[SCM] Samba Shared Repository - branch master updated

Kai Blin kai at samba.org
Tue Mar 4 07:48:03 MST 2014 

The branch, master has been updated
       via  5bd47bb dns: Extend tests for records with another type
       via  d9829df bug #10471: Don't respond with NXDOMAIN to records that exist with another type
      from  6f092cf autobuild: Run "make dist" to ensure non-waf docs build is run

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 5bd47bb563c3736b9de1a3a93bdf46a498928643
Author: Kai Blin <kai at samba.org>
Date:   Fri Feb 28 10:35:07 2014 +0100

    dns: Extend tests for records with another type
    
    Add another check to the one added for bug #10471, for added paranoia
    
    Signed-off-by: Kai Blin <kai at samba.org>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>
    
    Autobuild-User(master): Kai Blin <kai at samba.org>
    Autobuild-Date(master): Tue Mar  4 15:47:10 CET 2014 on sn-devel-104

commit d9829df13317b38677d92a499134727ab31fbb0e
Author: Kai Blin <kai at samba.org>
Date:   Thu Feb 27 23:49:24 2014 +0100

    bug #10471: Don't respond with NXDOMAIN to records that exist with another type
    
    DNS queries for records with the wrong type need to trigger an empty
    response with RCODE_OK instead of returning NXDOMAIN.
    
    This adds a test and fixes bug #10471
    
    Signed-off-by: Kai Blin <kai at samba.org>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 python/samba/tests/dns.py      |   30 ++++++++++++++++++++++++++++++
 source4/dns_server/dns_query.c |   14 ++++++++------
 2 files changed, 38 insertions(+), 6 deletions(-)


Changeset truncated at 500 lines:

diff --git a/python/samba/tests/dns.py b/python/samba/tests/dns.py
index 0ac9cf4..f2c5685 100644
--- a/python/samba/tests/dns.py
+++ b/python/samba/tests/dns.py
@@ -171,6 +171,36 @@ class TestSimpleQueries(DNSTest):
         self.assertEquals(response.answers[0].rdata,
                           os.getenv('SERVER_IP'))
 
+    def test_one_mx_query(self):
+        "create a query packet causing an empty RCODE_OK answer"
+        p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
+        questions = []
+
+        name = "%s.%s" % (os.getenv('SERVER'), self.get_dns_domain())
+        q = self.make_name_question(name, dns.DNS_QTYPE_MX, dns.DNS_QCLASS_IN)
+        print "asking for ", q.name
+        questions.append(q)
+
+        self.finish_name_packet(p, questions)
+        response = self.dns_transaction_udp(p)
+        self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
+        self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY)
+        self.assertEquals(response.ancount, 0)
+
+        p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
+        questions = []
+
+        name = "invalid-%s.%s" % (os.getenv('SERVER'), self.get_dns_domain())
+        q = self.make_name_question(name, dns.DNS_QTYPE_MX, dns.DNS_QCLASS_IN)
+        print "asking for ", q.name
+        questions.append(q)
+
+        self.finish_name_packet(p, questions)
+        response = self.dns_transaction_udp(p)
+        self.assert_dns_rcode_equals(response, dns.DNS_RCODE_NXDOMAIN)
+        self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY)
+        self.assertEquals(response.ancount, 0)
+
     def test_two_queries(self):
         "create a query packet containing two query records"
         p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
diff --git a/source4/dns_server/dns_query.c b/source4/dns_server/dns_query.c
index 5414e1d..77f797b 100644
--- a/source4/dns_server/dns_query.c
+++ b/source4/dns_server/dns_query.c
@@ -258,7 +258,7 @@ static WERROR handle_question(struct dns_server *dns,
 			      struct dns_res_rec **answers, uint16_t *ancount)
 {
 	struct dns_res_rec *ans = *answers;
-	WERROR werror;
+	WERROR werror, werror_return;
 	unsigned int ri;
 	struct dnsp_DnssrvRpcRecord *recs;
 	uint16_t rec_count, ai = *ancount;
@@ -275,6 +275,9 @@ static WERROR handle_question(struct dns_server *dns,
 		return WERR_NOMEM;
 	}
 
+	/* Set up for an NXDOMAIN reply if no match is found */
+	werror_return = DNS_ERR(NAME_ERROR);
+
 	for (ri = 0; ri < rec_count; ri++) {
 		if ((recs[ri].wType == DNS_TYPE_CNAME) &&
 		    ((question->question_type == DNS_QTYPE_A) ||
@@ -319,28 +322,27 @@ static WERROR handle_question(struct dns_server *dns,
 			if (!W_ERROR_IS_OK(werror)) {
 				return werror;
 			}
+			werror_return = WERR_OK;
 
 
 			continue;
 		}
 		if ((question->question_type != DNS_QTYPE_ALL) &&
 		    (recs[ri].wType != question->question_type)) {
+			werror_return = WERR_OK;
 			continue;
 		}
 		werror = create_response_rr(question, &recs[ri], &ans, &ai);
 		if (!W_ERROR_IS_OK(werror)) {
 			return werror;
 		}
-	}
-
-	if (ai == 0) {
-		return DNS_ERR(NAME_ERROR);
+		werror_return = WERR_OK;
 	}
 
 	*ancount = ai;
 	*answers = ans;
 
-	return WERR_OK;
+	return werror_return;
 }
 
 static NTSTATUS create_tkey(struct dns_server *dns,


-- 
Samba Shared Repository

More information about the samba-cvs mailing list