From 04da917e3541fb7ced74458e7bb440460a717985 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= Date: Wed, 4 Mar 2026 10:46:58 +0100 Subject: [PATCH 1/2] Drop support for the HS class HS (Hesiod) class is no longer supported and is treated same as any other unknown class. --- lib/ns/client.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/lib/ns/client.c b/lib/ns/client.c index 9b5e4d5f25..45fdab1c58 100644 --- a/lib/ns/client.c +++ b/lib/ns/client.c @@ -2123,8 +2123,6 @@ ns_client_request(isc_nmhandle_t *handle, isc_result_t eresult, break; case dns_rdataclass_chaos: break; - case dns_rdataclass_hs: - break; case dns_rdataclass_none: if (client->message->opcode != dns_opcode_update) { ns_client_dumpmessage(client, From 9771df0aca5ce399ad0535f656c403a58d674606 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= Date: Wed, 4 Mar 2026 13:24:53 +0100 Subject: [PATCH 2/2] Disallow configuration of user-defined non-IN class views Only class IN is allowed for user-defined views; the internally generated `_bind` view stays in the CH class. Both `named` and the shared checker in `lib/isccfg/check.c` now reject non-IN views, so a config can no longer pass `named-checkconf` yet fail to start in `named`. Tests, configs, and catalog zones using CH or arbitrary classes (e.g. `class10`) are removed accordingly. --- bin/named/server.c | 20 ++++++++++++++++-- bin/tests/system/auth/ns1/chaos.db | 12 ----------- bin/tests/system/auth/ns1/named.conf.j2 | 7 ------- bin/tests/system/auth/tests.sh | 9 -------- .../system/catz/ns1/catalog-bad5.example.db | 3 --- bin/tests/system/catz/ns1/named.conf.j2 | 14 ------------- bin/tests/system/checkconf/altdb.conf | 6 ------ .../system/checkconf/bad-chaos-view.conf | 3 +++ .../{good-class.conf => bad-class.conf} | 0 bin/tests/system/checkconf/good.conf.j2 | 6 ------ bin/tests/system/checkconf/good.zonelist | 1 - bin/tests/system/checkconf/tests.sh | 21 ------------------- .../checkconf/warn-chaos-recursion.conf | 12 ----------- bin/tests/system/class/ns1/chaos.db.in | 4 ---- bin/tests/system/class/ns1/named.conf.j2 | 13 ------------ bin/tests/system/class/ns2/example.db.in | 6 ------ bin/tests/system/class/ns2/named.conf.j2 | 10 --------- bin/tests/system/class/ns3/named.conf.j2 | 9 -------- bin/tests/system/class/setup.sh | 2 -- bin/tests/system/class/tests_class_chaos.py | 3 ++- bin/tests/system/class/tests_class_update.py | 1 + bin/tests/system/pipelined/pipequeries.c | 2 +- bin/tests/system/resolver/ns1/chaostest.db | 5 ----- bin/tests/system/resolver/ns1/named.conf.j2 | 15 ------------- bin/tests/system/resolver/tests.sh | 8 +++---- bin/tests/system/unknown/ns1/named.conf.j2 | 12 ----------- bin/tools/mdig.c | 2 +- doc/arm/reference.rst | 5 ++--- lib/dns/view.c | 13 ++++++++++++ lib/isccfg/check.c | 12 +++++++++++ 30 files changed, 56 insertions(+), 180 deletions(-) delete mode 100644 bin/tests/system/auth/ns1/chaos.db delete mode 100644 bin/tests/system/catz/ns1/catalog-bad5.example.db delete mode 100644 bin/tests/system/checkconf/altdb.conf create mode 100644 bin/tests/system/checkconf/bad-chaos-view.conf rename bin/tests/system/checkconf/{good-class.conf => bad-class.conf} (100%) delete mode 100644 bin/tests/system/checkconf/warn-chaos-recursion.conf delete mode 100644 bin/tests/system/class/ns1/chaos.db.in delete mode 100644 bin/tests/system/class/ns2/example.db.in delete mode 100644 bin/tests/system/resolver/ns1/chaostest.db diff --git a/bin/named/server.c b/bin/named/server.c index 0a1992d658..fc53de5249 100644 --- a/bin/named/server.c +++ b/bin/named/server.c @@ -5806,10 +5806,26 @@ get_viewinfo(const cfg_obj_t *vconfig, const char **namep, classobj = cfg_tuple_get(vconfig, "class"); CHECK(named_config_getclass(classobj, dns_rdataclass_in, &viewclass)); - if (dns_rdataclass_ismeta(viewclass)) { + switch (viewclass) { + case dns_rdataclass_in: + break; + case dns_rdataclass_chaos: + /* allow the builtin _bind view */ + if (strcmp(viewname, "_bind") != 0) { + isc_log_write( + NAMED_LOGCATEGORY_GENERAL, + NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR, + "view '%s': only builtin _bind view is " + "allowed in Chaos (CH) class", + viewname); + CLEANUP(ISC_R_FAILURE); + } + break; + default: isc_log_write(NAMED_LOGCATEGORY_GENERAL, NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR, - "view '%s': class must not be meta", + "view '%s': only Internet (IN) class is " + "allowed", viewname); CLEANUP(ISC_R_FAILURE); } diff --git a/bin/tests/system/auth/ns1/chaos.db b/bin/tests/system/auth/ns1/chaos.db deleted file mode 100644 index 66574429c0..0000000000 --- a/bin/tests/system/auth/ns1/chaos.db +++ /dev/null @@ -1,12 +0,0 @@ -$TTL 300 ; 5 minutes -@ CH SOA ns root ( - 2018010100 ; serial - 1800 ; refresh (30 minutes) - 1800 ; retry (30 minutes) - 1814400 ; expire (3 weeks) - 3600 ; minimum (1 hour) - ) - NS ns -ns A ch-addr.example. 1001 -test A ch-addr.example. 1002 - A ch-addr.example. 1003 diff --git a/bin/tests/system/auth/ns1/named.conf.j2 b/bin/tests/system/auth/ns1/named.conf.j2 index 341ffefc55..88a54c7d51 100644 --- a/bin/tests/system/auth/ns1/named.conf.j2 +++ b/bin/tests/system/auth/ns1/named.conf.j2 @@ -37,10 +37,3 @@ view main in { log-report-channel yes; }; }; - -view alt chaos { - zone example.chaos chaos { - type primary; - file "chaos.db"; - }; -}; diff --git a/bin/tests/system/auth/tests.sh b/bin/tests/system/auth/tests.sh index 27399f512d..b0aef293d5 100644 --- a/bin/tests/system/auth/tests.sh +++ b/bin/tests/system/auth/tests.sh @@ -177,15 +177,6 @@ grep 'a\.example\.com.*A.10\.53\.0\.1' dig.out.test$n >/dev/null && ret=1 [ $ret -eq 0 ] || echo_i "failed" status=$((status + ret)) -n=$((n + 1)) -echo_i "check that CHAOS addresses are compared correctly ($n)" -ret=0 -$DIG $DIGOPTS @10.53.0.1 +noall +answer ch test.example.chaos >dig.out.test$n || ret=1 -lines=$(wc -l checkconf.out$n 2>&1 || ret=1 -if [ $ret -ne 0 ]; then - echo_i "failed" - ret=1 -fi -status=$((status + ret)) - n=$((n + 1)) echo_i "checking that named-checkconf -z skips zone check with DLZ ($n)" ret=0 @@ -742,16 +732,5 @@ if [ $ret != 0 ]; then fi status=$((status + ret)) -n=$((n + 1)) -echo_i "check 'recursion yes;' is warned and disabled in a non-IN view ($n)" -ret=0 -$CHECKCONF warn-chaos-recursion.conf >checkconf.out$n 2>&1 || ret=1 -grep -F "recursion will be disabled" checkconf.out$n >/dev/null || ret=1 -if [ $ret != 0 ]; then - echo_i "failed" - ret=1 -fi -status=$((status + ret)) - echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/checkconf/warn-chaos-recursion.conf b/bin/tests/system/checkconf/warn-chaos-recursion.conf deleted file mode 100644 index 01965102a4..0000000000 --- a/bin/tests/system/checkconf/warn-chaos-recursion.conf +++ /dev/null @@ -1,12 +0,0 @@ -options { - directory "."; -}; - -view chaos ch { - match-clients { any; }; - recursion yes; - zone "." { - type hint; - file "chaos.hints"; - }; -}; diff --git a/bin/tests/system/class/ns1/chaos.db.in b/bin/tests/system/class/ns1/chaos.db.in deleted file mode 100644 index 43ca58ffa8..0000000000 --- a/bin/tests/system/class/ns1/chaos.db.in +++ /dev/null @@ -1,4 +0,0 @@ -. CH NS ns.root. -ns.root. CH A ns.root. 1 -ns.root. CH AAAA \# 1 00 - diff --git a/bin/tests/system/class/ns1/named.conf.j2 b/bin/tests/system/class/ns1/named.conf.j2 index 76f85fc6c9..cdf9f2de33 100644 --- a/bin/tests/system/class/ns1/named.conf.j2 +++ b/bin/tests/system/class/ns1/named.conf.j2 @@ -16,16 +16,3 @@ key rndc_key { controls { inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; - -view chaos ch { - match-clients { any; }; - recursion yes; - zone "." { - type hint; - file "chaos.db"; - }; - zone "version.bind" { - type primary; - database "_builtin version"; - }; -}; diff --git a/bin/tests/system/class/ns2/example.db.in b/bin/tests/system/class/ns2/example.db.in deleted file mode 100644 index a658ddbd89..0000000000 --- a/bin/tests/system/class/ns2/example.db.in +++ /dev/null @@ -1,6 +0,0 @@ -$TTL 300 -@ CH SOA ns.example. hostmaster.example. 1 3600 1200 604800 300 -@ CH NS ns.example. -ns CH TXT "ns" -a CH A target.example. 1 -target CH TXT "target" diff --git a/bin/tests/system/class/ns2/named.conf.j2 b/bin/tests/system/class/ns2/named.conf.j2 index 5618c15216..08fe4fced4 100644 --- a/bin/tests/system/class/ns2/named.conf.j2 +++ b/bin/tests/system/class/ns2/named.conf.j2 @@ -30,13 +30,3 @@ view default { }; }; }; - -view chaos ch { - match-clients { any; }; - recursion no; - zone example { - type primary; - file "example.db"; - allow-update { any; }; - }; -}; diff --git a/bin/tests/system/class/ns3/named.conf.j2 b/bin/tests/system/class/ns3/named.conf.j2 index 3016333aad..98b955162b 100644 --- a/bin/tests/system/class/ns3/named.conf.j2 +++ b/bin/tests/system/class/ns3/named.conf.j2 @@ -17,12 +17,3 @@ key rndc_key { controls { inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; - -view chaos ch { - match-clients { any; }; - recursion yes; - dnssec-validation no; - forward only; - forwarders port @PORT@ { 10.53.0.2; }; - deny-answer-addresses { 0.0.0.0/0; ::/0; }; -}; diff --git a/bin/tests/system/class/setup.sh b/bin/tests/system/class/setup.sh index c70a2f8290..7e1d1d934a 100644 --- a/bin/tests/system/class/setup.sh +++ b/bin/tests/system/class/setup.sh @@ -14,6 +14,4 @@ # shellcheck source=conf.sh . ../conf.sh -cp ns1/chaos.db.in ns1/chaos.db -cp ns2/example.db.in ns2/example.db cp ns2/localhost.db.in ns2/localhost.db diff --git a/bin/tests/system/class/tests_class_chaos.py b/bin/tests/system/class/tests_class_chaos.py index 5b4fef9ae4..fa5817ea42 100644 --- a/bin/tests/system/class/tests_class_chaos.py +++ b/bin/tests/system/class/tests_class_chaos.py @@ -18,6 +18,7 @@ import isctest pytestmark = pytest.mark.extra_artifacts( [ "*/*.db", + "*/*.jnl", ] ) @@ -31,7 +32,7 @@ def test_chaos_recursion(): def test_chaos_auth(): msg = isctest.query.create("a.example.", "A", qclass="CH") res = isctest.query.udp(msg, "10.53.0.2") - isctest.check.noerror(res) + isctest.check.refused(res) def test_chaos_forward(): diff --git a/bin/tests/system/class/tests_class_update.py b/bin/tests/system/class/tests_class_update.py index 30e3ba6d2a..925d1791a8 100644 --- a/bin/tests/system/class/tests_class_update.py +++ b/bin/tests/system/class/tests_class_update.py @@ -21,6 +21,7 @@ import isctest pytestmark = pytest.mark.extra_artifacts( [ "*/*.db", + "*/*.jnl", ] ) diff --git a/bin/tests/system/pipelined/pipequeries.c b/bin/tests/system/pipelined/pipequeries.c index 3d6c26211b..7255adbfed 100644 --- a/bin/tests/system/pipelined/pipequeries.c +++ b/bin/tests/system/pipelined/pipequeries.c @@ -277,7 +277,7 @@ main(int argc, char *argv[]) { RUNCHECK(dns_requestmgr_create(isc_g_mctx, dispatchmgr, dispatchv4, NULL, &requestmgr)); - dns_view_create(isc_g_mctx, NULL, 0, "_test", &view); + dns_view_create(isc_g_mctx, NULL, dns_rdataclass_in, "_test", &view); isc_loopmgr_setup(sendqueries, NULL); isc_loopmgr_teardown(teardown_view, view); diff --git a/bin/tests/system/resolver/ns1/chaostest.db b/bin/tests/system/resolver/ns1/chaostest.db deleted file mode 100644 index 4c967b90dd..0000000000 --- a/bin/tests/system/resolver/ns1/chaostest.db +++ /dev/null @@ -1,5 +0,0 @@ -$TTL 3600 -@ CHAOS SOA @ @ 1970010100 86400 600 86400 300 -@ CHAOS NS @ -version CHAOS TXT "CH 1.0" -hostname CHAOS TXT "unknown" diff --git a/bin/tests/system/resolver/ns1/named.conf.j2 b/bin/tests/system/resolver/ns1/named.conf.j2 index 1fb6ea8e27..4a4e50dc5e 100644 --- a/bin/tests/system/resolver/ns1/named.conf.j2 +++ b/bin/tests/system/resolver/ns1/named.conf.j2 @@ -39,21 +39,6 @@ server fd92:7065:b8e:ffff::1000 { transfer-source-v6 fd92:7065:b8e:ffff::1001; }; -/* - * Must be first view so that there is a CH cache with name - * "globalcache" before the recursive "default"/IN view is configured. - */ -view "class" chaos { - zone "chaostest" CHAOS { - type primary; - file "chaostest.db"; - }; -}; - -/* - * Must be second view so that so that we can check we don't attach to the - * "globalcache"/CH cache. - */ view "default" { zone "." { type hint; diff --git a/bin/tests/system/resolver/tests.sh b/bin/tests/system/resolver/tests.sh index 06ef98f697..ead3d7362c 100755 --- a/bin/tests/system/resolver/tests.sh +++ b/bin/tests/system/resolver/tests.sh @@ -783,12 +783,10 @@ if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) n=$((n + 1)) -echo_i "checking REFUSED is returned when querying non existing domain in CH class ($n)" +echo_i "checking REFUSED is returned when querying name in CH class ($n)" ret=0 -dig_with_opts @10.53.0.1 hostname.chaostest txt ch >dig.ns1.out.1.${n} || ret=1 -grep "status: NOERROR" dig.ns1.out.1.${n} >/dev/null || ret=1 -dig_with_opts @10.53.0.1 id.hostname txt ch >dig.ns1.out.2.${n} || ret=1 -grep "status: REFUSED" dig.ns1.out.2.${n} >/dev/null || ret=1 +dig_with_opts @10.53.0.1 id.hostname txt ch >dig.ns1.out.${n} || ret=1 +grep "status: REFUSED" dig.ns1.out.${n} >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) diff --git a/bin/tests/system/unknown/ns1/named.conf.j2 b/bin/tests/system/unknown/ns1/named.conf.j2 index 434c56edba..c5b17c2a27 100644 --- a/bin/tests/system/unknown/ns1/named.conf.j2 +++ b/bin/tests/system/unknown/ns1/named.conf.j2 @@ -44,15 +44,3 @@ view "in" { file "broken5.db"; }; }; - -view "class10" class10 { - zone "." class10 { - type hint; - file "class10.hints"; - }; - - zone "example." class10 { - type primary; - file "example-class10.db"; - }; -}; diff --git a/bin/tools/mdig.c b/bin/tools/mdig.c index e43c87e7ce..1ba53795f6 100644 --- a/bin/tools/mdig.c +++ b/bin/tools/mdig.c @@ -2046,7 +2046,7 @@ setup(void *arg ISC_ATTR_UNUSED) { isc_g_mctx, dispatchmgr, have_ipv4 ? dispatchvx : NULL, have_ipv6 ? dispatchvx : NULL, &requestmgr)); - dns_view_create(isc_g_mctx, NULL, 0, "_mdig", &view); + dns_view_create(isc_g_mctx, NULL, dns_rdataclass_in, "_mdig", &view); } /*% Main processing routine for mdig */ diff --git a/doc/arm/reference.rst b/doc/arm/reference.rst index 10ba133ef1..86ae19f5cc 100644 --- a/doc/arm/reference.rst +++ b/doc/arm/reference.rst @@ -6742,9 +6742,8 @@ with that view. When no view-specific value is given, the value in the default values specified in the :any:`view` statement; these view-specific defaults take precedence over those in the :namedconf:ref:`options` statement. -Views are class-specific. If no class is given, class IN is assumed. -Note that all non-IN views must contain a hint zone, since only the IN -class has compiled-in default hints. +Only class IN can be used for the views. If no class is given, class IN is +assumed. If there are no :any:`view` statements in the config file, a default view that matches any client is automatically created in class IN. Any diff --git a/lib/dns/view.c b/lib/dns/view.c index f4f6daf9fe..f5fcf239ed 100644 --- a/lib/dns/view.c +++ b/lib/dns/view.c @@ -118,6 +118,19 @@ dns_view_create(isc_mem_t *mctx, dns_dispatchmgr_t *dispatchmgr, REQUIRE(name != NULL); REQUIRE(viewp != NULL && *viewp == NULL); + switch (rdclass) { + case dns_rdataclass_in: + break; + case dns_rdataclass_chaos: + if (strcmp(name, "_bind") == 0) { + /* allowed */ + break; + } + FALLTHROUGH; + default: + UNREACHABLE(); + } + result = isc_file_sanitize(NULL, name, "nta", buffer, sizeof(buffer)); RUNTIME_CHECK(result == ISC_R_SUCCESS); diff --git a/lib/isccfg/check.c b/lib/isccfg/check.c index 35432b116e..edcf039ab5 100644 --- a/lib/isccfg/check.c +++ b/lib/isccfg/check.c @@ -6303,6 +6303,18 @@ isccfg_check_namedconf(const cfg_obj_t *config, unsigned int flags, } } symtype = vclass + 1; + /* + * Only the Internet (IN) class is allowed for user-defined + * views. The builtin "_bind" view (Chaos) is generated + * internally and never appears in the configuration here. + */ + if (tresult == ISC_R_SUCCESS && vclass != dns_rdataclass_in) { + cfg_obj_log(view, ISC_LOG_ERROR, + "view '%s': only Internet (IN) class is " + "allowed", + key); + tresult = ISC_R_FAILURE; + } if (tresult == ISC_R_SUCCESS && symtab != NULL) { symvalue.as_cpointer = view; tresult = isc_symtab_define(symtab, key, symtype,