From owner-svn-src-vendor@FreeBSD.ORG Fri Jan 9 09:04:11 2009 Return-Path: Delivered-To: svn-src-vendor@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 622DD10656F7; Fri, 9 Jan 2009 09:04:11 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 4EEF18FC14; Fri, 9 Jan 2009 09:04:11 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n0994BV6047824; Fri, 9 Jan 2009 09:04:11 GMT (envelope-from dougb@svn.freebsd.org) Received: (from dougb@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n0994Axk047818; Fri, 9 Jan 2009 09:04:10 GMT (envelope-from dougb@svn.freebsd.org) Message-Id: <200901090904.n0994Axk047818@svn.freebsd.org> From: Doug Barton Date: Fri, 9 Jan 2009 09:04:10 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-vendor@freebsd.org X-SVN-Group: vendor MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r186926 - in vendor/bind9/dist: . lib/dns lib/isc/unix X-BeenThere: svn-src-vendor@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the vendor work area tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Jan 2009 09:04:12 -0000 Author: dougb Date: Fri Jan 9 09:04:10 2009 New Revision: 186926 URL: http://svn.freebsd.org/changeset/base/186926 Log: Vendor import of BIND 9.4.3-P1 Modified: vendor/bind9/dist/CHANGES vendor/bind9/dist/lib/dns/api vendor/bind9/dist/lib/dns/openssldsa_link.c vendor/bind9/dist/lib/dns/opensslrsa_link.c vendor/bind9/dist/lib/isc/unix/socket.c vendor/bind9/dist/version Modified: vendor/bind9/dist/CHANGES ============================================================================== --- vendor/bind9/dist/CHANGES Fri Jan 9 07:27:08 2009 (r186925) +++ vendor/bind9/dist/CHANGES Fri Jan 9 09:04:10 2009 (r186926) @@ -1,3 +1,11 @@ + --- 9.4.3-P1 released --- + +2522. [security] Handle -1 from DSA_do_verify(). + +2498. [bug] Removed a bogus function argument used with + ISC_SOCKET_USE_POLLWATCH: it could cause compiler + warning or crash named with the debug 1 level + of logging. [RT #18917] --- 9.4.3 released --- Modified: vendor/bind9/dist/lib/dns/api ============================================================================== --- vendor/bind9/dist/lib/dns/api Fri Jan 9 07:27:08 2009 (r186925) +++ vendor/bind9/dist/lib/dns/api Fri Jan 9 09:04:10 2009 (r186926) @@ -1,3 +1,3 @@ LIBINTERFACE = 36 -LIBREVISION = 1 +LIBREVISION = 2 LIBAGE = 0 Modified: vendor/bind9/dist/lib/dns/openssldsa_link.c ============================================================================== --- vendor/bind9/dist/lib/dns/openssldsa_link.c Fri Jan 9 07:27:08 2009 (r186925) +++ vendor/bind9/dist/lib/dns/openssldsa_link.c Fri Jan 9 09:04:10 2009 (r186926) @@ -16,7 +16,7 @@ * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: openssldsa_link.c,v 1.1.6.9 2007/08/28 07:20:04 tbox Exp $ */ +/* $Id: openssldsa_link.c,v 1.1.6.9.28.1 2008/12/24 00:21:22 marka Exp $ */ #ifdef OPENSSL @@ -133,7 +133,7 @@ openssldsa_verify(dst_context_t *dctx, c status = DSA_do_verify(digest, ISC_SHA1_DIGESTLENGTH, dsasig, dsa); DSA_SIG_free(dsasig); - if (status == 0) + if (status != 1) return (dst__openssl_toresult(DST_R_VERIFYFAILURE)); return (ISC_R_SUCCESS); Modified: vendor/bind9/dist/lib/dns/opensslrsa_link.c ============================================================================== --- vendor/bind9/dist/lib/dns/opensslrsa_link.c Fri Jan 9 07:27:08 2009 (r186925) +++ vendor/bind9/dist/lib/dns/opensslrsa_link.c Fri Jan 9 09:04:10 2009 (r186926) @@ -17,7 +17,7 @@ /* * Principal Author: Brian Wellington - * $Id: opensslrsa_link.c,v 1.1.6.11 2006/11/07 21:28:49 marka Exp $ + * $Id: opensslrsa_link.c,v 1.1.6.11.58.1 2008/12/24 00:21:22 marka Exp $ */ #ifdef OPENSSL @@ -246,7 +246,7 @@ opensslrsa_verify(dst_context_t *dctx, c status = RSA_verify(type, digest, digestlen, sig->base, RSA_size(rsa), rsa); - if (status == 0) + if (status != 1) return (dst__openssl_toresult(DST_R_VERIFYFAILURE)); return (ISC_R_SUCCESS); Modified: vendor/bind9/dist/lib/isc/unix/socket.c ============================================================================== --- vendor/bind9/dist/lib/isc/unix/socket.c Fri Jan 9 07:27:08 2009 (r186925) +++ vendor/bind9/dist/lib/isc/unix/socket.c Fri Jan 9 09:04:10 2009 (r186926) @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: socket.c,v 1.237.18.56 2008/11/12 03:58:36 marka Exp $ */ +/* $Id: socket.c,v 1.237.18.56.2.1 2008/12/23 00:14:34 marka Exp $ */ /*! \file */ @@ -501,7 +501,7 @@ FIX_IPV6_RECVPKTINFO(isc_socket_t *sock) if (setsockopt(sock->fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, (void *)&on, sizeof(on)) < 0) { - + UNEXPECTED_ERROR(__FILE__, __LINE__, "setsockopt(%d, IPV6_RECVPKTINFO) " "%s: %s", sock->fd, @@ -3163,7 +3163,6 @@ watcher(void *uap) { ISC_LOGCATEGORY_GENERAL, ISC_LOGMODULE_SOCKET, ISC_LOG_DEBUG(1), - ISC_LOG_INFO, "unexpected POLL timeout"); } pollstate = poll_active; @@ -4902,7 +4901,7 @@ isc_socket_ipv6only(isc_socket_t *sock, if (setsockopt(sock->fd, IPPROTO_IPV6, IPV6_V6ONLY, (void *)&onoff, sizeof(int)) < 0) { char strbuf[ISC_STRERRORSIZE]; - + UNEXPECTED_ERROR(__FILE__, __LINE__, "setsockopt(%d, IPV6_V6ONLY) " "%s: %s", sock->fd, Modified: vendor/bind9/dist/version ============================================================================== --- vendor/bind9/dist/version Fri Jan 9 07:27:08 2009 (r186925) +++ vendor/bind9/dist/version Fri Jan 9 09:04:10 2009 (r186926) @@ -1,4 +1,4 @@ -# $Id: version,v 1.29.134.23 2008/11/12 04:17:12 marka Exp $ +# $Id: version,v 1.29.134.23.2.1 2008/12/24 00:21:22 marka Exp $ # # This file must follow /bin/sh rules. It is imported directly via # configure. @@ -6,5 +6,5 @@ MAJORVER=9 MINORVER=4 PATCHVER=3 -RELEASETYPE= -RELEASEVER= +RELEASETYPE=-P +RELEASEVER=1