4191. [protocol] Accept DNS-SD non LDH PTR records in reverse zones

author Mark Andrews <marka@isc.org>

Tue, 25 Aug 2015 04:46:06 +0000 (14:46 +1000)

committer Mark Andrews <marka@isc.org>

Tue, 25 Aug 2015 04:46:35 +0000 (14:46 +1000)
author Mark Andrews <marka@isc.org>
Tue, 25 Aug 2015 04:46:06 +0000 (14:46 +1000)
committer Mark Andrews <marka@isc.org>
Tue, 25 Aug 2015 04:46:35 +0000 (14:46 +1000)
diff --git a/CHANGES b/CHANGES

index f1c1bb3b7c2b62f1c7a5f5cdfdfeb1bf4fef33b2..5d05bff4325e4a7c7c83d9d8a32b6cc0a3eb26db 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,6 @@
+4191.  [protocol]      Accept DNS-SD non LDH PTR records in reverse zones
+                       as per RFC 6763. [RT #37889]
+
  4190.  [protocol]      Accept Active Diretory gc._msdcs.<forest> name as
                         valid with check-names.  <forest> still needs to be
                         LDH. [RT #40399]
diff --git a/bin/tests/system/checkzone/tests.sh b/bin/tests/system/checkzone/tests.sh

index 61e8c90d318986b07560a4bb2c854681280bfcb8..4fffa3e988e4464425176c74c3714bac84fe77d3 100644 (file)
--- a/bin/tests/system/checkzone/tests.sh
+++ b/bin/tests/system/checkzone/tests.sh
@@ -26,6 +26,9 @@ do
         zones/good-gc-msdcs.db)
                 $CHECKZONE -k fail -i local example $db > test.out.$n 2>&1 || ret=1
                 ;;
+       zones/good-dns-sd-reverse.db)
+               $CHECKZONE -k fail -i local 0.0.0.0.in-addr.arpa $db > test.out.$n 2>&1 || ret=1
+               ;;
         *)
                 $CHECKZONE -i local example $db > test.out.$n 2>&1 || ret=1
                 ;;
@@ -39,7 +42,14 @@ for db in zones/bad*.db
  do
         echo "I:checking $db ($n)"
         ret=0
-       $CHECKZONE -i local example $db > test.out.$n 2>&1 && ret=1
+       case $db in
+       zones/bad-dns-sd-reverse.db)
+               $CHECKZONE -k fail -i local 0.0.0.0.in-addr.arpa $db > test.out.$n 2>&1 && ret=1
+               ;;
+       *)
+                $CHECKZONE -i local example $db > test.out.$n 2>&1 && ret=1
+               ;;
+       esac
         n=`expr $n + 1`
         if [ $ret != 0 ]; then echo "I:failed"; fi
         status=`expr $status + $ret`
diff --git a/bin/tests/system/checkzone/zones/bad-dns-sd-reverse.db b/bin/tests/system/checkzone/zones/bad-dns-sd-reverse.db

new file mode 100644 (file)

index 0000000..3e69f23
--- /dev/null
+++ b/bin/tests/system/checkzone/zones/bad-dns-sd-reverse.db
@@ -0,0 +1,10 @@
+$TTL   60
+@      IN      SOA     . . 0 0 0 0 0
+@      IN      NS      .
+;
+; The following are *not* Service Discovery Prefixes from RFC 6763 and the
+; PTR check-names rules for IN-ADDR.ARPA and IP6.ARPA do still apply.
+;
+b._fail._udp   IN      PTR     !@#3.
+db._wrong._udp IN      PTR     !@#3.
+lb._dns-sd._tcp        IN      PTR     !@#3.
diff --git a/bin/tests/system/checkzone/zones/good-dns-sd-reverse.db b/bin/tests/system/checkzone/zones/good-dns-sd-reverse.db

new file mode 100644 (file)

index 0000000..5b9963d
--- /dev/null
+++ b/bin/tests/system/checkzone/zones/good-dns-sd-reverse.db
@@ -0,0 +1,12 @@
+$TTL   60
+@      IN      SOA     . . 0 0 0 0 0
+@      IN      NS      .
+;
+; The following are Service Discovery Prefixes from RFC 6763 and the
+; PTR check-names rules for IN-ADDR.ARPA and IP6.ARPA do not apply.
+;
+b._dns-sd._udp IN      PTR     !@#3.
+db._dns-sd._udp        IN      PTR     !@#3.
+r._dns-sd._udp IN      PTR     !@#3.
+dr._dns-sd._udp        IN      PTR     !@#3.
+lb._dns-sd._udp        IN      PTR     !@#3.
diff --git a/lib/dns/include/dns/name.h b/lib/dns/include/dns/name.h

index 74cdc46030ff92fbb11bb809b998e03609e873bc..74ac9dbe2c6358a950ae8de2349bdc8d7f5c69be 100644 (file)
--- a/lib/dns/include/dns/name.h
+++ b/lib/dns/include/dns/name.h
@@ -1285,6 +1285,12 @@ dns_name_destroy(void);
   * non-NULL argument prior to calling dns_name_destroy();
   */
  
+isc_boolean_t
+dns_name_isdnssd(const dns_name_t *owner);
+/*%<
+ * Determine if the 'owner' is a DNS-SD prefix.
+ */
+
  ISC_LANG_ENDDECLS
  
  /*
diff --git a/lib/dns/master.c b/lib/dns/master.c

index 6eedac6a62807defbe9dfa41474f8cce7a234a00..6d73ec1910e56dc56ac612832280beb0dfdabfcd 100644 (file)
--- a/lib/dns/master.c
+++ b/lib/dns/master.c
@@ -364,7 +364,6 @@ static const dns_name_t ip6_arpa =
         {NULL, NULL}
  };
  
-
  static inline isc_result_t
  gettoken(isc_lex_t *lex, unsigned int options, isc_token_t *token,
          isc_boolean_t eol, dns_rdatacallbacks_t *callbacks)
@@ -1799,6 +1798,7 @@ load_text(dns_loadctx_t *lctx) {
                                 }
                         }
                         if (type == dns_rdatatype_ptr &&
+                           !dns_name_isdnssd(name) &&
                             (dns_name_issubdomain(name, &in_addr_arpa) ||
                              dns_name_issubdomain(name, &ip6_arpa) ||
                              dns_name_issubdomain(name, &ip6_int)))
diff --git a/lib/dns/name.c b/lib/dns/name.c

index 87aeb6d11e8b7c167fa6c304af39d5b6cb735e56..a57141e1caef56982f65d8c09f386379a189671c 100644 (file)
--- a/lib/dns/name.c
+++ b/lib/dns/name.c
@@ -2541,3 +2541,76 @@ dns_name_destroy(void) {
  
  #endif
  }
+
+/*
+ * Service Discovery Prefixes RFC 6763.
+ */
+static unsigned char b_dns_sd_udp_data[]  = "\001b\007_dns-sd\004_udp";
+static unsigned char b_dns_sd_udp_offsets[] = { 0, 2, 10 };
+static unsigned char db_dns_sd_udp_data[]  = "\002db\007_dns-sd\004_udp";
+static unsigned char db_dns_sd_udp_offsets[] = { 0, 3, 11 };
+static unsigned char r_dns_sd_udp_data[]  = "\001r\007_dns-sd\004_udp";
+static unsigned char r_dns_sd_udp_offsets[] = { 0, 2, 10 };
+static unsigned char dr_dns_sd_udp_data[]  = "\002dr\007_dns-sd\004_udp";
+static unsigned char dr_dns_sd_udp_offsets[] = { 0, 3, 11 };
+static unsigned char lb_dns_sd_udp_data[]  = "\002lb\007_dns-sd\004_udp";
+static unsigned char lb_dns_sd_udp_offsets[] = { 0, 3, 11 };
+
+static const dns_name_t dns_sd[] = {
+       {
+               DNS_NAME_MAGIC,
+               b_dns_sd_udp_data, 15, 3,
+               DNS_NAMEATTR_READONLY,
+               b_dns_sd_udp_offsets, NULL,
+               {(void *)-1, (void *)-1},
+               {NULL, NULL}
+       },
+       {
+               DNS_NAME_MAGIC,
+               db_dns_sd_udp_data, 16, 3,
+               DNS_NAMEATTR_READONLY,
+               db_dns_sd_udp_offsets, NULL,
+               {(void *)-1, (void *)-1},
+               {NULL, NULL}
+       },
+       {
+               DNS_NAME_MAGIC,
+               r_dns_sd_udp_data, 15, 3,
+               DNS_NAMEATTR_READONLY,
+               r_dns_sd_udp_offsets, NULL,
+               {(void *)-1, (void *)-1},
+               {NULL, NULL}
+       },
+       {
+               DNS_NAME_MAGIC,
+               dr_dns_sd_udp_data, 16, 3,
+               DNS_NAMEATTR_READONLY,
+               dr_dns_sd_udp_offsets, NULL,
+               {(void *)-1, (void *)-1},
+               {NULL, NULL}
+       },
+       {
+               DNS_NAME_MAGIC,
+               lb_dns_sd_udp_data, 16, 3,
+               DNS_NAMEATTR_READONLY,
+               lb_dns_sd_udp_offsets, NULL,
+               {(void *)-1, (void *)-1},
+               {NULL, NULL}
+       }
+};
+
+isc_boolean_t
+dns_name_isdnssd(const dns_name_t *name) {
+       size_t i;
+       dns_name_t prefix;
+
+       if (dns_name_countlabels(name) > 3U) {
+               dns_name_init(&prefix, NULL);
+               dns_name_getlabelsequence(name, 0, 3, &prefix);
+               for (i = 0; i < (sizeof(dns_sd)/sizeof(dns_sd[0])); i++)
+                       if (dns_name_equal(&prefix, &dns_sd[i]))
+                               return (ISC_TRUE);
+       }
+
+       return (ISC_FALSE);
+}
diff --git a/lib/dns/rdata/generic/ptr_12.c b/lib/dns/rdata/generic/ptr_12.c

index 2707ae3d5882d844bb925c0103191886dc73a95d..e3f65cf28561a86c2ba3b50c687b880d99bd98a0 100644 (file)
--- a/lib/dns/rdata/generic/ptr_12.c
+++ b/lib/dns/rdata/generic/ptr_12.c
@@ -273,6 +273,9 @@ checknames_ptr(ARGS_CHECKNAMES) {
         if (rdata->rdclass != dns_rdataclass_in)
             return (ISC_TRUE);
  
+       if (dns_name_isdnssd(owner))
+               return (ISC_TRUE);
+
         if (dns_name_issubdomain(owner, &in_addr_arpa) ||
             dns_name_issubdomain(owner, &ip6_arpa) ||
             dns_name_issubdomain(owner, &ip6_int)) {
diff --git a/lib/dns/win32/libdns.def.in b/lib/dns/win32/libdns.def.in

index 7594447026693ec82afe065ce0957e363130c829..dac3b2c22ecbbea0b1199ce6d7b8f651275de6b7 100644 (file)
--- a/lib/dns/win32/libdns.def.in
+++ b/lib/dns/win32/libdns.def.in
@@ -506,6 +506,7 @@ dns_name_init
  dns_name_internalwildcard
  dns_name_invalidate
  dns_name_isabsolute
+dns_name_isdnssd
  dns_name_ishostname
  dns_name_ismailbox
  dns_name_issubdomain
author	Mark Andrews <marka@isc.org>
	Tue, 25 Aug 2015 04:46:06 +0000 (14:46 +1000)
committer	Mark Andrews <marka@isc.org>
	Tue, 25 Aug 2015 04:46:35 +0000 (14:46 +1000)
CHANGES		patch \| blob \| blame \| history
bin/tests/system/checkzone/tests.sh		patch \| blob \| blame \| history
bin/tests/system/checkzone/zones/bad-dns-sd-reverse.db	[new file with mode: 0644]	patch \| blob
bin/tests/system/checkzone/zones/good-dns-sd-reverse.db	[new file with mode: 0644]	patch \| blob
lib/dns/include/dns/name.h		patch \| blob \| blame \| history
lib/dns/master.c		patch \| blob \| blame \| history
lib/dns/name.c		patch \| blob \| blame \| history
lib/dns/rdata/generic/ptr_12.c		patch \| blob \| blame \| history
lib/dns/win32/libdns.def.in		patch \| blob \| blame \| history