4191. [protocol] Accept DNS-SD non LDH PTR records in reverse zones

author Mark Andrews <marka@isc.org>

Tue, 25 Aug 2015 04:46:06 +0000 (14:46 +1000)

committer Mark Andrews <marka@isc.org>

Tue, 25 Aug 2015 04:46:41 +0000 (14:46 +1000)
author Mark Andrews <marka@isc.org>
Tue, 25 Aug 2015 04:46:06 +0000 (14:46 +1000)
committer Mark Andrews <marka@isc.org>
Tue, 25 Aug 2015 04:46:41 +0000 (14:46 +1000)
diff --git a/CHANGES b/CHANGES

index 5e00f8776aa2acac3aca2a8a6dbf3c63aab874ef..cf4b2b6d2698cdeceb836fd5663533e36e93018d 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,6 @@
+4191.  [protocol]      Accept DNS-SD non LDH PTR records in reverse zones
+                       as per RFC 6763. [RT #37889]
+
  4190.  [protocol]      Accept Active Diretory gc._msdcs.<forest> name as
                         valid with check-names.  <forest> still needs to be
                         LDH. [RT #40399]
diff --git a/bin/tests/system/checkzone/tests.sh b/bin/tests/system/checkzone/tests.sh

index df46527eee181e34f76b7d2d4324f47c0b371473..a59b7d4c325c3764a084610f3265630545c41946 100644 (file)
--- a/bin/tests/system/checkzone/tests.sh
+++ b/bin/tests/system/checkzone/tests.sh
@@ -28,6 +28,9 @@ do
         zones/good-gc-msdcs.db)
                 $CHECKZONE -k fail -i local example $db > test.out.$n 2>&1 || ret=1
                 ;;
+       zones/good-dns-sd-reverse.db)
+               $CHECKZONE -k fail -i local 0.0.0.0.in-addr.arpa $db > test.out.$n 2>&1 || ret=1
+               ;;
         *)
                 $CHECKZONE -i local example $db > test.out.$n 2>&1 || ret=1
                 ;;
@@ -41,7 +44,14 @@ for db in zones/bad*.db
  do
         echo "I:checking $db ($n)"
         ret=0
-       $CHECKZONE -i local example $db > test.out.$n 2>&1 && ret=1
+       case $db in
+       zones/bad-dns-sd-reverse.db)
+               $CHECKZONE -k fail -i local 0.0.0.0.in-addr.arpa $db > test.out.$n 2>&1 && ret=1
+               ;;
+       *)
+                $CHECKZONE -i local example $db > test.out.$n 2>&1 && ret=1
+               ;;
+       esac
         n=`expr $n + 1`
         if [ $ret != 0 ]; then echo "I:failed"; fi
         status=`expr $status + $ret`
diff --git a/bin/tests/system/checkzone/zones/bad-dns-sd-reverse.db b/bin/tests/system/checkzone/zones/bad-dns-sd-reverse.db

new file mode 100644 (file)

index 0000000..3e69f23
--- /dev/null
+++ b/bin/tests/system/checkzone/zones/bad-dns-sd-reverse.db
@@ -0,0 +1,10 @@
+$TTL   60
+@      IN      SOA     . . 0 0 0 0 0
+@      IN      NS      .
+;
+; The following are *not* Service Discovery Prefixes from RFC 6763 and the
+; PTR check-names rules for IN-ADDR.ARPA and IP6.ARPA do still apply.
+;
+b._fail._udp   IN      PTR     !@#3.
+db._wrong._udp IN      PTR     !@#3.
+lb._dns-sd._tcp        IN      PTR     !@#3.
diff --git a/bin/tests/system/checkzone/zones/good-dns-sd-reverse.db b/bin/tests/system/checkzone/zones/good-dns-sd-reverse.db

new file mode 100644 (file)

index 0000000..5b9963d
--- /dev/null
+++ b/bin/tests/system/checkzone/zones/good-dns-sd-reverse.db
@@ -0,0 +1,12 @@
+$TTL   60
+@      IN      SOA     . . 0 0 0 0 0
+@      IN      NS      .
+;
+; The following are Service Discovery Prefixes from RFC 6763 and the
+; PTR check-names rules for IN-ADDR.ARPA and IP6.ARPA do not apply.
+;
+b._dns-sd._udp IN      PTR     !@#3.
+db._dns-sd._udp        IN      PTR     !@#3.
+r._dns-sd._udp IN      PTR     !@#3.
+dr._dns-sd._udp        IN      PTR     !@#3.
+lb._dns-sd._udp        IN      PTR     !@#3.
diff --git a/lib/dns/include/dns/name.h b/lib/dns/include/dns/name.h

index 2bbf210664d605577210ceb500660972708080cc..d6e9a90c1eb58d68a661ca041eda554969719b8f 100644 (file)
--- a/lib/dns/include/dns/name.h
+++ b/lib/dns/include/dns/name.h
@@ -1280,6 +1280,12 @@ dns_name_destroy(void);
   * non-NULL argument prior to calling dns_name_destroy();
   */
  
+isc_boolean_t
+dns_name_isdnssd(const dns_name_t *owner);
+/*%<
+ * Determine if the 'owner' is a DNS-SD prefix.
+ */
+
  ISC_LANG_ENDDECLS
  
  /*
diff --git a/lib/dns/master.c b/lib/dns/master.c

index f560641e179c16f059fed81d78f2defdff3e9232..4dba0d7c5558f398b695da61963c6ff92b62fdf3 100644 (file)
--- a/lib/dns/master.c
+++ b/lib/dns/master.c
@@ -352,7 +352,6 @@ static const dns_name_t ip6_arpa =
         {NULL, NULL}
  };
  
-
  static inline isc_result_t
  gettoken(isc_lex_t *lex, unsigned int options, isc_token_t *token,
          isc_boolean_t eol, dns_rdatacallbacks_t *callbacks)
@@ -1791,6 +1790,7 @@ load_text(dns_loadctx_t *lctx) {
                                 }
                         }
                         if (type == dns_rdatatype_ptr &&
+                           !dns_name_isdnssd(name) &&
                             (dns_name_issubdomain(name, &in_addr_arpa) ||
                              dns_name_issubdomain(name, &ip6_arpa) ||
                              dns_name_issubdomain(name, &ip6_int)))
diff --git a/lib/dns/name.c b/lib/dns/name.c

index a5af3cf1ff909fc53c993ddb243f167df6b7b922..6db373c03b0e14cba8d3aba9761f91d1ef9eafe4 100644 (file)
--- a/lib/dns/name.c
+++ b/lib/dns/name.c
@@ -2501,3 +2501,76 @@ dns_name_destroy(void) {
  
  #endif
  }
+
+/*
+ * Service Discovery Prefixes RFC 6763.
+ */
+static unsigned char b_dns_sd_udp_data[]  = "\001b\007_dns-sd\004_udp";
+static unsigned char b_dns_sd_udp_offsets[] = { 0, 2, 10 };
+static unsigned char db_dns_sd_udp_data[]  = "\002db\007_dns-sd\004_udp";
+static unsigned char db_dns_sd_udp_offsets[] = { 0, 3, 11 };
+static unsigned char r_dns_sd_udp_data[]  = "\001r\007_dns-sd\004_udp";
+static unsigned char r_dns_sd_udp_offsets[] = { 0, 2, 10 };
+static unsigned char dr_dns_sd_udp_data[]  = "\002dr\007_dns-sd\004_udp";
+static unsigned char dr_dns_sd_udp_offsets[] = { 0, 3, 11 };
+static unsigned char lb_dns_sd_udp_data[]  = "\002lb\007_dns-sd\004_udp";
+static unsigned char lb_dns_sd_udp_offsets[] = { 0, 3, 11 };
+
+static const dns_name_t dns_sd[] = {
+       {
+               DNS_NAME_MAGIC,
+               b_dns_sd_udp_data, 15, 3,
+               DNS_NAMEATTR_READONLY,
+               b_dns_sd_udp_offsets, NULL,
+               {(void *)-1, (void *)-1},
+               {NULL, NULL}
+       },
+       {
+               DNS_NAME_MAGIC,
+               db_dns_sd_udp_data, 16, 3,
+               DNS_NAMEATTR_READONLY,
+               db_dns_sd_udp_offsets, NULL,
+               {(void *)-1, (void *)-1},
+               {NULL, NULL}
+       },
+       {
+               DNS_NAME_MAGIC,
+               r_dns_sd_udp_data, 15, 3,
+               DNS_NAMEATTR_READONLY,
+               r_dns_sd_udp_offsets, NULL,
+               {(void *)-1, (void *)-1},
+               {NULL, NULL}
+       },
+       {
+               DNS_NAME_MAGIC,
+               dr_dns_sd_udp_data, 16, 3,
+               DNS_NAMEATTR_READONLY,
+               dr_dns_sd_udp_offsets, NULL,
+               {(void *)-1, (void *)-1},
+               {NULL, NULL}
+       },
+       {
+               DNS_NAME_MAGIC,
+               lb_dns_sd_udp_data, 16, 3,
+               DNS_NAMEATTR_READONLY,
+               lb_dns_sd_udp_offsets, NULL,
+               {(void *)-1, (void *)-1},
+               {NULL, NULL}
+       }
+};
+
+isc_boolean_t
+dns_name_isdnssd(const dns_name_t *name) {
+       size_t i;
+       dns_name_t prefix;
+
+       if (dns_name_countlabels(name) > 3U) {
+               dns_name_init(&prefix, NULL);
+               dns_name_getlabelsequence(name, 0, 3, &prefix);
+               for (i = 0; i < (sizeof(dns_sd)/sizeof(dns_sd[0])); i++)
+                       if (dns_name_equal(&prefix, &dns_sd[i]))
+                               return (ISC_TRUE);
+       }
+
+       return (ISC_FALSE);
+}
diff --git a/lib/dns/rdata/generic/ptr_12.c b/lib/dns/rdata/generic/ptr_12.c

index 2707ae3d5882d844bb925c0103191886dc73a95d..e3f65cf28561a86c2ba3b50c687b880d99bd98a0 100644 (file)
--- a/lib/dns/rdata/generic/ptr_12.c
+++ b/lib/dns/rdata/generic/ptr_12.c
@@ -273,6 +273,9 @@ checknames_ptr(ARGS_CHECKNAMES) {
         if (rdata->rdclass != dns_rdataclass_in)
             return (ISC_TRUE);
  
+       if (dns_name_isdnssd(owner))
+               return (ISC_TRUE);
+
         if (dns_name_issubdomain(owner, &in_addr_arpa) ||
             dns_name_issubdomain(owner, &ip6_arpa) ||
             dns_name_issubdomain(owner, &ip6_int)) {
diff --git a/lib/dns/win32/libdns.def.in b/lib/dns/win32/libdns.def.in

index 7ad51c9ce14f3eac6f33e8e0e61e0084f4dee8f8..89d9d6735a5c40178d976bab2a6ef0f4b3075aa3 100644 (file)
--- a/lib/dns/win32/libdns.def.in
+++ b/lib/dns/win32/libdns.def.in
@@ -476,6 +476,7 @@ dns_name_init
  dns_name_internalwildcard
  dns_name_invalidate
  dns_name_isabsolute
+dns_name_isdnssd
  dns_name_ishostname
  dns_name_ismailbox
  dns_name_issubdomain
author	Mark Andrews <marka@isc.org>
	Tue, 25 Aug 2015 04:46:06 +0000 (14:46 +1000)
committer	Mark Andrews <marka@isc.org>
	Tue, 25 Aug 2015 04:46:41 +0000 (14:46 +1000)
CHANGES		patch \| blob \| blame \| history
bin/tests/system/checkzone/tests.sh		patch \| blob \| blame \| history
bin/tests/system/checkzone/zones/bad-dns-sd-reverse.db	[new file with mode: 0644]	patch \| blob
bin/tests/system/checkzone/zones/good-dns-sd-reverse.db	[new file with mode: 0644]	patch \| blob
lib/dns/include/dns/name.h		patch \| blob \| blame \| history
lib/dns/master.c		patch \| blob \| blame \| history
lib/dns/name.c		patch \| blob \| blame \| history
lib/dns/rdata/generic/ptr_12.c		patch \| blob \| blame \| history
lib/dns/win32/libdns.def.in		patch \| blob \| blame \| history