Commit aa49af83 authored by Mark Andrews's avatar Mark Andrews

3385. [bug] named-checkconf didn't detect missing master lists

                        in also-notify clauses. [RT #30810]
parent 74069f29
3385. [bug] named-checkconf didn't detect missing master lists
in also-notify clauses. [RT #30810]
3384. [bug] Improved logging of crypto errors. [RT #30963]
3383. [security] A certain combination of records in the RBT could
......
/*
* Copyright (C) 2012 Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
/*
* Missing master in also-notify clause.
*/
zone dummy {
type master;
file "xxxx";
also-notify { xxxx; };
};
......@@ -34,17 +34,14 @@ cmp good.conf.in good.conf.out || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
echo "I: checking that named-checkconf handles a known bad config"
ret=0
$CHECKCONF bad.conf > /dev/null 2>&1 && ret=1
if [ $? != 1 ]; then echo "I:failed"; ret=1; fi
status=`expr $status + $ret`
echo "I: checking that named-checkconf handles a known bad tsig secret"
ret=0
$CHECKCONF badtsig.conf > /dev/null 2>&1
if [ $? != 1 ]; then echo "I:failed"; ret=1; fi
status=`expr $status + $ret`
for bad in bad*.conf
do
ret=0
echo "I: checking that named-checkconf detects error in $bad"
$CHECKCONF $bad > /dev/null 2>&1
if [ $? != 1 ]; then echo "I:failed"; ret=1; fi
status=`expr $status + $ret`
done
echo "I: checking named-checkconf dnssec warnings"
ret=0
......
......@@ -1548,6 +1548,21 @@ check_zoneconf(const cfg_obj_t *zconfig, const cfg_obj_t *voptions,
}
/*
* Master & slave zones must have a "also-notify" field.
*/
if (ztype == MASTERZONE || ztype == SLAVEZONE ) {
obj = NULL;
tresult = cfg_map_get(zoptions, "also-notify", &obj);
if (tresult == ISC_R_SUCCESS) {
isc_uint32_t count;
tresult = validate_masters(obj, config, &count,
logctx, mctx);
if (tresult != ISC_R_SUCCESS && result == ISC_R_SUCCESS)
result = tresult;
}
}
/*
* Slave & stub zones must have a "masters" field.
*/
......
......@@ -1492,7 +1492,7 @@ dumptostreaminc(dns_dumpctx_t *dctx) {
}
result = dns_dbiterator_first(dctx->dbiter);
if (result != ISC_R_SUCCESS && result != ISC_R_NOMORE)
if (result != ISC_R_SUCCESS)
goto cleanup;
dctx->first = ISC_FALSE;
......
......@@ -654,8 +654,9 @@
./bin/tests/system/cacheclean/ns1/named.conf CONF-C 2001,2004,2005,2007,2011
./bin/tests/system/cacheclean/ns2/named.conf CONF-C 2001,2004,2005,2007,2011
./bin/tests/system/cacheclean/tests.sh SH 2001,2004,2007,2011,2012
./bin/tests/system/checkconf/bad.conf CONF-C 2005,2007
./bin/tests/system/checkconf/badtsig.conf CONF-C 2012
./bin/tests/system/checkconf/bad-also-notify.conf CONF-C 2012
./bin/tests/system/checkconf/bad-many.conf CONF-C 2005,2012
./bin/tests/system/checkconf/bad-tsig.conf CONF-C 2012
./bin/tests/system/checkconf/clean.sh SH 2011,2012
./bin/tests/system/checkconf/dnssec.1 CONF-C 2011
./bin/tests/system/checkconf/dnssec.2 CONF-C 2011
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment