net-dns/djbdns/files/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries-ipv6.patch

   1 diff -urNp a/Makefile b/Makefile
   2 --- a/Makefile  2009-03-19 11:01:40.782348427 -0700
   3 +++ b/Makefile  2009-03-19 11:05:27.659346849 -0700
   4 @@ -342,11 +342,11 @@ stralloc.h iopause.h taia.h tai.h uint64
   5         ./compile dns_txt.c
   6
   7  dnscache: \
   8 -load dnscache.o droproot.o okclient.o log.o cache.o query.o \
   9 +load dnscache.o droproot.o okclient.o log.o cache.o query.o qmerge.o \
  10  response.o dd.o roots.o iopause.o prot.o dns.a env.a alloc.a buffer.a \
  11  libtai.a unix.a byte.a socket.lib
  12         ./load dnscache droproot.o okclient.o log.o cache.o \
  13 -       query.o response.o dd.o roots.o iopause.o prot.o dns.a \
  14 +       query.o qmerge.o response.o dd.o roots.o iopause.o prot.o dns.a \
  15         env.a alloc.a buffer.a libtai.a unix.a byte.a  `cat \
  16         socket.lib`
  17
  18 @@ -367,7 +367,7 @@ compile dnscache.c env.h exit.h scan.h s
  19  uint16.h uint64.h socket.h uint16.h dns.h stralloc.h gen_alloc.h \
  20  iopause.h taia.h tai.h uint64.h taia.h taia.h byte.h roots.h fmt.h \
  21  iopause.h query.h dns.h uint32.h alloc.h response.h uint32.h cache.h \
  22 -uint32.h uint64.h ndelay.h log.h uint64.h okclient.h droproot.h
  23 +uint32.h uint64.h ndelay.h log.h uint64.h okclient.h droproot.h maxclient.h
  24         ./compile dnscache.c
  25
  26  dnsfilter: \
  27 @@ -745,11 +745,16 @@ qlog.o: \
  28  compile qlog.c buffer.h qlog.h uint16.h
  29         ./compile qlog.c
  30
  31 +qmerge.o: \
  32 +compile qmerge.c qmerge.h dns.h stralloc.h gen_alloc.h iopause.h \
  33 +taia.h tai.h uint64.h log.h maxclient.h
  34 +       ./compile qmerge.c
  35 +
  36  query.o: \
  37  compile query.c error.h roots.h log.h uint64.h case.h cache.h \
  38  uint32.h uint64.h byte.h dns.h stralloc.h gen_alloc.h iopause.h \
  39  taia.h tai.h uint64.h taia.h uint64.h uint32.h uint16.h dd.h alloc.h \
  40 -response.h uint32.h query.h dns.h uint32.h
  41 +response.h uint32.h query.h dns.h uint32.h qmerge.h
  42         ./compile query.c
  43
  44  random-ip: \
  45 diff -urNp a/dnscache.c b/dnscache.c
  46 --- a/dnscache.c        2009-03-19 11:01:40.786597556 -0700
  47 +++ b/dnscache.c        2009-03-19 11:05:27.675225701 -0700
  48 @@ -23,6 +23,7 @@
  49  #include "log.h"
  50  #include "okclient.h"
  51  #include "droproot.h"
  52 +#include "maxclient.h"
  53
  54  long interface;
  55
  56 @@ -59,7 +60,6 @@ uint64 numqueries = 0;
  57
  58  static int udp53;
  59
  60 -#define MAXUDP 200
  61  static struct udpclient {
  62    struct query q;
  63    struct taia start;
  64 @@ -136,7 +136,6 @@ void u_new(void)
  65
  66  static int tcp53;
  67
  68 -#define MAXTCP 20
  69  struct tcpclient {
  70    struct query q;
  71    struct taia start;
  72 diff -urNp a/log.c b/log.c
  73 --- a/log.c     2009-03-19 11:01:40.791597427 -0700
  74 +++ b/log.c     2009-03-19 11:05:27.676224153 -0700
  75 @@ -149,6 +149,13 @@ void log_tx(const char *q,const char qty
  76    line();
  77  }
  78
  79 +void log_tx_piggyback(const char *q, const char qtype[2], const char *control)
  80 +{
  81 +  string("txpb ");
  82 +  logtype(qtype); space(); name(q); space(); name(control);
  83 +  line();
  84 +}
  85 +
  86  void log_cachedanswer(const char *q,const char type[2])
  87  {
  88    string("cached "); logtype(type); space();
  89 diff -urNp a/log.h b/log.h
  90 --- a/log.h     2001-02-11 13:11:45.000000000 -0800
  91 +++ b/log.h     2009-03-19 11:05:27.676224153 -0700
  92 @@ -18,6 +18,7 @@ extern void log_cachednxdomain(const cha
  93  extern void log_cachedns(const char *,const char *);
  94
  95  extern void log_tx(const char *,const char *,const char *,const char *,unsigned int);
  96 +extern void log_tx_piggyback(const char *,const char *,const char *);
  97
  98  extern void log_nxdomain(const char *,const char *,unsigned int);
  99  extern void log_nodata(const char *,const char *,const char *,unsigned int);
 100 diff -urNp a/maxclient.h b/maxclient.h
 101 --- a/maxclient.h       1969-12-31 16:00:00.000000000 -0800
 102 +++ b/maxclient.h       2009-03-19 11:05:27.676224153 -0700
 103 @@ -0,0 +1,7 @@
 104 +#ifndef MAXCLIENT_H
 105 +#define MAXCLIENT_H
 106 +
 107 +#define MAXUDP 200
 108 +#define MAXTCP 20
 109 +
 110 +#endif /* MAXCLIENT_H */
 111 diff -urNp a/qmerge.c b/qmerge.c
 112 --- a/qmerge.c  1969-12-31 16:00:00.000000000 -0800
 113 +++ b/qmerge.c  2009-03-19 11:05:27.677221627 -0700
 114 @@ -0,0 +1,115 @@
 115 +#include "qmerge.h"
 116 +#include "byte.h"
 117 +#include "log.h"
 118 +#include "maxclient.h"
 119 +
 120 +#define QMERGE_MAX (MAXUDP+MAXTCP)
 121 +struct qmerge inprogress[QMERGE_MAX];
 122 +
 123 +static
 124 +int qmerge_key_init(struct qmerge_key *qmk, const char *q, const char qtype[2],
 125 +    const char *control)
 126 +{
 127 +  if (!dns_domain_copy(&qmk->q, q)) return 0;
 128 +  byte_copy(qmk->qtype, 2, qtype);
 129 +  if (!dns_domain_copy(&qmk->control, control)) return 0;
 130 +  return 1;
 131 +}
 132 +
 133 +static
 134 +int qmerge_key_equal(struct qmerge_key *a, struct qmerge_key *b)
 135 +{
 136 +  return
 137 +    byte_equal(a->qtype, 2, b->qtype) &&
 138 +    dns_domain_equal(a->q, b->q) &&
 139 +    dns_domain_equal(a->control, b->control);
 140 +}
 141 +
 142 +static
 143 +void qmerge_key_free(struct qmerge_key *qmk)
 144 +{
 145 +  dns_domain_free(&qmk->q);
 146 +  dns_domain_free(&qmk->control);
 147 +}
 148 +
 149 +void qmerge_free(struct qmerge **x)
 150 +{
 151 +  struct qmerge *qm;
 152 +
 153 +  qm = *x;
 154 +  *x = 0;
 155 +  if (!qm || !qm->active) return;
 156 +
 157 +  qm->active--;
 158 +  if (!qm->active) {
 159 +    qmerge_key_free(&qm->key);
 160 +    dns_transmit_free(&qm->dt);
 161 +  }
 162 +}
 163 +
 164 +int qmerge_start(struct qmerge **qm, const char servers[64], int flagrecursive,
 165 +    const char *q, const char qtype[2], const char localip[4],
 166 +    const char *control)
 167 +{
 168 +  struct qmerge_key k;
 169 +  int i;
 170 +  int r;
 171 +
 172 +  qmerge_free(qm);
 173 +
 174 +  byte_zero(&k, sizeof k);
 175 +  if (!qmerge_key_init(&k, q, qtype, control)) return -1;
 176 +  for (i = 0; i < QMERGE_MAX; i++) {
 177 +    if (!inprogress[i].active) continue;
 178 +    if (!qmerge_key_equal(&k, &inprogress[i].key)) continue;
 179 +    log_tx_piggyback(q, qtype, control);
 180 +    inprogress[i].active++;
 181 +    *qm = &inprogress[i];
 182 +    qmerge_key_free(&k);
 183 +    return 0;
 184 +  }
 185 +
 186 +  for (i = 0; i < QMERGE_MAX; i++)
 187 +    if (!inprogress[i].active)
 188 +      break;
 189 +  if (i == QMERGE_MAX) return -1;
 190 +
 191 +  log_tx(q, qtype, control, servers, 0);
 192 +  r = dns_transmit_start(&inprogress[i].dt, servers, flagrecursive, q, qtype, localip);
 193 +  if (r == -1) { qmerge_key_free(&k); return -1; }
 194 +  inprogress[i].active++;
 195 +  inprogress[i].state = 0;
 196 +  qmerge_key_free(&inprogress[i].key);
 197 +  byte_copy(&inprogress[i].key, sizeof k, &k);
 198 +  *qm = &inprogress[i];
 199 +  return 0;
 200 +}
 201 +
 202 +void qmerge_io(struct qmerge *qm, iopause_fd *io, struct taia *deadline)
 203 +{
 204 +  if (qm->state == 0) {
 205 +    dns_transmit_io(&qm->dt, io, deadline);
 206 +    qm->state = 1;
 207 +  }
 208 +  else {
 209 +    io->fd = -1;
 210 +    io->events = 0;
 211 +  }
 212 +}
 213 +
 214 +int qmerge_get(struct qmerge **x, const iopause_fd *io, const struct taia *when)
 215 +{
 216 +  int r;
 217 +  struct qmerge *qm;
 218 +
 219 +  qm = *x;
 220 +  if (qm->state == -1) return -1; /* previous error */
 221 +  if (qm->state == 0) return 0; /* no packet */
 222 +  if (qm->state == 2) return 1; /* already got packet */
 223 +
 224 +  r = dns_transmit_get(&qm->dt, io, when);
 225 +  if (r == -1) { qm->state = -1; return -1; } /* error */
 226 +  if (r == 0) { qm->state = 0; return 0; } /* must wait for i/o */
 227 +  if (r == 1) { qm->state = 2; return 1; } /* got packet */
 228 +  return -1; /* bug */
 229 +}
 230 diff -urNp a/qmerge.h b/qmerge.h
 231 --- a/qmerge.h  1969-12-31 16:00:00.000000000 -0800
 232 +++ b/qmerge.h  2009-03-19 11:05:27.678227481 -0700
 233 @@ -0,0 +1,24 @@
 234 +#ifndef QMERGE_H
 235 +#define QMERGE_H
 236 +
 237 +#include "dns.h"
 238 +
 239 +struct qmerge_key {
 240 +  char *q;
 241 +  char qtype[2];
 242 +  char *control;
 243 +};
 244 +
 245 +struct qmerge {
 246 +  int active;
 247 +  struct qmerge_key key;
 248 +  struct dns_transmit dt;
 249 +  int state; /* -1 = error, 0 = need io, 1 = need get, 2 = got packet */
 250 +};
 251 +
 252 +extern int qmerge_start(struct qmerge **,const char *,int,const char *,const char *,const char *,const char *);
 253 +extern void qmerge_io(struct qmerge *,iopause_fd *,struct taia *);
 254 +extern int qmerge_get(struct qmerge **,const iopause_fd *,const struct taia *);
 255 +extern void qmerge_free(struct qmerge **);
 256 +
 257 +#endif /* QMERGE_H */
 258 diff -urNp a/query.c b/query.c
 259 --- a/query.c   2009-03-19 11:01:40.792597346 -0700
 260 +++ b/query.c   2009-03-19 11:24:43.152221609 -0700
 261 @@ -84,7 +84,7 @@ static void cleanup(struct query *z)
 262    int j;
 263    int k;
 264
 265 -  dns_transmit_free(&z->dt);
 266 +  qmerge_free(&z->qm);
 267    for (j = 0;j < QUERY_MAXALIAS;++j)
 268      dns_domain_free(&z->alias[j]);
 269    for (j = 0;j < QUERY_MAXLEVEL;++j) {
 270 @@ -619,14 +619,8 @@ static int doit(struct query *z,int stat
 271    if (j == 256) goto SERVFAIL;
 272
 273    dns_sortip6(z->servers[z->level],256);
 274 -  if (z->level) {
 275 -    log_tx(z->name[z->level],DNS_T_A,z->control[z->level],z->servers[z->level],z->level);
 276 -    if (dns_transmit_start(&z->dt,z->servers[z->level],flagforwardonly,z->name[z->level],DNS_T_A,z->localip) == -1) goto DIE;
 277 -  }
 278 -  else {
 279 -    log_tx(z->name[0],z->type,z->control[0],z->servers[0],0);
 280 -    if (dns_transmit_start(&z->dt,z->servers[0],flagforwardonly,z->name[0],z->type,z->localip) == -1) goto DIE;
 281 -  }
 282 +  dtype = z->level ? DNS_T_A : z->type;
 283 +  if (qmerge_start(&z->qm,z->servers[z->level],flagforwardonly,z->name[z->level],dtype,z->localip,z->control[z->level]) == -1) goto DIE;
 284    return 0;
 285
 286
 287 @@ -640,10 +634,10 @@ static int doit(struct query *z,int stat
 288
 289    HAVEPACKET:
 290    if (++z->loop == 100) goto DIE;
 291 -  buf = z->dt.packet;
 292 -  len = z->dt.packetlen;
 293 +  buf = z->qm->dt.packet;
 294 +  len = z->qm->dt.packetlen;
 295
 296 -  whichserver = z->dt.servers + 16 * z->dt.curserver;
 297 +  whichserver = z->qm->dt.servers + 16 * z->qm->dt.curserver;
 298    control = z->control[z->level];
 299    d = z->name[z->level];
 300    dtype = z->level ? DNS_T_A : z->type;
 301 @@ -1050,7 +1044,7 @@ int query_start(struct query *z,char *dn
 302
 303  int query_get(struct query *z,iopause_fd *x,struct taia *stamp)
 304  {
 305 -  switch(dns_transmit_get(&z->dt,x,stamp)) {
 306 +  switch(qmerge_get(&z->qm,x,stamp)) {
 307      case 1:
 308        return doit(z,1);
 309      case -1:
 310 @@ -1061,5 +1055,5 @@ int query_get(struct query *z,iopause_fd
 311
 312  void query_io(struct query *z,iopause_fd *x,struct taia *deadline)
 313  {
 314 -  dns_transmit_io(&z->dt,x,deadline);
 315 +  qmerge_io(z->qm,x,deadline);
 316  }
 317 diff -urNp a/query.h b/query.h
 318 --- a/query.h   2009-03-19 11:01:40.793597403 -0700
 319 +++ b/query.h   2009-03-19 11:05:27.681222487 -0700
 320 @@ -1,7 +1,7 @@
 321  #ifndef QUERY_H
 322  #define QUERY_H
 323
 324 -#include "dns.h"
 325 +#include "qmerge.h"
 326  #include "uint32.h"
 327
 328  #define QUERY_MAXLEVEL 5
 329 @@ -21,7 +21,7 @@ struct query {
 330    uint32 scope_id;
 331    char type[2];
 332    char class[2];
 333 -  struct dns_transmit dt;
 334 +  struct qmerge *qm;
 335  } ;
 336
 337  extern int query_start(struct query *,char *,char *,char *,char *,unsigned int);