Moved semantic checks to their file.

Closes #1249

Knot.files

@@ -251,3 +251,7 @@ src/libknot/tsig.h
 src/libknot/tsig.c
 src/libknot/tsig-op.c
 src/libknot/tsig-op.h
+src/libknot/util/conv.c
+src/libknot/util/conv.h
+src/knot/zone/semantic-check.c
+src/knot/zone/semantic-check.h

src/Makefile.am

@@ -294,6 +294,8 @@ libknotd_la_SOURCES =				\
 	knot/server/zones.h				\
 	knot/zone/zone-load.c			\
 	knot/zone/zone-load.h			\
+	knot/zone/semantic-check.c		\
+	knot/zone/semantic-check.h		\
 	knot/zone/zone-dump.c			\
 	knot/zone/zone-dump-text.c			\
 	knot/zone/zone-dump-text.h			\

src/knot/zone/semantic-check.h

+/*  Copyright (C) 2011 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
+
+    This program is free software: you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+/*!
+ * \file semantic-check.h
+ *
+ * \author Jan Kadlec <jan.kadlec@nic.cz>
+ *
+ * \brief DNS zone semantic checks.
+ *
+ * \addtogroup dnslib
+ * @{
+ */
+
+#ifndef _KNOT_SEMANTIC_CHECK_H_
+#define _KNOT_SEMANTIC_CHECK_H_
+
+/*!
+ *\brief Internal error constants. General errors are added for convenience,
+ *       so that code does not have to change if new errors are added.
+ */
+enum zonechecks_errors {
+	ZC_ERR_ALLOC = -40,
+	ZC_ERR_UNKNOWN,
+
+	ZC_ERR_MISSING_SOA,
+
+	ZC_ERR_GENERIC_GENERAL_ERROR, /* isn't there a better name? */
+
+	ZC_ERR_RRSIG_RDATA_TYPE_COVERED,
+	ZC_ERR_RRSIG_RDATA_TTL,
+	ZC_ERR_RRSIG_RDATA_LABELS,
+	ZC_ERR_RRSIG_RDATA_DNSKEY_OWNER,
+	ZC_ERR_RRSIG_RDATA_SIGNED_WRONG,
+	ZC_ERR_RRSIG_NO_RRSIG,
+	ZC_ERR_RRSIG_SIGNED,
+	ZC_ERR_RRSIG_OWNER,
+	ZC_ERR_RRSIG_CLASS,
+	ZC_ERR_RRSIG_TTL,
+	ZC_ERR_RRSIG_NOT_ALL,
+
+	ZC_ERR_RRSIG_GENERAL_ERROR,
+
+	ZC_ERR_NO_NSEC,
+	ZC_ERR_NSEC_RDATA_BITMAP,
+	ZC_ERR_NSEC_RDATA_MULTIPLE,
+	ZC_ERR_NSEC_RDATA_CHAIN,
+	ZC_ERR_NSEC_RDATA_CHAIN_NOT_CYCLIC,
+
+	ZC_ERR_NSEC_GENERAL_ERROR,
+
+	ZC_ERR_NSEC3_UNSECURED_DELEGATION,
+	ZC_ERR_NSEC3_NOT_FOUND,
+	ZC_ERR_NSEC3_UNSECURED_DELEGATION_OPT,
+	ZC_ERR_NSEC3_RDATA_TTL,
+	ZC_ERR_NSEC3_RDATA_CHAIN,
+	ZC_ERR_NSEC3_RDATA_BITMAP,
+
+	ZC_ERR_NSEC3_GENERAL_ERROR,
+
+	ZC_ERR_CNAME_CYCLE,
+	ZC_ERR_DNAME_CYCLE,
+	ZC_ERR_CNAME_EXTRA_RECORDS,
+	ZC_ERR_DNAME_EXTRA_RECORDS,
+	ZC_ERR_CNAME_EXTRA_RECORDS_DNSSEC,
+	ZC_ERR_CNAME_MULTIPLE,
+	ZC_ERR_DNAME_MULTIPLE,
+
+	ZC_ERR_CNAME_GENERAL_ERROR,
+
+	ZC_ERR_GLUE_NODE,
+	ZC_ERR_GLUE_RECORD,
+
+	ZC_ERR_GLUE_GENERAL_ERROR,
+};
+
+static char *error_messages[(-ZC_ERR_ALLOC) + 1] = {
+	[-ZC_ERR_ALLOC] = "Memory allocation error!\n",
+
+	[-ZC_ERR_MISSING_SOA] = "SOA record missing in zone!\n",
+
+	[-ZC_ERR_RRSIG_RDATA_TYPE_COVERED] =
+	"RRSIG: Type covered rdata field is wrong!\n",
+	[-ZC_ERR_RRSIG_RDATA_TTL] =
+	"RRSIG: TTL rdata field is wrong!\n",
+	[-ZC_ERR_RRSIG_RDATA_LABELS] =
+	"RRSIG: Labels rdata field is wrong!\n",
+	[-ZC_ERR_RRSIG_RDATA_DNSKEY_OWNER] =
+	"RRSIG: Signer name is different than in DNSKEY!\n",
+	[-ZC_ERR_RRSIG_RDATA_SIGNED_WRONG] =
+	"RRSIG: Key error!\n",
+	[-ZC_ERR_RRSIG_NO_RRSIG] =
+	"RRSIG: No RRSIG!\n",
+	[-ZC_ERR_RRSIG_SIGNED] =
+	"RRSIG: Signed RRSIG!\n",
+	[-ZC_ERR_RRSIG_OWNER] =
+	"RRSIG: Owner name rdata field is wrong!\n",
+	[-ZC_ERR_RRSIG_CLASS] =
+	"RRSIG: Class is wrong!\n",
+	[-ZC_ERR_RRSIG_TTL] =
+	"RRSIG: TTL is wrong!\n",
+	[-ZC_ERR_RRSIG_NOT_ALL] =
+	"RRSIG: Not all RRs are signed!\n",
+
+	[-ZC_ERR_NO_NSEC] =
+	"NSEC: Missing NSEC record\n",
+	[-ZC_ERR_NSEC_RDATA_BITMAP] =
+	"NSEC: Wrong NSEC bitmap!\n",
+	[-ZC_ERR_NSEC_RDATA_MULTIPLE] =
+	"NSEC: Multiple NSEC records!\n",
+	[-ZC_ERR_NSEC_RDATA_CHAIN] =
+	"NSEC: NSEC chain is not coherent!\n",
+	[-ZC_ERR_NSEC_RDATA_CHAIN_NOT_CYCLIC] =
+	"NSEC: NSEC chain is not cyclic!\n",
+
+	[-ZC_ERR_NSEC3_UNSECURED_DELEGATION] =
+	"NSEC3: Zone contains unsecured delegation!\n",
+	[-ZC_ERR_NSEC3_NOT_FOUND] =
+	"NSEC3: Could not find previous NSEC3 record in the zone!\n",
+	[-ZC_ERR_NSEC3_UNSECURED_DELEGATION_OPT] =
+	"NSEC3: Unsecured delegation is not part "
+	"of the Opt-Out span!\n",
+	[-ZC_ERR_NSEC3_RDATA_TTL] =
+	"NSEC3: Original TTL rdata field is wrong!\n",
+	[-ZC_ERR_NSEC3_RDATA_CHAIN] =
+	"NSEC3: NSEC3 chain is not coherent!\n",
+	[-ZC_ERR_NSEC3_RDATA_BITMAP] =
+	"NSEC3: NSEC3 bitmap error!\n",
+
+	[-ZC_ERR_CNAME_CYCLE] =
+	"CNAME: CNAME cycle!\n",
+	[-ZC_ERR_DNAME_CYCLE] =
+	"CNAME: DNAME cycle!\n",
+	[-ZC_ERR_CNAME_EXTRA_RECORDS] =
+	"CNAME: Node with CNAME record has other records!\n",
+	[-ZC_ERR_DNAME_EXTRA_RECORDS] =
+	"DNAME: Node with DNAME record has other records!\n",
+	[-ZC_ERR_CNAME_EXTRA_RECORDS_DNSSEC] =
+	"CNAME: Node with CNAME record has other "
+	"records than RRSIG and NSEC/NSEC3!\n",
+	[-ZC_ERR_CNAME_MULTIPLE] = "CNAME: Multiple CNAME records!\n",
+	[-ZC_ERR_DNAME_MULTIPLE] = "DNAME: Multiple DNAME records!\n",
+
+	/* ^
+	   | Important errors (to be logged on first occurence and counted) */
+
+
+	/* Below are errors of lesser importance, to be counted unless
+	   specified otherwise */
+
+	[-ZC_ERR_GLUE_NODE] =
+	"GLUE: Node with Glue record missing!\n",
+	[-ZC_ERR_GLUE_RECORD] =
+	"GLUE: Record with Glue address missing\n",
+};
+
+/*!
+ * \brief Arguments to be used with tree traversal functions. Uses void pointers
+ *        to be more versatile.
+ *
+ */
+struct arg {
+	void *arg1; /* FILE *f / zone */
+	void *arg2; /* skip_list_t */
+	void *arg3; /* zone */
+	void *arg4; /* first node */
+	void *arg5; /* last node */
+	void *arg6; /* error handler */
+	void *arg7; /* CRC */
+};
+
+typedef struct arg arg_t;
+
+/*!
+ * \brief Structure representing handle options.
+ */
+struct handler_options {
+	char log_cname; /*!< Log all CNAME related semantic errors. */
+	char log_glue; /*!< Log all glue related semantic errors. */
+	char log_rrsigs; /*!< Log all RRSIG related semantic errors. */
+	char log_nsec; /*!< Log all NSEC related semantic errors. */
+	char log_nsec3; /*!< Log all NSEC3 related semantic errors. */
+};
+
+/*!
+ * \brief Structure for handling semantic errors.
+ */
+struct err_handler {
+	/* Consider moving error messages here */
+	struct handler_options options; /*!< Handler options. */
+	uint errors[(-ZC_ERR_ALLOC) + 1]; /*!< Array with error messages */
+};
+
+typedef struct err_handler err_handler_t;
+
+/*!
+ * \brief Creates new semantic error handler.
+ *
+ * \param log_cname If true, log all CNAME related events.
+ * \param log_glue If true, log all Glue related events.
+ * \param log_rrsigs If true, log all RRSIGs related events.
+ * \param log_nsec If true, log all NSEC related events.
+ * \param log_nsec3 If true, log all NSEC3 related events.
+ *
+ * \return err_handler_t * Created error handler.
+ */
+err_handler_t *handler_new(char log_cname, char log_glue,
+				  char log_rrsigs, char log_nsec,
+				  char log_nsec3);
+
+/*!
+ * \brief Called when error has been encountered in node. Will either log error
+ *        or print it, depending on handler's options.
+ *
+ * \param handler Error handler.
+ * \param node Node with semantic error in it.
+ * \param error Type of error.
+ *
+ * \retval KNOT_EOK on success.
+ * \retval ZC_ERR_UNKNOWN if unknown error.
+ * \retval ZC_ERR_ALLOC if memory error.
+ */
+int err_handler_handle_error(err_handler_t *handler,
+				    const knot_node_t *node,
+				    uint error);
+
+/*!
+ * \brief Checks if last node in NSEC/NSEC3 chain points to first node in the
+ *        chain and prints possible errors.
+ *
+ * \param handler Semantic error handler.
+ * \param zone Current zone.
+ * \param last_node Last node in NSEC/NSEC3 chain.
+ * \param do_checks Level of semantic checks.
+ */
+void log_cyclic_errors_in_zone(err_handler_t *handler,
+				      knot_zone_contents_t *zone,
+				      knot_node_t *last_node,
+				      const knot_node_t *first_nsec3_node,
+				      const knot_node_t *last_nsec3_node,
+				      char do_checks);
+
+/*!
+ * \brief This function prints all errors that occured in zone.
+ *
+ * \param handler Error handler containing found errors.
+ */
+void err_handler_log_all(err_handler_t *handler);
+
+/*!
+ * \brief Helper function - wraps its arguments into arg_t structure and
+ *        calls function that does the actual work.
+ *
+ * \param zone Zone to be searched / checked
+ * \param list Skip list of closests enclosers.
+ * \param do_checks Level of semantic checks.
+ * \param handler Semantic error handler.
+ * \param last_node Last checked node, which is part of NSEC(3) chain.
+ */
+void zone_do_sem_checks(knot_zone_contents_t *zone, char do_checks,
+                        err_handler_t *handler,
+                        knot_node_t **last_node);
+
+#endif // _KNOT_SEMANTIC_CHECK_H_