From fe46d5bc3413a0599e5cd03c56d23ac0a8c03d18 Mon Sep 17 00:00:00 2001 From: Evan Hunt Date: Tue, 11 Jun 2019 18:36:52 -0700 Subject: [PATCH] add HAVE_GEOIP2 #ifdef branches, without implementing yet --- bin/named/geoip.c | 27 ++--- bin/named/include/named/globals.h | 2 +- bin/named/server.c | 27 ++--- bin/tests/system/feature-test.c | 8 ++ lib/dns/acl.c | 10 +- lib/dns/include/dns/acl.h | 16 +-- lib/dns/include/dns/geoip.h | 36 +++---- lib/dns/tests/acl_test.c | 16 +-- lib/dns/tests/geoip_test.c | 22 +++- lib/isccfg/aclconf.c | 150 ++++++++++++++++++---------- lib/isccfg/include/isccfg/aclconf.h | 4 +- lib/isccfg/namedconf.c | 2 +- lib/isccfg/parser.c | 10 +- lib/ns/interfacemgr.c | 2 +- 14 files changed, 195 insertions(+), 137 deletions(-) diff --git a/bin/named/geoip.c b/bin/named/geoip.c index 1316febabd..6731c3432d 100644 --- a/bin/named/geoip.c +++ b/bin/named/geoip.c @@ -24,7 +24,7 @@ static dns_geoip_databases_t geoip_table = { }; static void -init_geoip_db(GeoIP **dbp, GeoIPDBTypes edition, GeoIPDBTypes fallback, +init_geoip_db(void **dbp, GeoIPDBTypes edition, GeoIPDBTypes fallback, GeoIPOptions method, const char *name) { char *info; @@ -32,7 +32,7 @@ init_geoip_db(GeoIP **dbp, GeoIPDBTypes edition, GeoIPDBTypes fallback, REQUIRE(dbp != NULL); - db = *dbp; + db = (GeoIP *)*dbp; if (db != NULL) { GeoIP_delete(db); @@ -79,23 +79,22 @@ init_geoip_db(GeoIP **dbp, GeoIPDBTypes edition, GeoIPDBTypes fallback, void named_geoip_init(void) { -#ifndef HAVE_GEOIP - return; -#else +#if defined(HAVE_GEOIP2) + /* TODO GEOIP2 */ +#elif defined(HAVE_GEOIP) GeoIP_cleanup(); if (named_g_geoip == NULL) named_g_geoip = &geoip_table; +#else + return; #endif } void named_geoip_load(char *dir) { -#ifndef HAVE_GEOIP - - UNUSED(dir); - - return; -#else +#if defined(HAVE_GEOIP2) + /* TODO GEOIP2 */ +#elif defined(HAVE_GEOIP) GeoIPOptions method; #ifdef _WIN32 @@ -139,5 +138,9 @@ named_geoip_load(char *dir) { method, "Domain"); init_geoip_db(&named_g_geoip->netspeed, GEOIP_NETSPEED_EDITION, 0, method, "NetSpeed"); -#endif /* HAVE_GEOIP */ +#else + UNUSED(dir); + + return; +#endif } diff --git a/bin/named/include/named/globals.h b/bin/named/include/named/globals.h index b8e356b055..49e75a1523 100644 --- a/bin/named/include/named/globals.h +++ b/bin/named/include/named/globals.h @@ -154,7 +154,7 @@ EXTERN bool named_g_keepstderr INIT(false); EXTERN unsigned int named_g_tat_interval INIT(24*3600); -#ifdef HAVE_GEOIP +#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) EXTERN dns_geoip_databases_t *named_g_geoip INIT(NULL); #endif diff --git a/bin/named/server.c b/bin/named/server.c index febe8a4b18..feae71c80e 100644 --- a/bin/named/server.c +++ b/bin/named/server.c @@ -105,9 +105,9 @@ #include #include -#ifdef HAVE_GEOIP +#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) #include -#endif /* HAVE_GEOIP */ +#endif /* HAVE_GEOIP || HAVE_GEOIP2 */ #include #include #include @@ -8261,7 +8261,7 @@ load_configuration(const char *filename, named_server_t *server, } isc_socketmgr_setreserved(named_g_socketmgr, reserved); -#ifdef HAVE_GEOIP +#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) /* * Initialize GeoIP databases from the configured location. * This should happen before configuring any ACLs, so that we @@ -8278,7 +8278,7 @@ load_configuration(const char *filename, named_server_t *server, named_geoip_load(NULL); } named_g_aclconfctx->geoip = named_g_geoip; -#endif /* HAVE_GEOIP */ +#endif /* HAVE_GEOIP || HAVE_GEOIP2 */ /* * Configure various server options. @@ -9491,25 +9491,18 @@ run_server(isc_task_t *task, isc_event_t *event) { dns_dispatchmgr_setstats(named_g_dispatchmgr, server->resolverstats); -#ifdef HAVE_GEOIP CHECKFATAL(ns_interfacemgr_create(named_g_mctx, server->sctx, named_g_taskmgr, named_g_timermgr, named_g_socketmgr, named_g_dispatchmgr, server->task, named_g_udpdisp, +#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) named_g_geoip, - &server->interfacemgr), - "creating interface manager"); #else - CHECKFATAL(ns_interfacemgr_create(named_g_mctx, server->sctx, - named_g_taskmgr, named_g_timermgr, - named_g_socketmgr, - named_g_dispatchmgr, - server->task, named_g_udpdisp, NULL, +#endif &server->interfacemgr), "creating interface manager"); -#endif CHECKFATAL(isc_timer_create(named_g_timermgr, isc_timertype_inactive, NULL, NULL, server->task, @@ -9631,9 +9624,9 @@ shutdown_server(isc_task_t *task, isc_event_t *event) { #ifdef HAVE_DNSTAP dns_dt_shutdown(); #endif -#ifdef HAVE_GEOIP +#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) dns_geoip_shutdown(); -#endif +#endif /* HAVE_GEOIP || HAVE_GEOIP2 */ dns_db_detach(&server->in_roothints); @@ -9749,14 +9742,14 @@ named_server_create(isc_mem_t *mctx, named_server_t **serverp) { &server->sctx), "creating server context"); -#ifdef HAVE_GEOIP +#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) /* * GeoIP must be initialized before the interface * manager (which includes the ACL environment) * is created */ named_geoip_init(); -#endif +#endif /* HAVE_GEOIP || HAVE_GEOIP2 */ #ifdef ENABLE_AFL server->sctx->fuzztype = named_g_fuzz_type; diff --git a/bin/tests/system/feature-test.c b/bin/tests/system/feature-test.c index 65f8751d89..35469d0db9 100644 --- a/bin/tests/system/feature-test.c +++ b/bin/tests/system/feature-test.c @@ -125,6 +125,14 @@ main(int argc, char **argv) { #endif } + if (strcmp(argv[1], "--have-geoip2") == 0) { +#ifdef HAVE_GEOIP2 + return (0); +#else + return (1); +#endif + } + if (strcmp(argv[1], "--have-libxml2") == 0) { #ifdef HAVE_LIBXML2 return (0); diff --git a/lib/dns/acl.c b/lib/dns/acl.c index bc21254448..0004490a79 100644 --- a/lib/dns/acl.c +++ b/lib/dns/acl.c @@ -329,7 +329,7 @@ dns_acl_merge(dns_acl_t *dest, dns_acl_t *source, bool pos) return result; } -#ifdef HAVE_GEOIP +#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) /* Duplicate GeoIP data */ if (source->elements[i].type == dns_aclelementtype_geoip) { dest->elements[nelem + i].geoip_elem = @@ -407,7 +407,7 @@ dns_aclelement_match(const isc_netaddr_t *reqaddr, inner = env->localnets; break; -#ifdef HAVE_GEOIP +#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) case dns_aclelementtype_geoip: if (env == NULL || env->geoip == NULL) return (false); @@ -583,7 +583,7 @@ dns_acl_isinsecure(const dns_acl_t *a) { return (true); continue; -#ifdef HAVE_GEOIP +#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) case dns_aclelementtype_geoip: #endif case dns_aclelementtype_localnets: @@ -636,7 +636,7 @@ dns_aclenv_init(isc_mem_t *mctx, dns_aclenv_t *env) { if (result != ISC_R_SUCCESS) goto cleanup_localhost; env->match_mapped = false; -#ifdef HAVE_GEOIP +#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) env->geoip = NULL; #endif return (ISC_R_SUCCESS); @@ -654,7 +654,7 @@ dns_aclenv_copy(dns_aclenv_t *t, dns_aclenv_t *s) { dns_acl_detach(&t->localnets); dns_acl_attach(s->localnets, &t->localnets); t->match_mapped = s->match_mapped; -#ifdef HAVE_GEOIP +#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) t->geoip = s->geoip; #endif } diff --git a/lib/dns/include/dns/acl.h b/lib/dns/include/dns/acl.h index 47e2d85aa1..2935c1c6c7 100644 --- a/lib/dns/include/dns/acl.h +++ b/lib/dns/include/dns/acl.h @@ -32,14 +32,16 @@ #include #include -#ifdef HAVE_GEOIP +#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) #include #endif #include #include #include -#ifdef HAVE_GEOIP +#if defined(HAVE_GEOIP2) +#include +#elif defined(HAVE_GEOIP) #include #endif @@ -53,9 +55,9 @@ typedef enum { dns_aclelementtype_nestedacl, dns_aclelementtype_localhost, dns_aclelementtype_localnets, -#ifdef HAVE_GEOIP +#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) dns_aclelementtype_geoip, -#endif /* HAVE_GEOIP */ +#endif /* HAVE_GEOIP || HAVE_GEOIP2 */ dns_aclelementtype_any } dns_aclelementtype_t; @@ -70,9 +72,9 @@ struct dns_aclelement { dns_aclelementtype_t type; bool negative; dns_name_t keyname; -#ifdef HAVE_GEOIP +#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) dns_geoip_elem_t geoip_elem; -#endif /* HAVE_GEOIP */ +#endif /* HAVE_GEOIP || HAVE_GEOIP2 */ dns_acl_t *nestedacl; int node_num; }; @@ -95,7 +97,7 @@ struct dns_aclenv { dns_acl_t *localhost; dns_acl_t *localnets; bool match_mapped; -#ifdef HAVE_GEOIP +#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) dns_geoip_databases_t *geoip; #endif }; diff --git a/lib/dns/include/dns/geoip.h b/lib/dns/include/dns/geoip.h index fb66901567..4d26d9a595 100644 --- a/lib/dns/include/dns/geoip.h +++ b/lib/dns/include/dns/geoip.h @@ -36,12 +36,6 @@ #include #include -#ifdef HAVE_GEOIP -#include -#else -typedef void GeoIP; -#endif - /*** *** Types ***/ @@ -78,7 +72,7 @@ typedef enum { typedef struct dns_geoip_elem { dns_geoip_subtype_t subtype; - GeoIP *db; + void *db; union { char as_string[256]; int as_int; @@ -86,16 +80,24 @@ typedef struct dns_geoip_elem { } dns_geoip_elem_t; typedef struct dns_geoip_databases { - GeoIP *country_v4; /* DB 1 */ - GeoIP *city_v4; /* DB 2 or 6 */ - GeoIP *region; /* DB 3 or 7 */ - GeoIP *isp; /* DB 4 */ - GeoIP *org; /* DB 5 */ - GeoIP *as; /* DB 9 */ - GeoIP *netspeed; /* DB 10 */ - GeoIP *domain; /* DB 11 */ - GeoIP *country_v6; /* DB 12 */ - GeoIP *city_v6; /* DB 30 or 31 */ +#if defined(HAVE_GEOIP2) + void *country; /* GeoIP2-Country or GeoLite2-Country */ + void *city; /* GeoIP2-CIty or GeoLite2-City */ + void *domain; /* GeoIP2-Domain */ + void *isp; /* GeoIP2-ISP */ + void *as; /* GeoIP2-ASN or GeoLite2-ASN */ +#elif defined(HAVE_GEOIP) + void *country_v4; /* DB 1 */ + void *city_v4; /* DB 2 or 6 */ + void *region; /* DB 3 or 7 */ + void *isp; /* DB 4 */ + void *org; /* DB 5 */ + void *as; /* DB 9 */ + void *netspeed; /* DB 10 */ + void *domain; /* DB 11 */ + void *country_v6; /* DB 12 */ + void *city_v6; /* DB 30 or 31 */ +#endif } dns_geoip_databases_t; /*** diff --git a/lib/dns/tests/acl_test.c b/lib/dns/tests/acl_test.c index 9b3373cc23..8ee69abef0 100644 --- a/lib/dns/tests/acl_test.c +++ b/lib/dns/tests/acl_test.c @@ -64,11 +64,11 @@ dns_acl_isinsecure_test(void **state) { dns_acl_t *none = NULL; dns_acl_t *notnone = NULL; dns_acl_t *notany = NULL; -#ifdef HAVE_GEOIP +#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) dns_acl_t *geoip = NULL; dns_acl_t *notgeoip = NULL; dns_aclelement_t *de; -#endif +#endif /* HAVE_GEOIP || HAVE_GEOIP2 */ UNUSED(state); @@ -90,7 +90,7 @@ dns_acl_isinsecure_test(void **state) { result = dns_acl_merge(notany, any, false); assert_int_equal(result, ISC_R_SUCCESS); -#ifdef HAVE_GEOIP +#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) result = dns_acl_create(dt_mctx, 1, &geoip); assert_int_equal(result, ISC_R_SUCCESS); @@ -111,26 +111,26 @@ dns_acl_isinsecure_test(void **state) { result = dns_acl_merge(notgeoip, geoip, false); assert_int_equal(result, ISC_R_SUCCESS); -#endif +#endif /* HAVE_GEOIP || HAVE_GEOIP2 */ assert_true(dns_acl_isinsecure(any)); /* any; */ assert_false(dns_acl_isinsecure(none)); /* none; */ assert_false(dns_acl_isinsecure(notany)); /* !any; */ assert_false(dns_acl_isinsecure(notnone)); /* !none; */ -#ifdef HAVE_GEOIP +#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) assert_true(dns_acl_isinsecure(geoip)); /* geoip; */ assert_false(dns_acl_isinsecure(notgeoip)); /* !geoip; */ -#endif +#endif /* HAVE_GEOIP || HAVE_GEOIP2 */ dns_acl_detach(&any); dns_acl_detach(&none); dns_acl_detach(¬any); dns_acl_detach(¬none); -#ifdef HAVE_GEOIP +#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) dns_acl_detach(&geoip); dns_acl_detach(¬geoip); -#endif +#endif /* HAVE_GEOIP || HAVE_GEOIP2 */ } int diff --git a/lib/dns/tests/geoip_test.c b/lib/dns/tests/geoip_test.c index 8872d44383..ec0696cfba 100644 --- a/lib/dns/tests/geoip_test.c +++ b/lib/dns/tests/geoip_test.c @@ -32,12 +32,19 @@ #include "dnstest.h" -#ifdef HAVE_GEOIP +#if defined(HAVE_GEOIP2) +#include + +/* TODO GEOIP2 */ +#define TEST_GEOIP_DATA "" +#elif defined(HAVE_GEOI2) #include /* We use GeoIP databases from the 'geoip' system test */ #define TEST_GEOIP_DATA "../../../bin/tests/system/geoip/data" +#endif +#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) static int _setup(void **state) { isc_result_t result; @@ -58,7 +65,9 @@ _teardown(void **state) { return (0); } +#endif /* HAVE_GEOIP || HAVE_GEOIP2 */ +#ifdef HAVE_GEOIP /* * Helper functions * (Mostly copied from bin/named/geoip.c) @@ -68,14 +77,14 @@ static dns_geoip_databases_t geoip = { }; static void -init_geoip_db(GeoIP **dbp, GeoIPDBTypes edition, GeoIPDBTypes fallback, +init_geoip_db(void **dbp, GeoIPDBTypes edition, GeoIPDBTypes fallback, GeoIPOptions method, const char *name) { GeoIP *db; REQUIRE(dbp != NULL); - db = *dbp; + db = (GeoIP *)*dbp; if (db != NULL) { GeoIP_delete(db); @@ -563,7 +572,10 @@ netspeed(void **state) { int main(void) { -#ifdef HAVE_GEOIP +#if defined(HAVE_GEOIP2) + /* TODO GEOIP2 */ + print_message("1..0 # Skip geoip2 tests not complete\n"); +#elif defined(HAVE_GEOIP) const struct CMUnitTest tests[] = { cmocka_unit_test_setup_teardown(country, _setup, _teardown), cmocka_unit_test_setup_teardown(country_v6, _setup, _teardown), @@ -581,7 +593,7 @@ main(void) { return (cmocka_run_group_tests(tests, NULL, NULL)); #else print_message("1..0 # Skip geoip not enabled\n"); -#endif /* HAVE_GEOIP */ +#endif } #else /* HAVE_CMOCKA */ diff --git a/lib/isccfg/aclconf.c b/lib/isccfg/aclconf.c index 4c1635d46e..2abafaa72c 100644 --- a/lib/isccfg/aclconf.c +++ b/lib/isccfg/aclconf.c @@ -49,7 +49,7 @@ cfg_aclconfctx_create(isc_mem_t *mctx, cfg_aclconfctx_t **ret) { isc_mem_attach(mctx, &actx->mctx); ISC_LIST_INIT(actx->named_acl_cache); -#ifdef HAVE_GEOIP +#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) actx->geoip = NULL; #endif @@ -104,7 +104,8 @@ get_acl_def(const cfg_obj_t *cctx, const char *name, const cfg_obj_t **ret) { elt != NULL; elt = cfg_list_next(elt)) { const cfg_obj_t *acl = cfg_listelt_value(elt); - const char *aclname = cfg_obj_asstring(cfg_tuple_get(acl, "name")); + const char *aclname = + cfg_obj_asstring(cfg_tuple_get(acl, "name")); if (strcasecmp(aclname, name) == 0) { if (ret != NULL) { *ret = cfg_tuple_get(acl, "value"); @@ -246,12 +247,12 @@ count_acl_elements(const cfg_obj_t *caml, const cfg_obj_t *cctx, n += sub; if (negative) n++; -#ifdef HAVE_GEOIP +#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) } else if (cfg_obj_istuple(ce) && cfg_obj_isvoid(cfg_tuple_get(ce, "negated"))) { n++; -#endif /* HAVE_GEOIP */ +#endif /* HAVE_GEOIP || HAVE_GEOIP2 */ } else if (cfg_obj_isstring(ce)) { const char *name = cfg_obj_asstring(ce); if (strcasecmp(name, "localhost") == 0 || @@ -283,58 +284,64 @@ count_acl_elements(const cfg_obj_t *caml, const cfg_obj_t *cctx, return (ISC_R_SUCCESS); } -#ifdef HAVE_GEOIP +#if defined(HAVE_GEOIP) static dns_geoip_subtype_t get_subtype(const cfg_obj_t *obj, isc_log_t *lctx, dns_geoip_subtype_t subtype, const char *dbname) { - if (dbname == NULL) + if (dbname == NULL) { return (subtype); + } switch (subtype) { case dns_geoip_countrycode: - if (strcasecmp(dbname, "city") == 0) + if (strcasecmp(dbname, "city") == 0) { return (dns_geoip_city_countrycode); - else if (strcasecmp(dbname, "region") == 0) + } else if (strcasecmp(dbname, "region") == 0) { return (dns_geoip_region_countrycode); - else if (strcasecmp(dbname, "country") == 0) + } else if (strcasecmp(dbname, "country") == 0) { return (dns_geoip_country_code); + } cfg_obj_log(obj, lctx, ISC_LOG_ERROR, "invalid GeoIP DB specified for " "country search: ignored"); return (subtype); case dns_geoip_countrycode3: - if (strcasecmp(dbname, "city") == 0) + if (strcasecmp(dbname, "city") == 0) { return (dns_geoip_city_countrycode3); - else if (strcasecmp(dbname, "country") == 0) + } else if (strcasecmp(dbname, "country") == 0) { return (dns_geoip_country_code3); + } cfg_obj_log(obj, lctx, ISC_LOG_ERROR, "invalid GeoIP DB specified for " "country search: ignored"); return (subtype); case dns_geoip_countryname: - if (strcasecmp(dbname, "city") == 0) + if (strcasecmp(dbname, "city") == 0) { return (dns_geoip_city_countryname); - else if (strcasecmp(dbname, "country") == 0) + } else if (strcasecmp(dbname, "country") == 0) { return (dns_geoip_country_name); + } cfg_obj_log(obj, lctx, ISC_LOG_ERROR, "invalid GeoIP DB specified for " "country search: ignored"); return (subtype); case dns_geoip_region: - if (strcasecmp(dbname, "city") == 0) + if (strcasecmp(dbname, "city") == 0) { return (dns_geoip_city_region); - else if (strcasecmp(dbname, "region") == 0) + } else if (strcasecmp(dbname, "region") == 0) { return (dns_geoip_region_code); + } cfg_obj_log(obj, lctx, ISC_LOG_ERROR, "invalid GeoIP DB specified for " "region search: ignored"); return (subtype); case dns_geoip_regionname: - if (strcasecmp(dbname, "city") == 0) + if (strcasecmp(dbname, "city") == 0) { return (dns_geoip_city_region); - else if (strcasecmp(dbname, "region") == 0) + } else if (strcasecmp(dbname, "region") == 0) { return (dns_geoip_region_name); + } cfg_obj_log(obj, lctx, ISC_LOG_ERROR, "invalid GeoIP DB specified for " "region search: ignored"); @@ -350,40 +357,46 @@ get_subtype(const cfg_obj_t *obj, isc_log_t *lctx, case dns_geoip_city_areacode: case dns_geoip_city_continentcode: case dns_geoip_city_timezonecode: - if (strcasecmp(dbname, "city") != 0) + if (strcasecmp(dbname, "city") != 0) { cfg_obj_log(obj, lctx, ISC_LOG_WARNING, "invalid GeoIP DB specified for " "a 'city'-only search type: ignoring"); + } return (subtype); case dns_geoip_isp_name: - if (strcasecmp(dbname, "isp") != 0) + if (strcasecmp(dbname, "isp") != 0) { cfg_obj_log(obj, lctx, ISC_LOG_WARNING, "invalid GeoIP DB specified for " "an 'isp' search: ignoring"); + } return (subtype); case dns_geoip_org_name: - if (strcasecmp(dbname, "org") != 0) + if (strcasecmp(dbname, "org") != 0) { cfg_obj_log(obj, lctx, ISC_LOG_WARNING, "invalid GeoIP DB specified for " "an 'org' search: ignoring"); + } return (subtype); case dns_geoip_as_asnum: - if (strcasecmp(dbname, "asnum") != 0) + if (strcasecmp(dbname, "asnum") != 0) { cfg_obj_log(obj, lctx, ISC_LOG_WARNING, "invalid GeoIP DB specified for " "an 'asnum' search: ignoring"); + } return (subtype); case dns_geoip_domain_name: - if (strcasecmp(dbname, "domain") != 0) + if (strcasecmp(dbname, "domain") != 0) { cfg_obj_log(obj, lctx, ISC_LOG_WARNING, "invalid GeoIP DB specified for " "a 'domain' search: ignoring"); + } return (subtype); case dns_geoip_netspeed_id: - if (strcasecmp(dbname, "netspeed") != 0) + if (strcasecmp(dbname, "netspeed") != 0) { cfg_obj_log(obj, lctx, ISC_LOG_WARNING, "invalid GeoIP DB specified for " "a 'netspeed' search: ignoring"); + } return (subtype); default: INSIST(0); @@ -393,8 +406,9 @@ get_subtype(const cfg_obj_t *obj, isc_log_t *lctx, static bool geoip_can_answer(dns_aclelement_t *elt, cfg_aclconfctx_t *ctx) { - if (ctx->geoip == NULL) + if (ctx->geoip == NULL) { return (true); + } switch (elt->geoip_elem.subtype) { case dns_geoip_countrycode: @@ -440,31 +454,39 @@ geoip_can_answer(dns_aclelement_t *elt, cfg_aclconfctx_t *ctx) { case dns_geoip_city_timezonecode: if (ctx->geoip->city_v4 != NULL || ctx->geoip->city_v6 != NULL) + { return (true); + } /* FALLTHROUGH */ case dns_geoip_isp_name: - if (ctx->geoip->isp != NULL) + if (ctx->geoip->isp != NULL) { return (true); + } /* FALLTHROUGH */ case dns_geoip_org_name: - if (ctx->geoip->org != NULL) + if (ctx->geoip->org != NULL) { return (true); + } /* FALLTHROUGH */ case dns_geoip_as_asnum: - if (ctx->geoip->as != NULL) + if (ctx->geoip->as != NULL) { return (true); + } /* FALLTHROUGH */ case dns_geoip_domain_name: - if (ctx->geoip->domain != NULL) + if (ctx->geoip->domain != NULL) { return (true); + } /* FALLTHROUGH */ case dns_geoip_netspeed_id: - if (ctx->geoip->netspeed != NULL) + if (ctx->geoip->netspeed != NULL) { return (true); + } } return (false); } +#endif static isc_result_t parse_geoip_element(const cfg_obj_t *obj, isc_log_t *lctx, @@ -482,8 +504,9 @@ parse_geoip_element(const cfg_obj_t *obj, isc_log_t *lctx, de = *dep; ge = cfg_tuple_get(obj, "db"); - if (!cfg_obj_isvoid(ge)) + if (!cfg_obj_isvoid(ge)) { dbname = cfg_obj_asstring(ge); + } stype = cfg_obj_asstring(cfg_tuple_get(obj, "subtype")); search = cfg_obj_asstring(cfg_tuple_get(obj, "search")); @@ -600,7 +623,6 @@ parse_geoip_element(const cfg_obj_t *obj, isc_log_t *lctx, return (ISC_R_SUCCESS); } -#endif isc_result_t cfg_acl_fromconfig(const cfg_obj_t *caml, const cfg_obj_t *cctx, @@ -655,12 +677,14 @@ cfg_acl_fromconfig2(const cfg_obj_t *caml, const cfg_obj_t *cctx, mctx, &nelem, NULL); if (result != ISC_R_SUCCESS) return (result); - } else + } else { nelem = cfg_list_length(caml, false); + } result = dns_acl_create(mctx, nelem, &dacl); - if (result != ISC_R_SUCCESS) + if (result != ISC_R_SUCCESS) { return (result); + } } de = dacl->elements; @@ -694,8 +718,9 @@ cfg_acl_fromconfig2(const cfg_obj_t *caml, const cfg_obj_t *cctx, result = dns_acl_create(mctx, cfg_list_length(ce, false), &de->nestedacl); - if (result != ISC_R_SUCCESS) + if (result != ISC_R_SUCCESS) { goto cleanup; + } iptab = de->nestedacl->iptable; } @@ -711,8 +736,9 @@ cfg_acl_fromconfig2(const cfg_obj_t *caml, const cfg_obj_t *cctx, cfg_obj_log(ce, lctx, ISC_LOG_WARNING, "'%s': incorrect address family; " "ignoring", buf); - if (nest_level != 0) + if (nest_level != 0) { dns_acl_detach(&de->nestedacl); + } continue; } result = isc_netaddr_prefixok(&addr, bitlen); @@ -732,15 +758,17 @@ cfg_acl_fromconfig2(const cfg_obj_t *caml, const cfg_obj_t *cctx, setpos = (nest_level != 0 || !neg); result = dns_iptable_addprefix(iptab, &addr, bitlen, setpos); - if (result != ISC_R_SUCCESS) + if (result != ISC_R_SUCCESS) { goto cleanup; + } if (nest_level > 0) { INSIST(dacl->length < dacl->alloc); de->type = dns_aclelementtype_nestedacl; de->negative = neg; - } else + } else { continue; + } } else if (cfg_obj_islist(ce)) { /* * If we're nesting ACLs, put the nested @@ -749,29 +777,30 @@ cfg_acl_fromconfig2(const cfg_obj_t *caml, const cfg_obj_t *cctx, * in two cases: 1) sortlist, 2) if the * nested ACL contains negated members. */ - if (inneracl != NULL) + if (inneracl != NULL) { dns_acl_detach(&inneracl); + } result = cfg_acl_fromconfig(ce, cctx, lctx, ctx, mctx, new_nest_level, &inneracl); - if (result != ISC_R_SUCCESS) + if (result != ISC_R_SUCCESS) { goto cleanup; + } nested_acl: if (nest_level > 0 || inneracl->has_negatives) { INSIST(dacl->length < dacl->alloc); de->type = dns_aclelementtype_nestedacl; de->negative = neg; - if (de->nestedacl != NULL) + if (de->nestedacl != NULL) { dns_acl_detach(&de->nestedacl); - dns_acl_attach(inneracl, - &de->nestedacl); + } + dns_acl_attach(inneracl, &de->nestedacl); dns_acl_detach(&inneracl); /* Fall through. */ } else { INSIST(dacl->length + inneracl->length <= dacl->alloc); - dns_acl_merge(dacl, inneracl, - !neg); + dns_acl_merge(dacl, inneracl, !neg); de += inneracl->length; /* elements added */ dns_acl_detach(&inneracl); INSIST(dacl->length <= dacl->alloc); @@ -785,19 +814,21 @@ nested_acl: dns_name_init(&de->keyname, NULL); result = convert_keyname(ce, lctx, mctx, &de->keyname); - if (result != ISC_R_SUCCESS) + if (result != ISC_R_SUCCESS) { goto cleanup; -#ifdef HAVE_GEOIP + } +#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) } else if (cfg_obj_istuple(ce) && cfg_obj_isvoid(cfg_tuple_get(ce, "negated"))) { INSIST(dacl->length < dacl->alloc); result = parse_geoip_element(ce, lctx, ctx, de); - if (result != ISC_R_SUCCESS) + if (result != ISC_R_SUCCESS) { goto cleanup; + } de->type = dns_aclelementtype_geoip; de->negative = neg; -#endif /* HAVE_GEOIP */ +#endif /* HAVE_GEOIP || HAVE_GEOIP2 */ } else if (cfg_obj_isstring(ce)) { /* ACL name. */ const char *name = cfg_obj_asstring(ce); @@ -806,15 +837,17 @@ nested_acl: setpos = (nest_level != 0 || !neg); result = dns_iptable_addprefix(iptab, NULL, 0, setpos); - if (result != ISC_R_SUCCESS) + if (result != ISC_R_SUCCESS) { goto cleanup; + } if (nest_level != 0) { INSIST(dacl->length < dacl->alloc); de->type = dns_aclelementtype_nestedacl; de->negative = neg; - } else + } else { continue; + } } else if (strcasecmp(name, "none") == 0) { /* none == !any */ /* @@ -826,18 +859,21 @@ nested_acl: setpos = (nest_level != 0 || neg); result = dns_iptable_addprefix(iptab, NULL, 0, setpos); - if (result != ISC_R_SUCCESS) + if (result != ISC_R_SUCCESS) { goto cleanup; + } - if (!neg) + if (!neg) { dacl->has_negatives = !neg; + } if (nest_level != 0) { INSIST(dacl->length < dacl->alloc); de->type = dns_aclelementtype_nestedacl; de->negative = !neg; - } else + } else { continue; + } } else if (strcasecmp(name, "localhost") == 0) { INSIST(dacl->length < dacl->alloc); de->type = dns_aclelementtype_localhost; @@ -856,8 +892,9 @@ nested_acl: result = convert_named_acl(ce, cctx, lctx, ctx, mctx, new_nest_level, &inneracl); - if (result != ISC_R_SUCCESS) + if (result != ISC_R_SUCCESS) { goto cleanup; + } goto nested_acl; } @@ -876,7 +913,9 @@ nested_acl: */ if (de->nestedacl != NULL && de->type != dns_aclelementtype_nestedacl) + { dns_acl_detach(&de->nestedacl); + } dacl->node_count++; de->node_num = dacl->node_count; @@ -890,8 +929,9 @@ nested_acl: result = ISC_R_SUCCESS; cleanup: - if (inneracl != NULL) + if (inneracl != NULL) { dns_acl_detach(&inneracl); + } dns_acl_detach(&dacl); return (result); } diff --git a/lib/isccfg/include/isccfg/aclconf.h b/lib/isccfg/include/isccfg/aclconf.h index 4108a0f775..968c51e865 100644 --- a/lib/isccfg/include/isccfg/aclconf.h +++ b/lib/isccfg/include/isccfg/aclconf.h @@ -19,15 +19,13 @@ #include -#ifdef HAVE_GEOIP #include -#endif #include typedef struct cfg_aclconfctx { ISC_LIST(dns_acl_t) named_acl_cache; isc_mem_t *mctx; -#ifdef HAVE_GEOIP +#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) dns_geoip_databases_t *geoip; #endif isc_refcount_t references; diff --git a/lib/isccfg/namedconf.c b/lib/isccfg/namedconf.c index 0cf91e5c77..61c8857fe6 100644 --- a/lib/isccfg/namedconf.c +++ b/lib/isccfg/namedconf.c @@ -1075,7 +1075,7 @@ options_clauses[] = { { "fstrm-set-reopen-interval", &cfg_type_ttlval, CFG_CLAUSEFLAG_NOTCONFIGURED }, #endif /* HAVE_DNSTAP */ -#ifdef HAVE_GEOIP +#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) { "geoip-directory", &cfg_type_qstringornone, 0 }, #else { "geoip-directory", &cfg_type_qstringornone, diff --git a/lib/isccfg/parser.c b/lib/isccfg/parser.c index 50714759a6..86d7009ce5 100644 --- a/lib/isccfg/parser.c +++ b/lib/isccfg/parser.c @@ -100,7 +100,7 @@ static void parser_complain(cfg_parser_t *pctx, bool is_warning, unsigned int flags, const char *format, va_list args); -#ifdef HAVE_GEOIP +#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) static isc_result_t parse_geoip(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret); @@ -109,7 +109,7 @@ print_geoip(cfg_printer_t *pctx, const cfg_obj_t *obj); static void doc_geoip(cfg_printer_t *pctx, const cfg_type_t *type); -#endif /* HAVE_GEOIP */ +#endif /* HAVE_GEOIP || HAVE_GEOIP2 */ /* * Data representations. These correspond to members of the @@ -1312,7 +1312,7 @@ LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_bracketed_text = { &cfg_rep_string, NULL }; -#ifdef HAVE_GEOIP +#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) /* * "geoip" ACL element: * geoip [ db ] search-type @@ -1406,7 +1406,7 @@ doc_geoip(cfg_printer_t *pctx, const cfg_type_t *type) { cfg_print_cstr(pctx, " "); cfg_print_cstr(pctx, ""); } -#endif /* HAVE_GEOIP */ +#endif /* HAVE_GEOIP || HAVE_GEOIP2 */ static cfg_type_t cfg_type_addrmatchelt; static cfg_type_t cfg_type_negated; @@ -1427,7 +1427,7 @@ parse_addrmatchelt(cfg_parser_t *pctx, const cfg_type_t *type, CHECK(cfg_parse_obj(pctx, &cfg_type_keyref, ret)); } else if (pctx->token.type == isc_tokentype_string && (strcasecmp(TOKEN_STRING(pctx), "geoip") == 0)) { -#ifdef HAVE_GEOIP +#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) CHECK(cfg_gettoken(pctx, 0)); CHECK(cfg_parse_obj(pctx, &cfg_type_geoip, ret)); #else diff --git a/lib/ns/interfacemgr.c b/lib/ns/interfacemgr.c index 275a7a3d29..47978819b4 100644 --- a/lib/ns/interfacemgr.c +++ b/lib/ns/interfacemgr.c @@ -230,7 +230,7 @@ ns_interfacemgr_create(isc_mem_t *mctx, result = dns_aclenv_init(mctx, &mgr->aclenv); if (result != ISC_R_SUCCESS) goto cleanup_listenon; -#ifdef HAVE_GEOIP +#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2) mgr->aclenv.geoip = geoip; #else UNUSED(geoip);