[Bug 241865] dns/bind914: reproducible failure on nsupdate deleting PTRs
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Sun Nov 10 19:30:39 UTC 2019
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=241865
Bug ID: 241865
Summary: dns/bind914: reproducible failure on nsupdate deleting
PTRs
Product: Ports & Packages
Version: Latest
Hardware: Any
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: Individual Port(s)
Assignee: mat at FreeBSD.org
Reporter: prj at rootwyrm.com
Flags: maintainer-feedback?(mat at FreeBSD.org)
Assignee: mat at FreeBSD.org
This issue ONLY occurs when deleting PTRs for both DLZs and DB based reverse
IPv4 zones. It has a 100% reproduction rate in my environment and a clear crash
path. Issue appears to be an actual bug in bind914 itself, which results in the
record NOT being deleted as intended. When debugging is increased further, the
crash becomes 'unclean' and fails to disconnect sessions.
Best I can tell, there is a legitimate bug in dns_name_equal itself, where
'blind' PTR deletes (delete ANY record matching the given PTR) results in a
crash.
# cat /tmp/42101.del.ptr
server 127.0.0.1
realm DRAGONNORTH.PVT
update delete 7.1.10.10.in-addr.arpa 3600 PTR
send
# /usr/local/bin/nsupdate -g -v -D -L 10 /tmp/42102.del.ptr
setup_system()
10-Nov-2019 14:26:52.510 dns_requestmgr_create
10-Nov-2019 14:26:52.511 dns_requestmgr_create: 0x8012e8480
reset_system()
user_interaction()
do_next_command()
do_next_command()
do_next_command()
evaluate_update()
update_addordelete()
do_next_command()
start_update()
10-Nov-2019 14:26:52.511 dns_request_createvia
10-Nov-2019 14:26:52.512 request_render
10-Nov-2019 14:26:52.512 requestmgr_attach: 0x8012e8480: eref 1 iref 1
10-Nov-2019 14:26:52.512 mgr_gethash
10-Nov-2019 14:26:52.512 req_send: request 0x8012f4480
10-Nov-2019 14:26:52.513 dns_request_createvia: request 0x8012f4480
10-Nov-2019 14:26:52.513 req_senddone: request 0x8012f4480
10-Nov-2019 14:26:52.513 req_response: request 0x8012f4480: success
10-Nov-2019 14:26:52.513 req_cancel: request 0x8012f4480
10-Nov-2019 14:26:52.513 req_sendevent: request 0x8012f4480
recvsoa()
About to create rcvmsg
10-Nov-2019 14:26:52.513 dns_request_getresponse: request 0x8012f4480
show_message()
Reply from SOA query:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49148
;; flags: qr aa ra; QUESTION: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;7.1.10.10.in-addr.arpa. IN SOA
;; AUTHORITY SECTION:
1.10.10.in-addr.arpa. 3600 IN SOA stormcaller.dragonnorth.pvt.
hostmaster.dragonnorth.pvt. 8 900 600 86400 3600
Found zone name: 1.10.10.in-addr.arpa
The master is: stormcaller.dragonnorth.pvt
start_gssrequest
send_gssrequest
10-Nov-2019 14:26:52.515 dns_request_createvia
10-Nov-2019 14:26:52.515 request_render
10-Nov-2019 14:26:52.515 requestmgr_attach: 0x8012e8480: eref 1 iref 2
10-Nov-2019 14:26:52.515 mgr_gethash
10-Nov-2019 14:26:52.515 dns_request_createvia: request 0x8012f4600
show_message()
Outgoing update query:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37826
;; flags:; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; QUESTION SECTION:
;1661385871.sig-stormcaller.dragonnorth.pvt. ANY TKEY
;; ADDITIONAL SECTION:
1661385871.sig-stormcaller.dragonnorth.pvt. 0 ANY TKEY gss-tsig. 1573414012
1573414012 3 NOERROR 1504 <SENSITIVE MATERIAL REDACTED>
10-Nov-2019 14:26:52.516 dns_request_destroy: request 0x8012f4480
10-Nov-2019 14:26:52.516 req_destroy: request 0x8012f4480
10-Nov-2019 14:26:52.516 requestmgr_detach: 0x8012e8480: eref 1 iref 1
Out of recvsoa
10-Nov-2019 14:26:52.516 req_connected: request 0x8012f4600
10-Nov-2019 14:26:52.516 req_send: request 0x8012f4600
10-Nov-2019 14:26:52.517 req_senddone: request 0x8012f4600
10-Nov-2019 14:26:52.517 req_response: request 0x8012f4600: success
10-Nov-2019 14:26:52.517 req_cancel: request 0x8012f4600
10-Nov-2019 14:26:52.517 req_sendevent: request 0x8012f4600
recvgss()
recvgss creating rcvmsg
10-Nov-2019 14:26:52.517 dns_request_getresponse: request 0x8012f4600
show_message()
recvmsg reply from GSS-TSIG query
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37826
;; flags: qr ra; QUESTION: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; QUESTION SECTION:
;1661385871.sig-stormcaller.dragonnorth.pvt. ANY TKEY
;; ANSWER SECTION:
1661385871.sig-stormcaller.dragonnorth.pvt. 0 ANY TKEY gss-tsig. 1573414012
1573417612 3 NOERROR 182 <SENSITIVE MATERIAL REDACTED>
;; TSIG PSEUDOSECTION:
1661385871.sig-stormcaller.dragonnorth.pvt. 0 ANY TSIG gss-tsig. 1573414012 300
28 <SENSITIVE MATERIAL REDACTED> 37826 NOERROR 0
send_update()
Sending update to 127.0.0.1#53
10-Nov-2019 14:26:52.517 dns_request_createvia
10-Nov-2019 14:26:52.517 request_render
10-Nov-2019 14:26:52.517 requestmgr_attach: 0x8012e8480: eref 1 iref 2
10-Nov-2019 14:26:52.517 mgr_gethash
10-Nov-2019 14:26:52.517 dns_request_createvia: request 0x8012f4480
show_message()
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 25003
;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 1, ADDITIONAL: 1
;; UPDATE SECTION:
7.1.10.10.in-addr.arpa. 0 ANY PTR
;; TSIG PSEUDOSECTION:
1661385871.sig-stormcaller.dragonnorth.pvt. 0 ANY TSIG gss-tsig. 1573414012 300
28 <SENSITIVE MATERIAL REDACTED> 25003 NOERROR 0
10-Nov-2019 14:26:52.518 dns_request_destroy: request 0x8012f4600
10-Nov-2019 14:26:52.518 req_destroy: request 0x8012f4600
10-Nov-2019 14:26:52.518 requestmgr_detach: 0x8012e8480: eref 1 iref 1
Out of recvgss
10-Nov-2019 14:26:52.518 req_connected: request 0x8012f4480
10-Nov-2019 14:26:52.518 req_send: request 0x8012f4480
10-Nov-2019 14:26:52.527 req_senddone: request 0x8012f4480
10-Nov-2019 14:26:52.527 dispatch 0x801334800 response 0x8012f7308
127.0.0.1#53: cancel: failsafe event 0x8012e6cf0 -> task 0x8012e1480
10-Nov-2019 14:26:52.527 req_response: request 0x8012f4480: unexpected error
10-Nov-2019 14:26:52.527 req_cancel: request 0x8012f4480
10-Nov-2019 14:26:52.527 req_sendevent: request 0x8012f4480
update_completed()
; Communication with 127.0.0.1#53 failed: unexpected error
10-Nov-2019 14:26:52.527 dns_request_destroy: request 0x8012f4480
10-Nov-2019 14:26:52.527 req_destroy: request 0x8012f4480
10-Nov-2019 14:26:52.527 requestmgr_detach: 0x8012e8480: eref 1 iref 0
done_update()
reset_system()
user_interaction()
cleanup()
Shutting down task manager
shutdown_program()
Shutting down request manager
10-Nov-2019 14:26:52.527 dns_requestmgr_shutdown: 0x8012e8480
10-Nov-2019 14:26:52.527 send_shutdown_events: 0x8012e8480
Destroy DST lib
Destroying request manager
10-Nov-2019 14:26:52.528 dns_requestmgr_detach: 0x8012e8480: eref 0 iref 0
10-Nov-2019 14:26:52.528 mgr_destroy
Freeing the dispatchers
Shutting down dispatch manager
Destroying event
Shutting down socket manager
Shutting down timer manager
Destroying name state
Removing log context
Destroying memory context
10-Nov-2019 14:13:44.245 samba_dlz: allowing update of
signer=dns-STORMCALLER\@DRAGONNORTH.PVT name=7.1.10.10.in-addr.arpa
tcpaddr=127.0.0.1 type=PTR key=4257864973.sig-stormcaller.dragonnorth.pvt/160/0
10-Nov-2019 14:13:44.245 client @0x8021b1600 127.0.0.1#21678/key
dns-STORMCALLER\@DRAGONNORTH.PVT: view interior: updating zone
'1.10.10.in-addr.arpa/NONE': deleting rrset at '7.1.10.10.in-addr.arpa' PTR
10-Nov-2019 14:13:44.247 name.c:661: REQUIRE((__builtin_expect(!!((name1) !=
((void *)0)), 1) && __builtin_expect(!!(((const isc__magic_t *)(name1))->magic
== ((('D') << 24 | ('N') << 16 | ('S') << 8 | ('n')))), 1))) failed, back trace
10-Nov-2019 14:13:44.247 #0 0x2f5df9 in assertion_failed()+0x59
10-Nov-2019 14:13:44.247 #1 0x66ead8 in isc_assertion_failed()+0x38
10-Nov-2019 14:13:44.247 #2 0x4572c1 in dns_name_equal()+0x91
10-Nov-2019 14:13:44.247 #3 0x803f8d02a in _fini()+0x8038c431e
10-Nov-2019 14:13:44.247 #4 0x803f8d298 in _fini()+0x8038c458c
10-Nov-2019 14:13:44.247 #5 0x359ba4 in dlopen_dlz_subrdataset()+0xf4
10-Nov-2019 14:13:44.247 #6 0x57cdaf in modrdataset()+0x34f
10-Nov-2019 14:13:44.247 #7 0x57a520 in subtractrdataset()+0xd0
10-Nov-2019 14:13:44.247 #8 0x3dfbaa in dns_db_subtractrdataset()+0x31a
10-Nov-2019 14:13:44.247 #9 0x3e40b8 in diff_apply()+0x758
10-Nov-2019 14:13:44.247 #10 0x3e395a in dns_diff_apply()+0x2a
10-Nov-2019 14:13:44.247 #11 0x3a389d in do_one_tuple()+0xfd
10-Nov-2019 14:13:44.247 #12 0x39e0e9 in update_one_rr()+0x89
10-Nov-2019 14:13:44.247 #13 0x3a3bb6 in delete_if_action()+0x86
10-Nov-2019 14:13:44.247 #14 0x39da54 in foreach_rr()+0x394
10-Nov-2019 14:13:44.247 #15 0x39e1dc in delete_if()+0xbc
10-Nov-2019 14:13:44.247 #16 0x39b29b in update_action()+0x30bb
10-Nov-2019 14:13:44.247 #17 0x6a7c77 in dispatch()+0xb67
10-Nov-2019 14:13:44.247 #18 0x6a3c81 in run()+0x41
10-Nov-2019 14:13:44.247 #19 0x8009b4736 in _fini()+0x8002eba2a
10-Nov-2019 14:13:44.247 exiting (due to assertion failure)
# host 10.10.1.7
7.1.10.10.in-addr.arpa domain name pointer Galaxy-Note9.dragonnorth.pvt.
# pkg info bind914
bind914-9.14.7
Name : bind914
Version : 9.14.7
Installed on : Sun Nov 10 14:07:25 2019 EST
Origin : dns/bind914
Architecture : FreeBSD:12:amd64
Prefix : /usr/local
Categories : net dns
Licenses : MPL20
Maintainer : mat at FreeBSD.org
WWW : https://www.isc.org/downloads/bind/
Comment : BIND DNS suite with updated DNSSEC and DNS64
Options :
DLZ_BDB : off
DLZ_FILESYSTEM : on
DLZ_LDAP : off
DLZ_MYSQL : off
DLZ_POSTGRESQL : on
DLZ_STUB : on
DNSTAP : on
DOCS : on
FIXED_RRSET : off
GEOIP : off
GSSAPI_BASE : off
GSSAPI_HEIMDAL : on
GSSAPI_MIT : off
GSSAPI_NONE : off
IDN : on
JSON : on
LARGE_FILE : off
LMDB : on
MINCACHE : off
NATIVE_PKCS11 : off
PORTREVISION : off
QUERYTRACE : off
SIGCHASE : on
START_LATE : off
TCP_FASTOPEN : on
TUNING_LARGE : off
# pkg info bind-tools
bind-tools-9.14.7
Name : bind-tools
Version : 9.14.7
Installed on : Mon Nov 4 09:11:02 2019 EST
Origin : dns/bind-tools
Architecture : FreeBSD:12:amd64
Prefix : /usr/local
Categories : net dns
Licenses : MPL20
Maintainer : mat at FreeBSD.org
WWW : https://www.isc.org/downloads/bind/
Comment : Command line tools from BIND: delv, dig, host, nslookup...
Options :
FIXED_RRSET : off
GSSAPI_BASE : off
GSSAPI_HEIMDAL : on
GSSAPI_MIT : off
GSSAPI_NONE : off
IDN : on
JSON : on
LARGE_FILE : off
NATIVE_PKCS11 : off
PYTHON : on
SIGCHASE : on
# pkg info heimdal
heimdal-7.5.0_4
Name : heimdal
Version : 7.5.0_4
Installed on : Sat Oct 26 22:38:25 2019 EDT
Origin : security/heimdal
Architecture : FreeBSD:12:amd64
Prefix : /usr/local
Categories : security ipv6
Licenses : BSD3CLAUSE
Maintainer : hrs at FreeBSD.org
WWW : http://www.h5l.org/
Comment : Popular BSD-licensed implementation of Kerberos 5
Options :
BDB : on
CRACKLIB : off
DIGEST : on
IPV6 : on
KX509 : on
LDAP : off
LMDB : off
PKINIT : on
SQLITE : off
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list