summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDoug Barton <dougb@FreeBSD.org>2002-11-17 08:36:20 +0000
committerDoug Barton <dougb@FreeBSD.org>2002-11-17 08:36:20 +0000
commit5664d0b5e14b27f69c74a6d9eaef0120987d1463 (patch)
treef3d4daec129abd02e5fa012ba5f55f258ba82a8c
parentupgrade to version 0.7.0 (diff)
Upgrade to version 8.3.4, which simply cleans up and slightly
improves the security patches released for 8.3.3.
Notes
Notes: svn path=/head/; revision=70293
-rw-r--r--dns/bind8/Makefile3
-rw-r--r--dns/bind8/distinfo4
-rw-r--r--dns/bind8/files/patch-bind833.diff234
-rw-r--r--net/bind8/Makefile3
-rw-r--r--net/bind8/distinfo4
-rw-r--r--net/bind8/files/patch-bind833.diff234
6 files changed, 6 insertions, 476 deletions
diff --git a/dns/bind8/Makefile b/dns/bind8/Makefile
index e456cc4aaf48..62cbc9e3be87 100644
--- a/dns/bind8/Makefile
+++ b/dns/bind8/Makefile
@@ -11,8 +11,7 @@
# you can generally build it cleanly from the source. - Doug
PORTNAME= bind
-PORTVERSION= 8.3.3
-PORTREVISION= 1
+PORTVERSION= 8.3.4
CATEGORIES?= net
MASTER_SITES= ${MASTER_SITE_ISC}
MASTER_SITE_SUBDIR= bind/src/${PORTVERSION}
diff --git a/dns/bind8/distinfo b/dns/bind8/distinfo
index a588e5bdbde1..c74316625a63 100644
--- a/dns/bind8/distinfo
+++ b/dns/bind8/distinfo
@@ -1,2 +1,2 @@
-MD5 (bind-8.3.3/bind-src.tar.gz) = 4e904fdc3d908294147054276eba4064
-MD5 (bind-8.3.3/bind-doc.tar.gz) = b5b09e7c00709ee4cd550aff3a21e958
+MD5 (bind-8.3.4/bind-src.tar.gz) = 214a5116782f439534b9d47cba88d44b
+MD5 (bind-8.3.4/bind-doc.tar.gz) = d1c7b87c2575e14e76223d1e89c5568a
diff --git a/dns/bind8/files/patch-bind833.diff b/dns/bind8/files/patch-bind833.diff
deleted file mode 100644
index 23b32b9b426e..000000000000
--- a/dns/bind8/files/patch-bind833.diff
+++ /dev/null
@@ -1,234 +0,0 @@
-diff -ur src-patched/CHANGES src/CHANGES
---- src-patched/CHANGES Wed Jun 26 21:25:08 2002
-+++ src/CHANGES Wed Nov 13 22:11:17 2002
-@@ -1,3 +1,23 @@
-+1469. [bug] buffer length calculation for PX was wrong.
-+
-+1468. [bug] ns_name_ntol() could overwite a zero length buffer.
-+
-+1467. [bug] off by one bug in ns_makecannon().
-+
-+1466. [bug] large ENDS UDP buffer size could trigger a assertion.
-+
-+1465. [bug] possible NULL pointer dereference in db_sec.c
-+
-+1464. [bug] the buffer used to construct the -ve record was not
-+ big enough for all possible SOA records. use pointer
-+ arithmetic to calculate the remaining size in this
-+ buffer.
-+
-+1463. [bug] use serial space arithmetic to determine if a SIG is
-+ too old, in the future or has internally constistant
-+ times.
-+
-+1462. [bug] write buffer overflow in make_rr().
-
- --- 8.3.3-REL released --- (Wed Jun 26 21:15:43 PDT 2002)
-
-diff -ur src-patched/bin/named/db_defs.h src/bin/named/db_defs.h
---- src-patched/bin/named/db_defs.h Fri May 17 18:02:53 2002
-+++ src/bin/named/db_defs.h Wed Nov 13 22:11:17 2002
-@@ -78,7 +78,7 @@
- */
-
- /* max length of data in RR data field */
--#define MAXDATA (2*MAXDNAME + 5*INT32SZ)
-+#define MAXDATA (3*MAXDNAME + 5*INT32SZ)
-
- /* max length of data in a TXT RR segment */
- #define MAXCHARSTRING 255
-diff -ur src-patched/bin/named/db_sec.c src/bin/named/db_sec.c
---- src-patched/bin/named/db_sec.c Mon Jun 18 07:42:57 2001
-+++ src/bin/named/db_sec.c Wed Nov 13 22:11:17 2002
-@@ -479,7 +479,9 @@
- struct sig_record *sigdata;
- struct dnode *sigdn;
- struct databuf *sigdp;
-- time_t now;
-+ u_int32_t now;
-+ u_int32_t exptime;
-+ u_int32_t signtime;
- char *signer;
- u_char name_n[MAXDNAME];
- u_char *sig, *eom;
-@@ -492,6 +494,7 @@
- int dnssec_failed = 0, dnssec_succeeded = 0;
- int return_value;
- int i;
-+ int expired = 0;
-
- if (rrset == NULL || rrset->rr_name == NULL) {
- ns_warning (ns_log_default, "verify_set: missing rrset/name");
-@@ -527,11 +530,14 @@
- * Don't verify a set if the SIG inception time is in
- * the future. This should be fixed before 2038 (BEW)
- */
-- if ((time_t)ntohl(sigdata->sig_time_n) > now)
-+ signtime = ntohl(sigdata->sig_time_n);
-+ if (SEQ_GT(signtime, now))
- continue;
-
- /* An expired set is dropped, but the data is not. */
-- if ((time_t)ntohl(sigdata->sig_exp_n) < now) {
-+ exptime = ntohl(sigdata->sig_exp_n);
-+ if (SEQ_GT(now, exptime)) {
-+ expired++;
- db_detach(&sigdn->dp);
- sigdp = NULL;
- continue;
-@@ -723,7 +729,7 @@
- }
-
- end:
-- if (dnssec_failed > 0)
-+ if (dnssec_failed > 0 || expired > 0)
- rrset_trim_sigs(rrset);
- if (trustedkey == 0 && key != NULL)
- dst_free_key(key);
-diff -ur src-patched/bin/named/ns_defs.h src/bin/named/ns_defs.h
---- src-patched/bin/named/ns_defs.h Tue Jun 25 20:27:19 2002
-+++ src/bin/named/ns_defs.h Wed Nov 13 22:11:17 2002
-@@ -469,7 +469,7 @@
- q_cmsglen, /* len of cname message */
- q_cmsgsize; /* allocated size of cname message */
- int16_t q_dfd; /* UDP file descriptor */
-- int16_t q_udpsize; /* UDP message size */
-+ u_int16_t q_udpsize; /* UDP message size */
- int q_distance; /* distance this query is from the
- * original query that the server
- * received. */
-diff -ur src-patched/bin/named/ns_ncache.c src/bin/named/ns_ncache.c
---- src-patched/bin/named/ns_ncache.c Mon Jun 18 07:43:16 2001
-+++ src/bin/named/ns_ncache.c Wed Nov 13 22:11:17 2002
-@@ -66,7 +66,7 @@
- u_int16_t atype;
- u_char *sp, *cp1;
- u_char data[MAXDATA];
-- size_t len = sizeof data;
-+ u_char *eod = data + sizeof(data);
- #endif
-
- nameserIncr(from.sin_addr, nssRcvdNXD);
-@@ -186,7 +186,7 @@
- rdatap = cp;
-
- /* origin */
-- n = dn_expand(msg, msg + msglen, cp, (char*)data, len);
-+ n = dn_expand(msg, msg + msglen, cp, (char*)data, eod - data);
- if (n < 0) {
- ns_debug(ns_log_ncache, 3,
- "ncache: origin form error");
-@@ -195,9 +195,8 @@
- cp += n;
- n = strlen((char*)data) + 1;
- cp1 = data + n;
-- len -= n;
- /* mail */
-- n = dn_expand(msg, msg + msglen, cp, (char*)cp1, len);
-+ n = dn_expand(msg, msg + msglen, cp, (char*)cp1, eod - cp1);
- if (n < 0) {
- ns_debug(ns_log_ncache, 3, "ncache: mail form error");
- return;
-@@ -205,20 +204,20 @@
- cp += n;
- n = strlen((char*)cp1) + 1;
- cp1 += n;
-- len -= n;
- n = 5 * INT32SZ;
-+ if (n > (eod - cp1)) /* Can't happen. See MAXDATA. */
-+ return;
- BOUNDS_CHECK(cp, n);
- memcpy(cp1, cp, n);
- /* serial, refresh, retry, expire, min */
- cp1 += n;
-- len -= n;
- cp += n;
- if (cp != rdatap + dlen) {
- ns_debug(ns_log_ncache, 3, "ncache: form error");
- return;
- }
- /* store the zone of the soa record */
-- n = dn_expand(msg, msg + msglen, sp, (char*)cp1, len);
-+ n = dn_expand(msg, msg + msglen, sp, (char*)cp1, eod - cp1);
- if (n < 0) {
- ns_debug(ns_log_ncache, 3, "ncache: form error 2");
- return;
-diff -ur src-patched/bin/named/ns_req.c src/bin/named/ns_req.c
---- src-patched/bin/named/ns_req.c Sun May 12 16:41:52 2002
-+++ src/bin/named/ns_req.c Wed Nov 13 22:11:17 2002
-@@ -2195,7 +2195,7 @@
-
- /* first just copy over the type_covered, algorithm, */
- /* labels, orig ttl, two timestamps, and the footprint */
-- if ((dp->d_size - 18) > buflen)
-+ if (buflen < 18)
- goto cleanup; /* out of room! */
- memcpy(cp, cp1, 18);
- cp += 18;
-diff -ur src-patched/bin/named/ns_resp.c src/bin/named/ns_resp.c
---- src-patched/bin/named/ns_resp.c Wed Jun 26 20:09:19 2002
-+++ src/bin/named/ns_resp.c Wed Nov 13 22:11:17 2002
-@@ -2001,7 +2001,7 @@
- * to BOUNDS_CHECK() here.
- */
- cp1 += (n = strlen((char *)cp1) + 1);
-- n1 = sizeof(data) - n;
-+ n1 = sizeof(data) - n - INT16SZ;
- n = dn_expand(msg, eom, cp, (char *)cp1, n1);
- if (n < 0) {
- hp->rcode = FORMERR;
-@@ -2043,8 +2043,18 @@
- ttl = origTTL;
- }
-
-+ /*
-+ * Check that expire and signature times are internally
-+ * consistant.
-+ */
-+ if (!SEQ_GT(exptime, signtime) && exptime != signtime) {
-+ ns_debug(ns_log_default, 3,
-+ "ignoring SIG: signature expires before it was signed");
-+ return ((cp - rrp) + dlen);
-+ }
-+
- /* Don't let bogus signers "sign" in the future. */
-- if (signtime > now) {
-+ if (SEQ_GT(signtime, now)) {
- ns_debug(ns_log_default, 3,
- "ignoring SIG: signature date %s is in the future",
- p_secstodate (signtime));
-@@ -2052,7 +2062,7 @@
- }
-
- /* Ignore received SIG RR's that are already expired. */
-- if (exptime <= now) {
-+ if (SEQ_GT(now, exptime)) {
- ns_debug(ns_log_default, 3,
- "ignoring SIG: expiration %s is in the past",
- p_secstodate (exptime));
-diff -ur src-patched/lib/nameser/ns_name.c src/lib/nameser/ns_name.c
---- src-patched/lib/nameser/ns_name.c Thu May 23 22:10:40 2002
-+++ src/lib/nameser/ns_name.c Wed Nov 13 22:11:17 2002
-@@ -341,6 +341,10 @@
- dn = dst;
- eom = dst + dstsiz;
-
-+ if (dn >= eom) {
-+ errno = EMSGSIZE;
-+ return (-1);
-+ }
- while ((n = *cp++) != 0) {
- if ((n & NS_CMPRSFLGS) == NS_CMPRSFLGS) {
- /* Some kind of compression pointer. */
-diff -ur src-patched/lib/nameser/ns_samedomain.c src/lib/nameser/ns_samedomain.c
---- src-patched/lib/nameser/ns_samedomain.c Fri Oct 15 14:06:51 1999
-+++ src/lib/nameser/ns_samedomain.c Wed Nov 13 22:11:17 2002
-@@ -166,7 +166,7 @@
- ns_makecanon(const char *src, char *dst, size_t dstsize) {
- size_t n = strlen(src);
-
-- if (n + sizeof "." > dstsize) {
-+ if (n + sizeof "." + 1 > dstsize) {
- errno = EMSGSIZE;
- return (-1);
- }
diff --git a/net/bind8/Makefile b/net/bind8/Makefile
index e456cc4aaf48..62cbc9e3be87 100644
--- a/net/bind8/Makefile
+++ b/net/bind8/Makefile
@@ -11,8 +11,7 @@
# you can generally build it cleanly from the source. - Doug
PORTNAME= bind
-PORTVERSION= 8.3.3
-PORTREVISION= 1
+PORTVERSION= 8.3.4
CATEGORIES?= net
MASTER_SITES= ${MASTER_SITE_ISC}
MASTER_SITE_SUBDIR= bind/src/${PORTVERSION}
diff --git a/net/bind8/distinfo b/net/bind8/distinfo
index a588e5bdbde1..c74316625a63 100644
--- a/net/bind8/distinfo
+++ b/net/bind8/distinfo
@@ -1,2 +1,2 @@
-MD5 (bind-8.3.3/bind-src.tar.gz) = 4e904fdc3d908294147054276eba4064
-MD5 (bind-8.3.3/bind-doc.tar.gz) = b5b09e7c00709ee4cd550aff3a21e958
+MD5 (bind-8.3.4/bind-src.tar.gz) = 214a5116782f439534b9d47cba88d44b
+MD5 (bind-8.3.4/bind-doc.tar.gz) = d1c7b87c2575e14e76223d1e89c5568a
diff --git a/net/bind8/files/patch-bind833.diff b/net/bind8/files/patch-bind833.diff
deleted file mode 100644
index 23b32b9b426e..000000000000
--- a/net/bind8/files/patch-bind833.diff
+++ /dev/null
@@ -1,234 +0,0 @@
-diff -ur src-patched/CHANGES src/CHANGES
---- src-patched/CHANGES Wed Jun 26 21:25:08 2002
-+++ src/CHANGES Wed Nov 13 22:11:17 2002
-@@ -1,3 +1,23 @@
-+1469. [bug] buffer length calculation for PX was wrong.
-+
-+1468. [bug] ns_name_ntol() could overwite a zero length buffer.
-+
-+1467. [bug] off by one bug in ns_makecannon().
-+
-+1466. [bug] large ENDS UDP buffer size could trigger a assertion.
-+
-+1465. [bug] possible NULL pointer dereference in db_sec.c
-+
-+1464. [bug] the buffer used to construct the -ve record was not
-+ big enough for all possible SOA records. use pointer
-+ arithmetic to calculate the remaining size in this
-+ buffer.
-+
-+1463. [bug] use serial space arithmetic to determine if a SIG is
-+ too old, in the future or has internally constistant
-+ times.
-+
-+1462. [bug] write buffer overflow in make_rr().
-
- --- 8.3.3-REL released --- (Wed Jun 26 21:15:43 PDT 2002)
-
-diff -ur src-patched/bin/named/db_defs.h src/bin/named/db_defs.h
---- src-patched/bin/named/db_defs.h Fri May 17 18:02:53 2002
-+++ src/bin/named/db_defs.h Wed Nov 13 22:11:17 2002
-@@ -78,7 +78,7 @@
- */
-
- /* max length of data in RR data field */
--#define MAXDATA (2*MAXDNAME + 5*INT32SZ)
-+#define MAXDATA (3*MAXDNAME + 5*INT32SZ)
-
- /* max length of data in a TXT RR segment */
- #define MAXCHARSTRING 255
-diff -ur src-patched/bin/named/db_sec.c src/bin/named/db_sec.c
---- src-patched/bin/named/db_sec.c Mon Jun 18 07:42:57 2001
-+++ src/bin/named/db_sec.c Wed Nov 13 22:11:17 2002
-@@ -479,7 +479,9 @@
- struct sig_record *sigdata;
- struct dnode *sigdn;
- struct databuf *sigdp;
-- time_t now;
-+ u_int32_t now;
-+ u_int32_t exptime;
-+ u_int32_t signtime;
- char *signer;
- u_char name_n[MAXDNAME];
- u_char *sig, *eom;
-@@ -492,6 +494,7 @@
- int dnssec_failed = 0, dnssec_succeeded = 0;
- int return_value;
- int i;
-+ int expired = 0;
-
- if (rrset == NULL || rrset->rr_name == NULL) {
- ns_warning (ns_log_default, "verify_set: missing rrset/name");
-@@ -527,11 +530,14 @@
- * Don't verify a set if the SIG inception time is in
- * the future. This should be fixed before 2038 (BEW)
- */
-- if ((time_t)ntohl(sigdata->sig_time_n) > now)
-+ signtime = ntohl(sigdata->sig_time_n);
-+ if (SEQ_GT(signtime, now))
- continue;
-
- /* An expired set is dropped, but the data is not. */
-- if ((time_t)ntohl(sigdata->sig_exp_n) < now) {
-+ exptime = ntohl(sigdata->sig_exp_n);
-+ if (SEQ_GT(now, exptime)) {
-+ expired++;
- db_detach(&sigdn->dp);
- sigdp = NULL;
- continue;
-@@ -723,7 +729,7 @@
- }
-
- end:
-- if (dnssec_failed > 0)
-+ if (dnssec_failed > 0 || expired > 0)
- rrset_trim_sigs(rrset);
- if (trustedkey == 0 && key != NULL)
- dst_free_key(key);
-diff -ur src-patched/bin/named/ns_defs.h src/bin/named/ns_defs.h
---- src-patched/bin/named/ns_defs.h Tue Jun 25 20:27:19 2002
-+++ src/bin/named/ns_defs.h Wed Nov 13 22:11:17 2002
-@@ -469,7 +469,7 @@
- q_cmsglen, /* len of cname message */
- q_cmsgsize; /* allocated size of cname message */
- int16_t q_dfd; /* UDP file descriptor */
-- int16_t q_udpsize; /* UDP message size */
-+ u_int16_t q_udpsize; /* UDP message size */
- int q_distance; /* distance this query is from the
- * original query that the server
- * received. */
-diff -ur src-patched/bin/named/ns_ncache.c src/bin/named/ns_ncache.c
---- src-patched/bin/named/ns_ncache.c Mon Jun 18 07:43:16 2001
-+++ src/bin/named/ns_ncache.c Wed Nov 13 22:11:17 2002
-@@ -66,7 +66,7 @@
- u_int16_t atype;
- u_char *sp, *cp1;
- u_char data[MAXDATA];
-- size_t len = sizeof data;
-+ u_char *eod = data + sizeof(data);
- #endif
-
- nameserIncr(from.sin_addr, nssRcvdNXD);
-@@ -186,7 +186,7 @@
- rdatap = cp;
-
- /* origin */
-- n = dn_expand(msg, msg + msglen, cp, (char*)data, len);
-+ n = dn_expand(msg, msg + msglen, cp, (char*)data, eod - data);
- if (n < 0) {
- ns_debug(ns_log_ncache, 3,
- "ncache: origin form error");
-@@ -195,9 +195,8 @@
- cp += n;
- n = strlen((char*)data) + 1;
- cp1 = data + n;
-- len -= n;
- /* mail */
-- n = dn_expand(msg, msg + msglen, cp, (char*)cp1, len);
-+ n = dn_expand(msg, msg + msglen, cp, (char*)cp1, eod - cp1);
- if (n < 0) {
- ns_debug(ns_log_ncache, 3, "ncache: mail form error");
- return;
-@@ -205,20 +204,20 @@
- cp += n;
- n = strlen((char*)cp1) + 1;
- cp1 += n;
-- len -= n;
- n = 5 * INT32SZ;
-+ if (n > (eod - cp1)) /* Can't happen. See MAXDATA. */
-+ return;
- BOUNDS_CHECK(cp, n);
- memcpy(cp1, cp, n);
- /* serial, refresh, retry, expire, min */
- cp1 += n;
-- len -= n;
- cp += n;
- if (cp != rdatap + dlen) {
- ns_debug(ns_log_ncache, 3, "ncache: form error");
- return;
- }
- /* store the zone of the soa record */
-- n = dn_expand(msg, msg + msglen, sp, (char*)cp1, len);
-+ n = dn_expand(msg, msg + msglen, sp, (char*)cp1, eod - cp1);
- if (n < 0) {
- ns_debug(ns_log_ncache, 3, "ncache: form error 2");
- return;
-diff -ur src-patched/bin/named/ns_req.c src/bin/named/ns_req.c
---- src-patched/bin/named/ns_req.c Sun May 12 16:41:52 2002
-+++ src/bin/named/ns_req.c Wed Nov 13 22:11:17 2002
-@@ -2195,7 +2195,7 @@
-
- /* first just copy over the type_covered, algorithm, */
- /* labels, orig ttl, two timestamps, and the footprint */
-- if ((dp->d_size - 18) > buflen)
-+ if (buflen < 18)
- goto cleanup; /* out of room! */
- memcpy(cp, cp1, 18);
- cp += 18;
-diff -ur src-patched/bin/named/ns_resp.c src/bin/named/ns_resp.c
---- src-patched/bin/named/ns_resp.c Wed Jun 26 20:09:19 2002
-+++ src/bin/named/ns_resp.c Wed Nov 13 22:11:17 2002
-@@ -2001,7 +2001,7 @@
- * to BOUNDS_CHECK() here.
- */
- cp1 += (n = strlen((char *)cp1) + 1);
-- n1 = sizeof(data) - n;
-+ n1 = sizeof(data) - n - INT16SZ;
- n = dn_expand(msg, eom, cp, (char *)cp1, n1);
- if (n < 0) {
- hp->rcode = FORMERR;
-@@ -2043,8 +2043,18 @@
- ttl = origTTL;
- }
-
-+ /*
-+ * Check that expire and signature times are internally
-+ * consistant.
-+ */
-+ if (!SEQ_GT(exptime, signtime) && exptime != signtime) {
-+ ns_debug(ns_log_default, 3,
-+ "ignoring SIG: signature expires before it was signed");
-+ return ((cp - rrp) + dlen);
-+ }
-+
- /* Don't let bogus signers "sign" in the future. */
-- if (signtime > now) {
-+ if (SEQ_GT(signtime, now)) {
- ns_debug(ns_log_default, 3,
- "ignoring SIG: signature date %s is in the future",
- p_secstodate (signtime));
-@@ -2052,7 +2062,7 @@
- }
-
- /* Ignore received SIG RR's that are already expired. */
-- if (exptime <= now) {
-+ if (SEQ_GT(now, exptime)) {
- ns_debug(ns_log_default, 3,
- "ignoring SIG: expiration %s is in the past",
- p_secstodate (exptime));
-diff -ur src-patched/lib/nameser/ns_name.c src/lib/nameser/ns_name.c
---- src-patched/lib/nameser/ns_name.c Thu May 23 22:10:40 2002
-+++ src/lib/nameser/ns_name.c Wed Nov 13 22:11:17 2002
-@@ -341,6 +341,10 @@
- dn = dst;
- eom = dst + dstsiz;
-
-+ if (dn >= eom) {
-+ errno = EMSGSIZE;
-+ return (-1);
-+ }
- while ((n = *cp++) != 0) {
- if ((n & NS_CMPRSFLGS) == NS_CMPRSFLGS) {
- /* Some kind of compression pointer. */
-diff -ur src-patched/lib/nameser/ns_samedomain.c src/lib/nameser/ns_samedomain.c
---- src-patched/lib/nameser/ns_samedomain.c Fri Oct 15 14:06:51 1999
-+++ src/lib/nameser/ns_samedomain.c Wed Nov 13 22:11:17 2002
-@@ -166,7 +166,7 @@
- ns_makecanon(const char *src, char *dst, size_t dstsize) {
- size_t n = strlen(src);
-
-- if (n + sizeof "." > dstsize) {
-+ if (n + sizeof "." + 1 > dstsize) {
- errno = EMSGSIZE;
- return (-1);
- }