From 2d69c5d879f1b5f1f2e8d2a535f4f1f144f2dff3 Mon Sep 17 00:00:00 2001 From: Ralph Dolmans Date: Tue, 7 Jun 2016 14:31:30 +0000 Subject: [PATCH] - Possibility to lookup local_zone regardless the taglist. - Added local_zone/taglist/acl unit test. git-svn-id: file:///svn/unbound/trunk@3767 be551aaa-1e26-0410-a405-d3ace91eadb9 --- doc/Changelog | 2 + services/localzone.c | 14 ++-- services/localzone.h | 4 +- testdata/local_acl_taglist.rpl | 131 +++++++++++++++++++++++++++++++++ 4 files changed, 142 insertions(+), 9 deletions(-) create mode 100644 testdata/local_acl_taglist.rpl diff --git a/doc/Changelog b/doc/Changelog index a07c0774d..df97ce8d1 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -1,5 +1,7 @@ 7 June 2016: Ralph - Lookup localzones by taglist from acl. + - Possibility to lookup local_zone, regardless the taglist. + - Added local_zone/taglist/acl unit test. 7 June 2016: Wouter - Fix #773: Non-standard Python location build failure with pyunbound. diff --git a/services/localzone.c b/services/localzone.c index 88f9c7a32..d12fcb5a2 100644 --- a/services/localzone.c +++ b/services/localzone.c @@ -1015,13 +1015,13 @@ local_zones_lookup(struct local_zones* zones, uint8_t* name, size_t len, int labs, uint16_t dclass) { return local_zones_tags_lookup(zones, name, len, labs, - dclass, NULL, 0); + dclass, NULL, 0, 1); } struct local_zone* local_zones_tags_lookup(struct local_zones* zones, uint8_t* name, size_t len, int labs, uint16_t dclass, - uint8_t* taglist, size_t taglen) + uint8_t* taglist, size_t taglen, int ignoretags) { rbnode_t* res = NULL; struct local_zone *result; @@ -1041,13 +1041,11 @@ local_zones_tags_lookup(struct local_zones* zones, (void)dname_lab_cmp(result->name, result->namelabs, key.name, key.namelabs, &m); while(result) { /* go up until qname is zone or subdomain of zone */ - if(result->namelabs <= m) { - if(!result->taglist) - break; - if(taglist_intersect(result->taglist, + if(result->namelabs <= m) + if(ignoretags || !result->taglist || + taglist_intersect(result->taglist, result->taglen, taglist, taglen)) break; - } result = result->parent; } return result; @@ -1299,7 +1297,7 @@ local_zones_answer(struct local_zones* zones, struct query_info* qinfo, int r; lock_rw_rdlock(&zones->lock); z = local_zones_tags_lookup(zones, qinfo->qname, - qinfo->qname_len, labs, qinfo->qclass, taglist, taglen); + qinfo->qname_len, labs, qinfo->qclass, taglist, taglen, 0); if(!z) { lock_rw_unlock(&zones->lock); return 0; diff --git a/services/localzone.h b/services/localzone.h index 253584a4d..1d1f35141 100644 --- a/services/localzone.h +++ b/services/localzone.h @@ -225,11 +225,13 @@ void local_zone_delete(struct local_zone* z); * @param dclass: class to lookup. * @param taglist: taglist to lookup. * @param taglen: lenth of taglist. + * @param ignoretags: lookup zone by name and class, regardless the + * local-zone's tags. * @return closest local_zone or NULL if no covering zone is found. */ struct local_zone* local_zones_tags_lookup(struct local_zones* zones, uint8_t* name, size_t len, int labs, uint16_t dclass, - uint8_t* taglist, size_t taglen); + uint8_t* taglist, size_t taglen, int ignoretags); /** * Lookup zone that contains the given name, class. diff --git a/testdata/local_acl_taglist.rpl b/testdata/local_acl_taglist.rpl new file mode 100644 index 000000000..26dd9d9fe --- /dev/null +++ b/testdata/local_acl_taglist.rpl @@ -0,0 +1,131 @@ +; config options +server: + define-tag: "tag1 tag2 tag3" + local-zone: "example." redirect + local-data: 'example. IN TXT "data 0"' + local-zone: "d.example." static + local-data: 'd.example. IN TXT "data 1"' + local-zone: "c.d.example." redirect + local-data: 'c.d.example. IN TXT "data 2"' + local-zone: "b.c.d.example." redirect + local-data: 'b.c.d.example. IN TXT "data 3"' + + ; no tags for local-zones example. and c.d.example. + local-zone-tag: "d.example." "tag1 tag2" + local-zone-tag: "b.c.d.example." "tag3" + + access-control: 10.10.10.0/24 allow + access-control-tag: 10.10.10.20/32 "tag1" + access-control-tag: 10.10.10.30/32 "tag2 tag3" + access-control-tag: 10.10.10.40/32 "tag3" + + +CONFIG_END +SCENARIO_BEGIN Test local data queries + +STEP 1 QUERY ADDRESS 10.10.10.10 +ENTRY_BEGIN +SECTION QUESTION +d.example. IN TXT +ENTRY_END +STEP 2 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RA AA +SECTION QUESTION +d.example. IN TXT +SECTION ANSWER +d.example. IN TXT "data 0" +ENTRY_END + +STEP 3 QUERY ADDRESS 10.10.10.20 +ENTRY_BEGIN +SECTION QUESTION +d.example. IN TXT +ENTRY_END +STEP 4 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RA AA +SECTION QUESTION +d.example. IN TXT +SECTION ANSWER +d.example. IN TXT "data 1" +ENTRY_END + +STEP 5 QUERY ADDRESS 10.10.10.30 +ENTRY_BEGIN +SECTION QUESTION +d.example. IN TXT +ENTRY_END +STEP 6 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RA AA +SECTION QUESTION +d.example. IN TXT +SECTION ANSWER +d.example. IN TXT "data 1" +ENTRY_END + +STEP 7 QUERY ADDRESS 10.10.10.40 +ENTRY_BEGIN +SECTION QUESTION +d.example. IN TXT +ENTRY_END +STEP 8 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RA AA +SECTION QUESTION +d.example. IN TXT +SECTION ANSWER +d.example. IN TXT "data 0" +ENTRY_END + +STEP 9 QUERY ADDRESS 10.10.10.20 +ENTRY_BEGIN +SECTION QUESTION +c.d.example. IN TXT +ENTRY_END +STEP 10 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RA AA +SECTION QUESTION +c.d.example. IN TXT +SECTION ANSWER +c.d.example. IN TXT "data 2" +ENTRY_END + +STEP 11 QUERY ADDRESS 10.10.10.20 +ENTRY_BEGIN +SECTION QUESTION +a.b.c.d.example. IN TXT +ENTRY_END +STEP 12 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RA AA +SECTION QUESTION +a.b.c.d.example. IN TXT +SECTION ANSWER +a.b.c.d.example. IN TXT "data 2" +ENTRY_END + +STEP 13 QUERY ADDRESS 10.10.10.30 +ENTRY_BEGIN +SECTION QUESTION +a.b.c.d.example. IN TXT +ENTRY_END +STEP 14 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RA AA +SECTION QUESTION +a.b.c.d.example. IN TXT +SECTION ANSWER +a.b.c.d.example. IN TXT "data 3" +ENTRY_END + +SCENARIO_END -- 2.47.3