From 51e1442bd97f6d51eccb5b18e36cfffd8e61bc1e Mon Sep 17 00:00:00 2001 From: Chris O'Haver Date: Wed, 18 Apr 2018 12:12:28 -0400 Subject: [PATCH] plugin/kubernetes: check for bare zone query (#1692) * check for bare zone query * check for bare type query --- plugin/kubernetes/handler_test.go | 14 ++++++++++++++ plugin/kubernetes/kubernetes.go | 3 +++ plugin/kubernetes/kubernetes_apex_test.go | 21 +++++++++++++++++++++ plugin/kubernetes/parse.go | 4 ++++ plugin/kubernetes/parse_test.go | 8 +++++++- 5 files changed, 49 insertions(+), 1 deletion(-) diff --git a/plugin/kubernetes/handler_test.go b/plugin/kubernetes/handler_test.go index b23953b32..b72ddbbf6 100644 --- a/plugin/kubernetes/handler_test.go +++ b/plugin/kubernetes/handler_test.go @@ -231,6 +231,20 @@ var dnsTestCases = []test.Case{ test.AAAA("5678-abcd--1.hdls1.testns.svc.cluster.local. 5 IN AAAA 5678:abcd::1"), }, }, + { + Qname: "svc.cluster.local.", Qtype: dns.TypeA, + Rcode: dns.RcodeSuccess, + Ns: []dns.RR{ + test.SOA("cluster.local. 303 IN SOA ns.dns.cluster.local. hostmaster.cluster.local. 1499347823 7200 1800 86400 60"), + }, + }, + { + Qname: "pod.cluster.local.", Qtype: dns.TypeA, + Rcode: dns.RcodeSuccess, + Ns: []dns.RR{ + test.SOA("cluster.local. 303 IN SOA ns.dns.cluster.local. hostmaster.cluster.local. 1499347823 7200 1800 86400 60"), + }, + }, } func TestServeDNS(t *testing.T) { diff --git a/plugin/kubernetes/kubernetes.go b/plugin/kubernetes/kubernetes.go index da1625c54..847857924 100644 --- a/plugin/kubernetes/kubernetes.go +++ b/plugin/kubernetes/kubernetes.go @@ -273,6 +273,9 @@ func (k *Kubernetes) Records(state request.Request, exact bool) ([]msg.Service, if e != nil { return nil, e } + if r.podOrSvc == "" { + return nil, nil + } if dnsutil.IsReverse(state.Name()) > 0 { return nil, errNoItems diff --git a/plugin/kubernetes/kubernetes_apex_test.go b/plugin/kubernetes/kubernetes_apex_test.go index b292b90d5..762e0d1b4 100644 --- a/plugin/kubernetes/kubernetes_apex_test.go +++ b/plugin/kubernetes/kubernetes_apex_test.go @@ -35,6 +35,27 @@ var kubeApexCases = []test.Case{ test.A("ns.dns.cluster.local. 303 IN A 127.0.0.1"), }, }, + { + Qname: "cluster.local.", Qtype: dns.TypeA, + Rcode: dns.RcodeSuccess, + Ns: []dns.RR{ + test.SOA("cluster.local. 303 IN SOA ns.dns.cluster.local. hostmaster.cluster.local. 1499347823 7200 1800 86400 60"), + }, + }, + { + Qname: "cluster.local.", Qtype: dns.TypeAAAA, + Rcode: dns.RcodeSuccess, + Ns: []dns.RR{ + test.SOA("cluster.local. 303 IN SOA ns.dns.cluster.local. hostmaster.cluster.local. 1499347823 7200 1800 86400 60"), + }, + }, + { + Qname: "cluster.local.", Qtype: dns.TypeSRV, + Rcode: dns.RcodeSuccess, + Ns: []dns.RR{ + test.SOA("cluster.local. 303 IN SOA ns.dns.cluster.local. hostmaster.cluster.local. 1499347823 7200 1800 86400 60"), + }, + }, } func TestServeDNSApex(t *testing.T) { diff --git a/plugin/kubernetes/parse.go b/plugin/kubernetes/parse.go index a66e77699..db7239827 100644 --- a/plugin/kubernetes/parse.go +++ b/plugin/kubernetes/parse.go @@ -35,6 +35,10 @@ func parseRequest(state request.Request) (r recordRequest, err error) { // Federations are handled in the federation plugin. And aren't parsed here. base, _ := dnsutil.TrimZone(state.Name(), state.Zone) + // return NODATA for apex queries + if base == "" || base == Svc || base == Pod { + return r, nil + } segs := dns.SplitDomainName(base) r.port = "*" diff --git a/plugin/kubernetes/parse_test.go b/plugin/kubernetes/parse_test.go index 06d5a2aaa..7907afc65 100644 --- a/plugin/kubernetes/parse_test.go +++ b/plugin/kubernetes/parse_test.go @@ -19,6 +19,12 @@ func TestParseRequest(t *testing.T) { {"*.any.*.any.svc.inter.webs.test.", "*.any..*.any.svc"}, // A request of endpoint {"1-2-3-4.webs.mynamespace.svc.inter.webs.test.", "*.*.1-2-3-4.webs.mynamespace.svc"}, + // bare zone + {"inter.webs.test.", "....."}, + // bare svc type + {"svc.inter.webs.test.", "....."}, + // bare pod type + {"pod.inter.webs.test.", "....."}, } for i, tc := range tests { m := new(dns.Msg) @@ -53,4 +59,4 @@ func TestParseInvalidRequest(t *testing.T) { } } -const zone = "intern.webs.tests." +const zone = "inter.webs.tests."