diff options
author | Florian Weimer <fweimer@redhat.com> | 2019-04-08 11:19:38 +0200 |
---|---|---|
committer | Florian Weimer <fweimer@redhat.com> | 2019-04-08 11:19:38 +0200 |
commit | 333221862ecbebde60dd16e7ca17d26444e62f50 (patch) | |
tree | da1639481030c9cc8a8a478dad7308869cb783bc /resolv | |
parent | 3f8b44be0a658266adff5ece1e4bc3ce097a5dbe (diff) | |
download | glibc-333221862ecbebde60dd16e7ca17d26444e62f50.tar.gz glibc-333221862ecbebde60dd16e7ca17d26444e62f50.tar.xz glibc-333221862ecbebde60dd16e7ca17d26444e62f50.zip |
resolv: Remove RES_INSECURE1, RES_INSECURE2
Always perform the associated security checks.
Diffstat (limited to 'resolv')
-rw-r--r-- | resolv/res_debug.c | 2 | ||||
-rw-r--r-- | resolv/res_send.c | 32 | ||||
-rw-r--r-- | resolv/resolv.h | 2 |
3 files changed, 13 insertions, 23 deletions
diff --git a/resolv/res_debug.c b/resolv/res_debug.c index e4664c1da6..4dac71f3c9 100644 --- a/resolv/res_debug.c +++ b/resolv/res_debug.c @@ -604,8 +604,6 @@ p_option(u_long option) { case RES_DEFNAMES: return "defnam"; case RES_STAYOPEN: return "styopn"; case RES_DNSRCH: return "dnsrch"; - case RES_INSECURE1: return "insecure1"; - case RES_INSECURE2: return "insecure2"; case RES_NOALIASES: return "noaliases"; case RES_ROTATE: return "rotate"; case RES_USE_EDNS0: return "edns0"; diff --git a/resolv/res_send.c b/resolv/res_send.c index ca441c4ce1..eeeb8acf27 100644 --- a/resolv/res_send.c +++ b/resolv/res_send.c @@ -1316,31 +1316,25 @@ send_dg(res_state statp, */ goto wait; } - if (!(statp->options & RES_INSECURE1) && - !res_ourserver_p(statp, &from)) { - /* - * response from wrong server? ignore it. - * XXX - potential security hazard could - * be detected here. - */ - goto wait; - } - if (!(statp->options & RES_INSECURE2) - && (recvresp1 || !res_queriesmatch(buf, buf + buflen, + + /* Paranoia check. Due to the connected UDP socket, + the kernel has already filtered invalid addresses + for us. */ + if (!res_ourserver_p(statp, &from)) + goto wait; + + /* Check for the correct header layout and a matching + question. */ + if ((recvresp1 || !res_queriesmatch(buf, buf + buflen, *thisansp, *thisansp + *thisanssizp)) && (recvresp2 || !res_queriesmatch(buf2, buf2 + buflen2, *thisansp, *thisansp - + *thisanssizp))) { - /* - * response contains wrong query? ignore it. - * XXX - potential security hazard could - * be detected here. - */ - goto wait; - } + + *thisanssizp))) + goto wait; + if (anhp->rcode == SERVFAIL || anhp->rcode == NOTIMP || anhp->rcode == REFUSED) { diff --git a/resolv/resolv.h b/resolv/resolv.h index ad053d9d14..7a8023ae9d 100644 --- a/resolv/resolv.h +++ b/resolv/resolv.h @@ -115,8 +115,6 @@ struct res_sym { #define RES_DEFNAMES 0x00000080 /* use default domain name */ #define RES_STAYOPEN 0x00000100 /* Keep TCP socket open */ #define RES_DNSRCH 0x00000200 /* search up local domain tree */ -#define RES_INSECURE1 0x00000400 /* type 1 security disabled */ -#define RES_INSECURE2 0x00000800 /* type 2 security disabled */ #define RES_NOALIASES 0x00001000 /* shuts off HOSTALIASES feature */ #define RES_ROTATE 0x00004000 /* rotate ns list after each query */ #define RES_NOCHECKNAME \ |