Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
ISC Open Source Projects
BIND
Commits
2c11da84
Commit
2c11da84
authored
Jun 12, 2017
by
Mukund Sivaraman
Browse files
Don't log NSDNAME failures as NSIP (#45052)
parent
255f5ba5
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
32 additions
and
6 deletions
+32
-6
CHANGES
CHANGES
+3
-0
bin/named/query.c
bin/named/query.c
+29
-6
No files found.
CHANGES
View file @
2c11da84
4635. [bug] Fix RPZ NSDNAME logging that was logging
failures as NSIP. [RT #45052]
4634. [contrib] check5011.pl needs to handle optional space before
semi-colon in +multi-line output. [RT #45352]
...
...
bin/named/query.c
View file @
2c11da84
...
...
@@ -1264,12 +1264,16 @@ rpz_log_rewrite(ns_client_t *client, isc_boolean_t disabled,
}
static void
rpz_log_fail
(
ns_client_t
*
client
,
int
level
,
dns_name_t
*
p_name
,
dns_rpz_type_t
rpz_type
,
const
char
*
str
,
isc_result_t
result
)
rpz_log_fail_helper(ns_client_t *client, int level, dns_name_t *p_name,
dns_rpz_type_t rpz_type1, dns_rpz_type_t rpz_type2,
const char *str, isc_result_t result)
{
char qnamebuf[DNS_NAME_FORMATSIZE];
char p_namebuf[DNS_NAME_FORMATSIZE];
const char *failed;
const char *slash;
const char *rpztypestr1;
const char *rpztypestr2;
if (!isc_log_wouldlog(ns_g_lctx, level))
return;
...
...
@@ -1281,16 +1285,34 @@ rpz_log_fail(ns_client_t *client, int level, dns_name_t *p_name,
failed = "failed: ";
else
failed = ": ";
rpztypestr1 = dns_rpz_type2str(rpz_type1);
if (rpz_type2 != DNS_RPZ_TYPE_BAD) {
slash = "/";
rpztypestr2 = dns_rpz_type2str(rpz_type2);
} else {
slash = "";
rpztypestr2 = "";
}
dns_name_format(client->query.qname, qnamebuf, sizeof(qnamebuf));
dns_name_format(p_name, p_namebuf, sizeof(p_namebuf));
ns_client_log(client, NS_LOGCATEGORY_QUERY_ERRORS,
NS_LOGMODULE_QUERY, level,
"rpz %s rewrite %s via %s%s%s%s"
,
dns_
rpz
_
type
2
str
(
rpz
_
type
)
,
"rpz %s
%s%s
rewrite %s via %s%s%s%s",
rpztypestr
1, slash,
rpztype
str2
,
qnamebuf, p_namebuf,
str, failed, isc_result_totext(result));
}
static void
rpz_log_fail(ns_client_t *client, int level, dns_name_t *p_name,
dns_rpz_type_t rpz_type, const char *str, isc_result_t result)
{
rpz_log_fail_helper(client, level, p_name,
rpz_type, DNS_RPZ_TYPE_BAD, str, result);
}
/*
* Get a policy rewrite zone database.
*/
...
...
@@ -3469,8 +3491,9 @@ rpz_rewrite_ns_skip(ns_client_t *client, dns_name_t *nsname,
st = client->query.rpz_st;
if (str != NULL)
rpz_log_fail
(
client
,
level
,
nsname
,
DNS_RPZ_TYPE_NSIP
,
str
,
result
);
rpz_log_fail_helper(client, level, nsname,
DNS_RPZ_TYPE_NSIP, DNS_RPZ_TYPE_NSDNAME,
str, result);
if (st->r.ns_rdataset != NULL &&
dns_rdataset_isassociated(st->r.ns_rdataset))
dns_rdataset_disassociate(st->r.ns_rdataset);
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
