ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity

Fix dns_kasp_attach / dns_kasp_detach usage

Browse Source 
The kasp pointers in dns_zone_t should consistently be changed by
dns_kasp_attach and dns_kasp_detach so the usage is balanced.
This commit is contained in:
Mark Andrews
2023-02-21 12:15:01 +11:00
committed by Matthijs Mekking
parent caafb15e1e
commit b41882cc75
2 changed files with 71 additions and 67 deletions
Download Patch File Download Diff File Expand all files Collapse all files

130
bin/named/zoneconf.c
View File

@@ -927,8 +927,8 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
maps[i] = NULL;
if (vconfig != NULL) {
RETERR(named_config_getclass(cfg_tuple_get(vconfig, "class"),
dns_rdataclass_in, &vclass));
CHECK(named_config_getclass(cfg_tuple_get(vconfig, "class"),
dns_rdataclass_in, &vclass));
} else {
vclass = dns_rdataclass_in;
}
@@ -939,8 +939,8 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
zname = cfg_obj_asstring(cfg_tuple_get(zconfig, "name"));
RETERR(named_config_getclass(cfg_tuple_get(zconfig, "class"), vclass,
&zclass));
CHECK(named_config_getclass(cfg_tuple_get(zconfig, "class"), vclass,
&zclass));
dns_zone_setclass(zone, zclass);
if (raw != NULL) {
dns_zone_setclass(raw, zclass);
@@ -960,7 +960,7 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
cpval = isc_mem_strdup(mctx, cfg_obj_asstring(obj));
}
if (cpval == NULL) {
return (ISC_R_NOMEMORY);
CHECK(ISC_R_NOMEMORY);
}
obj = NULL;
@@ -975,7 +975,7 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
"zone '%s': both 'database' and 'dlz' "
"specified",
zname);
return (ISC_R_FAILURE);
CHECK(ISC_R_FAILURE);
}
len = strlen(dlzname) + 5;
@@ -986,7 +986,7 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
result = strtoargv(mctx, cpval, &dbargc, &dbargv);
if (result != ISC_R_SUCCESS && cpval != default_dbtype) {
isc_mem_free(mctx, cpval);
return (result);
CHECK(result);
}
/*
@@ -1016,7 +1016,7 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
isc_log_write(named_g_lctx, NAMED_LOGCATEGORY_GENERAL,
NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR,
"zone '%s': 'file' not specified", zname);
return (ISC_R_FAILURE);
CHECK(ISC_R_FAILURE);
}
if (ztype == dns_zone_secondary || ztype == dns_zone_mirror) {
@@ -1049,7 +1049,7 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
"can only be used with "
"'masterfile-format text'",
zname);
return (ISC_R_FAILURE);
CHECK(ISC_R_FAILURE);
}
if (strcasecmp(masterstylestr, "full") == 0) {
@@ -1074,47 +1074,45 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
size_t signedlen = strlen(filename) + sizeof(SIGNED);
char *signedname;
RETERR(dns_zone_setfile(raw, filename, masterformat,
masterstyle));
CHECK(dns_zone_setfile(raw, filename, masterformat,
masterstyle));
signedname = isc_mem_get(mctx, signedlen);
(void)snprintf(signedname, signedlen, "%s" SIGNED, filename);
result = dns_zone_setfile(zone, signedname,
dns_masterformat_raw, NULL);
isc_mem_put(mctx, signedname, signedlen);
if (result != ISC_R_SUCCESS) {
return (result);
}
CHECK(result);
} else {
RETERR(dns_zone_setfile(zone, filename, masterformat,
masterstyle));
CHECK(dns_zone_setfile(zone, filename, masterformat,
masterstyle));
}
obj = NULL;
result = cfg_map_get(zoptions, "journal", &obj);
if (result == ISC_R_SUCCESS) {
RETERR(dns_zone_setjournal(mayberaw, cfg_obj_asstring(obj)));
CHECK(dns_zone_setjournal(mayberaw, cfg_obj_asstring(obj)));
}
/*
* Notify messages are processed by the raw zone if it exists.
*/
if (ztype == dns_zone_secondary || ztype == dns_zone_mirror) {
RETERR(configure_zone_acl(
zconfig, vconfig, config, allow_notify, ac, mayberaw,
dns_zone_setnotifyacl, dns_zone_clearnotifyacl));
CHECK(configure_zone_acl(zconfig, vconfig, config, allow_notify,
ac, mayberaw, dns_zone_setnotifyacl,
dns_zone_clearnotifyacl));
}
/*
* XXXAG This probably does not make sense for stubs.
*/
RETERR(configure_zone_acl(zconfig, vconfig, config, allow_query, ac,
zone, dns_zone_setqueryacl,
dns_zone_clearqueryacl));
CHECK(configure_zone_acl(zconfig, vconfig, config, allow_query, ac,
zone, dns_zone_setqueryacl,
dns_zone_clearqueryacl));
RETERR(configure_zone_acl(zconfig, vconfig, config, allow_query_on, ac,
zone, dns_zone_setqueryonacl,
dns_zone_clearqueryonacl));
CHECK(configure_zone_acl(zconfig, vconfig, config, allow_query_on, ac,
zone, dns_zone_setqueryonacl,
dns_zone_clearqueryonacl));
obj = NULL;
result = named_config_get(maps, "dialup", &obj);
@@ -1171,10 +1169,10 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
rcvquerystats = NULL;
dnssecsignstats = NULL;
if (statlevel == dns_zonestat_full) {
RETERR(isc_stats_create(mctx, &zoneqrystats,
ns_statscounter_max));
RETERR(dns_rdatatypestats_create(mctx, &rcvquerystats));
RETERR(dns_dnssecsignstats_create(mctx, &dnssecsignstats));
CHECK(isc_stats_create(mctx, &zoneqrystats,
ns_statscounter_max));
CHECK(dns_rdatatypestats_create(mctx, &rcvquerystats));
CHECK(dns_dnssecsignstats_create(mctx, &dnssecsignstats));
}
dns_zone_setrequeststats(zone, zoneqrystats);
dns_zone_setrcvquerystats(zone, rcvquerystats);
@@ -1213,7 +1211,7 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
ISC_LOG_ERROR,
"dnssec-policy '%s' not found ",
kaspname);
RETERR(result);
CHECK(result);
}
dns_zone_setkasp(zone, kasp);
use_kasp = true;
@@ -1262,8 +1260,8 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
dns_ipkeylist_t ipkl;
dns_ipkeylist_init(&ipkl);
RETERR(named_config_getipandkeylist(config, "primaries",
obj, mctx, &ipkl));
CHECK(named_config_getipandkeylist(config, "primaries",
obj, mctx, &ipkl));
dns_zone_setalsonotify(zone, ipkl.addrs, ipkl.sources,
ipkl.keys, ipkl.tlss,
ipkl.count);
@@ -1275,22 +1273,22 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
obj = NULL;
result = named_config_get(maps, "parental-source", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
RETERR(dns_zone_setparentalsrc4(zone, cfg_obj_assockaddr(obj)));
CHECK(dns_zone_setparentalsrc4(zone, cfg_obj_assockaddr(obj)));
obj = NULL;
result = named_config_get(maps, "parental-source-v6", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
RETERR(dns_zone_setparentalsrc6(zone, cfg_obj_assockaddr(obj)));
CHECK(dns_zone_setparentalsrc6(zone, cfg_obj_assockaddr(obj)));
obj = NULL;
result = named_config_get(maps, "notify-source", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
RETERR(dns_zone_setnotifysrc4(zone, cfg_obj_assockaddr(obj)));
CHECK(dns_zone_setnotifysrc4(zone, cfg_obj_assockaddr(obj)));
obj = NULL;
result = named_config_get(maps, "notify-source-v6", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
RETERR(dns_zone_setnotifysrc6(zone, cfg_obj_assockaddr(obj)));
CHECK(dns_zone_setnotifysrc6(zone, cfg_obj_assockaddr(obj)));
obj = NULL;
result = named_config_get(maps, "notify-to-soa", &obj);
@@ -1300,7 +1298,7 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
dns_zone_setisself(zone, isself, named_g_server->interfacemgr);
RETERR(configure_zone_acl(
CHECK(configure_zone_acl(
zconfig, vconfig, config, allow_transfer, ac, zone,
dns_zone_setxfracl, dns_zone_clearxfracl));
@@ -1337,7 +1335,7 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
"%" PRId64 "' "
"is too large",
value);
RETERR(ISC_R_RANGE);
CHECK(ISC_R_RANGE);
}
journal_size = (uint32_t)value;
}
@@ -1482,7 +1480,7 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
"%" PRId64 "' "
"is too large",
value);
RETERR(ISC_R_RANGE);
CHECK(ISC_R_RANGE);
}
journal_size = (uint32_t)value;
}
@@ -1512,9 +1510,9 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
if (ztype == dns_zone_primary) {
dns_acl_t *updateacl;
RETERR(configure_zone_acl(
zconfig, vconfig, config, allow_update, ac, mayberaw,
dns_zone_setupdateacl, dns_zone_clearupdateacl));
CHECK(configure_zone_acl(zconfig, vconfig, config, allow_update,
ac, mayberaw, dns_zone_setupdateacl,
dns_zone_clearupdateacl));
updateacl = dns_zone_getupdateacl(mayberaw);
if (updateacl != NULL && dns_acl_isinsecure(updateacl)) {
@@ -1525,7 +1523,7 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
zname);
}
RETERR(configure_zone_ssutable(zoptions, mayberaw, zname));
CHECK(configure_zone_ssutable(zoptions, mayberaw, zname));
}
/*
@@ -1602,7 +1600,7 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
result = named_config_get(maps, "key-directory", &obj);
if (result == ISC_R_SUCCESS) {
filename = cfg_obj_asstring(obj);
RETERR(dns_zone_setkeydirectory(zone, filename));
CHECK(dns_zone_setkeydirectory(zone, filename));
}
obj = NULL;
@@ -1644,8 +1642,8 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
result = named_config_get(maps, "dnssec-loadkeys-interval",
&obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
RETERR(dns_zone_setrefreshkeyinterval(zone,
cfg_obj_asuint32(obj)));
CHECK(dns_zone_setrefreshkeyinterval(zone,
cfg_obj_asuint32(obj)));
obj = NULL;
result = cfg_map_get(zoptions, "auto-dnssec", &obj);
@@ -1673,10 +1671,10 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
}
if (ztype == dns_zone_secondary || ztype == dns_zone_mirror) {
RETERR(configure_zone_acl(zconfig, vconfig, config,
allow_update_forwarding, ac, mayberaw,
dns_zone_setforwardacl,
dns_zone_clearforwardacl));
CHECK(configure_zone_acl(zconfig, vconfig, config,
allow_update_forwarding, ac, mayberaw,
dns_zone_setforwardacl,
dns_zone_clearforwardacl));
}
/*%
@@ -1688,7 +1686,7 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
if (obj != NULL) {
dns_ipkeylist_t ipkl;
dns_ipkeylist_init(&ipkl);
RETERR(named_config_getipandkeylist(
CHECK(named_config_getipandkeylist(
config, "parental-agents", obj, mctx, &ipkl));
dns_zone_setparentals(zone, ipkl.addrs, ipkl.sources,
ipkl.keys, ipkl.tlss, ipkl.count);
@@ -1825,7 +1823,7 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
(void)cfg_map_get(zoptions, "allow-transfer", &obj);
if (obj == NULL) {
dns_acl_t *none;
RETERR(dns_acl_none(mctx, &none));
CHECK(dns_acl_none(mctx, &none));
dns_zone_setxfracl(zone, none);
dns_acl_detach(&none);
}
@@ -1850,14 +1848,14 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
result = named_config_getremotesdef(
named_g_config, "primaries",
DEFAULT_IANA_ROOT_ZONE_PRIMARIES, &obj);
RETERR(result);
CHECK(result);
}
if (obj != NULL) {
dns_ipkeylist_t ipkl;
dns_ipkeylist_init(&ipkl);
RETERR(named_config_getipandkeylist(config, "primaries",
obj, mctx, &ipkl));
CHECK(named_config_getipandkeylist(config, "primaries",
obj, mctx, &ipkl));
dns_zone_setprimaries(mayberaw, ipkl.addrs,
ipkl.sources, ipkl.keys,
ipkl.tlss, ipkl.count);
@@ -1910,14 +1908,14 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
obj = NULL;
result = named_config_get(maps, "transfer-source", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
RETERR(dns_zone_setxfrsource4(mayberaw,
cfg_obj_assockaddr(obj)));
CHECK(dns_zone_setxfrsource4(mayberaw,
cfg_obj_assockaddr(obj)));
obj = NULL;
result = named_config_get(maps, "transfer-source-v6", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
RETERR(dns_zone_setxfrsource6(mayberaw,
cfg_obj_assockaddr(obj)));
CHECK(dns_zone_setxfrsource6(mayberaw,
cfg_obj_assockaddr(obj)));
obj = NULL;
(void)named_config_get(maps, "try-tcp-refresh", &obj);
@@ -1926,15 +1924,21 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
break;
case dns_zone_staticstub:
RETERR(configure_staticstub(zoptions, zone, zname,
default_dbtype));
CHECK(configure_staticstub(zoptions, zone, zname,
default_dbtype));
break;
default:
break;
}
return (ISC_R_SUCCESS);
result = ISC_R_SUCCESS;
cleanup:
if (kasp != NULL) {
dns_kasp_detach(&kasp);
}
return (result);
}
/*