📄 check.c
字号:
/* * Copyright (C) 2001-2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. *//* $Id: check.c,v 1.14.2.21 2003/09/19 13:41:36 marka Exp $ */#include <config.h>#include <stdlib.h>#include <string.h>#include <isc/buffer.h>#include <isc/log.h>#include <isc/mem.h>#include <isc/netaddr.h>#include <isc/result.h>#include <isc/sockaddr.h>#include <isc/symtab.h>#include <isc/util.h>#include <dns/fixedname.h>#include <isccfg/cfg.h>#include <isccfg/check.h>static isc_result_tcheck_forward(cfg_obj_t *options, isc_log_t *logctx) { cfg_obj_t *forward = NULL; cfg_obj_t *forwarders = NULL; (void)cfg_map_get(options, "forward", &forward); (void)cfg_map_get(options, "forwarders", &forwarders); if (forward != NULL && forwarders == NULL) { cfg_obj_log(forward, logctx, ISC_LOG_ERROR, "no matching 'forwarders' statement"); return (ISC_R_FAILURE); } return (ISC_R_SUCCESS);}typedef struct { const char *name; unsigned int scale;} intervaltable;static isc_result_tcheck_options(cfg_obj_t *options, isc_log_t *logctx) { isc_result_t result = ISC_R_SUCCESS; unsigned int i; cfg_obj_t *obj; static intervaltable intervals[] = { { "cleaning-interval", 60 }, { "heartbeat-interval", 60 }, { "interface-interval", 60 }, { "max-transfer-idle-in", 60 }, { "max-transfer-idle-out", 60 }, { "max-transfer-time-in", 60 }, { "max-transfer-time-out", 60 }, { "sig-validity-interval", 86400}, { "statistics-interval", 60 }, }; /* * Check that fields specified in units of time other than seconds * have reasonable values. */ for (i = 0; i < sizeof(intervals) / sizeof(intervals[0]); i++) { isc_uint32_t val; cfg_obj_t *obj = NULL; (void)cfg_map_get(options, intervals[i].name, &obj); if (obj == NULL) continue; val = cfg_obj_asuint32(obj); if (val > (ISC_UINT32_MAX / intervals[i].scale)) { cfg_obj_log(obj, logctx, ISC_LOG_ERROR, "%s '%d' is out of range", intervals[i].name, val); result = ISC_R_RANGE; } } obj = NULL; (void)cfg_map_get(options, "root-delegation-only", &obj); if (obj != NULL) { if (!cfg_obj_isvoid(obj)) { cfg_listelt_t *element; cfg_obj_t *exclude; char *str; dns_fixedname_t fixed; dns_name_t *name; isc_buffer_t b; isc_result_t tresult; dns_fixedname_init(&fixed); name = dns_fixedname_name(&fixed); for (element = cfg_list_first(obj); element != NULL; element = cfg_list_next(element)) { exclude = cfg_listelt_value(element); str = cfg_obj_asstring(exclude); isc_buffer_init(&b, str, strlen(str)); isc_buffer_add(&b, strlen(str)); tresult = dns_name_fromtext(name, &b, dns_rootname, ISC_FALSE, NULL); if (tresult != ISC_R_SUCCESS) { cfg_obj_log(obj, logctx, ISC_LOG_ERROR, "bad domain name '%s'", str); result = tresult; } } } } return (result);}#define MASTERZONE 1#define SLAVEZONE 2#define STUBZONE 4#define HINTZONE 8#define FORWARDZONE 16#define DELEGATIONZONE 32typedef struct { const char *name; int allowed;} optionstable;static isc_result_tcheck_zoneconf(cfg_obj_t *zconfig, isc_symtab_t *symtab, isc_log_t *logctx, isc_mem_t *mctx){ const char *zname; const char *typestr; unsigned int ztype; cfg_obj_t *zoptions; cfg_obj_t *obj = NULL; cfg_obj_t *addrlist = NULL; isc_symvalue_t symvalue; isc_result_t result = ISC_R_SUCCESS; isc_result_t tresult; unsigned int i; dns_fixedname_t fixedname; isc_buffer_t b; static optionstable options[] = { { "allow-query", MASTERZONE | SLAVEZONE | STUBZONE }, { "allow-notify", SLAVEZONE }, { "allow-transfer", MASTERZONE | SLAVEZONE }, { "notify", MASTERZONE | SLAVEZONE }, { "also-notify", MASTERZONE | SLAVEZONE }, { "dialup", MASTERZONE | SLAVEZONE | STUBZONE }, { "delegation-only", HINTZONE | STUBZONE }, { "forward", MASTERZONE | SLAVEZONE | STUBZONE | FORWARDZONE}, { "forwarders", MASTERZONE | SLAVEZONE | STUBZONE | FORWARDZONE}, { "maintain-ixfr-base", MASTERZONE | SLAVEZONE }, { "max-ixfr-log-size", MASTERZONE | SLAVEZONE }, { "notify-source", MASTERZONE | SLAVEZONE }, { "notify-source-v6", MASTERZONE | SLAVEZONE }, { "transfer-source", SLAVEZONE | STUBZONE }, { "transfer-source-v6", SLAVEZONE | STUBZONE }, { "max-transfer-time-in", SLAVEZONE | STUBZONE }, { "max-transfer-time-out", MASTERZONE | SLAVEZONE }, { "max-transfer-idle-in", SLAVEZONE | STUBZONE }, { "max-transfer-idle-out", MASTERZONE | SLAVEZONE }, { "max-retry-time", SLAVEZONE | STUBZONE }, { "min-retry-time", SLAVEZONE | STUBZONE }, { "max-refresh-time", SLAVEZONE | STUBZONE }, { "min-refresh-time", SLAVEZONE | STUBZONE }, { "sig-validity-interval", MASTERZONE }, { "zone-statistics", MASTERZONE | SLAVEZONE | STUBZONE }, { "allow-update", MASTERZONE }, { "allow-update-forwarding", SLAVEZONE }, { "file", MASTERZONE | SLAVEZONE | STUBZONE | HINTZONE}, { "ixfr-base", MASTERZONE | SLAVEZONE }, { "ixfr-tmp-file", MASTERZONE | SLAVEZONE }, { "masters", SLAVEZONE | STUBZONE }, { "pubkey", MASTERZONE | SLAVEZONE | STUBZONE }, { "update-policy", MASTERZONE }, { "database", MASTERZONE | SLAVEZONE | STUBZONE }, }; static optionstable dialups[] = { { "notify", MASTERZONE | SLAVEZONE }, { "notify-passive", SLAVEZONE }, { "refresh", SLAVEZONE | STUBZONE }, { "passive", SLAVEZONE | STUBZONE }, }; zname = cfg_obj_asstring(cfg_tuple_get(zconfig, "name")); zoptions = cfg_tuple_get(zconfig, "options"); obj = NULL; (void)cfg_map_get(zoptions, "type", &obj); if (obj == NULL) { cfg_obj_log(zconfig, logctx, ISC_LOG_ERROR, "zone '%s': type not present", zname); return (ISC_R_FAILURE); } typestr = cfg_obj_asstring(obj); if (strcasecmp(typestr, "master") == 0) ztype = MASTERZONE; else if (strcasecmp(typestr, "slave") == 0) ztype = SLAVEZONE; else if (strcasecmp(typestr, "stub") == 0) ztype = STUBZONE; else if (strcasecmp(typestr, "forward") == 0) ztype = FORWARDZONE; else if (strcasecmp(typestr, "hint") == 0) ztype = HINTZONE; else if (strcasecmp(typestr, "delegation-only") == 0) ztype = DELEGATIONZONE; else { cfg_obj_log(obj, logctx, ISC_LOG_ERROR, "zone '%s': invalid type %s", zname, typestr); return (ISC_R_FAILURE); } /* * Look for an already existing zone. * We need to make this cannonical as isc_symtab_define() * deals with strings. */ dns_fixedname_init(&fixedname); isc_buffer_init(&b, zname, strlen(zname)); isc_buffer_add(&b, strlen(zname)); result = dns_name_fromtext(dns_fixedname_name(&fixedname), &b, dns_rootname, ISC_TRUE, NULL); if (result != ISC_R_SUCCESS) { cfg_obj_log(zconfig, logctx, ISC_LOG_ERROR, "zone '%s': is not a valid name", zname); result = ISC_R_FAILURE; } else { char namebuf[DNS_NAME_FORMATSIZE]; char *key; dns_name_format(dns_fixedname_name(&fixedname), namebuf, sizeof(namebuf)); key = isc_mem_strdup(mctx, namebuf); if (key == NULL) return (ISC_R_NOMEMORY); symvalue.as_pointer = NULL; tresult = isc_symtab_define(symtab, key, ztype == HINTZONE ? 1 : 2, symvalue, isc_symexists_reject); if (tresult == ISC_R_EXISTS) { isc_mem_free(mctx, key); cfg_obj_log(zconfig, logctx, ISC_LOG_ERROR, "zone '%s': already exists ", zname); result = ISC_R_FAILURE; } else if (tresult != ISC_R_SUCCESS) { isc_mem_strdup(mctx, key); return (tresult); } } /* * Look for inappropriate options for the given zone type. */ for (i = 0; i < sizeof(options) / sizeof(options[0]); i++) { obj = NULL; if ((options[i].allowed & ztype) == 0 && cfg_map_get(zoptions, options[i].name, &obj) == ISC_R_SUCCESS) { if (strcmp(options[i].name, "allow-update") != 0 || ztype != SLAVEZONE) { cfg_obj_log(obj, logctx, ISC_LOG_ERROR, "option '%s' is not allowed " "in '%s' zone '%s'", options[i].name, typestr, zname); result = ISC_R_FAILURE; } else cfg_obj_log(obj, logctx, ISC_LOG_WARNING, "option '%s' is not allowed " "in '%s' zone '%s'", options[i].name, typestr, zname); } } /* * Slave & stub zones must have a "masters" field. */ if (ztype == SLAVEZONE || ztype == STUBZONE) { obj = NULL; if (cfg_map_get(zoptions, "masters", &obj) != ISC_R_SUCCESS) { cfg_obj_log(zoptions, logctx, ISC_LOG_ERROR, "zone '%s': missing 'masters' entry", zname); result = ISC_R_FAILURE; } else { addrlist = cfg_tuple_get(obj, "addresses"); if (cfg_list_first(addrlist) == NULL) { cfg_obj_log(zoptions, logctx, ISC_LOG_ERROR, "zone '%s': empty 'masters' entry", zname); result = ISC_R_FAILURE; } } } /* * Master zones can't have both "allow-update" and "update-policy". */ if (ztype == MASTERZONE) { isc_result_t res1, res2; obj = NULL; res1 = cfg_map_get(zoptions, "allow-update", &obj); obj = NULL; res2 = cfg_map_get(zoptions, "update-policy", &obj); if (res1 == ISC_R_SUCCESS && res2 == ISC_R_SUCCESS) { cfg_obj_log(obj, logctx, ISC_LOG_ERROR, "zone '%s': 'allow-update' is ignored " "when 'update-policy' is present", zname); result = ISC_R_FAILURE; } } /* * Check the excessively complicated "dialup" option. */ if (ztype == MASTERZONE || ztype == SLAVEZONE || ztype == STUBZONE) { cfg_obj_t *dialup = NULL; cfg_map_get(zoptions, "dialup", &dialup); if (dialup != NULL && cfg_obj_isstring(dialup)) { char *str = cfg_obj_asstring(dialup);⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -