Fix a bug that wrongly trims domains when there is an overlap with DC name (#17160)

* Fix a bug that wrongly trims domains when there is an overlap with DC name

Before this change, when DC name and domain/alt-domain overlap, the domain name incorrectly trimmed from the query.

Example:

Given: datacenter = dc-test, alt-domain = test.consul.
Querying for "test-node.node.dc-test.consul" will faile, because the
code was trimming "test.consul" instead of just ".consul"

This change, fixes the issue by adding dot (.) before trimming

* trimDomain: ensure domain trimmed without modyfing original domains

* update changelog

---------

Co-authored-by: Dhia Ayachi <dhia@hashicorp.com>
This commit is contained in:
Alex Simenduev 2023-06-26 17:57:11 +03:00 committed by GitHub
parent ce24646d36
commit 33a2d90852
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 43 additions and 1 deletions

3
.changelog/17160.txt Normal file
View File

@ -0,0 +1,3 @@
```release-note:bug
Fix a bug that wrongly trims domains when there is an overlap with DC name.
```

View File

@ -1055,7 +1055,7 @@ func (d *DNSServer) trimDomain(query string) string {
longer, shorter = shorter, longer longer, shorter = shorter, longer
} }
if strings.HasSuffix(query, longer) { if strings.HasSuffix(query, "."+strings.TrimLeft(longer, ".")) {
return strings.TrimSuffix(query, longer) return strings.TrimSuffix(query, longer)
} }
return strings.TrimSuffix(query, shorter) return strings.TrimSuffix(query, shorter)

View File

@ -7071,6 +7071,45 @@ func TestDNS_AltDomains_Overlap(t *testing.T) {
} }
} }
func TestDNS_AltDomain_DCName_Overlap(t *testing.T) {
if testing.Short() {
t.Skip("too slow for testing.Short")
}
// this tests the DC name overlap with the consul domain/alt-domain
// we should get response when DC suffix is a prefix of consul alt-domain
t.Parallel()
a := NewTestAgent(t, `
datacenter = "dc-test"
node_name = "test-node"
alt_domain = "test.consul."
`)
defer a.Shutdown()
testrpc.WaitForLeader(t, a.RPC, "dc-test")
questions := []string{
"test-node.node.dc-test.consul.",
"test-node.node.dc-test.test.consul.",
}
for _, question := range questions {
m := new(dns.Msg)
m.SetQuestion(question, dns.TypeA)
c := new(dns.Client)
in, _, err := c.Exchange(m, a.DNSAddr())
if err != nil {
t.Fatalf("err: %v", err)
}
require.Len(t, in.Answer, 1)
aRec, ok := in.Answer[0].(*dns.A)
require.True(t, ok)
require.Equal(t, aRec.A.To4().String(), "127.0.0.1")
}
}
func TestDNS_PreparedQuery_AllowStale(t *testing.T) { func TestDNS_PreparedQuery_AllowStale(t *testing.T) {
if testing.Short() { if testing.Short() {
t.Skip("too slow for testing.Short") t.Skip("too slow for testing.Short")