfg_obj_t *key = NULL; - cfg_obj_t *algobj = NULL; - cfg_obj_t *secretobj = NULL; - char *algstr = NULL; - char *secretstr = NULL; + const cfg_obj_t *key = NULL; + const cfg_obj_t *algobj = NULL; + const cfg_obj_t *secretobj = NULL; + const char *algstr = NULL; + const char *secretstr = NULL; controlkey_t *keyid = NULL; char secret[1024]; isc_buffer_t b; @@ -888,12 +891,13 @@ get_rndckey(isc_mem_t *mctx, controlkeylist_t *keyids) { * valid or both are NULL. */ static void -get_key_info(cfg_obj_t *config, cfg_obj_t *control, - cfg_obj_t **global_keylistp, cfg_obj_t **control_keylistp) +get_key_info(const cfg_obj_t *config, const cfg_obj_t *control, + const cfg_obj_t **global_keylistp, + const cfg_obj_t **control_keylistp) { isc_result_t result; - cfg_obj_t *control_keylist = NULL; - cfg_obj_t *global_keylist = NULL; + const cfg_obj_t *control_keylist = NULL; + const cfg_obj_t *global_keylist = NULL; REQUIRE(global_keylistp != NULL && *global_keylistp == NULL); REQUIRE(control_keylistp != NULL && *control_keylistp == NULL); @@ -912,15 +916,15 @@ get_key_info(cfg_obj_t *config, cfg_obj_t *control, } static void -update_listener(ns_controls_t *cp, - controllistener_t **listenerp, cfg_obj_t *control, - cfg_obj_t *config, isc_sockaddr_t *addr, - ns_aclconfctx_t *aclconfctx, const char *socktext) +update_listener(ns_controls_t *cp, controllistener_t **listenerp, + const cfg_obj_t *control, const cfg_obj_t *config, + isc_sockaddr_t *addr, ns_aclconfctx_t *aclconfctx, + const char *socktext) { controllistener_t *listener; - cfg_obj_t *allow; - cfg_obj_t *global_keylist = NULL; - cfg_obj_t *control_keylist = NULL; + const cfg_obj_t *allow; + const cfg_obj_t *global_keylist = NULL; + const cfg_obj_t *control_keylist = NULL; dns_acl_t *new_acl = NULL; controlkeylist_t keys; isc_result_t result = ISC_R_SUCCESS; @@ -977,18 +981,25 @@ update_listener(ns_controls_t *cp, result = get_rndckey(listener->mctx, &listener->keys); } - if (result != ISC_R_SUCCESS && global_keylist != NULL) + if (result != ISC_R_SUCCESS && global_keylist != NULL) { /* * This message might be a little misleading since the * "new keys" might in fact be identical to the old ones, * but tracking whether they are identical just for the * sake of avoiding this message would be too much trouble. */ - cfg_obj_log(control, ns_g_lctx, ISC_LOG_WARNING, - "couldn't install new keys for " - "command channel %s: %s", - socktext, isc_result_totext(result)); - + if (control != NULL) + cfg_obj_log(control, ns_g_lctx, ISC_LOG_WARNING, + "couldn't install new keys for " + "command channel %s: %s", + socktext, isc_result_totext(result)); + else + isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, + NS_LOGMODULE_CONTROL, ISC_LOG_WARNING, + "couldn't install new keys for " + "command channel %s: %s", + socktext, isc_result_totext(result)); + } /* * Now, keep the old access list unless a new one can be made. @@ -1005,26 +1016,33 @@ update_listener(ns_controls_t *cp, dns_acl_detach(&listener->acl); dns_acl_attach(new_acl, &listener->acl); dns_acl_detach(&new_acl); - } else /* XXXDCL say the old acl is still used? */ + } else if (control != NULL) cfg_obj_log(control, ns_g_lctx, ISC_LOG_WARNING, "couldn't install new acl for " "command channel %s: %s", socktext, isc_result_totext(result)); + else + isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, + NS_LOGMODULE_CONTROL, ISC_LOG_WARNING, + "couldn't install new acl for " + "command channel %s: %s", + socktext, isc_result_totext(result)); *listenerp = listener; } static void add_listener(ns_controls_t *cp, controllistener_t **listenerp, - cfg_obj_t *control, cfg_obj_t *config, isc_sockaddr_t *addr, - ns_aclconfctx_t *aclconfctx, const char *socktext) + const cfg_obj_t *control, const cfg_obj_t *config, + isc_sockaddr_t *addr, ns_aclconfctx_t *aclconfctx, + const char *socktext) { isc_mem_t *mctx = cp->server->mctx; controllistener_t *listener; - cfg_obj_t *allow; - cfg_obj_t *global_keylist = NULL; - cfg_obj_t *control_keylist = NULL; + const cfg_obj_t *allow; + const cfg_obj_t *global_keylist = NULL; + const cfg_obj_t *control_keylist = NULL; dns_acl_t *new_acl = NULL; isc_result_t result = ISC_R_SUCCESS; @@ -1135,13 +1153,13 @@ add_listener(ns_controls_t *cp, controllistener_t **listenerp, } isc_result_t -ns_controls_configure(ns_controls_t *cp, cfg_obj_t *config, +ns_controls_configure(ns_controls_t *cp, const cfg_obj_t *config, ns_aclconfctx_t *aclconfctx) { controllistener_t *listener; controllistenerlist_t new_listeners; - cfg_obj_t *controlslist = NULL; - cfg_listelt_t *element, *element2; + const cfg_obj_t *controlslist = NULL; + const cfg_listelt_t *element, *element2; char socktext[ISC_SOCKADDR_FORMATSIZE]; ISC_LIST_INIT(new_listeners); @@ -1163,8 +1181,8 @@ ns_controls_configure(ns_controls_t *cp, cfg_obj_t *config, for (element = cfg_list_first(controlslist); element != NULL; element = cfg_list_next(element)) { - cfg_obj_t *controls; - cfg_obj_t *inetcontrols = NULL; + const cfg_obj_t *controls; + const cfg_obj_t *inetcontrols = NULL; controls = cfg_listelt_value(element); (void)cfg_map_get(controls, "inet", &inetcontrols); @@ -1174,9 +1192,9 @@ ns_controls_configure(ns_controls_t *cp, cfg_obj_t *config, for (element2 = cfg_list_first(inetcontrols); element2 != NULL; element2 = cfg_list_next(element2)) { - cfg_obj_t *control; - cfg_obj_t *obj; - isc_sockaddr_t *addr; + const cfg_obj_t *control; + const cfg_obj_t *obj; + isc_sockaddr_t addr; /* * The parser handles BIND 8 configuration file @@ -1189,12 +1207,12 @@ ns_controls_configure(ns_controls_t *cp, cfg_obj_t *config, control = cfg_listelt_value(element2); obj = cfg_tuple_get(control, "address"); - addr = cfg_obj_assockaddr(obj); - if (isc_sockaddr_getport(addr) == 0) - isc_sockaddr_setport(addr, + addr = *cfg_obj_assockaddr(obj); + if (isc_sockaddr_getport(&addr) == 0) + isc_sockaddr_setport(&addr, NS_CONTROL_PORT); - isc_sockaddr_format(addr, socktext, + isc_sockaddr_format(&addr, socktext, sizeof(socktext)); isc_log_write(ns_g_lctx, @@ -1205,7 +1223,7 @@ ns_controls_configure(ns_controls_t *cp, cfg_obj_t *config, socktext); update_listener(cp, &listener, control, config, - addr, aclconfctx, socktext); + &addr, aclconfctx, socktext); if (listener != NULL) /* @@ -1219,7 +1237,7 @@ ns_controls_configure(ns_controls_t *cp, cfg_obj_t *config, * This is a new listener. */ add_listener(cp, &listener, control, - config, addr, aclconfctx, + config, &addr, aclconfctx, socktext); if (listener != NULL) diff --git a/contrib/bind9/bin/named/include/named/aclconf.h b/contrib/bind9/bin/named/include/named/aclconf.h index 8126572..a5b333a 100644 --- a/contrib/bind9/bin/named/include/named/aclconf.h +++ b/contrib/bind9/bin/named/include/named/aclconf.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: aclconf.h,v 1.12.208.1 2004/03/06 10:21:23 marka Exp $ */ +/* $Id: aclconf.h,v 1.12.208.3 2006/03/02 00:37:20 marka Exp $ */ #ifndef NS_ACLCONF_H #define NS_ACLCONF_H 1 @@ -49,8 +49,8 @@ ns_aclconfctx_destroy(ns_aclconfctx_t *ctx); */ isc_result_t -ns_acl_fromconfig(cfg_obj_t *caml, - cfg_obj_t *cctx, +ns_acl_fromconfig(const cfg_obj_t *caml, + const cfg_obj_t *cctx, ns_aclconfctx_t *ctx, isc_mem_t *mctx, dns_acl_t **target); diff --git a/contrib/bind9/bin/named/include/named/client.h b/contrib/bind9/bin/named/include/named/client.h index 7097a3b..f602be8 100644 --- a/contrib/bind9/bin/named/include/named/client.h +++ b/contrib/bind9/bin/named/include/named/client.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: client.h,v 1.60.2.2.10.10 2005/07/29 00:13:08 marka Exp $ */ +/* $Id: client.h,v 1.60.2.2.10.12 2006/06/06 00:11:40 marka Exp $ */ #ifndef NAMED_CLIENT_H #define NAMED_CLIENT_H 1 @@ -198,6 +198,12 @@ ns_client_next(ns_client_t *client, isc_result_t result); * return no response to the client. */ +void +ns_client_qnamereplace(ns_client_t *client, dns_name_t *name); +/*% + * Replace the qname. + */ + isc_boolean_t ns_client_shuttingdown(ns_client_t *client); /* diff --git a/contrib/bind9/bin/named/include/named/config.h b/contrib/bind9/bin/named/include/named/config.h index b3b4f12..8e5b94a 100644 --- a/contrib/bind9/bin/named/include/named/config.h +++ b/contrib/bind9/bin/named/include/named/config.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2001, 2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: config.h,v 1.4.12.4 2004/04/20 14:12:10 marka Exp $ */ +/* $Id: config.h,v 1.4.12.6 2006/03/02 00:37:20 marka Exp $ */ #ifndef NAMED_CONFIG_H #define NAMED_CONFIG_H 1 @@ -29,27 +29,28 @@ isc_result_t ns_config_parsedefaults(cfg_parser_t *parser, cfg_obj_t **conf); isc_result_t -ns_config_get(cfg_obj_t **maps, const char* name, cfg_obj_t **obj); +ns_config_get(const cfg_obj_t **maps, const char* name, const cfg_obj_t **obj); isc_result_t -ns_checknames_get(cfg_obj_t **maps, const char* name, cfg_obj_t **obj); +ns_checknames_get(const cfg_obj_t **maps, const char* name, + const cfg_obj_t **obj); int -ns_config_listcount(cfg_obj_t *list); +ns_config_listcount(const cfg_obj_t *list); isc_result_t -ns_config_getclass(cfg_obj_t *classobj, dns_rdataclass_t defclass, +ns_config_getclass(const cfg_obj_t *classobj, dns_rdataclass_t defclass, dns_rdataclass_t *classp); isc_result_t -ns_config_gettype(cfg_obj_t *typeobj, dns_rdatatype_t deftype, +ns_config_gettype(const cfg_obj_t *typeobj, dns_rdatatype_t deftype, dns_rdatatype_t *typep); dns_zonetype_t -ns_config_getzonetype(cfg_obj_t *zonetypeobj); +ns_config_getzonetype(const cfg_obj_t *zonetypeobj); isc_result_t -ns_config_getiplist(cfg_obj_t *config, cfg_obj_t *list, +ns_config_getiplist(const cfg_obj_t *config, const cfg_obj_t *list, in_port_t defport, isc_mem_t *mctx, isc_sockaddr_t **addrsp, isc_uint32_t *countp); @@ -58,16 +59,16 @@ ns_config_putiplist(isc_mem_t *mctx, isc_sockaddr_t **addrsp, isc_uint32_t count); isc_result_t -ns_config_getipandkeylist(cfg_obj_t *config, cfg_obj_t *list, isc_mem_t *mctx, - isc_sockaddr_t **addrsp, dns_name_t ***keys, - isc_uint32_t *countp); +ns_config_getipandkeylist(const cfg_obj_t *config, const cfg_obj_t *list, + isc_mem_t *mctx, isc_sockaddr_t **addrsp, + dns_name_t ***keys, isc_uint32_t *countp); void ns_config_putipandkeylist(isc_mem_t *mctx, isc_sockaddr_t **addrsp, dns_name_t ***keys, isc_uint32_t count); isc_result_t -ns_config_getport(cfg_obj_t *config, in_port_t *portp); +ns_config_getport(const cfg_obj_t *config, in_port_t *portp); isc_result_t ns_config_getkeyalgorithm(const char *str, dns_name_t **name); diff --git a/contrib/bind9/bin/named/include/named/control.h b/contrib/bind9/bin/named/include/named/control.h index bbb7d36..bdb706e 100644 --- a/contrib/bind9/bin/named/include/named/control.h +++ b/contrib/bind9/bin/named/include/named/control.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2001-2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: control.h,v 1.6.2.2.2.7 2004/09/03 03:43:32 marka Exp $ */ +/* $Id: control.h,v 1.6.2.2.2.9 2006/03/02 00:37:20 marka Exp $ */ #ifndef NAMED_CONTROL_H #define NAMED_CONTROL_H 1 @@ -67,7 +67,7 @@ ns_controls_destroy(ns_controls_t **ctrlsp); */ isc_result_t -ns_controls_configure(ns_controls_t *controls, cfg_obj_t *config, +ns_controls_configure(ns_controls_t *controls, const cfg_obj_t *config, ns_aclconfctx_t *aclconfctx); /* * Configure zero or more command channels into 'controls' diff --git a/contrib/bind9/bin/named/include/named/globals.h b/contrib/bind9/bin/named/include/named/globals.h index 2cc8548..b8137e8 100644 --- a/contrib/bind9/bin/named/include/named/globals.h +++ b/contrib/bind9/bin/named/include/named/globals.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: globals.h,v 1.59.68.5 2004/03/08 04:04:20 marka Exp $ */ +/* $Id: globals.h,v 1.59.68.7 2006/03/02 00:37:20 marka Exp $ */ #ifndef NAMED_GLOBALS_H #define NAMED_GLOBALS_H 1 @@ -75,7 +75,7 @@ EXTERN unsigned int ns_g_debuglevel INIT(0); * Current configuration information. */ EXTERN cfg_obj_t * ns_g_config INIT(NULL); -EXTERN cfg_obj_t * ns_g_defaults INIT(NULL); +EXTERN const cfg_obj_t * ns_g_defaults INIT(NULL); EXTERN const char * ns_g_conffile INIT(NS_SYSCONFDIR "/named.conf"); EXTERN const char * ns_g_keyfile INIT(NS_SYSCONFDIR diff --git a/contrib/bind9/bin/named/include/named/logconf.h b/contrib/bind9/bin/named/include/named/logconf.h index a6f7450..b92ad31 100644 --- a/contrib/bind9/bin/named/include/named/logconf.h +++ b/contrib/bind9/bin/named/include/named/logconf.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: logconf.h,v 1.10.208.1 2004/03/06 10:21:24 marka Exp $ */ +/* $Id: logconf.h,v 1.10.208.3 2006/03/02 00:37:20 marka Exp $ */ #ifndef NAMED_LOGCONF_H #define NAMED_LOGCONF_H 1 @@ -23,7 +23,7 @@ #include <isc/log.h> isc_result_t -ns_log_configure(isc_logconfig_t *logconf, cfg_obj_t *logstmt); +ns_log_configure(isc_logconfig_t *logconf, const cfg_obj_t *logstmt); /* * Set up the logging configuration in '*logconf' according to * the named.conf data in 'logstmt'. diff --git a/contrib/bind9/bin/named/include/named/lwresd.h b/contrib/bind9/bin/named/include/named/lwresd.h index 7ba857c..2aa1d55 100644 --- a/contrib/bind9/bin/named/include/named/lwresd.h +++ b/contrib/bind9/bin/named/include/named/lwresd.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: lwresd.h,v 1.12.208.1 2004/03/06 10:21:25 marka Exp $ */ +/* $Id: lwresd.h,v 1.12.208.3 2006/03/02 00:37:20 marka Exp $ */ #ifndef NAMED_LWRESD_H #define NAMED_LWRESD_H 1 @@ -56,7 +56,7 @@ struct ns_lwreslistener { * Configure lwresd. */ isc_result_t -ns_lwresd_configure(isc_mem_t *mctx, cfg_obj_t *config); +ns_lwresd_configure(isc_mem_t *mctx, const cfg_obj_t *config); isc_result_t ns_lwresd_parseeresolvconf(isc_mem_t *mctx, cfg_parser_t *pctx, @@ -72,7 +72,8 @@ ns_lwresd_shutdown(void); * Manager functions */ isc_result_t -ns_lwdmanager_create(isc_mem_t *mctx, cfg_obj_t *lwres, ns_lwresd_t **lwresdp); +ns_lwdmanager_create(isc_mem_t *mctx, const cfg_obj_t *lwres, + ns_lwresd_t **lwresdp); void ns_lwdmanager_attach(ns_lwresd_t *source, ns_lwresd_t **targetp); diff --git a/contrib/bind9/bin/named/include/named/server.h b/contrib/bind9/bin/named/include/named/server.h index 97eb2ef..37526c0 100644 --- a/contrib/bind9/bin/named/include/named/server.h +++ b/contrib/bind9/bin/named/include/named/server.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: server.h,v 1.58.2.1.10.11 2004/03/08 04:04:21 marka Exp $ */ +/* $Id: server.h,v 1.58.2.1.10.13 2006/03/02 00:37:20 marka Exp $ */ #ifndef NAMED_SERVER_H #define NAMED_SERVER_H 1 @@ -208,6 +208,6 @@ ns_server_dumprecursing(ns_server_t *server); * Maintain a list of dispatches that require reserved ports. */ void -ns_add_reserved_dispatch(ns_server_t *server, isc_sockaddr_t *addr); +ns_add_reserved_dispatch(ns_server_t *server, const isc_sockaddr_t *addr); #endif /* NAMED_SERVER_H */ diff --git a/contrib/bind9/bin/named/include/named/sortlist.h b/contrib/bind9/bin/named/include/named/sortlist.h index 88a1493..9966686 100644 --- a/contrib/bind9/bin/named/include/named/sortlist.h +++ b/contrib/bind9/bin/named/include/named/sortlist.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: sortlist.h,v 1.4.208.1 2004/03/06 10:21:26 marka Exp $ */ +/* $Id: sortlist.h,v 1.4.208.3 2006/03/02 00:37:20 marka Exp $ */ #ifndef NAMED_SORTLIST_H #define NAMED_SORTLIST_H 1 @@ -28,7 +28,7 @@ * Type for callback functions that rank addresses. */ typedef int -(*dns_addressorderfunc_t)(isc_netaddr_t *address, void *arg); +(*dns_addressorderfunc_t)(const isc_netaddr_t *address, const void *arg); /* * Return value type for setup_sortlist. @@ -40,7 +40,8 @@ typedef enum { } ns_sortlisttype_t; ns_sortlisttype_t -ns_sortlist_setup(dns_acl_t *acl, isc_netaddr_t *clientaddr, void **argp); +ns_sortlist_setup(dns_acl_t *acl, isc_netaddr_t *clientaddr, + const void **argp); /* * Find the sortlist statement in 'acl' that applies to 'clientaddr', if any. * @@ -55,14 +56,14 @@ ns_sortlist_setup(dns_acl_t *acl, isc_netaddr_t *clientaddr, void **argp); */ int -ns_sortlist_addrorder1(isc_netaddr_t *addr, void *arg); +ns_sortlist_addrorder1(const isc_netaddr_t *addr, const void *arg); /* * Find the sort order of 'addr' in 'arg', the matching element * of a 1-element top-level sortlist statement. */ int -ns_sortlist_addrorder2(isc_netaddr_t *addr, void *arg); +ns_sortlist_addrorder2(const isc_netaddr_t *addr, const void *arg); /* * Find the sort order of 'addr' in 'arg', a topology-like * ACL forming the second element in a 2-element top-level @@ -72,7 +73,7 @@ ns_sortlist_addrorder2(isc_netaddr_t *addr, void *arg); void ns_sortlist_byaddrsetup(dns_acl_t *sortlist_acl, isc_netaddr_t *client_addr, dns_addressorderfunc_t *orderp, - void **argp); + const void **argp); /* * Find the sortlist statement in 'acl' that applies to 'clientaddr', if any. * If a sortlist statement applies, return in '*orderp' a pointer to a function diff --git a/contrib/bind9/bin/named/include/named/tkeyconf.h b/contrib/bind9/bin/named/include/named/tkeyconf.h index e3710ea..ac72f3e 100644 --- a/contrib/bind9/bin/named/include/named/tkeyconf.h +++ b/contrib/bind9/bin/named/include/named/tkeyconf.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: tkeyconf.h,v 1.9.208.1 2004/03/06 10:21:26 marka Exp $ */ +/* $Id: tkeyconf.h,v 1.9.208.3 2006/03/02 00:37:20 marka Exp $ */ #ifndef NS_TKEYCONF_H #define NS_TKEYCONF_H 1 @@ -28,8 +28,8 @@ ISC_LANG_BEGINDECLS isc_result_t -ns_tkeyctx_fromconfig(cfg_obj_t *options, isc_mem_t *mctx, isc_entropy_t *ectx, - dns_tkeyctx_t **tctxp); +ns_tkeyctx_fromconfig(const cfg_obj_t *options, isc_mem_t *mctx, + isc_entropy_t *ectx, dns_tkeyctx_t **tctxp); /* * Create a TKEY context and configure it, including the default DH key * and default domain, according to 'options'. diff --git a/contrib/bind9/bin/named/include/named/tsigconf.h b/contrib/bind9/bin/named/include/named/tsigconf.h index ef4161d..fcb415e 100644 --- a/contrib/bind9/bin/named/include/named/tsigconf.h +++ b/contrib/bind9/bin/named/include/named/tsigconf.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: tsigconf.h,v 1.9.208.1 2004/03/06 10:21:26 marka Exp $ */ +/* $Id: tsigconf.h,v 1.9.208.3 2006/03/02 00:37:20 marka Exp $ */ #ifndef NS_TSIGCONF_H #define NS_TSIGCONF_H 1 @@ -26,7 +26,7 @@ ISC_LANG_BEGINDECLS isc_result_t -ns_tsigkeyring_fromconfig(cfg_obj_t *config, cfg_obj_t *vconfig, +ns_tsigkeyring_fromconfig(const cfg_obj_t *config, const cfg_obj_t *vconfig, isc_mem_t *mctx, dns_tsig_keyring_t **ringp); /* * Create a TSIG key ring and configure it according to the 'key' diff --git a/contrib/bind9/bin/named/include/named/zoneconf.h b/contrib/bind9/bin/named/include/named/zoneconf.h index 3b8f200..3e63053 100644 --- a/contrib/bind9/bin/named/include/named/zoneconf.h +++ b/contrib/bind9/bin/named/include/named/zoneconf.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: zoneconf.h,v 1.16.2.2.8.1 2004/03/06 10:21:27 marka Exp $ */ +/* $Id: zoneconf.h,v 1.16.2.2.8.3 2006/03/02 00:37:20 marka Exp $ */ #ifndef NS_ZONECONF_H #define NS_ZONECONF_H 1 @@ -30,8 +30,9 @@ ISC_LANG_BEGINDECLS isc_result_t -ns_zone_configure(cfg_obj_t *config, cfg_obj_t *vconfig, cfg_obj_t *zconfig, - ns_aclconfctx_t *ac, dns_zone_t *zone); +ns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig, + const cfg_obj_t *zconfig, ns_aclconfctx_t *ac, + dns_zone_t *zone); /* * Configure or reconfigure a zone according to the named.conf * data in 'cctx' and 'czone'. @@ -48,7 +49,7 @@ ns_zone_configure(cfg_obj_t *config, cfg_obj_t *vconfig, cfg_obj_t *zconfig, */ isc_boolean_t -ns_zone_reusable(dns_zone_t *zone, cfg_obj_t *zconfig); +ns_zone_reusable(dns_zone_t *zone, const cfg_obj_t *zconfig); /* * If 'zone' can be safely reconfigured according to the configuration * data in 'zconfig', return ISC_TRUE. If the configuration data is so diff --git a/contrib/bind9/bin/named/interfacemgr.c b/contrib/bind9/bin/named/interfacemgr.c index b212892..a341056 100644 --- a/contrib/bind9/bin/named/interfacemgr.c +++ b/contrib/bind9/bin/named/interfacemgr.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: interfacemgr.c,v 1.59.2.5.8.15 2004/08/10 04:56:23 jinmei Exp $ */ +/* $Id: interfacemgr.c,v 1.59.2.5.8.18 2006/07/19 00:16:28 marka Exp $ */ #include <config.h> @@ -182,6 +182,7 @@ ns_interface_create(ns_interfacemgr_t *mgr, isc_sockaddr_t *addr, ifp->mgr = NULL; ifp->generation = mgr->generation; ifp->addr = *addr; + ifp->flags = 0; strncpy(ifp->name, name, sizeof(ifp->name)); ifp->name[sizeof(ifp->name)-1] = '\0'; ifp->clientmgr = NULL; @@ -717,9 +718,8 @@ do_scan(ns_interfacemgr_t *mgr, ns_listenlist_t *ext_listen, * See if the address matches the listen-on statement; * if not, ignore the interface. */ - result = dns_acl_match(&listen_netaddr, NULL, - le->acl, &mgr->aclenv, - &match, NULL); + (void)dns_acl_match(&listen_netaddr, NULL, le->acl, + &mgr->aclenv, &match, NULL); if (match <= 0) continue; @@ -745,9 +745,9 @@ do_scan(ns_interfacemgr_t *mgr, ns_listenlist_t *ext_listen, for (ele = ISC_LIST_HEAD(ext_listen->elts); ele != NULL; ele = ISC_LIST_NEXT(ele, link)) { - dns_acl_match(&listen_netaddr, NULL, - ele->acl, NULL, - &match, NULL); + (void)dns_acl_match(&listen_netaddr, + NULL, ele->acl, + NULL, &match, NULL); if (match > 0 && ele->port == le->port) break; else diff --git a/contrib/bind9/bin/named/logconf.c b/contrib/bind9/bin/named/logconf.c index 596d401..1bf3b55 100644 --- a/contrib/bind9/bin/named/logconf.c +++ b/contrib/bind9/bin/named/logconf.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: logconf.c,v 1.30.2.3.10.2 2004/03/06 10:21:18 marka Exp $ */ +/* $Id: logconf.c,v 1.30.2.3.10.4 2006/03/02 00:37:20 marka Exp $ */ #include <config.h> @@ -41,13 +41,13 @@ * in 'ccat' and add it to 'lctx'. */ static isc_result_t -category_fromconf(cfg_obj_t *ccat, isc_logconfig_t *lctx) { +category_fromconf(const cfg_obj_t *ccat, isc_logconfig_t *lctx) { isc_result_t result; const char *catname; isc_logcategory_t *category; isc_logmodule_t *module; - cfg_obj_t *destinations = NULL; - cfg_listelt_t *element = NULL; + const cfg_obj_t *destinations = NULL; + const cfg_listelt_t *element = NULL; catname = cfg_obj_asstring(cfg_tuple_get(ccat, "name")); category = isc_log_categorybyname(ns_g_lctx, catname); @@ -68,8 +68,8 @@ category_fromconf(cfg_obj_t *ccat, isc_logconfig_t *lctx) { element != NULL; element = cfg_list_next(element)) { - cfg_obj_t *channel = cfg_listelt_value(element); - char *channelname = cfg_obj_asstring(channel); + const cfg_obj_t *channel = cfg_listelt_value(element); + const char *channelname = cfg_obj_asstring(channel); result = isc_log_usechannel(lctx, channelname, category, module); @@ -89,18 +89,18 @@ category_fromconf(cfg_obj_t *ccat, isc_logconfig_t *lctx) { * in 'cchan' and add it to 'lctx'. */ static isc_result_t -channel_fromconf(cfg_obj_t *channel, isc_logconfig_t *lctx) { +channel_fromconf(const cfg_obj_t *channel, isc_logconfig_t *lctx) { isc_result_t result; isc_logdestination_t dest; unsigned int type; unsigned int flags = 0; int level; const char *channelname; - cfg_obj_t *fileobj = NULL; - cfg_obj_t *syslogobj = NULL; - cfg_obj_t *nullobj = NULL; - cfg_obj_t *stderrobj = NULL; - cfg_obj_t *severity = NULL; + const cfg_obj_t *fileobj = NULL; + const cfg_obj_t *syslogobj = NULL; + const cfg_obj_t *nullobj = NULL; + const cfg_obj_t *stderrobj = NULL; + const cfg_obj_t *severity = NULL; int i; channelname = cfg_obj_asstring(cfg_map_getname(channel)); @@ -130,9 +130,10 @@ channel_fromconf(cfg_obj_t *channel, isc_logconfig_t *lctx) { type = ISC_LOG_TONULL; if (fileobj != NULL) { - cfg_obj_t *pathobj = cfg_tuple_get(fileobj, "file"); - cfg_obj_t *sizeobj = cfg_tuple_get(fileobj, "size"); - cfg_obj_t *versionsobj = cfg_tuple_get(fileobj, "versions"); + const cfg_obj_t *pathobj = cfg_tuple_get(fileobj, "file"); + const cfg_obj_t *sizeobj = cfg_tuple_get(fileobj, "size"); + const cfg_obj_t *versionsobj = + cfg_tuple_get(fileobj, "versions"); isc_int32_t versions = ISC_LOG_ROLLNEVER; isc_offset_t size = 0; @@ -157,7 +158,7 @@ channel_fromconf(cfg_obj_t *channel, isc_logconfig_t *lctx) { type = ISC_LOG_TOSYSLOG; if (cfg_obj_isstring(syslogobj)) { - char *facilitystr = cfg_obj_asstring(syslogobj); + const char *facilitystr = cfg_obj_asstring(syslogobj); (void)isc_syslog_facilityfromstring(facilitystr, &facility); } @@ -174,9 +175,9 @@ channel_fromconf(cfg_obj_t *channel, isc_logconfig_t *lctx) { * Munge flags. */ { - cfg_obj_t *printcat = NULL; - cfg_obj_t *printsev = NULL; - cfg_obj_t *printtime = NULL; + const cfg_obj_t *printcat = NULL; + const cfg_obj_t *printsev = NULL; + const cfg_obj_t *printtime = NULL; (void)cfg_map_get(channel, "print-category", &printcat); (void)cfg_map_get(channel, "print-severity", &printsev); @@ -193,7 +194,7 @@ channel_fromconf(cfg_obj_t *channel, isc_logconfig_t *lctx) { level = ISC_LOG_INFO; if (cfg_map_get(channel, "severity", &severity) == ISC_R_SUCCESS) { if (cfg_obj_isstring(severity)) { - char *str = cfg_obj_asstring(severity); + const char *str = cfg_obj_asstring(severity); if (strcasecmp(str, "critical") == 0) level = ISC_LOG_CRITICAL; else if (strcasecmp(str, "error") == 0) @@ -242,13 +243,14 @@ channel_fromconf(cfg_obj_t *channel, isc_logconfig_t *lctx) { } isc_result_t -ns_log_configure(isc_logconfig_t *logconf, cfg_obj_t *logstmt) { +ns_log_configure(isc_logconfig_t *logconf, const cfg_obj_t *logstmt) { isc_result_t result; - cfg_obj_t *channels = NULL; - cfg_obj_t *categories = NULL; - cfg_listelt_t *element; + const cfg_obj_t *channels = NULL; + const cfg_obj_t *categories = NULL; + const cfg_listelt_t *element; isc_boolean_t default_set = ISC_FALSE; isc_boolean_t unmatched_set = ISC_FALSE; + const cfg_obj_t *catname; CHECK(ns_log_setdefaultchannels(logconf)); @@ -257,7 +259,7 @@ ns_log_configure(isc_logconfig_t *logconf, cfg_obj_t *logstmt) { element != NULL; element = cfg_list_next(element)) { - cfg_obj_t *channel = cfg_listelt_value(element); + const cfg_obj_t *channel = cfg_listelt_value(element); CHECK(channel_fromconf(channel, logconf)); } @@ -266,15 +268,15 @@ ns_log_configure(isc_logconfig_t *logconf, cfg_obj_t *logstmt) { element != NULL; element = cfg_list_next(element)) { - cfg_obj_t *category = cfg_listelt_value(element); + const cfg_obj_t *category = cfg_listelt_value(element); CHECK(category_fromconf(category, logconf)); if (!default_set) { - cfg_obj_t *catname = cfg_tuple_get(category, "name"); + catname = cfg_tuple_get(category, "name"); if (strcmp(cfg_obj_asstring(catname), "default") == 0) default_set = ISC_TRUE; } if (!unmatched_set) { - cfg_obj_t *catname = cfg_tuple_get(category, "name"); + catname = cfg_tuple_get(category, "name"); if (strcmp(cfg_obj_asstring(catname), "unmatched") == 0) unmatched_set = ISC_TRUE; } diff --git a/contrib/bind9/bin/named/lwdgabn.c b/contrib/bind9/bin/named/lwdgabn.c index 030a77a..539c25b 100644 --- a/contrib/bind9/bin/named/lwdgabn.c +++ b/contrib/bind9/bin/named/lwdgabn.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: lwdgabn.c,v 1.13.12.3 2004/03/08 04:04:19 marka Exp $ */ +/* $Id: lwdgabn.c,v 1.13.12.5 2006/03/02 00:37:20 marka Exp $ */ #include <config.h> @@ -120,7 +120,7 @@ sort_addresses(ns_lwdclient_t *client) { rankedaddress *addrs; isc_netaddr_t remote; dns_addressorderfunc_t order; - void *arg; + const void *arg; ns_lwresd_t *lwresd = client->clientmgr->listener->manager; unsigned int i; isc_result_t result; diff --git a/contrib/bind9/bin/named/lwdgrbn.c b/contrib/bind9/bin/named/lwdgrbn.c index 6652265..3ad9e9e 100644 --- a/contrib/bind9/bin/named/lwdgrbn.c +++ b/contrib/bind9/bin/named/lwdgrbn.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: lwdgrbn.c,v 1.11.208.3 2004/03/08 04:04:19 marka Exp $ */ +/* $Id: lwdgrbn.c,v 1.11.208.5 2006/01/04 23:50:19 marka Exp $ */ #include <config.h> @@ -358,7 +358,7 @@ lookup_done(isc_task_t *task, isc_event_t *event) { client->sendlength = r.length; result = ns_lwdclient_sendreply(client, &r); if (result != ISC_R_SUCCESS) - goto out; + goto out2; NS_LWDCLIENT_SETSEND(client); @@ -378,7 +378,7 @@ lookup_done(isc_task_t *task, isc_event_t *event) { if (grbn->siglen != NULL) isc_mem_put(cm->mctx, grbn->siglen, grbn->nsigs * sizeof(lwres_uint16_t)); - + out2: if (client->lookup != NULL) dns_lookup_destroy(&client->lookup); if (lwb.base != NULL) diff --git a/contrib/bind9/bin/named/lwresd.8 b/contrib/bind9/bin/named/lwresd.8 index 58f24b0..1333a5d 100644 --- a/contrib/bind9/bin/named/lwresd.8 +++ b/contrib/bind9/bin/named/lwresd.8 @@ -13,14 +13,17 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwresd.8,v 1.13.208.5 2005/10/13 02:33:47 marka Exp $ +.\" $Id: lwresd.8,v 1.13.208.6 2006/06/29 13:02:30 marka Exp $ .\" .hy 0 .ad l -.\" ** You probably do not want to edit this file directly ** -.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). -.\" Instead of manually editing it, you probably should edit the DocBook XML -.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. +.\" Title: lwresd +.\" Author: +.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/> +.\" Date: June 30, 2000 +.\" Manual: BIND9 +.\" Source: BIND9 +.\" .TH "LWRESD" "8" "June 30, 2000" "BIND9" "BIND9" .\" disable hyphenation .nh @@ -57,41 +60,41 @@ entries are present, or if forwarding fails, \fBlwresd\fR resolves the queries autonomously starting at the root name servers, using a built\-in list of root server hints. .SH "OPTIONS" -.TP +.TP 3n \-C \fIconfig\-file\fR Use \fIconfig\-file\fR as the configuration file instead of the default, \fI/etc/resolv.conf\fR. -.TP +.TP 3n \-d \fIdebug\-level\fR Set the daemon's debug level to \fIdebug\-level\fR. Debugging traces from \fBlwresd\fR become more verbose as the debug level increases. -.TP +.TP 3n \-f Run the server in the foreground (i.e. do not daemonize). -.TP +.TP 3n \-g Run the server in the foreground and force all logging to \fIstderr\fR. -.TP +.TP 3n \-n \fI#cpus\fR Create \fI#cpus\fR worker threads to take advantage of multiple CPUs. If not specified, \fBlwresd\fR will try to determine the number of CPUs present and create one thread per CPU. If it is unable to determine the number of CPUs, a single worker thread will be created. -.TP +.TP 3n \-P \fIport\fR Listen for lightweight resolver queries on port \fIport\fR. If not specified, the default is port 921. -.TP +.TP 3n \-p \fIport\fR Send DNS lookups to port \fIport\fR. If not specified, the default is port 53. This provides a way of testing the lightweight resolver daemon with a name server that listens for queries on a non\-standard port number. -.TP +.TP 3n \-s Write memory usage statistics to \fIstdout\fR @@ -100,7 +103,7 @@ on exit. .B "Note:" This option is mainly of interest to BIND 9 developers and may be removed or changed in a future release. .RE -.TP +.TP 3n \-t \fIdirectory\fR \fBchroot()\fR to @@ -114,20 +117,20 @@ option, as chrooting a process running as root doesn't enhance security on most \fBchroot()\fR is defined allows a process with root privileges to escape a chroot jail. .RE -.TP +.TP 3n \-u \fIuser\fR \fBsetuid()\fR to \fIuser\fR after completing privileged operations, such as creating sockets that listen on privileged ports. -.TP +.TP 3n \-v Report the version number and exit. .SH "FILES" -.TP +.TP 3n \fI/etc/resolv.conf\fR The default configuration file. -.TP +.TP 3n \fI/var/run/lwresd.pid\fR The default process\-id file. .SH "SEE ALSO" @@ -138,3 +141,5 @@ The default process\-id file. .SH "AUTHOR" .PP Internet Systems Consortium +.SH "COPYRIGHT" +Copyright \(co 2004, 2005 Internet Systems Consortium, Inc. ("ISC") diff --git a/contrib/bind9/bin/named/lwresd.c b/contrib/bind9/bin/named/lwresd.c index 9da4168..e48822f 100644 --- a/contrib/bind9/bin/named/lwresd.c +++ b/contrib/bind9/bin/named/lwresd.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: lwresd.c,v 1.37.2.2.2.5 2004/03/08 04:04:19 marka Exp $ */ +/* $Id: lwresd.c,v 1.37.2.2.2.8 2006/02/28 06:32:53 marka Exp $ */ /* * Main program for the Lightweight Resolver Daemon. @@ -285,14 +285,14 @@ ns_lwresd_parseeresolvconf(isc_mem_t *mctx, cfg_parser_t *pctx, * Handle lwresd manager objects */ isc_result_t -ns_lwdmanager_create(isc_mem_t *mctx, cfg_obj_t *lwres, +ns_lwdmanager_create(isc_mem_t *mctx, const cfg_obj_t *lwres, ns_lwresd_t **lwresdp) { ns_lwresd_t *lwresd; const char *vname; dns_rdataclass_t vclass; - cfg_obj_t *obj, *viewobj, *searchobj; - cfg_listelt_t *element; + const cfg_obj_t *obj, *viewobj, *searchobj; + const cfg_listelt_t *element; isc_result_t result; INSIST(lwresdp != NULL && *lwresdp == NULL); @@ -356,8 +356,8 @@ ns_lwdmanager_create(isc_mem_t *mctx, cfg_obj_t *lwres, element != NULL; element = cfg_list_next(element)) { - cfg_obj_t *search; - char *searchstr; + const cfg_obj_t *search; + const char *searchstr; isc_buffer_t namebuf; dns_fixedname_t fname; dns_name_t *name; @@ -407,6 +407,7 @@ ns_lwdmanager_create(isc_mem_t *mctx, cfg_obj_t *lwres, ns_lwsearchlist_detach(&lwresd->search); if (lwresd->mctx != NULL) isc_mem_detach(&lwresd->mctx); + isc_mem_put(mctx, lwresd, sizeof(ns_lwresd_t)); return (result); } @@ -744,11 +745,11 @@ configure_listener(isc_sockaddr_t *address, ns_lwresd_t *lwresd, } isc_result_t -ns_lwresd_configure(isc_mem_t *mctx, cfg_obj_t *config) { - cfg_obj_t *lwreslist = NULL; - cfg_obj_t *lwres = NULL; - cfg_obj_t *listenerslist = NULL; - cfg_listelt_t *element = NULL; +ns_lwresd_configure(isc_mem_t *mctx, const cfg_obj_t *config) { + const cfg_obj_t *lwreslist = NULL; + const cfg_obj_t *lwres = NULL; + const cfg_obj_t *listenerslist = NULL; + const cfg_listelt_t *element = NULL; ns_lwreslistener_t *listener; ns_lwreslistenerlist_t newlisteners; isc_result_t result; diff --git a/contrib/bind9/bin/named/lwresd.html b/contrib/bind9/bin/named/lwresd.html index 439153a..6ab7824 100644 --- a/contrib/bind9/bin/named/lwresd.html +++ b/contrib/bind9/bin/named/lwresd.html @@ -14,15 +14,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwresd.html,v 1.4.2.1.4.8 2005/10/13 02:33:47 marka Exp $ --> +<!-- $Id: lwresd.html,v 1.4.2.1.4.10 2006/06/29 13:02:30 marka Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> <title>lwresd</title> -<meta name="generator" content="DocBook XSL Stylesheets V1.69.1"> +<meta name="generator" content="DocBook XSL Stylesheets V1.70.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2463721"></a><div class="titlepage"></div> +<a name="id2482688"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p><span class="application">lwresd</span> — lightweight resolver daemon</p> @@ -32,7 +32,7 @@ <div class="cmdsynopsis"><p><code class="command">lwresd</code> [<code class="option">-C <em class="replaceable"><code>config-file</code></em></code>] [<code class="option">-d <em class="replaceable"><code>debug-level</code></em></code>] [<code class="option">-f</code>] [<code class="option">-g</code>] [<code class="option">-i <em class="replaceable"><code>pid-file</code></em></code>] [<code class="option">-n <em class="replaceable"><code>#cpus</code></em></code>] [<code class="option">-P <em class="replaceable"><code>port</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-s</code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-u <em class="replaceable"><code>user</code></em></code>] [<code class="option">-v</code>]</p></div> </div> <div class="refsect1" lang="en"> -<a name="id2525920"></a><h2>DESCRIPTION</h2> +<a name="id2549484"></a><h2>DESCRIPTION</h2> <p> <span><strong class="command">lwresd</strong></span> is the daemon providing name lookup services to clients that use the BIND 9 lightweight resolver @@ -67,7 +67,7 @@ </p> </div> <div class="refsect1" lang="en"> -<a name="id2525969"></a><h2>OPTIONS</h2> +<a name="id2549533"></a><h2>OPTIONS</h2> <div class="variablelist"><dl> <dt><span class="term">-C <em class="replaceable"><code>config-file</code></em></span></dt> <dd><p> @@ -159,7 +159,7 @@ </dl></div> </div> <div class="refsect1" lang="en"> -<a name="id2526237"></a><h2>FILES</h2> +<a name="id2549939"></a><h2>FILES</h2> <div class="variablelist"><dl> <dt><span class="term"><code class="filename">/etc/resolv.conf</code></span></dt> <dd><p> @@ -172,7 +172,7 @@ </dl></div> </div> <div class="refsect1" lang="en"> -<a name="id2526277"></a><h2>SEE ALSO</h2> +<a name="id2549978"></a><h2>SEE ALSO</h2> <p> <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>, <span class="citerefentry"><span class="refentrytitle">lwres</span>(3)</span>, @@ -180,7 +180,7 @@ </p> </div> <div class="refsect1" lang="en"> -<a name="id2526315"></a><h2>AUTHOR</h2> +<a name="id2550017"></a><h2>AUTHOR</h2> <p> <span class="corpauthor">Internet Systems Consortium</span> </p> diff --git a/contrib/bind9/bin/named/main.c b/contrib/bind9/bin/named/main.c index c155291..960de2a 100644 --- a/contrib/bind9/bin/named/main.c +++ b/contrib/bind9/bin/named/main.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: main.c,v 1.119.2.3.2.22 2005/04/29 01:04:47 marka Exp $ */ +/* $Id: main.c,v 1.119.2.3.2.25 2006/11/10 18:51:06 marka Exp $ */ #include <config.h> @@ -473,7 +473,7 @@ create_managers(void) { result = isc_taskmgr_create(ns_g_mctx, ns_g_cpus, 0, &ns_g_taskmgr); if (result != ISC_R_SUCCESS) { UNEXPECTED_ERROR(__FILE__, __LINE__, - "ns_taskmgr_create() failed: %s", + "isc_taskmgr_create() failed: %s", isc_result_totext(result)); return (ISC_R_UNEXPECTED); } @@ -481,7 +481,7 @@ create_managers(void) { result = isc_timermgr_create(ns_g_mctx, &ns_g_timermgr); if (result != ISC_R_SUCCESS) { UNEXPECTED_ERROR(__FILE__, __LINE__, - "ns_timermgr_create() failed: %s", + "isc_timermgr_create() failed: %s", isc_result_totext(result)); return (ISC_R_UNEXPECTED); } @@ -856,7 +856,7 @@ main(int argc, char *argv[]) { if (result == ISC_R_SUCCESS && instance != NULL) { if (smf_disable_instance(instance, 0) != 0) UNEXPECTED_ERROR(__FILE__, __LINE__, - "smf_disable_instance() ", + "smf_disable_instance() " "failed for %s : %s", instance, scf_strerror(scf_error())); diff --git a/contrib/bind9/bin/named/named.8 b/contrib/bind9/bin/named/named.8 index e072c16..7172393 100644 --- a/contrib/bind9/bin/named/named.8 +++ b/contrib/bind9/bin/named/named.8 @@ -1,4 +1,4 @@ -.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +.\" Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000, 2001, 2003 Internet Software Consortium. .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -13,14 +13,17 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: named.8,v 1.17.208.6 2005/10/13 02:33:46 marka Exp $ +.\" $Id: named.8,v 1.17.208.9 2006/06/29 13:02:30 marka Exp $ .\" .hy 0 .ad l -.\" ** You probably do not want to edit this file directly ** -.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). -.\" Instead of manually editing it, you probably should edit the DocBook XML -.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. +.\" Title: named +.\" Author: +.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/> +.\" Date: June 30, 2000 +.\" Manual: BIND9 +.\" Source: BIND9 +.\" .TH "NAMED" "8" "June 30, 2000" "BIND9" "BIND9" .\" disable hyphenation .nh @@ -41,21 +44,21 @@ When invoked without arguments, will read the default configuration file \fI/etc/named.conf\fR, read any initial data, and listen for queries. .SH "OPTIONS" -.TP +.TP 3n \-4 Use IPv4 only even if the host machine is capable of IPv6. \fB\-4\fR and \fB\-6\fR are mutually exclusive. -.TP +.TP 3n \-6 Use IPv6 only even if the host machine is capable of IPv4. \fB\-4\fR and \fB\-6\fR are mutually exclusive. -.TP +.TP 3n \-c \fIconfig\-file\fR Use \fIconfig\-file\fR @@ -65,31 +68,31 @@ as the configuration file instead of the default, option in the configuration file, \fIconfig\-file\fR should be an absolute pathname. -.TP +.TP 3n \-d \fIdebug\-level\fR Set the daemon's debug level to \fIdebug\-level\fR. Debugging traces from \fBnamed\fR become more verbose as the debug level increases. -.TP +.TP 3n \-f Run the server in the foreground (i.e. do not daemonize). -.TP +.TP 3n \-g Run the server in the foreground and force all logging to \fIstderr\fR. -.TP +.TP 3n \-n \fI#cpus\fR Create \fI#cpus\fR worker threads to take advantage of multiple CPUs. If not specified, \fBnamed\fR will try to determine the number of CPUs present and create one thread per CPU. If it is unable to determine the number of CPUs, a single worker thread will be created. -.TP +.TP 3n \-p \fIport\fR Listen for queries on port \fIport\fR. If not specified, the default is port 53. -.TP +.TP 3n \-s Write memory usage statistics to \fIstdout\fR @@ -98,7 +101,7 @@ on exit. .B "Note:" This option is mainly of interest to BIND 9 developers and may be removed or changed in a future release. .RE -.TP +.TP 3n \-t \fIdirectory\fR \fBchroot()\fR to @@ -112,7 +115,7 @@ option, as chrooting a process running as root doesn't enhance security on most \fBchroot()\fR is defined allows a process with root privileges to escape a chroot jail. .RE -.TP +.TP 3n \-u \fIuser\fR \fBsetuid()\fR to @@ -131,10 +134,10 @@ option only works when is run on kernel 2.2.18 or later, or kernel 2.3.99\-pre3 or later, since previous kernels did not allow privileges to be retained after \fBsetuid()\fR. .RE -.TP +.TP 3n \-v Report the version number and exit. -.TP +.TP 3n \-x \fIcache\-file\fR Load data from \fIcache\-file\fR @@ -148,10 +151,10 @@ This option must not be used. It is only of interest to BIND 9 developers and ma In routine operation, signals should not be used to control the nameserver; \fBrndc\fR should be used instead. -.TP +.TP 3n SIGHUP Force a reload of the server. -.TP +.TP 3n SIGINT, SIGTERM Shut down the server. .PP @@ -163,10 +166,10 @@ The configuration file is too complex to describe in detail here. A complete description is provided in the BIND 9 Administrator Reference Manual. .SH "FILES" -.TP +.TP 3n \fI/etc/named.conf\fR The default configuration file. -.TP +.TP 3n \fI/var/run/named.pid\fR The default process\-id file. .SH "SEE ALSO" @@ -176,7 +179,10 @@ RFC 1034, RFC 1035, \fBrndc\fR(8), \fBlwresd\fR(8), +\fBnamed.conf\fR(5), BIND 9 Administrator Reference Manual. .SH "AUTHOR" .PP Internet Systems Consortium +.SH "COPYRIGHT" +Copyright \(co 2004\-2006 Internet Systems Consortium, Inc. ("ISC") diff --git a/contrib/bind9/bin/named/named.conf.5 b/contrib/bind9/bin/named/named.conf.5 index d0b690b..1ace4da 100644 --- a/contrib/bind9/bin/named/named.conf.5 +++ b/contrib/bind9/bin/named/named.conf.5 @@ -1,4 +1,4 @@ -.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +.\" Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") .\" .\" Permission to use, copy, modify, and distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above @@ -12,15 +12,18 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: named.conf.5,v 1.1.4.6 2005/10/13 02:33:47 marka Exp $ +.\" $Id: named.conf.5,v 1.1.4.10 2006/09/13 02:56:20 marka Exp $ .\" .hy 0 .ad l -.\" ** You probably do not want to edit this file directly ** -.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). -.\" Instead of manually editing it, you probably should edit the DocBook XML -.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. -.TH "\\FINAMED.CONF\\FR" "5" "Aug 13, 2004" "BIND9" "BIND9" +.\" Title: \fInamed.conf\fR +.\" Author: +.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/> +.\" Date: Aug 13, 2004 +.\" Manual: BIND9 +.\" Source: BIND9 +.\" +.TH "\fINAMED.CONF\fR" "5" "Aug 13, 2004" "BIND9" "BIND9" .\" disable hyphenation .nh .\" disable justification (adjust text to left margin only) @@ -43,27 +46,34 @@ C++ style: // to end of line Unix style: # to end of line .SH "ACL" .sp +.RS 3n .nf acl \fIstring\fR { \fIaddress_match_element\fR; ... }; .fi +.RE .SH "KEY" .sp +.RS 3n .nf key \fIdomain_name\fR { algorithm \fIstring\fR; secret \fIstring\fR; }; .fi +.RE .SH "MASTERS" .sp +.RS 3n .nf masters \fIstring\fR [ port \fIinteger\fR ] { ( \fImasters\fR | \fIipv4_address\fR [port \fIinteger\fR] | \fIipv6_address\fR [port \fIinteger\fR] ) [ key \fIstring\fR ]; ... }; .fi +.RE .SH "SERVER" .sp +.RS 3n .nf server ( \fIipv4_address\fR | \fIipv6_address\fR ) { bogus \fIboolean\fR; @@ -80,15 +90,19 @@ server ( \fIipv4_address\fR | \fIipv6_address\fR ) { support\-ixfr \fIboolean\fR; // obsolete }; .fi +.RE .SH "TRUSTED\-KEYS" .sp +.RS 3n .nf trusted\-keys { \fIdomain_name\fR \fIflags\fR \fIprotocol\fR \fIalgorithm\fR \fIkey\fR; ... }; .fi +.RE .SH "CONTROLS" .sp +.RS 3n .nf controls { inet ( \fIipv4_address\fR | \fIipv6_address\fR | * ) @@ -98,8 +112,10 @@ controls { unix \fIunsupported\fR; // not implemented }; .fi +.RE .SH "LOGGING" .sp +.RS 3n .nf logging { channel \fIstring\fR { @@ -115,8 +131,10 @@ logging { category \fIstring\fR { \fIstring\fR; ... }; }; .fi +.RE .SH "LWRES" .sp +.RS 3n .nf lwres { listen\-on [ port \fIinteger\fR ] { @@ -127,8 +145,10 @@ lwres { ndots \fIinteger\fR; }; .fi +.RE .SH "OPTIONS" .sp +.RS 3n .nf options { avoid\-v4\-udp\-ports { \fIport\fR; ... }; @@ -137,6 +157,7 @@ options { coresize \fIsize\fR; datasize \fIsize\fR; directory \fIquoted_string\fR; + cache\-file \fIquoted_string\fR; // test option dump\-file \fIquoted_string\fR; files \fIsize\fR; heartbeat\-interval \fIinteger\fR; @@ -184,8 +205,8 @@ options { rfc2308\-type1 \fIboolean\fR; // not yet implemented additional\-from\-auth \fIboolean\fR; additional\-from\-cache \fIboolean\fR; - query\-source \fIquerysource4\fR; - query\-source\-v6 \fIquerysource6\fR; + query\-source [ address ( \fIipv4_address\fR | * ) ] [ port ( \fIinteger\fR | * ) ]; + query\-source\-v6 [ address ( \fIipv6_address\fR | * ) ] [ port ( \fIinteger\fR | * ) ]; cleaning\-interval \fIinteger\fR; min\-roots \fIinteger\fR; // not implemented lame\-ttl \fIinteger\fR; @@ -260,8 +281,10 @@ options { use\-id\-pool \fIboolean\fR; // obsolete }; .fi +.RE .SH "VIEW" .sp +.RS 3n .nf view \fIstring\fR \fIoptional_class\fR { match\-clients { \fIaddress_match_element\fR; ... }; @@ -295,8 +318,8 @@ view \fIstring\fR \fIoptional_class\fR { rfc2308\-type1 \fIboolean\fR; // not yet implemented additional\-from\-auth \fIboolean\fR; additional\-from\-cache \fIboolean\fR; - query\-source \fIquerysource4\fR; - query\-source\-v6 \fIquerysource6\fR; + query\-source [ address ( \fIipv4_address\fR | * ) ] [ port ( \fIinteger\fR | * ) ]; + query\-source\-v6 [ address ( \fIipv6_address\fR | * ) ] [ port ( \fIinteger\fR | * ) ]; cleaning\-interval \fIinteger\fR; min\-roots \fIinteger\fR; // not implemented lame\-ttl \fIinteger\fR; @@ -363,8 +386,10 @@ view \fIstring\fR \fIoptional_class\fR { max\-ixfr\-log\-size \fIsize\fR; // obsolete }; .fi +.RE .SH "ZONE" .sp +.RS 3n .nf zone \fIstring\fR \fIoptional_class\fR { type ( master | slave | stub | hint | @@ -428,6 +453,7 @@ zone \fIstring\fR \fIoptional_class\fR { pubkey \fIinteger\fR \fIinteger\fR \fIinteger\fR \fIquoted_string\fR; // obsolete }; .fi +.RE .SH "FILES" .PP \fI/etc/named.conf\fR @@ -435,4 +461,6 @@ zone \fIstring\fR \fIoptional_class\fR { .PP \fBnamed\fR(8), \fBrndc\fR(8), -\fBBIND 9 Adminstrators Reference Manual\fR(). +\fBBIND 9 Administrator Reference Manual\fR(). +.SH "COPYRIGHT" +Copyright \(co 2004\-2006 Internet Systems Consortium, Inc. ("ISC") diff --git a/contrib/bind9/bin/named/named.conf.docbook b/contrib/bind9/bin/named/named.conf.docbook index 4ba1084..fb8a5ef 100644 --- a/contrib/bind9/bin/named/named.conf.docbook +++ b/contrib/bind9/bin/named/named.conf.docbook @@ -2,7 +2,7 @@ "http://www.oasis-open.org/docbook/xml/4.0/docbookx.dtd" [<!ENTITY mdash "—">]> <!-- - - Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") - - Permission to use, copy, modify, and distribute this software for any - purpose with or without fee is hereby granted, provided that the above @@ -17,7 +17,7 @@ - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: named.conf.docbook,v 1.1.4.4 2005/05/13 01:22:33 marka Exp $ --> +<!-- $Id: named.conf.docbook,v 1.1.4.8 2006/09/13 00:26:41 marka Exp $ --> <refentry> <refentryinfo> @@ -34,6 +34,7 @@ <copyright> <year>2004</year> <year>2005</year> + <year>2006</year> <holder>Internet Systems Consortium, Inc. ("ISC")</holder> </copyright> </docinfo> @@ -183,6 +184,7 @@ options { coresize <replaceable>size</replaceable>; datasize <replaceable>size</replaceable>; directory <replaceable>quoted_string</replaceable>; + cache-file <replaceable>quoted_string</replaceable>; // test option dump-file <replaceable>quoted_string</replaceable>; files <replaceable>size</replaceable>; heartbeat-interval <replaceable>integer</replaceable>; @@ -230,8 +232,8 @@ options { rfc2308-type1 <replaceable>boolean</replaceable>; // not yet implemented additional-from-auth <replaceable>boolean</replaceable>; additional-from-cache <replaceable>boolean</replaceable>; - query-source <replaceable>querysource4</replaceable>; - query-source-v6 <replaceable>querysource6</replaceable>; + query-source <optional> address ( <replaceable>ipv4_address</replaceable> | * ) </optional> <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; + query-source-v6 <optional> address ( <replaceable>ipv6_address</replaceable> | * ) </optional> <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; cleaning-interval <replaceable>integer</replaceable>; min-roots <replaceable>integer</replaceable>; // not implemented lame-ttl <replaceable>integer</replaceable>; @@ -357,8 +359,8 @@ view <replaceable>string</replaceable> <replaceable>optional_class</replaceable> rfc2308-type1 <replaceable>boolean</replaceable>; // not yet implemented additional-from-auth <replaceable>boolean</replaceable>; additional-from-cache <replaceable>boolean</replaceable>; - query-source <replaceable>querysource4</replaceable>; - query-source-v6 <replaceable>querysource6</replaceable>; + query-source <optional> address ( <replaceable>ipv4_address</replaceable> | * ) </optional> <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; + query-source-v6 <optional> address ( <replaceable>ipv6_address</replaceable> | * ) </optional> <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; cleaning-interval <replaceable>integer</replaceable>; min-roots <replaceable>integer</replaceable>; // not implemented lame-ttl <replaceable>integer</replaceable>; @@ -530,7 +532,7 @@ zone <replaceable>string</replaceable> <replaceable>optional_class</replaceable> <refentrytitle>rndc</refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> -<refentrytitle>BIND 9 Adminstrators Reference Manual</refentrytitle> +<refentrytitle>BIND 9 Administrator Reference Manual</refentrytitle> </citerefentry>. </para> </refsect1> diff --git a/contrib/bind9/bin/named/named.conf.html b/contrib/bind9/bin/named/named.conf.html index 8b3b517..b43ee7f 100644 --- a/contrib/bind9/bin/named/named.conf.html +++ b/contrib/bind9/bin/named/named.conf.html @@ -1,5 +1,5 @@ <!-- - - Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") - - Permission to use, copy, modify, and distribute this software for any - purpose with or without fee is hereby granted, provided that the above @@ -13,15 +13,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: named.conf.html,v 1.1.4.10 2005/10/13 02:33:48 marka Exp $ --> +<!-- $Id: named.conf.html,v 1.1.4.15 2006/09/13 02:56:21 marka Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> <title>named.conf</title> -<meta name="generator" content="DocBook XSL Stylesheets V1.69.1"> +<meta name="generator" content="DocBook XSL Stylesheets V1.70.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2463721"></a><div class="titlepage"></div> +<a name="id2482688"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p><code class="filename">named.conf</code> — configuration file for named</p> @@ -31,7 +31,7 @@ <div class="cmdsynopsis"><p><code class="command">named.conf</code> </p></div> </div> <div class="refsect1" lang="en"> -<a name="id2525889"></a><h2>DESCRIPTION</h2> +<a name="id2549388"></a><h2>DESCRIPTION</h2> <p> <code class="filename">named.conf</code> is the configuration file for <span><strong class="command">named</strong></span>. Statements are enclosed @@ -50,14 +50,14 @@ </p> </div> <div class="refsect1" lang="en"> -<a name="id2525917"></a><h2>ACL</h2> +<a name="id2549417"></a><h2>ACL</h2> <div class="literallayout"><p><br> acl <em class="replaceable"><code>string</code></em> { <em class="replaceable"><code>address_match_element</code></em>; ... };<br> <br> </p></div> </div> <div class="refsect1" lang="en"> -<a name="id2525933"></a><h2>KEY</h2> +<a name="id2549433"></a><h2>KEY</h2> <div class="literallayout"><p><br> key <em class="replaceable"><code>domain_name</code></em> {<br> algorithm <em class="replaceable"><code>string</code></em>;<br> @@ -66,7 +66,7 @@ key <em class="replaceable"><code>domain_name</code></em> {<br> </p></div> </div> <div class="refsect1" lang="en"> -<a name="id2525953"></a><h2>MASTERS</h2> +<a name="id2549452"></a><h2>MASTERS</h2> <div class="literallayout"><p><br> masters <em class="replaceable"><code>string</code></em> [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] {<br> ( <em class="replaceable"><code>masters</code></em> | <em class="replaceable"><code>ipv4_address</code></em> [<span class="optional">port <em class="replaceable"><code>integer</code></em></span>] |<br> @@ -75,7 +75,7 @@ masters <em class="replaceable"><code>string</code></em> [<span class="optional" </p></div> </div> <div class="refsect1" lang="en"> -<a name="id2525998"></a><h2>SERVER</h2> +<a name="id2549498"></a><h2>SERVER</h2> <div class="literallayout"><p><br> server ( <em class="replaceable"><code>ipv4_address</code></em> | <em class="replaceable"><code>ipv6_address</code></em> ) {<br> bogus <em class="replaceable"><code>boolean</code></em>;<br> @@ -95,7 +95,7 @@ server ( <em class="replaceable"><code>ipv4_address</code></em> | <em class="rep </p></div> </div> <div class="refsect1" lang="en"> -<a name="id2526056"></a><h2>TRUSTED-KEYS</h2> +<a name="id2549556"></a><h2>TRUSTED-KEYS</h2> <div class="literallayout"><p><br> trusted-keys {<br> <em class="replaceable"><code>domain_name</code></em> <em class="replaceable"><code>flags</code></em> <em class="replaceable"><code>protocol</code></em> <em class="replaceable"><code>algorithm</code></em> <em class="replaceable"><code>key</code></em>; ... <br> @@ -103,7 +103,7 @@ trusted-keys {<br> </p></div> </div> <div class="refsect1" lang="en"> -<a name="id2526082"></a><h2>CONTROLS</h2> +<a name="id2549581"></a><h2>CONTROLS</h2> <div class="literallayout"><p><br> controls {<br> inet ( <em class="replaceable"><code>ipv4_address</code></em> | <em class="replaceable"><code>ipv6_address</code></em> | * )<br> @@ -115,7 +115,7 @@ controls {<br> </p></div> </div> <div class="refsect1" lang="en"> -<a name="id2526117"></a><h2>LOGGING</h2> +<a name="id2549617"></a><h2>LOGGING</h2> <div class="literallayout"><p><br> logging {<br> channel <em class="replaceable"><code>string</code></em> {<br> @@ -133,7 +133,7 @@ logging {<br> </p></div> </div> <div class="refsect1" lang="en"> -<a name="id2526155"></a><h2>LWRES</h2> +<a name="id2549655"></a><h2>LWRES</h2> <div class="literallayout"><p><br> lwres {<br> listen-on [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] {<br> @@ -146,7 +146,7 @@ lwres {<br> </p></div> </div> <div class="refsect1" lang="en"> -<a name="id2526197"></a><h2>OPTIONS</h2> +<a name="id2549697"></a><h2>OPTIONS</h2> <div class="literallayout"><p><br> options {<br> avoid-v4-udp-ports { <em class="replaceable"><code>port</code></em>; ... };<br> @@ -155,6 +155,7 @@ options {<br> coresize <em class="replaceable"><code>size</code></em>;<br> datasize <em class="replaceable"><code>size</code></em>;<br> directory <em class="replaceable"><code>quoted_string</code></em>;<br> + cache-file <em class="replaceable"><code>quoted_string</code></em>; // test option<br> dump-file <em class="replaceable"><code>quoted_string</code></em>;<br> files <em class="replaceable"><code>size</code></em>;<br> heartbeat-interval <em class="replaceable"><code>integer</code></em>;<br> @@ -202,8 +203,8 @@ options {<br> rfc2308-type1 <em class="replaceable"><code>boolean</code></em>; // not yet implemented<br> additional-from-auth <em class="replaceable"><code>boolean</code></em>;<br> additional-from-cache <em class="replaceable"><code>boolean</code></em>;<br> - query-source <em class="replaceable"><code>querysource4</code></em>;<br> - query-source-v6 <em class="replaceable"><code>querysource6</code></em>;<br> + query-source [<span class="optional"> address ( <em class="replaceable"><code>ipv4_address</code></em> | * ) </span>] [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br> + query-source-v6 [<span class="optional"> address ( <em class="replaceable"><code>ipv6_address</code></em> | * ) </span>] [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br> cleaning-interval <em class="replaceable"><code>integer</code></em>;<br> min-roots <em class="replaceable"><code>integer</code></em>; // not implemented<br> lame-ttl <em class="replaceable"><code>integer</code></em>;<br> @@ -289,7 +290,7 @@ options {<br> </p></div> </div> <div class="refsect1" lang="en"> -<a name="id2526858"></a><h2>VIEW</h2> +<a name="id2550312"></a><h2>VIEW</h2> <div class="literallayout"><p><br> view <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>optional_class</code></em> {<br> match-clients { <em class="replaceable"><code>address_match_element</code></em>; ... };<br> @@ -328,8 +329,8 @@ view <em class="replaceable"><code>string</code></em> <em class="replaceable"><c rfc2308-type1 <em class="replaceable"><code>boolean</code></em>; // not yet implemented<br> additional-from-auth <em class="replaceable"><code>boolean</code></em>;<br> additional-from-cache <em class="replaceable"><code>boolean</code></em>;<br> - query-source <em class="replaceable"><code>querysource4</code></em>;<br> - query-source-v6 <em class="replaceable"><code>querysource6</code></em>;<br> + query-source [<span class="optional"> address ( <em class="replaceable"><code>ipv4_address</code></em> | * ) </span>] [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br> + query-source-v6 [<span class="optional"> address ( <em class="replaceable"><code>ipv6_address</code></em> | * ) </span>] [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br> cleaning-interval <em class="replaceable"><code>integer</code></em>;<br> min-roots <em class="replaceable"><code>integer</code></em>; // not implemented<br> lame-ttl <em class="replaceable"><code>integer</code></em>;<br> @@ -407,7 +408,7 @@ view <em class="replaceable"><code>string</code></em> <em class="replaceable"><c </p></div> </div> <div class="refsect1" lang="en"> -<a name="id2527269"></a><h2>ZONE</h2> +<a name="id2550878"></a><h2>ZONE</h2> <div class="literallayout"><p><br> zone <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>optional_class</code></em> {<br> type ( master | slave | stub | hint |<br> @@ -483,17 +484,17 @@ zone <em class="replaceable"><code>string</code></em> <em class="replaceable"><c </p></div> </div> <div class="refsect1" lang="en"> -<a name="id2527606"></a><h2>FILES</h2> +<a name="id2551216"></a><h2>FILES</h2> <p> <code class="filename">/etc/named.conf</code> </p> </div> <div class="refsect1" lang="en"> -<a name="id2527619"></a><h2>SEE ALSO</h2> +<a name="id2551228"></a><h2>SEE ALSO</h2> <p> <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>, <span class="citerefentry"><span class="refentrytitle">rndc</span>(8)</span>, -<span class="citerefentry"><span class="refentrytitle">BIND 9 Adminstrators Reference Manual</span></span>. +<span class="citerefentry"><span class="refentrytitle">BIND 9 Administrator Reference Manual</span></span>. </p> </div> </div></body> diff --git a/contrib/bind9/bin/named/named.docbook b/contrib/bind9/bin/named/named.docbook index 47ccf54..f7cae12 100644 --- a/contrib/bind9/bin/named/named.docbook +++ b/contrib/bind9/bin/named/named.docbook @@ -2,7 +2,7 @@ "http://www.oasis-open.org/docbook/xml/4.0/docbookx.dtd" [<!ENTITY mdash "—">]> <!-- - - Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000, 2001, 2003 Internet Software Consortium. - - Permission to use, copy, modify, and distribute this software for any @@ -18,7 +18,7 @@ - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: named.docbook,v 1.5.98.5 2005/05/13 01:22:33 marka Exp $ --> +<!-- $Id: named.docbook,v 1.5.98.7 2006/01/17 23:49:30 marka Exp $ --> <refentry> <refentryinfo> @@ -35,6 +35,7 @@ <copyright> <year>2004</year> <year>2005</year> + <year>2006</year> <holder>Internet Systems Consortium, Inc. ("ISC")</holder> </copyright> <copyright> @@ -365,6 +366,10 @@ <refentrytitle>lwresd</refentrytitle> <manvolnum>8</manvolnum> </citerefentry>, + <citerefentry> + <refentrytitle>named.conf</refentrytitle> + <manvolnum>5</manvolnum> + </citerefentry>, <citetitle>BIND 9 Administrator Reference Manual</citetitle>. </para> </refsect1> diff --git a/contrib/bind9/bin/named/named.html b/contrib/bind9/bin/named/named.html index f266e70..6e77e5b 100644 --- a/contrib/bind9/bin/named/named.html +++ b/contrib/bind9/bin/named/named.html @@ -1,5 +1,5 @@ <!-- - - Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000, 2001, 2003 Internet Software Consortium. - - Permission to use, copy, modify, and distribute this software for any @@ -14,15 +14,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: named.html,v 1.4.2.1.4.9 2005/10/13 02:33:47 marka Exp $ --> +<!-- $Id: named.html,v 1.4.2.1.4.13 2006/06/29 13:02:30 marka Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> <title>named</title> -<meta name="generator" content="DocBook XSL Stylesheets V1.69.1"> +<meta name="generator" content="DocBook XSL Stylesheets V1.70.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2463721"></a><div class="titlepage"></div> +<a name="id2482688"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p><span class="application">named</span> — Internet domain name server</p> @@ -32,7 +32,7 @@ <div class="cmdsynopsis"><p><code class="command">named</code> [<code class="option">-4</code>] [<code class="option">-6</code>] [<code class="option">-c <em class="replaceable"><code>config-file</code></em></code>] [<code class="option">-d <em class="replaceable"><code>debug-level</code></em></code>] [<code class="option">-f</code>] [<code class="option">-g</code>] [<code class="option">-n <em class="replaceable"><code>#cpus</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-s</code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-u <em class="replaceable"><code>user</code></em></code>] [<code class="option">-v</code>] [<code class="option">-x <em class="replaceable"><code>cache-file</code></em></code>]</p></div> </div> <div class="refsect1" lang="en"> -<a name="id2525923"></a><h2>DESCRIPTION</h2> +<a name="id2549491"></a><h2>DESCRIPTION</h2> <p> <span><strong class="command">named</strong></span> is a Domain Name System (DNS) server, part of the BIND 9 distribution from ISC. For more @@ -46,7 +46,7 @@ </p> </div> <div class="refsect1" lang="en"> -<a name="id2525948"></a><h2>OPTIONS</h2> +<a name="id2549516"></a><h2>OPTIONS</h2> <div class="variablelist"><dl> <dt><span class="term">-4</span></dt> <dd><p> @@ -177,7 +177,7 @@ </dl></div> </div> <div class="refsect1" lang="en"> -<a name="id2526297"></a><h2>SIGNALS</h2> +<a name="id2550002"></a><h2>SIGNALS</h2> <p> In routine operation, signals should not be used to control the nameserver; <span><strong class="command">rndc</strong></span> should be used @@ -198,7 +198,7 @@ </p> </div> <div class="refsect1" lang="en"> -<a name="id2526412"></a><h2>CONFIGURATION</h2> +<a name="id2550049"></a><h2>CONFIGURATION</h2> <p> The <span><strong class="command">named</strong></span> configuration file is too complex to describe in detail here. A complete description is @@ -207,7 +207,7 @@ </p> </div> <div class="refsect1" lang="en"> -<a name="id2526429"></a><h2>FILES</h2> +<a name="id2550066"></a><h2>FILES</h2> <div class="variablelist"><dl> <dt><span class="term"><code class="filename">/etc/named.conf</code></span></dt> <dd><p> @@ -220,18 +220,19 @@ </dl></div> </div> <div class="refsect1" lang="en"> -<a name="id2526469"></a><h2>SEE ALSO</h2> +<a name="id2550105"></a><h2>SEE ALSO</h2> <p> <em class="citetitle">RFC 1033</em>, <em class="citetitle">RFC 1034</em>, <em class="citetitle">RFC 1035</em>, <span class="citerefentry"><span class="refentrytitle">rndc</span>(8)</span>, <span class="citerefentry"><span class="refentrytitle">lwresd</span>(8)</span>, + <span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>, <em class="citetitle">BIND 9 Administrator Reference Manual</em>. </p> </div> <div class="refsect1" lang="en"> -<a name="id2526512"></a><h2>AUTHOR</h2> +<a name="id2550157"></a><h2>AUTHOR</h2> <p> <span class="corpauthor">Internet Systems Consortium</span> </p> diff --git a/contrib/bind9/bin/named/query.c b/contrib/bind9/bin/named/query.c index 6533ce4..c0a76a8 100644 --- a/contrib/bind9/bin/named/query.c +++ b/contrib/bind9/bin/named/query.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: query.c,v 1.198.2.13.4.36.6.2 2006/10/04 07:06:01 marka Exp $ */ +/* $Id: query.c,v 1.198.2.13.4.43 2006/08/31 03:57:11 marka Exp $ */ #include <config.h> @@ -149,18 +149,6 @@ query_next(ns_client_t *client, isc_result_t result) { } static inline void -query_maybeputqname(ns_client_t *client) { - if (client->query.restarts > 0) { - /* - * client->query.qname was dynamically allocated. - */ - dns_message_puttempname(client->message, - &client->query.qname); - client->query.qname = NULL; - } -} - -static inline void query_freefreeversions(ns_client_t *client, isc_boolean_t everything) { ns_dbversion_t *dbversion, *dbversion_next; unsigned int i; @@ -240,8 +228,14 @@ query_reset(ns_client_t *client, isc_boolean_t everything) { } } - query_maybeputqname(client); - + if (client->query.restarts > 0) { + /* + * client->query.qname was dynamically allocated. + */ + dns_message_puttempname(client->message, + &client->query.qname); + } + client->query.qname = NULL; client->query.attributes = (NS_QUERYATTR_RECURSIONOK | NS_QUERYATTR_CACHEOK | NS_QUERYATTR_SECURE); @@ -2091,17 +2085,31 @@ query_recurse(ns_client_t *client, dns_rdatatype_t qtype, dns_name_t *qdomain, result = isc_quota_attach(&ns_g_server->recursionquota, &client->recursionquota); if (result == ISC_R_SOFTQUOTA) { - ns_client_log(client, NS_LOGCATEGORY_CLIENT, - NS_LOGMODULE_QUERY, ISC_LOG_WARNING, - "recursive-clients soft limit exceeded, " - "aborting oldest query"); + static isc_stdtime_t last = 0; + isc_stdtime_t now; + isc_stdtime_get(&now); + if (now != last) { + last = now; + ns_client_log(client, NS_LOGCATEGORY_CLIENT, + NS_LOGMODULE_QUERY, + ISC_LOG_WARNING, + "recursive-clients soft limit " + "exceeded, aborting oldest query"); + } ns_client_killoldestquery(client); result = ISC_R_SUCCESS; } else if (result == ISC_R_QUOTA) { - ns_client_log(client, NS_LOGCATEGORY_CLIENT, - NS_LOGMODULE_QUERY, ISC_LOG_WARNING, - "no more recursive clients: %s", - isc_result_totext(result)); + static isc_stdtime_t last = 0; + isc_stdtime_t now; + isc_stdtime_get(&now); + if (now != last) { + last = now; + ns_client_log(client, NS_LOGCATEGORY_CLIENT, + NS_LOGMODULE_QUERY, + ISC_LOG_WARNING, + "no more recursive clients: %s", + isc_result_totext(result)); + } ns_client_killoldestquery(client); } if (result == ISC_R_SUCCESS && !client->mortal && @@ -2182,7 +2190,7 @@ do { \ * ISC_R_NOTIMPLEMENTED The rdata is not a known address type. */ static isc_result_t -rdata_tonetaddr(dns_rdata_t *rdata, isc_netaddr_t *netaddr) { +rdata_tonetaddr(const dns_rdata_t *rdata, isc_netaddr_t *netaddr) { struct in_addr ina; struct in6_addr in6a; @@ -2208,7 +2216,7 @@ rdata_tonetaddr(dns_rdata_t *rdata, isc_netaddr_t *netaddr) { * sortlist statement. */ static int -query_sortlist_order_2element(dns_rdata_t *rdata, void *arg) { +query_sortlist_order_2element(const dns_rdata_t *rdata, const void *arg) { isc_netaddr_t netaddr; if (rdata_tonetaddr(rdata, &netaddr) != ISC_R_SUCCESS) @@ -2221,7 +2229,7 @@ query_sortlist_order_2element(dns_rdata_t *rdata, void *arg) { * of a 1-element top-level sortlist statement. */ static int -query_sortlist_order_1element(dns_rdata_t *rdata, void *arg) { +query_sortlist_order_1element(const dns_rdata_t *rdata, const void *arg) { isc_netaddr_t netaddr; if (rdata_tonetaddr(rdata, &netaddr) != ISC_R_SUCCESS) @@ -2237,7 +2245,7 @@ static void setup_query_sortlist(ns_client_t *client) { isc_netaddr_t netaddr; dns_rdatasetorderfunc_t order = NULL; - void *order_arg = NULL; + const void *order_arg = NULL; isc_netaddr_fromsockaddr(&netaddr, &client->peeraddr); switch (ns_sortlist_setup(client->view->sortlist, @@ -2469,7 +2477,7 @@ query_find(ns_client_t *client, dns_fetchevent_t *event, dns_rdatatype_t qtype) /* * First we must find the right database. */ - options = 0; + options &= DNS_GETDB_NOLOG; /* Preserve DNS_GETDB_NOLOG. */ if (dns_rdatatype_atparent(qtype) && !dns_name_equal(client->query.qname, dns_rootname)) options |= DNS_GETDB_NOEXACT; @@ -2509,9 +2517,10 @@ query_find(ns_client_t *client, dns_fetchevent_t *event, dns_rdatatype_t qtype) } } if (result != ISC_R_SUCCESS) { - if (result == DNS_R_REFUSED) - QUERY_ERROR(DNS_R_REFUSED); - else + if (result == DNS_R_REFUSED) { + if (!PARTIALANSWER(client)) + QUERY_ERROR(DNS_R_REFUSED); + } else QUERY_ERROR(DNS_R_SERVFAIL); goto cleanup; } @@ -2995,9 +3004,10 @@ query_find(ns_client_t *client, dns_fetchevent_t *event, dns_rdatatype_t qtype) goto cleanup; } dns_rdata_freestruct(&cname); - query_maybeputqname(client); - client->query.qname = tname; + ns_client_qnamereplace(client, tname); want_restart = ISC_TRUE; + if (!WANTRECURSION(client)) + options |= DNS_GETDB_NOLOG; goto addauth; case DNS_R_DNAME: /* @@ -3111,10 +3121,11 @@ query_find(ns_client_t *client, dns_fetchevent_t *event, dns_rdatatype_t qtype) /* * Switch to the new qname and restart. */ - query_maybeputqname(client); - client->query.qname = fname; + ns_client_qnamereplace(client, fname); fname = NULL; want_restart = ISC_TRUE; + if (!WANTRECURSION(client)) + options |= DNS_GETDB_NOLOG; goto addauth; default: /* diff --git a/contrib/bind9/bin/named/server.c b/contrib/bind9/bin/named/server.c index b9d30d0..f29321e 100644 --- a/contrib/bind9/bin/named/server.c +++ b/contrib/bind9/bin/named/server.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: server.c,v 1.339.2.15.2.65 2005/07/27 02:53:15 marka Exp $ */ +/* $Id: server.c,v 1.339.2.15.2.70 2006/05/24 04:30:24 marka Exp $ */ #include <config.h> @@ -167,25 +167,25 @@ static void ns_server_reload(isc_task_t *task, isc_event_t *event); static isc_result_t -ns_listenelt_fromconfig(cfg_obj_t *listener, cfg_obj_t *config, +ns_listenelt_fromconfig(const cfg_obj_t *listener, const cfg_obj_t *config, ns_aclconfctx_t *actx, isc_mem_t *mctx, ns_listenelt_t **target); static isc_result_t -ns_listenlist_fromconfig(cfg_obj_t *listenlist, cfg_obj_t *config, +ns_listenlist_fromconfig(const cfg_obj_t *listenlist, const cfg_obj_t *config, ns_aclconfctx_t *actx, isc_mem_t *mctx, ns_listenlist_t **target); static isc_result_t -configure_forward(cfg_obj_t *config, dns_view_t *view, dns_name_t *origin, - cfg_obj_t *forwarders, cfg_obj_t *forwardtype); +configure_forward(const cfg_obj_t *config, dns_view_t *view, dns_name_t *origin, + const cfg_obj_t *forwarders, const cfg_obj_t *forwardtype); static isc_result_t -configure_alternates(cfg_obj_t *config, dns_view_t *view, - cfg_obj_t *alternates); +configure_alternates(const cfg_obj_t *config, dns_view_t *view, + const cfg_obj_t *alternates); static isc_result_t -configure_zone(cfg_obj_t *config, cfg_obj_t *zconfig, cfg_obj_t *vconfig, - isc_mem_t *mctx, dns_view_t *view, +configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, + const cfg_obj_t *vconfig, isc_mem_t *mctx, dns_view_t *view, ns_aclconfctx_t *aclconf); static void @@ -197,13 +197,13 @@ end_reserved_dispatches(ns_server_t *server, isc_boolean_t all); * (for a global default). */ static isc_result_t -configure_view_acl(cfg_obj_t *vconfig, cfg_obj_t *config, +configure_view_acl(const cfg_obj_t *vconfig, const cfg_obj_t *config, const char *aclname, ns_aclconfctx_t *actx, isc_mem_t *mctx, dns_acl_t **aclp) { isc_result_t result; - cfg_obj_t *maps[3]; - cfg_obj_t *aclobj = NULL; + const cfg_obj_t *maps[3]; + const cfg_obj_t *aclobj = NULL; int i = 0; if (*aclp != NULL) @@ -211,14 +211,14 @@ configure_view_acl(cfg_obj_t *vconfig, cfg_obj_t *config, if (vconfig != NULL) maps[i++] = cfg_tuple_get(vconfig, "options"); if (config != NULL) { - cfg_obj_t *options = NULL; + const cfg_obj_t *options = NULL; (void)cfg_map_get(config, "options", &options); if (options != NULL) maps[i++] = options; } maps[i] = NULL; - result = ns_config_get(maps, aclname, &aclobj); + (void)ns_config_get(maps, aclname, &aclobj); if (aclobj == NULL) /* * No value available. *aclp == NULL. @@ -231,13 +231,13 @@ configure_view_acl(cfg_obj_t *vconfig, cfg_obj_t *config, } static isc_result_t -configure_view_dnsseckey(cfg_obj_t *vconfig, cfg_obj_t *key, +configure_view_dnsseckey(const cfg_obj_t *vconfig, const cfg_obj_t *key, dns_keytable_t *keytable, isc_mem_t *mctx) { dns_rdataclass_t viewclass; dns_rdata_dnskey_t keystruct; isc_uint32_t flags, proto, alg; - char *keystr, *keynamestr; + const char *keystr, *keynamestr; unsigned char keydata[4096]; isc_buffer_t keydatabuf; unsigned char rrdata[4096]; @@ -258,7 +258,7 @@ configure_view_dnsseckey(cfg_obj_t *vconfig, cfg_obj_t *key, if (vconfig == NULL) viewclass = dns_rdataclass_in; else { - cfg_obj_t *classobj = cfg_tuple_get(vconfig, "class"); + const cfg_obj_t *classobj = cfg_tuple_get(vconfig, "class"); CHECK(ns_config_getclass(classobj, dns_rdataclass_in, &viewclass)); } @@ -334,15 +334,15 @@ configure_view_dnsseckey(cfg_obj_t *vconfig, cfg_obj_t *key, * from 'vconfig' and 'config'. The variable to be configured is '*target'. */ static isc_result_t -configure_view_dnsseckeys(cfg_obj_t *vconfig, cfg_obj_t *config, +configure_view_dnsseckeys(const cfg_obj_t *vconfig, const cfg_obj_t *config, isc_mem_t *mctx, dns_keytable_t **target) { isc_result_t result; - cfg_obj_t *keys = NULL; - cfg_obj_t *voptions = NULL; - cfg_listelt_t *element, *element2; - cfg_obj_t *keylist; - cfg_obj_t *key; + const cfg_obj_t *keys = NULL; + const cfg_obj_t *voptions = NULL; + const cfg_listelt_t *element, *element2; + const cfg_obj_t *keylist; + const cfg_obj_t *key; dns_keytable_t *keytable = NULL; CHECK(dns_keytable_create(mctx, &keytable)); @@ -381,10 +381,10 @@ configure_view_dnsseckeys(cfg_obj_t *vconfig, cfg_obj_t *config, } static isc_result_t -mustbesecure(cfg_obj_t *mbs, dns_resolver_t *resolver) +mustbesecure(const cfg_obj_t *mbs, dns_resolver_t *resolver) { - cfg_listelt_t *element; - cfg_obj_t *obj; + const cfg_listelt_t *element; + const cfg_obj_t *obj; const char *str; dns_fixedname_t fixed; dns_name_t *name; @@ -418,14 +418,14 @@ mustbesecure(cfg_obj_t *mbs, dns_resolver_t *resolver) * Get a dispatch appropriate for the resolver of a given view. */ static isc_result_t -get_view_querysource_dispatch(cfg_obj_t **maps, +get_view_querysource_dispatch(const cfg_obj_t **maps, int af, dns_dispatch_t **dispatchp) { isc_result_t result; dns_dispatch_t *disp; isc_sockaddr_t sa; unsigned int attrs, attrmask; - cfg_obj_t *obj = NULL; + const cfg_obj_t *obj = NULL; /* * Make compiler happy. @@ -436,7 +436,6 @@ get_view_querysource_dispatch(cfg_obj_t **maps, case AF_INET: result = ns_config_get(maps, "query-source", &obj); INSIST(result == ISC_R_SUCCESS); - break; case AF_INET6: result = ns_config_get(maps, "query-source-v6", &obj); @@ -517,10 +516,10 @@ get_view_querysource_dispatch(cfg_obj_t **maps, } static isc_result_t -configure_order(dns_order_t *order, cfg_obj_t *ent) { +configure_order(dns_order_t *order, const cfg_obj_t *ent) { dns_rdataclass_t rdclass; dns_rdatatype_t rdtype; - cfg_obj_t *obj; + const cfg_obj_t *obj; dns_fixedname_t fixed; unsigned int mode = 0; const char *str; @@ -567,7 +566,7 @@ configure_order(dns_order_t *order, cfg_obj_t *ent) { /* * "*" should match everything including the root (BIND 8 compat). * As dns_name_matcheswildcard(".", "*.") returns FALSE add a - * explict entry for "." when the name is "*". + * explicit entry for "." when the name is "*". */ if (addroot) { result = dns_order_add(order, dns_rootname, @@ -581,12 +580,12 @@ configure_order(dns_order_t *order, cfg_obj_t *ent) { } static isc_result_t -configure_peer(cfg_obj_t *cpeer, isc_mem_t *mctx, dns_peer_t **peerp) { - isc_sockaddr_t *sa; +configure_peer(const cfg_obj_t *cpeer, isc_mem_t *mctx, dns_peer_t **peerp) { + const isc_sockaddr_t *sa; isc_netaddr_t na; dns_peer_t *peer; - cfg_obj_t *obj; - char *str; + const cfg_obj_t *obj; + const char *str; isc_result_t result; sa = cfg_obj_assockaddr(cfg_map_getname(cpeer)); @@ -664,10 +663,10 @@ configure_peer(cfg_obj_t *cpeer, isc_mem_t *mctx, dns_peer_t **peerp) { } static isc_result_t -disable_algorithms(cfg_obj_t *disabled, dns_resolver_t *resolver) { +disable_algorithms(const cfg_obj_t *disabled, dns_resolver_t *resolver) { isc_result_t result; - cfg_obj_t *algorithms; - cfg_listelt_t *element; + const cfg_obj_t *algorithms; + const cfg_listelt_t *element; const char *str; dns_fixedname_t fixed; dns_name_t *name; @@ -688,7 +687,7 @@ disable_algorithms(cfg_obj_t *disabled, dns_resolver_t *resolver) { isc_textregion_t r; dns_secalg_t alg; - r.base = cfg_obj_asstring(cfg_listelt_value(element)); + DE_CONST(cfg_obj_asstring(cfg_listelt_value(element)), r.base); r.length = strlen(r.base); result = dns_secalg_fromtext(&alg, &r); @@ -717,21 +716,21 @@ disable_algorithms(cfg_obj_t *disabled, dns_resolver_t *resolver) { * global defaults in 'config' used exclusively. */ static isc_result_t -configure_view(dns_view_t *view, cfg_obj_t *config, cfg_obj_t *vconfig, - isc_mem_t *mctx, ns_aclconfctx_t *actx, +configure_view(dns_view_t *view, const cfg_obj_t *config, + const cfg_obj_t *vconfig, isc_mem_t *mctx, ns_aclconfctx_t *actx, isc_boolean_t need_hints) { - cfg_obj_t *maps[4]; - cfg_obj_t *cfgmaps[3]; - cfg_obj_t *options = NULL; - cfg_obj_t *voptions = NULL; - cfg_obj_t *forwardtype; - cfg_obj_t *forwarders; - cfg_obj_t *alternates; - cfg_obj_t *zonelist; - cfg_obj_t *disabled; - cfg_obj_t *obj; - cfg_listelt_t *element; + const cfg_obj_t *maps[4]; + const cfg_obj_t *cfgmaps[3]; + const cfg_obj_t *options = NULL; + const cfg_obj_t *voptions = NULL; + const cfg_obj_t *forwardtype; + const cfg_obj_t *forwarders; + const cfg_obj_t *alternates; + const cfg_obj_t *zonelist; + const cfg_obj_t *disabled; + const cfg_obj_t *obj; + const cfg_listelt_t *element; in_port_t port; dns_cache_t *cache = NULL; isc_result_t result; @@ -792,7 +791,7 @@ configure_view(dns_view_t *view, cfg_obj_t *config, cfg_obj_t *vconfig, element != NULL; element = cfg_list_next(element)) { - cfg_obj_t *zconfig = cfg_listelt_value(element); + const cfg_obj_t *zconfig = cfg_listelt_value(element); CHECK(configure_zone(config, zconfig, vconfig, mctx, view, actx)); } @@ -1018,8 +1017,8 @@ configure_view(dns_view_t *view, cfg_obj_t *config, cfg_obj_t *vconfig, * Configure the view's peer list. */ { - cfg_obj_t *peers = NULL; - cfg_listelt_t *element; + const cfg_obj_t *peers = NULL; + const cfg_listelt_t *element; dns_peerlist_t *newpeers = NULL; (void)ns_config_get(cfgmaps, "server", &peers); @@ -1028,7 +1027,7 @@ configure_view(dns_view_t *view, cfg_obj_t *config, cfg_obj_t *vconfig, element != NULL; element = cfg_list_next(element)) { - cfg_obj_t *cpeer = cfg_listelt_value(element); + const cfg_obj_t *cpeer = cfg_listelt_value(element); dns_peer_t *peer; CHECK(configure_peer(cpeer, mctx, &peer)); @@ -1043,8 +1042,8 @@ configure_view(dns_view_t *view, cfg_obj_t *config, cfg_obj_t *vconfig, * Configure the views rrset-order. */ { - cfg_obj_t *rrsetorder = NULL; - cfg_listelt_t *element; + const cfg_obj_t *rrsetorder = NULL; + const cfg_listelt_t *element; (void)ns_config_get(maps, "rrset-order", &rrsetorder); CHECK(dns_order_create(mctx, &order)); @@ -1052,7 +1051,7 @@ configure_view(dns_view_t *view, cfg_obj_t *config, cfg_obj_t *vconfig, element != NULL; element = cfg_list_next(element)) { - cfg_obj_t *ent = cfg_listelt_value(element); + const cfg_obj_t *ent = cfg_listelt_value(element); CHECK(configure_order(order, ent)); } @@ -1078,7 +1077,7 @@ configure_view(dns_view_t *view, cfg_obj_t *config, cfg_obj_t *vconfig, * Configure the "match-recursive-only" option. */ obj = NULL; - (void) ns_config_get(maps, "match-recursive-only", &obj); + (void)ns_config_get(maps, "match-recursive-only", &obj); if (obj != NULL && cfg_obj_asboolean(obj)) view->matchrecursiveonly = ISC_TRUE; else @@ -1275,8 +1274,8 @@ configure_view(dns_view_t *view, cfg_obj_t *config, cfg_obj_t *vconfig, dns_fixedname_t fixed; dns_name_t *name; isc_buffer_t b; - char *str; - cfg_obj_t *exclude; + const char *str; + const cfg_obj_t *exclude; dns_fixedname_init(&fixed); name = dns_fixedname_name(&fixed); @@ -1330,12 +1329,12 @@ configure_hints(dns_view_t *view, const char *filename) { } static isc_result_t -configure_alternates(cfg_obj_t *config, dns_view_t *view, - cfg_obj_t *alternates) +configure_alternates(const cfg_obj_t *config, dns_view_t *view, + const cfg_obj_t *alternates) { - cfg_obj_t *portobj; - cfg_obj_t *addresses; - cfg_listelt_t *element; + const cfg_obj_t *portobj; + const cfg_obj_t *addresses; + const cfg_listelt_t *element; isc_result_t result = ISC_R_SUCCESS; in_port_t port; @@ -1368,14 +1367,14 @@ configure_alternates(cfg_obj_t *config, dns_view_t *view, element != NULL; element = cfg_list_next(element)) { - cfg_obj_t *alternate = cfg_listelt_value(element); + const cfg_obj_t *alternate = cfg_listelt_value(element); isc_sockaddr_t sa; if (!cfg_obj_issockaddr(alternate)) { dns_fixedname_t fixed; dns_name_t *name; - char *str = cfg_obj_asstring(cfg_tuple_get(alternate, - "name")); + const char *str = cfg_obj_asstring(cfg_tuple_get( + alternate, "name")); isc_buffer_t buffer; in_port_t myport = port; @@ -1415,12 +1414,12 @@ configure_alternates(cfg_obj_t *config, dns_view_t *view, } static isc_result_t -configure_forward(cfg_obj_t *config, dns_view_t *view, dns_name_t *origin, - cfg_obj_t *forwarders, cfg_obj_t *forwardtype) +configure_forward(const cfg_obj_t *config, dns_view_t *view, dns_name_t *origin, + const cfg_obj_t *forwarders, const cfg_obj_t *forwardtype) { - cfg_obj_t *portobj; - cfg_obj_t *faddresses; - cfg_listelt_t *element; + const cfg_obj_t *portobj; + const cfg_obj_t *faddresses; + const cfg_listelt_t *element; dns_fwdpolicy_t fwdpolicy = dns_fwdpolicy_none; isc_sockaddrlist_t addresses; isc_sockaddr_t *sa; @@ -1458,7 +1457,7 @@ configure_forward(cfg_obj_t *config, dns_view_t *view, dns_name_t *origin, element != NULL; element = cfg_list_next(element)) { - cfg_obj_t *forwarder = cfg_listelt_value(element); + const cfg_obj_t *forwarder = cfg_listelt_value(element); sa = isc_mem_get(view->mctx, sizeof(isc_sockaddr_t)); if (sa == NULL) { result = ISC_R_NOMEMORY; @@ -1481,7 +1480,7 @@ configure_forward(cfg_obj_t *config, dns_view_t *view, dns_name_t *origin, if (forwardtype == NULL) fwdpolicy = dns_fwdpolicy_first; else { - char *forwardstr = cfg_obj_asstring(forwardtype); + const char *forwardstr = cfg_obj_asstring(forwardtype); if (strcasecmp(forwardstr, "first") == 0) fwdpolicy = dns_fwdpolicy_first; else if (strcasecmp(forwardstr, "only") == 0) @@ -1523,14 +1522,16 @@ configure_forward(cfg_obj_t *config, dns_view_t *view, dns_name_t *origin, * The view created is attached to '*viewp'. */ static isc_result_t -create_view(cfg_obj_t *vconfig, dns_viewlist_t *viewlist, dns_view_t **viewp) { +create_view(const cfg_obj_t *vconfig, dns_viewlist_t *viewlist, + dns_view_t **viewp) +{ isc_result_t result; const char *viewname; dns_rdataclass_t viewclass; dns_view_t *view = NULL; if (vconfig != NULL) { - cfg_obj_t *classobj = NULL; + const cfg_obj_t *classobj = NULL; viewname = cfg_obj_asstring(cfg_tuple_get(vconfig, "name")); classobj = cfg_tuple_get(vconfig, "class"); @@ -1560,19 +1561,19 @@ create_view(cfg_obj_t *vconfig, dns_viewlist_t *viewlist, dns_view_t **viewp) { * Configure or reconfigure a zone. */ static isc_result_t -configure_zone(cfg_obj_t *config, cfg_obj_t *zconfig, cfg_obj_t *vconfig, - isc_mem_t *mctx, dns_view_t *view, +configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, + const cfg_obj_t *vconfig, isc_mem_t *mctx, dns_view_t *view, ns_aclconfctx_t *aclconf) { dns_view_t *pview = NULL; /* Production view */ dns_zone_t *zone = NULL; /* New or reused zone */ dns_zone_t *dupzone = NULL; - cfg_obj_t *options = NULL; - cfg_obj_t *zoptions = NULL; - cfg_obj_t *typeobj = NULL; - cfg_obj_t *forwarders = NULL; - cfg_obj_t *forwardtype = NULL; - cfg_obj_t *only = NULL; + const cfg_obj_t *options = NULL; + const cfg_obj_t *zoptions = NULL; + const cfg_obj_t *typeobj = NULL; + const cfg_obj_t *forwarders = NULL; + const cfg_obj_t *forwardtype = NULL; + const cfg_obj_t *only = NULL; isc_result_t result; isc_result_t tresult; isc_buffer_t buffer; @@ -1629,7 +1630,7 @@ configure_zone(cfg_obj_t *config, cfg_obj_t *zconfig, cfg_obj_t *vconfig, * configure it and return. */ if (strcasecmp(ztypestr, "hint") == 0) { - cfg_obj_t *fileobj = NULL; + const cfg_obj_t *fileobj = NULL; if (cfg_map_get(zoptions, "file", &fileobj) != ISC_R_SUCCESS) { isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_ERROR, @@ -1639,7 +1640,7 @@ configure_zone(cfg_obj_t *config, cfg_obj_t *zconfig, cfg_obj_t *vconfig, goto cleanup; } if (dns_name_equal(origin, dns_rootname)) { - char *hintsfile = cfg_obj_asstring(fileobj); + const char *hintsfile = cfg_obj_asstring(fileobj); result = configure_hints(view, hintsfile); if (result != ISC_R_SUCCESS) { @@ -1795,9 +1796,10 @@ configure_zone(cfg_obj_t *config, cfg_obj_t *zconfig, cfg_obj_t *vconfig, * Configure a single server quota. */ static void -configure_server_quota(cfg_obj_t **maps, const char *name, isc_quota_t *quota) +configure_server_quota(const cfg_obj_t **maps, const char *name, + isc_quota_t *quota) { - cfg_obj_t *obj = NULL; + const cfg_obj_t *obj = NULL; isc_result_t result; result = ns_config_get(maps, name, &obj); @@ -1810,9 +1812,9 @@ configure_server_quota(cfg_obj_t **maps, const char *name, isc_quota_t *quota) * parsed. This can be extended to support other options if necessary. */ static isc_result_t -directory_callback(const char *clausename, cfg_obj_t *obj, void *arg) { +directory_callback(const char *clausename, const cfg_obj_t *obj, void *arg) { isc_result_t result; - char *directory; + const char *directory; REQUIRE(strcasecmp("directory", clausename) == 0); @@ -1891,8 +1893,7 @@ add_listenelt(isc_mem_t *mctx, ns_listenlist_t *list, isc_sockaddr_t *addr) { clean: INSIST(lelt == NULL); - if (src_acl != NULL) - dns_acl_detach(&src_acl); + dns_acl_detach(&src_acl); return (result); } @@ -2049,7 +2050,7 @@ setstring(ns_server_t *server, char **field, const char *value) { * or NULL if whether 'obj' is a string or void value, respectively. */ static isc_result_t -setoptstring(ns_server_t *server, char **field, cfg_obj_t *obj) { +setoptstring(ns_server_t *server, char **field, const cfg_obj_t *obj) { if (cfg_obj_isvoid(obj)) return (setstring(server, field, NULL)); else @@ -2057,11 +2058,12 @@ setoptstring(ns_server_t *server, char **field, cfg_obj_t *obj) { } static void -set_limit(cfg_obj_t **maps, const char *configname, const char *description, - isc_resource_t resourceid, isc_resourcevalue_t defaultvalue) +set_limit(const cfg_obj_t **maps, const char *configname, + const char *description, isc_resource_t resourceid, + isc_resourcevalue_t defaultvalue) { - cfg_obj_t *obj = NULL; - char *resource; + const cfg_obj_t *obj = NULL; + const char *resource; isc_resourcevalue_t value; isc_result_t result; @@ -2092,7 +2094,7 @@ set_limit(cfg_obj_t **maps, const char *configname, const char *description, ns_g_init ## resource) static void -set_limits(cfg_obj_t **maps) { +set_limits(const cfg_obj_t **maps) { SETLIMIT("stacksize", stacksize, "stack size"); SETLIMIT("datasize", datasize, "data size"); SETLIMIT("coresize", coresize, "core size"); @@ -2101,15 +2103,15 @@ set_limits(cfg_obj_t **maps) { static isc_result_t portlist_fromconf(dns_portlist_t *portlist, unsigned int family, - cfg_obj_t *ports) + const cfg_obj_t *ports) { - cfg_listelt_t *element; + const cfg_listelt_t *element; isc_result_t result = ISC_R_SUCCESS; for (element = cfg_list_first(ports); element != NULL; element = cfg_list_next(element)) { - cfg_obj_t *obj = cfg_listelt_value(element); + const cfg_obj_t *obj = cfg_listelt_value(element); in_port_t port = (in_port_t)cfg_obj_asuint32(obj); result = dns_portlist_add(portlist, family, port); @@ -2126,13 +2128,13 @@ load_configuration(const char *filename, ns_server_t *server, isc_result_t result; cfg_parser_t *parser = NULL; cfg_obj_t *config; - cfg_obj_t *options; - cfg_obj_t *views; - cfg_obj_t *obj; - cfg_obj_t *v4ports, *v6ports; - cfg_obj_t *maps[3]; - cfg_obj_t *builtin_views; - cfg_listelt_t *element; + const cfg_obj_t *options; + const cfg_obj_t *views; + const cfg_obj_t *obj; + const cfg_obj_t *v4ports, *v6ports; + const cfg_obj_t *maps[3]; + const cfg_obj_t *builtin_views; + const cfg_listelt_t *element; dns_view_t *view = NULL; dns_view_t *view_next; dns_viewlist_t viewlist; @@ -2319,7 +2321,7 @@ load_configuration(const char *filename, ns_server_t *server, * statement. */ { - cfg_obj_t *clistenon = NULL; + const cfg_obj_t *clistenon = NULL; ns_listenlist_t *listenon = NULL; clistenon = NULL; @@ -2353,7 +2355,7 @@ load_configuration(const char *filename, ns_server_t *server, * Ditto for IPv6. */ { - cfg_obj_t *clistenon = NULL; + const cfg_obj_t *clistenon = NULL; ns_listenlist_t *listenon = NULL; if (options != NULL) @@ -2438,7 +2440,7 @@ load_configuration(const char *filename, ns_server_t *server, element != NULL; element = cfg_list_next(element)) { - cfg_obj_t *vconfig = cfg_listelt_value(element); + const cfg_obj_t *vconfig = cfg_listelt_value(element); view = NULL; CHECK(create_view(vconfig, &viewlist, &view)); @@ -2478,7 +2480,7 @@ load_configuration(const char *filename, ns_server_t *server, element != NULL; element = cfg_list_next(element)) { - cfg_obj_t *vconfig = cfg_listelt_value(element); + const cfg_obj_t *vconfig = cfg_listelt_value(element); CHECK(create_view(vconfig, &viewlist, &view)); CHECK(configure_view(view, config, vconfig, ns_g_mctx, &aclconfctx, ISC_FALSE)); @@ -2582,7 +2584,7 @@ load_configuration(const char *filename, ns_server_t *server, "ignoring config file logging " "statement due to -g option"); } else { - cfg_obj_t *logobj = NULL; + const cfg_obj_t *logobj = NULL; isc_logconfig_t *logc = NULL; CHECKM(isc_logconfig_create(ns_g_lctx, &logc), @@ -2621,8 +2623,8 @@ load_configuration(const char *filename, ns_server_t *server, * compatibility. */ if (first_time) { - cfg_obj_t *logobj = NULL; - cfg_obj_t *categories = NULL; + const cfg_obj_t *logobj = NULL; + const cfg_obj_t *categories = NULL; obj = NULL; if (ns_config_get(maps, "querylog", &obj) == ISC_R_SUCCESS) { @@ -2634,13 +2636,13 @@ load_configuration(const char *filename, ns_server_t *server, (void)cfg_map_get(logobj, "category", &categories); if (categories != NULL) { - cfg_listelt_t *element; + const cfg_listelt_t *element; for (element = cfg_list_first(categories); element != NULL; element = cfg_list_next(element)) { - cfg_obj_t *catobj; - char *str; + const cfg_obj_t *catobj; + const char *str; obj = cfg_listelt_value(element); catobj = cfg_tuple_get(obj, "name"); @@ -3133,7 +3135,7 @@ end_reserved_dispatches(ns_server_t *server, isc_boolean_t all) { } void -ns_add_reserved_dispatch(ns_server_t *server, isc_sockaddr_t *addr) { +ns_add_reserved_dispatch(ns_server_t *server, const isc_sockaddr_t *addr) { ns_dispatch_t *dispatch; in_port_t port; char addrbuf[ISC_SOCKADDR_FORMATSIZE]; @@ -3458,20 +3460,29 @@ isc_result_t ns_server_refreshcommand(ns_server_t *server, char *args, isc_buffer_t *text) { isc_result_t result; dns_zone_t *zone = NULL; - const unsigned char msg[] = "zone refresh queued"; + const unsigned char msg1[] = "zone refresh queued"; + const unsigned char msg2[] = "not a slave or stub zone"; + dns_zonetype_t type; result = zone_from_args(server, args, &zone); if (result != ISC_R_SUCCESS) return (result); if (zone == NULL) return (ISC_R_UNEXPECTEDEND); - - dns_zone_refresh(zone); - dns_zone_detach(&zone); - if (sizeof(msg) <= isc_buffer_availablelength(text)) - isc_buffer_putmem(text, msg, sizeof(msg)); - return (ISC_R_SUCCESS); + type = dns_zone_gettype(zone); + if (type == dns_zone_slave || type == dns_zone_stub) { + dns_zone_refresh(zone); + dns_zone_detach(&zone); + if (sizeof(msg1) <= isc_buffer_availablelength(text)) + isc_buffer_putmem(text, msg1, sizeof(msg1)); + return (ISC_R_SUCCESS); + } + + dns_zone_detach(&zone); + if (sizeof(msg2) <= isc_buffer_availablelength(text)) + isc_buffer_putmem(text, msg2, sizeof(msg2)); + return (ISC_R_FAILURE); } isc_result_t @@ -3486,12 +3497,12 @@ ns_server_togglequerylog(ns_server_t *server) { } static isc_result_t -ns_listenlist_fromconfig(cfg_obj_t *listenlist, cfg_obj_t *config, +ns_listenlist_fromconfig(const cfg_obj_t *listenlist, const cfg_obj_t *config, ns_aclconfctx_t *actx, isc_mem_t *mctx, ns_listenlist_t **target) { isc_result_t result; - cfg_listelt_t *element; + const cfg_listelt_t *element; ns_listenlist_t *dlist = NULL; REQUIRE(target != NULL && *target == NULL); @@ -3505,7 +3516,7 @@ ns_listenlist_fromconfig(cfg_obj_t *listenlist, cfg_obj_t *config, element = cfg_list_next(element)) { ns_listenelt_t *delt = NULL; - cfg_obj_t *listener = cfg_listelt_value(element); + const cfg_obj_t *listener = cfg_listelt_value(element); result = ns_listenelt_fromconfig(listener, config, actx, mctx, &delt); if (result != ISC_R_SUCCESS) @@ -3525,12 +3536,12 @@ ns_listenlist_fromconfig(cfg_obj_t *listenlist, cfg_obj_t *config, * data structure. */ static isc_result_t -ns_listenelt_fromconfig(cfg_obj_t *listener, cfg_obj_t *config, +ns_listenelt_fromconfig(const cfg_obj_t *listener, const cfg_obj_t *config, ns_aclconfctx_t *actx, isc_mem_t *mctx, ns_listenelt_t **target) { isc_result_t result; - cfg_obj_t *portobj; + const cfg_obj_t *portobj; in_port_t port; ns_listenelt_t *delt = NULL; REQUIRE(target != NULL && *target == NULL); @@ -3823,6 +3834,11 @@ ns_server_dumpdb(ns_server_t *server, char *args) { char *ptr; const char *sep; + /* Skip the command name. */ + ptr = next_token(&args, " \t"); + if (ptr == NULL) + return (ISC_R_UNEXPECTEDEND); + dctx = isc_mem_get(server->mctx, sizeof(*dctx)); if (dctx == NULL) return (ISC_R_NOMEMORY); @@ -3845,11 +3861,6 @@ ns_server_dumpdb(ns_server_t *server, char *args) { CHECKMF(isc_stdio_open(server->dumpfile, "w", &dctx->fp), "could not open dump file", server->dumpfile); - /* Skip the command name. */ - ptr = next_token(&args, " \t"); - if (ptr == NULL) - return (ISC_R_UNEXPECTEDEND); - sep = (args == NULL) ? "" : ": "; isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_INFO, diff --git a/contrib/bind9/bin/named/sortlist.c b/contrib/bind9/bin/named/sortlist.c index 0098fe7..0feba3b 100644 --- a/contrib/bind9/bin/named/sortlist.c +++ b/contrib/bind9/bin/named/sortlist.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: sortlist.c,v 1.5.12.4 2004/03/08 04:04:19 marka Exp $ */ +/* $Id: sortlist.c,v 1.5.12.6 2006/03/02 00:37:20 marka Exp $ */ #include <config.h> @@ -30,7 +30,9 @@ #include <named/sortlist.h> ns_sortlisttype_t -ns_sortlist_setup(dns_acl_t *acl, isc_netaddr_t *clientaddr, void **argp) { +ns_sortlist_setup(dns_acl_t *acl, isc_netaddr_t *clientaddr, + const void **argp) +{ unsigned int i; if (acl == NULL) @@ -44,7 +46,7 @@ ns_sortlist_setup(dns_acl_t *acl, isc_netaddr_t *clientaddr, void **argp) { dns_aclelement_t *e = &acl->elements[i]; dns_aclelement_t *try_elt; dns_aclelement_t *order_elt = NULL; - dns_aclelement_t *matched_elt = NULL; + const dns_aclelement_t *matched_elt = NULL; if (e->type == dns_aclelementtype_nestedacl) { dns_acl_t *inner = e->u.nestedacl; @@ -106,8 +108,8 @@ ns_sortlist_setup(dns_acl_t *acl, isc_netaddr_t *clientaddr, void **argp) { } int -ns_sortlist_addrorder2(isc_netaddr_t *addr, void *arg) { - dns_acl_t *sortacl = (dns_acl_t *) arg; +ns_sortlist_addrorder2(const isc_netaddr_t *addr, const void *arg) { + const dns_acl_t *sortacl = (const dns_acl_t *) arg; int match; (void)dns_acl_match(addr, NULL, sortacl, @@ -122,8 +124,8 @@ ns_sortlist_addrorder2(isc_netaddr_t *addr, void *arg) { } int -ns_sortlist_addrorder1(isc_netaddr_t *addr, void *arg) { - dns_aclelement_t *matchelt = (dns_aclelement_t *) arg; +ns_sortlist_addrorder1(const isc_netaddr_t *addr, const void *arg) { + const dns_aclelement_t *matchelt = (const dns_aclelement_t *) arg; if (dns_aclelement_match(addr, NULL, matchelt, &ns_g_server->aclenv, NULL)) { @@ -136,7 +138,7 @@ ns_sortlist_addrorder1(isc_netaddr_t *addr, void *arg) { void ns_sortlist_byaddrsetup(dns_acl_t *sortlist_acl, isc_netaddr_t *client_addr, dns_addressorderfunc_t *orderp, - void **argp) + const void **argp) { ns_sortlisttype_t sortlisttype; diff --git a/contrib/bind9/bin/named/tkeyconf.c b/contrib/bind9/bin/named/tkeyconf.c index 7fc13f3..f23c1db 100644 --- a/contrib/bind9/bin/named/tkeyconf.c +++ b/contrib/bind9/bin/named/tkeyconf.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: tkeyconf.c,v 1.19.208.2 2004/06/11 00:30:51 marka Exp $ */ +/* $Id: tkeyconf.c,v 1.19.208.4 2006/03/02 00:37:20 marka Exp $ */ #include <config.h> @@ -42,17 +42,17 @@ isc_result_t -ns_tkeyctx_fromconfig(cfg_obj_t *options, isc_mem_t *mctx, isc_entropy_t *ectx, - dns_tkeyctx_t **tctxp) +ns_tkeyctx_fromconfig(const cfg_obj_t *options, isc_mem_t *mctx, + isc_entropy_t *ectx, dns_tkeyctx_t **tctxp) { isc_result_t result; dns_tkeyctx_t *tctx = NULL; - char *s; + const char *s; isc_uint32_t n; dns_fixedname_t fname; dns_name_t *name; isc_buffer_t b; - cfg_obj_t *obj; + const cfg_obj_t *obj; int type; result = dns_tkeyctx_create(mctx, ectx, &tctx); diff --git a/contrib/bind9/bin/named/tsigconf.c b/contrib/bind9/bin/named/tsigconf.c index 38524c3..a90438d 100644 --- a/contrib/bind9/bin/named/tsigconf.c +++ b/contrib/bind9/bin/named/tsigconf.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: tsigconf.c,v 1.21.208.4 2004/03/08 04:04:19 marka Exp $ */ +/* $Id: tsigconf.c,v 1.21.208.6 2006/03/02 00:37:20 marka Exp $ */ #include <config.h> @@ -35,10 +35,12 @@ #include <named/tsigconf.h> static isc_result_t -add_initial_keys(cfg_obj_t *list, dns_tsig_keyring_t *ring, isc_mem_t *mctx) { - cfg_listelt_t *element; - cfg_obj_t *key = NULL; - char *keyid = NULL; +add_initial_keys(const cfg_obj_t *list, dns_tsig_keyring_t *ring, + isc_mem_t *mctx) +{ + const cfg_listelt_t *element; + const cfg_obj_t *key = NULL; + const char *keyid = NULL; unsigned char *secret = NULL; int secretalloc = 0; int secretlen = 0; @@ -49,14 +51,14 @@ add_initial_keys(cfg_obj_t *list, dns_tsig_keyring_t *ring, isc_mem_t *mctx) { element != NULL; element = cfg_list_next(element)) { - cfg_obj_t *algobj = NULL; - cfg_obj_t *secretobj = NULL; + const cfg_obj_t *algobj = NULL; + const cfg_obj_t *secretobj = NULL; dns_name_t keyname; dns_name_t *alg; - char *algstr; + const char *algstr; char keynamedata[1024]; isc_buffer_t keynamesrc, keynamebuf; - char *secretstr; + const char *secretstr; isc_buffer_t secretbuf; key = cfg_listelt_value(element); @@ -129,11 +131,11 @@ add_initial_keys(cfg_obj_t *list, dns_tsig_keyring_t *ring, isc_mem_t *mctx) { } isc_result_t -ns_tsigkeyring_fromconfig(cfg_obj_t *config, cfg_obj_t *vconfig, +ns_tsigkeyring_fromconfig(const cfg_obj_t *config, const cfg_obj_t *vconfig, isc_mem_t *mctx, dns_tsig_keyring_t **ringp) { - cfg_obj_t *maps[3]; - cfg_obj_t *keylist; + const cfg_obj_t *maps[3]; + const cfg_obj_t *keylist; dns_tsig_keyring_t *ring = NULL; isc_result_t result; int i; diff --git a/contrib/bind9/bin/named/unix/os.c b/contrib/bind9/bin/named/unix/os.c index f306f14..361d1b6 100644 --- a/contrib/bind9/bin/named/unix/os.c +++ b/contrib/bind9/bin/named/unix/os.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: os.c,v 1.46.2.4.8.22 2005/05/20 01:37:19 marka Exp $ */ +/* $Id: os.c,v 1.46.2.4.8.24 2006/02/03 23:51:37 marka Exp $ */ #include <config.h> #include <stdarg.h> @@ -497,6 +497,13 @@ ns_os_changeuser(void) { #if defined(HAVE_LINUX_CAPABILITY_H) && !defined(HAVE_LINUXTHREADS) linux_minprivs(); #endif +#if defined(HAVE_SYS_PRCTL_H) && defined(PR_SET_DUMPABLE) + /* + * Restore the ability of named to drop core after the setuid() + * call has disabled it. + */ + prctl(PR_SET_DUMPABLE,1,0,0,0); +#endif } void diff --git a/contrib/bind9/bin/named/update.c b/contrib/bind9/bin/named/update.c index 6c2d759..fa0ddb0 100644 --- a/contrib/bind9/bin/named/update.c +++ b/contrib/bind9/bin/named/update.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: update.c,v 1.88.2.5.2.27 2005/10/08 00:21:06 marka Exp $ */ +/* $Id: update.c,v 1.88.2.5.2.29 2006/01/06 00:01:42 marka Exp $ */ #include <config.h> @@ -36,6 +36,7 @@ #include <dns/rdataclass.h> #include <dns/rdataset.h> #include <dns/rdatasetiter.h> +#include <dns/rdatastruct.h> #include <dns/rdatatype.h> #include <dns/soa.h> #include <dns/ssu.h> @@ -1517,7 +1518,8 @@ next_active(ns_client_t *client, dns_zone_t *zone, dns_db_t *db, */ static isc_result_t add_nsec(ns_client_t *client, dns_zone_t *zone, dns_db_t *db, - dns_dbversion_t *ver, dns_name_t *name, dns_diff_t *diff) + dns_dbversion_t *ver, dns_name_t *name, dns_ttl_t nsecttl, + dns_diff_t *diff) { isc_result_t result; dns_dbnode_t *node = NULL; @@ -1552,8 +1554,7 @@ add_nsec(ns_client_t *client, dns_zone_t *zone, dns_db_t *db, * Add the new NSEC and record the change. */ CHECK(dns_difftuple_create(diff->mctx, DNS_DIFFOP_ADD, name, - 3600, /* XXXRTH */ - &rdata, &tuple)); + nsecttl, &rdata, &tuple)); CHECK(do_one_tuple(&tuple, db, ver, diff)); INSIST(tuple == NULL); @@ -1678,6 +1679,11 @@ update_signatures(ns_client_t *client, dns_zone_t *zone, dns_db_t *db, unsigned int nkeys = 0; unsigned int i; isc_stdtime_t now, inception, expire; + dns_ttl_t nsecttl; + dns_rdata_soa_t soa; + dns_rdata_t rdata = DNS_RDATA_INIT; + dns_rdataset_t rdataset; + dns_dbnode_t *node = NULL; dns_diff_init(client->mctx, &diffnames); dns_diff_init(client->mctx, &affected); @@ -1699,6 +1705,20 @@ update_signatures(ns_client_t *client, dns_zone_t *zone, dns_db_t *db, expire = now + sigvalidityinterval; /* + * Get the NSEC's TTL from the SOA MINIMUM field. + */ + CHECK(dns_db_findnode(db, dns_db_origin(db), ISC_FALSE, &node)); + dns_rdataset_init(&rdataset); + CHECK(dns_db_findrdataset(db, node, newver, dns_rdatatype_soa, 0, + (isc_stdtime_t) 0, &rdataset, NULL)); + CHECK(dns_rdataset_first(&rdataset)); + dns_rdataset_current(&rdataset, &rdata); + CHECK(dns_rdata_tostruct(&rdata, &soa, NULL)); + nsecttl = soa.minimum; + dns_rdataset_disassociate(&rdataset); + dns_db_detachnode(db, &node); + + /* * Find all RRsets directly affected by the update, and * update their RRSIGs. Also build a list of names affected * by the update in "diffnames". @@ -1901,8 +1921,8 @@ update_signatures(ns_client_t *client, dns_zone_t *zone, dns_db_t *db, * there is other data, and if there is other data, * there are other RRSIGs. */ - CHECK(add_nsec(client, zone, db, newver, - &t->name, &nsec_diff)); + CHECK(add_nsec(client, zone, db, newver, &t->name, + nsecttl, &nsec_diff)); } } diff --git a/contrib/bind9/bin/named/zoneconf.c b/contrib/bind9/bin/named/zoneconf.c index 41ce69d..66ef905 100644 --- a/contrib/bind9/bin/named/zoneconf.c +++ b/contrib/bind9/bin/named/zoneconf.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: zoneconf.c,v 1.87.2.4.10.15 2005/09/06 02:12:39 marka Exp $ */ +/* $Id: zoneconf.c,v 1.87.2.4.10.19 2006/02/28 06:32:53 marka Exp $ */ #include <config.h> @@ -55,15 +55,15 @@ * Convenience function for configuring a single zone ACL. */ static isc_result_t -configure_zone_acl(cfg_obj_t *zconfig, cfg_obj_t *vconfig, cfg_obj_t *config, - const char *aclname, ns_aclconfctx_t *actx, - dns_zone_t *zone, +configure_zone_acl(const cfg_obj_t *zconfig, const cfg_obj_t *vconfig, + const cfg_obj_t *config, const char *aclname, + ns_aclconfctx_t *actx, dns_zone_t *zone, void (*setzacl)(dns_zone_t *, dns_acl_t *), void (*clearzacl)(dns_zone_t *)) { isc_result_t result; - cfg_obj_t *maps[4]; - cfg_obj_t *aclobj = NULL; + const cfg_obj_t *maps[4]; + const cfg_obj_t *aclobj = NULL; int i = 0; dns_acl_t *dacl = NULL; @@ -72,7 +72,7 @@ configure_zone_acl(cfg_obj_t *zconfig, cfg_obj_t *vconfig, cfg_obj_t *config, if (vconfig != NULL) maps[i++] = cfg_tuple_get(vconfig, "options"); if (config != NULL) { - cfg_obj_t *options = NULL; + const cfg_obj_t *options = NULL; (void)cfg_map_get(config, "options", &options); if (options != NULL) maps[i++] = options; @@ -98,16 +98,18 @@ configure_zone_acl(cfg_obj_t *zconfig, cfg_obj_t *vconfig, cfg_obj_t *config, * Parse the zone update-policy statement. */ static isc_result_t -configure_zone_ssutable(cfg_obj_t *zconfig, dns_zone_t *zone) { - cfg_obj_t *updatepolicy = NULL; - cfg_listelt_t *element, *element2; +configure_zone_ssutable(const cfg_obj_t *zconfig, dns_zone_t *zone) { + const cfg_obj_t *updatepolicy = NULL; + const cfg_listelt_t *element, *element2; dns_ssutable_t *table = NULL; isc_mem_t *mctx = dns_zone_getmctx(zone); isc_result_t result; (void)cfg_map_get(zconfig, "update-policy", &updatepolicy); - if (updatepolicy == NULL) + if (updatepolicy == NULL) { + dns_zone_setssutable(zone, NULL); return (ISC_R_SUCCESS); + } result = dns_ssutable_create(mctx, &table); if (result != ISC_R_SUCCESS) @@ -117,13 +119,13 @@ configure_zone_ssutable(cfg_obj_t *zconfig, dns_zone_t *zone) { element != NULL; element = cfg_list_next(element)) { - cfg_obj_t *stmt = cfg_listelt_value(element); - cfg_obj_t *mode = cfg_tuple_get(stmt, "mode"); - cfg_obj_t *identity = cfg_tuple_get(stmt, "identity"); - cfg_obj_t *matchtype = cfg_tuple_get(stmt, "matchtype"); - cfg_obj_t *dname = cfg_tuple_get(stmt, "name"); - cfg_obj_t *typelist = cfg_tuple_get(stmt, "types"); - char *str; + const cfg_obj_t *stmt = cfg_listelt_value(element); + const cfg_obj_t *mode = cfg_tuple_get(stmt, "mode"); + const cfg_obj_t *identity = cfg_tuple_get(stmt, "identity"); + const cfg_obj_t *matchtype = cfg_tuple_get(stmt, "matchtype"); + const cfg_obj_t *dname = cfg_tuple_get(stmt, "name"); + const cfg_obj_t *typelist = cfg_tuple_get(stmt, "types"); + const char *str; isc_boolean_t grant = ISC_FALSE; unsigned int mtype = DNS_SSUMATCHTYPE_NAME; dns_fixedname_t fname, fident; @@ -191,14 +193,14 @@ configure_zone_ssutable(cfg_obj_t *zconfig, dns_zone_t *zone) { element2 != NULL; element2 = cfg_list_next(element2)) { - cfg_obj_t *typeobj; + const cfg_obj_t *typeobj; isc_textregion_t r; INSIST(i < n); typeobj = cfg_listelt_value(element2); str = cfg_obj_asstring(typeobj); - r.base = str; + DE_CONST(str, r.base); r.length = strlen(str); result = dns_rdatatype_fromtext(&types[i++], &r); @@ -237,8 +239,8 @@ configure_zone_ssutable(cfg_obj_t *zconfig, dns_zone_t *zone) { * Convert a config file zone type into a server zone type. */ static inline dns_zonetype_t -zonetype_fromconfig(cfg_obj_t *map) { - cfg_obj_t *obj = NULL; +zonetype_fromconfig(const cfg_obj_t *map) { + const cfg_obj_t *obj = NULL; isc_result_t result; result = cfg_map_get(map, "type", &obj); @@ -293,7 +295,9 @@ strtoargv(isc_mem_t *mctx, char *s, unsigned int *argcp, char ***argvp) { } static void -checknames(dns_zonetype_t ztype, cfg_obj_t **maps, cfg_obj_t **objp) { +checknames(dns_zonetype_t ztype, const cfg_obj_t **maps, + const cfg_obj_t **objp) +{ const char *zone = NULL; isc_result_t result; @@ -308,17 +312,18 @@ checknames(dns_zonetype_t ztype, cfg_obj_t **maps, cfg_obj_t **objp) { } isc_result_t -ns_zone_configure(cfg_obj_t *config, cfg_obj_t *vconfig, cfg_obj_t *zconfig, - ns_aclconfctx_t *ac, dns_zone_t *zone) +ns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig, + const cfg_obj_t *zconfig, ns_aclconfctx_t *ac, + dns_zone_t *zone) { isc_result_t result; - char *zname; + const char *zname; dns_rdataclass_t zclass; dns_rdataclass_t vclass; - cfg_obj_t *maps[5]; - cfg_obj_t *zoptions = NULL; - cfg_obj_t *options = NULL; - cfg_obj_t *obj; + const cfg_obj_t *maps[5]; + const cfg_obj_t *zoptions = NULL; + const cfg_obj_t *options = NULL; + const cfg_obj_t *obj; const char *filename = NULL; dns_notifytype_t notifytype = dns_notifytype_yes; isc_sockaddr_t *addrs; @@ -428,7 +433,7 @@ ns_zone_configure(cfg_obj_t *config, cfg_obj_t *vconfig, cfg_obj_t *zconfig, else dialup = dns_dialuptype_no; } else { - char *dialupstr = cfg_obj_asstring(obj); + const char *dialupstr = cfg_obj_asstring(obj); if (strcasecmp(dialupstr, "notify") == 0) dialup = dns_dialuptype_notify; else if (strcasecmp(dialupstr, "notify-passive") == 0) @@ -462,7 +467,7 @@ ns_zone_configure(cfg_obj_t *config, cfg_obj_t *vconfig, cfg_obj_t *zconfig, else notifytype = dns_notifytype_no; } else { - char *notifystr = cfg_obj_asstring(obj); + const char *notifystr = cfg_obj_asstring(obj); if (strcasecmp(notifystr, "explicit") == 0) notifytype = dns_notifytype_explicit; else @@ -612,6 +617,7 @@ ns_zone_configure(cfg_obj_t *config, cfg_obj_t *vconfig, cfg_obj_t *zconfig, switch (ztype) { case dns_zone_slave: case dns_zone_stub: + count = 0; obj = NULL; result = cfg_map_get(zoptions, "masters", &obj); if (obj != NULL) { @@ -715,9 +721,9 @@ ns_zone_configure(cfg_obj_t *config, cfg_obj_t *vconfig, cfg_obj_t *zconfig, } isc_boolean_t -ns_zone_reusable(dns_zone_t *zone, cfg_obj_t *zconfig) { - cfg_obj_t *zoptions = NULL; - cfg_obj_t *obj = NULL; +ns_zone_reusable(dns_zone_t *zone, const cfg_obj_t *zconfig) { + const cfg_obj_t *zoptions = NULL; + const cfg_obj_t *obj = NULL; const char *cfilename; const char *zfilename; |
