From a78ebc03020db7be555a6d95323604c1fedec4bb Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Thu, 5 May 2016 21:59:09 +1000 Subject: [PATCH] 4359. [bug] Inherited 'also-notify' lists were not being checked by named-checkconf. [RT #42174] (cherry picked from commit 594d15df254304ef6705a9fc028bcd34328bce42) --- CHANGES | 3 +++ bin/tests/system/checkconf/bad-options-also-notify.conf | 8 ++++++++ bin/tests/system/checkconf/bad-view-also-notify.conf | 7 +++++++ bin/tests/system/checkconf/good-options-also-notify.conf | 9 +++++++++ bin/tests/system/checkconf/good-view-also-notify.conf | 8 ++++++++ lib/bind9/check.c | 7 ++++++- 6 files changed, 41 insertions(+), 1 deletion(-) create mode 100644 bin/tests/system/checkconf/bad-options-also-notify.conf create mode 100644 bin/tests/system/checkconf/bad-view-also-notify.conf create mode 100644 bin/tests/system/checkconf/good-options-also-notify.conf create mode 100644 bin/tests/system/checkconf/good-view-also-notify.conf diff --git a/CHANGES b/CHANGES index 3052d92815..142c85408c 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,6 @@ +4359. [bug] Inherited 'also-notify' lists were not being checked + by named-checkconf. [RT #42174] + 4354. [bug] Check that the received HMAC length matches the expected length prior to check the contents on the control channel. This prevents a OOB read error. diff --git a/bin/tests/system/checkconf/bad-options-also-notify.conf b/bin/tests/system/checkconf/bad-options-also-notify.conf new file mode 100644 index 0000000000..936b6835c0 --- /dev/null +++ b/bin/tests/system/checkconf/bad-options-also-notify.conf @@ -0,0 +1,8 @@ +options { + also-notify { missing; }; +}; + +zone "example.net" { + type slave; + masters { 192.168.1.1; }; +}; diff --git a/bin/tests/system/checkconf/bad-view-also-notify.conf b/bin/tests/system/checkconf/bad-view-also-notify.conf new file mode 100644 index 0000000000..8e12d217c1 --- /dev/null +++ b/bin/tests/system/checkconf/bad-view-also-notify.conf @@ -0,0 +1,7 @@ +view example { + also-notify { missing; }; + zone "example.net" { + type slave; + masters { 192.168.1.1; }; + }; +}; diff --git a/bin/tests/system/checkconf/good-options-also-notify.conf b/bin/tests/system/checkconf/good-options-also-notify.conf new file mode 100644 index 0000000000..f676fb7970 --- /dev/null +++ b/bin/tests/system/checkconf/good-options-also-notify.conf @@ -0,0 +1,9 @@ +options { + also-notify { missing; }; +}; + +zone "example.net" { + type slave; + notify no; + masters { 192.168.1.1; }; +}; diff --git a/bin/tests/system/checkconf/good-view-also-notify.conf b/bin/tests/system/checkconf/good-view-also-notify.conf new file mode 100644 index 0000000000..4692096412 --- /dev/null +++ b/bin/tests/system/checkconf/good-view-also-notify.conf @@ -0,0 +1,8 @@ +view example { + also-notify { missing; }; + zone "example.net" { + type slave; + notify no; + masters { 192.168.1.1; }; + }; +}; diff --git a/lib/bind9/check.c b/lib/bind9/check.c index 79049ec697..3fb6e965ed 100644 --- a/lib/bind9/check.c +++ b/lib/bind9/check.c @@ -1744,7 +1744,12 @@ check_zoneconf(const cfg_obj_t *zconfig, const cfg_obj_t *voptions, cfg_obj_log(zoptions, logctx, ISC_LOG_WARNING, "zone '%s': 'also-notify' set but " "'notify' is disabled", znamestr); - } else if (tresult == ISC_R_SUCCESS) { + } + if (tresult != ISC_R_SUCCESS && voptions != NULL) + tresult = cfg_map_get(voptions, "also-notify", &obj); + if (tresult != ISC_R_SUCCESS && goptions != NULL) + tresult = cfg_map_get(goptions, "also-notify", &obj); + if (tresult == ISC_R_SUCCESS && donotify) { isc_uint32_t count; tresult = validate_masters(obj, config, &count, logctx, mctx);