Commit c78dc8b0 authored by James Brister's avatar James Brister
Browse files

Added new listen-on-v6 config file statement.

Consider it a config file error if a listen-on statement has an IPv6
address in it, or a listen-on-v6 statement has an IPv4 address in it.
parent abf2e095
236. [func] Added new listen-on-v6 config file statement.
235. [func] Consider it a config file error if a listen-on
statement has an IPv6 address in it, or a
listen-on-v6 statement has an IPv4 address in it.
234. [bug] Allow a trusted-key's first field (domain-name) be
either a quoted or an unquoted string, instead of
requiring a quoted string.
......
......@@ -97,7 +97,7 @@ options {
listen-on {
10/24;
10.0.0.3; 1:2:3:4:5:6:7:8;
10.0.0.3;
};
listen-on port 53 { any; };
......@@ -109,6 +109,15 @@ options {
1.2.3/24;
};
listen-on-v6 {
1:1:1:1:1:1:1:1;
10.0.0.1;
};
listen-on-v6 port 777 {
2:2:2:2:2:2:2:2;
};
query-source-v6 address 8:7:6:5:4:3:2:1 port *;
query-source port * address 10.0.0.54 ;
......
......@@ -15,7 +15,7 @@
* SOFTWARE.
*/
/* $Id: confctx.c,v 1.61 2000/06/05 09:17:05 brister Exp $ */
/* $Id: confctx.c,v 1.62 2000/06/05 22:08:43 brister Exp $ */
#include <config.h>
......@@ -228,6 +228,7 @@ dns_c_checkconfig(dns_c_ctx_t *cfg)
isc_result_t result = ISC_R_SUCCESS;
isc_result_t tmpres;
dns_c_rrsolist_t *olist;
dns_c_lstnlist_t *listenlist;
if (dns_c_ctx_getnamedxfer(cfg, &cpval) != ISC_R_NOTFOUND) {
......@@ -492,7 +493,21 @@ dns_c_checkconfig(dns_c_ctx_t *cfg)
result = tmpres;
}
}
if (dns_c_ctx_getlistenlist(cfg, &listenlist) != ISC_R_NOTFOUND) {
tmpres = dns_c_lstnlist_validate(listenlist);
if (tmpres != ISC_R_SUCCESS) {
result = tmpres;
}
}
if (dns_c_ctx_getv6listenlist(cfg, &listenlist) != ISC_R_NOTFOUND) {
tmpres = dns_c_lstnlistv6_validate(listenlist);
if (tmpres != ISC_R_SUCCESS) {
result = tmpres;
}
}
return (result);
}
......@@ -1001,6 +1016,12 @@ dns_c_ctx_optionsprint(FILE *fp, int indent, dns_c_options_t *options)
defport);
}
if (options->v6listens != NULL) {
dns_c_lstnlistv6_print(fp, indent + 1,
options->v6listens,
defport);
}
dns_c_ctx_forwarderprint(fp, indent + 1, options);
if (options->ordering != NULL) {
......@@ -1471,6 +1492,8 @@ dns_c_ctx_optionsnew(isc_mem_t *mem, dns_c_options_t **options)
opts->allowupdateforwarding = NULL;
opts->listens = NULL;
opts->v6listens = NULL;
opts->ordering = NULL;
opts->forwarders = NULL;
......@@ -1611,6 +1634,12 @@ dns_c_ctx_optionsdelete(dns_c_options_t **opts)
result = r;
}
if (options->v6listens != NULL) {
r = dns_c_lstnlist_delete(&options->v6listens);
if (r != ISC_R_SUCCESS)
result = r;
}
if (options->ordering != NULL) {
r = dns_c_rrsolist_delete(&options->ordering);
if (r != ISC_R_SUCCESS)
......@@ -2249,59 +2278,6 @@ dns_c_ctx_setrrsetorderlist(dns_c_ctx_t *cfg, isc_boolean_t copy,
}
isc_result_t
dns_c_ctx_addlisten_on(dns_c_ctx_t *cfg,int port, dns_c_ipmatchlist_t *ml,
isc_boolean_t copy)
{
dns_c_lstnon_t *lo;
isc_result_t res;
dns_c_options_t *opts;
REQUIRE(DNS_C_CONFCTX_VALID(cfg));
REQUIRE(port >= 0 && port <= 65535);
res = make_options(cfg);
if (res != ISC_R_SUCCESS) {
return (res);
}
opts = cfg->options;
if (opts->listens == NULL) {
res = dns_c_lstnlist_new(cfg->mem, &opts->listens);
if (res != ISC_R_SUCCESS) {
return (res);
}
}
#if 0
lo = ISC_LIST_HEAD(opts->listens->elements);
while (lo != NULL) {
/* XXX we should probably check that a listen on statement
* hasn't been done for the same post, ipmatch list
* combination
*/
if (lo->port == port) { /* XXX incomplete */
return (ISC_R_FAILURE);
}
lo = ISC_LIST_NEXT(lo, next);
}
#endif
res = dns_c_lstnon_new(cfg->mem, &lo);
if (res != ISC_R_SUCCESS) {
return (res);
}
lo->port = port;
res = dns_c_lstnon_setiml(lo, ml, copy);
ISC_LIST_APPEND(opts->listens->elements, lo, next);
return (res);
}
isc_result_t
dns_c_ctx_settrustedkeys(dns_c_ctx_t *cfg, dns_c_tkeylist_t *list,
isc_boolean_t copy)
......@@ -2388,6 +2364,60 @@ dns_c_ctx_gettkeydhkey(dns_c_ctx_t *cfg,
isc_result_t
dns_c_ctx_addlisten_on(dns_c_ctx_t *cfg, in_port_t port,
dns_c_ipmatchlist_t *ml,
isc_boolean_t copy)
{
dns_c_lstnon_t *lo;
isc_result_t res;
dns_c_options_t *opts;
REQUIRE(DNS_C_CONFCTX_VALID(cfg));
res = make_options(cfg);
if (res != ISC_R_SUCCESS) {
return (res);
}
opts = cfg->options;
if (opts->listens == NULL) {
res = dns_c_lstnlist_new(cfg->mem, &opts->listens);
if (res != ISC_R_SUCCESS) {
return (res);
}
}
#if 0
lo = ISC_LIST_HEAD(opts->listens->elements);
while (lo != NULL) {
/* XXX we should probably check that a listen on statement
* hasn't been done for the same post, ipmatch list
* combination
*/
if (lo->port == port) { /* XXX incomplete */
return (ISC_R_FAILURE);
}
lo = ISC_LIST_NEXT(lo, next);
}
#endif
res = dns_c_lstnon_new(cfg->mem, &lo);
if (res != ISC_R_SUCCESS) {
return (res);
}
lo->port = port;
res = dns_c_lstnon_setiml(lo, ml, copy);
ISC_LIST_APPEND(opts->listens->elements, lo, next);
return (res);
}
isc_result_t
dns_c_ctx_getlistenlist(dns_c_ctx_t *cfg, dns_c_lstnlist_t **ll)
{
......@@ -2410,6 +2440,85 @@ dns_c_ctx_getlistenlist(dns_c_ctx_t *cfg, dns_c_lstnlist_t **ll)
isc_result_t
dns_c_ctx_addv6listen_on(dns_c_ctx_t *cfg, in_port_t port,
dns_c_ipmatchlist_t *ml, isc_boolean_t copy)
{
dns_c_lstnon_t *lo;
isc_result_t res;
dns_c_options_t *opts;
REQUIRE(DNS_C_CONFCTX_VALID(cfg));
res = make_options(cfg);
if (res != ISC_R_SUCCESS) {
return (res);
}
opts = cfg->options;
if (opts->v6listens == NULL) {
res = dns_c_lstnlist_new(cfg->mem, &opts->v6listens);
if (res != ISC_R_SUCCESS) {
return (res);
}
}
#if 0
lo = ISC_LIST_HEAD(opts->v6listens->elements);
while (lo != NULL) {
/* XXX we should probably check that a listen on statement
* hasn't been done for the same post, ipmatch list
* combination
*/
if (lo->port == port) { /* XXX incomplete */
return (ISC_R_FAILURE);
}
lo = ISC_LIST_NEXT(lo, next);
}
#endif
res = dns_c_lstnon_new(cfg->mem, &lo);
if (res != ISC_R_SUCCESS) {
return (res);
}
lo->port = port;
res = dns_c_lstnon_setiml(lo, ml, copy);
ISC_LIST_APPEND(opts->v6listens->elements, lo, next);
return (res);
}
isc_result_t
dns_c_ctx_getv6listenlist(dns_c_ctx_t *cfg, dns_c_lstnlist_t **ll)
{
REQUIRE(DNS_C_CONFCTX_VALID(cfg));
if (cfg->options == NULL) {
return (ISC_R_NOTFOUND);
}
REQUIRE(ll != NULL);
*ll = NULL;
if (cfg->options->v6listens != NULL) {
*ll = cfg->options->v6listens;
}
return (*ll == NULL ? ISC_R_NOTFOUND : ISC_R_SUCCESS);
}
isc_result_t
dns_c_ctx_setforwarders(dns_c_ctx_t *cfg, isc_boolean_t copy,
dns_c_iplist_t *ipl)
......
......@@ -15,7 +15,7 @@
* SOFTWARE.
*/
/* $Id: confip.c,v 1.24 2000/05/08 14:35:27 tale Exp $ */
/* $Id: confip.c,v 1.25 2000/06/05 22:08:44 brister Exp $ */
#include <config.h>
......@@ -730,6 +730,41 @@ dns_c_ipmatchlist_print(FILE *fp, int indent, dns_c_ipmatchlist_t *ml) {
return (ISC_R_SUCCESS);
}
isc_boolean_t
dns_c_ipmatchlist_walk(dns_c_ipmatchlist_t *list, dns_c_ipmlwalker func)
{
isc_boolean_t retval = ISC_TRUE;
dns_c_ipmatchelement_t *ipme ;
REQUIRE(DNS_C_IPMLIST_VALID(list));
ipme = ISC_LIST_HEAD(list->elements);
while (retval == ISC_TRUE && ipme != NULL) {
switch (ipme->type) {
case dns_c_ipmatch_pattern:
retval = retval && (*func)(&ipme->u.direct);
break;
case dns_c_ipmatch_indirect:
retval = retval &&
dns_c_ipmatchlist_walk(ipme->u.indirect.list,
func);
break;
default:
break;
}
ipme = ISC_LIST_NEXT(ipme, next);
}
return (retval);
}
isc_result_t
dns_c_iplist_new(isc_mem_t *mem, int length, dns_c_iplist_t **newlist) {
dns_c_iplist_t *list;
......
......@@ -15,7 +15,7 @@
* SOFTWARE.
*/
/* $Id: conflsn.c,v 1.14 2000/06/04 19:51:14 brister Exp $ */
/* $Id: conflsn.c,v 1.15 2000/06/05 22:08:45 brister Exp $ */
#include <config.h>
......@@ -23,6 +23,7 @@
#include <isc/util.h>
#include <dns/conflsn.h>
#include <dns/log.h>
#include "confpvt.h"
......@@ -179,6 +180,25 @@ dns_c_lstnlist_print(FILE *fp, int indent, dns_c_lstnlist_t *ll,
return (ISC_R_SUCCESS);
}
isc_result_t
dns_c_lstnlistv6_print(FILE *fp, int indent, dns_c_lstnlist_t *ll,
in_port_t default_port)
{
dns_c_lstnon_t *lo;
REQUIRE(DNS_C_LISTENLIST_VALID(ll));
lo = ISC_LIST_HEAD(ll->elements);
while (lo != NULL) {
dns_c_printtabs(fp, indent);
dns_c_lstnonv6_print(fp, indent, lo, default_port);
lo = ISC_LIST_NEXT(lo, next);
fprintf(fp, "\n");
}
return (ISC_R_SUCCESS);
}
isc_result_t
dns_c_lstnon_print(FILE *fp, int indent, dns_c_lstnon_t *lo,
in_port_t default_port) {
......@@ -196,3 +216,94 @@ dns_c_lstnon_print(FILE *fp, int indent, dns_c_lstnon_t *lo,
return (ISC_R_SUCCESS);
}
isc_result_t
dns_c_lstnonv6_print(FILE *fp, int indent, dns_c_lstnon_t *lo,
in_port_t default_port) {
REQUIRE(lo != NULL);
REQUIRE(DNS_C_LISTEN_VALID(lo));
fprintf(fp, "listen-on-v6 ");
if (lo->port != default_port) {
fprintf(fp, "port %d ", lo->port);
}
dns_c_ipmatchlist_print(fp, indent + 1, lo->iml);
fprintf(fp, ";\n");
return (ISC_R_SUCCESS);
}
static isc_boolean_t
checklisten_element(dns_c_ipmatch_direct_t *element)
{
return (ISC_TF(isc_sockaddr_pf(&element->address) == AF_INET));
}
static isc_boolean_t
checkv6listen_element(dns_c_ipmatch_direct_t *element)
{
return (ISC_TF(isc_sockaddr_pf(&element->address) == AF_INET6));
}
/*
* Post confirguation load validation of list-on lists.
*/
isc_result_t
dns_c_lstnlist_validate(dns_c_lstnlist_t *ll)
{
dns_c_lstnon_t *lo;
isc_boolean_t checkval;
REQUIRE(DNS_C_LISTENLIST_VALID(ll));
lo = ISC_LIST_HEAD(ll->elements);
while (lo != NULL) {
checkval = dns_c_ipmatchlist_walk(lo->iml,
checklisten_element);
if (!checkval) {
isc_log_write(dns_lctx,DNS_LOGCATEGORY_CONFIG,
DNS_LOGMODULE_CONFIG, ISC_LOG_ERROR,
"listen-on must have IPv4 "
"addresses only.");
return (ISC_R_FAILURE);
}
lo = ISC_LIST_NEXT(lo, next);
}
return (ISC_R_SUCCESS);
}
isc_result_t
dns_c_lstnlistv6_validate(dns_c_lstnlist_t *ll)
{
dns_c_lstnon_t *lo;
isc_boolean_t checkval;
REQUIRE(DNS_C_LISTENLIST_VALID(ll));
lo = ISC_LIST_HEAD(ll->elements);
while (lo != NULL) {
checkval = dns_c_ipmatchlist_walk(lo->iml,
checkv6listen_element);
if (!checkval) {
isc_log_write(dns_lctx,DNS_LOGCATEGORY_CONFIG,
DNS_LOGMODULE_CONFIG, ISC_LOG_ERROR,
"listen-on-v6 must have IPv6 "
"addresses only.");
return (ISC_R_FAILURE);
}
lo = ISC_LIST_NEXT(lo, next);
}
return (ISC_R_SUCCESS);
}
......@@ -16,7 +16,7 @@
* SOFTWARE.
*/
/* $Id: confparser.y,v 1.90 2000/06/05 20:32:00 brister Exp $ */
/* $Id: confparser.y,v 1.91 2000/06/05 22:08:47 brister Exp $ */
#include <config.h>
......@@ -291,6 +291,7 @@ static isc_boolean_t int_too_big(isc_uint32_t base, isc_uint32_t mult);
%token L_LAME_TTL
%token L_LBRACE
%token L_LISTEN_ON
%token L_LISTEN_ON_V6
%token L_LOGGING
%token L_MAINTAIN_IXFR_BASE
%token L_MANY_ANSWERS
......@@ -845,6 +846,24 @@ option: /* Empty */
}
}
}
| L_LISTEN_ON_V6 maybe_port L_LBRACE address_match_list L_RBRACE
{
if ($4 == NULL) {
parser_warning(ISC_FALSE,
"address-match-list empty implies"
"listen statement ignored");
} else {
tmpres = dns_c_ctx_addv6listen_on(currcfg, $2, $4,
ISC_FALSE);
if (tmpres != ISC_R_SUCCESS) {
parser_error(ISC_FALSE,
"failed to add "
"v6listen statement");
YYABORT;
}
}
}
| L_FORWARD forward_opt
{
tmpres = dns_c_ctx_setforward(currcfg, $2);
......@@ -5014,6 +5033,7 @@ static struct token keyword_tokens [] = {
{ "keys", L_KEYS },
{ "lame-ttl", L_LAME_TTL },
{ "listen-on", L_LISTEN_ON },
{ "listen-on-v6", L_LISTEN_ON_V6 },
{ "logging", L_LOGGING },
{ "maintain-ixfr-base", L_MAINTAIN_IXFR_BASE },
{ "many-answers", L_MANY_ANSWERS },
......
......@@ -192,6 +192,8 @@ struct dns_c_options {
dns_c_ipmatchlist_t *allowupdateforwarding;
dns_c_lstnlist_t *listens;
dns_c_lstnlist_t *v6listens;
dns_c_rrsolist_t *ordering;
dns_c_iplist_t *forwarders;
......@@ -691,13 +693,20 @@ isc_result_t dns_c_ctx_getforwarders(dns_c_ctx_t *cfg, dns_c_iplist_t **list);
isc_result_t dns_c_ctx_unsetforwarders(dns_c_ctx_t *cfg);
isc_result_t dns_c_ctx_addlisten_on(dns_c_ctx_t *cfg, int port,
isc_result_t dns_c_ctx_addlisten_on(dns_c_ctx_t *cfg, in_port_t port,
dns_c_ipmatchlist_t *ml,
isc_boolean_t copy);
isc_result_t dns_c_ctx_getlistenlist(dns_c_ctx_t *cfg,
dns_c_lstnlist_t **ll);
isc_result_t dns_c_ctx_addv6listen_on(dns_c_ctx_t *cfg, in_port_t port,
dns_c_ipmatchlist_t *ml,
isc_boolean_t copy);
isc_result_t dns_c_ctx_getv6listenlist(dns_c_ctx_t *cfg,
dns_c_lstnlist_t **ll);
isc_result_t dns_c_ctx_setrrsetorderlist(dns_c_ctx_t *cfg, isc_boolean_t copy,
dns_c_rrsolist_t *olist);
isc_result_t dns_c_ctx_getrrsetorderlist(dns_c_ctx_t *cfg,
......
......@@ -99,7 +99,7 @@ struct dns_c_iplist {
struct dns_c_ipmatch_direct {
isc_uint32_t magic;
isc_sockaddr_t address; /* XXX IPv6??? */
isc_sockaddr_t address;
isc_uint32_t mask;
};
......@@ -150,109 +150,108 @@ ISC_LANG_BEGINDECLS
*/
isc_result_t
dns_c_ipmatchelement_new(isc_mem_t *mem, dns_c_ipmatchelement_t **result);
isc_result_t dns_c_ipmatchelement_new(isc_mem_t *mem,
dns_c_ipmatchelement_t **result);
isc_result_t
dns_c_ipmatchelement_delete(isc_mem_t *mem, dns_c_ipmatchelement_t **ipme);
isc_result_t dns_c_ipmatchelement_delete(isc_mem_t *mem,
dns_c_ipmatchelement_t **ipme);
isc_result_t
dns_c_ipmatchelement_copy(isc_mem_t *mem, dns_c_ipmatchelement_t **dest,
dns_c_ipmatchelement_t *src);
isc_result_t dns_c_ipmatchelement_copy(isc_mem_t *mem,
dns_c_ipmatchelement_t **dest,
dns_c_ipmatchelement_t *src);
isc_result_t
dns_c_ipmatchelement_print(FILE *fp, int indent, dns_c_ipmatchelement_t *ime);
isc_result_t dns_c_ipmatchelement_print(FILE *fp, int indent,
dns_c_ipmatchelement_t *ime);
isc_boolean_t
dns_c_ipmatchelement_isneg(dns_c_ipmatchelement_t *elem);
isc_boolean_t dns_c_ipmatchelement_isneg(dns_c_ipmatchelement_t *elem);
isc_result_t
dns_c_ipmatch_negate(dns_c_ipmatchelement_t *ipe);
isc_result_t dns_c_ipmatch_negate(dns_c_ipmatchelement_t *ipe);
isc_result_t
dns_c_ipmatch_aclnew(isc_mem_t *mem, dns_c_ipmatchelement_t **result,
const char *aclname);
isc_result_t dns_c_ipmatch_aclnew(isc_mem_t *mem,
dns_c_ipmatchelement_t **result,