int git_run_cmd(char *cmd, char *arg)
{
int i=0;
char ** argv=0;
int argc=0;
git_init();
for(i=0;i< sizeof(commands) / sizeof(struct cmd_struct);i++)
{
if(strcmp(cmd,commands[i].cmd)==0)
{
int ret;
if(arg != NULL)
argv = strtoargv(arg,&argc);
ret = commands[i].fn(argc, argv, NULL);
if(argv)
free(argv);
discard_cache();
free_all_pack();
return ret;
}
}
return -1;
}
int git_open_log(GIT_LOG * handle, char * arg)
{
struct rev_info *p_Rev;
char ** argv=0;
int argc=0;
unsigned int i=0;
struct setup_revision_opt opt;
/* clear flags */
unsigned int obj_size = get_max_object_index();
for(i =0; i<obj_size; i++)
{
struct object *ob= get_indexed_object(i);
if(ob)
{
ob->flags=0;
if (ob->parsed && ob->type == OBJ_COMMIT)
{
struct commit* commit = (struct commit*)ob;
free_commit_list(commit->parents);
commit->parents = NULL;
if (commit->tree)
free_tree_buffer(commit->tree);
commit->tree = NULL;
ob->parsed = 0;
}
}
}
if(arg != NULL)
argv = strtoargv(arg,&argc);
if (!argv)
return -1;
p_Rev = malloc(sizeof(struct rev_info));
if (p_Rev == NULL)
{
free(argv);
return -1;
}
memset(p_Rev,0,sizeof(struct rev_info));
invalidate_ref_cache(NULL);
init_revisions(p_Rev, g_prefix);
p_Rev->diff = 1;
memset(&opt, 0, sizeof(opt));
opt.def = "HEAD";
cmd_log_init(argc, argv, g_prefix,p_Rev,&opt);
p_Rev->pPrivate = argv;
*handle = p_Rev;
return 0;
}
int git_open_log(GIT_LOG * handle, char * arg)
{
struct rev_info *p_Rev;
char ** argv=0;
int argc=0;
unsigned int i=0;
struct setup_revision_opt opt;
/* clear flags */
unsigned int obj_size = get_max_object_index();
for(i =0; i<obj_size; i++)
{
struct object *ob= get_indexed_object(i);
if(ob)
ob->flags=0;
}
if(arg != NULL)
argv = strtoargv(arg,&argc);
if (!argv)
return -1;
p_Rev = malloc(sizeof(struct rev_info));
if (p_Rev == NULL)
{
free(argv);
return -1;
}
memset(p_Rev,0,sizeof(struct rev_info));
invalidate_ref_cache(NULL);
init_revisions(p_Rev, g_prefix);
p_Rev->diff = 1;
memset(&opt, 0, sizeof(opt));
opt.def = "HEAD";
cmd_log_init(argc, argv, g_prefix,p_Rev,&opt);
p_Rev->pPrivate = argv;
*handle = p_Rev;
return 0;
}
/* Get the command line arguments from the previous invocation
*/
static int
run_last_args(fko_cli_options_t *options, const char * const args_save_file)
{
FILE *args_file_ptr = NULL;
int argc_new = 0, args_broken = 0;
char args_str[MAX_LINE_LEN] = {0};
char *argv_new[MAX_CMDLINE_ARGS]; /* should be way more than enough */
memset(argv_new, 0x0, sizeof(argv_new));
if(verify_file_perms_ownership(args_save_file) != 1)
return 0;
if ((args_file_ptr = fopen(args_save_file, "r")) == NULL)
{
log_msg(LOG_VERBOSITY_ERROR, "Could not open args file: %s",
args_save_file);
return 0;
}
if ((fgets(args_str, MAX_LINE_LEN, args_file_ptr)) != NULL)
{
args_str[MAX_LINE_LEN-1] = '\0';
if (options->verbose)
log_msg(LOG_VERBOSITY_NORMAL, "Executing: %s", args_str);
if(strtoargv(args_str, argv_new, &argc_new, options) != 1)
{
args_broken = 1;
}
}
fclose(args_file_ptr);
if(args_broken)
return 0;
/* Reset the options index so we can run through them again.
*/
optind = 0;
config_init(options, argc_new, argv_new);
/* Since we passed in our own copies, free up malloc'd memory
*/
free_argv(argv_new, &argc_new);
return 1;
}
int git_update_index(void)
{
char** argv = NULL;
int argc = 0;
int ret;
argv = strtoargv("-q --refresh", &argc);
if (!argv)
return -1;
cleanup_chdir_notify();
drop_all_attr_stacks();
ret = cmd_update_index(argc, argv, NULL);
free(argv);
discard_cache();
free_all_pack();
return ret;
}
int git_open_diff(GIT_DIFF *diff, char * arg)
{
struct rev_info *p_Rev;
char ** argv=0;
int argc=0;
if(arg != NULL)
argv = strtoargv(arg,&argc);
p_Rev = malloc(sizeof(struct rev_info));
memset(p_Rev,0,sizeof(struct rev_info));
p_Rev->pPrivate = argv;
*diff = (GIT_DIFF)p_Rev;
init_revisions(p_Rev, g_prefix);
git_config(git_diff_basic_config, NULL); /* no "diff" UI options */
p_Rev->abbrev = 0;
p_Rev->diff = 1;
argc = setup_revisions(argc, argv, p_Rev, NULL);
return 0;
}
/* Run an external command returning exit status, and optionally filling
* provided buffer with STDOUT output up to the size provided.
*
* Note: XXX: We are not using the timeout parameter at present. We still need
* to implement a reliable timeout mechanism.
*/
static int
_run_extcmd(uid_t uid, gid_t gid, const char *cmd, char *so_buf,
const size_t so_buf_sz, const int want_stderr, const int timeout,
const char *substr_search, int *pid_status,
const fko_srv_options_t * const opts)
{
char so_read_buf[IO_READ_BUF_LEN] = {0};
pid_t pid=0;
FILE *output;
int retval = EXTCMD_SUCCESS_ALL_OUTPUT;
int line_ctr = 0, found_str = 0;
char *argv_new[MAX_CMDLINE_ARGS]; /* for validation and/or execvpe() */
int argc_new=0;
#if HAVE_EXECVPE
int pipe_fd[2];
#endif
#if AFL_FUZZING
return 0;
#endif
*pid_status = 0;
/* Even without execvpe() we examine the command for basic validity
* in term of number of args
*/
memset(argv_new, 0x0, sizeof(argv_new));
if(strtoargv(cmd, argv_new, &argc_new, opts) != 1)
{
log_msg(LOG_ERR,
"run_extcmd(): Error converting cmd str to argv via strtoargv()");
return EXTCMD_ARGV_ERROR;
}
#if !HAVE_EXECVPE
/* if we are not using execvpe() then free up argv_new unconditionally
* since was used only for validation
*/
free_argv(argv_new, &argc_new);
#endif
#if HAVE_EXECVPE
if(opts->verbose > 1)
log_msg(LOG_INFO, "run_extcmd() (with execvpe()): running CMD: %s", cmd);
if(so_buf != NULL || substr_search != NULL)
{
if(pipe(pipe_fd) < 0)
{
log_msg(LOG_ERR, "run_extcmd(): pipe() failed: %s", strerror(errno));
free_argv(argv_new, &argc_new);
return EXTCMD_PIPE_ERROR;
}
}
pid = fork();
if (pid == 0)
{
if(chdir("/") != 0)
exit(EXTCMD_CHDIR_ERROR);
if(so_buf != NULL || substr_search != NULL)
{
close(pipe_fd[0]);
dup2(pipe_fd[1], STDOUT_FILENO);
if(want_stderr)
dup2(pipe_fd[1], STDERR_FILENO);
else
close(STDERR_FILENO);
}
/* Take care of gid/uid settings before running the command.
*/
if(gid > 0)
if(setgid(gid) < 0)
exit(EXTCMD_SETGID_ERROR);
if(uid > 0)
if(setuid(uid) < 0)
exit(EXTCMD_SETUID_ERROR);
/* don't use env
*/
execvpe(argv_new[0], argv_new, (char * const *)NULL);
}
else if(pid == -1)
{
log_msg(LOG_ERR, "run_extcmd(): fork() failed: %s", strerror(errno));
free_argv(argv_new, &argc_new);
return EXTCMD_FORK_ERROR;
}
/* Only the parent process makes it here
*/
if(so_buf != NULL || substr_search != NULL)
{
close(pipe_fd[1]);
if ((output = fdopen(pipe_fd[0], "r")) != NULL)
{
if(so_buf != NULL)
memset(so_buf, 0x0, so_buf_sz);
while((fgets(so_read_buf, IO_READ_BUF_LEN, output)) != NULL)
{
line_ctr++;
if(so_buf != NULL)
{
strlcat(so_buf, so_read_buf, so_buf_sz);
if(strlen(so_buf) >= so_buf_sz-1)
break;
}
else /* we are looking for a substring */
{
/* Get past comments and empty lines (note: we only look at the
* first character).
*/
if(IS_EMPTY_LINE(so_read_buf[0]))
continue;
if(strstr(so_read_buf, substr_search) != NULL)
{
found_str = 1;
break;
}
}
}
fclose(output);
}
else
{
log_msg(LOG_ERR,
"run_extcmd(): could not fdopen() pipe output file descriptor.");
free_argv(argv_new, &argc_new);
return EXTCMD_OPEN_ERROR;
}
}
free_argv(argv_new, &argc_new);
waitpid(pid, pid_status, 0);
#else
if(opts->verbose > 1)
log_msg(LOG_INFO, "run_extcmd() (without execvpe()): running CMD: %s", cmd);
if(so_buf == NULL && substr_search == NULL)
{
/* Since we do not have to capture output, we will fork here (which we
* * would have to do anyway if we are running as another user as well).
* */
pid = fork();
if(pid == -1)
{
log_msg(LOG_ERR, "run_extcmd: fork failed: %s", strerror(errno));
return(EXTCMD_FORK_ERROR);
}
else if (pid == 0)
{
/* We are the child */
if(chdir("/") != 0)
exit(EXTCMD_CHDIR_ERROR);
/* Take care of gid/uid settings before running the command.
*/
if(gid > 0)
if(setgid(gid) < 0)
exit(EXTCMD_SETGID_ERROR);
if(uid > 0)
if(setuid(uid) < 0)
exit(EXTCMD_SETUID_ERROR);
*pid_status = system(cmd);
exit(*pid_status);
}
/* Retval is forced to 0 as we don't care about the exit status of
* the child (for now)
*/
retval = EXTCMD_SUCCESS_ALL_OUTPUT;
}
else
{
/* Looking for output use popen and fill the buffer to its limit.
*/
output = popen(cmd, "r");
if(output == NULL)
{
log_msg(LOG_ERR, "Got popen error %i: %s", errno, strerror(errno));
retval = EXTCMD_OPEN_ERROR;
}
else
{
if(so_buf != NULL)
memset(so_buf, 0x0, so_buf_sz);
while((fgets(so_read_buf, IO_READ_BUF_LEN, output)) != NULL)
{
line_ctr++;
if(so_buf != NULL)
{
strlcat(so_buf, so_read_buf, so_buf_sz);
if(strlen(so_buf) >= so_buf_sz-1)
break;
}
else /* we are looking for a substring */
{
/* Get past comments and empty lines (note: we only look at the
* first character).
*/
if(IS_EMPTY_LINE(so_read_buf[0]))
continue;
if(strstr(so_read_buf, substr_search) != NULL)
{
found_str = 1;
break;
}
}
}
pclose(output);
}
}
#endif
if(substr_search != NULL)
{
/* The semantics of the return value changes in search mode to the line
* number where the substring match was found, or zero if it wasn't found
*/
if(found_str)
retval = line_ctr;
else
retval = 0;
}
else
{
if(WIFEXITED(*pid_status))
{
/* Even if the child exited with an error condition, if we make it here
* then the child exited normally as far as the OS is concerned (i.e. didn't
* crash or get hit with a signal)
*/
retval = EXTCMD_SUCCESS_ALL_OUTPUT;
}
else
retval = EXTCMD_EXECUTION_ERROR;
}
if(opts->verbose > 1)
log_msg(LOG_INFO,
"run_extcmd(): returning %d, pid_status: %d",
retval, WIFEXITED(*pid_status) ? WEXITSTATUS(*pid_status) : *pid_status);
return(retval);
}
isc_result_t
ns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig,
const cfg_obj_t *zconfig, cfg_aclconfctx_t *ac,
dns_zone_t *zone)
{
isc_result_t result;
const char *zname;
dns_rdataclass_t zclass;
dns_rdataclass_t vclass;
const cfg_obj_t *maps[5];
const cfg_obj_t *zoptions = NULL;
const cfg_obj_t *options = NULL;
const cfg_obj_t *obj;
const char *filename = NULL;
dns_notifytype_t notifytype = dns_notifytype_yes;
isc_sockaddr_t *addrs;
dns_name_t **keynames;
isc_uint32_t count;
char *cpval;
unsigned int dbargc;
char **dbargv;
static char default_dbtype[] = "rbt";
isc_mem_t *mctx = dns_zone_getmctx(zone);
dns_dialuptype_t dialup = dns_dialuptype_no;
dns_zonetype_t ztype;
int i;
isc_int32_t journal_size;
isc_boolean_t multi;
isc_boolean_t alt;
dns_view_t *view;
isc_boolean_t check = ISC_FALSE, fail = ISC_FALSE;
isc_boolean_t warn = ISC_FALSE, ignore = ISC_FALSE;
isc_boolean_t ixfrdiff;
dns_masterformat_t masterformat;
isc_stats_t *zoneqrystats;
isc_boolean_t zonestats_on;
int seconds;
i = 0;
if (zconfig != NULL) {
zoptions = cfg_tuple_get(zconfig, "options");
maps[i++] = zoptions;
}
if (vconfig != NULL)
maps[i++] = cfg_tuple_get(vconfig, "options");
if (config != NULL) {
(void)cfg_map_get(config, "options", &options);
if (options != NULL)
maps[i++] = options;
}
maps[i++] = ns_g_defaults;
maps[i] = NULL;
if (vconfig != NULL)
RETERR(ns_config_getclass(cfg_tuple_get(vconfig, "class"),
dns_rdataclass_in, &vclass));
else
vclass = dns_rdataclass_in;
/*
* Configure values common to all zone types.
*/
zname = cfg_obj_asstring(cfg_tuple_get(zconfig, "name"));
RETERR(ns_config_getclass(cfg_tuple_get(zconfig, "class"),
vclass, &zclass));
dns_zone_setclass(zone, zclass);
ztype = zonetype_fromconfig(zoptions);
dns_zone_settype(zone, ztype);
obj = NULL;
result = cfg_map_get(zoptions, "database", &obj);
if (result == ISC_R_SUCCESS)
cpval = isc_mem_strdup(mctx, cfg_obj_asstring(obj));
else
cpval = default_dbtype;
if (cpval == NULL)
return(ISC_R_NOMEMORY);
result = strtoargv(mctx, cpval, &dbargc, &dbargv);
if (result != ISC_R_SUCCESS && cpval != default_dbtype) {
isc_mem_free(mctx, cpval);
return (result);
}
/*
* ANSI C is strange here. There is no logical reason why (char **)
* cannot be promoted automatically to (const char * const *) by the
* compiler w/o generating a warning.
*/
result = dns_zone_setdbtype(zone, dbargc, (const char * const *)dbargv);
isc_mem_put(mctx, dbargv, dbargc * sizeof(*dbargv));
if (cpval != default_dbtype)
isc_mem_free(mctx, cpval);
if (result != ISC_R_SUCCESS)
return (result);
obj = NULL;
result = cfg_map_get(zoptions, "file", &obj);
if (result == ISC_R_SUCCESS)
filename = cfg_obj_asstring(obj);
/*
* Unless we're using some alternative database, a master zone
* will be needing a master file.
*/
if (ztype == dns_zone_master && cpval == default_dbtype &&
filename == NULL) {
isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
NS_LOGMODULE_SERVER, ISC_LOG_ERROR,
"zone '%s': 'file' not specified",
zname);
return (ISC_R_FAILURE);
}
masterformat = dns_masterformat_text;
obj = NULL;
result= ns_config_get(maps, "masterfile-format", &obj);
if (result == ISC_R_SUCCESS) {
const char *masterformatstr = cfg_obj_asstring(obj);
if (strcasecmp(masterformatstr, "text") == 0)
masterformat = dns_masterformat_text;
else if (strcasecmp(masterformatstr, "raw") == 0)
masterformat = dns_masterformat_raw;
else
INSIST(0);
}
RETERR(dns_zone_setfile2(zone, filename, masterformat));
obj = NULL;
result = cfg_map_get(zoptions, "journal", &obj);
if (result == ISC_R_SUCCESS)
RETERR(dns_zone_setjournal(zone, cfg_obj_asstring(obj)));
if (ztype == dns_zone_slave)
RETERR(configure_zone_acl(zconfig, vconfig, config,
allow_notify, ac, zone,
dns_zone_setnotifyacl,
dns_zone_clearnotifyacl));
/*
* XXXAG This probably does not make sense for stubs.
*/
RETERR(configure_zone_acl(zconfig, vconfig, config,
allow_query, ac, zone,
dns_zone_setqueryacl,
dns_zone_clearqueryacl));
obj = NULL;
result = ns_config_get(maps, "dialup", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
if (cfg_obj_isboolean(obj)) {
if (cfg_obj_asboolean(obj))
dialup = dns_dialuptype_yes;
else
dialup = dns_dialuptype_no;
} else {
const char *dialupstr = cfg_obj_asstring(obj);
if (strcasecmp(dialupstr, "notify") == 0)
dialup = dns_dialuptype_notify;
else if (strcasecmp(dialupstr, "notify-passive") == 0)
dialup = dns_dialuptype_notifypassive;
else if (strcasecmp(dialupstr, "refresh") == 0)
dialup = dns_dialuptype_refresh;
else if (strcasecmp(dialupstr, "passive") == 0)
dialup = dns_dialuptype_passive;
else
INSIST(0);
}
dns_zone_setdialup(zone, dialup);
obj = NULL;
result = ns_config_get(maps, "zone-statistics", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
zonestats_on = cfg_obj_asboolean(obj);
zoneqrystats = NULL;
if (zonestats_on) {
RETERR(isc_stats_create(mctx, &zoneqrystats,
dns_nsstatscounter_max));
}
dns_zone_setrequeststats(zone, zoneqrystats);
if (zoneqrystats != NULL)
isc_stats_detach(&zoneqrystats);
/*
* Configure master functionality. This applies
* to primary masters (type "master") and slaves
* acting as masters (type "slave"), but not to stubs.
*/
if (ztype != dns_zone_stub && ztype != dns_zone_staticstub) {
obj = NULL;
result = ns_config_get(maps, "notify", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
if (cfg_obj_isboolean(obj)) {
if (cfg_obj_asboolean(obj))
notifytype = dns_notifytype_yes;
else
notifytype = dns_notifytype_no;
} else {
const char *notifystr = cfg_obj_asstring(obj);
if (strcasecmp(notifystr, "explicit") == 0)
notifytype = dns_notifytype_explicit;
else if (strcasecmp(notifystr, "master-only") == 0)
notifytype = dns_notifytype_masteronly;
else
INSIST(0);
}
dns_zone_setnotifytype(zone, notifytype);
obj = NULL;
result = ns_config_get(maps, "also-notify", &obj);
if (result == ISC_R_SUCCESS) {
isc_sockaddr_t *addrs = NULL;
isc_uint32_t addrcount;
result = ns_config_getiplist(config, obj, 0, mctx,
&addrs, &addrcount);
if (result != ISC_R_SUCCESS)
return (result);
result = dns_zone_setalsonotify(zone, addrs,
addrcount);
ns_config_putiplist(mctx, &addrs, addrcount);
if (result != ISC_R_SUCCESS)
return (result);
} else
RETERR(dns_zone_setalsonotify(zone, NULL, 0));
obj = NULL;
result = ns_config_get(maps, "notify-source", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
RETERR(dns_zone_setnotifysrc4(zone, cfg_obj_assockaddr(obj)));
ns_add_reserved_dispatch(ns_g_server, cfg_obj_assockaddr(obj));
obj = NULL;
result = ns_config_get(maps, "notify-source-v6", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
RETERR(dns_zone_setnotifysrc6(zone, cfg_obj_assockaddr(obj)));
ns_add_reserved_dispatch(ns_g_server, cfg_obj_assockaddr(obj));
obj = NULL;
result = ns_config_get(maps, "notify-to-soa", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setoption(zone, DNS_ZONEOPT_NOTIFYTOSOA,
cfg_obj_asboolean(obj));
dns_zone_setisself(zone, ns_client_isself, NULL);
RETERR(configure_zone_acl(zconfig, vconfig, config,
allow_transfer, ac, zone,
dns_zone_setxfracl,
dns_zone_clearxfracl));
obj = NULL;
result = ns_config_get(maps, "max-transfer-time-out", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setmaxxfrout(zone, cfg_obj_asuint32(obj) * 60);
obj = NULL;
result = ns_config_get(maps, "max-transfer-idle-out", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setidleout(zone, cfg_obj_asuint32(obj) * 60);
obj = NULL;
result = ns_config_get(maps, "max-journal-size", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setjournalsize(zone, -1);
if (cfg_obj_isstring(obj)) {
const char *str = cfg_obj_asstring(obj);
INSIST(strcasecmp(str, "unlimited") == 0);
journal_size = ISC_UINT32_MAX / 2;
} else {
isc_resourcevalue_t value;
value = cfg_obj_asuint64(obj);
if (value > ISC_UINT32_MAX / 2) {
cfg_obj_log(obj, ns_g_lctx,
ISC_LOG_ERROR,
"'max-journal-size "
"%" ISC_PRINT_QUADFORMAT "d' "
"is too large",
value);
RETERR(ISC_R_RANGE);
}
journal_size = (isc_uint32_t)value;
}
dns_zone_setjournalsize(zone, journal_size);
obj = NULL;
result = ns_config_get(maps, "ixfr-from-differences", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
if (cfg_obj_isboolean(obj))
ixfrdiff = cfg_obj_asboolean(obj);
else if (!strcasecmp(cfg_obj_asstring(obj), "master") &&
ztype == dns_zone_master)
ixfrdiff = ISC_TRUE;
else if (!strcasecmp(cfg_obj_asstring(obj), "slave") &&
ztype == dns_zone_slave)
ixfrdiff = ISC_TRUE;
else
ixfrdiff = ISC_FALSE;
dns_zone_setoption(zone, DNS_ZONEOPT_IXFRFROMDIFFS, ixfrdiff);
checknames(ztype, maps, &obj);
INSIST(obj != NULL);
if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
fail = ISC_FALSE;
check = ISC_TRUE;
} else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
fail = check = ISC_TRUE;
} else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
fail = check = ISC_FALSE;
} else
INSIST(0);
dns_zone_setoption(zone, DNS_ZONEOPT_CHECKNAMES, check);
dns_zone_setoption(zone, DNS_ZONEOPT_CHECKNAMESFAIL, fail);
obj = NULL;
result = ns_config_get(maps, "notify-delay", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setnotifydelay(zone, cfg_obj_asuint32(obj));
obj = NULL;
result = ns_config_get(maps, "check-sibling", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setoption(zone, DNS_ZONEOPT_CHECKSIBLING,
cfg_obj_asboolean(obj));
obj = NULL;
result = ns_config_get(maps, "zero-no-soa-ttl", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setzeronosoattl(zone, cfg_obj_asboolean(obj));
obj = NULL;
result = ns_config_get(maps, "nsec3-test-zone", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setoption(zone, DNS_ZONEOPT_NSEC3TESTZONE,
cfg_obj_asboolean(obj));
}
/*
* Configure update-related options. These apply to
* primary masters only.
*/
if (ztype == dns_zone_master) {
dns_acl_t *updateacl;
RETERR(configure_zone_acl(zconfig, vconfig, config,
allow_update, ac, zone,
dns_zone_setupdateacl,
dns_zone_clearupdateacl));
updateacl = dns_zone_getupdateacl(zone);
if (updateacl != NULL && dns_acl_isinsecure(updateacl))
isc_log_write(ns_g_lctx, DNS_LOGCATEGORY_SECURITY,
NS_LOGMODULE_SERVER, ISC_LOG_WARNING,
"zone '%s' allows updates by IP "
"address, which is insecure",
zname);
RETERR(configure_zone_ssutable(zoptions, zone, zname));
obj = NULL;
result = ns_config_get(maps, "sig-validity-interval", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
{
const cfg_obj_t *validity, *resign;
validity = cfg_tuple_get(obj, "validity");
seconds = cfg_obj_asuint32(validity) * 86400;
dns_zone_setsigvalidityinterval(zone, seconds);
resign = cfg_tuple_get(obj, "re-sign");
if (cfg_obj_isvoid(resign)) {
seconds /= 4;
} else {
if (seconds > 7 * 86400)
seconds = cfg_obj_asuint32(resign) *
86400;
else
seconds = cfg_obj_asuint32(resign) *
3600;
}
dns_zone_setsigresigninginterval(zone, seconds);
}
obj = NULL;
result = ns_config_get(maps, "key-directory", &obj);
if (result == ISC_R_SUCCESS) {
filename = cfg_obj_asstring(obj);
RETERR(dns_zone_setkeydirectory(zone, filename));
}
obj = NULL;
result = ns_config_get(maps, "sig-signing-signatures", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setsignatures(zone, cfg_obj_asuint32(obj));
obj = NULL;
result = ns_config_get(maps, "sig-signing-nodes", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setnodes(zone, cfg_obj_asuint32(obj));
obj = NULL;
result = ns_config_get(maps, "sig-signing-type", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setprivatetype(zone, cfg_obj_asuint32(obj));
obj = NULL;
result = ns_config_get(maps, "update-check-ksk", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setoption(zone, DNS_ZONEOPT_UPDATECHECKKSK,
cfg_obj_asboolean(obj));
obj = NULL;
result = ns_config_get(maps, "dnssec-dnskey-kskonly", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setoption(zone, DNS_ZONEOPT_DNSKEYKSKONLY,
cfg_obj_asboolean(obj));
} else if (ztype == dns_zone_slave) {
RETERR(configure_zone_acl(zconfig, vconfig, config,
allow_update_forwarding, ac, zone,
dns_zone_setforwardacl,
dns_zone_clearforwardacl));
}
/*%
* Primary master functionality.
*/
if (ztype == dns_zone_master) {
isc_boolean_t allow = ISC_FALSE, maint = ISC_FALSE;
obj = NULL;
result = ns_config_get(maps, "check-wildcard", &obj);
if (result == ISC_R_SUCCESS)
check = cfg_obj_asboolean(obj);
else
check = ISC_FALSE;
dns_zone_setoption(zone, DNS_ZONEOPT_CHECKWILDCARD, check);
obj = NULL;
result = ns_config_get(maps, "check-dup-records", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
fail = ISC_FALSE;
check = ISC_TRUE;
} else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
fail = check = ISC_TRUE;
} else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
fail = check = ISC_FALSE;
} else
INSIST(0);
dns_zone_setoption(zone, DNS_ZONEOPT_CHECKDUPRR, check);
dns_zone_setoption(zone, DNS_ZONEOPT_CHECKDUPRRFAIL, fail);
obj = NULL;
result = ns_config_get(maps, "check-mx", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
fail = ISC_FALSE;
check = ISC_TRUE;
} else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
fail = check = ISC_TRUE;
} else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
fail = check = ISC_FALSE;
} else
INSIST(0);
dns_zone_setoption(zone, DNS_ZONEOPT_CHECKMX, check);
dns_zone_setoption(zone, DNS_ZONEOPT_CHECKMXFAIL, fail);
obj = NULL;
result = ns_config_get(maps, "check-integrity", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setoption(zone, DNS_ZONEOPT_CHECKINTEGRITY,
cfg_obj_asboolean(obj));
obj = NULL;
result = ns_config_get(maps, "check-mx-cname", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
warn = ISC_TRUE;
ignore = ISC_FALSE;
} else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
warn = ignore = ISC_FALSE;
} else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
warn = ignore = ISC_TRUE;
} else
INSIST(0);
dns_zone_setoption(zone, DNS_ZONEOPT_WARNMXCNAME, warn);
dns_zone_setoption(zone, DNS_ZONEOPT_IGNOREMXCNAME, ignore);
obj = NULL;
result = ns_config_get(maps, "check-srv-cname", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
warn = ISC_TRUE;
ignore = ISC_FALSE;
} else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
warn = ignore = ISC_FALSE;
} else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
warn = ignore = ISC_TRUE;
} else
INSIST(0);
dns_zone_setoption(zone, DNS_ZONEOPT_WARNSRVCNAME, warn);
dns_zone_setoption(zone, DNS_ZONEOPT_IGNORESRVCNAME, ignore);
obj = NULL;
result = ns_config_get(maps, "dnssec-secure-to-insecure", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setoption(zone, DNS_ZONEOPT_SECURETOINSECURE,
cfg_obj_asboolean(obj));
obj = NULL;
result = cfg_map_get(zoptions, "auto-dnssec", &obj);
if (result == ISC_R_SUCCESS) {
const char *arg = cfg_obj_asstring(obj);
if (strcasecmp(arg, "allow") == 0)
allow = ISC_TRUE;
else if (strcasecmp(arg, "maintain") == 0)
allow = maint = ISC_TRUE;
else if (strcasecmp(arg, "off") == 0)
;
else
INSIST(0);
dns_zone_setkeyopt(zone, DNS_ZONEKEY_ALLOW, allow);
dns_zone_setkeyopt(zone, DNS_ZONEKEY_MAINTAIN, maint);
}
}
/*
* Configure slave functionality.
*/
switch (ztype) {
case dns_zone_slave:
case dns_zone_stub:
count = 0;
obj = NULL;
(void)cfg_map_get(zoptions, "masters", &obj);
if (obj != NULL) {
addrs = NULL;
keynames = NULL;
RETERR(ns_config_getipandkeylist(config, obj, mctx,
&addrs, &keynames,
&count));
result = dns_zone_setmasterswithkeys(zone, addrs,
keynames, count);
ns_config_putipandkeylist(mctx, &addrs, &keynames,
count);
} else
result = dns_zone_setmasters(zone, NULL, 0);
RETERR(result);
multi = ISC_FALSE;
if (count > 1) {
obj = NULL;
result = ns_config_get(maps, "multi-master", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
multi = cfg_obj_asboolean(obj);
}
dns_zone_setoption(zone, DNS_ZONEOPT_MULTIMASTER, multi);
obj = NULL;
result = ns_config_get(maps, "max-transfer-time-in", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setmaxxfrin(zone, cfg_obj_asuint32(obj) * 60);
obj = NULL;
result = ns_config_get(maps, "max-transfer-idle-in", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setidlein(zone, cfg_obj_asuint32(obj) * 60);
obj = NULL;
result = ns_config_get(maps, "max-refresh-time", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setmaxrefreshtime(zone, cfg_obj_asuint32(obj));
obj = NULL;
result = ns_config_get(maps, "min-refresh-time", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setminrefreshtime(zone, cfg_obj_asuint32(obj));
obj = NULL;
result = ns_config_get(maps, "max-retry-time", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setmaxretrytime(zone, cfg_obj_asuint32(obj));
obj = NULL;
result = ns_config_get(maps, "min-retry-time", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
dns_zone_setminretrytime(zone, cfg_obj_asuint32(obj));
obj = NULL;
result = ns_config_get(maps, "transfer-source", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
RETERR(dns_zone_setxfrsource4(zone, cfg_obj_assockaddr(obj)));
ns_add_reserved_dispatch(ns_g_server, cfg_obj_assockaddr(obj));
obj = NULL;
result = ns_config_get(maps, "transfer-source-v6", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
RETERR(dns_zone_setxfrsource6(zone, cfg_obj_assockaddr(obj)));
ns_add_reserved_dispatch(ns_g_server, cfg_obj_assockaddr(obj));
obj = NULL;
result = ns_config_get(maps, "alt-transfer-source", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
RETERR(dns_zone_setaltxfrsource4(zone, cfg_obj_assockaddr(obj)));
obj = NULL;
result = ns_config_get(maps, "alt-transfer-source-v6", &obj);
INSIST(result == ISC_R_SUCCESS && obj != NULL);
RETERR(dns_zone_setaltxfrsource6(zone, cfg_obj_assockaddr(obj)));
obj = NULL;
(void)ns_config_get(maps, "use-alt-transfer-source", &obj);
if (obj == NULL) {
/*
* Default off when views are in use otherwise
* on for BIND 8 compatibility.
*/
view = dns_zone_getview(zone);
if (view != NULL && strcmp(view->name, "_default") == 0)
alt = ISC_TRUE;
else
alt = ISC_FALSE;
} else
alt = cfg_obj_asboolean(obj);
dns_zone_setoption(zone, DNS_ZONEOPT_USEALTXFRSRC, alt);
obj = NULL;
(void)ns_config_get(maps, "try-tcp-refresh", &obj);
dns_zone_setoption(zone, DNS_ZONEOPT_TRYTCPREFRESH,
cfg_obj_asboolean(obj));
break;
case dns_zone_staticstub:
RETERR(configure_staticstub(zoptions, zone, zname,
default_dbtype));
break;
default:
break;
}
return (ISC_R_SUCCESS);
}
int git_run_cmd(char *cmd, char *arg)
{
int i=0;
char ** argv=0;
int argc=0;
static struct cmd_struct commands[] = {
{ "add", cmd_add, RUN_SETUP | NEED_WORK_TREE },
{ "stage", cmd_add, RUN_SETUP | NEED_WORK_TREE },
{ "annotate", cmd_annotate, RUN_SETUP },
{ "apply", cmd_apply },
{ "archive", cmd_archive },
{ "bisect--helper", cmd_bisect__helper, RUN_SETUP | NEED_WORK_TREE },
{ "blame", cmd_blame, RUN_SETUP },
{ "branch", cmd_branch, RUN_SETUP },
{ "bundle", cmd_bundle },
{ "cat-file", cmd_cat_file, RUN_SETUP },
{ "checkout", cmd_checkout, RUN_SETUP | NEED_WORK_TREE },
{ "checkout-index", cmd_checkout_index,
RUN_SETUP | NEED_WORK_TREE},
{ "check-ref-format", cmd_check_ref_format },
{ "check-attr", cmd_check_attr, RUN_SETUP },
{ "cherry", cmd_cherry, RUN_SETUP },
{ "cherry-pick", cmd_cherry_pick, RUN_SETUP | NEED_WORK_TREE },
{ "clone", cmd_clone },
{ "clean", cmd_clean, RUN_SETUP | NEED_WORK_TREE },
{ "commit", cmd_commit, RUN_SETUP | NEED_WORK_TREE },
{ "commit-tree", cmd_commit_tree, RUN_SETUP },
{ "config", cmd_config },
{ "count-objects", cmd_count_objects, RUN_SETUP },
{ "describe", cmd_describe, RUN_SETUP },
{ "diff", cmd_diff },
{ "diff-files", cmd_diff_files, RUN_SETUP | NEED_WORK_TREE },
{ "diff-index", cmd_diff_index, RUN_SETUP },
{ "diff-tree", cmd_diff_tree, RUN_SETUP },
{ "fast-export", cmd_fast_export, RUN_SETUP },
{ "fetch", cmd_fetch, RUN_SETUP },
{ "fetch-pack", cmd_fetch_pack, RUN_SETUP },
{ "fmt-merge-msg", cmd_fmt_merge_msg, RUN_SETUP },
{ "for-each-ref", cmd_for_each_ref, RUN_SETUP },
{ "format-patch", cmd_format_patch, RUN_SETUP },
{ "fsck", cmd_fsck, RUN_SETUP },
{ "fsck-objects", cmd_fsck, RUN_SETUP },
{ "gc", cmd_gc, RUN_SETUP },
{ "get-tar-commit-id", cmd_get_tar_commit_id },
{ "grep", cmd_grep },
{ "hash-object", cmd_hash_object },
{ "help", cmd_help },
{ "index-pack", cmd_index_pack },
{ "init", cmd_init_db },
{ "init-db", cmd_init_db },
{ "log", cmd_log, RUN_SETUP },
{ "ls-files", cmd_ls_files, RUN_SETUP },
{ "ls-tree", cmd_ls_tree, RUN_SETUP },
{ "ls-remote", cmd_ls_remote },
{ "mailinfo", cmd_mailinfo },
{ "mailsplit", cmd_mailsplit },
{ "merge", cmd_merge, RUN_SETUP | NEED_WORK_TREE },
{ "merge-base", cmd_merge_base, RUN_SETUP },
{ "merge-file", cmd_merge_file },
{ "merge-index", cmd_merge_index, RUN_SETUP },
{ "merge-ours", cmd_merge_ours, RUN_SETUP },
{ "merge-recursive", cmd_merge_recursive, RUN_SETUP | NEED_WORK_TREE },
{ "merge-recursive-ours", cmd_merge_recursive, RUN_SETUP | NEED_WORK_TREE },
{ "merge-recursive-theirs", cmd_merge_recursive, RUN_SETUP | NEED_WORK_TREE },
{ "merge-subtree", cmd_merge_recursive, RUN_SETUP | NEED_WORK_TREE },
{ "merge-tree", cmd_merge_tree, RUN_SETUP },
{ "mktag", cmd_mktag, RUN_SETUP },
{ "mktree", cmd_mktree, RUN_SETUP },
{ "mv", cmd_mv, RUN_SETUP | NEED_WORK_TREE },
{ "name-rev", cmd_name_rev, RUN_SETUP },
{ "notes", cmd_notes, RUN_SETUP },
{ "pack-objects", cmd_pack_objects, RUN_SETUP },
{ "pack-redundant", cmd_pack_redundant, RUN_SETUP },
{ "patch-id", cmd_patch_id },
{ "peek-remote", cmd_ls_remote },
{ "pickaxe", cmd_blame, RUN_SETUP },
{ "prune", cmd_prune, RUN_SETUP },
{ "prune-packed", cmd_prune_packed, RUN_SETUP },
{ "push", cmd_push, RUN_SETUP },
{ "read-tree", cmd_read_tree, RUN_SETUP },
{ "receive-pack", cmd_receive_pack },
{ "reflog", cmd_reflog, RUN_SETUP },
{ "remote", cmd_remote, RUN_SETUP },
{ "replace", cmd_replace, RUN_SETUP },
{ "repo-config", cmd_config },
{ "rerere", cmd_rerere, RUN_SETUP },
{ "reset", cmd_reset, RUN_SETUP },
{ "rev-list", cmd_rev_list, RUN_SETUP },
{ "rev-parse", cmd_rev_parse },
{ "revert", cmd_revert, RUN_SETUP | NEED_WORK_TREE },
{ "rm", cmd_rm, RUN_SETUP },
{ "send-pack", cmd_send_pack, RUN_SETUP },
{ "shortlog", cmd_shortlog, USE_PAGER },
{ "show-branch", cmd_show_branch, RUN_SETUP },
{ "show", cmd_show, RUN_SETUP },
{ "status", cmd_status, RUN_SETUP | NEED_WORK_TREE },
{ "stripspace", cmd_stripspace },
{ "symbolic-ref", cmd_symbolic_ref, RUN_SETUP },
{ "tag", cmd_tag, RUN_SETUP },
{ "tar-tree", cmd_tar_tree },
{ "unpack-file", cmd_unpack_file, RUN_SETUP },
{ "unpack-objects", cmd_unpack_objects, RUN_SETUP },
{ "update-index", cmd_update_index, RUN_SETUP },
{ "update-ref", cmd_update_ref, RUN_SETUP },
{ "update-server-info", cmd_update_server_info, RUN_SETUP },
{ "upload-archive", cmd_upload_archive },
{ "var", cmd_var },
{ "verify-tag", cmd_verify_tag, RUN_SETUP },
{ "version", cmd_version },
{ "whatchanged", cmd_whatchanged, RUN_SETUP },
{ "write-tree", cmd_write_tree, RUN_SETUP },
{ "verify-pack", cmd_verify_pack },
{ "show-ref", cmd_show_ref, RUN_SETUP },
{ "pack-refs", cmd_pack_refs, RUN_SETUP },
};
git_init();
for(i=0;i< sizeof(commands) / sizeof(struct cmd_struct);i++)
{
if(strcmp(cmd,commands[i].cmd)==0)
{
int ret;
if(arg != NULL)
argv = strtoargv(arg,&argc);
ret = commands[i].fn(argc, argv, NULL);
if(argv)
free(argv);
discard_cache();
free_all_pack();
return ret;
}
}
return -1;
}
