head 1.2; access; symbols perseant-exfatfs-base-20250801:1.2 perseant-exfatfs-base-20240630:1.2 perseant-exfatfs:1.2.0.22 perseant-exfatfs-base:1.2 cjep_sun2x:1.2.0.20 cjep_sun2x-base:1.2 cjep_staticlib_x-base1:1.2 cjep_staticlib_x:1.2.0.18 cjep_staticlib_x-base:1.2 phil-wifi-20200421:1.2 phil-wifi-20200411:1.2 phil-wifi-20200406:1.2 pgoyette-compat-merge-20190127:1.2 pgoyette-compat-20190127:1.2 pgoyette-compat-20190118:1.2 pgoyette-compat-1226:1.2 pgoyette-compat-1126:1.2 pgoyette-compat-1020:1.2 pgoyette-compat-0930:1.2 pgoyette-compat-0906:1.2 pgoyette-compat-0728:1.2 pgoyette-compat-0625:1.2 pgoyette-compat-0521:1.2 pgoyette-compat-0502:1.2 pgoyette-compat-0422:1.2 pgoyette-compat-0415:1.2 pgoyette-compat-0407:1.2 pgoyette-compat-0330:1.2 pgoyette-compat-0322:1.2 pgoyette-compat-0315:1.2 pgoyette-compat:1.2.0.16 pgoyette-compat-base:1.2 prg-localcount2-base3:1.2 prg-localcount2-base2:1.2 prg-localcount2-base1:1.2 prg-localcount2:1.2.0.14 prg-localcount2-base:1.2 pgoyette-localcount-20170426:1.2 bouyer-socketcan-base1:1.2 pgoyette-localcount-20170320:1.2 bouyer-socketcan:1.2.0.12 bouyer-socketcan-base:1.2 pgoyette-localcount-20170107:1.2 pgoyette-localcount-20161104:1.2 localcount-20160914:1.2 pgoyette-localcount-20160806:1.2 pgoyette-localcount-20160726:1.2 pgoyette-localcount:1.2.0.10 pgoyette-localcount-base:1.2 netbsd-5-2-3-RELEASE:1.1.1.1 netbsd-5-1-5-RELEASE:1.1.1.1 yamt-pagecache-base9:1.2 yamt-pagecache-tag8:1.2 tls-earlyentropy:1.2.0.6 tls-earlyentropy-base:1.2 riastradh-xf86-video-intel-2-7-1-pre-2-21-15:1.2 riastradh-drm2-base3:1.2 netbsd-5-2-2-RELEASE:1.1.1.1 netbsd-5-1-4-RELEASE:1.1.1.1 netbsd-5-2-1-RELEASE:1.1.1.1 netbsd-5-1-3-RELEASE:1.1.1.1 agc-symver:1.2.0.8 agc-symver-base:1.2 tls-maxphys-base:1.2 yamt-pagecache-base8:1.2 netbsd-5-2:1.1.1.1.0.36 yamt-pagecache-base7:1.2 netbsd-5-2-RELEASE:1.1.1.1 netbsd-5-2-RC1:1.1.1.1 yamt-pagecache-base6:1.2 yamt-pagecache-base5:1.2 yamt-pagecache-base4:1.2 netbsd-5-1-2-RELEASE:1.1.1.1 netbsd-5-1-1-RELEASE:1.1.1.1 yamt-pagecache-base3:1.2 yamt-pagecache-base2:1.2 yamt-pagecache:1.2.0.4 yamt-pagecache-base:1.2 bind-9-7-3-P1:1.1.1.1 bouyer-quota2-nbase:1.2 bouyer-quota2:1.2.0.2 bouyer-quota2-base:1.2 matt-nb5-mips64-premerge-20101231:1.1.1.1 matt-nb5-pq3:1.1.1.1.0.34 matt-nb5-pq3-base:1.1.1.1 netbsd-5-1:1.1.1.1.0.32 netbsd-5-1-RELEASE:1.1.1.1 netbsd-5-1-RC4:1.1.1.1 matt-nb5-mips64-k15:1.1.1.1 netbsd-5-1-RC3:1.1.1.1 netbsd-5-1-RC2:1.1.1.1 netbsd-5-1-RC1:1.1.1.1 netbsd-5-0-2-RELEASE:1.1.1.1 matt-nb5-mips64-premerge-20091211:1.1.1.1 matt-nb5-mips64-u2-k2-k4-k7-k8-k9:1.1.1.1 matt-nb4-mips64-k7-u2a-k9b:1.1.1.1 matt-nb5-mips64-u1-k1-k5:1.1.1.1 matt-nb5-mips64:1.1.1.1.0.30 netbsd-5-0-1-RELEASE:1.1.1.1 jym-xensuspend-nbase:1.2 netbsd-5-0:1.1.1.1.0.28 netbsd-5-0-RELEASE:1.1.1.1 netbsd-5-0-RC4:1.1.1.1 netbsd-5-0-RC3:1.1.1.1 netbsd-5-0-RC2:1.1.1.1 jym-xensuspend:1.1.1.1.0.26 jym-xensuspend-base:1.2 netbsd-5-0-RC1:1.1.1.1 netbsd-5:1.1.1.1.0.24 netbsd-5-base:1.1.1.1 matt-mips64-base2:1.1.1.1 matt-mips64:1.1.1.1.0.22 mjf-devfs2:1.1.1.1.0.20 mjf-devfs2-base:1.1.1.1 netbsd-4-0-1-RELEASE:1.1.1.1.2.2 wrstuden-revivesa-base-3:1.1.1.1 wrstuden-revivesa-base-2:1.1.1.1 wrstuden-fixsa-newbase:1.1.1.1.2.2 bind-9-5-0-P2:1.1.1.1 netbsd-3-0:1.1.1.1.0.18 bind-9-5-0-P1:1.1.1.1 wrstuden-revivesa-base-1:1.1.1.1 bind-9-5-0:1.1.1.1 yamt-pf42-base4:1.1.1.1 yamt-pf42-base3:1.1.1.1 hpcarm-cleanup-nbase:1.1.1.1 yamt-pf42-baseX:1.1.1.1 yamt-pf42-base2:1.1.1.1 wrstuden-revivesa:1.1.1.1.0.16 wrstuden-revivesa-base:1.1.1.1 yamt-pf42:1.1.1.1.0.14 yamt-pf42-base:1.1.1.1 keiichi-mipv6:1.1.1.1.0.12 keiichi-mipv6-base:1.1.1.1 matt-armv6-nbase:1.1.1.1 matt-armv6-prevmlocking:1.1.1.1 wrstuden-fixsa-base-1:1.1.1.1.2.2 netbsd-4-0:1.1.1.1.2.2.0.2 netbsd-4-0-RELEASE:1.1.1.1.2.2 cube-autoconf:1.1.1.1.0.10 cube-autoconf-base:1.1.1.1 netbsd-4-0-RC5:1.1.1.1.2.2 netbsd-4-0-RC4:1.1.1.1.2.2 netbsd-4-0-RC3:1.1.1.1.2.2 netbsd-4-0-RC2:1.1.1.1.2.2 netbsd-4-0-RC1:1.1.1.1.2.2 matt-armv6:1.1.1.1.0.8 matt-armv6-base:1.1.1.1 matt-mips64-base:1.1.1.1 hpcarm-cleanup:1.1.1.1.0.6 hpcarm-cleanup-base:1.1.1.1 bind-9-4-1-P1:1.1.1.1 wrstuden-fixsa-base:1.1.1.1.2.2 wrstuden-fixsa:1.1.1.1.0.4 netbsd-4:1.1.1.1.0.2 bind-9-4-1:1.1.1.1 bind-9-4-0:1.1.1.1 bind-9-4-0-rc2:1.1.1.1 ISC:1.1.1; locks; strict; comment @# @; 1.2 date 2009.04.18.13.07.22; author christos; state dead; branches; next 1.1; 1.1 date 2007.01.27.21.06.18; author christos; state Exp; branches 1.1.1.1; next ; 1.1.1.1 date 2007.01.27.21.06.18; author christos; state Exp; branches 1.1.1.1.2.1 1.1.1.1.4.1 1.1.1.1.18.1 1.1.1.1.26.1; next ; 1.1.1.1.2.1 date 2007.01.27.21.06.18; author jdc; state dead; branches; next 1.1.1.1.2.2; 1.1.1.1.2.2 date 2007.05.17.00.37.21; author jdc; state Exp; branches; next ; 1.1.1.1.4.1 date 2007.01.27.21.06.18; author wrstuden; state dead; branches; next 1.1.1.1.4.2; 1.1.1.1.4.2 date 2007.06.03.17.21.50; author wrstuden; state Exp; branches; next ; 1.1.1.1.18.1 date 2007.01.27.21.06.18; author ghen; state dead; branches; next 1.1.1.1.18.2; 1.1.1.1.18.2 date 2008.07.24.22.20.18; author ghen; state Exp; branches; next ; 1.1.1.1.26.1 date 2009.05.13.19.16.39; author jym; state dead; branches; next ; desc @@ 1.2 log @delete old bind @ text @--- bind-9.3.3rc2/lib/dns/forward.c.dbus 2005-03-17 04:58:30.000000000 +0100 +++ bind-9.3.3rc2/lib/dns/forward.c 2006-09-18 10:08:37.000000000 +0200 @@@@ -200,3 +200,89 @@@@ } isc_mem_put(fwdtable->mctx, forwarders, sizeof(dns_forwarders_t)); } + +/*** + *** new D-BUS Dynamic Forwarding Zones functions: + ***/ +isc_result_t +dns_fwdtable_delete(dns_fwdtable_t *fwdtable, dns_name_t *name ) +{ + isc_result_t result; + + REQUIRE(VALID_FWDTABLE(fwdtable)); + + RWLOCK(&fwdtable->rwlock, isc_rwlocktype_write); + + result = dns_rbt_deletename(fwdtable->table, name, ISC_FALSE); + + RWUNLOCK(&fwdtable->rwlock, isc_rwlocktype_write); + + return (result); +} + +isc_result_t +dns_fwdtable_find_closest(dns_fwdtable_t *fwdtable, + dns_name_t *name, + dns_name_t *foundname, + dns_forwarders_t **forwardersp) +{ + isc_result_t result; + + REQUIRE(VALID_FWDTABLE(fwdtable)); + + RWLOCK(&fwdtable->rwlock, isc_rwlocktype_read); + + result = dns_rbt_findname(fwdtable->table, name, 0, foundname, + (void **)forwardersp); + + if(result == DNS_R_PARTIALMATCH) + result = ISC_R_SUCCESS; + + RWUNLOCK(&fwdtable->rwlock, isc_rwlocktype_read); + + return (result); +} + +isc_result_t +dns_fwdtable_find_exact(dns_fwdtable_t *fwdtable, dns_name_t *name, + dns_forwarders_t **forwardersp) +{ + isc_result_t result; + + REQUIRE(VALID_FWDTABLE(fwdtable)); + + REQUIRE(forwardersp != 0L); + + RWLOCK(&fwdtable->rwlock, isc_rwlocktype_read); + + result = dns_rbt_findname(fwdtable->table, name, 0, NULL, + (void **)forwardersp); + + if( result != ISC_R_SUCCESS ) + *forwardersp = 0L; + + RWUNLOCK(&fwdtable->rwlock, isc_rwlocktype_read); + + return (result); +} + +static +void dns_fwdtable_traverse +( + dns_name_t *name, + void *node_data, + void *cbp, + void *cb_arg +) +{ + dns_fwdtable_callback_t cb = (dns_fwdtable_callback_t) cbp; + + (*cb)( name, node_data, cb_arg); +} + +void dns_fwdtable_foreach(dns_fwdtable_t *fwdtable, dns_fwdtable_callback_t cb, void *cb_arg ) +{ + REQUIRE(VALID_FWDTABLE(fwdtable)); + + dns_rbt_traverse( fwdtable->table, dns_fwdtable_traverse, cb, cb_arg ); +} --- bind-9.3.3rc2/lib/dns/include/dns/forward.h.dbus 2005-03-17 04:58:31.000000000 +0100 +++ bind-9.3.3rc2/lib/dns/include/dns/forward.h 2006-09-18 10:08:37.000000000 +0200 @@@@ -98,6 +98,37 @@@@ * all memory associated with the forwarding table is freed. */ + +/* These are ONLY used by dbus_mgr : + */ + +isc_result_t +dns_fwdtable_delete( dns_fwdtable_t *fwdtable, dns_name_t *name ); +/* + * Removes an entry from the forwarding table. + */ + +isc_result_t +dns_fwdtable_find_exact(dns_fwdtable_t *fwdtable, dns_name_t *name, + dns_forwarders_t **forwardersp); +/* + * Finds an exact match for "name" in the forwarding table. + */ + +isc_result_t +dns_fwdtable_find_closest(dns_fwdtable_t *fwdtable, dns_name_t *name, dns_name_t *foundname, + dns_forwarders_t **forwardersp); +/* + * Finds the closest match for "*name" in the forwarding table, returning + * the actual name matching in *name if different to *name passed in. + */ + +typedef void (*dns_fwdtable_callback_t)( dns_name_t *, dns_forwarders_t *, void *); +void dns_fwdtable_foreach(dns_fwdtable_t *fwdtable, dns_fwdtable_callback_t cb, void * ); +/* Invoke cb for each member of fwdtable + */ + + ISC_LANG_ENDDECLS #endif /* DNS_FORWARD_H */ --- bind-9.3.3rc2/lib/dns/include/dns/rbt.h.dbus 2004-10-11 07:55:51.000000000 +0200 +++ bind-9.3.3rc2/lib/dns/include/dns/rbt.h 2006-09-18 10:08:37.000000000 +0200 @@@@ -833,6 +833,17 @@@@ * Any error result from dns_name_concatenate. */ + +typedef void (*dns_rbt_traverse_callback_t)( dns_name_t *name, + void *node_data, + void *cb_arg1, + void *cb_arg2); + +void dns_rbt_traverse( dns_rbt_t *rbt, dns_rbt_traverse_callback_t cb, void *cb_arg1, void *cb_arg2 ); +/* tree traversal function (only used by D-BUS dynamic forwarding dbus_mgr at + * the moment) + */ + ISC_LANG_ENDDECLS #endif /* DNS_RBT_H */ --- bind-9.3.3rc2/lib/dns/rbt.c.dbus 2005-06-18 03:03:24.000000000 +0200 +++ bind-9.3.3rc2/lib/dns/rbt.c 2006-09-18 10:08:37.000000000 +0200 @@@@ -2172,6 +2172,47 @@@@ dns_rbt_printtree(rbt->root, NULL, 0); } +static void +dns_rbt_traverse_tree(dns_rbtnode_t *root, dns_rbt_traverse_callback_t cb, void *cb_arg1, void *cb_arg2 ) { +/* + * This is used ONLY to traverse the forward table by dbus_mgr at the moment. + * Since the forward table is not likely to be large, this can be recursive. + */ + dns_name_t name; + dns_offsets_t offsets; + char buf[DNS_NAME_MAXWIRE]; + isc_buffer_t buffer; + + if (root != NULL) { + + if (DOWN(root)) + dns_rbt_traverse_tree(DOWN(root), cb, cb_arg1, cb_arg2); + + if( LEFT(root) != NULL ) + dns_rbt_traverse_tree(LEFT(root), cb, cb_arg1, cb_arg2); + + if( RIGHT(root) != NULL ) + dns_rbt_traverse_tree(RIGHT(root), cb, cb_arg1, cb_arg2); + + if( DATA(root) == 0L ) + return; + + dns_name_init(&name, offsets); + isc_buffer_init(&buffer, buf, DNS_NAME_MAXWIRE); + dns_name_setbuffer( &name, &buffer); + dns_rbt_fullnamefromnode(root, &name); + + (*cb)(&name, DATA(root), cb_arg1, cb_arg2); + } +} + +void dns_rbt_traverse( dns_rbt_t *rbt, dns_rbt_traverse_callback_t cb, void *cb_arg1, void *cb_arg2 ) +{ + REQUIRE(VALID_RBT(rbt)); + + dns_rbt_traverse_tree( rbt->root, cb, cb_arg1, cb_arg2 ); +} + /* * Chain Functions */ --- bind-9.3.3rc2/lib/isc/include/isc/socket.h.dbus 2004-03-08 10:04:53.000000000 +0100 +++ bind-9.3.3rc2/lib/isc/include/isc/socket.h 2006-09-18 10:08:37.000000000 +0200 @@@@ -136,6 +136,10 @@@@ #define ISC_SOCKEVENT_NEWCONN (ISC_EVENTCLASS_SOCKET + 3) #define ISC_SOCKEVENT_CONNECT (ISC_EVENTCLASS_SOCKET + 4) +#define ISC_SOCKEVENT_READ_READY (ISC_EVENTCLASS_SOCKET + 5) +#define ISC_SOCKEVENT_WRITE_READY (ISC_EVENTCLASS_SOCKET + 6) +#define ISC_SOCKEVENT_SELECTED (ISC_EVENTCLASS_SOCKET + 7) + /* * Internal events. */ @@@@ -144,7 +148,8 @@@@ typedef enum { isc_sockettype_udp = 1, - isc_sockettype_tcp = 2 + isc_sockettype_tcp = 2, + isc_sockettype_fd = 8 } isc_sockettype_t; /* @@@@ -699,6 +704,30 @@@@ * 'sock' is a valid socket. */ +isc_socketevent_t* +isc_socket_fd_handle_reads( isc_socket_t *sock, isc_socketevent_t *dev ); +/* register the "dev" event to be sent when the isc_sockettype_fd sock + * was select()-ed for read. If there is already an event registered, it + * is returned, otherwise 0 is returned. If dev is 0, removes any existing + * registered event. + */ + +isc_socketevent_t* +isc_socket_fd_handle_writes( isc_socket_t *sock, isc_socketevent_t *dev ); +/* register the "dev" event to be sent when the isc_sockettype_fd sock + * was select()-ed for write. If there is already an event registered, it + * is returned, otherwise 0 is returned. If dev is 0, removes any existing + * registered event. + */ + +isc_socketevent_t* +isc_socket_fd_handle_selected( isc_socket_t *sock, isc_socketevent_t *dev ); +/* register the "dev" event to be sent when ALL isc_sockettype_fd sockets + * have been select()-ed . If there is already an event registered, it + * is returned, otherwise 0 is returned. If dev is 0, removes any existing + * registered event. + */ + ISC_LANG_ENDDECLS #endif /* ISC_SOCKET_H */ --- bind-9.3.3rc2/lib/isc/unix/socket.c.dbus 2006-05-19 04:53:36.000000000 +0200 +++ bind-9.3.3rc2/lib/isc/unix/socket.c 2006-09-18 10:08:37.000000000 +0200 @@@@ -148,6 +148,11 @@@@ ISC_LIST(isc_socketevent_t) recv_list; ISC_LIST(isc_socket_newconnev_t) accept_list; isc_socket_connev_t *connect_ev; + + /* these are used only by isc_sockettype_fd sockets:*/ + isc_socketevent_t *read_ready_event; + isc_socketevent_t *write_ready_event; + isc_socketevent_t *selected_event; /* * Internal events. Posted when a descriptor is readable or @@@@ -304,7 +309,7 @@@@ static void wakeup_socket(isc_socketmgr_t *manager, int fd, int msg) { - isc_socket_t *sock; + isc_socket_t *sock=0L; /* * This is a wakeup on a socket. If the socket is not in the @@@@ -1289,6 +1294,9 @@@@ sock->connected = 0; sock->connecting = 0; sock->bound = 0; + sock->read_ready_event = 0L; + sock->write_ready_event = 0L; + sock->selected_event = 0L; /* * initialize the lock @@@@ -1401,13 +1409,16 @@@@ case isc_sockettype_tcp: sock->fd = socket(pf, SOCK_STREAM, IPPROTO_TCP); break; + + case isc_sockettype_fd: + sock->fd = pf; } #ifdef F_DUPFD /* * Leave a space for stdio to work in. */ - if (sock->fd >= 0 && sock->fd < 20) { + if ( (type != isc_sockettype_fd) && (sock->fd >= 0) && (sock->fd < 20) ) { int new, tmp; new = fcntl(sock->fd, F_DUPFD, 20); tmp = errno; @@@@ -1461,7 +1472,7 @@@@ } } - if (make_nonblock(sock->fd) != ISC_R_SUCCESS) { + if ((type != isc_sockettype_fd) && (make_nonblock(sock->fd) != ISC_R_SUCCESS)) { (void)close(sock->fd); free_socket(&sock); return (ISC_R_UNEXPECTED); @@@@ -1729,6 +1740,38 @@@@ isc_task_send(ev->ev_sender, (isc_event_t **)&iev); } +static +isc_event_t *dispatch_read_ready(isc_socketmgr_t *manager, isc_socket_t *sock) +{ + isc_event_t *dev = (isc_event_t*)sock->read_ready_event, *ev; + + ev = isc_mem_get(manager->mctx, dev->ev_size); + memcpy(ev,dev,dev->ev_size); + ISC_LINK_INIT(ev,ev_link); + isc_task_send(dev->ev_sender, &ev ); + return (isc_event_t *)sock->selected_event; +} + +static +isc_event_t *dispatch_write_ready(isc_socketmgr_t *manager,isc_socket_t *sock) +{ + isc_event_t *dev = (isc_event_t*)sock->write_ready_event, *ev; + ev = isc_mem_get(manager->mctx, dev->ev_size); + memcpy(ev,dev,dev->ev_size); + ISC_LINK_INIT(ev,ev_link); + isc_task_send(dev->ev_sender, &ev ); + return (isc_event_t *)sock->selected_event; +} + +static +void dispatch_selected(isc_socketmgr_t *manager, isc_event_t *dev) +{ isc_event_t *ev; + ev = isc_mem_get(manager->mctx, dev->ev_size); + memcpy(ev,dev,dev->ev_size); + ISC_LINK_INIT(ev,ev_link); + isc_task_send(dev->ev_sender, &ev ); +} + /* * Dequeue an item off the given socket's read queue, set the result code * in the done event to the one provided, and send it to the task it was @@@@ -2136,6 +2179,7 @@@@ int i; isc_socket_t *sock; isc_boolean_t unlock_sock; + isc_event_t *sock_selected = 0L; REQUIRE(maxfd <= (int)FD_SETSIZE); @@@@ -2169,11 +2213,15 @@@@ unlock_sock = ISC_TRUE; LOCK(&sock->lock); if (!SOCK_DEAD(sock)) { + if( sock->type != isc_sockettype_fd ) + { if (sock->listener) dispatch_accept(sock); else dispatch_recv(sock); - } + }else + sock_selected = dispatch_read_ready(manager,sock); + } FD_CLR(i, &manager->read_fds); } check_write: @@@@ -2187,16 +2235,24 @@@@ LOCK(&sock->lock); } if (!SOCK_DEAD(sock)) { + if( sock->type != isc_sockettype_fd ) + { if (sock->connecting) dispatch_connect(sock); else dispatch_send(sock); + }else + sock_selected = dispatch_write_ready(manager,sock); } FD_CLR(i, &manager->write_fds); } if (unlock_sock) UNLOCK(&sock->lock); } + if( sock_selected != 0L ) + { + dispatch_selected(manager, sock_selected); + } } #ifdef ISC_PLATFORM_USETHREADS @@@@ -2215,7 +2271,7 @@@@ int cc; fd_set readfds; fd_set writefds; - int msg, fd; + int msg, fd = -1; int maxfd; char strbuf[ISC_STRERRORSIZE]; @@@@ -3546,3 +3602,55 @@@@ return (ISC_R_SUCCESS); } #endif /* ISC_PLATFORM_USETHREADS */ + +isc_socketevent_t* +isc_socket_fd_handle_reads( isc_socket_t *sock, isc_socketevent_t *dev ) +{ + REQUIRE(VALID_SOCKET(sock)); + if(dev != 0L) + { + sock->references=1; + sock->read_ready_event = dev; + select_poke(sock->manager, sock->fd, SELECT_POKE_READ); + }else + { + dev = sock->read_ready_event ; + sock->read_ready_event = 0L ; + } + return dev; +} + +isc_socketevent_t* +isc_socket_fd_handle_writes( isc_socket_t *sock, isc_socketevent_t *dev ) +{ + REQUIRE(VALID_SOCKET(sock)); + if(dev != 0L) + { + sock->references=1; + sock->write_ready_event = dev; + select_poke(sock->manager, sock->fd, SELECT_POKE_WRITE); + }else + { + dev = sock->write_ready_event; + sock->write_ready_event = 0L; + } + return dev; +} + +isc_socketevent_t* +isc_socket_fd_handle_selected( isc_socket_t *sock, isc_socketevent_t *dev ) +{ + REQUIRE(VALID_SOCKET(sock)); + if(dev != 0L) + { + sock->references=1; + sock->selected_event = dev; + }else + { + dev = sock->selected_event; + sock->selected_event = 0L; + sock->references=0; + destroy(&sock); + } + return dev; +} --- bind-9.3.3rc2/bin/named/named.8.dbus 2006-06-29 15:02:30.000000000 +0200 +++ bind-9.3.3rc2/bin/named/named.8 2006-09-18 10:08:37.000000000 +0200 @@@@ -33,7 +33,7 @@@@ named \- Internet domain name server .SH "SYNOPSIS" .HP 6 -\fBnamed\fR [\fB\-4\fR] [\fB\-6\fR] [\fB\-c\ \fR\fB\fIconfig\-file\fR\fR] [\fB\-d\ \fR\fB\fIdebug\-level\fR\fR] [\fB\-f\fR] [\fB\-g\fR] [\fB\-n\ \fR\fB\fI#cpus\fR\fR] [\fB\-p\ \fR\fB\fIport\fR\fR] [\fB\-s\fR] [\fB\-t\ \fR\fB\fIdirectory\fR\fR] [\fB\-u\ \fR\fB\fIuser\fR\fR] [\fB\-v\fR] [\fB\-x\ \fR\fB\fIcache\-file\fR\fR] +\fBnamed\fR [\fB\-4\fR] [\fB\-6\fR] [\fB\-c\ \fR\fB\fIconfig\-file\fR\fR] [\fB\-d\ \fR\fB\fIdebug\-level\fR\fR] [\fB\-f\fR] [\fB\-g\fR] [\fB\-n\ \fR\fB\fI#cpus\fR\fR] [\fB\-p\ \fR\fB\fIport\fR\fR] [\fB\-s\fR] [\fB\-t\ \fR\fB\fIdirectory\fR\fR] [\fB\-u\ \fR\fB\fIuser\fR\fR] [\fB\-v\fR] [\fB\-x\ \fR\fB\fIcache\-file\fR\fR] [\fB\-D\fR] .SH "DESCRIPTION" .PP \fBnamed\fR @@@@ -146,6 +146,13 @@@@ .B "Warning:" This option must not be used. It is only of interest to BIND 9 developers and may be removed or changed in a future release. .RE +.sp +.TP +\fB\-D\fR +Enable dynamic management of the forwarding table with D-BUS +messages. This option is required for Red Hat NetworkManager +support. See doc/README.DBUS . +.sp .SH "SIGNALS" .PP In routine operation, signals should not be used to control the nameserver; @@@@ -165,6 +172,73 @@@@ \fBnamed\fR configuration file is too complex to describe in detail here. A complete description is provided in the BIND 9 Administrator Reference Manual. +.PP +.SH "NOTES" +.PP +.TP +\fBRed Hat SELinux BIND Security Profile:\fR +.PP +By default, Red Hat ships BIND with the most secure SELinux policy +that will not prevent normal BIND operation and will prevent exploitation +of all known BIND security vulnerabilities . See the selinux(8) man page +for information about SElinux. +.PP +It is not necessary to run named in a chroot environment if the Red Hat +SELinux policy for named is enabled. When enabled, this policy is far +more secure than a chroot environment. +.PP +With this extra security comes some restrictions: +.br +By default, the SELinux policy does not allow named to write any master +zone database files. Only the root user may create files in the $ROOTDIR/var/named +zone database file directory (the options { "directory" } option), where +$ROOTDIR is set in /etc/sysconfig/named. +.br +The "named" group must be granted read privelege to +these files in order for named to be enabled to read them. +.br +Any file created in the zone database file directory is automatically assigned +the SELinux file context named_zone_t . +.br +By default, SELinux prevents any role from modifying named_zone_t files; this +means that files in the zone database directory cannot be modified by dynamic +DNS (DDNS) updates or zone transfers. +.br +The Red Hat BIND distribution and SELinux policy creates two directories where +named is allowed to create and modify files: $ROOTDIR/var/named/slaves and +$ROOTDIR/var/named/data. By placing files you want named to modify, such as +slave or DDNS updateable zone files and database / statistics dump files in +these directories, named will work normally and no further operator action is +required. Files in these directories are automatically assigned the 'named_cache_t' +file context, which SELinux allows named to write. +.br +You can enable the named_t domain to write and create named_zone_t files by use +of the SELinux tunable boolean variable "named_write_master_zones", using the +setsebool(8) command or the system-config-security GUI . If you do this, you +must also set the ENABLE_ZONE_WRITE variable in /etc/sysconfig/named to +1 / yes to set the ownership of files in the $ROOTDIR/var/named directory +to named:named in order for named to be allowed to write them. +.PP +\fBRed Hat BIND named_sdb SDB support:\fR +.PP +Red Hat ships the bind-sdb RPM that provides the /usr/sbin/named_sdb program, +which is named compiled with the Simplified Database Backend modules that ISC +provides in the "contrib/sdb" directory. +.br +The SDB modules for LDAP, PostGreSQL and DirDB are compiled into named_sdb. +.br +To run named_sdb, set the ENABLE_SDB variable in /etc/sysconfig/named to 1 or "yes", +and then the "service named start" named initscript will run named_sdb instead +of named . +.br +See the documentation for the various SDB modules in /usr/share/doc/bind-sdb-*/ . +.PP +\fBRed Hat system-config-bind:\fR +.PP +Red Hat provides the system-config-bind GUI to configure named.conf and zone +database files. Run the "system-config-bind" command and access the manual +by selecting the Help menu. +.PP .SH "FILES" .TP 3n \fI/etc/named.conf\fR --- bind-9.3.3rc2/bin/named/include/named/globals.h.dbus 2006-03-02 01:37:20.000000000 +0100 +++ bind-9.3.3rc2/bin/named/include/named/globals.h 2006-09-18 10:08:37.000000000 +0200 @@@@ -112,6 +112,8 @@@@ EXTERN int ns_g_listen INIT(3); +EXTERN int ns_g_dbus INIT(0); + #undef EXTERN #undef INIT --- bind-9.3.3rc2/bin/named/include/named/log.h.dbus 2004-03-08 05:04:21.000000000 +0100 +++ bind-9.3.3rc2/bin/named/include/named/log.h 2006-09-18 10:08:37.000000000 +0200 @@@@ -34,6 +34,7 @@@@ #define NS_LOGCATEGORY_QUERIES (&ns_g_categories[4]) #define NS_LOGCATEGORY_UNMATCHED (&ns_g_categories[5]) #define NS_LOGCATEGORY_UPDATE_SECURITY (&ns_g_categories[6]) +#define NS_LOGCATEGORY_DBUS (&ns_g_categories[7]) /* * Backwards compatibility. @@@@ -51,6 +52,7 @@@@ #define NS_LOGMODULE_NOTIFY (&ns_g_modules[8]) #define NS_LOGMODULE_CONTROL (&ns_g_modules[9]) #define NS_LOGMODULE_LWRESD (&ns_g_modules[10]) +#define NS_LOGMODULE_DBUS (&ns_g_modules[11]) isc_result_t ns_log_init(isc_boolean_t safe); --- bind-9.3.3rc2/bin/named/include/named/server.h.dbus 2006-03-02 01:37:20.000000000 +0100 +++ bind-9.3.3rc2/bin/named/include/named/server.h 2006-09-18 10:08:37.000000000 +0200 @@@@ -91,7 +91,8 @@@@ ns_controls_t * controls; /* Control channels */ unsigned int dispatchgen; ns_dispatchlist_t dispatches; - + + ns_dbus_mgr_t * dbus_mgr; }; #define NS_SERVER_MAGIC ISC_MAGIC('S','V','E','R') --- bind-9.3.3rc2/bin/named/include/named/types.h.dbus 2004-03-06 11:21:26.000000000 +0100 +++ bind-9.3.3rc2/bin/named/include/named/types.h 2006-09-18 10:08:37.000000000 +0200 @@@@ -38,4 +38,6 @@@@ typedef struct ns_dispatch ns_dispatch_t; typedef ISC_LIST(ns_dispatch_t) ns_dispatchlist_t; +typedef struct ns_dbus_mgr ns_dbus_mgr_t ; + #endif /* NAMED_TYPES_H */ --- bind-9.3.3rc2/bin/named/log.c.dbus 2005-05-25 01:58:17.000000000 +0200 +++ bind-9.3.3rc2/bin/named/log.c 2006-09-18 10:08:37.000000000 +0200 @@@@ -41,6 +41,7 @@@@ { "queries", 0 }, { "unmatched", 0 }, { "update-security", 0 }, + { "dbus", 0 }, { NULL, 0 } }; @@@@ -60,6 +61,7 @@@@ { "notify", 0 }, { "control", 0 }, { "lwresd", 0 }, + { "dbus", 0 }, { NULL, 0 } }; --- bind-9.3.3rc2/bin/named/main.c.dbus 2006-01-06 01:01:42.000000000 +0100 +++ bind-9.3.3rc2/bin/named/main.c 2006-09-18 10:08:37.000000000 +0200 @@@@ -239,7 +239,8 @@@@ "usage: named [-4|-6] [-c conffile] [-d debuglevel] " "[-f|-g] [-n number_of_cpus]\n" " [-p port] [-s] [-t chrootdir] [-u username]\n" - " [-m {usage|trace|record}]\n"); + " [-m {usage|trace|record}]\n" + " [-D ]\n"); } static void @@@@ -345,7 +346,7 @@@@ isc_commandline_errprint = ISC_FALSE; while ((ch = isc_commandline_parse(argc, argv, - "46c:C:d:fgi:lm:n:N:p:P:st:u:vx:")) != -1) { + "46c:C:d:fgi:lm:n:N:p:P:st:u:vx:D")) != -1) { switch (ch) { case '4': if (disable4) @@@@ -434,6 +435,9 @@@@ case 'v': printf("BIND %s\n", ns_g_version); exit(0); + case 'D': + ns_g_dbus = 1; + break; case '?': usage(); ns_main_earlyfatal("unknown option '-%c'", --- bind-9.3.3rc2/bin/named/server.c.dbus 2006-05-24 06:30:24.000000000 +0200 +++ bind-9.3.3rc2/bin/named/server.c 2006-09-18 10:08:37.000000000 +0200 @@@@ -86,6 +86,8 @@@@ #include #endif +#include + /* * Check an operation for failure. Assumes that the function * using it has a 'result' variable and a 'cleanup' label. @@@@ -1495,12 +1497,12 @@@@ if (result != ISC_R_SUCCESS) { char namebuf[DNS_NAME_FORMATSIZE]; dns_name_format(origin, namebuf, sizeof(namebuf)); - cfg_obj_log(forwarders, ns_g_lctx, ISC_LOG_WARNING, - "could not set up forwarding for domain '%s': %s", + cfg_obj_log(forwarders, ns_g_lctx, ISC_LOG_NOTICE, + "setting up forwarding failed for domain '%s': %s", namebuf, isc_result_totext(result)); goto cleanup; } - + result = ISC_R_SUCCESS; cleanup: @@@@ -2875,6 +2877,20 @@@@ CHECKFATAL(load_zones(server, ISC_FALSE), "loading zones"); + server->dbus_mgr = 0L; + if( ns_g_dbus ) + if( dbus_mgr_create + ( ns_g_mctx, ns_g_taskmgr, ns_g_socketmgr, ns_g_timermgr, + &server->dbus_mgr + ) != ISC_R_SUCCESS + ) + { + isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, + NS_LOGMODULE_SERVER, ISC_LOG_WARNING, + "dbus_mgr initialization failed. D-BUS service is disabled." + ); + } + ns_os_started(); isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_NOTICE, "running"); @@@@ -2937,6 +2953,9 @@@@ dns_db_detach(&server->in_roothints); + if( server->dbus_mgr != 0L ) + dbus_mgr_shutdown(server->dbus_mgr); + isc_task_endexclusive(server->task); isc_task_detach(&server->task); --- bind-9.3.3rc2/bin/named/Makefile.in.dbus 2004-09-06 23:47:25.000000000 +0200 +++ bind-9.3.3rc2/bin/named/Makefile.in 2006-09-18 10:10:58.000000000 +0200 @@@@ -35,7 +35,8 @@@@ ${LWRES_INCLUDES} ${DNS_INCLUDES} ${BIND9_INCLUDES} \ ${ISCCFG_INCLUDES} ${ISCCC_INCLUDES} ${ISC_INCLUDES} \ ${DBDRIVER_INCLUDES} - +DBUS_INCLUDES = \ + -I/usr/lib/dbus-1.0/include -I/usr/include/dbus-1.0 CDEFINES = CWARNINGS = @@@@ -52,6 +53,7 @@@@ ISCDEPLIBS = ../../lib/isc/libisc.@@A@@ LWRESDEPLIBS = ../../lib/lwres/liblwres.@@A@@ BIND9DEPLIBS = ../../lib/bind9/libbind9.@@A@@ +DBUSLIBS= -ldbus-1 DEPLIBS = ${LWRESDEPLIBS} ${DNSDEPLIBS} ${BIND9DEPLIBS} \ ${ISCCFGDEPLIBS} ${ISCCCDEPLIBS} ${ISCDEPLIBS} @@@@ -71,6 +73,7 @@@@ zoneconf.@@O@@ \ lwaddr.@@O@@ lwresd.@@O@@ lwdclient.@@O@@ lwderror.@@O@@ lwdgabn.@@O@@ \ lwdgnba.@@O@@ lwdgrbn.@@O@@ lwdnoop.@@O@@ lwsearch.@@O@@ \ + dbus_service.@@O@@ dbus_mgr.@@O@@ \ $(DBDRIVER_OBJS) UOBJS = unix/os.@@O@@ @@@@ -83,6 +86,7 @@@@ zoneconf.c \ lwaddr.c lwresd.c lwdclient.c lwderror.c lwdgabn.c \ lwdgnba.c lwdgrbn.c lwdnoop.c lwsearch.c \ + dbus_service.c dbus_mgr.c \ $(DBDRIVER_SRCS) MANPAGES = named.8 lwresd.8 named.conf.5 @@@@ -105,9 +109,14 @@@@ -DNS_LOCALSTATEDIR=\"${localstatedir}\" \ -c ${srcdir}/config.c +dbus_service.o: dbus_service.c + ${LIBTOOL_MODE_COMPILE} ${CC} ${ALL_CFLAGS} \ + ${DBUS_INCLUDES} \ + -c ${srcdir}/dbus_service.c + named@@EXEEXT@@: ${OBJS} ${UOBJS} ${DEPLIBS} ${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} -o $@@ \ - ${OBJS} ${UOBJS} ${LIBS} + ${OBJS} ${UOBJS} ${LIBS} ${DBUSLIBS} lwresd@@EXEEXT@@: named@@EXEEXT@@ rm -f lwresd@@EXEEXT@@ @ 1.1 log @Initial revision @ text @@ 1.1.1.1 log @Import bind-9.4.0-rc2 from ftp.isc.org @ text @@ 1.1.1.1.26.1 log @Sync with HEAD. Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html @ text @@ 1.1.1.1.18.1 log @file bind-9.3.3rc2-dbus.patch was added on branch netbsd-3-0 on 2008-07-24 22:20:18 +0000 @ text @d1 778 @ 1.1.1.1.18.2 log @Pull up patch (requested by adrianp in ticket #1948): Update BIND to 9.3.5-P1 to fix CVE-2008-1447 and turn off pthreads. @ text @a0 778 --- bind-9.3.3rc2/lib/dns/forward.c.dbus 2005-03-17 04:58:30.000000000 +0100 +++ bind-9.3.3rc2/lib/dns/forward.c 2006-09-18 10:08:37.000000000 +0200 @@@@ -200,3 +200,89 @@@@ } isc_mem_put(fwdtable->mctx, forwarders, sizeof(dns_forwarders_t)); } + +/*** + *** new D-BUS Dynamic Forwarding Zones functions: + ***/ +isc_result_t +dns_fwdtable_delete(dns_fwdtable_t *fwdtable, dns_name_t *name ) +{ + isc_result_t result; + + REQUIRE(VALID_FWDTABLE(fwdtable)); + + RWLOCK(&fwdtable->rwlock, isc_rwlocktype_write); + + result = dns_rbt_deletename(fwdtable->table, name, ISC_FALSE); + + RWUNLOCK(&fwdtable->rwlock, isc_rwlocktype_write); + + return (result); +} + +isc_result_t +dns_fwdtable_find_closest(dns_fwdtable_t *fwdtable, + dns_name_t *name, + dns_name_t *foundname, + dns_forwarders_t **forwardersp) +{ + isc_result_t result; + + REQUIRE(VALID_FWDTABLE(fwdtable)); + + RWLOCK(&fwdtable->rwlock, isc_rwlocktype_read); + + result = dns_rbt_findname(fwdtable->table, name, 0, foundname, + (void **)forwardersp); + + if(result == DNS_R_PARTIALMATCH) + result = ISC_R_SUCCESS; + + RWUNLOCK(&fwdtable->rwlock, isc_rwlocktype_read); + + return (result); +} + +isc_result_t +dns_fwdtable_find_exact(dns_fwdtable_t *fwdtable, dns_name_t *name, + dns_forwarders_t **forwardersp) +{ + isc_result_t result; + + REQUIRE(VALID_FWDTABLE(fwdtable)); + + REQUIRE(forwardersp != 0L); + + RWLOCK(&fwdtable->rwlock, isc_rwlocktype_read); + + result = dns_rbt_findname(fwdtable->table, name, 0, NULL, + (void **)forwardersp); + + if( result != ISC_R_SUCCESS ) + *forwardersp = 0L; + + RWUNLOCK(&fwdtable->rwlock, isc_rwlocktype_read); + + return (result); +} + +static +void dns_fwdtable_traverse +( + dns_name_t *name, + void *node_data, + void *cbp, + void *cb_arg +) +{ + dns_fwdtable_callback_t cb = (dns_fwdtable_callback_t) cbp; + + (*cb)( name, node_data, cb_arg); +} + +void dns_fwdtable_foreach(dns_fwdtable_t *fwdtable, dns_fwdtable_callback_t cb, void *cb_arg ) +{ + REQUIRE(VALID_FWDTABLE(fwdtable)); + + dns_rbt_traverse( fwdtable->table, dns_fwdtable_traverse, cb, cb_arg ); +} --- bind-9.3.3rc2/lib/dns/include/dns/forward.h.dbus 2005-03-17 04:58:31.000000000 +0100 +++ bind-9.3.3rc2/lib/dns/include/dns/forward.h 2006-09-18 10:08:37.000000000 +0200 @@@@ -98,6 +98,37 @@@@ * all memory associated with the forwarding table is freed. */ + +/* These are ONLY used by dbus_mgr : + */ + +isc_result_t +dns_fwdtable_delete( dns_fwdtable_t *fwdtable, dns_name_t *name ); +/* + * Removes an entry from the forwarding table. + */ + +isc_result_t +dns_fwdtable_find_exact(dns_fwdtable_t *fwdtable, dns_name_t *name, + dns_forwarders_t **forwardersp); +/* + * Finds an exact match for "name" in the forwarding table. + */ + +isc_result_t +dns_fwdtable_find_closest(dns_fwdtable_t *fwdtable, dns_name_t *name, dns_name_t *foundname, + dns_forwarders_t **forwardersp); +/* + * Finds the closest match for "*name" in the forwarding table, returning + * the actual name matching in *name if different to *name passed in. + */ + +typedef void (*dns_fwdtable_callback_t)( dns_name_t *, dns_forwarders_t *, void *); +void dns_fwdtable_foreach(dns_fwdtable_t *fwdtable, dns_fwdtable_callback_t cb, void * ); +/* Invoke cb for each member of fwdtable + */ + + ISC_LANG_ENDDECLS #endif /* DNS_FORWARD_H */ --- bind-9.3.3rc2/lib/dns/include/dns/rbt.h.dbus 2004-10-11 07:55:51.000000000 +0200 +++ bind-9.3.3rc2/lib/dns/include/dns/rbt.h 2006-09-18 10:08:37.000000000 +0200 @@@@ -833,6 +833,17 @@@@ * Any error result from dns_name_concatenate. */ + +typedef void (*dns_rbt_traverse_callback_t)( dns_name_t *name, + void *node_data, + void *cb_arg1, + void *cb_arg2); + +void dns_rbt_traverse( dns_rbt_t *rbt, dns_rbt_traverse_callback_t cb, void *cb_arg1, void *cb_arg2 ); +/* tree traversal function (only used by D-BUS dynamic forwarding dbus_mgr at + * the moment) + */ + ISC_LANG_ENDDECLS #endif /* DNS_RBT_H */ --- bind-9.3.3rc2/lib/dns/rbt.c.dbus 2005-06-18 03:03:24.000000000 +0200 +++ bind-9.3.3rc2/lib/dns/rbt.c 2006-09-18 10:08:37.000000000 +0200 @@@@ -2172,6 +2172,47 @@@@ dns_rbt_printtree(rbt->root, NULL, 0); } +static void +dns_rbt_traverse_tree(dns_rbtnode_t *root, dns_rbt_traverse_callback_t cb, void *cb_arg1, void *cb_arg2 ) { +/* + * This is used ONLY to traverse the forward table by dbus_mgr at the moment. + * Since the forward table is not likely to be large, this can be recursive. + */ + dns_name_t name; + dns_offsets_t offsets; + char buf[DNS_NAME_MAXWIRE]; + isc_buffer_t buffer; + + if (root != NULL) { + + if (DOWN(root)) + dns_rbt_traverse_tree(DOWN(root), cb, cb_arg1, cb_arg2); + + if( LEFT(root) != NULL ) + dns_rbt_traverse_tree(LEFT(root), cb, cb_arg1, cb_arg2); + + if( RIGHT(root) != NULL ) + dns_rbt_traverse_tree(RIGHT(root), cb, cb_arg1, cb_arg2); + + if( DATA(root) == 0L ) + return; + + dns_name_init(&name, offsets); + isc_buffer_init(&buffer, buf, DNS_NAME_MAXWIRE); + dns_name_setbuffer( &name, &buffer); + dns_rbt_fullnamefromnode(root, &name); + + (*cb)(&name, DATA(root), cb_arg1, cb_arg2); + } +} + +void dns_rbt_traverse( dns_rbt_t *rbt, dns_rbt_traverse_callback_t cb, void *cb_arg1, void *cb_arg2 ) +{ + REQUIRE(VALID_RBT(rbt)); + + dns_rbt_traverse_tree( rbt->root, cb, cb_arg1, cb_arg2 ); +} + /* * Chain Functions */ --- bind-9.3.3rc2/lib/isc/include/isc/socket.h.dbus 2004-03-08 10:04:53.000000000 +0100 +++ bind-9.3.3rc2/lib/isc/include/isc/socket.h 2006-09-18 10:08:37.000000000 +0200 @@@@ -136,6 +136,10 @@@@ #define ISC_SOCKEVENT_NEWCONN (ISC_EVENTCLASS_SOCKET + 3) #define ISC_SOCKEVENT_CONNECT (ISC_EVENTCLASS_SOCKET + 4) +#define ISC_SOCKEVENT_READ_READY (ISC_EVENTCLASS_SOCKET + 5) +#define ISC_SOCKEVENT_WRITE_READY (ISC_EVENTCLASS_SOCKET + 6) +#define ISC_SOCKEVENT_SELECTED (ISC_EVENTCLASS_SOCKET + 7) + /* * Internal events. */ @@@@ -144,7 +148,8 @@@@ typedef enum { isc_sockettype_udp = 1, - isc_sockettype_tcp = 2 + isc_sockettype_tcp = 2, + isc_sockettype_fd = 8 } isc_sockettype_t; /* @@@@ -699,6 +704,30 @@@@ * 'sock' is a valid socket. */ +isc_socketevent_t* +isc_socket_fd_handle_reads( isc_socket_t *sock, isc_socketevent_t *dev ); +/* register the "dev" event to be sent when the isc_sockettype_fd sock + * was select()-ed for read. If there is already an event registered, it + * is returned, otherwise 0 is returned. If dev is 0, removes any existing + * registered event. + */ + +isc_socketevent_t* +isc_socket_fd_handle_writes( isc_socket_t *sock, isc_socketevent_t *dev ); +/* register the "dev" event to be sent when the isc_sockettype_fd sock + * was select()-ed for write. If there is already an event registered, it + * is returned, otherwise 0 is returned. If dev is 0, removes any existing + * registered event. + */ + +isc_socketevent_t* +isc_socket_fd_handle_selected( isc_socket_t *sock, isc_socketevent_t *dev ); +/* register the "dev" event to be sent when ALL isc_sockettype_fd sockets + * have been select()-ed . If there is already an event registered, it + * is returned, otherwise 0 is returned. If dev is 0, removes any existing + * registered event. + */ + ISC_LANG_ENDDECLS #endif /* ISC_SOCKET_H */ --- bind-9.3.3rc2/lib/isc/unix/socket.c.dbus 2006-05-19 04:53:36.000000000 +0200 +++ bind-9.3.3rc2/lib/isc/unix/socket.c 2006-09-18 10:08:37.000000000 +0200 @@@@ -148,6 +148,11 @@@@ ISC_LIST(isc_socketevent_t) recv_list; ISC_LIST(isc_socket_newconnev_t) accept_list; isc_socket_connev_t *connect_ev; + + /* these are used only by isc_sockettype_fd sockets:*/ + isc_socketevent_t *read_ready_event; + isc_socketevent_t *write_ready_event; + isc_socketevent_t *selected_event; /* * Internal events. Posted when a descriptor is readable or @@@@ -304,7 +309,7 @@@@ static void wakeup_socket(isc_socketmgr_t *manager, int fd, int msg) { - isc_socket_t *sock; + isc_socket_t *sock=0L; /* * This is a wakeup on a socket. If the socket is not in the @@@@ -1289,6 +1294,9 @@@@ sock->connected = 0; sock->connecting = 0; sock->bound = 0; + sock->read_ready_event = 0L; + sock->write_ready_event = 0L; + sock->selected_event = 0L; /* * initialize the lock @@@@ -1401,13 +1409,16 @@@@ case isc_sockettype_tcp: sock->fd = socket(pf, SOCK_STREAM, IPPROTO_TCP); break; + + case isc_sockettype_fd: + sock->fd = pf; } #ifdef F_DUPFD /* * Leave a space for stdio to work in. */ - if (sock->fd >= 0 && sock->fd < 20) { + if ( (type != isc_sockettype_fd) && (sock->fd >= 0) && (sock->fd < 20) ) { int new, tmp; new = fcntl(sock->fd, F_DUPFD, 20); tmp = errno; @@@@ -1461,7 +1472,7 @@@@ } } - if (make_nonblock(sock->fd) != ISC_R_SUCCESS) { + if ((type != isc_sockettype_fd) && (make_nonblock(sock->fd) != ISC_R_SUCCESS)) { (void)close(sock->fd); free_socket(&sock); return (ISC_R_UNEXPECTED); @@@@ -1729,6 +1740,38 @@@@ isc_task_send(ev->ev_sender, (isc_event_t **)&iev); } +static +isc_event_t *dispatch_read_ready(isc_socketmgr_t *manager, isc_socket_t *sock) +{ + isc_event_t *dev = (isc_event_t*)sock->read_ready_event, *ev; + + ev = isc_mem_get(manager->mctx, dev->ev_size); + memcpy(ev,dev,dev->ev_size); + ISC_LINK_INIT(ev,ev_link); + isc_task_send(dev->ev_sender, &ev ); + return (isc_event_t *)sock->selected_event; +} + +static +isc_event_t *dispatch_write_ready(isc_socketmgr_t *manager,isc_socket_t *sock) +{ + isc_event_t *dev = (isc_event_t*)sock->write_ready_event, *ev; + ev = isc_mem_get(manager->mctx, dev->ev_size); + memcpy(ev,dev,dev->ev_size); + ISC_LINK_INIT(ev,ev_link); + isc_task_send(dev->ev_sender, &ev ); + return (isc_event_t *)sock->selected_event; +} + +static +void dispatch_selected(isc_socketmgr_t *manager, isc_event_t *dev) +{ isc_event_t *ev; + ev = isc_mem_get(manager->mctx, dev->ev_size); + memcpy(ev,dev,dev->ev_size); + ISC_LINK_INIT(ev,ev_link); + isc_task_send(dev->ev_sender, &ev ); +} + /* * Dequeue an item off the given socket's read queue, set the result code * in the done event to the one provided, and send it to the task it was @@@@ -2136,6 +2179,7 @@@@ int i; isc_socket_t *sock; isc_boolean_t unlock_sock; + isc_event_t *sock_selected = 0L; REQUIRE(maxfd <= (int)FD_SETSIZE); @@@@ -2169,11 +2213,15 @@@@ unlock_sock = ISC_TRUE; LOCK(&sock->lock); if (!SOCK_DEAD(sock)) { + if( sock->type != isc_sockettype_fd ) + { if (sock->listener) dispatch_accept(sock); else dispatch_recv(sock); - } + }else + sock_selected = dispatch_read_ready(manager,sock); + } FD_CLR(i, &manager->read_fds); } check_write: @@@@ -2187,16 +2235,24 @@@@ LOCK(&sock->lock); } if (!SOCK_DEAD(sock)) { + if( sock->type != isc_sockettype_fd ) + { if (sock->connecting) dispatch_connect(sock); else dispatch_send(sock); + }else + sock_selected = dispatch_write_ready(manager,sock); } FD_CLR(i, &manager->write_fds); } if (unlock_sock) UNLOCK(&sock->lock); } + if( sock_selected != 0L ) + { + dispatch_selected(manager, sock_selected); + } } #ifdef ISC_PLATFORM_USETHREADS @@@@ -2215,7 +2271,7 @@@@ int cc; fd_set readfds; fd_set writefds; - int msg, fd; + int msg, fd = -1; int maxfd; char strbuf[ISC_STRERRORSIZE]; @@@@ -3546,3 +3602,55 @@@@ return (ISC_R_SUCCESS); } #endif /* ISC_PLATFORM_USETHREADS */ + +isc_socketevent_t* +isc_socket_fd_handle_reads( isc_socket_t *sock, isc_socketevent_t *dev ) +{ + REQUIRE(VALID_SOCKET(sock)); + if(dev != 0L) + { + sock->references=1; + sock->read_ready_event = dev; + select_poke(sock->manager, sock->fd, SELECT_POKE_READ); + }else + { + dev = sock->read_ready_event ; + sock->read_ready_event = 0L ; + } + return dev; +} + +isc_socketevent_t* +isc_socket_fd_handle_writes( isc_socket_t *sock, isc_socketevent_t *dev ) +{ + REQUIRE(VALID_SOCKET(sock)); + if(dev != 0L) + { + sock->references=1; + sock->write_ready_event = dev; + select_poke(sock->manager, sock->fd, SELECT_POKE_WRITE); + }else + { + dev = sock->write_ready_event; + sock->write_ready_event = 0L; + } + return dev; +} + +isc_socketevent_t* +isc_socket_fd_handle_selected( isc_socket_t *sock, isc_socketevent_t *dev ) +{ + REQUIRE(VALID_SOCKET(sock)); + if(dev != 0L) + { + sock->references=1; + sock->selected_event = dev; + }else + { + dev = sock->selected_event; + sock->selected_event = 0L; + sock->references=0; + destroy(&sock); + } + return dev; +} --- bind-9.3.3rc2/bin/named/named.8.dbus 2006-06-29 15:02:30.000000000 +0200 +++ bind-9.3.3rc2/bin/named/named.8 2006-09-18 10:08:37.000000000 +0200 @@@@ -33,7 +33,7 @@@@ named \- Internet domain name server .SH "SYNOPSIS" .HP 6 -\fBnamed\fR [\fB\-4\fR] [\fB\-6\fR] [\fB\-c\ \fR\fB\fIconfig\-file\fR\fR] [\fB\-d\ \fR\fB\fIdebug\-level\fR\fR] [\fB\-f\fR] [\fB\-g\fR] [\fB\-n\ \fR\fB\fI#cpus\fR\fR] [\fB\-p\ \fR\fB\fIport\fR\fR] [\fB\-s\fR] [\fB\-t\ \fR\fB\fIdirectory\fR\fR] [\fB\-u\ \fR\fB\fIuser\fR\fR] [\fB\-v\fR] [\fB\-x\ \fR\fB\fIcache\-file\fR\fR] +\fBnamed\fR [\fB\-4\fR] [\fB\-6\fR] [\fB\-c\ \fR\fB\fIconfig\-file\fR\fR] [\fB\-d\ \fR\fB\fIdebug\-level\fR\fR] [\fB\-f\fR] [\fB\-g\fR] [\fB\-n\ \fR\fB\fI#cpus\fR\fR] [\fB\-p\ \fR\fB\fIport\fR\fR] [\fB\-s\fR] [\fB\-t\ \fR\fB\fIdirectory\fR\fR] [\fB\-u\ \fR\fB\fIuser\fR\fR] [\fB\-v\fR] [\fB\-x\ \fR\fB\fIcache\-file\fR\fR] [\fB\-D\fR] .SH "DESCRIPTION" .PP \fBnamed\fR @@@@ -146,6 +146,13 @@@@ .B "Warning:" This option must not be used. It is only of interest to BIND 9 developers and may be removed or changed in a future release. .RE +.sp +.TP +\fB\-D\fR +Enable dynamic management of the forwarding table with D-BUS +messages. This option is required for Red Hat NetworkManager +support. See doc/README.DBUS . +.sp .SH "SIGNALS" .PP In routine operation, signals should not be used to control the nameserver; @@@@ -165,6 +172,73 @@@@ \fBnamed\fR configuration file is too complex to describe in detail here. A complete description is provided in the BIND 9 Administrator Reference Manual. +.PP +.SH "NOTES" +.PP +.TP +\fBRed Hat SELinux BIND Security Profile:\fR +.PP +By default, Red Hat ships BIND with the most secure SELinux policy +that will not prevent normal BIND operation and will prevent exploitation +of all known BIND security vulnerabilities . See the selinux(8) man page +for information about SElinux. +.PP +It is not necessary to run named in a chroot environment if the Red Hat +SELinux policy for named is enabled. When enabled, this policy is far +more secure than a chroot environment. +.PP +With this extra security comes some restrictions: +.br +By default, the SELinux policy does not allow named to write any master +zone database files. Only the root user may create files in the $ROOTDIR/var/named +zone database file directory (the options { "directory" } option), where +$ROOTDIR is set in /etc/sysconfig/named. +.br +The "named" group must be granted read privelege to +these files in order for named to be enabled to read them. +.br +Any file created in the zone database file directory is automatically assigned +the SELinux file context named_zone_t . +.br +By default, SELinux prevents any role from modifying named_zone_t files; this +means that files in the zone database directory cannot be modified by dynamic +DNS (DDNS) updates or zone transfers. +.br +The Red Hat BIND distribution and SELinux policy creates two directories where +named is allowed to create and modify files: $ROOTDIR/var/named/slaves and +$ROOTDIR/var/named/data. By placing files you want named to modify, such as +slave or DDNS updateable zone files and database / statistics dump files in +these directories, named will work normally and no further operator action is +required. Files in these directories are automatically assigned the 'named_cache_t' +file context, which SELinux allows named to write. +.br +You can enable the named_t domain to write and create named_zone_t files by use +of the SELinux tunable boolean variable "named_write_master_zones", using the +setsebool(8) command or the system-config-security GUI . If you do this, you +must also set the ENABLE_ZONE_WRITE variable in /etc/sysconfig/named to +1 / yes to set the ownership of files in the $ROOTDIR/var/named directory +to named:named in order for named to be allowed to write them. +.PP +\fBRed Hat BIND named_sdb SDB support:\fR +.PP +Red Hat ships the bind-sdb RPM that provides the /usr/sbin/named_sdb program, +which is named compiled with the Simplified Database Backend modules that ISC +provides in the "contrib/sdb" directory. +.br +The SDB modules for LDAP, PostGreSQL and DirDB are compiled into named_sdb. +.br +To run named_sdb, set the ENABLE_SDB variable in /etc/sysconfig/named to 1 or "yes", +and then the "service named start" named initscript will run named_sdb instead +of named . +.br +See the documentation for the various SDB modules in /usr/share/doc/bind-sdb-*/ . +.PP +\fBRed Hat system-config-bind:\fR +.PP +Red Hat provides the system-config-bind GUI to configure named.conf and zone +database files. Run the "system-config-bind" command and access the manual +by selecting the Help menu. +.PP .SH "FILES" .TP 3n \fI/etc/named.conf\fR --- bind-9.3.3rc2/bin/named/include/named/globals.h.dbus 2006-03-02 01:37:20.000000000 +0100 +++ bind-9.3.3rc2/bin/named/include/named/globals.h 2006-09-18 10:08:37.000000000 +0200 @@@@ -112,6 +112,8 @@@@ EXTERN int ns_g_listen INIT(3); +EXTERN int ns_g_dbus INIT(0); + #undef EXTERN #undef INIT --- bind-9.3.3rc2/bin/named/include/named/log.h.dbus 2004-03-08 05:04:21.000000000 +0100 +++ bind-9.3.3rc2/bin/named/include/named/log.h 2006-09-18 10:08:37.000000000 +0200 @@@@ -34,6 +34,7 @@@@ #define NS_LOGCATEGORY_QUERIES (&ns_g_categories[4]) #define NS_LOGCATEGORY_UNMATCHED (&ns_g_categories[5]) #define NS_LOGCATEGORY_UPDATE_SECURITY (&ns_g_categories[6]) +#define NS_LOGCATEGORY_DBUS (&ns_g_categories[7]) /* * Backwards compatibility. @@@@ -51,6 +52,7 @@@@ #define NS_LOGMODULE_NOTIFY (&ns_g_modules[8]) #define NS_LOGMODULE_CONTROL (&ns_g_modules[9]) #define NS_LOGMODULE_LWRESD (&ns_g_modules[10]) +#define NS_LOGMODULE_DBUS (&ns_g_modules[11]) isc_result_t ns_log_init(isc_boolean_t safe); --- bind-9.3.3rc2/bin/named/include/named/server.h.dbus 2006-03-02 01:37:20.000000000 +0100 +++ bind-9.3.3rc2/bin/named/include/named/server.h 2006-09-18 10:08:37.000000000 +0200 @@@@ -91,7 +91,8 @@@@ ns_controls_t * controls; /* Control channels */ unsigned int dispatchgen; ns_dispatchlist_t dispatches; - + + ns_dbus_mgr_t * dbus_mgr; }; #define NS_SERVER_MAGIC ISC_MAGIC('S','V','E','R') --- bind-9.3.3rc2/bin/named/include/named/types.h.dbus 2004-03-06 11:21:26.000000000 +0100 +++ bind-9.3.3rc2/bin/named/include/named/types.h 2006-09-18 10:08:37.000000000 +0200 @@@@ -38,4 +38,6 @@@@ typedef struct ns_dispatch ns_dispatch_t; typedef ISC_LIST(ns_dispatch_t) ns_dispatchlist_t; +typedef struct ns_dbus_mgr ns_dbus_mgr_t ; + #endif /* NAMED_TYPES_H */ --- bind-9.3.3rc2/bin/named/log.c.dbus 2005-05-25 01:58:17.000000000 +0200 +++ bind-9.3.3rc2/bin/named/log.c 2006-09-18 10:08:37.000000000 +0200 @@@@ -41,6 +41,7 @@@@ { "queries", 0 }, { "unmatched", 0 }, { "update-security", 0 }, + { "dbus", 0 }, { NULL, 0 } }; @@@@ -60,6 +61,7 @@@@ { "notify", 0 }, { "control", 0 }, { "lwresd", 0 }, + { "dbus", 0 }, { NULL, 0 } }; --- bind-9.3.3rc2/bin/named/main.c.dbus 2006-01-06 01:01:42.000000000 +0100 +++ bind-9.3.3rc2/bin/named/main.c 2006-09-18 10:08:37.000000000 +0200 @@@@ -239,7 +239,8 @@@@ "usage: named [-4|-6] [-c conffile] [-d debuglevel] " "[-f|-g] [-n number_of_cpus]\n" " [-p port] [-s] [-t chrootdir] [-u username]\n" - " [-m {usage|trace|record}]\n"); + " [-m {usage|trace|record}]\n" + " [-D ]\n"); } static void @@@@ -345,7 +346,7 @@@@ isc_commandline_errprint = ISC_FALSE; while ((ch = isc_commandline_parse(argc, argv, - "46c:C:d:fgi:lm:n:N:p:P:st:u:vx:")) != -1) { + "46c:C:d:fgi:lm:n:N:p:P:st:u:vx:D")) != -1) { switch (ch) { case '4': if (disable4) @@@@ -434,6 +435,9 @@@@ case 'v': printf("BIND %s\n", ns_g_version); exit(0); + case 'D': + ns_g_dbus = 1; + break; case '?': usage(); ns_main_earlyfatal("unknown option '-%c'", --- bind-9.3.3rc2/bin/named/server.c.dbus 2006-05-24 06:30:24.000000000 +0200 +++ bind-9.3.3rc2/bin/named/server.c 2006-09-18 10:08:37.000000000 +0200 @@@@ -86,6 +86,8 @@@@ #include #endif +#include + /* * Check an operation for failure. Assumes that the function * using it has a 'result' variable and a 'cleanup' label. @@@@ -1495,12 +1497,12 @@@@ if (result != ISC_R_SUCCESS) { char namebuf[DNS_NAME_FORMATSIZE]; dns_name_format(origin, namebuf, sizeof(namebuf)); - cfg_obj_log(forwarders, ns_g_lctx, ISC_LOG_WARNING, - "could not set up forwarding for domain '%s': %s", + cfg_obj_log(forwarders, ns_g_lctx, ISC_LOG_NOTICE, + "setting up forwarding failed for domain '%s': %s", namebuf, isc_result_totext(result)); goto cleanup; } - + result = ISC_R_SUCCESS; cleanup: @@@@ -2875,6 +2877,20 @@@@ CHECKFATAL(load_zones(server, ISC_FALSE), "loading zones"); + server->dbus_mgr = 0L; + if( ns_g_dbus ) + if( dbus_mgr_create + ( ns_g_mctx, ns_g_taskmgr, ns_g_socketmgr, ns_g_timermgr, + &server->dbus_mgr + ) != ISC_R_SUCCESS + ) + { + isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, + NS_LOGMODULE_SERVER, ISC_LOG_WARNING, + "dbus_mgr initialization failed. D-BUS service is disabled." + ); + } + ns_os_started(); isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_NOTICE, "running"); @@@@ -2937,6 +2953,9 @@@@ dns_db_detach(&server->in_roothints); + if( server->dbus_mgr != 0L ) + dbus_mgr_shutdown(server->dbus_mgr); + isc_task_endexclusive(server->task); isc_task_detach(&server->task); --- bind-9.3.3rc2/bin/named/Makefile.in.dbus 2004-09-06 23:47:25.000000000 +0200 +++ bind-9.3.3rc2/bin/named/Makefile.in 2006-09-18 10:10:58.000000000 +0200 @@@@ -35,7 +35,8 @@@@ ${LWRES_INCLUDES} ${DNS_INCLUDES} ${BIND9_INCLUDES} \ ${ISCCFG_INCLUDES} ${ISCCC_INCLUDES} ${ISC_INCLUDES} \ ${DBDRIVER_INCLUDES} - +DBUS_INCLUDES = \ + -I/usr/lib/dbus-1.0/include -I/usr/include/dbus-1.0 CDEFINES = CWARNINGS = @@@@ -52,6 +53,7 @@@@ ISCDEPLIBS = ../../lib/isc/libisc.@@A@@ LWRESDEPLIBS = ../../lib/lwres/liblwres.@@A@@ BIND9DEPLIBS = ../../lib/bind9/libbind9.@@A@@ +DBUSLIBS= -ldbus-1 DEPLIBS = ${LWRESDEPLIBS} ${DNSDEPLIBS} ${BIND9DEPLIBS} \ ${ISCCFGDEPLIBS} ${ISCCCDEPLIBS} ${ISCDEPLIBS} @@@@ -71,6 +73,7 @@@@ zoneconf.@@O@@ \ lwaddr.@@O@@ lwresd.@@O@@ lwdclient.@@O@@ lwderror.@@O@@ lwdgabn.@@O@@ \ lwdgnba.@@O@@ lwdgrbn.@@O@@ lwdnoop.@@O@@ lwsearch.@@O@@ \ + dbus_service.@@O@@ dbus_mgr.@@O@@ \ $(DBDRIVER_OBJS) UOBJS = unix/os.@@O@@ @@@@ -83,6 +86,7 @@@@ zoneconf.c \ lwaddr.c lwresd.c lwdclient.c lwderror.c lwdgabn.c \ lwdgnba.c lwdgrbn.c lwdnoop.c lwsearch.c \ + dbus_service.c dbus_mgr.c \ $(DBDRIVER_SRCS) MANPAGES = named.8 lwresd.8 named.conf.5 @@@@ -105,9 +109,14 @@@@ -DNS_LOCALSTATEDIR=\"${localstatedir}\" \ -c ${srcdir}/config.c +dbus_service.o: dbus_service.c + ${LIBTOOL_MODE_COMPILE} ${CC} ${ALL_CFLAGS} \ + ${DBUS_INCLUDES} \ + -c ${srcdir}/dbus_service.c + named@@EXEEXT@@: ${OBJS} ${UOBJS} ${DEPLIBS} ${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} -o $@@ \ - ${OBJS} ${UOBJS} ${LIBS} + ${OBJS} ${UOBJS} ${LIBS} ${DBUSLIBS} lwresd@@EXEEXT@@: named@@EXEEXT@@ rm -f lwresd@@EXEEXT@@ @ 1.1.1.1.4.1 log @file bind-9.3.3rc2-dbus.patch was added on branch wrstuden-fixsa on 2007-06-03 17:21:50 +0000 @ text @d1 778 @ 1.1.1.1.4.2 log @Catch up with now-somewhat-dated netbsd-4. These changes took longer than expected for me to actually get around to merging. @ text @a0 778 --- bind-9.3.3rc2/lib/dns/forward.c.dbus 2005-03-17 04:58:30.000000000 +0100 +++ bind-9.3.3rc2/lib/dns/forward.c 2006-09-18 10:08:37.000000000 +0200 @@@@ -200,3 +200,89 @@@@ } isc_mem_put(fwdtable->mctx, forwarders, sizeof(dns_forwarders_t)); } + +/*** + *** new D-BUS Dynamic Forwarding Zones functions: + ***/ +isc_result_t +dns_fwdtable_delete(dns_fwdtable_t *fwdtable, dns_name_t *name ) +{ + isc_result_t result; + + REQUIRE(VALID_FWDTABLE(fwdtable)); + + RWLOCK(&fwdtable->rwlock, isc_rwlocktype_write); + + result = dns_rbt_deletename(fwdtable->table, name, ISC_FALSE); + + RWUNLOCK(&fwdtable->rwlock, isc_rwlocktype_write); + + return (result); +} + +isc_result_t +dns_fwdtable_find_closest(dns_fwdtable_t *fwdtable, + dns_name_t *name, + dns_name_t *foundname, + dns_forwarders_t **forwardersp) +{ + isc_result_t result; + + REQUIRE(VALID_FWDTABLE(fwdtable)); + + RWLOCK(&fwdtable->rwlock, isc_rwlocktype_read); + + result = dns_rbt_findname(fwdtable->table, name, 0, foundname, + (void **)forwardersp); + + if(result == DNS_R_PARTIALMATCH) + result = ISC_R_SUCCESS; + + RWUNLOCK(&fwdtable->rwlock, isc_rwlocktype_read); + + return (result); +} + +isc_result_t +dns_fwdtable_find_exact(dns_fwdtable_t *fwdtable, dns_name_t *name, + dns_forwarders_t **forwardersp) +{ + isc_result_t result; + + REQUIRE(VALID_FWDTABLE(fwdtable)); + + REQUIRE(forwardersp != 0L); + + RWLOCK(&fwdtable->rwlock, isc_rwlocktype_read); + + result = dns_rbt_findname(fwdtable->table, name, 0, NULL, + (void **)forwardersp); + + if( result != ISC_R_SUCCESS ) + *forwardersp = 0L; + + RWUNLOCK(&fwdtable->rwlock, isc_rwlocktype_read); + + return (result); +} + +static +void dns_fwdtable_traverse +( + dns_name_t *name, + void *node_data, + void *cbp, + void *cb_arg +) +{ + dns_fwdtable_callback_t cb = (dns_fwdtable_callback_t) cbp; + + (*cb)( name, node_data, cb_arg); +} + +void dns_fwdtable_foreach(dns_fwdtable_t *fwdtable, dns_fwdtable_callback_t cb, void *cb_arg ) +{ + REQUIRE(VALID_FWDTABLE(fwdtable)); + + dns_rbt_traverse( fwdtable->table, dns_fwdtable_traverse, cb, cb_arg ); +} --- bind-9.3.3rc2/lib/dns/include/dns/forward.h.dbus 2005-03-17 04:58:31.000000000 +0100 +++ bind-9.3.3rc2/lib/dns/include/dns/forward.h 2006-09-18 10:08:37.000000000 +0200 @@@@ -98,6 +98,37 @@@@ * all memory associated with the forwarding table is freed. */ + +/* These are ONLY used by dbus_mgr : + */ + +isc_result_t +dns_fwdtable_delete( dns_fwdtable_t *fwdtable, dns_name_t *name ); +/* + * Removes an entry from the forwarding table. + */ + +isc_result_t +dns_fwdtable_find_exact(dns_fwdtable_t *fwdtable, dns_name_t *name, + dns_forwarders_t **forwardersp); +/* + * Finds an exact match for "name" in the forwarding table. + */ + +isc_result_t +dns_fwdtable_find_closest(dns_fwdtable_t *fwdtable, dns_name_t *name, dns_name_t *foundname, + dns_forwarders_t **forwardersp); +/* + * Finds the closest match for "*name" in the forwarding table, returning + * the actual name matching in *name if different to *name passed in. + */ + +typedef void (*dns_fwdtable_callback_t)( dns_name_t *, dns_forwarders_t *, void *); +void dns_fwdtable_foreach(dns_fwdtable_t *fwdtable, dns_fwdtable_callback_t cb, void * ); +/* Invoke cb for each member of fwdtable + */ + + ISC_LANG_ENDDECLS #endif /* DNS_FORWARD_H */ --- bind-9.3.3rc2/lib/dns/include/dns/rbt.h.dbus 2004-10-11 07:55:51.000000000 +0200 +++ bind-9.3.3rc2/lib/dns/include/dns/rbt.h 2006-09-18 10:08:37.000000000 +0200 @@@@ -833,6 +833,17 @@@@ * Any error result from dns_name_concatenate. */ + +typedef void (*dns_rbt_traverse_callback_t)( dns_name_t *name, + void *node_data, + void *cb_arg1, + void *cb_arg2); + +void dns_rbt_traverse( dns_rbt_t *rbt, dns_rbt_traverse_callback_t cb, void *cb_arg1, void *cb_arg2 ); +/* tree traversal function (only used by D-BUS dynamic forwarding dbus_mgr at + * the moment) + */ + ISC_LANG_ENDDECLS #endif /* DNS_RBT_H */ --- bind-9.3.3rc2/lib/dns/rbt.c.dbus 2005-06-18 03:03:24.000000000 +0200 +++ bind-9.3.3rc2/lib/dns/rbt.c 2006-09-18 10:08:37.000000000 +0200 @@@@ -2172,6 +2172,47 @@@@ dns_rbt_printtree(rbt->root, NULL, 0); } +static void +dns_rbt_traverse_tree(dns_rbtnode_t *root, dns_rbt_traverse_callback_t cb, void *cb_arg1, void *cb_arg2 ) { +/* + * This is used ONLY to traverse the forward table by dbus_mgr at the moment. + * Since the forward table is not likely to be large, this can be recursive. + */ + dns_name_t name; + dns_offsets_t offsets; + char buf[DNS_NAME_MAXWIRE]; + isc_buffer_t buffer; + + if (root != NULL) { + + if (DOWN(root)) + dns_rbt_traverse_tree(DOWN(root), cb, cb_arg1, cb_arg2); + + if( LEFT(root) != NULL ) + dns_rbt_traverse_tree(LEFT(root), cb, cb_arg1, cb_arg2); + + if( RIGHT(root) != NULL ) + dns_rbt_traverse_tree(RIGHT(root), cb, cb_arg1, cb_arg2); + + if( DATA(root) == 0L ) + return; + + dns_name_init(&name, offsets); + isc_buffer_init(&buffer, buf, DNS_NAME_MAXWIRE); + dns_name_setbuffer( &name, &buffer); + dns_rbt_fullnamefromnode(root, &name); + + (*cb)(&name, DATA(root), cb_arg1, cb_arg2); + } +} + +void dns_rbt_traverse( dns_rbt_t *rbt, dns_rbt_traverse_callback_t cb, void *cb_arg1, void *cb_arg2 ) +{ + REQUIRE(VALID_RBT(rbt)); + + dns_rbt_traverse_tree( rbt->root, cb, cb_arg1, cb_arg2 ); +} + /* * Chain Functions */ --- bind-9.3.3rc2/lib/isc/include/isc/socket.h.dbus 2004-03-08 10:04:53.000000000 +0100 +++ bind-9.3.3rc2/lib/isc/include/isc/socket.h 2006-09-18 10:08:37.000000000 +0200 @@@@ -136,6 +136,10 @@@@ #define ISC_SOCKEVENT_NEWCONN (ISC_EVENTCLASS_SOCKET + 3) #define ISC_SOCKEVENT_CONNECT (ISC_EVENTCLASS_SOCKET + 4) +#define ISC_SOCKEVENT_READ_READY (ISC_EVENTCLASS_SOCKET + 5) +#define ISC_SOCKEVENT_WRITE_READY (ISC_EVENTCLASS_SOCKET + 6) +#define ISC_SOCKEVENT_SELECTED (ISC_EVENTCLASS_SOCKET + 7) + /* * Internal events. */ @@@@ -144,7 +148,8 @@@@ typedef enum { isc_sockettype_udp = 1, - isc_sockettype_tcp = 2 + isc_sockettype_tcp = 2, + isc_sockettype_fd = 8 } isc_sockettype_t; /* @@@@ -699,6 +704,30 @@@@ * 'sock' is a valid socket. */ +isc_socketevent_t* +isc_socket_fd_handle_reads( isc_socket_t *sock, isc_socketevent_t *dev ); +/* register the "dev" event to be sent when the isc_sockettype_fd sock + * was select()-ed for read. If there is already an event registered, it + * is returned, otherwise 0 is returned. If dev is 0, removes any existing + * registered event. + */ + +isc_socketevent_t* +isc_socket_fd_handle_writes( isc_socket_t *sock, isc_socketevent_t *dev ); +/* register the "dev" event to be sent when the isc_sockettype_fd sock + * was select()-ed for write. If there is already an event registered, it + * is returned, otherwise 0 is returned. If dev is 0, removes any existing + * registered event. + */ + +isc_socketevent_t* +isc_socket_fd_handle_selected( isc_socket_t *sock, isc_socketevent_t *dev ); +/* register the "dev" event to be sent when ALL isc_sockettype_fd sockets + * have been select()-ed . If there is already an event registered, it + * is returned, otherwise 0 is returned. If dev is 0, removes any existing + * registered event. + */ + ISC_LANG_ENDDECLS #endif /* ISC_SOCKET_H */ --- bind-9.3.3rc2/lib/isc/unix/socket.c.dbus 2006-05-19 04:53:36.000000000 +0200 +++ bind-9.3.3rc2/lib/isc/unix/socket.c 2006-09-18 10:08:37.000000000 +0200 @@@@ -148,6 +148,11 @@@@ ISC_LIST(isc_socketevent_t) recv_list; ISC_LIST(isc_socket_newconnev_t) accept_list; isc_socket_connev_t *connect_ev; + + /* these are used only by isc_sockettype_fd sockets:*/ + isc_socketevent_t *read_ready_event; + isc_socketevent_t *write_ready_event; + isc_socketevent_t *selected_event; /* * Internal events. Posted when a descriptor is readable or @@@@ -304,7 +309,7 @@@@ static void wakeup_socket(isc_socketmgr_t *manager, int fd, int msg) { - isc_socket_t *sock; + isc_socket_t *sock=0L; /* * This is a wakeup on a socket. If the socket is not in the @@@@ -1289,6 +1294,9 @@@@ sock->connected = 0; sock->connecting = 0; sock->bound = 0; + sock->read_ready_event = 0L; + sock->write_ready_event = 0L; + sock->selected_event = 0L; /* * initialize the lock @@@@ -1401,13 +1409,16 @@@@ case isc_sockettype_tcp: sock->fd = socket(pf, SOCK_STREAM, IPPROTO_TCP); break; + + case isc_sockettype_fd: + sock->fd = pf; } #ifdef F_DUPFD /* * Leave a space for stdio to work in. */ - if (sock->fd >= 0 && sock->fd < 20) { + if ( (type != isc_sockettype_fd) && (sock->fd >= 0) && (sock->fd < 20) ) { int new, tmp; new = fcntl(sock->fd, F_DUPFD, 20); tmp = errno; @@@@ -1461,7 +1472,7 @@@@ } } - if (make_nonblock(sock->fd) != ISC_R_SUCCESS) { + if ((type != isc_sockettype_fd) && (make_nonblock(sock->fd) != ISC_R_SUCCESS)) { (void)close(sock->fd); free_socket(&sock); return (ISC_R_UNEXPECTED); @@@@ -1729,6 +1740,38 @@@@ isc_task_send(ev->ev_sender, (isc_event_t **)&iev); } +static +isc_event_t *dispatch_read_ready(isc_socketmgr_t *manager, isc_socket_t *sock) +{ + isc_event_t *dev = (isc_event_t*)sock->read_ready_event, *ev; + + ev = isc_mem_get(manager->mctx, dev->ev_size); + memcpy(ev,dev,dev->ev_size); + ISC_LINK_INIT(ev,ev_link); + isc_task_send(dev->ev_sender, &ev ); + return (isc_event_t *)sock->selected_event; +} + +static +isc_event_t *dispatch_write_ready(isc_socketmgr_t *manager,isc_socket_t *sock) +{ + isc_event_t *dev = (isc_event_t*)sock->write_ready_event, *ev; + ev = isc_mem_get(manager->mctx, dev->ev_size); + memcpy(ev,dev,dev->ev_size); + ISC_LINK_INIT(ev,ev_link); + isc_task_send(dev->ev_sender, &ev ); + return (isc_event_t *)sock->selected_event; +} + +static +void dispatch_selected(isc_socketmgr_t *manager, isc_event_t *dev) +{ isc_event_t *ev; + ev = isc_mem_get(manager->mctx, dev->ev_size); + memcpy(ev,dev,dev->ev_size); + ISC_LINK_INIT(ev,ev_link); + isc_task_send(dev->ev_sender, &ev ); +} + /* * Dequeue an item off the given socket's read queue, set the result code * in the done event to the one provided, and send it to the task it was @@@@ -2136,6 +2179,7 @@@@ int i; isc_socket_t *sock; isc_boolean_t unlock_sock; + isc_event_t *sock_selected = 0L; REQUIRE(maxfd <= (int)FD_SETSIZE); @@@@ -2169,11 +2213,15 @@@@ unlock_sock = ISC_TRUE; LOCK(&sock->lock); if (!SOCK_DEAD(sock)) { + if( sock->type != isc_sockettype_fd ) + { if (sock->listener) dispatch_accept(sock); else dispatch_recv(sock); - } + }else + sock_selected = dispatch_read_ready(manager,sock); + } FD_CLR(i, &manager->read_fds); } check_write: @@@@ -2187,16 +2235,24 @@@@ LOCK(&sock->lock); } if (!SOCK_DEAD(sock)) { + if( sock->type != isc_sockettype_fd ) + { if (sock->connecting) dispatch_connect(sock); else dispatch_send(sock); + }else + sock_selected = dispatch_write_ready(manager,sock); } FD_CLR(i, &manager->write_fds); } if (unlock_sock) UNLOCK(&sock->lock); } + if( sock_selected != 0L ) + { + dispatch_selected(manager, sock_selected); + } } #ifdef ISC_PLATFORM_USETHREADS @@@@ -2215,7 +2271,7 @@@@ int cc; fd_set readfds; fd_set writefds; - int msg, fd; + int msg, fd = -1; int maxfd; char strbuf[ISC_STRERRORSIZE]; @@@@ -3546,3 +3602,55 @@@@ return (ISC_R_SUCCESS); } #endif /* ISC_PLATFORM_USETHREADS */ + +isc_socketevent_t* +isc_socket_fd_handle_reads( isc_socket_t *sock, isc_socketevent_t *dev ) +{ + REQUIRE(VALID_SOCKET(sock)); + if(dev != 0L) + { + sock->references=1; + sock->read_ready_event = dev; + select_poke(sock->manager, sock->fd, SELECT_POKE_READ); + }else + { + dev = sock->read_ready_event ; + sock->read_ready_event = 0L ; + } + return dev; +} + +isc_socketevent_t* +isc_socket_fd_handle_writes( isc_socket_t *sock, isc_socketevent_t *dev ) +{ + REQUIRE(VALID_SOCKET(sock)); + if(dev != 0L) + { + sock->references=1; + sock->write_ready_event = dev; + select_poke(sock->manager, sock->fd, SELECT_POKE_WRITE); + }else + { + dev = sock->write_ready_event; + sock->write_ready_event = 0L; + } + return dev; +} + +isc_socketevent_t* +isc_socket_fd_handle_selected( isc_socket_t *sock, isc_socketevent_t *dev ) +{ + REQUIRE(VALID_SOCKET(sock)); + if(dev != 0L) + { + sock->references=1; + sock->selected_event = dev; + }else + { + dev = sock->selected_event; + sock->selected_event = 0L; + sock->references=0; + destroy(&sock); + } + return dev; +} --- bind-9.3.3rc2/bin/named/named.8.dbus 2006-06-29 15:02:30.000000000 +0200 +++ bind-9.3.3rc2/bin/named/named.8 2006-09-18 10:08:37.000000000 +0200 @@@@ -33,7 +33,7 @@@@ named \- Internet domain name server .SH "SYNOPSIS" .HP 6 -\fBnamed\fR [\fB\-4\fR] [\fB\-6\fR] [\fB\-c\ \fR\fB\fIconfig\-file\fR\fR] [\fB\-d\ \fR\fB\fIdebug\-level\fR\fR] [\fB\-f\fR] [\fB\-g\fR] [\fB\-n\ \fR\fB\fI#cpus\fR\fR] [\fB\-p\ \fR\fB\fIport\fR\fR] [\fB\-s\fR] [\fB\-t\ \fR\fB\fIdirectory\fR\fR] [\fB\-u\ \fR\fB\fIuser\fR\fR] [\fB\-v\fR] [\fB\-x\ \fR\fB\fIcache\-file\fR\fR] +\fBnamed\fR [\fB\-4\fR] [\fB\-6\fR] [\fB\-c\ \fR\fB\fIconfig\-file\fR\fR] [\fB\-d\ \fR\fB\fIdebug\-level\fR\fR] [\fB\-f\fR] [\fB\-g\fR] [\fB\-n\ \fR\fB\fI#cpus\fR\fR] [\fB\-p\ \fR\fB\fIport\fR\fR] [\fB\-s\fR] [\fB\-t\ \fR\fB\fIdirectory\fR\fR] [\fB\-u\ \fR\fB\fIuser\fR\fR] [\fB\-v\fR] [\fB\-x\ \fR\fB\fIcache\-file\fR\fR] [\fB\-D\fR] .SH "DESCRIPTION" .PP \fBnamed\fR @@@@ -146,6 +146,13 @@@@ .B "Warning:" This option must not be used. It is only of interest to BIND 9 developers and may be removed or changed in a future release. .RE +.sp +.TP +\fB\-D\fR +Enable dynamic management of the forwarding table with D-BUS +messages. This option is required for Red Hat NetworkManager +support. See doc/README.DBUS . +.sp .SH "SIGNALS" .PP In routine operation, signals should not be used to control the nameserver; @@@@ -165,6 +172,73 @@@@ \fBnamed\fR configuration file is too complex to describe in detail here. A complete description is provided in the BIND 9 Administrator Reference Manual. +.PP +.SH "NOTES" +.PP +.TP +\fBRed Hat SELinux BIND Security Profile:\fR +.PP +By default, Red Hat ships BIND with the most secure SELinux policy +that will not prevent normal BIND operation and will prevent exploitation +of all known BIND security vulnerabilities . See the selinux(8) man page +for information about SElinux. +.PP +It is not necessary to run named in a chroot environment if the Red Hat +SELinux policy for named is enabled. When enabled, this policy is far +more secure than a chroot environment. +.PP +With this extra security comes some restrictions: +.br +By default, the SELinux policy does not allow named to write any master +zone database files. Only the root user may create files in the $ROOTDIR/var/named +zone database file directory (the options { "directory" } option), where +$ROOTDIR is set in /etc/sysconfig/named. +.br +The "named" group must be granted read privelege to +these files in order for named to be enabled to read them. +.br +Any file created in the zone database file directory is automatically assigned +the SELinux file context named_zone_t . +.br +By default, SELinux prevents any role from modifying named_zone_t files; this +means that files in the zone database directory cannot be modified by dynamic +DNS (DDNS) updates or zone transfers. +.br +The Red Hat BIND distribution and SELinux policy creates two directories where +named is allowed to create and modify files: $ROOTDIR/var/named/slaves and +$ROOTDIR/var/named/data. By placing files you want named to modify, such as +slave or DDNS updateable zone files and database / statistics dump files in +these directories, named will work normally and no further operator action is +required. Files in these directories are automatically assigned the 'named_cache_t' +file context, which SELinux allows named to write. +.br +You can enable the named_t domain to write and create named_zone_t files by use +of the SELinux tunable boolean variable "named_write_master_zones", using the +setsebool(8) command or the system-config-security GUI . If you do this, you +must also set the ENABLE_ZONE_WRITE variable in /etc/sysconfig/named to +1 / yes to set the ownership of files in the $ROOTDIR/var/named directory +to named:named in order for named to be allowed to write them. +.PP +\fBRed Hat BIND named_sdb SDB support:\fR +.PP +Red Hat ships the bind-sdb RPM that provides the /usr/sbin/named_sdb program, +which is named compiled with the Simplified Database Backend modules that ISC +provides in the "contrib/sdb" directory. +.br +The SDB modules for LDAP, PostGreSQL and DirDB are compiled into named_sdb. +.br +To run named_sdb, set the ENABLE_SDB variable in /etc/sysconfig/named to 1 or "yes", +and then the "service named start" named initscript will run named_sdb instead +of named . +.br +See the documentation for the various SDB modules in /usr/share/doc/bind-sdb-*/ . +.PP +\fBRed Hat system-config-bind:\fR +.PP +Red Hat provides the system-config-bind GUI to configure named.conf and zone +database files. Run the "system-config-bind" command and access the manual +by selecting the Help menu. +.PP .SH "FILES" .TP 3n \fI/etc/named.conf\fR --- bind-9.3.3rc2/bin/named/include/named/globals.h.dbus 2006-03-02 01:37:20.000000000 +0100 +++ bind-9.3.3rc2/bin/named/include/named/globals.h 2006-09-18 10:08:37.000000000 +0200 @@@@ -112,6 +112,8 @@@@ EXTERN int ns_g_listen INIT(3); +EXTERN int ns_g_dbus INIT(0); + #undef EXTERN #undef INIT --- bind-9.3.3rc2/bin/named/include/named/log.h.dbus 2004-03-08 05:04:21.000000000 +0100 +++ bind-9.3.3rc2/bin/named/include/named/log.h 2006-09-18 10:08:37.000000000 +0200 @@@@ -34,6 +34,7 @@@@ #define NS_LOGCATEGORY_QUERIES (&ns_g_categories[4]) #define NS_LOGCATEGORY_UNMATCHED (&ns_g_categories[5]) #define NS_LOGCATEGORY_UPDATE_SECURITY (&ns_g_categories[6]) +#define NS_LOGCATEGORY_DBUS (&ns_g_categories[7]) /* * Backwards compatibility. @@@@ -51,6 +52,7 @@@@ #define NS_LOGMODULE_NOTIFY (&ns_g_modules[8]) #define NS_LOGMODULE_CONTROL (&ns_g_modules[9]) #define NS_LOGMODULE_LWRESD (&ns_g_modules[10]) +#define NS_LOGMODULE_DBUS (&ns_g_modules[11]) isc_result_t ns_log_init(isc_boolean_t safe); --- bind-9.3.3rc2/bin/named/include/named/server.h.dbus 2006-03-02 01:37:20.000000000 +0100 +++ bind-9.3.3rc2/bin/named/include/named/server.h 2006-09-18 10:08:37.000000000 +0200 @@@@ -91,7 +91,8 @@@@ ns_controls_t * controls; /* Control channels */ unsigned int dispatchgen; ns_dispatchlist_t dispatches; - + + ns_dbus_mgr_t * dbus_mgr; }; #define NS_SERVER_MAGIC ISC_MAGIC('S','V','E','R') --- bind-9.3.3rc2/bin/named/include/named/types.h.dbus 2004-03-06 11:21:26.000000000 +0100 +++ bind-9.3.3rc2/bin/named/include/named/types.h 2006-09-18 10:08:37.000000000 +0200 @@@@ -38,4 +38,6 @@@@ typedef struct ns_dispatch ns_dispatch_t; typedef ISC_LIST(ns_dispatch_t) ns_dispatchlist_t; +typedef struct ns_dbus_mgr ns_dbus_mgr_t ; + #endif /* NAMED_TYPES_H */ --- bind-9.3.3rc2/bin/named/log.c.dbus 2005-05-25 01:58:17.000000000 +0200 +++ bind-9.3.3rc2/bin/named/log.c 2006-09-18 10:08:37.000000000 +0200 @@@@ -41,6 +41,7 @@@@ { "queries", 0 }, { "unmatched", 0 }, { "update-security", 0 }, + { "dbus", 0 }, { NULL, 0 } }; @@@@ -60,6 +61,7 @@@@ { "notify", 0 }, { "control", 0 }, { "lwresd", 0 }, + { "dbus", 0 }, { NULL, 0 } }; --- bind-9.3.3rc2/bin/named/main.c.dbus 2006-01-06 01:01:42.000000000 +0100 +++ bind-9.3.3rc2/bin/named/main.c 2006-09-18 10:08:37.000000000 +0200 @@@@ -239,7 +239,8 @@@@ "usage: named [-4|-6] [-c conffile] [-d debuglevel] " "[-f|-g] [-n number_of_cpus]\n" " [-p port] [-s] [-t chrootdir] [-u username]\n" - " [-m {usage|trace|record}]\n"); + " [-m {usage|trace|record}]\n" + " [-D ]\n"); } static void @@@@ -345,7 +346,7 @@@@ isc_commandline_errprint = ISC_FALSE; while ((ch = isc_commandline_parse(argc, argv, - "46c:C:d:fgi:lm:n:N:p:P:st:u:vx:")) != -1) { + "46c:C:d:fgi:lm:n:N:p:P:st:u:vx:D")) != -1) { switch (ch) { case '4': if (disable4) @@@@ -434,6 +435,9 @@@@ case 'v': printf("BIND %s\n", ns_g_version); exit(0); + case 'D': + ns_g_dbus = 1; + break; case '?': usage(); ns_main_earlyfatal("unknown option '-%c'", --- bind-9.3.3rc2/bin/named/server.c.dbus 2006-05-24 06:30:24.000000000 +0200 +++ bind-9.3.3rc2/bin/named/server.c 2006-09-18 10:08:37.000000000 +0200 @@@@ -86,6 +86,8 @@@@ #include #endif +#include + /* * Check an operation for failure. Assumes that the function * using it has a 'result' variable and a 'cleanup' label. @@@@ -1495,12 +1497,12 @@@@ if (result != ISC_R_SUCCESS) { char namebuf[DNS_NAME_FORMATSIZE]; dns_name_format(origin, namebuf, sizeof(namebuf)); - cfg_obj_log(forwarders, ns_g_lctx, ISC_LOG_WARNING, - "could not set up forwarding for domain '%s': %s", + cfg_obj_log(forwarders, ns_g_lctx, ISC_LOG_NOTICE, + "setting up forwarding failed for domain '%s': %s", namebuf, isc_result_totext(result)); goto cleanup; } - + result = ISC_R_SUCCESS; cleanup: @@@@ -2875,6 +2877,20 @@@@ CHECKFATAL(load_zones(server, ISC_FALSE), "loading zones"); + server->dbus_mgr = 0L; + if( ns_g_dbus ) + if( dbus_mgr_create + ( ns_g_mctx, ns_g_taskmgr, ns_g_socketmgr, ns_g_timermgr, + &server->dbus_mgr + ) != ISC_R_SUCCESS + ) + { + isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, + NS_LOGMODULE_SERVER, ISC_LOG_WARNING, + "dbus_mgr initialization failed. D-BUS service is disabled." + ); + } + ns_os_started(); isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_NOTICE, "running"); @@@@ -2937,6 +2953,9 @@@@ dns_db_detach(&server->in_roothints); + if( server->dbus_mgr != 0L ) + dbus_mgr_shutdown(server->dbus_mgr); + isc_task_endexclusive(server->task); isc_task_detach(&server->task); --- bind-9.3.3rc2/bin/named/Makefile.in.dbus 2004-09-06 23:47:25.000000000 +0200 +++ bind-9.3.3rc2/bin/named/Makefile.in 2006-09-18 10:10:58.000000000 +0200 @@@@ -35,7 +35,8 @@@@ ${LWRES_INCLUDES} ${DNS_INCLUDES} ${BIND9_INCLUDES} \ ${ISCCFG_INCLUDES} ${ISCCC_INCLUDES} ${ISC_INCLUDES} \ ${DBDRIVER_INCLUDES} - +DBUS_INCLUDES = \ + -I/usr/lib/dbus-1.0/include -I/usr/include/dbus-1.0 CDEFINES = CWARNINGS = @@@@ -52,6 +53,7 @@@@ ISCDEPLIBS = ../../lib/isc/libisc.@@A@@ LWRESDEPLIBS = ../../lib/lwres/liblwres.@@A@@ BIND9DEPLIBS = ../../lib/bind9/libbind9.@@A@@ +DBUSLIBS= -ldbus-1 DEPLIBS = ${LWRESDEPLIBS} ${DNSDEPLIBS} ${BIND9DEPLIBS} \ ${ISCCFGDEPLIBS} ${ISCCCDEPLIBS} ${ISCDEPLIBS} @@@@ -71,6 +73,7 @@@@ zoneconf.@@O@@ \ lwaddr.@@O@@ lwresd.@@O@@ lwdclient.@@O@@ lwderror.@@O@@ lwdgabn.@@O@@ \ lwdgnba.@@O@@ lwdgrbn.@@O@@ lwdnoop.@@O@@ lwsearch.@@O@@ \ + dbus_service.@@O@@ dbus_mgr.@@O@@ \ $(DBDRIVER_OBJS) UOBJS = unix/os.@@O@@ @@@@ -83,6 +86,7 @@@@ zoneconf.c \ lwaddr.c lwresd.c lwdclient.c lwderror.c lwdgabn.c \ lwdgnba.c lwdgrbn.c lwdnoop.c lwsearch.c \ + dbus_service.c dbus_mgr.c \ $(DBDRIVER_SRCS) MANPAGES = named.8 lwresd.8 named.conf.5 @@@@ -105,9 +109,14 @@@@ -DNS_LOCALSTATEDIR=\"${localstatedir}\" \ -c ${srcdir}/config.c +dbus_service.o: dbus_service.c + ${LIBTOOL_MODE_COMPILE} ${CC} ${ALL_CFLAGS} \ + ${DBUS_INCLUDES} \ + -c ${srcdir}/dbus_service.c + named@@EXEEXT@@: ${OBJS} ${UOBJS} ${DEPLIBS} ${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} -o $@@ \ - ${OBJS} ${UOBJS} ${LIBS} + ${OBJS} ${UOBJS} ${LIBS} ${DBUSLIBS} lwresd@@EXEEXT@@: named@@EXEEXT@@ rm -f lwresd@@EXEEXT@@ @ 1.1.1.1.2.1 log @file bind-9.3.3rc2-dbus.patch was added on branch netbsd-4 on 2007-05-17 00:37:21 +0000 @ text @d1 778 @ 1.1.1.1.2.2 log @Update BIND to version 9.4.1 (requested by christos in ticket #602). Thanks to tron for the patches, upgrade script and testing. @ text @a0 778 --- bind-9.3.3rc2/lib/dns/forward.c.dbus 2005-03-17 04:58:30.000000000 +0100 +++ bind-9.3.3rc2/lib/dns/forward.c 2006-09-18 10:08:37.000000000 +0200 @@@@ -200,3 +200,89 @@@@ } isc_mem_put(fwdtable->mctx, forwarders, sizeof(dns_forwarders_t)); } + +/*** + *** new D-BUS Dynamic Forwarding Zones functions: + ***/ +isc_result_t +dns_fwdtable_delete(dns_fwdtable_t *fwdtable, dns_name_t *name ) +{ + isc_result_t result; + + REQUIRE(VALID_FWDTABLE(fwdtable)); + + RWLOCK(&fwdtable->rwlock, isc_rwlocktype_write); + + result = dns_rbt_deletename(fwdtable->table, name, ISC_FALSE); + + RWUNLOCK(&fwdtable->rwlock, isc_rwlocktype_write); + + return (result); +} + +isc_result_t +dns_fwdtable_find_closest(dns_fwdtable_t *fwdtable, + dns_name_t *name, + dns_name_t *foundname, + dns_forwarders_t **forwardersp) +{ + isc_result_t result; + + REQUIRE(VALID_FWDTABLE(fwdtable)); + + RWLOCK(&fwdtable->rwlock, isc_rwlocktype_read); + + result = dns_rbt_findname(fwdtable->table, name, 0, foundname, + (void **)forwardersp); + + if(result == DNS_R_PARTIALMATCH) + result = ISC_R_SUCCESS; + + RWUNLOCK(&fwdtable->rwlock, isc_rwlocktype_read); + + return (result); +} + +isc_result_t +dns_fwdtable_find_exact(dns_fwdtable_t *fwdtable, dns_name_t *name, + dns_forwarders_t **forwardersp) +{ + isc_result_t result; + + REQUIRE(VALID_FWDTABLE(fwdtable)); + + REQUIRE(forwardersp != 0L); + + RWLOCK(&fwdtable->rwlock, isc_rwlocktype_read); + + result = dns_rbt_findname(fwdtable->table, name, 0, NULL, + (void **)forwardersp); + + if( result != ISC_R_SUCCESS ) + *forwardersp = 0L; + + RWUNLOCK(&fwdtable->rwlock, isc_rwlocktype_read); + + return (result); +} + +static +void dns_fwdtable_traverse +( + dns_name_t *name, + void *node_data, + void *cbp, + void *cb_arg +) +{ + dns_fwdtable_callback_t cb = (dns_fwdtable_callback_t) cbp; + + (*cb)( name, node_data, cb_arg); +} + +void dns_fwdtable_foreach(dns_fwdtable_t *fwdtable, dns_fwdtable_callback_t cb, void *cb_arg ) +{ + REQUIRE(VALID_FWDTABLE(fwdtable)); + + dns_rbt_traverse( fwdtable->table, dns_fwdtable_traverse, cb, cb_arg ); +} --- bind-9.3.3rc2/lib/dns/include/dns/forward.h.dbus 2005-03-17 04:58:31.000000000 +0100 +++ bind-9.3.3rc2/lib/dns/include/dns/forward.h 2006-09-18 10:08:37.000000000 +0200 @@@@ -98,6 +98,37 @@@@ * all memory associated with the forwarding table is freed. */ + +/* These are ONLY used by dbus_mgr : + */ + +isc_result_t +dns_fwdtable_delete( dns_fwdtable_t *fwdtable, dns_name_t *name ); +/* + * Removes an entry from the forwarding table. + */ + +isc_result_t +dns_fwdtable_find_exact(dns_fwdtable_t *fwdtable, dns_name_t *name, + dns_forwarders_t **forwardersp); +/* + * Finds an exact match for "name" in the forwarding table. + */ + +isc_result_t +dns_fwdtable_find_closest(dns_fwdtable_t *fwdtable, dns_name_t *name, dns_name_t *foundname, + dns_forwarders_t **forwardersp); +/* + * Finds the closest match for "*name" in the forwarding table, returning + * the actual name matching in *name if different to *name passed in. + */ + +typedef void (*dns_fwdtable_callback_t)( dns_name_t *, dns_forwarders_t *, void *); +void dns_fwdtable_foreach(dns_fwdtable_t *fwdtable, dns_fwdtable_callback_t cb, void * ); +/* Invoke cb for each member of fwdtable + */ + + ISC_LANG_ENDDECLS #endif /* DNS_FORWARD_H */ --- bind-9.3.3rc2/lib/dns/include/dns/rbt.h.dbus 2004-10-11 07:55:51.000000000 +0200 +++ bind-9.3.3rc2/lib/dns/include/dns/rbt.h 2006-09-18 10:08:37.000000000 +0200 @@@@ -833,6 +833,17 @@@@ * Any error result from dns_name_concatenate. */ + +typedef void (*dns_rbt_traverse_callback_t)( dns_name_t *name, + void *node_data, + void *cb_arg1, + void *cb_arg2); + +void dns_rbt_traverse( dns_rbt_t *rbt, dns_rbt_traverse_callback_t cb, void *cb_arg1, void *cb_arg2 ); +/* tree traversal function (only used by D-BUS dynamic forwarding dbus_mgr at + * the moment) + */ + ISC_LANG_ENDDECLS #endif /* DNS_RBT_H */ --- bind-9.3.3rc2/lib/dns/rbt.c.dbus 2005-06-18 03:03:24.000000000 +0200 +++ bind-9.3.3rc2/lib/dns/rbt.c 2006-09-18 10:08:37.000000000 +0200 @@@@ -2172,6 +2172,47 @@@@ dns_rbt_printtree(rbt->root, NULL, 0); } +static void +dns_rbt_traverse_tree(dns_rbtnode_t *root, dns_rbt_traverse_callback_t cb, void *cb_arg1, void *cb_arg2 ) { +/* + * This is used ONLY to traverse the forward table by dbus_mgr at the moment. + * Since the forward table is not likely to be large, this can be recursive. + */ + dns_name_t name; + dns_offsets_t offsets; + char buf[DNS_NAME_MAXWIRE]; + isc_buffer_t buffer; + + if (root != NULL) { + + if (DOWN(root)) + dns_rbt_traverse_tree(DOWN(root), cb, cb_arg1, cb_arg2); + + if( LEFT(root) != NULL ) + dns_rbt_traverse_tree(LEFT(root), cb, cb_arg1, cb_arg2); + + if( RIGHT(root) != NULL ) + dns_rbt_traverse_tree(RIGHT(root), cb, cb_arg1, cb_arg2); + + if( DATA(root) == 0L ) + return; + + dns_name_init(&name, offsets); + isc_buffer_init(&buffer, buf, DNS_NAME_MAXWIRE); + dns_name_setbuffer( &name, &buffer); + dns_rbt_fullnamefromnode(root, &name); + + (*cb)(&name, DATA(root), cb_arg1, cb_arg2); + } +} + +void dns_rbt_traverse( dns_rbt_t *rbt, dns_rbt_traverse_callback_t cb, void *cb_arg1, void *cb_arg2 ) +{ + REQUIRE(VALID_RBT(rbt)); + + dns_rbt_traverse_tree( rbt->root, cb, cb_arg1, cb_arg2 ); +} + /* * Chain Functions */ --- bind-9.3.3rc2/lib/isc/include/isc/socket.h.dbus 2004-03-08 10:04:53.000000000 +0100 +++ bind-9.3.3rc2/lib/isc/include/isc/socket.h 2006-09-18 10:08:37.000000000 +0200 @@@@ -136,6 +136,10 @@@@ #define ISC_SOCKEVENT_NEWCONN (ISC_EVENTCLASS_SOCKET + 3) #define ISC_SOCKEVENT_CONNECT (ISC_EVENTCLASS_SOCKET + 4) +#define ISC_SOCKEVENT_READ_READY (ISC_EVENTCLASS_SOCKET + 5) +#define ISC_SOCKEVENT_WRITE_READY (ISC_EVENTCLASS_SOCKET + 6) +#define ISC_SOCKEVENT_SELECTED (ISC_EVENTCLASS_SOCKET + 7) + /* * Internal events. */ @@@@ -144,7 +148,8 @@@@ typedef enum { isc_sockettype_udp = 1, - isc_sockettype_tcp = 2 + isc_sockettype_tcp = 2, + isc_sockettype_fd = 8 } isc_sockettype_t; /* @@@@ -699,6 +704,30 @@@@ * 'sock' is a valid socket. */ +isc_socketevent_t* +isc_socket_fd_handle_reads( isc_socket_t *sock, isc_socketevent_t *dev ); +/* register the "dev" event to be sent when the isc_sockettype_fd sock + * was select()-ed for read. If there is already an event registered, it + * is returned, otherwise 0 is returned. If dev is 0, removes any existing + * registered event. + */ + +isc_socketevent_t* +isc_socket_fd_handle_writes( isc_socket_t *sock, isc_socketevent_t *dev ); +/* register the "dev" event to be sent when the isc_sockettype_fd sock + * was select()-ed for write. If there is already an event registered, it + * is returned, otherwise 0 is returned. If dev is 0, removes any existing + * registered event. + */ + +isc_socketevent_t* +isc_socket_fd_handle_selected( isc_socket_t *sock, isc_socketevent_t *dev ); +/* register the "dev" event to be sent when ALL isc_sockettype_fd sockets + * have been select()-ed . If there is already an event registered, it + * is returned, otherwise 0 is returned. If dev is 0, removes any existing + * registered event. + */ + ISC_LANG_ENDDECLS #endif /* ISC_SOCKET_H */ --- bind-9.3.3rc2/lib/isc/unix/socket.c.dbus 2006-05-19 04:53:36.000000000 +0200 +++ bind-9.3.3rc2/lib/isc/unix/socket.c 2006-09-18 10:08:37.000000000 +0200 @@@@ -148,6 +148,11 @@@@ ISC_LIST(isc_socketevent_t) recv_list; ISC_LIST(isc_socket_newconnev_t) accept_list; isc_socket_connev_t *connect_ev; + + /* these are used only by isc_sockettype_fd sockets:*/ + isc_socketevent_t *read_ready_event; + isc_socketevent_t *write_ready_event; + isc_socketevent_t *selected_event; /* * Internal events. Posted when a descriptor is readable or @@@@ -304,7 +309,7 @@@@ static void wakeup_socket(isc_socketmgr_t *manager, int fd, int msg) { - isc_socket_t *sock; + isc_socket_t *sock=0L; /* * This is a wakeup on a socket. If the socket is not in the @@@@ -1289,6 +1294,9 @@@@ sock->connected = 0; sock->connecting = 0; sock->bound = 0; + sock->read_ready_event = 0L; + sock->write_ready_event = 0L; + sock->selected_event = 0L; /* * initialize the lock @@@@ -1401,13 +1409,16 @@@@ case isc_sockettype_tcp: sock->fd = socket(pf, SOCK_STREAM, IPPROTO_TCP); break; + + case isc_sockettype_fd: + sock->fd = pf; } #ifdef F_DUPFD /* * Leave a space for stdio to work in. */ - if (sock->fd >= 0 && sock->fd < 20) { + if ( (type != isc_sockettype_fd) && (sock->fd >= 0) && (sock->fd < 20) ) { int new, tmp; new = fcntl(sock->fd, F_DUPFD, 20); tmp = errno; @@@@ -1461,7 +1472,7 @@@@ } } - if (make_nonblock(sock->fd) != ISC_R_SUCCESS) { + if ((type != isc_sockettype_fd) && (make_nonblock(sock->fd) != ISC_R_SUCCESS)) { (void)close(sock->fd); free_socket(&sock); return (ISC_R_UNEXPECTED); @@@@ -1729,6 +1740,38 @@@@ isc_task_send(ev->ev_sender, (isc_event_t **)&iev); } +static +isc_event_t *dispatch_read_ready(isc_socketmgr_t *manager, isc_socket_t *sock) +{ + isc_event_t *dev = (isc_event_t*)sock->read_ready_event, *ev; + + ev = isc_mem_get(manager->mctx, dev->ev_size); + memcpy(ev,dev,dev->ev_size); + ISC_LINK_INIT(ev,ev_link); + isc_task_send(dev->ev_sender, &ev ); + return (isc_event_t *)sock->selected_event; +} + +static +isc_event_t *dispatch_write_ready(isc_socketmgr_t *manager,isc_socket_t *sock) +{ + isc_event_t *dev = (isc_event_t*)sock->write_ready_event, *ev; + ev = isc_mem_get(manager->mctx, dev->ev_size); + memcpy(ev,dev,dev->ev_size); + ISC_LINK_INIT(ev,ev_link); + isc_task_send(dev->ev_sender, &ev ); + return (isc_event_t *)sock->selected_event; +} + +static +void dispatch_selected(isc_socketmgr_t *manager, isc_event_t *dev) +{ isc_event_t *ev; + ev = isc_mem_get(manager->mctx, dev->ev_size); + memcpy(ev,dev,dev->ev_size); + ISC_LINK_INIT(ev,ev_link); + isc_task_send(dev->ev_sender, &ev ); +} + /* * Dequeue an item off the given socket's read queue, set the result code * in the done event to the one provided, and send it to the task it was @@@@ -2136,6 +2179,7 @@@@ int i; isc_socket_t *sock; isc_boolean_t unlock_sock; + isc_event_t *sock_selected = 0L; REQUIRE(maxfd <= (int)FD_SETSIZE); @@@@ -2169,11 +2213,15 @@@@ unlock_sock = ISC_TRUE; LOCK(&sock->lock); if (!SOCK_DEAD(sock)) { + if( sock->type != isc_sockettype_fd ) + { if (sock->listener) dispatch_accept(sock); else dispatch_recv(sock); - } + }else + sock_selected = dispatch_read_ready(manager,sock); + } FD_CLR(i, &manager->read_fds); } check_write: @@@@ -2187,16 +2235,24 @@@@ LOCK(&sock->lock); } if (!SOCK_DEAD(sock)) { + if( sock->type != isc_sockettype_fd ) + { if (sock->connecting) dispatch_connect(sock); else dispatch_send(sock); + }else + sock_selected = dispatch_write_ready(manager,sock); } FD_CLR(i, &manager->write_fds); } if (unlock_sock) UNLOCK(&sock->lock); } + if( sock_selected != 0L ) + { + dispatch_selected(manager, sock_selected); + } } #ifdef ISC_PLATFORM_USETHREADS @@@@ -2215,7 +2271,7 @@@@ int cc; fd_set readfds; fd_set writefds; - int msg, fd; + int msg, fd = -1; int maxfd; char strbuf[ISC_STRERRORSIZE]; @@@@ -3546,3 +3602,55 @@@@ return (ISC_R_SUCCESS); } #endif /* ISC_PLATFORM_USETHREADS */ + +isc_socketevent_t* +isc_socket_fd_handle_reads( isc_socket_t *sock, isc_socketevent_t *dev ) +{ + REQUIRE(VALID_SOCKET(sock)); + if(dev != 0L) + { + sock->references=1; + sock->read_ready_event = dev; + select_poke(sock->manager, sock->fd, SELECT_POKE_READ); + }else + { + dev = sock->read_ready_event ; + sock->read_ready_event = 0L ; + } + return dev; +} + +isc_socketevent_t* +isc_socket_fd_handle_writes( isc_socket_t *sock, isc_socketevent_t *dev ) +{ + REQUIRE(VALID_SOCKET(sock)); + if(dev != 0L) + { + sock->references=1; + sock->write_ready_event = dev; + select_poke(sock->manager, sock->fd, SELECT_POKE_WRITE); + }else + { + dev = sock->write_ready_event; + sock->write_ready_event = 0L; + } + return dev; +} + +isc_socketevent_t* +isc_socket_fd_handle_selected( isc_socket_t *sock, isc_socketevent_t *dev ) +{ + REQUIRE(VALID_SOCKET(sock)); + if(dev != 0L) + { + sock->references=1; + sock->selected_event = dev; + }else + { + dev = sock->selected_event; + sock->selected_event = 0L; + sock->references=0; + destroy(&sock); + } + return dev; +} --- bind-9.3.3rc2/bin/named/named.8.dbus 2006-06-29 15:02:30.000000000 +0200 +++ bind-9.3.3rc2/bin/named/named.8 2006-09-18 10:08:37.000000000 +0200 @@@@ -33,7 +33,7 @@@@ named \- Internet domain name server .SH "SYNOPSIS" .HP 6 -\fBnamed\fR [\fB\-4\fR] [\fB\-6\fR] [\fB\-c\ \fR\fB\fIconfig\-file\fR\fR] [\fB\-d\ \fR\fB\fIdebug\-level\fR\fR] [\fB\-f\fR] [\fB\-g\fR] [\fB\-n\ \fR\fB\fI#cpus\fR\fR] [\fB\-p\ \fR\fB\fIport\fR\fR] [\fB\-s\fR] [\fB\-t\ \fR\fB\fIdirectory\fR\fR] [\fB\-u\ \fR\fB\fIuser\fR\fR] [\fB\-v\fR] [\fB\-x\ \fR\fB\fIcache\-file\fR\fR] +\fBnamed\fR [\fB\-4\fR] [\fB\-6\fR] [\fB\-c\ \fR\fB\fIconfig\-file\fR\fR] [\fB\-d\ \fR\fB\fIdebug\-level\fR\fR] [\fB\-f\fR] [\fB\-g\fR] [\fB\-n\ \fR\fB\fI#cpus\fR\fR] [\fB\-p\ \fR\fB\fIport\fR\fR] [\fB\-s\fR] [\fB\-t\ \fR\fB\fIdirectory\fR\fR] [\fB\-u\ \fR\fB\fIuser\fR\fR] [\fB\-v\fR] [\fB\-x\ \fR\fB\fIcache\-file\fR\fR] [\fB\-D\fR] .SH "DESCRIPTION" .PP \fBnamed\fR @@@@ -146,6 +146,13 @@@@ .B "Warning:" This option must not be used. It is only of interest to BIND 9 developers and may be removed or changed in a future release. .RE +.sp +.TP +\fB\-D\fR +Enable dynamic management of the forwarding table with D-BUS +messages. This option is required for Red Hat NetworkManager +support. See doc/README.DBUS . +.sp .SH "SIGNALS" .PP In routine operation, signals should not be used to control the nameserver; @@@@ -165,6 +172,73 @@@@ \fBnamed\fR configuration file is too complex to describe in detail here. A complete description is provided in the BIND 9 Administrator Reference Manual. +.PP +.SH "NOTES" +.PP +.TP +\fBRed Hat SELinux BIND Security Profile:\fR +.PP +By default, Red Hat ships BIND with the most secure SELinux policy +that will not prevent normal BIND operation and will prevent exploitation +of all known BIND security vulnerabilities . See the selinux(8) man page +for information about SElinux. +.PP +It is not necessary to run named in a chroot environment if the Red Hat +SELinux policy for named is enabled. When enabled, this policy is far +more secure than a chroot environment. +.PP +With this extra security comes some restrictions: +.br +By default, the SELinux policy does not allow named to write any master +zone database files. Only the root user may create files in the $ROOTDIR/var/named +zone database file directory (the options { "directory" } option), where +$ROOTDIR is set in /etc/sysconfig/named. +.br +The "named" group must be granted read privelege to +these files in order for named to be enabled to read them. +.br +Any file created in the zone database file directory is automatically assigned +the SELinux file context named_zone_t . +.br +By default, SELinux prevents any role from modifying named_zone_t files; this +means that files in the zone database directory cannot be modified by dynamic +DNS (DDNS) updates or zone transfers. +.br +The Red Hat BIND distribution and SELinux policy creates two directories where +named is allowed to create and modify files: $ROOTDIR/var/named/slaves and +$ROOTDIR/var/named/data. By placing files you want named to modify, such as +slave or DDNS updateable zone files and database / statistics dump files in +these directories, named will work normally and no further operator action is +required. Files in these directories are automatically assigned the 'named_cache_t' +file context, which SELinux allows named to write. +.br +You can enable the named_t domain to write and create named_zone_t files by use +of the SELinux tunable boolean variable "named_write_master_zones", using the +setsebool(8) command or the system-config-security GUI . If you do this, you +must also set the ENABLE_ZONE_WRITE variable in /etc/sysconfig/named to +1 / yes to set the ownership of files in the $ROOTDIR/var/named directory +to named:named in order for named to be allowed to write them. +.PP +\fBRed Hat BIND named_sdb SDB support:\fR +.PP +Red Hat ships the bind-sdb RPM that provides the /usr/sbin/named_sdb program, +which is named compiled with the Simplified Database Backend modules that ISC +provides in the "contrib/sdb" directory. +.br +The SDB modules for LDAP, PostGreSQL and DirDB are compiled into named_sdb. +.br +To run named_sdb, set the ENABLE_SDB variable in /etc/sysconfig/named to 1 or "yes", +and then the "service named start" named initscript will run named_sdb instead +of named . +.br +See the documentation for the various SDB modules in /usr/share/doc/bind-sdb-*/ . +.PP +\fBRed Hat system-config-bind:\fR +.PP +Red Hat provides the system-config-bind GUI to configure named.conf and zone +database files. Run the "system-config-bind" command and access the manual +by selecting the Help menu. +.PP .SH "FILES" .TP 3n \fI/etc/named.conf\fR --- bind-9.3.3rc2/bin/named/include/named/globals.h.dbus 2006-03-02 01:37:20.000000000 +0100 +++ bind-9.3.3rc2/bin/named/include/named/globals.h 2006-09-18 10:08:37.000000000 +0200 @@@@ -112,6 +112,8 @@@@ EXTERN int ns_g_listen INIT(3); +EXTERN int ns_g_dbus INIT(0); + #undef EXTERN #undef INIT --- bind-9.3.3rc2/bin/named/include/named/log.h.dbus 2004-03-08 05:04:21.000000000 +0100 +++ bind-9.3.3rc2/bin/named/include/named/log.h 2006-09-18 10:08:37.000000000 +0200 @@@@ -34,6 +34,7 @@@@ #define NS_LOGCATEGORY_QUERIES (&ns_g_categories[4]) #define NS_LOGCATEGORY_UNMATCHED (&ns_g_categories[5]) #define NS_LOGCATEGORY_UPDATE_SECURITY (&ns_g_categories[6]) +#define NS_LOGCATEGORY_DBUS (&ns_g_categories[7]) /* * Backwards compatibility. @@@@ -51,6 +52,7 @@@@ #define NS_LOGMODULE_NOTIFY (&ns_g_modules[8]) #define NS_LOGMODULE_CONTROL (&ns_g_modules[9]) #define NS_LOGMODULE_LWRESD (&ns_g_modules[10]) +#define NS_LOGMODULE_DBUS (&ns_g_modules[11]) isc_result_t ns_log_init(isc_boolean_t safe); --- bind-9.3.3rc2/bin/named/include/named/server.h.dbus 2006-03-02 01:37:20.000000000 +0100 +++ bind-9.3.3rc2/bin/named/include/named/server.h 2006-09-18 10:08:37.000000000 +0200 @@@@ -91,7 +91,8 @@@@ ns_controls_t * controls; /* Control channels */ unsigned int dispatchgen; ns_dispatchlist_t dispatches; - + + ns_dbus_mgr_t * dbus_mgr; }; #define NS_SERVER_MAGIC ISC_MAGIC('S','V','E','R') --- bind-9.3.3rc2/bin/named/include/named/types.h.dbus 2004-03-06 11:21:26.000000000 +0100 +++ bind-9.3.3rc2/bin/named/include/named/types.h 2006-09-18 10:08:37.000000000 +0200 @@@@ -38,4 +38,6 @@@@ typedef struct ns_dispatch ns_dispatch_t; typedef ISC_LIST(ns_dispatch_t) ns_dispatchlist_t; +typedef struct ns_dbus_mgr ns_dbus_mgr_t ; + #endif /* NAMED_TYPES_H */ --- bind-9.3.3rc2/bin/named/log.c.dbus 2005-05-25 01:58:17.000000000 +0200 +++ bind-9.3.3rc2/bin/named/log.c 2006-09-18 10:08:37.000000000 +0200 @@@@ -41,6 +41,7 @@@@ { "queries", 0 }, { "unmatched", 0 }, { "update-security", 0 }, + { "dbus", 0 }, { NULL, 0 } }; @@@@ -60,6 +61,7 @@@@ { "notify", 0 }, { "control", 0 }, { "lwresd", 0 }, + { "dbus", 0 }, { NULL, 0 } }; --- bind-9.3.3rc2/bin/named/main.c.dbus 2006-01-06 01:01:42.000000000 +0100 +++ bind-9.3.3rc2/bin/named/main.c 2006-09-18 10:08:37.000000000 +0200 @@@@ -239,7 +239,8 @@@@ "usage: named [-4|-6] [-c conffile] [-d debuglevel] " "[-f|-g] [-n number_of_cpus]\n" " [-p port] [-s] [-t chrootdir] [-u username]\n" - " [-m {usage|trace|record}]\n"); + " [-m {usage|trace|record}]\n" + " [-D ]\n"); } static void @@@@ -345,7 +346,7 @@@@ isc_commandline_errprint = ISC_FALSE; while ((ch = isc_commandline_parse(argc, argv, - "46c:C:d:fgi:lm:n:N:p:P:st:u:vx:")) != -1) { + "46c:C:d:fgi:lm:n:N:p:P:st:u:vx:D")) != -1) { switch (ch) { case '4': if (disable4) @@@@ -434,6 +435,9 @@@@ case 'v': printf("BIND %s\n", ns_g_version); exit(0); + case 'D': + ns_g_dbus = 1; + break; case '?': usage(); ns_main_earlyfatal("unknown option '-%c'", --- bind-9.3.3rc2/bin/named/server.c.dbus 2006-05-24 06:30:24.000000000 +0200 +++ bind-9.3.3rc2/bin/named/server.c 2006-09-18 10:08:37.000000000 +0200 @@@@ -86,6 +86,8 @@@@ #include #endif +#include + /* * Check an operation for failure. Assumes that the function * using it has a 'result' variable and a 'cleanup' label. @@@@ -1495,12 +1497,12 @@@@ if (result != ISC_R_SUCCESS) { char namebuf[DNS_NAME_FORMATSIZE]; dns_name_format(origin, namebuf, sizeof(namebuf)); - cfg_obj_log(forwarders, ns_g_lctx, ISC_LOG_WARNING, - "could not set up forwarding for domain '%s': %s", + cfg_obj_log(forwarders, ns_g_lctx, ISC_LOG_NOTICE, + "setting up forwarding failed for domain '%s': %s", namebuf, isc_result_totext(result)); goto cleanup; } - + result = ISC_R_SUCCESS; cleanup: @@@@ -2875,6 +2877,20 @@@@ CHECKFATAL(load_zones(server, ISC_FALSE), "loading zones"); + server->dbus_mgr = 0L; + if( ns_g_dbus ) + if( dbus_mgr_create + ( ns_g_mctx, ns_g_taskmgr, ns_g_socketmgr, ns_g_timermgr, + &server->dbus_mgr + ) != ISC_R_SUCCESS + ) + { + isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, + NS_LOGMODULE_SERVER, ISC_LOG_WARNING, + "dbus_mgr initialization failed. D-BUS service is disabled." + ); + } + ns_os_started(); isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_NOTICE, "running"); @@@@ -2937,6 +2953,9 @@@@ dns_db_detach(&server->in_roothints); + if( server->dbus_mgr != 0L ) + dbus_mgr_shutdown(server->dbus_mgr); + isc_task_endexclusive(server->task); isc_task_detach(&server->task); --- bind-9.3.3rc2/bin/named/Makefile.in.dbus 2004-09-06 23:47:25.000000000 +0200 +++ bind-9.3.3rc2/bin/named/Makefile.in 2006-09-18 10:10:58.000000000 +0200 @@@@ -35,7 +35,8 @@@@ ${LWRES_INCLUDES} ${DNS_INCLUDES} ${BIND9_INCLUDES} \ ${ISCCFG_INCLUDES} ${ISCCC_INCLUDES} ${ISC_INCLUDES} \ ${DBDRIVER_INCLUDES} - +DBUS_INCLUDES = \ + -I/usr/lib/dbus-1.0/include -I/usr/include/dbus-1.0 CDEFINES = CWARNINGS = @@@@ -52,6 +53,7 @@@@ ISCDEPLIBS = ../../lib/isc/libisc.@@A@@ LWRESDEPLIBS = ../../lib/lwres/liblwres.@@A@@ BIND9DEPLIBS = ../../lib/bind9/libbind9.@@A@@ +DBUSLIBS= -ldbus-1 DEPLIBS = ${LWRESDEPLIBS} ${DNSDEPLIBS} ${BIND9DEPLIBS} \ ${ISCCFGDEPLIBS} ${ISCCCDEPLIBS} ${ISCDEPLIBS} @@@@ -71,6 +73,7 @@@@ zoneconf.@@O@@ \ lwaddr.@@O@@ lwresd.@@O@@ lwdclient.@@O@@ lwderror.@@O@@ lwdgabn.@@O@@ \ lwdgnba.@@O@@ lwdgrbn.@@O@@ lwdnoop.@@O@@ lwsearch.@@O@@ \ + dbus_service.@@O@@ dbus_mgr.@@O@@ \ $(DBDRIVER_OBJS) UOBJS = unix/os.@@O@@ @@@@ -83,6 +86,7 @@@@ zoneconf.c \ lwaddr.c lwresd.c lwdclient.c lwderror.c lwdgabn.c \ lwdgnba.c lwdgrbn.c lwdnoop.c lwsearch.c \ + dbus_service.c dbus_mgr.c \ $(DBDRIVER_SRCS) MANPAGES = named.8 lwresd.8 named.conf.5 @@@@ -105,9 +109,14 @@@@ -DNS_LOCALSTATEDIR=\"${localstatedir}\" \ -c ${srcdir}/config.c +dbus_service.o: dbus_service.c + ${LIBTOOL_MODE_COMPILE} ${CC} ${ALL_CFLAGS} \ + ${DBUS_INCLUDES} \ + -c ${srcdir}/dbus_service.c + named@@EXEEXT@@: ${OBJS} ${UOBJS} ${DEPLIBS} ${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} -o $@@ \ - ${OBJS} ${UOBJS} ${LIBS} + ${OBJS} ${UOBJS} ${LIBS} ${DBUSLIBS} lwresd@@EXEEXT@@: named@@EXEEXT@@ rm -f lwresd@@EXEEXT@@ @