From 6eb2a48f5a998b82bb071ef42d00d2f34a2b0ed8 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Thu, 14 May 2020 10:19:45 +1200
Subject: [PATCH] selftest: Add test for handling of "short" dnsProperty
 records

These have been known to be given by Windows DCs that share the same domain
as while invalid, they are not format-checked inbound when set by the DNS
Manager MMC applet over the dnsserver pipe to Windows.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14310

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
---
 python/samba/tests/dns.py | 51 +++++++++++++++++++++++++++++++++++++++
 selftest/knownfail.d/dns  | 12 +++++++++
 2 files changed, 63 insertions(+)

diff --git a/python/samba/tests/dns.py b/python/samba/tests/dns.py
index 5af24588428..093cae14078 100644
--- a/python/samba/tests/dns.py
+++ b/python/samba/tests/dns.py
@@ -1702,6 +1702,57 @@ class TestZones(DNSTest):
         self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY)
         self.assertEqual(response.ancount, 0)
 
+    def set_dnsProperty_zero_length(self, dnsproperty_id):
+        records = self.samdb.search(base=self.zone_dn, scope=ldb.SCOPE_BASE,
+                                    expression="(&(objectClass=dnsZone)" +
+                                    "(name={0}))".format(self.zone),
+                                    attrs=["dNSProperty"])
+        self.assertEqual(len(records), 1)
+        props = [ndr_unpack(dnsp.DnsProperty, r)
+                 for r in records[0].get('dNSProperty')]
+        new_props = [ndr.ndr_pack(p) for p in props if p.id == dnsproperty_id]
+
+        zero_length_p = dnsp.DnsProperty_short()
+        zero_length_p.id = dnsproperty_id
+        zero_length_p.namelength = 1
+        zero_length_p.name = 1
+        new_props += [ndr.ndr_pack(zero_length_p)]
+
+        dn = records[0].dn
+        update_dict = {'dn': dn, 'dnsProperty': new_props}
+        self.samdb.modify(ldb.Message.from_dict(self.samdb,
+                                                update_dict,
+                                                ldb.FLAG_MOD_REPLACE))
+
+    def test_update_while_dnsProperty_zero_length(self):
+        self.create_zone(self.zone)
+        self.set_dnsProperty_zero_length(dnsp.DSPROPERTY_ZONE_ALLOW_UPDATE)
+        rec = self.dns_update_record('dnspropertytest', ['test txt'])
+        self.assertNotEqual(rec.dwTimeStamp, 0)
+
+    def test_enum_zones_while_dnsProperty_zero_length(self):
+        self.create_zone(self.zone)
+        self.set_dnsProperty_zero_length(dnsp.DSPROPERTY_ZONE_ALLOW_UPDATE)
+        client_version = dnsserver.DNS_CLIENT_VERSION_LONGHORN
+        request_filter = dnsserver.DNS_ZONE_REQUEST_PRIMARY
+        tid = dnsserver.DNSSRV_TYPEID_DWORD
+        typeid, res = self.rpc_conn.DnssrvComplexOperation2(client_version,
+                                                            0,
+                                                            self.server_ip,
+                                                            None,
+                                                            'EnumZones',
+                                                            tid,
+                                                            request_filter)
+
+    def test_rpc_zone_update_while_dnsProperty_zero_length(self):
+        self.create_zone(self.zone)
+        self.set_dnsProperty_zero_length(dnsp.DSPROPERTY_ZONE_ALLOW_UPDATE)
+        self.set_params(zone=self.zone, AllowUpdate=dnsp.DNS_ZONE_UPDATE_SECURE)
+
+    def test_rpc_zone_update_while_other_dnsProperty_zero_length(self):
+        self.create_zone(self.zone)
+        self.set_dnsProperty_zero_length(dnsp.DSPROPERTY_ZONE_MASTER_SERVERS_DA)
+        self.set_params(zone=self.zone, AllowUpdate=dnsp.DNS_ZONE_UPDATE_SECURE)
 
 class TestRPCRoundtrip(DNSTest):
     def setUp(self):
diff --git a/selftest/knownfail.d/dns b/selftest/knownfail.d/dns
index bf563632472..8ba1f4623ac 100644
--- a/selftest/knownfail.d/dns
+++ b/selftest/knownfail.d/dns
@@ -80,3 +80,15 @@ samba.tests.dns.__main__.TestSimpleQueries.test_one_SOA_query\(rodc:local\)
 ^samba.tests.dns.__main__.TestComplexQueries.test_cname_limit\(rodc:local\)
 ^samba.tests.dns.__main__.TestComplexQueries.test_cname_any_query\(vampire_dc:local\)
 ^samba.tests.dns.__main__.TestComplexQueries.test_cname_any_query\(rodc:local\)
+
+# Tests for the dnsProperty parse issue
+^samba.tests.dns.__main__.TestZones.test_rpc_zone_update_while_dnsProperty_zero_length\(fl2003dc:local\)
+^samba.tests.dns.__main__.TestZones.test_rpc_zone_update_while_other_dnsProperty_zero_length\(fl2003dc:local\)
+^samba.tests.dns.__main__.TestZones.test_update_while_dnsProperty_zero_length\(fl2003dc:local\)
+^samba.tests.dns.__main__.TestZones.test_enum_zones_while_dnsProperty_zero_length\(rodc:local\)
+^samba.tests.dns.__main__.TestZones.test_rpc_zone_update_while_dnsProperty_zero_length\(rodc:local\)
+^samba.tests.dns.__main__.TestZones.test_rpc_zone_update_while_other_dnsProperty_zero_length\(rodc:local\)
+^samba.tests.dns.__main__.TestZones.test_update_while_dnsProperty_zero_length\(rodc:local\)
+^samba.tests.dns.__main__.TestZones.test_rpc_zone_update_while_dnsProperty_zero_length\(vampire_dc:local\)
+^samba.tests.dns.__main__.TestZones.test_rpc_zone_update_while_other_dnsProperty_zero_length\(vampire_dc:local\)
+^samba.tests.dns.__main__.TestZones.test_update_while_dnsProperty_zero_length\(vampire_dc:local\)
\ No newline at end of file
-- 
2.47.3