check for in-view zones colliding with other zone definitions; also check the syntax of the in-view zone name

2025-08-30 22:15:20 +00:00 · 2018-03-05 11:53:18 +11:00
parent ca55c672b0
commit 3e7e280040
1 changed files with 81 additions and 75 deletions
--- a/lib/bind9/check.c
+++ b/lib/bind9/check.c
@@ -1893,7 +1893,7 @@ check_zoneconf(const cfg_obj_t *zconfig, const cfg_obj_t *voptions,
 	       cfg_aclconfctx_t *actx, isc_log_t *logctx, isc_mem_t *mctx)
 {
 	const char *znamestr;
-	const char *typestr;
+	const char *typestr = NULL;
 	unsigned int ztype;
 	const cfg_obj_t *zoptions, *goptions = NULL;
 	const cfg_obj_t *obj = NULL;
@@ -1937,86 +1937,70 @@ check_zoneconf(const cfg_obj_t *zconfig, const cfg_obj_t *voptions,
 	obj = NULL;
 	(void)cfg_map_get(zoptions, "in-view", &obj);
 	if (obj != NULL) {
-		const cfg_obj_t *fwd = NULL;
-		unsigned int maxopts = 1;
-		(void)cfg_map_get(zoptions, "forward", &fwd);
-		if (fwd != NULL)
-			maxopts++;
-		fwd = NULL;
-		(void)cfg_map_get(zoptions, "forwarders", &fwd);
-		if (fwd != NULL)
-			maxopts++;
-		if (cfg_map_count(zoptions) > maxopts) {
-			cfg_obj_log(zconfig, logctx, ISC_LOG_ERROR,
-				    "zone '%s': 'in-view' used "
-				    "with incompatible zone options",
-				    znamestr);
-			return (ISC_R_FAILURE);
-		}
-		return (ISC_R_SUCCESS);
-	}
-
-	obj = NULL;
-	(void)cfg_map_get(zoptions, "type", &obj);
-	if (obj == NULL) {
-		cfg_obj_log(zconfig, logctx, ISC_LOG_ERROR,
-			    "zone '%s': type not present", znamestr);
-		return (ISC_R_FAILURE);
-	}
-
-	typestr = cfg_obj_asstring(obj);
-	if (strcasecmp(typestr, "master") == 0 ||
-	    strcasecmp(typestr, "primary") == 0)
-	{
-		ztype = CFG_ZONE_MASTER;
-	} else if (strcasecmp(typestr, "slave") == 0 ||
-		   strcasecmp(typestr, "secondary") == 0)
-	{
-		ztype = CFG_ZONE_SLAVE;
-	} else if (strcasecmp(typestr, "stub") == 0) {
-		ztype = CFG_ZONE_STUB;
-	} else if (strcasecmp(typestr, "static-stub") == 0) {
-		ztype = CFG_ZONE_STATICSTUB;
-	} else if (strcasecmp(typestr, "forward") == 0) {
-		ztype = CFG_ZONE_FORWARD;
-	} else if (strcasecmp(typestr, "hint") == 0) {
-		ztype = CFG_ZONE_HINT;
-	} else if (strcasecmp(typestr, "delegation-only") == 0) {
-		ztype = CFG_ZONE_DELEGATION;
-	} else if (strcasecmp(typestr, "redirect") == 0) {
-		ztype = CFG_ZONE_REDIRECT;
+		ztype = CFG_ZONE_INVIEW;
 	} else {
-		cfg_obj_log(obj, logctx, ISC_LOG_ERROR,
-			    "zone '%s': invalid type %s",
-			    znamestr, typestr);
-		return (ISC_R_FAILURE);
-	}
-
-	if (ztype == CFG_ZONE_REDIRECT && strcmp(znamestr, ".") != 0) {
-		cfg_obj_log(zconfig, logctx, ISC_LOG_ERROR,
-			    "redirect zones must be called \".\"");
-		return (ISC_R_FAILURE);
-	}
-	obj = cfg_tuple_get(zconfig, "class");
-	if (cfg_obj_isstring(obj)) {
-		isc_textregion_t r;
-
-		DE_CONST(cfg_obj_asstring(obj), r.base);
-		r.length = strlen(r.base);
-		result = dns_rdataclass_fromtext(&zclass, &r);
-		if (result != ISC_R_SUCCESS) {
-			cfg_obj_log(obj, logctx, ISC_LOG_ERROR,
-				    "zone '%s': invalid class %s",
-				    znamestr, r.base);
+		obj = NULL;
+		(void)cfg_map_get(zoptions, "type", &obj);
+		if (obj == NULL) {
+			cfg_obj_log(zconfig, logctx, ISC_LOG_ERROR,
+				    "zone '%s': type not present", znamestr);
 			return (ISC_R_FAILURE);
 		}
-		if (zclass != defclass) {
+
+		typestr = cfg_obj_asstring(obj);
+		if (strcasecmp(typestr, "master") == 0 ||
+		    strcasecmp(typestr, "primary") == 0)
+		{
+			ztype = CFG_ZONE_MASTER;
+		} else if (strcasecmp(typestr, "slave") == 0 ||
+			   strcasecmp(typestr, "secondary") == 0)
+		{
+			ztype = CFG_ZONE_SLAVE;
+		} else if (strcasecmp(typestr, "stub") == 0) {
+			ztype = CFG_ZONE_STUB;
+		} else if (strcasecmp(typestr, "static-stub") == 0) {
+			ztype = CFG_ZONE_STATICSTUB;
+		} else if (strcasecmp(typestr, "forward") == 0) {
+			ztype = CFG_ZONE_FORWARD;
+		} else if (strcasecmp(typestr, "hint") == 0) {
+			ztype = CFG_ZONE_HINT;
+		} else if (strcasecmp(typestr, "delegation-only") == 0) {
+			ztype = CFG_ZONE_DELEGATION;
+		} else if (strcasecmp(typestr, "redirect") == 0) {
+			ztype = CFG_ZONE_REDIRECT;
+		} else {
 			cfg_obj_log(obj, logctx, ISC_LOG_ERROR,
-				    "zone '%s': class '%s' does not "
-				    "match view/default class",
-				    znamestr, r.base);
+				    "zone '%s': invalid type %s",
+				    znamestr, typestr);
 			return (ISC_R_FAILURE);
 		}
+
+		if (ztype == CFG_ZONE_REDIRECT && strcmp(znamestr, ".") != 0) {
+			cfg_obj_log(zconfig, logctx, ISC_LOG_ERROR,
+				    "redirect zones must be called \".\"");
+			return (ISC_R_FAILURE);
+		}
+		obj = cfg_tuple_get(zconfig, "class");
+		if (cfg_obj_isstring(obj)) {
+			isc_textregion_t r;
+
+			DE_CONST(cfg_obj_asstring(obj), r.base);
+			r.length = strlen(r.base);
+			result = dns_rdataclass_fromtext(&zclass, &r);
+			if (result != ISC_R_SUCCESS) {
+				cfg_obj_log(obj, logctx, ISC_LOG_ERROR,
+					    "zone '%s': invalid class %s",
+					    znamestr, r.base);
+				return (ISC_R_FAILURE);
+			}
+			if (zclass != defclass) {
+				cfg_obj_log(obj, logctx, ISC_LOG_ERROR,
+					    "zone '%s': class '%s' does not "
+					    "match view/default class",
+					    znamestr, r.base);
+				return (ISC_R_FAILURE);
+			}
+		}
 	}

 	/*
@@ -2053,6 +2037,28 @@ check_zoneconf(const cfg_obj_t *zconfig, const cfg_obj_t *voptions,
 			ula = ISC_TRUE;
 	}

+	if (ztype == CFG_ZONE_INVIEW) {
+		const cfg_obj_t *fwd = NULL;
+		unsigned int maxopts = 1;
+
+		(void)cfg_map_get(zoptions, "forward", &fwd);
+		if (fwd != NULL)
+			maxopts++;
+		fwd = NULL;
+		(void)cfg_map_get(zoptions, "forwarders", &fwd);
+		if (fwd != NULL)
+			maxopts++;
+		if (cfg_map_count(zoptions) > maxopts) {
+			cfg_obj_log(zconfig, logctx, ISC_LOG_ERROR,
+				    "zone '%s': 'in-view' used "
+				    "with incompatible zone options",
+				    znamestr);
+			if (result == ISC_R_SUCCESS)
+				result = ISC_R_FAILURE;
+		}
+		return (result);
+	}
+
 	/*
 	 * Check if value is zero.
 	 */