Check if key-store directory exists

author Matthijs Mekking <matthijs@isc.org>

Wed, 9 Feb 2022 11:19:06 +0000 (12:19 +0100)

committer Matthijs Mekking <matthijs@isc.org>

Thu, 25 Jan 2024 13:38:12 +0000 (14:38 +0100)
author Matthijs Mekking <matthijs@isc.org>
Wed, 9 Feb 2022 11:19:06 +0000 (12:19 +0100)
committer Matthijs Mekking <matthijs@isc.org>
Thu, 25 Jan 2024 13:38:12 +0000 (14:38 +0100)
diff --git a/bin/tests/system/checkconf/tests.sh b/bin/tests/system/checkconf/tests.sh

index d3289015d2f29cce117e9bd9edb7ae8f1896d54c..74361fa9cb55d1381f5ebb2d8e6a927f112ac559 100644 (file)
--- a/bin/tests/system/checkconf/tests.sh
+++ b/bin/tests/system/checkconf/tests.sh
@@ -300,20 +300,32 @@ n=$((n + 1))
  echo_i "checking for missing key directory warning ($n)"
  ret=0
  rm -rf test.keydir
+rm -rf test.keystoredir
  $CHECKCONF warn-keydir.conf >checkconf.out$n.1 2>&1
  l=$(grep "'test.keydir' does not exist" <checkconf.out$n.1 | wc -l)
  [ $l -eq 1 ] || ret=1
+l=$(grep "'test.keystoredir' does not exist" <checkconf.out$n.1 | wc -l)
+[ $l -eq 1 ] || ret=1
  touch test.keydir
+touch test.keystoredir
  $CHECKCONF warn-keydir.conf >checkconf.out$n.2 2>&1
  l=$(grep "'test.keydir' is not a directory" <checkconf.out$n.2 | wc -l)
  [ $l -eq 1 ] || ret=1
+l=$(grep "'test.keystoredir' is not a directory" <checkconf.out$n.2 | wc -l)
+[ $l -eq 1 ] || ret=1
  rm -f test.keydir
+rm -f test.keystoredir
  mkdir test.keydir
+mkdir test.keystoredir
  $CHECKCONF warn-keydir.conf >checkconf.out$n.3 2>&1
  l=$(grep "key-directory" <checkconf.out$n.3 | wc -l)
  [ $l -eq 0 ] || ret=1
+l=$(grep "key-store directory" <checkconf.out$n.3 | wc -l)
+[ $l -eq 0 ] || ret=1
  rm -rf test.keydir
+rm -rf test.keystoredir
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
+status=$((status + ret))
  
  n=$((n + 1))
  echo_i "checking that named-checkconf -z catches conflicting ttl with max-ttl ($n)"
diff --git a/bin/tests/system/checkconf/warn-keydir.conf b/bin/tests/system/checkconf/warn-keydir.conf

index 960007149b761d3bfceac20f03c1ddbd0d7ea2a3..abcdbc8dfd8fc94b4bac3f6f519bf69611d1e481 100644 (file)
--- a/bin/tests/system/checkconf/warn-keydir.conf
+++ b/bin/tests/system/checkconf/warn-keydir.conf
@@ -18,6 +18,10 @@ options {
         directory ".";
  };
  
+key-store "test" {
+       directory "test.keystoredir";
+};
+
  zone dummy {
         type primary;
         file "xxxx";
diff --git a/lib/isccfg/check.c b/lib/isccfg/check.c

index 5929b27888dd88a0a9ae96162c9557e72ce1a4f8..78474c0581a520d1b78197031b06d2d902729f40 100644 (file)
--- a/lib/isccfg/check.c
+++ b/lib/isccfg/check.c
@@ -1384,14 +1384,17 @@ check_options(const cfg_obj_t *options, const cfg_obj_t *config,
                              element = cfg_list_next(element))
                         {
                                 isc_result_t ret;
-                               const char *name;
+                               const char *val;
                                 cfg_obj_t *kconfig = cfg_listelt_value(element);
+                               const cfg_obj_t *kopt;
+                               const cfg_obj_t *kobj = NULL;
                                 if (!cfg_obj_istuple(kconfig)) {
                                         continue;
                                 }
-                               name = cfg_obj_asstring(cfg_tuple_get(
-                                       cfg_listelt_value(element), "name"));
-                               if (strcmp(DNS_KEYSTORE_KEYDIRECTORY, name) == 0) {
+                               val = cfg_obj_asstring(
+                                       cfg_tuple_get(kconfig, "name"));
+                               if (strcmp(DNS_KEYSTORE_KEYDIRECTORY, val) == 0)
+                               {
                                         cfg_obj_log(obj, logctx, ISC_LOG_ERROR,
                                                     "name '%s' not allowed",
                                                     DNS_KEYSTORE_KEYDIRECTORY);
@@ -1400,6 +1403,45 @@ check_options(const cfg_obj_t *options, const cfg_obj_t *config,
                                         }
                                 }
  
+                               kopt = cfg_tuple_get(kconfig, "options");
+                               if (cfg_map_get(kopt, "directory", &kobj) ==
+                                   ISC_R_SUCCESS) {
+                                       val = cfg_obj_asstring(kobj);
+                                       ret = isc_file_isdirectory(val);
+                                       switch (ret) {
+                                       case ISC_R_SUCCESS:
+                                               break;
+                                       case ISC_R_FILENOTFOUND:
+                                               cfg_obj_log(
+                                                       obj, logctx,
+                                                       ISC_LOG_WARNING,
+                                                       "key-store directory: "
+                                                       "'%s' does not exist",
+                                                       val);
+                                               break;
+                                       case ISC_R_INVALIDFILE:
+                                               cfg_obj_log(
+                                                       obj, logctx,
+                                                       ISC_LOG_WARNING,
+                                                       "key-store directory: "
+                                                       "'%s' is not a "
+                                                       "directory",
+                                                       val);
+                                               break;
+                                       default:
+                                               cfg_obj_log(
+                                                       obj, logctx,
+                                                       ISC_LOG_WARNING,
+                                                       "key-store directory: "
+                                                       "'%s' %s",
+                                                       val,
+                                                       isc_result_totext(ret));
+                                               if (result == ISC_R_SUCCESS) {
+                                                       result = ret;
+                                               }
+                                       }
+                               }
+
                                 ret = cfg_keystore_fromconfig(
                                         kconfig, mctx, logctx, &kslist, &ks);
                                 if (ret != ISC_R_SUCCESS) {
author	Matthijs Mekking <matthijs@isc.org>
	Wed, 9 Feb 2022 11:19:06 +0000 (12:19 +0100)
committer	Matthijs Mekking <matthijs@isc.org>
	Thu, 25 Jan 2024 13:38:12 +0000 (14:38 +0100)
bin/tests/system/checkconf/tests.sh		patch \| blob \| blame \| history
bin/tests/system/checkconf/warn-keydir.conf		patch \| blob \| blame \| history
lib/isccfg/check.c		patch \| blob \| blame \| history