mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-09-03 16:15:27 +00:00
Code Issues Releases Wiki Activity

return FORMERR when question section is empty if COOKIE is not present

Browse Source
This commit is contained in:
Mukund Sivaraman
2018-05-16 00:07:17 +05:30
committed by Evan Hunt
parent be26328849
commit 06d3106002
3 changed files with 27 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
bin/tests/system/cookie/tests.sh
View File

@@ -54,6 +54,24 @@ do
status=`expr $status + $ret` status=`expr $status + $ret`
done done
n=`expr $n + 1`
echo_i "checking RCODE=FORMERR to query without question section and without COOKIE option ($n)"
ret=0
$DIG $DIGOPTS +qr +header-only +nocookie version.bind txt ch @10.53.0.1 > dig.out.test$n
grep COOKIE: dig.out.test$n > /dev/null && ret=1
grep "status: FORMERR" dig.out.test$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo_i "checking RCODE=NOERROR to query without question section and with COOKIE option ($n)"
ret=0
$DIG $DIGOPTS +qr +header-only +cookie version.bind txt ch @10.53.0.1 > dig.out.test$n
grep COOKIE: dig.out.test$n > /dev/null || ret=1
grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1` n=`expr $n + 1`
echo_i "checking COOKIE token returned to empty COOKIE option ($n)" echo_i "checking COOKIE token returned to empty COOKIE option ($n)"
ret=0 ret=0

9
bin/tests/system/formerr/tests.sh
View File

@@ -14,7 +14,7 @@ SYSTEMTESTTOP=..
status=0 status=0
echo_i "test name to long" echo_i "test name too long"
$PERL formerr.pl -a 10.53.0.1 -p ${PORT} nametoolong > nametoolong.out $PERL formerr.pl -a 10.53.0.1 -p ${PORT} nametoolong > nametoolong.out
ans=`grep got: nametoolong.out` ans=`grep got: nametoolong.out`
if [ "${ans}" != "got: 000080010000000000000000" ]; if [ "${ans}" != "got: 000080010000000000000000" ];
@@ -30,11 +30,12 @@ then
echo_i "failed"; status=`expr $status + 1`; echo_i "failed"; status=`expr $status + 1`;
fi fi
# this one is now NOERROR # this would be NOERROR if it included a COOKIE option,
echo_i "no questions" # but is a FORMERR without one.
echo_i "empty question section (and no COOKIE option)"
$PERL formerr.pl -a 10.53.0.1 -p ${PORT} noquestions > noquestions.out $PERL formerr.pl -a 10.53.0.1 -p ${PORT} noquestions > noquestions.out
ans=`grep got: noquestions.out` ans=`grep got: noquestions.out`
if [ "${ans}" != "got: 000080000000000000000000" ]; if [ "${ans}" != "got: 000080010000000000000000" ];
then then
echo_i "failed"; status=`expr $status + 1`; echo_i "failed"; status=`expr $status + 1`;
fi fi

7
lib/ns/client.c
View File

@@ -2552,9 +2552,10 @@ ns__client_request(isc_task_t *task, isc_event_t *event) {
} }
if (client->message->rdclass == 0) { if (client->message->rdclass == 0) {
if ((client->attributes & NS_CLIENTATTR_WANTCOOKIE) != 0 || if ((client->attributes & NS_CLIENTATTR_WANTCOOKIE) != 0 &&
(client->message->opcode == dns_opcode_query && client->message->opcode == dns_opcode_query &&
client->message->counts[DNS_SECTION_QUESTION] == 0U)) { client->message->counts[DNS_SECTION_QUESTION] == 0U)
{
result = dns_message_reply(client->message, ISC_TRUE); result = dns_message_reply(client->message, ISC_TRUE);
if (result != ISC_R_SUCCESS) { if (result != ISC_R_SUCCESS) {
ns_client_error(client, result); ns_client_error(client, result);