+3694. [bug] Warn when a key-directory is configured for a zone,
+ but does not exist or is not a directory. [RT #35109]
+
3693. [security] memcpy was incorrectly called with overlapping
ranges resulting in malformed names being generated
on some platforms. This could cause INSIST failures
# $Id: clean.sh,v 1.2 2011/05/07 05:55:17 each Exp $
rm -f good.conf.in good.conf.out badzero.conf
+rm -rf test.keydir
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
+echo "I: checking for missing key directory warning"
+ret=0
+rm -rf test.keydir
+n=`$CHECKCONF warn-keydir.conf 2>&1 | grep "'test.keydir' does not exist" | wc -l`
+[ $n -eq 1 ] || ret=1
+touch test.keydir
+n=`$CHECKCONF warn-keydir.conf 2>&1 | grep "'test.keydir' is not a directory" | wc -l`
+[ $n -eq 1 ] || ret=1
+rm -f test.keydir
+mkdir test.keydir
+n=`$CHECKCONF warn-keydir.conf 2>&1 | grep "key-directory" | wc -l`
+[ $n -eq 0 ] || ret=1
+rm -rf test.keydir
+if [ $ret != 0 ]; then echo "I:failed"; fi
+status=`expr $status + $ret`
+
echo "I:exit status: $status"
exit $status
--- /dev/null
+/*
+ * Copyright (C) 2013 Internet Systems Consortium, Inc. ("ISC")
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+ * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+ * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+ * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+ * PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * key-directory defined but doesn't exist.
+ */
+options {
+ directory ".";
+};
+
+zone dummy {
+ type master;
+ file "xxxx";
+ key-directory "test.keydir";
+};
#include <isc/base64.h>
#include <isc/buffer.h>
+#include <isc/file.h>
#include <isc/log.h>
#include <isc/mem.h>
#include <isc/netaddr.h>
}
}
+ /*
+ * Warn if key-directory doesn't exist
+ */
+ obj = NULL;
+ tresult = cfg_map_get(zoptions, "key-directory", &obj);
+ if (tresult == ISC_R_SUCCESS) {
+ const char *dir = cfg_obj_asstring(obj);
+ tresult = isc_file_isdirectory(dir);
+ switch (tresult) {
+ case ISC_R_SUCCESS:
+ break;
+ case ISC_R_FILENOTFOUND:
+ cfg_obj_log(obj, logctx, ISC_LOG_WARNING,
+ "key-directory: '%s' does not exist",
+ dir);
+ break;
+ case ISC_R_INVALIDFILE:
+ cfg_obj_log(obj, logctx, ISC_LOG_WARNING,
+ "key-directory: '%s' is not a directory",
+ dir);
+ break;
+ default:
+ cfg_obj_log(obj, logctx, ISC_LOG_WARNING,
+ "key-directory: '%s' %s",
+ dir, isc_result_totext(tresult));
+ result = tresult;
+ }
+ }
+
/*
* Check various options.
*/
projects / thirdparty / bind9.git / commitdiff
