diff --git a/CHANGES b/CHANGES index 7625094c3d..5383561a78 100644 --- a/CHANGES +++ b/CHANGES @@ -1,6 +1,8 @@ -1666. [placeholder] rt10838 +1666. [bug] The optional port on hostnames in dual-stack-servers + was being ignored. -1665. [placeholder] rt10838 +1665. [func] rndc now allows addresses to be set in the + server clauses. 1664. [bug] nsupdate needed KEY for SIG(0), not DNSKEY. diff --git a/bin/named/server.c b/bin/named/server.c index a391ceff17..b642739b8c 100644 --- a/bin/named/server.c +++ b/bin/named/server.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: server.c,v 1.427 2004/06/04 02:31:40 marka Exp $ */ +/* $Id: server.c,v 1.428 2004/06/18 04:38:45 marka Exp $ */ #include @@ -1368,7 +1368,7 @@ configure_alternates(cfg_obj_t *config, dns_view_t *view, CHECK(dns_name_fromtext(name, &buffer, dns_rootname, ISC_FALSE, NULL)); - portobj = cfg_tuple_get(alternates, "port"); + portobj = cfg_tuple_get(alternate, "port"); if (cfg_obj_isuint32(portobj)) { isc_uint32_t val = cfg_obj_asuint32(portobj); if (val > ISC_UINT16_MAX) { diff --git a/bin/rndc/rndc.c b/bin/rndc/rndc.c index 33ddc2965d..37bfd8d33c 100644 --- a/bin/rndc/rndc.c +++ b/bin/rndc/rndc.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: rndc.c,v 1.96 2004/03/05 04:58:20 marka Exp $ */ +/* $Id: rndc.c,v 1.97 2004/06/18 04:38:46 marka Exp $ */ /* * Principal Author: DCL @@ -132,11 +132,12 @@ Version: %s\n", static void get_addresses(const char *host, in_port_t port) { isc_result_t result; + int found = 0, count; - isc_app_block(); - result = bind9_getaddresses(servername, port, - serveraddrs, SERVERADDRS, &nserveraddrs); - isc_app_unblock(); + count = SERVERADDRS - nserveraddrs; + result = bind9_getaddresses(host, port, &serveraddrs[nserveraddrs], + count, &found); + nserveraddrs += found; if (result != ISC_R_SUCCESS) fatal("couldn't get address for '%s': %s", host, isc_result_totext(result)); @@ -365,8 +366,6 @@ static void rndc_start(isc_task_t *task, isc_event_t *event) { isc_event_free(&event); - get_addresses(servername, (in_port_t) remoteport); - currentaddr = 0; rndc_startconnect(&serveraddrs[currentaddr++], task); } @@ -377,6 +376,7 @@ parse_config(isc_mem_t *mctx, isc_log_t *log, const char *keyname, { isc_result_t result; const char *conffile = admin_conffile; + cfg_obj_t *addresses = NULL; cfg_obj_t *defkey = NULL; cfg_obj_t *options = NULL; cfg_obj_t *servers = NULL; @@ -393,6 +393,7 @@ parse_config(isc_mem_t *mctx, isc_log_t *log, const char *keyname, static char secretarray[1024]; const cfg_type_t *conftype = &cfg_type_rndcconf; isc_boolean_t key_only = ISC_FALSE; + cfg_listelt_t *element; if (! isc_file_exists(conffile)) { conffile = admin_keyfile; @@ -510,10 +511,62 @@ parse_config(isc_mem_t *mctx, isc_log_t *log, const char *keyname, if (defport != NULL) { remoteport = cfg_obj_asuint32(defport); if (remoteport > 65535 || remoteport == 0) - fatal("port %d out of range", remoteport); + fatal("port %u out of range", remoteport); } else if (remoteport == 0) remoteport = NS_CONTROL_PORT; + if (server != NULL) + result = cfg_map_get(server, "addresses", &addresses); + else + result = ISC_R_NOTFOUND; + if (result == ISC_R_SUCCESS) { + for (element = cfg_list_first(addresses); + element != NULL; + element = cfg_list_next(element)) + { + + cfg_obj_t *address = cfg_listelt_value(element); + isc_sockaddr_t sa; + + if (!cfg_obj_issockaddr(address)) { + unsigned int myport; + const char *name; + cfg_obj_t *obj; + + obj = cfg_tuple_get(address, "name"); + name = cfg_obj_asstring(obj); + obj = cfg_tuple_get(address, "port"); + if (cfg_obj_isuint32(obj)) { + myport = cfg_obj_asuint32(obj); + if (myport > ISC_UINT16_MAX || + myport == 0) + fatal("port %u out of range", + myport); + } else + myport = remoteport; + if (nserveraddrs < SERVERADDRS) + get_addresses(name, (in_port_t) myport); + else + fprintf(stderr, "too many address: " + "%s: dropped\n", name); + continue; + } + sa = *cfg_obj_assockaddr(address); + if (isc_sockaddr_getport(&sa) == 0) + isc_sockaddr_setport(&sa, remoteport); + if (nserveraddrs < SERVERADDRS) + serveraddrs[nserveraddrs++] = sa; + else { + char socktext[ISC_SOCKADDR_FORMATSIZE]; + + isc_sockaddr_format(&sa, socktext, + sizeof(socktext)); + fprintf(stderr, + "too many address: %s: dropped\n", + socktext); + } + } + } *configp = config; } @@ -654,6 +707,9 @@ main(int argc, char **argv) { if (strcmp(command, "restart") == 0) fatal("'%s' is not implemented", command); + if (nserveraddrs == 0) + get_addresses(servername, (in_port_t) remoteport); + DO("post event", isc_app_onrun(mctx, task, rndc_start, NULL)); result = isc_app_run(); diff --git a/bin/rndc/rndc.conf b/bin/rndc/rndc.conf index 6a54341556..de4235e15e 100644 --- a/bin/rndc/rndc.conf +++ b/bin/rndc/rndc.conf @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: rndc.conf,v 1.8 2004/03/05 04:58:20 marka Exp $ */ +/* $Id: rndc.conf,v 1.9 2004/06/18 04:38:46 marka Exp $ */ /* * Sample rndc configuration file. @@ -30,6 +30,17 @@ server localhost { key "key"; }; +key "cc64b3d1db63fc88d7cb5d2f9f57d258" { + algorithm hmac-md5; + secret "34f88008d07deabbe65bd01f1d233d47"; +}; + +server "test1" { + key "cc64b3d1db63fc88d7cb5d2f9f57d258"; + port 5353; + addresses { 10.53.0.1; }; +}; + key "key" { algorithm hmac-md5; secret "c3Ryb25nIGVub3VnaCBmb3IgYSBtYW4gYnV0IG1hZGUgZm9yIGEgd29tYW4K"; diff --git a/bin/rndc/rndc.conf.docbook b/bin/rndc/rndc.conf.docbook index dd9758b6a5..58a910ee22 100644 --- a/bin/rndc/rndc.conf.docbook +++ b/bin/rndc/rndc.conf.docbook @@ -16,7 +16,7 @@ - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -86,12 +86,15 @@ will be used to connect. - After the keyword, the server statement - includes a string which is the hostname or address for a name - server. The statement has two possible clauses: - and . The key name must - match the name of a key statement in the file. The port number - specifies the port to connect to. + After the keyword, the server + statement includes a string which is the hostname or address + for a name server. The statement has three possible clauses: + , and + . The key name must match the + name of a key statement in the file. The port number + specifies the port to connect to. If an + clause is supplied these addresses will be used instead of + the server name. Each address can take a optional port. The statement begins with an identifying @@ -118,7 +121,7 @@ EXAMPLE - options { + options { default-server localhost; default-key samplekey; }; @@ -127,10 +130,20 @@ key samplekey; }; + server testserver { + key testkey; + addresses { localhost port 5353; }; + }; + key samplekey { algorithm hmac-md5; - secret "c3Ryb25nIGVub3VnaCBmb3IgYSBtYW4gYnV0IG1hZGUgZm9yIGEgd29tYW4K"; + secret "6FMfj43Osz4lyb24OIe2iGEz9lf1llJO+lz"; }; + + key testkey { + algorithm hmac-md5; + secret "R3HI8P6BKw9ZwXwN3VZKuQ=="; + } @@ -142,6 +155,10 @@ uses the HMAC-MD5 algorithm and its secret clause contains the base-64 encoding of the HMAC-MD5 secret enclosed in double quotes. + + If rndc -s testserver is used then rndc will + connect to server on localhost port 5353 using the key testkey. + To generate a random secret with rndc-confgen: diff --git a/lib/isccfg/namedconf.c b/lib/isccfg/namedconf.c index 759e199b3e..9059656f7b 100644 --- a/lib/isccfg/namedconf.c +++ b/lib/isccfg/namedconf.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: namedconf.c,v 1.34 2004/06/04 02:31:43 marka Exp $ */ +/* $Id: namedconf.c,v 1.35 2004/06/18 04:38:45 marka Exp $ */ #include @@ -70,6 +70,7 @@ static cfg_type_t cfg_type_acl; static cfg_type_t cfg_type_addrmatchelt; static cfg_type_t cfg_type_bracketed_aml; static cfg_type_t cfg_type_bracketed_namesockaddrkeylist; +static cfg_type_t cfg_type_bracketed_sockaddrnameportlist; static cfg_type_t cfg_type_bracketed_sockaddrlist; static cfg_type_t cfg_type_controls; static cfg_type_t cfg_type_controls_sockaddr; @@ -1708,6 +1709,7 @@ static cfg_clausedef_t rndcconf_server_clauses[] = { { "key", &cfg_type_astring, 0 }, { "port", &cfg_type_uint32, 0 }, + { "addresses", &cfg_type_bracketed_sockaddrnameportlist, 0 }, { NULL, NULL, 0 } };