From 3dc206c721cb70f659c8dc7ccd9df1ec26b72134 Mon Sep 17 00:00:00 2001 From: Wouter Wijngaards Date: Tue, 22 Aug 2017 07:43:59 +0000 Subject: [PATCH] - Fix #1407: Add ECS options check to unbound-checkconf. git-svn-id: file:///svn/unbound/trunk@4307 be551aaa-1e26-0410-a405-d3ace91eadb9 --- doc/Changelog | 3 +++ smallapp/unbound-checkconf.c | 20 ++++++++++++++++++++ 2 files changed, 23 insertions(+) diff --git a/doc/Changelog b/doc/Changelog index 140408c17..809aa0536 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -1,3 +1,6 @@ +23 August 2017: Wouter + - Fix #1407: Add ECS options check to unbound-checkconf. + 22 August 2017: Wouter - Fix install of trust anchor when two anchors are present, makes both valid. Checks hash of DS but not signature of new key. This fixes diff --git a/smallapp/unbound-checkconf.c b/smallapp/unbound-checkconf.c index 2088a8c61..849bb96ef 100644 --- a/smallapp/unbound-checkconf.c +++ b/smallapp/unbound-checkconf.c @@ -71,6 +71,9 @@ #ifdef WITH_PYTHONMODULE #include "pythonmod/pythonmod.h" #endif +#ifdef CLIENT_SUBNET +#include "edns-subnet/subnet-whitelist.h" +#endif /** Give checkconf usage, and exit (1). */ static void @@ -345,6 +348,20 @@ check_chroot_filelist_wild(const char* desc, struct config_strlist* list, } } +#ifdef CLIENT_SUBNET +/** check ECS configuration */ +static void +ecs_conf_checks(struct config_file* cfg) +{ + struct ecs_whitelist* whitelist = NULL; + if(!(whitelist = ecs_whitelist_create())) + fatal_exit("Could not create ednssubnet whitelist: out of memory"); + if(!ecs_whitelist_apply_cfg(whitelist, cfg)) + fatal_exit("Could not setup ednssubnet whitelist"); + ecs_whitelist_delete(whitelist); +} +#endif /* CLIENT_SUBNET */ + /** check configuration for errors */ static void morechecks(struct config_file* cfg, const char* fname) @@ -527,6 +544,9 @@ morechecks(struct config_file* cfg, const char* fname) localzonechecks(cfg); view_and_respipchecks(cfg); +#ifdef CLIENT_SUBNET + ecs_conf_checks(cfg); +#endif } /** check forwards */ -- 2.47.3