2 * Copyright (C) 2004-2007, 2009-2014 Internet Systems Consortium, Inc. ("ISC")
3 * Copyright (C) 1999-2002 Internet Software Consortium.
5 * Permission to use, copy, modify, and/or distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
9 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
10 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
11 * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
12 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
13 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
14 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
15 * PERFORMANCE OF THIS SOFTWARE.
18 /* $Id: named-checkconf.c,v 1.56 2011/03/12 04:59:46 tbox Exp $ */
28 #include <isc/commandline.h>
30 #include <isc/entropy.h>
34 #include <isc/result.h>
35 #include <isc/string.h>
38 #include <isccfg/namedconf.h>
40 #include <bind9/check.h>
43 #include <dns/fixedname.h>
46 #include <dns/rdataclass.h>
47 #include <dns/result.h>
48 #include <dns/rootns.h>
51 #include "check-tool.h"
53 static const char *program = "named-checkconf";
55 isc_log_t *logc = NULL;
60 if (result != ISC_R_SUCCESS) \
65 ISC_PLATFORM_NORETURN_PRE static void
66 usage(void) ISC_PLATFORM_NORETURN_POST;
70 fprintf(stderr, "usage: %s [-h] [-j] [-p] [-v] [-z] [-t directory] "
71 "[named.conf]\n", program);
75 /*% directory callback */
77 directory_callback(const char *clausename, const cfg_obj_t *obj, void *arg) {
79 const char *directory;
81 REQUIRE(strcasecmp("directory", clausename) == 0);
89 directory = cfg_obj_asstring(obj);
90 result = isc_dir_chdir(directory);
91 if (result != ISC_R_SUCCESS) {
92 cfg_obj_log(obj, logc, ISC_LOG_ERROR,
93 "change directory to '%s' failed: %s\n",
94 directory, isc_result_totext(result));
98 return (ISC_R_SUCCESS);
102 get_maps(const cfg_obj_t **maps, const char *name, const cfg_obj_t **obj) {
107 if (cfg_map_get(maps[i], name, obj) == ISC_R_SUCCESS)
113 get_checknames(const cfg_obj_t **maps, const cfg_obj_t **obj) {
114 const cfg_listelt_t *element;
115 const cfg_obj_t *checknames;
116 const cfg_obj_t *type;
117 const cfg_obj_t *value;
125 result = cfg_map_get(maps[i], "check-names", &checknames);
126 if (result != ISC_R_SUCCESS)
128 if (checknames != NULL && !cfg_obj_islist(checknames)) {
132 for (element = cfg_list_first(checknames);
134 element = cfg_list_next(element)) {
135 value = cfg_listelt_value(element);
136 type = cfg_tuple_get(value, "type");
137 if (strcasecmp(cfg_obj_asstring(type), "master") != 0)
139 *obj = cfg_tuple_get(value, "mode");
146 configure_hint(const char *zfile, const char *zclass, isc_mem_t *mctx) {
149 dns_rdataclass_t rdclass;
153 return (ISC_R_FAILURE);
155 DE_CONST(zclass, r.base);
156 r.length = strlen(zclass);
157 result = dns_rdataclass_fromtext(&rdclass, &r);
158 if (result != ISC_R_SUCCESS)
161 result = dns_rootns_create(mctx, rdclass, zfile, &db);
162 if (result != ISC_R_SUCCESS)
166 return (ISC_R_SUCCESS);
169 /*% configure the zone */
171 configure_zone(const char *vclass, const char *view,
172 const cfg_obj_t *zconfig, const cfg_obj_t *vconfig,
173 const cfg_obj_t *config, isc_mem_t *mctx)
179 const char *zfile = NULL;
180 const cfg_obj_t *maps[4];
181 const cfg_obj_t *mastersobj = NULL;
182 const cfg_obj_t *zoptions = NULL;
183 const cfg_obj_t *classobj = NULL;
184 const cfg_obj_t *typeobj = NULL;
185 const cfg_obj_t *fileobj = NULL;
186 const cfg_obj_t *dbobj = NULL;
187 const cfg_obj_t *obj = NULL;
188 const cfg_obj_t *fmtobj = NULL;
189 dns_masterformat_t masterformat;
191 zone_options = DNS_ZONEOPT_CHECKNS | DNS_ZONEOPT_MANYERRORS;
193 zname = cfg_obj_asstring(cfg_tuple_get(zconfig, "name"));
194 classobj = cfg_tuple_get(zconfig, "class");
195 if (!cfg_obj_isstring(classobj))
198 zclass = cfg_obj_asstring(classobj);
200 zoptions = cfg_tuple_get(zconfig, "options");
201 maps[i++] = zoptions;
203 maps[i++] = cfg_tuple_get(vconfig, "options");
204 if (config != NULL) {
205 cfg_map_get(config, "options", &obj);
211 cfg_map_get(zoptions, "type", &typeobj);
213 return (ISC_R_FAILURE);
216 * Skip checks when using an alternate data source.
218 cfg_map_get(zoptions, "database", &dbobj);
220 strcmp("rbt", cfg_obj_asstring(dbobj)) != 0 &&
221 strcmp("rbt64", cfg_obj_asstring(dbobj)) != 0)
222 return (ISC_R_SUCCESS);
224 cfg_map_get(zoptions, "file", &fileobj);
226 zfile = cfg_obj_asstring(fileobj);
229 * Check hints files for hint zones.
230 * Skip loading checks for any type other than
231 * master and redirect
233 if (strcasecmp(cfg_obj_asstring(typeobj), "hint") == 0)
234 return (configure_hint(zfile, zclass, mctx));
235 else if ((strcasecmp(cfg_obj_asstring(typeobj), "master") != 0) &&
236 (strcasecmp(cfg_obj_asstring(typeobj), "redirect") != 0))
237 return (ISC_R_SUCCESS);
240 * Is the redirect zone configured as a slave?
242 if (strcasecmp(cfg_obj_asstring(typeobj), "redirect") == 0) {
243 cfg_map_get(zoptions, "masters", &mastersobj);
244 if (mastersobj != NULL)
245 return (ISC_R_SUCCESS);
249 return (ISC_R_FAILURE);
252 if (get_maps(maps, "check-dup-records", &obj)) {
253 if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
254 zone_options |= DNS_ZONEOPT_CHECKDUPRR;
255 zone_options &= ~DNS_ZONEOPT_CHECKDUPRRFAIL;
256 } else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
257 zone_options |= DNS_ZONEOPT_CHECKDUPRR;
258 zone_options |= DNS_ZONEOPT_CHECKDUPRRFAIL;
259 } else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
260 zone_options &= ~DNS_ZONEOPT_CHECKDUPRR;
261 zone_options &= ~DNS_ZONEOPT_CHECKDUPRRFAIL;
265 zone_options |= DNS_ZONEOPT_CHECKDUPRR;
266 zone_options &= ~DNS_ZONEOPT_CHECKDUPRRFAIL;
270 if (get_maps(maps, "check-mx", &obj)) {
271 if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
272 zone_options |= DNS_ZONEOPT_CHECKMX;
273 zone_options &= ~DNS_ZONEOPT_CHECKMXFAIL;
274 } else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
275 zone_options |= DNS_ZONEOPT_CHECKMX;
276 zone_options |= DNS_ZONEOPT_CHECKMXFAIL;
277 } else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
278 zone_options &= ~DNS_ZONEOPT_CHECKMX;
279 zone_options &= ~DNS_ZONEOPT_CHECKMXFAIL;
283 zone_options |= DNS_ZONEOPT_CHECKMX;
284 zone_options &= ~DNS_ZONEOPT_CHECKMXFAIL;
288 if (get_maps(maps, "check-integrity", &obj)) {
289 if (cfg_obj_asboolean(obj))
290 zone_options |= DNS_ZONEOPT_CHECKINTEGRITY;
292 zone_options &= ~DNS_ZONEOPT_CHECKINTEGRITY;
294 zone_options |= DNS_ZONEOPT_CHECKINTEGRITY;
297 if (get_maps(maps, "check-mx-cname", &obj)) {
298 if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
299 zone_options |= DNS_ZONEOPT_WARNMXCNAME;
300 zone_options &= ~DNS_ZONEOPT_IGNOREMXCNAME;
301 } else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
302 zone_options &= ~DNS_ZONEOPT_WARNMXCNAME;
303 zone_options &= ~DNS_ZONEOPT_IGNOREMXCNAME;
304 } else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
305 zone_options |= DNS_ZONEOPT_WARNMXCNAME;
306 zone_options |= DNS_ZONEOPT_IGNOREMXCNAME;
310 zone_options |= DNS_ZONEOPT_WARNMXCNAME;
311 zone_options &= ~DNS_ZONEOPT_IGNOREMXCNAME;
315 if (get_maps(maps, "check-srv-cname", &obj)) {
316 if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
317 zone_options |= DNS_ZONEOPT_WARNSRVCNAME;
318 zone_options &= ~DNS_ZONEOPT_IGNORESRVCNAME;
319 } else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
320 zone_options &= ~DNS_ZONEOPT_WARNSRVCNAME;
321 zone_options &= ~DNS_ZONEOPT_IGNORESRVCNAME;
322 } else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
323 zone_options |= DNS_ZONEOPT_WARNSRVCNAME;
324 zone_options |= DNS_ZONEOPT_IGNORESRVCNAME;
328 zone_options |= DNS_ZONEOPT_WARNSRVCNAME;
329 zone_options &= ~DNS_ZONEOPT_IGNORESRVCNAME;
333 if (get_maps(maps, "check-sibling", &obj)) {
334 if (cfg_obj_asboolean(obj))
335 zone_options |= DNS_ZONEOPT_CHECKSIBLING;
337 zone_options &= ~DNS_ZONEOPT_CHECKSIBLING;
341 if (get_maps(maps, "check-spf", &obj)) {
342 if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
343 zone_options |= DNS_ZONEOPT_CHECKSPF;
344 } else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
345 zone_options &= ~DNS_ZONEOPT_CHECKSPF;
349 zone_options |= DNS_ZONEOPT_CHECKSPF;
353 if (get_checknames(maps, &obj)) {
354 if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
355 zone_options |= DNS_ZONEOPT_CHECKNAMES;
356 zone_options &= ~DNS_ZONEOPT_CHECKNAMESFAIL;
357 } else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
358 zone_options |= DNS_ZONEOPT_CHECKNAMES;
359 zone_options |= DNS_ZONEOPT_CHECKNAMESFAIL;
360 } else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
361 zone_options &= ~DNS_ZONEOPT_CHECKNAMES;
362 zone_options &= ~DNS_ZONEOPT_CHECKNAMESFAIL;
366 zone_options |= DNS_ZONEOPT_CHECKNAMES;
367 zone_options |= DNS_ZONEOPT_CHECKNAMESFAIL;
370 masterformat = dns_masterformat_text;
372 if (get_maps(maps, "masterfile-format", &fmtobj)) {
373 const char *masterformatstr = cfg_obj_asstring(fmtobj);
374 if (strcasecmp(masterformatstr, "text") == 0)
375 masterformat = dns_masterformat_text;
376 else if (strcasecmp(masterformatstr, "raw") == 0)
377 masterformat = dns_masterformat_raw;
382 result = load_zone(mctx, zname, zfile, masterformat, zclass, NULL);
383 if (result != ISC_R_SUCCESS)
384 fprintf(stderr, "%s/%s/%s: %s\n", view, zname, zclass,
385 dns_result_totext(result));
389 /*% configure a view */
391 configure_view(const char *vclass, const char *view, const cfg_obj_t *config,
392 const cfg_obj_t *vconfig, isc_mem_t *mctx)
394 const cfg_listelt_t *element;
395 const cfg_obj_t *voptions;
396 const cfg_obj_t *zonelist;
397 isc_result_t result = ISC_R_SUCCESS;
398 isc_result_t tresult;
402 voptions = cfg_tuple_get(vconfig, "options");
405 if (voptions != NULL)
406 (void)cfg_map_get(voptions, "zone", &zonelist);
408 (void)cfg_map_get(config, "zone", &zonelist);
410 for (element = cfg_list_first(zonelist);
412 element = cfg_list_next(element))
414 const cfg_obj_t *zconfig = cfg_listelt_value(element);
415 tresult = configure_zone(vclass, view, zconfig, vconfig,
417 if (tresult != ISC_R_SUCCESS)
424 /*% load zones from the configuration */
426 load_zones_fromconfig(const cfg_obj_t *config, isc_mem_t *mctx) {
427 const cfg_listelt_t *element;
428 const cfg_obj_t *classobj;
429 const cfg_obj_t *views;
430 const cfg_obj_t *vconfig;
432 isc_result_t result = ISC_R_SUCCESS;
433 isc_result_t tresult;
437 (void)cfg_map_get(config, "view", &views);
438 for (element = cfg_list_first(views);
440 element = cfg_list_next(element))
445 vconfig = cfg_listelt_value(element);
446 if (vconfig != NULL) {
447 classobj = cfg_tuple_get(vconfig, "class");
448 if (cfg_obj_isstring(classobj))
449 vclass = cfg_obj_asstring(classobj);
451 vname = cfg_obj_asstring(cfg_tuple_get(vconfig, "name"));
452 tresult = configure_view(vclass, vname, config, vconfig, mctx);
453 if (tresult != ISC_R_SUCCESS)
458 tresult = configure_view("IN", "_default", config, NULL, mctx);
459 if (tresult != ISC_R_SUCCESS)
466 output(void *closure, const char *text, int textlen) {
468 if (fwrite(text, 1, textlen, stdout) != (size_t)textlen) {
474 /*% The main processing routine */
476 main(int argc, char **argv) {
478 cfg_parser_t *parser = NULL;
479 cfg_obj_t *config = NULL;
480 const char *conffile = NULL;
481 isc_mem_t *mctx = NULL;
484 isc_entropy_t *ectx = NULL;
485 isc_boolean_t load_zones = ISC_FALSE;
486 isc_boolean_t print = ISC_FALSE;
487 unsigned int flags = 0;
489 isc_commandline_errprint = ISC_FALSE;
491 while ((c = isc_commandline_parse(argc, argv, "dhjt:pvxz")) != EOF) {
502 result = isc_dir_chroot(isc_commandline_argument);
503 if (result != ISC_R_SUCCESS) {
504 fprintf(stderr, "isc_dir_chroot: %s\n",
505 isc_result_totext(result));
515 printf(VERSION "\n");
519 flags |= CFG_PRINTER_XKEY;
523 load_zones = ISC_TRUE;
524 docheckmx = ISC_FALSE;
525 docheckns = ISC_FALSE;
526 dochecksrv = ISC_FALSE;
530 if (isc_commandline_option != '?')
531 fprintf(stderr, "%s: invalid argument -%c\n",
532 program, isc_commandline_option);
538 fprintf(stderr, "%s: unhandled option -%c\n",
539 program, isc_commandline_option);
544 if (((flags & CFG_PRINTER_XKEY) != 0) && !print) {
545 fprintf(stderr, "%s: -x cannot be used without -p\n", program);
549 if (isc_commandline_index + 1 < argc)
551 if (argv[isc_commandline_index] != NULL)
552 conffile = argv[isc_commandline_index];
553 if (conffile == NULL || conffile[0] == '\0')
554 conffile = NAMED_CONFFILE;
560 RUNTIME_CHECK(isc_mem_create(0, 0, &mctx) == ISC_R_SUCCESS);
562 RUNTIME_CHECK(setup_logging(mctx, stdout, &logc) == ISC_R_SUCCESS);
564 RUNTIME_CHECK(isc_entropy_create(mctx, &ectx) == ISC_R_SUCCESS);
565 RUNTIME_CHECK(isc_hash_create(mctx, ectx, DNS_NAME_MAXWIRE)
568 dns_result_register();
570 RUNTIME_CHECK(cfg_parser_create(mctx, logc, &parser) == ISC_R_SUCCESS);
572 cfg_parser_setcallback(parser, directory_callback, NULL);
574 if (cfg_parse_file(parser, conffile, &cfg_type_namedconf, &config) !=
578 result = bind9_check_namedconf(config, logc, mctx);
579 if (result != ISC_R_SUCCESS)
582 if (result == ISC_R_SUCCESS && load_zones) {
583 result = load_zones_fromconfig(config, mctx);
584 if (result != ISC_R_SUCCESS)
588 if (print && exit_status == 0)
589 cfg_printx(config, flags, output, NULL);
590 cfg_obj_destroy(parser, &config);
592 cfg_parser_destroy(&parser);
596 isc_log_destroy(&logc);
599 isc_entropy_detach(&ectx);
601 isc_mem_destroy(&mctx);
607 return (exit_status);
projects / FreeBSD / stable / 9.git / blob