From 58d09879b74dcca641851384ab35dfd9de33145c Mon Sep 17 00:00:00 2001 From: millert Date: Mon, 4 Aug 2008 16:34:20 +0000 Subject: [PATCH] Update to BIND 9.4.2-P2 and adapt our dynamic select changes. OK deraadt@ --- usr.sbin/bind/CHANGES | 46 +- usr.sbin/bind/COPYRIGHT | 4 +- usr.sbin/bind/bin/dig/dighost.c | 14 +- usr.sbin/bind/bin/named/client.c | 4 +- usr.sbin/bind/bin/named/config.c | 7 +- usr.sbin/bind/bin/named/controlconf.c | 10 +- usr.sbin/bind/bin/named/interfacemgr.c | 9 +- usr.sbin/bind/bin/named/lwresd.c | 9 +- usr.sbin/bind/bin/named/named.conf.docbook | 6 +- usr.sbin/bind/bin/named/server.c | 69 ++- usr.sbin/bind/bin/rndc/rndc.c | 10 +- usr.sbin/bind/configure | 2 +- usr.sbin/bind/configure.in | 6 +- usr.sbin/bind/doc/arm/Bv9ARM-book.xml | 23 +- usr.sbin/bind/lib/dns/api | 2 +- usr.sbin/bind/lib/dns/dispatch.c | 36 +- usr.sbin/bind/lib/dns/include/dns/dispatch.h | 4 +- usr.sbin/bind/lib/dns/request.c | 10 +- usr.sbin/bind/lib/dns/resolver.c | 20 +- usr.sbin/bind/lib/dns/xfrin.c | 7 +- usr.sbin/bind/lib/isc/api | 4 +- usr.sbin/bind/lib/isc/include/isc/resource.h | 19 +- usr.sbin/bind/lib/isc/include/isc/socket.h | 21 +- usr.sbin/bind/lib/isc/include/isc/timer.h | 8 +- usr.sbin/bind/lib/isc/timer.c | 16 +- usr.sbin/bind/lib/isc/unix/app.c | 2 +- usr.sbin/bind/lib/isc/unix/resource.c | 78 +++- usr.sbin/bind/lib/isc/unix/socket.c | 436 +++++++++++++------ usr.sbin/bind/lib/isc/unix/socket_p.h | 2 +- usr.sbin/bind/lib/isccfg/api | 2 +- usr.sbin/bind/lib/isccfg/namedconf.c | 7 +- usr.sbin/bind/version | 4 +- 32 files changed, 653 insertions(+), 244 deletions(-) diff --git a/usr.sbin/bind/CHANGES b/usr.sbin/bind/CHANGES index 43d2bd7af22..a8d3857a8c9 100644 --- a/usr.sbin/bind/CHANGES +++ b/usr.sbin/bind/CHANGES @@ -1,3 +1,47 @@ + --- 9.4.2-P2 released --- + +2406. [bug] Some operating systems have FD_SETSIZE set to a + low value by default, which can cause resource + exhaustion when many simultaneous connections are + open. Linux in particular makes it difficult to + increase this value. To use more sockets with + select(), set ISC_SOCKET_FDSETSIZE. Example: + STD_CDEFINES="-DISC_SOCKET_FDSETSIZE=4096" ./configure + (This should not be necessary in most cases, and + never for an authoritative-only server.) [RT #18328] + +2404. [port] hpux: files unlimited support. + +2403. [bug] TSIG context leak. [RT #18341] + +2402. [port] Support Solaris 2.11 and over. [RT #18362] + +2401. [bug] Expect to get E[MN]FILE errno internal_accept() + (from accept() or fcntl() system calls). [RT #18358] + +2399. [bug] Abort timeout queries to reduce the number of open + UDP sockets. [RT #18367] + +2398. [bug] Improve file descriptor management. New, + temporary, named.conf option reserved-sockets, + default 512. [RT #18344] + +2396. [bug] Don't set SO_REUSEADDR for randomized ports. + [RT #18336] + +2395. [port] Avoid warning and no effect from "files unlimited" + on Linux when running as root. [RT #18335] + +2394. [bug] Default configuration options set the limit for + open files to 'unlimited' as described in the + documentation. [RT #18331] + +2392. [bug] remove 'grep -q' from acl test script, some platforms + don't support it. [RT #18253] + +2322. [port] MacOS: work around the limitation of setrlimit() + for RLIMIT_NOFILE. [RT #17526] + --- 9.4.2-P1 released --- 2375. [security] Fully randomize UDP query ports to improve @@ -33,7 +77,7 @@ [RT #17113] 2249. [bug] Only set Authentic Data bit if client requested - DNSSEC, per RFC 3655 [RT #17175] + DNSSEC, per RFC 3655 [RT #17175] 2248. [cleanup] Fix several errors reported by Coverity. [RT #17160] diff --git a/usr.sbin/bind/COPYRIGHT b/usr.sbin/bind/COPYRIGHT index e849eb5a552..e1e223c9758 100644 --- a/usr.sbin/bind/COPYRIGHT +++ b/usr.sbin/bind/COPYRIGHT @@ -1,4 +1,4 @@ -Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") +Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") Copyright (C) 1996-2003 Internet Software Consortium. Permission to use, copy, modify, and/or distribute this software for any @@ -13,7 +13,7 @@ LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -$ISC: COPYRIGHT,v 1.9.18.4 2007/08/28 07:19:54 tbox Exp $ +$ISC: COPYRIGHT,v 1.9.18.4.10.1 2008/07/23 07:28:54 tbox Exp $ Portions Copyright (C) 1996-2001 Nominum, Inc. diff --git a/usr.sbin/bind/bin/dig/dighost.c b/usr.sbin/bind/bin/dig/dighost.c index 072a1912293..d51be17e36d 100644 --- a/usr.sbin/bind/bin/dig/dighost.c +++ b/usr.sbin/bind/bin/dig/dighost.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: dighost.c,v 1.259.18.43 2007/08/28 07:19:55 tbox Exp $ */ +/* $ISC: dighost.c,v 1.259.18.43.10.3 2008/07/23 23:16:43 marka Exp $ */ /*! \file * \note @@ -2213,14 +2213,15 @@ send_tcp_connect(dig_query_t *query) { sockcount++; debug("sockcount=%d", sockcount); if (specified_source) - result = isc_socket_bind(query->sock, &bind_address); + result = isc_socket_bind(query->sock, &bind_address, + ISC_SOCKET_REUSEADDRESS); else { if ((isc_sockaddr_pf(&query->sockaddr) == AF_INET) && have_ipv4) isc_sockaddr_any(&bind_any); else isc_sockaddr_any6(&bind_any); - result = isc_socket_bind(query->sock, &bind_any); + result = isc_socket_bind(query->sock, &bind_any, 0); } check_result(result, "isc_socket_bind"); bringup_timer(query, TCP_TIMEOUT); @@ -2267,11 +2268,12 @@ send_udp(dig_query_t *query) { sockcount++; debug("sockcount=%d", sockcount); if (specified_source) { - result = isc_socket_bind(query->sock, &bind_address); + result = isc_socket_bind(query->sock, &bind_address, + ISC_SOCKET_REUSEADDRESS); } else { isc_sockaddr_anyofpf(&bind_any, isc_sockaddr_pf(&query->sockaddr)); - result = isc_socket_bind(query->sock, &bind_any); + result = isc_socket_bind(query->sock, &bind_any, 0); } check_result(result, "isc_socket_bind"); diff --git a/usr.sbin/bind/bin/named/client.c b/usr.sbin/bind/bin/named/client.c index 8b33a90ec55..fea48e5acef 100644 --- a/usr.sbin/bind/bin/named/client.c +++ b/usr.sbin/bind/bin/named/client.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: client.c,v 1.219.18.28.10.1 2008/05/22 21:28:04 each Exp $ */ +/* $ISC: client.c,v 1.219.18.28.10.2 2008/07/23 07:28:54 tbox Exp $ */ #include diff --git a/usr.sbin/bind/bin/named/config.c b/usr.sbin/bind/bin/named/config.c index 26eb791b0a7..28f5e74ce34 100644 --- a/usr.sbin/bind/bin/named/config.c +++ b/usr.sbin/bind/bin/named/config.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2001-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: config.c,v 1.47.18.32 2007/09/13 05:04:01 each Exp $ */ +/* $ISC: config.c,v 1.47.18.32.10.3 2008/07/23 23:48:17 tbox Exp $ */ /*! \file */ @@ -52,7 +52,7 @@ options {\n\ #ifndef WIN32 " coresize default;\n\ datasize default;\n\ - files default;\n\ + files unlimited;\n\ stacksize default;\n" #endif " deallocate-on-exit true;\n\ @@ -99,6 +99,7 @@ options {\n\ use-ixfr true;\n\ edns-udp-size 4096;\n\ max-udp-size 4096;\n\ + reserved-sockets 512;\n\ \n\ /* view */\n\ allow-notify {none;};\n\ diff --git a/usr.sbin/bind/bin/named/controlconf.c b/usr.sbin/bind/bin/named/controlconf.c index 68f9a1eecfa..4001a8b19da 100644 --- a/usr.sbin/bind/bin/named/controlconf.c +++ b/usr.sbin/bind/bin/named/controlconf.c @@ -1,8 +1,8 @@ /* - * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006, 2008 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2001-2003 Internet Software Consortium. * - * Permission to use, copy, modify, and distribute this software for any + * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: controlconf.c,v 1.40.18.10 2006/12/07 04:53:02 marka Exp $ */ +/* $ISC: controlconf.c,v 1.40.18.10.40.3 2008/07/23 23:16:43 marka Exp $ */ /*! \file */ @@ -1151,8 +1151,8 @@ add_listener(ns_controls_t *cp, controllistener_t **listenerp, type, &listener->sock); if (result == ISC_R_SUCCESS) - result = isc_socket_bind(listener->sock, - &listener->address); + result = isc_socket_bind(listener->sock, &listener->address, + ISC_SOCKET_REUSEADDRESS); if (result == ISC_R_SUCCESS && type == isc_sockettype_unix) { listener->perm = cfg_obj_asuint32(cfg_tuple_get(control, diff --git a/usr.sbin/bind/bin/named/interfacemgr.c b/usr.sbin/bind/bin/named/interfacemgr.c index 7686f06a840..46699cbcfc5 100644 --- a/usr.sbin/bind/bin/named/interfacemgr.c +++ b/usr.sbin/bind/bin/named/interfacemgr.c @@ -1,8 +1,8 @@ /* - * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006, 2008 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * - * Permission to use, copy, modify, and distribute this software for any + * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: interfacemgr.c,v 1.76.18.8 2006/07/20 01:10:30 marka Exp $ */ +/* $ISC: interfacemgr.c,v 1.76.18.8.44.3 2008/07/23 23:16:43 marka Exp $ */ /*! \file */ @@ -306,7 +306,8 @@ ns_interface_accepttcp(ns_interface_t *ifp) { #ifndef ISC_ALLOW_MAPPED isc_socket_ipv6only(ifp->tcpsocket, ISC_TRUE); #endif - result = isc_socket_bind(ifp->tcpsocket, &ifp->addr); + result = isc_socket_bind(ifp->tcpsocket, &ifp->addr, + ISC_SOCKET_REUSEADDRESS); if (result != ISC_R_SUCCESS) { isc_log_write(IFMGR_COMMON_LOGARGS, ISC_LOG_ERROR, "binding TCP socket: %s", diff --git a/usr.sbin/bind/bin/named/lwresd.c b/usr.sbin/bind/bin/named/lwresd.c index a27b2890c2d..6f991030802 100644 --- a/usr.sbin/bind/bin/named/lwresd.c +++ b/usr.sbin/bind/bin/named/lwresd.c @@ -1,8 +1,8 @@ /* - * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006, 2008 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2003 Internet Software Consortium. * - * Permission to use, copy, modify, and distribute this software for any + * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: lwresd.c,v 1.46.18.7 2006/03/02 00:37:21 marka Exp $ */ +/* $ISC: lwresd.c,v 1.46.18.7.52.3 2008/07/23 23:16:43 marka Exp $ */ /*! \file * \brief @@ -576,7 +576,8 @@ listener_bind(ns_lwreslistener_t *listener, isc_sockaddr_t *address) { return (result); } - result = isc_socket_bind(sock, &listener->address); + result = isc_socket_bind(sock, &listener->address, + ISC_SOCKET_REUSEADDRESS); if (result != ISC_R_SUCCESS) { char socktext[ISC_SOCKADDR_FORMATSIZE]; isc_sockaddr_format(&listener->address, socktext, diff --git a/usr.sbin/bind/bin/named/named.conf.docbook b/usr.sbin/bind/bin/named/named.conf.docbook index f9111aa1d13..924c67018c1 100644 --- a/usr.sbin/bind/bin/named/named.conf.docbook +++ b/usr.sbin/bind/bin/named/named.conf.docbook @@ -2,7 +2,7 @@ "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" []> - + Aug 13, 2004 @@ -40,6 +40,7 @@ 2005 2006 2007 + 2008 Internet Systems Consortium, Inc. ("ISC") @@ -201,6 +202,7 @@ options { port integer; querylog boolean; recursing-file quoted_string; + reserved-sockets integer; random-device quoted_string; recursive-clients integer; serial-query-rate integer; diff --git a/usr.sbin/bind/bin/named/server.c b/usr.sbin/bind/bin/named/server.c index fb4e1c0895d..57c30619d73 100644 --- a/usr.sbin/bind/bin/named/server.c +++ b/usr.sbin/bind/bin/named/server.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: server.c,v 1.419.18.57.10.1 2008/05/22 21:28:04 each Exp $ */ +/* $ISC: server.c,v 1.419.18.57.10.3 2008/07/23 12:04:32 marka Exp $ */ /*! \file */ @@ -2696,27 +2696,29 @@ static isc_result_t load_configuration(const char *filename, ns_server_t *server, isc_boolean_t first_time) { - isc_result_t result; - isc_interval_t interval; - cfg_parser_t *parser = NULL; + cfg_aclconfctx_t aclconfctx; cfg_obj_t *config; - const cfg_obj_t *options; - const cfg_obj_t *views; + cfg_parser_t *parser = NULL; + const cfg_listelt_t *element; + const cfg_obj_t *builtin_views; + const cfg_obj_t *maps[3]; const cfg_obj_t *obj; + const cfg_obj_t *options; const cfg_obj_t *v4ports, *v6ports; - const cfg_obj_t *maps[3]; - const cfg_obj_t *builtin_views; - const cfg_listelt_t *element; + const cfg_obj_t *views; dns_view_t *view = NULL; dns_view_t *view_next; - dns_viewlist_t viewlist; dns_viewlist_t tmpviewlist; - cfg_aclconfctx_t aclconfctx; - isc_uint32_t interface_interval; - isc_uint32_t heartbeat_interval; - isc_uint32_t udpsize; + dns_viewlist_t viewlist; in_port_t listen_port; int i; + isc_interval_t interval; + isc_resourcevalue_t files; + isc_result_t result; + isc_uint32_t heartbeat_interval; + isc_uint32_t interface_interval; + isc_uint32_t reserved; + isc_uint32_t udpsize; cfg_aclconfctx_init(&aclconfctx); ISC_LIST_INIT(viewlist); @@ -2796,6 +2798,43 @@ load_configuration(const char *filename, ns_server_t *server, */ set_limits(maps); + /* + * Sanity check on "files" limit. + */ + result = isc_resource_curlimit(isc_resource_openfiles, &files); + if (result == ISC_R_SUCCESS && files < FD_SETSIZE) { + isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, + NS_LOGMODULE_SERVER, ISC_LOG_WARNING, + "the 'files' limit (%" ISC_PRINT_QUADFORMAT "u) " + "is less than FD_SETSIZE (%d), increase " + "'files' in named.conf or recompile with a " + "smaller FD_SETSIZE.", files, FD_SETSIZE); + if (files > FD_SETSIZE) + files = FD_SETSIZE; + } else + files = FD_SETSIZE; + + /* + * Set the number of socket reserved for TCP, stdio etc. + */ + obj = NULL; + result = ns_config_get(maps, "reserved-sockets", &obj); + INSIST(result == ISC_R_SUCCESS); + reserved = cfg_obj_asuint32(obj); + if (files < 128U) /* Prevent underflow. */ + reserved = 0; + else if (reserved > files - 128U) /* Mimimum UDP space. */ + reserved = files - 128; + if (reserved < 128U) /* Mimimum TCP/stdio space. */ + reserved = 128; + if (reserved + 128U > files) { + isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, + NS_LOGMODULE_SERVER, ISC_LOG_WARNING, + "less than 128 UDP sockets available after " + "applying 'reserved-sockets' and 'files'"); + } + isc__socketmgr_setreserved(ns_g_socketmgr, reserved); + /* * Configure various server options. */ diff --git a/usr.sbin/bind/bin/rndc/rndc.c b/usr.sbin/bind/bin/rndc/rndc.c index 6bb87e66f93..79f711b9d41 100644 --- a/usr.sbin/bind/bin/rndc/rndc.c +++ b/usr.sbin/bind/bin/rndc/rndc.c @@ -1,8 +1,8 @@ /* - * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006, 2008 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2003 Internet Software Consortium. * - * Permission to use, copy, modify, and distribute this software for any + * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: rndc.c,v 1.96.18.17 2006/08/04 03:03:41 marka Exp $ */ +/* $ISC: rndc.c,v 1.96.18.17.42.3 2008/07/23 23:16:43 marka Exp $ */ /*! \file */ @@ -400,10 +400,10 @@ rndc_startconnect(isc_sockaddr_t *addr, isc_task_t *task) { DO("create socket", isc_socket_create(socketmgr, pf, type, &sock)); switch (isc_sockaddr_pf(addr)) { case AF_INET: - DO("bind socket", isc_socket_bind(sock, &local4)); + DO("bind socket", isc_socket_bind(sock, &local4, 0)); break; case AF_INET6: - DO("bind socket", isc_socket_bind(sock, &local6)); + DO("bind socket", isc_socket_bind(sock, &local6, 0)); break; default: break; diff --git a/usr.sbin/bind/configure b/usr.sbin/bind/configure index c280ee00a87..6e280ad9fc1 100644 --- a/usr.sbin/bind/configure +++ b/usr.sbin/bind/configure @@ -28031,7 +28031,7 @@ case "$host" in *-solaris2.[89]) hack_shutup_pthreadonceinit=yes ;; - *-solaris2.10) + *-solaris2.1[0-9]) hack_shutup_pthreadonceinit=yes ;; esac diff --git a/usr.sbin/bind/configure.in b/usr.sbin/bind/configure.in index dbe53b87cdd..9119334892e 100644 --- a/usr.sbin/bind/configure.in +++ b/usr.sbin/bind/configure.in @@ -1,4 +1,4 @@ -# Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") # Copyright (C) 1998-2003 Internet Software Consortium. # # Permission to use, copy, modify, and/or distribute this software for any @@ -18,7 +18,7 @@ AC_DIVERT_PUSH(1)dnl esyscmd([sed "s/^/# /" COPYRIGHT])dnl AC_DIVERT_POP()dnl -AC_REVISION($Revision: 1.15 $) +AC_REVISION($Revision: 1.16 $) AC_INIT(lib/dns/name.c) AC_PREREQ(2.59) @@ -1839,7 +1839,7 @@ case "$host" in [*-solaris2.[89]]) hack_shutup_pthreadonceinit=yes ;; - *-solaris2.10) + *-solaris2.1[0-9]) hack_shutup_pthreadonceinit=yes ;; esac diff --git a/usr.sbin/bind/doc/arm/Bv9ARM-book.xml b/usr.sbin/bind/doc/arm/Bv9ARM-book.xml index 47573adf218..dd010d5d5ba 100644 --- a/usr.sbin/bind/doc/arm/Bv9ARM-book.xml +++ b/usr.sbin/bind/doc/arm/Bv9ARM-book.xml @@ -2,7 +2,7 @@ "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" []> - + BIND 9 Administrator Reference Manual @@ -28,6 +28,7 @@ 2005 2006 2007 + 2008 Internet Systems Consortium, Inc. ("ISC") @@ -4441,6 +4442,7 @@ category notify { null; }; max-transfer-idle-in number; max-transfer-idle-out number; tcp-clients number; + reserved-sockets number; recursive-clients number; serial-query-rate number; serial-queries number; @@ -6605,6 +6607,23 @@ query-source-v6 address * port *; + + reserved-sockets + + + The number of file descriptors reserved for TCP, stdio, + etc. This needs to be big enough to cover the number of + interfaces named listens on, tcp-clients as well as + to provide room for outgoing TCP queries and incoming zone + transfers. The default is 512. + The minimum value is 128 and the + maximum value is 128 less than + 'files' or FD_SETSIZE (whichever is smaller). This + option may be removed in the future. + + + + max-cache-size diff --git a/usr.sbin/bind/lib/dns/api b/usr.sbin/bind/lib/dns/api index f40dfe0239b..7ad55061cc5 100644 --- a/usr.sbin/bind/lib/dns/api +++ b/usr.sbin/bind/lib/dns/api @@ -1,3 +1,3 @@ LIBINTERFACE = 35 -LIBREVISION = 0 +LIBREVISION = 1 LIBAGE = 0 diff --git a/usr.sbin/bind/lib/dns/dispatch.c b/usr.sbin/bind/lib/dns/dispatch.c index 341798e29e7..44ec207027c 100644 --- a/usr.sbin/bind/lib/dns/dispatch.c +++ b/usr.sbin/bind/lib/dns/dispatch.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: dispatch.c,v 1.116.18.19.12.1 2008/05/22 21:28:06 each Exp $ */ +/* $ISC: dispatch.c,v 1.116.18.19.12.5 2008/07/23 23:16:43 marka Exp $ */ /*! \file */ @@ -278,7 +278,26 @@ request_log(dns_dispatch_t *disp, dns_dispentry_t *resp, } /* - * ARC4 random number generator obtained from OpenBSD + * ARC4 random number generator derived from OpenBSD. + * Only dispatch_arc4random() and dispatch_arc4uniformrandom() are expected + * to be called from general dispatch routines; the rest of them are subroutines + * for these two. + * + * The original copyright follows: + * Copyright (c) 1996, David Mazieres + * Copyright (c) 2008, Damien Miller + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ static void dispatch_arc4init(arc4ctx_t *actx) { @@ -1174,7 +1193,7 @@ destroy_mgr(dns_dispatchmgr_t **mgrp) { static isc_result_t create_socket(isc_socketmgr_t *mgr, isc_sockaddr_t *local, - isc_socket_t **sockp) + unsigned int options, isc_socket_t **sockp) { isc_socket_t *sock; isc_result_t result; @@ -1188,7 +1207,7 @@ create_socket(isc_socketmgr_t *mgr, isc_sockaddr_t *local, #ifndef ISC_ALLOW_MAPPED isc_socket_ipv6only(sock, ISC_TRUE); #endif - result = isc_socket_bind(sock, local); + result = isc_socket_bind(sock, local, options); if (result != ISC_R_SUCCESS) { isc_socket_detach(&sock); return (result); @@ -1921,7 +1940,7 @@ dispatch_createudp(dns_dispatchmgr_t *mgr, isc_socketmgr_t *sockmgr, attributes &= ~DNS_DISPATCHATTR_RANDOMPORT; goto getsocket; } - result = create_socket(sockmgr, &localaddr_bound, &sock); + result = create_socket(sockmgr, &localaddr_bound, 0, &sock); if (result == ISC_R_ADDRINUSE) { if (++k == 1024) attributes &= ~DNS_DISPATCHATTR_RANDOMPORT; @@ -1932,7 +1951,7 @@ dispatch_createudp(dns_dispatchmgr_t *mgr, isc_socketmgr_t *sockmgr, isc_sockaddr_t localaddr_listen; isc_sockaddr_setport(&localaddr_bound, 0); - result = create_socket(sockmgr, &localaddr_bound, &sock); + result = create_socket(sockmgr, &localaddr_bound, 0, &sock); if (result != ISC_R_SUCCESS) { if (++k == 1024) attributes &= ~DNS_DISPATCHATTR_RANDOMPORT; @@ -1949,7 +1968,8 @@ dispatch_createudp(dns_dispatchmgr_t *mgr, isc_socketmgr_t *sockmgr, localport = isc_sockaddr_getport(&localaddr_listen); #endif } else - result = create_socket(sockmgr, localaddr, &sock); + result = create_socket(sockmgr, localaddr, + ISC_SOCKET_REUSEADDRESS, &sock); if (result != ISC_R_SUCCESS) goto deallocate_dispatch; if ((attributes & DNS_DISPATCHATTR_RANDOMPORT) == 0 && diff --git a/usr.sbin/bind/lib/dns/include/dns/dispatch.h b/usr.sbin/bind/lib/dns/include/dns/dispatch.h index 5f1d92adb80..468dfe1f020 100644 --- a/usr.sbin/bind/lib/dns/include/dns/dispatch.h +++ b/usr.sbin/bind/lib/dns/include/dns/dispatch.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2008 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: dispatch.h,v 1.48.18.5.12.1 2008/05/22 21:28:06 each Exp $ */ +/* $ISC: dispatch.h,v 1.48.18.5.12.2 2008/07/23 07:28:56 tbox Exp $ */ #ifndef DNS_DISPATCH_H #define DNS_DISPATCH_H 1 diff --git a/usr.sbin/bind/lib/dns/request.c b/usr.sbin/bind/lib/dns/request.c index 8b1abc9533b..0dce8bce70d 100644 --- a/usr.sbin/bind/lib/dns/request.c +++ b/usr.sbin/bind/lib/dns/request.c @@ -1,8 +1,8 @@ /* - * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006, 2008 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2002 Internet Software Consortium. * - * Permission to use, copy, modify, and distribute this software for any + * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: request.c,v 1.72.18.5 2006/08/21 00:40:53 marka Exp $ */ +/* $ISC: request.c,v 1.72.18.5.42.2 2008/07/23 07:28:56 tbox Exp $ */ /*! \file */ @@ -518,11 +518,11 @@ create_tcp_dispatch(dns_requestmgr_t *requestmgr, isc_sockaddr_t *srcaddr, if (srcaddr == NULL) { isc_sockaddr_anyofpf(&bind_any, isc_sockaddr_pf(destaddr)); - result = isc_socket_bind(socket, &bind_any); + result = isc_socket_bind(socket, &bind_any, 0); } else { src = *srcaddr; isc_sockaddr_setport(&src, 0); - result = isc_socket_bind(socket, &src); + result = isc_socket_bind(socket, &src, 0); } if (result != ISC_R_SUCCESS) goto cleanup; diff --git a/usr.sbin/bind/lib/dns/resolver.c b/usr.sbin/bind/lib/dns/resolver.c index 4e43196f273..04a64df09b3 100644 --- a/usr.sbin/bind/lib/dns/resolver.c +++ b/usr.sbin/bind/lib/dns/resolver.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: resolver.c,v 1.284.18.66.8.1 2008/05/22 21:28:06 each Exp $ */ +/* $ISC: resolver.c,v 1.284.18.66.8.4 2008/07/24 05:00:48 jinmei Exp $ */ /*! \file */ @@ -1123,7 +1123,7 @@ fctx_query(fetchctx_t *fctx, dns_adbaddrinfo_t *addrinfo, goto cleanup_query; #ifndef BROKEN_TCP_BIND_BEFORE_CONNECT - result = isc_socket_bind(query->tcpsocket, &addr); + result = isc_socket_bind(query->tcpsocket, &addr, 0); if (result != ISC_R_SUCCESS) goto cleanup_socket; #endif @@ -2689,6 +2689,8 @@ fctx_destroy(fetchctx_t *fctx) { static void fctx_timeout(isc_task_t *task, isc_event_t *event) { fetchctx_t *fctx = event->ev_arg; + isc_timerevent_t *tevent = (isc_timerevent_t *)event; + resquery_t *query; REQUIRE(VALID_FCTX(fctx)); @@ -2704,8 +2706,18 @@ fctx_timeout(isc_task_t *task, isc_event_t *event) { fctx->timeouts++; /* * We could cancel the running queries here, or we could let - * them keep going. Right now we choose the latter... + * them keep going. Since we normally use separate sockets for + * different queries, we adopt the former approach to reduce + * the number of open sockets: cancel the oldest query if it + * expired after the query had started (this is usually the + * case but is not always so, depending on the task schedule + * timing). */ + query = ISC_LIST_HEAD(fctx->queries); + if (query != NULL && + isc_time_compare(&tevent->due, &query->start) >= 0) { + fctx_cancelquery(&query, NULL, NULL, ISC_TRUE); + } fctx->attributes &= ~FCTX_ATTR_ADDRWAIT; /* * Our timer has triggered. Reestablish the fctx lifetime diff --git a/usr.sbin/bind/lib/dns/xfrin.c b/usr.sbin/bind/lib/dns/xfrin.c index ed949f7a443..aec042c51b5 100644 --- a/usr.sbin/bind/lib/dns/xfrin.c +++ b/usr.sbin/bind/lib/dns/xfrin.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: xfrin.c,v 1.135.18.16 2007/10/31 01:59:47 marka Exp $ */ +/* $ISC: xfrin.c,v 1.135.18.16.10.3 2008/07/23 23:16:43 marka Exp $ */ /*! \file */ @@ -862,7 +862,8 @@ xfrin_start(dns_xfrin_ctx_t *xfr) { isc_sockettype_tcp, &xfr->socket)); #ifndef BROKEN_TCP_BIND_BEFORE_CONNECT - CHECK(isc_socket_bind(xfr->socket, &xfr->sourceaddr)); + CHECK(isc_socket_bind(xfr->socket, &xfr->sourceaddr, + ISC_SOCKET_REUSEADDRESS)); #endif CHECK(isc_socket_connect(xfr->socket, &xfr->masteraddr, xfr->task, xfrin_connect_done, xfr)); diff --git a/usr.sbin/bind/lib/isc/api b/usr.sbin/bind/lib/isc/api index ecadc93c94f..f40dfe0239b 100644 --- a/usr.sbin/bind/lib/isc/api +++ b/usr.sbin/bind/lib/isc/api @@ -1,3 +1,3 @@ -LIBINTERFACE = 32 -LIBREVISION = 5 +LIBINTERFACE = 35 +LIBREVISION = 0 LIBAGE = 0 diff --git a/usr.sbin/bind/lib/isc/include/isc/resource.h b/usr.sbin/bind/lib/isc/include/isc/resource.h index 5d459419c75..3e7cc5c2943 100644 --- a/usr.sbin/bind/lib/isc/include/isc/resource.h +++ b/usr.sbin/bind/lib/isc/include/isc/resource.h @@ -1,8 +1,8 @@ /* - * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2008 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * - * Permission to use, copy, modify, and distribute this software for any + * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: resource.h,v 1.5.18.2 2005/04/29 00:17:02 marka Exp $ */ +/* $ISC: resource.h,v 1.5.18.2.52.2 2008/07/23 23:48:17 tbox Exp $ */ #ifndef ISC_RESOURCE_H #define ISC_RESOURCE_H 1 @@ -81,6 +81,19 @@ isc_resource_getlimit(isc_resource_t resource, isc_resourcevalue_t *value); *\li #ISC_R_NOTIMPLEMENTED 'resource' is not a type known by the OS. */ +isc_result_t +isc_resource_curlimit(isc_resource_t resource, isc_resourcevalue_t *value); +/* + * Get the current limit on a resource. + * + * Requires: + * 'resource' is a valid member of the isc_resource_t enumeration. + * + * Returns: + * ISC_R_SUCCESS Success. + * ISC_R_NOTIMPLEMENTED 'resource' is not a type known by the OS. + */ + ISC_LANG_ENDDECLS #endif /* ISC_RESOURCE_H */ diff --git a/usr.sbin/bind/lib/isc/include/isc/socket.h b/usr.sbin/bind/lib/isc/include/isc/socket.h index e5e76cab964..579b8bf97d5 100644 --- a/usr.sbin/bind/lib/isc/include/isc/socket.h +++ b/usr.sbin/bind/lib/isc/include/isc/socket.h @@ -1,8 +1,8 @@ /* - * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006, 2008 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2002 Internet Software Consortium. * - * Permission to use, copy, modify, and distribute this software for any + * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: socket.h,v 1.57.18.6 2006/06/07 00:29:45 marka Exp $ */ +/* $ISC: socket.h,v 1.57.18.6.46.4 2008/07/23 23:16:43 marka Exp $ */ #ifndef ISC_SOCKET_H #define ISC_SOCKET_H 1 @@ -77,6 +77,12 @@ ISC_LANG_BEGINDECLS */ #define ISC_SOCKET_MAXSCATTERGATHER 8 +/*% + * In isc_socket_bind() set socket option SO_REUSEADDR prior to calling + * bind() if a non zero port is specified (AF_INET and AF_INET6). + */ +#define ISC_SOCKET_REUSEADDRESS 0x01U + /*** *** Types ***/ @@ -312,7 +318,8 @@ isc_socket_detach(isc_socket_t **socketp); */ isc_result_t -isc_socket_bind(isc_socket_t *sock, isc_sockaddr_t *addressp); +isc_socket_bind(isc_socket_t *sock, isc_sockaddr_t *addressp, + unsigned int options); /*%< * Bind 'socket' to '*addressp'. * @@ -750,6 +757,12 @@ isc_socket_permunix(isc_sockaddr_t *sockaddr, isc_uint32_t perm, * \li #ISC_R_FAILURE */ +void +isc__socketmgr_setreserved(isc_socketmgr_t *mgr, isc_uint32_t); +/*%< + * Temporary. For use by named only. + */ + ISC_LANG_ENDDECLS #endif /* ISC_SOCKET_H */ diff --git a/usr.sbin/bind/lib/isc/include/isc/timer.h b/usr.sbin/bind/lib/isc/include/isc/timer.h index 594665620db..11cc2a56a11 100644 --- a/usr.sbin/bind/lib/isc/include/isc/timer.h +++ b/usr.sbin/bind/lib/isc/include/isc/timer.h @@ -1,8 +1,8 @@ /* - * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2008 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2002 Internet Software Consortium. * - * Permission to use, copy, modify, and distribute this software for any + * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: timer.h,v 1.31.18.3 2005/10/26 06:50:50 marka Exp $ */ +/* $ISC: timer.h,v 1.31.18.3.52.2 2008/07/24 23:48:09 tbox Exp $ */ #ifndef ISC_TIMER_H #define ISC_TIMER_H 1 @@ -76,6 +76,7 @@ #include #include #include +#include ISC_LANG_BEGINDECLS @@ -93,6 +94,7 @@ typedef enum { typedef struct isc_timerevent { struct isc_event common; + isc_time_t due; } isc_timerevent_t; #define ISC_TIMEREVENT_FIRSTEVENT (ISC_EVENTCLASS_TIMER + 0) diff --git a/usr.sbin/bind/lib/isc/timer.c b/usr.sbin/bind/lib/isc/timer.c index 99283412580..34235cc1b01 100644 --- a/usr.sbin/bind/lib/isc/timer.c +++ b/usr.sbin/bind/lib/isc/timer.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2008 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: timer.c,v 1.73.18.7 2007/10/24 23:46:26 tbox Exp $ */ +/* $ISC: timer.c,v 1.73.18.7.10.3 2008/07/29 18:35:53 jinmei Exp $ */ /*! \file */ @@ -577,7 +577,7 @@ isc_timer_detach(isc_timer_t **timerp) { static void dispatch(isc_timermgr_t *manager, isc_time_t *now) { isc_boolean_t done = ISC_FALSE, post_event, need_schedule; - isc_event_t *event; + isc_timerevent_t *event; isc_eventtype_t type = 0; isc_timer_t *timer; isc_result_t result; @@ -650,16 +650,18 @@ dispatch(isc_timermgr_t *manager, isc_time_t *now) { /* * XXX We could preallocate this event. */ - event = isc_event_allocate(manager->mctx, + event = (isc_timerevent_t *)isc_event_allocate(manager->mctx, timer, type, timer->action, timer->arg, sizeof(*event)); - if (event != NULL) - isc_task_send(timer->task, &event); - else + if (event != NULL) { + event->due = timer->due; + isc_task_send(timer->task, + ISC_EVENT_PTR(&event)); + } else UNEXPECTED_ERROR(__FILE__, __LINE__, isc_msgcat_get(isc_msgcat, ISC_MSGSET_TIMER, diff --git a/usr.sbin/bind/lib/isc/unix/app.c b/usr.sbin/bind/lib/isc/unix/app.c index a575f20b49e..4bb702f961b 100644 --- a/usr.sbin/bind/lib/isc/unix/app.c +++ b/usr.sbin/bind/lib/isc/unix/app.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: app.c,v 1.50.18.2 2005/04/29 00:17:06 marka Exp $ */ +/* $ISC: app.c,v 1.50.18.2.50.1 2008/07/29 04:47:31 each Exp $ */ /*! \file */ diff --git a/usr.sbin/bind/lib/isc/unix/resource.c b/usr.sbin/bind/lib/isc/unix/resource.c index 8d5d8c896bf..c0c7febab48 100644 --- a/usr.sbin/bind/lib/isc/unix/resource.c +++ b/usr.sbin/bind/lib/isc/unix/resource.c @@ -1,8 +1,8 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2008 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * - * Permission to use, copy, modify, and distribute this software for any + * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: resource.c,v 1.12 2004/03/05 05:11:46 marka Exp $ */ +/* $ISC: resource.c,v 1.12.944.4 2008/07/28 22:44:46 marka Exp $ */ #include @@ -28,6 +28,14 @@ #include #include +#ifdef __linux__ +#include /* To get the large NR_OPEN. */ +#endif + +#ifdef __hpux +#include +#endif + #include "errno2result.h" static isc_result_t @@ -182,8 +190,51 @@ isc_resource_setlimit(isc_resource_t resource, isc_resourcevalue_t value) { if (unixresult == 0) return (ISC_R_SUCCESS); - else - return (isc__errno2result(errno)); + +#if defined(OPEN_MAX) && defined(__APPLE__) + /* + * The Darwin kernel doesn't accept RLIM_INFINITY for rlim_cur; the + * maximum possible value is OPEN_MAX. BIND8 used to use + * sysconf(_SC_OPEN_MAX) for such a case, but this value is much + * smaller than OPEN_MAX and is not really effective. + */ + if (resource == isc_resource_openfiles && rlim_value == RLIM_INFINITY) { + rl.rlim_cur = OPEN_MAX; + unixresult = setrlimit(unixresource, &rl); + if (unixresult == 0) + return (ISC_R_SUCCESS); + } +#elif defined(NR_OPEN) && defined(__linux__) + /* + * Some Linux kernels don't accept RLIM_INFINIT; the maximum + * possible value is the NR_OPEN defined in linux/fs.h. + */ + if (resource == isc_resource_openfiles && rlim_value == RLIM_INFINITY) { + rl.rlim_cur = rl.rlim_max = NR_OPEN; + unixresult = setrlimit(unixresource, &rl); + if (unixresult == 0) + return (ISC_R_SUCCESS); + } +#elif defined(__hpux) + if (resource == isc_resource_openfiles && rlim_value == RLIM_INFINITY) { + uint64_t maxfiles; + if (gettune("maxfiles_lim", &maxfiles) == 0) { + rl.rlim_cur = rl.rlim_max = maxfiles; + unixresult = setrlimit(unixresource, &rl); + if (unixresult == 0) + return (ISC_R_SUCCESS); + } + } +#endif + if (resource == isc_resource_openfiles && rlim_value == RLIM_INFINITY) { + if (getrlimit(unixresource, &rl) == 0) { + rl.rlim_cur = rl.rlim_max; + unixresult = setrlimit(unixresource, &rl); + if (unixresult == 0) + return (ISC_R_SUCCESS); + } + } + return (isc__errno2result(errno)); } isc_result_t @@ -202,3 +253,20 @@ isc_resource_getlimit(isc_resource_t resource, isc_resourcevalue_t *value) { return (result); } + +isc_result_t +isc_resource_curlimit(isc_resource_t resource, isc_resourcevalue_t *value) { + int unixresult; + int unixresource; + struct rlimit rl; + isc_result_t result; + + result = resource2rlim(resource, &unixresource); + if (result == ISC_R_SUCCESS) { + unixresult = getrlimit(unixresource, &rl); + INSIST(unixresult == 0); + *value = rl.rlim_cur; + } + + return (result); +} diff --git a/usr.sbin/bind/lib/isc/unix/socket.c b/usr.sbin/bind/lib/isc/unix/socket.c index 2537e1f0f05..fc300ba1e92 100644 --- a/usr.sbin/bind/lib/isc/unix/socket.c +++ b/usr.sbin/bind/lib/isc/unix/socket.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: socket.c,v 1.237.18.29 2007/08/28 07:20:06 tbox Exp $ */ +/* $ISC: socket.c,v 1.237.18.29.10.6 2008/07/29 04:47:31 each Exp $ */ /*! \file */ @@ -65,6 +65,34 @@ #include "socket_p.h" #endif /* ISC_PLATFORM_USETHREADS */ +/*% + * Max number of open sockets. In the vast majority of cases the default size + * of FD_SETSIZE should be fine, and this constant should be increased only + * when absolutely necessary and possible, i.e., the server is exhausting all + * available file descriptors (up to FD_SETSIZE) and the select() function + * and FD_xxx macros support larger values than FD_SETSIZE (which may not + * always by true, but we keep using some of them to ensure as much + * portability as possible). Note also that overall server performance + * may be rather worsened with a larger value of this constant due to + * inherent scalability problems of select(). + * + * As a special note, this value shouldn't have to be touched if + * this is a build for an authoritative only DNS server. + */ + +#ifndef ISC_SOCKET_FDSETSIZE +#define ISC_SOCKET_FDSETSIZE FD_SETSIZE +#endif + +/*% + * Mac OS X needs a special definition to support larger values in select() + */ +#if ISC_SOCKET_FDSETSIZE > FD_SETSIZE +#ifdef __APPLE__ +#define _DARWIN_UNLIMITED_SELECT +#endif /* __APPLE__ */ +#endif + /*% * Some systems define the socket length argument as an int, some as size_t, * some as socklen_t. This is here so it can be easily changed if needed. @@ -203,14 +231,18 @@ struct isc_socketmgr { unsigned int magic; isc_mem_t *mctx; isc_mutex_t lock; + int fd_bufsize; + int fdsize; /* Locked by manager lock. */ ISC_LIST(isc_socket_t) socklist; - fd_set *read_fds, *read_fds_copy; - fd_set *write_fds, *write_fds_copy; - isc_socket_t **fds; - int *fdstate; + fd_set *read_fds; + fd_set *read_fds_copy; + fd_set *write_fds; + fd_set *write_fds_copy; + isc_socket_t **fds; + int *fdstate; int maxfd; - int fdsize; + int reserved; /* unlocked */ #ifdef ISC_PLATFORM_USETHREADS isc_thread_t watcher; isc_condition_t shutdown_ok; @@ -255,7 +287,9 @@ static void build_msghdr_send(isc_socket_t *, isc_socketevent_t *, struct msghdr *, struct iovec *, size_t *); static void build_msghdr_recv(isc_socket_t *, isc_socketevent_t *, struct msghdr *, struct iovec *, size_t *); -static void expand_fdsets(isc_socketmgr_t *, int, isc_mem_t *); +static void cleanup_fdsets(isc_socketmgr_t *, isc_mem_t *); +static isc_result_t create_fdsets(isc_socketmgr_t *, isc_mem_t *); +static isc_result_t expand_fdsets(isc_socketmgr_t *, int, isc_mem_t *); #define SELECT_POKE_SHUTDOWN (-1) #define SELECT_POKE_NOTHING (-2) @@ -1397,78 +1431,6 @@ free_socket(isc_socket_t **socketp) { *socketp = NULL; } -static void -expand_fdsets(isc_socketmgr_t *manager, int maxfd, isc_mem_t *mctx) { - void *tmp; - int newsize = manager->fdsize; - - if (mctx == NULL) - mctx = manager->mctx; - - do { - newsize += FD_SETSIZE; - } while (newsize <= maxfd); - - tmp = isc_mem_get(mctx, sizeof(manager->fds[0]) * newsize); - memset(tmp, 0, sizeof(manager->fds[0]) * newsize); - if (manager->fdsize) { - memcpy(tmp, manager->fds, - sizeof(manager->fds[0]) * manager->fdsize); - isc_mem_put(mctx, manager->fds, - sizeof(manager->fds[0]) * manager->fdsize); - } - manager->fds = tmp; - - tmp = isc_mem_get(mctx, sizeof(manager->fdstate[0]) * newsize); - memset(tmp, 0, sizeof(manager->fdstate[0]) * newsize); - if (manager->fdsize) { - memcpy(tmp, manager->fdstate, - sizeof(manager->fdstate[0]) * manager->fdsize); - isc_mem_put(mctx, manager->fdstate, - sizeof(manager->fdstate[0]) * manager->fdsize); - } - manager->fdstate = tmp; - - tmp = isc_mem_get(mctx, howmany(newsize, NFDBITS) * sizeof(fd_mask)); - memset(tmp, 0, howmany(newsize, NFDBITS) * sizeof(fd_mask)); - if (manager->fdsize) { - memcpy(tmp, manager->read_fds, - howmany(manager->fdsize, NFDBITS) * sizeof(fd_mask)); - isc_mem_put(mctx, manager->read_fds, - howmany(manager->fdsize, NFDBITS) * sizeof(fd_mask)); - } - manager->read_fds = tmp; - - tmp = isc_mem_get(mctx, howmany(newsize, NFDBITS) * sizeof(fd_mask)); - memset(tmp, 0, howmany(newsize, NFDBITS) * sizeof(fd_mask)); - if (manager->fdsize) { - memcpy(tmp, manager->write_fds, - howmany(manager->fdsize, NFDBITS) * sizeof(fd_mask)); - isc_mem_put(mctx, manager->write_fds, - howmany(manager->fdsize, NFDBITS) * sizeof(fd_mask)); - } - manager->write_fds = tmp; - - /* Don't bother copying these, they are copied before use */ - tmp = isc_mem_get(mctx, howmany(newsize, NFDBITS) * sizeof(fd_mask)); - memset(tmp, 0, howmany(newsize, NFDBITS) * sizeof(fd_mask)); - if (manager->fdsize) { - isc_mem_put(mctx, manager->read_fds_copy, - howmany(manager->fdsize, NFDBITS) * sizeof(fd_mask)); - } - manager->read_fds_copy = tmp; - - tmp = isc_mem_get(mctx, howmany(newsize, NFDBITS) * sizeof(fd_mask)); - memset(tmp, 0, howmany(newsize, NFDBITS) * sizeof(fd_mask)); - if (manager->fdsize) { - isc_mem_put(mctx, manager->write_fds_copy, - howmany(manager->fdsize, NFDBITS) * sizeof(fd_mask)); - } - manager->write_fds_copy = tmp; - - manager->fdsize = newsize; -} - #ifdef SO_BSDCOMPAT /* * This really should not be necessary to do. Having to workout @@ -1555,9 +1517,18 @@ isc_socket_create(isc_socketmgr_t *manager, int pf, isc_sockettype_t type, #ifdef F_DUPFD /* - * Leave a space for stdio to work in. + * Leave a space for stdio and TCP to work in. */ - if (sock->fd >= 0 && sock->fd < 20) { + if (manager->reserved != 0 && type == isc_sockettype_udp && + sock->fd >= 0 && sock->fd < manager->reserved) { + int new, tmp; + new = fcntl(sock->fd, F_DUPFD, manager->reserved); + tmp = errno; + (void)close(sock->fd); + errno = tmp; + sock->fd = new; + err = "isc_socket_create: fcntl/reserved"; + } else if (sock->fd >= 0 && sock->fd < 20) { int new, tmp; new = fcntl(sock->fd, F_DUPFD, 20); tmp = errno; @@ -1568,8 +1539,17 @@ isc_socket_create(isc_socketmgr_t *manager, int pf, isc_sockettype_t type, } #endif - if (sock->fd >= sock->manager->fdsize) - expand_fdsets(sock->manager, sock->fd, NULL); + if (sock->fd >= manager->fdsize && + expand_fdsets(sock->manager, sock->fd, NULL) != ISC_R_SUCCESS) { + (void)close(sock->fd); + isc_log_iwrite(isc_lctx, ISC_LOGCATEGORY_GENERAL, + ISC_LOGMODULE_SOCKET, ISC_LOG_ERROR, + isc_msgcat, ISC_MSGSET_SOCKET, + ISC_MSG_TOOMANYFDS, + "%s: too many open file descriptors", "socket"); + free_socket(&sock); + return (ISC_R_NORESOURCES); + } if (sock->fd < 0) { free_socket(&sock); @@ -2033,7 +2013,7 @@ internal_accept(isc_task_t *me, isc_event_t *ev) { (void)close(fd); errno = tmp; fd = new; - err = "fcntl"; + err = "accept/fcntl"; } #endif @@ -2041,8 +2021,17 @@ internal_accept(isc_task_t *me, isc_event_t *ev) { if (SOFT_ERROR(errno)) goto soft_error; switch (errno) { - case ENOBUFS: case ENFILE: + case EMFILE: + isc_log_iwrite(isc_lctx, ISC_LOGCATEGORY_GENERAL, + ISC_LOGMODULE_SOCKET, ISC_LOG_ERROR, + isc_msgcat, ISC_MSGSET_SOCKET, + ISC_MSG_TOOMANYFDS, + "%s: too many open file descriptors", + err); + goto soft_error; + + case ENOBUFS: case ENOMEM: case ECONNRESET: case ECONNABORTED: @@ -2092,8 +2081,16 @@ internal_accept(isc_task_t *me, isc_event_t *ev) { sock->pf); (void)close(fd); goto soft_error; - } else if (fd >= sock->manager->fdsize) { - expand_fdsets(sock->manager, fd, NULL); + } else if (fd >= manager->fdsize && + expand_fdsets(sock->manager, fd, NULL) != ISC_R_SUCCESS) { + isc_log_iwrite(isc_lctx, ISC_LOGCATEGORY_GENERAL, + ISC_LOGMODULE_SOCKET, ISC_LOG_ERROR, + isc_msgcat, ISC_MSGSET_SOCKET, + ISC_MSG_TOOMANYFDS, + "%s: too many open file descriptors", + "accept"); + (void)close(fd); + goto soft_error; } } @@ -2137,13 +2134,10 @@ internal_accept(isc_task_t *me, isc_event_t *ev) { */ dev->address = dev->newsocket->address; - if (manager->maxfd < fd) - manager->maxfd = fd; - if (manager->maxfd >= manager->fdsize) - expand_fdsets(manager, manager->maxfd, NULL); - manager->fds[fd] = dev->newsocket; manager->fdstate[fd] = MANAGED; + if (manager->maxfd < fd) + manager->maxfd = fd; socket_log(sock, &dev->newsocket->address, CREATION, isc_msgcat, ISC_MSGSET_SOCKET, ISC_MSG_ACCEPTEDCXN, @@ -2376,8 +2370,6 @@ watcher(void *uap) { isc_boolean_t done; int ctlfd; int cc; - fd_set readfds; - fd_set writefds; int msg, fd; int maxfd; char strbuf[ISC_STRERRORSIZE]; @@ -2391,13 +2383,16 @@ watcher(void *uap) { done = ISC_FALSE; while (!done) { do { - readfds = manager->read_fds; - writefds = manager->write_fds; + memcpy(manager->read_fds_copy, manager->read_fds, + manager->fd_bufsize); + memcpy(manager->write_fds_copy, manager->write_fds, + manager->fd_bufsize); maxfd = manager->maxfd + 1; UNLOCK(&manager->lock); - cc = select(maxfd, &readfds, &writefds, NULL, NULL); + cc = select(maxfd, manager->read_fds_copy, + manager->write_fds_copy, NULL, NULL); if (cc < 0) { if (!SOFT_ERROR(errno)) { isc__strerror(errno, strbuf, @@ -2419,7 +2414,7 @@ watcher(void *uap) { /* * Process reads on internal, control fd. */ - if (FD_ISSET(ctlfd, &readfds)) { + if (FD_ISSET(ctlfd, manager->read_fds_copy)) { for (;;) { select_readmsg(manager, &fd, &msg); @@ -2458,7 +2453,8 @@ watcher(void *uap) { } } - process_fds(manager, maxfd, &readfds, &writefds); + process_fds(manager, maxfd, manager->read_fds_copy, + manager->write_fds_copy); } manager_log(manager, TRACE, @@ -2470,6 +2466,184 @@ watcher(void *uap) { } #endif /* ISC_PLATFORM_USETHREADS */ +void +isc__socketmgr_setreserved(isc_socketmgr_t *manager, isc_uint32_t reserved) { + + REQUIRE(VALID_MANAGER(manager)); + + manager->reserved = reserved; +} + +/* + * Initialize fdsets in socketmgr structure. + */ +static isc_result_t +create_fdsets(isc_socketmgr_t *manager, isc_mem_t *mctx) { +#if ISC_SOCKET_FDSETSIZE > FD_SETSIZE + manager->fdsize = ISC_SOCKET_FDSETSIZE; + manager->fd_bufsize = howmany(ISC_SOCKET_FDSETSIZE, NFDBITS) * + sizeof(fd_mask); +#else + manager->fdsize = FD_SETSIZE; + manager->fd_bufsize = sizeof(fd_set); +#endif + + manager->fds = NULL; + manager->fdstate = NULL; + manager->read_fds = NULL; + manager->read_fds_copy = NULL; + manager->write_fds = NULL; + manager->write_fds_copy = NULL; + + manager->fds = isc_mem_get(mctx, + manager->fdsize * sizeof(manager->fds[0])); + if (manager->fds == NULL) + goto fail; + + manager->fdstate = isc_mem_get(mctx, manager->fdsize * + sizeof(manager->fdstate[0])); + if (manager->fdstate == NULL) + goto fail; + + manager->read_fds = isc_mem_get(mctx, manager->fd_bufsize); + if (manager->read_fds == NULL) + goto fail; + manager->read_fds_copy = isc_mem_get(mctx, manager->fd_bufsize); + if (manager->read_fds_copy == NULL) + goto fail; + manager->write_fds = isc_mem_get(mctx, manager->fd_bufsize); + if (manager->write_fds == NULL) + goto fail; + manager->write_fds_copy = isc_mem_get(mctx, manager->fd_bufsize); + if (manager->write_fds_copy == NULL) + goto fail; + + return (ISC_R_SUCCESS); + + fail: + cleanup_fdsets(manager, mctx); + return (ISC_R_NOMEMORY); +} + +/* + * Clean up fdsets in socketmgr structure. + */ +static void +cleanup_fdsets(isc_socketmgr_t *manager, isc_mem_t *mctx) { + if (manager->fds != NULL) { + isc_mem_put(mctx, manager->fds, + manager->fdsize * sizeof(manager->fds[0])); + } + if (manager->fdstate != NULL) { + isc_mem_put(mctx, manager->fdstate, + manager->fdsize * sizeof(manager->fdstate[0])); + } + if (manager->read_fds != NULL) + isc_mem_put(mctx, manager->read_fds, manager->fd_bufsize); + if (manager->read_fds_copy != NULL) + isc_mem_put(mctx, manager->read_fds_copy, manager->fd_bufsize); + if (manager->write_fds != NULL) + isc_mem_put(mctx, manager->write_fds, manager->fd_bufsize); + if (manager->write_fds_copy != NULL) + isc_mem_put(mctx, manager->write_fds_copy, manager->fd_bufsize); +} + +/* + * Expand fdsets in socketmgr structure. + */ +static isc_result_t +expand_fdsets(isc_socketmgr_t *manager, int maxfd, isc_mem_t *mctx) { + fd_set *read_fds = NULL, *read_fds_copy = NULL; + fd_set *write_fds = NULL, *write_fds_copy = NULL; + isc_socket_t **fds = NULL; + int *fdstate = NULL, fdsize, fd_bufsize; + + if (mctx == NULL) + mctx = manager->mctx; + + fdsize = manager->fdsize; + do { + fdsize <<= 1; + } while (fdsize <= maxfd); + fd_bufsize = howmany(fdsize, NFDBITS) * sizeof(fd_mask); + + fds = isc_mem_get(mctx, sizeof(manager->fds[0]) * fdsize); + fdstate = isc_mem_get(mctx, sizeof(manager->fdstate[0]) * fdsize); + read_fds = isc_mem_get(mctx, fd_bufsize); + write_fds = isc_mem_get(mctx, fd_bufsize); + read_fds_copy = isc_mem_get(mctx, fd_bufsize); + write_fds_copy = isc_mem_get(mctx, fd_bufsize); + if (fds == NULL || fdstate == NULL || read_fds == NULL || + write_fds == NULL || read_fds_copy == NULL || write_fds_copy == NULL) + goto fail; + + /* Copy old values. */ + memset(fds, 0, sizeof(manager->fds[0]) * fdsize); + if (manager->fdsize) { + memcpy(fds, manager->fds, + sizeof(manager->fds[0]) * manager->fdsize); + isc_mem_put(mctx, manager->fds, + sizeof(manager->fds[0]) * manager->fdsize); + } + manager->fds = fds; + + memset(fdstate, 0, sizeof(manager->fdstate[0]) * fdsize); + if (manager->fdsize) { + memcpy(fdstate, manager->fdstate, + sizeof(manager->fdstate[0]) * manager->fdsize); + isc_mem_put(mctx, manager->fdstate, + sizeof(manager->fdstate[0]) * manager->fdsize); + } + manager->fdstate = fdstate; + + memset(read_fds, 0, fd_bufsize); + if (manager->fdsize) { + memcpy(read_fds, manager->read_fds, manager->fd_bufsize); + isc_mem_put(mctx, manager->read_fds, manager->fd_bufsize); + } + manager->read_fds = read_fds; + + memset(write_fds, 0, fd_bufsize); + if (manager->fdsize) { + memcpy(write_fds, manager->write_fds, manager->fd_bufsize); + isc_mem_put(mctx, manager->write_fds, manager->fd_bufsize); + } + manager->write_fds = write_fds; + + /* Don't bother copying these, they are copied before use */ + memset(read_fds_copy, 0, howmany(fdsize, NFDBITS) * sizeof(fd_mask)); + if (manager->fdsize) + isc_mem_put(mctx, manager->read_fds_copy, manager->fd_bufsize); + manager->read_fds_copy = read_fds_copy; + + memset(write_fds_copy, 0, howmany(fdsize, NFDBITS) * sizeof(fd_mask)); + if (manager->fdsize) + isc_mem_put(mctx, manager->write_fds_copy, manager->fd_bufsize); + manager->write_fds_copy = write_fds_copy; + + manager->fdsize = fdsize; + manager->fd_bufsize = fd_bufsize; + + return (ISC_R_SUCCESS); + fail: + if (fds != NULL) { + isc_mem_put(mctx, fds, + howmany(fdsize, NFDBITS) * sizeof(fd_mask)); + } + if (fdstate != NULL) + isc_mem_put(mctx, fdstate, sizeof(fdstate[0]) * fdsize); + if (read_fds != NULL) + isc_mem_put(mctx, read_fds, fd_bufsize); + if (write_fds != NULL) + isc_mem_put(mctx, write_fds, fd_bufsize); + if (read_fds_copy != NULL) + isc_mem_put(mctx, read_fds_copy, fd_bufsize); + if (write_fds_copy != NULL) + isc_mem_put(mctx, write_fds_copy, fd_bufsize); + return (ISC_R_NOMEMORY); +} + + /* * Create a new socket manager. */ @@ -2495,21 +2669,26 @@ isc_socketmgr_create(isc_mem_t *mctx, isc_socketmgr_t **managerp) { if (manager == NULL) return (ISC_R_NOMEMORY); + result = create_fdsets(manager, mctx); + if (result != ISC_R_SUCCESS) { + cleanup_fdsets(manager, mctx); + isc_mem_put(mctx, manager, sizeof(*manager)); + return (result); + } + manager->magic = SOCKET_MANAGER_MAGIC; manager->mctx = NULL; - manager->read_fds = NULL; - manager->write_fds = NULL; - manager->fds = NULL; - manager->fdstate = NULL; - manager->fdsize = NULL; + memset(manager->fds, 0, sizeof(manager->fds[0]) * manager->fdsize); ISC_LIST_INIT(manager->socklist); result = isc_mutex_init(&manager->lock); if (result != ISC_R_SUCCESS) { + cleanup_fdsets(manager, mctx); isc_mem_put(mctx, manager, sizeof(*manager)); return (result); } #ifdef ISC_PLATFORM_USETHREADS if (isc_condition_init(&manager->shutdown_ok) != ISC_R_SUCCESS) { + cleanup_fdsets(manager, mctx); DESTROYLOCK(&manager->lock); isc_mem_put(mctx, manager, sizeof(*manager)); UNEXPECTED_ERROR(__FILE__, __LINE__, @@ -2524,6 +2703,7 @@ isc_socketmgr_create(isc_mem_t *mctx, isc_socketmgr_t **managerp) { * select/poll loop when something internal needs to be done. */ if (pipe(manager->pipe_fds) != 0) { + cleanup_fdsets(manager, mctx); DESTROYLOCK(&manager->lock); isc_mem_put(mctx, manager, sizeof(*manager)); isc__strerror(errno, strbuf, sizeof(strbuf)); @@ -2547,13 +2727,17 @@ isc_socketmgr_create(isc_mem_t *mctx, isc_socketmgr_t **managerp) { /* * Set up initial state for the select loop */ + memset(manager->read_fds, 0, manager->fd_bufsize); + memset(manager->write_fds, 0, manager->fd_bufsize); #ifdef ISC_PLATFORM_USETHREADS FD_SET(manager->pipe_fds[0], manager->read_fds); manager->maxfd = manager->pipe_fds[0]; #else /* ISC_PLATFORM_USETHREADS */ manager->maxfd = 0; #endif /* ISC_PLATFORM_USETHREADS */ - expand_fdsets(manager, manager->maxfd, mctx); + manager->reserved = 0; + memset(manager->fdstate, 0, + manager->fdsize * sizeof(manager->fdstate[0])); #ifdef ISC_PLATFORM_USETHREADS /* @@ -2659,25 +2843,12 @@ isc_socketmgr_destroy(isc_socketmgr_t **managerp) { (void)isc_condition_destroy(&manager->shutdown_ok); #endif /* ISC_PLATFORM_USETHREADS */ - if (manager->fdsize) { - for (i = 0; i < manager->fdsize; i++) - if (manager->fdstate[i] == CLOSE_PENDING) - (void)close(i); - isc_mem_put(manager->mctx, manager->fds, - sizeof(manager->fds[0]) * manager->fdsize); - isc_mem_put(manager->mctx, manager->fdstate, - sizeof(manager->fdstate[0]) * manager->fdsize); - isc_mem_put(manager->mctx, manager->read_fds, - howmany(manager->fdsize, NFDBITS) * sizeof(fd_mask)); - isc_mem_put(manager->mctx, manager->write_fds, - howmany(manager->fdsize, NFDBITS) * sizeof(fd_mask)); - isc_mem_put(manager->mctx, manager->read_fds_copy, - howmany(manager->fdsize, NFDBITS) * sizeof(fd_mask)); - isc_mem_put(manager->mctx, manager->write_fds_copy, - howmany(manager->fdsize, NFDBITS) * sizeof(fd_mask)); - } + for (i = 0; i < manager->fdsize; i++) + if (manager->fdstate[i] == CLOSE_PENDING) + (void)close(i); DESTROYLOCK(&manager->lock); + cleanup_fdsets(manager, manager->mctx); manager->magic = 0; mctx= manager->mctx; isc_mem_put(mctx, manager, sizeof(*manager)); @@ -3246,7 +3417,8 @@ isc_socket_permunix(isc_sockaddr_t *sockaddr, isc_uint32_t perm, } isc_result_t -isc_socket_bind(isc_socket_t *sock, isc_sockaddr_t *sockaddr) { +isc_socket_bind(isc_socket_t *sock, isc_sockaddr_t *sockaddr, + unsigned int options) { char strbuf[ISC_STRERRORSIZE]; int on = 1; @@ -3265,7 +3437,8 @@ isc_socket_bind(isc_socket_t *sock, isc_sockaddr_t *sockaddr) { if (sock->pf == AF_UNIX) goto bind_socket; #endif - if (isc_sockaddr_getport(sockaddr) != (in_port_t)0 && + if ((options & ISC_SOCKET_REUSEADDRESS) != 0 && + isc_sockaddr_getport(sockaddr) != (in_port_t)0 && setsockopt(sock->fd, SOL_SOCKET, SO_REUSEADDR, (void *)&on, sizeof(on)) < 0) { UNEXPECTED_ERROR(__FILE__, __LINE__, @@ -3906,16 +4079,11 @@ isc__socketmgr_getfdsets(fd_set **readset, fd_set **writeset, int *maxfd) { if (socketmgr == NULL) *maxfd = 0; else { - /* Prepare duplicates of fd_sets, as select() will modify */ - if (socketmgr->fdsize) { - memcpy(socketmgr->read_fds_copy, socketmgr->read_fds, - howmany(socketmgr->fdsize, NFDBITS) * - sizeof(fd_mask)); - memcpy(socketmgr->write_fds_copy, socketmgr->write_fds, - howmany(socketmgr->fdsize, NFDBITS) * - sizeof(fd_mask)); - } + memcpy(socketmgr->read_fds_copy, socketmgr->read_fds, + socketmgr->fd_bufsize); + memcpy(socketmgr->write_fds_copy, socketmgr->write_fds, + socketmgr->fd_bufsize); *readset = socketmgr->read_fds_copy; *writeset = socketmgr->write_fds_copy; *maxfd = socketmgr->maxfd + 1; diff --git a/usr.sbin/bind/lib/isc/unix/socket_p.h b/usr.sbin/bind/lib/isc/unix/socket_p.h index 1ed16a4c56f..f4b835136d8 100644 --- a/usr.sbin/bind/lib/isc/unix/socket_p.h +++ b/usr.sbin/bind/lib/isc/unix/socket_p.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: socket_p.h,v 1.7.18.2 2005/04/29 00:17:08 marka Exp $ */ +/* $ISC: socket_p.h,v 1.7.18.2.52.1 2008/07/29 04:47:31 each Exp $ */ #ifndef ISC_SOCKET_P_H #define ISC_SOCKET_P_H diff --git a/usr.sbin/bind/lib/isccfg/api b/usr.sbin/bind/lib/isccfg/api index aba393a7ba9..d94beab3e3f 100644 --- a/usr.sbin/bind/lib/isccfg/api +++ b/usr.sbin/bind/lib/isccfg/api @@ -1,3 +1,3 @@ LIBINTERFACE = 30 -LIBREVISION = 3 +LIBREVISION = 4 LIBAGE = 0 diff --git a/usr.sbin/bind/lib/isccfg/namedconf.c b/usr.sbin/bind/lib/isccfg/namedconf.c index 418b233ec7c..bfa641b3b06 100644 --- a/usr.sbin/bind/lib/isccfg/namedconf.c +++ b/usr.sbin/bind/lib/isccfg/namedconf.c @@ -1,8 +1,8 @@ /* - * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006, 2008 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2002, 2003 Internet Software Consortium. * - * Permission to use, copy, modify, and distribute this software for any + * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: namedconf.c,v 1.30.18.38 2006/05/03 01:46:40 marka Exp $ */ +/* $ISC: namedconf.c,v 1.30.18.38.50.2 2008/07/23 23:48:17 tbox Exp $ */ /*! \file */ @@ -634,6 +634,7 @@ options_clauses[] = { { "recursing-file", &cfg_type_qstring, 0 }, { "random-device", &cfg_type_qstring, 0 }, { "recursive-clients", &cfg_type_uint32, 0 }, + { "reserved-sockets", &cfg_type_uint32, 0 }, { "serial-queries", &cfg_type_uint32, CFG_CLAUSEFLAG_OBSOLETE }, { "serial-query-rate", &cfg_type_uint32, 0 }, { "server-id", &cfg_type_serverid, 0 }, diff --git a/usr.sbin/bind/version b/usr.sbin/bind/version index 768143216b5..fef324e230e 100644 --- a/usr.sbin/bind/version +++ b/usr.sbin/bind/version @@ -1,4 +1,4 @@ -# $ISC: version,v 1.29.134.18.8.1 2008/05/22 21:28:03 each Exp $ +# $Id: version,v 1.13 2008/08/04 16:34:20 millert Exp $ # # This file must follow /bin/sh rules. It is imported directly via # configure. @@ -7,4 +7,4 @@ MAJORVER=9 MINORVER=4 PATCHVER=2 RELEASETYPE=-P -RELEASEVER=1 +RELEASEVER=2 -- 2.20.1