diff options
author | dougb <dougb@FreeBSD.org> | 2002-07-01 01:07:56 +0000 |
---|---|---|
committer | dougb <dougb@FreeBSD.org> | 2002-07-01 01:07:56 +0000 |
commit | f4bd5053ab2eb505b16099244427d9e93442fe90 (patch) | |
tree | 2b447904bb3b9c0f6670bba10470d09a443c9a2e /contrib/bind | |
parent | 52cf506b39ec774bba7e719390541e881296c3c4 (diff) | |
download | FreeBSD-src-f4bd5053ab2eb505b16099244427d9e93442fe90.zip FreeBSD-src-f4bd5053ab2eb505b16099244427d9e93442fe90.tar.gz |
Import of ISC BIND version 8.3.3
Diffstat (limited to 'contrib/bind')
51 files changed, 1042 insertions, 260 deletions
diff --git a/contrib/bind/CHANGES b/contrib/bind/CHANGES index 768e601..25ea08f 100644 --- a/contrib/bind/CHANGES +++ b/contrib/bind/CHANGES @@ -1,4 +1,116 @@ + --- 8.3.3-REL released --- (Wed Jun 26 21:15:43 PDT 2002) + +1301. [func] log attempts to exploit #1300. + +1300. [bug] Remote buffer overrun. + +1299. [func] Log to xfer-in when a named-xfer fails and one of + the masters returned REFUSED. + +1298. [bug] named could leak a OPT record when returning a + negative response. + +1297. [func] 'ndc restart' will now attempt to preserve the + arguments named was started with. + Use 'ndc restart --' to clear the arguements. + Use 'ndc restart <new arguements>' to restart named + with a alternate set of arguements. + +1296. [bug] delay setting need_restart until the response to + ndc exec has been sent. + +1295. [func] new ndc command 'args'. returns the arguements that + named was started with %xx escaped. + +1294. [bug] #1272 broke linkage for those OS's using -lfl (flex). + Move -ll/-lfl to LIBL for all platforms. + + --- 8.3.2-REL released --- (Mon Jun 17 20:24:32 PDT 2002) + +1293. [doc] update man pages for 'dig', 'dnsquery' and 'host' + to reflect IPv6 capabilities (nslookup and nsupdate + were already IPv4/IPv6 agnostic). + +1292. [func] host: the default lookups now also include AAAA + records. + +1291. [func] 'dig -x <ip6>' now works. + +1290. [bug] 'dig @server' fail to report the IPv6 address of the + server in error messages. + +1289. [contrib] normalize_zone now handles $TTL. + +1288. [bug] named: -t and -w could not be used together. + +1287. [func] report serial(s) in out going transfer operation. + + --- 8.3.2-RC1 released --- (Thu May 30 23:06:11 PDT 2002) + +1286. [func] libbind: no longer attempts bit string labels for + IPv6 reverse resolution. Try IP6.ARPA then IP6.INT + for nibble style resolution. + +1285. [port] linux: ss_family vs __ss_family in sockaddr_storage. + +1284. [port] freebsd: 5.0 uses gid_t rather that int for + GETGROUPLIST_ARGS + +1283. [port] bsdi: 4.2 also has struct sockaddr_storage. + +1282. [bug] nslookup was using inet_ntoa() to print out a IPv6 + address. + +1281. [bug] escape '(' and ')' when coverting to presentation + form. + +1280. [func] server { edns yes_or_no; } is now supported. + +1279. [bug] nslookup: partial coversion to similar style outputs + for both -type=aaaa and -type=a. + +1278. [bug] free() of non-malloced memory in nslookup. + +1277. [port] cast all instances of yytext in commands.l to (char*) + to silence compilers on OS's where lex declares it + as (unsigned char *). + +1276. [port] hpux 11.22: ansify GetAnswer in getinfo.c to + silence compiler. + +1275. [bug] bad declaration of si in tsig_key_from_addr(). + +1274. [port] hpux 11.22: ansify hexstring() and display() in + addr.c to silence compiler. + +1273. [bug] const pointer conficts in res_debug.c. + +1272. [port] hpux 11.22: don't link against -ll unless required. + +1272. [bug] main_need_num was not last entry in enum. + main_need_tick nolonger required. + +1271. [port] hpux: treat all hpux systems as BIG_ENDIAN, don't + include <sys/mbuf.h>. + +1270. [port] hpux 11.22 namespace clash DATASIZE -> BIND_DATASIZE. + +1269. [port] hpux 11.11 interface scaning. + +1268. [port] solaris: 64 bit binary compatability. + +1267. [bug] aix4: missing IN6_IS_ADDR_V4COMPAT macro. + +1266. [bug] If you are using TSIG #1261 introduced the potential + of a infinite loop. + +1265. [bug] nslookup failed on platforms that don't have BSD 43 + style sockets. + +1264. [bug] LINK_INIT and UNLINK were not compatible with + C++, use LINK_INIT_TYPE and UNLINK_TYPE instead. + --- 8.3.2-T1B released --- (Tue May 7 18:49:58 PDT 2002) 1263. [bug] gethostans() could get out of sync parsing the diff --git a/contrib/bind/README b/contrib/bind/README index 344a3ef..a8a52ec 100644 --- a/contrib/bind/README +++ b/contrib/bind/README @@ -10,6 +10,11 @@ artifacts including BIND, INN, and DHCP. Note that BIND 8 is in "end-of-life", having been replaced by BIND 9. See http://www.isc.org/ for more details. +BIND 8.3.3 Highlights + Security Fix libbind. All applications linked against libbind + need to relinked. + 'rndc restart' now preserves named's arguements + BIND 8.3.2 Highlights dig, nslookup, host and nsupdate have improved IPv6 support. diff --git a/contrib/bind/Version b/contrib/bind/Version index 96227ce..e99a6ad 100644 --- a/contrib/bind/Version +++ b/contrib/bind/Version @@ -1 +1 @@ -8.3.2-T1B +8.3.3-REL diff --git a/contrib/bind/bin/addr/addr.c b/contrib/bind/bin/addr/addr.c index a693391..ae48ea5 100644 --- a/contrib/bind/bin/addr/addr.c +++ b/contrib/bind/bin/addr/addr.c @@ -1,5 +1,5 @@ #if !defined(lint) && !defined(SABER) -static const char rcsid[] = "$Id: addr.c,v 8.8 1999/10/13 16:38:55 vixie Exp $"; +static const char rcsid[] = "$Id: addr.c,v 8.9 2002/05/21 02:26:21 marka Exp $"; #endif /* not lint */ /* @@ -47,11 +47,7 @@ usage() { /* Warning: this scribbles on `dst' even if it's going to return `0'. */ static int -hexstring(src, dst, len) - const char *src; - u_char *dst; - int len; -{ +hexstring(const char *src, u_char *dst, int len) { static const char xdigits[] = "0123456789abcdef"; u_char *ptr = dst, *end = dst + len; u_int val; @@ -100,12 +96,7 @@ hexstring(src, dst, len) } static void -display(input, af, addr, len) - const char *input; - int af; - const u_char *addr; - int len; -{ +display(const char *input, int af, const u_char *addr, int len) { static int before = 0; char p[sizeof "xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:255.255.255.255"]; int i; diff --git a/contrib/bind/bin/dig/dig.c b/contrib/bind/bin/dig/dig.c index 2054258..5bb6e7a 100644 --- a/contrib/bind/bin/dig/dig.c +++ b/contrib/bind/bin/dig/dig.c @@ -1,5 +1,5 @@ #ifndef lint -static const char rcsid[] = "$Id: dig.c,v 8.54 2002/04/24 00:38:08 marka Exp $"; +static const char rcsid[] = "$Id: dig.c,v 8.57 2002/06/18 02:26:49 marka Exp $"; #endif /* @@ -245,6 +245,7 @@ static int print_axfr(FILE *output, const u_char *msg, static struct timeval difftv(struct timeval, struct timeval); static void prnttime(struct timeval); static void stackarg(char *, char **); +static void reverse6(char *, struct in6_addr *); /* Public. */ @@ -289,6 +290,8 @@ main(int argc, char **argv) { int wait=0, delay; int envset=0, envsave=0; struct __res_state res_x, res_t; + int r; + struct in6_addr in6; ns_tsig_key key; char *keyfile = NULL, *keyname = NULL; @@ -494,6 +497,11 @@ main(int argc, char **argv) { printf("; no arg for -x?\n"); break; } + r = inet_pton(AF_INET6, addrc, &in6); + if (r > 0) { + reverse6(domain, &in6); + break; + } addrend = addrc + strlen(addrc); if (*addrend == '.') *addrend = '\0'; @@ -813,7 +821,7 @@ main(int argc, char **argv) { buf, sizeof(buf)); break; case AF_INET6: - inet_ntop(AF_INET, + inet_ntop(AF_INET6, &u[0].sin6.sin6_addr, buf, sizeof(buf)); break; @@ -1030,7 +1038,7 @@ where: server,\n\ fputs("\ notes: defname and search don't work; use fully-qualified names.\n\ this is DiG version " VSTRING "\n\ - $Id: dig.c,v 8.54 2002/04/24 00:38:08 marka Exp $\n\ + $Id: dig.c,v 8.57 2002/06/18 02:26:49 marka Exp $\n\ ", stderr); } @@ -1775,3 +1783,24 @@ stackarg(char *l, char **y) { } } } + +static void +reverse6(char *domain, struct in6_addr *in6) { + sprintf(domain, "%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.ip6.arpa", + in6->s6_addr[15] & 0x0f, (in6->s6_addr[15] >> 4) & 0x0f, + in6->s6_addr[14] & 0x0f, (in6->s6_addr[14] >> 4) & 0x0f, + in6->s6_addr[13] & 0x0f, (in6->s6_addr[13] >> 4) & 0x0f, + in6->s6_addr[12] & 0x0f, (in6->s6_addr[12] >> 4) & 0x0f, + in6->s6_addr[11] & 0x0f, (in6->s6_addr[11] >> 4) & 0x0f, + in6->s6_addr[10] & 0x0f, (in6->s6_addr[10] >> 4) & 0x0f, + in6->s6_addr[9] & 0x0f, (in6->s6_addr[9] >> 4) & 0x0f, + in6->s6_addr[8] & 0x0f, (in6->s6_addr[8] >> 4) & 0x0f, + in6->s6_addr[7] & 0x0f, (in6->s6_addr[7] >> 4) & 0x0f, + in6->s6_addr[6] & 0x0f, (in6->s6_addr[6] >> 4) & 0x0f, + in6->s6_addr[5] & 0x0f, (in6->s6_addr[5] >> 4) & 0x0f, + in6->s6_addr[4] & 0x0f, (in6->s6_addr[4] >> 4) & 0x0f, + in6->s6_addr[6] & 0x0f, (in6->s6_addr[3] >> 4) & 0x0f, + in6->s6_addr[2] & 0x0f, (in6->s6_addr[2] >> 4) & 0x0f, + in6->s6_addr[1] & 0x0f, (in6->s6_addr[1] >> 4) & 0x0f, + in6->s6_addr[0] & 0x0f, (in6->s6_addr[0] >> 4) & 0x0f); +} diff --git a/contrib/bind/bin/host/host.c b/contrib/bind/bin/host/host.c index 84b3621..5bac200 100644 --- a/contrib/bind/bin/host/host.c +++ b/contrib/bind/bin/host/host.c @@ -1,5 +1,5 @@ #ifndef lint -static const char rcsid[] = "$Id: host.c,v 8.52 2002/04/28 01:34:52 marka Exp $"; +static const char rcsid[] = "$Id: host.c,v 8.53 2002/06/18 02:34:02 marka Exp $"; #endif /* not lint */ /* @@ -675,7 +675,7 @@ gethostinfo(char *name) { static int getdomaininfo(const char *name, const char *domain) { - int val1, val2; + int val1, val2, val3; if (querytype) return (getinfo(name, domain, gettype=querytype)); @@ -683,8 +683,9 @@ getdomaininfo(const char *name, const char *domain) { val1 = getinfo(name, domain, gettype=ns_t_a); if (cname || verbose) return (val1); - val2 = getinfo(name, domain, gettype=ns_t_mx); - return (val1 || val2); + val2 = getinfo(name, domain, gettype=ns_t_aaaa); + val3 = getinfo(name, domain, gettype=ns_t_mx); + return (val1 || val2 || val3); } } @@ -1582,6 +1583,7 @@ static const char * pr_type(int type) { if (!verbose) switch (type) { case ns_t_a: + case ns_t_aaaa: return ("has address"); case ns_t_cname: return ("is a nickname for"); diff --git a/contrib/bind/bin/named-xfer/named-xfer.c b/contrib/bind/bin/named-xfer/named-xfer.c index b18b163..27d9ac0 100644 --- a/contrib/bind/bin/named-xfer/named-xfer.c +++ b/contrib/bind/bin/named-xfer/named-xfer.c @@ -130,7 +130,7 @@ char copyright[] = #if !defined(lint) && !defined(SABER) static const char sccsid[] = "@(#)named-xfer.c 4.18 (Berkeley) 3/7/91"; -static const char rcsid[] = "$Id: named-xfer.c,v 8.120 2002/01/29 06:54:52 marka Exp $"; +static const char rcsid[] = "$Id: named-xfer.c,v 8.121 2002/06/26 03:27:22 marka Exp $"; #endif /* not lint */ #include "port_before.h" @@ -750,6 +750,7 @@ main(int argc, char *argv[]) { default: result = XFER_FAIL; /* fall through */ + case XFER_REFUSED: case XFER_TIMEOUT: case XFER_FAIL: (void) unlink(tmpname); @@ -1067,6 +1068,7 @@ getzone(struct zoneinfo *zp, u_int32_t serial_no, int port) { u_int32_t query_serial = serial_no; int first_soa_printed; struct in_addr z_axfr_src; + int refused = 0; #ifdef DEBUG if (debug) { @@ -1630,6 +1632,7 @@ receive: my_addr_text, inet_ntoa(sin.sin_addr), zp->z_origin); + refused = 1; } else { syslog(LOG_INFO, "[%s] record too short from [%s], zone %s\n", @@ -1912,6 +1915,7 @@ axfr_response: my_addr_text, inet_ntoa(sin.sin_addr), zp->z_origin); + refused = 1; } else { syslog(LOG_INFO, "[%s] record too short from [%s], zone %s\n", @@ -1951,6 +1955,8 @@ axfr_response: } if (!error) return (XFER_TIMEOUT); + if (refused) + return (XFER_REFUSED); return (XFER_FAIL); } diff --git a/contrib/bind/bin/named/db_defs.h b/contrib/bind/bin/named/db_defs.h index 72aa19f..68869f0 100644 --- a/contrib/bind/bin/named/db_defs.h +++ b/contrib/bind/bin/named/db_defs.h @@ -1,6 +1,6 @@ /* * from db.h 4.16 (Berkeley) 6/1/90 - * $Id: db_defs.h,v 8.46 2001/11/17 15:16:46 marka Exp $ + * $Id: db_defs.h,v 8.47 2002/05/18 01:02:53 marka Exp $ */ /* @@ -147,7 +147,7 @@ struct databuf { u_int16_t d_nstime; /* NS response time, milliseconds */ u_char d_data[sizeof(void*)]; /* dynamic (padded) */ }; -#define DATASIZE(n) (sizeof(struct databuf) - sizeof(void*) + n) +#define BIND_DATASIZE(n) (sizeof(struct databuf) - sizeof(void*) + n) #ifdef HITCOUNTS extern u_int32_t db_total_hits; diff --git a/contrib/bind/bin/named/db_glue.c b/contrib/bind/bin/named/db_glue.c index e984db1..2e966f5 100644 --- a/contrib/bind/bin/named/db_glue.c +++ b/contrib/bind/bin/named/db_glue.c @@ -1,6 +1,6 @@ #if !defined(lint) && !defined(SABER) static const char sccsid[] = "@(#)db_glue.c 4.4 (Berkeley) 6/1/90"; -static const char rcsid[] = "$Id: db_glue.c,v 8.46 2001/11/25 23:52:19 marka Exp $"; +static const char rcsid[] = "$Id: db_glue.c,v 8.47 2002/05/18 01:02:54 marka Exp $"; #endif /* not lint */ /* @@ -441,7 +441,7 @@ nhash(const char *name) { static void db_freedata(struct databuf *dp) { - int bytes = DATASIZE(dp->d_size); + int bytes = BIND_DATASIZE(dp->d_size); if (dp->d_rcnt != 0) panic("db_freedata: d_rcnt != 0", NULL); diff --git a/contrib/bind/bin/named/db_save.c b/contrib/bind/bin/named/db_save.c index 2153e04..a8f4d2a 100644 --- a/contrib/bind/bin/named/db_save.c +++ b/contrib/bind/bin/named/db_save.c @@ -1,6 +1,6 @@ #if !defined(lint) && !defined(SABER) static const char sccsid[] = "@(#)db_save.c 4.16 (Berkeley) 3/21/91"; -static const char rcsid[] = "$Id: db_save.c,v 8.29 2001/04/25 13:53:09 marka Exp $"; +static const char rcsid[] = "$Id: db_save.c,v 8.30 2002/05/18 01:02:56 marka Exp $"; #endif /* not lint */ /* @@ -137,7 +137,7 @@ savedata(class, type, ttl, data, size) int size; { struct databuf *dp; - int bytes = DATASIZE(size); + int bytes = BIND_DATASIZE(size); dp = (struct databuf *)memget(bytes); if (dp == NULL) diff --git a/contrib/bind/bin/named/db_tsig.c b/contrib/bind/bin/named/db_tsig.c index 5f7b670..9bdba0e 100644 --- a/contrib/bind/bin/named/db_tsig.c +++ b/contrib/bind/bin/named/db_tsig.c @@ -1,6 +1,6 @@ #if !defined(lint) && !defined(SABER) -static const char rcsid[] = "$Id: db_tsig.c,v 8.7 2001/06/18 14:42:59 marka Exp $"; +static const char rcsid[] = "$Id: db_tsig.c,v 8.8 2002/05/21 02:34:32 marka Exp $"; #endif /* not lint */ /* @@ -129,7 +129,7 @@ tsig_alg_value(char *name) { DST_KEY * tsig_key_from_addr(struct in_addr addr) { - server_info si = si = find_server(addr); + server_info si = find_server(addr); if (si == NULL || si->key_list == NULL || si->key_list->first == NULL) return(NULL); return(si->key_list->first->key); diff --git a/contrib/bind/bin/named/named.conf b/contrib/bind/bin/named/named.conf index d0d2996..7d81695 100644 --- a/contrib/bind/bin/named/named.conf +++ b/contrib/bind/bin/named/named.conf @@ -267,6 +267,8 @@ zone "non-default-acl.demo.zone" { acl key_acl { key sample_key; }; // a request signed with sample_key server 1.2.3.4 { + edns no; // if no, we won't send ends queries + // to this server bogus no; // if yes, we won't query or listen // to this server transfer-format one-answer; // set transfer format for this diff --git a/contrib/bind/bin/named/ns_config.c b/contrib/bind/bin/named/ns_config.c index 1680d91..ad4de85 100644 --- a/contrib/bind/bin/named/ns_config.c +++ b/contrib/bind/bin/named/ns_config.c @@ -1,5 +1,5 @@ #if !defined(lint) && !defined(SABER) -static const char rcsid[] = "$Id: ns_config.c,v 8.134 2002/04/25 05:27:04 marka Exp $"; +static const char rcsid[] = "$Id: ns_config.c,v 8.135 2002/05/24 03:04:59 marka Exp $"; #endif /* not lint */ /* @@ -2549,6 +2549,7 @@ new_server(struct in_addr address) { si->flags |= SERVER_INFO_SUPPORT_IXFR; else si->flags &= ~SERVER_INFO_SUPPORT_IXFR; + si->flags |= SERVER_INFO_EDNS; return (si); } @@ -2649,6 +2650,7 @@ set_server_option(server_config sc, int bool_opt, int value) { switch (bool_opt) { case SERVER_INFO_BOGUS: case SERVER_INFO_SUPPORT_IXFR: + case SERVER_INFO_EDNS: if (value) si->flags |= bool_opt; else diff --git a/contrib/bind/bin/named/ns_ctl.c b/contrib/bind/bin/named/ns_ctl.c index ee77634..c8fc907 100644 --- a/contrib/bind/bin/named/ns_ctl.c +++ b/contrib/bind/bin/named/ns_ctl.c @@ -1,5 +1,5 @@ #if !defined(lint) && !defined(SABER) -static const char rcsid[] = "$Id: ns_ctl.c,v 8.46 2001/12/19 11:53:48 marka Exp $"; +static const char rcsid[] = "$Id: ns_ctl.c,v 8.47 2002/06/24 07:11:07 marka Exp $"; #endif /* not lint */ /* @@ -112,6 +112,8 @@ static void verb_stop(struct ctl_sctx *, struct ctl_sess *, static void verb_exec(struct ctl_sctx *, struct ctl_sess *, const struct ctl_verb *, const char *, u_int, const void *, void *); +static void exec_closure(struct ctl_sctx *, struct ctl_sess *, + void *); static void verb_reload(struct ctl_sctx *, struct ctl_sess *, const struct ctl_verb *, const char *, u_int, const void *, void *); @@ -141,6 +143,9 @@ static void verb_help(struct ctl_sctx *, struct ctl_sess *, static void verb_quit(struct ctl_sctx *, struct ctl_sess *, const struct ctl_verb *, const char *, u_int, const void *, void *); +static void verb_args(struct ctl_sctx *, struct ctl_sess *, + const struct ctl_verb *, + const char *, u_int, const void *, void *); /* Private data. */ @@ -162,6 +167,7 @@ static struct ctl_verb verbs[] = { { "qrylog", verb_querylog, "qrylog"}, { "help", verb_help, "help"}, { "quit", verb_quit, "quit"}, + { "args", verb_args, "args"}, { NULL, NULL, NULL} }; @@ -794,14 +800,26 @@ verb_exec(struct ctl_sctx *ctl, struct ctl_sess *sess, saved_argv[0], save); ctl_response(sess, 502, save, 0, NULL, NULL, NULL, NULL, 0); + } else if (user_name != NULL || group_name != NULL) { + ctl_response(sess, 502, + "can't exec as user or group was specified", + 0, NULL, NULL, NULL, NULL, 0); } else { - ns_need(main_need_restart); ctl_response(sess, 250, "Restart initiated.", 0, NULL, - NULL, NULL, NULL, 0); + exec_closure, NULL, NULL, 0); } } static void +exec_closure(struct ctl_sctx *sctx, struct ctl_sess *sess, void *uap) { + + UNUSED(sctx); + UNUSED(sess); + UNUSED(uap); + ns_need(main_need_restart); +} + +static void verb_reload(struct ctl_sctx *ctl, struct ctl_sess *sess, const struct ctl_verb *verb, const char *rest, u_int respflags, const void *respctx, void *uctx) @@ -1049,3 +1067,81 @@ verb_quit(struct ctl_sctx *ctl, struct ctl_sess *sess, ctl_response(sess, 221, "End of control session.", CTL_EXIT, NULL, NULL, NULL, NULL, 0); } + +static char hex[] = "0123456789abcdef"; + +struct pvt_args { + int argc; + char text[MAX_STR_LEN]; +}; + +static void +args_closure(struct ctl_sctx *sctx, struct ctl_sess *sess, void *uap) { + struct pvt_args *pvt = ctl_getcsctx(sess); + + UNUSED(sctx); + UNUSED(uap); + + memput(pvt, sizeof *pvt); + ctl_setcsctx(sess, NULL); +} + +static void +verb_args(struct ctl_sctx *ctl, struct ctl_sess *sess, + const struct ctl_verb *verb, const char *rest, + u_int respflags, const void *respctx, void *uctx) +{ + struct pvt_args *pvt = ctl_getcsctx(sess); + char *cp, *tp; + + UNUSED(ctl); + UNUSED(verb); + UNUSED(rest); + UNUSED(respflags); + UNUSED(respctx); + UNUSED(uctx); + + if (pvt == NULL) { + unsigned int i = 0; + pvt = memget(sizeof *pvt); + if (pvt == NULL) { + ctl_response(sess, 505, "(out of memory)", + 0, NULL, NULL, NULL, NULL, 0); + return; + } + pvt->argc = 0; + ctl_setcsctx(sess, pvt); + + /* Send the arguement count. */ + while (saved_argv[i] != NULL) + i++; + sprintf(pvt->text, "%u", i); + ctl_response(sess, 250, pvt->text, CTL_MORE, + NULL, args_closure, NULL, NULL, 0); + return; + } + + /* + * Percent escape arguement. + */ + cp = saved_argv[pvt->argc++]; + tp = pvt->text; + while (cp && *cp != NULL) + if (*cp == '%' || *cp == ' ' || + !isprint((unsigned char)*cp)) { + if (tp >= pvt->text + sizeof(pvt->text) - 4) + break; + *tp++ = '%'; + *tp++ = hex[(*cp>>4)&0xf]; + *tp++ = hex[(*cp++)&0xf]; + } else { + if (tp >= pvt->text + sizeof(pvt->text) - 2) + break; + *tp++ = *cp++; + } + *tp = '\0'; + + ctl_response(sess, 250, pvt->text, + saved_argv[pvt->argc] == NULL ? 0 : CTL_MORE, + NULL, args_closure, NULL, NULL, 0); +} diff --git a/contrib/bind/bin/named/ns_defs.h b/contrib/bind/bin/named/ns_defs.h index 3474550..f8bb976 100644 --- a/contrib/bind/bin/named/ns_defs.h +++ b/contrib/bind/bin/named/ns_defs.h @@ -1,6 +1,6 @@ /* * from ns.h 4.33 (Berkeley) 8/23/90 - * $Id: ns_defs.h,v 8.118 2002/04/25 05:27:06 marka Exp $ + * $Id: ns_defs.h,v 8.121 2002/06/26 03:27:19 marka Exp $ */ /* @@ -172,9 +172,8 @@ typedef enum need { main_need_restart, /* exec() needed. */ main_need_reap, /* need to reap dead children. */ main_need_noexpired, /* ns_reconfig() needed w/ noexpired set. */ - main_need_num, /* number of needs, used for array bound. */ - main_need_tick, /* tick every second to poll for cleanup (NT) */ - main_need_tryxfer /* attemt to start a zone transfer. */ + main_need_tryxfer, /* attemt to start a zone transfer. */ + main_need_num /* MUST BE LAST. */ } main_need; /* What global options are set? */ @@ -438,6 +437,7 @@ enum zonetype { z_nil, z_master, z_slave, z_hint, z_stub, z_forward, #define XFER_SUCCESSAXFR 4 /* named-xfr recived a xfr */ #define XFER_SUCCESSIXFR 5 /* named-xfr recived a ixfr */ #define XFER_SUCCESSAXFRIXFRFILE 6 /* named-xfr received AXFR for IXFR */ +#define XFER_REFUSED 7 /* one master returned REFUSED */ #define XFER_ISAXFR -1 /* the last XFR is AXFR */ #define XFER_ISIXFR -2 /* the last XFR is IXFR */ #define XFER_ISAXFRIXFR -3 /* the last XFR is AXFR but we must create IXFR base */ @@ -835,6 +835,7 @@ typedef struct server_config { #define SERVER_INFO_BOGUS 0x01 #define SERVER_INFO_SUPPORT_IXFR 0x02 +#define SERVER_INFO_EDNS 0x04 typedef struct server_info { struct in_addr address; diff --git a/contrib/bind/bin/named/ns_forw.c b/contrib/bind/bin/named/ns_forw.c index 494a96a..746257b 100644 --- a/contrib/bind/bin/named/ns_forw.c +++ b/contrib/bind/bin/named/ns_forw.c @@ -1,6 +1,6 @@ #if !defined(lint) && !defined(SABER) static const char sccsid[] = "@(#)ns_forw.c 4.32 (Berkeley) 3/3/91"; -static const char rcsid[] = "$Id: ns_forw.c,v 8.90 2002/02/22 05:12:35 marka Exp $"; +static const char rcsid[] = "$Id: ns_forw.c,v 8.91 2002/05/24 03:04:57 marka Exp $"; #endif /* not lint */ /* @@ -612,6 +612,11 @@ nslookup(struct databuf *nsp[], struct qinfo *qp, qs->nsdata = dp; qs->forwarder = 0; qs->noedns = dp->d_noedns; + if (!qs->noedns) { + server_info si = find_server(nsa); + if (si && (si->flags & SERVER_INFO_EDNS) == 0) + qs->noedns = 1; + } qs->nretry = 0; /* * If this A RR has no RTT, initialize its RTT to a @@ -1285,6 +1290,11 @@ nsfwdadd(struct qinfo *qp, struct fwdinfo *fwd) { qs->nsdata = fwd->fwddata->nsdata; qs->forwarder = 1; qs->noedns = fwd->fwddata->nsdata->d_noedns; + if (!qs->noedns) { + server_info si = find_server(qs->ns_addr.sin_addr); + if (si && (si->flags & SERVER_INFO_EDNS) == 0) + qs->noedns = 1; + } qs->nretry = 0; n++; nextfwd: diff --git a/contrib/bind/bin/named/ns_glob.h b/contrib/bind/bin/named/ns_glob.h index 7f382d5..8f052f5 100644 --- a/contrib/bind/bin/named/ns_glob.h +++ b/contrib/bind/bin/named/ns_glob.h @@ -1,6 +1,6 @@ /* * from ns.h 4.33 (Berkeley) 8/23/90 - * $Id: ns_glob.h,v 8.57 2001/11/12 21:22:26 marka Exp $ + * $Id: ns_glob.h,v 8.58 2002/06/05 04:53:50 marka Exp $ */ /* @@ -336,6 +336,7 @@ DECL char * user_name INIT(NULL); DECL gid_t group_id; DECL char * group_name INIT(NULL); DECL char * chroot_dir INIT(NULL); +DECL char * working_dir INIT(NULL); DECL int loading INIT(0); diff --git a/contrib/bind/bin/named/ns_ixfr.c b/contrib/bind/bin/named/ns_ixfr.c index f14019e..0492bc0 100644 --- a/contrib/bind/bin/named/ns_ixfr.c +++ b/contrib/bind/bin/named/ns_ixfr.c @@ -1,5 +1,5 @@ #if !defined(lint) && !defined(SABER) -static const char rcsid[] = "$Id: ns_ixfr.c,v 8.31 2002/01/02 05:15:20 marka Exp $"; +static const char rcsid[] = "$Id: ns_ixfr.c,v 8.32 2002/05/18 01:02:57 marka Exp $"; #endif /* not lint */ /* @@ -201,10 +201,10 @@ sx_send_ixfr(struct qstream *qsp) { ns_panic(ns_log_update, 1, "sx_send_ixfr: unable to locate soa"); } - old_soadp = memget(DATASIZE(soa_dp->d_size)); + old_soadp = memget(BIND_DATASIZE(soa_dp->d_size)); if (old_soadp == NULL) ns_panic(ns_log_update, 1, "sx_send_ixfr: out of memory"); - memcpy(old_soadp, soa_dp, DATASIZE(soa_dp->d_size)); + memcpy(old_soadp, soa_dp, BIND_DATASIZE(soa_dp->d_size)); again: switch (qsp->xfr.state) { @@ -383,7 +383,7 @@ sx_send_ixfr(struct qstream *qsp) { qsp->xfr.top.ixfr = NULL; } cleanup: - memput(old_soadp, DATASIZE(old_soadp->d_size)); + memput(old_soadp, BIND_DATASIZE(old_soadp->d_size)); } diff --git a/contrib/bind/bin/named/ns_lexer.c b/contrib/bind/bin/named/ns_lexer.c index b10219a..b827162 100644 --- a/contrib/bind/bin/named/ns_lexer.c +++ b/contrib/bind/bin/named/ns_lexer.c @@ -1,5 +1,5 @@ #if !defined(lint) && !defined(SABER) -static const char rcsid[] = "$Id: ns_lexer.c,v 8.30 2002/04/25 05:27:08 marka Exp $"; +static const char rcsid[] = "$Id: ns_lexer.c,v 8.31 2002/05/24 03:05:03 marka Exp $"; #endif /* not lint */ /* @@ -251,6 +251,7 @@ static struct keyword keywords[] = { {"directory", T_DIRECTORY}, {"dump-file", T_DUMP_FILE}, {"dynamic", T_DYNAMIC}, + {"edns", T_EDNS}, {"explicit", T_EXPLICIT}, {"fail", T_FAIL}, {"fake-iquery", T_FAKE_IQUERY}, diff --git a/contrib/bind/bin/named/ns_main.c b/contrib/bind/bin/named/ns_main.c index d839387..f12f285 100644 --- a/contrib/bind/bin/named/ns_main.c +++ b/contrib/bind/bin/named/ns_main.c @@ -1,6 +1,6 @@ #if !defined(lint) && !defined(SABER) static const char sccsid[] = "@(#)ns_main.c 4.55 (Berkeley) 7/1/91"; -static const char rcsid[] = "$Id: ns_main.c,v 8.157 2002/04/13 23:26:16 marka Exp $"; +static const char rcsid[] = "$Id: ns_main.c,v 8.160 2002/06/24 07:06:55 marka Exp $"; #endif /* not lint */ /* @@ -99,8 +99,10 @@ char copyright[] = #ifdef SVR4 /* XXX */ # include <sys/sockio.h> #else +#ifndef __hpux # include <sys/mbuf.h> #endif +#endif #include <netinet/in.h> #include <net/route.h> @@ -174,7 +176,7 @@ static u_int16_t nsid_c1, nsid_c2, nsid_c3; static u_int16_t nsid_state2; static int nsid_algorithm; -static int needs = 0, needs_exit = 0; +static int needs = 0, needs_exit = 0, needs_restart = 0; static handler handlers[main_need_num]; static void savedg_waitfunc(evContext, void*, const void*); static void need_waitfunc(evContext, void *, const void *); @@ -309,14 +311,7 @@ main(int argc, char *argv[]) { break; case 'w': - if (chdir(optarg) < 0) { - syslog(LOG_CRIT, bad_directory, optarg, - strerror(errno)); - fprintf(stderr, bad_directory, optarg, - strerror(errno)); - fputc('\n', stderr); - exit(1); - } + working_dir = savestr(optarg, 1); break; #ifdef QRYLOG case 'q': @@ -434,6 +429,19 @@ main(int argc, char *argv[]) { chroot_dir = freestr(chroot_dir); #endif } + /* + * Set working directory. + */ + if (working_dir != NULL) { + if (chdir(working_dir) < 0) { + syslog(LOG_CRIT, bad_directory, working_dir, + strerror(errno)); + fprintf(stderr, bad_directory, working_dir, + strerror(errno)); + fputc('\n', stderr); + exit(1); + } + } /* Establish global event context. */ evCreate(&ev); @@ -550,7 +558,10 @@ main(int argc, char *argv[]) { else INSIST_ERR(errno == EINTR); } - ns_info(ns_log_default, "named shutting down"); + if (needs_restart) + ns_info(ns_log_default, "named restarting"); + else + ns_info(ns_log_default, "named shutting down"); #ifdef BIND_UPDATE dynamic_about_to_exit(); #endif @@ -563,8 +574,11 @@ main(int argc, char *argv[]) { else shutdown_configuration(); - /* Cleanup for system-dependent stuff */ - custom_shutdown(); + if (needs_restart) + execvp(saved_argv[0], saved_argv); + else + /* Cleanup for system-dependent stuff */ + custom_shutdown(); return (0); } @@ -2746,6 +2760,9 @@ deallocate_everything(void) { if (chroot_dir != NULL) freestr(chroot_dir); chroot_dir = NULL; + if (working_dir != NULL) + freestr(working_dir); + working_dir = NULL; if (nsid_pool != NULL) memput(nsid_pool, 0x10000 * (sizeof(u_int16_t))); nsid_pool = NULL; @@ -2764,19 +2781,8 @@ deallocate_everything(void) { static void ns_restart(void) { - ns_info(ns_log_default, "named restarting"); -#ifdef BIND_UPDATE - dynamic_about_to_exit(); -#endif - if (server_options && server_options->pid_filename) - (void)unlink(server_options->pid_filename); - ns_logstats(ev, NULL, evNowTime(), evConsTime(0, 0)); - if (NS_OPTION_P(OPTION_DEALLOC_ON_EXIT)) - deallocate_everything(); - else - shutdown_configuration(); - execvp(saved_argv[0], saved_argv); - abort(); + needs_restart = 1; + needs_exit = 1; } static void diff --git a/contrib/bind/bin/named/ns_maint.c b/contrib/bind/bin/named/ns_maint.c index 82df685..be4b6f9 100644 --- a/contrib/bind/bin/named/ns_maint.c +++ b/contrib/bind/bin/named/ns_maint.c @@ -1,6 +1,6 @@ #if !defined(lint) && !defined(SABER) static const char sccsid[] = "@(#)ns_maint.c 4.39 (Berkeley) 3/2/91"; -static const char rcsid[] = "$Id: ns_maint.c,v 8.135 2002/04/25 05:27:10 marka Exp $"; +static const char rcsid[] = "$Id: ns_maint.c,v 8.136 2002/06/26 03:27:20 marka Exp $"; #endif /* not lint */ /* @@ -1681,6 +1681,17 @@ endxfer() { sched_zone_maint(zp); break; + case XFER_REFUSED: + if (!(zp->z_flags & Z_SYSLOGGED)) { + zp->z_flags |= Z_SYSLOGGED; + ns_error(ns_log_xfer_in, + "zoneref: Masters for slave zone \"%s\" REFUSED transfer", + zp->z_origin); + } + ns_retrytime(zp, tt.tv_sec); + sched_zone_maint(zp); + break; + default: if (!(zp->z_flags & Z_SYSLOGGED)) { zp->z_flags |= Z_SYSLOGGED; diff --git a/contrib/bind/bin/named/ns_parser.y b/contrib/bind/bin/named/ns_parser.y index 8e62962..79f34b1 100644 --- a/contrib/bind/bin/named/ns_parser.y +++ b/contrib/bind/bin/named/ns_parser.y @@ -1,6 +1,6 @@ %{ #if !defined(lint) && !defined(SABER) -static char rcsid[] = "$Id: ns_parser.y,v 8.79 2002/04/25 05:27:13 marka Exp $"; +static char rcsid[] = "$Id: ns_parser.y,v 8.80 2002/05/24 03:05:01 marka Exp $"; #endif /* not lint */ /* @@ -191,6 +191,7 @@ int yyparse(); %token T_TRANSFERS %token T_KEYS %token T_SUPPORT_IXFR +%token T_EDNS /* Items used for "zone" statements: */ %token T_ZONE @@ -1268,6 +1269,10 @@ server_info: T_BOGUS yea_or_nay set_server_transfer_format(current_server, $2); } | T_KEYS '{' key_list '}' + | T_EDNS yea_or_nay + { + set_server_option(current_server, SERVER_INFO_EDNS, $2); + } | error ; diff --git a/contrib/bind/bin/named/ns_req.c b/contrib/bind/bin/named/ns_req.c index 1a1d756..6aca04a 100644 --- a/contrib/bind/bin/named/ns_req.c +++ b/contrib/bind/bin/named/ns_req.c @@ -1,6 +1,6 @@ #if !defined(lint) && !defined(SABER) static const char sccsid[] = "@(#)ns_req.c 4.47 (Berkeley) 7/1/91"; -static const char rcsid[] = "$Id: ns_req.c,v 8.168 2002/04/30 03:43:52 marka Exp $"; +static const char rcsid[] = "$Id: ns_req.c,v 8.169 2002/05/12 23:41:52 marka Exp $"; #endif /* not lint */ /* @@ -560,6 +560,8 @@ ns_req(u_char *msg, int msglen, int buflen, struct qstream *qsp, hp->arcount = htons(0); cp = msg + HFIXEDSZ; cp += ns_skiprr(cp, msg + msglen, ns_s_qd, ntohs(hp->qdcount)); + ns_name_rollback(cp, (const u_char **)dnptrs, + (const u_char **)dnptrs_end); if (opt > 0) { n = ns_add_opt(msg, cp, buflen_orig, 0, rcode, EDNS_MESSAGE_SZ, 0, NULL, 0); diff --git a/contrib/bind/bin/named/ns_resp.c b/contrib/bind/bin/named/ns_resp.c index 5be0038..91a3869 100644 --- a/contrib/bind/bin/named/ns_resp.c +++ b/contrib/bind/bin/named/ns_resp.c @@ -1,6 +1,6 @@ #if !defined(lint) && !defined(SABER) static const char sccsid[] = "@(#)ns_resp.c 4.65 (Berkeley) 3/3/91"; -static const char rcsid[] = "$Id: ns_resp.c,v 8.176 2002/04/17 07:10:10 marka Exp $"; +static const char rcsid[] = "$Id: ns_resp.c,v 8.178 2002/06/27 03:09:19 marka Exp $"; #endif /* not lint */ /* @@ -288,7 +288,6 @@ ns_resp(u_char *msg, int msglen, struct sockaddr_in from, struct qstream *qsp) struct namebuf *np; struct fwdinfo *fwd; struct databuf *dp; - int forcecmsg = 0; char *tname = NULL; int sendto_errno = 0; int has_tsig, oldqlen = 0; @@ -298,6 +297,7 @@ ns_resp(u_char *msg, int msglen, struct sockaddr_in from, struct qstream *qsp) u_char sig[TSIG_SIG_SIZE]; time_t tsig_time; DST_KEY *key; + int expect_cname; nameserIncr(from.sin_addr, nssRcvdR); nsp[0] = NULL; @@ -924,6 +924,7 @@ tcp_retry: } else flushset = NULL; + expect_cname = 1; for (i = 0; i < count; i++) { struct databuf *dp; int type; @@ -955,6 +956,19 @@ tcp_retry: type = dp->d_type; if (i < ancount) { /* Answer section. */ + /* + * Check for attempts to overflow the buffer in + * getnameanswer. + */ + if (type == ns_t_cname && !expect_cname) { + ns_warning(ns_log_security, + "late CNAME in answer section for %s %s from %s", + *qname ? qname : ".", p_type(qtype), + sin_ntoa(from)); + + } else if (type != ns_t_cname && type != ns_t_dname && + type != ns_t_sig) + expect_cname = 0; if (externalcname || ns_samename(name, aname) != 1) { if (!externalcname) ns_info(ns_log_resp_checks, @@ -1220,12 +1234,11 @@ tcp_retry: cache_n_resp(msg, msglen, from, qp->q_name, qp->q_class, qp->q_type); - if (!qp->q_cmsglen) { + if (!qp->q_cmsglen && validanswer) { ns_debug(ns_log_default, 3, "resp: leaving NO: auth = %d", hp->aa); goto return_msg; } - forcecmsg = 1; } /* diff --git a/contrib/bind/bin/named/ns_signal.c b/contrib/bind/bin/named/ns_signal.c index 0820bfa..a8a957d 100644 --- a/contrib/bind/bin/named/ns_signal.c +++ b/contrib/bind/bin/named/ns_signal.c @@ -1,6 +1,6 @@ #if !defined(lint) && !defined(SABER) static const char sccsid[] = "@(#)ns_main.c 4.55 (Berkeley) 7/1/91"; -static const char rcsid[] = "$Id: ns_signal.c,v 8.14 2001/06/18 14:43:25 marka Exp $"; +static const char rcsid[] = "$Id: ns_signal.c,v 8.15 2002/05/18 01:39:15 marka Exp $"; #endif /* not lint */ /* @@ -87,8 +87,10 @@ static const char rcsid[] = "$Id: ns_signal.c,v 8.14 2001/06/18 14:43:25 marka E #ifdef SVR4 /* XXX */ # include <sys/sockio.h> #else +#ifndef __hpux # include <sys/mbuf.h> #endif +#endif #include <netinet/in.h> #include <net/route.h> diff --git a/contrib/bind/bin/named/ns_update.c b/contrib/bind/bin/named/ns_update.c index 774bd2c..b2b5b96 100644 --- a/contrib/bind/bin/named/ns_update.c +++ b/contrib/bind/bin/named/ns_update.c @@ -1,5 +1,5 @@ #if !defined(lint) && !defined(SABER) -static const char rcsid[] = "$Id: ns_update.c,v 8.103 2002/01/03 00:25:02 marka Exp $"; +static const char rcsid[] = "$Id: ns_update.c,v 8.104 2002/05/18 01:02:59 marka Exp $"; #endif /* not lint */ /* @@ -3010,9 +3010,9 @@ incr_serial(struct zoneinfo *zp) { return (-1); dp = findzonesoa(zp); if (dp) { - olddp = memget(DATASIZE(dp->d_size)); + olddp = memget(BIND_DATASIZE(dp->d_size)); if (olddp != NULL) { - memcpy(olddp, dp, DATASIZE(dp->d_size)); + memcpy(olddp, dp, BIND_DATASIZE(dp->d_size)); cp = findsoaserial(olddp->d_data); PUTLONG(old_serial, cp); fprintf(ifp, "update: {delete} %s. %u %s %s ", @@ -3021,7 +3021,7 @@ incr_serial(struct zoneinfo *zp) { p_type(dp->d_type)); (void) rdata_dump(olddp, ifp); fprintf(ifp, "\n"); - memput(olddp, DATASIZE(dp->d_size)); + memput(olddp, BIND_DATASIZE(dp->d_size)); } fprintf(ifp, "update: {add} %s. %u %s %s ", zp->z_origin, dp->d_ttl, diff --git a/contrib/bind/bin/named/ns_xfr.c b/contrib/bind/bin/named/ns_xfr.c index d7a8505..7b1c99b 100644 --- a/contrib/bind/bin/named/ns_xfr.c +++ b/contrib/bind/bin/named/ns_xfr.c @@ -1,5 +1,5 @@ #if !defined(lint) && !defined(SABER) -static const char rcsid[] = "$Id: ns_xfr.c,v 8.68 2002/04/11 05:19:06 marka Exp $"; +static const char rcsid[] = "$Id: ns_xfr.c,v 8.69 2002/06/05 03:53:49 marka Exp $"; #endif /* not lint */ /* @@ -82,15 +82,21 @@ ns_xfr(struct qstream *qsp, struct namebuf *znp, ns_deltalist *changes; switch (type) { - case ns_t_axfr: /*FALLTHROUGH*/ case ns_t_ixfr: + ns_info(ns_log_xfer_out, + "zone transfer (%s) of \"%s\" (%s) to %s serial %u -> %u", + p_type(type), zones[zone].z_origin, p_class(class), + sin_ntoa(qsp->s_from), serial_ixfr, + zones[zone].z_serial); + break; + case ns_t_axfr: /*FALLTHROUGH*/ #ifdef BIND_ZXFR case ns_t_zxfr: #endif ns_info(ns_log_xfer_out, - "zone transfer (%s) of \"%s\" (%s) to %s", + "zone transfer (%s) of \"%s\" (%s) to %s serial %u", p_type(type), zones[zone].z_origin, p_class(class), - sin_ntoa(qsp->s_from)); + sin_ntoa(qsp->s_from), zones[zone].z_serial); break; default: ns_warning(ns_log_xfer_out, diff --git a/contrib/bind/bin/ndc/ndc.c b/contrib/bind/bin/ndc/ndc.c index aa0e4a3..d077042 100644 --- a/contrib/bind/bin/ndc/ndc.c +++ b/contrib/bind/bin/ndc/ndc.c @@ -1,5 +1,5 @@ #if !defined(lint) && !defined(SABER) -static const char rcsid[] = "$Id: ndc.c,v 1.21 2001/12/19 23:16:23 marka Exp $"; +static const char rcsid[] = "$Id: ndc.c,v 1.22 2002/06/24 07:28:55 marka Exp $"; #endif /* not lint */ /* @@ -250,6 +250,179 @@ slashhelp(void) { "toggle silence (suppresses nonfatal errors)"); } +struct argv { + int argc; + char **argv; + int error; +}; + +static char hexdigits[] = "0123456789abcdef"; + +static void +getargs_closure(void *arg, const char *msg, int flags) { + struct argv *argv = arg; + int len; + int i; + const char *cp, *cp2; + char *tp, c; + + UNUSED(flags); + + if (argv->error) + return; + + if (argv->argc == -1) { + i = atoi(msg + 4); + if (i < 1) { + argv->error = 1; + return; + } + argv->argc = i; + argv->argv = calloc((i+1), sizeof(char*)); + return; + } + len = 0; + cp = msg + 4; + while (*cp != NULL) { + c = *cp; + if (c == '%') { + cp2 = strchr(hexdigits, cp[1]); + if (cp2 == NULL) { + argv->error = 1; + return; + } + c = (cp2-hexdigits) << 4; + cp2 = strchr(hexdigits, cp[2]); + if (cp2 == NULL) { + argv->error = 1; + return; + } + c += (cp2-hexdigits); + cp += 2; + } + if (!isalnum((unsigned)c)) { + switch (c) { + case '+': case '-': case '=': case '/': case '.': + break; + default: + len++; + } + } + len++; + cp++; + } + i = 0; + while (argv->argv[i] != NULL) + i++; + if (i >= argv->argc) { + argv->error = 1; + return; + } + argv->argv[i] = malloc(len + 1); + if (argv->argv[i] == NULL) { + argv->error = 1; + return; + } + cp = msg + 4; + tp = argv->argv[i]; + while (*cp != NULL) { + c = *cp; + if (c == '%') { + cp2 = strchr(hexdigits, cp[1]); + if (cp2 == NULL) { + argv->error = 1; + return; + } + c = (cp2-hexdigits) << 4; + cp2 = strchr(hexdigits, cp[2]); + if (cp2 == NULL) { + argv->error = 1; + return; + } + c += (cp2-hexdigits); + cp += 2; + } + if (!isalnum((unsigned)c)) { + switch (c) { + case '+': case '-': case '=': case '/': case '.': + break; + default: + *tp = '\\'; + } + } + *tp++ = c; + cp++; + } +} + +static int +get_args(char **restp) { + struct argv argv; + int len, i; + char *rest, *p; + int result = 1; + + argv.argc = -1; + argv.argv = NULL; + argv.error = 0; + + channel_loop("args", 1, getargs_closure, &argv); + if (argv.error) { + result = 0; + goto err; + } + len = 0; + for (i = 1 ; i < argv.argc && argv.argv[i] != NULL; i++) + len += strlen(argv.argv[i]) + 1; + rest = malloc(len); + if (rest == NULL) { + result = 0; + goto err; + } + p = rest; + for (i = 1 ; i < argv.argc && argv.argv[i] != NULL; i++) { + strcpy(p, argv.argv[i]); + p += strlen(argv.argv[i]); + *p++ = ' '; + } + if (p != rest) + p[-1] = '\0'; + *restp = rest; + + err: + if (argv.argv) { + for (i = 0 ; i < argv.argc && argv.argv[i] != NULL; i++) + free(argv.argv[i]); + free(argv.argv); + } + return (result); +} + +static void +exec_closure(void *arg, const char *msg, int flags) { + int *result = arg; + UNUSED(flags); + if (atoi(msg) == 250) + *result = 1; +} + +static int +try_exec(int local_quiet) { + int good = 0; + pid_t pid; + + channel_loop("exec", 1, exec_closure, &good); + + if (good) { + sleep(3); + if (!running(0, &pid)) + error("name server has not restarted (yet?)"); + else if (!local_quiet) + result("new pid is %ld", (long)pid); + } + return (good); +} + static int builtincmd(void) { static const char spaces[] = " \t"; @@ -257,14 +430,18 @@ builtincmd(void) { pid_t pid; int save_quiet = quiet; int len; + int freerest = 0; quiet = 1; len = strcspn(cmd, spaces); rest = cmd + len; - if (*rest != '\0') { - rest++; + if (*rest != '\0') rest += strspn(rest, spaces); + if (*rest == '\0' && !strncasecmp(cmd, "restart", len)) { + if (try_exec(save_quiet)) + return (1); + freerest = get_args(&rest); } syscmd = malloc(strlen(named_path) + sizeof " " + strlen(rest)); if (syscmd == NULL) @@ -274,6 +451,8 @@ builtincmd(void) { strcat(syscmd, " "); strcat(syscmd, rest); } + if (freerest) + free(rest); if (strncasecmp(cmd, "start", len) == 0) { if (running(debug, &pid)) error("name server already running? (pid %ld)", @@ -417,6 +596,7 @@ channel_loop(const char *cmdtext, int show, closure cl, void *ua) { a.cl = cl; a.ua = ua; logger_show = show; + trace("command '%s'", cmdtext); ctl = ctl_client(ev, client_addr, impute_addrlen(client_addr), (struct sockaddr *)&server, impute_addrlen((struct sockaddr *)&server), diff --git a/contrib/bind/bin/nslookup/Makefile b/contrib/bind/bin/nslookup/Makefile index 6680bc6..27073c1 100644 --- a/contrib/bind/bin/nslookup/Makefile +++ b/contrib/bind/bin/nslookup/Makefile @@ -13,7 +13,7 @@ ## ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS ## SOFTWARE. -# $Id: Makefile,v 8.27 2001/01/31 08:44:43 marka Exp $ +# $Id: Makefile,v 8.28 2002/05/21 00:44:59 marka Exp $ DESTDIR= CC= cc @@ -31,7 +31,8 @@ A=a O=o EXE= LEX = lex -I -SYSLIBS = -ll -lutil +SYSLIBS =-lutil +LIBL=-ll DESTBIN = /usr/local/bin DESTSBIN = /usr/local/sbin DESTEXEC = /usr/local/libexec @@ -56,7 +57,7 @@ all: ${PROG}${EXE} ${PROG}${EXE}: ${OBJS} ${LIBBIND} Makefile ${CC} ${CDEBUG} ${LDFLAGS} ${BOUNDS} -o ${PROG}${EXE} ${OBJS} \ - ${LIBBIND} ${SYSLIBS} + ${LIBBIND} ${LIBL} ${SYSLIBS} .c.${O}: ${CC} ${CPPFLAGS} ${CFLAGS} ${BOUNDS} -c $*.c diff --git a/contrib/bind/bin/nslookup/commands.l b/contrib/bind/bin/nslookup/commands.l index f086118..7abf7d3 100644 --- a/contrib/bind/bin/nslookup/commands.l +++ b/contrib/bind/bin/nslookup/commands.l @@ -117,11 +117,11 @@ NAME [:A-Za-z0-9.*=_/-] * 1 == use original server to find * the new one. */ - SetDefaultServer(yytext, 0); + SetDefaultServer((char*)yytext, 0); return(1); } ^{WS}*lserver{WS}+{LET}{NAME}*{WS}*$ { - SetDefaultServer(yytext, 1); + SetDefaultServer((char*)yytext, 1); return(1); } ^{WS}*exit{WS}*$ { @@ -137,11 +137,11 @@ NAME [:A-Za-z0-9.*=_/-] * 0 == output to stdout * 1 == output to file */ - Finger(yytext, 1); + Finger((char*)yytext, 1); return(1); } ^{WS}*finger({WS}+{LET}{NAME}*)?{WS}*$ { - Finger(yytext, 0); + Finger((char*)yytext, 0); return(1); } ^{WS}*ls{WS}+(("-a"|"-d"|"-h"|"-m"|"-s"){WS}+)?{LET}{NAME}*{WS}+>>?{WS}+{NAME}+{WS}*$ { @@ -150,11 +150,11 @@ NAME [:A-Za-z0-9.*=_/-] * 0 == output to stdout * 1 == output to file */ - ListHosts(yytext, 1); + ListHosts((char*)yytext, 1); return(1); } ^{WS}*ls{WS}+(("-a"|"-d"|"-h"|"-m"|"-s"){WS}+)?{LET}{NAME}*{WS}*$ { - ListHosts(yytext, 0); + ListHosts((char*)yytext, 0); return(1); } ^{WS}*ls{WS}+-t{WS}+({LET}{NAME}*{WS}+)?{LET}{NAME}*{WS}+>>?{WS}+{NAME}+{WS}*$ { @@ -163,15 +163,15 @@ NAME [:A-Za-z0-9.*=_/-] * 0 == output to stdout * 1 == output to file */ - ListHostsByType(yytext, 1); + ListHostsByType((char*)yytext, 1); return(1); } ^{WS}*ls{WS}+-t{WS}+({LET}{NAME}*{WS}+)?{LET}{NAME}*{WS}*$ { - ListHostsByType(yytext, 0); + ListHostsByType((char*)yytext, 0); return(1); } ^{WS}*set{WS}+{NAME}+{WS}*$ { - SetOption(yytext); + SetOption((char*)yytext); return(1); } ^{WS}*help{WS}*$ { @@ -189,11 +189,11 @@ NAME [:A-Za-z0-9.*=_/-] * 0 == output to stdout * 1 == output to file */ - LookupHost(yytext, 1); + LookupHost((char*)yytext, 1); return(1); } ^{WS}*{FLET}{NAME}*{WS}*$ { - LookupHost(yytext, 0); + LookupHost((char*)yytext, 0); return(1); } ^{WS}*{FLET}{NAME}*{WS}+{LET}{NAME}*{WS}+>>?{WS}*{NAME}+{WS}*$ { @@ -201,11 +201,11 @@ NAME [:A-Za-z0-9.*=_/-] * 0 == output to stdout * 1 == output to file */ - LookupHostWithServer(yytext, 1); + LookupHostWithServer((char*)yytext, 1); return(1); } ^{WS}*{FLET}{NAME}*{WS}+{LET}{NAME}*{WS}*$ { - LookupHostWithServer(yytext, 0); + LookupHostWithServer((char*)yytext, 0); return(1); } ^{WS}*\n { @@ -213,7 +213,7 @@ NAME [:A-Za-z0-9.*=_/-] } ^.*\n { printf("Unrecognized command: %s", - yytext); + (char*)yytext); return(1); } \n { ; } diff --git a/contrib/bind/bin/nslookup/getinfo.c b/contrib/bind/bin/nslookup/getinfo.c index e4fbb51..7189a85 100644 --- a/contrib/bind/bin/nslookup/getinfo.c +++ b/contrib/bind/bin/nslookup/getinfo.c @@ -53,7 +53,7 @@ #ifndef lint static const char sccsid[] = "@(#)getinfo.c 5.26 (Berkeley) 3/21/91"; -static const char rcsid[] = "$Id: getinfo.c,v 8.23 2002/04/29 01:11:52 marka Exp $"; +static const char rcsid[] = "$Id: getinfo.c,v 8.27 2002/05/22 04:06:57 marka Exp $"; #endif /* not lint */ /* @@ -141,16 +141,9 @@ typedef union { */ static int -GetAnswer(nsAddrPtr, queryType, msg, msglen, iquery, hostPtr, isServer, - merge) - union res_sockaddr_union *nsAddrPtr; - char *msg; - int queryType; - int msglen; - Boolean iquery; - register HostInfo *hostPtr; - Boolean isServer; - Boolean merge; +GetAnswer(union res_sockaddr_union *nsAddrPtr, int queryType, + char *msg, int msglen, Boolean iquery, HostInfo *hostPtr, + Boolean isServer, Boolean merge) { register HEADER *headerPtr; register const u_char *cp; @@ -360,7 +353,8 @@ GetAnswer(nsAddrPtr, queryType, msg, msglen, iquery, hostPtr, isServer, } } - if ((queryType == T_A || queryType == T_PTR) && haveAnswer) { + if ((queryType == T_A || queryType == T_AAAA || queryType == T_PTR) && + haveAnswer) { /* * Go through the alias and address lists and return them @@ -386,10 +380,8 @@ GetAnswer(nsAddrPtr, queryType, msg, msglen, iquery, hostPtr, isServer, for (l = 0; l < k; l++) if (!strcasecmp(hostPtr->aliases[l], host_aliases[i])) break; - if (l < k) { - free(host_aliases[i]); + if (l < k) continue; - } hostPtr->aliases[k] = Calloc(1, host_aliases_len[i]); memcpy(hostPtr->aliases[k], host_aliases[i], host_aliases_len[i]); @@ -419,10 +411,8 @@ GetAnswer(nsAddrPtr, queryType, msg, msglen, iquery, hostPtr, isServer, !memcmp(hostPtr->addrList[l]->addr, addr_list[i], addr_len[i])) break; - if (l < k) { - free(addr_list[i]); + if (l < k) continue; - } hostPtr->addrList[k] = (AddrInfo*)Calloc(1, sizeof(AddrInfo)); hostPtr->addrList[k]->addr = Calloc(1, addr_len[i]); hostPtr->addrList[k]->addrType = addr_type[i]; @@ -544,7 +534,7 @@ GetAnswer(nsAddrPtr, queryType, msg, msglen, iquery, hostPtr, isServer, */ cp = res_skip((u_char*)&answer, 3, eom); - if (queryType != T_A) { + if (queryType != T_A && queryType != T_AAAA) { /* * If we don't need to save the record, just print it. */ diff --git a/contrib/bind/bin/nslookup/main.c b/contrib/bind/bin/nslookup/main.c index 38e1014..e992bb0 100644 --- a/contrib/bind/bin/nslookup/main.c +++ b/contrib/bind/bin/nslookup/main.c @@ -77,7 +77,7 @@ char copyright[] = #ifndef lint static const char sccsid[] = "@(#)main.c 5.42 (Berkeley) 3/3/91"; -static const char rcsid[] = "$Id: main.c,v 8.22 2002/04/12 03:03:49 marka Exp $"; +static const char rcsid[] = "$Id: main.c,v 8.24 2002/05/26 03:12:20 marka Exp $"; #endif /* not lint */ /* @@ -340,10 +340,21 @@ main(int argc, char **argv) { } else { result = GetHostInfoByAddr(&u[i], &u[i], defaultPtr); if (result != SUCCESS) { + char t[80]; + switch (u[i].sin.sin_family) { + case AF_INET: + inet_ntop(AF_INET, &u[i].sin.sin_addr, t, sizeof(t)); + break; + case AF_INET6: + inet_ntop(AF_INET6, &u[i].sin6.sin6_addr, t, sizeof(t)); + break; + default: + strcpy(t, "<UNKNOWN>"); + break; + } fprintf(stderr, - "*** Can't find server name for address %s: %s\n", - inet_ntoa(res.nsaddr_list[i].sin_addr), - DecodeError(result)); + "*** Can't find server name for address %s: %s\n", + t, DecodeError(result)); } else { defaultAddr = u[i]; break; @@ -697,7 +708,7 @@ DoLookup(host, servPtr, serverName) * RFC1123 says we "SHOULD check the string syntactically for a * dotted-decimal number before looking it up [...]" (p. 13). */ - if (queryType == T_A && IsAddr(host, &addr)) { + if ((queryType == T_A || queryType == T_AAAA) && IsAddr(host, &addr)) { result = GetHostInfoByAddr(&servAddr, &addr, &curHostInfo); } else { if (queryType == T_PTR) { @@ -715,7 +726,7 @@ DoLookup(host, servPtr, serverName) * There's no need to print anything for other query types * because the info has already been printed. */ - if (queryType == T_A) { + if (queryType == T_A || queryType == T_AAAA) { curHostValid = TRUE; PrintHostInfo(filePtr, "Name:", &curHostInfo); } diff --git a/contrib/bind/bin/nslookup/send.c b/contrib/bind/bin/nslookup/send.c index de60d21..738f66a 100644 --- a/contrib/bind/bin/nslookup/send.c +++ b/contrib/bind/bin/nslookup/send.c @@ -53,7 +53,7 @@ #ifndef lint static const char sccsid[] = "@(#)send.c 5.18 (Berkeley) 3/2/91"; -static const char rcsid[] = "$Id: send.c,v 8.13 2002/04/09 05:55:23 marka Exp $"; +static const char rcsid[] = "$Id: send.c,v 8.14 2002/05/10 04:35:09 marka Exp $"; #endif /* not lint */ /* @@ -291,7 +291,7 @@ SendRequest(union res_sockaddr_union *nsAddrPtr, const u_char *buf, } #else /* BSD */ if (sendto(s, (const char *)buf, buflen, 0, - (struct sockaddr *) &nsAddrPtr, + (struct sockaddr *) nsAddrPtr, clen) != buflen) { if (res.options & RES_DEBUG) perror("sendto"); diff --git a/contrib/bind/doc/html/server.html b/contrib/bind/doc/html/server.html index b7fea33..5dea794 100644 --- a/contrib/bind/doc/html/server.html +++ b/contrib/bind/doc/html/server.html @@ -13,6 +13,7 @@ <PRE> server <VAR><A HREF="docdef.html">ip_addr</A></VAR> { + [ edns <VAR><A HREF="docdef.html">yes_or_no</A></VAR>; ] [ bogus <VAR><A HREF="docdef.html">yes_or_no</A></VAR>; ] [ support-ixfr <VAR><A HREF="docdef.html">yes_or_no</A></VAR>; ] [ transfers <VAR><A HREF="docdef.html">number</A></VAR>; ] @@ -28,6 +29,10 @@ server <VAR><A HREF="docdef.html">ip_addr</A></VAR> { <P>The server statement defines the characteristics to be associated with a remote name server.</P> +<P>If you discover that a server does not support EDNS you can prevent +named making EDNS queries to it by specifying <CODE>edns no;</CODE>. +The default value of <CODE>edns</CODE> is <CODE>yes</CODE>. + <P>If you discover that a server is giving out bad data, marking it as <CODE>bogus</CODE> will prevent further queries to it. The default value of <CODE>bogus</CODE> is <CODE>no</CODE>. Marking a server as <CODE>bogus</CODE> @@ -69,7 +74,7 @@ required to be signed by this key. <HR> <ADDRESS> -Last Updated: $Id: server.html,v 1.12 2001/08/10 05:12:29 marka Exp $ +Last Updated: $Id: server.html,v 1.13 2002/05/24 03:04:51 marka Exp $ </ADDRESS> </BODY> </HTML> diff --git a/contrib/bind/doc/man/dig.1 b/contrib/bind/doc/man/dig.1 index ae4c3f2..6799559 100644 --- a/contrib/bind/doc/man/dig.1 +++ b/contrib/bind/doc/man/dig.1 @@ -1,4 +1,4 @@ -.\" $Id: dig.1,v 8.8 2001/09/24 15:21:29 marka Exp $ +.\" $Id: dig.1,v 8.9 2002/06/18 01:53:43 marka Exp $ .\" .\" ++Copyright++ 1993 .\" - @@ -95,7 +95,7 @@ will take the form: where: .Bl -tag -width Fl .It Ar server -may be either a domain name or a dot-notation +may be either a domain name or a raw (IPv4 / IPv6) Internet address. If this optional field is omitted, .Ic dig will attempt to use the default name server for your machine. @@ -145,7 +145,7 @@ See the .Fl x option (documented in the .Sx OTHER OPTIONS -subsection of this section) for convenient way to specify inverse address +subsection of this section) for convenient way to specify reverse address query. .It Ar query-type is the type of information (DNS query type) that @@ -240,9 +240,15 @@ available (although not guaranteed to be useful): .It Fl x Ar dot-notation-address Convenient form to specify inverse address mapping. Instead of -.Dq Ic dig 32.0.9.128.in-addr.arpa , +.Dq Ic dig 32.0.9.28.in-addr.arpa , one can simply -.Dq Ic dig -x 128.9.0.32 . +.Dq Ic dig -x 28.9.0.32 . +.It Fl x Ar IPv6-address +Convenient form to specify inverse address mapping. +Instead of +.Dq Ic dig 1.0.0.0.0.0.0.0.0.0.0.0. 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa , +one can simply +.Dq Ic dig -x ::1 . .It Fl f Ar file File for .Ic dig diff --git a/contrib/bind/doc/man/dnsquery.1 b/contrib/bind/doc/man/dnsquery.1 index bc0307f..b6588c6 100644 --- a/contrib/bind/doc/man/dnsquery.1 +++ b/contrib/bind/doc/man/dnsquery.1 @@ -1,4 +1,4 @@ -.\" $Id: dnsquery.1,v 8.4 2001/08/08 07:49:58 marka Exp $ +.\" $Id: dnsquery.1,v 8.5 2002/06/18 02:04:54 marka Exp $ .\" .\"Copyright (c) 1995,1996,1999 by Internet Software Consortium .\" @@ -49,8 +49,10 @@ are treated without case-sensitivity. .Bl -tag -width Fl .It Fl n Ar nameserver The nameserver to be used in the query. Nameservers can appear as either -Internet addresses of the form -.Ar w.x.y.z +Internet addresses of the form +.Ar ( w.x.y.z +or +.Ar xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx ) or can appear as domain names. (Default: as specified in .Pa /etc/resolv.conf . ) diff --git a/contrib/bind/doc/man/host.1 b/contrib/bind/doc/man/host.1 index 90b5e84..858bd6e 100644 --- a/contrib/bind/doc/man/host.1 +++ b/contrib/bind/doc/man/host.1 @@ -50,7 +50,7 @@ .\" SOFTWARE. .\" - .\" --Copyright-- -.\" $Id: host.1,v 8.6 2001/08/10 00:14:47 cyarnell Exp $ +.\" $Id: host.1,v 8.7 2002/06/18 02:39:26 marka Exp $ .Dd December 15, 1994 .Dt HOST @CMD_EXT_U@ .Os BSD 4 @@ -84,7 +84,7 @@ by the domain server. The arguments can be either host names or host numbers. The program first attempts to interpret them as host numbers. If this fails, it will treat them as host names. A host number consists of -first decimal numbers separated by dots, e.g. 128.6.4.194 +IPv4 dotted decimal quad (127.0.0.1) or IPv6 raw address (::1). A host name consists of names separated by dots, e.g. topaz.rutgers.edu. Unless the name ends in a dot, the local domain is automatically tacked on the end. Thus, a Rutgers user can say @@ -192,6 +192,7 @@ to be looked up. The arguments are defined in the man page for .Xr @INDOT@named @SYS_OPS_EXT@ . Currently-supported types include: .Dq Cm a , +.Dq Cm aaaa , .Dq Cm ns , .Dq Cm md , .Dq Cm mf , diff --git a/contrib/bind/doc/man/named.conf.5 b/contrib/bind/doc/man/named.conf.5 index df07b1a..532af69 100644 --- a/contrib/bind/doc/man/named.conf.5 +++ b/contrib/bind/doc/man/named.conf.5 @@ -1895,6 +1895,7 @@ Any number of trusted keys can be specified. .Ss Syntax .Bd -literal server \fIip_addr\fR { + [ edns \fIyes_or_no\fR; ] [ bogus \fIyes_or_no\fR; ] [ support-ixfr \fIyes_or_no\fR; ] [ transfers \fInumber\fR; ] @@ -1906,6 +1907,15 @@ server \fIip_addr\fR { The server statement defines the characteristics to be associated with a remote name server. .Pp +If you discover that a server does not support EDNS you can prevent +named making EDNS queries to it by specifying +.Ic edns +.Ic no; . +The default value of +.Ic edns +is +.Ic yes . +.Pp If you discover that a server is giving out bad data, marking it as .Ic bogus will prevent further queries to it. The default value of diff --git a/contrib/bind/doc/misc/rfc2317-notes.txt b/contrib/bind/doc/misc/rfc2317-notes.txt new file mode 100644 index 0000000..0b62d2a --- /dev/null +++ b/contrib/bind/doc/misc/rfc2317-notes.txt @@ -0,0 +1,105 @@ +Message-Id: <200005230246.WAA03750@hrothgar.gw.com> +To: ... +Subject: Notes on RFC-2317 +Date: Mon, 22 May 2000 22:46:55 -0400 +From: Kimmo Suominen <kim@tac.nyc.ny.us> + +Hi! + +I wrote down some notes on RFC-2317. I've had discussions with all of +you regarding classless IN-ADDR.ARPA delegations, and I would very much +appreciate any comments you may have. Please feel free to forward this +to other parties as you see necessary or appropriate. + +The goal of these notes is to try and clarify the reasoning behind the +recommendations I've been making on implementing RFC-2317 delegations. +In particular the following issues keep coming up with again and again +with each vendor: + + - why use "-" instead of "/" + - why use particular NS records + - why delegate within IN-ADDR.ARPA + +I am hoping that the these notes could eventually be used to convince +ISPs to provide an efficient and smooth implementation of RFC-2317 with +the least amount of headache for the end-user. + +Regards, ++ Kim + + + +NOTES ON IMPLEMENTING CLASSLESS IN-ADDR.ARPA DELEGATION PER RFC-2317 + +1. Selecting the CNAME target zone + + RFC-2317 shows an example case where the target zone is a delegated + sub-zone of the IN-ADDR.ARPA zone for the natural class C network. + This will allow for the NS records for the zone can be independently + selected (see benefits described below). An example of such a zone + would be 0-28.150.80.204.IN-ADDR.ARPA. + + Now pay careful attention to the last paragraph of RFC-2317. There + are broken resolver implementations that apply the "valid host name" + restrictions on the CNAME target (it should only be applied to the + PTR target name). To avoid problems with such implementations it + is best to use a character that is allowed in a hostname. I prefer + using a hyphen, as I did in the example above. + + Some ISPs may at first refuse to delegate these zones (without any + explanation). Approach such ISPs with the reasoning in here first, + but if that fails consider using your "forward" zone as a fallback. + + There is nothing magic about the IN-ADDR.ARPA zone for RFC-2317 + delegations. You will have to sacrifice the optimization provided + by a correct IN-ADDR.ARPA delegation, but you will still retain + the ease of local administration for all name changes. + + I recommend using a dedicated subdomain for the PTR records, e.g. if + your "forward" domain is "HOME.GW.COM" use "REV.HOME.GW.COM" for the + PTR records. + +2. Selecting the NS records + + The NS records for the delegated zone should include all the NS + records of the parent zone, in addition to any NS records pointing + to the public name servers the delegate may want to use. Having the + name servers of the parent zone secondary the delegated zone allows + them to have the necessary authoritative data to return the CNAME + target in the additional records of a response to a PTR record query + (minimizing the number of queries needed to resolve an address). + + This can be achieved using any zone (i.e. even a subdomain of your + "forward" domain), of course. However, having the ISP delegate an + IN-ADDR.ARPA zone for your PTR records rather than you delegating a + zone to your ISP maintains the logical "owner" and "delegate" roles. + + If the primary server for the delegated zone is not permanently on + the Internet (e.g. a dial-on-demand connection) then you would not + want to advertise it in the NS records. It would just be a stealth + server which the advertised secondaries poll for updates. + +3. Example delegation + + To delegate our example zone 0-28.150.80.204.IN-ADDR.ARPA first look + at the NS records of the parent zone 150.80.204.IN-ADDR.ARPA. Let's + say they are the following: + + $ORIGIN 150.80.204.IN-ADDR.ARPA. + @ IN NS GRENDEL.GW.COM. + IN NS PYRY.GW.COM. + + To delegate 204.80.150.0/28 to SRV.HOME.GW.COM you would then insert + these records in the parent zone data: + + $ORIGIN 150.80.204.IN-ADDR.ARPA. + 0-28 IN NS SRV.HOME.GW.COM. + IN NS GRENDEL.GW.COM. + IN NS PYRY.GW.COM. + $GENERATE 0-15 $ IN CNAME $.0-28.150.80.204.IN-ADDR.ARPA. + + The necessary modifications to /etc/named.conf will be left as an + exercise to the reader. + +Kimmo Suominen +Global Wire Oy diff --git a/contrib/bind/include/arpa/nameser_compat.h b/contrib/bind/include/arpa/nameser_compat.h index a32485a..cbceb6e 100644 --- a/contrib/bind/include/arpa/nameser_compat.h +++ b/contrib/bind/include/arpa/nameser_compat.h @@ -32,7 +32,7 @@ /* * from nameser.h 8.1 (Berkeley) 6/2/93 - * $Id: nameser_compat.h,v 8.13 2001/09/24 02:20:25 marka Exp $ + * $Id: nameser_compat.h,v 8.14 2002/05/18 01:39:11 marka Exp $ */ #ifndef _ARPA_NAMESER_COMPAT_ @@ -64,7 +64,7 @@ defined(apollo) || defined(__convex__) || defined(_CRAY) || \ defined(__hppa) || defined(__hp9000) || \ defined(__hp9000s300) || defined(__hp9000s700) || \ - defined(__hp3000s900) || defined(MPE) || \ + defined(__hp3000s900) || defined(__hpux) || defined(MPE) || \ defined (BIT_ZERO_ON_LEFT) || defined(m68k) || \ (defined(__Lynx__) && \ (defined(__68k__) || defined(__sparc__) || defined(__powerpc__))) diff --git a/contrib/bind/include/isc/list.h b/contrib/bind/include/isc/list.h index 21dd565..0aa6f7d 100644 --- a/contrib/bind/include/isc/list.h +++ b/contrib/bind/include/isc/list.h @@ -24,11 +24,13 @@ do { (list).head = NULL; (list).tail = NULL; } while (0) #define LINK(type) struct { type *prev, *next; } -#define INIT_LINK(elt, link) \ +#define INIT_LINK_TYPE(elt, link, type) \ do { \ - (elt)->link.prev = (void *)(-1); \ - (elt)->link.next = (void *)(-1); \ + (elt)->link.prev = (type *)(-1); \ + (elt)->link.next = (type *)(-1); \ } while (0) +#define INIT_LINK(elt, link) \ + INIT_LINK_TYPE(elt, link, void) #define LINKED(elt, link) ((void *)((elt)->link.prev) != (void *)(-1)) #define HEAD(list) ((list).head) @@ -59,7 +61,7 @@ (list).tail = (elt); \ } while (0) -#define UNLINK(list, elt, link) \ +#define UNLINK_TYPE(list, elt, link, type) \ do { \ INSIST(LINKED(elt, link));\ if ((elt)->link.next != NULL) \ @@ -70,8 +72,10 @@ (elt)->link.prev->link.next = (elt)->link.next; \ else \ (list).head = (elt)->link.next; \ - INIT_LINK(elt, link); \ + INIT_LINK_TYPE(elt, link, type); \ } while (0) +#define UNLINK(list, elt, link) \ + UNLINK_TYPE(list, elt, link, void) #define PREV(elt, link) ((elt)->link.prev) #define NEXT(elt, link) ((elt)->link.next) diff --git a/contrib/bind/include/resolv.h b/contrib/bind/include/resolv.h index ff3c01f..5497f30 100644 --- a/contrib/bind/include/resolv.h +++ b/contrib/bind/include/resolv.h @@ -50,7 +50,7 @@ /* * @(#)resolv.h 8.1 (Berkeley) 6/2/93 - * $Id: resolv.h,v 8.45 2002/04/12 06:27:48 marka Exp $ + * $Id: resolv.h,v 8.48 2002/05/31 06:05:29 marka Exp $ */ #ifndef _RESOLV_H_ @@ -156,7 +156,11 @@ struct __res_state_ext; struct __res_state { int retrans; /* retransmition time interval */ int retry; /* number of times to retransmit */ +#ifdef sun + u_int options; /* option flags - see below. */ +#else u_long options; /* option flags - see below. */ +#endif int nscount; /* number of name servers */ struct sockaddr_in nsaddr_list[MAXNS]; /* address of name server */ @@ -164,7 +168,11 @@ struct __res_state { u_short id; /* current message id */ char *dnsrch[MAXDNSRCH+1]; /* components of domain to search */ char defdname[256]; /* default domain (deprecated) */ +#ifdef sun + u_int pfcode; /* RES_PRF_ flags - see below. */ +#else u_long pfcode; /* RES_PRF_ flags - see below. */ +#endif unsigned ndots:4; /* threshold for initial abs. query */ unsigned nsort:4; /* number of elements in sort_list[] */ char unused[3]; @@ -177,9 +185,10 @@ struct __res_state { int res_h_errno; /* last one set for this context */ int _vcsock; /* PRIVATE: for res_send VC i/o */ u_int _flags; /* PRIVATE: see below */ + u_int _pad; /* make _u 64 bit aligned */ union { /* On an 32-bit arch this means 512b total. */ - char pad[72 - 3*sizeof (int) - 2*sizeof (void *)]; + char pad[72 - 4*sizeof (int) - 2*sizeof (void *)]; struct { u_int16_t nscount; u_int16_t nstimes[MAXNS]; /* ms. */ @@ -245,6 +254,7 @@ union res_sockaddr_union { #define RES_USE_DNAME 0x10000000 /* use DNAME */ #define RES_USE_A6 0x20000000 /* use A6 */ #define RES_USE_EDNS0 0x40000000 /* use EDNS0 if configured */ +#define RES_NO_NIBBLE2 0x80000000 /* disable alternate nibble lookup */ #define RES_DEFAULT (RES_RECURSE | RES_DEFNAMES | RES_DNSRCH) @@ -460,6 +470,7 @@ const char * res_protocolname __P((int num)); void res_destroyprotolist __P((void)); void res_buildprotolist __P((void)); const char * res_get_nibblesuffix __P((res_state)); +const char * res_get_nibblesuffix2 __P((res_state)); const char * res_get_bitstringsuffix __P((res_state)); void res_ndestroy __P((res_state)); u_int16_t res_nametoclass __P((const char *buf, int *success)); diff --git a/contrib/bind/lib/irs/dns_ho.c b/contrib/bind/lib/irs/dns_ho.c index 7d64e53..6c0a6e7 100644 --- a/contrib/bind/lib/irs/dns_ho.c +++ b/contrib/bind/lib/irs/dns_ho.c @@ -52,7 +52,7 @@ /* BIND Id: gethnamaddr.c,v 8.15 1996/05/22 04:56:30 vixie Exp $ */ #if defined(LIBC_SCCS) && !defined(lint) -static const char rcsid[] = "$Id: dns_ho.c,v 1.35 2002/05/08 01:49:27 marka Exp $"; +static const char rcsid[] = "$Id: dns_ho.c,v 1.39 2002/06/27 03:56:32 marka Exp $"; #endif /* LIBC_SCCS and not lint */ /* Imports. */ @@ -74,6 +74,7 @@ static const char rcsid[] = "$Id: dns_ho.c,v 1.35 2002/05/08 01:49:27 marka Exp #include <resolv.h> #include <stdio.h> #include <string.h> +#include <syslog.h> #include <isc/memcluster.h> #include <irs.h> @@ -161,7 +162,7 @@ static struct addrinfo * ho_addrinfo(struct irs_ho *this, const char *name, const struct addrinfo *pai); static void map_v4v6_hostent(struct hostent *hp, char **bp, - int *len); + char *ep); static void addrsort(res_state, char **, int); static struct hostent * gethostans(struct irs_ho *this, const u_char *ansbuf, int anslen, @@ -404,15 +405,12 @@ ho_byaddr(struct irs_ho *this, const void *addr, int len, int af) q->answer = q->qbuf.buf; q->anslen = sizeof(q->qbuf); q->next = q2; - if ((pvt->res->options & RES_NO_BITSTRING) != 0) - q->action = RESTGT_IGNORE; - else - q->action = RESTGT_DOALWAYS; + q->action = RESTGT_DOALWAYS; q2->qclass = C_IN; q2->qtype = T_PTR; q2->answer = q2->qbuf.buf; q2->anslen = sizeof(q2->qbuf); - if ((pvt->res->options & RES_NO_NIBBLE) != 0) + if ((pvt->res->options & RES_NO_NIBBLE2) != 0) q2->action = RESTGT_IGNORE; else q2->action = RESTGT_AFTERFAILURE; @@ -441,11 +439,12 @@ ho_byaddr(struct irs_ho *this, const void *addr, int len, int af) case AF_INET6: if (q->action != RESTGT_IGNORE) { qp = q->qname; - qp += SPRINTF((qp, "\\[x")); - for (n = 0; n < IN6ADDRSZ; n++) - qp += SPRINTF((qp, "%02x", uaddr[n])); - SPRINTF((qp, "/128].%s", - res_get_bitstringsuffix(pvt->res))); + for (n = IN6ADDRSZ - 1; n >= 0; n--) { + qp += SPRINTF((qp, "%x.%x.", + uaddr[n] & 0xf, + (uaddr[n] >> 4) & 0xf)); + } + strcpy(qp, res_get_nibblesuffix(pvt->res)); } if (q2->action != RESTGT_IGNORE) { qp = q2->qname; @@ -454,7 +453,7 @@ ho_byaddr(struct irs_ho *this, const void *addr, int len, int af) uaddr[n] & 0xf, (uaddr[n] >> 4) & 0xf)); } - strcpy(qp, res_get_nibblesuffix(pvt->res)); + strcpy(qp, res_get_nibblesuffix2(pvt->res)); } break; default: @@ -1081,7 +1080,7 @@ gethostans(struct irs_ho *this, struct addrinfo **ret_aip, const struct addrinfo *pai) { struct pvt *pvt = (struct pvt *)this->private; - int type, class, buflen, ancount, qdcount, n, haveanswer, had_error; + int type, class, ancount, qdcount, n, haveanswer, had_error; int error = NETDB_SUCCESS, arcount; int (*name_ok)(const char *); const HEADER *hp; @@ -1090,7 +1089,7 @@ gethostans(struct irs_ho *this, const u_char *cp; const char *tname; const char *hname; - char *bp, **ap, **hap; + char *bp, *ep, **ap, **hap; char tbuf[MAXDNAME+1]; struct addrinfo sentinel, *cur, ai; const u_char *arp = NULL; @@ -1133,13 +1132,13 @@ gethostans(struct irs_ho *this, qdcount = ntohs(hp->qdcount); arcount = ntohs(hp->arcount); bp = pvt->hostbuf; - buflen = sizeof pvt->hostbuf; + ep = pvt->hostbuf + sizeof(pvt->hostbuf); cp = ansbuf + HFIXEDSZ; if (qdcount != 1) { RES_SET_H_ERRNO(pvt->res, NO_RECOVERY); return (NULL); } - n = dn_expand(ansbuf, eom, cp, bp, buflen); + n = dn_expand(ansbuf, eom, cp, bp, ep - bp); if (n < 0 || !maybe_ok(pvt->res, bp, name_ok)) { RES_SET_H_ERRNO(pvt->res, NO_RECOVERY); return (NULL); @@ -1163,7 +1162,6 @@ gethostans(struct irs_ho *this, pvt->host.h_name = bp; hname = bp; bp += n; - buflen -= n; /* The qname can be abbreviated, but hname is now absolute. */ qname = pvt->host.h_name; } @@ -1176,7 +1174,7 @@ gethostans(struct irs_ho *this, haveanswer = 0; had_error = 0; while (ancount-- > 0 && cp < eom && !had_error) { - n = dn_expand(ansbuf, eom, cp, bp, buflen); + n = dn_expand(ansbuf, eom, cp, bp, ep - bp); if (n < 0 || !maybe_ok(pvt->res, bp, name_ok)) { had_error++; continue; @@ -1197,6 +1195,15 @@ gethostans(struct irs_ho *this, eor = cp + n; if ((qtype == T_A || qtype == T_AAAA || qtype == ns_t_a6 || qtype == T_ANY) && type == T_CNAME) { + if (haveanswer) { + int level = LOG_CRIT; +#ifdef LOG_SECURITY + level |= LOG_SECURITY; +#endif + syslog(level, + "gethostans: possible attempt to exploit buffer overflow while looking up %s", + *qname ? qname : "."); + } n = dn_expand(ansbuf, eor, cp, tbuf, sizeof tbuf); if (n < 0 || !maybe_ok(pvt->res, tbuf, name_ok)) { had_error++; @@ -1209,10 +1216,9 @@ gethostans(struct irs_ho *this, *ap++ = bp; n = strlen(bp) + 1; /* for the \0 */ bp += n; - buflen -= n; /* Get canonical name. */ n = strlen(tbuf) + 1; /* for the \0 */ - if (n > buflen || n > MAXHOSTNAMELEN) { + if (n > (ep - bp) || n > MAXHOSTNAMELEN) { had_error++; continue; } @@ -1220,7 +1226,6 @@ gethostans(struct irs_ho *this, pvt->host.h_name = bp; hname = bp; bp += n; - buflen -= n; continue; } if (type == ns_t_dname) { @@ -1256,7 +1261,7 @@ gethostans(struct irs_ho *this, cp += n; n = strlen(t) + 1; /* for the \0 */ - if (n > buflen) { + if (n > (ep - bp)) { had_error++; continue; } @@ -1266,7 +1271,6 @@ gethostans(struct irs_ho *this, else hname = bp; bp += n; - buflen -= n; continue; } @@ -1292,14 +1296,13 @@ gethostans(struct irs_ho *this, } /* Get canonical name. */ n = strlen(tbuf) + 1; /* for the \0 */ - if (n > buflen) { + if (n > (ep - bp)) { had_error++; continue; } strcpy(bp, tbuf); tname = bp; bp += n; - buflen -= n; continue; } if (qtype == T_ANY) { @@ -1323,7 +1326,7 @@ gethostans(struct irs_ho *this, cp += n; continue; } - n = dn_expand(ansbuf, eor, cp, bp, buflen); + n = dn_expand(ansbuf, eor, cp, bp, ep - bp); if (n < 0 || !maybe_hnok(pvt->res, bp) || n >= MAXHOSTNAMELEN) { had_error++; @@ -1341,7 +1344,6 @@ gethostans(struct irs_ho *this, if (n != -1) { n = strlen(bp) + 1; /* for the \0 */ bp += n; - buflen -= n; } break; case ns_t_a6: { @@ -1441,7 +1443,6 @@ gethostans(struct irs_ho *this, pvt->host.h_name = bp; hname = bp; bp += nn; - buflen -= nn; } /* Ensure alignment. */ bp = (char *)(((u_long)bp + (sizeof(align) - 1)) & @@ -1495,15 +1496,14 @@ gethostans(struct irs_ho *this, haveanswer); if (pvt->host.h_name == NULL) { n = strlen(qname) + 1; /* for the \0 */ - if (n > buflen || n >= MAXHOSTNAMELEN) + if (n > (ep - bp) || n >= MAXHOSTNAMELEN) goto no_recovery; strcpy(bp, qname); pvt->host.h_name = bp; bp += n; - buflen -= n; } if (pvt->res->options & RES_USE_INET6) - map_v4v6_hostent(&pvt->host, &bp, &buflen); + map_v4v6_hostent(&pvt->host, &bp, ep); RES_SET_H_ERRNO(pvt->res, NETDB_SUCCESS); return (&pvt->host); } else { @@ -1577,7 +1577,7 @@ add_hostent(struct pvt *pvt, char *bp, char **hap, struct addrinfo *ai) } static void -map_v4v6_hostent(struct hostent *hp, char **bpp, int *lenp) { +map_v4v6_hostent(struct hostent *hp, char **bpp, char *ep) { char **ap; if (hp->h_addrtype != AF_INET || hp->h_length != INADDRSZ) @@ -1590,17 +1590,15 @@ map_v4v6_hostent(struct hostent *hp, char **bpp, int *lenp) { if (i != 0) i = sizeof(align) - i; - if (*lenp < (i + IN6ADDRSZ)) { + if ((ep - *bpp) < (i + IN6ADDRSZ)) { /* Out of memory. Truncate address list here. */ *ap = NULL; return; } *bpp += i; - *lenp -= i; map_v4v6_address(*ap, *bpp); *ap = *bpp; *bpp += IN6ADDRSZ; - *lenp -= IN6ADDRSZ; } } diff --git a/contrib/bind/lib/irs/dns_nw.c b/contrib/bind/lib/irs/dns_nw.c index fbc613f..f39a59a 100644 --- a/contrib/bind/lib/irs/dns_nw.c +++ b/contrib/bind/lib/irs/dns_nw.c @@ -16,7 +16,7 @@ */ #if defined(LIBC_SCCS) && !defined(lint) -static const char rcsid[] = "$Id: dns_nw.c,v 1.22 2002/02/27 03:50:10 marka Exp $"; +static const char rcsid[] = "$Id: dns_nw.c,v 1.23 2002/06/26 07:42:06 marka Exp $"; #endif /* LIBC_SCCS and not lint */ /* Imports. */ @@ -299,8 +299,8 @@ get1101answer(struct irs_nw *this, int af, const char *name, const u_char *addr, int addrlen) { struct pvt *pvt = (struct pvt *)this->private; - int type, class, buflen, ancount, qdcount, haveanswer; - char *bp, **ap; + int type, class, ancount, qdcount, haveanswer; + char *bp, *ep, **ap; u_char *cp, *eom; HEADER *hp; @@ -332,7 +332,7 @@ get1101answer(struct irs_nw *this, /* Prepare a return structure. */ bp = pvt->buf; - buflen = sizeof pvt->buf; + ep = pvt->buf + sizeof(pvt->buf); pvt->net.n_name = NULL; pvt->net.n_aliases = pvt->ali; pvt->net.n_addrtype = af; @@ -345,20 +345,19 @@ get1101answer(struct irs_nw *this, if (name != NULL) { int n = strlen(name) + 1; - if (n > buflen) { + if (n > (ep - bp)) { RES_SET_H_ERRNO(pvt->res, NO_RECOVERY); return (NULL); } pvt->net.n_name = strcpy(bp, name); bp += n; - buflen -= n; } break; case by_addr: if (addr != NULL && addrlen != 0) { int n = addrlen / 8 + ((addrlen % 8) != 0); - if (INADDRSZ > buflen) { + if (INADDRSZ > (ep - bp)) { RES_SET_H_ERRNO(pvt->res, NO_RECOVERY); return (NULL); } @@ -366,7 +365,6 @@ get1101answer(struct irs_nw *this, memcpy(bp, addr, n); pvt->net.n_addr = bp; bp += INADDRSZ; - buflen -= INADDRSZ; } break; default: @@ -377,7 +375,7 @@ get1101answer(struct irs_nw *this, ap = pvt->ali; haveanswer = 0; while (--ancount >= 0 && cp < eom) { - int n = dn_expand(ansbuf, eom, cp, bp, buflen); + int n = dn_expand(ansbuf, eom, cp, bp, ep - bp); cp += n; /* Owner */ if (n < 0 || !maybe_dnok(pvt->res, bp) || @@ -392,7 +390,7 @@ get1101answer(struct irs_nw *this, if (class == C_IN && type == T_PTR) { int nn; - nn = dn_expand(ansbuf, eom, cp, bp, buflen); + nn = dn_expand(ansbuf, eom, cp, bp, ep - bp); if (nn < 0 || !maybe_hnok(pvt->res, bp) || nn != n) { RES_SET_H_ERRNO(pvt->res, NO_RECOVERY); return (NULL); @@ -408,7 +406,6 @@ get1101answer(struct irs_nw *this, *ap++ = bp; nn = strlen(bp) + 1; bp += nn; - buflen -= nn; haveanswer++; break; } @@ -419,7 +416,7 @@ get1101answer(struct irs_nw *this, sscanf(bp, "%u.%u.%u.%u.in-addr.arpa", &b1, &b2, &b3, &b4) != 4) break; - if (buflen < INADDRSZ) { + if ((ep - bp) < INADDRSZ) { RES_SET_H_ERRNO(pvt->res, NO_RECOVERY); return (NULL); } @@ -428,7 +425,6 @@ get1101answer(struct irs_nw *this, *bp++ = b3; *bp++ = b2; *bp++ = b1; - buflen -= INADDRSZ; pvt->net.n_length = INADDRSZ * 8; haveanswer++; } diff --git a/contrib/bind/lib/irs/gethostent.c b/contrib/bind/lib/irs/gethostent.c index 586fa49..8e7e717 100644 --- a/contrib/bind/lib/irs/gethostent.c +++ b/contrib/bind/lib/irs/gethostent.c @@ -16,7 +16,7 @@ */ #if !defined(LINT) && !defined(CODECENTER) -static const char rcsid[] = "$Id: gethostent.c,v 1.29 2001/05/29 05:48:44 marka Exp $"; +static const char rcsid[] = "$Id: gethostent.c,v 1.32 2002/05/27 06:50:55 marka Exp $"; #endif /* Imports */ @@ -458,34 +458,34 @@ freehostent(struct hostent *he) { * -1 on failure. */ -static int -scan_interfaces(int *have_v4, int *have_v6) { -#ifndef SIOCGLIFCONF -/* map new to old */ -#define SIOCGLIFCONF SIOCGIFCONF -#define lifc_len ifc_len -#define lifc_buf ifc_buf - struct ifconf lifc; +#if defined(SIOCGLIFCONF) && defined(SIOCGLIFADDR) && \ + !defined(IRIX_EMUL_IOCTL_SIOCGIFCONF) + +#ifdef __hpux +#define lifc_len iflc_len +#define lifc_buf iflc_buf +#define lifc_req iflc_req +#define LIFCONF if_laddrconf #else #define SETFAMILYFLAGS - struct lifconf lifc; -#endif - -#ifndef SIOCGLIFADDR -/* map new to old */ -#define SIOCGLIFADDR SIOCGIFADDR +#define LIFCONF lifconf #endif - -#ifndef SIOCGLIFFLAGS -#define SIOCGLIFFLAGS SIOCGIFFLAGS -#define lifr_addr ifr_addr -#define lifr_name ifr_name -#define lifr_flags ifr_flags + +#ifdef __hpux +#define lifr_addr iflr_addr +#define lifr_name iflr_name +#define lifr_dstaddr iflr_dstaddr +#define lifr_flags iflr_flags #define ss_family sa_family - struct ifreq lifreq; +#define LIFREQ if_laddrreq #else - struct lifreq lifreq; +#define LIFREQ lifreq #endif + +static int +scan_interfaces6(int *have_v4, int *have_v6) { + struct LIFCONF lifc; + struct LIFREQ lifreq; struct in_addr in4; struct in6_addr in6; char *buf = NULL, *cp, *cplim; @@ -496,7 +496,7 @@ scan_interfaces(int *have_v4, int *have_v6) { *have_v4 = *have_v6 = 0; /* Get interface list from system. */ - if ((s = socket(AF_INET, SOCK_DGRAM, 0)) == -1) + if ((s = socket(AF_INET6, SOCK_DGRAM, 0)) == -1) goto err_ret; /* @@ -508,20 +508,11 @@ scan_interfaces(int *have_v4, int *have_v6) { if (buf == NULL) goto err_ret; #ifdef SETFAMILYFLAGS - lifc.lifc_family = AF_UNSPEC; + lifc.lifc_family = AF_UNSPEC; /* request all families */ lifc.lifc_flags = 0; #endif lifc.lifc_len = bufsiz; lifc.lifc_buf = buf; -#ifdef IRIX_EMUL_IOCTL_SIOCGIFCONF - /* - * This is a fix for IRIX OS in which the call to ioctl with - * the flag SIOCGIFCONF may not return an entry for all the - * interfaces like most flavors of Unix. - */ - if (emul_ioctl(&lifc) >= 0) - break; -#else if ((n = ioctl(s, SIOCGLIFCONF, (char *)&lifc)) != -1) { /* * Some OS's just return what will fit rather @@ -534,7 +525,6 @@ scan_interfaces(int *have_v4, int *have_v6) { if (lifc.lifc_len + 2 * sizeof(lifreq) < bufsiz) break; } -#endif if ((n == -1) && errno != EINVAL) goto err_ret; @@ -620,6 +610,158 @@ scan_interfaces(int *have_v4, int *have_v6) { return (-1); } +#endif + +static int +scan_interfaces(int *have_v4, int *have_v6) { + struct ifconf ifc; + union { + char _pad[256]; /* leave space for IPv6 addresses */ + struct ifreq ifreq; + } u; + struct in_addr in4; + struct in6_addr in6; + char *buf = NULL, *cp, *cplim; + static unsigned int bufsiz = 4095; + int s, n; + size_t cpsize; + +#if defined(SIOCGLIFCONF) && defined(SIOCGLIFADDR) && \ + !defined(IRIX_EMUL_IOCTL_SIOCGIFCONF) + /* + * Try to scan the interfaces using IPv6 ioctls(). + */ + if (!scan_interfaces6(have_v4, have_v6)) + return (0); +#endif + + /* Set to zero. Used as loop terminators below. */ + *have_v4 = *have_v6 = 0; + + /* Get interface list from system. */ + if ((s = socket(AF_INET, SOCK_DGRAM, 0)) == -1) + goto err_ret; + + /* + * Grow buffer until large enough to contain all interface + * descriptions. + */ + for (;;) { + buf = memget(bufsiz); + if (buf == NULL) + goto err_ret; + ifc.ifc_len = bufsiz; + ifc.ifc_buf = buf; +#ifdef IRIX_EMUL_IOCTL_SIOCGIFCONF + /* + * This is a fix for IRIX OS in which the call to ioctl with + * the flag SIOCGIFCONF may not return an entry for all the + * interfaces like most flavors of Unix. + */ + if (emul_ioctl(&ifc) >= 0) + break; +#else + if ((n = ioctl(s, SIOCGIFCONF, (char *)&ifc)) != -1) { + /* + * Some OS's just return what will fit rather + * than set EINVAL if the buffer is too small + * to fit all the interfaces in. If + * ifc.ifc_len is too near to the end of the + * buffer we will grow it just in case and + * retry. + */ + if (ifc.ifc_len + 2 * sizeof(u.ifreq) < bufsiz) + break; + } +#endif + if ((n == -1) && errno != EINVAL) + goto err_ret; + + if (bufsiz > 1000000) + goto err_ret; + + memput(buf, bufsiz); + bufsiz += 4096; + } + + /* Parse system's interface list. */ + cplim = buf + ifc.ifc_len; /* skip over if's with big ifr_addr's */ + for (cp = buf; + (*have_v4 == 0 || *have_v6 == 0) && cp < cplim; + cp += cpsize) { + memcpy(&u.ifreq, cp, sizeof u.ifreq); +#ifdef HAVE_SA_LEN +#ifdef FIX_ZERO_SA_LEN + if (u.ifreq.ifr_addr.sa_len == 0) + u.ifreq.ifr_addr.sa_len = 16; +#endif +#ifdef HAVE_MINIMUM_IFREQ + cpsize = sizeof u.ifreq; + if (u.ifreq.ifr_addr.sa_len > sizeof (struct sockaddr)) + cpsize += (int)u.ifreq.ifr_addr.sa_len - + (int)(sizeof (struct sockaddr)); +#else + cpsize = sizeof u.ifreq.ifr_name + u.ifreq.ifr_addr.sa_len; +#endif /* HAVE_MINIMUM_IFREQ */ + if (cpsize > sizeof u.ifreq && cpsize <= sizeof u) + memcpy(&u.ifreq, cp, cpsize); +#elif defined SIOCGIFCONF_ADDR + cpsize = sizeof u.ifreq; +#else + cpsize = sizeof u.ifreq.ifr_name; + /* XXX maybe this should be a hard error? */ + if (ioctl(s, SIOCGIFADDR, (char *)&u.ifreq) < 0) + continue; +#endif + switch (u.ifreq.ifr_addr.sa_family) { + case AF_INET: + if (*have_v4 == 0) { + memcpy(&in4, + &((struct sockaddr_in *) + &u.ifreq.ifr_addr)->sin_addr, + sizeof in4); + if (in4.s_addr == INADDR_ANY) + break; + n = ioctl(s, SIOCGIFFLAGS, (char *)&u.ifreq); + if (n < 0) + break; + if ((u.ifreq.ifr_flags & IFF_UP) == 0) + break; + *have_v4 = 1; + } + break; + case AF_INET6: + if (*have_v6 == 0) { + memcpy(&in6, + &((struct sockaddr_in6 *) + &u.ifreq.ifr_addr)->sin6_addr, + sizeof in6); + if (memcmp(&in6, &in6addr_any, sizeof in6) == 0) + break; + n = ioctl(s, SIOCGIFFLAGS, (char *)&u.ifreq); + if (n < 0) + break; + if ((u.ifreq.ifr_flags & IFF_UP) == 0) + break; + *have_v6 = 1; + } + break; + } + } + if (buf != NULL) + memput(buf, bufsiz); + close(s); + /* printf("scan interface -> 4=%d 6=%d\n", *have_v4, *have_v6); */ + return (0); + err_ret: + if (buf != NULL) + memput(buf, bufsiz); + if (s != -1) + close(s); + /* printf("scan interface -> 4=%d 6=%d\n", *have_v4, *have_v6); */ + return (-1); +} + static struct hostent * copyandmerge(struct hostent *he1, struct hostent *he2, int af, int *error_num) { struct hostent *he = NULL; diff --git a/contrib/bind/lib/nameser/ns_name.c b/contrib/bind/lib/nameser/ns_name.c index cf371b6..96c41e8 100644 --- a/contrib/bind/lib/nameser/ns_name.c +++ b/contrib/bind/lib/nameser/ns_name.c @@ -16,7 +16,7 @@ */ #ifndef lint -static const char rcsid[] = "$Id: ns_name.c,v 8.17 2001/10/03 14:34:32 marka Exp $"; +static const char rcsid[] = "$Id: ns_name.c,v 8.18 2002/05/24 05:10:40 marka Exp $"; #endif #include "port_before.h" @@ -681,6 +681,8 @@ special(int ch) { case 0x2E: /* '.' */ case 0x3B: /* ';' */ case 0x5C: /* '\\' */ + case 0x28: /* '(' */ + case 0x29: /* ')' */ /* Special modifiers in zone files. */ case 0x40: /* '@' */ case 0x24: /* '$' */ diff --git a/contrib/bind/lib/resolv/res_debug.c b/contrib/bind/lib/resolv/res_debug.c index 9b61e11..f2c0689 100644 --- a/contrib/bind/lib/resolv/res_debug.c +++ b/contrib/bind/lib/resolv/res_debug.c @@ -95,7 +95,7 @@ #if defined(LIBC_SCCS) && !defined(lint) static const char sccsid[] = "@(#)res_debug.c 8.1 (Berkeley) 6/4/93"; -static const char rcsid[] = "$Id: res_debug.c,v 8.45 2001/12/19 12:05:56 marka Exp $"; +static const char rcsid[] = "$Id: res_debug.c,v 8.46 2002/05/21 01:57:45 marka Exp $"; #endif /* LIBC_SCCS and not lint */ #include "port_before.h" @@ -683,12 +683,10 @@ precsize_ntoa(prec) /* converts ascii size/precision X * 10**Y(cm) to 0xXY. moves pointer. */ static u_int8_t -precsize_aton(strptr) - char **strptr; -{ +precsize_aton(const char **strptr) { unsigned int mval = 0, cmval = 0; u_int8_t retval = 0; - char *cp; + const char *cp; int exponent; int mantissa; @@ -725,11 +723,8 @@ precsize_aton(strptr) /* converts ascii lat/lon to unsigned encoded 32-bit number. moves pointer. */ static u_int32_t -latlon2ul(latlonstrptr,which) - char **latlonstrptr; - int *which; -{ - char *cp; +latlon2ul(const char **latlonstrptr, int *which) { + const char *cp; u_int32_t retval; int deg = 0, min = 0, secs = 0, secsfrac = 0; diff --git a/contrib/bind/lib/resolv/res_init.c b/contrib/bind/lib/resolv/res_init.c index 8dc72f4..9f99d14 100644 --- a/contrib/bind/lib/resolv/res_init.c +++ b/contrib/bind/lib/resolv/res_init.c @@ -70,7 +70,7 @@ #if defined(LIBC_SCCS) && !defined(lint) static const char sccsid[] = "@(#)res_init.c 8.1 (Berkeley) 6/7/93"; -static const char rcsid[] = "$Id: res_init.c,v 8.28 2002/01/30 01:07:35 marka Exp $"; +static const char rcsid[] = "$Id: res_init.c,v 8.29 2002/05/31 06:05:31 marka Exp $"; #endif /* LIBC_SCCS and not lint */ #include "port_before.h" @@ -194,7 +194,8 @@ __res_vinit(res_state statp, int preinit) { if (statp->_u._ext.ext != NULL) { memset(statp->_u._ext.ext, 0, sizeof(*statp->_u._ext.ext)); statp->_u._ext.ext->nsaddrs[0].sin = statp->nsaddr; - strcpy(statp->_u._ext.ext->nsuffix, "ip6.int"); + strcpy(statp->_u._ext.ext->nsuffix, "ip6.arpa"); + strcpy(statp->_u._ext.ext->nsuffix2, "ip6.int"); strcpy(statp->_u._ext.ext->bsuffix, "ip6.arpa"); } #ifdef RESOLVSORT @@ -520,6 +521,14 @@ res_setoptions(res_state statp, const char *options, const char *source) strncpy(ext->nsuffix, cp, i); ext->nsuffix[i] = '\0'; } + else if (!strncmp(cp, "nibble2:", sizeof("nibble2:") - 1)) { + if (ext == NULL) + goto skip; + cp += sizeof("nibble2:") - 1; + i = MIN(strcspn(cp, " \t"), sizeof(ext->nsuffix2) - 1); + strncpy(ext->nsuffix2, cp, i); + ext->nsuffix2[i] = '\0'; + } else if (!strncmp(cp, "bitstring:", sizeof("bitstring:") - 1)) { if (ext == NULL) goto skip; @@ -530,16 +539,12 @@ res_setoptions(res_state statp, const char *options, const char *source) } else if (!strncmp(cp, "v6revmode:", sizeof("v6revmode:") - 1)) { cp += sizeof("v6revmode:") - 1; - if (!strncmp(cp, "nibble", sizeof("nibble") - 1)) { - statp->options &= ~RES_NO_NIBBLE; - statp->options |= RES_NO_BITSTRING; - } else if (!strncmp(cp, "bitstring", - sizeof("bitstring") - 1)) { - statp->options |= RES_NO_NIBBLE; - statp->options &= ~RES_NO_BITSTRING; + /* "nibble" and "bitstring" used to be valid */ + if (!strncmp(cp, "single", sizeof("single") - 1)) { + statp->options |= RES_NO_NIBBLE2; } else if (!strncmp(cp, "both", sizeof("both") - 1)) { statp->options &= - ~(RES_NO_NIBBLE|RES_NO_BITSTRING); + ~RES_NO_NIBBLE2; } } else { @@ -613,6 +618,13 @@ const char * res_get_nibblesuffix(res_state statp) { if (statp->_u._ext.ext) return (statp->_u._ext.ext->nsuffix); + return ("ip6.arpa"); +} + +const char * +res_get_nibblesuffix2(res_state statp) { + if (statp->_u._ext.ext) + return (statp->_u._ext.ext->nsuffix2); return ("ip6.int"); } diff --git a/contrib/bind/lib/resolv/res_private.h b/contrib/bind/lib/resolv/res_private.h index 2c7fa5e..ec9b384 100644 --- a/contrib/bind/lib/resolv/res_private.h +++ b/contrib/bind/lib/resolv/res_private.h @@ -12,6 +12,7 @@ struct __res_state_ext { } sort_list[MAXRESOLVSORT]; char nsuffix[64]; char bsuffix[64]; + char nsuffix2[64]; }; extern int diff --git a/contrib/bind/port/freebsd/Makefile.set b/contrib/bind/port/freebsd/Makefile.set index acf7a56..0cf3c39 100644 --- a/contrib/bind/port/freebsd/Makefile.set +++ b/contrib/bind/port/freebsd/Makefile.set @@ -1,5 +1,5 @@ 'CC=cc' -'CDEBUG=-O2 -g -W -Wall -Wmissing-prototypes -Wcast-qual -Wwrite-strings -Wformat -DMEMCLUSTER_RECORD=1' +'CDEBUG=-O2 -g -W -Wall -Wmissing-prototypes -Wcast-qual -Wwrite-strings -Wformat' 'DESTBIN=/usr/bin' 'DESTSBIN=/usr/sbin' 'DESTEXEC=/usr/libexec' @@ -9,7 +9,8 @@ 'DESTRUN=/var/run' 'LEX=lex -I' 'YACC=yacc -d' -'SYSLIBS=-ll -lutil' +'SYSLIBS=-lutil' +'LIBL=-ll' 'INSTALL=install' 'MANDIR=cat' 'MANROFF=(tbl|nroff -man)' diff --git a/contrib/bind/port/freebsd/include/port_before.h b/contrib/bind/port/freebsd/include/port_before.h index fe20b2a..5da974b 100644 --- a/contrib/bind/port/freebsd/include/port_before.h +++ b/contrib/bind/port/freebsd/include/port_before.h @@ -15,6 +15,7 @@ #define SETPWENT_VOID #endif +#include <sys/param.h> #include <sys/types.h> #define GROUP_R_RETURN struct group * @@ -26,8 +27,13 @@ #define GROUP_R_ENT_ARGS void #define GROUP_R_OK gptr #define GROUP_R_BAD NULL +#if defined(__FreeBSD_version) && __FreeBSD_version >= 500030 +#define GETGROUPLIST_ARGS const char *name, gid_t basegid, gid_t *groups, \ + int *ngroups +#else #define GETGROUPLIST_ARGS const char *name, int basegid, int *groups, \ int *ngroups +#endif #define HOST_R_RETURN struct hostent * #define HOST_R_SET_RETURN void |