[master] fix rndc replay protection

3519.	[func]		Full replay protection via four-way handshake is
			now mandatory for rndc clients. Very old versions
			of rndc will no longer work. [RT #32798]

diff --git a/CHANGES b/CHANGES
index a102e7e62a2ea8240c1c15afcae9a6362a00ae7b..3ea845b2cec8cf07e23ff3cdd7047a7cbd6646d9 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,7 @@
+3519.  [func]          Full replay protection via four-way handshake is
+                       now mandatory for rndc clients. Very old versions
+                       of rndc will no longer work. [RT #32798]
+
 3518.  [bug]           Increase the size of dns_rrl_key.s.rtype by one bit
                        so that all dns_rrl_rtype_t enum values fit regardless
                        of whether it is teated as signed or unsigned by

diff --git a/bin/named/controlconf.c b/bin/named/controlconf.c
index 8a3d3b0932e8699b7ee8edddad72ffa71696dcb8..de71be8b410b972460cc9bbd5240f119feab3176 100644 (file)
--- a/bin/named/controlconf.c
+++ b/bin/named/controlconf.c
@@ -439,14 +439,17 @@ control_recvmessage(isc_task_t *task, isc_event_t *event) {
                goto cleanup_request;
        }
 
+       isc_buffer_init(&text, textarray, sizeof(textarray));
+
        /*
         * Establish nonce.
         */
-       while (conn->nonce == 0)
-               isc_random_get(&conn->nonce);
-
-       isc_buffer_init(&text, textarray, sizeof(textarray));
-       eresult = ns_control_docommand(request, &text);
+       if (conn->nonce == 0) {
+               while (conn->nonce == 0)
+                       isc_random_get(&conn->nonce);
+               eresult = ISC_R_SUCCESS;
+       } else
+               eresult = ns_control_docommand(request, &text);
 
        result = isccc_cc_createresponse(request, now, now + 60, &response);
        if (result != ISC_R_SUCCESS)