[v9_18] [CVE-2022-0667] Add a hung fetch check while chasing DS in the forward system test (!6110) · Merge requests · ISC Open Source Projects / BIND

Michal Nowak requested to merge 3129-test-check-fetch-shutting-down-in-resume_dslookup-v9_18 into v9_18 Apr 08, 2022

Implement TCP support in the ans11 Python-based DNS server.

Implement a control command channel in ans11 to support an optional silent mode of operation, which, when enabled, will ignore incoming queries.

In the added check, make the ans11 the NS server of "a.root-servers.nil." for ns3, so it uses ans11 (in silent mode) for the regular (non-forwarded) name resolutions.

This will trigger the "hung fetch" scenario, which was causing named to crash.

(cherry picked from commit 848094d6)

Closes #3129 (closed)

Edited Apr 08, 2022 by Michal Nowak

[v9_18] [CVE-2022-0667] Add a hung fetch check while chasing DS in the forward system test

Merge request reports