static char rcsid
[] = "$Id: db_secure.c,v 1.4 1993/11/03 12:26:04 vixie Exp $";
/* this file was contributed by Gregory Neil Shapiro of WPI in August 1993 */
#include <arpa/nameser.h>
#define SECURE_ZONE_RR "secure_zone"
int build_secure_netlist(zp
)
struct netinfo
*ntp
= NULL
, **netlistp
, **end
;
char *fname
, *dname
, dnbuf
[MAXDNAME
];
int errs
= 0, securezone
= 0;
free_netlist(&zp
->secure_nets
);
netlistp
= &zp
->secure_nets
;
strcat(strcat(strcpy(dnbuf
, SECURE_ZONE_RR
), "."), zp
->z_origin
);
if ((snp
= nlookup(dname
, &htp
, &fname
, 0)) == NULL
) {
"build_secure_netlist(%s): FAIL on nlookup %s\n",
/* A parent's RR's aren't valid */
if (strcasecmp(snp
->n_dname
, SECURE_ZONE_RR
)) {
/* Collect secure nets into secure_nets */
for (dp
= snp
->n_data
; dp
!= NULL
; dp
= dp
->d_next
) {
if (!match(dp
, C_ANY
, T_TXT
)) {
bcopy(dp
->d_data
+1, buf
, dp
->d_size
-1);
maskptr
=strchr(buf
, MASK_SEP
);
"build_secure_netlist(%s): Found secure zone %s\n",
ntp
= (struct netinfo
*)malloc(sizeof(struct netinfo
));
"build_secure_netlist (%s): malloc fail\n",
"build_secure_netlist (%s): Out of Memory",
if (!inet_aton(buf
, &ntp
->my_addr
)) {
"build_secure_netlist (%s): Bad address: %s\n",
"build_secure_netlist (%s): Bad address: %s",
if (maskptr
&& *maskptr
) {
if (*maskptr
== 'h' || *maskptr
== 'H') {
ntp
->mask
= (u_int32_t
)-1;
if (!inet_aton(maskptr
, &ntp
->mask
)) {
"build_secure_netlist (%s): Bad mask: %s\n",
"build_secure_netlist (%s): Bad mask: %s",
ntp
->mask
= net_mask(ntp
->my_addr
);
if (ntp
->my_addr
.s_addr
& ~(ntp
->mask
)) {
"build_secure_netlist (%s): addr (%s) is not in mask (x%x)\n",
"build_secure_netlist (%s): addr (%s) is not in mask (x%x)",
ntp
->net
= ntp
->my_addr
.s_addr
& ntp
->mask
;
/* Check for duplicates */
if (net_on_netlist(ntp
->my_addr
, *netlistp
)) {
"build_secure_netlist (%s): duplicate address %s\n",
zp
->z_origin
, inet_ntoa(ntp
->my_addr
)));
"build_secure_netlist (%s): duplicate address %s\n",
zp
->z_origin
, inet_ntoa(ntp
->my_addr
));
for (ntp
= *netlistp
; ntp
!= NULL
; ntp
= ntp
->next
) {
fprintf(ddt
, "ntp x%x net x%x mask x%x",
ntp
, ntp
->net
, ntp
->mask
);
fprintf(ddt
, " my_addr x%x", ntp
->my_addr
);
fprintf(ddt
, " %s", inet_ntoa(ntp
->my_addr
));
fprintf(ddt
, " next x%x\n", ntp
->next
);