BIND 10 master, updated. 77b10c708212584290b7505d90cdcd110fc1637d Merge branch 'master' of git+ssh://git.bind10.isc.org/var/bind10/git/bind10
BIND 10 source code commits
bind10-changes at lists.isc.org
Wed Sep 26 15:29:09 UTC 2012
The branch, master has been updated
via 77b10c708212584290b7505d90cdcd110fc1637d (commit)
via 46109eae81cb9768ea339ebd3bd53006ad276d56 (commit)
via 48b6e91386b46eed383126ad98dddfafc9f7e75e (commit)
via bfdb265f3ac48ec543de081bb02b79e78b8d7f9e (commit)
via de626b3c2aec2bd7896e75c5ae14337b03342729 (commit)
via 56aa815ad1200fb8b2901634b6004bbcd0eb5331 (commit)
via 825d75f5c66467173d0c0f7333bed1ba47857823 (commit)
from f142802acfd65bb9cd993a254a99ff34ef731573 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 77b10c708212584290b7505d90cdcd110fc1637d
Merge: 46109ea f142802
Author: Michal 'vorner' Vaner <michal.vaner at nic.cz>
Date: Wed Sep 26 17:29:02 2012 +0200
Merge branch 'master' of git+ssh://git.bind10.isc.org/var/bind10/git/bind10
commit 46109eae81cb9768ea339ebd3bd53006ad276d56
Author: Michal 'vorner' Vaner <michal.vaner at nic.cz>
Date: Wed Sep 26 17:15:13 2012 +0200
Changelog for #2191
commit 48b6e91386b46eed383126ad98dddfafc9f7e75e
Merge: 2adcf03 bfdb265
Author: Michal 'vorner' Vaner <michal.vaner at nic.cz>
Date: Wed Sep 26 17:13:36 2012 +0200
Merge #2191
commit bfdb265f3ac48ec543de081bb02b79e78b8d7f9e
Author: Michal 'vorner' Vaner <michal.vaner at nic.cz>
Date: Wed Sep 26 17:12:07 2012 +0200
[2191] Remove unneeded code
The method is the same as the version in the base class. No need to
replace it.
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 5 +++++
doc/guide/bind10-guide.xml | 12 ------------
src/lib/acl/dns.h | 4 ----
src/lib/acl/tests/dns_test.cc | 14 +++++++++++++-
src/lib/python/isc/acl/tests/dns_test.py | 4 ----
5 files changed, 18 insertions(+), 21 deletions(-)
-----------------------------------------------------------------------
diff --git a/ChangeLog b/ChangeLog
index df0e36f..1ddfa3c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+481. [bug] vorner
+ The abbreviated form of IP addresses in ACLs is accepted
+ (eg. "from": ["127.0.01", "::1"] now works).
+ (Trac #2191, git 48b6e91386b46eed383126ad98dddfafc9f7e75e)
+
480. [doc] vorner
Added documentation about global TSIG key ring to the Guide.
(Trac #2189, git 52177bb31f5fb8e134aecb9fd039c368684ad2df)
diff --git a/doc/guide/bind10-guide.xml b/doc/guide/bind10-guide.xml
index 4b2061f..d33a2c7 100644
--- a/doc/guide/bind10-guide.xml
+++ b/doc/guide/bind10-guide.xml
@@ -1486,18 +1486,6 @@ AND_MATCH := "ALL": [ RULE_RAW, RULE_RAW, ... ]
will work in a similar way.
</para>
- <note>
- <simpara>
- The list form is currently rejected due to an
- implementation bug. There is a plan to fix it relatively
- soon, so the syntax is kept here, but note that it won't
- work until the bug is fixed. To keep track of the status
- of the issue, see
- <ulink url="http://bind10.isc.org/ticket/2191">Trac #2191</ulink>.
- Until then, the value must be a single string.
- </simpara>
- </note>
-
<para>
If that is not enough, you can compose the matching conditions
to logical expressions. They are called "ANY", "ALL" and "NOT".
diff --git a/src/lib/acl/dns.h b/src/lib/acl/dns.h
index d08fcf3..5ea0b13 100644
--- a/src/lib/acl/dns.h
+++ b/src/lib/acl/dns.h
@@ -136,10 +136,6 @@ public:
virtual boost::shared_ptr<RequestCheck>
create(const std::string& name, isc::data::ConstElementPtr definition,
const acl::Loader<RequestContext>& loader);
-
- /// Until we are sure how the various rules work for this case, we won't
- /// allow unexpected special interpretation for list definitions.
- virtual bool allowListAbbreviation() const { return (false); }
};
} // end of namespace "internal"
diff --git a/src/lib/acl/tests/dns_test.cc b/src/lib/acl/tests/dns_test.cc
index b3ddbf4..8d6ee70 100644
--- a/src/lib/acl/tests/dns_test.cc
+++ b/src/lib/acl/tests/dns_test.cc
@@ -62,6 +62,18 @@ TEST(DNSACL, getRequestLoader) {
" \"from\": \"192.0.2.1\"}]")));
}
+// Check we can abbreviate the IP address lists and TSIG keys
+TEST(DNSACL, abbreviated) {
+ dns::RequestLoader* l(&getRequestLoader());
+
+ EXPECT_NO_THROW(l->load(Element::fromJSON("[{\"action\": \"DROP\","
+ " \"from\": [\"127.0.0.1\","
+ " \"::1\"]}]")));
+ EXPECT_NO_THROW(l->load(Element::fromJSON("[{\"action\": \"DROP\","
+ " \"key\": [\"key.example.\","
+ " \"other.\"]}]")));
+}
+
class RequestCheckCreatorTest : public ::testing::Test {
protected:
dns::internal::RequestCheckCreator creator_;
@@ -78,7 +90,7 @@ TEST_F(RequestCheckCreatorTest, names) {
}
TEST_F(RequestCheckCreatorTest, allowListAbbreviation) {
- EXPECT_FALSE(creator_.allowListAbbreviation());
+ EXPECT_TRUE(creator_.allowListAbbreviation());
}
// The following two tests check the creator for the form of
diff --git a/src/lib/python/isc/acl/tests/dns_test.py b/src/lib/python/isc/acl/tests/dns_test.py
index d225bee..84fead2 100644
--- a/src/lib/python/isc/acl/tests/dns_test.py
+++ b/src/lib/python/isc/acl/tests/dns_test.py
@@ -198,10 +198,6 @@ class RequestACLTest(unittest.TestCase):
self.assertRaises(LoaderError, REQUEST_LOADER.load,
[{"action": "ACCEPT", "from": 4}])
self.assertRaises(LoaderError, REQUEST_LOADER.load,
- '[{"action": "ACCEPT", "from": []}]')
- self.assertRaises(LoaderError, REQUEST_LOADER.load,
- [{"action": "ACCEPT", "from": []}])
- self.assertRaises(LoaderError, REQUEST_LOADER.load,
'[{"action": "ACCEPT", "key": 1}]')
self.assertRaises(LoaderError, REQUEST_LOADER.load,
[{"action": "ACCEPT", "key": 1}])
More information about the bind10-changes
mailing list