diff --git a/bin/tests/system/checkconf/tests.sh b/bin/tests/system/checkconf/tests.sh index e4afd713fa..523f02df4e 100644 --- a/bin/tests/system/checkconf/tests.sh +++ b/bin/tests/system/checkconf/tests.sh @@ -430,6 +430,7 @@ n=`expr $n + 1` echo_i "check that named-checkconf -l prints out the zone list ($n)" ret=0 $CHECKCONF -l good.conf | +grep -v "is deprecated" | grep -v "is not implemented" | grep -v "is not recommended" | grep -v "no longer exists" | diff --git a/doc/arm/reference.rst b/doc/arm/reference.rst index dcf1f3b384..23e55d2f76 100644 --- a/doc/arm/reference.rst +++ b/doc/arm/reference.rst @@ -3261,11 +3261,11 @@ Query Address .. namedconf:statement:: query-source :tags: query - :short: Controls the IPv4 address and port from which queries are issued. + :short: Controls the IPv4 address from which queries are issued. .. namedconf:statement:: query-source-v6 :tags: query - :short: Controls the IPv6 address and port from which queries are issued. + :short: Controls the IPv6 address from which queries are issued. If the server does not know the answer to a question, it queries other name servers. :any:`query-source` specifies the address and port used for @@ -3281,20 +3281,24 @@ Query Address query-source address * port *; query-source-v6 address * port *; - .. note:: The address specified in the :any:`query-source` option is used for both - UDP and TCP queries, but the port applies only to UDP queries. TCP - queries always use a random unprivileged port. + .. note:: ``port`` configuration is deprecated. A warning will be logged + when this parameter is used. + + .. note:: The address specified in the :any:`query-source` option is + used for both UDP and TCP queries, but the port applies only to UDP + queries. TCP queries always use a random unprivileged port. .. namedconf:statement:: use-v4-udp-ports - :tags: query + :tags: deprecated :short: Specifies a list of ports that are valid sources for UDP/IPv4 messages. .. namedconf:statement:: use-v6-udp-ports - :tags: query + :tags: deprecated :short: Specifies a list of ports that are valid sources for UDP/IPv6 messages. - These statements specify a list of IPv4 and IPv6 UDP ports that - are used as source ports for UDP messages. + These statements, which are deprecated and will be removed in a future + release, specify a list of IPv4 and IPv6 UDP ports that are used as + source ports for UDP messages. If :term:`port` is ``*`` or is omitted, a random port number from a pre-configured range is selected and used for each query. The @@ -3313,15 +3317,16 @@ Query Address use-v6-udp-ports { range 1024 65535; }; .. namedconf:statement:: avoid-v4-udp-ports - :tags: query + :tags: deprecated :short: Specifies the range(s) of ports to be excluded from use as sources for UDP/IPv4 messages. .. namedconf:statement:: avoid-v6-udp-ports - :tags: query + :tags: deprecated :short: Specifies the range(s) of ports to be excluded from use as sources for UDP/IPv6 messages. - These ranges are excluded from those - specified in the :any:`avoid-v4-udp-ports` and :any:`avoid-v6-udp-ports` + These statements, which are deprecated and will be removed in a future + release, specific ranges of port numbers to exclude from those specified + in the :any:`avoid-v4-udp-ports` and :any:`avoid-v6-udp-ports` options, respectively. The defaults of the :any:`avoid-v4-udp-ports` and :any:`avoid-v6-udp-ports` @@ -3553,6 +3558,9 @@ options apply to zone transfers. :any:`transfer-source` statement within the :any:`view` or :any:`zone` block in the configuration file. + .. note:: ``port`` configuration is deprecated. A warning will be logged + when this parameter is used. + .. warning:: Specifying a single port is discouraged, as it removes a layer of protection against spoofing errors. @@ -3562,8 +3570,8 @@ options apply to zone transfers. :tags: transfer :short: Defines which local IPv6 address(es) are bound to TCP connections used to fetch zones transferred inbound by the server. - This option is the same as :any:`transfer-source`, except zone transfers are performed - using IPv6. + This option is the same as :any:`transfer-source`, except zone transfers + are performed using IPv6. .. namedconf:statement:: notify-source :tags: transfer @@ -3577,6 +3585,9 @@ options apply to zone transfers. or per-view basis by including a :any:`notify-source` statement within the :any:`zone` or :any:`view` block in the configuration file. + .. note:: ``port`` configuration is deprecated. A warning will be logged + when this parameter is used. + .. warning:: Specifying a single port is discouraged, as it removes a layer of protection against spoofing errors. @@ -6468,6 +6479,9 @@ The following options apply to DS queries sent to :any:`parental-agents`: per-view basis by including a :any:`parental-source` statement within the :any:`zone` or :any:`view` block in the configuration file. + .. note:: ``port`` configuration is deprecated. A warning will be logged + when this parameter is used. + .. warning:: Specifying a single port is discouraged, as it removes a layer of protection against spoofing errors. diff --git a/doc/man/named.conf.5in b/doc/man/named.conf.5in index a4f83bd9e3..ce1d817a1b 100644 --- a/doc/man/named.conf.5in +++ b/doc/man/named.conf.5in @@ -126,17 +126,17 @@ options { allow\-transfer [ port ] [ transport ] { ; ... }; allow\-update { ; ... }; allow\-update\-forwarding { ; ... }; - also\-notify [ port ] [ source ( | * ) [ port ( | * ) ] ] [ source\-v6 ( | * ) [ port ( | * ) ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; + also\-notify [ port ] [ source ( | * ) ] [ source\-v6 ( | * ) ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; answer\-cookie ; attach\-cache ; auth\-nxdomain ; auto\-dnssec ( allow | maintain | off ); // deprecated automatic\-interface\-scan ; - avoid\-v4\-udp\-ports { ; ... }; - avoid\-v6\-udp\-ports { ; ... }; + avoid\-v4\-udp\-ports { ; ... }; // deprecated + avoid\-v6\-udp\-ports { ; ... }; // deprecated bindkeys\-file ; blackhole { ; ... }; - catalog\-zones { zone [ default\-primaries [ port ] [ source ( | * ) [ port ( | * ) ] ] [ source\-v6 ( | * ) [ port ( | * ) ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... } ] [ zone\-directory ] [ in\-memory ] [ min\-update\-interval ]; ... }; + catalog\-zones { zone [ default\-primaries [ port ] [ source ( | * ) ] [ source\-v6 ( | * ) ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... } ] [ zone\-directory ] [ in\-memory ] [ min\-update\-interval ]; ... }; check\-dup\-records ( fail | warn | ignore ); check\-integrity ; check\-mx ( fail | warn | ignore ); @@ -259,23 +259,23 @@ options { notify ( explicit | master\-only | primary\-only | ); notify\-delay ; notify\-rate ; - notify\-source ( | * ) [ port ( | * ) ]; - notify\-source\-v6 ( | * ) [ port ( | * ) ]; + notify\-source ( | * ) ; + notify\-source\-v6 ( | * ) ; notify\-to\-soa ; nsec3\-test\-zone ; // test only nta\-lifetime ; nta\-recheck ; nxdomain\-redirect ; - parental\-source ( | * ) [ port ( | * ) ]; - parental\-source\-v6 ( | * ) [ port ( | * ) ]; + parental\-source ( | * ) ; + parental\-source\-v6 ( | * ) ; pid\-file ( | none ); port ; preferred\-glue ; prefetch [ ]; provide\-ixfr ; qname\-minimization ( strict | relaxed | disabled | off ); - query\-source ( ( [ address ] ( | * ) [ port ( | * ) ] ) | ( [ [ address ] ( | * ) ] port ( | * ) ) ); - query\-source\-v6 ( ( [ address ] ( | * ) [ port ( | * ) ] ) | ( [ [ address ] ( | * ) ] port ( | * ) ) ); + query\-source [ address ] ( | * ); + query\-source\-v6 [ address ] ( | * ); querylog ; rate\-limit { all\-per\-second ; @@ -349,8 +349,8 @@ options { tls\-port ; transfer\-format ( many\-answers | one\-answer ); transfer\-message\-size ; - transfer\-source ( | * ) [ port ( | * ) ]; - transfer\-source\-v6 ( | * ) [ port ( | * ) ]; + transfer\-source ( | * ) ; + transfer\-source\-v6 ( | * ) ; transfers\-in ; transfers\-out ; transfers\-per\-ns ; @@ -359,8 +359,8 @@ options { udp\-receive\-buffer ; udp\-send\-buffer ; update\-check\-ksk ; - use\-v4\-udp\-ports { ; ... }; - use\-v6\-udp\-ports { ; ... }; + use\-v4\-udp\-ports { ; ... }; // deprecated + use\-v6\-udp\-ports { ; ... }; // deprecated v6\-bias ; validate\-except { ; ... }; version ( | none ); @@ -369,11 +369,11 @@ options { zone\-statistics ( full | terse | none | ); }; -parental\-agents [ port ] [ source ( | * ) [ port ( | * ) ] ] [ source\-v6 ( | * ) [ port ( | * ) ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; // may occur multiple times +parental\-agents [ port ] [ source ( | * ) ] [ source\-v6 ( | * ) ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; // may occur multiple times plugin ( query ) [ { } ]; // may occur multiple times -primaries [ port ] [ source ( | * ) [ port ( | * ) ] ] [ source\-v6 ( | * ) [ port ( | * ) ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; // may occur multiple times +primaries [ port ] [ source ( | * ) ] [ source\-v6 ( | * ) ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; // may occur multiple times server { bogus ; @@ -382,12 +382,12 @@ server { edns\-version ; keys ; max\-udp\-size ; - notify\-source ( | * ) [ port ( | * ) ]; - notify\-source\-v6 ( | * ) [ port ( | * ) ]; + notify\-source ( | * ) ; + notify\-source\-v6 ( | * ) ; padding ; provide\-ixfr ; - query\-source ( ( [ address ] ( | * ) [ port ( | * ) ] ) | ( [ [ address ] ( | * ) ] port ( | * ) ) ); - query\-source\-v6 ( ( [ address ] ( | * ) [ port ( | * ) ] ) | ( [ [ address ] ( | * ) ] port ( | * ) ) ); + query\-source [ address ] ( | * ); + query\-source\-v6 [ address ] ( | * ); request\-expire ; request\-ixfr ; request\-nsid ; @@ -396,8 +396,8 @@ server { tcp\-keepalive ; tcp\-only ; transfer\-format ( many\-answers | one\-answer ); - transfer\-source ( | * ) [ port ( | * ) ]; - transfer\-source\-v6 ( | * ) [ port ( | * ) ]; + transfer\-source ( | * ) ; + transfer\-source\-v6 ( | * ) ; transfers ; }; // may occur multiple times @@ -433,11 +433,11 @@ view [ ] { allow\-transfer [ port ] [ transport ] { ; ... }; allow\-update { ; ... }; allow\-update\-forwarding { ; ... }; - also\-notify [ port ] [ source ( | * ) [ port ( | * ) ] ] [ source\-v6 ( | * ) [ port ( | * ) ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; + also\-notify [ port ] [ source ( | * ) ] [ source\-v6 ( | * ) ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; attach\-cache ; auth\-nxdomain ; auto\-dnssec ( allow | maintain | off ); // deprecated - catalog\-zones { zone [ default\-primaries [ port ] [ source ( | * ) [ port ( | * ) ] ] [ source\-v6 ( | * ) [ port ( | * ) ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... } ] [ zone\-directory ] [ in\-memory ] [ min\-update\-interval ]; ... }; + catalog\-zones { zone [ default\-primaries [ port ] [ source ( | * ) ] [ source\-v6 ( | * ) ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... } ] [ zone\-directory ] [ in\-memory ] [ min\-update\-interval ]; ... }; check\-dup\-records ( fail | warn | ignore ); check\-integrity ; check\-mx ( fail | warn | ignore ); @@ -540,22 +540,22 @@ view [ ] { nocookie\-udp\-size ; notify ( explicit | master\-only | primary\-only | ); notify\-delay ; - notify\-source ( | * ) [ port ( | * ) ]; - notify\-source\-v6 ( | * ) [ port ( | * ) ]; + notify\-source ( | * ) ; + notify\-source\-v6 ( | * ) ; notify\-to\-soa ; nsec3\-test\-zone ; // test only nta\-lifetime ; nta\-recheck ; nxdomain\-redirect ; - parental\-source ( | * ) [ port ( | * ) ]; - parental\-source\-v6 ( | * ) [ port ( | * ) ]; + parental\-source ( | * ) ; + parental\-source\-v6 ( | * ) ; plugin ( query ) [ { } ]; // may occur multiple times preferred\-glue ; prefetch [ ]; provide\-ixfr ; qname\-minimization ( strict | relaxed | disabled | off ); - query\-source ( ( [ address ] ( | * ) [ port ( | * ) ] ) | ( [ [ address ] ( | * ) ] port ( | * ) ) ); - query\-source\-v6 ( ( [ address ] ( | * ) [ port ( | * ) ] ) | ( [ [ address ] ( | * ) ] port ( | * ) ) ); + query\-source [ address ] ( | * ); + query\-source\-v6 [ address ] ( | * ); rate\-limit { all\-per\-second ; errors\-per\-second ; @@ -595,12 +595,12 @@ view [ ] { edns\-version ; keys ; max\-udp\-size ; - notify\-source ( | * ) [ port ( | * ) ]; - notify\-source\-v6 ( | * ) [ port ( | * ) ]; + notify\-source ( | * ) ; + notify\-source\-v6 ( | * ) ; padding ; provide\-ixfr ; - query\-source ( ( [ address ] ( | * ) [ port ( | * ) ] ) | ( [ [ address ] ( | * ) ] port ( | * ) ) ); - query\-source\-v6 ( ( [ address ] ( | * ) [ port ( | * ) ] ) | ( [ [ address ] ( | * ) ] port ( | * ) ) ); + query\-source [ address ] ( | * ); + query\-source\-v6 [ address ] ( | * ); request\-expire ; request\-ixfr ; request\-nsid ; @@ -609,8 +609,8 @@ view [ ] { tcp\-keepalive ; tcp\-only ; transfer\-format ( many\-answers | one\-answer ); - transfer\-source ( | * ) [ port ( | * ) ]; - transfer\-source\-v6 ( | * ) [ port ( | * ) ]; + transfer\-source ( | * ) ; + transfer\-source\-v6 ( | * ) ; transfers ; }; // may occur multiple times servfail\-ttl ; @@ -627,8 +627,8 @@ view [ ] { suppress\-initial\-notify ; // obsolete synth\-from\-dnssec ; transfer\-format ( many\-answers | one\-answer ); - transfer\-source ( | * ) [ port ( | * ) ]; - transfer\-source\-v6 ( | * ) [ port ( | * ) ]; + transfer\-source ( | * ) ; + transfer\-source\-v6 ( | * ) ; trust\-anchor\-telemetry ; // experimental trust\-anchors { ( static\-key | initial\-key | static\-ds | initial\-ds ) ; ... }; // may occur multiple times trusted\-keys { ; ... }; // may occur multiple times, deprecated @@ -659,7 +659,7 @@ zone [ ] { allow\-query\-on { ; ... }; allow\-transfer [ port ] [ transport ] { ; ... }; allow\-update { ; ... }; - also\-notify [ port ] [ source ( | * ) [ port ( | * ) ] ] [ source\-v6 ( | * ) [ port ( | * ) ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; + also\-notify [ port ] [ source ( | * ) ] [ source\-v6 ( | * ) ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; auto\-dnssec ( allow | maintain | off ); // deprecated check\-dup\-records ( fail | warn | ignore ); check\-integrity ; @@ -697,13 +697,13 @@ zone [ ] { max\-zone\-ttl ( unlimited | ); // deprecated notify ( explicit | master\-only | primary\-only | ); notify\-delay ; - notify\-source ( | * ) [ port ( | * ) ]; - notify\-source\-v6 ( | * ) [ port ( | * ) ]; + notify\-source ( | * ) ; + notify\-source\-v6 ( | * ) ; notify\-to\-soa ; nsec3\-test\-zone ; // test only - parental\-agents [ port ] [ source ( | * ) [ port ( | * ) ] ] [ source\-v6 ( | * ) [ port ( | * ) ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; - parental\-source ( | * ) [ port ( | * ) ]; - parental\-source\-v6 ( | * ) [ port ( | * ) ]; + parental\-agents [ port ] [ source ( | * ) ] [ source\-v6 ( | * ) ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; + parental\-source ( | * ) ; + parental\-source\-v6 ( | * ) ; serial\-update\-method ( date | increment | unixtime ); sig\-signing\-nodes ; sig\-signing\-signatures ; @@ -731,7 +731,7 @@ zone [ ] { allow\-query\-on { ; ... }; allow\-transfer [ port ] [ transport ] { ; ... }; allow\-update\-forwarding { ; ... }; - also\-notify [ port ] [ source ( | * ) [ port ( | * ) ] ] [ source\-v6 ( | * ) [ port ( | * ) ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; + also\-notify [ port ] [ source ( | * ) ] [ source\-v6 ( | * ) ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; auto\-dnssec ( allow | maintain | off ); // deprecated check\-names ( fail | warn | ignore ); database ; @@ -765,22 +765,22 @@ zone [ ] { multi\-master ; notify ( explicit | master\-only | primary\-only | ); notify\-delay ; - notify\-source ( | * ) [ port ( | * ) ]; - notify\-source\-v6 ( | * ) [ port ( | * ) ]; + notify\-source ( | * ) ; + notify\-source\-v6 ( | * ) ; notify\-to\-soa ; nsec3\-test\-zone ; // test only - parental\-agents [ port ] [ source ( | * ) [ port ( | * ) ] ] [ source\-v6 ( | * ) [ port ( | * ) ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; - parental\-source ( | * ) [ port ( | * ) ]; - parental\-source\-v6 ( | * ) [ port ( | * ) ]; - primaries [ port ] [ source ( | * ) [ port ( | * ) ] ] [ source\-v6 ( | * ) [ port ( | * ) ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; + parental\-agents [ port ] [ source ( | * ) ] [ source\-v6 ( | * ) ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; + parental\-source ( | * ) ; + parental\-source\-v6 ( | * ) ; + primaries [ port ] [ source ( | * ) ] [ source\-v6 ( | * ) ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; request\-expire ; request\-ixfr ; sig\-signing\-nodes ; sig\-signing\-signatures ; sig\-signing\-type ; sig\-validity\-interval [ ]; - transfer\-source ( | * ) [ port ( | * ) ]; - transfer\-source\-v6 ( | * ) [ port ( | * ) ]; + transfer\-source ( | * ) ; + transfer\-source\-v6 ( | * ) ; try\-tcp\-refresh ; update\-check\-ksk ; zero\-no\-soa\-ttl ; @@ -803,7 +803,7 @@ zone [ ] { allow\-query\-on { ; ... }; allow\-transfer [ port ] [ transport ] { ; ... }; allow\-update\-forwarding { ; ... }; - also\-notify [ port ] [ source ( | * ) [ port ( | * ) ] ] [ source\-v6 ( | * ) [ port ( | * ) ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; + also\-notify [ port ] [ source ( | * ) ] [ source\-v6 ( | * ) ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; check\-names ( fail | warn | ignore ); database ; file ; @@ -825,13 +825,13 @@ zone [ ] { multi\-master ; notify ( explicit | master\-only | primary\-only | ); notify\-delay ; - notify\-source ( | * ) [ port ( | * ) ]; - notify\-source\-v6 ( | * ) [ port ( | * ) ]; - primaries [ port ] [ source ( | * ) [ port ( | * ) ] ] [ source\-v6 ( | * ) [ port ( | * ) ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; + notify\-source ( | * ) ; + notify\-source\-v6 ( | * ) ; + primaries [ port ] [ source ( | * ) ] [ source\-v6 ( | * ) ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; request\-expire ; request\-ixfr ; - transfer\-source ( | * ) [ port ( | * ) ]; - transfer\-source\-v6 ( | * ) [ port ( | * ) ]; + transfer\-source ( | * ) ; + transfer\-source\-v6 ( | * ) ; try\-tcp\-refresh ; zero\-no\-soa\-ttl ; zone\-statistics ( full | terse | none | ); @@ -888,7 +888,7 @@ zone [ ] { masterfile\-style ( full | relative ); max\-records ; max\-zone\-ttl ( unlimited | ); // deprecated - primaries [ port ] [ source ( | * ) [ port ( | * ) ] ] [ source\-v6 ( | * ) [ port ( | * ) ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; + primaries [ port ] [ source ( | * ) ] [ source\-v6 ( | * ) ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; zone\-statistics ( full | terse | none | ); }; @@ -943,9 +943,9 @@ zone [ ] { min\-refresh\-time ; min\-retry\-time ; multi\-master ; - primaries [ port ] [ source ( | * ) [ port ( | * ) ] ] [ source\-v6 ( | * ) [ port ( | * ) ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; - transfer\-source ( | * ) [ port ( | * ) ]; - transfer\-source\-v6 ( | * ) [ port ( | * ) ]; + primaries [ port ] [ source ( | * ) ] [ source\-v6 ( | * ) ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; + transfer\-source ( | * ) ; + transfer\-source\-v6 ( | * ) ; zone\-statistics ( full | terse | none | ); }; diff --git a/doc/misc/mirror.zoneopt b/doc/misc/mirror.zoneopt index 5756c0fdb3..467a78dc1e 100644 --- a/doc/misc/mirror.zoneopt +++ b/doc/misc/mirror.zoneopt @@ -5,7 +5,7 @@ zone [ ] { allow-query-on { ; ... }; allow-transfer [ port ] [ transport ] { ; ... }; allow-update-forwarding { ; ... }; - also-notify [ port ] [ source ( | * ) [ port ( | * ) ] ] [ source-v6 ( | * ) [ port ( | * ) ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; + also-notify [ port ] [ source ( | * ) ] [ source-v6 ( | * ) ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; check-names ( fail | warn | ignore ); database ; file ; @@ -27,13 +27,13 @@ zone [ ] { multi-master ; notify ( explicit | master-only | primary-only | ); notify-delay ; - notify-source ( | * ) [ port ( | * ) ]; - notify-source-v6 ( | * ) [ port ( | * ) ]; - primaries [ port ] [ source ( | * ) [ port ( | * ) ] ] [ source-v6 ( | * ) [ port ( | * ) ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; + notify-source ( | * ) ; + notify-source-v6 ( | * ) ; + primaries [ port ] [ source ( | * ) ] [ source-v6 ( | * ) ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; request-expire ; request-ixfr ; - transfer-source ( | * ) [ port ( | * ) ]; - transfer-source-v6 ( | * ) [ port ( | * ) ]; + transfer-source ( | * ) ; + transfer-source-v6 ( | * ) ; try-tcp-refresh ; zero-no-soa-ttl ; zone-statistics ( full | terse | none | ); diff --git a/doc/misc/options b/doc/misc/options index 68cb662666..9064b2b598 100644 --- a/doc/misc/options +++ b/doc/misc/options @@ -69,17 +69,17 @@ options { allow-transfer [ port ] [ transport ] { ; ... }; allow-update { ; ... }; allow-update-forwarding { ; ... }; - also-notify [ port ] [ source ( | * ) [ port ( | * ) ] ] [ source-v6 ( | * ) [ port ( | * ) ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; + also-notify [ port ] [ source ( | * ) ] [ source-v6 ( | * ) ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; answer-cookie ; attach-cache ; auth-nxdomain ; auto-dnssec ( allow | maintain | off ); // deprecated automatic-interface-scan ; - avoid-v4-udp-ports { ; ... }; - avoid-v6-udp-ports { ; ... }; + avoid-v4-udp-ports { ; ... }; // deprecated + avoid-v6-udp-ports { ; ... }; // deprecated bindkeys-file ; blackhole { ; ... }; - catalog-zones { zone [ default-primaries [ port ] [ source ( | * ) [ port ( | * ) ] ] [ source-v6 ( | * ) [ port ( | * ) ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... } ] [ zone-directory ] [ in-memory ] [ min-update-interval ]; ... }; + catalog-zones { zone [ default-primaries [ port ] [ source ( | * ) ] [ source-v6 ( | * ) ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... } ] [ zone-directory ] [ in-memory ] [ min-update-interval ]; ... }; check-dup-records ( fail | warn | ignore ); check-integrity ; check-mx ( fail | warn | ignore ); @@ -202,23 +202,23 @@ options { notify ( explicit | master-only | primary-only | ); notify-delay ; notify-rate ; - notify-source ( | * ) [ port ( | * ) ]; - notify-source-v6 ( | * ) [ port ( | * ) ]; + notify-source ( | * ) ; + notify-source-v6 ( | * ) ; notify-to-soa ; nsec3-test-zone ; // test only nta-lifetime ; nta-recheck ; nxdomain-redirect ; - parental-source ( | * ) [ port ( | * ) ]; - parental-source-v6 ( | * ) [ port ( | * ) ]; + parental-source ( | * ) ; + parental-source-v6 ( | * ) ; pid-file ( | none ); port ; preferred-glue ; prefetch [ ]; provide-ixfr ; qname-minimization ( strict | relaxed | disabled | off ); - query-source ( ( [ address ] ( | * ) [ port ( | * ) ] ) | ( [ [ address ] ( | * ) ] port ( | * ) ) ); - query-source-v6 ( ( [ address ] ( | * ) [ port ( | * ) ] ) | ( [ [ address ] ( | * ) ] port ( | * ) ) ); + query-source [ address ] ( | * ); + query-source-v6 [ address ] ( | * ); querylog ; rate-limit { all-per-second ; @@ -292,8 +292,8 @@ options { tls-port ; transfer-format ( many-answers | one-answer ); transfer-message-size ; - transfer-source ( | * ) [ port ( | * ) ]; - transfer-source-v6 ( | * ) [ port ( | * ) ]; + transfer-source ( | * ) ; + transfer-source-v6 ( | * ) ; transfers-in ; transfers-out ; transfers-per-ns ; @@ -302,8 +302,8 @@ options { udp-receive-buffer ; udp-send-buffer ; update-check-ksk ; - use-v4-udp-ports { ; ... }; - use-v6-udp-ports { ; ... }; + use-v4-udp-ports { ; ... }; // deprecated + use-v6-udp-ports { ; ... }; // deprecated v6-bias ; validate-except { ; ... }; version ( | none ); @@ -312,11 +312,11 @@ options { zone-statistics ( full | terse | none | ); }; -parental-agents [ port ] [ source ( | * ) [ port ( | * ) ] ] [ source-v6 ( | * ) [ port ( | * ) ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; // may occur multiple times +parental-agents [ port ] [ source ( | * ) ] [ source-v6 ( | * ) ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; // may occur multiple times plugin ( query ) [ { } ]; // may occur multiple times -primaries [ port ] [ source ( | * ) [ port ( | * ) ] ] [ source-v6 ( | * ) [ port ( | * ) ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; // may occur multiple times +primaries [ port ] [ source ( | * ) ] [ source-v6 ( | * ) ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; // may occur multiple times server { bogus ; @@ -325,12 +325,12 @@ server { edns-version ; keys ; max-udp-size ; - notify-source ( | * ) [ port ( | * ) ]; - notify-source-v6 ( | * ) [ port ( | * ) ]; + notify-source ( | * ) ; + notify-source-v6 ( | * ) ; padding ; provide-ixfr ; - query-source ( ( [ address ] ( | * ) [ port ( | * ) ] ) | ( [ [ address ] ( | * ) ] port ( | * ) ) ); - query-source-v6 ( ( [ address ] ( | * ) [ port ( | * ) ] ) | ( [ [ address ] ( | * ) ] port ( | * ) ) ); + query-source [ address ] ( | * ); + query-source-v6 [ address ] ( | * ); request-expire ; request-ixfr ; request-nsid ; @@ -339,8 +339,8 @@ server { tcp-keepalive ; tcp-only ; transfer-format ( many-answers | one-answer ); - transfer-source ( | * ) [ port ( | * ) ]; - transfer-source-v6 ( | * ) [ port ( | * ) ]; + transfer-source ( | * ) ; + transfer-source-v6 ( | * ) ; transfers ; }; // may occur multiple times @@ -376,11 +376,11 @@ view [ ] { allow-transfer [ port ] [ transport ] { ; ... }; allow-update { ; ... }; allow-update-forwarding { ; ... }; - also-notify [ port ] [ source ( | * ) [ port ( | * ) ] ] [ source-v6 ( | * ) [ port ( | * ) ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; + also-notify [ port ] [ source ( | * ) ] [ source-v6 ( | * ) ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; attach-cache ; auth-nxdomain ; auto-dnssec ( allow | maintain | off ); // deprecated - catalog-zones { zone [ default-primaries [ port ] [ source ( | * ) [ port ( | * ) ] ] [ source-v6 ( | * ) [ port ( | * ) ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... } ] [ zone-directory ] [ in-memory ] [ min-update-interval ]; ... }; + catalog-zones { zone [ default-primaries [ port ] [ source ( | * ) ] [ source-v6 ( | * ) ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... } ] [ zone-directory ] [ in-memory ] [ min-update-interval ]; ... }; check-dup-records ( fail | warn | ignore ); check-integrity ; check-mx ( fail | warn | ignore ); @@ -483,22 +483,22 @@ view [ ] { nocookie-udp-size ; notify ( explicit | master-only | primary-only | ); notify-delay ; - notify-source ( | * ) [ port ( | * ) ]; - notify-source-v6 ( | * ) [ port ( | * ) ]; + notify-source ( | * ) ; + notify-source-v6 ( | * ) ; notify-to-soa ; nsec3-test-zone ; // test only nta-lifetime ; nta-recheck ; nxdomain-redirect ; - parental-source ( | * ) [ port ( | * ) ]; - parental-source-v6 ( | * ) [ port ( | * ) ]; + parental-source ( | * ) ; + parental-source-v6 ( | * ) ; plugin ( query ) [ { } ]; // may occur multiple times preferred-glue ; prefetch [ ]; provide-ixfr ; qname-minimization ( strict | relaxed | disabled | off ); - query-source ( ( [ address ] ( | * ) [ port ( | * ) ] ) | ( [ [ address ] ( | * ) ] port ( | * ) ) ); - query-source-v6 ( ( [ address ] ( | * ) [ port ( | * ) ] ) | ( [ [ address ] ( | * ) ] port ( | * ) ) ); + query-source [ address ] ( | * ); + query-source-v6 [ address ] ( | * ); rate-limit { all-per-second ; errors-per-second ; @@ -538,12 +538,12 @@ view [ ] { edns-version ; keys ; max-udp-size ; - notify-source ( | * ) [ port ( | * ) ]; - notify-source-v6 ( | * ) [ port ( | * ) ]; + notify-source ( | * ) ; + notify-source-v6 ( | * ) ; padding ; provide-ixfr ; - query-source ( ( [ address ] ( | * ) [ port ( | * ) ] ) | ( [ [ address ] ( | * ) ] port ( | * ) ) ); - query-source-v6 ( ( [ address ] ( | * ) [ port ( | * ) ] ) | ( [ [ address ] ( | * ) ] port ( | * ) ) ); + query-source [ address ] ( | * ); + query-source-v6 [ address ] ( | * ); request-expire ; request-ixfr ; request-nsid ; @@ -552,8 +552,8 @@ view [ ] { tcp-keepalive ; tcp-only ; transfer-format ( many-answers | one-answer ); - transfer-source ( | * ) [ port ( | * ) ]; - transfer-source-v6 ( | * ) [ port ( | * ) ]; + transfer-source ( | * ) ; + transfer-source-v6 ( | * ) ; transfers ; }; // may occur multiple times servfail-ttl ; @@ -570,8 +570,8 @@ view [ ] { suppress-initial-notify ; // obsolete synth-from-dnssec ; transfer-format ( many-answers | one-answer ); - transfer-source ( | * ) [ port ( | * ) ]; - transfer-source-v6 ( | * ) [ port ( | * ) ]; + transfer-source ( | * ) ; + transfer-source-v6 ( | * ) ; trust-anchor-telemetry ; // experimental trust-anchors { ( static-key | initial-key | static-ds | initial-ds ) ; ... }; // may occur multiple times trusted-keys { ; ... }; // may occur multiple times, deprecated diff --git a/doc/misc/primary.zoneopt b/doc/misc/primary.zoneopt index 6b1bb177b8..85fc3a36ed 100644 --- a/doc/misc/primary.zoneopt +++ b/doc/misc/primary.zoneopt @@ -4,7 +4,7 @@ zone [ ] { allow-query-on { ; ... }; allow-transfer [ port ] [ transport ] { ; ... }; allow-update { ; ... }; - also-notify [ port ] [ source ( | * ) [ port ( | * ) ] ] [ source-v6 ( | * ) [ port ( | * ) ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; + also-notify [ port ] [ source ( | * ) ] [ source-v6 ( | * ) ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; auto-dnssec ( allow | maintain | off ); // deprecated check-dup-records ( fail | warn | ignore ); check-integrity ; @@ -42,13 +42,13 @@ zone [ ] { max-zone-ttl ( unlimited | ); // deprecated notify ( explicit | master-only | primary-only | ); notify-delay ; - notify-source ( | * ) [ port ( | * ) ]; - notify-source-v6 ( | * ) [ port ( | * ) ]; + notify-source ( | * ) ; + notify-source-v6 ( | * ) ; notify-to-soa ; nsec3-test-zone ; // test only - parental-agents [ port ] [ source ( | * ) [ port ( | * ) ] ] [ source-v6 ( | * ) [ port ( | * ) ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; - parental-source ( | * ) [ port ( | * ) ]; - parental-source-v6 ( | * ) [ port ( | * ) ]; + parental-agents [ port ] [ source ( | * ) ] [ source-v6 ( | * ) ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; + parental-source ( | * ) ; + parental-source-v6 ( | * ) ; serial-update-method ( date | increment | unixtime ); sig-signing-nodes ; sig-signing-signatures ; diff --git a/doc/misc/redirect.zoneopt b/doc/misc/redirect.zoneopt index 84fff6cbab..94e104d444 100644 --- a/doc/misc/redirect.zoneopt +++ b/doc/misc/redirect.zoneopt @@ -8,6 +8,6 @@ zone [ ] { masterfile-style ( full | relative ); max-records ; max-zone-ttl ( unlimited | ); // deprecated - primaries [ port ] [ source ( | * ) [ port ( | * ) ] ] [ source-v6 ( | * ) [ port ( | * ) ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; + primaries [ port ] [ source ( | * ) ] [ source-v6 ( | * ) ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; zone-statistics ( full | terse | none | ); }; diff --git a/doc/misc/secondary.zoneopt b/doc/misc/secondary.zoneopt index fc4a07be03..cbddd65be8 100644 --- a/doc/misc/secondary.zoneopt +++ b/doc/misc/secondary.zoneopt @@ -5,7 +5,7 @@ zone [ ] { allow-query-on { ; ... }; allow-transfer [ port ] [ transport ] { ; ... }; allow-update-forwarding { ; ... }; - also-notify [ port ] [ source ( | * ) [ port ( | * ) ] ] [ source-v6 ( | * ) [ port ( | * ) ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; + also-notify [ port ] [ source ( | * ) ] [ source-v6 ( | * ) ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; auto-dnssec ( allow | maintain | off ); // deprecated check-names ( fail | warn | ignore ); database ; @@ -39,22 +39,22 @@ zone [ ] { multi-master ; notify ( explicit | master-only | primary-only | ); notify-delay ; - notify-source ( | * ) [ port ( | * ) ]; - notify-source-v6 ( | * ) [ port ( | * ) ]; + notify-source ( | * ) ; + notify-source-v6 ( | * ) ; notify-to-soa ; nsec3-test-zone ; // test only - parental-agents [ port ] [ source ( | * ) [ port ( | * ) ] ] [ source-v6 ( | * ) [ port ( | * ) ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; - parental-source ( | * ) [ port ( | * ) ]; - parental-source-v6 ( | * ) [ port ( | * ) ]; - primaries [ port ] [ source ( | * ) [ port ( | * ) ] ] [ source-v6 ( | * ) [ port ( | * ) ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; + parental-agents [ port ] [ source ( | * ) ] [ source-v6 ( | * ) ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; + parental-source ( | * ) ; + parental-source-v6 ( | * ) ; + primaries [ port ] [ source ( | * ) ] [ source-v6 ( | * ) ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; request-expire ; request-ixfr ; sig-signing-nodes ; sig-signing-signatures ; sig-signing-type ; sig-validity-interval [ ]; - transfer-source ( | * ) [ port ( | * ) ]; - transfer-source-v6 ( | * ) [ port ( | * ) ]; + transfer-source ( | * ) ; + transfer-source-v6 ( | * ) ; try-tcp-refresh ; update-check-ksk ; zero-no-soa-ttl ; diff --git a/doc/misc/stub.zoneopt b/doc/misc/stub.zoneopt index 3fcaff54e1..0c37eefef8 100644 --- a/doc/misc/stub.zoneopt +++ b/doc/misc/stub.zoneopt @@ -19,8 +19,8 @@ zone [ ] { min-refresh-time ; min-retry-time ; multi-master ; - primaries [ port ] [ source ( | * ) [ port ( | * ) ] ] [ source-v6 ( | * ) [ port ( | * ) ] ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; - transfer-source ( | * ) [ port ( | * ) ]; - transfer-source-v6 ( | * ) [ port ( | * ) ]; + primaries [ port ] [ source ( | * ) ] [ source-v6 ( | * ) ] { ( | [ port ] | [ port ] ) [ key ] [ tls ]; ... }; + transfer-source ( | * ) ; + transfer-source-v6 ( | * ) ; zone-statistics ( full | terse | none | ); }; diff --git a/lib/isccfg/include/isccfg/grammar.h b/lib/isccfg/include/isccfg/grammar.h index 83371179d0..3b19a5f4ef 100644 --- a/lib/isccfg/include/isccfg/grammar.h +++ b/lib/isccfg/include/isccfg/grammar.h @@ -265,6 +265,7 @@ struct cfg_parser { #define CFG_ADDR_V4PREFIXOK 0x00000002 #define CFG_ADDR_V6OK 0x00000004 #define CFG_ADDR_WILDOK 0x00000008 +#define CFG_ADDR_PORTOK 0x00000010 #define CFG_ADDR_MASK (CFG_ADDR_V6OK | CFG_ADDR_V4OK) /*@}*/ diff --git a/lib/isccfg/namedconf.c b/lib/isccfg/namedconf.c index 935ecc46e6..898b03a6f5 100644 --- a/lib/isccfg/namedconf.c +++ b/lib/isccfg/namedconf.c @@ -1205,8 +1205,10 @@ static cfg_type_t cfg_type_fstrm_model = { static cfg_clausedef_t options_clauses[] = { { "answer-cookie", &cfg_type_boolean, 0 }, { "automatic-interface-scan", &cfg_type_boolean, 0 }, - { "avoid-v4-udp-ports", &cfg_type_bracketed_portlist, 0 }, - { "avoid-v6-udp-ports", &cfg_type_bracketed_portlist, 0 }, + { "avoid-v4-udp-ports", &cfg_type_bracketed_portlist, + CFG_CLAUSEFLAG_DEPRECATED }, + { "avoid-v6-udp-ports", &cfg_type_bracketed_portlist, + CFG_CLAUSEFLAG_DEPRECATED }, { "bindkeys-file", &cfg_type_qstring, 0 }, { "blackhole", &cfg_type_bracketed_aml, 0 }, { "cookie-algorithm", &cfg_type_cookiealg, 0 }, @@ -1336,8 +1338,10 @@ static cfg_clausedef_t options_clauses[] = { { "udp-send-buffer", &cfg_type_uint32, 0 }, { "use-id-pool", NULL, CFG_CLAUSEFLAG_ANCIENT }, { "use-ixfr", NULL, CFG_CLAUSEFLAG_ANCIENT }, - { "use-v4-udp-ports", &cfg_type_bracketed_portlist, 0 }, - { "use-v6-udp-ports", &cfg_type_bracketed_portlist, 0 }, + { "use-v4-udp-ports", &cfg_type_bracketed_portlist, + CFG_CLAUSEFLAG_DEPRECATED }, + { "use-v6-udp-ports", &cfg_type_bracketed_portlist, + CFG_CLAUSEFLAG_DEPRECATED }, { "version", &cfg_type_qstringornone, 0 }, { NULL, NULL, 0 } }; @@ -3187,6 +3191,12 @@ parse_querysource(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { } else if (strcasecmp(TOKEN_STRING(pctx), "port") == 0) { /* read "port" */ + if ((pctx->flags & CFG_PCTX_NODEPRECATED) == 0) + { + cfg_parser_warning( + pctx, 0, + "token 'port' is deprecated"); + } CHECK(cfg_gettoken(pctx, 0)); CHECK(cfg_parse_rawport(pctx, CFG_ADDR_WILDOK, &port)); @@ -3234,7 +3244,7 @@ static void doc_querysource(cfg_printer_t *pctx, const cfg_type_t *type) { const unsigned int *flagp = type->of; - cfg_print_cstr(pctx, "( ( [ address ] ( "); + cfg_print_cstr(pctx, "[ address ] ( "); if ((*flagp & CFG_ADDR_V4OK) != 0) { cfg_print_cstr(pctx, ""); } else if ((*flagp & CFG_ADDR_V6OK) != 0) { @@ -3242,16 +3252,7 @@ doc_querysource(cfg_printer_t *pctx, const cfg_type_t *type) { } else { UNREACHABLE(); } - cfg_print_cstr(pctx, " | * ) [ port ( | * ) ] ) | " - "( [ [ address ] ( "); - if ((*flagp & CFG_ADDR_V4OK) != 0) { - cfg_print_cstr(pctx, ""); - } else if ((*flagp & CFG_ADDR_V6OK) != 0) { - cfg_print_cstr(pctx, ""); - } else { - UNREACHABLE(); - } - cfg_print_cstr(pctx, " | * ) ] port ( | * ) ) )"); + cfg_print_cstr(pctx, " | * )"); } static unsigned int sockaddr4wild_flags = CFG_ADDR_WILDOK | CFG_ADDR_V4OK; @@ -3277,7 +3278,7 @@ static cfg_type_t cfg_type_querysource = { "querysource", NULL, * which is gratuitously interpreted as the IPv4 wildcard address. */ static unsigned int controls_sockaddr_flags = CFG_ADDR_V4OK | CFG_ADDR_V6OK | - CFG_ADDR_WILDOK; + CFG_ADDR_WILDOK | CFG_ADDR_PORTOK; static cfg_type_t cfg_type_controls_sockaddr = { "controls_sockaddr", cfg_parse_sockaddr, cfg_print_sockaddr, cfg_doc_sockaddr, &cfg_rep_sockaddr, &controls_sockaddr_flags @@ -3530,13 +3531,13 @@ static cfg_type_t cfg_type_logfile = { "log_file", parse_logfile, print_logfile, doc_logfile, &cfg_rep_tuple, logfile_fields }; -/*% An IPv4 address with optional port, "*" accepted as wildcard. */ +/*% An IPv4 address, "*" accepted as wildcard. */ static cfg_type_t cfg_type_sockaddr4wild = { "sockaddr4wild", cfg_parse_sockaddr, cfg_print_sockaddr, cfg_doc_sockaddr, &cfg_rep_sockaddr, &sockaddr4wild_flags }; -/*% An IPv6 address with optional port, "*" accepted as wildcard. */ +/*% An IPv6 address, "*" accepted as wildcard. */ static cfg_type_t cfg_type_sockaddr6wild = { "v6addrportwild", cfg_parse_sockaddr, cfg_print_sockaddr, cfg_doc_sockaddr, &cfg_rep_sockaddr, &sockaddr6wild_flags diff --git a/lib/isccfg/parser.c b/lib/isccfg/parser.c index 967bc38f1a..6fc3e80947 100644 --- a/lib/isccfg/parser.c +++ b/lib/isccfg/parser.c @@ -3218,6 +3218,14 @@ parse_sockaddrsub(cfg_parser_t *pctx, const cfg_type_t *type, int flags, CHECK(cfg_peektoken(pctx, 0)); if (pctx->token.type == isc_tokentype_string) { if (strcasecmp(TOKEN_STRING(pctx), "port") == 0) { + if ((pctx->flags & CFG_PCTX_NODEPRECATED) == + 0 && + (flags & CFG_ADDR_PORTOK) == 0) + { + cfg_parser_warning( + pctx, 0, + "token 'port' is deprecated"); + } CHECK(cfg_gettoken(pctx, 0)); /* read "port" */ CHECK(cfg_parse_rawport(pctx, flags, &port)); ++have_port; @@ -3243,7 +3251,8 @@ cleanup: return (result); } -static unsigned int sockaddr_flags = CFG_ADDR_V4OK | CFG_ADDR_V6OK; +static unsigned int sockaddr_flags = CFG_ADDR_V4OK | CFG_ADDR_V6OK | + CFG_ADDR_PORTOK; cfg_type_t cfg_type_sockaddr = { "sockaddr", cfg_parse_sockaddr, cfg_print_sockaddr, cfg_doc_sockaddr, &cfg_rep_sockaddr, &sockaddr_flags }; @@ -3312,10 +3321,12 @@ cfg_doc_sockaddr(cfg_printer_t *pctx, const cfg_type_t *type) { POST(n); } cfg_print_cstr(pctx, " ) "); - if ((*flagp & CFG_ADDR_WILDOK) != 0) { - cfg_print_cstr(pctx, "[ port ( | * ) ]"); - } else { - cfg_print_cstr(pctx, "[ port ]"); + if ((*flagp & CFG_ADDR_PORTOK) != 0) { + if ((*flagp & CFG_ADDR_WILDOK) != 0) { + cfg_print_cstr(pctx, "[ port ( | * ) ]"); + } else { + cfg_print_cstr(pctx, "[ port ]"); + } } }