/[smeserver]/rpms/djbdns/sme9/240-tinydns-alias-chain-truncation.patch
ViewVC logotype

Contents of /rpms/djbdns/sme9/240-tinydns-alias-chain-truncation.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph

Revision 1.1 - (show annotations) (download)
Wed Jul 12 04:56:18 2017 UTC (7 years, 3 months ago) by unnilennium
Branch: MAIN
CVS Tags: djbdns-1_05-11_el6_sme, djbdns-1_05-9_el6_sme, djbdns-1_05-10_el6_sme, HEAD 
* Tue Jul 11 2017 Jean-Philipe Pialasse <tests@pialasse.com> 1.05-9.sme
-- backport SME10 fixes [SME: 10381]
--import patches from openwrt and rename already applied patches
--fix security issues [SME: 10374]
- 020-dnsroots-update.patch: update list of root DNS servers
- 070-dnscache-dpos-tcp-servfail.patch: SERVFAIL rename previous patch dns_transmit-bug.patch
- 210-dnscache-strict-forwardonly.patch: rename previous patch dnscache-strict-forwardonly.patch
- 270-dnscache-sigpipe-fix.patch: SIGPIPE
- 300-bugfix-dnscache-dempsky-poison.patch: CVE-2009-0858
- 310-bugfix-dnscache-merge-outgoing-requests.patch: CVE-2008-4392
- 320-bugfix-dnscache-cache-soa-records.patch: CVE-2008-4392
- 450-dnscache-ghost-domain-CVE-2012-1191.patch: CVE-2012-1191 http://marc.info/?l=djbdns&m=134190748729079&w=2
--bug fixes [SME: 10374]
- 060-dnscache-big-udp-packets.patch: accept and handle longer than 512 bytes UDP packets
- 230-tinydns-data-semantic-error.patch: handle semantic error to avoid publishing false dns records
- 240-tinydns-alias-chain-truncation.patch: rename previous patch tinydns-alias-chain-truncation.patch
--fix issue with short ttl cname like akamaid [SME: 8362]
- 200-dnscache-cname-handling.patch: rename previous patch dnscache-cname-handling.patch
- 330-fix-dnscache-cname-handling.patch: fix dnscache cname for short ttl
- 500-cutom-dnscache-maxloop.patch: set max loop to 200
--needed for previous patches to apply cleanly
- 030-srv-records-and-axfrget.patch: add SRV record type and axfr-get decompose SRC and PTR records (for 230-*.patch)
- 080-dnscache-cache-negatives.patch: rfc2308 ? (for 200-*.patch)
- 090-tinydns-one-second.patch: improve tinydns with 8 or more  concurent connections (for 240-*.patch)
- 120-compiler-temporary-filename.patch: change tmp filename to avoid conflicts (for 230-*.patch)
--not backported from SME10 branch
- 050-tinydns-mmap-leak.patch: report cdb leak
1 --- a/tdlookup.c
2 +++ b/tdlookup.c
3 @@ -103,12 +103,13 @@ static int doname(void)
4 return response_addname(d1);
5 }
6
7 -static int doit(char *q,char qtype[2])
8 +static int doit1(char **pqname,char qtype[2])
9 {
10 unsigned int bpos;
11 unsigned int anpos;
12 unsigned int aupos;
13 unsigned int arpos;
14 + char *q;
15 char *control;
16 char *wild;
17 int flaggavesoa;
18 @@ -122,6 +123,12 @@ static int doit(char *q,char qtype[2])
19 int addrnum;
20 uint32 addrttl;
21 int i;
22 + int loop = 0 ;
23 +
24 +RESTART:
25 + if (loop++ >= 100) return 0 ;
26 +
27 + q = *pqname ;
28
29 anpos = response_len;
30
31 @@ -136,7 +143,14 @@ static int doit(char *q,char qtype[2])
32 if (byte_equal(type,2,DNS_T_NS)) flagns = 1;
33 }
34 if (flagns) break;
35 - if (!*control) return 0; /* q is not within our bailiwick */
36 + if (!*control) { /* q is not within our bailiwick */
37 + if (loop <= 1)
38 + return 0 ;
39 + else {
40 + response[2] &= ~4;
41 + goto DONE; /* The administrator has issued contradictory instructions */
42 + }
43 + }
44 control += *control;
45 control += 1;
46 }
47 @@ -172,9 +186,17 @@ static int doit(char *q,char qtype[2])
48 continue;
49 }
50 if (!response_rstart(q,type,ttl)) return 0;
51 - if (byte_equal(type,2,DNS_T_NS) || byte_equal(type,2,DNS_T_CNAME) || byte_equal(type,2,DNS_T_PTR)) {
52 + if (byte_equal(type,2,DNS_T_NS) || byte_equal(type,2,DNS_T_PTR)) {
53 if (!doname()) return 0;
54 }
55 + else if (byte_equal(type,2,DNS_T_CNAME)) {
56 + if (!doname()) return 0;
57 + if (byte_diff(type,2,qtype)) {
58 + response_rfinish(RESPONSE_ANSWER);
59 + if (!dns_domain_copy(pqname,d1)) return 0 ;
60 + goto RESTART ;
61 + }
62 + }
63 else if (byte_equal(type,2,DNS_T_MX)) {
64 if (!dobytes(2)) return 0;
65 if (!doname()) return 0;
66 @@ -275,9 +297,21 @@ static int doit(char *q,char qtype[2])
67 }
68 }
69
70 +DONE:
71 return 1;
72 }
73
74 +static int doit(char *qname,char qtype[2])
75 +{
76 + int r ;
77 + char * q = 0 ;
78 +
79 + if (!dns_domain_copy(&q, qname)) return 0 ;
80 + r = doit1(&q, qtype) ;
81 + dns_domain_free(&q) ;
82 + return r ;
83 +}
84 +
85 int respond(char *q,char qtype[2],char ip[4])
86 {
87 static struct tai cdb_valid = { 0 };
admin@koozali.org
 ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed