Index: bind9/CHANGES diff -u bind9/CHANGES:1.1048.2.294.4.10 bind9/CHANGES:1.1048.2.294.4.10.2.1 --- bind9/CHANGES:1.1048.2.294.4.10 Wed Feb 19 04:32:39 2003 +++ bind9/CHANGES Wed Sep 17 06:53:59 2003 @@ -1,3 +1,6 @@ + --- 9.2.2-P1 released --- + +1504. [func] New zone type "delegation-only". --- 9.2.2 released --- Index: bind9/README diff -u bind9/README:1.93.2.30.4.5 bind9/README:1.93.2.30.4.5.2.1 --- bind9/README:1.93.2.30.4.5 Fri Feb 21 05:15:59 2003 +++ bind9/README Wed Sep 17 06:54:00 2003 @@ -44,6 +44,10 @@ Nominum, Inc. +BIND 9.2.2-P1 + + A new zone type delegation-only is now supported. + BIND 9.2.2 BIND 9.2.2 is a maintenance release, containing fixes for Index: bind9/version diff -u bind9/version:1.26.2.15.4.1 bind9/version:1.26.2.15.4.1.2.1 --- bind9/version:1.26.2.15.4.1 Mon Feb 17 06:26:27 2003 +++ bind9/version Wed Sep 17 06:54:01 2003 @@ -1,4 +1,4 @@ -# $Id: version,v 1.26.2.15.4.1 2003/02/17 06:26:27 marka Exp $ +# $Id: version,v 1.26.2.15.4.1.2.1 2003/09/17 06:54:01 marka Exp $ # # This file must follow /bin/sh rules. It is imported directly via # configure. @@ -6,5 +6,5 @@ MAJORVER=9 MINORVER=2 PATCHVER=2 -RELEASETYPE= -RELEASEVER= +RELEASETYPE=-P +RELEASEVER=1 Index: bind9/bin/named/server.c diff -u bind9/bin/named/server.c:1.339.2.8.4.3 bind9/bin/named/server.c:1.339.2.8.4.3.2.1 --- bind9/bin/named/server.c:1.339.2.8.4.3 Tue Feb 18 03:27:58 2003 +++ bind9/bin/named/server.c Wed Sep 17 05:40:36 2003 @@ -15,7 +15,7 @@ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: server.c,v 1.339.2.8.4.3 2003/02/18 03:27:58 marka Exp $ */ +/* $Id: server.c,v 1.339.2.8.4.3.2.1 2003/09/17 05:40:36 explorer Exp $ */ #include @@ -1248,6 +1248,7 @@ cfg_obj_t *typeobj = NULL; cfg_obj_t *forwarders = NULL; cfg_obj_t *forwardtype = NULL; + cfg_obj_t *only = NULL; isc_result_t result; isc_buffer_t buffer; dns_fixedname_t fixorigin; @@ -1349,6 +1350,14 @@ } /* + * "delegation-only zones" aren't zones either. + */ + if (strcasecmp(ztypestr, "delegation-only") == 0) { + result = dns_view_adddelegationonly(view, origin); + goto cleanup; + } + + /* * Check for duplicates in the new zone table. */ result = dns_view_findzone(view, origin, &dupzone); @@ -1413,6 +1422,16 @@ cfg_map_get(zoptions, "forward", &forwardtype); CHECK(configure_forward(config, view, origin, forwarders, forwardtype)); + } + + /* + * Stub and forward zones may also refer to delegation only points. + */ + only = NULL; + if (cfg_map_get(zoptions, "delegation-only", &only) == ISC_R_SUCCESS) + { + if (cfg_obj_asboolean(only)) + CHECK(dns_view_adddelegationonly(view, origin)); } /* Index: bind9/doc/arm/Bv9ARM-book.xml diff -u bind9/doc/arm/Bv9ARM-book.xml:1.155.2.22.4.1 bind9/doc/arm/Bv9ARM-book.xml:1.155.2.22.4.1.2.1 --- bind9/doc/arm/Bv9ARM-book.xml:1.155.2.22.4.1 Mon Feb 17 01:29:29 2003 +++ bind9/doc/arm/Bv9ARM-book.xml Wed Sep 17 05:40:37 2003 @@ -2,7 +2,7 @@ - + BIND 9 Administrator Reference Manual @@ -2706,6 +2706,14 @@ those servers during resolution. + +delegation-only +Delegation only. Logs queries that have have +been forced to NXDOMAIN as the result of a delegation-only zone or +a delegation-only in a stub or forward +zone declartation. + + @@ -4217,7 +4225,7 @@ <command>zone</command> Statement Grammar zone zone_name class { - type ( master | slave | hint | stub | forward ) ; + type ( master | slave | hint | stub | forward /| delegation-only ) ; allow-notify { address_match_list } ; allow-query { address_match_list } ; allow-transfer { address_match_list } ; @@ -4227,6 +4235,7 @@ also-notify { ip_addr port ip_port ; ip_addr port ip_port ; ... }; check-names (warn|fail|ignore) ; dialup dialup_option ; + delegation-only yes_or_no ; file string ; forward (only|first) ; forwarders { ip_addr port ip_port ; ip_addr port ip_port ; ... }; @@ -4349,6 +4358,14 @@ IN, the server uses a compiled-in default set of root servers hints. Classes other than IN have no built-in defaults hints. + +delegation-only +This is used to enforce the delegation only +status of infrastructure zones (e.g. COM, NET, ORG). Any answer that +is received without a explicit or implict delegation in the authority +section will be treated as NXDOMAIN. This does not apply to the zone +apex. This SHOULD NOT be applied to leaf zones. + @@ -4452,6 +4469,13 @@ dialup See the description of dialup in . + + +delegation-only +The flag only applies to forward and stub zones. If set +to yes then the zone will also be treated as if it +is also a delegation-only type zone. + forward Index: bind9/doc/arm/Bv9ARM.ch06.html diff -u bind9/doc/arm/Bv9ARM.ch06.html:1.56.2.9.4.1 bind9/doc/arm/Bv9ARM.ch06.html:1.56.2.9.4.1.2.1 --- bind9/doc/arm/Bv9ARM.ch06.html:1.56.2.9.4.1 Mon Feb 17 06:55:04 2003 +++ bind9/doc/arm/Bv9ARM.ch06.html Wed Sep 17 06:52:11 2003 @@ -94,7 +94,7 @@ >
6.3. Zone File

delegation-only

Delegation only. Logs queries that have have +been forced to NXDOMAIN as the result of a delegation-only zone or +a delegation-only in a stub or forward +zone declartation. +

6.2.11. lwres

6.2.12. lwres

6.2.13. options

6.2.14. options

6.2.14.2. Forwarding

6.2.14.4. Interfaces

6.2.14.5. Query Address

6.2.14.7. Operating System Resource Limits

6.2.14.8. Server Resource Limits

6.2.14.9. Periodic Task Intervals

6.2.17. trusted-keys

6.2.18. trusted-keys

6.2.19. view

6.2.20. view] [{ - type ( master | slave | hint | stub | forward ) ; + type ( master | slave | hint | stub | forward /| delegation-only ) ; [ allow-notify { ] [ delegation-only yes_or_no ; ] + [ file

6.2.22. zone

6.2.22.1. Zone Types

delegation-only

This is used to enforce the delegation only +status of infrastructure zones (e.g. COM, NET, ORG). Any answer that +is received without a explicit or implict delegation in the authority +section will be treated as NXDOMAIN. This does not apply to the zone +apex. This SHOULD NOT be applied to leaf zones.

6.2.22.2. Class

6.2.22.3. Zone Options

delegation-only

The flag only applies to forward and stub zones. If set +to yes then the zone will also be treated as if it +is also a delegation-only type zone. +

forward

6.3. Zone File

6.3.1.1. Resource Records

6.3.1.2. Textual expression of RRs

6.3.2. Discussion of MX Records

6.3.4. Inverse Mapping in IPv4

6.3.5. Other Zone File Directives

6.3.5.1. The $ORIGIN

6.3.5.2. The $INCLUDE

6.3.5.3. The $TTL

6.3.6. BIND

7.2. chroot

7.2. chroot

7.2.1. The chroot

7.2.2. Using the setuid

8.1. Common Problems
8.2. Incrementing and Changing the Serial Number
8.3. Where Can I Get Help?

8.1. Common Problems

8.1.1. It's not working; how can I figure out what's wrong?

8.2. Incrementing and Changing the Serial Number

8.3. Where Can I Get Help?

A.1. Acknowledgements
A.3. General DNS

A.1. Acknowledgements

A.1.1. A Brief History of the DNS

A.2.1.1. HS = hesiod

A.2.1.2. CH = chaos

A.3. General DNS

Bibliography

Standards

[RFC974] 

[RFC1034] 

[RFC1035] 

[RFC2181] 

[RFC2308] 

[RFC1995] 

[RFC1996] 

[RFC2136] 

[RFC2845] 

Proposed Standards Still Under Development

[RFC1886] 

[RFC2065] 

[RFC2137] 

Other Important RFCs About DNS

[RFC1535] 

[RFC1536] 

[RFC1982] 

Resource Record Types

[RFC1183] 

[RFC1706] 

[RFC2168] 

[RFC1876] 

[RFC2052] 

[RFC2163] 

[RFC2230] 

DNS

[RFC1101] 

[RFC1123] 

[RFC1591] 

[RFC2317] 

DNS

[RFC1537] 

[RFC1912] 

[RFC1912] 

[RFC2010] 

[RFC2219] 

Other DNS

[RFC1464] 

[RFC1713] 

[RFC1794] 

[RFC2240] 

[RFC2345] 

[RFC2352] 

Obsolete and Unimplemented Experimental RRs

[RFC1712] 

A.4.3. Other Documents About BIND

Bibliography

6.2.11. lwres
6.2.12. lwres
6.2.13. options
6.2.14. options
6.2.17. trusted-keys
6.2.18. trusted-keys
6.2.19. view
6.2.20. view
6.2.22. zone

6.3. Zone File
6.3.2. Discussion of MX Records
6.3.4. Inverse Mapping in IPv4
6.3.5. Other Zone File Directives
6.3.6. BIND
7.2. chroot
7.2.1. The chroot
7.2.2. Using the setuid
8.1. Common Problems
8.1.1. It's not working; how can I figure out what's wrong?
8.2. Incrementing and Changing the Serial Number
8.3. Where Can I Get Help?
A.1. Acknowledgements
A.1.1. A Brief History of the DNS
A.3. General DNS
A.4.3. Other Documents About BIND @@ -121,7 +121,10 @@ ttl = maxttl; trust = 0xffff; isc_buffer_init(&buffer, data, sizeof(data)); - result = dns_message_firstname(message, DNS_SECTION_AUTHORITY); + if (message->counts[DNS_SECTION_AUTHORITY]) + result = dns_message_firstname(message, DNS_SECTION_AUTHORITY); + else + result = ISC_R_NOMORE; while (result == ISC_R_SUCCESS) { name = NULL; dns_message_currentname(message, DNS_SECTION_AUTHORITY, Index: bind9/lib/dns/resolver.c diff -u bind9/lib/dns/resolver.c:1.218.2.12.4.4 bind9/lib/dns/resolver.c:1.218.2.12.4.4.2.2 --- bind9/lib/dns/resolver.c:1.218.2.12.4.4 Tue Feb 18 03:32:01 2003 +++ bind9/lib/dns/resolver.c Wed Sep 17 05:56:16 2003 @@ -15,7 +15,7 @@ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: resolver.c,v 1.218.2.12.4.4 2003/02/18 03:32:01 marka Exp $ */ +/* $Id: resolver.c,v 1.218.2.12.4.4.2.2 2003/09/17 05:56:16 explorer Exp $ */ #include @@ -291,6 +291,53 @@ dns_rdataset_t *ardataset, isc_result_t *eresultp); +static isc_boolean_t +fix_mustbedelegationornxdomain(dns_message_t *message, dns_name_t *domain) { + + dns_name_t *name; + dns_rdataset_t *rdataset; + dns_rdatatype_t type; + isc_result_t result; + isc_boolean_t keep_auth = ISC_FALSE; + + if (message->rcode == dns_rcode_nxdomain) + return (ISC_FALSE); + + /* Look for referral. */ + if (message->counts[DNS_SECTION_AUTHORITY] == 0) + goto munge; + + result = dns_message_firstname(message, DNS_SECTION_AUTHORITY); + while (result == ISC_R_SUCCESS) { + name = NULL; + dns_message_currentname(message, DNS_SECTION_AUTHORITY, + &name); + for (rdataset = ISC_LIST_HEAD(name->list); + rdataset != NULL; + rdataset = ISC_LIST_NEXT(rdataset, link)) { + type = rdataset->type; + if (type == dns_rdatatype_soa && + dns_name_equal(name, domain)) + keep_auth = ISC_TRUE; + if (type != dns_rdatatype_ns) + continue; + if (dns_name_equal(name, domain)) + goto munge; + if (dns_name_issubdomain(name, domain)) + return (ISC_FALSE); + } + result = dns_message_nextname(message, DNS_SECTION_AUTHORITY); + } + + munge: + message->rcode = dns_rcode_nxdomain; + message->counts[DNS_SECTION_ANSWER] = 0; + if (!keep_auth) + message->counts[DNS_SECTION_AUTHORITY] = 0; + message->counts[DNS_SECTION_ADDITIONAL] = 0; + return (ISC_TRUE); +} + static inline isc_result_t fctx_starttimer(fetchctx_t *fctx) { /* @@ -4373,6 +4420,24 @@ broken_server = ISC_TRUE; keep_trying = ISC_TRUE; goto done; + } + + /* + * Enforce delegations only zones like NET and COM. + */ + if (dns_view_isdelegationonly(fctx->res->view, &fctx->domain) && + !dns_name_equal(&fctx->domain, &fctx->name) && + fix_mustbedelegationornxdomain(message, &fctx->domain)) { + char namebuf[DNS_NAME_FORMATSIZE]; + char domainbuf[DNS_NAME_FORMATSIZE]; + + dns_name_format(&fctx->name, namebuf, sizeof(namebuf)); + dns_name_format(&fctx->domain, domainbuf, sizeof(domainbuf)); + + isc_log_write(dns_lctx, DNS_LOGCATEGORY_DELEGATION_ONLY, + DNS_LOGMODULE_RESOLVER, ISC_LOG_NOTICE, + "enforced delegation-only for '%s' (%s)", + domainbuf, namebuf); } /* Index: bind9/lib/dns/view.c diff -u bind9/lib/dns/view.c:1.103.2.2 bind9/lib/dns/view.c:1.103.2.2.6.1 --- bind9/lib/dns/view.c:1.103.2.2 Mon Aug 5 06:57:12 2002 +++ bind9/lib/dns/view.c Wed Sep 17 05:40:40 2003 @@ -15,7 +15,7 @@ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: view.c,v 1.103.2.2 2002/08/05 06:57:12 marka Exp $ */ +/* $Id: view.c,v 1.103.2.2.6.1 2003/09/17 05:40:40 explorer Exp $ */ #include @@ -45,6 +45,8 @@ #define ADBSHUTDOWN(v) (((v)->attributes & DNS_VIEWATTR_ADBSHUTDOWN) != 0) #define REQSHUTDOWN(v) (((v)->attributes & DNS_VIEWATTR_REQSHUTDOWN) != 0) +#define DNS_VIEW_DELONLYHASH 111 + static void resolver_shutdown(isc_task_t *task, isc_event_t *event); static void adb_shutdown(isc_task_t *task, isc_event_t *event); static void req_shutdown(isc_task_t *task, isc_event_t *event); @@ -139,6 +141,7 @@ if (result != ISC_R_SUCCESS) goto cleanup_fwdtable; view->peers = NULL; + view->delonly = NULL; /* * Initialize configuration data with default values. @@ -255,6 +258,23 @@ dns_acl_detach(&view->v6synthesisacl); if (view->sortlist != NULL) dns_acl_detach(&view->sortlist); + if (view->delonly != NULL) { + dns_name_t *name; + int i; + + for (i = 0; i < DNS_VIEW_DELONLYHASH; i++) { + name = ISC_LIST_HEAD(view->delonly[i]); + while (name != NULL) { + ISC_LIST_UNLINK(view->delonly[i], name, link); + dns_name_free(name, view->mctx); + isc_mem_put(view->mctx, name, sizeof(*name)); + name = ISC_LIST_HEAD(view->delonly[i]); + } + } + isc_mem_put(view->mctx, view->delonly, sizeof(dns_namelist_t) * + DNS_VIEW_DELONLYHASH); + view->delonly = NULL; + } dns_keytable_detach(&view->trustedkeys); dns_keytable_detach(&view->secroots); dns_fwdtable_destroy(&view->fwdtable); @@ -1134,4 +1154,58 @@ dns_adb_flush(view->adb); return (ISC_R_SUCCESS); +} + +isc_result_t +dns_view_adddelegationonly(dns_view_t *view, dns_name_t *name) { + isc_result_t result; + dns_name_t *new; + isc_uint32_t hash; + + REQUIRE(DNS_VIEW_VALID(view)); + + if (view->delonly == NULL) { + view->delonly = isc_mem_get(view->mctx, + sizeof(dns_namelist_t) * + DNS_VIEW_DELONLYHASH); + if (view->delonly == NULL) + return (ISC_R_NOMEMORY); + for (hash = 0; hash < DNS_VIEW_DELONLYHASH; hash++) + ISC_LIST_INIT(view->delonly[hash]); + } + hash = dns_name_hash(name, ISC_FALSE) % DNS_VIEW_DELONLYHASH; + new = ISC_LIST_HEAD(view->delonly[hash]); + while (new != NULL && !dns_name_equal(new, name)) + new = ISC_LIST_NEXT(new, link); + if (new != NULL) + return (ISC_R_SUCCESS); + new = isc_mem_get(view->mctx, sizeof(*new)); + if (new == NULL) + return (ISC_R_NOMEMORY); + dns_name_init(new, NULL); + result = dns_name_dup(name, view->mctx, new); + if (result == ISC_R_SUCCESS) + ISC_LIST_APPEND(view->delonly[hash], new, link); + else + isc_mem_put(view->mctx, new, sizeof(*new)); + return (result); +} + +isc_result_t +dns_view_isdelegationonly(dns_view_t *view, dns_name_t *name) { + dns_name_t *new; + isc_uint32_t hash; + + REQUIRE(DNS_VIEW_VALID(view)); + + if (view->delonly == NULL) + return (ISC_FALSE); + + hash = dns_name_hash(name, ISC_FALSE) % DNS_VIEW_DELONLYHASH; + new = ISC_LIST_HEAD(view->delonly[hash]); + while (new != NULL && !dns_name_equal(new, name)) + new = ISC_LIST_NEXT(new, link); + if (new == NULL) + return (ISC_FALSE); + return (ISC_TRUE); } Index: bind9/lib/dns/include/dns/log.h diff -u bind9/lib/dns/include/dns/log.h:1.30.2.1 bind9/lib/dns/include/dns/log.h:1.30.2.1.12.1 --- bind9/lib/dns/include/dns/log.h:1.30.2.1 Thu Oct 11 02:03:23 2001 +++ bind9/lib/dns/include/dns/log.h Wed Sep 17 05:40:40 2003 @@ -15,7 +15,7 @@ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: log.h,v 1.30.2.1 2001/10/11 02:03:23 marka Exp $ */ +/* $Id: log.h,v 1.30.2.1.12.1 2003/09/17 05:40:40 explorer Exp $ */ /* Principal Authors: DCL */ @@ -39,6 +39,7 @@ #define DNS_LOGCATEGORY_XFER_OUT (&dns_categories[7]) #define DNS_LOGCATEGORY_DISPATCH (&dns_categories[8]) #define DNS_LOGCATEGORY_LAME_SERVERS (&dns_categories[9]) +#define DNS_LOGCATEGORY_DELEGATION_ONLY (&dns_categories[10]) /* Backwards compatibility. */ #define DNS_LOGCATEGORY_GENERAL ISC_LOGCATEGORY_GENERAL Index: bind9/lib/dns/include/dns/view.h diff -u bind9/lib/dns/include/dns/view.h:1.73.2.2 bind9/lib/dns/include/dns/view.h:1.73.2.2.6.1 --- bind9/lib/dns/include/dns/view.h:1.73.2.2 Mon Aug 5 06:57:13 2002 +++ bind9/lib/dns/include/dns/view.h Wed Sep 17 05:40:40 2003 @@ -15,7 +15,7 @@ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: view.h,v 1.73.2.2 2002/08/05 06:57:13 marka Exp $ */ +/* $Id: view.h,v 1.73.2.2.6.1 2003/09/17 05:40:40 explorer Exp $ */ #ifndef DNS_VIEW_H #define DNS_VIEW_H 1 @@ -118,6 +118,7 @@ in_port_t dstport; dns_aclenv_t aclenv; isc_boolean_t flush; + dns_namelist_t * delonly; /* * Configurable data for server use only, @@ -690,6 +691,35 @@ * ISC_R_SUCCESS * ISC_R_NOMEMORY */ + +isc_result_t +dns_view_adddelegationonly(dns_view_t *view, dns_name_t *name); +/* + * Add the given name to the delegation only table. + * + * Requires: + * 'view' is valid. + * 'name' is valid. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + */ + +isc_boolean_t +dns_view_isdelegationonly(dns_view_t *view, dns_name_t *name); +/* + * Check if 'name' is in the delegation only table. + * + * Requires: + * 'view' is valid. + * 'name' is valid. + * + * Returns: + * ISC_TRUE if the name is is the table. + * ISC_FALSE othewise. + */ + ISC_LANG_ENDDECLS Index: bind9/lib/isccfg/api diff -u bind9/lib/isccfg/api:1.3.2.3.4.1 bind9/lib/isccfg/api:1.3.2.3.4.1.2.1 --- bind9/lib/isccfg/api:1.3.2.3.4.1 Tue Feb 18 03:43:06 2003 +++ bind9/lib/isccfg/api Wed Sep 17 06:54:01 2003 @@ -1,3 +1,3 @@ -LIBINTERFACE = 0 -LIBREVISION = 4 +LIBINTERFACE = 1 +LIBREVISION = 0 LIBAGE = 0 Index: bind9/lib/isccfg/check.c diff -u bind9/lib/isccfg/check.c:1.14.2.16 bind9/lib/isccfg/check.c:1.14.2.16.6.1 --- bind9/lib/isccfg/check.c:1.14.2.16 Tue Apr 23 02:00:03 2002 +++ bind9/lib/isccfg/check.c Wed Sep 17 05:40:40 2003 @@ -15,7 +15,7 @@ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: check.c,v 1.14.2.16 2002/04/23 02:00:03 marka Exp $ */ +/* $Id: check.c,v 1.14.2.16.6.1 2003/09/17 05:40:40 explorer Exp $ */ #include @@ -100,6 +100,7 @@ #define STUBZONE 4 #define HINTZONE 8 #define FORWARDZONE 16 +#define DELEGATIONZONE 32 typedef struct { const char *name; @@ -130,6 +131,7 @@ { "notify", MASTERZONE | SLAVEZONE }, { "also-notify", MASTERZONE | SLAVEZONE }, { "dialup", MASTERZONE | SLAVEZONE | STUBZONE }, + { "delegation-only", STUBZONE | FORWARDZONE}, { "forward", MASTERZONE | SLAVEZONE | STUBZONE | FORWARDZONE}, { "forwarders", MASTERZONE | SLAVEZONE | STUBZONE | FORWARDZONE}, { "maintain-ixfr-base", MASTERZONE | SLAVEZONE }, @@ -189,6 +191,8 @@ ztype = FORWARDZONE; else if (strcasecmp(typestr, "hint") == 0) ztype = HINTZONE; + else if (strcasecmp(typestr, "delegation-only") == 0) + ztype = DELEGATIONZONE; else { cfg_obj_log(obj, logctx, ISC_LOG_ERROR, "zone '%s': invalid type %s", Index: bind9/lib/isccfg/parser.c diff -u bind9/lib/isccfg/parser.c:1.70.2.14.4.2 bind9/lib/isccfg/parser.c:1.70.2.14.4.2.2.1 --- bind9/lib/isccfg/parser.c:1.70.2.14.4.2 Mon Feb 17 07:05:10 2003 +++ bind9/lib/isccfg/parser.c Wed Sep 17 05:40:40 2003 @@ -15,7 +15,7 @@ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: parser.c,v 1.70.2.14.4.2 2003/02/17 07:05:10 marka Exp $ */ +/* $Id: parser.c,v 1.70.2.14.4.2.2.1 2003/09/17 05:40:40 explorer Exp $ */ #include @@ -755,7 +755,7 @@ }; static const char *zonetype_enums[] = { - "master", "slave", "stub", "hint", "forward", NULL }; + "master", "slave", "stub", "hint", "forward", "delegation-only", NULL }; static cfg_type_t cfg_type_zonetype = { "zonetype", parse_enum, print_ustring, &cfg_rep_string, &zonetype_enums @@ -955,6 +955,7 @@ CFG_CLAUSEFLAG_MULTI | CFG_CLAUSEFLAG_OBSOLETE }, { "update-policy", &cfg_type_updatepolicy, 0 }, { "database", &cfg_type_astring, 0 }, + { "delegation-only", &cfg_type_boolean, 0 }, /* * Note that the format of the check-names option is different between * the zone options and the global/view options. Ugh.