diff --git a/doc/Changelog b/doc/Changelog index 73ed03dfc..f02d159d8 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -1,3 +1,7 @@ +21 June 2022: Philip + - Fix for loading locally stored zones that have lines with blanks or + blanks and comments. + 20 June 2022: George - Remove unused LDNS function check for GOST Engine unloading. diff --git a/sldns/parse.c b/sldns/parse.c index 491c8f51b..8ea084661 100644 --- a/sldns/parse.c +++ b/sldns/parse.c @@ -34,7 +34,7 @@ sldns_fget_token_l(FILE *f, char *token, const char *delim, size_t limit, int *l { int c, prev_c; int p; /* 0 -> no parentheses seen, >0 nr of ( seen */ - int com, quoted; + int com, quoted, only_blank; char *t; size_t i; const char *d; @@ -53,6 +53,7 @@ sldns_fget_token_l(FILE *f, char *token, const char *delim, size_t limit, int *l com = 0; quoted = 0; prev_c = 0; + only_blank = 1; /* Assume we got only until now */ t = token; if (del[0] == '"') { quoted = 1; @@ -101,6 +102,22 @@ sldns_fget_token_l(FILE *f, char *token, const char *delim, size_t limit, int *l if (line_nr) { *line_nr = *line_nr + 1; } + if (only_blank && i > 0) { + /* Got only so far. Reset and try + * again with the next line. + */ + i = 0; + t = token; + } + if (p == 0) { + /* If p != 0 then the next line is a continuation. So + * we assume that the next line starts with a blank only + * if it is actually a new line. + */ + only_blank = 1; /* Assume next line starts with + * . + */ + } if (p == 0 && i > 0) { goto tokenread; } else { @@ -131,12 +148,29 @@ sldns_fget_token_l(FILE *f, char *token, const char *delim, size_t limit, int *l /* check if we hit the delim */ for (d = del; *d; d++) { - if (c == *d && i > 0 && prev_c != '\\' && p == 0) { - if (c == '\n' && line_nr) { - *line_nr = *line_nr + 1; - } - goto tokenread; + if (c == *d) + break; + } + + if (c == *d && i > 0 && prev_c != '\\' && p == 0) { + if (c == '\n' && line_nr) { + *line_nr = *line_nr + 1; } + if (only_blank) { + /* Got only so far. Reset and + * try again with the next line. + */ + i = 0; + t = token; + only_blank = 1; + prev_c = c; + continue; + } + goto tokenread; + } + if (c != ' ' && c != '\t') { + /* Found something that is not */ + only_blank= 0; } if (c != '\0' && c != '\n') { i++; @@ -149,8 +183,13 @@ sldns_fget_token_l(FILE *f, char *token, const char *delim, size_t limit, int *l if (c != '\0' && c != '\n') { *t++ = c; } - if (c == '\n' && line_nr) { - *line_nr = *line_nr + 1; + if (c == '\n') { + if (line_nr) { + *line_nr = *line_nr + 1; + } + only_blank = 1; /* Assume next line starts with + * . + */ } if (c == '\\' && prev_c == '\\') prev_c = 0; diff --git a/testdata/blanks_cached_zone.tdir/blanks.example.com.zone b/testdata/blanks_cached_zone.tdir/blanks.example.com.zone new file mode 100644 index 000000000..f5eba1fbb --- /dev/null +++ b/testdata/blanks_cached_zone.tdir/blanks.example.com.zone @@ -0,0 +1,23 @@ +; Test if the zone parser accepts various blank lines +@ IN SOA ns1.example.com dnsmaster.example.com. ( + 1 ; Serial + 7200 ; Refresh 2 hours + 3600 ; Retry 1 hour + 2419200 ; expire - 4 weeks + 3600 ; Minimum 1 hour +) + 7200 IN NS ns1 +ns1 IN A 192.0.2.1 + IN AAAA 2001:dbb::1 +; completely blank line + +; line with one space + +; line with one tab + +; line with spaces followed by comment + ; test comment +; line with tabs followed by comment + ; test comment +; Final line with spaces, tabs and comment + ; test comment diff --git a/testdata/blanks_cached_zone.tdir/blanks_cached_zone.conf b/testdata/blanks_cached_zone.tdir/blanks_cached_zone.conf new file mode 100644 index 000000000..b0eb4aa9a --- /dev/null +++ b/testdata/blanks_cached_zone.tdir/blanks_cached_zone.conf @@ -0,0 +1,20 @@ +server: + verbosity: 7 + # num-threads: 1 + interface: 127.0.0.1 + port: @PORT@ + use-syslog: no + directory: "" + pidfile: "unbound.pid" + chroot: "" + username: "" + do-not-query-localhost: no + use-caps-for-id: yes + module-config: "respip validator iterator" + +auth-zone: + name: blanks.example.com + zonefile: "blanks.example.com.zone" + url: "https://127.0.0.1:@TOPORT@/blanks.example.com.zone" + for-upstream: yes + for-downstream: yes diff --git a/testdata/blanks_cached_zone.tdir/blanks_cached_zone.dsc b/testdata/blanks_cached_zone.tdir/blanks_cached_zone.dsc new file mode 100644 index 000000000..1686aa4f3 --- /dev/null +++ b/testdata/blanks_cached_zone.tdir/blanks_cached_zone.dsc @@ -0,0 +1,16 @@ +BaseName: blanks_cached_zone +Version: 1.0 +Description: Check if a cached zone with blank line can be loaded +CreationDate: Wed 08 Jun 2022 11:16:25 AM CEST +Maintainer: Philip Homburg +Category: +Component: +CmdDepends: +Depends: +Help: +Pre: blanks_cached_zone.pre +Post: blanks_cached_zone.post +Test: blanks_cached_zone.test +AuxFiles: +Passed: +Failure: diff --git a/testdata/blanks_cached_zone.tdir/blanks_cached_zone.post b/testdata/blanks_cached_zone.tdir/blanks_cached_zone.post new file mode 100644 index 000000000..c79a88747 --- /dev/null +++ b/testdata/blanks_cached_zone.tdir/blanks_cached_zone.post @@ -0,0 +1,10 @@ +# #-- blanks_cached_zone.post --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# source the test var file when it's there +[ -f .tpkg.var.test ] && source .tpkg.var.test +# +# do your teardown here +PRE="../.." +. ../common.sh +kill_pid $UNBOUND_PID diff --git a/testdata/blanks_cached_zone.tdir/blanks_cached_zone.pre b/testdata/blanks_cached_zone.tdir/blanks_cached_zone.pre new file mode 100644 index 000000000..f347a66cc --- /dev/null +++ b/testdata/blanks_cached_zone.tdir/blanks_cached_zone.pre @@ -0,0 +1,23 @@ +# #-- blanks_cached_zone.pre--# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +PRE="../.." +. ../common.sh +get_random_port 2 +UNBOUND_PORT=$RND_PORT +UNUSED_PORT=$(($RND_PORT + 1)) +echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test + +# make config file +sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$UNUSED_PORT'/' < blanks_cached_zone.conf > ub.conf +# start unbound in the background +$PRE/unbound -d -c ub.conf >unbound.log 2>&1 & +UNBOUND_PID=$! +echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test + +cat .tpkg.var.test +wait_unbound_up unbound.log + diff --git a/testdata/blanks_cached_zone.tdir/blanks_cached_zone.test b/testdata/blanks_cached_zone.tdir/blanks_cached_zone.test new file mode 100644 index 000000000..c405950c3 --- /dev/null +++ b/testdata/blanks_cached_zone.tdir/blanks_cached_zone.test @@ -0,0 +1,51 @@ +# #-- blanks_cached_zone.test --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +PRE="../.." +# do the test +TARGET=ns1.blanks.example.com. +echo "> dig $TARGET" +dig @localhost -p $UNBOUND_PORT $TARGET | tee outfile +if grep SERVFAIL outfile; then + echo "> try again" + dig @localhost -p $UNBOUND_PORT $TARGET | tee outfile +fi +if grep SERVFAIL outfile; then + echo "> try again" + sleep 1 + dig @localhost -p $UNBOUND_PORT $TARGET | tee outfile +fi +if grep SERVFAIL outfile; then + echo "> try again" + sleep 1 + dig @localhost -p $UNBOUND_PORT $TARGET | tee outfile +fi +if grep SERVFAIL outfile; then + echo "> try again" + sleep 1 + dig @localhost -p $UNBOUND_PORT $TARGET | tee outfile +fi +if grep SERVFAIL outfile; then + echo "> try again" + sleep 10 + dig @localhost -p $UNBOUND_PORT $TARGET | tee outfile +fi +if grep SERVFAIL outfile; then + echo "> try again" + sleep 10 + dig @localhost -p $UNBOUND_PORT $TARGET | tee outfile +fi +echo "> cat logfiles" +cat unbound.log +echo "> check answer" +if grep "192.0.2.1" outfile; then + echo "OK" +else + echo "Not OK" + exit 1 +fi + +exit 0 diff --git a/testdata/blanks_https.tdir/127.0.0.1/blanks.example.com.zone b/testdata/blanks_https.tdir/127.0.0.1/blanks.example.com.zone new file mode 100644 index 000000000..f5eba1fbb --- /dev/null +++ b/testdata/blanks_https.tdir/127.0.0.1/blanks.example.com.zone @@ -0,0 +1,23 @@ +; Test if the zone parser accepts various blank lines +@ IN SOA ns1.example.com dnsmaster.example.com. ( + 1 ; Serial + 7200 ; Refresh 2 hours + 3600 ; Retry 1 hour + 2419200 ; expire - 4 weeks + 3600 ; Minimum 1 hour +) + 7200 IN NS ns1 +ns1 IN A 192.0.2.1 + IN AAAA 2001:dbb::1 +; completely blank line + +; line with one space + +; line with one tab + +; line with spaces followed by comment + ; test comment +; line with tabs followed by comment + ; test comment +; Final line with spaces, tabs and comment + ; test comment diff --git a/testdata/blanks_https.tdir/blanks_https.conf b/testdata/blanks_https.tdir/blanks_https.conf new file mode 100644 index 000000000..836353356 --- /dev/null +++ b/testdata/blanks_https.tdir/blanks_https.conf @@ -0,0 +1,18 @@ +server: + verbosity: 7 + # num-threads: 1 + interface: 127.0.0.1 + port: @PORT@ + use-syslog: no + directory: "" + pidfile: "unbound.pid" + chroot: "" + username: "" + do-not-query-localhost: no + use-caps-for-id: yes +auth-zone: + name: "blanks.example.com" + for-upstream: yes + for-downstream: yes + url: "https://127.0.0.1:@TOPORT@/blanks.example.com.zone" + diff --git a/testdata/blanks_https.tdir/blanks_https.dsc b/testdata/blanks_https.tdir/blanks_https.dsc new file mode 100644 index 000000000..eb3d4d6d8 --- /dev/null +++ b/testdata/blanks_https.tdir/blanks_https.dsc @@ -0,0 +1,16 @@ +BaseName: blanks_https +Version: 1.0 +Description: Fetch a zone with blank lines over https +CreationDate: Tue 14 Jun 2022 04:43:21 PM CEST +Maintainer: Philip Homburg +Category: +Component: +CmdDepends: +Depends: +Help: +Pre: blanks_https.pre +Post: blanks_https.post +Test: blanks_https.test +AuxFiles: +Passed: +Failure: diff --git a/testdata/blanks_https.tdir/blanks_https.post b/testdata/blanks_https.tdir/blanks_https.post new file mode 100644 index 000000000..631150c02 --- /dev/null +++ b/testdata/blanks_https.tdir/blanks_https.post @@ -0,0 +1,11 @@ +# #-- blanks_https.post --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# source the test var file when it's there +[ -f .tpkg.var.test ] && source .tpkg.var.test +# +# do your teardown here +PRE="../.." +. ../common.sh +kill_pid $UNBOUND_PID +kill_pid $PETAL_PID diff --git a/testdata/blanks_https.tdir/blanks_https.pre b/testdata/blanks_https.tdir/blanks_https.pre new file mode 100644 index 000000000..956ac0520 --- /dev/null +++ b/testdata/blanks_https.tdir/blanks_https.pre @@ -0,0 +1,34 @@ +# #-- blanks_https.pre--# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +PRE="../.." +. ../common.sh +get_random_port 2 +UNBOUND_PORT=$RND_PORT +PETAL_PORT=$(($RND_PORT + 1)) +echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test +echo "PETAL_PORT=$PETAL_PORT" >> .tpkg.var.test + +get_make +(cd $PRE; $MAKE petal) + +# start https daemon +$PRE/petal -v -a "127.0.0.1" -p $PETAL_PORT >petal.log 2>&1 & +PETAL_PID=$! +echo "PETAL_PID=$PETAL_PID" >> .tpkg.var.test +cat .tpkg.var.test +wait_petal_up petal.log + +# make config file +sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$PETAL_PORT'/' < blanks_https.conf > ub.conf +# start unbound in the background +$PRE/unbound -d -c ub.conf >unbound.log 2>&1 & +UNBOUND_PID=$! +echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test + +cat .tpkg.var.test +wait_unbound_up unbound.log + diff --git a/testdata/blanks_https.tdir/blanks_https.test b/testdata/blanks_https.tdir/blanks_https.test new file mode 100644 index 000000000..2c4c5dc7a --- /dev/null +++ b/testdata/blanks_https.tdir/blanks_https.test @@ -0,0 +1,52 @@ +# #-- blanks_https.test --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +PRE="../.." +# do the test +TARGET=ns1.blanks.example.com. +echo "> dig $TARGET" +dig @localhost -p $UNBOUND_PORT $TARGET | tee outfile +if grep SERVFAIL outfile; then + echo "> try again" + dig @localhost -p $UNBOUND_PORT $TARGET | tee outfile +fi +if grep SERVFAIL outfile; then + echo "> try again" + sleep 1 + dig @localhost -p $UNBOUND_PORT $TARGET | tee outfile +fi +if grep SERVFAIL outfile; then + echo "> try again" + sleep 1 + dig @localhost -p $UNBOUND_PORT $TARGET | tee outfile +fi +if grep SERVFAIL outfile; then + echo "> try again" + sleep 1 + dig @localhost -p $UNBOUND_PORT $TARGET | tee outfile +fi +if grep SERVFAIL outfile; then + echo "> try again" + sleep 10 + dig @localhost -p $UNBOUND_PORT $TARGET | tee outfile +fi +if grep SERVFAIL outfile; then + echo "> try again" + sleep 10 + dig @localhost -p $UNBOUND_PORT $TARGET | tee outfile +fi +echo "> cat logfiles" +cat petal.log +cat unbound.log +echo "> check answer" +if grep "192.0.2.1" outfile; then + echo "OK" +else + echo "Not OK" + exit 1 +fi + +exit 0 diff --git a/testdata/blanks_https.tdir/petal.key b/testdata/blanks_https.tdir/petal.key new file mode 100644 index 000000000..6614e498f --- /dev/null +++ b/testdata/blanks_https.tdir/petal.key @@ -0,0 +1,21 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIDfQIBAAKBwQC1xQ/Kca6zszZbcCtdOTIH2Uy2gOy/DfabMUU7TmNPm0dVE0NJ +RuN+Rm304SonpwghfP2/ULZNnuDgpG03/32yI7k/VzG6iA4hiF7tT/KAAWC/+2l1 +QCsawCV2bSrFK0VhcZr7ALqXd8vkDaQ867K029ypjOQtAJ85qdO3mERy7TGtdUcu +O6hLeVet419YeQ2F8cfNxn63d7bOzNGLPW5xwaCd3UcgD+Ib0k4xfFvbinvPQUeU +J/i4YDWexFYSL+ECAwEAAQKBwCLXXQl+9O+5AEhSnd1Go1Jh0pSA7eBJOuXQcebG +Rb7ykp+6C4G2NtDziwwPRNdI6wQQQ0sym18RfyVQHydGr78/nbiIbB3HCn5e92Mh +mefzW6ow9Kvm2txLzGKA1lvoyRbNm81jnG/eygi3u7Nqd5PNv+4dHj2RkTlmxOeh +qnDMVP5md8uZPv6lYNnrnIzvLCR5vnPNdVwn89AqzI85IcDZdy0R9ZX4NBbsDgAU +6ig6uXuRXvSGiyJ/OUXSrnogaQJhAOjvkHUhVZQkPOxO90TNH4j0GdKKtbSWxIdz +lKfuJeBAEqs0TL+C6vbS81Xw3W1alyDdUBk3rJMOBqW6Ryq5HNL+j5H+Jfsh7fvc +Yle+5wHGci0P9zCFZCrY8It7n9XFIwJhAMfEi6oJa2G8waPJ1bQhxka82Tf9pnKM +XCn/1BBOFjVIx5F842cpA+zp5a62GENTGYPQTTRBB/2/ZwnW5aIkrlg54AtmbqBZ +Oh+2kJdJQD/tfoVmc5soUE2ScTHadK5RKwJhAN4w9kjkXS+MSZjX0kIMsBIBVkhh +C+aREjJqa9ir7/Ey7RvmLXdYuCxtGLRXp7/R8+rjcK49Tx6O+IRJZe042mfhbq3C +EhS1Tr86f4xXix9EXlDhs9bSxrOgcAN9Dv/opQJhAK7eBcPaav0rVfYh/8emqQHS +3fJ9Pu6WnzbEksWTFS2ff9KDGCx9YspIFJ5TF/oXDAaumGZdZrlgirm6O1kr8tGY +F97i04PZl1+bWAaWQH+1TUNI43m2WFUPE7coG2tb8QJgcddDg9VlXliZqgcETZfJ +kJmYETxrcSn3ao6v116N8yxhEgUgjkmsCTiFgx36iDVnXwK6PIt+sIu8MC7eYNa3 +berrv/M21K0LRn20IWRxvUobG070weHCAgkko7fTWgr2 +-----END RSA PRIVATE KEY----- diff --git a/testdata/blanks_https.tdir/petal.pem b/testdata/blanks_https.tdir/petal.pem new file mode 100644 index 000000000..19c8b895b --- /dev/null +++ b/testdata/blanks_https.tdir/petal.pem @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICFzCCAUACCQDO660L5y5LGDANBgkqhkiG9w0BAQUFADAQMQ4wDAYDVQQDEwVw +ZXRhbDAeFw0xMDA5MzAxMzQzMDFaFw0zMDA2MTcxMzQzMDFaMBAxDjAMBgNVBAMT +BXBldGFsMIHfMA0GCSqGSIb3DQEBAQUAA4HNADCByQKBwQC1xQ/Kca6zszZbcCtd +OTIH2Uy2gOy/DfabMUU7TmNPm0dVE0NJRuN+Rm304SonpwghfP2/ULZNnuDgpG03 +/32yI7k/VzG6iA4hiF7tT/KAAWC/+2l1QCsawCV2bSrFK0VhcZr7ALqXd8vkDaQ8 +67K029ypjOQtAJ85qdO3mERy7TGtdUcuO6hLeVet419YeQ2F8cfNxn63d7bOzNGL +PW5xwaCd3UcgD+Ib0k4xfFvbinvPQUeUJ/i4YDWexFYSL+ECAwEAATANBgkqhkiG +9w0BAQUFAAOBwQBBkX9KDP2RXbg+xPmdJ4P6CwvA5x1LZwC++ydVx4NlvT0pWicD +ZUnXjcWAJlkeOuUBAqFG7WHTrXpUUAjmdqFVq2yFjteUYBdrFz0RDB2jM9feeKYO +mTgxdZyT9a6humxCxt5VfgT02axLjm/2AqCyFPMbf4PASoJDln01AEuZLZ8Xl2gV +bYHMnHTGoD1Hu6FNEzRgkMC6XT8X3YjHvzQhpc/qL5wEfEsinQGdX4twsuWbf8xd +q7miNnkO8vd0maw= +-----END CERTIFICATE-----