zoneconf.c revision 0015ab097438e041197b19b9de2ba48f6bfd1c6c
9e6de65c57eddc3790badaad3b9481aaaed18e03Brian Wellington/*
70e5a7403f0e0a3bd292b8287c5fed5772c15270Automatic Updater * Copyright (C) 1999-2001 Internet Software Consortium.
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews *
40f53fa8d9c6a4fc38c0014495e7a42b08f52481David Lawrence * Permission to use, copy, modify, and distribute this software for any
ec5347e2c775f027573ce5648b910361aa926c01Automatic Updater * purpose with or without fee is hereby granted, provided that the above
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence * copyright notice and this permission notice appear in all copies.
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence *
40f53fa8d9c6a4fc38c0014495e7a42b08f52481David Lawrence * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence */
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence
5497de6931b5ac26f65c2343b0318614f73933baMark Andrews/* $Id: zoneconf.c,v 1.84 2001/03/05 12:04:46 tale Exp $ */
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein#include <config.h>
d09197467bbb156dccf0cbe72bb5c63480d5cfdcDavid Lawrence
d09197467bbb156dccf0cbe72bb5c63480d5cfdcDavid Lawrence#include <isc/buffer.h>
d09197467bbb156dccf0cbe72bb5c63480d5cfdcDavid Lawrence#include <isc/mem.h>
64ba6e4cc3a0ccf8c8c6349fa75b937ca9bad9a6Michael Graff#include <isc/string.h> /* Required for HP/UX (and others?) */
64ba6e4cc3a0ccf8c8c6349fa75b937ca9bad9a6Michael Graff#include <isc/util.h>
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence
a03848252fa85734ca75beae3d0b01bb503c0a8bMark Andrews#include <dns/acl.h>
dd57718608494835363244429432599aa15124a3Andreas Gustafsson#include <dns/fixedname.h>
5597be9bb88de138dfec9fa9176708443813925eTatuya JINMEI 神明達哉#include <dns/log.h>
092b4e5359c5982a438e36ced3dbefc313f7fbfcDavid Lawrence#include <dns/name.h>
82a1986c04057804edf670bf5d59f716785af789Bob Halley#include <dns/rdatatype.h>
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence#include <dns/ssu.h>
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein#include <dns/zone.h>
891a1bead8d02d29eb7b4993d7c0975047b0963dDavid Lawrence
891a1bead8d02d29eb7b4993d7c0975047b0963dDavid Lawrence#include <named/config.h>
891a1bead8d02d29eb7b4993d7c0975047b0963dDavid Lawrence#include <named/globals.h>
891a1bead8d02d29eb7b4993d7c0975047b0963dDavid Lawrence#include <named/log.h>
891a1bead8d02d29eb7b4993d7c0975047b0963dDavid Lawrence#include <named/zoneconf.h>
891a1bead8d02d29eb7b4993d7c0975047b0963dDavid Lawrence
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff/*
73d62a89f1493865c33c689b3ee3de91c74ad58eDavid Lawrence * These are BIND9 server defaults, not necessarily identical to the
73d62a89f1493865c33c689b3ee3de91c74ad58eDavid Lawrence * library defaults defined in zone.c.
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence */
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff#define RETERR(x) do { \
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff isc_result_t _r = (x); \
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence if (_r != ISC_R_SUCCESS) \
c80dde0676a7f36f65e0ad8d646bf505705fe64bDavid Lawrence return (_r); \
1a69a1a78cfaa86f3b68bbc965232b7876d4da2aDavid Lawrence } while (0)
1a69a1a78cfaa86f3b68bbc965232b7876d4da2aDavid Lawrence
1a69a1a78cfaa86f3b68bbc965232b7876d4da2aDavid Lawrence/*
c80dde0676a7f36f65e0ad8d646bf505705fe64bDavid Lawrence * Convenience function for configuring a single zone ACL.
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff */
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graffstatic isc_result_t
33950f0a0262f4d49528c4adcf8be42807fa2576David Lawrenceconfigure_zone_acl(cfg_obj_t *zconfig, cfg_obj_t *vconfig, cfg_obj_t *config,
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff const char *aclname, ns_aclconfctx_t *actx,
b65f2ab14abb4b6ef906d7d02064fba158f07b1eDavid Lawrence dns_zone_t *zone,
b65f2ab14abb4b6ef906d7d02064fba158f07b1eDavid Lawrence void (*setzacl)(dns_zone_t *, dns_acl_t *),
b65f2ab14abb4b6ef906d7d02064fba158f07b1eDavid Lawrence void (*clearzacl)(dns_zone_t *))
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff{
b65f2ab14abb4b6ef906d7d02064fba158f07b1eDavid Lawrence isc_result_t result;
b65f2ab14abb4b6ef906d7d02064fba158f07b1eDavid Lawrence cfg_obj_t *maps[4];
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence cfg_obj_t *aclobj = NULL;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff int i = 0;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_acl_t *dacl = NULL;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff if (zconfig != NULL)
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff maps[i++] = cfg_tuple_get(zconfig, "options");
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff if (vconfig != NULL)
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff maps[i++] = cfg_tuple_get(vconfig, "options");
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff if (config != NULL) {
0f5962ac3e4ef336faff68f1cb838505e64665e5David Lawrence cfg_obj_t *options = NULL;
0f5962ac3e4ef336faff68f1cb838505e64665e5David Lawrence (void)cfg_map_get(config, "options", &options);
0f5962ac3e4ef336faff68f1cb838505e64665e5David Lawrence if (options != NULL)
0f5962ac3e4ef336faff68f1cb838505e64665e5David Lawrence maps[i++] = options;
0f5962ac3e4ef336faff68f1cb838505e64665e5David Lawrence }
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein maps[i] = NULL;
f036af2c718147408d738081cdb0a564b981b4cdDavid Lawrence
f036af2c718147408d738081cdb0a564b981b4cdDavid Lawrence result = ns_config_get(maps, aclname, &aclobj);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff if (aclobj == NULL) {
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff (*clearzacl)(zone);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff return (ISC_R_SUCCESS);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff }
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff result = ns_acl_fromconfig(aclobj, config, actx,
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_zone_getmctx(zone), &dacl);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff if (result != ISC_R_SUCCESS)
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff return (result);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff (*setzacl)(zone, dacl);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_acl_detach(&dacl);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff return (ISC_R_SUCCESS);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff}
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
f036af2c718147408d738081cdb0a564b981b4cdDavid Lawrence/*
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein * Parse the zone update-policy statement.
f036af2c718147408d738081cdb0a564b981b4cdDavid Lawrence */
f036af2c718147408d738081cdb0a564b981b4cdDavid Lawrencestatic isc_result_t
f036af2c718147408d738081cdb0a564b981b4cdDavid Lawrenceconfigure_zone_ssutable(cfg_obj_t *zconfig, dns_zone_t *zone) {
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff cfg_obj_t *updatepolicy = NULL;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff cfg_listelt_t *element, *element2;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_ssutable_t *table = NULL;
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence isc_mem_t *mctx = dns_zone_getmctx(zone);
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein isc_result_t result;
f036af2c718147408d738081cdb0a564b981b4cdDavid Lawrence
f036af2c718147408d738081cdb0a564b981b4cdDavid Lawrence (void)cfg_map_get(zconfig, "update-policy", &updatepolicy);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff if (updatepolicy == NULL)
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff return (ISC_R_SUCCESS);
f036af2c718147408d738081cdb0a564b981b4cdDavid Lawrence
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff result = dns_ssutable_create(mctx, &table);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff if (result != ISC_R_SUCCESS)
f036af2c718147408d738081cdb0a564b981b4cdDavid Lawrence return (result);
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein
f036af2c718147408d738081cdb0a564b981b4cdDavid Lawrence for (element = cfg_list_first(updatepolicy);
f036af2c718147408d738081cdb0a564b981b4cdDavid Lawrence element != NULL;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff element = cfg_list_next(element))
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff {
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff cfg_obj_t *stmt = cfg_listelt_value(element);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff cfg_obj_t *mode = cfg_tuple_get(stmt, "mode");
0f5962ac3e4ef336faff68f1cb838505e64665e5David Lawrence cfg_obj_t *identity = cfg_tuple_get(stmt, "identity");
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein cfg_obj_t *matchtype = cfg_tuple_get(stmt, "matchtype");
33950f0a0262f4d49528c4adcf8be42807fa2576David Lawrence cfg_obj_t *dname = cfg_tuple_get(stmt, "name");
b65f2ab14abb4b6ef906d7d02064fba158f07b1eDavid Lawrence cfg_obj_t *typelist = cfg_tuple_get(stmt, "types");
b65f2ab14abb4b6ef906d7d02064fba158f07b1eDavid Lawrence char *str;
b65f2ab14abb4b6ef906d7d02064fba158f07b1eDavid Lawrence isc_boolean_t grant = ISC_FALSE;
b65f2ab14abb4b6ef906d7d02064fba158f07b1eDavid Lawrence unsigned int mtype = DNS_SSUMATCHTYPE_NAME;
33950f0a0262f4d49528c4adcf8be42807fa2576David Lawrence dns_fixedname_t fname, fident;
f036af2c718147408d738081cdb0a564b981b4cdDavid Lawrence isc_buffer_t b;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_rdatatype_t *types;
1630fce031f7a3e33f0579e477a3e17d1993e1f9Bob Halley unsigned int i, n;
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein
1630fce031f7a3e33f0579e477a3e17d1993e1f9Bob Halley str = cfg_obj_asstring(mode);
1630fce031f7a3e33f0579e477a3e17d1993e1f9Bob Halley if (strcasecmp(str, "grant") == 0)
1630fce031f7a3e33f0579e477a3e17d1993e1f9Bob Halley grant = ISC_TRUE;
1630fce031f7a3e33f0579e477a3e17d1993e1f9Bob Halley else if (strcasecmp(str, "deny") == 0)
1630fce031f7a3e33f0579e477a3e17d1993e1f9Bob Halley grant = ISC_FALSE;
1630fce031f7a3e33f0579e477a3e17d1993e1f9Bob Halley else
1630fce031f7a3e33f0579e477a3e17d1993e1f9Bob Halley INSIST(0);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff str = cfg_obj_asstring(matchtype);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff if (strcasecmp(str, "name") == 0)
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff mtype = DNS_SSUMATCHTYPE_NAME;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff else if (strcasecmp(str, "subdomain") == 0)
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff mtype = DNS_SSUMATCHTYPE_SUBDOMAIN;
1630fce031f7a3e33f0579e477a3e17d1993e1f9Bob Halley else if (strcasecmp(str, "wildcard") == 0)
1630fce031f7a3e33f0579e477a3e17d1993e1f9Bob Halley mtype = DNS_SSUMATCHTYPE_WILDCARD;
7554feaef6057f5ea2926076900ac7634b911456Mark Andrews else if (strcasecmp(str, "self") == 0)
7554feaef6057f5ea2926076900ac7634b911456Mark Andrews mtype = DNS_SSUMATCHTYPE_SELF;
7554feaef6057f5ea2926076900ac7634b911456Mark Andrews else
7554feaef6057f5ea2926076900ac7634b911456Mark Andrews INSIST(0);
7554feaef6057f5ea2926076900ac7634b911456Mark Andrews
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence dns_fixedname_init(&fident);
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence str = cfg_obj_asstring(identity);
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence isc_buffer_init(&b, str, strlen(str));
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence isc_buffer_add(&b, strlen(str));
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence result = dns_name_fromtext(dns_fixedname_name(&fident), &b,
bd1190c84b08e61a12789c54f083318c36449e5eDavid Lawrence dns_rootname, ISC_FALSE, NULL);
40f53fa8d9c6a4fc38c0014495e7a42b08f52481David Lawrence if (result != ISC_R_SUCCESS) {
73d62a89f1493865c33c689b3ee3de91c74ad58eDavid Lawrence cfg_obj_log(identity, ns_g_lctx, ISC_LOG_ERROR,
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff "'%s' is not a valid name", str);
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence goto cleanup;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff }
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_fixedname_init(&fname);
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence str = cfg_obj_asstring(dname);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff isc_buffer_init(&b, str, strlen(str));
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence isc_buffer_add(&b, strlen(str));
401fc772b1bf058a981e3c474fa6502f6ee0e2bfDavid Lawrence result = dns_name_fromtext(dns_fixedname_name(&fname), &b,
401fc772b1bf058a981e3c474fa6502f6ee0e2bfDavid Lawrence dns_rootname, ISC_FALSE, NULL);
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence if (result != ISC_R_SUCCESS) {
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence cfg_obj_log(identity, ns_g_lctx, ISC_LOG_ERROR,
b65f2ab14abb4b6ef906d7d02064fba158f07b1eDavid Lawrence "'%s' is not a valid name", str);
b65f2ab14abb4b6ef906d7d02064fba158f07b1eDavid Lawrence goto cleanup;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff }
b65f2ab14abb4b6ef906d7d02064fba158f07b1eDavid Lawrence
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff n = ns_config_listcount(typelist);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff if (n == 0)
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff types = NULL;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff else {
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff types = isc_mem_get(mctx, n * sizeof(dns_rdatatype_t));
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff if (types == NULL) {
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff result = ISC_R_NOMEMORY;
b65f2ab14abb4b6ef906d7d02064fba158f07b1eDavid Lawrence goto cleanup;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff }
b65f2ab14abb4b6ef906d7d02064fba158f07b1eDavid Lawrence }
b65f2ab14abb4b6ef906d7d02064fba158f07b1eDavid Lawrence
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence i = 0;
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence for (element2 = cfg_list_first(typelist);
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence element2 != NULL;
092b4e5359c5982a438e36ced3dbefc313f7fbfcDavid Lawrence element2 = cfg_list_next(element2))
092b4e5359c5982a438e36ced3dbefc313f7fbfcDavid Lawrence {
a09c545af1ceb8eb6f3aa2bb6fae286208a72141David Lawrence cfg_obj_t *typeobj;
08e57545c2b1068080f5bf317224160426801406Brian Wellington isc_textregion_t r;
7554feaef6057f5ea2926076900ac7634b911456Mark Andrews
40e7c805a8f38ad9b20dd6c688496fc09fc971c2Mark Andrews INSIST(i < n);
092b4e5359c5982a438e36ced3dbefc313f7fbfcDavid Lawrence
b65f2ab14abb4b6ef906d7d02064fba158f07b1eDavid Lawrence typeobj = cfg_listelt_value(element2);
08e57545c2b1068080f5bf317224160426801406Brian Wellington str = cfg_obj_asstring(typeobj);
40e7c805a8f38ad9b20dd6c688496fc09fc971c2Mark Andrews r.base = str;
08e57545c2b1068080f5bf317224160426801406Brian Wellington r.length = strlen(str);
08e57545c2b1068080f5bf317224160426801406Brian Wellington
0f5962ac3e4ef336faff68f1cb838505e64665e5David Lawrence result = dns_rdatatype_fromtext(&types[i++], &r);
092b4e5359c5982a438e36ced3dbefc313f7fbfcDavid Lawrence if (result != ISC_R_SUCCESS) {
092b4e5359c5982a438e36ced3dbefc313f7fbfcDavid Lawrence cfg_obj_log(identity, ns_g_lctx, ISC_LOG_ERROR,
092b4e5359c5982a438e36ced3dbefc313f7fbfcDavid Lawrence "'%s' is not a valid type", str);
092b4e5359c5982a438e36ced3dbefc313f7fbfcDavid Lawrence isc_mem_put(mctx, types,
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence n * sizeof(dns_rdatatype_t));
092b4e5359c5982a438e36ced3dbefc313f7fbfcDavid Lawrence goto cleanup;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff }
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff }
092b4e5359c5982a438e36ced3dbefc313f7fbfcDavid Lawrence INSIST(i == n);
092b4e5359c5982a438e36ced3dbefc313f7fbfcDavid Lawrence
03052a178cb33b7d62ada0e34f1974e22bb98023David Lawrence result = dns_ssutable_addrule(table, grant,
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence dns_fixedname_name(&fident),
a03848252fa85734ca75beae3d0b01bb503c0a8bMark Andrews mtype,
092b4e5359c5982a438e36ced3dbefc313f7fbfcDavid Lawrence dns_fixedname_name(&fname),
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence n, types);
a03848252fa85734ca75beae3d0b01bb503c0a8bMark Andrews if (types != NULL)
40e7c805a8f38ad9b20dd6c688496fc09fc971c2Mark Andrews isc_mem_put(mctx, types, n * sizeof(dns_rdatatype_t));
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff if (result != ISC_R_SUCCESS) {
a03848252fa85734ca75beae3d0b01bb503c0a8bMark Andrews goto cleanup;
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence }
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence }
3ddd814a97de1d152ba0913c592d6e6dc83d38a6Michael Graff
037b732f88edc943f3141e0342dc993156e3abf3Mark Andrews result = ISC_R_SUCCESS;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_zone_setssutable(zone, table);
1630fce031f7a3e33f0579e477a3e17d1993e1f9Bob Halley
7554feaef6057f5ea2926076900ac7634b911456Mark Andrews cleanup:
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_ssutable_detach(&table);
7554feaef6057f5ea2926076900ac7634b911456Mark Andrews return (result);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff}
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff/*
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff * Convert a config file zone type into a server zone type.
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff */
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graffstatic inline dns_zonetype_t
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graffzonetype_fromconfig(cfg_obj_t *map) {
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff cfg_obj_t *obj = NULL;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff isc_result_t result;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff result = cfg_map_get(map, "type", &obj);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff INSIST(result == ISC_R_SUCCESS);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff return (ns_config_getzonetype(obj));
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff}
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff/*
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff * Helper function for strtoargv(). Pardon the gratuitous recursion.
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff */
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graffstatic isc_result_t
7554feaef6057f5ea2926076900ac7634b911456Mark Andrewsstrtoargvsub(isc_mem_t *mctx, char *s, unsigned int *argcp,
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff char ***argvp, unsigned int n)
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff{
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff isc_result_t result;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff /* Discard leading whitespace. */
7554feaef6057f5ea2926076900ac7634b911456Mark Andrews while (*s == ' ' || *s == '\t')
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence s++;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff if (*s == '\0') {
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff /* We have reached the end of the string. */
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence *argcp = n;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff *argvp = isc_mem_get(mctx, n * sizeof(char *));
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence if (*argvp == NULL)
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence return (ISC_R_NOMEMORY);
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence } else {
bd1190c84b08e61a12789c54f083318c36449e5eDavid Lawrence char *p = s;
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence while (*p != ' ' && *p != '\t' && *p != '\0')
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence p++;
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence if (*p != '\0')
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff *p++ = '\0';
a03848252fa85734ca75beae3d0b01bb503c0a8bMark Andrews
a03848252fa85734ca75beae3d0b01bb503c0a8bMark Andrews result = strtoargvsub(mctx, p, argcp, argvp, n + 1);
a03848252fa85734ca75beae3d0b01bb503c0a8bMark Andrews if (result != ISC_R_SUCCESS)
a03848252fa85734ca75beae3d0b01bb503c0a8bMark Andrews return (result);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff (*argvp)[n] = s;
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence }
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff return (ISC_R_SUCCESS);
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence}
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence/*
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff * Tokenize the string "s" into whitespace-separated words,
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff * return the number of words in '*argcp' and an array
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff * of pointers to the words in '*argvp'. The caller
73d62a89f1493865c33c689b3ee3de91c74ad58eDavid Lawrence * must free the array using isc_mem_put(). The string
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff * is modified in-place.
83e6eb0dfe7d3525dcf093f440e04e8971c4c5d2Brian Wellington */
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graffstatic isc_result_t
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graffstrtoargv(isc_mem_t *mctx, char *s, unsigned int *argcp, char ***argvp) {
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff return (strtoargvsub(mctx, s, argcp, argvp, 0));
b65f2ab14abb4b6ef906d7d02064fba158f07b1eDavid Lawrence}
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrenceisc_result_t
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graffns_zone_configure(cfg_obj_t *config, cfg_obj_t *vconfig, cfg_obj_t *zconfig,
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff ns_aclconfctx_t *ac, dns_zone_t *zone)
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff{
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence isc_result_t result;
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence char *zname;
83e6eb0dfe7d3525dcf093f440e04e8971c4c5d2Brian Wellington dns_rdataclass_t zclass;
83e6eb0dfe7d3525dcf093f440e04e8971c4c5d2Brian Wellington cfg_obj_t *maps[5];
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff cfg_obj_t *zoptions = NULL;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff cfg_obj_t *options = NULL;
83e6eb0dfe7d3525dcf093f440e04e8971c4c5d2Brian Wellington cfg_obj_t *obj;
83e6eb0dfe7d3525dcf093f440e04e8971c4c5d2Brian Wellington const char *filename = NULL;
3ddd814a97de1d152ba0913c592d6e6dc83d38a6Michael Graff dns_notifytype_t notifytype = dns_notifytype_yes;
ec80744ad68b97f15657b1fdf5591c30b559b57dDavid Lawrence isc_sockaddr_t *addrs;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_name_t **keynames;
ec80744ad68b97f15657b1fdf5591c30b559b57dDavid Lawrence isc_uint32_t count;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff char *cpval;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff unsigned int dbargc;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff char **dbargv;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff static char default_dbtype[] = "rbt";
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff isc_mem_t *mctx = dns_zone_getmctx(zone);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_dialuptype_t dialup = dns_notifytype_no;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_zonetype_t ztype;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff int i;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff i = 0;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff if (zconfig != NULL) {
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff zoptions = cfg_tuple_get(zconfig, "options");
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff maps[i++] = zoptions;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff }
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff if (vconfig != NULL)
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff maps[i++] = cfg_tuple_get(vconfig, "options");
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff if (config != NULL) {
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff (void)cfg_map_get(config, "options", &options);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff if (options != NULL)
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff maps[i++] = options;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff }
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff maps[i++] = ns_g_defaults;
ec80744ad68b97f15657b1fdf5591c30b559b57dDavid Lawrence maps[i++] = NULL;
ec80744ad68b97f15657b1fdf5591c30b559b57dDavid Lawrence /*
3ddd814a97de1d152ba0913c592d6e6dc83d38a6Michael Graff * Configure values common to all zone types.
ec80744ad68b97f15657b1fdf5591c30b559b57dDavid Lawrence */
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff zname = cfg_obj_asstring(cfg_tuple_get(zconfig, "name"));
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff RETERR(ns_config_getclass(cfg_tuple_get(zconfig, "class"), &zclass));
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_zone_setclass(zone, zclass);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff ztype = zonetype_fromconfig(zoptions);
ec80744ad68b97f15657b1fdf5591c30b559b57dDavid Lawrence dns_zone_settype(zone, ztype);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff obj = NULL;
ec80744ad68b97f15657b1fdf5591c30b559b57dDavid Lawrence result = cfg_map_get(zoptions, "database", &obj);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff if (result == ISC_R_SUCCESS)
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff cpval = cfg_obj_asstring(obj);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff else
ec80744ad68b97f15657b1fdf5591c30b559b57dDavid Lawrence cpval = default_dbtype;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff RETERR(strtoargv(mctx, cpval, &dbargc, &dbargv));
ec80744ad68b97f15657b1fdf5591c30b559b57dDavid Lawrence /*
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff * ANSI C is strange here. There is no logical reason why (char **)
ec80744ad68b97f15657b1fdf5591c30b559b57dDavid Lawrence * cannot be promoted automatically to (const char * const *) by the
ec80744ad68b97f15657b1fdf5591c30b559b57dDavid Lawrence * compiler w/o generating a warning.
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence */
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence RETERR(dns_zone_setdbtype(zone, dbargc, (const char * const *)dbargv));
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence isc_mem_put(mctx, dbargv, dbargc * sizeof(*dbargv));
f389bc2c9e9e434380e10221778b7b548612a67fDavid Lawrence
3ddd814a97de1d152ba0913c592d6e6dc83d38a6Michael Graff obj = NULL;
0f5962ac3e4ef336faff68f1cb838505e64665e5David Lawrence result = cfg_map_get(zoptions, "file", &obj);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff if (result == ISC_R_SUCCESS)
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff filename = cfg_obj_asstring(obj);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff RETERR(dns_zone_setfile(zone, filename));
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff if (ztype == dns_zone_slave)
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff RETERR(configure_zone_acl(zconfig, vconfig, config,
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff "allow-notify", ac, zone,
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_zone_setnotifyacl,
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_zone_clearnotifyacl));
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff /*
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff * XXXAG This probably does not make sense for stubs.
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff */
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff RETERR(configure_zone_acl(zconfig, vconfig, config,
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff "allow-query", ac, zone,
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_zone_setqueryacl,
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_zone_clearqueryacl));
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff obj = NULL;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff result = ns_config_get(maps, "dialup", &obj);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff INSIST(result == ISC_R_SUCCESS);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff if (cfg_obj_isboolean(obj)) {
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff if (cfg_obj_asboolean(obj))
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dialup = dns_dialuptype_yes;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff else
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dialup = dns_dialuptype_no;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff } else {
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff char *dialupstr = cfg_obj_asstring(obj);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff if (strcasecmp(dialupstr, "notify") == 0)
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dialup = dns_dialuptype_notify;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff else if (strcasecmp(dialupstr, "notify-passive") == 0)
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dialup = dns_dialuptype_notifypassive;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff else if (strcasecmp(dialupstr, "refresh") == 0)
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dialup = dns_dialuptype_refresh;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff else if (strcasecmp(dialupstr, "passive") == 0)
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dialup = dns_dialuptype_passive;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff else
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff INSIST(0);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff }
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_zone_setdialup(zone, dialup);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff obj = NULL;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff result = ns_config_get(maps, "zone-statistics", &obj);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff INSIST(result == ISC_R_SUCCESS);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_zone_setstatistics(zone, cfg_obj_asboolean(obj));
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff /*
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff * Configure master functionality. This applies
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff * to primary masters (type "master") and slaves
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff * acting as masters (type "slave"), but not to stubs.
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff */
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff if (ztype != dns_zone_stub) {
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff obj = NULL;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff result = ns_config_get(maps, "notify", &obj);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff INSIST(result == ISC_R_SUCCESS);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff if (cfg_obj_isboolean(obj)) {
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff if (cfg_obj_asboolean(obj))
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff notifytype = dns_notifytype_yes;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff else
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff notifytype = dns_notifytype_no;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff } else {
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff char *notifystr = cfg_obj_asstring(obj);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff if (strcasecmp(notifystr, "explicit") == 0)
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff notifytype = dns_notifytype_explicit;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff else
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff INSIST(0);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff }
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_zone_setnotifytype(zone, notifytype);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff obj = NULL;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff result = ns_config_get(maps, "also-notify", &obj);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff if (result == ISC_R_SUCCESS) {
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff isc_sockaddr_t *addrs = NULL;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff isc_uint32_t addrcount;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff result = ns_config_getiplist(config, obj, 0, mctx,
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff &addrs, &addrcount);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff if (result != ISC_R_SUCCESS)
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff return (result);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff result = dns_zone_setalsonotify(zone, addrs,
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff addrcount);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff ns_config_putiplist(mctx, &addrs, addrcount);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff if (result != ISC_R_SUCCESS)
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff return (result);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff } else
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff RETERR(dns_zone_setalsonotify(zone, NULL, 0));
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff obj = NULL;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff result = ns_config_get(maps, "notify-source", &obj);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff INSIST(result == ISC_R_SUCCESS);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_zone_setnotifysrc4(zone, cfg_obj_assockaddr(obj));
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff obj = NULL;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff result = ns_config_get(maps, "notify-source-v6", &obj);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff INSIST(result == ISC_R_SUCCESS);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_zone_setnotifysrc6(zone, cfg_obj_assockaddr(obj));
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff RETERR(configure_zone_acl(zconfig, vconfig, config,
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff "allow-transfer", ac, zone,
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_zone_setxfracl,
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_zone_clearxfracl));
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff obj = NULL;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff result = ns_config_get(maps, "max-transfer-time-out", &obj);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff INSIST(result == ISC_R_SUCCESS);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_zone_setmaxxfrout(zone, cfg_obj_asuint32(obj));
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff obj = NULL;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff result = ns_config_get(maps, "max-transfer-idle-out", &obj);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff INSIST(result == ISC_R_SUCCESS);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_zone_setidleout(zone, cfg_obj_asuint32(obj));
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff }
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff /*
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff * Configure update-related options. These apply to
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff * primary masters only.
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff */
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff if (ztype == dns_zone_master) {
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_acl_t *updateacl;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff RETERR(configure_zone_acl(zconfig, NULL, config,
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff "allow-update", ac, zone,
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_zone_setupdateacl,
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_zone_clearupdateacl));
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff updateacl = dns_zone_getupdateacl(zone);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff if (updateacl != NULL && dns_acl_isinsecure(updateacl))
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff isc_log_write(ns_g_lctx, DNS_LOGCATEGORY_SECURITY,
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff NS_LOGMODULE_SERVER, ISC_LOG_WARNING,
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff "zone '%s' allows updates by IP "
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff "address, which is insecure",
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff zname);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff RETERR(configure_zone_ssutable(zoptions, zone));
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff obj = NULL;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff result = ns_config_get(maps, "sig-validity-interval", &obj);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff INSIST(result == ISC_R_SUCCESS);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_zone_setsigvalidityinterval(zone, cfg_obj_asuint32(obj));
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff } else if (ztype == dns_zone_slave) {
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff RETERR(configure_zone_acl(zconfig, NULL, config,
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff "allow-update-forwarding", ac, zone,
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_zone_setforwardacl,
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_zone_clearforwardacl));
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff }
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff obj = NULL;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff result = ns_config_get(maps, "transfer-source", &obj);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff INSIST(result == ISC_R_SUCCESS);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_zone_setxfrsource4(zone, cfg_obj_assockaddr(obj));
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff obj = NULL;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff result = ns_config_get(maps, "transfer-source-v6", &obj);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff INSIST(result == ISC_R_SUCCESS);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_zone_setxfrsource6(zone, cfg_obj_assockaddr(obj));
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff /*
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff * Configure slave functionality.
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff */
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff switch (ztype) {
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff case dns_zone_slave:
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff case dns_zone_stub:
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff obj = NULL;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff result = cfg_map_get(zoptions, "masters", &obj);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff if (obj != NULL) {
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff addrs = NULL;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff keynames = NULL;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff RETERR(ns_config_getipandkeylist(config, obj, mctx,
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff &addrs, &keynames,
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff &count));
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff result = dns_zone_setmasterswithkeys(zone, addrs,
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff keynames, count);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff ns_config_putipandkeylist(mctx, &addrs, &keynames,
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff count);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff } else
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff result = dns_zone_setmasters(zone, NULL, 0);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff RETERR(result);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff obj = NULL;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff result = ns_config_get(maps, "max-transfer-time-in", &obj);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff INSIST(result == ISC_R_SUCCESS);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_zone_setmaxxfrin(zone, cfg_obj_asuint32(obj));
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff obj = NULL;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff result = ns_config_get(maps, "max-transfer-idle-in", &obj);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff INSIST(result == ISC_R_SUCCESS);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_zone_setidlein(zone, cfg_obj_asuint32(obj));
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff obj = NULL;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff result = ns_config_get(maps, "max-refresh-time", &obj);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff INSIST(result == ISC_R_SUCCESS);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_zone_setmaxrefreshtime(zone, cfg_obj_asuint32(obj));
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff obj = NULL;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff result = ns_config_get(maps, "min-refresh-time", &obj);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff INSIST(result == ISC_R_SUCCESS);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_zone_setminrefreshtime(zone, cfg_obj_asuint32(obj));
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff obj = NULL;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff result = ns_config_get(maps, "max-retry-time", &obj);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff INSIST(result == ISC_R_SUCCESS);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_zone_setmaxretrytime(zone, cfg_obj_asuint32(obj));
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff obj = NULL;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff result = ns_config_get(maps, "min-retry-time", &obj);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff INSIST(result == ISC_R_SUCCESS);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff dns_zone_setminretrytime(zone, cfg_obj_asuint32(obj));
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff break;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff default:
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff break;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff }
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff return (ISC_R_SUCCESS);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff}
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graffisc_boolean_t
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graffns_zone_reusable(dns_zone_t *zone, cfg_obj_t *zconfig) {
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff cfg_obj_t *zoptions = NULL;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff cfg_obj_t *obj = NULL;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff const char *cfilename;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff const char *zfilename;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff zoptions = cfg_tuple_get(zconfig, "options");
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff if (zonetype_fromconfig(zoptions) != dns_zone_gettype(zone))
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff return (ISC_FALSE);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff obj = NULL;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff (void)cfg_map_get(zoptions, "file", &obj);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff if (obj != NULL)
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff cfilename = cfg_obj_asstring(obj);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff else
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff cfilename = NULL;
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff zfilename = dns_zone_getfile(zone);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff if (cfilename == NULL || zfilename == NULL ||
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff strcmp(cfilename, zfilename) != 0)
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff return (ISC_FALSE);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff return (ISC_TRUE);
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff}
b239c8294a5653d21876d084e0c5b029f6b9fc5dMichael Graff