config.c revision c4f54e5bd1cd09f601252627b5b26768ab797742
8664a1bd40814ed0b42eacfc5eb354b598dfd6dfTinderbox User * Copyright (C) 2004-2014 Internet Systems Consortium, Inc. ("ISC")
40f53fa8d9c6a4fc38c0014495e7a42b08f52481David Lawrence * Copyright (C) 2001-2003 Internet Software Consortium.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews * Permission to use, copy, modify, and/or distribute this software for any
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews * purpose with or without fee is hereby granted, provided that the above
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley * copyright notice and this permission notice appear in all copies.
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
9c3531d72aeaad6c5f01efe6a1c82023e1379e4dDavid Lawrence * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
26cf4737b3e84c3a686a5eacebf22ac39e57d4caMark Andrews * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley * PERFORMANCE OF THIS SOFTWARE.
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt/*% default configuration */
ae8b7e02a8e5d7febba7d79b2c759add95a48f60Brian Wellington automatic-interface-scan yes;\n\
ae8b7e02a8e5d7febba7d79b2c759add95a48f60Brian Wellington# blackhole {none;};\n"
1b32bc7da1da9059abd68d6dd15b23e8a442afa3Brian Wellington" coresize default;\n\
0d89afffb26d5e53a761fc425dab3dda07c7e191Brian Wellington datasize default;\n\
1b32bc7da1da9059abd68d6dd15b23e8a442afa3Brian Wellington files unlimited;\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 stacksize default;\n"
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt"# session-keyfile \"" NS_LOCALSTATEDIR "/run/named/session.key\";\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt session-keyname local-ddns;\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 session-keyalg hmac-sha256;\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt deallocate-on-exit true;\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt# directory <none>\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt dump-file \"named_dump.db\";\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt fake-iquery no;\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt has-old-clients false;\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt heartbeat-interval 60;\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt host-statistics no;\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt interface-interval 60;\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt listen-on {any;};\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt listen-on-v6 {any;};\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt match-mapped-addresses no;\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt max-rsa-exponent-size 0; /* no limit */\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt memstatistics-file \"named.memstats\";\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt multiple-cnames no;\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt# named-xfer <obsolete>;\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt nta-lifetime 3600;\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt nta-recheck 300;\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt notify-rate 20;\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt# pid-file \"" NS_LOCALSTATEDIR "/run/named/named.pid\"; /* or /lwresd.pid */\n\
62f016d5d301713c72a59e83d3ab41170a77f674Mark Andrews prefetch 2 9;\n\
62f016d5d301713c72a59e83d3ab41170a77f674Mark Andrews recursing-file \"named.recursing\";\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 secroots-file \"named.secroots\";\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 recursive-clients 1000;\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 resolver-query-timeout 10;\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 rrset-order { order random; };\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 serial-queries 20;\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 serial-query-rate 20;\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 server-id none;\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 startup-notify-rate 20;\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 statistics-file \"named.stats\";\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 statistics-interval 60;\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 tcp-clients 100;\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 tcp-listen-queue 10;\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉# tkey-dhkey <none>\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉# tkey-gssapi-credential <none>\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉# tkey-domain <none>\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 transfers-per-ns 2;\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 transfers-in 10;\n\
d7201de09b85929a86b157f4b2d91667c68c6b52Automatic Updater transfers-out 10;\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 treat-cr-as-space true;\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 use-id-pool true;\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 use-ixfr true;\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 edns-udp-size 4096;\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 max-udp-size 4096;\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt nosit-udp-size 4096;\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 request-sit true;\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 request-nsid false;\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 reserved-sockets 512;\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 dnssec-lookaside . trust-anchor dlv.isc.org;\n\
62f016d5d301713c72a59e83d3ab41170a77f674Mark Andrews /* view */\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 allow-notify {none;};\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 allow-update-forwarding {none;};\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 allow-query-cache { localnets; localhost; };\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 allow-query-cache-on { any; };\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 allow-recursion { localnets; localhost; };\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 allow-recursion-on { any; };\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉# allow-v6-synthesis <obsolete>;\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉# sortlist <none>\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉# topology <none>\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 auth-nxdomain false;\n\
62f016d5d301713c72a59e83d3ab41170a77f674Mark Andrews minimal-responses false;\n\
62f016d5d301713c72a59e83d3ab41170a77f674Mark Andrews recursion true;\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt provide-ixfr true;\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt request-ixfr true;\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt request-expire true;\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt fetch-glue no;\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt rfc2308-type1 no;\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt additional-from-auth true;\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt additional-from-cache true;\n\
8fec8134ea13c2c082c3e63f1ce0afd851e45a91Tatuya JINMEI 神明達哉 query-source address *;\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 query-source-v6 address *;\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 notify-source *;\n\
a829555ed724caa56b1ff7716d7eda2266491eafBob Halley notify-source-v6 *;\n\
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein cleaning-interval 0; /* now meaningless */\n\
03dd96d177e4ed6771be7fb5f86a3a9d5f17be4eBob Halley min-roots 2;\n\
03dd96d177e4ed6771be7fb5f86a3a9d5f17be4eBob Halley lame-ttl 600;\n\
03dd96d177e4ed6771be7fb5f86a3a9d5f17be4eBob Halley servfail-ttl 10;\n\
03dd96d177e4ed6771be7fb5f86a3a9d5f17be4eBob Halley max-ncache-ttl 10800; /* 3 hours */\n\
03dd96d177e4ed6771be7fb5f86a3a9d5f17be4eBob Halley max-cache-ttl 604800; /* 1 week */\n\
03dd96d177e4ed6771be7fb5f86a3a9d5f17be4eBob Halley transfer-format many-answers;\n\
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein max-cache-size 0;\n\
03dd96d177e4ed6771be7fb5f86a3a9d5f17be4eBob Halley check-names master fail;\n\
03dd96d177e4ed6771be7fb5f86a3a9d5f17be4eBob Halley check-names slave warn;\n\
a829555ed724caa56b1ff7716d7eda2266491eafBob Halley check-names response ignore;\n\
a829555ed724caa56b1ff7716d7eda2266491eafBob Halley check-dup-records warn;\n\
a829555ed724caa56b1ff7716d7eda2266491eafBob Halley check-mx warn;\n\
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley check-spf warn;\n\
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley acache-enable no;\n\
03dd96d177e4ed6771be7fb5f86a3a9d5f17be4eBob Halley acache-cleaning-interval 60;\n\
2f012d936b5ccdf6520c96a4de23721dc58a2221Automatic Updater max-acache-size 16M;\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 dnssec-enable yes;\n\
97f1a75cf072c2cab98b4bc28c4d2491cfcd3086Bob Halley dnssec-validation yes; \n\
97f1a75cf072c2cab98b4bc28c4d2491cfcd3086Bob Halley dnssec-accept-expired no;\n\
97f1a75cf072c2cab98b4bc28c4d2491cfcd3086Bob Halley clients-per-query 10;\n\
97f1a75cf072c2cab98b4bc28c4d2491cfcd3086Bob Halley max-clients-per-query 100;\n\
2f012d936b5ccdf6520c96a4de23721dc58a2221Automatic Updater max-recursion-depth 7;\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 max-recursion-queries 50;\n\
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley zero-no-soa-ttl-cache no;\n\
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley nsec3-test-zone no;\n\
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley allow-new-zones no;\n\
4b87939256ede703385e9cab92d3c58d03c31098Mark Andrews geoip-use-ecs yes;\n\
dd324bd791a766c48d90ce9e43d1ab1446378983Bob Halley" filter-aaaa-on-v4 no;\n\
dd324bd791a766c48d90ce9e43d1ab1446378983Bob Halley filter-aaaa-on-v6 no;\n\
dd324bd791a766c48d90ce9e43d1ab1446378983Bob Halley filter-aaaa { any; };\n\
9cd6d409b78a6f833b681c13a68fbdc7c024fe66David Lawrence" /* zone */\n\
9cd6d409b78a6f833b681c13a68fbdc7c024fe66David Lawrence allow-query {any;};\n\
4b87939256ede703385e9cab92d3c58d03c31098Mark Andrews allow-query-on {any;};\n\
dd324bd791a766c48d90ce9e43d1ab1446378983Bob Halley allow-transfer {any;};\n\
dd324bd791a766c48d90ce9e43d1ab1446378983Bob Halley notify yes;\n\
40f53fa8d9c6a4fc38c0014495e7a42b08f52481David Lawrence# also-notify <none>\n\
dd324bd791a766c48d90ce9e43d1ab1446378983Bob Halley notify-delay 5;\n\
dd324bd791a766c48d90ce9e43d1ab1446378983Bob Halley notify-to-soa no;\n\
dd324bd791a766c48d90ce9e43d1ab1446378983Bob Halley dialup no;\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt# forward <none>\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉# forwarders <none>\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 maintain-ixfr-base no;\n\
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley# max-ixfr-log-size <obsolete>\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt transfer-source *;\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt transfer-source-v6 *;\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt alt-transfer-source *;\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt alt-transfer-source-v6 *;\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 max-transfer-time-in 120;\n\
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley max-transfer-time-out 120;\n\
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley max-transfer-idle-in 60;\n\
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley max-transfer-idle-out 60;\n\
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley max-retry-time 1209600; /* 2 weeks */\n\
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley min-retry-time 500;\n\
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley max-refresh-time 2419200; /* 4 weeks */\n\
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley min-refresh-time 300;\n\
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley multi-master no;\n\
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley dnssec-secure-to-insecure no;\n\
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley sig-validity-interval 30; /* days */\n\
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley sig-signing-nodes 100;\n\
4b87939256ede703385e9cab92d3c58d03c31098Mark Andrews sig-signing-signatures 10;\n\
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley sig-signing-type 65534;\n\
4b87939256ede703385e9cab92d3c58d03c31098Mark Andrews inline-signing no;\n\
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley zone-statistics terse;\n\
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley max-journal-size unlimited;\n\
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley ixfr-from-differences false;\n\
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley check-wildcard yes;\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt check-sibling yes;\n\
a829555ed724caa56b1ff7716d7eda2266491eafBob Halley check-integrity yes;\n\
a829555ed724caa56b1ff7716d7eda2266491eafBob Halley check-mx-cname warn;\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt check-srv-cname warn;\n\
a829555ed724caa56b1ff7716d7eda2266491eafBob Halley zero-no-soa-ttl yes;\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt update-check-ksk yes;\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 serial-update-method increment;\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 dnssec-update-mode maintain;\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 dnssec-dnskey-kskonly no;\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt dnssec-loadkeys-interval 60;\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt try-tcp-refresh yes; /* BIND 8 compat */\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt# Zones in the \"_bind\" view are NOT counted in the count of zones.\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Huntview \"_bind\" chaos {\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt recursion no;\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt notify no;\n\
634a52966f2324e6d5ceda191fd873ba1cfeb936Evan Hunt allow-new-zones no;\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 # Prevent use of this zone in DNS amplified reflection DoS attacks\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 rate-limit {\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 responses-per-second 3;\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 min-table-size 10;\n\
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 zone \"version.bind\" chaos {\n\
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley type master;\n\
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley database \"_builtin version\";\n\
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley zone \"hostname.bind\" chaos {\n\
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley type master;\n\
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley database \"_builtin hostname\";\n\
03dd96d177e4ed6771be7fb5f86a3a9d5f17be4eBob Halley zone \"authors.bind\" chaos {\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt type master;\n\
03dd96d177e4ed6771be7fb5f86a3a9d5f17be4eBob Halley database \"_builtin authors\";\n\
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley zone \"id.server\" chaos {\n\
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley type master;\n\
dd324bd791a766c48d90ce9e43d1ab1446378983Bob Halley database \"_builtin id\";\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt# Default trusted key(s) for builtin DLV support\n\
dd324bd791a766c48d90ce9e43d1ab1446378983Bob Halley# (used if \"dnssec-lookaside auto;\" is set and\n\
d8afbf2f30213b2638a4d77207913db576089c02Michael Sawyer# sysconfdir/bind.keys doesn't exist).\n\
33e482fa3e8befab0d9aaf32ed47b4695e0e6ba3Andreas Gustafsson# BEGIN MANAGED KEYS\n"
dde4382b7fd55c945ef7f4ae5792099ae3a09883Brian Wellington/* Imported from bind.keys.h: */
a6f31a3fd079f37ad0a7c75ef2d50842cd01811cBrian Wellington"# END MANAGED KEYS\n\
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Huntns_config_parsedefaults(cfg_parser_t *parser, cfg_obj_t **conf) {
838f13fbdc513895d1826201a11531dbde9de04aBrian Wellington isc_buffer_init(&b, defaultconf, sizeof(defaultconf) - 1);
838f13fbdc513895d1826201a11531dbde9de04aBrian Wellington isc_buffer_add(&b, sizeof(defaultconf) - 1);
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt return (cfg_parse_buffer(parser, &b, &cfg_type_namedconf, conf));
a6f31a3fd079f37ad0a7c75ef2d50842cd01811cBrian Wellingtonns_config_get(cfg_obj_t const * const *maps, const char *name,
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley for (i = 0;; i++) {
0e58c0998df1ccd1a289b2c3f078e7d03d9331d3Bob Halley if (cfg_map_get(maps[i], name, obj) == ISC_R_SUCCESS)
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halleyns_checknames_get(const cfg_obj_t **maps, const char *which,
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley for (i = 0;; i++) {
96f55bdc736f8559b3a57260db6f0e964c44070dBob Halley * Zone map entry is not a list.
48565891e8f2f8c77b87908b4893f693a08e9ba9Brian Wellington if (checknames != NULL && !cfg_obj_islist(checknames)) {
0d89afffb26d5e53a761fc425dab3dda07c7e191Brian Wellington for (e = cfg_list_first(list); e != NULL; e = cfg_list_next(e))
e47208b6fb724cba7053baee4246b308e35403a2Evan Huntns_config_getclass(const cfg_obj_t *classobj, dns_rdataclass_t defclass,
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Huntns_config_gettype(const cfg_obj_t *typeobj, dns_rdatatype_t deftype,
62f016d5d301713c72a59e83d3ab41170a77f674Mark Andrewsns_config_getzonetype(const cfg_obj_t *zonetypeobj) {
bed86971bf7eb315e9c64f75bba331917f4557cfBob Halley const char *str;
91cd0f93ad34d23e8b09dca337120f64fbe8f0a1Andreas Gustafsson else if (strcasecmp(str, "static-stub") == 0)
bed86971bf7eb315e9c64f75bba331917f4557cfBob Halleyns_config_getiplist(const cfg_obj_t *config, const cfg_obj_t *list,
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 INSIST(addrsp != NULL && *addrsp == NULL);
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 INSIST(dscpsp == NULL || *dscpsp == NULL);
8e7ce54bef167f582c675ac76c373009595578a3Andreas Gustafsson addrlist = cfg_tuple_get(list, "addresses");
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 isc_uint32_t val = cfg_obj_asuint32(portobj);
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 cfg_obj_log(portobj, ns_g_lctx, ISC_LOG_ERROR,
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 } else if (defport != 0)
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 result = ns_config_getport(config, &port);
8e7ce54bef167f582c675ac76c373009595578a3Andreas Gustafsson dscps = isc_mem_get(mctx, count * sizeof(isc_dscp_t));
8e7ce54bef167f582c675ac76c373009595578a3Andreas Gustafsson if (dscpobj != NULL && cfg_obj_isuint32(dscpobj)) {
8e7ce54bef167f582c675ac76c373009595578a3Andreas Gustafsson cfg_obj_log(dscpobj, ns_g_lctx, ISC_LOG_ERROR,
8e7ce54bef167f582c675ac76c373009595578a3Andreas Gustafsson "dscp value '%u' is out of range",
6da7c87a77ecfd9ccce36f96b4ccd20e1b9cccf1Tatuya JINMEI 神明達哉 dscp = (isc_dscp_t)cfg_obj_asuint32(dscpobj);
8e7ce54bef167f582c675ac76c373009595578a3Andreas Gustafsson addrs = isc_mem_get(mctx, count * sizeof(isc_sockaddr_t));
6da7c87a77ecfd9ccce36f96b4ccd20e1b9cccf1Tatuya JINMEI 神明達哉 if (isc_sockaddr_getport(&addrs[i]) == 0)
8e7ce54bef167f582c675ac76c373009595578a3Andreas Gustafssonns_config_putiplist(isc_mem_t *mctx, isc_sockaddr_t **addrsp,
8e7ce54bef167f582c675ac76c373009595578a3Andreas Gustafsson INSIST(addrsp != NULL && *addrsp != NULL);
8e7ce54bef167f582c675ac76c373009595578a3Andreas Gustafsson INSIST(dscpsp == NULL || *dscpsp != NULL);
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein isc_mem_put(mctx, *addrsp, count * sizeof(isc_sockaddr_t));
8e7ce54bef167f582c675ac76c373009595578a3Andreas Gustafsson isc_mem_put(mctx, *dscpsp, count * sizeof(isc_dscp_t));
1d90a73d6d0aa3f82c7e8d638e0013c331835eedAndreas Gustafssonget_masters_def(const cfg_obj_t *cctx, const char *name,
8e7ce54bef167f582c675ac76c373009595578a3Andreas Gustafsson result = cfg_map_get(cctx, "masters", &masters);
8e7ce54bef167f582c675ac76c373009595578a3Andreas Gustafsson listname = cfg_obj_asstring(cfg_tuple_get(list, "name"));
8e7ce54bef167f582c675ac76c373009595578a3Andreas Gustafssonns_config_getipandkeylist(const cfg_obj_t *config, const cfg_obj_t *list,
8e7ce54bef167f582c675ac76c373009595578a3Andreas Gustafsson isc_mem_t *mctx, isc_sockaddr_t **addrsp,
8e7ce54bef167f582c675ac76c373009595578a3Andreas Gustafsson isc_dscp_t **dscpsp, dns_name_t ***keysp,
6da7c87a77ecfd9ccce36f96b4ccd20e1b9cccf1Tatuya JINMEI 神明達哉 isc_uint32_t addrcount = 0, dscpcount = 0, keycount = 0, i = 0;
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 REQUIRE(dscpsp != NULL && *dscpsp == NULL);
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 REQUIRE(keysp != NULL && *keysp == NULL);
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 isc_uint32_t val = cfg_obj_asuint32(portobj);
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 result = ns_config_getport(config, &port);
bed86971bf7eb315e9c64f75bba331917f4557cfBob Halley if (dscpobj != NULL && cfg_obj_isuint32(dscpobj)) {
40f53fa8d9c6a4fc38c0014495e7a42b08f52481David Lawrence cfg_obj_log(dscpobj, ns_g_lctx, ISC_LOG_ERROR,
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 "dscp value '%u' is out of range",
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt const char *keystr;
bed86971bf7eb315e9c64f75bba331917f4557cfBob Halley "masterselement");
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 key = cfg_tuple_get(cfg_listelt_value(element), "key");
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt /* Grow lists? */
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt for (j = 0; j < l; j++)
e8336c458cca9289f34dc5cb58fc0b5769502649David Lawrence if (strcasecmp(lists[j].name, listname) == 0)
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt tresult = get_masters_def(config, listname, &list);
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt /* Grow stack? */
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt * We want to resume processing this list on the
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt * next element.
1831311ac6179951c8fcca75aa29dc2f5c0218b9Francis Dupont oldsize = addrcount * sizeof(isc_sockaddr_t);
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 if (isc_sockaddr_getport(&addrs[i]) == 0)
4b87939256ede703385e9cab92d3c58d03c31098Mark Andrews i++; /* Increment here so that cleanup on error works. */
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 keys[i - 1] = isc_mem_get(mctx, sizeof(dns_name_t));
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 isc_buffer_constinit(&b, keystr, strlen(keystr));
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 result = dns_name_fromtext(dns_fixedname_name(&fname), &b,
a829555ed724caa56b1ff7716d7eda2266491eafBob Halley result = dns_name_dup(dns_fixedname_name(&fname), mctx,
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt if (i != 0) {
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt if (i != 0) {
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 oldsize = keycount * sizeof(dns_name_t *);
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt if (i != 0) {
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 isc_mem_put(mctx, lists, listcount * sizeof(*lists));
97f1a75cf072c2cab98b4bc28c4d2491cfcd3086Bob Halley isc_mem_put(mctx, stack, stackcount * sizeof(*stack));
97f1a75cf072c2cab98b4bc28c4d2491cfcd3086Bob Halley isc_mem_put(mctx, addrs, addrcount * sizeof(isc_sockaddr_t));
97f1a75cf072c2cab98b4bc28c4d2491cfcd3086Bob Halley isc_mem_put(mctx, dscps, dscpcount * sizeof(isc_dscp_t));
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 for (j = 0; j < i; j++) {
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 isc_mem_put(mctx, keys[j], sizeof(dns_name_t));
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt isc_mem_put(mctx, keys, keycount * sizeof(dns_name_t *));
97f1a75cf072c2cab98b4bc28c4d2491cfcd3086Bob Halley isc_mem_put(mctx, lists, listcount * sizeof(*lists));
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt isc_mem_put(mctx, stack, stackcount * sizeof(*stack));
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Huntns_config_putipandkeylist(isc_mem_t *mctx, isc_sockaddr_t **addrsp,
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt unsigned int i;
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 REQUIRE(dscpsp == NULL || *dscpsp != NULL);
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt isc_mem_put(mctx, *addrsp, count * sizeof(isc_sockaddr_t));
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt isc_mem_put(mctx, *dscpsp, count * sizeof(isc_dscp_t));
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt for (i = 0; i < count; i++) {
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt isc_mem_put(mctx, *keysp, count * sizeof(dns_name_t *));
97f1a75cf072c2cab98b4bc28c4d2491cfcd3086Bob Halleyns_config_getport(const cfg_obj_t *config, in_port_t *portp) {
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 (void)cfg_map_get(config, "options", &options);
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 result = ns_config_get(maps, "port", &portobj);
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 if (cfg_obj_asuint32(portobj) >= ISC_UINT16_MAX) {
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 cfg_obj_log(portobj, ns_g_lctx, ISC_LOG_ERROR,
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 "port '%u' out of range",
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 *portp = (in_port_t)cfg_obj_asuint32(portobj);
1b32bc7da1da9059abd68d6dd15b23e8a442afa3Brian Wellingtonns_config_getdscp(const cfg_obj_t *config, isc_dscp_t *dscpp) {
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 (void)cfg_map_get(config, "options", &options);
1b32bc7da1da9059abd68d6dd15b23e8a442afa3Brian Wellington result = cfg_map_get(options, "dscp", &dscpobj);
1b32bc7da1da9059abd68d6dd15b23e8a442afa3Brian Wellington if (result != ISC_R_SUCCESS || dscpobj == NULL) {
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 "dscp '%u' out of range",
1b32bc7da1da9059abd68d6dd15b23e8a442afa3Brian Wellington *dscpp = (isc_dscp_t)cfg_obj_asuint32(dscpobj);
1b32bc7da1da9059abd68d6dd15b23e8a442afa3Brian Wellington enum { hmacnone, hmacmd5, hmacsha1, hmacsha224,
1b32bc7da1da9059abd68d6dd15b23e8a442afa3Brian Wellington unsigned int type;
1b32bc7da1da9059abd68d6dd15b23e8a442afa3Brian Wellington { "hmac-md5", hmacmd5, DST_ALG_HMACMD5, 128 },
1b32bc7da1da9059abd68d6dd15b23e8a442afa3Brian Wellington { "hmac-md5.sig-alg.reg.int", hmacmd5, DST_ALG_HMACMD5, 0 },
0d89afffb26d5e53a761fc425dab3dda07c7e191Brian Wellington { "hmac-md5.sig-alg.reg.int.", hmacmd5, DST_ALG_HMACMD5, 0 },
1b32bc7da1da9059abd68d6dd15b23e8a442afa3Brian Wellington { "hmac-sha1", hmacsha1, DST_ALG_HMACSHA1, 160 },
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 { "hmac-sha224", hmacsha224, DST_ALG_HMACSHA224, 224 },
b99bfa184bc9375421b5df915eea7dfac6a68a99Evan Hunt { "hmac-sha256", hmacsha256, DST_ALG_HMACSHA256, 256 },
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 { "hmac-sha384", hmacsha384, DST_ALG_HMACSHA384, 384 },
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 { "hmac-sha512", hmacsha512, DST_ALG_HMACSHA512, 512 },
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉ns_config_getkeyalgorithm(const char *str, dns_name_t **name,
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 return (ns_config_getkeyalgorithm2(str, name, NULL, digestbits));
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉ns_config_getkeyalgorithm2(const char *str, dns_name_t **name,
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 unsigned int *typep, isc_uint16_t *digestbits)
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 for (i = 0; algorithms[i].str != NULL; i++) {
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 if (strncasecmp(algorithms[i].str, str, len) == 0 &&
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 (algorithms[i].size != 0 && str[len] == '-')))
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 result = isc_parse_uint16(&bits, str + len + 1, 10);
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 case hmacmd5: *name = dns_tsig_hmacmd5_name; break;
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 case hmacsha1: *name = dns_tsig_hmacsha1_name; break;
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 case hmacsha224: *name = dns_tsig_hmacsha224_name; break;
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 case hmacsha256: *name = dns_tsig_hmacsha256_name; break;
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉 case hmacsha384: *name = dns_tsig_hmacsha384_name; break;