upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-05-28 04:34:54 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Fix gratuitious DNS protocol errors in the ANS servers

Browse source 
The ANS servers were not to written to handle NS queries at the
QNAME resulting in gratuitious protocol errors that will break tests
when NS requests are made for the QNAME.

(cherry picked from commit 0680eb6f64)
This commit is contained in:
Mark Andrews 2024-07-18 13:35:41 +10:00
parent 4c49d99d56
commit 8325f4e872
5 changed files with 140 additions and 42 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
bin/tests/system/cookie/ans9/ans.py
View file

@ -104,22 +104,35 @@ def create_response(msg, tcp, first, ns10):
r.answer.append(dns.rrset.from_text(qname, 1, IN, A, "10.53.0.10"))
dopass2 = True
elif rrtype == NS:
r.answer.append(dns.rrset.from_text(qname, 1, IN, NS, "."))
length = len(labels)
if length == 2:
r.answer.append(dns.rrset.from_text(qname, 1, IN, NS, "ns." + qname))
if ns10:
r.additional.append(
dns.rrset.from_text("ns." + qname, 1, IN, A, "10.53.0.10")
)
else:
r.additional.append(
dns.rrset.from_text("ns." + qname, 1, IN, A, "10.53.0.9")
)
else:
tld = ".".join(labels[length - 2 :])
r.authority.append(dns.rrset.from_text(tld, 2, IN, SOA, ". . 0 0 0 0 2"))
elif rrtype == SOA:
r.answer.append(dns.rrset.from_text(qname, 1, IN, SOA, ". . 0 0 0 0 0"))
r.answer.append(dns.rrset.from_text(qname, 2, IN, SOA, ". . 0 0 0 0 2"))
else:
r.authority.append(dns.rrset.from_text(qname, 1, IN, SOA, ". . 0 0 0 0 0"))
r.authority.append(dns.rrset.from_text(qname, 2, IN, SOA, ". . 0 0 0 0 2"))
# Add a server cookie to the response
if labels[0] != "nocookie":
if labels[0] != "nocookie" or rrtype != A:
for o in m.options:
if o.otype == 10: # Use 10 instead of COOKIE
if first and labels[0] == "withtsig" and not tcp:
if first and labels[0] == "withtsig" and not tcp and rrtype == A:
r.use_tsig(
keyring=keyring,
keyname=dns.name.from_text("fake"),
algorithm=HMAC_SHA256,
)
elif labels[0] != "tcponly" or tcp:
elif labels[0] != "tcponly" or tcp or rrtype != A:
cookie = o
try:
if len(o.server) == 0:

97
bin/tests/system/qmin/ans2/ans.py
View file

@ -212,6 +212,19 @@ def create_response(msg):
"stale.", 2, IN, SOA, "ns2.stale. hostmaster.arpa. 1 2 3 4 5"
)
)
r.flags |= dns.flags.AA
elif lqname == "ns2.stale.":
if rrtype == A:
r.additional.append(
dns.rrset.from_text("ns.b.stale.", 2, IN, A, "10.53.0.2")
)
else:
r.authority.append(
dns.rrset.from_text(
"stale.", 2, IN, SOA, "ns2.stale. hostmaster.arpa. 1 2 3 4 5"
)
)
r.flags |= dns.flags.AA
else:
# NXDOMAIN
r.authority.append(
@ -257,30 +270,72 @@ def create_response(msg):
elif lqname == "" and rrtype == NS:
r.answer.append(dns.rrset.from_text(suffix, 30, IN, NS, "ns2." + suffix))
r.flags |= dns.flags.AA
elif lqname == "ns2." and rrtype == A:
r.answer.append(dns.rrset.from_text("ns2." + suffix, 30, IN, A, "10.53.0.2"))
elif lqname == "ns2.":
r.flags |= dns.flags.AA
elif lqname == "ns2." and rrtype == AAAA:
r.answer.append(
dns.rrset.from_text("ns2." + suffix, 30, IN, AAAA, "fd92:7065:b8e:ffff::2")
)
if rrtype == A:
r.answer.append(
dns.rrset.from_text("ns2." + suffix, 30, IN, A, "10.53.0.2")
)
elif rrtype == AAAA:
r.answer.append(
dns.rrset.from_text(
"ns2." + suffix, 30, IN, AAAA, "fd92:7065:b8e:ffff::2"
)
)
else:
r.authority.append(
dns.rrset.from_text(
suffix,
30,
IN,
SOA,
"ns2." + suffix + " hostmaster.arpa. 2018050100 1 1 1 1",
)
)
elif lqname == "ns3.":
r.flags |= dns.flags.AA
elif lqname == "ns3." and rrtype == A:
r.answer.append(dns.rrset.from_text("ns3." + suffix, 30, IN, A, "10.53.0.3"))
r.flags |= dns.flags.AA
elif lqname == "ns3." and rrtype == AAAA:
r.answer.append(
dns.rrset.from_text("ns3." + suffix, 30, IN, AAAA, "fd92:7065:b8e:ffff::3")
)
r.flags |= dns.flags.AA
elif lqname == "ns4." and rrtype == A:
r.answer.append(dns.rrset.from_text("ns4." + suffix, 30, IN, A, "10.53.0.4"))
r.flags |= dns.flags.AA
elif lqname == "ns4." and rrtype == AAAA:
r.answer.append(
dns.rrset.from_text("ns4." + suffix, 30, IN, AAAA, "fd92:7065:b8e:ffff::4")
)
if rrtype == A:
r.answer.append(
dns.rrset.from_text("ns3." + suffix, 30, IN, A, "10.53.0.3")
)
elif lqname == "ns3." and rrtype == AAAA:
r.answer.append(
dns.rrset.from_text(
"ns3." + suffix, 30, IN, AAAA, "fd92:7065:b8e:ffff::3"
)
)
else:
r.authority.append(
dns.rrset.from_text(
suffix,
30,
IN,
SOA,
"ns2." + suffix + " hostmaster.arpa. 2018050100 1 1 1 1",
)
)
elif lqname == "ns4.":
r.flags |= dns.flags.AA
if rrtype == A:
r.answer.append(
dns.rrset.from_text("ns4." + suffix, 30, IN, A, "10.53.0.4")
)
elif rrtype == AAAA:
r.answer.append(
dns.rrset.from_text(
"ns4." + suffix, 30, IN, AAAA, "fd92:7065:b8e:ffff::4"
)
)
else:
r.authority.append(
dns.rrset.from_text(
suffix,
30,
IN,
SOA,
"ns2." + suffix + " hostmaster.arpa. 2018050100 1 1 1 1",
)
)
elif lqname == "a.bit.longer.ns.name." and rrtype == A:
r.answer.append(
dns.rrset.from_text("a.bit.longer.ns.name." + suffix, 1, IN, A, "10.53.0.4")

17
bin/tests/system/qmin/ans3/ans.py
View file

@ -97,17 +97,16 @@ def create_response(msg):
ip6req = True
elif endswith(lqname, "a.b.stale."):
if lqname == "a.b.stale.":
r.flags |= dns.flags.AA
if rrtype == TXT:
# Direct query.
r.answer.append(dns.rrset.from_text(lqname, 1, IN, TXT, "peekaboo"))
r.flags |= dns.flags.AA
elif rrtype == NS:
# NS a.b.
r.answer.append(dns.rrset.from_text(lqname, 1, IN, NS, "ns.a.b.stale."))
r.additional.append(
dns.rrset.from_text("ns.a.b.stale.", 1, IN, A, "10.53.0.3")
)
r.flags |= dns.flags.AA
elif rrtype == SOA:
# SOA a.b.
r.answer.append(
@ -115,7 +114,6 @@ def create_response(msg):
lqname, 1, IN, SOA, "a.b.stale. hostmaster.a.b.stale. 1 2 3 4 5"
)
)
r.flags |= dns.flags.AA
else:
# NODATA.
r.authority.append(
@ -123,7 +121,20 @@ def create_response(msg):
lqname, 1, IN, SOA, "a.b.stale. hostmaster.a.b.stale. 1 2 3 4 5"
)
)
elif lqname == "ns.a.b.stale.":
r.flags |= dns.flags.AA
if rrtype == A:
r.answer.append(
dns.rrset.from_text("ns.a.b.stale.", 1, IN, A, "10.53.0.3")
)
else:
r.authority.append(
dns.rrset.from_text(
lqname, 1, IN, SOA, "a.b.stale. hostmaster.a.b.stale. 1 2 3 4 5"
)
)
else:
r.flags |= dns.flags.AA
r.authority.append(
dns.rrset.from_text(
lqname, 1, IN, SOA, "a.b.stale. hostmaster.a.b.stale. 1 2 3 4 5"

34
bin/tests/system/qmin/ans4/ans.py
View file

@ -98,17 +98,16 @@ def create_response(msg):
ip6req = True
elif endswith(lqname, "b.stale."):
if lqname == "a.b.stale.":
r.flags |= dns.flags.AA
if rrtype == TXT:
# Direct query.
r.answer.append(dns.rrset.from_text(lqname, 1, IN, TXT, "hooray"))
r.flags |= dns.flags.AA
elif rrtype == NS:
# NS a.b.
r.answer.append(dns.rrset.from_text(lqname, 1, IN, NS, "ns.a.b.stale."))
r.additional.append(
dns.rrset.from_text("ns.a.b.stale.", 1, IN, A, "10.53.0.3")
)
r.flags |= dns.flags.AA
elif rrtype == SOA:
# SOA a.b.
r.answer.append(
@ -116,7 +115,19 @@ def create_response(msg):
lqname, 1, IN, SOA, "a.b.stale. hostmaster.a.b.stale. 1 2 3 4 5"
)
)
r.flags |= dns.flags.AA
else:
# NODATA.
r.authority.append(
dns.rrset.from_text(
lqname, 1, IN, SOA, "a.b.stale. hostmaster.a.b.stale. 1 2 3 4 5"
)
)
elif lqname == "ns.a.b.stale.":
r.flags |= dns.flags.AA
if rrtype == A:
r.answer.append(
dns.rrset.from_text("ns.a.b.stale.", 1, IN, A, "10.53.0.3")
)
else:
# NODATA.
r.authority.append(
@ -125,13 +136,13 @@ def create_response(msg):
)
)
elif lqname == "b.stale.":
r.flags |= dns.flags.AA
if rrtype == NS:
# NS b.
r.answer.append(dns.rrset.from_text(lqname, 1, IN, NS, "ns.b.stale."))
r.additional.append(
dns.rrset.from_text("ns.b.stale.", 1, IN, A, "10.53.0.4")
)
r.flags |= dns.flags.AA
elif rrtype == SOA:
# SOA b.
r.answer.append(
@ -139,7 +150,20 @@ def create_response(msg):
lqname, 1, IN, SOA, "b.stale. hostmaster.b.stale. 1 2 3 4 5"
)
)
r.flags |= dns.flags.AA
else:
# NODATA.
r.authority.append(
dns.rrset.from_text(
lqname, 1, IN, SOA, "b.stale. hostmaster.b.stale. 1 2 3 4 5"
)
)
elif lqname == "ns.b.stale.":
r.flags |= dns.flags.AA
if rrtype == A:
# SOA a.b.
r.answer.append(
dns.rrset.from_text("ns.a.b.stale.", 1, IN, A, "10.53.0.4")
)
else:
# NODATA.
r.authority.append(

9
bin/tests/system/serve-stale/ans2/ans.pl
View file

@ -195,13 +195,8 @@ sub reply_handler {
}
$rcode = "NOERROR";
} elsif ($qname eq "shortttl.cname.example") {
if ($qtype eq "A") {
my $rr = new Net::DNS::RR($SHORTCNAME);
push @ans, $rr;
} else {
my $rr = new Net::DNS::RR($negSOA);
push @auth, $rr;
}
my $rr = new Net::DNS::RR($SHORTCNAME);
push @ans, $rr;
$rcode = "NOERROR";
} elsif ($qname eq "longttl.target.example") {
if ($slow_response) {