762. [feature] named now uses the new configuration parser.

CHANGES

@@ -1,4 +1,6 @@
 
+ 762.	[feature]	named now uses the new configuration parser.
+
  761.	[bug]		_REENTRANT was still defined when building with
 			--disable-threads.
 

bin/named/Makefile.in

@@ -13,7 +13,7 @@
 # NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
 # WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 
-# $Id: Makefile.in,v 1.67 2001/02/04 15:52:39 bwelling Exp $
+# $Id: Makefile.in,v 1.68 2001/03/04 21:21:19 bwelling Exp $
 
 srcdir =	@srcdir@
 VPATH =		@srcdir@
@@ -32,34 +32,37 @@ DBDRIVER_INCLUDES =
 DBDRIVER_LIBS =
 
 CINCLUDES =	-I${srcdir}/include -I${srcdir}/unix/include \
-		${LWRES_INCLUDES} ${DNS_INCLUDES} ${ISC_INCLUDES} \
+		${LWRES_INCLUDES} ${OMAPI_INCLUDES} ${DNS_INCLUDES} \
-		${OMAPI_INCLUDES} ${DBDRIVER_INCLUDES}
+		${ISCCFG_INCLUDES} ${ISC_INCLUDES} ${DBDRIVER_INCLUDES}
 
 CDEFINES =
 CWARNINGS =
 
 OMAPILIBS =	../../lib/omapi/libomapi.@A@
 DNSLIBS =	../../lib/dns/libdns.@A@ @DNS_OPENSSL_LIBS@ @DNS_GSSAPI_LIBS@
+ISCCFGLIBS =	../../lib/isccfg/libisccfg.@A@
 ISCLIBS =	../../lib/isc/libisc.@A@
 LWRESLIBS =	../../lib/lwres/liblwres.@A@
 
 OMAPIDEPLIBS =	../../lib/omapi/libomapi.@A@
 DNSDEPLIBS =	../../lib/dns/libdns.@A@
+ISCCFGDEPLIBS =	../../lib/isccfg/libisccfg.@A@
 ISCDEPLIBS =	../../lib/isc/libisc.@A@
 LWRESDEPLIBS =	../../lib/lwres/liblwres.@A@
 
-DEPLIBS =	${LWRESDEPLIBS} ${OMAPIDEPLIBS} ${DNSDEPLIBS} ${ISCDEPLIBS}
+DEPLIBS =	${LWRESDEPLIBS} ${OMAPIDEPLIBS} ${DNSDEPLIBS} \
+		${ISCCFGDEPLIBS} ${ISCDEPLIBS}
 
-LIBS =		${LWRESLIBS} ${OMAPILIBS} ${DNSLIBS} ${ISCLIBS} \
+LIBS =		${LWRESLIBS} ${OMAPILIBS} ${DNSLIBS} \
-		${DBDRIVER_LIBS} @LIBS@
+		${ISCCFGLIBS} ${ISCLIBS} ${DBDRIVER_LIBS} @LIBS@
 
 SUBDIRS =	unix
 
 TARGETS =	named lwresd
 
-OBJS =		aclconf.@O@ client.@O@ interfacemgr.@O@ listenlist.@O@ \
+OBJS =		aclconf.@O@ client.@O@ config.@O@ interfacemgr.@O@ \
-		log.@O@ logconf.@O@ main.@O@ notify.@O@ omapi.@O@ \
+		listenlist.@O@ log.@O@ logconf.@O@ main.@O@ notify.@O@ \
-		omapiconf.@O@ query.@O@ server.@O@ sortlist.@O@ \
+		omapi.@O@ omapiconf.@O@ query.@O@ server.@O@ sortlist.@O@ \
 		tkeyconf.@O@ tsigconf.@O@ update.@O@ xfrout.@O@ \
 		zoneconf.@O@ \
 		lwaddr.@O@ lwresd.@O@ lwdclient.@O@ lwderror.@O@ lwdgabn.@O@ \
@@ -68,9 +71,9 @@ OBJS =		aclconf.@O@ client.@O@ interfacemgr.@O@ listenlist.@O@ \
 
 UOBJS =		unix/os.@O@
 
-SRCS =		aclconf.c client.c interfacemgr.c listenlist.c \
+SRCS =		aclconf.c client.c config.c interfacemgr.c \
-		log.c logconf.c main.c notify.c omapi.c \
+		listenlist.c log.c logconf.c main.c notify.c \
-		omapiconf.c query.c server.c sortlist.c \
+		omapi.c omapiconf.c query.c server.c sortlist.c \
 		tkeyconf.c tsigconf.c update.c xfrout.c \
 		zoneconf.c \
 		lwaddr.c lwresd.c lwdclient.c lwderror.c lwdgabn.c \
@@ -86,6 +89,11 @@ main.@O@: main.c
 		-DNS_LOCALSTATEDIR=\"${localstatedir}\" \
 		-DNS_SYSCONFDIR=\"${sysconfdir}\" -c ${srcdir}/main.c
 
+config.@O@: config.c
+	${LIBTOOL} ${CC} ${ALL_CFLAGS} -DVERSION=\"${VERSION}\" \
+		-DNS_LOCALSTATEDIR=\"${localstatedir}\" \
+		-c ${srcdir}/config.c
+
 named: ${OBJS} ${UOBJS} ${DEPLIBS}
 	${LIBTOOL} ${PURIFY} ${CC} ${CFLAGS} -o $@ ${OBJS} ${UOBJS} ${LIBS}
 

bin/named/aclconf.c

@@ -15,7 +15,7 @@
  * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: aclconf.c,v 1.25 2001/01/09 21:39:39 bwelling Exp $ */
+/* $Id: aclconf.c,v 1.26 2001/03/04 21:21:20 bwelling Exp $ */
 
 #include <config.h>
 
@@ -46,34 +46,59 @@ ns_aclconfctx_destroy(ns_aclconfctx_t *ctx) {
 	}
 }
 
+/*
+ * Find the definition of the named acl whose name is "name".
+ */
 static isc_result_t
-convert_named_acl(char *aclname, dns_c_ctx_t *cctx,
+get_acl_def(cfg_obj_t *cctx, char *name, cfg_obj_t **ret) {
+	isc_result_t result;
+	cfg_obj_t *acls = NULL;
+	cfg_listelt_t *elt;
+	
+	result = cfg_map_get(cctx, "acl", &acls);
+	if (result != ISC_R_SUCCESS)
+		return (result);
+	for (elt = cfg_list_first(acls);
+	     elt != NULL;
+	     elt = cfg_list_next(elt)) {
+		cfg_obj_t *acl = cfg_listelt_value(elt);
+		const char *aclname = cfg_obj_asstring(cfg_tuple_get(acl, "name"));
+		if (strcasecmp(aclname, name) == 0) {
+			*ret = cfg_tuple_get(acl, "value");
+			return (ISC_R_SUCCESS);
+		}
+	}
+	return (ISC_R_NOTFOUND);
+}
+
+static isc_result_t
+convert_named_acl(cfg_obj_t *nameobj, cfg_obj_t *cctx,
 		  ns_aclconfctx_t *ctx, isc_mem_t *mctx,
 		  dns_acl_t **target)
 {
 	isc_result_t result;
-	dns_c_acl_t *cacl;
+	cfg_obj_t *cacl = NULL;
 	dns_acl_t *dacl;
+	char *aclname = cfg_obj_asstring(nameobj);
 
 	/* Look for an already-converted version. */
 	for (dacl = ISC_LIST_HEAD(ctx->named_acl_cache);
 	     dacl != NULL;
 	     dacl = ISC_LIST_NEXT(dacl, nextincache))
 	{
-		if (strcmp(aclname, dacl->name) == 0) {
+		if (strcasecmp(aclname, dacl->name) == 0) {
 			dns_acl_attach(dacl, target);
 			return (ISC_R_SUCCESS);
 		}
 	}
 	/* Not yet converted.  Convert now. */
-	result = dns_c_acltable_getacl(cctx->acls, aclname, &cacl);
+	result = get_acl_def(cctx, aclname, &cacl);
 	if (result != ISC_R_SUCCESS) {
-		isc_log_write(dns_lctx, DNS_LOGCATEGORY_SECURITY,
+		cfg_obj_log(nameobj, dns_lctx, ISC_LOG_WARNING,
-			      DNS_LOGMODULE_ACL, ISC_LOG_WARNING,
+			    "undefined ACL '%s'", aclname);
-			      "undefined ACL '%s'", aclname);
 		return (result);
 	}
-	result = ns_acl_fromconfig(cacl->ipml, cctx, ctx, mctx, &dacl);
+	result = ns_acl_fromconfig(cacl, cctx, ctx, mctx, &dacl);
 	if (result != ISC_R_SUCCESS)
 		return (result);
 	dacl->name = isc_mem_strdup(dacl->mctx, aclname);
@@ -85,11 +110,12 @@ convert_named_acl(char *aclname, dns_c_ctx_t *cctx,
 }
 
 static isc_result_t
-convert_keyname(char *txtname, isc_mem_t *mctx, dns_name_t *dnsname) {
+convert_keyname(cfg_obj_t *keyobj, isc_mem_t *mctx, dns_name_t *dnsname) {
 	isc_result_t result;
 	isc_buffer_t buf;
 	dns_fixedname_t fixname;
 	unsigned int keylen;
+	const char *txtname = cfg_obj_asstring(keyobj);
 
 	keylen = strlen(txtname);
 	isc_buffer_init(&buf, txtname, keylen);
@@ -98,34 +124,33 @@ convert_keyname(char *txtname, isc_mem_t *mctx, dns_name_t *dnsname) {
 	result = dns_name_fromtext(dns_fixedname_name(&fixname), &buf,
 				   dns_rootname, ISC_FALSE, NULL);
 	if (result != ISC_R_SUCCESS) {
-		isc_log_write(dns_lctx, DNS_LOGCATEGORY_SECURITY,
+		cfg_obj_log(keyobj, dns_lctx, ISC_LOG_WARNING,
-			      DNS_LOGMODULE_ACL, ISC_LOG_WARNING,
+			    "key name '%s' is not a valid domain name",
-			      "key name \"%s\" is not a valid domain name",
+			    txtname);
-			      txtname);
 		return (result);
 	}
 	return (dns_name_dup(dns_fixedname_name(&fixname), mctx, dnsname));
 }
 
 isc_result_t
-ns_acl_fromconfig(dns_c_ipmatchlist_t *caml,
+ns_acl_fromconfig(cfg_obj_t *caml,
-		   dns_c_ctx_t *cctx,
+		  cfg_obj_t *cctx,
-		   ns_aclconfctx_t *ctx,
+		  ns_aclconfctx_t *ctx,
-		   isc_mem_t *mctx,
+		  isc_mem_t *mctx,
-		   dns_acl_t **target)
+		  dns_acl_t **target)
 {
 	isc_result_t result;
 	unsigned int count;
 	dns_acl_t *dacl = NULL;
 	dns_aclelement_t *de;
-	dns_c_ipmatchelement_t *ce;
+	cfg_listelt_t *elt;
 
 	REQUIRE(target != NULL && *target == NULL);
 
 	count = 0;
-	for (ce = ISC_LIST_HEAD(caml->elements);
+	for (elt = cfg_list_first(caml);
-	     ce != NULL;
+	     elt != NULL;
-	     ce = ISC_LIST_NEXT(ce, next))
+	     elt = cfg_list_next(elt))
 		count++;
 
 	result = dns_acl_create(mctx, count, &dacl);
@@ -133,59 +158,63 @@ ns_acl_fromconfig(dns_c_ipmatchlist_t *caml,
 		return (result);
 
 	de = dacl->elements;
-	for (ce = ISC_LIST_HEAD(caml->elements);
+	for (elt = cfg_list_first(caml);
-	     ce != NULL;
+	     elt != NULL;
-	     ce = ISC_LIST_NEXT(ce, next))
+	     elt = cfg_list_next(elt))
 	{
-		de->negative = dns_c_ipmatchelement_isneg(ce);
+		cfg_obj_t *ce = cfg_listelt_value(elt);
-		switch (ce->type) {
+		if (cfg_obj_istuple(ce)) {
-		case dns_c_ipmatch_pattern:
+			/* This must be a negated element. */
+			ce = cfg_tuple_get(ce, "value");
+			de->negative = ISC_TRUE;
+		} else {
+			de->negative = ISC_FALSE;
+		}
+
+		if (cfg_obj_isnetprefix(ce)) {
+			/* Network prefix */
 			de->type = dns_aclelementtype_ipprefix;
-			isc_netaddr_fromsockaddr(&de->u.ip_prefix.address,
+
-						 &ce->u.direct.address);
+			cfg_obj_asnetprefix(ce,
-			/* XXX "mask" is a misnomer */
+					    &de->u.ip_prefix.address,
-			de->u.ip_prefix.prefixlen = ce->u.direct.mask;
+					    &de->u.ip_prefix.prefixlen);
-			break;
+		} else if (cfg_obj_istype(ce, &cfg_type_keyref)) {
-		case dns_c_ipmatch_key:
+			/* Key name */
 			de->type = dns_aclelementtype_keyname;
 			dns_name_init(&de->u.keyname, NULL);
-			result = convert_keyname(ce->u.key, mctx,
+			result = convert_keyname(ce, mctx, &de->u.keyname);
-						 &de->u.keyname);
 			if (result != ISC_R_SUCCESS)
 				goto cleanup;
-			break;
+		} else if (cfg_obj_islist(ce)) {
-		case dns_c_ipmatch_indirect:
+			/* Nested ACL */
 			de->type = dns_aclelementtype_nestedacl;
-			result = ns_acl_fromconfig(ce->u.indirect.list,
+			result = ns_acl_fromconfig(ce, cctx, ctx, mctx,
-						    cctx, ctx, mctx,
-						    &de->u.nestedacl);
-			if (result != ISC_R_SUCCESS)
-				goto cleanup;
-			break;
-		case dns_c_ipmatch_localhost:
-			de->type = dns_aclelementtype_localhost;
-			break;
-
-		case dns_c_ipmatch_any:
-			de->type = dns_aclelementtype_any;
-			break;
-
-		case dns_c_ipmatch_localnets:
-			de->type = dns_aclelementtype_localnets;
-			break;
-		case dns_c_ipmatch_acl:
-			de->type = dns_aclelementtype_nestedacl;
-			result = convert_named_acl(ce->u.aclname,
-						   cctx, ctx, mctx,
 						   &de->u.nestedacl);
 			if (result != ISC_R_SUCCESS)
 				goto cleanup;
-			break;
+		} else if (cfg_obj_isstring(ce)) {
-		default:
+			/* ACL name */
-			isc_log_write(dns_lctx, DNS_LOGCATEGORY_SECURITY,
+			char *name = cfg_obj_asstring(ce);
-				      DNS_LOGMODULE_ACL, ISC_LOG_WARNING,
+			if (strcasecmp(name, "localhost") == 0) {
-				      "address match list contains "
+				de->type = dns_aclelementtype_localhost;
-				      "unsupported element type");
+			} else if (strcasecmp(name, "localnets") == 0) {
+				de->type = dns_aclelementtype_localnets;
+			}  else if (strcasecmp(name, "any") == 0) {
+				de->type = dns_aclelementtype_any;
+			}  else if (strcasecmp(name, "none") == 0) {
+				de->type = dns_aclelementtype_any;
+				de->negative = ! de->negative;
+			} else {
+				de->type = dns_aclelementtype_nestedacl;
+				result = convert_named_acl(ce, cctx, ctx, mctx,
+							   &de->u.nestedacl);
+				if (result != ISC_R_SUCCESS)
+					goto cleanup;
+			}
+		} else {
+			cfg_obj_log(ce, dns_lctx, ISC_LOG_WARNING,
+				    "address match list contains "
+				    "unsupported element type");
 			result = ISC_R_FAILURE;
 			goto cleanup;
 		}

bin/named/config.c

@@ -0,0 +1,432 @@
+/*
+ * Copyright (C) 2001  Internet Software Consortium.
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
+ * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
+ * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
+ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
+ * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
+ * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
+ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/* $Id: config.c,v 1.1 2001/03/04 21:21:21 bwelling Exp $ */
+
+#include <stdlib.h>
+#include <string.h>
+
+#include <isc/buffer.h>
+#include <isc/log.h>
+#include <isc/mem.h>
+#include <isc/region.h>
+#include <isc/result.h>
+#include <isc/sockaddr.h>
+#include <isc/util.h>
+
+#include <isccfg/cfg.h>
+
+#include <dns/fixedname.h>
+#include <dns/name.h>
+#include <dns/rdataclass.h>
+#include <dns/zone.h>
+
+#include <named/config.h>
+#include <named/globals.h>
+
+static char defaultconf[] = "
+options {
+#	blackhole {none;};
+	coresize default;
+	datasize default;
+	deallocate-on-exit true;
+#	directory <none>
+	dump-file \"named_dump.db\";
+	fake-iquery no;
+	files default;
+	has-old-clients false;
+	heartbeat-interval 3600;
+	host-statistics no;
+	interface-interval 3600;
+	listen-on {any;};
+	listen-on-v6 {none;};
+	memstatistics-file \"named.memstats\";
+	multiple-cnames no;
+#	named-xfer <obsolete>
+#	pid-file \"" NS_LOCALSTATEDIR "/named.pid\"; /* or /lwresd.pid */
+	port 53;
+"
+#ifdef PATH_RANDOMDEV
+"
+	random-device \"" PATH_RANDOMDEV "\";
+"
+#endif
+"
+	recursive-clients 1000;
+	rrset-order {order cyclic;};
+	serial-queries 20;
+	stacksize default;
+	statistics-file \"named.stats\";
+	statistics-interval 3600;
+	tcp-clients 100;
+#	tkey-dhkey <none>
+#	tkey-gssapi-credential <none>
+#	tkey-domain <none>
+	transfers-per-ns 2;
+	transfers-in 10;
+	transfers-out 10;
+	treat-cr-as-space true;
+	use-id-pool true;
+	use-ixfr true;
+	version \""VERSION"\";
+
+	/* view */
+	allow-notify {none;};
+	allow-update-forwarding {none;};
+	allow-recursion {any;};
+	allow-v6-synthesis {none;};
+#	sortlist <none>
+#	topology <none>
+	auth-nxdomain false;
+	recursion true;
+	provide-ixfr true;
+	request-ixfr true;
+	fetch-glue no;
+	rfc2308-type1 no;
+	additional-from-auth true;
+	additional-from-cache true;
+	query-source address *;
+	query-source-v6 address *;
+	notify-source *;
+	notify-source-v6 *;
+	cleaning-interval 3600;
+	min-roots 2;
+	lame-ttl 600;
+	max-ncache-ttl 10800; /* 3 hours */
+	max-cache-ttl 604800; /* 1 week */
+	transfer-format many-answers;
+	max-cache-size 0;
+	check-names master ignore;
+	check-names slave ignore;
+	check-names response ignore;
+
+	/* zone */
+	allow-query {any;};
+	allow-transfer {any;};
+	notify yes;
+#	also-notify <none>
+	dialup no;
+#	forward <none>
+#	forwarders <none>
+	maintain-ixfr-base no;
+#	max-ixfr-log-size <obsolete>
+	transfer-source *;
+	transfer-source-v6 *;
+	max-transfer-time-in 7200;
+	max-transfer-time-out 7200;
+	max-transfer-idle-in 3600;
+	max-transfer-idle-out 3600;
+	max-retry-time 1209600; /* 2 weeks */
+	min-retry-time 500;
+	max-refresh-time 2419200; /* 4 weeks */
+	min-refresh-time 300;
+	sig-validity-interval 30; /* days */
+	zone-statistics false;
+};";
+
+isc_result_t
+ns_config_parsedefaults(cfg_parser_t *parser, cfg_obj_t **conf) {
+	isc_buffer_t b;
+
+	isc_buffer_init(&b, defaultconf, sizeof(defaultconf) - 1);
+	isc_buffer_add(&b, sizeof(defaultconf) - 1);
+	return (cfg_parse_buffer(parser, &b, &cfg_type_namedconf, conf));
+}
+
+isc_result_t
+ns_config_get(cfg_obj_t **maps, const char* name, cfg_obj_t **obj) {
+	int i;
+
+	for (i = 0; ; i++) {
+		if (maps[i] == NULL)
+			return (ISC_R_NOTFOUND);
+		if (cfg_map_get(maps[i], name, obj) == ISC_R_SUCCESS)
+			return (ISC_R_SUCCESS);
+	}
+}
+
+int
+ns_config_listcount(cfg_obj_t *list) {
+	cfg_listelt_t *e;
+	int i = 0;
+
+	for (e = cfg_list_first(list); e != NULL; e = cfg_list_next(e))
+		i++;
+
+	return (i);
+}
+
+isc_result_t
+ns_config_getclass(cfg_obj_t *classobj, dns_rdataclass_t *classp) {
+	char *str;
+	isc_textregion_t r;
+
+	if (!cfg_obj_isstring(classobj)) {
+		*classp = dns_rdataclass_in;
+		return (ISC_R_SUCCESS);
+	}
+	str = cfg_obj_asstring(classobj);
+	r.base = str;
+	r.length = strlen(str);
+	return (dns_rdataclass_fromtext(classp, &r));
+}
+
+isc_result_t
+ns_config_getzonetype(cfg_obj_t *zonetypeobj) {
+	dns_zonetype_t ztype;
+	char *str;
+
+	str = cfg_obj_asstring(zonetypeobj);
+	if (strcmp(str, "master") == 0)
+		ztype = dns_zone_master;
+	else if (strcmp(str, "slave") == 0)
+		ztype = dns_zone_slave;
+	else if (strcmp(str, "stub") == 0)
+		ztype = dns_zone_stub;
+	else
+		INSIST(0);
+	return (ztype);
+}
+
+isc_result_t
+ns_config_getiplist(cfg_obj_t *config, cfg_obj_t *list,
+		    in_port_t defport, isc_mem_t *mctx,
+		    isc_sockaddr_t **addrsp, isc_uint32_t *countp)
+{
+	int count, i = 0;
+	cfg_obj_t *addrlist;
+	cfg_obj_t *portobj;
+	cfg_listelt_t *element;
+	isc_sockaddr_t *addrs;
+	in_port_t port;
+	isc_result_t result;
+
+	INSIST(addrsp != NULL && *addrsp == NULL);
+
+	addrlist = cfg_tuple_get(list, "addresses");
+	count = ns_config_listcount(addrlist);
+
+	portobj = cfg_tuple_get(list, "port");
+	if (cfg_obj_isuint32(portobj)) {
+		isc_uint32_t val = cfg_obj_asuint32(portobj);
+		if (val > ISC_UINT16_MAX) {
+			cfg_obj_log(portobj, ns_g_lctx, ISC_LOG_ERROR,
+				    "port '%u' out of range", val);
+			return (ISC_R_RANGE);
+		}
+		port = (in_port_t) val;
+	} else if (defport != 0)
+		port = defport;
+	else {
+		result = ns_config_getport(config, &port);
+		if (result != ISC_R_SUCCESS)
+			return (result);
+	}
+
+	addrs = isc_mem_get(mctx, count * sizeof(isc_sockaddr_t));
+	if (addrs == NULL)
+		return (ISC_R_NOMEMORY);
+
+	for (element = cfg_list_first(addrlist);
+	     element != NULL;
+	     element = cfg_list_next(element), i++)
+	{
+		INSIST(i < count);
+		addrs[i] = *cfg_obj_assockaddr(cfg_listelt_value(element));
+		if (isc_sockaddr_getport(&addrs[i]) == 0)
+			isc_sockaddr_setport(&addrs[i], port);
+	}
+	INSIST(i == count);
+
+	*addrsp = addrs;
+	*countp = count;
+
+	return (ISC_R_SUCCESS);
+}
+
+void
+ns_config_putiplist(isc_mem_t *mctx, isc_sockaddr_t **addrsp,
+		    isc_uint32_t count)
+{
+	INSIST(addrsp != NULL && *addrsp != NULL);
+
+	isc_mem_put(mctx, *addrsp, count * sizeof(isc_sockaddr_t));
+	*addrsp = NULL;
+}
+
+isc_result_t
+ns_config_getipandkeylist(cfg_obj_t *config, cfg_obj_t *list, isc_mem_t *mctx,
+			  isc_sockaddr_t **addrsp, dns_name_t ***keysp,
+			  isc_uint32_t *countp)
+{
+	isc_uint32_t count, i = 0;
+	isc_result_t result;
+	cfg_listelt_t *element;
+	cfg_obj_t *addrlist;
+	cfg_obj_t *portobj;
+	in_port_t port;
+	dns_fixedname_t fname;
+	isc_sockaddr_t *addrs = NULL;
+	dns_name_t **keys = NULL;
+
+	INSIST(addrsp != NULL && *addrsp == NULL);
+
+	addrlist = cfg_tuple_get(list, "addresses");
+	count = ns_config_listcount(addrlist);
+
+	portobj = cfg_tuple_get(list, "port");
+	if (cfg_obj_isuint32(portobj)) {
+		isc_uint32_t val = cfg_obj_asuint32(portobj);
+		if (val > ISC_UINT16_MAX) {
+			cfg_obj_log(portobj, ns_g_lctx, ISC_LOG_ERROR,
+				    "port '%u' out of range", val);
+			return (ISC_R_RANGE);
+		}
+		port = (in_port_t) val;
+	} else {
+		result = ns_config_getport(config, &port);
+		if (result != ISC_R_SUCCESS)
+			return (result);
+	}
+
+	result = ISC_R_NOMEMORY;
+
+	addrs = isc_mem_get(mctx, count * sizeof(isc_sockaddr_t));
+	if (addrs == NULL)
+		goto cleanup;
+
+	keys = isc_mem_get(mctx, count * sizeof(dns_name_t *));
+	if (keys == NULL)
+		goto cleanup;
+
+	for (element = cfg_list_first(addrlist);
+	     element != NULL;
+	     element = cfg_list_next(element), i++)
+	{
+		cfg_obj_t *addr;
+		cfg_obj_t *key;
+		char *keystr;
+		isc_buffer_t b;
+
+		INSIST(i < count);
+
+		addr = cfg_tuple_get(cfg_listelt_value(element), "sockaddr");
+		key = cfg_tuple_get(cfg_listelt_value(element), "key");
+
+		addrs[i] = *cfg_obj_assockaddr(addr);
+		if (isc_sockaddr_getport(&addrs[i]) == 0)
+			isc_sockaddr_setport(&addrs[i], port);
+
+		keys[i] = NULL;
+		if (!cfg_obj_isstring(key))
+			continue;
+		keys[i] = isc_mem_get(mctx, sizeof(dns_name_t));
+		if (keys[i] == NULL)
+			goto cleanup;
+		dns_name_init(keys[i], NULL);
+		
+		keystr = cfg_obj_asstring(key);
+		isc_buffer_init(&b, keystr, strlen(keystr));
+		isc_buffer_add(&b, strlen(keystr));
+		dns_fixedname_init(&fname);
+		result = dns_name_fromtext(dns_fixedname_name(&fname), &b,
+					   dns_rootname, ISC_FALSE, NULL);
+		if (result != ISC_R_SUCCESS)
+			goto cleanup;
+		result = dns_name_dup(dns_fixedname_name(&fname), mctx,
+				      keys[i]);
+		if (result != ISC_R_SUCCESS)
+			goto cleanup;
+	}
+	INSIST(i == count);
+
+	*addrsp = addrs;
+	*keysp = keys;
+	*countp = count;
+
+	return (ISC_R_SUCCESS);
+
+ cleanup:
+	if (addrs != NULL)
+		isc_mem_put(mctx, addrs, count * sizeof(isc_sockaddr_t));
+	if (keys != NULL) {
+		unsigned int j;
+		for (j = 0 ; j <= i; j++) {
+			if (keys[j] == NULL)
+				continue;
+			if (dns_name_dynamic(keys[j]))
+				dns_name_free(keys[j], mctx);
+			isc_mem_put(mctx, keys[j], sizeof(dns_name_t));
+		}
+		isc_mem_put(mctx, keys, count * sizeof(dns_name_t *));
+	}
+	return (result);
+}
+
+void
+ns_config_putipandkeylist(isc_mem_t *mctx, isc_sockaddr_t **addrsp,
+			  dns_name_t ***keysp, isc_uint32_t count)
+{
+	unsigned int i;
+	dns_name_t **keys = *keysp;
+
+	INSIST(addrsp != NULL && *addrsp != NULL);
+
+	isc_mem_put(mctx, *addrsp, count * sizeof(isc_sockaddr_t));
+	for (i = 0; i < count; i++) {
+		if (keys[i] == NULL)
+			continue;
+		if (dns_name_dynamic(keys[i]))
+			dns_name_free(keys[i], mctx);
+		isc_mem_put(mctx, keys[i], sizeof(dns_name_t));
+	}
+	isc_mem_put(mctx, *keysp, count * sizeof(dns_name_t *));
+	*addrsp = NULL;
+	*keysp = NULL;
+}
+
+isc_result_t
+ns_config_getport(cfg_obj_t *config, in_port_t *portp) {
+	cfg_obj_t *maps[3];
+	cfg_obj_t *options = NULL;
+	cfg_obj_t *portobj = NULL;
+	isc_result_t result;
+	int i;
+
+	if (ns_g_port != 0) {
+		*portp = ns_g_port;
+		return (ISC_R_SUCCESS);
+	}
+
+	cfg_map_get(config, "options", &options);
+	i = 0;
+	if (options != NULL)
+		maps[i++] = options;
+	maps[i++] = ns_g_defaults;
+	maps[i] = NULL;
+
+	result = ns_config_get(maps, "port", &portobj);
+	INSIST(result == ISC_R_SUCCESS);
+	if (cfg_obj_asuint32(portobj) >= ISC_UINT16_MAX) {
+		cfg_obj_log(portobj, ns_g_lctx, ISC_LOG_ERROR,
+			    "port '%u' out of range",
+			    cfg_obj_asuint32(portobj));
+		return (ISC_R_RANGE);
+	}
+	*portp = (in_port_t)cfg_obj_asuint32(portobj);
+	return (ISC_R_SUCCESS);
+}

bin/named/include/named/aclconf.h

@@ -15,14 +15,15 @@
  * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: aclconf.h,v 1.11 2001/01/09 21:40:11 bwelling Exp $ */
+/* $Id: aclconf.h,v 1.12 2001/03/04 21:21:31 bwelling Exp $ */
 
 #ifndef NS_ACLCONF_H
 #define NS_ACLCONF_H 1
 
 #include <isc/lang.h>
 
-#include <dns/confctx.h>
+#include <isccfg/cfg.h>
+
 #include <dns/types.h>
 
 typedef struct ns_aclconfctx {
@@ -48,8 +49,8 @@ ns_aclconfctx_destroy(ns_aclconfctx_t *ctx);
  */
 
 isc_result_t
-ns_acl_fromconfig(dns_c_ipmatchlist_t *caml,
+ns_acl_fromconfig(cfg_obj_t *caml,
-		  dns_c_ctx_t *cctx,
+		  cfg_obj_t *cctx,
 		  ns_aclconfctx_t *ctx,
 		  isc_mem_t *mctx,
 		  dns_acl_t **target);

bin/named/include/named/config.h

@@ -0,0 +1,66 @@
+/*
+ * Copyright (C) 2001  Internet Software Consortium.
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
+ * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
+ * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
+ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
+ * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
+ * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
+ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/* $Id: config.h,v 1.1 2001/03/04 21:21:32 bwelling Exp $ */
+
+/* $Id: config.h,v 1.1 2001/03/04 21:21:32 bwelling Exp $ */
+
+#ifndef NAMED_CONFIG_H
+#define NAMED_CONFIG_H 1
+
+#include <isccfg/cfg.h>
+
+#include <dns/types.h>
+#include <dns/zone.h>
+
+isc_result_t
+ns_config_parsedefaults(cfg_parser_t *parser, cfg_obj_t **conf);
+
+isc_result_t
+ns_config_get(cfg_obj_t **maps, const char* name, cfg_obj_t **obj);
+
+int
+ns_config_listcount(cfg_obj_t *list);
+
+isc_result_t
+ns_config_getclass(cfg_obj_t *classobj, dns_rdataclass_t *classp);
+
+dns_zonetype_t
+ns_config_getzonetype(cfg_obj_t *zonetypeobj);
+
+isc_result_t
+ns_config_getiplist(cfg_obj_t *config, cfg_obj_t *list,
+		    in_port_t defport, isc_mem_t *mctx,
+		    isc_sockaddr_t **addrsp, isc_uint32_t *countp);
+
+void
+ns_config_putiplist(isc_mem_t *mctx, isc_sockaddr_t **addrsp,
+		    isc_uint32_t count);
+
+isc_result_t
+ns_config_getipandkeylist(cfg_obj_t *config, cfg_obj_t *list, isc_mem_t *mctx,
+			  isc_sockaddr_t **addrsp, dns_name_t ***keys,
+			  isc_uint32_t *countp);
+
+void
+ns_config_putipandkeylist(isc_mem_t *mctx, isc_sockaddr_t **addrsp,
+			  dns_name_t ***keys, isc_uint32_t count);
+
+isc_result_t
+ns_config_getport(cfg_obj_t *config, in_port_t *portp);
+
+#endif /* NAMED_CONFIG_H */

bin/named/include/named/globals.h

@@ -15,7 +15,7 @@
  * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: globals.h,v 1.52 2001/01/09 21:40:13 bwelling Exp $ */
+/* $Id: globals.h,v 1.53 2001/03/04 21:21:32 bwelling Exp $ */
 
 #ifndef NAMED_GLOBALS_H
 #define NAMED_GLOBALS_H 1
@@ -24,6 +24,8 @@
 #include <isc/log.h>
 #include <isc/net.h>
 
+#include <isccfg/cfg.h>
+
 #include <dns/zone.h>
 
 #include <omapi/types.h>
@@ -53,6 +55,7 @@ EXTERN isc_entropy_t *		ns_g_entropy		INIT(NULL);
 EXTERN isc_timermgr_t *		ns_g_timermgr		INIT(NULL);
 EXTERN isc_socketmgr_t *	ns_g_socketmgr		INIT(NULL);
 EXTERN omapi_object_t *		ns_g_omapimgr		INIT(NULL);
+EXTERN cfg_parser_t *		ns_g_parser		INIT(NULL);
 EXTERN const char *		ns_g_version		INIT(VERSION);
 EXTERN in_port_t		ns_g_port		INIT(0);
 EXTERN in_port_t		lwresd_g_listenport	INIT(0);
@@ -72,6 +75,8 @@ EXTERN unsigned int		ns_g_debuglevel		INIT(0);
 /*
  * Current configuration information.
  */
+EXTERN cfg_obj_t *		ns_g_config		INIT(NULL);
+EXTERN cfg_obj_t *		ns_g_defaults		INIT(NULL);
 EXTERN const char *		ns_g_conffile		INIT(NS_SYSCONFDIR
 							     "/named.conf");
 EXTERN const char *		lwresd_g_conffile	INIT(NS_SYSCONFDIR

bin/named/include/named/logconf.h

@@ -15,20 +15,18 @@
  * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: logconf.h,v 1.9 2001/01/09 21:40:18 bwelling Exp $ */
+/* $Id: logconf.h,v 1.10 2001/03/04 21:21:33 bwelling Exp $ */
 
 #ifndef NAMED_LOGCONF_H
 #define NAMED_LOGCONF_H 1
 
 #include <isc/log.h>
 
-#include <dns/conflog.h>
-
 isc_result_t
-ns_log_configure(isc_logconfig_t *logconf, dns_c_logginglist_t *clog);
+ns_log_configure(isc_logconfig_t *logconf, cfg_obj_t *logstmt);
 /*
  * Set up the logging configuration in '*logconf' according to
- * the named.conf data in 'clog'.
+ * the named.conf data in 'logstmt'.
  */
 
 #endif /* NAMED_LOGCONF_H */

bin/named/include/named/lwresd.h

@@ -15,7 +15,7 @@
  * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: lwresd.h,v 1.10 2001/01/09 21:40:21 bwelling Exp $ */
+/* $Id: lwresd.h,v 1.11 2001/03/04 21:21:34 bwelling Exp $ */
 
 #ifndef NAMED_LWRESD_H
 #define NAMED_LWRESD_H 1
@@ -23,7 +23,8 @@
 #include <isc/types.h>
 #include <isc/sockaddr.h>
 
-#include <dns/confctx.h>
+#include <isccfg/cfg.h>
+
 #include <dns/types.h>
 
 struct ns_lwresd {
@@ -55,13 +56,11 @@ struct ns_lwreslistener {
  * Configure lwresd.
  */
 isc_result_t
-ns_lwresd_configure(isc_mem_t *mctx, dns_c_ctx_t *cctx);
+ns_lwresd_configure(isc_mem_t *mctx, cfg_obj_t *config);
 
-/*
- * Create a configuration context based on resolv.conf and default parameters.
- */
 isc_result_t
-ns_lwresd_parseresolvconf(isc_mem_t *mctx, dns_c_ctx_t **ctxp);
+ns_lwresd_parseeresolvconf(isc_mem_t *mctx, cfg_parser_t *pctx,
+			   cfg_obj_t **configp);
 
 /*
  * Trigger shutdown.
@@ -73,8 +72,7 @@ ns_lwresd_shutdown(void);
  * Manager functions
  */
 isc_result_t
-ns_lwdmanager_create(isc_mem_t *mctx, dns_c_lwres_t *lwres,
+ns_lwdmanager_create(isc_mem_t *mctx, cfg_obj_t *lwres, ns_lwresd_t **lwresdp);
-		     ns_lwresd_t **lwresdp);
 
 void
 ns_lwdmanager_attach(ns_lwresd_t *source, ns_lwresd_t **targetp);

bin/named/include/named/omapi.h

@@ -15,13 +15,11 @@
  * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: omapi.h,v 1.19 2001/02/06 23:57:15 bwelling Exp $ */
+/* $Id: omapi.h,v 1.20 2001/03/04 21:21:35 bwelling Exp $ */
 
 #ifndef NAMED_OMAPI_H
 #define NAMED_OMAPI_H 1
 
-#include <dns/confctx.h>
-
 #include <omapi/omapi.h>
 
 #include <named/aclconf.h>
@@ -50,7 +48,7 @@ isc_result_t
 ns_omapi_init(void);
 
 isc_result_t
-ns_omapi_configure(isc_mem_t *mctx, dns_c_ctx_t *cctx,
+ns_omapi_configure(isc_mem_t *mctx, cfg_obj_t *config,
 		   ns_aclconfctx_t *aclconfctx);
 
 void

bin/named/include/named/tkeyconf.h

@@ -15,7 +15,7 @@
  * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: tkeyconf.h,v 1.8 2001/01/09 21:40:30 bwelling Exp $ */
+/* $Id: tkeyconf.h,v 1.9 2001/03/04 21:21:36 bwelling Exp $ */
 
 #ifndef NS_TKEYCONF_H
 #define NS_TKEYCONF_H 1
@@ -23,19 +23,19 @@
 #include <isc/types.h>
 #include <isc/lang.h>
 
-#include <dns/confctx.h>
+#include <isccfg/cfg.h>
 
 ISC_LANG_BEGINDECLS
 
 isc_result_t
-ns_tkeyctx_fromconfig(dns_c_ctx_t *cfg, isc_mem_t *mctx, isc_entropy_t *ectx,
+ns_tkeyctx_fromconfig(cfg_obj_t *options, isc_mem_t *mctx, isc_entropy_t *ectx,
-		       dns_tkeyctx_t **tctxp);
+		      dns_tkeyctx_t **tctxp);
 /*
  * 	Create a TKEY context and configure it, including the default DH key
- *	and default domain, according to 'cfg'.
+ *	and default domain, according to 'options'.
  *
  *	Requires:
- *		'cfg' is a valid configuration context.
+ *		'cfg' is a valid configuration options object.
  *		'mctx' is not NULL
  *		'ectx' is not NULL
  *		'tctx' is not NULL

bin/named/include/named/tsigconf.h

@@ -15,7 +15,7 @@
  * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: tsigconf.h,v 1.8 2001/01/09 21:40:31 bwelling Exp $ */
+/* $Id: tsigconf.h,v 1.9 2001/03/04 21:21:37 bwelling Exp $ */
 
 #ifndef NS_TSIGCONF_H
 #define NS_TSIGCONF_H 1
@@ -23,19 +23,17 @@
 #include <isc/types.h>
 #include <isc/lang.h>
 
-#include <dns/confctx.h>
-
 ISC_LANG_BEGINDECLS
 
 isc_result_t
-ns_tsigkeyring_fromconfig(dns_c_view_t *confview, dns_c_ctx_t *confctx,
+ns_tsigkeyring_fromconfig(cfg_obj_t *config, cfg_obj_t *vconfig,
-			   isc_mem_t *mctx, dns_tsig_keyring_t **ringp);
+			  isc_mem_t *mctx, dns_tsig_keyring_t **ringp);
 /*
  * Create a TSIG key ring and configure it according to the 'key'
- * statements in 'confview' and 'confctx'.
+ * statements in the global and view configuration objects.
  *
  *	Requires:
- *		'confctx' is a valid configuration context.
+ *		'config' is not NULL.
  *		'mctx' is not NULL
  *		'ring' is not NULL, and '*ring' is NULL
  *

bin/named/include/named/zoneconf.h

@@ -15,7 +15,7 @@
  * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: zoneconf.h,v 1.15 2001/01/09 21:40:36 bwelling Exp $ */
+/* $Id: zoneconf.h,v 1.16 2001/03/04 21:21:39 bwelling Exp $ */
 
 #ifndef NS_ZONECONF_H
 #define NS_ZONECONF_H 1
@@ -23,13 +23,15 @@
 #include <isc/lang.h>
 #include <isc/types.h>
 
+#include <isccfg/cfg.h>
+
 #include <named/aclconf.h>
 
 ISC_LANG_BEGINDECLS
 
 isc_result_t
-ns_zone_configure(dns_c_ctx_t *cctx, dns_c_view_t *cview, dns_c_zone_t *czone,
+ns_zone_configure(cfg_obj_t *config, cfg_obj_t *vconfig, cfg_obj_t *zconfig,
-		   ns_aclconfctx_t *ac, dns_zone_t *zone);
+		  ns_aclconfctx_t *ac, dns_zone_t *zone);
 /*
  * Configure or reconfigure a zone according to the named.conf
  * data in 'cctx' and 'czone'.
@@ -46,20 +48,14 @@ ns_zone_configure(dns_c_ctx_t *cctx, dns_c_view_t *cview, dns_c_zone_t *czone,
  */
 
 isc_boolean_t
-ns_zone_reusable(dns_zone_t *zone, dns_c_zone_t *czone);
+ns_zone_reusable(dns_zone_t *zone, cfg_obj_t *zconfig);
 /*
  * If 'zone' can be safely reconfigured according to the configuration
- * data in 'czone', return ISC_TRUE.  If the configuration data is so
+ * data in 'zconfig', return ISC_TRUE.  If the configuration data is so
  * different from the current zone state that the zone needs to be destroyed
  * and recreated, return ISC_FALSE.
  */
 
-isc_result_t
-ns_zonemgr_configure(dns_c_ctx_t *cctx, dns_zonemgr_t *zonemgr);
-/*
- * Configure the zone manager according to the named.conf data
- * in 'cctx'.
- */
 ISC_LANG_ENDDECLS
 
 #endif /* NS_ZONECONF_H */

bin/named/log.c

@@ -15,12 +15,14 @@
  * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: log.c,v 1.28 2001/01/09 21:39:44 bwelling Exp $ */
+/* $Id: log.c,v 1.29 2001/03/04 21:21:21 bwelling Exp $ */
 
 #include <config.h>
 
 #include <isc/result.h>
 
+#include <isccfg/log.h>
+
 #include <named/log.h>
 
 /*
@@ -75,6 +77,7 @@ ns_log_init(isc_boolean_t safe) {
 	isc_log_setcontext(ns_g_lctx);
 	dns_log_init(ns_g_lctx);
 	dns_log_setcontext(ns_g_lctx);
+	isccfg_log_init(ns_g_lctx);
 
 	if (safe)
 		result = ns_log_setsafechannels(lcfg);

bin/named/logconf.c

@@ -15,12 +15,17 @@
  * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: logconf.c,v 1.27 2001/01/09 21:39:45 bwelling Exp $ */
+/* $Id: logconf.c,v 1.28 2001/03/04 21:21:22 bwelling Exp $ */
 
 #include <config.h>
 
+#include <isc/offset.h>
 #include <isc/result.h>
 #include <isc/string.h>
+#include <isc/syslog.h>
+
+#include <isccfg/cfg.h>
+#include <isccfg/log.h>
 
 #include <named/log.h>
 #include <named/logconf.h>
@@ -35,42 +40,35 @@
  * in 'ccat' and add it to 'lctx'.
  */
 static isc_result_t
-category_fromconf(dns_c_logcat_t *ccat, isc_logconfig_t *lctx) {
+category_fromconf(cfg_obj_t *ccat, isc_logconfig_t *lctx) {
 	isc_result_t result;
-	unsigned int i;
+	const char *catname;
 	isc_logcategory_t *category;
 	isc_logmodule_t *module;
+	cfg_obj_t *destinations = NULL;
+	cfg_listelt_t *element = NULL;
 
-	category = isc_log_categorybyname(ns_g_lctx, ccat->catname);
+	catname = cfg_obj_asstring(cfg_tuple_get(ccat, "name"));
+	category = isc_log_categorybyname(ns_g_lctx, catname);
 	if (category == NULL) {
-		isc_log_write(ns_g_lctx, DNS_LOGCATEGORY_CONFIG,
+		cfg_obj_log(ccat, ns_g_lctx, ISC_LOG_ERROR,
-			      NS_LOGMODULE_SERVER, ISC_LOG_ERROR,
+			    "unknown logging category '%s' ignored",
-			      "unknown logging category '%s' ignored",
+			    catname);
-			      ccat->catname);
 		/*
 		 * Allow further processing by returning success.
 		 */
 		return (ISC_R_SUCCESS);
 	}
 
-#ifdef notyet
-	module = isc_log_modulebyname(ns_g_lctx, ccat->modname);
-	if (module == NULL) {
-		isc_log_write(ns_g_lctx, DNS_LOGCATEGORY_CONFIG,
-			      NS_LOGMODULE_SERVER, ISC_LOG_ERROR,
-			      "unknown logging module '%s' ignored",
-			      ccat->modname);
-		/*
-		 * Allow further processing by returning success.
-		 */
-		return (ISC_R_SUCCESS);
-	}
-#else
 	module = NULL;
-#endif
 
-	for (i = 0; i < ccat->nextcname; i++) {
+	destinations = cfg_tuple_get(ccat, "destinations");
-		char *channelname = ccat->channel_names[i];
+	for (element = cfg_list_first(destinations);
+	     element != NULL;
+	     element = cfg_list_next(element))
+	{
+		cfg_obj_t *channel = cfg_listelt_value(element);
+		char *channelname = cfg_obj_asstring(channel);
 
 		result = isc_log_usechannel(lctx, channelname, category,
 					    module);
@@ -90,156 +88,170 @@ category_fromconf(dns_c_logcat_t *ccat, isc_logconfig_t *lctx) {
  * in 'cchan' and add it to 'lctx'.
  */
 static isc_result_t
-channel_fromconf(dns_c_logchan_t *cchan, isc_logconfig_t *lctx) {
+channel_fromconf(cfg_obj_t *channel, isc_logconfig_t *lctx) {
 	isc_result_t result;
 	isc_logdestination_t dest;
 	unsigned int type;
 	unsigned int flags = 0;
 	int level;
-	dns_c_logseverity_t severity;
+	const char *channelname;
+	cfg_obj_t *fileobj = NULL;
+	cfg_obj_t *syslogobj = NULL;
+	cfg_obj_t *nullobj = NULL;
+	cfg_obj_t *stderrobj = NULL;
+	cfg_obj_t *severity = NULL;
+	int i;
+
+	channelname = cfg_obj_asstring(cfg_map_getname(channel));
+
+	(void)cfg_map_get(channel, "file", &fileobj);
+	(void)cfg_map_get(channel, "syslog", &syslogobj);
+	(void)cfg_map_get(channel, "null", &nullobj);
+	(void)cfg_map_get(channel, "stderr", &stderrobj);
+
+	i = 0;
+	if (fileobj != NULL)
+		i++;
+	if (syslogobj != NULL)
+		i++;
+	if (nullobj != NULL)
+		i++;
+	if (stderrobj != NULL)
+		i++;
+
+	if (i != 1) {
+		cfg_obj_log(channel, ns_g_lctx, ISC_LOG_ERROR,
+			      "channel '%s': exactly one of file, syslog, "
+			      "null, and stderr must be present", channelname);
+		return (ISC_R_FAILURE);
+	}
 
 	type = ISC_LOG_TONULL;
-	switch (cchan->ctype) {
+	
-	case dns_c_logchan_file:
+	if (fileobj != NULL) {
+		cfg_obj_t *pathobj = cfg_tuple_get(fileobj, "file");
+		cfg_obj_t *sizeobj = cfg_tuple_get(fileobj, "size");
+		cfg_obj_t *versionsobj = cfg_tuple_get(fileobj, "versions");
+		isc_int32_t versions = ISC_LOG_ROLLNEVER;
+		isc_offset_t size = ISC_OFFSET_MAXIMUM;
+
 		type = ISC_LOG_TOFILE;
-		{
+		
-			const char *path = NULL;
+		if (versionsobj != NULL && cfg_obj_isuint32(versionsobj))
-			isc_int32_t versions = ISC_LOG_ROLLNEVER;
+			versions = cfg_obj_asuint32(versionsobj);
-			/*
+		if (sizeobj != NULL &&
-			 * XXXDCL should be isc_offset_t, but that
+		    cfg_obj_isuint64(sizeobj) &&
-			 * is incompatible with dns_c_logchan_getsize.
+		    cfg_obj_asuint64(sizeobj) < ISC_OFFSET_MAXIMUM)
-			 */
+			size = (isc_offset_t)cfg_obj_asuint64(sizeobj);
-			isc_uint32_t size = 0;
+		dest.file.stream = NULL;
-			(void)dns_c_logchan_getpath(cchan, &path);
+		dest.file.name = cfg_obj_asstring(pathobj);
-			if (path == NULL) {
+		dest.file.versions = versions;
-				isc_log_write(ns_g_lctx,
+		dest.file.maximum_size = size;
-					      DNS_LOGCATEGORY_CONFIG,
+	} else if (syslogobj != NULL) {
-					      NS_LOGMODULE_SERVER,
+		int facility = LOG_DAEMON;
-					      ISC_LOG_ERROR,
-					      "file log channel has "
-					      "no file name");
-				return (ISC_R_UNEXPECTED);
-			}
-			(void)dns_c_logchan_getversions(cchan,
-							(isc_uint32_t *)
-							&versions);
-			(void)dns_c_logchan_getsize(cchan, &size);
-			dest.file.stream = NULL;
-			dest.file.name = cchan->u.filec.path;
-			dest.file.versions = versions;
-			dest.file.maximum_size = size;
-		}
-		break;
 
-	case dns_c_logchan_syslog:
 		type = ISC_LOG_TOSYSLOG;
-		{
-			int facility = LOG_DAEMON;
-			(void)dns_c_logchan_getfacility(cchan, &facility);
-			dest.facility = facility;
-		}
-		break;
 
-	case dns_c_logchan_stderr:
+		if (cfg_obj_isstring(syslogobj)) {
+			char *facilitystr = cfg_obj_asstring(syslogobj);
+			(void)isc_syslog_facilityfromstring(facilitystr,
+							    &facility);
+		}
+		dest.facility = facility;
+	} else if (stderrobj != NULL) {
 		type = ISC_LOG_TOFILEDESC;
-		{
+		dest.file.stream = stderr;
-			dest.file.stream = stderr;
+		dest.file.name = NULL;
-			dest.file.name = NULL;
+		dest.file.versions = ISC_LOG_ROLLNEVER;
-			dest.file.versions = ISC_LOG_ROLLNEVER;
+		dest.file.maximum_size = 0;
-			dest.file.maximum_size = 0;
-		}
-
-	case dns_c_logchan_null:
-		break;
 	}
 
 	/*
 	 * Munge flags.
 	 */
 	{
-		isc_boolean_t printcat = ISC_FALSE;
+		cfg_obj_t *printcat = NULL;
-		isc_boolean_t printsev = ISC_FALSE;
+		cfg_obj_t *printsev = NULL;
-		isc_boolean_t printtime = ISC_FALSE;
+		cfg_obj_t *printtime = NULL;
 
-		(void)dns_c_logchan_getprintcat(cchan, &printcat);
+		(void)cfg_map_get(channel, "print-category", &printcat);
-		(void)dns_c_logchan_getprintsev(cchan, &printsev);
+		(void)cfg_map_get(channel, "print-severity", &printsev);
-		(void)dns_c_logchan_getprinttime(cchan, &printtime);
+		(void)cfg_map_get(channel, "print-time", &printtime);
 
-		if (printcat)
+		if (printcat != NULL && cfg_obj_asboolean(printcat))
 			flags |= ISC_LOG_PRINTCATEGORY;
-		if (printtime)
+		if (printtime != NULL && cfg_obj_asboolean(printtime))
 			flags |= ISC_LOG_PRINTTIME;
-		if (printsev)
+		if (printsev != NULL && cfg_obj_asboolean(printsev))
 			flags |= ISC_LOG_PRINTLEVEL;
-		/* XXX ISC_LOG_PRINTMODULE */
 	}
 
 	level = ISC_LOG_INFO;
-	if (dns_c_logchan_getseverity(cchan, &severity) == ISC_R_SUCCESS) {
+	if (cfg_map_get(channel, "severity", &severity) == ISC_R_SUCCESS) {
-		switch (severity) {
+		if (cfg_obj_isstring(severity)) {
-		case dns_c_log_critical:
+			char *str = cfg_obj_asstring(severity);
-			level = ISC_LOG_CRITICAL;
+			if (strcasecmp(str, "critical") == 0)
-			break;
+				level = ISC_LOG_CRITICAL;
-		case dns_c_log_error:
+			else if (strcasecmp(str, "error") == 0)
-			level = ISC_LOG_ERROR;
+				level = ISC_LOG_ERROR;
-			break;
+			else if (strcasecmp(str, "warning") == 0)
-		case dns_c_log_warn:
+				level = ISC_LOG_WARNING;
-			level = ISC_LOG_WARNING;
+			else if (strcasecmp(str, "notice") == 0)
-			break;
+				level = ISC_LOG_NOTICE;
-		case dns_c_log_notice:
+			else if (strcasecmp(str, "info") == 0)
-			level = ISC_LOG_NOTICE;
+				level = ISC_LOG_INFO;
-			break;
+			else if (strcasecmp(str, "dynamic") == 0)
-		case dns_c_log_info:
+				level = ISC_LOG_DYNAMIC;
-			level = ISC_LOG_INFO;
+		} else
-			break;
+			/* debug */
-		case dns_c_log_debug:
+			level = cfg_obj_asuint32(severity);
-			(void)dns_c_logchan_getdebuglevel(cchan, &level);
-			break;
-		case dns_c_log_dynamic:
-			level = ISC_LOG_DYNAMIC;
-			break;
-		default:
-			level = ISC_LOG_INFO;
-			break;
-		}
 	}
 
-	result = isc_log_createchannel(lctx, cchan->name,
+	result = isc_log_createchannel(lctx, channelname,
 				       type, level, &dest, flags);
 	return (result);
 }
 
 isc_result_t
-ns_log_configure(isc_logconfig_t *lcctx, dns_c_logginglist_t *clog) {
+ns_log_configure(isc_logconfig_t *logconf, cfg_obj_t *logstmt) {
 	isc_result_t result;
-	dns_c_logchan_t *cchan;
+	cfg_obj_t *channels = NULL;
-	dns_c_logcat_t *ccat;
+	cfg_obj_t *categories = NULL;
+	cfg_listelt_t *element;
 	isc_boolean_t default_set = ISC_FALSE;
 
-	CHECK(ns_log_setdefaultchannels(lcctx));
+	CHECK(ns_log_setdefaultchannels(logconf));
 
-	for (cchan = ISC_LIST_HEAD(clog->channels);
+	(void)cfg_map_get(logstmt, "channel", &channels);
-	     cchan != NULL;
+	for (element = cfg_list_first(channels);
-	     cchan = ISC_LIST_NEXT(cchan, next)) {
+	     element != NULL;
-		CHECK(channel_fromconf(cchan, lcctx));
+	     element = cfg_list_next(element))
+	{
+		cfg_obj_t *channel = cfg_listelt_value(element);
+		CHECK(channel_fromconf(channel, logconf));
 	}
 
-	for (ccat = ISC_LIST_HEAD(clog->categories);
+	(void)cfg_map_get(logstmt, "category", &categories);
-	     ccat != NULL;
+	for (element = cfg_list_first(categories);
-	     ccat = ISC_LIST_NEXT(ccat, next)) {
+	     element != NULL;
-		CHECK(category_fromconf(ccat, lcctx));
+	     element = cfg_list_next(element))
-		if (! default_set)
+	{
-			default_set =
+		cfg_obj_t *category = cfg_listelt_value(element);
-				ISC_TF(strcmp(ccat->catname, "default") == 0);
+		CHECK(category_fromconf(category, logconf));
+		if (!default_set) {
+			cfg_obj_t *catname = cfg_tuple_get(category, "name");
+			if (strcmp(cfg_obj_asstring(catname), "default"))
+				default_set = ISC_TRUE;
+		}
 	}
 
-	if (! default_set)
+	if (!default_set)
-		CHECK(ns_log_setdefaultcategory(lcctx));
+		CHECK(ns_log_setdefaultcategory(logconf));
 
 	return (ISC_R_SUCCESS);
 
  cleanup:
-	if (lcctx != NULL)
+	if (logconf != NULL)
-		isc_logconfig_destroy(&lcctx);
+		isc_logconfig_destroy(&logconf);
 	return (result);
 }

bin/named/lwresd.c

@@ -15,7 +15,7 @@
  * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: lwresd.c,v 1.30 2001/01/25 02:33:39 bwelling Exp $ */
+/* $Id: lwresd.c,v 1.31 2001/03/04 21:21:23 bwelling Exp $ */
 
 /*
  * Main program for the Lightweight Resolver Daemon.
@@ -37,12 +37,15 @@
 #include <isc/task.h>
 #include <isc/util.h>
 
+#include <isccfg/cfg.h>
+
 #include <dns/confctx.h>
 #include <dns/conflwres.h>
 #include <dns/log.h>
 #include <dns/result.h>
 #include <dns/view.h>
 
+#include <named/config.h>
 #include <named/globals.h>
 #include <named/log.h>
 #include <named/lwaddr.h>
@@ -96,88 +99,32 @@ ns__lwresd_memfree(void *arg, void *mem, size_t size) {
 	} while (0)
 
 static isc_result_t
-parse_sortlist(lwres_conf_t *lwc, isc_mem_t *mctx,
+buffer_putstr(isc_buffer_t *b, const char *s) {
-	       dns_c_ipmatchlist_t **sortlist)
+	unsigned int len = strlen(s);
-{
+	if (isc_buffer_availablelength(b) <= len)
-	dns_c_ipmatchlist_t *inner = NULL, *middle = NULL, *outer = NULL;
+		return (ISC_R_NOSPACE);
-	dns_c_ipmatchelement_t *element = NULL;
+	isc_buffer_putmem(b, s, len);
-	int i;
-	isc_result_t result;
-
-	REQUIRE(sortlist != NULL && *sortlist == NULL);
-
-	REQUIRE (lwc->sortlistnxt > 0);
-
-	CHECK(dns_c_ipmatchlist_new(mctx, &middle));
-
-	CHECK(dns_c_ipmatchany_new(mctx, &element));
-	ISC_LIST_APPEND(middle->elements, element, next);
-	element = NULL;
-
-	CHECK(dns_c_ipmatchlist_new(mctx, &inner));
-	for (i = 0; i < lwc->sortlistnxt; i++) {
-		isc_sockaddr_t sa;
-		isc_netaddr_t ma;
-		unsigned int mask;
-
-		CHECK(lwaddr_sockaddr_fromlwresaddr(&sa,
-						    &lwc->sortlist[i].addr,
-						    0));
-		CHECK(lwaddr_netaddr_fromlwresaddr(&ma,
-						   &lwc->sortlist[i].mask));
-		CHECK(isc_netaddr_masktoprefixlen(&ma, &mask));
-		CHECK(dns_c_ipmatchpattern_new(mctx, &element, sa, mask));
-		ISC_LIST_APPEND(inner->elements, element, next);
-		element = NULL;
-	}
-
-	CHECK(dns_c_ipmatchindirect_new(mctx, &element, inner, NULL));
-	dns_c_ipmatchlist_detach(&inner);
-	ISC_LIST_APPEND(middle->elements, element, next);
-	element = NULL;
-
-	CHECK(dns_c_ipmatchlist_new(mctx, &outer));
-	CHECK(dns_c_ipmatchindirect_new(mctx, &element, middle, NULL));
-	dns_c_ipmatchlist_detach(&middle);
-	ISC_LIST_APPEND(outer->elements, element, next);
-
-	*sortlist = outer;
-
 	return (ISC_R_SUCCESS);
- cleanup:
-	if (inner != NULL)
-		dns_c_ipmatchlist_detach(&inner);
-	if (outer != NULL)
-		dns_c_ipmatchlist_detach(&outer);
-	if (element != NULL)
-		dns_c_ipmatchelement_delete(mctx, &element);
-	return (result);
 }
 
 /*
  * Convert a resolv.conf file into a config structure.
  */
 isc_result_t
-ns_lwresd_parseresolvconf(isc_mem_t *mctx, dns_c_ctx_t **ctxp) {
+ns_lwresd_parseeresolvconf(isc_mem_t *mctx, cfg_parser_t *pctx,
-	dns_c_ctx_t *ctx = NULL;
+			   cfg_obj_t **configp)
+{
+	char text[4096];
+	char str[16];
+	isc_buffer_t b;
 	lwres_context_t *lwctx = NULL;
 	lwres_conf_t *lwc = NULL;
 	isc_sockaddr_t sa;
+	isc_netaddr_t na;
 	int i;
-	in_port_t port;
-	dns_c_iplist_t *forwarders = NULL;
-	dns_c_iplist_t *locallist = NULL;
-	dns_c_lwreslist_t *lwreslist = NULL;
-	dns_c_lwres_t *lwres = NULL;
-	dns_c_search_t *search = NULL;
-	dns_c_searchlist_t *searchlist = NULL;
-	dns_c_ipmatchlist_t *sortlist = NULL;
 	isc_result_t result;
 	lwres_result_t lwresult;
-	struct in_addr localhost;
 
-	CHECK(dns_c_ctx_new(mctx, &ctx));
-	
 	lwctx = NULL;
 	lwresult = lwres_context_create(&lwctx, mctx, ns__lwresd_memalloc,
 					ns__lwresd_memfree,
@@ -196,107 +143,133 @@ ns_lwresd_parseresolvconf(isc_mem_t *mctx, dns_c_ctx_t **ctxp) {
 	lwc = lwres_conf_get(lwctx);
 	INSIST(lwc != NULL);
 
+	isc_buffer_init(&b, text, sizeof(text));
+
 	/*
 	 * Build the list of forwarders.
 	 */
 	if (lwc->nsnext > 0) {
-		CHECK(dns_c_iplist_new(mctx, lwc->nsnext, &forwarders));
+		CHECK(buffer_putstr(&b, "options {\n"));
-
+		CHECK(buffer_putstr(&b, "\tforwarders {\n"));
-		if (ns_g_port != 0)
-			port = ns_g_port;
-		else
-			port = 53;
 
 		for (i = 0 ; i < lwc->nsnext ; i++) {
 			CHECK(lwaddr_sockaddr_fromlwresaddr(
 							&sa,
 							&lwc->nameservers[i],
-							port));
+							ns_g_port));
-			if (result != ISC_R_SUCCESS)
+			isc_netaddr_fromsockaddr(&na, &sa);
-				continue;
+			CHECK(buffer_putstr(&b, "\t\t"));
-			CHECK(dns_c_iplist_append(forwarders, sa, NULL));
+			CHECK(isc_netaddr_totext(&na, &b));
-		}
+			CHECK(buffer_putstr(&b, ";\n"));
-	
-		if (forwarders->nextidx != 0) {
-			CHECK(dns_c_ctx_setforwarders(ctx, forwarders));
-			dns_c_iplist_detach(&forwarders);
-			CHECK(dns_c_ctx_setforward(ctx, dns_c_forw_first));
 		}
+		CHECK(buffer_putstr(&b, "\t};\n"));
+		CHECK(buffer_putstr(&b, "};\n\n"));
 	}
 
+	CHECK(buffer_putstr(&b, "lwres {\n"));
+
 	/*
 	 * Build the search path
 	 */
 	if (lwc->searchnxt > 0) {
-		CHECK(dns_c_searchlist_new(mctx, &searchlist));
+		if (lwc->searchnxt > 0) {
-		for (i = 0; i < lwc->searchnxt; i++) {
+			CHECK(buffer_putstr(&b, "\tsearch {\n"));
-			search = NULL;
+			for (i = 0; i < lwc->searchnxt; i++) {
-			CHECK(dns_c_search_new(mctx, lwc->search[i], &search));
+				CHECK(buffer_putstr(&b, "\t\t"));
-			dns_c_searchlist_append(searchlist, search);
+				CHECK(buffer_putstr(&b, lwc->search[i]));
+			        CHECK(buffer_putstr(&b, ";\n"));
+			}
+			CHECK(buffer_putstr(&b, "\t};\n"));
 		}
 	}
 
+	/*
+	 * Build the ndots line
+	 */
+	if (lwc->ndots != 1) {
+		CHECK(buffer_putstr(&b, "\tndots "));
+		snprintf(str, sizeof(str), "%u", lwc->ndots);
+		CHECK(buffer_putstr(&b, str));
+		CHECK(buffer_putstr(&b, ";\n"));
+	}
+
+	/*
+	 * Build the listen-on line
+	 */
+	if (lwc->lwnext > 0) {
+		CHECK(buffer_putstr(&b, "\tlisten-on {\n"));
+
+		for (i = 0 ; i < lwc->lwnext ; i++) {
+			CHECK(lwaddr_sockaddr_fromlwresaddr(&sa,
+							    &lwc->lwservers[i],
+							    0));
+			isc_netaddr_fromsockaddr(&na, &sa);
+			CHECK(buffer_putstr(&b, "\t\t"));
+			CHECK(isc_netaddr_totext(&na, &b));
+			CHECK(buffer_putstr(&b, ";\n"));
+		}
+		CHECK(buffer_putstr(&b, "\t};\n"));
+	}
+
 	/*
 	 * Build the sortlist
 	 */
 	if (lwc->sortlistnxt > 0) {
-		CHECK(parse_sortlist(lwc, mctx, &sortlist));
+		CHECK(buffer_putstr(&b, "\tsortlist {\n"));
-		CHECK(dns_c_ctx_setsortlist(ctx, sortlist));
+		CHECK(buffer_putstr(&b, "\t{\n"));
-		dns_c_ipmatchlist_detach(&sortlist);
+		CHECK(buffer_putstr(&b, "\t\tany;\n"));
+		CHECK(buffer_putstr(&b, "\t\t{;\n"));
+		for (i = 0 ; i < lwc->sortlistnxt; i++) {
+			lwres_addr_t *lwaddr = &lwc->sortlist[i].addr;
+			lwres_addr_t *lwmask = &lwc->sortlist[i].mask;
+			unsigned int mask;
+
+			CHECK(lwaddr_sockaddr_fromlwresaddr(&sa, lwmask, 0));
+			isc_netaddr_fromsockaddr(&na, &sa);
+			result = isc_netaddr_masktoprefixlen(&na, &mask);
+			if (result != ISC_R_SUCCESS) {
+				char addrtext[ISC_NETADDR_FORMATSIZE];
+				isc_netaddr_format(&na, addrtext,
+						   sizeof(addrtext));
+				isc_log_write(ns_g_lctx,
+					      NS_LOGCATEGORY_GENERAL,
+					      NS_LOGMODULE_LWRESD,
+					      ISC_LOG_ERROR,
+					      "processing sortlist: '%s' is "
+					      "not a valid netmask",
+					      addrtext);
+				goto cleanup;
+			}
+
+			CHECK(lwaddr_sockaddr_fromlwresaddr(&sa, lwaddr, 0));
+			isc_netaddr_fromsockaddr(&na, &sa);
+
+			CHECK(buffer_putstr(&b, "\t\t\t"));
+			CHECK(isc_netaddr_totext(&na, &b));
+			snprintf(str, sizeof(str), "%u", mask);
+			CHECK(buffer_putstr(&b, "/"));
+			CHECK(buffer_putstr(&b, str));
+			CHECK(buffer_putstr(&b, ";\n"));
+		}
+		CHECK(buffer_putstr(&b, "\t\t}\n"));
+		CHECK(buffer_putstr(&b, "\t}\n"));
+		CHECK(buffer_putstr(&b, "};\n"));
 	}
 
-	CHECK(dns_c_lwreslist_new(mctx, &lwreslist));
+	CHECK(buffer_putstr(&b, "};\n"));
-	CHECK(dns_c_lwres_new(mctx, &lwres));
 
-	port = lwresd_g_listenport;
+#if 0
-	if (port == 0)
+	printf("%.*s\n",
-		port = LWRES_UDP_PORT;
+	       (int)isc_buffer_usedlength(&b),
+	       (char *)isc_buffer_base(&b));
+#endif
 
-	if (lwc->lwnext == 0) {
+	lwres_conf_clear(lwctx);
-		localhost.s_addr = htonl(INADDR_LOOPBACK);
+	lwres_context_destroy(&lwctx);
-		isc_sockaddr_fromin(&sa, &localhost, port);
-	} else {
-		CHECK(lwaddr_sockaddr_fromlwresaddr(&sa, &lwc->lwservers[0],
-						    port));
-	}
 
-	CHECK(dns_c_iplist_new(mctx, 1, &locallist));
+	return (cfg_parse_buffer(pctx, &b, &cfg_type_namedconf, configp));
-	CHECK(dns_c_iplist_append(locallist, sa, NULL));
-
-	CHECK(dns_c_lwres_setlistenon(lwres, locallist));
-	dns_c_iplist_detach(&locallist);
-
-	CHECK(dns_c_lwres_setsearchlist(lwres, searchlist));
-	searchlist = NULL;
-
-	CHECK(dns_c_lwres_setndots(lwres, lwc->ndots));
-
-	CHECK(dns_c_lwreslist_append(lwreslist, lwres));
-	lwres = NULL;
-
-	CHECK(dns_c_ctx_setlwres(ctx, lwreslist));
-	lwreslist = NULL;
-
-	*ctxp = ctx;
-
-	result = ISC_R_SUCCESS;
 
  cleanup:
-	if (result != ISC_R_SUCCESS) {
-		if (forwarders != NULL)
-			dns_c_iplist_detach(&forwarders);
-		if (locallist != NULL)
-			dns_c_iplist_detach(&locallist);
-		if (searchlist != NULL)
-			dns_c_searchlist_delete(&searchlist);
-		if (sortlist != NULL)
-			dns_c_ipmatchlist_detach(&sortlist);
-		if (lwres != NULL)
-			dns_c_lwres_delete(&lwres);
-		if (lwreslist != NULL)
-			dns_c_lwreslist_delete(&lwreslist);
-		dns_c_ctx_delete(&ctx);
-	}
 
 	if (lwctx != NULL) {
 		lwres_conf_clear(lwctx);
@@ -311,12 +284,14 @@ ns_lwresd_parseresolvconf(isc_mem_t *mctx, dns_c_ctx_t **ctxp) {
  * Handle lwresd manager objects
  */
 isc_result_t
-ns_lwdmanager_create(isc_mem_t *mctx, dns_c_lwres_t *lwres,
+ns_lwdmanager_create(isc_mem_t *mctx, cfg_obj_t *lwres,
 		     ns_lwresd_t **lwresdp)
 {
 	ns_lwresd_t *lwresd;
 	const char *vname;
-	dns_c_search_t *search;
+	dns_rdataclass_t vclass;
+	cfg_obj_t *obj, *viewobj, *searchobj;
+	cfg_listelt_t *element;
 	isc_result_t result;
 
 	INSIST(lwresdp != NULL && *lwresdp == NULL);
@@ -328,29 +303,45 @@ ns_lwdmanager_create(isc_mem_t *mctx, dns_c_lwres_t *lwres,
 	lwresd->mctx = NULL;
 	isc_mem_attach(mctx, &lwresd->mctx);
 	lwresd->view = NULL;
-	lwresd->ndots = lwres->ndots;
 	lwresd->search = NULL;
 	lwresd->refs = 1;
 
+	obj = NULL;
+	(void)cfg_map_get(lwres, "ndots", &obj);
+	if (obj != NULL)
+		lwresd->ndots = cfg_obj_asuint32(obj);
+	else
+		lwresd->ndots = 1;
+
 	RUNTIME_CHECK(isc_mutex_init(&lwresd->lock) == ISC_R_SUCCESS);
 
 	lwresd->shutting_down = ISC_FALSE;
 
-	if (lwres->view == NULL)
+	viewobj = NULL;
+	(void)cfg_map_get(lwres, "view", &viewobj);
+	if (viewobj != NULL) {
+		vname = cfg_obj_asstring(cfg_tuple_get(viewobj, "name"));
+		obj = cfg_tuple_get(viewobj, "class");
+		result = ns_config_getclass(obj, &vclass);
+		if (result != ISC_R_SUCCESS)
+			goto fail;
+	} else {
 		vname = "_default";
-	else
+		vclass = dns_rdataclass_in;
-		vname = lwres->view;
+	}
 
-	result = dns_viewlist_find(&ns_g_server->viewlist, vname,
+	result = dns_viewlist_find(&ns_g_server->viewlist, vname, vclass,
-				   lwres->viewclass, &lwresd->view);
+				   &lwresd->view);
 	if (result != ISC_R_SUCCESS) {
 		isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
 			      NS_LOGMODULE_LWRESD, ISC_LOG_WARNING,
-			      "couldn't find view %s", lwres->view);
+			      "couldn't find view %s", vname);
 		goto fail;
 	}
 
-	if (lwres->searchlist != NULL) {
+	searchobj = NULL;
+	cfg_map_get(lwres, "search", &searchobj);
+	if (searchobj != NULL) {
 		lwresd->search = NULL;
 		result = ns_lwsearchlist_create(lwresd->mctx,
 						&lwresd->search);
@@ -360,19 +351,24 @@ ns_lwdmanager_create(isc_mem_t *mctx, dns_c_lwres_t *lwres,
 				      "couldn't create searchlist");
 			goto fail;
 		}
-		for (search = ISC_LIST_HEAD(lwres->searchlist->searches);
+		for (element = cfg_list_first(searchobj);
-		     search != NULL;
+		     element != NULL;
-		     search = ISC_LIST_NEXT(search, next))
+		     element = cfg_list_next(element))
 		{
+			cfg_obj_t *search;
+			char *searchstr;
 			isc_buffer_t namebuf;
 			dns_fixedname_t fname;
 			dns_name_t *name;
 
+			search = cfg_listelt_value(element);
+			searchstr = cfg_obj_asstring(search);
+
 			dns_fixedname_init(&fname);
 			name = dns_fixedname_name(&fname);
-			isc_buffer_init(&namebuf, search->search,
+			isc_buffer_init(&namebuf, searchstr,
-					strlen(search->search));
+					strlen(searchstr));
-			isc_buffer_add(&namebuf, strlen(search->search));
+			isc_buffer_add(&namebuf, strlen(searchstr));
 			result = dns_name_fromtext(name, &namebuf,
 						   dns_rootname, ISC_FALSE,
 						   NULL);
@@ -382,7 +378,7 @@ ns_lwdmanager_create(isc_mem_t *mctx, dns_c_lwres_t *lwres,
 					      NS_LOGMODULE_LWRESD,
 					      ISC_LOG_WARNING,
 					      "invalid name %s in searchlist",
-					      search->search);
+					      searchstr);
 				continue;
 			}
 
@@ -731,22 +727,24 @@ configure_listener(isc_sockaddr_t *address, ns_lwresd_t *lwresd,
 }
 
 isc_result_t
-ns_lwresd_configure(isc_mem_t *mctx, dns_c_ctx_t *cctx) {
+ns_lwresd_configure(isc_mem_t *mctx, cfg_obj_t *config) {
-	dns_c_lwres_t *lwres = NULL;
+	cfg_obj_t *lwreslist = NULL;
-	dns_c_lwreslist_t *list = NULL;
+	cfg_obj_t *lwres = NULL;
+	cfg_obj_t *listenerslist = NULL;
+	cfg_listelt_t *element = NULL;
 	ns_lwreslistener_t *listener;
 	ns_lwreslistenerlist_t newlisteners;
 	isc_result_t result;
 	char socktext[ISC_SOCKADDR_FORMATSIZE];
 
 	REQUIRE(mctx != NULL);
-	REQUIRE(cctx != NULL);
+	REQUIRE(config != NULL);
 
 	RUNTIME_CHECK(isc_once_do(&once, initialize_mutex) == ISC_R_SUCCESS);
 
 	ISC_LIST_INIT(newlisteners);
 
-	result = dns_c_ctx_getlwres(cctx, &list);
+	result = cfg_map_get(config, "lwres", &lwreslist);
 	if (result != ISC_R_SUCCESS)
 		return (ISC_R_SUCCESS);
 
@@ -759,42 +757,57 @@ ns_lwresd_configure(isc_mem_t *mctx, dns_c_ctx_t *cctx) {
 	 * the underlying config code, or to the bind attempt getting an
 	 * address-in-use error.
 	 */
-	for (lwres = dns_c_lwreslist_head(list);
+	for (element = cfg_list_first(lwreslist);
-	     lwres != NULL;
+	     element != NULL;
-	     lwres = dns_c_lwreslist_next(lwres))
+	     element = cfg_list_next(element))
 	{
-		unsigned int i;
 		ns_lwresd_t *lwresd;
+		in_port_t port;
+		isc_sockaddr_t *addrs = NULL;
+		isc_uint32_t count;
 
+		lwres = cfg_listelt_value(element);
 		lwresd = NULL;
 		result = ns_lwdmanager_create(mctx, lwres, &lwresd);
 		if (result != ISC_R_SUCCESS)
 			return (result);
 
-		if (lwres->listeners == NULL) {
+		port = lwresd_g_listenport;
+		if (port == 0)
+			port = LWRES_UDP_PORT;
+
+		listenerslist = NULL;
+		cfg_map_get(lwres, "listen-on", &listenerslist);
+		if (listenerslist == NULL) {
 			struct in_addr localhost;
-			in_port_t port;
 			isc_sockaddr_t address;
 
-			port = lwresd_g_listenport;
-			if (port == 0)
-				port = LWRES_UDP_PORT;
 			localhost.s_addr = htonl(INADDR_LOOPBACK);
 			isc_sockaddr_fromin(&address, &localhost, port);
 			result = configure_listener(&address, lwresd,
 						    mctx, &newlisteners);
 		} else {
-			isc_sockaddr_t *address;
+			isc_uint32_t i;
-			for (i = 0; i < lwres->listeners->nextidx; i++) {
+
-				address = &lwres->listeners->ips[i];
+			result = ns_config_getiplist(config, listenerslist,
-				result = configure_listener(address, lwresd,
+						     port, mctx,
+						     &addrs, &count);
+			if (result != ISC_R_SUCCESS)
+				goto failure;
+			
+			for (i = 0; i < count; i++) {
+				result = configure_listener(&addrs[i], lwresd,
 							    mctx,
 							    &newlisteners);
 				if (result != ISC_R_SUCCESS)
-					break;
+					goto failure;
 			}
 		}
 
+	failure:
+		if (addrs != NULL)
+			ns_config_putiplist(mctx, &addrs, count);
+
 		ns_lwdmanager_detach(&lwresd);
 		if (result != ISC_R_SUCCESS)
 			return (result);

bin/named/omapiconf.c

@@ -15,7 +15,7 @@
  * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: omapiconf.c,v 1.15 2001/01/09 21:40:00 bwelling Exp $ */
+/* $Id: omapiconf.c,v 1.16 2001/03/04 21:21:24 bwelling Exp $ */
 
 /*
  * Principal Author: DCL
@@ -31,12 +31,23 @@
 #include <isc/string.h>
 #include <isc/util.h>
 
-#include <dst/result.h>
+#include <isccfg/cfg.h>
+
+#include <dns/result.h>
 
 #include <named/log.h>
 #include <named/omapi.h>
 #include <named/server.h>
 
+typedef struct ns_omapikey ns_omapikey_t;
+
+typedef ISC_LIST(ns_omapikey_t) ns_omapikeylist_t;
+
+struct ns_omapikey {
+	char *keyname;
+	ISC_LINK(ns_omapikey_t)		link;
+};
+
 typedef struct ns_omapilistener ns_omapilistener_t;
 
 typedef ISC_LIST(ns_omapilistener_t) ns_omapilistenerlist_t;
@@ -47,8 +58,8 @@ struct ns_omapilistener {
 	omapi_object_t *		manager;
 	isc_sockaddr_t			address;
 	dns_acl_t *			acl;
-	dns_c_kidlist_t *		keyids;
+	ns_omapikeylist_t		keyids;
-	LINK(ns_omapilistener_t)	link;
+	ISC_LINK(ns_omapilistener_t)	link;
 };
 
 static ns_omapilistenerlist_t listeners;
@@ -61,10 +72,19 @@ initialize_mutex(void) {
 	RUNTIME_CHECK(isc_mutex_init(&listeners_lock) == ISC_R_SUCCESS);
 }
 
+static void
+free_omapikeylist(ns_omapikeylist_t *keylist, isc_mem_t *mctx) {
+	while (!ISC_LIST_EMPTY(*keylist)) {
+		ns_omapikey_t *key = ISC_LIST_HEAD(*keylist);
+		ISC_LIST_UNLINK(*keylist, key, link);
+		isc_mem_free(mctx, key->keyname);
+		isc_mem_put(mctx, key, sizeof(*key));
+	}
+}
+
 static void
 free_listener(ns_omapilistener_t *listener) {
-	if (listener->keyids != NULL)
+	free_omapikeylist(&listener->keyids, listener->mctx);
-		dns_c_kidlist_delete(&listener->keyids);
 
 	if (listener->acl != NULL)
 		dns_acl_detach(&listener->acl);
@@ -147,10 +167,84 @@ verify_connection(isc_sockaddr_t *sockaddr, void *arg) {
 		return (ISC_TRUE);
 }
 
+static isc_boolean_t
+omapikeylist_find(ns_omapikeylist_t *keylist, const char *keyname) {
+	ns_omapikey_t *key;
+
+	for (key = ISC_LIST_HEAD(*keylist);
+	     key != NULL;
+	     key = ISC_LIST_NEXT(key, link))
+	{
+		if (strcasecmp(keyname, key->keyname) == 0)
+			return (ISC_TRUE);
+	}
+	return (ISC_FALSE);
+}
+
+static isc_result_t
+cfgkeylist_find(cfg_obj_t *keylist, const char *keyname, cfg_obj_t **objp) {
+	cfg_listelt_t *element;
+	const char *str;
+	cfg_obj_t *obj;
+
+	for (element = cfg_list_first(keylist);
+	     element != NULL;
+	     element = cfg_list_next(element))
+	{
+		obj = cfg_listelt_value(element);
+		str = cfg_obj_asstring(cfg_map_getname(obj));
+		if (strcasecmp(str, keyname) == 0)
+			break;
+	}
+	if (element == NULL)
+		return (ISC_R_NOTFOUND);
+	obj = cfg_listelt_value(element);
+	*objp = obj;
+	return (ISC_R_SUCCESS);
+}
+
+static isc_result_t
+omapikeylist_fromcfg(cfg_obj_t *keylist, isc_mem_t *mctx,
+		     ns_omapikeylist_t *keyids)
+{
+	cfg_listelt_t *element;
+	char *newstr = NULL;
+	const char *str;
+	cfg_obj_t *obj;
+	ns_omapikey_t *key = NULL;
+
+	for (element = cfg_list_first(keylist);
+	     element != NULL;
+	     element = cfg_list_next(element))
+	{
+		obj = cfg_listelt_value(element);
+		str = cfg_obj_asstring(obj);
+		newstr = isc_mem_strdup(mctx, str);
+		if (newstr == NULL)
+			goto cleanup;
+		key = isc_mem_get(mctx, sizeof(*key));
+		if (key == NULL)
+			goto cleanup;
+		key->keyname = newstr;
+		ISC_LINK_INIT(key, link);
+		ISC_LIST_APPEND(*keyids, key, link);
+		key = NULL;
+		newstr = NULL;
+	}
+	return (ISC_R_SUCCESS);
+
+ cleanup:
+	if (newstr != NULL)
+		isc_mem_free(mctx, newstr);
+	if (key != NULL)
+		isc_mem_put(mctx, key, sizeof(*key));
+	free_omapikeylist(keyids, mctx);
+	return (ISC_R_NOMEMORY);
+}
+
 static isc_boolean_t
 verify_key(const char *name, unsigned int algorithm, void *arg) {
 	ns_omapilistener_t *listener;
-	dns_c_kid_t *keyid = NULL;
 
 	/*
 	 * XXXDCL Ideally algorithm would be checked, too, but the current
@@ -161,11 +255,7 @@ verify_key(const char *name, unsigned int algorithm, void *arg) {
 
 	listener = arg;
 
-	(void)dns_c_kidlist_find(listener->keyids, name, &keyid);
+	return (omapikeylist_find(&listener->keyids, name));
-	if (keyid != NULL)
-		return (ISC_TRUE);
-	else
-		return (ISC_FALSE);
 }
 
 static isc_result_t
@@ -196,11 +286,11 @@ ns_omapi_listen(ns_omapilistener_t *listener) {
 }
 
 static void
-register_keys(dns_c_ctrl_t *control, dns_c_kdeflist_t *keydeflist,
+register_keys(cfg_obj_t *control, cfg_obj_t *keylist, char *socktext) {
-	      char *socktext)
+	char *keyid;
-{
+	cfg_obj_t *key;
-	dns_c_kid_t *keyid;
+	cfg_obj_t *keydef;
-	dns_c_kdef_t *keydef;
+	cfg_listelt_t *element;
 	char secret[1024];
 	isc_buffer_t b;
 	isc_result_t result;
@@ -218,125 +308,131 @@ register_keys(dns_c_ctrl_t *control, dns_c_kdeflist_t *keydeflist,
 	 * from the controls statement in a reconfiguration are not deleted
 	 * until the server shuts down.
 	 */
-	for (keyid = ISC_LIST_HEAD(control->keyidlist->keyids);
+	for (element = cfg_list_first(keylist);
-	     keyid != NULL;
+	     element != NULL;
-	     keyid = ISC_LIST_NEXT(keyid, next)) {
+	     element = cfg_list_next(element))
-		     omapi_auth_deregister(keyid->keyid);
+	{
+		key = cfg_listelt_value(element);
+		keyid = cfg_obj_asstring(cfg_map_getname(key));
 
-		     /*
+		omapi_auth_deregister(keyid);
-		      * XXXDCL confparser.y apparently allows any keyid
-		      * in the list even if it has not been defined with
-		      * the keys statement.
-		      */
-		     keydef = NULL;
-		     result = dns_c_kdeflist_find(keydeflist, keyid->keyid,
-						  &keydef);
-		     if (result != ISC_R_SUCCESS)
-			     isc_log_write(ns_g_lctx, ISC_LOGCATEGORY_GENERAL,
-					   NS_LOGMODULE_OMAPI, ISC_LOG_WARNING,
-					   "couldn't find key %s for "
-					   "use with command channel %s",
-					   keyid->keyid, socktext);
-		     else if (strcasecmp(keydef->algorithm, "hmac-md5") != 0) {
-			     isc_log_write(ns_g_lctx, ISC_LOGCATEGORY_GENERAL,
-					   NS_LOGMODULE_OMAPI, ISC_LOG_WARNING,
-					   "unsupported algorithm %s in "
-					   "key %s for use with "
-					   "command channel %s",
-					   keydef->algorithm, keydef->keyid,
-					   socktext);
-			     result = DST_R_UNSUPPORTEDALG;
-			     keydef = NULL; /* Prevent more error messages. */
-		     }
 
-		     if (result == ISC_R_SUCCESS) {
+		/*
-			     isc_buffer_init(&b, secret, sizeof(secret));
+		 * XXXDCL confparser.y apparently allows any keyid
-			     result = isc_base64_decodestring(ns_g_mctx,
+		 * in the list even if it has not been defined with
-							      keydef->secret,
+		 * the keys statement.
-							      &b);
+		 */
-		     }
+		keydef = NULL;
+		result = cfgkeylist_find(keylist, keyid, &keydef);
+		if (result != ISC_R_SUCCESS)
+			cfg_obj_log(control, ns_g_lctx, ISC_LOG_WARNING,
+				    "couldn't find key %s for use with "
+				    "command channel %s", keyid, socktext);
+		else {
+			cfg_obj_t *algobj = NULL;
+			cfg_obj_t *secretobj = NULL;
+			char *algstr = NULL;
+			char *secretstr = NULL;
 
-		     if (keydef != NULL && result != ISC_R_SUCCESS) {
+			(void)cfg_map_get(keydef, "algorithm", &algobj);
-			     isc_log_write(ns_g_lctx, ISC_LOGCATEGORY_GENERAL,
+			(void)cfg_map_get(keydef, "secret", &secretobj);
-					   NS_LOGMODULE_OMAPI, ISC_LOG_WARNING,
+			INSIST(algobj != NULL && secretobj != NULL);
-					   "can't use secret for key %s on "
-					   "command channel %s: %s",
-					   keydef->keyid, socktext,
-					   isc_result_totext(result));
-			     keydef = NULL; /* Prevent more error messages. */
 
-		     } else if (result == ISC_R_SUCCESS)
+			algstr = cfg_obj_asstring(algobj);
-			     result = omapi_auth_register(keydef->keyid,
+			secretstr = cfg_obj_asstring(secretobj);
+
+			if (strcasecmp(algstr, "hmac-md5") != 0) {
+				cfg_obj_log(control, ns_g_lctx,
+					    ISC_LOG_WARNING,
+					    "unsupported algorithm '%s' in "
+					    "key '%s' for use with command "
+					    "channel %s",
+					    algstr, keyid, socktext);
+				continue;
+			}
+
+			isc_buffer_init(&b, secret, sizeof(secret));
+			result = isc_base64_decodestring(ns_g_mctx,
+							 secretstr, &b);
+
+			if (result != ISC_R_SUCCESS) {
+				cfg_obj_log(keydef, ns_g_lctx, ISC_LOG_WARNING,
+					    "secret for key '%s' on "
+					    "command channel %s: %s",
+					    keyid, socktext,
+					    isc_result_totext(result));
+				continue;
+			}
+
+			result = omapi_auth_register(keyid,
 						    OMAPI_AUTH_HMACMD5,
 						    isc_buffer_base(&b),
 						    isc_buffer_usedlength(&b));
 
-		     if (keydef != NULL && result != ISC_R_SUCCESS)
+			if (result != ISC_R_SUCCESS)
-			     isc_log_write(ns_g_lctx, ISC_LOGCATEGORY_GENERAL,
+				cfg_obj_log(keydef, ns_g_lctx, ISC_LOG_WARNING,
-					   NS_LOGMODULE_OMAPI, ISC_LOG_WARNING,
+					   "couldn't register key '%s' for"
-					   "couldn't register key %s for"
 					   "use with command channel %s: %s",
-					   keydef->keyid, socktext,
+					   keyid, socktext,
 					   isc_result_totext(result));
+		}
 	}
 }
 
 static void
-update_listener(ns_omapilistener_t **listenerp, dns_c_ctrl_t *control,
+update_listener(ns_omapilistener_t **listenerp, cfg_obj_t *control,
-		dns_c_ctx_t *cctx, ns_aclconfctx_t *aclconfctx,
+		cfg_obj_t *config, isc_sockaddr_t *addr,
-		char *socktext)
+		ns_aclconfctx_t *aclconfctx, char *socktext)
 {
 	ns_omapilistener_t *listener;
+	cfg_obj_t *allow;
+	cfg_obj_t *keys;
 	dns_acl_t *new_acl = NULL;
+	ns_omapikeylist_t keyids;
 	isc_result_t result;
 
-	for (listener = ISC_LIST_HEAD(listeners); listener != NULL;
+	for (listener = ISC_LIST_HEAD(listeners);
-	     listener = ISC_LIST_NEXT(listener, link)) {
+	     listener != NULL;
-
+	     listener = ISC_LIST_NEXT(listener, link))
-		if (isc_sockaddr_equal(&control->u.inet_v.addr,
+		if (isc_sockaddr_equal(addr, &listener->address))
-				       &listener->address)) {
-			/*
-			 * There is already a listener for this sockaddr.
-			 * Update the access list and key information.
-			 *
-			 * First, keep the old access list unless
-			 * a new one can be made.
-			 */
-			result = ns_acl_fromconfig(control->
-						    u.inet_v.matchlist,
-						    cctx, aclconfctx,
-						    listener->mctx, &new_acl);
-			if (result == ISC_R_SUCCESS) {
-				dns_acl_detach(&listener->acl);
-				dns_acl_attach(new_acl,
-					       &listener->acl);
-				dns_acl_detach(&new_acl);
-			} else
-				/* XXXDCL say the old acl is still used? */
-				isc_log_write(ns_g_lctx,
-					      ISC_LOGCATEGORY_GENERAL,
-					      NS_LOGMODULE_OMAPI,
-					      ISC_LOG_WARNING,
-					      "couldn't install new acl for "
-					      "command channel %s: %s",
-					      socktext,
-					      isc_result_totext(result));
-
-			/*
-			 * Now update the key id list.
-			 * XXXDCL the API for this seems incomplete.  For now,
-			 * I just reassign the pointer and set the control
-			 * keyidlist to NULL so dns_c_ctrl_delete will not
-			 * free it.
-			 */
-			if (listener->keyids != NULL)
-				dns_c_kidlist_delete(&listener->keyids);
-			listener->keyids = control->keyidlist;
-			control->keyidlist = NULL;
-
 			break;
-		}
 
+	if (listener == NULL) {
+		*listenerp = NULL;
+		return;
+	}
+		
+	/*
+	 * There is already a listener for this sockaddr.
+	 * Update the access list and key information.
+	 *
+	 * First, keep the old access list unless a new one can be made.
+	 */
+	allow = cfg_tuple_get(control, "allow");
+	result = ns_acl_fromconfig(allow, config, aclconfctx,
+				   listener->mctx, &new_acl);
+	if (result == ISC_R_SUCCESS) {
+		dns_acl_detach(&listener->acl);
+		dns_acl_attach(new_acl, &listener->acl);
+		dns_acl_detach(&new_acl);
+	} else
+		/* XXXDCL say the old acl is still used? */
+		cfg_obj_log(control, ns_g_lctx, ISC_LOG_WARNING,
+			    "couldn't install new acl for "
+			    "command channel %s: %s",
+			    socktext, isc_result_totext(result));
+
+	keys = cfg_tuple_get(control, "keys");
+	ISC_LIST_INIT(keyids);
+	result = omapikeylist_fromcfg(keys, listener->mctx, &keyids);
+	if (result != ISC_R_SUCCESS)
+		cfg_obj_log(control, ns_g_lctx, ISC_LOG_WARNING,
+			    "couldn't install new keys for "
+			    "command channel %s: %s",
+			    socktext, isc_result_totext(result));
+	else {
+		free_omapikeylist(&listener->keyids, listener->mctx);
+		listener->keyids = keyids;
 	}
 
 	*listenerp = listener;
@@ -344,10 +440,12 @@ update_listener(ns_omapilistener_t **listenerp, dns_c_ctrl_t *control,
 
 static void
 add_listener(isc_mem_t *mctx, ns_omapilistener_t **listenerp,
-	     dns_c_ctrl_t *control, dns_c_ctx_t *cctx,
+	     cfg_obj_t *control, cfg_obj_t *config, isc_sockaddr_t *addr,
 	     ns_aclconfctx_t *aclconfctx, char *socktext)
 {
 	ns_omapilistener_t *listener;
+	cfg_obj_t *allow;
+	cfg_obj_t *keys;
 	dns_acl_t *new_acl = NULL;
 	isc_result_t result = ISC_R_SUCCESS;
 
@@ -358,32 +456,35 @@ add_listener(isc_mem_t *mctx, ns_omapilistener_t **listenerp,
 	if (result == ISC_R_SUCCESS) {
 		listener->mctx = mctx;
 		listener->manager = NULL;
-		listener->address = control->u.inet_v.addr;
+		listener->address = *addr;
 		ISC_LINK_INIT(listener, link);
+		ISC_LIST_INIT(listener->keyids);
 
 		/*
 		 * Make the acl.
 		 */
-		result = ns_acl_fromconfig(control->u.inet_v.matchlist,
+		allow = cfg_tuple_get(control, "allow");
-					    cctx, aclconfctx, mctx, &new_acl);
+		result = ns_acl_fromconfig(allow, config, aclconfctx, mctx,
+					   &new_acl);
 	}
 
 	if (result == ISC_R_SUCCESS) {
 		dns_acl_attach(new_acl, &listener->acl);
 		dns_acl_detach(&new_acl);
 
-		/*
+		keys = cfg_tuple_get(control, "keys");
-		 * Now update the key id list.
+		result = omapikeylist_fromcfg(keys, listener->mctx,
-		 * XXXDCL the API for this seems incomplete.  For now,
+					      &listener->keyids);
-		 * I just reassign the pointer and set it to NULL so
+		if (result != ISC_R_SUCCESS)
-		 * dns_c_ctrl_delete will not free it.
+			cfg_obj_log(control, ns_g_lctx, ISC_LOG_WARNING,
-		 */
+				    "couldn't install new keys for "
-		listener->keyids = control->keyidlist;
+				    "command channel %s: %s",
-		control->keyidlist = NULL;
+				    socktext, isc_result_totext(result));
-
-		result = ns_omapi_listen(listener);
 	}
 
+	if (result == ISC_R_SUCCESS)
+		result = ns_omapi_listen(listener);
+
 	if (result == ISC_R_SUCCESS) {
 		isc_log_write(ns_g_lctx, ISC_LOGCATEGORY_GENERAL,
 			      NS_LOGMODULE_OMAPI, ISC_LOG_NOTICE,
@@ -394,10 +495,9 @@ add_listener(isc_mem_t *mctx, ns_omapilistener_t **listenerp,
 		if (listener != NULL)
 			free_listener(listener);
 
-		isc_log_write(ns_g_lctx, ISC_LOGCATEGORY_GENERAL,
+		cfg_obj_log(control, ns_g_lctx, ISC_LOG_WARNING,
-			      NS_LOGMODULE_OMAPI, ISC_LOG_WARNING,
+			    "couldn't add command channel %s: %s",
-			      "couldn't add command channel %s: %s",
+			    socktext, isc_result_totext(result));
-			      socktext, isc_result_totext(result));
 
 		*listenerp = NULL;
 	}
@@ -406,25 +506,24 @@ add_listener(isc_mem_t *mctx, ns_omapilistener_t **listenerp,
 }
 
 isc_result_t
-ns_omapi_configure(isc_mem_t *mctx, dns_c_ctx_t *cctx,
+ns_omapi_configure(isc_mem_t *mctx, cfg_obj_t *config,
 		   ns_aclconfctx_t *aclconfctx)
 {
 	ns_omapilistener_t *listener;
 	ns_omapilistenerlist_t new_listeners;
-	dns_c_ctrllist_t *controls = NULL;
+	cfg_obj_t *controlslist = NULL;
-	dns_c_ctrl_t *control;
+	cfg_obj_t *keylist = NULL;
-	dns_c_kdeflist_t *keydeflist = NULL;
+	cfg_listelt_t *element, *element2;
 	char socktext[ISC_SOCKADDR_FORMATSIZE];
-	isc_result_t result;
 
 	RUNTIME_CHECK(isc_once_do(&once, initialize_mutex) == ISC_R_SUCCESS);
 
 	ISC_LIST_INIT(new_listeners);
 
 	/*
-	 * Get a pointer to the named.conf ``controls'' statement information.
+	 * Get te list of named.conf 'controls' statements.
 	 */
-	result = dns_c_ctx_getcontrols(cctx, &controls);
+	(void)cfg_map_get(config, "controls", &controlslist);
 
 	LOCK(&listeners_lock);
 	/*
@@ -435,59 +534,109 @@ ns_omapi_configure(isc_mem_t *mctx, dns_c_ctx_t *cctx,
 	 * the underlying config code, or to the bind attempt getting an
 	 * address-in-use error.
 	 */
-	if (result == ISC_R_SUCCESS) {
+	if (controlslist != NULL) {
-		(void)dns_c_ctx_getkdeflist(cctx, &keydeflist);
+		(void)cfg_map_get(config, "key", &keylist);
-		if (keydeflist == NULL)
+		if (keylist == NULL)
-			isc_log_write(ns_g_lctx, ISC_LOGCATEGORY_GENERAL,
+			cfg_obj_log(controlslist, ns_g_lctx, ISC_LOG_WARNING,
-				      NS_LOGMODULE_OMAPI, ISC_LOG_WARNING,
+				    "no key statements for use by "
-				      "no key statements for use by "
+				    "control channels");
-				      "control channels");
 
-		for (control = dns_c_ctrllist_head(controls);
+		for (element = cfg_list_first(controlslist);
-		     control != NULL;
+		     element != NULL;
-		     control = dns_c_ctrl_next(control)) {
+		     element = cfg_list_next(element))
-			/*
+		{
-			 * The parser handles BIND 8 configuration file syntax,
+			cfg_obj_t *controls;
-			 * so it allows a control_type of dns_c_unix_control,
+			cfg_obj_t *inetcontrols = NULL;
-			 * as well as an inet phrase with no keys{} clause.
+
-			 * However, it already warned that those were
+			controls = cfg_listelt_value(element);
-			 * unsupported, so there is no need to do so again.
+			(void)cfg_map_get(controls, "inet", &inetcontrols);
-			 * The keydeflist == NULL case was already warned
+			if (inetcontrols == NULL)
-			 * about a few lines above.
-			 */
-			if (control->control_type != dns_c_inet_control ||
-			    keydeflist == NULL || control->keyidlist == NULL)
 				continue;
 
-			isc_sockaddr_format(&control->u.inet_v.addr,
+			for (element2 = cfg_list_first(inetcontrols);
-					    socktext, sizeof(socktext));
+			     element2 != NULL;
+			     element2 = cfg_list_next(element2))
+			{
+				cfg_obj_t *control;
+				cfg_obj_t *obj;
+				isc_sockaddr_t *addr;
 
-			isc_log_write(ns_g_lctx, ISC_LOGCATEGORY_GENERAL,
-				      NS_LOGMODULE_OMAPI, ISC_LOG_DEBUG(9),
-				      "processing control channel %s",
-				      socktext);
-
-			register_keys(control, keydeflist, socktext);
-
-			update_listener(&listener, control, cctx, aclconfctx,
-					socktext);
-
-			if (listener != NULL)
 				/*
-				 * Remove the listener from the old list,
+				 * The parser handles BIND 8 configuration file
-				 * so it won't be shut down.
+				 * syntax, so it allows unix phrases as well
+				 * inet phrases with no keys{} clause.
+				 *
+				 * "unix" phrases have been reported as
+				 * unsupported by the parser.
+				 *
+				 * The keylist == NULL case was already warned
+				 * about a few lines above.
 				 */
-				ISC_LIST_UNLINK(listeners, listener, link);
+				control = cfg_listelt_value(element2);
-			else
-				/*
-				 * This is a new listener.
-				 */
-				add_listener(mctx, &listener, control, cctx,
-					     aclconfctx, socktext);
 
-			if (listener != NULL)
+				obj = cfg_tuple_get(control, "address");
-				ISC_LIST_APPEND(new_listeners, listener, link);
+				addr = cfg_obj_assockaddr(obj);
+				if (isc_sockaddr_getport(addr) == 0)
+					isc_sockaddr_setport(addr,
+							     NS_OMAPI_PORT);
 
+				isc_sockaddr_format(addr, socktext,
+						    sizeof(socktext));
+
+				obj = cfg_tuple_get(control, "keys");
+
+				if (cfg_obj_isvoid(obj)) {
+					cfg_obj_log(obj, ns_g_lctx,
+						    ISC_LOG_ERROR,
+						    "no keys clause in "
+						    "control channel %s",
+						    socktext);
+					continue;
+				}
+
+				if (cfg_list_first(obj) == NULL) {
+					cfg_obj_log(obj, ns_g_lctx,
+						    ISC_LOG_ERROR,
+						    "no keys specified in "
+						    "control channel %s",
+						    socktext);
+					continue;
+				}
+
+				if (keylist == NULL)
+					continue;
+
+				isc_log_write(ns_g_lctx,
+					      ISC_LOGCATEGORY_GENERAL,
+					      NS_LOGMODULE_OMAPI,
+					      ISC_LOG_DEBUG(9),
+					      "processing control channel %s",
+					      socktext);
+
+				register_keys(control, keylist, socktext);
+
+				update_listener(&listener, control, config,
+						addr, aclconfctx, socktext);
+
+				if (listener != NULL)
+					/*
+					 * Remove the listener from the old
+					 * list, so it won't be shut down.
+					 */
+					ISC_LIST_UNLINK(listeners, listener,
+							link);
+				else
+					/*
+					 * This is a new listener.
+					 */
+					add_listener(mctx, &listener, control,
+						     config, addr, aclconfctx,
+						     socktext);
+	
+				if (listener != NULL)
+					ISC_LIST_APPEND(new_listeners,
+							listener, link);
+			}
 		}
 	}
 

bin/named/tkeyconf.c

@@ -15,7 +15,7 @@
  * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: tkeyconf.c,v 1.17 2001/01/09 21:40:05 bwelling Exp $ */
+/* $Id: tkeyconf.c,v 1.18 2001/03/04 21:21:27 bwelling Exp $ */
 
 #include <config.h>
 
@@ -23,6 +23,8 @@
 #include <isc/string.h>		/* Required for HP/UX (and others?) */
 #include <isc/mem.h>
 
+#include <isccfg/cfg.h>
+
 #include <dns/fixedname.h>
 #include <dns/keyvalues.h>
 #include <dns/name.h>
@@ -40,7 +42,7 @@
 
 
 isc_result_t
-ns_tkeyctx_fromconfig(dns_c_ctx_t *cfg, isc_mem_t *mctx, isc_entropy_t *ectx,
+ns_tkeyctx_fromconfig(cfg_obj_t *options, isc_mem_t *mctx, isc_entropy_t *ectx,
 		       dns_tkeyctx_t **tctxp)
 {
 	isc_result_t result;
@@ -50,14 +52,17 @@ ns_tkeyctx_fromconfig(dns_c_ctx_t *cfg, isc_mem_t *mctx, isc_entropy_t *ectx,
 	dns_fixedname_t fname;
 	dns_name_t *name;
 	isc_buffer_t b;
+	cfg_obj_t *obj;
 
 	result = dns_tkeyctx_create(mctx, ectx, &tctx);
 	if (result != ISC_R_SUCCESS)
 		return (result);
 
-	s = NULL;
+	obj = NULL;
-	result = dns_c_ctx_gettkeydhkey(cfg, &s, &n);
+	result = cfg_map_get(options, "tkey-dhkey", &obj);
 	if (result == ISC_R_SUCCESS) {
+		s = cfg_obj_asstring(cfg_tuple_get(obj, "name"));
+		n = cfg_obj_asuint32(cfg_tuple_get(obj, "keyid"));
 		isc_buffer_init(&b, s, strlen(s));
 		isc_buffer_add(&b, strlen(s));
 		dns_fixedname_init(&fname);
@@ -67,12 +72,12 @@ ns_tkeyctx_fromconfig(dns_c_ctx_t *cfg, isc_mem_t *mctx, isc_entropy_t *ectx,
 		RETERR(dst_key_fromfile(name, n, DNS_KEYALG_DH,
 					DST_TYPE_PUBLIC|DST_TYPE_PRIVATE,
 					NULL, mctx, &tctx->dhkey));
-	} else if (result != ISC_R_NOTFOUND)
+	}
-		goto failure;
 
-	s = NULL;
+	obj = NULL;
-	result = dns_c_ctx_gettkeydomain(cfg, &s);
+	result = cfg_map_get(options, "tkey-domain", &obj);
 	if (result == ISC_R_SUCCESS) {
+		s = cfg_obj_asstring(obj);
 		isc_buffer_init(&b, s, strlen(s));
 		isc_buffer_add(&b, strlen(s));
 		dns_fixedname_init(&fname);
@@ -86,11 +91,12 @@ ns_tkeyctx_fromconfig(dns_c_ctx_t *cfg, isc_mem_t *mctx, isc_entropy_t *ectx,
 		}
 		dns_name_init(tctx->domain, NULL);
 		RETERR(dns_name_dup(name, mctx, tctx->domain));
-	} else if (result != ISC_R_NOTFOUND)
+	}
-		goto failure;
 
-	result = dns_c_ctx_gettkeygsscred(cfg, &s);
+	obj = NULL;
+	result = cfg_map_get(options, "tkey-gssapi-credential", &obj);
 	if (result == ISC_R_SUCCESS) {
+		s = cfg_obj_asstring(obj);
 		isc_buffer_init(&b, s, strlen(s));
 		isc_buffer_add(&b, strlen(s));
 		dns_fixedname_init(&fname);
@@ -99,8 +105,7 @@ ns_tkeyctx_fromconfig(dns_c_ctx_t *cfg, isc_mem_t *mctx, isc_entropy_t *ectx,
 					 NULL));
 		RETERR(dst_gssapi_acquirecred(name, ISC_FALSE,
 					      &tctx->gsscred));
-	} else if (result != ISC_R_NOTFOUND)
+	}
-		goto failure;
 
 	*tctxp = tctx;
 	return (ISC_R_SUCCESS);

bin/named/tsigconf.c

@@ -15,7 +15,7 @@
  * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: tsigconf.c,v 1.15 2001/01/09 21:40:06 bwelling Exp $ */
+/* $Id: tsigconf.c,v 1.16 2001/03/04 21:21:28 bwelling Exp $ */
 
 #include <config.h>
 
@@ -24,38 +24,54 @@
 #include <isc/mem.h>
 #include <isc/string.h>
 
+#include <isccfg/cfg.h>
+
 #include <dns/tsig.h>
+#include <dns/result.h>
 
 #include <named/log.h>
 
 #include <named/tsigconf.h>
 
 static isc_result_t
-add_initial_keys(dns_c_kdeflist_t *list, dns_tsig_keyring_t *ring,
+add_initial_keys(cfg_obj_t *list, dns_tsig_keyring_t *ring, isc_mem_t *mctx) {
-		 isc_mem_t *mctx)
+	cfg_listelt_t *element;
-{
+	cfg_obj_t *key = NULL;
-	dns_c_kdef_t *key;
+	char *keyid = NULL;
 	unsigned char *secret = NULL;
 	int secretalloc = 0;
 	int secretlen = 0;
 	isc_result_t ret;
 	isc_stdtime_t now;
 
-	key = ISC_LIST_HEAD(list->keydefs);
+	for (element = cfg_list_first(list);
-	while (key != NULL) {
+	     element != NULL;
+	     element = cfg_list_next(element))
+	{
+		cfg_obj_t *algobj = NULL;
+		cfg_obj_t *secretobj = NULL;
 		dns_name_t keyname;
-		dns_name_t *alg, tempalg;
+		dns_name_t *alg;
-		char keynamedata[1024], algdata[1024];
+		char keynamedata[1024];
-		isc_buffer_t keynamesrc, keynamebuf, algsrc, algbuf;
+		isc_buffer_t keynamesrc, keynamebuf;
+		char *secretstr;
 		isc_buffer_t secretbuf;
 
-		dns_name_init(&keyname, NULL);
+		key = cfg_listelt_value(element);
+		keyid = cfg_obj_asstring(cfg_map_getname(key));
+
+		algobj = NULL;
+		secretobj = NULL;
+		(void)cfg_map_get(key, "algorithm", &algobj);
+		(void)cfg_map_get(key, "secret", &secretobj);
+		INSIST(algobj != NULL && secretobj != NULL);
 
 		/*
 		 * Create the key name.
 		 */
-		isc_buffer_init(&keynamesrc, key->keyid, strlen(key->keyid));
+		dns_name_init(&keyname, NULL);
-		isc_buffer_add(&keynamesrc, strlen(key->keyid));
+		isc_buffer_init(&keynamesrc, keyid, strlen(keyid));
+		isc_buffer_add(&keynamesrc, strlen(keyid));
 		isc_buffer_init(&keynamebuf, keynamedata, sizeof(keynamedata));
 		ret = dns_name_fromtext(&keyname, &keynamesrc, dns_rootname,
 					ISC_TRUE, &keynamebuf);
@@ -65,30 +81,25 @@ add_initial_keys(dns_c_kdeflist_t *list, dns_tsig_keyring_t *ring,
 		/*
 		 * Create the algorithm.
 		 */
-		if (strcasecmp(key->algorithm, "hmac-md5") == 0)
+		if (strcasecmp(cfg_obj_asstring(algobj), "hmac-md5") == 0)
 			alg = dns_tsig_hmacmd5_name;
 		else {
-			dns_name_init(&tempalg, NULL);
+			cfg_obj_log(algobj, ns_g_lctx, ISC_LOG_ERROR,
-			isc_buffer_init(&algsrc, key->algorithm,
+				    "key '%s': the only supported algorithm "
-					strlen(key->algorithm));
+				    "is hmac-md5", keyid);
-			isc_buffer_add(&algsrc, strlen(key->algorithm));
+			ret = DNS_R_BADALG;
-			isc_buffer_init(&algbuf, algdata, sizeof(algdata));
+			goto failure;
-			ret = dns_name_fromtext(&tempalg, &algsrc,
-						dns_rootname,
-						ISC_TRUE, &algbuf);
-			if (ret != ISC_R_SUCCESS)
-				goto failure;
-			alg = &tempalg;
 		}
 
-		secretalloc = secretlen = strlen(key->secret) * 3 / 4;
+		secretstr = cfg_obj_asstring(secretobj);
+		secretalloc = secretlen = strlen(secretstr) * 3 / 4;
 		secret = isc_mem_get(mctx, secretlen);
 		if (secret == NULL) {
 			ret = ISC_R_NOMEMORY;
 			goto failure;
 		}
 		isc_buffer_init(&secretbuf, secret, secretlen);
-		ret = isc_base64_decodestring(mctx, key->secret, &secretbuf);
+		ret = isc_base64_decodestring(mctx, secretstr, &secretbuf);
 		if (ret != ISC_R_SUCCESS)
 			goto failure;
 		secretlen = isc_buffer_usedlength(&secretbuf);
@@ -101,21 +112,15 @@ add_initial_keys(dns_c_kdeflist_t *list, dns_tsig_keyring_t *ring,
 		secret = NULL;
 		if (ret != ISC_R_SUCCESS)
 			goto failure;
-
-		key = ISC_LIST_NEXT(key, next);
-		continue;
-		
-	failure:
-		isc_log_write(ns_g_lctx,
-			      NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER,
-			      ISC_LOG_ERROR, "configuring TSIG key '%s': %s",
-			      key->keyid, isc_result_totext(ret));
-		ret = ISC_R_FAILURE;
-		goto cleanup;
 	}
+
 	return (ISC_R_SUCCESS);
 
- cleanup:
+ failure:
+	cfg_obj_log(key, ns_g_lctx, ISC_LOG_ERROR,
+		    "configuring TSIG key '%s': %s", keyid,
+		    isc_result_totext(ret));
+
 	if (secret != NULL)
 		isc_mem_put(mctx, secret, secretalloc);
 	return (ret);
@@ -123,33 +128,34 @@ add_initial_keys(dns_c_kdeflist_t *list, dns_tsig_keyring_t *ring,
 }
 
 isc_result_t
-ns_tsigkeyring_fromconfig(dns_c_view_t *confview, dns_c_ctx_t *confctx,
+ns_tsigkeyring_fromconfig(cfg_obj_t *config, cfg_obj_t *vconfig,
-			   isc_mem_t *mctx, dns_tsig_keyring_t **ringp)
+			  isc_mem_t *mctx, dns_tsig_keyring_t **ringp)
 {
-	dns_c_kdeflist_t *keylist;
+	cfg_obj_t *maps[3];
+	cfg_obj_t *keylist;
 	dns_tsig_keyring_t *ring = NULL;
 	isc_result_t result;
+	int i;
+
+	i = 0;
+	if (config != NULL)
+		maps[i++] = config;
+	if (vconfig != NULL)
+		maps[i++] = cfg_tuple_get(vconfig, "options");
+	maps[i] = NULL;
 
 	result = dns_tsigkeyring_create(mctx, &ring);
 	if (result != ISC_R_SUCCESS)
 		return (result);
 
-	keylist = NULL;
+	for (i = 0; ; i++) {
-	result = dns_c_ctx_getkdeflist(confctx, &keylist);
+		if (maps[i] == NULL)
-	if (result == ISC_R_SUCCESS)
+			break;
-		result = add_initial_keys(keylist, ring, mctx);
-	else if (result == ISC_R_NOTFOUND)
-		result = ISC_R_SUCCESS;
-	if (result != ISC_R_SUCCESS)
-		goto failure;
-
-	if (confview != NULL) {
 		keylist = NULL;
-		result = dns_c_view_getkeydefs(confview, &keylist);
+		result = cfg_map_get(maps[i], "key", &keylist);
-		if (result == ISC_R_SUCCESS)
+		if (result != ISC_R_SUCCESS)
-			result = add_initial_keys(keylist, ring, mctx);
+			continue;
-		else if (result == ISC_R_NOTFOUND)
+		result = add_initial_keys(keylist, ring, mctx);
-			result = ISC_R_SUCCESS;
 		if (result != ISC_R_SUCCESS)
 			goto failure;
 	}

bin/named/zoneconf.c

@@ -15,19 +15,24 @@
  * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: zoneconf.c,v 1.82 2001/02/24 00:58:52 bwelling Exp $ */
+/* $Id: zoneconf.c,v 1.83 2001/03/04 21:21:30 bwelling Exp $ */
 
 #include <config.h>
 
+#include <isc/buffer.h>
 #include <isc/mem.h>
 #include <isc/string.h>		/* Required for HP/UX (and others?) */
 #include <isc/util.h>
 
 #include <dns/acl.h>
+#include <dns/fixedname.h>
 #include <dns/log.h>
+#include <dns/name.h>
+#include <dns/rdatatype.h>
 #include <dns/ssu.h>
 #include <dns/zone.h>
 
+#include <named/config.h>
 #include <named/globals.h>
 #include <named/log.h>
 #include <named/zoneconf.h>
@@ -36,10 +41,6 @@
  * These are BIND9 server defaults, not necessarily identical to the
  * library defaults defined in zone.c.
  */
-#define MAX_XFER_TIME (2*3600)	/* Documented default is 2 hours. */
-#define DNS_DEFAULT_IDLEIN 3600		/* 1 hour */
-#define DNS_DEFAULT_IDLEOUT 3600	/* 1 hour */
-
 #define RETERR(x) do { \
 	isc_result_t _r = (x); \
 	if (_r != ISC_R_SUCCESS) \
@@ -50,64 +51,195 @@
  * Convenience function for configuring a single zone ACL.
  */
 static isc_result_t
-configure_zone_acl(dns_c_zone_t *czone, dns_c_ctx_t *cctx, dns_c_view_t *cview,
+configure_zone_acl(cfg_obj_t *zconfig, cfg_obj_t *vconfig, cfg_obj_t *config,
-		   ns_aclconfctx_t *aclconfctx, dns_zone_t *zone,
+		   const char *aclname, ns_aclconfctx_t *actx,
-		   isc_result_t (*getcacl)(dns_c_zone_t *,
+		   dns_zone_t *zone, 
-					   dns_c_ipmatchlist_t **),
-		   isc_result_t (*getviewcacl)(dns_c_view_t *
-					       , dns_c_ipmatchlist_t **),
-		   isc_result_t (*getglobalcacl)(dns_c_ctx_t *,
-						 dns_c_ipmatchlist_t **),
 		   void (*setzacl)(dns_zone_t *, dns_acl_t *),
 		   void (*clearzacl)(dns_zone_t *))
 {
 	isc_result_t result;
-	dns_c_ipmatchlist_t *cacl;
+	cfg_obj_t *maps[4];
+	cfg_obj_t *aclobj = NULL;
+	int i = 0;
 	dns_acl_t *dacl = NULL;
-	result = (*getcacl)(czone, &cacl);
+
-	if (result == ISC_R_NOTFOUND && getviewcacl != NULL && cview != NULL) {
+	if (zconfig != NULL)
-		result = (*getviewcacl)(cview, &cacl);
+		maps[i++] = cfg_tuple_get(zconfig, "options");
+	if (vconfig != NULL)
+		maps[i++] = cfg_tuple_get(vconfig, "options");
+	if (config != NULL) {
+		cfg_obj_t *options = NULL;
+		(void)cfg_map_get(config, "options", &options);
+		if (options != NULL)
+			maps[i++] = options;
 	}
-	if (result == ISC_R_NOTFOUND && getglobalcacl != NULL) {
+	maps[i] = NULL;
-		result = (*getglobalcacl)(cctx, &cacl);
+
-	}
+	result = ns_config_get(maps, aclname, &aclobj);
-	if (result == ISC_R_SUCCESS) {
+	if (aclobj == NULL) {
-		result = ns_acl_fromconfig(cacl, cctx, aclconfctx,
-					   dns_zone_getmctx(zone), &dacl);
-		dns_c_ipmatchlist_detach(&cacl);
-		if (result != ISC_R_SUCCESS)
-			return (result);
-		(*setzacl)(zone, dacl);
-		dns_acl_detach(&dacl);
-		return (ISC_R_SUCCESS);
-	} else if (result == ISC_R_NOTFOUND) {
 		(*clearzacl)(zone);
 		return (ISC_R_SUCCESS);
-	} else {
-		return (result);
 	}
+
+	result = ns_acl_fromconfig(aclobj, config, actx,
+				   dns_zone_getmctx(zone), &dacl);
+	if (result != ISC_R_SUCCESS)
+		return (result);
+	(*setzacl)(zone, dacl);
+	dns_acl_detach(&dacl);
+	return (ISC_R_SUCCESS);
 }
 
 /*
- * Conver a config file zone type into a server zone type.
+ * Parse the zone update-policy statement.
  */
-static dns_zonetype_t
+static isc_result_t
-zonetype_fromconf(dns_c_zonetype_t cztype) {
+configure_zone_ssutable(cfg_obj_t *zconfig, dns_zone_t *zone) {
-	switch (cztype) {
+	cfg_obj_t *updatepolicy = NULL;
-	case dns_c_zone_master:
+	cfg_listelt_t *element, *element2;
-		return dns_zone_master;
+	dns_ssutable_t *table = NULL;
-	case dns_c_zone_slave:
+	isc_mem_t *mctx = dns_zone_getmctx(zone);
-		return dns_zone_slave;
+	isc_result_t result;
-	case dns_c_zone_stub:
+
-		return dns_zone_stub;
+	(void)cfg_map_get(zconfig, "update-policy", &updatepolicy);
-	default:
+	if (updatepolicy == NULL)
-		/*
+		return (ISC_R_SUCCESS);
-		 * Hint and forward zones are not really zones;
+
-		 * they should never get this far.
+	result = dns_ssutable_create(mctx, &table);
-		 */
+	if (result != ISC_R_SUCCESS)
-		INSIST(0);
+		return (result);
-		return (dns_zone_none); /*NOTREACHED*/
+
+	for (element = cfg_list_first(updatepolicy);
+	     element != NULL;
+	     element = cfg_list_next(element))
+	{
+		cfg_obj_t *stmt = cfg_listelt_value(element);
+		cfg_obj_t *mode = cfg_tuple_get(stmt, "mode");
+		cfg_obj_t *identity = cfg_tuple_get(stmt, "identity");
+		cfg_obj_t *matchtype = cfg_tuple_get(stmt, "matchtype");
+		cfg_obj_t *dname = cfg_tuple_get(stmt, "name");
+		cfg_obj_t *typelist = cfg_tuple_get(stmt, "types");
+		char *str;
+		isc_boolean_t grant;
+		unsigned int mtype;
+		dns_fixedname_t fname, fident;
+		isc_buffer_t b;
+		dns_rdatatype_t *types;
+		unsigned int i, n;
+
+		str = cfg_obj_asstring(mode);
+		if (strcasecmp(str, "grant") == 0)
+			grant = ISC_TRUE;
+		else if (strcasecmp(str, "deny") == 0)
+			grant = ISC_FALSE;
+		else
+			INSIST(0);
+
+		str = cfg_obj_asstring(matchtype);
+		if (strcasecmp(str, "name") == 0)
+			mtype = DNS_SSUMATCHTYPE_NAME;
+		else if (strcasecmp(str, "subdomain") == 0)
+			mtype = DNS_SSUMATCHTYPE_SUBDOMAIN;
+		else if (strcasecmp(str, "wildcard") == 0)
+			mtype = DNS_SSUMATCHTYPE_WILDCARD;
+		else if (strcasecmp(str, "self") == 0)
+			mtype = DNS_SSUMATCHTYPE_SELF;
+		else
+			INSIST(0);
+
+		dns_fixedname_init(&fident);
+		str = cfg_obj_asstring(identity);
+		isc_buffer_init(&b, str, strlen(str));
+		isc_buffer_add(&b, strlen(str));
+		result = dns_name_fromtext(dns_fixedname_name(&fident), &b,
+					   dns_rootname, ISC_FALSE, NULL);
+		if (result != ISC_R_SUCCESS) {
+			cfg_obj_log(identity, ns_g_lctx, ISC_LOG_ERROR,
+				    "'%s' is not a valid name", str);
+			goto cleanup;
+		}
+
+		dns_fixedname_init(&fname);
+		str = cfg_obj_asstring(dname);
+		isc_buffer_init(&b, str, strlen(str));
+		isc_buffer_add(&b, strlen(str));
+		result = dns_name_fromtext(dns_fixedname_name(&fname), &b,
+					   dns_rootname, ISC_FALSE, NULL);
+		if (result != ISC_R_SUCCESS) {
+			cfg_obj_log(identity, ns_g_lctx, ISC_LOG_ERROR,
+				    "'%s' is not a valid name", str);
+			goto cleanup;
+		}
+
+		n = ns_config_listcount(typelist);
+		if (n == 0)
+			types = NULL;
+		else {
+			types = isc_mem_get(mctx, n * sizeof(dns_rdatatype_t));
+			if (types == NULL) {
+				result = ISC_R_NOMEMORY;
+				goto cleanup;
+			}
+		}
+
+		i = 0;
+		for (element2 = cfg_list_first(typelist);
+		     element2 != NULL;
+		     element2 = cfg_list_next(element2))
+		{
+			cfg_obj_t *typeobj;
+			isc_textregion_t r;
+
+			INSIST(i < n);
+
+			typeobj = cfg_listelt_value(element2);
+			str = cfg_obj_asstring(typeobj);
+			r.base = str;
+			r.length = strlen(str);
+
+			result = dns_rdatatype_fromtext(&types[i++], &r);
+			if (result != ISC_R_SUCCESS) {
+				cfg_obj_log(identity, ns_g_lctx, ISC_LOG_ERROR,
+					    "'%s' is not a valid type", str);
+				isc_mem_put(mctx, types,
+					    n * sizeof(dns_rdatatype_t));
+				goto cleanup;
+			}
+		}
+		INSIST(i == n);
+
+		result = dns_ssutable_addrule(table, grant,
+					      dns_fixedname_name(&fident),
+					      mtype,
+					      dns_fixedname_name(&fname),
+					      n, types);
+		if (types != NULL)
+			isc_mem_put(mctx, types, n * sizeof(dns_rdatatype_t));
+		if (result != ISC_R_SUCCESS) {
+			goto cleanup;
+		}
+
 	}
+
+	result = ISC_R_SUCCESS;
+	dns_zone_setssutable(zone, table);
+
+ cleanup:
+	dns_ssutable_detach(&table);
+	return (result);
+}
+
+/*
+ * Convert a config file zone type into a server zone type.
+ */
+static inline dns_zonetype_t
+zonetype_fromconfig(cfg_obj_t *map) {
+	cfg_obj_t *obj = NULL;
+	isc_result_t result;
+
+	result = cfg_map_get(map, "type", &obj);
+	INSIST(result == ISC_R_SUCCESS);
+	return (ns_config_getzonetype(obj));
 }
 
 /*
@@ -157,49 +289,61 @@ strtoargv(isc_mem_t *mctx, char *s, unsigned int *argcp, char ***argvp) {
 }
 
 isc_result_t
-ns_zone_configure(dns_c_ctx_t *cctx, dns_c_view_t *cview,
+ns_zone_configure(cfg_obj_t *config, cfg_obj_t *vconfig, cfg_obj_t *zconfig,
-		   dns_c_zone_t *czone, ns_aclconfctx_t *ac,
+		  ns_aclconfctx_t *ac, dns_zone_t *zone)
-		   dns_zone_t *zone)
 {
 	isc_result_t result;
+	char *zname;
+	dns_rdataclass_t zclass;
+	cfg_obj_t *maps[5];
+	cfg_obj_t *zoptions = NULL;
+	cfg_obj_t *options = NULL;
+	cfg_obj_t *obj;
 	const char *filename = NULL;
 	dns_notifytype_t notifytype;
-#ifdef notyet
+	isc_sockaddr_t *addrs;
-	dns_c_severity_t severity;
+	dns_name_t **keynames;
-#endif
+	isc_uint32_t count;
-	dns_c_iplist_t *iplist;
-	isc_sockaddr_t sockaddr;
-	isc_uint32_t uintval;
-	isc_sockaddr_t sockaddr_any4, sockaddr_any6;
-	dns_ssutable_t *ssutable = NULL;
 	char *cpval;
 	unsigned int dbargc;
 	char **dbargv;
 	static char default_dbtype[] = "rbt";
 	isc_mem_t *mctx = dns_zone_getmctx(zone);
 	dns_dialuptype_t dialup;
-	isc_boolean_t statistics;
+	dns_zonetype_t ztype;
-
+	int i;
-	isc_sockaddr_any(&sockaddr_any4);
-	isc_sockaddr_any6(&sockaddr_any6);
 
+	i = 0;
+	if (zconfig != NULL) {
+		zoptions = cfg_tuple_get(zconfig, "options");
+		maps[i++] = zoptions;
+	}
+	if (vconfig != NULL)
+		maps[i++] = cfg_tuple_get(vconfig, "options");
+	if (config != NULL) {
+		(void)cfg_map_get(config, "options", &options);
+		if (options != NULL)
+			maps[i++] = options;
+	}
+	maps[i++] = ns_g_defaults;
+	maps[i++] = NULL;
 	/*
 	 * Configure values common to all zone types.
 	 */
 
-	dns_zone_setclass(zone, czone->zclass);
+	zname = cfg_obj_asstring(cfg_tuple_get(zconfig, "name"));
 
-	dns_zone_settype(zone, zonetype_fromconf(czone->ztype));
+	RETERR(ns_config_getclass(cfg_tuple_get(zconfig, "class"), &zclass));
+	dns_zone_setclass(zone, zclass);
 
-	cpval = NULL;
+	ztype = zonetype_fromconfig(zoptions);
-	result = dns_c_zone_getdatabase(czone, &cpval);
+	dns_zone_settype(zone, ztype);
-#ifdef notyet
+
-	if (result != ISC_R_SUCCESS && cview != NULL)
+	obj = NULL;
-		result = dns_c_view_getdatabase(cview, &cpval);
+	result = cfg_map_get(zoptions, "database", &obj);
-	if (result != ISC_R_SUCCESS)
+	if (result == ISC_R_SUCCESS)
-		result = dns_c_ctx_getdatabase(cview, &cpval);
+		cpval = cfg_obj_asstring(obj);
-#endif
+	else
-	if (result != ISC_R_SUCCESS)
 		cpval = default_dbtype;
 	RETERR(strtoargv(mctx, cpval, &dbargc, &dbargv));
 	/*
@@ -210,141 +354,127 @@ ns_zone_configure(dns_c_ctx_t *cctx, dns_c_view_t *cview,
 	RETERR(dns_zone_setdbtype(zone, dbargc, (const char * const *)dbargv));
 	isc_mem_put(mctx, dbargv, dbargc * sizeof(*dbargv));
 
-	result = dns_c_zone_getfile(czone, &filename);
+	obj = NULL;
-	if (result != ISC_R_SUCCESS)
+	result = cfg_map_get(zoptions, "file", &obj);
-		filename = NULL;
+	if (result == ISC_R_SUCCESS)
+		filename = cfg_obj_asstring(obj);
 	RETERR(dns_zone_setfile(zone, filename));
 
-#ifdef notyet
+	if (ztype == dns_zone_slave)
-	result = dns_c_zone_getchecknames(czone, &severity);
+		RETERR(configure_zone_acl(zconfig, vconfig, config,
-	if (result == ISC_R_SUCCESS)
+					  "allow-notify", ac, zone,
-		dns_zone_setchecknames(zone, severity);
-	else
-		dns_zone_setchecknames(zone, dns_c_severity_warn);
-#endif
-
-	if (czone->ztype == dns_c_zone_slave)
-		RETERR(configure_zone_acl(czone, cctx, cview, ac, zone,
-					  dns_c_zone_getallownotify,
-					  dns_c_view_getallownotify,
-					  dns_c_ctx_getallownotify,
 					  dns_zone_setnotifyacl,
 					  dns_zone_clearnotifyacl));
 	/*
 	 * XXXAG This probably does not make sense for stubs.
 	 */
-	RETERR(configure_zone_acl(czone, cctx, cview, ac, zone,
+	RETERR(configure_zone_acl(zconfig, vconfig, config,
-				  dns_c_zone_getallowquery,
+				  "allow-query", ac, zone,
-				  dns_c_view_getallowquery,
-				  dns_c_ctx_getallowquery,
 				  dns_zone_setqueryacl,
 				  dns_zone_clearqueryacl));
 
-	result = dns_c_zone_getdialup(czone, &dialup);
+	obj = NULL;
-	if (result != ISC_R_SUCCESS && cview != NULL)
+	result = ns_config_get(maps, "dialup", &obj);
-		result = dns_c_view_getdialup(cview, &dialup);
+	INSIST(result == ISC_R_SUCCESS);
-	if (result != ISC_R_SUCCESS)
+	if (cfg_obj_isboolean(obj)) {
-		result = dns_c_ctx_getdialup(cctx, &dialup);
+		if (cfg_obj_asboolean(obj))
-	if (result != ISC_R_SUCCESS)
+			dialup = dns_dialuptype_yes;
-		dialup = dns_dialuptype_no;
+		else
+			dialup = dns_dialuptype_no;
+	} else {
+		char *dialupstr = cfg_obj_asstring(obj);
+		if (strcasecmp(dialupstr, "notify") == 0)
+			dialup = dns_dialuptype_notify;
+		else if (strcasecmp(dialupstr, "notify-passive") == 0)
+			dialup = dns_dialuptype_notifypassive;
+		else if (strcasecmp(dialupstr, "refresh") == 0)
+			dialup = dns_dialuptype_refresh;
+		else if (strcasecmp(dialupstr, "passive") == 0)
+			dialup = dns_dialuptype_passive;
+		else
+			INSIST(0);
+	}
 	dns_zone_setdialup(zone, dialup);
 
-	result = dns_c_zone_getstatistics(czone, &statistics);
+	obj = NULL;
-	if (result != ISC_R_SUCCESS && cview != NULL)
+	result = ns_config_get(maps, "zone-statistics", &obj);
-		result = dns_c_view_getstatistics(cview, &statistics);
+	INSIST(result == ISC_R_SUCCESS);
-	if (result != ISC_R_SUCCESS)
+	dns_zone_setstatistics(zone, cfg_obj_asboolean(obj));
-		result = dns_c_ctx_getstatistics(cctx, &statistics);
-	if (result != ISC_R_SUCCESS)
-		statistics = ISC_FALSE;
-	dns_zone_setstatistics(zone, statistics);
 
 	/*
 	 * Configure master functionality.  This applies
 	 * to primary masters (type "master") and slaves
 	 * acting as masters (type "slave"), but not to stubs.
 	 */
-	if (czone->ztype != dns_c_zone_stub) {
+	if (ztype != dns_zone_stub) {
-		result = dns_c_zone_getnotify(czone, &notifytype);
+		obj = NULL;
-		if (result != ISC_R_SUCCESS && cview != NULL)
+		result = ns_config_get(maps, "notify", &obj);
-			result = dns_c_view_getnotify(cview, &notifytype);
+		INSIST(result == ISC_R_SUCCESS);
-		if (result != ISC_R_SUCCESS)
+		if (cfg_obj_isboolean(obj)) {
-			result = dns_c_ctx_getnotify(cctx, &notifytype);
+			if (cfg_obj_asboolean(obj))
-		if (result != ISC_R_SUCCESS)
+				notifytype = dns_notifytype_yes;
-			notifytype = dns_notifytype_yes;
+			else
+				notifytype = dns_notifytype_no;
+		} else {
+			char *notifystr = cfg_obj_asstring(obj);
+			if (strcasecmp(notifystr, "explicit") == 0)
+				notifytype = dns_notifytype_explicit;
+			else
+				INSIST(0);
+		}
 		dns_zone_setnotifytype(zone, notifytype);
 
-		iplist = NULL;
+		obj = NULL;
-		result = dns_c_zone_getalsonotify(czone, &iplist);
+		result = ns_config_get(maps, "also-notify", &obj);
-		if (result != ISC_R_SUCCESS && cview != NULL)
-			result = dns_c_view_getalsonotify(cview, &iplist);
-		if (result != ISC_R_SUCCESS)
-			result = dns_c_ctx_getalsonotify(cctx, &iplist);
 		if (result == ISC_R_SUCCESS) {
-			result = dns_zone_setalsonotify(zone, iplist->ips,
+			isc_sockaddr_t *addrs = NULL;
-							iplist->nextidx);
+			isc_uint32_t addrcount;
-			dns_c_iplist_detach(&iplist);
+			result = ns_config_getiplist(config, obj, 0, mctx,
+						     &addrs, &addrcount);
+			if (result != ISC_R_SUCCESS)
+				return (result);
+			result = dns_zone_setalsonotify(zone, addrs,
+							addrcount);
+			ns_config_putiplist(mctx, &addrs, addrcount);
 			if (result != ISC_R_SUCCESS)
 				return (result);
 		} else
 			RETERR(dns_zone_setalsonotify(zone, NULL, 0));
 
-		result = dns_c_zone_getnotifysource(czone, &sockaddr);
+		obj = NULL;
-		if (result != ISC_R_SUCCESS && cview != NULL)
+		result = ns_config_get(maps, "notify-source", &obj);
-			result = dns_c_view_getnotifysource(cview, &sockaddr);
+		INSIST(result == ISC_R_SUCCESS);
-		if (result != ISC_R_SUCCESS)
+		dns_zone_setnotifysrc4(zone, cfg_obj_assockaddr(obj));
-			result = dns_c_ctx_getnotifysource(cctx, &sockaddr);
-		if (result != ISC_R_SUCCESS)
-			sockaddr = sockaddr_any4;
-		dns_zone_setnotifysrc4(zone, &sockaddr);
 
-		result = dns_c_zone_getnotifysourcev6(czone, &sockaddr);
+		obj = NULL;
-		if (result != ISC_R_SUCCESS && cview != NULL)
+		result = ns_config_get(maps, "notify-source-v6", &obj);
-			result = dns_c_view_getnotifysourcev6(cview, &sockaddr);
+		INSIST(result == ISC_R_SUCCESS);
-		if (result != ISC_R_SUCCESS)
+		dns_zone_setnotifysrc6(zone, cfg_obj_assockaddr(obj));
-			result = dns_c_ctx_getnotifysourcev6(cctx, &sockaddr);
-		if (result != ISC_R_SUCCESS)
-			sockaddr = sockaddr_any6;
-		dns_zone_setnotifysrc6(zone, &sockaddr);
 
-		RETERR(configure_zone_acl(czone, cctx, cview, ac, zone,
+		RETERR(configure_zone_acl(zconfig, vconfig, config,
-					  dns_c_zone_getallowtransfer,
+					  "allow-transfer", ac, zone,
-					  dns_c_view_gettransferacl,
-					  dns_c_ctx_getallowtransfer,
 					  dns_zone_setxfracl,
 					  dns_zone_clearxfracl));
 
-		result = dns_c_zone_getmaxtranstimeout(czone, &uintval);
+		obj = NULL;
-		if (result != ISC_R_SUCCESS && cview != NULL)
+		result = ns_config_get(maps, "max-transfer-time-out", &obj);
-			result = dns_c_view_getmaxtransfertimeout(cview,
+		INSIST(result == ISC_R_SUCCESS);
-								  &uintval);
+		dns_zone_setmaxxfrout(zone, cfg_obj_asuint32(obj));
-		if (result != ISC_R_SUCCESS)
-			result = dns_c_ctx_getmaxtransfertimeout(cctx,
-								 &uintval);
-		if (result != ISC_R_SUCCESS)
-			uintval = MAX_XFER_TIME;
-		dns_zone_setmaxxfrout(zone, uintval);
 
-		result = dns_c_zone_getmaxtransidleout(czone, &uintval);
+		obj = NULL;
-		if (result != ISC_R_SUCCESS && cview != NULL)
+		result = ns_config_get(maps, "max-transfer-idle-out", &obj);
-			result = dns_c_view_getmaxtransferidleout(cview,
+		INSIST(result == ISC_R_SUCCESS);
-								  &uintval);
+		dns_zone_setidleout(zone, cfg_obj_asuint32(obj));
-		if (result != ISC_R_SUCCESS)
-			result = dns_c_ctx_getmaxtransferidleout(cctx,
-								 &uintval);
-		if (result != ISC_R_SUCCESS)
-			uintval = DNS_DEFAULT_IDLEOUT;
-		dns_zone_setidleout(zone, uintval);
 	}
 
 	/*
 	 * Configure update-related options.  These apply to
 	 * primary masters only.
 	 */
-	if (czone->ztype == dns_c_zone_master) {
+	if (ztype == dns_zone_master) {
 		dns_acl_t *updateacl;
-		RETERR(configure_zone_acl(czone, cctx, NULL, ac, zone,
+		RETERR(configure_zone_acl(zconfig, NULL, config,
-					  dns_c_zone_getallowupd,
+					  "allow-update", ac, zone,
-					  NULL, NULL,
 					  dns_zone_setupdateacl,
 					  dns_zone_clearupdateacl));
 		
@@ -354,118 +484,82 @@ ns_zone_configure(dns_c_ctx_t *cctx, dns_c_view_t *cview,
 				      NS_LOGMODULE_SERVER, ISC_LOG_WARNING,
 				      "zone '%s' allows updates by IP "
 				      "address, which is insecure",
-				      czone->name);
+				      zname);
 		
-		result = dns_c_zone_getssuauth(czone, &ssutable);
+		RETERR(configure_zone_ssutable(zoptions, zone));
-		if (result == ISC_R_SUCCESS)
-			dns_zone_setssutable(zone, ssutable);
 
-		result = dns_c_zone_getsigvalidityinterval(czone, &uintval);
+		obj = NULL;
-		if (result != ISC_R_SUCCESS && cview != NULL)
+		result = ns_config_get(maps, "sig-validity-interval", &obj);
-			result = dns_c_view_getsigvalidityinterval(cview,
+		INSIST(result == ISC_R_SUCCESS);
-								  &uintval);
+		dns_zone_setsigvalidityinterval(zone, cfg_obj_asuint32(obj));
-		if (result != ISC_R_SUCCESS)
+	} else if (ztype == dns_zone_slave) {
-			result = dns_c_ctx_getsigvalidityinterval(cctx,
+		RETERR(configure_zone_acl(zconfig, NULL, config,
-								 &uintval);
+					  "allow-update-forwarding", ac, zone,
-		if (result != ISC_R_SUCCESS)
-			uintval = 30 * 24 * 3600;
-		dns_zone_setsigvalidityinterval(zone, uintval);
-	} else if (czone->ztype == dns_c_zone_slave) {
-		RETERR(configure_zone_acl(czone, cctx, NULL, ac, zone,
-					  dns_c_zone_getallowupdateforwarding,
-					  dns_c_view_getallowupdateforwarding,
-					  dns_c_ctx_getallowupdateforwarding,
 					  dns_zone_setforwardacl,
 					  dns_zone_clearforwardacl));
 	}
 
-	result = dns_c_zone_gettransfersource(czone, &sockaddr);
+	obj = NULL;
-	if (result != ISC_R_SUCCESS && cview != NULL)
+	result = ns_config_get(maps, "transfer-source", &obj);
-		result = dns_c_view_gettransfersource(cview, &sockaddr);
+	INSIST(result == ISC_R_SUCCESS);
-	if (result != ISC_R_SUCCESS)
+	dns_zone_setxfrsource4(zone, cfg_obj_assockaddr(obj));
-		result = dns_c_ctx_gettransfersource(cctx, &sockaddr);
-	if (result != ISC_R_SUCCESS)
-		sockaddr = sockaddr_any4;
-	dns_zone_setxfrsource4(zone, &sockaddr);
 
-	result = dns_c_zone_gettransfersourcev6(czone, &sockaddr);
+	obj = NULL;
-	if (result != ISC_R_SUCCESS && cview != NULL)
+	result = ns_config_get(maps, "transfer-source-v6", &obj);
-		result = dns_c_view_gettransfersourcev6(cview, &sockaddr);
+	INSIST(result == ISC_R_SUCCESS);
-	if (result != ISC_R_SUCCESS)
+	dns_zone_setxfrsource6(zone, cfg_obj_assockaddr(obj));
-		result = dns_c_ctx_gettransfersourcev6(cctx, &sockaddr);
-	if (result != ISC_R_SUCCESS)
-		sockaddr = sockaddr_any6;
-	dns_zone_setxfrsource6(zone, &sockaddr);
 
 	/*
 	 * Configure slave functionality.
 	 */
-	switch (czone->ztype) {
+	switch (ztype) {
-	case dns_c_zone_slave:
+	case dns_zone_slave:
-	case dns_c_zone_stub:
+	case dns_zone_stub:
-		iplist = NULL;
+		obj = NULL;
-		result = dns_c_zone_getmasterips(czone, &iplist);
+		result = cfg_map_get(zoptions, "masters", &obj);
-		if (result == ISC_R_SUCCESS) {
+		if (obj != NULL) {
-			result = dns_zone_setmasterswithkeys(zone,
+			addrs = NULL;
-							     iplist->ips,
+			keynames = NULL;
-							     iplist->keys,
+			RETERR(ns_config_getipandkeylist(config, obj, mctx,
-							     iplist->nextidx);
+							 &addrs, &keynames,
-			dns_c_iplist_detach(&iplist);
+							 &count));
+			result = dns_zone_setmasterswithkeys(zone, addrs,
+							     keynames, count);
+			ns_config_putipandkeylist(mctx, &addrs, &keynames,
+						  count);
 		} else
 			result = dns_zone_setmasters(zone, NULL, 0);
 		RETERR(result);
 
-		result = dns_c_zone_getmaxtranstimein(czone, &uintval);
+		obj = NULL;
-		if (result != ISC_R_SUCCESS)
+		result = ns_config_get(maps, "max-transfer-time-in", &obj);
-			result = dns_c_ctx_getmaxtransfertimein(cctx,
+		INSIST(result == ISC_R_SUCCESS);
-								&uintval);
+		dns_zone_setmaxxfrin(zone, cfg_obj_asuint32(obj));
-		if (result != ISC_R_SUCCESS)
-			uintval = MAX_XFER_TIME;
-		dns_zone_setmaxxfrin(zone, uintval);
 
-		result = dns_c_zone_getmaxtransidlein(czone, &uintval);
+		obj = NULL;
-		if (result != ISC_R_SUCCESS)
+		result = ns_config_get(maps, "max-transfer-idle-in", &obj);
-			result = dns_c_ctx_getmaxtransferidlein(cctx,
+		INSIST(result == ISC_R_SUCCESS);
-								&uintval);
+		dns_zone_setidlein(zone, cfg_obj_asuint32(obj));
-		if (result != ISC_R_SUCCESS)
-			uintval = DNS_DEFAULT_IDLEIN;
-		dns_zone_setidlein(zone, uintval);
 
-		result = dns_c_zone_getmaxrefreshtime(czone, &uintval);
+		obj = NULL;
-		if (result != ISC_R_SUCCESS && cview != NULL)
+		result = ns_config_get(maps, "max-refresh-time", &obj);
-			result = dns_c_view_getmaxrefreshtime(cview, &uintval);
+		INSIST(result == ISC_R_SUCCESS);
-		if (result != ISC_R_SUCCESS)
+		dns_zone_setmaxrefreshtime(zone, cfg_obj_asuint32(obj));
-			result = dns_c_ctx_getmaxrefreshtime(cctx, &uintval);
-		if (result != ISC_R_SUCCESS)
-			uintval = DNS_ZONE_MAXREFRESH;
-		dns_zone_setmaxrefreshtime(zone, uintval);
 
-		result = dns_c_zone_getminrefreshtime(czone, &uintval);
+		obj = NULL;
-		if (result != ISC_R_SUCCESS && cview != NULL)
+		result = ns_config_get(maps, "min-refresh-time", &obj);
-			result = dns_c_view_getminrefreshtime(cview, &uintval);
+		INSIST(result == ISC_R_SUCCESS);
-		if (result != ISC_R_SUCCESS)
+		dns_zone_setminrefreshtime(zone, cfg_obj_asuint32(obj));
-			result = dns_c_ctx_getminrefreshtime(cctx, &uintval);
-		if (result != ISC_R_SUCCESS)
-			uintval = DNS_ZONE_MINREFRESH;
-		dns_zone_setminrefreshtime(zone, uintval);
 
-		result = dns_c_zone_getmaxretrytime(czone, &uintval);
+		obj = NULL;
-		if (result != ISC_R_SUCCESS && cview != NULL)
+		result = ns_config_get(maps, "max-retry-time", &obj);
-			result = dns_c_view_getmaxretrytime(cview, &uintval);
+		INSIST(result == ISC_R_SUCCESS);
-		if (result != ISC_R_SUCCESS)
+		dns_zone_setmaxretrytime(zone, cfg_obj_asuint32(obj));
-			result = dns_c_ctx_getmaxretrytime(cctx, &uintval);
-		if (result != ISC_R_SUCCESS)
-			uintval = DNS_ZONE_MAXRETRY;
-		dns_zone_setmaxretrytime(zone, uintval);
 
-		result = dns_c_zone_getminretrytime(czone, &uintval);
+		obj = NULL;
-		if (result != ISC_R_SUCCESS && cview != NULL)
+		result = ns_config_get(maps, "min-retry-time", &obj);
-			result = dns_c_view_getminretrytime(cview, &uintval);
+		INSIST(result == ISC_R_SUCCESS);
-		if (result != ISC_R_SUCCESS)
+		dns_zone_setminretrytime(zone, cfg_obj_asuint32(obj));
-			result = dns_c_ctx_getminretrytime(cctx, &uintval);
-		if (result != ISC_R_SUCCESS)
-			uintval = DNS_ZONE_MINRETRY;
-		dns_zone_setminretrytime(zone, uintval);
 
 		break;
 
@@ -477,15 +571,23 @@ ns_zone_configure(dns_c_ctx_t *cctx, dns_c_view_t *cview,
 }
 
 isc_boolean_t
-ns_zone_reusable(dns_zone_t *zone, dns_c_zone_t *czone) {
+ns_zone_reusable(dns_zone_t *zone, cfg_obj_t *zconfig) {
+	cfg_obj_t *zoptions = NULL;
+	cfg_obj_t *obj = NULL;
 	const char *cfilename;
 	const char *zfilename;
 
-	if (zonetype_fromconf(czone->ztype) != dns_zone_gettype(zone))
+	zoptions = cfg_tuple_get(zconfig, "options");
+
+	if (zonetype_fromconfig(zoptions) != dns_zone_gettype(zone))
 		return (ISC_FALSE);
 
-	cfilename = NULL;
+	obj = NULL;
-	(void) dns_c_zone_getfile(czone, &cfilename);
+	(void)cfg_map_get(zoptions, "file", &obj);
+	if (obj != NULL)
+		cfilename = cfg_obj_asstring(obj);
+	else
+		cfilename = NULL;
 	zfilename = dns_zone_getfile(zone);
 	if (cfilename == NULL || zfilename == NULL ||
 	    strcmp(cfilename, zfilename) != 0)
@@ -493,22 +595,3 @@ ns_zone_reusable(dns_zone_t *zone, dns_c_zone_t *czone) {
 
 	return (ISC_TRUE);
 }
-
-isc_result_t
-ns_zonemgr_configure(dns_c_ctx_t *cctx, dns_zonemgr_t *zmgr) {
-	isc_uint32_t val;
-	isc_result_t result;
-
-	result = dns_c_ctx_gettransfersin(cctx, &val);
-	if (result != ISC_R_SUCCESS)
-		val = 10;
-	dns_zonemgr_settransfersin(zmgr, val);
-
-	result = dns_c_ctx_gettransfersperns(cctx, &val);
-	if (result != ISC_R_SUCCESS)
-		val = 2;
-	dns_zonemgr_settransfersperns(zmgr, val);
-
-	return (ISC_R_SUCCESS);
-}
-

util/copyrights

@@ -41,8 +41,10 @@
 ./bin/named/Makefile.in				MAKE	1998,1999,2000,2001
 ./bin/named/aclconf.c				C	1999,2000,2001
 ./bin/named/client.c				C	1999,2000,2001
+./bin/named/config.c				C	2001
 ./bin/named/include/named/aclconf.h		C	1999,2000,2001
 ./bin/named/include/named/client.h		C	1999,2000,2001
+./bin/named/include/named/config.h		C	2001
 ./bin/named/include/named/globals.h		C	1999,2000,2001
 ./bin/named/include/named/interfacemgr.h	C	1999,2000,2001
 ./bin/named/include/named/listenlist.h		C	2000,2001