From 06d3106002def5141885a5668d0254038f19fbf1 Mon Sep 17 00:00:00 2001
From: Mukund Sivaraman <muks@isc.org>
Date: Wed, 16 May 2018 00:07:17 +0530
Subject: [PATCH] return FORMERR when question section is empty if COOKIE is
 not present

---
 bin/tests/system/cookie/tests.sh  | 18 ++++++++++++++++++
 bin/tests/system/formerr/tests.sh |  9 +++++----
 lib/ns/client.c                   |  7 ++++---
 3 files changed, 27 insertions(+), 7 deletions(-)

diff --git a/bin/tests/system/cookie/tests.sh b/bin/tests/system/cookie/tests.sh
index bb96cbde01..17d782e0ea 100755
--- a/bin/tests/system/cookie/tests.sh
+++ b/bin/tests/system/cookie/tests.sh
@@ -54,6 +54,24 @@ do
         status=`expr $status + $ret`
 done
 
+n=`expr $n + 1`
+echo_i "checking RCODE=FORMERR to query without question section and without COOKIE option ($n)"
+ret=0
+$DIG $DIGOPTS +qr +header-only +nocookie version.bind txt ch @10.53.0.1 > dig.out.test$n
+grep COOKIE: dig.out.test$n > /dev/null && ret=1
+grep "status: FORMERR" dig.out.test$n > /dev/null || ret=1
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=`expr $status + $ret`
+
+n=`expr $n + 1`
+echo_i "checking RCODE=NOERROR to query without question section and with COOKIE option ($n)"
+ret=0
+$DIG $DIGOPTS +qr +header-only +cookie version.bind txt ch @10.53.0.1 > dig.out.test$n
+grep COOKIE: dig.out.test$n > /dev/null || ret=1
+grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=`expr $status + $ret`
+
 n=`expr $n + 1`
 echo_i "checking COOKIE token returned to empty COOKIE option ($n)"
 ret=0
diff --git a/bin/tests/system/formerr/tests.sh b/bin/tests/system/formerr/tests.sh
index c88b18022f..d8b91e8754 100644
--- a/bin/tests/system/formerr/tests.sh
+++ b/bin/tests/system/formerr/tests.sh
@@ -14,7 +14,7 @@ SYSTEMTESTTOP=..
 
 status=0
 
-echo_i "test name to long"
+echo_i "test name too long"
 $PERL formerr.pl -a 10.53.0.1 -p ${PORT} nametoolong > nametoolong.out
 ans=`grep got: nametoolong.out`
 if [ "${ans}" != "got: 000080010000000000000000" ];
@@ -30,11 +30,12 @@ then
 	echo_i "failed"; status=`expr $status + 1`;
 fi
 
-# this one is now NOERROR
-echo_i "no questions"
+# this would be NOERROR if it included a COOKIE option,
+# but is a FORMERR without one.
+echo_i "empty question section (and no COOKIE option)"
 $PERL formerr.pl -a 10.53.0.1 -p ${PORT} noquestions > noquestions.out
 ans=`grep got: noquestions.out`
-if [ "${ans}" != "got: 000080000000000000000000" ];
+if [ "${ans}" != "got: 000080010000000000000000" ];
 then
 	echo_i "failed"; status=`expr $status + 1`;
 fi
diff --git a/lib/ns/client.c b/lib/ns/client.c
index e0aa915c7b..2dc4434c0c 100644
--- a/lib/ns/client.c
+++ b/lib/ns/client.c
@@ -2552,9 +2552,10 @@ ns__client_request(isc_task_t *task, isc_event_t *event) {
 	}
 
 	if (client->message->rdclass == 0) {
-		if ((client->attributes & NS_CLIENTATTR_WANTCOOKIE) != 0 ||
-		    (client->message->opcode == dns_opcode_query &&
-		     client->message->counts[DNS_SECTION_QUESTION] == 0U)) {
+		if ((client->attributes & NS_CLIENTATTR_WANTCOOKIE) != 0 &&
+		    client->message->opcode == dns_opcode_query &&
+		    client->message->counts[DNS_SECTION_QUESTION] == 0U)
+		{
 			result = dns_message_reply(client->message, ISC_TRUE);
 			if (result != ISC_R_SUCCESS) {
 				ns_client_error(client, result);