mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-23 02:28:55 +00:00
Code Issues Releases Wiki Activity

Support 64 RPZ zones by default from 9.13 onwards

Browse Source
This commit is contained in:
Mukund Sivaraman 2018-03-01 22:02:59 +05:30 committed by Ondřej Surý
parent 30b0b686ad
commit 0e8907be4d
4 changed files with 6 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
OPTIONS
View File

@ -19,9 +19,6 @@ Setting Description
named-checkzone named-checkzone
-DNS_RUN_PID_DIR=0 Create default PID files in ${localstatedir}/run -DNS_RUN_PID_DIR=0 Create default PID files in ${localstatedir}/run
rather than ${localstatedir}/run/named/ rather than ${localstatedir}/run/named/
Increase the maximum number of configurable
-DNS_RPZ_MAX_ZONES=64 response policy zones from 32 to 64; this is the
highest possible setting
Disable the use of inline functions to implement Disable the use of inline functions to implement
-DISC_BUFFER_USEINLINE=0 the isc_buffer API: this reduces performance but -DISC_BUFFER_USEINLINE=0 the isc_buffer API: this reduces performance but
may be useful when debugging may be useful when debugging

1
OPTIONS.md
View File

@ -23,6 +23,5 @@ Some of these settings are:
|`-DCHECK_SIBLING=0`|Don't check sibling glue in `named-checkzone`| |`-DCHECK_SIBLING=0`|Don't check sibling glue in `named-checkzone`|
|`-DCHECK_LOCAL=0`|Don't check out-of-zone addresses in `named-checkzone`| |`-DCHECK_LOCAL=0`|Don't check out-of-zone addresses in `named-checkzone`|
|`-DNS_RUN_PID_DIR=0`|Create default PID files in `${localstatedir}/run` rather than `${localstatedir}/run/named/`| |`-DNS_RUN_PID_DIR=0`|Create default PID files in `${localstatedir}/run` rather than `${localstatedir}/run/named/`|
|`-DNS_RPZ_MAX_ZONES=64`|Increase the maximum number of configurable response policy zones from 32 to 64; this is the highest possible setting|
|`-DISC_BUFFER_USEINLINE=0`|Disable the use of inline functions to implement the `isc_buffer` API: this reduces performance but may be useful when debugging | |`-DISC_BUFFER_USEINLINE=0`|Disable the use of inline functions to implement the `isc_buffer` API: this reduces performance but may be useful when debugging |
|`-DISC_HEAP_CHECK`|Test heap consistency after every heap operation; used when debugging| |`-DISC_HEAP_CHECK`|Test heap consistency after every heap operation; used when debugging|

13
lib/dns/include/dns/rpz.h
View File

@ -76,15 +76,12 @@ typedef enum {
typedef isc_uint8_t dns_rpz_num_t; typedef isc_uint8_t dns_rpz_num_t;
#define DNS_RPZ_MAX_ZONES 32 #define DNS_RPZ_MAX_ZONES 64
#if DNS_RPZ_MAX_ZONES > 32 /*
# if DNS_RPZ_MAX_ZONES > 64 * Type dns_rpz_zbits_t must be an unsigned int wide enough to contain
# error "rpz zone bit masks must fit in a word" * at least DNS_RPZ_MAX_ZONES bits.
# endif */
typedef isc_uint64_t dns_rpz_zbits_t; typedef isc_uint64_t dns_rpz_zbits_t;
#else
typedef isc_uint32_t dns_rpz_zbits_t;
#endif
#define DNS_RPZ_ALL_ZBITS ((dns_rpz_zbits_t)-1) #define DNS_RPZ_ALL_ZBITS ((dns_rpz_zbits_t)-1)

6
lib/dns/rpz.c
View File

@ -283,12 +283,10 @@ zbit_to_num(dns_rpz_zbits_t zbit) {
REQUIRE(zbit != 0); REQUIRE(zbit != 0);
rpz_num = 0; rpz_num = 0;
#if DNS_RPZ_MAX_ZONES > 32 if ((zbit & 0xffffffff00000000ULL) != 0) {
if ((zbit & 0xffffffff00000000L) != 0) {
zbit >>= 32; zbit >>= 32;
rpz_num += 32; rpz_num += 32;
} }
#endif
if ((zbit & 0xffff0000) != 0) { if ((zbit & 0xffff0000) != 0) {
zbit >>= 16; zbit >>= 16;
rpz_num += 16; rpz_num += 16;
@ -505,9 +503,7 @@ fix_qname_skip_recurse(dns_rpz_zones_t *rpzs) {
req_mask |= req_mask >> 4; req_mask |= req_mask >> 4;
req_mask |= req_mask >> 8; req_mask |= req_mask >> 8;
req_mask |= req_mask >> 16; req_mask |= req_mask >> 16;
#if DNS_RPZ_MAX_ZONES > 32
req_mask |= req_mask >> 32; req_mask |= req_mask >> 32;
#endif
/* /*
* There's no point in skipping recursion for a later * There's no point in skipping recursion for a later