[v9_9] address TKEY bugs

3486.	[bug]		named could crash when using TKEY-negotiated keys
			that had been deleted and then recreated. [RT #32506]

(cherry picked from commit 0b8bd3a4ae3efd91f88e8901323faf99b5b06136)

diff --git a/CHANGES b/CHANGES
index 10e6434f53d8abc40a8982380386bbd30d693f7c..1d1e8b86a4d5040625e283d7f2e2f10e5ab97779 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,6 @@
+3486.  [bug]           named could crash when using TKEY-negotiated keys
+                       that had been deleted and then recreated. [RT #32506]
+
 3485.  [cleanup]       Only compile openssl_gostlink.c if we support GOST.
 
 3483.  [bug]           Corrected XSL code in use with --enable-newstats.

diff --git a/bin/tests/system/tkey/clean.sh b/bin/tests/system/tkey/clean.sh
index 2ddd9c418c8591a5f984236016a56df99d97f32c..a24513e2398cd5b45d614ee9ba0dcb8b2ad159d4 100644 (file)
--- a/bin/tests/system/tkey/clean.sh
+++ b/bin/tests/system/tkey/clean.sh
@@ -17,7 +17,6 @@
 
 # $Id: clean.sh,v 1.8 2011/11/03 23:46:26 tbox Exp $
 
-rm -f dig.out.* random.data ns1/named.conf
+rm -f dig.out.* rndc.out.* random.data ns1/named.conf
 rm -f K* ns1/K*
 rm -f */named.memstats
-rm -f rndc.out

diff --git a/bin/tests/system/tkey/ns1/example.db b/bin/tests/system/tkey/ns1/example.db
new file mode 100644 (file)
index 0000000..430d7ec
--- /dev/null
+++ b/bin/tests/system/tkey/ns1/example.db
@@ -0,0 +1,30 @@
+; Copyright (C) 2005, 2007  Internet Systems Consortium, Inc. ("ISC")
+;
+; Permission to use, copy, modify, and/or distribute this software for any
+; purpose with or without fee is hereby granted, provided that the above
+; copyright notice and this permission notice appear in all copies.
+;
+; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+; AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+; PERFORMANCE OF THIS SOFTWARE.
+
+$TTL 1D
+
+@                      IN SOA  ns hostmaster (
+                               1
+                               3600
+                               1800
+                               1814400
+                               3
+                               )
+                       NS      ns
+ns                     A       10.53.0.1
+mx                     MX      10 mail
+a                      A       10.53.0.1
+                       A       10.53.0.2
+txt                    TXT     "this is text"
+

diff --git a/bin/tests/system/tkey/ns1/named.conf.in b/bin/tests/system/tkey/ns1/named.conf.in
index 7f235200dc2e27be70a3aaca8a8015c2e49bd40e..592c42bba7ccfb4e79dc82b88198fd22af734f8b 100644 (file)
--- a/bin/tests/system/tkey/ns1/named.conf.in
+++ b/bin/tests/system/tkey/ns1/named.conf.in
@@ -47,3 +47,9 @@ key "tkeytest." {
        algorithm hmac-md5;
        secret "0123456789ab";
 };
+
+zone example {
+        type master;
+        file "example.db";
+        allow-query { key tkeytest.; none; };
+};

diff --git a/bin/tests/system/tkey/setup.sh b/bin/tests/system/tkey/setup.sh
index 4a9ac56f4dab11282444b97f7acb16e69cf731a3..15ec4df6b3da5f289a48c8384ed6f8bf4b605b9e 100644 (file)
--- a/bin/tests/system/tkey/setup.sh
+++ b/bin/tests/system/tkey/setup.sh
@@ -19,6 +19,8 @@
 
 RANDFILE=random.data
 
+sh clean.sh
+
 ../../../tools/genrandom 100 $RANDFILE
 
 cd ns1 && sh setup.sh

diff --git a/bin/tests/system/tkey/tests.sh b/bin/tests/system/tkey/tests.sh
index 1a51658e9446f0eae14999fcffed6740e319eb81..05eaa512808c88386065d390cb251e0c57bcb46c 100644 (file)
--- a/bin/tests/system/tkey/tests.sh
+++ b/bin/tests/system/tkey/tests.sh
@@ -91,8 +91,17 @@ status=`expr $status + $ret`
 
 echo "I:checking the key with 'rndc tsig-list'"
 ret=0
-$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-list > rndc.out
-grep "key \"bar.example.server" rndc.out > /dev/null || ret=1
+$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-list > rndc.out.1
+grep "key \"bar.example.server" rndc.out.1 > /dev/null || ret=1
+if [ $ret != 0 ]; then
+        echo "I:failed"
+fi
+status=`expr $status + $ret`
+
+echo "I:using key in a request"
+ret=0
+$DIG $DIGOPTS -k $keyname txt.example txt > dig.out.3 || ret=1
+grep "status: NOERROR" dig.out.3 > /dev/null || ret=1
 if [ $ret != 0 ]; then
         echo "I:failed"
 fi
@@ -101,8 +110,38 @@ status=`expr $status + $ret`
 echo "I:deleting the key with 'rndc tsig-delete'"
 ret=0
 $RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-delete bar.example.server > /dev/null || ret=1
-$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-list > rndc.out
-grep "key \"bar.example.server" rndc.out > /dev/null && ret=1
+$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-list > rndc.out.2
+grep "key \"bar.example.server" rndc.out.2 > /dev/null && ret=1
+$DIG $DIGOPTS -k $keyname txt.example txt > dig.out.4 || ret=1
+grep "TSIG could not be validated" dig.out.4 > /dev/null || ret=1
+if [ $ret != 0 ]; then
+        echo "I:failed"
+fi
+status=`expr $status + $ret`
+
+echo "I:recreating the bar.example. key"
+ret=0
+keyname=`./keycreate $dhkeyname bar.example.` || ret=1
+if [ $ret != 0 ]; then
+        echo "I:failed"
+        echo "I:exit status: $status"
+        exit $status
+fi
+status=`expr $status + $ret`
+
+echo "I:checking the new key with 'rndc tsig-list'"
+ret=0
+$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-list > rndc.out.3
+grep "key \"bar.example.server" rndc.out.3 > /dev/null || ret=1
+if [ $ret != 0 ]; then
+        echo "I:failed"
+fi
+status=`expr $status + $ret`
+
+echo "I:using the new key in a request"
+ret=0
+$DIG $DIGOPTS -k $keyname txt.example txt > dig.out.5 || ret=1
+grep "status: NOERROR" dig.out.5 > /dev/null || ret=1
 if [ $ret != 0 ]; then
         echo "I:failed"
 fi

diff --git a/lib/dns/dst_api.c b/lib/dns/dst_api.c
index 9ad58dc0a25801f2301bac4a676fbb36a62db724..7b0d87de8ad9e76d214e4599b271610c73c82c2c 100644 (file)
--- a/lib/dns/dst_api.c
+++ b/lib/dns/dst_api.c
@@ -1255,7 +1255,7 @@ dst_key_dump(dst_key_t *key, isc_mem_t *mctx, char **buffer, int *length) {
        REQUIRE(length != NULL && *length == 0);
        REQUIRE(VALID_KEY(key));
 
-       if (key->func->isprivate == NULL)
+       if (key->func->dump == NULL)
                return (ISC_R_NOTIMPLEMENTED);
        return (key->func->dump(key, mctx, buffer, length));
 }

diff --git a/lib/dns/tsig.c b/lib/dns/tsig.c
index cc781993fbb481ba38d314930ce56fc543006e9e..226603c912fe4a02ee3f6ce1de71626a5642f6bd 100644 (file)
--- a/lib/dns/tsig.c
+++ b/lib/dns/tsig.c
@@ -239,7 +239,9 @@ adjust_lru(dns_tsigkey_t *tkey) {
                 * We may have been removed from the LRU list between
                 * removing the read lock and aquiring the write lock.
                 */
-               if (ISC_LINK_LINKED(tkey, link)) {
+               if (ISC_LINK_LINKED(tkey, link) &&
+                   (tkey->ring->lru).head != tkey)
+               {
                        ISC_LIST_UNLINK(tkey->ring->lru, tkey, link);
                        ISC_LIST_APPEND(tkey->ring->lru, tkey, link);
                }
@@ -625,8 +627,7 @@ restore_key(dns_tsig_keyring_t *ring, isc_stdtime_t now, FILE *fp) {
 }
 
 static void
-dump_key(dns_tsigkey_t *tkey, FILE *fp)
-{
+dump_key(dns_tsigkey_t *tkey, FILE *fp) {
        char *buffer = NULL;
        int length = 0;
        char namestr[DNS_NAME_FORMATSIZE];
@@ -634,6 +635,9 @@ dump_key(dns_tsigkey_t *tkey, FILE *fp)
        char algorithmstr[DNS_NAME_FORMATSIZE];
        isc_result_t result;
 
+       REQUIRE(tkey != NULL);
+       REQUIRE(fp != NULL);
+
        dns_name_format(&tkey->name, namestr, sizeof(namestr));
        dns_name_format(tkey->creator, creatorstr, sizeof(creatorstr));
        dns_name_format(tkey->algorithm, algorithmstr, sizeof(algorithmstr));