Commit 9198ab37 authored by Mark Andrews's avatar Mark Andrews

3147. [func] Initial inline signing support. [RT #23657]

parent 88070800
3147. [func] Initial inline signing support. [RT #23657]
--- 9.9.0a1 released ---
3146. [test] Fixed gcc4.6.0 errors in ATF. [RT #25598]
......
......@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: config.c,v 1.119 2011/07/01 02:25:47 marka Exp $ */
/* $Id: config.c,v 1.120 2011/08/30 05:16:10 marka Exp $ */
/*! \file */
......@@ -199,6 +199,7 @@ options {\n\
sig-signing-nodes 100;\n\
sig-signing-signatures 10;\n\
sig-signing-type 65534;\n\
inline-signing no;\n\
zone-statistics false;\n\
max-journal-size unlimited;\n\
ixfr-from-differences false;\n\
......@@ -294,7 +295,8 @@ ns_checknames_get(const cfg_obj_t **maps, const char *which,
if (maps[i] == NULL)
return (ISC_R_NOTFOUND);
checknames = NULL;
if (cfg_map_get(maps[i], "check-names", &checknames) == ISC_R_SUCCESS) {
if (cfg_map_get(maps[i], "check-names",
&checknames) == ISC_R_SUCCESS) {
/*
* Zone map entry is not a list.
*/
......@@ -307,7 +309,8 @@ ns_checknames_get(const cfg_obj_t **maps, const char *which,
element = cfg_list_next(element)) {
value = cfg_listelt_value(element);
type = cfg_tuple_get(value, "type");
if (strcasecmp(cfg_obj_asstring(type), which) == 0) {
if (strcasecmp(cfg_obj_asstring(type),
which) == 0) {
*obj = cfg_tuple_get(value, "mode");
return (ISC_R_SUCCESS);
}
......
......@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: zoneconf.h,v 1.28 2010/12/20 23:47:20 tbox Exp $ */
/* $Id: zoneconf.h,v 1.29 2011/08/30 05:16:11 marka Exp $ */
#ifndef NS_ZONECONF_H
#define NS_ZONECONF_H 1
......@@ -33,7 +33,7 @@ ISC_LANG_BEGINDECLS
isc_result_t
ns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
const cfg_obj_t *zconfig, cfg_aclconfctx_t *ac,
dns_zone_t *zone);
dns_zone_t *zone, dns_zone_t *raw);
/*%<
* Configure or reconfigure a zone according to the named.conf
* data in 'cctx' and 'czone'.
......
......@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: server.c,v 1.616 2011/08/02 20:36:11 each Exp $ */
/* $Id: server.c,v 1.617 2011/08/30 05:16:10 marka Exp $ */
/*! \file */
......@@ -3225,6 +3225,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig,
{
dns_view_t *pview = NULL; /* Production view */
dns_zone_t *zone = NULL; /* New or reused zone */
dns_zone_t *raw = NULL; /* New or reused raw zone */
dns_zone_t *dupzone = NULL;
const cfg_obj_t *options = NULL;
const cfg_obj_t *zoptions = NULL;
......@@ -3232,6 +3233,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig,
const cfg_obj_t *forwarders = NULL;
const cfg_obj_t *forwardtype = NULL;
const cfg_obj_t *only = NULL;
const cfg_obj_t *signing = NULL;
isc_result_t result;
isc_result_t tresult;
isc_buffer_t buffer;
......@@ -3378,7 +3380,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig,
dns_zone_setstats(zone, ns_g_server->zonestats);
}
CHECK(ns_zone_configure(config, vconfig, zconfig, aclconf,
zone));
zone, NULL));
dns_zone_attach(zone, &view->redirect);
goto cleanup;
}
......@@ -3469,10 +3471,30 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig,
*/
dns_zone_setadded(zone, added);
signing = NULL;
if ((strcasecmp(ztypestr, "master") == 0 ||
strcasecmp(ztypestr, "slave") == 0) &&
cfg_map_get(zoptions, "inline-signing", &signing) == ISC_R_SUCCESS &&
cfg_obj_asboolean(signing))
{
dns_zone_getraw(zone, &raw);
if (raw == NULL) {
CHECK(dns_zone_create(&raw, mctx));
CHECK(dns_zone_setorigin(raw, origin));
dns_zone_setview(raw, view);
if (view->acache != NULL)
dns_zone_setacache(raw, view->acache);
CHECK(dns_zonemgr_managezone(ns_g_server->zonemgr,
raw));
dns_zone_setstats(raw, ns_g_server->zonestats);
dns_zone_link(zone, raw);
}
}
/*
* Configure the zone.
*/
CHECK(ns_zone_configure(config, vconfig, zconfig, aclconf, zone));
CHECK(ns_zone_configure(config, vconfig, zconfig, aclconf, zone, raw));
/*
* Add the zone to its view in the new view list.
......@@ -3482,6 +3504,8 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig,
cleanup:
if (zone != NULL)
dns_zone_detach(&zone);
if (raw != NULL)
dns_zone_detach(&raw);
if (pview != NULL)
dns_view_detach(&pview);
......
This diff is collapsed.
......@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: zoneconf.c,v 1.178 2011/07/01 02:25:47 marka Exp $ */
/* $Id: zoneconf.c,v 1.179 2011/08/30 05:16:11 marka Exp $ */
/*% */
......@@ -786,7 +786,7 @@ checknames(dns_zonetype_t ztype, const cfg_obj_t **maps,
isc_result_t
ns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
const cfg_obj_t *zconfig, cfg_aclconfctx_t *ac,
dns_zone_t *zone)
dns_zone_t *zone, dns_zone_t *raw)
{
isc_result_t result;
const char *zname;
......@@ -820,6 +820,7 @@ ns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
isc_stats_t *zoneqrystats;
isc_boolean_t zonestats_on;
int seconds;
dns_zone_t *mayberaw = (raw != NULL) ? raw : zone;
i = 0;
if (zconfig != NULL) {
......@@ -851,9 +852,16 @@ ns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
RETERR(ns_config_getclass(cfg_tuple_get(zconfig, "class"),
vclass, &zclass));
dns_zone_setclass(zone, zclass);
if (raw != NULL)
dns_zone_setclass(raw, zclass);
ztype = zonetype_fromconfig(zoptions);
dns_zone_settype(zone, ztype);
if (raw != NULL) {
dns_zone_settype(raw, ztype);
dns_zone_settype(zone, dns_zone_master);
} else
dns_zone_settype(zone, ztype);
obj = NULL;
result = cfg_map_get(zoptions, "database", &obj);
......@@ -914,18 +922,40 @@ ns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
else
INSIST(0);
}
RETERR(dns_zone_setfile2(zone, filename, masterformat));
if (raw != NULL) {
#define SIGNED ".signed"
size_t signedlen = strlen(filename) + sizeof(SIGNED);
char *signedname;
RETERR(dns_zone_setfile2(raw, filename, masterformat));
signedname = isc_mem_get(mctx, signedlen);
if (signedname == NULL)
return (ISC_R_NOMEMORY);
(void)snprintf(signedname, signedlen, "%s" SIGNED, filename);
result = dns_zone_setfile2(zone, signedname,
dns_masterformat_raw);
isc_mem_put(mctx, signedname, signedlen);
if (result != ISC_R_SUCCESS)
return (result);
} else
RETERR(dns_zone_setfile2(zone, filename, masterformat));
obj = NULL;
result = cfg_map_get(zoptions, "journal", &obj);
if (result == ISC_R_SUCCESS)
RETERR(dns_zone_setjournal(zone, cfg_obj_asstring(obj)));
RETERR(dns_zone_setjournal(mayberaw, cfg_obj_asstring(obj)));
/*
* Notify messages are processed by the raw zone if it exists.
*/
if (ztype == dns_zone_slave)
RETERR(configure_zone_acl(zconfig, vconfig, config,
allow_notify, ac, zone,
allow_notify, ac, mayberaw,
dns_zone_setnotifyacl,
dns_zone_clearnotifyacl));
/*
* XXXAG This probably does not make sense for stubs.
*/
......@@ -955,6 +985,8 @@ ns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
else
INSIST(0);
}
if (raw != NULL)
dns_zone_setdialup(raw, dialup);
dns_zone_setdialup(zone, dialup);
obj = NULL;
......@@ -994,6 +1026,8 @@ ns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
else
INSIST(0);
}
if (raw != NULL)
dns_zone_setnotifytype(raw, dns_notifytype_no);
dns_zone_setnotifytype(zone, notifytype);
obj = NULL;
......@@ -1052,6 +1086,8 @@ ns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
obj = NULL;
result = ns_config_get(maps, "max-journal-size", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
if (raw != NULL)
dns_zone_setjournalsize(raw, -1);
dns_zone_setjournalsize(zone, -1);
if (cfg_obj_isstring(obj)) {
const char *str = cfg_obj_asstring(obj);
......@@ -1071,6 +1107,8 @@ ns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
}
journal_size = (isc_uint32_t)value;
}
if (raw != NULL)
dns_zone_setjournalsize(raw, journal_size);
dns_zone_setjournalsize(zone, journal_size);
obj = NULL;
......@@ -1086,7 +1124,14 @@ ns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
ixfrdiff = ISC_TRUE;
else
ixfrdiff = ISC_FALSE;
dns_zone_setoption(zone, DNS_ZONEOPT_IXFRFROMDIFFS, ixfrdiff);
if (raw != NULL) {
dns_zone_setoption(raw, DNS_ZONEOPT_IXFRFROMDIFFS,
ISC_TRUE);
dns_zone_setoption(zone, DNS_ZONEOPT_IXFRFROMDIFFS,
ISC_FALSE);
} else
dns_zone_setoption(zone, DNS_ZONEOPT_IXFRFROMDIFFS,
ixfrdiff);
checknames(ztype, maps, &obj);
INSIST(obj != NULL);
......@@ -1099,8 +1144,21 @@ ns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
fail = check = ISC_FALSE;
} else
INSIST(0);
dns_zone_setoption(zone, DNS_ZONEOPT_CHECKNAMES, check);
dns_zone_setoption(zone, DNS_ZONEOPT_CHECKNAMESFAIL, fail);
if (raw != NULL) {
dns_zone_setoption(raw, DNS_ZONEOPT_CHECKNAMES,
check);
dns_zone_setoption(raw, DNS_ZONEOPT_CHECKNAMESFAIL,
fail);
dns_zone_setoption(zone, DNS_ZONEOPT_CHECKNAMES,
ISC_FALSE);
dns_zone_setoption(zone, DNS_ZONEOPT_CHECKNAMESFAIL,
ISC_FALSE);
} else {
dns_zone_setoption(zone, DNS_ZONEOPT_CHECKNAMES,
check);
dns_zone_setoption(zone, DNS_ZONEOPT_CHECKNAMESFAIL,
fail);
}
obj = NULL;
result = ns_config_get(maps, "notify-delay", &obj);
......@@ -1159,11 +1217,11 @@ ns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
dns_acl_t *updateacl;
RETERR(configure_zone_acl(zconfig, vconfig, config,
allow_update, ac, zone,
allow_update, ac, mayberaw,
dns_zone_setupdateacl,
dns_zone_clearupdateacl));
updateacl = dns_zone_getupdateacl(zone);
updateacl = dns_zone_getupdateacl(mayberaw);
if (updateacl != NULL && dns_acl_isinsecure(updateacl))
isc_log_write(ns_g_lctx, DNS_LOGCATEGORY_SECURITY,
NS_LOGMODULE_SERVER, ISC_LOG_WARNING,
......@@ -1171,7 +1229,12 @@ ns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
"address, which is insecure",
zname);
RETERR(configure_zone_ssutable(zoptions, zone, zname));
RETERR(configure_zone_ssutable(zoptions, mayberaw, zname));
}
if (ztype == dns_zone_master || raw != NULL) {
isc_boolean_t allow = ISC_FALSE, maint = ISC_FALSE;
isc_boolean_t create = ISC_FALSE;
obj = NULL;
result = ns_config_get(maps, "sig-validity-interval", &obj);
......@@ -1236,10 +1299,28 @@ ns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
INSIST(result == ISC_R_SUCCESS && obj != NULL);
RETERR(dns_zone_setrefreshkeyinterval(zone,
cfg_obj_asuint32(obj)));
} else if (ztype == dns_zone_slave) {
obj = NULL;
result = cfg_map_get(zoptions, "auto-dnssec", &obj);
if (result == ISC_R_SUCCESS) {
const char *arg = cfg_obj_asstring(obj);
if (strcasecmp(arg, "allow") == 0)
allow = ISC_TRUE;
else if (strcasecmp(arg, "maintain") == 0)
allow = maint = ISC_TRUE;
else if (strcasecmp(arg, "off") == 0)
;
else
INSIST(0);
dns_zone_setkeyopt(zone, DNS_ZONEKEY_ALLOW, allow);
dns_zone_setkeyopt(zone, DNS_ZONEKEY_MAINTAIN, maint);
}
}
if (ztype == dns_zone_slave) {
RETERR(configure_zone_acl(zconfig, vconfig, config,
allow_update_forwarding, ac, zone,
dns_zone_setforwardacl,
allow_update_forwarding, ac,
mayberaw, dns_zone_setforwardacl,
dns_zone_clearforwardacl));
}
......@@ -1255,7 +1336,7 @@ ns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
check = cfg_obj_asboolean(obj);
else
check = ISC_FALSE;
dns_zone_setoption(zone, DNS_ZONEOPT_CHECKWILDCARD, check);
dns_zone_setoption(mayberaw, DNS_ZONEOPT_CHECKWILDCARD, check);
obj = NULL;
result = ns_config_get(maps, "check-dup-records", &obj);
......@@ -1269,8 +1350,8 @@ ns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
fail = check = ISC_FALSE;
} else
INSIST(0);
dns_zone_setoption(zone, DNS_ZONEOPT_CHECKDUPRR, check);
dns_zone_setoption(zone, DNS_ZONEOPT_CHECKDUPRRFAIL, fail);
dns_zone_setoption(mayberaw, DNS_ZONEOPT_CHECKDUPRR, check);
dns_zone_setoption(mayberaw, DNS_ZONEOPT_CHECKDUPRRFAIL, fail);
obj = NULL;
result = ns_config_get(maps, "check-mx", &obj);
......@@ -1284,13 +1365,13 @@ ns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
fail = check = ISC_FALSE;
} else
INSIST(0);
dns_zone_setoption(zone, DNS_ZONEOPT_CHECKMX, check);
dns_zone_setoption(zone, DNS_ZONEOPT_CHECKMXFAIL, fail);
dns_zone_setoption(mayberaw, DNS_ZONEOPT_CHECKMX, check);
dns_zone_setoption(mayberaw, DNS_ZONEOPT_CHECKMXFAIL, fail);
obj = NULL;
result = ns_config_get(maps, "check-integrity", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setoption(zone, DNS_ZONEOPT_CHECKINTEGRITY,
dns_zone_setoption(mayberaw, DNS_ZONEOPT_CHECKINTEGRITY,
cfg_obj_asboolean(obj));
obj = NULL;
......@@ -1305,8 +1386,8 @@ ns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
warn = ignore = ISC_TRUE;
} else
INSIST(0);
dns_zone_setoption(zone, DNS_ZONEOPT_WARNMXCNAME, warn);
dns_zone_setoption(zone, DNS_ZONEOPT_IGNOREMXCNAME, ignore);
dns_zone_setoption(mayberaw, DNS_ZONEOPT_WARNMXCNAME, warn);
dns_zone_setoption(mayberaw, DNS_ZONEOPT_IGNOREMXCNAME, ignore);
obj = NULL;
result = ns_config_get(maps, "check-srv-cname", &obj);
......@@ -1320,31 +1401,16 @@ ns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
warn = ignore = ISC_TRUE;
} else
INSIST(0);
dns_zone_setoption(zone, DNS_ZONEOPT_WARNSRVCNAME, warn);
dns_zone_setoption(zone, DNS_ZONEOPT_IGNORESRVCNAME, ignore);
dns_zone_setoption(mayberaw, DNS_ZONEOPT_WARNSRVCNAME, warn);
dns_zone_setoption(mayberaw, DNS_ZONEOPT_IGNORESRVCNAME,
ignore);
obj = NULL;
result = ns_config_get(maps, "dnssec-secure-to-insecure", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setoption(zone, DNS_ZONEOPT_SECURETOINSECURE,
dns_zone_setoption(mayberaw, DNS_ZONEOPT_SECURETOINSECURE,
cfg_obj_asboolean(obj));
obj = NULL;
result = cfg_map_get(zoptions, "auto-dnssec", &obj);
if (result == ISC_R_SUCCESS) {
const char *arg = cfg_obj_asstring(obj);
if (strcasecmp(arg, "allow") == 0)
allow = ISC_TRUE;
else if (strcasecmp(arg, "maintain") == 0)
allow = maint = ISC_TRUE;
else if (strcasecmp(arg, "off") == 0)
;
else
INSIST(0);
dns_zone_setkeyopt(zone, DNS_ZONEKEY_ALLOW, allow);
dns_zone_setkeyopt(zone, DNS_ZONEKEY_MAINTAIN, maint);
}
obj = NULL;
result = cfg_map_get(zoptions, "dnssec-update-mode", &obj);
if (result == ISC_R_SUCCESS) {
......@@ -1385,12 +1451,12 @@ ns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
RETERR(ns_config_getipandkeylist(config, obj, mctx,
&addrs, &keynames,
&count));
result = dns_zone_setmasterswithkeys(zone, addrs,
result = dns_zone_setmasterswithkeys(mayberaw, addrs,
keynames, count);
ns_config_putipandkeylist(mctx, &addrs, &keynames,
count);
} else
result = dns_zone_setmasters(zone, NULL, 0);
} else
result = dns_zone_setmasters(mayberaw, NULL, 0);
RETERR(result);
multi = ISC_FALSE;
......@@ -1400,59 +1466,63 @@ ns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
INSIST(result == ISC_R_SUCCESS && obj != NULL);
multi = cfg_obj_asboolean(obj);
}
dns_zone_setoption(zone, DNS_ZONEOPT_MULTIMASTER, multi);
dns_zone_setoption(mayberaw, DNS_ZONEOPT_MULTIMASTER, multi);
obj = NULL;
result = ns_config_get(maps, "max-transfer-time-in", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setmaxxfrin(zone, cfg_obj_asuint32(obj) * 60);
dns_zone_setmaxxfrin(mayberaw, cfg_obj_asuint32(obj) * 60);
obj = NULL;
result = ns_config_get(maps, "max-transfer-idle-in", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setidlein(zone, cfg_obj_asuint32(obj) * 60);
dns_zone_setidlein(mayberaw, cfg_obj_asuint32(obj) * 60);
obj = NULL;
result = ns_config_get(maps, "max-refresh-time", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setmaxrefreshtime(zone, cfg_obj_asuint32(obj));
dns_zone_setmaxrefreshtime(mayberaw, cfg_obj_asuint32(obj));
obj = NULL;
result = ns_config_get(maps, "min-refresh-time", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setminrefreshtime(zone, cfg_obj_asuint32(obj));
dns_zone_setminrefreshtime(mayberaw, cfg_obj_asuint32(obj));
obj = NULL;
result = ns_config_get(maps, "max-retry-time", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setmaxretrytime(zone, cfg_obj_asuint32(obj));
dns_zone_setmaxretrytime(mayberaw, cfg_obj_asuint32(obj));
obj = NULL;
result = ns_config_get(maps, "min-retry-time", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setminretrytime(zone, cfg_obj_asuint32(obj));
dns_zone_setminretrytime(mayberaw, cfg_obj_asuint32(obj));
obj = NULL;
result = ns_config_get(maps, "transfer-source", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
RETERR(dns_zone_setxfrsource4(zone, cfg_obj_assockaddr(obj)));
RETERR(dns_zone_setxfrsource4(mayberaw,
cfg_obj_assockaddr(obj)));
ns_add_reserved_dispatch(ns_g_server, cfg_obj_assockaddr(obj));
obj = NULL;
result = ns_config_get(maps, "transfer-source-v6", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
RETERR(dns_zone_setxfrsource6(zone, cfg_obj_assockaddr(obj)));
RETERR(dns_zone_setxfrsource6(mayberaw,
cfg_obj_assockaddr(obj)));
ns_add_reserved_dispatch(ns_g_server, cfg_obj_assockaddr(obj));
obj = NULL;
result = ns_config_get(maps, "alt-transfer-source", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
RETERR(dns_zone_setaltxfrsource4(zone, cfg_obj_assockaddr(obj)));
RETERR(dns_zone_setaltxfrsource4(mayberaw,
cfg_obj_assockaddr(obj)));
obj = NULL;
result = ns_config_get(maps, "alt-transfer-source-v6", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
RETERR(dns_zone_setaltxfrsource6(zone, cfg_obj_assockaddr(obj)));
RETERR(dns_zone_setaltxfrsource6(mayberaw,
cfg_obj_assockaddr(obj)));
obj = NULL;
(void)ns_config_get(maps, "use-alt-transfer-source", &obj);
......@@ -1468,11 +1538,11 @@ ns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
alt = ISC_FALSE;
} else
alt = cfg_obj_asboolean(obj);
dns_zone_setoption(zone, DNS_ZONEOPT_USEALTXFRSRC, alt);
dns_zone_setoption(mayberaw, DNS_ZONEOPT_USEALTXFRSRC, alt);
obj = NULL;
(void)ns_config_get(maps, "try-tcp-refresh", &obj);
dns_zone_setoption(zone, DNS_ZONEOPT_TRYTCPREFRESH,
dns_zone_setoption(mayberaw, DNS_ZONEOPT_TRYTCPREFRESH,
cfg_obj_asboolean(obj));
break;
......@@ -1540,7 +1610,18 @@ ns_zone_reusable(dns_zone_t *zone, const cfg_obj_t *zconfig) {
if (!((cfilename == NULL && zfilename == NULL) ||
(cfilename != NULL && zfilename != NULL &&
strcmp(cfilename, zfilename) == 0)))
return (ISC_FALSE);
return (ISC_FALSE);
obj = NULL;
(void)cfg_map_get(zoptions, "signing", &obj);
if (obj == NULL || !cfg_obj_asboolean(obj)) {
dns_zone_t *raw = NULL;
dns_zone_getraw(zone, &raw);
if (raw != NULL) {
dns_zone_detach(&raw);
return (ISC_FALSE);
}
}
return (ISC_TRUE);
}
......@@ -15,7 +15,7 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# $Id: conf.sh.in,v 1.68 2011/08/09 02:24:28 marka Exp $
# $Id: conf.sh.in,v 1.69 2011/08/30 05:16:11 marka Exp $
#
# Common configuration data for system tests, to be sourced into
......@@ -54,7 +54,7 @@ JOURNALPRINT=$TOP/bin/tools/named-journalprint
# v6synth
SUBDIRS="acl allow_query addzone autosign builtin cacheclean checkconf
checknames checkzone database dlv dlvauto dlz dlzexternal
dname dns64 dnssec forward glue gost ixfr limits
dname dns64 dnssec forward glue gost ixfr inline limits
logfileconfig lwresd masterfile masterformat metadata notify
nsupdate pending pkcs11 redirect resolver rndc rpz rrsetorder
sortlist smartsign staticstub stub tkey tsig tsiggss unknown
......
rm -f */named.memstats
rm -f */named.run
rm -f */trusted.conf
rm -f ns2/bits.db
rm -f ns3/K*
rm -f ns3/bits.bk
rm -f ns3/bits.bk.jnl
rm -f ns3/bits.bk.signed
rm -f ns3/bits.bk.signed.jnl
rm -f ns4/noixfr.db
rm -f random.data
/*
* Copyright (C) 2011 Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: named.conf,v 1.1 2011/08/30 05:16:13 marka Exp $ */
// NS1
controls { /* empty */ };
options {
query-source address 10.53.0.1;
notify-source 10.53.0.1;
transfer-source 10.53.0.1;
port 5300;
pid-file "named.pid";
listen-on { 10.53.0.1; };
listen-on-v6 { none; };
recursion no;
notify yes;
dnssec-enable yes;
dnssec-validation yes;
};
zone "." {
type master;
file "root.db.signed";
};
// include "trusted.conf";
; Copyright (C) 2004, 2007-2011 Internet Systems Consortium, Inc. ("ISC")
; Copyright (C) 2000-2002 Internet Software Consortium.
;
; Permission to use, copy, modify, and/or distribute this software for any
; purpose with or without fee is hereby granted, provided that the above
; copyright notice and this permission notice appear in all copies.