/[smeserver]/rpms/djbdns/sme10/240-tinydns-alias-chain-truncation.patch
ViewVC logotype

Annotation of /rpms/djbdns/sme10/240-tinydns-alias-chain-truncation.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (hide annotations) (download)
Wed Jul 12 03:39:09 2017 UTC (7 years, 3 months ago) by unnilennium
Branch: MAIN
CVS Tags: djbdns-1_05-10_el7_sme, djbdns-1_05-9_el7_sme, djbdns-1_05-11_el7_sme, HEAD
* Tue Jul 11 2017 Jean-Philipe Pialasse <tests@pialasse.com> 1.05-9.sme
--import patches from openwrt and rename already applied patches
--fix security issues [SME: 10374]
- 020-dnsroots-update.patch: update list of root DNS servers
- 070-dnscache-dpos-tcp-servfail.patch: SERVFAIL rename previous patch dns_transmit-bug.patch
- 080-dnscache-cache-negatives.patch: rfc2308 ?
- 210-dnscache-strict-forwardonly.patch: rename previous patch dnscache-strict-forwardonly.patch
- 240-tinydns-alias-chain-truncation.patch: rename previous patch tinydns-alias-chain-truncation.patch
- 270-dnscache-sigpipe-fix.patch: SIGPIPE
- 300-bugfix-dnscache-dempsky-poison.patch: CVE-2009-0858
- 310-bugfix-dnscache-merge-outgoing-requests.patch: CVE-2008-4392
- 320-bugfix-dnscache-cache-soa-records.patch: CVE-2008-4392
- 450-dnscache-ghost-domain-CVE-2012-1191.patch: CVE-2012-1191 http://marc.info/?l=djbdns&m=134190748729079&w=2
--bug fixes [SME: 10374]
- 060-dnscache-big-udp-packets.patch: accept and handle longer than 512 bytes UDP packets
- 230-tinydns-data-semantic-error.patch: handle semantic error to avoid publishing false dns records
--fix issue with short ttl cname like akamaid [SME: 8362]
- 200-dnscache-cname-handling.patch: rename previous patch dnscache-cname-handling.patch
- 330-fix-dnscache-cname-handling.patch: fix dnscache cname for short ttl
- 500-cutom-dnscache-maxloop.patch: set max loop to 200
--needed for previous patches to apply cleanly
- 030-srv-records-and-axfrget.patch: add SRV record type and axfr-get decompose SRC and PTR records (for 230-*.patch)
- 050-tinydns-mmap-leak.patch: report cdb leak
- 080-dnscache-cache-negatives.patch: rfc2308 ?
- 090-tinydns-one-second.patch: improve tinydns with 8 or more  concurent connections (for 240-*.patch)
- 120-compiler-temporary-filename.patch: change tmp filename to avoid conflicts (for 230-*.patch)

1 unnilennium 1.1 --- a/tdlookup.c
2     +++ b/tdlookup.c
3     @@ -103,12 +103,13 @@ static int doname(void)
4     return response_addname(d1);
5     }
6    
7     -static int doit(char *q,char qtype[2])
8     +static int doit1(char **pqname,char qtype[2])
9     {
10     unsigned int bpos;
11     unsigned int anpos;
12     unsigned int aupos;
13     unsigned int arpos;
14     + char *q;
15     char *control;
16     char *wild;
17     int flaggavesoa;
18     @@ -122,6 +123,12 @@ static int doit(char *q,char qtype[2])
19     int addrnum;
20     uint32 addrttl;
21     int i;
22     + int loop = 0 ;
23     +
24     +RESTART:
25     + if (loop++ >= 100) return 0 ;
26     +
27     + q = *pqname ;
28    
29     anpos = response_len;
30    
31     @@ -136,7 +143,14 @@ static int doit(char *q,char qtype[2])
32     if (byte_equal(type,2,DNS_T_NS)) flagns = 1;
33     }
34     if (flagns) break;
35     - if (!*control) return 0; /* q is not within our bailiwick */
36     + if (!*control) { /* q is not within our bailiwick */
37     + if (loop <= 1)
38     + return 0 ;
39     + else {
40     + response[2] &= ~4;
41     + goto DONE; /* The administrator has issued contradictory instructions */
42     + }
43     + }
44     control += *control;
45     control += 1;
46     }
47     @@ -172,9 +186,17 @@ static int doit(char *q,char qtype[2])
48     continue;
49     }
50     if (!response_rstart(q,type,ttl)) return 0;
51     - if (byte_equal(type,2,DNS_T_NS) || byte_equal(type,2,DNS_T_CNAME) || byte_equal(type,2,DNS_T_PTR)) {
52     + if (byte_equal(type,2,DNS_T_NS) || byte_equal(type,2,DNS_T_PTR)) {
53     if (!doname()) return 0;
54     }
55     + else if (byte_equal(type,2,DNS_T_CNAME)) {
56     + if (!doname()) return 0;
57     + if (byte_diff(type,2,qtype)) {
58     + response_rfinish(RESPONSE_ANSWER);
59     + if (!dns_domain_copy(pqname,d1)) return 0 ;
60     + goto RESTART ;
61     + }
62     + }
63     else if (byte_equal(type,2,DNS_T_MX)) {
64     if (!dobytes(2)) return 0;
65     if (!doname()) return 0;
66     @@ -275,9 +297,21 @@ static int doit(char *q,char qtype[2])
67     }
68     }
69    
70     +DONE:
71     return 1;
72     }
73    
74     +static int doit(char *qname,char qtype[2])
75     +{
76     + int r ;
77     + char * q = 0 ;
78     +
79     + if (!dns_domain_copy(&q, qname)) return 0 ;
80     + r = doit1(&q, qtype) ;
81     + dns_domain_free(&q) ;
82     + return r ;
83     +}
84     +
85     int respond(char *q,char qtype[2],char ip[4])
86     {
87     static struct tai cdb_valid = { 0 };

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed