zoneconf.c revision 67dc2f0536bcbbfa0970eb2893dcbc1c6713fad4
1633838b8255282d10af15c5c84cee5a51466712Bob Halley/*
7d32c065c7bb56f281651ae3dd2888f32ce4f1d9Bob Halley * Copyright (C) 2004-2011 Internet Systems Consortium, Inc. ("ISC")
1633838b8255282d10af15c5c84cee5a51466712Bob Halley * Copyright (C) 1999-2003 Internet Software Consortium.
1633838b8255282d10af15c5c84cee5a51466712Bob Halley *
1633838b8255282d10af15c5c84cee5a51466712Bob Halley * Permission to use, copy, modify, and/or distribute this software for any
1633838b8255282d10af15c5c84cee5a51466712Bob Halley * purpose with or without fee is hereby granted, provided that the above
1633838b8255282d10af15c5c84cee5a51466712Bob Halley * copyright notice and this permission notice appear in all copies.
1633838b8255282d10af15c5c84cee5a51466712Bob Halley *
1633838b8255282d10af15c5c84cee5a51466712Bob Halley * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
1633838b8255282d10af15c5c84cee5a51466712Bob Halley * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
1633838b8255282d10af15c5c84cee5a51466712Bob Halley * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
1633838b8255282d10af15c5c84cee5a51466712Bob Halley * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
1633838b8255282d10af15c5c84cee5a51466712Bob Halley * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
1633838b8255282d10af15c5c84cee5a51466712Bob Halley * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
1633838b8255282d10af15c5c84cee5a51466712Bob Halley * PERFORMANCE OF THIS SOFTWARE.
1633838b8255282d10af15c5c84cee5a51466712Bob Halley */
d25afd60ee2286cb171c4960a790f3d7041b6f85Bob Halley
d25afd60ee2286cb171c4960a790f3d7041b6f85Bob Halley/* $Id: zoneconf.c,v 1.186 2011/12/20 00:06:54 marka Exp $ */
d25afd60ee2286cb171c4960a790f3d7041b6f85Bob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley/*% */
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley#include <config.h>
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley#include <isc/buffer.h>
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley#include <isc/file.h>
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley#include <isc/mem.h>
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley#include <isc/print.h>
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley#include <isc/stats.h>
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley#include <isc/string.h> /* Required for HP/UX (and others?) */
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley#include <isc/util.h>
9192e92f7d0f4e78385a1d5f9b6607cc5bf0e42aBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley#include <dns/acl.h>
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley#include <dns/db.h>
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley#include <dns/fixedname.h>
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley#include <dns/log.h>
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley#include <dns/name.h>
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley#include <dns/rdata.h>
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley#include <dns/rdatatype.h>
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley#include <dns/rdataset.h>
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley#include <dns/rdatalist.h>
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley#include <dns/result.h>
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley#include <dns/sdlz.h>
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley#include <dns/ssu.h>
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley#include <dns/stats.h>
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley#include <dns/view.h>
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley#include <dns/zone.h>
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley#include <named/client.h>
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley#include <named/config.h>
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley#include <named/globals.h>
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley#include <named/log.h>
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley#include <named/server.h>
cee7525336d4710a64368875d92eb439d4d3efb1Mark Andrews#include <named/zoneconf.h>
cee7525336d4710a64368875d92eb439d4d3efb1Mark Andrews
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley/* ACLs associated with zone */
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halleytypedef enum {
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley allow_notify,
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley allow_query,
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley allow_transfer,
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley allow_update,
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley allow_update_forwarding
ecb6c5782ea248307e86c4bceac6c371d27576a6David Lawrence} acl_type_t;
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley#define RETERR(x) do { \
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley isc_result_t _r = (x); \
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (_r != ISC_R_SUCCESS) \
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley return (_r); \
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley } while (0)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley#define CHECK(x) do { \
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley result = (x); \
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (result != ISC_R_SUCCESS) \
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley goto cleanup; \
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley } while (0)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley/*%
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley * Convenience function for configuring a single zone ACL.
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley */
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halleystatic isc_result_t
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halleyconfigure_zone_acl(const cfg_obj_t *zconfig, const cfg_obj_t *vconfig,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley const cfg_obj_t *config, acl_type_t acltype,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley cfg_aclconfctx_t *actx, dns_zone_t *zone,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley void (*setzacl)(dns_zone_t *, dns_acl_t *),
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley void (*clearzacl)(dns_zone_t *))
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley{
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley isc_result_t result;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley const cfg_obj_t *maps[5] = {NULL, NULL, NULL, NULL, NULL};
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley const cfg_obj_t *aclobj = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley int i = 0;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_acl_t **aclp = NULL, *acl = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley const char *aclname;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_view_t *view;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley view = dns_zone_getview(zone);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley switch (acltype) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley case allow_notify:
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (view != NULL)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley aclp = &view->notifyacl;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley aclname = "allow-notify";
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley break;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley case allow_query:
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (view != NULL)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley aclp = &view->queryacl;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley aclname = "allow-query";
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley break;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley case allow_transfer:
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (view != NULL)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley aclp = &view->transferacl;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley aclname = "allow-transfer";
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley break;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley case allow_update:
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (view != NULL)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley aclp = &view->updateacl;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley aclname = "allow-update";
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley break;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley case allow_update_forwarding:
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (view != NULL)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley aclp = &view->upfwdacl;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley aclname = "allow-update-forwarding";
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley break;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley default:
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(0);
577179503f2eb7695ec668d8eeb41889a150e28fBob Halley return (ISC_R_FAILURE);
577179503f2eb7695ec668d8eeb41889a150e28fBob Halley }
577179503f2eb7695ec668d8eeb41889a150e28fBob Halley
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley /* First check to see if ACL is defined within the zone */
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley if (zconfig != NULL) {
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley maps[0] = cfg_tuple_get(zconfig, "options");
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley (void)ns_config_get(maps, aclname, &aclobj);
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley if (aclobj != NULL) {
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley aclp = NULL;
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley goto parse_acl;
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley }
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley }
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley /* Failing that, see if there's a default ACL already in the view */
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley if (aclp != NULL && *aclp != NULL) {
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley (*setzacl)(zone, *aclp);
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley return (ISC_R_SUCCESS);
70fdfcd1fa7ebd059deffa9a2cecc29df96dfe52Bob Halley }
70fdfcd1fa7ebd059deffa9a2cecc29df96dfe52Bob Halley
70fdfcd1fa7ebd059deffa9a2cecc29df96dfe52Bob Halley /* Check for default ACLs that haven't been parsed yet */
70fdfcd1fa7ebd059deffa9a2cecc29df96dfe52Bob Halley if (vconfig != NULL) {
70fdfcd1fa7ebd059deffa9a2cecc29df96dfe52Bob Halley const cfg_obj_t *options = cfg_tuple_get(vconfig, "options");
70fdfcd1fa7ebd059deffa9a2cecc29df96dfe52Bob Halley if (options != NULL)
70fdfcd1fa7ebd059deffa9a2cecc29df96dfe52Bob Halley maps[i++] = options;
70fdfcd1fa7ebd059deffa9a2cecc29df96dfe52Bob Halley }
70fdfcd1fa7ebd059deffa9a2cecc29df96dfe52Bob Halley if (config != NULL) {
70fdfcd1fa7ebd059deffa9a2cecc29df96dfe52Bob Halley const cfg_obj_t *options = NULL;
70fdfcd1fa7ebd059deffa9a2cecc29df96dfe52Bob Halley (void)cfg_map_get(config, "options", &options);
70fdfcd1fa7ebd059deffa9a2cecc29df96dfe52Bob Halley if (options != NULL)
08c8a934ceb2dfc6a5ebfd3be4ba5a1b3243bc73Bob Halley maps[i++] = options;
08c8a934ceb2dfc6a5ebfd3be4ba5a1b3243bc73Bob Halley }
08c8a934ceb2dfc6a5ebfd3be4ba5a1b3243bc73Bob Halley maps[i++] = ns_g_defaults;
08c8a934ceb2dfc6a5ebfd3be4ba5a1b3243bc73Bob Halley maps[i] = NULL;
08c8a934ceb2dfc6a5ebfd3be4ba5a1b3243bc73Bob Halley
08c8a934ceb2dfc6a5ebfd3be4ba5a1b3243bc73Bob Halley (void)ns_config_get(maps, aclname, &aclobj);
08c8a934ceb2dfc6a5ebfd3be4ba5a1b3243bc73Bob Halley if (aclobj == NULL) {
08c8a934ceb2dfc6a5ebfd3be4ba5a1b3243bc73Bob Halley (*clearzacl)(zone);
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley return (ISC_R_SUCCESS);
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley }
95f78a208ad6dfb8359320c77ab30c670c773922Mark Andrews
95f78a208ad6dfb8359320c77ab30c670c773922Mark Andrewsparse_acl:
95f78a208ad6dfb8359320c77ab30c670c773922Mark Andrews result = cfg_acl_fromconfig(aclobj, config, ns_g_lctx, actx,
8db3b065b4659f593f7b8eaa7c9ca0c3daa4da02Bob Halley dns_zone_getmctx(zone), 0, &acl);
8db3b065b4659f593f7b8eaa7c9ca0c3daa4da02Bob Halley if (result != ISC_R_SUCCESS)
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley return (result);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley (*setzacl)(zone, acl);
3740b569ae76295b941d57a724a43beb75b533baBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley /* Set the view default now */
5f120ce962b03e4dcf6f1974b9b896f0fa7cacb0Bob Halley if (aclp != NULL)
5f120ce962b03e4dcf6f1974b9b896f0fa7cacb0Bob Halley dns_acl_attach(acl, aclp);
5f120ce962b03e4dcf6f1974b9b896f0fa7cacb0Bob Halley
5f120ce962b03e4dcf6f1974b9b896f0fa7cacb0Bob Halley dns_acl_detach(&acl);
5f120ce962b03e4dcf6f1974b9b896f0fa7cacb0Bob Halley return (ISC_R_SUCCESS);
5f120ce962b03e4dcf6f1974b9b896f0fa7cacb0Bob Halley}
5f120ce962b03e4dcf6f1974b9b896f0fa7cacb0Bob Halley
5f120ce962b03e4dcf6f1974b9b896f0fa7cacb0Bob Halley/*%
5f120ce962b03e4dcf6f1974b9b896f0fa7cacb0Bob Halley * Parse the zone update-policy statement.
5f120ce962b03e4dcf6f1974b9b896f0fa7cacb0Bob Halley */
5f120ce962b03e4dcf6f1974b9b896f0fa7cacb0Bob Halleystatic isc_result_t
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halleyconfigure_zone_ssutable(const cfg_obj_t *zconfig, dns_zone_t *zone,
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley const char *zname)
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley{
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley const cfg_obj_t *updatepolicy = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley const cfg_listelt_t *element, *element2;
577179503f2eb7695ec668d8eeb41889a150e28fBob Halley dns_ssutable_t *table = NULL;
577179503f2eb7695ec668d8eeb41889a150e28fBob Halley isc_mem_t *mctx = dns_zone_getmctx(zone);
577179503f2eb7695ec668d8eeb41889a150e28fBob Halley isc_boolean_t autoddns = ISC_FALSE;
577179503f2eb7695ec668d8eeb41889a150e28fBob Halley isc_result_t result;
577179503f2eb7695ec668d8eeb41889a150e28fBob Halley
577179503f2eb7695ec668d8eeb41889a150e28fBob Halley (void)cfg_map_get(zconfig, "update-policy", &updatepolicy);
577179503f2eb7695ec668d8eeb41889a150e28fBob Halley
577179503f2eb7695ec668d8eeb41889a150e28fBob Halley if (updatepolicy == NULL) {
577179503f2eb7695ec668d8eeb41889a150e28fBob Halley dns_zone_setssutable(zone, NULL);
577179503f2eb7695ec668d8eeb41889a150e28fBob Halley return (ISC_R_SUCCESS);
577179503f2eb7695ec668d8eeb41889a150e28fBob Halley }
577179503f2eb7695ec668d8eeb41889a150e28fBob Halley
577179503f2eb7695ec668d8eeb41889a150e28fBob Halley if (cfg_obj_isstring(updatepolicy) &&
577179503f2eb7695ec668d8eeb41889a150e28fBob Halley strcmp("local", cfg_obj_asstring(updatepolicy)) == 0) {
577179503f2eb7695ec668d8eeb41889a150e28fBob Halley autoddns = ISC_TRUE;
577179503f2eb7695ec668d8eeb41889a150e28fBob Halley updatepolicy = NULL;
577179503f2eb7695ec668d8eeb41889a150e28fBob Halley }
577179503f2eb7695ec668d8eeb41889a150e28fBob Halley
577179503f2eb7695ec668d8eeb41889a150e28fBob Halley result = dns_ssutable_create(mctx, &table);
577179503f2eb7695ec668d8eeb41889a150e28fBob Halley if (result != ISC_R_SUCCESS)
577179503f2eb7695ec668d8eeb41889a150e28fBob Halley return (result);
577179503f2eb7695ec668d8eeb41889a150e28fBob Halley
577179503f2eb7695ec668d8eeb41889a150e28fBob Halley for (element = cfg_list_first(updatepolicy);
577179503f2eb7695ec668d8eeb41889a150e28fBob Halley element != NULL;
577179503f2eb7695ec668d8eeb41889a150e28fBob Halley element = cfg_list_next(element))
577179503f2eb7695ec668d8eeb41889a150e28fBob Halley {
577179503f2eb7695ec668d8eeb41889a150e28fBob Halley const cfg_obj_t *stmt = cfg_listelt_value(element);
577179503f2eb7695ec668d8eeb41889a150e28fBob Halley const cfg_obj_t *mode = cfg_tuple_get(stmt, "mode");
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley const cfg_obj_t *identity = cfg_tuple_get(stmt, "identity");
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley const cfg_obj_t *matchtype = cfg_tuple_get(stmt, "matchtype");
3740b569ae76295b941d57a724a43beb75b533baBob Halley const cfg_obj_t *dname = cfg_tuple_get(stmt, "name");
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley const cfg_obj_t *typelist = cfg_tuple_get(stmt, "types");
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley const char *str;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley isc_boolean_t grant = ISC_FALSE;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley isc_boolean_t usezone = ISC_FALSE;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley unsigned int mtype = DNS_SSUMATCHTYPE_NAME;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_fixedname_t fname, fident;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley isc_buffer_t b;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_rdatatype_t *types;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley unsigned int i, n;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley str = cfg_obj_asstring(mode);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (strcasecmp(str, "grant") == 0)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley grant = ISC_TRUE;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley else if (strcasecmp(str, "deny") == 0)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley grant = ISC_FALSE;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley else
3740b569ae76295b941d57a724a43beb75b533baBob Halley INSIST(0);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley str = cfg_obj_asstring(matchtype);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (strcasecmp(str, "name") == 0)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley mtype = DNS_SSUMATCHTYPE_NAME;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley else if (strcasecmp(str, "subdomain") == 0)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley mtype = DNS_SSUMATCHTYPE_SUBDOMAIN;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley else if (strcasecmp(str, "wildcard") == 0)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley mtype = DNS_SSUMATCHTYPE_WILDCARD;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley else if (strcasecmp(str, "self") == 0)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley mtype = DNS_SSUMATCHTYPE_SELF;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley else if (strcasecmp(str, "selfsub") == 0)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley mtype = DNS_SSUMATCHTYPE_SELFSUB;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley else if (strcasecmp(str, "selfwild") == 0)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley mtype = DNS_SSUMATCHTYPE_SELFWILD;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley else if (strcasecmp(str, "ms-self") == 0)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley mtype = DNS_SSUMATCHTYPE_SELFMS;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley else if (strcasecmp(str, "krb5-self") == 0)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley mtype = DNS_SSUMATCHTYPE_SELFKRB5;
3740b569ae76295b941d57a724a43beb75b533baBob Halley else if (strcasecmp(str, "ms-subdomain") == 0)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley mtype = DNS_SSUMATCHTYPE_SUBDOMAINMS;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley else if (strcasecmp(str, "krb5-subdomain") == 0)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley mtype = DNS_SSUMATCHTYPE_SUBDOMAINKRB5;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley else if (strcasecmp(str, "tcp-self") == 0)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley mtype = DNS_SSUMATCHTYPE_TCPSELF;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley else if (strcasecmp(str, "6to4-self") == 0)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley mtype = DNS_SSUMATCHTYPE_6TO4SELF;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley else if (strcasecmp(str, "zonesub") == 0) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley mtype = DNS_SSUMATCHTYPE_SUBDOMAIN;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley usezone = ISC_TRUE;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley } else if (strcasecmp(str, "external") == 0)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley mtype = DNS_SSUMATCHTYPE_EXTERNAL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley else
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(0);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_fixedname_init(&fident);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley str = cfg_obj_asstring(identity);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley isc_buffer_init(&b, str, strlen(str));
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley isc_buffer_add(&b, strlen(str));
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley result = dns_name_fromtext(dns_fixedname_name(&fident), &b,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_rootname, 0, NULL);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (result != ISC_R_SUCCESS) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley cfg_obj_log(identity, ns_g_lctx, ISC_LOG_ERROR,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley "'%s' is not a valid name", str);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley goto cleanup;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley }
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_fixedname_init(&fname);
70fdfcd1fa7ebd059deffa9a2cecc29df96dfe52Bob Halley if (usezone) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley result = dns_name_copy(dns_zone_getorigin(zone),
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_fixedname_name(&fname),
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley NULL);
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley if (result != ISC_R_SUCCESS) {
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley cfg_obj_log(identity, ns_g_lctx, ISC_LOG_ERROR,
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley "error copying origin: %s",
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley isc_result_totext(result));
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley goto cleanup;
ce3761f64d3d734cc94605026985898900ecc474Bob Halley }
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley } else {
8db3b065b4659f593f7b8eaa7c9ca0c3daa4da02Bob Halley str = cfg_obj_asstring(dname);
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley isc_buffer_init(&b, str, strlen(str));
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley isc_buffer_add(&b, strlen(str));
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley result = dns_name_fromtext(dns_fixedname_name(&fname),
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley &b, dns_rootname, 0, NULL);
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley if (result != ISC_R_SUCCESS) {
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley cfg_obj_log(identity, ns_g_lctx, ISC_LOG_ERROR,
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley "'%s' is not a valid name", str);
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley goto cleanup;
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley }
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley }
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley n = ns_config_listcount(typelist);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (n == 0)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley types = NULL;
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley else {
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley types = isc_mem_get(mctx, n * sizeof(dns_rdatatype_t));
ce3761f64d3d734cc94605026985898900ecc474Bob Halley if (types == NULL) {
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley result = ISC_R_NOMEMORY;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley goto cleanup;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley }
ce3761f64d3d734cc94605026985898900ecc474Bob Halley }
ce3761f64d3d734cc94605026985898900ecc474Bob Halley
ce3761f64d3d734cc94605026985898900ecc474Bob Halley i = 0;
ce3761f64d3d734cc94605026985898900ecc474Bob Halley for (element2 = cfg_list_first(typelist);
ce3761f64d3d734cc94605026985898900ecc474Bob Halley element2 != NULL;
ce3761f64d3d734cc94605026985898900ecc474Bob Halley element2 = cfg_list_next(element2))
ce3761f64d3d734cc94605026985898900ecc474Bob Halley {
5fc1b54cc6134bd70f4e22df90a2e5631aaea77aBob Halley const cfg_obj_t *typeobj;
5fc1b54cc6134bd70f4e22df90a2e5631aaea77aBob Halley isc_textregion_t r;
5fc1b54cc6134bd70f4e22df90a2e5631aaea77aBob Halley
5fc1b54cc6134bd70f4e22df90a2e5631aaea77aBob Halley INSIST(i < n);
ce3761f64d3d734cc94605026985898900ecc474Bob Halley
ce3761f64d3d734cc94605026985898900ecc474Bob Halley typeobj = cfg_listelt_value(element2);
ce3761f64d3d734cc94605026985898900ecc474Bob Halley str = cfg_obj_asstring(typeobj);
ce3761f64d3d734cc94605026985898900ecc474Bob Halley DE_CONST(str, r.base);
ce3761f64d3d734cc94605026985898900ecc474Bob Halley r.length = strlen(str);
ce3761f64d3d734cc94605026985898900ecc474Bob Halley
ce3761f64d3d734cc94605026985898900ecc474Bob Halley result = dns_rdatatype_fromtext(&types[i++], &r);
ce3761f64d3d734cc94605026985898900ecc474Bob Halley if (result != ISC_R_SUCCESS) {
ce3761f64d3d734cc94605026985898900ecc474Bob Halley cfg_obj_log(identity, ns_g_lctx, ISC_LOG_ERROR,
ce3761f64d3d734cc94605026985898900ecc474Bob Halley "'%s' is not a valid type", str);
ce3761f64d3d734cc94605026985898900ecc474Bob Halley isc_mem_put(mctx, types,
ce3761f64d3d734cc94605026985898900ecc474Bob Halley n * sizeof(dns_rdatatype_t));
ce3761f64d3d734cc94605026985898900ecc474Bob Halley goto cleanup;
ce3761f64d3d734cc94605026985898900ecc474Bob Halley }
ce3761f64d3d734cc94605026985898900ecc474Bob Halley }
ce3761f64d3d734cc94605026985898900ecc474Bob Halley INSIST(i == n);
ce3761f64d3d734cc94605026985898900ecc474Bob Halley
ce3761f64d3d734cc94605026985898900ecc474Bob Halley result = dns_ssutable_addrule(table, grant,
38d2d0e9326a2f70b5893302b89a26978b539405Bob Halley dns_fixedname_name(&fident),
3740b569ae76295b941d57a724a43beb75b533baBob Halley mtype,
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley dns_fixedname_name(&fname),
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley n, types);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (types != NULL)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley isc_mem_put(mctx, types, n * sizeof(dns_rdatatype_t));
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (result != ISC_R_SUCCESS) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley goto cleanup;
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley }
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley }
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley
38d2d0e9326a2f70b5893302b89a26978b539405Bob Halley /*
38d2d0e9326a2f70b5893302b89a26978b539405Bob Halley * If "update-policy local;" and a session key exists,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley * then use the default policy, which is equivalent to:
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley * update-policy { grant <session-keyname> zonesub any; };
00d81794884f1eee59ca058a292f2d1e50d9547cBob Halley */
00d81794884f1eee59ca058a292f2d1e50d9547cBob Halley if (autoddns) {
00d81794884f1eee59ca058a292f2d1e50d9547cBob Halley dns_rdatatype_t any = dns_rdatatype_any;
00d81794884f1eee59ca058a292f2d1e50d9547cBob Halley
00d81794884f1eee59ca058a292f2d1e50d9547cBob Halley if (ns_g_server->session_keyname == NULL) {
00d81794884f1eee59ca058a292f2d1e50d9547cBob Halley isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
00d81794884f1eee59ca058a292f2d1e50d9547cBob Halley NS_LOGMODULE_SERVER, ISC_LOG_ERROR,
00d81794884f1eee59ca058a292f2d1e50d9547cBob Halley "failed to enable auto DDNS policy "
00d81794884f1eee59ca058a292f2d1e50d9547cBob Halley "for zone %s: session key not found",
00d81794884f1eee59ca058a292f2d1e50d9547cBob Halley zname);
00d81794884f1eee59ca058a292f2d1e50d9547cBob Halley result = ISC_R_NOTFOUND;
00d81794884f1eee59ca058a292f2d1e50d9547cBob Halley goto cleanup;
00d81794884f1eee59ca058a292f2d1e50d9547cBob Halley }
00d81794884f1eee59ca058a292f2d1e50d9547cBob Halley
00d81794884f1eee59ca058a292f2d1e50d9547cBob Halley result = dns_ssutable_addrule(table, ISC_TRUE,
00d81794884f1eee59ca058a292f2d1e50d9547cBob Halley ns_g_server->session_keyname,
00d81794884f1eee59ca058a292f2d1e50d9547cBob Halley DNS_SSUMATCHTYPE_SUBDOMAIN,
00d81794884f1eee59ca058a292f2d1e50d9547cBob Halley dns_zone_getorigin(zone),
00d81794884f1eee59ca058a292f2d1e50d9547cBob Halley 1, &any);
00d81794884f1eee59ca058a292f2d1e50d9547cBob Halley
f18f3c93e7fecf120302658f93addae573a6e874Bob Halley if (result != ISC_R_SUCCESS)
f18f3c93e7fecf120302658f93addae573a6e874Bob Halley goto cleanup;
f18f3c93e7fecf120302658f93addae573a6e874Bob Halley }
f18f3c93e7fecf120302658f93addae573a6e874Bob Halley
f18f3c93e7fecf120302658f93addae573a6e874Bob Halley result = ISC_R_SUCCESS;
f18f3c93e7fecf120302658f93addae573a6e874Bob Halley dns_zone_setssutable(zone, table);
f18f3c93e7fecf120302658f93addae573a6e874Bob Halley
f18f3c93e7fecf120302658f93addae573a6e874Bob Halley cleanup:
f18f3c93e7fecf120302658f93addae573a6e874Bob Halley dns_ssutable_detach(&table);
f18f3c93e7fecf120302658f93addae573a6e874Bob Halley return (result);
f18f3c93e7fecf120302658f93addae573a6e874Bob Halley}
f18f3c93e7fecf120302658f93addae573a6e874Bob Halley
f18f3c93e7fecf120302658f93addae573a6e874Bob Halley/*
f18f3c93e7fecf120302658f93addae573a6e874Bob Halley * This is the TTL used for internally generated RRsets for static-stub zones.
f18f3c93e7fecf120302658f93addae573a6e874Bob Halley * The value doesn't matter because the mapping is static, but needs to be
f18f3c93e7fecf120302658f93addae573a6e874Bob Halley * defined for the sake of implementation.
f18f3c93e7fecf120302658f93addae573a6e874Bob Halley */
f18f3c93e7fecf120302658f93addae573a6e874Bob Halley#define STATICSTUB_SERVER_TTL 86400
f18f3c93e7fecf120302658f93addae573a6e874Bob Halley
f18f3c93e7fecf120302658f93addae573a6e874Bob Halley/*%
f18f3c93e7fecf120302658f93addae573a6e874Bob Halley * Configure an apex NS with glues for a static-stub zone.
f18f3c93e7fecf120302658f93addae573a6e874Bob Halley * For example, for the zone named "example.com", the following RRs will be
f18f3c93e7fecf120302658f93addae573a6e874Bob Halley * added to the zone DB:
f18f3c93e7fecf120302658f93addae573a6e874Bob Halley * example.com. NS example.com.
f18f3c93e7fecf120302658f93addae573a6e874Bob Halley * example.com. A 192.0.2.1
f18f3c93e7fecf120302658f93addae573a6e874Bob Halley * example.com. AAAA 2001:db8::1
f18f3c93e7fecf120302658f93addae573a6e874Bob Halley */
f18f3c93e7fecf120302658f93addae573a6e874Bob Halleystatic isc_result_t
f18f3c93e7fecf120302658f93addae573a6e874Bob Halleyconfigure_staticstub_serveraddrs(const cfg_obj_t *zconfig, dns_zone_t *zone,
f18f3c93e7fecf120302658f93addae573a6e874Bob Halley dns_rdatalist_t *rdatalist_ns,
f18f3c93e7fecf120302658f93addae573a6e874Bob Halley dns_rdatalist_t *rdatalist_a,
f18f3c93e7fecf120302658f93addae573a6e874Bob Halley dns_rdatalist_t *rdatalist_aaaa)
f18f3c93e7fecf120302658f93addae573a6e874Bob Halley{
bcfcece57e9411ee4bd352b45a8b1ac1dbcf01f4Bob Halley const cfg_listelt_t *element;
1366b7833c86343de278480b9abd71754e418bfaBob Halley isc_mem_t *mctx = dns_zone_getmctx(zone);
bcfcece57e9411ee4bd352b45a8b1ac1dbcf01f4Bob Halley isc_region_t region, sregion;
f0bbac2c0f1afa74b88cab902daf11202ebe7cbdBob Halley dns_rdata_t *rdata;
bcfcece57e9411ee4bd352b45a8b1ac1dbcf01f4Bob Halley isc_result_t result = ISC_R_SUCCESS;
bcfcece57e9411ee4bd352b45a8b1ac1dbcf01f4Bob Halley
1366b7833c86343de278480b9abd71754e418bfaBob Halley for (element = cfg_list_first(zconfig);
bcfcece57e9411ee4bd352b45a8b1ac1dbcf01f4Bob Halley element != NULL;
bcfcece57e9411ee4bd352b45a8b1ac1dbcf01f4Bob Halley element = cfg_list_next(element))
bcfcece57e9411ee4bd352b45a8b1ac1dbcf01f4Bob Halley {
bcfcece57e9411ee4bd352b45a8b1ac1dbcf01f4Bob Halley const isc_sockaddr_t* sa;
bcfcece57e9411ee4bd352b45a8b1ac1dbcf01f4Bob Halley isc_netaddr_t na;
bcfcece57e9411ee4bd352b45a8b1ac1dbcf01f4Bob Halley const cfg_obj_t *address = cfg_listelt_value(element);
bcfcece57e9411ee4bd352b45a8b1ac1dbcf01f4Bob Halley dns_rdatalist_t *rdatalist;
bcfcece57e9411ee4bd352b45a8b1ac1dbcf01f4Bob Halley
bcfcece57e9411ee4bd352b45a8b1ac1dbcf01f4Bob Halley sa = cfg_obj_assockaddr(address);
bcfcece57e9411ee4bd352b45a8b1ac1dbcf01f4Bob Halley if (isc_sockaddr_getport(sa) != 0) {
bcfcece57e9411ee4bd352b45a8b1ac1dbcf01f4Bob Halley cfg_obj_log(zconfig, ns_g_lctx, ISC_LOG_ERROR,
bcfcece57e9411ee4bd352b45a8b1ac1dbcf01f4Bob Halley "port is not configurable for "
bcfcece57e9411ee4bd352b45a8b1ac1dbcf01f4Bob Halley "static stub server-addresses");
bcfcece57e9411ee4bd352b45a8b1ac1dbcf01f4Bob Halley return (ISC_R_FAILURE);
bcfcece57e9411ee4bd352b45a8b1ac1dbcf01f4Bob Halley }
bcfcece57e9411ee4bd352b45a8b1ac1dbcf01f4Bob Halley isc_netaddr_fromsockaddr(&na, sa);
bcfcece57e9411ee4bd352b45a8b1ac1dbcf01f4Bob Halley if (isc_netaddr_getzone(&na) != 0) {
bcfcece57e9411ee4bd352b45a8b1ac1dbcf01f4Bob Halley cfg_obj_log(zconfig, ns_g_lctx, ISC_LOG_ERROR,
bcfcece57e9411ee4bd352b45a8b1ac1dbcf01f4Bob Halley "scoped address is not allowed "
1366b7833c86343de278480b9abd71754e418bfaBob Halley "for static stub "
1366b7833c86343de278480b9abd71754e418bfaBob Halley "server-addresses");
1366b7833c86343de278480b9abd71754e418bfaBob Halley return (ISC_R_FAILURE);
1366b7833c86343de278480b9abd71754e418bfaBob Halley }
1366b7833c86343de278480b9abd71754e418bfaBob Halley
1366b7833c86343de278480b9abd71754e418bfaBob Halley switch (na.family) {
1366b7833c86343de278480b9abd71754e418bfaBob Halley case AF_INET:
1366b7833c86343de278480b9abd71754e418bfaBob Halley region.length = sizeof(na.type.in);
1366b7833c86343de278480b9abd71754e418bfaBob Halley rdatalist = rdatalist_a;
1366b7833c86343de278480b9abd71754e418bfaBob Halley break;
1366b7833c86343de278480b9abd71754e418bfaBob Halley default:
1366b7833c86343de278480b9abd71754e418bfaBob Halley INSIST(na.family == AF_INET6);
1366b7833c86343de278480b9abd71754e418bfaBob Halley region.length = sizeof(na.type.in6);
1366b7833c86343de278480b9abd71754e418bfaBob Halley rdatalist = rdatalist_aaaa;
1366b7833c86343de278480b9abd71754e418bfaBob Halley break;
1366b7833c86343de278480b9abd71754e418bfaBob Halley }
1366b7833c86343de278480b9abd71754e418bfaBob Halley
1366b7833c86343de278480b9abd71754e418bfaBob Halley rdata = isc_mem_get(mctx, sizeof(*rdata) + region.length);
1366b7833c86343de278480b9abd71754e418bfaBob Halley if (rdata == NULL)
1366b7833c86343de278480b9abd71754e418bfaBob Halley return (ISC_R_NOMEMORY);
bcfcece57e9411ee4bd352b45a8b1ac1dbcf01f4Bob Halley region.base = (unsigned char *)(rdata + 1);
bcfcece57e9411ee4bd352b45a8b1ac1dbcf01f4Bob Halley memcpy(region.base, &na.type, region.length);
bcfcece57e9411ee4bd352b45a8b1ac1dbcf01f4Bob Halley dns_rdata_init(rdata);
bcfcece57e9411ee4bd352b45a8b1ac1dbcf01f4Bob Halley dns_rdata_fromregion(rdata, dns_zone_getclass(zone),
bcfcece57e9411ee4bd352b45a8b1ac1dbcf01f4Bob Halley rdatalist->type, &region);
bcfcece57e9411ee4bd352b45a8b1ac1dbcf01f4Bob Halley ISC_LIST_APPEND(rdatalist->rdata, rdata, link);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley }
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley /*
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley * If no address is specified (unlikely in this context, but possible),
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley * there's nothing to do anymore.
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley */
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley if (ISC_LIST_EMPTY(rdatalist_a->rdata) &&
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley ISC_LIST_EMPTY(rdatalist_aaaa->rdata)) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley return (ISC_R_SUCCESS);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley }
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley /* Add to the list an apex NS with the ns name being the origin name */
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley dns_name_toregion(dns_zone_getorigin(zone), &sregion);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley rdata = isc_mem_get(mctx, sizeof(*rdata) + sregion.length);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (rdata == NULL) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley /*
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley * Already allocated data will be freed in the caller, so
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley * we can simply return here.
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley */
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley return (ISC_R_NOMEMORY);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley }
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley region.length = sregion.length;
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley region.base = (unsigned char *)(rdata + 1);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley memcpy(region.base, sregion.base, region.length);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_rdata_init(rdata);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_rdata_fromregion(rdata, dns_zone_getclass(zone),
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley dns_rdatatype_ns, &region);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley ISC_LIST_APPEND(rdatalist_ns->rdata, rdata, link);
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley return (result);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley}
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley/*%
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley * Configure an apex NS with an out-of-zone NS names for a static-stub zone.
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley * For example, for the zone named "example.com", something like the following
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley * RRs will be added to the zone DB:
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley * example.com. NS ns.example.net.
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley */
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halleystatic isc_result_t
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halleyconfigure_staticstub_servernames(const cfg_obj_t *zconfig, dns_zone_t *zone,
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley dns_rdatalist_t *rdatalist, const char *zname)
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley{
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley const cfg_listelt_t *element;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley isc_mem_t *mctx = dns_zone_getmctx(zone);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_rdata_t *rdata;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley isc_region_t sregion, region;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley isc_result_t result = ISC_R_SUCCESS;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley for (element = cfg_list_first(zconfig);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley element != NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley element = cfg_list_next(element))
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley const cfg_obj_t *obj;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley const char *str;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_fixedname_t fixed_name;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_name_t *nsname;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley isc_buffer_t b;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley obj = cfg_listelt_value(element);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley str = cfg_obj_asstring(obj);
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley dns_fixedname_init(&fixed_name);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley nsname = dns_fixedname_name(&fixed_name);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley isc_buffer_init(&b, str, strlen(str));
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley isc_buffer_add(&b, strlen(str));
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley result = dns_name_fromtext(nsname, &b, dns_rootname, 0, NULL);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (result != ISC_R_SUCCESS) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley cfg_obj_log(zconfig, ns_g_lctx, ISC_LOG_ERROR,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley "server-name '%s' is not a valid "
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley "name", str);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley return (result);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley }
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (dns_name_issubdomain(nsname, dns_zone_getorigin(zone))) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley cfg_obj_log(zconfig, ns_g_lctx, ISC_LOG_ERROR,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley "server-name '%s' must not be a "
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley "subdomain of zone name '%s'",
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley str, zname);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley return (ISC_R_FAILURE);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley }
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley dns_name_toregion(nsname, &sregion);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley rdata = isc_mem_get(mctx, sizeof(*rdata) + sregion.length);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley if (rdata == NULL)
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley return (ISC_R_NOMEMORY);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley region.length = sregion.length;
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley region.base = (unsigned char *)(rdata + 1);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley memcpy(region.base, sregion.base, region.length);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley dns_rdata_init(rdata);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley dns_rdata_fromregion(rdata, dns_zone_getclass(zone),
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley dns_rdatatype_ns, &region);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley ISC_LIST_APPEND(rdatalist->rdata, rdata, link);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley }
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley return (result);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley}
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley/*%
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley * Configure static-stub zone.
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley */
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halleystatic isc_result_t
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halleyconfigure_staticstub(const cfg_obj_t *zconfig, dns_zone_t *zone,
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley const char *zname, const char *dbtype)
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley{
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley int i = 0;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley const cfg_obj_t *obj;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley isc_mem_t *mctx = dns_zone_getmctx(zone);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_db_t *db = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_dbversion_t *dbversion = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_dbnode_t *apexnode = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_name_t apexname;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley isc_result_t result;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_rdataset_t rdataset;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_rdatalist_t rdatalist_ns, rdatalist_a, rdatalist_aaaa;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_rdatalist_t* rdatalists[] = {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley &rdatalist_ns, &rdatalist_a, &rdatalist_aaaa, NULL
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley };
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_rdata_t *rdata;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley isc_region_t region;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley /* Create the DB beforehand */
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley RETERR(dns_db_create(mctx, dbtype, dns_zone_getorigin(zone),
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_dbtype_stub, dns_zone_getclass(zone),
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley 0, NULL, &db));
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setdb(zone, db);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_rdatalist_init(&rdatalist_ns);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley rdatalist_ns.rdclass = dns_zone_getclass(zone);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley rdatalist_ns.type = dns_rdatatype_ns;
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley rdatalist_ns.ttl = STATICSTUB_SERVER_TTL;
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley dns_rdatalist_init(&rdatalist_a);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley rdatalist_a.rdclass = dns_zone_getclass(zone);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley rdatalist_a.type = dns_rdatatype_a;
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley rdatalist_a.ttl = STATICSTUB_SERVER_TTL;
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley dns_rdatalist_init(&rdatalist_aaaa);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley rdatalist_aaaa.rdclass = dns_zone_getclass(zone);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley rdatalist_aaaa.type = dns_rdatatype_aaaa;
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley rdatalist_aaaa.ttl = STATICSTUB_SERVER_TTL;
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley /* Prepare zone RRs from the configuration */
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley obj = NULL;
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley result = cfg_map_get(zconfig, "server-addresses", &obj);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley if (result == ISC_R_SUCCESS) {
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley INSIST(obj != NULL);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley result = configure_staticstub_serveraddrs(obj, zone,
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley &rdatalist_ns,
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley &rdatalist_a,
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley &rdatalist_aaaa);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley if (result != ISC_R_SUCCESS)
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley goto cleanup;
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley }
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley obj = NULL;
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley result = cfg_map_get(zconfig, "server-names", &obj);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley if (result == ISC_R_SUCCESS) {
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley INSIST(obj != NULL);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley result = configure_staticstub_servernames(obj, zone,
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley &rdatalist_ns,
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley zname);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley if (result != ISC_R_SUCCESS)
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley goto cleanup;
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley }
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley /*
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley * Sanity check: there should be at least one NS RR at the zone apex
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley * to trigger delegation.
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley */
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley if (ISC_LIST_EMPTY(rdatalist_ns.rdata)) {
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley NS_LOGMODULE_SERVER, ISC_LOG_ERROR,
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley "No NS record is configured for a "
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley "static-stub zone '%s'", zname);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley result = ISC_R_FAILURE;
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley goto cleanup;
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley }
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley /*
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley * Now add NS and glue A/AAAA RRsets to the zone DB.
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley * First open a new version for the add operation and get a pointer
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley * to the apex node (all RRs are of the apex name).
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley */
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley result = dns_db_newversion(db, &dbversion);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley if (result != ISC_R_SUCCESS)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley goto cleanup;
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley dns_name_init(&apexname, NULL);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_name_clone(dns_zone_getorigin(zone), &apexname);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley result = dns_db_findnode(db, &apexname, ISC_FALSE, &apexnode);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (result != ISC_R_SUCCESS)
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley goto cleanup;
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley /* Add NS RRset */
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley dns_rdataset_init(&rdataset);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley RUNTIME_CHECK(dns_rdatalist_tordataset(&rdatalist_ns, &rdataset)
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley == ISC_R_SUCCESS);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley result = dns_db_addrdataset(db, apexnode, dbversion, 0, &rdataset,
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley 0, NULL);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley dns_rdataset_disassociate(&rdataset);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley if (result != ISC_R_SUCCESS)
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley goto cleanup;
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley /* Add glue A RRset, if any */
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley if (!ISC_LIST_EMPTY(rdatalist_a.rdata)) {
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley RUNTIME_CHECK(dns_rdatalist_tordataset(&rdatalist_a, &rdataset)
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley == ISC_R_SUCCESS);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley result = dns_db_addrdataset(db, apexnode, dbversion, 0,
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley &rdataset, 0, NULL);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley dns_rdataset_disassociate(&rdataset);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley if (result != ISC_R_SUCCESS)
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley goto cleanup;
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley }
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley /* Add glue AAAA RRset, if any */
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley if (!ISC_LIST_EMPTY(rdatalist_aaaa.rdata)) {
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley RUNTIME_CHECK(dns_rdatalist_tordataset(&rdatalist_aaaa,
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley &rdataset)
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley == ISC_R_SUCCESS);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley result = dns_db_addrdataset(db, apexnode, dbversion, 0,
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley &rdataset, 0, NULL);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley dns_rdataset_disassociate(&rdataset);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley if (result != ISC_R_SUCCESS)
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley goto cleanup;
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley }
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley result = ISC_R_SUCCESS;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley cleanup:
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley if (apexnode != NULL)
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley dns_db_detachnode(db, &apexnode);
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley if (dbversion != NULL)
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley dns_db_closeversion(db, &dbversion, ISC_TRUE);
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley if (db != NULL)
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley dns_db_detach(&db);
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley for (i = 0; rdatalists[i] != NULL; i++) {
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley while ((rdata = ISC_LIST_HEAD(rdatalists[i]->rdata)) != NULL) {
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley ISC_LIST_UNLINK(rdatalists[i]->rdata, rdata, link);
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley dns_rdata_toregion(rdata, &region);
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley isc_mem_put(mctx, rdata,
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley sizeof(*rdata) + region.length);
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley }
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley }
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley return (result);
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley}
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley/*%
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley * Convert a config file zone type into a server zone type.
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley */
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halleystatic inline dns_zonetype_t
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halleyzonetype_fromconfig(const cfg_obj_t *map) {
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley const cfg_obj_t *obj = NULL;
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley isc_result_t result;
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley result = cfg_map_get(map, "type", &obj);
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley INSIST(result == ISC_R_SUCCESS && obj != NULL);
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley return (ns_config_getzonetype(obj));
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley}
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley/*%
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley * Helper function for strtoargv(). Pardon the gratuitous recursion.
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley */
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halleystatic isc_result_t
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halleystrtoargvsub(isc_mem_t *mctx, char *s, unsigned int *argcp,
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley char ***argvp, unsigned int n)
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley{
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley isc_result_t result;
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley /* Discard leading whitespace. */
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley while (*s == ' ' || *s == '\t')
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley s++;
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley if (*s == '\0') {
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley /* We have reached the end of the string. */
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley *argcp = n;
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley *argvp = isc_mem_get(mctx, n * sizeof(char *));
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley if (*argvp == NULL)
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley return (ISC_R_NOMEMORY);
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley } else {
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley char *p = s;
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley while (*p != ' ' && *p != '\t' && *p != '\0')
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley p++;
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley if (*p != '\0')
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley *p++ = '\0';
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley result = strtoargvsub(mctx, p, argcp, argvp, n + 1);
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley if (result != ISC_R_SUCCESS)
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley return (result);
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley (*argvp)[n] = s;
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley }
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley return (ISC_R_SUCCESS);
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley}
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley/*%
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews * Tokenize the string "s" into whitespace-separated words,
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews * return the number of words in '*argcp' and an array
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews * of pointers to the words in '*argvp'. The caller
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews * must free the array using isc_mem_put(). The string
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews * is modified in-place.
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews */
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrewsstatic isc_result_t
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrewsstrtoargv(isc_mem_t *mctx, char *s, unsigned int *argcp, char ***argvp) {
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews return (strtoargvsub(mctx, s, argcp, argvp, 0));
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews}
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrewsstatic void
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrewschecknames(dns_zonetype_t ztype, const cfg_obj_t **maps,
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews const cfg_obj_t **objp)
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews{
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews const char *zone = NULL;
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews isc_result_t result;
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews switch (ztype) {
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews case dns_zone_slave: zone = "slave"; break;
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews case dns_zone_master: zone = "master"; break;
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews default:
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews INSIST(0);
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews }
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews result = ns_checknames_get(maps, zone, objp);
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews INSIST(result == ISC_R_SUCCESS && objp != NULL && *objp != NULL);
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews}
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrewsisc_result_t
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrewsns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews const cfg_obj_t *zconfig, cfg_aclconfctx_t *ac,
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews dns_zone_t *zone, dns_zone_t *raw)
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews{
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews isc_result_t result;
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews const char *zname;
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews dns_rdataclass_t zclass;
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews dns_rdataclass_t vclass;
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews const cfg_obj_t *maps[5];
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews const cfg_obj_t *zoptions = NULL;
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews const cfg_obj_t *options = NULL;
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews const cfg_obj_t *obj;
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews const char *filename = NULL;
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews dns_notifytype_t notifytype = dns_notifytype_yes;
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews isc_sockaddr_t *addrs;
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews dns_name_t **keynames;
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews isc_uint32_t count;
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews char *cpval;
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews unsigned int dbargc;
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews char **dbargv;
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews static char default_dbtype[] = "rbt";
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews isc_mem_t *mctx = dns_zone_getmctx(zone);
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews dns_dialuptype_t dialup = dns_dialuptype_no;
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews dns_zonetype_t ztype;
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews int i;
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews isc_int32_t journal_size;
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews isc_boolean_t multi;
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews isc_boolean_t alt;
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews dns_view_t *view;
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews isc_boolean_t check = ISC_FALSE, fail = ISC_FALSE;
6957b87f931bb110ba4d0adf495932691ba550b1Bob Halley isc_boolean_t warn = ISC_FALSE, ignore = ISC_FALSE;
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews isc_boolean_t ixfrdiff;
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews dns_masterformat_t masterformat;
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews isc_stats_t *zoneqrystats;
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews isc_boolean_t zonestats_on;
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews int seconds;
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews dns_zone_t *mayberaw = (raw != NULL) ? raw : zone;
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews i = 0;
aa8e34546c1e51e69f5a4935d28cb0c543e7401aAndreas Gustafsson if (zconfig != NULL) {
aa8e34546c1e51e69f5a4935d28cb0c543e7401aAndreas Gustafsson zoptions = cfg_tuple_get(zconfig, "options");
aa8e34546c1e51e69f5a4935d28cb0c543e7401aAndreas Gustafsson maps[i++] = zoptions;
aa8e34546c1e51e69f5a4935d28cb0c543e7401aAndreas Gustafsson }
aa8e34546c1e51e69f5a4935d28cb0c543e7401aAndreas Gustafsson if (vconfig != NULL)
aa8e34546c1e51e69f5a4935d28cb0c543e7401aAndreas Gustafsson maps[i++] = cfg_tuple_get(vconfig, "options");
aa8e34546c1e51e69f5a4935d28cb0c543e7401aAndreas Gustafsson if (config != NULL) {
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews (void)cfg_map_get(config, "options", &options);
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews if (options != NULL)
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews maps[i++] = options;
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews }
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews maps[i++] = ns_g_defaults;
38d2d0e9326a2f70b5893302b89a26978b539405Bob Halley maps[i] = NULL;
3740b569ae76295b941d57a724a43beb75b533baBob Halley
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley if (vconfig != NULL)
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley RETERR(ns_config_getclass(cfg_tuple_get(vconfig, "class"),
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley dns_rdataclass_in, &vclass));
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley else
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley vclass = dns_rdataclass_in;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley /*
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley * Configure values common to all zone types.
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley */
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley zname = cfg_obj_asstring(cfg_tuple_get(zconfig, "name"));
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley RETERR(ns_config_getclass(cfg_tuple_get(zconfig, "class"),
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley vclass, &zclass));
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley dns_zone_setclass(zone, zclass);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley if (raw != NULL)
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley dns_zone_setclass(raw, zclass);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley ztype = zonetype_fromconfig(zoptions);
29b487b0a458d655f0aad9257ca46021f4903d08Bob Halley if (raw != NULL) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_settype(raw, ztype);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_settype(zone, dns_zone_master);
d2b77d720f1dcdc85a761b1de1a94d32fbdef81aBrian Wellington } else
d2b77d720f1dcdc85a761b1de1a94d32fbdef81aBrian Wellington dns_zone_settype(zone, ztype);
5d661f0bde49c68d33eb1146d60058782aca50a7Bob Halley
5d661f0bde49c68d33eb1146d60058782aca50a7Bob Halley
d2b77d720f1dcdc85a761b1de1a94d32fbdef81aBrian Wellington obj = NULL;
d2b77d720f1dcdc85a761b1de1a94d32fbdef81aBrian Wellington result = cfg_map_get(zoptions, "database", &obj);
d2b77d720f1dcdc85a761b1de1a94d32fbdef81aBrian Wellington if (result == ISC_R_SUCCESS)
d2b77d720f1dcdc85a761b1de1a94d32fbdef81aBrian Wellington cpval = isc_mem_strdup(mctx, cfg_obj_asstring(obj));
d2b77d720f1dcdc85a761b1de1a94d32fbdef81aBrian Wellington else
d2b77d720f1dcdc85a761b1de1a94d32fbdef81aBrian Wellington cpval = default_dbtype;
d2b77d720f1dcdc85a761b1de1a94d32fbdef81aBrian Wellington
d2b77d720f1dcdc85a761b1de1a94d32fbdef81aBrian Wellington if (cpval == NULL)
d2b77d720f1dcdc85a761b1de1a94d32fbdef81aBrian Wellington return(ISC_R_NOMEMORY);
d2b77d720f1dcdc85a761b1de1a94d32fbdef81aBrian Wellington
5d661f0bde49c68d33eb1146d60058782aca50a7Bob Halley result = strtoargv(mctx, cpval, &dbargc, &dbargv);
5d661f0bde49c68d33eb1146d60058782aca50a7Bob Halley if (result != ISC_R_SUCCESS && cpval != default_dbtype) {
5d661f0bde49c68d33eb1146d60058782aca50a7Bob Halley isc_mem_free(mctx, cpval);
5d661f0bde49c68d33eb1146d60058782aca50a7Bob Halley return (result);
d2b77d720f1dcdc85a761b1de1a94d32fbdef81aBrian Wellington }
d2b77d720f1dcdc85a761b1de1a94d32fbdef81aBrian Wellington
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley /*
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley * ANSI C is strange here. There is no logical reason why (char **)
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley * cannot be promoted automatically to (const char * const *) by the
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley * compiler w/o generating a warning.
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley */
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley result = dns_zone_setdbtype(zone, dbargc, (const char * const *)dbargv);
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley isc_mem_put(mctx, dbargv, dbargc * sizeof(*dbargv));
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley if (cpval != default_dbtype)
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley isc_mem_free(mctx, cpval);
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley if (result != ISC_R_SUCCESS)
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley return (result);
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley obj = NULL;
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley result = cfg_map_get(zoptions, "file", &obj);
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley if (result == ISC_R_SUCCESS)
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley filename = cfg_obj_asstring(obj);
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley /*
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley * Unless we're using some alternative database, a master zone
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley * will be needing a master file.
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley */
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley if (ztype == dns_zone_master && cpval == default_dbtype &&
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley filename == NULL) {
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley NS_LOGMODULE_SERVER, ISC_LOG_ERROR,
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley "zone '%s': 'file' not specified",
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley zname);
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley return (ISC_R_FAILURE);
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley }
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley if (ztype == dns_zone_slave)
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley masterformat = dns_masterformat_raw;
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley else
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley masterformat = dns_masterformat_text;
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley obj = NULL;
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley result= ns_config_get(maps, "masterfile-format", &obj);
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley if (result == ISC_R_SUCCESS) {
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley const char *masterformatstr = cfg_obj_asstring(obj);
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley if (strcasecmp(masterformatstr, "text") == 0)
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley masterformat = dns_masterformat_text;
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley else if (strcasecmp(masterformatstr, "raw") == 0)
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley masterformat = dns_masterformat_raw;
453603c018a9e7c3ee7726868f27c95798544ed7Bob Halley else
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(0);
3740b569ae76295b941d57a724a43beb75b533baBob Halley }
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (raw != NULL) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley#define SIGNED ".signed"
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley size_t signedlen = strlen(filename) + sizeof(SIGNED);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley char *signedname;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley RETERR(dns_zone_setfile2(raw, filename, masterformat));
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley signedname = isc_mem_get(mctx, signedlen);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (signedname == NULL)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley return (ISC_R_NOMEMORY);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley (void)snprintf(signedname, signedlen, "%s" SIGNED, filename);
3740b569ae76295b941d57a724a43beb75b533baBob Halley result = dns_zone_setfile2(zone, signedname,
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley dns_masterformat_raw);
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley isc_mem_put(mctx, signedname, signedlen);
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley if (result != ISC_R_SUCCESS)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley return (result);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley } else
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley RETERR(dns_zone_setfile2(zone, filename, masterformat));
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley obj = NULL;
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley result = cfg_map_get(zoptions, "journal", &obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (result == ISC_R_SUCCESS)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley RETERR(dns_zone_setjournal(mayberaw, cfg_obj_asstring(obj)));
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley /*
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley * Notify messages are processed by the raw zone if it exists.
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley */
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (ztype == dns_zone_slave)
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley RETERR(configure_zone_acl(zconfig, vconfig, config,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley allow_notify, ac, mayberaw,
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley dns_zone_setnotifyacl,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_clearnotifyacl));
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley /*
3740b569ae76295b941d57a724a43beb75b533baBob Halley * XXXAG This probably does not make sense for stubs.
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley */
3740b569ae76295b941d57a724a43beb75b533baBob Halley RETERR(configure_zone_acl(zconfig, vconfig, config,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley allow_query, ac, zone,
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley dns_zone_setqueryacl,
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley dns_zone_clearqueryacl));
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley obj = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley result = ns_config_get(maps, "dialup", &obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(result == ISC_R_SUCCESS && obj != NULL);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (cfg_obj_isboolean(obj)) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (cfg_obj_asboolean(obj))
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dialup = dns_dialuptype_yes;
0370190a682a3933119784a1023b1b9a51c66fa3Bob Halley else
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley dialup = dns_dialuptype_no;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley } else {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley const char *dialupstr = cfg_obj_asstring(obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (strcasecmp(dialupstr, "notify") == 0)
08c8a934ceb2dfc6a5ebfd3be4ba5a1b3243bc73Bob Halley dialup = dns_dialuptype_notify;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley else if (strcasecmp(dialupstr, "notify-passive") == 0)
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley dialup = dns_dialuptype_notifypassive;
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley else if (strcasecmp(dialupstr, "refresh") == 0)
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley dialup = dns_dialuptype_refresh;
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley else if (strcasecmp(dialupstr, "passive") == 0)
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley dialup = dns_dialuptype_passive;
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley else
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley INSIST(0);
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley }
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley if (raw != NULL)
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley dns_zone_setdialup(raw, dialup);
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley dns_zone_setdialup(zone, dialup);
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley obj = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley result = ns_config_get(maps, "zone-statistics", &obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(result == ISC_R_SUCCESS && obj != NULL);
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley zonestats_on = cfg_obj_asboolean(obj);
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley zoneqrystats = NULL;
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley if (zonestats_on) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley RETERR(isc_stats_create(mctx, &zoneqrystats,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_nsstatscounter_max));
bd53af8229e28cfec8bfd9572b4d31514ea97f48Bob Halley }
bd53af8229e28cfec8bfd9572b4d31514ea97f48Bob Halley dns_zone_setrequeststats(zone, zoneqrystats);
bd53af8229e28cfec8bfd9572b4d31514ea97f48Bob Halley if (zoneqrystats != NULL)
bd53af8229e28cfec8bfd9572b4d31514ea97f48Bob Halley isc_stats_detach(&zoneqrystats);
bd53af8229e28cfec8bfd9572b4d31514ea97f48Bob Halley
bd53af8229e28cfec8bfd9572b4d31514ea97f48Bob Halley /*
bd53af8229e28cfec8bfd9572b4d31514ea97f48Bob Halley * Configure master functionality. This applies
bd53af8229e28cfec8bfd9572b4d31514ea97f48Bob Halley * to primary masters (type "master") and slaves
bd53af8229e28cfec8bfd9572b4d31514ea97f48Bob Halley * acting as masters (type "slave"), but not to stubs.
08c8a934ceb2dfc6a5ebfd3be4ba5a1b3243bc73Bob Halley */
bd53af8229e28cfec8bfd9572b4d31514ea97f48Bob Halley if (ztype != dns_zone_stub && ztype != dns_zone_staticstub &&
bd53af8229e28cfec8bfd9572b4d31514ea97f48Bob Halley ztype != dns_zone_redirect) {
bd53af8229e28cfec8bfd9572b4d31514ea97f48Bob Halley obj = NULL;
bd53af8229e28cfec8bfd9572b4d31514ea97f48Bob Halley result = ns_config_get(maps, "notify", &obj);
fff9a37a0355e4181b3132370a173d1dbb5a0f3cBob Halley INSIST(result == ISC_R_SUCCESS && obj != NULL);
fff9a37a0355e4181b3132370a173d1dbb5a0f3cBob Halley if (cfg_obj_isboolean(obj)) {
bd53af8229e28cfec8bfd9572b4d31514ea97f48Bob Halley if (cfg_obj_asboolean(obj))
bd53af8229e28cfec8bfd9572b4d31514ea97f48Bob Halley notifytype = dns_notifytype_yes;
bd53af8229e28cfec8bfd9572b4d31514ea97f48Bob Halley else
bd53af8229e28cfec8bfd9572b4d31514ea97f48Bob Halley notifytype = dns_notifytype_no;
bd53af8229e28cfec8bfd9572b4d31514ea97f48Bob Halley } else {
bd53af8229e28cfec8bfd9572b4d31514ea97f48Bob Halley const char *notifystr = cfg_obj_asstring(obj);
bd53af8229e28cfec8bfd9572b4d31514ea97f48Bob Halley if (strcasecmp(notifystr, "explicit") == 0)
bd53af8229e28cfec8bfd9572b4d31514ea97f48Bob Halley notifytype = dns_notifytype_explicit;
bd53af8229e28cfec8bfd9572b4d31514ea97f48Bob Halley else if (strcasecmp(notifystr, "master-only") == 0)
bd53af8229e28cfec8bfd9572b4d31514ea97f48Bob Halley notifytype = dns_notifytype_masteronly;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley else
38d2d0e9326a2f70b5893302b89a26978b539405Bob Halley INSIST(0);
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley }
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley if (raw != NULL)
a41d348e14b0465c6444cdfd2d59f9370fd44fe8Mark Andrews dns_zone_setnotifytype(raw, dns_notifytype_no);
a41d348e14b0465c6444cdfd2d59f9370fd44fe8Mark Andrews dns_zone_setnotifytype(zone, notifytype);
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley obj = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley result = ns_config_get(maps, "also-notify", &obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (result == ISC_R_SUCCESS) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley isc_uint32_t addrcount;
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley addrs = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley keynames = NULL;
08c8a934ceb2dfc6a5ebfd3be4ba5a1b3243bc73Bob Halley RETERR(ns_config_getipandkeylist(config, obj, mctx,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley &addrs, &keynames,
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley &addrcount));
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley result = dns_zone_setalsonotifywithkeys(zone, addrs,
a41d348e14b0465c6444cdfd2d59f9370fd44fe8Mark Andrews keynames,
a41d348e14b0465c6444cdfd2d59f9370fd44fe8Mark Andrews addrcount);
a41d348e14b0465c6444cdfd2d59f9370fd44fe8Mark Andrews if (addrcount != 0)
a41d348e14b0465c6444cdfd2d59f9370fd44fe8Mark Andrews ns_config_putipandkeylist(mctx, &addrs,
a41d348e14b0465c6444cdfd2d59f9370fd44fe8Mark Andrews &keynames, addrcount);
a41d348e14b0465c6444cdfd2d59f9370fd44fe8Mark Andrews else
a41d348e14b0465c6444cdfd2d59f9370fd44fe8Mark Andrews INSIST(addrs == NULL && keynames == NULL);
a41d348e14b0465c6444cdfd2d59f9370fd44fe8Mark Andrews RETERR(result);
a41d348e14b0465c6444cdfd2d59f9370fd44fe8Mark Andrews } else
a41d348e14b0465c6444cdfd2d59f9370fd44fe8Mark Andrews RETERR(dns_zone_setalsonotify(zone, NULL, 0));
a41d348e14b0465c6444cdfd2d59f9370fd44fe8Mark Andrews
a41d348e14b0465c6444cdfd2d59f9370fd44fe8Mark Andrews obj = NULL;
a41d348e14b0465c6444cdfd2d59f9370fd44fe8Mark Andrews result = ns_config_get(maps, "notify-source", &obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(result == ISC_R_SUCCESS && obj != NULL);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley RETERR(dns_zone_setnotifysrc4(zone, cfg_obj_assockaddr(obj)));
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley ns_add_reserved_dispatch(ns_g_server, cfg_obj_assockaddr(obj));
f257e9369c27578eb87077923dc010a6614e2a7aMark Andrews
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley obj = NULL;
f257e9369c27578eb87077923dc010a6614e2a7aMark Andrews result = ns_config_get(maps, "notify-source-v6", &obj);
f257e9369c27578eb87077923dc010a6614e2a7aMark Andrews INSIST(result == ISC_R_SUCCESS && obj != NULL);
a41d348e14b0465c6444cdfd2d59f9370fd44fe8Mark Andrews RETERR(dns_zone_setnotifysrc6(zone, cfg_obj_assockaddr(obj)));
a41d348e14b0465c6444cdfd2d59f9370fd44fe8Mark Andrews ns_add_reserved_dispatch(ns_g_server, cfg_obj_assockaddr(obj));
a41d348e14b0465c6444cdfd2d59f9370fd44fe8Mark Andrews
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley obj = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley result = ns_config_get(maps, "notify-to-soa", &obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(result == ISC_R_SUCCESS && obj != NULL);
38d2d0e9326a2f70b5893302b89a26978b539405Bob Halley dns_zone_setoption(zone, DNS_ZONEOPT_NOTIFYTOSOA,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley cfg_obj_asboolean(obj));
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setisself(zone, ns_client_isself, NULL);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley RETERR(configure_zone_acl(zconfig, vconfig, config,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley allow_transfer, ac, zone,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setxfracl,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_clearxfracl));
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley obj = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley result = ns_config_get(maps, "max-transfer-time-out", &obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(result == ISC_R_SUCCESS && obj != NULL);
3ddd814a97de1d152ba0913c592d6e6dc83d38a6Michael Graff dns_zone_setmaxxfrout(zone, cfg_obj_asuint32(obj) * 60);
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley
38d2d0e9326a2f70b5893302b89a26978b539405Bob Halley obj = NULL;
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley result = ns_config_get(maps, "max-transfer-idle-out", &obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(result == ISC_R_SUCCESS && obj != NULL);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setidleout(zone, cfg_obj_asuint32(obj) * 60);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley obj = NULL;
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley result = ns_config_get(maps, "max-journal-size", &obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(result == ISC_R_SUCCESS && obj != NULL);
8db3b065b4659f593f7b8eaa7c9ca0c3daa4da02Bob Halley if (raw != NULL)
38d2d0e9326a2f70b5893302b89a26978b539405Bob Halley dns_zone_setjournalsize(raw, -1);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setjournalsize(zone, -1);
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley if (cfg_obj_isstring(obj)) {
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley const char *str = cfg_obj_asstring(obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(strcasecmp(str, "unlimited") == 0);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley journal_size = ISC_UINT32_MAX / 2;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley } else {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley isc_resourcevalue_t value;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley value = cfg_obj_asuint64(obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (value > ISC_UINT32_MAX / 2) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley cfg_obj_log(obj, ns_g_lctx,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley ISC_LOG_ERROR,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley "'max-journal-size "
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley "%" ISC_PRINT_QUADFORMAT "d' "
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley "is too large",
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley value);
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley RETERR(ISC_R_RANGE);
ce3761f64d3d734cc94605026985898900ecc474Bob Halley }
ce3761f64d3d734cc94605026985898900ecc474Bob Halley journal_size = (isc_uint32_t)value;
ce3761f64d3d734cc94605026985898900ecc474Bob Halley }
ce3761f64d3d734cc94605026985898900ecc474Bob Halley if (raw != NULL)
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley dns_zone_setjournalsize(raw, journal_size);
08c8a934ceb2dfc6a5ebfd3be4ba5a1b3243bc73Bob Halley dns_zone_setjournalsize(zone, journal_size);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley obj = NULL;
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley result = ns_config_get(maps, "ixfr-from-differences", &obj);
86131d8d7aaf1bb8b8bfc7819985d05ea369b708Bob Halley INSIST(result == ISC_R_SUCCESS && obj != NULL);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (cfg_obj_isboolean(obj))
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley ixfrdiff = cfg_obj_asboolean(obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley else if (!strcasecmp(cfg_obj_asstring(obj), "master") &&
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley ztype == dns_zone_master)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley ixfrdiff = ISC_TRUE;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley else if (!strcasecmp(cfg_obj_asstring(obj), "slave") &&
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley ztype == dns_zone_slave)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley ixfrdiff = ISC_TRUE;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley else
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley ixfrdiff = ISC_FALSE;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (raw != NULL) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setoption(raw, DNS_ZONEOPT_IXFRFROMDIFFS,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley ISC_TRUE);
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley dns_zone_setoption(zone, DNS_ZONEOPT_IXFRFROMDIFFS,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley ISC_FALSE);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley } else
70fdfcd1fa7ebd059deffa9a2cecc29df96dfe52Bob Halley dns_zone_setoption(zone, DNS_ZONEOPT_IXFRFROMDIFFS,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley ixfrdiff);
70fdfcd1fa7ebd059deffa9a2cecc29df96dfe52Bob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley obj = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley result = ns_config_get(maps, "request-ixfr", &obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(result == ISC_R_SUCCESS);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setrequestixfr(zone, cfg_obj_asboolean(obj));
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley checknames(ztype, maps, &obj);
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley INSIST(obj != NULL);
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley fail = ISC_FALSE;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley check = ISC_TRUE;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley } else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
8db3b065b4659f593f7b8eaa7c9ca0c3daa4da02Bob Halley fail = check = ISC_TRUE;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley } else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
38d2d0e9326a2f70b5893302b89a26978b539405Bob Halley fail = check = ISC_FALSE;
38d2d0e9326a2f70b5893302b89a26978b539405Bob Halley } else
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley INSIST(0);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (raw != NULL) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setoption(raw, DNS_ZONEOPT_CHECKNAMES,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley check);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setoption(raw, DNS_ZONEOPT_CHECKNAMESFAIL,
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley fail);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setoption(zone, DNS_ZONEOPT_CHECKNAMES,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley ISC_FALSE);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setoption(zone, DNS_ZONEOPT_CHECKNAMESFAIL,
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley ISC_FALSE);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley } else {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setoption(zone, DNS_ZONEOPT_CHECKNAMES,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley check);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setoption(zone, DNS_ZONEOPT_CHECKNAMESFAIL,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley fail);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley }
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley obj = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley result = ns_config_get(maps, "notify-delay", &obj);
8db3b065b4659f593f7b8eaa7c9ca0c3daa4da02Bob Halley INSIST(result == ISC_R_SUCCESS && obj != NULL);
38d2d0e9326a2f70b5893302b89a26978b539405Bob Halley dns_zone_setnotifydelay(zone, cfg_obj_asuint32(obj));
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley obj = NULL;
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley result = ns_config_get(maps, "check-sibling", &obj);
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley INSIST(result == ISC_R_SUCCESS && obj != NULL);
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley dns_zone_setoption(zone, DNS_ZONEOPT_CHECKSIBLING,
cee7525336d4710a64368875d92eb439d4d3efb1Mark Andrews cfg_obj_asboolean(obj));
cee7525336d4710a64368875d92eb439d4d3efb1Mark Andrews
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley obj = NULL;
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley result = ns_config_get(maps, "zero-no-soa-ttl", &obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(result == ISC_R_SUCCESS && obj != NULL);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setzeronosoattl(zone, cfg_obj_asboolean(obj));
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
8db3b065b4659f593f7b8eaa7c9ca0c3daa4da02Bob Halley obj = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley result = ns_config_get(maps, "nsec3-test-zone", &obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(result == ISC_R_SUCCESS && obj != NULL);
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley dns_zone_setoption(zone, DNS_ZONEOPT_NSEC3TESTZONE,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley cfg_obj_asboolean(obj));
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley } else if (ztype == dns_zone_redirect) {
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley dns_zone_setnotifytype(zone, dns_notifytype_no);
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley obj = NULL;
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley result = ns_config_get(maps, "max-journal-size", &obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(result == ISC_R_SUCCESS && obj != NULL);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setjournalsize(zone, -1);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (cfg_obj_isstring(obj)) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley const char *str = cfg_obj_asstring(obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(strcasecmp(str, "unlimited") == 0);
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley journal_size = ISC_UINT32_MAX / 2;
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley } else {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley isc_resourcevalue_t value;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley value = cfg_obj_asuint64(obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (value > ISC_UINT32_MAX / 2) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley cfg_obj_log(obj, ns_g_lctx,
8db3b065b4659f593f7b8eaa7c9ca0c3daa4da02Bob Halley ISC_LOG_ERROR,
38d2d0e9326a2f70b5893302b89a26978b539405Bob Halley "'max-journal-size "
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley "%" ISC_PRINT_QUADFORMAT "d' "
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley "is too large",
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley value);
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley RETERR(ISC_R_RANGE);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley }
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley journal_size = (isc_uint32_t)value;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley }
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setjournalsize(zone, journal_size);
577179503f2eb7695ec668d8eeb41889a150e28fBob Halley }
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley /*
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley * Configure update-related options. These apply to
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley * primary masters only.
8db3b065b4659f593f7b8eaa7c9ca0c3daa4da02Bob Halley */
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (ztype == dns_zone_master) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_acl_t *updateacl;
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley RETERR(configure_zone_acl(zconfig, vconfig, config,
38d2d0e9326a2f70b5893302b89a26978b539405Bob Halley allow_update, ac, mayberaw,
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley dns_zone_setupdateacl,
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley dns_zone_clearupdateacl));
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley updateacl = dns_zone_getupdateacl(mayberaw);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (updateacl != NULL && dns_acl_isinsecure(updateacl))
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley isc_log_write(ns_g_lctx, DNS_LOGCATEGORY_SECURITY,
8db3b065b4659f593f7b8eaa7c9ca0c3daa4da02Bob Halley NS_LOGMODULE_SERVER, ISC_LOG_WARNING,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley "zone '%s' allows updates by IP "
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley "address, which is insecure",
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley zname);
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley RETERR(configure_zone_ssutable(zoptions, mayberaw, zname));
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley }
af3459443207253f197cd684567bfea0311ab76dMark Andrews
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (ztype == dns_zone_master || raw != NULL) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley isc_boolean_t allow = ISC_FALSE, maint = ISC_FALSE;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
577179503f2eb7695ec668d8eeb41889a150e28fBob Halley obj = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley result = ns_config_get(maps, "sig-validity-interval", &obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(result == ISC_R_SUCCESS && obj != NULL);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley const cfg_obj_t *validity, *resign;
8db3b065b4659f593f7b8eaa7c9ca0c3daa4da02Bob Halley
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley validity = cfg_tuple_get(obj, "validity");
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley seconds = cfg_obj_asuint32(validity) * 86400;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setsigvalidityinterval(zone, seconds);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley resign = cfg_tuple_get(obj, "re-sign");
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley if (cfg_obj_isvoid(resign)) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley seconds /= 4;
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley } else {
af3459443207253f197cd684567bfea0311ab76dMark Andrews if (seconds > 7 * 86400)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley seconds = cfg_obj_asuint32(resign) *
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley 86400;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley else
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley seconds = cfg_obj_asuint32(resign) *
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley 3600;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley }
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setsigresigninginterval(zone, seconds);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley }
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley obj = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley result = ns_config_get(maps, "key-directory", &obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (result == ISC_R_SUCCESS) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley filename = cfg_obj_asstring(obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley RETERR(dns_zone_setkeydirectory(zone, filename));
8db3b065b4659f593f7b8eaa7c9ca0c3daa4da02Bob Halley }
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley obj = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley result = ns_config_get(maps, "sig-signing-signatures", &obj);
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley INSIST(result == ISC_R_SUCCESS && obj != NULL);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setsignatures(zone, cfg_obj_asuint32(obj));
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley obj = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley result = ns_config_get(maps, "sig-signing-nodes", &obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(result == ISC_R_SUCCESS && obj != NULL);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setnodes(zone, cfg_obj_asuint32(obj));
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley obj = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley result = ns_config_get(maps, "sig-signing-type", &obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(result == ISC_R_SUCCESS && obj != NULL);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setprivatetype(zone, cfg_obj_asuint32(obj));
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley obj = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley result = ns_config_get(maps, "update-check-ksk", &obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(result == ISC_R_SUCCESS && obj != NULL);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setoption(zone, DNS_ZONEOPT_UPDATECHECKKSK,
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley cfg_obj_asboolean(obj));
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley
af3459443207253f197cd684567bfea0311ab76dMark Andrews obj = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley result = ns_config_get(maps, "dnssec-dnskey-kskonly", &obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(result == ISC_R_SUCCESS && obj != NULL);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setoption(zone, DNS_ZONEOPT_DNSKEYKSKONLY,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley cfg_obj_asboolean(obj));
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley obj = NULL;
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley result = ns_config_get(maps, "dnssec-loadkeys-interval", &obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(result == ISC_R_SUCCESS && obj != NULL);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley RETERR(dns_zone_setrefreshkeyinterval(zone,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley cfg_obj_asuint32(obj)));
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley obj = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley result = cfg_map_get(zoptions, "auto-dnssec", &obj);
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley if (result == ISC_R_SUCCESS) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley const char *arg = cfg_obj_asstring(obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (strcasecmp(arg, "allow") == 0)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley allow = ISC_TRUE;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley else if (strcasecmp(arg, "maintain") == 0)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley allow = maint = ISC_TRUE;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley else if (strcasecmp(arg, "off") == 0)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley ;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley else
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(0);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setkeyopt(zone, DNS_ZONEKEY_ALLOW, allow);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setkeyopt(zone, DNS_ZONEKEY_MAINTAIN, maint);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley }
8db3b065b4659f593f7b8eaa7c9ca0c3daa4da02Bob Halley }
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (ztype == dns_zone_slave) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley RETERR(configure_zone_acl(zconfig, vconfig, config,
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley allow_update_forwarding, ac,
c7dd70fe1b0d3815ce267a575450662b8ee289b6Bob Halley mayberaw, dns_zone_setforwardacl,
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley dns_zone_clearforwardacl));
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley }
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley /*%
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley * Primary master functionality.
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley */
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (ztype == dns_zone_master) {
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence obj = NULL;
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence result = ns_config_get(maps, "check-wildcard", &obj);
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence if (result == ISC_R_SUCCESS)
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence check = cfg_obj_asboolean(obj);
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence else
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence check = ISC_FALSE;
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence dns_zone_setoption(mayberaw, DNS_ZONEOPT_CHECKWILDCARD, check);
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence obj = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley result = ns_config_get(maps, "check-dup-records", &obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(result == ISC_R_SUCCESS && obj != NULL);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley fail = ISC_FALSE;
8db3b065b4659f593f7b8eaa7c9ca0c3daa4da02Bob Halley check = ISC_TRUE;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley } else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley fail = check = ISC_TRUE;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley } else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley fail = check = ISC_FALSE;
8db3b065b4659f593f7b8eaa7c9ca0c3daa4da02Bob Halley } else
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(0);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setoption(mayberaw, DNS_ZONEOPT_CHECKDUPRR, check);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setoption(mayberaw, DNS_ZONEOPT_CHECKDUPRRFAIL, fail);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley obj = NULL;
8db3b065b4659f593f7b8eaa7c9ca0c3daa4da02Bob Halley result = ns_config_get(maps, "check-mx", &obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(result == ISC_R_SUCCESS && obj != NULL);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley fail = ISC_FALSE;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley check = ISC_TRUE;
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley } else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
af3459443207253f197cd684567bfea0311ab76dMark Andrews fail = check = ISC_TRUE;
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley } else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley fail = check = ISC_FALSE;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley } else
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(0);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setoption(mayberaw, DNS_ZONEOPT_CHECKMX, check);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setoption(mayberaw, DNS_ZONEOPT_CHECKMXFAIL, fail);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley obj = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley result = ns_config_get(maps, "check-integrity", &obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(result == ISC_R_SUCCESS && obj != NULL);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setoption(mayberaw, DNS_ZONEOPT_CHECKINTEGRITY,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley cfg_obj_asboolean(obj));
8db3b065b4659f593f7b8eaa7c9ca0c3daa4da02Bob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley obj = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley result = ns_config_get(maps, "check-mx-cname", &obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(result == ISC_R_SUCCESS && obj != NULL);
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley warn = ISC_TRUE;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley ignore = ISC_FALSE;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley } else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley warn = ignore = ISC_FALSE;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley } else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley warn = ignore = ISC_TRUE;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley } else
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(0);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setoption(mayberaw, DNS_ZONEOPT_WARNMXCNAME, warn);
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley dns_zone_setoption(mayberaw, DNS_ZONEOPT_IGNOREMXCNAME, ignore);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley obj = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley result = ns_config_get(maps, "check-srv-cname", &obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(result == ISC_R_SUCCESS && obj != NULL);
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley warn = ISC_TRUE;
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley ignore = ISC_FALSE;
af3459443207253f197cd684567bfea0311ab76dMark Andrews } else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley warn = ignore = ISC_FALSE;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley } else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley warn = ignore = ISC_TRUE;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley } else
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(0);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setoption(mayberaw, DNS_ZONEOPT_WARNSRVCNAME, warn);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setoption(mayberaw, DNS_ZONEOPT_IGNORESRVCNAME,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley ignore);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley obj = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley result = ns_config_get(maps, "dnssec-secure-to-insecure", &obj);
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley INSIST(result == ISC_R_SUCCESS && obj != NULL);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setoption(mayberaw, DNS_ZONEOPT_SECURETOINSECURE,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley cfg_obj_asboolean(obj));
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley obj = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley result = cfg_map_get(zoptions, "dnssec-update-mode", &obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (result == ISC_R_SUCCESS) {
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley const char *arg = cfg_obj_asstring(obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (strcasecmp(arg, "no-resign") == 0)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setkeyopt(zone, DNS_ZONEKEY_NORESIGN,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley ISC_TRUE);
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence else if (strcasecmp(arg, "maintain") == 0)
c3e95f11e02c51fc786b9124c817ab72dda3084cBob Halley ;
c3e95f11e02c51fc786b9124c817ab72dda3084cBob Halley else
c3e95f11e02c51fc786b9124c817ab72dda3084cBob Halley INSIST(0);
c3e95f11e02c51fc786b9124c817ab72dda3084cBob Halley }
c3e95f11e02c51fc786b9124c817ab72dda3084cBob Halley
c3e95f11e02c51fc786b9124c817ab72dda3084cBob Halley obj = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley result = ns_config_get(maps, "serial-update-method", &obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(result == ISC_R_SUCCESS && obj != NULL);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (strcasecmp(cfg_obj_asstring(obj), "unixtime") == 0)
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley dns_zone_setserialupdatemethod(zone,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_updatemethod_unixtime);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley else
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley dns_zone_setserialupdatemethod(zone,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_updatemethod_increment);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley }
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley /*
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley * Configure slave functionality.
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley */
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley switch (ztype) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley case dns_zone_slave:
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley case dns_zone_stub:
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley case dns_zone_redirect:
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley count = 0;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley obj = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley (void)cfg_map_get(zoptions, "masters", &obj);
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence if (obj != NULL) {
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence addrs = NULL;
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence keynames = NULL;
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence RETERR(ns_config_getipandkeylist(config, obj, mctx,
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence &addrs, &keynames,
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence &count));
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence result = dns_zone_setmasterswithkeys(mayberaw, addrs,
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence keynames, count);
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence if (count != 0)
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence ns_config_putipandkeylist(mctx, &addrs,
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence &keynames, count);
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence else
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence INSIST(addrs == NULL && keynames == NULL);
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence } else
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence result = dns_zone_setmasters(mayberaw, NULL, 0);
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence RETERR(result);
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence multi = ISC_FALSE;
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence if (count > 1) {
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence obj = NULL;
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence result = ns_config_get(maps, "multi-master", &obj);
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence INSIST(result == ISC_R_SUCCESS && obj != NULL);
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence multi = cfg_obj_asboolean(obj);
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence }
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence dns_zone_setoption(mayberaw, DNS_ZONEOPT_MULTIMASTER, multi);
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence obj = NULL;
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence result = ns_config_get(maps, "max-transfer-time-in", &obj);
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence INSIST(result == ISC_R_SUCCESS && obj != NULL);
402b05ddea16c6179fd251e4e740606dd973d593Bob Halley dns_zone_setmaxxfrin(mayberaw, cfg_obj_asuint32(obj) * 60);
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence obj = NULL;
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence result = ns_config_get(maps, "max-transfer-idle-in", &obj);
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence INSIST(result == ISC_R_SUCCESS && obj != NULL);
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence dns_zone_setidlein(mayberaw, cfg_obj_asuint32(obj) * 60);
402b05ddea16c6179fd251e4e740606dd973d593Bob Halley
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley obj = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley result = ns_config_get(maps, "max-refresh-time", &obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(result == ISC_R_SUCCESS && obj != NULL);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setmaxrefreshtime(mayberaw, cfg_obj_asuint32(obj));
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley obj = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley result = ns_config_get(maps, "min-refresh-time", &obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(result == ISC_R_SUCCESS && obj != NULL);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setminrefreshtime(mayberaw, cfg_obj_asuint32(obj));
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley obj = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley result = ns_config_get(maps, "max-retry-time", &obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(result == ISC_R_SUCCESS && obj != NULL);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setmaxretrytime(mayberaw, cfg_obj_asuint32(obj));
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley obj = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley result = ns_config_get(maps, "min-retry-time", &obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(result == ISC_R_SUCCESS && obj != NULL);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setminretrytime(mayberaw, cfg_obj_asuint32(obj));
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley obj = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley result = ns_config_get(maps, "transfer-source", &obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley INSIST(result == ISC_R_SUCCESS && obj != NULL);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley RETERR(dns_zone_setxfrsource4(mayberaw,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley cfg_obj_assockaddr(obj)));
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley ns_add_reserved_dispatch(ns_g_server, cfg_obj_assockaddr(obj));
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence obj = NULL;
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence result = ns_config_get(maps, "transfer-source-v6", &obj);
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence INSIST(result == ISC_R_SUCCESS && obj != NULL);
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence RETERR(dns_zone_setxfrsource6(mayberaw,
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence cfg_obj_assockaddr(obj)));
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence ns_add_reserved_dispatch(ns_g_server, cfg_obj_assockaddr(obj));
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence obj = NULL;
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence result = ns_config_get(maps, "alt-transfer-source", &obj);
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence INSIST(result == ISC_R_SUCCESS && obj != NULL);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley RETERR(dns_zone_setaltxfrsource4(mayberaw,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley cfg_obj_assockaddr(obj)));
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence obj = NULL;
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence result = ns_config_get(maps, "alt-transfer-source-v6", &obj);
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence INSIST(result == ISC_R_SUCCESS && obj != NULL);
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence RETERR(dns_zone_setaltxfrsource6(mayberaw,
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence cfg_obj_assockaddr(obj)));
213a9ec2addc5bcf3b168fe507312e7b25960e0bDavid Lawrence
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley obj = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley (void)ns_config_get(maps, "use-alt-transfer-source", &obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (obj == NULL) {
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley /*
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley * Default off when views are in use otherwise
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley * on for BIND 8 compatibility.
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley */
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley view = dns_zone_getview(zone);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley if (view != NULL && strcmp(view->name, "_default") == 0)
8db3b065b4659f593f7b8eaa7c9ca0c3daa4da02Bob Halley alt = ISC_TRUE;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley else
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley alt = ISC_FALSE;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley } else
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley alt = cfg_obj_asboolean(obj);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_setoption(mayberaw, DNS_ZONEOPT_USEALTXFRSRC, alt);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley obj = NULL;
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley (void)ns_config_get(maps, "try-tcp-refresh", &obj);
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley dns_zone_setoption(mayberaw, DNS_ZONEOPT_TRYTCPREFRESH,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley cfg_obj_asboolean(obj));
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley break;
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley case dns_zone_staticstub:
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley RETERR(configure_staticstub(zoptions, zone, zname,
af3459443207253f197cd684567bfea0311ab76dMark Andrews default_dbtype));
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley break;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley default:
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley break;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley }
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley return (ISC_R_SUCCESS);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley}
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley/*
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley * Set up a DLZ zone as writeable
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley */
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halleyisc_result_t
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halleyns_zone_configure_writeable_dlz(dns_dlzdb_t *dlzdatabase, dns_zone_t *zone,
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_rdataclass_t rdclass, dns_name_t *name)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley{
8db3b065b4659f593f7b8eaa7c9ca0c3daa4da02Bob Halley dns_db_t *db = NULL;
38d2d0e9326a2f70b5893302b89a26978b539405Bob Halley isc_time_t now;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley isc_result_t result;
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley TIME_NOW(&now);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley dns_zone_settype(zone, dns_zone_dlz);
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley result = dns_sdlz_setdb(dlzdatabase, rdclass, name, &db);
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley if (result != ISC_R_SUCCESS)
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley return (result);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley result = dns_zone_dlzpostload(zone, db);
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley dns_db_detach(&db);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley return (result);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley}
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halleyisc_boolean_t
cee7525336d4710a64368875d92eb439d4d3efb1Mark Andrewsns_zone_reusable(dns_zone_t *zone, const cfg_obj_t *zconfig) {
cee7525336d4710a64368875d92eb439d4d3efb1Mark Andrews const cfg_obj_t *zoptions = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley const cfg_obj_t *obj = NULL;
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley const char *cfilename;
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley const char *zfilename;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley dns_zone_t *raw = NULL;
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley isc_boolean_t has_raw;
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley zoptions = cfg_tuple_get(zconfig, "options");
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
95c86af1e92dae4ff837a39e7e2dcb7308dd9cceBob Halley if (zonetype_fromconfig(zoptions) != dns_zone_gettype(zone))
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley return (ISC_FALSE);
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley /*
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley * We always reconfigure a static-stub zone for simplicity, assuming
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley * the amount of data to be loaded is small.
c50fd34a4e0e6978f8ca5f6f3ad8545549c3cfeeBob Halley */
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley if (zonetype_fromconfig(zoptions) == dns_zone_staticstub)
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley return (ISC_FALSE);
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley obj = NULL;
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley (void)cfg_map_get(zoptions, "file", &obj);
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley if (obj != NULL)
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley cfilename = cfg_obj_asstring(obj);
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley else
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley cfilename = NULL;
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley zfilename = dns_zone_getfile(zone);
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley if (!((cfilename == NULL && zfilename == NULL) ||
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley (cfilename != NULL && zfilename != NULL &&
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley strcmp(cfilename, zfilename) == 0)))
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley return (ISC_FALSE);
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley dns_zone_getraw(zone, &raw);
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley if (raw != NULL) {
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley dns_zone_detach(&raw);
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley has_raw = ISC_TRUE;
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley } else
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley has_raw = ISC_FALSE;
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley obj = NULL;
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley (void)cfg_map_get(zoptions, "inline-signing", &obj);
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley if ((obj == NULL || !cfg_obj_asboolean(obj)) && has_raw)
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley return (ISC_FALSE);
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley if ((obj != NULL && cfg_obj_asboolean(obj)) && !has_raw)
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley return (ISC_FALSE);
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley return (ISC_TRUE);
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley}
c5839c39bd07c9dd3d4cd598035deb0537098475Bob Halley