3337. [bug] Change #3294 broke support for the multiple keys

                        in controls. [RT #29694]

diff --git a/CHANGES b/CHANGES
index 5320215f6a5c0895349db41db9853670fcf9dccc..3a90249944241cb3a7beffae85def942e4372d92 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,6 @@
+3337.  [bug]           Change #3294 broke support for the multiple keys
+                       in controls. [RT #29694]
+
 3335.  [func]          nslookup: return a nonzero exit code when unable
                        to get an answer. [RT #29492]
 

diff --git a/bin/named/controlconf.c b/bin/named/controlconf.c
index 2dede0d591722d2fbb77f7afff983f58c085db61..98f2f1516a55e81f42a6fed8364f61b89a068cc4 100644 (file)
--- a/bin/named/controlconf.c
+++ b/bin/named/controlconf.c
@@ -373,8 +373,10 @@ control_recvmessage(isc_task_t *task, isc_event_t *event) {
                if (result == ISC_R_SUCCESS)
                        break;
                isc_mem_put(listener->mctx, secret.rstart, REGION_SIZE(secret));
-               log_invalid(&conn->ccmsg, result);
-               goto cleanup;
+               if (result != ISCCC_R_BADAUTH) {
+                       log_invalid(&conn->ccmsg, result);
+                       goto cleanup;
+               }
        }
 
        if (key == NULL) {

diff --git a/bin/tests/system/conf.sh.in b/bin/tests/system/conf.sh.in
index c4cacf0188c32595bc8f68c525cd7e75f0488b41..c65234141634ccd82d6ac75d911a8463ee3b163e 100644 (file)
--- a/bin/tests/system/conf.sh.in
+++ b/bin/tests/system/conf.sh.in
@@ -46,7 +46,7 @@ CHECKCONF=$TOP/bin/check/named-checkconf
 SUBDIRS="acl allow_query builtin cacheclean checkconf checknames checkzone
         database dlv dlz dname dnssec forward glue ixfr
         limits logfileconfig lwresd masterfile masterformat notify
-        nsupdate pending resolver rrsetorder sortlist stub tkey
+        nsupdate pending resolver rndc rrsetorder sortlist stub tkey
         unknown upforwd views xfer xferquota zonechecks"
 
 # PERL will be an empty string if no perl interpreter was found.

diff --git a/bin/tests/system/rndc/clean.sh b/bin/tests/system/rndc/clean.sh
new file mode 100644 (file)
index 0000000..c309617
--- /dev/null
+++ b/bin/tests/system/rndc/clean.sh
@@ -0,0 +1,21 @@
+#!/bin/sh
+#
+# Copyright (C) 2011  Internet Systems Consortium, Inc. ("ISC")
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+# AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+# PERFORMANCE OF THIS SOFTWARE.
+
+# $Id: clean.sh,v 1.2 2011/03/21 18:06:06 each Exp $
+
+rm -f ns2/*.db ns2/*.jnl
+rm -f ns2/session.key
+rm -f ns2/named.memstats

diff --git a/bin/tests/system/rndc/ns2/named.conf b/bin/tests/system/rndc/ns2/named.conf
new file mode 100644 (file)
index 0000000..f2d91a1
--- /dev/null
+++ b/bin/tests/system/rndc/ns2/named.conf
@@ -0,0 +1,66 @@
+/*
+ * Copyright (C) 2011  Internet Systems Consortium, Inc. ("ISC")
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+ * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+ * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+ * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+ * PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/* $Id: named.conf,v 1.4 2011/06/10 01:32:37 each Exp $ */
+
+controls { /* empty */ };
+
+options {
+       port 5300;
+       pid-file "named.pid";
+        session-keyfile "session.key";
+       listen-on { 10.53.0.2; };
+       listen-on-v6 { none; };
+        recursion no;
+};
+
+key rndc_key {
+       secret "1234abcd8765";
+       algorithm hmac-md5;
+};
+
+key secondkey {
+       secret "abcd1234abcd8765";
+       algorithm hmac-md5;
+};
+
+controls {
+       inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; secondkey; };
+};
+
+
+zone "." {
+       type hint;
+       file "../../common/root.hint";
+};
+
+zone "nil" {
+       type master;
+        update-policy local;
+       file "nil.db";
+        ixfr-from-differences yes;
+};
+
+zone "other" {
+       type master;
+        update-policy local;
+       file "other.db";
+};
+
+zone "static" {
+       type master;
+       file "static.db";
+};

diff --git a/bin/tests/system/rndc/ns2/secondkey.key b/bin/tests/system/rndc/ns2/secondkey.key
new file mode 100644 (file)
index 0000000..2e8be57
--- /dev/null
+++ b/bin/tests/system/rndc/ns2/secondkey.key
@@ -0,0 +1,4 @@
+key secondkey {
+        secret "abcd1234abcd8765";
+        algorithm hmac-md5;
+};

diff --git a/bin/tests/system/rndc/setup.sh b/bin/tests/system/rndc/setup.sh
new file mode 100644 (file)
index 0000000..8927e83
--- /dev/null
+++ b/bin/tests/system/rndc/setup.sh
@@ -0,0 +1,23 @@
+#!/bin/sh
+#
+# Copyright (C) 2011  Internet Systems Consortium, Inc. ("ISC")
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+# AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+# PERFORMANCE OF THIS SOFTWARE.
+
+# $Id: setup.sh,v 1.2 2011/03/21 18:06:06 each Exp $
+
+sh clean.sh
+
+sh ../genzone.sh 2 >ns2/nil.db
+sh ../genzone.sh 2 >ns2/other.db
+sh ../genzone.sh 2 >ns2/static.db

diff --git a/bin/tests/system/rndc/tests.sh b/bin/tests/system/rndc/tests.sh
new file mode 100644 (file)
index 0000000..0d4640c
--- /dev/null
+++ b/bin/tests/system/rndc/tests.sh
@@ -0,0 +1,39 @@
+#!/bin/sh
+#
+# Copyright (C) 2011  Internet Systems Consortium, Inc. ("ISC")
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+# AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+# PERFORMANCE OF THIS SOFTWARE.
+
+# $Id: tests.sh,v 1.4 2011/06/10 01:32:37 each Exp $
+
+SYSTEMTESTTOP=..
+. $SYSTEMTESTTOP/conf.sh
+
+RNDCCMD="$RNDC -s 10.53.0.2 -p 9953 -c ../common/rndc.conf"
+
+status=0
+
+echo "I:test using primary key"
+ret=0
+$RNDCCMD status > /dev/null || ret=1
+if [ $ret != 0 ]; then echo "I:failed"; fi
+status=`expr $status + $ret`
+
+echo "I:test using second key"
+ret=0
+$RNDC -s 10.53.0.2 -p 9953 -k ns2/secondkey.key status > /dev/null || ret=1
+if [ $ret != 0 ]; then echo "I:failed"; fi
+status=`expr $status + $ret`
+
+echo "I:exit status: $status"
+exit $status

diff --git a/lib/isccc/cc.c b/lib/isccc/cc.c
index b549d6cb9e2ed6b170406bc1c3cd878e5e6756b6..1ab9479855ee628ca2b3086ad481d153b62a61b3 100644 (file)
--- a/lib/isccc/cc.c
+++ b/lib/isccc/cc.c
@@ -399,8 +399,6 @@ table_fromwire(isccc_region_t *source, isccc_region_t *secret,
                first_tag = ISC_FALSE;
        }
 
-       *alistp = alist;
-
        if (secret != NULL) {
                if (checksum_rstart != NULL)
                        result = verify(alist, checksum_rstart,
@@ -412,7 +410,9 @@ table_fromwire(isccc_region_t *source, isccc_region_t *secret,
                result = ISC_R_SUCCESS;
 
  bad:
-       if (result != ISC_R_SUCCESS)
+       if (result == ISC_R_SUCCESS)
+               *alistp = alist;
+       else
                isccc_sexpr_free(&alist);
 
        return (result);