Merge branch '2925-do-not-allow-default-http' into 'main'

Do not allow defining "http" clauses named "default" Closes #2925 See merge request isc-projects/bind9!5453
2021-10-04 15:04:07 +00:00
parent d27d20e6d4 79ce4441e7
commit 372d065eff
3 changed files with 49 additions and 20 deletions
--- a/3
+++ b/3
@@ -1,3 +1,6 @@
+5731.	[bug]		Do not allow defining "http" clauses named
+			"default". [GL #2925]
+
 5730.	[func]		The resolver and the request and dispatch managers
 			have been substantially refactored, and are now
 			based on the network manager instead of the old
--- a/bin/tests/system/checkconf/bad-doh-default.conf
+++ b/bin/tests/system/checkconf/bad-doh-default.conf
@@ -0,0 +1,18 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+# 'default' is a built-in configuration intended to be used in
+# 'listen-on' statements
+http default {
+	endpoints { "/dns-query"; };
+	listener-clients 100;
+	streams-per-connection 100;
+};
--- a/lib/bind9/check.c
+++ b/lib/bind9/check.c
@@ -2040,27 +2040,35 @@ bind9_check_httpserver(const cfg_obj_t *http, isc_log_t *logctx,
 	const cfg_listelt_t *elt = NULL;
 	isc_symvalue_t symvalue;

-	/* Check for duplicates */
-	symvalue.as_cpointer = http;
-	result = isc_symtab_define(symtab, name, 1, symvalue,
-				   isc_symexists_reject);
-	if (result == ISC_R_EXISTS) {
-		const char *file = NULL;
-		unsigned int line;
-
-		tresult = isc_symtab_lookup(symtab, name, 1, &symvalue);
-		RUNTIME_CHECK(tresult == ISC_R_SUCCESS);
-
-		line = cfg_obj_line(symvalue.as_cpointer);
-		file = cfg_obj_file(symvalue.as_cpointer);
-		if (file == NULL) {
-			file = "<unknown file>";
-		}
-
+	if (strcasecmp(name, "default") == 0) {
 		cfg_obj_log(http, logctx, ISC_LOG_ERROR,
-			    "http '%s' is duplicated: "
-			    "also defined at %s:%u",
-			    name, file, line);
+			    "'http' name cannot be '%s' (which is a "
+			    "built-in configuration)",
+			    name);
+		result = ISC_R_FAILURE;
+	} else {
+		/* Check for duplicates */
+		symvalue.as_cpointer = http;
+		result = isc_symtab_define(symtab, name, 1, symvalue,
+					   isc_symexists_reject);
+		if (result == ISC_R_EXISTS) {
+			const char *file = NULL;
+			unsigned int line;
+
+			tresult = isc_symtab_lookup(symtab, name, 1, &symvalue);
+			RUNTIME_CHECK(tresult == ISC_R_SUCCESS);
+
+			line = cfg_obj_line(symvalue.as_cpointer);
+			file = cfg_obj_file(symvalue.as_cpointer);
+			if (file == NULL) {
+				file = "<unknown file>";
+			}
+
+			cfg_obj_log(http, logctx, ISC_LOG_ERROR,
+				    "http '%s' is duplicated: "
+				    "also defined at %s:%u",
+				    name, file, line);
+		}
 	}

 	/* Check endpoints are valid */