auth: add bind primary, secondary and primaries keywords

PowerDNS · Oct 16, 2023 · e63e16c · e63e16c
1 parent 42cdd7e
commit e63e16c
Show file tree

Hide file tree

Showing 26 changed files with 81 additions and 75 deletions.
diff --git a/docs/backends/bind.rst b/docs/backends/bind.rst
@@ -53,8 +53,11 @@ It supports the following blocks and directives:
    * ``file``
    * ``type``
    * ``masters``
+   * ``primaries`` (added in version 4.9.0)
    * ``also-notify``
 
+Unknown directives will be ignored.
+
 .. _setting-bind-check-interval:
 
 ``bind-check-interval``

diff --git a/modules/bindbackend/bindbackend2.cc b/modules/bindbackend/bindbackend2.cc
@@ -935,7 +935,7 @@ void Bind2Backend::loadConfig(string* status)
       if (domain.type.empty()) {
         g_log << Logger::Notice << d_logprefix << " Zone '" << domain.name << "' has no type specified, assuming 'native'" << endl;
       }
-      if (domain.type != "master" && domain.type != "slave" && domain.type != "native" && !domain.type.empty()) {
+      if (domain.type != "primary" && domain.type != "secondary" && domain.type != "native" && !domain.type.empty() && domain.type != "master" && domain.type != "slave") {
         g_log << Logger::Warning << d_logprefix << " Warning! Skipping zone '" << domain.name << "' because type '" << domain.type << "' is invalid" << endl;
         rejected++;
         continue;
@@ -961,9 +961,9 @@ void Bind2Backend::loadConfig(string* status)
       bbd.d_also_notify = domain.alsoNotify;
 
       DomainInfo::DomainKind kind = DomainInfo::Native;
-      if (domain.type == "master")
+      if (domain.type == "primary" || domain.type == "master")
         kind = DomainInfo::Master;
-      if (domain.type == "slave")
+      if (domain.type == "secondary" || domain.type == "slave")
         kind = DomainInfo::Slave;
 
       bool kindChanged = (bbd.d_kind != kind);
@@ -1431,9 +1431,9 @@ bool Bind2Backend::createSlaveDomain(const string& ip, const DNSName& domain, co
     c_of << endl;
     c_of << "# Superslave zone '" << domain.toString() << "' (added: " << nowTime() << ") (account: " << account << ')' << endl;
     c_of << "zone \"" << domain.toStringNoDot() << "\" {" << endl;
-    c_of << "\ttype slave;" << endl;
+    c_of << "\ttype secondary;" << endl;
     c_of << "\tfile \"" << filename << "\";" << endl;
-    c_of << "\tmasters { " << ip << "; };" << endl;
+    c_of << "\tprimaries { " << ip << "; };" << endl;
     c_of << "};" << endl;
     c_of.close();
   }

diff --git a/pdns/bindlexer.l b/pdns/bindlexer.l
@@ -114,7 +114,8 @@ also-notify		return ALSONOTIFYTOK;
 acl                     return ACLTOK;
 logging                 return LOGGINGTOK;
 directory               return DIRECTORYTOK;
-masters                 return MASTERTOK;
+masters                 return PRIMARYTOK;
+primaries               return PRIMARYTOK;
 type                    return TYPETOK;
 \"                      yy_push_state(quoted);
 <quoted>[^\"]*          yylval=strdup(yytext); return QUOTEDWORD;

diff --git a/pdns/bindparser.yy b/pdns/bindparser.yy
@@ -108,7 +108,7 @@ void BindParser::commit(BindDomainInfo DI)
 %}
 
 %token AWORD QUOTEDWORD OBRACE EBRACE SEMICOLON ZONETOK FILETOK OPTIONSTOK
-%token DIRECTORYTOK ACLTOK LOGGINGTOK CLASSTOK TYPETOK MASTERTOK ALSONOTIFYTOK
+%token DIRECTORYTOK ACLTOK LOGGINGTOK CLASSTOK TYPETOK PRIMARYTOK ALSONOTIFYTOK
 
 %%
 
@@ -230,10 +230,10 @@ zone_command: command | global_zone_command | zone_also_notify_command
 	;
 
 /* zone commands that also are available at global scope */
-global_zone_command: zone_file_command | zone_type_command | zone_masters_command
+global_zone_command: zone_file_command | zone_type_command | zone_primaries_command
 	;
 
-zone_masters_command: MASTERTOK OBRACE masters EBRACE
+zone_primaries_command: PRIMARYTOK OBRACE primaries EBRACE
 	;
 
 zone_also_notify_command: ALSONOTIFYTOK OBRACE zone_also_notify_list EBRACE
@@ -251,12 +251,12 @@ zone_also_notify: AWORD
         }
         ;
 
-masters: /* empty */
+primaries: /* empty */
 	| 
-	masters master SEMICOLON 
+	primaries primary SEMICOLON
 	;
 
-master: AWORD
+primary: AWORD
 	{
 		s_di.masters.push_back(ComboAddress($1, 53));
 		free($1);

diff --git a/pdns/named.conf.parsertest b/pdns/named.conf.parsertest
@@ -30,41 +30,42 @@ zone "test.dyndns" {
 };
 
 zone "wtest.com"{
-	type master;
+	type primary;
 	file "wtest.com";
 };
 
 zone "nztest.com"{
-	type master;
+	type secondary;
 	file "nztest.com";
+	primaries { 1.2.3.4:5678; };
 };
 
 zone "dnssec-parent.com"{
-	type master;
+	type primary;
 	file "dnssec-parent.com";
 };
 
 zone "delegated.dnssec-parent.com"{
-	type master;
+	type primary;
 	file "delegated.dnssec-parent.com";
 };
 
 zone "secure-delegated.dnssec-parent.com"{
-	type master;
+	type primary;
 	file "secure-delegated.dnssec-parent.com";
 };
 
 zone "minimal.com"{
-	type master;
+	type primary;
 	file "minimal.com";
 };
 
 zone "tsig.com"{
-	type master;
+	type primary;
 	file "tsig.com";
 };
 
 zone "stest.com"{
-	type master;
+	type primary;
 	file "stest.com";
 };
diff --git a/pdns/test-bindparser_cc.cc b/pdns/test-bindparser_cc.cc
@@ -48,14 +48,15 @@ BOOST_AUTO_TEST_CASE(test_parser)
   checkzone(1, "test.com", "./zones/test.com", slave, 1U);
   BOOST_CHECK_EQUAL(domains[1].masters[0].toString(), ComboAddress("1.2.3.4", 5678).toString());
   checkzone(2, "test.dyndns", "./zones/test.dyndns", garblewarble, 0U);
-  checkzone(3, "wtest.com", "./zones/wtest.com", master, 0U);
-  checkzone(4, "nztest.com", "./zones/nztest.com", master, 0U);
-  checkzone(5, "dnssec-parent.com", "./zones/dnssec-parent.com", master, 0U);
-  checkzone(6, "delegated.dnssec-parent.com", "./zones/delegated.dnssec-parent.com", master, 0U);
-  checkzone(7, "secure-delegated.dnssec-parent.com", "./zones/secure-delegated.dnssec-parent.com", master, 0U);
-  checkzone(8, "minimal.com", "./zones/minimal.com", master, 0U);
-  checkzone(9, "tsig.com", "./zones/tsig.com", master, 0U);
-  checkzone(10, "stest.com", "./zones/stest.com", master, 0U);
+  checkzone(3, "wtest.com", "./zones/wtest.com", primary, 0U);
+  checkzone(4, "nztest.com", "./zones/nztest.com", secondary, 1U);
+  BOOST_CHECK_EQUAL(domains[1].masters[0].toString(), ComboAddress("1.2.3.4", 5678).toString());
+  checkzone(5, "dnssec-parent.com", "./zones/dnssec-parent.com", primary, 0U);
+  checkzone(6, "delegated.dnssec-parent.com", "./zones/delegated.dnssec-parent.com", primary, 0U);
+  checkzone(7, "secure-delegated.dnssec-parent.com", "./zones/secure-delegated.dnssec-parent.com", primary, 0U);
+  checkzone(8, "minimal.com", "./zones/minimal.com", primary, 0U);
+  checkzone(9, "tsig.com", "./zones/tsig.com", primary, 0U);
+  checkzone(10, "stest.com", "./zones/stest.com", primary, 0U);
 }
 
 BOOST_AUTO_TEST_SUITE_END()
diff --git a/pdns/zone2json.cc b/pdns/zone2json.cc
@@ -162,10 +162,10 @@ try
           i!=domains.end();
           ++i)
         {
-          if(i->type!="master" && i->type!="slave") {
-            cerr<<" Warning! Skipping '"<<i->type<<"' zone '"<<i->name<<"'"<<endl;
-            continue;
-          }
+        if (i->type != "primary" && i->type != "secondary" && !i->type.empty() && i->type != "master" && i->type != "slave") {
+          cerr << " Warning! Skipping '" << i->type << "' zone '" << i->name << "'" << endl;
+          continue;
+        }
           lines.clear();
           try {
             Json::object obj;

diff --git a/pdns/zone2ldap.cc b/pdns/zone2ldap.cc
@@ -306,10 +306,10 @@ int main( int argc, char* argv[] )
 
                         for(const auto& i: domains)
                         {
-                                        if(i.type!="master" && i.type!="slave") {
-                                                cerr<<" Warning! Skipping '"<<i.type<<"' zone '"<<i.name<<"'"<<endl;
-                                                continue;
-                                        }
+                                if (i.type != "primary" && i.type != "secondary" && !i.type.empty() && i.type != "master" && i.type != "slave") {
+                                  cerr << " Warning! Skipping '" << i.type << "' zone '" << i.name << "'" << endl;
+                                  continue;
+                                }
                                 try
                                 {
                                   if( i.name != g_rootdnsname && i.name != DNSName("localhost") && i.name != DNSName("0.0.127.in-addr.arpa") )

diff --git a/pdns/zone2sql.cc b/pdns/zone2sql.cc
@@ -285,10 +285,10 @@ try
 
       for(const auto & domain : domains)
         {
-          if(domain.type!="master" && domain.type!="slave") {
-            cerr<<" Warning! Skipping '"<<domain.type<<"' zone '"<<domain.name<<"'"<<endl;
-            continue;
-          }
+        if (domain.type != "primary" && domain.type != "secondary" && !domain.type.empty() && domain.type != "master" && domain.type != "slave") {
+          cerr << " Warning! Skipping '" << domain.type << "' zone '" << domain.name << "'" << endl;
+          continue;
+        }
           try {
             startNewTransaction();
 

diff --git a/regression-tests.auth-py/authtests.py b/regression-tests.auth-py/authtests.py
@@ -103,7 +103,7 @@ def generateAuthNamedConf(cls, confdir, zones):
 
                 namedconf.write("""
         zone "%s" {
-            type master;
+            type primary;
             file "%s.zone";
         };""" % (zone, zonename))
 

diff --git a/regression-tests.auth-py/test_ProxyProtocol.py b/regression-tests.auth-py/test_ProxyProtocol.py
@@ -142,7 +142,7 @@ def generateAuthNamedConf(cls, confdir, zones):
 
                 namedconf.write("""
         zone "%s" {
-            type slave;
+            type secondary;
             file "%s.zone";
             masters { %s; };
         };""" % (zone, zonename, cls._zones[zone]))

diff --git a/regression-tests.nobackend/counters/named.conf b/regression-tests.nobackend/counters/named.conf
@@ -9,6 +9,6 @@ options {
 };
 
 zone "test.com"{
-	type master;
+	type primary;
 	file "./test.com";
 };
diff --git a/regression-tests.nobackend/default-publish-cds/named.conf b/regression-tests.nobackend/default-publish-cds/named.conf
@@ -9,6 +9,6 @@ options {
 };
 
 zone "minimal.com"{
-	type master;
+	type primary;
 	file "./minimal.com";
 };
diff --git a/regression-tests.nobackend/edns-packet-cache/named.conf b/regression-tests.nobackend/edns-packet-cache/named.conf
@@ -9,6 +9,6 @@ options {
 };
 
 zone "minimal.com"{
-	type master;
+	type primary;
 	file "./minimal.com";
 };
diff --git a/regression-tests.nobackend/negcache-tests-dotted-cname/named.conf b/regression-tests.nobackend/negcache-tests-dotted-cname/named.conf
@@ -4,6 +4,6 @@ options {
 };
 
 zone "example.com" {
-  type master;
+  type primary;
   file "example.com.zone";
 };
diff --git a/regression-tests.nobackend/rectify-axfr/command b/regression-tests.nobackend/rectify-axfr/command
@@ -9,7 +9,7 @@ sed '/directory/ { s@./zones@../regression-tests/zones@ }' ../regression-tests/n
 
 cat >> ./named.conf << __EOF__
 zone "."{
-	type master;
+	type primary;
 	file "../../regression-tests.rootzone/zones/ROOT";
 };
 __EOF__

diff --git a/regression-tests.nobackend/soa-edit/named.conf b/regression-tests.nobackend/soa-edit/named.conf
@@ -9,6 +9,6 @@ options {
 };
 
 zone "minimal.com"{
-	type master;
+	type primary;
 	file "./minimal.com";
 };
diff --git a/regression-tests.nobackend/supermaster-signed/command b/regression-tests.nobackend/supermaster-signed/command
@@ -35,12 +35,12 @@ options {
         minimal-responses yes;
 };
 zone "example.com"{
-        type master;
+        type primary;
         file "example.com";
 };
 
 zone "test.com"{
-        type master;
+        type primary;
         file "test.com";
 };
 EOF

diff --git a/regression-tests.nobackend/supermaster-unsigned/command b/regression-tests.nobackend/supermaster-unsigned/command
@@ -30,12 +30,12 @@ options {
         minimal-responses yes;
 };
 zone "example.com"{
-        type master;
+        type primary;
         file "example.com";
 };
 
 zone "test.com"{
-        type master;
+        type primary;
         file "test.com";
 };
 EOF

diff --git a/regression-tests.recursor-dnssec/recursortests.py b/regression-tests.recursor-dnssec/recursortests.py
@@ -474,7 +474,7 @@ def generateAuthNamedConf(cls, confdir, zones):
 
                 namedconf.write("""
         zone "%s" {
-            type master;
+            type primary;
             file "%s.zone";
         };""" % (zone, zonename))
 

diff --git a/regression-tests.recursor/config.sh b/regression-tests.recursor/config.sh
@@ -541,7 +541,7 @@ EOF
         fi
         cat >> $dir/named.conf <<EOF
 zone "$realzone"{
-    type master;
+    type primary;
     file "./$zone.zone";
 };
 EOF

diff --git a/regression-tests.rootzone/named.conf b/regression-tests.rootzone/named.conf
@@ -8,7 +8,7 @@ options {
 	minimal-responses yes;
 };
 zone "."{
-	type master;
+	type primary;
 	file "ROOT";
 };
 
diff --git a/regression-tests/backends/bind-slave b/regression-tests/backends/bind-slave
@@ -1,5 +1,5 @@
 	context=${context}-presigned
-	perl -pe 's/type master;/type slave;\n\tmasters { 127.0.0.1:'$port'; };/ ;s/file "([^"]+)/file "$1-slave/' < named.conf > named-slave.conf
+	perl -pe 's/type primary;/type secondary;\n\tprimaries { 127.0.0.1:'$port'; };/ ;s/file "([^"]+)/file "$1-slave/' < named.conf > named-slave.conf
 
 	for zone in $(grep 'zone ' named.conf  | cut -f2 -d\")
 	do

diff --git a/regression-tests/ext/bind-master b/regression-tests/ext/bind-master
@@ -75,7 +75,7 @@ __EOF__
 
 		echo "" >> bind.conf
 		echo "zone \"${zone}\" {" >> bind.conf
-		echo "	type master;" >> bind.conf
+		echo "	type primary;" >> bind.conf
 		if [ "${zone}" = "tsig.com" ]
 		then
 			echo "	allow-transfer { key test; none; };" >> bind.conf

diff --git a/regression-tests/ext/bind-slave b/regression-tests/ext/bind-slave
@@ -21,7 +21,7 @@ __EOF__
 
 		echo "" >> bind-slave.conf
 		echo "zone \"${zone}\" {" >> bind-slave.conf
-		echo "	type slave;" >> bind-slave.conf
+		echo "	type secondary;" >> bind-slave.conf
 		echo "	file \"${zone}-slave\";" >> bind-slave.conf
 		if [ "${zone}" = "tsig.com" ]
 		then