X-Git-Url: http://gitweb.michael.orlitzky.com/?a=blobdiff_plain;f=net-dns%2Fdjbdns%2Ffiles%2FCVE2008-4392_0002-dnscache-cache-soa-records-ipv6.patch;fp=net-dns%2Fdjbdns%2Ffiles%2FCVE2008-4392_0002-dnscache-cache-soa-records-ipv6.patch;h=0000000000000000000000000000000000000000;hb=a5130c208f29b295e61610f0dbcb7d5dc9f5fa47;hp=d5b9c10d64d3014b716ccca1fd4a753a15f005dc;hpb=11b01ca39711632b1ccc4070d516af238b73292d;p=mjo-overlay.git

diff --git a/net-dns/djbdns/files/CVE2008-4392_0002-dnscache-cache-soa-records-ipv6.patch b/net-dns/djbdns/files/CVE2008-4392_0002-dnscache-cache-soa-records-ipv6.patch
deleted file mode 100644
index d5b9c10..0000000
--- a/net-dns/djbdns/files/CVE2008-4392_0002-dnscache-cache-soa-records-ipv6.patch
+++ /dev/null
@@ -1,68 +0,0 @@
-diff -urNp a/query.c b/query.c
---- a/query.c	2009-03-19 11:35:28.452472164 -0700
-+++ b/query.c	2009-03-19 11:59:19.798221593 -0700
-@@ -476,6 +476,29 @@ static int doit(struct query *z,int stat
-       }
-     }
- 
-+    if (typematch(DNS_T_SOA,dtype)) {
-+      byte_copy(key,2,DNS_T_SOA);
-+      cached = cache_get(key,dlen + 2,&cachedlen,&ttl);
-+      if (cached && (cachedlen || byte_diff(dtype,2,DNS_T_ANY))) {
-+        log_cachedanswer(d,DNS_T_SOA);
-+        if (!rqa(z)) goto DIE;
-+        pos = 0;
-+        while (pos = dns_packet_copy(cached,cachedlen,pos,misc,20)) {
-+          pos = dns_packet_getname(cached,cachedlen,pos,&t2);
-+          if (!pos) break;
-+          pos = dns_packet_getname(cached,cachedlen,pos,&t3);
-+          if (!pos) break;
-+          if (!response_rstart(d,DNS_T_SOA,ttl)) goto DIE;
-+          if (!response_addname(t2)) goto DIE;
-+          if (!response_addname(t3)) goto DIE;
-+          if (!response_addbytes(misc,20)) goto DIE;
-+          response_rfinish(RESPONSE_ANSWER);
-+        }
-+        cleanup(z);
-+        return 1;
-+      }
-+    }
-+
-     if (typematch(DNS_T_A,dtype)) {
-       byte_copy(key,2,DNS_T_A);
-       cached = cache_get(key,dlen + 2,&cachedlen,&ttl);
-@@ -541,7 +564,7 @@ static int doit(struct query *z,int stat
-       }
-     }
- 
--    if (!typematch(DNS_T_ANY,dtype) && !typematch(DNS_T_AXFR,dtype) && !typematch(DNS_T_CNAME,dtype) && !typematch(DNS_T_NS,dtype) && !typematch(DNS_T_PTR,dtype) && !typematch(DNS_T_A,dtype) && !typematch(DNS_T_MX,dtype) && !typematch(DNS_T_AAAA,dtype)) {
-+    if (!typematch(DNS_T_ANY,dtype) && !typematch(DNS_T_AXFR,dtype) && !typematch(DNS_T_CNAME,dtype) && !typematch(DNS_T_NS,dtype) && !typematch(DNS_T_PTR,dtype) && !typematch(DNS_T_A,dtype) && !typematch(DNS_T_MX,dtype) && !typematch(DNS_T_SOA,dtype) && !typematch(DNS_T_AAAA,dtype)) {
-       byte_copy(key,2,dtype);
-       cached = cache_get(key,dlen + 2,&cachedlen,&ttl);
-       if (cached && (cachedlen || byte_diff(dtype,2,DNS_T_ANY))) {
-@@ -769,15 +792,24 @@ static int doit(struct query *z,int stat
-     else if (byte_equal(type,2,DNS_T_AXFR))
-       ;
-     else if (byte_equal(type,2,DNS_T_SOA)) {
-+      int non_authority = 0;
-+      save_start();
-       while (i < j) {
-         pos = dns_packet_skipname(buf,len,records[i]); if (!pos) goto DIE;
-         pos = dns_packet_getname(buf,len,pos + 10,&t2); if (!pos) goto DIE;
-         pos = dns_packet_getname(buf,len,pos,&t3); if (!pos) goto DIE;
-         pos = dns_packet_copy(buf,len,pos,misc,20); if (!pos) goto DIE;
--        if (records[i] < posauthority)
-+        if (records[i] < posauthority) {
-           log_rrsoa(whichserver,t1,t2,t3,misc,ttl);
-+          save_data(misc,20);
-+          save_data(t2,dns_domain_length(t2));
-+          save_data(t3,dns_domain_length(t3));
-+          non_authority++;
-+        }
-         ++i;
-       }
-+      if (non_authority)
-+        save_finish(DNS_T_SOA,t1,ttl);
-     }
-     else if (byte_equal(type,2,DNS_T_CNAME)) {
-       pos = dns_packet_skipname(buf,len,records[j - 1]); if (!pos) goto DIE;