mirror of
https://gitlab.isc.org/isc-projects/bind9
synced 2025-09-04 08:35:31 +00:00
4281. [bug] Teach dns_message_totext about BADCOOKIE. [RT #41257]
This commit is contained in:
Mark Andrews
2
CHANGES
2
CHANGES
@@ -1,3 +1,5 @@
|
|||||||
|
4281. [bug] Teach dns_message_totext about BADCOOKIE. [RT #41257]
|
||||||
|
|
||||||
4280. [performance] Use optimal message sizes to improve compression
|
4280. [performance] Use optimal message sizes to improve compression
|
||||||
in AXFRs. This reduces network traffic. [RT #40996]
|
in AXFRs. This reduces network traffic. [RT #40996]
|
||||||
|
|
||||||
|
|||||||
@@ -6960,6 +6960,8 @@ query_find(ns_client_t *client, dns_fetchevent_t *event, dns_rdatatype_t qtype)
|
|||||||
inc_stats(client,
|
inc_stats(client,
|
||||||
dns_nsstatscounter_rateslipped);
|
dns_nsstatscounter_rateslipped);
|
||||||
if (WANTCOOKIE(client)) {
|
if (WANTCOOKIE(client)) {
|
||||||
|
client->message->flags &=
|
||||||
|
~DNS_MESSAGEFLAG_AA;
|
||||||
client->message->flags &=
|
client->message->flags &=
|
||||||
~DNS_MESSAGEFLAG_AD;
|
~DNS_MESSAGEFLAG_AD;
|
||||||
client->message->rcode =
|
client->message->rcode =
|
||||||
@@ -6978,6 +6980,8 @@ query_find(ns_client_t *client, dns_fetchevent_t *event, dns_rdatatype_t qtype)
|
|||||||
}
|
}
|
||||||
} else if (!TCP(client) && client->view->requireservercookie &&
|
} else if (!TCP(client) && client->view->requireservercookie &&
|
||||||
WANTCOOKIE(client) && !HAVECOOKIE(client)) {
|
WANTCOOKIE(client) && !HAVECOOKIE(client)) {
|
||||||
|
client->message->flags &= ~DNS_MESSAGEFLAG_AA;
|
||||||
|
client->message->flags &= ~DNS_MESSAGEFLAG_AD;
|
||||||
client->message->rcode = dns_rcode_badcookie;
|
client->message->rcode = dns_rcode_badcookie;
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -127,6 +127,8 @@ n=`expr $n + 1`
|
|||||||
echo "I:checking require-server-cookie yes ($n)"
|
echo "I:checking require-server-cookie yes ($n)"
|
||||||
ret=0
|
ret=0
|
||||||
$DIG +qr +cookie +nobadcookie soa @10.53.0.3 -p 5300 > dig.out.test$n
|
$DIG +qr +cookie +nobadcookie soa @10.53.0.3 -p 5300 > dig.out.test$n
|
||||||
|
grep "flags: qr[^;]* aa[ ;]" dig.out.test$n > /dev/null && ret=1
|
||||||
|
grep "flags: qr[^;]* ad[ ;]" dig.out.test$n > /dev/null && ret=1
|
||||||
grep BADCOOKIE dig.out.test$n > /dev/null || ret=1
|
grep BADCOOKIE dig.out.test$n > /dev/null || ret=1
|
||||||
linecount=`getcookie dig.out.test$n | wc -l`
|
linecount=`getcookie dig.out.test$n | wc -l`
|
||||||
if [ $linecount != 2 ]; then ret=1; fi
|
if [ $linecount != 2 ]; then ret=1; fi
|
||||||
|
|||||||
@@ -36,6 +36,7 @@
|
|||||||
#include <dns/masterdump.h>
|
#include <dns/masterdump.h>
|
||||||
#include <dns/message.h>
|
#include <dns/message.h>
|
||||||
#include <dns/opcode.h>
|
#include <dns/opcode.h>
|
||||||
|
#include <dns/rcode.h>
|
||||||
#include <dns/rdata.h>
|
#include <dns/rdata.h>
|
||||||
#include <dns/rdatalist.h>
|
#include <dns/rdatalist.h>
|
||||||
#include <dns/rdataset.h>
|
#include <dns/rdataset.h>
|
||||||
@@ -145,27 +146,6 @@ static const char *opcodetext[] = {
|
|||||||
"RESERVED15"
|
"RESERVED15"
|
||||||
};
|
};
|
||||||
|
|
||||||
static const char *rcodetext[] = {
|
|
||||||
"NOERROR",
|
|
||||||
"FORMERR",
|
|
||||||
"SERVFAIL",
|
|
||||||
"NXDOMAIN",
|
|
||||||
"NOTIMP",
|
|
||||||
"REFUSED",
|
|
||||||
"YXDOMAIN",
|
|
||||||
"YXRRSET",
|
|
||||||
"NXRRSET",
|
|
||||||
"NOTAUTH",
|
|
||||||
"NOTZONE",
|
|
||||||
"RESERVED11",
|
|
||||||
"RESERVED12",
|
|
||||||
"RESERVED13",
|
|
||||||
"RESERVED14",
|
|
||||||
"RESERVED15",
|
|
||||||
"BADVERS"
|
|
||||||
};
|
|
||||||
|
|
||||||
|
|
||||||
/*%
|
/*%
|
||||||
* "helper" type, which consists of a block of some type, and is linkable.
|
* "helper" type, which consists of a block of some type, and is linkable.
|
||||||
* For it to work, sizeof(dns_msgblock_t) must be a multiple of the pointer
|
* For it to work, sizeof(dns_msgblock_t) must be a multiple of the pointer
|
||||||
@@ -3491,7 +3471,8 @@ dns_message_pseudosectiontotext(dns_message_t *msg,
|
|||||||
|
|
||||||
isc_result_t
|
isc_result_t
|
||||||
dns_message_totext(dns_message_t *msg, const dns_master_style_t *style,
|
dns_message_totext(dns_message_t *msg, const dns_master_style_t *style,
|
||||||
dns_messagetextflag_t flags, isc_buffer_t *target) {
|
dns_messagetextflag_t flags, isc_buffer_t *target)
|
||||||
|
{
|
||||||
unsigned int sflags = dns_master_styleflags(style);
|
unsigned int sflags = dns_master_styleflags(style);
|
||||||
char buf[sizeof("1234567890")];
|
char buf[sizeof("1234567890")];
|
||||||
isc_result_t result;
|
isc_result_t result;
|
||||||
@@ -3505,12 +3486,9 @@ dns_message_totext(dns_message_t *msg, const dns_master_style_t *style,
|
|||||||
ADD_STRING(target, ";; ->>HEADER<<- opcode: ");
|
ADD_STRING(target, ";; ->>HEADER<<- opcode: ");
|
||||||
ADD_STRING(target, opcodetext[msg->opcode]);
|
ADD_STRING(target, opcodetext[msg->opcode]);
|
||||||
ADD_STRING(target, ", status: ");
|
ADD_STRING(target, ", status: ");
|
||||||
if (msg->rcode < (sizeof(rcodetext)/sizeof(rcodetext[0]))) {
|
result = dns_rcode_totext(msg->rcode, target);
|
||||||
ADD_STRING(target, rcodetext[msg->rcode]);
|
if (result != ISC_R_SUCCESS)
|
||||||
} else {
|
return (result);
|
||||||
snprintf(buf, sizeof(buf), "%4u", msg->rcode);
|
|
||||||
ADD_STRING(target, buf);
|
|
||||||
}
|
|
||||||
ADD_STRING(target, ", id: ");
|
ADD_STRING(target, ", id: ");
|
||||||
snprintf(buf, sizeof(buf), "%6u", msg->id);
|
snprintf(buf, sizeof(buf), "%6u", msg->id);
|
||||||
ADD_STRING(target, buf);
|
ADD_STRING(target, buf);
|
||||||
|
|||||||
@@ -51,6 +51,8 @@
|
|||||||
|
|
||||||
#define NUMBERSIZE sizeof("037777777777") /* 2^32-1 octal + NUL */
|
#define NUMBERSIZE sizeof("037777777777") /* 2^32-1 octal + NUL */
|
||||||
|
|
||||||
|
#define TOTEXTONLY 0x01
|
||||||
|
|
||||||
#define RCODENAMES \
|
#define RCODENAMES \
|
||||||
/* standard rcodes */ \
|
/* standard rcodes */ \
|
||||||
{ dns_rcode_noerror, "NOERROR", 0}, \
|
{ dns_rcode_noerror, "NOERROR", 0}, \
|
||||||
@@ -63,7 +65,12 @@
|
|||||||
{ dns_rcode_yxrrset, "YXRRSET", 0}, \
|
{ dns_rcode_yxrrset, "YXRRSET", 0}, \
|
||||||
{ dns_rcode_nxrrset, "NXRRSET", 0}, \
|
{ dns_rcode_nxrrset, "NXRRSET", 0}, \
|
||||||
{ dns_rcode_notauth, "NOTAUTH", 0}, \
|
{ dns_rcode_notauth, "NOTAUTH", 0}, \
|
||||||
{ dns_rcode_notzone, "NOTZONE", 0},
|
{ dns_rcode_notzone, "NOTZONE", 0}, \
|
||||||
|
{ 11, "RESERVED11", TOTEXTONLY}, \
|
||||||
|
{ 12, "RESERVED12", TOTEXTONLY}, \
|
||||||
|
{ 13, "RESERVED13", TOTEXTONLY}, \
|
||||||
|
{ 14, "RESERVED14", TOTEXTONLY}, \
|
||||||
|
{ 15, "RESERVED15", TOTEXTONLY},
|
||||||
|
|
||||||
#define ERCODENAMES \
|
#define ERCODENAMES \
|
||||||
/* extended rcodes */ \
|
/* extended rcodes */ \
|
||||||
@@ -260,6 +267,7 @@ dns_mnemonic_fromtext(unsigned int *valuep, isc_textregion_t *source,
|
|||||||
unsigned int n;
|
unsigned int n;
|
||||||
n = strlen(table[i].name);
|
n = strlen(table[i].name);
|
||||||
if (n == source->length &&
|
if (n == source->length &&
|
||||||
|
(table[i].flags & TOTEXTONLY) == 0 &&
|
||||||
strncasecmp(source->base, table[i].name, n) == 0) {
|
strncasecmp(source->base, table[i].name, n) == 0) {
|
||||||
*valuep = table[i].value;
|
*valuep = table[i].value;
|
||||||
return (ISC_R_SUCCESS);
|
return (ISC_R_SUCCESS);
|
||||||
|
|||||||
Reference in New Issue
Block a user