From 7e736602062a4f96b5ff5e89cd998db861362b03 Mon Sep 17 00:00:00 2001
From: Evan Hunt <each@isc.org>
Date: Thu, 30 Apr 2020 13:17:37 -0700
Subject: [PATCH] named-checkconf -z could exit with an incorrect staatus

the CHECK() macro resets result, so an error code from an earlier
view could be erased if the last view loaded had no errors.
---
 CHANGES                                       |  4 ++++
 bin/check/named-checkconf.c                   |  7 +++++-
 .../system/checkconf/check-missing-zone.conf  | 24 +++++++++++++++++++
 bin/tests/system/checkconf/tests.sh           |  7 ++++++
 4 files changed, 41 insertions(+), 1 deletion(-)
 create mode 100644 bin/tests/system/checkconf/check-missing-zone.conf

diff --git a/CHANGES b/CHANGES
index 173cacd838..75529d89ec 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,7 @@
+5404.	[bug]		'named-checkconf -z' could incorrectly indicate
+			success if errors were found in one view but not in a
+			subsequent one. [GL #1807]
+
 5403.	[func]		Don't set udp recv/send buffer sizes, sockets will
 			use system defaults. [GL #1713]
 
diff --git a/bin/check/named-checkconf.c b/bin/check/named-checkconf.c
index 444941db79..a6884833b5 100644
--- a/bin/check/named-checkconf.c
+++ b/bin/check/named-checkconf.c
@@ -530,7 +530,12 @@ load_zones_fromconfig(const cfg_obj_t *config, isc_mem_t *mctx,
 		}
 
 		classobj = cfg_tuple_get(vconfig, "class");
-		CHECK(config_getclass(classobj, dns_rdataclass_in, &viewclass));
+		tresult = config_getclass(classobj, dns_rdataclass_in,
+					  &viewclass);
+		if (tresult != ISC_R_SUCCESS) {
+			CHECK(tresult);
+		}
+
 		if (dns_rdataclass_ismeta(viewclass)) {
 			CHECK(ISC_R_FAILURE);
 		}
diff --git a/bin/tests/system/checkconf/check-missing-zone.conf b/bin/tests/system/checkconf/check-missing-zone.conf
new file mode 100644
index 0000000000..f43d3e2575
--- /dev/null
+++ b/bin/tests/system/checkconf/check-missing-zone.conf
@@ -0,0 +1,24 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+view missing {
+	zone missing.example {
+		type master;
+		file "missing.example.db";
+	};
+};
+
+view good {
+	zone shared.example {
+		type master;
+		file "shared.example.db";
+	};
+};
diff --git a/bin/tests/system/checkconf/tests.sh b/bin/tests/system/checkconf/tests.sh
index 0b62e27b71..a3901111fa 100644
--- a/bin/tests/system/checkconf/tests.sh
+++ b/bin/tests/system/checkconf/tests.sh
@@ -364,6 +364,13 @@ grep "zone shared.example/IN: loaded serial" < checkconf.out$n > /dev/null || re
 if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi
 status=`expr $status + $ret`
 
+n=`expr $n + 1`
+echo_i "check that named-checkconf -z returns error when a later view is okay ($n)"
+ret=0
+$CHECKCONF -z check-missing-zone.conf > checkconf.out$n 2>&1 && ret=1
+if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi
+status=`expr $status + $ret`
+
 n=`expr $n + 1`
 echo_i "check that named-checkconf prints max-cache-size <percentage> correctly ($n)"
 ret=0