aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFlorian Weimer <fweimer@redhat.com>2019-04-08 11:19:38 +0200
committerFlorian Weimer <fweimer@redhat.com>2019-04-08 11:19:38 +0200
commit333221862ecbebde60dd16e7ca17d26444e62f50 (patch)
treeda1639481030c9cc8a8a478dad7308869cb783bc
parent3f8b44be0a658266adff5ece1e4bc3ce097a5dbe (diff)
downloadglibc-333221862ecbebde60dd16e7ca17d26444e62f50.zip
glibc-333221862ecbebde60dd16e7ca17d26444e62f50.tar.gz
glibc-333221862ecbebde60dd16e7ca17d26444e62f50.tar.bz2
resolv: Remove RES_INSECURE1, RES_INSECURE2
Always perform the associated security checks.
-rw-r--r--ChangeLog9
-rw-r--r--NEWS3
-rw-r--r--resolv/res_debug.c2
-rw-r--r--resolv/res_send.c32
-rw-r--r--resolv/resolv.h2
5 files changed, 25 insertions, 23 deletions
diff --git a/ChangeLog b/ChangeLog
index bc43b72..6b7f19a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,14 @@
2019-04-08 Florian Weimer <fweimer@redhat.com>
+ * resolv/resolv.h (RES_INSECURE1, RES_INSECURE2): Remove
+ definitions.
+ * resolv/res_send.c (send_dg): Always perform RES_INSECURE1 and
+ RES_INSECURE2 security checks.
+ * resolv/res_debug.c (p_option): Remove RES_INSECURE1 and
+ RES_INSECURE2 handling.
+
+2019-04-08 Florian Weimer <fweimer@redhat.com>
+
resolv: Remove support for RES_USE_INET6 and the inet6 option.
* nscd/aicache.c (addhstaiX): Do not disable RES_USE_INET6.
* nscd/nscd_gehst_r.c (__nscd_gethostbyname_r): Always use
diff --git a/NEWS b/NEWS
index 53011b6..b58e246 100644
--- a/NEWS
+++ b/NEWS
@@ -38,6 +38,9 @@ Deprecated and removed features, and other changes affecting compatibility:
* Support for the "inet6" option in /etc/resolv.conf and the RES_USE_INET6
resolver flag (deprecated in glibc 2.25) have been removed.
+* The obsolete RES_INSECURE1 and RES_INSECURE2 option flags for the DNS stub
+ resolver have been removed from <resolv.h>.
+
Changes to build and runtime requirements:
* GCC 6.2 or later is required to build the GNU C Library.
diff --git a/resolv/res_debug.c b/resolv/res_debug.c
index e4664c1..4dac71f 100644
--- a/resolv/res_debug.c
+++ b/resolv/res_debug.c
@@ -604,8 +604,6 @@ p_option(u_long option) {
case RES_DEFNAMES: return "defnam";
case RES_STAYOPEN: return "styopn";
case RES_DNSRCH: return "dnsrch";
- case RES_INSECURE1: return "insecure1";
- case RES_INSECURE2: return "insecure2";
case RES_NOALIASES: return "noaliases";
case RES_ROTATE: return "rotate";
case RES_USE_EDNS0: return "edns0";
diff --git a/resolv/res_send.c b/resolv/res_send.c
index ca441c4..eeeb8ac 100644
--- a/resolv/res_send.c
+++ b/resolv/res_send.c
@@ -1316,31 +1316,25 @@ send_dg(res_state statp,
*/
goto wait;
}
- if (!(statp->options & RES_INSECURE1) &&
- !res_ourserver_p(statp, &from)) {
- /*
- * response from wrong server? ignore it.
- * XXX - potential security hazard could
- * be detected here.
- */
- goto wait;
- }
- if (!(statp->options & RES_INSECURE2)
- && (recvresp1 || !res_queriesmatch(buf, buf + buflen,
+
+ /* Paranoia check. Due to the connected UDP socket,
+ the kernel has already filtered invalid addresses
+ for us. */
+ if (!res_ourserver_p(statp, &from))
+ goto wait;
+
+ /* Check for the correct header layout and a matching
+ question. */
+ if ((recvresp1 || !res_queriesmatch(buf, buf + buflen,
*thisansp,
*thisansp
+ *thisanssizp))
&& (recvresp2 || !res_queriesmatch(buf2, buf2 + buflen2,
*thisansp,
*thisansp
- + *thisanssizp))) {
- /*
- * response contains wrong query? ignore it.
- * XXX - potential security hazard could
- * be detected here.
- */
- goto wait;
- }
+ + *thisanssizp)))
+ goto wait;
+
if (anhp->rcode == SERVFAIL ||
anhp->rcode == NOTIMP ||
anhp->rcode == REFUSED) {
diff --git a/resolv/resolv.h b/resolv/resolv.h
index ad053d9..7a8023a 100644
--- a/resolv/resolv.h
+++ b/resolv/resolv.h
@@ -115,8 +115,6 @@ struct res_sym {
#define RES_DEFNAMES 0x00000080 /* use default domain name */
#define RES_STAYOPEN 0x00000100 /* Keep TCP socket open */
#define RES_DNSRCH 0x00000200 /* search up local domain tree */
-#define RES_INSECURE1 0x00000400 /* type 1 security disabled */
-#define RES_INSECURE2 0x00000800 /* type 2 security disabled */
#define RES_NOALIASES 0x00001000 /* shuts off HOSTALIASES feature */
#define RES_ROTATE 0x00004000 /* rotate ns list after each query */
#define RES_NOCHECKNAME \