Index: nsdc.sh.in =================================================================== --- nsdc.sh.in (revision 3167) +++ nsdc.sh.in (revision 3168) @@ -276,6 +276,11 @@ ifc_spec="" if test I$2 != INOIFC; then ifc_spec="-a $2" + # with a : is IPv6 + case "$2" in + *:*) ifc_is_ip6="yes" ;; + *) ifc_is_ip6="no" ;; + esac fi shift 2 @@ -284,6 +289,13 @@ key_spec=$2 shift 2 secret="" + # skip if ifc is set and mismatch v4-v6 + if test -n "$ifc_spec"; then + case "$ip_spec" in + *:*) if test "$ifc_is_ip6" = "no"; then continue; fi;; + *) if test "$ifc_is_ip6" = "yes"; then continue; fi;; + esac + fi if test K${key_spec} != KNOKEY -a K${key_spec} != KBLOCKED; then secret=`${nsd_checkconf} -s ${key_spec} ${configfile}` Index: doc/ChangeLog =================================================================== --- doc/ChangeLog (revision 3167) +++ doc/ChangeLog (revision 3168) @@ -1,3 +1,9 @@ +24 February 2011: Wouter + - fix bug#362: outgoing-interface and v4 vs. v6 leads to spurious + warning messages. + - fix bug#363: nsd-checkconf -v does not print outgoing-interface ok. + - fix that nsd-checkconf -o outgoing-interface omits NOKEY. + 23 February 2011: Wouter - (merged with nsd4 on 22nd). - fix for bug#357, make xfrd quit with many zones. Index: doc/RELNOTES =================================================================== --- doc/RELNOTES (revision 3167) +++ doc/RELNOTES (revision 3168) @@ -5,9 +5,14 @@ BUG FIXES: - Bugfix #348: Don't include header/library path if OpenSSL is in /usr - - Fix leak of compressiontable when the domain table increases in size. - - Do setusercontext() before chroot(), otherwise login.conf etc. are required - inside chroot. + - fix leak of compressiontable when the domain table increases in size. + - Do setusercontext() before chroot(), otherwise login.conf etc. are + required inside chroot. + - Bugfix #357, make xfrd quit with many zones. + - Bugfix #362: outgoing-interface and v4 vs. v6 leads to spurious + warning messages. + - Bugfix #363: nsd-checkconf -v does not print outgoing-interface ok. + - Bugfix: nsd-checkconf -o outgoing-interface omits NOKEY. 3.2.7 ============= Index: nsd-checkconf.c =================================================================== --- nsd-checkconf.c (revision 3167) +++ nsd-checkconf.c (revision 3168) @@ -26,6 +26,14 @@ return; \ } +#define ZONE_GET_OUTGOING(NAME, VAR) \ + if (strcasecmp(#NAME, (VAR)) == 0) { \ + acl_options_t* acl; \ + for(acl=zone->NAME; acl; acl=acl->next) \ + quote(acl->ip_address_spec); \ + return; \ + } + #define ZONE_GET_STR(NAME, VAR) \ if (strcasecmp(#NAME, (VAR)) == 0) { \ quote(zone->NAME); \ @@ -183,6 +191,15 @@ } } +static void +print_acl_ips(const char* varname, acl_options_t* acl) +{ + while(acl) + { + printf("\t%s %s\n", varname, acl->ip_address_spec); + acl=acl->next; + } +} void config_print_zone(nsd_options_t* opt, const char* k, int s, const char *o, const char *z) @@ -229,7 +246,7 @@ ZONE_GET_ACL(allow_notify, o); ZONE_GET_ACL(notify, o); ZONE_GET_BIN(notify_retry, o); - ZONE_GET_ACL(outgoing_interface, o); + ZONE_GET_OUTGOING(outgoing_interface, o); ZONE_GET_BIN(allow_axfr_fallback, o); printf("Zone option not handled: %s %s\n", z, o); exit(1); @@ -333,7 +350,7 @@ printf("\tnotify-retry: %d\n", zone->notify_retry); print_acl("notify:", zone->notify); print_acl("provide-xfr:", zone->provide_xfr); - print_acl("outgoing-interface:", zone->outgoing_interface); + print_acl_ips("outgoing-interface:", zone->outgoing_interface); printf("\tallow-axfr-fallback: %s\n", zone->allow_axfr_fallback?"yes":"no"); }