/contrib/bind9/bin/check/named-checkconf.c

https://bitbucket.org/freebsd/freebsd-head/ · C · 543 lines · 438 code · 78 blank · 27 comment · 157 complexity · aac5e4cf99d12974984535a6c8c944af MD5 · raw file

  1. /*
  2. * Copyright (C) 2004-2007, 2009-2011 Internet Systems Consortium, Inc. ("ISC")
  3. * Copyright (C) 1999-2002 Internet Software Consortium.
  4. *
  5. * Permission to use, copy, modify, and/or distribute this software for any
  6. * purpose with or without fee is hereby granted, provided that the above
  7. * copyright notice and this permission notice appear in all copies.
  8. *
  9. * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
  10. * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
  11. * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
  12. * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
  13. * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
  14. * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  15. * PERFORMANCE OF THIS SOFTWARE.
  16. */
  17. /* $Id: named-checkconf.c,v 1.54.62.2 2011/03/12 04:59:13 tbox Exp $ */
  18. /*! \file */
  19. #include <config.h>
  20. #include <errno.h>
  21. #include <stdlib.h>
  22. #include <stdio.h>
  23. #include <isc/commandline.h>
  24. #include <isc/dir.h>
  25. #include <isc/entropy.h>
  26. #include <isc/hash.h>
  27. #include <isc/log.h>
  28. #include <isc/mem.h>
  29. #include <isc/result.h>
  30. #include <isc/string.h>
  31. #include <isc/util.h>
  32. #include <isccfg/namedconf.h>
  33. #include <bind9/check.h>
  34. #include <dns/fixedname.h>
  35. #include <dns/log.h>
  36. #include <dns/name.h>
  37. #include <dns/result.h>
  38. #include <dns/zone.h>
  39. #include "check-tool.h"
  40. static const char *program = "named-checkconf";
  41. isc_log_t *logc = NULL;
  42. #define CHECK(r)\
  43. do { \
  44. result = (r); \
  45. if (result != ISC_R_SUCCESS) \
  46. goto cleanup; \
  47. } while (0)
  48. /*% usage */
  49. ISC_PLATFORM_NORETURN_PRE static void
  50. usage(void) ISC_PLATFORM_NORETURN_POST;
  51. static void
  52. usage(void) {
  53. fprintf(stderr, "usage: %s [-h] [-j] [-p] [-v] [-z] [-t directory] "
  54. "[named.conf]\n", program);
  55. exit(1);
  56. }
  57. /*% directory callback */
  58. static isc_result_t
  59. directory_callback(const char *clausename, const cfg_obj_t *obj, void *arg) {
  60. isc_result_t result;
  61. const char *directory;
  62. REQUIRE(strcasecmp("directory", clausename) == 0);
  63. UNUSED(arg);
  64. UNUSED(clausename);
  65. /*
  66. * Change directory.
  67. */
  68. directory = cfg_obj_asstring(obj);
  69. result = isc_dir_chdir(directory);
  70. if (result != ISC_R_SUCCESS) {
  71. cfg_obj_log(obj, logc, ISC_LOG_ERROR,
  72. "change directory to '%s' failed: %s\n",
  73. directory, isc_result_totext(result));
  74. return (result);
  75. }
  76. return (ISC_R_SUCCESS);
  77. }
  78. static isc_boolean_t
  79. get_maps(const cfg_obj_t **maps, const char *name, const cfg_obj_t **obj) {
  80. int i;
  81. for (i = 0;; i++) {
  82. if (maps[i] == NULL)
  83. return (ISC_FALSE);
  84. if (cfg_map_get(maps[i], name, obj) == ISC_R_SUCCESS)
  85. return (ISC_TRUE);
  86. }
  87. }
  88. static isc_boolean_t
  89. get_checknames(const cfg_obj_t **maps, const cfg_obj_t **obj) {
  90. const cfg_listelt_t *element;
  91. const cfg_obj_t *checknames;
  92. const cfg_obj_t *type;
  93. const cfg_obj_t *value;
  94. isc_result_t result;
  95. int i;
  96. for (i = 0;; i++) {
  97. if (maps[i] == NULL)
  98. return (ISC_FALSE);
  99. checknames = NULL;
  100. result = cfg_map_get(maps[i], "check-names", &checknames);
  101. if (result != ISC_R_SUCCESS)
  102. continue;
  103. if (checknames != NULL && !cfg_obj_islist(checknames)) {
  104. *obj = checknames;
  105. return (ISC_TRUE);
  106. }
  107. for (element = cfg_list_first(checknames);
  108. element != NULL;
  109. element = cfg_list_next(element)) {
  110. value = cfg_listelt_value(element);
  111. type = cfg_tuple_get(value, "type");
  112. if (strcasecmp(cfg_obj_asstring(type), "master") != 0)
  113. continue;
  114. *obj = cfg_tuple_get(value, "mode");
  115. return (ISC_TRUE);
  116. }
  117. }
  118. }
  119. static isc_result_t
  120. config_get(const cfg_obj_t **maps, const char *name, const cfg_obj_t **obj) {
  121. int i;
  122. for (i = 0;; i++) {
  123. if (maps[i] == NULL)
  124. return (ISC_R_NOTFOUND);
  125. if (cfg_map_get(maps[i], name, obj) == ISC_R_SUCCESS)
  126. return (ISC_R_SUCCESS);
  127. }
  128. }
  129. /*% configure the zone */
  130. static isc_result_t
  131. configure_zone(const char *vclass, const char *view,
  132. const cfg_obj_t *zconfig, const cfg_obj_t *vconfig,
  133. const cfg_obj_t *config, isc_mem_t *mctx)
  134. {
  135. int i = 0;
  136. isc_result_t result;
  137. const char *zclass;
  138. const char *zname;
  139. const char *zfile;
  140. const cfg_obj_t *maps[4];
  141. const cfg_obj_t *zoptions = NULL;
  142. const cfg_obj_t *classobj = NULL;
  143. const cfg_obj_t *typeobj = NULL;
  144. const cfg_obj_t *fileobj = NULL;
  145. const cfg_obj_t *dbobj = NULL;
  146. const cfg_obj_t *obj = NULL;
  147. const cfg_obj_t *fmtobj = NULL;
  148. dns_masterformat_t masterformat;
  149. zone_options = DNS_ZONEOPT_CHECKNS | DNS_ZONEOPT_MANYERRORS;
  150. zname = cfg_obj_asstring(cfg_tuple_get(zconfig, "name"));
  151. classobj = cfg_tuple_get(zconfig, "class");
  152. if (!cfg_obj_isstring(classobj))
  153. zclass = vclass;
  154. else
  155. zclass = cfg_obj_asstring(classobj);
  156. zoptions = cfg_tuple_get(zconfig, "options");
  157. maps[i++] = zoptions;
  158. if (vconfig != NULL)
  159. maps[i++] = cfg_tuple_get(vconfig, "options");
  160. if (config != NULL) {
  161. cfg_map_get(config, "options", &obj);
  162. if (obj != NULL)
  163. maps[i++] = obj;
  164. }
  165. maps[i] = NULL;
  166. cfg_map_get(zoptions, "type", &typeobj);
  167. if (typeobj == NULL)
  168. return (ISC_R_FAILURE);
  169. if (strcasecmp(cfg_obj_asstring(typeobj), "master") != 0)
  170. return (ISC_R_SUCCESS);
  171. cfg_map_get(zoptions, "database", &dbobj);
  172. if (dbobj != NULL)
  173. return (ISC_R_SUCCESS);
  174. cfg_map_get(zoptions, "file", &fileobj);
  175. if (fileobj == NULL)
  176. return (ISC_R_FAILURE);
  177. zfile = cfg_obj_asstring(fileobj);
  178. obj = NULL;
  179. if (get_maps(maps, "check-dup-records", &obj)) {
  180. if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
  181. zone_options |= DNS_ZONEOPT_CHECKDUPRR;
  182. zone_options &= ~DNS_ZONEOPT_CHECKDUPRRFAIL;
  183. } else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
  184. zone_options |= DNS_ZONEOPT_CHECKDUPRR;
  185. zone_options |= DNS_ZONEOPT_CHECKDUPRRFAIL;
  186. } else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
  187. zone_options &= ~DNS_ZONEOPT_CHECKDUPRR;
  188. zone_options &= ~DNS_ZONEOPT_CHECKDUPRRFAIL;
  189. } else
  190. INSIST(0);
  191. } else {
  192. zone_options |= DNS_ZONEOPT_CHECKDUPRR;
  193. zone_options &= ~DNS_ZONEOPT_CHECKDUPRRFAIL;
  194. }
  195. obj = NULL;
  196. if (get_maps(maps, "check-mx", &obj)) {
  197. if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
  198. zone_options |= DNS_ZONEOPT_CHECKMX;
  199. zone_options &= ~DNS_ZONEOPT_CHECKMXFAIL;
  200. } else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
  201. zone_options |= DNS_ZONEOPT_CHECKMX;
  202. zone_options |= DNS_ZONEOPT_CHECKMXFAIL;
  203. } else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
  204. zone_options &= ~DNS_ZONEOPT_CHECKMX;
  205. zone_options &= ~DNS_ZONEOPT_CHECKMXFAIL;
  206. } else
  207. INSIST(0);
  208. } else {
  209. zone_options |= DNS_ZONEOPT_CHECKMX;
  210. zone_options &= ~DNS_ZONEOPT_CHECKMXFAIL;
  211. }
  212. obj = NULL;
  213. if (get_maps(maps, "check-integrity", &obj)) {
  214. if (cfg_obj_asboolean(obj))
  215. zone_options |= DNS_ZONEOPT_CHECKINTEGRITY;
  216. else
  217. zone_options &= ~DNS_ZONEOPT_CHECKINTEGRITY;
  218. } else
  219. zone_options |= DNS_ZONEOPT_CHECKINTEGRITY;
  220. obj = NULL;
  221. if (get_maps(maps, "check-mx-cname", &obj)) {
  222. if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
  223. zone_options |= DNS_ZONEOPT_WARNMXCNAME;
  224. zone_options &= ~DNS_ZONEOPT_IGNOREMXCNAME;
  225. } else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
  226. zone_options &= ~DNS_ZONEOPT_WARNMXCNAME;
  227. zone_options &= ~DNS_ZONEOPT_IGNOREMXCNAME;
  228. } else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
  229. zone_options |= DNS_ZONEOPT_WARNMXCNAME;
  230. zone_options |= DNS_ZONEOPT_IGNOREMXCNAME;
  231. } else
  232. INSIST(0);
  233. } else {
  234. zone_options |= DNS_ZONEOPT_WARNMXCNAME;
  235. zone_options &= ~DNS_ZONEOPT_IGNOREMXCNAME;
  236. }
  237. obj = NULL;
  238. if (get_maps(maps, "check-srv-cname", &obj)) {
  239. if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
  240. zone_options |= DNS_ZONEOPT_WARNSRVCNAME;
  241. zone_options &= ~DNS_ZONEOPT_IGNORESRVCNAME;
  242. } else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
  243. zone_options &= ~DNS_ZONEOPT_WARNSRVCNAME;
  244. zone_options &= ~DNS_ZONEOPT_IGNORESRVCNAME;
  245. } else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
  246. zone_options |= DNS_ZONEOPT_WARNSRVCNAME;
  247. zone_options |= DNS_ZONEOPT_IGNORESRVCNAME;
  248. } else
  249. INSIST(0);
  250. } else {
  251. zone_options |= DNS_ZONEOPT_WARNSRVCNAME;
  252. zone_options &= ~DNS_ZONEOPT_IGNORESRVCNAME;
  253. }
  254. obj = NULL;
  255. if (get_maps(maps, "check-sibling", &obj)) {
  256. if (cfg_obj_asboolean(obj))
  257. zone_options |= DNS_ZONEOPT_CHECKSIBLING;
  258. else
  259. zone_options &= ~DNS_ZONEOPT_CHECKSIBLING;
  260. }
  261. obj = NULL;
  262. if (get_checknames(maps, &obj)) {
  263. if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
  264. zone_options |= DNS_ZONEOPT_CHECKNAMES;
  265. zone_options &= ~DNS_ZONEOPT_CHECKNAMESFAIL;
  266. } else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
  267. zone_options |= DNS_ZONEOPT_CHECKNAMES;
  268. zone_options |= DNS_ZONEOPT_CHECKNAMESFAIL;
  269. } else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
  270. zone_options &= ~DNS_ZONEOPT_CHECKNAMES;
  271. zone_options &= ~DNS_ZONEOPT_CHECKNAMESFAIL;
  272. } else
  273. INSIST(0);
  274. } else {
  275. zone_options |= DNS_ZONEOPT_CHECKNAMES;
  276. zone_options |= DNS_ZONEOPT_CHECKNAMESFAIL;
  277. }
  278. masterformat = dns_masterformat_text;
  279. fmtobj = NULL;
  280. result = config_get(maps, "masterfile-format", &fmtobj);
  281. if (result == ISC_R_SUCCESS) {
  282. const char *masterformatstr = cfg_obj_asstring(fmtobj);
  283. if (strcasecmp(masterformatstr, "text") == 0)
  284. masterformat = dns_masterformat_text;
  285. else if (strcasecmp(masterformatstr, "raw") == 0)
  286. masterformat = dns_masterformat_raw;
  287. else
  288. INSIST(0);
  289. }
  290. result = load_zone(mctx, zname, zfile, masterformat, zclass, NULL);
  291. if (result != ISC_R_SUCCESS)
  292. fprintf(stderr, "%s/%s/%s: %s\n", view, zname, zclass,
  293. dns_result_totext(result));
  294. return(result);
  295. }
  296. /*% configure a view */
  297. static isc_result_t
  298. configure_view(const char *vclass, const char *view, const cfg_obj_t *config,
  299. const cfg_obj_t *vconfig, isc_mem_t *mctx)
  300. {
  301. const cfg_listelt_t *element;
  302. const cfg_obj_t *voptions;
  303. const cfg_obj_t *zonelist;
  304. isc_result_t result = ISC_R_SUCCESS;
  305. isc_result_t tresult;
  306. voptions = NULL;
  307. if (vconfig != NULL)
  308. voptions = cfg_tuple_get(vconfig, "options");
  309. zonelist = NULL;
  310. if (voptions != NULL)
  311. (void)cfg_map_get(voptions, "zone", &zonelist);
  312. else
  313. (void)cfg_map_get(config, "zone", &zonelist);
  314. for (element = cfg_list_first(zonelist);
  315. element != NULL;
  316. element = cfg_list_next(element))
  317. {
  318. const cfg_obj_t *zconfig = cfg_listelt_value(element);
  319. tresult = configure_zone(vclass, view, zconfig, vconfig,
  320. config, mctx);
  321. if (tresult != ISC_R_SUCCESS)
  322. result = tresult;
  323. }
  324. return (result);
  325. }
  326. /*% load zones from the configuration */
  327. static isc_result_t
  328. load_zones_fromconfig(const cfg_obj_t *config, isc_mem_t *mctx) {
  329. const cfg_listelt_t *element;
  330. const cfg_obj_t *classobj;
  331. const cfg_obj_t *views;
  332. const cfg_obj_t *vconfig;
  333. const char *vclass;
  334. isc_result_t result = ISC_R_SUCCESS;
  335. isc_result_t tresult;
  336. views = NULL;
  337. (void)cfg_map_get(config, "view", &views);
  338. for (element = cfg_list_first(views);
  339. element != NULL;
  340. element = cfg_list_next(element))
  341. {
  342. const char *vname;
  343. vclass = "IN";
  344. vconfig = cfg_listelt_value(element);
  345. if (vconfig != NULL) {
  346. classobj = cfg_tuple_get(vconfig, "class");
  347. if (cfg_obj_isstring(classobj))
  348. vclass = cfg_obj_asstring(classobj);
  349. }
  350. vname = cfg_obj_asstring(cfg_tuple_get(vconfig, "name"));
  351. tresult = configure_view(vclass, vname, config, vconfig, mctx);
  352. if (tresult != ISC_R_SUCCESS)
  353. result = tresult;
  354. }
  355. if (views == NULL) {
  356. tresult = configure_view("IN", "_default", config, NULL, mctx);
  357. if (tresult != ISC_R_SUCCESS)
  358. result = tresult;
  359. }
  360. return (result);
  361. }
  362. static void
  363. output(void *closure, const char *text, int textlen) {
  364. UNUSED(closure);
  365. if (fwrite(text, 1, textlen, stdout) != (size_t)textlen) {
  366. perror("fwrite");
  367. exit(1);
  368. }
  369. }
  370. /*% The main processing routine */
  371. int
  372. main(int argc, char **argv) {
  373. int c;
  374. cfg_parser_t *parser = NULL;
  375. cfg_obj_t *config = NULL;
  376. const char *conffile = NULL;
  377. isc_mem_t *mctx = NULL;
  378. isc_result_t result;
  379. int exit_status = 0;
  380. isc_entropy_t *ectx = NULL;
  381. isc_boolean_t load_zones = ISC_FALSE;
  382. isc_boolean_t print = ISC_FALSE;
  383. isc_commandline_errprint = ISC_FALSE;
  384. while ((c = isc_commandline_parse(argc, argv, "dhjt:pvz")) != EOF) {
  385. switch (c) {
  386. case 'd':
  387. debug++;
  388. break;
  389. case 'j':
  390. nomerge = ISC_FALSE;
  391. break;
  392. case 't':
  393. result = isc_dir_chroot(isc_commandline_argument);
  394. if (result != ISC_R_SUCCESS) {
  395. fprintf(stderr, "isc_dir_chroot: %s\n",
  396. isc_result_totext(result));
  397. exit(1);
  398. }
  399. break;
  400. case 'p':
  401. print = ISC_TRUE;
  402. break;
  403. case 'v':
  404. printf(VERSION "\n");
  405. exit(0);
  406. case 'z':
  407. load_zones = ISC_TRUE;
  408. docheckmx = ISC_FALSE;
  409. docheckns = ISC_FALSE;
  410. dochecksrv = ISC_FALSE;
  411. break;
  412. case '?':
  413. if (isc_commandline_option != '?')
  414. fprintf(stderr, "%s: invalid argument -%c\n",
  415. program, isc_commandline_option);
  416. case 'h':
  417. usage();
  418. default:
  419. fprintf(stderr, "%s: unhandled option -%c\n",
  420. program, isc_commandline_option);
  421. exit(1);
  422. }
  423. }
  424. if (isc_commandline_index + 1 < argc)
  425. usage();
  426. if (argv[isc_commandline_index] != NULL)
  427. conffile = argv[isc_commandline_index];
  428. if (conffile == NULL || conffile[0] == '\0')
  429. conffile = NAMED_CONFFILE;
  430. #ifdef _WIN32
  431. InitSockets();
  432. #endif
  433. RUNTIME_CHECK(isc_mem_create(0, 0, &mctx) == ISC_R_SUCCESS);
  434. RUNTIME_CHECK(setup_logging(mctx, stdout, &logc) == ISC_R_SUCCESS);
  435. RUNTIME_CHECK(isc_entropy_create(mctx, &ectx) == ISC_R_SUCCESS);
  436. RUNTIME_CHECK(isc_hash_create(mctx, ectx, DNS_NAME_MAXWIRE)
  437. == ISC_R_SUCCESS);
  438. dns_result_register();
  439. RUNTIME_CHECK(cfg_parser_create(mctx, logc, &parser) == ISC_R_SUCCESS);
  440. cfg_parser_setcallback(parser, directory_callback, NULL);
  441. if (cfg_parse_file(parser, conffile, &cfg_type_namedconf, &config) !=
  442. ISC_R_SUCCESS)
  443. exit(1);
  444. result = bind9_check_namedconf(config, logc, mctx);
  445. if (result != ISC_R_SUCCESS)
  446. exit_status = 1;
  447. if (result == ISC_R_SUCCESS && load_zones) {
  448. result = load_zones_fromconfig(config, mctx);
  449. if (result != ISC_R_SUCCESS)
  450. exit_status = 1;
  451. }
  452. if (print && exit_status == 0)
  453. cfg_print(config, output, NULL);
  454. cfg_obj_destroy(parser, &config);
  455. cfg_parser_destroy(&parser);
  456. dns_name_destroy();
  457. isc_log_destroy(&logc);
  458. isc_hash_destroy();
  459. isc_entropy_detach(&ectx);
  460. isc_mem_destroy(&mctx);
  461. #ifdef _WIN32
  462. DestroySockets();
  463. #endif
  464. return (exit_status);
  465. }