diff options
4 files changed, 538 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/bind/bind/CVE-2016-1285.patch b/meta/recipes-connectivity/bind/bind/CVE-2016-1285.patch new file mode 100644 index 0000000000..f73f6421c3 --- /dev/null +++ b/meta/recipes-connectivity/bind/bind/CVE-2016-1285.patch | |||
@@ -0,0 +1,138 @@ | |||
1 | From e7e15d1302b26a96fa0a5307d6f2cb0d8ad4ea63 Mon Sep 17 00:00:00 2001 | ||
2 | From: Mark Andrews <marka@isc.org> | ||
3 | Date: Thu, 18 Feb 2016 12:11:27 +1100 | ||
4 | Subject: [PATCH] 4318. [security] Malformed control messages can | ||
5 | trigger assertions in named and rndc. (CVE-2016-1285) [RT #41666] | ||
6 | |||
7 | (cherry picked from commit a2b15b3305acd52179e6f3dc7d073b07fbc40b8e) | ||
8 | |||
9 | Hand applied Changelog changes. | ||
10 | |||
11 | CVE: CVE-2016-1285 | ||
12 | Upstream-Status: Backport | ||
13 | |||
14 | Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> | ||
15 | --- | ||
16 | diff -ruN a/bin/named/control.c b/bin/named/control.c | ||
17 | --- a/bin/named/control.c 2015-08-15 02:28:49.000000000 +0200 | ||
18 | +++ b/bin/named/control.c 2016-04-11 09:38:20.940827528 +0200 | ||
19 | @@ -69,7 +69,7 @@ | ||
20 | #endif | ||
21 | |||
22 | data = isccc_alist_lookup(message, "_data"); | ||
23 | - if (data == NULL) { | ||
24 | + if (!isccc_alist_alistp(data)) { | ||
25 | /* | ||
26 | * No data section. | ||
27 | */ | ||
28 | diff -ruN a/bin/named/controlconf.c b/bin/named/controlconf.c | ||
29 | --- a/bin/named/controlconf.c 2015-08-15 02:28:49.000000000 +0200 | ||
30 | +++ b/bin/named/controlconf.c 2016-04-11 09:38:20.944827355 +0200 | ||
31 | @@ -402,7 +402,7 @@ | ||
32 | * Limit exposure to replay attacks. | ||
33 | */ | ||
34 | _ctrl = isccc_alist_lookup(request, "_ctrl"); | ||
35 | - if (_ctrl == NULL) { | ||
36 | + if (!isccc_alist_alistp(_ctrl)) { | ||
37 | log_invalid(&conn->ccmsg, ISC_R_FAILURE); | ||
38 | goto cleanup_request; | ||
39 | } | ||
40 | diff -ruN a/bin/rndc/rndc.c b/bin/rndc/rndc.c | ||
41 | --- a/bin/rndc/rndc.c 2015-08-15 02:28:49.000000000 +0200 | ||
42 | +++ b/bin/rndc/rndc.c 2016-04-11 09:38:20.944827355 +0200 | ||
43 | @@ -254,8 +254,8 @@ | ||
44 | isccc_cc_fromwire(&source, &response, algorithm, &secret)); | ||
45 | |||
46 | data = isccc_alist_lookup(response, "_data"); | ||
47 | - if (data == NULL) | ||
48 | - fatal("no data section in response"); | ||
49 | + if (!isccc_alist_alistp(data)) | ||
50 | + fatal("bad or missing data section in response"); | ||
51 | result = isccc_cc_lookupstring(data, "err", &errormsg); | ||
52 | if (result == ISC_R_SUCCESS) { | ||
53 | failed = ISC_TRUE; | ||
54 | @@ -320,8 +320,8 @@ | ||
55 | isccc_cc_fromwire(&source, &response, algorithm, &secret)); | ||
56 | |||
57 | _ctrl = isccc_alist_lookup(response, "_ctrl"); | ||
58 | - if (_ctrl == NULL) | ||
59 | - fatal("_ctrl section missing"); | ||
60 | + if (!isccc_alist_alistp(_ctrl)) | ||
61 | + fatal("bad or missing ctrl section in response"); | ||
62 | nonce = 0; | ||
63 | if (isccc_cc_lookupuint32(_ctrl, "_nonce", &nonce) != ISC_R_SUCCESS) | ||
64 | nonce = 0; | ||
65 | diff -ruN a/CHANGES b/CHANGES | ||
66 | --- a/CHANGES 2016-04-11 09:36:08.546578759 +0200 | ||
67 | +++ b/CHANGES 2016-04-11 09:39:59.356552273 +0200 | ||
68 | @@ -1,3 +1,6 @@ | ||
69 | +4318. [security] Malformed control messages can trigger assertions | ||
70 | + in named and rndc. (CVE-2016-1285) [RT #41666] | ||
71 | + | ||
72 | 4146. [bug] Address reference leak that could prevent a clean | ||
73 | shutdown. [RT #37125] | ||
74 | |||
75 | diff -ruN a/lib/isccc/cc.c b/lib/isccc/cc.c | ||
76 | --- a/lib/isccc/cc.c 2015-08-15 02:28:49.000000000 +0200 | ||
77 | +++ b/lib/isccc/cc.c 2016-04-11 09:38:20.944827355 +0200 | ||
78 | @@ -403,13 +403,13 @@ | ||
79 | * Extract digest. | ||
80 | */ | ||
81 | _auth = isccc_alist_lookup(alist, "_auth"); | ||
82 | - if (_auth == NULL) | ||
83 | + if (!isccc_alist_alistp(_auth)) | ||
84 | return (ISC_R_FAILURE); | ||
85 | if (algorithm == ISCCC_ALG_HMACMD5) | ||
86 | hmac = isccc_alist_lookup(_auth, "hmd5"); | ||
87 | else | ||
88 | hmac = isccc_alist_lookup(_auth, "hsha"); | ||
89 | - if (hmac == NULL) | ||
90 | + if (!isccc_sexpr_binaryp(hmac)) | ||
91 | return (ISC_R_FAILURE); | ||
92 | /* | ||
93 | * Compute digest. | ||
94 | @@ -728,7 +728,7 @@ | ||
95 | REQUIRE(ackp != NULL && *ackp == NULL); | ||
96 | |||
97 | _ctrl = isccc_alist_lookup(message, "_ctrl"); | ||
98 | - if (_ctrl == NULL || | ||
99 | + if (!isccc_alist_alistp(_ctrl) || | ||
100 | isccc_cc_lookupuint32(_ctrl, "_ser", &serial) != ISC_R_SUCCESS || | ||
101 | isccc_cc_lookupuint32(_ctrl, "_tim", &t) != ISC_R_SUCCESS) | ||
102 | return (ISC_R_FAILURE); | ||
103 | @@ -773,7 +773,7 @@ | ||
104 | isccc_sexpr_t *_ctrl; | ||
105 | |||
106 | _ctrl = isccc_alist_lookup(message, "_ctrl"); | ||
107 | - if (_ctrl == NULL) | ||
108 | + if (!isccc_alist_alistp(_ctrl)) | ||
109 | return (ISC_FALSE); | ||
110 | if (isccc_cc_lookupstring(_ctrl, "_ack", NULL) == ISC_R_SUCCESS) | ||
111 | return (ISC_TRUE); | ||
112 | @@ -786,7 +786,7 @@ | ||
113 | isccc_sexpr_t *_ctrl; | ||
114 | |||
115 | _ctrl = isccc_alist_lookup(message, "_ctrl"); | ||
116 | - if (_ctrl == NULL) | ||
117 | + if (!isccc_alist_alistp(_ctrl)) | ||
118 | return (ISC_FALSE); | ||
119 | if (isccc_cc_lookupstring(_ctrl, "_rpl", NULL) == ISC_R_SUCCESS) | ||
120 | return (ISC_TRUE); | ||
121 | @@ -806,7 +806,7 @@ | ||
122 | |||
123 | _ctrl = isccc_alist_lookup(message, "_ctrl"); | ||
124 | _data = isccc_alist_lookup(message, "_data"); | ||
125 | - if (_ctrl == NULL || _data == NULL || | ||
126 | + if (!isccc_alist_alistp(_ctrl) || !isccc_alist_alistp(_data) || | ||
127 | isccc_cc_lookupuint32(_ctrl, "_ser", &serial) != ISC_R_SUCCESS || | ||
128 | isccc_cc_lookupstring(_data, "type", &type) != ISC_R_SUCCESS) | ||
129 | return (ISC_R_FAILURE); | ||
130 | @@ -995,7 +995,7 @@ | ||
131 | isccc_sexpr_t *_ctrl; | ||
132 | |||
133 | _ctrl = isccc_alist_lookup(message, "_ctrl"); | ||
134 | - if (_ctrl == NULL || | ||
135 | + if (!isccc_alist_alistp(_ctrl) || | ||
136 | isccc_cc_lookupstring(_ctrl, "_ser", &_ser) != ISC_R_SUCCESS || | ||
137 | isccc_cc_lookupstring(_ctrl, "_tim", &_tim) != ISC_R_SUCCESS) | ||
138 | return (ISC_R_FAILURE); | ||
diff --git a/meta/recipes-connectivity/bind/bind/CVE-2016-1286_1.patch b/meta/recipes-connectivity/bind/bind/CVE-2016-1286_1.patch new file mode 100644 index 0000000000..5002147f1a --- /dev/null +++ b/meta/recipes-connectivity/bind/bind/CVE-2016-1286_1.patch | |||
@@ -0,0 +1,79 @@ | |||
1 | From 456e1eadd2a3a2fb9617e60d4db90ef4ba7c6ba3 Mon Sep 17 00:00:00 2001 | ||
2 | From: Mukund Sivaraman <muks@isc.org> | ||
3 | Date: Mon, 22 Feb 2016 12:22:43 +0530 | ||
4 | Subject: [PATCH] Fix resolver assertion failure due to improper DNAME handling | ||
5 | (CVE-2016-1286) (#41753) | ||
6 | |||
7 | (cherry picked from commit 5995fec51cc8bb7e53804e4936e60aa1537f3673) | ||
8 | |||
9 | Hand applied Changelog changes. | ||
10 | |||
11 | CVE: CVE-2016-1286 | ||
12 | Upstream-Status: Backport | ||
13 | |||
14 | Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> | ||
15 | --- | ||
16 | diff -ruN a/CHANGES b/CHANGES | ||
17 | --- a/CHANGES 2016-04-11 09:46:42.075057394 +0200 | ||
18 | +++ b/CHANGES 2016-04-11 09:44:21.857148819 +0200 | ||
19 | @@ -1,3 +1,7 @@ | ||
20 | +4319. [security] Fix resolver assertion failure due to improper | ||
21 | + DNAME handling when parsing fetch reply messages. | ||
22 | + (CVE-2016-1286) [RT #41753] | ||
23 | + | ||
24 | 4318. [security] Malformed control messages can trigger assertions | ||
25 | in named and rndc. (CVE-2016-1285) [RT #41666] | ||
26 | |||
27 | diff -ruN a/lib/dns/resolver.c b/lib/dns/resolver.c | ||
28 | --- a/lib/dns/resolver.c 2016-04-11 09:36:08.550578585 +0200 | ||
29 | +++ b/lib/dns/resolver.c 2016-04-11 09:43:23.091701714 +0200 | ||
30 | @@ -6634,21 +6634,26 @@ | ||
31 | isc_boolean_t found_dname = ISC_FALSE; | ||
32 | dns_name_t *dname_name; | ||
33 | |||
34 | + /* | ||
35 | + * Only pass DNAME or RRSIG(DNAME). | ||
36 | + */ | ||
37 | + if (rdataset->type != dns_rdatatype_dname && | ||
38 | + (rdataset->type != dns_rdatatype_rrsig || | ||
39 | + rdataset->covers != dns_rdatatype_dname)) | ||
40 | + continue; | ||
41 | + | ||
42 | + /* | ||
43 | + * If we're not chaining, then the DNAME and | ||
44 | + * its signature should not be external. | ||
45 | + */ | ||
46 | + if (!chaining && external) { | ||
47 | + log_formerr(fctx, "external DNAME"); | ||
48 | + return (DNS_R_FORMERR); | ||
49 | + } | ||
50 | + | ||
51 | found = ISC_FALSE; | ||
52 | aflag = 0; | ||
53 | if (rdataset->type == dns_rdatatype_dname) { | ||
54 | - /* | ||
55 | - * We're looking for something else, | ||
56 | - * but we found a DNAME. | ||
57 | - * | ||
58 | - * If we're not chaining, then the | ||
59 | - * DNAME should not be external. | ||
60 | - */ | ||
61 | - if (!chaining && external) { | ||
62 | - log_formerr(fctx, | ||
63 | - "external DNAME"); | ||
64 | - return (DNS_R_FORMERR); | ||
65 | - } | ||
66 | found = ISC_TRUE; | ||
67 | want_chaining = ISC_TRUE; | ||
68 | POST(want_chaining); | ||
69 | @@ -6677,9 +6682,7 @@ | ||
70 | &fctx->domain)) { | ||
71 | return (DNS_R_SERVFAIL); | ||
72 | } | ||
73 | - } else if (rdataset->type == dns_rdatatype_rrsig | ||
74 | - && rdataset->covers == | ||
75 | - dns_rdatatype_dname) { | ||
76 | + } else { | ||
77 | /* | ||
78 | * We've found a signature that | ||
79 | * covers the DNAME. | ||
diff --git a/meta/recipes-connectivity/bind/bind/CVE-2016-1286_2.patch b/meta/recipes-connectivity/bind/bind/CVE-2016-1286_2.patch new file mode 100644 index 0000000000..3ca76b9977 --- /dev/null +++ b/meta/recipes-connectivity/bind/bind/CVE-2016-1286_2.patch | |||
@@ -0,0 +1,318 @@ | |||
1 | From 499952eb459c9a41d2092f1d98899c131f9103b2 Mon Sep 17 00:00:00 2001 | ||
2 | From: Mark Andrews <marka@isc.org> | ||
3 | Date: Mon, 29 Feb 2016 07:16:48 +1100 | ||
4 | Subject: [PATCH] Part 2 of: 4319.[security] Fix resolver assertion | ||
5 | failure due to improper DNAME handling when parsing fetch reply messages. | ||
6 | (CVE-2016-1286) [RT #41753] | ||
7 | |||
8 | (cherry picked from commit 2de89ee9de8c8da9dc153a754b02dcdbb7fe2374) | ||
9 | |||
10 | CVE: CVE-2016-1286 [part 2] | ||
11 | Upstream-Status: Backport | ||
12 | |||
13 | Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> | ||
14 | --- | ||
15 | lib/dns/resolver.c | 192 ++++++++++++++++++++++++++--------------------------- | ||
16 | 1 file changed, 93 insertions(+), 99 deletions(-) | ||
17 | |||
18 | diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c | ||
19 | index 23d636b..fbc0af0 100644 | ||
20 | --- a/lib/dns/resolver.c | ||
21 | +++ b/lib/dns/resolver.c | ||
22 | @@ -6088,14 +6088,11 @@ cname_target(dns_rdataset_t *rdataset, dns_name_t *tname) { | ||
23 | } | ||
24 | |||
25 | static inline isc_result_t | ||
26 | -dname_target(fetchctx_t *fctx, dns_rdataset_t *rdataset, dns_name_t *qname, | ||
27 | - dns_name_t *oname, dns_fixedname_t *fixeddname) | ||
28 | +dname_target(dns_rdataset_t *rdataset, dns_name_t *qname, | ||
29 | + unsigned int nlabels, dns_fixedname_t *fixeddname) | ||
30 | { | ||
31 | isc_result_t result; | ||
32 | dns_rdata_t rdata = DNS_RDATA_INIT; | ||
33 | - unsigned int nlabels; | ||
34 | - int order; | ||
35 | - dns_namereln_t namereln; | ||
36 | dns_rdata_dname_t dname; | ||
37 | dns_fixedname_t prefix; | ||
38 | |||
39 | @@ -6110,21 +6107,6 @@ dname_target(fetchctx_t *fctx, dns_rdataset_t *rdataset, dns_name_t *qname, | ||
40 | if (result != ISC_R_SUCCESS) | ||
41 | return (result); | ||
42 | |||
43 | - /* | ||
44 | - * Get the prefix of qname. | ||
45 | - */ | ||
46 | - namereln = dns_name_fullcompare(qname, oname, &order, &nlabels); | ||
47 | - if (namereln != dns_namereln_subdomain) { | ||
48 | - char qbuf[DNS_NAME_FORMATSIZE]; | ||
49 | - char obuf[DNS_NAME_FORMATSIZE]; | ||
50 | - | ||
51 | - dns_rdata_freestruct(&dname); | ||
52 | - dns_name_format(qname, qbuf, sizeof(qbuf)); | ||
53 | - dns_name_format(oname, obuf, sizeof(obuf)); | ||
54 | - log_formerr(fctx, "unrelated DNAME in answer: " | ||
55 | - "%s is not in %s", qbuf, obuf); | ||
56 | - return (DNS_R_FORMERR); | ||
57 | - } | ||
58 | dns_fixedname_init(&prefix); | ||
59 | dns_name_split(qname, nlabels, dns_fixedname_name(&prefix), NULL); | ||
60 | dns_fixedname_init(fixeddname); | ||
61 | @@ -6750,13 +6732,13 @@ static isc_result_t | ||
62 | answer_response(fetchctx_t *fctx) { | ||
63 | isc_result_t result; | ||
64 | dns_message_t *message; | ||
65 | - dns_name_t *name, *qname, tname, *ns_name; | ||
66 | + dns_name_t *name, *dname, *qname, tname, *ns_name; | ||
67 | dns_rdataset_t *rdataset, *ns_rdataset; | ||
68 | isc_boolean_t done, external, chaining, aa, found, want_chaining; | ||
69 | isc_boolean_t have_answer, found_cname, found_type, wanted_chaining; | ||
70 | unsigned int aflag; | ||
71 | dns_rdatatype_t type; | ||
72 | - dns_fixedname_t dname, fqname; | ||
73 | + dns_fixedname_t fdname, fqname; | ||
74 | dns_view_t *view; | ||
75 | |||
76 | FCTXTRACE("answer_response"); | ||
77 | @@ -6784,10 +6766,15 @@ answer_response(fetchctx_t *fctx) { | ||
78 | view = fctx->res->view; | ||
79 | result = dns_message_firstname(message, DNS_SECTION_ANSWER); | ||
80 | while (!done && result == ISC_R_SUCCESS) { | ||
81 | + dns_namereln_t namereln; | ||
82 | + int order; | ||
83 | + unsigned int nlabels; | ||
84 | + | ||
85 | name = NULL; | ||
86 | dns_message_currentname(message, DNS_SECTION_ANSWER, &name); | ||
87 | external = ISC_TF(!dns_name_issubdomain(name, &fctx->domain)); | ||
88 | - if (dns_name_equal(name, qname)) { | ||
89 | + namereln = dns_name_fullcompare(qname, name, &order, &nlabels); | ||
90 | + if (namereln == dns_namereln_equal) { | ||
91 | wanted_chaining = ISC_FALSE; | ||
92 | for (rdataset = ISC_LIST_HEAD(name->list); | ||
93 | rdataset != NULL; | ||
94 | @@ -6912,10 +6899,11 @@ answer_response(fetchctx_t *fctx) { | ||
95 | */ | ||
96 | INSIST(!external); | ||
97 | if (aflag == | ||
98 | - DNS_RDATASETATTR_ANSWER) | ||
99 | + DNS_RDATASETATTR_ANSWER) { | ||
100 | have_answer = ISC_TRUE; | ||
101 | - name->attributes |= | ||
102 | - DNS_NAMEATTR_ANSWER; | ||
103 | + name->attributes |= | ||
104 | + DNS_NAMEATTR_ANSWER; | ||
105 | + } | ||
106 | rdataset->attributes |= aflag; | ||
107 | if (aa) | ||
108 | rdataset->trust = | ||
109 | @@ -6970,6 +6958,8 @@ answer_response(fetchctx_t *fctx) { | ||
110 | if (wanted_chaining) | ||
111 | chaining = ISC_TRUE; | ||
112 | } else { | ||
113 | + dns_rdataset_t *dnameset = NULL; | ||
114 | + | ||
115 | /* | ||
116 | * Look for a DNAME (or its SIG). Anything else is | ||
117 | * ignored. | ||
118 | @@ -6977,10 +6967,8 @@ answer_response(fetchctx_t *fctx) { | ||
119 | wanted_chaining = ISC_FALSE; | ||
120 | for (rdataset = ISC_LIST_HEAD(name->list); | ||
121 | rdataset != NULL; | ||
122 | - rdataset = ISC_LIST_NEXT(rdataset, link)) { | ||
123 | - isc_boolean_t found_dname = ISC_FALSE; | ||
124 | - dns_name_t *dname_name; | ||
125 | - | ||
126 | + rdataset = ISC_LIST_NEXT(rdataset, link)) | ||
127 | + { | ||
128 | /* | ||
129 | * Only pass DNAME or RRSIG(DNAME). | ||
130 | */ | ||
131 | @@ -6994,20 +6982,41 @@ answer_response(fetchctx_t *fctx) { | ||
132 | * its signature should not be external. | ||
133 | */ | ||
134 | if (!chaining && external) { | ||
135 | - log_formerr(fctx, "external DNAME"); | ||
136 | + char qbuf[DNS_NAME_FORMATSIZE]; | ||
137 | + char obuf[DNS_NAME_FORMATSIZE]; | ||
138 | + | ||
139 | + dns_name_format(name, qbuf, | ||
140 | + sizeof(qbuf)); | ||
141 | + dns_name_format(&fctx->domain, obuf, | ||
142 | + sizeof(obuf)); | ||
143 | + log_formerr(fctx, "external DNAME or " | ||
144 | + "RRSIG covering DNAME " | ||
145 | + "in answer: %s is " | ||
146 | + "not in %s", qbuf, obuf); | ||
147 | + return (DNS_R_FORMERR); | ||
148 | + } | ||
149 | + | ||
150 | + if (namereln != dns_namereln_subdomain) { | ||
151 | + char qbuf[DNS_NAME_FORMATSIZE]; | ||
152 | + char obuf[DNS_NAME_FORMATSIZE]; | ||
153 | + | ||
154 | + dns_name_format(qname, qbuf, | ||
155 | + sizeof(qbuf)); | ||
156 | + dns_name_format(name, obuf, | ||
157 | + sizeof(obuf)); | ||
158 | + log_formerr(fctx, "unrelated DNAME " | ||
159 | + "in answer: %s is " | ||
160 | + "not in %s", qbuf, obuf); | ||
161 | return (DNS_R_FORMERR); | ||
162 | } | ||
163 | |||
164 | - found = ISC_FALSE; | ||
165 | aflag = 0; | ||
166 | if (rdataset->type == dns_rdatatype_dname) { | ||
167 | - found = ISC_TRUE; | ||
168 | want_chaining = ISC_TRUE; | ||
169 | POST(want_chaining); | ||
170 | aflag = DNS_RDATASETATTR_ANSWER; | ||
171 | - result = dname_target(fctx, rdataset, | ||
172 | - qname, name, | ||
173 | - &dname); | ||
174 | + result = dname_target(rdataset, qname, | ||
175 | + nlabels, &fdname); | ||
176 | if (result == ISC_R_NOSPACE) { | ||
177 | /* | ||
178 | * We can't construct the | ||
179 | @@ -7019,14 +7028,12 @@ answer_response(fetchctx_t *fctx) { | ||
180 | } else if (result != ISC_R_SUCCESS) | ||
181 | return (result); | ||
182 | else | ||
183 | - found_dname = ISC_TRUE; | ||
184 | + dnameset = rdataset; | ||
185 | |||
186 | - dname_name = dns_fixedname_name(&dname); | ||
187 | + dname = dns_fixedname_name(&fdname); | ||
188 | if (!is_answertarget_allowed(view, | ||
189 | - qname, | ||
190 | - rdataset->type, | ||
191 | - dname_name, | ||
192 | - &fctx->domain)) { | ||
193 | + qname, rdataset->type, | ||
194 | + dname, &fctx->domain)) { | ||
195 | return (DNS_R_SERVFAIL); | ||
196 | } | ||
197 | } else { | ||
198 | @@ -7034,73 +7041,60 @@ answer_response(fetchctx_t *fctx) { | ||
199 | * We've found a signature that | ||
200 | * covers the DNAME. | ||
201 | */ | ||
202 | - found = ISC_TRUE; | ||
203 | aflag = DNS_RDATASETATTR_ANSWERSIG; | ||
204 | } | ||
205 | |||
206 | - if (found) { | ||
207 | + /* | ||
208 | + * We've found an answer to our | ||
209 | + * question. | ||
210 | + */ | ||
211 | + name->attributes |= DNS_NAMEATTR_CACHE; | ||
212 | + rdataset->attributes |= DNS_RDATASETATTR_CACHE; | ||
213 | + rdataset->trust = dns_trust_answer; | ||
214 | + if (!chaining) { | ||
215 | /* | ||
216 | - * We've found an answer to our | ||
217 | - * question. | ||
218 | + * This data is "the" answer to | ||
219 | + * our question only if we're | ||
220 | + * not chaining. | ||
221 | */ | ||
222 | - name->attributes |= | ||
223 | - DNS_NAMEATTR_CACHE; | ||
224 | - rdataset->attributes |= | ||
225 | - DNS_RDATASETATTR_CACHE; | ||
226 | - rdataset->trust = dns_trust_answer; | ||
227 | - if (!chaining) { | ||
228 | - /* | ||
229 | - * This data is "the" answer | ||
230 | - * to our question only if | ||
231 | - * we're not chaining. | ||
232 | - */ | ||
233 | - INSIST(!external); | ||
234 | - if (aflag == | ||
235 | - DNS_RDATASETATTR_ANSWER) | ||
236 | - have_answer = ISC_TRUE; | ||
237 | + INSIST(!external); | ||
238 | + if (aflag == DNS_RDATASETATTR_ANSWER) { | ||
239 | + have_answer = ISC_TRUE; | ||
240 | name->attributes |= | ||
241 | DNS_NAMEATTR_ANSWER; | ||
242 | - rdataset->attributes |= aflag; | ||
243 | - if (aa) | ||
244 | - rdataset->trust = | ||
245 | - dns_trust_authanswer; | ||
246 | - } else if (external) { | ||
247 | - rdataset->attributes |= | ||
248 | - DNS_RDATASETATTR_EXTERNAL; | ||
249 | - } | ||
250 | - | ||
251 | - /* | ||
252 | - * DNAME chaining. | ||
253 | - */ | ||
254 | - if (found_dname) { | ||
255 | - /* | ||
256 | - * Copy the dname into the | ||
257 | - * qname fixed name. | ||
258 | - * | ||
259 | - * Although we check for | ||
260 | - * failure of the copy | ||
261 | - * operation, in practice it | ||
262 | - * should never fail since | ||
263 | - * we already know that the | ||
264 | - * result fits in a fixedname. | ||
265 | - */ | ||
266 | - dns_fixedname_init(&fqname); | ||
267 | - result = dns_name_copy( | ||
268 | - dns_fixedname_name(&dname), | ||
269 | - dns_fixedname_name(&fqname), | ||
270 | - NULL); | ||
271 | - if (result != ISC_R_SUCCESS) | ||
272 | - return (result); | ||
273 | - wanted_chaining = ISC_TRUE; | ||
274 | - name->attributes |= | ||
275 | - DNS_NAMEATTR_CHAINING; | ||
276 | - rdataset->attributes |= | ||
277 | - DNS_RDATASETATTR_CHAINING; | ||
278 | - qname = dns_fixedname_name( | ||
279 | - &fqname); | ||
280 | } | ||
281 | + rdataset->attributes |= aflag; | ||
282 | + if (aa) | ||
283 | + rdataset->trust = | ||
284 | + dns_trust_authanswer; | ||
285 | + } else if (external) { | ||
286 | + rdataset->attributes |= | ||
287 | + DNS_RDATASETATTR_EXTERNAL; | ||
288 | } | ||
289 | } | ||
290 | + | ||
291 | + /* | ||
292 | + * DNAME chaining. | ||
293 | + */ | ||
294 | + if (dnameset != NULL) { | ||
295 | + /* | ||
296 | + * Copy the dname into the qname fixed name. | ||
297 | + * | ||
298 | + * Although we check for failure of the copy | ||
299 | + * operation, in practice it should never fail | ||
300 | + * since we already know that the result fits | ||
301 | + * in a fixedname. | ||
302 | + */ | ||
303 | + dns_fixedname_init(&fqname); | ||
304 | + qname = dns_fixedname_name(&fqname); | ||
305 | + result = dns_name_copy(dname, qname, NULL); | ||
306 | + if (result != ISC_R_SUCCESS) | ||
307 | + return (result); | ||
308 | + wanted_chaining = ISC_TRUE; | ||
309 | + name->attributes |= DNS_NAMEATTR_CHAINING; | ||
310 | + dnameset->attributes |= | ||
311 | + DNS_RDATASETATTR_CHAINING; | ||
312 | + } | ||
313 | if (wanted_chaining) | ||
314 | chaining = ISC_TRUE; | ||
315 | } | ||
316 | -- | ||
317 | 1.9.1 | ||
318 | |||
diff --git a/meta/recipes-connectivity/bind/bind_9.10.2-P4.bb b/meta/recipes-connectivity/bind/bind_9.10.2-P4.bb index 19f87d7934..f1951a0a57 100644 --- a/meta/recipes-connectivity/bind/bind_9.10.2-P4.bb +++ b/meta/recipes-connectivity/bind/bind_9.10.2-P4.bb | |||
@@ -25,6 +25,9 @@ SRC_URI = "ftp://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.gz \ | |||
25 | file://CVE-2015-8705.patch \ | 25 | file://CVE-2015-8705.patch \ |
26 | file://CVE-2015-8000.patch \ | 26 | file://CVE-2015-8000.patch \ |
27 | file://CVE-2015-8461.patch \ | 27 | file://CVE-2015-8461.patch \ |
28 | file://CVE-2016-1285.patch \ | ||
29 | file://CVE-2016-1286_1.patch \ | ||
30 | file://CVE-2016-1286_2.patch \ | ||
28 | " | 31 | " |
29 | 32 | ||
30 | SRC_URI[md5sum] = "8b1f5064837756c938eadc1537dec5c7" | 33 | SRC_URI[md5sum] = "8b1f5064837756c938eadc1537dec5c7" |