mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-09-02 15:45:25 +00:00
Code Issues Releases Wiki Activity

Zone configuration validation is now done at end of config file parsing,

Browse Source 
and before loading callbacks.
This commit is contained in:
James Brister
2000-05-18 23:20:21 +00:00
parent 8d837d2669
commit 8977ab7ca0
4 changed files with 72 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGES
View File

@@ -1,3 +1,7 @@
192. [bug] Zone configuration validation is now done at end
of config file parsing, and before loading
callbacks.
191. [func] Patched to compile on UnixWare 7.x. This platform 191. [func] Patched to compile on UnixWare 7.x. This platform
is not directly supported by the ISC. is not directly supported by the ISC.

12
lib/dns/config/confparser.y
View File

@@ -16,7 +16,7 @@
* SOFTWARE. * SOFTWARE.
*/ */
/* $Id: confparser.y,v 1.81 2000/05/15 12:36:23 brister Exp $ */ /* $Id: confparser.y,v 1.82 2000/05/18 23:20:18 brister Exp $ */
#include <config.h> #include <config.h>
@@ -3981,6 +3981,11 @@ zone_stmt: L_ZONE domain_name optional_class L_LBRACE L_TYPE zone_type L_EOS
if (zone != NULL && if (zone != NULL &&
callbacks != NULL && callbacks->zonecbk != NULL) { callbacks != NULL && callbacks->zonecbk != NULL) {
tmpres = dns_c_zone_validate(zone);
if (tmpres != ISC_R_SUCCESS) {
YYABORT;
}
tmpres = callbacks->zonecbk(currcfg, tmpres = callbacks->zonecbk(currcfg,
zone, zone,
view, view,
@@ -4582,6 +4587,11 @@ zone_option: L_FILE L_QSTRING
"failed to set enable-zone."); "failed to set enable-zone.");
YYABORT; YYABORT;
} }
if ($2 == ISC_FALSE) {
parser_warning(ISC_FALSE, "zone '%s' is disabled",
zone->name);
}
} }
| L_DATABASE L_QSTRING | L_DATABASE L_QSTRING
{ {

105
lib/dns/config/confzone.c
View File

@@ -15,7 +15,7 @@
* SOFTWARE. * SOFTWARE.
*/ */
/* $Id: confzone.c,v 1.42 2000/05/15 12:36:28 brister Exp $ */ /* $Id: confzone.c,v 1.43 2000/05/18 23:20:19 brister Exp $ */
#include <config.h> #include <config.h>
@@ -195,63 +195,17 @@ dns_c_zonelist_delete(dns_c_zonelist_t **zlist) {
isc_result_t isc_result_t
dns_c_zonelist_checkzones(dns_c_zonelist_t *list) { dns_c_zonelist_checkzones(dns_c_zonelist_t *list) {
dns_c_zone_t *zone; dns_c_zone_t *zone;
dns_c_ipmatchlist_t *ipmlist;
dns_c_iplist_t *iplist;
dns_ssutable_t *ssutable = NULL;
isc_result_t tmpres; isc_result_t tmpres;
isc_result_t result = ISC_R_SUCCESS; isc_result_t result = ISC_R_SUCCESS;
const char *autherr = "zone '%s': allow-update is ignored when "
"update-policy is also used";
const char *nomasterserr = "zone '%s': missing 'masters' entry";
const char *emptymasterserr = "zone '%s': 'masters' value is empty";
REQUIRE(DNS_C_ZONELIST_VALID(list)); REQUIRE(DNS_C_ZONELIST_VALID(list));
for (zone = dns_c_zonelist_firstzone(list) ; for (zone = dns_c_zonelist_firstzone(list) ;
zone != NULL ; zone != NULL ;
zone = dns_c_zonelist_nextzone(list, zone)) { zone = dns_c_zonelist_nextzone(list, zone)) {
tmpres = dns_c_zone_validate(zone);
ipmlist = NULL; if (result == ISC_R_SUCCESS) {
ssutable = NULL; result = tmpres;
/*
* Check for allow-update and update-policty together
*/
if (zone->ztype == dns_c_zone_master) {
ipmlist = NULL;
tmpres = dns_c_zone_getallowupd(zone, &ipmlist);
if (tmpres == ISC_R_SUCCESS) {
tmpres = dns_c_zone_getssuauth(zone,
&ssutable);
if (tmpres == ISC_R_SUCCESS) {
isc_log_write(dns_lctx,
DNS_LOGCATEGORY_CONFIG,
DNS_LOGMODULE_CONFIG,
ISC_LOG_WARNING, autherr,
zone->name);
dns_c_zone_unsetallowupd(zone);
}
dns_c_ipmatchlist_detach(&ipmlist);
}
} else if (zone->ztype == dns_c_zone_slave) {
iplist = NULL;
tmpres = dns_c_zone_getmasterips(zone, &iplist);
if (tmpres != ISC_R_SUCCESS) {
isc_log_write(dns_lctx,
DNS_LOGCATEGORY_CONFIG,
DNS_LOGMODULE_CONFIG,
ISC_LOG_WARNING, nomasterserr,
zone->name);
result = ISC_R_FAILURE;
} else if (iplist->nextidx == 0) {
isc_log_write(dns_lctx,
DNS_LOGCATEGORY_CONFIG,
DNS_LOGMODULE_CONFIG,
ISC_LOG_WARNING, emptymasterserr,
zone->name);
result = ISC_R_FAILURE;
}
} }
} }
@@ -4068,5 +4022,56 @@ dns_c_zone_unsetenabled(dns_c_zone_t *zone)
} }
isc_result_t
dns_c_zone_validate(dns_c_zone_t *zone)
{
dns_c_ipmatchlist_t *ipmlist = NULL;
dns_c_iplist_t *iplist = NULL;
dns_ssutable_t *ssutable = NULL;
isc_result_t tmpres;
isc_result_t result = ISC_R_SUCCESS;
const char *autherr = "zone '%s': allow-update is ignored when "
"update-policy is also used";
const char *nomasterserr = "zone '%s': missing 'masters' entry";
const char *emptymasterserr = "zone '%s': 'masters' value is empty";
/*
* Check for allow-update and update-policty together
*/
if (zone->ztype == dns_c_zone_master) {
tmpres = dns_c_zone_getallowupd(zone, &ipmlist);
if (tmpres == ISC_R_SUCCESS) {
tmpres = dns_c_zone_getssuauth(zone,
&ssutable);
if (tmpres == ISC_R_SUCCESS) {
isc_log_write(dns_lctx,
DNS_LOGCATEGORY_CONFIG,
DNS_LOGMODULE_CONFIG,
ISC_LOG_WARNING, autherr,
zone->name);
dns_c_zone_unsetallowupd(zone);
}
dns_c_ipmatchlist_detach(&ipmlist);
}
} else if (zone->ztype == dns_c_zone_slave) {
iplist = NULL;
tmpres = dns_c_zone_getmasterips(zone, &iplist);
if (tmpres != ISC_R_SUCCESS) {
isc_log_write(dns_lctx,
DNS_LOGCATEGORY_CONFIG,
DNS_LOGMODULE_CONFIG,
ISC_LOG_WARNING, nomasterserr,
zone->name);
result = ISC_R_FAILURE;
} else if (iplist->nextidx == 0) {
isc_log_write(dns_lctx,
DNS_LOGCATEGORY_CONFIG,
DNS_LOGMODULE_CONFIG,
ISC_LOG_WARNING, emptymasterserr,
zone->name);
result = ISC_R_FAILURE;
}
}
return (result);
}

2
lib/dns/include/dns/confzone.h
View File

@@ -468,6 +468,8 @@ isc_result_t
dns_c_zone_unsetenabled(dns_c_zone_t *zone); dns_c_zone_unsetenabled(dns_c_zone_t *zone);
isc_result_t
dns_c_zone_validate(dns_c_zone_t *zone);
ISC_LANG_ENDDECLS ISC_LANG_ENDDECLS