Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/external/bsd/bind/dist Import bind 9.10.4-P6



details:   https://anonhg.NetBSD.org/src/rev/f7921e96407f
branches:  trunk
changeset: 351289:f7921e96407f
user:      christos <christos%NetBSD.org@localhost>
date:      Thu Feb 09 00:18:48 2017 +0000

description:
Import bind 9.10.4-P6

diffstat:

 external/bsd/bind/dist/bin/tests/system/dname/ans3/ans.pl |   95 ++++++++++++++
 external/bsd/bind/dist/bin/tests/system/dname/ns1/root.db |    5 +-
 external/bsd/bind/dist/bin/tests/system/dname/tests.sh    |   25 +++-
 external/bsd/bind/dist/doc/arm/Bv9ARM.ch01.html           |    2 +-
 external/bsd/bind/dist/doc/arm/Bv9ARM.ch02.html           |    2 +-
 external/bsd/bind/dist/doc/arm/Bv9ARM.ch03.html           |    2 +-
 external/bsd/bind/dist/doc/arm/Bv9ARM.ch05.html           |    2 +-
 external/bsd/bind/dist/doc/arm/Bv9ARM.ch10.html           |    2 +-
 external/bsd/bind/dist/doc/arm/Bv9ARM.ch11.html           |    2 +-
 external/bsd/bind/dist/doc/arm/Bv9ARM.ch12.html           |    2 +-
 external/bsd/bind/dist/doc/arm/Bv9ARM.ch13.html           |    2 +-
 external/bsd/bind/dist/doc/arm/man.lwresd.html            |    2 +-
 external/bsd/bind/dist/doc/arm/man.named.conf.html        |    2 +-
 external/bsd/bind/dist/doc/arm/notes.html                 |   65 ++++++--
 external/bsd/bind/dist/doc/arm/notes.pdf                  |  Bin 
 external/bsd/bind/dist/doc/arm/notes.xml                  |   68 ++++++---
 16 files changed, 223 insertions(+), 55 deletions(-)

diffs (truncated from 501 to 300 lines):

diff -r e7ea8d956ccd -r f7921e96407f external/bsd/bind/dist/bin/tests/system/dname/ans3/ans.pl
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/external/bsd/bind/dist/bin/tests/system/dname/ans3/ans.pl Thu Feb 09 00:18:48 2017 +0000
@@ -0,0 +1,95 @@
+#!/usr/bin/env perl
+#
+# Copyright (C) 2014-2016  Internet Systems Consortium, Inc. ("ISC")
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+use strict;
+use warnings;
+
+use IO::File;
+use Getopt::Long;
+use Net::DNS::Nameserver;
+
+my $pidf = new IO::File "ans.pid", "w" or die "cannot open pid file: $!";
+print $pidf "$$\n" or die "cannot write pid file: $!";
+$pidf->close or die "cannot close pid file: $!";
+sub rmpid { unlink "ans.pid"; exit 1; };
+
+$SIG{INT} = \&rmpid;
+$SIG{TERM} = \&rmpid;
+
+my $localaddr = "10.53.0.3";
+my $localport = 5300;
+my $verbose = 0;
+my $ttl = 60;
+my $zone = "example.broken";
+my $nsname = "ns3.$zone";
+my $synth = "synth-then-dname.$zone";
+my $synth2 = "synth2-then-dname.$zone";
+
+sub reply_handler {
+    my ($qname, $qclass, $qtype, $peerhost, $query, $conn) = @_;
+    my ($rcode, @ans, @auth, @add);
+
+    print ("request: $qname/$qtype\n");
+    STDOUT->flush();
+
+    if ($qname eq "example.broken") {
+        if ($qtype eq "SOA") {
+           my $rr = new Net::DNS::RR("$qname $ttl $qclass SOA . . 0 0 0 0 0");
+           push @ans, $rr;
+        } elsif ($qtype eq "NS") {
+           my $rr = new Net::DNS::RR("$qname $ttl $qclass NS $nsname");
+           push @ans, $rr;
+           $rr = new Net::DNS::RR("$nsname $ttl $qclass A $localaddr");
+           push @add, $rr;
+        }
+        $rcode = "NOERROR";
+    } elsif ($qname eq "cname-to-$synth2") {
+        my $rr = new Net::DNS::RR("$qname $ttl $qclass CNAME name.$synth2");
+       push @ans, $rr;
+        $rr = new Net::DNS::RR("name.$synth2 $ttl $qclass CNAME name");
+       push @ans, $rr;
+        $rr = new Net::DNS::RR("$synth2 $ttl $qclass DNAME .");
+       push @ans, $rr;
+       $rcode = "NOERROR";
+    } elsif ($qname eq "$synth" || $qname eq "$synth2") {
+       if ($qtype eq "DNAME") {
+           my $rr = new Net::DNS::RR("$qname $ttl $qclass DNAME .");
+           push @ans, $rr;
+       }
+       $rcode = "NOERROR";
+    } elsif ($qname eq "name.$synth") {
+       my $rr = new Net::DNS::RR("$qname $ttl $qclass CNAME name.");
+       push @ans, $rr;
+       $rr = new Net::DNS::RR("$synth $ttl $qclass DNAME .");
+       push @ans, $rr;
+       $rcode = "NOERROR";
+    } elsif ($qname eq "name.$synth2") {
+       my $rr = new Net::DNS::RR("$qname $ttl $qclass CNAME name.");
+       push @ans, $rr;
+       $rr = new Net::DNS::RR("$synth2 $ttl $qclass DNAME .");
+       push @ans, $rr;
+       $rcode = "NOERROR";
+    } else {
+       $rcode = "REFUSED";
+    }
+    return ($rcode, \@ans, \@auth, \@add, { aa => 1 });
+}
+
+GetOptions(
+    'port=i' => \$localport,
+    'verbose!' => \$verbose,
+);
+
+my $ns = Net::DNS::Nameserver->new(
+    LocalAddr => $localaddr,
+    LocalPort => $localport,
+    ReplyHandler => \&reply_handler,
+    Verbose => $verbose,
+);
+
+$ns->main_loop;
diff -r e7ea8d956ccd -r f7921e96407f external/bsd/bind/dist/bin/tests/system/dname/ns1/root.db
--- a/external/bsd/bind/dist/bin/tests/system/dname/ns1/root.db Wed Feb 08 23:26:24 2017 +0000
+++ b/external/bsd/bind/dist/bin/tests/system/dname/ns1/root.db Thu Feb 09 00:18:48 2017 +0000
@@ -12,8 +12,6 @@
 ; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
 ; PERFORMANCE OF THIS SOFTWARE.
 
-; Id: root.db,v 1.2 2011/03/18 21:14:19 fdupont Exp 
-
 $TTL 300
 .                      IN SOA  gson.nominum.com. a.root.servers.nil. (
                                2000042100      ; serial
@@ -27,3 +25,6 @@
 
 example.               NS      ns2.example.
 ns2.example.           A       10.53.0.2
+
+example.broken.                NS      ns3.example.broken.
+ns3.example.broken.    A       10.53.0.3
diff -r e7ea8d956ccd -r f7921e96407f external/bsd/bind/dist/bin/tests/system/dname/tests.sh
--- a/external/bsd/bind/dist/bin/tests/system/dname/tests.sh    Wed Feb 08 23:26:24 2017 +0000
+++ b/external/bsd/bind/dist/bin/tests/system/dname/tests.sh    Thu Feb 09 00:18:48 2017 +0000
@@ -20,6 +20,7 @@
 . $SYSTEMTESTTOP/conf.sh
 
 status=0
+n=0
 
 echo "I:checking short dname from authoritative"
 ret=0
@@ -81,6 +82,26 @@
 if [ $ret != 0 ]; then echo "I:failed"; fi
 status=`expr $status + $ret`
 
-echo "I:exit status: $status"
+n=`expr $n + 1`
+echo "I:checking dname is returned with synthesized cname before dname ($n)"
+ret=0
+$DIG @10.53.0.4 -p 5300 name.synth-then-dname.example.broken A > dig.out.test$n
+grep "status: NXDOMAIN" dig.out.test$n > /dev/null || ret=1
+grep '^name.synth-then-dname\.example\.broken\..*CNAME.*name.$' dig.out.test$n > /dev/null || ret=1
+grep '^synth-then-dname\.example\.broken\..*DNAME.*\.$' dig.out.test$n > /dev/null || ret=1
+if [ $ret != 0 ]; then echo "I:failed"; fi
+status=`expr $status + $ret`
 
-exit $status
+n=`expr $n + 1`
+echo "I:checking dname is returned with cname to synthesized cname before dname ($n)"
+ret=0
+$DIG @10.53.0.4 -p 5300 cname-to-synth2-then-dname.example.broken A > dig.out.test$n
+grep "status: NXDOMAIN" dig.out.test$n > /dev/null || ret=1
+grep '^cname-to-synth2-then-dname\.example\.broken\..*CNAME.*name\.synth2-then-dname\.example\.broken.$' dig.out.test$n > /dev/null || ret=1
+grep '^name\.synth2-then-dname\.example\.broken\..*CNAME.*name.$' dig.out.test$n > /dev/null || ret=1
+grep '^synth2-then-dname\.example\.broken\..*DNAME.*\.$' dig.out.test$n > /dev/null || ret=1
+if [ $ret != 0 ]; then echo "I:failed"; fi
+status=`expr $status + $ret`
+
+echo "I:exit status: $status"
+[ $status -eq 0 ] || exit 1
diff -r e7ea8d956ccd -r f7921e96407f external/bsd/bind/dist/doc/arm/Bv9ARM.ch01.html
--- a/external/bsd/bind/dist/doc/arm/Bv9ARM.ch01.html   Wed Feb 08 23:26:24 2017 +0000
+++ b/external/bsd/bind/dist/doc/arm/Bv9ARM.ch01.html   Thu Feb 09 00:18:48 2017 +0000
@@ -555,6 +555,6 @@
 </tr>
 </table>
 </div>
-<p xmlns:db="http://docbook.org/ns/docbook"; style="text-align: center;">BIND 9.10.4-P5</p>
+<p xmlns:db="http://docbook.org/ns/docbook"; style="text-align: center;">BIND 9.10.4-P6</p>
 </body>
 </html>
diff -r e7ea8d956ccd -r f7921e96407f external/bsd/bind/dist/doc/arm/Bv9ARM.ch02.html
--- a/external/bsd/bind/dist/doc/arm/Bv9ARM.ch02.html   Wed Feb 08 23:26:24 2017 +0000
+++ b/external/bsd/bind/dist/doc/arm/Bv9ARM.ch02.html   Thu Feb 09 00:18:48 2017 +0000
@@ -153,6 +153,6 @@
 </tr>
 </table>
 </div>
-<p xmlns:db="http://docbook.org/ns/docbook"; style="text-align: center;">BIND 9.10.4-P5</p>
+<p xmlns:db="http://docbook.org/ns/docbook"; style="text-align: center;">BIND 9.10.4-P6</p>
 </body>
 </html>
diff -r e7ea8d956ccd -r f7921e96407f external/bsd/bind/dist/doc/arm/Bv9ARM.ch03.html
--- a/external/bsd/bind/dist/doc/arm/Bv9ARM.ch03.html   Wed Feb 08 23:26:24 2017 +0000
+++ b/external/bsd/bind/dist/doc/arm/Bv9ARM.ch03.html   Thu Feb 09 00:18:48 2017 +0000
@@ -669,6 +669,6 @@
 </tr>
 </table>
 </div>
-<p xmlns:db="http://docbook.org/ns/docbook"; style="text-align: center;">BIND 9.10.4-P5</p>
+<p xmlns:db="http://docbook.org/ns/docbook"; style="text-align: center;">BIND 9.10.4-P6</p>
 </body>
 </html>
diff -r e7ea8d956ccd -r f7921e96407f external/bsd/bind/dist/doc/arm/Bv9ARM.ch05.html
--- a/external/bsd/bind/dist/doc/arm/Bv9ARM.ch05.html   Wed Feb 08 23:26:24 2017 +0000
+++ b/external/bsd/bind/dist/doc/arm/Bv9ARM.ch05.html   Thu Feb 09 00:18:48 2017 +0000
@@ -138,6 +138,6 @@
 </tr>
 </table>
 </div>
-<p xmlns:db="http://docbook.org/ns/docbook"; style="text-align: center;">BIND 9.10.4-P5</p>
+<p xmlns:db="http://docbook.org/ns/docbook"; style="text-align: center;">BIND 9.10.4-P6</p>
 </body>
 </html>
diff -r e7ea8d956ccd -r f7921e96407f external/bsd/bind/dist/doc/arm/Bv9ARM.ch10.html
--- a/external/bsd/bind/dist/doc/arm/Bv9ARM.ch10.html   Wed Feb 08 23:26:24 2017 +0000
+++ b/external/bsd/bind/dist/doc/arm/Bv9ARM.ch10.html   Thu Feb 09 00:18:48 2017 +0000
@@ -155,6 +155,6 @@
 </tr>
 </table>
 </div>
-<p xmlns:db="http://docbook.org/ns/docbook"; style="text-align: center;">BIND 9.10.4-P5</p>
+<p xmlns:db="http://docbook.org/ns/docbook"; style="text-align: center;">BIND 9.10.4-P6</p>
 </body>
 </html>
diff -r e7ea8d956ccd -r f7921e96407f external/bsd/bind/dist/doc/arm/Bv9ARM.ch11.html
--- a/external/bsd/bind/dist/doc/arm/Bv9ARM.ch11.html   Wed Feb 08 23:26:24 2017 +0000
+++ b/external/bsd/bind/dist/doc/arm/Bv9ARM.ch11.html   Thu Feb 09 00:18:48 2017 +0000
@@ -497,6 +497,6 @@
 </tr>
 </table>
 </div>
-<p xmlns:db="http://docbook.org/ns/docbook"; style="text-align: center;">BIND 9.10.4-P5</p>
+<p xmlns:db="http://docbook.org/ns/docbook"; style="text-align: center;">BIND 9.10.4-P6</p>
 </body>
 </html>
diff -r e7ea8d956ccd -r f7921e96407f external/bsd/bind/dist/doc/arm/Bv9ARM.ch12.html
--- a/external/bsd/bind/dist/doc/arm/Bv9ARM.ch12.html   Wed Feb 08 23:26:24 2017 +0000
+++ b/external/bsd/bind/dist/doc/arm/Bv9ARM.ch12.html   Thu Feb 09 00:18:48 2017 +0000
@@ -543,6 +543,6 @@
 </tr>
 </table>
 </div>
-<p xmlns:db="http://docbook.org/ns/docbook"; style="text-align: center;">BIND 9.10.4-P5</p>
+<p xmlns:db="http://docbook.org/ns/docbook"; style="text-align: center;">BIND 9.10.4-P6</p>
 </body>
 </html>
diff -r e7ea8d956ccd -r f7921e96407f external/bsd/bind/dist/doc/arm/Bv9ARM.ch13.html
--- a/external/bsd/bind/dist/doc/arm/Bv9ARM.ch13.html   Wed Feb 08 23:26:24 2017 +0000
+++ b/external/bsd/bind/dist/doc/arm/Bv9ARM.ch13.html   Thu Feb 09 00:18:48 2017 +0000
@@ -154,6 +154,6 @@
 </tr>
 </table>
 </div>
-<p xmlns:db="http://docbook.org/ns/docbook"; style="text-align: center;">BIND 9.10.4-P5</p>
+<p xmlns:db="http://docbook.org/ns/docbook"; style="text-align: center;">BIND 9.10.4-P6</p>
 </body>
 </html>
diff -r e7ea8d956ccd -r f7921e96407f external/bsd/bind/dist/doc/arm/man.lwresd.html
--- a/external/bsd/bind/dist/doc/arm/man.lwresd.html    Wed Feb 08 23:26:24 2017 +0000
+++ b/external/bsd/bind/dist/doc/arm/man.lwresd.html    Thu Feb 09 00:18:48 2017 +0000
@@ -253,6 +253,6 @@
 </tr>
 </table>
 </div>
-<p xmlns:db="http://docbook.org/ns/docbook"; style="text-align: center;">BIND 9.10.4-P5</p>
+<p xmlns:db="http://docbook.org/ns/docbook"; style="text-align: center;">BIND 9.10.4-P6</p>
 </body>
 </html>
diff -r e7ea8d956ccd -r f7921e96407f external/bsd/bind/dist/doc/arm/man.named.conf.html
--- a/external/bsd/bind/dist/doc/arm/man.named.conf.html        Wed Feb 08 23:26:24 2017 +0000
+++ b/external/bsd/bind/dist/doc/arm/man.named.conf.html        Thu Feb 09 00:18:48 2017 +0000
@@ -676,6 +676,6 @@
 </tr>
 </table>
 </div>
-<p xmlns:db="http://docbook.org/ns/docbook"; style="text-align: center;">BIND 9.10.4-P5</p>
+<p xmlns:db="http://docbook.org/ns/docbook"; style="text-align: center;">BIND 9.10.4-P6</p>
 </body>
 </html>
diff -r e7ea8d956ccd -r f7921e96407f external/bsd/bind/dist/doc/arm/notes.html
--- a/external/bsd/bind/dist/doc/arm/notes.html Wed Feb 08 23:26:24 2017 +0000
+++ b/external/bsd/bind/dist/doc/arm/notes.html Thu Feb 09 00:18:48 2017 +0000
@@ -21,7 +21,7 @@
 </head>
 <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="article"><div class="section">
 <div class="titlepage"><div><div><h2 class="title" style="clear: both">
-<a name="id-1.2"></a>Release Notes for BIND Version 9.10.4-P5</h2></div></div></div>
+<a name="id-1.2"></a>Release Notes for BIND Version 9.10.4-P6</h2></div></div></div>
 <div class="section">
 <div class="titlepage"><div><div><h3 class="title">
 <a name="relnotes_intro"></a>Introduction</h3></div></div></div>
@@ -29,8 +29,13 @@
       This document summarizes changes since BIND 9.10.4:
     </p>
 <p>
+      BIND 9.10.4-P6 addresses the security issue described in
+      CVE-2017-3135, and fixes a regression introduced in a prior
+      security release.
+    </p>
+<p>
       BIND 9.10.4-P5 addresses the security issues described in
-      CVE-2016-9131, CVE-2016-9147 and CVE-2016-9444.
+      CVE-2016-9131, CVE-2016-9147, CVE-2016-9444 and CVE-2016-9778.
     </p>
 <p>
       BIND 9.10.4-P4 addresses the security issue described in
@@ -68,24 +73,33 @@
 <a name="relnotes_security"></a>Security Fixes</h3></div></div></div>
 <div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
 <li class="listitem"><p>
-         Named could mishandle authority sections that were missing



Home | Main Index | Thread Index | Old Index