Seconday zones with incorrect masters raises TypeError

Bug #1473210 reported by Tristan Cacqueray on 2015-07-09
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Designate
High
Graham Hayes
Kilo
High
Kiall Mac Innes

Bug Description

Trace:

INFO designate.dnsutils [req-c363c096-eef8-4bc2-a929-9fc1e3569c2d c7ad0dad194a43b6a4444bf63306a93a f46f5d74ff0246278e5a24c9c340ebe8 - - -] Doing AXFR for 3.example.com. from {'ip': 'aaaaaaaaa.aaaa.aa', 'port': 53}
ERROR designate.dnsutils [req-c363c096-eef8-4bc2-a929-9fc1e3569c2d c7ad0dad194a43b6a4444bf63306a93a f46f5d74ff0246278e5a24c9c340ebe8 - - -] Connection error when doing AXFR for 3.example.com. from {'ip': 'aaaaaaaaa.aaaa.aa', 'port':
53}
ERROR oslo_messaging.rpc.dispatcher [req-c363c096-eef8-4bc2-a929-9fc1e3569c2d c7ad0dad194a43b6a4444bf63306a93a f46f5d74ff0246278e5a24c9c340ebe8 - - -] Exception during message handling: unsupported operand type(s) for +: 'float' and
'Timeout'
TRACE oslo_messaging.rpc.dispatcher Traceback (most recent call last):
TRACE oslo_messaging.rpc.dispatcher File "/usr/local/lib/python2.7/dist-packages/oslo_messaging/rpc/dispatcher.py", line 142, in _dispatch_and_reply
TRACE oslo_messaging.rpc.dispatcher executor_callback))
TRACE oslo_messaging.rpc.dispatcher File "/opt/stack/designate/designate/rpc.py", line 178, in _dispatch
TRACE oslo_messaging.rpc.dispatcher return super(RPCDispatcher, self)._dispatch(*args, **kwds)
TRACE oslo_messaging.rpc.dispatcher File "/usr/local/lib/python2.7/dist-packages/oslo_messaging/rpc/dispatcher.py", line 186, in _dispatch
TRACE oslo_messaging.rpc.dispatcher executor_callback)
TRACE oslo_messaging.rpc.dispatcher File "/usr/local/lib/python2.7/dist-packages/oslo_messaging/rpc/dispatcher.py", line 130, in _do_dispatch
TRACE oslo_messaging.rpc.dispatcher result = func(ctxt, **new_args)
TRACE oslo_messaging.rpc.dispatcher File "/opt/stack/designate/designate/mdns/xfr.py", line 57, in perform_zone_xfr
TRACE oslo_messaging.rpc.dispatcher self.domain_sync(context, domain)
TRACE oslo_messaging.rpc.dispatcher File "/opt/stack/designate/designate/mdns/xfr.py", line 39, in domain_sync
TRACE oslo_messaging.rpc.dispatcher timeout=timeout)
TRACE oslo_messaging.rpc.dispatcher File "/opt/stack/designate/designate/dnsutils.py", line 310, in do_axfr
TRACE oslo_messaging.rpc.dispatcher timeout = eventlet.Timeout(timeout)
TRACE oslo_messaging.rpc.dispatcher File "/usr/local/lib/python2.7/dist-packages/eventlet/timeout.py", line 52, in __init__
TRACE oslo_messaging.rpc.dispatcher self.start()
TRACE oslo_messaging.rpc.dispatcher File "/usr/local/lib/python2.7/dist-packages/eventlet/timeout.py", line 64, in start
TRACE oslo_messaging.rpc.dispatcher self.seconds, greenlet.getcurrent().throw, self)
TRACE oslo_messaging.rpc.dispatcher File "/usr/local/lib/python2.7/dist-packages/eventlet/hubs/hub.py", line 435, in schedule_call_global
TRACE oslo_messaging.rpc.dispatcher self.add_timer(t)
TRACE oslo_messaging.rpc.dispatcher File "/usr/local/lib/python2.7/dist-packages/eventlet/hubs/hub.py", line 390, in add_timer
TRACE oslo_messaging.rpc.dispatcher scheduled_time = self.clock() + timer.seconds
TRACE oslo_messaging.rpc.dispatcher TypeError: unsupported operand type(s) for +: 'float' and 'Timeout'
TRACE oslo_messaging.rpc.dispatcher

Steps to reproduce:

token=$(keystone token-get | grep ' id ' | awk '{ print $4 }')
endpoint=http://10.43.97.3:9001
curl -H "Content-Type: application/json" -H "X-Auth-Token:${token}" -X POST ${endpoint}/v2/zones -d '{"masters": ["aaaaaaaaa.aaaa.aa", "0x41.0x41.0x41.0x41"], "type": "SECONDARY", "email": "<email address hidden>", "name": "example.com."}'; echo;

Impacts:

domain does not show in domain-list and logs get filled with:
WARNING designate.mdns.notify [req-015680e7-9a0b-4896-9f23-437f565de403 4aa88cfdd1694148a8268c10a0802fac 296096a64bbc422bb16f82c91add1e4e - - -] Failed to get expected response while trying to send 'SOA' for 'example.com.' to '10.43.97.3:53'.

This is reported as a security vulnerability because it may have other unnoticed effects, but it may very well be just a validation error without consequences.

Changed in designate:
assignee: nobody → Graham Hayes (grahamhayes)
information type: Private Security → Public
Tim Simmons (timsim) on 2015-07-22
Changed in designate:
importance: Undecided → High
status: New → Triaged
milestone: none → liberty-2
Kiall Mac Innes (kiall) wrote :
Changed in designate:
status: Triaged → In Progress
Kiall Mac Innes (kiall) on 2015-07-28
Changed in designate:
status: In Progress → Fix Committed
Thierry Carrez (ttx) on 2015-07-29
Changed in designate:
status: Fix Committed → Fix Released
Thierry Carrez (ttx) on 2015-10-15
Changed in designate:
milestone: liberty-2 → 1.0.0
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers