upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-06-09 01:32:05 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

1763. [func] Perform sanity checks on NS records which refer to

Browse source 
'in zone' names. [RT #13002]
This commit is contained in:
Mark Andrews 2004-11-23 05:23:46 +00:00
parent e94754428d
commit 6c52944ef2
25 changed files with 354 additions and 67 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
CHANGES
View file

@ -23,7 +23,8 @@
if there was no SOA record in the replacment db.
[RT #13016]
1763. [placeholder] rt13002
1763. [func] Perform sanity checks on NS records which refer to
'in zone' names. [RT #13002]
1762. [bug] isc_interfaceiter_create() could return ISC_R_SUCCESS
even when it failed. [RT #12995]

7
bin/tests/system/conf.sh.in
View file

@ -15,7 +15,7 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# $Id: conf.sh.in,v 1.27 2004/03/05 04:59:12 marka Exp $
# $Id: conf.sh.in,v 1.28 2004/11/23 05:23:35 marka Exp $
#
# Common configuration data for system tests, to be sourced into
@ -37,16 +37,17 @@ RNDC=$TOP/bin/rndc/rndc
NSUPDATE=$TOP/bin/nsupdate/nsupdate
KEYGEN=$TOP/bin/dnssec/dnssec-keygen
SIGNER=$TOP/bin/dnssec/dnssec-signzone
CHECKZONE=$TOP/bin/check/named-checkzone
# The "stress" test is not run by default since it creates enough
# load on the machine to make it unusable to other users.
# v6synth
SUBDIRS="cacheclean checknames dnssec forward glue ixfr limits lwresd \
masterfile notify nsupdate resolver sortlist stub tkey \
unknown upforwd views xfer xferquota"
unknown upforwd views xfer xferquota zonechecks"
# PERL will be an empty string if no perl interpreter was found.
PERL=@PERL@
export NAMED LWRESD DIG NSUPDATE KEYGEN SIGNER KEYSIGNER KEYSETTOOL PERL \
SUBDIRS RNDC
SUBDIRS RNDC CHECKZONE

2
bin/tests/system/masterfile/knowngood.dig.out
View file

@ -19,6 +19,7 @@ c.ttl2. 2 IN TXT "inherited ttl 2"
d.ttl2. 3 IN TXT "default ttl 3"
e.ttl2. 2 IN TXT "explicit ttl 2"
f.ttl2. 3 IN TXT "default ttl 3"
ns.ttl2. 1 IN A 10.53.0.1
ttl2. 1 IN SOA ns.ttl2. hostmaster.ttl2. 1 3600 1800 1814400 3
ttl2. 1 IN SOA ns.ttl2. hostmaster.ttl2. 1 3600 1800 1814400 3
ttl2. 1 IN NS ns.ttl2.
@ -28,4 +29,5 @@ c.ttl2. 2 IN TXT "inherited ttl 2"
d.ttl2. 3 IN TXT "default ttl 3"
e.ttl2. 2 IN TXT "explicit ttl 2"
f.ttl2. 3 IN TXT "default ttl 3"
ns.ttl2. 1 IN A 10.53.0.1
ttl2. 1 IN SOA ns.ttl2. hostmaster.ttl2. 1 3600 1800 1814400 3

3
bin/tests/system/masterfile/ns1/ttl1.db
View file

@ -13,7 +13,7 @@
; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
; PERFORMANCE OF THIS SOFTWARE.
; $Id: ttl1.db,v 1.3 2004/03/05 05:01:35 marka Exp $
; $Id: ttl1.db,v 1.4 2004/11/23 05:23:38 marka Exp $
@ IN SOA ns hostmaster (
1 ; serial
@ -23,6 +23,7 @@
3
)
NS ns
ns A 10.53.0.1
a TXT "soa minttl 3"
b 2 TXT "explicit ttl 2"
c TXT "soa minttl 3"

3
bin/tests/system/masterfile/ns1/ttl2.db
View file

@ -13,7 +13,7 @@
; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
; PERFORMANCE OF THIS SOFTWARE.
; $Id: ttl2.db,v 1.3 2004/03/05 05:01:35 marka Exp $
; $Id: ttl2.db,v 1.4 2004/11/23 05:23:38 marka Exp $
@ 1 IN SOA ns hostmaster (
1 ; serial
@ -23,6 +23,7 @@
3
)
NS ns
ns A 10.53.0.1
a TXT "inherited ttl 1"
b 2 TXT "explicit ttl 2"
c TXT "inherited ttl 2"

9
bin/tests/system/nsupdate/knowngood.ns1.after
View file

@ -1,6 +1,6 @@
example.nil. 300 IN SOA ns1.example.nil. hostmaster.example.nil. 2 2000 2000 1814400 3600
example.nil. 300 IN NS ns1.example.nil.
example.nil. 300 IN NS ns2.example.nil.
example.nil. 300 IN NS ns3.example.nil.
*.example.nil. 300 IN MX 10 mail.example.nil.
a.example.nil. 300 IN TXT "foo foo foo"
a.example.nil. 300 IN PTR foo.net.
@ -21,12 +21,12 @@ dname02.example.nil. 3600 IN DNAME dname-target.example.nil.
dname03.example.nil. 3600 IN DNAME .
e.example.nil. 300 IN MX 10 mail.example.nil.
e.example.nil. 300 IN TXT "one"
e.example.nil. 300 IN TXT "three"
e.example.nil. 300 IN TXT "two"
e.example.nil. 300 IN TXT "three"
e.example.nil. 300 IN A 73.80.65.49
e.example.nil. 300 IN A 73.80.65.50
e.example.nil. 300 IN A 73.80.65.52
e.example.nil. 300 IN A 73.80.65.51
e.example.nil. 300 IN A 73.80.65.52
f.example.nil. 300 IN A 73.80.65.52
gpos01.example.nil. 3600 IN GPOS "-22.6882" "116.8652" "250.0"
gpos02.example.nil. 3600 IN GPOS "" "" ""
@ -55,8 +55,8 @@ naptr01.example.nil. 3600 IN NAPTR 0 0 "" "" "" .
naptr02.example.nil. 3600 IN NAPTR 65535 65535 "blurgh" "blorf" "blegh" foo.
ns1.example.nil. 300 IN A 10.53.0.1
ns2.example.nil. 300 IN A 10.53.0.2
nsap-ptr01.example.nil. 3600 IN NSAP-PTR foo.
nsap-ptr01.example.nil. 3600 IN NSAP-PTR .
nsap-ptr01.example.nil. 3600 IN NSAP-PTR foo.
nsap01.example.nil. 3600 IN NSAP 0x47000580005a0000000001e133ffffff00016100
nsap02.example.nil. 3600 IN NSAP 0x47000580005a0000000001e133ffffff00016100
nxt01.example.nil. 3600 IN NXT a.secure.example.nil. NS SOA MX SIG KEY LOC NXT
@ -97,4 +97,3 @@ wks02.example.nil. 3600 IN WKS 10.0.0.1 17 0 1 2 53
wks03.example.nil. 3600 IN WKS 10.0.0.2 6 65535
x2501.example.nil. 3600 IN X25 "123456789"
example.nil. 300 IN SOA ns1.example.nil. hostmaster.example.nil. 2 2000 2000 1814400 3600

2
bin/tests/system/nsupdate/knowngood.ns1.afterstop
View file

@ -1,3 +1,3 @@
updated4.example.nil. 600 IN A 10.10.10.3
example.nil. 300 IN NS ns1.example.nil.
example.nil. 300 IN NS ns2.example.nil.
example.nil. 300 IN NS ns3.example.nil.

9
bin/tests/system/nsupdate/knowngood.ns1.before
View file

@ -1,6 +1,6 @@
example.nil. 300 IN SOA ns1.example.nil. hostmaster.example.nil. 1 2000 2000 1814400 3600
example.nil. 300 IN NS ns1.example.nil.
example.nil. 300 IN NS ns2.example.nil.
example.nil. 300 IN NS ns3.example.nil.
*.example.nil. 300 IN MX 10 mail.example.nil.
a.example.nil. 300 IN TXT "foo foo foo"
a.example.nil. 300 IN PTR foo.net.
@ -21,12 +21,12 @@ dname02.example.nil. 3600 IN DNAME dname-target.example.nil.
dname03.example.nil. 3600 IN DNAME .
e.example.nil. 300 IN MX 10 mail.example.nil.
e.example.nil. 300 IN TXT "one"
e.example.nil. 300 IN TXT "three"
e.example.nil. 300 IN TXT "two"
e.example.nil. 300 IN TXT "three"
e.example.nil. 300 IN A 73.80.65.49
e.example.nil. 300 IN A 73.80.65.50
e.example.nil. 300 IN A 73.80.65.52
e.example.nil. 300 IN A 73.80.65.51
e.example.nil. 300 IN A 73.80.65.52
f.example.nil. 300 IN A 73.80.65.52
gpos01.example.nil. 3600 IN GPOS "-22.6882" "116.8652" "250.0"
gpos02.example.nil. 3600 IN GPOS "" "" ""
@ -55,8 +55,8 @@ naptr01.example.nil. 3600 IN NAPTR 0 0 "" "" "" .
naptr02.example.nil. 3600 IN NAPTR 65535 65535 "blurgh" "blorf" "blegh" foo.
ns1.example.nil. 300 IN A 10.53.0.1
ns2.example.nil. 300 IN A 10.53.0.2
nsap-ptr01.example.nil. 3600 IN NSAP-PTR foo.
nsap-ptr01.example.nil. 3600 IN NSAP-PTR .
nsap-ptr01.example.nil. 3600 IN NSAP-PTR foo.
nsap01.example.nil. 3600 IN NSAP 0x47000580005a0000000001e133ffffff00016100
nsap02.example.nil. 3600 IN NSAP 0x47000580005a0000000001e133ffffff00016100
nxt01.example.nil. 3600 IN NXT a.secure.example.nil. NS SOA MX SIG KEY LOC NXT
@ -96,4 +96,3 @@ wks02.example.nil. 3600 IN WKS 10.0.0.1 17 0 1 2 53
wks03.example.nil. 3600 IN WKS 10.0.0.2 6 65535
x2501.example.nil. 3600 IN X25 "123456789"
example.nil. 300 IN SOA ns1.example.nil. hostmaster.example.nil. 1 2000 2000 1814400 3600

6
bin/tests/system/nsupdate/ns1/example1.db
View file

@ -13,7 +13,7 @@
; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
; PERFORMANCE OF THIS SOFTWARE.
; $Id: example1.db,v 1.5 2004/03/05 05:01:58 marka Exp $
; $Id: example1.db,v 1.6 2004/11/23 05:23:39 marka Exp $
$ORIGIN .
$TTL 300 ; 5 minutes
@ -24,9 +24,9 @@ example.nil IN SOA ns1.example.nil. hostmaster.example.nil. (
1814400 ; expire (3 weeks)
3600 ; minimum (1 hour)
)
example.nil. NS ns2.example.nil.
example.nil. NS ns1.example.nil.
ns1.example.nil. A 10.53.0.1
example.nil. NS ns3.example.nil.
example.nil. NS ns2.example.nil.
ns2.example.nil. A 10.53.0.2
$ORIGIN example.nil.

6
bin/tests/system/sortlist/ns1/example.db
View file

@ -13,10 +13,10 @@
; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
; PERFORMANCE OF THIS SOFTWARE.
; $Id: example.db,v 1.4 2004/03/05 05:02:43 marka Exp $
; $Id: example.db,v 1.5 2004/11/23 05:23:40 marka Exp $
$TTL 300 ; 5 minutes
@ IN SOA ns2.example. hostmaster.example. (
@ IN SOA ns1.example. hostmaster.example. (
2000042795 ; serial
20 ; refresh (20 seconds)
20 ; retry (20 seconds)
@ -24,7 +24,7 @@ $TTL 300 ; 5 minutes
3600 ; minimum (1 hour)
)
example. NS ns1.example.
ns2.example. A 10.53.0.1
ns1.example. A 10.53.0.1
; Let's see what the sortlist picks out of this...
a A 1.1.1.1

4
bin/tests/system/views/ns2/example2.db
View file

@ -13,7 +13,7 @@
; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
; PERFORMANCE OF THIS SOFTWARE.
; $Id: example2.db,v 1.7 2004/03/05 05:03:48 marka Exp $
; $Id: example2.db,v 1.8 2004/11/23 05:23:41 marka Exp $
$ORIGIN .
$TTL 300 ; 5 minutes
@ -25,7 +25,7 @@ example IN SOA mname1. . (
3600 ; minimum (1 hour)
)
example. NS ns2.example.
ns0.example. A 10.53.0.4
ns2.example. A 10.53.0.4
$ORIGIN example.
a A 10.0.0.1

4
bin/tests/system/xferquota/ns1/changing1.db
View file

@ -13,11 +13,11 @@
; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
; PERFORMANCE OF THIS SOFTWARE.
; $Id: changing1.db,v 1.7 2004/03/05 05:04:05 marka Exp $
; $Id: changing1.db,v 1.8 2004/11/23 05:23:43 marka Exp $
$TTL 600
@ IN SOA dns.changing. postmaster.changing. (
@ IN SOA dns1.changing. postmaster.changing. (
1 ;; serial
3600 ;; refresh period
1800 ;; retry interval

4
bin/tests/system/xferquota/ns1/changing2.db
View file

@ -13,11 +13,11 @@
; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
; PERFORMANCE OF THIS SOFTWARE.
; $Id: changing2.db,v 1.7 2004/03/05 05:04:05 marka Exp $
; $Id: changing2.db,v 1.8 2004/11/23 05:23:44 marka Exp $
$TTL 600
@ IN SOA dns.changing. postmaster.changing. (
@ IN SOA dns1.changing. postmaster.changing. (
2 ;; serial
3600 ;; refresh period
1800 ;; retry interval

4
bin/tests/system/xferquota/ns2/named.conf
View file

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: named.conf,v 1.19 2004/03/05 05:04:08 marka Exp $ */
/* $Id: named.conf,v 1.20 2004/11/23 05:23:44 marka Exp $ */
controls { /* empty */ };
@ -28,7 +28,7 @@ options {
listen-on { 10.53.0.2; };
listen-on-v6 { none; };
recursion no;
notify yes;
notify no;
transfers-in 5;
transfers-per-ns 5;

6
bin/tests/system/xferquota/setup.pl
View file

@ -15,7 +15,7 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# $Id: setup.pl,v 1.11 2004/03/05 05:04:03 marka Exp $
# $Id: setup.pl,v 1.12 2004/11/23 05:23:42 marka Exp $
#
# Set up test data for zone transfer quota tests.
@ -32,9 +32,11 @@ for ($z = 0; $z < 300; $z++) {
my $fn = "ns1/$zn.db";
my $f = new FileHandle($fn, "w") or die "open: $fn: $!";
print $f "\$TTL 300
\@ IN SOA . . 1 300 120 3600 86400
\@ IN SOA ns1 . 1 300 120 3600 86400
NS ns1
NS ns2
ns1 A 10.53.0.1
ns2 A 10.53.0.2
MX 10 mail1.isp.example.
MX 20 mail2.isp.example.
www A 10.0.0.1

4
bin/tests/system/xferquota/tests.sh
View file

@ -15,7 +15,7 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# $Id: tests.sh,v 1.22 2004/03/10 01:06:06 marka Exp $
# $Id: tests.sh,v 1.23 2004/11/23 05:23:42 marka Exp $
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
@ -55,7 +55,7 @@ grep ";" dig.out.ns2
$PERL ../digcomp.pl dig.out.ns1 dig.out.ns2 || status=1
sleep 5
sleep 15
$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd \
a.changing. @10.53.0.1 a -p 5300 > dig.out.ns1 || status=1

4
bin/tests/system/zonechecks/a.db Normal file
View file

@ -0,0 +1,4 @@
; Copyright
@ 3600 IN SOA ns hostmaster 1 3600 1200 604800 3600
@ 3600 IN NS 127.0.0.1
127.0.0.1 3600 IN A 127.0.0.1

4
bin/tests/system/zonechecks/aaaa.db Normal file
View file

@ -0,0 +1,4 @@
; Copyright
@ 3600 IN SOA ns hostmaster 1 3600 1200 604800 3600
@ 3600 IN NS ::1
::1 3600 IN AAAA ::1

20
bin/tests/system/zonechecks/clean.sh Normal file
View file

@ -0,0 +1,20 @@
#!/bin/sh
#
# Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
# Copyright (C) 2001 Internet Software Consortium.
#
# Permission to use, copy, modify, and distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# $Id: clean.sh,v 1.2 2004/11/23 05:23:45 marka Exp $
rm -f *.out

4
bin/tests/system/zonechecks/cname.db Normal file
View file

@ -0,0 +1,4 @@
; Copyright
@ 3600 IN SOA ns hostmaster 1 3600 1200 604800 3600
@ 3600 IN NS ns
ns 3600 IN CNAME @

4
bin/tests/system/zonechecks/dname.db Normal file
View file

@ -0,0 +1,4 @@
; Copyright
@ 3600 IN SOA ns hostmaster 1 3600 1200 604800 3600
@ 3600 IN NS ns
@ 3600 IN DNAME .

4
bin/tests/system/zonechecks/noaddress.db Normal file
View file

@ -0,0 +1,4 @@
; Copyright
@ 3600 IN SOA ns hostmaster 1 3600 1200 604800 3600
@ 3600 IN NS ns
ns 3600 IN TXT this name has no address records

4
bin/tests/system/zonechecks/nxdomain.db Normal file
View file

@ -0,0 +1,4 @@
; Copyright
@ 3600 IN SOA ns hostmaster 1 3600 1200 604800 3600
@ 3600 IN NS ns
; There are no records at all with the ownername of "ns".

164
bin/tests/system/zonechecks/tests.sh Normal file
View file

@ -0,0 +1,164 @@
#!/bin/sh
#
# Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
#
# Permission to use, copy, modify, and distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# $Id: tests.sh,v 1.2 2004/11/23 05:23:46 marka Exp $
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
status=0
#
echo "I: checking that we detect a NS which refers to a CNAME"
if $CHECKZONE . cname.db > cname.out 2>&1
then
echo "I:failed (status)"; status=1
else
if grep "is a CNAME" cname.out > /dev/null
then
:
else
echo "I:failed (message)"; status=1
fi
fi
#
echo "I: checking that we detect a NS which is below a DNAME"
if $CHECKZONE . dname.db > dname.out 2>&1
then
echo "I:failed (status)"; status=1
else
if grep "is below a DNAME" dname.out > /dev/null
then
:
else
echo "I:failed (message)"; status=1
fi
fi
#
echo "I: checking that we detect a NS which has no address records (A/AAAA)"
if $CHECKZONE . noaddress.db > noaddress.out
then
echo "I:failed (status)"; status=1
else
if grep "has no address records" noaddress.out > /dev/null
then
:
else
echo "I:failed (message)"; status=1
fi
fi
#
echo "I: checking that we detect a NS which has no records"
if $CHECKZONE . nxdomain.db > nxdomain.out
then
echo "I:failed (status)"; status=1
else
if grep "has no address records" noaddress.out > /dev/null
then
:
else
echo "I:failed (message)"; status=1
fi
fi
#
echo "I: checking that we detect a NS which looks like a A record (fail)"
if $CHECKZONE -n fail . a.db > a.out 2>&1
then
echo "I:failed (status)"; status=1
else
if grep "appears to be an address" a.out > /dev/null
then
:
else
echo "I:failed (message)"; status=1
fi
fi
#
echo "I: checking that we detect a NS which looks like a A record (warn=default)"
if $CHECKZONE . a.db > a.out 2>&1
then
if grep "appears to be an address" a.out > /dev/null
then
:
else
echo "I:failed (message)"; status=1
fi
else
echo "I:failed (status)"; status=1
fi
#
echo "I: checking that we detect a NS which looks like a A record (ignore)"
if $CHECKZONE -n ignore . a.db > a.out 2>&1
then
if grep "appears to be an address" a.out > /dev/null
then
echo "I:failed (message)"; status=1
else
:
fi
else
echo "I:failed (status)"; status=1
fi
#
echo "I: checking that we detect a NS which looks like a AAAA record (fail)"
if $CHECKZONE -n fail . aaaa.db > aaaa.out 2>&1
then
echo "I:failed (status)"; status=1
else
if grep "appears to be an address" aaaa.out > /dev/null
then
:
else
echo "I:failed (message)"; status=1
fi
fi
#
echo "I: checking that we detect a NS which looks like a AAAA record (warn=default)"
if $CHECKZONE . aaaa.db > aaaa.out 2>&1
then
if grep "appears to be an address" aaaa.out > /dev/null
then
:
else
echo "I:failed (message)"; status=1
fi
else
echo "I:failed (status)"; status=1
fi
#
echo "I: checking that we detect a NS which looks like a AAAA record (ignore)"
if $CHECKZONE -n ignore . aaaa.db > aaaa.out 2>&1
then
if grep "appears to be an address" aaaa.out > /dev/null
then
echo "I:failed (message)"; status=1
else
:
fi
else
echo "I:failed (status)"; status=1
fi
echo "I:exit status: $status"
exit $?

137
lib/dns/zone.c
View file

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: zone.c,v 1.424 2004/11/22 23:52:25 marka Exp $ */
/* $Id: zone.c,v 1.425 2004/11/23 05:23:46 marka Exp $ */
#include <config.h>
@ -428,10 +428,11 @@ static void zonemgr_putio(dns_io_t **iop);
static void zonemgr_cancelio(dns_io_t *io);
static isc_result_t
zone_get_from_db(dns_db_t *db, dns_name_t *origin, unsigned int *nscount,
zone_get_from_db(dns_zone_t *zone, dns_db_t *db, unsigned int *nscount,
unsigned int *soacount, isc_uint32_t *serial,
isc_uint32_t *refresh, isc_uint32_t *retry,
isc_uint32_t *expire, isc_uint32_t *minimum);
isc_uint32_t *expire, isc_uint32_t *minimum,
unsigned int *cnames);
static void zone_freedbargs(dns_zone_t *zone);
static void forward_callback(isc_task_t *task, isc_event_t *event);
@ -1247,6 +1248,7 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime,
{
unsigned int soacount = 0;
unsigned int nscount = 0;
unsigned int cnames = 0;
isc_uint32_t serial, refresh, retry, expire, minimum;
isc_time_t now;
isc_boolean_t needdump = ISC_FALSE;
@ -1321,14 +1323,12 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime,
}
/*
* Obtain ns and soa counts for top of zone.
* Obtain ns, soa and cname counts for top of zone.
*/
nscount = 0;
soacount = 0;
INSIST(db != NULL);
result = zone_get_from_db(db, &zone->origin, &nscount,
&soacount, &serial, &refresh, &retry,
&expire, &minimum);
result = zone_get_from_db(zone, db, &nscount, &soacount, &serial,
&refresh, &retry, &expire, &minimum,
&cnames);
if (result != ISC_R_SUCCESS) {
dns_zone_log(zone, ISC_LOG_ERROR,
"could not find NS and/or SOA records");
@ -1355,6 +1355,10 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime,
}
if (result != ISC_R_SUCCESS)
goto cleanup;
if (zone->type == dns_zone_master && cnames != 0) {
result = DNS_R_BADZONE;
goto cleanup;
}
if (zone->db != NULL) {
if (!isc_serial_ge(serial, zone->serial)) {
dns_zone_log(zone, ISC_LOG_ERROR,
@ -1402,7 +1406,6 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime,
goto cleanup;
}
#if 0
/* destroy notification example. */
{
@ -1471,36 +1474,104 @@ exit_check(dns_zone_t *zone) {
return (ISC_FALSE);
}
static isc_boolean_t
zone_check_ns(dns_zone_t *zone, dns_db_t *db, dns_name_t *name) {
isc_result_t result;
char namebuf[DNS_NAME_FORMATSIZE];
char altbuf[DNS_NAME_FORMATSIZE];
dns_fixedname_t fixed;
dns_name_t *foundname;
int level;
if (zone->type == dns_zone_master)
level = ISC_LOG_ERROR;
else
level = ISC_LOG_WARNING;
dns_fixedname_init(&fixed);
foundname = dns_fixedname_name(&fixed);
result = dns_db_find(db, name, NULL, dns_rdatatype_a,
0, 0, NULL, foundname, NULL, NULL);
if (result == ISC_R_SUCCESS)
return (ISC_TRUE);
if (result == DNS_R_NXRRSET) {
result = dns_db_find(db, name, NULL, dns_rdatatype_aaaa,
0, 0, NULL, foundname, NULL, NULL);
if (result == ISC_R_SUCCESS)
return (ISC_TRUE);
}
dns_name_format(name, namebuf, sizeof namebuf);
if (result == DNS_R_NXRRSET || result == DNS_R_NXDOMAIN) {
dns_zone_log(zone, level,
"NS '%s' has no address records (A or AAAA)",
namebuf);
return (ISC_FALSE);
}
if (result == DNS_R_CNAME) {
dns_zone_log(zone, level, "NS '%s' is a CNAME (illegal)",
namebuf);
return (ISC_FALSE);
}
if (result == DNS_R_DNAME) {
dns_name_format(foundname, altbuf, sizeof altbuf);
dns_zone_log(zone, level,
"NS '%s' is below a DNAME '%s' (illegal)",
namebuf, altbuf);
return (ISC_FALSE);
}
return (ISC_TRUE);
}
static isc_result_t
zone_count_ns_rr(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version,
unsigned int *nscount)
zone_count_ns_rr(dns_zone_t *zone, dns_db_t *db, dns_dbnode_t *node,
dns_dbversion_t *version, unsigned int *nscount,
unsigned int *cnames)
{
isc_result_t result;
unsigned int count;
unsigned int count = 0;
unsigned int ccount = 0;
dns_rdataset_t rdataset;
REQUIRE(nscount != NULL);
dns_rdata_t rdata;
dns_rdata_ns_t ns;
dns_rdataset_init(&rdataset);
result = dns_db_findrdataset(db, node, version, dns_rdatatype_ns,
dns_rdatatype_none, 0, &rdataset, NULL);
if (result == ISC_R_NOTFOUND) {
*nscount = 0;
result = ISC_R_SUCCESS;
goto invalidate_rdataset;
}
if (result == ISC_R_NOTFOUND)
goto success;
if (result != ISC_R_SUCCESS)
goto invalidate_rdataset;
count = 0;
result = dns_rdataset_first(&rdataset);
while (result == ISC_R_SUCCESS) {
if (cnames != NULL && zone->rdclass == dns_rdataclass_in &&
(zone->type == dns_zone_master ||
zone->type == dns_zone_slave)) {
dns_rdata_init(&rdata);
dns_rdataset_current(&rdataset, &rdata);
result = dns_rdata_tostruct(&rdata, &ns, NULL);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
if (dns_name_issubdomain(&ns.name, &zone->origin) &&
!zone_check_ns(zone, db, &ns.name))
ccount++;
}
count++;
result = dns_rdataset_next(&rdataset);
}
dns_rdataset_disassociate(&rdataset);
*nscount = count;
success:
if (nscount != NULL)
*nscount = count;
if (cnames != NULL)
*cnames = ccount;
result = ISC_R_SUCCESS;
invalidate_rdataset:
@ -1588,10 +1659,11 @@ zone_load_soa_rr(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version,
* zone must be locked.
*/
static isc_result_t
zone_get_from_db(dns_db_t *db, dns_name_t *origin, unsigned int *nscount,
zone_get_from_db(dns_zone_t *zone, dns_db_t *db, unsigned int *nscount,
unsigned int *soacount, isc_uint32_t *serial,
isc_uint32_t *refresh, isc_uint32_t *retry,
isc_uint32_t *expire, isc_uint32_t *minimum)
isc_uint32_t *expire, isc_uint32_t *minimum,
unsigned int *cnames)
{
dns_dbversion_t *version;
isc_result_t result;
@ -1599,20 +1671,21 @@ zone_get_from_db(dns_db_t *db, dns_name_t *origin, unsigned int *nscount,
dns_dbnode_t *node;
REQUIRE(db != NULL);
REQUIRE(origin != NULL);
REQUIRE(zone != NULL);
version = NULL;
dns_db_currentversion(db, &version);
node = NULL;
result = dns_db_findnode(db, origin, ISC_FALSE, &node);
result = dns_db_findnode(db, &zone->origin, ISC_FALSE, &node);
if (result != ISC_R_SUCCESS) {
answer = result;
goto closeversion;
}
if (nscount != NULL) {
result = zone_count_ns_rr(db, node, version, nscount);
if (nscount != NULL || cnames != NULL) {
result = zone_count_ns_rr(zone, db, node, version,
nscount, cnames);
if (result != ISC_R_SUCCESS)
answer = result;
}
@ -5243,8 +5316,8 @@ zone_replacedb(dns_zone_t *zone, dns_db_t *db, isc_boolean_t dump) {
REQUIRE(DNS_ZONE_VALID(zone));
REQUIRE(LOCKED_ZONE(zone));
result = zone_get_from_db(db, &zone->origin, &nscount, &soacount,
NULL, NULL, NULL, NULL, NULL);
result = zone_get_from_db(zone, db, &nscount, &soacount,
NULL, NULL, NULL, NULL, NULL, NULL);
if (result == ISC_R_SUCCESS) {
if (soacount != 1) {
dns_zone_log(zone, ISC_LOG_ERROR,
@ -5404,9 +5477,9 @@ zone_xfrdone(dns_zone_t *zone, isc_result_t result) {
nscount = 0;
soacount = 0;
INSIST(zone->db != NULL);
result = zone_get_from_db(zone->db, &zone->origin, &nscount,
result = zone_get_from_db(zone, zone->db, &nscount,
&soacount, &serial, &refresh,
&retry, &expire, &minimum);
&retry, &expire, &minimum, NULL);
if (result == ISC_R_SUCCESS) {
if (soacount != 1)
dns_zone_log(zone, ISC_LOG_ERROR,