This is the mail archive of the glibc-cvs@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

GNU C Library master sources branch master updated. glibc-2.29.9000-185-g3332218

From: fw at sourceware dot org
To: glibc-cvs at sourceware dot org
Date: 8 Apr 2019 09:21:52 -0000
Subject: GNU C Library master sources branch master updated. glibc-2.29.9000-185-g3332218

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, master has been updated
       via  333221862ecbebde60dd16e7ca17d26444e62f50 (commit)
      from  3f8b44be0a658266adff5ece1e4bc3ce097a5dbe (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=333221862ecbebde60dd16e7ca17d26444e62f50

commit 333221862ecbebde60dd16e7ca17d26444e62f50
Author: Florian Weimer <fweimer@redhat.com>
Date:   Mon Apr 8 11:19:38 2019 +0200

    resolv: Remove RES_INSECURE1, RES_INSECURE2
    
    Always perform the associated security checks.

diff --git a/ChangeLog b/ChangeLog
index bc43b72..6b7f19a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,14 @@
 2019-04-08  Florian Weimer  <fweimer@redhat.com>
 
+	* resolv/resolv.h (RES_INSECURE1, RES_INSECURE2): Remove
+	definitions.
+	* resolv/res_send.c (send_dg): Always perform RES_INSECURE1 and
+	RES_INSECURE2 security checks.
+	* resolv/res_debug.c (p_option): Remove RES_INSECURE1 and
+	RES_INSECURE2 handling.
+
+2019-04-08  Florian Weimer  <fweimer@redhat.com>
+
 	resolv: Remove support for RES_USE_INET6 and the inet6 option.
 	* nscd/aicache.c (addhstaiX): Do not disable RES_USE_INET6.
 	* nscd/nscd_gehst_r.c (__nscd_gethostbyname_r): Always use
diff --git a/NEWS b/NEWS
index 53011b6..b58e246 100644
--- a/NEWS
+++ b/NEWS
@@ -38,6 +38,9 @@ Deprecated and removed features, and other changes affecting compatibility:
 * Support for the "inet6" option in /etc/resolv.conf and the RES_USE_INET6
   resolver flag (deprecated in glibc 2.25) have been removed.
 
+* The obsolete RES_INSECURE1 and RES_INSECURE2 option flags for the DNS stub
+  resolver have been removed from <resolv.h>.
+
 Changes to build and runtime requirements:
 
 * GCC 6.2 or later is required to build the GNU C Library.
diff --git a/resolv/res_debug.c b/resolv/res_debug.c
index e4664c1..4dac71f 100644
--- a/resolv/res_debug.c
+++ b/resolv/res_debug.c
@@ -604,8 +604,6 @@ p_option(u_long option) {
 	case RES_DEFNAMES:	return "defnam";
 	case RES_STAYOPEN:	return "styopn";
 	case RES_DNSRCH:	return "dnsrch";
-	case RES_INSECURE1:	return "insecure1";
-	case RES_INSECURE2:	return "insecure2";
 	case RES_NOALIASES:	return "noaliases";
 	case RES_ROTATE:	return "rotate";
 	case RES_USE_EDNS0:	return "edns0";
diff --git a/resolv/res_send.c b/resolv/res_send.c
index ca441c4..eeeb8ac 100644
--- a/resolv/res_send.c
+++ b/resolv/res_send.c
@@ -1316,31 +1316,25 @@ send_dg(res_state statp,
 			 */
 			goto wait;
 		}
-		if (!(statp->options & RES_INSECURE1) &&
-		    !res_ourserver_p(statp, &from)) {
-			/*
-			 * response from wrong server? ignore it.
-			 * XXX - potential security hazard could
-			 *	 be detected here.
-			 */
-			goto wait;
-		}
-		if (!(statp->options & RES_INSECURE2)
-		    && (recvresp1 || !res_queriesmatch(buf, buf + buflen,
+
+		/* Paranoia check.  Due to the connected UDP socket,
+		   the kernel has already filtered invalid addresses
+		   for us.  */
+		if (!res_ourserver_p(statp, &from))
+		  goto wait;
+
+		/* Check for the correct header layout and a matching
+		   question.  */
+		if ((recvresp1 || !res_queriesmatch(buf, buf + buflen,
 						       *thisansp,
 						       *thisansp
 						       + *thisanssizp))
 		    && (recvresp2 || !res_queriesmatch(buf2, buf2 + buflen2,
 						       *thisansp,
 						       *thisansp
-						       + *thisanssizp))) {
-			/*
-			 * response contains wrong query? ignore it.
-			 * XXX - potential security hazard could
-			 *	 be detected here.
-			 */
-			goto wait;
-		}
+						       + *thisanssizp)))
+		  goto wait;
+
 		if (anhp->rcode == SERVFAIL ||
 		    anhp->rcode == NOTIMP ||
 		    anhp->rcode == REFUSED) {
diff --git a/resolv/resolv.h b/resolv/resolv.h
index ad053d9..7a8023a 100644
--- a/resolv/resolv.h
+++ b/resolv/resolv.h
@@ -115,8 +115,6 @@ struct res_sym {
 #define RES_DEFNAMES	0x00000080	/* use default domain name */
 #define RES_STAYOPEN	0x00000100	/* Keep TCP socket open */
 #define RES_DNSRCH	0x00000200	/* search up local domain tree */
-#define	RES_INSECURE1	0x00000400	/* type 1 security disabled */
-#define	RES_INSECURE2	0x00000800	/* type 2 security disabled */
 #define	RES_NOALIASES	0x00001000	/* shuts off HOSTALIASES feature */
 #define RES_ROTATE	0x00004000	/* rotate ns list after each query */
 #define	RES_NOCHECKNAME \

-----------------------------------------------------------------------

Summary of changes:
 ChangeLog          |    9 +++++++++
 NEWS               |    3 +++
 resolv/res_debug.c |    2 --
 resolv/res_send.c  |   32 +++++++++++++-------------------
 resolv/resolv.h    |    2 --
 5 files changed, 25 insertions(+), 23 deletions(-)


hooks/post-receive
-- 
GNU C Library master sources

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]