/[smeserver]/rpms/djbdns/sme10/310-bugfix-dnscache-merge-outgoing-requests.patch
ViewVC logotype

Annotation of /rpms/djbdns/sme10/310-bugfix-dnscache-merge-outgoing-requests.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (hide annotations) (download)
Wed Jul 12 03:39:09 2017 UTC (7 years, 3 months ago) by unnilennium
Branch: MAIN
CVS Tags: djbdns-1_05-10_el7_sme, djbdns-1_05-9_el7_sme, djbdns-1_05-11_el7_sme, HEAD
* Tue Jul 11 2017 Jean-Philipe Pialasse <tests@pialasse.com> 1.05-9.sme
--import patches from openwrt and rename already applied patches
--fix security issues [SME: 10374]
- 020-dnsroots-update.patch: update list of root DNS servers
- 070-dnscache-dpos-tcp-servfail.patch: SERVFAIL rename previous patch dns_transmit-bug.patch
- 080-dnscache-cache-negatives.patch: rfc2308 ?
- 210-dnscache-strict-forwardonly.patch: rename previous patch dnscache-strict-forwardonly.patch
- 240-tinydns-alias-chain-truncation.patch: rename previous patch tinydns-alias-chain-truncation.patch
- 270-dnscache-sigpipe-fix.patch: SIGPIPE
- 300-bugfix-dnscache-dempsky-poison.patch: CVE-2009-0858
- 310-bugfix-dnscache-merge-outgoing-requests.patch: CVE-2008-4392
- 320-bugfix-dnscache-cache-soa-records.patch: CVE-2008-4392
- 450-dnscache-ghost-domain-CVE-2012-1191.patch: CVE-2012-1191 http://marc.info/?l=djbdns&m=134190748729079&w=2
--bug fixes [SME: 10374]
- 060-dnscache-big-udp-packets.patch: accept and handle longer than 512 bytes UDP packets
- 230-tinydns-data-semantic-error.patch: handle semantic error to avoid publishing false dns records
--fix issue with short ttl cname like akamaid [SME: 8362]
- 200-dnscache-cname-handling.patch: rename previous patch dnscache-cname-handling.patch
- 330-fix-dnscache-cname-handling.patch: fix dnscache cname for short ttl
- 500-cutom-dnscache-maxloop.patch: set max loop to 200
--needed for previous patches to apply cleanly
- 030-srv-records-and-axfrget.patch: add SRV record type and axfr-get decompose SRC and PTR records (for 230-*.patch)
- 050-tinydns-mmap-leak.patch: report cdb leak
- 080-dnscache-cache-negatives.patch: rfc2308 ?
- 090-tinydns-one-second.patch: improve tinydns with 8 or more  concurent connections (for 240-*.patch)
- 120-compiler-temporary-filename.patch: change tmp filename to avoid conflicts (for 230-*.patch)

1 unnilennium 1.1 --- a/Makefile
2     +++ b/Makefile
3     @@ -315,11 +315,11 @@ stralloc.h iopause.h taia.h tai.h uint64
4     ./compile dns_txt.c
5    
6     dnscache: \
7     -load dnscache.o droproot.o okclient.o log.o cache.o query.o \
8     +load dnscache.o droproot.o okclient.o log.o cache.o query.o qmerge.o \
9     response.o dd.o roots.o iopause.o prot.o dns.a env.a alloc.a buffer.a \
10     libtai.a unix.a byte.a socket.lib
11     ./load dnscache droproot.o okclient.o log.o cache.o \
12     - query.o response.o dd.o roots.o iopause.o prot.o dns.a \
13     + query.o qmerge.o response.o dd.o roots.o iopause.o prot.o dns.a \
14     env.a alloc.a buffer.a libtai.a unix.a byte.a `cat \
15     socket.lib`
16    
17     @@ -340,7 +340,7 @@ compile dnscache.c env.h exit.h scan.h s
18     uint16.h uint64.h socket.h uint16.h dns.h stralloc.h gen_alloc.h \
19     iopause.h taia.h tai.h uint64.h taia.h taia.h byte.h roots.h fmt.h \
20     iopause.h query.h dns.h uint32.h alloc.h response.h uint32.h cache.h \
21     -uint32.h uint64.h ndelay.h log.h uint64.h okclient.h droproot.h
22     +uint32.h uint64.h ndelay.h log.h uint64.h okclient.h droproot.h maxclient.h
23     ./compile dnscache.c
24    
25     dnsfilter: \
26     @@ -685,11 +685,16 @@ qlog.o: \
27     compile qlog.c buffer.h qlog.h uint16.h
28     ./compile qlog.c
29    
30     +qmerge.o: \
31     +compile qmerge.c qmerge.h dns.h stralloc.h gen_alloc.h iopause.h \
32     +taia.h tai.h uint64.h log.h maxclient.h
33     + ./compile qmerge.c
34     +
35     query.o: \
36     compile query.c error.h roots.h log.h uint64.h case.h cache.h \
37     uint32.h uint64.h byte.h dns.h stralloc.h gen_alloc.h iopause.h \
38     taia.h tai.h uint64.h taia.h uint64.h uint32.h uint16.h dd.h alloc.h \
39     -response.h uint32.h query.h dns.h uint32.h
40     +response.h uint32.h query.h dns.h uint32.h qmerge.h
41     ./compile query.c
42    
43     random-ip: \
44     --- a/dnscache.c
45     +++ b/dnscache.c
46     @@ -20,6 +20,7 @@
47     #include "response.h"
48     #include "cache.h"
49     #include "ndelay.h"
50     +#include "maxclient.h"
51     #include "log.h"
52     #include "okclient.h"
53     #include "droproot.h"
54     @@ -57,7 +58,6 @@ uint64 numqueries = 0;
55    
56     static int udp53;
57    
58     -#define MAXUDP 200
59     static struct udpclient {
60     struct query q;
61     struct taia start;
62     @@ -134,7 +134,6 @@ void u_new(void)
63    
64     static int tcp53;
65    
66     -#define MAXTCP 20
67     struct tcpclient {
68     struct query q;
69     struct taia start;
70     --- a/log.c
71     +++ b/log.c
72     @@ -151,6 +151,13 @@ void log_tx(const char *q,const char qty
73     line();
74     }
75    
76     +void log_tx_piggyback(const char *q, const char qtype[2], const char *control)
77     +{
78     + string("txpb ");
79     + logtype(qtype); space(); name(q); space(); name(control);
80     + line();
81     +}
82     +
83     void log_cachedanswer(const char *q,const char type[2])
84     {
85     string("cached "); logtype(type); space();
86     --- a/log.h
87     +++ b/log.h
88     @@ -20,6 +20,7 @@ extern void log_cachednxdomain(const cha
89     extern void log_cachedns(const char *,const char *);
90    
91     extern void log_tx(const char *,const char *,const char *,const char *,unsigned int);
92     +extern void log_tx_piggyback(const char *,const char *,const char *);
93    
94     extern void log_nxdomain(const char *,const char *,unsigned int);
95     extern void log_nodata(const char *,const char *,const char *,unsigned int);
96     --- /dev/null
97     +++ b/maxclient.h
98     @@ -0,0 +1,7 @@
99     +#ifndef MAXCLIENT_H
100     +#define MAXCLIENT_H
101     +
102     +#define MAXUDP 200
103     +#define MAXTCP 20
104     +
105     +#endif /* MAXCLIENT_H */
106     --- /dev/null
107     +++ b/qmerge.c
108     @@ -0,0 +1,115 @@
109     +#include "qmerge.h"
110     +#include "byte.h"
111     +#include "log.h"
112     +#include "maxclient.h"
113     +
114     +#define QMERGE_MAX (MAXUDP+MAXTCP)
115     +struct qmerge inprogress[QMERGE_MAX];
116     +
117     +static
118     +int qmerge_key_init(struct qmerge_key *qmk, const char *q, const char qtype[2],
119     + const char *control)
120     +{
121     + if (!dns_domain_copy(&qmk->q, q)) return 0;
122     + byte_copy(qmk->qtype, 2, qtype);
123     + if (!dns_domain_copy(&qmk->control, control)) return 0;
124     + return 1;
125     +}
126     +
127     +static
128     +int qmerge_key_equal(struct qmerge_key *a, struct qmerge_key *b)
129     +{
130     + return
131     + byte_equal(a->qtype, 2, b->qtype) &&
132     + dns_domain_equal(a->q, b->q) &&
133     + dns_domain_equal(a->control, b->control);
134     +}
135     +
136     +static
137     +void qmerge_key_free(struct qmerge_key *qmk)
138     +{
139     + dns_domain_free(&qmk->q);
140     + dns_domain_free(&qmk->control);
141     +}
142     +
143     +void qmerge_free(struct qmerge **x)
144     +{
145     + struct qmerge *qm;
146     +
147     + qm = *x;
148     + *x = 0;
149     + if (!qm || !qm->active) return;
150     +
151     + qm->active--;
152     + if (!qm->active) {
153     + qmerge_key_free(&qm->key);
154     + dns_transmit_free(&qm->dt);
155     + }
156     +}
157     +
158     +int qmerge_start(struct qmerge **qm, const char servers[64], int flagrecursive,
159     + const char *q, const char qtype[2], const char localip[4],
160     + const char *control)
161     +{
162     + struct qmerge_key k;
163     + int i;
164     + int r;
165     +
166     + qmerge_free(qm);
167     +
168     + byte_zero(&k, sizeof k);
169     + if (!qmerge_key_init(&k, q, qtype, control)) return -1;
170     + for (i = 0; i < QMERGE_MAX; i++) {
171     + if (!inprogress[i].active) continue;
172     + if (!qmerge_key_equal(&k, &inprogress[i].key)) continue;
173     + log_tx_piggyback(q, qtype, control);
174     + inprogress[i].active++;
175     + *qm = &inprogress[i];
176     + qmerge_key_free(&k);
177     + return 0;
178     + }
179     +
180     + for (i = 0; i < QMERGE_MAX; i++)
181     + if (!inprogress[i].active)
182     + break;
183     + if (i == QMERGE_MAX) return -1;
184     +
185     + log_tx(q, qtype, control, servers, 0);
186     + r = dns_transmit_start(&inprogress[i].dt, servers, flagrecursive, q, qtype, localip);
187     + if (r == -1) { qmerge_key_free(&k); return -1; }
188     + inprogress[i].active++;
189     + inprogress[i].state = 0;
190     + qmerge_key_free(&inprogress[i].key);
191     + byte_copy(&inprogress[i].key, sizeof k, &k);
192     + *qm = &inprogress[i];
193     + return 0;
194     +}
195     +
196     +void qmerge_io(struct qmerge *qm, iopause_fd *io, struct taia *deadline)
197     +{
198     + if (qm->state == 0) {
199     + dns_transmit_io(&qm->dt, io, deadline);
200     + qm->state = 1;
201     + }
202     + else {
203     + io->fd = -1;
204     + io->events = 0;
205     + }
206     +}
207     +
208     +int qmerge_get(struct qmerge **x, const iopause_fd *io, const struct taia *when)
209     +{
210     + int r;
211     + struct qmerge *qm;
212     +
213     + qm = *x;
214     + if (qm->state == -1) return -1; /* previous error */
215     + if (qm->state == 0) return 0; /* no packet */
216     + if (qm->state == 2) return 1; /* already got packet */
217     +
218     + r = dns_transmit_get(&qm->dt, io, when);
219     + if (r == -1) { qm->state = -1; return -1; } /* error */
220     + if (r == 0) { qm->state = 0; return 0; } /* must wait for i/o */
221     + if (r == 1) { qm->state = 2; return 1; } /* got packet */
222     + return -1; /* bug */
223     +}
224     --- /dev/null
225     +++ b/qmerge.h
226     @@ -0,0 +1,24 @@
227     +#ifndef QMERGE_H
228     +#define QMERGE_H
229     +
230     +#include "dns.h"
231     +
232     +struct qmerge_key {
233     + char *q;
234     + char qtype[2];
235     + char *control;
236     +};
237     +
238     +struct qmerge {
239     + int active;
240     + struct qmerge_key key;
241     + struct dns_transmit dt;
242     + int state; /* -1 = error, 0 = need io, 1 = need get, 2 = got packet */
243     +};
244     +
245     +extern int qmerge_start(struct qmerge **,const char *,int,const char *,const char *,const char *,const char *);
246     +extern void qmerge_io(struct qmerge *,iopause_fd *,struct taia *);
247     +extern int qmerge_get(struct qmerge **,const iopause_fd *,const struct taia *);
248     +extern void qmerge_free(struct qmerge **);
249     +
250     +#endif /* QMERGE_H */
251     --- a/query.c
252     +++ b/query.c
253     @@ -83,7 +83,7 @@ static void cleanup(struct query *z)
254     int j;
255     int k;
256    
257     - dns_transmit_free(&z->dt);
258     + qmerge_free(&z->qm);
259     for (j = 0;j < QUERY_MAXALIAS;++j)
260     dns_domain_free(&z->alias[j]);
261     for (j = 0;j < QUERY_MAXLEVEL;++j) {
262     @@ -452,14 +452,8 @@ static int doit(struct query *z,int stat
263     if (j == 64) goto SERVFAIL;
264    
265     dns_sortip(z->servers[z->level],64);
266     - if (z->level) {
267     - log_tx(z->name[z->level],DNS_T_A,z->control[z->level],z->servers[z->level],z->level);
268     - if (dns_transmit_start(&z->dt,z->servers[z->level],flagforwardonly,z->name[z->level],DNS_T_A,z->localip) == -1) goto DIE;
269     - }
270     - else {
271     - log_tx(z->name[0],z->type,z->control[0],z->servers[0],0);
272     - if (dns_transmit_start(&z->dt,z->servers[0],flagforwardonly,z->name[0],z->type,z->localip) == -1) goto DIE;
273     - }
274     + dtype = z->level ? DNS_T_A : z->type;
275     + if (qmerge_start(&z->qm,z->servers[z->level],flagforwardonly,z->name[z->level],dtype,z->localip,z->control[z->level]) == -1) goto DIE;
276     return 0;
277    
278    
279     @@ -473,10 +467,10 @@ static int doit(struct query *z,int stat
280    
281     HAVEPACKET:
282     if (++z->loop == 100) goto DIE;
283     - buf = z->dt.packet;
284     - len = z->dt.packetlen;
285     + buf = z->qm->dt.packet;
286     + len = z->qm->dt.packetlen;
287    
288     - whichserver = z->dt.servers + 4 * z->dt.curserver;
289     + whichserver = z->qm->dt.servers + 4 * z->qm->dt.curserver;
290     control = z->control[z->level];
291     d = z->name[z->level];
292     dtype = z->level ? DNS_T_A : z->type;
293     @@ -902,7 +896,7 @@ int query_start(struct query *z,char *dn
294    
295     int query_get(struct query *z,iopause_fd *x,struct taia *stamp)
296     {
297     - switch(dns_transmit_get(&z->dt,x,stamp)) {
298     + switch(qmerge_get(&z->qm,x,stamp)) {
299     case 1:
300     return doit(z,1);
301     case -1:
302     @@ -913,5 +907,5 @@ int query_get(struct query *z,iopause_fd
303    
304     void query_io(struct query *z,iopause_fd *x,struct taia *deadline)
305     {
306     - dns_transmit_io(&z->dt,x,deadline);
307     + qmerge_io(z->qm,x,deadline);
308     }
309     --- a/query.h
310     +++ b/query.h
311     @@ -1,7 +1,7 @@
312     #ifndef QUERY_H
313     #define QUERY_H
314    
315     -#include "dns.h"
316     +#include "qmerge.h"
317     #include "uint32.h"
318    
319     #define QUERY_MAXLEVEL 5
320     @@ -20,7 +20,7 @@ struct query {
321     char localip[4];
322     char type[2];
323     char class[2];
324     - struct dns_transmit dt;
325     + struct qmerge *qm;
326     } ;
327    
328     extern int query_start(struct query *,char *,char *,char *,char *);

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed