From 3d17a3ba61a303d5c4d9867068d0fbe9f24d2988 Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Fri, 4 Dec 2009 21:09:34 +0000 Subject: [PATCH] 2801. [func] Detect and report records that are different according to DNSSEC but are sematically equal according to plain DNS. Apply plain DNS comparisons rather than DNSSEC comparisons when processing UPDATE requests. dnssec-signzone now removes such semantically duplicate records prior to signing the RRset. named-checkzone -r {ignore|warn|fail} (default warn) named-compilezone -r {ignore|warn|fail} (default warn) named.conf: check-dup-records {ignore|warn|fail}; --- CHANGES | 12 +++ bin/check/named-checkconf.c | 20 ++++- bin/check/named-checkzone.c | 42 ++++++--- bin/check/named-checkzone.docbook | 17 +++- bin/dnssec/dnssec-signzone.c | 95 ++++++++++++++++++++- bin/named/config.c | 3 +- bin/named/update.c | 12 +-- bin/named/zoneconf.c | 17 +++- doc/arm/Bv9ARM-book.xml | 27 +++++- lib/bind9/check.c | 3 +- lib/dns/gen.c | 4 +- lib/dns/include/dns/rdata.h | 21 ++++- lib/dns/include/dns/zone.h | 4 +- lib/dns/rdata.c | 33 +++++++- lib/dns/rdata/any_255/tsig_250.c | 7 +- lib/dns/rdata/ch_3/a_1.c | 6 +- lib/dns/rdata/generic/afsdb_18.c | 6 +- lib/dns/rdata/generic/cert_37.c | 8 +- lib/dns/rdata/generic/cname_5.c | 7 +- lib/dns/rdata/generic/dlv_32769.c | 7 +- lib/dns/rdata/generic/dname_39.c | 6 +- lib/dns/rdata/generic/dnskey_48.c | 39 ++++++++- lib/dns/rdata/generic/ds_43.c | 7 +- lib/dns/rdata/generic/gpos_27.c | 7 +- lib/dns/rdata/generic/hinfo_13.c | 6 +- lib/dns/rdata/generic/hip_55.c | 60 ++++++++++++- lib/dns/rdata/generic/ipseckey_45.c | 41 ++++++++- lib/dns/rdata/generic/isdn_20.c | 7 +- lib/dns/rdata/generic/key_25.c | 35 +++++++- lib/dns/rdata/generic/keydata_65533.c | 7 +- lib/dns/rdata/generic/loc_29.c | 7 +- lib/dns/rdata/generic/mb_7.c | 7 +- lib/dns/rdata/generic/md_3.c | 7 +- lib/dns/rdata/generic/mf_4.c | 7 +- lib/dns/rdata/generic/mg_8.c | 7 +- lib/dns/rdata/generic/minfo_14.c | 7 +- lib/dns/rdata/generic/mr_9.c | 7 +- lib/dns/rdata/generic/mx_15.c | 7 +- lib/dns/rdata/generic/ns_2.c | 7 +- lib/dns/rdata/generic/nsec3_50.c | 7 +- lib/dns/rdata/generic/nsec3param_51.c | 7 +- lib/dns/rdata/generic/nsec_47.c | 34 +++++++- lib/dns/rdata/generic/null_10.c | 7 +- lib/dns/rdata/generic/nxt_30.c | 6 +- lib/dns/rdata/generic/opt_41.c | 7 +- lib/dns/rdata/generic/proforma.c | 19 ++++- lib/dns/rdata/generic/ptr_12.c | 6 +- lib/dns/rdata/generic/rp_17.c | 6 +- lib/dns/rdata/generic/rrsig_46.c | 45 +++++++++- lib/dns/rdata/generic/rt_21.c | 7 +- lib/dns/rdata/generic/sig_24.c | 6 +- lib/dns/rdata/generic/soa_6.c | 7 +- lib/dns/rdata/generic/spf_99.c | 6 +- lib/dns/rdata/generic/sshfp_44.c | 7 +- lib/dns/rdata/generic/tkey_249.c | 6 +- lib/dns/rdata/generic/txt_16.c | 7 +- lib/dns/rdata/generic/unspec_103.c | 7 +- lib/dns/rdata/generic/x25_19.c | 7 +- lib/dns/rdata/hs_4/a_1.c | 7 +- lib/dns/rdata/in_1/a6_38.c | 7 +- lib/dns/rdata/in_1/a_1.c | 7 +- lib/dns/rdata/in_1/aaaa_28.c | 6 +- lib/dns/rdata/in_1/apl_42.c | 7 +- lib/dns/rdata/in_1/dhcid_49.c | 7 +- lib/dns/rdata/in_1/kx_36.c | 7 +- lib/dns/rdata/in_1/naptr_35.c | 7 +- lib/dns/rdata/in_1/nsap-ptr_23.c | 7 +- lib/dns/rdata/in_1/nsap_22.c | 7 +- lib/dns/rdata/in_1/px_26.c | 7 +- lib/dns/rdata/in_1/srv_33.c | 7 +- lib/dns/rdata/in_1/wks_11.c | 7 +- lib/dns/zone.c | 117 +++++++++++++++++++++++++- lib/isccfg/namedconf.c | 4 +- 73 files changed, 956 insertions(+), 88 deletions(-) diff --git a/CHANGES b/CHANGES index b10379a239..9c2f1b46a3 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,15 @@ +2801. [func] Detect and report records that are different according + to DNSSEC but are sematically equal according to plain + DNS. Apply plain DNS comparisons rather than DNSSEC + comparisons when processing UPDATE requests. + dnssec-signzone now removes such semantically duplicate + records prior to signing the RRset. + + named-checkzone -r {ignore|warn|fail} (default warn) + named-compilezone -r {ignore|warn|fail} (default warn) + + named.conf: check-dup-records {ignore|warn|fail}; + 2800. [func] Reject zones which have NS records which refer to CNAMEs, DNAMEs or don't have address record (class IN only). Reject UPDATEs which would cause the zone diff --git a/bin/check/named-checkconf.c b/bin/check/named-checkconf.c index 3ef766cc84..07ed4bb2a2 100644 --- a/bin/check/named-checkconf.c +++ b/bin/check/named-checkconf.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named-checkconf.c,v 1.50 2009/09/29 15:06:05 fdupont Exp $ */ +/* $Id: named-checkconf.c,v 1.51 2009/12/04 21:09:32 marka Exp $ */ /*! \file */ @@ -205,6 +205,24 @@ configure_zone(const char *vclass, const char *view, return (ISC_R_FAILURE); zfile = cfg_obj_asstring(fileobj); + obj = NULL; + if (get_maps(maps, "check-dup-records", &obj)) { + if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) { + zone_options |= DNS_ZONEOPT_CHECKDUPRR; + zone_options &= ~DNS_ZONEOPT_CHECKDUPRRFAIL; + } else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) { + zone_options |= DNS_ZONEOPT_CHECKDUPRR; + zone_options |= DNS_ZONEOPT_CHECKDUPRRFAIL; + } else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) { + zone_options &= ~DNS_ZONEOPT_CHECKDUPRR; + zone_options &= ~DNS_ZONEOPT_CHECKDUPRRFAIL; + } else + INSIST(0); + } else { + zone_options |= DNS_ZONEOPT_CHECKDUPRR; + zone_options &= ~DNS_ZONEOPT_CHECKDUPRRFAIL; + } + obj = NULL; if (get_maps(maps, "check-mx", &obj)) { if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) { diff --git a/bin/check/named-checkzone.c b/bin/check/named-checkzone.c index fccc0e29ba..01185b04d7 100644 --- a/bin/check/named-checkzone.c +++ b/bin/check/named-checkzone.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named-checkzone.c,v 1.57 2009/11/10 21:30:42 each Exp $ */ +/* $Id: named-checkzone.c,v 1.58 2009/12/04 21:09:32 marka Exp $ */ /*! \file */ @@ -80,6 +80,7 @@ usage(void) { "[-f inputformat] [-F outputformat] " "[-t directory] [-w directory] [-k (ignore|warn|fail)] " "[-n (ignore|warn|fail)] [-m (ignore|warn|fail)] " + "[-r (ignore|warn|fail)] " "[-i (full|full-sibling|local|local-sibling|none)] " "[-M (ignore|warn|fail)] [-S (ignore|warn|fail)] " "[-W (ignore|warn)] " @@ -143,17 +144,19 @@ main(int argc, char **argv) { if (progmode == progmode_compile) { zone_options |= (DNS_ZONEOPT_CHECKNS | DNS_ZONEOPT_FATALNS | + DNS_ZONEOPT_CHECKDUPRR | DNS_ZONEOPT_CHECKNAMES | DNS_ZONEOPT_CHECKNAMESFAIL | DNS_ZONEOPT_CHECKWILDCARD); - } + } else + zone_options |= DNS_ZONEOPT_CHECKDUPRR; #define ARGCMP(X) (strcmp(isc_commandline_argument, X) == 0) isc_commandline_errprint = ISC_FALSE; while ((c = isc_commandline_parse(argc, argv, - "c:df:hi:jk:m:n:qs:t:o:vw:DF:M:S:W:")) + "c:df:hi:jk:m:n:qr:s:t:o:vw:DF:M:S:W:")) != EOF) { switch (c) { case 'c': @@ -265,16 +268,27 @@ main(int argc, char **argv) { } break; + case 'o': + output_filename = isc_commandline_argument; + break; + case 'q': quiet++; break; - case 't': - result = isc_dir_chroot(isc_commandline_argument); - if (result != ISC_R_SUCCESS) { - fprintf(stderr, "isc_dir_chroot: %s: %s\n", - isc_commandline_argument, - isc_result_totext(result)); + case 'r': + if (ARGCMP("warn")) { + zone_options |= DNS_ZONEOPT_CHECKDUPRR; + zone_options &= ~DNS_ZONEOPT_CHECKDUPRRFAIL; + } else if (ARGCMP("fail")) { + zone_options |= DNS_ZONEOPT_CHECKDUPRR | + DNS_ZONEOPT_CHECKDUPRRFAIL; + } else if (ARGCMP("ignore")) { + zone_options &= ~(DNS_ZONEOPT_CHECKDUPRR | + DNS_ZONEOPT_CHECKDUPRRFAIL); + } else { + fprintf(stderr, "invalid argument to -r: %s\n", + isc_commandline_argument); exit(1); } break; @@ -292,8 +306,14 @@ main(int argc, char **argv) { } break; - case 'o': - output_filename = isc_commandline_argument; + case 't': + result = isc_dir_chroot(isc_commandline_argument); + if (result != ISC_R_SUCCESS) { + fprintf(stderr, "isc_dir_chroot: %s: %s\n", + isc_commandline_argument, + isc_result_totext(result)); + exit(1); + } break; case 'v': diff --git a/bin/check/named-checkzone.docbook b/bin/check/named-checkzone.docbook index 0b1c999eb2..7216ad5952 100644 --- a/bin/check/named-checkzone.docbook +++ b/bin/check/named-checkzone.docbook @@ -18,7 +18,7 @@ - PERFORMANCE OF THIS SOFTWARE. --> - + June 13, 2000 @@ -69,6 +69,7 @@ + @@ -93,6 +94,7 @@ + @@ -319,6 +321,19 @@ + + -r mode + + + Check for records that are treated as different by DNSSEC but + are semantically equal in plain DNS. + Possible modes are "fail", + "warn" (default) and + "ignore". + + + + -s style diff --git a/bin/dnssec/dnssec-signzone.c b/bin/dnssec/dnssec-signzone.c index 2fb2dcc95a..cce2747d31 100644 --- a/bin/dnssec/dnssec-signzone.c +++ b/bin/dnssec/dnssec-signzone.c @@ -29,7 +29,7 @@ * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: dnssec-signzone.c,v 1.256 2009/11/25 03:17:11 each Exp $ */ +/* $Id: dnssec-signzone.c,v 1.257 2009/12/04 21:09:32 marka Exp $ */ /*! \file */ @@ -2348,6 +2348,97 @@ nsec3clean(dns_name_t *name, dns_dbnode_t *node, check_result(result, "dns_db_deleterdataset(RRSIG(NSEC3))"); } +static void +rrset_remove_duplicates(dns_name_t *name, dns_rdataset_t *rdataset, + dns_diff_t *diff) +{ + dns_difftuple_t *tuple = NULL; + isc_result_t result; + unsigned int count1 = 0; + dns_rdataset_t tmprdataset; + + dns_rdataset_init(&tmprdataset); + for (result = dns_rdataset_first(rdataset); + result == ISC_R_SUCCESS; + result = dns_rdataset_next(rdataset)) { + dns_rdata_t rdata1 = DNS_RDATA_INIT; + unsigned int count2 = 0; + + count1++; + dns_rdataset_current(rdataset, &rdata1); + dns_rdataset_clone(rdataset, &tmprdataset); + for (result = dns_rdataset_first(&tmprdataset); + result == ISC_R_SUCCESS; + result = dns_rdataset_next(&tmprdataset)) { + dns_rdata_t rdata2 = DNS_RDATA_INIT; + count2++; + if (count1 >= count2) + continue; + dns_rdataset_current(&tmprdataset, &rdata2); + if (dns_rdata_casecompare(&rdata1, &rdata2) == 0) { + result = dns_difftuple_create(mctx, + DNS_DIFFOP_DEL, + name, + rdataset->ttl, + &rdata2, &tuple); + check_result(result, "dns_difftuple_create"); + dns_diff_append(diff, &tuple); + } + } + dns_rdataset_disassociate(&tmprdataset); + } +} + +static void +remove_duplicates(void) { + isc_result_t result; + dns_dbiterator_t *dbiter = NULL; + dns_rdatasetiter_t *rdsiter = NULL; + dns_diff_t diff; + dns_dbnode_t *node = NULL; + dns_rdataset_t rdataset; + dns_fixedname_t fname; + dns_name_t *name; + + dns_diff_init(mctx, &diff); + dns_fixedname_init(&fname); + name = dns_fixedname_name(&fname); + dns_rdataset_init(&rdataset); + + result = dns_db_createiterator(gdb, 0, &dbiter); + check_result(result, "dns_db_createiterator()"); + + for (result = dns_dbiterator_first(dbiter); + result == ISC_R_SUCCESS; + result = dns_dbiterator_next(dbiter)) { + + result = dns_dbiterator_current(dbiter, &node, name); + check_dns_dbiterator_current(result); + result = dns_db_allrdatasets(gdb, node, gversion, 0, &rdsiter); + check_result(result, "dns_db_allrdatasets()"); + for (result = dns_rdatasetiter_first(rdsiter); + result == ISC_R_SUCCESS; + result = dns_rdatasetiter_next(rdsiter)) { + dns_rdatasetiter_current(rdsiter, &rdataset); + rrset_remove_duplicates(name, &rdataset, &diff); + dns_rdataset_disassociate(&rdataset); + } + if (result != ISC_R_NOMORE) + fatal("rdatasets iteration failed."); + dns_rdatasetiter_destroy(&rdsiter); + dns_db_detachnode(gdb, &node); + } + if (result != ISC_R_NOMORE) + fatal("zone iteration failed."); + + if (!ISC_LIST_EMPTY(diff.tuples)) { + result = dns_diff_applysilently(&diff, gdb, gversion); + check_result(result, "dns_diff_applysilently"); + } + dns_diff_clear(&diff); + dns_dbiterator_destroy(&dbiter); +} + /* * Generate NSEC3 records for the zone. */ @@ -3709,6 +3800,8 @@ main(int argc, char *argv[]) { break; } + remove_duplicates(); + if (IS_NSEC3) nsec3ify(dns_hash_sha1, nsec3iter, salt, salt_length, &hashlist); diff --git a/bin/named/config.c b/bin/named/config.c index 70b4a2fca3..70ee97234a 100644 --- a/bin/named/config.c +++ b/bin/named/config.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: config.c,v 1.105 2009/12/03 23:18:16 each Exp $ */ +/* $Id: config.c,v 1.106 2009/12/04 21:09:32 marka Exp $ */ /*! \file */ @@ -146,6 +146,7 @@ options {\n\ check-names master fail;\n\ check-names slave warn;\n\ check-names response ignore;\n\ + check-dup-records warn;\n\ check-mx warn;\n\ acache-enable no;\n\ acache-cleaning-interval 60;\n\ diff --git a/bin/named/update.c b/bin/named/update.c index 1208984591..8dfd121dab 100644 --- a/bin/named/update.c +++ b/bin/named/update.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: update.c,v 1.175 2009/12/04 20:32:07 each Exp $ */ +/* $Id: update.c,v 1.176 2009/12/04 21:09:32 marka Exp $ */ #include @@ -931,7 +931,7 @@ temp_check_rrset(dns_difftuple_t *a, dns_difftuple_t *b) { b->op == DNS_DIFFOP_EXISTS); INSIST(a->rdata.type == b->rdata.type); INSIST(dns_name_equal(&a->name, &b->name)); - if (dns_rdata_compare(&a->rdata, &b->rdata) != 0) + if (dns_rdata_casecompare(&a->rdata, &b->rdata) != 0) return (DNS_R_NXRRSET); a = ISC_LIST_NEXT(a, link); b = ISC_LIST_NEXT(b, link); @@ -959,7 +959,7 @@ temp_order(const void *av, const void *bv) { r = (b->rdata.type - a->rdata.type); if (r != 0) return (r); - r = dns_rdata_compare(&a->rdata, &b->rdata); + r = dns_rdata_casecompare(&a->rdata, &b->rdata); return (r); } @@ -1188,7 +1188,7 @@ rr_equal_p(dns_rdata_t *update_rr, dns_rdata_t *db_rr) { * dns_rdata_equal() (that used dns_name_equal()), since it * would be faster. Not a priority. */ - return (dns_rdata_compare(update_rr, db_rr) == 0 ? + return (dns_rdata_casecompare(update_rr, db_rr) == 0 ? ISC_TRUE : ISC_FALSE); } @@ -1335,7 +1335,7 @@ add_rr_prepare_action(void *data, rr_t *rr) { * If the update RR is a "duplicate" of the update RR, * the update should be silently ignored. */ - equal = ISC_TF(dns_rdata_compare(&rr->rdata, ctx->update_rr) == 0); + equal = ISC_TF(dns_rdata_casecompare(&rr->rdata, ctx->update_rr) == 0); if (equal && rr->ttl == ctx->update_rr_ttl) { ctx->ignore_add = ISC_TRUE; return (ISC_R_SUCCESS); @@ -2928,7 +2928,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, result = dns_rdataset_next(&rdataset)) { dns_rdata_t myrdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &myrdata); - if (!dns_rdata_compare(&myrdata, rdata)) + if (!dns_rdata_casecompare(&myrdata, rdata)) break; } dns_rdataset_disassociate(&rdataset); diff --git a/bin/named/zoneconf.c b/bin/named/zoneconf.c index fdd4e806ef..5fc316c97c 100644 --- a/bin/named/zoneconf.c +++ b/bin/named/zoneconf.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: zoneconf.c,v 1.160 2009/12/03 23:18:17 each Exp $ */ +/* $Id: zoneconf.c,v 1.161 2009/12/04 21:09:32 marka Exp $ */ /*% */ @@ -881,6 +881,21 @@ ns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig, check = ISC_FALSE; dns_zone_setoption(zone, DNS_ZONEOPT_CHECKWILDCARD, check); + obj = NULL; + result = ns_config_get(maps, "check-dup-records", &obj); + INSIST(obj != NULL); + if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) { + fail = ISC_FALSE; + check = ISC_TRUE; + } else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) { + fail = check = ISC_TRUE; + } else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) { + fail = check = ISC_FALSE; + } else + INSIST(0); + dns_zone_setoption(zone, DNS_ZONEOPT_CHECKDUPRR, check); + dns_zone_setoption(zone, DNS_ZONEOPT_CHECKDUPRRFAIL, fail); + obj = NULL; result = ns_config_get(maps, "check-mx", &obj); INSIST(obj != NULL); diff --git a/doc/arm/Bv9ARM-book.xml b/doc/arm/Bv9ARM-book.xml index ebf757b924..4462717a7e 100644 --- a/doc/arm/Bv9ARM-book.xml +++ b/doc/arm/Bv9ARM-book.xml @@ -18,7 +18,7 @@ - PERFORMANCE OF THIS SOFTWARE. --> - + BIND 9 Administrator Reference Manual @@ -4906,6 +4906,7 @@ badresp:1,adberr:0,findfail:0,valfail:0] ... }; check-names ( master | slave | response ) ( warn | fail | ignore ); + check-dup-records ( warn | fail | ignore ); check-mx ( warn | fail | ignore ); check-wildcard yes_or_no; check-integrity yes_or_no; @@ -6424,6 +6425,30 @@ options { + + check-dup-records + + + Check master zones for records that are treated as different + by DNSSEC but are semantically equal in plain DNS. The + default is to warn. Other possible + values are fail and + ignore. + + + + + + check-mx + + + Check whether the MX record appears to refer to a IP address. + The default is to warn. Other possible + values are fail and + ignore. + + + check-mx diff --git a/lib/bind9/check.c b/lib/bind9/check.c index 89f421298b..785f583171 100644 --- a/lib/bind9/check.c +++ b/lib/bind9/check.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: check.c,v 1.113 2009/12/03 23:18:17 each Exp $ */ +/* $Id: check.c,v 1.114 2009/12/04 21:09:33 marka Exp $ */ /*! \file */ @@ -1121,6 +1121,7 @@ check_zoneconf(const cfg_obj_t *zconfig, const cfg_obj_t *voptions, { "key-directory", MASTERZONE }, { "check-wildcard", MASTERZONE }, { "check-mx", MASTERZONE }, + { "check-dup-records", MASTERZONE }, { "integrity-check", MASTERZONE }, { "check-mx-cname", MASTERZONE }, { "check-srv-cname", MASTERZONE }, diff --git a/lib/dns/gen.c b/lib/dns/gen.c index ede8bc0962..5d6d9b9011 100644 --- a/lib/dns/gen.c +++ b/lib/dns/gen.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: gen.c,v 1.83 2008/09/25 04:02:38 tbox Exp $ */ +/* $Id: gen.c,v 1.84 2009/12/04 21:09:33 marka Exp $ */ /*! \file */ @@ -631,6 +631,8 @@ main(int argc, char **argv) { TOWIRETYPE, TOWIRECLASS, TOWIREDEF); doswitch("COMPARESWITCH", "compare", COMPAREARGS, COMPARETYPE, COMPARECLASS, COMPAREDEF); + doswitch("CASECOMPARESWITCH", "casecompare", COMPAREARGS, + COMPARETYPE, COMPARECLASS, COMPAREDEF); doswitch("FROMSTRUCTSWITCH", "fromstruct", FROMSTRUCTARGS, FROMSTRUCTTYPE, FROMSTRUCTCLASS, FROMSTRUCTDEF); doswitch("TOSTRUCTSWITCH", "tostruct", TOSTRUCTARGS, diff --git a/lib/dns/include/dns/rdata.h b/lib/dns/include/dns/rdata.h index 328ad5ea54..76bfedcdee 100644 --- a/lib/dns/include/dns/rdata.h +++ b/lib/dns/include/dns/rdata.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: rdata.h,v 1.76 2009/10/08 23:48:10 tbox Exp $ */ +/* $Id: rdata.h,v 1.77 2009/12/04 21:09:33 marka Exp $ */ #ifndef DNS_RDATA_H #define DNS_RDATA_H 1 @@ -220,6 +220,25 @@ dns_rdata_compare(const dns_rdata_t *rdata1, const dns_rdata_t *rdata2); *\li > 0 'rdata1' is greater than 'rdata2' */ +int +dns_rdata_casecompare(const dns_rdata_t *rdata1, const dns_rdata_t *rdata2); +/*%< + * dns_rdata_casecompare() is similar to dns_rdata_compare() but also + * compares domain names case insensitively in known rdata types that + * are treated as opaque data by dns_rdata_compare(). + * + * Requires: + * + *\li 'rdata1' is a valid, non-empty rdata + * + *\li 'rdata2' is a valid, non-empty rdata + * + * Returns: + *\li < 0 'rdata1' is less than 'rdata2' + *\li 0 'rdata1' is equal to 'rdata2' + *\li > 0 'rdata1' is greater than 'rdata2' + */ + /*** *** Conversions ***/ diff --git a/lib/dns/include/dns/zone.h b/lib/dns/include/dns/zone.h index 4ee5d32e06..6a440e5e2e 100644 --- a/lib/dns/include/dns/zone.h +++ b/lib/dns/include/dns/zone.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: zone.h,v 1.172 2009/12/04 03:33:15 marka Exp $ */ +/* $Id: zone.h,v 1.173 2009/12/04 21:09:33 marka Exp $ */ #ifndef DNS_ZONE_H #define DNS_ZONE_H 1 @@ -73,6 +73,8 @@ typedef enum { #define DNS_ZONEOPT_NSEC3TESTZONE 0x04000000U /*%< nsec3-test-zone */ #define DNS_ZONEOPT_SECURETOINSECURE 0x08000000U /*%< dnssec-secure-to-insecure */ #define DNS_ZONEOPT_DNSKEYKSKONLY 0x10000000U /*%< dnssec-dnskey-kskonly */ +#define DNS_ZONEOPT_CHECKDUPRR 0x20000000U /*%< check-dup-records */ +#define DNS_ZONEOPT_CHECKDUPRRFAIL 0x40000000U /*%< fatal check-dup-records failures */ #ifndef NOMINUM_PUBLIC /* diff --git a/lib/dns/rdata.c b/lib/dns/rdata.c index 325980021b..77c7f7bd24 100644 --- a/lib/dns/rdata.c +++ b/lib/dns/rdata.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: rdata.c,v 1.203 2009/10/08 23:13:07 marka Exp $ */ +/* $Id: rdata.c,v 1.204 2009/12/04 21:09:33 marka Exp $ */ /*! \file */ @@ -349,6 +349,37 @@ dns_rdata_compare(const dns_rdata_t *rdata1, const dns_rdata_t *rdata2) { return (result); } +int +dns_rdata_casecompare(const dns_rdata_t *rdata1, const dns_rdata_t *rdata2) { + int result = 0; + isc_boolean_t use_default = ISC_FALSE; + + REQUIRE(rdata1 != NULL); + REQUIRE(rdata2 != NULL); + REQUIRE(rdata1->data != NULL); + REQUIRE(rdata2->data != NULL); + REQUIRE(DNS_RDATA_VALIDFLAGS(rdata1)); + REQUIRE(DNS_RDATA_VALIDFLAGS(rdata2)); + + if (rdata1->rdclass != rdata2->rdclass) + return (rdata1->rdclass < rdata2->rdclass ? -1 : 1); + + if (rdata1->type != rdata2->type) + return (rdata1->type < rdata2->type ? -1 : 1); + + CASECOMPARESWITCH + + if (use_default) { + isc_region_t r1; + isc_region_t r2; + + dns_rdata_toregion(rdata1, &r1); + dns_rdata_toregion(rdata2, &r2); + result = isc_region_compare(&r1, &r2); + } + return (result); +} + /*** *** Conversions ***/ diff --git a/lib/dns/rdata/any_255/tsig_250.c b/lib/dns/rdata/any_255/tsig_250.c index 3121f78238..26be4b45b0 100644 --- a/lib/dns/rdata/any_255/tsig_250.c +++ b/lib/dns/rdata/any_255/tsig_250.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: tsig_250.c,v 1.63 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: tsig_250.c,v 1.64 2009/12/04 21:09:33 marka Exp $ */ /* Reviewed: Thu Mar 16 13:39:43 PST 2000 by gson */ @@ -594,4 +594,9 @@ checknames_any_tsig(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_any_tsig(ARGS_COMPARE) { + return (compare_any_tsig(rdata1, rdata2)); +} + #endif /* RDATA_ANY_255_TSIG_250_C */ diff --git a/lib/dns/rdata/ch_3/a_1.c b/lib/dns/rdata/ch_3/a_1.c index 78d4ecda7b..7af6a70a32 100644 --- a/lib/dns/rdata/ch_3/a_1.c +++ b/lib/dns/rdata/ch_3/a_1.c @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: a_1.c,v 1.6 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: a_1.c,v 1.7 2009/12/04 21:09:33 marka Exp $ */ /* by Bjorn.Victor@it.uu.se, 2005-05-07 */ /* Based on generic/soa_6.c and generic/mx_15.c */ @@ -313,4 +313,8 @@ checknames_ch_a(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_ch_a(ARGS_COMPARE) { + return (compare_ch_a(rdata1, rdata2)); +} #endif /* RDATA_CH_3_A_1_C */ diff --git a/lib/dns/rdata/generic/afsdb_18.c b/lib/dns/rdata/generic/afsdb_18.c index 2230efb149..898a09e490 100644 --- a/lib/dns/rdata/generic/afsdb_18.c +++ b/lib/dns/rdata/generic/afsdb_18.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: afsdb_18.c,v 1.47 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: afsdb_18.c,v 1.48 2009/12/04 21:09:33 marka Exp $ */ /* Reviewed: Wed Mar 15 14:59:00 PST 2000 by explorer */ @@ -306,4 +306,8 @@ checknames_afsdb(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_afsdb(ARGS_COMPARE) { + return (compare_afsdb(rdata1, rdata2)); +} #endif /* RDATA_GENERIC_AFSDB_18_C */ diff --git a/lib/dns/rdata/generic/cert_37.c b/lib/dns/rdata/generic/cert_37.c index 2c45230ae2..f84bc31201 100644 --- a/lib/dns/rdata/generic/cert_37.c +++ b/lib/dns/rdata/generic/cert_37.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: cert_37.c,v 1.50 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: cert_37.c,v 1.51 2009/12/04 21:09:33 marka Exp $ */ /* Reviewed: Wed Mar 15 21:14:32 EST 2000 by tale */ @@ -276,5 +276,9 @@ checknames_cert(ARGS_CHECKNAMES) { return (ISC_TRUE); } -#endif /* RDATA_GENERIC_CERT_37_C */ +static inline int +casecompare_cert(ARGS_COMPARE) { + return (compare_cert(rdata1, rdata2)); +} +#endif /* RDATA_GENERIC_CERT_37_C */ diff --git a/lib/dns/rdata/generic/cname_5.c b/lib/dns/rdata/generic/cname_5.c index 28c3d60277..6429985115 100644 --- a/lib/dns/rdata/generic/cname_5.c +++ b/lib/dns/rdata/generic/cname_5.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: cname_5.c,v 1.47 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: cname_5.c,v 1.48 2009/12/04 21:09:33 marka Exp $ */ /* reviewed: Wed Mar 15 16:48:45 PST 2000 by brister */ @@ -229,4 +229,9 @@ checknames_cname(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_cname(ARGS_COMPARE) { + return (compare_cname(rdata1, rdata2)); +} + #endif /* RDATA_GENERIC_CNAME_5_C */ diff --git a/lib/dns/rdata/generic/dlv_32769.c b/lib/dns/rdata/generic/dlv_32769.c index 957f038f87..d7516edb77 100644 --- a/lib/dns/rdata/generic/dlv_32769.c +++ b/lib/dns/rdata/generic/dlv_32769.c @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: dlv_32769.c,v 1.6 2007/06/18 23:47:43 tbox Exp $ */ +/* $Id: dlv_32769.c,v 1.7 2009/12/04 21:09:33 marka Exp $ */ /* draft-ietf-dnsext-delegation-signer-05.txt */ @@ -318,4 +318,9 @@ checknames_dlv(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_dlv(ARGS_COMPARE) { + return (compare_dlv(rdata1, rdata2)); +} + #endif /* RDATA_GENERIC_DLV_32769_C */ diff --git a/lib/dns/rdata/generic/dname_39.c b/lib/dns/rdata/generic/dname_39.c index c399f1e7e5..ad0d0b956f 100644 --- a/lib/dns/rdata/generic/dname_39.c +++ b/lib/dns/rdata/generic/dname_39.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: dname_39.c,v 1.38 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: dname_39.c,v 1.39 2009/12/04 21:09:33 marka Exp $ */ /* Reviewed: Wed Mar 15 16:52:38 PST 2000 by explorer */ @@ -230,4 +230,8 @@ checknames_dname(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_dname(ARGS_COMPARE) { + return (compare_dname(rdata1, rdata2)); +} #endif /* RDATA_GENERIC_DNAME_39_C */ diff --git a/lib/dns/rdata/generic/dnskey_48.c b/lib/dns/rdata/generic/dnskey_48.c index 2e11cbaed4..99b0e64094 100644 --- a/lib/dns/rdata/generic/dnskey_48.c +++ b/lib/dns/rdata/generic/dnskey_48.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: dnskey_48.c,v 1.8 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: dnskey_48.c,v 1.9 2009/12/04 21:09:33 marka Exp $ */ /* * Reviewed: Wed Mar 15 16:47:10 PST 2000 by halley. @@ -76,6 +76,7 @@ totext_dnskey(ARGS_TOTEXT) { char buf[sizeof("64000")]; unsigned int flags; unsigned char algorithm; + char namebuf[DNS_NAME_FORMATSIZE]; REQUIRE(rdata->type == 48); REQUIRE(rdata->length != 0); @@ -105,6 +106,15 @@ totext_dnskey(ARGS_TOTEXT) { if ((flags & 0xc000) == 0xc000) return (ISC_R_SUCCESS); + if ((tctx->flags & DNS_STYLEFLAG_COMMENT) != 0 && + algorithm == DNS_KEYALG_PRIVATEDNS) { + dns_name_t name; + dns_name_init(&name, NULL); + dns_name_fromregion(&name, &sr); + dns_name_format(&name, namebuf, sizeof(namebuf)); + } else + namebuf[0] = 0; + /* key */ if ((tctx->flags & DNS_STYLEFLAG_MULTILINE) != 0) RETERR(str_totext(" (", target)); @@ -127,12 +137,18 @@ totext_dnskey(ARGS_TOTEXT) { dns_rdata_toregion(rdata, &tmpr); sprintf(buf, "%u", dst_region_computeid(&tmpr, algorithm)); RETERR(str_totext(buf, target)); + if (algorithm == DNS_KEYALG_PRIVATEDNS) { + RETERR(str_totext(tctx->linebreak, target)); + RETERR(str_totext("; alg = ", target)); + RETERR(str_totext(namebuf, target)); + } } return (ISC_R_SUCCESS); } static inline isc_result_t fromwire_dnskey(ARGS_FROMWIRE) { + unsigned char algorithm; isc_region_t sr; REQUIRE(type == 48); @@ -146,6 +162,18 @@ fromwire_dnskey(ARGS_FROMWIRE) { if (sr.length < 4) return (ISC_R_UNEXPECTEDEND); + algorithm = sr.base[3]; + RETERR(mem_tobuffer(target, sr.base, 4)); + isc_region_consume(&sr, 4); + isc_buffer_forward(source, 4); + + if (algorithm == DNS_KEYALG_PRIVATEDNS) { + dns_name_t name; + dns_decompress_setmethods(dctx, DNS_COMPRESS_NONE); + dns_name_init(&name, NULL); + RETERR(dns_name_fromwire(&name, source, dctx, options, target)); + } + isc_buffer_activeregion(source, &sr); isc_buffer_forward(source, sr.length); return (mem_tobuffer(target, sr.base, sr.length)); } @@ -309,4 +337,13 @@ checknames_dnskey(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_dnskey(ARGS_COMPARE) { + + /* + * Treat ALG 253 (private DNS) subtype name case sensistively. + */ + return (compare_dnskey(rdata1, rdata2)); +} + #endif /* RDATA_GENERIC_DNSKEY_48_C */ diff --git a/lib/dns/rdata/generic/ds_43.c b/lib/dns/rdata/generic/ds_43.c index 08e5d5f739..12e74224aa 100644 --- a/lib/dns/rdata/generic/ds_43.c +++ b/lib/dns/rdata/generic/ds_43.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: ds_43.c,v 1.12 2007/06/18 23:47:43 tbox Exp $ */ +/* $Id: ds_43.c,v 1.13 2009/12/04 21:09:33 marka Exp $ */ /* draft-ietf-dnsext-delegation-signer-05.txt */ @@ -318,4 +318,9 @@ checknames_ds(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_ds(ARGS_COMPARE) { + return (compare_ds(rdata1, rdata2)); +} + #endif /* RDATA_GENERIC_DS_43_C */ diff --git a/lib/dns/rdata/generic/gpos_27.c b/lib/dns/rdata/generic/gpos_27.c index 18effb5a9c..4299a4b22e 100644 --- a/lib/dns/rdata/generic/gpos_27.c +++ b/lib/dns/rdata/generic/gpos_27.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: gpos_27.c,v 1.41 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: gpos_27.c,v 1.42 2009/12/04 21:09:33 marka Exp $ */ /* reviewed: Wed Mar 15 16:48:45 PST 2000 by brister */ @@ -249,4 +249,9 @@ checknames_gpos(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_gpos(ARGS_COMPARE) { + return (compare_gpos(rdata1, rdata2)); +} + #endif /* RDATA_GENERIC_GPOS_27_C */ diff --git a/lib/dns/rdata/generic/hinfo_13.c b/lib/dns/rdata/generic/hinfo_13.c index 5321357402..c33111d94c 100644 --- a/lib/dns/rdata/generic/hinfo_13.c +++ b/lib/dns/rdata/generic/hinfo_13.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: hinfo_13.c,v 1.44 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: hinfo_13.c,v 1.45 2009/12/04 21:09:33 marka Exp $ */ /* * Reviewed: Wed Mar 15 16:47:10 PST 2000 by halley. @@ -221,4 +221,8 @@ checknames_hinfo(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_hinfo(ARGS_COMPARE) { + return (compare_hinfo(rdata1, rdata2)); +} #endif /* RDATA_GENERIC_HINFO_13_C */ diff --git a/lib/dns/rdata/generic/hip_55.c b/lib/dns/rdata/generic/hip_55.c index 101066209f..9c9d743a74 100644 --- a/lib/dns/rdata/generic/hip_55.c +++ b/lib/dns/rdata/generic/hip_55.c @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: hip_55.c,v 1.4 2009/09/02 23:43:54 each Exp $ */ +/* $Id: hip_55.c,v 1.5 2009/12/04 21:09:33 marka Exp $ */ /* reviewed: TBC */ @@ -449,4 +449,62 @@ dns_rdata_hip_current(dns_rdata_hip_t *hip, dns_name_t *name) { INSIST(name->length + hip->offset <= hip->servers_len); } +static inline int +casecompare_hip(ARGS_COMPARE) { + isc_region_t r1; + isc_region_t r2; + dns_name_t name1; + dns_name_t name2; + int order; + isc_uint8_t hit_len; + isc_uint16_t key_len; + + REQUIRE(rdata1->type == rdata2->type); + REQUIRE(rdata1->rdclass == rdata2->rdclass); + REQUIRE(rdata1->type == 55); + REQUIRE(rdata1->length != 0); + REQUIRE(rdata2->length != 0); + + dns_rdata_toregion(rdata1, &r1); + dns_rdata_toregion(rdata2, &r2); + + INSIST(r1.length > 4); + INSIST(r2.length > 4); + r1.length = 4; + r2.length = 4; + order = isc_region_compare(&r1, &r2); + if (order != 0) + return (order); + + hit_len = uint8_fromregion(&r1); + isc_region_consume(&r1, 2); /* hit length + algorithm */ + key_len = uint16_fromregion(&r1); + + dns_rdata_toregion(rdata1, &r1); + dns_rdata_toregion(rdata2, &r2); + isc_region_consume(&r1, 4); + isc_region_consume(&r2, 4); + INSIST(r1.length >= (unsigned) (hit_len + key_len)); + INSIST(r2.length >= (unsigned) (hit_len + key_len)); + order = isc_region_compare(&r1, &r2); + if (order != 0) + return (order); + isc_region_consume(&r1, hit_len + key_len); + isc_region_consume(&r2, hit_len + key_len); + + dns_name_init(&name1, NULL); + dns_name_init(&name2, NULL); + while (r1.length != 0 && r2.length != 0) { + dns_name_fromregion(&name1, &r1); + dns_name_fromregion(&name2, &r2); + order = dns_name_rdatacompare(&name1, &name2); + if (order != 0) + return (order); + + isc_region_consume(&r1, name_length(&name1)); + isc_region_consume(&r2, name_length(&name2)); + } + return (isc_region_compare(&r1, &r2)); +} + #endif /* RDATA_GENERIC_HIP_5_C */ diff --git a/lib/dns/rdata/generic/ipseckey_45.c b/lib/dns/rdata/generic/ipseckey_45.c index 2cf13b2831..cfb427dcbf 100644 --- a/lib/dns/rdata/generic/ipseckey_45.c +++ b/lib/dns/rdata/generic/ipseckey_45.c @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: ipseckey_45.c,v 1.7 2009/09/18 21:55:21 jinmei Exp $ */ +/* $Id: ipseckey_45.c,v 1.8 2009/12/04 21:09:33 marka Exp $ */ #ifndef RDATA_GENERIC_IPSECKEY_45_C #define RDATA_GENERIC_IPSECKEY_45_C @@ -460,4 +460,43 @@ checknames_ipseckey(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_ipseckey(ARGS_COMPARE) { + isc_region_t region1; + isc_region_t region2; + dns_name_t name1; + dns_name_t name2; + int order; + + REQUIRE(rdata1->type == rdata2->type); + REQUIRE(rdata1->rdclass == rdata2->rdclass); + REQUIRE(rdata1->type == 45); + REQUIRE(rdata1->length >= 3); + REQUIRE(rdata2->length >= 3); + + dns_rdata_toregion(rdata1, ®ion1); + dns_rdata_toregion(rdata2, ®ion2); + + if (memcmp(region1.base, region2.base, 3) != 0 || region1.base[1] != 3) + return (isc_region_compare(®ion1, ®ion2)); + + dns_name_init(&name1, NULL); + dns_name_init(&name2, NULL); + + isc_region_consume(®ion1, 3); + isc_region_consume(®ion2, 3); + + dns_name_fromregion(&name1, ®ion1); + dns_name_fromregion(&name2, ®ion2); + + order = dns_name_rdatacompare(&name1, &name2); + if (order != 0) + return (order); + + isc_region_consume(®ion1, name_length(&name1)); + isc_region_consume(®ion2, name_length(&name2)); + + return (isc_region_compare(®ion1, ®ion2)); +} + #endif /* RDATA_GENERIC_IPSECKEY_45_C */ diff --git a/lib/dns/rdata/generic/isdn_20.c b/lib/dns/rdata/generic/isdn_20.c index d7333d14c4..d88355de1f 100644 --- a/lib/dns/rdata/generic/isdn_20.c +++ b/lib/dns/rdata/generic/isdn_20.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: isdn_20.c,v 1.38 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: isdn_20.c,v 1.39 2009/12/04 21:09:33 marka Exp $ */ /* Reviewed: Wed Mar 15 16:53:11 PST 2000 by bwelling */ @@ -231,4 +231,9 @@ checknames_isdn(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_isdn(ARGS_COMPARE) { + return (compare_isdn(rdata1, rdata2)); +} + #endif /* RDATA_GENERIC_ISDN_20_C */ diff --git a/lib/dns/rdata/generic/key_25.c b/lib/dns/rdata/generic/key_25.c index 9acfe95f6c..c2ecc56361 100644 --- a/lib/dns/rdata/generic/key_25.c +++ b/lib/dns/rdata/generic/key_25.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: key_25.c,v 1.51 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: key_25.c,v 1.52 2009/12/04 21:09:33 marka Exp $ */ /* * Reviewed: Wed Mar 15 16:47:10 PST 2000 by halley. @@ -76,6 +76,7 @@ totext_key(ARGS_TOTEXT) { char buf[sizeof("64000")]; unsigned int flags; unsigned char algorithm; + char namebuf[DNS_NAME_FORMATSIZE]; REQUIRE(rdata->type == 25); REQUIRE(rdata->length != 0); @@ -105,6 +106,15 @@ totext_key(ARGS_TOTEXT) { if ((flags & 0xc000) == 0xc000) return (ISC_R_SUCCESS); + if ((tctx->flags & DNS_STYLEFLAG_COMMENT) != 0 && + algorithm == DNS_KEYALG_PRIVATEDNS) { + dns_name_t name; + dns_name_init(&name, NULL); + dns_name_fromregion(&name, &sr); + dns_name_format(&name, namebuf, sizeof(namebuf)); + } else + namebuf[0] = 0; + /* key */ if ((tctx->flags & DNS_STYLEFLAG_MULTILINE) != 0) RETERR(str_totext(" (", target)); @@ -127,12 +137,18 @@ totext_key(ARGS_TOTEXT) { dns_rdata_toregion(rdata, &tmpr); sprintf(buf, "%u", dst_region_computeid(&tmpr, algorithm)); RETERR(str_totext(buf, target)); + if (algorithm == DNS_KEYALG_PRIVATEDNS) { + RETERR(str_totext(tctx->linebreak, target)); + RETERR(str_totext("; alg = ", target)); + RETERR(str_totext(namebuf, target)); + } } return (ISC_R_SUCCESS); } static inline isc_result_t fromwire_key(ARGS_FROMWIRE) { + unsigned char algorithm; isc_region_t sr; REQUIRE(type == 25); @@ -146,6 +162,18 @@ fromwire_key(ARGS_FROMWIRE) { if (sr.length < 4) return (ISC_R_UNEXPECTEDEND); + algorithm = sr.base[3]; + RETERR(mem_tobuffer(target, sr.base, 4)); + isc_region_consume(&sr, 4); + isc_buffer_forward(source, 4); + + if (algorithm == DNS_KEYALG_PRIVATEDNS) { + dns_name_t name; + dns_decompress_setmethods(dctx, DNS_COMPRESS_NONE); + dns_name_init(&name, NULL); + RETERR(dns_name_fromwire(&name, source, dctx, options, target)); + } + isc_buffer_activeregion(source, &sr); isc_buffer_forward(source, sr.length); return (mem_tobuffer(target, sr.base, sr.length)); } @@ -309,4 +337,9 @@ checknames_key(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_key(ARGS_COMPARE) { + return (compare_key(rdata1, rdata2)); +} + #endif /* RDATA_GENERIC_KEY_25_C */ diff --git a/lib/dns/rdata/generic/keydata_65533.c b/lib/dns/rdata/generic/keydata_65533.c index 0d374a058d..a243e9b176 100644 --- a/lib/dns/rdata/generic/keydata_65533.c +++ b/lib/dns/rdata/generic/keydata_65533.c @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: keydata_65533.c,v 1.2 2009/06/30 02:52:32 each Exp $ */ +/* $Id: keydata_65533.c,v 1.3 2009/12/04 21:09:33 marka Exp $ */ #ifndef GENERIC_KEYDATA_65533_C #define GENERIC_KEYDATA_65533_C 1 @@ -369,4 +369,9 @@ checknames_keydata(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_keydata(ARGS_COMPARE) { + return (compare_keydata(rdata1, rdata2)); +} + #endif /* GENERIC_KEYDATA_65533_C */ diff --git a/lib/dns/rdata/generic/loc_29.c b/lib/dns/rdata/generic/loc_29.c index f5b845762d..904dbb402a 100644 --- a/lib/dns/rdata/generic/loc_29.c +++ b/lib/dns/rdata/generic/loc_29.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: loc_29.c,v 1.49 2009/02/17 05:53:13 marka Exp $ */ +/* $Id: loc_29.c,v 1.50 2009/12/04 21:09:33 marka Exp $ */ /* Reviewed: Wed Mar 15 18:13:09 PST 2000 by explorer */ @@ -796,4 +796,9 @@ checknames_loc(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_loc(ARGS_COMPARE) { + return (compare_loc(rdata1, rdata2)); +} + #endif /* RDATA_GENERIC_LOC_29_C */ diff --git a/lib/dns/rdata/generic/mb_7.c b/lib/dns/rdata/generic/mb_7.c index fc3a7b604c..25b8b751b2 100644 --- a/lib/dns/rdata/generic/mb_7.c +++ b/lib/dns/rdata/generic/mb_7.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: mb_7.c,v 1.45 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: mb_7.c,v 1.46 2009/12/04 21:09:33 marka Exp $ */ /* Reviewed: Wed Mar 15 17:31:26 PST 2000 by bwelling */ @@ -231,4 +231,9 @@ checknames_mb(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_mb(ARGS_COMPARE) { + return (compare_mb(rdata1, rdata2)); +} + #endif /* RDATA_GENERIC_MB_7_C */ diff --git a/lib/dns/rdata/generic/md_3.c b/lib/dns/rdata/generic/md_3.c index 0f8560fcd2..3631b7863c 100644 --- a/lib/dns/rdata/generic/md_3.c +++ b/lib/dns/rdata/generic/md_3.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: md_3.c,v 1.47 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: md_3.c,v 1.48 2009/12/04 21:09:33 marka Exp $ */ /* Reviewed: Wed Mar 15 17:48:20 PST 2000 by bwelling */ @@ -233,4 +233,9 @@ checknames_md(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_md(ARGS_COMPARE) { + return (compare_md(rdata1, rdata2)); +} + #endif /* RDATA_GENERIC_MD_3_C */ diff --git a/lib/dns/rdata/generic/mf_4.c b/lib/dns/rdata/generic/mf_4.c index dffcec2cb8..02b6896b33 100644 --- a/lib/dns/rdata/generic/mf_4.c +++ b/lib/dns/rdata/generic/mf_4.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: mf_4.c,v 1.45 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: mf_4.c,v 1.46 2009/12/04 21:09:33 marka Exp $ */ /* reviewed: Wed Mar 15 17:47:33 PST 2000 by brister */ @@ -232,4 +232,9 @@ checknames_mf(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_mf(ARGS_COMPARE) { + return (compare_mf(rdata1, rdata2)); +} + #endif /* RDATA_GENERIC_MF_4_C */ diff --git a/lib/dns/rdata/generic/mg_8.c b/lib/dns/rdata/generic/mg_8.c index e4dca1ddb5..7a3752d0d8 100644 --- a/lib/dns/rdata/generic/mg_8.c +++ b/lib/dns/rdata/generic/mg_8.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: mg_8.c,v 1.43 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: mg_8.c,v 1.44 2009/12/04 21:09:33 marka Exp $ */ /* reviewed: Wed Mar 15 17:49:21 PST 2000 by brister */ @@ -227,4 +227,9 @@ checknames_mg(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_mg(ARGS_COMPARE) { + return (compare_mg(rdata1, rdata2)); +} + #endif /* RDATA_GENERIC_MG_8_C */ diff --git a/lib/dns/rdata/generic/minfo_14.c b/lib/dns/rdata/generic/minfo_14.c index 6645bbc0b0..9ed7457f4f 100644 --- a/lib/dns/rdata/generic/minfo_14.c +++ b/lib/dns/rdata/generic/minfo_14.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: minfo_14.c,v 1.45 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: minfo_14.c,v 1.46 2009/12/04 21:09:34 marka Exp $ */ /* reviewed: Wed Mar 15 17:45:32 PST 2000 by brister */ @@ -321,4 +321,9 @@ checknames_minfo(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_minfo(ARGS_COMPARE) { + return (compare_minfo(rdata1, rdata2)); +} + #endif /* RDATA_GENERIC_MINFO_14_C */ diff --git a/lib/dns/rdata/generic/mr_9.c b/lib/dns/rdata/generic/mr_9.c index 289d7395c0..1770a73cd9 100644 --- a/lib/dns/rdata/generic/mr_9.c +++ b/lib/dns/rdata/generic/mr_9.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: mr_9.c,v 1.42 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: mr_9.c,v 1.43 2009/12/04 21:09:34 marka Exp $ */ /* Reviewed: Wed Mar 15 21:30:35 EST 2000 by tale */ @@ -228,4 +228,9 @@ checknames_mr(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_mr(ARGS_COMPARE) { + return (compare_mr(rdata1, rdata2)); +} + #endif /* RDATA_GENERIC_MR_9_C */ diff --git a/lib/dns/rdata/generic/mx_15.c b/lib/dns/rdata/generic/mx_15.c index 086c043d82..8bbe5caf76 100644 --- a/lib/dns/rdata/generic/mx_15.c +++ b/lib/dns/rdata/generic/mx_15.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: mx_15.c,v 1.56 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: mx_15.c,v 1.57 2009/12/04 21:09:34 marka Exp $ */ /* reviewed: Wed Mar 15 18:05:46 PST 2000 by brister */ @@ -316,4 +316,9 @@ checknames_mx(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_mx(ARGS_COMPARE) { + return (compare_mx(rdata1, rdata2)); +} + #endif /* RDATA_GENERIC_MX_15_C */ diff --git a/lib/dns/rdata/generic/ns_2.c b/lib/dns/rdata/generic/ns_2.c index 9a2ee8c2f2..b0094921b4 100644 --- a/lib/dns/rdata/generic/ns_2.c +++ b/lib/dns/rdata/generic/ns_2.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: ns_2.c,v 1.46 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: ns_2.c,v 1.47 2009/12/04 21:09:34 marka Exp $ */ /* Reviewed: Wed Mar 15 18:15:00 PST 2000 by bwelling */ @@ -248,4 +248,9 @@ checknames_ns(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_ns(ARGS_COMPARE) { + return (compare_ns(rdata1, rdata2)); +} + #endif /* RDATA_GENERIC_NS_2_C */ diff --git a/lib/dns/rdata/generic/nsec3_50.c b/lib/dns/rdata/generic/nsec3_50.c index 271c74e51c..fedd78b451 100644 --- a/lib/dns/rdata/generic/nsec3_50.c +++ b/lib/dns/rdata/generic/nsec3_50.c @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: nsec3_50.c,v 1.6 2009/01/17 23:47:43 tbox Exp $ */ +/* $Id: nsec3_50.c,v 1.7 2009/12/04 21:09:34 marka Exp $ */ /* * Copyright (C) 2004 Nominet, Ltd. @@ -478,4 +478,9 @@ checknames_nsec3(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_nsec3(ARGS_COMPARE) { + return (compare_nsec3(rdata1, rdata2)); +} + #endif /* RDATA_GENERIC_NSEC3_50_C */ diff --git a/lib/dns/rdata/generic/nsec3param_51.c b/lib/dns/rdata/generic/nsec3param_51.c index 9186ccf011..379a46b535 100644 --- a/lib/dns/rdata/generic/nsec3param_51.c +++ b/lib/dns/rdata/generic/nsec3param_51.c @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: nsec3param_51.c,v 1.6 2009/01/17 23:47:43 tbox Exp $ */ +/* $Id: nsec3param_51.c,v 1.7 2009/12/04 21:09:34 marka Exp $ */ /* * Copyright (C) 2004 Nominet, Ltd. @@ -311,4 +311,9 @@ checknames_nsec3param(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_nsec3param(ARGS_COMPARE) { + return (compare_nsec3param(rdata1, rdata2)); +} + #endif /* RDATA_GENERIC_NSEC3PARAM_51_C */ diff --git a/lib/dns/rdata/generic/nsec_47.c b/lib/dns/rdata/generic/nsec_47.c index 7e443d9b76..6100eb92c7 100644 --- a/lib/dns/rdata/generic/nsec_47.c +++ b/lib/dns/rdata/generic/nsec_47.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: nsec_47.c,v 1.11 2008/07/15 23:47:21 tbox Exp $ */ +/* $Id: nsec_47.c,v 1.12 2009/12/04 21:09:34 marka Exp $ */ /* reviewed: Wed Mar 15 18:21:15 PST 2000 by brister */ @@ -363,4 +363,36 @@ checknames_nsec(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_nsec(ARGS_COMPARE) { + isc_region_t region1; + isc_region_t region2; + dns_name_t name1; + dns_name_t name2; + int order; + + REQUIRE(rdata1->type == rdata2->type); + REQUIRE(rdata1->rdclass == rdata2->rdclass); + REQUIRE(rdata1->type == 47); + REQUIRE(rdata1->length != 0); + REQUIRE(rdata2->length != 0); + + dns_name_init(&name1, NULL); + dns_name_init(&name2, NULL); + + dns_rdata_toregion(rdata1, ®ion1); + dns_rdata_toregion(rdata2, ®ion2); + + dns_name_fromregion(&name1, ®ion1); + dns_name_fromregion(&name2, ®ion2); + + order = dns_name_rdatacompare(&name1, &name2); + if (order != 0) + return (order); + + isc_region_consume(®ion1, name_length(&name1)); + isc_region_consume(®ion2, name_length(&name2)); + + return (isc_region_compare(®ion1, ®ion2)); +} #endif /* RDATA_GENERIC_NSEC_47_C */ diff --git a/lib/dns/rdata/generic/null_10.c b/lib/dns/rdata/generic/null_10.c index 00bb542962..1137c7aea1 100644 --- a/lib/dns/rdata/generic/null_10.c +++ b/lib/dns/rdata/generic/null_10.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: null_10.c,v 1.42 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: null_10.c,v 1.43 2009/12/04 21:09:34 marka Exp $ */ /* Reviewed: Thu Mar 16 13:57:50 PST 2000 by explorer */ @@ -189,4 +189,9 @@ checknames_null(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_null(ARGS_COMPARE) { + return (compare_null(rdata1, rdata2)); +} + #endif /* RDATA_GENERIC_NULL_10_C */ diff --git a/lib/dns/rdata/generic/nxt_30.c b/lib/dns/rdata/generic/nxt_30.c index 7ffb86c7d3..5037fc6f7d 100644 --- a/lib/dns/rdata/generic/nxt_30.c +++ b/lib/dns/rdata/generic/nxt_30.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: nxt_30.c,v 1.63 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: nxt_30.c,v 1.64 2009/12/04 21:09:34 marka Exp $ */ /* reviewed: Wed Mar 15 18:21:15 PST 2000 by brister */ @@ -326,4 +326,8 @@ checknames_nxt(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_nxt(ARGS_COMPARE) { + return (compare_nxt(rdata1, rdata2)); +} #endif /* RDATA_GENERIC_NXT_30_C */ diff --git a/lib/dns/rdata/generic/opt_41.c b/lib/dns/rdata/generic/opt_41.c index d2cfc2e763..2676eae434 100644 --- a/lib/dns/rdata/generic/opt_41.c +++ b/lib/dns/rdata/generic/opt_41.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: opt_41.c,v 1.33 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: opt_41.c,v 1.34 2009/12/04 21:09:34 marka Exp $ */ /* Reviewed: Thu Mar 16 14:06:44 PST 2000 by gson */ @@ -277,4 +277,9 @@ checknames_opt(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_opt(ARGS_COMPARE) { + return (compare_opt(rdata1, rdata2)); +} + #endif /* RDATA_GENERIC_OPT_41_C */ diff --git a/lib/dns/rdata/generic/proforma.c b/lib/dns/rdata/generic/proforma.c index 879b7613e8..f7bc7a4a64 100644 --- a/lib/dns/rdata/generic/proforma.c +++ b/lib/dns/rdata/generic/proforma.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: proforma.c,v 1.36 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: proforma.c,v 1.37 2009/12/04 21:09:34 marka Exp $ */ #ifndef RDATA_GENERIC_#_#_C #define RDATA_GENERIC_#_#_C @@ -170,4 +170,21 @@ checknames_#(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_#(ARGS_COMPARE) { + isc_region_t r1; + isc_region_t r2; + + REQUIRE(rdata1->type == rdata2->type); + REQUIRE(rdata1->rdclass == rdata2->rdclass); + REQUIRE(rdata1->type == #); + REQUIRE(rdata1->rdclass == #); + REQUIRE(rdata1->length != 0); /* XXX */ + REQUIRE(rdata2->length != 0); /* XXX */ + + dns_rdata_toregion(rdata1, &r1); + dns_rdata_toregion(rdata2, &r2); + return (isc_region_compare(&r1, &r2)); +} + #endif /* RDATA_GENERIC_#_#_C */ diff --git a/lib/dns/rdata/generic/ptr_12.c b/lib/dns/rdata/generic/ptr_12.c index fbabcbf673..35eafc475c 100644 --- a/lib/dns/rdata/generic/ptr_12.c +++ b/lib/dns/rdata/generic/ptr_12.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: ptr_12.c,v 1.43 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: ptr_12.c,v 1.44 2009/12/04 21:09:34 marka Exp $ */ /* Reviewed: Thu Mar 16 14:05:12 PST 2000 by explorer */ @@ -288,4 +288,8 @@ checknames_ptr(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_ptr(ARGS_COMPARE) { + return (compare_ptr(rdata1, rdata2)); +} #endif /* RDATA_GENERIC_PTR_12_C */ diff --git a/lib/dns/rdata/generic/rp_17.c b/lib/dns/rdata/generic/rp_17.c index 557cb044a4..a638236439 100644 --- a/lib/dns/rdata/generic/rp_17.c +++ b/lib/dns/rdata/generic/rp_17.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: rp_17.c,v 1.42 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: rp_17.c,v 1.43 2009/12/04 21:09:34 marka Exp $ */ /* RFC1183 */ @@ -311,4 +311,8 @@ checknames_rp(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_rp(ARGS_COMPARE) { + return (compare_rp(rdata1, rdata2)); +} #endif /* RDATA_GENERIC_RP_17_C */ diff --git a/lib/dns/rdata/generic/rrsig_46.c b/lib/dns/rdata/generic/rrsig_46.c index a9af4bd050..ba417089a3 100644 --- a/lib/dns/rdata/generic/rrsig_46.c +++ b/lib/dns/rdata/generic/rrsig_46.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: rrsig_46.c,v 1.10 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: rrsig_46.c,v 1.11 2009/12/04 21:09:34 marka Exp $ */ /* Reviewed: Fri Mar 17 09:05:02 PST 2000 by gson */ @@ -548,4 +548,47 @@ checknames_rrsig(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_rrsig(ARGS_COMPARE) { + isc_region_t r1; + isc_region_t r2; + dns_name_t name1; + dns_name_t name2; + int order; + + REQUIRE(rdata1->type == rdata2->type); + REQUIRE(rdata1->rdclass == rdata2->rdclass); + REQUIRE(rdata1->type == 46); + REQUIRE(rdata1->length != 0); + REQUIRE(rdata2->length != 0); + + dns_rdata_toregion(rdata1, &r1); + dns_rdata_toregion(rdata2, &r2); + + INSIST(r1.length > 18); + INSIST(r2.length > 18); + r1.length = 18; + r2.length = 18; + order = isc_region_compare(&r1, &r2); + if (order != 0) + return (order); + + dns_name_init(&name1, NULL); + dns_name_init(&name2, NULL); + dns_rdata_toregion(rdata1, &r1); + dns_rdata_toregion(rdata2, &r2); + isc_region_consume(&r1, 18); + isc_region_consume(&r2, 18); + dns_name_fromregion(&name1, &r1); + dns_name_fromregion(&name2, &r2); + order = dns_name_rdatacompare(&name1, &name2); + if (order != 0) + return (order); + + isc_region_consume(&r1, name_length(&name1)); + isc_region_consume(&r2, name_length(&name2)); + + return (isc_region_compare(&r1, &r2)); +} + #endif /* RDATA_GENERIC_RRSIG_46_C */ diff --git a/lib/dns/rdata/generic/rt_21.c b/lib/dns/rdata/generic/rt_21.c index 6444102dfc..ea02746271 100644 --- a/lib/dns/rdata/generic/rt_21.c +++ b/lib/dns/rdata/generic/rt_21.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: rt_21.c,v 1.46 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: rt_21.c,v 1.47 2009/12/04 21:09:34 marka Exp $ */ /* reviewed: Thu Mar 16 15:02:31 PST 2000 by brister */ @@ -308,4 +308,9 @@ checknames_rt(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_rt(ARGS_COMPARE) { + return (compare_rt(rdata1, rdata2)); +} + #endif /* RDATA_GENERIC_RT_21_C */ diff --git a/lib/dns/rdata/generic/sig_24.c b/lib/dns/rdata/generic/sig_24.c index e79e1e4f1d..4cbe86064f 100644 --- a/lib/dns/rdata/generic/sig_24.c +++ b/lib/dns/rdata/generic/sig_24.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: sig_24.c,v 1.66 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: sig_24.c,v 1.67 2009/12/04 21:09:34 marka Exp $ */ /* Reviewed: Fri Mar 17 09:05:02 PST 2000 by gson */ @@ -575,4 +575,8 @@ checknames_sig(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_sig(ARGS_COMPARE) { + return (compare_sig(rdata1, rdata2)); +} #endif /* RDATA_GENERIC_SIG_24_C */ diff --git a/lib/dns/rdata/generic/soa_6.c b/lib/dns/rdata/generic/soa_6.c index b573a54606..6b69bf5931 100644 --- a/lib/dns/rdata/generic/soa_6.c +++ b/lib/dns/rdata/generic/soa_6.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: soa_6.c,v 1.63 2009/02/16 23:48:04 tbox Exp $ */ +/* $Id: soa_6.c,v 1.64 2009/12/04 21:09:34 marka Exp $ */ /* Reviewed: Thu Mar 16 15:18:32 PST 2000 by explorer */ @@ -441,4 +441,9 @@ checknames_soa(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_soa(ARGS_COMPARE) { + return (compare_soa(rdata1, rdata2)); +} + #endif /* RDATA_GENERIC_SOA_6_C */ diff --git a/lib/dns/rdata/generic/spf_99.c b/lib/dns/rdata/generic/spf_99.c index 12e813e4ab..e21e113844 100644 --- a/lib/dns/rdata/generic/spf_99.c +++ b/lib/dns/rdata/generic/spf_99.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: spf_99.c,v 1.4 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: spf_99.c,v 1.5 2009/12/04 21:09:34 marka Exp $ */ /* Reviewed: Thu Mar 16 15:40:00 PST 2000 by bwelling */ @@ -235,4 +235,8 @@ checknames_spf(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_spf(ARGS_COMPARE) { + return (compare_spf(rdata1, rdata2)); +} #endif /* RDATA_GENERIC_SPF_99_C */ diff --git a/lib/dns/rdata/generic/sshfp_44.c b/lib/dns/rdata/generic/sshfp_44.c index 570a3b76aa..3714176f98 100644 --- a/lib/dns/rdata/generic/sshfp_44.c +++ b/lib/dns/rdata/generic/sshfp_44.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: sshfp_44.c,v 1.7 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: sshfp_44.c,v 1.8 2009/12/04 21:09:34 marka Exp $ */ /* RFC 4255 */ @@ -259,4 +259,9 @@ checknames_sshfp(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_sshfp(ARGS_COMPARE) { + return (compare_sshfp(rdata1, rdata2)); +} + #endif /* RDATA_GENERIC_SSHFP_44_C */ diff --git a/lib/dns/rdata/generic/tkey_249.c b/lib/dns/rdata/generic/tkey_249.c index 2412c85b8f..eeed44d396 100644 --- a/lib/dns/rdata/generic/tkey_249.c +++ b/lib/dns/rdata/generic/tkey_249.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: tkey_249.c,v 1.57 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: tkey_249.c,v 1.58 2009/12/04 21:09:34 marka Exp $ */ /* * Reviewed: Thu Mar 16 17:35:30 PST 2000 by halley. @@ -552,4 +552,8 @@ checknames_tkey(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline isc_result_t +casecompare_tkey(ARGS_COMPARE) { + return (compare_tkey(rdata1, rdata2)); +} #endif /* RDATA_GENERIC_TKEY_249_C */ diff --git a/lib/dns/rdata/generic/txt_16.c b/lib/dns/rdata/generic/txt_16.c index a158a597fc..cd902790ac 100644 --- a/lib/dns/rdata/generic/txt_16.c +++ b/lib/dns/rdata/generic/txt_16.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: txt_16.c,v 1.45 2008/02/15 23:46:51 tbox Exp $ */ +/* $Id: txt_16.c,v 1.46 2009/12/04 21:09:34 marka Exp $ */ /* Reviewed: Thu Mar 16 15:40:00 PST 2000 by bwelling */ @@ -235,4 +235,9 @@ checknames_txt(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline isc_result_t +casecompare_txt(ARGS_COMPARE) { + return (compare_txt(rdata1, rdata2)); +} + #endif /* RDATA_GENERIC_TXT_16_C */ diff --git a/lib/dns/rdata/generic/unspec_103.c b/lib/dns/rdata/generic/unspec_103.c index 384863e887..830194f7c2 100644 --- a/lib/dns/rdata/generic/unspec_103.c +++ b/lib/dns/rdata/generic/unspec_103.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: unspec_103.c,v 1.35 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: unspec_103.c,v 1.36 2009/12/04 21:09:34 marka Exp $ */ #ifndef RDATA_GENERIC_UNSPEC_103_C #define RDATA_GENERIC_UNSPEC_103_C @@ -186,4 +186,9 @@ checknames_unspec(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_unspec(ARGS_COMPARE) { + return (compare_unspec(rdata1, rdata2)); +} + #endif /* RDATA_GENERIC_UNSPEC_103_C */ diff --git a/lib/dns/rdata/generic/x25_19.c b/lib/dns/rdata/generic/x25_19.c index c496aafda2..655ac08368 100644 --- a/lib/dns/rdata/generic/x25_19.c +++ b/lib/dns/rdata/generic/x25_19.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: x25_19.c,v 1.39 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: x25_19.c,v 1.40 2009/12/04 21:09:34 marka Exp $ */ /* Reviewed: Thu Mar 16 16:15:57 PST 2000 by bwelling */ @@ -216,4 +216,9 @@ checknames_x25(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_x25(ARGS_COMPARE) { + return (compare_x25(rdata1, rdata2)); +} + #endif /* RDATA_GENERIC_X25_19_C */ diff --git a/lib/dns/rdata/hs_4/a_1.c b/lib/dns/rdata/hs_4/a_1.c index 487e8bc432..7375a21b6b 100644 --- a/lib/dns/rdata/hs_4/a_1.c +++ b/lib/dns/rdata/hs_4/a_1.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: a_1.c,v 1.31 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: a_1.c,v 1.32 2009/12/04 21:09:34 marka Exp $ */ /* reviewed: Thu Mar 16 15:58:36 PST 2000 by brister */ @@ -229,4 +229,9 @@ checknames_hs_a(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_hs_a(ARGS_COMPARE) { + return (compare_hs_a(rdata1, rdata2)); +} + #endif /* RDATA_HS_4_A_1_C */ diff --git a/lib/dns/rdata/in_1/a6_38.c b/lib/dns/rdata/in_1/a6_38.c index d4d42bb3a5..089ff9d18e 100644 --- a/lib/dns/rdata/in_1/a6_38.c +++ b/lib/dns/rdata/in_1/a6_38.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: a6_38.c,v 1.54 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: a6_38.c,v 1.55 2009/12/04 21:09:34 marka Exp $ */ /* RFC2874 */ @@ -458,4 +458,9 @@ checknames_in_a6(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_in_a6(ARGS_COMPARE) { + return (compare_in_a6(rdata1, rdata2)); +} + #endif /* RDATA_IN_1_A6_38_C */ diff --git a/lib/dns/rdata/in_1/a_1.c b/lib/dns/rdata/in_1/a_1.c index d7644bc897..87b48a9877 100644 --- a/lib/dns/rdata/in_1/a_1.c +++ b/lib/dns/rdata/in_1/a_1.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: a_1.c,v 1.53 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: a_1.c,v 1.54 2009/12/04 21:09:34 marka Exp $ */ /* Reviewed: Thu Mar 16 16:52:50 PST 2000 by bwelling */ @@ -233,4 +233,9 @@ checknames_in_a(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_in_a(ARGS_COMPARE) { + return (compare_in_a(rdata1, rdata2)); +} + #endif /* RDATA_IN_1_A_1_C */ diff --git a/lib/dns/rdata/in_1/aaaa_28.c b/lib/dns/rdata/in_1/aaaa_28.c index d0503a9447..65dae591a4 100644 --- a/lib/dns/rdata/in_1/aaaa_28.c +++ b/lib/dns/rdata/in_1/aaaa_28.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: aaaa_28.c,v 1.45 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: aaaa_28.c,v 1.46 2009/12/04 21:09:34 marka Exp $ */ /* Reviewed: Thu Mar 16 16:52:50 PST 2000 by bwelling */ @@ -230,4 +230,8 @@ checknames_in_aaaa(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_in_aaaa(ARGS_COMPARE) { + return (compare_in_aaaa(rdata1, rdata2)); +} #endif /* RDATA_IN_1_AAAA_28_C */ diff --git a/lib/dns/rdata/in_1/apl_42.c b/lib/dns/rdata/in_1/apl_42.c index 28ca68e5d2..a35c63faaf 100644 --- a/lib/dns/rdata/in_1/apl_42.c +++ b/lib/dns/rdata/in_1/apl_42.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: apl_42.c,v 1.14 2008/01/22 23:28:04 tbox Exp $ */ +/* $Id: apl_42.c,v 1.15 2009/12/04 21:09:34 marka Exp $ */ /* RFC3123 */ @@ -450,4 +450,9 @@ checknames_in_apl(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_in_apl(ARGS_COMPARE) { + return (compare_in_apl(rdata1, rdata2)); +} + #endif /* RDATA_IN_1_APL_42_C */ diff --git a/lib/dns/rdata/in_1/dhcid_49.c b/lib/dns/rdata/in_1/dhcid_49.c index 27c4e4e23e..e107d56cb1 100644 --- a/lib/dns/rdata/in_1/dhcid_49.c +++ b/lib/dns/rdata/in_1/dhcid_49.c @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: dhcid_49.c,v 1.5 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: dhcid_49.c,v 1.6 2009/12/04 21:09:34 marka Exp $ */ /* RFC 4701 */ @@ -226,4 +226,9 @@ checknames_in_dhcid(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_in_dhcid(ARGS_COMPARE) { + return (compare_in_dhcid(rdata1, rdata2)); +} + #endif /* RDATA_IN_1_DHCID_49_C */ diff --git a/lib/dns/rdata/in_1/kx_36.c b/lib/dns/rdata/in_1/kx_36.c index 9df2e5eeba..b22c558269 100644 --- a/lib/dns/rdata/in_1/kx_36.c +++ b/lib/dns/rdata/in_1/kx_36.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: kx_36.c,v 1.45 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: kx_36.c,v 1.46 2009/12/04 21:09:34 marka Exp $ */ /* Reviewed: Thu Mar 16 17:24:54 PST 2000 by explorer */ @@ -285,4 +285,9 @@ checknames_in_kx(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_in_kx(ARGS_COMPARE) { + return (compare_in_kx(rdata1, rdata2)); +} + #endif /* RDATA_IN_1_KX_36_C */ diff --git a/lib/dns/rdata/in_1/naptr_35.c b/lib/dns/rdata/in_1/naptr_35.c index a9e1e89974..ce7804b277 100644 --- a/lib/dns/rdata/in_1/naptr_35.c +++ b/lib/dns/rdata/in_1/naptr_35.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: naptr_35.c,v 1.55 2009/01/21 23:47:27 tbox Exp $ */ +/* $Id: naptr_35.c,v 1.56 2009/12/04 21:09:34 marka Exp $ */ /* Reviewed: Thu Mar 16 16:52:50 PST 2000 by bwelling */ @@ -702,4 +702,9 @@ checknames_in_naptr(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_in_naptr(ARGS_COMPARE) { + return (compare_in_naptr(rdata1, rdata2)); +} + #endif /* RDATA_IN_1_NAPTR_35_C */ diff --git a/lib/dns/rdata/in_1/nsap-ptr_23.c b/lib/dns/rdata/in_1/nsap-ptr_23.c index 2da7869599..07f92be446 100644 --- a/lib/dns/rdata/in_1/nsap-ptr_23.c +++ b/lib/dns/rdata/in_1/nsap-ptr_23.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: nsap-ptr_23.c,v 1.38 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: nsap-ptr_23.c,v 1.39 2009/12/04 21:09:34 marka Exp $ */ /* Reviewed: Fri Mar 17 10:16:02 PST 2000 by gson */ @@ -242,4 +242,9 @@ checknames_in_nsap_ptr(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_in_nsap_ptr(ARGS_COMPARE) { + return (compare_in_nsap_ptr(rdata1, rdata2)); +} + #endif /* RDATA_IN_1_NSAP_PTR_23_C */ diff --git a/lib/dns/rdata/in_1/nsap_22.c b/lib/dns/rdata/in_1/nsap_22.c index c25f560888..df29cc849a 100644 --- a/lib/dns/rdata/in_1/nsap_22.c +++ b/lib/dns/rdata/in_1/nsap_22.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: nsap_22.c,v 1.42 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: nsap_22.c,v 1.43 2009/12/04 21:09:34 marka Exp $ */ /* Reviewed: Fri Mar 17 10:41:07 PST 2000 by gson */ @@ -252,4 +252,9 @@ checknames_in_nsap(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_in_nsap(ARGS_COMPARE) { + return (compare_in_nsap(rdata1, rdata2)); +} + #endif /* RDATA_IN_1_NSAP_22_C */ diff --git a/lib/dns/rdata/in_1/px_26.c b/lib/dns/rdata/in_1/px_26.c index 1d17f2f0e6..95c57864a0 100644 --- a/lib/dns/rdata/in_1/px_26.c +++ b/lib/dns/rdata/in_1/px_26.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: px_26.c,v 1.43 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: px_26.c,v 1.44 2009/12/04 21:09:34 marka Exp $ */ /* Reviewed: Mon Mar 20 10:44:27 PST 2000 */ @@ -371,4 +371,9 @@ checknames_in_px(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_in_px(ARGS_COMPARE) { + return (compare_in_px(rdata1, rdata2)); +} + #endif /* RDATA_IN_1_PX_26_C */ diff --git a/lib/dns/rdata/in_1/srv_33.c b/lib/dns/rdata/in_1/srv_33.c index 7bc85cda2f..69ff67d021 100644 --- a/lib/dns/rdata/in_1/srv_33.c +++ b/lib/dns/rdata/in_1/srv_33.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: srv_33.c,v 1.45 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: srv_33.c,v 1.46 2009/12/04 21:09:34 marka Exp $ */ /* Reviewed: Fri Mar 17 13:01:00 PST 2000 by bwelling */ @@ -370,4 +370,9 @@ checknames_in_srv(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_in_srv(ARGS_COMPARE) { + return (compare_in_srv(rdata1, rdata2)); +} + #endif /* RDATA_IN_1_SRV_33_C */ diff --git a/lib/dns/rdata/in_1/wks_11.c b/lib/dns/rdata/in_1/wks_11.c index 19bad0af2b..2391429594 100644 --- a/lib/dns/rdata/in_1/wks_11.c +++ b/lib/dns/rdata/in_1/wks_11.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: wks_11.c,v 1.56 2009/02/16 23:48:04 tbox Exp $ */ +/* $Id: wks_11.c,v 1.57 2009/12/04 21:09:34 marka Exp $ */ /* Reviewed: Fri Mar 17 15:01:49 PST 2000 by explorer */ @@ -348,4 +348,9 @@ checknames_in_wks(ARGS_CHECKNAMES) { return (ISC_TRUE); } +static inline int +casecompare_in_wks(ARGS_COMPARE) { + return (compare_in_wks(rdata1, rdata2)); +} + #endif /* RDATA_IN_1_WKS_11_C */ diff --git a/lib/dns/zone.c b/lib/dns/zone.c index 83b1561337..8f3c76fde7 100644 --- a/lib/dns/zone.c +++ b/lib/dns/zone.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: zone.c,v 1.535 2009/12/04 03:33:15 marka Exp $ */ +/* $Id: zone.c,v 1.536 2009/12/04 21:09:33 marka Exp $ */ /*! \file */ @@ -2021,6 +2021,113 @@ zone_check_glue(dns_zone_t *zone, dns_db_t *db, dns_name_t *name, return (answer); } +static isc_boolean_t +zone_rrset_check_dup(dns_zone_t *zone, dns_name_t *owner, + dns_rdataset_t *rdataset) +{ + dns_rdataset_t tmprdataset; + isc_result_t result; + isc_boolean_t answer = ISC_TRUE; + isc_boolean_t format = ISC_TRUE; + int level = ISC_LOG_WARNING; + char ownerbuf[DNS_NAME_FORMATSIZE]; + char typebuf[DNS_RDATATYPE_FORMATSIZE]; + unsigned int count1 = 0; + + if (DNS_ZONE_OPTION(zone, DNS_ZONEOPT_CHECKDUPRRFAIL)) + level = ISC_LOG_ERROR; + + dns_rdataset_init(&tmprdataset); + for (result = dns_rdataset_first(rdataset); + result == ISC_R_SUCCESS; + result = dns_rdataset_next(rdataset)) { + dns_rdata_t rdata1 = DNS_RDATA_INIT; + unsigned int count2 = 0; + + count1++; + dns_rdataset_current(rdataset, &rdata1); + dns_rdataset_clone(rdataset, &tmprdataset); + for (result = dns_rdataset_first(&tmprdataset); + result == ISC_R_SUCCESS; + result = dns_rdataset_next(&tmprdataset)) { + dns_rdata_t rdata2 = DNS_RDATA_INIT; + count2++; + if (count1 >= count2) + continue; + dns_rdataset_current(&tmprdataset, &rdata2); + if (dns_rdata_casecompare(&rdata1, &rdata2) == 0) { + if (format) { + dns_name_format(owner, ownerbuf, + sizeof ownerbuf); + dns_rdatatype_format(rdata1.type, + typebuf, + sizeof(typebuf)); + format = ISC_FALSE; + } + dns_zone_log(zone, level, "%s/%s has " + "semantically identical records", + ownerbuf, typebuf); + if (level == ISC_LOG_ERROR) + answer = ISC_FALSE; + break; + } + } + dns_rdataset_disassociate(&tmprdataset); + if (!format) + break; + } + return (answer); +} + +static isc_boolean_t +zone_check_dup(dns_zone_t *zone, dns_db_t *db) { + dns_dbiterator_t *dbiterator = NULL; + dns_dbnode_t *node = NULL; + dns_fixedname_t fixed; + dns_name_t *name; + dns_rdataset_t rdataset; + dns_rdatasetiter_t *rdsit = NULL; + isc_boolean_t ok = ISC_TRUE; + isc_result_t result; + + dns_fixedname_init(&fixed); + name = dns_fixedname_name(&fixed); + dns_rdataset_init(&rdataset); + + result = dns_db_createiterator(db, 0, &dbiterator); + if (result != ISC_R_SUCCESS) + return (ISC_TRUE); + + for (result = dns_dbiterator_first(dbiterator); + result == ISC_R_SUCCESS; + result = dns_dbiterator_next(dbiterator)) { + result = dns_dbiterator_current(dbiterator, &node, name); + if (result != ISC_R_SUCCESS) + continue; + + result = dns_db_allrdatasets(db, node, NULL, 0, &rdsit); + if (result != ISC_R_SUCCESS) + continue; + + for (result = dns_rdatasetiter_first(rdsit); + result == ISC_R_SUCCESS; + result = dns_rdatasetiter_next(rdsit)) { + dns_rdatasetiter_current(rdsit, &rdataset); + if (!zone_rrset_check_dup(zone, name, &rdataset)) + ok = ISC_FALSE; + dns_rdataset_disassociate(&rdataset); + } + dns_rdatasetiter_destroy(&rdsit); + dns_db_detachnode(db, &node); + } + + if (node != NULL) + dns_db_detachnode(db, &node); + dns_dbiterator_destroy(&dbiterator); + + return (ok); +} + static isc_boolean_t integrity_checks(dns_zone_t *zone, dns_db_t *db) { dns_dbiterator_t *dbiterator = NULL; @@ -2088,6 +2195,7 @@ integrity_checks(dns_zone_t *zone, dns_db_t *db) { result = dns_rdataset_next(&rdataset); } dns_rdataset_disassociate(&rdataset); + goto next; checkmx: result = dns_db_findrdataset(db, node, NULL, dns_rdatatype_mx, @@ -3348,6 +3456,13 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, result = DNS_R_BADZONE; goto cleanup; } + + if (zone->type == dns_zone_master && + DNS_ZONE_OPTION(zone, DNS_ZONEOPT_CHECKDUPRR) && + !zone_check_dup(zone, db)) { + result = DNS_R_BADZONE; + goto cleanup; + } if (zone->db != NULL) { /* diff --git a/lib/isccfg/namedconf.c b/lib/isccfg/namedconf.c index 9bd8ff1eb0..47b906f77b 100644 --- a/lib/isccfg/namedconf.c +++ b/lib/isccfg/namedconf.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: namedconf.c,v 1.112 2009/12/03 23:18:17 each Exp $ */ +/* $Id: namedconf.c,v 1.113 2009/12/04 21:09:34 marka Exp $ */ /*! \file */ @@ -523,6 +523,7 @@ static cfg_tuplefielddef_t checknames_fields[] = { { "mode", &cfg_type_checkmode, 0 }, { NULL, NULL, 0 } }; + static cfg_type_t cfg_type_checknames = { "checknames", cfg_parse_tuple, cfg_print_tuple, cfg_doc_tuple, &cfg_rep_tuple, checknames_fields @@ -1119,6 +1120,7 @@ zone_clauses[] = { { "also-notify", &cfg_type_portiplist, 0 }, { "alt-transfer-source", &cfg_type_sockaddr4wild, 0 }, { "alt-transfer-source-v6", &cfg_type_sockaddr6wild, 0 }, + { "check-dup-records", &cfg_type_checkmode, 0 }, { "check-integrity", &cfg_type_boolean, 0 }, { "check-mx", &cfg_type_checkmode, 0 }, { "check-mx-cname", &cfg_type_checkmode, 0 },