From 4423c99613db1399dbb5c51e86ef0d351a1418c2 Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Wed, 23 Feb 2005 01:09:23 +0000 Subject: [PATCH] 1814. [func] UNIX domain controls are now supported. --- CHANGES | 2 +- bin/named/controlconf.c | 152 +++++++- bin/rndc/rndc.c | 29 +- config.h.in | 9 +- configure | 182 ++++++++- configure.in | 20 +- lib/bind9/check.c | 146 ++++++- lib/dns/dispatch.c | 5 +- lib/isc/include/isc/netaddr.h | 13 +- lib/isc/include/isc/platform.h.in | 7 +- lib/isc/include/isc/sockaddr.h | 19 +- lib/isc/include/isc/socket.h | 43 ++- lib/isc/netaddr.c | 41 +- lib/isc/sockaddr.c | 47 ++- lib/isc/unix/include/isc/net.h | 8 +- lib/isc/unix/net.c | 12 +- lib/isc/unix/socket.c | 206 +++++++++- lib/isc/win32/include/isc/net.h | 13 +- lib/isc/win32/include/isc/platform.h | 8 +- lib/isc/win32/libisc.def | 550 +++++++++++++-------------- lib/isc/win32/net.c | 7 +- lib/isc/win32/socket.c | 19 +- lib/isccfg/namedconf.c | 52 ++- 23 files changed, 1259 insertions(+), 331 deletions(-) diff --git a/CHANGES b/CHANGES index e86f975f7b..0b75aa7cfb 100644 --- a/CHANGES +++ b/CHANGES @@ -2,7 +2,7 @@ 1815. [placeholder] rt13086 -1814. [placeholder] rt13455 +1814. [func] UNIX domain controls are now supported. 1813. [placeholder] rt13505 diff --git a/bin/named/controlconf.c b/bin/named/controlconf.c index 571c660081..63d830439d 100644 --- a/bin/named/controlconf.c +++ b/bin/named/controlconf.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: controlconf.c,v 1.42 2005/01/12 01:56:06 marka Exp $ */ +/* $Id: controlconf.c,v 1.43 2005/02/23 01:06:36 marka Exp $ */ #include @@ -96,6 +96,10 @@ struct controllistener { isc_boolean_t exiting; controlkeylist_t keys; controlconnectionlist_t connections; + isc_sockettype_t type; + isc_uint32_t perm; + isc_uint32_t owner; + isc_uint32_t group; ISC_LINK(controllistener_t) link; }; @@ -191,6 +195,8 @@ shutdown_listener(controllistener_t *listener) { isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_CONTROL, ISC_LOG_NOTICE, "stopping command channel on %s", socktext); + if (listener->type == isc_sockettype_unix) + isc_socket_cleanunix(&listener->address, ISC_TRUE); listener->exiting = ISC_TRUE; } @@ -595,7 +601,8 @@ control_newconn(isc_task_t *task, isc_event_t *event) { sock = nevent->newsocket; (void)isc_socket_getpeername(sock, &peeraddr); - if (!address_ok(&peeraddr, listener->acl)) { + if (listener->type == isc_sockettype_tcp && + !address_ok(&peeraddr, listener->acl)) { char socktext[ISC_SOCKADDR_FORMATSIZE]; isc_sockaddr_format(&peeraddr, socktext, sizeof(socktext)); isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, @@ -915,7 +922,8 @@ static void update_listener(ns_controls_t *cp, controllistener_t **listenerp, cfg_obj_t *control, cfg_obj_t *config, isc_sockaddr_t *addr, - cfg_aclconfctx_t *aclconfctx, const char *socktext) + cfg_aclconfctx_t *aclconfctx, const char *socktext, + isc_sockettype_t type) { controllistener_t *listener; cfg_obj_t *allow; @@ -993,7 +1001,7 @@ update_listener(ns_controls_t *cp, /* * Now, keep the old access list unless a new one can be made. */ - if (control != NULL) { + if (control != NULL && type == isc_sockettype_tcp) { allow = cfg_tuple_get(control, "allow"); result = cfg_acl_fromconfig(allow, config, ns_g_lctx, aclconfctx, listener->mctx, @@ -1013,13 +1021,34 @@ update_listener(ns_controls_t *cp, "command channel %s: %s", socktext, isc_result_totext(result)); + if (result == ISC_R_SUCCESS && type == isc_sockettype_unix) { + isc_uint32_t perm, owner, group; + perm = cfg_obj_asuint32(cfg_tuple_get(control, "perm")); + owner = cfg_obj_asuint32(cfg_tuple_get(control, "owner")); + group = cfg_obj_asuint32(cfg_tuple_get(control, "group")); + result = ISC_R_SUCCESS; + if (listener->perm != perm || listener->owner != owner || + listener->group != group) + result = isc_socket_permunix(&listener->address, perm, + owner, group); + if (result == ISC_R_SUCCESS) { + listener->perm = perm; + listener->owner = owner; + listener->group = group; + } else + cfg_obj_log(control, ns_g_lctx, ISC_LOG_WARNING, + "couldn't update ownership/permission for " + "command channel %s", socktext); + } + *listenerp = listener; } static void add_listener(ns_controls_t *cp, controllistener_t **listenerp, cfg_obj_t *control, cfg_obj_t *config, isc_sockaddr_t *addr, - cfg_aclconfctx_t *aclconfctx, const char *socktext) + cfg_aclconfctx_t *aclconfctx, const char *socktext, + isc_sockettype_t type) { isc_mem_t *mctx = cp->server->mctx; controllistener_t *listener; @@ -1042,6 +1071,10 @@ add_listener(ns_controls_t *cp, controllistener_t **listenerp, listener->listening = ISC_FALSE; listener->exiting = ISC_FALSE; listener->acl = NULL; + listener->type = type; + listener->perm = 0; + listener->owner = 0; + listener->group = 0; ISC_LINK_INIT(listener, link); ISC_LIST_INIT(listener->keys); ISC_LIST_INIT(listener->connections); @@ -1049,7 +1082,7 @@ add_listener(ns_controls_t *cp, controllistener_t **listenerp, /* * Make the acl. */ - if (control != NULL) { + if (control != NULL && type == isc_sockettype_tcp) { allow = cfg_tuple_get(control, "allow"); result = cfg_acl_fromconfig(allow, config, ns_g_lctx, aclconfctx, mctx, &new_acl); @@ -1087,20 +1120,35 @@ add_listener(ns_controls_t *cp, controllistener_t **listenerp, if (result == ISC_R_SUCCESS) { int pf = isc_sockaddr_pf(&listener->address); if ((pf == AF_INET && isc_net_probeipv4() != ISC_R_SUCCESS) || +#ifdef ISC_PLATFORM_HAVESYSUNH + (pf == AF_UNIX && isc_net_probeunix() != ISC_R_SUCCESS) || +#endif (pf == AF_INET6 && isc_net_probeipv6() != ISC_R_SUCCESS)) result = ISC_R_FAMILYNOSUPPORT; } + if (result == ISC_R_SUCCESS && type == isc_sockettype_unix) + isc_socket_cleanunix(&listener->address, ISC_FALSE); + if (result == ISC_R_SUCCESS) result = isc_socket_create(ns_g_socketmgr, isc_sockaddr_pf(&listener->address), - isc_sockettype_tcp, - &listener->sock); + type, &listener->sock); if (result == ISC_R_SUCCESS) result = isc_socket_bind(listener->sock, &listener->address); + if (result == ISC_R_SUCCESS && type == isc_sockettype_unix) { + listener->perm = cfg_obj_asuint32(cfg_tuple_get(control, + "perm")); + listener->owner = cfg_obj_asuint32(cfg_tuple_get(control, + "owner")); + listener->group = cfg_obj_asuint32(cfg_tuple_get(control, + "group")); + result = isc_socket_permunix(&listener->address, listener->perm, + listener->owner, listener->group); + } if (result == ISC_R_SUCCESS) result = control_listen(listener); @@ -1183,9 +1231,6 @@ ns_controls_configure(ns_controls_t *cp, cfg_obj_t *config, * The parser handles BIND 8 configuration file * syntax, so it allows unix phrases as well * inet phrases with no keys{} clause. - * - * "unix" phrases have been reported as - * unsupported by the parser. */ control = cfg_listelt_value(element2); @@ -1206,7 +1251,8 @@ ns_controls_configure(ns_controls_t *cp, cfg_obj_t *config, socktext); update_listener(cp, &listener, control, config, - addr, aclconfctx, socktext); + addr, aclconfctx, socktext, + isc_sockettype_tcp); if (listener != NULL) /* @@ -1221,7 +1267,81 @@ ns_controls_configure(ns_controls_t *cp, cfg_obj_t *config, */ add_listener(cp, &listener, control, config, addr, aclconfctx, - socktext); + socktext, + isc_sockettype_tcp); + + if (listener != NULL) + ISC_LIST_APPEND(new_listeners, + listener, link); + } + } + for (element = cfg_list_first(controlslist); + element != NULL; + element = cfg_list_next(element)) { + cfg_obj_t *controls; + cfg_obj_t *unixcontrols = NULL; + + controls = cfg_listelt_value(element); + (void)cfg_map_get(controls, "unix", &unixcontrols); + if (unixcontrols == NULL) + continue; + + for (element2 = cfg_list_first(unixcontrols); + element2 != NULL; + element2 = cfg_list_next(element2)) { + cfg_obj_t *control; + cfg_obj_t *path; + isc_sockaddr_t addr; + isc_result_t result; + + /* + * The parser handles BIND 8 configuration file + * syntax, so it allows unix phrases as well + * inet phrases with no keys{} clause. + */ + control = cfg_listelt_value(element2); + + path = cfg_tuple_get(control, "path"); + result = isc_sockaddr_frompath(&addr, + cfg_obj_asstring(path)); + if (result != ISC_R_SUCCESS) { + isc_log_write(ns_g_lctx, + NS_LOGCATEGORY_GENERAL, + NS_LOGMODULE_CONTROL, + ISC_LOG_DEBUG(9), + "control channel '%s': %s", + cfg_obj_asstring(path), + isc_result_totext(result)); + continue; + } + + isc_log_write(ns_g_lctx, + NS_LOGCATEGORY_GENERAL, + NS_LOGMODULE_CONTROL, + ISC_LOG_DEBUG(9), + "processing control channel '%s'", + cfg_obj_asstring(path)); + + update_listener(cp, &listener, control, config, + &addr, aclconfctx, + cfg_obj_asstring(path), + isc_sockettype_unix); + + if (listener != NULL) + /* + * Remove the listener from the old + * list, so it won't be shut down. + */ + ISC_LIST_UNLINK(cp->listeners, + listener, link); + else + /* + * This is a new listener. + */ + add_listener(cp, &listener, control, + config, &addr, aclconfctx, + cfg_obj_asstring(path), + isc_sockettype_unix); if (listener != NULL) ISC_LIST_APPEND(new_listeners, @@ -1252,7 +1372,8 @@ ns_controls_configure(ns_controls_t *cp, cfg_obj_t *config, isc_sockaddr_format(&addr, socktext, sizeof(socktext)); update_listener(cp, &listener, NULL, NULL, - &addr, NULL, socktext); + &addr, NULL, socktext, + isc_sockettype_tcp); if (listener != NULL) /* @@ -1266,7 +1387,8 @@ ns_controls_configure(ns_controls_t *cp, cfg_obj_t *config, * This is a new listener. */ add_listener(cp, &listener, NULL, NULL, - &addr, NULL, socktext); + &addr, NULL, socktext, + isc_sockettype_tcp); if (listener != NULL) ISC_LIST_APPEND(new_listeners, diff --git a/bin/rndc/rndc.c b/bin/rndc/rndc.c index b064a35b1d..ebe7304acf 100644 --- a/bin/rndc/rndc.c +++ b/bin/rndc/rndc.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: rndc.c,v 1.102 2005/01/17 04:11:33 marka Exp $ */ +/* $Id: rndc.c,v 1.103 2005/02/23 01:06:36 marka Exp $ */ /* * Principal Author: DCL @@ -141,10 +141,18 @@ get_addresses(const char *host, in_port_t port) { isc_result_t result; int found = 0, count; - count = SERVERADDRS - nserveraddrs; - result = bind9_getaddresses(host, port, &serveraddrs[nserveraddrs], - count, &found); - nserveraddrs += found; + if (*host == '/') { + result = isc_sockaddr_frompath(&serveraddrs[nserveraddrs], + host); + if (result == ISC_R_SUCCESS) + nserveraddrs++; + } else { + count = SERVERADDRS - nserveraddrs; + result = bind9_getaddresses(host, port, + &serveraddrs[nserveraddrs], + count, &found); + nserveraddrs += found; + } if (result != ISC_R_SUCCESS) fatal("couldn't get address for '%s': %s", host, isc_result_totext(result)); @@ -358,6 +366,8 @@ rndc_connected(isc_task_t *task, isc_event_t *event) { static void rndc_startconnect(isc_sockaddr_t *addr, isc_task_t *task) { isc_result_t result; + int pf; + isc_sockettype_t type; char socktext[ISC_SOCKADDR_FORMATSIZE]; @@ -365,9 +375,12 @@ rndc_startconnect(isc_sockaddr_t *addr, isc_task_t *task) { notify("using server %s (%s)", servername, socktext); - DO("create socket", isc_socket_create(socketmgr, - isc_sockaddr_pf(addr), - isc_sockettype_tcp, &sock)); + pf = isc_sockaddr_pf(addr); + if (pf == AF_INET || pf == AF_INET6) + type = isc_sockettype_tcp; + else + type = isc_sockettype_unix; + DO("create socket", isc_socket_create(socketmgr, pf, type, &sock)); switch (isc_sockaddr_pf(addr)) { case AF_INET: DO("bind socket", isc_socket_bind(sock, &local4)); diff --git a/config.h.in b/config.h.in index 778afff595..aaca05ad65 100644 --- a/config.h.in +++ b/config.h.in @@ -16,7 +16,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: config.h.in,v 1.64 2004/12/04 06:48:43 marka Exp $ */ +/* $Id: config.h.in,v 1.65 2005/02/23 01:09:23 marka Exp $ */ /*** *** This file is not to be included by any public header files, because @@ -218,12 +218,19 @@ int sigwait(const unsigned int *set, int *sig); /* Define to 1 if you have the header file. */ #undef HAVE_SYS_TYPES_H +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_UN_H + /* Define if running under Compaq TruCluster */ #undef HAVE_TRUCLUSTER /* Define to 1 if you have the header file. */ #undef HAVE_UNISTD_H +/* Define if connect does not honour the permission on the UNIX domain socket. + */ +#undef NEED_SECURE_DIRECTORY + /* Define to the address where bug reports for this package should be sent. */ #undef PACKAGE_BUGREPORT diff --git a/configure b/configure index 3c3849a866..ceeee67b90 100755 --- a/configure +++ b/configure @@ -1,5 +1,5 @@ #! /bin/sh -# Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") # Copyright (C) 1996-2003 Internet Software Consortium. # # Permission to use, copy, modify, and distribute this software for any @@ -14,7 +14,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. # -# $Id: configure,v 1.357 2004/12/09 02:16:28 marka Exp $ +# $Id: configure,v 1.358 2005/02/23 01:09:23 marka Exp $ # # Portions Copyright (C) 1996-2001 Nominum, Inc. # @@ -29,7 +29,7 @@ # WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN # ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT # OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -# From configure.in Revision: 1.371 . +# From configure.in Revision: 1.372 . # Guess values for system-dependent variables and create Makefiles. # Generated by GNU Autoconf 2.59. # @@ -495,7 +495,7 @@ ac_includes_default="\ # include #endif" -ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS subdirs build build_cpu build_vendor build_os host host_cpu host_vendor host_os SET_MAKE RANLIB ac_ct_RANLIB INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA STD_CINCLUDES STD_CDEFINES STD_CWARNINGS CCOPT AR ARFLAGS LN ETAGS PERL CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT CPP EGREP ISC_SOCKADDR_LEN_T ISC_PLATFORM_HAVELONGLONG ISC_PLATFORM_HAVELIFCONF ISC_PLATFORM_NEEDSYSSELECTH LWRES_PLATFORM_NEEDSYSSELECTH USE_OPENSSL DST_OPENSSL_INC USE_GSSAPI DST_GSSAPI_INC DNS_CRYPTO_LIBS ALWAYS_DEFINES ISC_PLATFORM_USETHREADS ISC_THREAD_DIR MKDEPCC MKDEPCFLAGS MKDEPPROG IRIX_DNSSEC_WARNINGS_HACK purify_path PURIFY LN_S ECHO ac_ct_AR STRIP ac_ct_STRIP CXX CXXFLAGS ac_ct_CXX CXXCPP F77 FFLAGS ac_ct_F77 LIBTOOL O A SA LIBTOOL_MKDEP_SED LIBTOOL_MODE_COMPILE LIBTOOL_MODE_INSTALL LIBTOOL_MODE_LINK LIBTOOL_ALLOW_UNDEFINED LIBTOOL_IN_MAIN LIBBIND ISC_PLATFORM_HAVEIPV6 LWRES_PLATFORM_HAVEIPV6 ISC_PLATFORM_NEEDNETINETIN6H LWRES_PLATFORM_NEEDNETINETIN6H ISC_PLATFORM_NEEDNETINET6IN6H LWRES_PLATFORM_NEEDNETINET6IN6H ISC_PLATFORM_HAVEINADDR6 LWRES_PLATFORM_HAVEINADDR6 ISC_PLATFORM_NEEDIN6ADDRANY LWRES_PLATFORM_NEEDIN6ADDRANY ISC_PLATFORM_NEEDIN6ADDRLOOPBACK LWRES_PLATFORM_NEEDIN6ADDRLOOPBACK ISC_PLATFORM_HAVEIN6PKTINFO ISC_PLATFORM_FIXIN6ISADDR ISC_IPV6_H ISC_IPV6_O ISC_ISCIPV6_O ISC_IPV6_C LWRES_HAVE_SIN6_SCOPE_ID ISC_PLATFORM_HAVESCOPEID ISC_PLATFORM_HAVEIF_LADDRREQ ISC_PLATFORM_HAVEIF_LADDRCONF ISC_PLATFORM_NEEDNTOP ISC_PLATFORM_NEEDPTON ISC_PLATFORM_NEEDATON ISC_PLATFORM_HAVESALEN LWRES_PLATFORM_HAVESALEN ISC_PLATFORM_MSGHDRFLAVOR ISC_PLATFORM_NEEDPORTT ISC_LWRES_NEEDADDRINFO ISC_LWRES_NEEDRRSETINFO ISC_LWRES_SETHOSTENTINT ISC_LWRES_ENDHOSTENTINT ISC_LWRES_GETNETBYADDRINADDR ISC_LWRES_SETNETENTINT ISC_LWRES_ENDNETENTINT ISC_LWRES_GETHOSTBYADDRVOID ISC_LWRES_NEEDHERRNO ISC_LWRES_GETIPNODEPROTO ISC_LWRES_GETADDRINFOPROTO ISC_LWRES_GETNAMEINFOPROTO ISC_PLATFORM_NEEDSTRSEP ISC_PLATFORM_NEEDMEMMOVE ISC_PLATFORM_NEEDSTRTOUL ISC_PLATFORM_NEEDSTRLCPY ISC_PLATFORM_NEEDSTRLCAT ISC_PLATFORM_NEEDSPRINTF LWRES_PLATFORM_NEEDSPRINTF ISC_PLATFORM_NEEDVSNPRINTF LWRES_PLATFORM_NEEDVSNPRINTF ISC_EXTRA_OBJS ISC_EXTRA_SRCS ISC_PLATFORM_QUADFORMAT ISC_PLATFORM_RLIMITTYPE ISC_PLATFORM_USEDECLSPEC LWRES_PLATFORM_USEDECLSPEC ISC_PLATFORM_BRACEPTHREADONCEINIT ISC_PLATFORM_HAVEIFNAMETOINDEX OPENJADE JADETEX PDFJADETEX SGMLCATALOG HTMLSTYLE PRINTSTYLE XMLDCL DOCBOOK2MANSPEC BIND9_TOP_BUILDDIR BIND9_ISC_BUILDINCLUDE BIND9_ISCCC_BUILDINCLUDE BIND9_ISCCFG_BUILDINCLUDE BIND9_DNS_BUILDINCLUDE BIND9_LWRES_BUILDINCLUDE BIND9_BIND9_BUILDINCLUDE BIND9_VERSION LIBOBJS LTLIBOBJS' +ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS subdirs build build_cpu build_vendor build_os host host_cpu host_vendor host_os SET_MAKE RANLIB ac_ct_RANLIB INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA STD_CINCLUDES STD_CDEFINES STD_CWARNINGS CCOPT AR ARFLAGS LN ETAGS PERL CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT CPP EGREP ISC_SOCKADDR_LEN_T ISC_PLATFORM_HAVELONGLONG ISC_PLATFORM_HAVELIFCONF ISC_PLATFORM_NEEDSYSSELECTH LWRES_PLATFORM_NEEDSYSSELECTH USE_OPENSSL DST_OPENSSL_INC USE_GSSAPI DST_GSSAPI_INC DNS_CRYPTO_LIBS ALWAYS_DEFINES ISC_PLATFORM_USETHREADS ISC_THREAD_DIR MKDEPCC MKDEPCFLAGS MKDEPPROG IRIX_DNSSEC_WARNINGS_HACK purify_path PURIFY LN_S ECHO ac_ct_AR STRIP ac_ct_STRIP CXX CXXFLAGS ac_ct_CXX CXXCPP F77 FFLAGS ac_ct_F77 LIBTOOL O A SA LIBTOOL_MKDEP_SED LIBTOOL_MODE_COMPILE LIBTOOL_MODE_INSTALL LIBTOOL_MODE_LINK LIBTOOL_ALLOW_UNDEFINED LIBTOOL_IN_MAIN LIBBIND ISC_PLATFORM_HAVEIPV6 LWRES_PLATFORM_HAVEIPV6 ISC_PLATFORM_NEEDNETINETIN6H LWRES_PLATFORM_NEEDNETINETIN6H ISC_PLATFORM_NEEDNETINET6IN6H LWRES_PLATFORM_NEEDNETINET6IN6H ISC_PLATFORM_HAVEINADDR6 LWRES_PLATFORM_HAVEINADDR6 ISC_PLATFORM_NEEDIN6ADDRANY LWRES_PLATFORM_NEEDIN6ADDRANY ISC_PLATFORM_NEEDIN6ADDRLOOPBACK LWRES_PLATFORM_NEEDIN6ADDRLOOPBACK ISC_PLATFORM_HAVEIN6PKTINFO ISC_PLATFORM_FIXIN6ISADDR ISC_IPV6_H ISC_IPV6_O ISC_ISCIPV6_O ISC_IPV6_C LWRES_HAVE_SIN6_SCOPE_ID ISC_PLATFORM_HAVESCOPEID ISC_PLATFORM_HAVEIF_LADDRREQ ISC_PLATFORM_HAVEIF_LADDRCONF ISC_PLATFORM_NEEDNTOP ISC_PLATFORM_NEEDPTON ISC_PLATFORM_NEEDATON ISC_PLATFORM_HAVESALEN LWRES_PLATFORM_HAVESALEN ISC_PLATFORM_MSGHDRFLAVOR ISC_PLATFORM_NEEDPORTT ISC_LWRES_NEEDADDRINFO ISC_LWRES_NEEDRRSETINFO ISC_LWRES_SETHOSTENTINT ISC_LWRES_ENDHOSTENTINT ISC_LWRES_GETNETBYADDRINADDR ISC_LWRES_SETNETENTINT ISC_LWRES_ENDNETENTINT ISC_LWRES_GETHOSTBYADDRVOID ISC_LWRES_NEEDHERRNO ISC_LWRES_GETIPNODEPROTO ISC_LWRES_GETADDRINFOPROTO ISC_LWRES_GETNAMEINFOPROTO ISC_PLATFORM_NEEDSTRSEP ISC_PLATFORM_NEEDMEMMOVE ISC_PLATFORM_NEEDSTRTOUL ISC_PLATFORM_NEEDSTRLCPY ISC_PLATFORM_NEEDSTRLCAT ISC_PLATFORM_NEEDSPRINTF LWRES_PLATFORM_NEEDSPRINTF ISC_PLATFORM_NEEDVSNPRINTF LWRES_PLATFORM_NEEDVSNPRINTF ISC_EXTRA_OBJS ISC_EXTRA_SRCS ISC_PLATFORM_QUADFORMAT ISC_PLATFORM_HAVESYSUNH ISC_PLATFORM_RLIMITTYPE ISC_PLATFORM_USEDECLSPEC LWRES_PLATFORM_USEDECLSPEC ISC_PLATFORM_BRACEPTHREADONCEINIT ISC_PLATFORM_HAVEIFNAMETOINDEX OPENJADE JADETEX PDFJADETEX SGMLCATALOG HTMLSTYLE PRINTSTYLE XMLDCL DOCBOOK2MANSPEC BIND9_TOP_BUILDDIR BIND9_ISC_BUILDINCLUDE BIND9_ISCCC_BUILDINCLUDE BIND9_ISCCFG_BUILDINCLUDE BIND9_DNS_BUILDINCLUDE BIND9_LWRES_BUILDINCLUDE BIND9_BIND9_BUILDINCLUDE BIND9_VERSION LIBOBJS LTLIBOBJS' ac_subst_files='BIND9_MAKE_INCLUDES BIND9_MAKE_RULES LIBISC_API LIBISCCC_API LIBISCCFG_API LIBDNS_API LIBBIND9_API LIBLWRES_API' # Initialize some variables set by options. @@ -26461,6 +26461,179 @@ fi done + +for ac_header in sys/un.h +do +as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` +if eval "test \"\${$as_ac_Header+set}\" = set"; then + echo "$as_me:$LINENO: checking for $ac_header" >&5 +echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 +if eval "test \"\${$as_ac_Header+set}\" = set"; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +fi +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 +echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 +else + # Is the header compilable? +echo "$as_me:$LINENO: checking $ac_header usability" >&5 +echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6 +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +$ac_includes_default +#include <$ac_header> +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_header_compiler=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_header_compiler=no +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 +echo "${ECHO_T}$ac_header_compiler" >&6 + +# Is the header present? +echo "$as_me:$LINENO: checking $ac_header presence" >&5 +echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6 +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include <$ac_header> +_ACEOF +if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 + (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } >/dev/null; then + if test -s conftest.err; then + ac_cpp_err=$ac_c_preproc_warn_flag + ac_cpp_err=$ac_cpp_err$ac_c_werror_flag + else + ac_cpp_err= + fi +else + ac_cpp_err=yes +fi +if test -z "$ac_cpp_err"; then + ac_header_preproc=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_header_preproc=no +fi +rm -f conftest.err conftest.$ac_ext +echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 +echo "${ECHO_T}$ac_header_preproc" >&6 + +# So? What about this header? +case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in + yes:no: ) + { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 +echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 +echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} + ac_header_preproc=yes + ;; + no:yes:* ) + { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 +echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 +echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 +echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 +echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 +echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 +echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} + ( + cat <<\_ASBOX +## ------------------------------------------ ## +## Report this to the AC_PACKAGE_NAME lists. ## +## ------------------------------------------ ## +_ASBOX + ) | + sed "s/^/$as_me: WARNING: /" >&2 + ;; +esac +echo "$as_me:$LINENO: checking for $ac_header" >&5 +echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 +if eval "test \"\${$as_ac_Header+set}\" = set"; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + eval "$as_ac_Header=\$ac_header_preproc" +fi +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 +echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 + +fi +if test `eval echo '${'$as_ac_Header'}'` = yes; then + cat >>confdefs.h <<_ACEOF +#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 +_ACEOF + ISC_PLATFORM_HAVESYSUNH="#define ISC_PLATFORM_HAVESYSUNH 1" + +else + ISC_PLATFORM_HAVESYSUNH="#undef ISC_PLATFORM_HAVESYSUNH" + +fi + +done + + + +case "$host" in +*-solaris*) + +cat >>confdefs.h <<\_ACEOF +#define NEED_SECURE_DIRECTORY 1 +_ACEOF + + ;; +*-sunos*) + +cat >>confdefs.h <<\_ACEOF +#define NEED_SECURE_DIRECTORY 1 +_ACEOF + + ;; +esac + # # Time Zone Stuff # @@ -28416,6 +28589,7 @@ s,@LWRES_PLATFORM_NEEDVSNPRINTF@,$LWRES_PLATFORM_NEEDVSNPRINTF,;t t s,@ISC_EXTRA_OBJS@,$ISC_EXTRA_OBJS,;t t s,@ISC_EXTRA_SRCS@,$ISC_EXTRA_SRCS,;t t s,@ISC_PLATFORM_QUADFORMAT@,$ISC_PLATFORM_QUADFORMAT,;t t +s,@ISC_PLATFORM_HAVESYSUNH@,$ISC_PLATFORM_HAVESYSUNH,;t t s,@ISC_PLATFORM_RLIMITTYPE@,$ISC_PLATFORM_RLIMITTYPE,;t t s,@ISC_PLATFORM_USEDECLSPEC@,$ISC_PLATFORM_USEDECLSPEC,;t t s,@LWRES_PLATFORM_USEDECLSPEC@,$LWRES_PLATFORM_USEDECLSPEC,;t t diff --git a/configure.in b/configure.in index dfccf318c8..1acbc9de56 100644 --- a/configure.in +++ b/configure.in @@ -18,7 +18,7 @@ AC_DIVERT_PUSH(1)dnl esyscmd([sed "s/^/# /" COPYRIGHT])dnl AC_DIVERT_POP()dnl -AC_REVISION($Revision: 1.371 $) +AC_REVISION($Revision: 1.372 $) AC_INIT(lib/dns/name.c) AC_PREREQ(2.13) @@ -1798,6 +1798,24 @@ case "$enable_linux_caps" in esac AC_CHECK_HEADERS(sys/prctl.h) +AC_CHECK_HEADERS(sys/un.h, +ISC_PLATFORM_HAVESYSUNH="#define ISC_PLATFORM_HAVESYSUNH 1" +, +ISC_PLATFORM_HAVESYSUNH="#undef ISC_PLATFORM_HAVESYSUNH" +) +AC_SUBST(ISC_PLATFORM_HAVESYSUNH) + +case "$host" in +*-solaris*) + AC_DEFINE(NEED_SECURE_DIRECTORY, 1, + [Define if connect does not honour the permission on the UNIX domain socket.]) + ;; +*-sunos*) + AC_DEFINE(NEED_SECURE_DIRECTORY, 1, + [Define if connect does not honour the permission on the UNIX domain socket.]) + ;; +esac + # # Time Zone Stuff # diff --git a/lib/bind9/check.c b/lib/bind9/check.c index 5f45ea4de4..6a99fc534a 100644 --- a/lib/bind9/check.c +++ b/lib/bind9/check.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: check.c,v 1.55 2005/01/17 00:46:02 marka Exp $ */ +/* $Id: check.c,v 1.56 2005/02/23 01:06:37 marka Exp $ */ #include @@ -1411,6 +1411,147 @@ bind9_check_logging(cfg_obj_t *config, isc_log_t *logctx, isc_mem_t *mctx) { return (result); } +static isc_result_t +key_exists(cfg_obj_t *keylist, const char *keyname) { + cfg_listelt_t *element; + const char *str; + cfg_obj_t *obj; + + if (keylist == NULL) + return (ISC_R_NOTFOUND); + for (element = cfg_list_first(keylist); + element != NULL; + element = cfg_list_next(element)) + { + obj = cfg_listelt_value(element); + str = cfg_obj_asstring(cfg_map_getname(obj)); + if (strcasecmp(str, keyname) == 0) + return (ISC_R_SUCCESS); + } + return (ISC_R_NOTFOUND); +} + +static isc_result_t +bind9_check_controlskeys(cfg_obj_t *control, cfg_obj_t *keylist, + isc_log_t *logctx) +{ + isc_result_t result = ISC_R_SUCCESS, tresult; + cfg_obj_t *control_keylist; + cfg_listelt_t *element; + cfg_obj_t *key; + + control_keylist = cfg_tuple_get(control, "keys"); + if (cfg_obj_isvoid(control_keylist)) + return (ISC_R_SUCCESS); + + for (element = cfg_list_first(control_keylist); + element != NULL; + element = cfg_list_next(element)) + { + key = cfg_listelt_value(element); + tresult = key_exists(keylist, cfg_obj_asstring(key)); + if (tresult != ISC_R_SUCCESS) { + cfg_obj_log(key, logctx, ISC_LOG_ERROR, + "unknown key '%s'", cfg_obj_asstring(key)); + result = tresult; + } + } + return (result); +} + +static isc_result_t +bind9_check_controls(cfg_obj_t *config, isc_log_t *logctx, isc_mem_t *mctx) { + isc_result_t result = ISC_R_SUCCESS, tresult; + cfg_aclconfctx_t actx; + cfg_listelt_t *element, *element2; + cfg_obj_t *allow; + cfg_obj_t *control; + cfg_obj_t *controls; + cfg_obj_t *controlslist = NULL; + cfg_obj_t *inetcontrols; + cfg_obj_t *unixcontrols; + cfg_obj_t *keylist = NULL; + const char *path; + isc_uint32_t perm, mask; + dns_acl_t *acl = NULL; + isc_sockaddr_t addr; + int i; + + (void)cfg_map_get(config, "controls", &controlslist); + if (controlslist == NULL) + return (ISC_R_SUCCESS); + + (void)cfg_map_get(config, "key", &keylist); + + /* + * INET: Check allow clause. + * UNIX: Check "perm" for sanity, check path length. + */ + for (element = cfg_list_first(controlslist); + element != NULL; + element = cfg_list_next(element)) { + controls = cfg_listelt_value(element); + unixcontrols = NULL; + inetcontrols = NULL; + (void)cfg_map_get(controls, "unix", &unixcontrols); + (void)cfg_map_get(controls, "inet", &inetcontrols); + for (element2 = cfg_list_first(inetcontrols); + element2 != NULL; + element2 = cfg_list_next(element2)) { + control = cfg_listelt_value(element2); + allow = cfg_tuple_get(control, "allow"); + cfg_aclconfctx_init(&actx); + tresult = cfg_acl_fromconfig(allow, config, logctx, + &actx, mctx, &acl); + if (acl != NULL) + dns_acl_detach(&acl); + if (tresult != ISC_R_SUCCESS) + result = tresult; + tresult = bind9_check_controlskeys(control, keylist, + logctx); + if (tresult != ISC_R_SUCCESS) + result = tresult; + } + for (element2 = cfg_list_first(unixcontrols); + element2 != NULL; + element2 = cfg_list_next(element2)) { + control = cfg_listelt_value(element2); + path = cfg_obj_asstring(cfg_tuple_get(control, "path")); + tresult = isc_sockaddr_frompath(&addr, path); + if (tresult == ISC_R_NOSPACE) { + cfg_obj_log(control, logctx, ISC_LOG_ERROR, + "unix control '%s': path too long", + path); + result = ISC_R_NOSPACE; + } + perm = cfg_obj_asuint32(cfg_tuple_get(control, "perm")); + for (i = 0; i < 3; i++) { +#ifdef NEED_SECURE_DIRECTORY + mask = (0x1 << (i*3)); /* SEARCH */ +#else + mask = (0x6 << (i*3)); /* READ + WRITE */ +#endif + if ((perm & mask) == mask) + break; + } + if (i == 0) { + cfg_obj_log(control, logctx, ISC_LOG_WARNING, + "unix control '%s' allows access " + "to everyone", path); + } else if (i == 3) { + cfg_obj_log(control, logctx, ISC_LOG_WARNING, + "unix control '%s' allows access " + "to nobody", path); + } + tresult = bind9_check_controlskeys(control, keylist, + logctx); + if (tresult != ISC_R_SUCCESS) + result = tresult; + } + } + return (result); +} + isc_result_t bind9_check_namedconf(cfg_obj_t *config, isc_log_t *logctx, isc_mem_t *mctx) { cfg_obj_t *options = NULL; @@ -1441,6 +1582,9 @@ bind9_check_namedconf(cfg_obj_t *config, isc_log_t *logctx, isc_mem_t *mctx) { if (bind9_check_logging(config, logctx, mctx) != ISC_R_SUCCESS) result = ISC_R_FAILURE; + if (bind9_check_controls(config, logctx, mctx) != ISC_R_SUCCESS) + result = ISC_R_FAILURE; + if (options != NULL && check_order(options, logctx) != ISC_R_SUCCESS) result = ISC_R_FAILURE; diff --git a/lib/dns/dispatch.c b/lib/dns/dispatch.c index ecf5bd4a7c..755c99765b 100644 --- a/lib/dns/dispatch.c +++ b/lib/dns/dispatch.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: dispatch.c,v 1.120 2004/09/01 04:25:20 marka Exp $ */ +/* $Id: dispatch.c,v 1.121 2005/02/23 01:06:37 marka Exp $ */ #include @@ -926,6 +926,9 @@ startrecv(dns_dispatch_t *disp) { INSIST(disp->recv_pending == 0); disp->recv_pending = 1; break; + default: + INSIST(0); + break; } } diff --git a/lib/isc/include/isc/netaddr.h b/lib/isc/include/isc/netaddr.h index ae6b57e291..07c81a5d87 100644 --- a/lib/isc/include/isc/netaddr.h +++ b/lib/isc/include/isc/netaddr.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: netaddr.h,v 1.27 2005/01/17 23:58:33 marka Exp $ */ +/* $Id: netaddr.h,v 1.28 2005/02/23 01:06:38 marka Exp $ */ #ifndef ISC_NETADDR_H #define ISC_NETADDR_H 1 @@ -24,6 +24,11 @@ #include #include +#ifdef ISC_PLATFORM_HAVESYSUNH +#include +#include +#endif + ISC_LANG_BEGINDECLS struct isc_netaddr { @@ -31,6 +36,9 @@ struct isc_netaddr { union { struct in_addr in; struct in6_addr in6; +#ifdef ISC_PLATFORM_HAVESYSUNH + char un[sizeof(((struct sockaddr_un *)0)->sun_path)]; +#endif } type; isc_uint32_t zone; }; @@ -95,6 +103,9 @@ isc_netaddr_fromin(isc_netaddr_t *netaddr, const struct in_addr *ina); void isc_netaddr_fromin6(isc_netaddr_t *netaddr, const struct in6_addr *ina6); +isc_result_t +isc_netaddr_frompath(isc_netaddr_t *netaddr, const char *path); + void isc_netaddr_setzone(isc_netaddr_t *netaddr, isc_uint32_t zone); diff --git a/lib/isc/include/isc/platform.h.in b/lib/isc/include/isc/platform.h.in index a991004d2e..e4428080ea 100644 --- a/lib/isc/include/isc/platform.h.in +++ b/lib/isc/include/isc/platform.h.in @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: platform.h.in,v 1.34 2004/03/05 05:10:59 marka Exp $ */ +/* $Id: platform.h.in,v 1.35 2005/02/23 01:06:38 marka Exp $ */ #ifndef ISC_PLATFORM_H #define ISC_PLATFORM_H 1 @@ -210,6 +210,11 @@ */ @ISC_PLATFORM_NEEDMEMMOVE@ +/* + * Define if the platform has . + */ +@ISC_PLATFORM_HAVESYSUNH@ + #ifndef ISC_PLATFORM_USEDECLSPEC #define LIBISC_EXTERNAL_DATA #define LIBDNS_EXTERNAL_DATA diff --git a/lib/isc/include/isc/sockaddr.h b/lib/isc/include/isc/sockaddr.h index 3f1a1c0c83..f7afe8e5e8 100644 --- a/lib/isc/include/isc/sockaddr.h +++ b/lib/isc/include/isc/sockaddr.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: sockaddr.h,v 1.43 2004/11/22 23:29:10 marka Exp $ */ +/* $Id: sockaddr.h,v 1.44 2005/02/23 01:06:38 marka Exp $ */ #ifndef ISC_SOCKADDR_H #define ISC_SOCKADDR_H 1 @@ -23,12 +23,18 @@ #include #include #include +#ifdef ISC_PLATFORM_HAVESYSUNH +#include +#endif struct isc_sockaddr { union { struct sockaddr sa; struct sockaddr_in sin; struct sockaddr_in6 sin6; +#ifdef ISC_PLATFORM_HAVESYSUNH + struct sockaddr_un sun; +#endif } type; unsigned int length; /* XXXRTH beginning? */ ISC_LINK(struct isc_sockaddr) link; @@ -210,6 +216,17 @@ isc_sockaddr_issitelocal(isc_sockaddr_t *sa); * Returns ISC_TRUE if the address is a sitelocal address. */ +isc_result_t +isc_sockaddr_frompath(isc_sockaddr_t *sockaddr, const char *path); +/* + * Create a UNIX domain sockaddr that refers to path. + * + * Returns: + * ISC_R_NOSPACE + * ISC_R_NOTIMPLEMENTED + * ISC_R_SUCCESS + */ + #define ISC_SOCKADDR_FORMATSIZE \ sizeof("xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:XXX.XXX.XXX.XXX#YYYYY") /* diff --git a/lib/isc/include/isc/socket.h b/lib/isc/include/isc/socket.h index 43df237f1d..3e2fc7a11a 100644 --- a/lib/isc/include/isc/socket.h +++ b/lib/isc/include/isc/socket.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: socket.h,v 1.57 2004/03/05 05:11:01 marka Exp $ */ +/* $Id: socket.h,v 1.58 2005/02/23 01:06:39 marka Exp $ */ #ifndef ISC_SOCKET_H #define ISC_SOCKET_H 1 @@ -144,7 +144,8 @@ struct isc_socket_connev { typedef enum { isc_sockettype_udp = 1, - isc_sockettype_tcp = 2 + isc_sockettype_tcp = 2, + isc_sockettype_unix = 3 } isc_sockettype_t; /* @@ -349,7 +350,7 @@ isc_socket_listen(isc_socket_t *sock, unsigned int backlog); * * Requires: * - * 'socket' is a valid, bound TCP socket. + * 'socket' is a valid, bound TCP socket or a valid, bound UNIX socket. * * Returns: * @@ -699,6 +700,42 @@ isc_socket_ipv6only(isc_socket_t *sock, isc_boolean_t yes); * 'sock' is a valid socket. */ +void +isc_socket_cleanunix(isc_sockaddr_t *addr, isc_boolean_t active); + +/* + * Cleanup UNIX domain sockets in the file-system. If 'active' is true + * then just unlink the socket. If 'active' is false try to determine + * if there is a listener of the socket or not. If no listener is found + * then unlink socket. + * + * Prior to unlinking the path is tested to see if it a socket. + * + * Note: there are a number of race conditions which cannot be avoided + * both in the filesystem and any application using UNIX domain + * sockets (e.g. socket is tested between bind() and listen(), + * the socket is deleted and replaced in the file-system between + * stat() and unlink()). + */ + +isc_boolean_t +isc_socket_permunix(isc_sockaddr_t *sockaddr, isc_uint32_t perm, + isc_uint32_t owner, isc_uint32_t group); +/* + * Set ownership and file permissions on the UNIX domain socket. + * + * Note: On Solaris and SunOS this secures the directory containing + * the socket as Solaris and SunOS do not honour the filesytem + * permissions on the socket. + * + * Requires: + * 'sockaddr' to be a valid UNIX domain sockaddr. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_FAILURE + */ + ISC_LANG_ENDDECLS #endif /* ISC_SOCKET_H */ diff --git a/lib/isc/netaddr.c b/lib/isc/netaddr.c index aa48a88e5f..55a2c60a90 100644 --- a/lib/isc/netaddr.c +++ b/lib/isc/netaddr.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: netaddr.c,v 1.31 2005/01/19 23:22:50 marka Exp $ */ +/* $Id: netaddr.c,v 1.32 2005/02/23 01:06:37 marka Exp $ */ #include @@ -51,6 +51,12 @@ isc_netaddr_equal(const isc_netaddr_t *a, const isc_netaddr_t *b) { a->zone != b->zone) return (ISC_FALSE); break; +#ifdef ISC_PLATFORM_HAVESYSUNH + case AF_UNIX: + if (strcmp(a->type.un, b->type.un) != 0) + return (ISC_FALSE); + break; +#endif default: return (ISC_FALSE); } @@ -135,6 +141,14 @@ isc_netaddr_totext(const isc_netaddr_t *netaddr, isc_buffer_t *target) { case AF_INET6: type = &netaddr->type.in6; break; +#ifdef ISC_PLATFORM_HAVESYSUNH + case AF_UNIX: + alen = strlen(netaddr->type.un); + if (alen > isc_buffer_availablelength(target)) + return (ISC_R_NOSPACE); + isc_buffer_putmem(target, netaddr->type.un, alen); + return (ISC_R_SUCCESS); +#endif default: return (ISC_R_FAILURE); } @@ -282,6 +296,25 @@ isc_netaddr_fromin6(isc_netaddr_t *netaddr, const struct in6_addr *ina6) { netaddr->type.in6 = *ina6; } +isc_result_t +isc_netaddr_frompath(isc_netaddr_t *netaddr, const char *path) { +#ifdef ISC_PLATFORM_HAVESYSUNH + if (strlen(path) > sizeof(netaddr->type.un) - 1) + return (ISC_R_NOSPACE); + + memset(netaddr, 0, sizeof(*netaddr)); + netaddr->family = AF_UNIX; + strcpy(netaddr->type.un, path); + netaddr->zone = 0; + return (ISC_R_SUCCESS); +#else + UNUSED(netaddr); + UNUSED(path); + return (ISC_R_NOTIMPLEMENTED); +#endif +} + + void isc_netaddr_setzone(isc_netaddr_t *netaddr, isc_uint32_t zone) { /* we currently only support AF_INET6. */ @@ -312,6 +345,12 @@ isc_netaddr_fromsockaddr(isc_netaddr_t *t, const isc_sockaddr_t *s) { t->zone = 0; #endif break; +#ifdef ISC_PLATFORM_HAVESYSUNH + case AF_UNIX: + memcpy(t->type.un, s->type.sun.sun_path, sizeof(t->type.un)); + t->zone = 0; + break; +#endif default: INSIST(0); } diff --git a/lib/isc/sockaddr.c b/lib/isc/sockaddr.c index 2eac099293..388b147aba 100644 --- a/lib/isc/sockaddr.c +++ b/lib/isc/sockaddr.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: sockaddr.c,v 1.61 2004/11/22 23:29:10 marka Exp $ */ +/* $Id: sockaddr.c,v 1.62 2005/02/23 01:06:38 marka Exp $ */ #include @@ -130,6 +130,23 @@ isc_sockaddr_totext(const isc_sockaddr_t *sockaddr, isc_buffer_t *target) { case AF_INET6: snprintf(pbuf, sizeof(pbuf), "%u", ntohs(sockaddr->type.sin6.sin6_port)); break; +#ifdef ISC_PLAFORM_HAVESYSUNH + case AF_UNIX: + plen = strlen(sockaddr->type.sun.sun_path); + if (plen >= isc_buffer_availablelength(target)) + return (ISC_R_NOSPACE); + + isc_buffer_putmem(target, sockaddr->type.sun.sun_path, plen); + + /* + * Null terminate after used region. + */ + isc_buffer_availableregion(target, &avail); + INSIST(avail.length >= 1); + avail.base[0] = '\0'; + + return (ISC_R_SUCCESS); +#endif default: return (ISC_R_FAILURE); } @@ -421,8 +438,12 @@ isc_boolean_t isc_sockaddr_ismulticast(isc_sockaddr_t *sockaddr) { isc_netaddr_t netaddr; - isc_netaddr_fromsockaddr(&netaddr, sockaddr); - return (isc_netaddr_ismulticast(&netaddr)); + if (sockaddr->type.sa.sa_family == AF_INET || + sockaddr->type.sa.sa_family == AF_INET6) { + isc_netaddr_fromsockaddr(&netaddr, sockaddr); + return (isc_netaddr_ismulticast(&netaddr)); + } + return (ISC_FALSE); } isc_boolean_t @@ -457,3 +478,23 @@ isc_sockaddr_islinklocal(isc_sockaddr_t *sockaddr) { } return (ISC_FALSE); } + +isc_result_t +isc_sockaddr_frompath(isc_sockaddr_t *sockaddr, const char *path) { +#ifdef ISC_PLATFORM_HAVESYSUNH + if (strlen(path) >= sizeof(sockaddr->type.sun.sun_path)) + return (ISC_R_NOSPACE); + memset(sockaddr, 0, sizeof(*sockaddr)); + sockaddr->length = sizeof(sockaddr->type.sun); + sockaddr->type.sun.sun_family = AF_UNIX; +#ifdef ISC_PLATFORM_HAVESALEN + sockaddr->type.sun.sun_len = sizeof(sockaddr->type.sun); +#endif + strcpy(sockaddr->type.sun.sun_path, path); + return (ISC_R_SUCCESS); +#else + UNUSED(sockaddr); + UNUSED(path); + return (ISC_R_NOTIMPLEMENTED); +#endif +} diff --git a/lib/isc/unix/include/isc/net.h b/lib/isc/unix/include/isc/net.h index 2044a3cc3d..0818a9084c 100644 --- a/lib/isc/unix/include/isc/net.h +++ b/lib/isc/unix/include/isc/net.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: net.h,v 1.40 2004/04/29 01:37:13 marka Exp $ */ +/* $Id: net.h,v 1.41 2005/02/23 01:06:39 marka Exp $ */ #ifndef ISC_NET_H #define ISC_NET_H 1 @@ -303,6 +303,12 @@ isc_net_enableipv4(void); void isc_net_enableipv6(void); +isc_result_t +isc_net_probeunix(void); +/* + * Returns whether UNIX domain sockets are supported. + */ + #ifdef ISC_PLATFORM_NEEDNTOP const char * isc_net_ntop(int af, const void *src, char *dst, size_t size); diff --git a/lib/isc/unix/net.c b/lib/isc/unix/net.c index b8576f35be..cb4b3ae630 100644 --- a/lib/isc/unix/net.c +++ b/lib/isc/unix/net.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: net.c,v 1.30 2004/04/29 01:37:13 marka Exp $ */ +/* $Id: net.c,v 1.31 2005/02/23 01:06:39 marka Exp $ */ #include @@ -43,6 +43,7 @@ static isc_once_t once_ipv6only = ISC_ONCE_INIT; static isc_once_t once_ipv6pktinfo = ISC_ONCE_INIT; static isc_result_t ipv4_result = ISC_R_NOTFOUND; static isc_result_t ipv6_result = ISC_R_NOTFOUND; +static isc_result_t unix_result = ISC_R_NOTFOUND; static isc_result_t ipv6only_result = ISC_R_NOTFOUND; static isc_result_t ipv6pktinfo_result = ISC_R_NOTFOUND; @@ -137,6 +138,9 @@ initialize_action(void) { #endif #endif #endif +#ifdef ISC_PLATFORM_HAVESYSUNH + unix_result = try_proto(PF_UNIX); +#endif } static void @@ -156,6 +160,12 @@ isc_net_probeipv6(void) { return (ipv6_result); } +isc_result_t +isc_net_probeunix(void) { + initialize(); + return (unix_result); +} + #ifdef ISC_PLATFORM_HAVEIPV6 #ifdef WANT_IPV6 static void diff --git a/lib/isc/unix/socket.c b/lib/isc/unix/socket.c index e932769cc8..2e12083b24 100644 --- a/lib/isc/unix/socket.c +++ b/lib/isc/unix/socket.c @@ -15,13 +15,17 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: socket.c,v 1.243 2004/11/18 21:31:47 marka Exp $ */ +/* $Id: socket.c,v 1.244 2005/02/23 01:06:39 marka Exp $ */ #include #include #include #include +#include +#ifdef ISC_PLATFORM_HAVESYSUNH +#include +#endif #include #include @@ -1364,6 +1368,9 @@ isc_socket_create(isc_socketmgr_t *manager, int pf, isc_sockettype_t type, case isc_sockettype_tcp: sock->fd = socket(pf, SOCK_STREAM, IPPROTO_TCP); break; + case isc_sockettype_unix: + sock->fd = socket(pf, SOCK_STREAM, 0); + break; } #ifdef F_DUPFD @@ -1430,7 +1437,8 @@ isc_socket_create(isc_socketmgr_t *manager, int pf, isc_sockettype_t type, } #ifdef SO_BSDCOMPAT - if (setsockopt(sock->fd, SOL_SOCKET, SO_BSDCOMPAT, + if (type != isc_sockettype_unix && + setsockopt(sock->fd, SOL_SOCKET, SO_BSDCOMPAT, (void *)&on, sizeof(on)) < 0) { isc__strerror(errno, strbuf, sizeof(strbuf)); UNEXPECTED_ERROR(__FILE__, __LINE__, @@ -2844,6 +2852,190 @@ isc_socket_sendto2(isc_socket_t *sock, isc_region_t *region, return (socket_send(sock, event, task, address, pktinfo, flags)); } +void +isc_socket_cleanunix(isc_sockaddr_t *sockaddr, isc_boolean_t active) { +#ifdef ISC_PLATFORM_HAVESYSUNH + int s; + struct stat sb; + char strbuf[ISC_STRERRORSIZE]; + + if (sockaddr->type.sa.sa_family != AF_UNIX) + return; + +#ifndef S_ISSOCK +#if defined(S_IFMT) && defined(S_IFSOCK) +#define S_ISSOCK(mode) ((mode & S_IFMT)==S_IFSOCK) +#elif defined(_S_IFMT) && defined(S_IFSOCK) +#define S_ISSOCK(mode) ((mode & _S_IFMT)==S_IFSOCK) +#endif +#endif + +#ifndef S_ISFIFO +#if defined(S_IFMT) && defined(S_IFIFO) +#define S_ISFIFO(mode) ((mode & S_IFMT)==S_IFIFO) +#elif defined(_S_IFMT) && defined(S_IFIFO) +#define S_ISFIFO(mode) ((mode & _S_IFMT)==S_IFIFO) +#endif +#endif + +#if !defined(S_ISFIFO) && !defined(S_ISSOCK) +#error You need to define S_ISFIFO and S_ISSOCK as appropriate for your platform. See . +#endif + +#ifndef S_ISFIFO +#define S_ISFIFO(mode) 0 +#endif + +#ifndef S_ISSOCK +#define S_ISSOCK(mode) 0 +#endif + + if (active) { + if (stat(sockaddr->type.sun.sun_path, &sb) < 0) { + isc__strerror(errno, strbuf, sizeof(strbuf)); + isc_log_write(isc_lctx, ISC_LOGCATEGORY_GENERAL, + ISC_LOGMODULE_SOCKET, ISC_LOG_ERROR, + "isc_socket_cleanunix: stat(%s): %s", + sockaddr->type.sun.sun_path, strbuf); + return; + } + if (!(S_ISSOCK(sb.st_mode) || S_ISFIFO(sb.st_mode))) { + isc_log_write(isc_lctx, ISC_LOGCATEGORY_GENERAL, + ISC_LOGMODULE_SOCKET, ISC_LOG_ERROR, + "isc_socket_cleanunix: %s: not a socket", + sockaddr->type.sun.sun_path); + return; + } + if (unlink(sockaddr->type.sun.sun_path) < 0) { + isc__strerror(errno, strbuf, sizeof(strbuf)); + isc_log_write(isc_lctx, ISC_LOGCATEGORY_GENERAL, + ISC_LOGMODULE_SOCKET, ISC_LOG_ERROR, + "isc_socket_cleanunix: unlink(%s): %s", + sockaddr->type.sun.sun_path, strbuf); + } + return; + } + + s = socket(AF_UNIX, SOCK_STREAM, 0); + if (s < 0) { + isc__strerror(errno, strbuf, sizeof(strbuf)); + isc_log_write(isc_lctx, ISC_LOGCATEGORY_GENERAL, + ISC_LOGMODULE_SOCKET, ISC_LOG_WARNING, + "isc_socket_cleanunix: socket(%s): %s", + sockaddr->type.sun.sun_path, strbuf); + return; + } + + if (stat(sockaddr->type.sun.sun_path, &sb) < 0) { + switch (errno) { + case ENOENT: /* We exited cleanly last time */ + break; + default: + isc__strerror(errno, strbuf, sizeof(strbuf)); + isc_log_write(isc_lctx, ISC_LOGCATEGORY_GENERAL, + ISC_LOGMODULE_SOCKET, ISC_LOG_WARNING, + "isc_socket_cleanunix: stat(%s): %s", + sockaddr->type.sun.sun_path, strbuf); + break; + } + goto cleanup; + } + + if (!(S_ISSOCK(sb.st_mode) || S_ISFIFO(sb.st_mode))) { + isc_log_write(isc_lctx, ISC_LOGCATEGORY_GENERAL, + ISC_LOGMODULE_SOCKET, ISC_LOG_WARNING, + "isc_socket_cleanunix: %s: not a socket", + sockaddr->type.sun.sun_path); + goto cleanup; + } + + if (connect(s, (struct sockaddr *)&sockaddr->type.sun, + sizeof(sockaddr->type.sun)) < 0) { + switch (errno) { + case ECONNREFUSED: + case ECONNRESET: + if (unlink(sockaddr->type.sun.sun_path) < 0) { + isc__strerror(errno, strbuf, sizeof(strbuf)); + isc_log_write(isc_lctx, ISC_LOGCATEGORY_GENERAL, + ISC_LOGMODULE_SOCKET, + ISC_LOG_WARNING, + "isc_socket_cleanunix: " + "unlink(%s): %s", + sockaddr->type.sun.sun_path, + strbuf); + } + break; + default: + isc__strerror(errno, strbuf, sizeof(strbuf)); + isc_log_write(isc_lctx, ISC_LOGCATEGORY_GENERAL, + ISC_LOGMODULE_SOCKET, ISC_LOG_WARNING, + "isc_socket_cleanunix: connect(%s): %s", + sockaddr->type.sun.sun_path, strbuf); + break; + } + } + cleanup: + close(s); +#else + UNUSED(sockaddr); + UNUSED(active); +#endif +} + +isc_boolean_t +isc_socket_permunix(isc_sockaddr_t *sockaddr, isc_uint32_t perm, + isc_uint32_t owner, isc_uint32_t group) +{ +#ifdef ISC_PLATFORM_HAVESYSUNH + isc_result_t result = ISC_R_SUCCESS; + char strbuf[ISC_STRERRORSIZE]; + char path[sizeof(sockaddr->type.sun.sun_path)]; +#ifdef NEED_SECURE_DIRECTORY + char *slash; +#endif + + REQUIRE(sockaddr->type.sa.sa_family == AF_UNIX); + INSIST(strlen(sockaddr->type.sun.sun_path) < sizeof(path)); + strcpy(path, sockaddr->type.sun.sun_path); + +#ifdef NEED_SECURE_DIRECTORY + slash = strrchr(path, '/'); + if (slash != NULL) { + if (slash != path) + *slash = '\0'; + else + strcpy(path, "/"); + } else + strcpy(path, "."); +#endif + + if (chmod(path, perm) < 0) { + isc__strerror(errno, strbuf, sizeof(strbuf)); + isc_log_write(isc_lctx, ISC_LOGCATEGORY_GENERAL, + ISC_LOGMODULE_SOCKET, ISC_LOG_ERROR, + "isc_socket_permunix: chmod(%s, %d): %s", + path, perm, strbuf); + result = ISC_R_FAILURE; + } + if (chown(path, owner, group) < 0) { + isc__strerror(errno, strbuf, sizeof(strbuf)); + isc_log_write(isc_lctx, ISC_LOGCATEGORY_GENERAL, + ISC_LOGMODULE_SOCKET, ISC_LOG_ERROR, + "isc_socket_permunix: chown(%s, %d, %d): %s", + path, owner, group, + strbuf); + result = ISC_R_FAILURE; + } + return (result); +#else + UNUSED(sockaddr); + UNUSED(perm); + UNUSED(owner); + UNUSED(group); + return (ISC_R_NOTIMPLEMENTED); +#endif +} + isc_result_t isc_socket_bind(isc_socket_t *sock, isc_sockaddr_t *sockaddr) { char strbuf[ISC_STRERRORSIZE]; @@ -2860,6 +3052,10 @@ isc_socket_bind(isc_socket_t *sock, isc_sockaddr_t *sockaddr) { /* * Only set SO_REUSEADDR when we want a specific port. */ +#ifdef AF_UNIX + if (sock->pf == AF_UNIX) + goto bind_socket; +#endif if (isc_sockaddr_getport(sockaddr) != (in_port_t)0 && setsockopt(sock->fd, SOL_SOCKET, SO_REUSEADDR, (void *)&on, sizeof(on)) < 0) { @@ -2869,6 +3065,9 @@ isc_socket_bind(isc_socket_t *sock, isc_sockaddr_t *sockaddr) { ISC_MSG_FAILED, "failed")); /* Press on... */ } +#ifdef AF_UNIX + bind_socket: +#endif if (bind(sock->fd, &sockaddr->type.sa, sockaddr->length) < 0) { UNLOCK(&sock->lock); switch (errno) { @@ -2945,7 +3144,8 @@ isc_socket_listen(isc_socket_t *sock, unsigned int backlog) { REQUIRE(!sock->listener); REQUIRE(sock->bound); - REQUIRE(sock->type == isc_sockettype_tcp); + REQUIRE(sock->type == isc_sockettype_tcp || + sock->type == isc_sockettype_unix); if (backlog == 0) backlog = SOMAXCONN; diff --git a/lib/isc/win32/include/isc/net.h b/lib/isc/win32/include/isc/net.h index 86497492cf..333051509e 100644 --- a/lib/isc/win32/include/isc/net.h +++ b/lib/isc/win32/include/isc/net.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: net.h,v 1.23 2004/04/29 01:37:14 marka Exp $ */ +/* $Id: net.h,v 1.24 2005/02/23 01:06:40 marka Exp $ */ #ifndef ISC_NET_H #define ISC_NET_H 1 @@ -258,6 +258,17 @@ isc_net_probeipv6(void); * ISC_R_UNEXPECTED */ +isc_result_t +isc_net_probeunix(void); +/* + * Check if UNIX domain sockets are supported. + * + * Returns: + * + * ISC_R_SUCCESS + * ISC_R_NOTFOUND + */ + isc_result_t isc_net_probe_ipv6only(void); /* diff --git a/lib/isc/win32/include/isc/platform.h b/lib/isc/win32/include/isc/platform.h index a94d039dfd..c489d44684 100644 --- a/lib/isc/win32/include/isc/platform.h +++ b/lib/isc/win32/include/isc/platform.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: platform.h,v 1.10 2004/04/19 04:16:55 marka Exp $ */ +/* $Id: platform.h,v 1.11 2005/02/23 01:06:40 marka Exp $ */ #ifndef ISC_PLATFORM_H #define ISC_PLATFORM_H 1 @@ -55,6 +55,12 @@ * and we don't want to redeclare it. */ #define ISC_PLATFORM_NONSTDHERRNO + +/* + * Define if the platform has . + */ +#undef ISC_PLATFORM_HAVESYSUNH + /* * Set up a macro for importing and exporting from the DLL */ diff --git a/lib/isc/win32/libisc.def b/lib/isc/win32/libisc.def index 0ecc39e4c2..aad975428d 100644 --- a/lib/isc/win32/libisc.def +++ b/lib/isc/win32/libisc.def @@ -3,87 +3,118 @@ LIBRARY libisc ; Exported Functions EXPORTS -isc_assertion_setcallback -isc_assertion_typetotext -isc_base64_totext -isc_base64_decodestring -isc_base64_tobuffer -isc_bitstring_init -isc_bitstring_invalidate -isc_bitstring_copy -isc_buffer_allocate -isc_buffer_free -isc__buffer_init -isc__buffer_invalidate -isc__buffer_region -isc__buffer_usedregion -isc__buffer_availableregion +NTReportError +closelog +isc__buffer_activeregion isc__buffer_add -isc__buffer_subtract +isc__buffer_availableregion +isc__buffer_back isc__buffer_clear isc__buffer_consumedregion -isc__buffer_remainingregion -isc__buffer_activeregion -isc__buffer_setactive isc__buffer_first isc__buffer_forward -isc__buffer_back -isc_buffer_compact -isc_buffer_getuint8 -isc__buffer_putuint8 -isc_buffer_getuint16 -isc__buffer_putuint16 -isc_buffer_getuint32 -isc__buffer_putuint32 +isc__buffer_init +isc__buffer_invalidate isc__buffer_putmem isc__buffer_putstr +isc__buffer_putuint16 +isc__buffer_putuint32 +isc__buffer_putuint8 +isc__buffer_region +isc__buffer_remainingregion +isc__buffer_setactive +isc__buffer_subtract +isc__buffer_usedregion +isc__mem_allocate +isc__mem_free +isc__mem_get +isc__mem_put +isc__mem_putanddetach +isc__mem_strdup +isc__mempool_get +isc__mempool_put +isc__strerror +isc_app_block +isc_app_finish +isc_app_onrun +isc_app_reload +isc_app_run +isc_app_shutdown +isc_app_start +isc_app_unblock +isc_assertion_setcallback +isc_assertion_typetotext +isc_base64_decodestring +isc_base64_tobuffer +isc_base64_totext +isc_bitstring_copy +isc_bitstring_init +isc_bitstring_invalidate +isc_buffer_allocate +isc_buffer_compact isc_buffer_copyregion -isc_bufferlist_usedcount +isc_buffer_free +isc_buffer_getuint16 +isc_buffer_getuint32 +isc_buffer_getuint8 isc_bufferlist_availablecount +isc_bufferlist_usedcount isc_commandline_parse - - -isc_entropy_create -isc_entropy_attach -isc_entropy_detach -isc_entropy_createfilesource -isc_entropy_destroysource -isc_entropy_createsamplesource -isc_entropy_createcallbacksource -isc_entropy_stopcallbacksources +isc_condition_broadcast +isc_condition_destroy +isc_condition_init +isc_condition_signal +isc_condition_wait +isc_condition_waituntil +isc_dir_chdir +isc_dir_chroot +isc_dir_close +isc_dir_init +isc_dir_open +isc_dir_read +isc_dir_reset isc_entropy_addcallbacksample isc_entropy_addsample +isc_entropy_attach +isc_entropy_create +isc_entropy_createcallbacksource +isc_entropy_createfilesource +isc_entropy_createsamplesource +isc_entropy_destroysource +isc_entropy_detach isc_entropy_getdata isc_entropy_putdata isc_entropy_stats +isc_entropy_stopcallbacksources isc_entropy_usebestsource -isc_error_setunexpected -isc_error_setfatal -isc_error_unexpected isc_error_fatal isc_error_runtimecheck +isc_error_setfatal +isc_error_setunexpected +isc_error_unexpected isc_event_allocate isc_event_free -isc_file_settime +isc_file_absolutepath +isc_file_basename +isc_file_exists isc_file_getmodtime +isc_file_isabsolute +isc_file_ischdiridempotent +isc_file_iscurrentdir isc_file_mktemplate isc_file_openunique +isc_file_progname isc_file_remove isc_file_rename -isc_file_exists -isc_file_ischdiridempotent -isc_file_isabsolute -isc_file_iscurrentdir -isc_file_template isc_file_renameunique -isc_file_basename -isc_file_progname isc_file_safemovefile -isc_file_absolutepath +isc_file_settime +isc_file_template +isc_file_truncate isc_fsaccess_add +isc_fsaccess_changeowner isc_fsaccess_remove isc_fsaccess_set -isc_fsaccess_changeowner isc_hash_calc isc_hash_create isc_hash_ctxattach @@ -93,350 +124,319 @@ isc_hash_ctxdetach isc_hash_ctxinit isc_hash_destroy isc_hash_init -isc_hex_totext isc_hex_decodestring isc_hex_tobuffer +isc_hex_totext isc_hmacmd5_init isc_hmacmd5_invalidate -isc_hmacmd5_update isc_hmacmd5_sign +isc_hmacmd5_update isc_hmacmd5_verify isc_interfaceiter_create -isc_interfaceiter_first isc_interfaceiter_current -isc_interfaceiter_next isc_interfaceiter_destroy -isc_lex_setcomments +isc_interfaceiter_first +isc_interfaceiter_next +isc_interval_iszero +isc_interval_set +isc_keyboard_canceled +isc_keyboard_close +isc_keyboard_getchar +isc_keyboard_open +isc_lex_close isc_lex_create isc_lex_destroy isc_lex_getcomments -isc_lex_setcomments +isc_lex_getlasttokentext +isc_lex_getmastertoken +isc_lex_getsourceline +isc_lex_getsourcename isc_lex_getspecials -isc_lex_setspecials +isc_lex_gettoken +isc_lex_isfile +isc_lex_openbuffer isc_lex_openfile isc_lex_openstream -isc_lex_openbuffer -isc_lex_close -isc_lex_gettoken -isc_lex_getmastertoken +isc_lex_setcomments +isc_lex_setcomments +isc_lex_setspecials isc_lex_ungettoken -isc_lex_getlasttokentext -isc_lex_getsourcename -isc_lex_getsourceline -isc_lex_isfile -isc_lfsr_init isc_lfsr_generate -isc_lfsr_skip isc_lfsr_generate32 +isc_lfsr_init +isc_lfsr_skip isc_lib_initmsgcat -isc_log_createchannel -isc_log_createchannel +isc_log_categorybyname +isc_log_closefilelogs isc_log_create -isc_logconfig_create -isc_logconfig_get -isc_logconfig_use +isc_log_createchannel +isc_log_createchannel +isc_log_createchannel isc_log_destroy -isc_logconfig_destroy +isc_log_getdebuglevel +isc_log_getduplicateinterval +isc_log_gettag +isc_log_ivwrite +isc_log_ivwrite1 +isc_log_iwrite +isc_log_iwrite1 +isc_log_modulebyname +isc_log_opensyslog isc_log_registercategories isc_log_registermodules -isc_log_createchannel -isc_log_usechannel -isc_log_write -isc_log_vwrite -isc_log_write1 -isc_log_vwrite1 -isc_log_iwrite -isc_log_ivwrite -isc_log_iwrite1 -isc_log_ivwrite1 +isc_log_setcontext isc_log_setdebuglevel -isc_log_getdebuglevel +isc_log_setduplicateinterval +isc_log_settag +isc_log_usechannel +isc_log_vwrite +isc_log_vwrite1 isc_log_wouldlog isc_log_write -isc_log_setduplicateinterval -isc_log_getduplicateinterval -isc_log_settag -isc_log_gettag -isc_log_opensyslog -isc_log_closefilelogs -isc_log_categorybyname -isc_log_modulebyname -isc_log_setcontext +isc_log_write +isc_log_write1 +isc_logconfig_create +isc_logconfig_destroy +isc_logconfig_get +isc_logconfig_use +isc_md5_final isc_md5_init isc_md5_invalidate isc_md5_update -isc_md5_final isc_mem_attach -isc_mem_detach -isc_mem_detach +isc_mem_attach isc_mem_create isc_mem_createx -isc_mem_attach -isc_mem_detach isc_mem_destroy -isc_mem_ondestroy -isc_mem_stats -isc_mem_setdestroycheck -isc_mem_setquota +isc_mem_detach +isc_mem_detach +isc_mem_detach isc_mem_getquota isc_mem_inuse +isc_mem_ondestroy +isc_mem_setdestroycheck +isc_mem_setquota isc_mem_setwater +isc_mem_stats +isc_mempool_associatelock isc_mempool_create isc_mempool_destroy -isc_mempool_setname -isc_mempool_associatelock -isc_mempool_getfreemax -isc_mempool_setfreemax -isc_mempool_getfreecount -isc_mempool_getmaxalloc -isc_mempool_setmaxalloc isc_mempool_getallocated isc_mempool_getfillcount +isc_mempool_getfreecount +isc_mempool_getfreemax +isc_mempool_getmaxalloc isc_mempool_setfillcount -isc__mem_get -isc__mem_putanddetach -isc__mem_put -isc__mem_allocate -isc__mem_free -isc__mem_strdup -isc__mempool_get -isc__mempool_put -isc_msgcat_open +isc_mempool_setfreemax +isc_mempool_setmaxalloc +isc_mempool_setname isc_msgcat_close isc_msgcat_get -isc_mutexblock_init +isc_msgcat_open isc_mutexblock_destroy -isc_netaddr_equal -isc_netaddr_eqprefix -isc_netaddr_masktoprefixlen -isc_netaddr_totext -isc_netaddr_format -isc_netaddr_fromsockaddr -isc_netaddr_fromin -isc_netaddr_fromin6 +isc_mutexblock_init +isc_net_aton +isc_net_aton +isc_net_disableipv4 +isc_net_disableipv6 +isc_net_ntop +isc_net_ntop +isc_net_probe_ipv6only +isc_net_probe_ipv6pktinfo +isc_net_probeipv4 +isc_net_probeipv4 +isc_net_probeipv6 +isc_net_probeipv6 +isc_net_probeunix +isc_net_pton +isc_net_pton isc_netaddr_any isc_netaddr_any6 -isc_netaddr_ismulticast +isc_netaddr_eqprefix +isc_netaddr_equal +isc_netaddr_format +isc_netaddr_fromin +isc_netaddr_fromin6 +isc_netaddr_frompath +isc_netaddr_fromsockaddr isc_netaddr_fromv4mapped +isc_netaddr_ismulticast +isc_netaddr_masktoprefixlen +isc_netaddr_prefixok isc_netaddr_setzone +isc_netaddr_totext isc_netscope_pton -isc_ntpaths_init isc_ntpaths_get +isc_ntpaths_init +isc_once_do isc_ondestroy_init -isc_ondestroy_register isc_ondestroy_notify -isc_task_sendanddetach +isc_ondestroy_register isc_os_ncpus -isc_quota_init -isc_quota_destroy -isc_quota_soft -isc_quota_reserve -isc_quota_release +isc_parse_uint16 +isc_parse_uint32 +isc_parse_uint8 isc_quota_attach +isc_quota_destroy isc_quota_detach -isc_random_seed +isc_quota_init +isc_quota_release +isc_quota_reserve +isc_quota_soft isc_random_get isc_random_jitter +isc_random_seed +isc_ratelimiter_attach isc_ratelimiter_create +isc_ratelimiter_detach +isc_ratelimiter_enqueue isc_ratelimiter_setinterval isc_ratelimiter_setpertic -isc_ratelimiter_enqueue isc_ratelimiter_shutdown -isc_ratelimiter_attach -isc_ratelimiter_detach -isc_resource_setlimit +isc_region_compare isc_resource_getlimit -isc_result_totext +isc_resource_setlimit isc_result_register +isc_result_totext +isc_rwlock_destroy +isc_rwlock_downgrade isc_rwlock_init isc_rwlock_lock isc_rwlock_trylock +isc_rwlock_tryupgrade isc_rwlock_unlock -isc_rwlock_destroy -isc_serial_lt +isc_serial_eq +isc_serial_ge isc_serial_gt isc_serial_le -isc_serial_ge -isc_serial_eq +isc_serial_lt isc_serial_ne +isc_sha1_final isc_sha1_init isc_sha1_invalidate isc_sha1_update -isc_sha1_final -isc_sockaddr_equal -isc_sockaddr_eqaddr -isc_sockaddr_eqaddrprefix -isc_sockaddr_hash isc_sockaddr_any isc_sockaddr_any6 isc_sockaddr_anyofpf +isc_sockaddr_compare +isc_sockaddr_eqaddr +isc_sockaddr_eqaddrprefix +isc_sockaddr_equal +isc_sockaddr_format isc_sockaddr_fromin isc_sockaddr_fromin6 -isc_sockaddr_v6fromin isc_sockaddr_fromnetaddr +isc_sockaddr_frompath +isc_sockaddr_getport +isc_sockaddr_hash +isc_sockaddr_isexperimental +isc_sockaddr_ismulticast isc_sockaddr_pf isc_sockaddr_setport -isc_sockaddr_getport isc_sockaddr_totext -isc_sockaddr_format -isc_sockaddr_ismulticast -isc_socket_create -isc_socket_cancel -;isc_socket_shutdown -isc_socket_attach -isc_socket_detach -isc_socket_bind -isc_socket_listen +isc_sockaddr_v6fromin isc_socket_accept +isc_socket_attach +isc_socket_bind +isc_socket_cancel +isc_socket_cleanunix isc_socket_connect +isc_socket_create +isc_socket_detach +isc_socket_filter isc_socket_getpeername isc_socket_getsockname +isc_socket_gettype +isc_socket_ipv6only +isc_socket_isbound +isc_socket_listen +isc_socket_permunix isc_socket_recv -isc_socket_recvv isc_socket_recv2 +isc_socket_recvv isc_socket_send isc_socket_sendto -isc_socket_sendv -isc_socket_sendtov isc_socket_sendto2 +isc_socket_sendtov +isc_socket_sendv isc_socketmgr_create isc_socketmgr_destroy -isc_socket_gettype -isc_socket_isbound -isc_stdio_open isc_stdio_close -isc_stdio_seek -isc_stdio_read -isc_stdio_write isc_stdio_flush +isc_stdio_open +isc_stdio_read +isc_stdio_seek isc_stdio_sync -isc_string_touint64 +isc_stdio_write +isc_stdtime_get isc_string_separate +isc_string_strlcat +isc_string_strlcpy +isc_string_strlcpy +isc_string_touint64 isc_symtab_create +isc_symtab_define isc_symtab_destroy isc_symtab_lookup -isc_symtab_define isc_symtab_undefine -isc_task_create +isc_syslog_facilityfromstring isc_task_attach -isc_task_detach -isc_task_send -isc_task_sendanddetach -isc_task_purgerange -isc_task_purge -isc_task_purgeevent -isc_task_unsendrange -isc_task_unsend -isc_task_onshutdown -isc_task_shutdown +isc_task_beginexclusive +isc_task_create isc_task_destroy -isc_task_setname +isc_task_detach +isc_task_endexclusive +isc_task_endexclusive +isc_task_getcurrenttime isc_task_getname isc_task_gettag -isc_task_beginexclusive -isc_task_endexclusive -isc_task_endexclusive +isc_task_onshutdown +isc_task_purge +isc_task_purgeevent +isc_task_purgerange +isc_task_send +isc_task_sendanddetach +isc_task_sendanddetach +isc_task_setname +isc_task_shutdown +isc_task_unsend +isc_task_unsendrange isc_taskmgr_create isc_taskmgr_destroy isc_taskpool_create -isc_taskpool_gettask isc_taskpool_destroy -isc_timer_create -isc_timer_reset -isc_timer_touch -isc_timer_attach -isc_timer_detach -isc_timermgr_create -isc_timermgr_destroy -isc_condition_init -isc_condition_wait -isc_condition_signal -isc_condition_broadcast -isc_condition_destroy -isc_condition_waituntil -isc_dir_init -isc_dir_open -isc_dir_read -isc_dir_reset -isc_dir_close -isc_dir_chdir -isc_dir_chroot -isc_net_probeipv4 -isc_net_probeipv6 -isc_net_ntop -isc_net_pton -isc_net_aton -isc_once_do -isc_stdtime_get - +isc_taskpool_gettask +isc_thread_create isc_thread_create isc_thread_join +isc_thread_join +isc_thread_setconcurrency isc_thread_setconcurrency -isc_interval_set -isc_time_subtract -isc_interval_iszero -isc_time_settoepoch -isc_time_isepoch -isc_time_now -isc_time_nowplusinterval -isc_time_compare isc_time_add -isc_time_subtract +isc_time_compare +isc_time_isepoch isc_time_microdiff isc_time_nanoseconds -isc_keyboard_open -isc_keyboard_close -isc_keyboard_getchar -isc_keyboard_canceled -isc_app_start -isc_app_onrun -isc_app_run -isc_app_shutdown -isc_app_reload -isc_app_finish -isc_app_block -isc_app_unblock -isc_thread_create -isc_thread_join -isc_thread_setconcurrency -isc_net_probeipv4 -isc_net_probeipv6 -isc_net_ntop -isc_net_pton -isc_net_aton -openlog -syslog -closelog -isc_syslog_facilityfromstring -NTReportError - -isc_file_truncate -isc__strerror -isc_parse_uint32 -isc_parse_uint16 -isc_parse_uint8 +isc_time_now +isc_time_nowplusinterval +isc_time_settoepoch +isc_time_subtract +isc_time_subtract +isc_timer_attach +isc_timer_create +isc_timer_detach +isc_timer_reset +isc_timer_touch +isc_timermgr_create +isc_timermgr_destroy +isc_timermgr_poke isc_win32os_majorversion isc_win32os_minorversion isc_win32os_servicepackmajor isc_win32os_servicepackminor isc_win32os_versioncheck -isc_socket_ipv6only -isc_region_compare -isc_socket_filter -isc_string_strlcpy -isc_rwlock_tryupgrade -isc_rwlock_downgrade -isc_sockaddr_isexperimental -isc_net_disableipv4 -isc_net_disableipv6 -isc_task_getcurrenttime -isc_net_probe_ipv6only -isc_timermgr_poke -isc_net_probe_ipv6pktinfo -isc_string_strlcat -isc_string_strlcpy -isc_netaddr_prefixok -isc_sockaddr_compare +openlog +syslog ; Exported Data diff --git a/lib/isc/win32/net.c b/lib/isc/win32/net.c index b86eabd062..5061bf735b 100644 --- a/lib/isc/win32/net.c +++ b/lib/isc/win32/net.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: net.c,v 1.10 2004/04/29 01:37:14 marka Exp $ */ +/* $Id: net.c,v 1.11 2005/02/23 01:06:40 marka Exp $ */ #include @@ -148,6 +148,11 @@ isc_net_probeipv6(void) { return (ipv6_result); } +isc_result_t +isc_net_probeunix(void) { + return (ISC_R_NOTFOUND); +} + #ifdef ISC_PLATFORM_HAVEIPV6 #ifdef WANT_IPV6 static void diff --git a/lib/isc/win32/socket.c b/lib/isc/win32/socket.c index 8a6073259c..dfe3da6c8a 100644 --- a/lib/isc/win32/socket.c +++ b/lib/isc/win32/socket.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: socket.c,v 1.35 2004/09/01 04:38:43 marka Exp $ */ +/* $Id: socket.c,v 1.36 2005/02/23 01:06:40 marka Exp $ */ /* This code has been rewritten to take advantage of Windows Sockets * I/O Completion Ports and Events. I/O Completion Ports is ONLY @@ -3761,3 +3761,20 @@ isc_socket_ipv6only(isc_socket_t *sock, isc_boolean_t yes) { } #endif } + +void +isc_socket_cleanunix(isc_sockaddr_t *addr, isc_boolean_t active) { + UNUSED(addr); + UNUSED(active); +} + +isc_result_t +isc_socket_permunix(isc_sockaddr_t *addr, isc_uint32_t perm, + isc_uint32_t owner, isc_uint32_t group) +{ + UNUSED(addr); + UNUSED(perm); + UNUSED(owner); + UNUSED(group); + return (ISC_R_NOTIMPLEMENTED); +} diff --git a/lib/isccfg/namedconf.c b/lib/isccfg/namedconf.c index 52e86a2851..4b49a134b0 100644 --- a/lib/isccfg/namedconf.c +++ b/lib/isccfg/namedconf.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: namedconf.c,v 1.46 2005/01/17 00:46:04 marka Exp $ */ +/* $Id: namedconf.c,v 1.47 2005/02/23 01:06:41 marka Exp $ */ #include @@ -1206,12 +1206,12 @@ static cfg_type_t cfg_type_optional_keyref = { /* * A "controls" statement is represented as a map with the multivalued - * "inet" and "unix" clauses. Inet controls are tuples; unix controls - * are cfg_unsupported_t objects. + * "inet" and "unix" clauses. */ static keyword_type_t controls_allow_kw = { "allow", &cfg_type_bracketed_aml }; + static cfg_type_t cfg_type_controls_allow = { "controls_allow", parse_keyvalue, print_keyvalue, doc_keyvalue, @@ -1220,6 +1220,7 @@ static cfg_type_t cfg_type_controls_allow = { static keyword_type_t controls_keys_kw = { "keys", &cfg_type_keylist }; + static cfg_type_t cfg_type_controls_keys = { "controls_keys", parse_optional_keyvalue, print_keyvalue, doc_optional_keyvalue, @@ -1232,16 +1233,57 @@ static cfg_tuplefielddef_t inetcontrol_fields[] = { { "keys", &cfg_type_controls_keys, 0 }, { NULL, NULL, 0 } }; + static cfg_type_t cfg_type_inetcontrol = { "inetcontrol", cfg_parse_tuple, cfg_print_tuple, cfg_doc_tuple, &cfg_rep_tuple, inetcontrol_fields }; +static keyword_type_t controls_perm_kw = { + "perm", &cfg_type_uint32 }; + +static cfg_type_t cfg_type_controls_perm = { + "controls_perm", parse_keyvalue, + print_keyvalue, doc_keyvalue, + &cfg_rep_uint32, &controls_perm_kw +}; + +static keyword_type_t controls_owner_kw = { + "owner", &cfg_type_uint32 }; + +static cfg_type_t cfg_type_controls_owner = { + "controls_owner", parse_keyvalue, + print_keyvalue, doc_keyvalue, + &cfg_rep_uint32, &controls_owner_kw +}; + +static keyword_type_t controls_group_kw = { + "group", &cfg_type_uint32 }; + +static cfg_type_t cfg_type_controls_group = { + "controls_allow", parse_keyvalue, + print_keyvalue, doc_keyvalue, + &cfg_rep_uint32, &controls_group_kw +}; + +static cfg_tuplefielddef_t unixcontrol_fields[] = { + { "path", &cfg_type_qstring, 0 }, + { "perm", &cfg_type_controls_perm, 0 }, + { "owner", &cfg_type_controls_owner, 0 }, + { "group", &cfg_type_controls_group, 0 }, + { "keys", &cfg_type_controls_keys, 0 }, + { NULL, NULL, 0 } +}; + +static cfg_type_t cfg_type_unixcontrol = { + "unixcontrol", cfg_parse_tuple, cfg_print_tuple, cfg_doc_tuple, &cfg_rep_tuple, + unixcontrol_fields +}; + static cfg_clausedef_t controls_clauses[] = { { "inet", &cfg_type_inetcontrol, CFG_CLAUSEFLAG_MULTI }, - { "unix", &cfg_type_unsupported, - CFG_CLAUSEFLAG_MULTI|CFG_CLAUSEFLAG_NOTIMP }, + { "unix", &cfg_type_unixcontrol, CFG_CLAUSEFLAG_MULTI }, { NULL, NULL, 0 } };