diff options
| author | Stuart Henderson <sthen@cvs.openbsd.org> | 2012-07-09 21:55:09 +0000 |
|---|---|---|
| committer | Stuart Henderson <sthen@cvs.openbsd.org> | 2012-07-09 21:55:09 +0000 |
| commit | 130a57e86d74176856336513144c7519bbac35c4 (patch) | |
| tree | 8cbdc0272ef345051ba3180371e5d353a8b1ab91 /usr.sbin | |
| parent | 119d1024b76d7608135d6841393fe7fb64b0ed87 (diff) | |
NSD v3.2.11, ok phessler@
Diffstat (limited to 'usr.sbin')
36 files changed, 147 insertions, 69 deletions
diff --git a/usr.sbin/nsd/acx_nlnetlabs.m4 b/usr.sbin/nsd/acx_nlnetlabs.m4 index 3a2e350823e..e90c81ea02a 100644 --- a/usr.sbin/nsd/acx_nlnetlabs.m4 +++ b/usr.sbin/nsd/acx_nlnetlabs.m4 @@ -2,7 +2,8 @@ # Copyright 2009, Wouter Wijngaards, NLnet Labs. # BSD licensed. # -# Version 20 +# Version 21 +# 2012-02-09 Fix AHX_MEMCMP_BROKEN with undef in compat/memcmp.h. # 2012-01-20 Fix COMPILER_FLAGS_UNBOUND for gcc 4.6.2 assigned-not-used-warns. # 2011-12-05 Fix getaddrinfowithincludes on windows with fedora16 mingw32-gcc. # Fix ACX_MALLOC for redefined malloc error. @@ -1326,9 +1327,7 @@ int main(void) dnl define memcmp to its replacement, pass unique id for program as arg AC_DEFUN([AHX_MEMCMP_BROKEN], [ #ifdef MEMCMP_IS_BROKEN -# ifdef memcmp -# undef memcmp -# endif +#include "compat/memcmp.h" #define memcmp memcmp_$1 int memcmp(const void *x, const void *y, size_t n); #endif diff --git a/usr.sbin/nsd/answer.c b/usr.sbin/nsd/answer.c index 853288189da..8fa4ab16821 100644 --- a/usr.sbin/nsd/answer.c +++ b/usr.sbin/nsd/answer.c @@ -7,7 +7,7 @@ * */ -#include <config.h> +#include "config.h" #include <string.h> @@ -33,7 +33,8 @@ answer_add_rrset(answer_type *answer, rr_section_type section, /* Don't add an RRset multiple times. */ for (i = 0; i < answer->rrset_count; ++i) { - if (answer->rrsets[i] == rrset) { + if (answer->rrsets[i] == rrset && + answer->domains[i] == domain) { if (section < answer->section[i]) { answer->section[i] = section; return 1; diff --git a/usr.sbin/nsd/buffer.c b/usr.sbin/nsd/buffer.c index ba10dd2fe88..49151018fa9 100644 --- a/usr.sbin/nsd/buffer.c +++ b/usr.sbin/nsd/buffer.c @@ -7,7 +7,7 @@ * */ -#include <config.h> +#include "config.h" #include <stdlib.h> #include <stdio.h> diff --git a/usr.sbin/nsd/compat/memcmp.c b/usr.sbin/nsd/compat/memcmp.c index 441cde9f0ba..6d3d27ac9e7 100644 --- a/usr.sbin/nsd/compat/memcmp.c +++ b/usr.sbin/nsd/compat/memcmp.c @@ -4,7 +4,7 @@ * Copyright (c) 2010-2011, NLnet Labs. All rights reserved. * * See LICENSE for the license. -*/ + */ #include <config.h> diff --git a/usr.sbin/nsd/compat/memcmp.h b/usr.sbin/nsd/compat/memcmp.h new file mode 100644 index 00000000000..c1d195ccf4a --- /dev/null +++ b/usr.sbin/nsd/compat/memcmp.h @@ -0,0 +1,16 @@ +/* + * memcmp.h: undef memcmp for compat. + * + * Copyright (c) 2012, NLnet Labs. All rights reserved. + * + * See LICENSE for the license. +*/ +#ifndef COMPAT_MEMCMP_H +#define COMPAT_MEMCMP_H + +#ifdef memcmp +/* undef here otherwise autoheader messes it up in config.h */ +# undef memcmp +#endif + +#endif /* COMPAT_MEMCMP_H */ diff --git a/usr.sbin/nsd/compat/memmove.c b/usr.sbin/nsd/compat/memmove.c index b52a547b447..fd65a93f84e 100644 --- a/usr.sbin/nsd/compat/memmove.c +++ b/usr.sbin/nsd/compat/memmove.c @@ -4,7 +4,7 @@ * Copyright (c) 2001-2011, NLnet Labs. All rights reserved. * * See LICENSE for the license. -*/ + */ #include <config.h> #include <stdlib.h> diff --git a/usr.sbin/nsd/configlexer.lex b/usr.sbin/nsd/configlexer.lex index 97923d2676e..ae844ee3166 100644 --- a/usr.sbin/nsd/configlexer.lex +++ b/usr.sbin/nsd/configlexer.lex @@ -8,7 +8,7 @@ * */ -#include <config.h> +#include "config.h" #include <ctype.h> #include <errno.h> @@ -116,6 +116,7 @@ ipv6-edns-size{COLON} { LEXOUT(("v(%s) ", yytext)); return VAR_IPV6_EDNS_SIZE;} pidfile{COLON} { LEXOUT(("v(%s) ", yytext)); return VAR_PIDFILE;} port{COLON} { LEXOUT(("v(%s) ", yytext)); return VAR_PORT;} statistics{COLON} { LEXOUT(("v(%s) ", yytext)); return VAR_STATISTICS;} +zone-stats-file{COLON} { LEXOUT(("v(%s) ", yytext)); return VAR_ZONESTATSFILE;} chroot{COLON} { LEXOUT(("v(%s) ", yytext)); return VAR_CHROOT;} username{COLON} { LEXOUT(("v(%s) ", yytext)); return VAR_USERNAME;} zonesdir{COLON} { LEXOUT(("v(%s) ", yytext)); return VAR_ZONESDIR;} diff --git a/usr.sbin/nsd/configyyrename.h b/usr.sbin/nsd/configyyrename.h index 0cc377dfee2..856dfe96d3e 100644 --- a/usr.sbin/nsd/configyyrename.h +++ b/usr.sbin/nsd/configyyrename.h @@ -9,7 +9,7 @@ #ifndef CONFIGYYRENAME_H #define CONFIGYYRENAME_H -#include <config.h> +#include "config.h" /* defines to change symbols so that no yacc/lex symbols clash */ #define yymaxdepth c_maxdepth diff --git a/usr.sbin/nsd/dbaccess.c b/usr.sbin/nsd/dbaccess.c index c9778473464..abecce7a1f5 100644 --- a/usr.sbin/nsd/dbaccess.c +++ b/usr.sbin/nsd/dbaccess.c @@ -7,7 +7,7 @@ * */ -#include <config.h> +#include "config.h" #include <sys/types.h> #include <sys/stat.h> diff --git a/usr.sbin/nsd/difffile.c b/usr.sbin/nsd/difffile.c index 1052b2f9718..3d73b383b04 100644 --- a/usr.sbin/nsd/difffile.c +++ b/usr.sbin/nsd/difffile.c @@ -849,7 +849,8 @@ apply_ixfr(namedb_type* db, FILE *in, const off_t* startpos, if(!zone_db) { log_msg(LOG_ERR, "no zone exists"); region_destroy(region); - return 0; + /* break out and stop the IXFR, ignore it */ + return 2; } if(msglen > QIOBUFSZ) { @@ -1048,7 +1049,7 @@ apply_ixfr(namedb_type* db, FILE *in, const off_t* startpos, } } } - fix_empty_terminals(zone_db); + fix_empty_terminals(zone_db); region_destroy(region); return 1; } @@ -1313,7 +1314,8 @@ read_sure_part(namedb_type* db, FILE *in, nsd_options_t* opt, region_destroy(region); if (zone == NULL) { log_msg(LOG_ERR, "no zone exists"); - return 0; + /* just stop trying applying ixfr */ + return 1; } if (0 != namedb_nsec3_mod_domains_create(db)) { log_msg(LOG_ERR, diff --git a/usr.sbin/nsd/difffile.h b/usr.sbin/nsd/difffile.h index 5e0123eafa6..d54c629b5a7 100644 --- a/usr.sbin/nsd/difffile.h +++ b/usr.sbin/nsd/difffile.h @@ -9,7 +9,7 @@ #ifndef DIFFFILE_H #define DIFFFILE_H -#include <config.h> +#include "config.h" #include "rbtree.h" #include "namedb.h" #include "options.h" diff --git a/usr.sbin/nsd/edns.c b/usr.sbin/nsd/edns.c index 3ece1220118..b69873f5fa1 100644 --- a/usr.sbin/nsd/edns.c +++ b/usr.sbin/nsd/edns.c @@ -8,7 +8,7 @@ */ -#include <config.h> +#include "config.h" #include <string.h> @@ -89,6 +89,7 @@ edns_parse_record(edns_record_type *edns, buffer_type *packet) opt_rdlen = buffer_read_u16(packet); if (opt_version != 0) { + /* The only error is VERSION not implemented */ edns->status = EDNS_ERROR; return 1; } diff --git a/usr.sbin/nsd/edns.h b/usr.sbin/nsd/edns.h index 48e83e7fca1..8de1b685f01 100644 --- a/usr.sbin/nsd/edns.h +++ b/usr.sbin/nsd/edns.h @@ -32,6 +32,7 @@ enum edns_status { EDNS_NOT_PRESENT, EDNS_OK, + /* EDNS states may be extended in the future */ EDNS_ERROR }; typedef enum edns_status edns_status_type; diff --git a/usr.sbin/nsd/ipc.c b/usr.sbin/nsd/ipc.c index a3b25849c4c..157e4185c2e 100644 --- a/usr.sbin/nsd/ipc.c +++ b/usr.sbin/nsd/ipc.c @@ -7,7 +7,7 @@ * */ -#include <config.h> +#include "config.h" #include <errno.h> #include <unistd.h> #include <stdlib.h> @@ -443,7 +443,7 @@ parent_handle_child_command(netio_type *ATTR_UNUSED(netio), if (len == 0) { size_t i; - if(handler->fd > 0) close(handler->fd); + if(handler->fd != -1) close(handler->fd); for(i=0; i<data->nsd->child_count; ++i) if(data->nsd->children[i].child_fd == handler->fd) { data->nsd->children[i].child_fd = -1; @@ -514,7 +514,7 @@ parent_handle_reload_command(netio_type *ATTR_UNUSED(netio), } if (len == 0) { - if(handler->fd > 0) { + if(handler->fd != -1) { close(handler->fd); handler->fd = -1; } @@ -528,7 +528,7 @@ parent_handle_reload_command(netio_type *ATTR_UNUSED(netio), for(i=0; i < nsd->child_count; i++) { nsd->children[i].need_to_exit = 1; if(nsd->children[i].pid > 0 && - nsd->children[i].child_fd > 0) { + nsd->children[i].child_fd != -1) { nsd->children[i].need_to_send_QUIT = 1; nsd->children[i].handler->event_types |= NETIO_EVENT_WRITE; diff --git a/usr.sbin/nsd/ipc.h b/usr.sbin/nsd/ipc.h index 61efec5595c..bcdd09eb758 100644 --- a/usr.sbin/nsd/ipc.h +++ b/usr.sbin/nsd/ipc.h @@ -10,7 +10,7 @@ #ifndef NSD_IPC_H #define NSD_IPC_H -#include <config.h> +#include "config.h" #include "netio.h" struct buffer; struct nsd; diff --git a/usr.sbin/nsd/iterated_hash.c b/usr.sbin/nsd/iterated_hash.c index 411c42903ab..4211f503c25 100644 --- a/usr.sbin/nsd/iterated_hash.c +++ b/usr.sbin/nsd/iterated_hash.c @@ -7,7 +7,7 @@ * * With thanks to Ben Laurie. */ -#include <config.h> +#include "config.h" #ifdef NSEC3 #include <openssl/sha.h> #include <stdio.h> @@ -36,6 +36,8 @@ iterated_hash(unsigned char out[SHA_DIGEST_LENGTH], } return SHA_DIGEST_LENGTH; #else + (void)out; (void)salt; (void)saltlength; + (void)in; (void)inlength; (void)iterations; return 0; #endif } diff --git a/usr.sbin/nsd/iterated_hash.h b/usr.sbin/nsd/iterated_hash.h index 836b1022519..2a6bef399d0 100644 --- a/usr.sbin/nsd/iterated_hash.h +++ b/usr.sbin/nsd/iterated_hash.h @@ -10,7 +10,7 @@ #ifndef ITERATED_HASH_H #define ITERATED_HASH_H -#include <config.h> +#include "config.h" #ifdef NSEC3 #include <openssl/sha.h> diff --git a/usr.sbin/nsd/namedb.c b/usr.sbin/nsd/namedb.c index 39ce3e17c1f..43a1b8e9bec 100644 --- a/usr.sbin/nsd/namedb.c +++ b/usr.sbin/nsd/namedb.c @@ -7,7 +7,7 @@ * */ -#include <config.h> +#include "config.h" #include <sys/types.h> diff --git a/usr.sbin/nsd/namedb.h b/usr.sbin/nsd/namedb.h index 63cc9a656d6..e50986a0fa4 100644 --- a/usr.sbin/nsd/namedb.h +++ b/usr.sbin/nsd/namedb.h @@ -15,6 +15,7 @@ #include "dname.h" #include "dns.h" #include "rbtree.h" +#include "util.h" struct zone_options; struct nsd_options; @@ -98,6 +99,11 @@ struct zone rbtree_t *nsec3_domains; #endif /* !FULL_PREHASH */ #endif /* NSEC3 */ + +#if defined(BIND8_STATS) && defined(USE_ZONE_STATS) + struct nsdst st; +#endif /* defined(BIND8_STATS) && defined(USE_ZONE_STATS) */ + struct zone_options *opts; uint32_t number; uint8_t* dirty; /* array of dirty-flags, per child */ diff --git a/usr.sbin/nsd/netio.c b/usr.sbin/nsd/netio.c index fb5cf4c5bd2..135094a82eb 100644 --- a/usr.sbin/nsd/netio.c +++ b/usr.sbin/nsd/netio.c @@ -6,7 +6,7 @@ * See LICENSE for the license. * */ -#include <config.h> +#include "config.h" #include <assert.h> #include <errno.h> @@ -36,7 +36,7 @@ netio_type * netio_create(region_type *region) { netio_type *result; - + assert(region); result = (netio_type *) region_alloc(region, sizeof(netio_type)); @@ -51,7 +51,7 @@ void netio_add_handler(netio_type *netio, netio_handler_type *handler) { netio_handler_list_type *elt; - + assert(netio); assert(handler); @@ -79,7 +79,7 @@ void netio_remove_handler(netio_type *netio, netio_handler_type *handler) { netio_handler_list_type **elt_ptr; - + assert(netio); assert(handler); @@ -126,14 +126,14 @@ netio_dispatch(netio_type *netio, const struct timespec *timeout, const sigset_t netio_handler_list_type *elt; int rc; int result = 0; - + assert(netio); /* * Clear the cached current time. */ netio->have_current_time = 0; - + /* * Initialize the minimum timeout with the timeout parameter. */ @@ -153,12 +153,37 @@ netio_dispatch(netio_type *netio, const struct timespec *timeout, const sigset_t for (elt = netio->handlers; elt; elt = elt->next) { netio_handler_type *handler = elt->handler; - if (handler->fd >= 0 && handler->fd < (int)FD_SETSIZE) { + if (handler->fd != -1 && handler->fd < (int)FD_SETSIZE) { if (handler->fd > max_fd) { max_fd = handler->fd; } if (handler->event_types & NETIO_EVENT_READ) { - FD_SET(handler->fd, &readfds); + extern int slowaccept; + extern struct timespec slowaccept_timeout; + + if ((handler->event_types & NETIO_EVENT_ACCEPT) && slowaccept) { + if (timespec_compare(&slowaccept_timeout, netio_current_time(netio)) < 0) { + slowaccept = 0; + } + if (slowaccept) { + /** Timeout after slowaccept timeout. */ + struct timespec relative; + relative.tv_sec = slowaccept_timeout.tv_sec; + relative.tv_nsec = slowaccept_timeout.tv_nsec; + timespec_subtract(&relative, netio_current_time(netio)); + if (!have_timeout || + timespec_compare(&relative, &minimum_timeout) < 0) { + have_timeout = 1; + minimum_timeout.tv_sec = relative.tv_sec; + minimum_timeout.tv_nsec = relative.tv_nsec; + } + } else { + FD_SET(handler->fd, &readfds); + } + } else { + /* Not accept event or not slow accept */ + FD_SET(handler->fd, &readfds); + } } if (handler->event_types & NETIO_EVENT_WRITE) { FD_SET(handler->fd, &writefds); @@ -215,7 +240,7 @@ netio_dispatch(netio_type *netio, const struct timespec *timeout, const sigset_t * some time so the cached value is likely to be old). */ netio->have_current_time = 0; - + if (rc == 0) { /* * No events before the minimum timeout expired. @@ -235,7 +260,7 @@ netio_dispatch(netio_type *netio, const struct timespec *timeout, const sigset_t for (elt = netio->handlers; elt && rc; ) { netio_handler_type *handler = elt->handler; netio->dispatch_next = elt->next; - if (handler->fd >= 0 && handler->fd < (int)FD_SETSIZE) { + if (handler->fd != -1 && handler->fd < (int)FD_SETSIZE) { netio_event_types_type event_types = NETIO_EVENT_NONE; if (FD_ISSET(handler->fd, &readfds)) { diff --git a/usr.sbin/nsd/netio.h b/usr.sbin/nsd/netio.h index d9097a9039d..13035a0d3b2 100644 --- a/usr.sbin/nsd/netio.h +++ b/usr.sbin/nsd/netio.h @@ -50,6 +50,8 @@ #include "region-allocator.h" +#define NETIO_SLOW_ACCEPT_TIMEOUT 2 /* in seconds */ + /* * The type of events a handler is interested in. These can be OR'ed * together to specify multiple event types. @@ -59,7 +61,8 @@ enum netio_event_types { NETIO_EVENT_READ = 1, NETIO_EVENT_WRITE = 2, NETIO_EVENT_EXCEPT = 4, - NETIO_EVENT_TIMEOUT = 8 + NETIO_EVENT_TIMEOUT = 8, + NETIO_EVENT_ACCEPT = 16 }; typedef enum netio_event_types netio_event_types_type; diff --git a/usr.sbin/nsd/nsd.conf.sample.in b/usr.sbin/nsd/nsd.conf.sample.in index b668f30ba38..e7db1bf08b5 100644 --- a/usr.sbin/nsd/nsd.conf.sample.in +++ b/usr.sbin/nsd/nsd.conf.sample.in @@ -69,6 +69,9 @@ server: # statistics are produced every number of seconds. # statistics: 3600 + # if per zone statistics is enabled, file to store statistics. + # zone-stats-file: "@zonestatsfile@" + # Run NSD in a chroot-jail. # make sure to have pidfile and database reachable from there. # by default, no chroot-jail is used. diff --git a/usr.sbin/nsd/nsd.h b/usr.sbin/nsd/nsd.h index 0ababb13cb1..aaf034fd2cb 100644 --- a/usr.sbin/nsd/nsd.h +++ b/usr.sbin/nsd/nsd.h @@ -14,6 +14,7 @@ #include "dns.h" #include "edns.h" +#include "util.h" struct netio_handler; struct nsd_options; @@ -70,20 +71,29 @@ struct nsd_options; #ifdef BIND8_STATS -/* Counter for statistics */ -typedef unsigned long stc_t; - #define LASTELEM(arr) (sizeof(arr) / sizeof(arr[0]) - 1) -#define STATUP(nsd, stc) nsd->st.stc++ -/* #define STATUP2(nsd, stc, i) ((i) <= (LASTELEM(nsd->st.stc) - 1)) ? nsd->st.stc[(i)]++ : \ - nsd->st.stc[LASTELEM(nsd->st.stc)]++ */ +#define STATUP(nsd, stc) nsd->st.stc++ +#define STATUP2(nsd, stc, i) nsd->st.stc[(i) <= (LASTELEM(nsd->st.stc) - 1) ? i : LASTELEM(nsd->st.stc)]++ + +# ifdef USE_ZONE_STATS + +# define ZTATUP(zone, stc) zone->st.stc++ +# define ZTATUP2(zone, stc, i) zone->st.stc[(i) <= (LASTELEM(zone->st.stc) - 1) ? i : LASTELEM(zone->st.stc)]++ + +# else -#define STATUP2(nsd, stc, i) nsd->st.stc[(i) <= (LASTELEM(nsd->st.stc) - 1) ? i : LASTELEM(nsd->st.stc)]++ -#else /* BIND8_STATS */ +# define ZTATUP(zone, stc) /* Nothing */ +# define ZTATUP2(zone, stc, i) /* Nothing */ + +# endif /* USE_ZONE_STATS */ + +#else /* BIND8_STATS */ #define STATUP(nsd, stc) /* Nothing */ #define STATUP2(nsd, stc, i) /* Nothing */ +#define ZTATUP(zone, stc) /* Nothing */ +#define ZTATUP2(zone, stc, i) /* Nothing */ #endif /* BIND8_STATS */ @@ -158,6 +168,9 @@ struct nsd /* Configuration */ const char *dbfile; const char *pidfile; +#ifdef USE_ZONE_STATS + const char *zonestatsfile; +#endif const char *log_filename; const char *username; uid_t uid; @@ -192,19 +205,7 @@ struct nsd size_t ipv6_edns_size; #ifdef BIND8_STATS - - struct nsdst { - time_t boot; - int period; /* Produce statistics dump every st_period seconds */ - stc_t qtype[257]; /* Counters per qtype */ - stc_t qclass[4]; /* Class IN or Class CH or other */ - stc_t qudp, qudp6; /* Number of queries udp and udp6 */ - stc_t ctcp, ctcp6; /* Number of tcp and tcp6 connections */ - stc_t rcode[17], opcode[6]; /* Rcodes & opcodes */ - /* Dropped, truncated, queries for nonconfigured zone, tx errors */ - stc_t dropped, truncated, wrongzone, txerr, rxerr; - stc_t edns, ednserr, raxfr, nona; - } st; + struct nsdst st; #endif /* BIND8_STATS */ struct nsd_options* options; diff --git a/usr.sbin/nsd/options.c b/usr.sbin/nsd/options.c index 44d017a9760..5fd82666873 100644 --- a/usr.sbin/nsd/options.c +++ b/usr.sbin/nsd/options.c @@ -54,6 +54,11 @@ nsd_options_t* nsd_options_create(region_type* region) opt->port = UDP_PORT; /* deprecated? opt->port = TCP_PORT; */ opt->statistics = 0; +#ifdef USE_ZONE_STATS + opt->zonestatsfile = ZONESTATSFILE; +#else + opt->zonestatsfile = 0; +#endif opt->chroot = 0; opt->username = USER; opt->zonesdir = ZONESDIR; diff --git a/usr.sbin/nsd/options.h b/usr.sbin/nsd/options.h index bc9500ebc0d..282027aad90 100644 --- a/usr.sbin/nsd/options.h +++ b/usr.sbin/nsd/options.h @@ -10,7 +10,7 @@ #ifndef OPTIONS_H #define OPTIONS_H -#include <config.h> +#include "config.h" #include <stdarg.h> #include "region-allocator.h" #include "rbtree.h" @@ -55,6 +55,7 @@ struct nsd_options { const char* pidfile; const char* port; int statistics; + const char* zonestatsfile; const char* chroot; const char* username; const char* zonesdir; diff --git a/usr.sbin/nsd/rbtree.c b/usr.sbin/nsd/rbtree.c index eae5bb95059..c7d384fe66d 100644 --- a/usr.sbin/nsd/rbtree.c +++ b/usr.sbin/nsd/rbtree.c @@ -7,7 +7,7 @@ * */ -#include <config.h> +#include "config.h" #include <assert.h> #include <stdlib.h> diff --git a/usr.sbin/nsd/tsig-openssl.c b/usr.sbin/nsd/tsig-openssl.c index abdb141be48..7e6004b86b9 100644 --- a/usr.sbin/nsd/tsig-openssl.c +++ b/usr.sbin/nsd/tsig-openssl.c @@ -7,7 +7,7 @@ * */ -#include <config.h> +#include "config.h" #if defined(HAVE_SSL) diff --git a/usr.sbin/nsd/tsig.c b/usr.sbin/nsd/tsig.c index d12208394eb..7fa7b957f2c 100644 --- a/usr.sbin/nsd/tsig.c +++ b/usr.sbin/nsd/tsig.c @@ -8,7 +8,7 @@ */ -#include <config.h> +#include "config.h" #include <stdlib.h> #include <ctype.h> diff --git a/usr.sbin/nsd/xfrd-disk.c b/usr.sbin/nsd/xfrd-disk.c index b4dbd0b5171..bb869ed9d40 100644 --- a/usr.sbin/nsd/xfrd-disk.c +++ b/usr.sbin/nsd/xfrd-disk.c @@ -7,7 +7,7 @@ * */ -#include <config.h> +#include "config.h" #include <stdio.h> #include <stdlib.h> #include <ctype.h> diff --git a/usr.sbin/nsd/xfrd-disk.h b/usr.sbin/nsd/xfrd-disk.h index 7d1ac9c32a0..42db1993180 100644 --- a/usr.sbin/nsd/xfrd-disk.h +++ b/usr.sbin/nsd/xfrd-disk.h @@ -10,7 +10,7 @@ #ifndef XFRD_DISK_H #define XFRD_DISK_H -#include <config.h> +#include "config.h" struct xfrd_state; /* magic string to identify xfrd state file */ diff --git a/usr.sbin/nsd/xfrd-notify.c b/usr.sbin/nsd/xfrd-notify.c index 85cd8ad4acd..21cc22694a6 100644 --- a/usr.sbin/nsd/xfrd-notify.c +++ b/usr.sbin/nsd/xfrd-notify.c @@ -7,7 +7,7 @@ * */ -#include <config.h> +#include "config.h" #include <assert.h> #include <string.h> #include <unistd.h> diff --git a/usr.sbin/nsd/xfrd-notify.h b/usr.sbin/nsd/xfrd-notify.h index 16b560fc71e..242c7e763ca 100644 --- a/usr.sbin/nsd/xfrd-notify.h +++ b/usr.sbin/nsd/xfrd-notify.h @@ -10,7 +10,7 @@ #ifndef XFRD_NOTIFY_H #define XFRD_NOTIFY_H -#include <config.h> +#include "config.h" #include "tsig.h" #include "netio.h" #include "rbtree.h" diff --git a/usr.sbin/nsd/xfrd-tcp.h b/usr.sbin/nsd/xfrd-tcp.h index 9604e419ce1..e42e1a4456a 100644 --- a/usr.sbin/nsd/xfrd-tcp.h +++ b/usr.sbin/nsd/xfrd-tcp.h @@ -10,7 +10,7 @@ #ifndef XFRD_TCP_H #define XFRD_TCP_H -#include <config.h> +#include "config.h" #include "xfrd.h" struct buffer; diff --git a/usr.sbin/nsd/xfrd.c b/usr.sbin/nsd/xfrd.c index 9c04dc8e85e..8bd12502fd9 100644 --- a/usr.sbin/nsd/xfrd.c +++ b/usr.sbin/nsd/xfrd.c @@ -7,7 +7,7 @@ * */ -#include <config.h> +#include "config.h" #include <assert.h> #include <string.h> #include <unistd.h> @@ -1171,6 +1171,7 @@ xfrd_parse_received_xfr_packet(xfrd_zone_t* zone, buffer_type* packet, size_t rr_count; size_t qdcount = QDCOUNT(packet); size_t ancount = ANCOUNT(packet), ancount_todo; + size_t nscount = NSCOUNT(packet); int done = 0; /* has to be axfr / ixfr reply */ @@ -1228,6 +1229,16 @@ xfrd_parse_received_xfr_packet(xfrd_zone_t* zone, buffer_type* packet, } DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: too short xfr packet: no " "answer")); + /* if IXFR is unknown, fallback to AXFR (if allowed) */ + if (nscount == 1) { + if(!packet_skip_dname(packet) || !xfrd_parse_soa_info(packet, soa)) { + DEBUG(DEBUG_XFRD,1, (LOG_ERR, "xfrd: zone %s, from %s: " + "no SOA begins authority section", + zone->apex_str, zone->master->ip_address_spec)); + return xfrd_packet_bad; + } + return xfrd_packet_notimpl; + } return xfrd_packet_bad; } ancount_todo = ancount; diff --git a/usr.sbin/nsd/xfrd.h b/usr.sbin/nsd/xfrd.h index 15719ecaafe..d332ec0af8b 100644 --- a/usr.sbin/nsd/xfrd.h +++ b/usr.sbin/nsd/xfrd.h @@ -10,7 +10,7 @@ #ifndef XFRD_H #define XFRD_H -#include <config.h> +#include "config.h" #include "netio.h" #include "rbtree.h" #include "namedb.h" diff --git a/usr.sbin/nsd/zlexer.lex b/usr.sbin/nsd/zlexer.lex index 4452a8aeb4b..666a4ba3135 100644 --- a/usr.sbin/nsd/zlexer.lex +++ b/usr.sbin/nsd/zlexer.lex @@ -8,7 +8,7 @@ * */ -#include <config.h> +#include "config.h" #include <ctype.h> #include <errno.h> |