Attachment 14331 Details for Bug 13536 – Back ported patch for 4.7, 4.8 and 4.9

[patch] Back ported patch for 4.7, 4.8 and 4.9

dns-wildcard-bug-13536.patch.txt (text/plain), 5.68 KB, created by Gary Lockyer on 2018-07-22 19:48:58 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Gary Lockyer

Created: 2018-07-22 19:48:58 UTC

Size: 5.68 KB

patch

obsolete

>From 4f9f911e3507dbfcd1350aaf041a36369ad193c0 Mon Sep 17 00:00:00 2001
>From: Gary Lockyer <gary@catalyst.net.nz>
>Date: Wed, 18 Jul 2018 15:29:21 +1200
>Subject: [PATCH 1/2] dns wildcards: tests to confirm BUG 13536
>
>DNS wildcard matching failing if more than one label to the left of the
>wildcard. This commits adds tests to confirm the bug.
>
>Wildcard entry: *.example.org
>bar.example.com matches
>foo.bar.example.com does not, but it it should.
>
>Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
>Reviewed-by: Jeremy Allison <jra@samba.org>
>(cherry picked from commit 0d3aec18679a2637430263a55de5e210a9201e21)
>---
> python/samba/tests/dns_wildcard.py | 48 ++++++++++++++++++++++++++++++++++++++
> selftest/knownfail.d/dns_wildcard  |  5 ++++
> 2 files changed, 53 insertions(+)
> create mode 100644 selftest/knownfail.d/dns_wildcard
>
>diff --git a/python/samba/tests/dns_wildcard.py b/python/samba/tests/dns_wildcard.py
>index ca8426a..01e06b8 100644
>--- a/python/samba/tests/dns_wildcard.py
>+++ b/python/samba/tests/dns_wildcard.py
>@@ -172,6 +172,30 @@ class TestWildCardQueries(DNSTest):
>         self.assertEquals(response.answers[0].rr_type, dns.DNS_QTYPE_A)
>         self.assertEquals(response.answers[0].rdata, WILDCARD_IP)
> 
>+    def test_one_a_query_match_wildcard_2_labels(self):
>+        """ Query an A record, should match the wild card entry
>+            have two labels to the left of the wild card target.
>+        """
>+
>+        p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
>+        questions = []
>+
>+        # Check the record
>+        name = "label2.label1.wildcardtest.%s" % self.get_dns_domain()
>+        q = self.make_name_question(name,
>+                                    dns.DNS_QTYPE_A,
>+                                    dns.DNS_QCLASS_IN)
>+        questions.append(q)
>+
>+        self.finish_name_packet(p, questions)
>+        (response, response_packet) =\
>+            self.dns_transaction_udp(p, host=self.server_ip)
>+        self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
>+        self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY)
>+        self.assertEquals(response.ancount, 1)
>+        self.assertEquals(response.answers[0].rr_type, dns.DNS_QTYPE_A)
>+        self.assertEquals(response.answers[0].rdata, WILDCARD_IP)
>+
>     def test_one_a_query_wildcard_entry(self):
>         "Query the wildcard entry"
> 
>@@ -239,6 +263,30 @@ class TestWildCardQueries(DNSTest):
>         self.assertEquals(response.answers[0].rr_type, dns.DNS_QTYPE_A)
>         self.assertEquals(response.answers[0].rdata, LEVEL2_WILDCARD_IP)
> 
>+    def test_one_a_query_match_wildcard_l2_2_labels(self):
>+        """Query an A record, should match the level 2 wild card entry
>+           have two labels to the left of the wild card target
>+        """
>+
>+        p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
>+        questions = []
>+
>+        # Check the record
>+        name = "label1.label2.level2.wildcardtest.%s" % self.get_dns_domain()
>+        q = self.make_name_question(name,
>+                                    dns.DNS_QTYPE_A,
>+                                    dns.DNS_QCLASS_IN)
>+        questions.append(q)
>+
>+        self.finish_name_packet(p, questions)
>+        (response, response_packet) =\
>+            self.dns_transaction_udp(p, host=self.server_ip)
>+        self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
>+        self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY)
>+        self.assertEquals(response.ancount, 1)
>+        self.assertEquals(response.answers[0].rr_type, dns.DNS_QTYPE_A)
>+        self.assertEquals(response.answers[0].rdata, LEVEL2_WILDCARD_IP)
>+
>     def test_one_a_query_exact_match_l2(self):
>         """Query an entry that matches the wild card but has an exact match as
>          well.
>diff --git a/selftest/knownfail.d/dns_wildcard b/selftest/knownfail.d/dns_wildcard
>new file mode 100644
>index 0000000..2c9ade1
>--- /dev/null
>+++ b/selftest/knownfail.d/dns_wildcard
>@@ -0,0 +1,5 @@
>+# https://bugzilla.samba.org/show_bug.cgi?id=13536
>+#
>+
>+^samba.*.TestWildCardQueries.test_one_a_query_match_wildcard_l2_2_labels
>+^samba.*.TestWildCardQueries.test_one_a_query_match_wildcard_2_labels
>-- 
>2.7.4
>
>
>From ac7542d711f63b6e9406fa4e9e0953f3528574c6 Mon Sep 17 00:00:00 2001
>From: Gary Lockyer <gary@catalyst.net.nz>
>Date: Wed, 18 Jul 2018 15:33:26 +1200
>Subject: [PATCH 2/2] dns wildcards: fix BUG 13536
>
>The current position in the dns name was not advanced past the '.'
>character
>
>Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
>Reviewed-by: Jeremy Allison <jra@samba.org>
>
>Autobuild-User(master): Jeremy Allison <jra@samba.org>
>Autobuild-Date(master): Fri Jul 20 04:40:31 CEST 2018 on sn-devel-144
>
>(cherry picked from commit cef1b31cd1f33074e8ab6de52aa0fb74e9b57a9f)
>---
> selftest/knownfail.d/dns_wildcard     | 5 -----
> source4/dns_server/dnsserver_common.c | 1 +
> 2 files changed, 1 insertion(+), 5 deletions(-)
> delete mode 100644 selftest/knownfail.d/dns_wildcard
>
>diff --git a/selftest/knownfail.d/dns_wildcard b/selftest/knownfail.d/dns_wildcard
>deleted file mode 100644
>index 2c9ade1..0000000
>--- a/selftest/knownfail.d/dns_wildcard
>+++ /dev/null
>@@ -1,5 +0,0 @@
>-# https://bugzilla.samba.org/show_bug.cgi?id=13536
>-#
>-
>-^samba.*.TestWildCardQueries.test_one_a_query_match_wildcard_l2_2_labels
>-^samba.*.TestWildCardQueries.test_one_a_query_match_wildcard_2_labels
>diff --git a/source4/dns_server/dnsserver_common.c b/source4/dns_server/dnsserver_common.c
>index 2a49370..bbbfe92 100644
>--- a/source4/dns_server/dnsserver_common.c
>+++ b/source4/dns_server/dnsserver_common.c
>@@ -380,6 +380,7 @@ static struct ldb_parse_tree *build_wildcard_query(
> 			wildcard_query->u.list.elements[l] = el;
> 
> 			/* skip to the start of the next label */
>+			x++;
> 			for (;x < name->length && name->data[x] != '.'; x++);
> 		}
> 
>-- 
>2.7.4
>

Flags:

dbagnall: review+

Actions: View

Attachments on bug 13536: 14331