diff options
Diffstat (limited to 'contrib/bind/bin')
26 files changed, 447 insertions, 347 deletions
diff --git a/contrib/bind/bin/dig/dig.c b/contrib/bind/bin/dig/dig.c index 5bb6e7a..e18249f 100644 --- a/contrib/bind/bin/dig/dig.c +++ b/contrib/bind/bin/dig/dig.c @@ -1,5 +1,5 @@ #ifndef lint -static const char rcsid[] = "$Id: dig.c,v 8.57 2002/06/18 02:26:49 marka Exp $"; +static const char rcsid[] = "$Id: dig.c,v 8.62.6.3 2003/06/02 10:06:30 marka Exp $"; #endif /* @@ -177,6 +177,7 @@ static const char rcsid[] = "$Id: dig.c,v 8.57 2002/06/18 02:26:49 marka Exp $"; #include <stdlib.h> #include <string.h> #include <unistd.h> +#include <time.h> /* time(2), ctime(3) */ #include "port_after.h" @@ -206,15 +207,23 @@ static const char rcsid[] = "$Id: dig.c,v 8.57 2002/06/18 02:26:49 marka Exp $"; #define SAVEENV "DiG.env" #define DIG_MAXARGS 30 +#ifndef DIG_PING +#define DIG_PING "ping" +#endif +#ifndef DIG_TAIL +#define DIG_TAIL "tail" +#endif +#ifndef DIG_PINGFMT +#define DIG_PINGFMT "%s -s %s 56 3 | %s -3" +#endif + static int eecode = 0; static FILE * qfp; -static char *defsrv, *srvmsg; -static char defbuf[40] = "default -- "; -static char srvbuf[1024]; static char myhostname[MAXHOSTNAMELEN]; static struct sockaddr_in myaddress; static struct sockaddr_in6 myaddress6; static u_int32_t ixfr_serial; +static char ubuf[sizeof("ffff:ffff:ffff:ffff:ffff:ffff:123.123.123.123")]; /* stuff for nslookup modules */ struct __res_state res; @@ -260,7 +269,7 @@ main(int argc, char **argv) { } packet_; #define header (packet_.header_) #define packet (packet_.packet_) - u_char answer[64*1024]; + u_char answer[NS_MAXMSG]; int n; char doping[90]; char pingstr[50]; @@ -295,6 +304,7 @@ main(int argc, char **argv) { ns_tsig_key key; char *keyfile = NULL, *keyname = NULL; + const char *pingfmt = NULL; res_ninit(&res); res.pfcode = PRF_DEF; @@ -315,7 +325,6 @@ main(int argc, char **argv) { myaddress6.sin6_addr = in6addr_any; myaddress6.sin6_port = 0; /*INPORT_ANY*/; - defsrv = strcat(defbuf, inet_ntoa(res.nsaddr.sin_addr)); res_x = res; /* @@ -363,7 +372,6 @@ main(int argc, char **argv) { vtmp++; } - res.id = 1; gettimeofday(&tv1, NULL); /* @@ -408,6 +416,11 @@ main(int argc, char **argv) { * deal with .... */ while (*(++argv) != NULL && **argv != '\0') { + if (strlen(cmd) + strlen(*argv) + 2 > sizeof (cmd)) { + fprintf(stderr, + "Argument too large for input buffer\n"); + exit(1); + } strcat(cmd, *argv); strcat(cmd, " "); if (**argv == '@') { @@ -523,10 +536,14 @@ main(int argc, char **argv) { port = htons(atoi(*argv)); break; case 'P': - if (argv[0][2] != '\0') + if (argv[0][2] != '\0') { strcpy(pingstr, argv[0]+2); - else - strcpy(pingstr, "ping -s"); + pingfmt = + "%s %s 56 3 | %s -3"; + } else { + strcpy(pingstr, DIG_PING); + pingfmt = DIG_PINGFMT; + } break; case 'n': if (argv[0][2] != '\0') @@ -769,8 +786,6 @@ main(int argc, char **argv) { * able to "put the resolver to work". */ - srvbuf[0] = 0; - srvmsg = defsrv; if (srv != NULL) { int nscount = 0; union res_sockaddr_union u[MAXNS]; @@ -803,31 +818,13 @@ main(int argc, char **argv) { case AF_INET: u[nscount].sin = *(struct sockaddr_in*)cur->ai_addr; - u[nscount++].sin6.sin6_port = + u[nscount++].sin.sin_port = port; break; } } - if (nscount != 0) { - char buf[80]; + if (nscount != 0) res_setservers(&res, u, nscount); - srvmsg = strcat(srvbuf, srv); - strcat(srvbuf, " "); - buf[0] = '\0'; - switch (u[0].sin.sin_family) { - case AF_INET: - inet_ntop(AF_INET, - &u[0].sin.sin_addr, - buf, sizeof(buf)); - break; - case AF_INET6: - inet_ntop(AF_INET6, - &u[0].sin6.sin6_addr, - buf, sizeof(buf)); - break; - } - strcat(srvbuf, buf); - } freeaddrinfo(answer); } else { res = res_t; @@ -836,7 +833,6 @@ main(int argc, char **argv) { "; Bad server: %s -- using default server and timer opts\n", srv); fflush(stderr); - srvmsg = defsrv; srv = NULL; } printf("; (%d server%s found)\n", @@ -849,7 +845,7 @@ main(int argc, char **argv) { int nscount; union res_sockaddr_union u[MAXNS]; nscount = res_getservers(&res, u, MAXNS); - for (i = 0; i < res.nscount; i++) { + for (i = 0; i < nscount; i++) { int x; if (keyfile) @@ -861,24 +857,11 @@ main(int argc, char **argv) { &u[i].sin, NULL); if (res.pfcode & RES_PRF_STATS) { - char buf[80]; exectime = time(NULL); - buf[0] = '\0'; - switch (u[i].sin.sin_family) { - case AF_INET: - inet_ntop(AF_INET, - &u[i].sin.sin_addr, - buf, sizeof(buf)); - break; - case AF_INET6: - inet_ntop(AF_INET6, - &u[i].sin6.sin6_addr, - buf, sizeof(buf)); - break; - } printf(";; FROM: %s to SERVER: %s\n", myhostname, - buf); + p_sockun(u[RES_GETLAST(res)], + ubuf, sizeof(ubuf))); printf(";; WHEN: %s", ctime(&exectime)); } if (!x) @@ -944,12 +927,10 @@ main(int argc, char **argv) { if ((bytes_in = n) < 0) { fflush(stdout); n = 0 - n; - msg[0]=0; if (keyfile) - strcat(msg,";; res_nsendsigned to server "); + strcpy(msg, ";; res_nsendsigned"); else - strcat(msg,";; res_nsend to server "); - strcat(msg,srvmsg); + strcat(msg, ";; res_nsend"); perror(msg); fflush(stderr); @@ -963,13 +944,17 @@ main(int argc, char **argv) { (void) gettimeofday(&end_time, NULL); if (res.pfcode & RES_PRF_STATS) { + union res_sockaddr_union u[MAXNS]; + + (void) res_getservers(&res, u, MAXNS); query_time = difftv(start_time, end_time); printf(";; Total query time: "); prnttime(query_time); putchar('\n'); exectime = time(NULL); - printf(";; FROM: %s to SERVER: %s\n", - myhostname, srvmsg); + printf(";; FROM: %s to SERVER: %s\n", myhostname, + p_sockun(u[RES_GETLAST(res)], + ubuf, sizeof(ubuf))); printf(";; WHEN: %s", ctime(&exectime)); printf(";; MSG SIZE sent: %d rcvd: %d\n", bytes_out, bytes_in); @@ -980,9 +965,8 @@ main(int argc, char **argv) { * Argh ... not particularly elegant. Should put in *real* ping code. * Would necessitate root priviledges for icmp port though! */ - if (*pingstr) { - sprintf(doping,"%s %s 56 3 | tail -3",pingstr, - (srv==NULL)?(defsrv+10):srv); + if (*pingstr && srv != NULL) { + sprintf(doping, pingfmt, pingstr, srv, DIG_TAIL); system(doping); } putchar('\n'); @@ -1038,7 +1022,7 @@ where: server,\n\ fputs("\ notes: defname and search don't work; use fully-qualified names.\n\ this is DiG version " VSTRING "\n\ - $Id: dig.c,v 8.57 2002/06/18 02:26:49 marka Exp $\n\ + $Id: dig.c,v 8.62.6.3 2003/06/02 10:06:30 marka Exp $\n\ ", stderr); } @@ -1383,7 +1367,7 @@ printZone(ns_type xfr, const char *zone, const struct sockaddr_in *sin, sizeof myaddress) < 0){ int e = errno; - fprintf(stderr, ";; bind(%s:%u): %s\n", + fprintf(stderr, ";; bind(%s port %u): %s\n", inet_ntoa(myaddress.sin_addr), ntohs(myaddress.sin_port), strerror(e)); @@ -1407,7 +1391,7 @@ printZone(ns_type xfr, const char *zone, const struct sockaddr_in *sin, int e = errno; char buf[80]; - fprintf(stderr, ";; bind(%s:%u): %s\n", + fprintf(stderr, ";; bind(%s port %u): %s\n", inet_ntop(AF_INET6, &myaddress6.sin6_addr, buf, sizeof(buf)), ntohs(myaddress6.sin6_port), @@ -1799,7 +1783,7 @@ reverse6(char *domain, struct in6_addr *in6) { in6->s6_addr[6] & 0x0f, (in6->s6_addr[6] >> 4) & 0x0f, in6->s6_addr[5] & 0x0f, (in6->s6_addr[5] >> 4) & 0x0f, in6->s6_addr[4] & 0x0f, (in6->s6_addr[4] >> 4) & 0x0f, - in6->s6_addr[6] & 0x0f, (in6->s6_addr[3] >> 4) & 0x0f, + in6->s6_addr[3] & 0x0f, (in6->s6_addr[3] >> 4) & 0x0f, in6->s6_addr[2] & 0x0f, (in6->s6_addr[2] >> 4) & 0x0f, in6->s6_addr[1] & 0x0f, (in6->s6_addr[1] >> 4) & 0x0f, in6->s6_addr[0] & 0x0f, (in6->s6_addr[0] >> 4) & 0x0f); diff --git a/contrib/bind/bin/dnsquery/dnsquery.c b/contrib/bind/bin/dnsquery/dnsquery.c index cbc1e85..b972658 100644 --- a/contrib/bind/bin/dnsquery/dnsquery.c +++ b/contrib/bind/bin/dnsquery/dnsquery.c @@ -1,5 +1,5 @@ #if !defined(lint) && !defined(SABER) -static const char rcsid[] = "$Id: dnsquery.c,v 8.19 2002/04/12 03:03:48 marka Exp $"; +static const char rcsid[] = "$Id: dnsquery.c,v 8.19.10.1 2003/06/02 09:15:45 marka Exp $"; #endif /* not lint */ /* @@ -85,7 +85,7 @@ main(int argc, char *argv[]) { int c, n; int nameservers = 0, class, type, len; union res_sockaddr_union q_nsaddr[MAXNS]; - extern int optind, opterr; + extern int optind; extern char *optarg; int stream = 0, debug = 0; diff --git a/contrib/bind/bin/host/host.c b/contrib/bind/bin/host/host.c index 5bac200..7c0fa72 100644 --- a/contrib/bind/bin/host/host.c +++ b/contrib/bind/bin/host/host.c @@ -1,5 +1,5 @@ #ifndef lint -static const char rcsid[] = "$Id: host.c,v 8.53 2002/06/18 02:34:02 marka Exp $"; +static const char rcsid[] = "$Id: host.c,v 8.55.8.1 2003/06/02 09:24:38 marka Exp $"; #endif /* not lint */ /* @@ -136,7 +136,7 @@ static const char copyright[] = #define ERROR -3 #define NONAUTH -4 -#define MY_PACKETSZ 64*1024 /* need this to hold tcp answers */ +#define MY_PACKETSZ NS_MAXMSG typedef union { HEADER qb1; @@ -226,7 +226,7 @@ Usage: %s [-adlrwv] [-t querytype] [-c class] host [server]\n\ int main(int argc, char **argv) { struct sockaddr_storage addr; - struct hostent *hp; + int ok = 0; char *s; int waitmode = 0; int ncnames, ch; @@ -383,7 +383,6 @@ main(int argc, char **argv) { } freeaddrinfo(answer); } - hp = NULL; res.res_h_errno = TRY_AGAIN; /* * We handle default domains ourselves, thank you. @@ -393,10 +392,10 @@ main(int argc, char **argv) { if (list) exit(ListHosts(getdomain, querytype ? querytype : ns_t_a)); ncnames = 5; nkeychains = 18; - while (hp == NULL && res.res_h_errno == TRY_AGAIN) { + while (ok == 0 && res.res_h_errno == TRY_AGAIN) { if (!ip) { cname = NULL; - hp = (struct hostent *)gethostinfo(getdomain); + ok = gethostinfo(getdomain); getdomain[0] = 0; /* clear this query */ if (sigchase && (chase_step & SD_RR)) { if (nkeychains-- == 0) { @@ -413,7 +412,7 @@ main(int argc, char **argv) { strcpy (getdomain, chase_domain); strcat (getdomain, "."); querytype = ns_t_sig; - } else if (hp && !(chase_step & SD_SIG) && + } else if (ok != 0 && !(chase_step & SD_SIG) && (chase_step & SD_BADSIG)) { printf ("%s for %s not found, last verified key %s\n", chase_step & SD_SIG ? "Key" : "Signature", @@ -437,21 +436,17 @@ main(int argc, char **argv) { sym_ntos(__p_type_syms, chase_type, NULL), getdomain); } - hp = NULL; + ok = 0; res.res_h_errno = TRY_AGAIN; continue; } - } else { - if (addrinfo(&addr) == 0) - hp = NULL; - else - hp = (struct hostent *)1; /* XXX */ - } + } else + ok = addrinfo(&addr); if (!waitmode) break; } - if (hp == NULL) { + if (ok == 0) { hperror(res.res_h_errno); exit(1); } @@ -749,14 +744,14 @@ printinfo(const querybuf *answer, const u_char *eom, int filter, int isls, case SERVFAIL: res.res_h_errno = TRY_AGAIN; return (0); - case NOERROR: - res.res_h_errno = NO_DATA; - return (0); - case FORMERR: - case NOTIMP: - case REFUSED: - res.res_h_errno = NO_RECOVERY; - return (0); + case NOERROR: + res.res_h_errno = NO_DATA; + return (0); + case FORMERR: + case NOTIMP: + case REFUSED: + res.res_h_errno = NO_RECOVERY; + return (0); } return (0); } @@ -1053,7 +1048,7 @@ pr_rr(const u_char *cp, const u_char *msg, FILE *file, int filter) { } if (doprint) - fprintf(file, "(\n\t\t\t%lu\t;serial (version)", + fprintf(file, " (\n\t\t\t%lu\t;serial (version)", ns_get32(cp)); cp += INT32SZ; if (doprint) @@ -1321,15 +1316,15 @@ pr_rr(const u_char *cp, const u_char *msg, FILE *file, int filter) { /* original ttl */ origttl = cp; if (doprint && verbose) - fprintf(file, " %ld", ns_get32(cp)); + fprintf(file, " %lu", ns_get32(cp)); cp += INT32SZ; /* signature expiration */ if (doprint && verbose) - fprintf(file, " %ld", ns_get32(cp)); + fprintf(file, " %lu", ns_get32(cp)); cp += INT32SZ; /* time signed */ if (doprint && verbose) - fprintf(file, " %ld", ns_get32(cp)); + fprintf(file, " %lu", ns_get32(cp)); cp += INT32SZ; /* key footprint */ if (doprint && verbose) @@ -1415,7 +1410,8 @@ pr_rr(const u_char *cp, const u_char *msg, FILE *file, int filter) { } default: - fprintf (stderr, "Unknown algorithm %d\n", n); + if (doprint && verbose) + fprintf (stderr, "Unknown algorithm %d\n", n); cp = cp1 + dlen; break; } diff --git a/contrib/bind/bin/named/db_defs.h b/contrib/bind/bin/named/db_defs.h index 37b974c..05fb190 100644 --- a/contrib/bind/bin/named/db_defs.h +++ b/contrib/bind/bin/named/db_defs.h @@ -1,6 +1,6 @@ /* * from db.h 4.16 (Berkeley) 6/1/90 - * $Id: db_defs.h,v 8.47.4.1 2002/11/14 13:22:24 marka Exp $ + * $Id: db_defs.h,v 8.48 2002/11/17 14:51:50 marka Exp $ */ /* diff --git a/contrib/bind/bin/named/db_ixfr.c b/contrib/bind/bin/named/db_ixfr.c index 231db12..fda89a0 100644 --- a/contrib/bind/bin/named/db_ixfr.c +++ b/contrib/bind/bin/named/db_ixfr.c @@ -1,5 +1,5 @@ #if !defined(lint) && !defined(SABER) -static char rcsid[] = "$Id: db_ixfr.c,v 8.31 2002/01/02 04:47:10 marka Exp $"; +static char rcsid[] = "$Id: db_ixfr.c,v 8.32 2002/07/08 06:26:04 marka Exp $"; #endif /* @@ -857,8 +857,9 @@ ixfr_getdelta(struct zoneinfo *zp, FILE *fp, const char *filename, char *origin, err++; break; } - n = strtoul(buf, &cp, 10); - if (n > 0xffff || *cp != '\0') { + errno = 0; + n = strtoul(buf, &cp, 10); + if (errno != 0 || n > 0xffff || *cp != '\0') { err++; break; } diff --git a/contrib/bind/bin/named/db_load.c b/contrib/bind/bin/named/db_load.c index 12d0197..2b00729 100644 --- a/contrib/bind/bin/named/db_load.c +++ b/contrib/bind/bin/named/db_load.c @@ -1,6 +1,6 @@ #if !defined(lint) && !defined(SABER) static const char sccsid[] = "@(#)db_load.c 4.38 (Berkeley) 3/2/91"; -static const char rcsid[] = "$Id: db_load.c,v 8.121 2001/11/12 21:22:22 marka Exp $"; +static const char rcsid[] = "$Id: db_load.c,v 8.123 2002/08/20 04:27:23 marka Exp $"; #endif /* not lint */ /* @@ -1097,8 +1097,9 @@ db_load(const char *filename, const char *in_origin, if (!getword(buf, sizeof buf, fp, 0) || !isdigit((unsigned char)buf[0])) ERRTO("opaque length"); + errno = 0; n = strtoul(buf, &cp, 10); - if (n > 0xffff || *cp != '\0') + if (errno != 0 || n > 0xffff || *cp != '\0') ERRTO("opaque length"); multiline = 0; i = isc_gethexstring(data, sizeof(data), n, fp, @@ -1190,10 +1191,8 @@ db_load(const char *filename, const char *in_origin, zp->z_origin, filename, msg); } } - errs += purge_nonglue(zp->z_origin, - (dataflags & DB_F_HINT) ? fcachetab : - hashtab, zp->z_class, - zp->z_type == z_master); + errs += purge_nonglue(zp, (dataflags & DB_F_HINT) ? fcachetab : + hashtab, zp->z_type == z_master); cleanup: while (filenames) { fn = filenames; @@ -1210,8 +1209,7 @@ db_load(const char *filename, const char *in_origin, p_class(zp->z_class), zp->z_serial); if ((zp->z_flags & Z_NOTIFY) != 0) ns_stopnotify(zp->z_origin, zp->z_class); - do_reload(zp->z_origin, zp->z_type, zp->z_class, - loading); + do_reload(zp, loading); } else ns_info(ns_log_load, "%s zone \"%s\" (%s) loaded (serial %u)", diff --git a/contrib/bind/bin/named/db_sec.c b/contrib/bind/bin/named/db_sec.c index 9c5bad2..5e03fb9 100644 --- a/contrib/bind/bin/named/db_sec.c +++ b/contrib/bind/bin/named/db_sec.c @@ -1,6 +1,6 @@ #if !defined(lint) && !defined(SABER) -static const char rcsid[] = "$Id: db_sec.c,v 8.35.4.2 2002/11/14 13:24:44 marka Exp $"; +static const char rcsid[] = "$Id: db_sec.c,v 8.36 2002/11/17 14:51:50 marka Exp $"; #endif /* not lint */ /* diff --git a/contrib/bind/bin/named/ns_config.c b/contrib/bind/bin/named/ns_config.c index ad4de85..84973ce 100644 --- a/contrib/bind/bin/named/ns_config.c +++ b/contrib/bind/bin/named/ns_config.c @@ -1,5 +1,5 @@ #if !defined(lint) && !defined(SABER) -static const char rcsid[] = "$Id: ns_config.c,v 8.135 2002/05/24 03:04:59 marka Exp $"; +static const char rcsid[] = "$Id: ns_config.c,v 8.136.8.1 2003/06/02 09:56:34 marka Exp $"; #endif /* not lint */ /* @@ -562,7 +562,7 @@ update_zone_info(struct zoneinfo *zp, struct zoneinfo *new_zp) { if (zp->z_source) { zp->z_source = freestr(zp->z_source); ns_stopxfrs(zp); - purge_zone(zp->z_origin, fcachetab, zp->z_class); + purge_zone(zp, fcachetab); } zp->z_source = new_zp->z_source; new_zp->z_source = NULL; @@ -669,8 +669,7 @@ update_zone_info(struct zoneinfo *zp, struct zoneinfo *new_zp) { * reloading so that NS records are present * during the zone transfer. */ - do_reload(zp->z_origin, zp->z_type, - zp->z_class, 1); + do_reload(zp, 1); } } if (zp->z_source == NULL) { @@ -1150,6 +1149,7 @@ new_options() { #ifdef BIND_NOTIFY op->notify = notify_yes; #endif + op->edns_udp_size = EDNS_MESSAGE_SZ; return (op); } diff --git a/contrib/bind/bin/named/ns_ctl.c b/contrib/bind/bin/named/ns_ctl.c index c8fc907..ced69d5 100644 --- a/contrib/bind/bin/named/ns_ctl.c +++ b/contrib/bind/bin/named/ns_ctl.c @@ -1,5 +1,5 @@ #if !defined(lint) && !defined(SABER) -static const char rcsid[] = "$Id: ns_ctl.c,v 8.47 2002/06/24 07:11:07 marka Exp $"; +static const char rcsid[] = "$Id: ns_ctl.c,v 8.48 2002/07/29 02:06:56 marka Exp $"; #endif /* not lint */ /* @@ -1126,7 +1126,7 @@ verb_args(struct ctl_sctx *ctl, struct ctl_sess *sess, */ cp = saved_argv[pvt->argc++]; tp = pvt->text; - while (cp && *cp != NULL) + while (cp && *cp != '\0') if (*cp == '%' || *cp == ' ' || !isprint((unsigned char)*cp)) { if (tp >= pvt->text + sizeof(pvt->text) - 4) diff --git a/contrib/bind/bin/named/ns_defs.h b/contrib/bind/bin/named/ns_defs.h index 79b8196..7c00a1f 100644 --- a/contrib/bind/bin/named/ns_defs.h +++ b/contrib/bind/bin/named/ns_defs.h @@ -1,6 +1,6 @@ /* * from ns.h 4.33 (Berkeley) 8/23/90 - * $Id: ns_defs.h,v 8.121.2.1 2002/11/14 13:28:12 marka Exp $ + * $Id: ns_defs.h,v 8.124.6.1 2003/06/02 09:56:34 marka Exp $ */ /* @@ -450,7 +450,8 @@ struct qserv { struct timeval stime; /* time first query started */ unsigned int forwarder:1; /* this entry is for a forwarder */ unsigned int noedns:1; /* don't try edns */ - unsigned int nretry:30; /* # of times addr retried */ + unsigned int lame:1; /* this server was lame, try it last */ + unsigned int nretry:29; /* # of times addr retried */ u_int32_t serial; /* valid if Q_ZSERIAL */ }; @@ -793,6 +794,7 @@ typedef struct options { u_int lame_ttl; int minroots; u_int16_t preferred_glue; + u_int16_t edns_udp_size; enum notify notify; } *options; @@ -886,6 +888,7 @@ typedef enum ns_logging_categories { ns_log_load, ns_log_resp_checks, ns_log_control, + ns_log_update_security, ns_log_max_category } ns_logging_categories; diff --git a/contrib/bind/bin/named/ns_forw.c b/contrib/bind/bin/named/ns_forw.c index 746257b..c527a80 100644 --- a/contrib/bind/bin/named/ns_forw.c +++ b/contrib/bind/bin/named/ns_forw.c @@ -1,6 +1,6 @@ #if !defined(lint) && !defined(SABER) static const char sccsid[] = "@(#)ns_forw.c 4.32 (Berkeley) 3/3/91"; -static const char rcsid[] = "$Id: ns_forw.c,v 8.91 2002/05/24 03:04:57 marka Exp $"; +static const char rcsid[] = "$Id: ns_forw.c,v 8.92.6.1 2003/06/02 09:56:34 marka Exp $"; #endif /* not lint */ /* @@ -240,7 +240,8 @@ ns_forw(struct databuf *nsp[], u_char *msg, int msglen, if (!qp->q_addr[0].noedns) smsglen += ns_add_opt(smsg, smsg + smsglen, smsgsize, 0, 0, - EDNS_MESSAGE_SZ, 0, NULL, 0); + server_options->edns_udp_size, + 0, NULL, 0); if (key != NULL) { n = ns_sign(smsg, &smsglen, smsgsize, NOERROR, key, NULL, 0, @@ -465,14 +466,14 @@ nslookup(struct databuf *nsp[], struct qinfo *qp, struct hashbuf *tmphtp; char *dname; const char *fname; - int oldn, naddr, class, found_arr, potential_ns, lame_ns; + int oldn, naddr, class, found_arr, potential_ns; time_t curtime; int found_auth6; ns_debug(ns_log_default, 3, "nslookup(nsp=%p, qp=%p, \"%s\", d=%d)", nsp, qp, syslogdname, qp->q_distance); - lame_ns = potential_ns = 0; + potential_ns = 0; naddr = n = qp->q_naddr; curtime = (u_long) tt.tv_sec; while ((nsdp = *nsp++) != NULL && n < NSMAX) { @@ -492,18 +493,6 @@ nslookup(struct databuf *nsp[], struct qinfo *qp, } } - /* skip lame servers */ - if ((nsdp->d_flags & DB_F_LAME) != 0) { - time_t when; - when = db_lame_find(qp->q_domain, nsdp); - if (when != 0 && when > tt.tv_sec) { - ns_debug(ns_log_default, 3, - "skipping lame NS"); - lame_ns++; - goto skipserver; - } - } - found_arr = 0; found_auth6 = 0; tmphtp = ((nsdp->d_flags & DB_F_HINT) ?fcachetab :hashtab); @@ -617,6 +606,13 @@ nslookup(struct databuf *nsp[], struct qinfo *qp, if (si && (si->flags & SERVER_INFO_EDNS) == 0) qs->noedns = 1; } + qs->lame = 0; + if ((nsdp->d_flags & DB_F_LAME) != 0) { + time_t when; + when = db_lame_find(qp->q_domain, nsdp); + if (when != 0 && when > tt.tv_sec) + qs->lame = 1; + } qs->nretry = 0; /* * If this A RR has no RTT, initialize its RTT to a @@ -708,15 +704,13 @@ nslookup(struct databuf *nsp[], struct qinfo *qp, qp->q_naddr = n; if (n == 0 && potential_ns == 0 && !NS_ZFWDTAB(qp->q_fzone)) { static const char *complaint = "No possible A RRs"; - if (lame_ns != 0) - complaint = "All possible A RR's lame"; if (sysloginfo && syslogdname && !haveComplained((u_long)syslogdname, (u_long)complaint)) { ns_info(ns_log_default, "%s: query(%s) %s", sysloginfo, syslogdname, complaint); } - return ((lame_ns == 0) ? -1 : -2); + return (-1); } /* Update the refcounts before the sort. */ for (i = naddr; i < (u_int)n; i++) { @@ -792,6 +786,11 @@ int qcomp(struct qserv *qs1, struct qserv *qs2) { u_int rtt1, rtt2, rttr1, rttr2; + /* sort lame servers to last */ + if (qs1->lame != qs2->lame) + return (qs1->lame - qs2->lame); + + /* sort by rtt */ if (qs1->nsdata == NULL) { rtt1 = 0; rttr1 = 0; @@ -968,6 +967,23 @@ retry(struct qinfo *qp, int samehost) { if (qp->q_naddr > 0) { qp->q_addr[n].noedns = 1; ++qp->q_addr[n].nretry; + /* + * Look for a non-lame server. + */ + do { + if (++n >= (int)qp->q_naddr) + n = 0; + if ((qp->q_flags & Q_ZSERIAL) != 0 && + qp->q_addr[n].serial != 0) + continue; + if (qp->q_addr[n].lame) + continue; + if (qp->q_addr[n].nretry < MAXRETRY) + goto found; + } while (n != qp->q_curaddr); + /* + * Look for any server including lame servers. + */ do { if (++n >= (int)qp->q_naddr) n = 0; @@ -1071,7 +1087,8 @@ retry(struct qinfo *qp, int samehost) { if (!qp->q_addr[n].noedns) smsglen += ns_add_opt(smsg, smsg + smsglen, smsgsize, 0, 0, - EDNS_MESSAGE_SZ, 0, NULL, 0); + server_options->edns_udp_size, + 0, NULL, 0); if (key != NULL) { n = ns_sign(smsg, &smsglen, smsgsize, NOERROR, key, NULL, 0, diff --git a/contrib/bind/bin/named/ns_func.h b/contrib/bind/bin/named/ns_func.h index e035d93..8b77283 100644 --- a/contrib/bind/bin/named/ns_func.h +++ b/contrib/bind/bin/named/ns_func.h @@ -90,7 +90,7 @@ /* ns_func.h - declarations for ns_*.c's externally visible functions * - * $Id: ns_func.h,v 8.117 2002/04/25 05:27:07 marka Exp $ + * $Id: ns_func.h,v 8.120.8.1 2003/06/02 05:19:56 marka Exp $ */ /* ++from ns_glue.c++ */ @@ -122,7 +122,6 @@ char * __newstr_record(size_t, int, const char *, int); char * __savestr_record(const char *, int, const char *, int); u_char * ina_put(struct in_addr ina, u_char *data); u_char * savebuf(const u_char *, size_t, int); -void dprintf(int level, const char *format, ...) ISC_FORMAT_PRINTF(2, 3); #ifdef DEBUG_STRINGS char * debug_newstr(size_t, int, const char *, int); char * debug_savestr(const char *, int, const char *, int); @@ -167,7 +166,7 @@ int send_msg(u_char *, int, struct qinfo *); int findns(struct namebuf **, int, struct databuf **, int *, int); int finddata(struct namebuf *, int, int, HEADER *, - char **, int *, int *); + char **, int *, int *, int, int); int add_data(struct namebuf *, struct databuf **, u_char *, int, int *); @@ -304,7 +303,7 @@ void ns_cleancache(evContext ctx, void *uap, struct timespec inter); void clean_cache_from(char *dname, struct hashbuf *htp); void remove_zone(struct zoneinfo *, const char *); -void purge_zone(const char *, struct hashbuf *, int); +void purge_zone(struct zoneinfo *, struct hashbuf *); void loadxfer(void); void qserial_retrytime(struct zoneinfo *, time_t); void qserial_query(struct zoneinfo *); @@ -334,8 +333,8 @@ void ns_heartbeat(evContext ctx, void *uap, void make_new_zones(void); void free_zone(struct zoneinfo *); struct zoneinfo * find_auth_zone(const char *, ns_class); -int purge_nonglue(const char *dname, struct hashbuf *htp, - int class, int log); +int purge_nonglue(struct zoneinfo *, struct hashbuf *htp, + int log); /* --from ns_maint.c-- */ /* ++from ns_sort.c++ */ @@ -347,7 +346,6 @@ void sort_response(u_char *, u_char *, int, void ns_refreshtime(struct zoneinfo *, time_t); void ns_retrytime(struct zoneinfo *, time_t); time_t ns_init(const char *); -void purgeandload(struct zoneinfo *zp); enum context ns_ptrcontext(const char *owner); enum context ns_ownercontext(int type, enum transport); int ns_nameok(const struct qinfo *qry, const char *name, @@ -357,7 +355,7 @@ int ns_nameok(const struct qinfo *qry, const char *name, struct in_addr source); int ns_wildcard(const char *name); void zoneinit(struct zoneinfo *); -void do_reload(const char *, int, int, int); +void do_reload(struct zoneinfo *, int); void ns_shutdown(void); /* --from ns_init.c-- */ diff --git a/contrib/bind/bin/named/ns_glob.h b/contrib/bind/bin/named/ns_glob.h index 8f052f5..35fcb6e 100644 --- a/contrib/bind/bin/named/ns_glob.h +++ b/contrib/bind/bin/named/ns_glob.h @@ -1,6 +1,6 @@ /* * from ns.h 4.33 (Berkeley) 8/23/90 - * $Id: ns_glob.h,v 8.58 2002/06/05 04:53:50 marka Exp $ + * $Id: ns_glob.h,v 8.59 2002/07/19 22:44:08 marka Exp $ */ /* @@ -309,6 +309,7 @@ DECL const struct ns_sym category_constants[] { ns_log_load, "load" }, { ns_log_resp_checks, "response-checks" }, { ns_log_control, "control" }, + { ns_log_update_security, "update-security" }, { 0, NULL } } #endif diff --git a/contrib/bind/bin/named/ns_init.c b/contrib/bind/bin/named/ns_init.c index 773192b..a0fce64 100644 --- a/contrib/bind/bin/named/ns_init.c +++ b/contrib/bind/bin/named/ns_init.c @@ -1,6 +1,6 @@ #if !defined(lint) && !defined(SABER) static const char sccsid[] = "@(#)ns_init.c 4.38 (Berkeley) 3/21/91"; -static const char rcsid[] = "$Id: ns_init.c,v 8.76 2001/12/19 01:41:51 marka Exp $"; +static const char rcsid[] = "$Id: ns_init.c,v 8.77 2002/08/20 04:27:23 marka Exp $"; #endif /* not lint */ /* @@ -107,6 +107,7 @@ static const char rcsid[] = "$Id: ns_init.c,v 8.76 2001/12/19 01:41:51 marka Exp #ifdef DEBUG static void content_zone(int, int); #endif +static void purgeandload(struct zoneinfo *zp); /* * Set new refresh time for zone. Use a random number in the last half of @@ -237,7 +238,7 @@ zoneinit(struct zoneinfo *zp) { result = stat(zp->z_source, &sb); if (result != -1) { ns_stopxfrs(zp); - purge_zone(zp->z_origin, hashtab, zp->z_class); + purge_zone(zp, hashtab); } if (result == -1 || db_load(zp->z_source, zp->z_origin, zp, NULL, ISNOTIXFR)) @@ -265,8 +266,11 @@ zoneinit(struct zoneinfo *zp) { * delegation to that child when it was first loaded. */ void -do_reload(const char *domain, int type, int class, int mark) { +do_reload(struct zoneinfo *ozp, int mark) { struct zoneinfo *zp; + const char *domain = ozp->z_origin; + int type = ozp->z_type; + int class = ozp->z_class; ns_debug(ns_log_config, 1, "do_reload: %s %d %d %d", *domain ? domain : ".", type, class, mark); @@ -295,9 +299,9 @@ do_reload(const char *domain, int type, int class, int mark) { */ ns_stopxfrs(zp); if (type == z_hint || (type == z_stub && *domain == 0)) - purge_zone(domain, fcachetab, class); + purge_zone(ozp, fcachetab); else - purge_zone(domain, hashtab, class); + purge_zone(ozp, hashtab); /* * Reload @@ -326,7 +330,7 @@ do_reload(const char *domain, int type, int class, int mark) { domain = ""; /* root zone */ zp = find_zone(domain, class); - if (zp != NULL) { + if (zp != NULL && zp->z_type != Z_HINT) { ns_debug(ns_log_config, 1, "do_reload: matched %s", *domain ? domain : "."); if (mark) @@ -338,7 +342,7 @@ do_reload(const char *domain, int type, int class, int mark) { } } -void +static void purgeandload(struct zoneinfo *zp) { #ifdef BIND_UPDATE @@ -355,9 +359,9 @@ purgeandload(struct zoneinfo *zp) { ns_stopxfrs(zp); if (zp->z_type == Z_HINT) - purge_zone(zp->z_origin, fcachetab, zp->z_class); + purge_zone(zp, fcachetab); else - purge_zone(zp->z_origin, hashtab, zp->z_class); + purge_zone(zp, hashtab); zp->z_flags &= ~Z_AUTH; @@ -563,10 +567,9 @@ ns_shutdown() { if (zp->z_type) { if (zp->z_type != z_hint && zp->z_type != z_cache) { ns_stopxfrs(zp); - purge_zone(zp->z_origin, hashtab, zp->z_class); + purge_zone(zp, hashtab); } else if (zp->z_type == z_hint) - purge_zone(zp->z_origin, fcachetab, - zp->z_class); + purge_zone(zp, fcachetab); free_zone_contents(zp, 1); } } diff --git a/contrib/bind/bin/named/ns_ixfr.c b/contrib/bind/bin/named/ns_ixfr.c index 0492bc0..b6d632d 100644 --- a/contrib/bind/bin/named/ns_ixfr.c +++ b/contrib/bind/bin/named/ns_ixfr.c @@ -1,5 +1,5 @@ #if !defined(lint) && !defined(SABER) -static const char rcsid[] = "$Id: ns_ixfr.c,v 8.32 2002/05/18 01:02:57 marka Exp $"; +static const char rcsid[] = "$Id: ns_ixfr.c,v 8.33 2003/02/24 23:36:01 marka Exp $"; #endif /* not lint */ /* @@ -408,6 +408,7 @@ ixfr_log_maint(struct zoneinfo *zp) { int len; struct stat db_sb; struct stat sb; + size_t check_size; static char buf[MAXBSIZE]; ns_debug(ns_log_default, 3, "ixfr_log_maint(%s)", zp->z_origin); @@ -443,20 +444,13 @@ ixfr_log_maint(struct zoneinfo *zp) { } ns_debug(ns_log_default, 3, "%s, size %ld max %ld\n", zp->z_ixfr_base, (long)sb.st_size, (long)zp->z_max_log_size_ixfr); - if (zp->z_max_log_size_ixfr) { - if (sb.st_size > zp->z_max_log_size_ixfr) - seek = sb.st_size - - (size_t)(zp->z_max_log_size_ixfr + - (zp->z_max_log_size_ixfr * 0.10) ); - else - seek = 0; - } else { - if (sb.st_size > (db_sb.st_size * 0.50)) - seek = sb.st_size - (size_t)((db_sb.st_size * 0.50) - + ((db_sb.st_size * zp->z_max_log_size_ixfr) * 0.10)); - else - seek = 0; - } + check_size = zp->z_max_log_size_ixfr; + if (!check_size) + check_size = db_sb.st_size / 2; + if (sb.st_size > check_size) + seek = (sb.st_size - check_size) + (check_size / 10); + else + seek = 0; ns_debug(ns_log_default, 3, "seek: %ld", (long)seek); if (seek < 1) { ns_debug(ns_log_default, 3, "%s does not need to be reduced", diff --git a/contrib/bind/bin/named/ns_lexer.c b/contrib/bind/bin/named/ns_lexer.c index b827162..3c09cf0 100644 --- a/contrib/bind/bin/named/ns_lexer.c +++ b/contrib/bind/bin/named/ns_lexer.c @@ -1,5 +1,5 @@ #if !defined(lint) && !defined(SABER) -static const char rcsid[] = "$Id: ns_lexer.c,v 8.31 2002/05/24 03:05:03 marka Exp $"; +static const char rcsid[] = "$Id: ns_lexer.c,v 8.31.10.1 2003/06/02 09:56:35 marka Exp $"; #endif /* not lint */ /* @@ -252,6 +252,7 @@ static struct keyword keywords[] = { {"dump-file", T_DUMP_FILE}, {"dynamic", T_DYNAMIC}, {"edns", T_EDNS}, + {"edns-udp-size", T_EDNS_UDP_SIZE}, {"explicit", T_EXPLICIT}, {"fail", T_FAIL}, {"fake-iquery", T_FAKE_IQUERY}, diff --git a/contrib/bind/bin/named/ns_main.c b/contrib/bind/bin/named/ns_main.c index f12f285..d192ff6 100644 --- a/contrib/bind/bin/named/ns_main.c +++ b/contrib/bind/bin/named/ns_main.c @@ -1,6 +1,6 @@ #if !defined(lint) && !defined(SABER) static const char sccsid[] = "@(#)ns_main.c 4.55 (Berkeley) 7/1/91"; -static const char rcsid[] = "$Id: ns_main.c,v 8.160 2002/06/24 07:06:55 marka Exp $"; +static const char rcsid[] = "$Id: ns_main.c,v 8.162.6.2 2003/06/08 22:08:02 marka Exp $"; #endif /* not lint */ /* @@ -141,6 +141,10 @@ char copyright[] = #include "named.h" #undef MAIN_PROGRAM +#ifdef TRUCLUSTER5 +# include <clua/clua.h> +#endif + typedef void (*handler)(void); typedef struct _savedg { @@ -193,7 +197,8 @@ static int sq_dowrite(struct qstream *); static void use_desired_debug(void); static void stream_write(evContext, void *, int, int); -static interface * if_find(struct in_addr, u_int16_t port); +static interface * if_find(struct in_addr, u_int16_t port, + int anyport); static void deallocate_everything(void), stream_accept(evContext, void *, int, @@ -825,8 +830,12 @@ stream_accept(evContext lev, void *uap, int rfd, sp->s_ifp = ifp; INSIST(sizeof sp->s_temp >= INT16SZ); iov = evConsIovec(sp->s_temp, INT16SZ); - INSIST_ERR(evRead(lev, rfd, &iov, 1, stream_getlen, sp, &sp->evID_r) - != -1); + if (evRead(lev, rfd, &iov, 1, stream_getlen, sp, &sp->evID_r) == -1) { + ns_error(ns_log_default, "evRead(fd %d): %s", + rfd, strerror(errno)); + sq_remove(sp); + return; + } sp->flags |= STREAM_READ_EV; ns_debug(ns_log_default, 1, "IP/TCP connection from %s (fd %d)", sin_ntoa(sp->s_from), rfd); @@ -968,8 +977,12 @@ stream_write(evContext ctx, void *uap, int fd, int evmask) { sp->flags &= ~STREAM_WRITE_EV; sp->s_refcnt = 0; iov = evConsIovec(sp->s_temp, INT16SZ); - INSIST_ERR(evRead(ctx, fd, &iov, 1, stream_getlen, sp, &sp->evID_r) != - -1); + if (evRead(ctx, fd, &iov, 1, stream_getlen, sp, &sp->evID_r) == -1) { + ns_error(ns_log_default, "evRead(fd %d): %s", + fd, strerror(errno)); + sq_remove(sp); + return; + } sp->flags |= STREAM_READ_EV; } @@ -1034,9 +1047,12 @@ stream_getlen(evContext lev, void *uap, int fd, int bytes) { iov = evConsIovec(sp->s_buf, (sp->s_size <= sp->s_bufsize) ? sp->s_size : sp->s_bufsize); if (evRead(lev, sp->s_rfd, &iov, 1, stream_getmsg, sp, &sp->evID_r) - == -1) - ns_panic(ns_log_default, 1, "evRead(fd %d): %s", + == -1) { + ns_error(ns_log_default, "evRead(fd %d): %s", sp->s_rfd, strerror(errno)); + sq_remove(sp); + return; + } sp->flags |= STREAM_READ_EV; } @@ -1258,6 +1274,11 @@ getnetconf(int periodic_scan) { ip_match_element ime; u_char *mask_ptr; struct in_addr mask; +#ifdef TRUCLUSTER5 + struct sockaddr clua_addr; + int clua_cnt, clua_tot; +#endif + int clua_buf; if (iflist_initialized) { if (iflist_dont_rescan) @@ -1287,8 +1308,19 @@ getnetconf(int periodic_scan) { free_ip_match_list(local_networks); local_networks = new_ip_match_list(); +#ifdef TRUCLUSTER5 + /* Find out how many cluster aliases there are */ + clua_cnt = 0; + clua_tot = 0; + while (clua_getaliasaddress(&clua_addr, &clua_cnt) == CLUA_SUCCESS) + clua_tot ++; + clua_buf = clua_tot * sizeof(ifreq); +#else + clua_buf = 0; +#endif + for (;;) { - buf = memget(bufsiz); + buf = memget(bufsiz + clua_buf); if (!buf) ns_panic(ns_log_default, 1, "memget(interface)"); ifc.ifc_len = bufsiz; @@ -1323,10 +1355,29 @@ getnetconf(int periodic_scan) { if (bufsiz > 1000000) ns_panic(ns_log_default, 1, "get interface configuration: maximum buffer size exceeded"); - memput(buf, bufsiz); + memput(buf, bufsiz + clua_buf); bufsiz += 4096; } +#ifdef TRUCLUSTER5 + /* Get the cluster aliases and create interface entries for them */ + clua_cnt = 0; + while (clua_tot--) { + memset(&ifreq, 0, sizeof (ifreq)); + if (clua_getaliasaddress(&ifreq.ifr_addr, &clua_cnt) != + CLUA_SUCCESS) + /* + * It is possible the count of aliases has changed; if + * it has increased, they won't be found this pass. + * If has decreased, stop the loop early. */ + break; + strcpy(ifreq.ifr_name, "lo0"); + memcpy(ifc.ifc_buf + ifc.ifc_len, &ifreq, sizeof (ifreq)); + ifc.ifc_len += sizeof (ifreq); + bufsiz += sizeof (ifreq); + } +#endif + ns_debug(ns_log_default, 2, "getnetconf: SIOCGIFCONF: ifc_len = %d", ifc.ifc_len); @@ -1398,7 +1449,7 @@ getnetconf(int periodic_scan) { * point interfaces, then the local address * may appear more than once. */ - ifp = if_find(ina, li->port); + ifp = if_find(ina, li->port, 0); if (ifp != NULL) { ns_debug(ns_log_default, 1, "dup interface addr [%s].%u (%s)", @@ -1835,7 +1886,7 @@ opensocket_f() { * we'll notice we're in trouble if it goes away. */ ifp = if_find(server_options->query_source.sin_addr, - server_options->query_source.sin_port); + server_options->query_source.sin_port, 0); if (ifp != NULL) { ifp->flags |= INTERFACE_FORWARDING; prev_ifp = ifp; @@ -2155,7 +2206,7 @@ sq_write(struct qstream *qs, const u_char *buf, int len) { return (-1); } } - __putshort(len, qs->s_wbuf_free); + ns_put16(len, qs->s_wbuf_free); qs->s_wbuf_free += NS_INT16SZ; memcpy(qs->s_wbuf_free, buf, len); qs->s_wbuf_free += len; @@ -2196,9 +2247,12 @@ sq_done(struct qstream *sp) { } iov = evConsIovec(sp->s_temp, INT16SZ); if (evRead(ev, sp->s_rfd, &iov, 1, stream_getlen, sp, &sp->evID_r) == - -1) - ns_panic(ns_log_default, 1, "evRead(fd %d): %s", + -1) { + ns_error(ns_log_default, "evRead(fd %d): %s", sp->s_rfd, strerror(errno)); + sq_remove(sp); + return; + } sp->flags |= STREAM_READ_EV; } @@ -2302,26 +2356,25 @@ net_mask(struct in_addr ina) { int aIsUs(struct in_addr addr) { - if (ina_hlong(addr) == INADDR_ANY || if_find(addr, 0) != NULL) + if (ina_hlong(addr) == INADDR_ANY || if_find(addr, 0, 1) != NULL) return (1); return (0); } /* interface * - * if_find(addr, port) + * if_find(addr, port, anyport) * scan our list of interface addresses for "addr" and port. - * port == 0 means match any port * returns: * pointer to interface with this address/port, or NULL if there isn't * one. */ static interface * -if_find(struct in_addr addr, u_int16_t port) { +if_find(struct in_addr addr, u_int16_t port, int anyport) { interface *ifp; for (ifp = HEAD(iflist); ifp != NULL; ifp = NEXT(ifp, link)) if (ina_equal(addr, ifp->addr)) - if (port == 0 || ifp->port == port) + if (anyport || ifp->port == port) break; return (ifp); } diff --git a/contrib/bind/bin/named/ns_maint.c b/contrib/bind/bin/named/ns_maint.c index be4b6f9..0618ab9 100644 --- a/contrib/bind/bin/named/ns_maint.c +++ b/contrib/bind/bin/named/ns_maint.c @@ -1,6 +1,6 @@ #if !defined(lint) && !defined(SABER) static const char sccsid[] = "@(#)ns_maint.c 4.39 (Berkeley) 3/2/91"; -static const char rcsid[] = "$Id: ns_maint.c,v 8.136 2002/06/26 03:27:20 marka Exp $"; +static const char rcsid[] = "$Id: ns_maint.c,v 8.137.8.1 2003/06/02 05:34:25 marka Exp $"; #endif /* not lint */ /* @@ -134,7 +134,7 @@ static void startxfer(struct zoneinfo *), abortxfer(struct zoneinfo *), purge_z_2(struct hashbuf *, int); static int purge_nonglue_2(const char *, struct hashbuf *, - int, int, int); + int, int, int, int); #ifndef HAVE_SPAWNXFER static pid_t spawnxfer(char **, struct zoneinfo *); @@ -181,7 +181,7 @@ zone_maint(struct zoneinfo *zp) { if ((zp->z_flags & Z_NOTIFY) != 0) ns_stopnotify(zp->z_origin, zp->z_class); /* calls purge_zone */ - do_reload(zp->z_origin, zp->z_type, zp->z_class, 0); + do_reload(zp, 0); /* reset zone state */ if (!haveComplained((u_long)zp, (u_long)stale)) { ns_notice(ns_log_default, @@ -906,7 +906,7 @@ startxfer(struct zoneinfo *zp) { last = &buffer[sizeof buffer - 1]; /* leave room for \0 */ for (i = 0; i < argc; i++) { len = strlen(argv[i]); - if (curr + len + 1 >= last) { + if (len + 1 >= last - curr) { ns_debug(ns_log_xfer_in, 1, "xfer args debug printout truncated"); break; @@ -1215,7 +1215,7 @@ remove_zone(struct zoneinfo *zp, const char *verb) { zp->z_xferpid = 0; ns_need(main_need_tryxfer); } - do_reload(zp->z_origin, zp->z_type, zp->z_class, 1); + do_reload(zp, 1); ns_notice(ns_log_config, "%s zone \"%s\" (%s) %s", zoneTypeString(zp->z_type), zp->z_origin, p_class(zp->z_class), verb); @@ -1228,17 +1228,30 @@ remove_zone(struct zoneinfo *zp, const char *verb) { } int -purge_nonglue(const char *dname, struct hashbuf *htp, int class, int log) { +purge_nonglue(struct zoneinfo *zp, struct hashbuf *htp, int log) { + const char *dname = zp->z_origin; const char *fname; struct namebuf *np; struct hashbuf *phtp = htp; int root_zone = 0; int errs = 0; + int zone = zp - zones; + struct databuf *pdp, *dp; + int class = zp->z_class; - ns_debug(ns_log_default, 1, "purge_zone(%s,%d)", dname, class); + ns_debug(ns_log_default, 1, "purge_nonglue(%s/%d)", dname, class); if ((np = nlookup(dname, &phtp, &fname, 0)) && dname == fname && !ns_wildcard(NAME(*np))) { + for (pdp = NULL, dp = np->n_data; dp != NULL; (void)NULL) { + if (dp->d_class == class && dp->d_zone != zone) + dp = rm_datum(dp, np, pdp, NULL); + else { + pdp = dp; + dp = dp->d_next; + } + } + if (*dname == '\0') root_zone = 1; @@ -1249,7 +1262,7 @@ purge_nonglue(const char *dname, struct hashbuf *htp, int class, int log) { h = htp; else h = np->n_hash; - errs += purge_nonglue_2(dname, h, class, 0, log); + errs += purge_nonglue_2(dname, h, class, 0, log, zone); if (h->h_cnt == 0 && !root_zone) { rm_hash(np->n_hash); np->n_hash = NULL; @@ -1290,7 +1303,7 @@ valid_glue(struct databuf *dp, char *name, int belowcut) { static int purge_nonglue_2(const char *dname, struct hashbuf *htp, int class, - int belowcut, int log) + int belowcut, int log, int zone) { struct databuf *dp, *pdp; struct namebuf *np, *pnp, *npn; @@ -1315,10 +1328,16 @@ purge_nonglue_2(const char *dname, struct hashbuf *htp, int class, for (pdp = NULL, dp = np->n_data; dp != NULL; (void)NULL) { - if (dp->d_class == class && - zonecut && + int delete = 0; + if (!zonecut && + dp->d_class == class && + dp->d_zone != zone) + delete = 1; + if (zonecut && + dp->d_class == class && !valid_glue(dp, name, belowcut)) { - if (log) + if (log && + dp->d_zone == zone) { ns_error(ns_log_load, "zone: %s/%s: non-glue record %s bottom of zone: %s/%s", *dname ? dname : ".", @@ -1327,11 +1346,14 @@ purge_nonglue_2(const char *dname, struct hashbuf *htp, int class, "at", *name ? name : ".", p_type(dp->d_type)); + errs++; + } + delete = 1; + } + if (delete) dp = rm_datum(dp, np, pdp, NULL); - if (log) - errs++; - } else { + else { pdp = dp; dp = dp->d_next; } @@ -1346,7 +1368,7 @@ purge_nonglue_2(const char *dname, struct hashbuf *htp, int class, class, zonecut || belowcut, - log); + log, zone); /* if now empty, free it */ if (np->n_hash->h_cnt == 0) { @@ -1369,18 +1391,20 @@ purge_nonglue_2(const char *dname, struct hashbuf *htp, int class, } void -purge_zone(const char *dname, struct hashbuf *htp, int class) { +purge_zone(struct zoneinfo *zp, struct hashbuf *htp) { const char *fname; struct databuf *dp, *pdp; struct namebuf *np; struct hashbuf *phtp = htp; int root_zone = 0; + int zone = zp - zones; + char *dname = zp->z_origin; - ns_debug(ns_log_default, 1, "purge_zone(%s,%d)", dname, class); + ns_debug(ns_log_default, 1, "purge_zone(%s)", dname); if ((np = nlookup(dname, &phtp, &fname, 0)) && dname == fname && !ns_wildcard(NAME(*np))) { for (pdp = NULL, dp = np->n_data; dp != NULL; (void)NULL) { - if (dp->d_class == class) + if (dp->d_zone == zone) dp = rm_datum(dp, np, pdp, NULL); else { pdp = dp; @@ -1398,7 +1422,7 @@ purge_zone(const char *dname, struct hashbuf *htp, int class) { h = htp; else h = np->n_hash; - purge_z_2(h, class); + purge_z_2(h, zone); if (h->h_cnt == 0 && !root_zone) { rm_hash(np->n_hash); np->n_hash = NULL; @@ -1411,10 +1435,7 @@ purge_zone(const char *dname, struct hashbuf *htp, int class) { } static void -purge_z_2(htp, class) - struct hashbuf *htp; - int class; -{ +purge_z_2(struct hashbuf *htp, int zone) { struct databuf *dp, *pdp; struct namebuf *np, *pnp, *npn; struct namebuf **npp, **nppend; @@ -1422,27 +1443,25 @@ purge_z_2(htp, class) nppend = htp->h_tab + htp->h_size; for (npp = htp->h_tab; npp < nppend; npp++) { for (pnp = NULL, np = *npp; np != NULL; np = npn) { - if (!bottom_of_zone(np->n_data, class)) { - for (pdp = NULL, dp = np->n_data; - dp != NULL; - (void)NULL) { - if (dp->d_class == class) - dp = rm_datum(dp, np, pdp, - NULL); - else { - pdp = dp; - dp = dp->d_next; - } + for (pdp = NULL, dp = np->n_data; + dp != NULL; + (void)NULL) { + if (dp->d_zone == zone) + dp = rm_datum(dp, np, pdp, + NULL); + else { + pdp = dp; + dp = dp->d_next; } - if (np->n_hash) { - /* call recursively to rm subdomains */ - purge_z_2(np->n_hash, class); + } + if (np->n_hash) { + /* call recursively to rm subdomains */ + purge_z_2(np->n_hash, zone); - /* if now empty, free it */ - if (np->n_hash->h_cnt == 0) { - rm_hash(np->n_hash); - np->n_hash = NULL; - } + /* if now empty, free it */ + if (np->n_hash->h_cnt == 0) { + rm_hash(np->n_hash); + np->n_hash = NULL; } } @@ -1804,12 +1823,12 @@ loadxfer(void) { isixfr = ISIXFR; } else { tmpnom = zp->z_source; - purge_zone(zp->z_origin, hashtab, zp->z_class); + purge_zone(zp, hashtab); isixfr = ISNOTIXFR; } if (zp->z_xferpid == XFER_ISAXFRIXFR) { tmpnom= zp->z_source; - purge_zone(zp->z_origin, hashtab, zp->z_class); + purge_zone(zp, hashtab); isixfr = ISNOTIXFR; } @@ -1892,7 +1911,7 @@ reload_master(struct zoneinfo *zp) { (zp->z_flags & Z_NEED_DUMP) != 0)) (void) zonedump(zp, ISNOTIXFR); #endif - purge_zone(zp->z_origin, hashtab, zp->z_class); + purge_zone(zp, hashtab); ns_debug(ns_log_config, 1, "reloading zone"); #ifdef BIND_UPDATE if ((zp->z_flags & Z_DYNAMIC) != 0) { diff --git a/contrib/bind/bin/named/ns_ncache.c b/contrib/bind/bin/named/ns_ncache.c index 8e79793..efabc33 100644 --- a/contrib/bind/bin/named/ns_ncache.c +++ b/contrib/bind/bin/named/ns_ncache.c @@ -1,5 +1,5 @@ #if !defined(lint) && !defined(SABER) -static const char rcsid[] = "$Id: ns_ncache.c,v 8.29.4.1 2002/11/14 13:41:31 marka Exp $"; +static const char rcsid[] = "$Id: ns_ncache.c,v 8.30 2002/11/17 14:51:51 marka Exp $"; #endif /* not lint */ /* diff --git a/contrib/bind/bin/named/ns_parser.y b/contrib/bind/bin/named/ns_parser.y index 79f34b1..c8ddc72 100644 --- a/contrib/bind/bin/named/ns_parser.y +++ b/contrib/bind/bin/named/ns_parser.y @@ -1,6 +1,6 @@ %{ #if !defined(lint) && !defined(SABER) -static char rcsid[] = "$Id: ns_parser.y,v 8.80 2002/05/24 03:05:01 marka Exp $"; +static char rcsid[] = "$Id: ns_parser.y,v 8.81.8.1 2003/06/02 09:56:35 marka Exp $"; #endif /* not lint */ /* @@ -158,6 +158,7 @@ int yyparse(); %token T_MAX_NCACHE_TTL T_HAS_OLD_CLIENTS T_RFC2308_TYPE1 %token T_LAME_TTL T_MIN_ROOTS %token T_TREAT_CR_AS_SPACE +%token T_EDNS_UDP_SIZE /* Items used for the "logging" statement: */ %token T_LOGGING T_CATEGORY T_CHANNEL T_SEVERITY T_DYNAMIC @@ -609,6 +610,16 @@ option: /* Empty */ if ($2 >= 1) current_options->minroots = $2; } + | + | T_EDNS_UDP_SIZE L_NUMBER + { + if ($2 < 512) + current_options->edns_udp_size = 512; + else if ($2 > EDNS_MESSAGE_SZ) + current_options->edns_udp_size = EDNS_MESSAGE_SZ; + else + current_options->edns_udp_size = $2; + } | error ; @@ -711,6 +722,7 @@ ordering_type: /* nothing */ } (void)freestr($2); } + ; ordering_name: /* nothing */ { @@ -726,7 +738,7 @@ ordering_name: /* nothing */ } /* XXX Should do any more name validation here? */ } - + ; rrset_ordering_element: ordering_class ordering_type ordering_name T_ORDER L_STRING { @@ -749,7 +761,7 @@ rrset_ordering_element: ordering_class ordering_type ordering_name T_ORDER L_STR $$ = new_rrset_order_element($1, $2, $3, o); } } - + ; transfer_format: T_ONE_ANSWER { @@ -1434,7 +1446,7 @@ key_list: key_list_element L_EOS | error ; -dummy_key_list_element: key_ref; +dummy_key_list_element: key_ref { /* empty */ } ; dummy_key_list: dummy_key_list_element L_EOS | dummy_key_list dummy_key_list_element L_EOS diff --git a/contrib/bind/bin/named/ns_req.c b/contrib/bind/bin/named/ns_req.c index 3b4a0bf..1272f04 100644 --- a/contrib/bind/bin/named/ns_req.c +++ b/contrib/bind/bin/named/ns_req.c @@ -1,6 +1,6 @@ #if !defined(lint) && !defined(SABER) static const char sccsid[] = "@(#)ns_req.c 4.47 (Berkeley) 7/1/91"; -static const char rcsid[] = "$Id: ns_req.c,v 8.169.2.1 2002/11/14 13:02:48 marka Exp $"; +static const char rcsid[] = "$Id: ns_req.c,v 8.175.6.2 2003/06/02 09:56:35 marka Exp $"; #endif /* not lint */ /* @@ -563,8 +563,9 @@ ns_req(u_char *msg, int msglen, int buflen, struct qstream *qsp, ns_name_rollback(cp, (const u_char **)dnptrs, (const u_char **)dnptrs_end); if (opt > 0) { - n = ns_add_opt(msg, cp, buflen_orig, 0, - rcode, EDNS_MESSAGE_SZ, 0, NULL, 0); + n = ns_add_opt(msg, cp, buflen_orig, 0, rcode, + server_options->edns_udp_size, + 0, NULL, 0); if (n < 0) { hp->qdcount = htons(0); goto sign_again; @@ -604,8 +605,9 @@ ns_req(u_char *msg, int msglen, int buflen, struct qstream *qsp, msglen += n; if (opt > 0) { buflen += opt_size; - n = ns_add_opt(msg, cp, msglen + buflen, 0, - rcode, EDNS_MESSAGE_SZ, 0, NULL, 0); + n = ns_add_opt(msg, cp, msglen + buflen, 0, rcode, + server_options->edns_udp_size, + 0, NULL, 0); INSIST(n > 0); cp += n; buflen -= n; @@ -856,6 +858,9 @@ req_query(HEADER *hp, u_char **cpp, u_char *eom, struct qstream *qsp, DST_KEY *in_key = (in_tsig != NULL) ? in_tsig->key : NULL; int access_class; int adjustlen = 0; + int pass = 0; + char tsig_keyname_mesg[15+MAXDNAME] = ""; + int glueok; nameserIncr(from.sin_addr, nssRcvdQ); @@ -900,7 +905,6 @@ req_query(HEADER *hp, u_char **cpp, u_char *eom, struct qstream *qsp, return (Finish); } *cpp += n; - answers = *cpp; if (*cpp + 2 * INT16SZ > eom) { ns_debug(ns_log_default, 1, "FORMERR Query message length short"); @@ -1017,6 +1021,7 @@ req_query(HEADER *hp, u_char **cpp, u_char *eom, struct qstream *qsp, #endif /*QRYLOG*/ try_again: + pass++; foundname = 0; ns_debug(ns_log_default, 1, "req: nlookup(%s) id %d type=%d class=%d", dname, ntohs(hp->id), type, class); @@ -1303,13 +1308,19 @@ req_query(HEADER *hp, u_char **cpp, u_char *eom, struct qstream *qsp, return (Refuse); } - if (type == ns_t_ixfr) { - ns_info(ns_log_security, "approved %s from %s for \"%s\"", - (ixfr_found) ? p_type(type) : "IXFR/AXFR", - sin_ntoa(from), *dname ? dname : "."); - } else - ns_info(ns_log_security, "approved %s from %s for \"%s\"", - p_type(type), sin_ntoa(from), *dname ? dname : "."); + if (in_key != NULL) + sprintf(tsig_keyname_mesg, " (TSIG key \"%s\")", + in_key->dk_key_name); + + if (type == ns_t_ixfr) + ns_info(ns_log_security, "approved %s from %s for \"%s\"%s", + (ixfr_found) ? p_type(type) : "IXFR/AXFR", + sin_ntoa(from), *dname ? dname : ".", + tsig_keyname_mesg); + else + ns_info(ns_log_security, "approved %s from %s for \"%s\"%s", + p_type(type), sin_ntoa(from), *dname ? dname : ".", + tsig_keyname_mesg); } /* @@ -1354,7 +1365,7 @@ req_query(HEADER *hp, u_char **cpp, u_char *eom, struct qstream *qsp, (dp->d_class == class)) { #ifdef RETURNSOA n = finddata(np, class, T_SOA, hp, &dname, - buflenp, &count); + buflenp, &count, pass, 1); if (n != 0) { if (count) { *cpp += n; @@ -1392,8 +1403,9 @@ req_query(HEADER *hp, u_char **cpp, u_char *eom, struct qstream *qsp, * If not NXDOMAIN, the NOERROR_NODATA record might be * anywhere in the chain. Have to go through the grind. */ - - n = finddata(np, class, type, hp, &dname, buflenp, &count); + glueok = !NS_OPTION_P(OPTION_NORECURSE); + n = finddata(np, class, type, hp, &dname, buflenp, &count, pass, + glueok); if (n == 0) { /* * NO data available. Refuse transfer requests, or @@ -1509,7 +1521,8 @@ req_query(HEADER *hp, u_char **cpp, u_char *eom, struct qstream *qsp, ns_debug(ns_log_default, 3, "req: leaving (%s, rcode %d)", dname, hp->rcode); if (class != C_ANY) { - hp->aa = 1; + if (!cname) + hp->aa = 1; if (np && (!foundname || !founddata)) { n = doaddauth(hp, *cpp, *buflenp, np, nsp[0]); *cpp += n; @@ -2323,9 +2336,9 @@ doaddinfo(HEADER *hp, u_char *msg, int msglen) { loop: for (ap = addinfo, i = 0; i < addcount; ap++, i++) { int auth = 0, + drop = 0, founda = 0, foundaaaa = 0, - founda6 = 0, foundcname = 0, save_count = count, save_msglen = msglen; @@ -2353,12 +2366,11 @@ loop: if (dp->d_class != ap->a_class) continue; if (dp->d_rcode == NXDOMAIN) { - founda = founda6 = foundaaaa = 1; + founda = foundaaaa = 1; continue; } switch (dp->d_type) { case ns_t_a: founda = 1; break; - case ns_t_a6: founda6 = 1; break; case ns_t_aaaa: foundaaaa = 1; break; } if (!dp->d_rcode && dp->d_type == T_CNAME) { @@ -2366,8 +2378,7 @@ loop: break; } if (auth == 0 && ap->a_type == T_A && - (dp->d_type == ns_t_a || dp->d_type == ns_t_a6 || - dp->d_type == ns_t_aaaa) && + (dp->d_type == ns_t_a || dp->d_type == ns_t_aaaa) && (zones[dp->d_zone].z_type == z_master || zones[dp->d_zone].z_type == z_slave)) auth = 1; @@ -2385,8 +2396,7 @@ loop: } if (ap->a_type == T_A && !match(dp, (int)ap->a_class, T_A) && - !match(dp, (int)ap->a_class, T_AAAA) && - !match(dp, (int)ap->a_class, ns_t_a6)) { + !match(dp, (int)ap->a_class, T_AAAA)) { continue; } if (ap->a_type == T_KEY && @@ -2397,6 +2407,8 @@ loop: continue; if (dp->d_rcode) continue; + if (drop) + continue; /* * Should be smart and eliminate duplicate * data here. XXX @@ -2426,7 +2438,14 @@ loop: cp = save_cp; msglen = save_msglen; count = save_count; - break; + /* + * Continue processing list to prevent + * unnecessary fetches for glue. + * Prevent partial RRsets being sent by + * setting drop. + */ + drop = 1; + continue; } ns_debug(ns_log_default, 5, "addinfo: adding address data n = %d", n); @@ -2446,10 +2465,6 @@ loop: (void) sysquery(ap->a_dname, (int)ap->a_class, ns_t_aaaa, NULL, NULL, 0, ns_port, QUERY, 0); - if (!founda6 && !auth) - (void) sysquery(ap->a_dname, (int)ap->a_class, - ns_t_a6, NULL, NULL, 0, ns_port, - QUERY, 0); } if (foundcname) { if (!haveComplained(nhash(ap->a_dname), diff --git a/contrib/bind/bin/named/ns_resp.c b/contrib/bind/bin/named/ns_resp.c index f2d0a7c..0174f9f 100644 --- a/contrib/bind/bin/named/ns_resp.c +++ b/contrib/bind/bin/named/ns_resp.c @@ -1,6 +1,6 @@ #if !defined(lint) && !defined(SABER) static const char sccsid[] = "@(#)ns_resp.c 4.65 (Berkeley) 3/3/91"; -static const char rcsid[] = "$Id: ns_resp.c,v 8.178.2.2 2002/11/14 13:39:13 marka Exp $"; +static const char rcsid[] = "$Id: ns_resp.c,v 8.186.6.4 2003/06/02 09:56:35 marka Exp $"; #endif /* not lint */ /* @@ -270,7 +270,6 @@ ns_resp(u_char *msg, int msglen, struct sockaddr_in from, struct qstream *qsp) int i, c, n, qdcount, ancount, aucount, nscount, arcount, arfirst; int soacount; u_int qtype, qclass; - int restart; /* flag for processing cname response */ int validanswer, dbflags; int cname, lastwascname, externalcname; int count, founddata, foundname; @@ -281,7 +280,7 @@ ns_resp(u_char *msg, int msglen, struct sockaddr_in from, struct qstream *qsp) char *dname, tmpdomain[MAXDNAME]; const char *fname; const char *formerrmsg = "brain damage"; - u_char newmsg[EDNS_MESSAGE_SZ]; + u_char newmsg[NS_MAXMSG]; u_char **dpp, *tp; time_t rtrip; struct hashbuf *htp; @@ -298,6 +297,7 @@ ns_resp(u_char *msg, int msglen, struct sockaddr_in from, struct qstream *qsp) time_t tsig_time; DST_KEY *key; int expect_cname; + int pass = 0; nameserIncr(from.sin_addr, nssRcvdR); nsp[0] = NULL; @@ -905,7 +905,6 @@ tcp_retry: tp = cp; - restart = 0; validanswer = -1; nscount = 0; soacount = 0; @@ -1001,6 +1000,10 @@ tcp_retry: tname = NULL; } + /* Cache for current tick. */ + if (type == T_SOA) + dp->d_ttl = tt.tv_sec; + dp->d_cred = (hp->aa && ns_samename(name, qname) == 1) ? DB_C_AUTH : DB_C_ANSWER; @@ -1048,6 +1051,9 @@ tcp_retry: } if (type == T_SOA) { soacount++; + /* -ve caching only. */ + db_detach(&dp); + continue; } break; case T_NXT: @@ -1182,38 +1188,6 @@ tcp_retry: return; } - if (ancount && count && validanswer != 1) { - /* - * Everything passed validation but we didn't get the - * final answer. The response must have contained - * a dangling CNAME. Force a restart of the query. - * - * Don't set restart if count==0, since this means - * the response was truncated in the answer section, - * causing us to set count to 0 which will cause - * validanswer to be 0 as well even though the answer - * section probably contained valid RRs (just not - * a complete set). - * XXX - this works right if we can just forward this - * response to the client, but not if we found a CNAME - * in a prior response and restarted the query. - */ - restart = 1; - } - - if (!restart && !qp->q_cmsglen && ancount > 1 && qtype == T_A) - sort_response(tp, eom, ancount, &qp->q_from); - - /* - * An answer to a T_ANY query or a successful answer to a - * regular query with no indirection, then just return answer. - */ - if (!restart && ancount && (qtype == T_ANY || !qp->q_cmsglen)) { - ns_debug(ns_log_default, 3, - "resp: got as much answer as there is"); - goto return_msg; - } - /* * We might want to cache this negative answer. * @@ -1289,11 +1263,20 @@ tcp_retry: goto servfail; } cp += n + QFIXEDSZ; - buflen = sizeof(newmsg) - (cp - newmsg); - + buflen = (qp->q_stream != NULL) ? NS_MAXMSG : + MIN(EDNS_MESSAGE_SZ, qp->q_udpsize); + buflen -= (cp - newmsg); + /* + * Reserve space for TSIG / EDNS + */ + if (qp->q_tsig != NULL) + buflen -= qp->q_tsig->tsig_size; + if ((qp->q_flags & Q_EDNS) != 0) + buflen -= 11; cname = 0; try_again: + pass++; ns_debug(ns_log_default, 1, "resp: nlookup(%s) qtype=%d", dname, qtype); foundname = 0; @@ -1316,7 +1299,7 @@ tcp_retry: (dp->d_class == (int)qclass)) { #ifdef RETURNSOA n = finddata(np, qclass, T_SOA, hp, &dname, - &buflen, &count); + &buflen, &count, pass, 1); if ( n != 0) { if (count) { cp += n; @@ -1348,7 +1331,7 @@ tcp_retry: goto fetch_ns; } } - n = finddata(np, qclass, qtype, hp, &dname, &buflen, &count); + n = finddata(np, qclass, qtype, hp, &dname, &buflen, &count, pass, 1); if (n == 0) goto fetch_ns; /* NO data available */ if (hp->rcode) { @@ -1399,7 +1382,8 @@ tcp_retry: if (!foundname) hp->rcode = NXDOMAIN; if (qclass != C_ANY) { - hp->aa = 1; + if (!cname) + hp->aa = 1; if (np && (!foundname || !founddata)) { n = doaddauth(hp, cp, buflen, np, nsp[0]); cp += n; @@ -1553,7 +1537,8 @@ tcp_retry: if (!qp->q_addr[0].noedns) smsglen += ns_add_opt(smsg, smsg + smsglen, smsgsize, 0, 0, - EDNS_MESSAGE_SZ, 0, NULL, 0); + server_options->edns_udp_size, + 0, NULL, 0); if (key != NULL) { n = ns_sign(smsg, &smsglen, smsgsize, NOERROR, key, NULL, 0, sig, &siglen, 0); @@ -2239,7 +2224,7 @@ send_msg(u_char *msg, int msglen, struct qinfo *qp) { if (qp->q_flags & Q_SYSTEM) return (1); - trunc = (qp->q_stream != NULL) ? 65535 : qp->q_udpsize; + trunc = (qp->q_stream != NULL) ? NS_MAXMSG : qp->q_udpsize; if (qp->q_tsig != NULL) adjust += qp->q_tsig->tsig_size; if ((qp->q_flags & Q_EDNS) != 0) @@ -2283,8 +2268,9 @@ send_msg(u_char *msg, int msglen, struct qinfo *qp) { msgsize = msglen; /* silence compiler */ if ((qp->q_flags & Q_EDNS) != 0) - msglen += ns_add_opt(msg, msg + msglen, msgsize, 0, - hp->rcode, EDNS_MESSAGE_SZ, 0, NULL, 0); + msglen += ns_add_opt(msg, msg + msglen, msgsize, 0, hp->rcode, + server_options->edns_udp_size, + 0, NULL, 0); if (qp->q_tsig != NULL) { u_char sig[TSIG_SIG_SIZE]; @@ -2492,6 +2478,7 @@ sysquery(const char *dname, int class, int type, qs->stime = tt; qs->forwarder = 0; qs->noedns = 1; /* XXXMPA */ + qs->lame = 0; qs->nretry = 0; } qp->q_naddr = nsc; @@ -2581,7 +2568,8 @@ sysquery(const char *dname, int class, int type, if (!qp->q_addr[0].noedns) smsglen += ns_add_opt(smsg, smsg + smsglen, smsgsize, 0, 0, - EDNS_MESSAGE_SZ, 0, NULL, 0); + server_options->edns_udp_size, + 0, NULL, 0); if (key != NULL) { n = ns_sign(smsg, &smsglen, smsgsize, NOERROR, key, NULL, 0, @@ -2908,7 +2896,8 @@ findns(struct namebuf **npp, int class, } ns_debug(ns_log_default, 1, "findns: No root nameservers for class %s?", p_class(class)); - if ((unsigned)class < MAXCLASS && norootlogged[class] == 0) { + if (!NS_OPTION_P(OPTION_FORWARD_ONLY) && + (unsigned)class < MAXCLASS && norootlogged[class] == 0) { norootlogged[class] = 1; ns_info(ns_log_default, "No root nameservers for class %s", p_class(class)); @@ -2924,7 +2913,8 @@ findns(struct namebuf **npp, int class, */ int finddata(struct namebuf *np, int class, int type, - HEADER *hp, char **dnamep, int *lenp, int *countp) + HEADER *hp, char **dnamep, int *lenp, int *countp, int pass, + int glueok) { struct databuf *dp; char *cp; @@ -2962,18 +2952,8 @@ finddata(struct namebuf *np, int class, int type, cp = ((char *)hp) + *countp; foundcname = 0; for (dp = np->n_data; dp != NULL; dp = dp->d_next) { - if (!wanted(dp, class, type)) { - if (type == T_CNAME && class == dp->d_class) { - /* any data means no CNAME exists */ - if (dp->d_type != T_NXT && - dp->d_type != T_KEY && - dp->d_type != T_SIG) { - ret = 0; - goto done; - } - } + if (!wanted(dp, class, type)) continue; - } if (dp->d_cred == DB_C_ADDITIONAL) { #ifdef NOADDITIONAL continue; @@ -3003,7 +2983,7 @@ finddata(struct namebuf *np, int class, int type, *dnamep, type, class); continue; } - if (type == T_ANY) + if (type == T_ANY && dp->d_type != T_ANY) continue; hp->rcode = NOERROR_NODATA; if (dp->d_size == 0) { /* !RETURNSOA */ @@ -3038,6 +3018,10 @@ finddata(struct namebuf *np, int class, int type, (!((dp->d_type == T_SIG) || (dp->d_type == T_KEY))) ) continue; + /* Don't return glue (NS/A/AAAA) */ + if (!glueok && findMyZone(np, class) == DB_Z_CACHE) + continue; + if (!defer) { if (foundcname != 0 && dp->d_type == T_CNAME) continue; @@ -3056,6 +3040,16 @@ finddata(struct namebuf *np, int class, int type, if (dp->d_type == T_CNAME) { foundcname = 1; + +#define SETAA(pass, class, dp) \ + (pass == 1 && class != C_ANY && dp->d_zone != DB_Z_CACHE && \ + (zones[dp->d_zone].z_type == z_master || \ + zones[dp->d_zone].z_type == z_slave) && \ + (zones[dp->d_zone].z_flags & Z_AUTH) != 0) + + if (SETAA(pass, class, dp)) + hp->aa = 1; + #define FOLLOWCNAME(type) \ (type != T_KEY) && (type != T_SIG) && (type != T_NXT) && (type != T_ANY) /* don't alias if querying for key, sig, nxt, or any */ @@ -3064,8 +3058,13 @@ finddata(struct namebuf *np, int class, int type, new_dnamep = (char *)dp->d_data; } } else { - if (dp->d_type == T_CNAME) + if (dp->d_type == T_CNAME) { foundcname = 1; + + if (SETAA(pass, class, dp)) + hp->aa = 1; + + } found[found_count++] = dp; } } diff --git a/contrib/bind/bin/named/ns_update.c b/contrib/bind/bin/named/ns_update.c index b2b5b96..1c88e25 100644 --- a/contrib/bind/bin/named/ns_update.c +++ b/contrib/bind/bin/named/ns_update.c @@ -1,5 +1,5 @@ #if !defined(lint) && !defined(SABER) -static const char rcsid[] = "$Id: ns_update.c,v 8.104 2002/05/18 01:02:59 marka Exp $"; +static const char rcsid[] = "$Id: ns_update.c,v 8.106 2002/07/19 22:44:07 marka Exp $"; #endif /* not lint */ /* @@ -1211,7 +1211,7 @@ req_update_private(HEADER *hp, u_char *cp, u_char *eom, u_char *msg, */ if (!ip_addr_or_key_allowed(zp->z_update_acl, from.sin_addr, in_key)) { - ns_notice(ns_log_security, + ns_notice(ns_log_update_security, "denied update from %s for \"%s\" %s", sin_ntoa(from), *dname ? dname : ".", p_class(class)); nameserIncr(from.sin_addr, nssRcvdUUpd); @@ -2638,8 +2638,10 @@ merge_logs(struct zoneinfo *zp, char *logname) { err++; break; } + errno = 0; n = strtoul(buf, &cp, 10); - if (n > 0xffff || *cp != '\0') { + if (errno != 0 || n > 0xffff || + *cp != '\0') { err++; break; } diff --git a/contrib/bind/bin/ndc/ndc.c b/contrib/bind/bin/ndc/ndc.c index d077042..1499184 100644 --- a/contrib/bind/bin/ndc/ndc.c +++ b/contrib/bind/bin/ndc/ndc.c @@ -1,5 +1,5 @@ #if !defined(lint) && !defined(SABER) -static const char rcsid[] = "$Id: ndc.c,v 1.22 2002/06/24 07:28:55 marka Exp $"; +static const char rcsid[] = "$Id: ndc.c,v 1.25 2003/04/03 05:42:10 marka Exp $"; #endif /* not lint */ /* @@ -88,7 +88,7 @@ static void start_named(const char *, int); static int fgetpid(const char *, pid_t *); static int get_sockaddr(const char *, sockaddr_t *); static size_t impute_addrlen(const struct sockaddr *); -static void vtrace(const char *, va_list); +static void vtrace(const char *, va_list) ISC_FORMAT_PRINTF(1, 0); static void trace(const char *, ...) ISC_FORMAT_PRINTF(1, 2); static void result(const char *, ...) ISC_FORMAT_PRINTF(1, 2); static void fatal(const char *, ...) ISC_FORMAT_PRINTF(1, 2); @@ -283,7 +283,7 @@ getargs_closure(void *arg, const char *msg, int flags) { } len = 0; cp = msg + 4; - while (*cp != NULL) { + while (*cp != '\0') { c = *cp; if (c == '%') { cp2 = strchr(hexdigits, cp[1]); @@ -325,7 +325,7 @@ getargs_closure(void *arg, const char *msg, int flags) { } cp = msg + 4; tp = argv->argv[i]; - while (*cp != NULL) { + while (*cp != '\0') { c = *cp; if (c == '%') { cp2 = strchr(hexdigits, cp[1]); @@ -374,6 +374,8 @@ get_args(char **restp) { len = 0; for (i = 1 ; i < argv.argc && argv.argv[i] != NULL; i++) len += strlen(argv.argv[i]) + 1; + if (len == 0) + len = 1; rest = malloc(len); if (rest == NULL) { result = 0; @@ -386,7 +388,8 @@ get_args(char **restp) { *p++ = ' '; } if (p != rest) - p[-1] = '\0'; + p--; + p[0] = '\0'; *restp = rest; err: diff --git a/contrib/bind/bin/nslookup/send.c b/contrib/bind/bin/nslookup/send.c index 738f66a..4afcb56 100644 --- a/contrib/bind/bin/nslookup/send.c +++ b/contrib/bind/bin/nslookup/send.c @@ -53,7 +53,7 @@ #ifndef lint static const char sccsid[] = "@(#)send.c 5.18 (Berkeley) 3/2/91"; -static const char rcsid[] = "$Id: send.c,v 8.14 2002/05/10 04:35:09 marka Exp $"; +static const char rcsid[] = "$Id: send.c,v 8.14.10.1 2003/06/02 05:59:56 marka Exp $"; #endif /* not lint */ /* @@ -181,7 +181,7 @@ SendRequest(union res_sockaddr_union *nsAddrPtr, const u_char *buf, /* * Send length & message */ - __putshort(buflen, (u_char *)&len); + ns_put16(buflen, (u_char *)&len); iov[0].iov_base = (caddr_t)&len; iov[0].iov_len = INT16SZ; DE_CONST(buf, iov[1].iov_base); diff --git a/contrib/bind/bin/nsupdate/nsupdate.c b/contrib/bind/bin/nsupdate/nsupdate.c index c8e8ce8..3a452cc 100644 --- a/contrib/bind/bin/nsupdate/nsupdate.c +++ b/contrib/bind/bin/nsupdate/nsupdate.c @@ -1,5 +1,5 @@ #if !defined(lint) && !defined(SABER) -static const char rcsid[] = "$Id: nsupdate.c,v 8.27 2001/06/18 14:43:46 marka Exp $"; +static const char rcsid[] = "$Id: nsupdate.c,v 8.30 2003/04/03 05:51:07 marka Exp $"; #endif /* not lint */ /* @@ -155,9 +155,6 @@ main(int argc, char **argv) { struct map *mp; ns_updrec *rrecp; ns_updque listuprec; - extern int getopt(); - extern char *optarg; - extern int optind, opterr, optopt; ns_tsig_key key; char *keyfile=NULL, *keyname=NULL; @@ -398,11 +395,15 @@ main(int argc, char **argv) { (void) getword_str(buf2, sizeof buf2, &startp, endp); if (isdigit(buf2[0])) { /* ttl */ - r_ttl = strtoul(buf2, 0, 10); - if (errno == ERANGE && r_ttl == ULONG_MAX) { + u_long tmp_ttl; + errno = 0; + tmp_ttl = strtoul(buf2, 0, 10); + if ((errno == ERANGE && tmp_ttl == ULONG_MAX) || + tmp_ttl > 0x7fffffffUL) { fprintf(stderr, "oversized ttl: %s\n", buf2); exit (1); } + r_ttl = tmp_ttl; (void) getword_str(buf2, sizeof buf2, &startp, endp); } |