/*% configure the zone */
static isc_result_t
configure_zone(const char *vclass, const char *view,
const cfg_obj_t *zconfig, const cfg_obj_t *vconfig,
const cfg_obj_t *config, isc_mem_t *mctx)
{
int i = 0;
isc_result_t result;
const char *zclass;
const char *zname;
const char *zfile = NULL;
const cfg_obj_t *maps[4];
const cfg_obj_t *mastersobj = NULL;
const cfg_obj_t *inviewobj = NULL;
const cfg_obj_t *zoptions = NULL;
const cfg_obj_t *classobj = NULL;
const cfg_obj_t *typeobj = NULL;
const cfg_obj_t *fileobj = NULL;
const cfg_obj_t *dlzobj = NULL;
const cfg_obj_t *dbobj = NULL;
const cfg_obj_t *obj = NULL;
const cfg_obj_t *fmtobj = NULL;
dns_masterformat_t masterformat;
dns_ttl_t maxttl = 0;
zone_options = DNS_ZONEOPT_CHECKNS | DNS_ZONEOPT_MANYERRORS;
zname = cfg_obj_asstring(cfg_tuple_get(zconfig, "name"));
classobj = cfg_tuple_get(zconfig, "class");
if (!cfg_obj_isstring(classobj))
zclass = vclass;
else
zclass = cfg_obj_asstring(classobj);
zoptions = cfg_tuple_get(zconfig, "options");
maps[i++] = zoptions;
if (vconfig != NULL)
maps[i++] = cfg_tuple_get(vconfig, "options");
if (config != NULL) {
cfg_map_get(config, "options", &obj);
if (obj != NULL)
maps[i++] = obj;
}
maps[i] = NULL;
cfg_map_get(zoptions, "in-view", &inviewobj);
if (inviewobj != NULL)
return (ISC_R_SUCCESS);
cfg_map_get(zoptions, "type", &typeobj);
if (typeobj == NULL)
return (ISC_R_FAILURE);
/*
* Skip checks when using an alternate data source.
*/
cfg_map_get(zoptions, "database", &dbobj);
if (dbobj != NULL &&
strcmp("rbt", cfg_obj_asstring(dbobj)) != 0 &&
strcmp("rbt64", cfg_obj_asstring(dbobj)) != 0)
return (ISC_R_SUCCESS);
cfg_map_get(zoptions, "dlz", &dlzobj);
if (dlzobj != NULL)
return (ISC_R_SUCCESS);
cfg_map_get(zoptions, "file", &fileobj);
if (fileobj != NULL)
zfile = cfg_obj_asstring(fileobj);
/*
* Check hints files for hint zones.
* Skip loading checks for any type other than
* master and redirect
*/
if (strcasecmp(cfg_obj_asstring(typeobj), "hint") == 0)
return (configure_hint(zfile, zclass, mctx));
else if ((strcasecmp(cfg_obj_asstring(typeobj), "master") != 0) &&
(strcasecmp(cfg_obj_asstring(typeobj), "redirect") != 0))
return (ISC_R_SUCCESS);
/*
* Is the redirect zone configured as a slave?
*/
if (strcasecmp(cfg_obj_asstring(typeobj), "redirect") == 0) {
cfg_map_get(zoptions, "masters", &mastersobj);
if (mastersobj != NULL)
return (ISC_R_SUCCESS);
}
if (zfile == NULL)
return (ISC_R_FAILURE);
obj = NULL;
if (get_maps(maps, "check-dup-records", &obj)) {
if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
zone_options |= DNS_ZONEOPT_CHECKDUPRR;
zone_options &= ~DNS_ZONEOPT_CHECKDUPRRFAIL;
} else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
zone_options |= DNS_ZONEOPT_CHECKDUPRR;
zone_options |= DNS_ZONEOPT_CHECKDUPRRFAIL;
} else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
zone_options &= ~DNS_ZONEOPT_CHECKDUPRR;
zone_options &= ~DNS_ZONEOPT_CHECKDUPRRFAIL;
} else
INSIST(0);
} else {
zone_options |= DNS_ZONEOPT_CHECKDUPRR;
zone_options &= ~DNS_ZONEOPT_CHECKDUPRRFAIL;
}
obj = NULL;
if (get_maps(maps, "check-mx", &obj)) {
if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
zone_options |= DNS_ZONEOPT_CHECKMX;
zone_options &= ~DNS_ZONEOPT_CHECKMXFAIL;
} else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
zone_options |= DNS_ZONEOPT_CHECKMX;
zone_options |= DNS_ZONEOPT_CHECKMXFAIL;
} else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
zone_options &= ~DNS_ZONEOPT_CHECKMX;
zone_options &= ~DNS_ZONEOPT_CHECKMXFAIL;
} else
INSIST(0);
} else {
zone_options |= DNS_ZONEOPT_CHECKMX;
zone_options &= ~DNS_ZONEOPT_CHECKMXFAIL;
}
obj = NULL;
if (get_maps(maps, "check-integrity", &obj)) {
if (cfg_obj_asboolean(obj))
zone_options |= DNS_ZONEOPT_CHECKINTEGRITY;
else
zone_options &= ~DNS_ZONEOPT_CHECKINTEGRITY;
} else
zone_options |= DNS_ZONEOPT_CHECKINTEGRITY;
obj = NULL;
if (get_maps(maps, "check-mx-cname", &obj)) {
if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
zone_options |= DNS_ZONEOPT_WARNMXCNAME;
zone_options &= ~DNS_ZONEOPT_IGNOREMXCNAME;
} else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
zone_options &= ~DNS_ZONEOPT_WARNMXCNAME;
zone_options &= ~DNS_ZONEOPT_IGNOREMXCNAME;
} else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
zone_options |= DNS_ZONEOPT_WARNMXCNAME;
zone_options |= DNS_ZONEOPT_IGNOREMXCNAME;
} else
INSIST(0);
} else {
zone_options |= DNS_ZONEOPT_WARNMXCNAME;
zone_options &= ~DNS_ZONEOPT_IGNOREMXCNAME;
}
obj = NULL;
if (get_maps(maps, "check-srv-cname", &obj)) {
if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
zone_options |= DNS_ZONEOPT_WARNSRVCNAME;
zone_options &= ~DNS_ZONEOPT_IGNORESRVCNAME;
} else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
zone_options &= ~DNS_ZONEOPT_WARNSRVCNAME;
zone_options &= ~DNS_ZONEOPT_IGNORESRVCNAME;
} else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
zone_options |= DNS_ZONEOPT_WARNSRVCNAME;
zone_options |= DNS_ZONEOPT_IGNORESRVCNAME;
} else
INSIST(0);
} else {
zone_options |= DNS_ZONEOPT_WARNSRVCNAME;
zone_options &= ~DNS_ZONEOPT_IGNORESRVCNAME;
}
obj = NULL;
if (get_maps(maps, "check-sibling", &obj)) {
if (cfg_obj_asboolean(obj))
zone_options |= DNS_ZONEOPT_CHECKSIBLING;
else
zone_options &= ~DNS_ZONEOPT_CHECKSIBLING;
}
obj = NULL;
if (get_maps(maps, "check-spf", &obj)) {
if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
zone_options |= DNS_ZONEOPT_CHECKSPF;
} else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
zone_options &= ~DNS_ZONEOPT_CHECKSPF;
} else
INSIST(0);
} else {
zone_options |= DNS_ZONEOPT_CHECKSPF;
}
obj = NULL;
if (get_checknames(maps, &obj)) {
if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
zone_options |= DNS_ZONEOPT_CHECKNAMES;
zone_options &= ~DNS_ZONEOPT_CHECKNAMESFAIL;
} else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
zone_options |= DNS_ZONEOPT_CHECKNAMES;
zone_options |= DNS_ZONEOPT_CHECKNAMESFAIL;
} else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
zone_options &= ~DNS_ZONEOPT_CHECKNAMES;
zone_options &= ~DNS_ZONEOPT_CHECKNAMESFAIL;
} else
INSIST(0);
} else {
zone_options |= DNS_ZONEOPT_CHECKNAMES;
zone_options |= DNS_ZONEOPT_CHECKNAMESFAIL;
}
masterformat = dns_masterformat_text;
fmtobj = NULL;
if (get_maps(maps, "masterfile-format", &fmtobj)) {
const char *masterformatstr = cfg_obj_asstring(fmtobj);
if (strcasecmp(masterformatstr, "text") == 0)
masterformat = dns_masterformat_text;
else if (strcasecmp(masterformatstr, "raw") == 0)
masterformat = dns_masterformat_raw;
else if (strcasecmp(masterformatstr, "map") == 0)
masterformat = dns_masterformat_map;
else
INSIST(0);
}
obj = NULL;
if (get_maps(maps, "max-zone-ttl", &obj)) {
maxttl = cfg_obj_asuint32(obj);
zone_options2 |= DNS_ZONEOPT2_CHECKTTL;
}
result = load_zone(mctx, zname, zfile, masterformat,
zclass, maxttl, NULL);
if (result != ISC_R_SUCCESS)
fprintf(stderr, "%s/%s/%s: %s\n", view, zname, zclass,
dns_result_totext(result));
return (result);
}
/*% configure the zone */
static isc_result_t
configure_zone(const char *vclass, const char *view,
const cfg_obj_t *zconfig, const cfg_obj_t *vconfig,
const cfg_obj_t *config, isc_mem_t *mctx)
{
int i = 0;
isc_result_t result;
const char *zclass;
const char *zname;
const char *zfile;
const cfg_obj_t *maps[4];
const cfg_obj_t *zoptions = NULL;
const cfg_obj_t *classobj = NULL;
const cfg_obj_t *typeobj = NULL;
const cfg_obj_t *fileobj = NULL;
const cfg_obj_t *dbobj = NULL;
const cfg_obj_t *obj = NULL;
const cfg_obj_t *fmtobj = NULL;
dns_masterformat_t masterformat;
zone_options = DNS_ZONEOPT_CHECKNS | DNS_ZONEOPT_MANYERRORS;
zname = cfg_obj_asstring(cfg_tuple_get(zconfig, "name"));
classobj = cfg_tuple_get(zconfig, "class");
if (!cfg_obj_isstring(classobj))
zclass = vclass;
else
zclass = cfg_obj_asstring(classobj);
zoptions = cfg_tuple_get(zconfig, "options");
maps[i++] = zoptions;
if (vconfig != NULL)
maps[i++] = cfg_tuple_get(vconfig, "options");
if (config != NULL) {
cfg_map_get(config, "options", &obj);
if (obj != NULL)
maps[i++] = obj;
}
maps[i++] = NULL;
cfg_map_get(zoptions, "type", &typeobj);
if (typeobj == NULL)
return (ISC_R_FAILURE);
if (strcasecmp(cfg_obj_asstring(typeobj), "master") != 0)
return (ISC_R_SUCCESS);
cfg_map_get(zoptions, "database", &dbobj);
if (dbobj != NULL)
return (ISC_R_SUCCESS);
cfg_map_get(zoptions, "file", &fileobj);
if (fileobj == NULL)
return (ISC_R_FAILURE);
zfile = cfg_obj_asstring(fileobj);
obj = NULL;
if (get_maps(maps, "check-dup-records", &obj)) {
if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
zone_options |= DNS_ZONEOPT_CHECKDUPRR;
zone_options &= ~DNS_ZONEOPT_CHECKDUPRRFAIL;
} else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
zone_options |= DNS_ZONEOPT_CHECKDUPRR;
zone_options |= DNS_ZONEOPT_CHECKDUPRRFAIL;
} else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
zone_options &= ~DNS_ZONEOPT_CHECKDUPRR;
zone_options &= ~DNS_ZONEOPT_CHECKDUPRRFAIL;
} else
INSIST(0);
} else {
zone_options |= DNS_ZONEOPT_CHECKDUPRR;
zone_options &= ~DNS_ZONEOPT_CHECKDUPRRFAIL;
}
obj = NULL;
if (get_maps(maps, "check-mx", &obj)) {
if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
zone_options |= DNS_ZONEOPT_CHECKMX;
zone_options &= ~DNS_ZONEOPT_CHECKMXFAIL;
} else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
zone_options |= DNS_ZONEOPT_CHECKMX;
zone_options |= DNS_ZONEOPT_CHECKMXFAIL;
} else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
zone_options &= ~DNS_ZONEOPT_CHECKMX;
zone_options &= ~DNS_ZONEOPT_CHECKMXFAIL;
} else
INSIST(0);
} else {
zone_options |= DNS_ZONEOPT_CHECKMX;
zone_options &= ~DNS_ZONEOPT_CHECKMXFAIL;
}
obj = NULL;
if (get_maps(maps, "check-integrity", &obj)) {
if (cfg_obj_asboolean(obj))
zone_options |= DNS_ZONEOPT_CHECKINTEGRITY;
else
zone_options &= ~DNS_ZONEOPT_CHECKINTEGRITY;
} else
zone_options |= DNS_ZONEOPT_CHECKINTEGRITY;
obj = NULL;
if (get_maps(maps, "check-mx-cname", &obj)) {
if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
zone_options |= DNS_ZONEOPT_WARNMXCNAME;
zone_options &= ~DNS_ZONEOPT_IGNOREMXCNAME;
} else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
zone_options &= ~DNS_ZONEOPT_WARNMXCNAME;
zone_options &= ~DNS_ZONEOPT_IGNOREMXCNAME;
} else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
zone_options |= DNS_ZONEOPT_WARNMXCNAME;
zone_options |= DNS_ZONEOPT_IGNOREMXCNAME;
} else
INSIST(0);
} else {
zone_options |= DNS_ZONEOPT_WARNMXCNAME;
zone_options &= ~DNS_ZONEOPT_IGNOREMXCNAME;
}
obj = NULL;
if (get_maps(maps, "check-srv-cname", &obj)) {
if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
zone_options |= DNS_ZONEOPT_WARNSRVCNAME;
zone_options &= ~DNS_ZONEOPT_IGNORESRVCNAME;
} else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
zone_options &= ~DNS_ZONEOPT_WARNSRVCNAME;
zone_options &= ~DNS_ZONEOPT_IGNORESRVCNAME;
} else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
zone_options |= DNS_ZONEOPT_WARNSRVCNAME;
zone_options |= DNS_ZONEOPT_IGNORESRVCNAME;
} else
INSIST(0);
} else {
zone_options |= DNS_ZONEOPT_WARNSRVCNAME;
zone_options &= ~DNS_ZONEOPT_IGNORESRVCNAME;
}
obj = NULL;
if (get_maps(maps, "check-sibling", &obj)) {
if (cfg_obj_asboolean(obj))
zone_options |= DNS_ZONEOPT_CHECKSIBLING;
else
zone_options &= ~DNS_ZONEOPT_CHECKSIBLING;
}
obj = NULL;
if (get_checknames(maps, &obj)) {
if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
zone_options |= DNS_ZONEOPT_CHECKNAMES;
zone_options &= ~DNS_ZONEOPT_CHECKNAMESFAIL;
} else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
zone_options |= DNS_ZONEOPT_CHECKNAMES;
zone_options |= DNS_ZONEOPT_CHECKNAMESFAIL;
} else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
zone_options &= ~DNS_ZONEOPT_CHECKNAMES;
zone_options &= ~DNS_ZONEOPT_CHECKNAMESFAIL;
} else
INSIST(0);
} else {
zone_options |= DNS_ZONEOPT_CHECKNAMES;
zone_options |= DNS_ZONEOPT_CHECKNAMESFAIL;
}
masterformat = dns_masterformat_text;
fmtobj = NULL;
result = config_get(maps, "masterfile-format", &fmtobj);
if (result == ISC_R_SUCCESS) {
const char *masterformatstr = cfg_obj_asstring(fmtobj);
if (strcasecmp(masterformatstr, "text") == 0)
masterformat = dns_masterformat_text;
else if (strcasecmp(masterformatstr, "raw") == 0)
masterformat = dns_masterformat_raw;
else
INSIST(0);
}
result = load_zone(mctx, zname, zfile, masterformat, zclass, NULL);
if (result != ISC_R_SUCCESS)
fprintf(stderr, "%s/%s/%s: %s\n", view, zname, zclass,
dns_result_totext(result));
return(result);
}
