use vars qw($quis
$mode $doall
$etcfile $where
- $debug $needglue $localonly $verbosity);
+ $debug $needglue $localonly $repeat $verbosity);
$quis= $0; $quis =~ s,.*/,,;
" -l --localonly full checks only on zones which we primary\n".
" -q --quiet no output for OK zones\n".
" -r --repeat repeat warnings for all sources of imperfect data\n".
-" -v --verbose extra verbose info about each zone\n"
+" -v --verbose extra verbose info about each zone\n".
" -C|--config <DIR/FILE use FILE as default config and DIR as default dir\n";
}
$slave_prefix= '';
$slave_suffix= '';
-use vars qw(@self_ns @self_soa @self_addr @forbid_addr);
-@self_ns= @self_soa= @self_addr= @forbid_addr= ();
+use vars qw(@self_ns @self_soa @self_addr @forbid_addr @conv_glueless);
+@self_ns= @self_soa= @self_addr= @forbid_addr= @conv_glueless= ();
use vars qw(%zone_cfg @zone_cfg_list);
%zone_cfg= ();
@self= split /\s+/, $2;
@self_ns= @self if $1 ne '-soa';
@self_soa= @self if $1 ne '-ns';
+ } elsif (m/^serverless\-glueless\s+(\S.*\S)/) {
+ @conv_glueless= split /\s+/, $1;
} elsif (m/^self\-addr\s+([0-9. \t]+)/) {
@self_addr= split /\s+/, $1;
} elsif (m/^forbid\-addr(?:\s+([0-9. \t]+))?/) {
local ($zone,$cfg);
foreach $zone (@zones) {
+ zone_reset();
$cfg= $zone_cfg{$zone} || {
'style_p' => 'foreign',
's' => 'f',
if $warnings;
}
+use vars qw(%delgs); # $delgs{$nameserver_list} = [ $whosaidandwhy ]
+use vars qw(%auths); # $auths{$nameserver_list} = [ $whosaidandwhy ]
+use vars qw(%glue); # $glue{$name}{$addr_list} = [ $whosaidandwhy ]
+use vars qw(%soas); # $soa{"$origin $serial"} = [ $whosaidandwhy ]
+use vars qw(%addr_is_ok %warned);
+use vars qw($delg_to_us);
+use vars qw(@to_check); # ($addr,$whyask,$is_auth,$glueless_ok, ...)
+use vars qw(@to_check_soa); # ($addr,$whyask, ...)
+
sub zone_warning ($$) {
my ($w,$o) = @_;
my ($wk);
$wk= $w;
$wk =~ s/,.*// if !$repeat;
- return 0 if $$warned{$w}{$wk}++;
+ return 0 if $warned{$w}{$wk}++;
$w =~ s/\n$//;
$w =~ s,\n, // ,g;
print STDERR "$zone: $_[0]\n" or die $!;
}
-use vars qw(%delgs); # $delgs{$nameserver_list} = [ $whosaidandwhy ]
-use vars qw(%auths); # $auths{$nameserver_list} = [ $whosaidandwhy ]
-use vars qw(%glue); # $glue{$name}{$addr_list} = [ $whosaidandwhy ]
-use vars qw(%soas); # $soa{"$origin $serial"} = [ $whosaidandwhy ]
-use vars qw(%addr_is_ok %warned);
-use vars qw($delg_to_us);
-use vars qw(@to_check); # ($addr,$whyask,$is_auth,$glueless_ok, ...)
-use vars qw(@to_check_soa); # ($addr,$whyask, ...)
-
sub zone_check_full () {
- zone_reset();
zone_investigate();
zone_consistency();
zone_servers_ok();
zone_check_nsrrset($addr, $wa, $is_auth, $glueless_ok);
} elsif (($addr,$wa,@to_check_soa) = @to_check_soa) {
next if $soa_checked{$addr}++;
- zone_check_soa($addr, $wa, "NS [$uaddr]");
+ zone_check_soa($addr, $wa, "NS [$addr]");
} else {
last;
}
if (!@glue) {
zone_warning("glueless NS $s,".($needglue<=1 ? " (eg)" : ""),
$ww)
- unless $glueless_ok || !$needglue;
+ unless $glueless_ok || !$needglue ||
+ grep { has_suffix_of($s,".$_"); } @conv_glueless;
next;
}
$glue= join ' ', sort @glue;
sub zone_server_addr ($$$$$) {
my ($addr,$name,$ww,$wwq,$is_soa) = @_;
+ my ($cg);
$addr_is_ok{$addr}= "$name ($wwq)"
if $is_soa || $cfg->{'s'} =~ m/u/;
+ foreach $cg (@conv_glueless) {
+ next unless has_suffix_of(".$name",".$cg");
+ zone_warning("nameserver [$addr] $name in serverless-glueless".
+ " namespace area $cg",
+ $ww);
+ }
zone_warning("configured as stealth but we [$addr] $name are published",
$ww)
if $cfg->{'s'} =~ m/u/ && grep { $_ eq $addr } @self_addr;
sub zone_check_soa ($$$) {
my ($uaddr,$wa,$waq) = @_;
- my ($lame,$origin,$got,$rcode,@soa_addrs,$soa_addr,$wwn);
- verbose("checking service at $wwq");
+ my ($lame,$origin,$got,$rcode,@soa_addrs,$soa_addr,$ww,$wwn);
+ verbose("checking service at [$uaddr] $waq");
$lame= 'dead or lame';
+ $ww= "[$uaddr] $wa";
dig(sub {
if ($dig_type eq 'flags:') {
$lame= $dig_rdata =~ m/ aa / ? '' : 'lame';
if ($lame) { zone_warning("$lame server [$uaddr]",$wa); return; }
push @{ $soas{$got} }, $ww;
($rcode,@soa_addrs)= lookup($origin,'a','0');
+ $wwn= "SOA ORIGIN from $ww";
foreach $soa_addr (@soa_addrs) {
- $wwn= "SOA ORIGIN from $ww";
zone_server_addr($soa_addr,$origin,$wwn,"SOA [$uaddr]",1);
push @to_check, $soa_addr, "$origin, $wwn";
}
}
sub zone_check_local () {
- zone_reset();
zone_servers_simplefind();
zone_servers_ok();
}
print "D $_[0]\n";
}
+sub has_suffix_of ($$) {
+ my ($whole,$suffix);
+ return 0 if length $whole < length $suffix;
+ return 0 if substr($whole, length($whole) - length($suffix)) ne $suffix;
+ return 1;
+}
+
sub lookup ($$$) {
my ($domain,$type,$okrcodes) = @_;
my ($c,$h,@result);