doc

早期freebsd实现

   echo "WARN: Found $#sns unique SOA serial #'s for $dom" >> log.$dom
   if ($wflag) echo "WARN: Found $#sns unique SOA serial #'s for $dom"
   if ($ddflag) echo "DDBUG: 24"
else if ($sns != "") then
   if ($cnttwo > 1) then
      echo "SOA serial #'s agree for $dom" >> log.$dom
      if ($vflag) echo "SOA serial #'s agree for $dom"
      set ii = $#aafile
      @   ij = $ii - 1
     if ($ddflag) echo "DDBUG: 25"

      while ($ij)
         diff $aafile[$ii] $aafile[$ij] >& /dev/null
         if ($status) then
            @ ffwarn++
echo "WARN: SOA records differ for $dom from authoritative servers" >> log.$dom
if ($wflag) echo "WARN: SOA records differ for $dom from authoritative servers"
            if ($ddflag) echo "DDBUG: 26"
            break
         endif
         @ ii--
         @ ij--
      end  # while

   endif
else
   echo "SYSerr: No servers for $dom returned SOAs ..." >> log.$dom
   echo "SYSerr: No servers for $dom returned SOAs ..."
   if ($ddflag) echo "DDBUG: 27"
   goto dig4err1
endif

#####XX# 
###################################################
##
## Query all authoritative nameservers returning SOA
## for NS records of domain.

set domnslists=""
set cntthree=0

foreach i ($aaserv)
  dig @$i ns $dom +norec $RET +pfset=0xa7e4 | $tolower >& $dom.raw.$i
  set stat = $status
  if ($stat != 0) then
     set estr = $error[$stat]
     echo "DIGERR ($estr): dig @$i for NS of $dom failed" >> log.$dom
     echo "DIGERR ($estr): dig @$i for NS of $dom failed"
     if ($ddflag) echo "DDBUG: 28"
     @ ffalltwo++
     rm $dom.raw.$i
     continue
  endif

  echo "## NS records for $dom domain from nameserver $i" >> logXX.$dom
  echo "" >> logXX.$dom
  cat  $dom.raw.$i >> logXX.$dom
  echo "===================" >> logXX.$dom
  echo "" >> logXX.$dom

######################################################
##
## Examine response: get nameserver list, check TTLs
##  (glue or authoritative not used here)

  awk -f ${auxd}doc3.awk $dom.raw.$i | sort -u > $dom.ns.$i
  set stat=$status

## fix for shells which return unsigned 8 bit exit codes
  if ($stat > 127) then
     @ stat = $stat - 256
  endif

  if ($stat < 0) then
       set isaa = 1;
       @ stat = $stat + 127;
  else
       set isaa = 0;
  endif
  @ glue = $stat % 16
  @ ttls = $stat / 16

  if ($ttls > 1) then
     @ fferror++
     echo "ERROR: multiple TTLs found for $dom NS records @$i" >> log.$dom
     if ($eflag) echo "ERROR: multiple TTLs found for $dom NS records @$i"
     if ($ddflag) echo "DDBUG: 29"
  endif

#####XX# 
#############################################
##
## Look for conflicting sets of NS records.
##

  @ cntthree++
  set another=1
  foreach j ($domnslists)
	diff -i $j $dom.ns.$i >& /dev/null
        if ($status == 0) then
	   set another=0
           break
        endif
  end
  if ($another) then
     cat $dom.ns.$i >> $dom.ns.all
     set domnslists=($domnslists $dom.ns.$i)
  endif
end

sort -u $dom.ns.all > tmp.$$
mv tmp.$$ $dom.ns.all

set bothagree=""

#######################################################
#######################################################
##
## Do NS lists agree among authoritative servers??
##

if ($#domnslists > 1) then
   @ fferror++
   echo "ERROR: Found $#domnslists unique sets of NS records" >> log.$dom
   echo "   === from authoritative domain ($dom) servers" >> log.$dom
   if ($ddflag) echo "DDBUG: 30"
   if ($eflag) then
      echo "ERROR: Found $#domnslists unique sets of NS records"
      echo "   === from authoritative domain ($dom) servers"
   endif
else if ($domnslists != "") then
  if ($cntthree > 1) then
    echo "Authoritative domain ($dom) servers agree on NS for $dom" >> log.$dom
    if ($vflag) echo "Authoritative domain ($dom) servers agree on NS for $dom"
    if ($ddflag) echo "DDBUG: 31"
   endif

####XX# 
#######################################################
##
## If authoritative servers on NS records
##   recall which (if any) of parent servers agreed and
##   check for agreement between parent and child servers.
##

   if ($pflag) then
      if ($nslists == "") then
         set pnslist=$nslistsaa[1]
      else
         set pnslist=$nslists
      endif
      diff -i $pnslist $dom.ns.all > /dev/null
    if ($status == 0) set bothagree = "first parent ($dad) nameserver queried"
      goto skip4
   endif

   if ($agree) then
      diff -i $nslists $dom.ns.all > /dev/null
      if ($status == 0) then
         set bothagree="all parent ($dad) servers"
         if ($ddflag) echo "DDBUG: 32"
      endif
   else if ($tmpcntone == 1) then
         diff -i $nslistsaa $dom.ns.all > /dev/null
         if ($status == 0) then
            set bothagree="parent ($dad) servers also authoritative for $dom"
            if ($ddflag) echo "DDBUG: 33"
         else if ($tmpcnttwo == 1) then
            diff -i $nslists $dom.ns.all > /dev/null
            if ($status == 0) then
              set bothagree="parent ($dad) servers not authoritative for $dom"
              if ($ddflag) echo "DDBUG: 34"
             endif
         endif
   else if ($tmpcnttwo == 1) then
         diff -i $nslists $dom.ns.all > /dev/null
         if ($status == 0) then
            set bothagree="parent ($dad) servers not authoritative for $dom"
            if ($ddflag) echo "DDBUG: 35"
         endif
   endif
endif

####XX# 

skip4:

if ("$bothagree" != "") then
   echo "NS list from $dom authoritative servers matches list from" >> log.$dom
   echo "  ===  $bothagree" >> log.$dom
   if ($vflag) then
      echo "NS list from $dom authoritative servers matches list from"
      echo "  === $bothagree"
   endif
else
   @ fferror++
   echo "ERROR: NS list from $dom authoritative servers does not" >> log.$dom
   echo "  === match NS list from parent ($dad) servers" >> log.$dom
   if ($eflag) then
      echo "ERROR: NS list from $dom authoritative servers does not"
      echo "  === match NS list from parent ($dad) servers"
   endif
   if ($ddflag) echo "DDBUG: 36"

   set aanslist = `cat $dom.ns.all`
   echo "NS list summary for $dom from authoritative servers" >> log.$dom
   if ($vflag) echo "NS list summary for $dom from authoritative servers"

   if ($#aanslist > 3) then
      echo "  == $aanslist[1-3]" >> log.$dom
      if ($vflag) echo "  == $aanslist[1-3]"

      if ($#aanslist > 6) then
         echo "  == $aanslist[4-6]" >> log.$dom
         echo "  == $aanslist[7-]" >> log.$dom
         if ($vflag) echo "  == $aanslist[4-6]"
         if ($vflag) echo "  == $aanslist[7-]"
      else
         echo "  == $aanslist[4-]" >> log.$dom
         if ($vflag) echo "  == $aanslist[4-]"
      endif
   else
      echo "  == $aanslist" >> log.$dom
      if ($vflag) echo "  == $aanslist"
   endif
endif

####XX# 
##################################################
##
## Check that all servers that claim to be authoritative
## have NS record at other AUTH servers
##

set domnsall=`cat $dom.ns.all`

foreach i ($aaserv)
  set missing=1
  foreach j ($domnsall)
    if ($i == $j) then
      set missing=0
      break
    endif
   end
  if ($missing) then
     @ fferror++
     echo -n "ERROR: " >> log.$dom
     echo "$i claims to be authoritative, but does not appear in" >> log.$dom
     echo "NS list from authoritative servers" >> log.$dom
     if ($eflag) then
        echo -n "ERROR: "
        echo "$i claims to be authoritative, but does not appear in"
        echo "NS list from authoritative servers"
     endif
     if ($ddflag) echo "DDBUG: 37"
  endif
end

#####################################################
##
## Determine list of addresses of nameservers for domain
## which are also in the domain (currently only one per internet
## network is tested).
##
## Ask for in-addr.arpa. PTR to see if reverse mappings
## are set up correctly.

set netaddr = `cat $dom.raw.* | awk -f ${auxd}doc4.awk`
echo "Checking $#netaddr potential addresses for hosts at $dom" >> log.$dom
if ($vflag) echo "Checking $#netaddr potential addresses for hosts at $dom"
if ($#netaddr > 4) then
   echo "  == $netaddr[1-4]" >> log.$dom
   echo "  == $netaddr[5-]" >> log.$dom
   if ($vflag) then
      echo "  == $netaddr[1-4]"
      echo "  == $netaddr[5-]"
    endif
else
    echo "  == $netaddr" >> log.$dom
    if ($vflag) echo "  == $netaddr"
endif

####XX# 


echo "### Queries for nameserver address in-addr.arpa. records" >> logXX.$dom
echo "" >> logXX.$dom

foreach i ($netaddr)
   dig +pfset=0x2738 -x $i >>& logXX.$dom
   set stat = $status
   if ($stat == 0) then
      echo "in-addr PTR record found for $i" >> log.$dom
      if ($vflag) echo "in-addr PTR record found for $i"
   else if ($stat == 3) then
      echo "ERROR: no in-addr PTR recorder found for $i" >> log.$dom
      if ($eflag) echo "ERROR: no in-addr PTR recorder found for $i"
      @ fferror++
      if ($ddflag) echo "DDBUG: 38"
   else
      set estr = $error[$stat]
      echo "DIGERR ($estr): dig for $i in-addr PTR failed" >> log.$dom
      echo "DIGERR ($estr): dig for $i in-addr PTR failed"
      @ ffalltwo++
      if ($ddflag) echo "DDBUG: 39"
   endif
end

goto around

dig1err1:
dig1err2:
dig2err1:
dig4err1:
@ ffallone++
set aborted=1

####XX# 

around:

(rm $dom.* &) >& /dev/null
set isok=1
echo "Summary:" >> log.$dom
echo "Summary:"
if ($aborted) then
   echo "   YIKES: doc aborted while testing $dom  parent $dad" >> log.$dom
   echo "   YIKES: doc aborted while testing $dom  parent $dad"
   set isok=0
endif
if ($fferror) then
   echo "   ERRORS found for $dom (count: $fferror)" >> log.$dom
   echo "   ERRORS found for $dom (count: $fferror)"
   set isok=0
endif
if ($ffwarn) then
   echo "   WARNINGS issued for $dom (count: $ffwarn)" >> log.$dom
   echo "   WARNINGS issued for $dom (count: $ffwarn)"
   set isok=0
endif
if ($isok) then
   echo "   No errors or warnings issued for $dom" >> log.$dom
   echo "   No errors or warnings issued for $dom"
endif
@ ffall = $ffallone + $ffalltwo
if ( $ffallone | $ffalltwo ) then
   echo "   Incomplete test for $dom ($ffall)" >> log.$dom
   echo "   Incomplete test for $dom ($ffall)"
endif

echo "Done testing $dom  `date`" >> log.$dom
echo "" >> log.$dom
echo "Done testing $dom  `date`"
echo ""

cat logXX.$dom >> log.$dom
rm logXX.$dom

exit 0

show:
echo "Usage:  doc [-e][-w][-v][-d] domain_name [parent_domain_name]"
echo " Note:  You must have DiG Version-2.0 for this program to run."
exit 9

cleanup:

(rm $dom.* &) >& /dev/null

if ( -e log.$dom ) then
  if ( -e logXX.$dom ) then
     cat logXX.$dom >> log.$dom
     rm logXX.$dom
  endif
  echo "Doc interrupted - partial logfile: log.$dom exists."
endif

####XX#