4190. [protocol] Accept Active Diretory gc._msdcs.<forest> name as

valid with check-names.  <forest> still needs to be
                        LDH. [RT #40399]

lib/dns/include/dns/name.h

@@ -995,10 +995,6 @@ dns_name_split(dns_name_t *name, unsigned int suffixlabels,
  *
  *\li	'suffix' is a valid name or NULL, and cannot be read-only.
  *
- *\li	If non-NULL, 'prefix' and 'suffix' must have dedicated buffers.
- *
- *\li	'prefix' and 'suffix' cannot point to the same buffer.
- *
  * Ensures:
  *
  *\li	On success:

lib/dns/name.c

@@ -2155,11 +2155,9 @@ dns_name_split(dns_name_t *name, unsigned int suffixlabels,
 	REQUIRE(prefix != NULL || suffix != NULL);
 	REQUIRE(prefix == NULL ||
 		(VALID_NAME(prefix) &&
-		 prefix->buffer != NULL &&
 		 BINDABLE(prefix)));
 	REQUIRE(suffix == NULL ||
 		(VALID_NAME(suffix) &&
-		 suffix->buffer != NULL &&
 		 BINDABLE(suffix)));
 
 	splitlabel = name->labels - suffixlabels;

lib/dns/rdata.c

@@ -224,6 +224,21 @@ unknown_totext(dns_rdata_t *rdata, dns_rdata_textctx_t *tctx,
 /*% IPv6 Address Size */
 #define NS_LOCATORSZ	8
 
+/*
+ * Active Diretory gc._msdcs.<forest> prefix.
+ */
+static unsigned char gc_msdcs_data[]  = "\002gc\006_msdcs";
+static unsigned char gc_msdcs_offset [] = { 0, 3 };
+
+static const dns_name_t gc_msdcs = {
+	DNS_NAME_MAGIC,
+	gc_msdcs_data, 10, 2,
+	DNS_NAMEATTR_READONLY,
+	gc_msdcs_offset, NULL,
+	{(void *)-1, (void *)-1},
+	{NULL, NULL}
+};
+
 /*%
  *	convert presentation level address to network order binary form.
  * \return

lib/dns/rdata/in_1/a_1.c

@@ -210,6 +210,7 @@ digest_in_a(ARGS_DIGEST) {
 
 static inline isc_boolean_t
 checkowner_in_a(ARGS_CHECKOWNER) {
+	dns_name_t prefix, suffix;
 
 	REQUIRE(type == dns_rdatatype_a);
 	REQUIRE(rdclass == dns_rdataclass_in);
@@ -217,6 +218,19 @@ checkowner_in_a(ARGS_CHECKOWNER) {
 	UNUSED(type);
 	UNUSED(rdclass);
 
+	/*
+	 * Handle Active Diretory gc._msdcs.<forest> name.
+	 */
+	if (dns_name_countlabels(name) > 2U) {
+		dns_name_init(&prefix, NULL);
+		dns_name_init(&suffix, NULL);
+		dns_name_split(name, dns_name_countlabels(name) - 2,
+			       &prefix, &suffix);
+		if (dns_name_equal(&gc_msdcs, &prefix) &&
+		    dns_name_ishostname(&suffix, ISC_FALSE))
+			return (ISC_TRUE);
+	}
+
 	return (dns_name_ishostname(name, wildcard));
 }
 

lib/dns/rdata/in_1/aaaa_28.c

@@ -207,6 +207,7 @@ digest_in_aaaa(ARGS_DIGEST) {
 
 static inline isc_boolean_t
 checkowner_in_aaaa(ARGS_CHECKOWNER) {
+	dns_name_t prefix, suffix;
 
 	REQUIRE(type == dns_rdatatype_aaaa);
 	REQUIRE(rdclass == dns_rdataclass_in);
@@ -214,6 +215,19 @@ checkowner_in_aaaa(ARGS_CHECKOWNER) {
 	UNUSED(type);
 	UNUSED(rdclass);
 
+	/*
+	 * Handle Active Diretory gc._msdcs.<forest> name.
+	 */
+	if (dns_name_countlabels(name) > 2U) {
+		dns_name_init(&prefix, NULL);
+		dns_name_init(&suffix, NULL);
+		dns_name_split(name, dns_name_countlabels(name) - 2,
+			       &prefix, &suffix);
+		if (dns_name_equal(&gc_msdcs, &prefix) &&
+		    dns_name_ishostname(&suffix, ISC_FALSE))
+			return (ISC_TRUE);
+	}
+
 	return (dns_name_ishostname(name, wildcard));
 }