mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-09-04 08:35:31 +00:00
Code Issues Releases Wiki Activity

[master] store "addzone" zone config in a NZD database

Browse Source 
4421.	[func]		When built with LMDB (Lightning Memory-mapped
			Database), named will now use a database to store
			the configuration for zones added by "rndc addzone"
			instead of using a flat NZF file. This improves
			performance of "rndc delzone" and "rndc modzone"
			significantly. Existing NZF files will
			automatically by converted to NZD databases.
			To view the contents of an NZD or to roll back to
			NZF format, use "named-nzd2nzf". To disable
                        this feature, use "configure --without-lmdb".
                        [RT #39837]
This commit is contained in:
Evan Hunt
2016-07-21 11:13:03 -07:00
parent e7e7efe901
commit eca74c52c1
37 changed files with 2319 additions and 382 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
CHANGES
View File

@@ -1,3 +1,15 @@
4421. [func] When built with LMDB (Lightning Memory-mapped
Database), named will now use a database to store
the configuration for zones added by "rndc addzone"
instead of using a flat NZF file. This improves
performance of "rndc delzone" and "rndc modzone"
significantly. Existing NZF files will
automatically by converted to NZD databases.
To view the contents of an NZD or to roll back to
NZF format, use "named-nzd2nzf". To disable
this feature, use "configure --without-lmdb".
[RT #39837]
4420. [func] nslookup now looks for AAAA as well as A by default.
[RT #40420]

2
bin/Makefile.in
View File

@@ -11,7 +11,7 @@ VPATH = @srcdir@
top_srcdir = @top_srcdir@
SUBDIRS = named rndc dig delv dnssec tools tests nsupdate \
check confgen @PYTHON_TOOLS@ @PKCS11_TOOLS@
check confgen @NZD_TOOLS@ @PYTHON_TOOLS@ @PKCS11_TOOLS@
TARGETS =
@BIND9_MAKE_RULES@

1
bin/named/include/named/server.h
View File

@@ -27,6 +27,7 @@
#define NS_EVENTCLASS ISC_EVENTCLASS(0x4E43)
#define NS_EVENT_RELOAD (NS_EVENTCLASS + 0)
#define NS_EVENT_CLIENTCONTROL (NS_EVENTCLASS + 1)
#define NS_EVENT_DELZONE (NS_EVENTCLASS + 2)
/*%
* Name server state. Better here than in lots of separate global variables.

1476
bin/named/server.c
View File

File diff suppressed because it is too large Load Diff

2
bin/tests/system/addzone/clean.sh
View File

@@ -13,6 +13,8 @@ rm -f rndc.out*
rm -f ns2/named.conf
rm -f */named.memstats
rm -f ns2/*.nzf
rm -f ns2/*.nzf~
rm -f ns2/*.nzd ns2/*.nzd-lock
rm -f ns2/core*
rm -f ns2/inline.db.jbk
rm -f ns2/inline.db.signed

45
bin/tests/system/addzone/tests.sh
View File

@@ -22,6 +22,8 @@ n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
# When LMDB support is compiled in, this tests that migration from
# NZF to NZD occurs during named startup
echo "I:checking previously added zone ($n)"
ret=0
$DIG $DIGOPTS @10.53.0.2 a.previous.example a > dig.out.ns2.$n || ret=1
@@ -31,6 +33,14 @@ n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
if [ -n "$NZD" ]; then
echo "I:checking that existing NZF file was renamed after migration ($n)"
[ -e ns2/3bf305731dd26307.nzf~ ] || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
fi
echo "I:adding new zone ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'added.example { type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /'
@@ -90,13 +100,15 @@ n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
echo "I:verifying no comments in nzf file ($n)"
if [ -z "$NZD" ]; then
echo "I:verifying no comments in NZF file ($n)"
ret=0
hcount=`grep "^# New zone file for view: _default" ns2/3bf305731dd26307.nzf | wc -l`
[ $hcount -eq 0 ] || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
fi
echo "I:checking rndc showzone with previously added zone ($n)"
ret=0
@@ -117,15 +129,17 @@ n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
echo "I:checking nzf file now has comment ($n)"
if [ -z "$NZD" ]; then
echo "I:checking NZF file now has comment ($n)"
ret=0
hcount=`grep "^# New zone file for view: _default" ns2/3bf305731dd26307.nzf | wc -l`
[ $hcount -eq 1 ] || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
fi
echo "I:deleting newly added zone ($n)"
echo "I:deleting newly added zone added.example ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 delzone added.example 2>&1 | sed 's/^/I:ns2 /'
$DIG $DIGOPTS @10.53.0.2 a.added.example a > dig.out.ns2.$n
@@ -302,15 +316,26 @@ n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
echo "I:checking new nzf file has comment ($n)"
if [ -z "$NZD" ]; then
echo "I:checking new NZF file has comment ($n)"
ret=0
hcount=`grep "^# New zone file for view: external" ns2/external.nzf | wc -l`
[ $hcount -eq 1 ] || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
fi
echo "I:checking rndc reload causes named to reload the external view's NZF file ($n)"
if [ -n "$NZD" ]; then
echo "I:verifying added.example in external view created an external.nzd DB ($n)"
ret=0
[ -e ns2/external.nzd ] || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
fi
echo "I:checking rndc reload causes named to reload the external view's new zone config ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /'
$DIG +norec $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.int.$n || ret=1
@@ -323,10 +348,20 @@ if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
echo "I:checking rndc showzone with newly added zone ($n)"
# loop because showzone may complain if zones are still being
# loaded from the NZDB at this point.
for try in 0 1 2 3 4 5; do
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 showzone added.example in external > rndc.out.ns2.$n
if [ -z "$NZD" ]; then
expected='zone "added.example" in external { type master; file "added.db"; };'
else
expected='zone "added.example" { type master; file "added.db"; };'
fi
[ "`cat rndc.out.ns2.$n`" = "$expected" ] || ret=1
[ $ret -eq 0 ] && break
sleep 1
done
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`

3
bin/tests/system/autosign/clean.sh
View File

@@ -50,3 +50,6 @@ rm -f ns3/ttl*.db
rm -f nsupdate.out
rm -f signing.out.*
rm -f settime.out.*
rm -f ns3/*.nzd ns3/*.nzf
rm -f digcomp.out.test*
rm -f ns*/named.lock

4
bin/tests/system/autosign/tests.sh
View File

@@ -1141,13 +1141,11 @@ status=`expr $status + $ret`
echo "I:test turning on auto-dnssec during reconfig ($n)"
ret=0
# first create a zone that doesn't have auto-dnssec
rm -f ns3/*.nzf
$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 addzone reconf.example '{ type master; file "reconf.example.db"; };' 2>&1 | sed 's/^/I:ns3 /'
rekey_calls=`grep "zone reconf.example.*next key event" ns3/named.run | wc -l`
[ "$rekey_calls" -eq 0 ] || ret=1
# ...then we add auto-dnssec and reconfigure
nzf=`ls ns3/*.nzf`
echo 'zone reconf.example { type master; file "reconf.example.db"; allow-update { any; }; auto-dnssec maintain; };' > $nzf
$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 modzone reconf.example '{ type master; file "reconf.example.db"; allow-update { any; }; auto-dnssec maintain; };' 2>&1 | sed 's/^/I:ns3 /'
$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 reconfig 2>&1 | sed 's/^/I:ns3 /'
for i in 0 1 2 3 4 5 6 7 8 9; do
lret=0

8
bin/tests/system/conf.sh.in
View File

@@ -52,6 +52,7 @@ GENRANDOM=$TOP/bin/tools/genrandom
NSLOOKUP=$TOP/bin/dig/nslookup
DNSTAPREAD="$TOP/bin/tools/dnstap-read"
MDIG="$TOP/bin/tools/mdig"
NZD2NZF="$TOP/bin/tools/named-nzd2nzf"
RANDFILE=$TOP/bin/tests/system/random.data
@@ -64,7 +65,11 @@ SUBDIRS="acl additional allow_query addzone autosign builtin
dname dns64 dnssec dsdigest dscp @DNSTAP@ dyndb ecdsa ednscompliance
emptyzones fetchlimit filter-aaaa formerr forward geoip glue gost
ixfr inline @KEYMGR@ legacy limits logfileconfig lwresd masterfile
masterformat metadata mkeys names notify nslookup nsupdate
masterformat metadata mkeys names notify nslookup nsupdate nzf2nzd
dname dns64 dnssec dsdigest dscp ecdsa ednscompliance
emptyzones filter-aaaa formerr forward geoip glue gost
ixfr inline legacy limits logfileconfig lwresd masterfile
masterformat metadata mkeys notify nslookup nsupdate nzf2nzd
pending pipelined @PKCS11_TEST@ reclimit redirect resolver rndc
rpz rpzrecurse rrl rrchecker rrsetorder rsabigexponent
runtime sfcache smartsign sortlist spf staticstub statistics
@@ -110,6 +115,7 @@ CHECK_DSA=@CHECK_DSA@
XMLSTATS=@XMLSTATS@
JSONSTATS=@JSONSTATS@
ZLIB=@ZLIB@
NZD=@NZD_TOOLS@
. ${TOP}/version

27
bin/tests/system/delzone/clean.sh Normal file
View File

@@ -0,0 +1,27 @@
#!/bin/sh
#
# Copyright (C) 2010, 2012-2015 Internet Systems Consortium, Inc. ("ISC")
#
# Permission to use, copy, modify, and/or distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
rm -f dig.out.*
rm -f rndc.out*
rm -f */named.memstats
rm -f ns2/*.nzf
rm -f ns2/*.nzd ns2/*nzd-lock
rm -f ns2/core*
rm -f ns2/inline.db.jbk
rm -f ns2/inline.db.signed
rm -f ns2/inlineslave.bk*
rm -f ns*/named.lock
rm -f ns2/nzf-*

29
bin/tests/system/delzone/ns1/inlineslave.db Normal file
View File

@@ -0,0 +1,29 @@
; Copyright (C) 2013 Internet Systems Consortium, Inc. ("ISC")
;
; Permission to use, copy, modify, and/or distribute this software for any
; purpose with or without fee is hereby granted, provided that the above
; copyright notice and this permission notice appear in all copies.
;
; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
; PERFORMANCE OF THIS SOFTWARE.
$ORIGIN inlineslave.example.
$TTL 300 ; 5 minutes
@ IN SOA mname1. . (
1 ; serial
20 ; refresh (20 seconds)
20 ; retry (20 seconds)
1814400 ; expire (3 weeks)
3600 ; minimum (1 hour)
)
NS ns2
ns2 A 10.53.0.2
MX 10 mail
a A 10.0.0.1
mail A 10.0.0.2

36
bin/tests/system/delzone/ns1/named.conf Normal file
View File

@@ -0,0 +1,36 @@
/*
* Copyright (C) 2013 Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
controls { /* empty */ };
options {
port 5300;
pid-file "named.pid";
listen-on { 10.53.0.1; };
listen-on-v6 { none; };
allow-query { any; };
recursion no;
};
zone "." {
type hint;
file "../../common/root.hint";
};
zone "inlineslave.example" {
type master;
file "inlineslave.db";
};

29
bin/tests/system/delzone/ns2/added.db Normal file
View File

@@ -0,0 +1,29 @@
; Copyright (C) 2010, 2013 Internet Systems Consortium, Inc. ("ISC")
;
; Permission to use, copy, modify, and/or distribute this software for any
; purpose with or without fee is hereby granted, provided that the above
; copyright notice and this permission notice appear in all copies.
;
; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
; PERFORMANCE OF THIS SOFTWARE.
;$ORIGIN added.example.
$TTL 300 ; 5 minutes
@ IN SOA mname1. . (
1 ; serial
20 ; refresh (20 seconds)
20 ; retry (20 seconds)
1814400 ; expire (3 weeks)
3600 ; minimum (1 hour)
)
NS ns2
ns2 A 10.53.0.2
MX 10 mail
a A 10.0.0.1
mail A 10.0.0.2

1
bin/tests/system/delzone/ns2/named.args Normal file
View File

@@ -0,0 +1 @@
-D ns2 -X named.lock -m record,size,mctx -T clienttest -c named.conf -g -U 4

37
bin/tests/system/delzone/ns2/named.conf Normal file
View File

@@ -0,0 +1,37 @@
/*
* Copyright (C) 2015 Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
options {
port 5300;
pid-file "named.pid";
listen-on { 10.53.0.2; };
listen-on-v6 { none; };
allow-query { any; };
recursion no;
allow-new-zones yes;
};
include "../../common/controls.conf";
zone "." {
type hint;
file "../../common/root.hint";
};
zone "normal.example" {
type master;
file "normal.db";
};

29
bin/tests/system/delzone/ns2/normal.db Normal file
View File

@@ -0,0 +1,29 @@
; Copyright (C) 2010 Internet Systems Consortium, Inc. ("ISC")
;
; Permission to use, copy, modify, and/or distribute this software for any
; purpose with or without fee is hereby granted, provided that the above
; copyright notice and this permission notice appear in all copies.
;
; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
; PERFORMANCE OF THIS SOFTWARE.
$ORIGIN normal.example.
$TTL 300 ; 5 minutes
@ IN SOA mname1. . (
1 ; serial
20 ; refresh (20 seconds)
20 ; retry (20 seconds)
1814400 ; expire (3 weeks)
3600 ; minimum (1 hour)
)
NS ns2
ns2 A 10.53.0.2
MX 10 mail
a A 10.0.0.1
mail A 10.0.0.2

20
bin/tests/system/delzone/setup.sh Normal file
View File

@@ -0,0 +1,20 @@
#!/bin/sh
#
# Copyright (C) 2010, 2012-2014 Internet Systems Consortium, Inc. ("ISC")
#
# Permission to use, copy, modify, and/or distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
$SHELL clean.sh

68
bin/tests/system/delzone/tests.sh Executable file
View File

@@ -0,0 +1,68 @@
#!/bin/sh
#
# Copyright (C) 2010-2015 Internet Systems Consortium, Inc. ("ISC")
#
# Permission to use, copy, modify, and/or distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
DIGOPTS="+tcp +nosea +nostat +nocmd +norec +noques +noauth +noadd +nostats +dnssec -p 5300"
status=0
n=0
echo "I:checking normally loaded zone ($n)"
ret=0
$DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1
grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1
grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
if [ -x "$PYTHON" ]; then
echo "I:adding and deleting 20000 new zones ($n)"
ret=0
time (
echo "I:adding"
$PYTHON << EOF
import sys
sys.path.insert(0, '../../../../bin/python')
from isc import rndc
r = rndc(('10.53.0.2', 9953), 'hmac-sha256', '1234abcd8765')
for i in range(20000):
res = r.call('addzone z%d.example { type master; file "added.db"; };' % i)
if 'text' in res:
print ('I:n2:' + res['text'])
EOF
)
time (
echo "I:deleting"
$PYTHON << EOF
import sys
sys.path.insert(0, '../../../../bin/python')
from isc import rndc
r = rndc(('10.53.0.2', 9953), 'hmac-sha256', '1234abcd8765')
for i in range(20000):
res = r.call('delzone z%d.example' % i)
if 'text' in res:
print ('I:n2:' + res['text'])
EOF
)
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
fi
echo "I:exit status: $status"
exit $status

2
bin/tests/system/inline/clean.sh
View File

@@ -73,7 +73,7 @@ rm -f dig.out.ns*
rm -f signing.out*
rm -f freeze.test*
rm -f thaw.test*
rm -f */*.nzf
rm -f */*.nzd */*.nzf
rm -f ns3/test-?.bk
rm -f ns3/test-?.bk.signed
rm -f ns3/test-?.bk.signed.jnl

21
bin/tests/system/nzd2nzf/clean.sh Normal file
View File

@@ -0,0 +1,21 @@
#!/bin/sh
#
# Copyright (C) 2010, 2012-2016 Internet Systems Consortium, Inc. ("ISC")
#
# Permission to use, copy, modify, and/or distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
rm -f dig.out.*
rm -f rndc.out*
rm -f */named.memstats
rm -f ns*/*.nzf
rm -f ns*/*.nzd ns*/*.nzd-lock

29
bin/tests/system/nzd2nzf/ns1/added.db Normal file
View File

@@ -0,0 +1,29 @@
; Copyright (C) 2010, 2013 Internet Systems Consortium, Inc. ("ISC")
;
; Permission to use, copy, modify, and/or distribute this software for any
; purpose with or without fee is hereby granted, provided that the above
; copyright notice and this permission notice appear in all copies.
;
; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
; PERFORMANCE OF THIS SOFTWARE.
;$ORIGIN added.example.
$TTL 300 ; 5 minutes
@ IN SOA mname1. . (
1 ; serial
20 ; refresh (20 seconds)
20 ; retry (20 seconds)
1814400 ; expire (3 weeks)
3600 ; minimum (1 hour)
)
NS ns2
ns2 A 10.53.0.2
MX 10 mail
a A 10.0.0.1
mail A 10.0.0.2

34
bin/tests/system/nzd2nzf/ns1/named.conf Normal file
View File

@@ -0,0 +1,34 @@
/*
* Copyright (C) 2016 Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
options {
port 5300;
pid-file "named.pid";
listen-on { 10.53.0.1; };
listen-on-v6 { none; };
allow-query { any; };
recursion no;
allow-new-zones yes;
};
key rndc_key {
secret "1234abcd8765";
algorithm hmac-sha256;
};
controls {
inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; };
};

23
bin/tests/system/nzd2nzf/prereq.sh Normal file
View File

@@ -0,0 +1,23 @@
# Copyright (C) 2016 Internet Systems Consortium, Inc. ("ISC")
#
# Permission to use, copy, modify, and/or distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
if [ -z "$NZD" ]; then
echo "I:This test requires LMBD support (--with-lmdb)"
exit 255
fi
exit 0

20
bin/tests/system/nzd2nzf/setup.sh Normal file
View File

@@ -0,0 +1,20 @@
#!/bin/sh
#
# Copyright (C) 2016 Internet Systems Consortium, Inc. ("ISC")
#
# Permission to use, copy, modify, and/or distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
$SHELL clean.sh

73
bin/tests/system/nzd2nzf/tests.sh Normal file
View File

@@ -0,0 +1,73 @@
# Copyright (C) 2016 Internet Systems Consortium, Inc. ("ISC")
#
# Permission to use, copy, modify, and/or distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
status=0
n=0
n=`expr $n + 1`
echo "I:querying for non-existing zone data ($n)"
ret=0
$DIG $DIGOPTS @10.53.0.1 -p 5300 a.added.example a > dig.out.ns1.$n || ret=1
grep 'status: REFUSED' dig.out.ns1.$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:adding a new zone into default NZD using rndc addzone ($n)"
$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 addzone "added.example { type master; file \"added.db\"; };" 2>&1 | sed 's/^/I:ns1 /';
sleep 2
n=`expr $n + 1`
echo "I:querying for existing zone data ($n)"
ret=0
$DIG $DIGOPTS @10.53.0.1 -p 5300 a.added.example a > dig.out.ns1.$n || ret=1
grep 'status: NOERROR' dig.out.ns1.$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
echo "I:stopping ns1"
$PERL $SYSTEMTESTTOP/stop.pl . ns1
n=`expr $n + 1`
echo "I:dumping _default.nzd to _default.nzf ($n)"
$NZD2NZF ns1/_default.nzd > ns1/_default.nzf || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:checking that _default.nzf contains the expected content ($n)"
grep 'zone added.example { type master; file "added.db"; };' ns1/_default.nzf > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
echo "I:deleting _default.nzd database"
rm -f ns1/_default.nzd
echo "I:starting ns1 which should migrate the .nzf to .nzd"
$PERL $SYSTEMTESTTOP/start.pl --noclean --restart . ns1
n=`expr $n + 1`
echo "I:querying for zone data from migrated zone config ($n)"
ret=0
$DIG $DIGOPTS @10.53.0.1 -p 5300 a.added.example a > dig.out.ns1.$n || ret=1
grep 'status: NOERROR' dig.out.ns1.$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
echo "I:exit status: $status"
exit $status

1
bin/tools/.gitignore vendored
View File

@@ -4,5 +4,6 @@ genrandom
isc-hmac-fixup
mdig
named-journalprint
named-nzd2nzf
named-rrchecker
nsec3hash

26
bin/tools/Makefile.in
View File

@@ -37,23 +37,28 @@ NOSYMLIBS = ${ISCNOSYMLIBS} @LIBS@
SUBDIRS =
DNSTAPTARGETS = dnstap-read@EXEEXT@
NZDTARGETS = named-nzd2nzf@EXEEXT@
TARGETS = arpaname@EXEEXT@ named-journalprint@EXEEXT@ \
named-rrchecker@EXEEXT@ nsec3hash@EXEEXT@ \
genrandom@EXEEXT@ isc-hmac-fixup@EXEEXT@ mdig@EXEEXT@ \
@DNSTAPTARGETS@
@DNSTAPTARGETS@ @NZDTARGETS@
DNSTAPSRCS = dnstap-read.c
NZDSRCS = named-nzd2nzf.c
SRCS = arpaname.c named-journalprint.c named-rrchecker.c \
nsec3hash.c genrandom.c isc-hmac-fixup.c mdig.c \
@DNSTAPSRCS@
@DNSTAPSRCS@ @NZDSRCS@
DNSTAPMAN = dnstap-read.1
NZDMAN = named-nzd2nzf.8
MANPAGES = arpaname.1 named-journalprint.8 named-rrchecker.1 nsec3hash.8 \
genrandom.8 isc-hmac-fixup.8 mdig.1 @DNSTAPMAN@
genrandom.8 isc-hmac-fixup.8 mdig.1 @DNSTAPMAN@ @NZDMAN@
DNSTAPHTML = dnstap-read.html
NZDHTML = named-nzd2nzf.html
HTMLPAGES = arpaname.html named-journalprint.html named-rrchecker.html \
nsec3hash.html genrandom.html isc-hmac-fixup.html \
mdig.html @DNSTAPHTML@
mdig.html @DNSTAPHTML@ @NZDHTML@
MANOBJS = ${MANPAGES} ${HTMLPAGES}
@BIND9_MAKE_RULES@
@@ -94,6 +99,10 @@ mdig@EXEEXT@: mdig.@O@ ${ISCDEPLIBS} ${DNSDEPLIBS} ${BIND9DEPLIBS}
dnstap-read@EXEEXT@: dnstap-read.@O@ ${ISCDEPLIBS} ${DNSDEPLIBS}
export BASEOBJS="dnstap-read.@O@"; \
export LIBS0="${DNSLIBS}"; \
named-nzd2nzf@EXEEXT@: named-nzd2nzf.@O@ ${NZDDEPLIBS}
export BASEOBJS="named-nzd2nzf.@O@"; \
export LIBS0="${ISCCFGLIBS} ${ISCCCLIBS} ${BIND9LIBS} ${DNSLIBS}"; \
${FINALBUILDCMD}
doc man:: ${MANOBJS}
@@ -106,17 +115,23 @@ installdirs:
$(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${mandir}/man1
$(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${mandir}/man8
nzd:
${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} named-nzd2nzf@EXEEXT@ \
${DESTDIR}${sbindir}
dnstap:
${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} dnstap-read@EXEEXT@ \
${DESTDIR}${sbindir}
install:: ${TARGETS} @DNSTAP@ installdirs
install:: ${TARGETS} @DNSTAP@ @NZD_TOOLS@ installdirs
${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} arpaname@EXEEXT@ \
${DESTDIR}${sbindir}
${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} named-journalprint@EXEEXT@ \
${DESTDIR}${sbindir}
${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} named-rrchecker@EXEEXT@ \
${DESTDIR}${sbindir}
${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} named-nzd2nzf@EXEEXT@ \
${DESTDIR}${sbindir}
${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} nsec3hash@EXEEXT@ \
${DESTDIR}${sbindir}
${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} genrandom@EXEEXT@ \
@@ -129,6 +144,7 @@ install:: ${TARGETS} @DNSTAP@ installdirs
${INSTALL_DATA} ${srcdir}/isc-hmac-fixup.8 ${DESTDIR}${mandir}/man8
${INSTALL_DATA} ${srcdir}/named-journalprint.8 ${DESTDIR}${mandir}/man8
${INSTALL_DATA} ${srcdir}/named-rrchecker.1 ${DESTDIR}${mandir}/man1
${INSTALL_DATA} ${srcdir}/named-nzd2nzf.8 ${DESTDIR}${mandir}/man8
${INSTALL_DATA} ${srcdir}/nsec3hash.8 ${DESTDIR}${mandir}/man8
${INSTALL_DATA} ${srcdir}/genrandom.8 ${DESTDIR}${mandir}/man8
${INSTALL_DATA} ${srcdir}/mdig.1 ${DESTDIR}${mandir}/man1

0
bin/tools/named-nzd2nzf.8 Normal file
View File

100
bin/tools/named-nzd2nzf.c Normal file
View File

@@ -0,0 +1,100 @@
/*
* Copyright (C) 2016 Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
#include "config.h"
#ifndef HAVE_LMDB
#error This program requires the LMDBlibrary.
#endif
#include <stdio.h>
#include <stdlib.h>
#include <lmdb.h>
int
main (int argc, char *argv[]) {
int status;
const char *path;
MDB_env *env = NULL;
MDB_txn *txn = NULL;
MDB_cursor *cursor = NULL;
MDB_dbi dbi;
MDB_val key, data;
if (argc != 2) {
fprintf(stderr, "Usage: named-nzd2nzf <nzd-path>\n");
exit(1);
}
path = argv[1];
status = mdb_env_create(&env);
if (status != 0) {
fprintf(stderr, "named-nzd2nzf: mdb_env_create: %s",
mdb_strerror(status));
exit(1);
}
status = mdb_env_open(env, path,
MDB_RDONLY|MDB_NOTLS|MDB_NOSUBDIR, 0600);
if (status != 0) {
fprintf(stderr, "named-nzd2nzf: mdb_env_open: %s",
mdb_strerror(status));
exit(1);
}
status = mdb_txn_begin(env, 0, MDB_RDONLY, &txn);
if (status != 0) {
fprintf(stderr, "named-nzd2nzf: mdb_txn_begin: %s",
mdb_strerror(status));
exit(1);
}
status = mdb_dbi_open(txn, NULL, 0, &dbi);
if (status != 0) {
fprintf(stderr, "named-nzd2nzf: mdb_dbi_open: %s",
mdb_strerror(status));
exit(1);
}
status = mdb_cursor_open(txn, dbi, &cursor);
if (status != 0) {
fprintf(stderr, "named-nzd2nzf: mdb_cursor_open: %s",
mdb_strerror(status));
exit(1);
}
while (mdb_cursor_get(cursor, &key, &data, MDB_NEXT) == 0) {
if (key.mv_data == NULL || key.mv_size == 0 ||
data.mv_data == NULL || data.mv_size == 0)
{
fprintf(stderr,
"named-nzd2nzf: empty column found in "
"database '%s'", path);
exit(1);
}
/* zone zonename { config; }; */
printf("zone \"%.*s\" %.*s;\n",
(int) key.mv_size, (char *) key.mv_data,
(int) data.mv_size, (char *) data.mv_data);
}
mdb_cursor_close(cursor);
mdb_txn_abort(txn);
mdb_env_close(env);
exit(0);
}

97
bin/tools/named-nzd2nzf.docbook Normal file
View File

@@ -0,0 +1,97 @@
<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"
[<!ENTITY mdash "&#8212;">]>
<!--
- Copyright (C) 2009, 2014, 2016 Internet Systems Consortium, Inc. ("ISC")
-
- Permission to use, copy, modify, and/or distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<refentry id="man.named-nzd2nzf">
<refentryinfo>
<date>May 5, 2016</date>
</refentryinfo>
<refmeta>
<refentrytitle><application>named-nzd2nzf</application></refentrytitle>
<manvolnum>8</manvolnum>
<refmiscinfo>BIND9</refmiscinfo>
</refmeta>
<refnamediv>
<refname><application>named-nzd2nzf</application></refname>
<refpurpose>
Convert an NZD database to NZF text format
</refpurpose>
</refnamediv>
<docinfo>
<copyright>
<year>2016</year>
<holder>Internet Systems Consortium, Inc. ("ISC")</holder>
</copyright>
</docinfo>
<refsynopsisdiv>
<cmdsynopsis>
<command>named-nzd2nzf</command>
<arg choice="req">filename</arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1>
<title>DESCRIPTION</title>
<para>
<command>named-nzd2nzf</command> converts an NZD database to NZF
format and prints it to standard output. This can be used to
review the configuration of zones that were added to
<command>named</command> via <command>rndc addzone</command>.
It can also be used to restore the old file format
when rolling back from a newer version
of BIND to an older version.
</para>
</refsect1>
<refsect1>
<title>ARGUMENTS</title>
<variablelist>
<varlistentry>
<term>filename</term>
<listitem>
<para>
The name of the <filename>.nzd</filename> file whose contents
should be printed.
</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>SEE ALSO</title>
<para>
<citetitle>BIND 9 Administrator Reference Manual</citetitle>,
</para>
</refsect1>
<refsect1>
<title>AUTHOR</title>
<para><corpauthor>Internet Systems Consortium</corpauthor>
</para>
</refsect1>
</refentry><!--
- Local variables:
- mode: sgml
- End:
-->

0
bin/tools/named-nzd2nzf.html Normal file
View File

3
config.h.in
View File

@@ -326,6 +326,9 @@ int sigwait(const unsigned int *set, int *sig);
/* Define to 1 if you have the <linux/types.h> header file. */
#undef HAVE_LINUX_TYPES_H
/* Define if lmdb was found */
#undef HAVE_LMDB
/* Define to 1 if you have the <locale.h> header file. */
#undef HAVE_LOCALE_H

156
configure vendored
View File

@@ -814,6 +814,11 @@ MKDEPCC
ZLIB
JSONSTATS
XMLSTATS
NZDHTML
NZDMAN
NZDTARGETS
NZDSRCS
NZD_TOOLS
PKCS11_TEST
PKCS11_GOST
PKCS11_ECDSA
@@ -1013,6 +1018,7 @@ with_aes
enable_openssl_hash
with_cc_alg
enable_openssl_version_check
with_lmdb
with_libxml2
with_libjson
with_zlib
@@ -1742,6 +1748,7 @@ Optional Packages:
--with-gost Crypto GOST yes|no|raw|asn1.
--with-aes Crypto AES
--with-cc-alg=ALG choose the algorithm for Client Cookie [aes|sha1|sha256]
--with-lmdb=PATH build with LMDB library yes|no|path
--with-libxml2=PATH build with libxml2 library yes|no|path
--with-libjson=PATH build with libjson0 library yes|no|path
--with-zlib=PATH build with zlib for HTTP compression [default=yes]
@@ -16712,6 +16719,145 @@ if test "$have_clock_gt" = "rt"; then
LIBS="-lrt $LIBS"
fi
#
# was --with-lmdb specified?
#
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for lmdb library" >&5
$as_echo_n "checking for lmdb library... " >&6; }
# Check whether --with-lmdb was given.
if test "${with_lmdb+set}" = set; then :
withval=$with_lmdb; use_lmdb="$withval"
else
use_lmdb="auto"
fi
have_lmdb=""
case "$use_lmdb" in
no)
lmdb_libs=""
;;
auto|yes)
for d in /usr /usr/local /opt/local
do
if test -f "${d}/include/lmdb.h"
then
if test ${d} != /usr
then
lmdb_cflags="-I ${d}/include"
LIBS="$LIBS -L${d}/lib"
fi
have_lmdb="yes"
fi
done
;;
*)
if test -f "${use_lmdb}/include/lmdb.h"
then
lmdb_cflags="-I${use_lmdb}/include"
LIBS="$LIBS -L${use_lmdb}/lib"
have_lmdb="yes"
else
as_fn_error $? "$use_lmdb/include/lmdb.h not found." "$LINENO" 5
fi
;;
esac
if test "X${have_lmdb}" != "X"
then
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
$as_echo "yes" >&6; }
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing mdb_env_create" >&5
$as_echo_n "checking for library containing mdb_env_create... " >&6; }
if ${ac_cv_search_mdb_env_create+:} false; then :
$as_echo_n "(cached) " >&6
else
ac_func_search_save_LIBS=$LIBS
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
/* Override any GCC internal prototype to avoid an error.
Use char because int might match the return type of a GCC
builtin and then its argument prototype would still apply. */
#ifdef __cplusplus
extern "C"
#endif
char mdb_env_create ();
int
main ()
{
return mdb_env_create ();
;
return 0;
}
_ACEOF
for ac_lib in '' lmdb; do
if test -z "$ac_lib"; then
ac_res="none required"
else
ac_res=-l$ac_lib
LIBS="-l$ac_lib $ac_func_search_save_LIBS"
fi
if ac_fn_c_try_link "$LINENO"; then :
ac_cv_search_mdb_env_create=$ac_res
fi
rm -f core conftest.err conftest.$ac_objext \
conftest$ac_exeext
if ${ac_cv_search_mdb_env_create+:} false; then :
break
fi
done
if ${ac_cv_search_mdb_env_create+:} false; then :
else
ac_cv_search_mdb_env_create=no
fi
rm conftest.$ac_ext
LIBS=$ac_func_search_save_LIBS
fi
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_mdb_env_create" >&5
$as_echo "$ac_cv_search_mdb_env_create" >&6; }
ac_res=$ac_cv_search_mdb_env_create
if test "$ac_res" != no; then :
test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
else
as_fn_error $? "found lmdb include but not library." "$LINENO" 5
have_lmdb=""
fi
elif test "X$use_lmdb" = Xyes
then
as_fn_error $? "include/lmdb.h not found." "$LINENO" 5
else
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
fi
NZD_TOOLS=""
NZDSRCS=
NZDTARGETS=
NZDMAN=
NZDHTML=
if test "X${have_lmdb}" != "X"
then
CFLAGS="$CFLAGS $lmdb_cflags"
$as_echo "#define HAVE_LMDB 1" >>confdefs.h
NZD_TOOLS="nzd"
NZDSRCS='${NZDSRCS}'
NZDTARGETS='${NZDTARGETS}'
NZDMAN='${NZDMAN}'
NZDHTML='${NZDHTML}'
fi
#
# was --with-libxml2 specified?
#
@@ -25381,9 +25527,9 @@ if test "${enable_full_report+set}" = set; then :
fi
echo "========================================================================"
echo "==============================================================================="
echo "Configuration summary:"
echo "------------------------------------------------------------------------"
echo "-------------------------------------------------------------------------------"
echo "Optional features enabled:"
if $use_threads; then
echo " Multiprocessing support (--enable-threads)"
@@ -25410,6 +25556,7 @@ if test "$enable_full_report" = "yes"; then
test "X$XMLSTATS" = "X" || echo " XML statistics (--with-libxml2)"
test "X$JSONSTATS" = "X" || echo " JSON statistics (--with-libjson)"
test "X$ZLIB" = "X" || echo " HTTP zlib compression (--with-zlib)"
test "X$NZD_TOOLS" = "X" || echo " LMDB database to store configuration for 'addzone' zones (--with-lmdb)"
fi
if test "$use_pkcs11" != "no"; then
@@ -25501,6 +25648,7 @@ test "X$PYTHON" = "X" && echo " Python tools (--with-python)"
test "X$XMLSTATS" = "X" && echo " XML statistics (--with-libxml2)"
test "X$JSONSTATS" = "X" && echo " JSON statistics (--with-libjson)"
test "X$ZLIB" = "X" && echo " HTTP zlib compression (--with-zlib)"
test "X$NZD_TOOLS" = "X" && echo " LMDB database to store configuration for 'addzone' zones (--with-lmdb)"
if test "X$ac_unrecognized_opts" != "X"; then
echo
@@ -25508,10 +25656,10 @@ if test "X$ac_unrecognized_opts" != "X"; then
echo " $ac_unrecognized_opts"
fi
if test "$enable_full_report" != "yes"; then
echo "------------------------------------------------------------------------"
echo "-------------------------------------------------------------------------------"
echo "For more detail, use --enable-full-report."
fi
echo "========================================================================"
echo "==============================================================================="
if test "X$CRYPTO" = "X"; then
cat << \EOF

83
configure.in
View File

@@ -2145,6 +2145,79 @@ if test "$have_clock_gt" = "rt"; then
LIBS="-lrt $LIBS"
fi
#
# was --with-lmdb specified?
#
AC_MSG_CHECKING(for lmdb library)
AC_ARG_WITH(lmdb,
[ --with-lmdb[=PATH] build with LMDB library [yes|no|path]],
use_lmdb="$withval", use_lmdb="auto")
have_lmdb=""
case "$use_lmdb" in
no)
lmdb_libs=""
;;
auto|yes)
for d in /usr /usr/local /opt/local
do
if test -f "${d}/include/lmdb.h"
then
if test ${d} != /usr
then
lmdb_cflags="-I ${d}/include"
LIBS="$LIBS -L${d}/lib"
fi
have_lmdb="yes"
fi
done
;;
*)
if test -f "${use_lmdb}/include/lmdb.h"
then
lmdb_cflags="-I${use_lmdb}/include"
LIBS="$LIBS -L${use_lmdb}/lib"
have_lmdb="yes"
else
AC_MSG_ERROR([$use_lmdb/include/lmdb.h not found.])
fi
;;
esac
if test "X${have_lmdb}" != "X"
then
AC_MSG_RESULT(yes)
AC_SEARCH_LIBS([mdb_env_create], [lmdb], [],
[AC_MSG_ERROR([found lmdb include but not library.])
have_lmdb=""])
elif test "X$use_lmdb" = Xyes
then
AC_MSG_ERROR([include/lmdb.h not found.])
else
AC_MSG_RESULT(no)
fi
NZD_TOOLS=""
NZDSRCS=
NZDTARGETS=
NZDMAN=
NZDHTML=
if test "X${have_lmdb}" != "X"
then
CFLAGS="$CFLAGS $lmdb_cflags"
AC_DEFINE(HAVE_LMDB, 1, [Define if lmdb was found])
NZD_TOOLS="nzd"
NZDSRCS='${NZDSRCS}'
NZDTARGETS='${NZDTARGETS}'
NZDMAN='${NZDMAN}'
NZDHTML='${NZDHTML}'
fi
AC_SUBST(NZD_TOOLS)
AC_SUBST(NZDSRCS)
AC_SUBST(NZDTARGETS)
AC_SUBST(NZDMAN)
AC_SUBST(NZDHTML)
#
# was --with-libxml2 specified?
#
@@ -5120,9 +5193,9 @@ esac
AC_ARG_ENABLE(full-report,
[ --enable-full-report report values of all configure options])
echo "========================================================================"
echo "==============================================================================="
echo "Configuration summary:"
echo "------------------------------------------------------------------------"
echo "-------------------------------------------------------------------------------"
echo "Optional features enabled:"
if $use_threads; then
echo " Multiprocessing support (--enable-threads)"
@@ -5149,6 +5222,7 @@ if test "$enable_full_report" = "yes"; then
test "X$XMLSTATS" = "X" || echo " XML statistics (--with-libxml2)"
test "X$JSONSTATS" = "X" || echo " JSON statistics (--with-libjson)"
test "X$ZLIB" = "X" || echo " HTTP zlib compression (--with-zlib)"
test "X$NZD_TOOLS" = "X" || echo " LMDB database to store configuration for 'addzone' zones (--with-lmdb)"
fi
if test "$use_pkcs11" != "no"; then
@@ -5240,6 +5314,7 @@ test "X$PYTHON" = "X" && echo " Python tools (--with-python)"
test "X$XMLSTATS" = "X" && echo " XML statistics (--with-libxml2)"
test "X$JSONSTATS" = "X" && echo " JSON statistics (--with-libjson)"
test "X$ZLIB" = "X" && echo " HTTP zlib compression (--with-zlib)"
test "X$NZD_TOOLS" = "X" && echo " LMDB database to store configuration for 'addzone' zones (--with-lmdb)"
if test "X$ac_unrecognized_opts" != "X"; then
echo
@@ -5247,10 +5322,10 @@ if test "X$ac_unrecognized_opts" != "X"; then
echo " $ac_unrecognized_opts"
fi
if test "$enable_full_report" != "yes"; then
echo "------------------------------------------------------------------------"
echo "-------------------------------------------------------------------------------"
echo "For more detail, use --enable-full-report."
fi
echo "========================================================================"
echo "==============================================================================="
if test "X$CRYPTO" = "X"; then
cat << \EOF

29
doc/arm/notes.xml
View File

@@ -115,7 +115,8 @@
</listitem>
<listitem>
<para>
Added rndc python module.
Added an <command>isc.rndc</command> Python module, which allows
<command>rndc</command> commands to be sent from Python programs.
</para>
</listitem>
<listitem>
@@ -469,6 +470,32 @@
configuration for a specified zone.
</para>
</listitem>
<listitem>
<para>
When BIND is built with the <command>lmdb</command> library
(Lightning Memory-Mapped Database), <command>named</command>
will store the configuration information for zones
that are added via <command>rndc addzone</command>
in a database, rather than in a flat "NZF" file. This
dramatically improves performance for
<command>rndc delzone</command> and
<command>rndc modzone</command>: deleting or changing
the contents of a database is much faster than rewriting
a text file.
</para>
<para>
On startup, if <command>named</command> finds an existing
NZF file, it will automatically convert it to the new NZD
database format.
</para>
<para>
To view the contents of an NZD, or to convert an
NZD back to an NZF file (for example, to revert back
to an earlier version of BIND which did not support the
NZD format), use the new command <command>named-nzd2nzf</command>
[RT #39837]
</para>
</listitem>
<listitem>
<para>
Added server-side support for pipelined TCP queries. Clients

13
lib/dns/include/dns/view.h
View File

@@ -197,8 +197,8 @@ struct dns_view {
dns_zone_t * managed_keys;
dns_zone_t * redirect;
dns_name_t * redirectzone; /* points to
redirectfixed
when valid */
* redirectfixed
* when valid */
dns_fixedname_t redirectfixed;
/*
@@ -209,8 +209,11 @@ struct dns_view {
* named implements.
*/
char * new_zone_file;
char * new_zone_db;
void * new_zone_dbenv;
void * new_zone_config;
void (*cfg_destroy)(void **);
isc_mutex_t new_zone_lock;
unsigned char secret[32]; /* Client secret */
unsigned int v6bias;
@@ -1206,7 +1209,7 @@ dns_view_untrust(dns_view_t *view, dns_name_t *keyname,
* \li 'dnskey' is valid.
*/
void
isc_result_t
dns_view_setnewzones(dns_view_t *view, isc_boolean_t allow, void *cfgctx,
void (*cfg_destroy)(void **));
/*%<
@@ -1225,6 +1228,10 @@ dns_view_setnewzones(dns_view_t *view, isc_boolean_t allow, void *cfgctx,
*
* Requires:
* \li 'view' is valid.
*
* Returns:
* \li ISC_R_SUCCESS
* \li ISC_R_NOSPACE
*/
void

96
lib/dns/view.c
View File

@@ -10,6 +10,10 @@
#include <config.h>
#ifdef HAVE_LMDB
#include <lmdb.h>
#endif
#include <isc/file.h>
#include <isc/hash.h>
#include <isc/lex.h>
@@ -230,8 +234,11 @@ dns_view_create(isc_mem_t *mctx, dns_rdataclass_t rdclass,
view->sendcookie = ISC_TRUE;
view->requireservercookie = ISC_FALSE;
view->new_zone_file = NULL;
view->new_zone_db = NULL;
view->new_zone_dbenv = NULL;
view->new_zone_config = NULL;
view->cfg_destroy = NULL;
isc_mutex_init(&view->new_zone_lock);
view->fail_ttl = 0;
view->failcache = NULL;
view->v6bias = 0;
@@ -493,9 +500,22 @@ destroy(dns_view_t *view) {
dns_dt_detach(&view->dtenv);
#endif /* HAVE_DNSTAP */
dns_view_setnewzones(view, ISC_FALSE, NULL, NULL);
if (view->new_zone_file != NULL) {
isc_mem_free(view->mctx, view->new_zone_file);
view->new_zone_file = NULL;
}
#ifdef HAVE_LMDB
if (view->new_zone_dbenv != NULL)
mdb_env_close((MDB_env *) view->new_zone_dbenv);
if (view->new_zone_db != NULL) {
isc_mem_free(view->mctx, view->new_zone_db);
view->new_zone_db = NULL;
}
#endif /* HAVE_LMDB */
dns_fwdtable_destroy(&view->fwdtable);
dns_aclenv_destroy(&view->aclenv);
dns_badcache_destroy(&view->failcache);
DESTROYLOCK(&view->new_zone_lock);
DESTROYLOCK(&view->lock);
isc_refcount_destroy(&view->references);
isc_mem_free(view->mctx, view->nta_file);
@@ -1955,10 +1975,17 @@ dns_view_untrust(dns_view_t *view, dns_name_t *keyname,
dst_key_free(&key);
}
void
isc_result_t
dns_view_setnewzones(dns_view_t *view, isc_boolean_t allow, void *cfgctx,
void (*cfg_destroy)(void **))
{
isc_result_t result;
char buffer[1024];
#ifdef HAVE_LMDB
MDB_env *env = NULL;
int status;
#endif
REQUIRE(DNS_VIEW_VALID(view));
REQUIRE((cfgctx != NULL && cfg_destroy != NULL) || !allow);
@@ -1967,24 +1994,79 @@ dns_view_setnewzones(dns_view_t *view, isc_boolean_t allow, void *cfgctx,
view->new_zone_file = NULL;
}
#ifdef HAVE_LMDB
if (view->new_zone_dbenv != NULL) {
mdb_env_close((MDB_env *) view->new_zone_dbenv);
view->new_zone_dbenv = NULL;
}
if (view->new_zone_db != NULL) {
isc_mem_free(view->mctx, view->new_zone_db);
view->new_zone_db = NULL;
}
#endif /* HAVE_LMDB */
if (view->new_zone_config != NULL) {
view->cfg_destroy(&view->new_zone_config);
view->cfg_destroy = NULL;
}
if (allow) {
isc_result_t result;
char buffer[1024];
if (!allow)
return (ISC_R_SUCCESS);
result = isc_file_sanitize(NULL, view->name, "nzf",
buffer, sizeof(buffer));
if (result == ISC_R_SUCCESS) {
view->new_zone_file = isc_mem_strdup(view->mctx,
buffer);
if (result != ISC_R_SUCCESS)
goto out;
view->new_zone_file = isc_mem_strdup(view->mctx, buffer);
#ifdef HAVE_LMDB
result = isc_file_sanitize(NULL, view->name, "nzd",
buffer, sizeof(buffer));
if (result != ISC_R_SUCCESS)
goto out;
view->new_zone_db = isc_mem_strdup(view->mctx, buffer);
status = mdb_env_create(&env);
if (status != 0) {
result = ISC_R_FAILURE;
goto out;
}
status = mdb_env_open(env, view->new_zone_db,
MDB_NOSUBDIR|MDB_CREATE, 0600);
if (status != 0) {
result = ISC_R_FAILURE;
goto out;
}
view->new_zone_dbenv = env;
env = NULL;
#endif /* HAVE_LMDB */
view->new_zone_config = cfgctx;
view->cfg_destroy = cfg_destroy;
out:
if (result != ISC_R_SUCCESS) {
if (view->new_zone_file != NULL) {
isc_mem_free(view->mctx, view->new_zone_file);
view->new_zone_file = NULL;
}
#ifdef HAVE_LMDB
if (view->new_zone_db != NULL) {
isc_mem_free(view->mctx, view->new_zone_db);
view->new_zone_db = NULL;
}
if (env != NULL)
mdb_env_close(env);
#endif /* HAVE_LMDB */
view->new_zone_config = NULL;
view->cfg_destroy = NULL;
}
return (result);
}
isc_result_t