Skip to content
Commits on Source (27)
Hide whitespace changes
Inline Side-by-side
.gitignore
View file @ 0e718d5b
......@@ -21,6 +21,20 @@ Makefile.in
/m4
/missing
# configure
Makefile
/config.h
/config.log
/config.status
/libtool
.deps/
/stamp-h1
# make
.libs/
*.la
*.lo
# Eclipse
.project
.cproject
......
AUTHORS
View file @ 0e718d5b
......@@ -3,8 +3,10 @@ David Kupka <dkupka@redhat.com>
Jiri Kuncar <jkuncar@redhat.com>
Lukas Slebodnik <lslebodn@redhat.com>
Martin Nagy <mnagy@redhat.com>
Petr Mensik <pemensik@redhat.com>
Petr Spacek <pspacek@redhat.com>
Simo Sorce <ssorce@redhat.com>
Stephen Gallagher <sgallagh@redhat.com>
Tomas Babej <tbabej@redhat.com>
Tomas Krizek <tkrizek@redhat.com>
Zoran Pericic <zpericic@inet.hr>
README.md
View file @ 0e718d5b
1. Introduction
===============
# 1. Introduction
The dynamic LDAP back-end is a plug-in for BIND that provides an LDAP
database back-end capabilities. It requires dyndb interface which is present
in BIND versions >= 9.11.0rc1.
2. Features
===========
# 2. Features
* support for dynamic updates
* SASL authentication
......@@ -16,14 +14,15 @@ in BIND versions >= 9.11.0rc1.
* DNSSEC in-line signing is supported, including dynamic updates
3. Installation
===============
# 3. Installation
To install the LDAP back-end, extract the tarball and go to the unpacked
directory. Then follow these steps:
$ ./configure --libdir=<libdir>
$ make
```console
$ ./configure --libdir=<libdir>
$ make
```
Where `<libdir>` is a directory where your libdns is installed. This is
typically going to be `/usr/lib` or `/usr/lib64` on 64 bit systems.
......@@ -32,29 +31,34 @@ If configure script complains that it `Can't obtain libdns version`,
please verify you have installed bind development files (package bind9-dev
or bind-devel) and you exported correct CPPFLAGS via
$ export CPPFLAGS=`isc-config.sh --cflags`
```console
$ export CPPFLAGS=`isc-config.sh --cflags`
```
Then, to install, run this as root:
$ make install
```console
$ make install
```
This will install the file `ldap.so` into the `<libdir>/bind/` directory.
Alternatively, the latest version can be obtained from Git repository.
You can use following commands to prepare latest source tree for compilation:
$ git clone https://git.fedorahosted.org/git/bind-dyndb-ldap.git
$ cd bind-dyndb-ldap
$ autoreconf -fvi
```console
$ git clone https://git.fedorahosted.org/git/bind-dyndb-ldap.git
$ cd bind-dyndb-ldap
$ autoreconf -fvi
```
4. LDAP schema
==============
# 4. LDAP schema
You can find the complete LDAP schema in the documentation directory. An
example zone ldif is available in the doc directory.
4.1 Master zone (idnsZone)
--------------------------
## 4.1 Master zone (idnsZone)
Object class `idnsZone` is equivalent to type `master` statement in `named.conf`.
### Attributes
......@@ -193,8 +197,8 @@ Object class `idnsZone` is equivalent to type `master` statement in `named.conf`
Zone without NSEC3PARAM RR will use NSEC by default.
4.2 Forward zone (idnsForwardZone)
----------------------------------
## 4.2 Forward zone (idnsForwardZone)
Object class `idnsForwardZone` is equivalent to type `forward` statement
in named.conf.
......@@ -243,8 +247,8 @@ Unloaded empty zones will not be loaded back even if the forward zone is later
deleted. The empty zones will be loaded on each BIND reload.
4.3 Global configuration object (idnsConfigObject)
--------------------------------------------------
## 4.3 Global configuration object (idnsConfigObject)
Object class idnsConfigObject provides global configuration common
for all zones.
......@@ -261,8 +265,8 @@ for all zones.
Syntax is the same as in forward zone, please see previous section.
4.4 Per-server configuration object (idnsServerConfigObject)
------------------------------------------------------------
## 4.4 Per-server configuration object (idnsServerConfigObject)
Object class idnsConfigObject provides global configuration common
for all zones. A plugin instance will read configuration
only from entries with matching idnsServerId.
......@@ -296,8 +300,8 @@ only from entries with matching idnsServerId.
LIMITATION: Current plugin version supports only `ipalocation` variable
4.5 Record template (idnsTemplateObject)
----------------------------------------
## 4.5 Record template (idnsTemplateObject)
Object class idnsTemplateObject provides facility for dynamic resource record
generation. The template entry must contain idnsTemplateAttribute with
string template.
......@@ -333,8 +337,7 @@ by the template string are defined.
https://fedorahosted.org/bind-dyndb-ldap/wiki/Design/RecordGenerator
5. Configuration
================
# 5. Configuration
To configure dynamic loading of back-end, you must put a `dyndb`
clause into your named.conf. The clause must then be followed by a
......@@ -354,12 +357,12 @@ curly brackets. Example:
auth_method "none";
};
5.1 Configuration options
-------------------------
## 5.1 Configuration options
List of configuration options follows:
5.1.1 LDAP connection
---------------------
### 5.1.1 LDAP connection
* uri
The Uniform Resource Identifier pointing to the LDAP server we
......@@ -451,8 +454,8 @@ List of configuration options follows:
`/bin/hostname` output.
5.1.2 Special DNS features
--------------------------
### 5.1.2 Special DNS features
* fake_mname
Ignore value of the idnsSOAmName (primary master DNS name) attribute
......@@ -460,6 +463,18 @@ List of configuration options follows:
one LDAP database and every BIND reports itself as a primary master in
SOA record, for example.
NOTE: for idnsSOAmName value following priority list shows where
override can come from:
- fake_mname value in the server configuration in named.conf
- Server configuration from LDAP (idnsServerConfig)
- Zone configuration from LDAP
Thus, if server is supposed to respond with a different primary master
DNS name depending on a zone, remove 'fake_mname' from the named.conf
and idnsSOAmName attribute value from the server configuration in LDAP
and define it per-zone in LDAP.
* sync_ptr (default no)
Set this option to `yes` if you would like to keep PTR record
......@@ -476,8 +491,8 @@ List of configuration options follows:
by idnsAllowDynUpdate attribute.
5.1.3 Plumbing
--------------
### 5.1.3 Plumbing
* verbose_checks (default no)
Set this option to `yes` if you would like to log all failures
......@@ -495,8 +510,8 @@ List of configuration options follows:
The path is relative to `directory` specified in BIND options.
See section 6 (DNSSEC) for examples.
5.2 Sample configuration
------------------------
### 5.2 Sample configuration
Let's take a look at a sample configuration:
options {
......@@ -521,24 +536,24 @@ Working directory for the plug-in will be `/var/named/dyndb-ldap/my_db_name/`,
so hypothetical zone `example.com` will use sub-directory
`/var/named/dyndb-ldap/my_db_name/master/example.com/`.
5.3 Configuration in LDAP
-------------------------
### 5.3 Configuration in LDAP
Some options can be configured in LDAP as `idnsConfigObject` attributes.
Value configured in LDAP has priority over value in configuration file.
(This behavior will change in future versions!)
Following options are supported (option = attribute equivalent):
option | LDAP attribute
-----------| --------------
forwarders | idnsForwarders (BIND native option)
forward | idnsForwardPolicy (BIND native option)
sync_ptr | idnsAllowSyncPTR
| option | LDAP attribute |
| ------------ | ---------------------------------------- |
| `forwarders` | `idnsForwarders` (BIND native option) |
| `forward` | `idnsForwardPolicy` (BIND native option) |
| `sync_ptr` | `idnsAllowSyncPTR` |
Forward policy option cannot be set without setting forwarders at the same time.
6. DNSSEC support
=================
# 6. DNSSEC support
In-line signing support in this plugin allows to use this BIND feature
for zones in LDAP.
......@@ -557,13 +572,15 @@ Key management has to be handled by user, i.e. user has to
generate/delete keys and configure key timestamps as appropriate.
Key directory for particular DNS zone is automatically configured to value:
<plugin-instance-dir>/master/<zone-name>/keys
<plugin-instance-dir>/master/<zone-name>/keys
`<plugin-instance-dir>` is described in section 5.1.3 of this file.
`<zone-name>` is (transformed) textual representation of zone name without
trailing period.
Zone name will be automatically transformed before usage:
- root zone is translated to `@` to prevent collision with filesystem `.`
- digits, hyphen and underscore are left intact
- letters of English alphabet are downcased
......@@ -571,21 +588,23 @@ Zone name will be automatically transformed before usage:
- final dot is omited
- labels are separated with `.`
Example:
## Example
* BIND directory: `/var/named`
* bind-dyndb-ldap directory: `dyndb-ldap`
* LDAP instance name: `ipa`
* DNS zone: `example.com.`
* Resulting keys directory: `/var/named/dyndb-ldap/ipa/master/example.com/keys`
### Character encoding
* DNS zone: `TEST.0/1.a.`
* Resulting keys directory: `/var/named/dyndb-ldap/ipa/master/test.0%2F1.a/keys`
Make sure that keys directory and files is readable by user used for BIND.
*Make sure that keys directory and files is readable by user used for BIND.*
7. License
==========
# 7. License
This package is licensed under the GNU General Public License, version 2
only. See file COPYING for more information.
configure.ac
View file @ 0e718d5b
AC_PREREQ([2.59])
AC_INIT([bind-dyndb-ldap], [11.1], [freeipa-devel@redhat.com])
AC_INIT([bind-dyndb-ldap], [11.2], [freeipa-devel@redhat.com])
AM_INIT_AUTOMAKE([-Wall foreign dist-bzip2])
......
contrib/bind-dyndb-ldap.spec 0 → 100644
View file @ 0e718d5b
%define VERSION %{version}
%define bind_version 32:9.11.11-1
Name: bind-dyndb-ldap
Version: 11.2
Release: 0%{?dist}
Summary: LDAP back-end plug-in for BIND
Group: System Environment/Libraries
License: GPLv2+
URL: https://releases.pagure.org/bind-dyndb-ldap
Source0: https://releases.pagure.org/%{name}/%{name}-%{VERSION}.tar.bz2
Source1: https://releases.pagure.org/%{name}/%{name}-%{VERSION}.tar.bz2.asc
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: bind-devel >= %{bind_version}, bind-lite-devel >= %{bind_version}
BuildRequires: krb5-devel
BuildRequires: openldap-devel
BuildRequires: libuuid-devel
BuildRequires: automake, autoconf, libtool
Requires: bind >= %{bind_version}
%description
This package provides an LDAP back-end plug-in for BIND. It features
support for dynamic updates and internal caching, to lift the load
off of your LDAP server.
%prep
%setup -q -n %{name}-%{VERSION}
%build
autoreconf -fiv
%configure
make %{?_smp_mflags}
%install
rm -rf %{buildroot}
make install DESTDIR=%{buildroot}
mkdir -m 770 -p %{buildroot}/%{_localstatedir}/named/dyndb-ldap
# Remove unwanted files
rm %{buildroot}%{_libdir}/bind/ldap.la
rm -r %{buildroot}%{_datadir}/doc/%{name}
%post
# SELinux boolean named_write_master_zones has to be enabled
# otherwise the plugin will not be able to write to /var/named.
# This scriptlet enables the boolean after installation or upgrade.
# SELinux is sensitive area so I want to inform user about the change.
if [ -x "/usr/sbin/setsebool" ] ; then
echo "Enabling SELinux boolean named_write_master_zones"
/usr/sbin/setsebool -P named_write_master_zones=1 || :
fi
# Transform named.conf if it still has old-style API.
PLATFORM=$(uname -m)
if [ $PLATFORM == "x86_64" ] ; then
LIBPATH=/usr/lib64
else
LIBPATH=/usr/lib
fi
# The following sed script:
# - scopes the named.conf changes to dynamic-db
# - replaces arg "name value" syntax with name "value"
# - changes dynamic-db header to dyndb
# - uses the new way the define path to the library
# - removes no longer supported arguments (library, cache_ttl,
# psearch, serial_autoincrement, zone_refresh)
while read -r PATTERN
do
SEDSCRIPT+="$PATTERN"
done <<EOF
/^\s*dynamic-db/,/};/ {
s/\(\s*\)arg\s\+\(["']\)\([a-zA-Z_]\+\s\)/\1\3\2/g;
s/^dynamic-db/dyndb/;
s@\(dyndb "[^"]\+"\)@\1 "$LIBPATH/bind/ldap.so"@;
s@\(dyndb '[^']\+'\)@\1 '$LIBPATH/bind/ldap.so'@;
/\s*library[^;]\+;/d;
/\s*cache_ttl[^;]\+;/d;
/\s*psearch[^;]\+;/d;
/\s*serial_autoincrement[^;]\+;/d;
/\s*zone_refresh[^;]\+;/d;
}
EOF
sed -i.bak -e "$SEDSCRIPT" /etc/named.conf
# This scriptlet disables the boolean after uninstallation.
%postun
if [ "0$1" -eq "0" ] && [ -x "/usr/sbin/setsebool" ] ; then
echo "Disabling SELinux boolean named_write_master_zones"
/usr/sbin/setsebool -P named_write_master_zones=0 || :
fi
%clean
rm -rf %{buildroot}
%files
%defattr(-,root,root,-)
%doc NEWS README.md COPYING doc/{example,schema}.ldif
%dir %attr(770, root, named) %{_localstatedir}/named/dyndb-ldap
%{_libdir}/bind/ldap.so
%changelog
* Tue Nov 05 2019 Alexander Bokovoy <abokovoy@redhat.com>
- Bump BIND version
* Tue Jun 27 2017 Tomas Krizek <tkrizek@redhat.com>
- Bump BIND version
* Fri Apr 07 2017 Tomas Krizek <tkrizek@redhat.com>
- Removed unnecessary bind-pkcs11 dependency
* Mon Mar 13 2017 Tomas Krizek <tkrizek@redhat.com>
- Fixed sed script regex error
- Re-synced specfile with fedora
* Thu Jan 26 2017 Tomas Krizek <tkrizek@redhat.com>
- Added named.conf API transofrmation script
- Bumped the required BIND version to 9.11.0-6.P2
* Tue Jan 28 2014 Petr Spacek <pspacek redhat com>
- package /var/named/dyndb-ldap directory
* Mon Nov 14 2011 Adam Tkac <atkac redhat com>
- specfile to build bind-dyndb-ldap
debian/changelog
View file @ 0e718d5b
bind-dyndb-ldap (11.2-1) unstable; urgency=medium
* New upstream release.
* add-empty-fallback.diff, add-int.h-include.diff, use-correct-dn-value.diff,
0003-Support-for-BIND-9.11.3.patch: Dropped, upstream
* source: Update extend-diff-ignore.
-- Timo Aaltonen <tjaalton@debian.org> Tue, 05 Nov 2019 20:53:31 +0200
bind-dyndb-ldap (11.1-6) unstable; urgency=medium
* use-correct-dn-value.diff: Fix ftbfs with gcc9. (Closes: #925639)
......
debian/patches/0003-Support-for-BIND-9.11.3.patch deleted 100644 → 0
View file @ 46e1f9bf
From b533d722fa62232955aedfdf1bbc0179f48497eb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
Date: Thu, 1 Mar 2018 19:41:10 +0100
Subject: [PATCH] Support for BIND 9.11.3. Include explicitly isc/util.h in
each file that uses REQUIRE(). Support stdatomic feature, do not use function
call in STATIC_ASSERT().
---
src/bindcfg.c | 1 +
src/fwd_register.c | 1 +
src/ldap_entry.h | 11 +++++------
src/mldap.c | 4 ++--
src/rbt_helper.c | 1 +
src/types.h | 2 +-
6 files changed, 11 insertions(+), 9 deletions(-)
diff --git a/src/bindcfg.c b/src/bindcfg.c
index 9b429ba..5539dea 100644
--- a/src/bindcfg.c
+++ b/src/bindcfg.c
@@ -6,6 +6,7 @@
#include "config.h"
+#include <isc/util.h>
#include <isccfg/grammar.h>
#include <isccfg/namedconf.h>
diff --git a/src/fwd_register.c b/src/fwd_register.c
index 355d15f..7cc0c5a 100644
--- a/src/fwd_register.c
+++ b/src/fwd_register.c
@@ -3,6 +3,7 @@
*/
#include <isc/rwlock.h>
+#include <isc/util.h>
#include <dns/name.h>
#include "rbt_helper.h"
diff --git a/src/ldap_entry.h b/src/ldap_entry.h
index 6498c79..88b1c42 100644
--- a/src/ldap_entry.h
+++ b/src/ldap_entry.h
@@ -6,7 +6,6 @@
#define _LD_LDAP_ENTRY_H_
#include <isc/lex.h>
-#include <isc/util.h>
#include <dns/types.h>
#include "fwd_register.h"
@@ -19,15 +18,15 @@
/* Represents values associated with LDAP attribute */
typedef struct ldap_value ldap_value_t;
-typedef LIST(ldap_value_t) ldap_valuelist_t;
+typedef ISC_LIST(ldap_value_t) ldap_valuelist_t;
struct ldap_value {
char *value;
- LINK(ldap_value_t) link;
+ ISC_LINK(ldap_value_t) link;
};
/* Represents LDAP attribute and it's values */
typedef struct ldap_attribute ldap_attribute_t;
-typedef LIST(ldap_attribute_t) ldap_attributelist_t;
+typedef ISC_LIST(ldap_attribute_t) ldap_attributelist_t;
/* Represents LDAP entry and it's attributes */
typedef unsigned char ldap_entryclass_t;
@@ -41,7 +40,7 @@ struct ldap_entry {
ldap_attribute_t *lastattr;
ldap_attributelist_t attrs;
- LINK(ldap_entry_t) link;
+ ISC_LINK(ldap_entry_t) link;
/* Parsing. */
isc_lex_t *lex;
@@ -59,7 +58,7 @@ struct ldap_attribute {
char **ldap_values;
ldap_value_t *lastval;
ldap_valuelist_t values;
- LINK(ldap_attribute_t) link;
+ ISC_LINK(ldap_attribute_t) link;
};
#define LDAP_ENTRYCLASS_NONE 0x0
diff --git a/src/mldap.c b/src/mldap.c
index 143abce..304ba36 100644
--- a/src/mldap.c
+++ b/src/mldap.c
@@ -119,13 +119,13 @@ void mldap_cur_generation_bump(mldapdb_t *mldap) {
* reference counter value.
*/
STATIC_ASSERT((isc_uint32_t)
- (typeof(isc_refcount_current((isc_refcount_t *)0)))
+ (typeof(((isc_refcount_t *)0)->refs))
-1
== 0xFFFFFFFF, \
"negative isc_refcount_t cannot be properly shortened to 32 bits");
STATIC_ASSERT((isc_uint32_t)
- (typeof(isc_refcount_current((isc_refcount_t *)0)))
+ (typeof(((isc_refcount_t *)0)->refs))
0x90ABCDEF12345678
== 0x12345678, \
"positive isc_refcount_t cannot be properly shortened to 32 bits");
diff --git a/src/rbt_helper.c b/src/rbt_helper.c
index 2a7e6cb..f610b07 100644
--- a/src/rbt_helper.c
+++ b/src/rbt_helper.c
@@ -2,6 +2,7 @@
* Copyright (C) 2013-2014 bind-dyndb-ldap authors; see COPYING for license
*/
+#include <isc/util.h>
#include <dns/rbt.h>
#include "util.h"
diff --git a/src/types.h b/src/types.h
index 25ef3b9..01d627c 100644
--- a/src/types.h
+++ b/src/types.h
@@ -24,7 +24,7 @@
* rdata1 -> rdata2 -> rdata3 rdata4 -> rdata5
* next_rdatalist -> next_rdatalist ...
*/
-typedef LIST(dns_rdatalist_t) ldapdb_rdatalist_t;
+typedef ISC_LIST(dns_rdatalist_t) ldapdb_rdatalist_t;
typedef struct enum_txt_assoc {
int value;
--
2.14.3
debian/patches/add-empty-fallback.diff deleted 100644 → 0
View file @ 46e1f9bf
commit 5a7d1347aafefca6040e6aa8fab9eb1f232656ae
Author: Tomas Krizek <tkrizek@redhat.com>
Date: Tue Jun 27 10:41:03 2017 +0200
Add empty callback for getsize
BIND introduced getsize method in db.h. This is related to
CVE-2016-6170 and allows to set restriction of zone size limit.
Signed-off-by: Tomas Krizek <tkrizek@redhat.com>
Reviewed-By: Martin Basti <mbasti@redhat.com>
diff --git a/src/ldap_driver.c b/src/ldap_driver.c
index 53ce1a9..38673b0 100644
--- a/src/ldap_driver.c
+++ b/src/ldap_driver.c
@@ -867,7 +867,8 @@ static dns_dbmethods_t ldapdb_methods = {
findext,
setcachestats,
hashsize,
- nodefullname
+ nodefullname,
+ NULL, // getsize method not implemented (related BZ1353563)
};
isc_result_t ATTR_NONNULLS
debian/patches/add-int.h-include.diff deleted 100644 → 0
View file @ 46e1f9bf
Description: Add '#include <isc/int.h>' in src/types.h and src/zone.c
Author: Peter Michael Green <plugwash@raspbian.org>
Bug-Debian: https://bugs.debian.org/911976
Index: bind-dyndb-ldap-11.1/src/types.h
===================================================================
--- bind-dyndb-ldap-11.1.orig/src/types.h
+++ bind-dyndb-ldap-11.1/src/types.h
@@ -7,6 +7,7 @@
#include <isc/event.h>
#include <isc/refcount.h>
+#include <isc/int.h>
#include <dns/name.h>
#include "util.h"
Index: bind-dyndb-ldap-11.1/src/zone.c
===================================================================
--- bind-dyndb-ldap-11.1.orig/src/zone.c
+++ bind-dyndb-ldap-11.1/src/zone.c
@@ -3,6 +3,7 @@
*/
#include <isc/types.h>
+#include <isc/int.h>
#include <isc/util.h>
#include <dns/diff.h>
debian/patches/series
View file @ 0e718d5b
fix-keytab-path.diff
fix-werror-build.diff
add-empty-fallback.diff
0003-Support-for-BIND-9.11.3.patch
add-int.h-include.diff
use-correct-dn-value.diff
debian/patches/use-correct-dn-value.diff deleted 100644 → 0
View file @ 46e1f9bf
commit d69150691983f7f1efaa078549cd80a14afb76cb
Author: Petr Menšík <pemensik@redhat.com>
Date: Mon Jan 28 00:31:25 2019 +0100
Use correct dn value
New GCC correctly reports error, NULL is always passed in case of
invalid objectclass.
Signed-off-by: Petr Menšík <pemensik@redhat.com>
diff --git a/src/ldap_helper.c b/src/ldap_helper.c
index ac8ce6e..8b486ae 100644
--- a/src/ldap_helper.c
+++ b/src/ldap_helper.c
@@ -4102,7 +4102,6 @@ syncrepl_update(ldap_instance_t *inst, ldap_entry_t **entryp, int chgtype)
ldap_entry_t *entry = NULL;
dns_name_t *zone_name = NULL;
dns_zone_t *zone_ptr = NULL;
- char *dn = NULL;
isc_taskaction_t action = NULL;
isc_task_t *task = NULL;
isc_boolean_t synchronous;
@@ -4156,7 +4155,7 @@ syncrepl_update(ldap_instance_t *inst, ldap_entry_t **entryp, int chgtype)
else if ((entry->class & LDAP_ENTRYCLASS_RR) != 0)
action = update_record;
else {
- log_error("unsupported objectClass: dn '%s'", dn);
+ log_error("unsupported objectClass: dn '%s'", entry->dn);
result = ISC_R_NOTIMPLEMENTED;
goto cleanup;
}
debian/source/options
View file @ 0e718d5b
extend-diff-ignore = contrib/
extend-diff-ignore = contrib/|releng/README
releng/README 0 → 100644
View file @ 0e718d5b
Release Engineering
===================
Latest cheat sheet is available on:
https://fedorahosted.org/bind-dyndb-ldap/wiki/ReleaseProcess
This directory contains assorted set of tools related to release enginnering.
All scripts should be run from root of the source tree.
NOTE!
Scripts can make changes in local repo so all changes should be carefully
reviewed before git push!
Final push to remore repo has to be done manually.
User scripts
------------
bumpver.py
~~~~~~~~~~
Increments version number in configure.ac and SPEC file and creates a signed
tag for current release.
Auxiliary scripts
-----------------
These scripts are not intended for usage from command line:
- srcversion.py
src/acl.c
View file @ 0e718d5b
......@@ -67,7 +67,7 @@ const enum_txt_assoc_t acl_type_txts[] = {
} while (0)
static isc_result_t ATTR_NONNULLS ATTR_CHECKRESULT
get_mode(const cfg_obj_t *obj, isc_boolean_t *value)
get_mode(const cfg_obj_t *obj, bool *value)
{
const char *str;
......@@ -82,8 +82,8 @@ get_mode(const cfg_obj_t *obj, isc_boolean_t *value)
}
str = cfg_obj_asstring(obj);
MATCH("grant", ISC_TRUE);
MATCH("deny", ISC_FALSE);
MATCH("grant", true);
MATCH("deny", false);
log_bug("unsupported ACL mode '%s'", str);
return ISC_R_NOTIMPLEMENTED;
......@@ -175,7 +175,7 @@ get_fixed_name(const cfg_obj_t *obj, const char *name, dns_fixedname_t *fname)
dns_fixedname_init(fname);
result = dns_name_fromtext(dns_fixedname_name(fname), &buf,
dns_rootname, ISC_FALSE, NULL);
dns_rootname, false, NULL);
if (result != ISC_R_SUCCESS)
log_error("'%s' is not a valid name", str);
......@@ -296,7 +296,7 @@ acl_configure_zone_ssutable(const char *policy_str, dns_zone_t *zone)
for (el = cfg_list_first(policy); el != NULL; el = cfg_list_next(el)) {
const cfg_obj_t *stmt;
isc_boolean_t grant;
bool grant;
unsigned int match_type;
dns_fixedname_t fname, fident;
dns_rdatatype_t *types;
......
src/bindcfg.c
View file @ 0e718d5b
......@@ -6,6 +6,7 @@
#include "config.h"
#include <isc/util.h>
#include <isccfg/grammar.h>
#include <isccfg/namedconf.h>
......
src/empty_zones.c
View file @ 0e718d5b
......@@ -153,7 +153,7 @@ empty_zone_search_next(empty_zone_search_t *iter) {
int order;
unsigned int nlabels;
dns_zone_t *zone = NULL;
isc_boolean_t isempty;
bool isempty;
REQUIRE(iter != NULL);
REQUIRE(iter->nextidx < sizeof(empty_zones));
......@@ -184,12 +184,12 @@ empty_zone_search_next(empty_zone_search_t *iter) {
isempty = zone_isempty(zone);
else if (result == DNS_R_PARTIALMATCH
|| result == ISC_R_NOTFOUND)
isempty = ISC_FALSE;
isempty = false;
else
goto cleanup;
if (zone != NULL)
dns_zone_detach(&zone);
if (isempty == ISC_FALSE)
if (isempty == false)
continue;
++iter->nextidx;
CLEANUP_WITH(ISC_R_SUCCESS);
......@@ -299,10 +299,10 @@ cleanup:
*/
isc_result_t
empty_zone_handle_conflicts(dns_name_t *name, dns_zt_t *zonetable,
isc_boolean_t warn_only)
bool warn_only)
{
isc_result_t result;
isc_boolean_t first = ISC_TRUE;
bool first = true;
empty_zone_search_t eziter = {}; /* init with zeroes */
char name_char[DNS_NAME_FORMATSIZE];
char ezname_char[DNS_NAME_FORMATSIZE];
......@@ -312,7 +312,7 @@ empty_zone_handle_conflicts(dns_name_t *name, dns_zt_t *zonetable,
result = empty_zone_search_next(&eziter))
{
dns_name_format(name, name_char, DNS_NAME_FORMATSIZE);
if (warn_only == ISC_TRUE) {
if (warn_only == true) {
dns_name_format(&eziter.ezname, ezname_char,
DNS_NAME_FORMATSIZE);
log_warn("ignoring inherited 'forward first;' for zone "
......@@ -325,10 +325,10 @@ empty_zone_handle_conflicts(dns_name_t *name, dns_zt_t *zonetable,
/* Shutdown automatic empty zone if it is present. */
result = empty_zone_unload(&eziter.ezname, zonetable);
if (result == ISC_R_SUCCESS) {
if (first == ISC_TRUE) {
if (first == true) {
log_info("shutting down automatic empty zones to "
"enable forwarding for domain '%s'", name_char);
first = ISC_FALSE;
first = false;
}
} else if (result == DNS_R_DISALLOWED) {
/* A normal (non-empty) zone exists:
......
src/empty_zones.h
View file @ 0e718d5b
......@@ -26,7 +26,7 @@ empty_zone_search_init(empty_zone_search_t *iter, dns_name_t *qname,
isc_result_t
empty_zone_handle_conflicts(dns_name_t *name, dns_zt_t *zonetable,
isc_boolean_t warn_only) ATTR_NONNULLS ATTR_CHECKRESULT;
bool warn_only) ATTR_NONNULLS ATTR_CHECKRESULT;
/* Trigger to execute empty_zone_handle_conflicts() for dns_rootname. */
#define LDAPDB_EVENT_GLOBALFWD_HANDLEEZ (LDAPDB_EVENTCLASS + 5)
......@@ -34,7 +34,7 @@ empty_zone_handle_conflicts(dns_name_t *name, dns_zt_t *zonetable,
typedef struct ldap_globalfwd_handleez ldap_globalfwd_handleez_t;
struct ldap_globalfwd_handleez {
ISC_EVENT_COMMON(ldap_globalfwd_handleez_t);
isc_boolean_t warn_only;
bool warn_only;
};
void
......
src/fwd.c
View file @ 0e718d5b
......@@ -306,15 +306,15 @@ fwdr_list_free(isc_mem_t *mctx, dns_forwarderlist_t *fwdrs) {
* a) policy = none
* b) (policy != none) && (non-empty list of forwarders)
*
* @param[out] isexplicit ISC_TRUE if conditions for explicit configuration
* are met, ISC_FALSE otherwise
* @param[out] isexplicit true if conditions for explicit configuration
* are met, false otherwise
*
* @retval ISC_R_SUCCESS isexplicit is set appropriately
* @retval other memory allocation or parsing errors etc.
*/
static isc_result_t
fwd_setting_isexplicit(isc_mem_t *mctx, const settings_set_t *set,
isc_boolean_t *isexplicit) {
bool *isexplicit) {
isc_result_t result;
setting_t *setting = NULL;
dns_fwdpolicy_t fwdpolicy;
......@@ -323,16 +323,16 @@ fwd_setting_isexplicit(isc_mem_t *mctx, const settings_set_t *set,
REQUIRE(isexplicit != NULL);
ISC_LIST_INIT(fwdrs);
CHECK(setting_find("forward_policy", set, ISC_FALSE, ISC_TRUE, &setting));
CHECK(setting_find("forward_policy", set, false, true, &setting));
INSIST(get_enum_value(forwarder_policy_txts, setting->value.value_char,
(int *)&fwdpolicy) == ISC_R_SUCCESS);
if (fwdpolicy == dns_fwdpolicy_none) {
*isexplicit = ISC_TRUE;
*isexplicit = true;
return ISC_R_SUCCESS;
}
setting = NULL;
CHECK(setting_find("forwarders", set, ISC_FALSE, ISC_TRUE, &setting));
CHECK(setting_find("forwarders", set, false, true, &setting));
CHECK(fwd_parse_str(setting->value.value_char, mctx, &fwdrs));
cleanup:
......@@ -354,7 +354,7 @@ static isc_result_t
fwd_setting_find_explicit(isc_mem_t *mctx, const settings_set_t *start_set,
const settings_set_t **found) {
isc_result_t result;
isc_boolean_t isexplicit;
bool isexplicit;
REQUIRE(found != NULL && *found == NULL);
......@@ -363,7 +363,7 @@ fwd_setting_find_explicit(isc_mem_t *mctx, const settings_set_t *start_set,
set = set->parent_set)
{
CHECK(fwd_setting_isexplicit(mctx, set, &isexplicit));
if (isexplicit == ISC_TRUE) {
if (isexplicit == true) {
*found = set;
CLEANUP_WITH(ISC_R_SUCCESS);
}
......@@ -434,7 +434,7 @@ fwd_parse_ldap(ldap_entry_t *entry, settings_set_t *set) {
first = result;
if (result != ISC_R_SUCCESS && result != ISC_R_IGNORE)
goto cleanup;
result = setting_find("forward_policy", set, ISC_FALSE, ISC_TRUE, NULL);
result = setting_find("forward_policy", set, false, true, NULL);
if (result == ISC_R_NOTFOUND) {
log_debug(2, "defaulting to forward policy 'first' for "
"%s", ldap_entry_logname(entry));
......@@ -501,7 +501,7 @@ fwd_configure_zone(const settings_set_t *set, ldap_instance_t *inst,
dns_view_t *view = NULL;
isc_result_t lock_state = ISC_R_IGNORE;
dns_forwarderlist_t fwdrs;
isc_boolean_t is_global_config;
bool is_global_config;
dns_fixedname_t foundname;
const char *msg_use_global_fwds;
const char *msg_obj_type;
......@@ -513,7 +513,7 @@ fwd_configure_zone(const settings_set_t *set, ldap_instance_t *inst,
dns_fwdpolicy_t fwdpolicy;
const char *fwdpolicy_str = NULL;
const char *forwarders_str = NULL;
isc_boolean_t isconfigured;
bool isconfigured;
const settings_set_t *explicit_set = NULL;
REQUIRE(inst != NULL && name != NULL);
......@@ -524,11 +524,11 @@ fwd_configure_zone(const settings_set_t *set, ldap_instance_t *inst,
ISC_LIST_INIT(fwdrs);
if (dns_name_equal(name, dns_rootname)) {
is_global_config = ISC_TRUE;
is_global_config = true;
msg_obj_type = "global forwarding configuration";
msg_use_global_fwds = "; global forwarders will be disabled";
} else {
is_global_config = ISC_FALSE;
is_global_config = false;
msg_obj_type = "zone";
msg_use_global_fwds = "; global forwarders will be used "
"(if they are configured)";
......@@ -541,10 +541,10 @@ fwd_configure_zone(const settings_set_t *set, ldap_instance_t *inst,
* For all other zones (non-root) zones *do not* use recursive getter
* and let BIND to handle inheritance in fwdtable itself. */
CHECK(fwd_setting_isexplicit(mctx, set, &isconfigured));
if (isconfigured == ISC_FALSE && is_global_config == ISC_TRUE) {
if (isconfigured == false && is_global_config == true) {
result = fwd_setting_find_explicit(mctx, set, &explicit_set);
if (result == ISC_R_SUCCESS) {
isconfigured = ISC_TRUE;
isconfigured = true;
if (set != explicit_set) {
log_debug(5, "%s was inherited from %s",
msg_obj_type, explicit_set->name);
......@@ -554,7 +554,7 @@ fwd_configure_zone(const settings_set_t *set, ldap_instance_t *inst,
goto cleanup;
}
if (isconfigured == ISC_TRUE) {
if (isconfigured == true) {
CHECK(setting_get_str("forward_policy", set, &fwdpolicy_str));
result = get_enum_value(forwarder_policy_txts,
fwdpolicy_str, (int *)&fwdpolicy);
......@@ -578,7 +578,7 @@ fwd_configure_zone(const settings_set_t *set, ldap_instance_t *inst,
/* update forwarding table */
run_exclusive_enter(inst, &lock_state);
CHECK(fwd_delete_table(view, name, msg_obj_type, set->name));
if (isconfigured == ISC_TRUE) {
if (isconfigured == true) {
CHECK(dns_fwdtable_addfwd(view->fwdtable, name, &fwdrs,
fwdpolicy));
}
......@@ -590,7 +590,7 @@ fwd_configure_zone(const settings_set_t *set, ldap_instance_t *inst,
dns_result_totext(result));
/* Handle collisions with automatic empty zones. */
if (isconfigured == ISC_TRUE)
if (isconfigured == true)
CHECK(empty_zone_handle_conflicts(name,
view->zonetable,
(fwdpolicy == dns_fwdpolicy_first)));
......@@ -632,7 +632,7 @@ isc_result_t
fwd_reconfig_global(ldap_instance_t *inst) {
isc_result_t result;
settings_set_t *toplevel_settings = NULL;
isc_boolean_t root_zone_is_active = ISC_FALSE;
bool root_zone_is_active = false;
/* we have to respect forwarding configuration for root zone */
result = zr_get_zone_settings(ldap_instance_getzr(inst), dns_rootname,
......@@ -644,7 +644,7 @@ fwd_reconfig_global(ldap_instance_t *inst) {
else if (result != ISC_R_NOTFOUND)
goto cleanup;
if (root_zone_is_active == ISC_FALSE)
if (root_zone_is_active == false)
toplevel_settings = ldap_instance_getsettings_server(inst);
CHECK(fwd_configure_zone(toplevel_settings, inst, dns_rootname));
......
src/fwd_register.c
View file @ 0e718d5b
......@@ -3,6 +3,7 @@
*/
#include <isc/rwlock.h>
#include <isc/util.h>
#include <dns/name.h>
#include "rbt_helper.h"
......@@ -100,7 +101,7 @@ fwdr_del_zone(fwd_register_t *fwdr, dns_name_t *name)
RWLOCK(&fwdr->rwlock, isc_rwlocktype_write);
CHECK(dns_rbt_deletename(fwdr->rbt, name, ISC_FALSE));
CHECK(dns_rbt_deletename(fwdr->rbt, name, false));
cleanup:
RWUNLOCK(&fwdr->rwlock, isc_rwlocktype_write);
......
src/krb5_helper.c
View file @ 0e718d5b
......@@ -65,8 +65,8 @@ check_credentials(krb5_context context,
krberr = krb5_timeofday(context, &now);
CHECK_KRB5(context, krberr, "Failed to get timeofday");
log_debug(2, "krb5_timeofday() = %u ; creds.times.endtime = %u",
now, creds.times.endtime);
log_debug(2, "krb5_timeofday() = %ld ; creds.times.endtime = %ld",
(long) now, (long) creds.times.endtime);
if (now > (creds.times.endtime - MIN_TIME)) {
log_debug(2, "Credentials in cache expired");
......