Commit 952e9025 authored by James Brister's avatar James Brister
Browse files

310. [func] Changes to named.conf "controls" statement (inet

                        subtype only)

                          - support "keys" clause

                                controls {
                                   inet * port 1024
                                        allow { any; } keys { "foo"; }
                                }

                          - allow "port xxx" to be left out of statement,
                            in which case it defaults to omapi's default port
                            of 953.
parent 6c3bd054
310. [func] Changes to named.conf "controls" statement (inet
subtype only)
- support "keys" clause
controls {
inet * port 1024
allow { any; } keys { "foo"; }
}
- allow "port xxx" to be left out of statement,
in which case it defaults to omapi's default port
of 953.
309. [bug] When sending a referral, the server did not look
for name server addresses as glue in the zone
holding the NS RRset in the case where this zone
......
......@@ -15,7 +15,7 @@
* SOFTWARE.
*/
/* $Id: named.conf,v 1.38 2000/06/22 21:50:34 tale Exp $ */
/* $Id: named.conf,v 1.39 2000/07/07 13:56:09 brister Exp $ */
/*
* This is a worthless, nonrunnable example of a named.conf file that has
......@@ -199,6 +199,8 @@ options {
*/
controls {
inet * port 52 allow { any; }; // a bad idea
inet 10.0.0.1 allow { any; }; // a bad idea
inet 10.0.0.2 allow { none; } keys "foo"; // a bad idea
unix "/var/run/ndc" perm 0600 owner 0 group 0; // the default
};
......
......@@ -15,7 +15,7 @@
* SOFTWARE.
*/
/* $Id: confctl.c,v 1.20 2000/05/13 19:44:53 tale Exp $ */
/* $Id: confctl.c,v 1.21 2000/07/07 13:56:10 brister Exp $ */
#include <config.h>
......@@ -58,7 +58,8 @@ dns_c_ctrllist_print(FILE *fp, int indent, dns_c_ctrllist_t *cl) {
REQUIRE(DNS_C_CONFCTLLIST_VALID(cl));
fprintf(fp, "controls {\n");
ctl = ISC_LIST_HEAD(cl->elements);
ctl = dns_c_ctrllist_head(cl);
if (ctl == NULL) {
dns_c_printtabs(fp, indent + 1);
fprintf(fp,"/* empty list */\n");
......@@ -66,9 +67,10 @@ dns_c_ctrllist_print(FILE *fp, int indent, dns_c_ctrllist_t *cl) {
while (ctl != NULL) {
dns_c_printtabs(fp, indent + 1);
dns_c_ctrl_print(fp, indent + 1, ctl);
ctl = ISC_LIST_NEXT(ctl, next);
ctl = dns_c_ctrl_next(ctl);
}
}
fprintf(fp, "};\n");
}
......@@ -103,7 +105,8 @@ dns_c_ctrllist_delete(dns_c_ctrllist_t **list) {
isc_result_t
dns_c_ctrlinet_new(isc_mem_t *mem, dns_c_ctrl_t **control,
isc_sockaddr_t addr, in_port_t port,
dns_c_ipmatchlist_t *iml, isc_boolean_t copy)
dns_c_ipmatchlist_t *iml, const char *key,
isc_boolean_t copy)
{
dns_c_ctrl_t *ctrl;
isc_result_t res;
......@@ -121,6 +124,15 @@ dns_c_ctrlinet_new(isc_mem_t *mem, dns_c_ctrl_t **control,
ctrl->control_type = dns_c_inet_control;
ctrl->u.inet_v.addr = addr;
ctrl->u.inet_v.port = port;
ctrl->u.inet_v.key = NULL;
if (key != NULL) {
ctrl->u.inet_v.key = isc_mem_strdup(mem, key);
if (ctrl->u.inet_v.key == NULL) {
isc_mem_put(mem, ctrl, sizeof *ctrl);
return (ISC_R_NOMEMORY);
}
}
if (copy) {
res = dns_c_ipmatchlist_copy(mem,
......@@ -193,6 +205,11 @@ dns_c_ctrl_delete(dns_c_ctrl_t **control) {
u.inet_v.matchlist);
else
res = ISC_R_SUCCESS;
if (ctrl->u.inet_v.key != NULL) {
isc_mem_free(mem, ctrl->u.inet_v.key);
}
break;
case dns_c_unix_control:
......@@ -235,6 +252,12 @@ dns_c_ctrl_print(FILE *fp, int indent, dns_c_ctrl_t *ctl) {
dns_c_printtabs(fp, indent + 1);
fprintf(fp, "allow ");
dns_c_ipmatchlist_print(fp, indent + 2, iml);
if (ctl->u.inet_v.key != NULL) {
fprintf(fp, "\n");
dns_c_printtabs(fp, indent + 1);
fprintf(fp, "key { \"%s\" ; }", ctl->u.inet_v.key);
}
fprintf(fp, ";\n");
} else {
/* The "#" means force a leading zero */
......@@ -247,3 +270,22 @@ dns_c_ctrl_print(FILE *fp, int indent, dns_c_ctrl_t *ctl) {
}
dns_c_ctrl_t *
dns_c_ctrllist_head (dns_c_ctrllist_t *list)
{
REQUIRE(DNS_C_CONFCTLLIST_VALID(list));
return(ISC_LIST_HEAD(list->elements));
}
dns_c_ctrl_t *
dns_c_ctrl_next(dns_c_ctrl_t *ctl)
{
REQUIRE(DNS_C_CONFCTL_VALID(ctl));
return (ISC_LIST_NEXT(ctl, next));
}
......@@ -16,7 +16,7 @@
* SOFTWARE.
*/
/* $Id: confparser.y,v 1.99 2000/06/21 22:44:19 tale Exp $ */
/* $Id: confparser.y,v 1.100 2000/07/07 13:56:11 brister Exp $ */
#include <config.h>
......@@ -92,6 +92,14 @@ static isc_symtab_t *keywords;
static dns_c_cbks_t *callbacks;
static isc_lexspecials_t specials;
/*
* XXXJAB The #define for the default OMAPI port is not available
* to us, so we make our own.
*/
#define OMAPI_DEFAULT_PORT 953
#define CONF_MAX_IDENT 1024
/* This should be sufficient to permit multiple parsers and lexers if needed */
......@@ -420,6 +428,7 @@ static isc_boolean_t int_too_big(isc_uint32_t base, isc_uint32_t mult);
%type <port_int> maybe_port
%type <port_int> maybe_wild_port
%type <port_int> maybe_zero_port
%type <port_int> control_port
%type <rdatatype> rdatatype
%type <rdatatypelist> rdatatype_list
%type <rrclass> class_name
......@@ -434,6 +443,7 @@ static isc_boolean_t int_too_big(isc_uint32_t base, isc_uint32_t mult);
%type <text> channel_name
%type <text> domain_name
%type <text> key_value
%type <text> control_key
%type <text> ordering_name
%type <text> secret
%type <tformat> transfer_format
......@@ -1480,13 +1490,18 @@ controls: control L_EOS
;
control: /* Empty */
| L_INET maybe_wild_addr L_PORT in_port
L_ALLOW L_LBRACE address_match_list L_RBRACE
| L_INET maybe_wild_addr control_port
L_ALLOW L_LBRACE address_match_list L_RBRACE control_key
{
dns_c_ctrl_t *control;
tmpres = dns_c_ctrlinet_new(currcfg->mem, &control,
$2, $4, $7, ISC_FALSE);
$2, $3, $6, $8, ISC_FALSE);
if ($8 != NULL) {
isc_mem_free(memctx, $8);
}
if (tmpres != ISC_R_SUCCESS) {
parser_error(ISC_FALSE,
"failed to build inet control structure");
......@@ -1513,6 +1528,28 @@ control: /* Empty */
}
;
control_key: /* nothing */
{
$$ = NULL;
}
| L_KEYS key_value
{
$$ = $2;
};
control_port: /* nothing */
{
$$ = OMAPI_DEFAULT_PORT;
}
| L_PORT in_port
{
$$ = $2;
};
rrset_ordering_list: rrset_ordering_element L_EOS
| rrset_ordering_list rrset_ordering_element L_EOS
;
......
......@@ -15,7 +15,7 @@
* SOFTWARE.
*/
/* $Id: confctl.h,v 1.15 2000/06/22 21:55:19 tale Exp $ */
/* $Id: confctl.h,v 1.16 2000/07/07 13:56:13 brister Exp $ */
#ifndef DNS_CONFCTL_H
#define DNS_CONFCTL_H 1
......@@ -87,6 +87,7 @@ struct dns_c_ctrl {
isc_sockaddr_t addr;
in_port_t port;
dns_c_ipmatchlist_t *matchlist;
char *key;
} inet_v; /* when control_type == dns_c_inet_control */
struct {
char *pathname;
......@@ -116,7 +117,8 @@ ISC_LANG_BEGINDECLS
isc_result_t
dns_c_ctrlinet_new(isc_mem_t *mem, dns_c_ctrl_t **control,
isc_sockaddr_t addr, in_port_t port,
dns_c_ipmatchlist_t *iml, isc_boolean_t copy);
dns_c_ipmatchlist_t *iml, const char *key,
isc_boolean_t copy);
/*
* Creates a new INET control object. If COPY is true then a deep copy is
* made of IML, otherwise the value of IML is stored directly in the new
......@@ -210,6 +212,11 @@ dns_c_ctrllist_print(FILE *fp, int indent, dns_c_ctrllist_t *cl);
*
*/
dns_c_ctrl_t *dns_c_ctrllist_head (dns_c_ctrllist_t *list);
dns_c_ctrl_t *dns_c_ctrl_next(dns_c_ctrl_t *ctrl);
ISC_LANG_ENDDECLS
#endif /* DNS_CONFCTL_H */
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment