implement 'max-query-restarts'

implement, document, and test the 'max-query-restarts' option
which specifies the query restart limit - the number of times
we can follow CNAMEs before terminating resolution.

(cherry picked from commit 104f3b82fb7c7cd03edc36507b167cfc6e11d17c)

diff --git a/bin/named/config.c b/bin/named/config.c
index 3640f714acc19f0a18ce21df8b491d7327d2b626..1fe74d423f0a971c1bf2b61642436d971dd0eac0 100644 (file)
--- a/bin/named/config.c
+++ b/bin/named/config.c
@@ -175,6 +175,7 @@ options {\n\
        max-ncache-ttl 10800; /* 3 hours */\n\
        max-recursion-depth 7;\n\
        max-recursion-queries 32;\n\
+       max-query-restarts 11;\n\
        max-stale-ttl 86400; /* 1 day */\n\
        message-compression yes;\n\
        min-ncache-ttl 0; /* 0 hours */\n\

diff --git a/bin/named/server.c b/bin/named/server.c
index 9ad6d6046bbf17b111eea3a9c22045542ce573fd..40b808a8173647785b344a5cf8509d43c3757747 100644 (file)
--- a/bin/named/server.c
+++ b/bin/named/server.c
@@ -5585,6 +5585,11 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config,
        INSIST(result == ISC_R_SUCCESS);
        dns_resolver_setmaxqueries(view->resolver, cfg_obj_asuint32(obj));
 
+       obj = NULL;
+       result = named_config_get(maps, "max-query-restarts", &obj);
+       INSIST(result == ISC_R_SUCCESS);
+       dns_view_setmaxrestarts(view, cfg_obj_asuint32(obj));
+
        obj = NULL;
        result = named_config_get(maps, "fetches-per-zone", &obj);
        INSIST(result == ISC_R_SUCCESS);

diff --git a/bin/tests/system/chain/ns7/named.conf.in b/bin/tests/system/chain/ns7/named.conf.in
index 32c9b5f56997f36dfd7d396d0003479ad2005dca..4cc6ac75c1a96ec429c5d805444b5ebb4128c673 100644 (file)
--- a/bin/tests/system/chain/ns7/named.conf.in
+++ b/bin/tests/system/chain/ns7/named.conf.in
@@ -35,11 +35,28 @@ key rndc_key {
        algorithm @DEFAULT_HMAC@;
 };
 
+key restart16 {
+       secret "1234abcd8765";
+       algorithm @DEFAULT_HMAC@;
+};
+
 controls {
        inet 10.53.0.7 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
 };
 
-zone "." {
-       type hint;
-       file "root.hint";
+view restart16 {
+       match-clients { key restart16; none; };
+       max-query-restarts 16;
+
+       zone "." {
+               type hint;
+               file "root.hint";
+       };
+};
+
+view default {
+       zone "." {
+               type hint;
+               file "root.hint";
+       };
 };

diff --git a/bin/tests/system/chain/tests.sh b/bin/tests/system/chain/tests.sh
index 49a18356cacadb8768a2a7662aa616cc3615ceef..25e617bc5c27a22a7c121ce0ac304ce8c4cf971a 100644 (file)
--- a/bin/tests/system/chain/tests.sh
+++ b/bin/tests/system/chain/tests.sh
@@ -442,11 +442,13 @@ n=$((n + 1))
 echo_i "checking CNAME loops are detected (resolver) ($n)"
 ret=0
 $RNDCCMD 10.53.0.7 null --- start test$n --- 2>&1 | sed 's/^/ns7 /' | cat_i
-$DIG $DIGOPTS @10.53.0.7 loop.example >dig.out.test$n
-grep "status: SERVFAIL" dig.out.test$n >/dev/null || ret=1
-grep "ANSWER: 0" dig.out.test$n >/dev/null || ret=1
-if [ $ret != 0 ]; then echo_i "failed"; fi
-status=$((status + ret))
+$DIG $DIGOPTS @10.53.0.7 loop.example >dig.out.1.test$n
+grep "status: NOERROR" dig.out.1.test$n >/dev/null || ret=1
+grep "ANSWER: 12" dig.out.1.test$n >/dev/null || ret=1
+# also check with max-query-restarts 16:
+$DIG $DIGOPTS @10.53.0.7 -y "${DEFAULT_HMAC}:restart16:1234abcd8765" loop.example >dig.out.2.test$n
+grep "status: NOERROR" dig.out.2.test$n >/dev/null || ret=1
+grep "ANSWER: 17" dig.out.2.test$n >/dev/null || ret=1
 
 n=$((n + 1))
 echo_i "checking CNAME loops are detected (auth) ($n)"

diff --git a/bin/tests/system/checkconf/good.conf b/bin/tests/system/checkconf/good.conf
index 7e0f87901c13c43bbb75d123e59b6f9df2eed67c..4b0518e4571fc2786f5d80e5570a7af825c31a48 100644 (file)
--- a/bin/tests/system/checkconf/good.conf
+++ b/bin/tests/system/checkconf/good.conf
@@ -77,6 +77,7 @@ options {
        check-names primary warn;
        check-names secondary ignore;
        max-cache-size 20000000000000;
+       max-query-restarts 10;
        nta-lifetime 604800;
        nta-recheck 604800;
        validate-except {
@@ -109,6 +110,7 @@ view "first" {
                max-ixfr-ratio unlimited;
        };
        dnssec-validation auto;
+       max-query-restarts 15;
        zone-statistics terse;
 };
 view "second" {

diff --git a/doc/arm/reference.rst b/doc/arm/reference.rst
index 23422d1ba50030a5ba026c45721331830158c3d4..3fc76fa7354ff75d1cba3b5fcd323d2441942a26 100644 (file)
--- a/doc/arm/reference.rst
+++ b/doc/arm/reference.rst
@@ -4697,6 +4697,14 @@ Tuning
    is a CNAME, then the subsequent lookup for the target of the CNAME is
    counted separately.) The default is 32.
 
+.. namedconf:statement:: max-query-restarts
+   :tags: server, query
+   :short: Sets the maximum number of chained CNAMEs to follow
+
+   This sets the maximum number of successive CNAME targets to follow
+   when resolving a client query, before terminating the query to avoid a
+   CNAME loop. Valid values are 1 to 255. The default is 11.
+
 .. namedconf:statement:: notify-delay
    :tags: transfer, zone
    :short: Sets the delay (in seconds) between sending sets of NOTIFY messages for a zone.

diff --git a/doc/misc/options b/doc/misc/options
index a8cd16425c2ad79e703ff2e4ddd2099cfc855928..8c01d5723776617111dfb2009c1e1e83f648d205 100644 (file)
--- a/doc/misc/options
+++ b/doc/misc/options
@@ -180,6 +180,7 @@ options {
        max-ixfr-ratio ( unlimited | <percentage> );
        max-journal-size ( default | unlimited | <sizeval> );
        max-ncache-ttl <duration>;
+       max-query-restarts <integer>;
        max-records <integer>;
        max-records-per-type <integer>;
        max-recursion-depth <integer>;
@@ -472,6 +473,7 @@ view <string> [ <class> ] {
        max-ixfr-ratio ( unlimited | <percentage> );
        max-journal-size ( default | unlimited | <sizeval> );
        max-ncache-ttl <duration>;
+       max-query-restarts <integer>;
        max-records <integer>;
        max-records-per-type <integer>;
        max-recursion-depth <integer>;

diff --git a/lib/bind9/check.c b/lib/bind9/check.c
index 1c850d8e5a683c2bbeb58ae9cee4d8ef9389fbc8..962872bdc1a1fde1665ff985ff61b865b13d8825 100644 (file)
--- a/lib/bind9/check.c
+++ b/lib/bind9/check.c
@@ -1943,6 +1943,20 @@ check_options(const cfg_obj_t *options, const cfg_obj_t *config,
                }
        }
 
+       obj = NULL;
+       (void)cfg_map_get(options, "max-query-restarts", &obj);
+       if (obj != NULL) {
+               uint32_t restarts = cfg_obj_asuint32(obj);
+               if (restarts == 0 || restarts > 255) {
+                       cfg_obj_log(obj, logctx, ISC_LOG_ERROR,
+                                   "'max-query-restarts' is out of "
+                                   "range 1..255)");
+                       if (result == ISC_R_SUCCESS) {
+                               result = ISC_R_RANGE;
+                       }
+               }
+       }
+
        if (actx != NULL) {
                cfg_aclconfctx_detach(&actx);
        }

diff --git a/lib/isccfg/namedconf.c b/lib/isccfg/namedconf.c
index 0b78e3c5d655c0c672ccf9bda1154e9f4e5cb856..c1aa72c1e124bff2f864972a9d0e16e4f21903a6 100644 (file)
--- a/lib/isccfg/namedconf.c
+++ b/lib/isccfg/namedconf.c
@@ -2105,6 +2105,7 @@ static cfg_clausedef_t view_clauses[] = {
        { "max-ncache-ttl", &cfg_type_duration, 0 },
        { "max-recursion-depth", &cfg_type_uint32, 0 },
        { "max-recursion-queries", &cfg_type_uint32, 0 },
+       { "max-query-restarts", &cfg_type_uint32, 0 },
        { "max-stale-ttl", &cfg_type_duration, 0 },
        { "max-udp-size", &cfg_type_uint32, 0 },
        { "message-compression", &cfg_type_boolean, 0 },