From bcff3198111e329e89cde7dac9d432b002477d80 Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Fri, 9 Jun 2000 06:03:47 +0000 Subject: [PATCH] Wildcard NS records are not conceptually allowed by RFC 103[45]. --- lib/dns/include/dns/result.h | 2 +- lib/dns/rbtdb.c | 6 ++++++ lib/dns/result.c | 2 +- 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/lib/dns/include/dns/result.h b/lib/dns/include/dns/result.h index 2ee379beb0..f2f71a809d 100644 --- a/lib/dns/include/dns/result.h +++ b/lib/dns/include/dns/result.h @@ -40,7 +40,7 @@ #define DNS_R_BITSTRINGTOOLONG (ISC_RESULTCLASS_DNS + 3) #define DNS_R_EMPTYLABEL (ISC_RESULTCLASS_DNS + 4) #define DNS_R_BADDOTTEDQUAD (ISC_RESULTCLASS_DNS + 5) -/* 6 is unused */ +#define DNS_R_INVALIDNS (ISC_RESULTCLASS_DNS + 6) #define DNS_R_UNKNOWN (ISC_RESULTCLASS_DNS + 7) #define DNS_R_BADLABELTYPE (ISC_RESULTCLASS_DNS + 8) #define DNS_R_BADPOINTER (ISC_RESULTCLASS_DNS + 9) diff --git a/lib/dns/rbtdb.c b/lib/dns/rbtdb.c index ce47de1992..a555374ee9 100644 --- a/lib/dns/rbtdb.c +++ b/lib/dns/rbtdb.c @@ -3585,6 +3585,12 @@ loading_addrdataset(void *arg, dns_name_t *name, dns_rdataset_t *rdataset) { */ if (dns_name_iswildcard(name)) { + /* + * NS record owners cannot legally be wild cards. + */ + if (rdataset->type == dns_rdatatype_ns) + return (DNS_R_INVALIDNS); + /* * In order for wildcard matching to work correctly in * zone_find(), we must ensure that a node for the wildcarding diff --git a/lib/dns/result.c b/lib/dns/result.c index eaddc2ff03..b98fa9fd85 100644 --- a/lib/dns/result.c +++ b/lib/dns/result.c @@ -30,7 +30,7 @@ static const char *text[DNS_R_NRESULTS] = { "bitstring too long", /* 3 */ "empty label", /* 4 */ "bad dotted quad", /* 5 */ - "UNUSED6", /* 6 */ + "invalid NS owner name (wildcard)", /* 6 */ "unknown class/type", /* 7 */ "bad label type", /* 8 */ "bad compression pointer", /* 9 */