#ifndef lint
static const char copyright[] =
"@(#) Copyright (c) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2005, 2006, 2007, 2008, 2009\n\
The Regents of the University of California. All rights reserved.\n";
static const char rcsid[] =
"@(#) $Id: nslint.c 247 2009-10-14 17:54:05Z leres $ (LBL)";
#endif
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <ctype.h>
#include <errno.h>
#ifdef HAVE_FCNTL_H
#include <fcntl.h>
#endif
#ifdef HAVE_MEMORY_H
#include <memory.h>
#endif
#include <netdb.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <time.h>
#include <unistd.h>
#include "savestr.h"
#include "version.h"
#include "gnuc.h"
#ifdef HAVE_OS_PROTO_H
#include "os-proto.h"
#endif
#define NSLINTBOOT "nslint.boot"
#define NSLINTCONF "nslint.conf"
#define CHECKDOT(p) (p[0] == '.' && p[1] == '\0')
struct addr {
u_int family;
union {
struct in_addr _a_addr4;
struct in6_addr _a_addr6;
} addr;
};
#define a_addr4 addr._a_addr4.s_addr
#define a_addr6 addr._a_addr6.s6_addr
struct network {
u_int family;
union {
struct in_addr _n_addr4;
struct in6_addr _n_addr6;
} addr;
union {
struct in_addr _n_mask4;
struct in6_addr _n_mask6;
} mask;
};
#define n_addr4 addr._n_addr4.s_addr
#define n_mask4 mask._n_mask4.s_addr
#define n_addr6 addr._n_addr6.s6_addr
#define n_mask6 mask._n_mask6.s6_addr
struct item {
char *host;
struct addr addr;
u_int ttl;
int records;
int flags;
};
struct ignoredzone {
char *zone;
int len;
};
#define REC_A 0x0001
#define REC_AAAA 0x0002
#define REC_PTR 0x0004
#define REC_WKS 0x0008
#define REC_HINFO 0x0010
#define REC_MX 0x0020
#define REC_CNAME 0x0040
#define REC_NS 0x0080
#define REC_SOA 0x0100
#define REC_RP 0x0200
#define REC_TXT 0x0400
#define REC_SRV 0x0800
#define REC_OTHER 0x1000
#define REC_REF 0x2000
#define REC_UNKNOWN 0x4000
enum rrtype {
RR_UNDEF = 0,
RR_A,
RR_AAAA,
RR_ALLOWDUPA,
RR_CNAME,
RR_DNSKEY,
RR_HINFO,
RR_MX,
RR_NS,
RR_PTR,
RR_RP,
RR_SOA,
RR_SRV,
RR_TXT,
RR_WKS,
RR_RRSIG,
RR_NSEC,
};
#define MASK_TEST_REC (REC_WKS | REC_HINFO | \
REC_MX | REC_SOA | REC_RP | REC_TXT | REC_SRV | REC_UNKNOWN)
#define MASK_CHECK_REC \
(REC_A | REC_AAAA | REC_PTR | REC_CNAME | REC_REF | REC_OTHER)
#define MASK_TEST_DUP \
(REC_A | REC_AAAA | REC_HINFO | REC_CNAME)
#define FLG_SELFMX 0x001
#define FLG_MXREF 0x002
#define FLG_SMTPWKS 0x004
#define FLG_ALLOWDUPA 0x008
#define CONF_MUSTEXIST 0x001
#define CONF_NOZONE 0x002
#define MASK_TEST_SMTP \
(FLG_SELFMX | FLG_SMTPWKS)
#define ITEMSIZE (1 << 17)
struct item items[ITEMSIZE];
int itemcnt;
#define STRSIZE 8192;
char *strptr;
int strsize;
int debug;
int errors;
#ifdef __FreeBSD__
char *bootfile = "/etc/namedb/named.boot";
char *conffile = "/etc/namedb/named.conf";
#else
char *bootfile = "/etc/named.boot";
char *conffile = "/etc/named.conf";
#endif
char *nslintboot;
char *nslintconf;
char *prog;
char *cwd = ".";
static struct network *netlist;
static u_int netlistsize;
static u_int netlistcnt;
char **protoserv;
int protoserv_init;
int protoserv_last;
int protoserv_len;
static char inaddr[] = ".in-addr.arpa.";
static char inaddr6[] = ".ip6.arpa.";
static struct ignoredzone ignoredzones[10];
static int numignoredzones = 0;
#define SIZEIGNOREDZONES (sizeof(ignoredzones) / sizeof(ignoredzones[0]))
#define SOA_SERIAL 0
#define SOA_REFRESH 1
#define SOA_RETRY 2
#define SOA_EXPIRE 3
#define SOA_MINIMUM 4
static u_int soaval[5];
static int nsoaval;
#define NSOAVAL (sizeof(soaval) / sizeof(soaval[0]))
void add_domain(char *, const char *);
const char *addr2str(struct addr *);
int checkaddr(const char *);
int checkdots(const char *);
void checkdups(struct item *, int);
int checkignoredzone(const char *);
int checkserv(const char *, char **p);
int checkwks(FILE *, char *, int *, char **);
int cmpaddr(const void *, const void *);
int cmpitemaddr(const void *, const void *);
int cmpitemhost(const void *, const void *);
int cmpnetwork(const void *, const void *);
void doboot(const char *, int);
void doconf(const char *, int);
const char *extractaddr(const char *, struct addr *);
const char *extractnetwork(const char *, struct network *);
struct network *findnetwork(struct addr *);
void initprotoserv(void);
int main(int, char **);
int maskwidth(struct network *);
const char *network2str(struct network *);
void nslint(void);
const char *parsenetwork(const char *);
const char *parseptr(const char *, struct addr *);
char *parsequoted(char *);
int parserrsig(const char *, char **);
int parsesoa(const char *, char **);
void process(const char *, const char *, const char *);
int rfc1034host(const char *, int);
enum rrtype txt2rrtype(const char *);
int samesubnet(struct addr *, struct addr *, struct network *);
void setmaskwidth(u_int w, struct network *);
int updateitem(const char *, struct addr *, int, u_int, int);
void usage(void) __attribute__((noreturn));
extern char *optarg;
extern int optind, opterr;
int
main(int argc, char **argv)
{
char *cp;
int op, donamedboot, donamedconf;
if ((cp = strrchr(argv[0], '/')) != NULL)
prog = cp + 1;
else
prog = argv[0];
donamedboot = 0;
donamedconf = 0;
while ((op = getopt(argc, argv, "b:c:B:C:d")) != -1)
switch (op) {
case 'b':
bootfile = optarg;
++donamedboot;
break;
case 'c':
conffile = optarg;
++donamedconf;
break;
case 'B':
nslintboot = optarg;
++donamedboot;
break;
case 'C':
nslintconf = optarg;
++donamedconf;
break;
case 'd':
++debug;
break;
default:
usage();
}
if (optind != argc || (donamedboot && donamedconf))
usage();
if (!donamedboot && !donamedconf) {
if (access(conffile, R_OK) >= 0)
++donamedconf;
if (access(bootfile, R_OK) >= 0)
++donamedboot;
if (donamedboot && donamedconf) {
fprintf(stderr,
"%s: nslint: both %s and %s exist; use -b or -c\n",
prog, conffile, bootfile);
exit(1);
}
}
if (donamedboot) {
doboot(bootfile, CONF_MUSTEXIST | CONF_NOZONE);
if (nslintboot != NULL)
doboot(nslintboot, CONF_MUSTEXIST);
else
doboot(NSLINTBOOT, 0);
doboot(bootfile, CONF_MUSTEXIST);
} else {
doconf(conffile, CONF_MUSTEXIST | CONF_NOZONE);
if (nslintconf != NULL)
doconf(nslintconf, CONF_MUSTEXIST);
else
doconf(NSLINTCONF, 0);
doconf(conffile, CONF_MUSTEXIST);
}
if (netlistcnt > 0)
qsort(netlist, netlistcnt, sizeof(netlist[0]), cmpnetwork);
nslint();
exit (errors != 0);
}
void
add_domain(char *name, const char *domain)
{
char *cp;
for (cp = name; *cp != '\0' && !isspace(*cp); ++cp)
if (isupper(*cp))
*cp = tolower(*cp);
*cp-- = '\0';
if (cp >= name && *cp++ != '.') {
if (*domain != '.')
*cp++ = '.';
(void)strcpy(cp, domain);
}
}
const char *
addr2str(struct addr *ap)
{
struct network net;
memset(&net, 0, sizeof(net));
net.family = ap->family;
switch (ap->family) {
case AF_INET:
net.n_addr4 = ap->a_addr4;
setmaskwidth(32, &net);
break;
case AF_INET6:
memmove(net.n_addr6, &ap->a_addr6, sizeof(ap->a_addr6));
setmaskwidth(128, &net);
break;
default:
return ("<nil>");
}
return (network2str(&net));
}
int
checkaddr(const char *name)
{
struct in_addr addr;
return (inet_pton(AF_INET, name, (char *)&addr));
}
int
checkdots(const char *name)
{
const char *cp, *cp2;
if ((cp = strchr(name, '.')) == NULL)
return (0);
cp2 = name + strlen(name) - 1;
if (cp2 >= name && *cp2 == '.')
return (0);
++cp;
if (strchr(cp, '.') != NULL)
return (1);
if (strlen(cp) == 2 ||
strcasecmp(cp, "gov") == 0 ||
strcasecmp(cp, "edu") == 0 ||
strcasecmp(cp, "com") == 0 ||
strcasecmp(cp, "net") == 0 ||
strcasecmp(cp, "org") == 0 ||
strcasecmp(cp, "mil") == 0 ||
strcasecmp(cp, "int") == 0 ||
strcasecmp(cp, "nato") == 0 ||
strcasecmp(cp, "arpa") == 0)
return (1);
return (0);
}
static struct duprec {
int record;
char *name;
} duprec[] = {
{ REC_A, "a" },
{ REC_AAAA, "aaaa" },
{ REC_HINFO, "hinfo" },
{ REC_CNAME, "cname" },
{ 0, NULL },
};
void
checkdups(struct item *ip, int records)
{
struct duprec *dp;
records &= (ip->records & MASK_TEST_DUP);
if (records == 0)
return;
for (dp = duprec; dp->name != NULL; ++dp)
if ((records & dp->record) != 0) {
++errors;
fprintf(stderr, "%s: multiple \"%s\" records for %s\n",
prog, dp->name, ip->host);
records &= ~dp->record;
}
if (records != 0)
fprintf(stderr, "%s: checkdups: records not zero %s (0x%x)\n",
prog, ip->host, records);
}
int
checkignoredzone(const char *name)
{
int i, len, len2;
len = strlen(name);
if (len > 1 && name[len - 1] == '.')
--len;
for (i = 0; i < numignoredzones; ++i) {
len2 = len - ignoredzones[i].len;
if (len2 >= 0 &&
strncasecmp(name + len2,
ignoredzones[i].zone, len - len2) == 0)
return (1);
}
return (0);
}
int
checkserv(const char *serv, char **p)
{
for (; *p != NULL; ++p)
if (*serv == **p && strcmp(serv, *p) == 0)
return (1);
return (0);
}
int
checkwks(FILE *f, char *proto, int *smtpp, char **errstrp)
{
int n, sawparen;
char *cp, *serv, **p;
static char errstr[132];
char buf[1024];
char psbuf[512];
if (!protoserv_init) {
initprotoserv();
++protoserv_init;
}
n = 0;
cp = proto;
while (!isspace(*cp) && *cp != '\0')
++cp;
if (*cp != '\0')
*cp++ = '\0';
*smtpp = 0;
sawparen = 0;
if (*cp == '(') {
++sawparen;
++cp;
while (isspace(*cp))
++cp;
}
for (;;) {
if (*cp == '\0') {
if (!sawparen)
break;
if (fgets(buf, sizeof(buf), f) == NULL) {
*errstrp = "mismatched parens";
return (n);
}
++n;
cp = buf;
while (isspace(*cp))
++cp;
}
for (serv = cp; !isspace(*cp) && *cp != '\0'; ++cp)
if (isupper(*cp))
*cp = tolower(*cp);
if (*cp != '\0')
*cp++ = '\0';
if (sawparen && *cp == ')') {
break;
}
(void)sprintf(psbuf, "%s/%s", serv, proto);
if (*serv == 's' && strcmp(psbuf, "tcp/smtp") == 0)
++*smtpp;
for (p = protoserv; *p != NULL; ++p)
if (*psbuf == **p && strcmp(psbuf, *p) == 0) {
break;
}
if (*p == NULL) {
sprintf(errstr, "%s unknown", psbuf);
*errstrp = errstr;
break;
}
}
return (n);
}
int
cmpaddr(const void *arg1, const void *arg2)
{
int i, r1;
const struct network *n1, *n2;
n1 = (const struct network *)arg1;
n2 = (const struct network *)arg2;
if (n1->family != n2->family)
return ((n1->family == AF_INET) ? -1 : 1);
switch (n1->family) {
case AF_INET:
if (ntohl(n1->n_addr4) < ntohl(n2->n_addr4))
return (-1);
else if (ntohl(n1->n_addr4) > ntohl(n2->n_addr4))
return (1);
return (0);
case AF_INET6:
r1 = 0;
for (i = 0; i < 16; ++i) {
if (ntohl(n1->n_addr6[i]) < ntohl(n2->n_addr6[i]))
return (-1);
if (ntohl(n1->n_addr6[i]) > ntohl(n2->n_addr6[i]))
return (1);
}
return (0);
default:
abort();
}
}
int
cmpitemaddr(const void *arg1, const void *arg2)
{
struct item *i1, *i2;
i1 = (struct item *)arg1;
i2 = (struct item *)arg2;
return (cmpaddr(&i1->addr, &i2->addr));
}
int
cmpitemhost(const void *arg1, const void *arg2)
{
struct item *i1, *i2;
i1 = (struct item *)arg1;
i2 = (struct item *)arg2;
return (strcasecmp(i1->host, i1->host));
}
int
cmpnetwork(const void *arg1, const void *arg2)
{
int i, r1, r2;
const struct network *n1, *n2;
n1 = (const struct network *)arg1;
n2 = (const struct network *)arg2;
if (n1->family != n2->family)
return ((n1->family == AF_INET) ? -1 : 1);
switch (n1->family) {
case AF_INET:
if (ntohl(n1->n_addr4) < ntohl(n2->n_addr4))
return (-1);
else if (ntohl(n1->n_addr4) > ntohl(n2->n_addr4))
return (1);
if (ntohl(n1->n_mask4) < ntohl(n2->n_mask4))
return (1);
else if (ntohl(n1->n_mask4) > ntohl(n2->n_mask4))
return (-1);
return (0);
case AF_INET6:
r1 = 0;
for (i = 0; i < 16; ++i) {
if (ntohl(n1->n_addr6[i]) < ntohl(n2->n_addr6[i]))
return (-1);
if (ntohl(n1->n_addr6[i]) > ntohl(n2->n_addr6[i]))
return (1);
}
r2 = 0;
for (i = 0; i < 16; ++i) {
if (n1->n_mask6[i] < n2->n_mask6[i])
return (1);
if (n1->n_mask6[i] > n2->n_mask6[i])
return (-1);
}
return (0);
break;
default:
abort();
}
abort();
}
void
doboot(const char *file, int flags)
{
int n;
char *cp, *cp2;
FILE *f;
const char *errstr;
char buf[1024], name[128];
errno = 0;
f = fopen(file, "r");
if (f == NULL) {
if ((flags & CONF_MUSTEXIST) == 0 && errno == ENOENT) {
if (debug > 1)
printf(
"%s: doit: %s doesn't exist (ignoring)\n",
prog, file);
return;
}
fprintf(stderr, "%s: %s: %s\n", prog, file, strerror(errno));
exit(1);
}
if (debug > 1)
printf("%s: doit: opened %s\n", prog, file);
n = 0;
while (fgets(buf, sizeof(buf), f) != NULL) {
++n;
if (buf[0] == ';')
continue;
cp = strchr(buf, ';');
if (cp)
*cp = '\0';
cp = buf + strlen(buf) - 1;
if (cp >= buf && *cp == '\n')
*cp = '\0';
cp = buf;
while (isspace(*cp))
++cp;
if (*cp == '\n' || *cp == '\0')
continue;
cp2 = cp;
while (!isspace(*cp) && *cp != '\0')
++cp;
*cp++ = '\0';
while (isspace(*cp))
++cp;
if (strcasecmp(cp2, "directory") == 0) {
cp2 = cp;
while (!isspace(*cp) && *cp != '\0')
++cp;
*cp = '\0';
if (chdir(cp2) < 0) {
++errors;
fprintf(stderr, "%s: can't chdir %s: %s\n",
prog, cp2, strerror(errno));
exit(1);
}
cwd = savestr(cp2);
continue;
}
if (strcasecmp(cp2, "primary") == 0) {
for (cp2 = name; !isspace(*cp) && *cp != '\0'; ++cp)
if (isupper(*cp))
*cp2++ = tolower(*cp);
else
*cp2++ = *cp;
if (cp2 > name && cp2[-1] != '.')
*cp2++ = '.';
*cp2 = '\0';
while (isspace(*cp))
++cp;
cp2 = cp;
while (!isspace(*cp) && *cp != '\0')
++cp;
*cp = '\0';
nsoaval = -1;
memset(soaval, 0, sizeof(soaval));
if ((flags & CONF_NOZONE) == 0)
process(cp2, name, name);
continue;
}
if (strcasecmp(cp2, "network") == 0) {
errstr = parsenetwork(cp);
if (errstr != NULL) {
++errors;
fprintf(stderr,
"%s: %s:%d: bad network: %s\n",
prog, file, n, errstr);
}
continue;
}
if (strcasecmp(cp2, "include") == 0) {
cp2 = cp;
while (!isspace(*cp) && *cp != '\0')
++cp;
*cp = '\0';
doboot(cp2, 1);
continue;
}
}
(void)fclose(f);
}
void
doconf(const char *file, int flags)
{
int n, fd, cc, i, depth;
char *cp, *cp2, *buf;
const char *p;
char *name, *zonename, *filename, *typename;
int namelen, zonenamelen, filenamelen, typenamelen;
struct stat sbuf;
char zone[128], includefile[256];
errno = 0;
fd = open(file, O_RDONLY, 0);
if (fd < 0) {
if ((flags & CONF_MUSTEXIST) == 0 && errno == ENOENT) {
if (debug > 1)
printf(
"%s: doconf: %s doesn't exist (ignoring)\n",
prog, file);
return;
}
fprintf(stderr, "%s: %s: %s\n", prog, file, strerror(errno));
exit(1);
}
if (debug > 1)
printf("%s: doconf: opened %s\n", prog, file);
if (fstat(fd, &sbuf) < 0) {
fprintf(stderr, "%s: fstat(%s) %s\n",
prog, file, strerror(errno));
exit(1);
}
buf = (char *)malloc(sbuf.st_size + 1);
if (buf == NULL) {
fprintf(stderr, "%s: malloc: %s\n", prog, strerror(errno));
exit(1);
}
n = sbuf.st_size;
cp = buf;
do {
cc = read(fd, cp, n);
if (cc < 0) {
fprintf(stderr, "%s: read(%s) %s\n",
prog, file, strerror(errno));
exit(1);
}
cp += cc;
n -= cc;
} while (cc != 0 && cc < n);
buf[cc] = '\0';
#define EATWHITESPACE \
while (isspace(*cp)) { \
if (*cp == '\n') \
++n; \
++cp; \
}
#define EATCOMMENTS \
{ \
int sawcomment; \
do { \
EATWHITESPACE \
sawcomment = 0; \
if (*cp == '#') { \
sawcomment = 1; \
++cp; \
while (*cp != '\n' && *cp != '\0') \
++cp; \
} \
else if (strncmp(cp, "//", 2) == 0) { \
sawcomment = 1; \
cp += 2; \
while (*cp != '\n' && *cp != '\0') \
++cp; \
} \
else if (strncmp(cp, "/*", 2) == 0) { \
sawcomment = 1; \
for (cp += 2; *cp != '\0'; ++cp) { \
if (*cp == '\n') \
++n; \
else if (strncmp(cp, "*/", 2) == 0) { \
cp += 2; \
break; \
} \
} \
} \
} while (sawcomment); \
}
#define GETNAME(name, len) \
{ \
(name) = cp; \
(len) = 0; \
while (!isspace(*cp) && *cp != ';' && *cp != '\0') { \
++(len); \
++cp; \
} \
}
#define GETQUOTEDNAME(name, len) \
{ \
if (*cp != '"') { \
++errors; \
fprintf(stderr, "%s: %s:%d missing left quote\n", \
prog, file, n); \
} else \
++cp; \
(name) = cp; \
(len) = 0; \
while (*cp != '"' && *cp != '\n' && *cp != '\0') { \
++(len); \
++cp; \
} \
if (*cp != '"') { \
++errors; \
fprintf(stderr, "%s: %s:%d missing right quote\n", \
prog, file, n); \
} else \
++cp; \
}
#define EATSEMICOLON \
{ \
int depth = 0; \
while (*cp != '\0') { \
EATCOMMENTS \
if (*cp == ';') { \
++cp; \
if (depth == 0) \
break; \
continue; \
} \
if (*cp == '{') { \
++depth; \
++cp; \
continue; \
} \
if (*cp == '}') { \
--depth; \
++cp; \
continue; \
} \
++cp; \
} \
}
#define EATSLEFTBRACE \
while (*cp != '\0') { \
EATCOMMENTS \
if (*cp == '{') { \
++cp; \
break; \
} \
++cp; \
}
n = 1;
zone[0] = '\0';
cp = buf;
while (*cp != '\0') {
EATCOMMENTS
if (*cp == '\0')
break;
GETNAME(name, namelen)
if (namelen == 0) {
++errors;
fprintf(stderr, "%s: %s:%d garbage char '%c' (1)\n",
prog, file, n, *cp);
++cp;
continue;
}
EATCOMMENTS
if (strncasecmp(name, "options", namelen) == 0) {
EATCOMMENTS
if (*cp != '{') {
++errors;
fprintf(stderr,
"%s: %s:%d missing left qbrace in options\n",
prog, file, n);
} else
++cp;
EATCOMMENTS
while (*cp != '}' && *cp != '\0') {
EATCOMMENTS
GETNAME(name, namelen)
if (namelen == 0) {
++errors;
fprintf(stderr,
"%s: %s:%d garbage char '%c' (2)\n",
prog, file, n, *cp);
++cp;
break;
}
if (strncasecmp(name, "directory",
namelen) == 0) {
EATCOMMENTS
GETQUOTEDNAME(cp2, i)
cp2[i] = '\0';
if (chdir(cp2) < 0) {
++errors;
fprintf(stderr,
"%s: %s:.%d can't chdir %s: %s\n",
prog, file, n, cp2,
strerror(errno));
exit(1);
}
cwd = savestr(cp2);
}
EATSEMICOLON
EATCOMMENTS
}
++cp;
EATCOMMENTS
if (*cp != ';') {
++errors;
fprintf(stderr,
"%s: %s:%d missing options semi\n",
prog, file, n);
} else
++cp;
continue;
}
if (strncasecmp(name, "zone", namelen) == 0) {
EATCOMMENTS
GETQUOTEDNAME(zonename, zonenamelen)
typename = NULL;
filename = NULL;
typenamelen = 0;
filenamelen = 0;
EATCOMMENTS
if (strncasecmp(cp, "in", 2) == 0) {
cp += 2;
EATWHITESPACE
} else if (strncasecmp(cp, "chaos", 5) == 0) {
cp += 5;
EATWHITESPACE
}
if (*cp != '{') {
++errors;
fprintf(stderr,
"%s: %s:%d missing left qbrace in zone\n",
prog, file, n);
continue;
}
depth = 0;
EATCOMMENTS
while (*cp != '\0') {
if (*cp == '{') {
++cp;
++depth;
} else if (*cp == '}') {
if (--depth <= 1)
break;
++cp;
}
EATCOMMENTS
GETNAME(name, namelen)
if (namelen == 0) {
++errors;
fprintf(stderr,
"%s: %s:%d garbage char '%c' (3)\n",
prog, file, n, *cp);
++cp;
break;
}
if (strncasecmp(name, "type",
namelen) == 0) {
EATCOMMENTS
GETNAME(typename, typenamelen)
if (namelen == 0) {
++errors;
fprintf(stderr,
"%s: %s:%d garbage char '%c' (4)\n",
prog, file, n, *cp);
++cp;
break;
}
} else if (strncasecmp(name, "file",
namelen) == 0) {
EATCOMMENTS
GETQUOTEDNAME(filename, filenamelen)
}
EATSEMICOLON
EATCOMMENTS
}
if (*cp != '}') {
++errors;
fprintf(stderr,
"%s: %s:%d missing zone right qbrace\n",
prog, file, n);
} else
++cp;
if (*cp != ';') {
++errors;
fprintf(stderr,
"%s: %s:%d missing zone semi\n",
prog, file, n);
} else
++cp;
EATCOMMENTS
if (typenamelen == 0) {
++errors;
fprintf(stderr, "%s: missing zone type!\n",
prog);
continue;
}
if (strncasecmp(typename, "master", typenamelen) == 0) {
if (filenamelen == 0) {
++errors;
fprintf(stderr,
"%s: missing zone filename!\n",
prog);
continue;
}
strncpy(zone, zonename, zonenamelen);
zone[zonenamelen] = '\0';
for (cp2 = zone; *cp2 != '\0'; ++cp2)
if (isupper(*cp2))
*cp2 = tolower(*cp2);
if (cp2 > zone && cp2[-1] != '.') {
*cp2++ = '.';
*cp2 = '\0';
}
filename[filenamelen] = '\0';
nsoaval = -1;
memset(soaval, 0, sizeof(soaval));
if ((flags & CONF_NOZONE) == 0)
process(filename, zone, zone);
}
continue;
}
if (strncasecmp(name, "nslint", namelen) == 0) {
EATCOMMENTS
if (*cp != '{') {
++errors;
fprintf(stderr,
"%s: %s:%d missing left qbrace in nslint\n",
prog, file, n);
} else
++cp;
++cp;
EATCOMMENTS
while (*cp != '}' && *cp != '\0') {
EATCOMMENTS
GETNAME(name, namelen)
if (strncasecmp(name, "network",
namelen) == 0) {
EATCOMMENTS
GETQUOTEDNAME(cp2, i)
cp2[i] = '\0';
p = parsenetwork(cp2);
if (p != NULL) {
++errors;
fprintf(stderr,
"%s: %s:%d: bad network: %s\n",
prog, file, n, p);
}
} else if (strncasecmp(name, "ignorezone",
namelen) == 0) {
EATCOMMENTS
GETQUOTEDNAME(cp2, i)
cp2[i] = '\0';
if (numignoredzones + 1 <
sizeof(ignoredzones) /
sizeof(ignoredzones[0])) {
ignoredzones[numignoredzones].zone =
savestr(cp2);
if (ignoredzones[numignoredzones].zone != NULL) {
ignoredzones[numignoredzones].len = strlen(cp2);
++numignoredzones;
}
}
} else {
++errors;
fprintf(stderr,
"%s: unknown nslint \"%.*s\"\n",
prog, namelen, name);
}
EATSEMICOLON
EATCOMMENTS
}
++cp;
EATCOMMENTS
if (*cp != ';') {
++errors;
fprintf(stderr,
"%s: %s:%d: missing nslint semi\n",
prog, file, n);
} else
++cp;
continue;
}
if (strncasecmp(name, "include", namelen) == 0) {
EATCOMMENTS
GETQUOTEDNAME(filename, filenamelen)
strncpy(includefile, filename, filenamelen);
includefile[filenamelen] = '\0';
doconf(includefile, 1);
EATSEMICOLON
continue;
}
if (strncasecmp(name, "view", namelen) == 0) {
EATSLEFTBRACE
continue;
}
EATSEMICOLON
}
free(buf);
close(fd);
}
const char *
extractaddr(const char *str, struct addr *ap)
{
memset(ap, 0, sizeof(*ap));
if (strchr(str, '.') != NULL) {
ap->family = AF_INET;
} else if (strchr(str, ':') != NULL) {
ap->family = AF_INET6;
} else
return ("unrecognized address type");
switch (ap->family) {
case AF_INET:
if (!inet_pton(ap->family, str, &ap->a_addr4))
return ("cannot parse IPv4 address");
break;
case AF_INET6:
if (!inet_pton(ap->family, str, &ap->a_addr6))
return ("cannot parse IPv6 address");
break;
default:
abort();
}
return (NULL);
}
const char *
extractnetwork(const char *str, struct network *np)
{
int i;
long w;
char *cp, *ep;
const char *p;
char temp[64];
memset(np, 0, sizeof(*np));
if (strchr(str, '.') != NULL) {
np->family = AF_INET;
w = 32;
} else if (strchr(str, ':') != NULL) {
np->family = AF_INET6;
w = 128;
} else
return ("unrecognized address type");
p = strchr(str, '/');
if (p != NULL) {
strncpy(temp, str, sizeof(temp));
temp[sizeof(temp) - 1] = '\0';
cp = strchr(temp, '/');
if (cp == NULL)
abort();
*cp++ = '\0';
ep = NULL;
w = strtol(cp, &ep, 10);
if (*ep != '\0')
return ("garbage following mask width");
str = temp;
}
switch (np->family) {
case AF_INET:
if (!inet_pton(np->family, str, &np->n_addr4))
return ("cannot parse IPv4 address");
if (w > 32)
return ("mask length must be <= 32");
setmaskwidth(w, np);
if ((np->n_addr4 & ~np->n_mask4) != 0)
return ("non-network bits set in addr");
#ifdef notdef
if ((ntohl(np->n_addr4) & 0xff000000) == 0)
return ("high octet must be non-zero");
#endif
break;
case AF_INET6:
if (!inet_pton(np->family, str, &np->n_addr6))
return ("cannot parse IPv6 address");
if (w > 128)
return ("mask length must be <= 128");
setmaskwidth(w, np);
for (i = 0; i < 16; ++i) {
if ((np->n_addr6[i] & ~np->n_mask6[i]) != 0)
return ("non-network bits set in addr");
}
break;
default:
abort();
}
return (NULL);
}
struct network *
findnetwork(struct addr *ap)
{
int i, j;
struct network *np;
switch (ap->family) {
case AF_INET:
for (i = 0, np = netlist; i < netlistcnt; ++i, ++np)
if ((ap->a_addr4 & np->n_mask4) == np->n_addr4)
return (np);
break;
case AF_INET6:
for (i = 0, np = netlist; i < netlistcnt; ++i, ++np) {
for (j = 0; j < sizeof(ap->a_addr6); ++j) {
if ((ap->a_addr6[j] & np->n_mask6[j]) !=
np->n_addr6[j])
break;
}
if (j >= sizeof(ap->a_addr6))
return (np);
}
break;
default:
abort();
}
return (NULL);
}
void
initprotoserv(void)
{
char *cp;
struct servent *sp;
char psbuf[512];
protoserv_len = 256;
protoserv = (char **)malloc(protoserv_len * sizeof(*protoserv));
if (protoserv == NULL) {
fprintf(stderr, "%s: nslint: malloc: %s\n",
prog, strerror(errno));
exit(1);
}
while ((sp = getservent()) != NULL) {
(void)sprintf(psbuf, "%s/%s", sp->s_name, sp->s_proto);
for (cp = psbuf; *cp != '\0'; ++cp)
if (isupper(*cp))
*cp = tolower(*cp);
if (protoserv_last + 1 >= protoserv_len) {
protoserv_len <<= 1;
protoserv = realloc(protoserv,
protoserv_len * sizeof(*protoserv));
if (protoserv == NULL) {
fprintf(stderr, "%s: nslint: realloc: %s\n",
prog, strerror(errno));
exit(1);
}
}
protoserv[protoserv_last] = savestr(psbuf);
++protoserv_last;
}
protoserv[protoserv_last] = NULL;
}
int
maskwidth(struct network *np)
{
int w;
int i, j;
u_int32_t m, tm;
switch (np->family) {
case AF_INET:
m = ntohl(np->n_mask4);
for (w = 32; w > 0; --w) {
tm = 0xffffffff << (32 - w);
if (tm == m)
break;
}
break;
case AF_INET6:
w = 128;
for (j = 15; j >= 0; --j) {
m = np->n_mask6[j];
for (i = 8; i > 0; --w, --i) {
tm = (0xff << (8 - i)) & 0xff;
if (tm == m)
return (w);
}
}
break;
default:
abort();
}
return (w);
}
const char *
network2str(struct network *np)
{
int w;
size_t len, size;
char *cp;
static char buf[128];
w = maskwidth(np);
switch (np->family) {
case AF_INET:
if (inet_ntop(np->family, &np->n_addr4,
buf, sizeof(buf)) == NULL) {
fprintf(stderr, "network2str: v4 botch");
abort();
}
if (w == 32)
return (buf);
break;
case AF_INET6:
if (inet_ntop(np->family, &np->n_addr6,
buf, sizeof(buf)) == NULL) {
fprintf(stderr, "network2str: v6 botch");
abort();
}
if (w == 128)
return (buf);
break;
default:
return ("<nil>");
}
cp = buf;
len = strlen(cp);
cp += len;
size = sizeof(buf) - len;
(void)snprintf(cp, size, "/%d", w);
return (buf);
}
void
nslint(void)
{
int n, records, flags;
struct item *ip, *lastaip, **ipp, **itemlist;
struct addr addr, lastaddr;
struct network *np;
itemlist = (struct item **)calloc(itemcnt, sizeof(*ipp));
if (itemlist == NULL) {
fprintf(stderr, "%s: nslint: calloc: %s\n",
prog, strerror(errno));
exit(1);
}
ipp = itemlist;
for (n = 0, ip = items; n < ITEMSIZE; ++n, ++ip) {
if (ip->host == NULL)
continue;
if (ip->addr.family != 0)
*ipp++ = ip;
if (debug > 1) {
if (debug > 2)
printf("%d\t", n);
printf("%s\t%s\t0x%x\t0x%x\n",
ip->host, addr2str(&ip->addr),
ip->records, ip->flags);
}
if (rfc1034host(ip->host, ip->records))
++errors;
records = ip->records & MASK_CHECK_REC;
if ((ip->records & MASK_TEST_REC) != 0)
records |= REC_OTHER;
switch (records) {
case REC_A | REC_OTHER | REC_PTR | REC_REF:
case REC_A | REC_OTHER | REC_PTR:
case REC_A | REC_PTR | REC_REF:
case REC_A | REC_PTR:
case REC_AAAA | REC_OTHER | REC_PTR | REC_REF:
case REC_AAAA | REC_OTHER | REC_PTR:
case REC_AAAA | REC_PTR | REC_REF:
case REC_AAAA | REC_PTR:
case REC_CNAME:
break;
case REC_CNAME | REC_REF:
++errors;
fprintf(stderr, "%s: \"cname\" referenced by other"
" \"cname\" or \"mx\": %s\n", prog, ip->host);
break;
case REC_OTHER | REC_REF:
case REC_OTHER:
if (ip->addr.family == AF_INET &&
ip->addr.a_addr4 != htonl(INADDR_LOOPBACK)) {
++errors;
fprintf(stderr,
"%s: \"wks\" without \"a\" and \"ptr\": %s -> %s\n",
prog, ip->host, addr2str(&ip->addr));
}
break;
case REC_REF:
if (!checkignoredzone(ip->host)) {
++errors;
fprintf(stderr, "%s: Name referenced without"
" other records: %s\n", prog, ip->host);
}
break;
case REC_A | REC_OTHER | REC_REF:
case REC_A | REC_OTHER:
case REC_A | REC_REF:
case REC_A:
case REC_AAAA | REC_OTHER | REC_REF:
case REC_AAAA | REC_OTHER:
case REC_AAAA | REC_REF:
case REC_AAAA:
++errors;
fprintf(stderr, "%s: Missing \"ptr\": %s -> %s\n",
prog, ip->host, addr2str(&ip->addr));
break;
case REC_OTHER | REC_PTR | REC_REF:
case REC_OTHER | REC_PTR:
case REC_PTR | REC_REF:
case REC_PTR:
++errors;
fprintf(stderr, "%s: Missing \"a\": %s -> %s\n",
prog, ip->host, addr2str(&ip->addr));
break;
case REC_A | REC_CNAME | REC_OTHER | REC_PTR | REC_REF:
case REC_A | REC_CNAME | REC_OTHER | REC_PTR:
case REC_A | REC_CNAME | REC_OTHER | REC_REF:
case REC_A | REC_CNAME | REC_OTHER:
case REC_A | REC_CNAME | REC_PTR | REC_REF:
case REC_A | REC_CNAME | REC_PTR:
case REC_A | REC_CNAME | REC_REF:
case REC_A | REC_CNAME:
case REC_AAAA | REC_CNAME | REC_OTHER | REC_PTR | REC_REF:
case REC_AAAA | REC_CNAME | REC_OTHER | REC_PTR:
case REC_AAAA | REC_CNAME | REC_OTHER | REC_REF:
case REC_AAAA | REC_CNAME | REC_OTHER:
case REC_AAAA | REC_CNAME | REC_PTR | REC_REF:
case REC_AAAA | REC_CNAME | REC_PTR:
case REC_AAAA | REC_CNAME | REC_REF:
case REC_AAAA | REC_CNAME:
case REC_CNAME | REC_OTHER | REC_PTR | REC_REF:
case REC_CNAME | REC_OTHER | REC_PTR:
case REC_CNAME | REC_OTHER | REC_REF:
case REC_CNAME | REC_OTHER:
case REC_CNAME | REC_PTR | REC_REF:
case REC_CNAME | REC_PTR:
++errors;
fprintf(stderr, "%s: \"cname\" %s has other records\n",
prog, ip->host);
break;
case 0:
if ((ip->records & ~(REC_NS | REC_TXT)) == 0)
break;
default:
++errors;
fprintf(stderr,
"%s: records == 0x%x: can't happen (%s 0x%x)\n",
prog, records, ip->host, ip->records);
break;
}
flags = ip->flags & MASK_TEST_SMTP;
if ((flags & FLG_SELFMX) != 0 &&
(ip->records & (REC_A | REC_AAAA)) == 0) {
++errors;
fprintf(stderr,
"%s: Self \"mx\" for %s missing"
" \"a\" or \"aaaa\" record\n",
prog, ip->host);
}
switch (flags) {
case 0:
case FLG_SELFMX | FLG_SMTPWKS:
break;
case FLG_SELFMX:
if ((ip->records & REC_WKS) != 0) {
++errors;
fprintf(stderr,
"%s: smtp/tcp missing from \"wks\": %s\n",
prog, ip->host);
}
break;
case FLG_SMTPWKS:
++errors;
fprintf(stderr,
"%s: Saw smtp/tcp without self \"mx\": %s\n",
prog, ip->host);
break;
default:
++errors;
fprintf(stderr,
"%s: flags == 0x%x: can't happen (%s)\n",
prog, flags, ip->host);
}
if ((ip->flags & (FLG_SELFMX | FLG_MXREF)) == FLG_MXREF &&
(ip->records & REC_MX) != 0) {
++errors;
fprintf(stderr, "%s: \"mx\" referenced by other"
" \"mx\" record: %s\n", prog, ip->host);
}
}
n = ipp - itemlist;
qsort(itemlist, n, sizeof(itemlist[0]), cmpaddr);
memset(&lastaddr, 0, sizeof(lastaddr));
ip = NULL;
for (ipp = itemlist; n > 0; ++ipp, --n) {
addr = (*ipp)->addr;
if (cmpaddr(&lastaddr, &addr) == 0 &&
((*ipp)->flags & FLG_ALLOWDUPA) == 0 &&
(ip->flags & FLG_ALLOWDUPA) == 0) {
++errors;
fprintf(stderr, "%s: %s in use by %s and %s\n",
prog, addr2str(&addr), (*ipp)->host, ip->host);
}
memmove(&lastaddr, &addr, sizeof(addr));
ip = *ipp;
}
n = ipp - itemlist;
qsort(itemlist, n, sizeof(itemlist[0]), cmpitemhost);
if (netlistcnt > 0) {
n = ipp - itemlist;
lastaip = NULL;
for (ipp = itemlist; n > 0; ++ipp, --n) {
ip = *ipp;
if ((ip->records & (REC_A | REC_AAAA)) == 0 ||
(ip->flags & FLG_ALLOWDUPA) != 0)
continue;
if (lastaip != NULL &&
strcasecmp(ip->host, lastaip->host) == 0) {
np = findnetwork(&ip->addr);
if (np == NULL) {
++errors;
fprintf(stderr,
"%s: Can't find subnet mask"
" for %s (%s)\n",
prog, ip->host,
addr2str(&ip->addr));
} else if (samesubnet(&lastaip->addr,
&ip->addr, np)) {
++errors;
fprintf(stderr,
"%s: Multiple \"a\" records for %s on subnet %s",
prog, ip->host,
network2str(np));
fprintf(stderr, "\n\t(%s",
addr2str(&lastaip->addr));
fprintf(stderr, " and %s)\n",
addr2str(&ip->addr));
}
}
lastaip = ip;
}
}
if (debug)
printf("%s: %d/%d items used, %d error%s\n", prog, itemcnt,
ITEMSIZE, errors, errors == 1 ? "" : "s");
}
const char *
parsenetwork(const char *cp)
{
const char *p;
struct network net;
while (isspace(*cp))
++cp;
p = extractnetwork(cp, &net);
if (p != NULL)
return (p);
while (isspace(*cp))
++cp;
if (netlistsize <= netlistcnt) {
if (netlistsize == 0) {
netlistsize = 32;
netlist = (struct network *)
malloc(netlistsize * sizeof(*netlist));
} else {
netlistsize <<= 1;
netlist = (struct network *)
realloc(netlist, netlistsize * sizeof(*netlist));
}
if (netlist == NULL) {
fprintf(stderr,
"%s: parsenetwork: malloc/realloc: %s\n",
prog, strerror(errno));
exit(1);
}
}
memmove(netlist + netlistcnt, &net, sizeof(net));
++netlistcnt;
return (NULL);
}
const char *
parseptr(const char *str, struct addr *ap)
{
int i, n, base;
u_long v, v2;
char *cp;
const char *p;
u_char *up;
memset(ap, 0, sizeof(*ap));
base = -1;
p = str + strlen(str) - sizeof(inaddr) + 1;
if (p >= str && strcasecmp(p, inaddr) == 0) {
ap->family = AF_INET;
n = 4;
base = 10;
} else {
p = str + strlen(str) - sizeof(inaddr6) + 1;
if (p >= str && strcasecmp(p, inaddr6) == 0) {
ap->family = AF_INET6;
n = 16;
base = 16;
}
}
if (base < 0)
return ("Not a IPv4 or IPv6 \"ptr\" record");
up = (u_char *)&ap->addr;
for (i = 0; i < n; ++i) {
while (p > str && p[-1] != '.')
--p;
v = strtoul(p, &cp, base);
if (base == 10) {
if (v > 0xff)
return ("Octet larger than 8 bits");
} else {
if (v > 0xf)
return ("Octet larger than 4 bits");
if (*cp != '.')
return ("Junk in \"ptr\" record");
if (p > str)
--p;
while (p > str && p[-1] != '.')
--p;
v2 = strtoul(p, &cp, base);
if (v2 > 0xf)
return ("Octet larger than 4 bits");
if (*cp != '.')
return ("Junk in \"ptr\" record");
v = (v << 4) | v2;
}
if (*cp != '.')
return ("Junk in \"ptr\" record");
*up++ = v & 0xff;
if (p > str)
--p;
else if (p == str)
break;
}
if (i < n - 1)
return ("Too many octets in \"ptr\" record");
if (p != str)
return ("Not enough octets in \"ptr\" record");
return (NULL);
}
char *
parsequoted(char *cp)
{
if (*cp == '"') {
++cp;
while (*cp != '"' && *cp != '\0')
++cp;
if (*cp != '"')
return (NULL);
++cp;
} else {
while (!isspace(*cp) && *cp != '\0')
++cp;
}
return (cp);
}
int
parserrsig(const char *str, char **errstrp)
{
const char *cp;
cp = str + strlen(str) - 1;
while (cp >= str)
if (*cp-- == ')')
return (1);
return (0);
}
int
parsesoa(const char *cp, char **errstrp)
{
char ch, *garbage;
static char errstr[132];
while (isspace(*cp))
++cp;
if (nsoaval < 0) {
cp = strchr(cp, '(');
if (cp == NULL)
return (0);
++cp;
while (isspace(*cp))
++cp;
nsoaval = 0;
}
garbage = "leading garbage";
while (isdigit(*cp) && nsoaval < NSOAVAL) {
soaval[nsoaval] = atoi(cp);
do {
++cp;
} while (isdigit(*cp));
if (nsoaval == SOA_SERIAL && *cp == '.' && isdigit(cp[1])) {
do {
++cp;
} while (isdigit(*cp));
} else {
ch = *cp;
if (isupper(ch))
ch = tolower(ch);
switch (ch) {
case 'w':
soaval[nsoaval] *= 7;
case 'd':
soaval[nsoaval] *= 24;
case 'h':
soaval[nsoaval] *= 60;
case 'm':
soaval[nsoaval] *= 60;
case 's':
++cp;
break;
default:
;
}
}
while (isspace(*cp))
++cp;
garbage = "trailing garbage";
++nsoaval;
}
if (nsoaval >= NSOAVAL && *cp == ')') {
++cp;
if (*cp != '\0')
*errstrp = garbage;
else if (soaval[SOA_EXPIRE] <
soaval[SOA_REFRESH] + 10 * soaval[SOA_RETRY]) {
(void)sprintf(errstr,
"expire less than refresh + 10 * retry (%u < %u + 10 * %u)",
soaval[SOA_EXPIRE],
soaval[SOA_REFRESH],
soaval[SOA_RETRY]);
*errstrp = errstr;
} else if (soaval[SOA_REFRESH] < 2 * soaval[SOA_RETRY]) {
(void)sprintf(errstr,
"refresh less than 2 * retry (%u < 2 * %u)",
soaval[SOA_REFRESH],
soaval[SOA_RETRY]);
*errstrp = errstr;
}
return (1);
}
if (*cp != '\0') {
*errstrp = garbage;
return (1);
}
return (0);
}
void
process(const char *file, const char *domain, const char *zone)
{
FILE *f;
char ch, *cp, *cp2, *cp3, *rtype;
const char *p;
int n, sawsoa, sawrrsig, flags, i;
u_int ttl;
enum rrtype rrtype;
struct addr *ap;
struct addr addr;
int smtp;
char buf[2048], name[256], lastname[256], odomain[256];
char *errstr;
const char *addrfmt =
"%s: %s/%s:%d \"%s\" target is an ip address: %s\n";
const char *dotfmt =
"%s: %s/%s:%d \"%s\" target missing trailing dot: %s\n";
if (checkignoredzone(zone))
return;
f = fopen(file, "r");
if (f == NULL) {
fprintf(stderr, "%s: %s/%s: %s\n",
prog, cwd, file, strerror(errno));
++errors;
return;
}
if (debug > 1)
printf("%s: process: opened %s/%s\n", prog, cwd, file);
n = 0;
ap = &addr;
lastname[0] = '\0';
sawsoa = 0;
sawrrsig = 0;
while (fgets(buf, sizeof(buf), f) != NULL) {
++n;
cp = buf;
while (*cp != '\0') {
if (*cp == '"') {
++cp;
while (*cp != '"' && *cp != '\n' && *cp != '\0')
++cp;
continue;
}
if (*cp == '\n' || *cp == ';')
break;
++cp;
}
*cp-- = '\0';
while (cp >= buf && isspace(*cp))
*cp-- = '\0';
cp = buf;
if (*cp == '\0')
continue;
if (sawsoa) {
errstr = NULL;
if (parsesoa(cp, &errstr))
sawsoa = 0;
if (errstr != NULL) {
++errors;
fprintf(stderr,
"%s: %s/%s:%d Bad \"soa\" record (%s)\n",
prog, cwd, file, n, errstr);
}
continue;
}
if (sawrrsig) {
errstr = NULL;
if (parserrsig(cp, &errstr))
sawsoa = 0;
if (errstr != NULL) {
++errors;
fprintf(stderr,
"%s: %s/%s:%d Bad \"rrsig\" record (%s)\n",
prog, cwd, file, n, errstr);
}
continue;
}
if (debug > 3)
printf(">%s<\n", cp);
if (isspace(*cp)) {
if (lastname[0] == '\0') {
++errors;
fprintf(stderr,
"%s: %s/%s:%d No default name\n",
prog, cwd, file, n);
continue;
}
(void)strcpy(name, lastname);
} else {
for (cp2 = name; !isspace(*cp) && *cp != '\0'; ++cp)
if (isupper(*cp))
*cp2++ = tolower(*cp);
else
*cp2++ = *cp;
*cp2 = '\0';
if (name[0] == '@' && name[1] == '\0')
(void)strcpy(name, domain);
}
while (isspace(*cp))
++cp;
if (name[0] == '$' && strcasecmp(name, "$include") == 0) {
cp2 = name;
while (!isspace(*cp) && *cp != '\0')
*cp2++ = *cp++;
*cp2 = '\0';
while (isspace(*cp))
++cp;
if (*cp == '\0')
process(name, domain, zone);
else {
cp2 = cp;
for (; !isspace(*cp) && *cp != '\0'; ++cp)
if (isupper(*cp))
*cp = tolower(*cp);
*cp = '\0';
process(name, cp2, cp2);
}
continue;
}
if (name[0] == '$' && strcasecmp(name, "$origin") == 0) {
for (cp2 = odomain; !isspace(*cp) && *cp != '\0'; ++cp)
if (isupper(*cp))
*cp2++ = tolower(*cp);
else
*cp2++ = *cp;
*cp2 = '\0';
domain = odomain;
lastname[0] = '\0';
continue;
}
if (name[0] == '$' && strcasecmp(name, "$ttl") == 0) {
cp2 = cp;
while (isdigit(*cp))
++cp;
ch = *cp;
if (isupper(ch))
ch = tolower(ch);
if (strchr("wdhms", ch) != NULL)
++cp;
while (isspace(*cp))
++cp;
if (*cp != '\0') {
++errors;
fprintf(stderr,
"%s: %s/%s:%d Bad $ttl \"%s\"\n",
prog, cwd, file, n, cp2);
}
(void)strcpy(name, lastname);
continue;
}
if (isdigit(*cp)) {
ttl = atoi(cp);
do {
++cp;
} while (isdigit(*cp));
ch = *cp;
if (isupper(ch))
ch = tolower(ch);
switch (ch) {
case 'w':
ttl *= 7;
case 'd':
ttl *= 24;
case 'h':
ttl *= 60;
case 'm':
ttl *= 60;
case 's':
++cp;
break;
default:
;
}
if (!isspace(*cp)) {
++errors;
fprintf(stderr, "%s: %s/%s:%d Bad ttl\n",
prog, cwd, file, n);
continue;
}
++cp;
while (isspace(*cp))
++cp;
} else
ttl = soaval[SOA_MINIMUM];
if ((cp[0] == 'i' || cp[0] == 'I') &&
(cp[1] == 'n' || cp[1] == 'N') && isspace(cp[2])) {
cp += 3;
while (isspace(*cp))
++cp;
} else if ((cp[0] == 'c' || cp[0] == 'C') &&
isspace(cp[5]) && strncasecmp(cp, "chaos", 5) == 0) {
cp += 5;
while (isspace(*cp))
++cp;
}
rtype = cp;
for (rtype = cp; !isspace(*cp) && *cp != '\0'; ++cp)
if (isupper(*cp))
*cp = tolower(*cp);
*cp++ = '\0';
while (isspace(*cp))
++cp;
if (!isdigit(*name) &&
checkdots(name) && strcmp(domain, ".") != 0) {
++errors;
fprintf(stderr,
"%s: %s/%s:%d \"%s\" name missing trailing dot: %s\n",
prog, cwd, file, n, rtype, name);
}
cp2 = name + strlen(name) - 1;
if (cp2 >= name && *cp2 == '.' && strchr(name, '.') != NULL) {
cp2 = name + strlen(name) - strlen(zone);
if (cp2 >= name && strcasecmp(cp2, zone) != 0) {
++errors;
fprintf(stderr,
"%s: %s/%s:%d \"%s\" outside zone %s\n",
prog, cwd, file, n, name, zone);
}
}
rrtype = txt2rrtype(rtype);
switch (rrtype) {
case RR_A:
add_domain(name, domain);
p = extractaddr(cp, ap);
if (p != NULL) {
++errors;
cp2 = cp + strlen(cp) - 1;
if (cp2 >= cp && *cp2 == '\n')
*cp2 = '\0';
fprintf(stderr,
"%s: %s/%s:%d Bad \"a\" record ip addr \"%s\"\n",
prog, cwd, file, n, cp);
continue;
}
if (ap->family != AF_INET) {
++errors;
cp2 = cp + strlen(cp) - 1;
if (cp2 >= cp && *cp2 == '\n')
*cp2 = '\0';
fprintf(stderr,
"%s: %s/%s:%d \"a\"record not AF_INET \"%s\"\n",
prog, cwd, file, n, cp);
continue;
}
errors += updateitem(name, ap, REC_A, ttl, 0);
break;
case RR_AAAA:
add_domain(name, domain);
p = extractaddr(cp, ap);
if (p != NULL) {
++errors;
cp2 = cp + strlen(cp) - 1;
if (cp2 >= cp && *cp2 == '\n')
*cp2 = '\0';
fprintf(stderr,
"%s: %s/%s:%d Bad \"aaaa\" record ip addr \"%s\"\n",
prog, cwd, file, n, cp);
continue;
}
if (ap->family != AF_INET6) {
++errors;
cp2 = cp + strlen(cp) - 1;
if (cp2 >= cp && *cp2 == '\n')
*cp2 = '\0';
fprintf(stderr,
"%s: %s/%s:%d \"aaaa\"record not AF_INET6 \"%s\"\n",
prog, cwd, file, n, cp);
continue;
}
errors += updateitem(name, ap, REC_AAAA, ttl, 0);
break;
case RR_PTR:
add_domain(name, domain);
if (strcmp(cp, "@") == 0)
(void)strcpy(cp, zone);
if (checkdots(cp)) {
++errors;
fprintf(stderr,
checkaddr(cp) ? addrfmt : dotfmt,
prog, cwd, file, n, rtype, cp);
}
add_domain(cp, domain);
p = parseptr(name, ap);
if (p != NULL) {
++errors;
fprintf(stderr,
"%s: %s/%s:%d Bad \"ptr\" record (%s) ip addr \"%s\"\n",
prog, cwd, file, n, p, name);
continue;
}
errors += updateitem(cp, ap, REC_PTR, 0, 0);
break;
case RR_SOA:
if (!CHECKDOT(name)) {
add_domain(name, domain);
errors += updateitem(name, NULL, REC_SOA, 0, 0);
}
errstr = NULL;
if (!parsesoa(cp, &errstr))
++sawsoa;
if (errstr != NULL) {
++errors;
fprintf(stderr,
"%s: %s/%s:%d Bad \"soa\" record (%s)\n",
prog, cwd, file, n, errstr);
continue;
}
break;
case RR_WKS:
p = extractaddr(cp, ap);
if (p != NULL) {
++errors;
cp2 = cp;
while (!isspace(*cp2) && *cp2 != '\0')
++cp2;
*cp2 = '\0';
fprintf(stderr,
"%s: %s/%s:%d Bad \"wks\" record ip addr \"%s\"\n",
prog, cwd, file, n, cp);
continue;
}
while (*cp == '.' || isdigit(*cp))
++cp;
while (isspace(*cp))
*cp++ = '\0';
errstr = NULL;
n += checkwks(f, cp, &smtp, &errstr);
if (errstr != NULL) {
++errors;
fprintf(stderr,
"%s: %s/%s:%d Bad \"wks\" record (%s)\n",
prog, cwd, file, n, errstr);
continue;
}
add_domain(name, domain);
errors += updateitem(name, ap, REC_WKS,
0, smtp ? FLG_SMTPWKS : 0);
break;
case RR_HINFO:
add_domain(name, domain);
errors += updateitem(name, NULL, REC_HINFO, 0, 0);
cp2 = cp;
cp = parsequoted(cp);
if (cp == NULL) {
++errors;
fprintf(stderr,
"%s: %s/%s:%d \"hinfo\" missing quote: %s\n",
prog, cwd, file, n, cp2);
continue;
}
if (!isspace(*cp)) {
++errors;
fprintf(stderr,
"%s: %s/%s:%d \"hinfo\" missing white space: %s\n",
prog, cwd, file, n, cp2);
continue;
}
++cp;
while (isspace(*cp))
++cp;
if (*cp == '\0') {
++errors;
fprintf(stderr,
"%s: %s/%s:%d \"hinfo\" missing keyword: %s\n",
prog, cwd, file, n, cp2);
continue;
}
cp = parsequoted(cp);
if (cp == NULL) {
++errors;
fprintf(stderr,
"%s: %s/%s:%d \"hinfo\" missing quote: %s\n",
prog, cwd, file, n, cp2);
continue;
}
if (*cp != '\0') {
++errors;
fprintf(stderr,
"%s: %s/%s:%d \"hinfo\" garbage after keywords: %s\n",
prog, cwd, file, n, cp2);
continue;
}
break;
case RR_MX:
add_domain(name, domain);
errors += updateitem(name, NULL, REC_MX, ttl, 0);
if (!isdigit(*cp)) {
++errors;
fprintf(stderr,
"%s: %s/%s:%d Bad \"mx\" priority: %s\n",
prog, cwd, file, n, cp);
}
++cp;
while (isdigit(*cp))
++cp;
while (isspace(*cp))
++cp;
if (*cp == '\0') {
++errors;
fprintf(stderr,
"%s: %s/%s:%d Missing \"mx\" hostname\n",
prog, cwd, file, n);
}
if (strcmp(cp, "@") == 0)
(void)strcpy(cp, zone);
if (checkdots(cp)) {
++errors;
fprintf(stderr,
checkaddr(cp) ? addrfmt : dotfmt,
prog, cwd, file, n, rtype, cp);
}
add_domain(cp, domain);
flags = FLG_MXREF;
if (*name == *cp && strcmp(name, cp) == 0)
flags |= FLG_SELFMX;
errors += updateitem(cp, NULL, REC_REF, 0, flags);
break;
case RR_CNAME:
add_domain(name, domain);
errors += updateitem(name, NULL, REC_CNAME, 0, 0);
if (checkdots(cp)) {
++errors;
fprintf(stderr,
checkaddr(cp) ? addrfmt : dotfmt,
prog, cwd, file, n, rtype, cp);
}
if (strcmp(cp, "@") == 0)
(void)strcpy(cp, zone);
add_domain(cp, domain);
errors += updateitem(cp, NULL, REC_REF, 0, 0);
break;
case RR_SRV:
add_domain(name, domain);
errors += updateitem(name, NULL, REC_SRV, 0, 0);
cp2 = cp;
for (i = 0; i < 3; ++i) {
if (!isdigit(*cp)) {
++errors;
fprintf(stderr, "%s: %s/%s:%d"
" Bad \"srv\" value: %s\n",
prog, cwd, file, n, cp);
}
++cp;
while (isdigit(*cp))
++cp;
while (isspace(*cp))
++cp;
}
add_domain(cp, domain);
errors += updateitem(cp, NULL, REC_REF, 0, 0);
break;
case RR_TXT:
add_domain(name, domain);
errors += updateitem(name, NULL, REC_TXT, 0, 0);
cp2 = cp;
cp = parsequoted(cp);
if (cp == NULL) {
++errors;
fprintf(stderr,
"%s: %s/%s:%d \"txt\" missing quote: %s\n",
prog, cwd, file, n, cp2);
continue;
}
while (isspace(*cp))
++cp;
if (*cp != '\0') {
++errors;
fprintf(stderr,
"%s: %s/%s:%d \"txt\" garbage after text: %s\n",
prog, cwd, file, n, cp2);
continue;
}
break;
case RR_NS:
errors += updateitem(zone, NULL, REC_NS, 0, 0);
if (strcmp(cp, "@") == 0)
(void)strcpy(cp, zone);
if (checkdots(cp)) {
++errors;
fprintf(stderr,
checkaddr(cp) ? addrfmt : dotfmt,
prog, cwd, file, n, rtype, cp);
}
add_domain(cp, domain);
errors += updateitem(cp, NULL, REC_REF, 0, 0);
break;
case RR_RP:
add_domain(name, domain);
errors += updateitem(name, NULL, REC_RP, 0, 0);
cp2 = cp;
while (!isspace(*cp) && *cp != '\0')
++cp;
if (*cp == '\0') {
++errors;
fprintf(stderr,
"%s: %s/%s:%d \"rp\" missing text name: %s\n",
prog, cwd, file, n, cp2);
continue;
}
++cp;
cp3 = cp;
while (!isspace(*cp) && *cp != '\0')
++cp;
if (*cp != '\0') {
++errors;
fprintf(stderr,
"%s: %s/%s:%d \"rp\" garbage after text name: %s\n",
prog, cwd, file, n, cp2);
continue;
}
if (!CHECKDOT(cp3)) {
add_domain(cp3, domain);
errors += updateitem(cp3, NULL, REC_REF, 0, 0);
}
break;
case RR_ALLOWDUPA:
add_domain(name, domain);
p = extractaddr(cp, ap);
if (p != NULL) {
++errors;
cp2 = cp + strlen(cp) - 1;
if (cp2 >= cp && *cp2 == '\n')
*cp2 = '\0';
fprintf(stderr,
"%s: %s/%s:%d Bad \"allowdupa\" record ip addr \"%s\"\n",
prog, cwd, file, n, cp);
continue;
}
errors += updateitem(name, ap, 0, 0, FLG_ALLOWDUPA);
break;
case RR_DNSKEY:
add_domain(name, domain);
errors += updateitem(name, NULL, REC_CNAME, 0, 0);
if (checkdots(cp)) {
++errors;
fprintf(stderr,
checkaddr(cp) ? addrfmt : dotfmt,
prog, cwd, file, n, rtype, cp);
}
if (strcmp(cp, "@") == 0)
(void)strcpy(cp, zone);
add_domain(cp, domain);
errors += updateitem(cp, NULL, REC_REF, 0, 0);
break;
case RR_RRSIG:
errstr = NULL;
if (!parserrsig(cp, &errstr))
++sawrrsig;
if (errstr != NULL) {
++errors;
fprintf(stderr,
"%s: %s/%s:%d Bad \"rrsig\" record (%s)\n",
prog, cwd, file, n, errstr);
continue;
}
break;
case RR_NSEC:
continue;
default:
++errors;
fprintf(stderr,
"%s: %s/%s:%d Unknown record type \"%s\"\n",
prog, cwd, file, n, rtype);
add_domain(name, domain);
errors += updateitem(name, NULL, REC_UNKNOWN, 0, 0);
break;
}
(void)strcpy(lastname, name);
}
(void)fclose(f);
return;
}
static const char *microlist[] = {
"_tcp",
"_udp",
"_msdcs",
"_sites",
NULL
};
int
rfc1034host(const char *host, int recs)
{
const char *cp, **p;
int underok;
underok = 0;
for (p = microlist; *p != NULL ;++p)
if ((cp = strstr(host, *p)) != NULL &&
cp > host &&
cp[-1] == '.' &&
cp[strlen(*p)] == '.') {
++underok;
break;
}
cp = host;
if (!(isalpha(*cp) || isdigit(*cp) || (*cp == '_' && underok))) {
fprintf(stderr,
"%s: illegal hostname \"%s\" (starts with non-alpha/numeric)\n",
prog, host);
return (1);
}
for (++cp; *cp != '.' && *cp != '\0'; ++cp)
if (!(isalpha(*cp) || isdigit(*cp) || *cp == '-' ||
(*cp == '/' && (recs & REC_SOA) != 0))) {
fprintf(stderr,
"%s: Illegal hostname \"%s\" ('%c' illegal character)\n",
prog, host, *cp);
return (1);
}
if (--cp >= host && *cp == '-') {
fprintf(stderr, "%s: Illegal hostname \"%s\" (ends with '-')\n",
prog, host);
return (1);
}
return (0);
}
enum rrtype
txt2rrtype(const char *str)
{
if (strcasecmp(str, "aaaa") == 0)
return (RR_AAAA);
if (strcasecmp(str, "a") == 0)
return (RR_A);
if (strcasecmp(str, "allowdupa") == 0)
return (RR_ALLOWDUPA);
if (strcasecmp(str, "cname") == 0)
return (RR_CNAME);
if (strcasecmp(str, "dnskey") == 0)
return (RR_DNSKEY);
if (strcasecmp(str, "hinfo") == 0)
return (RR_HINFO);
if (strcasecmp(str, "mx") == 0)
return (RR_MX);
if (strcasecmp(str, "ns") == 0)
return (RR_NS);
if (strcasecmp(str, "ptr") == 0)
return (RR_PTR);
if (strcasecmp(str, "rp") == 0)
return (RR_RP);
if (strcasecmp(str, "soa") == 0)
return (RR_SOA);
if (strcasecmp(str, "srv") == 0)
return (RR_SRV);
if (strcasecmp(str, "txt") == 0)
return (RR_TXT);
if (strcasecmp(str, "wks") == 0)
return (RR_WKS);
if (strcasecmp(str, "RRSIG") == 0)
return (RR_RRSIG);
if (strcasecmp(str, "NSEC") == 0)
return (RR_NSEC);
return (RR_UNDEF);
}
int
samesubnet(struct addr *a1, struct addr *a2, struct network *np)
{
int i;
u_int32_t v1, v2;
if (a1->family != a2->family)
return (0);
switch (a1->family) {
case AF_INET:
v1 = a1->a_addr4 & np->n_mask4;
v2 = a2->a_addr4 & np->n_mask4;
return (v1 == v2);
case AF_INET6:
for (i = 0; i < 16; ++i) {
v1 = a1->a_addr6[i] & np->n_mask6[i];
v2 = a2->a_addr6[i] & np->n_mask6[i];
if (v1 != v2)
return (0);
}
break;
default:
abort();
}
return (1);
}
void
setmaskwidth(u_int w, struct network *np)
{
int i, j;
switch (np->family) {
case AF_INET:
if (w <= 0)
np->n_mask4 = 0;
else
np->n_mask4 = htonl(0xffffffff << (32 - w));
break;
case AF_INET6:
memset(np->n_mask6, 0, sizeof(np->n_mask6));
for (i = 0; i < w / 8; ++i)
np->n_mask6[i] = 0xff;
i = w / 8;
j = w % 8;
if (j > 0 && i < 16)
np->n_mask6[i] = 0xff << (8 - j);
break;
default:
abort();
}
}
int
updateitem(const char *host, struct addr *ap, int records, u_int ttl, int flags)
{
const char *ccp;
int n, errs;
u_int i;
struct item *ip;
int foundsome;
n = 0;
foundsome = 0;
errs = 0;
i = 0;
ccp = host;
while (*ccp != '\0')
i = i * 37 + *ccp++;
ip = &items[i & (ITEMSIZE - 1)];
while (n < ITEMSIZE && ip->host != NULL) {
if ((ap == NULL || ip->addr.family == 0 ||
cmpaddr(ap, &ip->addr) == 0) &&
*host == *ip->host && strcmp(host, ip->host) == 0) {
++foundsome;
if (ip->addr.family == 0 && ap != NULL)
memmove(&ip->addr, ap, sizeof(*ap));
if ((records & MASK_TEST_DUP) != 0)
checkdups(ip, records);
ip->records |= records;
if (ip->ttl == 0)
ip->ttl = ttl;
else if (ttl != 0 && ip->ttl != ttl) {
fprintf(stderr,
"%s: Differing ttls for %s (%u != %u)\n",
prog, ip->host, ttl, ip->ttl);
++errs;
}
ip->flags |= flags;
if (ap != NULL)
return (errs);
}
++n;
++ip;
if (ip >= &items[ITEMSIZE])
ip = items;
}
if (n >= ITEMSIZE) {
fprintf(stderr, "%s: Out of item slots (max %d)\n",
prog, ITEMSIZE);
exit(1);
}
if (ap == NULL && foundsome) {
return (errs);
}
++itemcnt;
if (ip->host) {
fprintf(stderr, "%s: Reusing bucket!\n", prog);
exit(1);
}
if (ap != NULL)
memmove(&ip->addr, ap, sizeof(*ap));
ip->host = savestr(host);
if ((records & MASK_TEST_DUP) != 0)
checkdups(ip, records);
ip->records |= records;
if (ttl != 0)
ip->ttl = ttl;
ip->flags |= flags;
return (errs);
}
void
usage(void)
{
fprintf(stderr, "Version %s\n", version);
fprintf(stderr, "usage: %s [-d] [-b named.boot] [-B nslint.boot]\n",
prog);
fprintf(stderr, " %s [-d] [-c named.conf] [-C nslint.conf]\n",
prog);
exit(1);
}