Commit a0d411c0 authored by Mark Andrews's avatar Mark Andrews
Browse files

3880. [test] Update ans.pl to work with new TSIG support in

                        Net::DNS; add additional Net::DNS version prerequisite
                        checks. [RT #36327]
parent bd7996b0
3880. [test] Update ans.pl to work with new TSIG support in
Net::DNS; add additional Net::DNS version prerequisite
checks. [RT #36327]
3879. [func] Add version printing option to various BIND utilities.
[RT #10686]
......
......@@ -94,6 +94,7 @@ my $tcpsock = IO::Socket::INET->new(LocalAddr => "$server_addr",
LocalPort => 5300, Proto => "tcp", Listen => 5, Reuse => 1) or die "$!";
print "listening on $server_addr:5300,5301.\n";
print "Using Net::DNS $Net::DNS::VERSION\n";
my $pidf = new IO::File "ans.pid", "w" or die "cannot open pid file: $!";
print $pidf "$$\n" or die "cannot write pid file: $!";
......@@ -132,9 +133,7 @@ sub handleUDP {
# get the existing signature if any, and clear the additional section
my $prev_tsig;
while (my $rr = $request->pop("additional")) {
if ($rr->type eq "TSIG") {
$prev_tsig = $rr;
}
$prev_tsig = $rr if ($rr->type eq "TSIG");
}
my $r;
......@@ -148,11 +147,20 @@ sub handleUDP {
$packet->push("answer", $a);
}
if(defined($key_name) && defined($key_data)) {
my $tsig;
# Sign the packet
print " Signing the response with " .
"$key_name/$key_data\n";
my $tsig = Net::DNS::RR->
new("$key_name TSIG $key_data");
if ($Net::DNS::VERSION < 0.69) {
$tsig = Net::DNS::RR->new(
"$key_name TSIG $key_data");
} else {
$tsig = Net::DNS::RR->new(
name => $key_name,
type => 'TSIG',
key => $key_data);
}
# These kluges are necessary because Net::DNS
# doesn't know how to sign responses. We
......@@ -167,11 +175,16 @@ sub handleUDP {
$packet->{"header"}{"arcount"} += 1
if ($Net::DNS::VERSION < 0.70);
if (defined($prev_tsig)) {
my $rmac = pack('n H*',
length($prev_tsig->mac)/2,
$prev_tsig->mac);
$tsig->{"request_mac"} =
unpack("H*", $rmac);
if ($Net::DNS::VERSION < 0.73) {
my $rmac = pack('n H*',
length($prev_tsig->mac)/2,
$prev_tsig->mac);
$tsig->{"request_mac"} =
unpack("H*", $rmac);
} else {
$tsig->request_mac(
$prev_tsig->mac);
}
}
$packet->sign_tsig($tsig);
......@@ -344,12 +357,23 @@ sub handleTCP {
$packet->push("answer", $a);
}
if(defined($key_name) && defined($key_data)) {
my $tsig;
# sign the packet
print " Signing the data with " .
"$key_name/$key_data\n";
my $tsig = Net::DNS::RR->
new("$key_name TSIG $key_data");
if ($Net::DNS::VERSION < 0.69) {
$tsig = Net::DNS::RR->new(
"$key_name TSIG $key_data");
} elsif ($Net::DNS::VERSION >= 0.75 &&
$continuation) {
$tsig = $prev_tsig;
} else {
$tsig = Net::DNS::RR->new(
name => $key_name,
type => 'TSIG',
key => $key_data);
}
# These kluges are necessary because Net::DNS
# doesn't know how to sign responses. We
......@@ -364,16 +388,22 @@ sub handleTCP {
$packet->{"header"}{"arcount"} += 1
if ($Net::DNS::VERSION < 0.70);
if (defined($prev_tsig)) {
my $rmac = pack('n H*',
length($prev_tsig->mac)/2,
$prev_tsig->mac);
$tsig->{"request_mac"} =
unpack("H*", $rmac);
if ($Net::DNS::VERSION < 0.73) {
my $rmac = pack('n H*',
length($prev_tsig->mac)/2,
$prev_tsig->mac);
$tsig->{"request_mac"} =
unpack("H*", $rmac);
} else {
$tsig->request_mac(
$prev_tsig->mac);
}
}
$tsig->sign_func($signer) if defined($signer);
$tsig->continuation($continuation)
if ($Net::DNS::VERSION >= 0.71);
$tsig->continuation($continuation) if
($Net::DNS::VERSION >= 0.71 &&
$Net::DNS::VERSION <= 0.74 );
$packet->sign_tsig($tsig);
$signer = \&sign_tcp_continuation
if ($Net::DNS::VERSION < 0.70);
......
......@@ -18,4 +18,18 @@
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
if $PERL -e 'use Net::DNS;' 2>/dev/null
then
if $PERL -e 'use Net::DNS; die if ($Net::DNS::VERSION >= 0.69 && $Net::DNS::VERSION <= 0.70);' 2>/dev/null
then
:
else
echo "I:Net::DNS versions 0.69 to 0.70 have bugs that cause this test to fail: please update." >&2
exit 1
fi
else
echo "I:This test requires the Net::DNS library." >&2
exit 1
fi
exec $SHELL ../testcrypto.sh
......@@ -17,4 +17,18 @@
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
if $PERL -e 'use Net::DNS;' 2>/dev/null
then
if $PERL -e 'use Net::DNS; die if ($Net::DNS::VERSION >= 0.69 && $Net::DNS::VERSION <= 0.70);' 2>/dev/null
then
:
else
echo "I:Net::DNS versions 0.69 to 0.70 have bugs that cause this test to fail: please update." >&2
exit 1
fi
else
echo "I:This test requires the Net::DNS library." >&2
exit 1
fi
exec $SHELL ../testcrypto.sh
......@@ -16,11 +16,11 @@
if $PERL -e 'use Net::DNS;' 2>/dev/null
then
if $PERL -e 'use Net::DNS; die if $Net::DNS::VERSION >= 0.73;' 2>/dev/null
if $PERL -e 'use Net::DNS; die if ($Net::DNS::VERSION >= 0.69 && $Net::DNS::VERSION <= 0.74);' 2>/dev/null
then
:
else
echo "I:Net::DNS version 0.73 has a bug that causes this test to fail: please update." >&2
echo "I:Net::DNS versions 0.69 to 0.74 have bugs that cause this test to fail: please update." >&2
exit 1
fi
else
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment