[master] Merge branch 'trac3383'

Warning message added to D2 about listening outside loopback

src/bin/d2/d2_messages.mes

@@ -254,6 +254,14 @@ This is a debug message issued when the DHCP-DDNS application encountered an
 error while decoding a response to DNS Update message. Typically, this error
 will be encountered when a response message is malformed.
 
+% DHCP_DDNS_NOT_ON_LOOPBACK the DHCP-DDNS server has been configured to listen on %1 which is not the local loopback.  This is an insecure configuration supported for testing purposes only
+This is a warning message issued when the DHCP-DDNS server is configured to
+listen at an address other than the loopback address (127.0.0.1 or ::1). It is
+possible for a malicious attacker to send bogus NameChangeRequests to it and
+change entries in the DNS. For this reason, addresses other than the IPv4 or
+IPv6 loopback addresses should only be used for testing purposes. A future
+version of Kea will implement authentication to guard against such attacks.
+
 % DHCP_DDNS_NO_ELIGIBLE_JOBS although there are queued requests, there are pending transactions for each Queue count: %1  Transaction count: %2
 This is a debug message issued when all of the queued requests represent clients
 for which there is a an update already in progress.  This may occur under
@@ -290,11 +298,9 @@ requests too quickly, or perhaps upstream DNS servers are experiencing
 load issues.
 
 % DHCP_DDNS_QUEUE_MGR_RECONFIGURING application is reconfiguring the queue manager
-This is an informational message indicating that DHCP_DDNS is reconfiguring the
-queue manager as part of normal startup or in response to a new configuration.
+This is an informational message indicating that DHCP_DDNS is reconfiguring the queue manager as part of normal startup or in response to a new configuration.
 
-% DHCP_DDNS_QUEUE_MGR_RECOVERING application is attempting to recover from a
-queue manager IO error
+% DHCP_DDNS_QUEUE_MGR_RECOVERING application is attempting to recover from a queue manager IO error
 This is an informational message indicating that DHCP_DDNS is attempting to
 restart the queue manager after it suffered an IO error while receiving
 requests.

src/bin/d2/d2_process.cc

@@ -329,6 +329,13 @@ D2Process::reconfigureQueueMgr() {
         std::string ip_address;
         uint32_t port;
         getCfgMgr()->getContext()->getParam("ip_address", ip_address);
+
+        // Warn the user if the server address is not the loopback.
+        /// @todo Remove this once we provide a secure mechanism.
+        if (ip_address != "127.0.0.1" && ip_address != "::1") {
+            LOG_WARN(dctl_logger, DHCP_DDNS_NOT_ON_LOOPBACK).arg(ip_address);
+        }
+
         getCfgMgr()->getContext()->getParam("port", port);
         isc::asiolink::IOAddress addr(ip_address);
 

src/bin/d2/tests/d2_process_unittests.cc

@@ -602,4 +602,52 @@ TEST_F(D2ProcessTest, fatalErrorShutdown) {
                 elapsed.total_milliseconds() <= 2100);
 }
 
+/// @brief Used to permit visual inspection of logs to ensure
+/// DHCP_DDNS_NOT_ON_LOOPBACK is issued when ip_address is not
+/// loopback.
+TEST_F(D2ProcessTest, notLoopbackTest) {
+    const char* config = "{ "
+                        "\"interface\" : \"\" , "
+                        "\"ip_address\" : \"0.0.0.0\" , "
+                        "\"port\" : 53001, "
+                        "\"tsig_keys\": [],"
+                        "\"forward_ddns\" : {},"
+                        "\"reverse_ddns\" : {}"
+                        "}";
+
+    // Note we don't care nor can we predict if this
+    // succeeds or fails. The address and port may or may
+    // not be valid on the test host.
+    runWithConfig(config);
+}
+
+
+/// @brief Used to permit visual inspection of logs to ensure
+/// DHCP_DDNS_NOT_ON_LOOPBACK is not issued.
+TEST_F(D2ProcessTest, v4LoopbackTest) {
+    const char* config = "{ "
+                        "\"interface\" : \"\" , "
+                        "\"ip_address\" : \"127.0.0.1\" , "
+                        "\"port\" : 53001, "
+                        "\"tsig_keys\": [],"
+                        "\"forward_ddns\" : {},"
+                        "\"reverse_ddns\" : {}"
+                        "}";
+    ASSERT_TRUE(runWithConfig(config));
+}
+
+/// @brief Used to permit visual inspection of logs to ensure
+/// DHCP_DDNS_NOT_ON_LOOPBACK is not issued.
+TEST_F(D2ProcessTest, v6LoopbackTest) {
+    const char* config = "{ "
+                        "\"interface\" : \"\" , "
+                        "\"ip_address\" : \"::1\" , "
+                        "\"port\" : 53001, "
+                        "\"tsig_keys\": [],"
+                        "\"forward_ddns\" : {},"
+                        "\"reverse_ddns\" : {}"
+                        "}";
+    ASSERT_TRUE(runWithConfig(config));
+}
+
 } // end of anonymous namespace