Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-3-0]: src/dist/bind Apply patch (requested by adrianp in ticket #...
details: https://anonhg.NetBSD.org/src/rev/2f9c1a41eca2
branches: netbsd-3-0
changeset: 579390:2f9c1a41eca2
user: bouyer <bouyer%NetBSD.org@localhost>
date: Sun Mar 04 20:58:23 2007 +0000
description:
Apply patch (requested by adrianp in ticket #1675):
dist/bind/lib/dns/resolver.c patch
dist/bind/lib/dns/validator.c patch
dist/bind/lib/dns/include/dns/validator.h patch
dist/bind/version patch
Fix CVE-2007-0493 and CVE-2007-0494.
diffstat:
dist/bind/lib/dns/include/dns/validator.h | 12 ++++++-
dist/bind/lib/dns/resolver.c | 51 ++++++++++++++++++++++++++----
dist/bind/lib/dns/validator.c | 26 ++++++++++++++-
dist/bind/version | 2 +-
4 files changed, 80 insertions(+), 11 deletions(-)
diffs (272 lines):
diff -r a28b28394dd4 -r 2f9c1a41eca2 dist/bind/lib/dns/include/dns/validator.h
--- a/dist/bind/lib/dns/include/dns/validator.h Sat Mar 03 22:57:10 2007 +0000
+++ b/dist/bind/lib/dns/include/dns/validator.h Sun Mar 04 20:58:23 2007 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: validator.h,v 1.1.1.2.4.1 2007/02/10 19:20:56 tron Exp $ */
+/* $NetBSD: validator.h,v 1.1.1.2.4.2 2007/03/04 20:58:23 bouyer Exp $ */
/*
* Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
@@ -131,6 +131,7 @@
};
#define DNS_VALIDATOR_DLV 1
+#define DNS_VALIDATOR_DEFER 2
ISC_LANG_BEGINDECLS
@@ -175,6 +176,15 @@
*/
void
+dns_validator_send(dns_validator_t *validator);
+/*%<
+ * Send a deferred validation request
+ *
+ * Requires:
+ * 'validator' to points to a valid DNSSEC validator.
+ */
+
+void
dns_validator_cancel(dns_validator_t *validator);
/*
* Cancel a DNSSEC validation in progress.
diff -r a28b28394dd4 -r 2f9c1a41eca2 dist/bind/lib/dns/resolver.c
--- a/dist/bind/lib/dns/resolver.c Sat Mar 03 22:57:10 2007 +0000
+++ b/dist/bind/lib/dns/resolver.c Sun Mar 04 20:58:23 2007 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: resolver.c,v 1.1.1.2.4.2 2007/02/10 19:20:53 tron Exp $ */
+/* $NetBSD: resolver.c,v 1.1.1.2.4.3 2007/03/04 20:58:23 bouyer Exp $ */
/*
* Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
@@ -217,6 +217,11 @@
dns_name_t nsname;
dns_fetch_t * nsfetch;
dns_rdataset_t nsrrset;
+
+ /*%
+ * Number of queries that reference this context.
+ */
+ unsigned int nqueries;
};
#define FCTX_MAGIC ISC_MAGIC('F', '!', '!', '!')
@@ -350,6 +355,7 @@
dns_rdataset_t *ardataset,
isc_result_t *eresultp);
static void validated(isc_task_t *task, isc_event_t *event);
+static void maybe_destroy(fetchctx_t *fctx);
static isc_result_t
valcreate(fetchctx_t *fctx, dns_adbaddrinfo_t *addrinfo, dns_name_t *name,
@@ -368,6 +374,9 @@
valarg->fctx = fctx;
valarg->addrinfo = addrinfo;
+ if (!ISC_LIST_EMPTY(fctx->validators))
+ INSIST((valoptions & DNS_VALIDATOR_DEFER) != 0);
+
result = dns_validator_create(fctx->res->view, name, type, rdataset,
sigrdataset, fctx->rmessage,
valoptions, task, validated, valarg,
@@ -515,6 +524,9 @@
INSIST(query->tcpsocket == NULL);
+ query->fctx->nqueries--;
+ if (SHUTTINGDOWN(query->fctx))
+ maybe_destroy(query->fctx); /* Locks bucket. */
query->magic = 0;
isc_mem_put(query->mctx, query, sizeof(*query));
*queryp = NULL;
@@ -973,6 +985,8 @@
if (result != ISC_R_SUCCESS)
return (result);
+ INSIST(ISC_LIST_EMPTY(fctx->validators));
+
dns_message_reset(fctx->rmessage, DNS_MESSAGE_INTENTPARSE);
query = isc_mem_get(res->mctx, sizeof(*query));
@@ -1086,6 +1100,7 @@
}
ISC_LIST_APPEND(fctx->queries, query, link);
+ query->fctx->nqueries++;
return (ISC_R_SUCCESS);
@@ -1532,7 +1547,7 @@
want_done = ISC_TRUE;
}
} else if (SHUTTINGDOWN(fctx) && fctx->pending == 0 &&
- ISC_LIST_EMPTY(fctx->validators)) {
+ fctx->nqueries == 0 && ISC_LIST_EMPTY(fctx->validators)) {
bucketnum = fctx->bucketnum;
LOCK(&res->buckets[bucketnum].lock);
/*
@@ -2386,8 +2401,8 @@
REQUIRE(ISC_LIST_EMPTY(fctx->finds));
REQUIRE(ISC_LIST_EMPTY(fctx->altfinds));
REQUIRE(fctx->pending == 0);
+ REQUIRE(fctx->references == 0);
REQUIRE(ISC_LIST_EMPTY(fctx->validators));
- REQUIRE(fctx->references == 0);
FCTXTRACE("destroy");
@@ -2561,7 +2576,7 @@
}
if (fctx->references == 0 && fctx->pending == 0 &&
- ISC_LIST_EMPTY(fctx->validators))
+ fctx->nqueries == 0 && ISC_LIST_EMPTY(fctx->validators))
bucket_empty = fctx_destroy(fctx);
UNLOCK(&res->buckets[bucketnum].lock);
@@ -2602,6 +2617,7 @@
* pending ADB finds and no pending validations.
*/
INSIST(fctx->pending == 0);
+ INSIST(fctx->nqueries == 0);
INSIST(ISC_LIST_EMPTY(fctx->validators));
if (fctx->references == 0) {
/*
@@ -2763,6 +2779,7 @@
fctx->restarts = 0;
fctx->timeouts = 0;
fctx->attributes = 0;
+ fctx->nqueries = 0;
dns_name_init(&fctx->nsname, NULL);
fctx->nsfetch = NULL;
@@ -3085,12 +3102,21 @@
unsigned int bucketnum;
isc_boolean_t bucket_empty = ISC_FALSE;
dns_resolver_t *res = fctx->res;
+ dns_validator_t *validator;
REQUIRE(SHUTTINGDOWN(fctx));
- if (fctx->pending != 0 || !ISC_LIST_EMPTY(fctx->validators))
+ if (fctx->pending != 0 || fctx->nqueries != 0)
return;
+ for (validator = ISC_LIST_HEAD(fctx->validators);
+ validator != NULL;
+ validator = ISC_LIST_HEAD(fctx->validators)) {
+ ISC_LIST_UNLINK(fctx->validators, validator, link);
+ dns_validator_cancel(validator);
+ dns_validator_destroy(&validator);
+ }
+
bucketnum = fctx->bucketnum;
LOCK(&res->buckets[bucketnum].lock);
if (fctx->references == 0)
@@ -3221,7 +3247,9 @@
result = vevent->result;
add_bad(fctx, &addrinfo->sockaddr, result);
isc_event_free(&event);
- if (sentresponse)
+ if (!ISC_LIST_EMPTY(fctx->validators))
+ dns_validator_send(ISC_LIST_HEAD(fctx->validators));
+ else if (sentresponse)
fctx_done(fctx, result);
else
fctx_try(fctx);
@@ -3317,6 +3345,7 @@
* more rdatasets that still need to
* be validated.
*/
+ dns_validator_send(ISC_LIST_HEAD(fctx->validators));
goto cleanup_event;
}
@@ -3625,6 +3654,13 @@
rdataset,
sigrdataset,
valoptions, task);
+ /*
+ * Defer any further validations.
+ * This prevents multiple validators
+ * from manipulating fctx->rmessage
+ * simultaniously.
+ */
+ valoptions |= DNS_VALIDATOR_DEFER;
}
} else if (CHAINING(rdataset)) {
if (rdataset->type == dns_rdatatype_cname)
@@ -6348,7 +6384,8 @@
/*
* No one cares about the result of this fetch anymore.
*/
- if (fctx->pending == 0 && ISC_LIST_EMPTY(fctx->validators) &&
+ if (fctx->pending == 0 && fctx->nqueries == 0 &&
+ ISC_LIST_EMPTY(fctx->validators) &&
SHUTTINGDOWN(fctx)) {
/*
* This fctx is already shutdown; we were just
diff -r a28b28394dd4 -r 2f9c1a41eca2 dist/bind/lib/dns/validator.c
--- a/dist/bind/lib/dns/validator.c Sat Mar 03 22:57:10 2007 +0000
+++ b/dist/bind/lib/dns/validator.c Sun Mar 04 20:58:23 2007 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: validator.c,v 1.2.4.1 2007/02/10 19:20:53 tron Exp $ */
+/* $NetBSD: validator.c,v 1.2.4.2 2007/03/04 20:58:23 bouyer Exp $ */
/*
* Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
@@ -2634,7 +2634,8 @@
ISC_LINK_INIT(val, link);
val->magic = VALIDATOR_MAGIC;
- isc_task_send(task, ISC_EVENT_PTR(&event));
+ if ((options & DNS_VALIDATOR_DEFER) == 0)
+ isc_task_send(task, ISC_EVENT_PTR(&event));
*validatorp = val;
@@ -2652,6 +2653,21 @@
}
void
+dns_validator_send(dns_validator_t *validator) {
+ isc_event_t *event;
+ REQUIRE(VALID_VALIDATOR(validator));
+
+ LOCK(&validator->lock);
+
+ INSIST((validator->options & DNS_VALIDATOR_DEFER) != 0);
+ event = (isc_event_t *)validator->event;
+ validator->options &= ~DNS_VALIDATOR_DEFER;
+ UNLOCK(&validator->lock);
+
+ isc_task_send(validator->task, ISC_EVENT_PTR(&event));
+}
+
+void
dns_validator_cancel(dns_validator_t *validator) {
REQUIRE(VALID_VALIDATOR(validator));
@@ -2665,6 +2681,12 @@
if (validator->subvalidator != NULL)
dns_validator_cancel(validator->subvalidator);
+ if ((validator->options & DNS_VALIDATOR_DEFER) != 0) {
+ isc_task_t *task = validator->event->ev_sender;
+ validator->options &= ~DNS_VALIDATOR_DEFER;
+ isc_event_free((isc_event_t **)&validator->event);
+ isc_task_detach(&task);
+ }
}
UNLOCK(&validator->lock);
}
diff -r a28b28394dd4 -r 2f9c1a41eca2 dist/bind/version
--- a/dist/bind/version Sat Mar 03 22:57:10 2007 +0000
+++ b/dist/bind/version Sun Mar 04 20:58:23 2007 +0000
@@ -7,4 +7,4 @@
MINORVER=3
PATCHVER=2
RELEASETYPE=
-RELEASEVER=
+RELEASEVER=nb1
Home |
Main Index |
Thread Index |
Old Index