From: Evan Hunt Date: Fri, 15 Feb 2013 18:21:43 +0000 (-0800) Subject: [v9_9] address TKEY bugs X-Git-Tag: v9.9.3b2~67 X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=27eefab033c028c027b50c800479a5cccd1110cd;p=thirdparty%2Fbind9.git [v9_9] address TKEY bugs 3486. [bug] named could crash when using TKEY-negotiated keys that had been deleted and then recreated. [RT #32506] (cherry picked from commit 0b8bd3a4ae3efd91f88e8901323faf99b5b06136) --- diff --git a/CHANGES b/CHANGES index 10e6434f53d..1d1e8b86a4d 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,6 @@ +3486. [bug] named could crash when using TKEY-negotiated keys + that had been deleted and then recreated. [RT #32506] + 3485. [cleanup] Only compile openssl_gostlink.c if we support GOST. 3483. [bug] Corrected XSL code in use with --enable-newstats. diff --git a/bin/tests/system/tkey/clean.sh b/bin/tests/system/tkey/clean.sh index 2ddd9c418c8..a24513e2398 100644 --- a/bin/tests/system/tkey/clean.sh +++ b/bin/tests/system/tkey/clean.sh @@ -17,7 +17,6 @@ # $Id: clean.sh,v 1.8 2011/11/03 23:46:26 tbox Exp $ -rm -f dig.out.* random.data ns1/named.conf +rm -f dig.out.* rndc.out.* random.data ns1/named.conf rm -f K* ns1/K* rm -f */named.memstats -rm -f rndc.out diff --git a/bin/tests/system/tkey/ns1/example.db b/bin/tests/system/tkey/ns1/example.db new file mode 100644 index 00000000000..430d7ec312a --- /dev/null +++ b/bin/tests/system/tkey/ns1/example.db @@ -0,0 +1,30 @@ +; Copyright (C) 2005, 2007 Internet Systems Consortium, Inc. ("ISC") +; +; Permission to use, copy, modify, and/or distribute this software for any +; purpose with or without fee is hereby granted, provided that the above +; copyright notice and this permission notice appear in all copies. +; +; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +; PERFORMANCE OF THIS SOFTWARE. + +$TTL 1D + +@ IN SOA ns hostmaster ( + 1 + 3600 + 1800 + 1814400 + 3 + ) + NS ns +ns A 10.53.0.1 +mx MX 10 mail +a A 10.53.0.1 + A 10.53.0.2 +txt TXT "this is text" + diff --git a/bin/tests/system/tkey/ns1/named.conf.in b/bin/tests/system/tkey/ns1/named.conf.in index 7f235200dc2..592c42bba7c 100644 --- a/bin/tests/system/tkey/ns1/named.conf.in +++ b/bin/tests/system/tkey/ns1/named.conf.in @@ -47,3 +47,9 @@ key "tkeytest." { algorithm hmac-md5; secret "0123456789ab"; }; + +zone example { + type master; + file "example.db"; + allow-query { key tkeytest.; none; }; +}; diff --git a/bin/tests/system/tkey/setup.sh b/bin/tests/system/tkey/setup.sh index 4a9ac56f4da..15ec4df6b3d 100644 --- a/bin/tests/system/tkey/setup.sh +++ b/bin/tests/system/tkey/setup.sh @@ -19,6 +19,8 @@ RANDFILE=random.data +sh clean.sh + ../../../tools/genrandom 100 $RANDFILE cd ns1 && sh setup.sh diff --git a/bin/tests/system/tkey/tests.sh b/bin/tests/system/tkey/tests.sh index 1a51658e944..05eaa512808 100644 --- a/bin/tests/system/tkey/tests.sh +++ b/bin/tests/system/tkey/tests.sh @@ -91,8 +91,17 @@ status=`expr $status + $ret` echo "I:checking the key with 'rndc tsig-list'" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-list > rndc.out -grep "key \"bar.example.server" rndc.out > /dev/null || ret=1 +$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-list > rndc.out.1 +grep "key \"bar.example.server" rndc.out.1 > /dev/null || ret=1 +if [ $ret != 0 ]; then + echo "I:failed" +fi +status=`expr $status + $ret` + +echo "I:using key in a request" +ret=0 +$DIG $DIGOPTS -k $keyname txt.example txt > dig.out.3 || ret=1 +grep "status: NOERROR" dig.out.3 > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed" fi @@ -101,8 +110,38 @@ status=`expr $status + $ret` echo "I:deleting the key with 'rndc tsig-delete'" ret=0 $RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-delete bar.example.server > /dev/null || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-list > rndc.out -grep "key \"bar.example.server" rndc.out > /dev/null && ret=1 +$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-list > rndc.out.2 +grep "key \"bar.example.server" rndc.out.2 > /dev/null && ret=1 +$DIG $DIGOPTS -k $keyname txt.example txt > dig.out.4 || ret=1 +grep "TSIG could not be validated" dig.out.4 > /dev/null || ret=1 +if [ $ret != 0 ]; then + echo "I:failed" +fi +status=`expr $status + $ret` + +echo "I:recreating the bar.example. key" +ret=0 +keyname=`./keycreate $dhkeyname bar.example.` || ret=1 +if [ $ret != 0 ]; then + echo "I:failed" + echo "I:exit status: $status" + exit $status +fi +status=`expr $status + $ret` + +echo "I:checking the new key with 'rndc tsig-list'" +ret=0 +$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-list > rndc.out.3 +grep "key \"bar.example.server" rndc.out.3 > /dev/null || ret=1 +if [ $ret != 0 ]; then + echo "I:failed" +fi +status=`expr $status + $ret` + +echo "I:using the new key in a request" +ret=0 +$DIG $DIGOPTS -k $keyname txt.example txt > dig.out.5 || ret=1 +grep "status: NOERROR" dig.out.5 > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed" fi diff --git a/lib/dns/dst_api.c b/lib/dns/dst_api.c index 9ad58dc0a25..7b0d87de8ad 100644 --- a/lib/dns/dst_api.c +++ b/lib/dns/dst_api.c @@ -1255,7 +1255,7 @@ dst_key_dump(dst_key_t *key, isc_mem_t *mctx, char **buffer, int *length) { REQUIRE(length != NULL && *length == 0); REQUIRE(VALID_KEY(key)); - if (key->func->isprivate == NULL) + if (key->func->dump == NULL) return (ISC_R_NOTIMPLEMENTED); return (key->func->dump(key, mctx, buffer, length)); } diff --git a/lib/dns/tsig.c b/lib/dns/tsig.c index cc781993fbb..226603c912f 100644 --- a/lib/dns/tsig.c +++ b/lib/dns/tsig.c @@ -239,7 +239,9 @@ adjust_lru(dns_tsigkey_t *tkey) { * We may have been removed from the LRU list between * removing the read lock and aquiring the write lock. */ - if (ISC_LINK_LINKED(tkey, link)) { + if (ISC_LINK_LINKED(tkey, link) && + (tkey->ring->lru).head != tkey) + { ISC_LIST_UNLINK(tkey->ring->lru, tkey, link); ISC_LIST_APPEND(tkey->ring->lru, tkey, link); } @@ -625,8 +627,7 @@ restore_key(dns_tsig_keyring_t *ring, isc_stdtime_t now, FILE *fp) { } static void -dump_key(dns_tsigkey_t *tkey, FILE *fp) -{ +dump_key(dns_tsigkey_t *tkey, FILE *fp) { char *buffer = NULL; int length = 0; char namestr[DNS_NAME_FORMATSIZE]; @@ -634,6 +635,9 @@ dump_key(dns_tsigkey_t *tkey, FILE *fp) char algorithmstr[DNS_NAME_FORMATSIZE]; isc_result_t result; + REQUIRE(tkey != NULL); + REQUIRE(fp != NULL); + dns_name_format(&tkey->name, namestr, sizeof(namestr)); dns_name_format(tkey->creator, creatorstr, sizeof(creatorstr)); dns_name_format(tkey->algorithm, algorithmstr, sizeof(algorithmstr));