diff options
Diffstat (limited to 'lib/bind9/check.c')
| -rw-r--r-- | lib/bind9/check.c | 34 |
1 files changed, 33 insertions, 1 deletions
diff --git a/lib/bind9/check.c b/lib/bind9/check.c index bc7aabe2e0e76..cbfa8301e3f4b 100644 --- a/lib/bind9/check.c +++ b/lib/bind9/check.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2015 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2016 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2001-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -1292,6 +1292,8 @@ check_zoneconf(const cfg_obj_t *zconfig, const cfg_obj_t *voptions, dns_name_t *zname = NULL; isc_buffer_t b; isc_boolean_t root = ISC_FALSE; + isc_boolean_t rfc1918 = ISC_FALSE; + isc_boolean_t ula = ISC_FALSE; const cfg_listelt_t *element; isc_boolean_t ddns = ISC_FALSE; @@ -1461,6 +1463,10 @@ check_zoneconf(const cfg_obj_t *zconfig, const cfg_obj_t *voptions, result = tresult; if (dns_name_equal(zname, dns_rootname)) root = ISC_TRUE; + else if (dns_name_isrfc1918(zname)) + rfc1918 = ISC_TRUE; + else if (dns_name_isula(zname)) + ula = ISC_TRUE; } /* @@ -1731,6 +1737,32 @@ check_zoneconf(const cfg_obj_t *zconfig, const cfg_obj_t *voptions, result = ISC_R_FAILURE; /* + * Check that a RFC 1918 / ULA reverse zone is not forward first + * unless explictly configured to be so. + */ + if (ztype == FORWARDZONE && (rfc1918 || ula)) { + obj = NULL; + (void)cfg_map_get(zoptions, "forward", &obj); + if (obj == NULL) { + /* + * Forward mode not explicity configured. + */ + if (voptions != NULL) + cfg_map_get(voptions, "forward", &obj); + if (obj == NULL && goptions != NULL) + cfg_map_get(goptions, "forward", &obj); + if (obj == NULL || + strcasecmp(cfg_obj_asstring(obj), "first") == 0) + cfg_obj_log(zconfig, logctx, ISC_LOG_WARNING, + "inherited 'forward first;' for " + "%s zone '%s' - did you want " + "'forward only;'?", + rfc1918 ? "rfc1918" : "ula", + znamestr); + } + } + + /* * Check validity of static stub server addresses. */ obj = NULL; |