mirror of
https://github.com/NLnetLabs/unbound.git
synced 2025-12-20 23:00:56 -05:00
Fixup parse problem reported by Hauke Lampe.
git-svn-id: file:///svn/unbound/trunk@1669 be551aaa-1e26-0410-a405-d3ace91eadb9
This commit is contained in:
Wouter Wijngaards
parent
d94c548dab
commit
efcb61fb22
3 changed files with 147 additions and 9 deletions
|
|
@ -1,3 +1,8 @@
|
|||
18 June 2009: Wouter
|
||||
- Fix of message parse bug where (specifically) an NSEC and RRSIG
|
||||
in the wrong order would be parsed, but put wrongly into internal
|
||||
structures so that later validation would fail.
|
||||
|
||||
17 June 2009: Wouter
|
||||
- CREDITS entry for cz.nic, sponsoring a 'summer of code' that was
|
||||
used for the python code in unbound. (http://www.nic.cz/vip/ in cz).
|
||||
|
|
|
|||
131
testdata/fwddlv_parse.rpl
vendored
Normal file
131
testdata/fwddlv_parse.rpl
vendored
Normal file
|
|
@ -0,0 +1,131 @@
|
|||
; config options
|
||||
; The island of trust is at example.com
|
||||
server:
|
||||
trust-anchor: "dlv.isc.org. 5072 IN DNSKEY 256 3 5 BEAAAAOlYGw53D+f01yCL5JsP0SB6EjYrnd0JYRBooAaGPT+Q0kpiN+7GviFh+nIazoB8e2Yv7mupgqkmIjObdcbGstYpUltdECdNpNmBvASKB9SBdtGeRvXXpORi3Qyxb9kHGG7SpzyYbc+KDVKnzYHB94pvqu3ZZpPFPBFtCibp/mkhw=="
|
||||
val-override-date: "20090617133009"
|
||||
target-fetch-policy: "0 0 0 0 0"
|
||||
|
||||
stub-zone:
|
||||
name: "."
|
||||
stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET.
|
||||
CONFIG_END
|
||||
|
||||
SCENARIO_BEGIN Test parse of packet when forwarding and dlv are in use
|
||||
|
||||
; K.ROOT-SERVERS.NET.
|
||||
RANGE_BEGIN 0 100
|
||||
ADDRESS 193.0.14.129
|
||||
ENTRY_BEGIN
|
||||
MATCH opcode qtype qname
|
||||
ADJUST copy_id
|
||||
REPLY QR NOERROR
|
||||
SECTION QUESTION
|
||||
. IN NS
|
||||
SECTION ANSWER
|
||||
. IN NS K.ROOT-SERVERS.NET.
|
||||
SECTION ADDITIONAL
|
||||
K.ROOT-SERVERS.NET. IN A 193.0.14.129
|
||||
ENTRY_END
|
||||
|
||||
ENTRY_BEGIN
|
||||
MATCH opcode subdomain
|
||||
ADJUST copy_id copy_query
|
||||
REPLY QR NOERROR
|
||||
SECTION QUESTION
|
||||
org. IN NS
|
||||
SECTION AUTHORITY
|
||||
org. IN NS a.gtld-servers.net.
|
||||
SECTION ADDITIONAL
|
||||
a.gtld-servers.net. IN A 192.5.6.30
|
||||
ENTRY_END
|
||||
RANGE_END
|
||||
|
||||
; a.gtld-servers.net. (for ORG)
|
||||
RANGE_BEGIN 0 100
|
||||
ADDRESS 192.5.6.30
|
||||
ENTRY_BEGIN
|
||||
MATCH opcode qtype qname
|
||||
ADJUST copy_id
|
||||
REPLY QR NOERROR
|
||||
SECTION QUESTION
|
||||
org. IN NS
|
||||
SECTION ANSWER
|
||||
org. IN NS a.gtld-servers.net.
|
||||
SECTION ADDITIONAL
|
||||
a.gtld-servers.net. IN A 192.5.6.30
|
||||
ENTRY_END
|
||||
|
||||
ENTRY_BEGIN
|
||||
MATCH opcode subdomain
|
||||
ADJUST copy_id copy_query
|
||||
REPLY QR NOERROR
|
||||
SECTION QUESTION
|
||||
dlv.isc.org. IN NS
|
||||
SECTION AUTHORITY
|
||||
dlv.isc.org. IN NS ns.org.
|
||||
SECTION ADDITIONAL
|
||||
ns.org. IN A 1.2.3.4
|
||||
ENTRY_END
|
||||
RANGE_END
|
||||
|
||||
; ns.org for dlv.isc.org
|
||||
RANGE_BEGIN 0 100
|
||||
ADDRESS 1.2.3.4
|
||||
; response to DNSKEY priming query
|
||||
ENTRY_BEGIN
|
||||
MATCH opcode qtype qname
|
||||
ADJUST copy_id
|
||||
REPLY QR NOERROR
|
||||
SECTION QUESTION
|
||||
dlv.isc.org. IN DNSKEY
|
||||
SECTION ANSWER
|
||||
dlv.isc.org. 5072 IN DNSKEY 256 3 5 BEAAAAOlYGw53D+f01yCL5JsP0SB6EjYrnd0JYRBooAaGPT+Q0kpiN+7GviFh+nIazoB8e2Yv7mupgqkmIjObdcbGstYpUltdECdNpNmBvASKB9SBdtGeRvXXpORi3Qyxb9kHGG7SpzyYbc+KDVKnzYHB94pvqu3ZZpPFPBFtCibp/mkhw== ;{id = 64263 (zsk), size = 1024b}
|
||||
dlv.isc.org. 5072 IN DNSKEY 257 3 5 BEAAAAPHMu/5onzrEE7z1egmhg/WPO0+juoZrW3euWEn4MxDCE1+lLy2brhQv5rN32RKtMzX6Mj70jdzeND4XknW58dnJNPCxn8+jAGl2FZLK8t+1uq4W+nnA3qO2+DL+k6BD4mewMLbIYFwe0PG73Te9fZ2kJb56dhgMde5ymX4BI/oQ+cAK50/xvJv00Frf8kw6ucMTwFlgPe+jnGxPPEmHAte/URkY62ZfkLoBAADLHQ9IrS2tryAe7mbBZVcOwIeU/Rw/mRx/vwwMCTgNboMQKtUdvNXDrYJDSHZws3xiRXF1Rf+al9UmZfSav/4NWLKjHzpT59k/VStTDN0YUuWrBNh ;{id = 19297 (ksk), size = 2048b}
|
||||
dlv.isc.org. 5072 IN RRSIG DNSKEY 5 3 7200 20090717133009 20090617133009 19297 dlv.isc.org. iqGOzsIQKFHcPLbJHLb/kNzcm7TlHiyT4kzTknCjKsC7DCB86YCOhnZZjvZQyA+D0N0KDgNWY8v5czbyX57qR6qORciT2zmPSTGj7CIOe4zrq60n8HzsChKgvk+RSYQrzf6vRfnZhce6Y1waXQd4wh1buPAUw/l46Ovt74ALXzcWSgfMNyx6PBz7rbusuePKeSv0GZL9+M2qhXKe9LJmnzD9uCwnbV/Y5yu+xLfxLdm9q4IKp6Rn50CeHYKf3tO2jI9dkWqFR94XHSTNGfhC02i5UsfP1HRPnk49bX7OMstuuCq9zMX+qTt602MVFYdTSHTy/5+Yw5DvOA9JgOqO4w== ;{id = 19297}
|
||||
dlv.isc.org. 5072 IN RRSIG DNSKEY 5 3 7200 20090717133009 20090617133009 64263 dlv.isc.org. W1KX1PagXsaWWmxkaOfnLetnw1hhSw7ym91S4rSu14QfFbYi5iN9ZkSuKa21M7Do52S9om/2hDllMF7EFfnv9l4e4/rMOc59vKGVojpHOvZyRVhIiMyh1H9NfLTYUovORRvKO0Cnp65gBXspVf1WhzoY3pC1NZ+5pscPWLeD1rw= ;{id = 64263}
|
||||
ENTRY_END
|
||||
|
||||
; response to query of interest
|
||||
ENTRY_BEGIN
|
||||
MATCH opcode qtype qname
|
||||
ADJUST copy_id
|
||||
REPLY QR NXDOMAIN
|
||||
SECTION QUESTION
|
||||
www.example.com.dlv.isc.org. IN DLV
|
||||
SECTION ANSWER
|
||||
SECTION AUTHORITY
|
||||
dlv.isc.org. 2776 IN SOA ns-int.isc.org. hostmaster.isc.org. 2009061702 7200 3600 2419200 3600
|
||||
dlv.isc.org. 2776 IN RRSIG SOA 5 3 3600 20090717133009 20090617133009 64263 dlv.isc.org. S5iTFqF8k9XWoGq4Wajo1GQF6Oc1e5lI1kGFWyaKf3oM2asbzCbVk2aZLtyDCGjYA4euZWXD0q2vol7/1cPB5Ds4SteCuo5Jkpa/mw7mPAcbNu8mYexq1RaodVCbWrW8KSxEyVd8X5mZx2OBaSyK8zns/W5I3ZPNNLf4Kz6Zpo0= ;{id = 64263}
|
||||
seatex.com.cn.dlv.isc.org. 2776 IN RRSIG NSEC 5 6 3600 20090717133009 20090617133009 64263 dlv.isc.org. Rxv7gVdu8rpWbJ3fJm7cY66IKV+C94I4/HYiDQke1m2P7hXo5bpDBBShKpIvME34ANN8Lb0cZQK9XT7NYpWjE5rjW7CaMiVjiR6U1LyDGQyK4X3wdkbv3aJcHLSg7sWsxyZXj5iVUxkU5JO3JBjo412oKQ3bh+RGi1BxTIIq09g= ;{id = 64263}
|
||||
seatex.com.cn.dlv.isc.org. 2776 IN NSEC absolight.com.dlv.isc.org. RRSIG NSEC DLV
|
||||
ericgermann.com.dlv.isc.org. 2776 IN RRSIG NSEC 5 5 3600 20090717133009 20090617133009 64263 dlv.isc.org. OEUizWAXsWFBzt4rN5+AUTaND8phZc4ezux06LA/Ua5N/B/LQQ1cb42eEqCQHwnGK8BsRhbsRiVywPNgnnPlL1Gy8n25gi+0qWOpA27fOwZJbO3n944gKvPDWZoDeCbdJr6AQG5Z9/Ka0ERRtHC6uI2Xn6KCQPjgTEihqhoayYg= ;{id = 64263}
|
||||
ericgermann.com.dlv.isc.org. 2776 IN NSEC fayengineering.com.dlv.isc.org. RRSIG NSEC DLV
|
||||
SECTION ADDITIONAL
|
||||
ENTRY_END
|
||||
RANGE_END
|
||||
|
||||
STEP 1 QUERY
|
||||
ENTRY_BEGIN
|
||||
REPLY RD DO
|
||||
SECTION QUESTION
|
||||
www.example.com.dlv.isc.org. IN DLV
|
||||
ENTRY_END
|
||||
|
||||
; recursion happens here.
|
||||
STEP 10 CHECK_ANSWER
|
||||
ENTRY_BEGIN
|
||||
MATCH all
|
||||
REPLY QR RD RA AD NXDOMAIN
|
||||
SECTION QUESTION
|
||||
www.example.com.dlv.isc.org. IN DLV
|
||||
SECTION ANSWER
|
||||
SECTION AUTHORITY
|
||||
dlv.isc.org. 2776 IN SOA ns-int.isc.org. hostmaster.isc.org. 2009061702 7200 3600 2419200 3600
|
||||
dlv.isc.org. 2776 IN RRSIG SOA 5 3 3600 20090717133009 20090617133009 64263 dlv.isc.org. S5iTFqF8k9XWoGq4Wajo1GQF6Oc1e5lI1kGFWyaKf3oM2asbzCbVk2aZLtyDCGjYA4euZWXD0q2vol7/1cPB5Ds4SteCuo5Jkpa/mw7mPAcbNu8mYexq1RaodVCbWrW8KSxEyVd8X5mZx2OBaSyK8zns/W5I3ZPNNLf4Kz6Zpo0= ;{id = 64263}
|
||||
seatex.com.cn.dlv.isc.org. 2776 IN NSEC absolight.com.dlv.isc.org. RRSIG NSEC DLV
|
||||
seatex.com.cn.dlv.isc.org. 2776 IN RRSIG NSEC 5 6 3600 20090717133009 20090617133009 64263 dlv.isc.org. Rxv7gVdu8rpWbJ3fJm7cY66IKV+C94I4/HYiDQke1m2P7hXo5bpDBBShKpIvME34ANN8Lb0cZQK9XT7NYpWjE5rjW7CaMiVjiR6U1LyDGQyK4X3wdkbv3aJcHLSg7sWsxyZXj5iVUxkU5JO3JBjo412oKQ3bh+RGi1BxTIIq09g= ;{id = 64263}
|
||||
ericgermann.com.dlv.isc.org. 2776 IN NSEC fayengineering.com.dlv.isc.org. RRSIG NSEC DLV
|
||||
ericgermann.com.dlv.isc.org. 2776 IN RRSIG NSEC 5 5 3600 20090717133009 20090617133009 64263 dlv.isc.org. OEUizWAXsWFBzt4rN5+AUTaND8phZc4ezux06LA/Ua5N/B/LQQ1cb42eEqCQHwnGK8BsRhbsRiVywPNgnnPlL1Gy8n25gi+0qWOpA27fOwZJbO3n944gKvPDWZoDeCbdJr6AQG5Z9/Ka0ERRtHC6uI2Xn6KCQPjgTEihqhoayYg= ;{id = 64263}
|
||||
ENTRY_END
|
||||
|
||||
SCENARIO_END
|
||||
|
|
@ -490,6 +490,8 @@ find_rrset(struct msg_parse* msg, ldns_buffer* pkt, uint8_t* dname,
|
|||
*rrset_prev = msgparse_hashtable_lookup(msg, pkt,
|
||||
*hash, *rrset_flags, dname, dnamelen, covtype,
|
||||
dclass);
|
||||
if(!*rrset_prev) /* untwiddle if not found */
|
||||
*rrset_flags ^= PACKED_RRSET_NSEC_AT_APEX;
|
||||
}
|
||||
if(*rrset_prev) {
|
||||
*prev_dname_first = (*rrset_prev)->dname;
|
||||
|
|
@ -504,9 +506,9 @@ find_rrset(struct msg_parse* msg, ldns_buffer* pkt, uint8_t* dname,
|
|||
int hasother = 0;
|
||||
/* find matching rrsig */
|
||||
*hash = pkt_hash_rrset_rest(dname_h, LDNS_RR_TYPE_RRSIG,
|
||||
dclass, *rrset_flags);
|
||||
dclass, 0);
|
||||
*rrset_prev = msgparse_hashtable_lookup(msg, pkt, *hash,
|
||||
*rrset_flags, dname, dnamelen, LDNS_RR_TYPE_RRSIG,
|
||||
0, dname, dnamelen, LDNS_RR_TYPE_RRSIG,
|
||||
dclass);
|
||||
if(*rrset_prev && rrset_has_sigover(pkt, *rrset_prev, type,
|
||||
&hasother)) {
|
||||
|
|
@ -814,17 +816,17 @@ parse_section(ldns_buffer* pkt, struct msg_parse* msg,
|
|||
ldns_buffer_read(pkt, &dclass, sizeof(dclass));
|
||||
|
||||
if(0) { /* debug show what is being parsed. */
|
||||
printf("parse of %s(%d)",
|
||||
fprintf(stderr, "parse of %s(%d)",
|
||||
ldns_rr_descript(type)?
|
||||
ldns_rr_descript(type)->_name: "??",
|
||||
(int)type);
|
||||
printf(" %s(%d) ",
|
||||
fprintf(stderr, " %s(%d) ",
|
||||
ldns_lookup_by_id(ldns_rr_classes,
|
||||
(int)ntohs(dclass))?ldns_lookup_by_id(
|
||||
ldns_rr_classes, (int)ntohs(dclass))->name:
|
||||
"??", (int)ntohs(dclass));
|
||||
dname_print(stdout, pkt, dname);
|
||||
printf("\n");
|
||||
dname_print(stderr, pkt, dname);
|
||||
fprintf(stderr, "\n");
|
||||
}
|
||||
|
||||
/* see if it is part of an existing RR set */
|
||||
|
|
@ -842,9 +844,9 @@ parse_section(ldns_buffer* pkt, struct msg_parse* msg,
|
|||
return LDNS_RCODE_SERVFAIL;
|
||||
}
|
||||
else if(0) {
|
||||
printf("is part of existing: ");
|
||||
dname_print(stdout, pkt, rrset->dname);
|
||||
printf(" type %s(%d)\n",
|
||||
fprintf(stderr, "is part of existing: ");
|
||||
dname_print(stderr, pkt, rrset->dname);
|
||||
fprintf(stderr, " type %s(%d)\n",
|
||||
ldns_rr_descript(rrset->type)?
|
||||
ldns_rr_descript(rrset->type)->_name: "??",
|
||||
(int)rrset->type);
|
||||
|
|
|
|||
Loading…
Reference in a new issue