bind

Jeff Rizzo Tue, 24 Jul 2012 13:38:45 -0700

Module Name:    src
Committed By:   riz
Date:           Tue Jul 24 20:38:40 UTC 2012


Modified Files:
        src/dist/bind [netbsd-4]: CHANGES version
        src/dist/bind/bin/tests/system/stub [netbsd-4]: tests.sh
        src/dist/bind/lib/dns [netbsd-4]: resolver.c zone.c
        src/dist/bind/lib/isc [netbsd-4]: random.c

Log Message:
Pull up following revision(s) (requested by spz in ticket #1455):
dist/bind/CHANGES
dist/bind/version
dist/bind/bin/tests/system/stub/tests.sh
dist/bind/lib/dns/resolver.c
dist/bind/lib/dns/zone.c
dist/bind/lib/isc/random.c

Address "Heavy DNSSEC validation load can cause a "bad cache" assertion
failure in bind" vulnerability.

It was generated out of the 9.6-ESV-R7-P1 patch from ISC


To generate a diff of this commit:
cvs rdiff -u -r1.1.1.4.4.9 -r1.1.1.4.4.10 src/dist/bind/CHANGES \
    src/dist/bind/version
cvs rdiff -u -r1.1.1.3.4.1 -r1.1.1.3.4.2 \
    src/dist/bind/bin/tests/system/stub/tests.sh
cvs rdiff -u -r1.2.2.7 -r1.2.2.8 src/dist/bind/lib/dns/resolver.c
cvs rdiff -u -r1.1.1.4.4.3 -r1.1.1.4.4.4 src/dist/bind/lib/dns/zone.c
cvs rdiff -u -r1.1.1.3.4.2 -r1.1.1.3.4.3 src/dist/bind/lib/isc/random.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/dist/bind/CHANGES
diff -u src/dist/bind/CHANGES:1.1.1.4.4.9 src/dist/bind/CHANGES:1.1.1.4.4.10
--- src/dist/bind/CHANGES:1.1.1.4.4.9	Tue Jun  5 20:01:02 2012
+++ src/dist/bind/CHANGES	Tue Jul 24 20:38:38 2012
@@ -1,3 +1,14 @@
+        --- 9.4-ESV-R4-P2nb1: added patches from 9.6-ESV-R7-P2 ---
+
+3346.	[security]	Bad-cache data could be used before it was
+			initialized, causing an assert. [RT #30025]
+
+3343.	[bug]		Relax isc_random_jitter() REQUIRE tests. [RT #29821]
+
+3342.	[bug]		Change #3314 broke saving of stub zones to disk
+			resulting in excessive cpu usage in some cases.
+			[RT #29952]
+
 	--- 9.4-ESV-R4-P2 released ---
 
 3331.	[security]	dns_rdataslab_fromrdataset could produce bad
Index: src/dist/bind/version
diff -u src/dist/bind/version:1.1.1.4.4.9 src/dist/bind/version:1.1.1.4.4.10
--- src/dist/bind/version:1.1.1.4.4.9	Tue Jun  5 20:01:02 2012
+++ src/dist/bind/version	Tue Jul 24 20:38:38 2012
@@ -1,4 +1,4 @@
-# $Id: version,v 1.1.1.4.4.9 2012/06/05 20:01:02 bouyer Exp $
+# $Id: version,v 1.1.1.4.4.10 2012/07/24 20:38:38 riz Exp $
 #
 # This file must follow /bin/sh rules.  It is imported directly via
 # configure.
@@ -7,4 +7,4 @@ MAJORVER=9
 MINORVER=4
 PATCHVER=
 RELEASETYPE=-ESV
-RELEASEVER=-R4-P2
+RELEASEVER=-R4-P2nb1

Index: src/dist/bind/bin/tests/system/stub/tests.sh
diff -u src/dist/bind/bin/tests/system/stub/tests.sh:1.1.1.3.4.1 src/dist/bind/bin/tests/system/stub/tests.sh:1.1.1.3.4.2
--- src/dist/bind/bin/tests/system/stub/tests.sh:1.1.1.3.4.1	Thu May 17 00:36:53 2007
+++ src/dist/bind/bin/tests/system/stub/tests.sh	Tue Jul 24 20:38:39 2012
@@ -21,19 +21,38 @@ SYSTEMTESTTOP=..
 . $SYSTEMTESTTOP/conf.sh
 
 status=0
+echo "I:check that the stub zone has been saved to disk"
+for i in 1 2 3 4 5 6 7 8 9 20
+do
+	[ -f ns3/child.example.st ] && break
+	sleep 1
+done
+[ -f ns3/child.example.st ] || { status=1;  echo "I:failed"; }
 
-echo "I:trying an axfr that should be denied (NOTAUTH)"
-$DIG +tcp data.child.example. @10.53.0.3 axfr -p 5300 > dig.out.ns3 || status=1
+for pass in 1 2
+do
+
+echo "I:trying an axfr that should be denied (NOTAUTH) (pass=$pass)"
+$DIG +tcp child.example. @10.53.0.3 axfr -p 5300 > dig.out.ns3 || status=1
 grep "; Transfer failed." dig.out.ns3 > /dev/null || status=1
 
-echo "I:look for stub zone data without recursion (should not be found)"
+echo "I:look for stub zone data without recursion (should not be found) (pass=$pass)"
 $DIG +tcp +norec data.child.example. @10.53.0.3 txt -p 5300 > dig.out.ns3 \
 	|| status=1
 $PERL ../digcomp.pl knowngood.dig.out.norec dig.out.ns3 || status=1
 
-echo "I:look for stub zone data with recursion (should be found)"
+echo "I:look for stub zone data with recursion (should be found) (pass=$pass)"
 $DIG +tcp data.child.example. @10.53.0.3 txt -p 5300 > dig.out.ns3 || status=1
 $PERL ../digcomp.pl knowngood.dig.out.rec dig.out.ns3 || status=1
 
+[ $pass = 1 ] && {
+	echo "I:stopping stub server"
+	$PERL $SYSTEMTESTTOP/stop.pl . ns3
+
+	echo "I:re-starting stub server"
+	$PERL $SYSTEMTESTTOP/start.pl --noclean --restart . ns3
+}
+done
+
 echo "I:exit status: $status"
 exit $status

Index: src/dist/bind/lib/dns/resolver.c
diff -u src/dist/bind/lib/dns/resolver.c:1.2.2.7 src/dist/bind/lib/dns/resolver.c:1.2.2.8
--- src/dist/bind/lib/dns/resolver.c:1.2.2.7	Sat Jul 16 00:45:38 2011
+++ src/dist/bind/lib/dns/resolver.c	Tue Jul 24 20:38:39 2012
@@ -1,4 +1,4 @@
-/*        $NetBSD: resolver.c,v 1.2.2.7 2011/07/16 00:45:38 riz Exp $      */
+/*        $NetBSD: resolver.c,v 1.2.2.8 2012/07/24 20:38:39 riz Exp $      */
 
 /*
  * Copyright (C) 2004-2011  Internet Systems Consortium, Inc. ("ISC")
@@ -7625,6 +7625,7 @@ dns_resolver_addbadcache(dns_resolver_t 
 		}
 		bad->type = type;
 		bad->hashval = hashval;
+		bad->expire = *expire;
 		isc_buffer_init(&buffer, bad + 1, name->length);
 		dns_name_init(&bad->name, NULL);
 		dns_name_copy(name, &bad->name, &buffer);
@@ -7636,8 +7637,8 @@ dns_resolver_addbadcache(dns_resolver_t 
 		if (resolver->badcount < resolver->badhash * 2 &&
 		    resolver->badhash > DNS_BADCACHE_SIZE)
 			resizehash(resolver, &now, ISC_FALSE);
-	}
-	bad->expire = *expire;
+	} else
+		bad->expire = *expire;
  cleanup:
 	UNLOCK(&resolver->lock);
 }

Index: src/dist/bind/lib/dns/zone.c
diff -u src/dist/bind/lib/dns/zone.c:1.1.1.4.4.3 src/dist/bind/lib/dns/zone.c:1.1.1.4.4.4
--- src/dist/bind/lib/dns/zone.c:1.1.1.4.4.3	Sun Jan 23 21:47:40 2011
+++ src/dist/bind/lib/dns/zone.c	Tue Jul 24 20:38:39 2012
@@ -1,4 +1,4 @@
-/*	$NetBSD: zone.c,v 1.1.1.4.4.3 2011/01/23 21:47:40 bouyer Exp $	*/
+/*	$NetBSD: zone.c,v 1.1.1.4.4.4 2012/07/24 20:38:39 riz Exp $	*/
 
 /*
  * Copyright (C) 2004-2009  Internet Systems Consortium, Inc. ("ISC")
@@ -3031,6 +3031,7 @@ zone_maintenance(dns_zone_t *zone) {
 	switch (zone->type) {
 	case dns_zone_master:
 	case dns_zone_slave:
+	case dns_zone_stub:
 		LOCK_ZONE(zone);
 		if (zone->masterfile != NULL &&
 		    isc_time_compare(&now, &zone->dumptime) >= 0 &&
@@ -3351,7 +3352,7 @@ zone_dump(dns_zone_t *zone, isc_boolean_
 		goto fail;
 	}
 
-	if (compact) {
+	if (compact && zone->type != dns_zone_stub) {
 		dns_zone_t *dummy = NULL;
 		LOCK_ZONE(zone);
 		zone_iattach(zone, &dummy);
@@ -4160,7 +4161,7 @@ stub_callback(isc_task_t *task, isc_even
 	dns_zone_t *zone = NULL;
 	char master[ISC_SOCKADDR_FORMATSIZE];
 	char source[ISC_SOCKADDR_FORMATSIZE];
-	isc_uint32_t nscnt, cnamecnt;
+	isc_uint32_t nscnt, cnamecnt, refresh, retry, expire;
 	isc_result_t result;
 	isc_time_t now;
 	isc_boolean_t exiting = ISC_FALSE;
@@ -4310,22 +4311,36 @@ stub_callback(isc_task_t *task, isc_even
 	ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_write);
 	if (zone->db == NULL)
 		zone_attachdb(zone, stub->db);
+	result = zone_get_from_db(zone, zone->db, NULL, NULL, NULL, &refresh,
+				 &retry, &expire, NULL, NULL);
+	if (result == ISC_R_SUCCESS) {
+		zone->refresh = RANGE(refresh, zone->minrefresh,
+				      zone->maxrefresh);
+		zone->retry = RANGE(retry, zone->minretry, zone->maxretry);
+		zone->expire = RANGE(expire, zone->refresh + zone->retry,
+				     DNS_MAX_EXPIRE);
+		DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_HAVETIMERS);
+	}
 	ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_write);
 	dns_db_detach(&stub->db);
 
-	if (zone->masterfile != NULL) {
-		dns_zone_dump(zone);
-		TIME_NOW(&zone->loadtime);
-	}
 
 	dns_message_destroy(&msg);
 	isc_event_free(&event);
 	LOCK_ZONE(zone);
 	dns_request_destroy(&zone->request);
+
 	DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_REFRESH);
+	DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_LOADED);
 	DNS_ZONE_JITTER_ADD(&now, zone->refresh, &zone->refreshtime);
 	isc_interval_set(&i, zone->expire, 0);
 	DNS_ZONE_TIME_ADD(&now, zone->expire, &zone->expiretime);
+
+	if (zone->masterfile != NULL) {
+		dns_zone_dump(zone);
+		TIME_NOW(&zone->loadtime);
+	}
+
 	zone_settimer(zone, &now);
 	UNLOCK_ZONE(zone);
 	goto free_stub;

Index: src/dist/bind/lib/isc/random.c
diff -u src/dist/bind/lib/isc/random.c:1.1.1.3.4.2 src/dist/bind/lib/isc/random.c:1.1.1.3.4.3
--- src/dist/bind/lib/isc/random.c:1.1.1.3.4.2	Sun Jan 23 21:47:43 2011
+++ src/dist/bind/lib/isc/random.c	Tue Jul 24 20:38:40 2012
@@ -1,4 +1,4 @@
-/*	$NetBSD: random.c,v 1.1.1.3.4.2 2011/01/23 21:47:43 bouyer Exp $	*/
+/*	$NetBSD: random.c,v 1.1.1.3.4.3 2012/07/24 20:38:40 riz Exp $	*/
 
 /*
  * Copyright (C) 2004, 2005, 2009  Internet Systems Consortium, Inc. ("ISC")
@@ -105,7 +105,7 @@ isc_uint32_t
 isc_random_jitter(isc_uint32_t max, isc_uint32_t jitter) {
 	isc_uint32_t rnd;
 
-	REQUIRE(jitter < max);
+	REQUIRE(jitter < max || (jitter == 0 && max == 0));
 
 	if (jitter == 0)
 		return (max);

CVS commit: [netbsd-4] src/dist/bind

Reply via email to