Merge pull request #1184 from matsduf/merge-develop-into-master

Merge develop into master (Engine)
zonemaster · Jan 31, 2023 · 340b3ff · 340b3ff
2 parents 47475c6 + 0541d15
commit 340b3ff
Show file tree

Hide file tree

Showing 17 changed files with 2,003 additions and 562 deletions.
diff --git a/Changes b/Changes
@@ -1,5 +1,18 @@
 Release history for Zonemaster component Zonemaster-Engine
 
+v4.6.1 2023-01-31 (public fix version)
+
+ [Fixes]
+ - Updates translations (#1180, #1167)
+ - Fixes a bug that made implementation of ADDRESS01 crash (#1181)
+ - Fixes a bug that made implementation of NAMESERVER11 create false error
+   when server returned legimate EDNS OPTION-CODE (#1173, #1177)
+ - Removed unneeded binary dependency from installation instruction for
+   Ubuntu and Debian (#1176)
+ - Fixes a bug that made implementation of ZONE01 crash when more than
+   one SOA Serial was returned from the zone's name servers (#1175, #1178)
+ - Removes unused message tag (#1174)
+
 
 v4.6.0 2022-12-19 (public release version)
 

diff --git a/MANIFEST b/MANIFEST
@@ -278,6 +278,10 @@ t/Test-syntax06-L.data
 t/Test-syntax06-L.t
 t/Test-zone.data
 t/Test-zone.t
+t/Test-zone01-A.t
+t/Test-zone01-A.data
+t/Test-zone01-B.t
+t/Test-zone01-B.data
 t/Test-zone09-A.data
 t/Test-zone09-A.t
 t/Test-zone09-B.data

diff --git a/Makefile.PL b/Makefile.PL
@@ -32,7 +32,7 @@ requires 'Net::DNS'           => 0;
 requires 'Net::IP::XS'        => 0.21;
 requires 'Readonly'           => 0;
 requires 'Text::CSV'          => 0;
-requires 'Zonemaster::LDNS'   => 3.000000;
+requires 'Zonemaster::LDNS'   => 3.001000;
 
 test_requires 'Pod::Coverage'     => 0;
 test_requires 'Test::Differences' => 0;

diff --git a/docs/Installation.md b/docs/Installation.md
@@ -108,7 +108,7 @@ Using pre-built packages is the preferred method for Debian and Ubuntu.
 2) Install dependencies from binary packages:
 
    ```sh
-   sudo apt install autoconf automake build-essential cpanminus libclass-accessor-perl libclone-perl libdevel-checklib-perl libemail-valid-perl libfile-sharedir-perl libfile-slurp-perl libidn2-dev libintl-perl libio-socket-inet6-perl liblist-moreutils-perl libmodule-find-perl libmodule-install-perl libmodule-install-xsutil-perl libmoose-perl libmoosex-singleton-perl libnet-dns-perl libnet-ip-xs-perl libpod-coverage-perl libreadonly-perl libssl-dev libldns3 libtest-differences-perl libtest-exception-perl libtest-fatal-perl libtest-nowarnings-perl libtest-pod-perl libtext-csv-perl libtool m4
+   sudo apt install autoconf automake build-essential cpanminus libclass-accessor-perl libclone-perl libdevel-checklib-perl libemail-valid-perl libfile-sharedir-perl libfile-slurp-perl libidn2-dev libintl-perl libio-socket-inet6-perl liblist-moreutils-perl libmodule-find-perl libmodule-install-perl libmodule-install-xsutil-perl libmoose-perl libmoosex-singleton-perl libnet-dns-perl libnet-ip-xs-perl libpod-coverage-perl libreadonly-perl libssl-dev libtest-differences-perl libtest-exception-perl libtest-fatal-perl libtest-nowarnings-perl libtest-pod-perl libtext-csv-perl libtool m4
    ```
 
 3) Install Zonemaster::LDNS and Zonemaster::Engine.

diff --git a/lib/Zonemaster/Engine.pm b/lib/Zonemaster/Engine.pm
@@ -1,6 +1,6 @@
 package Zonemaster::Engine;
 
-use version; our $VERSION = version->declare("v4.6.0");
+use version; our $VERSION = version->declare("v4.6.1");
 
 use 5.014002;
 

diff --git a/lib/Zonemaster/Engine/Constants.pm b/lib/Zonemaster/Engine/Constants.pm
@@ -36,7 +36,8 @@ our @EXPORT_OK = qw[
   $IP_VERSION_4
   $IP_VERSION_6
   $LABEL_MAX_LENGTH
-  $MAX_SERIAL_VARIATION
+  $SERIAL_BITS
+  $SERIAL_MAX_VARIATION
   $MINIMUM_NUMBER_OF_NAMESERVERS
   $RESOLVER_SOURCE_OS_DEFAULT
   $UDP_PAYLOAD_LIMIT
@@ -53,7 +54,7 @@ our %EXPORT_TAGS = (
     name => [qw($FQDN_MAX_LENGTH $LABEL_MAX_LENGTH)],
     ip   => [qw($IP_VERSION_4 $IP_VERSION_6)],
     soa  => [
-        qw($DURATION_5_MINUTES_IN_SECONDS $DURATION_1_HOUR_IN_SECONDS $DURATION_4_HOURS_IN_SECONDS $DURATION_12_HOURS_IN_SECONDS $DURATION_1_DAY_IN_SECONDS $DURATION_1_WEEK_IN_SECONDS $DURATION_180_DAYS_IN_SECONDS $MAX_SERIAL_VARIATION)
+        qw($DURATION_5_MINUTES_IN_SECONDS $DURATION_1_HOUR_IN_SECONDS $DURATION_4_HOURS_IN_SECONDS $DURATION_12_HOURS_IN_SECONDS $DURATION_1_DAY_IN_SECONDS $DURATION_1_WEEK_IN_SECONDS $DURATION_180_DAYS_IN_SECONDS $SERIAL_BITS $SERIAL_MAX_VARIATION)
     ],
     misc => [qw($UDP_PAYLOAD_LIMIT $UDP_COMMON_EDNS_LIMIT $MINIMUM_NUMBER_OF_NAMESERVERS $RESOLVER_SOURCE_OS_DEFAULT $BLACKLISTING_ENABLED)]
     ,    # everyting in %EXPORT_OK that isn't included in any of the other tags
@@ -85,12 +86,13 @@ Readonly our $LABEL_MAX_LENGTH => 63;
 Readonly our $IP_VERSION_4 => 4;
 Readonly our $IP_VERSION_6 => 6;
 
-Readonly our $MAX_SERIAL_VARIATION => 0;
-
 Readonly our $MINIMUM_NUMBER_OF_NAMESERVERS => 2;
 
 Readonly our $RESOLVER_SOURCE_OS_DEFAULT => 'os_default';
 
+Readonly our $SERIAL_BITS => 32;
+Readonly our $SERIAL_MAX_VARIATION => 0;
+
 Readonly our $UDP_PAYLOAD_LIMIT     => 512;
 Readonly our $UDP_COMMON_EDNS_LIMIT => 4_096;
 
@@ -262,7 +264,13 @@ C<$IP_VERSION_6>
 
 =item *
 
-C<$MAX_SERIAL_VARIATION>
+C<$SERIAL_BITS>
+
+An integer, used to define the size of the serial number space, as defined in RFC1982, section 2.
+
+=item *
+
+C<$SERIAL_MAX_VARIATION>
 
 =item *
 

diff --git a/lib/Zonemaster/Engine/Test/Address.pm b/lib/Zonemaster/Engine/Test/Address.pm
@@ -173,7 +173,7 @@ sub address01 {
                 NAMESERVER_IP_PRIVATE_NETWORK => {
                     nsname    => $local_ns->name->string,
                     ns_ip     => $local_ns->address->short,
-                    prefix    => ${$ip_details_ref}{ip}->print,
+                    prefix    => ${$ip_details_ref}{ip}->short . '/' . ${$ip_details_ref}{ip}->prefixlen,
                     name      => ${$ip_details_ref}{name},
                     reference => ${$ip_details_ref}{reference},
                 }

diff --git a/lib/Zonemaster/Engine/Test/Consistency.pm b/lib/Zonemaster/Engine/Test/Consistency.pm
@@ -386,13 +386,13 @@ sub consistency01 {
                 count => scalar( keys %serials ),
             }
           );
-        if ( $serial_numbers[-1] - $serial_numbers[0] > $MAX_SERIAL_VARIATION ) {
+        if ( $serial_numbers[-1] - $serial_numbers[0] > $SERIAL_MAX_VARIATION ) {
             push @results,
               info(
                 SOA_SERIAL_VARIATION => {
                     serial_min    => $serial_numbers[0],
                     serial_max    => $serial_numbers[-1],
-                    max_variation => $MAX_SERIAL_VARIATION,
+                    max_variation => $SERIAL_MAX_VARIATION,
                 }
               );
         }

diff --git a/lib/Zonemaster/Engine/Test/Nameserver.pm b/lib/Zonemaster/Engine/Test/Nameserver.pm
@@ -465,10 +465,6 @@ Readonly my %TAG_DESCRIPTIONS => (
         __x    # NAMESERVER:TEST_CASE_START
           'TEST_CASE_START {testcase}.', @_;
     },
-    UNKNOWN_OPTION_CODE => sub {
-        __x    # NAMESERVER:UNKNOWN_OPTION_CODE
-          'Nameserver {ns} responds with an unknown ENDS OPTION-CODE.', @_;
-    },
     UPWARD_REFERRAL => sub {
         __x    # NAMESERVER:UPWARD_REFERRAL
           'Nameserver {ns} returns an upward referral.', @_;
@@ -1181,44 +1177,61 @@ sub nameserver11 {
         #To be changed to '$ns->query( $zone->name, q{SOA}, { edns_details => { version => 0 } } );' when PR#1147 is merged.
         my $p = $ns->query( $zone->name, q{SOA}, { edns_details => { udp_size => 512 } } );
 
-        if ( not $p or not $p->has_edns or $p->rcode ne q{NOERROR} or not $p->aa or not $p->get_records_for_name(q{SOA}, $zone->name, q{answer}) ){
+        if ( not $p or not $p->has_edns or $p->rcode ne q{NOERROR} or not $p->aa or not $p->get_records_for_name(q{SOA}, $zone->name, q{answer}) ) {
             next;
         }
-        
+
         #To be changed to '$ns->query( $zone->name, q{SOA}, { edns_details => { data => $rdata } } );' when PR#1147 is merged.
         $p = $ns->query( $zone->name, q{SOA}, { edns_details => { data => $rdata, udp_size => 512 } } );
 
         if ( $p ) {
-            if ( $p->rcode ne q{NOERROR} ){
+            if ( $p->rcode ne q{NOERROR} ) {
                 push @{ $unexpected_rcode{$p->rcode} }, $ns->address->short;
             }
-            
-            elsif ( not $p->has_edns ){
+
+            elsif ( not $p->has_edns ) {
                 push @no_edns, $ns->address->short;
             }
-            
-            elsif ( not $p->get_records_for_name(q{SOA}, $zone->name, q{answer}) ){
+
+            elsif ( not $p->get_records_for_name(q{SOA}, $zone->name, q{answer}) ) {
                 push @unexpected_answer, $ns->address->short;
             }
-            
-            elsif ( not $p->aa ){
+
+            elsif ( not $p->aa ) {
                 push @unset_aa, $ns->address->short;
             }
-            
+
             elsif ( defined $p->edns_data ) {
-                push @unknown_opt_code, $ns->address->short;
+                my $p_opt = $p->edns_data;
+
+                # Unpack the bytes string:
+                # - OPTION-CODE as unsigned short (16-bit) in "network" (big-endian) order, and
+                # - OPTION-DATA as a sequence of bytes of length specified by a prefixed unsigned short (16-bit)
+                #   in "network" (big-endian) order (OPTION-LENGTH), and
+                # - Remaining data, if any (i.e., other OPTIONS)
+
+                my @unpacked_opt = eval { unpack("(n n/a)*", $p_opt) };
+
+                while ( my ( $p_opt_code, $p_opt_data, @next_data ) = @unpacked_opt ) {
+                    if ( $p_opt_code == $opt_code ) {
+                        push @unknown_opt_code, $ns->address->short;
+                        last;
+                    }
+
+                    @unpacked_opt = @next_data;
+                }
             }
         }
         else{
             push @no_response, $ns->address->short;
         }
     }
 
-    if ( scalar @no_response ){
+    if ( scalar @no_response ) {
         push @results, info( N11_NO_RESPONSE => { ns_ip_list => join( q{;}, uniq sort @no_response ) } );
     }
 
-    if ( scalar keys %unexpected_rcode ){
+    if ( scalar keys %unexpected_rcode ) {
         push @results, map {
           info(
             N11_UNEXPECTED_RCODE => {
@@ -1229,19 +1242,19 @@ sub nameserver11 {
         } keys %unexpected_rcode;
     }
 
-    if ( scalar @no_edns ){
+    if ( scalar @no_edns ) {
         push @results, info( N11_NO_EDNS => { ns_ip_list => join( q{;}, uniq sort @no_edns ) } );
     }
 
-    if ( scalar @unexpected_answer ){
+    if ( scalar @unexpected_answer ) {
         push @results, info( N11_UNEXPECTED_ANSWER_SECTION => { ns_ip_list => join( q{;}, uniq sort @unexpected_answer ) } );
     }
 
-    if ( scalar @unset_aa ){
+    if ( scalar @unset_aa ) {
         push @results, info( N11_UNSET_AA => { ns_ip_list => join( q{;}, uniq sort @unset_aa ) } );
     }
 
-    if ( scalar @unknown_opt_code ){
+    if ( scalar @unknown_opt_code ) {
         push @results, info( N11_RETURNS_UNKNOWN_OPTION_CODE => { ns_ip_list => join( q{;}, uniq sort @unknown_opt_code ) } );
     }
 

diff --git a/lib/Zonemaster/Engine/Test/Zone.pm b/lib/Zonemaster/Engine/Test/Zone.pm
@@ -11,6 +11,7 @@ use Zonemaster::Engine;
 
 use Carp;
 use List::MoreUtils qw[uniq none];
+use List::Util qw[max];
 use Locale::TextDomain qw[Zonemaster-Engine];
 use Readonly;
 use JSON::PP;
@@ -532,8 +533,6 @@ sub zone01 {
     }
 
     if ( $found_serial ){
-        my $serial_bits = 32;
-
         foreach my $mname ( keys %mname_ns ){
             MNAME_IP: foreach my $mname_ip ( keys %{ $mname_ns{$mname} } ){
                 my $mname_serial = $mname_ns{$mname}{$mname_ip};
@@ -543,7 +542,7 @@ sub zone01 {
                 }
 
                 foreach my $serial ( uniq @serial_ns ){
-                    if ( $serial > $mname_serial and ( ($serial - $mname_serial) < 2**($serial_bits - 1) ) ){
+                    if ( Zonemaster::Engine::Util::serial_gt( $serial, $mname_serial ) ){
                         $mname_not_master{$mname}{$mname_ip} = $mname_serial;
                         next MNAME_IP;
                     }
@@ -557,8 +556,14 @@ sub zone01 {
             push @results, 
                 info( 
                     Z01_MNAME_NOT_MASTER => {
-                        ns_list  => join( q{;}, sort map { $_ . '/' . %{ $mname_not_master{$_} } } keys %mname_not_master ),
-                        soaserial => max( map { $mname_not_master{$_} } keys %mname_not_master ),
+                        ns_list => join( q{;}, sort map
+                                        {
+                                            my $mname = $_;
+                                            map { "$mname/$_" } keys %{ $mname_not_master{$_} }
+                                        }
+                                        keys %mname_not_master
+                                   ),
+                        soaserial => max( uniq map { values %{ $mname_not_master{$_} } } keys %mname_not_master ),
                         soaserial_list => join( q{;}, uniq @serial_ns )
                     }
                 );

diff --git a/lib/Zonemaster/Engine/Util.pm b/lib/Zonemaster/Engine/Util.pm
@@ -30,7 +30,7 @@ use Net::DNS::ZoneFile;
 use Pod::Simple::SimpleTree;
 
 use Zonemaster::Engine;
-use Zonemaster::Engine::Constants qw[:ip];
+use Zonemaster::Engine::Constants qw[:ip :soa];
 use Zonemaster::Engine::DNSName;
 use Zonemaster::Engine::Profile;
 
@@ -236,6 +236,14 @@ sub parse_hints {
     return \%hints;
 }
 
+sub serial_gt {
+    my ( $sa, $sb ) = @_;
+
+    return ( ( $sa < $sb and ( ($sb - $sa) > 2**( $SERIAL_BITS - 1 ) ) ) or
+             ( $sa > $sb and ( ($sa - $sb) < 2**( $SERIAL_BITS - 1 ) ) )
+           );
+}
+
 1;
 
 =head1 NAME
@@ -325,6 +333,12 @@ This method blindly assumes that the structure of the POD is exactly
 like that in the Basic test module.
 If it's not, the results are undefined.
 
+=item serial_gt($serial_a, $serial_b)
+Checks if serial_a is greater than serial_b, according to
+serial number arithmetic as defined in RFC1982, section 3.2.
+
+Return a boolean.
+
 =item scramble_case
 
 This routine provides a special effect: sCraMBliNg tHe CaSe