Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-1-6]: src/dist/bind/lib/dst Pull up revision 1.4 (requested by it...
details: https://anonhg.NetBSD.org/src/rev/17e6e38033a7
branches: netbsd-1-6
changeset: 528185:17e6e38033a7
user: lukem <lukem%NetBSD.org@localhost>
date: Fri Jun 28 11:43:39 2002 +0000
description:
Pull up revision 1.4 (requested by itojun in ticket #387):
Update to BIND 8.3.3. Fixes buffer overrun in resolver code.
diffstat:
dist/bind/lib/dst/md5.h | 4 +-
dist/bind/lib/dst/md5_dgst.c | 10 +++++---
dist/bind/lib/dst/prandom.c | 43 ++++++++++++++++++++--------------------
dist/bind/lib/dst/rsaref_link.c | 17 ++++++++++++++-
dist/bind/lib/dst/support.c | 15 +++++++++----
5 files changed, 55 insertions(+), 34 deletions(-)
diffs (283 lines):
diff -r da72721011f9 -r 17e6e38033a7 dist/bind/lib/dst/md5.h
--- a/dist/bind/lib/dst/md5.h Fri Jun 28 11:43:30 2002 +0000
+++ b/dist/bind/lib/dst/md5.h Fri Jun 28 11:43:39 2002 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: md5.h,v 1.3 2001/01/27 07:58:25 itojun Exp $ */
+/* $NetBSD: md5.h,v 1.3.6.1 2002/06/28 11:43:39 lukem Exp $ */
/* crypto/md/md5.h */
/* Copyright (C) 1995-1997 Eric Young (eay%cryptsoft.com@localhost)
@@ -82,7 +82,7 @@
#ifndef NOPROTO
void MD5_Init(MD5_CTX *c);
-void MD5_Update(MD5_CTX *c, unsigned char *data, unsigned long len);
+void MD5_Update(MD5_CTX *c, const unsigned char *data, unsigned long len);
void MD5_Final(unsigned char *md, MD5_CTX *c);
unsigned char *MD5(unsigned char *d, unsigned long n, unsigned char *md);
#else
diff -r da72721011f9 -r 17e6e38033a7 dist/bind/lib/dst/md5_dgst.c
--- a/dist/bind/lib/dst/md5_dgst.c Fri Jun 28 11:43:30 2002 +0000
+++ b/dist/bind/lib/dst/md5_dgst.c Fri Jun 28 11:43:39 2002 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: md5_dgst.c,v 1.3 2001/01/27 07:58:25 itojun Exp $ */
+/* $NetBSD: md5_dgst.c,v 1.3.6.1 2002/06/28 11:43:48 lukem Exp $ */
/* crypto/md/md5_dgst.c */
/* Copyright (C) 1995-1997 Eric Young (eay%cryptsoft.com@localhost)
@@ -58,11 +58,13 @@
* [including the GNU Public Licence.]
*/
+#ifdef USE_MD5 /* Added by ogud%tis.com@localhost 1998/1/26 */
+#include <port_before.h>
#include <stdio.h>
-#ifdef USE_MD5 /* Added by ogud%tis.com@localhost 1998/1/26 */
#include "md5_locl.h"
+#include <port_after.h>
-char *MD5_version="MD5 part of SSLeay 0.8.1 19-Jul-1997";
+const char *MD5_version="MD5 part of SSLeay 0.8.1 19-Jul-1997";
/* Implemented from RFC1321 The MD5 Message-Digest Algorithm
*/
@@ -92,7 +94,7 @@
void MD5_Update(c, data, len)
MD5_CTX *c;
-register unsigned char *data;
+register const unsigned char *data;
unsigned long len;
{
register ULONG *p;
diff -r da72721011f9 -r 17e6e38033a7 dist/bind/lib/dst/prandom.c
--- a/dist/bind/lib/dst/prandom.c Fri Jun 28 11:43:30 2002 +0000
+++ b/dist/bind/lib/dst/prandom.c Fri Jun 28 11:43:39 2002 +0000
@@ -1,7 +1,7 @@
-/* $NetBSD: prandom.c,v 1.3 2001/05/17 23:00:18 itojun Exp $ */
+/* $NetBSD: prandom.c,v 1.3.2.1 2002/06/28 11:43:57 lukem Exp $ */
#ifndef LINT
-static const char rcsid[] = "Header: /proj/cvs/isc/bind8/src/lib/dst/prandom.c,v 1.10 2001/02/12 23:13:46 marka Exp";
+static const char rcsid[] = "Header: /proj/cvs/isc/bind8/src/lib/dst/prandom.c,v 1.12 2001/07/26 01:20:09 marka Exp";
#endif
/*
* Portions Copyright (c) 1995-1998 by Trusted Information Systems, Inc.
@@ -121,9 +121,9 @@
static int digest_file(dst_work *work);
static void force_hash(dst_work *work, prand_hash *hash);
-static int do_hash(dst_work *work, prand_hash *hash, u_char *input,
+static int do_hash(dst_work *work, prand_hash *hash, const u_char *input,
int size);
-static int my_digest(dst_work *tmp, u_char *input, int size);
+static int my_digest(dst_work *tmp, const u_char *input, int size);
static prand_hash *get_hmac_key(int step, int block);
static int own_random(dst_work *work);
@@ -259,11 +259,10 @@
else if (i==1) /* if starting a new round cut what we accept */
d_round += (tv.tv_sec - d_round)/2;
- if (buf.st_atime < d_round)
+ if (buf.st_atime < (time_t)d_round)
return (0);
- EREPORT(("do_ls i %d filled %4d in_temp %4d\n",
- i-1, work->filled, work->in_temp));
+ EREPORT(("do_ls i %d filled %4d\n", i-1, work->filled));
memcpy(tmp_buff, &buf, sizeof(buf));
tb_i += sizeof(buf);
@@ -324,8 +323,7 @@
if (cmds[cmd_index] == NULL)
cmd_index = 0;
- EREPORT(("unix_cmd() i %d filled %4d in_temp %4d\n",
- cmd_index, work->filled, work->in_temp));
+ EREPORT(("unix_cmd() i %d filled %4d\n", cmd_index, work->filled));
pipe = popen(cmds[cmd_index++], "r"); /* execute the command */
while ((n = fread(buffer, sizeof(char), sizeof(buffer), pipe)) > 0) {
@@ -336,7 +334,7 @@
cnt += do_time(work);
}
while ((n = fread(buffer, sizeof(char), sizeof(buffer), pipe)) > 0)
- NULL; /* drain the pipe */
+ (void)NULL; /* drain the pipe */
pclose(pipe);
return (cnt); /* read how many bytes where read in */
}
@@ -379,7 +377,7 @@
}
if (access(name, R_OK) || stat(name, &st))
return (0); /* no such file or not allowed to read it */
- if (strncmp(name, "/proc/", 6) && st.st_mtime < f_round)
+ if (strncmp(name, "/proc/", 6) && st.st_mtime < (time_t)f_round)
return(0); /* file has not changed recently enough */
if (dst_sign_data(SIG_MODE_INIT, work->file_digest, &ctx,
NULL, 0, NULL, 0)) {
@@ -403,7 +401,7 @@
}
else if (i > 0)
my_digest(work, buf, i);
- my_digest(work, (u_char *)name, strlen(name));
+ my_digest(work, (const u_char *)name, strlen(name));
return (no + strlen(name));
}
@@ -441,9 +439,10 @@
*
*/
static int
-do_hash(dst_work *work, prand_hash *hash, u_char *input, int size)
+do_hash(dst_work *work, prand_hash *hash, const u_char *input, int size)
{
- u_char *tmp = input, *tp;
+ const u_char *tmp = input;
+ u_char *save = NULL, *tp;
int i, cnt = size, n, needed, avail, dig, tmp_size = 0;
if (cnt <= 0 || input == NULL)
@@ -451,7 +450,7 @@
if (hash->step > 1) { /* if using subset of input data */
tmp_size = size / hash->step + 2;
- tp = tmp = malloc(tmp_size);
+ tmp = tp = save = malloc(tmp_size);
for (cnt = 0, i = hash->curr; i < size; i += hash->step, cnt++)
*(tp++) = input[i];
/* calcutate the starting point in the next input set */
@@ -468,13 +467,13 @@
if (hash->digested >= hash->block)
force_hash(work, hash);
if (work->needed < work->filled) {
- if (tmp != input)
- SAFE_FREE2(tmp, tmp_size);
+ if (tmp_size > 0)
+ SAFE_FREE2(save, tmp_size);
return (1);
}
}
if (tmp_size > 0)
- SAFE_FREE2(tmp, tmp_size);
+ SAFE_FREE2(save, tmp_size);
return (0);
}
@@ -484,7 +483,7 @@
* if work-block needs more data, keep filling with the rest of the input.
*/
static int
-my_digest(dst_work *work, u_char *input, int size)
+my_digest(dst_work *work, const u_char *input, int size)
{
int i, full = 0;
@@ -605,8 +604,8 @@
* proceed while needed
*/
while (work->filled < work->needed) {
- EREPORT(("own_random r %08x b %6d t %6d f %6d\n",
- ran_val, bytes, work->in_temp, work->filled));
+ EREPORT(("own_random r %08x b %6d f %6d\n",
+ ran_val, bytes, work->filled));
/* pick a random number in the range of 0..7 based on that random number
* perform some operations that yield random data
*/
@@ -842,8 +841,10 @@
i = dst_sign_data(SIG_MODE_ALL, my_key, NULL,
(u_char *) counter, hb_size,
semi_old, sizeof(semi_old));
+#ifdef REPORT_ERRORS
if (i != hb_size)
EREPORT(("HMAC SIGNATURE FAILURE %d\n", i));
+#endif
cnt++;
if (size - out < i) /* Not all data is needed */
semi_loc = i = size - out;
diff -r da72721011f9 -r 17e6e38033a7 dist/bind/lib/dst/rsaref_link.c
--- a/dist/bind/lib/dst/rsaref_link.c Fri Jun 28 11:43:30 2002 +0000
+++ b/dist/bind/lib/dst/rsaref_link.c Fri Jun 28 11:43:39 2002 +0000
@@ -1,7 +1,7 @@
-/* $NetBSD: rsaref_link.c,v 1.3 2001/05/17 23:00:18 itojun Exp $ */
+/* $NetBSD: rsaref_link.c,v 1.3.2.1 2002/06/28 11:44:06 lukem Exp $ */
#ifdef RSAREF
-static const char rcsid[] = "Header: /proj/cvs/isc/bind8/src/lib/dst/rsaref_link.c,v 1.9 2001/04/05 22:00:04 bwelling Exp";
+static const char rcsid[] = "Header: /proj/cvs/isc/bind8/src/lib/dst/rsaref_link.c,v 1.10 2001/05/29 05:48:15 marka Exp";
/*
* Portions Copyright (c) 1995-1998 by Trusted Information Systems, Inc.
@@ -742,6 +742,19 @@
#else
+#include "port_before.h"
+
+#include <stdio.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <string.h>
+#include <memory.h>
+#include <sys/param.h>
+#include <sys/time.h>
+#include <netinet/in.h>
+
+#include "dst_internal.h"
+#include "port_after.h"
int /* rsaref is not available */
dst_rsaref_init()
{
diff -r da72721011f9 -r 17e6e38033a7 dist/bind/lib/dst/support.c
--- a/dist/bind/lib/dst/support.c Fri Jun 28 11:43:30 2002 +0000
+++ b/dist/bind/lib/dst/support.c Fri Jun 28 11:43:39 2002 +0000
@@ -1,6 +1,6 @@
-/* $NetBSD: support.c,v 1.3 2001/05/17 23:00:18 itojun Exp $ */
+/* $NetBSD: support.c,v 1.3.2.1 2002/06/28 11:44:15 lukem Exp $ */
-static const char rcsid[] = "Header: /proj/cvs/isc/bind8/src/lib/dst/support.c,v 1.9 2001/04/05 22:00:06 bwelling Exp";
+static const char rcsid[] = "Header: /proj/cvs/isc/bind8/src/lib/dst/support.c,v 1.11 2001/05/29 05:48:16 marka Exp";
/*
@@ -243,8 +243,11 @@
/* compute id */
if (dns_key_rdata[3] == KEY_RSA) /* Algorithm RSA */
- return dst_s_get_int16((u_char *)
+ return dst_s_get_int16((const u_char *)
&dns_key_rdata[rdata_len - 3]);
+ else if (dns_key_rdata[3] == KEY_HMAC_MD5)
+ /* compatibility */
+ return 0;
else
/* compute a checksum on the key part of the key rr */
return dst_s_id_calc(dns_key_rdata, rdata_len);
@@ -392,7 +395,7 @@
return (-1);
my_id = id;
sprintf(filename, "K%s+%03d+%05d.%s", name, alg, my_id,
- (char *) suffix);
+ (const char *) suffix);
if (strrchr(filename, '/'))
return (-1);
if (strrchr(filename, '\\'))
@@ -419,7 +422,7 @@
{
FILE *fp;
char pathname[PATH_MAX];
- int plen = sizeof(pathname);
+ size_t plen = sizeof(pathname);
if (*dst_path != '\0') {
strcpy(pathname, dst_path);
@@ -443,6 +446,8 @@
dst_s_dump(const int mode, const u_char *data, const int size,
const char *msg)
{
+ UNUSED(data);
+
if (size > 0) {
#ifdef LONG_TEST
static u_char scratch[1000];
Home |
Main Index |
Thread Index |
Old Index