PATCH to help 8.2.3 not pound on the root nameservers

[LaMont Jones]

If you have a typical 8.2.3 configuration, with 'check-names response fail;',
then all it takes is a couple of lusers to pound on the root nameservers.
If you're a good sized corporation, it's pretty easy to have enough
mis-configured clients to become very _noticable_.

The problematic flow looks like this:
    1. Client asks for the A RR for 'web_proxy'.
    2. Since it's not in the cache, BIND forwards the request (to the roots,
       since we're talking about a TLD here.)
    3. Root nameserver responds with NXDOMAIN
    4. BIND discards the response, since the name contains invalid characters.
    5. Client asks again, see steps 2-4.

In order to prevent the round trip to the roots with the uncachable reply,
we need to reject the query, not the response.  The attached patch therefore
makes it unconditional, based on the (new) 'check-names query' setting.

thoughts?
lamont


-- Attached file included as plaintext by Listar --

--- ns_config.c.orig	Sat Dec 23 01:14:37 2000
+++ ns_config.c	Mon Mar 19 13:36:39 2001
@@ -1126,6 +1126,7 @@
 	op->check_names[primary_trans] = fail;
 	op->check_names[secondary_trans] = warn;
 	op->check_names[response_trans] = ignore;
+	op->check_names[query_trans] = warn;
 	op->listen_list = NULL;
 	op->fwdtab = NULL;
 	/* XXX init forwarding */
--- ns_defs.h.orig	Thu Nov 30 22:35:48 2000
+++ ns_defs.h	Mon Mar 19 13:35:04 2001
@@ -681,7 +681,7 @@
 #endif
 };
 		
-enum transport { primary_trans, secondary_trans, response_trans, update_trans,
+enum transport { primary_trans, secondary_trans, response_trans, update_trans, query_trans,
 		 num_trans };
 
 /* types used by the parser or config routines */
--- ns_init.c.orig	Sat Dec 23 01:14:38 2000
+++ ns_init.c	Mon Mar 19 13:36:53 2001
@@ -407,6 +407,7 @@
 		case secondary_trans:
 			context = owner_ctx;
 			break;
+		case query_trans:
 		case response_trans:
 			context = hostname_ctx;
 			break;
--- ns_lexer.c.orig	Tue Nov 28 23:55:58 2000
+++ ns_lexer.c	Mon Mar 19 13:37:43 2001
@@ -307,6 +307,7 @@
 	{"print-severity", T_PRINT_SEVERITY},
 	{"print-time", T_PRINT_TIME},
 	{"pubkey", T_PUBKEY},
+	{"query", T_QUERY},
 	{"query-source", T_QUERY_SOURCE},
 	{"rfc2308-type1", T_RFC2308_TYPE1},
 	{"rrset-order", T_RRSET_ORDER},
--- ns_parser.y.orig	Sat Dec 23 01:14:41 2000
+++ ns_parser.y	Mon Mar 19 13:37:16 2001
@@ -195,7 +195,7 @@
 %type	<s_int>		zone_type
 %token			T_IN T_CHAOS T_HESIOD
 %token			T_TYPE
-%token			T_MASTER T_SLAVE T_STUB T_RESPONSE
+%token			T_MASTER T_SLAVE T_STUB T_RESPONSE T_QUERY
 %token			T_HINT
 %token			T_MASTERS T_TRANSFER_SOURCE
 %token			T_PUBKEY
@@ -788,6 +788,10 @@
 	| T_RESPONSE
 	{
 		$$ = response_trans;
+	}
+	| T_QUERY
+	{
+		$$ = query_trans;
 	}
 	;
 
--- ns_req.c.orig	Mon Jan  8 16:46:41 2001
+++ ns_req.c	Mon Mar 19 16:47:23 2001
@@ -677,6 +677,14 @@
 	afterq = *cpp;
 	qtypeIncr(type);
 
+	if (!ns_nameok(qp, dnbuf, class, NULL, query_trans,
+		       ns_ownercontext(type, query_trans),
+		       dnbuf, from.sin_addr)) {
+		ns_debug(ns_log_default, 1, "bad name in query"); 
+		hp->rcode = ns_r_formerr;
+		return (Refuse);
+	}
+
 	/*
 	 * Process query.
 	 */