From: Mark Andrews Date: Sun, 5 Jan 2014 19:22:30 +0000 (+1100) Subject: 3696. [bug] dig failed to handle AXFR style IXFR responses which X-Git-Tag: v9.6-ESV-R11rc1~9 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=594890e5ba3ec32458fe867113f17b3cf017ffd1;p=thirdparty%2Fbind9.git 3696. [bug] dig failed to handle AXFR style IXFR responses which span multiple messages. [RT #35137] (cherry picked from commit e9649ece3bf32ff43faea13c76bbba7813d7e139) --- diff --git a/CHANGES b/CHANGES index e2f4b6c1c86..311b692884a 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,6 @@ +3696. [bug] dig failed to handle AXFR style IXFR responses which + span multiple messages. [RT #35137] + 3693. [security] memcpy was incorrectly called with overlapping ranges resulting in malformed names being generated on some platforms. This could cause INSIST failures diff --git a/bin/dig/dighost.c b/bin/dig/dighost.c index 0183945a7c7..7bc05d1f397 100644 --- a/bin/dig/dighost.c +++ b/bin/dig/dighost.c @@ -2148,6 +2148,7 @@ setup_lookup(dig_lookup_t *lookup) { query->rr_count = 0; query->msg_count = 0; query->byte_count = 0; + query->ixfr_axfr = ISC_FALSE; ISC_LIST_INIT(query->recvlist); ISC_LIST_INIT(query->lengthlist); query->sock = NULL; @@ -2800,6 +2801,9 @@ check_for_more_data(dig_query_t *query, dns_message_t *msg, isc_boolean_t ixfr = query->lookup->rdtype == dns_rdatatype_ixfr; isc_boolean_t axfr = query->lookup->rdtype == dns_rdatatype_axfr; + if (ixfr) + axfr = query->ixfr_axfr; + debug("check_for_more_data()"); /* @@ -2848,7 +2852,7 @@ check_for_more_data(dig_query_t *query, dns_message_t *msg, query->second_rr_rcvd = ISC_TRUE; query->second_rr_serial = 0; debug("got the second rr as nonsoa"); - axfr = ISC_TRUE; + axfr = query->ixfr_axfr = ISC_TRUE; goto next_rdata; } diff --git a/bin/dig/include/dig/dig.h b/bin/dig/include/dig/dig.h index 0293934789a..374d3ff9a5e 100644 --- a/bin/dig/include/dig/dig.h +++ b/bin/dig/include/dig/dig.h @@ -202,6 +202,7 @@ struct dig_query { isc_uint32_t second_rr_serial; isc_uint32_t msg_count; isc_uint32_t rr_count; + isc_boolean_t ixfr_axfr; char *servname; char *userarg; isc_bufferlist_t sendlist, diff --git a/bin/tests/system/ixfr/clean.sh b/bin/tests/system/ixfr/clean.sh index 4950febcf42..57b23039ba2 100644 --- a/bin/tests/system/ixfr/clean.sh +++ b/bin/tests/system/ixfr/clean.sh @@ -19,3 +19,5 @@ rm -f ns1/named.conf ns1/myftp.db rm -f */named.memstats +rm -f dig.out +rm -f ns3/large.db diff --git a/bin/tests/system/ixfr/ns3/named.conf b/bin/tests/system/ixfr/ns3/named.conf new file mode 100644 index 00000000000..5bbf58f5f82 --- /dev/null +++ b/bin/tests/system/ixfr/ns3/named.conf @@ -0,0 +1,46 @@ +/* + * Copyright (C) 2011 Internet Systems Consortium, Inc. ("ISC") + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: named.conf,v 1.3 2011/09/07 23:46:27 tbox Exp $ */ + +options { + query-source address 10.53.0.3; + notify-source 10.53.0.3; + transfer-source 10.53.0.3; + allow-transfer { any; }; + port 5300; + pid-file "named.pid"; + listen-on { 10.53.0.3; }; + listen-on-v6 { none; }; + recursion no; + notify yes; +}; + +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-md5; +}; + +controls { + inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; }; +}; + +view "primary" { + zone "large" IN { + type master; + file "large.db"; + }; +}; diff --git a/bin/tests/system/ixfr/setup.sh b/bin/tests/system/ixfr/setup.sh index 1935918d42b..d7c8383d020 100644 --- a/bin/tests/system/ixfr/setup.sh +++ b/bin/tests/system/ixfr/setup.sh @@ -41,3 +41,7 @@ controls { inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; }; EOF + +# Setup initial db files for ns3 +sh ../genzone.sh 3 > ns3/large.db +awk 'END { for (i = 0; i < 10000; i++) printf("record%d 10 IN TXT this is record %d\n", i, i) }' < /dev/null >> ns3/large.db diff --git a/bin/tests/system/ixfr/tests.sh b/bin/tests/system/ixfr/tests.sh index 64752d8ca5d..28099856963 100644 --- a/bin/tests/system/ixfr/tests.sh +++ b/bin/tests/system/ixfr/tests.sh @@ -137,5 +137,17 @@ $DIGCMD nil. TXT | grep 'fallback AXFR' >/dev/null || { status=1 } +echo "I:testing DiG's handling of a multi message AXFR style IXFR response" +( +(sleep 10 && kill $$) 2>/dev/null & +sub=$! +$DIG ixfr=0 large -p 5300 @10.53.0.3 > dig.out +kill $sub +) +lines=`grep hostmaster.large dig.out | wc -l` +test ${lines:-0} -eq 2 || { echo "I:failed"; status=1; } +messages=`sed -n 's/^;;.*messages \([0-9]*\),.*/\1/p' dig.out` +test ${messages:-0} -gt 1 || { echo "I:failed"; status=1; } + echo "I:exit status: $status" exit $status