summaryrefslogtreecommitdiffstats
path: root/contrib/bind9/lib/bind9/check.c
diff options
context:
space:
mode:
Diffstat (limited to 'contrib/bind9/lib/bind9/check.c')
-rw-r--r--contrib/bind9/lib/bind9/check.c69
1 files changed, 56 insertions, 13 deletions
diff --git a/contrib/bind9/lib/bind9/check.c b/contrib/bind9/lib/bind9/check.c
index 26eaa1a..f765604 100644
--- a/contrib/bind9/lib/bind9/check.c
+++ b/contrib/bind9/lib/bind9/check.c
@@ -287,10 +287,6 @@ disabled_algorithms(const cfg_obj_t *disabled, isc_log_t *logctx) {
tresult = dns_secalg_fromtext(&alg, &r);
if (tresult != ISC_R_SUCCESS) {
- isc_uint8_t ui;
- result = isc_parse_uint8(&ui, r.base, 10);
- }
- if (tresult != ISC_R_SUCCESS) {
cfg_obj_log(cfg_listelt_value(element), logctx,
ISC_LOG_ERROR, "invalid algorithm '%s'",
r.base);
@@ -1259,6 +1255,29 @@ typedef struct {
} optionstable;
static isc_result_t
+check_nonzero(const cfg_obj_t *options, isc_log_t *logctx) {
+ isc_result_t result = ISC_R_SUCCESS;
+ const cfg_obj_t *obj = NULL;
+ unsigned int i;
+
+ static const char *nonzero[] = { "max-retry-time", "min-retry-time",
+ "max-refresh-time", "min-refresh-time" };
+ /*
+ * Check if value is zero.
+ */
+ for (i = 0; i < sizeof(nonzero) / sizeof(nonzero[0]); i++) {
+ obj = NULL;
+ if (cfg_map_get(options, nonzero[i], &obj) == ISC_R_SUCCESS &&
+ cfg_obj_asuint32(obj) == 0) {
+ cfg_obj_log(obj, logctx, ISC_LOG_ERROR,
+ "'%s' must not be zero", nonzero[i]);
+ result = ISC_R_FAILURE;
+ }
+ }
+ return (result);
+}
+
+static isc_result_t
check_zoneconf(const cfg_obj_t *zconfig, const cfg_obj_t *voptions,
const cfg_obj_t *config, isc_symtab_t *symtab,
dns_rdataclass_t defclass, cfg_aclconfctx_t *actx,
@@ -1267,7 +1286,7 @@ check_zoneconf(const cfg_obj_t *zconfig, const cfg_obj_t *voptions,
const char *znamestr;
const char *typestr;
unsigned int ztype;
- const cfg_obj_t *zoptions;
+ const cfg_obj_t *zoptions, *goptions = NULL;
const cfg_obj_t *obj = NULL;
isc_result_t result = ISC_R_SUCCESS;
isc_result_t tresult;
@@ -1288,8 +1307,10 @@ check_zoneconf(const cfg_obj_t *zconfig, const cfg_obj_t *voptions,
{ "also-notify", MASTERZONE | SLAVEZONE },
{ "dialup", MASTERZONE | SLAVEZONE | STUBZONE },
{ "delegation-only", HINTZONE | STUBZONE | DELEGATIONZONE },
- { "forward", MASTERZONE | SLAVEZONE | STUBZONE | FORWARDZONE },
- { "forwarders", MASTERZONE | SLAVEZONE | STUBZONE | FORWARDZONE },
+ { "forward", MASTERZONE | SLAVEZONE | STUBZONE |
+ STATICSTUBZONE | FORWARDZONE },
+ { "forwarders", MASTERZONE | SLAVEZONE | STUBZONE |
+ STATICSTUBZONE | FORWARDZONE },
{ "maintain-ixfr-base", MASTERZONE | SLAVEZONE },
{ "max-ixfr-log-size", MASTERZONE | SLAVEZONE },
{ "notify-source", MASTERZONE | SLAVEZONE },
@@ -1345,10 +1366,14 @@ check_zoneconf(const cfg_obj_t *zconfig, const cfg_obj_t *voptions,
{ "passive", SLAVEZONE | STUBZONE },
};
+
znamestr = cfg_obj_asstring(cfg_tuple_get(zconfig, "name"));
zoptions = cfg_tuple_get(zconfig, "options");
+ if (config != NULL)
+ cfg_map_get(config, "options", &goptions);
+
obj = NULL;
(void)cfg_map_get(zoptions, "type", &obj);
if (obj == NULL) {
@@ -1430,6 +1455,12 @@ check_zoneconf(const cfg_obj_t *zconfig, const cfg_obj_t *voptions,
}
/*
+ * Check if value is zero.
+ */
+ if (check_nonzero(zoptions, logctx) != ISC_R_SUCCESS)
+ result = ISC_R_FAILURE;
+
+ /*
* Look for inappropriate options for the given zone type.
* Check that ACLs expand correctly.
*/
@@ -2170,6 +2201,14 @@ check_viewconf(const cfg_obj_t *config, const cfg_obj_t *voptions,
}
/*
+ * Check non-zero options at the global and view levels.
+ */
+ if (options != NULL && check_nonzero(options, logctx) != ISC_R_SUCCESS)
+ result = ISC_R_FAILURE;
+ if (voptions != NULL &&check_nonzero(voptions, logctx) != ISC_R_SUCCESS)
+ result = ISC_R_FAILURE;
+
+ /*
* Check that dual-stack-servers is reasonable.
*/
if (voptions == NULL) {
@@ -2196,15 +2235,15 @@ check_viewconf(const cfg_obj_t *config, const cfg_obj_t *voptions,
tresult = isc_symtab_create(mctx, 1000, freekey, mctx,
ISC_FALSE, &symtab);
if (tresult != ISC_R_SUCCESS)
- return (ISC_R_NOMEMORY);
+ goto cleanup;
(void)cfg_map_get(config, "key", &keys);
tresult = check_keylist(keys, symtab, mctx, logctx);
if (tresult == ISC_R_EXISTS)
result = ISC_R_FAILURE;
else if (tresult != ISC_R_SUCCESS) {
- isc_symtab_destroy(&symtab);
- return (tresult);
+ result = tresult;
+ goto cleanup;
}
if (voptions != NULL) {
@@ -2214,8 +2253,8 @@ check_viewconf(const cfg_obj_t *config, const cfg_obj_t *voptions,
if (tresult == ISC_R_EXISTS)
result = ISC_R_FAILURE;
else if (tresult != ISC_R_SUCCESS) {
- isc_symtab_destroy(&symtab);
- return (tresult);
+ result = tresult;
+ goto cleanup;
}
}
@@ -2336,7 +2375,11 @@ check_viewconf(const cfg_obj_t *config, const cfg_obj_t *voptions,
if (tresult != ISC_R_SUCCESS)
result = tresult;
- cfg_aclconfctx_detach(&actx);
+ cleanup:
+ if (symtab != NULL)
+ isc_symtab_destroy(&symtab);
+ if (actx != NULL)
+ cfg_aclconfctx_detach(&actx);
return (result);
}
OpenPOWER on IntegriCloud