mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-30 22:15:20 +00:00
Code Issues Releases Wiki Activity

Fix gratuitious DNS protocol errors in the ANS servers

Browse Source 
The ANS servers were not to written to handle NS queries at the
QNAME resulting in gratuitious protocol errors that will break tests
when NS requests are made for the QNAME.

(cherry picked from commit 0680eb6f64)
This commit is contained in:
Mark Andrews
2024-07-18 13:35:41 +10:00
parent 9a4df4caac
commit 2a8bf4f6bb
5 changed files with 140 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
bin/tests/system/cookie/ans9/ans.py
View File

@@ -104,22 +104,35 @@ def create_response(msg, tcp, first, ns10):
r.answer.append(dns.rrset.from_text(qname, 1, IN, A, "10.53.0.10"))
dopass2 = True
elif rrtype == NS:
r.answer.append(dns.rrset.from_text(qname, 1, IN, NS, "."))
length = len(labels)
if length == 2:
r.answer.append(dns.rrset.from_text(qname, 1, IN, NS, "ns." + qname))
if ns10:
r.additional.append(
dns.rrset.from_text("ns." + qname, 1, IN, A, "10.53.0.10")
)
else:
r.additional.append(
dns.rrset.from_text("ns." + qname, 1, IN, A, "10.53.0.9")
)
else:
tld = ".".join(labels[length - 2 :])
r.authority.append(dns.rrset.from_text(tld, 2, IN, SOA, ". . 0 0 0 0 2"))
elif rrtype == SOA:
r.answer.append(dns.rrset.from_text(qname, 1, IN, SOA, ". . 0 0 0 0 0"))
r.answer.append(dns.rrset.from_text(qname, 2, IN, SOA, ". . 0 0 0 0 2"))
else:
r.authority.append(dns.rrset.from_text(qname, 1, IN, SOA, ". . 0 0 0 0 0"))
r.authority.append(dns.rrset.from_text(qname, 2, IN, SOA, ". . 0 0 0 0 2"))
# Add a server cookie to the response
if labels[0] != "nocookie":
if labels[0] != "nocookie" or rrtype != A:
for o in m.options:
if o.otype == 10: # Use 10 instead of COOKIE
if first and labels[0] == "withtsig" and not tcp:
if first and labels[0] == "withtsig" and not tcp and rrtype == A:
r.use_tsig(
keyring=keyring,
keyname=dns.name.from_text("fake"),
algorithm=HMAC_SHA256,
)
elif labels[0] != "tcponly" or tcp:
elif labels[0] != "tcponly" or tcp or rrtype != A:
cookie = o
try:
if len(o.server) == 0:

97
bin/tests/system/qmin/ans2/ans.py
View File

@@ -212,6 +212,19 @@ def create_response(msg):
"stale.", 2, IN, SOA, "ns2.stale. hostmaster.arpa. 1 2 3 4 5"
)
)
r.flags |= dns.flags.AA
elif lqname == "ns2.stale.":
if rrtype == A:
r.additional.append(
dns.rrset.from_text("ns.b.stale.", 2, IN, A, "10.53.0.2")
)
else:
r.authority.append(
dns.rrset.from_text(
"stale.", 2, IN, SOA, "ns2.stale. hostmaster.arpa. 1 2 3 4 5"
)
)
r.flags |= dns.flags.AA
else:
# NXDOMAIN
r.authority.append(
@@ -257,30 +270,72 @@ def create_response(msg):
elif lqname == "" and rrtype == NS:
r.answer.append(dns.rrset.from_text(suffix, 30, IN, NS, "ns2." + suffix))
r.flags |= dns.flags.AA
elif lqname == "ns2." and rrtype == A:
r.answer.append(dns.rrset.from_text("ns2." + suffix, 30, IN, A, "10.53.0.2"))
elif lqname == "ns2.":
r.flags |= dns.flags.AA
elif lqname == "ns2." and rrtype == AAAA:
r.answer.append(
dns.rrset.from_text("ns2." + suffix, 30, IN, AAAA, "fd92:7065:b8e:ffff::2")
)
if rrtype == A:
r.answer.append(
dns.rrset.from_text("ns2." + suffix, 30, IN, A, "10.53.0.2")
)
elif rrtype == AAAA:
r.answer.append(
dns.rrset.from_text(
"ns2." + suffix, 30, IN, AAAA, "fd92:7065:b8e:ffff::2"
)
)
else:
r.authority.append(
dns.rrset.from_text(
suffix,
30,
IN,
SOA,
"ns2." + suffix + " hostmaster.arpa. 2018050100 1 1 1 1",
)
)
elif lqname == "ns3.":
r.flags |= dns.flags.AA
elif lqname == "ns3." and rrtype == A:
r.answer.append(dns.rrset.from_text("ns3." + suffix, 30, IN, A, "10.53.0.3"))
r.flags |= dns.flags.AA
elif lqname == "ns3." and rrtype == AAAA:
r.answer.append(
dns.rrset.from_text("ns3." + suffix, 30, IN, AAAA, "fd92:7065:b8e:ffff::3")
)
r.flags |= dns.flags.AA
elif lqname == "ns4." and rrtype == A:
r.answer.append(dns.rrset.from_text("ns4." + suffix, 30, IN, A, "10.53.0.4"))
r.flags |= dns.flags.AA
elif lqname == "ns4." and rrtype == AAAA:
r.answer.append(
dns.rrset.from_text("ns4." + suffix, 30, IN, AAAA, "fd92:7065:b8e:ffff::4")
)
if rrtype == A:
r.answer.append(
dns.rrset.from_text("ns3." + suffix, 30, IN, A, "10.53.0.3")
)
elif lqname == "ns3." and rrtype == AAAA:
r.answer.append(
dns.rrset.from_text(
"ns3." + suffix, 30, IN, AAAA, "fd92:7065:b8e:ffff::3"
)
)
else:
r.authority.append(
dns.rrset.from_text(
suffix,
30,
IN,
SOA,
"ns2." + suffix + " hostmaster.arpa. 2018050100 1 1 1 1",
)
)
elif lqname == "ns4.":
r.flags |= dns.flags.AA
if rrtype == A:
r.answer.append(
dns.rrset.from_text("ns4." + suffix, 30, IN, A, "10.53.0.4")
)
elif rrtype == AAAA:
r.answer.append(
dns.rrset.from_text(
"ns4." + suffix, 30, IN, AAAA, "fd92:7065:b8e:ffff::4"
)
)
else:
r.authority.append(
dns.rrset.from_text(
suffix,
30,
IN,
SOA,
"ns2." + suffix + " hostmaster.arpa. 2018050100 1 1 1 1",
)
)
elif lqname == "a.bit.longer.ns.name." and rrtype == A:
r.answer.append(
dns.rrset.from_text("a.bit.longer.ns.name." + suffix, 1, IN, A, "10.53.0.4")

17
bin/tests/system/qmin/ans3/ans.py
View File

@@ -97,17 +97,16 @@ def create_response(msg):
ip6req = True
elif endswith(lqname, "a.b.stale."):
if lqname == "a.b.stale.":
r.flags |= dns.flags.AA
if rrtype == TXT:
# Direct query.
r.answer.append(dns.rrset.from_text(lqname, 1, IN, TXT, "peekaboo"))
r.flags |= dns.flags.AA
elif rrtype == NS:
# NS a.b.
r.answer.append(dns.rrset.from_text(lqname, 1, IN, NS, "ns.a.b.stale."))
r.additional.append(
dns.rrset.from_text("ns.a.b.stale.", 1, IN, A, "10.53.0.3")
)
r.flags |= dns.flags.AA
elif rrtype == SOA:
# SOA a.b.
r.answer.append(
@@ -115,7 +114,6 @@ def create_response(msg):
lqname, 1, IN, SOA, "a.b.stale. hostmaster.a.b.stale. 1 2 3 4 5"
)
)
r.flags |= dns.flags.AA
else:
# NODATA.
r.authority.append(
@@ -123,7 +121,20 @@ def create_response(msg):
lqname, 1, IN, SOA, "a.b.stale. hostmaster.a.b.stale. 1 2 3 4 5"
)
)
elif lqname == "ns.a.b.stale.":
r.flags |= dns.flags.AA
if rrtype == A:
r.answer.append(
dns.rrset.from_text("ns.a.b.stale.", 1, IN, A, "10.53.0.3")
)
else:
r.authority.append(
dns.rrset.from_text(
lqname, 1, IN, SOA, "a.b.stale. hostmaster.a.b.stale. 1 2 3 4 5"
)
)
else:
r.flags |= dns.flags.AA
r.authority.append(
dns.rrset.from_text(
lqname, 1, IN, SOA, "a.b.stale. hostmaster.a.b.stale. 1 2 3 4 5"

34
bin/tests/system/qmin/ans4/ans.py
View File

@@ -98,17 +98,16 @@ def create_response(msg):
ip6req = True
elif endswith(lqname, "b.stale."):
if lqname == "a.b.stale.":
r.flags |= dns.flags.AA
if rrtype == TXT:
# Direct query.
r.answer.append(dns.rrset.from_text(lqname, 1, IN, TXT, "hooray"))
r.flags |= dns.flags.AA
elif rrtype == NS:
# NS a.b.
r.answer.append(dns.rrset.from_text(lqname, 1, IN, NS, "ns.a.b.stale."))
r.additional.append(
dns.rrset.from_text("ns.a.b.stale.", 1, IN, A, "10.53.0.3")
)
r.flags |= dns.flags.AA
elif rrtype == SOA:
# SOA a.b.
r.answer.append(
@@ -116,7 +115,19 @@ def create_response(msg):
lqname, 1, IN, SOA, "a.b.stale. hostmaster.a.b.stale. 1 2 3 4 5"
)
)
r.flags |= dns.flags.AA
else:
# NODATA.
r.authority.append(
dns.rrset.from_text(
lqname, 1, IN, SOA, "a.b.stale. hostmaster.a.b.stale. 1 2 3 4 5"
)
)
elif lqname == "ns.a.b.stale.":
r.flags |= dns.flags.AA
if rrtype == A:
r.answer.append(
dns.rrset.from_text("ns.a.b.stale.", 1, IN, A, "10.53.0.3")
)
else:
# NODATA.
r.authority.append(
@@ -125,13 +136,13 @@ def create_response(msg):
)
)
elif lqname == "b.stale.":
r.flags |= dns.flags.AA
if rrtype == NS:
# NS b.
r.answer.append(dns.rrset.from_text(lqname, 1, IN, NS, "ns.b.stale."))
r.additional.append(
dns.rrset.from_text("ns.b.stale.", 1, IN, A, "10.53.0.4")
)
r.flags |= dns.flags.AA
elif rrtype == SOA:
# SOA b.
r.answer.append(
@@ -139,7 +150,20 @@ def create_response(msg):
lqname, 1, IN, SOA, "b.stale. hostmaster.b.stale. 1 2 3 4 5"
)
)
r.flags |= dns.flags.AA
else:
# NODATA.
r.authority.append(
dns.rrset.from_text(
lqname, 1, IN, SOA, "b.stale. hostmaster.b.stale. 1 2 3 4 5"
)
)
elif lqname == "ns.b.stale.":
r.flags |= dns.flags.AA
if rrtype == A:
# SOA a.b.
r.answer.append(
dns.rrset.from_text("ns.a.b.stale.", 1, IN, A, "10.53.0.4")
)
else:
# NODATA.
r.authority.append(

9
bin/tests/system/serve-stale/ans2/ans.pl
View File

@@ -185,13 +185,8 @@ sub reply_handler {
}
$rcode = "NOERROR";
} elsif ($qname eq "shortttl.cname.example") {
if ($qtype eq "A") {
my $rr = new Net::DNS::RR($SHORTCNAME);
push @ans, $rr;
} else {
my $rr = new Net::DNS::RR($negSOA);
push @auth, $rr;
}
my $rr = new Net::DNS::RR($SHORTCNAME);
push @ans, $rr;
$rcode = "NOERROR";
} elsif ($qname eq "longttl.target.example") {
if ($slow_response) {