1195. [bug] Attempts to redefine builtin acls should be caught.

                        [RT #2403]

diff --git a/CHANGES b/CHANGES
index 64dd63b1f6745e7f3cd865b0a64dcbcf423a66e5..a04dd1312afe3cdec40a260a7edb1f780f3c865c 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,6 @@
+1195.  [bug]           Attempts to redefine builtin acls should be caught.
+                       [RT #2403]
+
 1194.  [bug]           Not all duplicate zone definitions were being detected
                        at the named.conf checking stage. [RT #2431]
 

diff --git a/lib/bind9/check.c b/lib/bind9/check.c
index 5143415f40739b199c16e9f9cf22e9379e586a4d..ee20422537523458d2b2156b08e0e653df0ea6d9 100644 (file)
--- a/lib/bind9/check.c
+++ b/lib/bind9/check.c
@@ -15,7 +15,7 @@
  * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: check.c,v 1.17 2002/02/06 05:58:06 marka Exp $ */
+/* $Id: check.c,v 1.18 2002/02/06 06:45:40 marka Exp $ */
 
 #include <config.h>
 
@@ -510,11 +510,15 @@ isc_result_t
 bind9_check_namedconf(cfg_obj_t *config, isc_log_t *logctx, isc_mem_t *mctx) {
        cfg_obj_t *options = NULL;
        cfg_obj_t *views = NULL;
+       cfg_obj_t *acls = NULL;
        cfg_obj_t *obj;
        cfg_listelt_t *velement;
        isc_result_t result = ISC_R_SUCCESS;
        isc_result_t tresult;
 
+       static const char *builtin[] = { "localhost", "localnets",
+                                        "any", "none", 0 };
+
        (void)cfg_map_get(config, "options", &options);
 
        if (options != NULL &&
@@ -579,5 +583,29 @@ bind9_check_namedconf(cfg_obj_t *config, isc_log_t *logctx, isc_mem_t *mctx) {
                }
        }
 
+        tresult = cfg_map_get(config, "acl", &acls);
+        if (tresult == ISC_R_SUCCESS) {
+               cfg_listelt_t *elt;
+               const char *aclname;
+
+               for (elt = cfg_list_first(acls);
+                    elt != NULL;
+                    elt = cfg_list_next(elt)) {
+                       cfg_obj_t *acl = cfg_listelt_value(elt);
+                       int i;
+
+                       aclname = cfg_obj_asstring(cfg_tuple_get(acl, "name"));
+                       for (i = 0; builtin[i] != NULL; i++)
+                               if (strcasecmp(aclname, builtin[i]) == 0) {
+                                       cfg_obj_log(acl, logctx, ISC_LOG_ERROR,
+                                                   "attempt to redefine "
+                                                   "builtin acl '%s'",
+                                                   aclname);
+                                       result = ISC_R_FAILURE;
+                                       break;
+                               }
+               }
+       }
+
        return (result);
 }