From: Marek VavruĊĦa Date: Tue, 28 Apr 2015 07:30:00 +0000 (+0200) Subject: lib/iterate: disable qname m12 on positive answers X-Git-Tag: v1.0.0-beta1~227^2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1a9c320f3516567b6a0a1c8835b74a35fce1a332;p=thirdparty%2Fknot-resolver.git lib/iterate: disable qname m12 on positive answers the encloser might exist and contain valid data, the resolver would return wrong records in this case --- diff --git a/lib/layer/iterate.c b/lib/layer/iterate.c index f7673cce3..d13d876c0 100644 --- a/lib/layer/iterate.c +++ b/lib/layer/iterate.c @@ -276,7 +276,9 @@ static int process_answer(knot_pkt_t *pkt, struct kr_request *req) */ bool is_final = (query->parent == NULL); int pkt_class = response_classify(pkt); - if (!knot_dname_is_equal(knot_pkt_qname(pkt), query->sname) && (pkt_class & (PKT_NXDOMAIN|PKT_NODATA))) { + if (!knot_dname_is_equal(knot_pkt_qname(pkt), query->sname) && + (pkt_class & (PKT_NOERROR|PKT_NXDOMAIN|PKT_NODATA))) { + DEBUG_MSG("<= found cut, retrying with non-minimized name\n"); query->flags |= QUERY_NO_MINIMIZE; return KNOT_STATE_DONE; } @@ -301,6 +303,7 @@ static int process_answer(knot_pkt_t *pkt, struct kr_request *req) /* Follow canonical name as next SNAME. */ if (cname != query->sname) { + DEBUG_MSG("<= cname chain, following\n"); (void) kr_rplan_push(&req->rplan, query->parent, cname, query->sclass, query->stype); } else { if (query->parent == NULL) { diff --git a/tests/testdata/iter_minim_nonempty.rpl b/tests/testdata/iter_minim_nonempty.rpl new file mode 100644 index 000000000..44e88349c --- /dev/null +++ b/tests/testdata/iter_minim_nonempty.rpl @@ -0,0 +1,125 @@ +; config options +server: + target-fetch-policy: "0 0 0 0 0" + query-minimization: on + +stub-zone: + name: "." + stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. +CONFIG_END + +SCENARIO_BEGIN Test query minimization with terminal in resolution path. + +; K.ROOT-SERVERS.NET. +RANGE_BEGIN 0 100 + ADDRESS 193.0.14.129 +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +. IN NS +SECTION ANSWER +. IN NS K.ROOT-SERVERS.NET. +SECTION ADDITIONAL +K.ROOT-SERVERS.NET. IN A 193.0.14.129 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +net. IN NS +SECTION ANSWER +net. IN NS K.ROOT-SERVERS.NET. +SECTION ADDITIONAL +K.ROOT-SERVERS.NET. IN A 193.0.14.129 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +gtld-servers.net. IN NS +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR AA NOERROR +SECTION QUESTION +a.gtld-servers.net. IN AAAA +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +com. IN NS +SECTION AUTHORITY +com. IN NS lame-addr.gtld-servers.net. +com. IN NS a.gtld-servers.net. +SECTION ADDITIONAL +lame-addr.gtld-servers.net. IN A 1.1.1.1 +a.gtld-servers.net. IN A 192.5.6.30 +ENTRY_END +RANGE_END + +; lame.gtld-servers.net. +RANGE_BEGIN 0 100 + ADDRESS 1.1.1.1 + +EANGE_END + +; a.gtld-servers.net. +RANGE_BEGIN 0 100 + ADDRESS 192.5.6.30 + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY AA QR NOERROR +SECTION QUESTION +example.com. IN NS +SECTION ANSWER +example.com. IN CNAME nowhere. +SECTION AUTHORITY +com. IN NS a.gtld-servers.net. +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR AA NOERROR +SECTION QUESTION +www.example.com. IN NS +SECTION ANSWER +www.example.com. IN NS blackhole. +SECTION AUTHORITY +com. IN NS a.gtld-servers.net. +ENTRY_END + +RANGE_END + +STEP 1 QUERY +ENTRY_BEGIN +REPLY RD +SECTION QUESTION +www.example.com. IN NS +ENTRY_END + +; recursion happens here. +STEP 10 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RD RA NOERROR +SECTION QUESTION +www.example.com. IN NS +SECTION ANSWER +www.example.com. IN NS blackhole. +ENTRY_END + +SCENARIO_END