From 21a7fde6ba34c62f4859a4c19de4f49ec1bab474 Mon Sep 17 00:00:00 2001 From: Evan Hunt Date: Mon, 11 Mar 2013 15:54:03 -0700 Subject: [PATCH] [master] handle servfail at DLZ zone apex 3522. [bug] DLZ lookups could fail to return SERVFAIL when they ought to. [RT #32685] --- CHANGES | 3 +++ bin/tests/system/dlzexternal/driver.c | 18 ++++++++++++++++-- bin/tests/system/dlzexternal/tests.sh | 7 +++++++ lib/dns/sdlz.c | 8 ++++++-- 4 files changed, 32 insertions(+), 4 deletions(-) diff --git a/CHANGES b/CHANGES index 82a83fe1f3..d66584e5f5 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,6 @@ +3522. [bug] DLZ lookups could fail to return SERVFAIL when + they ought to. [RT #32685] + 3521. [bug] Address memory leak in opensslecdsa_link.c. [RT #32249] 3520. [bug] 'mctx' was not being referenced counted in some places diff --git a/bin/tests/system/dlzexternal/driver.c b/bin/tests/system/dlzexternal/driver.c index 765f32fad1..fa0021cdaa 100644 --- a/bin/tests/system/dlzexternal/driver.c +++ b/bin/tests/system/dlzexternal/driver.c @@ -233,7 +233,7 @@ dlz_create(const char *dlzname, unsigned int argc, char *argv[], struct dlz_example_data *state; const char *helper_name; va_list ap; - char soa_data[200]; + char soa_data[1024]; const char *extra; isc_result_t result; int n; @@ -359,6 +359,18 @@ dlz_findzonedb(void *dbdata, const char *name, strncmp(addrbuf, "10.53.0.1", 9) == 0) return (ISC_R_NOMORE); + /* + * For bigcname.domain, return success so it appears to be + * the zone origin; this regression tests a bug in which + * zone origin nodes could fail to return SERVFAIL to the client. + */ + if (strcasecmp(name, "bigcname.domain") == 0) + return (ISC_R_SUCCESS); + + /* + * Return success if we have an exact match between the + * zone name and the qname + */ if (strcasecmp(state->zone_name, name) == 0) return (ISC_R_SUCCESS); @@ -418,7 +430,9 @@ dlz_lookup(const char *zone, const char *name, void *dbdata, return (result); } - if (strcmp(name, "too-long") == 0) { + if (strcmp(name, "too-long") == 0 || + strcmp(zone, "bigcname.domain") == 0) + { for (i = 0; i < 511; i++) buf[i] = 'x'; buf[i] = '\0'; diff --git a/bin/tests/system/dlzexternal/tests.sh b/bin/tests/system/dlzexternal/tests.sh index c8beb537ff..5cc9348671 100644 --- a/bin/tests/system/dlzexternal/tests.sh +++ b/bin/tests/system/dlzexternal/tests.sh @@ -143,4 +143,11 @@ grep "status: SERVFAIL" dig.out.ns1.6 > /dev/null || ret=1 [ "$ret" -eq 0 ] || echo "I:failed" status=`expr $status + $ret` +ret=0 +echo "I:testing zone returning oversized data at zone origin" +$DIG $DIGOPTS txt bigcname.domain > dig.out.ns1.7 2>&1 || ret=1 +grep "status: SERVFAIL" dig.out.ns1.7 > /dev/null || ret=1 +[ "$ret" -eq 0 ] || echo "I:failed" +status=`expr $status + $ret` + exit $status diff --git a/lib/dns/sdlz.c b/lib/dns/sdlz.c index 555605c319..9197f923ef 100644 --- a/lib/dns/sdlz.c +++ b/lib/dns/sdlz.c @@ -613,7 +613,10 @@ findnodeext(dns_db_t *db, dns_name_t *name, isc_boolean_t create, MAYBE_UNLOCK(sdlz->dlzimp); - if (result != ISC_R_SUCCESS && !isorigin && !create) { + if (result == ISC_R_NOTFOUND && (isorigin || create)) + result = ISC_R_SUCCESS; + + if (result != ISC_R_SUCCESS) { destroynode(node); return (result); } @@ -625,7 +628,8 @@ findnodeext(dns_db_t *db, dns_name_t *name, isc_boolean_t create, sdlz->dbdata, node); MAYBE_UNLOCK(sdlz->dlzimp); if (result != ISC_R_SUCCESS && - result != ISC_R_NOTIMPLEMENTED) { + result != ISC_R_NOTIMPLEMENTED) + { destroynode(node); return (result); }