diff --git a/CHANGES b/CHANGES index 9684a32c4a..74d3bede60 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,6 @@ +3458. [bug] Return FORMERR when presented with a overly long + domain named in a request. [RT #29682] + 3457. [protocol] Add ILNP records (NID, LP, L32, L64). [RT #31836] 3456. [port] g++47: ATF failed to compile. [RT #32012] diff --git a/bin/tests/system/conf.sh.in b/bin/tests/system/conf.sh.in index f3747301cf..16f4963c7b 100644 --- a/bin/tests/system/conf.sh.in +++ b/bin/tests/system/conf.sh.in @@ -58,7 +58,7 @@ ARPANAME=$TOP/bin/tools/arpaname SUBDIRS="acl additional allow_query addzone autosign builtin cacheclean checkconf @CHECKDS@ checknames checkzone database dlv dlvauto dlz dlzexternal dlzredir dname dns64 dnssec - dsdigest ecdsa forward glue gost ixfr inline limits + dsdigest ecdsa formerr forward glue gost ixfr inline limits logfileconfig lwresd masterfile masterformat metadata notify nsupdate pending pkcs11 redirect resolver rndc rpz rrsetorder rsabigexponent sortlist smartsign staticstub diff --git a/bin/tests/system/formerr/clean.sh b/bin/tests/system/formerr/clean.sh new file mode 100644 index 0000000000..bd1587c5ed --- /dev/null +++ b/bin/tests/system/formerr/clean.sh @@ -0,0 +1,3 @@ +rm -f nametoolong.out +rm -f twoquestions.out +rm -f noquestions.out diff --git a/bin/tests/system/formerr/formerr.pl b/bin/tests/system/formerr/formerr.pl new file mode 100644 index 0000000000..90f5c8bda9 --- /dev/null +++ b/bin/tests/system/formerr/formerr.pl @@ -0,0 +1,102 @@ +#!/usr/bin/perl +# +# Copyright (C) 2011, 2012 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and/or distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $Id: packet.pl,v 1.2 2011/04/15 01:02:08 each Exp $ + +# This is a tool for sending an arbitrary packet via UDP or TCP to an +# arbitrary address and port. The packet is specified in a file or on +# the standard input, in the form of a series of bytes in hexidecimal. +# Whitespace is ignored, as is anything following a '#' symbol. +# +# For example, the following input would generate normal query for +# isc.org/NS/IN": +# +# # QID: +# 0c d8 +# # header: +# 01 00 00 01 00 00 00 00 00 00 +# # qname isc.org: +# 03 69 73 63 03 6f 72 67 00 +# # qtype NS: +# 00 02 +# # qclass IN: +# 00 01 +# +# Note that we do not wait for a response for the server. This is simply +# a way of injecting arbitrary packets to test server resposnes. +# +# Usage: packet.pl [-a
] [-p ] [-t (udp|tcp)] [filename] +# +# If not specified, address defaults to 127.0.0.1, port to 53, protocol +# to udp, and file to stdin. +# +# XXX: Doesn't support IPv6 yet + +require 5.006.001; + +use strict; +use Getopt::Std; +use IO::File; +use IO::Socket; + +sub usage { + print ("Usage: packet.pl [-a address] [-p port] [file]\n"); + exit 1; +} + +my %options={}; +getopts("a:p:", \%options); + +my $addr = "127.0.0.1"; +$addr = $options{a} if defined $options{a}; + +my $port = 53; +$port = $options{p} if defined $options{p}; + +my $file = "STDIN"; +if (@ARGV >= 1) { + my $filename = shift @ARGV; + open FH, "<$filename" or die "$filename: $!"; + $file = "FH"; +} + +my $input = ""; +while (defined(my $line = <$file>) ) { + chomp $line; + $line =~ s/#.*$//; + $input .= $line; +} + +$input =~ s/\s+//g; +my $data = pack("H*", $input); +my $len = length $data; + +my $output = unpack("H*", $data); +print ("sending: $output\n"); + +my $sock = IO::Socket::INET->new(PeerAddr => $addr, PeerPort => $port, + Proto => "tcp") or die "$!"; + +my $bytes; +$bytes = $sock->syswrite(pack("n", $len), 2); +$bytes = $sock->syswrite($data, $len); +$bytes = $sock->sysread($data, 2); +$len = unpack("n", $data); +$bytes = $sock->sysread($data, $len); +print "got: ", unpack("H*", $data). "\n"; + +$sock->close; +close $file; diff --git a/bin/tests/system/formerr/nametoolong b/bin/tests/system/formerr/nametoolong new file mode 100644 index 0000000000..b81545fadc --- /dev/null +++ b/bin/tests/system/formerr/nametoolong @@ -0,0 +1,19 @@ +00 00 00 00 00 01 00 00 00 00 00 00 +0f 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 +0f 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 +0f 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 +0f 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 +0f 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 +0f 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 +0f 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 +0f 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 +0f 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 +0f 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 +0f 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 +0f 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 +0f 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 +0f 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 +0f 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 +0e 41 41 41 41 41 41 41 41 41 41 41 41 41 41 00 +00 01 +00 01 diff --git a/bin/tests/system/formerr/noquestions b/bin/tests/system/formerr/noquestions new file mode 100644 index 0000000000..f087bcd4b3 --- /dev/null +++ b/bin/tests/system/formerr/noquestions @@ -0,0 +1 @@ +00 00 00 00 00 00 00 00 00 00 00 00 diff --git a/bin/tests/system/formerr/ns1/named.conf b/bin/tests/system/formerr/ns1/named.conf new file mode 100644 index 0000000000..23a020a157 --- /dev/null +++ b/bin/tests/system/formerr/ns1/named.conf @@ -0,0 +1,37 @@ +/* + * Copyright (C) 2004, 2007, 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2000, 2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: named.conf,v 1.15 2009/05/29 23:47:49 tbox Exp $ */ + +controls { /* empty */ }; + +options { + query-source address 10.53.0.1; + notify-source 10.53.0.1; + transfer-source 10.53.0.1; + port 5300; + pid-file "named.pid"; + listen-on { 10.53.0.1; }; + listen-on-v6 { none; }; + recursion no; +}; + +zone "." { + type master; + file "root.db"; +}; + diff --git a/bin/tests/system/formerr/ns1/root.db b/bin/tests/system/formerr/ns1/root.db new file mode 100644 index 0000000000..212f0cf11a --- /dev/null +++ b/bin/tests/system/formerr/ns1/root.db @@ -0,0 +1,26 @@ +; Copyright (C) 2010 Internet Systems Consortium, Inc. ("ISC") +; +; Permission to use, copy, modify, and/or distribute this software for any +; purpose with or without fee is hereby granted, provided that the above +; copyright notice and this permission notice appear in all copies. +; +; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +; PERFORMANCE OF THIS SOFTWARE. + +; $Id: root.db,v 1.2 2010/09/15 12:07:56 marka Exp $ + +$TTL 300 +. IN SOA marka.isc.org. a.root.servers.nil. ( + 2010 ; serial + 600 ; refresh + 600 ; retry + 1200 ; expire + 600 ; minimum + ) +. NS a.root-servers.nil. +a.root-servers.nil. A 10.53.0.4 diff --git a/bin/tests/system/formerr/tests.sh b/bin/tests/system/formerr/tests.sh new file mode 100644 index 0000000000..ea6aca53ed --- /dev/null +++ b/bin/tests/system/formerr/tests.sh @@ -0,0 +1,49 @@ +#!/bin/sh +# +# Copyright (C) 2013 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and/or distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +status=0 + +echo "I:test name to long" +$PERL formerr.pl -a 10.53.0.1 -p 5300 nametoolong > nametoolong.out +ans=`grep got: nametoolong.out` +if [ "${ans}" != "got: 000080010000000000000000" ]; +then + echo "I:failed"; status=`expr $status + 1`; +fi + +echo "I:two questions" +$PERL formerr.pl -a 10.53.0.1 -p 5300 twoquestions > twoquestions.out +ans=`grep got: twoquestions.out` +if [ "${ans}" != "got: 000080010000000000000000" ]; +then + echo "I:failed"; status=`expr $status + 1`; +fi + +# this one arguable could be NOERORR. +echo "I:no questions" +$PERL formerr.pl -a 10.53.0.1 -p 5300 noquestions > noquestions.out +ans=`grep got: noquestions.out` +if [ "${ans}" != "got: 000080010000000000000000" ]; +then + echo "I:failed"; status=`expr $status + 1`; +fi + +echo "I:exit status: $status" + +exit $status diff --git a/bin/tests/system/formerr/twoquestions b/bin/tests/system/formerr/twoquestions new file mode 100644 index 0000000000..2192e3d208 --- /dev/null +++ b/bin/tests/system/formerr/twoquestions @@ -0,0 +1,7 @@ +00 00 00 00 00 02 00 00 00 00 00 00 +0e 41 41 41 41 41 41 41 41 41 41 41 41 41 41 00 +00 01 +00 02 +0e 41 41 41 41 41 41 41 41 41 41 41 41 41 41 00 +00 01 +00 01 diff --git a/lib/dns/result.c b/lib/dns/result.c index 093e435885..20282a6610 100644 --- a/lib/dns/result.c +++ b/lib/dns/result.c @@ -265,6 +265,7 @@ dns_result_torcode(isc_result_t result) { case DNS_R_TOOMANYHOPS: case DNS_R_TSIGERRORSET: case DNS_R_UNKNOWN: + case DNS_R_NAMETOOLONG: rcode = dns_rcode_formerr; break; case DNS_R_DISALLOWED: