From: Mark Andrews <marka@isc.org>
Date: Wed, 9 Nov 2022 09:50:32 +0000 (+0000)
Subject: named-checkzone -z ignored the check-wildcard option
X-Git-Tag: v9.19.8~54^2~1
X-Git-Url: http://git.ipfire.org/gitweb/index.cgi?a=commitdiff_plain;h=dfc5c1e018e1cd1219987fb7d910acbdbb11f035;p=thirdparty%2Fbind9.git

named-checkzone -z ignored the check-wildcard option

Lookup and set the wildcard option according to the configuration
settings.  The default is on as per bin/named/config.c.
---

diff --git a/CHANGES b/CHANGES
index ffd0ecefae3..a24986339e3 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,6 @@
+6020.	[bug]		Ensure 'named-checkconf -z' respects the check-wildcard
+			option when loading a zone.  [GL #1905]
+
 6019.	[func]		Deprecate `coresize`, `datasize`, `files`, and
 			`stacksize` named.conf options. [GL #3676]
 
diff --git a/bin/check/named-checkconf.c b/bin/check/named-checkconf.c
index a95bddbea7a..cb844f2bea9 100644
--- a/bin/check/named-checkconf.c
+++ b/bin/check/named-checkconf.c
@@ -412,6 +412,17 @@ configure_zone(const char *vclass, const char *view, const cfg_obj_t *zconfig,
 		zone_options |= DNS_ZONEOPT_CHECKSVCB;
 	}
 
+	obj = NULL;
+	if (get_maps(maps, "check-wildcard", &obj)) {
+		if (cfg_obj_asboolean(obj)) {
+			zone_options |= DNS_ZONEOPT_CHECKWILDCARD;
+		} else {
+			zone_options &= ~DNS_ZONEOPT_CHECKWILDCARD;
+		}
+	} else {
+		zone_options |= DNS_ZONEOPT_CHECKWILDCARD;
+	}
+
 	obj = NULL;
 	if (get_checknames(maps, &obj)) {
 		if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {