mirror of
https://github.com/NLnetLabs/unbound.git
synced 2025-12-20 23:00:56 -05:00
- Fix #1234: shortening DNAME loop produces duplicate DNAME records
in ANSWER section. git-svn-id: file:///svn/unbound/trunk@4047 be551aaa-1e26-0410-a405-d3ace91eadb9
This commit is contained in:
Wouter Wijngaards
parent
2b9d47ff01
commit
038550c889
4 changed files with 1085 additions and 2 deletions
|
|
@ -1,3 +1,7 @@
|
||||||
|
10 March 2017: Wouter
|
||||||
|
- Fix #1234: shortening DNAME loop produces duplicate DNAME records
|
||||||
|
in ANSWER section.
|
||||||
|
|
||||||
9 March 2017: Wouter
|
9 March 2017: Wouter
|
||||||
- --disable-sha1 disables SHA1 support in RRSIG, so from DNSKEY and
|
- --disable-sha1 disables SHA1 support in RRSIG, so from DNSKEY and
|
||||||
DS records. NSEC3 is not disabled.
|
DS records. NSEC3 is not disabled.
|
||||||
|
|
|
||||||
|
|
@ -372,6 +372,29 @@ iter_prepend(struct iter_qstate* iq, struct dns_msg* msg,
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Find rrset in ANSWER prepend list.
|
||||||
|
* to avoid duplicate DNAMEs when a DNAME is traversed twice.
|
||||||
|
* @param iq: iterator query state.
|
||||||
|
* @param rrset: rrset to add.
|
||||||
|
* @return false if not found
|
||||||
|
*/
|
||||||
|
static int
|
||||||
|
iter_find_rrset_in_prepend_answer(struct iter_qstate* iq,
|
||||||
|
struct ub_packed_rrset_key* rrset)
|
||||||
|
{
|
||||||
|
struct iter_prep_list* p = iq->an_prepend_list;
|
||||||
|
while(p) {
|
||||||
|
if(ub_rrset_compare(p->rrset, rrset) == 0 &&
|
||||||
|
rrsetdata_equal((struct packed_rrset_data*)p->rrset
|
||||||
|
->entry.data, (struct packed_rrset_data*)rrset
|
||||||
|
->entry.data))
|
||||||
|
return 1;
|
||||||
|
p = p->next;
|
||||||
|
}
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Add rrset to ANSWER prepend list
|
* Add rrset to ANSWER prepend list
|
||||||
* @param qstate: query state.
|
* @param qstate: query state.
|
||||||
|
|
@ -454,14 +477,16 @@ handle_cname_response(struct module_qstate* qstate, struct iter_qstate* iq,
|
||||||
* by this DNAME following, so we don't process the DNAME
|
* by this DNAME following, so we don't process the DNAME
|
||||||
* directly. */
|
* directly. */
|
||||||
if(ntohs(r->rk.type) == LDNS_RR_TYPE_DNAME &&
|
if(ntohs(r->rk.type) == LDNS_RR_TYPE_DNAME &&
|
||||||
dname_strict_subdomain_c(*mname, r->rk.dname)) {
|
dname_strict_subdomain_c(*mname, r->rk.dname) &&
|
||||||
|
!iter_find_rrset_in_prepend_answer(iq, r)) {
|
||||||
if(!iter_add_prepend_answer(qstate, iq, r))
|
if(!iter_add_prepend_answer(qstate, iq, r))
|
||||||
return 0;
|
return 0;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
if(ntohs(r->rk.type) == LDNS_RR_TYPE_CNAME &&
|
if(ntohs(r->rk.type) == LDNS_RR_TYPE_CNAME &&
|
||||||
query_dname_compare(*mname, r->rk.dname) == 0) {
|
query_dname_compare(*mname, r->rk.dname) == 0 &&
|
||||||
|
!iter_find_rrset_in_prepend_answer(iq, r)) {
|
||||||
/* Add this relevant CNAME rrset to the prepend list.*/
|
/* Add this relevant CNAME rrset to the prepend list.*/
|
||||||
if(!iter_add_prepend_answer(qstate, iq, r))
|
if(!iter_add_prepend_answer(qstate, iq, r))
|
||||||
return 0;
|
return 0;
|
||||||
|
|
|
||||||
|
|
@ -1128,6 +1128,9 @@ match_all(uint8_t* q, size_t qlen, uint8_t* p, size_t plen, int mttl,
|
||||||
/* check for reordered sections */
|
/* check for reordered sections */
|
||||||
r = match_noloc(qstr, pstr, q, qlen, p, plen);
|
r = match_noloc(qstr, pstr, q, qlen, p, plen);
|
||||||
}
|
}
|
||||||
|
if(!r) {
|
||||||
|
verbose(3, "mismatch pkt '%s' and '%s'", qstr, pstr);
|
||||||
|
}
|
||||||
free(qstr);
|
free(qstr);
|
||||||
free(pstr);
|
free(pstr);
|
||||||
free(qb);
|
free(qb);
|
||||||
|
|
|
||||||
1051
testdata/iter_dname_insec.rpl
vendored
Normal file
1051
testdata/iter_dname_insec.rpl
vendored
Normal file
File diff suppressed because it is too large
Load diff
Loading…
Reference in a new issue