Check opcode of messages returned by dns_request_getresponse

author Mark Andrews <marka@isc.org>

Fri, 11 Jun 2021 06:58:15 +0000 (16:58 +1000)

committer Mark Andrews <marka@isc.org>

Wed, 21 Jul 2021 02:40:47 +0000 (12:40 +1000)
author Mark Andrews <marka@isc.org>
Fri, 11 Jun 2021 06:58:15 +0000 (16:58 +1000)
committer Mark Andrews <marka@isc.org>
Wed, 21 Jul 2021 02:40:47 +0000 (12:40 +1000)
diff --git a/bin/nsupdate/nsupdate.c b/bin/nsupdate/nsupdate.c

index 69bcfe07423f90a1a054a8b1820fc67bf2fe4a89..f8781396472f9068278d337ba2cb6f2cad8f8a42 100644 (file)
--- a/bin/nsupdate/nsupdate.c
+++ b/bin/nsupdate/nsupdate.c
@@ -2472,6 +2472,10 @@ update_completed(isc_task_t *task, isc_event_t *event) {
                 check_result(result, "dns_request_getresponse");
         }
  
+       if (answer->opcode != dns_opcode_update) {
+               fatal("invalid OPCODE in response to UPDATE request");
+       }
+
         if (answer->rcode != dns_rcode_noerror) {
                 seenerror = true;
                 if (!debugging) {
@@ -2678,6 +2682,10 @@ recvsoa(isc_task_t *task, isc_event_t *event) {
                 show_message(stderr, rcvmsg, "Reply from SOA query:");
         }
  
+       if (rcvmsg->opcode != dns_opcode_query) {
+               fatal("invalid OPCODE in response to SOA query");
+       }
+
         if (rcvmsg->rcode != dns_rcode_noerror &&
             rcvmsg->rcode != dns_rcode_nxdomain) {
                 fatal("response to SOA query was unsuccessful");
@@ -3151,6 +3159,10 @@ recvgss(isc_task_t *task, isc_event_t *event) {
                              "recvmsg reply from GSS-TSIG query");
         }
  
+       if (rcvmsg->opcode != dns_opcode_query) {
+               fatal("invalid OPCODE in response to GSS-TSIG query");
+       }
+
         if (rcvmsg->rcode == dns_rcode_formerr && !tried_other_gsstsig) {
                 ddebug("recvgss trying %s GSS-TSIG",
                        use_win2k_gsstsig ? "Standard" : "Win2k");
diff --git a/lib/dns/zone.c b/lib/dns/zone.c

index 6774657133989d7fd44c432490f72ff3a0dc8218..b2fb45f8b8dbe293121063d0cf3e28c7a752986a 100644 (file)
--- a/lib/dns/zone.c
+++ b/lib/dns/zone.c
@@ -58,6 +58,7 @@
  #include <dns/name.h>
  #include <dns/nsec.h>
  #include <dns/nsec3.h>
+#include <dns/opcode.h>
  #include <dns/peer.h>
  #include <dns/private.h>
  #include <dns/rcode.h>
@@ -13073,6 +13074,23 @@ stub_glue_response_cb(isc_task_t *task, isc_event_t *event) {
                 goto cleanup;
         }
  
+       /*
+        * Unexpected opcode.
+        */
+       if (msg->opcode != dns_opcode_query) {
+               char opcode[128];
+               isc_buffer_t rb;
+
+               isc_buffer_init(&rb, opcode, sizeof(opcode));
+               (void)dns_opcode_totext(msg->rcode, &rb);
+
+               dns_zone_log(zone, ISC_LOG_INFO,
+                            "refreshing stub: "
+                            "unexpected opcode (%.*s) from %s (source %s)",
+                            (int)rb.used, opcode, master, source);
+               goto cleanup;
+       }
+
         /*
          * Unexpected rcode.
          */
@@ -13485,6 +13503,23 @@ stub_callback(isc_task_t *task, isc_event_t *event) {
                 goto next_master;
         }
  
+       /*
+        * Unexpected opcode.
+        */
+       if (msg->opcode != dns_opcode_query) {
+               char opcode[128];
+               isc_buffer_t rb;
+
+               isc_buffer_init(&rb, opcode, sizeof(opcode));
+               (void)dns_opcode_totext(msg->rcode, &rb);
+
+               dns_zone_log(zone, ISC_LOG_INFO,
+                            "refreshing stub: "
+                            "unexpected opcode (%.*s) from %s (source %s)",
+                            (int)rb.used, opcode, master, source);
+               goto next_master;
+       }
+
         /*
          * Unexpected rcode.
          */
@@ -13874,6 +13909,23 @@ refresh_callback(isc_task_t *task, isc_event_t *event) {
                 goto next_master;
         }
  
+       /*
+        * Unexpected opcode.
+        */
+       if (msg->opcode != dns_opcode_query) {
+               char opcode[128];
+               isc_buffer_t rb;
+
+               isc_buffer_init(&rb, opcode, sizeof(opcode));
+               (void)dns_opcode_totext(msg->rcode, &rb);
+
+               dns_zone_log(zone, ISC_LOG_INFO,
+                            "refresh: "
+                            "unexpected opcode (%.*s) from %s (source %s)",
+                            (int)rb.used, opcode, master, source);
+               goto next_master;
+       }
+
         /*
          * Unexpected rcode.
          */
@@ -18044,6 +18096,23 @@ forward_callback(isc_task_t *task, isc_event_t *event) {
                 goto next_master;
         }
  
+       /*
+        * Unexpected opcode.
+        */
+       if (msg->opcode != dns_opcode_update) {
+               char opcode[128];
+               isc_buffer_t rb;
+
+               isc_buffer_init(&rb, opcode, sizeof(opcode));
+               (void)dns_opcode_totext(msg->rcode, &rb);
+
+               dns_zone_log(zone, ISC_LOG_INFO,
+                            "forwarding dynamic update: "
+                            "unexpected opcode (%.*s) from %s",
+                            (int)rb.used, opcode, master);
+               goto next_master;
+       }
+
         switch (msg->rcode) {
         /*
          * Pass these rcodes back to client.
author	Mark Andrews <marka@isc.org>
	Fri, 11 Jun 2021 06:58:15 +0000 (16:58 +1000)
committer	Mark Andrews <marka@isc.org>
	Wed, 21 Jul 2021 02:40:47 +0000 (12:40 +1000)
bin/nsupdate/nsupdate.c		patch \| blob \| blame \| history
lib/dns/zone.c		patch \| blob \| blame \| history