Date: Sun, 14 Dec 2008 19:39:53 +0000 (UTC) From: Hajimu UMEMOTO <ume@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r186090 - in head: include include/arpa lib/libc/include/isc lib/libc/inet lib/libc/resolv Message-ID: <200812141939.mBEJdr8i068613@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: ume Date: Sun Dec 14 19:39:53 2008 New Revision: 186090 URL: http://svn.freebsd.org/changeset/base/186090 Log: Merge the resolver part of BIND 9.4.3 into HEAD. It includes the following fix: 2426. [bug] libbind: inet_net_pton() can sometimes return the wrong value if excessively large netmasks are supplied. [RT #18512] Reported by: Maksymilian Arciemowicz <cxib__at__securityreason.com> Added: head/lib/libc/include/isc/platform.h (contents, props changed) Modified: head/include/arpa/nameser.h head/include/resolv.h head/lib/libc/include/isc/eventlib.h (contents, props changed) head/lib/libc/inet/inet_net_pton.c head/lib/libc/resolv/res_debug.c head/lib/libc/resolv/res_mkquery.c head/lib/libc/resolv/res_query.c head/lib/libc/resolv/res_send.c Modified: head/include/arpa/nameser.h ============================================================================== --- head/include/arpa/nameser.h Sun Dec 14 19:35:42 2008 (r186089) +++ head/include/arpa/nameser.h Sun Dec 14 19:39:53 2008 (r186090) @@ -49,7 +49,7 @@ */ /* - * $Id: nameser.h,v 1.7.18.1 2005/04/27 05:00:50 sra Exp $ + * $Id: nameser.h,v 1.7.18.2 2008/04/03 23:15:15 marka Exp $ * $FreeBSD$ */ @@ -424,9 +424,10 @@ typedef enum __ns_cert_types { #define NS_NXT_MAX 127 /*% - * EDNS0 extended flags, host order. + * EDNS0 extended flags and option codes, host order. */ #define NS_OPT_DNSSEC_OK 0x8000U +#define NS_OPT_NSID 3 /*% * Inline versions of get/put short/long. Pointer is advanced. Modified: head/include/resolv.h ============================================================================== --- head/include/resolv.h Sun Dec 14 19:35:42 2008 (r186089) +++ head/include/resolv.h Sun Dec 14 19:39:53 2008 (r186090) @@ -50,7 +50,7 @@ /*% * @(#)resolv.h 8.1 (Berkeley) 6/2/93 - * $Id: resolv.h,v 1.19.18.3 2005/08/25 04:43:51 marka Exp $ + * $Id: resolv.h,v 1.19.18.4 2008/04/03 23:15:15 marka Exp $ * $FreeBSD$ */ @@ -245,6 +245,7 @@ union res_sockaddr_union { #define RES_NOCHECKNAME 0x00008000 /*%< do not check names for sanity. */ #define RES_KEEPTSIG 0x00010000 /*%< do not strip TSIG records */ #define RES_BLAST 0x00020000 /*%< blast all recursive servers */ +#define RES_NSID 0x00040000 /*%< request name server ID */ #define RES_NOTLDQUERY 0x00100000 /*%< don't unqualified name as a tld */ #define RES_USE_DNSSEC 0x00200000 /*%< use DNSSEC using OK bit in OPT */ /* #define RES_DEBUG2 0x00400000 */ /* nslookup internal */ @@ -386,6 +387,7 @@ extern const struct res_sym __p_rcode_sy #define sym_ntos __sym_ntos #define sym_ston __sym_ston #define res_nopt __res_nopt +#define res_nopt_rdata __res_nopt_rdata #define res_ndestroy __res_ndestroy #define res_nametoclass __res_nametoclass #define res_nametotype __res_nametotype @@ -474,6 +476,8 @@ int res_findzonecut2(res_state, const c union res_sockaddr_union *, int); void res_nclose(res_state); int res_nopt(res_state, int, u_char *, int, int); +int res_nopt_rdata(res_state, int, u_char *, int, u_char *, + u_short, u_short, u_char *); void res_send_setqhook(res_send_qhook); void res_send_setrhook(res_send_rhook); int __res_vinit(res_state, int); Modified: head/lib/libc/include/isc/eventlib.h ============================================================================== --- head/lib/libc/include/isc/eventlib.h Sun Dec 14 19:35:42 2008 (r186089) +++ head/lib/libc/include/isc/eventlib.h Sun Dec 14 19:39:53 2008 (r186090) @@ -18,7 +18,7 @@ /* eventlib.h - exported interfaces for eventlib * vix 09sep95 [initial] * - * $Id: eventlib.h,v 1.3.18.2 2005/07/28 07:38:07 marka Exp $ + * $Id: eventlib.h,v 1.3.18.3 2008/01/23 02:12:01 marka Exp $ */ #ifndef _EVENTLIB_H @@ -29,6 +29,8 @@ #include <sys/time.h> #include <stdio.h> +#include <isc/platform.h> + #ifndef __P # define __EVENTLIB_P_DEFINED # ifdef __STDC__ Added: head/lib/libc/include/isc/platform.h ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/lib/libc/include/isc/platform.h Sun Dec 14 19:39:53 2008 (r186090) @@ -0,0 +1,37 @@ +/* + * Copyright (C) 2008 Internet Systems Consortium, Inc. ("ISC") + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: platform.h.in,v 1.2.6.2 2008/01/23 02:15:02 tbox Exp $ */ +/* $FreeBSD$ */ + +/*! \file */ + +#ifndef ISC_PLATFORM_H +#define ISC_PLATFORM_H + +/* + * Define if the OS does not define struct timespec. + */ +#undef ISC_PLATFORM_NEEDTIMESPEC +#ifdef ISC_PLATFORM_NEEDTIMESPEC +#include <time.h> /* For time_t */ +struct timespec { + time_t tv_sec; /* seconds */ + long tv_nsec; /* nanoseconds */ +}; +#endif + +#endif Modified: head/lib/libc/inet/inet_net_pton.c ============================================================================== --- head/lib/libc/inet/inet_net_pton.c Sun Dec 14 19:35:42 2008 (r186089) +++ head/lib/libc/inet/inet_net_pton.c Sun Dec 14 19:39:53 2008 (r186090) @@ -16,7 +16,7 @@ */ #if defined(LIBC_SCCS) && !defined(lint) -static const char rcsid[] = "$Id: inet_net_pton.c,v 1.7.18.1 2005/04/27 05:00:53 sra Exp $"; +static const char rcsid[] = "$Id: inet_net_pton.c,v 1.7.18.2 2008/08/26 04:42:43 marka Exp $"; #endif #include <sys/cdefs.h> __FBSDID("$FreeBSD$"); @@ -135,11 +135,11 @@ inet_net_pton_ipv4(const char *src, u_ch assert(n >= 0 && n <= 9); bits *= 10; bits += n; + if (bits > 32) + goto enoent; } while ((ch = *src++) != '\0' && isascii(ch) && isdigit(ch)); if (ch != '\0') goto enoent; - if (bits > 32) - goto emsgsize; } /* Firey death and destruction unless we prefetched EOS. */ Modified: head/lib/libc/resolv/res_debug.c ============================================================================== --- head/lib/libc/resolv/res_debug.c Sun Dec 14 19:35:42 2008 (r186089) +++ head/lib/libc/resolv/res_debug.c Sun Dec 14 19:39:53 2008 (r186090) @@ -91,7 +91,7 @@ #if defined(LIBC_SCCS) && !defined(lint) static const char sccsid[] = "@(#)res_debug.c 8.1 (Berkeley) 6/4/93"; -static const char rcsid[] = "$Id: res_debug.c,v 1.10.18.5 2005/07/28 07:38:11 marka Exp $"; +static const char rcsid[] = "$Id: res_debug.c,v 1.10.18.6 2008/04/03 23:15:15 marka Exp $"; #endif /* LIBC_SCCS and not lint */ #include <sys/cdefs.h> __FBSDID("$FreeBSD$"); @@ -187,10 +187,56 @@ do_section(const res_state statp, p_type(ns_rr_type(rr)), p_class(ns_rr_class(rr))); else if (section == ns_s_ar && ns_rr_type(rr) == ns_t_opt) { + u_int16_t optcode, optlen, rdatalen = ns_rr_rdlen(rr); u_int32_t ttl = ns_rr_ttl(rr); + fprintf(file, "; EDNS: version: %u, udp=%u, flags=%04x\n", (ttl>>16)&0xff, ns_rr_class(rr), ttl&0xffff); + + while (rdatalen >= 4) { + const u_char *cp = ns_rr_rdata(rr); + int i; + + GETSHORT(optcode, cp); + GETSHORT(optlen, cp); + + if (optcode == NS_OPT_NSID) { + fputs("; NSID: ", file); + if (optlen == 0) { + fputs("; NSID\n", file); + } else { + fputs("; NSID: ", file); + for (i = 0; i < optlen; i++) + fprintf(file, "%02x ", + cp[i]); + fputs(" (",file); + for (i = 0; i < optlen; i++) + fprintf(file, "%c", + isprint(cp[i])? + cp[i] : '.'); + fputs(")\n", file); + } + } else { + if (optlen == 0) { + fprintf(file, "; OPT=%u\n", + optcode); + } else { + fprintf(file, "; OPT=%u: ", + optcode); + for (i = 0; i < optlen; i++) + fprintf(file, "%02x ", + cp[i]); + fputs(" (",file); + for (i = 0; i < optlen; i++) + fprintf(file, "%c", + isprint(cp[i]) ? + cp[i] : '.'); + fputs(")\n", file); + } + } + rdatalen -= 4 + optlen; + } } else { n = ns_sprintrr(handle, &rr, NULL, NULL, buf, buflen); @@ -202,7 +248,7 @@ do_section(const res_state statp, buf = malloc(buflen += 1024); if (buf == NULL) { fprintf(file, - ";; memory allocation failure\n"); + ";; memory allocation failure\n"); return; } continue; @@ -379,7 +425,7 @@ static const struct res_sym __p_default_ {ns_s_an, "ANSWER", (char *)0}, {ns_s_ns, "AUTHORITY", (char *)0}, {ns_s_ar, "ADDITIONAL", (char *)0}, - {0, (char *)0, (char *)0} + {0, (char *)0, (char *)0} }; static const struct res_sym __p_update_section_syms[] = { @@ -387,7 +433,7 @@ static const struct res_sym __p_update_s {S_PREREQ, "PREREQUISITE", (char *)0}, {S_UPDATE, "UPDATE", (char *)0}, {S_ADDT, "ADDITIONAL", (char *)0}, - {0, (char *)0, (char *)0} + {0, (char *)0, (char *)0} }; const struct res_sym __p_key_syms[] = { @@ -615,6 +661,7 @@ p_option(u_long option) { case RES_USE_INET6: return "inet6"; #ifdef RES_USE_EDNS0 /*%< KAME extension */ case RES_USE_EDNS0: return "edns0"; + case RES_NSID: return "nsid"; #endif #ifdef RES_USE_DNAME case RES_USE_DNAME: return "dname"; Modified: head/lib/libc/resolv/res_mkquery.c ============================================================================== --- head/lib/libc/resolv/res_mkquery.c Sun Dec 14 19:35:42 2008 (r186089) +++ head/lib/libc/resolv/res_mkquery.c Sun Dec 14 19:39:53 2008 (r186090) @@ -66,7 +66,7 @@ #if defined(LIBC_SCCS) && !defined(lint) static const char sccsid[] = "@(#)res_mkquery.c 8.1 (Berkeley) 6/4/93"; -static const char rcsid[] = "$Id: res_mkquery.c,v 1.5.18.1 2005/04/27 05:01:11 sra Exp $"; +static const char rcsid[] = "$Id: res_mkquery.c,v 1.5.18.2 2008/04/03 23:15:15 marka Exp $"; #endif /* LIBC_SCCS and not lint */ #include <sys/cdefs.h> __FBSDID("$FreeBSD$"); @@ -201,9 +201,6 @@ res_nmkquery(res_state statp, #ifdef RES_USE_EDNS0 /* attach OPT pseudo-RR, as documented in RFC2671 (EDNS0). */ -#ifndef T_OPT -#define T_OPT 41 -#endif int res_nopt(res_state statp, @@ -228,15 +225,16 @@ res_nopt(res_state statp, if ((ep - cp) < 1 + RRFIXEDSZ) return (-1); - *cp++ = 0; /*%< "." */ - ns_put16(T_OPT, cp); /*%< TYPE */ + *cp++ = 0; /*%< "." */ + ns_put16(ns_t_opt, cp); /*%< TYPE */ cp += INT16SZ; if (anslen > 0xffff) anslen = 0xffff; /* limit to 16bit value */ - ns_put16(anslen & 0xffff, cp); /*%< CLASS = UDP payload size */ + ns_put16(anslen & 0xffff, cp); /*%< CLASS = UDP payload size */ cp += INT16SZ; - *cp++ = NOERROR; /*%< extended RCODE */ - *cp++ = 0; /*%< EDNS version */ + *cp++ = NOERROR; /*%< extended RCODE */ + *cp++ = 0; /*%< EDNS version */ + if (statp->options & RES_USE_DNSSEC) { #ifdef DEBUG if (statp->options & RES_DEBUG) @@ -246,12 +244,60 @@ res_nopt(res_state statp, } ns_put16(flags, cp); cp += INT16SZ; - ns_put16(0, cp); /*%< RDLEN */ + + ns_put16(0U, cp); /*%< RDLEN */ cp += INT16SZ; + hp->arcount = htons(ntohs(hp->arcount) + 1); return (cp - buf); } + +/* + * Construct variable data (RDATA) block for OPT psuedo-RR, append it + * to the buffer, then update the RDLEN field (previously set to zero by + * res_nopt()) with the new RDATA length. + */ +int +res_nopt_rdata(res_state statp, + int n0, /*%< current offset in buffer */ + u_char *buf, /*%< buffer to put query */ + int buflen, /*%< size of buffer */ + u_char *rdata, /*%< ptr to start of opt rdata */ + u_short code, /*%< OPTION-CODE */ + u_short len, /*%< OPTION-LENGTH */ + u_char *data) /*%< OPTION_DATA */ +{ + register u_char *cp, *ep; + +#ifdef DEBUG + if ((statp->options & RES_DEBUG) != 0U) + printf(";; res_nopt_rdata()\n"); +#endif + + cp = buf + n0; + ep = buf + buflen; + + if ((ep - cp) < (4 + len)) + return (-1); + + if (rdata < (buf + 2) || rdata >= ep) + return (-1); + + ns_put16(code, cp); + cp += INT16SZ; + + ns_put16(len, cp); + cp += INT16SZ; + + memcpy(cp, data, len); + cp += len; + + len = cp - rdata; + ns_put16(len, rdata - 2); /* Update RDLEN field */ + + return (cp - buf); +} #endif /*! \file */ Modified: head/lib/libc/resolv/res_query.c ============================================================================== --- head/lib/libc/resolv/res_query.c Sun Dec 14 19:35:42 2008 (r186089) +++ head/lib/libc/resolv/res_query.c Sun Dec 14 19:39:53 2008 (r186090) @@ -66,7 +66,7 @@ #if defined(LIBC_SCCS) && !defined(lint) static const char sccsid[] = "@(#)res_query.c 8.1 (Berkeley) 6/4/93"; -static const char rcsid[] = "$Id: res_query.c,v 1.7.18.1 2005/04/27 05:01:11 sra Exp $"; +static const char rcsid[] = "$Id: res_query.c,v 1.7.18.2 2008/04/03 23:15:15 marka Exp $"; #endif /* LIBC_SCCS and not lint */ #include <sys/cdefs.h> __FBSDID("$FreeBSD$"); @@ -115,8 +115,9 @@ res_nquery(res_state statp, { u_char buf[MAXPACKET]; HEADER *hp = (HEADER *) answer; - int n; u_int oflags; + u_char *rdata; + int n; oflags = statp->_flags; @@ -131,8 +132,14 @@ again: buf, sizeof(buf)); #ifdef RES_USE_EDNS0 if (n > 0 && (statp->_flags & RES_F_EDNS0ERR) == 0 && - (statp->options & (RES_USE_EDNS0|RES_USE_DNSSEC)) != 0U) + (statp->options & (RES_USE_EDNS0|RES_USE_DNSSEC|RES_NSID))) { n = res_nopt(statp, n, buf, sizeof(buf), anslen); + rdata = &buf[n]; + if (n > 0 && (statp->options & RES_NSID) != 0U) { + n = res_nopt_rdata(statp, n, buf, sizeof(buf), rdata, + NS_OPT_NSID, 0, NULL); + } + } #endif if (n <= 0) { #ifdef DEBUG @@ -142,6 +149,7 @@ again: RES_SET_H_ERRNO(statp, NO_RECOVERY); return (n); } + n = res_nsend(statp, buf, n, answer, anslen); if (n < 0) { #ifdef RES_USE_EDNS0 Modified: head/lib/libc/resolv/res_send.c ============================================================================== --- head/lib/libc/resolv/res_send.c Sun Dec 14 19:35:42 2008 (r186089) +++ head/lib/libc/resolv/res_send.c Sun Dec 14 19:39:53 2008 (r186090) @@ -66,7 +66,7 @@ #if defined(LIBC_SCCS) && !defined(lint) static const char sccsid[] = "@(#)res_send.c 8.1 (Berkeley) 6/4/93"; -static const char rcsid[] = "$Id: res_send.c,v 1.9.18.8 2006/10/16 23:00:58 marka Exp $"; +static const char rcsid[] = "$Id: res_send.c,v 1.9.18.10 2008/01/27 02:06:26 marka Exp $"; #endif /* LIBC_SCCS and not lint */ #include <sys/cdefs.h> __FBSDID("$FreeBSD$"); @@ -302,7 +302,7 @@ int res_nsend(res_state statp, const u_char *buf, int buflen, u_char *ans, int anssiz) { - int gotsomewhere, terrno, try, v_circuit, resplen, ns, n; + int gotsomewhere, terrno, tries, v_circuit, resplen, ns, n; #ifdef USE_KQUEUE int kq; #endif @@ -420,7 +420,7 @@ res_nsend(res_state statp, /* * Send request, RETRY times, or until successful. */ - for (try = 0; try < statp->retry; try++) { + for (tries = 0; tries < statp->retry; tries++) { for (ns = 0; ns < statp->nscount; ns++) { struct sockaddr *nsap; int nsaplen; @@ -471,7 +471,7 @@ res_nsend(res_state statp, if (v_circuit) { /* Use VC; at most one attempt per server. */ - try = statp->retry; + tries = statp->retry; n = send_vc(statp, buf, buflen, ans, anssiz, &terrno, ns); if (n < 0) @@ -486,7 +486,7 @@ res_nsend(res_state statp, kq, #endif buf, buflen, ans, anssiz, &terrno, - ns, try, &v_circuit, &gotsomewhere); + ns, tries, &v_circuit, &gotsomewhere); if (n < 0) goto fail; if (n == 0) @@ -632,6 +632,9 @@ send_vc(res_state statp, u_short len; u_char *cp; void *tmp; +#ifdef SO_NOSIGPIPE + int on = 1; +#endif nsap = get_nsaddr(statp, ns); nsaplen = get_salen(nsap); @@ -679,6 +682,17 @@ send_vc(res_state statp, return (-1); } } +#ifdef SO_NOSIGPIPE + /* + * Disable generation of SIGPIPE when writing to a closed + * socket. Write should return -1 and set errno to EPIPE + * instead. + * + * Push on even if setsockopt(SO_NOSIGPIPE) fails. + */ + (void)_setsockopt(statp->_vcsock, SOL_SOCKET, SO_NOSIGPIPE, &on, + sizeof(on)); +#endif errno = 0; if (_connect(statp->_vcsock, nsap, nsaplen) < 0) { *terrno = errno; @@ -811,7 +825,7 @@ send_dg(res_state statp, int kq, #endif const u_char *buf, int buflen, u_char *ans, - int anssiz, int *terrno, int ns, int try, int *v_circuit, + int anssiz, int *terrno, int ns, int tries, int *v_circuit, int *gotsomewhere) { const HEADER *hp = (const HEADER *) buf; @@ -915,7 +929,7 @@ send_dg(res_state statp, /* * Wait for reply. */ - seconds = (statp->retrans << try); + seconds = (statp->retrans << tries); if (ns > 0) seconds /= statp->nscount; if (seconds <= 0)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200812141939.mBEJdr8i068613>