mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-30 14:07:59 +00:00
Code Issues Releases Wiki Activity

Merge branch '3773-remove-dscp' into 'main'

Browse Source 
remove nonfunctional DSCP implementation

Closes #3773

See merge request isc-projects/bind9!7305
This commit is contained in:
Evan Hunt 2023-01-09 21:04:55 +00:00
commit 51093a834b
114 changed files with 418 additions and 2367 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
CHANGES
View File

@ -1,3 +1,10 @@
6062. [func] The DSCP implementation, which has been
nonfunctional for some time, is now marked as
obsolete and the implementation has been removed.
Configuring DSCP values in named.conf has no
effect, and a warning will be logged that
the feature should no longer be used. [GL #3773]
6061. [bug] Fix unexpected "Prohibited" extended DNS error
on allow-recursion. [GL #3743]

19
bin/dig/dig.c
View File

@ -206,9 +206,6 @@ help(void) {
"from ipv4only.arpa)\n"
" +[no]dnssec (Request DNSSEC records)\n"
" +domain=### (Set default domainname)\n"
" +[no]dscp[=###] (Set the DSCP value to "
"### "
"[0..63])\n"
" +[no]edns[=###] (Set EDNS version) [0]\n"
" +ednsflags=### (Set EDNS flag bits)\n"
" +[no]ednsnegotiation (Set EDNS version "
@ -1392,20 +1389,10 @@ plus_option(char *option, bool is_batchfile, bool *need_clone,
strlcpy(domainopt, value, sizeof(domainopt));
break;
case 's': /* dscp */
/* obsolete */
FULLCHECK("dscp");
if (!state) {
lookup->dscp = -1;
break;
}
if (value == NULL) {
goto need_value;
}
result = parse_uint(&num, value, 0x3f, "DSCP");
if (result != ISC_R_SUCCESS) {
warn("Couldn't parse DSCP value");
goto exit_or_usage;
}
lookup->dscp = num;
fprintf(stderr, ";; +dscp option is obsolete "
"and has no effect");
break;
default:
goto invalid_option;

5
bin/dig/dig.rst
View File

@ -349,9 +349,8 @@ abbreviation is unambiguous; for example, :option:`+cd` is equivalent to
.. option:: +dscp=value
This option sets the DSCP code point to be used when sending the query. Valid DSCP
code points are in the range [0...63]. By default no code point is
explicitly set.
This option formerly set the DSCP value used when sending a query.
It is now obsolete, and has no effect.
.. option:: +edns[=#], +noedns

4
bin/dig/dighost.c
View File

@ -622,7 +622,6 @@ make_empty_lookup(void) {
.section_authority = true,
.section_additional = true,
.ednsneg = true,
.dscp = -1,
};
dns_fixedname_init(&looknew->fdomain);
@ -797,7 +796,6 @@ clone_lookup(dig_lookup_t *lookold, bool servers) {
looknew->tsigctx = NULL;
looknew->need_search = lookold->need_search;
looknew->done_as_is = lookold->done_as_is;
looknew->dscp = lookold->dscp;
looknew->rrcomments = lookold->rrcomments;
looknew->fuzzing = lookold->fuzzing;
looknew->fuzztime = lookold->fuzztime;
@ -3067,8 +3065,6 @@ start_tcp(dig_query_t *query) {
local_timeout, NULL, NULL);
}
/* XXX: set DSCP */
return;
failure_tls:

1
bin/dig/dighost.h
View File

@ -167,7 +167,6 @@ struct dig_lookup {
char *cookie;
dns_ednsopt_t *ednsopts;
unsigned int ednsoptscnt;
isc_dscp_t dscp;
unsigned int ednsflags;
dns_opcode_t opcode;
int rrcomments;

65
bin/named/config.c
View File

@ -597,7 +597,7 @@ isc_result_t
named_config_getipandkeylist(const cfg_obj_t *config, const char *listtype,
const cfg_obj_t *list, isc_mem_t *mctx,
dns_ipkeylist_t *ipkl) {
uint32_t addrcount = 0, srccount = 0, dscpcount = 0;
uint32_t addrcount = 0, srccount = 0;
uint32_t keycount = 0, tlscount = 0;
uint32_t listcount = 0, l = 0, i = 0;
uint32_t stackcount = 0, pushed = 0;
@ -605,7 +605,6 @@ named_config_getipandkeylist(const cfg_obj_t *config, const char *listtype,
const cfg_listelt_t *element;
const cfg_obj_t *addrlist;
const cfg_obj_t *portobj;
const cfg_obj_t *dscpobj;
const cfg_obj_t *src4obj;
const cfg_obj_t *src6obj;
in_port_t port = (in_port_t)0;
@ -613,23 +612,19 @@ named_config_getipandkeylist(const cfg_obj_t *config, const char *listtype,
in_port_t def_tlsport;
isc_sockaddr_t src4;
isc_sockaddr_t src6;
isc_dscp_t dscp = -1;
isc_sockaddr_t *addrs = NULL;
isc_sockaddr_t *sources = NULL;
isc_dscp_t *dscps = NULL;
dns_name_t **keys = NULL;
dns_name_t **tlss = NULL;
struct {
const char *name;
in_port_t port;
isc_dscp_t dscp;
isc_sockaddr_t *src4s;
isc_sockaddr_t *src6s;
} *lists = NULL;
struct {
const cfg_listelt_t *element;
in_port_t port;
isc_dscp_t dscp;
isc_sockaddr_t src4;
isc_sockaddr_t src6;
} *stack = NULL;
@ -639,7 +634,6 @@ named_config_getipandkeylist(const cfg_obj_t *config, const char *listtype,
REQUIRE(ipkl->addrs == NULL);
REQUIRE(ipkl->keys == NULL);
REQUIRE(ipkl->tlss == NULL);
REQUIRE(ipkl->dscps == NULL);
REQUIRE(ipkl->labels == NULL);
REQUIRE(ipkl->allocated == 0);
@ -656,15 +650,9 @@ named_config_getipandkeylist(const cfg_obj_t *config, const char *listtype,
goto cleanup;
}
result = named_config_getdscp(config, &dscp);
if (result != ISC_R_SUCCESS) {
goto cleanup;
}
newlist:
addrlist = cfg_tuple_get(list, "addresses");
portobj = cfg_tuple_get(list, "port");
dscpobj = cfg_tuple_get(list, "dscp");
src4obj = cfg_tuple_get(list, "source");
src6obj = cfg_tuple_get(list, "source-v6");
@ -679,17 +667,6 @@ newlist:
port = (in_port_t)val;
}
if (dscpobj != NULL && cfg_obj_isuint32(dscpobj)) {
if (cfg_obj_asuint32(dscpobj) > 63) {
cfg_obj_log(dscpobj, named_g_lctx, ISC_LOG_ERROR,
"dscp value '%u' is out of range",
cfg_obj_asuint32(dscpobj));
result = ISC_R_RANGE;
goto cleanup;
}
dscp = (isc_dscp_t)cfg_obj_asuint32(dscpobj);
}
if (src4obj != NULL && cfg_obj_issockaddr(src4obj)) {
src4 = *cfg_obj_assockaddr(src4obj);
} else {
@ -756,7 +733,6 @@ resume:
*/
stack[pushed].element = cfg_list_next(element);
stack[pushed].port = port;
stack[pushed].dscp = dscp;
stack[pushed].src4 = src4;
stack[pushed].src6 = src6;
pushed++;
@ -764,16 +740,11 @@ resume:
}
grow_array(mctx, addrs, i, addrcount);
grow_array(mctx, dscps, i, dscpcount);
grow_array(mctx, keys, i, keycount);
grow_array(mctx, tlss, i, tlscount);
grow_array(mctx, sources, i, srccount);
addrs[i] = *cfg_obj_assockaddr(addr);
dscps[i] = cfg_obj_getdscp(addr);
if (dscps[i] == -1) {
dscps[i] = dscp;
}
result = named_config_getname(mctx, key, &keys[i]);
if (result != ISC_R_SUCCESS) {
@ -825,14 +796,12 @@ resume:
pushed--;
element = stack[pushed].element;
port = stack[pushed].port;
dscp = stack[pushed].dscp;
src4 = stack[pushed].src4;
src6 = stack[pushed].src6;
goto resume;
}
shrink_array(mctx, addrs, i, addrcount);
shrink_array(mctx, dscps, i, dscpcount);
shrink_array(mctx, keys, i, keycount);
shrink_array(mctx, tlss, i, tlscount);
shrink_array(mctx, sources, i, srccount);
@ -844,14 +813,11 @@ resume:
isc_mem_put(mctx, stack, stackcount * sizeof(stack[0]));
}
INSIST(dscpcount == addrcount);
INSIST(keycount == addrcount);
INSIST(tlscount == addrcount);
INSIST(srccount == addrcount);
INSIST(keycount == dscpcount);
ipkl->addrs = addrs;
ipkl->dscps = dscps;
ipkl->keys = keys;
ipkl->tlss = tlss;
ipkl->sources = sources;
@ -864,9 +830,6 @@ cleanup:
if (addrs != NULL) {
isc_mem_put(mctx, addrs, addrcount * sizeof(addrs[0]));
}
if (dscps != NULL) {
isc_mem_put(mctx, dscps, dscpcount * sizeof(dscps[0]));
}
if (keys != NULL) {
for (size_t j = 0; j < i; j++) {
if (keys[j] == NULL) {
@ -932,32 +895,6 @@ named_config_getport(const cfg_obj_t *config, const char *type,
return (ISC_R_SUCCESS);
}
isc_result_t
named_config_getdscp(const cfg_obj_t *config, isc_dscp_t *dscpp) {
const cfg_obj_t *options = NULL;
const cfg_obj_t *dscpobj = NULL;
isc_result_t result;
(void)cfg_map_get(config, "options", &options);
if (options == NULL) {
return (ISC_R_SUCCESS);
}
result = cfg_map_get(options, "dscp", &dscpobj);
if (result != ISC_R_SUCCESS || dscpobj == NULL) {
*dscpp = -1;
return (ISC_R_SUCCESS);
}
if (cfg_obj_asuint32(dscpobj) >= 64) {
cfg_obj_log(dscpobj, named_g_lctx, ISC_LOG_ERROR,
"dscp '%u' out of range",
cfg_obj_asuint32(dscpobj));
return (ISC_R_RANGE);
}
*dscpp = (isc_dscp_t)cfg_obj_asuint32(dscpobj);
return (ISC_R_SUCCESS);
}
struct keyalgorithms {
const char *str;
enum {

3
bin/named/include/named/config.h
View File

@ -71,6 +71,3 @@ named_config_getkeyalgorithm(const char *str, const dns_name_t **name,
isc_result_t
named_config_getkeyalgorithm2(const char *str, const dns_name_t **name,
unsigned int *typep, uint16_t *digestbits);
isc_result_t
named_config_getdscp(const cfg_obj_t *config, isc_dscp_t *dscpp);

1
bin/named/include/named/globals.h
View File

@ -77,7 +77,6 @@ EXTERN in_port_t named_g_port INIT(0);
EXTERN in_port_t named_g_tlsport INIT(0);
EXTERN in_port_t named_g_httpsport INIT(0);
EXTERN in_port_t named_g_httpport INIT(0);
EXTERN isc_dscp_t named_g_dscp INIT(-1);
EXTERN in_port_t named_g_http_listener_clients INIT(0);
EXTERN in_port_t named_g_http_streams_per_conn INIT(0);

5
bin/named/main.c
View File

@ -110,7 +110,6 @@
#define BACKTRACE_MAXFRAME 128
#endif /* ifndef BACKTRACE_MAXFRAME */
extern int isc_dscp_check_value;
extern unsigned int dns_zone_mkey_hour;
extern unsigned int dns_zone_mkey_day;
extern unsigned int dns_zone_mkey_month;
@ -716,13 +715,9 @@ parse_T_opt(char *option) {
/*
* force the server to behave (or misbehave) in
* specified ways for testing purposes.
* dscp=x: check that dscp values are as
* expected and assert otherwise.
*/
if (!strcmp(option, "dropedns")) {
dropedns = true;
} else if (!strncmp(option, "dscp=", 5)) {
isc_dscp_check_value = atoi(option + 5);
} else if (!strcmp(option, "ednsformerr")) {
ednsformerr = true;
} else if (!strcmp(option, "ednsnotimp")) {

109
bin/named/server.c
View File

@ -1260,13 +1260,11 @@ cleanup:
*/
static isc_result_t
get_view_querysource_dispatch(const cfg_obj_t **maps, int af,
dns_dispatch_t **dispatchp, isc_dscp_t *dscpp,
bool is_firstview) {
dns_dispatch_t **dispatchp, bool is_firstview) {
isc_result_t result = ISC_R_FAILURE;
dns_dispatch_t *disp = NULL;
isc_sockaddr_t sa;
const cfg_obj_t *obj = NULL;
isc_dscp_t dscp = -1;
switch (af) {
case AF_INET:
@ -1284,11 +1282,6 @@ get_view_querysource_dispatch(const cfg_obj_t **maps, int af,
sa = *(cfg_obj_assockaddr(obj));
INSIST(isc_sockaddr_pf(&sa) == af);
dscp = cfg_obj_getdscp(obj);
if (dscp != -1 && dscpp != NULL) {
*dscpp = dscp;
}
/*
* If we don't support this address family, we're done!
*/
@ -1591,10 +1584,6 @@ configure_peer(const cfg_obj_t *cpeer, isc_mem_t *mctx, dns_peer_t **peerp) {
if (result != ISC_R_SUCCESS) {
goto cleanup;
}
result = dns_peer_settransferdscp(peer, cfg_obj_getdscp(obj));
if (result != ISC_R_SUCCESS) {
goto cleanup;
}
named_add_reserved_dispatch(named_g_server,
cfg_obj_assockaddr(obj));
}
@ -1611,10 +1600,6 @@ configure_peer(const cfg_obj_t *cpeer, isc_mem_t *mctx, dns_peer_t **peerp) {
if (result != ISC_R_SUCCESS) {
goto cleanup;
}
result = dns_peer_setnotifydscp(peer, cfg_obj_getdscp(obj));
if (result != ISC_R_SUCCESS) {
goto cleanup;
}
named_add_reserved_dispatch(named_g_server,
cfg_obj_assockaddr(obj));
}
@ -1630,10 +1615,6 @@ configure_peer(const cfg_obj_t *cpeer, isc_mem_t *mctx, dns_peer_t **peerp) {
if (result != ISC_R_SUCCESS) {
goto cleanup;
}
result = dns_peer_setquerydscp(peer, cfg_obj_getdscp(obj));
if (result != ISC_R_SUCCESS) {
goto cleanup;
}
named_add_reserved_dispatch(named_g_server,
cfg_obj_assockaddr(obj));
}
@ -4136,7 +4117,6 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config,
dns_acl_t *clients = NULL, *mapped = NULL, *excluded = NULL;
unsigned int query_timeout, ndisp;
bool old_rpz_ok = false;
isc_dscp_t dscp4 = -1, dscp6 = -1;
dns_dyndbctx_t *dctx = NULL;
unsigned int resolver_param;
dns_ntatable_t *ntatable = NULL;
@ -4769,10 +4749,10 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config,
* Resolver.
*/
CHECK(get_view_querysource_dispatch(
maps, AF_INET, &dispatch4, &dscp4,
maps, AF_INET, &dispatch4,
(ISC_LIST_PREV(view, link) == NULL)));
CHECK(get_view_querysource_dispatch(
maps, AF_INET6, &dispatch6, &dscp6,
maps, AF_INET6, &dispatch6,
(ISC_LIST_PREV(view, link) == NULL)));
if (dispatch4 == NULL && dispatch6 == NULL) {
UNEXPECTED_ERROR("unable to obtain either an IPv4 or"
@ -4796,19 +4776,6 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config,
}
dns_resolver_setquerystats(view->resolver, resquerystats);
if (dscp4 == -1) {
dscp4 = named_g_dscp;
}
if (dscp6 == -1) {
dscp6 = named_g_dscp;
}
if (dscp4 != -1) {
dns_resolver_setquerydscp4(view->resolver, dscp4);
}
if (dscp6 != -1) {
dns_resolver_setquerydscp6(view->resolver, dscp6);
}
/*
* Set the ADB cache size to 1/8th of the max-cache-size or
* MAX_ADB_SIZE_FOR_CACHESHARE when the cache is shared.
@ -6250,15 +6217,14 @@ static isc_result_t
configure_forward(const cfg_obj_t *config, dns_view_t *view,
const dns_name_t *origin, const cfg_obj_t *forwarders,
const cfg_obj_t *forwardtype) {
const cfg_obj_t *portobj, *dscpobj;
const cfg_obj_t *faddresses;
const cfg_listelt_t *element;
const cfg_obj_t *portobj = NULL;
const cfg_obj_t *faddresses = NULL;
const cfg_listelt_t *element = NULL;
dns_fwdpolicy_t fwdpolicy = dns_fwdpolicy_none;
dns_forwarderlist_t fwdlist;
dns_forwarder_t *fwd;
dns_forwarder_t *fwd = NULL;
isc_result_t result;
in_port_t port;
isc_dscp_t dscp = -1;
ISC_LIST_INIT(fwdlist);
@ -6281,24 +6247,6 @@ configure_forward(const cfg_obj_t *config, dns_view_t *view,
}
}
/*
* DSCP value for forwarded requests.
*/
dscp = named_g_dscp;
if (forwarders != NULL) {
dscpobj = cfg_tuple_get(forwarders, "dscp");
if (cfg_obj_isuint32(dscpobj)) {
if (cfg_obj_asuint32(dscpobj) > 63) {
cfg_obj_log(dscpobj, named_g_lctx,
ISC_LOG_ERROR,
"dscp value '%u' is out of range",
cfg_obj_asuint32(dscpobj));
return (ISC_R_RANGE);
}
dscp = (isc_dscp_t)cfg_obj_asuint32(dscpobj);
}
}
faddresses = NULL;
if (forwarders != NULL) {
faddresses = cfg_tuple_get(forwarders, "addresses");
@ -6313,10 +6261,6 @@ configure_forward(const cfg_obj_t *config, dns_view_t *view,
if (isc_sockaddr_getport(&fwd->addr) == 0) {
isc_sockaddr_setport(&fwd->addr, port);
}
fwd->dscp = cfg_obj_getdscp(forwarder);
if (fwd->dscp == -1) {
fwd->dscp = dscp;
}
ISC_LINK_INIT(fwd, link);
ISC_LIST_APPEND(fwdlist, fwd, link);
}
@ -8888,17 +8832,6 @@ load_configuration(const char *filename, named_server_t *server,
}
}
/*
* Determining the default DSCP code point.
*/
result = named_config_getdscp(config, &named_g_dscp);
if (result != ISC_R_SUCCESS) {
isc_log_write(named_g_lctx, NAMED_LOGCATEGORY_GENERAL,
NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR, "dscp: %s",
isc_result_totext(result));
goto cleanup_v6portset;
}
/*
* Find the listen queue depth.
*/
@ -8957,7 +8890,7 @@ load_configuration(const char *filename, named_server_t *server,
* Not specified, use default.
*/
result = ns_listenlist_default(named_g_mctx,
listen_port, -1, true,
listen_port, true,
AF_INET, &listenon);
}
if (result != ISC_R_SUCCESS) {
@ -8991,7 +8924,7 @@ load_configuration(const char *filename, named_server_t *server,
* Not specified, use default.
*/
result = ns_listenlist_default(named_g_mctx,
listen_port, -1, true,
listen_port, true,
AF_INET6, &listenon);
}
if (result != ISC_R_SUCCESS) {
@ -11125,10 +11058,9 @@ listenelt_fromconfig(const cfg_obj_t *listener, const cfg_obj_t *config,
isc_result_t result;
const cfg_obj_t *ltup = NULL;
const cfg_obj_t *tlsobj = NULL, *httpobj = NULL;
const cfg_obj_t *portobj = NULL, *dscpobj = NULL;
const cfg_obj_t *portobj = NULL;
const cfg_obj_t *http_server = NULL;
in_port_t port = 0;
isc_dscp_t dscp = -1;
const char *key = NULL, *cert = NULL, *ca_file = NULL,
*dhparam_file = NULL, *ciphers = NULL;
bool tls_prefer_server_ciphers = false,
@ -11322,16 +11254,6 @@ listenelt_fromconfig(const cfg_obj_t *listener, const cfg_obj_t *config,
port = (in_port_t)cfg_obj_asuint32(portobj);
}
dscpobj = cfg_tuple_get(ltup, "dscp");
if (!cfg_obj_isuint32(dscpobj)) {
dscp = named_g_dscp;
} else {
if (cfg_obj_asuint32(dscpobj) > 63) {
return (ISC_R_RANGE);
}
dscp = (isc_dscp_t)cfg_obj_asuint32(dscpobj);
}
#ifdef HAVE_LIBNGHTTP2
if (http) {
CHECK(listenelt_http(http_server, family, do_tls, &tls_params,
@ -11340,9 +11262,8 @@ listenelt_fromconfig(const cfg_obj_t *listener, const cfg_obj_t *config,
#endif /* HAVE_LIBNGHTTP2 */
if (!http) {
CHECK(ns_listenelt_create(mctx, port, dscp, NULL, family,
do_tls, &tls_params, tlsctx_cache,
&delt));
CHECK(ns_listenelt_create(mctx, port, NULL, family, do_tls,
&tls_params, tlsctx_cache, &delt));
}
result = cfg_acl_fromconfig2(cfg_tuple_get(listener, "acl"), config,
@ -11428,9 +11349,9 @@ listenelt_http(const cfg_obj_t *http, const uint16_t family, bool tls,
INSIST(i == len);
result = ns_listenelt_create_http(
mctx, port, named_g_dscp, NULL, family, tls, tls_params,
tlsctx_cache, endpoints, len, max_clients, max_streams, &delt);
result = ns_listenelt_create_http(mctx, port, NULL, family, tls,
tls_params, tlsctx_cache, endpoints,
len, max_clients, max_streams, &delt);
if (result != ISC_R_SUCCESS) {
goto error;
}

36
bin/named/zoneconf.c
View File

@ -905,7 +905,6 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
int seconds;
dns_ttl_t maxttl = 0; /* unlimited */
dns_zone_t *mayberaw = (raw != NULL) ? raw : zone;
isc_dscp_t dscp;
i = 0;
if (zconfig != NULL) {
@ -1267,23 +1266,17 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
RETERR(named_config_getipandkeylist(config, "primaries",
obj, mctx, &ipkl));
dns_zone_setalsonotify(zone, ipkl.addrs, ipkl.sources,
ipkl.dscps, ipkl.keys, ipkl.tlss,
ipkl.keys, ipkl.tlss,
ipkl.count);
dns_ipkeylist_clear(mctx, &ipkl);
} else {
dns_zone_setalsonotify(zone, NULL, NULL, NULL, NULL,
NULL, 0);
dns_zone_setalsonotify(zone, NULL, NULL, NULL, NULL, 0);
}
obj = NULL;
result = named_config_get(maps, "parental-source", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
RETERR(dns_zone_setparentalsrc4(zone, cfg_obj_assockaddr(obj)));
dscp = cfg_obj_getdscp(obj);
if (dscp == -1) {
dscp = named_g_dscp;
}
RETERR(dns_zone_setparentalsrc4dscp(zone, dscp));
named_add_reserved_dispatch(named_g_server,
cfg_obj_assockaddr(obj));
@ -1291,11 +1284,6 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
result = named_config_get(maps, "parental-source-v6", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
RETERR(dns_zone_setparentalsrc6(zone, cfg_obj_assockaddr(obj)));
dscp = cfg_obj_getdscp(obj);
if (dscp == -1) {
dscp = named_g_dscp;
}
RETERR(dns_zone_setparentalsrc6dscp(zone, dscp));
named_add_reserved_dispatch(named_g_server,
cfg_obj_assockaddr(obj));
@ -1303,11 +1291,6 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
result = named_config_get(maps, "notify-source", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
RETERR(dns_zone_setnotifysrc4(zone, cfg_obj_assockaddr(obj)));
dscp = cfg_obj_getdscp(obj);
if (dscp == -1) {
dscp = named_g_dscp;
}
RETERR(dns_zone_setnotifysrc4dscp(zone, dscp));
named_add_reserved_dispatch(named_g_server,
cfg_obj_assockaddr(obj));
@ -1315,11 +1298,6 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
result = named_config_get(maps, "notify-source-v6", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
RETERR(dns_zone_setnotifysrc6(zone, cfg_obj_assockaddr(obj)));
dscp = cfg_obj_getdscp(obj);
if (dscp == -1) {
dscp = named_g_dscp;
}
RETERR(dns_zone_setnotifysrc6dscp(zone, dscp));
named_add_reserved_dispatch(named_g_server,
cfg_obj_assockaddr(obj));
@ -1943,11 +1921,6 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
INSIST(result == ISC_R_SUCCESS && obj != NULL);
RETERR(dns_zone_setxfrsource4(mayberaw,
cfg_obj_assockaddr(obj)));
dscp = cfg_obj_getdscp(obj);
if (dscp == -1) {
dscp = named_g_dscp;
}
RETERR(dns_zone_setxfrsource4dscp(mayberaw, dscp));
named_add_reserved_dispatch(named_g_server,
cfg_obj_assockaddr(obj));
@ -1956,11 +1929,6 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
INSIST(result == ISC_R_SUCCESS && obj != NULL);
RETERR(dns_zone_setxfrsource6(mayberaw,
cfg_obj_assockaddr(obj)));
dscp = cfg_obj_getdscp(obj);
if (dscp == -1) {
dscp = named_g_dscp;
}
RETERR(dns_zone_setxfrsource6dscp(mayberaw, dscp));
named_add_reserved_dispatch(named_g_server,
cfg_obj_assockaddr(obj));

24
bin/nsupdate/nsupdate.c
View File

@ -2633,7 +2633,7 @@ send_update(dns_name_t *zone, isc_sockaddr_t *primary) {
result = dns_request_create(
requestmgr, updatemsg, srcaddr, primary, req_transport,
req_tls_ctx_cache, -1, options, tsigkey, timeout, udp_timeout,
req_tls_ctx_cache, options, tsigkey, timeout, udp_timeout,
udp_retries, global_task, update_completed, NULL, &request);
check_result(result, "dns_request_create");
@ -2752,11 +2752,11 @@ recvsoa(isc_task_t *task, isc_event_t *event) {
srcaddr = localaddr4;
}
result = dns_request_create(
requestmgr, soaquery, srcaddr, addr, req_transport,
req_tls_ctx_cache, -1, options, NULL, FIND_TIMEOUT * 20,
FIND_TIMEOUT, 3, global_task, recvsoa, reqinfo,
&request);
result = dns_request_create(requestmgr, soaquery, srcaddr, addr,
req_transport, req_tls_ctx_cache,
options, NULL, FIND_TIMEOUT * 20,
FIND_TIMEOUT, 3, global_task,
recvsoa, reqinfo, &request);
check_result(result, "dns_request_create");
requests++;
return;
@ -2983,8 +2983,8 @@ sendrequest(isc_sockaddr_t *destaddr, dns_message_t *msg,
}
result = dns_request_create(requestmgr, msg, srcaddr, destaddr,
req_transport, req_tls_ctx_cache, -1,
options, default_servers ? NULL : tsigkey,
req_transport, req_tls_ctx_cache, options,
default_servers ? NULL : tsigkey,
FIND_TIMEOUT * 20, FIND_TIMEOUT, 3,
global_task, recvsoa, reqinfo, request);
check_result(result, "dns_request_create");
@ -3190,10 +3190,10 @@ send_gssrequest(isc_sockaddr_t *destaddr, dns_message_t *msg,
srcaddr = localaddr4;
}
result = dns_request_create(
requestmgr, msg, srcaddr, destaddr, req_transport,
req_tls_ctx_cache, -1, options, tsigkey, FIND_TIMEOUT * 20,
FIND_TIMEOUT, 3, global_task, recvgss, reqinfo, request);
result = dns_request_create(requestmgr, msg, srcaddr, destaddr,
req_transport, req_tls_ctx_cache, options,
tsigkey, FIND_TIMEOUT * 20, FIND_TIMEOUT, 3,
global_task, recvgss, reqinfo, request);
check_result(result, "dns_request_create");
if (debugging) {
show_message(stdout, msg, "Outgoing update query:");

1
bin/tests/system/Makefile.am
View File

@ -99,7 +99,6 @@ TESTS += \
dialup \
dlzexternal \
dns64 \
dscp \
dsdigest \
dupsigs \
dyndb \

9
bin/tests/system/checkconf/range.conf
View File

@ -13,13 +13,4 @@
options {
port 999999;
dscp 222;
listen-on port 100 dscp 444 {
127.0.0.1/32;
};
};
zone "example" {
type primary;
file "example.db";
};

1
bin/tests/system/conf.sh.common
View File

@ -61,7 +61,6 @@ database
digdelv
dlz
dns64
dscp
dsdigest
ecdsa
eddsa

6
bin/tests/system/cookie/ns1/named.conf.in
View File

@ -30,9 +30,9 @@ controls {
};
options {
query-source address 10.53.0.1 dscp 1;
notify-source 10.53.0.1 dscp 2;
transfer-source 10.53.0.1 dscp 3;
query-source address 10.53.0.1;
notify-source 10.53.0.1;
transfer-source 10.53.0.1;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.1; };

6
bin/tests/system/cookie/ns2/named.conf.in
View File

@ -12,9 +12,9 @@
*/
options {
query-source address 10.53.0.2 dscp 1;
notify-source 10.53.0.2 dscp 2;
transfer-source 10.53.0.2 dscp 3;
query-source address 10.53.0.2;
notify-source 10.53.0.2;
transfer-source 10.53.0.2;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.2; };

6
bin/tests/system/cookie/ns3/named.conf.in
View File

@ -21,9 +21,9 @@ controls {
};
options {
query-source address 10.53.0.3 dscp 1;
notify-source 10.53.0.3 dscp 2;
transfer-source 10.53.0.3 dscp 3;
query-source address 10.53.0.3;
notify-source 10.53.0.3;
transfer-source 10.53.0.3;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.3; };

6
bin/tests/system/cookie/ns7/named.conf.in
View File

@ -12,9 +12,9 @@
*/
options {
query-source address 10.53.0.7 dscp 1;
notify-source 10.53.0.7 dscp 2;
transfer-source 10.53.0.7 dscp 3;
query-source address 10.53.0.7;
notify-source 10.53.0.7;
transfer-source 10.53.0.7;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.7; };

2
bin/tests/system/digdelv/ns3/named.conf.in
View File

@ -12,7 +12,7 @@
*/
options {
query-source address 10.53.0.3 dscp 1;
query-source address 10.53.0.3;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.3; };

11
bin/tests/system/digdelv/tests.sh
View File

@ -542,17 +542,6 @@ if [ -x "$DIG" ] ; then
if [ $ret -ne 0 ]; then echo_i "failed"; fi
status=$((status+ret))
n=$((n+1))
echo_i "checking dig +dscp ($n)"
ret=0
dig_with_opts @10.53.0.3 +dscp=32 a a.example > /dev/null 2>&1 || ret=1
dig_with_opts @10.53.0.3 +dscp=-1 a a.example > /dev/null 2>&1 && ret=1
dig_with_opts @10.53.0.3 +dscp=64 a a.example > /dev/null 2>&1 && ret=1
#TODO add a check to make sure dig is actually setting the dscp on the query
#we might have to add better logging to named for this
if [ $ret -ne 0 ]; then echo_i "failed"; fi
status=$((status+ret))
n=$((n+1))
echo_i "checking dig +ednsopt with option number ($n)"
ret=0

6
bin/tests/system/dnssec/ns4/named1.conf.in
View File

@ -14,9 +14,9 @@
// NS4
options {
query-source address 10.53.0.4 dscp 1;
notify-source 10.53.0.4 dscp 2;
transfer-source 10.53.0.4 dscp 3;
query-source address 10.53.0.4;
notify-source 10.53.0.4;
transfer-source 10.53.0.4;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.4; };

7
bin/tests/system/dnssec/ns4/named2.conf.in
View File

@ -14,10 +14,9 @@
// NS4
options {
query-source address 10.53.0.4 dscp 4;
notify-source 10.53.0.4 dscp 5;
transfer-source 10.53.0.4 dscp 6;
dscp 16;
query-source address 10.53.0.4;
notify-source 10.53.0.4;
transfer-source 10.53.0.4;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.4; };

20
bin/tests/system/dscp/clean.sh
View File

@ -1,20 +0,0 @@
#!/bin/sh
# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
#
# SPDX-License-Identifier: MPL-2.0
#
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, you can obtain one at https://mozilla.org/MPL/2.0/.
#
# See the COPYRIGHT file distributed with this work for additional
# information regarding copyright ownership.
rm -f */root.bk
rm -f dig.out.10.53.0.?
rm -f */named.memstats
rm -f */named.run
rm -f */named.conf
rm -f ns*/named.lock
rm -f ns*/managed-keys.bind*

1
bin/tests/system/dscp/ns1/named.args
View File

@ -1 +0,0 @@
-m record -c named.conf -d 99 -D dscp-ns1 -X named.lock -g -U 4 -T maxcachesize=2097152 -T dscp=46

31
bin/tests/system/dscp/ns1/named.conf.in
View File

@ -1,31 +0,0 @@
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
*
* SPDX-License-Identifier: MPL-2.0
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, you can obtain one at https://mozilla.org/MPL/2.0/.
*
* See the COPYRIGHT file distributed with this work for additional
* information regarding copyright ownership.
*/
options {
dscp 46;
query-source address 10.53.0.1;
notify-source 10.53.0.1;
transfer-source 10.53.0.1;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.1; };
listen-on-v6 { none; };
recursion no;
dnssec-validation no;
notify yes;
};
zone "." {
type primary;
file "root.db";
};

19
bin/tests/system/dscp/ns1/root.db
View File

@ -1,19 +0,0 @@
; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
;
; SPDX-License-Identifier: MPL-2.0
;
; This Source Code Form is subject to the terms of the Mozilla Public
; License, v. 2.0. If a copy of the MPL was not distributed with this
; file, you can obtain one at https://mozilla.org/MPL/2.0/.
;
; See the COPYRIGHT file distributed with this work for additional
; information regarding copyright ownership.
$TTL 3600
. SOA ns1.nil-servers. marka.isc.org. 1 3600 1200 3600000 1200
. NS ns1.nil-servers.
. NS ns2.nil-servers.
ns1.nil-servers. A 10.53.0.1
ns2.nil-servers. A 10.53.0.2
xxx.example. A 10.53.0.1
xxx.tld. A 10.53.0.1

1
bin/tests/system/dscp/ns2/named.args
View File

@ -1 +0,0 @@
-m record -c named.conf -d 99 -D dscp-ns2 -X named.lock -g -U 4 -T maxcachesize=2097152 -T dscp=46

32
bin/tests/system/dscp/ns2/named.conf.in
View File

@ -1,32 +0,0 @@
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
*
* SPDX-License-Identifier: MPL-2.0
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, you can obtain one at https://mozilla.org/MPL/2.0/.
*
* See the COPYRIGHT file distributed with this work for additional
* information regarding copyright ownership.
*/
options {
dscp 46;
query-source address 10.53.0.2;
notify-source 10.53.0.2;
transfer-source 10.53.0.2;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.2; };
listen-on-v6 { none; };
recursion no;
dnssec-validation no;
notify yes;
};
zone "." {
type secondary;
file "root.bk";
primaries { 10.53.0.1; };
};

16
bin/tests/system/dscp/ns3/hint.db
View File

@ -1,16 +0,0 @@
; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
;
; SPDX-License-Identifier: MPL-2.0
;
; This Source Code Form is subject to the terms of the Mozilla Public
; License, v. 2.0. If a copy of the MPL was not distributed with this
; file, you can obtain one at https://mozilla.org/MPL/2.0/.
;
; See the COPYRIGHT file distributed with this work for additional
; information regarding copyright ownership.
$TTL 3600
. NS ns1.nil-servers.
. NS ns2.nil-servers.
ns1.nil-servers. A 10.53.0.1
ns2.nil-servers. A 10.53.0.2

1
bin/tests/system/dscp/ns3/named.args
View File

@ -1 +0,0 @@
-m record -c named.conf -d 99 -D dscp-ns3 -X named.lock -g -U 4 -T maxcachesize=2097152 -T dscp=46

31
bin/tests/system/dscp/ns3/named.conf.in
View File

@ -1,31 +0,0 @@
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
*
* SPDX-License-Identifier: MPL-2.0
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, you can obtain one at https://mozilla.org/MPL/2.0/.
*
* See the COPYRIGHT file distributed with this work for additional
* information regarding copyright ownership.
*/
options {
dscp 46;
query-source address 10.53.0.3;
notify-source 10.53.0.3;
transfer-source 10.53.0.3;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.3; };
listen-on-v6 { none; };
notify yes;
recursion yes;
dnssec-validation yes;
};
zone "." {
type hint;
file "hint.db";
};

1
bin/tests/system/dscp/ns4/named.args
View File

@ -1 +0,0 @@
-m record -c named.conf -d 99 -D dscp-ns4 -X named.lock -g -U 4 -T maxcachesize=2097152 -T dscp=46

31
bin/tests/system/dscp/ns4/named.conf.in
View File

@ -1,31 +0,0 @@
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
*
* SPDX-License-Identifier: MPL-2.0
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, you can obtain one at https://mozilla.org/MPL/2.0/.
*
* See the COPYRIGHT file distributed with this work for additional
* information regarding copyright ownership.
*/
options {
dscp 47;
query-source dscp 46 address 10.53.0.4;
notify-source 10.53.0.4 dscp 46;
transfer-source 10.53.0.4 dscp 46;
port @PORT@;
pid-file "named.pid";
listen-on dscp 46 { 10.53.0.4; };
listen-on-v6 { none; };
recursion no;
dnssec-validation no;
notify yes;
};
zone "." {
type primary;
file "root.db";
};

19
bin/tests/system/dscp/ns4/root.db
View File

@ -1,19 +0,0 @@
; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
;
; SPDX-License-Identifier: MPL-2.0
;
; This Source Code Form is subject to the terms of the Mozilla Public
; License, v. 2.0. If a copy of the MPL was not distributed with this
; file, you can obtain one at https://mozilla.org/MPL/2.0/.
;
; See the COPYRIGHT file distributed with this work for additional
; information regarding copyright ownership.
$TTL 3600
. SOA ns4.nil-servers. marka.isc.org. 1 3600 1200 3600000 1200
. NS ns4.nil-servers.
. NS ns5.nil-servers.
ns4.nil-servers. A 10.53.0.4
ns5.nil-servers. A 10.53.0.5
xxx.example. A 10.53.0.1
xxx.tld. A 10.53.0.1

1
bin/tests/system/dscp/ns5/named.args
View File

@ -1 +0,0 @@
-m record -c named.conf -d 99 -D dscp-ns5 -X named.lock -g -U 4 -T maxcachesize=2097152 -T dscp=46

32
bin/tests/system/dscp/ns5/named.conf.in
View File

@ -1,32 +0,0 @@
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
*
* SPDX-License-Identifier: MPL-2.0
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, you can obtain one at https://mozilla.org/MPL/2.0/.
*
* See the COPYRIGHT file distributed with this work for additional
* information regarding copyright ownership.
*/
options {
dscp 47;
query-source dscp 46 address 10.53.0.5;
notify-source 10.53.0.5 dscp 46;
transfer-source 10.53.0.5 dscp 46;
port @PORT@;
pid-file "named.pid";
listen-on dscp 46 { 10.53.0.5; };
listen-on-v6 { none; };
recursion no;
dnssec-validation no;
notify yes;
};
zone "." {
type secondary;
file "root.bk";
primaries { 10.53.0.4; };
};

16
bin/tests/system/dscp/ns6/hint.db
View File

@ -1,16 +0,0 @@
; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
;
; SPDX-License-Identifier: MPL-2.0
;
; This Source Code Form is subject to the terms of the Mozilla Public
; License, v. 2.0. If a copy of the MPL was not distributed with this
; file, you can obtain one at https://mozilla.org/MPL/2.0/.
;
; See the COPYRIGHT file distributed with this work for additional
; information regarding copyright ownership.
$TTL 3600
. NS ns4.nil-servers.
. NS ns5.nil-servers.
ns4.nil-servers. A 10.53.0.4
ns5.nil-servers. A 10.53.0.5

1
bin/tests/system/dscp/ns6/named.args
View File

@ -1 +0,0 @@
-m record -c named.conf -d 99 -D dscp-ns6 -X named.lock -g -U 4 -T maxcachesize=2097152 -T dscp=46

31
bin/tests/system/dscp/ns6/named.conf.in
View File

@ -1,31 +0,0 @@
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
*
* SPDX-License-Identifier: MPL-2.0
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, you can obtain one at https://mozilla.org/MPL/2.0/.
*
* See the COPYRIGHT file distributed with this work for additional
* information regarding copyright ownership.
*/
options {
dscp 47;
query-source dscp 46 address 10.53.0.6;
notify-source 10.53.0.6 dscp 46;
transfer-source 10.53.0.6 dscp 46;
port @PORT@;
pid-file "named.pid";
listen-on dscp 46 { 10.53.0.6; };
listen-on-v6 { none; };
notify yes;
recursion yes;
dnssec-validation yes;
};
zone "." {
type hint;
file "hint.db";
};

1
bin/tests/system/dscp/ns7/named.args
View File

@ -1 +0,0 @@
-m record -c named.conf -d 99 -D dscp-ns7 -X named.lock -g -U 4 -T maxcachesize=2097152 -T dscp=46

34
bin/tests/system/dscp/ns7/named.conf.in
View File

@ -1,34 +0,0 @@
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
*
* SPDX-License-Identifier: MPL-2.0
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, you can obtain one at https://mozilla.org/MPL/2.0/.
*
* See the COPYRIGHT file distributed with this work for additional
* information regarding copyright ownership.
*/
options {
dscp 47;
query-source dscp 46 address 10.53.0.7;
notify-source 10.53.0.7 dscp 47;
transfer-source 10.53.0.7 dscp 47;
port @PORT@;
pid-file "named.pid";
listen-on dscp 46 { 10.53.0.7; };
listen-on-v6 { none; };
recursion no;
dnssec-validation no;
notify yes;
};
zone "." {
type secondary;
file "root.bk";
transfer-source 10.53.0.7 dscp 46;
notify-source 10.53.0.7 dscp 46;
primaries { 10.53.0.4; };
};

22
bin/tests/system/dscp/setup.sh
View File

@ -1,22 +0,0 @@
#!/bin/sh
# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
#
# SPDX-License-Identifier: MPL-2.0
#
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, you can obtain one at https://mozilla.org/MPL/2.0/.
#
# See the COPYRIGHT file distributed with this work for additional
# information regarding copyright ownership.
. ../conf.sh
copy_setports ns1/named.conf.in ns1/named.conf
copy_setports ns2/named.conf.in ns2/named.conf
copy_setports ns3/named.conf.in ns3/named.conf
copy_setports ns4/named.conf.in ns4/named.conf
copy_setports ns5/named.conf.in ns5/named.conf
copy_setports ns6/named.conf.in ns6/named.conf
copy_setports ns7/named.conf.in ns7/named.conf

41
bin/tests/system/dscp/tests.sh
View File

@ -1,41 +0,0 @@
#!/bin/sh
# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
#
# SPDX-License-Identifier: MPL-2.0
#
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, you can obtain one at https://mozilla.org/MPL/2.0/.
#
# See the COPYRIGHT file distributed with this work for additional
# information regarding copyright ownership.
. ../conf.sh
DIGOPTS="+tcp +noadd +nosea +nostat +noquest -p ${PORT}"
status=0
#
# 10.53.0.1 10.53.0.2 10.53.0.3 have a global dscp setting;
# 10.53.0.4 10.53.0.5 10.53.0.6 have dscp set in option *-source clauses;
# 10.53.0.7 has dscp set in zone *-source clauses;
#
for server in 10.53.0.1 10.53.0.2 10.53.0.3 10.53.0.4 10.53.0.5 \
10.53.0.6 10.53.0.7
do
echo_i "testing root SOA lookup at $server"
for i in 0 1 2 3 4 5 6 7 8 9
do
ret=0
$DIG $DIGOPTS @$server soa . > dig.out.$server
grep "status: NOERROR" dig.out.$server > /dev/null || ret=1
test $ret = 0 && break
sleep 1
done
test $ret = 0 || { echo_i "failed"; status=`expr $status + $ret`; }
done
echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1

6
bin/tests/system/emptyzones/ns1/named1.conf.in
View File

@ -21,9 +21,9 @@ controls {
};
options {
query-source address 10.53.0.1 dscp 1;
notify-source 10.53.0.1 dscp 2;
transfer-source 10.53.0.1 dscp 3;
query-source address 10.53.0.1;
notify-source 10.53.0.1;
transfer-source 10.53.0.1;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.1; };

6
bin/tests/system/emptyzones/ns1/named2.conf.in
View File

@ -21,9 +21,9 @@ controls {
};
options {
query-source address 10.53.0.1 dscp 1;
notify-source 10.53.0.1 dscp 2;
transfer-source 10.53.0.1 dscp 3;
query-source address 10.53.0.1;
notify-source 10.53.0.1;
transfer-source 10.53.0.1;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.1; };

6
bin/tests/system/nsupdate/ns1/named.conf.in
View File

@ -41,9 +41,9 @@ tls tls-expired {
options {
query-source address 10.53.0.1 dscp 1;
notify-source 10.53.0.1 dscp 22;
transfer-source 10.53.0.1 dscp 3;
query-source address 10.53.0.1;
notify-source 10.53.0.1;
transfer-source 10.53.0.1;
port @PORT@;
tls-port @TLSPORT@;
pid-file "named.pid";

6
bin/tests/system/nsupdate/ns2/named.conf.in
View File

@ -12,9 +12,9 @@
*/
options {
query-source address 10.53.0.2 dscp 4;
notify-source 10.53.0.2 dscp 5;
transfer-source 10.53.0.2 dscp 6;
query-source address 10.53.0.2;
notify-source 10.53.0.2;
transfer-source 10.53.0.2;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.2; };

6
bin/tests/system/nsupdate/ns3/named.conf.in
View File

@ -14,9 +14,9 @@
// NS3
options {
query-source address 10.53.0.3 dscp 7;
notify-source 10.53.0.3 dscp 8;
transfer-source 10.53.0.3 dscp 9;
query-source address 10.53.0.3;
notify-source 10.53.0.3;
transfer-source 10.53.0.3;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.3; };

8
bin/tests/system/pipelined/pipequeries.c
View File

@ -169,10 +169,10 @@ sendquery(isc_task_t *task) {
ISC_LIST_APPEND(qname->list, qrdataset, link);
dns_message_addname(message, qname, DNS_SECTION_QUESTION);
result = dns_request_create(
requestmgr, message, have_src ? &srcaddr : NULL, &dstaddr, NULL,
NULL, -1, DNS_REQUESTOPT_TCP, NULL, TIMEOUT, 0, 0, task,
recvresponse, message, &request);
result = dns_request_create(requestmgr, message,
have_src ? &srcaddr : NULL, &dstaddr, NULL,
NULL, DNS_REQUESTOPT_TCP, NULL, TIMEOUT, 0,
0, task, recvresponse, message, &request);
CHECK("dns_request_create", result);
return (ISC_R_SUCCESS);

6
bin/tests/system/resolver/ns1/named.conf.in
View File

@ -12,9 +12,9 @@
*/
options {
query-source address 10.53.0.1 dscp 1;
notify-source 10.53.0.1 dscp 2;
transfer-source 10.53.0.1 dscp 3;
query-source address 10.53.0.1;
notify-source 10.53.0.1;
transfer-source 10.53.0.1;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.1; };

6
bin/tests/system/resolver/ns4/named.conf.in
View File

@ -14,9 +14,9 @@
// NS4
options {
query-source address 10.53.0.4 dscp 4;
notify-source 10.53.0.4 dscp 5;
transfer-source 10.53.0.4 dscp 6;
query-source address 10.53.0.4;
notify-source 10.53.0.4;
transfer-source 10.53.0.4;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.4; };

6
bin/tests/system/resolver/ns5/named.conf.in
View File

@ -14,9 +14,9 @@
// NS5
options {
query-source address 10.53.0.5 dscp 7;
notify-source 10.53.0.5 dscp 8;
transfer-source 10.53.0.5 dscp 9;
query-source address 10.53.0.5;
notify-source 10.53.0.5;
transfer-source 10.53.0.5;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.5; };

6
bin/tests/system/resolver/ns6/named.conf.in
View File

@ -14,9 +14,9 @@
// NS6
options {
query-source address 10.53.0.6 dscp 10;
notify-source 10.53.0.6 dscp 11;
transfer-source 10.53.0.6 dscp 12;
query-source address 10.53.0.6;
notify-source 10.53.0.6;
transfer-source 10.53.0.6;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.6; };

6
bin/tests/system/resolver/ns7/named1.conf.in
View File

@ -14,9 +14,9 @@
// NS7
options {
query-source address 10.53.0.7 dscp 13;
notify-source 10.53.0.7 dscp 14;
transfer-source 10.53.0.7 dscp 15;
query-source address 10.53.0.7;
notify-source 10.53.0.7;
transfer-source 10.53.0.7;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.7; };

6
bin/tests/system/resolver/ns7/named2.conf.in
View File

@ -14,9 +14,9 @@
// NS7
options {
query-source address 10.53.0.7 dscp 13;
notify-source 10.53.0.7 dscp 14;
transfer-source 10.53.0.7 dscp 15;
query-source address 10.53.0.7;
notify-source 10.53.0.7;
transfer-source 10.53.0.7;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.7; };

2
bin/tests/system/tkey/keycreate.c
View File

@ -179,7 +179,7 @@ sendquery(void *arg) {
CHECK("dns_tkey_builddhquery", result);
result = dns_request_create(requestmgr, query, NULL, &address, NULL,
NULL, -1, DNS_REQUESTOPT_TCP, initialkey,
NULL, DNS_REQUESTOPT_TCP, initialkey,
TIMEOUT, 0, 0, task, recvquery, query,
&request);
CHECK("dns_request_create", result);

5
bin/tests/system/tkey/keydelete.c
View File

@ -123,9 +123,8 @@ sendquery(void *arg) {
CHECK("dns_tkey_builddeletequery", result);
result = dns_request_create(requestmgr, query, NULL, &address, NULL,
NULL, -1, DNS_REQUESTOPT_TCP, tsigkey,
TIMEOUT, 0, 0, task, recvquery, query,
&request);
NULL, DNS_REQUESTOPT_TCP, tsigkey, TIMEOUT,
0, 0, task, recvquery, query, &request);
CHECK("dns_request_create", result);
}

20
bin/tools/mdig.c
View File

@ -118,7 +118,6 @@ static isc_sockaddr_t srcaddr;
static char *server = NULL;
static isc_sockaddr_t dstaddr;
static in_port_t port = 53;
static isc_dscp_t dscp = -1;
static unsigned char cookie_secret[33];
static int onfly = 0;
static char hexcookie[81];
@ -755,7 +754,7 @@ sendquery(struct query *query) {
result = dns_request_create(
requestmgr, message, have_src ? &srcaddr : NULL, &dstaddr, NULL,
NULL, dscp, options, NULL, query->timeout, query->udptimeout,
NULL, options, NULL, query->timeout, query->udptimeout,
query->udpretries, global_task, recvresponse, message,
&request);
CHECK("dns_request_create", result);
@ -812,9 +811,6 @@ help(void) {
" -p port (specify port number)\n"
" -m (enable memory usage "
"debugging)\n"
" +[no]dscp[=###] (Set the DSCP value to "
"### "
"[0..63])\n"
" +[no]vc (TCP mode)\n"
" +[no]tcp (TCP mode, alternate "
"syntax)\n"
@ -1319,18 +1315,10 @@ plus_option(char *option, struct query *query, bool global) {
query->dnssec = state;
break;
case 's': /* dscp */
/* obsolete */
FULLCHECK("dscp");
GLOBAL();
if (!state) {
dscp = -1;
break;
}
if (value == NULL) {
goto need_value;
}
result = parse_uint(&num, value, 0x3f, "DSCP");
CHECK("parse_uint(DSCP)", result);
dscp = num;
fprintf(stderr, ";; +dscp option is obsolete "
"and has no effect");
break;
default:
goto invalid_option;

7
bin/tools/mdig.rst
View File

@ -161,11 +161,10 @@ The global query options are:
they are replaced by the string "[omitted]"; in the DNSKEY case, the
key ID is displayed as the replacement, e.g., ``[ key id = value ]``.
.. option:: +dscp[=value]
.. option:: +dscp=value
This option sets the DSCP code point to be used when sending the query. Valid DSCP
code points are in the range [0...63]. By default no code point is
explicitly set.
This option formerly set the DSCP value used when sending a query.
It is now obsolete, and has no effect.
.. option:: +multiline, +nomultiline

15
doc/arm/reference.rst
View File

@ -314,9 +314,6 @@ file documentation:
``domain_name``
A quoted string which is used as a DNS name; for example: ``my.test.domain``.
``dscp``
An :term:`integer` between 0 and 63, used to select a Differentiated Services Code Point (DSCP) value for use with outgoing traffic on operating systems that support DSCP.
``fixedpoint``
A non-negative real number that can be specified to the nearest one-hundredth. Up to five digits can be specified before a decimal point, and up to two digits after, so the maximum value is 99999.99. Acceptable values might be further limited by the contexts in which they are used.
@ -1604,11 +1601,11 @@ default is used.
.. namedconf:statement:: dscp
:tags: server, query
:short: Specifies the global Differentiated Services Code Point (DSCP) value to classify outgoing DNS traffic.
:short: Sets the Differentiated Services Code Point (DSCP) value (obsolete).
This is the global Differentiated Services Code Point (DSCP) value to
classify outgoing DNS traffic, on operating systems that support DSCP.
Valid values are 0 through 63. It is not configured by default.
This option used to set the global Differentiated Services Code Point
(DSCP) value to classify outgoing DNS traffic. It is now obsolete and
has no effect.
.. namedconf:statement:: preferred-glue
:tags: query
@ -2895,8 +2892,8 @@ authoritative and does not have the answer in its cache.
This specifies a list of IP addresses to which queries are forwarded. The
default is the empty list (no forwarding). Each address in the list can be
associated with an optional port number and/or DSCP value, and a default port
number and DSCP value can be set for the entire list.
associated with an optional port number. A default port number can be set
for the entire list.
Forwarding can also be configured on a per-domain basis, allowing for
the global forwarding options to be overridden in a variety of ways.

143
doc/design/dscp
View File

@ -1,143 +0,0 @@
<!--
Copyright (C) Internet Systems Consortium, Inc. ("ISC")
SPDX-License-Identifier: MPL-2.0
This Source Code Form is subject to the terms of the Mozilla Public
License, v. 2.0. If a copy of the MPL was not distributed with this
file, you can obtain one at https://mozilla.org/MPL/2.0/.
See the COPYRIGHT file distributed with this work for additional
information regarding copyright ownership.
-->
Differentiate Services Code Point Support
Differentiate Services Code Point (DSCP) is implemented in IPv4 using the
TOS octet and in IPv6 using the TCLASS octet.
RFC 3542 defines the api to manipulate the TCLASS octet as part of
the advanced socket API. TCLASS is settable on both a socket and
packet basis (setsockopt/sendmsg) and the sent value can be retrieved
using recvmsg over UDP. Retrieval is undefined for TCP.
The Advanced socket API was not incorporated into the POSIX socket
API for IPv6 and may not be completely implemented in any OS.
For TOS setsockopt() supports setting of the field on a persocket
basis. TOS may also be set on a per packet basis on some OS using
sendmsg. If it is not supported the sendmsg call reports a error.
Support can only be determined by attempted to send a packet with
the option set. Retrieval of the sent TOS value is retrievable on
Linux. This can be determined at compile time.
DSCP values need to be compatible with TOS values as it is a re-use
of the field.
LIBISC:
We will need to be able to probe for the level of DSCP support. We
need to know if we can set it at the socket level, packet level and
if we can retrieve the DSCP value sent. This needs to be done
independently for IPv4 and IPv6.
#define ISC_NET_DSCPRECVV4 0x01 /* Can receive sent DSCP value IPv4 */
#define ISC_NET_DSCPRECVV6 0x02 /* Can receive sent DSCP value IPv6 */
#define ISC_NET_DSCPSETV4 0x04 /* Can set DSCP on socket IPv4 */
#define ISC_NET_DSCPSETV6 0x08 /* Can set DSCP on socket IPv6 */
#define ISC_NET_DSCPPKTV4 0x10 /* Can set DSCP on per packet IPv4 */
#define ISC_NET_DSCPPKTV6 0x20 /* Can set DSCP on per packet IPv6 */
#define ISC_NET_DSCPALL 0x3f /* All valid flags */
unsigned int
isc_net_probedscp(void);
/*%<
* Probe the level of DSCP support.
*/
We also need to be able to set DSCP values on a per socket basis, per packet
basis and to retrieve dscp values from received packet.
Setting dscp on a per socket basis shall be done using isc_socket_dscp.
void
isc_socket_dscp(isc_socket_t *sock, unsigned int dscp);
/*%<
* Requires:
*\li 'sock' is a valid socket.
*/
/*@}*/
isc_socketevent shall be extended to support the sending of and retrieval
of DSCP values. If ISC_SOCKEVENTATTR_DSCP is set then isc_socket_sendto2
shall set the DSCP value. isc_socket_recv shall set ISC_SOCKEVENTATTR_DSCP
and the dscp element if the OS returns the value via recvmsg.
#define ISC_SOCKEVENTATTR_DSCP 0x00040000U /* public */
struct isc_socketevent {
ISC_EVENT_COMMON(isc_socketevent_t);
isc_result_t result; /*%< OK, EOF, whatever else */
unsigned int minimum; /*%< minimum i/o for event */
unsigned int n; /*%< bytes read or written */
unsigned int offset; /*%< offset into buffer list */
isc_region_t region; /*%< for single-buffer i/o */
isc_bufferlist_t bufferlist; /*%< list of buffers */
isc_sockaddr_t address; /*%< source address */
isc_time_t timestamp; /*%< timestamp of packet recv */
struct in6_pktinfo pktinfo; /*%< ipv6 pktinfo */
uint32_t attributes; /*%< see below */
isc_eventdestructor_t destroy; /*%< original destructor */
unsigned int dscp; /*%< UDP dscp value */
};
A convenience function will be provided to allocate and initialize the structure.
isc_socketevent_t *
isc_socket_socketevent(isc_socket_t *sock0, isc_eventtype_t eventtype,
isc_taskaction_t action, const void *arg)
NAMED/LIBDNS:
Named needs to be able to set the DSCP value of sent traffic. We should
be able to set DSCP for all TCP connections.
For UDP we should have a default DSCP value for when we can't set this on
a per packet basis with the ability to override for specific destinations.
options/view/server;
tcp-dscp <value>;
udp-dscp <value>;
http://bogpeople.com/networking/dscp.shtml list a set of TOS compatible
values (below).
DSCP Name DS Field Value IP Precedence
Binary Decimal
CS0 000 000 0 0
CS1 001 000 8 1
AF11 001 010 10 1
AF12 001 100 12 1
AF13 001 110 14 1
CS2 010 000 16 2
AF21 010 010 18 2
AF22 010 100 20 2
AF23 010 110 22 2
CS3 011 000 24 3
AF31 011 010 26 3
AF32 011 100 28 3
AF33 011 110 30 3
CS4 100 000 32 4
AF41 100 010 34 4
AF42 100 100 36 4
AF43 100 110 38 4
CS5 101 000 40 5
EF 101 110 46 5
CS6 110 000 48 6
CS7 111 000 56 7
CS Class Selector (RFC 2474)
AFxy Assured Forwarding (x=class, y=drop precedence) (RFC2597)
EF Expedited Forwarding (RFC 3246)
value should be one of these or a numeric 0..63. The default value is 0.

5
doc/man/dig.1in
View File

@ -403,9 +403,8 @@ given.
.INDENT 0.0
.TP
.B +dscp=value
This option sets the DSCP code point to be used when sending the query. Valid DSCP
code points are in the range [0...63]. By default no code point is
explicitly set.
This option formerly set the DSCP value used when sending a query.
It is now obsolete, and has no effect.
.UNINDENT
.INDENT 0.0
.TP

7
doc/man/mdig.1in
View File

@ -185,10 +185,9 @@ key ID is displayed as the replacement, e.g., \fB[ key id = value ]\fP\&.
.UNINDENT
.INDENT 0.0
.TP
.B +dscp[=value]
This option sets the DSCP code point to be used when sending the query. Valid DSCP
code points are in the range [0...63]. By default no code point is
explicitly set.
.B +dscp=value
This option formerly set the DSCP value used when sending a query.
It is now obsolete, and has no effect.
.UNINDENT
.INDENT 0.0
.TP

142
doc/man/named.conf.5in
View File

@ -126,7 +126,7 @@ options {
allow\-transfer [ port <integer> ] [ transport <string> ] { <address_match_element>; ... };
allow\-update { <address_match_element>; ... };
allow\-update\-forwarding { <address_match_element>; ... };
also\-notify [ port <integer> ] [ dscp <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] [ source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] { ( <remote\-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
also\-notify [ port <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ] [ source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ] { ( <remote\-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
answer\-cookie <boolean>;
attach\-cache <string>;
auth\-nxdomain <boolean>;
@ -136,7 +136,7 @@ options {
avoid\-v6\-udp\-ports { <portrange>; ... };
bindkeys\-file <quoted_string>;
blackhole { <address_match_element>; ... };
catalog\-zones { zone <string> [ default\-primaries [ port <integer> ] [ dscp <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] [ source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] { ( <remote\-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... } ] [ zone\-directory <quoted_string> ] [ in\-memory <boolean> ] [ min\-update\-interval <duration> ]; ... };
catalog\-zones { zone <string> [ default\-primaries [ port <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ] [ source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ] { ( <remote\-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... } ] [ zone\-directory <quoted_string> ] [ in\-memory <boolean> ] [ min\-update\-interval <duration> ]; ... };
check\-dup\-records ( fail | warn | ignore );
check\-integrity <boolean>;
check\-mx ( fail | warn | ignore );
@ -182,8 +182,8 @@ options {
dnstap\-identity ( <quoted_string> | none | hostname ); // not configured
dnstap\-output ( file | unix ) <quoted_string> [ size ( unlimited | <size> ) ] [ versions ( unlimited | <integer> ) ] [ suffix ( increment | timestamp ) ]; // not configured
dnstap\-version ( <quoted_string> | none ); // not configured
dscp <integer>;
dual\-stack\-servers [ port <integer> ] { ( <quoted_string> [ port <integer> ] [ dscp <integer> ] | <ipv4_address> [ port <integer> ] [ dscp <integer> ] | <ipv6_address> [ port <integer> ] [ dscp <integer> ] ); ... };
dscp <integer>; // obsolete
dual\-stack\-servers [ port <integer> ] { ( <quoted_string> [ port <integer> ] | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ); ... };
dump\-file <quoted_string>;
edns\-udp\-size <integer>;
empty\-contact <string>;
@ -194,7 +194,7 @@ options {
fetches\-per\-zone <integer> [ ( drop | fail ) ];
flush\-zones\-on\-shutdown <boolean>;
forward ( first | only );
forwarders [ port <integer> ] [ dscp <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ] [ dscp <integer> ]; ... };
forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ]; ... };
fstrm\-set\-buffer\-hint <integer>; // not configured
fstrm\-set\-flush\-timeout <integer>; // not configured
fstrm\-set\-input\-queue\-size <integer>; // not configured
@ -217,8 +217,8 @@ options {
keep\-response\-order { <address_match_element>; ... }; // obsolete
key\-directory <quoted_string>;
lame\-ttl <duration>;
listen\-on [ port <integer> ] [ dscp <integer> ] [ tls <string> ] [ http <string> ] { <address_match_element>; ... }; // may occur multiple times
listen\-on\-v6 [ port <integer> ] [ dscp <integer> ] [ tls <string> ] [ http <string> ] { <address_match_element>; ... }; // may occur multiple times
listen\-on [ port <integer> ] [ tls <string> ] [ http <string> ] { <address_match_element>; ... }; // may occur multiple times
listen\-on\-v6 [ port <integer> ] [ tls <string> ] [ http <string> ] { <address_match_element>; ... }; // may occur multiple times
lmdb\-mapsize <sizeval>;
lock\-file ( <quoted_string> | none );
managed\-keys\-directory <quoted_string>;
@ -260,23 +260,23 @@ options {
notify ( explicit | master\-only | primary\-only | <boolean> );
notify\-delay <integer>;
notify\-rate <integer>;
notify\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
notify\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
notify\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
notify\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
notify\-to\-soa <boolean>;
nsec3\-test\-zone <boolean>; // test only
nta\-lifetime <duration>;
nta\-recheck <duration>;
nxdomain\-redirect <string>;
parental\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
parental\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
parental\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
parental\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
pid\-file ( <quoted_string> | none );
port <integer>;
preferred\-glue <string>;
prefetch <integer> [ <integer> ];
provide\-ixfr <boolean>;
qname\-minimization ( strict | relaxed | disabled | off );
query\-source ( ( [ address ] ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ) | ( [ [ address ] ( <ipv4_address> | * ) ] port ( <integer> | * ) ) ) [ dscp <integer> ];
query\-source\-v6 ( ( [ address ] ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ) | ( [ [ address ] ( <ipv6_address> | * ) ] port ( <integer> | * ) ) ) [ dscp <integer> ];
query\-source ( ( [ address ] ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ) | ( [ [ address ] ( <ipv4_address> | * ) ] port ( <integer> | * ) ) );
query\-source\-v6 ( ( [ address ] ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ) | ( [ [ address ] ( <ipv6_address> | * ) ] port ( <integer> | * ) ) );
querylog <boolean>;
rate\-limit {
all\-per\-second <integer>;
@ -350,8 +350,8 @@ options {
tls\-port <integer>;
transfer\-format ( many\-answers | one\-answer );
transfer\-message\-size <integer>;
transfer\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
transfer\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
transfer\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
transfer\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
transfers\-in <integer>;
transfers\-out <integer>;
transfers\-per\-ns <integer>;
@ -370,11 +370,11 @@ options {
zone\-statistics ( full | terse | none | <boolean> );
};
parental\-agents <string> [ port <integer> ] [ dscp <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] [ source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] { ( <remote\-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... }; // may occur multiple times
parental\-agents <string> [ port <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ] [ source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ] { ( <remote\-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... }; // may occur multiple times
plugin ( query ) <string> [ { <unspecified\-text> } ]; // may occur multiple times
primaries <string> [ port <integer> ] [ dscp <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] [ source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] { ( <remote\-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... }; // may occur multiple times
primaries <string> [ port <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ] [ source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ] { ( <remote\-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... }; // may occur multiple times
server <netprefix> {
bogus <boolean>;
@ -383,12 +383,12 @@ server <netprefix> {
edns\-version <integer>;
keys <server_key>;
max\-udp\-size <integer>;
notify\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
notify\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
notify\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
notify\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
padding <integer>;
provide\-ixfr <boolean>;
query\-source ( ( [ address ] ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ) | ( [ [ address ] ( <ipv4_address> | * ) ] port ( <integer> | * ) ) ) [ dscp <integer> ];
query\-source\-v6 ( ( [ address ] ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ) | ( [ [ address ] ( <ipv6_address> | * ) ] port ( <integer> | * ) ) ) [ dscp <integer> ];
query\-source ( ( [ address ] ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ) | ( [ [ address ] ( <ipv4_address> | * ) ] port ( <integer> | * ) ) );
query\-source\-v6 ( ( [ address ] ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ) | ( [ [ address ] ( <ipv6_address> | * ) ] port ( <integer> | * ) ) );
request\-expire <boolean>;
request\-ixfr <boolean>;
request\-nsid <boolean>;
@ -397,8 +397,8 @@ server <netprefix> {
tcp\-keepalive <boolean>;
tcp\-only <boolean>;
transfer\-format ( many\-answers | one\-answer );
transfer\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
transfer\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
transfer\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
transfer\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
transfers <integer>;
}; // may occur multiple times
@ -434,11 +434,11 @@ view <string> [ <class> ] {
allow\-transfer [ port <integer> ] [ transport <string> ] { <address_match_element>; ... };
allow\-update { <address_match_element>; ... };
allow\-update\-forwarding { <address_match_element>; ... };
also\-notify [ port <integer> ] [ dscp <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] [ source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] { ( <remote\-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
also\-notify [ port <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ] [ source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ] { ( <remote\-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
attach\-cache <string>;
auth\-nxdomain <boolean>;
auto\-dnssec ( allow | maintain | off ); // deprecated
catalog\-zones { zone <string> [ default\-primaries [ port <integer> ] [ dscp <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] [ source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] { ( <remote\-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... } ] [ zone\-directory <quoted_string> ] [ in\-memory <boolean> ] [ min\-update\-interval <duration> ]; ... };
catalog\-zones { zone <string> [ default\-primaries [ port <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ] [ source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ] { ( <remote\-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... } ] [ zone\-directory <quoted_string> ] [ in\-memory <boolean> ] [ min\-update\-interval <duration> ]; ... };
check\-dup\-records ( fail | warn | ignore );
check\-integrity <boolean>;
check\-mx ( fail | warn | ignore );
@ -482,7 +482,7 @@ view <string> [ <class> ] {
dnssec\-update\-mode ( maintain | no\-resign );
dnssec\-validation ( yes | no | auto );
dnstap { ( all | auth | client | forwarder | resolver | update ) [ ( query | response ) ]; ... }; // not configured
dual\-stack\-servers [ port <integer> ] { ( <quoted_string> [ port <integer> ] [ dscp <integer> ] | <ipv4_address> [ port <integer> ] [ dscp <integer> ] | <ipv6_address> [ port <integer> ] [ dscp <integer> ] ); ... };
dual\-stack\-servers [ port <integer> ] { ( <quoted_string> [ port <integer> ] | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ); ... };
dyndb <string> <quoted_string> { <unspecified\-text> }; // may occur multiple times
edns\-udp\-size <integer>;
empty\-contact <string>;
@ -492,7 +492,7 @@ view <string> [ <class> ] {
fetches\-per\-server <integer> [ ( drop | fail ) ];
fetches\-per\-zone <integer> [ ( drop | fail ) ];
forward ( first | only );
forwarders [ port <integer> ] [ dscp <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ] [ dscp <integer> ]; ... };
forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ]; ... };
ipv4only\-contact <string>;
ipv4only\-enable <boolean>;
ipv4only\-server <string>;
@ -541,22 +541,22 @@ view <string> [ <class> ] {
nocookie\-udp\-size <integer>;
notify ( explicit | master\-only | primary\-only | <boolean> );
notify\-delay <integer>;
notify\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
notify\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
notify\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
notify\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
notify\-to\-soa <boolean>;
nsec3\-test\-zone <boolean>; // test only
nta\-lifetime <duration>;
nta\-recheck <duration>;
nxdomain\-redirect <string>;
parental\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
parental\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
parental\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
parental\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
plugin ( query ) <string> [ { <unspecified\-text> } ]; // may occur multiple times
preferred\-glue <string>;
prefetch <integer> [ <integer> ];
provide\-ixfr <boolean>;
qname\-minimization ( strict | relaxed | disabled | off );
query\-source ( ( [ address ] ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ) | ( [ [ address ] ( <ipv4_address> | * ) ] port ( <integer> | * ) ) ) [ dscp <integer> ];
query\-source\-v6 ( ( [ address ] ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ) | ( [ [ address ] ( <ipv6_address> | * ) ] port ( <integer> | * ) ) ) [ dscp <integer> ];
query\-source ( ( [ address ] ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ) | ( [ [ address ] ( <ipv4_address> | * ) ] port ( <integer> | * ) ) );
query\-source\-v6 ( ( [ address ] ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ) | ( [ [ address ] ( <ipv6_address> | * ) ] port ( <integer> | * ) ) );
rate\-limit {
all\-per\-second <integer>;
errors\-per\-second <integer>;
@ -596,12 +596,12 @@ view <string> [ <class> ] {
edns\-version <integer>;
keys <server_key>;
max\-udp\-size <integer>;
notify\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
notify\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
notify\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
notify\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
padding <integer>;
provide\-ixfr <boolean>;
query\-source ( ( [ address ] ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ) | ( [ [ address ] ( <ipv4_address> | * ) ] port ( <integer> | * ) ) ) [ dscp <integer> ];
query\-source\-v6 ( ( [ address ] ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ) | ( [ [ address ] ( <ipv6_address> | * ) ] port ( <integer> | * ) ) ) [ dscp <integer> ];
query\-source ( ( [ address ] ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ) | ( [ [ address ] ( <ipv4_address> | * ) ] port ( <integer> | * ) ) );
query\-source\-v6 ( ( [ address ] ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ) | ( [ [ address ] ( <ipv6_address> | * ) ] port ( <integer> | * ) ) );
request\-expire <boolean>;
request\-ixfr <boolean>;
request\-nsid <boolean>;
@ -610,8 +610,8 @@ view <string> [ <class> ] {
tcp\-keepalive <boolean>;
tcp\-only <boolean>;
transfer\-format ( many\-answers | one\-answer );
transfer\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
transfer\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
transfer\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
transfer\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
transfers <integer>;
}; // may occur multiple times
servfail\-ttl <duration>;
@ -628,8 +628,8 @@ view <string> [ <class> ] {
suppress\-initial\-notify <boolean>; // obsolete
synth\-from\-dnssec <boolean>;
transfer\-format ( many\-answers | one\-answer );
transfer\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
transfer\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
transfer\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
transfer\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
trust\-anchor\-telemetry <boolean>; // experimental
trust\-anchors { <string> ( static\-key | initial\-key | static\-ds | initial\-ds ) <integer> <integer> <integer> <quoted_string>; ... }; // may occur multiple times
trusted\-keys { <string> <integer> <integer> <integer> <quoted_string>; ... }; // may occur multiple times, deprecated
@ -660,7 +660,7 @@ zone <string> [ <class> ] {
allow\-query\-on { <address_match_element>; ... };
allow\-transfer [ port <integer> ] [ transport <string> ] { <address_match_element>; ... };
allow\-update { <address_match_element>; ... };
also\-notify [ port <integer> ] [ dscp <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] [ source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] { ( <remote\-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
also\-notify [ port <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ] [ source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ] { ( <remote\-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
auto\-dnssec ( allow | maintain | off ); // deprecated
check\-dup\-records ( fail | warn | ignore );
check\-integrity <boolean>;
@ -683,7 +683,7 @@ zone <string> [ <class> ] {
dnssec\-update\-mode ( maintain | no\-resign );
file <quoted_string>;
forward ( first | only );
forwarders [ port <integer> ] [ dscp <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ] [ dscp <integer> ]; ... };
forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ]; ... };
inline\-signing <boolean>;
ixfr\-from\-differences <boolean>;
journal <quoted_string>;
@ -698,13 +698,13 @@ zone <string> [ <class> ] {
max\-zone\-ttl ( unlimited | <duration> ); // deprecated
notify ( explicit | master\-only | primary\-only | <boolean> );
notify\-delay <integer>;
notify\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
notify\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
notify\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
notify\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
notify\-to\-soa <boolean>;
nsec3\-test\-zone <boolean>; // test only
parental\-agents [ port <integer> ] [ dscp <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] [ source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] { ( <remote\-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
parental\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
parental\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
parental\-agents [ port <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ] [ source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ] { ( <remote\-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
parental\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
parental\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
serial\-update\-method ( date | increment | unixtime );
sig\-signing\-nodes <integer>;
sig\-signing\-signatures <integer>;
@ -732,7 +732,7 @@ zone <string> [ <class> ] {
allow\-query\-on { <address_match_element>; ... };
allow\-transfer [ port <integer> ] [ transport <string> ] { <address_match_element>; ... };
allow\-update\-forwarding { <address_match_element>; ... };
also\-notify [ port <integer> ] [ dscp <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] [ source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] { ( <remote\-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
also\-notify [ port <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ] [ source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ] { ( <remote\-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
auto\-dnssec ( allow | maintain | off ); // deprecated
check\-names ( fail | warn | ignore );
database <string>;
@ -745,7 +745,7 @@ zone <string> [ <class> ] {
dnssec\-update\-mode ( maintain | no\-resign );
file <quoted_string>;
forward ( first | only );
forwarders [ port <integer> ] [ dscp <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ] [ dscp <integer> ]; ... };
forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ]; ... };
inline\-signing <boolean>;
ixfr\-from\-differences <boolean>;
journal <quoted_string>;
@ -766,22 +766,22 @@ zone <string> [ <class> ] {
multi\-master <boolean>;
notify ( explicit | master\-only | primary\-only | <boolean> );
notify\-delay <integer>;
notify\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
notify\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
notify\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
notify\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
notify\-to\-soa <boolean>;
nsec3\-test\-zone <boolean>; // test only
parental\-agents [ port <integer> ] [ dscp <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] [ source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] { ( <remote\-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
parental\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
parental\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
primaries [ port <integer> ] [ dscp <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] [ source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] { ( <remote\-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
parental\-agents [ port <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ] [ source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ] { ( <remote\-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
parental\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
parental\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
primaries [ port <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ] [ source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ] { ( <remote\-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
request\-expire <boolean>;
request\-ixfr <boolean>;
sig\-signing\-nodes <integer>;
sig\-signing\-signatures <integer>;
sig\-signing\-type <integer>;
sig\-validity\-interval <integer> [ <integer> ];
transfer\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
transfer\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
transfer\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
transfer\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
try\-tcp\-refresh <boolean>;
update\-check\-ksk <boolean>;
zero\-no\-soa\-ttl <boolean>;
@ -804,7 +804,7 @@ zone <string> [ <class> ] {
allow\-query\-on { <address_match_element>; ... };
allow\-transfer [ port <integer> ] [ transport <string> ] { <address_match_element>; ... };
allow\-update\-forwarding { <address_match_element>; ... };
also\-notify [ port <integer> ] [ dscp <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] [ source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] { ( <remote\-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
also\-notify [ port <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ] [ source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ] { ( <remote\-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
check\-names ( fail | warn | ignore );
database <string>;
file <quoted_string>;
@ -826,13 +826,13 @@ zone <string> [ <class> ] {
multi\-master <boolean>;
notify ( explicit | master\-only | primary\-only | <boolean> );
notify\-delay <integer>;
notify\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
notify\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
primaries [ port <integer> ] [ dscp <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] [ source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] { ( <remote\-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
notify\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
notify\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
primaries [ port <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ] [ source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ] { ( <remote\-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
request\-expire <boolean>;
request\-ixfr <boolean>;
transfer\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
transfer\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
transfer\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
transfer\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
try\-tcp\-refresh <boolean>;
zero\-no\-soa\-ttl <boolean>;
zone\-statistics ( full | terse | none | <boolean> );
@ -851,7 +851,7 @@ zone <string> [ <class> ] {
type forward;
delegation\-only <boolean>;
forward ( first | only );
forwarders [ port <integer> ] [ dscp <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ] [ dscp <integer> ]; ... };
forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ]; ... };
};
.ft P
@ -889,7 +889,7 @@ zone <string> [ <class> ] {
masterfile\-style ( full | relative );
max\-records <integer>;
max\-zone\-ttl ( unlimited | <duration> ); // deprecated
primaries [ port <integer> ] [ dscp <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] [ source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] { ( <remote\-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
primaries [ port <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ] [ source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ] { ( <remote\-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
zone\-statistics ( full | terse | none | <boolean> );
};
@ -907,7 +907,7 @@ zone <string> [ <class> ] {
allow\-query { <address_match_element>; ... };
allow\-query\-on { <address_match_element>; ... };
forward ( first | only );
forwarders [ port <integer> ] [ dscp <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ] [ dscp <integer> ]; ... };
forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ]; ... };
max\-records <integer>;
server\-addresses { ( <ipv4_address> | <ipv6_address> ); ... };
server\-names { <string>; ... };
@ -933,7 +933,7 @@ zone <string> [ <class> ] {
dialup ( notify | notify\-passive | passive | refresh | <boolean> );
file <quoted_string>;
forward ( first | only );
forwarders [ port <integer> ] [ dscp <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ] [ dscp <integer> ]; ... };
forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ]; ... };
masterfile\-format ( raw | text );
masterfile\-style ( full | relative );
max\-records <integer>;
@ -944,9 +944,9 @@ zone <string> [ <class> ] {
min\-refresh\-time <integer>;
min\-retry\-time <integer>;
multi\-master <boolean>;
primaries [ port <integer> ] [ dscp <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] [ source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] { ( <remote\-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
transfer\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
transfer\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
primaries [ port <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ] [ source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ] { ( <remote\-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
transfer\-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
transfer\-source\-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
zone\-statistics ( full | terse | none | <boolean> );
};

2
doc/misc/forward.zoneopt
View File

@ -2,5 +2,5 @@ zone <string> [ <class> ] {
type forward;
delegation-only <boolean>;
forward ( first | only );
forwarders [ port <integer> ] [ dscp <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ] [ dscp <integer> ]; ... };
forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ]; ... };
};

12
doc/misc/mirror.zoneopt
View File

@ -5,7 +5,7 @@ zone <string> [ <class> ] {
allow-query-on { <address_match_element>; ... };
allow-transfer [ port <integer> ] [ transport <string> ] { <address_match_element>; ... };
allow-update-forwarding { <address_match_element>; ... };
also-notify [ port <integer> ] [ dscp <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] [ source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] { ( <remote-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
also-notify [ port <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ] [ source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ] { ( <remote-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
check-names ( fail | warn | ignore );
database <string>;
file <quoted_string>;
@ -27,13 +27,13 @@ zone <string> [ <class> ] {
multi-master <boolean>;
notify ( explicit | master-only | primary-only | <boolean> );
notify-delay <integer>;
notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
primaries [ port <integer> ] [ dscp <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] [ source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] { ( <remote-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
primaries [ port <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ] [ source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ] { ( <remote-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
request-expire <boolean>;
request-ixfr <boolean>;
transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
try-tcp-refresh <boolean>;
zero-no-soa-ttl <boolean>;
zone-statistics ( full | terse | none | <boolean> );

82
doc/misc/options
View File

@ -69,7 +69,7 @@ options {
allow-transfer [ port <integer> ] [ transport <string> ] { <address_match_element>; ... };
allow-update { <address_match_element>; ... };
allow-update-forwarding { <address_match_element>; ... };
also-notify [ port <integer> ] [ dscp <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] [ source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] { ( <remote-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
also-notify [ port <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ] [ source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ] { ( <remote-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
answer-cookie <boolean>;
attach-cache <string>;
auth-nxdomain <boolean>;
@ -79,7 +79,7 @@ options {
avoid-v6-udp-ports { <portrange>; ... };
bindkeys-file <quoted_string>;
blackhole { <address_match_element>; ... };
catalog-zones { zone <string> [ default-primaries [ port <integer> ] [ dscp <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] [ source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] { ( <remote-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... } ] [ zone-directory <quoted_string> ] [ in-memory <boolean> ] [ min-update-interval <duration> ]; ... };
catalog-zones { zone <string> [ default-primaries [ port <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ] [ source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ] { ( <remote-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... } ] [ zone-directory <quoted_string> ] [ in-memory <boolean> ] [ min-update-interval <duration> ]; ... };
check-dup-records ( fail | warn | ignore );
check-integrity <boolean>;
check-mx ( fail | warn | ignore );
@ -125,8 +125,8 @@ options {
dnstap-identity ( <quoted_string> | none | hostname ); // not configured
dnstap-output ( file | unix ) <quoted_string> [ size ( unlimited | <size> ) ] [ versions ( unlimited | <integer> ) ] [ suffix ( increment | timestamp ) ]; // not configured
dnstap-version ( <quoted_string> | none ); // not configured
dscp <integer>;
dual-stack-servers [ port <integer> ] { ( <quoted_string> [ port <integer> ] [ dscp <integer> ] | <ipv4_address> [ port <integer> ] [ dscp <integer> ] | <ipv6_address> [ port <integer> ] [ dscp <integer> ] ); ... };
dscp <integer>; // obsolete
dual-stack-servers [ port <integer> ] { ( <quoted_string> [ port <integer> ] | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ); ... };
dump-file <quoted_string>;
edns-udp-size <integer>;
empty-contact <string>;
@ -137,7 +137,7 @@ options {
fetches-per-zone <integer> [ ( drop | fail ) ];
flush-zones-on-shutdown <boolean>;
forward ( first | only );
forwarders [ port <integer> ] [ dscp <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ] [ dscp <integer> ]; ... };
forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ]; ... };
fstrm-set-buffer-hint <integer>; // not configured
fstrm-set-flush-timeout <integer>; // not configured
fstrm-set-input-queue-size <integer>; // not configured
@ -160,8 +160,8 @@ options {
keep-response-order { <address_match_element>; ... }; // obsolete
key-directory <quoted_string>;
lame-ttl <duration>;
listen-on [ port <integer> ] [ dscp <integer> ] [ tls <string> ] [ http <string> ] { <address_match_element>; ... }; // may occur multiple times
listen-on-v6 [ port <integer> ] [ dscp <integer> ] [ tls <string> ] [ http <string> ] { <address_match_element>; ... }; // may occur multiple times
listen-on [ port <integer> ] [ tls <string> ] [ http <string> ] { <address_match_element>; ... }; // may occur multiple times
listen-on-v6 [ port <integer> ] [ tls <string> ] [ http <string> ] { <address_match_element>; ... }; // may occur multiple times
lmdb-mapsize <sizeval>;
lock-file ( <quoted_string> | none );
managed-keys-directory <quoted_string>;
@ -203,23 +203,23 @@ options {
notify ( explicit | master-only | primary-only | <boolean> );
notify-delay <integer>;
notify-rate <integer>;
notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
notify-to-soa <boolean>;
nsec3-test-zone <boolean>; // test only
nta-lifetime <duration>;
nta-recheck <duration>;
nxdomain-redirect <string>;
parental-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
parental-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
parental-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
parental-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
pid-file ( <quoted_string> | none );
port <integer>;
preferred-glue <string>;
prefetch <integer> [ <integer> ];
provide-ixfr <boolean>;
qname-minimization ( strict | relaxed | disabled | off );
query-source ( ( [ address ] ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ) | ( [ [ address ] ( <ipv4_address> | * ) ] port ( <integer> | * ) ) ) [ dscp <integer> ];
query-source-v6 ( ( [ address ] ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ) | ( [ [ address ] ( <ipv6_address> | * ) ] port ( <integer> | * ) ) ) [ dscp <integer> ];
query-source ( ( [ address ] ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ) | ( [ [ address ] ( <ipv4_address> | * ) ] port ( <integer> | * ) ) );
query-source-v6 ( ( [ address ] ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ) | ( [ [ address ] ( <ipv6_address> | * ) ] port ( <integer> | * ) ) );
querylog <boolean>;
rate-limit {
all-per-second <integer>;
@ -293,8 +293,8 @@ options {
tls-port <integer>;
transfer-format ( many-answers | one-answer );
transfer-message-size <integer>;
transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
transfers-in <integer>;
transfers-out <integer>;
transfers-per-ns <integer>;
@ -313,11 +313,11 @@ options {
zone-statistics ( full | terse | none | <boolean> );
};
parental-agents <string> [ port <integer> ] [ dscp <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] [ source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] { ( <remote-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... }; // may occur multiple times
parental-agents <string> [ port <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ] [ source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ] { ( <remote-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... }; // may occur multiple times
plugin ( query ) <string> [ { <unspecified-text> } ]; // may occur multiple times
primaries <string> [ port <integer> ] [ dscp <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] [ source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] { ( <remote-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... }; // may occur multiple times
primaries <string> [ port <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ] [ source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ] { ( <remote-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... }; // may occur multiple times
server <netprefix> {
bogus <boolean>;
@ -326,12 +326,12 @@ server <netprefix> {
edns-version <integer>;
keys <server_key>;
max-udp-size <integer>;
notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
padding <integer>;
provide-ixfr <boolean>;
query-source ( ( [ address ] ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ) | ( [ [ address ] ( <ipv4_address> | * ) ] port ( <integer> | * ) ) ) [ dscp <integer> ];
query-source-v6 ( ( [ address ] ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ) | ( [ [ address ] ( <ipv6_address> | * ) ] port ( <integer> | * ) ) ) [ dscp <integer> ];
query-source ( ( [ address ] ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ) | ( [ [ address ] ( <ipv4_address> | * ) ] port ( <integer> | * ) ) );
query-source-v6 ( ( [ address ] ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ) | ( [ [ address ] ( <ipv6_address> | * ) ] port ( <integer> | * ) ) );
request-expire <boolean>;
request-ixfr <boolean>;
request-nsid <boolean>;
@ -340,8 +340,8 @@ server <netprefix> {
tcp-keepalive <boolean>;
tcp-only <boolean>;
transfer-format ( many-answers | one-answer );
transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
transfers <integer>;
}; // may occur multiple times
@ -377,11 +377,11 @@ view <string> [ <class> ] {
allow-transfer [ port <integer> ] [ transport <string> ] { <address_match_element>; ... };
allow-update { <address_match_element>; ... };
allow-update-forwarding { <address_match_element>; ... };
also-notify [ port <integer> ] [ dscp <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] [ source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] { ( <remote-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
also-notify [ port <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ] [ source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ] { ( <remote-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
attach-cache <string>;
auth-nxdomain <boolean>;
auto-dnssec ( allow | maintain | off ); // deprecated
catalog-zones { zone <string> [ default-primaries [ port <integer> ] [ dscp <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] [ source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] { ( <remote-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... } ] [ zone-directory <quoted_string> ] [ in-memory <boolean> ] [ min-update-interval <duration> ]; ... };
catalog-zones { zone <string> [ default-primaries [ port <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ] [ source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ] { ( <remote-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... } ] [ zone-directory <quoted_string> ] [ in-memory <boolean> ] [ min-update-interval <duration> ]; ... };
check-dup-records ( fail | warn | ignore );
check-integrity <boolean>;
check-mx ( fail | warn | ignore );
@ -425,7 +425,7 @@ view <string> [ <class> ] {
dnssec-update-mode ( maintain | no-resign );
dnssec-validation ( yes | no | auto );
dnstap { ( all | auth | client | forwarder | resolver | update ) [ ( query | response ) ]; ... }; // not configured
dual-stack-servers [ port <integer> ] { ( <quoted_string> [ port <integer> ] [ dscp <integer> ] | <ipv4_address> [ port <integer> ] [ dscp <integer> ] | <ipv6_address> [ port <integer> ] [ dscp <integer> ] ); ... };
dual-stack-servers [ port <integer> ] { ( <quoted_string> [ port <integer> ] | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ); ... };
dyndb <string> <quoted_string> { <unspecified-text> }; // may occur multiple times
edns-udp-size <integer>;
empty-contact <string>;
@ -435,7 +435,7 @@ view <string> [ <class> ] {
fetches-per-server <integer> [ ( drop | fail ) ];
fetches-per-zone <integer> [ ( drop | fail ) ];
forward ( first | only );
forwarders [ port <integer> ] [ dscp <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ] [ dscp <integer> ]; ... };
forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ]; ... };
ipv4only-contact <string>;
ipv4only-enable <boolean>;
ipv4only-server <string>;
@ -484,22 +484,22 @@ view <string> [ <class> ] {
nocookie-udp-size <integer>;
notify ( explicit | master-only | primary-only | <boolean> );
notify-delay <integer>;
notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
notify-to-soa <boolean>;
nsec3-test-zone <boolean>; // test only
nta-lifetime <duration>;
nta-recheck <duration>;
nxdomain-redirect <string>;
parental-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
parental-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
parental-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
parental-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
plugin ( query ) <string> [ { <unspecified-text> } ]; // may occur multiple times
preferred-glue <string>;
prefetch <integer> [ <integer> ];
provide-ixfr <boolean>;
qname-minimization ( strict | relaxed | disabled | off );
query-source ( ( [ address ] ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ) | ( [ [ address ] ( <ipv4_address> | * ) ] port ( <integer> | * ) ) ) [ dscp <integer> ];
query-source-v6 ( ( [ address ] ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ) | ( [ [ address ] ( <ipv6_address> | * ) ] port ( <integer> | * ) ) ) [ dscp <integer> ];
query-source ( ( [ address ] ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ) | ( [ [ address ] ( <ipv4_address> | * ) ] port ( <integer> | * ) ) );
query-source-v6 ( ( [ address ] ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ) | ( [ [ address ] ( <ipv6_address> | * ) ] port ( <integer> | * ) ) );
rate-limit {
all-per-second <integer>;
errors-per-second <integer>;
@ -539,12 +539,12 @@ view <string> [ <class> ] {
edns-version <integer>;
keys <server_key>;
max-udp-size <integer>;
notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
padding <integer>;
provide-ixfr <boolean>;
query-source ( ( [ address ] ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ) | ( [ [ address ] ( <ipv4_address> | * ) ] port ( <integer> | * ) ) ) [ dscp <integer> ];
query-source-v6 ( ( [ address ] ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ) | ( [ [ address ] ( <ipv6_address> | * ) ] port ( <integer> | * ) ) ) [ dscp <integer> ];
query-source ( ( [ address ] ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ) | ( [ [ address ] ( <ipv4_address> | * ) ] port ( <integer> | * ) ) );
query-source-v6 ( ( [ address ] ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ) | ( [ [ address ] ( <ipv6_address> | * ) ] port ( <integer> | * ) ) );
request-expire <boolean>;
request-ixfr <boolean>;
request-nsid <boolean>;
@ -553,8 +553,8 @@ view <string> [ <class> ] {
tcp-keepalive <boolean>;
tcp-only <boolean>;
transfer-format ( many-answers | one-answer );
transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
transfers <integer>;
}; // may occur multiple times
servfail-ttl <duration>;
@ -571,8 +571,8 @@ view <string> [ <class> ] {
suppress-initial-notify <boolean>; // obsolete
synth-from-dnssec <boolean>;
transfer-format ( many-answers | one-answer );
transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
trust-anchor-telemetry <boolean>; // experimental
trust-anchors { <string> ( static-key | initial-key | static-ds | initial-ds ) <integer> <integer> <integer> <quoted_string>; ... }; // may occur multiple times
trusted-keys { <string> <integer> <integer> <integer> <quoted_string>; ... }; // may occur multiple times, deprecated

14
doc/misc/primary.zoneopt
View File

@ -4,7 +4,7 @@ zone <string> [ <class> ] {
allow-query-on { <address_match_element>; ... };
allow-transfer [ port <integer> ] [ transport <string> ] { <address_match_element>; ... };
allow-update { <address_match_element>; ... };
also-notify [ port <integer> ] [ dscp <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] [ source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] { ( <remote-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
also-notify [ port <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ] [ source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ] { ( <remote-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
auto-dnssec ( allow | maintain | off ); // deprecated
check-dup-records ( fail | warn | ignore );
check-integrity <boolean>;
@ -27,7 +27,7 @@ zone <string> [ <class> ] {
dnssec-update-mode ( maintain | no-resign );
file <quoted_string>;
forward ( first | only );
forwarders [ port <integer> ] [ dscp <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ] [ dscp <integer> ]; ... };
forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ]; ... };
inline-signing <boolean>;
ixfr-from-differences <boolean>;
journal <quoted_string>;
@ -42,13 +42,13 @@ zone <string> [ <class> ] {
max-zone-ttl ( unlimited | <duration> ); // deprecated
notify ( explicit | master-only | primary-only | <boolean> );
notify-delay <integer>;
notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
notify-to-soa <boolean>;
nsec3-test-zone <boolean>; // test only
parental-agents [ port <integer> ] [ dscp <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] [ source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] { ( <remote-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
parental-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
parental-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
parental-agents [ port <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ] [ source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ] { ( <remote-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
parental-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
parental-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
serial-update-method ( date | increment | unixtime );
sig-signing-nodes <integer>;
sig-signing-signatures <integer>;

2
doc/misc/redirect.zoneopt
View File

@ -8,6 +8,6 @@ zone <string> [ <class> ] {
masterfile-style ( full | relative );
max-records <integer>;
max-zone-ttl ( unlimited | <duration> ); // deprecated
primaries [ port <integer> ] [ dscp <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] [ source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] { ( <remote-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
primaries [ port <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ] [ source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ] { ( <remote-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
zone-statistics ( full | terse | none | <boolean> );
};

2
doc/misc/rndc.grammar
View File

@ -12,7 +12,7 @@ options {
};
server <string> {
addresses { ( <quoted_string> [ port <integer> ] [ dscp <integer> ] | <ipv4_address> [ port <integer> ] [ dscp <integer> ] | <ipv6_address> [ port <integer> ] [ dscp <integer> ] ); ... };
addresses { ( <quoted_string> [ port <integer> ] | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ); ... };
key <string>;
port <integer>;
source-address ( <ipv4_address> | * );

20
doc/misc/secondary.zoneopt
View File

@ -5,7 +5,7 @@ zone <string> [ <class> ] {
allow-query-on { <address_match_element>; ... };
allow-transfer [ port <integer> ] [ transport <string> ] { <address_match_element>; ... };
allow-update-forwarding { <address_match_element>; ... };
also-notify [ port <integer> ] [ dscp <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] [ source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] { ( <remote-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
also-notify [ port <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ] [ source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ] { ( <remote-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
auto-dnssec ( allow | maintain | off ); // deprecated
check-names ( fail | warn | ignore );
database <string>;
@ -18,7 +18,7 @@ zone <string> [ <class> ] {
dnssec-update-mode ( maintain | no-resign );
file <quoted_string>;
forward ( first | only );
forwarders [ port <integer> ] [ dscp <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ] [ dscp <integer> ]; ... };
forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ]; ... };
inline-signing <boolean>;
ixfr-from-differences <boolean>;
journal <quoted_string>;
@ -39,22 +39,22 @@ zone <string> [ <class> ] {
multi-master <boolean>;
notify ( explicit | master-only | primary-only | <boolean> );
notify-delay <integer>;
notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
notify-to-soa <boolean>;
nsec3-test-zone <boolean>; // test only
parental-agents [ port <integer> ] [ dscp <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] [ source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] { ( <remote-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
parental-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
parental-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
primaries [ port <integer> ] [ dscp <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] [ source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] { ( <remote-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
parental-agents [ port <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ] [ source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ] { ( <remote-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
parental-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
parental-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
primaries [ port <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ] [ source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ] { ( <remote-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
request-expire <boolean>;
request-ixfr <boolean>;
sig-signing-nodes <integer>;
sig-signing-signatures <integer>;
sig-signing-type <integer>;
sig-validity-interval <integer> [ <integer> ];
transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
try-tcp-refresh <boolean>;
update-check-ksk <boolean>;
zero-no-soa-ttl <boolean>;

2
doc/misc/static-stub.zoneopt
View File

@ -3,7 +3,7 @@ zone <string> [ <class> ] {
allow-query { <address_match_element>; ... };
allow-query-on { <address_match_element>; ... };
forward ( first | only );
forwarders [ port <integer> ] [ dscp <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ] [ dscp <integer> ]; ... };
forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ]; ... };
max-records <integer>;
server-addresses { ( <ipv4_address> | <ipv6_address> ); ... };
server-names { <string>; ... };

8
doc/misc/stub.zoneopt
View File

@ -8,7 +8,7 @@ zone <string> [ <class> ] {
dialup ( notify | notify-passive | passive | refresh | <boolean> );
file <quoted_string>;
forward ( first | only );
forwarders [ port <integer> ] [ dscp <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ] [ dscp <integer> ]; ... };
forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ]; ... };
masterfile-format ( raw | text );
masterfile-style ( full | relative );
max-records <integer>;
@ -19,8 +19,8 @@ zone <string> [ <class> ] {
min-refresh-time <integer>;
min-retry-time <integer>;
multi-master <boolean>;
primaries [ port <integer> ] [ dscp <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] [ source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ] ] { ( <remote-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] [ dscp <integer> ];
primaries [ port <integer> ] [ source ( <ipv4_address> | * ) [ port ( <integer> | * ) ] ] [ source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ] ] { ( <remote-servers> | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ] [ tls <string> ]; ... };
transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
zone-statistics ( full | terse | none | <boolean> );
};

8
doc/notes/notes-current.rst
View File

@ -25,12 +25,16 @@ New Features
Removed Features
~~~~~~~~~~~~~~~~
- None.
- The options to set alternate local addresses for inbound zone transfers
are removed (``alt-transfer-source``, ``alt-transfer-source-v6``,
``use-alt-transfer-source``). :gl:`#3694`
- The Differentiated Services Code Point (DSCP) feature in BIND
has been non-operational since the new Network Manager was introduced
in BIND 9.16. It is now marked as obsolete, and vestigial code
implementing it has been removed. Configuring DSCP values in
``named.conf`` will cause a warning to be logged. :gl:`#3773`
Feature Changes
~~~~~~~~~~~~~~~

39
lib/bind9/check.c
View File

@ -909,28 +909,6 @@ typedef enum {
optlevel_zone
} optlevel_t;
static isc_result_t
check_dscp(const cfg_obj_t *options, isc_log_t *logctx) {
isc_result_t result = ISC_R_SUCCESS;
const cfg_obj_t *obj = NULL;
/*
* Check that DSCP setting is within range
*/
obj = NULL;
(void)cfg_map_get(options, "dscp", &obj);
if (obj != NULL) {
uint32_t dscp = cfg_obj_asuint32(obj);
if (dscp >= 64) {
cfg_obj_log(obj, logctx, ISC_LOG_ERROR,
"'dscp' out of range (0-63)");
result = ISC_R_FAILURE;
}
}
return (result);
}
static isc_result_t
check_name(const char *str) {
dns_fixedname_t fixed;
@ -990,7 +968,7 @@ check_listener(const cfg_obj_t *listener, const cfg_obj_t *config,
isc_result_t tresult, result = ISC_R_SUCCESS;
const cfg_obj_t *ltup = NULL;
const cfg_obj_t *tlsobj = NULL, *httpobj = NULL;
const cfg_obj_t *portobj = NULL, *dscpobj = NULL;
const cfg_obj_t *portobj = NULL;
const cfg_obj_t *http_server = NULL;
bool do_tls = false, no_tls = false;
dns_acl_t *acl = NULL;
@ -1056,16 +1034,6 @@ check_listener(const cfg_obj_t *listener, const cfg_obj_t *config,
}
}
dscpobj = cfg_tuple_get(ltup, "dscp");
if (cfg_obj_isuint32(dscpobj) && cfg_obj_asuint32(dscpobj) > 63) {
cfg_obj_log(dscpobj, logctx, ISC_LOG_ERROR,
"dscp value '%u' is out of range",
cfg_obj_asuint32(dscpobj));
if (result == ISC_R_SUCCESS) {
result = ISC_R_RANGE;
}
}
tresult = cfg_acl_fromconfig(cfg_tuple_get(listener, "acl"), config,
logctx, actx, mctx, 0, &acl);
if (result == ISC_R_SUCCESS) {
@ -1596,11 +1564,6 @@ check_options(const cfg_obj_t *options, const cfg_obj_t *config,
}
}
tresult = check_dscp(options, logctx);
if (result == ISC_R_SUCCESS && tresult != ISC_R_SUCCESS) {
result = tresult;
}
obj = NULL;
(void)cfg_map_get(options, "nta-lifetime", &obj);
if (obj != NULL) {

1
lib/dns/adb.c
View File

@ -1297,7 +1297,6 @@ new_adbaddrinfo(dns_adb_t *adb, dns_adbentry_t *entry, in_port_t port) {
*ai = (dns_adbaddrinfo_t){
.srtt = entry->srtt,
.flags = entry->flags,
.dscp = -1,
.publink = ISC_LINK_INITIALIZER,
.sockaddr = entry->sockaddr,
.entry = dns_adbentry_ref(entry),

19
lib/dns/catz.c
View File

@ -426,7 +426,6 @@ dns_catz_entry_cmp(const dns_catz_entry_t *ea, const dns_catz_entry_t *eb) {
}
}
/* xxxwpk TODO compare dscps! */
return (true);
}
@ -1915,7 +1914,7 @@ cleanup:
* We have to generate a text buffer with regular zone config:
* zone "foo.bar" {
* type secondary;
* primaries [ dscp X ] { ip1 port port1; ip2 port port2; };
* primaries { ip1 port port1; ip2 port port2; };
* }
*/
isc_result_t
@ -1926,7 +1925,7 @@ dns_catz_generate_zonecfg(dns_catz_zone_t *zone, dns_catz_entry_t *entry,
isc_result_t result;
uint32_t i;
isc_netaddr_t netaddr;
char pbuf[sizeof("65535")]; /* used both for port number and DSCP */
char pbuf[sizeof("65535")]; /* used for port number */
char zname[DNS_NAME_FORMATSIZE];
REQUIRE(DNS_CATZ_ZONE_VALID(zone));
@ -1943,20 +1942,6 @@ dns_catz_generate_zonecfg(dns_catz_zone_t *zone, dns_catz_entry_t *entry,
dns_name_totext(&entry->name, true, buffer);
isc_buffer_putstr(buffer, "\" { type secondary; primaries");
/*
* DSCP value has no default, but when it is specified, it is
* identical for all primaries and cannot be overridden for a
* specific primary IP, so use the DSCP value set for the first
* primary.
*/
if (entry->opts.masters.count > 0 && entry->opts.masters.dscps[0] >= 0)
{
isc_buffer_putstr(buffer, " dscp ");
snprintf(pbuf, sizeof(pbuf), "%hd",
entry->opts.masters.dscps[0]);
isc_buffer_putstr(buffer, pbuf);
}
isc_buffer_putstr(buffer, " { ");
for (i = 0; i < entry->opts.masters.count; i++) {
/*

22
lib/dns/dispatch.c
View File

@ -1179,15 +1179,12 @@ dispatch_allocate(dns_dispatchmgr_t *mgr, isc_socktype_t type,
isc_result_t
dns_dispatch_createtcp(dns_dispatchmgr_t *mgr, const isc_sockaddr_t *localaddr,
const isc_sockaddr_t *destaddr, isc_dscp_t dscp,
dns_dispatch_t **dispp) {
const isc_sockaddr_t *destaddr, dns_dispatch_t **dispp) {
dns_dispatch_t *disp = NULL;
REQUIRE(VALID_DISPATCHMGR(mgr));
REQUIRE(destaddr != NULL);
UNUSED(dscp);
LOCK(&mgr->lock);
dispatch_allocate(mgr, isc_socktype_tcp, &disp);
@ -2199,28 +2196,13 @@ dns_dispatch_resume(dns_dispentry_t *resp, uint16_t timeout) {
}
void
dns_dispatch_send(dns_dispentry_t *resp, isc_region_t *r, isc_dscp_t dscp) {
dns_dispatch_send(dns_dispentry_t *resp, isc_region_t *r) {
REQUIRE(VALID_RESPONSE(resp));
REQUIRE(VALID_DISPATCH(resp->disp));
UNUSED(dscp);
dns_dispatch_t *disp = resp->disp;
isc_nmhandle_t *sendhandle = NULL;
#if 0
/* XXX: no DSCP support */
if (dscp == -1) {
sendevent->attributes &= ~ISC_SOCKEVENTATTR_DSCP;
sendevent->dscp = 0;
} else {
sendevent->attributes |= ISC_SOCKEVENTATTR_DSCP;
sendevent->dscp = dscp;
if (tcp) {
isc_socket_dscp(sock, dscp);
}
}
#endif
dispentry_log(resp, LVL(90), "sending");
switch (disp->socktype) {
case isc_socktype_udp:

1
lib/dns/forward.c
View File

@ -127,7 +127,6 @@ dns_fwdtable_add(dns_fwdtable_t *fwdtable, const dns_name_t *name,
{
fwd = isc_mem_get(fwdtable->mctx, sizeof(dns_forwarder_t));
fwd->addr = *sa;
fwd->dscp = -1;
ISC_LINK_INIT(fwd, link);
ISC_LIST_APPEND(forwarders->fwdrs, fwd, link);
}

1
lib/dns/include/dns/adb.h
View File

@ -206,7 +206,6 @@ struct dns_adbaddrinfo {
isc_sockaddr_t sockaddr; /*%< [rw] */
unsigned int srtt; /*%< [rw] microsecs */
isc_dscp_t dscp;
unsigned int flags; /*%< [rw] */
dns_adbentry_t *entry; /*%< private */

5
lib/dns/include/dns/dispatch.h
View File

@ -184,8 +184,7 @@ dns_dispatch_createudp(dns_dispatchmgr_t *mgr, const isc_sockaddr_t *localaddr,
isc_result_t
dns_dispatch_createtcp(dns_dispatchmgr_t *mgr, const isc_sockaddr_t *localaddr,
const isc_sockaddr_t *destaddr, isc_dscp_t dscp,
dns_dispatch_t **dispp);
const isc_sockaddr_t *destaddr, dns_dispatch_t **dispp);
/*%<
* Create a new TCP dns_dispatch.
*
@ -234,7 +233,7 @@ dns_dispatch_connect(dns_dispentry_t *resp);
*/
void
dns_dispatch_send(dns_dispentry_t *resp, isc_region_t *r, isc_dscp_t dscp);
dns_dispatch_send(dns_dispentry_t *resp, isc_region_t *r);
/*%<
* Send region 'r' using the socket in 'resp', then run the specified
* callback.

1
lib/dns/include/dns/forward.h
View File

@ -25,7 +25,6 @@ ISC_LANG_BEGINDECLS
struct dns_forwarder {
isc_sockaddr_t addr;
isc_dscp_t dscp;
ISC_LINK(dns_forwarder_t) link;
};

5
lib/dns/include/dns/ipkeylist.h
View File

@ -20,12 +20,11 @@
#include <dns/types.h>
/*%
* A structure holding a list of addresses, dscps and keys. Used to
* store primaries for a secondary zone, created by parsing config options.
* A structure holding a list of addresses and keys. Used to store
* primaries for a secondary zone, created by parsing config options.
*/
struct dns_ipkeylist {
isc_sockaddr_t *addrs;
isc_dscp_t *dscps;
isc_sockaddr_t *sources;
dns_name_t **keys;
dns_name_t **tlss;

18
lib/dns/include/dns/peer.h
View File

@ -206,24 +206,6 @@ dns_peer_setquerysource(dns_peer_t *peer, const isc_sockaddr_t *query_source);
isc_result_t
dns_peer_getquerysource(dns_peer_t *peer, isc_sockaddr_t *query_source);
isc_result_t
dns_peer_setnotifydscp(dns_peer_t *peer, isc_dscp_t dscp);
isc_result_t
dns_peer_getnotifydscp(dns_peer_t *peer, isc_dscp_t *dscpp);
isc_result_t
dns_peer_settransferdscp(dns_peer_t *peer, isc_dscp_t dscp);
isc_result_t
dns_peer_gettransferdscp(dns_peer_t *peer, isc_dscp_t *dscpp);
isc_result_t
dns_peer_setquerydscp(dns_peer_t *peer, isc_dscp_t dscp);
isc_result_t
dns_peer_getquerydscp(dns_peer_t *peer, isc_dscp_t *dscpp);
isc_result_t
dns_peer_setednsversion(dns_peer_t *peer, uint8_t ednsversion);

25
lib/dns/include/dns/remote.h
View File

@ -33,7 +33,6 @@ struct dns_remote {
isc_mem_t *mctx;
isc_sockaddr_t *addresses;
isc_sockaddr_t *sources;
isc_dscp_t *dscps;
dns_name_t **keynames;
dns_name_t **tlsnames;
bool *ok;
@ -89,15 +88,15 @@ dns_remote_tlsnames(dns_remote_t *remote);
void
dns_remote_init(dns_remote_t *remote, unsigned int count,
const isc_sockaddr_t *addrs, const isc_sockaddr_t *srcs,
const isc_dscp_t *dscp, dns_name_t **keynames,
dns_name_t **tlsnames, bool mark, isc_mem_t *mctx);
dns_name_t **keynames, dns_name_t **tlsnames, bool mark,
isc_mem_t *mctx);
/*%<
* Initialize a remote server. Set the provided addresses (addrs),
* source addresses (srcs), dscp's (dscp), key names (keynames) and
* tls names (tlsnames). Use the provided memory context (mctx) for
* allocations. If 'mark' is 'true', set up a list of boolean values to
* mark the server bad or good.
* source addresses (srcs), key names (keynames) and tls names
* (tlsnames). Use the provided memory context (mctx) for allocations.
* If 'mark' is 'true', set up a list of boolean values to mark the
* server bad or good.
*
* Requires:
* 'remote' is a valid remote structure.
@ -119,7 +118,7 @@ bool
dns_remote_equal(dns_remote_t *a, dns_remote_t *b);
/*%<
* Compare two remote servers 'a' and 'b'. Check if the address
* count, the addresses, the dscps, the key names and the tls names are
* count, the addresses, the key names and the tls names are
* the same. Return 'true' if so, 'false' otherwise.
*
* Requires:
@ -177,16 +176,6 @@ dns_remote_addr(dns_remote_t *remote, unsigned int i);
* 'remote->addresses' is not NULL.
*/
isc_dscp_t
dns_remote_dscp(dns_remote_t *remote);
/*%<
* Return the current dscp. Returns -1 if we have iterated over all
* addresses already, or if dscps are not used.
*
* Requires:
* 'remote' is a valid remote structure.
*/
dns_name_t *
dns_remote_keyname(dns_remote_t *remote);
/*%<

17
lib/dns/include/dns/request.h
View File

@ -132,11 +132,10 @@ isc_result_t
dns_request_create(dns_requestmgr_t *requestmgr, dns_message_t *message,
const isc_sockaddr_t *srcaddr,
const isc_sockaddr_t *destaddr, dns_transport_t *transport,
isc_tlsctx_cache_t *tlsctx_cache, isc_dscp_t dscp,
unsigned int options, dns_tsigkey_t *key,
unsigned int timeout, unsigned int udptimeout,
unsigned int udpretries, isc_task_t *task,
isc_taskaction_t action, void *arg,
isc_tlsctx_cache_t *tlsctx_cache, unsigned int options,
dns_tsigkey_t *key, unsigned int timeout,
unsigned int udptimeout, unsigned int udpretries,
isc_task_t *task, isc_taskaction_t action, void *arg,
dns_request_t **requestp);
/*%<
* Create and send a request.
@ -181,10 +180,10 @@ dns_request_createraw(dns_requestmgr_t *requestmgr, isc_buffer_t *msgbuf,
const isc_sockaddr_t *srcaddr,
const isc_sockaddr_t *destaddr,
dns_transport_t *transport,
isc_tlsctx_cache_t *tlsctx_cache, isc_dscp_t dscp,
unsigned int options, unsigned int timeout,
unsigned int udptimeout, unsigned int udpretries,
isc_task_t *task, isc_taskaction_t action, void *arg,
isc_tlsctx_cache_t *tlsctx_cache, unsigned int options,
unsigned int timeout, unsigned int udptimeout,
unsigned int udpretries, isc_task_t *task,
isc_taskaction_t action, void *arg,
dns_request_t **requestp);
/*!<
* \brief Create and send a request.

17
lib/dns/include/dns/resolver.h
View File

@ -640,23 +640,6 @@ dns_resolver_printbadcache(dns_resolver_t *resolver, FILE *fp);
* \li resolver to be valid.
*/
void
dns_resolver_setquerydscp4(dns_resolver_t *resolver, isc_dscp_t dscp);
isc_dscp_t
dns_resolver_getquerydscp4(dns_resolver_t *resolver);
void
dns_resolver_setquerydscp6(dns_resolver_t *resolver, isc_dscp_t dscp);
isc_dscp_t
dns_resolver_getquerydscp6(dns_resolver_t *resolver);
/*%
* Get and set the DSCP values for the resolver's IPv4 and IPV6 query
* sources.
*
* Requires:
* \li resolver to be valid.
*/
void
dns_resolver_setmaxdepth(dns_resolver_t *resolver, unsigned int maxdepth);
unsigned int

7
lib/dns/include/dns/xfrin.h
View File

@ -50,10 +50,9 @@ ISC_LANG_BEGINDECLS
isc_result_t
dns_xfrin_create(dns_zone_t *zone, dns_rdatatype_t xfrtype,
const isc_sockaddr_t *primaryaddr,
const isc_sockaddr_t *sourceaddr, isc_dscp_t dscp,
dns_tsigkey_t *tsigkey, dns_transport_t *transport,
isc_tlsctx_cache_t *tlsctx_cache, isc_mem_t *mctx,
isc_nm_t *netmgr, dns_xfrindone_t done,
const isc_sockaddr_t *sourceaddr, dns_tsigkey_t *tsigkey,
dns_transport_t *transport, isc_tlsctx_cache_t *tlsctx_cache,
isc_mem_t *mctx, isc_nm_t *netmgr, dns_xfrindone_t done,
dns_xfrin_ctx_t **xfrp);
/*%<
* Attempt to start an incoming zone transfer of 'zone'

131
lib/dns/include/dns/zone.h
View File

@ -677,9 +677,8 @@ dns_zone_setparentals(dns_zone_t *zone, isc_sockaddr_t *addresses,
void
dns_zone_setalsonotify(dns_zone_t *zone, isc_sockaddr_t *addresses,
isc_sockaddr_t *sources, isc_dscp_t *dscps,
dns_name_t **keynames, dns_name_t **tlsnames,
uint32_t count);
isc_sockaddr_t *sources, dns_name_t **keynames,
dns_name_t **tlsnames, uint32_t count);
/*%<
* Set the list of additional servers to be notified when
* a zone changes. To clear the list use 'count = 0'.
@ -825,27 +824,6 @@ dns_zone_getxfrsource4(dns_zone_t *zone);
*\li 'zone' to be a valid zone.
*/
isc_result_t
dns_zone_setxfrsource4dscp(dns_zone_t *zone, isc_dscp_t dscp);
/*%<
* Set the DSCP value associated with the transfer source.
*
* Require:
*\li 'zone' to be a valid zone.
*
* Returns:
*\li #ISC_R_SUCCESS
*/
isc_dscp_t
dns_zone_getxfrsource4dscp(dns_zone_t *zone);
/*%/
* Get the DSCP value associated with the transfer source.
*
* Require:
*\li 'zone' to be a valid zone.
*/
isc_result_t
dns_zone_setxfrsource6(dns_zone_t *zone, const isc_sockaddr_t *xfrsource);
/*%<
@ -869,27 +847,6 @@ dns_zone_getxfrsource6(dns_zone_t *zone);
*\li 'zone' to be a valid zone.
*/
isc_dscp_t
dns_zone_getxfrsource6dscp(dns_zone_t *zone);
/*%/
* Get the DSCP value associated with the transfer source.
*
* Require:
*\li 'zone' to be a valid zone.
*/
isc_result_t
dns_zone_setxfrsource6dscp(dns_zone_t *zone, isc_dscp_t dscp);
/*%<
* Set the DSCP value associated with the transfer source.
*
* Require:
*\li 'zone' to be a valid zone.
*
* Returns:
*\li #ISC_R_SUCCESS
*/
isc_result_t
dns_zone_setparentalsrc4(dns_zone_t *zone, const isc_sockaddr_t *parentalsrc);
/*%<
@ -913,27 +870,6 @@ dns_zone_getparentalsrc4(dns_zone_t *zone);
*\li 'zone' to be a valid zone.
*/
isc_dscp_t
dns_zone_getparentalsrc4dscp(dns_zone_t *zone);
/*%/
* Get the DSCP value associated with the IPv4 parental source.
*
* Require:
*\li 'zone' to be a valid zone.
*/
isc_result_t
dns_zone_setparentalsrc4dscp(dns_zone_t *zone, isc_dscp_t dscp);
/*%<
* Set the DSCP value associated with the IPv4 parental source.
*
* Require:
*\li 'zone' to be a valid zone.
*
* Returns:
*\li #ISC_R_SUCCESS
*/
isc_result_t
dns_zone_setparentalsrc6(dns_zone_t *zone, const isc_sockaddr_t *parentalsrc);
/*%<
@ -957,27 +893,6 @@ dns_zone_getparentalsrc6(dns_zone_t *zone);
*\li 'zone' to be a valid zone.
*/
isc_dscp_t
dns_zone_getparentalsrc6dscp(dns_zone_t *zone);
/*%/
* Get the DSCP value associated with the IPv6 parental source.
*
* Require:
*\li 'zone' to be a valid zone.
*/
isc_result_t
dns_zone_setparentalsrc6dscp(dns_zone_t *zone, isc_dscp_t dscp);
/*%<
* Set the DSCP value associated with the IPv6 parental source.
*
* Require:
*\li 'zone' to be a valid zone.
*
* Returns:
*\li #ISC_R_SUCCESS
*/
isc_result_t
dns_zone_setnotifysrc4(dns_zone_t *zone, const isc_sockaddr_t *notifysrc);
/*%<
@ -1001,27 +916,6 @@ dns_zone_getnotifysrc4(dns_zone_t *zone);
*\li 'zone' to be a valid zone.
*/
isc_dscp_t
dns_zone_getnotifysrc4dscp(dns_zone_t *zone);
/*%/
* Get the DSCP value associated with the IPv4 notify source.
*
* Require:
*\li 'zone' to be a valid zone.
*/
isc_result_t
dns_zone_setnotifysrc4dscp(dns_zone_t *zone, isc_dscp_t dscp);
/*%<
* Set the DSCP value associated with the IPv4 notify source.
*
* Require:
*\li 'zone' to be a valid zone.
*
* Returns:
*\li #ISC_R_SUCCESS
*/
isc_result_t
dns_zone_setnotifysrc6(dns_zone_t *zone, const isc_sockaddr_t *notifysrc);
/*%<
@ -1045,27 +939,6 @@ dns_zone_getnotifysrc6(dns_zone_t *zone);
*\li 'zone' to be a valid zone.
*/
isc_dscp_t
dns_zone_getnotifysrc6dscp(dns_zone_t *zone);
/*%/
* Get the DSCP value associated with the IPv6 notify source.
*
* Require:
*\li 'zone' to be a valid zone.
*/
isc_result_t
dns_zone_setnotifysrc6dscp(dns_zone_t *zone, isc_dscp_t dscp);
/*%<
* Set the DSCP value associated with the IPv6 notify source.
*
* Require:
*\li 'zone' to be a valid zone.
*
* Returns:
*\li #ISC_R_SUCCESS
*/
void
dns_zone_setnotifyacl(dns_zone_t *zone, dns_acl_t *acl);
/*%<

24
lib/dns/ipkeylist.c
View File

@ -27,7 +27,6 @@ dns_ipkeylist_init(dns_ipkeylist_t *ipkl) {
ipkl->allocated = 0;
ipkl->addrs = NULL;
ipkl->sources = NULL;
ipkl->dscps = NULL;
ipkl->keys = NULL;
ipkl->tlss = NULL;
ipkl->labels = NULL;
@ -53,11 +52,6 @@ dns_ipkeylist_clear(isc_mem_t *mctx, dns_ipkeylist_t *ipkl) {
ipkl->allocated * sizeof(isc_sockaddr_t));
}
if (ipkl->dscps != NULL) {
isc_mem_put(mctx, ipkl->dscps,
ipkl->allocated * sizeof(isc_dscp_t));
}
if (ipkl->addrs != NULL) {
isc_mem_put(mctx, ipkl->addrs,
ipkl->allocated * sizeof(isc_sockaddr_t));
@ -134,11 +128,6 @@ dns_ipkeylist_copy(isc_mem_t *mctx, const dns_ipkeylist_t *src,
src->count * sizeof(isc_sockaddr_t));
}
if (src->dscps != NULL) {
memmove(dst->dscps, src->dscps,
src->count * sizeof(isc_dscp_t));
}
if (src->keys != NULL) {
for (i = 0; i < src->count; i++) {
if (src->keys[i] != NULL) {
@ -186,7 +175,6 @@ isc_result_t
dns_ipkeylist_resize(isc_mem_t *mctx, dns_ipkeylist_t *ipkl, unsigned int n) {
isc_sockaddr_t *addrs = NULL;
isc_sockaddr_t *sources = NULL;
isc_dscp_t *dscps = NULL;
dns_name_t **keys = NULL;
dns_name_t **tlss = NULL;
dns_name_t **labels = NULL;
@ -200,7 +188,6 @@ dns_ipkeylist_resize(isc_mem_t *mctx, dns_ipkeylist_t *ipkl, unsigned int n) {
addrs = isc_mem_get(mctx, n * sizeof(isc_sockaddr_t));
sources = isc_mem_get(mctx, n * sizeof(isc_sockaddr_t));
dscps = isc_mem_get(mctx, n * sizeof(isc_dscp_t));
keys = isc_mem_get(mctx, n * sizeof(dns_name_t *));
tlss = isc_mem_get(mctx, n * sizeof(dns_name_t *));
labels = isc_mem_get(mctx, n * sizeof(dns_name_t *));
@ -225,16 +212,6 @@ dns_ipkeylist_resize(isc_mem_t *mctx, dns_ipkeylist_t *ipkl, unsigned int n) {
memset(&ipkl->sources[ipkl->allocated], 0,
(n - ipkl->allocated) * sizeof(isc_sockaddr_t));
if (ipkl->dscps != NULL) {
memmove(dscps, ipkl->dscps,
ipkl->allocated * sizeof(isc_dscp_t));
isc_mem_put(mctx, ipkl->dscps,
ipkl->allocated * sizeof(isc_dscp_t));
}
ipkl->dscps = dscps;
memset(&ipkl->dscps[ipkl->allocated], 0,
(n - ipkl->allocated) * sizeof(isc_dscp_t));
if (ipkl->keys) {
memmove(keys, ipkl->keys,
ipkl->allocated * sizeof(dns_name_t *));
@ -270,7 +247,6 @@ dns_ipkeylist_resize(isc_mem_t *mctx, dns_ipkeylist_t *ipkl, unsigned int n) {
isc_mem_put(mctx, addrs, n * sizeof(isc_sockaddr_t));
isc_mem_put(mctx, sources, n * sizeof(isc_sockaddr_t));
isc_mem_put(mctx, dscps, n * sizeof(isc_dscp_t));
isc_mem_put(mctx, tlss, n * sizeof(dns_name_t *));
isc_mem_put(mctx, keys, n * sizeof(dns_name_t *));
isc_mem_put(mctx, labels, n * sizeof(dns_name_t *));

42
lib/dns/peer.c
View File

@ -63,11 +63,8 @@ struct dns_peer {
bool check_axfr_id;
dns_name_t *key;
isc_sockaddr_t *transfer_source;
isc_dscp_t transfer_dscp;
isc_sockaddr_t *notify_source;
isc_dscp_t notify_dscp;
isc_sockaddr_t *query_source;
isc_dscp_t query_dscp;
uint16_t udpsize; /* receive size */
uint16_t maxudp; /* transmit size */
uint16_t padding; /* pad block size */
@ -91,15 +88,12 @@ struct dns_peer {
#define SERVER_MAXUDP_BIT 7
#define REQUEST_NSID_BIT 8
#define SEND_COOKIE_BIT 9
#define NOTIFY_DSCP_BIT 10
#define TRANSFER_DSCP_BIT 11
#define QUERY_DSCP_BIT 12
#define REQUEST_EXPIRE_BIT 13
#define EDNS_VERSION_BIT 14
#define FORCE_TCP_BIT 15
#define SERVER_PADDING_BIT 16
#define REQUEST_TCP_KEEPALIVE_BIT 17
#define REQUIRE_COOKIE_BIT 18
#define REQUEST_EXPIRE_BIT 10
#define EDNS_VERSION_BIT 11
#define FORCE_TCP_BIT 12
#define SERVER_PADDING_BIT 13
#define REQUEST_TCP_KEEPALIVE_BIT 14
#define REQUIRE_COOKIE_BIT 15
static void
peerlist_delete(dns_peerlist_t **list);
@ -464,30 +458,6 @@ ACCESS_SOCKADDR(transfersource, transfer_source)
ACCESS_OPTION_OVERWRITE(ednsversion, EDNS_VERSION_BIT, uint8_t, ednsversion)
#define ACCESS_OPTION_OVERWRITEDSCP(name, macro, type, element) \
isc_result_t dns_peer_get##name(dns_peer_t *peer, type *value) { \
REQUIRE(DNS_PEER_VALID(peer)); \
REQUIRE(value != NULL); \
if (DNS_BIT_CHECK(macro, &peer->bitflags)) { \
*value = peer->element; \
return (ISC_R_SUCCESS); \
} else { \
return (ISC_R_NOTFOUND); \
} \
} \
isc_result_t dns_peer_set##name(dns_peer_t *peer, type value) { \
REQUIRE(DNS_PEER_VALID(peer)); \
REQUIRE(value < 64); \
peer->element = value; \
DNS_BIT_SET(macro, &peer->bitflags); \
return (ISC_R_SUCCESS); \
}
ACCESS_OPTION_OVERWRITEDSCP(notifydscp, NOTIFY_DSCP_BIT, isc_dscp_t,
notify_dscp)
ACCESS_OPTION_OVERWRITEDSCP(querydscp, QUERY_DSCP_BIT, isc_dscp_t, query_dscp)
ACCESS_OPTION_OVERWRITEDSCP(transferdscp, TRANSFER_DSCP_BIT, isc_dscp_t,
transfer_dscp)
isc_result_t
dns_peer_getkey(dns_peer_t *peer, dns_name_t **retval) {
REQUIRE(DNS_PEER_VALID(peer));

53
lib/dns/remote.c
View File

@ -58,8 +58,8 @@ dns_remote_tlsnames(dns_remote_t *remote) {
void
dns_remote_init(dns_remote_t *remote, unsigned int count,
const isc_sockaddr_t *addrs, const isc_sockaddr_t *srcs,
const isc_dscp_t *dscp, dns_name_t **keynames,
dns_name_t **tlsnames, bool mark, isc_mem_t *mctx) {
dns_name_t **keynames, dns_name_t **tlsnames, bool mark,
isc_mem_t *mctx) {
unsigned int i;
REQUIRE(DNS_REMOTE_VALID(remote));
@ -88,13 +88,6 @@ dns_remote_init(dns_remote_t *remote, unsigned int count,
remote->sources = NULL;
}
if (dscp != NULL) {
remote->dscps = isc_mem_get(mctx, count * sizeof(isc_dscp_t));
memmove(remote->dscps, dscp, count * sizeof(isc_dscp_t));
} else {
remote->dscps = NULL;
}
if (keynames != NULL) {
remote->keynames = isc_mem_get(mctx,
count * sizeof(keynames[0]));
@ -191,25 +184,6 @@ same_names(dns_name_t *const *oldlist, dns_name_t *const *newlist,
return (true);
}
static bool
same_dscp(isc_dscp_t *oldlist, isc_dscp_t *newlist, uint32_t count) {
unsigned int i;
if (oldlist == NULL && newlist == NULL) {
return (true);
}
if (oldlist == NULL || newlist == NULL) {
return (false);
}
for (i = 0; i < count; i++) {
if (oldlist[i] != newlist[i]) {
return (false);
}
}
return (true);
}
void
dns_remote_clear(dns_remote_t *remote) {
unsigned int count;
@ -241,11 +215,6 @@ dns_remote_clear(dns_remote_t *remote) {
remote->sources = NULL;
}
if (remote->dscps != NULL) {
isc_mem_put(mctx, remote->dscps, count * sizeof(isc_dscp_t));
remote->dscps = NULL;
}
if (remote->keynames != NULL) {
unsigned int i;
for (i = 0; i < count; i++) {
@ -293,10 +262,6 @@ dns_remote_equal(dns_remote_t *a, dns_remote_t *b) {
if (!same_addrs(a->addresses, b->addresses, a->addrcnt)) {
return (false);
}
if (!same_dscp(a->dscps, b->dscps, a->addrcnt)) {
return (false);
}
if (!same_names(a->keynames, b->keynames, a->addrcnt)) {
return (false);
}
@ -347,20 +312,6 @@ dns_remote_sourceaddr(dns_remote_t *remote) {
return (remote->sources[remote->curraddr]);
}
isc_dscp_t
dns_remote_dscp(dns_remote_t *remote) {
REQUIRE(DNS_REMOTE_VALID(remote));
if (remote->dscps == NULL) {
return -1;
}
if (remote->curraddr >= remote->addrcnt) {
return -1;
}
return (remote->dscps[remote->curraddr]);
}
dns_name_t *
dns_remote_keyname(dns_remote_t *remote) {
REQUIRE(DNS_REMOTE_VALID(remote));

36
lib/dns/request.c
View File

@ -84,7 +84,6 @@ struct dns_request {
isc_sockaddr_t destaddr;
unsigned int timeout;
unsigned int udpcount;
isc_dscp_t dscp;
};
#define DNS_REQUEST_F_CONNECTING 0x0001
@ -292,7 +291,7 @@ req_send(dns_request_t *request) {
/* detached in req_senddone() */
req_attach(request, &(dns_request_t *){ NULL });
dns_dispatch_send(request->dispentry, &r, request->dscp);
dns_dispatch_send(request->dispentry, &r);
}
static isc_result_t
@ -300,7 +299,7 @@ new_request(isc_mem_t *mctx, dns_request_t **requestp) {
dns_request_t *request = NULL;
request = isc_mem_get(mctx, sizeof(*request));
*request = (dns_request_t){ .dscp = -1 };
*request = (dns_request_t){ 0 };
ISC_LINK_INIT(request, link);
isc_refcount_init(&request->references, 1);
@ -339,7 +338,7 @@ isblackholed(dns_dispatchmgr_t *dispatchmgr, const isc_sockaddr_t *destaddr) {
static isc_result_t
tcp_dispatch(bool newtcp, dns_requestmgr_t *requestmgr,
const isc_sockaddr_t *srcaddr, const isc_sockaddr_t *destaddr,
isc_dscp_t dscp, dns_dispatch_t **dispatchp) {
dns_dispatch_t **dispatchp) {
isc_result_t result;
if (!newtcp) {
@ -356,7 +355,7 @@ tcp_dispatch(bool newtcp, dns_requestmgr_t *requestmgr,
}
result = dns_dispatch_createtcp(requestmgr->dispatchmgr, srcaddr,
destaddr, dscp, dispatchp);
destaddr, dispatchp);
return (result);
}
@ -392,12 +391,12 @@ udp_dispatch(dns_requestmgr_t *requestmgr, const isc_sockaddr_t *srcaddr,
static isc_result_t
get_dispatch(bool tcp, bool newtcp, dns_requestmgr_t *requestmgr,
const isc_sockaddr_t *srcaddr, const isc_sockaddr_t *destaddr,
isc_dscp_t dscp, dns_dispatch_t **dispatchp) {
dns_dispatch_t **dispatchp) {
isc_result_t result;
if (tcp) {
result = tcp_dispatch(newtcp, requestmgr, srcaddr, destaddr,
dscp, dispatchp);
dispatchp);
} else {
result = udp_dispatch(requestmgr, srcaddr, destaddr, dispatchp);
}
@ -409,10 +408,10 @@ dns_request_createraw(dns_requestmgr_t *requestmgr, isc_buffer_t *msgbuf,
const isc_sockaddr_t *srcaddr,
const isc_sockaddr_t *destaddr,
dns_transport_t *transport,
isc_tlsctx_cache_t *tlsctx_cache, isc_dscp_t dscp,
unsigned int options, unsigned int timeout,
unsigned int udptimeout, unsigned int udpretries,
isc_task_t *task, isc_taskaction_t action, void *arg,
isc_tlsctx_cache_t *tlsctx_cache, unsigned int options,
unsigned int timeout, unsigned int udptimeout,
unsigned int udpretries, isc_task_t *task,
isc_taskaction_t action, void *arg,
dns_request_t **requestp) {
dns_request_t *request = NULL;
isc_result_t result;
@ -453,7 +452,6 @@ dns_request_createraw(dns_requestmgr_t *requestmgr, isc_buffer_t *msgbuf,
}
request->udpcount = udpretries;
request->dscp = dscp;
request->event = (dns_requestevent_t *)isc_event_allocate(
mctx, task, DNS_EVENT_REQUESTDONE, action, arg,
@ -493,7 +491,7 @@ dns_request_createraw(dns_requestmgr_t *requestmgr, isc_buffer_t *msgbuf,
again:
result = get_dispatch(tcp, newtcp, requestmgr, srcaddr, destaddr, dscp,
result = get_dispatch(tcp, newtcp, requestmgr, srcaddr, destaddr,
&request->dispatch);
if (result != ISC_R_SUCCESS) {
goto detach;
@ -567,11 +565,10 @@ isc_result_t
dns_request_create(dns_requestmgr_t *requestmgr, dns_message_t *message,
const isc_sockaddr_t *srcaddr,
const isc_sockaddr_t *destaddr, dns_transport_t *transport,
isc_tlsctx_cache_t *tlsctx_cache, isc_dscp_t dscp,
unsigned int options, dns_tsigkey_t *key,
unsigned int timeout, unsigned int udptimeout,
unsigned int udpretries, isc_task_t *task,
isc_taskaction_t action, void *arg,
isc_tlsctx_cache_t *tlsctx_cache, unsigned int options,
dns_tsigkey_t *key, unsigned int timeout,
unsigned int udptimeout, unsigned int udpretries,
isc_task_t *task, isc_taskaction_t action, void *arg,
dns_request_t **requestp) {
dns_request_t *request = NULL;
isc_result_t result;
@ -613,7 +610,6 @@ dns_request_create(dns_requestmgr_t *requestmgr, dns_message_t *message,
}
request->udpcount = udpretries;
request->dscp = dscp;
request->event = (dns_requestevent_t *)isc_event_allocate(
mctx, task, DNS_EVENT_REQUESTDONE, action, arg,
@ -649,7 +645,7 @@ dns_request_create(dns_requestmgr_t *requestmgr, dns_message_t *message,
req_attach(request, &(dns_request_t *){ NULL });
again:
result = get_dispatch(tcp, false, requestmgr, srcaddr, destaddr, dscp,
result = get_dispatch(tcp, false, requestmgr, srcaddr, destaddr,
&request->dispatch);
if (result != ISC_R_SUCCESS) {
goto detach;

64
lib/dns/resolver.c
View File

@ -259,7 +259,6 @@ typedef struct query {
isc_buffer_t buffer;
isc_buffer_t *tsig;
dns_tsigkey_t *tsigkey;
isc_dscp_t dscp;
int ednsversion;
unsigned int options;
unsigned int attributes;
@ -552,8 +551,6 @@ struct dns_resolver {
dns_dispatchmgr_t *dispatchmgr;
dns_dispatchset_t *dispatches4;
dns_dispatchset_t *dispatches6;
isc_dscp_t querydscp4;
isc_dscp_t querydscp6;
isc_hashmap_t *fctxs;
isc_mutex_t fctxs_lock;
@ -2137,7 +2134,6 @@ fctx_query(fetchctx_t *fctx, dns_adbaddrinfo_t *addrinfo,
isc_sockaddr_t addr;
bool have_addr = false;
unsigned int srtt;
isc_dscp_t dscp = -1;
FCTXTRACE("query");
@ -2172,7 +2168,6 @@ fctx_query(fetchctx_t *fctx, dns_adbaddrinfo_t *addrinfo,
query = isc_mem_get(fctx->mctx, sizeof(*query));
*query = (resquery_t){ .options = options,
.dscp = addrinfo->dscp,
.addrinfo = addrinfo,
.dispatchmgr = res->dispatchmgr };
@ -2208,10 +2203,6 @@ fctx_query(fetchctx_t *fctx, dns_adbaddrinfo_t *addrinfo,
if (result == ISC_R_SUCCESS) {
have_addr = true;
}
result = dns_peer_getquerydscp(peer, &dscp);
if (result == ISC_R_SUCCESS) {
query->dscp = dscp;
}
result = dns_peer_getforcetcp(peer, &usetcp);
if (result == ISC_R_SUCCESS && usetcp) {
query->options |= DNS_FETCHOPT_TCP;
@ -2219,7 +2210,6 @@ fctx_query(fetchctx_t *fctx, dns_adbaddrinfo_t *addrinfo,
}
}
dscp = -1;
if ((query->options & DNS_FETCHOPT_TCP) != 0) {
int pf;
@ -2229,12 +2219,10 @@ fctx_query(fetchctx_t *fctx, dns_adbaddrinfo_t *addrinfo,
case PF_INET:
result = dns_dispatch_getlocaladdress(
res->dispatches4->dispatches[0], &addr);
dscp = dns_resolver_getquerydscp4(fctx->res);
break;
case PF_INET6:
result = dns_dispatch_getlocaladdress(
res->dispatches6->dispatches[0], &addr);
dscp = dns_resolver_getquerydscp6(fctx->res);
break;
default:
result = ISC_R_NOTIMPLEMENTED;
@ -2245,13 +2233,10 @@ fctx_query(fetchctx_t *fctx, dns_adbaddrinfo_t *addrinfo,
}
}
isc_sockaddr_setport(&addr, 0);
if (query->dscp == -1) {
query->dscp = dscp;
}
result = dns_dispatch_createtcp(res->dispatchmgr, &addr,
&addrinfo->sockaddr,
query->dscp, &query->dispatch);
&query->dispatch);
if (result != ISC_R_SUCCESS) {
goto cleanup_query;
}
@ -2259,17 +2244,6 @@ fctx_query(fetchctx_t *fctx, dns_adbaddrinfo_t *addrinfo,
FCTXTRACE("connecting via TCP");
} else {
if (have_addr) {
switch (isc_sockaddr_pf(&addr)) {
case AF_INET:
dscp = dns_resolver_getquerydscp4(fctx->res);
break;
case AF_INET6:
dscp = dns_resolver_getquerydscp6(fctx->res);
break;
default:
result = ISC_R_NOTIMPLEMENTED;
goto cleanup_query;
}
result = dns_dispatch_createudp(res->dispatchmgr, &addr,
&query->dispatch);
if (result != ISC_R_SUCCESS) {
@ -2281,13 +2255,11 @@ fctx_query(fetchctx_t *fctx, dns_adbaddrinfo_t *addrinfo,
dns_dispatch_attach(
dns_resolver_dispatchv4(res),
&query->dispatch);
dscp = dns_resolver_getquerydscp4(fctx->res);
break;
case PF_INET6:
dns_dispatch_attach(
dns_resolver_dispatchv6(res),
&query->dispatch);
dscp = dns_resolver_getquerydscp6(fctx->res);
break;
default:
result = ISC_R_NOTIMPLEMENTED;
@ -2295,9 +2267,6 @@ fctx_query(fetchctx_t *fctx, dns_adbaddrinfo_t *addrinfo,
}
}
if (query->dscp == -1) {
query->dscp = dscp;
}
/*
* We should always have a valid dispatcher here. If we
* don't support a protocol family, then its dispatcher
@ -2914,7 +2883,7 @@ resquery_send(resquery_t *query) {
isc_buffer_usedregion(&buffer, &r);
resquery_ref(query);
dns_dispatch_send(query->dispentry, &r, query->dscp);
dns_dispatch_send(query->dispentry, &r);
QTRACE("sent");
@ -3710,7 +3679,6 @@ fctx_getaddresses(fetchctx_t *fctx, bool badcache) {
if (result == ISC_R_SUCCESS) {
dns_adbaddrinfo_t *cur;
ai->flags |= FCTX_ADDRINFO_FORWARDER;
ai->dscp = fwd->dscp;
cur = ISC_LIST_HEAD(fctx->forwaddrs);
while (cur != NULL && cur->srtt < ai->srtt) {
cur = ISC_LIST_NEXT(cur, publink);
@ -10163,8 +10131,6 @@ dns_resolver_create(dns_view_t *view, isc_loopmgr_t *loopmgr,
.maxdepth = DEFAULT_RECURSION_DEPTH,
.maxqueries = DEFAULT_MAX_QUERIES,
.ntasks = isc_loopmgr_nloops(loopmgr),
.querydscp4 = -1,
.querydscp6 = -1,
.alternates = ISC_LIST_INITIALIZER,
};
@ -11306,32 +11272,6 @@ dns_resolver_settimeout(dns_resolver_t *resolver, unsigned int timeout) {
resolver->query_timeout = timeout;
}
void
dns_resolver_setquerydscp4(dns_resolver_t *resolver, isc_dscp_t dscp) {
REQUIRE(VALID_RESOLVER(resolver));
resolver->querydscp4 = dscp;
}
isc_dscp_t
dns_resolver_getquerydscp4(dns_resolver_t *resolver) {
REQUIRE(VALID_RESOLVER(resolver));
return (resolver->querydscp4);
}
void
dns_resolver_setquerydscp6(dns_resolver_t *resolver, isc_dscp_t dscp) {
REQUIRE(VALID_RESOLVER(resolver));
resolver->querydscp6 = dscp;
}
isc_dscp_t
dns_resolver_getquerydscp6(dns_resolver_t *resolver) {
REQUIRE(VALID_RESOLVER(resolver));
return (resolver->querydscp6);
}
void
dns_resolver_setmaxdepth(dns_resolver_t *resolver, unsigned int maxdepth) {
REQUIRE(VALID_RESOLVER(resolver));

24
lib/dns/xfrin.c
View File

@ -120,7 +120,6 @@ struct dns_xfrin_ctx {
* may differ due to IXFR->AXFR fallback.
*/
dns_rdatatype_t reqtype;
isc_dscp_t dscp;
isc_sockaddr_t primaryaddr;
isc_sockaddr_t sourceaddr;
@ -200,9 +199,9 @@ static void
xfrin_create(isc_mem_t *mctx, dns_zone_t *zone, dns_db_t *db, isc_nm_t *netmgr,
dns_name_t *zonename, dns_rdataclass_t rdclass,
dns_rdatatype_t reqtype, const isc_sockaddr_t *primaryaddr,
const isc_sockaddr_t *sourceaddr, isc_dscp_t dscp,
dns_tsigkey_t *tsigkey, dns_transport_t *transport,
isc_tlsctx_cache_t *tlsctx_cache, dns_xfrin_ctx_t **xfrp);
const isc_sockaddr_t *sourceaddr, dns_tsigkey_t *tsigkey,
dns_transport_t *transport, isc_tlsctx_cache_t *tlsctx_cache,
dns_xfrin_ctx_t **xfrp);
static isc_result_t
axfr_init(dns_xfrin_ctx_t *xfr);
@ -695,10 +694,9 @@ failure:
isc_result_t
dns_xfrin_create(dns_zone_t *zone, dns_rdatatype_t xfrtype,
const isc_sockaddr_t *primaryaddr,
const isc_sockaddr_t *sourceaddr, isc_dscp_t dscp,
dns_tsigkey_t *tsigkey, dns_transport_t *transport,
isc_tlsctx_cache_t *tlsctx_cache, isc_mem_t *mctx,
isc_nm_t *netmgr, dns_xfrindone_t done,
const isc_sockaddr_t *sourceaddr, dns_tsigkey_t *tsigkey,
dns_transport_t *transport, isc_tlsctx_cache_t *tlsctx_cache,
isc_mem_t *mctx, isc_nm_t *netmgr, dns_xfrindone_t done,
dns_xfrin_ctx_t **xfrp) {
dns_name_t *zonename = dns_zone_getorigin(zone);
dns_xfrin_ctx_t *xfr = NULL;
@ -716,7 +714,7 @@ dns_xfrin_create(dns_zone_t *zone, dns_rdatatype_t xfrtype,
}
xfrin_create(mctx, zone, db, netmgr, zonename, dns_zone_getclass(zone),
xfrtype, primaryaddr, sourceaddr, dscp, tsigkey, transport,
xfrtype, primaryaddr, sourceaddr, tsigkey, transport,
tlsctx_cache, &xfr);
if (db != NULL) {
@ -864,9 +862,9 @@ static void
xfrin_create(isc_mem_t *mctx, dns_zone_t *zone, dns_db_t *db, isc_nm_t *netmgr,
dns_name_t *zonename, dns_rdataclass_t rdclass,
dns_rdatatype_t reqtype, const isc_sockaddr_t *primaryaddr,
const isc_sockaddr_t *sourceaddr, isc_dscp_t dscp,
dns_tsigkey_t *tsigkey, dns_transport_t *transport,
isc_tlsctx_cache_t *tlsctx_cache, dns_xfrin_ctx_t **xfrp) {
const isc_sockaddr_t *sourceaddr, dns_tsigkey_t *tsigkey,
dns_transport_t *transport, isc_tlsctx_cache_t *tlsctx_cache,
dns_xfrin_ctx_t **xfrp) {
dns_xfrin_ctx_t *xfr = NULL;
xfr = isc_mem_get(mctx, sizeof(*xfr));
@ -874,7 +872,6 @@ xfrin_create(isc_mem_t *mctx, dns_zone_t *zone, dns_db_t *db, isc_nm_t *netmgr,
.shutdown_result = ISC_R_UNSET,
.rdclass = rdclass,
.reqtype = reqtype,
.dscp = dscp,
.id = (dns_messageid_t)isc_random16(),
.maxrecords = dns_zone_getmaxrecords(zone),
.primaryaddr = *primaryaddr,
@ -1043,7 +1040,6 @@ xfrin_connect_done(isc_nmhandle_t *handle, isc_result_t result, void *cbarg) {
xfr->handle = handle;
sockaddr = isc_nmhandle_peeraddr(handle);
isc_sockaddr_format(&sockaddr, sourcetext, sizeof(sourcetext));
/* TODO set DSCP */
if (xfr->tsigkey != NULL && xfr->tsigkey->key != NULL) {
dns_name_format(dst_key_name(xfr->tsigkey->key), signerbuf,

229
lib/dns/zone.c
View File

@ -335,12 +335,6 @@ struct dns_zone {
isc_sockaddr_t xfrsource4;
isc_sockaddr_t xfrsource6;
isc_sockaddr_t sourceaddr;
isc_dscp_t notifysrc4dscp;
isc_dscp_t notifysrc6dscp;
isc_dscp_t parentalsrc4dscp;
isc_dscp_t parentalsrc6dscp;
isc_dscp_t xfrsource4dscp;
isc_dscp_t xfrsource6dscp;
dns_xfrin_ctx_t *xfr; /* task locked */
dns_tsigkey_t *tsigkey; /* key used for xfr */
@ -668,7 +662,6 @@ struct dns_notify {
isc_sockaddr_t dst;
dns_tsigkey_t *key;
dns_transport_t *transport;
isc_dscp_t dscp;
ISC_LINK(dns_notify_t) link;
isc_event_t *event;
};
@ -689,7 +682,6 @@ struct dns_checkds {
isc_sockaddr_t dst;
dns_tsigkey_t *key;
dns_transport_t *transport;
isc_dscp_t dscp;
ISC_LINK(dns_checkds_t) link;
isc_event_t *event;
};
@ -1070,7 +1062,6 @@ struct ssevent {
struct stub_cb_args {
dns_stub_t *stub;
dns_tsigkey_t *tsig_key;
isc_dscp_t dscp;
uint16_t udpsize;
int timeout;
bool reqnsid;
@ -1118,12 +1109,6 @@ dns_zone_create(dns_zone_t **zonep, isc_mem_t *mctx, unsigned int tid) {
.check_names = dns_severity_ignore,
.idlein = DNS_DEFAULT_IDLEIN,
.idleout = DNS_DEFAULT_IDLEOUT,
.notifysrc4dscp = -1,
.notifysrc6dscp = -1,
.parentalsrc4dscp = -1,
.parentalsrc6dscp = -1,
.xfrsource4dscp = -1,
.xfrsource6dscp = -1,
.maxxfrin = MAX_XFER_TIME,
.maxxfrout = MAX_XFER_TIME,
.sigvalidityinterval = 30 * 24 * 3600,
@ -1363,7 +1348,7 @@ zone_free(dns_zone_t *zone) {
dns_zone_setparentals(zone, NULL, NULL, NULL, NULL, 0);
dns_zone_setprimaries(zone, NULL, NULL, NULL, NULL, 0);
dns_zone_setalsonotify(zone, NULL, NULL, NULL, NULL, NULL, 0);
dns_zone_setalsonotify(zone, NULL, NULL, NULL, NULL, 0);
zone->check_names = dns_severity_ignore;
if (zone->update_acl != NULL) {
@ -5995,23 +5980,6 @@ dns_zone_getxfrsource4(dns_zone_t *zone) {
return (&zone->xfrsource4);
}
isc_result_t
dns_zone_setxfrsource4dscp(dns_zone_t *zone, isc_dscp_t dscp) {
REQUIRE(DNS_ZONE_VALID(zone));
LOCK_ZONE(zone);
zone->xfrsource4dscp = dscp;
UNLOCK_ZONE(zone);
return (ISC_R_SUCCESS);
}
isc_dscp_t
dns_zone_getxfrsource4dscp(dns_zone_t *zone) {
REQUIRE(DNS_ZONE_VALID(zone));
return (zone->xfrsource4dscp);
}
isc_result_t
dns_zone_setxfrsource6(dns_zone_t *zone, const isc_sockaddr_t *xfrsource) {
REQUIRE(DNS_ZONE_VALID(zone));
@ -6029,23 +5997,6 @@ dns_zone_getxfrsource6(dns_zone_t *zone) {
return (&zone->xfrsource6);
}
isc_dscp_t
dns_zone_getxfrsource6dscp(dns_zone_t *zone) {
REQUIRE(DNS_ZONE_VALID(zone));
return (zone->xfrsource6dscp);
}
isc_result_t
dns_zone_setxfrsource6dscp(dns_zone_t *zone, isc_dscp_t dscp) {
REQUIRE(DNS_ZONE_VALID(zone));
LOCK_ZONE(zone);
zone->xfrsource6dscp = dscp;
UNLOCK_ZONE(zone);
return (ISC_R_SUCCESS);
}
isc_result_t
dns_zone_setparentalsrc4(dns_zone_t *zone, const isc_sockaddr_t *parentalsrc) {
REQUIRE(DNS_ZONE_VALID(zone));
@ -6063,23 +6014,6 @@ dns_zone_getparentalsrc4(dns_zone_t *zone) {
return (&zone->parentalsrc4);
}
isc_result_t
dns_zone_setparentalsrc4dscp(dns_zone_t *zone, isc_dscp_t dscp) {
REQUIRE(DNS_ZONE_VALID(zone));
LOCK_ZONE(zone);
zone->parentalsrc4dscp = dscp;
UNLOCK_ZONE(zone);
return (ISC_R_SUCCESS);
}
isc_dscp_t
dns_zone_getparentalsrc4dscp(dns_zone_t *zone) {
REQUIRE(DNS_ZONE_VALID(zone));
return (zone->parentalsrc4dscp);
}
isc_result_t
dns_zone_setparentalsrc6(dns_zone_t *zone, const isc_sockaddr_t *parentalsrc) {
REQUIRE(DNS_ZONE_VALID(zone));
@ -6097,23 +6031,6 @@ dns_zone_getparentalsrc6(dns_zone_t *zone) {
return (&zone->parentalsrc6);
}
isc_result_t
dns_zone_setparentalsrc6dscp(dns_zone_t *zone, isc_dscp_t dscp) {
REQUIRE(DNS_ZONE_VALID(zone));
LOCK_ZONE(zone);
zone->parentalsrc6dscp = dscp;
UNLOCK_ZONE(zone);
return (ISC_R_SUCCESS);
}
isc_dscp_t
dns_zone_getparentalsrc6dscp(dns_zone_t *zone) {
REQUIRE(DNS_ZONE_VALID(zone));
return (zone->parentalsrc6dscp);
}
isc_result_t
dns_zone_setnotifysrc4(dns_zone_t *zone, const isc_sockaddr_t *notifysrc) {
REQUIRE(DNS_ZONE_VALID(zone));
@ -6131,23 +6048,6 @@ dns_zone_getnotifysrc4(dns_zone_t *zone) {
return (&zone->notifysrc4);
}
isc_result_t
dns_zone_setnotifysrc4dscp(dns_zone_t *zone, isc_dscp_t dscp) {
REQUIRE(DNS_ZONE_VALID(zone));
LOCK_ZONE(zone);
zone->notifysrc4dscp = dscp;
UNLOCK_ZONE(zone);
return (ISC_R_SUCCESS);
}
isc_dscp_t
dns_zone_getnotifysrc4dscp(dns_zone_t *zone) {
REQUIRE(DNS_ZONE_VALID(zone));
return (zone->notifysrc4dscp);
}
isc_result_t
dns_zone_setnotifysrc6(dns_zone_t *zone, const isc_sockaddr_t *notifysrc) {
REQUIRE(DNS_ZONE_VALID(zone));
@ -6165,28 +6065,10 @@ dns_zone_getnotifysrc6(dns_zone_t *zone) {
return (&zone->notifysrc6);
}
isc_result_t
dns_zone_setnotifysrc6dscp(dns_zone_t *zone, isc_dscp_t dscp) {
REQUIRE(DNS_ZONE_VALID(zone));
LOCK_ZONE(zone);
zone->notifysrc6dscp = dscp;
UNLOCK_ZONE(zone);
return (ISC_R_SUCCESS);
}
isc_dscp_t
dns_zone_getnotifysrc6dscp(dns_zone_t *zone) {
REQUIRE(DNS_ZONE_VALID(zone));
return (zone->notifysrc6dscp);
}
void
dns_zone_setalsonotify(dns_zone_t *zone, isc_sockaddr_t *addresses,
isc_sockaddr_t *sources, isc_dscp_t *dscps,
dns_name_t **keynames, dns_name_t **tlsnames,
uint32_t count) {
isc_sockaddr_t *sources, dns_name_t **keynames,
dns_name_t **tlsnames, uint32_t count) {
dns_remote_t remote;
REQUIRE(DNS_ZONE_VALID(zone));
@ -6196,7 +6078,6 @@ dns_zone_setalsonotify(dns_zone_t *zone, isc_sockaddr_t *addresses,
remote.magic = DNS_REMOTE_MAGIC;
remote.addresses = addresses;
remote.sources = sources;
remote.dscps = dscps;
remote.keynames = keynames;
remote.tlsnames = tlsnames;
remote.addrcnt = count;
@ -6217,8 +6098,8 @@ dns_zone_setalsonotify(dns_zone_t *zone, isc_sockaddr_t *addresses,
/*
* Now set up the notify address and key lists.
*/
dns_remote_init(&zone->notify, count, addresses, sources, dscps,
keynames, tlsnames, true, zone->mctx);
dns_remote_init(&zone->notify, count, addresses, sources, keynames,
tlsnames, true, zone->mctx);
unlock:
UNLOCK_ZONE(zone);
@ -6237,7 +6118,6 @@ dns_zone_setprimaries(dns_zone_t *zone, isc_sockaddr_t *addresses,
remote.magic = DNS_REMOTE_MAGIC;
remote.addresses = addresses;
remote.sources = sources;
remote.dscps = NULL;
remote.keynames = keynames;
remote.tlsnames = tlsnames;
remote.addrcnt = count;
@ -6268,8 +6148,8 @@ dns_zone_setprimaries(dns_zone_t *zone, isc_sockaddr_t *addresses,
/*
* Now set up the primaries and primary key lists.
*/
dns_remote_init(&zone->primaries, count, addresses, sources, NULL,
keynames, tlsnames, true, zone->mctx);
dns_remote_init(&zone->primaries, count, addresses, sources, keynames,
tlsnames, true, zone->mctx);
DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_NOPRIMARIES);
@ -6290,7 +6170,6 @@ dns_zone_setparentals(dns_zone_t *zone, isc_sockaddr_t *addresses,
remote.magic = DNS_REMOTE_MAGIC;
remote.addresses = addresses;
remote.sources = sources;
remote.dscps = NULL;
remote.keynames = keynames;
remote.tlsnames = tlsnames;
remote.addrcnt = count;
@ -6311,8 +6190,8 @@ dns_zone_setparentals(dns_zone_t *zone, isc_sockaddr_t *addresses,
/*
* Now set up the parentals and parental key lists.
*/
dns_remote_init(&zone->parentals, count, addresses, sources, NULL,
keynames, tlsnames, true, zone->mctx);
dns_remote_init(&zone->parentals, count, addresses, sources, keynames,
tlsnames, true, zone->mctx);
dns_zone_log(zone, ISC_LOG_NOTICE, "checkds: set %u parentals", count);
@ -12507,8 +12386,6 @@ notify_send_toaddr(isc_task_t *task, isc_event_t *event) {
isc_sockaddr_t src;
unsigned int options, timeout;
bool have_notifysource = false;
bool have_notifydscp = false;
isc_dscp_t dscp = -1;
notify = event->ev_arg;
REQUIRE(DNS_NOTIFY_VALID(notify));
@ -12591,10 +12468,6 @@ notify_send_toaddr(isc_task_t *task, isc_event_t *event) {
if (result == ISC_R_SUCCESS) {
have_notifysource = true;
}
dns_peer_getnotifydscp(peer, &dscp);
if (dscp != -1) {
have_notifydscp = true;
}
result = dns_peer_getforcetcp(peer, &usetcp);
if (result == ISC_R_SUCCESS && usetcp) {
options |= DNS_FETCHOPT_TCP;
@ -12612,9 +12485,6 @@ notify_send_toaddr(isc_task_t *task, isc_event_t *event) {
src = notify->zone->notifysrc4;
}
}
if (!have_notifydscp) {
dscp = notify->zone->notifysrc4dscp;
}
break;
case PF_INET6:
if (!have_notifysource) {
@ -12626,9 +12496,6 @@ notify_send_toaddr(isc_task_t *task, isc_event_t *event) {
src = notify->zone->notifysrc6;
}
}
if (!have_notifydscp) {
dscp = notify->zone->notifysrc6dscp;
}
break;
default:
result = ISC_R_NOTIMPLEMENTED;
@ -12640,7 +12507,7 @@ notify_send_toaddr(isc_task_t *task, isc_event_t *event) {
}
result = dns_request_create(
notify->zone->view->requestmgr, message, &src, &notify->dst,
NULL, NULL, dscp, options, key, timeout * 3, timeout, 2,
NULL, NULL, options, key, timeout * 3, timeout, 2,
notify->zone->task, notify_done, notify, &notify->request);
if (result == ISC_R_SUCCESS) {
if (isc_sockaddr_pf(&notify->dst) == AF_INET) {
@ -13360,7 +13227,7 @@ stub_request_nameserver_address(struct stub_cb_args *args, bool ipv4,
curraddr = dns_remote_curraddr(&zone->primaries);
result = dns_request_create(
zone->view->requestmgr, message, &zone->sourceaddr, &curraddr,
NULL, NULL, args->dscp, DNS_REQUESTOPT_TCP, args->tsig_key,
NULL, NULL, DNS_REQUESTOPT_TCP, args->tsig_key,
args->timeout * 3, args->timeout, 2, zone->task,
stub_glue_response_cb, request, &request->request);
@ -14349,9 +14216,8 @@ soa_query(isc_task_t *task, isc_event_t *event) {
uint32_t options;
bool cancel = true;
int timeout;
bool have_xfrsource, have_xfrdscp, reqnsid, reqexpire;
bool have_xfrsource = false, reqnsid, reqexpire;
uint16_t udpsize = SEND_BUFFER_SIZE;
isc_dscp_t dscp = -1;
isc_sockaddr_t curraddr, sourceaddr;
bool do_queue_xfrin = false;
@ -14429,7 +14295,6 @@ again:
options = DNS_ZONE_FLAG(zone, DNS_ZONEFLG_USEVC) ? DNS_REQUESTOPT_TCP
: 0;
have_xfrsource = have_xfrdscp = false;
reqnsid = zone->view->requestnsid;
reqexpire = zone->requestexpire;
if (zone->view->peers != NULL) {
@ -14447,10 +14312,6 @@ again:
if (result == ISC_R_SUCCESS) {
have_xfrsource = true;
}
(void)dns_peer_gettransferdscp(peer, &dscp);
if (dscp != -1) {
have_xfrdscp = true;
}
udpsize = dns_view_getudpsize(zone->view);
(void)dns_peer_getudpsize(peer, &udpsize);
(void)dns_peer_getrequestnsid(peer, &reqnsid);
@ -14473,9 +14334,6 @@ again:
zone->sourceaddr = zone->xfrsource4;
}
}
if (!have_xfrdscp) {
dscp = zone->xfrsource4dscp;
}
break;
case PF_INET6:
if (!have_xfrsource) {
@ -14487,9 +14345,6 @@ again:
zone->sourceaddr = zone->xfrsource6;
}
}
if (!have_xfrdscp) {
dscp = zone->xfrsource6dscp;
}
break;
default:
result = ISC_R_NOTIMPLEMENTED;
@ -14527,8 +14382,8 @@ again:
}
result = dns_request_create(
zone->view->requestmgr, message, &zone->sourceaddr, &curraddr,
NULL, NULL, dscp, options, key, timeout * 3, timeout, 2,
zone->task, refresh_callback, zone, &zone->request);
NULL, NULL, options, key, timeout * 3, timeout, 2, zone->task,
refresh_callback, zone, &zone->request);
if (result != ISC_R_SUCCESS) {
zone_idetach(&dummy);
zone_debuglog(zone, __func__, 1,
@ -14596,10 +14451,9 @@ ns_query(dns_zone_t *zone, dns_rdataset_t *soardataset, dns_stub_t *stub) {
dns_tsigkey_t *key = NULL;
dns_dbnode_t *node = NULL;
int timeout;
bool have_xfrsource = false, have_xfrdscp = false;
bool have_xfrsource = false;
bool reqnsid;
uint16_t udpsize = SEND_BUFFER_SIZE;
isc_dscp_t dscp = -1;
isc_sockaddr_t curraddr, sourceaddr;
struct stub_cb_args *cb_args;
@ -14734,10 +14588,6 @@ ns_query(dns_zone_t *zone, dns_rdataset_t *soardataset, dns_stub_t *stub) {
if (result == ISC_R_SUCCESS) {
have_xfrsource = true;
}
result = dns_peer_gettransferdscp(peer, &dscp);
if (result == ISC_R_SUCCESS && dscp != -1) {
have_xfrdscp = true;
}
udpsize = dns_view_getudpsize(zone->view);
(void)dns_peer_getudpsize(peer, &udpsize);
(void)dns_peer_getrequestnsid(peer, &reqnsid);
@ -14766,9 +14616,6 @@ ns_query(dns_zone_t *zone, dns_rdataset_t *soardataset, dns_stub_t *stub) {
zone->sourceaddr = zone->xfrsource4;
}
}
if (!have_xfrdscp) {
dscp = zone->xfrsource4dscp;
}
break;
case PF_INET6:
if (!have_xfrsource) {
@ -14780,9 +14627,6 @@ ns_query(dns_zone_t *zone, dns_rdataset_t *soardataset, dns_stub_t *stub) {
zone->sourceaddr = zone->xfrsource6;
}
}
if (!have_xfrdscp) {
dscp = zone->xfrsource6dscp;
}
break;
default:
result = ISC_R_NOTIMPLEMENTED;
@ -14801,15 +14645,14 @@ ns_query(dns_zone_t *zone, dns_rdataset_t *soardataset, dns_stub_t *stub) {
cb_args = isc_mem_get(zone->mctx, sizeof(*cb_args));
cb_args->stub = stub;
cb_args->tsig_key = key;
cb_args->dscp = dscp;
cb_args->udpsize = udpsize;
cb_args->timeout = timeout;
cb_args->reqnsid = reqnsid;
result = dns_request_create(
zone->view->requestmgr, message, &zone->sourceaddr, &curraddr,
NULL, NULL, dscp, DNS_REQUESTOPT_TCP, key, timeout * 3, timeout,
2, zone->task, stub_callback, cb_args, &zone->request);
NULL, NULL, DNS_REQUESTOPT_TCP, key, timeout * 3, timeout, 2,
zone->task, stub_callback, cb_args, &zone->request);
if (result != ISC_R_SUCCESS) {
zone_debuglog(zone, __func__, 1,
"dns_request_create() failed: %s",
@ -17840,7 +17683,6 @@ got_transfer_quota(isc_task_t *task, isc_event_t *event) {
isc_sockaddr_t sourceaddr;
isc_time_t now;
const char *soa_before = "";
isc_dscp_t dscp = -1;
bool loaded;
UNUSED(task);
@ -17970,24 +17812,8 @@ got_transfer_quota(isc_task_t *task, isc_event_t *event) {
isc_result_totext(result));
}
dscp = dns_remote_dscp(&zone->primaries);
LOCK_ZONE(zone);
sourceaddr = zone->sourceaddr;
switch (isc_sockaddr_pf(&primaryaddr)) {
case PF_INET:
if (dscp == -1) {
dscp = zone->xfrsource4dscp;
}
break;
case PF_INET6:
if (dscp == -1) {
dscp = zone->xfrsource6dscp;
}
break;
default:
UNREACHABLE();
}
UNLOCK_ZONE(zone);
INSIST(isc_sockaddr_pf(&primaryaddr) == isc_sockaddr_pf(&sourceaddr));
@ -17995,7 +17821,7 @@ got_transfer_quota(isc_task_t *task, isc_event_t *event) {
dns_xfrin_detach(&zone->xfr);
}
CHECK(dns_xfrin_create(zone, xfrtype, &primaryaddr, &sourceaddr, dscp,
CHECK(dns_xfrin_create(zone, xfrtype, &primaryaddr, &sourceaddr,
zone->tsigkey, zone->transport,
zone->zmgr->tlsctx_cache, zone->mctx,
zone->zmgr->netmgr, zone_xfrdone, &zone->xfr));
@ -18059,7 +17885,6 @@ static isc_result_t
sendtoprimary(dns_forward_t *forward) {
isc_result_t result;
isc_sockaddr_t src, any;
isc_dscp_t dscp = -1;
dns_zone_t *zone = forward->zone;
bool tls_transport_invalid = false;
@ -18089,7 +17914,6 @@ sendtoprimary(dns_forward_t *forward) {
if (isc_sockaddr_equal(&src, &any)) {
src = zone->xfrsource4;
}
dscp = zone->xfrsource4dscp;
break;
case PF_INET6:
isc_sockaddr_any6(&any);
@ -18097,7 +17921,6 @@ sendtoprimary(dns_forward_t *forward) {
if (isc_sockaddr_equal(&src, &any)) {
src = zone->xfrsource6;
}
dscp = zone->xfrsource6dscp;
break;
default:
result = ISC_R_NOTIMPLEMENTED;
@ -18127,7 +17950,7 @@ sendtoprimary(dns_forward_t *forward) {
result = dns_request_createraw(
forward->zone->view->requestmgr, forward->msgbuf, &src,
&forward->addr, forward->transport, zone->zmgr->tlsctx_cache,
dscp, forward->options, 15 /* XXX */, 0, 0, forward->zone->task,
forward->options, 15 /* XXX */, 0, 0, forward->zone->task,
forward_callback, forward, &forward->request);
if (result == ISC_R_SUCCESS) {
if (!ISC_LINK_LINKED(forward, link)) {
@ -20727,8 +20550,6 @@ checkds_send_toaddr(isc_task_t *task, isc_event_t *event) {
isc_sockaddr_t src;
unsigned int options, timeout;
bool have_checkdssource = false;
bool have_checkdsdscp = false;
isc_dscp_t dscp = -1;
checkds = event->ev_arg;
REQUIRE(DNS_CHECKDS_VALID(checkds));
@ -20810,10 +20631,6 @@ checkds_send_toaddr(isc_task_t *task, isc_event_t *event) {
if (result == ISC_R_SUCCESS) {
have_checkdssource = true;
}
dns_peer_getquerydscp(peer, &dscp);
if (dscp != -1) {
have_checkdsdscp = true;
}
result = dns_peer_getforcetcp(peer, &usetcp);
if (result == ISC_R_SUCCESS && usetcp) {
options |= DNS_FETCHOPT_TCP;
@ -20831,9 +20648,6 @@ checkds_send_toaddr(isc_task_t *task, isc_event_t *event) {
src = checkds->zone->parentalsrc4;
}
}
if (!have_checkdsdscp) {
dscp = checkds->zone->parentalsrc4dscp;
}
break;
case PF_INET6:
if (!have_checkdssource) {
@ -20845,9 +20659,6 @@ checkds_send_toaddr(isc_task_t *task, isc_event_t *event) {
src = checkds->zone->parentalsrc6;
}
}
if (!have_checkdsdscp) {
dscp = checkds->zone->parentalsrc6dscp;
}
break;
default:
result = ISC_R_NOTIMPLEMENTED;
@ -20861,7 +20672,7 @@ checkds_send_toaddr(isc_task_t *task, isc_event_t *event) {
options |= DNS_REQUESTOPT_TCP;
result = dns_request_create(
checkds->zone->view->requestmgr, message, &src, &checkds->dst,
NULL, NULL, dscp, options, key, timeout * 3, timeout, 2,
NULL, NULL, options, key, timeout * 3, timeout, 2,
checkds->zone->task, checkds_done, checkds, &checkds->request);
if (result != ISC_R_SUCCESS) {
dns_zone_log(checkds->zone, ISC_LOG_DEBUG(3),

14
lib/isc/include/isc/net.h
View File

@ -272,20 +272,6 @@ isc_net_probeunix(void);
* Returns whether UNIX domain sockets are supported.
*/
#define ISC_NET_DSCPRECVV4 0x01 /* Can receive sent DSCP value IPv4 */
#define ISC_NET_DSCPRECVV6 0x02 /* Can receive sent DSCP value IPv6 */
#define ISC_NET_DSCPSETV4 0x04 /* Can set DSCP on socket IPv4 */
#define ISC_NET_DSCPSETV6 0x08 /* Can set DSCP on socket IPv6 */
#define ISC_NET_DSCPPKTV4 0x10 /* Can set DSCP on per packet IPv4 */
#define ISC_NET_DSCPPKTV6 0x20 /* Can set DSCP on per packet IPv6 */
#define ISC_NET_DSCPALL 0x3f /* All valid flags */
unsigned int
isc_net_probedscp(void);
/*%<
* Probe the level of DSCP support.
*/
isc_result_t
isc_net_getudpportrange(int af, in_port_t *low, in_port_t *high);
/*%<

13
lib/isc/include/isc/types.h
View File

@ -40,13 +40,12 @@ typedef struct isc_constregion isc_constregion_t; /*%< Const region */
typedef struct isc_consttextregion isc_consttextregion_t; /*%< Const Text Region
*/
typedef struct isc_counter isc_counter_t; /*%< Counter */
typedef int16_t isc_dscp_t; /*%< Diffserv code point */
typedef struct isc_event isc_event_t; /*%< Event */
typedef ISC_LIST(isc_event_t) isc_eventlist_t; /*%< Event List */
typedef unsigned int isc_eventtype_t; /*%< Event Type */
typedef uint32_t isc_fsaccess_t; /*%< FS Access */
typedef struct isc_hash isc_hash_t; /*%< Hash */
typedef struct isc_httpd isc_httpd_t; /*%< HTTP client */
typedef struct isc_event isc_event_t; /*%< Event */
typedef ISC_LIST(isc_event_t) isc_eventlist_t; /*%< Event List */
typedef unsigned int isc_eventtype_t; /*%< Event Type */
typedef uint32_t isc_fsaccess_t; /*%< FS Access */
typedef struct isc_hash isc_hash_t; /*%< Hash */
typedef struct isc_httpd isc_httpd_t; /*%< HTTP client */
typedef void(isc_httpdfree_t)(isc_buffer_t *, void *); /*%< HTTP free function
*/
typedef struct isc_httpdmgr isc_httpdmgr_t; /*%< HTTP manager */

338
lib/isc/net.c
View File

@ -109,14 +109,12 @@ static isc_once_t once_ipv6pktinfo = ISC_ONCE_INIT;
#endif /* ! ISC_CMSG_IP_TOS */
static isc_once_t once = ISC_ONCE_INIT;
static isc_once_t once_dscp = ISC_ONCE_INIT;
static isc_result_t ipv4_result = ISC_R_NOTFOUND;
static isc_result_t ipv6_result = ISC_R_NOTFOUND;
static isc_result_t unix_result = ISC_R_NOTFOUND;
static isc_result_t ipv6only_result = ISC_R_NOTFOUND;
static isc_result_t ipv6pktinfo_result = ISC_R_NOTFOUND;
static unsigned int dscp_result = 0;
static isc_result_t
try_proto(int domain) {
@ -344,342 +342,6 @@ isc_net_probe_ipv6pktinfo(void) {
return (ipv6pktinfo_result);
}
#if ISC_CMSG_IP_TOS || defined(IPV6_TCLASS)
static socklen_t
cmsg_len(socklen_t len) {
#ifdef CMSG_LEN
return (CMSG_LEN(len));
#else /* ifdef CMSG_LEN */
socklen_t hdrlen;
/*
* Cast NULL so that any pointer arithmetic performed by CMSG_DATA
* is correct.
*/
hdrlen = (socklen_t)CMSG_DATA(((struct cmsghdr *)NULL));
return (hdrlen + len);
#endif /* ifdef CMSG_LEN */
}
static socklen_t
cmsg_space(socklen_t len) {
#ifdef CMSG_SPACE
return (CMSG_SPACE(len));
#else /* ifdef CMSG_SPACE */
struct msghdr msg;
struct cmsghdr *cmsgp;
/*
* XXX: The buffer length is an ad-hoc value, but should be enough
* in a practical sense.
*/
char dummybuf[sizeof(struct cmsghdr) + 1024];
memset(&msg, 0, sizeof(msg));
msg.msg_control = dummybuf;
msg.msg_controllen = sizeof(dummybuf);
cmsgp = (struct cmsghdr *)dummybuf;
cmsgp->cmsg_len = cmsg_len(len);
cmsgp = CMSG_NXTHDR(&msg, cmsgp);
if (cmsgp != NULL) {
return ((char *)cmsgp - (char *)msg.msg_control);
} else {
return (0);
}
#endif /* ifdef CMSG_SPACE */
}
/*
* Make a fd non-blocking.
*/
static isc_result_t
make_nonblock(int fd) {
int ret;
int flags;
#ifdef USE_FIONBIO_IOCTL
flags = 1;
ret = ioctl(fd, FIONBIO, (char *)&flags);
#else /* ifdef USE_FIONBIO_IOCTL */
flags = fcntl(fd, F_GETFL, 0);
flags |= O_NONBLOCK;
ret = fcntl(fd, F_SETFL, flags);
#endif /* ifdef USE_FIONBIO_IOCTL */
if (ret == -1) {
#ifdef USE_FIONBIO_IOCTL
UNEXPECTED_SYSERROR(errno, "ioctl(%d, FIONBIO, &on)", fd);
#else
UNEXPECTED_SYSERROR(errno, "fcntl(%d, F_SETFL, %d)", fd, flags);
#endif
return (ISC_R_UNEXPECTED);
}
return (ISC_R_SUCCESS);
}
static bool
cmsgsend(int s, int level, int type, struct addrinfo *res) {
char strbuf[ISC_STRERRORSIZE];
struct sockaddr_storage ss;
socklen_t len = sizeof(ss);
struct msghdr msg;
union {
struct cmsghdr h;
unsigned char b[256];
} control;
struct cmsghdr *cmsgp;
int dscp = (46 << 2); /* Expedited forwarding. */
struct iovec iovec;
char buf[1] = { 0 };
isc_result_t result;
if (bind(s, res->ai_addr, res->ai_addrlen) < 0) {
strerror_r(errno, strbuf, sizeof(strbuf));
isc_log_write(isc_lctx, ISC_LOGCATEGORY_GENERAL,
ISC_LOGMODULE_SOCKET, ISC_LOG_DEBUG(10),
"bind: %s", strbuf);
return (false);
}
if (getsockname(s, (struct sockaddr *)&ss, &len) < 0) {
strerror_r(errno, strbuf, sizeof(strbuf));
isc_log_write(isc_lctx, ISC_LOGCATEGORY_GENERAL,
ISC_LOGMODULE_SOCKET, ISC_LOG_DEBUG(10),
"getsockname: %s", strbuf);
return (false);
}
iovec.iov_base = buf;
iovec.iov_len = sizeof(buf);
memset(&msg, 0, sizeof(msg));
msg.msg_name = (struct sockaddr *)&ss;
msg.msg_namelen = len;
msg.msg_iov = &iovec;
msg.msg_iovlen = 1;
msg.msg_control = (void *)&control;
msg.msg_controllen = 0;
msg.msg_flags = 0;
cmsgp = msg.msg_control;
switch (type) {
#ifdef IP_TOS
case IP_TOS:
memset(cmsgp, 0, cmsg_space(sizeof(char)));
cmsgp->cmsg_level = level;
cmsgp->cmsg_type = type;
cmsgp->cmsg_len = cmsg_len(sizeof(char));
*(unsigned char *)CMSG_DATA(cmsgp) = dscp;
msg.msg_controllen += cmsg_space(sizeof(char));
break;
#endif /* ifdef IP_TOS */
#ifdef IPV6_TCLASS
case IPV6_TCLASS:
memset(cmsgp, 0, cmsg_space(sizeof(dscp)));
cmsgp->cmsg_level = level;
cmsgp->cmsg_type = type;
cmsgp->cmsg_len = cmsg_len(sizeof(dscp));
memmove(CMSG_DATA(cmsgp), &dscp, sizeof(dscp));
msg.msg_controllen += cmsg_space(sizeof(dscp));
break;
#endif /* ifdef IPV6_TCLASS */
default:
UNREACHABLE();
}
if (sendmsg(s, &msg, 0) < 0) {
switch (errno) {
#ifdef ENOPROTOOPT
case ENOPROTOOPT:
#endif /* ifdef ENOPROTOOPT */
#ifdef EOPNOTSUPP
case EOPNOTSUPP:
#endif /* ifdef EOPNOTSUPP */
case EINVAL:
case EPERM:
strerror_r(errno, strbuf, sizeof(strbuf));
isc_log_write(isc_lctx, ISC_LOGCATEGORY_GENERAL,
ISC_LOGMODULE_SOCKET, ISC_LOG_DEBUG(10),
"sendmsg: %s", strbuf);
break;
default:
UNEXPECTED_SYSERROR(
errno, "probing sendmsg() with %s=%02x failed",
(type == IP_TOS) ? "IP_TOS" : "IPV6_TCLASS",
dscp);
break;
}
return (false);
}
/*
* Make sure the message actually got sent.
*/
result = make_nonblock(s);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
iovec.iov_base = buf;
iovec.iov_len = sizeof(buf);
memset(&msg, 0, sizeof(msg));
msg.msg_name = (struct sockaddr *)&ss;
msg.msg_namelen = sizeof(ss);
msg.msg_iov = &iovec;
msg.msg_iovlen = 1;
msg.msg_control = NULL;
msg.msg_controllen = 0;
msg.msg_flags = 0;
if (recvmsg(s, &msg, 0) < 0) {
return (false);
}
return (true);
}
#endif /* if ISC_CMSG_IP_TOS || defined(IPV6_TCLASS) */
static void
try_dscp_v4(void) {
#ifdef IP_TOS
char strbuf[ISC_STRERRORSIZE];
struct addrinfo hints, *res0;
int s, dscp = 0, n;
#ifdef IP_RECVTOS
int on = 1;
#endif /* IP_RECVTOS */
memset(&hints, 0, sizeof(hints));
hints.ai_family = AF_INET;
hints.ai_socktype = SOCK_DGRAM;
hints.ai_protocol = IPPROTO_UDP;
#ifdef AI_NUMERICHOST
hints.ai_flags = AI_PASSIVE | AI_NUMERICHOST;
#else /* ifdef AI_NUMERICHOST */
hints.ai_flags = AI_PASSIVE;
#endif /* ifdef AI_NUMERICHOST */
n = getaddrinfo("127.0.0.1", NULL, &hints, &res0);
if (n != 0 || res0 == NULL) {
isc_log_write(isc_lctx, ISC_LOGCATEGORY_GENERAL,
ISC_LOGMODULE_SOCKET, ISC_LOG_DEBUG(10),
"getaddrinfo(127.0.0.1): %s", gai_strerror(n));
return;
}
s = socket(res0->ai_family, res0->ai_socktype, res0->ai_protocol);
if (s == -1) {
strerror_r(errno, strbuf, sizeof(strbuf));
isc_log_write(isc_lctx, ISC_LOGCATEGORY_GENERAL,
ISC_LOGMODULE_SOCKET, ISC_LOG_DEBUG(10),
"socket: %s", strbuf);
freeaddrinfo(res0);
return;
}
if (setsockopt(s, IPPROTO_IP, IP_TOS, &dscp, sizeof(dscp)) == 0) {
dscp_result |= ISC_NET_DSCPSETV4;
}
#ifdef IP_RECVTOS
on = 1;
if (setsockopt(s, IPPROTO_IP, IP_RECVTOS, &on, sizeof(on)) == 0) {
dscp_result |= ISC_NET_DSCPRECVV4;
}
#endif /* IP_RECVTOS */
#if ISC_CMSG_IP_TOS
if (cmsgsend(s, IPPROTO_IP, IP_TOS, res0)) {
dscp_result |= ISC_NET_DSCPPKTV4;
}
#endif /* ISC_CMSG_IP_TOS */
freeaddrinfo(res0);
close(s);
#endif /* IP_TOS */
}
static void
try_dscp_v6(void) {
#ifdef IPV6_TCLASS
char strbuf[ISC_STRERRORSIZE];
struct addrinfo hints, *res0;
int s, dscp = 0, n;
#if defined(IPV6_RECVTCLASS)
int on = 1;
#endif /* IPV6_RECVTCLASS */
memset(&hints, 0, sizeof(hints));
hints.ai_family = AF_INET6;
hints.ai_socktype = SOCK_DGRAM;
hints.ai_protocol = IPPROTO_UDP;
#ifdef AI_NUMERICHOST
hints.ai_flags = AI_PASSIVE | AI_NUMERICHOST;
#else /* ifdef AI_NUMERICHOST */
hints.ai_flags = AI_PASSIVE;
#endif /* ifdef AI_NUMERICHOST */
n = getaddrinfo("::1", NULL, &hints, &res0);
if (n != 0 || res0 == NULL) {
isc_log_write(isc_lctx, ISC_LOGCATEGORY_GENERAL,
ISC_LOGMODULE_SOCKET, ISC_LOG_DEBUG(10),
"getaddrinfo(::1): %s", gai_strerror(n));
return;
}
s = socket(res0->ai_family, res0->ai_socktype, res0->ai_protocol);
if (s == -1) {
strerror_r(errno, strbuf, sizeof(strbuf));
isc_log_write(isc_lctx, ISC_LOGCATEGORY_GENERAL,
ISC_LOGMODULE_SOCKET, ISC_LOG_DEBUG(10),
"socket: %s", strbuf);
freeaddrinfo(res0);
return;
}
if (setsockopt(s, IPPROTO_IPV6, IPV6_TCLASS, &dscp, sizeof(dscp)) == 0)
{
dscp_result |= ISC_NET_DSCPSETV6;
}
#ifdef IPV6_RECVTCLASS
on = 1;
if (setsockopt(s, IPPROTO_IPV6, IPV6_RECVTCLASS, &on, sizeof(on)) == 0)
{
dscp_result |= ISC_NET_DSCPRECVV6;
}
#endif /* IPV6_RECVTCLASS */
if (cmsgsend(s, IPPROTO_IPV6, IPV6_TCLASS, res0)) {
dscp_result |= ISC_NET_DSCPPKTV6;
}
freeaddrinfo(res0);
close(s);
#endif /* IPV6_TCLASS */
}
static void
try_dscp(void) {
try_dscp_v4();
try_dscp_v6();
}
static void
initialize_dscp(void) {
isc_once_do(&once_dscp, try_dscp);
}
unsigned int
isc_net_probedscp(void) {
initialize_dscp();
return (dscp_result);
}
#if defined(USE_SYSCTL_PORTRANGE)
#if defined(HAVE_SYSCTLBYNAME)
static isc_result_t

Some files were not shown because too many files have changed in this diff Show More