Commit d3281b80 authored by Mark Andrews's avatar Mark Andrews
Browse files

Check rcode is FORMERR

(cherry picked from commit 88ff6b84)
parent 57707405
Pipeline #48234 failed with stages
in 41 minutes and 56 seconds
......@@ -46,12 +46,12 @@ use IO::File;
use IO::Socket;
sub usage {
print ("Usage: packet.pl [-a address] [-p port] [-t (tcp|udp)] [file]\n");
print ("Usage: packet.pl [-a address] [-p port] [-t (tcp|udp)] -d [file]\n");
exit 1;
}
my %options={};
getopts("a:p:t:", \%options);
getopts("a:dp:t:", \%options);
my $addr = "127.0.0.1";
$addr = $options{a} if defined $options{a};
......@@ -96,5 +96,38 @@ if ($proto eq "udp") {
}
print ("sent $bytes bytes to $addr:$port\n");
if (defined $options{d}) {
use Net::DNS;
use Net::DNS::Packet;
my $rin;
my $rout;
$rin = '';
vec($rin, fileno($sock), 1) = 1;
select($rout = $rin, undef, undef, 1);
if (vec($rout, fileno($sock), 1)) {{
my $buf;
if ($proto eq "udp") {
$sock->recv($buf, 512);
} else {
my $n = $sock->sysread($buf, 2);
last unless $n == 2;
my $len = unpack("n", $buf);
$n = $sock->sysread($buf, $len);
last unless $n == $len;
}
my $response;
if ($Net::DNS::VERSION > 0.68) {
$response = new Net::DNS::Packet(\$buf, 0);
$@ and die $@;
} else {
my $err;
($response, $err) = new Net::DNS::Packet(\$buf, 0);
$err and die $err;
}
$response->print;
}}
}
$sock->close;
close $file;
# Transaction ID
1122
# Standard query
0000
# Questions: 1, Additional: 1
0001 0000 0001 0000
# QNAME: isc.org
03 69 73 63 03 6F 72 67 00
# Type: A (Host Address)
0001
# Class: IN
0001
# Specially crafted TSIG Resource Record
# Name: "sha256"
06 73 68 61 32 35 36 00
# Type: TSIG (Transaction Signature)
00fa
# Class: ANY
00ff
# TTL: 0
00000000
# RdLen: 29
001d
# Algorithm Name: hmac-sha256
0b 68 6D 61 63 2D 73 68 61 32 35 36 00
# Time Signed: Jan 1, 1970 01:00:00.000000000 CET
00 00 00 00 00 00
# Fudge: 300
012c
# MAC Size: 0; MAC: empty
0000
# Original ID: 0
0000
# Error: no error
0000
# Other Data Length: 0
0000
......@@ -20,3 +20,4 @@ rm -f */named.run
rm -f ns*/named.lock
rm -f Kexample.net.+163+*
rm -f keygen.out?
rm -f packet.out
......@@ -227,5 +227,17 @@ if [ $ret -eq 1 ] ; then
echo_i "failed"; status=1
fi
if "$PERL" -e 'use Net::DNS; use Net::DNS::Packet;' > /dev/null 2>&1
then
echo_i "check that TSIG in the wrong place returns FORMERR"
ret=0
$PERL ../packet.pl -a 10.53.0.1 -p ${PORT} -t udp -d < badlocation > packet.out
grep "rcode = FORMERR" packet.out > /dev/null || ret=1
if [ $ret -eq 1 ] ; then
echo_i "failed"; status=1
fi
fi
echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1
......@@ -2366,6 +2366,7 @@
./bin/tests/system/tkey/prereq.sh SH 2001,2004,2006,2007,2009,2012,2014,2016,2018,2019,2020
./bin/tests/system/tkey/setup.sh SH 2001,2004,2007,2009,2012,2013,2014,2016,2018,2019,2020
./bin/tests/system/tkey/tests.sh SH 2001,2004,2007,2009,2011,2012,2013,2014,2016,2018,2019,2020
./bin/tests/system/tsig/badlocation X 2020
./bin/tests/system/tsig/badtime X 2020
./bin/tests/system/tsig/clean.sh SH 2005,2006,2007,2012,2014,2016,2018,2019,2020
./bin/tests/system/tsig/ns1/example.db ZONE 2005,2006,2007,2009,2012,2016,2018,2019,2020
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment