Commit 03e200df authored by Mark Andrews's avatar Mark Andrews
Browse files

1913. [func] Integrate contibuted DLZ code into named. [RT #11382]

parent 78f70e0b
1913. [func] Integrate contibuted DLZ code into named. [RT #11382]
1912. [port] aix: atomic locking for powerpc. [RT #15020]
1911. [bug] Update windows socket code. [RT #14965]
......
......@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: check-tool.c,v 1.19 2005/08/24 23:53:54 marka Exp $ */
/* $Id: check-tool.c,v 1.20 2005/09/05 00:10:51 marka Exp $ */
/*! \file */
......@@ -435,7 +435,7 @@ load_zone(isc_mem_t *mctx, const char *zonename, const char *filename,
dns_zone_setchecksrv(zone, checksrv);
CHECK(dns_zone_load(zone));
if (zonep != NULL){
if (zonep != NULL) {
*zonep = zone;
zone = NULL;
}
......
......@@ -13,7 +13,7 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# $Id: Makefile.in,v 1.86 2005/01/12 01:56:06 marka Exp $
# $Id: Makefile.in,v 1.87 2005/09/05 00:10:51 marka Exp $
srcdir = @srcdir@
VPATH = @srcdir@
......@@ -31,12 +31,20 @@ DBDRIVER_SRCS =
DBDRIVER_INCLUDES =
DBDRIVER_LIBS =
DLZ_DRIVER_DIR = ${top_srcdir}/contrib/dlz/drivers
DLZDRIVER_OBJS = @DLZ_DRIVER_OBJS@
DLZDRIVER_SRCS = @DLZ_DRIVER_SRCS@
DLZDRIVER_INCLUDES = @DLZ_DRIVER_INCLUDES@
DLZDRIVER_LIBS = @DLZ_DRIVER_LIBS@
CINCLUDES = -I${srcdir}/include -I${srcdir}/unix/include \
${LWRES_INCLUDES} ${DNS_INCLUDES} ${BIND9_INCLUDES} \
${ISCCFG_INCLUDES} ${ISCCC_INCLUDES} ${ISC_INCLUDES} \
${DBDRIVER_INCLUDES}
${DLZDRIVER_INCLUDES} ${DBDRIVER_INCLUDES}
CDEFINES = @USE_DLZ@
CDEFINES =
CWARNINGS =
DNSLIBS = ../../lib/dns/libdns.@A@ @DNS_CRYPTO_LIBS@
......@@ -57,7 +65,8 @@ DEPLIBS = ${LWRESDEPLIBS} ${DNSDEPLIBS} ${BIND9DEPLIBS} \
${ISCCFGDEPLIBS} ${ISCCCDEPLIBS} ${ISCDEPLIBS}
LIBS = ${LWRESLIBS} ${DNSLIBS} ${BIND9LIBS} \
${ISCCFGLIBS} ${ISCCCLIBS} ${ISCLIBS} ${DBDRIVER_LIBS} @LIBS@
${ISCCFGLIBS} ${ISCCCLIBS} ${ISCLIBS} \
${DLZDRIVER_LIBS} ${DBDRIVER_LIBS} @LIBS@
SUBDIRS = unix
......@@ -71,7 +80,7 @@ OBJS = builtin.@O@ client.@O@ config.@O@ control.@O@ \
zoneconf.@O@ \
lwaddr.@O@ lwresd.@O@ lwdclient.@O@ lwderror.@O@ lwdgabn.@O@ \
lwdgnba.@O@ lwdgrbn.@O@ lwdnoop.@O@ lwsearch.@O@ \
$(DBDRIVER_OBJS)
${DLZDRIVER_OBJS} ${DBDRIVER_OBJS}
UOBJS = unix/os.@O@
......@@ -83,7 +92,7 @@ SRCS = builtin.c client.c config.c control.c \
zoneconf.c \
lwaddr.c lwresd.c lwdclient.c lwderror.c lwdgabn.c \
lwdgnba.c lwdgrbn.c lwdnoop.c lwsearch.c \
$(DBDRIVER_SRCS)
${DLZDRIVER_SRCS} ${DBDRIVER_SRCS}
MANPAGES = named.8 lwresd.8 named.conf.5
......@@ -133,3 +142,4 @@ install:: named@EXEEXT@ lwresd@EXEEXT@ installdirs
${INSTALL_DATA} ${srcdir}/lwresd.8 ${DESTDIR}${mandir}/man8
${INSTALL_DATA} ${srcdir}/named.conf.5 ${DESTDIR}${mandir}/man5
@DLZ_DRIVER_RULES@
......@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: main.c,v 1.147 2005/06/10 07:00:19 marka Exp $ */
/* $Id: main.c,v 1.148 2005/09/05 00:10:52 marka Exp $ */
/*! \file */
......@@ -73,6 +73,13 @@
*/
/* #include "xxdb.h" */
/*
* Include DLZ drivers if appropriate.
*/
#ifdef DLZ
#include <dlz/dlz_drivers.h>
#endif
static isc_boolean_t want_stats = ISC_FALSE;
static char program_name[ISC_DIR_NAMEMAX] = "named";
static char absolute_conffile[ISC_DIR_PATHMAX];
......@@ -675,6 +682,16 @@ setup(void) {
*/
/* xxdb_init(); */
#ifdef DLZ
/*
* Registyer any DLZ drivers.
*/
result = dlz_drivers_init();
if (result != ISC_R_SUCCESS)
ns_main_earlyfatal("dlz_drivers_init() failed: %s",
isc_result_totext(result));
#endif
ns_server_create(ns_g_mctx, &ns_g_server);
}
......@@ -691,6 +708,13 @@ cleanup(void) {
*/
/* xxdb_clear(); */
#ifdef DLZ
/*
* Unregister any DLZ drivers.
*/
dlz_drivers_clear();
#endif
isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN,
ISC_LOG_NOTICE, "exiting");
ns_log_shutdown();
......
......@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: query.c,v 1.272 2005/08/18 00:57:26 marka Exp $ */
/* $Id: query.c,v 1.273 2005/09/05 00:10:52 marka Exp $ */
/*! \file */
......@@ -29,6 +29,9 @@
#include <dns/adb.h>
#include <dns/byaddr.h>
#include <dns/db.h>
#ifdef DLZ
#include <dns/dlz.h>
#endif
#include <dns/events.h>
#include <dns/message.h>
#include <dns/ncache.h>
......@@ -508,7 +511,7 @@ ns_query_init(ns_client_t *client) {
client->query.authdb = NULL;
client->query.authzone = NULL;
client->query.authdbset = ISC_FALSE;
client->query.isreferral = ISC_FALSE;
client->query.isreferral = ISC_FALSE;
query_reset(client, ISC_FALSE);
result = query_newdbversion(client, 3);
if (result != ISC_R_SUCCESS) {
......@@ -577,7 +580,7 @@ query_validatezonedb(ns_client_t *client, dns_name_t *name,
/*
* This limits our searching to the zone where the first name
* (the query target) was looked for. This prevents following
* CNAMES or DNAMES into other zones and prevents returning
* CNAMES or DNAMES into other zones and prevents returning
* additional data from other zones.
*/
if (!client->view->additionalfromauth &&
......@@ -654,7 +657,7 @@ query_validatezonedb(ns_client_t *client, dns_name_t *name,
ISC_LOG_DEBUG(3),
"%s approved", msg);
}
} else {
} else {
ns_client_aclmsg("query", name, qtype,
client->view->rdclass,
msg, sizeof(msg));
......@@ -733,7 +736,7 @@ query_getzonedb(ns_client_t *client, dns_name_t *name, dns_rdatatype_t qtype,
if (result == ISC_R_SUCCESS || result == DNS_R_PARTIALMATCH)
result = dns_zone_getdb(zone, &db);
if (result != ISC_R_SUCCESS)
if (result != ISC_R_SUCCESS)
goto fail;
result = query_validatezonedb(client, name, qtype, options, zone, db,
......@@ -801,7 +804,7 @@ query_getcachedb(ns_client_t *client, dns_name_t *name, dns_rdatatype_t qtype,
if (check_acl) {
isc_boolean_t log = ISC_TF((options & DNS_GETDB_NOLOG) == 0);
char msg[NS_CLIENT_ACLMSGSIZE("query (cache)")];
result = ns_client_checkaclsilent(client,
client->view->queryacl,
ISC_TRUE);
......@@ -867,9 +870,85 @@ query_getdb(ns_client_t *client, dns_name_t *name, dns_rdatatype_t qtype,
{
isc_result_t result;
#ifdef DLZ
isc_result_t tresult;
unsigned int namelabels;
unsigned int zonelabels;
dns_zone_t *zone = NULL;
dns_db_t *tdbp;
REQUIRE(zonep != NULL && *zonep == NULL);
tdbp = NULL;
/* Calculate how many labels are in name. */
namelabels = dns_name_countlabels(name);
zonelabels = 0;
/* Try to find name in bind's standard database. */
result = query_getzonedb(client, name, qtype, options, &zone,
dbp, versionp);
/* See how many labels are in the zone's name. */
if (result == ISC_R_SUCCESS && zone != NULL)
zonelabels = dns_name_countlabels(dns_zone_getorigin(zone));
/*
* If # zone labels < # name labels, try to find an even better match
* Only try if a DLZ driver is loaded for this view
*/
if (zonelabels < namelabels && client->view->dlzdatabase != NULL) {
tresult = dns_dlzfindzone(client->view, name,
zonelabels, &tdbp);
/* If we successful, we found a better match. */
if (tresult == ISC_R_SUCCESS) {
/*
* If the previous search returned a zone, detach it.
*/
if (zone != NULL)
dns_zone_detach(&zone);
/*
* If the previous search returned a database,
* detach it.
*/
if (*dbp != NULL)
dns_db_detach(dbp);
/*
* If the previous search returned a version, clear it.
*/
*versionp = NULL;
/*
* Get our database version.
*/
dns_db_currentversion(tdbp, versionp);
/*
* Be sure to return our database.
*/
*dbp = tdbp;
/*
* We return a null zone, No stats for DLZ zones.
*/
zone = NULL;
result = tresult;
}
}
#else
result = query_getzonedb(client, name, qtype, options,
zonep, dbp, versionp);
#endif
/* If successfull, Transfer ownership of zone. */
if (result == ISC_R_SUCCESS) {
#ifdef DLZ
*zonep = zone;
#endif
/*
* If neither attempt above succeeded, return the cache instead
*/
*is_zonep = ISC_TRUE;
} else if (result == ISC_R_NOTFOUND) {
result = query_getcachedb(client, name, qtype, dbp, options);
......@@ -1032,7 +1111,7 @@ query_addadditional(void *arg, dns_name_t *name, dns_rdatatype_t qtype) {
*/
goto try_glue;
result = dns_db_find(db, name, version, type, client->query.dboptions,
result = dns_db_find(db, name, version, type, client->query.dboptions,
client->now, &node, fname, rdataset,
sigrdataset);
if (result == ISC_R_SUCCESS)
......@@ -1248,7 +1327,7 @@ query_addadditional(void *arg, dns_name_t *name, dns_rdatatype_t qtype) {
* recursing to add address records, which in turn can cause
* recursion to add KEYs.
*/
if (type == dns_rdatatype_srv && trdataset != NULL) {
if (type == dns_rdatatype_srv && trdataset != NULL) {
/*
* If we're adding SRV records to the additional data
* section, it's helpful if we add the SRV additional data
......@@ -1325,7 +1404,7 @@ query_iscachevalid(dns_zone_t *zone, dns_db_t *db, dns_db_t *db0,
dns_db_closeversion(db_current, &version_current, ISC_FALSE);
if (db0 == NULL && db_current != NULL)
dns_db_detach(&db_current);
return (result);
}
......@@ -1391,7 +1470,7 @@ query_addadditional2(void *arg, dns_name_t *name, dns_rdatatype_t qtype) {
* lookup and iterate over the node.
* XXXJT: this approach can cause a suboptimal result when the cache
* DB only has partial address types and the glue DB has remaining
* ones.
* ones.
*/
type = dns_rdatatype_any;
......@@ -1682,7 +1761,7 @@ query_addadditional2(void *arg, dns_name_t *name, dns_rdatatype_t qtype) {
setcache:
/*
* Set the new result in the cache if required. We do not support
* caching additional data from a cache DB.
* caching additional data from a cache DB.
*/
if (needadditionalcache == ISC_TRUE &&
(additionaltype == dns_rdatasetadditional_fromauth ||
......@@ -2429,20 +2508,20 @@ query_addwildcardproof(ns_client_t *client, dns_db_t *db,
* Given:
* example SOA
* example NSEC b.example
* b.example A
* b.example NSEC a.d.example
* a.d.example A
* a.d.example NSEC g.f.example
* g.f.example A
* g.f.example NSEC z.i.example
* z.i.example A
* z.i.example NSEC example
* b.example A
* b.example NSEC a.d.example
* a.d.example A
* a.d.example NSEC g.f.example
* g.f.example A
* g.f.example NSEC z.i.example
* z.i.example A
* z.i.example NSEC example
*
* QNAME:
* a.example -> example NSEC b.example
* owner common example
* next common example
* wild *.example
* owner common example
* next common example
* wild *.example
* d.b.example -> b.example NSEC a.d.example
* owner common b.example
* next common example
......@@ -2453,7 +2532,7 @@ query_addwildcardproof(ns_client_t *client, dns_db_t *db,
* wild *.f.example
* j.example -> z.i.example NSEC example
* owner common example
* next common example
* next common example
* wild *.f.example
*/
options = client->query.dboptions | DNS_DBFIND_NOWILD;
......@@ -2514,7 +2593,7 @@ query_addwildcardproof(ns_client_t *client, dns_db_t *db,
name = wname;
goto again;
}
}
}
cleanup:
if (rdataset != NULL)
query_putrdataset(client, &rdataset);
......@@ -2777,7 +2856,7 @@ static isc_result_t
rdata_tonetaddr(dns_rdata_t *rdata, isc_netaddr_t *netaddr) {
struct in_addr ina;
struct in6_addr in6a;
switch (rdata->type) {
case dns_rdatatype_a:
INSIST(rdata->length == 4);
......@@ -2830,7 +2909,7 @@ setup_query_sortlist(ns_client_t *client) {
isc_netaddr_t netaddr;
dns_rdatasetorderfunc_t order = NULL;
void *order_arg = NULL;
isc_netaddr_fromsockaddr(&netaddr, &client->peeraddr);
switch (ns_sortlist_setup(client->view->sortlist,
&netaddr, &order_arg)) {
......@@ -3121,7 +3200,7 @@ query_find(ns_client_t *client, dns_fetchevent_t *event, dns_rdatatype_t qtype)
goto resume;
}
/*
* Not returning from recursion.
*/
......@@ -3216,7 +3295,17 @@ query_find(ns_client_t *client, dns_fetchevent_t *event, dns_rdatatype_t qtype)
if (event == NULL && client->query.restarts == 0) {
if (is_zone) {
dns_zone_attach(zone, &client->query.authzone);
#ifdef DLZ
if (zone != NULL) {
/*
* if is_zone = true, zone = NULL then this is
* a DLZ zone. Don't attempt to attach zone.
*/
#endif
dns_zone_attach(zone, &client->query.authzone);
#ifdef DLZ
}
#endif
dns_db_attach(db, &client->query.authdb);
}
client->query.authdbset = ISC_TRUE;
......@@ -4131,10 +4220,10 @@ ns_query_start(ns_client_t *client) {
if ((message->flags & DNS_MESSAGEFLAG_RD) != 0)
client->query.attributes |= NS_QUERYATTR_WANTRECURSION;
if ((client->extflags & DNS_MESSAGEEXTFLAG_DO) != 0)
client->attributes |= NS_CLIENTATTR_WANTDNSSEC;
if (client->view->minimalresponses)
client->query.attributes |= (NS_QUERYATTR_NOAUTHORITY |
NS_QUERYATTR_NOADDITIONAL);
......
......@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: server.c,v 1.449 2005/08/23 02:36:07 marka Exp $ */
/* $Id: server.c,v 1.450 2005/09/05 00:10:52 marka Exp $ */
/*! \file */
......@@ -48,6 +48,9 @@
#include <dns/cache.h>
#include <dns/db.h>
#include <dns/dispatch.h>
#ifdef DLZ
#include <dns/dlz.h>
#endif
#include <dns/forward.h>
#include <dns/journal.h>
#include <dns/keytable.h>
......@@ -826,6 +829,11 @@ configure_view(dns_view_t *view, cfg_obj_t *config, cfg_obj_t *vconfig,
cfg_obj_t *forwarders;
cfg_obj_t *alternates;
cfg_obj_t *zonelist;
#ifdef DLZ
cfg_obj_t *dlz;
unsigned int dlzargc;
char **dlzargv;
#endif
cfg_obj_t *disabled;
cfg_obj_t *obj;
cfg_listelt_t *element;
......@@ -954,6 +962,45 @@ configure_view(dns_view_t *view, cfg_obj_t *config, cfg_obj_t *vconfig,
actx));
}
#ifdef DLZ
/*
* Create Dynamically Loadable Zone driver.
*/
dlz = NULL;
if (voptions != NULL)
(void)cfg_map_get(voptions, "dlz", &dlz);
else
(void)cfg_map_get(config, "dlz", &dlz);
obj = NULL;
if (dlz != NULL) {
(void)cfg_map_get(cfg_tuple_get(dlz, "options"),
"database", &obj);
if (obj != NULL) {
char *s = isc_mem_strdup(mctx, cfg_obj_asstring(obj));
if (s == NULL) {
result = ISC_R_NOMEMORY;
goto cleanup;
}
result = dns_dlzstrtoargv(mctx, s, &dlzargc, &dlzargv);
if (result != ISC_R_SUCCESS) {
isc_mem_free(mctx, s);
goto cleanup;
}
obj = cfg_tuple_get(dlz, "name");
result = dns_dlzcreate(mctx, cfg_obj_asstring(obj),
dlzargv[0], dlzargc, dlzargv,
&view->dlzdatabase);
isc_mem_free(mctx, s);
isc_mem_put(mctx, dlzargv, dlzargc * sizeof(*dlzargv));
if (result == ISC_R_SUCCESS)
goto cleanup;
}
}
#endif
/*
* Configure the view's cache. Try to reuse an existing
* cache if possible, otherwise create a new cache.
......
......@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: xfrout.c,v 1.119 2005/04/27 04:55:55 sra Exp $ */
/* $Id: xfrout.c,v 1.120 2005/09/05 00:10:53 marka Exp $ */
#include <config.h>
......@@ -27,6 +27,9 @@
#include <dns/db.h>
#include <dns/dbiterator.h>
#ifdef DLZ
#include <dns/dlz.h>
#endif
#include <dns/fixedname.h>
#include <dns/journal.h>
#include <dns/message.h>
......@@ -905,6 +908,9 @@ ns_xfr_start(ns_client_t *client, dns_rdatatype_t reqtype) {
char msg[NS_CLIENT_ACLMSGSIZE("zone transfer")];
char keyname[DNS_NAME_FORMATSIZE];
isc_boolean_t is_poll = ISC_FALSE;
#ifdef DLZ
isc_boolean_t is_dlz = ISC_FALSE;
#endif
switch (reqtype) {
case dns_rdatatype_axfr:
......@@ -955,19 +961,71 @@ ns_xfr_start(ns_client_t *client, dns_rdatatype_t reqtype) {
result = dns_zt_find(client->view->zonetable, question_name, 0, NULL,
&zone);
if (result != ISC_R_SUCCESS)
FAILQ(DNS_R_NOTAUTH, "non-authoritative zone",
question_name, question_class);
switch(dns_zone_gettype(zone)) {
case dns_zone_master:
case dns_zone_slave:
break; /* Master and slave zones are OK for transfer. */
default:
FAILQ(DNS_R_NOTAUTH, "non-authoritative zone",
question_name, question_class);
#ifdef DLZ
{
/*
* Normal zone table does not have a match. Try the DLZ database
*/
if (client->view->dlzdatabase != NULL) {
result = dns_dlzallowzonexfr(client->view,
question_name, &client->peeraddr,
&db);
if (result == ISC_R_NOPERM) {
char _buf1[DNS_NAME_FORMATSIZE];
char _buf2[DNS_RDATACLASS_FORMATSIZE];
result = DNS_R_REFUSED;
dns_name_format(question_name, _buf1,
sizeof(_buf1));
dns_rdataclass_format(question_class,
_buf2, sizeof(_buf2));
ns_client_log(client, DNS_LOGCATEGORY_SECURITY,
NS_LOGMODULE_XFER_OUT,
ISC_LOG_ERROR,
"zone transfer '%s/%s' denied",
_buf1, _buf2);
goto failure;
}
if (result != ISC_R_SUCCESS)
#endif
FAILQ(DNS_R_NOTAUTH, "non-authoritative zone",
question_name, question_class);
#ifdef DLZ
is_dlz = ISC_TRUE;
/*
* DLZ only support full zone transfer, not incremental
*/
if (reqtype != dns_rdatatype_axfr) {
mnemonic = "AXFR-style IXFR";
reqtype = dns_rdatatype_axfr;
}
} else {
/*
* not DLZ and not in normal zone table, we are
* not authoritative
*/
FAILQ(DNS_R_NOTAUTH, "non-authoritative zone",
question_name, question_class);
}
} else {
/* zone table has a match */
#endif
switch(dns_zone_gettype(zone)) {
case dns_zone_master:
case dns_zone_slave:
break; /* Master and slave zones are OK for transfer. */
default:
FAILQ(DNS_R_NOTAUTH, "non-authoritative zone", question_name, question_class);
}
CHECK(dns_zone_getdb(zone, &db));
dns_db_currentversion(db, &ver);
#ifdef DLZ
}
CHECK(dns_zone_getdb(zone, &db));
dns_db_currentversion(db, &ver);
#endif
xfrout_log1(client, question_name, question_class, ISC_LOG_DEBUG(6),
"%s question section OK", mnemonic);
......@@ -1023,11 +1081,20 @@ ns_xfr_start(ns_client_t *client, dns_rdatatype_t reqtype) {
/*
* Decide whether to allow this transfer.
*/
ns_client_aclmsg("zone transfer", question_name, reqtype,