mirror of
https://gitlab.isc.org/isc-projects/bind9
synced 2025-08-30 05:57:52 +00:00
Check that configured view class isn't a meta class (#41572)
This commit is contained in:
Mukund Sivaraman
parent
08913705e9
commit
0c29904b27
3
CHANGES
3
CHANGES
@ -1,3 +1,6 @@
|
||||
4315. [bug] Check that configured view class isn't a meta class.
|
||||
[RT #41572].
|
||||
|
||||
4314. [contrib] Added 'dnsperf-2.1.0.0-1', a set of performance
|
||||
testing tools provided by Nominum, Inc.
|
||||
|
||||
|
||||
@ -441,15 +441,27 @@ configure_view(const char *vclass, const char *view, const cfg_obj_t *config,
|
||||
return (result);
|
||||
}
|
||||
|
||||
static isc_result_t
|
||||
config_getclass(const cfg_obj_t *classobj, dns_rdataclass_t defclass,
|
||||
dns_rdataclass_t *classp)
|
||||
{
|
||||
isc_textregion_t r;
|
||||
|
||||
if (!cfg_obj_isstring(classobj)) {
|
||||
*classp = defclass;
|
||||
return (ISC_R_SUCCESS);
|
||||
}
|
||||
DE_CONST(cfg_obj_asstring(classobj), r.base);
|
||||
r.length = strlen(r.base);
|
||||
return (dns_rdataclass_fromtext(classp, &r));
|
||||
}
|
||||
|
||||
/*% load zones from the configuration */
|
||||
static isc_result_t
|
||||
load_zones_fromconfig(const cfg_obj_t *config, isc_mem_t *mctx) {
|
||||
const cfg_listelt_t *element;
|
||||
const cfg_obj_t *classobj;
|
||||
const cfg_obj_t *views;
|
||||
const cfg_obj_t *vconfig;
|
||||
const char *vclass;
|
||||
isc_result_t result = ISC_R_SUCCESS;
|
||||
isc_result_t tresult;
|
||||
|
||||
@ -460,17 +472,24 @@ load_zones_fromconfig(const cfg_obj_t *config, isc_mem_t *mctx) {
|
||||
element != NULL;
|
||||
element = cfg_list_next(element))
|
||||
{
|
||||
const cfg_obj_t *classobj;
|
||||
dns_rdataclass_t viewclass;
|
||||
const char *vname;
|
||||
char buf[sizeof("CLASS65535")];
|
||||
|
||||
vclass = "IN";
|
||||
vconfig = cfg_listelt_value(element);
|
||||
if (vconfig != NULL) {
|
||||
if (vconfig == NULL)
|
||||
continue;
|
||||
|
||||
classobj = cfg_tuple_get(vconfig, "class");
|
||||
if (cfg_obj_isstring(classobj))
|
||||
vclass = cfg_obj_asstring(classobj);
|
||||
}
|
||||
CHECK(config_getclass(classobj, dns_rdataclass_in,
|
||||
&viewclass));
|
||||
if (dns_rdataclass_ismeta(viewclass))
|
||||
CHECK(ISC_R_FAILURE);
|
||||
|
||||
dns_rdataclass_format(viewclass, buf, sizeof(buf));
|
||||
vname = cfg_obj_asstring(cfg_tuple_get(vconfig, "name"));
|
||||
tresult = configure_view(vclass, vname, config, vconfig, mctx);
|
||||
tresult = configure_view(buf, vname, config, vconfig, mctx);
|
||||
if (tresult != ISC_R_SUCCESS)
|
||||
result = tresult;
|
||||
}
|
||||
@ -480,6 +499,8 @@ load_zones_fromconfig(const cfg_obj_t *config, isc_mem_t *mctx) {
|
||||
if (tresult != ISC_R_SUCCESS)
|
||||
result = tresult;
|
||||
}
|
||||
|
||||
cleanup:
|
||||
return (result);
|
||||
}
|
||||
|
||||
|
||||
@ -4419,8 +4419,15 @@ get_viewinfo(const cfg_obj_t *vconfig, const char **namep,
|
||||
|
||||
viewname = cfg_obj_asstring(cfg_tuple_get(vconfig, "name"));
|
||||
classobj = cfg_tuple_get(vconfig, "class");
|
||||
result = ns_config_getclass(classobj, dns_rdataclass_in,
|
||||
&viewclass);
|
||||
CHECK(ns_config_getclass(classobj, dns_rdataclass_in,
|
||||
&viewclass));
|
||||
if (dns_rdataclass_ismeta(viewclass)) {
|
||||
isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
|
||||
NS_LOGMODULE_SERVER, ISC_LOG_ERROR,
|
||||
"view '%s': class must not be meta",
|
||||
viewname);
|
||||
CHECK(ISC_R_FAILURE);
|
||||
}
|
||||
} else {
|
||||
viewname = "_default";
|
||||
viewclass = dns_rdataclass_in;
|
||||
@ -4429,6 +4436,7 @@ get_viewinfo(const cfg_obj_t *vconfig, const char **namep,
|
||||
*namep = viewname;
|
||||
*classp = viewclass;
|
||||
|
||||
cleanup:
|
||||
return (result);
|
||||
}
|
||||
|
||||
|
||||
@ -199,6 +199,30 @@ $CHECKCONF -z altdlz.conf > /dev/null 2>&1 || ret=1
|
||||
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
echo "I: checking that named-checkconf -z fails on view with ANY class"
|
||||
ret=0
|
||||
$CHECKCONF -z view-class-any1.conf > /dev/null 2>&1 && ret=1
|
||||
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
echo "I: checking that named-checkconf -z fails on view with CLASS255 class"
|
||||
ret=0
|
||||
$CHECKCONF -z view-class-any2.conf > /dev/null 2>&1 && ret=1
|
||||
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
echo "I: checking that named-checkconf -z passes on view with IN class"
|
||||
ret=0
|
||||
$CHECKCONF -z view-class-in1.conf > /dev/null 2>&1 || ret=1
|
||||
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
echo "I: checking that named-checkconf -z passes on view with CLASS1 class"
|
||||
ret=0
|
||||
$CHECKCONF -z view-class-in2.conf > /dev/null 2>&1 || ret=1
|
||||
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
echo "I: check that check-names fails as configured"
|
||||
ret=0
|
||||
$CHECKCONF -z check-names-fail.conf > checkconf.out1 2>&1 && ret=1
|
||||
|
||||
17
bin/tests/system/checkconf/view-class-any1.conf
Normal file
17
bin/tests/system/checkconf/view-class-any1.conf
Normal file
@ -0,0 +1,17 @@
|
||||
/*
|
||||
* Copyright (C) 2016 Internet Systems Consortium, Inc. ("ISC")
|
||||
*
|
||||
* Permission to use, copy, modify, and/or distribute this software for any
|
||||
* purpose with or without fee is hereby granted, provided that the above
|
||||
* copyright notice and this permission notice appear in all copies.
|
||||
*
|
||||
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
|
||||
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
|
||||
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
|
||||
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
|
||||
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
|
||||
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
|
||||
* PERFORMANCE OF THIS SOFTWARE.
|
||||
*/
|
||||
|
||||
view "example" any { };
|
||||
17
bin/tests/system/checkconf/view-class-any2.conf
Normal file
17
bin/tests/system/checkconf/view-class-any2.conf
Normal file
@ -0,0 +1,17 @@
|
||||
/*
|
||||
* Copyright (C) 2016 Internet Systems Consortium, Inc. ("ISC")
|
||||
*
|
||||
* Permission to use, copy, modify, and/or distribute this software for any
|
||||
* purpose with or without fee is hereby granted, provided that the above
|
||||
* copyright notice and this permission notice appear in all copies.
|
||||
*
|
||||
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
|
||||
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
|
||||
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
|
||||
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
|
||||
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
|
||||
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
|
||||
* PERFORMANCE OF THIS SOFTWARE.
|
||||
*/
|
||||
|
||||
view "example" class255 { };
|
||||
17
bin/tests/system/checkconf/view-class-in1.conf
Normal file
17
bin/tests/system/checkconf/view-class-in1.conf
Normal file
@ -0,0 +1,17 @@
|
||||
/*
|
||||
* Copyright (C) 2016 Internet Systems Consortium, Inc. ("ISC")
|
||||
*
|
||||
* Permission to use, copy, modify, and/or distribute this software for any
|
||||
* purpose with or without fee is hereby granted, provided that the above
|
||||
* copyright notice and this permission notice appear in all copies.
|
||||
*
|
||||
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
|
||||
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
|
||||
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
|
||||
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
|
||||
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
|
||||
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
|
||||
* PERFORMANCE OF THIS SOFTWARE.
|
||||
*/
|
||||
|
||||
view "example" in { };
|
||||
17
bin/tests/system/checkconf/view-class-in2.conf
Normal file
17
bin/tests/system/checkconf/view-class-in2.conf
Normal file
@ -0,0 +1,17 @@
|
||||
/*
|
||||
* Copyright (C) 2016 Internet Systems Consortium, Inc. ("ISC")
|
||||
*
|
||||
* Permission to use, copy, modify, and/or distribute this software for any
|
||||
* purpose with or without fee is hereby granted, provided that the above
|
||||
* copyright notice and this permission notice appear in all copies.
|
||||
*
|
||||
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
|
||||
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
|
||||
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
|
||||
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
|
||||
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
|
||||
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
|
||||
* PERFORMANCE OF THIS SOFTWARE.
|
||||
*/
|
||||
|
||||
view "example" class1 { };
|
||||
Loading…
x
Reference in New Issue
Block a user