summaryrefslogtreecommitdiffstats
path: root/bin/check
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--bin/check/Makefile.in88
-rw-r--r--bin/check/check-tool.c812
-rw-r--r--bin/check/check-tool.h62
-rw-r--r--bin/check/named-checkconf.c771
-rw-r--r--bin/check/named-checkconf.rst95
-rw-r--r--bin/check/named-checkzone.c569
-rw-r--r--bin/check/named-checkzone.rst193
-rw-r--r--bin/check/named-compilezone.rst195
-rw-r--r--bin/check/win32/checkconf.vcxproj.filters.in27
-rw-r--r--bin/check/win32/checkconf.vcxproj.in124
-rw-r--r--bin/check/win32/checkconf.vcxproj.user3
-rw-r--r--bin/check/win32/checktool.vcxproj.filters.in18
-rw-r--r--bin/check/win32/checktool.vcxproj.in110
-rw-r--r--bin/check/win32/checktool.vcxproj.user3
-rw-r--r--bin/check/win32/checkzone.vcxproj.filters.in27
-rw-r--r--bin/check/win32/checkzone.vcxproj.in135
-rw-r--r--bin/check/win32/checkzone.vcxproj.user3
17 files changed, 3235 insertions, 0 deletions
diff --git a/bin/check/Makefile.in b/bin/check/Makefile.in
new file mode 100644
index 0000000..e907c7d
--- /dev/null
+++ b/bin/check/Makefile.in
@@ -0,0 +1,88 @@
+# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+#
+# SPDX-License-Identifier: MPL-2.0
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, you can obtain one at https://mozilla.org/MPL/2.0/.
+#
+# See the COPYRIGHT file distributed with this work for additional
+# information regarding copyright ownership.
+
+srcdir = @srcdir@
+VPATH = @srcdir@
+top_srcdir = @top_srcdir@
+
+VERSION=@BIND9_VERSION@
+
+@BIND9_MAKE_INCLUDES@
+
+CINCLUDES = ${NS_INCLUDES} ${BIND9_INCLUDES} ${DNS_INCLUDES} \
+ ${ISCCFG_INCLUDES} ${ISC_INCLUDES} ${OPENSSL_CFLAGS}
+
+CDEFINES = -DNAMED_CONFFILE=\"${sysconfdir}/named.conf\"
+CWARNINGS =
+
+DNSLIBS = ../../lib/dns/libdns.@A@ @NO_LIBTOOL_DNSLIBS@
+ISCCFGLIBS = ../../lib/isccfg/libisccfg.@A@
+ISCLIBS = ../../lib/isc/libisc.@A@ @NO_LIBTOOL_ISCLIBS@
+ISCNOSYMLIBS = ../../lib/isc/libisc-nosymtbl.@A@ @NO_LIBTOOL_ISCLIBS@
+BIND9LIBS = ../../lib/bind9/libbind9.@A@
+NSLIBS = ../../lib/ns/libns.@A@
+
+DNSDEPLIBS = ../../lib/dns/libdns.@A@
+ISCCFGDEPLIBS = ../../lib/isccfg/libisccfg.@A@
+ISCDEPLIBS = ../../lib/isc/libisc.@A@
+BIND9DEPLIBS = ../../lib/bind9/libbind9.@A@
+NSDEPENDLIBS = ../../lib/ns/libns.@A@
+
+LIBS = ${ISCLIBS} @LIBS@
+NOSYMLIBS = ${ISCNOSYMLIBS} @LIBS@
+
+SUBDIRS =
+
+# Alphabetically
+TARGETS = named-checkconf@EXEEXT@ named-checkzone@EXEEXT@
+
+# Alphabetically
+SRCS = named-checkconf.c named-checkzone.c check-tool.c
+
+@BIND9_MAKE_RULES@
+
+named-checkconf.@O@: named-checkconf.c
+ ${LIBTOOL_MODE_COMPILE} ${CC} ${ALL_CFLAGS} \
+ -DVERSION=\"${VERSION}\" \
+ -c ${srcdir}/named-checkconf.c
+
+named-checkzone.@O@: named-checkzone.c
+ ${LIBTOOL_MODE_COMPILE} ${CC} ${ALL_CFLAGS} \
+ -DVERSION=\"${VERSION}\" \
+ -c ${srcdir}/named-checkzone.c
+
+named-checkconf@EXEEXT@: named-checkconf.@O@ check-tool.@O@ ${ISCDEPLIBS} \
+ ${NSDEPENDLIBS} ${DNSDEPLIBS} ${ISCCFGDEPLIBS} ${BIND9DEPLIBS}
+ export BASEOBJS="named-checkconf.@O@ check-tool.@O@"; \
+ export LIBS0="${BIND9LIBS} ${NSLIBS} ${ISCCFGLIBS} ${DNSLIBS}"; \
+ ${FINALBUILDCMD}
+
+named-checkzone@EXEEXT@: named-checkzone.@O@ check-tool.@O@ ${ISCDEPLIBS} \
+ ${NSDEPENDLIBS} ${DNSDEPLIBS}
+ export BASEOBJS="named-checkzone.@O@ check-tool.@O@"; \
+ export LIBS0="${NSLIBS} ${ISCCFGLIBS} ${DNSLIBS}"; \
+ ${FINALBUILDCMD}
+
+installdirs:
+ $(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${sbindir}
+
+install:: named-checkconf@EXEEXT@ named-checkzone@EXEEXT@ installdirs
+ ${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} named-checkconf@EXEEXT@ ${DESTDIR}${sbindir}
+ ${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} named-checkzone@EXEEXT@ ${DESTDIR}${sbindir}
+ (cd ${DESTDIR}${sbindir}; rm -f named-compilezone@EXEEXT@; ${LINK_PROGRAM} named-checkzone@EXEEXT@ named-compilezone@EXEEXT@)
+
+uninstall::
+ rm -f ${DESTDIR}${sbindir}/named-compilezone@EXEEXT@
+ ${LIBTOOL_MODE_UNINSTALL} rm -f ${DESTDIR}${sbindir}/named-checkconf@EXEEXT@
+ ${LIBTOOL_MODE_UNINSTALL} rm -f ${DESTDIR}${sbindir}/named-checkzone@EXEEXT@
+
+clean distclean::
+ rm -f ${TARGETS} r1.htm
diff --git a/bin/check/check-tool.c b/bin/check/check-tool.c
new file mode 100644
index 0000000..cad2185
--- /dev/null
+++ b/bin/check/check-tool.c
@@ -0,0 +1,812 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * SPDX-License-Identifier: MPL-2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+/*! \file */
+
+#include <inttypes.h>
+#include <stdbool.h>
+#include <stdio.h>
+
+#ifdef _WIN32
+#include <Winsock2.h>
+#endif /* ifdef _WIN32 */
+
+#include <isc/buffer.h>
+#include <isc/log.h>
+#include <isc/mem.h>
+#include <isc/net.h>
+#include <isc/netdb.h>
+#include <isc/print.h>
+#include <isc/region.h>
+#include <isc/stdio.h>
+#include <isc/string.h>
+#include <isc/symtab.h>
+#include <isc/types.h>
+#include <isc/util.h>
+
+#include <dns/db.h>
+#include <dns/dbiterator.h>
+#include <dns/fixedname.h>
+#include <dns/log.h>
+#include <dns/name.h>
+#include <dns/rdata.h>
+#include <dns/rdataclass.h>
+#include <dns/rdataset.h>
+#include <dns/rdatasetiter.h>
+#include <dns/rdatatype.h>
+#include <dns/result.h>
+#include <dns/types.h>
+#include <dns/zone.h>
+
+#include <isccfg/log.h>
+
+#include <ns/log.h>
+
+#include "check-tool.h"
+
+#ifndef CHECK_SIBLING
+#define CHECK_SIBLING 1
+#endif /* ifndef CHECK_SIBLING */
+
+#ifndef CHECK_LOCAL
+#define CHECK_LOCAL 1
+#endif /* ifndef CHECK_LOCAL */
+
+#define CHECK(r) \
+ do { \
+ result = (r); \
+ if (result != ISC_R_SUCCESS) \
+ goto cleanup; \
+ } while (0)
+
+#define ERR_IS_CNAME 1
+#define ERR_NO_ADDRESSES 2
+#define ERR_LOOKUP_FAILURE 3
+#define ERR_EXTRA_A 4
+#define ERR_EXTRA_AAAA 5
+#define ERR_MISSING_GLUE 5
+#define ERR_IS_MXCNAME 6
+#define ERR_IS_SRVCNAME 7
+
+static const char *dbtype[] = { "rbt" };
+
+int debug = 0;
+const char *journal = NULL;
+bool nomerge = true;
+#if CHECK_LOCAL
+bool docheckmx = true;
+bool dochecksrv = true;
+bool docheckns = true;
+#else /* if CHECK_LOCAL */
+bool docheckmx = false;
+bool dochecksrv = false;
+bool docheckns = false;
+#endif /* if CHECK_LOCAL */
+dns_zoneopt_t zone_options = DNS_ZONEOPT_CHECKNS | DNS_ZONEOPT_CHECKMX |
+ DNS_ZONEOPT_MANYERRORS | DNS_ZONEOPT_CHECKNAMES |
+ DNS_ZONEOPT_CHECKINTEGRITY |
+#if CHECK_SIBLING
+ DNS_ZONEOPT_CHECKSIBLING |
+#endif /* if CHECK_SIBLING */
+ DNS_ZONEOPT_CHECKWILDCARD |
+ DNS_ZONEOPT_WARNMXCNAME | DNS_ZONEOPT_WARNSRVCNAME;
+
+/*
+ * This needs to match the list in bin/named/log.c.
+ */
+static isc_logcategory_t categories[] = { { "", 0 },
+ { "unmatched", 0 },
+ { NULL, 0 } };
+
+static isc_symtab_t *symtab = NULL;
+static isc_mem_t *sym_mctx;
+
+static void
+freekey(char *key, unsigned int type, isc_symvalue_t value, void *userarg) {
+ UNUSED(type);
+ UNUSED(value);
+ isc_mem_free(userarg, key);
+}
+
+static void
+add(char *key, int value) {
+ isc_result_t result;
+ isc_symvalue_t symvalue;
+
+ if (sym_mctx == NULL) {
+ isc_mem_create(&sym_mctx);
+ }
+
+ if (symtab == NULL) {
+ result = isc_symtab_create(sym_mctx, 100, freekey, sym_mctx,
+ false, &symtab);
+ if (result != ISC_R_SUCCESS) {
+ return;
+ }
+ }
+
+ key = isc_mem_strdup(sym_mctx, key);
+
+ symvalue.as_pointer = NULL;
+ result = isc_symtab_define(symtab, key, value, symvalue,
+ isc_symexists_reject);
+ if (result != ISC_R_SUCCESS) {
+ isc_mem_free(sym_mctx, key);
+ }
+}
+
+static bool
+logged(char *key, int value) {
+ isc_result_t result;
+
+ if (symtab == NULL) {
+ return (false);
+ }
+
+ result = isc_symtab_lookup(symtab, key, value, NULL);
+ if (result == ISC_R_SUCCESS) {
+ return (true);
+ }
+ return (false);
+}
+
+static bool
+checkns(dns_zone_t *zone, const dns_name_t *name, const dns_name_t *owner,
+ dns_rdataset_t *a, dns_rdataset_t *aaaa) {
+ dns_rdataset_t *rdataset;
+ dns_rdata_t rdata = DNS_RDATA_INIT;
+ struct addrinfo hints, *ai, *cur;
+ char namebuf[DNS_NAME_FORMATSIZE + 1];
+ char ownerbuf[DNS_NAME_FORMATSIZE];
+ char addrbuf[sizeof("xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:123.123.123.123")];
+ bool answer = true;
+ bool match;
+ const char *type;
+ void *ptr = NULL;
+ int result;
+
+ REQUIRE(a == NULL || !dns_rdataset_isassociated(a) ||
+ a->type == dns_rdatatype_a);
+ REQUIRE(aaaa == NULL || !dns_rdataset_isassociated(aaaa) ||
+ aaaa->type == dns_rdatatype_aaaa);
+
+ if (a == NULL || aaaa == NULL) {
+ return (answer);
+ }
+
+ memset(&hints, 0, sizeof(hints));
+ hints.ai_flags = AI_CANONNAME;
+ hints.ai_family = PF_UNSPEC;
+ hints.ai_socktype = SOCK_STREAM;
+ hints.ai_protocol = IPPROTO_TCP;
+
+ dns_name_format(name, namebuf, sizeof(namebuf) - 1);
+ /*
+ * Turn off search.
+ */
+ if (dns_name_countlabels(name) > 1U) {
+ strlcat(namebuf, ".", sizeof(namebuf));
+ }
+ dns_name_format(owner, ownerbuf, sizeof(ownerbuf));
+
+ result = getaddrinfo(namebuf, NULL, &hints, &ai);
+ dns_name_format(name, namebuf, sizeof(namebuf) - 1);
+ switch (result) {
+ case 0:
+ /*
+ * Work around broken getaddrinfo() implementations that
+ * fail to set ai_canonname on first entry.
+ */
+ cur = ai;
+ while (cur != NULL && cur->ai_canonname == NULL &&
+ cur->ai_next != NULL)
+ {
+ cur = cur->ai_next;
+ }
+ if (cur != NULL && cur->ai_canonname != NULL &&
+ strcasecmp(cur->ai_canonname, namebuf) != 0 &&
+ !logged(namebuf, ERR_IS_CNAME))
+ {
+ dns_zone_log(zone, ISC_LOG_ERROR,
+ "%s/NS '%s' (out of zone) "
+ "is a CNAME '%s' (illegal)",
+ ownerbuf, namebuf, cur->ai_canonname);
+ /* XXX950 make fatal for 9.5.0 */
+ /* answer = false; */
+ add(namebuf, ERR_IS_CNAME);
+ }
+ break;
+ case EAI_NONAME:
+#if defined(EAI_NODATA) && (EAI_NODATA != EAI_NONAME)
+ case EAI_NODATA:
+#endif /* if defined(EAI_NODATA) && (EAI_NODATA != EAI_NONAME) */
+ if (!logged(namebuf, ERR_NO_ADDRESSES)) {
+ dns_zone_log(zone, ISC_LOG_ERROR,
+ "%s/NS '%s' (out of zone) "
+ "has no addresses records (A or AAAA)",
+ ownerbuf, namebuf);
+ add(namebuf, ERR_NO_ADDRESSES);
+ }
+ /* XXX950 make fatal for 9.5.0 */
+ return (true);
+
+ default:
+ if (!logged(namebuf, ERR_LOOKUP_FAILURE)) {
+ dns_zone_log(zone, ISC_LOG_WARNING,
+ "getaddrinfo(%s) failed: %s", namebuf,
+ gai_strerror(result));
+ add(namebuf, ERR_LOOKUP_FAILURE);
+ }
+ return (true);
+ }
+
+ /*
+ * Check that all glue records really exist.
+ */
+ if (!dns_rdataset_isassociated(a)) {
+ goto checkaaaa;
+ }
+ result = dns_rdataset_first(a);
+ while (result == ISC_R_SUCCESS) {
+ dns_rdataset_current(a, &rdata);
+ match = false;
+ for (cur = ai; cur != NULL; cur = cur->ai_next) {
+ if (cur->ai_family != AF_INET) {
+ continue;
+ }
+ ptr = &((struct sockaddr_in *)(cur->ai_addr))->sin_addr;
+ if (memcmp(ptr, rdata.data, rdata.length) == 0) {
+ match = true;
+ break;
+ }
+ }
+ if (!match && !logged(namebuf, ERR_EXTRA_A)) {
+ dns_zone_log(zone, ISC_LOG_ERROR,
+ "%s/NS '%s' "
+ "extra GLUE A record (%s)",
+ ownerbuf, namebuf,
+ inet_ntop(AF_INET, rdata.data, addrbuf,
+ sizeof(addrbuf)));
+ add(namebuf, ERR_EXTRA_A);
+ /* XXX950 make fatal for 9.5.0 */
+ /* answer = false; */
+ }
+ dns_rdata_reset(&rdata);
+ result = dns_rdataset_next(a);
+ }
+
+checkaaaa:
+ if (!dns_rdataset_isassociated(aaaa)) {
+ goto checkmissing;
+ }
+ result = dns_rdataset_first(aaaa);
+ while (result == ISC_R_SUCCESS) {
+ dns_rdataset_current(aaaa, &rdata);
+ match = false;
+ for (cur = ai; cur != NULL; cur = cur->ai_next) {
+ if (cur->ai_family != AF_INET6) {
+ continue;
+ }
+ ptr = &((struct sockaddr_in6 *)(cur->ai_addr))
+ ->sin6_addr;
+ if (memcmp(ptr, rdata.data, rdata.length) == 0) {
+ match = true;
+ break;
+ }
+ }
+ if (!match && !logged(namebuf, ERR_EXTRA_AAAA)) {
+ dns_zone_log(zone, ISC_LOG_ERROR,
+ "%s/NS '%s' "
+ "extra GLUE AAAA record (%s)",
+ ownerbuf, namebuf,
+ inet_ntop(AF_INET6, rdata.data, addrbuf,
+ sizeof(addrbuf)));
+ add(namebuf, ERR_EXTRA_AAAA);
+ /* XXX950 make fatal for 9.5.0. */
+ /* answer = false; */
+ }
+ dns_rdata_reset(&rdata);
+ result = dns_rdataset_next(aaaa);
+ }
+
+checkmissing:
+ /*
+ * Check that all addresses appear in the glue.
+ */
+ if (!logged(namebuf, ERR_MISSING_GLUE)) {
+ bool missing_glue = false;
+ for (cur = ai; cur != NULL; cur = cur->ai_next) {
+ switch (cur->ai_family) {
+ case AF_INET:
+ rdataset = a;
+ ptr = &((struct sockaddr_in *)(cur->ai_addr))
+ ->sin_addr;
+ type = "A";
+ break;
+ case AF_INET6:
+ rdataset = aaaa;
+ ptr = &((struct sockaddr_in6 *)(cur->ai_addr))
+ ->sin6_addr;
+ type = "AAAA";
+ break;
+ default:
+ continue;
+ }
+ match = false;
+ if (dns_rdataset_isassociated(rdataset)) {
+ result = dns_rdataset_first(rdataset);
+ } else {
+ result = ISC_R_FAILURE;
+ }
+ while (result == ISC_R_SUCCESS && !match) {
+ dns_rdataset_current(rdataset, &rdata);
+ if (memcmp(ptr, rdata.data, rdata.length) == 0)
+ {
+ match = true;
+ }
+ dns_rdata_reset(&rdata);
+ result = dns_rdataset_next(rdataset);
+ }
+ if (!match) {
+ dns_zone_log(zone, ISC_LOG_ERROR,
+ "%s/NS '%s' "
+ "missing GLUE %s record (%s)",
+ ownerbuf, namebuf, type,
+ inet_ntop(cur->ai_family, ptr,
+ addrbuf,
+ sizeof(addrbuf)));
+ /* XXX950 make fatal for 9.5.0. */
+ /* answer = false; */
+ missing_glue = true;
+ }
+ }
+ if (missing_glue) {
+ add(namebuf, ERR_MISSING_GLUE);
+ }
+ }
+ freeaddrinfo(ai);
+ return (answer);
+}
+
+static bool
+checkmx(dns_zone_t *zone, const dns_name_t *name, const dns_name_t *owner) {
+ struct addrinfo hints, *ai, *cur;
+ char namebuf[DNS_NAME_FORMATSIZE + 1];
+ char ownerbuf[DNS_NAME_FORMATSIZE];
+ int result;
+ int level = ISC_LOG_ERROR;
+ bool answer = true;
+
+ memset(&hints, 0, sizeof(hints));
+ hints.ai_flags = AI_CANONNAME;
+ hints.ai_family = PF_UNSPEC;
+ hints.ai_socktype = SOCK_STREAM;
+ hints.ai_protocol = IPPROTO_TCP;
+
+ dns_name_format(name, namebuf, sizeof(namebuf) - 1);
+ /*
+ * Turn off search.
+ */
+ if (dns_name_countlabels(name) > 1U) {
+ strlcat(namebuf, ".", sizeof(namebuf));
+ }
+ dns_name_format(owner, ownerbuf, sizeof(ownerbuf));
+
+ result = getaddrinfo(namebuf, NULL, &hints, &ai);
+ dns_name_format(name, namebuf, sizeof(namebuf) - 1);
+ switch (result) {
+ case 0:
+ /*
+ * Work around broken getaddrinfo() implementations that
+ * fail to set ai_canonname on first entry.
+ */
+ cur = ai;
+ while (cur != NULL && cur->ai_canonname == NULL &&
+ cur->ai_next != NULL)
+ {
+ cur = cur->ai_next;
+ }
+ if (cur != NULL && cur->ai_canonname != NULL &&
+ strcasecmp(cur->ai_canonname, namebuf) != 0)
+ {
+ if ((zone_options & DNS_ZONEOPT_WARNMXCNAME) != 0) {
+ level = ISC_LOG_WARNING;
+ }
+ if ((zone_options & DNS_ZONEOPT_IGNOREMXCNAME) == 0) {
+ if (!logged(namebuf, ERR_IS_MXCNAME)) {
+ dns_zone_log(zone, level,
+ "%s/MX '%s' (out of zone)"
+ " is a CNAME '%s' "
+ "(illegal)",
+ ownerbuf, namebuf,
+ cur->ai_canonname);
+ add(namebuf, ERR_IS_MXCNAME);
+ }
+ if (level == ISC_LOG_ERROR) {
+ answer = false;
+ }
+ }
+ }
+ freeaddrinfo(ai);
+ return (answer);
+
+ case EAI_NONAME:
+#if defined(EAI_NODATA) && (EAI_NODATA != EAI_NONAME)
+ case EAI_NODATA:
+#endif /* if defined(EAI_NODATA) && (EAI_NODATA != EAI_NONAME) */
+ if (!logged(namebuf, ERR_NO_ADDRESSES)) {
+ dns_zone_log(zone, ISC_LOG_ERROR,
+ "%s/MX '%s' (out of zone) "
+ "has no addresses records (A or AAAA)",
+ ownerbuf, namebuf);
+ add(namebuf, ERR_NO_ADDRESSES);
+ }
+ /* XXX950 make fatal for 9.5.0. */
+ return (true);
+
+ default:
+ if (!logged(namebuf, ERR_LOOKUP_FAILURE)) {
+ dns_zone_log(zone, ISC_LOG_WARNING,
+ "getaddrinfo(%s) failed: %s", namebuf,
+ gai_strerror(result));
+ add(namebuf, ERR_LOOKUP_FAILURE);
+ }
+ return (true);
+ }
+}
+
+static bool
+checksrv(dns_zone_t *zone, const dns_name_t *name, const dns_name_t *owner) {
+ struct addrinfo hints, *ai, *cur;
+ char namebuf[DNS_NAME_FORMATSIZE + 1];
+ char ownerbuf[DNS_NAME_FORMATSIZE];
+ int result;
+ int level = ISC_LOG_ERROR;
+ bool answer = true;
+
+ memset(&hints, 0, sizeof(hints));
+ hints.ai_flags = AI_CANONNAME;
+ hints.ai_family = PF_UNSPEC;
+ hints.ai_socktype = SOCK_STREAM;
+ hints.ai_protocol = IPPROTO_TCP;
+
+ dns_name_format(name, namebuf, sizeof(namebuf) - 1);
+ /*
+ * Turn off search.
+ */
+ if (dns_name_countlabels(name) > 1U) {
+ strlcat(namebuf, ".", sizeof(namebuf));
+ }
+ dns_name_format(owner, ownerbuf, sizeof(ownerbuf));
+
+ result = getaddrinfo(namebuf, NULL, &hints, &ai);
+ dns_name_format(name, namebuf, sizeof(namebuf) - 1);
+ switch (result) {
+ case 0:
+ /*
+ * Work around broken getaddrinfo() implementations that
+ * fail to set ai_canonname on first entry.
+ */
+ cur = ai;
+ while (cur != NULL && cur->ai_canonname == NULL &&
+ cur->ai_next != NULL)
+ {
+ cur = cur->ai_next;
+ }
+ if (cur != NULL && cur->ai_canonname != NULL &&
+ strcasecmp(cur->ai_canonname, namebuf) != 0)
+ {
+ if ((zone_options & DNS_ZONEOPT_WARNSRVCNAME) != 0) {
+ level = ISC_LOG_WARNING;
+ }
+ if ((zone_options & DNS_ZONEOPT_IGNORESRVCNAME) == 0) {
+ if (!logged(namebuf, ERR_IS_SRVCNAME)) {
+ dns_zone_log(zone, level,
+ "%s/SRV '%s'"
+ " (out of zone) is a "
+ "CNAME '%s' (illegal)",
+ ownerbuf, namebuf,
+ cur->ai_canonname);
+ add(namebuf, ERR_IS_SRVCNAME);
+ }
+ if (level == ISC_LOG_ERROR) {
+ answer = false;
+ }
+ }
+ }
+ freeaddrinfo(ai);
+ return (answer);
+
+ case EAI_NONAME:
+#if defined(EAI_NODATA) && (EAI_NODATA != EAI_NONAME)
+ case EAI_NODATA:
+#endif /* if defined(EAI_NODATA) && (EAI_NODATA != EAI_NONAME) */
+ if (!logged(namebuf, ERR_NO_ADDRESSES)) {
+ dns_zone_log(zone, ISC_LOG_ERROR,
+ "%s/SRV '%s' (out of zone) "
+ "has no addresses records (A or AAAA)",
+ ownerbuf, namebuf);
+ add(namebuf, ERR_NO_ADDRESSES);
+ }
+ /* XXX950 make fatal for 9.5.0. */
+ return (true);
+
+ default:
+ if (!logged(namebuf, ERR_LOOKUP_FAILURE)) {
+ dns_zone_log(zone, ISC_LOG_WARNING,
+ "getaddrinfo(%s) failed: %s", namebuf,
+ gai_strerror(result));
+ add(namebuf, ERR_LOOKUP_FAILURE);
+ }
+ return (true);
+ }
+}
+
+isc_result_t
+setup_logging(isc_mem_t *mctx, FILE *errout, isc_log_t **logp) {
+ isc_logdestination_t destination;
+ isc_logconfig_t *logconfig = NULL;
+ isc_log_t *log = NULL;
+
+ isc_log_create(mctx, &log, &logconfig);
+ isc_log_registercategories(log, categories);
+ isc_log_setcontext(log);
+ dns_log_init(log);
+ dns_log_setcontext(log);
+ cfg_log_init(log);
+ ns_log_init(log);
+
+ destination.file.stream = errout;
+ destination.file.name = NULL;
+ destination.file.versions = ISC_LOG_ROLLNEVER;
+ destination.file.maximum_size = 0;
+ isc_log_createchannel(logconfig, "stderr", ISC_LOG_TOFILEDESC,
+ ISC_LOG_DYNAMIC, &destination, 0);
+
+ RUNTIME_CHECK(isc_log_usechannel(logconfig, "stderr", NULL, NULL) ==
+ ISC_R_SUCCESS);
+
+ *logp = log;
+ return (ISC_R_SUCCESS);
+}
+
+/*% scan the zone for oversize TTLs */
+static isc_result_t
+check_ttls(dns_zone_t *zone, dns_ttl_t maxttl) {
+ isc_result_t result;
+ dns_db_t *db = NULL;
+ dns_dbversion_t *version = NULL;
+ dns_dbnode_t *node = NULL;
+ dns_dbiterator_t *dbiter = NULL;
+ dns_rdatasetiter_t *rdsiter = NULL;
+ dns_rdataset_t rdataset;
+ dns_fixedname_t fname;
+ dns_name_t *name;
+ name = dns_fixedname_initname(&fname);
+ dns_rdataset_init(&rdataset);
+
+ CHECK(dns_zone_getdb(zone, &db));
+ INSIST(db != NULL);
+
+ CHECK(dns_db_newversion(db, &version));
+ CHECK(dns_db_createiterator(db, 0, &dbiter));
+
+ for (result = dns_dbiterator_first(dbiter); result == ISC_R_SUCCESS;
+ result = dns_dbiterator_next(dbiter))
+ {
+ result = dns_dbiterator_current(dbiter, &node, name);
+ if (result == DNS_R_NEWORIGIN) {
+ result = ISC_R_SUCCESS;
+ }
+ CHECK(result);
+
+ CHECK(dns_db_allrdatasets(db, node, version, 0, 0, &rdsiter));
+ for (result = dns_rdatasetiter_first(rdsiter);
+ result == ISC_R_SUCCESS;
+ result = dns_rdatasetiter_next(rdsiter))
+ {
+ dns_rdatasetiter_current(rdsiter, &rdataset);
+ if (rdataset.ttl > maxttl) {
+ char nbuf[DNS_NAME_FORMATSIZE];
+ char tbuf[255];
+ isc_buffer_t b;
+ isc_region_t r;
+
+ dns_name_format(name, nbuf, sizeof(nbuf));
+ isc_buffer_init(&b, tbuf, sizeof(tbuf) - 1);
+ CHECK(dns_rdatatype_totext(rdataset.type, &b));
+ isc_buffer_usedregion(&b, &r);
+ r.base[r.length] = 0;
+
+ dns_zone_log(zone, ISC_LOG_ERROR,
+ "%s/%s TTL %d exceeds "
+ "maximum TTL %d",
+ nbuf, tbuf, rdataset.ttl, maxttl);
+ dns_rdataset_disassociate(&rdataset);
+ CHECK(ISC_R_RANGE);
+ }
+ dns_rdataset_disassociate(&rdataset);
+ }
+ if (result == ISC_R_NOMORE) {
+ result = ISC_R_SUCCESS;
+ }
+ CHECK(result);
+
+ dns_rdatasetiter_destroy(&rdsiter);
+ dns_db_detachnode(db, &node);
+ }
+
+ if (result == ISC_R_NOMORE) {
+ result = ISC_R_SUCCESS;
+ }
+
+cleanup:
+ if (node != NULL) {
+ dns_db_detachnode(db, &node);
+ }
+ if (rdsiter != NULL) {
+ dns_rdatasetiter_destroy(&rdsiter);
+ }
+ if (dbiter != NULL) {
+ dns_dbiterator_destroy(&dbiter);
+ }
+ if (version != NULL) {
+ dns_db_closeversion(db, &version, false);
+ }
+ if (db != NULL) {
+ dns_db_detach(&db);
+ }
+
+ return (result);
+}
+
+/*% load the zone */
+isc_result_t
+load_zone(isc_mem_t *mctx, const char *zonename, const char *filename,
+ dns_masterformat_t fileformat, const char *classname,
+ dns_ttl_t maxttl, dns_zone_t **zonep) {
+ isc_result_t result;
+ dns_rdataclass_t rdclass;
+ isc_textregion_t region;
+ isc_buffer_t buffer;
+ dns_fixedname_t fixorigin;
+ dns_name_t *origin;
+ dns_zone_t *zone = NULL;
+
+ REQUIRE(zonep == NULL || *zonep == NULL);
+
+ if (debug) {
+ fprintf(stderr, "loading \"%s\" from \"%s\" class \"%s\"\n",
+ zonename, filename, classname);
+ }
+
+ CHECK(dns_zone_create(&zone, mctx));
+
+ dns_zone_settype(zone, dns_zone_primary);
+
+ isc_buffer_constinit(&buffer, zonename, strlen(zonename));
+ isc_buffer_add(&buffer, strlen(zonename));
+ origin = dns_fixedname_initname(&fixorigin);
+ CHECK(dns_name_fromtext(origin, &buffer, dns_rootname, 0, NULL));
+ CHECK(dns_zone_setorigin(zone, origin));
+ dns_zone_setdbtype(zone, 1, (const char *const *)dbtype);
+ CHECK(dns_zone_setfile(zone, filename, fileformat,
+ &dns_master_style_default));
+ if (journal != NULL) {
+ CHECK(dns_zone_setjournal(zone, journal));
+ }
+
+ DE_CONST(classname, region.base);
+ region.length = strlen(classname);
+ CHECK(dns_rdataclass_fromtext(&rdclass, &region));
+
+ dns_zone_setclass(zone, rdclass);
+ dns_zone_setoption(zone, zone_options, true);
+ dns_zone_setoption(zone, DNS_ZONEOPT_NOMERGE, nomerge);
+
+ dns_zone_setmaxttl(zone, maxttl);
+
+ if (docheckmx) {
+ dns_zone_setcheckmx(zone, checkmx);
+ }
+ if (docheckns) {
+ dns_zone_setcheckns(zone, checkns);
+ }
+ if (dochecksrv) {
+ dns_zone_setchecksrv(zone, checksrv);
+ }
+
+ CHECK(dns_zone_load(zone, false));
+
+ /*
+ * When loading map files we can't catch oversize TTLs during
+ * load, so we check for them here.
+ */
+ if (fileformat == dns_masterformat_map && maxttl != 0) {
+ CHECK(check_ttls(zone, maxttl));
+ }
+
+ if (zonep != NULL) {
+ *zonep = zone;
+ zone = NULL;
+ }
+
+cleanup:
+ if (zone != NULL) {
+ dns_zone_detach(&zone);
+ }
+ return (result);
+}
+
+/*% dump the zone */
+isc_result_t
+dump_zone(const char *zonename, dns_zone_t *zone, const char *filename,
+ dns_masterformat_t fileformat, const dns_master_style_t *style,
+ const uint32_t rawversion) {
+ isc_result_t result;
+ FILE *output = stdout;
+ const char *flags;
+
+ flags = (fileformat == dns_masterformat_text) ? "w" : "wb";
+
+ if (debug) {
+ if (filename != NULL && strcmp(filename, "-") != 0) {
+ fprintf(stderr, "dumping \"%s\" to \"%s\"\n", zonename,
+ filename);
+ } else {
+ fprintf(stderr, "dumping \"%s\"\n", zonename);
+ }
+ }
+
+ if (filename != NULL && strcmp(filename, "-") != 0) {
+ result = isc_stdio_open(filename, flags, &output);
+
+ if (result != ISC_R_SUCCESS) {
+ fprintf(stderr,
+ "could not open output "
+ "file \"%s\" for writing\n",
+ filename);
+ return (ISC_R_FAILURE);
+ }
+ }
+
+ result = dns_zone_dumptostream(zone, output, fileformat, style,
+ rawversion);
+ if (output != stdout) {
+ (void)isc_stdio_close(output);
+ }
+
+ return (result);
+}
+
+#ifdef _WIN32
+void
+InitSockets(void) {
+ WORD wVersionRequested;
+ WSADATA wsaData;
+ int err;
+
+ wVersionRequested = MAKEWORD(2, 0);
+
+ err = WSAStartup(wVersionRequested, &wsaData);
+ if (err != 0) {
+ fprintf(stderr, "WSAStartup() failed: %d\n", err);
+ exit(1);
+ }
+}
+
+void
+DestroySockets(void) {
+ WSACleanup();
+}
+#endif /* ifdef _WIN32 */
diff --git a/bin/check/check-tool.h b/bin/check/check-tool.h
new file mode 100644
index 0000000..735ad43
--- /dev/null
+++ b/bin/check/check-tool.h
@@ -0,0 +1,62 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * SPDX-License-Identifier: MPL-2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+#ifndef CHECK_TOOL_H
+#define CHECK_TOOL_H
+
+/*! \file */
+
+#include <inttypes.h>
+#include <stdbool.h>
+
+#include <isc/lang.h>
+#include <isc/stdio.h>
+#include <isc/types.h>
+
+#include <dns/masterdump.h>
+#include <dns/types.h>
+#include <dns/zone.h>
+
+ISC_LANG_BEGINDECLS
+
+isc_result_t
+setup_logging(isc_mem_t *mctx, FILE *errout, isc_log_t **logp);
+
+isc_result_t
+load_zone(isc_mem_t *mctx, const char *zonename, const char *filename,
+ dns_masterformat_t fileformat, const char *classname,
+ dns_ttl_t maxttl, dns_zone_t **zonep);
+
+isc_result_t
+dump_zone(const char *zonename, dns_zone_t *zone, const char *filename,
+ dns_masterformat_t fileformat, const dns_master_style_t *style,
+ const uint32_t rawversion);
+
+#ifdef _WIN32
+void
+InitSockets(void);
+void
+DestroySockets(void);
+#endif /* ifdef _WIN32 */
+
+extern int debug;
+extern const char *journal;
+extern bool nomerge;
+extern bool docheckmx;
+extern bool docheckns;
+extern bool dochecksrv;
+extern dns_zoneopt_t zone_options;
+
+ISC_LANG_ENDDECLS
+
+#endif /* ifndef CHECK_TOOL_H */
diff --git a/bin/check/named-checkconf.c b/bin/check/named-checkconf.c
new file mode 100644
index 0000000..9e54d34
--- /dev/null
+++ b/bin/check/named-checkconf.c
@@ -0,0 +1,771 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * SPDX-License-Identifier: MPL-2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+/*! \file */
+
+#include <errno.h>
+#include <stdbool.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+#include <isc/commandline.h>
+#include <isc/dir.h>
+#include <isc/hash.h>
+#include <isc/log.h>
+#include <isc/mem.h>
+#include <isc/print.h>
+#include <isc/result.h>
+#include <isc/string.h>
+#include <isc/util.h>
+
+#include <dns/db.h>
+#include <dns/fixedname.h>
+#include <dns/log.h>
+#include <dns/name.h>
+#include <dns/rdataclass.h>
+#include <dns/result.h>
+#include <dns/rootns.h>
+#include <dns/zone.h>
+
+#include <isccfg/grammar.h>
+#include <isccfg/namedconf.h>
+
+#include <bind9/check.h>
+
+#include "check-tool.h"
+
+static const char *program = "named-checkconf";
+
+static bool loadplugins = true;
+
+isc_log_t *logc = NULL;
+
+#define CHECK(r) \
+ do { \
+ result = (r); \
+ if (result != ISC_R_SUCCESS) \
+ goto cleanup; \
+ } while (0)
+
+/*% usage */
+ISC_PLATFORM_NORETURN_PRE static void
+usage(void) ISC_PLATFORM_NORETURN_POST;
+
+static void
+usage(void) {
+ fprintf(stderr,
+ "usage: %s [-chijlvz] [-p [-x]] [-t directory] "
+ "[named.conf]\n",
+ program);
+ exit(1);
+}
+
+/*% directory callback */
+static isc_result_t
+directory_callback(const char *clausename, const cfg_obj_t *obj, void *arg) {
+ isc_result_t result;
+ const char *directory;
+
+ REQUIRE(strcasecmp("directory", clausename) == 0);
+
+ UNUSED(arg);
+ UNUSED(clausename);
+
+ /*
+ * Change directory.
+ */
+ directory = cfg_obj_asstring(obj);
+ result = isc_dir_chdir(directory);
+ if (result != ISC_R_SUCCESS) {
+ cfg_obj_log(obj, logc, ISC_LOG_ERROR,
+ "change directory to '%s' failed: %s\n", directory,
+ isc_result_totext(result));
+ return (result);
+ }
+
+ return (ISC_R_SUCCESS);
+}
+
+static bool
+get_maps(const cfg_obj_t **maps, const char *name, const cfg_obj_t **obj) {
+ int i;
+ for (i = 0;; i++) {
+ if (maps[i] == NULL) {
+ return (false);
+ }
+ if (cfg_map_get(maps[i], name, obj) == ISC_R_SUCCESS) {
+ return (true);
+ }
+ }
+}
+
+static bool
+get_checknames(const cfg_obj_t **maps, const cfg_obj_t **obj) {
+ const cfg_listelt_t *element;
+ const cfg_obj_t *checknames;
+ const cfg_obj_t *type;
+ const cfg_obj_t *value;
+ isc_result_t result;
+ int i;
+
+ for (i = 0;; i++) {
+ if (maps[i] == NULL) {
+ return (false);
+ }
+ checknames = NULL;
+ result = cfg_map_get(maps[i], "check-names", &checknames);
+ if (result != ISC_R_SUCCESS) {
+ continue;
+ }
+ if (checknames != NULL && !cfg_obj_islist(checknames)) {
+ *obj = checknames;
+ return (true);
+ }
+ for (element = cfg_list_first(checknames); element != NULL;
+ element = cfg_list_next(element))
+ {
+ value = cfg_listelt_value(element);
+ type = cfg_tuple_get(value, "type");
+ if ((strcasecmp(cfg_obj_asstring(type), "primary") !=
+ 0) &&
+ (strcasecmp(cfg_obj_asstring(type), "master") != 0))
+ {
+ continue;
+ }
+ *obj = cfg_tuple_get(value, "mode");
+ return (true);
+ }
+ }
+}
+
+static isc_result_t
+configure_hint(const char *zfile, const char *zclass, isc_mem_t *mctx) {
+ isc_result_t result;
+ dns_db_t *db = NULL;
+ dns_rdataclass_t rdclass;
+ isc_textregion_t r;
+
+ if (zfile == NULL) {
+ return (ISC_R_FAILURE);
+ }
+
+ DE_CONST(zclass, r.base);
+ r.length = strlen(zclass);
+ result = dns_rdataclass_fromtext(&rdclass, &r);
+ if (result != ISC_R_SUCCESS) {
+ return (result);
+ }
+
+ result = dns_rootns_create(mctx, rdclass, zfile, &db);
+ if (result != ISC_R_SUCCESS) {
+ return (result);
+ }
+
+ dns_db_detach(&db);
+ return (ISC_R_SUCCESS);
+}
+
+/*% configure the zone */
+static isc_result_t
+configure_zone(const char *vclass, const char *view, const cfg_obj_t *zconfig,
+ const cfg_obj_t *vconfig, const cfg_obj_t *config,
+ isc_mem_t *mctx, bool list) {
+ int i = 0;
+ isc_result_t result;
+ const char *zclass;
+ const char *zname;
+ const char *zfile = NULL;
+ const cfg_obj_t *maps[4];
+ const cfg_obj_t *primariesobj = NULL;
+ const cfg_obj_t *inviewobj = NULL;
+ const cfg_obj_t *zoptions = NULL;
+ const cfg_obj_t *classobj = NULL;
+ const cfg_obj_t *typeobj = NULL;
+ const cfg_obj_t *fileobj = NULL;
+ const cfg_obj_t *dlzobj = NULL;
+ const cfg_obj_t *dbobj = NULL;
+ const cfg_obj_t *obj = NULL;
+ const cfg_obj_t *fmtobj = NULL;
+ dns_masterformat_t masterformat;
+ dns_ttl_t maxttl = 0;
+
+ zone_options = DNS_ZONEOPT_CHECKNS | DNS_ZONEOPT_MANYERRORS;
+
+ zname = cfg_obj_asstring(cfg_tuple_get(zconfig, "name"));
+ classobj = cfg_tuple_get(zconfig, "class");
+ if (!cfg_obj_isstring(classobj)) {
+ zclass = vclass;
+ } else {
+ zclass = cfg_obj_asstring(classobj);
+ }
+
+ zoptions = cfg_tuple_get(zconfig, "options");
+ maps[i++] = zoptions;
+ if (vconfig != NULL) {
+ maps[i++] = cfg_tuple_get(vconfig, "options");
+ }
+ if (config != NULL) {
+ cfg_map_get(config, "options", &obj);
+ if (obj != NULL) {
+ maps[i++] = obj;
+ }
+ }
+ maps[i] = NULL;
+
+ cfg_map_get(zoptions, "in-view", &inviewobj);
+ if (inviewobj != NULL && list) {
+ const char *inview = cfg_obj_asstring(inviewobj);
+ printf("%s %s %s in-view %s\n", zname, zclass, view, inview);
+ }
+ if (inviewobj != NULL) {
+ return (ISC_R_SUCCESS);
+ }
+
+ cfg_map_get(zoptions, "type", &typeobj);
+ if (typeobj == NULL) {
+ return (ISC_R_FAILURE);
+ }
+
+ if (list) {
+ const char *ztype = cfg_obj_asstring(typeobj);
+ printf("%s %s %s %s\n", zname, zclass, view, ztype);
+ return (ISC_R_SUCCESS);
+ }
+
+ /*
+ * Skip checks when using an alternate data source.
+ */
+ cfg_map_get(zoptions, "database", &dbobj);
+ if (dbobj != NULL && strcmp("rbt", cfg_obj_asstring(dbobj)) != 0 &&
+ strcmp("rbt64", cfg_obj_asstring(dbobj)) != 0)
+ {
+ return (ISC_R_SUCCESS);
+ }
+
+ cfg_map_get(zoptions, "dlz", &dlzobj);
+ if (dlzobj != NULL) {
+ return (ISC_R_SUCCESS);
+ }
+
+ cfg_map_get(zoptions, "file", &fileobj);
+ if (fileobj != NULL) {
+ zfile = cfg_obj_asstring(fileobj);
+ }
+
+ /*
+ * Check hints files for hint zones.
+ * Skip loading checks for any type other than
+ * master and redirect
+ */
+ if (strcasecmp(cfg_obj_asstring(typeobj), "hint") == 0) {
+ return (configure_hint(zfile, zclass, mctx));
+ } else if ((strcasecmp(cfg_obj_asstring(typeobj), "primary") != 0) &&
+ (strcasecmp(cfg_obj_asstring(typeobj), "master") != 0) &&
+ (strcasecmp(cfg_obj_asstring(typeobj), "redirect") != 0))
+ {
+ return (ISC_R_SUCCESS);
+ }
+
+ /*
+ * Is the redirect zone configured as a slave?
+ */
+ if (strcasecmp(cfg_obj_asstring(typeobj), "redirect") == 0) {
+ cfg_map_get(zoptions, "primaries", &primariesobj);
+ if (primariesobj == NULL) {
+ cfg_map_get(zoptions, "masters", &primariesobj);
+ }
+
+ if (primariesobj != NULL) {
+ return (ISC_R_SUCCESS);
+ }
+ }
+
+ if (zfile == NULL) {
+ return (ISC_R_FAILURE);
+ }
+
+ obj = NULL;
+ if (get_maps(maps, "check-dup-records", &obj)) {
+ if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
+ zone_options |= DNS_ZONEOPT_CHECKDUPRR;
+ zone_options &= ~DNS_ZONEOPT_CHECKDUPRRFAIL;
+ } else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
+ zone_options |= DNS_ZONEOPT_CHECKDUPRR;
+ zone_options |= DNS_ZONEOPT_CHECKDUPRRFAIL;
+ } else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
+ zone_options &= ~DNS_ZONEOPT_CHECKDUPRR;
+ zone_options &= ~DNS_ZONEOPT_CHECKDUPRRFAIL;
+ } else {
+ UNREACHABLE();
+ }
+ } else {
+ zone_options |= DNS_ZONEOPT_CHECKDUPRR;
+ zone_options &= ~DNS_ZONEOPT_CHECKDUPRRFAIL;
+ }
+
+ obj = NULL;
+ if (get_maps(maps, "check-mx", &obj)) {
+ if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
+ zone_options |= DNS_ZONEOPT_CHECKMX;
+ zone_options &= ~DNS_ZONEOPT_CHECKMXFAIL;
+ } else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
+ zone_options |= DNS_ZONEOPT_CHECKMX;
+ zone_options |= DNS_ZONEOPT_CHECKMXFAIL;
+ } else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
+ zone_options &= ~DNS_ZONEOPT_CHECKMX;
+ zone_options &= ~DNS_ZONEOPT_CHECKMXFAIL;
+ } else {
+ UNREACHABLE();
+ }
+ } else {
+ zone_options |= DNS_ZONEOPT_CHECKMX;
+ zone_options &= ~DNS_ZONEOPT_CHECKMXFAIL;
+ }
+
+ obj = NULL;
+ if (get_maps(maps, "check-integrity", &obj)) {
+ if (cfg_obj_asboolean(obj)) {
+ zone_options |= DNS_ZONEOPT_CHECKINTEGRITY;
+ } else {
+ zone_options &= ~DNS_ZONEOPT_CHECKINTEGRITY;
+ }
+ } else {
+ zone_options |= DNS_ZONEOPT_CHECKINTEGRITY;
+ }
+
+ obj = NULL;
+ if (get_maps(maps, "check-mx-cname", &obj)) {
+ if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
+ zone_options |= DNS_ZONEOPT_WARNMXCNAME;
+ zone_options &= ~DNS_ZONEOPT_IGNOREMXCNAME;
+ } else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
+ zone_options &= ~DNS_ZONEOPT_WARNMXCNAME;
+ zone_options &= ~DNS_ZONEOPT_IGNOREMXCNAME;
+ } else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
+ zone_options |= DNS_ZONEOPT_WARNMXCNAME;
+ zone_options |= DNS_ZONEOPT_IGNOREMXCNAME;
+ } else {
+ UNREACHABLE();
+ }
+ } else {
+ zone_options |= DNS_ZONEOPT_WARNMXCNAME;
+ zone_options &= ~DNS_ZONEOPT_IGNOREMXCNAME;
+ }
+
+ obj = NULL;
+ if (get_maps(maps, "check-srv-cname", &obj)) {
+ if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
+ zone_options |= DNS_ZONEOPT_WARNSRVCNAME;
+ zone_options &= ~DNS_ZONEOPT_IGNORESRVCNAME;
+ } else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
+ zone_options &= ~DNS_ZONEOPT_WARNSRVCNAME;
+ zone_options &= ~DNS_ZONEOPT_IGNORESRVCNAME;
+ } else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
+ zone_options |= DNS_ZONEOPT_WARNSRVCNAME;
+ zone_options |= DNS_ZONEOPT_IGNORESRVCNAME;
+ } else {
+ UNREACHABLE();
+ }
+ } else {
+ zone_options |= DNS_ZONEOPT_WARNSRVCNAME;
+ zone_options &= ~DNS_ZONEOPT_IGNORESRVCNAME;
+ }
+
+ obj = NULL;
+ if (get_maps(maps, "check-sibling", &obj)) {
+ if (cfg_obj_asboolean(obj)) {
+ zone_options |= DNS_ZONEOPT_CHECKSIBLING;
+ } else {
+ zone_options &= ~DNS_ZONEOPT_CHECKSIBLING;
+ }
+ }
+
+ obj = NULL;
+ if (get_maps(maps, "check-spf", &obj)) {
+ if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
+ zone_options |= DNS_ZONEOPT_CHECKSPF;
+ } else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
+ zone_options &= ~DNS_ZONEOPT_CHECKSPF;
+ } else {
+ UNREACHABLE();
+ }
+ } else {
+ zone_options |= DNS_ZONEOPT_CHECKSPF;
+ }
+
+ obj = NULL;
+ if (get_maps(maps, "check-wildcard", &obj)) {
+ if (cfg_obj_asboolean(obj)) {
+ zone_options |= DNS_ZONEOPT_CHECKWILDCARD;
+ } else {
+ zone_options &= ~DNS_ZONEOPT_CHECKWILDCARD;
+ }
+ } else {
+ zone_options |= DNS_ZONEOPT_CHECKWILDCARD;
+ }
+
+ obj = NULL;
+ if (get_checknames(maps, &obj)) {
+ if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
+ zone_options |= DNS_ZONEOPT_CHECKNAMES;
+ zone_options &= ~DNS_ZONEOPT_CHECKNAMESFAIL;
+ } else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
+ zone_options |= DNS_ZONEOPT_CHECKNAMES;
+ zone_options |= DNS_ZONEOPT_CHECKNAMESFAIL;
+ } else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
+ zone_options &= ~DNS_ZONEOPT_CHECKNAMES;
+ zone_options &= ~DNS_ZONEOPT_CHECKNAMESFAIL;
+ } else {
+ UNREACHABLE();
+ }
+ } else {
+ zone_options |= DNS_ZONEOPT_CHECKNAMES;
+ zone_options |= DNS_ZONEOPT_CHECKNAMESFAIL;
+ }
+
+ masterformat = dns_masterformat_text;
+ fmtobj = NULL;
+ if (get_maps(maps, "masterfile-format", &fmtobj)) {
+ const char *masterformatstr = cfg_obj_asstring(fmtobj);
+ if (strcasecmp(masterformatstr, "text") == 0) {
+ masterformat = dns_masterformat_text;
+ } else if (strcasecmp(masterformatstr, "raw") == 0) {
+ masterformat = dns_masterformat_raw;
+ } else if (strcasecmp(masterformatstr, "map") == 0) {
+ masterformat = dns_masterformat_map;
+ } else {
+ UNREACHABLE();
+ }
+ }
+
+ obj = NULL;
+ if (get_maps(maps, "max-zone-ttl", &obj)) {
+ maxttl = cfg_obj_asduration(obj);
+ zone_options |= DNS_ZONEOPT_CHECKTTL;
+ }
+
+ result = load_zone(mctx, zname, zfile, masterformat, zclass, maxttl,
+ NULL);
+ if (result != ISC_R_SUCCESS) {
+ fprintf(stderr, "%s/%s/%s: %s\n", view, zname, zclass,
+ dns_result_totext(result));
+ }
+ return (result);
+}
+
+/*% configure a view */
+static isc_result_t
+configure_view(const char *vclass, const char *view, const cfg_obj_t *config,
+ const cfg_obj_t *vconfig, isc_mem_t *mctx, bool list) {
+ const cfg_listelt_t *element;
+ const cfg_obj_t *voptions;
+ const cfg_obj_t *zonelist;
+ isc_result_t result = ISC_R_SUCCESS;
+ isc_result_t tresult;
+
+ voptions = NULL;
+ if (vconfig != NULL) {
+ voptions = cfg_tuple_get(vconfig, "options");
+ }
+
+ zonelist = NULL;
+ if (voptions != NULL) {
+ (void)cfg_map_get(voptions, "zone", &zonelist);
+ } else {
+ (void)cfg_map_get(config, "zone", &zonelist);
+ }
+
+ for (element = cfg_list_first(zonelist); element != NULL;
+ element = cfg_list_next(element))
+ {
+ const cfg_obj_t *zconfig = cfg_listelt_value(element);
+ tresult = configure_zone(vclass, view, zconfig, vconfig, config,
+ mctx, list);
+ if (tresult != ISC_R_SUCCESS) {
+ result = tresult;
+ }
+ }
+ return (result);
+}
+
+static isc_result_t
+config_getclass(const cfg_obj_t *classobj, dns_rdataclass_t defclass,
+ dns_rdataclass_t *classp) {
+ isc_textregion_t r;
+
+ if (!cfg_obj_isstring(classobj)) {
+ *classp = defclass;
+ return (ISC_R_SUCCESS);
+ }
+ DE_CONST(cfg_obj_asstring(classobj), r.base);
+ r.length = strlen(r.base);
+ return (dns_rdataclass_fromtext(classp, &r));
+}
+
+/*% load zones from the configuration */
+static isc_result_t
+load_zones_fromconfig(const cfg_obj_t *config, isc_mem_t *mctx,
+ bool list_zones) {
+ const cfg_listelt_t *element;
+ const cfg_obj_t *views;
+ const cfg_obj_t *vconfig;
+ isc_result_t result = ISC_R_SUCCESS;
+ isc_result_t tresult;
+
+ views = NULL;
+
+ (void)cfg_map_get(config, "view", &views);
+ for (element = cfg_list_first(views); element != NULL;
+ element = cfg_list_next(element))
+ {
+ const cfg_obj_t *classobj;
+ dns_rdataclass_t viewclass;
+ const char *vname;
+ char buf[sizeof("CLASS65535")];
+
+ vconfig = cfg_listelt_value(element);
+ if (vconfig == NULL) {
+ continue;
+ }
+
+ classobj = cfg_tuple_get(vconfig, "class");
+ tresult = config_getclass(classobj, dns_rdataclass_in,
+ &viewclass);
+ if (tresult != ISC_R_SUCCESS) {
+ CHECK(tresult);
+ }
+
+ if (dns_rdataclass_ismeta(viewclass)) {
+ CHECK(ISC_R_FAILURE);
+ }
+
+ dns_rdataclass_format(viewclass, buf, sizeof(buf));
+ vname = cfg_obj_asstring(cfg_tuple_get(vconfig, "name"));
+ tresult = configure_view(buf, vname, config, vconfig, mctx,
+ list_zones);
+ if (tresult != ISC_R_SUCCESS) {
+ result = tresult;
+ }
+ }
+
+ if (views == NULL) {
+ tresult = configure_view("IN", "_default", config, NULL, mctx,
+ list_zones);
+ if (tresult != ISC_R_SUCCESS) {
+ result = tresult;
+ }
+ }
+
+cleanup:
+ return (result);
+}
+
+static void
+output(void *closure, const char *text, int textlen) {
+ UNUSED(closure);
+ if (fwrite(text, 1, textlen, stdout) != (size_t)textlen) {
+ perror("fwrite");
+ exit(1);
+ }
+}
+
+/*% The main processing routine */
+int
+main(int argc, char **argv) {
+ int c;
+ cfg_parser_t *parser = NULL;
+ cfg_obj_t *config = NULL;
+ const char *conffile = NULL;
+ isc_mem_t *mctx = NULL;
+ isc_result_t result;
+ int exit_status = 0;
+ bool load_zones = false;
+ bool list_zones = false;
+ bool print = false;
+ bool nodeprecate = false;
+ unsigned int flags = 0;
+
+ isc_commandline_errprint = false;
+
+ /*
+ * Process memory debugging argument first.
+ */
+#define CMDLINE_FLAGS "cdhijlm:t:pvxz"
+ while ((c = isc_commandline_parse(argc, argv, CMDLINE_FLAGS)) != -1) {
+ switch (c) {
+ case 'm':
+ if (strcasecmp(isc_commandline_argument, "record") == 0)
+ {
+ isc_mem_debugging |= ISC_MEM_DEBUGRECORD;
+ }
+ if (strcasecmp(isc_commandline_argument, "trace") == 0)
+ {
+ isc_mem_debugging |= ISC_MEM_DEBUGTRACE;
+ }
+ if (strcasecmp(isc_commandline_argument, "usage") == 0)
+ {
+ isc_mem_debugging |= ISC_MEM_DEBUGUSAGE;
+ }
+ if (strcasecmp(isc_commandline_argument, "size") == 0) {
+ isc_mem_debugging |= ISC_MEM_DEBUGSIZE;
+ }
+ if (strcasecmp(isc_commandline_argument, "mctx") == 0) {
+ isc_mem_debugging |= ISC_MEM_DEBUGCTX;
+ }
+ break;
+ default:
+ break;
+ }
+ }
+ isc_commandline_reset = true;
+
+ isc_mem_create(&mctx);
+
+ while ((c = isc_commandline_parse(argc, argv, CMDLINE_FLAGS)) != EOF) {
+ switch (c) {
+ case 'c':
+ loadplugins = false;
+ break;
+
+ case 'd':
+ debug++;
+ break;
+
+ case 'i':
+ nodeprecate = true;
+ break;
+
+ case 'j':
+ nomerge = false;
+ break;
+
+ case 'l':
+ list_zones = true;
+ break;
+
+ case 'm':
+ break;
+
+ case 't':
+ result = isc_dir_chroot(isc_commandline_argument);
+ if (result != ISC_R_SUCCESS) {
+ fprintf(stderr, "isc_dir_chroot: %s\n",
+ isc_result_totext(result));
+ exit(1);
+ }
+ break;
+
+ case 'p':
+ print = true;
+ break;
+
+ case 'v':
+ printf(VERSION "\n");
+ exit(0);
+
+ case 'x':
+ flags |= CFG_PRINTER_XKEY;
+ break;
+
+ case 'z':
+ load_zones = true;
+ docheckmx = false;
+ docheckns = false;
+ dochecksrv = false;
+ break;
+
+ case '?':
+ if (isc_commandline_option != '?') {
+ fprintf(stderr, "%s: invalid argument -%c\n",
+ program, isc_commandline_option);
+ }
+ FALLTHROUGH;
+ case 'h':
+ usage();
+
+ default:
+ fprintf(stderr, "%s: unhandled option -%c\n", program,
+ isc_commandline_option);
+ exit(1);
+ }
+ }
+
+ if (((flags & CFG_PRINTER_XKEY) != 0) && !print) {
+ fprintf(stderr, "%s: -x cannot be used without -p\n", program);
+ exit(1);
+ }
+ if (print && list_zones) {
+ fprintf(stderr, "%s: -l cannot be used with -p\n", program);
+ exit(1);
+ }
+
+ if (isc_commandline_index + 1 < argc) {
+ usage();
+ }
+ if (argv[isc_commandline_index] != NULL) {
+ conffile = argv[isc_commandline_index];
+ }
+ if (conffile == NULL || conffile[0] == '\0') {
+ conffile = NAMED_CONFFILE;
+ }
+
+#ifdef _WIN32
+ InitSockets();
+#endif /* ifdef _WIN32 */
+
+ RUNTIME_CHECK(setup_logging(mctx, stdout, &logc) == ISC_R_SUCCESS);
+
+ dns_result_register();
+
+ RUNTIME_CHECK(cfg_parser_create(mctx, logc, &parser) == ISC_R_SUCCESS);
+
+ if (nodeprecate) {
+ cfg_parser_setflags(parser, CFG_PCTX_NODEPRECATED, true);
+ }
+ cfg_parser_setcallback(parser, directory_callback, NULL);
+
+ if (cfg_parse_file(parser, conffile, &cfg_type_namedconf, &config) !=
+ ISC_R_SUCCESS)
+ {
+ exit(1);
+ }
+
+ result = bind9_check_namedconf(config, loadplugins, logc, mctx);
+ if (result != ISC_R_SUCCESS) {
+ exit_status = 1;
+ }
+
+ if (result == ISC_R_SUCCESS && (load_zones || list_zones)) {
+ result = load_zones_fromconfig(config, mctx, list_zones);
+ if (result != ISC_R_SUCCESS) {
+ exit_status = 1;
+ }
+ }
+
+ if (print && exit_status == 0) {
+ cfg_printx(config, flags, output, NULL);
+ }
+ cfg_obj_destroy(parser, &config);
+
+ cfg_parser_destroy(&parser);
+
+ isc_log_destroy(&logc);
+
+ isc_mem_destroy(&mctx);
+
+#ifdef _WIN32
+ DestroySockets();
+#endif /* ifdef _WIN32 */
+
+ return (exit_status);
+}
diff --git a/bin/check/named-checkconf.rst b/bin/check/named-checkconf.rst
new file mode 100644
index 0000000..3cb7d74
--- /dev/null
+++ b/bin/check/named-checkconf.rst
@@ -0,0 +1,95 @@
+.. Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+..
+.. SPDX-License-Identifier: MPL-2.0
+..
+.. This Source Code Form is subject to the terms of the Mozilla Public
+.. License, v. 2.0. If a copy of the MPL was not distributed with this
+.. file, you can obtain one at https://mozilla.org/MPL/2.0/.
+..
+.. See the COPYRIGHT file distributed with this work for additional
+.. information regarding copyright ownership.
+
+.. highlight: console
+
+.. _man_named-checkconf:
+
+named-checkconf - named configuration file syntax checking tool
+---------------------------------------------------------------
+
+Synopsis
+~~~~~~~~
+
+:program:`named-checkconf` [**-chjlvz**] [**-p** [**-x** ]] [**-t** directory] {filename}
+
+Description
+~~~~~~~~~~~
+
+``named-checkconf`` checks the syntax, but not the semantics, of a
+``named`` configuration file. The file, along with all files included by it, is parsed and checked for syntax
+errors. If no file is specified,
+``/etc/named.conf`` is read by default.
+
+Note: files that ``named`` reads in separate parser contexts, such as
+``rndc.key`` and ``bind.keys``, are not automatically read by
+``named-checkconf``. Configuration errors in these files may cause
+``named`` to fail to run, even if ``named-checkconf`` was successful.
+However, ``named-checkconf`` can be run on these files explicitly.
+
+Options
+~~~~~~~
+
+``-h``
+ This option prints the usage summary and exits.
+
+``-j``
+ When loading a zonefile, this option instructs ``named`` to read the journal if it exists.
+
+``-l``
+ This option lists all the configured zones. Each line of output contains the zone
+ name, class (e.g. IN), view, and type (e.g. primary or secondary).
+
+``-c``
+ This option specifies that only the "core" configuration should be checked. This suppresses the loading of
+ plugin modules, and causes all parameters to ``plugin`` statements to
+ be ignored.
+
+``-i``
+ This option ignores warnings on deprecated options.
+
+``-p``
+ This option prints out the ``named.conf`` and included files in canonical form if
+ no errors were detected. See also the ``-x`` option.
+
+``-t directory``
+ This option instructs ``named`` to chroot to ``directory``, so that ``include`` directives in the
+ configuration file are processed as if run by a similarly chrooted
+ ``named``.
+
+``-v``
+ This option prints the version of the ``named-checkconf`` program and exits.
+
+``-x``
+ When printing the configuration files in canonical form, this option obscures
+ shared secrets by replacing them with strings of question marks
+ (``?``). This allows the contents of ``named.conf`` and related files
+ to be shared - for example, when submitting bug reports -
+ without compromising private data. This option cannot be used without
+ ``-p``.
+
+``-z``
+ This option performs a test load of all zones of type ``primary`` found in ``named.conf``.
+
+``filename``
+ This indicates the name of the configuration file to be checked. If not specified,
+ it defaults to ``/etc/named.conf``.
+
+Return Values
+~~~~~~~~~~~~~
+
+``named-checkconf`` returns an exit status of 1 if errors were detected
+and 0 otherwise.
+
+See Also
+~~~~~~~~
+
+:manpage:`named(8)`, :manpage:`named-checkzone(8)`, BIND 9 Administrator Reference Manual.
diff --git a/bin/check/named-checkzone.c b/bin/check/named-checkzone.c
new file mode 100644
index 0000000..6a63a1f
--- /dev/null
+++ b/bin/check/named-checkzone.c
@@ -0,0 +1,569 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * SPDX-License-Identifier: MPL-2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+/*! \file */
+
+#include <inttypes.h>
+#include <stdbool.h>
+#include <stdlib.h>
+
+#include <isc/app.h>
+#include <isc/commandline.h>
+#include <isc/dir.h>
+#include <isc/hash.h>
+#include <isc/log.h>
+#include <isc/mem.h>
+#include <isc/print.h>
+#include <isc/socket.h>
+#include <isc/string.h>
+#include <isc/task.h>
+#include <isc/timer.h>
+#include <isc/util.h>
+
+#include <dns/db.h>
+#include <dns/fixedname.h>
+#include <dns/log.h>
+#include <dns/master.h>
+#include <dns/masterdump.h>
+#include <dns/name.h>
+#include <dns/rdataclass.h>
+#include <dns/rdataset.h>
+#include <dns/result.h>
+#include <dns/types.h>
+#include <dns/zone.h>
+
+#include "check-tool.h"
+
+static int quiet = 0;
+static isc_mem_t *mctx = NULL;
+dns_zone_t *zone = NULL;
+dns_zonetype_t zonetype = dns_zone_primary;
+static int dumpzone = 0;
+static const char *output_filename;
+static const char *prog_name = NULL;
+static const dns_master_style_t *outputstyle = NULL;
+static enum { progmode_check, progmode_compile } progmode;
+
+#define ERRRET(result, function) \
+ do { \
+ if (result != ISC_R_SUCCESS) { \
+ if (!quiet) \
+ fprintf(stderr, "%s() returned %s\n", \
+ function, dns_result_totext(result)); \
+ return (result); \
+ } \
+ } while (0)
+
+ISC_PLATFORM_NORETURN_PRE static void
+usage(void) ISC_PLATFORM_NORETURN_POST;
+
+static void
+usage(void) {
+ fprintf(stderr,
+ "usage: %s [-djqvD] [-c class] "
+ "[-f inputformat] [-F outputformat] [-J filename] "
+ "[-s (full|relative)] [-t directory] [-w directory] "
+ "[-k (ignore|warn|fail)] [-m (ignore|warn|fail)] "
+ "[-n (ignore|warn|fail)] [-r (ignore|warn|fail)] "
+ "[-i (full|full-sibling|local|local-sibling|none)] "
+ "[-M (ignore|warn|fail)] [-S (ignore|warn|fail)] "
+ "[-W (ignore|warn)] "
+ "%s zonename filename\n",
+ prog_name,
+ progmode == progmode_check ? "[-o filename]" : "-o filename");
+ exit(1);
+}
+
+static void
+destroy(void) {
+ if (zone != NULL) {
+ dns_zone_detach(&zone);
+ }
+}
+
+/*% main processing routine */
+int
+main(int argc, char **argv) {
+ int c;
+ char *origin = NULL;
+ char *filename = NULL;
+ isc_log_t *lctx = NULL;
+ isc_result_t result;
+ char classname_in[] = "IN";
+ char *classname = classname_in;
+ const char *workdir = NULL;
+ const char *inputformatstr = NULL;
+ const char *outputformatstr = NULL;
+ dns_masterformat_t inputformat = dns_masterformat_text;
+ dns_masterformat_t outputformat = dns_masterformat_text;
+ dns_masterrawheader_t header;
+ uint32_t rawversion = 1, serialnum = 0;
+ dns_ttl_t maxttl = 0;
+ bool snset = false;
+ bool logdump = false;
+ FILE *errout = stdout;
+ char *endp;
+
+ /*
+ * Uncomment the following line if memory debugging is needed:
+ * isc_mem_debugging |= ISC_MEM_DEBUGRECORD;
+ */
+
+ outputstyle = &dns_master_style_full;
+
+ prog_name = strrchr(argv[0], '/');
+ if (prog_name == NULL) {
+ prog_name = strrchr(argv[0], '\\');
+ }
+ if (prog_name != NULL) {
+ prog_name++;
+ } else {
+ prog_name = argv[0];
+ }
+ /*
+ * Libtool doesn't preserve the program name prior to final
+ * installation. Remove the libtool prefix ("lt-").
+ */
+ if (strncmp(prog_name, "lt-", 3) == 0) {
+ prog_name += 3;
+ }
+
+#define PROGCMP(X) \
+ (strcasecmp(prog_name, X) == 0 || strcasecmp(prog_name, X ".exe") == 0)
+
+ if (PROGCMP("named-checkzone")) {
+ progmode = progmode_check;
+ } else if (PROGCMP("named-compilezone")) {
+ progmode = progmode_compile;
+ } else {
+ UNREACHABLE();
+ }
+
+ /* Compilation specific defaults */
+ if (progmode == progmode_compile) {
+ zone_options |= (DNS_ZONEOPT_CHECKNS | DNS_ZONEOPT_FATALNS |
+ DNS_ZONEOPT_CHECKSPF | DNS_ZONEOPT_CHECKDUPRR |
+ DNS_ZONEOPT_CHECKNAMES |
+ DNS_ZONEOPT_CHECKNAMESFAIL |
+ DNS_ZONEOPT_CHECKWILDCARD);
+ } else {
+ zone_options |= (DNS_ZONEOPT_CHECKDUPRR | DNS_ZONEOPT_CHECKSPF);
+ }
+
+#define ARGCMP(X) (strcmp(isc_commandline_argument, X) == 0)
+
+ isc_commandline_errprint = false;
+
+ while ((c = isc_commandline_parse(argc, argv,
+ "c:df:hi:jJ:k:L:l:m:n:qr:s:t:o:vw:DF:"
+ "M:S:T:W:")) != EOF)
+ {
+ switch (c) {
+ case 'c':
+ classname = isc_commandline_argument;
+ break;
+
+ case 'd':
+ debug++;
+ break;
+
+ case 'i':
+ if (ARGCMP("full")) {
+ zone_options |= DNS_ZONEOPT_CHECKINTEGRITY |
+ DNS_ZONEOPT_CHECKSIBLING;
+ docheckmx = true;
+ docheckns = true;
+ dochecksrv = true;
+ } else if (ARGCMP("full-sibling")) {
+ zone_options |= DNS_ZONEOPT_CHECKINTEGRITY;
+ zone_options &= ~DNS_ZONEOPT_CHECKSIBLING;
+ docheckmx = true;
+ docheckns = true;
+ dochecksrv = true;
+ } else if (ARGCMP("local")) {
+ zone_options |= DNS_ZONEOPT_CHECKINTEGRITY;
+ zone_options |= DNS_ZONEOPT_CHECKSIBLING;
+ docheckmx = false;
+ docheckns = false;
+ dochecksrv = false;
+ } else if (ARGCMP("local-sibling")) {
+ zone_options |= DNS_ZONEOPT_CHECKINTEGRITY;
+ zone_options &= ~DNS_ZONEOPT_CHECKSIBLING;
+ docheckmx = false;
+ docheckns = false;
+ dochecksrv = false;
+ } else if (ARGCMP("none")) {
+ zone_options &= ~DNS_ZONEOPT_CHECKINTEGRITY;
+ zone_options &= ~DNS_ZONEOPT_CHECKSIBLING;
+ docheckmx = false;
+ docheckns = false;
+ dochecksrv = false;
+ } else {
+ fprintf(stderr, "invalid argument to -i: %s\n",
+ isc_commandline_argument);
+ exit(1);
+ }
+ break;
+
+ case 'f':
+ inputformatstr = isc_commandline_argument;
+ break;
+
+ case 'F':
+ outputformatstr = isc_commandline_argument;
+ break;
+
+ case 'j':
+ nomerge = false;
+ break;
+
+ case 'J':
+ journal = isc_commandline_argument;
+ nomerge = false;
+ break;
+
+ case 'k':
+ if (ARGCMP("warn")) {
+ zone_options |= DNS_ZONEOPT_CHECKNAMES;
+ zone_options &= ~DNS_ZONEOPT_CHECKNAMESFAIL;
+ } else if (ARGCMP("fail")) {
+ zone_options |= DNS_ZONEOPT_CHECKNAMES |
+ DNS_ZONEOPT_CHECKNAMESFAIL;
+ } else if (ARGCMP("ignore")) {
+ zone_options &= ~(DNS_ZONEOPT_CHECKNAMES |
+ DNS_ZONEOPT_CHECKNAMESFAIL);
+ } else {
+ fprintf(stderr, "invalid argument to -k: %s\n",
+ isc_commandline_argument);
+ exit(1);
+ }
+ break;
+
+ case 'L':
+ snset = true;
+ endp = NULL;
+ serialnum = strtol(isc_commandline_argument, &endp, 0);
+ if (*endp != '\0') {
+ fprintf(stderr, "source serial number "
+ "must be numeric");
+ exit(1);
+ }
+ break;
+
+ case 'l':
+ zone_options |= DNS_ZONEOPT_CHECKTTL;
+ endp = NULL;
+ maxttl = strtol(isc_commandline_argument, &endp, 0);
+ if (*endp != '\0') {
+ fprintf(stderr, "maximum TTL "
+ "must be numeric");
+ exit(1);
+ }
+ break;
+
+ case 'n':
+ if (ARGCMP("ignore")) {
+ zone_options &= ~(DNS_ZONEOPT_CHECKNS |
+ DNS_ZONEOPT_FATALNS);
+ } else if (ARGCMP("warn")) {
+ zone_options |= DNS_ZONEOPT_CHECKNS;
+ zone_options &= ~DNS_ZONEOPT_FATALNS;
+ } else if (ARGCMP("fail")) {
+ zone_options |= DNS_ZONEOPT_CHECKNS |
+ DNS_ZONEOPT_FATALNS;
+ } else {
+ fprintf(stderr, "invalid argument to -n: %s\n",
+ isc_commandline_argument);
+ exit(1);
+ }
+ break;
+
+ case 'm':
+ if (ARGCMP("warn")) {
+ zone_options |= DNS_ZONEOPT_CHECKMX;
+ zone_options &= ~DNS_ZONEOPT_CHECKMXFAIL;
+ } else if (ARGCMP("fail")) {
+ zone_options |= DNS_ZONEOPT_CHECKMX |
+ DNS_ZONEOPT_CHECKMXFAIL;
+ } else if (ARGCMP("ignore")) {
+ zone_options &= ~(DNS_ZONEOPT_CHECKMX |
+ DNS_ZONEOPT_CHECKMXFAIL);
+ } else {
+ fprintf(stderr, "invalid argument to -m: %s\n",
+ isc_commandline_argument);
+ exit(1);
+ }
+ break;
+
+ case 'o':
+ output_filename = isc_commandline_argument;
+ break;
+
+ case 'q':
+ quiet++;
+ break;
+
+ case 'r':
+ if (ARGCMP("warn")) {
+ zone_options |= DNS_ZONEOPT_CHECKDUPRR;
+ zone_options &= ~DNS_ZONEOPT_CHECKDUPRRFAIL;
+ } else if (ARGCMP("fail")) {
+ zone_options |= DNS_ZONEOPT_CHECKDUPRR |
+ DNS_ZONEOPT_CHECKDUPRRFAIL;
+ } else if (ARGCMP("ignore")) {
+ zone_options &= ~(DNS_ZONEOPT_CHECKDUPRR |
+ DNS_ZONEOPT_CHECKDUPRRFAIL);
+ } else {
+ fprintf(stderr, "invalid argument to -r: %s\n",
+ isc_commandline_argument);
+ exit(1);
+ }
+ break;
+
+ case 's':
+ if (ARGCMP("full")) {
+ outputstyle = &dns_master_style_full;
+ } else if (ARGCMP("relative")) {
+ outputstyle = &dns_master_style_default;
+ } else {
+ fprintf(stderr,
+ "unknown or unsupported style: %s\n",
+ isc_commandline_argument);
+ exit(1);
+ }
+ break;
+
+ case 't':
+ result = isc_dir_chroot(isc_commandline_argument);
+ if (result != ISC_R_SUCCESS) {
+ fprintf(stderr, "isc_dir_chroot: %s: %s\n",
+ isc_commandline_argument,
+ isc_result_totext(result));
+ exit(1);
+ }
+ break;
+
+ case 'v':
+ printf(VERSION "\n");
+ exit(0);
+
+ case 'w':
+ workdir = isc_commandline_argument;
+ break;
+
+ case 'D':
+ dumpzone++;
+ break;
+
+ case 'M':
+ if (ARGCMP("fail")) {
+ zone_options &= ~DNS_ZONEOPT_WARNMXCNAME;
+ zone_options &= ~DNS_ZONEOPT_IGNOREMXCNAME;
+ } else if (ARGCMP("warn")) {
+ zone_options |= DNS_ZONEOPT_WARNMXCNAME;
+ zone_options &= ~DNS_ZONEOPT_IGNOREMXCNAME;
+ } else if (ARGCMP("ignore")) {
+ zone_options |= DNS_ZONEOPT_WARNMXCNAME;
+ zone_options |= DNS_ZONEOPT_IGNOREMXCNAME;
+ } else {
+ fprintf(stderr, "invalid argument to -M: %s\n",
+ isc_commandline_argument);
+ exit(1);
+ }
+ break;
+
+ case 'S':
+ if (ARGCMP("fail")) {
+ zone_options &= ~DNS_ZONEOPT_WARNSRVCNAME;
+ zone_options &= ~DNS_ZONEOPT_IGNORESRVCNAME;
+ } else if (ARGCMP("warn")) {
+ zone_options |= DNS_ZONEOPT_WARNSRVCNAME;
+ zone_options &= ~DNS_ZONEOPT_IGNORESRVCNAME;
+ } else if (ARGCMP("ignore")) {
+ zone_options |= DNS_ZONEOPT_WARNSRVCNAME;
+ zone_options |= DNS_ZONEOPT_IGNORESRVCNAME;
+ } else {
+ fprintf(stderr, "invalid argument to -S: %s\n",
+ isc_commandline_argument);
+ exit(1);
+ }
+ break;
+
+ case 'T':
+ if (ARGCMP("warn")) {
+ zone_options |= DNS_ZONEOPT_CHECKSPF;
+ } else if (ARGCMP("ignore")) {
+ zone_options &= ~DNS_ZONEOPT_CHECKSPF;
+ } else {
+ fprintf(stderr, "invalid argument to -T: %s\n",
+ isc_commandline_argument);
+ exit(1);
+ }
+ break;
+
+ case 'W':
+ if (ARGCMP("warn")) {
+ zone_options |= DNS_ZONEOPT_CHECKWILDCARD;
+ } else if (ARGCMP("ignore")) {
+ zone_options &= ~DNS_ZONEOPT_CHECKWILDCARD;
+ }
+ break;
+
+ case '?':
+ if (isc_commandline_option != '?') {
+ fprintf(stderr, "%s: invalid argument -%c\n",
+ prog_name, isc_commandline_option);
+ }
+ FALLTHROUGH;
+ case 'h':
+ usage();
+
+ default:
+ fprintf(stderr, "%s: unhandled option -%c\n", prog_name,
+ isc_commandline_option);
+ exit(1);
+ }
+ }
+
+ if (workdir != NULL) {
+ result = isc_dir_chdir(workdir);
+ if (result != ISC_R_SUCCESS) {
+ fprintf(stderr, "isc_dir_chdir: %s: %s\n", workdir,
+ isc_result_totext(result));
+ exit(1);
+ }
+ }
+
+ if (inputformatstr != NULL) {
+ if (strcasecmp(inputformatstr, "text") == 0) {
+ inputformat = dns_masterformat_text;
+ } else if (strcasecmp(inputformatstr, "raw") == 0) {
+ inputformat = dns_masterformat_raw;
+ } else if (strncasecmp(inputformatstr, "raw=", 4) == 0) {
+ inputformat = dns_masterformat_raw;
+ fprintf(stderr, "WARNING: input format raw, version "
+ "ignored\n");
+ } else if (strcasecmp(inputformatstr, "map") == 0) {
+ inputformat = dns_masterformat_map;
+ } else {
+ fprintf(stderr, "unknown file format: %s\n",
+ inputformatstr);
+ exit(1);
+ }
+ }
+
+ if (outputformatstr != NULL) {
+ if (strcasecmp(outputformatstr, "text") == 0) {
+ outputformat = dns_masterformat_text;
+ } else if (strcasecmp(outputformatstr, "raw") == 0) {
+ outputformat = dns_masterformat_raw;
+ } else if (strncasecmp(outputformatstr, "raw=", 4) == 0) {
+ char *end;
+
+ outputformat = dns_masterformat_raw;
+ rawversion = strtol(outputformatstr + 4, &end, 10);
+ if (end == outputformatstr + 4 || *end != '\0' ||
+ rawversion > 1U)
+ {
+ fprintf(stderr, "unknown raw format version\n");
+ exit(1);
+ }
+ } else if (strcasecmp(outputformatstr, "map") == 0) {
+ outputformat = dns_masterformat_map;
+ } else {
+ fprintf(stderr, "unknown file format: %s\n",
+ outputformatstr);
+ exit(1);
+ }
+ }
+
+ if (progmode == progmode_compile) {
+ dumpzone = 1; /* always dump */
+ logdump = !quiet;
+ if (output_filename == NULL) {
+ fprintf(stderr, "output file required, but not "
+ "specified\n");
+ usage();
+ }
+ }
+
+ if (output_filename != NULL) {
+ dumpzone = 1;
+ }
+
+ /*
+ * If we are printing to stdout then send the informational
+ * output to stderr.
+ */
+ if (dumpzone &&
+ (output_filename == NULL || strcmp(output_filename, "-") == 0 ||
+ strcmp(output_filename, "/dev/fd/1") == 0 ||
+ strcmp(output_filename, "/dev/stdout") == 0))
+ {
+ errout = stderr;
+ logdump = false;
+ }
+
+ if (isc_commandline_index + 2 != argc) {
+ usage();
+ }
+
+#ifdef _WIN32
+ InitSockets();
+#endif /* ifdef _WIN32 */
+
+ isc_mem_create(&mctx);
+ if (!quiet) {
+ RUNTIME_CHECK(setup_logging(mctx, errout, &lctx) ==
+ ISC_R_SUCCESS);
+ }
+
+ dns_result_register();
+
+ origin = argv[isc_commandline_index++];
+ filename = argv[isc_commandline_index++];
+ result = load_zone(mctx, origin, filename, inputformat, classname,
+ maxttl, &zone);
+
+ if (snset) {
+ dns_master_initrawheader(&header);
+ header.flags = DNS_MASTERRAW_SOURCESERIALSET;
+ header.sourceserial = serialnum;
+ dns_zone_setrawdata(zone, &header);
+ }
+
+ if (result == ISC_R_SUCCESS && dumpzone) {
+ if (logdump) {
+ fprintf(errout, "dump zone to %s...", output_filename);
+ fflush(errout);
+ }
+ result = dump_zone(origin, zone, output_filename, outputformat,
+ outputstyle, rawversion);
+ if (logdump) {
+ fprintf(errout, "done\n");
+ }
+ }
+
+ if (!quiet && result == ISC_R_SUCCESS) {
+ fprintf(errout, "OK\n");
+ }
+ destroy();
+ if (lctx != NULL) {
+ isc_log_destroy(&lctx);
+ }
+ isc_mem_destroy(&mctx);
+#ifdef _WIN32
+ DestroySockets();
+#endif /* ifdef _WIN32 */
+ return ((result == ISC_R_SUCCESS) ? 0 : 1);
+}
diff --git a/bin/check/named-checkzone.rst b/bin/check/named-checkzone.rst
new file mode 100644
index 0000000..dae72dc
--- /dev/null
+++ b/bin/check/named-checkzone.rst
@@ -0,0 +1,193 @@
+.. Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+..
+.. SPDX-License-Identifier: MPL-2.0
+..
+.. This Source Code Form is subject to the terms of the Mozilla Public
+.. License, v. 2.0. If a copy of the MPL was not distributed with this
+.. file, you can obtain one at https://mozilla.org/MPL/2.0/.
+..
+.. See the COPYRIGHT file distributed with this work for additional
+.. information regarding copyright ownership.
+
+.. highlight: console
+
+.. BEWARE: Do not forget to edit also named-compilezone.rst!
+
+.. _man_named-checkzone:
+
+named-checkzone - zone file validation tool
+-------------------------------------------
+
+Synopsis
+~~~~~~~~
+
+:program:`named-checkzone` [**-d**] [**-h**] [**-j**] [**-q**] [**-v**] [**-c** class] [**-f** format] [**-F** format] [**-J** filename] [**-i** mode] [**-k** mode] [**-m** mode] [**-M** mode] [**-n** mode] [**-l** ttl] [**-L** serial] [**-o** filename] [**-r** mode] [**-s** style] [**-S** mode] [**-t** directory] [**-T** mode] [**-w** directory] [**-D**] [**-W** mode] {zonename} {filename}
+
+Description
+~~~~~~~~~~~
+
+``named-checkzone`` checks the syntax and integrity of a zone file. It
+performs the same checks as ``named`` does when loading a zone. This
+makes ``named-checkzone`` useful for checking zone files before
+configuring them into a name server.
+
+Options
+~~~~~~~
+
+``-d``
+ This option enables debugging.
+
+``-h``
+ This option prints the usage summary and exits.
+
+``-q``
+ This option sets quiet mode, which only sets an exit code to indicate
+ successful or failed completion.
+
+``-v``
+ This option prints the version of the ``named-checkzone`` program and exits.
+
+``-j``
+ When loading a zone file, this option tells ``named`` to read the journal if it exists. The journal
+ file name is assumed to be the zone file name with the
+ string ``.jnl`` appended.
+
+``-J filename``
+ When loading the zone file, this option tells ``named`` to read the journal from the given file, if
+ it exists. This implies ``-j``.
+
+``-c class``
+ This option specifies the class of the zone. If not specified, ``IN`` is assumed.
+
+``-i mode``
+ This option performs post-load zone integrity checks. Possible modes are
+ ``full`` (the default), ``full-sibling``, ``local``,
+ ``local-sibling``, and ``none``.
+
+ Mode ``full`` checks that MX records refer to A or AAAA records
+ (both in-zone and out-of-zone hostnames). Mode ``local`` only
+ checks MX records which refer to in-zone hostnames.
+
+ Mode ``full`` checks that SRV records refer to A or AAAA records
+ (both in-zone and out-of-zone hostnames). Mode ``local`` only
+ checks SRV records which refer to in-zone hostnames.
+
+ Mode ``full`` checks that delegation NS records refer to A or AAAA
+ records (both in-zone and out-of-zone hostnames). It also checks that
+ glue address records in the zone match those advertised by the child.
+ Mode ``local`` only checks NS records which refer to in-zone
+ hostnames or verifies that some required glue exists, i.e., when the
+ name server is in a child zone.
+
+ Modes ``full-sibling`` and ``local-sibling`` disable sibling glue
+ checks, but are otherwise the same as ``full`` and ``local``,
+ respectively.
+
+ Mode ``none`` disables the checks.
+
+``-f format``
+ This option specifies the format of the zone file. Possible formats are
+ ``text`` (the default), ``raw``, and ``map``.
+
+``-F format``
+ This option specifies the format of the output file specified. For
+ ``named-checkzone``, this does not have any effect unless it dumps
+ the zone contents.
+
+ Possible formats are ``text`` (the default), which is the standard
+ textual representation of the zone, and ``map``, ``raw``, and ``raw=N``, which
+ store the zone in a binary format for rapid loading by ``named``.
+ ``raw=N`` specifies the format version of the raw zone file: if ``N`` is
+ 0, the raw file can be read by any version of ``named``; if N is 1, the
+ file can only be read by release 9.9.0 or higher. The default is 1.
+
+``-k mode``
+ This option performs ``check-names`` checks with the specified failure mode.
+ Possible modes are ``fail``, ``warn`` (the default), and ``ignore``.
+
+``-l ttl``
+ This option sets a maximum permissible TTL for the input file. Any record with a
+ TTL higher than this value causes the zone to be rejected. This
+ is similar to using the ``max-zone-ttl`` option in ``named.conf``.
+
+``-L serial``
+ When compiling a zone to ``raw`` or ``map`` format, this option sets the "source
+ serial" value in the header to the specified serial number. This is
+ expected to be used primarily for testing purposes.
+
+``-m mode``
+ This option specifies whether MX records should be checked to see if they are
+ addresses. Possible modes are ``fail``, ``warn`` (the default), and
+ ``ignore``.
+
+``-M mode``
+ This option checks whether a MX record refers to a CNAME. Possible modes are
+ ``fail``, ``warn`` (the default), and ``ignore``.
+
+``-n mode``
+ This option specifies whether NS records should be checked to see if they are
+ addresses. Possible modes are ``fail``, ``warn`` (the default), and ``ignore``.
+
+``-o filename``
+ This option writes the zone output to ``filename``. If ``filename`` is ``-``, then
+ the zone output is written to standard output.
+
+``-r mode``
+ This option checks for records that are treated as different by DNSSEC but are
+ semantically equal in plain DNS. Possible modes are ``fail``,
+ ``warn`` (the default), and ``ignore``.
+
+``-s style``
+ This option specifies the style of the dumped zone file. Possible styles are
+ ``full`` (the default) and ``relative``. The ``full`` format is most
+ suitable for processing automatically by a separate script.
+ The relative format is more human-readable and is thus
+ suitable for editing by hand. This does not have any effect unless it dumps
+ the zone contents. It also does not have any meaning if the output format
+ is not text.
+
+``-S mode``
+ This option checks whether an SRV record refers to a CNAME. Possible modes are
+ ``fail``, ``warn`` (the default), and ``ignore``.
+
+``-t directory``
+ This option tells ``named`` to chroot to ``directory``, so that ``include`` directives in the
+ configuration file are processed as if run by a similarly chrooted
+ ``named``.
+
+``-T mode``
+ This option checks whether Sender Policy Framework (SPF) records exist and issues a
+ warning if an SPF-formatted TXT record is not also present. Possible
+ modes are ``warn`` (the default) and ``ignore``.
+
+``-w directory``
+ This option instructs ``named`` to chdir to ``directory``, so that relative filenames in master file
+ ``$INCLUDE`` directives work. This is similar to the directory clause in
+ ``named.conf``.
+
+``-D``
+ This option dumps the zone file in canonical format.
+
+``-W mode``
+ This option specifies whether to check for non-terminal wildcards. Non-terminal
+ wildcards are almost always the result of a failure to understand the
+ wildcard matching algorithm (:rfc:`4592`). Possible modes are ``warn``
+ (the default) and ``ignore``.
+
+``zonename``
+ This indicates the domain name of the zone being checked.
+
+``filename``
+ This is the name of the zone file.
+
+Return Values
+~~~~~~~~~~~~~
+
+``named-checkzone`` returns an exit status of 1 if errors were detected
+and 0 otherwise.
+
+See Also
+~~~~~~~~
+
+:manpage:`named(8)`, :manpage:`named-checkconf(8)`, :manpage:`named-compilezone(8)`,
+:rfc:`1035`, BIND 9 Administrator Reference Manual.
diff --git a/bin/check/named-compilezone.rst b/bin/check/named-compilezone.rst
new file mode 100644
index 0000000..e56d264
--- /dev/null
+++ b/bin/check/named-compilezone.rst
@@ -0,0 +1,195 @@
+.. Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+..
+.. SPDX-License-Identifier: MPL-2.0
+..
+.. This Source Code Form is subject to the terms of the Mozilla Public
+.. License, v. 2.0. If a copy of the MPL was not distributed with this
+.. file, you can obtain one at https://mozilla.org/MPL/2.0/.
+..
+.. See the COPYRIGHT file distributed with this work for additional
+.. information regarding copyright ownership.
+
+.. highlight: console
+
+.. BEWARE: Do not forget to edit also named-checkzone.rst!
+
+.. _man_named-compilezone:
+
+named-compilezone - zone file converting tool
+---------------------------------------------
+
+Synopsis
+~~~~~~~~
+
+:program:`named-compilezone` [**-d**] [**-h**] [**-j**] [**-q**] [**-v**] [**-c** class] [**-f** format] [**-F** format] [**-J** filename] [**-i** mode] [**-k** mode] [**-m** mode] [**-M** mode] [**-n** mode] [**-l** ttl] [**-L** serial] [**-r** mode] [**-s** style] [**-S** mode] [**-t** directory] [**-T** mode] [**-w** directory] [**-D**] [**-W** mode] {**-o** filename} {zonename} {filename}
+
+Description
+~~~~~~~~~~~
+
+``named-compilezone`` checks the syntax and integrity of a zone file,
+and dumps the zone contents to a specified file in a specified format.
+It applies strict check levels by default, since the
+dump output is used as an actual zone file loaded by ``named``.
+When manually specified otherwise, the check levels must at least be as
+strict as those specified in the ``named`` configuration file.
+
+Options
+~~~~~~~
+
+``-d``
+ This option enables debugging.
+
+``-h``
+ This option prints the usage summary and exits.
+
+``-q``
+ This option sets quiet mode, which only sets an exit code to indicate
+ successful or failed completion.
+
+``-v``
+ This option prints the version of the ``named-checkzone`` program and exits.
+
+``-j``
+ When loading a zone file, this option tells ``named`` to read the journal if it exists. The journal
+ file name is assumed to be the zone file name with the
+ string ``.jnl`` appended.
+
+``-J filename``
+ When loading the zone file, this option tells ``named`` to read the journal from the given file, if
+ it exists. This implies ``-j``.
+
+``-c class``
+ This option specifies the class of the zone. If not specified, ``IN`` is assumed.
+
+``-i mode``
+ This option performs post-load zone integrity checks. Possible modes are
+ ``full`` (the default), ``full-sibling``, ``local``,
+ ``local-sibling``, and ``none``.
+
+ Mode ``full`` checks that MX records refer to A or AAAA records
+ (both in-zone and out-of-zone hostnames). Mode ``local`` only
+ checks MX records which refer to in-zone hostnames.
+
+ Mode ``full`` checks that SRV records refer to A or AAAA records
+ (both in-zone and out-of-zone hostnames). Mode ``local`` only
+ checks SRV records which refer to in-zone hostnames.
+
+ Mode ``full`` checks that delegation NS records refer to A or AAAA
+ records (both in-zone and out-of-zone hostnames). It also checks that
+ glue address records in the zone match those advertised by the child.
+ Mode ``local`` only checks NS records which refer to in-zone
+ hostnames or verifies that some required glue exists, i.e., when the
+ name server is in a child zone.
+
+ Modes ``full-sibling`` and ``local-sibling`` disable sibling glue
+ checks, but are otherwise the same as ``full`` and ``local``,
+ respectively.
+
+ Mode ``none`` disables the checks.
+
+``-f format``
+ This option specifies the format of the zone file. Possible formats are
+ ``text`` (the default), ``raw``, and ``map``.
+
+``-F format``
+ This option specifies the format of the output file specified. For
+ ``named-checkzone``, this does not have any effect unless it dumps
+ the zone contents.
+
+ Possible formats are ``text`` (the default), which is the standard
+ textual representation of the zone, and ``map``, ``raw``, and ``raw=N``, which
+ store the zone in a binary format for rapid loading by ``named``.
+ ``raw=N`` specifies the format version of the raw zone file: if ``N`` is
+ 0, the raw file can be read by any version of ``named``; if N is 1, the
+ file can only be read by release 9.9.0 or higher. The default is 1.
+
+``-k mode``
+ This option performs ``check-names`` checks with the specified failure mode.
+ Possible modes are ``fail`` (the default), ``warn``, and ``ignore``.
+
+``-l ttl``
+ This option sets a maximum permissible TTL for the input file. Any record with a
+ TTL higher than this value causes the zone to be rejected. This
+ is similar to using the ``max-zone-ttl`` option in ``named.conf``.
+
+``-L serial``
+ When compiling a zone to ``raw`` or ``map`` format, this option sets the "source
+ serial" value in the header to the specified serial number. This is
+ expected to be used primarily for testing purposes.
+
+``-m mode``
+ This option specifies whether MX records should be checked to see if they are
+ addresses. Possible modes are ``fail``, ``warn`` (the default), and
+ ``ignore``.
+
+``-M mode``
+ This option checks whether a MX record refers to a CNAME. Possible modes are
+ ``fail``, ``warn`` (the default), and ``ignore``.
+
+``-n mode``
+ This option specifies whether NS records should be checked to see if they are
+ addresses. Possible modes are ``fail`` (the default), ``warn``, and
+ ``ignore``.
+
+``-o filename``
+ This option writes the zone output to ``filename``. If ``filename`` is ``-``, then
+ the zone output is written to standard output. This is mandatory for ``named-compilezone``.
+
+``-r mode``
+ This option checks for records that are treated as different by DNSSEC but are
+ semantically equal in plain DNS. Possible modes are ``fail``,
+ ``warn`` (the default), and ``ignore``.
+
+``-s style``
+ This option specifies the style of the dumped zone file. Possible styles are
+ ``full`` (the default) and ``relative``. The ``full`` format is most
+ suitable for processing automatically by a separate script.
+ The relative format is more human-readable and is thus
+ suitable for editing by hand.
+
+``-S mode``
+ This option checks whether an SRV record refers to a CNAME. Possible modes are
+ ``fail``, ``warn`` (the default), and ``ignore``.
+
+``-t directory``
+ This option tells ``named`` to chroot to ``directory``, so that ``include`` directives in the
+ configuration file are processed as if run by a similarly chrooted
+ ``named``.
+
+``-T mode``
+ This option checks whether Sender Policy Framework (SPF) records exist and issues a
+ warning if an SPF-formatted TXT record is not also present. Possible
+ modes are ``warn`` (the default) and ``ignore``.
+
+``-w directory``
+ This option instructs ``named`` to chdir to ``directory``, so that relative filenames in master file
+ ``$INCLUDE`` directives work. This is similar to the directory clause in
+ ``named.conf``.
+
+``-D``
+ This option dumps the zone file in canonical format. This is always enabled for
+ ``named-compilezone``.
+
+``-W mode``
+ This option specifies whether to check for non-terminal wildcards. Non-terminal
+ wildcards are almost always the result of a failure to understand the
+ wildcard matching algorithm (:rfc:`4592`). Possible modes are ``warn``
+ (the default) and ``ignore``.
+
+``zonename``
+ This indicates the domain name of the zone being checked.
+
+``filename``
+ This is the name of the zone file.
+
+Return Values
+~~~~~~~~~~~~~
+
+``named-compilezone`` returns an exit status of 1 if errors were detected
+and 0 otherwise.
+
+See Also
+~~~~~~~~
+
+:manpage:`named(8)`, :manpage:`named-checkconf(8)`, :manpage:`named-checkzone(8)`,
+:rfc:`1035`, BIND 9 Administrator Reference Manual.
diff --git a/bin/check/win32/checkconf.vcxproj.filters.in b/bin/check/win32/checkconf.vcxproj.filters.in
new file mode 100644
index 0000000..7d0bc52
--- /dev/null
+++ b/bin/check/win32/checkconf.vcxproj.filters.in
@@ -0,0 +1,27 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+ <ItemGroup>
+ <Filter Include="Source Files">
+ <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
+ <Extensions>cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
+ </Filter>
+ <Filter Include="Header Files">
+ <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
+ <Extensions>h;hpp;hxx;hm;inl;inc;xsd</Extensions>
+ </Filter>
+ <Filter Include="Resource Files">
+ <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
+ <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
+ </Filter>
+ </ItemGroup>
+ <ItemGroup>
+ <ClInclude Include="..\check-tool.h">
+ <Filter>Header Files</Filter>
+ </ClInclude>
+ </ItemGroup>
+ <ItemGroup>
+ <ClCompile Include="..\named-checkconf.c">
+ <Filter>Source Files</Filter>
+ </ClCompile>
+ </ItemGroup>
+</Project> \ No newline at end of file
diff --git a/bin/check/win32/checkconf.vcxproj.in b/bin/check/win32/checkconf.vcxproj.in
new file mode 100644
index 0000000..1391d5a
--- /dev/null
+++ b/bin/check/win32/checkconf.vcxproj.in
@@ -0,0 +1,124 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" ToolsVersion="@TOOLS_VERSION@" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+ <ItemGroup Label="ProjectConfigurations">
+ <ProjectConfiguration Include="Debug|@PLATFORM@">
+ <Configuration>Debug</Configuration>
+ <Platform>@PLATFORM@</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Release|@PLATFORM@">
+ <Configuration>Release</Configuration>
+ <Platform>@PLATFORM@</Platform>
+ </ProjectConfiguration>
+ </ItemGroup>
+ <PropertyGroup Label="Globals">
+ <ProjectGuid>{03A96113-CB14-43AA-AEB2-48950E3915C5}</ProjectGuid>
+ <Keyword>Win32Proj</Keyword>
+ <RootNamespace>checkconf</RootNamespace>
+ @WINDOWS_TARGET_PLATFORM_VERSION@
+ </PropertyGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <UseDebugLibraries>true</UseDebugLibraries>
+ <CharacterSet>MultiByte</CharacterSet>
+ @PLATFORM_TOOLSET@
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <UseDebugLibraries>false</UseDebugLibraries>
+ <WholeProgramOptimization>true</WholeProgramOptimization>
+ <CharacterSet>MultiByte</CharacterSet>
+ @PLATFORM_TOOLSET@
+ </PropertyGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+ <ImportGroup Label="ExtensionSettings">
+ </ImportGroup>
+ <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <PropertyGroup Label="UserMacros" />
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'">
+ <LinkIncremental>true</LinkIncremental>
+ <OutDir>..\..\..\Build\$(Configuration)\</OutDir>
+ <IntDir>.\$(Configuration)\</IntDir>
+ <IntDirSharingDetected>None</IntDirSharingDetected>
+ <TargetName>named-$(ProjectName)</TargetName>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'">
+ <LinkIncremental>false</LinkIncremental>
+ <OutDir>..\..\..\Build\$(Configuration)\</OutDir>
+ <IntDir>.\$(Configuration)\</IntDir>
+ <IntDirSharingDetected>None</IntDirSharingDetected>
+ <TargetName>named-$(ProjectName)</TargetName>
+ </PropertyGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'">
+ <ClCompile>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <WarningLevel>Level4</WarningLevel>
+ <TreatWarningAsError>false</TreatWarningAsError>
+ <Optimization>Disabled</Optimization>
+ <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <FunctionLevelLinking>true</FunctionLevelLinking>
+ <PrecompiledHeaderOutputFile>.\$(Configuration)\$(ProjectName).pch</PrecompiledHeaderOutputFile>
+ <AssemblerListingLocation>.\$(Configuration)\</AssemblerListingLocation>
+ <ObjectFileName>.\$(Configuration)\</ObjectFileName>
+ <ProgramDataBaseFileName>$(OutDir)$(TargetName).pdb</ProgramDataBaseFileName>
+ <BrowseInformation>true</BrowseInformation>
+ <ForcedIncludeFiles>..\..\..\config.h</ForcedIncludeFiles>
+ <AdditionalIncludeDirectories>.\;..\..\..\;@LIBXML2_INC@@OPENSSL_INC@..\..\..\lib\isc\win32;..\..\..\lib\isc\win32\include;..\..\..\lib\isc\include;..\..\..\lib\dns\include;..\..\..\lib\bind9\include;..\..\..\lib\isccfg\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <CompileAs>CompileAsC</CompileAs>
+ </ClCompile>
+ <Link>
+ <SubSystem>Console</SubSystem>
+ <GenerateDebugInformation>true</GenerateDebugInformation>
+ <OutputFile>..\..\..\Build\$(Configuration)\$(TargetName)$(TargetExt)</OutputFile>
+ <AdditionalLibraryDirectories>$(Configuration);..\..\..\lib\isc\win32\$(Configuration);..\..\..\lib\dns\win32\$(Configuration);..\..\..\lib\isccfg\win32\$(Configuration);..\..\..\lib\isccc\win32\$(Configuration);..\..\..\lib\bind9\win32\$(Configuration);..\..\..\lib\ns\win32\$(Configuration);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
+ <AdditionalDependencies>@OPENSSL_LIBCRYPTO@@OPENSSL_LIBSSL@checktool.lib;libisc.lib;libdns.lib;libisccfg.lib;libisccc.lib;libbind9.lib;libns.lib;ws2_32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+ </Link>
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'">
+ <ClCompile>
+ <WarningLevel>Level1</WarningLevel>
+ <TreatWarningAsError>true</TreatWarningAsError>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <Optimization>MaxSpeed</Optimization>
+ <FunctionLevelLinking>true</FunctionLevelLinking>
+ <IntrinsicFunctions>@INTRINSIC@</IntrinsicFunctions>
+ <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <InlineFunctionExpansion>OnlyExplicitInline</InlineFunctionExpansion>
+ <WholeProgramOptimization>false</WholeProgramOptimization>
+ <StringPooling>true</StringPooling>
+ <PrecompiledHeaderOutputFile>.\$(Configuration)\$(ProjectName).pch</PrecompiledHeaderOutputFile>
+ <AssemblerListingLocation>.\$(Configuration)\</AssemblerListingLocation>
+ <ObjectFileName>.\$(Configuration)\</ObjectFileName>
+ <ProgramDataBaseFileName>$(OutDir)$(TargetName).pdb</ProgramDataBaseFileName>
+ <ForcedIncludeFiles>..\..\..\config.h</ForcedIncludeFiles>
+ <AdditionalIncludeDirectories>.\;..\..\..\;@LIBXML2_INC@@OPENSSL_INC@..\..\..\lib\isc\win32;..\..\..\lib\isc\win32\include;..\..\..\lib\isc\include;..\..\..\lib\dns\include;..\..\..\lib\bind9\include;..\..\..\lib\isccfg\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <CompileAs>CompileAsC</CompileAs>
+ </ClCompile>
+ <Link>
+ <SubSystem>Console</SubSystem>
+ <GenerateDebugInformation>false</GenerateDebugInformation>
+ <EnableCOMDATFolding>true</EnableCOMDATFolding>
+ <OptimizeReferences>true</OptimizeReferences>
+ <OutputFile>..\..\..\Build\$(Configuration)\$(TargetName)$(TargetExt)</OutputFile>
+ <AdditionalLibraryDirectories>$(Configuration);..\..\..\lib\isc\win32\$(Configuration);..\..\..\lib\dns\win32\$(Configuration);..\..\..\lib\isccfg\win32\$(Configuration);..\..\..\lib\isccc\win32\$(Configuration);..\..\..\lib\bind9\win32\$(Configuration);..\..\..\lib\ns\win32\$(Configuration);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
+ <AdditionalDependencies>@OPENSSL_LIBCRYPTO@@OPENSSL_LIBSSL@checktool.lib;libisc.lib;libdns.lib;libisccfg.lib;libisccc.lib;libbind9.lib;libns.lib;ws2_32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+ <LinkTimeCodeGeneration>Default</LinkTimeCodeGeneration>
+ </Link>
+ </ItemDefinitionGroup>
+ <ItemGroup>
+ <ClInclude Include="..\check-tool.h" />
+ </ItemGroup>
+ <ItemGroup>
+ <ClCompile Include="..\named-checkconf.c" />
+ </ItemGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+ <ImportGroup Label="ExtensionTargets">
+ </ImportGroup>
+</Project>
diff --git a/bin/check/win32/checkconf.vcxproj.user b/bin/check/win32/checkconf.vcxproj.user
new file mode 100644
index 0000000..ace9a86
--- /dev/null
+++ b/bin/check/win32/checkconf.vcxproj.user
@@ -0,0 +1,3 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+</Project> \ No newline at end of file
diff --git a/bin/check/win32/checktool.vcxproj.filters.in b/bin/check/win32/checktool.vcxproj.filters.in
new file mode 100644
index 0000000..34fc8c6
--- /dev/null
+++ b/bin/check/win32/checktool.vcxproj.filters.in
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+ <ItemGroup>
+ <Filter Include="Source Files">
+ <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
+ <Extensions>cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
+ </Filter>
+ <Filter Include="Resource Files">
+ <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
+ <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
+ </Filter>
+ </ItemGroup>
+ <ItemGroup>
+ <ClCompile Include="..\check-tool.c">
+ <Filter>Source Files</Filter>
+ </ClCompile>
+ </ItemGroup>
+</Project> \ No newline at end of file
diff --git a/bin/check/win32/checktool.vcxproj.in b/bin/check/win32/checktool.vcxproj.in
new file mode 100644
index 0000000..26c8423
--- /dev/null
+++ b/bin/check/win32/checktool.vcxproj.in
@@ -0,0 +1,110 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" ToolsVersion="@TOOLS_VERSION@" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+ <ItemGroup Label="ProjectConfigurations">
+ <ProjectConfiguration Include="Debug|@PLATFORM@">
+ <Configuration>Debug</Configuration>
+ <Platform>@PLATFORM@</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Release|@PLATFORM@">
+ <Configuration>Release</Configuration>
+ <Platform>@PLATFORM@</Platform>
+ </ProjectConfiguration>
+ </ItemGroup>
+ <ItemGroup>
+ <ClCompile Include="..\check-tool.c" />
+ </ItemGroup>
+ <PropertyGroup Label="Globals">
+ <ProjectGuid>{2C1F7096-C5B5-48D4-846F-A7ACA454335D}</ProjectGuid>
+ <Keyword>Win32Proj</Keyword>
+ <RootNamespace>checktool</RootNamespace>
+ @WINDOWS_TARGET_PLATFORM_VERSION@
+ </PropertyGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'" Label="Configuration">
+ <ConfigurationType>StaticLibrary</ConfigurationType>
+ <UseDebugLibraries>true</UseDebugLibraries>
+ <CharacterSet>MultiByte</CharacterSet>
+ @PLATFORM_TOOLSET@
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'" Label="Configuration">
+ <ConfigurationType>StaticLibrary</ConfigurationType>
+ <UseDebugLibraries>false</UseDebugLibraries>
+ <WholeProgramOptimization>true</WholeProgramOptimization>
+ <CharacterSet>MultiByte</CharacterSet>
+ @PLATFORM_TOOLSET@
+ </PropertyGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+ <ImportGroup Label="ExtensionSettings">
+ </ImportGroup>
+ <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <PropertyGroup Label="UserMacros" />
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'">
+ <OutDir>.\$(Configuration)\</OutDir>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'">
+ <IntDir>.\$(Configuration)\</IntDir>
+ <IntDirSharingDetected>None</IntDirSharingDetected>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'">
+ <OutDir>.\$(Configuration)\</OutDir>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'">
+ <IntDir>.\$(Configuration)\</IntDir>
+ <IntDirSharingDetected>None</IntDirSharingDetected>
+ </PropertyGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'">
+ <ClCompile>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <WarningLevel>Level4</WarningLevel>
+ <TreatWarningAsError>false</TreatWarningAsError>
+ <Optimization>Disabled</Optimization>
+ <PreprocessorDefinitions>WIN32;_DEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <FunctionLevelLinking>true</FunctionLevelLinking>
+ <PrecompiledHeaderOutputFile>.\$(Configuration)\$(TargetName).pch</PrecompiledHeaderOutputFile>
+ <AssemblerListingLocation>.\$(Configuration)\</AssemblerListingLocation>
+ <ObjectFileName>.\$(Configuration)\</ObjectFileName>
+ <ProgramDataBaseFileName>$(OutDir)$(TargetName).pdb</ProgramDataBaseFileName>
+ <BrowseInformation>true</BrowseInformation>
+ <ForcedIncludeFiles>..\..\..\config.h</ForcedIncludeFiles>
+ <AdditionalIncludeDirectories>.\;..\..\..\;@LIBXML2_INC@@OPENSSL_INC@..\include;..\..\..\lib\isc\win32;..\..\..\lib\isc\win32\include;..\..\..\lib\isc\include;..\..\..\lib\isccfg\include;..\..\..\lib\dns\include;..\..\..\lib\ns\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <CompileAs>CompileAsC</CompileAs>
+ </ClCompile>
+ <Lib>
+ <OutputFile>.\$(Configuration)\$(TargetName)$(TargetExt)</OutputFile>
+ </Lib>
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'">
+ <ClCompile>
+ <WarningLevel>Level1</WarningLevel>
+ <TreatWarningAsError>true</TreatWarningAsError>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <Optimization>MaxSpeed</Optimization>
+ <FunctionLevelLinking>true</FunctionLevelLinking>
+ <IntrinsicFunctions>@INTRINSIC@</IntrinsicFunctions>
+ <PreprocessorDefinitions>WIN32;NDEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <InlineFunctionExpansion>OnlyExplicitInline</InlineFunctionExpansion>
+ <WholeProgramOptimization>false</WholeProgramOptimization>
+ <StringPooling>true</StringPooling>
+ <PrecompiledHeaderOutputFile>.\$(Configuration)\$(TargetName).pch</PrecompiledHeaderOutputFile>
+ <AssemblerListingLocation>.\$(Configuration)\</AssemblerListingLocation>
+ <ObjectFileName>.\$(Configuration)\</ObjectFileName>
+ <ProgramDataBaseFileName>$(OutDir)$(TargetName).pdb</ProgramDataBaseFileName>
+ <ForcedIncludeFiles>..\..\..\config.h</ForcedIncludeFiles>
+ <AdditionalIncludeDirectories>.\;..\..\..\;@LIBXML2_INC@@OPENSSL_INC@..\include;..\..\..\lib\isc\win32;..\..\..\lib\isc\win32\include;..\..\..\lib\isc\include;..\..\..\lib\isccfg\include;..\..\..\lib\dns\include;..\..\..\lib\ns\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <CompileAs>CompileAsC</CompileAs>
+ </ClCompile>
+ <Lib>
+ <OutputFile>.\$(Configuration)\$(TargetName)$(TargetExt)</OutputFile>
+ </Lib>
+ </ItemDefinitionGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+ <ImportGroup Label="ExtensionTargets">
+ </ImportGroup>
+</Project>
diff --git a/bin/check/win32/checktool.vcxproj.user b/bin/check/win32/checktool.vcxproj.user
new file mode 100644
index 0000000..ace9a86
--- /dev/null
+++ b/bin/check/win32/checktool.vcxproj.user
@@ -0,0 +1,3 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+</Project> \ No newline at end of file
diff --git a/bin/check/win32/checkzone.vcxproj.filters.in b/bin/check/win32/checkzone.vcxproj.filters.in
new file mode 100644
index 0000000..4f3396c
--- /dev/null
+++ b/bin/check/win32/checkzone.vcxproj.filters.in
@@ -0,0 +1,27 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+ <ItemGroup>
+ <Filter Include="Source Files">
+ <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
+ <Extensions>cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
+ </Filter>
+ <Filter Include="Header Files">
+ <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
+ <Extensions>h;hpp;hxx;hm;inl;inc;xsd</Extensions>
+ </Filter>
+ <Filter Include="Resource Files">
+ <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
+ <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
+ </Filter>
+ </ItemGroup>
+ <ItemGroup>
+ <ClInclude Include="..\check-tool.h">
+ <Filter>Header Files</Filter>
+ </ClInclude>
+ </ItemGroup>
+ <ItemGroup>
+ <ClCompile Include="..\named-checkzone.c">
+ <Filter>Source Files</Filter>
+ </ClCompile>
+ </ItemGroup>
+</Project> \ No newline at end of file
diff --git a/bin/check/win32/checkzone.vcxproj.in b/bin/check/win32/checkzone.vcxproj.in
new file mode 100644
index 0000000..063f673
--- /dev/null
+++ b/bin/check/win32/checkzone.vcxproj.in
@@ -0,0 +1,135 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" ToolsVersion="@TOOLS_VERSION@" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+ <ItemGroup Label="ProjectConfigurations">
+ <ProjectConfiguration Include="Debug|@PLATFORM@">
+ <Configuration>Debug</Configuration>
+ <Platform>@PLATFORM@</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Release|@PLATFORM@">
+ <Configuration>Release</Configuration>
+ <Platform>@PLATFORM@</Platform>
+ </ProjectConfiguration>
+ </ItemGroup>
+ <PropertyGroup Label="Globals">
+ <ProjectGuid>{66028555-7DD5-4016-B601-9EF9A1EE8BFA}</ProjectGuid>
+ <Keyword>Win32Proj</Keyword>
+ <RootNamespace>checkzone</RootNamespace>
+ @WINDOWS_TARGET_PLATFORM_VERSION@
+ </PropertyGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <UseDebugLibraries>true</UseDebugLibraries>
+ <CharacterSet>MultiByte</CharacterSet>
+ @PLATFORM_TOOLSET@
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <UseDebugLibraries>false</UseDebugLibraries>
+ <WholeProgramOptimization>true</WholeProgramOptimization>
+ <CharacterSet>MultiByte</CharacterSet>
+ @PLATFORM_TOOLSET@
+ </PropertyGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+ <ImportGroup Label="ExtensionSettings">
+ </ImportGroup>
+ <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <PropertyGroup Label="UserMacros" />
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'">
+ <LinkIncremental>true</LinkIncremental>
+ <OutDir>..\..\..\Build\$(Configuration)\</OutDir>
+ <IntDir>.\$(Configuration)\</IntDir>
+ <IntDirSharingDetected>None</IntDirSharingDetected>
+ <TargetName>named-$(ProjectName)</TargetName>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'">
+ <LinkIncremental>false</LinkIncremental>
+ <OutDir>..\..\..\Build\$(Configuration)\</OutDir>
+ <IntDir>.\$(Configuration)\</IntDir>
+ <IntDirSharingDetected>None</IntDirSharingDetected>
+ <TargetName>named-$(ProjectName)</TargetName>
+ </PropertyGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'">
+ <ClCompile>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <WarningLevel>Level4</WarningLevel>
+ <TreatWarningAsError>false</TreatWarningAsError>
+ <Optimization>Disabled</Optimization>
+ <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <FunctionLevelLinking>true</FunctionLevelLinking>
+ <PrecompiledHeaderOutputFile>.\$(Configuration)\$(ProjectName).pch</PrecompiledHeaderOutputFile>
+ <AssemblerListingLocation>.\$(Configuration)\</AssemblerListingLocation>
+ <ObjectFileName>.\$(Configuration)\</ObjectFileName>
+ <ProgramDataBaseFileName>$(OutDir)$(TargetName).pdb</ProgramDataBaseFileName>
+ <BrowseInformation>true</BrowseInformation>
+ <ForcedIncludeFiles>..\..\..\config.h</ForcedIncludeFiles>
+ <AdditionalIncludeDirectories>.\;..\..\..\;@LIBXML2_INC@@OPENSSL_INC@..\..\..\lib\isc\win32;..\..\..\lib\isc\win32\include;..\..\..\lib\isc\include;..\..\..\lib\dns\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <CompileAs>CompileAsC</CompileAs>
+ </ClCompile>
+ <Link>
+ <SubSystem>Console</SubSystem>
+ <GenerateDebugInformation>true</GenerateDebugInformation>
+ <OutputFile>..\..\..\Build\$(Configuration)\$(TargetName)$(TargetExt)</OutputFile>
+ <AdditionalLibraryDirectories>$(Configuration);..\..\..\lib\isc\win32\$(Configuration);..\..\..\lib\dns\win32\$(Configuration);..\..\..\lib\isccfg\win32\$(Configuration);..\..\..\lib\ns\win32\$(Configuration);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
+ <AdditionalDependencies>@OPENSSL_LIBCRYPTO@@OPENSSL_LIBSSL@checktool.lib;libisc.lib;libdns.lib;libisccfg.lib;libns.lib;ws2_32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+ </Link>
+ <PostBuildEvent>
+ <Command>cd ..\..\..\Build\$(Configuration)
+copy /Y named-checkzone.exe named-compilezone.exe
+copy /Y named-checkzone.ilk named-compilezone.ilk
+</Command>
+ </PostBuildEvent>
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'">
+ <ClCompile>
+ <WarningLevel>Level1</WarningLevel>
+ <TreatWarningAsError>true</TreatWarningAsError>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <Optimization>MaxSpeed</Optimization>
+ <FunctionLevelLinking>true</FunctionLevelLinking>
+ <IntrinsicFunctions>@INTRINSIC@</IntrinsicFunctions>
+ <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <InlineFunctionExpansion>OnlyExplicitInline</InlineFunctionExpansion>
+ <WholeProgramOptimization>false</WholeProgramOptimization>
+ <StringPooling>true</StringPooling>
+ <PrecompiledHeaderOutputFile>.\$(Configuration)\$(ProjectName).pch</PrecompiledHeaderOutputFile>
+ <AssemblerListingLocation>.\$(Configuration)\</AssemblerListingLocation>
+ <ObjectFileName>.\$(Configuration)\</ObjectFileName>
+ <ProgramDataBaseFileName>$(OutDir)$(TargetName).pdb</ProgramDataBaseFileName>
+ <ForcedIncludeFiles>..\..\..\config.h</ForcedIncludeFiles>
+ <AdditionalIncludeDirectories>.\;..\..\..\;@LIBXML2_INC@@OPENSSL_INC@..\..\..\lib\isc\win32;..\..\..\lib\isc\win32\include;..\..\..\lib\isc\include;..\..\..\lib\dns\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <CompileAs>CompileAsC</CompileAs>
+ </ClCompile>
+ <Link>
+ <SubSystem>Console</SubSystem>
+ <GenerateDebugInformation>false</GenerateDebugInformation>
+ <EnableCOMDATFolding>true</EnableCOMDATFolding>
+ <OptimizeReferences>true</OptimizeReferences>
+ <OutputFile>..\..\..\Build\$(Configuration)\$(TargetName)$(TargetExt)</OutputFile>
+ <AdditionalLibraryDirectories>$(Configuration);..\..\..\lib\isc\win32\$(Configuration);..\..\..\lib\dns\win32\$(Configuration);..\..\..\lib\isccfg\win32\$(Configuration);..\..\..\lib\ns\win32\$(Configuration);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
+ <AdditionalDependencies>@OPENSSL_LIBCRYPTO@@OPENSSL_LIBSSL@checktool.lib;libisc.lib;libdns.lib;libisccfg.lib;libns.lib;ws2_32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+ <LinkTimeCodeGeneration>Default</LinkTimeCodeGeneration>
+ </Link>
+ <PostBuildEvent>
+ <Command>cd ..\..\..\Build\$(Configuration)
+copy /Y named-checkzone.exe named-compilezone.exe
+</Command>
+ </PostBuildEvent>
+ </ItemDefinitionGroup>
+ <ItemGroup>
+ <ClInclude Include="..\check-tool.h" />
+ </ItemGroup>
+ <ItemGroup>
+ <ClCompile Include="..\named-checkzone.c" />
+ </ItemGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+ <ImportGroup Label="ExtensionTargets">
+ </ImportGroup>
+</Project>
diff --git a/bin/check/win32/checkzone.vcxproj.user b/bin/check/win32/checkzone.vcxproj.user
new file mode 100644
index 0000000..ace9a86
--- /dev/null
+++ b/bin/check/win32/checkzone.vcxproj.user
@@ -0,0 +1,3 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+</Project> \ No newline at end of file