check that a malformed truncated response to a TSIG query is handled

bin/tests/system/tsig/ans2/ans.pl

@@ -0,0 +1,50 @@
+# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+#
+# See the COPYRIGHT file distributed with this work for additional
+# information regarding copyright ownership.
+
+#
+# An adhoc server that returns a TC=1 response with the final byte
+# removed to generate UNEXPECTEDEND form dns_message_parse.
+#
+
+use IO::File;
+use IO::Socket;
+
+my $localport = int($ENV{'PORT'});
+if (!$localport) { $localport = 5300; }
+printf "localport %u\n", $localport;
+
+my $sock = IO::Socket::INET->new(LocalAddr => "10.53.0.2",
+   LocalPort => $localport, Proto => "udp") or die "$!";
+
+my $pidf = new IO::File "ans.pid", "w" or die "cannot open pid file: $!";
+print $pidf "$$\n" or die "cannot write pid file: $!";
+$pidf->close or die "cannot close pid file: $!";
+sub rmpid { unlink "ans.pid"; exit 1; };
+
+$SIG{INT} = \&rmpid;
+$SIG{TERM} = \&rmpid;
+
+sub arraystring {
+    my $string = join("", @_);
+    return $string;
+}
+
+for (;;) {
+	$from = $sock->recv($buf, 512);
+	($port, $ip_address) = unpack_sockaddr_in($from);
+	$l = length($buf);
+	printf "received %u bytes from %s#%u\n", $l, inet_ntoa($ip_address), $port;
+	@up = unpack("C[$l]", $buf);
+	$up[2] |= 0x80; # QR
+	$up[2] |= 0x02; # TC
+	$up[3] |= 0x80; # RA
+	$l -= 1;	# truncate the response 1 byte
+	$replydata = pack("C[$l]", @up);
+	printf "sent %u bytes\n", $sock->send($replydata);
+}

bin/tests/system/tsig/ns1/named.conf.in

@@ -17,7 +17,7 @@ options {
 	pid-file "named.pid";
 	listen-on { 10.53.0.1; };
 	listen-on-v6 { none; };
-	recursion no;
+	recursion yes;
 	notify no;
 };
 
@@ -85,3 +85,13 @@ zone "example.nil" {
 	type primary;
 	file "example.db";
 };
+
+server 10.53.0.2 {
+	keys sha256;
+};
+
+zone "bad-tsig" {
+	type forward;
+	forwarders { 10.53.0.2; };
+	forward only;
+};

bin/tests/system/tsig/tests.sh

@@ -232,6 +232,13 @@ then
   fi
 fi
 
+echo_i "check that a malformed truncated response to a TSIG query is handled"
+ret=0
+$DIG -p $PORT @10.53.0.1 bad-tsig > dig.out.bad-tsig || ret=1
+grep "status: SERVFAIL" dig.out.bad-tsig > /dev/null || ret=1
+if [ $ret -eq 1 ] ; then
+    echo_i "failed"; status=1
+fi
 
 echo_i "exit status: $status"
 [ $status -eq 0 ] || exit 1

util/copyrights

@@ -861,6 +861,7 @@
 ./bin/tests/system/tools/clean.sh		SH	2017,2018,2019,2020
 ./bin/tests/system/tools/setup.sh		SH	2019,2020
 ./bin/tests/system/tools/tests.sh		SH	2017,2018,2019,2020
+./bin/tests/system/tsig/ans2/ans.pl		PERL	2020
 ./bin/tests/system/tsig/badlocation		X	2020
 ./bin/tests/system/tsig/badtime			X	2020
 ./bin/tests/system/tsig/clean.sh		SH	2005,2006,2007,2012,2014,2016,2018,2019,2020