From 953a80dc6f3a4fff16c0a8cc56fcd49e74b24dbb Mon Sep 17 00:00:00 2001 From: dougb Date: Fri, 28 Nov 2003 21:58:43 +0000 Subject: Import of ISC BIND version 8.3.7 Approved by: re Requested by: security-officer --- contrib/bind/CHANGES | 5 +++++ contrib/bind/README | 3 +++ contrib/bind/Version | 2 +- contrib/bind/bin/named/ns_init.c | 2 +- contrib/bind/bin/named/ns_resp.c | 14 ++++++++++---- contrib/bind/bin/nslookup/commands.l | 2 -- 6 files changed, 20 insertions(+), 8 deletions(-) diff --git a/contrib/bind/CHANGES b/contrib/bind/CHANGES index 203a4ef..32449f0 100644 --- a/contrib/bind/CHANGES +++ b/contrib/bind/CHANGES @@ -1,4 +1,9 @@ + --- 8.3.7-REL released --- (Wed Sep 3 21:01:37 PDT 2003) + +1581. [bug] apply anti-cache poison techniques to negative + answers. + --- 8.3.6-REL released --- (Sun Jun 8 15:11:32 PDT 2003) 1547. [port] cope with spurious EINVAL from evRead. diff --git a/contrib/bind/README b/contrib/bind/README index 856be7d..75c5166 100644 --- a/contrib/bind/README +++ b/contrib/bind/README @@ -10,6 +10,9 @@ artifacts including BIND, INN, and DHCP. Note that BIND 8 is in "end-of-life", having been replaced by BIND 9. See http://www.isc.org/ for more details. +BIND 8.3.7 Highlights + Security release. + BIND 8.3.6 Highlights Maintenance release. diff --git a/contrib/bind/Version b/contrib/bind/Version index 68b8c56..4ca58f2 100644 --- a/contrib/bind/Version +++ b/contrib/bind/Version @@ -1 +1 @@ -8.3.6-REL +8.3.7-REL diff --git a/contrib/bind/bin/named/ns_init.c b/contrib/bind/bin/named/ns_init.c index a0fce64..8cf0684 100644 --- a/contrib/bind/bin/named/ns_init.c +++ b/contrib/bind/bin/named/ns_init.c @@ -1,6 +1,6 @@ #if !defined(lint) && !defined(SABER) static const char sccsid[] = "@(#)ns_init.c 4.38 (Berkeley) 3/21/91"; -static const char rcsid[] = "$Id: ns_init.c,v 8.77 2002/08/20 04:27:23 marka Exp $"; +static const char rcsid[] = "$Id: ns_init.c,v 8.77.8.2 2003/09/04 04:09:09 marka Exp $"; #endif /* not lint */ /* diff --git a/contrib/bind/bin/named/ns_resp.c b/contrib/bind/bin/named/ns_resp.c index 0174f9f..7bc166a 100644 --- a/contrib/bind/bin/named/ns_resp.c +++ b/contrib/bind/bin/named/ns_resp.c @@ -1,6 +1,6 @@ #if !defined(lint) && !defined(SABER) static const char sccsid[] = "@(#)ns_resp.c 4.65 (Berkeley) 3/3/91"; -static const char rcsid[] = "$Id: ns_resp.c,v 8.186.6.4 2003/06/02 09:56:35 marka Exp $"; +static const char rcsid[] = "$Id: ns_resp.c,v 8.186.6.5 2003/09/04 03:03:18 marka Exp $"; #endif /* not lint */ /* @@ -271,7 +271,7 @@ ns_resp(u_char *msg, int msglen, struct sockaddr_in from, struct qstream *qsp) int soacount; u_int qtype, qclass; int validanswer, dbflags; - int cname, lastwascname, externalcname; + int cname, lastwascname, externalcname, cachenegative; int count, founddata, foundname; int buflen; int newmsglen; @@ -911,6 +911,7 @@ tcp_retry: cname = 0; lastwascname = 0; externalcname = 0; + cachenegative = 1; strcpy(aname, qname); if (count) { @@ -980,6 +981,7 @@ tcp_retry: name); db_detach(&dp); validanswer = 0; + cachenegative = 0; continue; } if (type == T_CNAME && @@ -1014,6 +1016,7 @@ tcp_retry: "last was cname, ignoring auth. and add."); db_detach(&dp); validanswer = 0; + cachenegative = 0; break; } if (i < arfirst) { @@ -1029,6 +1032,7 @@ tcp_retry: sin_ntoa(from)); db_detach(&dp); validanswer = 0; + cachenegative = 0; continue; } else if (!ns_samedomain(name, qp->q_domain)) { @@ -1042,6 +1046,7 @@ tcp_retry: sin_ntoa(from)); db_detach(&dp); validanswer = 0; + cachenegative = 0; continue; } if (type == T_NS) { @@ -1205,8 +1210,9 @@ tcp_retry: ) ) { - cache_n_resp(msg, msglen, from, qp->q_name, - qp->q_class, qp->q_type); + if (cachenegative) + cache_n_resp(msg, msglen, from, qp->q_name, + qp->q_class, qp->q_type); if (!qp->q_cmsglen && validanswer) { ns_debug(ns_log_default, 3, diff --git a/contrib/bind/bin/nslookup/commands.l b/contrib/bind/bin/nslookup/commands.l index 7abf7d3..014e79c 100644 --- a/contrib/bind/bin/nslookup/commands.l +++ b/contrib/bind/bin/nslookup/commands.l @@ -77,7 +77,6 @@ static char sccsid[] = "@(#)commands.l 5.13 (Berkeley) 7/24/90"; * exit - exit the program * root - set default server to the root * ls NAME - list the domain NAME - * view FILE - sorts and view the file with more * set OPTION - set an option * help - print help information * ? - print help information @@ -102,7 +101,6 @@ static char sccsid[] = "@(#)commands.l 5.13 (Berkeley) 7/24/90"; extern char rootServerName[]; extern void PrintHelp(); -extern void ViewList(char *); %} WS [ \t] -- cgit v1.1