Pullup ticket #3764 - requested by taca net/bind97: security patch Revisions pulled up: - net/bind97/Makefile 1.13 - net/bind97/distinfo 1.12 - net/bind97/patches/patch-lib_dns_resolver.c 1.1 --- Module Name: pkgsrc Committed By: taca Date: Tue May 1 02:48:58 UTC 2012 Modified Files: pkgsrc/net/bind97: Makefile distinfo Added Files: pkgsrc/net/bind97/patches: patch-lib_dns_resolver.c Log Message: Add fix to a race condition in the resolver code that can cause a recursive nameserver: <https://kb.isc.org/article/AA-00664>. Bump PKGREVISION.diff -r1.12 -r1.12.2.1 pkgsrc/net/bind97/Makefile
(tron)
@@ -1,17 +1,18 @@ | @@ -1,17 +1,18 @@ | |||
1 | # $NetBSD: Makefile,v 1.12 2012/04/05 00:40:09 taca Exp $ | 1 | # $NetBSD: Makefile,v 1.12.2.1 2012/05/03 18:32:02 tron Exp $ | |
2 | 2 | |||
3 | DISTNAME= bind-${BIND_VERSION} | 3 | DISTNAME= bind-${BIND_VERSION} | |
4 | PKGNAME= ${DISTNAME:S/-P/pl/} | 4 | PKGNAME= ${DISTNAME:S/-P/pl/} | |
5 | PKGREVISION= 1 | |||
5 | CATEGORIES= net | 6 | CATEGORIES= net | |
6 | MASTER_SITES= ftp://ftp.isc.org/isc/bind9/${BIND_VERSION}/ \ | 7 | MASTER_SITES= ftp://ftp.isc.org/isc/bind9/${BIND_VERSION}/ \ | |
7 | http://ftp.belnet.be/pub/mirror/ftp.isc.org/isc/bind9/${BIND_VERSION}/ | 8 | http://ftp.belnet.be/pub/mirror/ftp.isc.org/isc/bind9/${BIND_VERSION}/ | |
8 | 9 | |||
9 | MAINTAINER= pkgsrc-users@NetBSD.org | 10 | MAINTAINER= pkgsrc-users@NetBSD.org | |
10 | HOMEPAGE= http://www.isc.org/software/bind | 11 | HOMEPAGE= http://www.isc.org/software/bind | |
11 | COMMENT= Version 9 of the Berkeley Internet Name Daemon, implementation of DNS | 12 | COMMENT= Version 9 of the Berkeley Internet Name Daemon, implementation of DNS | |
12 | 13 | |||
13 | CONFLICTS+= bind<9.7.0 | 14 | CONFLICTS+= bind<9.7.0 | |
14 | 15 | |||
15 | PKG_DESTDIR_SUPPORT= user-destdir | 16 | PKG_DESTDIR_SUPPORT= user-destdir | |
16 | 17 | |||
17 | MAKE_JOBS_SAFE= no | 18 | MAKE_JOBS_SAFE= no |
@@ -1,10 +1,11 @@ | @@ -1,10 +1,11 @@ | |||
1 | $NetBSD: distinfo,v 1.11 2012/04/05 00:40:09 taca Exp $ | 1 | $NetBSD: distinfo,v 1.11.2.1 2012/05/03 18:32:02 tron Exp $ | |
2 | 2 | |||
3 | SHA1 (bind-9.7.5.tar.gz) = d66705bb898340de88653892a75e0038c3dec86e | 3 | SHA1 (bind-9.7.5.tar.gz) = d66705bb898340de88653892a75e0038c3dec86e | |
4 | RMD160 (bind-9.7.5.tar.gz) = 0186557e4d20b06c45939988b47dbf2cf600ae9b | 4 | RMD160 (bind-9.7.5.tar.gz) = 0186557e4d20b06c45939988b47dbf2cf600ae9b | |
5 | Size (bind-9.7.5.tar.gz) = 6848848 bytes | 5 | Size (bind-9.7.5.tar.gz) = 6848848 bytes | |
6 | SHA1 (patch-aa) = 6cec876c8caa7082f97365863f3f88c4f168da48 | 6 | SHA1 (patch-aa) = 6cec876c8caa7082f97365863f3f88c4f168da48 | |
7 | SHA1 (patch-ab) = 9585a26a376d32f80ac8266eb7967c00b433f14d | 7 | SHA1 (patch-ab) = 9585a26a376d32f80ac8266eb7967c00b433f14d | |
8 | SHA1 (patch-ac) = ee4ca3d200b3d3f93b8ccfa2c6e51ab005b35a01 | 8 | SHA1 (patch-ac) = ee4ca3d200b3d3f93b8ccfa2c6e51ab005b35a01 | |
9 | SHA1 (patch-ad) = 29fb5c24ff3558f1621e93ea16419e32dbc695b7 | 9 | SHA1 (patch-ad) = 29fb5c24ff3558f1621e93ea16419e32dbc695b7 | |
10 | SHA1 (patch-ae) = 68b8155daa8f75081b6f8fd70ca23fda60506c64 | 10 | SHA1 (patch-ae) = 68b8155daa8f75081b6f8fd70ca23fda60506c64 | |
11 | SHA1 (patch-lib_dns_resolver.c) = 1c0bc26a159219f65dc59429d395f7796a5165f6 |
$NetBSD: patch-lib_dns_resolver.c,v 1.1.2.2 2012/05/03 18:32:02 tron Exp $
Prevent segmentation fault in resolver.c: https://kb.isc.org/article/AA-00664
--- lib/dns/resolver.c.orig 2012-03-22 19:14:04.000000000 +0000
+++ lib/dns/resolver.c
@@ -2157,7 +2157,6 @@ fctx_finddone(isc_task_t *task, isc_even
isc_boolean_t want_try = ISC_FALSE;
isc_boolean_t want_done = ISC_FALSE;
isc_boolean_t bucket_empty = ISC_FALSE;
- isc_boolean_t destroy = ISC_FALSE;
unsigned int bucketnum;
find = event->ev_sender;
@@ -2196,17 +2195,12 @@ fctx_finddone(isc_task_t *task, isc_even
}
} else if (SHUTTINGDOWN(fctx) && fctx->pending == 0 &&
fctx->nqueries == 0 && ISC_LIST_EMPTY(fctx->validators)) {
- /*
- * Note that we had to wait until we had the lock before
- * looking at fctx->references.
- */
+
if (fctx->references == 0)
- destroy = ISC_TRUE;
+ bucket_empty = fctx_destroy(fctx);
}
UNLOCK(&res->buckets[bucketnum].lock);
- if (destroy)
- bucket_empty = fctx_destroy(fctx);
isc_event_free(&event);
dns_adb_destroyfind(&find);