Merge branch 'zone-parsers-blank-line-issue'

doc/Changelog

@@ -1,3 +1,7 @@
+21 June 2022: Philip
+	- Fix for loading locally stored zones that have lines with blanks or
+	  blanks and comments.
+
 20 June 2022: George
 	- Remove unused LDNS function check for GOST Engine unloading.
 

sldns/parse.c

@@ -34,7 +34,7 @@ sldns_fget_token_l(FILE *f, char *token, const char *delim, size_t limit, int *l
 {
 	int c, prev_c;
 	int p; /* 0 -> no parentheses seen, >0 nr of ( seen */
-	int com, quoted;
+	int com, quoted, only_blank;
 	char *t;
 	size_t i;
 	const char *d;
@@ -53,6 +53,7 @@ sldns_fget_token_l(FILE *f, char *token, const char *delim, size_t limit, int *l
 	com = 0;
 	quoted = 0;
 	prev_c = 0;
+	only_blank = 1;	/* Assume we got only <blank> until now */
 	t = token;
 	if (del[0] == '"') {
 		quoted = 1;
@@ -101,6 +102,22 @@ sldns_fget_token_l(FILE *f, char *token, const char *delim, size_t limit, int *l
 			if (line_nr) {
 				*line_nr = *line_nr + 1;
 			}
+			if (only_blank && i > 0) {
+				/* Got only <blank> so far. Reset and try
+				 * again with the next line.
+				 */
+				i = 0;
+				t = token;
+			}
+			if (p == 0) {
+				/* If p != 0 then the next line is a continuation. So
+				 * we assume that the next line starts with a blank only
+				 * if it is actually a new line.
+				 */
+				only_blank = 1;	/* Assume next line starts with
+						 * <blank>.
+						 */
+			}
 			if (p == 0 && i > 0) {
 				goto tokenread;
 			} else {
@@ -131,12 +148,29 @@ sldns_fget_token_l(FILE *f, char *token, const char *delim, size_t limit, int *l
 
 		/* check if we hit the delim */
 		for (d = del; *d; d++) {
-			if (c == *d && i > 0 && prev_c != '\\' && p == 0) {
-				if (c == '\n' && line_nr) {
-					*line_nr = *line_nr + 1;
-				}
-				goto tokenread;
+			if (c == *d)
+				break;
+		}
+
+		if (c == *d && i > 0 && prev_c != '\\' && p == 0) {
+			if (c == '\n' && line_nr) {
+				*line_nr = *line_nr + 1;
 			}
+			if (only_blank) {
+				/* Got only <blank> so far. Reset and
+				 * try again with the next line.
+				 */
+				i = 0;
+				t = token;
+				only_blank = 1;
+				prev_c = c;
+				continue;
+			}
+			goto tokenread;
+		}
+		if (c != ' ' && c != '\t') {
+			/* Found something that is not <blank> */
+			only_blank= 0;
 		}
 		if (c != '\0' && c != '\n') {
 			i++;
@@ -149,8 +183,13 @@ sldns_fget_token_l(FILE *f, char *token, const char *delim, size_t limit, int *l
 		if (c != '\0' && c != '\n') {
 			*t++ = c;
 		}
-		if (c == '\n' && line_nr) {
-			*line_nr = *line_nr + 1;
+		if (c == '\n') {
+			if (line_nr) {
+				*line_nr = *line_nr + 1;
+			}
+			only_blank = 1;	/* Assume next line starts with
+					 * <blank>.
+					 */
 		}
 		if (c == '\\' && prev_c == '\\')
 			prev_c = 0;

testdata/blanks_cached_zone.tdir/blanks.example.com.zone

@@ -0,0 +1,23 @@
+; Test if the zone parser accepts various blank lines
+@		IN	SOA	ns1.example.com dnsmaster.example.com. (
+				1	; Serial
+				      7200	; Refresh 2 hours
+				      3600	; Retry   1 hour
+				   2419200	; expire - 4 weeks
+				      3600	; Minimum 1 hour     
+)
+		7200	IN	NS      ns1
+ns1			IN	A	192.0.2.1
+			IN	AAAA	2001:dbb::1
+; completely blank line
+
+; line with one space
+ 
+; line with one tab
+	
+; line with spaces followed by comment
+  ; test comment
+; line with tabs followed by comment
+		; test comment
+; Final line with spaces, tabs and comment
+ 	 	; test comment

testdata/blanks_cached_zone.tdir/blanks_cached_zone.conf

@@ -0,0 +1,20 @@
+server:
+	verbosity: 7
+	# num-threads: 1
+	interface: 127.0.0.1
+	port: @PORT@
+	use-syslog: no
+	directory: ""
+	pidfile: "unbound.pid"
+	chroot: ""
+	username: ""
+	do-not-query-localhost: no
+	use-caps-for-id: yes
+	module-config: "respip validator iterator"
+
+auth-zone:
+        name: blanks.example.com
+        zonefile: "blanks.example.com.zone"
+	url: "https://127.0.0.1:@TOPORT@/blanks.example.com.zone"
+	for-upstream: yes
+	for-downstream: yes

testdata/blanks_cached_zone.tdir/blanks_cached_zone.dsc

@@ -0,0 +1,16 @@
+BaseName: blanks_cached_zone
+Version: 1.0
+Description: Check if a cached zone with blank line can be loaded
+CreationDate: Wed 08 Jun 2022 11:16:25 AM CEST
+Maintainer: Philip Homburg
+Category: 
+Component:
+CmdDepends: 
+Depends: 
+Help:
+Pre: blanks_cached_zone.pre
+Post: blanks_cached_zone.post
+Test: blanks_cached_zone.test
+AuxFiles: 
+Passed:
+Failure:

testdata/blanks_cached_zone.tdir/blanks_cached_zone.post

@@ -0,0 +1,10 @@
+# #-- blanks_cached_zone.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+PRE="../.."
+. ../common.sh
+kill_pid $UNBOUND_PID

testdata/blanks_cached_zone.tdir/blanks_cached_zone.pre

@@ -0,0 +1,23 @@
+# #-- blanks_cached_zone.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+. ../common.sh
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+UNUSED_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$UNUSED_PORT'/' < blanks_cached_zone.conf > ub.conf
+# start unbound in the background
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_unbound_up unbound.log
+

testdata/blanks_cached_zone.tdir/blanks_cached_zone.test

@@ -0,0 +1,51 @@
+# #-- blanks_cached_zone.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+# do the test
+TARGET=ns1.blanks.example.com.
+echo "> dig $TARGET"
+dig @localhost -p $UNBOUND_PORT $TARGET | tee outfile
+if grep SERVFAIL outfile; then
+	echo "> try again"
+	dig @localhost -p $UNBOUND_PORT $TARGET | tee outfile
+fi
+if grep SERVFAIL outfile; then
+	echo "> try again"
+	sleep 1
+	dig @localhost -p $UNBOUND_PORT $TARGET | tee outfile
+fi
+if grep SERVFAIL outfile; then
+	echo "> try again"
+	sleep 1
+	dig @localhost -p $UNBOUND_PORT $TARGET | tee outfile
+fi
+if grep SERVFAIL outfile; then
+	echo "> try again"
+	sleep 1
+	dig @localhost -p $UNBOUND_PORT $TARGET | tee outfile
+fi
+if grep SERVFAIL outfile; then
+	echo "> try again"
+	sleep 10
+	dig @localhost -p $UNBOUND_PORT $TARGET | tee outfile
+fi
+if grep SERVFAIL outfile; then
+	echo "> try again"
+	sleep 10
+	dig @localhost -p $UNBOUND_PORT $TARGET | tee outfile
+fi
+echo "> cat logfiles"
+cat unbound.log
+echo "> check answer"
+if grep "192.0.2.1" outfile; then
+	echo "OK"
+else
+	echo "Not OK"
+	exit 1
+fi
+
+exit 0

testdata/blanks_https.tdir/127.0.0.1/blanks.example.com.zone

@@ -0,0 +1,23 @@
+; Test if the zone parser accepts various blank lines
+@		IN	SOA	ns1.example.com dnsmaster.example.com. (
+				1	; Serial
+				      7200	; Refresh 2 hours
+				      3600	; Retry   1 hour
+				   2419200	; expire - 4 weeks
+				      3600	; Minimum 1 hour     
+)
+		7200	IN	NS      ns1
+ns1			IN	A	192.0.2.1
+			IN	AAAA	2001:dbb::1
+; completely blank line
+
+; line with one space
+ 
+; line with one tab
+	
+; line with spaces followed by comment
+  ; test comment
+; line with tabs followed by comment
+		; test comment
+; Final line with spaces, tabs and comment
+ 	 	; test comment

testdata/blanks_https.tdir/blanks_https.conf

@@ -0,0 +1,18 @@
+server:
+	verbosity: 7
+	# num-threads: 1
+	interface: 127.0.0.1
+	port: @PORT@
+	use-syslog: no
+	directory: ""
+	pidfile: "unbound.pid"
+	chroot: ""
+	username: ""
+	do-not-query-localhost: no
+	use-caps-for-id: yes
+auth-zone:
+	name: "blanks.example.com"
+	for-upstream: yes
+	for-downstream: yes
+	url: "https://127.0.0.1:@TOPORT@/blanks.example.com.zone"
+

testdata/blanks_https.tdir/blanks_https.dsc

@@ -0,0 +1,16 @@
+BaseName: blanks_https
+Version: 1.0
+Description: Fetch a zone with blank lines over https
+CreationDate: Tue 14 Jun 2022 04:43:21 PM CEST
+Maintainer: Philip Homburg
+Category: 
+Component:
+CmdDepends: 
+Depends: 
+Help:
+Pre: blanks_https.pre
+Post: blanks_https.post
+Test: blanks_https.test
+AuxFiles: 
+Passed:
+Failure:

testdata/blanks_https.tdir/blanks_https.post

@@ -0,0 +1,11 @@
+# #-- blanks_https.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+PRE="../.."
+. ../common.sh
+kill_pid $UNBOUND_PID
+kill_pid $PETAL_PID

testdata/blanks_https.tdir/blanks_https.pre

@@ -0,0 +1,34 @@
+# #-- blanks_https.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+. ../common.sh
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+PETAL_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "PETAL_PORT=$PETAL_PORT" >> .tpkg.var.test
+
+get_make
+(cd $PRE; $MAKE petal)
+
+# start https daemon
+$PRE/petal -v -a "127.0.0.1" -p $PETAL_PORT >petal.log 2>&1 &
+PETAL_PID=$!
+echo "PETAL_PID=$PETAL_PID" >> .tpkg.var.test
+cat .tpkg.var.test
+wait_petal_up petal.log
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$PETAL_PORT'/' < blanks_https.conf > ub.conf
+# start unbound in the background
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_unbound_up unbound.log
+

testdata/blanks_https.tdir/blanks_https.test

@@ -0,0 +1,52 @@
+# #-- blanks_https.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+# do the test
+TARGET=ns1.blanks.example.com.
+echo "> dig $TARGET"
+dig @localhost -p $UNBOUND_PORT $TARGET | tee outfile
+if grep SERVFAIL outfile; then
+	echo "> try again"
+	dig @localhost -p $UNBOUND_PORT $TARGET | tee outfile
+fi
+if grep SERVFAIL outfile; then
+	echo "> try again"
+	sleep 1
+	dig @localhost -p $UNBOUND_PORT $TARGET | tee outfile
+fi
+if grep SERVFAIL outfile; then
+	echo "> try again"
+	sleep 1
+	dig @localhost -p $UNBOUND_PORT $TARGET | tee outfile
+fi
+if grep SERVFAIL outfile; then
+	echo "> try again"
+	sleep 1
+	dig @localhost -p $UNBOUND_PORT $TARGET | tee outfile
+fi
+if grep SERVFAIL outfile; then
+	echo "> try again"
+	sleep 10
+	dig @localhost -p $UNBOUND_PORT $TARGET | tee outfile
+fi
+if grep SERVFAIL outfile; then
+	echo "> try again"
+	sleep 10
+	dig @localhost -p $UNBOUND_PORT $TARGET | tee outfile
+fi
+echo "> cat logfiles"
+cat petal.log 
+cat unbound.log
+echo "> check answer"
+if grep "192.0.2.1" outfile; then
+	echo "OK"
+else
+	echo "Not OK"
+	exit 1
+fi
+
+exit 0

testdata/blanks_https.tdir/petal.key

@@ -0,0 +1,21 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIDfQIBAAKBwQC1xQ/Kca6zszZbcCtdOTIH2Uy2gOy/DfabMUU7TmNPm0dVE0NJ
+RuN+Rm304SonpwghfP2/ULZNnuDgpG03/32yI7k/VzG6iA4hiF7tT/KAAWC/+2l1
+QCsawCV2bSrFK0VhcZr7ALqXd8vkDaQ867K029ypjOQtAJ85qdO3mERy7TGtdUcu
+O6hLeVet419YeQ2F8cfNxn63d7bOzNGLPW5xwaCd3UcgD+Ib0k4xfFvbinvPQUeU
+J/i4YDWexFYSL+ECAwEAAQKBwCLXXQl+9O+5AEhSnd1Go1Jh0pSA7eBJOuXQcebG
+Rb7ykp+6C4G2NtDziwwPRNdI6wQQQ0sym18RfyVQHydGr78/nbiIbB3HCn5e92Mh
+mefzW6ow9Kvm2txLzGKA1lvoyRbNm81jnG/eygi3u7Nqd5PNv+4dHj2RkTlmxOeh
+qnDMVP5md8uZPv6lYNnrnIzvLCR5vnPNdVwn89AqzI85IcDZdy0R9ZX4NBbsDgAU
+6ig6uXuRXvSGiyJ/OUXSrnogaQJhAOjvkHUhVZQkPOxO90TNH4j0GdKKtbSWxIdz
+lKfuJeBAEqs0TL+C6vbS81Xw3W1alyDdUBk3rJMOBqW6Ryq5HNL+j5H+Jfsh7fvc
+Yle+5wHGci0P9zCFZCrY8It7n9XFIwJhAMfEi6oJa2G8waPJ1bQhxka82Tf9pnKM
+XCn/1BBOFjVIx5F842cpA+zp5a62GENTGYPQTTRBB/2/ZwnW5aIkrlg54AtmbqBZ
+Oh+2kJdJQD/tfoVmc5soUE2ScTHadK5RKwJhAN4w9kjkXS+MSZjX0kIMsBIBVkhh
+C+aREjJqa9ir7/Ey7RvmLXdYuCxtGLRXp7/R8+rjcK49Tx6O+IRJZe042mfhbq3C
+EhS1Tr86f4xXix9EXlDhs9bSxrOgcAN9Dv/opQJhAK7eBcPaav0rVfYh/8emqQHS
+3fJ9Pu6WnzbEksWTFS2ff9KDGCx9YspIFJ5TF/oXDAaumGZdZrlgirm6O1kr8tGY
+F97i04PZl1+bWAaWQH+1TUNI43m2WFUPE7coG2tb8QJgcddDg9VlXliZqgcETZfJ
+kJmYETxrcSn3ao6v116N8yxhEgUgjkmsCTiFgx36iDVnXwK6PIt+sIu8MC7eYNa3
+berrv/M21K0LRn20IWRxvUobG070weHCAgkko7fTWgr2
+-----END RSA PRIVATE KEY-----

testdata/blanks_https.tdir/petal.pem

@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICFzCCAUACCQDO660L5y5LGDANBgkqhkiG9w0BAQUFADAQMQ4wDAYDVQQDEwVw
+ZXRhbDAeFw0xMDA5MzAxMzQzMDFaFw0zMDA2MTcxMzQzMDFaMBAxDjAMBgNVBAMT
+BXBldGFsMIHfMA0GCSqGSIb3DQEBAQUAA4HNADCByQKBwQC1xQ/Kca6zszZbcCtd
+OTIH2Uy2gOy/DfabMUU7TmNPm0dVE0NJRuN+Rm304SonpwghfP2/ULZNnuDgpG03
+/32yI7k/VzG6iA4hiF7tT/KAAWC/+2l1QCsawCV2bSrFK0VhcZr7ALqXd8vkDaQ8
+67K029ypjOQtAJ85qdO3mERy7TGtdUcuO6hLeVet419YeQ2F8cfNxn63d7bOzNGL
+PW5xwaCd3UcgD+Ib0k4xfFvbinvPQUeUJ/i4YDWexFYSL+ECAwEAATANBgkqhkiG
+9w0BAQUFAAOBwQBBkX9KDP2RXbg+xPmdJ4P6CwvA5x1LZwC++ydVx4NlvT0pWicD
+ZUnXjcWAJlkeOuUBAqFG7WHTrXpUUAjmdqFVq2yFjteUYBdrFz0RDB2jM9feeKYO
+mTgxdZyT9a6humxCxt5VfgT02axLjm/2AqCyFPMbf4PASoJDln01AEuZLZ8Xl2gV
+bYHMnHTGoD1Hu6FNEzRgkMC6XT8X3YjHvzQhpc/qL5wEfEsinQGdX4twsuWbf8xd
+q7miNnkO8vd0maw=
+-----END CERTIFICATE-----