bool hasNsAtApex = false;
set<DNSName> tlsas, cnames, noncnames, glue, checkglue, addresses, svcbAliases, httpsAliases, svcbRecords, httpsRecords;
+ vector<DNSResourceRecord> checkCNAME;
set<pair<DNSName, QType> > checkOcclusion;
set<string> recordcontents;
map<string, unsigned int> ttl;
noncnames.insert(rr.qname);
}
+ if (rr.qtype == QType::MX || rr.qtype == QType::NS || rr.qtype == QType::SRV) {
+ checkCNAME.push_back(rr);
+ }
+
if(rr.qtype.getCode() == QType::NSEC || rr.qtype.getCode() == QType::NSEC3)
{
cout<<"[Error] NSEC or NSEC3 found at '"<<rr.qname<<"'. These do not belong in the database."<<endl;
}
}
+ for (auto const &rr : checkCNAME) {
+ DNSName target;
+ shared_ptr<DNSRecordContent> drc(DNSRecordContent::mastermake(rr.qtype.getCode(), QClass::IN, rr.content));
+ switch (rr.qtype) {
+ case QType::MX:
+ target = std::dynamic_pointer_cast<MXRecordContent>(drc)->d_mxname;
+ break;
+ case QType::SRV:
+ target = std::dynamic_pointer_cast<SRVRecordContent>(drc)->d_target;
+ break;
+ case QType::NS:
+ target = std::dynamic_pointer_cast<NSRecordContent>(drc)->getNS();
+ break;
+ default:
+ // programmer error, but let's not abort() :)
+ break;
+ }
+ if (target.isPartOf(zone) && cnames.count(target) != 0) {
+ cout<<"[Warning] '" << rr.qname << "|" << rr.qtype.getName() << " has a target (" << target << ") that is a CNAME." << endl;
+ numwarnings++;
+ }
+ }
+
bool ok, ds_ns, done;
for( const auto &rr : records ) {
ok = ( rr.auth == 1 );
projects / thirdparty / pdns.git / commitdiff
