2936. [func] Improved configuration syntax and multiple-view

support for addzone/delzone feature (see change #2930). Removed "new-zone-file" option, replaced with "allow-new-zones (yes|no)". The new-zone-file for each view is now created automatically, with a filename generated from a hash of the view name. It is no longer necessary to "include" the new-zone-file in named.conf; this happens automatically. Zones that were not added via "rndc addzone" can no longer be removed with "rndc delzone". [RT #19447]
2025-08-31 06:25:31 +00:00 · 2010-08-11 18:14:20 +00:00
parent 7d7cdecee6
commit cfd262045c
29 changed files with 894 additions and 365 deletions
--- a/lib/dns/view.c
+++ b/lib/dns/view.c
@@ -15,13 +15,14 @@
 * PERFORMANCE OF THIS SOFTWARE.
 */

-/* $Id: view.c,v 1.166 2010/07/11 00:12:57 each Exp $ */
+/* $Id: view.c,v 1.167 2010/08/11 18:14:19 each Exp $ */

 /*! \file */

 #include <config.h>

 #include <isc/hash.h>
+#include <isc/sha2.h>
 #include <isc/stats.h>
 #include <isc/string.h>		/* Required for HP/UX (and others?) */
 #include <isc/task.h>
@@ -183,8 +184,11 @@ dns_view_create(isc_mem_t *mctx, dns_rdataclass_t rdclass,
 	view->v4_aaaa_acl = NULL;
 	dns_fixedname_init(&view->dlv_fixed);
 	view->managed_keys = NULL;
-
 #ifdef BIND9
+	view->new_zone_file = NULL;
+	view->new_zone_config = NULL;
+	view->cfg_destroy = NULL;
+
 	result = dns_order_create(view->mctx, &view->order);
 	if (result != ISC_R_SUCCESS)
 		goto cleanup_dynkeys;
@@ -366,6 +370,7 @@ destroy(dns_view_t *view) {
 #ifdef BIND9
 	if (view->managed_keys != NULL)
 		dns_zone_detach(&view->managed_keys);
+	dns_view_setnewzones(view, ISC_FALSE, NULL, NULL);
 #endif
 	dns_fwdtable_destroy(&view->fwdtable);
 	dns_aclenv_destroy(&view->aclenv);
@@ -1620,3 +1625,39 @@ dns_view_untrust(dns_view_t *view, dns_name_t *keyname,
 	dst_key_free(&key);
 }

+#define NZF ".nzf"
+
+void
+dns_view_setnewzones(dns_view_t *view, isc_boolean_t allow, void *cfgctx,
+		     void (*cfg_destroy)(void **))
+{
+	REQUIRE(DNS_VIEW_VALID(view));
+	REQUIRE((cfgctx != NULL && cfg_destroy != NULL) || !allow);
+
+#ifdef BIND9
+	if (allow) {
+		char buffer[ISC_SHA256_DIGESTSTRINGLENGTH + sizeof(NZF)];
+		isc_sha256_data((void *)view->name, strlen(view->name), buffer);
+		/* Truncate the hash at 16 chars; full length is overkill */
+		isc_string_printf(buffer + 16, sizeof(NZF), "%s", NZF);
+		view->new_zone_file = isc_mem_strdup(view->mctx, buffer);
+		view->new_zone_config = cfgctx;
+		view->cfg_destroy = cfg_destroy;
+	} else {
+		if (view->new_zone_file != NULL) {
+			isc_mem_free(view->mctx, view->new_zone_file);
+			view->new_zone_file = NULL;
+		}
+
+		if (view->new_zone_config != NULL) {
+			view->cfg_destroy(&view->new_zone_config);
+			view->cfg_destroy = NULL;
+		}
+	}
+#else
+	UNUSED(allow);
+	UNUSED(parser);
+	UNUSED(cfgctx);
+	UNUSED(cfg_destroy);
+#endif
+}