"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "options.c" between
nsd-4.3.6.tar.gz and nsd-4.3.7.tar.gz

About: NSD is an authoritative only, high performance, simple name server daemon.

options.c  (nsd-4.3.6):options.c  (nsd-4.3.7)
skipping to change at line 55 skipping to change at line 55
struct nsd_options* opt; struct nsd_options* opt;
opt = (struct nsd_options*)region_alloc(region, sizeof( opt = (struct nsd_options*)region_alloc(region, sizeof(
struct nsd_options)); struct nsd_options));
opt->region = region; opt->region = region;
opt->zone_options = rbtree_create(region, opt->zone_options = rbtree_create(region,
(int (*)(const void *, const void *)) dname_compare); (int (*)(const void *, const void *)) dname_compare);
opt->configfile = NULL; opt->configfile = NULL;
opt->zonestatnames = rbtree_create(opt->region, rbtree_strcmp); opt->zonestatnames = rbtree_create(opt->region, rbtree_strcmp);
opt->patterns = rbtree_create(region, rbtree_strcmp); opt->patterns = rbtree_create(region, rbtree_strcmp);
opt->keys = rbtree_create(region, rbtree_strcmp); opt->keys = rbtree_create(region, rbtree_strcmp);
opt->tls_auths = rbtree_create(region, rbtree_strcmp);
opt->ip_addresses = NULL; opt->ip_addresses = NULL;
opt->ip_transparent = 0; opt->ip_transparent = 0;
opt->ip_freebind = 0; opt->ip_freebind = 0;
opt->send_buffer_size = 0; opt->send_buffer_size = 0;
opt->receive_buffer_size = 0; opt->receive_buffer_size = 0;
opt->debug_mode = 0; opt->debug_mode = 0;
opt->verbosity = 0; opt->verbosity = 0;
opt->hide_version = 0; opt->hide_version = 0;
opt->hide_identity = 0; opt->hide_identity = 0;
opt->drop_updates = 0; opt->drop_updates = 0;
skipping to change at line 132 skipping to change at line 133
#endif #endif
opt->zonefiles_check = 1; opt->zonefiles_check = 1;
if(opt->database == NULL || opt->database[0] == 0) if(opt->database == NULL || opt->database[0] == 0)
opt->zonefiles_write = ZONEFILES_WRITE_INTERVAL; opt->zonefiles_write = ZONEFILES_WRITE_INTERVAL;
else opt->zonefiles_write = 0; else opt->zonefiles_write = 0;
opt->xfrd_reload_timeout = 1; opt->xfrd_reload_timeout = 1;
opt->tls_service_key = NULL; opt->tls_service_key = NULL;
opt->tls_service_ocsp = NULL; opt->tls_service_ocsp = NULL;
opt->tls_service_pem = NULL; opt->tls_service_pem = NULL;
opt->tls_port = TLS_PORT; opt->tls_port = TLS_PORT;
opt->tls_cert_bundle = NULL;
opt->answer_cookie = 1;
opt->cookie_secret = NULL;
opt->cookie_secret_file = CONFIGDIR"/nsd_cookiesecrets.txt";
opt->control_enable = 0; opt->control_enable = 0;
opt->control_interface = NULL; opt->control_interface = NULL;
opt->control_port = NSD_CONTROL_PORT; opt->control_port = NSD_CONTROL_PORT;
opt->server_key_file = CONFIGDIR"/nsd_server.key"; opt->server_key_file = CONFIGDIR"/nsd_server.key";
opt->server_cert_file = CONFIGDIR"/nsd_server.pem"; opt->server_cert_file = CONFIGDIR"/nsd_server.pem";
opt->control_key_file = CONFIGDIR"/nsd_control.key"; opt->control_key_file = CONFIGDIR"/nsd_control.key";
opt->control_cert_file = CONFIGDIR"/nsd_control.pem"; opt->control_cert_file = CONFIGDIR"/nsd_control.pem";
return opt; return opt;
} }
skipping to change at line 203 skipping to change at line 208
} }
cfg_parser->err = err; cfg_parser->err = err;
cfg_parser->err_arg = err_arg; cfg_parser->err_arg = err_arg;
cfg_parser->filename = (char*)file; cfg_parser->filename = (char*)file;
cfg_parser->line = 1; cfg_parser->line = 1;
cfg_parser->errors = 0; cfg_parser->errors = 0;
cfg_parser->opt = opt; cfg_parser->opt = opt;
cfg_parser->pattern = NULL; cfg_parser->pattern = NULL;
cfg_parser->zone = NULL; cfg_parser->zone = NULL;
cfg_parser->key = NULL; cfg_parser->key = NULL;
cfg_parser->tls_auth = NULL;
in = fopen(cfg_parser->filename, "r"); in = fopen(cfg_parser->filename, "r");
if(!in) { if(!in) {
if(err) { if(err) {
char m[MAXSYSLOGMSGLEN]; char m[MAXSYSLOGMSGLEN];
snprintf(m, sizeof(m), "Could not open %s: %s\n", snprintf(m, sizeof(m), "Could not open %s: %s\n",
file, strerror(errno)); file, strerror(errno));
err(err_arg, m); err(err_arg, m);
} else { } else {
fprintf(stderr, "Could not open %s: %s\n", fprintf(stderr, "Could not open %s: %s\n",
skipping to change at line 247 skipping to change at line 253
{ {
if(acl->nokey || acl->blocked) if(acl->nokey || acl->blocked)
continue; continue;
acl->key_options = key_options_find(opt, acl->key_name); acl->key_options = key_options_find(opt, acl->key_name);
if(!acl->key_options) if(!acl->key_options)
c_error("key %s in pattern %s could not be found" , c_error("key %s in pattern %s could not be found" ,
acl->key_name, pat->pname); acl->key_name, pat->pname);
} }
for(acl=pat->request_xfr; acl; acl=acl->next) for(acl=pat->request_xfr; acl; acl=acl->next)
{ {
/* Find tls_auth */
if (!acl->tls_auth_name)
; /* pass */
else if (!(acl->tls_auth_options =
tls_auth_options_find(opt, acl->tls_auth_
name)))
c_error("tls_auth %s in pattern %s could not be f
ound",
acl->tls_auth_name, pat->pname);
/* Find key */
if(acl->nokey || acl->blocked) if(acl->nokey || acl->blocked)
continue; continue;
acl->key_options = key_options_find(opt, acl->key_name); acl->key_options = key_options_find(opt, acl->key_name);
if(!acl->key_options) if(!acl->key_options)
c_error("key %s in pattern %s could not be found" , c_error("key %s in pattern %s could not be found" ,
acl->key_name, pat->pname); acl->key_name, pat->pname);
} }
for(acl=pat->provide_xfr; acl; acl=acl->next) for(acl=pat->provide_xfr; acl; acl=acl->next)
{ {
if(acl->nokey || acl->blocked) if(acl->nokey || acl->blocked)
skipping to change at line 808 skipping to change at line 822
if(!booleq(p->allow_udp, q->allow_udp)) return 0; if(!booleq(p->allow_udp, q->allow_udp)) return 0;
if(strcmp(p->ip_address_spec, q->ip_address_spec)!=0) return 0; if(strcmp(p->ip_address_spec, q->ip_address_spec)!=0) return 0;
/* the ip6, port, addr, mask, type: are derived from the ip_address_spec */ /* the ip6, port, addr, mask, type: are derived from the ip_address_spec */
if(!booleq(p->nokey, q->nokey)) return 0; if(!booleq(p->nokey, q->nokey)) return 0;
if(!booleq(p->blocked, q->blocked)) return 0; if(!booleq(p->blocked, q->blocked)) return 0;
if(p->key_name && q->key_name) { if(p->key_name && q->key_name) {
if(strcmp(p->key_name, q->key_name)!=0) return 0; if(strcmp(p->key_name, q->key_name)!=0) return 0;
} else if(p->key_name && !q->key_name) return 0; } else if(p->key_name && !q->key_name) return 0;
else if(!p->key_name && q->key_name) return 0; else if(!p->key_name && q->key_name) return 0;
/* key_options is derived from key_name */ /* key_options is derived from key_name */
if(p->tls_auth_name && q->tls_auth_name) {
if(strcmp(p->tls_auth_name, q->tls_auth_name)!=0) return 0;
} else if(p->tls_auth_name && !q->tls_auth_name) return 0;
else if(!p->tls_auth_name && q->tls_auth_name) return 0;
/* tls_auth_options is derived from tls_auth_name */
return 1; return 1;
} }
int int
acl_list_equal(struct acl_options* p, struct acl_options* q) acl_list_equal(struct acl_options* p, struct acl_options* q)
{ {
/* must be same and in same order */ /* must be same and in same order */
while(p && q) { while(p && q) {
if(!acl_equal(p, q)) if(!acl_equal(p, q))
return 0; return 0;
skipping to change at line 875 skipping to change at line 894
static void static void
acl_delete(region_type* region, struct acl_options* acl) acl_delete(region_type* region, struct acl_options* acl)
{ {
if(acl->ip_address_spec) if(acl->ip_address_spec)
region_recycle(region, (void*)acl->ip_address_spec, region_recycle(region, (void*)acl->ip_address_spec,
strlen(acl->ip_address_spec)+1); strlen(acl->ip_address_spec)+1);
if(acl->key_name) if(acl->key_name)
region_recycle(region, (void*)acl->key_name, region_recycle(region, (void*)acl->key_name,
strlen(acl->key_name)+1); strlen(acl->key_name)+1);
if(acl->tls_auth_name)
region_recycle(region, (void*)acl->tls_auth_name,
strlen(acl->tls_auth_name)+1);
/* key_options is a convenience pointer, not owned by the acl */ /* key_options is a convenience pointer, not owned by the acl */
region_recycle(region, acl, sizeof(*acl)); region_recycle(region, acl, sizeof(*acl));
} }
static void static void
acl_list_delete(region_type* region, struct acl_options* list) acl_list_delete(region_type* region, struct acl_options* list)
{ {
struct acl_options* n; struct acl_options* n;
while(list) { while(list) {
n = list->next; n = list->next;
skipping to change at line 930 skipping to change at line 952
struct acl_options* b; struct acl_options* b;
if(!a) return NULL; if(!a) return NULL;
b = (struct acl_options*)region_alloc(region, sizeof(*b)); b = (struct acl_options*)region_alloc(region, sizeof(*b));
/* copy the whole lot */ /* copy the whole lot */
*b = *a; *b = *a;
/* fix the pointers */ /* fix the pointers */
if(a->ip_address_spec) if(a->ip_address_spec)
b->ip_address_spec = region_strdup(region, a->ip_address_spec); b->ip_address_spec = region_strdup(region, a->ip_address_spec);
if(a->key_name) if(a->key_name)
b->key_name = region_strdup(region, a->key_name); b->key_name = region_strdup(region, a->key_name);
if(a->tls_auth_name)
b->tls_auth_name = region_strdup(region, a->tls_auth_name);
b->next = NULL; b->next = NULL;
b->key_options = NULL; b->key_options = NULL;
b->tls_auth_options = NULL;
return b; return b;
} }
static struct acl_options* static struct acl_options*
copy_acl_list(struct nsd_options* opt, struct acl_options* a) copy_acl_list(struct nsd_options* opt, struct acl_options* a)
{ {
struct acl_options* b, *blast = NULL, *blist = NULL; struct acl_options* b, *blast = NULL, *blist = NULL;
while(a) { while(a) {
b = copy_acl(opt->region, a); b = copy_acl(opt->region, a);
/* fixup key_options */ /* fixup key_options */
if(b->key_name) if(b->key_name)
b->key_options = key_options_find(opt, b->key_name); b->key_options = key_options_find(opt, b->key_name);
else b->key_options = NULL; else b->key_options = NULL;
/* fixup tls_auth_options */
if(b->tls_auth_name)
b->tls_auth_options = tls_auth_options_find(opt, b->tls_a
uth_name);
else b->tls_auth_options = NULL;
/* link as last into list */ /* link as last into list */
b->next = NULL; b->next = NULL;
if(!blist) blist = b; if(!blist) blist = b;
else blast->next = b; else blast->next = b;
blast = b; blast = b;
a = a->next; a = a->next;
} }
return blist; return blist;
skipping to change at line 1180 skipping to change at line 1209
} else return NULL; } else return NULL;
} }
static void static void
marshal_acl(struct buffer* b, struct acl_options* acl) marshal_acl(struct buffer* b, struct acl_options* acl)
{ {
buffer_reserve(b, sizeof(*acl)); buffer_reserve(b, sizeof(*acl));
buffer_write(b, acl, sizeof(*acl)); buffer_write(b, acl, sizeof(*acl));
marshal_str(b, acl->ip_address_spec); marshal_str(b, acl->ip_address_spec);
marshal_str(b, acl->key_name); marshal_str(b, acl->key_name);
marshal_str(b, acl->tls_auth_name);
} }
static struct acl_options* static struct acl_options*
unmarshal_acl(region_type* r, struct buffer* b) unmarshal_acl(region_type* r, struct buffer* b)
{ {
struct acl_options* acl = (struct acl_options*)region_alloc(r, struct acl_options* acl = (struct acl_options*)region_alloc(r,
sizeof(*acl)); sizeof(*acl));
buffer_read(b, acl, sizeof(*acl)); buffer_read(b, acl, sizeof(*acl));
acl->next = NULL; acl->next = NULL;
acl->key_options = NULL; acl->key_options = NULL;
acl->tls_auth_options = NULL;
acl->ip_address_spec = unmarshal_str(r, b); acl->ip_address_spec = unmarshal_str(r, b);
acl->key_name = unmarshal_str(r, b); acl->key_name = unmarshal_str(r, b);
acl->tls_auth_name = unmarshal_str(r, b);
return acl; return acl;
} }
static void static void
marshal_acl_list(struct buffer* b, struct acl_options* list) marshal_acl_list(struct buffer* b, struct acl_options* list)
{ {
while(list) { while(list) {
marshal_u8(b, 1); /* is there a next one marker */ marshal_u8(b, 1); /* is there a next one marker */
marshal_acl(b, list); marshal_acl(b, list);
list = list->next; list = list->next;
skipping to change at line 1300 skipping to change at line 1332
struct key_options* struct key_options*
key_options_create(region_type* region) key_options_create(region_type* region)
{ {
struct key_options* key; struct key_options* key;
key = (struct key_options*)region_alloc_zero(region, key = (struct key_options*)region_alloc_zero(region,
sizeof(struct key_options)); sizeof(struct key_options));
return key; return key;
} }
struct tls_auth_options*
tls_auth_options_create(region_type* region)
{
struct tls_auth_options* tls_auth_options;
tls_auth_options = (struct tls_auth_options*)region_alloc_zero(region, si
zeof(struct tls_auth_options));
return tls_auth_options;
}
void void
key_options_insert(struct nsd_options* opt, struct key_options* key) key_options_insert(struct nsd_options* opt, struct key_options* key)
{ {
if(!key->name) return; if(!key->name) return;
key->node.key = key->name; key->node.key = key->name;
(void)rbtree_insert(opt->keys, &key->node); (void)rbtree_insert(opt->keys, &key->node);
} }
struct key_options* struct key_options*
key_options_find(struct nsd_options* opt, const char* name) key_options_find(struct nsd_options* opt, const char* name)
{ {
return (struct key_options*)rbtree_search(opt->keys, name); return (struct key_options*)rbtree_search(opt->keys, name);
} }
void
tls_auth_options_insert(struct nsd_options* opt, struct tls_auth_options* auth)
{
if(!auth->name) return;
auth->node.key = auth->name;
(void)rbtree_insert(opt->tls_auths, &auth->node);
}
struct tls_auth_options*
tls_auth_options_find(struct nsd_options* opt, const char* name)
{
return (struct tls_auth_options*)rbtree_search(opt->tls_auths, name);
}
/** remove tsig_key contents */ /** remove tsig_key contents */
void void
key_options_desetup(region_type* region, struct key_options* key) key_options_desetup(region_type* region, struct key_options* key)
{ {
/* keep tsig_key pointer so that existing references keep valid */ /* keep tsig_key pointer so that existing references keep valid */
if(!key->tsig_key) if(!key->tsig_key)
return; return;
/* name stays the same */ /* name stays the same */
if(key->tsig_key->data) { if(key->tsig_key->data) {
/* wipe secret! */ /* wipe secret! */
skipping to change at line 1927 skipping to change at line 1981
struct acl_options* acl = (struct acl_options*)region_alloc(region, struct acl_options* acl = (struct acl_options*)region_alloc(region,
sizeof(struct acl_options)); sizeof(struct acl_options));
acl->next = 0; acl->next = 0;
/* ip */ /* ip */
acl->ip_address_spec = region_strdup(region, ip); acl->ip_address_spec = region_strdup(region, ip);
acl->use_axfr_only = 0; acl->use_axfr_only = 0;
acl->allow_udp = 0; acl->allow_udp = 0;
acl->ixfr_disabled = 0; acl->ixfr_disabled = 0;
acl->bad_xfr_count = 0; acl->bad_xfr_count = 0;
acl->key_options = 0; acl->key_options = 0;
acl->tls_auth_options = 0;
acl->tls_auth_name = 0;
acl->is_ipv6 = 0; acl->is_ipv6 = 0;
acl->port = 0; acl->port = 0;
memset(&acl->addr, 0, sizeof(union acl_addr_storage)); memset(&acl->addr, 0, sizeof(union acl_addr_storage));
memset(&acl->range_mask, 0, sizeof(union acl_addr_storage)); memset(&acl->range_mask, 0, sizeof(union acl_addr_storage));
if((p=strrchr(ip, '@'))!=0) { if((p=strrchr(ip, '@'))!=0) {
if(atoi(p+1) == 0) c_error("expected port number after '@'"); if(atoi(p+1) == 0) c_error("expected port number after '@'");
else acl->port = atoi(p+1); else acl->port = atoi(p+1);
*p=0; *p=0;
} }
acl->rangetype = parse_acl_range_type(ip, &p); acl->rangetype = parse_acl_range_type(ip, &p);
 End of changes. 15 change blocks. 
0 lines changed or deleted 60 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)