1#!/usr/bin/env perl 2# 3# Copyright (C) Internet Systems Consortium, Inc. ("ISC") 4# 5# This Source Code Form is subject to the terms of the Mozilla Public 6# License, v. 2.0. If a copy of the MPL was not distributed with this 7# file, you can obtain one at https://mozilla.org/MPL/2.0/. 8# 9# See the COPYRIGHT file distributed with this work for additional 10# information regarding copyright ownership. 11 12use strict; 13use warnings; 14 15use IO::File; 16use Getopt::Long; 17use Net::DNS::Nameserver; 18 19my $pidf = new IO::File "ans.pid", "w" or die "cannot open pid file: $!"; 20print $pidf "$$\n" or die "cannot write pid file: $!"; 21$pidf->close or die "cannot close pid file: $!"; 22sub rmpid { unlink "ans.pid"; exit 1; }; 23 24$SIG{INT} = \&rmpid; 25$SIG{TERM} = \&rmpid; 26 27my $localaddr = "10.53.0.3"; 28 29my $localport = int($ENV{'PORT'}); 30if (!$localport) { $localport = 5300; } 31 32my $verbose = 0; 33my $ttl = 60; 34my $zone = "example.broken"; 35my $nsname = "ns3.$zone"; 36my $synth = "synth-then-dname.$zone"; 37my $synth2 = "synth2-then-dname.$zone"; 38 39sub reply_handler { 40 my ($qname, $qclass, $qtype, $peerhost, $query, $conn) = @_; 41 my ($rcode, @ans, @auth, @add); 42 43 print ("request: $qname/$qtype\n"); 44 STDOUT->flush(); 45 46 if ($qname eq "example.broken") { 47 if ($qtype eq "SOA") { 48 my $rr = new Net::DNS::RR("$qname $ttl $qclass SOA . . 0 0 0 0 0"); 49 push @ans, $rr; 50 } elsif ($qtype eq "NS") { 51 my $rr = new Net::DNS::RR("$qname $ttl $qclass NS $nsname"); 52 push @ans, $rr; 53 $rr = new Net::DNS::RR("$nsname $ttl $qclass A $localaddr"); 54 push @add, $rr; 55 } 56 $rcode = "NOERROR"; 57 } elsif ($qname eq "cname-to-$synth2") { 58 my $rr = new Net::DNS::RR("$qname $ttl $qclass CNAME name.$synth2"); 59 push @ans, $rr; 60 $rr = new Net::DNS::RR("name.$synth2 $ttl $qclass CNAME name"); 61 push @ans, $rr; 62 $rr = new Net::DNS::RR("$synth2 $ttl $qclass DNAME ."); 63 push @ans, $rr; 64 $rcode = "NOERROR"; 65 } elsif ($qname eq "$synth" || $qname eq "$synth2") { 66 if ($qtype eq "DNAME") { 67 my $rr = new Net::DNS::RR("$qname $ttl $qclass DNAME ."); 68 push @ans, $rr; 69 } 70 $rcode = "NOERROR"; 71 } elsif ($qname eq "name.$synth") { 72 my $rr = new Net::DNS::RR("$qname $ttl $qclass CNAME name."); 73 push @ans, $rr; 74 $rr = new Net::DNS::RR("$synth $ttl $qclass DNAME ."); 75 push @ans, $rr; 76 $rcode = "NOERROR"; 77 } elsif ($qname eq "name.$synth2") { 78 my $rr = new Net::DNS::RR("$qname $ttl $qclass CNAME name."); 79 push @ans, $rr; 80 $rr = new Net::DNS::RR("$synth2 $ttl $qclass DNAME ."); 81 push @ans, $rr; 82 $rcode = "NOERROR"; 83 # The following three code branches referring to the "example.dname" 84 # zone are necessary for the resolver variant of the CVE-2021-25215 85 # regression test to work. A named instance cannot be used for 86 # serving the DNAME records below as a version of BIND vulnerable to 87 # CVE-2021-25215 would crash while answering the queries asked by 88 # the tested resolver. 89 } elsif ($qname eq "ns3.example.dname") { 90 if ($qtype eq "A") { 91 my $rr = new Net::DNS::RR("$qname $ttl $qclass A 10.53.0.3"); 92 push @ans, $rr; 93 } 94 if ($qtype eq "AAAA") { 95 my $rr = new Net::DNS::RR("example.dname. $ttl $qclass SOA . . 0 0 0 0 $ttl"); 96 push @auth, $rr; 97 } 98 $rcode = "NOERROR"; 99 } elsif ($qname eq "self.example.self.example.dname") { 100 my $rr = new Net::DNS::RR("self.example.dname. $ttl $qclass DNAME dname."); 101 push @ans, $rr; 102 $rr = new Net::DNS::RR("$qname $ttl $qclass CNAME self.example.dname."); 103 push @ans, $rr; 104 $rcode = "NOERROR"; 105 } elsif ($qname eq "self.example.dname") { 106 if ($qtype eq "DNAME") { 107 my $rr = new Net::DNS::RR("$qname $ttl $qclass DNAME dname."); 108 push @ans, $rr; 109 } 110 $rcode = "NOERROR"; 111 } else { 112 $rcode = "REFUSED"; 113 } 114 return ($rcode, \@ans, \@auth, \@add, { aa => 1 }); 115} 116 117GetOptions( 118 'port=i' => \$localport, 119 'verbose!' => \$verbose, 120); 121 122my $ns = Net::DNS::Nameserver->new( 123 LocalAddr => $localaddr, 124 LocalPort => $localport, 125 ReplyHandler => \&reply_handler, 126 Verbose => $verbose, 127); 128 129$ns->main_loop; 130