This commit was manufactured by cvs2git to create tag 'v9_0_0b4'.

bin/named/aclconf.c

@@ -1,197 +0,0 @@
-/*
- * Copyright (C) 1999, 2000  Internet Software Consortium.
- * 
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- * 
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
- * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
- * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
- * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
- * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
- * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
- * SOFTWARE.
- */
-
-#include <config.h>
-
-#include <isc/string.h>		/* Required for HP/UX (and others?) */
-#include <isc/util.h>
-
-#include <dns/acl.h>
-#include <dns/aclconf.h>
-#include <dns/fixedname.h>
-#include <dns/log.h>
-
-void
-dns_aclconfctx_init(dns_aclconfctx_t *ctx) {
-	ISC_LIST_INIT(ctx->named_acl_cache);
-}
-
-void
-dns_aclconfctx_destroy(dns_aclconfctx_t *ctx) {
-     	dns_acl_t *dacl, *next;	
-	for (dacl = ISC_LIST_HEAD(ctx->named_acl_cache);
-	     dacl != NULL;
-	     dacl = next)
-	{
-		next = ISC_LIST_NEXT(dacl, nextincache);
-		dacl->name = NULL;
-		dns_acl_detach(&dacl);
-	}
-}
-
-static isc_result_t
-convert_named_acl(char *aclname, dns_c_ctx_t *cctx,
-		  dns_aclconfctx_t *ctx, isc_mem_t *mctx,
-		  dns_acl_t **target)
-{
-	isc_result_t result;
-	dns_c_acl_t *cacl;
-	dns_acl_t *dacl;
-
-	/* Look for an already-converted version. */
-	for (dacl = ISC_LIST_HEAD(ctx->named_acl_cache);
-	     dacl != NULL;
-	     dacl = ISC_LIST_NEXT(dacl, nextincache))
-	{
-		if (strcmp(aclname, dacl->name) == 0) {
-			dns_acl_attach(dacl, target);
-			return ISC_R_SUCCESS;
-		}
-	}
-	/* Not yet converted.  Convert now. */
-	result = dns_c_acltable_getacl(cctx->acls, aclname, &cacl);
-	if (result != ISC_R_SUCCESS) {
-		isc_log_write(dns_lctx, DNS_LOGCATEGORY_SECURITY,
-			      DNS_LOGMODULE_ACL, ISC_LOG_WARNING,
-			      "undefined ACL '%s'", aclname);
-		return (result);
-	}
-	result = dns_acl_fromconfig(cacl->ipml, cctx, ctx, mctx, &dacl);
-	if (result != ISC_R_SUCCESS)
-		return (result);
-	dacl->name = aclname;
-	ISC_LIST_APPEND(ctx->named_acl_cache, dacl, nextincache);
-	dns_acl_attach(dacl, target);
-	return (ISC_R_SUCCESS);
-}
-
-static isc_result_t
-convert_keyname(char *txtname, isc_mem_t *mctx, dns_name_t *dnsname) {
-	isc_result_t result;
-	isc_buffer_t buf;
-	dns_fixedname_t fixname;
-	unsigned int keylen;
-
-	keylen = strlen(txtname);
-	isc_buffer_init(&buf, txtname, keylen);
-	isc_buffer_add(&buf, keylen);
-	dns_fixedname_init(&fixname);
-	result = dns_name_fromtext(dns_fixedname_name(&fixname), &buf,
-				   dns_rootname, ISC_FALSE, NULL);
-	if (result != ISC_R_SUCCESS) {
-		isc_log_write(dns_lctx, DNS_LOGCATEGORY_SECURITY,
-			      DNS_LOGMODULE_ACL, ISC_LOG_WARNING,
-			      "key name \"%s\" is not a valid domain name",
-			      txtname);
-		return (result);
-	}
-	return (dns_name_dup(dns_fixedname_name(&fixname), mctx, dnsname));
-}
-	       
-isc_result_t
-dns_acl_fromconfig(dns_c_ipmatchlist_t *caml,
-		   dns_c_ctx_t *cctx,
-		   dns_aclconfctx_t *ctx,
-		   isc_mem_t *mctx,
-		   dns_acl_t **target)
-{
-	isc_result_t result;
-	unsigned int count;
-	dns_acl_t *dacl = NULL;
-	dns_aclelement_t *de;
-	dns_c_ipmatchelement_t *ce;
-
-	REQUIRE(target != NULL && *target == NULL);
-	
-	count = 0;
-	for (ce = ISC_LIST_HEAD(caml->elements);
-	     ce != NULL;
-	     ce = ISC_LIST_NEXT(ce, next))
-		count++;
-
-	result = dns_acl_create(mctx, count, &dacl);
-	if (result != ISC_R_SUCCESS)
-		return (result);
-	
-	de = dacl->elements;
-	for (ce = ISC_LIST_HEAD(caml->elements);
-	     ce != NULL;
-	     ce = ISC_LIST_NEXT(ce, next))
-	{
-		de->negative = dns_c_ipmatchelement_isneg(ce);
-		switch (ce->type) {
-		case dns_c_ipmatch_pattern:
-			de->type = dns_aclelementtype_ipprefix;
-			isc_netaddr_fromsockaddr(&de->u.ip_prefix.address,
-						 &ce->u.direct.address);
-			/* XXX "mask" is a misnomer */
-			de->u.ip_prefix.prefixlen = ce->u.direct.mask;
-			break;
-		case dns_c_ipmatch_key:
-			de->type = dns_aclelementtype_keyname;
-			dns_name_init(&de->u.keyname, NULL);
-			result = convert_keyname(ce->u.key, mctx,
-						 &de->u.keyname);
-			if (result != ISC_R_SUCCESS)
-				goto cleanup;
-			break;
-		case dns_c_ipmatch_indirect:
-			de->type = dns_aclelementtype_nestedacl;
-			result = dns_acl_fromconfig(ce->u.indirect.list,
-						    cctx, ctx, mctx,
-						    &de->u.nestedacl);
-			if (result != ISC_R_SUCCESS)
-				goto cleanup;
-			break;
-		case dns_c_ipmatch_localhost:
-			de->type = dns_aclelementtype_localhost;
-			break;
-
-		case dns_c_ipmatch_any:
-			de->type = dns_aclelementtype_any;
-			break;
-
-		case dns_c_ipmatch_localnets:
-			de->type = dns_aclelementtype_localnets;
-			break;
-		case dns_c_ipmatch_acl:
-			de->type = dns_aclelementtype_nestedacl;
-			result = convert_named_acl(ce->u.aclname,
-						   cctx, ctx, mctx,
-						   &de->u.nestedacl);
-			if (result != ISC_R_SUCCESS)
-				goto cleanup;
-			break;
-		default:
-			isc_log_write(dns_lctx, DNS_LOGCATEGORY_SECURITY,
-				      DNS_LOGMODULE_ACL, ISC_LOG_WARNING,
-				      "address match list contains "
-				      "unsupported element type");
-			result = ISC_R_FAILURE;
-			goto cleanup;
-		}
-		de++;
-		dacl->length++;
-	}
-
-	*target = dacl;
-	return (ISC_R_SUCCESS);
-	
- cleanup:
-	dns_acl_detach(&dacl);
-	return (result);
-}

bin/named/include/named/aclconf.h

@@ -1,69 +0,0 @@
-/*
- * Copyright (C) 1999, 2000  Internet Software Consortium.
- * 
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- * 
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
- * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
- * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
- * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
- * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
- * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
- * SOFTWARE.
- */
-
-#ifndef DNS_ACLCONF_H
-#define DNS_ACLCONF_H 1
-
-#include <isc/lang.h>
-
-#include <dns/confctx.h>
-#include <dns/types.h>
-
-typedef struct dns_aclconfctx {
-	ISC_LIST(dns_acl_t) named_acl_cache;
-} dns_aclconfctx_t;
-
-/***
- *** Functions
- ***/
-
-ISC_LANG_BEGINDECLS
-
-void
-dns_aclconfctx_init(dns_aclconfctx_t *ctx);
-/*
- * Initialize an ACL configuration context.
- */
-
-void
-dns_aclconfctx_destroy(dns_aclconfctx_t *ctx);
-/*
- * Destroy an ACL configuration context.
- */
-
-isc_result_t
-dns_acl_fromconfig(dns_c_ipmatchlist_t *caml,
-		   dns_c_ctx_t *cctx,
-		   dns_aclconfctx_t *ctx,
-		   isc_mem_t *mctx,
-		   dns_acl_t **target);
-/*
- * Construct a new dns_acl_t from configuration data in 'caml' and
- * 'cctx'.  Memory is allocated through 'mctx'.
- *
- * Any named ACLs referred to within 'caml' will be be converted
- * inte nested dns_acl_t objects.  Multiple references to the same
- * named ACLs will be converted into shared references to a single
- * nested dns_acl_t object when the referring objects were created
- * passing the same ACL configuration context 'ctx'.
- *
- * On success, attach '*target' to the new dns_acl_t object.
- */
-
-ISC_LANG_ENDDECLS
-
-#endif /* DNS_ACLCONF_H */

bin/named/include/named/tkeyconf.h

@@ -1,49 +0,0 @@
-/*
- * Copyright (C) 1999, 2000  Internet Software Consortium.
- * 
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- * 
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
- * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
- * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
- * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
- * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
- * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
- * SOFTWARE.
- */
-
-#ifndef DNS_TKEYCONF_H
-#define DNS_TKEYCONF_H 1
-
-#include <isc/types.h>
-#include <isc/lang.h>
-
-#include <dns/confctx.h>
-
-ISC_LANG_BEGINDECLS
-
-isc_result_t
-dns_tkeyctx_fromconfig(dns_c_ctx_t *cfg, isc_mem_t *mctx, isc_entropy_t *ectx,
-		       dns_tkeyctx_t **tctxp);
-/*
- * 	Create a TKEY context and configure it, including the default DH key
- *	and default domain, according to 'cfg'.
- *
- *	Requires:
- *		'cfg' is a valid configuration context.
- *		'mctx' is not NULL
- *		'ectx' is not NULL
- *		'tctx' is not NULL
- *		'*tctx' is NULL
- *
- *	Returns:
- *		ISC_R_SUCCESS
- *		ISC_R_NOMEMORY
- */
- 
-ISC_LANG_ENDDECLS
-
-#endif /* DNS_TKEYCONF_H */

bin/named/include/named/tsigconf.h

@@ -1,47 +0,0 @@
-/*
- * Copyright (C) 1999, 2000  Internet Software Consortium.
- * 
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- * 
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
- * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
- * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
- * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
- * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
- * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
- * SOFTWARE.
- */
-
-#ifndef DNS_TSIGCONF_H
-#define DNS_TSIGCONF_H 1
-
-#include <isc/types.h>
-#include <isc/lang.h>
-
-#include <dns/confctx.h>
-
-ISC_LANG_BEGINDECLS
-
-isc_result_t
-dns_tsigkeyring_fromconfig(dns_c_view_t *confview, dns_c_ctx_t *confctx,
-			   isc_mem_t *mctx, dns_tsig_keyring_t **ringp);
-/*
- * Create a TSIG key ring and configure it according to the 'key'
- * statements in 'confview' and 'confctx'.
- *
- *	Requires:
- *		'confctx' is a valid configuration context.
- *		'mctx' is not NULL
- *		'ring' is not NULL, and '*ring' is NULL
- *
- *	Returns:
- *		ISC_R_SUCCESS
- *		ISC_R_NOMEMORY
- */
- 
-ISC_LANG_ENDDECLS
-
-#endif /* DNS_TSIGCONF_H */

bin/named/include/named/zoneconf.h

@@ -1,63 +0,0 @@
-/*
- * Copyright (C) 1999, 2000  Internet Software Consortium.
- * 
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- * 
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
- * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
- * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
- * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
- * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
- * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
- * SOFTWARE.
- */
-
-#ifndef DNS_ZONECONF_H
-#define DNS_ZONECONF_H 1
-
-#include <isc/lang.h>
-#include <isc/types.h>
-
-#include <dns/aclconf.h>
-
-ISC_LANG_BEGINDECLS
-
-isc_result_t
-dns_zone_configure(dns_c_ctx_t *cctx, dns_c_view_t *cview, dns_c_zone_t *czone,
-		   dns_aclconfctx_t *ac, dns_zone_t *zone);
-/*
- * Configure or reconfigure a zone according to the named.conf
- * data in 'cctx' and 'czone'.
- *
- * The zone origin is not configured, it is assumed to have been set
- * at zone creation time.
- *
- * Require:
- *	'lctx' to be initalised or NULL.
- *	'cctx' to be initalised or NULL.
- *	'ac' to point to an initialized ns_aclconfctx_t.
- *	'czone' to be initalised.
- *	'zone' to be initalised.
- */
-
-isc_boolean_t
-dns_zone_reusable(dns_zone_t *zone, dns_c_zone_t *czone);
-/*
- * If 'zone' can be safely reconfigured according to the configuration
- * data in 'czone', return ISC_TRUE.  If the configuration data is so
- * different from the current zone state that the zone needs to be destroyed
- * and recreated, return ISC_FALSE.
- */
-
-isc_result_t
-dns_zonemgr_configure(dns_c_ctx_t *cctx, dns_zonemgr_t *zonemgr);
-/*
- * Configure the zone manager according to the named.conf data
- * in 'cctx'.
- */
-ISC_LANG_ENDDECLS
-
-#endif /* DNS_ZONECONF_H */

bin/named/tkeyconf.c

@@ -1,95 +0,0 @@
-/*
- * Copyright (C) 1999, 2000  Internet Software Consortium.
- * 
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- * 
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
- * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
- * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
- * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
- * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
- * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
- * SOFTWARE.
- */
-
-#include <config.h>
-
-#include <isc/buffer.h>
-#include <isc/string.h>		/* Required for HP/UX (and others?) */
-#include <isc/mem.h>
-
-#include <dns/keyvalues.h>
-#include <dns/name.h>
-#include <dns/tkey.h>
-#include <dns/tkeyconf.h>
-
-#define RETERR(x) do { \
-	result = (x); \
-	if (result != ISC_R_SUCCESS) \
-		goto failure; \
-	} while (0)
-
-
-isc_result_t
-dns_tkeyctx_fromconfig(dns_c_ctx_t *cfg, isc_mem_t *mctx, isc_entropy_t *ectx,
-		       dns_tkeyctx_t **tctxp)
-{
-	isc_result_t result;
-	dns_tkeyctx_t *tctx = NULL;
-	char *s;
-	isc_uint32_t n;
-	isc_buffer_t b, namebuf;
-	unsigned char data[1024];
-	dns_name_t domain, keyname;
-
-	result = dns_tkeyctx_create(mctx, ectx, &tctx);
-	if (result != ISC_R_SUCCESS)
-		return (result);
-
-	s = NULL;
-	result = dns_c_ctx_gettkeydhkey(cfg, &s, &n);
-	if (result == ISC_R_NOTFOUND) {
-		*tctxp = tctx;
-		return (ISC_R_SUCCESS);
-	}
-	isc_buffer_init(&namebuf, data, sizeof(data));
-	dns_name_init(&keyname, NULL);
-	isc_buffer_init(&b, s, strlen(s));
-	isc_buffer_add(&b, strlen(s));
-	dns_name_fromtext(&keyname, &b, dns_rootname, ISC_FALSE, &namebuf);
-	RETERR(dst_key_fromfile(&keyname, n, DNS_KEYALG_DH,
-				DST_TYPE_PUBLIC|DST_TYPE_PRIVATE,
-				NULL, mctx, &tctx->dhkey));
-	s = NULL;
-	RETERR(dns_c_ctx_gettkeydomain(cfg, &s));
-	dns_name_init(&domain, NULL);
-	tctx->domain = (dns_name_t *) isc_mem_get(mctx, sizeof(dns_name_t));
-	if (tctx->domain == NULL) {
-		result = ISC_R_NOMEMORY;
-		goto failure;
-	}
-	dns_name_init(tctx->domain, NULL);
-	isc_buffer_init(&b, s, strlen(s));
-	isc_buffer_add(&b, strlen(s));
-	RETERR(dns_name_fromtext(&domain, &b, dns_rootname, ISC_FALSE,
-				 &namebuf));
-	RETERR(dns_name_dup(&domain, mctx, tctx->domain));
-
-	*tctxp = tctx;
-	return (ISC_R_SUCCESS);
-
- failure:
-	if (tctx->dhkey != NULL)
-		dst_key_free(&tctx->dhkey);
-	if (tctx->domain != NULL) {
-		dns_name_free(tctx->domain, mctx);
-		isc_mem_put(mctx, tctx->domain, sizeof(dns_name_t));
-		tctx->domain = NULL;
-	}
-	dns_tkeyctx_destroy(&tctx);
-	return (result);
-}
-

bin/named/tsigconf.c

@@ -1,164 +0,0 @@
-/*
- * Copyright (C) 1999, 2000  Internet Software Consortium.
- * 
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- * 
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
- * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
- * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
- * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
- * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
- * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
- * SOFTWARE.
- */
-
-#include <config.h>
-
-#include <isc/base64.h>
-#include <isc/buffer.h>
-#include <isc/lex.h>
-#include <isc/mem.h>
-#include <isc/string.h>
-
-#include <dns/tsig.h>
-#include <dns/tsigconf.h>
-
-static isc_result_t
-add_initial_keys(dns_c_kdeflist_t *list, dns_tsig_keyring_t *ring,
-		 isc_mem_t *mctx)
-{
-	isc_lex_t *lex = NULL;
-	dns_c_kdef_t *key;
-	unsigned char *secret = NULL;
-	int secretalloc = 0;
-	int secretlen = 0;
-	isc_result_t ret;
-	isc_stdtime_t now;
-
-	key = ISC_LIST_HEAD(list->keydefs);
-	while (key != NULL) {
-		dns_name_t keyname;
-		dns_name_t alg;
-		char keynamedata[1024], algdata[1024];
-		isc_buffer_t keynamesrc, keynamebuf, algsrc, algbuf;
-		isc_buffer_t secretsrc, secretbuf;
-
-		dns_name_init(&keyname, NULL);
-		dns_name_init(&alg, NULL);
-
-		/*
-		 * Create the key name.
-		 */
-		isc_buffer_init(&keynamesrc, key->keyid, strlen(key->keyid));
-		isc_buffer_add(&keynamesrc, strlen(key->keyid));
-		isc_buffer_init(&keynamebuf, keynamedata, sizeof(keynamedata));
-		ret = dns_name_fromtext(&keyname, &keynamesrc, dns_rootname,
-					ISC_TRUE, &keynamebuf);
-		if (ret != ISC_R_SUCCESS)
-			goto failure;
-
-		/*
-		 * Create the algorithm.
-		 */
-		if (strcasecmp(key->algorithm, "hmac-md5") == 0)
-			alg = *dns_tsig_hmacmd5_name;
-		else {
-			isc_buffer_init(&algsrc, key->algorithm,
-					strlen(key->algorithm));
-			isc_buffer_add(&algsrc, strlen(key->algorithm));
-			isc_buffer_init(&algbuf, algdata, sizeof(algdata));
-			ret = dns_name_fromtext(&alg, &algsrc, dns_rootname,
-						ISC_TRUE, &algbuf);
-			if (ret != ISC_R_SUCCESS)
-				goto failure;
-		}
-
-		if (strlen(key->secret) % 4 != 0) {
-			ret = ISC_R_BADBASE64;
-			goto failure;
-		}
-		secretalloc = secretlen = strlen(key->secret) * 3 / 4;
-		secret = isc_mem_get(mctx, secretlen);
-		if (secret == NULL) {
-			ret = ISC_R_NOMEMORY;
-			goto failure;
-		}
-		isc_buffer_init(&secretsrc, key->secret, strlen(key->secret));
-		isc_buffer_add(&secretsrc, strlen(key->secret));
-		isc_buffer_init(&secretbuf, secret, secretlen);
-		ret = isc_lex_create(mctx, strlen(key->secret), &lex);
-		if (ret != ISC_R_SUCCESS)
-			goto failure;
-		ret = isc_lex_openbuffer(lex, &secretsrc);
-		if (ret != ISC_R_SUCCESS)
-			goto failure;
-		ret = isc_base64_tobuffer(lex, &secretbuf, -1);
-		if (ret != ISC_R_SUCCESS)
-			goto failure;
-		secretlen = isc_buffer_usedlength(&secretbuf);
-		isc_lex_close(lex);
-		isc_lex_destroy(&lex);
-
-		isc_stdtime_get(&now);
-		ret = dns_tsigkey_create(&keyname, &alg, secret, secretlen,
-					 ISC_FALSE, NULL, now, now,
-					 mctx, ring, NULL);
-		isc_mem_put(mctx, secret, secretalloc);
-		secret = NULL;
-		if (ret != ISC_R_SUCCESS)
-			goto failure;
-		key = ISC_LIST_NEXT(key, next);
-	}
-	return (ISC_R_SUCCESS);
-
- failure:
-	if (lex != NULL)
-		isc_lex_destroy(&lex);
-	if (secret != NULL)
-		isc_mem_put(mctx, secret, secretlen);
-	return (ret);
-
-}
-
-isc_result_t
-dns_tsigkeyring_fromconfig(dns_c_view_t *confview, dns_c_ctx_t *confctx,
-			   isc_mem_t *mctx, dns_tsig_keyring_t **ringp)
-{
-	dns_c_kdeflist_t *keylist;
-	dns_tsig_keyring_t *ring = NULL;
-	isc_result_t result;
-
-	result = dns_tsigkeyring_create(mctx, &ring);
-	if (result != ISC_R_SUCCESS)
-		return (result);
-
-	keylist = NULL;
-	result = dns_c_ctx_getkdeflist(confctx, &keylist);
-	if (result == ISC_R_SUCCESS)
-		result = add_initial_keys(keylist, ring, mctx);
-	else if (result == ISC_R_NOTFOUND)
-		result = ISC_R_SUCCESS;
-	if (result != ISC_R_SUCCESS)
-		goto failure;
-
-	if (confview != NULL) {
-		keylist = NULL;	
-		result = dns_c_view_getkeydefs(confview, &keylist);
-		if (result == ISC_R_SUCCESS)
-			result = add_initial_keys(keylist, ring, mctx);
-		else if (result == ISC_R_NOTFOUND)
-			result = ISC_R_SUCCESS;
-		if (result != ISC_R_SUCCESS)
-			goto failure;
-	}
-
-	*ringp = ring;
-	return (ISC_R_SUCCESS);
-
- failure:
-	dns_tsigkeyring_destroy(&ring);
-	return (result);
-}

bin/named/zoneconf.c

@@ -1,354 +0,0 @@
-/*
- * Copyright (C) 1999, 2000  Internet Software Consortium.
- * 
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- * 
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
- * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
- * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
- * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
- * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
- * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
- * SOFTWARE.
- */
-
-#include <config.h>
-
-#include <isc/string.h>		/* Required for HP/UX (and others?) */
-#include <isc/util.h>
-
-#include <dns/acl.h>
-#include <dns/zone.h>
-#include <dns/zoneconf.h>
-#include <dns/ssu.h>
-
-/*
- * These are BIND9 server defaults, not necessarily identical to the
- * library defaults defined in zone.c.
- */
-#define MAX_XFER_TIME (2*3600)	/* Documented default is 2 hours. */
-#define DNS_DEFAULT_IDLEIN 3600		/* 1 hour */
-#define DNS_DEFAULT_IDLEOUT 3600	/* 1 hour */
-
-#define RETERR(x) do { \
-	isc_result_t _r = (x); \
-	if (_r != ISC_R_SUCCESS) \
-		return (_r); \
-	} while (0)
-
-/*
- * Convenience function for configuring a single zone ACL.
- */
-static isc_result_t
-configure_zone_acl(dns_c_zone_t *czone, dns_c_ctx_t *cctx, dns_c_view_t *cview,
-		   dns_aclconfctx_t *aclconfctx, dns_zone_t *zone,
-		   isc_result_t (*getcacl)(dns_c_zone_t *,
-					   dns_c_ipmatchlist_t **),
-		   isc_result_t (*getviewcacl)(dns_c_view_t *
-					       , dns_c_ipmatchlist_t **),
-		   isc_result_t (*getglobalcacl)(dns_c_ctx_t *,
-						 dns_c_ipmatchlist_t **),
-		   void (*setzacl)(dns_zone_t *, dns_acl_t *),
-		   void (*clearzacl)(dns_zone_t *))
-{
-	isc_result_t result;
-	dns_c_ipmatchlist_t *cacl;
-	dns_acl_t *dacl = NULL;
-	result = (*getcacl)(czone, &cacl);
-	if (result == ISC_R_NOTFOUND && getviewcacl != NULL && cview != NULL) {
-		result = (*getviewcacl)(cview, &cacl);
-	}
-	if (result == ISC_R_NOTFOUND && getglobalcacl != NULL) {
-		result = (*getglobalcacl)(cctx, &cacl);
-	}
-	if (result == ISC_R_SUCCESS) {
-		result = dns_acl_fromconfig(cacl, cctx, aclconfctx,
-					   dns_zone_getmctx(zone), &dacl);
-		dns_c_ipmatchlist_detach(&cacl);
-		if (result != ISC_R_SUCCESS)
-			return (result);
-		(*setzacl)(zone, dacl);
-		dns_acl_detach(&dacl);
-		return (ISC_R_SUCCESS);
-	} else if (result == ISC_R_NOTFOUND) {
-		(*clearzacl)(zone);
-		return (ISC_R_SUCCESS);
-	} else {
-		return (result);
-	}
-}
-
-/*
- * Conver a config file zone type into a server zone type.
- */
-static dns_zonetype_t
-dns_zonetype_fromconf(dns_c_zonetype_t cztype) {
-	switch (cztype) {
-	case dns_c_zone_master:
-		return dns_zone_master;
-	case dns_c_zone_slave:
-		return dns_zone_slave;
-	case dns_c_zone_stub:
-		return dns_zone_stub;
-	default:
-		/*
-		 * Hint and forward zones are not really zones;
-		 * they should never get this far.
-		 */
-		INSIST(0);
-		return (dns_zone_none); /*NOTREACHED*/
-	}
-}
-
-isc_result_t
-dns_zone_configure(dns_c_ctx_t *cctx, dns_c_view_t *cview, 
-		   dns_c_zone_t *czone, dns_aclconfctx_t *ac, 
-		   dns_zone_t *zone)
-{
-	isc_result_t result;
-	isc_boolean_t boolean;
-	const char *filename = NULL;
-#ifdef notyet
-	dns_c_severity_t severity;
-#endif
-	dns_c_iplist_t *iplist;
-	isc_sockaddr_t sockaddr;
-	isc_uint32_t uintval;
-	isc_sockaddr_t sockaddr_any4, sockaddr_any6;
-	dns_ssutable_t *ssutable = NULL;
-
-	isc_sockaddr_any(&sockaddr_any4);	
-	isc_sockaddr_any6(&sockaddr_any6);
-	
-	/*
-	 * Configure values common to all zone types.
-	 */
-
-	dns_zone_setclass(zone, czone->zclass);
-
-	dns_zone_settype(zone, dns_zonetype_fromconf(czone->ztype));
-
-	/* XXX needs to be an zone option */
-	RETERR(dns_zone_setdbtype(zone, "rbt"));
-
-	result = dns_c_zone_getfile(czone, &filename);
-	if (result == ISC_R_SUCCESS)
-		RETERR(dns_zone_setdatabase(zone, filename));
-	else if (czone->ztype != dns_c_zone_slave &&
-		 czone->ztype != dns_c_zone_stub)
-		return (result);
-
-#ifdef notyet
-	result = dns_c_zone_getchecknames(czone, &severity);
-	if (result == ISC_R_SUCCESS)
-		dns_zone_setchecknames(zone, severity);
-	else
-		dns_zone_setchecknames(zone, dns_c_severity_warn);
-#endif
-
-	/*
-	 * XXXAG This probably does not make sense for stubs.
-	 */
-	RETERR(configure_zone_acl(czone, cctx, cview, ac, zone,
-				  dns_c_zone_getallowquery,
-				  dns_c_view_getallowquery,
-				  dns_c_ctx_getallowquery,
-				  dns_zone_setqueryacl,
-				  dns_zone_clearqueryacl));
-
-	result = dns_c_zone_getdialup(czone, &boolean);
-	if (result != ISC_R_SUCCESS)
-		result = dns_c_ctx_getdialup(cctx, &boolean);
-	if (result != ISC_R_SUCCESS)
-		boolean = ISC_FALSE;
-	dns_zone_setoption(zone, DNS_ZONEOPT_DIALUP, boolean);
-
-	/*
-	 * Configure master functionality.  This applies
-	 * to primary masters (type "master") and slaves
-	 * acting as masters (type "slave"), but not to stubs.
-	 */
-	if (czone->ztype != dns_c_zone_stub) {
-		result = dns_c_zone_getnotify(czone, &boolean);
-		if (result != ISC_R_SUCCESS && cview != NULL)
-			result = dns_c_view_getnotify(cview, &boolean);
-		if (result != ISC_R_SUCCESS)
-			result = dns_c_ctx_getnotify(cctx, &boolean);
-		if (result != ISC_R_SUCCESS)
-			boolean = ISC_TRUE;
-		dns_zone_setoption(zone, DNS_ZONEOPT_NOTIFY, boolean);
-
-		iplist = NULL;
-		result = dns_c_zone_getalsonotify(czone, &iplist);
-		if (result != ISC_R_SUCCESS && cview != NULL)
-			result = dns_c_view_getalsonotify(cview, &iplist);
-		if (result != ISC_R_SUCCESS)
-			result = dns_c_ctx_getalsonotify(cctx, &iplist);
-		if (result == ISC_R_SUCCESS)
-			RETERR(dns_zone_setalsonotify(zone, iplist->ips,
-						      iplist->nextidx));
-		else
-			RETERR(dns_zone_setalsonotify(zone, NULL, 0));
-		
-		RETERR(configure_zone_acl(czone, cctx, cview, ac, zone,
-					  dns_c_zone_getallowtransfer,
-					  dns_c_view_gettransferacl,
-					  dns_c_ctx_getallowtransfer,
-					  dns_zone_setxfracl,
-					  dns_zone_clearxfracl));
-
-		result = dns_c_zone_getmaxtranstimeout(czone, &uintval);
-		if (result != ISC_R_SUCCESS && cview != NULL)
-			result = dns_c_view_getmaxtransfertimeout(cview,
-								  &uintval);
-		if (result != ISC_R_SUCCESS)
-			result = dns_c_ctx_getmaxtransfertimeout(cctx,
-								 &uintval);
-		if (result != ISC_R_SUCCESS)
-			uintval = MAX_XFER_TIME;
-		dns_zone_setmaxxfrout(zone, uintval);
-
-		result = dns_c_zone_getmaxtransidleout(czone, &uintval);
-		if (result != ISC_R_SUCCESS && cview != NULL) 
-			result = dns_c_view_getmaxtransferidleout(cview,
-								  &uintval);
-		if (result != ISC_R_SUCCESS) 
-			result = dns_c_ctx_getmaxtransferidleout(cctx,
-								 &uintval);
-		if (result != ISC_R_SUCCESS)
-			uintval = DNS_DEFAULT_IDLEOUT;
-		dns_zone_setidleout(zone, uintval);
-	}
-
-	/*
-	 * Configure update-related options.  These apply to
-	 * primary masters only.
-	 */
-	if (czone->ztype == dns_c_zone_master) {
-		RETERR(configure_zone_acl(czone, cctx, NULL, ac, zone,
-					  dns_c_zone_getallowupd,
-					  NULL, NULL,
-					  dns_zone_setupdateacl,
-					  dns_zone_clearupdateacl));
-
-		dns_zone_getssutable(zone, &ssutable);
-		if (ssutable != NULL)
-			dns_ssutable_detach(&ssutable);
-		result = dns_c_zone_getssuauth(czone, &ssutable);
-		if (result == ISC_R_SUCCESS) {
-			dns_ssutable_t *newssutable = NULL;
-			dns_ssutable_attach(ssutable, &newssutable);
-			dns_zone_setssutable(zone, newssutable);
-		}
-
-		result = dns_c_zone_getsigvalidityinterval(czone, &uintval);
-		if (result != ISC_R_SUCCESS && cview != NULL)
-			result = dns_c_view_getsigvalidityinterval(cview,
-								  &uintval);
-		if (result != ISC_R_SUCCESS)
-			result = dns_c_ctx_getsigvalidityinterval(cctx,
-								 &uintval);
-		if (result != ISC_R_SUCCESS)
-			uintval = 30 * 24 * 3600;
-		dns_zone_setsigvalidityinterval(zone, uintval);
-	}
-
-	/*
-	 * Configure slave functionality.
-	 */
-	switch (czone->ztype) {
-	case dns_c_zone_slave:
-	case dns_c_zone_stub:
-		iplist = NULL;
-		result = dns_c_zone_getmasterips(czone, &iplist);
-		if (result == ISC_R_SUCCESS)
-			result = dns_zone_setmasters(zone, iplist->ips,
-						     iplist->nextidx);
-		else
-			result = dns_zone_setmasters(zone, NULL, 0);
-		RETERR(result);
-
-		result = dns_c_zone_getmaxtranstimein(czone, &uintval);
-		if (result != ISC_R_SUCCESS) 
-			result = dns_c_ctx_getmaxtransfertimein(cctx, &uintval);
-		if (result != ISC_R_SUCCESS)
-			uintval = MAX_XFER_TIME;
-		dns_zone_setmaxxfrin(zone, uintval);
-
-		result = dns_c_zone_getmaxtransidlein(czone, &uintval);
-		if (result != ISC_R_SUCCESS) 
-			result = dns_c_ctx_getmaxtransferidlein(cctx,
-								&uintval);
-		if (result != ISC_R_SUCCESS)
-			uintval = DNS_DEFAULT_IDLEIN;
-		dns_zone_setidlein(zone, uintval);
-
-		result = dns_c_zone_gettransfersource(czone, &sockaddr);
-		if (result != ISC_R_SUCCESS && cview != NULL)
-			result = dns_c_view_gettransfersource(cview,
-							      &sockaddr);
-		if (result != ISC_R_SUCCESS)
-			result = dns_c_ctx_gettransfersource(cctx, &sockaddr);
-		if (result != ISC_R_SUCCESS)
-			sockaddr = sockaddr_any4;
-		dns_zone_setxfrsource4(zone, &sockaddr);
-
-		result = dns_c_zone_gettransfersourcev6(czone, &sockaddr);
-		if (result != ISC_R_SUCCESS && cview != NULL) 
-			result = dns_c_view_gettransfersourcev6(cview,
-								&sockaddr);
-		if (result != ISC_R_SUCCESS) 
-			result = dns_c_ctx_gettransfersourcev6(cctx,
-							       &sockaddr);
-		if (result != ISC_R_SUCCESS)
-			sockaddr = sockaddr_any6;
-		dns_zone_setxfrsource6(zone, &sockaddr);
-
-		break;
-		
-	default:
-		break;
-	}
-
-	return (ISC_R_SUCCESS);
-}
-
-isc_boolean_t
-dns_zone_reusable(dns_zone_t *zone, dns_c_zone_t *czone) {
-	const char *cfilename;
-	const char *zfilename;
-
-	if (dns_zonetype_fromconf(czone->ztype) != dns_zone_gettype(zone))
-		return (ISC_FALSE);
-
-	cfilename = NULL;
-	(void) dns_c_zone_getfile(czone, &cfilename);
-	zfilename = dns_zone_getdatabase(zone);
-	if (cfilename == NULL || zfilename == NULL ||
-	    strcmp(cfilename, zfilename) != 0)
-		return (ISC_FALSE);
-
-	return (ISC_TRUE);
-}
-	
-isc_result_t
-dns_zonemgr_configure(dns_c_ctx_t *cctx, dns_zonemgr_t *zmgr) {
-	isc_uint32_t val;
-	isc_result_t result;
-	
-	result = dns_c_ctx_gettransfersin(cctx, &val);
-	if (result != ISC_R_SUCCESS)
-		val = 10;
-	dns_zonemgr_settransfersin(zmgr, val);
-
-	result = dns_c_ctx_gettransfersperns(cctx, &val);
-	if (result != ISC_R_SUCCESS)
-		val = 2;
-	dns_zonemgr_settransfersperns(zmgr, val);
-
-	return (ISC_R_SUCCESS);
-}
-

doc/dev/cvs-usage

@@ -1,74 +0,0 @@
-
-
-
-Notes on CVS Usage
-
-
-
-Accessing the repository
-
-
-The recommended way of accessing the BIND 9 CVS repository is by ssh
-to rc.isc.org, using the following environment settings:
-
-   CVSROOT=:ext:rc.isc.org:/proj/cvs/isc
-   CVS_RSH=ssh
-
-
-
-Renaming files by respository copy
-
-
-When you need to rename or move a file that is under CVS control, use
-the "repository copy" method as described in the following text 
-borrowed from an ancient CVS FAQ:
-
-        2C.4   How do I rename a file?
-
-        CVS does not offer a way to rename a file in a way that CVS can
-        track later.  See Section 4B for more information.
-
-        Here is the best way to get the effect of renaming, while
-        preserving the change log:
-
-           1. Copy the RCS (",v") file directly in the Repository.
-
-                cp $CVSROOT/<odir>/<ofile>,v $CVSROOT/<ndir>/<nfile>,v
-
-           2. Remove the old file using CVS.
-
-              By duplicating the file, you will preserve the change
-              history and the ability to retrieve earlier revisions of the
-              old file via the "-r <tag/rev>" or "-D <date>" options to
-              "checkout" and "update".
-
-                cd <working-dir>/<odir>
-                rm <ofile>
-                cvs remove <ofile>
-                cvs commit <ofile>
-
-           3. Retrieve <newfile> and remove all the Tags from it.
-
-              By stripping off all the old Tags, the "checkout -r" and
-              "update -r" commands won't retrieve revisions Tagged before
-              the renaming.
-
-                cd <working-dir>/<ndir>
-                cvs update <nfile>
-                cvs log <nfile>                 # Save the list of Tags
-                cvs tag -d <tag1> <nfile>
-                cvs tag -d <tag2> <nfile>
-                . . .
-
-
-        This technique can be used to rename files within one directory or
-        across different directories.  You can apply this idea to
-        directories too, as long as you apply the above to each file and
-        don't delete the old directory.
-
-        Of course, you have to change the build system (e.g. Makefile) in
-        your <working-dir> to know about the name change.
-
-
-
-$Id: cvs-usage,v 1.1 2000/06/01 21:00:44 gson Exp $