diff --git a/bin/named/server.c b/bin/named/server.c index 515127dbc5..0f6ea49248 100644 --- a/bin/named/server.c +++ b/bin/named/server.c @@ -869,8 +869,8 @@ load_view_keys(const cfg_obj_t *keys, const cfg_obj_t *vconfig, * initializing key; that's why 'managed' * is duplicated below. */ - CHECK(dns_keytable_add2(secroots, managed, - managed, &dstkey)); + CHECK(dns_keytable_add(secroots, managed, + managed, &dstkey)); } } @@ -3615,8 +3615,8 @@ create_mapped_acl(void) { if (result != ISC_R_SUCCESS) return (result); - result = dns_iptable_addprefix2(acl->iptable, &addr, 96, - ISC_TRUE, ISC_FALSE); + result = dns_iptable_addprefix(acl->iptable, &addr, 96, + ISC_TRUE, ISC_FALSE); if (result == ISC_R_SUCCESS) dns_acl_attach(acl, &named_g_mapped); dns_acl_detach(&acl); @@ -5254,7 +5254,7 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, * empty zone for it. */ result = dns_fwdtable_find(view->fwdtable, name, - &dnsforwarders); + NULL, &dnsforwarders); if (result == ISC_R_SUCCESS && dnsforwarders->fwdpolicy == dns_fwdpolicy_only) continue; @@ -6267,8 +6267,8 @@ add_listenelt(isc_mem_t *mctx, ns_listenlist_t *list, isc_sockaddr_t *addr, if (result != ISC_R_SUCCESS) return (result); - result = dns_iptable_addprefix(src_acl->iptable, - &netaddr, 128, ISC_TRUE); + result = dns_iptable_addprefix(src_acl->iptable, &netaddr, + 128, ISC_TRUE, ISC_FALSE); if (result != ISC_R_SUCCESS) goto clean; diff --git a/lib/dns/acl.c b/lib/dns/acl.c index f2c550c557..9a9d56ccfe 100644 --- a/lib/dns/acl.c +++ b/lib/dns/acl.c @@ -100,7 +100,8 @@ dns_acl_anyornone(isc_mem_t *mctx, isc_boolean_t neg, dns_acl_t **target) { if (result != ISC_R_SUCCESS) return (result); - result = dns_iptable_addprefix(acl->iptable, NULL, 0, ISC_TF(!neg)); + result = dns_iptable_addprefix(acl->iptable, NULL, 0, ISC_TF(!neg), + ISC_FALSE); if (result != ISC_R_SUCCESS) { dns_acl_detach(&acl); return (result); diff --git a/lib/dns/client.c b/lib/dns/client.c index 2844429e2a..9d044446e8 100644 --- a/lib/dns/client.c +++ b/lib/dns/client.c @@ -1540,7 +1540,7 @@ dns_client_addtrustedkey(dns_client_t *client, dns_rdataclass_t rdclass, if (result != ISC_R_SUCCESS) goto cleanup; - result = dns_keytable_add2(secroots, ISC_FALSE, ISC_FALSE, &dstkey); + result = dns_keytable_add(secroots, ISC_FALSE, ISC_FALSE, &dstkey); cleanup: if (dstkey != NULL) diff --git a/lib/dns/forward.c b/lib/dns/forward.c index 8b3f992a68..2380118404 100644 --- a/lib/dns/forward.c +++ b/lib/dns/forward.c @@ -192,14 +192,7 @@ dns_fwdtable_delete(dns_fwdtable_t *fwdtable, const dns_name_t *name) { isc_result_t dns_fwdtable_find(dns_fwdtable_t *fwdtable, const dns_name_t *name, - dns_forwarders_t **forwardersp) -{ - return (dns_fwdtable_find2(fwdtable, name, NULL, forwardersp)); -} - -isc_result_t -dns_fwdtable_find2(dns_fwdtable_t *fwdtable, const dns_name_t *name, - dns_name_t *foundname, dns_forwarders_t **forwardersp) + dns_name_t *foundname, dns_forwarders_t **forwardersp) { isc_result_t result; diff --git a/lib/dns/include/dns/forward.h b/lib/dns/include/dns/forward.h index 16e1009223..2d7602a9dc 100644 --- a/lib/dns/include/dns/forward.h +++ b/lib/dns/include/dns/forward.h @@ -89,24 +89,7 @@ dns_fwdtable_delete(dns_fwdtable_t *fwdtable, const dns_name_t *name); isc_result_t dns_fwdtable_find(dns_fwdtable_t *fwdtable, const dns_name_t *name, - dns_forwarders_t **forwardersp); -/*%< - * Finds a domain in the forwarding table. The closest matching parent - * domain is returned. - * - * Requires: - * \li fwdtable is a valid forwarding table. - * \li name is a valid name - * \li forwardersp != NULL && *forwardersp == NULL - * - * Returns: - * \li #ISC_R_SUCCESS - * \li #ISC_R_NOTFOUND - */ - -isc_result_t -dns_fwdtable_find2(dns_fwdtable_t *fwdtable, const dns_name_t *name, - dns_name_t *foundname, dns_forwarders_t **forwardersp); + dns_name_t *foundname, dns_forwarders_t **forwardersp); /*%< * Finds a domain in the forwarding table. The closest matching parent * domain is returned. diff --git a/lib/dns/include/dns/iptable.h b/lib/dns/include/dns/iptable.h index 6dcbfabe72..20c455de8d 100644 --- a/lib/dns/include/dns/iptable.h +++ b/lib/dns/include/dns/iptable.h @@ -45,11 +45,8 @@ dns_iptable_create(isc_mem_t *mctx, dns_iptable_t **target); isc_result_t dns_iptable_addprefix(dns_iptable_t *tab, const isc_netaddr_t *addr, - isc_uint16_t bitlen, isc_boolean_t pos); -isc_result_t -dns_iptable_addprefix2(dns_iptable_t *tab, const isc_netaddr_t *addr, - isc_uint16_t bitlen, isc_boolean_t pos, - isc_boolean_t is_ecs); + isc_uint16_t bitlen, isc_boolean_t pos, + isc_boolean_t is_ecs); /* * Add an IP prefix to an existing IP table */ diff --git a/lib/dns/include/dns/keytable.h b/lib/dns/include/dns/keytable.h index 4dccad10c5..32567e0c99 100644 --- a/lib/dns/include/dns/keytable.h +++ b/lib/dns/include/dns/keytable.h @@ -105,9 +105,6 @@ dns_keytable_detach(dns_keytable_t **keytablep); isc_result_t dns_keytable_add(dns_keytable_t *keytable, isc_boolean_t managed, - dst_key_t **keyp) ISC_DEPRECATED; -isc_result_t -dns_keytable_add2(dns_keytable_t *keytable, isc_boolean_t managed, isc_boolean_t initial, dst_key_t **keyp); /*%< * Add '*keyp' to 'keytable' (using the name in '*keyp'). diff --git a/lib/dns/iptable.c b/lib/dns/iptable.c index 09323cb9ca..f44bae7d63 100644 --- a/lib/dns/iptable.c +++ b/lib/dns/iptable.c @@ -56,15 +56,8 @@ static isc_boolean_t dns_iptable_pos = ISC_TRUE; */ isc_result_t dns_iptable_addprefix(dns_iptable_t *tab, const isc_netaddr_t *addr, - isc_uint16_t bitlen, isc_boolean_t pos) -{ - return(dns_iptable_addprefix2(tab, addr, bitlen, pos, ISC_FALSE)); -} - -isc_result_t -dns_iptable_addprefix2(dns_iptable_t *tab, const isc_netaddr_t *addr, - isc_uint16_t bitlen, isc_boolean_t pos, - isc_boolean_t is_ecs) + isc_uint16_t bitlen, isc_boolean_t pos, + isc_boolean_t is_ecs) { isc_result_t result; isc_prefix_t pfx; diff --git a/lib/dns/keytable.c b/lib/dns/keytable.c index 356791db6a..af2666c954 100644 --- a/lib/dns/keytable.c +++ b/lib/dns/keytable.c @@ -308,14 +308,7 @@ insert(dns_keytable_t *keytable, isc_boolean_t managed, isc_boolean_t initial, isc_result_t dns_keytable_add(dns_keytable_t *keytable, isc_boolean_t managed, - dst_key_t **keyp) -{ - return (dns_keytable_add2(keytable, managed, ISC_FALSE, keyp)); -} - -isc_result_t -dns_keytable_add2(dns_keytable_t *keytable, isc_boolean_t managed, - isc_boolean_t initial, dst_key_t **keyp) + isc_boolean_t initial, dst_key_t **keyp) { REQUIRE(keyp != NULL && *keyp != NULL); REQUIRE(!initial || managed); diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c index d8a83e4e58..724219cde3 100644 --- a/lib/dns/resolver.c +++ b/lib/dns/resolver.c @@ -3521,8 +3521,8 @@ fctx_getaddresses(fetchctx_t *fctx, isc_boolean_t badcache) { dns_fixedname_init(&fixed); domain = dns_fixedname_name(&fixed); - result = dns_fwdtable_find2(res->view->fwdtable, name, - domain, &forwarders); + result = dns_fwdtable_find(res->view->fwdtable, name, + domain, &forwarders); if (result == ISC_R_SUCCESS) { fwd = ISC_LIST_HEAD(forwarders->fwdrs); fctx->fwdpolicy = forwarders->fwdpolicy; @@ -4602,8 +4602,8 @@ fctx_create(dns_resolver_t *res, const dns_name_t *name, dns_rdatatype_t type, /* Find the forwarder for this name. */ dns_fixedname_init(&fixed); fname = dns_fixedname_name(&fixed); - result = dns_fwdtable_find2(fctx->res->view->fwdtable, fwdname, - fname, &forwarders); + result = dns_fwdtable_find(fctx->res->view->fwdtable, fwdname, + fname, &forwarders); if (result == ISC_R_SUCCESS) fctx->fwdpolicy = forwarders->fwdpolicy; diff --git a/lib/dns/tests/acl_test.c b/lib/dns/tests/acl_test.c index 99ff5c8c74..e4b338117b 100644 --- a/lib/dns/tests/acl_test.c +++ b/lib/dns/tests/acl_test.c @@ -138,13 +138,13 @@ ATF_TC_BODY(dns_acl_isinsecure, tc) { inaddr.s_addr = htonl(0x0a000000); /* 10.0.0.0 */ isc_netaddr_fromin(&addr, &inaddr); - result = dns_iptable_addprefix2(pos4pos6->iptable, &addr, 8, - ISC_TRUE, ecs[pass].first); + result = dns_iptable_addprefix(pos4pos6->iptable, &addr, 8, + ISC_TRUE, ecs[pass].first); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); addr.family = AF_INET6; /* 0a00:: */ - result = dns_iptable_addprefix2(pos4pos6->iptable, &addr, 8, - ISC_TRUE, ecs[pass].second); + result = dns_iptable_addprefix(pos4pos6->iptable, &addr, 8, + ISC_TRUE, ecs[pass].second); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); result = dns_acl_merge(notpos4pos6, pos4pos6, ISC_FALSE); @@ -152,13 +152,13 @@ ATF_TC_BODY(dns_acl_isinsecure, tc) { inaddr.s_addr = htonl(0x0a000000); /* !10.0.0.0/8 */ isc_netaddr_fromin(&addr, &inaddr); - result = dns_iptable_addprefix2(neg4pos6->iptable, &addr, 8, - ISC_FALSE, ecs[pass].first); + result = dns_iptable_addprefix(neg4pos6->iptable, &addr, 8, + ISC_FALSE, ecs[pass].first); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); addr.family = AF_INET6; /* 0a00::/8 */ - result = dns_iptable_addprefix2(neg4pos6->iptable, &addr, 8, - ISC_TRUE, ecs[pass].second); + result = dns_iptable_addprefix(neg4pos6->iptable, &addr, 8, + ISC_TRUE, ecs[pass].second); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); result = dns_acl_merge(notneg4pos6, neg4pos6, ISC_FALSE); @@ -166,13 +166,13 @@ ATF_TC_BODY(dns_acl_isinsecure, tc) { inaddr.s_addr = htonl(0x0a000000); /* 10.0.0.0/8 */ isc_netaddr_fromin(&addr, &inaddr); - result = dns_iptable_addprefix2(pos4neg6->iptable, &addr, 8, - ISC_TRUE, ecs[pass].first); + result = dns_iptable_addprefix(pos4neg6->iptable, &addr, 8, + ISC_TRUE, ecs[pass].first); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); addr.family = AF_INET6; /* !0a00::/8 */ - result = dns_iptable_addprefix2(pos4neg6->iptable, &addr, 8, - ISC_FALSE, ecs[pass].second); + result = dns_iptable_addprefix(pos4neg6->iptable, &addr, 8, + ISC_FALSE, ecs[pass].second); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); result = dns_acl_merge(notpos4neg6, pos4neg6, ISC_FALSE); @@ -180,13 +180,13 @@ ATF_TC_BODY(dns_acl_isinsecure, tc) { inaddr.s_addr = htonl(0x0a000000); /* !10.0.0.0/8 */ isc_netaddr_fromin(&addr, &inaddr); - result = dns_iptable_addprefix2(neg4neg6->iptable, &addr, 8, - ISC_FALSE, ecs[pass].first); + result = dns_iptable_addprefix(neg4neg6->iptable, &addr, 8, + ISC_FALSE, ecs[pass].first); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); addr.family = AF_INET6; /* !0a00::/8 */ - result = dns_iptable_addprefix2(neg4neg6->iptable, &addr, 8, - ISC_FALSE, ecs[pass].second); + result = dns_iptable_addprefix(neg4neg6->iptable, &addr, 8, + ISC_FALSE, ecs[pass].second); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); result = dns_acl_merge(notneg4neg6, neg4neg6, ISC_FALSE); @@ -224,16 +224,16 @@ ATF_TC_BODY(dns_acl_isinsecure, tc) { inaddr.s_addr = htonl(0x7f000001); /* 127.0.0.1 */ isc_netaddr_fromin(&addr, &inaddr); - result = dns_iptable_addprefix2(loop4->iptable, &addr, 32, - ISC_TRUE, ecs[pass].first); + result = dns_iptable_addprefix(loop4->iptable, &addr, 32, + ISC_TRUE, ecs[pass].first); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); result = dns_acl_merge(notloop4, loop4, ISC_FALSE); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); isc_netaddr_fromin6(&addr, &in6addr_loopback); /* ::1 */ - result = dns_iptable_addprefix2(loop6->iptable, &addr, 128, - ISC_TRUE, ecs[pass].first); + result = dns_iptable_addprefix(loop6->iptable, &addr, 128, + ISC_TRUE, ecs[pass].first); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); result = dns_acl_merge(notloop6, loop6, ISC_FALSE); @@ -270,13 +270,13 @@ ATF_TC_BODY(dns_acl_isinsecure, tc) { inaddr.s_addr = htonl(0x7f000001); /* 127.0.0.1 */ isc_netaddr_fromin(&addr, &inaddr); - result = dns_iptable_addprefix2(loop4pos6->iptable, &addr, 32, - ISC_TRUE, ecs[pass].first); + result = dns_iptable_addprefix(loop4pos6->iptable, &addr, 32, + ISC_TRUE, ecs[pass].first); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); addr.family = AF_INET6; /* f700:0001::/32 */ - result = dns_iptable_addprefix2(loop4pos6->iptable, &addr, 32, - ISC_TRUE, ecs[pass].second); + result = dns_iptable_addprefix(loop4pos6->iptable, &addr, 32, + ISC_TRUE, ecs[pass].second); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); result = dns_acl_merge(notloop4pos6, loop4pos6, ISC_FALSE); @@ -284,13 +284,13 @@ ATF_TC_BODY(dns_acl_isinsecure, tc) { inaddr.s_addr = htonl(0x7f000001); /* 127.0.0.1 */ isc_netaddr_fromin(&addr, &inaddr); - result = dns_iptable_addprefix2(loop4neg6->iptable, &addr, 32, - ISC_TRUE, ecs[pass].first); + result = dns_iptable_addprefix(loop4neg6->iptable, &addr, 32, + ISC_TRUE, ecs[pass].first); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); addr.family = AF_INET6; /* !f700:0001::/32 */ - result = dns_iptable_addprefix2(loop4neg6->iptable, &addr, 32, - ISC_FALSE, ecs[pass].second); + result = dns_iptable_addprefix(loop4neg6->iptable, &addr, 32, + ISC_FALSE, ecs[pass].second); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); result = dns_acl_merge(notloop4neg6, loop4neg6, ISC_FALSE); diff --git a/lib/dns/tests/keytable_test.c b/lib/dns/tests/keytable_test.c index ae54f9e9a6..b3929bc62b 100644 --- a/lib/dns/tests/keytable_test.c +++ b/lib/dns/tests/keytable_test.c @@ -129,12 +129,12 @@ create_tables() { /* Add a normal key */ create_key(257, 3, 5, "example.com", keystr1, &key); - ATF_REQUIRE_EQ(dns_keytable_add2(keytable, ISC_FALSE, ISC_FALSE, &key), + ATF_REQUIRE_EQ(dns_keytable_add(keytable, ISC_FALSE, ISC_FALSE, &key), ISC_R_SUCCESS); /* Add an initializing managed key */ create_key(257, 3, 5, "managed.com", keystr1, &key); - ATF_REQUIRE_EQ(dns_keytable_add2(keytable, ISC_TRUE, ISC_TRUE, &key), + ATF_REQUIRE_EQ(dns_keytable_add(keytable, ISC_TRUE, ISC_TRUE, &key), ISC_R_SUCCESS); /* Add a null key */ @@ -193,7 +193,7 @@ ATF_TC_BODY(add, tc) { * nextkeynode() should still return NOTFOUND. */ create_key(257, 3, 5, "example.com", keystr1, &key); - ATF_REQUIRE_EQ(dns_keytable_add2(keytable, ISC_FALSE, ISC_FALSE, &key), + ATF_REQUIRE_EQ(dns_keytable_add(keytable, ISC_FALSE, ISC_FALSE, &key), ISC_R_SUCCESS); ATF_REQUIRE_EQ(dns_keytable_nextkeynode(keytable, keynode, &next_keynode), ISC_R_NOTFOUND); @@ -201,7 +201,7 @@ ATF_TC_BODY(add, tc) { /* Add another key (different keydata) */ dns_keytable_detachkeynode(keytable, &keynode); create_key(257, 3, 5, "example.com", keystr2, &key); - ATF_REQUIRE_EQ(dns_keytable_add2(keytable, ISC_FALSE, ISC_FALSE, &key), + ATF_REQUIRE_EQ(dns_keytable_add(keytable, ISC_FALSE, ISC_FALSE, &key), ISC_R_SUCCESS); ATF_REQUIRE_EQ(dns_keytable_find(keytable, str2name("example.com"), &keynode), ISC_R_SUCCESS); @@ -231,7 +231,7 @@ ATF_TC_BODY(add, tc) { * ISC_R_NOTFOUND and that the added key is an initializing key. */ create_key(257, 3, 5, "managed.com", keystr2, &key); - ATF_REQUIRE_EQ(dns_keytable_add2(keytable, ISC_TRUE, ISC_TRUE, &key), + ATF_REQUIRE_EQ(dns_keytable_add(keytable, ISC_TRUE, ISC_TRUE, &key), ISC_R_SUCCESS); ATF_REQUIRE_EQ(dns_keytable_find(keytable, str2name("managed.com"), &keynode), ISC_R_SUCCESS); @@ -248,7 +248,7 @@ ATF_TC_BODY(add, tc) { * nodes for managed.com, both containing non-initializing keys. */ create_key(257, 3, 5, "managed.com", keystr2, &key); - ATF_REQUIRE_EQ(dns_keytable_add2(keytable, ISC_TRUE, ISC_FALSE, &key), + ATF_REQUIRE_EQ(dns_keytable_add(keytable, ISC_TRUE, ISC_FALSE, &key), ISC_R_SUCCESS); ATF_REQUIRE_EQ(dns_keytable_find(keytable, str2name("managed.com"), &keynode), ISC_R_SUCCESS); @@ -269,7 +269,7 @@ ATF_TC_BODY(add, tc) { * that the added key is an initializing key. */ create_key(257, 3, 5, "two.com", keystr1, &key); - ATF_REQUIRE_EQ(dns_keytable_add2(keytable, ISC_TRUE, ISC_TRUE, &key), + ATF_REQUIRE_EQ(dns_keytable_add(keytable, ISC_TRUE, ISC_TRUE, &key), ISC_R_SUCCESS); ATF_REQUIRE_EQ(dns_keytable_find(keytable, str2name("two.com"), &keynode), ISC_R_SUCCESS); @@ -284,7 +284,7 @@ ATF_TC_BODY(add, tc) { * ISC_R_NOTFOUND and that the added key is not an initializing key. */ create_key(257, 3, 5, "two.com", keystr2, &key); - ATF_REQUIRE_EQ(dns_keytable_add2(keytable, ISC_TRUE, ISC_FALSE, &key), + ATF_REQUIRE_EQ(dns_keytable_add(keytable, ISC_TRUE, ISC_FALSE, &key), ISC_R_SUCCESS); ATF_REQUIRE_EQ(dns_keytable_find(keytable, str2name("two.com"), &keynode), ISC_R_SUCCESS); @@ -301,7 +301,7 @@ ATF_TC_BODY(add, tc) { * nodes for two.com, both containing non-initializing keys. */ create_key(257, 3, 5, "two.com", keystr1, &key); - ATF_REQUIRE_EQ(dns_keytable_add2(keytable, ISC_TRUE, ISC_FALSE, &key), + ATF_REQUIRE_EQ(dns_keytable_add(keytable, ISC_TRUE, ISC_FALSE, &key), ISC_R_SUCCESS); ATF_REQUIRE_EQ(dns_keytable_find(keytable, str2name("two.com"), &keynode), ISC_R_SUCCESS); @@ -323,7 +323,7 @@ ATF_TC_BODY(add, tc) { ATF_REQUIRE_EQ(dns_keytable_find(keytable, str2name("null.example"), &null_keynode), ISC_R_SUCCESS); create_key(257, 3, 5, "null.example", keystr2, &key); - ATF_REQUIRE_EQ(dns_keytable_add2(keytable, ISC_FALSE, ISC_FALSE, &key), + ATF_REQUIRE_EQ(dns_keytable_add(keytable, ISC_FALSE, ISC_FALSE, &key), ISC_R_SUCCESS); ATF_REQUIRE_EQ(dns_keytable_find(keytable, str2name("null.example"), &keynode), ISC_R_SUCCESS); @@ -629,7 +629,7 @@ ATF_TC_BODY(nta, tc) { ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); create_key(257, 3, 5, "example", keystr1, &key); - result = dns_keytable_add2(keytable, ISC_FALSE, ISC_FALSE, &key); + result = dns_keytable_add(keytable, ISC_FALSE, ISC_FALSE, &key); ATF_REQUIRE_EQ(result, ISC_R_SUCCESS); isc_stdtime_get(&now); diff --git a/lib/dns/win32/libdns.def.in b/lib/dns/win32/libdns.def.in index f81efeff9c..a5f6060e75 100644 --- a/lib/dns/win32/libdns.def.in +++ b/lib/dns/win32/libdns.def.in @@ -372,7 +372,6 @@ dns_fwdtable_create dns_fwdtable_delete dns_fwdtable_destroy dns_fwdtable_find -dns_fwdtable_find2 dns_generalstats_create dns_generalstats_dump dns_generalstats_increment @@ -386,7 +385,6 @@ dns_ipkeylist_copy dns_ipkeylist_init dns_ipkeylist_resize dns_iptable_addprefix -dns_iptable_addprefix2 dns_iptable_attach dns_iptable_create dns_iptable_detach @@ -422,7 +420,6 @@ dns_keynode_managed dns_keynode_trust dns_keyring_restore dns_keytable_add -dns_keytable_add2 dns_keytable_attach dns_keytable_attachkeynode dns_keytable_create diff --git a/lib/dns/zone.c b/lib/dns/zone.c index b02da3b3b2..000e0bbbf6 100644 --- a/lib/dns/zone.c +++ b/lib/dns/zone.c @@ -3877,7 +3877,7 @@ trust_key(dns_zone_t *zone, dns_name_t *keyname, goto failure; CHECK(dns_dnssec_keyfromrdata(keyname, &rdata, mctx, &dstkey)); - CHECK(dns_keytable_add2(sr, ISC_TRUE, initial, &dstkey)); + CHECK(dns_keytable_add(sr, ISC_TRUE, initial, &dstkey)); dns_keytable_detach(&sr); failure: diff --git a/lib/isccfg/aclconf.c b/lib/isccfg/aclconf.c index e598e4d5ba..b3650c231a 100644 --- a/lib/isccfg/aclconf.c +++ b/lib/isccfg/aclconf.c @@ -632,6 +632,7 @@ cfg_acl_fromconfig2(const cfg_obj_t *caml, const cfg_obj_t *cctx, const cfg_listelt_t *elt; dns_iptable_t *iptab; int new_nest_level = 0; + isc_boolean_t setpos; if (nest_level != 0) new_nest_level = nest_level - 1; @@ -710,7 +711,7 @@ cfg_acl_fromconfig2(const cfg_obj_t *caml, const cfg_obj_t *cctx, /* Network prefix */ isc_netaddr_t addr; unsigned int bitlen; - isc_boolean_t setpos, setecs; + isc_boolean_t setecs; cfg_obj_asnetprefix(ce, &addr, &bitlen); if (family != 0 && family != addr.family) { @@ -739,8 +740,8 @@ cfg_acl_fromconfig2(const cfg_obj_t *caml, const cfg_obj_t *cctx, */ setpos = ISC_TF(nest_level != 0 || !neg); setecs = cfg_obj_istype(ce, &cfg_type_ecsprefix); - result = dns_iptable_addprefix2(iptab, &addr, bitlen, - setpos, setecs); + result = dns_iptable_addprefix(iptab, &addr, bitlen, + setpos, setecs); if (result != ISC_R_SUCCESS) goto cleanup; @@ -812,8 +813,10 @@ nested_acl: const char *name = cfg_obj_asstring(ce); if (strcasecmp(name, "any") == 0) { /* Iptable entry with zero bit length. */ + setpos = ISC_TF(nest_level != 0 || !neg); result = dns_iptable_addprefix(iptab, NULL, 0, - ISC_TF(nest_level != 0 || !neg)); + setpos, + ISC_FALSE); if (result != ISC_R_SUCCESS) goto cleanup; @@ -831,8 +834,10 @@ nested_acl: * de->negative to true so we can handle * "!none;". */ + setpos = ISC_TF(nest_level != 0 || neg); result = dns_iptable_addprefix(iptab, NULL, 0, - ISC_TF(nest_level != 0 || neg)); + setpos, + ISC_FALSE); if (result != ISC_R_SUCCESS) goto cleanup; diff --git a/lib/ns/interfacemgr.c b/lib/ns/interfacemgr.c index 358caeb2d2..9538d7fe99 100644 --- a/lib/ns/interfacemgr.c +++ b/lib/ns/interfacemgr.c @@ -760,7 +760,7 @@ setup_locals(ns_interfacemgr_t *mgr, isc_interface_t *interface) { /* First add localhost address */ prefixlen = (netaddr->family == AF_INET) ? 32 : 128; result = dns_iptable_addprefix(mgr->aclenv.localhost->iptable, - netaddr, prefixlen, ISC_TRUE); + netaddr, prefixlen, ISC_TRUE, ISC_FALSE); if (result != ISC_R_SUCCESS) return (result); @@ -790,7 +790,7 @@ setup_locals(ns_interfacemgr_t *mgr, isc_interface_t *interface) { } result = dns_iptable_addprefix(mgr->aclenv.localnets->iptable, - netaddr, prefixlen, ISC_TRUE); + netaddr, prefixlen, ISC_TRUE, ISC_FALSE); if (result != ISC_R_SUCCESS) return (result);