summaryrefslogtreecommitdiffstats
path: root/usr.sbin/named/ns_validate.c
diff options
context:
space:
mode:
Diffstat (limited to 'usr.sbin/named/ns_validate.c')
-rw-r--r--usr.sbin/named/ns_validate.c97
1 files changed, 48 insertions, 49 deletions
diff --git a/usr.sbin/named/ns_validate.c b/usr.sbin/named/ns_validate.c
index 358fcb8..8142bdc 100644
--- a/usr.sbin/named/ns_validate.c
+++ b/usr.sbin/named/ns_validate.c
@@ -10,8 +10,11 @@
#include <sys/param.h>
#include <sys/socket.h>
#include <sys/file.h>
+
#include <netinet/in.h>
#include <arpa/nameser.h>
+#include <arpa/inet.h>
+
#include <syslog.h>
#include <errno.h>
#include <stdio.h>
@@ -50,7 +53,7 @@ static int VQcount;
* VALID_NO_CACHE if the name is something we are authoritative for.
*
* pseudocode for function validate is as follows:
- * validate(domain, server, type, class, data, dlen, rcode) {
+ * validate(domain, qdomain, server, type, class, data, dlen, rcode) {
*
* if (dname or a higher level name not found in cache)
* return INVALID;
@@ -63,8 +66,10 @@ static int VQcount;
* if (data agrees with what we have)
* return VALID_NO_CACHE;
* else return INVALID;
- *
- * if (we are not authoritative) /findns() returned OK;/
+ *
+ * if (we are not authoritative) /findns() returned OK;/
+ * if (domain lives below the qdomain)
+ * return VALID_CACHE;
* if (address records for NS's found in cache){
* if ("server" = one of the addresses){
* return VALID_CACHE;
@@ -88,15 +93,14 @@ static int VQcount;
* we have needs_prime_cache = 0;
*****************************************************************************/
int
-validate(dname, server, type, class, data, dlen
+validate(dname, qdomain, server, type, class, data, dlen
#ifdef NCACHE
,rcode
#endif
)
- char *dname;
+ char *dname, *qdomain;
struct sockaddr_in *server;
- int type;
- int class;
+ int type, class;
char *data;
int dlen;
#ifdef NCACHE
@@ -107,7 +111,7 @@ validate(dname, server, type, class, data, dlen
struct hashbuf *htp;
struct databuf *nsp[NSMAX];
int count;
- char *fname;
+ const char *fname;
int exactmatch = 0;
struct fwdinfo *fwd;
@@ -133,10 +137,8 @@ validate(dname, server, type, class, data, dlen
/* we were able to locate namebufs for this domain, or a parent domain,
* or ??? */
- if (np == NULL) {
- fname = (char *)malloc(1);
- fname[0] = '\0';
- }
+ if (np == NULL)
+ fname = "";
dprintf(5, (ddt,
"validate:namebuf found np:%#lx, d:\"%s\", f:\"%s\"\n",
(u_long)np, dname, fname));
@@ -145,8 +147,6 @@ validate(dname, server, type, class, data, dlen
dnamep = np;
exactmatch = 1;
}
- if (np == NULL && fname != NULL)
- free((char *)fname);
switch (findns(&np, class, nsp, &count, 0)) {
case NXDOMAIN:
/** we are authoritative for this domain, lookup name
@@ -216,12 +216,11 @@ validate(dname, server, type, class, data, dlen
return (INVALID);
case OK: /*proceed */
- dprintf(5,
- (ddt,
- "validate:found ns records:calling check_addr_ns\n"));
+ dprintf(5, (ddt, "validate:found ns records\n"));
if (needs_prime_cache)
needs_prime_cache = 0;
- if (check_addr_ns(nsp, server, dname)) {
+ if (samedomain(dname, qdomain) ||
+ check_addr_ns(nsp, server, dname)) {
#ifdef DATUMREFCNT
free_nsp(nsp);
#endif
@@ -390,8 +389,8 @@ isvalid(np, type, class, data, dlen)
if (x != 0)
break;
td += (strlen(td) + 1);
- tdp += (strlen(tdp) + 1);
-
+ tdp += (strlen((char *)tdp) + 1);
+
/* compare second string */
x = strncasecmp(td, (char *)tdp,
strlen((char *)td+1));
@@ -436,9 +435,8 @@ check_addr_ns(nsp, server, dname)
struct in_addr *saddr = &(server->sin_addr);
struct databuf **nsdp;
- dprintf(5, (ddt,
- "check_addr_ns: s:[%s], db:0x%x, d:\"%s\"\n",
- inet_ntoa(*saddr), nsp, dname));
+ dprintf(5, (ddt, "check_addr_ns: s:[%s], db:0x%lx, d:\"%s\"\n",
+ inet_ntoa(*saddr), (u_long)nsp, dname));
for(i = lastNA; i != firstNA; i = (i+1) % MAXNAMECACHE) {
if (!bcmp((char *)saddr,
@@ -484,13 +482,13 @@ check_in_tables(nsp, server, syslogdname)
register struct namebuf *np;
register struct databuf *dp, *nsdp;
struct hashbuf *tmphtp;
- char *dname, *fname;
+ const char *dname, *fname;
int class;
int qcomp();
-
- dprintf(3, (ddt, "check_in_tables(nsp=x%x,qp=x%x,'%s')\n",
- nsp, server, syslogdname));
-
+
+ dprintf(3, (ddt, "check_in_tables(nsp=x%lx, qp=x%x, '%s')\n",
+ (u_long)nsp, server, syslogdname));
+
while ((nsdp = *nsp++) != NULL) {
class = nsdp->d_class;
dname = (char *)nsdp->d_data;
@@ -532,10 +530,10 @@ check_in_tables(nsp, server, syslogdname)
*************************************************************************/
void
store_name_addr(servername, serveraddr, syslogdname, sysloginfo)
- char *servername;
+ const char *servername;
struct in_addr serveraddr;
- char *syslogdname;
- char *sysloginfo;
+ const char *syslogdname;
+ const char *sysloginfo;
{
int i;
@@ -575,17 +573,13 @@ store_name_addr(servername, serveraddr, syslogdname, sysloginfo)
syslogdname);
#endif
free(nameaddrlist[i].nsname);
- nameaddrlist[i].nsname =
- (char *)malloc((unsigned)strlen(servername)+1);
- strcpy(nameaddrlist[i].nsname, servername);
+ nameaddrlist[i].nsname = savestr(servername);
return;
}
}
/* we have to add this one to our cache */
- nameaddrlist[firstNA].nsname =
- (char *)malloc((unsigned)strlen(servername)+1);
- strcpy(nameaddrlist[firstNA].nsname, servername);
+ nameaddrlist[firstNA].nsname = savestr(servername);
bcopy((char *)&serveraddr,
(char *)&(nameaddrlist[firstNA].ns_addr),
INADDRSZ);
@@ -613,9 +607,10 @@ store_name_addr(servername, serveraddr, syslogdname, sysloginfo)
* delete/keep the record from the outgoing message.
*/
int
-dovalidate(msg, msglen, rrp, zone, flags, server, VCode)
+dovalidate(msg, msglen, rrp, zone, flags, qdomain, server, VCode)
u_char *msg, *rrp;
int msglen, zone, flags;
+ char *qdomain;
struct sockaddr_in *server;
int *VCode;
{
@@ -783,7 +778,7 @@ dovalidate(msg, msglen, rrp, zone, flags, server, VCode)
return (-1);
}
- *VCode = validate(dname, server, type, class,(char *)cp1, n
+ *VCode = validate(dname, qdomain, server, type, class,(char *)cp1, n
#ifdef NCACHE
,NOERROR
#endif
@@ -821,12 +816,12 @@ stick_in_queue(dname, type, class, data)
if (validateQ == NULL) {
validateQ = (TO_Validate *)malloc(sizeof(TO_Validate));
+ if (!validateQ)
+ panic(errno, "malloc(validateQ)");
validateQ->type = type;
validateQ->class = class;
- validateQ->dname = malloc((unsigned)strlen(dname)+1);
- strcpy(validateQ->dname, dname);
- validateQ->data = malloc((unsigned)strlen(data)+1);
- strcpy(validateQ->data, data);
+ validateQ->dname = savestr(dname);
+ validateQ->data = savestr(data); /* XXX no \0 */
gettimeofday(&tp, &tzp);
validateQ->time = tp.tv_sec;
VQcount = 1;
@@ -836,12 +831,12 @@ stick_in_queue(dname, type, class, data)
}
if (VQcount < MAXVQ) {
tempVQ =(TO_Validate *)malloc(sizeof(TO_Validate));
+ if (!tempVQ)
+ panic(errno, "malloc(tempVQ)");
tempVQ->type = type;
tempVQ->class = class;
- tempVQ->dname = malloc((unsigned)strlen(dname)+1);
- strcpy(tempVQ->dname, dname);
- tempVQ->data = malloc((unsigned)strlen(data)+1);
- strcpy(tempVQ->data, data);
+ tempVQ->dname = savestr(dname);
+ tempVQ->data = savestr(data); /* XXX no \0 */
gettimeofday(&tp,&tzp);
tempVQ->time = tp.tv_sec;
tempVQ->next = currentVQ->next;
@@ -879,7 +874,8 @@ stick_in_queue(dname, type, class, data)
return;
}
#endif
-
+
+#ifdef BAD_IDEA
/* removes any INVALID RR's from the msg being returned, updates msglen to
* reflect the new message length.
*/
@@ -935,6 +931,8 @@ update_msg(msg, msglen, Vlist, c)
dprintf(2, (ddt, "update_msg: NEEDS updating:\n"));
RRlen = (int *)malloc((unsigned)c*sizeof(int));
+ if (!RRlen)
+ panic(errno, "malloc(RRlen)");
hp = (HEADER *)msg;
new_ancount = ancount = ntohs(hp->ancount);
new_nscount = nscount = ntohs(hp->nscount);
@@ -945,7 +943,7 @@ update_msg(msg, msglen, Vlist, c)
/* skip the query section */
qlen = dn_expand(msg, eom, cp, qname, sizeof qname);
if (qlen <= 0) {
- dprintf(2, (ddt, "dn_skipname() failed, bad record\n"));
+ dprintf(2, (ddt, "dn_expand() failed, bad record\n"));
goto badend;
}
cp +=qlen;
@@ -1242,5 +1240,6 @@ badend:
free((char *)RRlen);
return (-1);
}
+#endif /*BAD_IDEA*/
#endif /*VALIDATE*/
OpenPOWER on IntegriCloud