Changeset 632

Timestamp:

05/14/14 17:15:16 (10 years ago)

Author:

Kris Deugau

Message:

/trunk

Partly close a hole in validation of CNAMEs; a CNAME may not be used for
the root domain/zone (since a CNAME may not have sibling records for the
same FQDN). Checking for siblings is likely going to be trickier.

See #53, sort of.

File:

• trunk/DNSDB.pm (modified) (2 diffs)

trunk/DNSDB.pm

@@ -627 +627 @@
       my $revzone = new NetAddr::IP $self->revName($args{id}, 'y');
       return ('FAIL', $errstr) if !$self->_inrev($args{val}, $revzone);
+      # CNAMEs can not be used for parent nodes;  just leaf nodes with no other record types
+      # note that this WILL probably miss some edge cases.
+      if (${$args{val}} =~ /^[\d.\/]+$/) {
+        # convert IP "hostname" to .arpa
+        my $tmphn = _ZONE(NetAddr::IP->new(${$args{val}}), 'ZONE', 'r', '.');
+        my $tmpz = _ZONE($revzone, 'ZONE', 'r', '.');
+        return ('FAIL', "The bare zone may not be a CNAME") if $tmphn eq $tmpz;
+      }
     }
 
@@ -644 +652 @@
     my $pname = ($args{defrec} eq 'y' ? 'DOMAIN' : $self->domainName($args{id}));
     ${$args{host}} =~ s/\.*$/\.$pname/ if ${$args{host}} !~ /$pname$/;
+
+    # CNAMEs can not be used for parent nodes;  just leaf nodes with no other record types
+    # Enforce this for the zone name
+    return ('FAIL', "The bare zone name may not be a CNAME") if ${$args{host}} eq $pname;
 
 ##enhance:  Look up the passed value to see if it exists.  Ooo, fancy.