Merge branch '824-configure-nsip' into 'master'

remove --disable-rpz-nsip and --disable-rpz-nsdname from configure

Closes #824

See merge request isc-projects/bind9!1376

CHANGES

@@ -1,3 +1,8 @@
+5142.	[cleanup]	Removed "configure --disable-rpz-nsip" and
+			"--disable-rpz-nsdname" options. "nsip-enable"
+			and "nsdname-enable" both now default to yes,
+			regardless of compile-time settings. [GL #824]
+
 5141.	[placeholder]
 
 5140.	[bug]		Don't immediately mark existing keys as inactive and

bin/named/server.c

@@ -2289,21 +2289,18 @@ configure_rpz(dns_view_t *view, const cfg_obj_t **maps,
 	if (zone_element == NULL)
 		return (ISC_R_SUCCESS);
 
-#ifdef ENABLE_RPZ_NSIP
 	nsip_enabled = true;
-	nsdname_enabled = true;
-#else
-	nsip_enabled = false;
-	nsdname_enabled = false;
-#endif
 	sub_obj = cfg_tuple_get(rpz_obj, "nsip-enable");
-	if (!cfg_obj_isvoid(sub_obj))
+	if (!cfg_obj_isvoid(sub_obj)) {
 		nsip_enabled = cfg_obj_asboolean(sub_obj);
+	}
 	nsip_on = nsip_enabled ? DNS_RPZ_ALL_ZBITS : 0;
 
+	nsdname_enabled = true;
 	sub_obj = cfg_tuple_get(rpz_obj, "nsdname-enable");
-	if (!cfg_obj_isvoid(sub_obj))
+	if (!cfg_obj_isvoid(sub_obj)) {
 		nsdname_enabled = cfg_obj_asboolean(sub_obj);
+	}
 	nsdname_on = nsdname_enabled ? DNS_RPZ_ALL_ZBITS : 0;
 
 	/*

bin/tests/system/feature-test.c

@@ -45,8 +45,6 @@ usage() {
 	fprintf(stderr, "	--have-geoip\n");
 	fprintf(stderr, "	--have-libxml2\n");
 	fprintf(stderr, "	--ipv6only=no\n");
-	fprintf(stderr, "	--rpz-nsdname\n");
-	fprintf(stderr, "	--rpz-nsip\n");
 	fprintf(stderr, "	--with-idn\n");
 	fprintf(stderr, "	--with-lmdb\n");
 }
@@ -136,22 +134,6 @@ main(int argc, char **argv) {
 #endif
 	}
 
-	if (strcmp(argv[1], "--rpz-nsip") == 0) {
-#ifdef ENABLE_RPZ_NSIP
-		return (0);
-#else
-		return (1);
-#endif
-	}
-
-	if (strcmp(argv[1], "--rpz-nsdname") == 0) {
-#ifdef ENABLE_RPZ_NSDNAME
-		return (0);
-#else
-		return (1);
-#endif
-	}
-
 	if (strcmp(argv[1], "--with-idn") == 0) {
 #ifdef HAVE_LIBIDN2
 		return (0);

config.h.in

@@ -21,12 +21,6 @@
 /* Define to enable American Fuzzy Lop test harness */
 #undef ENABLE_AFL
 
-/* Define to enable rpz nsdname rules. */
-#undef ENABLE_RPZ_NSDNAME
-
-/* Define to enable rpz nsip rules. */
-#undef ENABLE_RPZ_NSIP
-
 /* define if you want TCP_FASTOPEN enabled if available */
 #undef ENABLE_TCP_FASTOPEN
 

config.h.win32

@@ -325,12 +325,6 @@ typedef __int64 off_t;
 /* Define if zlib was found */
 @HAVE_ZLIB@
 
-/* Define to enable rpz-nsdname rules. */
-@ENABLE_RPZ_NSDNAME@
-
-/* Define to enable rpz-nsip rules. */
-@ENABLE_RPZ_NSIP@
-
 /* From enable developer */
 @ISC_LIST_CHECKINIT@
 

configure

@@ -842,6 +842,7 @@ infodir
 docdir
 oldincludedir
 includedir
+runstatedir
 localstatedir
 sharedstatedir
 sysconfdir
@@ -917,8 +918,6 @@ enable_isc_spnego
 enable_chroot
 enable_linux_caps
 enable_fixed_rrset
-enable_rpz_nsip
-enable_rpz_nsdname
 enable_dnstap
 with_protobuf_c
 with_libfstrm
@@ -1001,6 +1000,7 @@ datadir='${datarootdir}'
 sysconfdir='${prefix}/etc'
 sharedstatedir='${prefix}/com'
 localstatedir='${prefix}/var'
+runstatedir='${localstatedir}/run'
 includedir='${prefix}/include'
 oldincludedir='/usr/include'
 docdir='${datarootdir}/doc/${PACKAGE_TARNAME}'
@@ -1253,6 +1253,15 @@ do
   | -silent | --silent | --silen | --sile | --sil)
     silent=yes ;;
 
+  -runstatedir | --runstatedir | --runstatedi | --runstated \
+  | --runstate | --runstat | --runsta | --runst | --runs \
+  | --run | --ru | --r)
+    ac_prev=runstatedir ;;
+  -runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \
+  | --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \
+  | --run=* | --ru=* | --r=*)
+    runstatedir=$ac_optarg ;;
+
   -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
     ac_prev=sbindir ;;
   -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
@@ -1390,7 +1399,7 @@ fi
 for ac_var in	exec_prefix prefix bindir sbindir libexecdir datarootdir \
 		datadir sysconfdir sharedstatedir localstatedir includedir \
 		oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
-		libdir localedir mandir
+		libdir localedir mandir runstatedir
 do
   eval ac_val=\$$ac_var
   # Remove trailing slashes.
@@ -1543,6 +1552,7 @@ Fine tuning of the installation directories:
   --sysconfdir=DIR        read-only single-machine data [PREFIX/etc]
   --sharedstatedir=DIR    modifiable architecture-independent data [PREFIX/com]
   --localstatedir=DIR     modifiable single-machine data [PREFIX/var]
+  --runstatedir=DIR       modifiable per-process data [LOCALSTATEDIR/run]
   --libdir=DIR            object code libraries [EPREFIX/lib]
   --includedir=DIR        C header files [PREFIX/include]
   --oldincludedir=DIR     C header files for non-gcc [/usr/include]
@@ -1605,8 +1615,6 @@ Optional Features:
   --disable-chroot        disable chroot
   --disable-linux-caps    disable Linux capabilities
   --enable-fixed-rrset    enable fixed rrset ordering [default=no]
-  --disable-rpz-nsip      disable rpz nsip rules [default=enabled]
-  --disable-rpz-nsdname   disable rpz nsdname rules [default=enabled]
   --enable-dnstap         enable dnstap support (requires fstrm, protobuf-c)
   --enable-querytrace     enable very verbose query trace logging [default=no]
   --enable-auto-validation
@@ -18179,50 +18187,6 @@ $as_echo "#define DNS_RDATASET_FIXED 1" >>confdefs.h
 		;;
 esac
 
-#
-# Enable response policy rewriting using NS IP addresses
-#
-# Check whether --enable-rpz-nsip was given.
-if test "${enable_rpz_nsip+set}" = set; then :
-  enableval=$enable_rpz_nsip; enable_nsip="$enableval"
-else
-  enable_nsip="yes"
-fi
-
-case "$enable_nsip" in
-	yes)
-
-$as_echo "#define ENABLE_RPZ_NSIP 1" >>confdefs.h
-
-		;;
-	no)
-		;;
-	*)
-		;;
-esac
-
-#
-# Enable response policy rewriting using NS name
-#
-# Check whether --enable-rpz-nsdname was given.
-if test "${enable_rpz_nsdname+set}" = set; then :
-  enableval=$enable_rpz_nsdname; enable_nsdname="$enableval"
-else
-  enable_nsdname="yes"
-fi
-
-case "$enable_nsdname" in
-	yes)
-
-$as_echo "#define ENABLE_RPZ_NSDNAME 1" >>confdefs.h
-
-		;;
-	no)
-		;;
-	*)
-		;;
-esac
-
 #
 # Activate dnstap?
 #

configure.ac

@@ -2034,42 +2034,6 @@ case "$enable_fixed" in
 		;;
 esac
 
-#
-# Enable response policy rewriting using NS IP addresses
-#
-AC_ARG_ENABLE(rpz-nsip,
-	      AS_HELP_STRING([--disable-rpz-nsip],
-			     [disable rpz nsip rules [default=enabled]]),
-	      enable_nsip="$enableval", enable_nsip="yes")
-case "$enable_nsip" in
-	yes)
-		AC_DEFINE(ENABLE_RPZ_NSIP, 1,
-			  [Define to enable rpz nsip rules.])
-		;;
-	no)
-		;;
-	*)
-		;;
-esac
-
-#
-# Enable response policy rewriting using NS name
-#
-AC_ARG_ENABLE(rpz-nsdname,
-	      AS_HELP_STRING([--disable-rpz-nsdname],
-			     [disable rpz nsdname rules [default=enabled]]),
-	      enable_nsdname="$enableval", enable_nsdname="yes")
-case "$enable_nsdname" in
-	yes)
-		AC_DEFINE(ENABLE_RPZ_NSDNAME, 1,
-			  [Define to enable rpz nsdname rules.])
-		;;
-	no)
-		;;
-	*)
-		;;
-esac
-
 #
 # Activate dnstap?
 #

win32utils/Configure

@@ -194,8 +194,6 @@ my %configdefh;
 my @substdefh = ("AES_CC",
                  "CONFIGARGS",
                  "DNS_RDATASET_FIXED",
-                 "ENABLE_RPZ_NSDNAME",
-                 "ENABLE_RPZ_NSIP",
                  "HAVE_GEOIP",
                  "HAVE_GEOIP_CITY_V6",
                  "HAVE_GEOIP_V6",
@@ -360,9 +358,7 @@ my @enablelist = ("developer",
                   "isc-spnego",
                   "native-pkcs11",
                   "openssl-hash",
-                  "querytrace",
-                  "rpz-nsdname",
-                  "rpz-nsip");
+                  "querytrace");
 
 # with-xxx/without-xxx
 
@@ -419,8 +415,6 @@ my @help = (
 "  enable-fixed-rrset    enable fixed rrset ordering [default=no]\n",
 "  enable-developer      enable developer build settings [default=no]\n",
 "  enable-querytrace     enable very verbose query trace [default=no]\n",
-"  enable-rpz-nsip       enable rpz-nsip rules [default=yes]\n",
-"  enable-rpz-nsdname    enable rpz-nsdname rules [default=yes]\n",
 "\nOptional Packages:\n",
 "  with-tests            build with test suite\n",
 "  with-extra-tests      build with extra test suite\n",
@@ -677,14 +671,6 @@ sub myenable {
         if ($val =~ /^yes$/i) {
             $enable_querytrace = "yes";
         }
-    } elsif ($key =~ /^rpz-nsip$/i) {
-        if ($val =~ /^no$/i) {
-            $enable_rpz_nsip = "no";
-        }
-    } elsif ($key =~ /^rpz-nsdname$/i) {
-        if ($val =~ /^no$/i) {
-            $enable_rpz_nsdname = "no";
-        }
     } elsif ($key =~ /^auto-validation$/i) {
 	if ($val =~ /^no$/i) {
 	    $validation_default = "yes";
@@ -940,16 +926,6 @@ if ($verbose) {
     } else {
         print "querytrace: disabled\n";
     }
-    if ($enable_rpz_nsip eq "yes") {
-        print "rpz-nsip: enabled\n";
-    } else {
-        print "rpz-nsip: disabled\n";
-    }
-    if ($enable_rpz_nsdname eq "yes") {
-        print "rpz-nsdname: enabled\n";
-    } else {
-        print "rpz-nsdname: disabled\n";
-    }
     print "cookie algorithm: $cookie_algorithm\n";
     print "openssl-path: $openssl_path\n";
     if ($use_tests eq "yes") {
@@ -1269,21 +1245,11 @@ if ($enable_fixed_rrset eq "yes") {
     $configdefh{"DNS_RDATASET_FIXED"} = 1;
 }
 
-# enable-rpz-nsip
-if ($enable_rpz_nsip ne "no") {
-    $configdefh{"ENABLE_RPZ_NSIP"} = 1;
-}
-
 # enable-querytrace
 if ($enable_querytrace eq "yes") {
     $configdefh{"WANT_QUERYTRACE"} = 1;
 }
 
-# enable-rpz-nsdname
-if ($enable_rpz_nsdname ne "no") {
-    $configdefh{"ENABLE_RPZ_NSDNAME"} = 1;
-}
-
 # with-tests
 if ($use_tests eq "yes") {
     $configcond{"TESTS"} = 1;
@@ -2965,8 +2931,6 @@ exit 0;
 #  --enable-isc-spnego supported (part of GSSAPI)
 #  --enable-fixed-rrset supported
 #  --enable-querytrace supported
-#  --disable-rpz-nsip supported
-#  --disable-rpz-nsdname supported
 #  --enable-full-report supported by verbose
 #  --enable-dnstap not supported (requires libfstrm support on WIN32)
 #  --enable-afl not supported (not yet available on Visual Studio C++)