new: usr: "named-checkconf -b" dumps the built-in configuration

`named-checkconf` now supports the command line switch `-b`,  which prints the default built-in configuration used by `named`.
    
When `-b` is in use, other options are ignored.

Closes #1326

Merge branch '1326-named-checkconf-builtin' into 'main'

See merge request isc-projects/bind9!11177

bin/check/named-checkconf.c

@@ -58,7 +58,7 @@ usage(void);
 static void
 usage(void) {
 	fprintf(stderr,
-		"usage: %s [-achijklvz] [-pe [-x]] [-t directory] "
+		"usage: %s [-achijklvz] [-pe [-x]] [-b] [-t directory] "
 		"[named.conf]\n",
 		isc_commandline_progname);
 	exit(EXIT_SUCCESS);
@@ -536,6 +536,23 @@ cleanup:
 	return result;
 }
 
+static isc_result_t
+parse_builtin(cfg_obj_t **defaultconfig) {
+	isc_buffer_t b;
+
+	REQUIRE(defaultconfig != NULL && *defaultconfig == NULL);
+
+	isc_buffer_constinit(&b, common_named_defaultconf,
+			     sizeof(common_named_defaultconf) - 1);
+	isc_buffer_add(&b, sizeof(common_named_defaultconf) - 1);
+
+	return cfg_parse_buffer(
+		isc_g_mctx, &b, __FILE__, 0, &cfg_type_namedconf,
+		CFG_PCTX_NODEPRECATED | CFG_PCTX_NOOBSOLETE |
+			CFG_PCTX_NOEXPERIMENTAL | CFG_PCTX_BUILTIN,
+		defaultconfig);
+}
+
 static void
 output(void *closure, const char *text, int textlen) {
 	if (fwrite(text, 1, textlen, stdout) != (size_t)textlen) {
@@ -556,6 +573,7 @@ main(int argc, char **argv) {
 	bool list_zones = false;
 	bool print = false;
 	bool effective = false;
+	bool builtin = false;
 	unsigned int flags = 0;
 	unsigned int parserflags = 0;
 	unsigned int checkflags = BIND_CHECK_PLUGINS | BIND_CHECK_ALGORITHMS;
@@ -567,7 +585,7 @@ main(int argc, char **argv) {
 	/*
 	 * Process memory debugging argument first.
 	 */
-#define CMDLINE_FLAGS "acdehijklm:nt:pvxz"
+#define CMDLINE_FLAGS "abcdehijklm:nt:pvxz"
 	while ((c = isc_commandline_parse(argc, argv, CMDLINE_FLAGS)) != -1) {
 		switch (c) {
 		case 'm':
@@ -596,6 +614,11 @@ main(int argc, char **argv) {
 			checkflags &= ~BIND_CHECK_ALGORITHMS;
 			break;
 
+		case 'b':
+			print = true;
+			builtin = true;
+			break;
+
 		case 'c':
 			checkflags &= ~BIND_CHECK_PLUGINS;
 			break;
@@ -679,6 +702,11 @@ main(int argc, char **argv) {
 		}
 	}
 
+	if (builtin) {
+		CHECK(parse_builtin(&config));
+		goto printx;
+	}
+
 	if (((flags & CFG_PRINTER_XKEY) != 0) && !print) {
 		fprintf(stderr, "%s: -x cannot be used without -p\n",
 			isc_commandline_progname);
@@ -711,17 +739,8 @@ main(int argc, char **argv) {
 	if (effective) {
 		cfg_obj_t *effectiveconf = NULL;
 		cfg_obj_t *defaultconfig = NULL;
-		isc_buffer_t b;
 
-		isc_buffer_constinit(&b, common_named_defaultconf,
-				     sizeof(common_named_defaultconf) - 1);
-		isc_buffer_add(&b, sizeof(common_named_defaultconf) - 1);
-
-		CHECK(cfg_parse_buffer(
-			isc_g_mctx, &b, __FILE__, 0, &cfg_type_namedconf,
-			CFG_PCTX_NODEPRECATED | CFG_PCTX_NOOBSOLETE |
-				CFG_PCTX_NOEXPERIMENTAL | CFG_PCTX_BUILTIN,
-			&defaultconfig));
+		CHECK(parse_builtin(&defaultconfig));
 		effectiveconf = cfg_effective_config(config, defaultconfig);
 
 		cfg_obj_detach(&defaultconfig);
@@ -729,6 +748,7 @@ main(int argc, char **argv) {
 		config = effectiveconf;
 	}
 
+printx:
 	if (print) {
 		cfg_printx(config, flags, output, &result);
 	}

bin/check/named-checkconf.rst

@@ -21,7 +21,8 @@ named-checkconf - named configuration file syntax checking tool
 Synopsis
 ~~~~~~~~
 
-:program:`named-checkconf` [**-achjklnvz**] [**-pe** [**-x** ]] [**-t** directory] {filename}
+:program:`named-checkconf` [**-achjklnvz**] [**-pe** [**-x** ]] [**-b**]
+[**-t** directory] {filename}
 
 Description
 ~~~~~~~~~~~
@@ -48,6 +49,17 @@ Options
    a `named.conf` intended to be run on another machine with possibly a
    different set of supported DNSSEC key algorithms.
 
+.. option:: -b
+
+   This option prints the built-in server confguration for :iscman:`named`.
+   See :option:`-e` for more details.
+
+   Note that default settings may change between releases, so this
+   information is only reliable if :program:`named-checkconf` and
+   :program:`named` are from the same release.
+
+   When :option:`-b` is in use, the other switches are ignored.
+
 .. option:: -e
 
    This option prints the effective server configuration that would
@@ -55,11 +67,15 @@ Options
    were detected, in canonical form.
 
    The effective configuration is the result of loading a configuration
-   file and applying it on top of the default settings for :iscman:`named`.
+   file and applying it on top of the default settings for :program:`named`.
    All configurable settings are included.
 
-   See also the :option:`-x` and :option:`-p` options.
+   Note that default settings may change between releases, so the
+   effective configuration generated by :program:`named-checkconf` is only
+   expected to be correct for the same version of :program:`named`,
+   built with the same compile-time options.
 
+   See also the :option:`-b`, :option:`-x` and :option:`-p` options.
 
 .. option:: -h
 

bin/tests/system/checkconf/tests_checkconf.py

@@ -19,8 +19,21 @@ def test_checkconf_effective():
     checkconf_output = proc.stdout.decode()
     assert "listen-on port 5353 {\n\t\t127.1.2.3/32;\n\t};" in checkconf_output
     assert 'view "_bind" chaos {' in checkconf_output
+    assert 'remote-servers "_default_iana_root_zone_primaries" {' in checkconf_output
     assert 'view "foo" {\n}' in checkconf_output
 
     # builtin-trust-anchors is non documented and internal clause only, it must
     # not be visible.
     assert "builtin-trust-anchors" not in checkconf_output
+
+
+def test_checkconf_builtin():
+    proc = isctest.run.cmd([os.environ["CHECKCONF"], "-b"])
+    checkconf_output = proc.stdout.decode()
+    assert 'listen-on  {\n\t\t"any";\n\t};' in checkconf_output
+    assert 'view "_bind" chaos {' in checkconf_output
+    assert 'remote-servers "_default_iana_root_zone_primaries" {' in checkconf_output
+
+    # builtin-trust-anchors is non documented and internal clause only, it must
+    # not be visible.
+    assert "builtin-trust-anchors" not in checkconf_output