From: Mark Andrews Date: Thu, 6 Sep 2018 09:36:17 +0000 (+1000) Subject: check that name field is not a valid type X-Git-Tag: v9.13.4~153^2~6 X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=5fb75a3d75946fbdb3cd1ed3229b81724a1d40f3;p=thirdparty%2Fbind9.git check that name field is not a valid type --- diff --git a/bin/tests/system/checkconf/tests.sh b/bin/tests/system/checkconf/tests.sh index 1b099f10418..e245f9e2e57 100644 --- a/bin/tests/system/checkconf/tests.sh +++ b/bin/tests/system/checkconf/tests.sh @@ -54,10 +54,14 @@ do pat="identity and name fields are not the same" grep "$pat" checkconf.out > /dev/null || ret=1 ;; - bad-update-policy*.conf) + bad-update-policy[4589].conf) pat="name field not set to placeholder value" grep "$pat" checkconf.out > /dev/null || ret=1 ;; + bad-update-policy[67].conf) + pat="missing name field type '.*' found" + grep "$pat" checkconf.out > /dev/null || ret=1 + ;; esac if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` diff --git a/lib/bind9/check.c b/lib/bind9/check.c index 9f059dc17ab..2e5de8e1e96 100644 --- a/lib/bind9/check.c +++ b/lib/bind9/check.c @@ -1745,6 +1745,8 @@ check_update_policy(const cfg_obj_t *policy, isc_log_t *logctx) { dns_fixedname_t fixed_id, fixed_name; dns_name_t *id, *name; const char *str; + isc_textregion_t r; + dns_rdatatype_t type; /* Check for "update-policy local;" */ if (cfg_obj_isstring(policy) && @@ -1782,12 +1784,16 @@ check_update_policy(const cfg_obj_t *policy, isc_log_t *logctx) { } /* - * There is no name field for subzone. + * There is no name field for subzone and dname is void */ - if (tresult == ISC_R_SUCCESS && - mtype != dns_ssumatchtype_subdomain) + if (mtype == dns_ssumatchtype_subdomain && + cfg_obj_isvoid(dname)) { + str = "."; /* Use "." as a replacement. */ + } else { str = cfg_obj_asstring(dname); + } + if (tresult == ISC_R_SUCCESS) { tresult = dns_name_fromstring(name, str, 0, NULL); if (tresult != ISC_R_SUCCESS) { cfg_obj_log(dname, logctx, ISC_LOG_ERROR, @@ -1835,12 +1841,24 @@ check_update_policy(const cfg_obj_t *policy, isc_log_t *logctx) { } break; case dns_ssumatchtype_name: - case dns_ssumatchtype_subdomain: + case dns_ssumatchtype_subdomain: /* also zonesub */ case dns_ssumatchtype_subdomainms: case dns_ssumatchtype_subdomainkrb5: case dns_ssumatchtype_wildcard: case dns_ssumatchtype_external: case dns_ssumatchtype_local: + if (tresult == ISC_R_SUCCESS) { + DE_CONST(str, r.base); + r.length = strlen(str); + tresult = dns_rdatatype_fromtext(&type, &r); + } + if (tresult == ISC_R_SUCCESS) { + cfg_obj_log(identity, logctx, ISC_LOG_ERROR, + "missing name field type '%s' " + "found", str); + result = ISC_R_FAILURE; + break; + } break; default: INSIST(0); @@ -1851,8 +1869,6 @@ check_update_policy(const cfg_obj_t *policy, isc_log_t *logctx) { element2 = cfg_list_next(element2)) { const cfg_obj_t *typeobj; - isc_textregion_t r; - dns_rdatatype_t type; typeobj = cfg_listelt_value(element2); DE_CONST(cfg_obj_asstring(typeobj), r.base);