diff --git a/CHANGES b/CHANGES index 44b7e28666..8c4beec7d2 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,6 @@ +3971. [bug] Reduce the cascasding failures due to a bad $TTL line + in named-checkconf / named-checkzone. [RT #37138] + 3970. [contrib] Fixed a use after free bug in the SDB LDAP driver. [RT #37237] diff --git a/bin/tests/system/checkzone/zones/badttl.db b/bin/tests/system/checkzone/zones/badttl.db new file mode 100644 index 0000000000..256731e594 --- /dev/null +++ b/bin/tests/system/checkzone/zones/badttl.db @@ -0,0 +1,23 @@ +; Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC") +; +; Permission to use, copy, modify, and/or distribute this software for any +; purpose with or without fee is hereby granted, provided that the above +; copyright notice and this permission notice appear in all copies. +; +; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +; PERFORMANCE OF THIS SOFTWARE. + + +$TTL +@ SOA ns hostmaster 2011012708 3600 1200 604800 1200 + NS ns +ns A 192.0.2.1 + +ns-and-dname NS ns.ns-and-dname + DNAME example.com. +ns.ns-and-dname A 203.178.141.207 diff --git a/bin/tests/system/views/setup.sh b/bin/tests/system/views/setup.sh index ebd059fdcc..254bd3bfc3 100644 --- a/bin/tests/system/views/setup.sh +++ b/bin/tests/system/views/setup.sh @@ -37,8 +37,8 @@ test -r $RANDFILE || $GENRANDOM 400 $RANDFILE # $KEYGEN -K ns2/internal -r $RANDFILE -3q inline > /dev/null 2>&1 $KEYGEN -K ns2/internal -r $RANDFILE -3qfk inline > /dev/null 2>&1 -k1=`$KEYGEN -K ns2/external -r $RANDFILE -3q inline` -k2=`$KEYGEN -K ns2/external -r $RANDFILE -3qfk inline` +k1=`$KEYGEN -K ns2/external -r $RANDFILE -3q inline 2> /dev/null` +k2=`$KEYGEN -K ns2/external -r $RANDFILE -3qfk inline 2> /dev/null` $KEYGEN -K ns2/external -r $RANDFILE -3q inline > /dev/null 2>&1 $KEYGEN -K ns2/external -r $RANDFILE -3qfk inline > /dev/null 2>&1 test -n "$k1" && rm -f ns2/external/$k1.* diff --git a/bin/tests/system/views/tests.sh b/bin/tests/system/views/tests.sh index 13748052f4..b90d7f5edf 100644 --- a/bin/tests/system/views/tests.sh +++ b/bin/tests/system/views/tests.sh @@ -123,17 +123,20 @@ fi if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` -echo "I:verifying inline zones work with views" -ret=0 -$DIG @10.53.0.2 -p 5300 -b 10.53.0.2 +dnssec DNSKEY inline > dig.out.internal -$DIG @10.53.0.2 -p 5300 -b 10.53.0.5 +dnssec DNSKEY inline > dig.out.external -grep "ANSWER: 4," dig.out.internal > /dev/null || ret=1 -grep "ANSWER: 4," dig.out.external > /dev/null || ret=1 -int=`awk '$4 == "DNSKEY" { print $8 }' dig.out.internal | sort` -ext=`awk '$4 == "DNSKEY" { print $8 }' dig.out.external | sort` -test "$int" != "$ext" || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi -status=`expr $status + $ret` +if $SHELL ../testcrypto.sh +then + echo "I:verifying inline zones work with views" + ret=0 + $DIG @10.53.0.2 -p 5300 -b 10.53.0.2 +dnssec DNSKEY inline > dig.out.internal + $DIG @10.53.0.2 -p 5300 -b 10.53.0.5 +dnssec DNSKEY inline > dig.out.external + grep "ANSWER: 4," dig.out.internal > /dev/null || ret=1 + grep "ANSWER: 4," dig.out.external > /dev/null || ret=1 + int=`awk '$4 == "DNSKEY" { print $8 }' dig.out.internal | sort` + ext=`awk '$4 == "DNSKEY" { print $8 }' dig.out.external | sort` + test "$int" != "$ext" || ret=1 + if [ $ret != 0 ]; then echo "I:failed"; fi + status=`expr $status + $ret` +fi echo "I:exit status: $status" exit $status diff --git a/lib/dns/master.c b/lib/dns/master.c index a2eef3f2fd..8228bbea4d 100644 --- a/lib/dns/master.c +++ b/lib/dns/master.c @@ -221,7 +221,7 @@ task_send(dns_loadctx_t *lctx); static void loadctx_destroy(dns_loadctx_t *lctx); -#define GETTOKEN(lexer, options, token, eol) \ +#define GETTOKENERR(lexer, options, token, eol, err) \ do { \ result = gettoken(lexer, options, token, eol, callbacks); \ switch (result) { \ @@ -234,6 +234,7 @@ loadctx_destroy(dns_loadctx_t *lctx); SETRESULT(lctx, result); \ LOGIT(result); \ read_till_eol = ISC_TRUE; \ + err \ goto next_line; \ } else \ goto log_and_cleanup; \ @@ -249,6 +250,8 @@ loadctx_destroy(dns_loadctx_t *lctx); goto log_and_cleanup; \ } \ } while (0) +#define GETTOKEN(lexer, options, token, eol) \ + GETTOKENERR(lexer, options, token, eol, ) #define COMMITALL \ do { \ @@ -389,13 +392,19 @@ gettoken(isc_lex_t *lex, unsigned int options, isc_token_t *token, if (eol != ISC_TRUE) if (token->type == isc_tokentype_eol || token->type == isc_tokentype_eof) { + unsigned long int line; + const char *what; + const char *file; + file = isc_lex_getsourcename(lex); + line = isc_lex_getsourceline(lex); + if (token->type == isc_tokentype_eol) { + line--; + what = "line"; + } else + what = "file"; (*callbacks->error)(callbacks, "dns_master_load: %s:%lu: unexpected end of %s", - isc_lex_getsourcename(lex), - isc_lex_getsourceline(lex), - (token->type == - isc_tokentype_eol) ? - "line" : "file"); + file, line, what); return (ISC_R_UNEXPECTEDEND); } return (ISC_R_SUCCESS); @@ -1152,7 +1161,9 @@ load_text(dns_loadctx_t *lctx) { finish_origin = ISC_TRUE; } else if (strcasecmp(DNS_AS_STR(token), "$TTL") == 0) { - GETTOKEN(lctx->lex, 0, &token, ISC_FALSE); + GETTOKENERR(lctx->lex, 0, &token, ISC_FALSE, + lctx->ttl = 0; + lctx->default_ttl_known = ISC_TRUE;); result = dns_ttl_fromtext(&token.value.as_textregion, &lctx->ttl); diff --git a/util/copyrights b/util/copyrights index db3d6eded6..2a323ca3fc 100644 --- a/util/copyrights +++ b/util/copyrights @@ -957,6 +957,7 @@ ./bin/tests/system/checkzone/zones/bad-nsec3owner-padded.db ZONE 2014 ./bin/tests/system/checkzone/zones/bad1.db ZONE 2013 ./bin/tests/system/checkzone/zones/bad2.db ZONE 2014 +./bin/tests/system/checkzone/zones/badttl.db ZONE 2014 ./bin/tests/system/checkzone/zones/good-nsec3-nopadhash.db ZONE 2014 ./bin/tests/system/checkzone/zones/good1.db ZONE 2011 ./bin/tests/system/checkzone/zones/spf.db ZONE 2013