mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-31 06:25:31 +00:00
Code Issues Releases Wiki Activity

[9.20] fix: test: Fix 'ans' servers so they respond with consistent answers to NS queries at QNAME.

Browse Source 
The ANS servers were not to written to handle NS queries at the QNAME, resulting in gratuitous protocol errors that will break tests when NS requests are made for the QNAME: i.e., NXDOMAIN for NS vs data for expected type,  CNAME not being returned for all query types.

Prerequisite for !9155 

Closes #5062

Backport of MR !9786

Merge branch 'backport-5062-fix-ans-servers-ns-at-qname-9.20' into 'bind-9.20'

See merge request isc-projects/bind9!10064
This commit is contained in:
Mark Andrews
2025-02-04 04:14:10 +00:00
parent 9a4df4caac 2a8bf4f6bb
commit 16b57388ab
5 changed files with 140 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
bin/tests/system/cookie/ans9/ans.py
View File

@@ -104,22 +104,35 @@ def create_response(msg, tcp, first, ns10):
r.answer.append(dns.rrset.from_text(qname, 1, IN, A, "10.53.0.10"))
dopass2 = True
elif rrtype == NS:
r.answer.append(dns.rrset.from_text(qname, 1, IN, NS, "."))
length = len(labels)
if length == 2:
r.answer.append(dns.rrset.from_text(qname, 1, IN, NS, "ns." + qname))
if ns10:
r.additional.append(
dns.rrset.from_text("ns." + qname, 1, IN, A, "10.53.0.10")
)
else:
r.additional.append(
dns.rrset.from_text("ns." + qname, 1, IN, A, "10.53.0.9")
)
else:
tld = ".".join(labels[length - 2 :])
r.authority.append(dns.rrset.from_text(tld, 2, IN, SOA, ". . 0 0 0 0 2"))
elif rrtype == SOA:
r.answer.append(dns.rrset.from_text(qname, 1, IN, SOA, ". . 0 0 0 0 0"))
r.answer.append(dns.rrset.from_text(qname, 2, IN, SOA, ". . 0 0 0 0 2"))
else:
r.authority.append(dns.rrset.from_text(qname, 1, IN, SOA, ". . 0 0 0 0 0"))
r.authority.append(dns.rrset.from_text(qname, 2, IN, SOA, ". . 0 0 0 0 2"))
# Add a server cookie to the response
if labels[0] != "nocookie":
if labels[0] != "nocookie" or rrtype != A:
for o in m.options:
if o.otype == 10: # Use 10 instead of COOKIE
if first and labels[0] == "withtsig" and not tcp:
if first and labels[0] == "withtsig" and not tcp and rrtype == A:
r.use_tsig(
keyring=keyring,
keyname=dns.name.from_text("fake"),
algorithm=HMAC_SHA256,
)
elif labels[0] != "tcponly" or tcp:
elif labels[0] != "tcponly" or tcp or rrtype != A:
cookie = o
try:
if len(o.server) == 0:

97
bin/tests/system/qmin/ans2/ans.py
View File

@@ -212,6 +212,19 @@ def create_response(msg):
"stale.", 2, IN, SOA, "ns2.stale. hostmaster.arpa. 1 2 3 4 5"
)
)
r.flags |= dns.flags.AA
elif lqname == "ns2.stale.":
if rrtype == A:
r.additional.append(
dns.rrset.from_text("ns.b.stale.", 2, IN, A, "10.53.0.2")
)
else:
r.authority.append(
dns.rrset.from_text(
"stale.", 2, IN, SOA, "ns2.stale. hostmaster.arpa. 1 2 3 4 5"
)
)
r.flags |= dns.flags.AA
else:
# NXDOMAIN
r.authority.append(
@@ -257,30 +270,72 @@ def create_response(msg):
elif lqname == "" and rrtype == NS:
r.answer.append(dns.rrset.from_text(suffix, 30, IN, NS, "ns2." + suffix))
r.flags |= dns.flags.AA
elif lqname == "ns2." and rrtype == A:
r.answer.append(dns.rrset.from_text("ns2." + suffix, 30, IN, A, "10.53.0.2"))
elif lqname == "ns2.":
r.flags |= dns.flags.AA
elif lqname == "ns2." and rrtype == AAAA:
r.answer.append(
dns.rrset.from_text("ns2." + suffix, 30, IN, AAAA, "fd92:7065:b8e:ffff::2")
)
if rrtype == A:
r.answer.append(
dns.rrset.from_text("ns2." + suffix, 30, IN, A, "10.53.0.2")
)
elif rrtype == AAAA:
r.answer.append(
dns.rrset.from_text(
"ns2." + suffix, 30, IN, AAAA, "fd92:7065:b8e:ffff::2"
)
)
else:
r.authority.append(
dns.rrset.from_text(
suffix,
30,
IN,
SOA,
"ns2." + suffix + " hostmaster.arpa. 2018050100 1 1 1 1",
)
)
elif lqname == "ns3.":
r.flags |= dns.flags.AA
elif lqname == "ns3." and rrtype == A:
r.answer.append(dns.rrset.from_text("ns3." + suffix, 30, IN, A, "10.53.0.3"))
r.flags |= dns.flags.AA
elif lqname == "ns3." and rrtype == AAAA:
r.answer.append(
dns.rrset.from_text("ns3." + suffix, 30, IN, AAAA, "fd92:7065:b8e:ffff::3")
)
r.flags |= dns.flags.AA
elif lqname == "ns4." and rrtype == A:
r.answer.append(dns.rrset.from_text("ns4." + suffix, 30, IN, A, "10.53.0.4"))
r.flags |= dns.flags.AA
elif lqname == "ns4." and rrtype == AAAA:
r.answer.append(
dns.rrset.from_text("ns4." + suffix, 30, IN, AAAA, "fd92:7065:b8e:ffff::4")
)
if rrtype == A:
r.answer.append(
dns.rrset.from_text("ns3." + suffix, 30, IN, A, "10.53.0.3")
)
elif lqname == "ns3." and rrtype == AAAA:
r.answer.append(
dns.rrset.from_text(
"ns3." + suffix, 30, IN, AAAA, "fd92:7065:b8e:ffff::3"
)
)
else:
r.authority.append(
dns.rrset.from_text(
suffix,
30,
IN,
SOA,
"ns2." + suffix + " hostmaster.arpa. 2018050100 1 1 1 1",
)
)
elif lqname == "ns4.":
r.flags |= dns.flags.AA
if rrtype == A:
r.answer.append(
dns.rrset.from_text("ns4." + suffix, 30, IN, A, "10.53.0.4")
)
elif rrtype == AAAA:
r.answer.append(
dns.rrset.from_text(
"ns4." + suffix, 30, IN, AAAA, "fd92:7065:b8e:ffff::4"
)
)
else:
r.authority.append(
dns.rrset.from_text(
suffix,
30,
IN,
SOA,
"ns2." + suffix + " hostmaster.arpa. 2018050100 1 1 1 1",
)
)
elif lqname == "a.bit.longer.ns.name." and rrtype == A:
r.answer.append(
dns.rrset.from_text("a.bit.longer.ns.name." + suffix, 1, IN, A, "10.53.0.4")

17
bin/tests/system/qmin/ans3/ans.py
View File

@@ -97,17 +97,16 @@ def create_response(msg):
ip6req = True
elif endswith(lqname, "a.b.stale."):
if lqname == "a.b.stale.":
r.flags |= dns.flags.AA
if rrtype == TXT:
# Direct query.
r.answer.append(dns.rrset.from_text(lqname, 1, IN, TXT, "peekaboo"))
r.flags |= dns.flags.AA
elif rrtype == NS:
# NS a.b.
r.answer.append(dns.rrset.from_text(lqname, 1, IN, NS, "ns.a.b.stale."))
r.additional.append(
dns.rrset.from_text("ns.a.b.stale.", 1, IN, A, "10.53.0.3")
)
r.flags |= dns.flags.AA
elif rrtype == SOA:
# SOA a.b.
r.answer.append(
@@ -115,7 +114,6 @@ def create_response(msg):
lqname, 1, IN, SOA, "a.b.stale. hostmaster.a.b.stale. 1 2 3 4 5"
)
)
r.flags |= dns.flags.AA
else:
# NODATA.
r.authority.append(
@@ -123,7 +121,20 @@ def create_response(msg):
lqname, 1, IN, SOA, "a.b.stale. hostmaster.a.b.stale. 1 2 3 4 5"
)
)
elif lqname == "ns.a.b.stale.":
r.flags |= dns.flags.AA
if rrtype == A:
r.answer.append(
dns.rrset.from_text("ns.a.b.stale.", 1, IN, A, "10.53.0.3")
)
else:
r.authority.append(
dns.rrset.from_text(
lqname, 1, IN, SOA, "a.b.stale. hostmaster.a.b.stale. 1 2 3 4 5"
)
)
else:
r.flags |= dns.flags.AA
r.authority.append(
dns.rrset.from_text(
lqname, 1, IN, SOA, "a.b.stale. hostmaster.a.b.stale. 1 2 3 4 5"

34
bin/tests/system/qmin/ans4/ans.py
View File

@@ -98,17 +98,16 @@ def create_response(msg):
ip6req = True
elif endswith(lqname, "b.stale."):
if lqname == "a.b.stale.":
r.flags |= dns.flags.AA
if rrtype == TXT:
# Direct query.
r.answer.append(dns.rrset.from_text(lqname, 1, IN, TXT, "hooray"))
r.flags |= dns.flags.AA
elif rrtype == NS:
# NS a.b.
r.answer.append(dns.rrset.from_text(lqname, 1, IN, NS, "ns.a.b.stale."))
r.additional.append(
dns.rrset.from_text("ns.a.b.stale.", 1, IN, A, "10.53.0.3")
)
r.flags |= dns.flags.AA
elif rrtype == SOA:
# SOA a.b.
r.answer.append(
@@ -116,7 +115,19 @@ def create_response(msg):
lqname, 1, IN, SOA, "a.b.stale. hostmaster.a.b.stale. 1 2 3 4 5"
)
)
r.flags |= dns.flags.AA
else:
# NODATA.
r.authority.append(
dns.rrset.from_text(
lqname, 1, IN, SOA, "a.b.stale. hostmaster.a.b.stale. 1 2 3 4 5"
)
)
elif lqname == "ns.a.b.stale.":
r.flags |= dns.flags.AA
if rrtype == A:
r.answer.append(
dns.rrset.from_text("ns.a.b.stale.", 1, IN, A, "10.53.0.3")
)
else:
# NODATA.
r.authority.append(
@@ -125,13 +136,13 @@ def create_response(msg):
)
)
elif lqname == "b.stale.":
r.flags |= dns.flags.AA
if rrtype == NS:
# NS b.
r.answer.append(dns.rrset.from_text(lqname, 1, IN, NS, "ns.b.stale."))
r.additional.append(
dns.rrset.from_text("ns.b.stale.", 1, IN, A, "10.53.0.4")
)
r.flags |= dns.flags.AA
elif rrtype == SOA:
# SOA b.
r.answer.append(
@@ -139,7 +150,20 @@ def create_response(msg):
lqname, 1, IN, SOA, "b.stale. hostmaster.b.stale. 1 2 3 4 5"
)
)
r.flags |= dns.flags.AA
else:
# NODATA.
r.authority.append(
dns.rrset.from_text(
lqname, 1, IN, SOA, "b.stale. hostmaster.b.stale. 1 2 3 4 5"
)
)
elif lqname == "ns.b.stale.":
r.flags |= dns.flags.AA
if rrtype == A:
# SOA a.b.
r.answer.append(
dns.rrset.from_text("ns.a.b.stale.", 1, IN, A, "10.53.0.4")
)
else:
# NODATA.
r.authority.append(

9
bin/tests/system/serve-stale/ans2/ans.pl
View File

@@ -185,13 +185,8 @@ sub reply_handler {
}
$rcode = "NOERROR";
} elsif ($qname eq "shortttl.cname.example") {
if ($qtype eq "A") {
my $rr = new Net::DNS::RR($SHORTCNAME);
push @ans, $rr;
} else {
my $rr = new Net::DNS::RR($negSOA);
push @auth, $rr;
}
my $rr = new Net::DNS::RR($SHORTCNAME);
push @ans, $rr;
$rcode = "NOERROR";
} elsif ($qname eq "longttl.target.example") {
if ($slow_response) {