'{&dns}' is as valid as '{?dns}' in a SVCB's dohpath

author Remi Gacogne <remi.gacogne@powerdns.com>

Thu, 5 Sep 2024 13:11:21 +0000 (15:11 +0200)

committer Mark Andrews <marka@isc.org>

Tue, 26 Nov 2024 03:41:51 +0000 (03:41 +0000)
author Remi Gacogne <remi.gacogne@powerdns.com>
Thu, 5 Sep 2024 13:11:21 +0000 (15:11 +0200)
committer Mark Andrews <marka@isc.org>
Tue, 26 Nov 2024 03:41:51 +0000 (03:41 +0000)
diff --git a/lib/dns/rdata/in_1/svcb_64.c b/lib/dns/rdata/in_1/svcb_64.c

index a99177a14fbd808b3ea485cd6323448f3b9fabe4..5145230f339f1ce75c81061e4db3fe87ef74596a 100644 (file)
--- a/lib/dns/rdata/in_1/svcb_64.c
+++ b/lib/dns/rdata/in_1/svcb_64.c
@@ -157,7 +157,7 @@ svcb_validate(uint16_t key, isc_region_t *region) {
                                 /*
                                  * Minimum valid dohpath is "/{?dns}" as
                                  * it MUST be relative (leading "/") and
-                                * MUST contain "{?dns}".
+                                * MUST contain "{?dns}" or "{&dns}".
                                  */
                                 if (region->length < 7) {
                                         return DNS_R_FORMERR;
@@ -172,8 +172,10 @@ svcb_validate(uint16_t key, isc_region_t *region) {
                                 {
                                         return DNS_R_FORMERR;
                                 }
-                               /* MUST contain "{?dns}" */
+                               /* MUST contain "{?dns}" or "{&dns}" */
                                 if (strnstr((char *)region->base, "{?dns}",
+                                           region->length) == NULL &&
+                                   strnstr((char *)region->base, "{&dns}",
                                             region->length) == NULL)
                                 {
                                         return DNS_R_FORMERR;
diff --git a/tests/dns/rdata_test.c b/tests/dns/rdata_test.c

index d7858c801d25678db31ddf96c7ec2c9b3a2b3553..b8a98188d515405b35fd7ba855aadb25c4668e77 100644 (file)
--- a/tests/dns/rdata_test.c
+++ b/tests/dns/rdata_test.c
@@ -2613,6 +2613,8 @@ ISC_RUN_TEST_IMPL(https_svcb) {
                                    "1 example.net. key7=\"/{?dns}\""),
                 TEXT_VALID_LOOPCHG(1, "1 example.net. dohpath=/some/path{?dns}",
                                    "1 example.net. key7=\"/some/path{?dns}\""),
+               TEXT_VALID_LOOPCHG(1, "1 example.net. dohpath=/some/path?key=value{&dns}",
+                                  "1 example.net. key7=\"/some/path?key=value{&dns}\""),
                 TEXT_INVALID("1 example.com. dohpath=no-slash"),
                 TEXT_INVALID("1 example.com. dohpath=/{?notdns}"),
                 TEXT_INVALID("1 example.com. dohpath=/notvariable"),
author	Remi Gacogne <remi.gacogne@powerdns.com>
	Thu, 5 Sep 2024 13:11:21 +0000 (15:11 +0200)
committer	Mark Andrews <marka@isc.org>
	Tue, 26 Nov 2024 03:41:51 +0000 (03:41 +0000)
lib/dns/rdata/in_1/svcb_64.c		patch \| blob \| blame \| history
tests/dns/rdata_test.c		patch \| blob \| blame \| history