diff options
author | peter <peter@FreeBSD.org> | 1997-06-27 07:25:32 +0000 |
---|---|---|
committer | peter <peter@FreeBSD.org> | 1997-06-27 07:25:32 +0000 |
commit | 20250d8619bb0419032ebda7ca41de01e60bea7f (patch) | |
tree | 8d8fc637398296c21277df1d139abec2111908fa | |
parent | ce54a1d058edea29bf0555ec44642ec1c15ba2f0 (diff) | |
parent | 47492cc08d0e2630b8140cc5b25e635606858ad8 (diff) | |
download | FreeBSD-src-20250d8619bb0419032ebda7ca41de01e60bea7f.zip FreeBSD-src-20250d8619bb0419032ebda7ca41de01e60bea7f.tar.gz |
This commit was generated by cvs2svn to compensate for changes in r26971,
which included commits to RCS files with non-trunk default branches.
34 files changed, 758 insertions, 528 deletions
diff --git a/contrib/bind/CHANGES b/contrib/bind/CHANGES index 024edae..0cb28dd 100644 --- a/contrib/bind/CHANGES +++ b/contrib/bind/CHANGES @@ -1,4 +1,69 @@ -$Id: CHANGES,v 8.52 1996/12/18 04:09:41 vixie Exp $ +$Id: CHANGES,v 8.53 1997/06/01 20:34:25 vixie Exp vixie $ + + --- 4.9.6 released --- + +805. [security] The server now caches only those response records + that are within the current query domain. (From BIND-8) + +804. [security] another buffer overrun plugged, this time in res_search(). + +803. [bug] core leak fixed in ns_resp.c (twice). + +802. [proto] RTT sorting was defeating round robin for nameserver A RRs. + +801. [bug] res_send() now considers FD_SETSIZE usefully. + +800. [bug] formatting errors corrected in precsize_aton(). + +799. [bug] now that inet_pton() is safe, we call it a little more often. + +798. [bug] file descriptor leak plugged on systems without SO_LINGER. + +797. [bug] named-xfer signal, exit, and stub bugs fixed. + +798. [bug] tokens with merely _leading_ digits won't be taken as TTL's. + +797. [port] Motorola 88K port integrated. + +796. [doc] some spelling errors, omissions, and misdirections removed. + +795. [security] "dig @0 version.bind chaos" no longer shows user names. + +794. [bug] make d_rcnt larger; reorder databuf for packing efficiency. + +793. [bug] we forgot to reset a pointer after a realloc (named_xfer.c). + +792. [bug] RRset TTL was not being maintained coherently. + +791. [doc] BOG was off by one in its ndots description. + +790. [whining] preserve forwarded RRset order for one last release. + +789. [bug] TCP timeouts were leaking file descriptors. + +788. [bug] AXFR needs 64K to fit in, not PACKETSZ. + +787. [bug] dangling CNAMEs caused erroneous forwarded responses. + +786. [protocol] better checking of incoming additional data. + +785. [bug] forced reload of parents after zone expiry had problems. + +784. [bug] SRV RR's were not decoded properly. + +783. [bug] BUFSIZ is less than PACKETSZ on some systems (overruns). + +782. [bug] named could spin on invalid TCP input formats (ns_main.c). + +781. [bug] short names of all hex digits were being handled incorrectly. + +780. [bug] doupdate was handling BOGUSNS and syslog messages incorrectly. + +779. [bug] named-xfer can now handle RFC1035-compliant zone transfers. + +778. [security] wire protocol names now limited to MAXCDNAME octets. + +777. [port] res_send name redefinition now covered by BIND_RES_POSIX3. --- 4.9.5-p1 released --- diff --git a/contrib/bind/INSTALL b/contrib/bind/INSTALL index 0b6b9ed..5dad5f8 100644 --- a/contrib/bind/INSTALL +++ b/contrib/bind/INSTALL @@ -1,4 +1,4 @@ -$Id: INSTALL,v 8.7 1996/11/11 06:36:40 vixie Exp $ +$Id: INSTALL,v 8.8 1997/06/01 20:34:25 vixie Exp vixie $ THE FILES: ---------- @@ -39,14 +39,14 @@ sure you turn any links into files: 2. (optional) If you have a typical site, you should find yourself only editing Makefile and conf/options.h. Make backups of them now: - mv Makefile Makefile.tmp - cp Makefile.tmp Makefile ; rm Makefile.tmp - chmod u+w Makefile - - mv conf/options.h conf/options.h.tmp - cp conf/options.h.tmp conf/options.h ; rm conf/options.h.tmp + mv conf/options.h conf/options.h.dist + cp conf/options.h.dist conf/options.h chmod u+w conf/options.h + mv Makefile Makefile.dist + cp Makefile.dist Makefile + chmod u+w Makefile + 3. Edit "conf/options.h" and turn on any options that you want. The defaults are pretty reasonable for most installations. @@ -62,7 +62,7 @@ path if "make depend" fails and you think bin/mkdep will help you out. *** NOTE NOTE NOTE NOTE NOTE NOTE NOTE NOTE NOTE NOTE NOTE *** - The next step (#5) will burn down files which were supplied with + The next step (#6) will burn down files which were supplied with your operating system. You should run the suggested "-n" first and make sure you have saved any files you want to save. @@ -82,16 +82,18 @@ how to do it. HOW TO GET HELP: ---------------- -The "bind@uunet.uu.net" mailing list was created especially for people -to talk about and ask questions about installation, maintenance, etc. -It is highly recommended that you first help yourself by reading -the BOG (doc/bog) or a book on DNS and BIND. - -To be added to this mailing list, send mail to - bind-request@uunet.uu.net +The "bind-users@vix.com" mailing list was created especially for people to +talk about and ask questions about installation, maintenance, etc. It is +highly recommended that you first help yourself by reading the BOG (doc/bog) +or a book on DNS and BIND. +To be added to this mailing list, send mail to <bind-users-request@vix.com> +Note that the bind-users mailing list is also available on Usenet as + comp.protocols.dns.bind +and that we would all prefer that you read it that way if you possibly can. -This INSTALL was originally written on 15Jul94 by Tom Limoncelli -<tal@bell-labs.org> Minor changes 23Dec95 by Christopher Davis -<ckd@kei.com> and then by Tom Limoncelli 16Oct96. +This INSTALL was... + originally written on 15Jul94 by Tom Limoncelli <tal@bell-labs.com> + changed in minor ways 23Dec95 by Christopher Davis <ckd@kei.com> + and then changed by Tom Limoncelli again 16Oct96. diff --git a/contrib/bind/Makefile b/contrib/bind/Makefile index f684ffb..53763f5 100644 --- a/contrib/bind/Makefile +++ b/contrib/bind/Makefile @@ -1,10 +1,8 @@ # Makefile for BIND>=4.9 top level # vixie@decwrl December, 1992 [original] # -# $Id: Makefile,v 8.48 1996/11/26 10:11:13 vixie Exp $ +# $Id: Makefile,v 8.49 1997/06/01 20:34:25 vixie Exp vixie $ -## ++Copyright++ 1989 -## - ## Copyright (c) 1989 ## The Regents of the University of California. All rights reserved. ## @@ -35,7 +33,7 @@ ## LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY ## OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF ## SUCH DAMAGE. -## - +## ## Portions Copyright (c) 1993 by Digital Equipment Corporation. ## ## Permission to use, copy, modify, and distribute this software for any @@ -53,10 +51,8 @@ ## PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ## ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS ## SOFTWARE. -## - -## --Copyright-- -VER = 4.9.5-P1 +VER = 4.9.6-REL SHELL = /bin/sh MAKE = make DESTDIR = @@ -301,7 +297,7 @@ PIC = #otherwise uncomment the next line and hope for the best #CC = cc $(CPPFLAGS) #CDEBUG = -g -#CPPPFLAGS = -DSVR4 -D_SYS_STREAM_H +#CPPPFLAGS = -DSVR4 -D_SYS_STREAM_H -DMAXHOSTNAMELEN=256 #CPPFLAGS = $(CPPPFLAGS) $(SOLCOMPAT) #INDOT = in. #XFER_INDOT = @@ -824,6 +820,44 @@ PIC = #MANROFF = ( tbl | nroff -man ) #MANDIR = man +#(MOTOROLA Rel FH40.4x ,m88k) +#Support for Motorola m88k machines. The compiler supports +#three compile flags for processor type +# -F88000 the generic 88k +# -F88100 for the 88100 chip +# -F88110 for the 88110 chip +# +# Set to which version of CPU is being used. This was +# compiled on a 197DP with the -F88110 flag +# Earlier boards (187 and V/88) need 88100 and 88000 +# +# See /usr/ccs/lib/.compilerc +# +#CC = /usr/ccs/bin/cc $(CPPFLAGS) +#CDEBUG = -g -O +#CPPFLAGS = -F88110 -D_SYS_STREAM_H -DSVR4 +#INDOT -in. +#XFER_INDOT = +#LEX = lex +#LIBS = -lsocket -lnsl -ll +#DESTBIN = /usr/bin +#DESTSBIN = /usr/sbin +#DESTEXEC = /etc +#DESTHELP = /usr/lib +#DESTLIB = /usr/lib +#DESTINC = /usr/include +#DESTMAN = /usr/share/man +#PIDDIR = /etc +#LDS = @: +#LDFLAGS=-s +#RANLIB = touch +#COMPINCL = compat/include +#CATEXT = $$$$N +#INSTALL_COMPAT = install-compat +#INSTALL = /usr/ucb/install +#PS =ps -p +#IOT = IOT + #################################################################### ############ no user servicable parts beyond this point ############ #################################################################### diff --git a/contrib/bind/README b/contrib/bind/README index 7346eef..fe1e72f 100644 --- a/contrib/bind/README +++ b/contrib/bind/README @@ -1,228 +1,21 @@ -The official place to get BIND is <URL:ftp://ftp.vix.com/pub/bind/release>. +The official version of BIND is now 8.1.1. This is 4.9.6, the last of 4.* +which we are releasing since it has some important security bugs fixed. + +The official place to get BIND is <URL:ftp://ftp.isc.org/isc/bind/src>. The official mailing lists are: bind-users@vix.com - users/admins (use *-request@* for admin mail) bind-workers@vix.com - developers The official Usenet newsgroups are: comp.protocols.tcp-ip.domains + comp.protocols.dns.bind + comp.protocols.dns.ops + comp.protocols.dns.std -BIND is currently sponsored by: The Internet Software Consortium - (send to <info@isc.org> for details.) - ------ 4.9.3 BETA33 - December, 1995 - paul@vix.com - -Take a look around in doc/misc/ and contrib/. Reread INSTALL. Have fun. - ------ 4.9.3 BETA11, BETA12 release - December, 1994 - paul@vix.com - -If you maintain a BSD or are otherwise running a 4.4BSD-based system and want -to integrate BIND into it, check out BSD/README. +BIND is currently maintained by: The Internet Software Consortium + (see <URL:http://www.isc.org/isc>.) Read the top of CHANGES for interesting stuff. -Don't forget to purge all your secondary zone files before upgrading to this -BIND if your existing one came from a vendor. - -The NOTIFY feature is turned off by default, but it's really cool and you -should consider turning it on if you are willing to risk having it not work -after the RFC process is complete (if the protocol has to change at all.) -It already does not conform to the draft protocol so you should consider it -"experimental" even if it happens to work fine. - ------ 4.9.3 BETA10 release - August, 1994 - paul@vix.com - -I recommend reading this ENTIRE FILE before you attempt to build or use BIND. -However, you can get started quickly by scanning down this file for "QUICK" in -the right margin and just reading those sections. You can also look at the -INSTALL file. You should look at doc/info/* if you have trouble building. - -There are at least two known bugs in this BIND: - -1. if you have two authoritative zones (primary or secondary) where - one is a subzone of the other, e.g., - primary pa.dec.com z/pa.dec.com - primary dec.com z/dec.com - and you remove or comment out the subzone (pa.dec.com in our example) - and SIGHUP named, the delegation and other RR's at "pa.dec.com" will - be missing from your cache. to avoid this, you should "named.restart" - rather than SIGHUP ("named.reload") when making changes of this kind. - -2. the /HS qualifier doesn't work on "cache" directives. you will have - to put your hesiod root information into your main "root.cache" file. - -Also, you may find that your utilities will not link with this -lresolv -unless you also install lib44bsd.a and link with -lresolv -l44bsd. This -is because older systems do not include inet_aton() and other functions. - ------ 4.9.3 BETA6 release - June, 1994 - paul@vix.com - -Several private beta test releases have come and gone, and we've fixed a -number of things. See CHANGES for details. - -There is a new Sun Shared Library update mechanism in place, and it works -quite well. See shres/*. - -Versions of NSLOOKUP up through BIND 4.8.3's used IQUERY to ask the local -server for information about the server's own name. I assume that this was -done in a "what the heck, nothing uses these, how can we contrive a need?" -sort of spirit. I removed this code as of BIND 4.9's NSLOOKUP and had it -use the standard gethostbyaddr() mechanisms (which depend on normal queries -of PTR data). Disabling INVQ and putting "options fake-iquery" in the boot -file will cause IQUERY to be answered bogusly but in a way that old nslookup -programs won't trip on. INVQ is disabled by default in conf/options.h. - ------ 4.9.3 BETA2 release - June, 1994 - paul@vix.com - -News flash! BIND development is now funded by the Internet Software Consortium. - -Look at CHANGES to see what's new. Check out doc/misc to see some interesting -papers from Purdue (and Bell Labs, if we're lucky) on DNS security that -motivated many of the security-related changes present in this release. - -Check out shres/Makefile for SunOS4 shared library support. - -INVQ now defaults to "undef". See OPTIONS and conf/options.h. - -ALLOW_UPDATES is no longer available, and will be removed next release. - -You should look hard at the SENSIBLE_DOTS option and convert your serial -numbers either to "sensible" ones or ones without dots (YYYYMMDD## preferred). -SENSIBLE_DOTS will be the default in the next release. - -NCACHE and VALIDATE are _working_ now. - -Read the BOG! It's been updated since the previous release. - -If you are a vendor and are including some or all of this code in your product, -please drop me a line to let me know. I field a lot of questions about BIND -and it is helpful for me to know which vendor releases contain which versions -of BIND. It's also helpful for me to have contacts within the engineering -groups of the various vendors, since when I find a heinous bug I can let you -know. - ------ 4.9.2 FINAL (940221) release - February, 1994 - paul@vix.com - -If you look at the last entry in TODO, you'll see that there are a lot -of things in the queue waiting to go in. However, I'm holding the line -so that 4.9.2-FINAL can be the same as what goes out with 4.4BSD-Lite. -I expect to open 4.9.3-ALPHA fairly soon, with patches comprising new -work; 4.9.2-FINAL will have patches released for it only to correct bugs. - -The official way to get BIND 4.9.2 is: ftp gatekeeper.dec.com OUT OF DATE!!! - cd pub/misc/vixie OUT OF DATE!!! - binary OUT OF DATE!!! - get bind-940221.tar.gz OUT OF DATE!!! - or: get bind-940221.tar.Z OUT OF DATE!!! - -The official mailing lists are: bind-users@vix.com - users/admins - (use *-request for admin mail) bind-workers@vix.com - developers - -The official Usenet newsgroups are: comp.protocols.tcp-ip.domains - -My official e-mail address is: paul@vix.com - ------ 4.9.2 BETA5 (931205) release - December, 1993 - paul@vix.com - -no comments; see CHANGES file. - ------ 4.9.2 BETA4 (931104) release - November, 1993 - paul@vix.com - -All reported portability problems have been fixed. All core dumps have -had changes made for them and we are ready to have them tested again. As -usual, I am running this in production on my own zones and I am rather -confident in it. Note, again, that this is a BETA release and you should -not put it up for anon-ftp or otherwise republish it in any way. - ------ 4.9.2 ALPHA2 (930908) release - September, 1993 - paul@vix.com - -4.9.2 has fixes for most of the bugs that smb@bellcore's white paper talked -about, and CERT is going to be knocking on vendor's doors to get it shipped -with as many operating systems as possible. - ------ 4.9.2 ALPHA1 (930506) release - July, 1993 - Paul Vixie <paul@vix.com> - -I don't work for DEC any more, so note the new e-mail address. The old -<bind-4.9@pa.dec.com> list has been moved to <bind-workers@vix.com>; if -you intend to help hack BIND and you want to be advised of alpha-testing -releases, send mail to <bind-workers-request@vix.com> and ask to be added -to the list. - -Note that 4.9.1 was an interrim, nonpublished release intended to catch -the porting changes needed for 4.4BSD. It never really existed separately. - ------ 4.9 release - April, 1993 - Paul Vixie <vixie@pa.dec.com> - -For information on what's new in 4.9, see OPTIONS and CHANGES. Also note -that the man page for named(8) in man/named.8, and the entire Bind Operations -Guide in doc/BOG/*, has been updated for 4.9. Both make excellent reading. - -Those of you who are thinking of adding features should first read TODO to -see if someone else has already indicated an intention to work on the same -thing. If your feature is significant you should ask <bind-workers@vix.com> -before you hack, if for no other reason than to tell other maintainers to -expect a patch soon. - -Note that the resolver has a number of routines that may already be present -on your system. Efforts have been made to avoid generating code for them on -systems where they aren't needed; don't worry about them if they're -generated unneccessarily since the linker will sort things out. - -This software is protected under the U C Regents' copyright. Changes made -by or released through Digital Equipment Corporation are subject to a -subsidiary copyright. The entire copyright is as follows: - -++Copyright++ 1989 -- -Copyright (c) 1989 - The Regents of the University of California. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: -1. Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. -3. All advertising materials mentioning features or use of this software - must display the following acknowledgement: - This product includes software developed by the University of - California, Berkeley and its contributors. -4. Neither the name of the University nor the names of its contributors - may be used to endorse or promote products derived from this software - without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -SUCH DAMAGE. -- -Portions Copyright (c) 1993 by Digital Equipment Corporation. - -Permission to use, copy, modify, and distribute this software for any -purpose with or without fee is hereby granted, provided that the above -copyright notice and this permission notice appear in all copies, and that -the name of Digital Equipment Corporation not be used in advertising or -publicity pertaining to distribution of the document or software without -specific, written prior permission. - -THE SOFTWARE IS PROVIDED "AS IS" AND DIGITAL EQUIPMENT CORP. DISCLAIMS ALL -WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES -OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DIGITAL EQUIPMENT -CORPORATION BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL -DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR -PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS -ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS -SOFTWARE. -- ---Copyright-- - To build this: QUICK (on SUNOS, use the BSD build environment or you will diff --git a/contrib/bind/conf/portability.h b/contrib/bind/conf/portability.h index f7627d9..6485ee3 100644 --- a/contrib/bind/conf/portability.h +++ b/contrib/bind/conf/portability.h @@ -1,7 +1,7 @@ /* portability.h - include or define things that aren't present on all systems * vixie@decwrl 26dec92 [new] * - * $Id: portability.h,v 8.20 1996/11/26 10:11:16 vixie Exp $ + * $Id: portability.h,v 8.21 1997/06/01 20:34:27 vixie Exp $ */ /* @@ -189,7 +189,8 @@ #endif #if defined(_POSIX_SOURCE) || defined(__sgi) || defined(__ultrix) || \ - defined(__hpux) || (defined(BSD) && (BSD >= 199103)) || defined(sun) + defined(__hpux) || (defined(BSD) && (BSD >= 199103)) || \ + defined(sun) || defined(__m88k__) # define USE_POSIX #endif @@ -606,6 +607,16 @@ extern u_long htonl __P((u_long)), ntohl __P((u_long)); #endif /* + * Motorola FH40.43 and FH40.44 need specific macros for + * get/settimeofday as only one argument seems to be accepted + * by the compiler. NULL generates compile errors + */ +#if defined(__m88k__) && defined(__unix__) +# define gettimeofday(tp, tzp) gettimeofday(tp) +# define settimeofday(tp, tzp) settimeofday(tp) +#endif + +/* * We need to know the IPv6 address family number even on IPv4-only systems. * Note that this is NOT a protocol constant, and that if the system has its * own AF_INET6, different from ours below, all of BIND's libraries and diff --git a/contrib/bind/doc/bog/files.me b/contrib/bind/doc/bog/files.me index 7e75525..b630eea 100644 --- a/contrib/bind/doc/bog/files.me +++ b/contrib/bind/doc/bog/files.me @@ -543,7 +543,7 @@ resolver variable. Supported options at this time are: sets the \s-1RES_DEBUG\s+1 bit in \fB_res.options\fP. .ip \fBndots:\fP\fIn\fP sets the lower threshold (measured in ``number of dots'') on names given to -\fIres_query\fP() such that names with more than this number of dots will be +\fIres_query\fP() such that names with at least this number of dots will be tried as absolute names before any \fIlocal-domain\fP or \fIsearch-list\fP processing is done. The default for this internal variable is ``1''. .\" .pp diff --git a/contrib/bind/include/netdb.h b/contrib/bind/include/netdb.h index 82faf7d..cd11afa 100644 --- a/contrib/bind/include/netdb.h +++ b/contrib/bind/include/netdb.h @@ -55,7 +55,7 @@ /* * @(#)netdb.h 8.1 (Berkeley) 6/2/93 - * $Id: netdb.h,v 8.7 1996/05/09 05:59:09 vixie Exp $ + * $Id: netdb.h,v 8.8 1997/06/01 20:34:32 vixie Exp $ */ #ifndef _NETDB_H_ @@ -167,4 +167,12 @@ struct rpcent *getrpcbyname(), *getrpcbynumber(), *getrpcent(); #endif /* __GNU_LIBRARY__ */ #endif /* sun */ +/* + * The Motorola kernel will only support 64 characters for hostname + * also defined in /usr/ucbinclude/netdb.h + */ +#ifdef __m88k__ +#define MAXHOSTNAMELEN 64 +#endif + #endif /* !_NETDB_H_ */ diff --git a/contrib/bind/include/resolv.h b/contrib/bind/include/resolv.h index 52e115f..9db2202 100644 --- a/contrib/bind/include/resolv.h +++ b/contrib/bind/include/resolv.h @@ -55,7 +55,7 @@ /* * @(#)resolv.h 8.1 (Berkeley) 6/2/93 - * $Id: resolv.h,v 8.17 1996/11/26 10:11:20 vixie Exp $ + * $Id: resolv.h,v 8.18 1997/06/01 20:34:32 vixie Exp $ */ #ifndef _RESOLV_H_ @@ -225,7 +225,6 @@ extern const struct res_sym __p_type_syms[]; #define dn_count_labels __dn_count_labels #define dn_comp __dn_comp #define res_randomid __res_randomid -#define res_send __res_send #define res_isourserver __res_isourserver #define res_nameinquery __res_nameinquery #define res_queriesmatch __res_queriesmatch @@ -238,6 +237,7 @@ extern const struct res_sym __p_type_syms[]; #define res_search __res_search #define res_querydomain __res_querydomain #define res_mkquery __res_mkquery +#define res_send __res_send #endif __BEGIN_DECLS diff --git a/contrib/bind/man/dig.1 b/contrib/bind/man/dig.1 index 53f33f9..a02b2a1 100644 --- a/contrib/bind/man/dig.1 +++ b/contrib/bind/man/dig.1 @@ -1,4 +1,4 @@ -.\" $Id: dig.1,v 8.1 1994/12/15 06:24:10 vixie Exp $ +.\" $Id: dig.1,v 8.2 1997/06/01 20:34:33 vixie Exp $ .\" .\" ++Copyright++ 1993 .\" - @@ -191,7 +191,7 @@ After query returns, execute a .IR ping (@SYS_OPS_EXT@) command for response time comparison. This rather -unelegantly makes a call to the shell. The last +inelegantly makes a call to the shell. The last three lines of statistics is printed for the command: .sp 1 diff --git a/contrib/bind/named/Version.c b/contrib/bind/named/Version.c index 60a7ba8..e89670b 100644 --- a/contrib/bind/named/Version.c +++ b/contrib/bind/named/Version.c @@ -1,14 +1,15 @@ /* * @(#)Version.c 4.9 (Berkeley) 7/21/90 - * $Id: Version.c,v 8.1 1994/12/15 06:24:14 vixie Exp $ + * $Id: Version.c,v 8.2 1997/06/01 20:34:34 vixie Exp $ */ #ifndef lint char sccsid[] = "@(#)named %VERSION% %WHEN% %WHOANDWHERE%"; -char rcsid[] = "$Id: Version.c,v 8.1 1994/12/15 06:24:14 vixie Exp $"; +char rcsid[] = "$Id: Version.c,v 8.2 1997/06/01 20:34:34 vixie Exp $"; #endif /* not lint */ char Version[] = "named %VERSION% %WHEN%\n\t%WHOANDWHERE%"; +char ShortVersion[] = "%VERSION%"; #ifdef COMMENT diff --git a/contrib/bind/named/db_defs.h b/contrib/bind/named/db_defs.h index 7882393..83fc2da 100644 --- a/contrib/bind/named/db_defs.h +++ b/contrib/bind/named/db_defs.h @@ -1,6 +1,6 @@ /* * from db.h 4.16 (Berkeley) 6/1/90 - * $Id: db_defs.h,v 8.5 1996/08/27 08:33:23 vixie Exp $ + * $Id: db_defs.h,v 8.6 1997/06/01 20:34:34 vixie Exp $ */ /* @@ -76,6 +76,9 @@ */ struct databuf { struct databuf *d_next; /* linked list */ +#ifdef STATS + struct nameser *d_ns; /* NS from whence this came */ +#endif u_int32_t d_ttl; /* time to live */ /* if d_zone == DB_Z_CACHE, then * d_ttl is actually the time when @@ -91,13 +94,10 @@ struct databuf { int16_t d_class; /* class number */ int16_t d_type; /* type number */ int16_t d_size; /* size of data area */ + u_int32_t d_rcnt; #ifdef NCACHE unsigned d_rcode :4; /* rcode added for negative caching */ #endif - unsigned d_rcnt :12; -#ifdef STATS - struct nameser *d_ns; /* NS from whence this came */ -#endif u_int16_t d_nstime; /* NS response time, milliseconds */ u_char d_data[sizeof(char*)]; /* malloc'd (padded) */ }; diff --git a/contrib/bind/named/db_func.h b/contrib/bind/named/db_func.h index 5d3929d..87e4faf 100644 --- a/contrib/bind/named/db_func.h +++ b/contrib/bind/named/db_func.h @@ -1,6 +1,6 @@ /* db_proc.h - prototypes for functions in db_*.c * - * $Id: db_func.h,v 8.12 1996/09/22 00:13:10 vixie Exp $ + * $Id: db_func.h,v 8.13 1997/06/01 20:34:34 vixie Exp $ */ /* ++from db_update.c++ */ @@ -11,6 +11,7 @@ extern int db_update __P((char name[], struct hashbuf *htp)), db_cmp __P((struct databuf *,struct databuf *)), findMyZone __P((struct namebuf *np, int class)); +extern void fixttl __P((struct databuf *dp)); /* --from db_update.c-- */ /* ++from db_reload.c++ */ diff --git a/contrib/bind/named/db_load.c b/contrib/bind/named/db_load.c index 6b0a11a..6251f42 100644 --- a/contrib/bind/named/db_load.c +++ b/contrib/bind/named/db_load.c @@ -1,6 +1,6 @@ #if !defined(lint) && !defined(SABER) static char sccsid[] = "@(#)db_load.c 4.38 (Berkeley) 3/2/91"; -static char rcsid[] = "$Id: db_load.c,v 8.31 1996/12/18 04:09:48 vixie Exp $"; +static char rcsid[] = "$Id: db_load.c,v 8.32 1997/06/01 20:34:34 vixie Exp $"; #endif /* not lint */ /* @@ -323,6 +323,13 @@ db_load(filename, in_origin, zp, def_domain) n = n * 10 + (*cp++ - '0'); } while (isdigit(*cp)); + if (*cp != '\0') { + errs++; + syslog(LOG_INFO, + "%s: Line %d: bad TTL: %s.\n", + filename, lineno, buf); + break; + } if (zp->z_type == Z_CACHE) { /* this allows the cache entry to age */ /* while sitting on disk (powered off) */ @@ -1988,7 +1995,7 @@ get_netlist(fp, netlistp, allow, print_tag) char *print_tag; { struct netinfo *ntp, **end; - char buf[BUFSIZ], *maskp; + char buf[MAXDNAME], *maskp; struct in_addr ina; for (end = netlistp; *end; end = &(**end).next) diff --git a/contrib/bind/named/db_secure.c b/contrib/bind/named/db_secure.c index 0ec8353..db57708 100644 --- a/contrib/bind/named/db_secure.c +++ b/contrib/bind/named/db_secure.c @@ -1,5 +1,5 @@ #ifndef LINT -static char rcsid[] = "$Id: db_secure.c,v 8.6 1996/05/17 09:10:46 vixie Exp $"; +static char rcsid[] = "$Id: db_secure.c,v 8.7 1997/06/01 20:34:34 vixie Exp $"; #endif /* this file was contributed by Gregory Neil Shapiro of WPI in August 1993 */ @@ -29,7 +29,7 @@ build_secure_netlist(zp) struct zoneinfo *zp; { struct netinfo *ntp = NULL, **netlistp, **end; - char buf[BUFSIZ]; + char buf[MAXDNAME]; struct hashbuf *htp; struct namebuf *snp; struct databuf *dp; diff --git a/contrib/bind/named/db_update.c b/contrib/bind/named/db_update.c index bacc7f7..b74ac5a 100644 --- a/contrib/bind/named/db_update.c +++ b/contrib/bind/named/db_update.c @@ -1,6 +1,6 @@ #if !defined(lint) && !defined(SABER) static char sccsid[] = "@(#)db_update.c 4.28 (Berkeley) 3/21/91"; -static char rcsid[] = "$Id: db_update.c,v 8.18 1996/10/08 04:51:03 vixie Exp $"; +static char rcsid[] = "$Id: db_update.c,v 8.19 1997/06/01 20:34:34 vixie Exp $"; #endif /* not lint */ /* @@ -71,8 +71,6 @@ static char rcsid[] = "$Id: db_update.c,v 8.18 1996/10/08 04:51:03 vixie Exp $"; #include "named.h" -static void fixttl __P((struct databuf *)); - /* int * isRefByNS(name, htp) * recurse through all of `htp' looking for NS RR's that refer to `name'. @@ -637,7 +635,7 @@ db_update(name, odp, newdp, flags, htp) return (OK); } -static void +void fixttl(dp) register struct databuf *dp; { diff --git a/contrib/bind/named/named-xfer.c b/contrib/bind/named/named-xfer.c index 1772b84..3b578e2 100644 --- a/contrib/bind/named/named-xfer.c +++ b/contrib/bind/named/named-xfer.c @@ -92,7 +92,7 @@ char copyright[] = #if !defined(lint) && !defined(SABER) static char sccsid[] = "@(#)named-xfer.c 4.18 (Berkeley) 3/7/91"; -static char rcsid[] = "$Id: named-xfer.c,v 8.22 1996/12/02 09:17:21 vixie Exp $"; +static char rcsid[] = "$Id: named-xfer.c,v 8.23 1997/06/01 20:34:34 vixie Exp $"; #endif /* not lint */ #include <sys/types.h> @@ -152,14 +152,27 @@ static char *ProgName; static void usage __P((const char *)); static int getzone __P((struct zoneinfo *, u_int32_t, int)), - print_output __P((u_char *, int, u_char *)), + print_output __P((struct zoneinfo *, u_int32_t, + u_char *, int, u_char *)), netread __P((int, char *, int, int)); static SIG_FN read_alarm __P(()); +static SIG_FN term_handler __P(()); static const char *soa_zinfo __P((struct zoneinfo *, u_char *, u_char*)); +struct zoneinfo zp_start, zp_finish; + extern char *optarg; extern int optind, getopt(); + +void +cleanup_for_exit() { +#ifdef DEBUG + if (!debug) +#endif + (void) unlink(tmpname); +} + void main(argc, argv) int argc; @@ -451,11 +464,8 @@ main(argc, argv) /* fall through */ case XFER_TIMEOUT: case XFER_FAIL: -#ifdef DEBUG - if (!debug) -#endif - (void) unlink(tmpname); - exit(result); /* error or timeout */ + cleanup_for_exit(); + exit(result); } /*NOTREACHED*/ } @@ -493,7 +503,12 @@ usage(msg) #define DEF_DNAME '\001' /* '\0' means the root domain */ /* XXX: The following variables should probably all be "static" */ -int minimum_ttl = 0, got_soa = 0; +u_int32_t minimum_ttl = 0; +int soa_cnt = 0; +#ifdef STUBS +int ns_cnt = 0; +#endif +int query_type = 0; int prev_comment = 0; /* was previous record a comment? */ char zone_top[MAXDNAME]; /* the top of the zone */ char prev_origin[MAXDNAME]; /* from most recent $ORIGIN line */ @@ -509,14 +524,13 @@ getzone(zp, serial_no, port) HEADER *hp; u_int16_t len; u_int32_t serial; - int s, n, l, nscnt, soacnt, error = 0; + int s, n, l, error = 0; u_int cnt; u_char *cp, *nmp, *eom, *tmp ; u_char *buf = NULL; u_int bufsize; char name[MAXDNAME], name2[MAXDNAME]; struct sockaddr_in sin; - struct zoneinfo zp_start, zp_finish; #ifdef POSIX_SIGNALS struct sigaction sv, osv; #else @@ -548,11 +562,19 @@ getzone(zp, serial_no, port) /* sv.sa_flags = SA_ONSTACK; */ sigfillset(&sv.sa_mask); (void) sigaction(SIGALRM, &sv, &osv); + bzero((char *)&sv, sizeof sv); + sv.sa_handler = (SIG_FN (*)()) term_handler; + sigfillset(&sv.sa_mask); + (void) sigaction(SIGTERM, &sv, &osv); #else bzero((char *)&sv, sizeof sv); sv.sv_handler = read_alarm; sv.sv_mask = ~0; (void) sigvec(SIGALRM, &sv, &osv); + bzero((char *)&sv, sizeof sv); + sv.sv_handler = term_handler; + sv.sv_mask = ~0; + (void) sigvec(SIGTERM, &sv, &osv); #endif strcpy(zone_top, zp->z_origin); @@ -781,8 +803,10 @@ getzone(zp, serial_no, port) dprintf(1, (ddt, "need update, serial %lu\n", (u_long)zp_start.z_serial)); hp = (HEADER *) buf; - soacnt = 0; - nscnt = 0; + soa_cnt = 0; +#ifdef STUBS + ns_cnt = 0; +#endif gettime(&tt); for (l = Version; l; l = nl) { size_t len; @@ -805,21 +829,19 @@ getzone(zp, serial_no, port) inet_ntoa(sin.sin_addr), ctimel(tt.tv_sec)); for (;;) { - if ((soacnt == 0) || (zp->z_type == Z_STUB)) { - int type; + if ((soa_cnt == 0) || (zp->z_type == Z_STUB)) { #ifdef STUBS if (zp->z_type == Z_STUB) { - if (!soacnt) - type = T_SOA; - else if (!nscnt) - type = T_NS; - else - type = T_SOA; + if (soa_cnt == 1 && + ns_cnt == 0) + query_type = T_NS; + else + query_type = T_SOA; } else #endif - type = T_AXFR; + query_type = T_AXFR; n = res_mkquery(QUERY, zp->z_origin, - curclass, type, + curclass, query_type, NULL, 0, NULL, buf, bufsize); if (n < 0) { @@ -827,7 +849,7 @@ getzone(zp, serial_no, port) #ifdef STUBS if (zp->z_type == Z_STUB) syslog(LOG_INFO, - (type == T_SOA) + (query_type == T_SOA) ? "zone %s: res_mkquery T_SOA failed" : "zone %s: res_mkquery T_NS failed", zp->z_origin); @@ -862,13 +884,27 @@ getzone(zp, serial_no, port) * Receive length & response */ if (netread(s, (char *)buf, INT16SZ, - (soacnt == 0) ?300 :XFER_TIMER) + (soa_cnt == 0) ?300 :XFER_TIMER) < 0) { error++; break; } if ((len = _getshort(buf)) == 0) break; + if (len > bufsize) { + buf = (u_char *)realloc(buf, len); + if (buf == NULL) { + syslog(LOG_INFO, + "malloc(%u) failed for packet from server [%s], zone %s\n", + len, + inet_ntoa(sin.sin_addr), + zp->z_origin); + error++; + break; + } + bufsize = len; + } + hp = (HEADER *)buf; eom = buf + len; if (netread(s, (char *)buf, len, XFER_TIMER) < 0) { @@ -907,30 +943,49 @@ getzone(zp, serial_no, port) if (zp->z_type == Z_STUB) { ancount = ntohs(hp->ancount); for (n = cnt = 0 ; cnt < ancount ; cnt++) { - n = print_output(buf, bufsize, cp); + n = print_output(zp, serial_no, buf, + len, cp); if (n < 0) break; cp += n; } + /* + * If we've processed the answer section and + * didn't get any useful answers, bail out. + */ + if (query_type == T_SOA && soa_cnt == 0) { + syslog(LOG_ERR, + "stubs: no SOA in answer"); + error++; + break; + } + if (query_type == T_NS && ns_cnt == 0) { + syslog(LOG_ERR, + "stubs: no NS in answer"); + error++; + break; + } if (n >= 0 && hp->nscount) { - /* we should not get here */ ancount = ntohs(hp->nscount); - for (cnt = 0 ; cnt < ancount ; cnt++) { - n = print_output(buf, bufsize, cp); - if (n < 0) - break; - cp += n; + for (cnt = 0; cnt < ancount; cnt++) { + n = print_output(zp, + serial_no, + buf, len, cp); + if (n < 0) + break; + cp += n; } } ancount = ntohs(hp->arcount); - for (cnt = 0 ; n >= 0 && cnt < ancount ; cnt++) { - n = print_output(buf, bufsize, cp); + for (cnt = 0; n >= 0 && cnt < ancount; cnt++) { + n = print_output(zp, serial_no, buf, + len, cp); cp += n; } if (n < 0) { syslog(LOG_INFO, - "print_output: unparseable answer (%d), zone %s", - hp->rcode, zp->z_origin); + "print_output: unparseable answer (%d), zone %s", + hp->rcode, zp->z_origin); error++; break; } @@ -941,12 +996,12 @@ getzone(zp, serial_no, port) error++; break; } - } else { #endif /*STUBS*/ ancount = ntohs(hp->ancount); for (n = cnt = 0; cnt < ancount; cnt++) { - n = print_output(buf, bufsize, cp); + n = print_output(zp, serial_no, buf, + len, cp); if (n < 0) break; cp += n; @@ -969,98 +1024,10 @@ getzone(zp, serial_no, port) #ifdef STUBS } #endif - GETSHORT(n, tmp); - if (n == T_SOA) { - if (soacnt == 0) { - soacnt++; - if (dn_expand(buf, buf+PACKETSZ, nmp, - name, sizeof name) < 0) { - badsoa_msg = "soa name error"; - goto badsoa; - } - if (strcasecmp(name, zp->z_origin)!=0){ - syslog(LOG_INFO, - "wrong zone name in AXFR (wanted \"%s\", got \"%s\")", - zp->z_origin, name); - badsoa_msg = "wrong soa name"; - goto badsoa; - } - if (eom - tmp - <= 2 * INT16SZ + INT32SZ) { - badsoa_msg = "soa header"; - goto badsoa; - } - tmp += 2 * INT16SZ + INT32SZ; - if ((n = dn_skipname(tmp, eom)) < 0) { - badsoa_msg = "soa mname"; - goto badsoa; - } - tmp += n; - if ((n = dn_skipname(tmp, eom)) < 0) { - badsoa_msg = "soa hname"; - goto badsoa; - } - tmp += n; - if (eom - tmp <= INT32SZ) { - badsoa_msg = "soa dlen"; - goto badsoa; - } - GETLONG(serial, tmp); - dprintf(3, (ddt, - "first SOA for %s, serial %lu\n", - name, (u_long)serial)); - continue; - } - if (dn_expand(buf, buf+PACKETSZ, nmp, - name2, sizeof name2) == -1) { - badsoa_msg = "soa name error#2"; - goto badsoa; - } - if (strcasecmp((char *)name, - (char *)name2) != 0) { - syslog(LOG_INFO, - "got extra SOA for \"%s\" in zone \"%s\"", - name2, name); - continue; - } - tmp -= INT16SZ; /* Put TYPE back. */ - badsoa_msg = soa_zinfo(&zp_finish, tmp, eom); - if (badsoa_msg) - goto badsoa; - dprintf(2, (ddt, - "SOA, serial %lu\n", - (u_long)zp_finish.z_serial)); - if (serial != zp_finish.z_serial) { - soacnt = 0; - got_soa = 0; - minimum_ttl = 0; - strcpy(prev_origin, zp->z_origin); - prev_dname[0] = DEF_DNAME; - dprintf(1, (ddt, - "serial changed, restart\n" - )); - /* - * Flush buffer, truncate file - * and seek to beginning to restart. - */ - fflush(dbfp); - if (ftruncate(fileno(dbfp), 0) != 0) { - if (!quiet) - syslog(LOG_INFO, - "ftruncate %s: %m\n", - tmpname); - return (XFER_FAIL); - } - fseek(dbfp, 0L, 0); - } else - break; -#ifdef STUBS - } else if (zp->z_type == Z_STUB && n == T_NS) { - nscnt++; - } else if (zp->z_type == Z_STUB) { + + if (soa_cnt >= 2) break; -#endif - } + } (void) my_close(s); if (error == 0) { @@ -1099,6 +1066,12 @@ getzone(zp, serial_no, port) return (XFER_FAIL); } +static SIG_FN +term_handler() { + cleanup_for_exit(); + _exit(XFER_FAIL); /* not safe to call exit() from a signal handler */ +} + /* * Set flag saying to read was interrupted * used for a read timer @@ -1216,7 +1189,9 @@ soa_zinfo(zp, cp, eom) * Does minimal error checking on the message content. */ static int -print_output(msg, msglen, rrp) +print_output(zp, serial_no, msg, msglen, rrp) + struct zoneinfo *zp; + u_int32_t serial_no; u_char *msg; int msglen; u_char *rrp; @@ -1226,11 +1201,13 @@ print_output(msg, msglen, rrp) u_int32_t addr, ttl; int i, j, tab, result, class, type, dlen, n1, n; char data[BUFSIZ]; - u_char *cp1, *cp2, *temp_ptr; + u_char *cp1, *cp2, *temp_ptr, *eom, *rr_type_ptr; u_char *cdata; char *origin, *proto, dname[MAXDNAME]; char *ignore = ""; + const char *badsoa_msg; + eom = msg + msglen; cp = rrp; n = dn_expand(msg, msg + msglen, cp, dname, sizeof dname); if (n < 0) { @@ -1238,6 +1215,7 @@ print_output(msg, msglen, rrp) return (-1); } cp += n; + rr_type_ptr = cp; GETSHORT(type, cp); GETSHORT(class, cp); GETLONG(ttl, cp); @@ -1249,8 +1227,8 @@ print_output(msg, msglen, rrp) else origin++; /* move past the '.' */ dprintf(3, (ddt, - "print_output: dname %s type %d class %d ttl %d\n", - dname, type, class, ttl)); + "print_output: dname %s type %d class %d ttl %lu\n", + dname, type, class, (u_long)ttl)); /* * Convert the resource record data into the internal database format. * CP points to the raw resource record. @@ -1316,6 +1294,10 @@ print_output(msg, msglen, rrp) cp += n; cp1 += strlen((char *) cp1) + 1; if (type == T_SOA) { + if ((eom - cp) < (5 * INT32SZ)) { + hp->rcode = FORMERR; + return (-1); + } temp_ptr = cp + 4 * INT32SZ; GETLONG(minimum_ttl, temp_ptr); n = 5 * INT32SZ; @@ -1375,14 +1357,14 @@ print_output(msg, msglen, rrp) cp += INT16SZ; if (type == T_SRV) { - bcopy((char *)cp, data, INT16SZ*2); + bcopy((char *)cp, cp1, INT16SZ*2); cp1 += INT16SZ*2; cp += INT16SZ*2; } /* get name */ n = dn_expand(msg, msg + msglen, cp, - (char *)cp1, sizeof data - INT16SZ); + (char *)cp1, sizeof data - (cp1-(u_char *)data)); if (n < 0) return (-1); cp += n; @@ -1470,13 +1452,99 @@ print_output(msg, msglen, rrp) result = cp - rrp; /* - * Only print one SOA per db file + * Special handling for SOA records. */ + if (type == T_SOA) { - if (got_soa) + if (strcasecmp(dname, zp->z_origin) != 0) { + syslog(LOG_INFO, + "wrong zone name in AXFR (wanted \"%s\", got \"%s\")", + zp->z_origin, dname); + hp->rcode = FORMERR; + return (-1); + } + if (!soa_cnt) { + badsoa_msg = soa_zinfo(&zp_start, rr_type_ptr, eom); + if (badsoa_msg) { + syslog(LOG_INFO, + "malformed SOA for zone %s: %s", + zp->z_origin, badsoa_msg); + hp->rcode = FORMERR; + return (-1); + } + if (SEQ_GT(zp_start.z_serial, serial_no) || + !serial_no) + soa_cnt++; + else { + syslog(LOG_INFO, + "serial went backwards after transfer started"); + return (-1); + } + } else { + badsoa_msg = soa_zinfo(&zp_finish, rr_type_ptr, eom); + if (badsoa_msg) { + syslog(LOG_INFO, + "malformed SOA for zone %s: %s", + zp->z_origin, badsoa_msg); + hp->rcode = FORMERR; + return (-1); + } + dprintf(2, (ddt, "SOA, serial %lu\n", + (u_long)zp_finish.z_serial)); + if (zp_start.z_serial != zp_finish.z_serial) { + dprintf(1, (ddt, "serial changed, restart\n")); + soa_cnt = 0; +#ifdef STUBS + ns_cnt = 0; +#endif + minimum_ttl = 0; + strcpy(prev_origin, zp->z_origin); + prev_dname[0] = DEF_DNAME; + /* + * Flush buffer, truncate file + * and seek to beginning to restart. + */ + fflush(dbfp); + if (ftruncate(fileno(dbfp), 0) != 0) { + if (!quiet) + syslog(LOG_INFO, + "ftruncate %s: %m\n", + tmpname); + return (-1); + } + fseek(dbfp, 0L, 0); + return (result); + } + soa_cnt++; return (result); + } + } + +#ifdef STUBS + if (zp->z_type == Z_STUB) { + if (query_type == T_NS && type == T_NS) + ns_cnt++; + /* + * If we're processing a response to an SOA query, we don't + * want to print anything from the response except for the SOA. + * We do want to check everything in the packet, which is + * why we do this check now instead of earlier. + */ + if (query_type == T_SOA && type != T_SOA) + return (result); + } +#endif + + if (!soa_cnt || soa_cnt >= 2) { + char *gripe; + + if (!soa_cnt) + gripe = "got RR before first SOA"; else - got_soa++; + gripe = "got RR after second SOA"; + syslog(LOG_INFO, "%s in zone %s", gripe, zp->z_origin); + hp->rcode = FORMERR; + return (-1); } #ifdef NO_GLUE @@ -1570,7 +1638,7 @@ print_output(msg, msglen, rrp) } if (ttl != minimum_ttl) - (void) fprintf(dbfp, "%d\t", (int) ttl); + (void) fprintf(dbfp, "%lu\t", (u_long) ttl); else if (tab) (void) putc('\t', dbfp); @@ -1837,7 +1905,7 @@ print_output(msg, msglen, rrp) cp++; /* orig time to live (TTL)) */ - (void) fprintf(dbfp," %d", _getlong((u_char*)cp)); + (void) fprintf(dbfp," %lu", (u_long)_getlong((u_char*)cp)); cp += INT32SZ; /* expiration time */ @@ -1873,6 +1941,7 @@ print_output(msg, msglen, rrp) } if (ferror(dbfp)) { syslog(LOG_ERR, "%s: %m", tmpname); + cleanup_for_exit(); exit(XFER_FAIL); } return (result); diff --git a/contrib/bind/named/ns_forw.c b/contrib/bind/named/ns_forw.c index f523855..06d428b 100644 --- a/contrib/bind/named/ns_forw.c +++ b/contrib/bind/named/ns_forw.c @@ -1,6 +1,6 @@ #if !defined(lint) && !defined(SABER) static char sccsid[] = "@(#)ns_forw.c 4.32 (Berkeley) 3/3/91"; -static char rcsid[] = "$Id: ns_forw.c,v 8.19 1996/12/02 09:27:36 vixie Exp $"; +static char rcsid[] = "$Id: ns_forw.c,v 8.20 1997/06/01 20:34:34 vixie Exp $"; #endif /* not lint */ /* @@ -559,6 +559,13 @@ nslookup(nsp, qp, syslogdname, sysloginfo) qs->nsdata = dp; qs->nretry = 0; /* + * If this A RR has no RTT, initialize its RTT to a + * small random value. + */ + if (dp->d_nstime == 0) + dp->d_nstime = 1 + + (int)(25.0*rand()/(RAND_MAX + 1.0)); + /* * if we are being asked to fwd a query whose * nameserver list includes our own name/address(es), * then we have detected a lame delegation and rather diff --git a/contrib/bind/named/ns_glob.h b/contrib/bind/named/ns_glob.h index bf31e33..efb0035 100644 --- a/contrib/bind/named/ns_glob.h +++ b/contrib/bind/named/ns_glob.h @@ -1,6 +1,6 @@ /* * from ns.h 4.33 (Berkeley) 8/23/90 - * $Id: ns_glob.h,v 8.11 1996/11/11 06:36:49 vixie Exp $ + * $Id: ns_glob.h,v 8.12 1997/06/01 20:34:34 vixie Exp $ */ /* @@ -248,6 +248,7 @@ DECL const char sendtoStr[] INIT("sendto"); /* defined in version.c, can't use DECL/INIT */ extern char Version[]; +extern char ShortVersion[]; /* max value of xfers_running */ DECL int max_xfers_running INIT(MAX_XFERS_RUNNING); diff --git a/contrib/bind/named/ns_init.c b/contrib/bind/named/ns_init.c index 8a6fd92..a94e1d4 100644 --- a/contrib/bind/named/ns_init.c +++ b/contrib/bind/named/ns_init.c @@ -1,6 +1,6 @@ #if !defined(lint) && !defined(SABER) static char sccsid[] = "@(#)ns_init.c 4.38 (Berkeley) 3/21/91"; -static char rcsid[] = "$Id: ns_init.c,v 8.24 1996/12/02 09:17:21 vixie Exp $"; +static char rcsid[] = "$Id: ns_init.c,v 8.25 1997/06/01 20:34:34 vixie Exp $"; #endif /* not lint */ /* @@ -233,7 +233,7 @@ boot_read(filename, includefile) int includefile; { register struct zoneinfo *zp; - char buf[BUFSIZ], obuf[BUFSIZ], *source; + char buf[MAXDNAME], obuf[MAXDNAME], *source; FILE *fp; int type; int class; @@ -576,21 +576,25 @@ boot_read(filename, includefile) (strcmp(source, zp->z_source) || (stat(zp->z_source, &f_time) == -1 || (zp->z_ftime != f_time.st_mtime)))) { - dprintf(1, (ddt, "backup file changed\n")); + dprintf(1, (ddt, + "backup file changed or missing\n")); free(zp->z_source); zp->z_source = NULL; - zp->z_flags &= ~Z_AUTH; zp->z_serial = 0; /* force xfer */ + if (zp->z_flags & Z_AUTH) { + zp->z_flags &= ~Z_AUTH; #ifdef CLEANCACHE - remove_zone(hashtab, zp - zones, 1); + remove_zone(hashtab, zp - zones, 1); #else - remove_zone(hashtab, zp - zones); + remove_zone(hashtab, zp - zones); #endif - /* - * reload parent so that NS records are - * present during the zone transfer. - */ - do_reload(zp->z_origin, zp->z_type, zp->z_class); + /* + * reload parent so that NS records are + * present during the zone transfer. + */ + do_reload(zp->z_origin, zp->z_type, + zp->z_class); + } } if (zp->z_source) free(source); @@ -674,7 +678,7 @@ static void get_forwarders(fp) FILE *fp; { - char buf[BUFSIZ]; + char buf[MAXDNAME]; register struct fwdinfo *fip = NULL, *ftp = NULL; #ifdef SLAVE_FORWARD diff --git a/contrib/bind/named/ns_main.c b/contrib/bind/named/ns_main.c index 6fff4cc..7f88082 100644 --- a/contrib/bind/named/ns_main.c +++ b/contrib/bind/named/ns_main.c @@ -1,6 +1,6 @@ #if !defined(lint) && !defined(SABER) static char sccsid[] = "@(#)ns_main.c 4.55 (Berkeley) 7/1/91"; -static char rcsid[] = "$Id: ns_main.c,v 8.24 1996/11/26 10:11:22 vixie Exp $"; +static char rcsid[] = "$Id: ns_main.c,v 8.25 1997/06/01 20:34:34 vixie Exp $"; #endif /* not lint */ /* @@ -172,7 +172,7 @@ main(argc, argv, envp) const int on = 1; int rfd, size, len; time_t lasttime, maxctime; - u_char buf[BUFSIZ]; + u_char buf[PACKETSZ]; #ifdef NeXT int old_sigmask; #endif @@ -833,7 +833,7 @@ main(argc, argv, envp) malloc(rbufsize)) ) { sp->s_buf = buf; - sp->s_size = sizeof(buf); + sp->s_bufsize=sizeof(buf); } else { sp->s_bufsize = rbufsize; } @@ -866,6 +866,12 @@ main(argc, argv, envp) sp->s_bufp += n; sp->s_size -= n; } + + if (sp->s_size > 0 && + (n == -1) && + (errno == PORT_WOULDBLK)) + continue; + /* * we don't have enough memory for the query. * if we have a query id, then we will send an @@ -886,8 +892,10 @@ main(argc, argv, envp) (void) writemsg(sp->s_rfd, sp->s_buf, HFIXEDSZ); } + sqrm(sp); continue; } + /* * If the message is too short to contain a valid * header, try to send back an error, and drop the @@ -908,10 +916,9 @@ main(argc, argv, envp) (void) writemsg(sp->s_rfd, sp->s_buf, HFIXEDSZ); } + sqrm(sp); continue; } - if ((n == -1) && (errno == PORT_WOULDBLK)) - continue; if (n <= 0) { sqrm(sp); continue; diff --git a/contrib/bind/named/ns_ncache.c b/contrib/bind/named/ns_ncache.c index 9de1fc8..ff76bca 100644 --- a/contrib/bind/named/ns_ncache.c +++ b/contrib/bind/named/ns_ncache.c @@ -69,7 +69,7 @@ cache_n_resp(msg, msglen) u_int16_t atype; u_char *tp = cp; u_char *cp1; - u_char data[BUFSIZ+MAXDNAME]; + u_char data[MAXDNAME*2 + INT32SZ*5]; size_t len = sizeof data; /* we store NXDOMAIN as T_SOA regardless of the query type */ diff --git a/contrib/bind/named/ns_req.c b/contrib/bind/named/ns_req.c index 1d7e39e..0ed1296 100644 --- a/contrib/bind/named/ns_req.c +++ b/contrib/bind/named/ns_req.c @@ -1,6 +1,6 @@ #if !defined(lint) && !defined(SABER) static char sccsid[] = "@(#)ns_req.c 4.47 (Berkeley) 7/1/91"; -static char rcsid[] = "$Id: ns_req.c,v 8.27 1996/10/08 04:51:03 vixie Exp $"; +static char rcsid[] = "$Id: ns_req.c,v 8.28 1997/06/01 20:34:34 vixie Exp $"; #endif /* not lint */ /* @@ -496,7 +496,7 @@ req_query(hp, cpp, eom, qsp, buflenp, msglenp, msg, dfd, from) PUTLONG(0, *cpp); /* TTL */ tp = *cpp; /* Temp RdLength */ PUTSHORT(0, *cpp); - copyCharString(cpp, Version); + copyCharString(cpp, ShortVersion); PUTSHORT((*cpp) - (tp + INT16SZ), tp); /* Real RdLength */ *msglenp = *cpp - msg; /* Total message length */ return (Finish); @@ -1693,7 +1693,7 @@ doaxfr(np, rfp, top, class) struct namebuf *tnp; /* top namebuf */ struct databuf *tdp; /* top databuf */ struct namebuf **npp, **nppend; - u_char msg[PACKETSZ]; + u_char msg[64*1024]; u_char *cp; const char *fname; char dname[MAXDNAME]; @@ -2009,8 +2009,8 @@ startxfr(qsp, np, soa, soalen, class, dname) */ setsockopt(qsp->s_rfd, SOL_SOCKET, SO_LINGER, (char *)&ll, sizeof ll); - close(qsp->s_rfd); #endif + close(qsp->s_rfd); _exit(0); /* NOTREACHED */ } diff --git a/contrib/bind/named/ns_resp.c b/contrib/bind/named/ns_resp.c index 71b60f9..d0f3221 100644 --- a/contrib/bind/named/ns_resp.c +++ b/contrib/bind/named/ns_resp.c @@ -1,6 +1,6 @@ #if !defined(lint) && !defined(SABER) static char sccsid[] = "@(#)ns_resp.c 4.65 (Berkeley) 3/3/91"; -static char rcsid[] = "$Id: ns_resp.c,v 8.37 1996/12/02 09:17:21 vixie Exp $"; +static char rcsid[] = "$Id: ns_resp.c,v 8.38 1997/06/01 20:34:34 vixie Exp vixie $"; #endif /* not lint */ /* @@ -126,6 +126,7 @@ struct flush_set { int fs_class; u_int fs_cred; struct db_list *fs_list; + struct db_list *fs_last; }; static void rrsetadd __P((struct flush_set *, char *, @@ -136,7 +137,18 @@ static int rrsetcmp __P((char *, struct db_list *)), check_root __P((void)), check_ns __P((void)), rrextract __P((u_char *, int, u_char *, - struct databuf **, char *, int)); + struct databuf **, char *, int, + char **)); + +static void add_related_additional __P((char *)); +static void free_related_additional __P((void)); +static int related_additional __P((char *)); +static void maybe_free __P((char **)); + +#define MAX_RELATED 100 + +static int num_related = 0; +static char *related[MAX_RELATED]; #ifdef LAME_LOGGING static char * @@ -230,11 +242,11 @@ ns_resp(msg, msglen) struct flush_set *flushset; struct sockaddr_in *nsa; struct databuf *nsp[NSMAX]; - int i, c, n, qdcount, ancount, aucount, nscount, arcount; + int i, c, n, qdcount, ancount, aucount, nscount, arcount, arfirst; int qtype, qclass, dbflags; int restart; /* flag for processing cname response */ int validanswer; - int cname, lastwascname; + int cname, lastwascname, externalcname; int count, founddata, foundname; int buflen; int newmsglen; @@ -250,6 +262,9 @@ ns_resp(msg, msglen) struct namebuf *np; struct netinfo *lp; struct fwdinfo *fwd; + char *tname = NULL; + + free_related_additional(); nameserIncr(from_addr.sin_addr, nssRcvdR); nsp[0] = NULL; @@ -688,7 +703,8 @@ ns_resp(msg, msglen) /* * Add the info received in the response to the data base. */ - c = ancount + aucount + arcount; + arfirst = ancount + aucount; + c = arfirst + arcount; /* -ve $ing non-existence of record, must handle non-authoritative * NOERRORs with c == 0. @@ -752,6 +768,7 @@ ns_resp(msg, msglen) nscount = 0; cname = 0; lastwascname = 0; + externalcname = 0; strcpy(aname, qname); if (count) { @@ -767,12 +784,14 @@ ns_resp(msg, msglen) struct databuf *dp; int type; + maybe_free(&tname); if (cp >= eom) { formerrmsg = outofDataFinal; goto formerr; } - n = rrextract(msg, msglen, cp, &dp, name, sizeof name); + n = rrextract(msg, msglen, cp, &dp, name, sizeof name, &tname); if (n < 0) { + maybe_free(&tname); formerrmsg = outofDataFinal; goto formerr; } @@ -782,15 +801,23 @@ ns_resp(msg, msglen) type = dp->d_type; if (i < ancount) { /* Answer section. */ - if (strcasecmp(name, aname) != 0) { - syslog(LOG_DEBUG, "wrong ans. name (%s != %s)", - name, aname); + if (externalcname || strcasecmp(name, aname) != 0) { + if (!externalcname) + syslog(LOG_DEBUG, + "wrong ans. name (%s != %s)", + name, aname); + else + dprintf(3, (ddt, + "ignoring answer '%s' after external cname\n", + name)); db_free(dp); continue; } if (type == T_CNAME && qtype != T_CNAME && qtype != T_ANY) { strcpy(aname, (char *)dp->d_data); + if (!samedomain(aname, qp->q_domain)) + externalcname = 1; cname = 1; lastwascname = 1; } else { @@ -798,27 +825,95 @@ ns_resp(msg, msglen) lastwascname = 0; } + if (tname != NULL) { + add_related_additional(tname); + tname = NULL; + } + dp->d_cred = (hp->aa && !strcasecmp(name, qname)) ? DB_C_AUTH : DB_C_ANSWER; } else { /* After answer section. */ if (lastwascname) { + dprintf(3, (ddt, + "last was cname, ignoring auth. and add.\n")); db_free(dp); break; } - if (i < ancount + aucount && type == T_NS) { + if (i < arfirst) { /* Authority section. */ - if (!samedomain(aname, name) || - (!cname && !samedomain(name, qp->q_domain)) - ) { + switch (type) { + case T_NS: + case T_SOA: + if (!samedomain(aname, name)){ + syslog(LOG_DEBUG, + "bad referral (%s !< %s)", + aname[0] ? aname : ".", + name[0] ? name : "."); + db_free(dp); + continue; + } else if (!samedomain(name, + qp->q_domain)) { + if (!externalcname) + syslog(LOG_DEBUG, + "bad referral (%s !< %s)", + name[0] ? name : ".", + qp->q_domain[0] ? + qp->q_domain : "."); + db_free(dp); + continue; + } + if (type == T_NS) { + nscount++; + add_related_additional(tname); + tname = NULL; + } + break; + case T_NXT: + case T_SIG: + break; + default: syslog(LOG_DEBUG, - "bad referral (%s !< %s)", - name, qp->q_domain); + "invalid RR type '%s' in authority section (name = '%s') from %s", + p_type(type), name, + sin_ntoa(&from_addr)); + db_free(dp); + continue; + } + } else { + /* Additional section. */ + switch (type) { + case T_A: + case T_AAAA: + if (externalcname || + !samedomain(name, qp->q_domain)) { + dprintf(3, (ddt, + "ignoring additional info '%s' type %s\n", + name, p_type(type))); + db_free(dp); + continue; + } + if (!related_additional(name)) { + syslog(LOG_DEBUG, + "unrelated additional info '%s' type %s from %s", + name, p_type(type), + sin_ntoa(&from_addr)); + db_free(dp); + continue; + } + break; + case T_KEY: + case T_SIG: + break; + default: + syslog(LOG_DEBUG, + "invalid RR type '%s' in additional section (name = '%s') from %s", + p_type(type), name, + sin_ntoa(&from_addr)); db_free(dp); continue; } - nscount++; } dp->d_cred = (qp->q_flags & Q_PRIMING) ? DB_C_ANSWER @@ -826,6 +921,7 @@ ns_resp(msg, msglen) } rrsetadd(flushset, name, dp); } + maybe_free(&tname); if (flushset) { rrsetupdate(flushset, dbflags); for (i = 0; i < count; i++) @@ -833,7 +929,7 @@ ns_resp(msg, msglen) free(flushset[i].fs_name); free((char*)flushset); } - if (lastwascname) + if (lastwascname && !externalcname) syslog(LOG_DEBUG, "%s (%s)", danglingCname, aname); if (cp > eom) { @@ -1100,7 +1196,11 @@ ns_resp(msg, msglen) qp->q_fwd = fwdtab; getname(np, tmpdomain, sizeof tmpdomain); + if (qp->q_domain != NULL) + free(qp->q_domain); qp->q_domain = strdup(tmpdomain); + if (qp->q_domain == NULL) + panic(ENOMEM, "ns_resp: strdup failed"); if ((n = nslookup(nsp, qp, dname, "ns_resp")) <= 0) { if (n < 0) { @@ -1146,17 +1246,20 @@ ns_resp(msg, msglen) qp->q_cmsglen = qp->q_msglen; } else if (qp->q_msg) (void) free(qp->q_msg); - if ((qp->q_msg = (u_char *)malloc(BUFSIZ)) == NULL) { + if ((qp->q_msg = (u_char *)malloc(PACKETSZ)) == NULL) { syslog(LOG_NOTICE, "resp: malloc error\n"); goto servfail; } n = res_mkquery(QUERY, dname, qclass, qtype, - NULL, 0, NULL, qp->q_msg, BUFSIZ); + NULL, 0, NULL, qp->q_msg, PACKETSZ); if (n < 0) { syslog(LOG_INFO, "resp: res_mkquery(%s) failed", dname); goto servfail; } + if (qp->q_name != NULL) + free(qp->q_name); + qp->q_name = savestr(dname); qp->q_msglen = n; hp = (HEADER *) qp->q_msg; hp->rd = 0; @@ -1255,29 +1358,35 @@ ns_resp(msg, msglen) (void) send_msg((u_char *)hp, (qp->q_cmsglen ? qp->q_cmsglen : qp->q_msglen), qp); timeout: + if (qp->q_stream != QSTREAM_NULL) + sqrm(qp->q_stream); qremove(qp); free_nsp(nsp); return; } static int -rrextract(msg, msglen, rrp, dpp, dname, namelen) +rrextract(msg, msglen, rrp, dpp, dname, namelen, tnamep) u_char *msg; int msglen; u_char *rrp; struct databuf **dpp; char *dname; int namelen; + char **tnamep; { register u_char *cp; register int n; int class, type, dlen, n1; u_int32_t ttl; u_char *cp1; - u_char data[BUFSIZ]; + u_char data[MAXDNAME*2 + INT32SZ*5]; register HEADER *hp = (HEADER *)msg; enum context context; + if (tnamep != NULL) + *tnamep = NULL; + *dpp = NULL; cp = rrp; if ((n = dn_expand(msg, msg + msglen, cp, dname, namelen)) < 0) { @@ -1362,6 +1471,8 @@ rrextract(msg, msglen, rrp, dpp, dname, namelen) cp += n; cp1 = data; n = strlen((char *)data) + 1; + if (tnamep != NULL && (type == T_NS || type == T_MB)) + *tnamep = strdup((char *)cp1); break; case T_SOA: @@ -1469,7 +1580,7 @@ rrextract(msg, msglen, rrp, dpp, dname, namelen) if (type == T_SRV) { /* Grab weight and port. */ - bcopy(cp, data, INT16SZ*2); + bcopy(cp, cp1, INT16SZ*2); cp1 += INT16SZ*2; cp += INT16SZ*2; } @@ -1488,6 +1599,9 @@ rrextract(msg, msglen, rrp, dpp, dname, namelen) } cp += n; + if (tnamep != NULL) + *tnamep = strdup((char *)cp1); + /* compute end of data */ cp1 += strlen((char *)cp1) + 1; /* compute size of data */ @@ -1647,12 +1761,12 @@ doupdate(msg, msglen, rrp, zone, savens, flags, cred) int class, type; struct databuf *dp; char dname[MAXDNAME]; - u_char data[BUFSIZ+MAX_MD5RSA_KEY_BYTES]; dprintf(3, (ddt, "doupdate(zone %d, savens %#lx, flags %#lx)\n", zone, (u_long)savens, (u_long)flags)); - if ((n = rrextract(msg, msglen, rrp, &dp, dname, sizeof(dname))) == -1) + if ((n = rrextract(msg, msglen, rrp, &dp, dname, sizeof(dname), NULL)) + == -1) return (-1); if (!dp) return (-1); @@ -1673,7 +1787,7 @@ doupdate(msg, msglen, rrp, zone, savens, flags, cred) } #endif if (!bogus && - ((temp = strrchr((char *)data, '.')) != NULL) && + ((temp = strrchr((char *)dp->d_data, '.')) != NULL) && !strcasecmp(temp, ".arpa") ) bogus++; @@ -1688,7 +1802,7 @@ doupdate(msg, msglen, rrp, zone, savens, flags, cred) "bogus root NS")) syslog(LOG_NOTICE, "bogus root NS %s rcvd from %s on query for \"%s\"", - data, sin_ntoa(&from_addr), qname); + dp->d_data, sin_ntoa(&from_addr), qname); db_free(dp); return (cp - rrp); } @@ -1698,7 +1812,7 @@ doupdate(msg, msglen, rrp, zone, savens, flags, cred) "bogus nonroot NS")) syslog(LOG_INFO, "bogus nonroot NS %s rcvd from %s on query for \"%s\"", - data, sin_ntoa(&from_addr), qname); + dp->d_data, sin_ntoa(&from_addr), qname); db_free(dp); return (cp - rrp); } @@ -2019,17 +2133,19 @@ sysquery(dname, class, type, nss, nsc, opcode) qp->q_flags |= Q_SYSTEM; getname(np, tmpdomain, sizeof tmpdomain); + if (qp->q_domain != NULL) + free(qp->q_domain); qp->q_domain = strdup(tmpdomain); - if (!qp->q_domain) + if (qp->q_domain == NULL) panic(ENOMEM, "ns_resp: strdup failed"); - if ((qp->q_msg = (u_char *)malloc(BUFSIZ)) == NULL) { + if ((qp->q_msg = (u_char *)malloc(PACKETSZ)) == NULL) { syslog(LOG_NOTICE, "sysquery: malloc failed"); goto err2; } n = res_mkquery(opcode, dname, class, type, NULL, 0, NULL, - qp->q_msg, BUFSIZ); + qp->q_msg, PACKETSZ); if (n < 0) { syslog(LOG_INFO, "sysquery: res_mkquery(%s) failed", dname); goto err2; @@ -2728,19 +2844,25 @@ rrsetadd(flushset, name, dp) fs->fs_type = dp->d_type; fs->fs_cred = dp->d_cred; fs->fs_list = NULL; + fs->fs_last = NULL; } dbl = (struct db_list *)malloc(sizeof(struct db_list)); if (!dbl) panic(-1, "rrsetadd: out of memory"); - dbl->db_next = fs->fs_list; + dbl->db_next = NULL; dbl->db_dp = dp; - fs->fs_list = dbl; + if (fs->fs_last == NULL) + fs->fs_list = dbl; + else + fs->fs_last->db_next = dbl; + fs->fs_last = dbl; } static int -ttlcheck(name,dbl) +ttlcheck(name,dbl,update) char *name; struct db_list *dbl; + int update; { int type = dbl->db_dp->d_type; int class = dbl->db_dp->d_class; @@ -2764,6 +2886,9 @@ ttlcheck(name,dbl) if (!match(dp, class, type)) continue; if (first) { + /* we can't update zone data so return early */ + if (dp->d_zone != 0) + return(0); ttl = dp->d_ttl; first = 0; } else if (ttl != dp->d_ttl) { @@ -2791,6 +2916,19 @@ ttlcheck(name,dbl) } dbp = dbp->db_next; } + + /* update ttl if required */ + if (update) { + for (dp = np->n_data; dp != NULL; dp = dp->d_next) { + if (!match(dp, class, type)) + continue; + if (dp->d_ttl > ttl) + break; + dp->d_ttl = ttl; + fixttl(dp); + } + } + return(1); } @@ -2871,8 +3009,8 @@ rrsetupdate(flushset, flags) while (fs->fs_name) { dprintf(1,(ddt, "rrsetupdate: %s\n", fs->fs_name[0] ? fs->fs_name : ".")); - if ((n = rrsetcmp(fs->fs_name,fs->fs_list)) && - ttlcheck(fs->fs_name,fs->fs_list)) { + if ((n = rrsetcmp(fs->fs_name, fs->fs_list)) && + ttlcheck(fs->fs_name, fs->fs_list, 0)) { if (n > 0) flushrrset(fs); @@ -2889,6 +3027,8 @@ rrsetupdate(flushset, flags) free((char *)odbp); } } else { + if (n == 0) + (void)ttlcheck(fs->fs_name, fs->fs_list, 1); dbp = fs->fs_list; while (dbp) { db_free(dbp->db_dp); @@ -2974,3 +3114,49 @@ delete_stale(np) } } } + + +static void +add_related_additional(name) + char *name; +{ + int i; + + if (num_related >= MAX_RELATED - 1) + return; + for (i = 0; i < num_related; i++) + if (strcasecmp(name, related[i]) == 0) + return; + related[num_related++] = name; +} + +static void +free_related_additional() { + int i; + + for (i = 0; i < num_related; i++) + free(related[i]); + num_related = 0; +} + +static int +related_additional(name) + char *name; +{ + int i; + + for (i = 0; i < num_related; i++) + if (strcasecmp(name, related[i]) == 0) + return (1); + return (0); +} + +static void +maybe_free(tname) + char **tname; +{ + if (tname == NULL || *tname == NULL) + return; + free(*tname); + *tname = NULL; +} diff --git a/contrib/bind/named/ns_validate.c b/contrib/bind/named/ns_validate.c index 1192471..b7e774c 100644 --- a/contrib/bind/named/ns_validate.c +++ b/contrib/bind/named/ns_validate.c @@ -609,7 +609,7 @@ dovalidate(msg, msglen, rrp, zone, flags, qdomain, server, VCode) u_int32_t ttl; char dname[MAXDNAME]; u_char *cp1; - u_char data[BUFSIZ]; + u_char data[MAXDNAME*2 + INT32SZ*5]; register HEADER *hp = (HEADER *) msg; dprintf(2, (ddt, "dovalidate(zone %d, flags %x)\n", diff --git a/contrib/bind/res/Makefile b/contrib/bind/res/Makefile index 8aaabab..834d74a 100644 --- a/contrib/bind/res/Makefile +++ b/contrib/bind/res/Makefile @@ -1,6 +1,6 @@ # # from @(#)Makefile 5.16 (Berkeley) 3/14/88 -# $Id: Makefile,v 8.13 1996/08/08 22:49:48 vixie Exp $ +# $Id: Makefile,v 8.14 1997/06/01 20:34:37 vixie Exp $ # ## ++Copyright++ 1988, 1995 @@ -99,8 +99,7 @@ ${DESTDIR}${DESTLIB}/libresolv.a: libresolv.a .c.o: ${CC} ${CFLAGS} -c $*.c - -${LDS} ld -x -r $*.o - ${LDS} mv a.out $*.o + -${LDS} ld -x -r $*.o && ${LDS} mv a.out $*.o clean: FRC rm -f errs a.out core libresolv.a tags .depend diff --git a/contrib/bind/res/gethnamaddr.c b/contrib/bind/res/gethnamaddr.c index 8cc26eb..65b9729 100644 --- a/contrib/bind/res/gethnamaddr.c +++ b/contrib/bind/res/gethnamaddr.c @@ -55,7 +55,7 @@ #if defined(LIBC_SCCS) && !defined(lint) static char sccsid[] = "@(#)gethostnamadr.c 8.1 (Berkeley) 6/4/93"; -static char rcsid[] = "$Id: gethnamaddr.c,v 8.20 1996/09/28 06:51:07 vixie Exp $"; +static char rcsid[] = "$Id: gethnamaddr.c,v 8.21 1997/06/01 20:34:37 vixie Exp $"; #endif /* LIBC_SCCS and not lint */ #include <sys/types.h> @@ -210,6 +210,10 @@ getanswer(answer, anslen, qname, qtype) * (i.e., with the succeeding search-domain tacked on). */ n = strlen(bp) + 1; /* for the \0 */ + if (n >= MAXHOSTNAMELEN) { + h_errno = NO_RECOVERY; + return (NULL); + } host.h_name = bp; bp += n; buflen -= n; @@ -254,11 +258,15 @@ getanswer(answer, anslen, qname, qtype) /* Store alias. */ *ap++ = bp; n = strlen(bp) + 1; /* for the \0 */ + if (n >= MAXHOSTNAMELEN) { + had_error++; + continue; + } bp += n; buflen -= n; /* Get canonical name. */ n = strlen(tbuf) + 1; /* for the \0 */ - if (n > buflen) { + if (n > buflen || n >= MAXHOSTNAMELEN) { had_error++; continue; } @@ -270,14 +278,14 @@ getanswer(answer, anslen, qname, qtype) } if (qtype == T_PTR && type == T_CNAME) { n = dn_expand(answer->buf, eom, cp, tbuf, sizeof tbuf); - if ((n < 0) || !res_hnok(tbuf)) { + if (n < 0 || !res_dnok(tbuf)) { had_error++; continue; } cp += n; /* Get canonical name. */ n = strlen(tbuf) + 1; /* for the \0 */ - if (n > buflen) { + if (n > buflen || n >= MAXHOSTNAMELEN) { had_error++; continue; } @@ -318,6 +326,10 @@ getanswer(answer, anslen, qname, qtype) n = -1; if (n != -1) { n = strlen(bp) + 1; /* for the \0 */ + if (n >= MAXHOSTNAMELEN) { + had_error++; + break; + } bp += n; buflen -= n; } @@ -326,6 +338,10 @@ getanswer(answer, anslen, qname, qtype) host.h_name = bp; if (_res.options & RES_USE_INET6) { n = strlen(bp) + 1; /* for the \0 */ + if (n >= MAXHOSTNAMELEN) { + had_error++; + break; + } bp += n; buflen -= n; map_v4v6_hostent(&host, &bp, &buflen); @@ -393,8 +409,8 @@ getanswer(answer, anslen, qname, qtype) # endif /*RESOLVSORT*/ if (!host.h_name) { n = strlen(qname) + 1; /* for the \0 */ - if (n > buflen) - goto try_again; + if (n > buflen || n >= MAXHOSTNAMELEN) + goto no_recovery; strcpy(bp, qname); host.h_name = bp; bp += n; @@ -405,8 +421,8 @@ getanswer(answer, anslen, qname, qtype) h_errno = NETDB_SUCCESS; return (&host); } - try_again: - h_errno = TRY_AGAIN; + no_recovery: + h_errno = NO_RECOVERY; return (NULL); } @@ -506,7 +522,8 @@ gethostbyname2(name, af) if (!isdigit(*cp) && *cp != '.') break; } - if (isxdigit(name[0]) || name[0] == ':') + if ((isxdigit(name[0]) && strchr(name, ':') != NULL) || + name[0] == ':') for (cp = name;; ++cp) { if (!*cp) { if (*--cp == '.') @@ -715,8 +732,7 @@ _gethtent() if (!(cp = strpbrk(p, " \t"))) goto again; *cp++ = '\0'; - if ((_res.options & RES_USE_INET6) && - inet_pton(AF_INET6, p, host_addr) > 0) { + if (inet_pton(AF_INET6, p, host_addr) > 0) { af = AF_INET6; len = IN6ADDRSZ; } else if (inet_pton(AF_INET, p, host_addr) > 0) { @@ -753,12 +769,6 @@ _gethtent() *cp++ = '\0'; } *q = NULL; - if (_res.options & RES_USE_INET6) { - char *bp = hostbuf; - int buflen = sizeof hostbuf; - - map_v4v6_hostent(&host, &bp, &buflen); - } h_errno = NETDB_SUCCESS; return (&host); } diff --git a/contrib/bind/res/getnetent.c b/contrib/bind/res/getnetent.c index 24ee286..18e5d26 100644 --- a/contrib/bind/res/getnetent.c +++ b/contrib/bind/res/getnetent.c @@ -43,7 +43,7 @@ #if defined(LIBC_SCCS) && !defined(lint) static char sccsid[] = "@(#)getnetent.c 8.1 (Berkeley) 6/4/93"; -static char rcsid[] = "$Id: getnetent.c,v 8.3 1996/08/05 08:31:35 vixie Exp $"; +static char rcsid[] = "$Id: getnetent.c,v 8.4 1997/06/01 20:34:37 vixie Exp $"; #endif /* LIBC_SCCS and not lint */ #include <sys/types.h> @@ -122,7 +122,7 @@ getnetent() if (netf == NULL && (netf = fopen(_PATH_NETWORKS, "r" )) == NULL) return (NULL); again: - p = fgets(line, BUFSIZ, netf); + p = fgets(line, sizeof line, netf); if (p == NULL) return (NULL); if (*p == '#') diff --git a/contrib/bind/res/getnetnamadr.c b/contrib/bind/res/getnetnamadr.c index d2f33a1..d9f06f1 100644 --- a/contrib/bind/res/getnetnamadr.c +++ b/contrib/bind/res/getnetnamadr.c @@ -41,7 +41,7 @@ #if defined(LIBC_SCCS) && !defined(lint) static char sccsid[] = "@(#)getnetbyaddr.c 8.1 (Berkeley) 6/4/93"; static char sccsid_[] = "from getnetnamadr.c 1.4 (Coimbra) 93/06/03"; -static char rcsid[] = "$Id: getnetnamadr.c,v 8.7 1996/08/05 08:31:35 vixie Exp $"; +static char rcsid[] = "$Id: getnetnamadr.c,v 8.8 1997/06/01 20:34:37 vixie Exp $"; #endif /* LIBC_SCCS and not lint */ #include <sys/types.h> @@ -102,7 +102,7 @@ getnetanswer(answer, anslen, net_i) char aux1[30], aux2[30], ans[30], *in, *st, *pauxt, *bp, **ap, *paux1 = &aux1[0], *paux2 = &aux2[0], flag = 0; static struct netent net_entry; -static char *net_aliases[MAXALIASES], netbuf[BUFSIZ+1]; +static char *net_aliases[MAXALIASES], netbuf[PACKETSZ]; /* * find first satisfactory answer diff --git a/contrib/bind/res/res_comp.c b/contrib/bind/res/res_comp.c index 5008d47..e21a9fb 100644 --- a/contrib/bind/res/res_comp.c +++ b/contrib/bind/res/res_comp.c @@ -55,7 +55,7 @@ #if defined(LIBC_SCCS) && !defined(lint) static char sccsid[] = "@(#)res_comp.c 8.1 (Berkeley) 6/4/93"; -static char rcsid[] = "$Id: res_comp.c,v 8.11 1996/12/02 09:17:22 vixie Exp $"; +static char rcsid[] = "$Id: res_comp.c,v 8.12 1997/06/01 20:34:37 vixie Exp $"; #endif /* LIBC_SCCS and not lint */ #include <sys/types.h> @@ -94,7 +94,7 @@ dn_expand(msg, eomorig, comp_dn, exp_dn, length) register char *dn; register int n, c; char *eom; - int len = -1, checked = 0; + int len = -1, checked = 0, octets = 0; dn = exp_dn; cp = comp_dn; @@ -108,6 +108,9 @@ dn_expand(msg, eomorig, comp_dn, exp_dn, length) */ switch (n & INDIR_MASK) { case 0: + octets += (n + 1); + if (octets > MAXCDNAME) + return (-1); if (dn != exp_dn) { if (dn >= eom) return (-1); @@ -179,6 +182,8 @@ dn_comp(exp_dn, comp_dn, length, dnptrs, lastdnptr) dn = (u_char *)exp_dn; cp = comp_dn; + if (length > MAXCDNAME) + length = MAXCDNAME; eob = cp + length; lpp = cpp = NULL; if (dnptrs != NULL) { diff --git a/contrib/bind/res/res_debug.c b/contrib/bind/res/res_debug.c index 74dda53..48512fa 100644 --- a/contrib/bind/res/res_debug.c +++ b/contrib/bind/res/res_debug.c @@ -77,7 +77,7 @@ #if defined(LIBC_SCCS) && !defined(lint) static char sccsid[] = "@(#)res_debug.c 8.1 (Berkeley) 6/4/93"; -static char rcsid[] = "$Id: res_debug.c,v 8.19 1996/11/26 10:11:23 vixie Exp $"; +static char rcsid[] = "$Id: res_debug.c,v 8.20 1997/06/01 20:34:37 vixie Exp $"; #endif /* LIBC_SCCS and not lint */ #include <sys/param.h> @@ -1130,40 +1130,47 @@ static u_int8_t precsize_aton(strptr) char **strptr; { - unsigned int mval = 0, cmval = 0; u_int8_t retval = 0; - register char *cp; - register int exponent; - register int mantissa; + char *cp; + int exponent = 0; + int mantissa = 0; cp = *strptr; + while (isdigit(*cp)) { + if (mantissa == 0) + mantissa = *cp - '0'; + else + exponent++; + cp++; + } - while (isdigit(*cp)) - mval = mval * 10 + (*cp++ - '0'); - - if (*cp == '.') { /* centimeters */ + if (*cp == '.') { cp++; if (isdigit(*cp)) { - cmval = (*cp++ - '0') * 10; + if (mantissa == 0) + mantissa = *cp - '0'; + else + exponent++; + cp++; + if (isdigit(*cp)) { - cmval += (*cp++ - '0'); + if (mantissa == 0) + mantissa = *cp - '0'; + else + exponent++; + cp++; } + else + exponent++; } } - cmval = (mval * 100) + cmval; - - for (exponent = 0; exponent < 9; exponent++) - if (cmval < poweroften[exponent+1]) - break; - - mantissa = cmval / poweroften[exponent]; - if (mantissa > 9) - mantissa = 9; + else + exponent += 2; + if (mantissa == 0) + exponent = 0; retval = (mantissa << 4) | exponent; - *strptr = cp; - return (retval); } diff --git a/contrib/bind/res/res_init.c b/contrib/bind/res/res_init.c index c0314c5..de20465 100644 --- a/contrib/bind/res/res_init.c +++ b/contrib/bind/res/res_init.c @@ -55,7 +55,7 @@ #if defined(LIBC_SCCS) && !defined(lint) static char sccsid[] = "@(#)res_init.c 8.1 (Berkeley) 6/7/93"; -static char rcsid[] = "$Id: res_init.c,v 8.7 1996/09/28 06:51:07 vixie Exp $"; +static char rcsid[] = "$Id: res_init.c,v 8.8 1997/06/01 20:34:37 vixie Exp $"; #endif /* LIBC_SCCS and not lint */ #include <sys/types.h> @@ -159,7 +159,7 @@ res_init() register FILE *fp; register char *cp, **pp; register int n; - char buf[BUFSIZ]; + char buf[MAXDNAME]; int nserv = 0; /* number of nameserver records read from file */ int haveenv = 0; int havesearch = 0; diff --git a/contrib/bind/res/res_query.c b/contrib/bind/res/res_query.c index d2700e4..76d4b8c 100644 --- a/contrib/bind/res/res_query.c +++ b/contrib/bind/res/res_query.c @@ -55,7 +55,7 @@ #if defined(LIBC_SCCS) && !defined(lint) static char sccsid[] = "@(#)res_query.c 8.1 (Berkeley) 6/4/93"; -static char rcsid[] = "$Id: res_query.c,v 8.9 1996/09/22 00:13:28 vixie Exp $"; +static char rcsid[] = "$Id: res_query.c,v 8.10 1997/06/01 20:34:37 vixie Exp $"; #endif /* LIBC_SCCS and not lint */ #include <sys/types.h> @@ -323,7 +323,7 @@ res_querydomain(name, domain, class, type, answer, anslen) { char nbuf[MAXDNAME]; const char *longname = nbuf; - int n; + int n, d; if ((_res.options & RES_INIT) == 0 && res_init() == -1) { h_errno = NETDB_INTERNAL; @@ -339,15 +339,26 @@ res_querydomain(name, domain, class, type, answer, anslen) * Check for trailing '.'; * copy without '.' if present. */ - n = strlen(name) - 1; - if (n != (0 - 1) && name[n] == '.' && n < sizeof(nbuf) - 1) { - bcopy(name, nbuf, n); + n = strlen(name); + if (n >= MAXDNAME) { + h_errno = NO_RECOVERY; + return (-1); + } + n--; + if (n >= 0 && name[n] == '.') { + strncpy(nbuf, name, n); nbuf[n] = '\0'; } else longname = name; - } else - sprintf(nbuf, "%.*s.%.*s", MAXDNAME, name, MAXDNAME, domain); - + } else { + n = strlen(name); + d = strlen(domain); + if (n + d + 1 >= MAXDNAME) { + h_errno = NO_RECOVERY; + return (-1); + } + sprintf(nbuf, "%s.%s", name, domain); + } return (res_query(longname, class, type, answer, anslen)); } diff --git a/contrib/bind/res/res_send.c b/contrib/bind/res/res_send.c index da9b9ec..0e0dafd 100644 --- a/contrib/bind/res/res_send.c +++ b/contrib/bind/res/res_send.c @@ -55,7 +55,7 @@ #if defined(LIBC_SCCS) && !defined(lint) static char sccsid[] = "@(#)res_send.c 8.1 (Berkeley) 6/4/93"; -static char rcsid[] = "$Id: res_send.c,v 8.12 1996/10/08 04:51:06 vixie Exp $"; +static char rcsid[] = "$Id: res_send.c,v 8.13 1997/06/01 20:34:37 vixie Exp $"; #endif /* LIBC_SCCS and not lint */ /* change this to "0" @@ -601,6 +601,11 @@ read_len: if ((long) timeout.tv_sec <= 0) timeout.tv_sec = 1; timeout.tv_usec = 0; + if (s+1 > FD_SETSIZE) { + Perror(stderr, "s+1 > FD_SETSIZE", EMFILE); + res_close(); + goto next_ns; + } wait: FD_ZERO(&dsmask); FD_SET(s, &dsmask); diff --git a/contrib/bind/tools/nslookup/send.c b/contrib/bind/tools/nslookup/send.c index 46c74b5..c07d0b6 100644 --- a/contrib/bind/tools/nslookup/send.c +++ b/contrib/bind/tools/nslookup/send.c @@ -55,7 +55,7 @@ #ifndef lint static char sccsid[] = "@(#)send.c 5.18 (Berkeley) 3/2/91"; -static char rcsid[] = "$Id: send.c,v 8.1 1994/12/15 06:24:31 vixie Exp $"; +static char rcsid[] = "$Id: send.c,v 8.2 1997/06/01 20:34:40 vixie Exp $"; #endif /* not lint */ /* @@ -332,8 +332,7 @@ wait: * timeout */ if (_res.options & RES_DEBUG) - printf("timeout (%d secs)\n", - timeout.tv_sec); + printf("timeout\n"); #if BSD >= 43 gotsomewhere = 1; #endif |