From 163ac033aee0348ca5a4d718d234adb1a1eedce7 Mon Sep 17 00:00:00 2001 From: Miek Gieben Date: Thu, 20 May 2021 22:25:18 +0200 Subject: [PATCH] Revert "plugin/file: Fix in wrong answers returned when wildcard and concrete records exist (#4599)" (#4633) reverting as I don't want to release 1.8.4 with this enabled. This reverts commit fbf3f07f469a99fcbb5985a41c260a3fad26f908. --- plugin/file/lookup.go | 26 +++--------- plugin/file/lookup_test.go | 10 +---- plugin/file/wildcard_test.go | 80 ------------------------------------ 3 files changed, 6 insertions(+), 110 deletions(-) diff --git a/plugin/file/lookup.go b/plugin/file/lookup.go index 7b17698a4..6eeb4c397 100644 --- a/plugin/file/lookup.go +++ b/plugin/file/lookup.go @@ -56,10 +56,10 @@ func (z *Zone) Lookup(ctx context.Context, state request.Request, qname string) } var ( - found, shot bool - parts string - i, maxLabelNum int - elem, wildElem, nextElem *tree.Elem + found, shot bool + parts string + i int + elem, wildElem *tree.Elem ) loop, _ := ctx.Value(dnsserver.LoopKey{}).(int) @@ -92,12 +92,6 @@ func (z *Zone) Lookup(ctx context.Context, state request.Request, qname string) break } - if nextElem, found = tr.Next(parts); found { - if dns.IsSubDomain(parts, nextElem.Name()) { - maxLabelNum = z.origLen + i - } - } - elem, found = tr.Search(parts) if !found { // Apex will always be found, when we are here we can search for a wildcard @@ -207,18 +201,8 @@ func (z *Zone) Lookup(ctx context.Context, state request.Request, qname string) // Found wildcard. if wildElem != nil { - // if the domain's longest matching parent domain is subdomain of the wildcard, - // in other words, the domainā€˜s max number of labels matched is >= number of labels of the wildcard - if maxLabelNum >= dns.CountLabel(wildElem.Name()) { - ret := ap.soa(do) - if do { - nsec := typeFromElem(wildElem, dns.TypeNSEC, do) - ret = append(ret, nsec...) - } - return nil, ret, nil, NameError - } - auth := ap.ns(do) + if rrs := wildElem.TypeForWildcard(dns.TypeCNAME, qname); len(rrs) > 0 { ctx = context.WithValue(ctx, dnsserver.LoopKey{}, loop+1) return z.externalLookup(ctx, state, wildElem, rrs) diff --git a/plugin/file/lookup_test.go b/plugin/file/lookup_test.go index 72911ab05..71004397b 100644 --- a/plugin/file/lookup_test.go +++ b/plugin/file/lookup_test.go @@ -95,12 +95,6 @@ var dnsTestCases = []test.Case{ }, Ns: miekAuth, }, - { - Qname: "ent.miek.nl.", Qtype: dns.TypeA, - Ns: []dns.RR{ - test.SOA("miek.nl. 1800 IN SOA linode.atoom.net. miek.miek.nl. 1282630057 14400 3600 604800 14400"), - }, - }, } const ( @@ -199,6 +193,4 @@ www IN CNAME a archive IN CNAME a srv IN SRV 10 10 8080 a.miek.nl. -mx IN MX 10 a.miek.nl. - -test.ent IN A 139.162.196.79` +mx IN MX 10 a.miek.nl.` diff --git a/plugin/file/wildcard_test.go b/plugin/file/wildcard_test.go index e9ddcbc0e..894a088c1 100644 --- a/plugin/file/wildcard_test.go +++ b/plugin/file/wildcard_test.go @@ -266,76 +266,6 @@ func TestLookupMultiWildcard(t *testing.T) { } } -var cornerCasesWildcardTestCases = []test.Case{ - { - Qname: "r.c.d.example.org.", Qtype: dns.TypeA, - Answer: []dns.RR{test.A(`r.c.d.example.org. 3600 IN A 127.0.1.56`)}, - Ns: []dns.RR{test.NS(`example.org. 3600 IN NS b.iana-servers.net.`)}, - }, - { - Qname: "something.d.example.org.", Qtype: dns.TypeA, - Answer: []dns.RR{test.A(`something.d.example.org. 3600 IN A 127.0.1.53`)}, - Ns: []dns.RR{test.NS(`example.org. 3600 IN NS b.iana-servers.net.`)}, - }, - { - Qname: "else.something.d.example.org.", Qtype: dns.TypeA, - Answer: []dns.RR{test.A(`else.something.d.example.org. 3600 IN A 127.0.1.53`)}, - Ns: []dns.RR{test.NS(`example.org. 3600 IN NS b.iana-servers.net.`)}, - }, - { - Qname: "something.c.d.example.org.", Qtype: dns.TypeA, - Ns: []dns.RR{test.SOA(`example.org. IN SOA sns.dns.icann.org. noc.dns.icann.org. 2015082541 7200 3600 1209600 3600`)}, - Rcode: dns.RcodeNameError, - }, - { - Qname: "something.r.c.d.example.org.", Qtype: dns.TypeA, - Ns: []dns.RR{test.SOA(`example.org. IN SOA sns.dns.icann.org. noc.dns.icann.org. 2015082541 7200 3600 1209600 3600`)}, - Rcode: dns.RcodeNameError, - }, - { - Qname: "z.+.d.example.org.", Qtype: dns.TypeA, - Answer: []dns.RR{test.A(`z.+.d.example.org. 3600 IN A 127.0.1.54`)}, - Ns: []dns.RR{test.NS(`example.org. 3600 IN NS b.iana-servers.net.`)}, - }, - { - Qname: "x.&.d.example.org.", Qtype: dns.TypeA, - Answer: []dns.RR{test.A(`x.&.d.example.org. 3600 IN A 127.0.1.55`)}, - Ns: []dns.RR{test.NS(`example.org. 3600 IN NS b.iana-servers.net.`)}, - }, - { - Qname: "something.x.&.d.example.org.", Qtype: dns.TypeA, - Ns: []dns.RR{test.SOA(`example.org. IN SOA sns.dns.icann.org. noc.dns.icann.org. 2015082541 7200 3600 1209600 3600`)}, - Rcode: dns.RcodeNameError, - }, -} - -func TestLookupCornerCasesWildcard(t *testing.T) { - const name = "example.org." - zone, err := Parse(strings.NewReader(cornerCasesWildcard), name, "stdin", 0) - if err != nil { - t.Fatalf("Expect no error when reading zone, got %q", err) - } - - fm := File{Next: test.ErrorHandler(), Zones: Zones{Z: map[string]*Zone{name: zone}, Names: []string{name}}} - ctx := context.TODO() - - for _, tc := range cornerCasesWildcardTestCases { - m := tc.Msg() - - rec := dnstest.NewRecorder(&test.ResponseWriter{}) - _, err := fm.ServeDNS(ctx, rec, m) - if err != nil { - t.Errorf("Expected no error, got %v", err) - return - } - - resp := rec.Msg - if err := test.SortAndCheck(resp, tc); err != nil { - t.Error(err) - } - } -} - const exampleOrg = `; example.org test file $TTL 3600 example.org. IN SOA sns.dns.icann.org. noc.dns.icann.org. 2015082541 7200 3600 1209600 3600 @@ -366,13 +296,3 @@ example.org. IN NS b.iana-servers.net. *.intern.example.org. IN A 127.0.1.52 foo.example.org. IN A 127.0.0.54 ` - -const cornerCasesWildcard = `; example.org test file with wildcard corner cases -$TTL 3600 -example.org. IN SOA sns.dns.icann.org. noc.dns.icann.org. 2015082541 7200 3600 1209600 3600 -example.org. IN NS b.iana-servers.net. -*.d.example.org. IN A 127.0.1.53 -z.+.d.example.org. IN A 127.0.1.54 -x.&.d.example.org. IN A 127.0.1.55 -r.c.d.example.org. IN A 127.0.1.56 -`