Merge branch '1092-allow-priming-glue' into 'master'

allow glue in authoritative responses to root priming queries Closes #1092 See merge request isc-projects/bind9!2045
2026-06-10 09:40:00 -04:00 · 2019-06-26 12:15:00 -04:00 · 2019-06-26 12:15:00 -04:00 · e6ef64c385
commit e6ef64c385
parent 2c370d93b4 03a6a78b55
9 changed files with 88 additions and 1 deletions
--- a/4
+++ b/4
@ -1,3 +1,7 @@
+5256.	[bug]		Ensure that glue records are included in root
+			priming responses if "minimal-responses" is not
+			set to "yes". [GL #1092]
+
 5255.	[bug]		Errors encountered while reloading inline-signing
 			zones could be ignored, causing the zone content to
 			be left in an incompletely updated state rather than
--- a/bin/tests/system/additional/ns1/named1.conf.in
+++ b/bin/tests/system/additional/ns1/named1.conf.in
@ -29,6 +29,11 @@ controls {
 	inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
 };

+zone "." {
+        type master;
+        file "root.db";
+};
+
 zone "rt.example" {
 	type master;
 	file "rt.db";
--- a/bin/tests/system/additional/ns1/named2.conf.in
+++ b/bin/tests/system/additional/ns1/named2.conf.in
@ -29,6 +29,11 @@ controls {
 	inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
 };

+zone "." {
+        type master;
+        file "root.db";
+};
+
 zone "rt.example" {
 	type master;
 	file "rt.db";
--- a/bin/tests/system/additional/ns1/named3.conf.in
+++ b/bin/tests/system/additional/ns1/named3.conf.in
@ -30,6 +30,11 @@ controls {
 	inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
 };

+zone "." {
+        type master;
+        file "root.db";
+};
+
 zone "rt.example" {
 	type master;
 	file "rt.db";
--- a/bin/tests/system/additional/ns1/named4.conf.in
+++ b/bin/tests/system/additional/ns1/named4.conf.in
@ -29,6 +29,11 @@ controls {
 	inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
 };

+zone "." {
+        type master;
+        file "root.db";
+};
+
 zone "mx.example" {
 	type master;
 	file "mx.db";
--- a/bin/tests/system/additional/ns1/root.db
+++ b/bin/tests/system/additional/ns1/root.db
@ -0,0 +1,19 @@
+; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+;
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0. If a copy of the MPL was not distributed with this
+; file, You can obtain one at http://mozilla.org/MPL/2.0/.
+;
+; See the COPYRIGHT file distributed with this work for additional
+; information regarding copyright ownership.
+
+. IN SOA ns2. hostmaster ( 2 8H 2H 4W 1D);
+. NS ns1.rt.example.
+. NS ns2.rt.example.
+ns1.rt.example. A 10.53.0.1
+ns2.rt.example. A 10.53.0.2
+rt.example. NS ns1.
+naptr.example. NS ns1.
+rt2.example. NS ns1.
+naptr2.example. NS ns1.
+nid.example. NS ns1.
--- a/bin/tests/system/additional/tests.sh
+++ b/bin/tests/system/additional/tests.sh
@ -210,6 +210,38 @@ dotests() {
    if [ $ret -eq 1 ] ; then
            echo_i " failed"; status=1
    fi
+
+    n=`expr $n + 1`
+    echo_i "test with NS, root zone ($n)"
+    ret=0
+    $DIG $DIGOPTS -t NS . @10.53.0.1 > dig.out.$n || ret=1
+    # Always expect glue for root priming queries, regardless $minimal
+    grep 'ADDITIONAL: 3' dig.out.$n > /dev/null || ret=1
+    if [ $ret -eq 1 ] ; then
+            echo_i " failed"; status=1
+    fi
+
+    n=`expr $n + 1`
+    echo_i "test with NS, non-root zone ($n)"
+    ret=0
+    $DIG $DIGOPTS -t NS rt.example @10.53.0.1 > dig.out.$n || ret=1
+    case $minimal in
+    yes)
+      grep 'ADDITIONAL: 1' dig.out.$n > /dev/null || ret=1
+      ;;
+    no)
+      grep 'ADDITIONAL: 2' dig.out.$n > /dev/null || ret=1
+      ;;
+    no-auth)
+      grep 'ADDITIONAL: 2' dig.out.$n > /dev/null || ret=1
+      ;;
+    no-auth-recursive)
+      grep 'ADDITIONAL: 2' dig.out.$n > /dev/null || ret=1
+      ;;
+    esac
+    if [ $ret -eq 1 ] ; then
+            echo_i " failed"; status=1
+    fi
 }

 echo_i "testing with 'minimal-responses yes;'"
--- a/doc/arm/notes.xml
+++ b/doc/arm/notes.xml
@ -265,6 +265,12 @@
 	  <command>$prefix/var</command> are respected.
 	</para>
      </listitem>
+      <listitem>
+	<para>
+	  Glue address records were not being returned in responses
+	  to root priming queries; this has been corrected. [GL #1092]
+	</para>
+      </listitem>
    </itemizedlist>
  </section>

--- a/lib/ns/query.c
+++ b/lib/ns/query.c
@ -7279,11 +7279,13 @@ query_respond(query_ctx_t *qctx) {
 		}

 		/*
-		 * BIND 8 priming queries need the additional section.
+		 * Always add glue for root priming queries, regardless
+		 * of "minimal-responses" setting.
 		 */
 		if (dns_name_equal(qctx->client->query.qname, dns_rootname)) {
 			qctx->client->query.attributes &=
 				~NS_QUERYATTR_NOADDITIONAL;
+			dns_db_attach(qctx->db, &qctx->client->query.gluedb);
 		}
 	}

@ -10671,6 +10673,10 @@ ns_query_done(query_ctx_t *qctx) {
 	qctx_clean(qctx);
 	qctx_freedata(qctx);

+	if (qctx->client->query.gluedb != NULL) {
+		dns_db_detach(&qctx->client->query.gluedb);
+	}
+
 	/*
 	 * Clear the AA bit if we're not authoritative.
 	 */