diff options
author | Florian Weimer <fweimer@redhat.com> | 2019-04-08 11:19:38 +0200 |
---|---|---|
committer | Florian Weimer <fweimer@redhat.com> | 2019-04-08 11:19:38 +0200 |
commit | 333221862ecbebde60dd16e7ca17d26444e62f50 (patch) | |
tree | da1639481030c9cc8a8a478dad7308869cb783bc | |
parent | 3f8b44be0a658266adff5ece1e4bc3ce097a5dbe (diff) | |
download | glibc-333221862ecbebde60dd16e7ca17d26444e62f50.tar.gz glibc-333221862ecbebde60dd16e7ca17d26444e62f50.tar.xz glibc-333221862ecbebde60dd16e7ca17d26444e62f50.zip |
resolv: Remove RES_INSECURE1, RES_INSECURE2
Always perform the associated security checks.
-rw-r--r-- | ChangeLog | 9 | ||||
-rw-r--r-- | NEWS | 3 | ||||
-rw-r--r-- | resolv/res_debug.c | 2 | ||||
-rw-r--r-- | resolv/res_send.c | 32 | ||||
-rw-r--r-- | resolv/resolv.h | 2 |
5 files changed, 25 insertions, 23 deletions
diff --git a/ChangeLog b/ChangeLog index bc43b72067..6b7f19a1f3 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,14 @@ 2019-04-08 Florian Weimer <fweimer@redhat.com> + * resolv/resolv.h (RES_INSECURE1, RES_INSECURE2): Remove + definitions. + * resolv/res_send.c (send_dg): Always perform RES_INSECURE1 and + RES_INSECURE2 security checks. + * resolv/res_debug.c (p_option): Remove RES_INSECURE1 and + RES_INSECURE2 handling. + +2019-04-08 Florian Weimer <fweimer@redhat.com> + resolv: Remove support for RES_USE_INET6 and the inet6 option. * nscd/aicache.c (addhstaiX): Do not disable RES_USE_INET6. * nscd/nscd_gehst_r.c (__nscd_gethostbyname_r): Always use diff --git a/NEWS b/NEWS index 53011b61e1..b58e2469d4 100644 --- a/NEWS +++ b/NEWS @@ -38,6 +38,9 @@ Deprecated and removed features, and other changes affecting compatibility: * Support for the "inet6" option in /etc/resolv.conf and the RES_USE_INET6 resolver flag (deprecated in glibc 2.25) have been removed. +* The obsolete RES_INSECURE1 and RES_INSECURE2 option flags for the DNS stub + resolver have been removed from <resolv.h>. + Changes to build and runtime requirements: * GCC 6.2 or later is required to build the GNU C Library. diff --git a/resolv/res_debug.c b/resolv/res_debug.c index e4664c1da6..4dac71f3c9 100644 --- a/resolv/res_debug.c +++ b/resolv/res_debug.c @@ -604,8 +604,6 @@ p_option(u_long option) { case RES_DEFNAMES: return "defnam"; case RES_STAYOPEN: return "styopn"; case RES_DNSRCH: return "dnsrch"; - case RES_INSECURE1: return "insecure1"; - case RES_INSECURE2: return "insecure2"; case RES_NOALIASES: return "noaliases"; case RES_ROTATE: return "rotate"; case RES_USE_EDNS0: return "edns0"; diff --git a/resolv/res_send.c b/resolv/res_send.c index ca441c4ce1..eeeb8acf27 100644 --- a/resolv/res_send.c +++ b/resolv/res_send.c @@ -1316,31 +1316,25 @@ send_dg(res_state statp, */ goto wait; } - if (!(statp->options & RES_INSECURE1) && - !res_ourserver_p(statp, &from)) { - /* - * response from wrong server? ignore it. - * XXX - potential security hazard could - * be detected here. - */ - goto wait; - } - if (!(statp->options & RES_INSECURE2) - && (recvresp1 || !res_queriesmatch(buf, buf + buflen, + + /* Paranoia check. Due to the connected UDP socket, + the kernel has already filtered invalid addresses + for us. */ + if (!res_ourserver_p(statp, &from)) + goto wait; + + /* Check for the correct header layout and a matching + question. */ + if ((recvresp1 || !res_queriesmatch(buf, buf + buflen, *thisansp, *thisansp + *thisanssizp)) && (recvresp2 || !res_queriesmatch(buf2, buf2 + buflen2, *thisansp, *thisansp - + *thisanssizp))) { - /* - * response contains wrong query? ignore it. - * XXX - potential security hazard could - * be detected here. - */ - goto wait; - } + + *thisanssizp))) + goto wait; + if (anhp->rcode == SERVFAIL || anhp->rcode == NOTIMP || anhp->rcode == REFUSED) { diff --git a/resolv/resolv.h b/resolv/resolv.h index ad053d9d14..7a8023ae9d 100644 --- a/resolv/resolv.h +++ b/resolv/resolv.h @@ -115,8 +115,6 @@ struct res_sym { #define RES_DEFNAMES 0x00000080 /* use default domain name */ #define RES_STAYOPEN 0x00000100 /* Keep TCP socket open */ #define RES_DNSRCH 0x00000200 /* search up local domain tree */ -#define RES_INSECURE1 0x00000400 /* type 1 security disabled */ -#define RES_INSECURE2 0x00000800 /* type 2 security disabled */ #define RES_NOALIASES 0x00001000 /* shuts off HOSTALIASES feature */ #define RES_ROTATE 0x00004000 /* rotate ns list after each query */ #define RES_NOCHECKNAME \ |