Commit c07c2a86 authored by Mark Andrews's avatar Mark Andrews

3458. [bug] Return FORMERR when presented with a overly long

                        domain named in a request. [RT #29682]
parent a6b0db81
3458. [bug] Return FORMERR when presented with a overly long
domain named in a request. [RT #29682]
3457. [protocol] Add ILNP records (NID, LP, L32, L64). [RT #31836]
3456. [port] g++47: ATF failed to compile. [RT #32012]
......
......@@ -58,7 +58,7 @@ ARPANAME=$TOP/bin/tools/arpaname
SUBDIRS="acl additional allow_query addzone autosign builtin
cacheclean checkconf @CHECKDS@ checknames checkzone database
dlv dlvauto dlz dlzexternal dlzredir dname dns64 dnssec
dsdigest ecdsa forward glue gost ixfr inline limits
dsdigest ecdsa formerr forward glue gost ixfr inline limits
logfileconfig lwresd masterfile masterformat metadata
notify nsupdate pending pkcs11 redirect resolver rndc rpz
rrsetorder rsabigexponent sortlist smartsign staticstub
......
rm -f nametoolong.out
rm -f twoquestions.out
rm -f noquestions.out
#!/usr/bin/perl
#
# Copyright (C) 2011, 2012 Internet Systems Consortium, Inc. ("ISC")
#
# Permission to use, copy, modify, and/or distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# $Id: packet.pl,v 1.2 2011/04/15 01:02:08 each Exp $
# This is a tool for sending an arbitrary packet via UDP or TCP to an
# arbitrary address and port. The packet is specified in a file or on
# the standard input, in the form of a series of bytes in hexidecimal.
# Whitespace is ignored, as is anything following a '#' symbol.
#
# For example, the following input would generate normal query for
# isc.org/NS/IN":
#
# # QID:
# 0c d8
# # header:
# 01 00 00 01 00 00 00 00 00 00
# # qname isc.org:
# 03 69 73 63 03 6f 72 67 00
# # qtype NS:
# 00 02
# # qclass IN:
# 00 01
#
# Note that we do not wait for a response for the server. This is simply
# a way of injecting arbitrary packets to test server resposnes.
#
# Usage: packet.pl [-a <address>] [-p <port>] [-t (udp|tcp)] [filename]
#
# If not specified, address defaults to 127.0.0.1, port to 53, protocol
# to udp, and file to stdin.
#
# XXX: Doesn't support IPv6 yet
require 5.006.001;
use strict;
use Getopt::Std;
use IO::File;
use IO::Socket;
sub usage {
print ("Usage: packet.pl [-a address] [-p port] [file]\n");
exit 1;
}
my %options={};
getopts("a:p:", \%options);
my $addr = "127.0.0.1";
$addr = $options{a} if defined $options{a};
my $port = 53;
$port = $options{p} if defined $options{p};
my $file = "STDIN";
if (@ARGV >= 1) {
my $filename = shift @ARGV;
open FH, "<$filename" or die "$filename: $!";
$file = "FH";
}
my $input = "";
while (defined(my $line = <$file>) ) {
chomp $line;
$line =~ s/#.*$//;
$input .= $line;
}
$input =~ s/\s+//g;
my $data = pack("H*", $input);
my $len = length $data;
my $output = unpack("H*", $data);
print ("sending: $output\n");
my $sock = IO::Socket::INET->new(PeerAddr => $addr, PeerPort => $port,
Proto => "tcp") or die "$!";
my $bytes;
$bytes = $sock->syswrite(pack("n", $len), 2);
$bytes = $sock->syswrite($data, $len);
$bytes = $sock->sysread($data, 2);
$len = unpack("n", $data);
$bytes = $sock->sysread($data, $len);
print "got: ", unpack("H*", $data). "\n";
$sock->close;
close $file;
00 00 00 00 00 01 00 00 00 00 00 00
0f 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
0f 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
0f 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
0f 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
0f 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
0f 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
0f 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
0f 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
0f 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
0f 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
0f 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
0f 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
0f 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
0f 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
0f 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
0e 41 41 41 41 41 41 41 41 41 41 41 41 41 41 00
00 01
00 01
00 00 00 00 00 00 00 00 00 00 00 00
/*
* Copyright (C) 2004, 2007, 2009 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2000, 2001 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: named.conf,v 1.15 2009/05/29 23:47:49 tbox Exp $ */
controls { /* empty */ };
options {
query-source address 10.53.0.1;
notify-source 10.53.0.1;
transfer-source 10.53.0.1;
port 5300;
pid-file "named.pid";
listen-on { 10.53.0.1; };
listen-on-v6 { none; };
recursion no;
};
zone "." {
type master;
file "root.db";
};
; Copyright (C) 2010 Internet Systems Consortium, Inc. ("ISC")
;
; Permission to use, copy, modify, and/or distribute this software for any
; purpose with or without fee is hereby granted, provided that the above
; copyright notice and this permission notice appear in all copies.
;
; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
; PERFORMANCE OF THIS SOFTWARE.
; $Id: root.db,v 1.2 2010/09/15 12:07:56 marka Exp $
$TTL 300
. IN SOA marka.isc.org. a.root.servers.nil. (
2010 ; serial
600 ; refresh
600 ; retry
1200 ; expire
600 ; minimum
)
. NS a.root-servers.nil.
a.root-servers.nil. A 10.53.0.4
#!/bin/sh
#
# Copyright (C) 2013 Internet Systems Consortium, Inc. ("ISC")
#
# Permission to use, copy, modify, and/or distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
status=0
echo "I:test name to long"
$PERL formerr.pl -a 10.53.0.1 -p 5300 nametoolong > nametoolong.out
ans=`grep got: nametoolong.out`
if [ "${ans}" != "got: 000080010000000000000000" ];
then
echo "I:failed"; status=`expr $status + 1`;
fi
echo "I:two questions"
$PERL formerr.pl -a 10.53.0.1 -p 5300 twoquestions > twoquestions.out
ans=`grep got: twoquestions.out`
if [ "${ans}" != "got: 000080010000000000000000" ];
then
echo "I:failed"; status=`expr $status + 1`;
fi
# this one arguable could be NOERORR.
echo "I:no questions"
$PERL formerr.pl -a 10.53.0.1 -p 5300 noquestions > noquestions.out
ans=`grep got: noquestions.out`
if [ "${ans}" != "got: 000080010000000000000000" ];
then
echo "I:failed"; status=`expr $status + 1`;
fi
echo "I:exit status: $status"
exit $status
00 00 00 00 00 02 00 00 00 00 00 00
0e 41 41 41 41 41 41 41 41 41 41 41 41 41 41 00
00 01
00 02
0e 41 41 41 41 41 41 41 41 41 41 41 41 41 41 00
00 01
00 01
......@@ -265,6 +265,7 @@ dns_result_torcode(isc_result_t result) {
case DNS_R_TOOMANYHOPS:
case DNS_R_TSIGERRORSET:
case DNS_R_UNKNOWN:
case DNS_R_NAMETOOLONG:
rcode = dns_rcode_formerr;
break;
case DNS_R_DISALLOWED:
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment