From nobody Wed Jun 19 20:36:59 2024 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4W4Flv4lZRz5NnSx; Wed, 19 Jun 2024 20:36:59 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4W4Flv2lsHz4Nwc; Wed, 19 Jun 2024 20:36:59 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1718829419; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=vxFwojKc5Uu6gCxqpLKMV6s5pj1KwOEiv7QWTHDHt6k=; b=WqGti5IlTMou0MjLgkGb02bD5RGJfCbcIIKc52YLS5JeY7yL+PGcZcIolajtw+sdenARhf 7y/fIojqakZ3SEnZMH+OjKH7Hf7iehfdj3efU6onZQ3VSx3Dqzi3CO2HJptiMnpIqismAa 61AbniHyUXiXtEfz23lWEcHHUsqNYWvOYG/l+AcH77pguYYza7p2tHijkyQUrYDm/RHvNI e+aNBoyGdv6nJObNnQ1J4mmzTfkJwswqJ5mLBhtsiHUfqu1YVHGcqLz+K8oU9z0zt4P4wr rZC+HWQoDWo9UYel+FwG6rkrGcmW5iQiEhxZAFZa8cy1hubGdGO4MTvLqj3XCg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1718829419; a=rsa-sha256; cv=none; b=sPnfyClVZVgflynXKQ5+4CX+huSCPYRFFVBCHZZsU7qDuV/eIBGrp3ABnlogZgI8tAH+Kl nw7u5nhmEEmomDGzWuu1WTbib8TlOIILwQM6kRZ+WhOLqHbXyaXh5wOo9v6YGsy5Cdkdqq PhIylpLoMKWFYJQx1xA9iS6fYhDot7dU0OI6UJlRfx+I9r23tBFwm2pUiiXlXAxIvq1KMp W7mIp8OXjEErwXXLT6P9iijYJq5MRXje2MkNFD3I2HqVEJ49iZS97vwCDE17pPRjpqG2gd JYgy2r5zLE0EoABMKBzQUWApi5E6jPaO7mLn8F/2Dwe4x4tzm0nD1Z0dClxuDg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1718829419; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=vxFwojKc5Uu6gCxqpLKMV6s5pj1KwOEiv7QWTHDHt6k=; b=gv63EDxLVe5Rmx7EiZwuABpfKv6PJ45OgVMGxoixpBJMpW23lwJ+zf1R1hU2ZlPkw+etIk CmPwV6isWadU31RpZ1MLxgAwRLHB1y4kyRl5M2hOJ1iUySu02PZFcde9W9isQxgYjv4eGL 32/BkMRUSeRrcvrAB5o8/tpZFds6tLceLIG9XdFWF8zQUKXNCgOVdj5YgdY8m/7iaMK9yk xspZpHYTFj8p0mNlfs1+9pfI+o5IIaM0vWIx/P25YIA5yHc5W7FEd5kFvqkU3WftqalahR RHOPdGG2I3vU1Tfo1PooEHJIHIeoXD8PhFBx98at2/CD0Vxf3yHg2JcbuSoaBw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4W4Flv2MY3zx59; Wed, 19 Jun 2024 20:36:59 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 45JKax9s002122; Wed, 19 Jun 2024 20:36:59 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 45JKaxMu002119; Wed, 19 Jun 2024 20:36:59 GMT (envelope-from git) Date: Wed, 19 Jun 2024 20:36:59 GMT Message-Id: <202406192036.45JKaxMu002119@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Gordon Tetlow Subject: git: bdf75e830a77 - releng/14.0 - ldns: Ignore commented-out lines in resolv.conf. List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: gordon X-Git-Repository: src X-Git-Refname: refs/heads/releng/14.0 X-Git-Reftype: branch X-Git-Commit: bdf75e830a77a16ec0baf1c9367f64c6b96c5e02 Auto-Submitted: auto-generated The branch releng/14.0 has been updated by gordon: URL: https://cgit.FreeBSD.org/src/commit/?id=bdf75e830a77a16ec0baf1c9367f64c6b96c5e02 commit bdf75e830a77a16ec0baf1c9367f64c6b96c5e02 Author: Dag-Erling Smørgrav AuthorDate: 2024-05-15 10:16:24 +0000 Commit: Gordon Tetlow CommitDate: 2024-06-18 17:32:56 +0000 ldns: Ignore commented-out lines in resolv.conf. This merges upstream PR 238 + an additional bug fix. PR: 278721 Approved by: so Security: FreeBSD-EN-24:11.ldns (cherry picked from commit 3b092e4936c433889cc668ea9563c8fd437d1a3e) (cherry picked from commit 7daf36028411c3a9c73e0c75732f9cbcbf66362e) --- contrib/ldns/ldns/parse.h | 2 ++ contrib/ldns/parse.c | 35 +++++++++++++++++++++++++++---- contrib/ldns/resolver.c | 53 ++++++++--------------------------------------- 3 files changed, 42 insertions(+), 48 deletions(-) diff --git a/contrib/ldns/ldns/parse.h b/contrib/ldns/ldns/parse.h index ba7edf5679d8..6130dae32bd2 100644 --- a/contrib/ldns/ldns/parse.h +++ b/contrib/ldns/ldns/parse.h @@ -95,6 +95,8 @@ ssize_t ldns_fget_token_l(FILE *f, char *token, const char *delim, size_t limit, */ ldns_status ldns_fget_token_l_st(FILE *f, char **token, size_t *limit, bool fixed, const char *delim, int *line_nr); +ssize_t ldns_fget_token_l_resolv_conf(FILE *f, char *token, const char *delim, size_t limit, int *line_nr); + /** * returns a token/char from the buffer b. * This function deals with ( and ) in the buffer, diff --git a/contrib/ldns/parse.c b/contrib/ldns/parse.c index 9698ba71e881..af8b2c1321b2 100644 --- a/contrib/ldns/parse.c +++ b/contrib/ldns/parse.c @@ -27,9 +27,14 @@ ldns_fget_token(FILE *f, char *token, const char *delim, size_t limit) return ldns_fget_token_l(f, token, delim, limit, NULL); } -ldns_status -ldns_fget_token_l_st(FILE *f, char **token, size_t *limit, bool fixed - , const char *delim, int *line_nr) +enum file_type2parse { + zone_file_type, resolv_conf_file_type +}; + +static ldns_status +ldns_fget_token_l_st_file_type(FILE *f, char **token, size_t *limit, + bool fixed, const char *delim, int *line_nr, + enum file_type2parse file_type) { int c, prev_c; int p; /* 0 -> no parentheses seen, >0 nr of ( seen */ @@ -98,7 +103,9 @@ ldns_fget_token_l_st(FILE *f, char **token, size_t *limit, bool fixed } /* do something with comments ; */ - if (c == ';' && quoted == 0) { + if ((c == ';' + || (c == '#' && file_type == resolv_conf_file_type)) + && quoted == 0) { if (prev_c != '\\') { com = 1; } @@ -215,6 +222,26 @@ tokenread: return i == 0 ? LDNS_STATUS_SYNTAX_EMPTY : LDNS_STATUS_OK; } +ldns_status +ldns_fget_token_l_st(FILE *f, char **token, size_t *limit, bool fixed + , const char *delim, int *line_nr) +{ + return ldns_fget_token_l_st_file_type( + f, token, limit, fixed, delim, line_nr, zone_file_type); +} + +ssize_t +ldns_fget_token_l_resolv_conf(FILE *f, char *token, const char *delim, + size_t limit, int *line_nr) +{ + if (limit == 0) + limit = LDNS_MAX_LINELEN; + if (ldns_fget_token_l_st_file_type(f, &token, &limit, true, delim, + line_nr, resolv_conf_file_type)) + return -1; + else + return (ssize_t)strlen(token); +} ssize_t ldns_fget_token_l(FILE *f, char *token, const char *delim, size_t limit, int *line_nr) diff --git a/contrib/ldns/resolver.c b/contrib/ldns/resolver.c index f9ec65a55966..a426b82c034e 100644 --- a/contrib/ldns/resolver.c +++ b/contrib/ldns/resolver.c @@ -775,7 +775,7 @@ ldns_resolver_new_frm_fp_l(ldns_resolver **res, FILE *fp, int *line_nr) #endif ssize_t gtr, bgtr; ldns_buffer *b; - int lnr = 0, oldline; + int lnr = 0; FILE* myfp = fp; if(!line_nr) line_nr = &lnr; @@ -809,36 +809,18 @@ ldns_resolver_new_frm_fp_l(ldns_resolver **res, FILE *fp, int *line_nr) gtr = 1; word[0] = 0; - oldline = *line_nr; expect = LDNS_RESOLV_KEYWORD; while (gtr > 0) { - /* check comments */ - if (word[0] == '#') { - word[0]='x'; - if(oldline == *line_nr) { - /* skip until end of line */ - int c; - do { - c = fgetc(myfp); - } while(c != EOF && c != '\n'); - if(c=='\n') (*line_nr)++; - } - /* and read next to prepare for further parsing */ - oldline = *line_nr; - continue; - } - oldline = *line_nr; switch(expect) { case LDNS_RESOLV_KEYWORD: /* keyword */ - gtr = ldns_fget_token_l(myfp, word, LDNS_PARSE_NORMAL, 0, line_nr); + gtr = ldns_fget_token_l_resolv_conf(myfp, word, LDNS_PARSE_NORMAL, 0, line_nr); if (gtr != 0) { - if(word[0] == '#') continue; for(i = 0; i < LDNS_RESOLV_KEYWORDS; i++) { if (strcasecmp(keyword[i], word) == 0) { /* chosen the keyword and * expect values carefully - */ + */ expect = i; break; } @@ -856,16 +838,12 @@ ldns_resolver_new_frm_fp_l(ldns_resolver **res, FILE *fp, int *line_nr) break; case LDNS_RESOLV_DEFDOMAIN: /* default domain dname */ - gtr = ldns_fget_token_l(myfp, word, LDNS_PARSE_NORMAL, 0, line_nr); + gtr = ldns_fget_token_l_resolv_conf(myfp, word, LDNS_PARSE_NORMAL, 0, line_nr); if (gtr == 0) { if(!fp) fclose(myfp); ldns_resolver_deep_free(r); return LDNS_STATUS_SYNTAX_MISSING_VALUE_ERR; } - if(word[0] == '#') { - expect = LDNS_RESOLV_KEYWORD; - continue; - } tmp = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_DNAME, word); if (!tmp) { if(!fp) fclose(myfp); @@ -879,16 +857,12 @@ ldns_resolver_new_frm_fp_l(ldns_resolver **res, FILE *fp, int *line_nr) break; case LDNS_RESOLV_NAMESERVER: /* NS aaaa or a record */ - gtr = ldns_fget_token_l(myfp, word, LDNS_PARSE_NORMAL, 0, line_nr); + gtr = ldns_fget_token_l_resolv_conf(myfp, word, LDNS_PARSE_NORMAL, 0, line_nr); if (gtr == 0) { if(!fp) fclose(myfp); ldns_resolver_deep_free(r); return LDNS_STATUS_SYNTAX_MISSING_VALUE_ERR; } - if(word[0] == '#') { - expect = LDNS_RESOLV_KEYWORD; - continue; - } if(strchr(word, '%')) { /* snip off interface labels, * fe80::222:19ff:fe31:4222%eth0 */ @@ -911,7 +885,7 @@ ldns_resolver_new_frm_fp_l(ldns_resolver **res, FILE *fp, int *line_nr) break; case LDNS_RESOLV_SEARCH: /* search list domain dname */ - gtr = ldns_fget_token_l(myfp, word, LDNS_PARSE_SKIP_SPACE, 0, line_nr); + gtr = ldns_fget_token_l_resolv_conf(myfp, word, LDNS_PARSE_SKIP_SPACE, 0, line_nr); b = LDNS_MALLOC(ldns_buffer); if(!b) { ldns_resolver_deep_free(r); @@ -929,10 +903,6 @@ ldns_resolver_new_frm_fp_l(ldns_resolver **res, FILE *fp, int *line_nr) bgtr = ldns_bget_token(b, word, LDNS_PARSE_NORMAL, (size_t) gtr + 1); while (bgtr > 0) { gtr -= bgtr; - if(word[0] == '#') { - expect = LDNS_RESOLV_KEYWORD; - break; - } tmp = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_DNAME, word); if (!tmp) { ldns_resolver_deep_free(r); @@ -954,28 +924,23 @@ ldns_resolver_new_frm_fp_l(ldns_resolver **res, FILE *fp, int *line_nr) } break; case LDNS_RESOLV_SORTLIST: - gtr = ldns_fget_token_l(myfp, word, LDNS_PARSE_SKIP_SPACE, 0, line_nr); + gtr = ldns_fget_token_l_resolv_conf(myfp, word, LDNS_PARSE_SKIP_SPACE, 0, line_nr); /* sortlist not implemented atm */ expect = LDNS_RESOLV_KEYWORD; break; case LDNS_RESOLV_OPTIONS: - gtr = ldns_fget_token_l(myfp, word, LDNS_PARSE_SKIP_SPACE, 0, line_nr); + gtr = ldns_fget_token_l_resolv_conf(myfp, word, LDNS_PARSE_SKIP_SPACE, 0, line_nr); /* options not implemented atm */ expect = LDNS_RESOLV_KEYWORD; break; case LDNS_RESOLV_ANCHOR: /* a file containing a DNSSEC trust anchor */ - gtr = ldns_fget_token_l(myfp, word, LDNS_PARSE_NORMAL, 0, line_nr); + gtr = ldns_fget_token_l_resolv_conf(myfp, word, LDNS_PARSE_NORMAL, 0, line_nr); if (gtr == 0) { ldns_resolver_deep_free(r); if(!fp) fclose(myfp); return LDNS_STATUS_SYNTAX_MISSING_VALUE_ERR; } - if(word[0] == '#') { - expect = LDNS_RESOLV_KEYWORD; - continue; - } - #ifdef HAVE_SSL tmp_rr = ldns_read_anchor_file(word); (void) ldns_resolver_push_dnssec_anchor(r, tmp_rr);