Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
ISC Open Source Projects
BIND
Commits
f647c0df
Commit
f647c0df
authored
Dec 15, 2015
by
Mark Andrews
Browse files
4281. [bug] Teach dns_message_totext about BADCOOKIE. [RT #41257]
parent
ecc06cbc
Changes
5
Hide whitespace changes
Inline
Side-by-side
CHANGES
View file @
f647c0df
4281. [bug] Teach dns_message_totext about BADCOOKIE. [RT #41257]
4280. [performance] Use optimal message sizes to improve compression
in AXFRs. This reduces network traffic. [RT #40996]
...
...
bin/named/query.c
View file @
f647c0df
...
...
@@ -6960,6 +6960,8 @@ query_find(ns_client_t *client, dns_fetchevent_t *event, dns_rdatatype_t qtype)
inc_stats
(
client
,
dns_nsstatscounter_rateslipped
);
if
(
WANTCOOKIE
(
client
))
{
client
->
message
->
flags
&=
~
DNS_MESSAGEFLAG_AA
;
client
->
message
->
flags
&=
~
DNS_MESSAGEFLAG_AD
;
client
->
message
->
rcode
=
...
...
@@ -6978,6 +6980,8 @@ query_find(ns_client_t *client, dns_fetchevent_t *event, dns_rdatatype_t qtype)
}
}
else
if
(
!
TCP
(
client
)
&&
client
->
view
->
requireservercookie
&&
WANTCOOKIE
(
client
)
&&
!
HAVECOOKIE
(
client
))
{
client
->
message
->
flags
&=
~
DNS_MESSAGEFLAG_AA
;
client
->
message
->
flags
&=
~
DNS_MESSAGEFLAG_AD
;
client
->
message
->
rcode
=
dns_rcode_badcookie
;
goto
cleanup
;
}
...
...
bin/tests/system/cookie/tests.sh
View file @
f647c0df
...
...
@@ -127,6 +127,8 @@ n=`expr $n + 1`
echo
"I:checking require-server-cookie yes (
$n
)"
ret
=
0
$DIG
+qr +cookie +nobadcookie soa @10.53.0.3
-p
5300
>
dig.out.test
$n
grep
"flags: qr[^;]* aa[ ;]"
dig.out.test
$n
>
/dev/null
&&
ret
=
1
grep
"flags: qr[^;]* ad[ ;]"
dig.out.test
$n
>
/dev/null
&&
ret
=
1
grep
BADCOOKIE dig.out.test
$n
>
/dev/null
||
ret
=
1
linecount
=
`
getcookie dig.out.test
$n
|
wc
-l
`
if
[
$linecount
!=
2
]
;
then
ret
=
1
;
fi
...
...
lib/dns/message.c
View file @
f647c0df
...
...
@@ -36,6 +36,7 @@
#include
<dns/masterdump.h>
#include
<dns/message.h>
#include
<dns/opcode.h>
#include
<dns/rcode.h>
#include
<dns/rdata.h>
#include
<dns/rdatalist.h>
#include
<dns/rdataset.h>
...
...
@@ -145,27 +146,6 @@ static const char *opcodetext[] = {
"RESERVED15"
};
static
const
char
*
rcodetext
[]
=
{
"NOERROR"
,
"FORMERR"
,
"SERVFAIL"
,
"NXDOMAIN"
,
"NOTIMP"
,
"REFUSED"
,
"YXDOMAIN"
,
"YXRRSET"
,
"NXRRSET"
,
"NOTAUTH"
,
"NOTZONE"
,
"RESERVED11"
,
"RESERVED12"
,
"RESERVED13"
,
"RESERVED14"
,
"RESERVED15"
,
"BADVERS"
};
/*%
* "helper" type, which consists of a block of some type, and is linkable.
* For it to work, sizeof(dns_msgblock_t) must be a multiple of the pointer
...
...
@@ -3491,7 +3471,8 @@ dns_message_pseudosectiontotext(dns_message_t *msg,
isc_result_t
dns_message_totext
(
dns_message_t
*
msg
,
const
dns_master_style_t
*
style
,
dns_messagetextflag_t
flags
,
isc_buffer_t
*
target
)
{
dns_messagetextflag_t
flags
,
isc_buffer_t
*
target
)
{
unsigned
int
sflags
=
dns_master_styleflags
(
style
);
char
buf
[
sizeof
(
"1234567890"
)];
isc_result_t
result
;
...
...
@@ -3505,12 +3486,9 @@ dns_message_totext(dns_message_t *msg, const dns_master_style_t *style,
ADD_STRING
(
target
,
";; ->>HEADER<<- opcode: "
);
ADD_STRING
(
target
,
opcodetext
[
msg
->
opcode
]);
ADD_STRING
(
target
,
", status: "
);
if
(
msg
->
rcode
<
(
sizeof
(
rcodetext
)
/
sizeof
(
rcodetext
[
0
])))
{
ADD_STRING
(
target
,
rcodetext
[
msg
->
rcode
]);
}
else
{
snprintf
(
buf
,
sizeof
(
buf
),
"%4u"
,
msg
->
rcode
);
ADD_STRING
(
target
,
buf
);
}
result
=
dns_rcode_totext
(
msg
->
rcode
,
target
);
if
(
result
!=
ISC_R_SUCCESS
)
return
(
result
);
ADD_STRING
(
target
,
", id: "
);
snprintf
(
buf
,
sizeof
(
buf
),
"%6u"
,
msg
->
id
);
ADD_STRING
(
target
,
buf
);
...
...
lib/dns/rcode.c
View file @
f647c0df
...
...
@@ -51,6 +51,8 @@
#define NUMBERSIZE sizeof("037777777777")
/* 2^32-1 octal + NUL */
#define TOTEXTONLY 0x01
#define RCODENAMES \
/* standard rcodes */
\
{ dns_rcode_noerror, "NOERROR", 0}, \
...
...
@@ -63,7 +65,12 @@
{ dns_rcode_yxrrset, "YXRRSET", 0}, \
{ dns_rcode_nxrrset, "NXRRSET", 0}, \
{ dns_rcode_notauth, "NOTAUTH", 0}, \
{ dns_rcode_notzone, "NOTZONE", 0},
{ dns_rcode_notzone, "NOTZONE", 0}, \
{ 11, "RESERVED11", TOTEXTONLY}, \
{ 12, "RESERVED12", TOTEXTONLY}, \
{ 13, "RESERVED13", TOTEXTONLY}, \
{ 14, "RESERVED14", TOTEXTONLY}, \
{ 15, "RESERVED15", TOTEXTONLY},
#define ERCODENAMES \
/* extended rcodes */
\
...
...
@@ -260,6 +267,7 @@ dns_mnemonic_fromtext(unsigned int *valuep, isc_textregion_t *source,
unsigned
int
n
;
n
=
strlen
(
table
[
i
].
name
);
if
(
n
==
source
->
length
&&
(
table
[
i
].
flags
&
TOTEXTONLY
)
==
0
&&
strncasecmp
(
source
->
base
,
table
[
i
].
name
,
n
)
==
0
)
{
*
valuep
=
table
[
i
].
value
;
return
(
ISC_R_SUCCESS
);
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment