mirror of
https://github.com/samba-team/samba.git
synced 2025-01-26 10:04:02 +03:00
004e7a1fee
On (eg) the DC=_msdcs.X.Y,CN=MicrosoftDNS,DC=ForestDnsZones,DC=X,DC=Y record, in domains that have had a Microsoft Windows DC an attribute: dNSProperty:: AAAAAAAAAAAAAAAAAQAAAJIAAAAAAAAA 000000 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 >................< 000010 92 00 00 00 00 00 00 00 >........< 000018 We, until samba 4.12, would parse this as: pull returned Success dnsp_DnsProperty: struct dnsp_DnsProperty wDataLength : 0x00000000 (0) namelength : 0x00000000 (0) flag : 0x00000000 (0) version : 0x00000001 (1) id : DSPROPERTY_ZONE_NS_SERVERS_DA (146) data : union dnsPropertyData(case 0) name : 0x00000000 (0) dump OK However, the wDataLength is 0. There is not anything in [MS-DNSP] 2.3.2.1 dnsProperty to describe any special behaviour for when the id suggests that there is a value, but wDataLength is 0. https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-dnsp/445c7843-e4a1-4222-8c0f-630c230a4c80 We now fail to parse it, because we expect an entry with id DSPROPERTY_ZONE_NS_SERVERS_DA to therefore have a valid DNS_ADDR_ARRAY (section 2.2.3.2.3). As context we changed it in our commit fee5c6a4247aeac71318186bbff7708d25de5912 because of bug https://bugzilla.samba.org/show_bug.cgi?id=14206 which was due to the artificial environment of the fuzzer. Microsoft advises that Windows also fails to parse this, but instead of failing the operation, the value is ignored. Reported by Alex MacCuish. Many thanks for your assistance in tracking down the issue. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14310 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri May 15 07:29:17 UTC 2020 on sn-devel-184
89 lines
6.4 KiB
Plaintext
89 lines
6.4 KiB
Plaintext
# These tests are expected to fail because we want to ensure that
|
|
# unauthenicated updates are not permitted against the default
|
|
# configuration, nor against an RODC
|
|
|
|
samba.tests.dns.__main__.TestDNSUpdates.test_delete_record\(rodc:local\)
|
|
samba.tests.dns.__main__.TestDNSUpdates.test_readd_record\(rodc:local\)
|
|
samba.tests.dns.__main__.TestDNSUpdates.test_update_add_mx_record\(rodc:local\)
|
|
samba.tests.dns.__main__.TestDNSUpdates.test_update_add_txt_record\(rodc:local\)
|
|
samba.tests.dns.__main__.TestRPCRoundtrip.test_update_add_empty_txt_records\(rodc:local\)
|
|
samba.tests.dns.__main__.TestRPCRoundtrip.test_update_add_hex_char_txt_record\(rodc:local\)
|
|
samba.tests.dns.__main__.TestRPCRoundtrip.test_update_add_null_char_txt_record\(rodc:local\)
|
|
samba.tests.dns.__main__.TestRPCRoundtrip.test_update_add_null_padded_txt_record\(rodc:local\)
|
|
samba.tests.dns.__main__.TestRPCRoundtrip.test_update_add_slash_txt_record\(rodc:local\)
|
|
samba.tests.dns.__main__.TestRPCRoundtrip.test_update_add_two_txt_records\(rodc:local\)
|
|
samba.tests.dns.__main__.TestRPCRoundtrip.test_rpc_self_referencing_cname\(rodc:local\)
|
|
samba.tests.dns.__main__.TestDNSUpdates.test_delete_record\(vampire_dc:local\)
|
|
samba.tests.dns.__main__.TestDNSUpdates.test_readd_record\(vampire_dc:local\)
|
|
samba.tests.dns.__main__.TestDNSUpdates.test_update_add_mx_record\(vampire_dc:local\)
|
|
samba.tests.dns.__main__.TestDNSUpdates.test_update_add_txt_record\(vampire_dc:local\)
|
|
samba.tests.dns.__main__.TestRPCRoundtrip.test_update_add_empty_txt_records\(vampire_dc:local\)
|
|
samba.tests.dns.__main__.TestRPCRoundtrip.test_update_add_hex_char_txt_record\(vampire_dc:local\)
|
|
samba.tests.dns.__main__.TestRPCRoundtrip.test_update_add_null_char_txt_record\(vampire_dc:local\)
|
|
samba.tests.dns.__main__.TestRPCRoundtrip.test_update_add_null_padded_txt_record\(vampire_dc:local\)
|
|
samba.tests.dns.__main__.TestRPCRoundtrip.test_update_add_slash_txt_record\(vampire_dc:local\)
|
|
samba.tests.dns.__main__.TestRPCRoundtrip.test_update_add_two_txt_records\(vampire_dc:local\)
|
|
samba.tests.dns.__main__.TestComplexQueries.test_cname_two_chain\(rodc:local\)
|
|
samba.tests.dns.__main__.TestComplexQueries.test_one_a_query\(rodc:local\)
|
|
samba.tests.dns.__main__.TestRPCRoundtrip.test_update_add_empty_rpc_to_dns\(rodc:local\)
|
|
samba.tests.dns.__main__.TestRPCRoundtrip.test_update_add_hex_rpc_to_dns\(rodc:local\)
|
|
samba.tests.dns.__main__.TestRPCRoundtrip.test_update_add_null_char_rpc_to_dns\(rodc:local\)
|
|
samba.tests.dns.__main__.TestRPCRoundtrip.test_update_add_padding_rpc_to_dns\(rodc:local\)
|
|
samba.tests.dns.__main__.TestRPCRoundtrip.test_update_add_slash_rpc_to_dns\(rodc:local\)
|
|
samba.tests.dns.__main__.TestRPCRoundtrip.test_update_add_two_rpc_to_dns\(rodc:local\)
|
|
samba.tests.dns.__main__.TestRPCRoundtrip.test_update_add_txt_rpc_to_dns\(rodc:local\)
|
|
|
|
samba.tests.dns.__main__.TestZones.test_set_aging_disabled\(rodc:local\)
|
|
samba.tests.dns.__main__.TestZones.test_set_aging_disabled\(vampire_dc:local\)
|
|
|
|
samba.tests.dns.__main__.TestZones.test_soa_query\(rodc:local\)
|
|
samba.tests.dns.__main__.TestZones.test_set_aging\(rodc:local\)
|
|
samba.tests.dns.__main__.TestZones.test_aging_update\(rodc:local\)
|
|
samba.tests.dns.__main__.TestZones.test_aging_update_disabled\(rodc:local\)
|
|
samba.tests.dns.__main__.TestZones.test_aging_refresh\(rodc:local\)
|
|
samba.tests.dns.__main__.TestZones.test_rpc_add_no_timestamp\(rodc:local\)
|
|
samba.tests.dns.__main__.TestZones.test_basic_scavenging\(rodc:local\)
|
|
samba.tests.dns.__main__.TestZones.test_dns_tombstone_custom_match_rule\(rodc:local\)
|
|
samba.tests.dns.__main__.TestZones.test_dns_tombstone_custom_match_rule_no_records\(rodc:local\)
|
|
samba.tests.dns.__main__.TestZones.test_dns_tombstone_custom_match_rule_fail\(rodc:local\)
|
|
samba.tests.dns.__main__.TestZones.test_dynamic_record_static_update\(rodc:local\)
|
|
samba.tests.dns.__main__.TestZones.test_static_record_dynamic_update\(rodc:local\)
|
|
samba.tests.dns.__main__.TestZones.test_fully_qualified_zone\(rodc:local\)
|
|
|
|
samba.tests.dns.__main__.TestZones.test_set_aging\(vampire_dc:local\)
|
|
samba.tests.dns.__main__.TestZones.test_aging_update\(vampire_dc:local\)
|
|
samba.tests.dns.__main__.TestZones.test_aging_update_disabled\(vampire_dc:local\)
|
|
samba.tests.dns.__main__.TestZones.test_aging_refresh\(vampire_dc:local\)
|
|
samba.tests.dns.__main__.TestZones.test_basic_scavenging\(vampire_dc:local\)
|
|
samba.tests.dns.__main__.TestZones.test_dns_tombstone_custom_match_rule\(vampire_dc:local\)
|
|
samba.tests.dns.__main__.TestZones.test_dynamic_record_static_update\(vampire_dc:local\)
|
|
samba.tests.dns.__main__.TestZones.test_static_record_dynamic_update\(vampire_dc:local\)
|
|
|
|
samba.tests.dns.__main__.TestComplexQueries.test_cname_two_chain\(vampire_dc:local\)
|
|
samba.tests.dns.__main__.TestComplexQueries.test_one_a_query\(vampire_dc:local\)
|
|
|
|
# The SOA override should not pass against the RODC, it must not overstamp
|
|
samba.tests.dns.__main__.TestSimpleQueries.test_one_SOA_query\(rodc:local\)
|
|
|
|
#
|
|
# rodc and vampire_dc require signed dns updates, so these tests' setups
|
|
# fail, but they pass on fl2003dc
|
|
^samba.tests.dns.__main__.TestComplexQueries.test_cname_loop\(rodc:local\)
|
|
^samba.tests.dns.__main__.TestComplexQueries.test_cname_loop\(vampire_dc:local\)
|
|
^samba.tests.dns.__main__.TestComplexQueries.test_record_limit_A\(rodc:local\)
|
|
^samba.tests.dns.__main__.TestComplexQueries.test_record_limit_A\(vampire_dc:local\)
|
|
^samba.tests.dns.__main__.TestComplexQueries.test_record_limit_AAAA\(rodc:local\)
|
|
^samba.tests.dns.__main__.TestComplexQueries.test_record_limit_AAAA\(vampire_dc:local\)
|
|
^samba.tests.dns.__main__.TestComplexQueries.test_record_limit_SRV\(rodc:local\)
|
|
^samba.tests.dns.__main__.TestComplexQueries.test_record_limit_SRV\(vampire_dc:local\)
|
|
^samba.tests.dns.__main__.TestComplexQueries.test_cname_limit\(vampire_dc:local\)
|
|
^samba.tests.dns.__main__.TestComplexQueries.test_cname_limit\(rodc:local\)
|
|
^samba.tests.dns.__main__.TestComplexQueries.test_cname_any_query\(vampire_dc:local\)
|
|
^samba.tests.dns.__main__.TestComplexQueries.test_cname_any_query\(rodc:local\)
|
|
|
|
# Tests for the dnsProperty parse issue do not pass here, but do against fl2003dc
|
|
^samba.tests.dns.__main__.TestZones.test_enum_zones_while_dnsProperty_zero_length\(rodc:local\)
|
|
^samba.tests.dns.__main__.TestZones.test_rpc_zone_update_while_dnsProperty_zero_length\(rodc:local\)
|
|
^samba.tests.dns.__main__.TestZones.test_rpc_zone_update_while_other_dnsProperty_zero_length\(rodc:local\)
|
|
^samba.tests.dns.__main__.TestZones.test_update_while_dnsProperty_zero_length\(rodc:local\)
|
|
^samba.tests.dns.__main__.TestZones.test_update_while_dnsProperty_zero_length\(vampire_dc:local\) |