Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-1-6]: src/dist/bind/bin/named Pull up revision 1.5 (requested by ...
details: https://anonhg.NetBSD.org/src/rev/72fa6442ae36
branches: netbsd-1-6
changeset: 528137:72fa6442ae36
user: lukem <lukem%NetBSD.org@localhost>
date: Fri Jun 28 11:32:10 2002 +0000
description:
Pull up revision 1.5 (requested by itojun in ticket #387):
Update to BIND 8.3.3. Fixes buffer overrun in resolver code.
diffstat:
dist/bind/bin/named/ns_forw.c | 212 +++++++++++++++++++++++++----------------
1 files changed, 127 insertions(+), 85 deletions(-)
diffs (truncated from 449 to 300 lines):
diff -r ec42c92d8773 -r 72fa6442ae36 dist/bind/bin/named/ns_forw.c
--- a/dist/bind/bin/named/ns_forw.c Fri Jun 28 11:31:51 2002 +0000
+++ b/dist/bind/bin/named/ns_forw.c Fri Jun 28 11:32:10 2002 +0000
@@ -1,8 +1,8 @@
-/* $NetBSD: ns_forw.c,v 1.4 2001/01/27 07:21:59 itojun Exp $ */
+/* $NetBSD: ns_forw.c,v 1.4.2.1 2002/06/28 11:32:10 lukem Exp $ */
#if !defined(lint) && !defined(SABER)
static const char sccsid[] = "@(#)ns_forw.c 4.32 (Berkeley) 3/3/91";
-static const char rcsid[] = "Id: ns_forw.c,v 8.78 2000/12/23 08:14:37 vixie Exp";
+static const char rcsid[] = "Id: ns_forw.c,v 8.91 2002/05/24 03:04:57 marka Exp";
#endif /* not lint */
/*
@@ -135,10 +135,10 @@
HEADER *hp;
u_int16_t id;
int sendto_errno = 0;
- int n, has_tsig, oldqlen;
- u_char *oldqbuf;
- u_char *smsg;
- int smsglen, smsgsize, siglen;
+ int n, has_tsig, oldqlen = 0;
+ u_char *oldqbuf = NULL;
+ u_char *smsg = NULL;
+ int smsglen, smsgsize = 0, siglen;
u_char sig[TSIG_SIG_SIZE];
DST_KEY *key;
@@ -227,39 +227,50 @@
if (debug >= 10)
res_pquery(&res, msg, msglen, log_get_stream(packet_channel));
#endif
- key = tsig_key_from_addr(nsa->sin_addr);
- if (key != NULL) {
- smsgsize = qp->q_msglen + TSIG_BUF_SIZE;
+ key = qp->q_keys[0];
+ if (key == NULL)
+ key = qp->q_keys[0] = tsig_key_from_addr(nsa->sin_addr);
+ if (key != NULL || !qp->q_addr[0].noedns) {
+ smsgsize = qp->q_msglen + TSIG_BUF_SIZE + 11;
smsg = memget(smsgsize);
if (smsg == NULL)
ns_panic(ns_log_default, 1, "ns_forw: memget failed");
smsglen = qp->q_msglen;
siglen = sizeof(sig);
memcpy(smsg, qp->q_msg, qp->q_msglen);
+ }
+
+ if (!qp->q_addr[0].noedns)
+ smsglen += ns_add_opt(smsg, smsg + smsglen, smsgsize, 0, 0,
+ EDNS_MESSAGE_SZ, 0, NULL, 0);
+
+ if (key != NULL) {
n = ns_sign(smsg, &smsglen, smsgsize, NOERROR, key, NULL, 0,
sig, &siglen, 0);
if (n == 0) {
- oldqbuf = qp->q_msg;
- oldqlen = qp->q_msglen;
- qp->q_msglen = smsglen;
- qp->q_msg = smsg;
- hp = (HEADER *) qp->q_msg;
has_tsig = 1;
+ free_tsig(qp->q_nstsig);
qp->q_nstsig = new_tsig(key, sig, siglen);
- }
- else {
+ } else {
has_tsig = 0;
free_tsig(qp->q_nstsig);
qp->q_nstsig = NULL;
INSIST(0);
}
- }
- else {
+ } else {
has_tsig = 0;
free_tsig(qp->q_nstsig);
qp->q_nstsig = NULL;
}
+ if (smsg != NULL) {
+ oldqbuf = qp->q_msg;
+ oldqlen = qp->q_msglen;
+ qp->q_msglen = smsglen;
+ qp->q_msg = smsg;
+ hp = (HEADER *) qp->q_msg;
+ }
+
if (qp->q_flags & Q_USEVC) {
if (tcp_send(qp) != NOERROR) {
if (!haveComplained(ina_ulong(nsa->sin_addr),
@@ -271,15 +282,16 @@
} else if (sendto(ds, (char *)qp->q_msg, qp->q_msglen, 0,
(struct sockaddr *)nsa,
sizeof(struct sockaddr_in)) < 0) {
- sendto_errno = errno;
+ sendto_errno = errno;
if (!haveComplained(ina_ulong(nsa->sin_addr),
(u_long)sendtoStr))
ns_info(ns_log_default, "ns_forw: sendto(%s): %s",
sin_ntoa(*nsa), strerror(errno));
nameserIncr(nsa->sin_addr, nssSendtoErr);
}
- if (has_tsig == 1) {
- memput(qp->q_msg, smsgsize);
+
+ if (smsgsize != 0) {
+ memput(smsg, smsgsize);
qp->q_msg = oldqbuf;
qp->q_msglen = oldqlen;
hp = (HEADER *) qp->q_msg;
@@ -457,9 +469,10 @@
const char *fname;
int oldn, naddr, class, found_arr, potential_ns, lame_ns;
time_t curtime;
+ int found_auth6;
- ns_debug(ns_log_default, 3, "nslookup(nsp=%p, qp=%p, \"%s\")",
- nsp, qp, syslogdname);
+ ns_debug(ns_log_default, 3, "nslookup(nsp=%p, qp=%p, \"%s\", d=%d)",
+ nsp, qp, syslogdname, qp->q_distance);
lame_ns = potential_ns = 0;
naddr = n = qp->q_naddr;
@@ -493,19 +506,17 @@
}
}
+ found_arr = 0;
+ found_auth6 = 0;
tmphtp = ((nsdp->d_flags & DB_F_HINT) ?fcachetab :hashtab);
np = nlookup(dname, &tmphtp, &fname, 0);
if (np == NULL) {
ns_debug(ns_log_default, 3, "%s: not found %s %p",
dname, fname, np);
- found_arr = 0;
goto need_sysquery;
}
- if (fname != dname) {
- found_arr = 0;
+ if (fname != dname)
goto need_sysquery;
- }
- found_arr = 0;
oldn = n;
/* look for name server addresses */
@@ -522,6 +533,15 @@
complaint, dname, dp, nsdp);
goto skipserver;
}
+ if (dp->d_rcode == NXDOMAIN && dp->d_class == class)
+ goto skipserver;
+ if (dp->d_class == class &&
+ (dp->d_type == T_AAAA || dp->d_type == ns_t_a6) &&
+ (zones[dp->d_zone].z_type == z_master ||
+ zones[dp->d_zone].z_type == z_slave)) {
+ found_auth6++;
+ continue;
+ }
if (dp->d_type != T_A || dp->d_class != class)
continue;
if (dp->d_rcode) {
@@ -589,9 +609,16 @@
qs->ns_addr.sin_family = AF_INET;
qs->ns_addr.sin_port = ns_port;
qs->ns_addr.sin_addr = nsa;
+ qp->q_keys[n] = NULL;
qs->ns = nsdp;
qs->nsdata = dp;
qs->forwarder = 0;
+ qs->noedns = dp->d_noedns;
+ if (!qs->noedns) {
+ server_info si = find_server(nsa);
+ if (si && (si->flags & SERVER_INFO_EDNS) == 0)
+ qs->noedns = 1;
+ }
qs->nretry = 0;
/*
* If this A RR has no RTT, initialize its RTT to a
@@ -617,7 +644,8 @@
* gdonl mar96
*/
if (aIsUs(nsa)) {
- static char *complaint = "contains our address";
+ static const char *complaint =
+ "contains our address";
nslookupComplain(sysloginfo, syslogdname,
complaint, dname, dp, nsdp);
continue;
@@ -634,7 +662,7 @@
if (memcmp(&qp->q_from, &qs->ns_addr,
sizeof(qp->q_from)) == 0)
{
- static char *complaint = "forwarding loop";
+ static const char *complaint = "forwarding loop";
nslookupComplain(sysloginfo, syslogdname,
complaint, dname, dp, nsdp);
continue;
@@ -668,11 +696,12 @@
}
ns_debug(ns_log_default, 8, "nslookup: %d ns addrs", n);
need_sysquery:
- if (found_arr == 0) {
+ if (found_arr == 0 && found_auth6 == 0) {
potential_ns++;
- if (!(qp->q_flags & Q_SYSTEM))
- (void) sysquery(dname, class, T_A, NULL, 0,
- ns_port, QUERY);
+ if (qp->q_distance < NS_MAX_DISTANCE)
+ (void) sysquery(dname, class, T_A, NULL, NULL,
+ 0, ns_port, QUERY,
+ qp->q_distance + 1);
}
skipserver:
(void)NULL;
@@ -680,7 +709,7 @@
ns_debug(ns_log_default, 3, "nslookup: %d ns addrs total", n);
qp->q_naddr = n;
if (n == 0 && potential_ns == 0 && !NS_ZFWDTAB(qp->q_fzone)) {
- static char *complaint = "No possible A RRs";
+ static const char *complaint = "No possible A RRs";
if (lame_ns != 0)
complaint = "All possible A RR's lame";
if (sysloginfo && syslogdname &&
@@ -786,7 +815,7 @@
strcpy(t, inet_ntoa(qs1->ns_addr.sin_addr));
ns_debug(ns_log_default, 10,
- "qcomp(%s, %s) %lu (%lu) - %lu (%lu) = %lu",
+ "qcomp(%s, %s) %u (%u) - %u (%u) = %u",
t, inet_ntoa(qs2->ns_addr.sin_addr),
rtt1, rttr1, rtt2, rttr2, rtt1 - rtt2);
}
@@ -887,22 +916,28 @@
void
retrytimer(evContext ctx, void *uap, struct timespec due,
struct timespec ival) {
+
+ UNUSED(ctx);
+ UNUSED(uap);
+ UNUSED(due);
+ UNUSED(ival);
+
retry_timer_set = 0;
- retry(retryqp);
+ retry(retryqp, 0);
}
/*
* Retry is called to retransmit query 'qp'.
*/
void
-retry(struct qinfo *qp) {
- int n, has_tsig, oldqlen;
+retry(struct qinfo *qp, int samehost) {
+ int n, has_tsig, oldqlen = 0;
HEADER *hp;
struct sockaddr_in *nsa;
int sendto_errno = 0;
- u_char *oldqbuf;
- u_char *smsg;
- int smsglen, smsgsize, siglen;
+ u_char *oldqbuf = NULL;
+ u_char *smsg = NULL;
+ int smsglen, smsgsize = 0, siglen;
u_char sig[TSIG_SIG_SIZE];
DST_KEY *key;
@@ -925,7 +960,15 @@
/* Try next address. */
n = qp->q_curaddr;
+ if (samehost) {
+ qp->q_addr[n].nretry++;
+ if (qp->q_addr[n].nretry < MAXRETRY)
+ goto found;
+ qp->q_addr[n].nretry--;
+ }
+
if (qp->q_naddr > 0) {
+ qp->q_addr[n].noedns = 1;
++qp->q_addr[n].nretry;
do {
if (++n >= (int)qp->q_naddr)
@@ -972,7 +1015,7 @@
}
ns_debug(ns_log_default, 5, "give up");
if ((qp->q_flags & Q_SYSTEM) == 0) {
- n = ((HEADER *)qp->q_cmsg ? qp->q_cmsglen : qp->q_msglen);
+ n = (qp->q_cmsg ? qp->q_cmsglen : qp->q_msglen);
hp->id = qp->q_id;
hp->qr = 1;
hp->ra = (NS_OPTION_P(OPTION_NORECURSE) == 0);
@@ -1017,24 +1060,29 @@
res_pquery(&res, qp->q_msg, qp->q_msglen,
log_get_stream(packet_channel));
#endif
- key = tsig_key_from_addr(nsa->sin_addr);
Home |
Main Index |
Thread Index |
Old Index