From: Evan Hunt Date: Sat, 27 Sep 2025 04:59:52 +0000 (-0700) Subject: make "origin" optional for forward zones X-Git-Tag: v9.21.14~13^2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a8f2f41013b5d35400cd8e5e8a558b21167a9286;p=thirdparty%2Fbind9.git make "origin" optional for forward zones The "origin" parameter for synthrecord is now mandatory for reverse zones, but when configured in a non-reverse zone, it will default to the zone name. --- diff --git a/bin/plugins/synthrecord.c b/bin/plugins/synthrecord.c index 06200381bc7..91478259940 100644 --- a/bin/plugins/synthrecord.c +++ b/bin/plugins/synthrecord.c @@ -422,6 +422,8 @@ synthrecord_initprefix(synthrecord_t *inst, const cfg_obj_t *synthrecordcfg) { result = cfg_map_get(synthrecordcfg, "prefix", &obj); if (result != ISC_R_SUCCESS) { + isc_log_write(NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_HOOKS, + ISC_LOG_ERROR, "synthrecord: prefix not found"); return result; } @@ -452,33 +454,42 @@ synthrecord_initprefix(synthrecord_t *inst, const cfg_obj_t *synthrecordcfg) { } static isc_result_t -synthrecord_initorigin(synthrecord_t *inst, const cfg_obj_t *synthrecordcfg) { +synthrecord_initorigin(synthrecord_t *inst, const cfg_obj_t *synthrecordcfg, + const dns_name_t *zname) { isc_result_t result; const cfg_obj_t *obj = NULL; const char *originstr = NULL; result = cfg_map_get(synthrecordcfg, "origin", &obj); - if (result != ISC_R_SUCCESS) { + if (inst->mode == REVERSE && result != ISC_R_SUCCESS) { + isc_log_write(NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_HOOKS, + ISC_LOG_ERROR, + "'origin' must be set when configuring " + "'synthrecord' for a reverse zone"); return result; } - originstr = cfg_obj_asstring(obj); dns_name_init(&inst->origin); - result = dns_name_fromstring(&inst->origin, originstr, NULL, 0, - inst->mctx); - if (result != ISC_R_SUCCESS) { - return result; - } + if (result == ISC_R_SUCCESS) { + originstr = cfg_obj_asstring(obj); + result = dns_name_fromstring(&inst->origin, originstr, NULL, 0, + inst->mctx); + if (result != ISC_R_SUCCESS) { + return result; + } - if (!dns_name_isabsolute(&inst->origin)) { - isc_log_write(NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_HOOKS, - ISC_LOG_ERROR, - "synthrecord: origin '%s' is not absolute", - originstr); - return ISC_R_FAILURE; + if (!dns_name_isabsolute(&inst->origin)) { + isc_log_write(NS_LOGCATEGORY_GENERAL, + NS_LOGMODULE_HOOKS, ISC_LOG_ERROR, + "synthrecord: origin '%s' not absolute", + originstr); + return ISC_R_FAILURE; + } + } else { + dns_name_dup(zname, inst->mctx, &inst->origin); } - return result; + return ISC_R_SUCCESS; } static void @@ -571,7 +582,7 @@ synthrecord_parseconfig(synthrecord_t *inst, const char *parameters, &synthrecord_cfgparams, 0, &synthrecordcfg)); synthrecord_setconfigmode(inst, zname); - CHECK(synthrecord_initorigin(inst, synthrecordcfg)); + CHECK(synthrecord_initorigin(inst, synthrecordcfg, zname)); CHECK(synthrecord_initprefix(inst, synthrecordcfg)); CHECK(synthrecord_parseallowsynth(inst, cfg, aclctx, synthrecordcfg)); CHECK(synthrecord_parsettl(inst, synthrecordcfg)); diff --git a/bin/plugins/synthrecord.rst b/bin/plugins/synthrecord.rst index 044bd2d93d2..df0a8d57a80 100644 --- a/bin/plugins/synthrecord.rst +++ b/bin/plugins/synthrecord.rst @@ -108,17 +108,15 @@ and an A query for ``dynamic-192-168-1-5.example`` would receive Parameters ~~~~~~~~~~ -The following parameters are mandatory: - ``prefix`` Specifies the prefix of the synthesized name. It must be a single-label - name. + name. This parameter is mandatory. ``origin`` Specifies the origin of the synthesized name. This may be the same as the zone origin, or a descendent. It cannot be below a delegation point. - -The following parameters are optional: + This parameter is mandatory for reverse zones, but when configured in + forward mode, it defaults to the zone name. ``allow-synth`` This option is an address-match list, which can be used to restrict diff --git a/bin/tests/system/synthrecord/conf/bad-reverse-missing-origin.conf.j2 b/bin/tests/system/synthrecord/conf/bad-reverse-missing-origin.conf.j2 new file mode 100644 index 00000000000..94ca7c668f6 --- /dev/null +++ b/bin/tests/system/synthrecord/conf/bad-reverse-missing-origin.conf.j2 @@ -0,0 +1,21 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +zone 10.in-addr.arpa { + type primary; + file "file"; + plugin query "@TOP_BUILDDIR@/synthrecord.so" { + prefix "dynamic-"; + ttl 60; + }; +}; diff --git a/bin/tests/system/synthrecord/conf/bad-forward-missing-origin.conf.j2 b/bin/tests/system/synthrecord/conf/good-forward-missing-origin.conf.j2 similarity index 100% rename from bin/tests/system/synthrecord/conf/bad-forward-missing-origin.conf.j2 rename to bin/tests/system/synthrecord/conf/good-forward-missing-origin.conf.j2