Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 236939 Details for
Bug 325605
<net-misc/dhcp-4.1.1-p1: DOS (CVE-2010-2156)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
corrected dhcp-4.0-dhclient-resolvconf.patch
dhcp-4.0-dhclient-resolvconf.patch (text/plain), 14.18 KB, created by
Petr Morávek
on 2010-06-29 17:27:26 UTC
(
hide
)
Description:
corrected dhcp-4.0-dhclient-resolvconf.patch
Filename:
MIME Type:
Creator:
Petr Morávek
Created:
2010-06-29 17:27:26 UTC
Size:
14.18 KB
patch
obsolete
>diff -ur a/client/scripts/bsdos b/client/scripts/bsdos >--- a/client/scripts/bsdos 2008-09-01 14:41:00.000000000 +0100 >+++ b/client/scripts/bsdos 2008-09-01 14:57:33.000000000 +0100 >@@ -1,34 +1,41 @@ > #!/bin/sh > > make_resolv_conf() { >+ if [ x"$PEER_DNS" != x ] && [ x"$PEER_DNS" != xyes ]; then >+ return 0 >+ fi >+ local conf= > if [ x"$new_domain_name_servers" != x ]; then >- cat /dev/null > /etc/resolv.conf.dhclient > if [ "x$new_domain_search" != x ]; then >- echo search $new_domain_search >> /etc/resolv.conf.dhclient >+ conf="${conf}search ${new_domain_search}\n" > elif [ "x$new_domain_name" != x ]; then > # Note that the DHCP 'Domain Name Option' is really just a domain > # name, and that this practice of using the domain name option as > # a search path is both nonstandard and deprecated. >- echo search $new_domain_name >> /etc/resolv.conf.dhclient >+ conf="${conf}search ${new_domain_name}\n" > fi > for nameserver in $new_domain_name_servers; do >- echo nameserver $nameserver >> /etc/resolv.conf.dhclient >+ conf="${conf}nameserver ${nameserver}\n" > done >- >- mv /etc/resolv.conf.dhclient /etc/resolv.conf > elif [ "x${new_dhcp6_name_servers}" != x ] ; then >- cat /dev/null > /etc/resolv.conf.dhclient6 >- chmod 644 /etc/resolv.conf.dhclient6 >- > if [ "x${new_dhcp6_domain_search}" != x ] ; then >- echo search ${new_dhcp6_domain_search} >> /etc/resolv.conf.dhclient6 >+ conf="${conf}search ${new_dhcp6_domain_search}\n" > fi > for nameserver in ${new_dhcp6_name_servers} ; do >- echo nameserver ${nameserver} >> /etc/resolv.conf.dhclient6 >+ conf="${conf}nameserver ${nameserver}\n" > done >+ fi > >- mv /etc/resolv.conf.dhclient6 /etc/resolv.conf >+ if [ x"$conf" != x ]; then >+ conf="# Generated by dhclient or interface $interface\n${conf}" >+ if type resolvconf >/dev/null 2>&1; then >+ printf "${conf}" | resolvconf -a $interface >+ else >+ printf "${conf}" > /etc/resolv.conf >+ chmod 644 /etc/resolv.conf >+ fi > fi >+ > # If we're making confs, may as well make an ntp.conf too > make_ntp_conf > } >diff -ur a/client/scripts/freebsd b/client/scripts/freebsd >--- a/client/scripts/freebsd 2008-09-01 14:41:00.000000000 +0100 >+++ b/client/scripts/freebsd 2008-09-01 15:00:18.000000000 +0100 >@@ -11,68 +11,41 @@ > fi > > make_resolv_conf() { >+ if [ x"$PEER_DNS" != x ] && [ x"$PEER_DNS" != xyes ]; then >+ return 0 >+ fi >+ local conf= > if [ x"$new_domain_name_servers" != x ]; then >- ( cat /dev/null > /etc/resolv.conf.dhclient ) >- exit_status=$? >- if [ $exit_status -ne 0 ]; then >- $LOGGER "Unable to create /etc/resolv.conf.dhclient: Error $exit_status" >- else >- if [ "x$new_domain_search" != x ]; then >- ( echo search $new_domain_search >> /etc/resolv.conf.dhclient ) >- exit_status=$? >- elif [ "x$new_domain_name" != x ]; then >- # Note that the DHCP 'Domain Name Option' is really just a domain >- # name, and that this practice of using the domain name option as >- # a search path is both nonstandard and deprecated. >- ( echo search $new_domain_name >> /etc/resolv.conf.dhclient ) >- exit_status=$? >- fi >- for nameserver in $new_domain_name_servers; do >- if [ $exit_status -ne 0 ]; then >- break >- fi >- ( echo nameserver $nameserver >>/etc/resolv.conf.dhclient ) >- exit_status=$? >- done >- >- # If there were no errors, attempt to mv the new file into place. >- if [ $exit_status -eq 0 ]; then >- ( mv /etc/resolv.conf.dhclient /etc/resolv.conf ) >- exit_status=$? >- fi >- >- if [ $exit_status -ne 0 ]; then >- $LOGGER "Error while writing new /etc/resolv.conf." >- fi >+ if [ "x$new_domain_search" != x ]; then >+ conf="${conf}search ${new_domain_search}\n" >+ elif [ "x$new_domain_name" != x ]; then >+ # Note that the DHCP 'Domain Name Option' is really just a domain >+ # name, and that this practice of using the domain name option as >+ # a search path is both nonstandard and deprecated. >+ conf="${conf}search ${new_domain_name}\n" > fi >+ for nameserver in $new_domain_name_servers; do >+ conf="${conf}nameserver ${nameserver}\n" >+ done > elif [ "x${new_dhcp6_name_servers}" != x ] ; then >- ( cat /dev/null > /etc/resolv.conf.dhclient6 ) >- exit_status=$? >- if [ $exit_status -ne 0 ] ; then >- $LOGGER "Unable to create /etc/resolv.conf.dhclient6: Error $exit_status" >- else >- if [ "x${new_dhcp6_domain_search}" != x ] ; then >- ( echo search ${new_dhcp6_domain_search} >> /etc/resolv.conf.dhclient6 ) >- exit_status=$? >- fi >- for nameserver in ${new_dhcp6_name_servers} ; do >- if [ $exit_status -ne 0 ] ; then >- break >- fi >- ( echo nameserver ${nameserver} >> /etc/resolv.conf.dhclient6 ) >- exit_status=$? >- done >- >- if [ $exit_status -eq 0 ] ; then >- ( mv /etc/resolv.conf.dhclient6 /etc/resolv.conf ) >- exit_status=$? >- fi >+ if [ "x${new_dhcp6_domain_search}" != x ] ; then >+ conf="${conf}search ${new_dhcp6_domain_search}\n" >+ fi >+ for nameserver in ${new_dhcp6_name_servers} ; do >+ conf="${conf}nameserver ${nameserver}\n" >+ done >+ fi > >- if [ $exit_status -ne 0 ] ; then >- $LOGGER "Error while writing new /etc/resolv.conf." >- fi >+ if [ x"$conf" != x ]; then >+ conf="# Generated by dhclient or interface $interface\n${conf}" >+ if type resolvconf >/dev/null 2>&1; then >+ printf "${conf}" | resolvconf -a $interface >+ else >+ printf "${conf}" > /etc/resolv.conf >+ chmod 644 /etc/resolv.conf > fi > fi >+ > # If we're making confs, may as well make an ntp.conf too > make_ntp_conf > } >diff -ur a/client/scripts/linux b/client/scripts/linux >--- a/client/scripts/linux 2008-09-01 14:41:00.000000000 +0100 >+++ b/client/scripts/linux 2008-09-01 14:58:09.000000000 +0100 >@@ -26,35 +26,41 @@ > ip=/sbin/ip > > make_resolv_conf() { >+ if [ x"$PEER_DNS" != x ] && [ x"$PEER_DNS" != xyes ]; then >+ return 0 >+ fi >+ local conf= > if [ x"$new_domain_name_servers" != x ]; then >- cat /dev/null > /etc/resolv.conf.dhclient >- chmod 644 /etc/resolv.conf.dhclient >- if [ x"$new_domain_search" != x ]; then >- echo search $new_domain_search >> /etc/resolv.conf.dhclient >- elif [ x"$new_domain_name" != x ]; then >+ if [ "x$new_domain_search" != x ]; then >+ conf="${conf}search ${new_domain_search}\n" >+ elif [ "x$new_domain_name" != x ]; then > # Note that the DHCP 'Domain Name Option' is really just a domain > # name, and that this practice of using the domain name option as > # a search path is both nonstandard and deprecated. >- echo search $new_domain_name >> /etc/resolv.conf.dhclient >+ conf="${conf}search ${new_domain_name}\n" > fi > for nameserver in $new_domain_name_servers; do >- echo nameserver $nameserver >>/etc/resolv.conf.dhclient >+ conf="${conf}nameserver ${nameserver}\n" > done >- >- mv /etc/resolv.conf.dhclient /etc/resolv.conf > elif [ "x${new_dhcp6_name_servers}" != x ] ; then >- cat /dev/null > /etc/resolv.conf.dhclient6 >- chmod 644 /etc/resolv.conf.dhclient6 >- > if [ "x${new_dhcp6_domain_search}" != x ] ; then >- echo search ${new_dhcp6_domain_search} >> /etc/resolv.conf.dhclient6 >+ conf="${conf}search ${new_dhcp6_domain_search}\n" > fi > for nameserver in ${new_dhcp6_name_servers} ; do >- echo nameserver ${nameserver} >> /etc/resolv.conf.dhclient6 >+ conf="${conf}nameserver ${nameserver}\n" > done >+ fi > >- mv /etc/resolv.conf.dhclient6 /etc/resolv.conf >+ if [ x"$conf" != x ]; then >+ conf="# Generated by dhclient or interface $interface\n${conf}" >+ if type resolvconf >/dev/null 2>&1; then >+ printf "${conf}" | resolvconf -a $interface >+ else >+ printf "${conf}" > /etc/resolv.conf >+ chmod 644 /etc/resolv.conf >+ fi > fi >+ > # If we're making confs, may as well make an ntp.conf too > make_ntp_conf > } >diff -ur a/client/scripts/netbsd b/client/scripts/netbsd >--- a/client/scripts/netbsd 2008-09-01 14:41:00.000000000 +0100 >+++ b/client/scripts/netbsd 2008-09-01 14:58:40.000000000 +0100 >@@ -1,34 +1,41 @@ > #!/bin/sh > > make_resolv_conf() { >- if [ "x$new_domain_name" != x ] && [ x"$new_domain_name_servers" != x ]; then >- cat /dev/null > /etc/resolv.conf.dhclient >- if [ "x$new_domain_search != x ]; then >- echo search $new_domain_search >> /etc/resolv.conf.dhclient >- elif [ "x$new_domain_name != x ]; then >+ if [ x"$PEER_DNS" != x ] && [ x"$PEER_DNS" != xyes ]; then >+ return 0 >+ fi >+ local conf= >+ if [ x"$new_domain_name_servers" != x ]; then >+ if [ "x$new_domain_search" != x ]; then >+ conf="${conf}search ${new_domain_search}\n" >+ elif [ "x$new_domain_name" != x ]; then > # Note that the DHCP 'Domain Name Option' is really just a domain > # name, and that this practice of using the domain name option as > # a search path is both nonstandard and deprecated. >- echo search $new_domain_name >> /etc/resolv.conf.dhclient >+ conf="${conf}search ${new_domain_name}\n" > fi > for nameserver in $new_domain_name_servers; do >- echo nameserver $nameserver >>/etc/resolv.conf.dhclient >+ conf="${conf}nameserver ${nameserver}\n" > done >- >- mv /etc/resolv.conf.dhclient /etc/resolv.conf > elif [ "x${new_dhcp6_name_servers}" != x ] ; then >- cat /dev/null > /etc/resolv.conf.dhclient6 >- chmod 644 /etc/resolv.conf.dhclient6 >- > if [ "x${new_dhcp6_domain_search}" != x ] ; then >- echo search ${new_dhcp6_domain_search} >> /etc/resolv.conf.dhclient6 >+ conf="${conf}search ${new_dhcp6_domain_search}\n" > fi > for nameserver in ${new_dhcp6_name_servers} ; do >- echo nameserver ${nameserver} >> /etc/resolv.conf.dhclient6 >+ conf="${conf}nameserver ${nameserver}\n" > done >+ fi > >- mv /etc/resolv.conf.dhclient6 /etc/resolv.conf >+ if [ x"$conf" != x ]; then >+ conf="# Generated by dhclient or interface $interface\n${conf}" >+ if type resolvconf >/dev/null 2>&1; then >+ printf "${conf}" | resolvconf -a $interface >+ else >+ printf "${conf}" > /etc/resolv.conf >+ chmod 644 /etc/resolv.conf >+ fi > fi >+ > # If we're making confs, may as well make an ntp.conf too > make_ntp_conf > } >diff -ur a/client/scripts/openbsd b/client/scripts/openbsd >--- a/client/scripts/openbsd 2008-09-01 14:41:00.000000000 +0100 >+++ b/client/scripts/openbsd 2008-09-01 14:59:12.000000000 +0100 >@@ -1,34 +1,41 @@ > #!/bin/sh > > make_resolv_conf() { >- if x"$new_domain_name_servers" != x ]; then >- cat /dev/null > /etc/resolv.conf.dhclient >- if [ x"$new_domain_search" != x ]; then >- echo search $new_domain_search >> /etc/resolv.conf.dhclient >- elif [ x"$new_domain_name" != x ]; then >+ if [ x"$PEER_DNS" != x ] && [ x"$PEER_DNS" != xyes ]; then >+ return 0 >+ fi >+ local conf= >+ if [ x"$new_domain_name_servers" != x ]; then >+ if [ "x$new_domain_search" != x ]; then >+ conf="${conf}search ${new_domain_search}\n" >+ elif [ "x$new_domain_name" != x ]; then > # Note that the DHCP 'Domain Name Option' is really just a domain > # name, and that this practice of using the domain name option as > # a search path is both nonstandard and deprecated. >- echo search $new_domain_name >> /etc/resolv.conf.dhclient >+ conf="${conf}search ${new_domain_name}\n" > fi > for nameserver in $new_domain_name_servers; do >- echo nameserver $nameserver >>/etc/resolv.conf.dhclient >+ conf="${conf}nameserver ${nameserver}\n" > done >- >- mv /etc/ersolv.conf.dhclient /etc/resolv.conf > elif [ "x${new_dhcp6_name_servers}" != x ] ; then >- cat /dev/null > /etc/resolv.conf.dhclient6 >- chmod 644 /etc/resolv.conf.dhclient6 >- > if [ "x${new_dhcp6_domain_search}" != x ] ; then >- echo search ${new_dhcp6_domain_search} >> /etc/resolv.conf.dhclient6 >+ conf="${conf}search ${new_dhcp6_domain_search}\n" > fi > for nameserver in ${new_dhcp6_name_servers} ; do >- echo nameserver ${nameserver} >> /etc/resolv.conf.dhclient6 >+ conf="${conf}nameserver ${nameserver}\n" > done >+ fi > >- mv /etc/resolv.conf.dhclient6 /etc/resolv.conf >+ if [ x"$conf" != x ]; then >+ conf="# Generated by dhclient or interface $interface\n${conf}" >+ if type resolvconf >/dev/null 2>&1; then >+ printf "${conf}" | resolvconf -a $interface >+ else >+ printf "${conf}" > /etc/resolv.conf >+ chmod 644 /etc/resolv.conf >+ fi > fi >+ > # If we're making confs, may as well make an ntp.conf too > make_ntp_conf > } >diff -ur a/client/scripts/solaris b/client/scripts/solaris >--- a/client/scripts/solaris 2008-09-01 14:41:00.000000000 +0100 >+++ b/client/scripts/solaris 2008-09-01 14:59:27.000000000 +0100 >@@ -1,22 +1,41 @@ > #!/bin/sh > > make_resolv_conf() { >+ if [ x"$PEER_DNS" != x ] && [ x"$PEER_DNS" != xyes ]; then >+ return 0 >+ fi >+ local conf= > if [ x"$new_domain_name_servers" != x ]; then >- cat /dev/null > /etc/resolv.conf.dhclient >- if [ x"$new_domain_search" != x ]; then >- echo search $new_domain_search >> /etc/resolv.conf.dhclient >- elif [ x"$new_domain_name" != x ]; then >+ if [ "x$new_domain_search" != x ]; then >+ conf="${conf}search ${new_domain_search}\n" >+ elif [ "x$new_domain_name" != x ]; then > # Note that the DHCP 'Domain Name Option' is really just a domain > # name, and that this practice of using the domain name option as > # a search path is both nonstandard and deprecated. >- echo search $new_domain_name >> /etc/resolv.conf.dhclient >+ conf="${conf}search ${new_domain_name}\n" > fi > for nameserver in $new_domain_name_servers; do >- echo nameserver $nameserver >>/etc/resolv.conf.dhclient >+ conf="${conf}nameserver ${nameserver}\n" >+ done >+ elif [ "x${new_dhcp6_name_servers}" != x ] ; then >+ if [ "x${new_dhcp6_domain_search}" != x ] ; then >+ conf="${conf}search ${new_dhcp6_domain_search}\n" >+ fi >+ for nameserver in ${new_dhcp6_name_servers} ; do >+ conf="${conf}nameserver ${nameserver}\n" > done >+ fi > >- mv /etc/resolv.conf.dhclient /etc/resolv.conf >+ if [ x"$conf" != x ]; then >+ conf="# Generated by dhclient or interface $interface\n${conf}" >+ if type resolvconf >/dev/null 2>&1; then >+ printf "${conf}" | resolvconf -a $interface >+ else >+ printf "${conf}" > /etc/resolv.conf >+ chmod 644 /etc/resolv.conf >+ fi > fi >+ > # If we're making confs, may as well make an ntp.conf too > make_ntp_conf > }
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 325605
: 236939