initial commit of file from CVS for djbdns on Fri 14 Jul 13:46:46 BST 2023
This commit is contained in:
parent
2c2c4a9381
commit
49e72ff364
1
.gitattributes
vendored
Normal file
1
.gitattributes
vendored
Normal file
@ -0,0 +1 @@
|
|||||||
|
*.tar.gz filter=lfs diff=lfs merge=lfs -text
|
3
.gitignore
vendored
Normal file
3
.gitignore
vendored
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
*.rpm
|
||||||
|
*.log
|
||||||
|
*spec-20*
|
19
020-dnsroots-update.patch
Normal file
19
020-dnsroots-update.patch
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
--- a/dnsroots.global
|
||||||
|
+++ b/dnsroots.global
|
||||||
|
@@ -1,5 +1,5 @@
|
||||||
|
198.41.0.4
|
||||||
|
-128.9.0.107
|
||||||
|
+192.228.79.201
|
||||||
|
192.33.4.12
|
||||||
|
128.8.10.90
|
||||||
|
192.203.230.10
|
||||||
|
@@ -7,7 +7,7 @@
|
||||||
|
192.112.36.4
|
||||||
|
128.63.2.53
|
||||||
|
192.36.148.17
|
||||||
|
-198.41.0.10
|
||||||
|
+192.58.128.30
|
||||||
|
193.0.14.129
|
||||||
|
-198.32.64.12
|
||||||
|
+199.7.83.42
|
||||||
|
202.12.27.33
|
135
030-srv-records-and-axfrget.patch
Normal file
135
030-srv-records-and-axfrget.patch
Normal file
@ -0,0 +1,135 @@
|
|||||||
|
From: Michael Handler <handler@sub-rosa.com>
|
||||||
|
To: dns@list.cr.yp.to
|
||||||
|
Subject: tinydns-data SRV & axfr-get SRV/PTR patches
|
||||||
|
Date: Thu, 14 Sep 2000 20:37:50 -0400
|
||||||
|
|
||||||
|
Here's a combined patch that:
|
||||||
|
|
||||||
|
a) adds a native SRV type to tinydns-data
|
||||||
|
|
||||||
|
Sfqdn:ip:x:port:weight:priority:ttl:timestamp
|
||||||
|
|
||||||
|
Standard rules for ip, x, ttl, and timestamp apply. Port, weight, and
|
||||||
|
priority all range from 0-65535. Weight and priority are optional; they
|
||||||
|
default to zero if not provided.
|
||||||
|
|
||||||
|
Sconsole.zoinks.example.com:1.2.3.4:rack102-con1:2001:69:7:300:
|
||||||
|
|
||||||
|
b) makes axfr-get decompose SRV and PTR records and write them out in
|
||||||
|
native format, rather than opaque. Again, this is necessary because if the
|
||||||
|
DNAME fields in the records reference the same zone as fqdn, they can have
|
||||||
|
compression pointers that are bogus outside the context of that specific
|
||||||
|
packet, and which can't be correctly loaded into data.cdb by tinydns-data.
|
||||||
|
|
||||||
|
--michael
|
||||||
|
|
||||||
|
Laurent G. Bercot <ska-djbdns@skarnet.org> updated it for djbdns-1.05:
|
||||||
|
|
||||||
|
--- a/axfr-get.c
|
||||||
|
+++ b/axfr-get.c
|
||||||
|
@@ -209,6 +209,26 @@ unsigned int doit(char *buf,unsigned int
|
||||||
|
if (!stralloc_cats(&line,".:")) return 0;
|
||||||
|
if (!stralloc_catulong0(&line,dist,0)) return 0;
|
||||||
|
}
|
||||||
|
+ else if (byte_equal(data,2,DNS_T_SRV)) {
|
||||||
|
+ uint16 dist, weight, port;
|
||||||
|
+ if (!stralloc_copys(&line,"S")) return 0;
|
||||||
|
+ if (!dns_domain_todot_cat(&line,d1)) return 0;
|
||||||
|
+ if (!stralloc_cats(&line,"::")) return 0;
|
||||||
|
+ pos = x_copy(buf,len,pos,data,2);
|
||||||
|
+ uint16_unpack_big(data,&dist);
|
||||||
|
+ pos = x_copy(buf,len,pos,data,2);
|
||||||
|
+ uint16_unpack_big(data,&weight);
|
||||||
|
+ pos = x_copy(buf,len,pos,data,2);
|
||||||
|
+ uint16_unpack_big(data,&port);
|
||||||
|
+ x_getname(buf,len,pos,&d1);
|
||||||
|
+ if (!dns_domain_todot_cat(&line,d1)) return 0;
|
||||||
|
+ if (!stralloc_cats(&line,".:")) return 0;
|
||||||
|
+ if (!stralloc_catulong0(&line,dist,0)) return 0;
|
||||||
|
+ if (!stralloc_cats(&line,":")) return 0;
|
||||||
|
+ if (!stralloc_catulong0(&line,weight,0)) return 0;
|
||||||
|
+ if (!stralloc_cats(&line,":")) return 0;
|
||||||
|
+ if (!stralloc_catulong0(&line,port,0)) return 0;
|
||||||
|
+ }
|
||||||
|
else if (byte_equal(data,2,DNS_T_A) && (dlen == 4)) {
|
||||||
|
char ipstr[IP4_FMT];
|
||||||
|
if (!stralloc_copys(&line,"+")) return 0;
|
||||||
|
@@ -217,6 +237,14 @@ unsigned int doit(char *buf,unsigned int
|
||||||
|
x_copy(buf,len,pos,data,4);
|
||||||
|
if (!stralloc_catb(&line,ipstr,ip4_fmt(ipstr,data))) return 0;
|
||||||
|
}
|
||||||
|
+ else if (byte_equal(data,2,DNS_T_PTR)) {
|
||||||
|
+ if (!stralloc_copys(&line,"^")) return 0;
|
||||||
|
+ if (!dns_domain_todot_cat(&line,d1)) return 0;
|
||||||
|
+ if (!stralloc_cats(&line,":")) return 0;
|
||||||
|
+ x_getname(buf,len,pos,&d1);
|
||||||
|
+ if (!dns_domain_todot_cat(&line,d1)) return 0;
|
||||||
|
+ if (!stralloc_cats(&line,".")) return 0;
|
||||||
|
+ }
|
||||||
|
else {
|
||||||
|
unsigned char ch;
|
||||||
|
unsigned char ch2;
|
||||||
|
--- a/dns.h
|
||||||
|
+++ b/dns.h
|
||||||
|
@@ -20,6 +20,7 @@
|
||||||
|
#define DNS_T_SIG "\0\30"
|
||||||
|
#define DNS_T_KEY "\0\31"
|
||||||
|
#define DNS_T_AAAA "\0\34"
|
||||||
|
+#define DNS_T_SRV "\0\41"
|
||||||
|
#define DNS_T_AXFR "\0\374"
|
||||||
|
#define DNS_T_ANY "\0\377"
|
||||||
|
|
||||||
|
--- a/tinydns-data.c
|
||||||
|
+++ b/tinydns-data.c
|
||||||
|
@@ -196,6 +196,7 @@ int main()
|
||||||
|
char type[2];
|
||||||
|
char soa[20];
|
||||||
|
char buf[4];
|
||||||
|
+ char srv[6];
|
||||||
|
|
||||||
|
umask(022);
|
||||||
|
|
||||||
|
@@ -369,6 +370,43 @@ int main()
|
||||||
|
rr_finish(d2);
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
+
|
||||||
|
+ case 'S':
|
||||||
|
+ if (!dns_domain_fromdot(&d1,f[0].s,f[0].len)) nomem();
|
||||||
|
+ if (!stralloc_0(&f[6])) nomem();
|
||||||
|
+ if (!scan_ulong(f[6].s,&ttl)) ttl = TTL_POSITIVE;
|
||||||
|
+ ttdparse(&f[7],ttd);
|
||||||
|
+ locparse(&f[8],loc);
|
||||||
|
+
|
||||||
|
+ if (!stralloc_0(&f[1])) nomem();
|
||||||
|
+
|
||||||
|
+ if (byte_chr(f[2].s,f[2].len,'.') >= f[2].len) {
|
||||||
|
+ if (!stralloc_cats(&f[2],".srv.")) nomem();
|
||||||
|
+ if (!stralloc_catb(&f[2],f[0].s,f[0].len)) nomem();
|
||||||
|
+ }
|
||||||
|
+ if (!dns_domain_fromdot(&d2,f[2].s,f[2].len)) nomem();
|
||||||
|
+
|
||||||
|
+ if (!stralloc_0(&f[4])) nomem();
|
||||||
|
+ if (!scan_ulong(f[4].s,&u)) u = 0;
|
||||||
|
+ uint16_pack_big(srv,u);
|
||||||
|
+ if (!stralloc_0(&f[5])) nomem();
|
||||||
|
+ if (!scan_ulong(f[5].s,&u)) u = 0;
|
||||||
|
+ uint16_pack_big(srv + 2,u);
|
||||||
|
+ if (!stralloc_0(&f[3])) nomem();
|
||||||
|
+ if (!scan_ulong(f[3].s,&u)) nomem();
|
||||||
|
+ uint16_pack_big(srv + 4,u);
|
||||||
|
+
|
||||||
|
+ rr_start(DNS_T_SRV,ttl,ttd,loc);
|
||||||
|
+ rr_add(srv,6);
|
||||||
|
+ rr_addname(d2);
|
||||||
|
+ rr_finish(d1);
|
||||||
|
+
|
||||||
|
+ if (ip4_scan(f[1].s,ip)) {
|
||||||
|
+ rr_start(DNS_T_A,ttl,ttd,loc);
|
||||||
|
+ rr_add(ip,4);
|
||||||
|
+ rr_finish(d2);
|
||||||
|
+ }
|
||||||
|
+ break;
|
||||||
|
|
||||||
|
case '^': case 'C':
|
||||||
|
if (!dns_domain_fromdot(&d1,f[0].s,f[0].len)) nomem();
|
22
050-tinydns-mmap-leak.patch
Normal file
22
050-tinydns-mmap-leak.patch
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
--- a/tdlookup.c
|
||||||
|
+++ b/tdlookup.c
|
||||||
|
@@ -298,9 +298,17 @@ int respond(char *q,char qtype[2],char i
|
||||||
|
if (!r) r = cdb_find(&c,key,4);
|
||||||
|
if (!r) r = cdb_find(&c,key,3);
|
||||||
|
if (!r) r = cdb_find(&c,key,2);
|
||||||
|
- if (r == -1) return 0;
|
||||||
|
+ if (r == -1) {
|
||||||
|
+ cdb_free(&c);
|
||||||
|
+ close(fd);
|
||||||
|
+ return 0;
|
||||||
|
+ }
|
||||||
|
if (r && (cdb_datalen(&c) == 2))
|
||||||
|
- if (cdb_read(&c,clientloc,2,cdb_datapos(&c)) == -1) return 0;
|
||||||
|
+ if (cdb_read(&c,clientloc,2,cdb_datapos(&c)) == -1) {
|
||||||
|
+ cdb_free(&c);
|
||||||
|
+ close(fd);
|
||||||
|
+ return 0;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
r = doit(q,qtype);
|
||||||
|
|
11
060-dnscache-big-udp-packets.patch
Normal file
11
060-dnscache-big-udp-packets.patch
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
--- a/dns_transmit.c
|
||||||
|
+++ b/dns_transmit.c
|
||||||
|
@@ -240,7 +240,7 @@ void dns_transmit_io(struct dns_transmit
|
||||||
|
|
||||||
|
int dns_transmit_get(struct dns_transmit *d,const iopause_fd *x,const struct taia *when)
|
||||||
|
{
|
||||||
|
- char udpbuf[513];
|
||||||
|
+ char udpbuf[4097];
|
||||||
|
unsigned char ch;
|
||||||
|
int r;
|
||||||
|
int fd;
|
10
070-dnscache-dpos-tcp-servfail.patch
Normal file
10
070-dnscache-dpos-tcp-servfail.patch
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
--- a/dns_transmit.c
|
||||||
|
+++ b/dns_transmit.c
|
||||||
|
@@ -166,6 +166,7 @@ static int thistcp(struct dns_transmit *
|
||||||
|
taia_uint(&d->deadline,10);
|
||||||
|
taia_add(&d->deadline,&d->deadline,&now);
|
||||||
|
if (socket_connect4(d->s1 - 1,ip,53) == 0) {
|
||||||
|
+ d->pos = 0;
|
||||||
|
d->tcpstate = 2;
|
||||||
|
return 0;
|
||||||
|
}
|
41
080-dnscache-cache-negatives.patch
Normal file
41
080-dnscache-cache-negatives.patch
Normal file
@ -0,0 +1,41 @@
|
|||||||
|
--- a/query.c
|
||||||
|
+++ b/query.c
|
||||||
|
@@ -193,6 +193,7 @@ static int doit(struct query *z,int stat
|
||||||
|
int k;
|
||||||
|
int p;
|
||||||
|
int q;
|
||||||
|
+ uint32 cachettl;
|
||||||
|
|
||||||
|
errno = error_io;
|
||||||
|
if (state == 1) goto HAVEPACKET;
|
||||||
|
@@ -470,6 +471,7 @@ static int doit(struct query *z,int stat
|
||||||
|
rcode = header[3] & 15;
|
||||||
|
if (rcode && (rcode != 3)) goto DIE; /* impossible; see irrelevant() */
|
||||||
|
|
||||||
|
+ cachettl = 0;
|
||||||
|
flagout = 0;
|
||||||
|
flagcname = 0;
|
||||||
|
flagreferral = 0;
|
||||||
|
@@ -512,6 +514,11 @@ static int doit(struct query *z,int stat
|
||||||
|
|
||||||
|
uint16_unpack_big(header + 8,&datalen);
|
||||||
|
pos += datalen;
|
||||||
|
+
|
||||||
|
+ if (flagsoa && (pos <= len)) {
|
||||||
|
+ cachettl = ttlget(buf + pos - 4);
|
||||||
|
+ if (soattl < cachettl) cachettl = soattl;
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
posglue = pos;
|
||||||
|
|
||||||
|
@@ -689,8 +696,8 @@ static int doit(struct query *z,int stat
|
||||||
|
}
|
||||||
|
|
||||||
|
if (rcode == 3) {
|
||||||
|
- log_nxdomain(whichserver,d,soattl);
|
||||||
|
- cachegeneric(DNS_T_ANY,d,"",0,soattl);
|
||||||
|
+ log_nxdomain(whichserver,d,cachettl);
|
||||||
|
+ cachegeneric(DNS_T_ANY,d,"",0,cachettl);
|
||||||
|
|
||||||
|
NXDOMAIN:
|
||||||
|
if (z->level) goto LOWERLEVEL;
|
40
090-tinydns-one-second.patch
Normal file
40
090-tinydns-one-second.patch
Normal file
@ -0,0 +1,40 @@
|
|||||||
|
--- a/tdlookup.c
|
||||||
|
+++ b/tdlookup.c
|
||||||
|
@@ -280,15 +280,24 @@ static int doit(char *q,char qtype[2])
|
||||||
|
|
||||||
|
int respond(char *q,char qtype[2],char ip[4])
|
||||||
|
{
|
||||||
|
- int fd;
|
||||||
|
+ static struct tai cdb_valid = { 0 };
|
||||||
|
+ static int fd = -1;
|
||||||
|
+ struct tai one_second;
|
||||||
|
int r;
|
||||||
|
char key[6];
|
||||||
|
|
||||||
|
tai_now(&now);
|
||||||
|
- fd = open_read("data.cdb");
|
||||||
|
- if (fd == -1) return 0;
|
||||||
|
- cdb_init(&c,fd);
|
||||||
|
-
|
||||||
|
+ if (tai_less(&cdb_valid, &now)) {
|
||||||
|
+ if (fd != -1) {
|
||||||
|
+ cdb_free(&c);
|
||||||
|
+ close(fd);
|
||||||
|
+ }
|
||||||
|
+ fd = open_read("data.cdb");
|
||||||
|
+ if (fd == -1) return 0;
|
||||||
|
+ cdb_init(&c,fd);
|
||||||
|
+ tai_uint(&one_second, 1);
|
||||||
|
+ tai_add(&cdb_valid, &now, &one_second);
|
||||||
|
+ }
|
||||||
|
byte_zero(clientloc,2);
|
||||||
|
key[0] = 0;
|
||||||
|
key[1] = '%';
|
||||||
|
@@ -312,7 +321,5 @@ int respond(char *q,char qtype[2],char i
|
||||||
|
|
||||||
|
r = doit(q,qtype);
|
||||||
|
|
||||||
|
- cdb_free(&c);
|
||||||
|
- close(fd);
|
||||||
|
return r;
|
||||||
|
}
|
93
120-compiler-temporary-filename.patch
Normal file
93
120-compiler-temporary-filename.patch
Normal file
@ -0,0 +1,93 @@
|
|||||||
|
--- a/pickdns-data.c
|
||||||
|
+++ b/pickdns-data.c
|
||||||
|
@@ -123,7 +123,7 @@ void syntaxerror(const char *why)
|
||||||
|
}
|
||||||
|
void die_datatmp(void)
|
||||||
|
{
|
||||||
|
- strerr_die2sys(111,FATAL,"unable to create data.tmp: ");
|
||||||
|
+ strerr_die2sys(111,FATAL,"unable to create data.cdb.tmp: ");
|
||||||
|
}
|
||||||
|
|
||||||
|
int main()
|
||||||
|
@@ -142,7 +142,7 @@ int main()
|
||||||
|
if (fd == -1) strerr_die2sys(111,FATAL,"unable to open data: ");
|
||||||
|
buffer_init(&b,buffer_unixread,fd,bspace,sizeof bspace);
|
||||||
|
|
||||||
|
- fdcdb = open_trunc("data.tmp");
|
||||||
|
+ fdcdb = open_trunc("data.cdb.tmp");
|
||||||
|
if (fdcdb == -1) die_datatmp();
|
||||||
|
if (cdb_make_start(&cdb,fdcdb) == -1) die_datatmp();
|
||||||
|
|
||||||
|
@@ -223,8 +223,8 @@ int main()
|
||||||
|
if (cdb_make_finish(&cdb) == -1) die_datatmp();
|
||||||
|
if (fsync(fdcdb) == -1) die_datatmp();
|
||||||
|
if (close(fdcdb) == -1) die_datatmp(); /* NFS stupidity */
|
||||||
|
- if (rename("data.tmp","data.cdb") == -1)
|
||||||
|
- strerr_die2sys(111,FATAL,"unable to move data.tmp to data.cdb: ");
|
||||||
|
+ if (rename("data.cdb.tmp","data.cdb") == -1)
|
||||||
|
+ strerr_die2sys(111,FATAL,"unable to move data.cdb.tmp to data.cdb: ");
|
||||||
|
|
||||||
|
_exit(0);
|
||||||
|
}
|
||||||
|
--- a/rbldns-data.c
|
||||||
|
+++ b/rbldns-data.c
|
||||||
|
@@ -42,7 +42,7 @@ void syntaxerror(const char *why)
|
||||||
|
}
|
||||||
|
void die_datatmp(void)
|
||||||
|
{
|
||||||
|
- strerr_die2sys(111,FATAL,"unable to create data.tmp: ");
|
||||||
|
+ strerr_die2sys(111,FATAL,"unable to create data.cdb.tmp: ");
|
||||||
|
}
|
||||||
|
|
||||||
|
int main()
|
||||||
|
@@ -59,7 +59,7 @@ int main()
|
||||||
|
if (fd == -1) strerr_die2sys(111,FATAL,"unable to open data: ");
|
||||||
|
buffer_init(&b,buffer_unixread,fd,bspace,sizeof bspace);
|
||||||
|
|
||||||
|
- fdcdb = open_trunc("data.tmp");
|
||||||
|
+ fdcdb = open_trunc("data.cdb.tmp");
|
||||||
|
if (fdcdb == -1) die_datatmp();
|
||||||
|
if (cdb_make_start(&cdb,fdcdb) == -1) die_datatmp();
|
||||||
|
|
||||||
|
@@ -121,8 +121,8 @@ int main()
|
||||||
|
if (cdb_make_finish(&cdb) == -1) die_datatmp();
|
||||||
|
if (fsync(fdcdb) == -1) die_datatmp();
|
||||||
|
if (close(fdcdb) == -1) die_datatmp(); /* NFS stupidity */
|
||||||
|
- if (rename("data.tmp","data.cdb") == -1)
|
||||||
|
- strerr_die2sys(111,FATAL,"unable to move data.tmp to data.cdb: ");
|
||||||
|
+ if (rename("data.cdb.tmp","data.cdb") == -1)
|
||||||
|
+ strerr_die2sys(111,FATAL,"unable to move data.cdb.tmp to data.cdb: ");
|
||||||
|
|
||||||
|
_exit(0);
|
||||||
|
}
|
||||||
|
--- a/tinydns-data.c
|
||||||
|
+++ b/tinydns-data.c
|
||||||
|
@@ -27,7 +27,7 @@
|
||||||
|
|
||||||
|
void die_datatmp(void)
|
||||||
|
{
|
||||||
|
- strerr_die2sys(111,FATAL,"unable to create data.tmp: ");
|
||||||
|
+ strerr_die2sys(111,FATAL,"unable to create data.cdb.tmp: ");
|
||||||
|
}
|
||||||
|
void nomem(void)
|
||||||
|
{
|
||||||
|
@@ -207,7 +207,7 @@ int main()
|
||||||
|
|
||||||
|
buffer_init(&b,buffer_unixread,fddata,bspace,sizeof bspace);
|
||||||
|
|
||||||
|
- fdcdb = open_trunc("data.tmp");
|
||||||
|
+ fdcdb = open_trunc("data.cdb.tmp");
|
||||||
|
if (fdcdb == -1) die_datatmp();
|
||||||
|
if (cdb_make_start(&cdb,fdcdb) == -1) die_datatmp();
|
||||||
|
|
||||||
|
@@ -487,8 +487,8 @@ int main()
|
||||||
|
if (cdb_make_finish(&cdb) == -1) die_datatmp();
|
||||||
|
if (fsync(fdcdb) == -1) die_datatmp();
|
||||||
|
if (close(fdcdb) == -1) die_datatmp(); /* NFS stupidity */
|
||||||
|
- if (rename("data.tmp","data.cdb") == -1)
|
||||||
|
- strerr_die2sys(111,FATAL,"unable to move data.tmp to data.cdb: ");
|
||||||
|
+ if (rename("data.cdb.tmp","data.cdb") == -1)
|
||||||
|
+ strerr_die2sys(111,FATAL,"unable to move data.cdb.tmp to data.cdb: ");
|
||||||
|
|
||||||
|
_exit(0);
|
||||||
|
}
|
226
200-dnscache-cname-handling.patch
Normal file
226
200-dnscache-cname-handling.patch
Normal file
@ -0,0 +1,226 @@
|
|||||||
|
--- a/query.c
|
||||||
|
+++ b/query.c
|
||||||
|
@@ -91,6 +91,21 @@ static void cleanup(struct query *z)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
+static int move_name_to_alias(struct query *z,uint32 ttl)
|
||||||
|
+{
|
||||||
|
+ int j ;
|
||||||
|
+
|
||||||
|
+ if (z->alias[QUERY_MAXALIAS - 1]) return 0 ;
|
||||||
|
+ for (j = QUERY_MAXALIAS - 1;j > 0;--j)
|
||||||
|
+ z->alias[j] = z->alias[j - 1];
|
||||||
|
+ for (j = QUERY_MAXALIAS - 1;j > 0;--j)
|
||||||
|
+ z->aliasttl[j] = z->aliasttl[j - 1];
|
||||||
|
+ z->alias[0] = z->name[0];
|
||||||
|
+ z->aliasttl[0] = ttl;
|
||||||
|
+ z->name[0] = 0;
|
||||||
|
+ return 1 ;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
static int rqa(struct query *z)
|
||||||
|
{
|
||||||
|
int i;
|
||||||
|
@@ -123,7 +138,6 @@ static int globalip(char *d,char ip[4])
|
||||||
|
static char *t1 = 0;
|
||||||
|
static char *t2 = 0;
|
||||||
|
static char *t3 = 0;
|
||||||
|
-static char *cname = 0;
|
||||||
|
static char *referral = 0;
|
||||||
|
static unsigned int *records = 0;
|
||||||
|
|
||||||
|
@@ -179,15 +193,14 @@ static int doit(struct query *z,int stat
|
||||||
|
uint16 datalen;
|
||||||
|
char *control;
|
||||||
|
char *d;
|
||||||
|
+ char *owner_name = 0 ;
|
||||||
|
const char *dtype;
|
||||||
|
unsigned int dlen;
|
||||||
|
int flagout;
|
||||||
|
- int flagcname;
|
||||||
|
int flagreferral;
|
||||||
|
int flagsoa;
|
||||||
|
uint32 ttl;
|
||||||
|
uint32 soattl;
|
||||||
|
- uint32 cnamettl;
|
||||||
|
int i;
|
||||||
|
int j;
|
||||||
|
int k;
|
||||||
|
@@ -253,7 +266,10 @@ static int doit(struct query *z,int stat
|
||||||
|
|
||||||
|
byte_copy(key,2,DNS_T_CNAME);
|
||||||
|
cached = cache_get(key,dlen + 2,&cachedlen,&ttl);
|
||||||
|
- if (cached) {
|
||||||
|
+ /* A previous explicit query might have caused an empty RRSet to have been
|
||||||
|
+ ** cached. Take care to ignore such a thing.
|
||||||
|
+ */
|
||||||
|
+ if (cached && cachedlen) {
|
||||||
|
if (typematch(DNS_T_CNAME,dtype)) {
|
||||||
|
log_cachedanswer(d,DNS_T_CNAME);
|
||||||
|
if (!rqa(z)) goto DIE;
|
||||||
|
@@ -262,8 +278,11 @@ static int doit(struct query *z,int stat
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
log_cachedcname(d,cached);
|
||||||
|
- if (!dns_domain_copy(&cname,cached)) goto DIE;
|
||||||
|
- goto CNAME;
|
||||||
|
+ if (!z->level) {
|
||||||
|
+ if (!move_name_to_alias(z,ttl)) goto DIE ;
|
||||||
|
+ }
|
||||||
|
+ if (!dns_domain_copy(&z->name[z->level],cached)) goto DIE;
|
||||||
|
+ goto NEWNAME;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (typematch(DNS_T_NS,dtype)) {
|
||||||
|
@@ -352,7 +371,7 @@ static int doit(struct query *z,int stat
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
- if (!typematch(DNS_T_ANY,dtype) && !typematch(DNS_T_AXFR,dtype) && !typematch(DNS_T_CNAME,dtype) && !typematch(DNS_T_NS,dtype) && !typematch(DNS_T_PTR,dtype) && !typematch(DNS_T_A,dtype) && !typematch(DNS_T_MX,dtype)) {
|
||||||
|
+ if (!typematch(DNS_T_ANY,dtype) && !typematch(DNS_T_AXFR,dtype) && !typematch(DNS_T_NS,dtype) && !typematch(DNS_T_PTR,dtype) && !typematch(DNS_T_A,dtype) && !typematch(DNS_T_MX,dtype)) {
|
||||||
|
byte_copy(key,2,dtype);
|
||||||
|
cached = cache_get(key,dlen + 2,&cachedlen,&ttl);
|
||||||
|
if (cached && (cachedlen || byte_diff(dtype,2,DNS_T_ANY))) {
|
||||||
|
@@ -473,29 +492,31 @@ static int doit(struct query *z,int stat
|
||||||
|
|
||||||
|
cachettl = 0;
|
||||||
|
flagout = 0;
|
||||||
|
- flagcname = 0;
|
||||||
|
flagreferral = 0;
|
||||||
|
flagsoa = 0;
|
||||||
|
soattl = 0;
|
||||||
|
- cnamettl = 0;
|
||||||
|
+ if (!dns_domain_copy(&owner_name,d)) goto DIE;
|
||||||
|
+ /* This code assumes that the CNAME chain is presented in the correct
|
||||||
|
+ ** order. The example algorithm in RFC 1034 will actually result in this
|
||||||
|
+ ** being the case, but the words do not require it to be so.
|
||||||
|
+ */
|
||||||
|
for (j = 0;j < numanswers;++j) {
|
||||||
|
pos = dns_packet_getname(buf,len,pos,&t1); if (!pos) goto DIE;
|
||||||
|
pos = dns_packet_copy(buf,len,pos,header,10); if (!pos) goto DIE;
|
||||||
|
|
||||||
|
- if (dns_domain_equal(t1,d))
|
||||||
|
+ if (dns_domain_equal(t1,owner_name))
|
||||||
|
if (byte_equal(header + 2,2,DNS_C_IN)) { /* should always be true */
|
||||||
|
if (typematch(header,dtype))
|
||||||
|
flagout = 1;
|
||||||
|
else if (typematch(header,DNS_T_CNAME)) {
|
||||||
|
- if (!dns_packet_getname(buf,len,pos,&cname)) goto DIE;
|
||||||
|
- flagcname = 1;
|
||||||
|
- cnamettl = ttlget(header + 4);
|
||||||
|
+ if (!dns_packet_getname(buf,len,pos,&owner_name)) goto DIE;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
uint16_unpack_big(header + 8,&datalen);
|
||||||
|
pos += datalen;
|
||||||
|
}
|
||||||
|
+ dns_domain_free(&owner_name) ;
|
||||||
|
posauthority = pos;
|
||||||
|
|
||||||
|
for (j = 0;j < numauthority;++j) {
|
||||||
|
@@ -522,15 +543,6 @@ static int doit(struct query *z,int stat
|
||||||
|
}
|
||||||
|
posglue = pos;
|
||||||
|
|
||||||
|
-
|
||||||
|
- if (!flagcname && !rcode && !flagout && flagreferral && !flagsoa)
|
||||||
|
- if (dns_domain_equal(referral,control) || !dns_domain_suffix(referral,control)) {
|
||||||
|
- log_lame(whichserver,control,referral);
|
||||||
|
- byte_zero(whichserver,4);
|
||||||
|
- goto HAVENS;
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
-
|
||||||
|
if (records) { alloc_free(records); records = 0; }
|
||||||
|
|
||||||
|
k = numanswers + numauthority + numglue;
|
||||||
|
@@ -677,24 +689,36 @@ static int doit(struct query *z,int stat
|
||||||
|
|
||||||
|
alloc_free(records); records = 0;
|
||||||
|
|
||||||
|
+ if (byte_diff(DNS_T_CNAME,2,dtype)) {
|
||||||
|
+ /* This code assumes that the CNAME chain is presented in the correct
|
||||||
|
+ ** order. The example algorithm in RFC 1034 will actually result in this
|
||||||
|
+ ** being the case, but the words do not require it to be so.
|
||||||
|
+ */
|
||||||
|
+ pos = posanswers;
|
||||||
|
+ for (j = 0;j < numanswers;++j) {
|
||||||
|
+ pos = dns_packet_getname(buf,len,pos,&t1); if (!pos) goto DIE;
|
||||||
|
+ pos = dns_packet_copy(buf,len,pos,header,10); if (!pos) goto DIE;
|
||||||
|
+
|
||||||
|
+ if (dns_domain_equal(t1,d))
|
||||||
|
+ if (byte_equal(header + 2,2,DNS_C_IN)) { /* should always be true */
|
||||||
|
+ if (typematch(header,DNS_T_CNAME)) {
|
||||||
|
+ ttl = ttlget(header + 4);
|
||||||
|
+ if (z->level == 0) {
|
||||||
|
+ if (!move_name_to_alias(z,ttl)) goto DIE ;
|
||||||
|
+ }
|
||||||
|
+ if (!dns_packet_getname(buf,len,pos,&z->name[z->level])) goto DIE;
|
||||||
|
+ d = z->name[z->level];
|
||||||
|
+ if (!dns_domain_suffix(d,control) || !roots_same(d,control))
|
||||||
|
+ goto NEWNAME ; /* Cannot trust the chain further - restart using current name */
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
|
||||||
|
- if (flagcname) {
|
||||||
|
- ttl = cnamettl;
|
||||||
|
- CNAME:
|
||||||
|
- if (!z->level) {
|
||||||
|
- if (z->alias[QUERY_MAXALIAS - 1]) goto DIE;
|
||||||
|
- for (j = QUERY_MAXALIAS - 1;j > 0;--j)
|
||||||
|
- z->alias[j] = z->alias[j - 1];
|
||||||
|
- for (j = QUERY_MAXALIAS - 1;j > 0;--j)
|
||||||
|
- z->aliasttl[j] = z->aliasttl[j - 1];
|
||||||
|
- z->alias[0] = z->name[0];
|
||||||
|
- z->aliasttl[0] = ttl;
|
||||||
|
- z->name[0] = 0;
|
||||||
|
+ uint16_unpack_big(header + 8,&datalen);
|
||||||
|
+ pos += datalen;
|
||||||
|
}
|
||||||
|
- if (!dns_domain_copy(&z->name[z->level],cname)) goto DIE;
|
||||||
|
- goto NEWNAME;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ /* A "no such name" error applies to the end of any CNAME chain, not to the start. */
|
||||||
|
if (rcode == 3) {
|
||||||
|
log_nxdomain(whichserver,d,cachettl);
|
||||||
|
cachegeneric(DNS_T_ANY,d,"",0,cachettl);
|
||||||
|
@@ -707,10 +731,26 @@ static int doit(struct query *z,int stat
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ /* We check for a lame server _after_ we have cached any records that it
|
||||||
|
+ ** might have returned to us. This copes better with the incorrect
|
||||||
|
+ ** behaviour of one content DNS server software that doesn't return
|
||||||
|
+ ** complete CNAME chains but instead returns only the first link in a
|
||||||
|
+ ** chain followed by a lame delegation to the same server.
|
||||||
|
+ ** Also: We check for a lame server _after_ following the CNAME chain. The
|
||||||
|
+ ** delegation in a referral answer applies to the _end_ of the chain, not
|
||||||
|
+ ** to the beginning.
|
||||||
|
+ */
|
||||||
|
+ if (!rcode && !flagout && flagreferral && !flagsoa)
|
||||||
|
+ if (dns_domain_equal(referral,control) || !dns_domain_suffix(referral,control)) {
|
||||||
|
+ log_lame(whichserver,control,referral);
|
||||||
|
+ byte_zero(whichserver,4);
|
||||||
|
+ goto HAVENS;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
if (!flagout && flagsoa)
|
||||||
|
+ /* Don't save empty RRSets for those types that we use as special markers. */
|
||||||
|
if (byte_diff(DNS_T_ANY,2,dtype))
|
||||||
|
- if (byte_diff(DNS_T_AXFR,2,dtype))
|
||||||
|
- if (byte_diff(DNS_T_CNAME,2,dtype)) {
|
||||||
|
+ if (byte_diff(DNS_T_AXFR,2,dtype)) {
|
||||||
|
save_start();
|
||||||
|
save_finish(dtype,d,soattl);
|
||||||
|
log_nodata(whichserver,d,dtype,soattl);
|
||||||
|
@@ -822,6 +862,7 @@ static int doit(struct query *z,int stat
|
||||||
|
DIE:
|
||||||
|
cleanup(z);
|
||||||
|
if (records) { alloc_free(records); records = 0; }
|
||||||
|
+ dns_domain_free(&owner_name) ;
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
47
210-dnscache-strict-forwardonly.patch
Normal file
47
210-dnscache-strict-forwardonly.patch
Normal file
@ -0,0 +1,47 @@
|
|||||||
|
--- a/log.h
|
||||||
|
+++ b/log.h
|
||||||
|
@@ -25,6 +25,7 @@ extern void log_nxdomain(const char *,co
|
||||||
|
extern void log_nodata(const char *,const char *,const char *,unsigned int);
|
||||||
|
extern void log_servfail(const char *);
|
||||||
|
extern void log_lame(const char *,const char *,const char *);
|
||||||
|
+extern void log_ignore_referral(const char *,const char *,const char *);
|
||||||
|
|
||||||
|
extern void log_rr(const char *,const char *,const char *,const char *,unsigned int,unsigned int);
|
||||||
|
extern void log_rrns(const char *,const char *,const char *,unsigned int);
|
||||||
|
--- a/log.c
|
||||||
|
+++ b/log.c
|
||||||
|
@@ -197,6 +197,13 @@ void log_lame(const char server[4],const
|
||||||
|
line();
|
||||||
|
}
|
||||||
|
|
||||||
|
+void log_ignore_referral(const char server[4],const char * control, const char *referral)
|
||||||
|
+{
|
||||||
|
+ string("ignored referral "); ip(server); space();
|
||||||
|
+ name(control); space(); name(referral);
|
||||||
|
+ line();
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
void log_servfail(const char *dn)
|
||||||
|
{
|
||||||
|
const char *x = error_str(errno);
|
||||||
|
--- a/query.c
|
||||||
|
+++ b/query.c
|
||||||
|
@@ -828,6 +828,18 @@ static int doit(struct query *z,int stat
|
||||||
|
|
||||||
|
|
||||||
|
if (!dns_domain_suffix(d,referral)) goto DIE;
|
||||||
|
+
|
||||||
|
+ /* In strict "forwardonly" mode, we don't, as the manual states,
|
||||||
|
+ ** contact a chain of servers according to "NS" resource records.
|
||||||
|
+ ** We don't obey any referral responses, therefore. Instead, we
|
||||||
|
+ ** eliminate the server from the list and try the next one.
|
||||||
|
+ */
|
||||||
|
+ if (flagforwardonly) {
|
||||||
|
+ log_ignore_referral(whichserver,control,referral);
|
||||||
|
+ byte_zero(whichserver,4);
|
||||||
|
+ goto HAVENS;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
control = d + dns_domain_suffixpos(d,referral);
|
||||||
|
z->control[z->level] = control;
|
||||||
|
byte_zero(z->servers[z->level],64);
|
194
230-tinydns-data-semantic-error.patch
Normal file
194
230-tinydns-data-semantic-error.patch
Normal file
@ -0,0 +1,194 @@
|
|||||||
|
--- a/tinydns-data.c
|
||||||
|
+++ b/tinydns-data.c
|
||||||
|
@@ -25,6 +25,14 @@
|
||||||
|
|
||||||
|
#define FATAL "tinydns-data: fatal: "
|
||||||
|
|
||||||
|
+void die_semantic2(const char * s1, const char * s2)
|
||||||
|
+{
|
||||||
|
+ strerr_die3x(111,FATAL,s1,s2) ;
|
||||||
|
+}
|
||||||
|
+void die_semantic4(const char * s1, const char * s2,const char * s3, const char * s4)
|
||||||
|
+{
|
||||||
|
+ strerr_die5x(111,FATAL,s1,s2,s3,s4) ;
|
||||||
|
+}
|
||||||
|
void die_datatmp(void)
|
||||||
|
{
|
||||||
|
strerr_die2sys(111,FATAL,"unable to create data.cdb.tmp: ");
|
||||||
|
@@ -34,20 +42,39 @@ void nomem(void)
|
||||||
|
strerr_die1sys(111,FATAL);
|
||||||
|
}
|
||||||
|
|
||||||
|
+void ttlparse(stralloc *sa,unsigned long * ttl, unsigned long defttl, const char * ltype)
|
||||||
|
+{
|
||||||
|
+ int ttllen ;
|
||||||
|
+
|
||||||
|
+ if (sa->len > 0) {
|
||||||
|
+ if (!stralloc_0(sa)) nomem();
|
||||||
|
+ ttllen = scan_ulong(sa->s,ttl) ;
|
||||||
|
+ if (ttllen + 1 != sa->len)
|
||||||
|
+ die_semantic4("unparseable TTL in ",ltype," line: ", sa->s) ;
|
||||||
|
+ } else
|
||||||
|
+ *ttl = defttl;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
void ttdparse(stralloc *sa,char ttd[8])
|
||||||
|
{
|
||||||
|
unsigned int i;
|
||||||
|
char ch;
|
||||||
|
|
||||||
|
byte_zero(ttd,8);
|
||||||
|
- for (i = 0;(i < 16) && (i < sa->len);++i) {
|
||||||
|
+ for (i = 0;i < sa->len;++i) {
|
||||||
|
+ if (i >= 16) {
|
||||||
|
+ if (!stralloc_0(sa)) nomem() ;
|
||||||
|
+ die_semantic2("timestamp is too long: ", sa->s) ;
|
||||||
|
+ }
|
||||||
|
ch = sa->s[i];
|
||||||
|
if ((ch >= '0') && (ch <= '9'))
|
||||||
|
ch -= '0';
|
||||||
|
else if ((ch >= 'a') && (ch <= 'f'))
|
||||||
|
ch -= 'a' - 10;
|
||||||
|
- else
|
||||||
|
- ch = 0;
|
||||||
|
+ else {
|
||||||
|
+ if (!stralloc_0(sa)) nomem() ;
|
||||||
|
+ die_semantic2("timestamp contains an invalid character: ", sa->s) ;
|
||||||
|
+ }
|
||||||
|
if (!(i & 1)) ch <<= 4;
|
||||||
|
ttd[i >> 1] |= ch;
|
||||||
|
}
|
||||||
|
@@ -55,6 +82,10 @@ void ttdparse(stralloc *sa,char ttd[8])
|
||||||
|
|
||||||
|
void locparse(stralloc *sa,char loc[2])
|
||||||
|
{
|
||||||
|
+ if (sa->len > 2) {
|
||||||
|
+ if (!stralloc_0(sa)) nomem() ;
|
||||||
|
+ die_semantic2("location code longer than two characters: ", sa->s) ;
|
||||||
|
+ }
|
||||||
|
loc[0] = (sa->len > 0) ? sa->s[0] : 0;
|
||||||
|
loc[1] = (sa->len > 1) ? sa->s[1] : 0;
|
||||||
|
}
|
||||||
|
@@ -187,6 +218,7 @@ int main()
|
||||||
|
int i;
|
||||||
|
int j;
|
||||||
|
int k;
|
||||||
|
+ int iplen ;
|
||||||
|
char ch;
|
||||||
|
unsigned long ttl;
|
||||||
|
char ttd[8];
|
||||||
|
@@ -267,8 +299,7 @@ int main()
|
||||||
|
if (!scan_ulong(f[7].s,&u)) uint32_unpack_big(defaultsoa + 16,&u);
|
||||||
|
uint32_pack_big(soa + 16,u);
|
||||||
|
|
||||||
|
- if (!stralloc_0(&f[8])) nomem();
|
||||||
|
- if (!scan_ulong(f[8].s,&ttl)) ttl = TTL_NEGATIVE;
|
||||||
|
+ ttlparse(&f[8],&ttl,TTL_NEGATIVE,"Z");
|
||||||
|
ttdparse(&f[9],ttd);
|
||||||
|
locparse(&f[10],loc);
|
||||||
|
|
||||||
|
@@ -283,8 +314,7 @@ int main()
|
||||||
|
|
||||||
|
case '.': case '&':
|
||||||
|
if (!dns_domain_fromdot(&d1,f[0].s,f[0].len)) nomem();
|
||||||
|
- if (!stralloc_0(&f[3])) nomem();
|
||||||
|
- if (!scan_ulong(f[3].s,&ttl)) ttl = TTL_NS;
|
||||||
|
+ ttlparse(&f[3],&ttl,TTL_NS,". or &");
|
||||||
|
ttdparse(&f[4],ttd);
|
||||||
|
locparse(&f[5],loc);
|
||||||
|
|
||||||
|
@@ -309,24 +339,26 @@ int main()
|
||||||
|
rr_addname(d2);
|
||||||
|
rr_finish(d1);
|
||||||
|
|
||||||
|
- if (ip4_scan(f[1].s,ip)) {
|
||||||
|
+ iplen = ip4_scan(f[1].s,ip) ;
|
||||||
|
+ if (iplen != 0 && iplen + 1 == f[1].len) {
|
||||||
|
rr_start(DNS_T_A,ttl,ttd,loc);
|
||||||
|
rr_add(ip,4);
|
||||||
|
rr_finish(d2);
|
||||||
|
- }
|
||||||
|
+ } else if (f[1].len > 1)
|
||||||
|
+ die_semantic4("unparseable IP address in ","& or ."," line: ", f[1].s) ;
|
||||||
|
|
||||||
|
break;
|
||||||
|
|
||||||
|
case '+': case '=':
|
||||||
|
if (!dns_domain_fromdot(&d1,f[0].s,f[0].len)) nomem();
|
||||||
|
- if (!stralloc_0(&f[2])) nomem();
|
||||||
|
- if (!scan_ulong(f[2].s,&ttl)) ttl = TTL_POSITIVE;
|
||||||
|
+ ttlparse(&f[2],&ttl,TTL_POSITIVE,"+ or =");
|
||||||
|
ttdparse(&f[3],ttd);
|
||||||
|
locparse(&f[4],loc);
|
||||||
|
|
||||||
|
if (!stralloc_0(&f[1])) nomem();
|
||||||
|
|
||||||
|
- if (ip4_scan(f[1].s,ip)) {
|
||||||
|
+ iplen = ip4_scan(f[1].s,ip) ;
|
||||||
|
+ if (iplen != 0 && iplen + 1 == f[1].len) {
|
||||||
|
rr_start(DNS_T_A,ttl,ttd,loc);
|
||||||
|
rr_add(ip,4);
|
||||||
|
rr_finish(d1);
|
||||||
|
@@ -337,13 +369,15 @@ int main()
|
||||||
|
rr_addname(d1);
|
||||||
|
rr_finish(dptr);
|
||||||
|
}
|
||||||
|
- }
|
||||||
|
+ } else if (f[1].len > 1)
|
||||||
|
+ die_semantic4("unparseable IP address in ","+ or ="," line: ", f[1].s) ;
|
||||||
|
+ else
|
||||||
|
+ die_semantic4("missing IP address in ","+ or ="," line: ", f[1].s) ;
|
||||||
|
break;
|
||||||
|
|
||||||
|
case '@':
|
||||||
|
if (!dns_domain_fromdot(&d1,f[0].s,f[0].len)) nomem();
|
||||||
|
- if (!stralloc_0(&f[4])) nomem();
|
||||||
|
- if (!scan_ulong(f[4].s,&ttl)) ttl = TTL_POSITIVE;
|
||||||
|
+ ttlparse(&f[4],&ttl,TTL_POSITIVE,"@");
|
||||||
|
ttdparse(&f[5],ttd);
|
||||||
|
locparse(&f[6],loc);
|
||||||
|
|
||||||
|
@@ -401,18 +435,19 @@ int main()
|
||||||
|
rr_addname(d2);
|
||||||
|
rr_finish(d1);
|
||||||
|
|
||||||
|
- if (ip4_scan(f[1].s,ip)) {
|
||||||
|
+ iplen = ip4_scan(f[1].s,ip) ;
|
||||||
|
+ if (iplen != 0 && iplen + 1 == f[1].len) {
|
||||||
|
rr_start(DNS_T_A,ttl,ttd,loc);
|
||||||
|
rr_add(ip,4);
|
||||||
|
rr_finish(d2);
|
||||||
|
- }
|
||||||
|
+ } else if (f[1].len > 1)
|
||||||
|
+ die_semantic4("unparseable IP address in ","@"," line: ", f[1].s) ;
|
||||||
|
break;
|
||||||
|
|
||||||
|
case '^': case 'C':
|
||||||
|
if (!dns_domain_fromdot(&d1,f[0].s,f[0].len)) nomem();
|
||||||
|
if (!dns_domain_fromdot(&d2,f[1].s,f[1].len)) nomem();
|
||||||
|
- if (!stralloc_0(&f[2])) nomem();
|
||||||
|
- if (!scan_ulong(f[2].s,&ttl)) ttl = TTL_POSITIVE;
|
||||||
|
+ ttlparse(&f[2],&ttl,TTL_POSITIVE,"^ or C");
|
||||||
|
ttdparse(&f[3],ttd);
|
||||||
|
locparse(&f[4],loc);
|
||||||
|
|
||||||
|
@@ -426,8 +461,7 @@ int main()
|
||||||
|
|
||||||
|
case '\'':
|
||||||
|
if (!dns_domain_fromdot(&d1,f[0].s,f[0].len)) nomem();
|
||||||
|
- if (!stralloc_0(&f[2])) nomem();
|
||||||
|
- if (!scan_ulong(f[2].s,&ttl)) ttl = TTL_POSITIVE;
|
||||||
|
+ ttlparse(&f[2],&ttl,TTL_POSITIVE,"\'");
|
||||||
|
ttdparse(&f[3],ttd);
|
||||||
|
locparse(&f[4],loc);
|
||||||
|
|
||||||
|
@@ -449,8 +483,7 @@ int main()
|
||||||
|
|
||||||
|
case ':':
|
||||||
|
if (!dns_domain_fromdot(&d1,f[0].s,f[0].len)) nomem();
|
||||||
|
- if (!stralloc_0(&f[3])) nomem();
|
||||||
|
- if (!scan_ulong(f[3].s,&ttl)) ttl = TTL_POSITIVE;
|
||||||
|
+ ttlparse(&f[3],&ttl,TTL_POSITIVE,":");
|
||||||
|
ttdparse(&f[4],ttd);
|
||||||
|
locparse(&f[5],loc);
|
||||||
|
|
87
240-tinydns-alias-chain-truncation.patch
Normal file
87
240-tinydns-alias-chain-truncation.patch
Normal file
@ -0,0 +1,87 @@
|
|||||||
|
--- a/tdlookup.c
|
||||||
|
+++ b/tdlookup.c
|
||||||
|
@@ -103,12 +103,13 @@ static int doname(void)
|
||||||
|
return response_addname(d1);
|
||||||
|
}
|
||||||
|
|
||||||
|
-static int doit(char *q,char qtype[2])
|
||||||
|
+static int doit1(char **pqname,char qtype[2])
|
||||||
|
{
|
||||||
|
unsigned int bpos;
|
||||||
|
unsigned int anpos;
|
||||||
|
unsigned int aupos;
|
||||||
|
unsigned int arpos;
|
||||||
|
+ char *q;
|
||||||
|
char *control;
|
||||||
|
char *wild;
|
||||||
|
int flaggavesoa;
|
||||||
|
@@ -122,6 +123,12 @@ static int doit(char *q,char qtype[2])
|
||||||
|
int addrnum;
|
||||||
|
uint32 addrttl;
|
||||||
|
int i;
|
||||||
|
+ int loop = 0 ;
|
||||||
|
+
|
||||||
|
+RESTART:
|
||||||
|
+ if (loop++ >= 100) return 0 ;
|
||||||
|
+
|
||||||
|
+ q = *pqname ;
|
||||||
|
|
||||||
|
anpos = response_len;
|
||||||
|
|
||||||
|
@@ -136,7 +143,14 @@ static int doit(char *q,char qtype[2])
|
||||||
|
if (byte_equal(type,2,DNS_T_NS)) flagns = 1;
|
||||||
|
}
|
||||||
|
if (flagns) break;
|
||||||
|
- if (!*control) return 0; /* q is not within our bailiwick */
|
||||||
|
+ if (!*control) { /* q is not within our bailiwick */
|
||||||
|
+ if (loop <= 1)
|
||||||
|
+ return 0 ;
|
||||||
|
+ else {
|
||||||
|
+ response[2] &= ~4;
|
||||||
|
+ goto DONE; /* The administrator has issued contradictory instructions */
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
control += *control;
|
||||||
|
control += 1;
|
||||||
|
}
|
||||||
|
@@ -172,9 +186,17 @@ static int doit(char *q,char qtype[2])
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
if (!response_rstart(q,type,ttl)) return 0;
|
||||||
|
- if (byte_equal(type,2,DNS_T_NS) || byte_equal(type,2,DNS_T_CNAME) || byte_equal(type,2,DNS_T_PTR)) {
|
||||||
|
+ if (byte_equal(type,2,DNS_T_NS) || byte_equal(type,2,DNS_T_PTR)) {
|
||||||
|
if (!doname()) return 0;
|
||||||
|
}
|
||||||
|
+ else if (byte_equal(type,2,DNS_T_CNAME)) {
|
||||||
|
+ if (!doname()) return 0;
|
||||||
|
+ if (byte_diff(type,2,qtype)) {
|
||||||
|
+ response_rfinish(RESPONSE_ANSWER);
|
||||||
|
+ if (!dns_domain_copy(pqname,d1)) return 0 ;
|
||||||
|
+ goto RESTART ;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
else if (byte_equal(type,2,DNS_T_MX)) {
|
||||||
|
if (!dobytes(2)) return 0;
|
||||||
|
if (!doname()) return 0;
|
||||||
|
@@ -275,9 +297,21 @@ static int doit(char *q,char qtype[2])
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
+DONE:
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
+static int doit(char *qname,char qtype[2])
|
||||||
|
+{
|
||||||
|
+ int r ;
|
||||||
|
+ char * q = 0 ;
|
||||||
|
+
|
||||||
|
+ if (!dns_domain_copy(&q, qname)) return 0 ;
|
||||||
|
+ r = doit1(&q, qtype) ;
|
||||||
|
+ dns_domain_free(&q) ;
|
||||||
|
+ return r ;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
int respond(char *q,char qtype[2],char ip[4])
|
||||||
|
{
|
||||||
|
static struct tai cdb_valid = { 0 };
|
16
270-dnscache-sigpipe-fix.patch
Normal file
16
270-dnscache-sigpipe-fix.patch
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
--- a/dnscache.c
|
||||||
|
+++ b/dnscache.c
|
||||||
|
@@ -1,4 +1,5 @@
|
||||||
|
#include <unistd.h>
|
||||||
|
+#include <signal.h>
|
||||||
|
#include "env.h"
|
||||||
|
#include "exit.h"
|
||||||
|
#include "scan.h"
|
||||||
|
@@ -391,6 +392,7 @@ int main()
|
||||||
|
char *x;
|
||||||
|
unsigned long cachesize;
|
||||||
|
|
||||||
|
+ signal(SIGPIPE, SIG_IGN);
|
||||||
|
x = env_get("IP");
|
||||||
|
if (!x)
|
||||||
|
strerr_die2x(111,FATAL,"$IP not set");
|
11
300-bugfix-dnscache-dempsky-poison.patch
Normal file
11
300-bugfix-dnscache-dempsky-poison.patch
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
--- a/response.c
|
||||||
|
+++ b/response.c
|
||||||
|
@@ -34,7 +34,7 @@ int response_addname(const char *d)
|
||||||
|
uint16_pack_big(buf,49152 + name_ptr[i]);
|
||||||
|
return response_addbytes(buf,2);
|
||||||
|
}
|
||||||
|
- if (dlen <= 128)
|
||||||
|
+ if ((dlen <= 128) && (response_len < 16384))
|
||||||
|
if (name_num < NAMES) {
|
||||||
|
byte_copy(name[name_num],dlen,d);
|
||||||
|
name_ptr[name_num] = response_len;
|
328
310-bugfix-dnscache-merge-outgoing-requests.patch
Normal file
328
310-bugfix-dnscache-merge-outgoing-requests.patch
Normal file
@ -0,0 +1,328 @@
|
|||||||
|
--- a/Makefile
|
||||||
|
+++ b/Makefile
|
||||||
|
@@ -315,11 +315,11 @@ stralloc.h iopause.h taia.h tai.h uint64
|
||||||
|
./compile dns_txt.c
|
||||||
|
|
||||||
|
dnscache: \
|
||||||
|
-load dnscache.o droproot.o okclient.o log.o cache.o query.o \
|
||||||
|
+load dnscache.o droproot.o okclient.o log.o cache.o query.o qmerge.o \
|
||||||
|
response.o dd.o roots.o iopause.o prot.o dns.a env.a alloc.a buffer.a \
|
||||||
|
libtai.a unix.a byte.a socket.lib
|
||||||
|
./load dnscache droproot.o okclient.o log.o cache.o \
|
||||||
|
- query.o response.o dd.o roots.o iopause.o prot.o dns.a \
|
||||||
|
+ query.o qmerge.o response.o dd.o roots.o iopause.o prot.o dns.a \
|
||||||
|
env.a alloc.a buffer.a libtai.a unix.a byte.a `cat \
|
||||||
|
socket.lib`
|
||||||
|
|
||||||
|
@@ -340,7 +340,7 @@ compile dnscache.c env.h exit.h scan.h s
|
||||||
|
uint16.h uint64.h socket.h uint16.h dns.h stralloc.h gen_alloc.h \
|
||||||
|
iopause.h taia.h tai.h uint64.h taia.h taia.h byte.h roots.h fmt.h \
|
||||||
|
iopause.h query.h dns.h uint32.h alloc.h response.h uint32.h cache.h \
|
||||||
|
-uint32.h uint64.h ndelay.h log.h uint64.h okclient.h droproot.h
|
||||||
|
+uint32.h uint64.h ndelay.h log.h uint64.h okclient.h droproot.h maxclient.h
|
||||||
|
./compile dnscache.c
|
||||||
|
|
||||||
|
dnsfilter: \
|
||||||
|
@@ -685,11 +685,16 @@ qlog.o: \
|
||||||
|
compile qlog.c buffer.h qlog.h uint16.h
|
||||||
|
./compile qlog.c
|
||||||
|
|
||||||
|
+qmerge.o: \
|
||||||
|
+compile qmerge.c qmerge.h dns.h stralloc.h gen_alloc.h iopause.h \
|
||||||
|
+taia.h tai.h uint64.h log.h maxclient.h
|
||||||
|
+ ./compile qmerge.c
|
||||||
|
+
|
||||||
|
query.o: \
|
||||||
|
compile query.c error.h roots.h log.h uint64.h case.h cache.h \
|
||||||
|
uint32.h uint64.h byte.h dns.h stralloc.h gen_alloc.h iopause.h \
|
||||||
|
taia.h tai.h uint64.h taia.h uint64.h uint32.h uint16.h dd.h alloc.h \
|
||||||
|
-response.h uint32.h query.h dns.h uint32.h
|
||||||
|
+response.h uint32.h query.h dns.h uint32.h qmerge.h
|
||||||
|
./compile query.c
|
||||||
|
|
||||||
|
random-ip: \
|
||||||
|
--- a/dnscache.c
|
||||||
|
+++ b/dnscache.c
|
||||||
|
@@ -20,6 +20,7 @@
|
||||||
|
#include "response.h"
|
||||||
|
#include "cache.h"
|
||||||
|
#include "ndelay.h"
|
||||||
|
+#include "maxclient.h"
|
||||||
|
#include "log.h"
|
||||||
|
#include "okclient.h"
|
||||||
|
#include "droproot.h"
|
||||||
|
@@ -57,7 +58,6 @@ uint64 numqueries = 0;
|
||||||
|
|
||||||
|
static int udp53;
|
||||||
|
|
||||||
|
-#define MAXUDP 200
|
||||||
|
static struct udpclient {
|
||||||
|
struct query q;
|
||||||
|
struct taia start;
|
||||||
|
@@ -134,7 +134,6 @@ void u_new(void)
|
||||||
|
|
||||||
|
static int tcp53;
|
||||||
|
|
||||||
|
-#define MAXTCP 20
|
||||||
|
struct tcpclient {
|
||||||
|
struct query q;
|
||||||
|
struct taia start;
|
||||||
|
--- a/log.c
|
||||||
|
+++ b/log.c
|
||||||
|
@@ -151,6 +151,13 @@ void log_tx(const char *q,const char qty
|
||||||
|
line();
|
||||||
|
}
|
||||||
|
|
||||||
|
+void log_tx_piggyback(const char *q, const char qtype[2], const char *control)
|
||||||
|
+{
|
||||||
|
+ string("txpb ");
|
||||||
|
+ logtype(qtype); space(); name(q); space(); name(control);
|
||||||
|
+ line();
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
void log_cachedanswer(const char *q,const char type[2])
|
||||||
|
{
|
||||||
|
string("cached "); logtype(type); space();
|
||||||
|
--- a/log.h
|
||||||
|
+++ b/log.h
|
||||||
|
@@ -20,6 +20,7 @@ extern void log_cachednxdomain(const cha
|
||||||
|
extern void log_cachedns(const char *,const char *);
|
||||||
|
|
||||||
|
extern void log_tx(const char *,const char *,const char *,const char *,unsigned int);
|
||||||
|
+extern void log_tx_piggyback(const char *,const char *,const char *);
|
||||||
|
|
||||||
|
extern void log_nxdomain(const char *,const char *,unsigned int);
|
||||||
|
extern void log_nodata(const char *,const char *,const char *,unsigned int);
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/maxclient.h
|
||||||
|
@@ -0,0 +1,7 @@
|
||||||
|
+#ifndef MAXCLIENT_H
|
||||||
|
+#define MAXCLIENT_H
|
||||||
|
+
|
||||||
|
+#define MAXUDP 200
|
||||||
|
+#define MAXTCP 20
|
||||||
|
+
|
||||||
|
+#endif /* MAXCLIENT_H */
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/qmerge.c
|
||||||
|
@@ -0,0 +1,115 @@
|
||||||
|
+#include "qmerge.h"
|
||||||
|
+#include "byte.h"
|
||||||
|
+#include "log.h"
|
||||||
|
+#include "maxclient.h"
|
||||||
|
+
|
||||||
|
+#define QMERGE_MAX (MAXUDP+MAXTCP)
|
||||||
|
+struct qmerge inprogress[QMERGE_MAX];
|
||||||
|
+
|
||||||
|
+static
|
||||||
|
+int qmerge_key_init(struct qmerge_key *qmk, const char *q, const char qtype[2],
|
||||||
|
+ const char *control)
|
||||||
|
+{
|
||||||
|
+ if (!dns_domain_copy(&qmk->q, q)) return 0;
|
||||||
|
+ byte_copy(qmk->qtype, 2, qtype);
|
||||||
|
+ if (!dns_domain_copy(&qmk->control, control)) return 0;
|
||||||
|
+ return 1;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+static
|
||||||
|
+int qmerge_key_equal(struct qmerge_key *a, struct qmerge_key *b)
|
||||||
|
+{
|
||||||
|
+ return
|
||||||
|
+ byte_equal(a->qtype, 2, b->qtype) &&
|
||||||
|
+ dns_domain_equal(a->q, b->q) &&
|
||||||
|
+ dns_domain_equal(a->control, b->control);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+static
|
||||||
|
+void qmerge_key_free(struct qmerge_key *qmk)
|
||||||
|
+{
|
||||||
|
+ dns_domain_free(&qmk->q);
|
||||||
|
+ dns_domain_free(&qmk->control);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+void qmerge_free(struct qmerge **x)
|
||||||
|
+{
|
||||||
|
+ struct qmerge *qm;
|
||||||
|
+
|
||||||
|
+ qm = *x;
|
||||||
|
+ *x = 0;
|
||||||
|
+ if (!qm || !qm->active) return;
|
||||||
|
+
|
||||||
|
+ qm->active--;
|
||||||
|
+ if (!qm->active) {
|
||||||
|
+ qmerge_key_free(&qm->key);
|
||||||
|
+ dns_transmit_free(&qm->dt);
|
||||||
|
+ }
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+int qmerge_start(struct qmerge **qm, const char servers[64], int flagrecursive,
|
||||||
|
+ const char *q, const char qtype[2], const char localip[4],
|
||||||
|
+ const char *control)
|
||||||
|
+{
|
||||||
|
+ struct qmerge_key k;
|
||||||
|
+ int i;
|
||||||
|
+ int r;
|
||||||
|
+
|
||||||
|
+ qmerge_free(qm);
|
||||||
|
+
|
||||||
|
+ byte_zero(&k, sizeof k);
|
||||||
|
+ if (!qmerge_key_init(&k, q, qtype, control)) return -1;
|
||||||
|
+ for (i = 0; i < QMERGE_MAX; i++) {
|
||||||
|
+ if (!inprogress[i].active) continue;
|
||||||
|
+ if (!qmerge_key_equal(&k, &inprogress[i].key)) continue;
|
||||||
|
+ log_tx_piggyback(q, qtype, control);
|
||||||
|
+ inprogress[i].active++;
|
||||||
|
+ *qm = &inprogress[i];
|
||||||
|
+ qmerge_key_free(&k);
|
||||||
|
+ return 0;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ for (i = 0; i < QMERGE_MAX; i++)
|
||||||
|
+ if (!inprogress[i].active)
|
||||||
|
+ break;
|
||||||
|
+ if (i == QMERGE_MAX) return -1;
|
||||||
|
+
|
||||||
|
+ log_tx(q, qtype, control, servers, 0);
|
||||||
|
+ r = dns_transmit_start(&inprogress[i].dt, servers, flagrecursive, q, qtype, localip);
|
||||||
|
+ if (r == -1) { qmerge_key_free(&k); return -1; }
|
||||||
|
+ inprogress[i].active++;
|
||||||
|
+ inprogress[i].state = 0;
|
||||||
|
+ qmerge_key_free(&inprogress[i].key);
|
||||||
|
+ byte_copy(&inprogress[i].key, sizeof k, &k);
|
||||||
|
+ *qm = &inprogress[i];
|
||||||
|
+ return 0;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+void qmerge_io(struct qmerge *qm, iopause_fd *io, struct taia *deadline)
|
||||||
|
+{
|
||||||
|
+ if (qm->state == 0) {
|
||||||
|
+ dns_transmit_io(&qm->dt, io, deadline);
|
||||||
|
+ qm->state = 1;
|
||||||
|
+ }
|
||||||
|
+ else {
|
||||||
|
+ io->fd = -1;
|
||||||
|
+ io->events = 0;
|
||||||
|
+ }
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+int qmerge_get(struct qmerge **x, const iopause_fd *io, const struct taia *when)
|
||||||
|
+{
|
||||||
|
+ int r;
|
||||||
|
+ struct qmerge *qm;
|
||||||
|
+
|
||||||
|
+ qm = *x;
|
||||||
|
+ if (qm->state == -1) return -1; /* previous error */
|
||||||
|
+ if (qm->state == 0) return 0; /* no packet */
|
||||||
|
+ if (qm->state == 2) return 1; /* already got packet */
|
||||||
|
+
|
||||||
|
+ r = dns_transmit_get(&qm->dt, io, when);
|
||||||
|
+ if (r == -1) { qm->state = -1; return -1; } /* error */
|
||||||
|
+ if (r == 0) { qm->state = 0; return 0; } /* must wait for i/o */
|
||||||
|
+ if (r == 1) { qm->state = 2; return 1; } /* got packet */
|
||||||
|
+ return -1; /* bug */
|
||||||
|
+}
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/qmerge.h
|
||||||
|
@@ -0,0 +1,24 @@
|
||||||
|
+#ifndef QMERGE_H
|
||||||
|
+#define QMERGE_H
|
||||||
|
+
|
||||||
|
+#include "dns.h"
|
||||||
|
+
|
||||||
|
+struct qmerge_key {
|
||||||
|
+ char *q;
|
||||||
|
+ char qtype[2];
|
||||||
|
+ char *control;
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+struct qmerge {
|
||||||
|
+ int active;
|
||||||
|
+ struct qmerge_key key;
|
||||||
|
+ struct dns_transmit dt;
|
||||||
|
+ int state; /* -1 = error, 0 = need io, 1 = need get, 2 = got packet */
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+extern int qmerge_start(struct qmerge **,const char *,int,const char *,const char *,const char *,const char *);
|
||||||
|
+extern void qmerge_io(struct qmerge *,iopause_fd *,struct taia *);
|
||||||
|
+extern int qmerge_get(struct qmerge **,const iopause_fd *,const struct taia *);
|
||||||
|
+extern void qmerge_free(struct qmerge **);
|
||||||
|
+
|
||||||
|
+#endif /* QMERGE_H */
|
||||||
|
--- a/query.c
|
||||||
|
+++ b/query.c
|
||||||
|
@@ -83,7 +83,7 @@ static void cleanup(struct query *z)
|
||||||
|
int j;
|
||||||
|
int k;
|
||||||
|
|
||||||
|
- dns_transmit_free(&z->dt);
|
||||||
|
+ qmerge_free(&z->qm);
|
||||||
|
for (j = 0;j < QUERY_MAXALIAS;++j)
|
||||||
|
dns_domain_free(&z->alias[j]);
|
||||||
|
for (j = 0;j < QUERY_MAXLEVEL;++j) {
|
||||||
|
@@ -452,14 +452,8 @@ static int doit(struct query *z,int stat
|
||||||
|
if (j == 64) goto SERVFAIL;
|
||||||
|
|
||||||
|
dns_sortip(z->servers[z->level],64);
|
||||||
|
- if (z->level) {
|
||||||
|
- log_tx(z->name[z->level],DNS_T_A,z->control[z->level],z->servers[z->level],z->level);
|
||||||
|
- if (dns_transmit_start(&z->dt,z->servers[z->level],flagforwardonly,z->name[z->level],DNS_T_A,z->localip) == -1) goto DIE;
|
||||||
|
- }
|
||||||
|
- else {
|
||||||
|
- log_tx(z->name[0],z->type,z->control[0],z->servers[0],0);
|
||||||
|
- if (dns_transmit_start(&z->dt,z->servers[0],flagforwardonly,z->name[0],z->type,z->localip) == -1) goto DIE;
|
||||||
|
- }
|
||||||
|
+ dtype = z->level ? DNS_T_A : z->type;
|
||||||
|
+ if (qmerge_start(&z->qm,z->servers[z->level],flagforwardonly,z->name[z->level],dtype,z->localip,z->control[z->level]) == -1) goto DIE;
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
|
||||||
|
@@ -473,10 +467,10 @@ static int doit(struct query *z,int stat
|
||||||
|
|
||||||
|
HAVEPACKET:
|
||||||
|
if (++z->loop == 100) goto DIE;
|
||||||
|
- buf = z->dt.packet;
|
||||||
|
- len = z->dt.packetlen;
|
||||||
|
+ buf = z->qm->dt.packet;
|
||||||
|
+ len = z->qm->dt.packetlen;
|
||||||
|
|
||||||
|
- whichserver = z->dt.servers + 4 * z->dt.curserver;
|
||||||
|
+ whichserver = z->qm->dt.servers + 4 * z->qm->dt.curserver;
|
||||||
|
control = z->control[z->level];
|
||||||
|
d = z->name[z->level];
|
||||||
|
dtype = z->level ? DNS_T_A : z->type;
|
||||||
|
@@ -902,7 +896,7 @@ int query_start(struct query *z,char *dn
|
||||||
|
|
||||||
|
int query_get(struct query *z,iopause_fd *x,struct taia *stamp)
|
||||||
|
{
|
||||||
|
- switch(dns_transmit_get(&z->dt,x,stamp)) {
|
||||||
|
+ switch(qmerge_get(&z->qm,x,stamp)) {
|
||||||
|
case 1:
|
||||||
|
return doit(z,1);
|
||||||
|
case -1:
|
||||||
|
@@ -913,5 +907,5 @@ int query_get(struct query *z,iopause_fd
|
||||||
|
|
||||||
|
void query_io(struct query *z,iopause_fd *x,struct taia *deadline)
|
||||||
|
{
|
||||||
|
- dns_transmit_io(&z->dt,x,deadline);
|
||||||
|
+ qmerge_io(z->qm,x,deadline);
|
||||||
|
}
|
||||||
|
--- a/query.h
|
||||||
|
+++ b/query.h
|
||||||
|
@@ -1,7 +1,7 @@
|
||||||
|
#ifndef QUERY_H
|
||||||
|
#define QUERY_H
|
||||||
|
|
||||||
|
-#include "dns.h"
|
||||||
|
+#include "qmerge.h"
|
||||||
|
#include "uint32.h"
|
||||||
|
|
||||||
|
#define QUERY_MAXLEVEL 5
|
||||||
|
@@ -20,7 +20,7 @@ struct query {
|
||||||
|
char localip[4];
|
||||||
|
char type[2];
|
||||||
|
char class[2];
|
||||||
|
- struct dns_transmit dt;
|
||||||
|
+ struct qmerge *qm;
|
||||||
|
} ;
|
||||||
|
|
||||||
|
extern int query_start(struct query *,char *,char *,char *,char *);
|
67
320-bugfix-dnscache-cache-soa-records.patch
Normal file
67
320-bugfix-dnscache-cache-soa-records.patch
Normal file
@ -0,0 +1,67 @@
|
|||||||
|
--- a/query.c
|
||||||
|
+++ b/query.c
|
||||||
|
@@ -342,6 +342,29 @@ static int doit(struct query *z,int stat
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
+ if (typematch(DNS_T_SOA,dtype)) {
|
||||||
|
+ byte_copy(key,2,DNS_T_SOA);
|
||||||
|
+ cached = cache_get(key,dlen + 2,&cachedlen,&ttl);
|
||||||
|
+ if (cached && (cachedlen || byte_diff(dtype,2,DNS_T_ANY))) {
|
||||||
|
+ log_cachedanswer(d,DNS_T_SOA);
|
||||||
|
+ if (!rqa(z)) goto DIE;
|
||||||
|
+ pos = 0;
|
||||||
|
+ while (pos = dns_packet_copy(cached,cachedlen,pos,misc,20)) {
|
||||||
|
+ pos = dns_packet_getname(cached,cachedlen,pos,&t2);
|
||||||
|
+ if (!pos) break;
|
||||||
|
+ pos = dns_packet_getname(cached,cachedlen,pos,&t3);
|
||||||
|
+ if (!pos) break;
|
||||||
|
+ if (!response_rstart(d,DNS_T_SOA,ttl)) goto DIE;
|
||||||
|
+ if (!response_addname(t2)) goto DIE;
|
||||||
|
+ if (!response_addname(t3)) goto DIE;
|
||||||
|
+ if (!response_addbytes(misc,20)) goto DIE;
|
||||||
|
+ response_rfinish(RESPONSE_ANSWER);
|
||||||
|
+ }
|
||||||
|
+ cleanup(z);
|
||||||
|
+ return 1;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
if (typematch(DNS_T_A,dtype)) {
|
||||||
|
byte_copy(key,2,DNS_T_A);
|
||||||
|
cached = cache_get(key,dlen + 2,&cachedlen,&ttl);
|
||||||
|
@@ -374,7 +397,7 @@ static int doit(struct query *z,int stat
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
- if (!typematch(DNS_T_ANY,dtype) && !typematch(DNS_T_AXFR,dtype) && !typematch(DNS_T_NS,dtype) && !typematch(DNS_T_PTR,dtype) && !typematch(DNS_T_A,dtype) && !typematch(DNS_T_MX,dtype)) {
|
||||||
|
+ if (!typematch(DNS_T_ANY,dtype) && !typematch(DNS_T_AXFR,dtype) && !typematch(DNS_T_NS,dtype) && !typematch(DNS_T_PTR,dtype) && !typematch(DNS_T_A,dtype) && !typematch(DNS_T_MX,dtype) && !typematch(DNS_T_SOA,dtype)) {
|
||||||
|
byte_copy(key,2,dtype);
|
||||||
|
cached = cache_get(key,dlen + 2,&cachedlen,&ttl);
|
||||||
|
if (cached && (cachedlen || byte_diff(dtype,2,DNS_T_ANY))) {
|
||||||
|
@@ -601,15 +624,24 @@ static int doit(struct query *z,int stat
|
||||||
|
else if (byte_equal(type,2,DNS_T_AXFR))
|
||||||
|
;
|
||||||
|
else if (byte_equal(type,2,DNS_T_SOA)) {
|
||||||
|
+ int non_authority = 0;
|
||||||
|
+ save_start();
|
||||||
|
while (i < j) {
|
||||||
|
pos = dns_packet_skipname(buf,len,records[i]); if (!pos) goto DIE;
|
||||||
|
pos = dns_packet_getname(buf,len,pos + 10,&t2); if (!pos) goto DIE;
|
||||||
|
pos = dns_packet_getname(buf,len,pos,&t3); if (!pos) goto DIE;
|
||||||
|
pos = dns_packet_copy(buf,len,pos,misc,20); if (!pos) goto DIE;
|
||||||
|
- if (records[i] < posauthority)
|
||||||
|
+ if (records[i] < posauthority) {
|
||||||
|
log_rrsoa(whichserver,t1,t2,t3,misc,ttl);
|
||||||
|
+ save_data(misc,20);
|
||||||
|
+ save_data(t2,dns_domain_length(t2));
|
||||||
|
+ save_data(t3,dns_domain_length(t3));
|
||||||
|
+ non_authority++;
|
||||||
|
+ }
|
||||||
|
++i;
|
||||||
|
}
|
||||||
|
+ if (non_authority)
|
||||||
|
+ save_finish(DNS_T_SOA,t1,ttl);
|
||||||
|
}
|
||||||
|
else if (byte_equal(type,2,DNS_T_CNAME)) {
|
||||||
|
pos = dns_packet_skipname(buf,len,records[j - 1]); if (!pos) goto DIE;
|
59
330-fix-dnscache-cname-handling.patch
Normal file
59
330-fix-dnscache-cname-handling.patch
Normal file
@ -0,0 +1,59 @@
|
|||||||
|
--- djbdns-1.05/query.c 2012-08-30 22:14:28.885825918 +0800
|
||||||
|
+++ djbdns-1.05-new/query.c 2012-08-30 22:22:23.887727783 +0800
|
||||||
|
@@ -220,7 +217,7 @@
|
||||||
|
|
||||||
|
|
||||||
|
NEWNAME:
|
||||||
|
- if (++z->loop == 100) goto DIE;
|
||||||
|
+ if (++z->loop == 150) goto DIE;
|
||||||
|
d = z->name[z->level];
|
||||||
|
dtype = z->level ? DNS_T_A : z->type;
|
||||||
|
dlen = dns_domain_length(d);
|
||||||
|
@@ -489,7 +486,7 @@
|
||||||
|
|
||||||
|
|
||||||
|
HAVEPACKET:
|
||||||
|
- if (++z->loop == 100) goto DIE;
|
||||||
|
+ if (++z->loop == 150) goto DIE;
|
||||||
|
buf = z->qm->dt.packet;
|
||||||
|
len = z->qm->dt.packetlen;
|
||||||
|
|
||||||
|
@@ -722,6 +716,7 @@
|
||||||
|
alloc_free(records); records = 0;
|
||||||
|
|
||||||
|
if (byte_diff(DNS_T_CNAME,2,dtype)) {
|
||||||
|
+ int flagcname = 0;
|
||||||
|
/* This code assumes that the CNAME chain is presented in the correct
|
||||||
|
** order. The example algorithm in RFC 1034 will actually result in this
|
||||||
|
** being the case, but the words do not require it to be so.
|
||||||
|
@@ -734,20 +729,29 @@
|
||||||
|
if (dns_domain_equal(t1,d))
|
||||||
|
if (byte_equal(header + 2,2,DNS_C_IN)) { /* should always be true */
|
||||||
|
if (typematch(header,DNS_T_CNAME)) {
|
||||||
|
+ flagcname = 1;
|
||||||
|
ttl = ttlget(header + 4);
|
||||||
|
if (z->level == 0) {
|
||||||
|
if (!move_name_to_alias(z,ttl)) goto DIE ;
|
||||||
|
}
|
||||||
|
+ if (!dns_domain_copy(&owner_name, control)) goto DIE ;
|
||||||
|
if (!dns_packet_getname(buf,len,pos,&z->name[z->level])) goto DIE;
|
||||||
|
d = z->name[z->level];
|
||||||
|
- if (!dns_domain_suffix(d,control) || !roots_same(d,control))
|
||||||
|
+ if (!dns_domain_suffix(d,owner_name) || !roots_same(d,owner_name)) {
|
||||||
|
+ dns_domain_free(&owner_name);
|
||||||
|
goto NEWNAME ; /* Cannot trust the chain further - restart using current name */
|
||||||
|
}
|
||||||
|
+ control = d + dns_domain_suffixpos(d,owner_name);
|
||||||
|
+ z->control[z->level] = control;
|
||||||
|
+ dns_domain_free(&owner_name);
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
|
||||||
|
uint16_unpack_big(header + 8,&datalen);
|
||||||
|
pos += datalen;
|
||||||
|
}
|
||||||
|
+ if (flagcname != 0)
|
||||||
|
+ goto HAVENS;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* A "no such name" error applies to the end of any CNAME chain, not to the start. */
|
41
450-dnscache-ghost-domain-CVE-2012-1191.patch
Normal file
41
450-dnscache-ghost-domain-CVE-2012-1191.patch
Normal file
@ -0,0 +1,41 @@
|
|||||||
|
# initial patch http://marc.info/?l=djbdns&m=134190748729079&w=2
|
||||||
|
#--- djbdns-1.05/query.c.orig 2012-07-10 09:24:23.000000000 +0200
|
||||||
|
#+++ djbdns-1.05/query.c 2012-07-10 09:24:26.000000000 +0200
|
||||||
|
#@@ -578,6 +578,7 @@
|
||||||
|
# }
|
||||||
|
#
|
||||||
|
# if (!dns_domain_suffix(t1,control)) { i = j; continue; }
|
||||||
|
#+ if (byte_equal(type,2,DNS_T_NS) && dns_domain_equal(t1,control)) { i = j; continue; }
|
||||||
|
# if (!roots_same(t1,control)) { i = j; continue; }
|
||||||
|
#
|
||||||
|
# if (byte_equal(type,2,DNS_T_ANY))
|
||||||
|
#
|
||||||
|
# alternative http://marc.info/?l=djbdns&m=134219930603966&w=2
|
||||||
|
#--- djbdns-1.05.orig/query.c 2001-02-11 22:11:45.000000000 +0100
|
||||||
|
#+++ djbdns-1.05/query.c 2012-07-13 18:52:16.313862281 +0200
|
||||||
|
#@@ -578,6 +578,7 @@
|
||||||
|
# }
|
||||||
|
#
|
||||||
|
# if (!dns_domain_suffix(t1,control)) { i = j; continue; }
|
||||||
|
#+ if (byte_equal(type,2,DNS_T_NS) && dns_domain_equal(t1,control) && (posauthority <= records[i])) { i = j; continue; } if (!roots_same(t1,control)) { i = j; continue; }
|
||||||
|
# if (byte_equal(type,2,DNS_T_ANY))
|
||||||
|
#
|
||||||
|
#http://marc.info/?l=djbdns&m=134269902121506&w=2
|
||||||
|
# Created 2012 by Peter Conrad <conrad@tivano.de>
|
||||||
|
#
|
||||||
|
# This patch is public domain.
|
||||||
|
#
|
||||||
|
--- djbdns-1.05/query.c.orig 2012-07-10 09:24:23.000000000 +0200
|
||||||
|
+++ djbdns-1.05/query.c 2012-07-10 09:24:26.000000000 +0200
|
||||||
|
@@ -578,6 +578,10 @@
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!dns_domain_suffix(t1,control)) { i = j; continue; }
|
||||||
|
+ if (!flagforwardonly && byte_equal(type,2,DNS_T_NS) && dns_domain_equal(t1,control)) {
|
||||||
|
+ char dummy[256];
|
||||||
|
+ if (!roots(dummy,control)) { i = j; continue; }
|
||||||
|
+ }
|
||||||
|
if (!roots_same(t1,control)) { i = j; continue; }
|
||||||
|
|
||||||
|
if (byte_equal(type,2,DNS_T_ANY))
|
||||||
|
|
31
500-cutom-dnscache-maxloop.patch
Normal file
31
500-cutom-dnscache-maxloop.patch
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
--- djbdns-1.05/query.c 2012-08-30 22:14:28.885825918 +0800
|
||||||
|
+++ djbdns-1.05-new/query.c 2012-08-30 22:22:23.887727783 +0800
|
||||||
|
@@ -220,7 +217,7 @@
|
||||||
|
|
||||||
|
|
||||||
|
NEWNAME:
|
||||||
|
- if (++z->loop == 150) goto DIE;
|
||||||
|
+ if (++z->loop == QUERY_MAXLOOP) goto DIE;
|
||||||
|
d = z->name[z->level];
|
||||||
|
dtype = z->level ? DNS_T_A : z->type;
|
||||||
|
dlen = dns_domain_length(d);
|
||||||
|
@@ -489,7 +486,7 @@
|
||||||
|
|
||||||
|
|
||||||
|
HAVEPACKET:
|
||||||
|
- if (++z->loop == 150) goto DIE;
|
||||||
|
+ if (++z->loop == QUERY_MAXLOOP) goto DIE;
|
||||||
|
buf = z->qm->dt.packet;
|
||||||
|
len = z->qm->dt.packetlen;
|
||||||
|
|
||||||
|
diff -ru djbdns-1.05/query.h djbdns-1.05-new/query.h
|
||||||
|
--- djbdns-1.05/query.h 2001-02-11 22:11:45.000000000 +0100
|
||||||
|
+++ djbdns-1.05-new/query.h 2005-11-10 18:39:58.000000000 +0100
|
||||||
|
@@ -7,6 +7,7 @@
|
||||||
|
#define QUERY_MAXLEVEL 5
|
||||||
|
#define QUERY_MAXALIAS 16
|
||||||
|
#define QUERY_MAXNS 16
|
||||||
|
+#define QUERY_MAXLOOP 500
|
||||||
|
|
||||||
|
struct query {
|
||||||
|
unsigned int loop;
|
21
Makefile
Normal file
21
Makefile
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
# Makefile for source rpm: djbdns
|
||||||
|
# $Id: Makefile,v 1.1 2016/02/04 12:33:23 vip-ire Exp $
|
||||||
|
NAME := djbdns
|
||||||
|
SPECFILE = $(firstword $(wildcard *.spec))
|
||||||
|
|
||||||
|
define find-makefile-common
|
||||||
|
for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
|
||||||
|
endef
|
||||||
|
|
||||||
|
MAKEFILE_COMMON := $(shell $(find-makefile-common))
|
||||||
|
|
||||||
|
ifeq ($(MAKEFILE_COMMON),)
|
||||||
|
# attept a checkout
|
||||||
|
define checkout-makefile-common
|
||||||
|
test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2
|
||||||
|
endef
|
||||||
|
|
||||||
|
MAKEFILE_COMMON := $(shell $(checkout-makefile-common))
|
||||||
|
endif
|
||||||
|
|
||||||
|
include $(MAKEFILE_COMMON)
|
10
README.md
10
README.md
@ -1,3 +1,11 @@
|
|||||||
# djbdns
|
# djbdns
|
||||||
|
|
||||||
3rd Party (Maintained by Koozali) git repo for djbdns smeserver
|
3rd Party (Maintained by Koozali) git repo for djbdns smeserver
|
||||||
|
|
||||||
|
## Description
|
||||||
|
|
||||||
|
<br />*This description has been generated by an LLM AI system and cannot be relied on to be fully correct.*
|
||||||
|
*Once it has been checked, then this comment will be deleted*
|
||||||
|
<br />
|
||||||
|
|
||||||
|
Djbdns is an open source software package designed to provide a secure and reliable Domain Name System (DNS) for small networks. The djbdns package includes a DNS server, a DNS library, and tools to manage DNS zones. The DNS server is designed to be fast, secure, and reliable, while the DNS library can be used to develop custom applications that use DNS lookups. The tools included in the package allow users to create, update, and delete DNS entries as well as manage the DNS zones for a domain.
|
||||||
|
1
contriborbase
Normal file
1
contriborbase
Normal file
@ -0,0 +1 @@
|
|||||||
|
sme10
|
155
djbdns-1.05.patch.2001022000
Normal file
155
djbdns-1.05.patch.2001022000
Normal file
@ -0,0 +1,155 @@
|
|||||||
|
diff -ruN djbdns-1.05-00/Makefile djbdns-1.05-01/Makefile
|
||||||
|
--- djbdns-1.05-00/Makefile Sun Feb 11 16:11:45 2001
|
||||||
|
+++ djbdns-1.05-01/Makefile Tue Feb 20 12:18:30 2001
|
||||||
|
@@ -37,6 +37,22 @@
|
||||||
|
compile auto_home.c
|
||||||
|
./compile auto_home.c
|
||||||
|
|
||||||
|
+root_auto_home.c: \
|
||||||
|
+auto-str conf-home
|
||||||
|
+ ./auto-str root_auto_home `pwd`/root`head -1 conf-home` > root_auto_home.c
|
||||||
|
+
|
||||||
|
+root_auto_home.o: \
|
||||||
|
+compile root_auto_home.c
|
||||||
|
+ ./compile root_auto_home.c
|
||||||
|
+
|
||||||
|
+root.c: \
|
||||||
|
+auto-str conf-home
|
||||||
|
+ ./auto-str root `pwd`/root > root.c
|
||||||
|
+
|
||||||
|
+root.o: \
|
||||||
|
+compile root.c
|
||||||
|
+ ./compile root.c
|
||||||
|
+
|
||||||
|
axfr-get: \
|
||||||
|
load axfr-get.o iopause.o timeoutread.o timeoutwrite.o dns.a libtai.a \
|
||||||
|
alloc.a buffer.a unix.a byte.a
|
||||||
|
@@ -515,20 +531,20 @@
|
||||||
|
./choose clr tryshsgr hasshsgr.h1 hasshsgr.h2 > hasshsgr.h
|
||||||
|
|
||||||
|
hier.o: \
|
||||||
|
-compile hier.c auto_home.h
|
||||||
|
+compile hier.c root_auto_home.h root.h
|
||||||
|
./compile hier.c
|
||||||
|
|
||||||
|
install: \
|
||||||
|
-load install.o hier.o auto_home.o buffer.a unix.a byte.a
|
||||||
|
- ./load install hier.o auto_home.o buffer.a unix.a byte.a
|
||||||
|
+load install.o hier.o root.o root_auto_home.o buffer.a unix.a byte.a
|
||||||
|
+ ./load install hier.o root.o root_auto_home.o buffer.a unix.a byte.a
|
||||||
|
|
||||||
|
install.o: \
|
||||||
|
compile install.c buffer.h strerr.h error.h open.h exit.h
|
||||||
|
./compile install.c
|
||||||
|
|
||||||
|
instcheck: \
|
||||||
|
-load instcheck.o hier.o auto_home.o buffer.a unix.a byte.a
|
||||||
|
- ./load instcheck hier.o auto_home.o buffer.a unix.a byte.a
|
||||||
|
+load instcheck.o hier.o root.o root_auto_home.o buffer.a unix.a byte.a
|
||||||
|
+ ./load instcheck hier.o root.o root_auto_home.o buffer.a unix.a byte.a
|
||||||
|
|
||||||
|
instcheck.o: \
|
||||||
|
compile instcheck.c strerr.h error.h exit.h
|
||||||
|
diff -ruN djbdns-1.05-00/hier.c djbdns-1.05-01/hier.c
|
||||||
|
--- djbdns-1.05-00/hier.c Sun Feb 11 16:11:45 2001
|
||||||
|
+++ djbdns-1.05-01/hier.c Tue Feb 20 12:19:33 2001
|
||||||
|
@@ -1,42 +1,43 @@
|
||||||
|
-#include "auto_home.h"
|
||||||
|
+#include "root_auto_home.h"
|
||||||
|
+#include "root.h"
|
||||||
|
|
||||||
|
void hier()
|
||||||
|
{
|
||||||
|
- c("/","etc","dnsroots.global",-1,-1,0644);
|
||||||
|
+ c(root,"etc","dnsroots.global",-1,-1,0644);
|
||||||
|
|
||||||
|
- h(auto_home,-1,-1,02755);
|
||||||
|
- d(auto_home,"bin",-1,-1,02755);
|
||||||
|
+ h(root_auto_home,-1,-1,02755);
|
||||||
|
+ d(root_auto_home,"bin",-1,-1,02755);
|
||||||
|
|
||||||
|
- c(auto_home,"bin","dnscache-conf",-1,-1,0755);
|
||||||
|
- c(auto_home,"bin","tinydns-conf",-1,-1,0755);
|
||||||
|
- c(auto_home,"bin","walldns-conf",-1,-1,0755);
|
||||||
|
- c(auto_home,"bin","rbldns-conf",-1,-1,0755);
|
||||||
|
- c(auto_home,"bin","pickdns-conf",-1,-1,0755);
|
||||||
|
- c(auto_home,"bin","axfrdns-conf",-1,-1,0755);
|
||||||
|
-
|
||||||
|
- c(auto_home,"bin","dnscache",-1,-1,0755);
|
||||||
|
- c(auto_home,"bin","tinydns",-1,-1,0755);
|
||||||
|
- c(auto_home,"bin","walldns",-1,-1,0755);
|
||||||
|
- c(auto_home,"bin","rbldns",-1,-1,0755);
|
||||||
|
- c(auto_home,"bin","pickdns",-1,-1,0755);
|
||||||
|
- c(auto_home,"bin","axfrdns",-1,-1,0755);
|
||||||
|
-
|
||||||
|
- c(auto_home,"bin","tinydns-get",-1,-1,0755);
|
||||||
|
- c(auto_home,"bin","tinydns-data",-1,-1,0755);
|
||||||
|
- c(auto_home,"bin","tinydns-edit",-1,-1,0755);
|
||||||
|
- c(auto_home,"bin","rbldns-data",-1,-1,0755);
|
||||||
|
- c(auto_home,"bin","pickdns-data",-1,-1,0755);
|
||||||
|
- c(auto_home,"bin","axfr-get",-1,-1,0755);
|
||||||
|
-
|
||||||
|
- c(auto_home,"bin","dnsip",-1,-1,0755);
|
||||||
|
- c(auto_home,"bin","dnsipq",-1,-1,0755);
|
||||||
|
- c(auto_home,"bin","dnsname",-1,-1,0755);
|
||||||
|
- c(auto_home,"bin","dnstxt",-1,-1,0755);
|
||||||
|
- c(auto_home,"bin","dnsmx",-1,-1,0755);
|
||||||
|
- c(auto_home,"bin","dnsfilter",-1,-1,0755);
|
||||||
|
- c(auto_home,"bin","random-ip",-1,-1,0755);
|
||||||
|
- c(auto_home,"bin","dnsqr",-1,-1,0755);
|
||||||
|
- c(auto_home,"bin","dnsq",-1,-1,0755);
|
||||||
|
- c(auto_home,"bin","dnstrace",-1,-1,0755);
|
||||||
|
- c(auto_home,"bin","dnstracesort",-1,-1,0755);
|
||||||
|
+ c(root_auto_home,"bin","dnscache-conf",-1,-1,0755);
|
||||||
|
+ c(root_auto_home,"bin","tinydns-conf",-1,-1,0755);
|
||||||
|
+ c(root_auto_home,"bin","walldns-conf",-1,-1,0755);
|
||||||
|
+ c(root_auto_home,"bin","rbldns-conf",-1,-1,0755);
|
||||||
|
+ c(root_auto_home,"bin","pickdns-conf",-1,-1,0755);
|
||||||
|
+ c(root_auto_home,"bin","axfrdns-conf",-1,-1,0755);
|
||||||
|
+
|
||||||
|
+ c(root_auto_home,"bin","dnscache",-1,-1,0755);
|
||||||
|
+ c(root_auto_home,"bin","tinydns",-1,-1,0755);
|
||||||
|
+ c(root_auto_home,"bin","walldns",-1,-1,0755);
|
||||||
|
+ c(root_auto_home,"bin","rbldns",-1,-1,0755);
|
||||||
|
+ c(root_auto_home,"bin","pickdns",-1,-1,0755);
|
||||||
|
+ c(root_auto_home,"bin","axfrdns",-1,-1,0755);
|
||||||
|
+
|
||||||
|
+ c(root_auto_home,"bin","tinydns-get",-1,-1,0755);
|
||||||
|
+ c(root_auto_home,"bin","tinydns-data",-1,-1,0755);
|
||||||
|
+ c(root_auto_home,"bin","tinydns-edit",-1,-1,0755);
|
||||||
|
+ c(root_auto_home,"bin","rbldns-data",-1,-1,0755);
|
||||||
|
+ c(root_auto_home,"bin","pickdns-data",-1,-1,0755);
|
||||||
|
+ c(root_auto_home,"bin","axfr-get",-1,-1,0755);
|
||||||
|
+
|
||||||
|
+ c(root_auto_home,"bin","dnsip",-1,-1,0755);
|
||||||
|
+ c(root_auto_home,"bin","dnsipq",-1,-1,0755);
|
||||||
|
+ c(root_auto_home,"bin","dnsname",-1,-1,0755);
|
||||||
|
+ c(root_auto_home,"bin","dnstxt",-1,-1,0755);
|
||||||
|
+ c(root_auto_home,"bin","dnsmx",-1,-1,0755);
|
||||||
|
+ c(root_auto_home,"bin","dnsfilter",-1,-1,0755);
|
||||||
|
+ c(root_auto_home,"bin","random-ip",-1,-1,0755);
|
||||||
|
+ c(root_auto_home,"bin","dnsqr",-1,-1,0755);
|
||||||
|
+ c(root_auto_home,"bin","dnsq",-1,-1,0755);
|
||||||
|
+ c(root_auto_home,"bin","dnstrace",-1,-1,0755);
|
||||||
|
+ c(root_auto_home,"bin","dnstracesort",-1,-1,0755);
|
||||||
|
}
|
||||||
|
diff -ruN djbdns-1.05-00/root.h djbdns-1.05-01/root.h
|
||||||
|
--- djbdns-1.05-00/root.h Wed Dec 31 19:00:00 1969
|
||||||
|
+++ djbdns-1.05-01/root.h Tue Feb 20 12:19:51 2001
|
||||||
|
@@ -0,0 +1,6 @@
|
||||||
|
+#ifndef ROOT_H
|
||||||
|
+#define ROOT_H
|
||||||
|
+
|
||||||
|
+extern const char root[];
|
||||||
|
+
|
||||||
|
+#endif
|
||||||
|
diff -ruN djbdns-1.05-00/root_auto_home.h djbdns-1.05-01/root_auto_home.h
|
||||||
|
--- djbdns-1.05-00/root_auto_home.h Wed Dec 31 19:00:00 1969
|
||||||
|
+++ djbdns-1.05-01/root_auto_home.h Tue Feb 20 12:19:59 2001
|
||||||
|
@@ -0,0 +1,6 @@
|
||||||
|
+#ifndef ROOT_AUTO_HOME_H
|
||||||
|
+#define ROOT_AUTO_HOME_H
|
||||||
|
+
|
||||||
|
+extern const char root_auto_home[];
|
||||||
|
+
|
||||||
|
+#endif
|
BIN
djbdns-1.05.tar.gz
(Stored with Git LFS)
Normal file
BIN
djbdns-1.05.tar.gz
(Stored with Git LFS)
Normal file
Binary file not shown.
240
djbdns.spec
Normal file
240
djbdns.spec
Normal file
@ -0,0 +1,240 @@
|
|||||||
|
# $Id: djbdns.spec,v 1.4 2021/04/13 01:01:10 jpp Exp $
|
||||||
|
|
||||||
|
#
|
||||||
|
# RPM spec file for Dan Bernstein's djbdns package
|
||||||
|
#
|
||||||
|
# $Id: djbdns.spec,v 1.4 2021/04/13 01:01:10 jpp Exp $
|
||||||
|
#
|
||||||
|
Summary: collection of Domain Name System tools
|
||||||
|
%define name djbdns
|
||||||
|
Name: %{name}
|
||||||
|
%define version 1.05
|
||||||
|
%define release 11
|
||||||
|
Version: %{version}
|
||||||
|
Release: %{release}%{?dist}
|
||||||
|
License: Public Domain
|
||||||
|
Group: Networking/Daemons
|
||||||
|
Source: http://cr.yp.to/%{name}/%{name}-%{version}.tar.gz
|
||||||
|
URL: http://cr.yp.to/%{name}.html
|
||||||
|
Patch0: %{name}-%{version}.patch.2001022000
|
||||||
|
Patch1: dns_transmit-bug.patch
|
||||||
|
#Patch2: http://homepages.tesco.net./~J.deBoynePollard/Softwares/djbdns/dnscache-cname-handling.patch
|
||||||
|
#Patch3: http://homepages.tesco.net./~J.deBoynePollard/Softwares/djbdns/dnscache-strict-forwardonly.patch
|
||||||
|
#Patch4: http://homepages.tesco.net./~J.deBoynePollard/Softwares/djbdns/tinydns-alias-chain-truncation.patch
|
||||||
|
|
||||||
|
# openwrt patches
|
||||||
|
Patch20: https://dev.openwrt.org/export/HEAD/packages/net/djbdns/patches/020-dnsroots-update.patch
|
||||||
|
Patch30: https://dev.openwrt.org/export/HEAD/packages/net/djbdns/patches/030-srv-records-and-axfrget.patch
|
||||||
|
Patch50: https://dev.openwrt.org/export/HEAD/packages/net/djbdns/patches/050-tinydns-mmap-leak.patch
|
||||||
|
Patch60: https://dev.openwrt.org/export/HEAD/packages/net/djbdns/patches/060-dnscache-big-udp-packets.patch
|
||||||
|
Patch70: https://dev.openwrt.org/export/HEAD/packages/net/djbdns/patches/070-dnscache-dpos-tcp-servfail.patch
|
||||||
|
Patch90: https://dev.openwrt.org/export/HEAD/packages/net/djbdns/patches/090-tinydns-one-second.patch
|
||||||
|
Patch80: https://dev.openwrt.org/export/HEAD/packages/net/djbdns/patches/080-dnscache-cache-negatives.patch
|
||||||
|
Patch120: https://dev.openwrt.org/export/HEAD/packages/net/djbdns/patches/120-compiler-temporary-filename.patch
|
||||||
|
Patch200: https://dev.openwrt.org/export/HEAD/packages/net/djbdns/patches/200-dnscache-cname-handling.patch
|
||||||
|
Patch210: https://dev.openwrt.org/export/HEAD/packages/net/djbdns/patches/210-dnscache-strict-forwardonly.patch
|
||||||
|
Patch230: https://dev.openwrt.org/export/HEAD/packages/net/djbdns/patches/230-tinydns-data-semantic-error.patch
|
||||||
|
Patch240: https://dev.openwrt.org/export/HEAD/packages/net/djbdns/patches/240-tinydns-alias-chain-truncation.patch
|
||||||
|
Patch270: https://dev.openwrt.org/export/HEAD/packages/net/djbdns/patches/270-dnscache-sigpipe-fix.patch
|
||||||
|
Patch300: https://dev.openwrt.org/export/HEAD/packages/net/djbdns/patches/300-bugfix-dnscache-dempsky-poison.patch
|
||||||
|
Patch310: https://dev.openwrt.org/export/HEAD/packages/net/djbdns/patches/310-bugfix-dnscache-merge-outgoing-requests.patch
|
||||||
|
Patch320: https://dev.openwrt.org/export/HEAD/packages/net/djbdns/patches/320-bugfix-dnscache-cache-soa-records.patch
|
||||||
|
Patch330: https://dev.openwrt.org/raw-attachment/ticket/5881/330-fix-dnscache-cname-handling.patch
|
||||||
|
|
||||||
|
#after openwrt applied patches
|
||||||
|
Patch450: 450-dnscache-ghost-domain-CVE-2012-1191.patch
|
||||||
|
Patch500: 500-cutom-dnscache-maxloop.patch
|
||||||
|
|
||||||
|
|
||||||
|
BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot
|
||||||
|
Provides: djbdns
|
||||||
|
AutoReqProv: no
|
||||||
|
|
||||||
|
%description
|
||||||
|
djbdns is a collection of Domain Name System tools. It includes several
|
||||||
|
components:
|
||||||
|
|
||||||
|
- The dnscache program is a local DNS cache. It accepts recursive
|
||||||
|
DNS queries from local clients such as web browsers. It collects
|
||||||
|
responses from remote DNS servers.
|
||||||
|
|
||||||
|
- The tinydns program is a fast, UDP-only DNS server. It makes
|
||||||
|
local DNS information available to the Internet. It supports load
|
||||||
|
balancing and client differentiation.
|
||||||
|
|
||||||
|
- The walldns program is a reverse DNS wall. It provides matching
|
||||||
|
reverse and forward records while hiding local host information.
|
||||||
|
|
||||||
|
- The rbldns program is an IP-address-listing DNS server. It uses
|
||||||
|
DNS to publish a list of IP addresses, such as RBL or DUL.
|
||||||
|
|
||||||
|
- The dns library handles outgoing and incoming DNS packets. It can
|
||||||
|
be used by clients such as web browsers to look up host addresses,
|
||||||
|
host names, MX records, etc. It supports asynchronous resolution.
|
||||||
|
|
||||||
|
- The dnsfilter program is a parallel IP-address-to-host-name
|
||||||
|
converter.
|
||||||
|
|
||||||
|
- The dnsip, dnsipq, dnsname, dnstxt, and dnsmx programs are simple
|
||||||
|
command-line interfaces to DNS.
|
||||||
|
|
||||||
|
- The dnsq and dnstrace programs are DNS debugging tools.
|
||||||
|
|
||||||
|
djbdns was written by Daniel J Bernstein, and was placed into the public
|
||||||
|
domain on Dec 28, 2007.
|
||||||
|
|
||||||
|
%changelog
|
||||||
|
* Fri Jul 14 2023 BogusDateBot
|
||||||
|
- Eliminated rpmbuild "bogus date" warnings due to inconsistent weekday,
|
||||||
|
by assuming the date is correct and changing the weekday.
|
||||||
|
|
||||||
|
* Mon Apr 12 2021 Jean-Philippe Pialasse <tests@pialasse.com> 1.05-11.sme
|
||||||
|
- import modification from SME9 [SME: 11548]
|
||||||
|
- improve short ttl cname resolution and glueless answer from akadns [SME: 8362]
|
||||||
|
- 500-cutom-dnscache-maxloop.patch: set QUERY_MAXLEVEL 5 QUERY_MAXLOOP 500 QUERY_MAXNS 16 [SME: 10300]
|
||||||
|
|
||||||
|
* Wed Jul 12 2017 Jean-Philippe Pialasse <tests@pialasse.com> 1.05-10.sme
|
||||||
|
- improve short ttl cname resolution and glueless answer from akadns [SME: 8362]
|
||||||
|
- 500-cutom-dnscache-maxloop.patch: increase QUERY_MAXLEVEL 5->10 , set QUERY_MAXLOOP 160
|
||||||
|
|
||||||
|
* Tue Jul 11 2017 Jean-Philippe Pialasse <tests@pialasse.com> 1.05-9.sme
|
||||||
|
--import patches from openwrt and rename already applied patches
|
||||||
|
--fix security issues [SME: 10374]
|
||||||
|
- 020-dnsroots-update.patch: update list of root DNS servers
|
||||||
|
- 070-dnscache-dpos-tcp-servfail.patch: SERVFAIL rename previous patch dns_transmit-bug.patch
|
||||||
|
- 080-dnscache-cache-negatives.patch: rfc2308 ?
|
||||||
|
- 210-dnscache-strict-forwardonly.patch: rename previous patch dnscache-strict-forwardonly.patch
|
||||||
|
- 240-tinydns-alias-chain-truncation.patch: rename previous patch tinydns-alias-chain-truncation.patch
|
||||||
|
- 270-dnscache-sigpipe-fix.patch: SIGPIPE
|
||||||
|
- 300-bugfix-dnscache-dempsky-poison.patch: CVE-2009-0858
|
||||||
|
- 310-bugfix-dnscache-merge-outgoing-requests.patch: CVE-2008-4392
|
||||||
|
- 320-bugfix-dnscache-cache-soa-records.patch: CVE-2008-4392
|
||||||
|
- 450-dnscache-ghost-domain-CVE-2012-1191.patch: CVE-2012-1191 http://marc.info/?l=djbdns&m=134190748729079&w=2
|
||||||
|
--bug fixes [SME: 10374]
|
||||||
|
- 060-dnscache-big-udp-packets.patch: accept and handle longer than 512 bytes UDP packets
|
||||||
|
- 230-tinydns-data-semantic-error.patch: handle semantic error to avoid publishing false dns records
|
||||||
|
--fix issue with short ttl cname like akamaid [SME: 8362]
|
||||||
|
- 200-dnscache-cname-handling.patch: rename previous patch dnscache-cname-handling.patch
|
||||||
|
- 330-fix-dnscache-cname-handling.patch: fix dnscache cname for short ttl
|
||||||
|
- 500-cutom-dnscache-maxloop.patch: set max loop to 200
|
||||||
|
--needed for previous patches to apply cleanly
|
||||||
|
- 030-srv-records-and-axfrget.patch: add SRV record type and axfr-get decompose SRC and PTR records (for 230-*.patch)
|
||||||
|
- 050-tinydns-mmap-leak.patch: report cdb leak
|
||||||
|
- 080-dnscache-cache-negatives.patch: rfc2308 ?
|
||||||
|
- 090-tinydns-one-second.patch: improve tinydns with 8 or more concurent connections (for 240-*.patch)
|
||||||
|
- 120-compiler-temporary-filename.patch: change tmp filename to avoid conflicts (for 230-*.patch)
|
||||||
|
|
||||||
|
* Mon Mar 24 2008 Shad L. Lords <slords@mail.com> 1.05-8
|
||||||
|
- Comment out contentious patches for now [SME: 3826] [SME: 3824]
|
||||||
|
|
||||||
|
* Mon Jan 28 2008 Charlie Brady <charlie_brady@mitel.com> 1.05-7
|
||||||
|
- Patch tinydns to publish complete client-side alias chains. [SME: 3826]
|
||||||
|
|
||||||
|
* Mon Jan 28 2008 Charlie Brady <charlie_brady@mitel.com> 1.05-6
|
||||||
|
- Patch to fix problems with delegation loops. [SME: 3825]
|
||||||
|
|
||||||
|
* Mon Jan 28 2008 Charlie Brady <charlie_brady@mitel.com> 1.05-5
|
||||||
|
- Patch to fix various problems in dnscache CNAME record handling. [SME: 3824]
|
||||||
|
|
||||||
|
* Thu Jan 10 2008 Charlie Brady <charlieb@e-smith.com> 1.05-4
|
||||||
|
- Patch around TCP bug: http://alkemio.org/dns_transmit-bug.html
|
||||||
|
- Change license to "Public Domain' - http://cr.yp.to/distributors.html
|
||||||
|
|
||||||
|
* Sun Apr 29 2007 Shad L. Lords <slords@mail.com>
|
||||||
|
- Clean up spec so package can be built by koji/plague
|
||||||
|
|
||||||
|
* Thu Dec 07 2006 Shad L. Lords <slords@mail.com>
|
||||||
|
- Update to new release naming. No functional changes.
|
||||||
|
- Make Packager generic
|
||||||
|
|
||||||
|
* Thu Nov 11 2004 Charlie Brady <charlieb@e-smith.com> 1.05-02
|
||||||
|
- Use "conf-cc" value which works around errno problem.
|
||||||
|
|
||||||
|
* Tue Feb 20 2001 Peter Samuel <peters@e-smith.com>
|
||||||
|
- [1.05-01]
|
||||||
|
- Updated for djbdns-1.05.
|
||||||
|
|
||||||
|
* Tue Feb 6 2001 Peter Samuel <peters@e-smith.com>
|
||||||
|
- [1.04-01]
|
||||||
|
- Now installs in its own root area prior to creating binary RPM.
|
||||||
|
|
||||||
|
%prep
|
||||||
|
%setup
|
||||||
|
|
||||||
|
# This patch allows files to be installed in a relative directory prior
|
||||||
|
# to creating the binary RPM. It does not change the installed files or
|
||||||
|
# their final installed locations.
|
||||||
|
|
||||||
|
%patch0 -p1
|
||||||
|
|
||||||
|
# Create the relative installation directories.
|
||||||
|
|
||||||
|
mkdir -p ./root/usr
|
||||||
|
mkdir -p ./root/etc
|
||||||
|
|
||||||
|
%patch20 -p1
|
||||||
|
%patch30 -p1
|
||||||
|
%patch50 -p1
|
||||||
|
%patch60 -p1
|
||||||
|
%patch70 -p1
|
||||||
|
%patch80 -p1
|
||||||
|
%patch90 -p1
|
||||||
|
%patch120 -p1
|
||||||
|
%patch200 -p1
|
||||||
|
%patch210 -p1
|
||||||
|
%patch230 -p1
|
||||||
|
%patch240 -p1
|
||||||
|
%patch270 -p1
|
||||||
|
%patch300 -p1
|
||||||
|
%patch310 -p1
|
||||||
|
%patch320 -p1
|
||||||
|
%patch330 -p1
|
||||||
|
%patch450 -p1
|
||||||
|
%patch500 -p1
|
||||||
|
|
||||||
|
|
||||||
|
%build
|
||||||
|
echo "gcc -O2 -Wall --include /usr/include/errno.h" > conf-cc
|
||||||
|
echo "gcc -s -Os -pipe" > conf-ld
|
||||||
|
make
|
||||||
|
|
||||||
|
%install
|
||||||
|
make setup
|
||||||
|
make check
|
||||||
|
rm -rf $RPM_BUILD_ROOT
|
||||||
|
(cd root ; find . -depth -print | cpio -dump $RPM_BUILD_ROOT)
|
||||||
|
|
||||||
|
%clean
|
||||||
|
rm -rf $RPM_BUILD_ROOT
|
||||||
|
|
||||||
|
%files
|
||||||
|
%attr(644,root,root) /etc/dnsroots.global
|
||||||
|
%attr(755,root,root) /usr/local/bin/axfrdns
|
||||||
|
%attr(755,root,root) /usr/local/bin/axfrdns-conf
|
||||||
|
%attr(755,root,root) /usr/local/bin/axfr-get
|
||||||
|
%attr(755,root,root) /usr/local/bin/dnscache
|
||||||
|
%attr(755,root,root) /usr/local/bin/dnscache-conf
|
||||||
|
%attr(755,root,root) /usr/local/bin/dnsfilter
|
||||||
|
%attr(755,root,root) /usr/local/bin/dnsip
|
||||||
|
%attr(755,root,root) /usr/local/bin/dnsipq
|
||||||
|
%attr(755,root,root) /usr/local/bin/dnsmx
|
||||||
|
%attr(755,root,root) /usr/local/bin/dnsname
|
||||||
|
%attr(755,root,root) /usr/local/bin/dnsq
|
||||||
|
%attr(755,root,root) /usr/local/bin/dnsqr
|
||||||
|
%attr(755,root,root) /usr/local/bin/dnstrace
|
||||||
|
%attr(755,root,root) /usr/local/bin/dnstracesort
|
||||||
|
%attr(755,root,root) /usr/local/bin/dnstxt
|
||||||
|
%attr(755,root,root) /usr/local/bin/pickdns
|
||||||
|
%attr(755,root,root) /usr/local/bin/pickdns-conf
|
||||||
|
%attr(755,root,root) /usr/local/bin/pickdns-data
|
||||||
|
%attr(755,root,root) /usr/local/bin/random-ip
|
||||||
|
%attr(755,root,root) /usr/local/bin/rbldns
|
||||||
|
%attr(755,root,root) /usr/local/bin/rbldns-conf
|
||||||
|
%attr(755,root,root) /usr/local/bin/rbldns-data
|
||||||
|
%attr(755,root,root) /usr/local/bin/tinydns
|
||||||
|
%attr(755,root,root) /usr/local/bin/tinydns-conf
|
||||||
|
%attr(755,root,root) /usr/local/bin/tinydns-data
|
||||||
|
%attr(755,root,root) /usr/local/bin/tinydns-edit
|
||||||
|
%attr(755,root,root) /usr/local/bin/tinydns-get
|
||||||
|
%attr(755,root,root) /usr/local/bin/walldns
|
||||||
|
%attr(755,root,root) /usr/local/bin/walldns-conf
|
11
dns_transmit-bug.patch
Normal file
11
dns_transmit-bug.patch
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
diff -Nur -x '*.orig' -x '*.rej' djbdns-1.05/dns_transmit.c mezzanine_patched_djbdns-1.05/dns_transmit.c
|
||||||
|
--- djbdns-1.05/dns_transmit.c 2001-02-11 16:11:45.000000000 -0500
|
||||||
|
+++ mezzanine_patched_djbdns-1.05/dns_transmit.c 2008-01-10 14:37:04.000000000 -0500
|
||||||
|
@@ -166,6 +166,7 @@
|
||||||
|
taia_uint(&d->deadline,10);
|
||||||
|
taia_add(&d->deadline,&d->deadline,&now);
|
||||||
|
if (socket_connect4(d->s1 - 1,ip,53) == 0) {
|
||||||
|
+ d->pos = 0;
|
||||||
|
d->tcpstate = 2;
|
||||||
|
return 0;
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user