mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-30 22:15:20 +00:00
Code Issues Releases Wiki Activity

add HAVE_GEOIP2 #ifdef branches, without implementing yet

Browse Source
This commit is contained in:
Evan Hunt
2019-06-11 18:36:52 -07:00
parent fea6b5bf10
commit fe46d5bc34
14 changed files with 195 additions and 137 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
bin/named/geoip.c
View File

@@ -24,7 +24,7 @@ static dns_geoip_databases_t geoip_table = {
}; };
static void static void
init_geoip_db(GeoIP **dbp, GeoIPDBTypes edition, GeoIPDBTypes fallback, init_geoip_db(void **dbp, GeoIPDBTypes edition, GeoIPDBTypes fallback,
GeoIPOptions method, const char *name) GeoIPOptions method, const char *name)
{ {
char *info; char *info;
@@ -32,7 +32,7 @@ init_geoip_db(GeoIP **dbp, GeoIPDBTypes edition, GeoIPDBTypes fallback,
REQUIRE(dbp != NULL); REQUIRE(dbp != NULL);
db = *dbp; db = (GeoIP *)*dbp;
if (db != NULL) { if (db != NULL) {
GeoIP_delete(db); GeoIP_delete(db);
@@ -79,23 +79,22 @@ init_geoip_db(GeoIP **dbp, GeoIPDBTypes edition, GeoIPDBTypes fallback,
void void
named_geoip_init(void) { named_geoip_init(void) {
#ifndef HAVE_GEOIP #if defined(HAVE_GEOIP2)
return; /* TODO GEOIP2 */
#else #elif defined(HAVE_GEOIP)
GeoIP_cleanup(); GeoIP_cleanup();
if (named_g_geoip == NULL) if (named_g_geoip == NULL)
named_g_geoip = &geoip_table; named_g_geoip = &geoip_table;
#else
return;
#endif #endif
} }
void void
named_geoip_load(char *dir) { named_geoip_load(char *dir) {
#ifndef HAVE_GEOIP #if defined(HAVE_GEOIP2)
/* TODO GEOIP2 */
UNUSED(dir); #elif defined(HAVE_GEOIP)
return;
#else
GeoIPOptions method; GeoIPOptions method;
#ifdef _WIN32 #ifdef _WIN32
@@ -139,5 +138,9 @@ named_geoip_load(char *dir) {
method, "Domain"); method, "Domain");
init_geoip_db(&named_g_geoip->netspeed, GEOIP_NETSPEED_EDITION, 0, init_geoip_db(&named_g_geoip->netspeed, GEOIP_NETSPEED_EDITION, 0,
method, "NetSpeed"); method, "NetSpeed");
#endif /* HAVE_GEOIP */ #else
UNUSED(dir);
return;
#endif
} }

2
bin/named/include/named/globals.h
View File

@@ -154,7 +154,7 @@ EXTERN bool named_g_keepstderr INIT(false);
EXTERN unsigned int named_g_tat_interval INIT(24*3600); EXTERN unsigned int named_g_tat_interval INIT(24*3600);
#ifdef HAVE_GEOIP #if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2)
EXTERN dns_geoip_databases_t *named_g_geoip INIT(NULL); EXTERN dns_geoip_databases_t *named_g_geoip INIT(NULL);
#endif #endif

27
bin/named/server.c
View File

@@ -105,9 +105,9 @@
#include <named/config.h> #include <named/config.h>
#include <named/control.h> #include <named/control.h>
#ifdef HAVE_GEOIP #if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2)
#include <named/geoip.h> #include <named/geoip.h>
#endif /* HAVE_GEOIP */ #endif /* HAVE_GEOIP || HAVE_GEOIP2 */
#include <named/log.h> #include <named/log.h>
#include <named/logconf.h> #include <named/logconf.h>
#include <named/main.h> #include <named/main.h>
@@ -8261,7 +8261,7 @@ load_configuration(const char *filename, named_server_t *server,
} }
isc_socketmgr_setreserved(named_g_socketmgr, reserved); isc_socketmgr_setreserved(named_g_socketmgr, reserved);
#ifdef HAVE_GEOIP #if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2)
/* /*
* Initialize GeoIP databases from the configured location. * Initialize GeoIP databases from the configured location.
* This should happen before configuring any ACLs, so that we * This should happen before configuring any ACLs, so that we
@@ -8278,7 +8278,7 @@ load_configuration(const char *filename, named_server_t *server,
named_geoip_load(NULL); named_geoip_load(NULL);
} }
named_g_aclconfctx->geoip = named_g_geoip; named_g_aclconfctx->geoip = named_g_geoip;
#endif /* HAVE_GEOIP */ #endif /* HAVE_GEOIP || HAVE_GEOIP2 */
/* /*
* Configure various server options. * Configure various server options.
@@ -9491,25 +9491,18 @@ run_server(isc_task_t *task, isc_event_t *event) {
dns_dispatchmgr_setstats(named_g_dispatchmgr, server->resolverstats); dns_dispatchmgr_setstats(named_g_dispatchmgr, server->resolverstats);
#ifdef HAVE_GEOIP
CHECKFATAL(ns_interfacemgr_create(named_g_mctx, server->sctx, CHECKFATAL(ns_interfacemgr_create(named_g_mctx, server->sctx,
named_g_taskmgr, named_g_timermgr, named_g_taskmgr, named_g_timermgr,
named_g_socketmgr, named_g_socketmgr,
named_g_dispatchmgr, named_g_dispatchmgr,
server->task, named_g_udpdisp, server->task, named_g_udpdisp,
#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2)
named_g_geoip, named_g_geoip,
&server->interfacemgr),
"creating interface manager");
#else #else
CHECKFATAL(ns_interfacemgr_create(named_g_mctx, server->sctx,
named_g_taskmgr, named_g_timermgr,
named_g_socketmgr,
named_g_dispatchmgr,
server->task, named_g_udpdisp,
NULL, NULL,
#endif
&server->interfacemgr), &server->interfacemgr),
"creating interface manager"); "creating interface manager");
#endif
CHECKFATAL(isc_timer_create(named_g_timermgr, isc_timertype_inactive, CHECKFATAL(isc_timer_create(named_g_timermgr, isc_timertype_inactive,
NULL, NULL, server->task, NULL, NULL, server->task,
@@ -9631,9 +9624,9 @@ shutdown_server(isc_task_t *task, isc_event_t *event) {
#ifdef HAVE_DNSTAP #ifdef HAVE_DNSTAP
dns_dt_shutdown(); dns_dt_shutdown();
#endif #endif
#ifdef HAVE_GEOIP #if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2)
dns_geoip_shutdown(); dns_geoip_shutdown();
#endif #endif /* HAVE_GEOIP || HAVE_GEOIP2 */
dns_db_detach(&server->in_roothints); dns_db_detach(&server->in_roothints);
@@ -9749,14 +9742,14 @@ named_server_create(isc_mem_t *mctx, named_server_t **serverp) {
&server->sctx), &server->sctx),
"creating server context"); "creating server context");
#ifdef HAVE_GEOIP #if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2)
/* /*
* GeoIP must be initialized before the interface * GeoIP must be initialized before the interface
* manager (which includes the ACL environment) * manager (which includes the ACL environment)
* is created * is created
*/ */
named_geoip_init(); named_geoip_init();
#endif #endif /* HAVE_GEOIP || HAVE_GEOIP2 */
#ifdef ENABLE_AFL #ifdef ENABLE_AFL
server->sctx->fuzztype = named_g_fuzz_type; server->sctx->fuzztype = named_g_fuzz_type;

8
bin/tests/system/feature-test.c
View File

@@ -125,6 +125,14 @@ main(int argc, char **argv) {
#endif #endif
} }
if (strcmp(argv[1], "--have-geoip2") == 0) {
#ifdef HAVE_GEOIP2
return (0);
#else
return (1);
#endif
}
if (strcmp(argv[1], "--have-libxml2") == 0) { if (strcmp(argv[1], "--have-libxml2") == 0) {
#ifdef HAVE_LIBXML2 #ifdef HAVE_LIBXML2
return (0); return (0);

10
lib/dns/acl.c
View File

@@ -329,7 +329,7 @@ dns_acl_merge(dns_acl_t *dest, dns_acl_t *source, bool pos)
return result; return result;
} }
#ifdef HAVE_GEOIP #if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2)
/* Duplicate GeoIP data */ /* Duplicate GeoIP data */
if (source->elements[i].type == dns_aclelementtype_geoip) { if (source->elements[i].type == dns_aclelementtype_geoip) {
dest->elements[nelem + i].geoip_elem = dest->elements[nelem + i].geoip_elem =
@@ -407,7 +407,7 @@ dns_aclelement_match(const isc_netaddr_t *reqaddr,
inner = env->localnets; inner = env->localnets;
break; break;
#ifdef HAVE_GEOIP #if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2)
case dns_aclelementtype_geoip: case dns_aclelementtype_geoip:
if (env == NULL || env->geoip == NULL) if (env == NULL || env->geoip == NULL)
return (false); return (false);
@@ -583,7 +583,7 @@ dns_acl_isinsecure(const dns_acl_t *a) {
return (true); return (true);
continue; continue;
#ifdef HAVE_GEOIP #if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2)
case dns_aclelementtype_geoip: case dns_aclelementtype_geoip:
#endif #endif
case dns_aclelementtype_localnets: case dns_aclelementtype_localnets:
@@ -636,7 +636,7 @@ dns_aclenv_init(isc_mem_t *mctx, dns_aclenv_t *env) {
if (result != ISC_R_SUCCESS) if (result != ISC_R_SUCCESS)
goto cleanup_localhost; goto cleanup_localhost;
env->match_mapped = false; env->match_mapped = false;
#ifdef HAVE_GEOIP #if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2)
env->geoip = NULL; env->geoip = NULL;
#endif #endif
return (ISC_R_SUCCESS); return (ISC_R_SUCCESS);
@@ -654,7 +654,7 @@ dns_aclenv_copy(dns_aclenv_t *t, dns_aclenv_t *s) {
dns_acl_detach(&t->localnets); dns_acl_detach(&t->localnets);
dns_acl_attach(s->localnets, &t->localnets); dns_acl_attach(s->localnets, &t->localnets);
t->match_mapped = s->match_mapped; t->match_mapped = s->match_mapped;
#ifdef HAVE_GEOIP #if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2)
t->geoip = s->geoip; t->geoip = s->geoip;
#endif #endif
} }

16
lib/dns/include/dns/acl.h
View File

@@ -32,14 +32,16 @@
#include <isc/netaddr.h> #include <isc/netaddr.h>
#include <isc/refcount.h> #include <isc/refcount.h>
#ifdef HAVE_GEOIP #if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2)
#include <dns/geoip.h> #include <dns/geoip.h>
#endif #endif
#include <dns/name.h> #include <dns/name.h>
#include <dns/types.h> #include <dns/types.h>
#include <dns/iptable.h> #include <dns/iptable.h>
#ifdef HAVE_GEOIP #if defined(HAVE_GEOIP2)
#include <maxminddb.h>
#elif defined(HAVE_GEOIP)
#include <GeoIP.h> #include <GeoIP.h>
#endif #endif
@@ -53,9 +55,9 @@ typedef enum {
dns_aclelementtype_nestedacl, dns_aclelementtype_nestedacl,
dns_aclelementtype_localhost, dns_aclelementtype_localhost,
dns_aclelementtype_localnets, dns_aclelementtype_localnets,
#ifdef HAVE_GEOIP #if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2)
dns_aclelementtype_geoip, dns_aclelementtype_geoip,
#endif /* HAVE_GEOIP */ #endif /* HAVE_GEOIP || HAVE_GEOIP2 */
dns_aclelementtype_any dns_aclelementtype_any
} dns_aclelementtype_t; } dns_aclelementtype_t;
@@ -70,9 +72,9 @@ struct dns_aclelement {
dns_aclelementtype_t type; dns_aclelementtype_t type;
bool negative; bool negative;
dns_name_t keyname; dns_name_t keyname;
#ifdef HAVE_GEOIP #if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2)
dns_geoip_elem_t geoip_elem; dns_geoip_elem_t geoip_elem;
#endif /* HAVE_GEOIP */ #endif /* HAVE_GEOIP || HAVE_GEOIP2 */
dns_acl_t *nestedacl; dns_acl_t *nestedacl;
int node_num; int node_num;
}; };
@@ -95,7 +97,7 @@ struct dns_aclenv {
dns_acl_t *localhost; dns_acl_t *localhost;
dns_acl_t *localnets; dns_acl_t *localnets;
bool match_mapped; bool match_mapped;
#ifdef HAVE_GEOIP #if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2)
dns_geoip_databases_t *geoip; dns_geoip_databases_t *geoip;
#endif #endif
}; };

36
lib/dns/include/dns/geoip.h
View File

@@ -36,12 +36,6 @@
#include <dns/types.h> #include <dns/types.h>
#include <dns/iptable.h> #include <dns/iptable.h>
#ifdef HAVE_GEOIP
#include <GeoIP.h>
#else
typedef void GeoIP;
#endif
/*** /***
*** Types *** Types
***/ ***/
@@ -78,7 +72,7 @@ typedef enum {
typedef struct dns_geoip_elem { typedef struct dns_geoip_elem {
dns_geoip_subtype_t subtype; dns_geoip_subtype_t subtype;
GeoIP *db; void *db;
union { union {
char as_string[256]; char as_string[256];
int as_int; int as_int;
@@ -86,16 +80,24 @@ typedef struct dns_geoip_elem {
} dns_geoip_elem_t; } dns_geoip_elem_t;
typedef struct dns_geoip_databases { typedef struct dns_geoip_databases {
GeoIP *country_v4; /* DB 1 */ #if defined(HAVE_GEOIP2)
GeoIP *city_v4; /* DB 2 or 6 */ void *country; /* GeoIP2-Country or GeoLite2-Country */
GeoIP *region; /* DB 3 or 7 */ void *city; /* GeoIP2-CIty or GeoLite2-City */
GeoIP *isp; /* DB 4 */ void *domain; /* GeoIP2-Domain */
GeoIP *org; /* DB 5 */ void *isp; /* GeoIP2-ISP */
GeoIP *as; /* DB 9 */ void *as; /* GeoIP2-ASN or GeoLite2-ASN */
GeoIP *netspeed; /* DB 10 */ #elif defined(HAVE_GEOIP)
GeoIP *domain; /* DB 11 */ void *country_v4; /* DB 1 */
GeoIP *country_v6; /* DB 12 */ void *city_v4; /* DB 2 or 6 */
GeoIP *city_v6; /* DB 30 or 31 */ void *region; /* DB 3 or 7 */
void *isp; /* DB 4 */
void *org; /* DB 5 */
void *as; /* DB 9 */
void *netspeed; /* DB 10 */
void *domain; /* DB 11 */
void *country_v6; /* DB 12 */
void *city_v6; /* DB 30 or 31 */
#endif
} dns_geoip_databases_t; } dns_geoip_databases_t;
/*** /***

16
lib/dns/tests/acl_test.c
View File

@@ -64,11 +64,11 @@ dns_acl_isinsecure_test(void **state) {
dns_acl_t *none = NULL; dns_acl_t *none = NULL;
dns_acl_t *notnone = NULL; dns_acl_t *notnone = NULL;
dns_acl_t *notany = NULL; dns_acl_t *notany = NULL;
#ifdef HAVE_GEOIP #if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2)
dns_acl_t *geoip = NULL; dns_acl_t *geoip = NULL;
dns_acl_t *notgeoip = NULL; dns_acl_t *notgeoip = NULL;
dns_aclelement_t *de; dns_aclelement_t *de;
#endif #endif /* HAVE_GEOIP || HAVE_GEOIP2 */
UNUSED(state); UNUSED(state);
@@ -90,7 +90,7 @@ dns_acl_isinsecure_test(void **state) {
result = dns_acl_merge(notany, any, false); result = dns_acl_merge(notany, any, false);
assert_int_equal(result, ISC_R_SUCCESS); assert_int_equal(result, ISC_R_SUCCESS);
#ifdef HAVE_GEOIP #if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2)
result = dns_acl_create(dt_mctx, 1, &geoip); result = dns_acl_create(dt_mctx, 1, &geoip);
assert_int_equal(result, ISC_R_SUCCESS); assert_int_equal(result, ISC_R_SUCCESS);
@@ -111,26 +111,26 @@ dns_acl_isinsecure_test(void **state) {
result = dns_acl_merge(notgeoip, geoip, false); result = dns_acl_merge(notgeoip, geoip, false);
assert_int_equal(result, ISC_R_SUCCESS); assert_int_equal(result, ISC_R_SUCCESS);
#endif #endif /* HAVE_GEOIP || HAVE_GEOIP2 */
assert_true(dns_acl_isinsecure(any)); /* any; */ assert_true(dns_acl_isinsecure(any)); /* any; */
assert_false(dns_acl_isinsecure(none)); /* none; */ assert_false(dns_acl_isinsecure(none)); /* none; */
assert_false(dns_acl_isinsecure(notany)); /* !any; */ assert_false(dns_acl_isinsecure(notany)); /* !any; */
assert_false(dns_acl_isinsecure(notnone)); /* !none; */ assert_false(dns_acl_isinsecure(notnone)); /* !none; */
#ifdef HAVE_GEOIP #if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2)
assert_true(dns_acl_isinsecure(geoip)); /* geoip; */ assert_true(dns_acl_isinsecure(geoip)); /* geoip; */
assert_false(dns_acl_isinsecure(notgeoip)); /* !geoip; */ assert_false(dns_acl_isinsecure(notgeoip)); /* !geoip; */
#endif #endif /* HAVE_GEOIP || HAVE_GEOIP2 */
dns_acl_detach(&any); dns_acl_detach(&any);
dns_acl_detach(&none); dns_acl_detach(&none);
dns_acl_detach(&notany); dns_acl_detach(&notany);
dns_acl_detach(&notnone); dns_acl_detach(&notnone);
#ifdef HAVE_GEOIP #if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2)
dns_acl_detach(&geoip); dns_acl_detach(&geoip);
dns_acl_detach(&notgeoip); dns_acl_detach(&notgeoip);
#endif #endif /* HAVE_GEOIP || HAVE_GEOIP2 */
} }
int int

22
lib/dns/tests/geoip_test.c
View File

@@ -32,12 +32,19 @@
#include "dnstest.h" #include "dnstest.h"
#ifdef HAVE_GEOIP #if defined(HAVE_GEOIP2)
#include <maxminddb.h>
/* TODO GEOIP2 */
#define TEST_GEOIP_DATA ""
#elif defined(HAVE_GEOI2)
#include <GeoIP.h> #include <GeoIP.h>
/* We use GeoIP databases from the 'geoip' system test */ /* We use GeoIP databases from the 'geoip' system test */
#define TEST_GEOIP_DATA "../../../bin/tests/system/geoip/data" #define TEST_GEOIP_DATA "../../../bin/tests/system/geoip/data"
#endif
#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2)
static int static int
_setup(void **state) { _setup(void **state) {
isc_result_t result; isc_result_t result;
@@ -58,7 +65,9 @@ _teardown(void **state) {
return (0); return (0);
} }
#endif /* HAVE_GEOIP || HAVE_GEOIP2 */
#ifdef HAVE_GEOIP
/* /*
* Helper functions * Helper functions
* (Mostly copied from bin/named/geoip.c) * (Mostly copied from bin/named/geoip.c)
@@ -68,14 +77,14 @@ static dns_geoip_databases_t geoip = {
}; };
static void static void
init_geoip_db(GeoIP **dbp, GeoIPDBTypes edition, GeoIPDBTypes fallback, init_geoip_db(void **dbp, GeoIPDBTypes edition, GeoIPDBTypes fallback,
GeoIPOptions method, const char *name) GeoIPOptions method, const char *name)
{ {
GeoIP *db; GeoIP *db;
REQUIRE(dbp != NULL); REQUIRE(dbp != NULL);
db = *dbp; db = (GeoIP *)*dbp;
if (db != NULL) { if (db != NULL) {
GeoIP_delete(db); GeoIP_delete(db);
@@ -563,7 +572,10 @@ netspeed(void **state) {
int int
main(void) { main(void) {
#ifdef HAVE_GEOIP #if defined(HAVE_GEOIP2)
/* TODO GEOIP2 */
print_message("1..0 # Skip geoip2 tests not complete\n");
#elif defined(HAVE_GEOIP)
const struct CMUnitTest tests[] = { const struct CMUnitTest tests[] = {
cmocka_unit_test_setup_teardown(country, _setup, _teardown), cmocka_unit_test_setup_teardown(country, _setup, _teardown),
cmocka_unit_test_setup_teardown(country_v6, _setup, _teardown), cmocka_unit_test_setup_teardown(country_v6, _setup, _teardown),
@@ -581,7 +593,7 @@ main(void) {
return (cmocka_run_group_tests(tests, NULL, NULL)); return (cmocka_run_group_tests(tests, NULL, NULL));
#else #else
print_message("1..0 # Skip geoip not enabled\n"); print_message("1..0 # Skip geoip not enabled\n");
#endif /* HAVE_GEOIP */ #endif
} }
#else /* HAVE_CMOCKA */ #else /* HAVE_CMOCKA */

150
lib/isccfg/aclconf.c
View File

@@ -49,7 +49,7 @@ cfg_aclconfctx_create(isc_mem_t *mctx, cfg_aclconfctx_t **ret) {
isc_mem_attach(mctx, &actx->mctx); isc_mem_attach(mctx, &actx->mctx);
ISC_LIST_INIT(actx->named_acl_cache); ISC_LIST_INIT(actx->named_acl_cache);
#ifdef HAVE_GEOIP #if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2)
actx->geoip = NULL; actx->geoip = NULL;
#endif #endif
@@ -104,7 +104,8 @@ get_acl_def(const cfg_obj_t *cctx, const char *name, const cfg_obj_t **ret) {
elt != NULL; elt != NULL;
elt = cfg_list_next(elt)) { elt = cfg_list_next(elt)) {
const cfg_obj_t *acl = cfg_listelt_value(elt); const cfg_obj_t *acl = cfg_listelt_value(elt);
const char *aclname = cfg_obj_asstring(cfg_tuple_get(acl, "name")); const char *aclname =
cfg_obj_asstring(cfg_tuple_get(acl, "name"));
if (strcasecmp(aclname, name) == 0) { if (strcasecmp(aclname, name) == 0) {
if (ret != NULL) { if (ret != NULL) {
*ret = cfg_tuple_get(acl, "value"); *ret = cfg_tuple_get(acl, "value");
@@ -246,12 +247,12 @@ count_acl_elements(const cfg_obj_t *caml, const cfg_obj_t *cctx,
n += sub; n += sub;
if (negative) if (negative)
n++; n++;
#ifdef HAVE_GEOIP #if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2)
} else if (cfg_obj_istuple(ce) && } else if (cfg_obj_istuple(ce) &&
cfg_obj_isvoid(cfg_tuple_get(ce, "negated"))) cfg_obj_isvoid(cfg_tuple_get(ce, "negated")))
{ {
n++; n++;
#endif /* HAVE_GEOIP */ #endif /* HAVE_GEOIP || HAVE_GEOIP2 */
} else if (cfg_obj_isstring(ce)) { } else if (cfg_obj_isstring(ce)) {
const char *name = cfg_obj_asstring(ce); const char *name = cfg_obj_asstring(ce);
if (strcasecmp(name, "localhost") == 0 || if (strcasecmp(name, "localhost") == 0 ||
@@ -283,58 +284,64 @@ count_acl_elements(const cfg_obj_t *caml, const cfg_obj_t *cctx,
return (ISC_R_SUCCESS); return (ISC_R_SUCCESS);
} }
#ifdef HAVE_GEOIP #if defined(HAVE_GEOIP)
static dns_geoip_subtype_t static dns_geoip_subtype_t
get_subtype(const cfg_obj_t *obj, isc_log_t *lctx, get_subtype(const cfg_obj_t *obj, isc_log_t *lctx,
dns_geoip_subtype_t subtype, const char *dbname) dns_geoip_subtype_t subtype, const char *dbname)
{ {
if (dbname == NULL) if (dbname == NULL) {
return (subtype); return (subtype);
}
switch (subtype) { switch (subtype) {
case dns_geoip_countrycode: case dns_geoip_countrycode:
if (strcasecmp(dbname, "city") == 0) if (strcasecmp(dbname, "city") == 0) {
return (dns_geoip_city_countrycode); return (dns_geoip_city_countrycode);
else if (strcasecmp(dbname, "region") == 0) } else if (strcasecmp(dbname, "region") == 0) {
return (dns_geoip_region_countrycode); return (dns_geoip_region_countrycode);
else if (strcasecmp(dbname, "country") == 0) } else if (strcasecmp(dbname, "country") == 0) {
return (dns_geoip_country_code); return (dns_geoip_country_code);
}
cfg_obj_log(obj, lctx, ISC_LOG_ERROR, cfg_obj_log(obj, lctx, ISC_LOG_ERROR,
"invalid GeoIP DB specified for " "invalid GeoIP DB specified for "
"country search: ignored"); "country search: ignored");
return (subtype); return (subtype);
case dns_geoip_countrycode3: case dns_geoip_countrycode3:
if (strcasecmp(dbname, "city") == 0) if (strcasecmp(dbname, "city") == 0) {
return (dns_geoip_city_countrycode3); return (dns_geoip_city_countrycode3);
else if (strcasecmp(dbname, "country") == 0) } else if (strcasecmp(dbname, "country") == 0) {
return (dns_geoip_country_code3); return (dns_geoip_country_code3);
}
cfg_obj_log(obj, lctx, ISC_LOG_ERROR, cfg_obj_log(obj, lctx, ISC_LOG_ERROR,
"invalid GeoIP DB specified for " "invalid GeoIP DB specified for "
"country search: ignored"); "country search: ignored");
return (subtype); return (subtype);
case dns_geoip_countryname: case dns_geoip_countryname:
if (strcasecmp(dbname, "city") == 0) if (strcasecmp(dbname, "city") == 0) {
return (dns_geoip_city_countryname); return (dns_geoip_city_countryname);
else if (strcasecmp(dbname, "country") == 0) } else if (strcasecmp(dbname, "country") == 0) {
return (dns_geoip_country_name); return (dns_geoip_country_name);
}
cfg_obj_log(obj, lctx, ISC_LOG_ERROR, cfg_obj_log(obj, lctx, ISC_LOG_ERROR,
"invalid GeoIP DB specified for " "invalid GeoIP DB specified for "
"country search: ignored"); "country search: ignored");
return (subtype); return (subtype);
case dns_geoip_region: case dns_geoip_region:
if (strcasecmp(dbname, "city") == 0) if (strcasecmp(dbname, "city") == 0) {
return (dns_geoip_city_region); return (dns_geoip_city_region);
else if (strcasecmp(dbname, "region") == 0) } else if (strcasecmp(dbname, "region") == 0) {
return (dns_geoip_region_code); return (dns_geoip_region_code);
}
cfg_obj_log(obj, lctx, ISC_LOG_ERROR, cfg_obj_log(obj, lctx, ISC_LOG_ERROR,
"invalid GeoIP DB specified for " "invalid GeoIP DB specified for "
"region search: ignored"); "region search: ignored");
return (subtype); return (subtype);
case dns_geoip_regionname: case dns_geoip_regionname:
if (strcasecmp(dbname, "city") == 0) if (strcasecmp(dbname, "city") == 0) {
return (dns_geoip_city_region); return (dns_geoip_city_region);
else if (strcasecmp(dbname, "region") == 0) } else if (strcasecmp(dbname, "region") == 0) {
return (dns_geoip_region_name); return (dns_geoip_region_name);
}
cfg_obj_log(obj, lctx, ISC_LOG_ERROR, cfg_obj_log(obj, lctx, ISC_LOG_ERROR,
"invalid GeoIP DB specified for " "invalid GeoIP DB specified for "
"region search: ignored"); "region search: ignored");
@@ -350,40 +357,46 @@ get_subtype(const cfg_obj_t *obj, isc_log_t *lctx,
case dns_geoip_city_areacode: case dns_geoip_city_areacode:
case dns_geoip_city_continentcode: case dns_geoip_city_continentcode:
case dns_geoip_city_timezonecode: case dns_geoip_city_timezonecode:
if (strcasecmp(dbname, "city") != 0) if (strcasecmp(dbname, "city") != 0) {
cfg_obj_log(obj, lctx, ISC_LOG_WARNING, cfg_obj_log(obj, lctx, ISC_LOG_WARNING,
"invalid GeoIP DB specified for " "invalid GeoIP DB specified for "
"a 'city'-only search type: ignoring"); "a 'city'-only search type: ignoring");
}
return (subtype); return (subtype);
case dns_geoip_isp_name: case dns_geoip_isp_name:
if (strcasecmp(dbname, "isp") != 0) if (strcasecmp(dbname, "isp") != 0) {
cfg_obj_log(obj, lctx, ISC_LOG_WARNING, cfg_obj_log(obj, lctx, ISC_LOG_WARNING,
"invalid GeoIP DB specified for " "invalid GeoIP DB specified for "
"an 'isp' search: ignoring"); "an 'isp' search: ignoring");
}
return (subtype); return (subtype);
case dns_geoip_org_name: case dns_geoip_org_name:
if (strcasecmp(dbname, "org") != 0) if (strcasecmp(dbname, "org") != 0) {
cfg_obj_log(obj, lctx, ISC_LOG_WARNING, cfg_obj_log(obj, lctx, ISC_LOG_WARNING,
"invalid GeoIP DB specified for " "invalid GeoIP DB specified for "
"an 'org' search: ignoring"); "an 'org' search: ignoring");
}
return (subtype); return (subtype);
case dns_geoip_as_asnum: case dns_geoip_as_asnum:
if (strcasecmp(dbname, "asnum") != 0) if (strcasecmp(dbname, "asnum") != 0) {
cfg_obj_log(obj, lctx, ISC_LOG_WARNING, cfg_obj_log(obj, lctx, ISC_LOG_WARNING,
"invalid GeoIP DB specified for " "invalid GeoIP DB specified for "
"an 'asnum' search: ignoring"); "an 'asnum' search: ignoring");
}
return (subtype); return (subtype);
case dns_geoip_domain_name: case dns_geoip_domain_name:
if (strcasecmp(dbname, "domain") != 0) if (strcasecmp(dbname, "domain") != 0) {
cfg_obj_log(obj, lctx, ISC_LOG_WARNING, cfg_obj_log(obj, lctx, ISC_LOG_WARNING,
"invalid GeoIP DB specified for " "invalid GeoIP DB specified for "
"a 'domain' search: ignoring"); "a 'domain' search: ignoring");
}
return (subtype); return (subtype);
case dns_geoip_netspeed_id: case dns_geoip_netspeed_id:
if (strcasecmp(dbname, "netspeed") != 0) if (strcasecmp(dbname, "netspeed") != 0) {
cfg_obj_log(obj, lctx, ISC_LOG_WARNING, cfg_obj_log(obj, lctx, ISC_LOG_WARNING,
"invalid GeoIP DB specified for " "invalid GeoIP DB specified for "
"a 'netspeed' search: ignoring"); "a 'netspeed' search: ignoring");
}
return (subtype); return (subtype);
default: default:
INSIST(0); INSIST(0);
@@ -393,8 +406,9 @@ get_subtype(const cfg_obj_t *obj, isc_log_t *lctx,
static bool static bool
geoip_can_answer(dns_aclelement_t *elt, cfg_aclconfctx_t *ctx) { geoip_can_answer(dns_aclelement_t *elt, cfg_aclconfctx_t *ctx) {
if (ctx->geoip == NULL) if (ctx->geoip == NULL) {
return (true); return (true);
}
switch (elt->geoip_elem.subtype) { switch (elt->geoip_elem.subtype) {
case dns_geoip_countrycode: case dns_geoip_countrycode:
@@ -440,31 +454,39 @@ geoip_can_answer(dns_aclelement_t *elt, cfg_aclconfctx_t *ctx) {
case dns_geoip_city_timezonecode: case dns_geoip_city_timezonecode:
if (ctx->geoip->city_v4 != NULL || if (ctx->geoip->city_v4 != NULL ||
ctx->geoip->city_v6 != NULL) ctx->geoip->city_v6 != NULL)
{
return (true); return (true);
}
/* FALLTHROUGH */ /* FALLTHROUGH */
case dns_geoip_isp_name: case dns_geoip_isp_name:
if (ctx->geoip->isp != NULL) if (ctx->geoip->isp != NULL) {
return (true); return (true);
}
/* FALLTHROUGH */ /* FALLTHROUGH */
case dns_geoip_org_name: case dns_geoip_org_name:
if (ctx->geoip->org != NULL) if (ctx->geoip->org != NULL) {
return (true); return (true);
}
/* FALLTHROUGH */ /* FALLTHROUGH */
case dns_geoip_as_asnum: case dns_geoip_as_asnum:
if (ctx->geoip->as != NULL) if (ctx->geoip->as != NULL) {
return (true); return (true);
}
/* FALLTHROUGH */ /* FALLTHROUGH */
case dns_geoip_domain_name: case dns_geoip_domain_name:
if (ctx->geoip->domain != NULL) if (ctx->geoip->domain != NULL) {
return (true); return (true);
}
/* FALLTHROUGH */ /* FALLTHROUGH */
case dns_geoip_netspeed_id: case dns_geoip_netspeed_id:
if (ctx->geoip->netspeed != NULL) if (ctx->geoip->netspeed != NULL) {
return (true); return (true);
}
} }
return (false); return (false);
} }
#endif
static isc_result_t static isc_result_t
parse_geoip_element(const cfg_obj_t *obj, isc_log_t *lctx, parse_geoip_element(const cfg_obj_t *obj, isc_log_t *lctx,
@@ -482,8 +504,9 @@ parse_geoip_element(const cfg_obj_t *obj, isc_log_t *lctx,
de = *dep; de = *dep;
ge = cfg_tuple_get(obj, "db"); ge = cfg_tuple_get(obj, "db");
if (!cfg_obj_isvoid(ge)) if (!cfg_obj_isvoid(ge)) {
dbname = cfg_obj_asstring(ge); dbname = cfg_obj_asstring(ge);
}
stype = cfg_obj_asstring(cfg_tuple_get(obj, "subtype")); stype = cfg_obj_asstring(cfg_tuple_get(obj, "subtype"));
search = cfg_obj_asstring(cfg_tuple_get(obj, "search")); search = cfg_obj_asstring(cfg_tuple_get(obj, "search"));
@@ -600,7 +623,6 @@ parse_geoip_element(const cfg_obj_t *obj, isc_log_t *lctx,
return (ISC_R_SUCCESS); return (ISC_R_SUCCESS);
} }
#endif
isc_result_t isc_result_t
cfg_acl_fromconfig(const cfg_obj_t *caml, const cfg_obj_t *cctx, cfg_acl_fromconfig(const cfg_obj_t *caml, const cfg_obj_t *cctx,
@@ -655,12 +677,14 @@ cfg_acl_fromconfig2(const cfg_obj_t *caml, const cfg_obj_t *cctx,
mctx, &nelem, NULL); mctx, &nelem, NULL);
if (result != ISC_R_SUCCESS) if (result != ISC_R_SUCCESS)
return (result); return (result);
} else } else {
nelem = cfg_list_length(caml, false); nelem = cfg_list_length(caml, false);
}
result = dns_acl_create(mctx, nelem, &dacl); result = dns_acl_create(mctx, nelem, &dacl);
if (result != ISC_R_SUCCESS) if (result != ISC_R_SUCCESS) {
return (result); return (result);
}
} }
de = dacl->elements; de = dacl->elements;
@@ -694,8 +718,9 @@ cfg_acl_fromconfig2(const cfg_obj_t *caml, const cfg_obj_t *cctx,
result = dns_acl_create(mctx, result = dns_acl_create(mctx,
cfg_list_length(ce, false), cfg_list_length(ce, false),
&de->nestedacl); &de->nestedacl);
if (result != ISC_R_SUCCESS) if (result != ISC_R_SUCCESS) {
goto cleanup; goto cleanup;
}
iptab = de->nestedacl->iptable; iptab = de->nestedacl->iptable;
} }
@@ -711,8 +736,9 @@ cfg_acl_fromconfig2(const cfg_obj_t *caml, const cfg_obj_t *cctx,
cfg_obj_log(ce, lctx, ISC_LOG_WARNING, cfg_obj_log(ce, lctx, ISC_LOG_WARNING,
"'%s': incorrect address family; " "'%s': incorrect address family; "
"ignoring", buf); "ignoring", buf);
if (nest_level != 0) if (nest_level != 0) {
dns_acl_detach(&de->nestedacl); dns_acl_detach(&de->nestedacl);
}
continue; continue;
} }
result = isc_netaddr_prefixok(&addr, bitlen); result = isc_netaddr_prefixok(&addr, bitlen);
@@ -732,15 +758,17 @@ cfg_acl_fromconfig2(const cfg_obj_t *caml, const cfg_obj_t *cctx,
setpos = (nest_level != 0 || !neg); setpos = (nest_level != 0 || !neg);
result = dns_iptable_addprefix(iptab, &addr, bitlen, result = dns_iptable_addprefix(iptab, &addr, bitlen,
setpos); setpos);
if (result != ISC_R_SUCCESS) if (result != ISC_R_SUCCESS) {
goto cleanup; goto cleanup;
}
if (nest_level > 0) { if (nest_level > 0) {
INSIST(dacl->length < dacl->alloc); INSIST(dacl->length < dacl->alloc);
de->type = dns_aclelementtype_nestedacl; de->type = dns_aclelementtype_nestedacl;
de->negative = neg; de->negative = neg;
} else } else {
continue; continue;
}
} else if (cfg_obj_islist(ce)) { } else if (cfg_obj_islist(ce)) {
/* /*
* If we're nesting ACLs, put the nested * If we're nesting ACLs, put the nested
@@ -749,29 +777,30 @@ cfg_acl_fromconfig2(const cfg_obj_t *caml, const cfg_obj_t *cctx,
* in two cases: 1) sortlist, 2) if the * in two cases: 1) sortlist, 2) if the
* nested ACL contains negated members. * nested ACL contains negated members.
*/ */
if (inneracl != NULL) if (inneracl != NULL) {
dns_acl_detach(&inneracl); dns_acl_detach(&inneracl);
}
result = cfg_acl_fromconfig(ce, cctx, lctx, result = cfg_acl_fromconfig(ce, cctx, lctx,
ctx, mctx, new_nest_level, ctx, mctx, new_nest_level,
&inneracl); &inneracl);
if (result != ISC_R_SUCCESS) if (result != ISC_R_SUCCESS) {
goto cleanup; goto cleanup;
}
nested_acl: nested_acl:
if (nest_level > 0 || inneracl->has_negatives) { if (nest_level > 0 || inneracl->has_negatives) {
INSIST(dacl->length < dacl->alloc); INSIST(dacl->length < dacl->alloc);
de->type = dns_aclelementtype_nestedacl; de->type = dns_aclelementtype_nestedacl;
de->negative = neg; de->negative = neg;
if (de->nestedacl != NULL) if (de->nestedacl != NULL) {
dns_acl_detach(&de->nestedacl); dns_acl_detach(&de->nestedacl);
dns_acl_attach(inneracl, }
&de->nestedacl); dns_acl_attach(inneracl, &de->nestedacl);
dns_acl_detach(&inneracl); dns_acl_detach(&inneracl);
/* Fall through. */ /* Fall through. */
} else { } else {
INSIST(dacl->length + inneracl->length INSIST(dacl->length + inneracl->length
<= dacl->alloc); <= dacl->alloc);
dns_acl_merge(dacl, inneracl, dns_acl_merge(dacl, inneracl, !neg);
!neg);
de += inneracl->length; /* elements added */ de += inneracl->length; /* elements added */
dns_acl_detach(&inneracl); dns_acl_detach(&inneracl);
INSIST(dacl->length <= dacl->alloc); INSIST(dacl->length <= dacl->alloc);
@@ -785,19 +814,21 @@ nested_acl:
dns_name_init(&de->keyname, NULL); dns_name_init(&de->keyname, NULL);
result = convert_keyname(ce, lctx, mctx, result = convert_keyname(ce, lctx, mctx,
&de->keyname); &de->keyname);
if (result != ISC_R_SUCCESS) if (result != ISC_R_SUCCESS) {
goto cleanup; goto cleanup;
#ifdef HAVE_GEOIP }
#if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2)
} else if (cfg_obj_istuple(ce) && } else if (cfg_obj_istuple(ce) &&
cfg_obj_isvoid(cfg_tuple_get(ce, "negated"))) cfg_obj_isvoid(cfg_tuple_get(ce, "negated")))
{ {
INSIST(dacl->length < dacl->alloc); INSIST(dacl->length < dacl->alloc);
result = parse_geoip_element(ce, lctx, ctx, de); result = parse_geoip_element(ce, lctx, ctx, de);
if (result != ISC_R_SUCCESS) if (result != ISC_R_SUCCESS) {
goto cleanup; goto cleanup;
}
de->type = dns_aclelementtype_geoip; de->type = dns_aclelementtype_geoip;
de->negative = neg; de->negative = neg;
#endif /* HAVE_GEOIP */ #endif /* HAVE_GEOIP || HAVE_GEOIP2 */
} else if (cfg_obj_isstring(ce)) { } else if (cfg_obj_isstring(ce)) {
/* ACL name. */ /* ACL name. */
const char *name = cfg_obj_asstring(ce); const char *name = cfg_obj_asstring(ce);
@@ -806,15 +837,17 @@ nested_acl:
setpos = (nest_level != 0 || !neg); setpos = (nest_level != 0 || !neg);
result = dns_iptable_addprefix(iptab, NULL, 0, result = dns_iptable_addprefix(iptab, NULL, 0,
setpos); setpos);
if (result != ISC_R_SUCCESS) if (result != ISC_R_SUCCESS) {
goto cleanup; goto cleanup;
}
if (nest_level != 0) { if (nest_level != 0) {
INSIST(dacl->length < dacl->alloc); INSIST(dacl->length < dacl->alloc);
de->type = dns_aclelementtype_nestedacl; de->type = dns_aclelementtype_nestedacl;
de->negative = neg; de->negative = neg;
} else } else {
continue; continue;
}
} else if (strcasecmp(name, "none") == 0) { } else if (strcasecmp(name, "none") == 0) {
/* none == !any */ /* none == !any */
/* /*
@@ -826,18 +859,21 @@ nested_acl:
setpos = (nest_level != 0 || neg); setpos = (nest_level != 0 || neg);
result = dns_iptable_addprefix(iptab, NULL, 0, result = dns_iptable_addprefix(iptab, NULL, 0,
setpos); setpos);
if (result != ISC_R_SUCCESS) if (result != ISC_R_SUCCESS) {
goto cleanup; goto cleanup;
}
if (!neg) if (!neg) {
dacl->has_negatives = !neg; dacl->has_negatives = !neg;
}
if (nest_level != 0) { if (nest_level != 0) {
INSIST(dacl->length < dacl->alloc); INSIST(dacl->length < dacl->alloc);
de->type = dns_aclelementtype_nestedacl; de->type = dns_aclelementtype_nestedacl;
de->negative = !neg; de->negative = !neg;
} else } else {
continue; continue;
}
} else if (strcasecmp(name, "localhost") == 0) { } else if (strcasecmp(name, "localhost") == 0) {
INSIST(dacl->length < dacl->alloc); INSIST(dacl->length < dacl->alloc);
de->type = dns_aclelementtype_localhost; de->type = dns_aclelementtype_localhost;
@@ -856,8 +892,9 @@ nested_acl:
result = convert_named_acl(ce, cctx, lctx, ctx, result = convert_named_acl(ce, cctx, lctx, ctx,
mctx, new_nest_level, mctx, new_nest_level,
&inneracl); &inneracl);
if (result != ISC_R_SUCCESS) if (result != ISC_R_SUCCESS) {
goto cleanup; goto cleanup;
}
goto nested_acl; goto nested_acl;
} }
@@ -876,7 +913,9 @@ nested_acl:
*/ */
if (de->nestedacl != NULL && if (de->nestedacl != NULL &&
de->type != dns_aclelementtype_nestedacl) de->type != dns_aclelementtype_nestedacl)
{
dns_acl_detach(&de->nestedacl); dns_acl_detach(&de->nestedacl);
}
dacl->node_count++; dacl->node_count++;
de->node_num = dacl->node_count; de->node_num = dacl->node_count;
@@ -890,8 +929,9 @@ nested_acl:
result = ISC_R_SUCCESS; result = ISC_R_SUCCESS;
cleanup: cleanup:
if (inneracl != NULL) if (inneracl != NULL) {
dns_acl_detach(&inneracl); dns_acl_detach(&inneracl);
}
dns_acl_detach(&dacl); dns_acl_detach(&dacl);
return (result); return (result);
} }

4
lib/isccfg/include/isccfg/aclconf.h
View File

@@ -19,15 +19,13 @@
#include <isccfg/cfg.h> #include <isccfg/cfg.h>
#ifdef HAVE_GEOIP
#include <dns/geoip.h> #include <dns/geoip.h>
#endif
#include <dns/types.h> #include <dns/types.h>
typedef struct cfg_aclconfctx { typedef struct cfg_aclconfctx {
ISC_LIST(dns_acl_t) named_acl_cache; ISC_LIST(dns_acl_t) named_acl_cache;
isc_mem_t *mctx; isc_mem_t *mctx;
#ifdef HAVE_GEOIP #if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2)
dns_geoip_databases_t *geoip; dns_geoip_databases_t *geoip;
#endif #endif
isc_refcount_t references; isc_refcount_t references;

2
lib/isccfg/namedconf.c
View File

@@ -1075,7 +1075,7 @@ options_clauses[] = {
{ "fstrm-set-reopen-interval", &cfg_type_ttlval, { "fstrm-set-reopen-interval", &cfg_type_ttlval,
CFG_CLAUSEFLAG_NOTCONFIGURED }, CFG_CLAUSEFLAG_NOTCONFIGURED },
#endif /* HAVE_DNSTAP */ #endif /* HAVE_DNSTAP */
#ifdef HAVE_GEOIP #if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2)
{ "geoip-directory", &cfg_type_qstringornone, 0 }, { "geoip-directory", &cfg_type_qstringornone, 0 },
#else #else
{ "geoip-directory", &cfg_type_qstringornone, { "geoip-directory", &cfg_type_qstringornone,

10
lib/isccfg/parser.c
View File

@@ -100,7 +100,7 @@ static void
parser_complain(cfg_parser_t *pctx, bool is_warning, parser_complain(cfg_parser_t *pctx, bool is_warning,
unsigned int flags, const char *format, va_list args); unsigned int flags, const char *format, va_list args);
#ifdef HAVE_GEOIP #if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2)
static isc_result_t static isc_result_t
parse_geoip(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret); parse_geoip(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret);
@@ -109,7 +109,7 @@ print_geoip(cfg_printer_t *pctx, const cfg_obj_t *obj);
static void static void
doc_geoip(cfg_printer_t *pctx, const cfg_type_t *type); doc_geoip(cfg_printer_t *pctx, const cfg_type_t *type);
#endif /* HAVE_GEOIP */ #endif /* HAVE_GEOIP || HAVE_GEOIP2 */
/* /*
* Data representations. These correspond to members of the * Data representations. These correspond to members of the
@@ -1312,7 +1312,7 @@ LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_bracketed_text = {
&cfg_rep_string, NULL &cfg_rep_string, NULL
}; };
#ifdef HAVE_GEOIP #if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2)
/* /*
* "geoip" ACL element: * "geoip" ACL element:
* geoip [ db <database> ] search-type <string> * geoip [ db <database> ] search-type <string>
@@ -1406,7 +1406,7 @@ doc_geoip(cfg_printer_t *pctx, const cfg_type_t *type) {
cfg_print_cstr(pctx, " "); cfg_print_cstr(pctx, " ");
cfg_print_cstr(pctx, "<quoted_string>"); cfg_print_cstr(pctx, "<quoted_string>");
} }
#endif /* HAVE_GEOIP */ #endif /* HAVE_GEOIP || HAVE_GEOIP2 */
static cfg_type_t cfg_type_addrmatchelt; static cfg_type_t cfg_type_addrmatchelt;
static cfg_type_t cfg_type_negated; static cfg_type_t cfg_type_negated;
@@ -1427,7 +1427,7 @@ parse_addrmatchelt(cfg_parser_t *pctx, const cfg_type_t *type,
CHECK(cfg_parse_obj(pctx, &cfg_type_keyref, ret)); CHECK(cfg_parse_obj(pctx, &cfg_type_keyref, ret));
} else if (pctx->token.type == isc_tokentype_string && } else if (pctx->token.type == isc_tokentype_string &&
(strcasecmp(TOKEN_STRING(pctx), "geoip") == 0)) { (strcasecmp(TOKEN_STRING(pctx), "geoip") == 0)) {
#ifdef HAVE_GEOIP #if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2)
CHECK(cfg_gettoken(pctx, 0)); CHECK(cfg_gettoken(pctx, 0));
CHECK(cfg_parse_obj(pctx, &cfg_type_geoip, ret)); CHECK(cfg_parse_obj(pctx, &cfg_type_geoip, ret));
#else #else

2
lib/ns/interfacemgr.c
View File

@@ -230,7 +230,7 @@ ns_interfacemgr_create(isc_mem_t *mctx,
result = dns_aclenv_init(mctx, &mgr->aclenv); result = dns_aclenv_init(mctx, &mgr->aclenv);
if (result != ISC_R_SUCCESS) if (result != ISC_R_SUCCESS)
goto cleanup_listenon; goto cleanup_listenon;
#ifdef HAVE_GEOIP #if defined(HAVE_GEOIP) || defined(HAVE_GEOIP2)
mgr->aclenv.geoip = geoip; mgr->aclenv.geoip = geoip;
#else #else
UNUSED(geoip); UNUSED(geoip);