ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity

remove the experimental authoritative ECS support from named

Browse Source 
- mark the 'geoip-use-ecs' option obsolete; warn when it is used
  in named.conf
- prohibit 'ecs' ACL tags in named.conf; note that this is a fatal error
  since simply ignoring the tags could make ACLs behave unpredictably
- re-simplify the radix and iptable code
- clean up dns_acl_match(), dns_aclelement_match(), dns_acl_allowed()
  and dns_geoip_match() so they no longer take ecs options
- remove the ECS-specific unit and system test cases
- remove references to ECS from the ARM
This commit is contained in:
Evan Hunt
2018-04-26 20:57:41 -07:00
parent 59d076caed
commit e324449349
40 changed files with 286 additions and 1021 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
bin/tests/system/checkconf/tests.sh
View File

@@ -396,5 +396,13 @@ grep "trusted-key for dlv.isc.org still present" checkconf.out$n > /dev/null ||
if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi
status=`expr $status + $ret`
echo_i "check that 'geoip-use-ecs no' generates a warning ($n)"
ret=0
$CHECKCONF warn-geoip-use-ecs.conf > checkconf.out$n 2>/dev/null || ret=1
[ -s checkconf.out$n ] || ret=1
grep "'geoip-use-ecs' is obsolete" checkconf.out$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi
status=`expr $status + $ret`
echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1