9.1.1-P4

is not used.

1480.   [bug]           Provide replay protection for rndc commands.

CHANGES

@@ -1,3 +1,23 @@
+	--- 9.1.1-P4 released ---
+
+2203.	[security]	Query id generation was cryptographically weak.
+			[RT # 16915]
+
+	--- 9.1.1-P3 released ---
+
+2126.	[security]	Serialise validation of type ANY responses. [RT #16555]
+
+	--- 9.1.1-P2 released ---
+
+1499.	[bug]		isc_random need to be seeded better if arc4random()
+			is not used.
+
+1480.	[bug]		Provide replay protection for rndc commands.
+
+	--- 9.1.1-P1 released ---
+
+1243.	[bug]		It was possible to trigger a REQUIRE() in
+			dns_message_findtype(). [RT #2659]
 
 	--- 9.1.1 released ---
 

bin/named/client.c

@@ -15,7 +15,7 @@
  * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: client.c,v 1.136.2.4 2001/02/23 02:27:25 gson Exp $ */
+/* $Id: client.c,v 1.136.2.4.4.1 2007/08/12 07:38:18 marka Exp $ */
 
 #include <config.h>
 
@@ -1222,6 +1222,10 @@ client_request(isc_task_t *task, isc_event_t *event) {
 #endif
 	}
 
+	dns_dispatch_hash(&client->now, sizeof(client->now));
+	dns_dispatch_hash(isc_buffer_base(buffer),
+			  isc_buffer_usedlength(buffer));
+
 	result = dns_message_parse(client->message, buffer, 0);
 	if (result != ISC_R_SUCCESS) {
 		ns_client_error(client, result);

lib/dns/config/confparser.y.dirty

@@ -33,7 +33,7 @@
  * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: confparser.y.dirty,v 1.44.2.8 2001/03/21 18:34:31 bwelling Exp $ */
+/* $Id: confparser.y.dirty,v 1.44.2.8.4.1 2003/09/01 05:19:20 marka Exp $ */
 
 #include <config.h>
 
@@ -1888,7 +1888,7 @@ ordering_name: /* nothing */
 			$$ = $2;
 		}
 	}
-
+	;
 
 rrset_ordering_element: ordering_class ordering_type ordering_name
 	L_ORDER L_STRING
@@ -1918,7 +1918,7 @@ rrset_ordering_element: ordering_class ordering_type ordering_name
 		isc_mem_free(memctx, $5);
 		isc_mem_free(memctx, $3);
 	}
-
+	;
 
 transfer_format: L_ONE_ANSWER
 	{
@@ -2158,7 +2158,8 @@ additional_data: L_INTERNAL
 	| L_MAXIMAL
 	{
 		$$ = dns_c_ad_maximal;
-	};
+	}
+	;
 
 yea_or_nay: L_YES
 	{
@@ -2188,6 +2189,7 @@ yea_or_nay: L_YES
 			$$ = isc_boolean_true;
 		}
 	}
+	;
 
 notify_setting: yea_or_nay
 	{
@@ -4958,6 +4960,7 @@ class_name: any_string
 		isc_mem_free(memctx, $1);
 		$$ = cl;
 	}
+	;
 
 wild_class_name: any_string
 	{
@@ -4981,6 +4984,7 @@ wild_class_name: any_string
 		isc_mem_free(memctx, $1);
 		$$ = cl;
 	}
+	;
 
 optional_class: /* Empty */
 	{

lib/dns/dispatch.c

@@ -15,19 +15,21 @@
  * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: dispatch.c,v 1.78.2.5 2001/02/17 00:56:29 gson Exp $ */
+/* $Id: dispatch.c,v 1.78.2.5.4.1 2007/08/12 07:38:18 marka Exp $ */
 
 #include <config.h>
 
 #include <stdlib.h>
+#include <sys/types.h>
+#include <unistd.h>
 
 #include <isc/entropy.h>
-#include <isc/lfsr.h>
 #include <isc/mem.h>
 #include <isc/mutex.h>
 #include <isc/print.h>
 #include <isc/string.h>
 #include <isc/task.h>
+#include <isc/time.h>
 #include <isc/util.h>
 
 #include <dns/acl.h>
@@ -40,14 +42,23 @@
 
 typedef ISC_LIST(dns_dispentry_t)	dns_displist_t;
 
+typedef struct dns_nsid {
+	isc_uint16_t	nsid_state;
+	isc_uint16_t	*nsid_vtable;
+	isc_uint16_t	*nsid_pool;
+	isc_uint16_t	nsid_a1, nsid_a2, nsid_a3;
+	isc_uint16_t	nsid_c1, nsid_c2, nsid_c3;
+	isc_uint16_t	nsid_state2;
+	isc_boolean_t	nsid_usepool;
+} dns_nsid_t;
+
 typedef struct dns_qid {
 	unsigned int	magic;
 	isc_mem_t	*mctx;
 	unsigned int	qid_nbuckets;	/* hash table size */
 	unsigned int	qid_increment;	/* id increment on collision */
 	isc_mutex_t	lock;
-	isc_lfsr_t	qid_lfsr1;	/* state generator info */
-	isc_lfsr_t	qid_lfsr2;	/* state generator info */
+	dns_nsid_t	nsid;
 	dns_displist_t	*qid_table;	/* the table itself */
 } dns_qid_t;
 
@@ -161,7 +172,7 @@ static void destroy_disp(dns_dispatch_t **);
 static void udp_recv(isc_task_t *, isc_event_t *);
 static void tcp_recv(isc_task_t *, isc_event_t *);
 static inline void startrecv(dns_dispatch_t *);
-static isc_uint32_t dns_randomid(dns_qid_t *);
+static isc_uint32_t dns_randomid(dns_nsid_t *);
 static isc_uint32_t dns_hash(dns_qid_t *, isc_sockaddr_t *, isc_uint32_t);
 static void free_buffer(dns_dispatch_t *disp, void *buf, unsigned int len);
 static void *allocate_udp_buffer(dns_dispatch_t *disp);
@@ -184,8 +195,12 @@ static isc_result_t dispatch_createudp(dns_dispatchmgr_t *mgr,
 static isc_boolean_t destroy_mgr_ok(dns_dispatchmgr_t *mgr);
 static void destroy_mgr(dns_dispatchmgr_t **mgrp);
 static isc_result_t qid_allocate(dns_dispatchmgr_t *mgr, unsigned int buckets,
-				 unsigned int increment, dns_qid_t **qidp);
+				 unsigned int increment, isc_boolean_t usepool,
+				 dns_qid_t **qidp);
 static void qid_destroy(isc_mem_t *mctx, dns_qid_t **qidp);
+static isc_uint16_t nsid_next(dns_nsid_t *nsid);
+static isc_result_t nsid_init(isc_mem_t *mctx, dns_nsid_t *nsid, isc_boolean_t usepool);
+static void nsid_destroy(isc_mem_t *mctx, dns_nsid_t *nsid);
 
 #define LVL(x) ISC_LOG_DEBUG(x)
 
@@ -257,38 +272,16 @@ request_log(dns_dispatch_t *disp, dns_dispentry_t *resp,
 	}
 }
 
-static void
-reseed_lfsr(isc_lfsr_t *lfsr, void *arg)
-{
-	dns_dispatchmgr_t *mgr = arg;
-	isc_result_t result;
-	isc_uint32_t val;
-
-	REQUIRE(VALID_DISPATCHMGR(mgr));
-
-	if (mgr->entropy != NULL) {
-		result = isc_entropy_getdata(mgr->entropy, &val, sizeof val,
-					     NULL, 0);
-		INSIST(result == ISC_R_SUCCESS);
-		lfsr->count = (val & 0x1f) + 32;
-		lfsr->state = val;
-		return;
-	}
-
-	lfsr->count = (random() & 0x1f) + 32;	/* From 32 to 63 states */
-	lfsr->state = random();
-}
-
 /*
  * Return an unpredictable message ID.
  */
 static isc_uint32_t
-dns_randomid(dns_qid_t *qid) {
-	isc_uint32_t id;
+dns_randomid(dns_nsid_t *nsid) {
+	isc_uint16_t id;
 
-	id = isc_lfsr_generate32(&qid->qid_lfsr1, &qid->qid_lfsr2);
+	id = nsid_next(nsid);
 
-	return (id & 0x0000ffffU);
+	return ((dns_messageid_t)id);
 }
 
 /*
@@ -640,6 +633,10 @@ udp_recv(isc_task_t *task, isc_event_t *ev_in) {
 		}
 		/* query */
 	} else {
+
+		dns_dispatch_hash(&ev->timestamp, sizeof(&ev->timestamp));
+		dns_dispatch_hash(ev->region.base, ev->region.length);
+
  		/* response */
 		bucket = dns_hash(qid, &ev->address, id);
 		LOCK(&qid->lock);
@@ -896,6 +893,8 @@ tcp_recv(isc_task_t *task, isc_event_t *ev_in) {
 		isc_task_send(resp->task, (isc_event_t **)&rev);
 	}
 
+	dns_dispatch_hash(tcpmsg->buffer.base, tcpmsg->buffer.length);
+
 	/*
 	 * Restart recv() to get the next packet.
 	 */
@@ -1225,7 +1224,7 @@ dns_dispatchmgr_setudp(dns_dispatchmgr_t *mgr,
 	isc_mempool_setmaxalloc(mgr->bpool, maxbuffers);
 	isc_mempool_associatelock(mgr->bpool, &mgr->pool_lock);
 
-	result = qid_allocate(mgr, buckets, increment, &mgr->qid);
+	result = qid_allocate(mgr, buckets, increment, ISC_TRUE, &mgr->qid);
 	if (result != ISC_R_SUCCESS)
 		goto cleanup;
 
@@ -1329,7 +1328,7 @@ dispatch_find(dns_dispatchmgr_t *mgr, isc_sockaddr_t *local,
 
 static isc_result_t
 qid_allocate(dns_dispatchmgr_t *mgr, unsigned int buckets,
-	     unsigned int increment, dns_qid_t **qidp)
+	     unsigned int increment, isc_boolean_t usepool, dns_qid_t **qidp)
 {
 	dns_qid_t *qid;
 	unsigned int i;
@@ -1350,8 +1349,16 @@ qid_allocate(dns_dispatchmgr_t *mgr, unsigned int buckets,
 		return (ISC_R_NOMEMORY);
 	}
 
+	if (nsid_init(mgr->mctx, &qid->nsid, usepool) != ISC_R_SUCCESS) {
+		isc_mem_put(mgr->mctx, qid->qid_table,
+			    buckets * sizeof(dns_displist_t));
+		isc_mem_put(mgr->mctx, qid, sizeof(*qid));
+		return (ISC_R_NOMEMORY);
+	}
+
 	if (isc_mutex_init(&qid->lock) != ISC_R_SUCCESS) {
 		UNEXPECTED_ERROR(__FILE__, __LINE__, "isc_mutex_init failed");
+		nsid_destroy(mgr->mctx, &qid->nsid);
 		isc_mem_put(mgr->mctx, qid->qid_table,
 			    buckets * sizeof(dns_displist_t));
 		isc_mem_put(mgr->mctx, qid, sizeof(*qid));
@@ -1365,20 +1372,6 @@ qid_allocate(dns_dispatchmgr_t *mgr, unsigned int buckets,
 	qid->qid_increment = increment;
 	qid->magic = QID_MAGIC;
 
-	/*
-	 * Initialize to a 32-bit LFSR.  Both of these are from Applied
-	 * Cryptography.
-	 *
-	 * lfsr1:
-	 *	x^32 + x^7 + x^5 + x^3 + x^2 + x + 1
-	 *
-	 * lfsr2:
-	 *	x^32 + x^7 + x^6 + x^2 + 1
-	 */
-	isc_lfsr_init(&qid->qid_lfsr1, 0, 32, 0x80000057U,
-		      0, reseed_lfsr, mgr);
-	isc_lfsr_init(&qid->qid_lfsr2, 0, 32, 0x800000c2U,
-		      0, reseed_lfsr, mgr);
 	*qidp = qid;
 	return (ISC_R_SUCCESS);
 }
@@ -1394,6 +1387,7 @@ qid_destroy(isc_mem_t *mctx, dns_qid_t **qidp) {
 
 	*qidp = NULL;
 	qid->magic = 0;
+	nsid_destroy(mctx, &qid->nsid);
 	isc_mem_put(mctx, qid->qid_table,
 		    qid->qid_nbuckets * sizeof(dns_displist_t));
 	DESTROYLOCK(&qid->lock);
@@ -1557,7 +1551,7 @@ dns_dispatch_createtcp(dns_dispatchmgr_t *mgr, isc_socket_t *sock,
 		return (result);
 	}
 
-	result = qid_allocate(mgr, buckets, increment, &disp->qid);
+	result = qid_allocate(mgr, buckets, increment, ISC_FALSE, &disp->qid);
 	if (result != ISC_R_SUCCESS)
 		goto deallocate_dispatch;
 
@@ -1831,7 +1825,7 @@ dns_dispatch_addresponse(dns_dispatch_t *disp, isc_sockaddr_t *dest,
 	 */
 	qid = DNS_QID(disp);
 	LOCK(&qid->lock);
-	id = dns_randomid(qid);
+	id = dns_randomid(&qid->nsid);
 	bucket = dns_hash(qid, dest, id);
 	ok = ISC_FALSE;
 	for (i = 0 ; i < 64 ; i++) {
@@ -2378,3 +2372,409 @@ dns_dispatchmgr_dump(dns_dispatchmgr_t *mgr) {
 	}
 }
 #endif
+
+/*
+ * Allow the user to pick one of two ID randomization algorithms.
+ *
+ * The first algorithm is an adaptation of the sequence shuffling
+ * algorithm discovered by Carter Bays and S. D. Durham [ACM Trans. Math.
+ * Software 2 (1976), 59-64], as documented as Algorithm B in Chapter
+ * 3.2.2 in Volume 2 of Knuth's "The Art of Computer Programming".  We use
+ * a randomly selected linear congruential random number generator with a
+ * modulus of 2^16, whose increment is a randomly picked odd number, and
+ * whose multiplier is picked from a set which meets the following
+ * criteria:
+ *     Is of the form 8*n+5, which ensures "high potency" according to
+ *     principle iii in the summary chapter 3.6.  This form also has a
+ *     gcd(a-1,m) of 4 which is good according to principle iv.
+ *
+ *     Is between 0.01 and 0.99 times the modulus as specified by
+ *     principle iv.
+ *
+ *     Passes the spectral test "with flying colors" (ut >= 1) in
+ *     dimensions 2 through 6 as calculated by Algorithm S in Chapter
+ *     3.3.4 and the ratings calculated by formula 35 in section E.
+ *
+ *     Of the multipliers that pass this test, pick the set that is
+ *     best according to the theoretical bounds of the serial
+ *     correlation test.  This was calculated using a simplified
+ *     version of Knuth's Theorem K in Chapter 3.3.3.
+ *
+ * These criteria may not be important for this use, but we might as well
+ * pick from the best generators since there are so many possible ones and
+ * we don't have that many random bits to do the picking.
+ *
+ * We use a modulus of 2^16 instead of something bigger so that we will
+ * tend to cycle through all the possible IDs before repeating any,
+ * however the shuffling will perturb this somewhat.  Theoretically there
+ * is no minimimum interval between two uses of the same ID, but in
+ * practice it seems to be >64000.
+ *
+ * Our adaptatation  of Algorithm B mixes the hash state which has
+ * captured various random events into the shuffler to perturb the
+ * sequence.
+ *
+ * One disadvantage of this algorithm is that if the generator parameters
+ * were to be guessed, it would be possible to mount a limited brute force
+ * attack on the ID space since the IDs are only shuffled within a limited
+ * range.
+ *
+ * The second algorithm uses the same random number generator to populate
+ * a pool of 65536 IDs.  The hash state is used to pick an ID from a window
+ * of 4096 IDs in this pool, then the chosen ID is swapped with the ID
+ * at the beginning of the window and the window position is advanced.
+ * This means that the interval between uses of the ID will be no less
+ * than 65536-4096.  The ID sequence in the pool will become more random
+ * over time.
+ *
+ * For both algorithms, two more linear congruential random number generators
+ * are selected.  The ID from the first part of algorithm is used to seed
+ * the first of these generators, and its output is used to seed the second.
+ * The strategy is use these generators as 1 to 1 hashes to obfuscate the
+ * properties of the generator used in the first part of either algorithm.
+ *
+ * The first algorithm may be suitable for use in a client resolver since
+ * its memory requirements are fairly low and it's pretty random out of
+ * the box.  It is somewhat succeptible to a limited brute force attack,
+ * so the second algorithm is probably preferable for a longer running
+ * program that issues a large number of queries and has time to randomize
+ * the pool.
+ */
+
+#define NSID_SHUFFLE_TABLE_SIZE 100 /* Suggested by Knuth */
+/*
+ * Pick one of the next 4096 IDs in the pool.
+ * There is a tradeoff here between randomness and how often and ID is reused.
+ */
+#define NSID_LOOKAHEAD 4096     /* Must be a power of 2 */
+#define NSID_SHUFFLE_ONLY 1     /* algorithm 1 */
+#define NSID_USE_POOL 2         /* algorithm 2 */
+#define NSID_HASHSHIFT       3
+#define NSID_HASHROTATE(v) \
+        (((v) << NSID_HASHSHIFT) | ((v) >> ((sizeof(v) * 8) - NSID_HASHSHIFT)))
+
+static isc_uint32_t	nsid_hash_state;
+
+/*
+ * Keep a running hash of various bits of data that we'll use to
+ * stir the ID pool or perturb the ID generator
+ */
+static void
+nsid_hash(void *data, size_t len) {
+	unsigned char *p = data;
+	/*
+	 * Hash function similar to the one we use for hashing names.
+	 * We don't fold case or toss the upper bit here, though.
+	 * This hash doesn't do much interesting when fed binary zeros,
+	 * so there may be a better hash function.
+	 * This function doesn't need to be very strong since we're
+	 * only using it to stir the pool, but it should be reasonably
+	 * fast.
+	 */
+	/*
+	 * We don't care about locking access to nsid_hash_state.
+	 * In fact races make the result even more non deteministic.
+	 */
+	while (len-- > 0U) {
+		nsid_hash_state = NSID_HASHROTATE(nsid_hash_state);
+		nsid_hash_state += *p++;
+	}
+}
+
+/*
+ * Table of good linear congruential multipliers for modulus 2^16
+ * in order of increasing serial correlation bounds (so trim from
+ * the end).
+ */
+static const isc_uint16_t nsid_multiplier_table[] = {
+	17565, 25013, 11733, 19877, 23989, 23997, 24997, 25421,
+	26781, 27413, 35901, 35917, 35973, 36229, 38317, 38437,
+	39941, 40493, 41853, 46317, 50581, 51429, 53453, 53805,
+	11317, 11789, 12045, 12413, 14277, 14821, 14917, 18989,
+	19821, 23005, 23533, 23573, 23693, 27549, 27709, 28461,
+	29365, 35605, 37693, 37757, 38309, 41285, 45261, 47061,
+	47269, 48133, 48597, 50277, 50717, 50757, 50805, 51341,
+	51413, 51581, 51597, 53445, 11493, 14229, 20365, 20653,
+	23485, 25541, 27429, 29421, 30173, 35445, 35653, 36789,
+	36797, 37109, 37157, 37669, 38661, 39773, 40397, 41837,
+	41877, 45293, 47277, 47845, 49853, 51085, 51349, 54085,
+	56933,  8877,  8973,  9885, 11365, 11813, 13581, 13589,
+	13613, 14109, 14317, 15765, 15789, 16925, 17069, 17205,
+	17621, 17941, 19077, 19381, 20245, 22845, 23733, 24869,
+	25453, 27213, 28381, 28965, 29245, 29997, 30733, 30901,
+	34877, 35485, 35613, 36133, 36661, 36917, 38597, 40285,
+	40693, 41413, 41541, 41637, 42053, 42349, 45245, 45469,
+	46493, 48205, 48613, 50861, 51861, 52877, 53933, 54397,
+	55669, 56453, 56965, 58021,  7757,  7781,  8333,  9661,
+	12229, 14373, 14453, 17549, 18141, 19085, 20773, 23701,
+	24205, 24333, 25261, 25317, 27181, 30117, 30477, 34757,
+	34885, 35565, 35885, 36541, 37957, 39733, 39813, 41157,
+	41893, 42317, 46621, 48117, 48181, 49525, 55261, 55389,
+	56845,  7045,  7749,  7965,  8469,  9133,  9549,  9789,
+	10173, 11181, 11285, 12253, 13453, 13533, 13757, 14477,
+	15053, 16901, 17213, 17269, 17525, 17629, 18605, 19013,
+	19829, 19933, 20069, 20093, 23261, 23333, 24949, 25309,
+	27613, 28453, 28709, 29301, 29541, 34165, 34413, 37301,
+	37773, 38045, 38405, 41077, 41781, 41925, 42717, 44437,
+	44525, 44613, 45933, 45941, 47077, 50077, 50893, 52117,
+	 5293, 55069, 55989, 58125, 59205,  6869, 14685, 15453,
+	16821, 17045, 17613, 18437, 21029, 22773, 22909, 25445,
+	25757, 26541, 30709, 30909, 31093, 31149, 37069, 37725,
+	37925, 38949, 39637, 39701, 40765, 40861, 42965, 44813,
+	45077, 45733, 47045, 50093, 52861, 52957, 54181, 56325,
+	56365, 56381, 56877, 57013,  5741, 58101, 58669,  8613,
+	10045, 10261, 10653, 10733, 11461, 12261, 14069, 15877,
+	17757, 21165, 23885, 24701, 26429, 26645, 27925, 28765,
+	29197, 30189, 31293, 39781, 39909, 40365, 41229, 41453,
+	41653, 42165, 42365, 47421, 48029, 48085, 52773,  5573,
+	57037, 57637, 58341, 58357, 58901,  6357,  7789,  9093,
+	10125, 10709, 10765, 11957, 12469, 13437, 13509, 14773,
+	15437, 15773, 17813, 18829, 19565, 20237, 23461, 23685,
+	23725, 23941, 24877, 25461, 26405, 29509, 30285, 35181,
+	37229, 37893, 38565, 40293, 44189, 44581, 45701, 47381,
+	47589, 48557,  4941, 51069,  5165, 52797, 53149,  5341,
+	56301, 56765, 58581, 59493, 59677,  6085,  6349,  8293,
+	 8501,  8517, 11597, 11709, 12589, 12693, 13517, 14909,
+	17397, 18085, 21101, 21269, 22717, 25237, 25661, 29189,
+	30101, 31397, 33933, 34213, 34661, 35533, 36493, 37309,
+	40037,  4189, 42909, 44309, 44357, 44389,  4541, 45461,
+	46445, 48237, 54149, 55301, 55853, 56621, 56717, 56901,
+	 5813, 58437, 12493, 15365, 15989, 17829, 18229, 19341,
+	21013, 21357, 22925, 24885, 26053, 27581, 28221, 28485,
+	30605, 30613, 30789, 35437, 36285, 37189,  3941, 41797,
+	 4269, 42901, 43293, 44645, 45221, 46893,  4893, 50301,
+	50325,  5189, 52109, 53517, 54053, 54485,  5525, 55949,
+	56973, 59069, 59421, 60733, 61253,  6421,  6701,  6709,
+	 7101,  8669, 15797, 19221, 19837, 20133, 20957, 21293,
+	21461, 22461, 29085, 29861, 30869, 34973, 36469, 37565,
+	38125, 38829, 39469, 40061, 40117, 44093, 47429, 48341,
+	50597, 51757,  5541, 57629, 58405, 59621, 59693, 59701,
+	61837,  7061, 10421, 11949, 15405, 20861, 25397, 25509,
+	25893, 26037, 28629, 28869, 29605, 30213, 34205, 35637,
+	36365, 37285,  3773, 39117,  4021, 41061, 42653, 44509,
+	 4461, 44829,  4725,  5125, 52269, 56469, 59085,  5917,
+	60973,  8349, 17725, 18637, 19773, 20293, 21453, 22533,
+	24285, 26333, 26997, 31501, 34541, 34805, 37509, 38477,
+	41333, 44125, 46285, 46997, 47637, 48173,  4925, 50253,
+	50381, 50917, 51205, 51325, 52165, 52229,  5253,  5269,
+	53509, 56253, 56341,  5821, 58373, 60301, 61653, 61973,
+	62373,  8397, 11981, 14341, 14509, 15077, 22261, 22429,
+	24261, 28165, 28685, 30661, 34021, 34445, 39149,  3917,
+	43013, 43317, 44053, 44101,  4533, 49541, 49981,  5277,
+	54477, 56357, 57261, 57765, 58573, 59061, 60197, 61197,
+	62189,  7725,  8477,  9565, 10229, 11437, 14613, 14709,
+	16813, 20029, 20677, 31445,  3165, 31957,  3229, 33541,
+	36645,  3805, 38973,  3965,  4029, 44293, 44557, 46245,
+	48917,  4909, 51749, 53709, 55733, 56445,  5925,  6093,
+	61053, 62637,  8661,  9109, 10821, 11389, 13813, 14325,
+	15501, 16149, 18845, 22669, 26437, 29869, 31837, 33709,
+	33973, 34173,  3677,  3877,  3981, 39885, 42117,  4421,
+	44221, 44245, 44693, 46157, 47309,  5005, 51461, 52037,
+	55333, 55693, 56277, 58949,  6205, 62141, 62469,  6293,
+	10101, 12509, 14029, 17997, 20469, 21149, 25221, 27109,
+	 2773,  2877, 29405, 31493, 31645,  4077, 42005, 42077,
+	42469, 42501, 44013, 48653, 49349,  4997, 50101, 55405,
+	56957, 58037, 59429, 60749, 61797, 62381, 62837,  6605,
+	10541, 23981, 24533,  2701, 27333, 27341, 31197, 33805,
+	 3621, 37381,  3749,  3829, 38533, 42613, 44381, 45901,
+	48517, 51269, 57725, 59461, 60045, 62029, 13805, 14013,
+	15461, 16069, 16157, 18573,  2309, 23501, 28645,  3077,
+	31541, 36357, 36877,  3789, 39429, 39805, 47685, 47949,
+	49413,  5485, 56757, 57549, 57805, 58317, 59549, 62213,
+	62613, 62853, 62933,  8909, 12941, 16677, 20333, 21541,
+	24429, 26077, 26421,  2885, 31269, 33381,  3661, 40925,
+	42925, 45173,  4525,  4709, 53133, 55941, 57413, 57797,
+	62125, 62237, 62733,  6773, 12317, 13197, 16533, 16933,
+	18245,  2213,  2477, 29757, 33293, 35517, 40133, 40749,
+	 4661, 49941, 62757,  7853,  8149,  8573, 11029, 13421,
+	21549, 22709, 22725, 24629,  2469, 26125,  2669, 34253,
+	36709, 41013, 45597, 46637, 52285, 52333, 54685, 59013,
+	60997, 61189, 61981, 62605, 62821,  7077,  7525,  8781,
+	10861, 15277,  2205, 22077, 28517, 28949, 32109, 33493,
+	 4661, 49941, 62757,  7853,  8149,  8573, 11029, 13421,
+	21549, 22709, 22725, 24629,  2469, 26125,  2669, 34253,
+	36709, 41013, 45597, 46637, 52285, 52333, 54685, 59013,
+	60997, 61189, 61981, 62605, 62821,  7077,  7525,  8781,
+	10861, 15277,  2205, 22077, 28517, 28949, 32109, 33493,
+	 3685, 39197, 39869, 42621, 44997, 48565,  5221, 57381,
+	61749, 62317, 63245, 63381, 23149,  2549, 28661, 31653,
+	33885, 36341, 37053, 39517, 42805, 45853, 48997, 59349,
+	60053, 62509, 63069,  6525,  1893, 20181,  2365, 24893,
+	27397, 31357, 32277, 33357, 34437, 36677, 37661, 43469,
+	43917, 50997, 53869,  5653, 13221, 16741, 17893,  2157,
+	28653, 31789, 35301, 35821, 61613, 62245, 12405, 14517,
+	17453, 18421,  3149,  3205, 40341,  4109, 43941, 46869,
+	48837, 50621, 57405, 60509, 62877,  8157, 12933, 12957,
+	16501, 19533,  3461, 36829, 52357, 58189, 58293, 63053,
+	17109,  1933, 32157, 37701, 59005, 61621, 13029, 15085,
+	16493, 32317, 35093,  5061, 51557, 62221, 20765, 24613,
+	 2629, 30861, 33197, 33749, 35365, 37933, 40317, 48045,
+	56229, 61157, 63797,  7917, 17965,  1917,  1973, 20301,
+	 2253, 33157, 58629, 59861, 61085, 63909,  8141,  9221,
+	14757,  1581, 21637, 26557, 33869, 34285, 35733, 40933,
+	42517, 43501, 53653, 61885, 63805,  7141, 21653, 54973,
+	31189, 60061, 60341, 63357, 16045,  2053, 26069, 33997,
+	43901, 54565, 63837,  8949, 17909, 18693, 32349, 33125,
+	37293, 48821, 49053, 51309, 64037,  7117,  1445, 20405,
+	23085, 26269, 26293, 27349, 32381, 33141, 34525, 36461,
+	37581, 43525,  4357, 43877,  5069, 55197, 63965,  9845,
+	12093,  2197,  2229, 32165, 33469, 40981, 42397,  8749,
+	10853,  1453, 18069, 21693, 30573, 36261, 37421, 42533
+};
+
+#define NSID_MULT_TABLE_SIZE \
+        ((sizeof nsid_multiplier_table)/(sizeof nsid_multiplier_table[0]))
+#define NSID_RANGE_MASK (NSID_LOOKAHEAD - 1)
+#define NSID_POOL_MASK 0xFFFF /* used to wrap the pool index */
+#define NSID_SHUFFLE_ONLY 1
+#define NSID_USE_POOL 2
+
+static isc_uint16_t
+nsid_next(dns_nsid_t *nsid) {
+        isc_uint16_t id, compressed_hash;
+	isc_uint16_t j;
+
+        compressed_hash = ((nsid_hash_state >> 16) ^
+			   (nsid_hash_state)) & 0xFFFF;
+
+	if (nsid->nsid_usepool) {
+	        isc_uint16_t pick;
+
+                pick = compressed_hash & NSID_RANGE_MASK;
+		pick = (nsid->nsid_state + pick) & NSID_POOL_MASK;
+                id = nsid->nsid_pool[pick];
+                if (pick != 0) {
+                        /* Swap two IDs to stir the pool */
+                        nsid->nsid_pool[pick] =
+                                nsid->nsid_pool[nsid->nsid_state];
+                        nsid->nsid_pool[nsid->nsid_state] = id;
+                }
+
+                /* increment the base pointer into the pool */
+                if (nsid->nsid_state == 65535)
+                        nsid->nsid_state = 0;
+                else
+                        nsid->nsid_state++;
+	} else {
+		/*
+		 * This is the original Algorithm B
+		 * j = ((u_long) NSID_SHUFFLE_TABLE_SIZE * nsid_state2) >> 16;
+		 *
+		 * We'll perturb it with some random stuff  ...
+		 */
+		j = ((isc_uint32_t) NSID_SHUFFLE_TABLE_SIZE *
+		     (nsid->nsid_state2 ^ compressed_hash)) >> 16;
+		nsid->nsid_state2 = id = nsid->nsid_vtable[j];
+		nsid->nsid_state = (((isc_uint32_t) nsid->nsid_a1 * nsid->nsid_state) +
+				      nsid->nsid_c1) & 0xFFFF;
+		nsid->nsid_vtable[j] = nsid->nsid_state;
+	}
+
+        /* Now lets obfuscate ... */
+        id = (((isc_uint32_t) nsid->nsid_a2 * id) + nsid->nsid_c2) & 0xFFFF;
+        id = (((isc_uint32_t) nsid->nsid_a3 * id) + nsid->nsid_c3) & 0xFFFF;
+
+        return (id);
+}
+
+static isc_result_t
+nsid_init(isc_mem_t *mctx, dns_nsid_t *nsid, isc_boolean_t usepool) {
+        isc_time_t now;
+        pid_t mypid;
+        isc_uint16_t a1ndx, a2ndx, a3ndx, c1ndx, c2ndx, c3ndx;
+        int i;
+
+	isc_time_now(&now);
+        mypid = getpid();
+
+        /* Initialize the state */
+	memset(nsid, 0, sizeof(*nsid));
+        nsid_hash(&now, sizeof now);
+        nsid_hash(&mypid, sizeof mypid);
+
+        /*
+         * Select our random number generators and initial seed.
+         * We could really use more random bits at this point,
+         * but we'll try to make a silk purse out of a sows ear ...
+         */
+        /* generator 1 */
+        a1ndx = ((isc_uint32_t) NSID_MULT_TABLE_SIZE *
+                 (nsid_hash_state & 0xFFFF)) >> 16;
+        nsid->nsid_a1 = nsid_multiplier_table[a1ndx];
+        c1ndx = (nsid_hash_state >> 9) & 0x7FFF;
+        nsid->nsid_c1 = 2 * c1ndx + 1;
+
+        /* generator 2, distinct from 1 */
+        a2ndx = ((isc_uint32_t) (NSID_MULT_TABLE_SIZE - 1) *
+                 ((nsid_hash_state >> 10) & 0xFFFF)) >> 16;
+        if (a2ndx >= a1ndx)
+                a2ndx++;
+        nsid->nsid_a2 = nsid_multiplier_table[a2ndx];
+        c2ndx = nsid_hash_state % 32767;
+        if (c2ndx >= c1ndx)
+                c2ndx++;
+        nsid->nsid_c2 = 2*c2ndx + 1;
+
+        /* generator 3, distinct from 1 and 2 */
+        a3ndx = ((isc_uint32_t) (NSID_MULT_TABLE_SIZE - 2) *
+                 ((nsid_hash_state >> 20) & 0xFFFF)) >> 16;
+        if (a3ndx >= a1ndx || a3ndx >= a2ndx)
+                a3ndx++;
+        if (a3ndx >= a1ndx && a3ndx >= a2ndx)
+                a3ndx++;
+        nsid->nsid_a3 = nsid_multiplier_table[a3ndx];
+        c3ndx = nsid_hash_state % 32766;
+        if (c3ndx >= c1ndx || c3ndx >= c2ndx)
+                c3ndx++;
+        if (c3ndx >= c1ndx && c3ndx >= c2ndx)
+                c3ndx++;
+        nsid->nsid_c3 = 2*c3ndx + 1;
+
+        nsid->nsid_state =
+		((nsid_hash_state >> 16) ^ (nsid_hash_state)) & 0xFFFF;
+
+	nsid->nsid_usepool = usepool;
+	if (nsid->nsid_usepool) {
+                nsid->nsid_pool = isc_mem_get(mctx, 0x10000 * sizeof(isc_uint16_t));
+		if (nsid->nsid_pool == NULL)
+			return (ISC_R_NOMEMORY);
+                for (i = 0; ; i++) {
+                        nsid->nsid_pool[i] = nsid->nsid_state;
+                        nsid->nsid_state =
+				 (((u_long) nsid->nsid_a1 * nsid->nsid_state) +
+				   nsid->nsid_c1) & 0xFFFF;
+                        if (i == 0xFFFF)
+                                break;
+                }
+	} else {
+		nsid->nsid_vtable = isc_mem_get(mctx, NSID_SHUFFLE_TABLE_SIZE *
+						(sizeof(isc_uint16_t)) );
+		if (nsid->nsid_vtable == NULL)
+			return (ISC_R_NOMEMORY);
+
+		for (i = 0; i < NSID_SHUFFLE_TABLE_SIZE; i++) {
+			nsid->nsid_vtable[i] = nsid->nsid_state;
+			nsid->nsid_state =
+				   (((isc_uint32_t) nsid->nsid_a1 * nsid->nsid_state) +
+					 nsid->nsid_c1) & 0xFFFF;
+		}
+		nsid->nsid_state2 = nsid->nsid_state;
+	} 
+	return (ISC_R_SUCCESS);
+}
+
+static void
+nsid_destroy(isc_mem_t *mctx, dns_nsid_t *nsid) {
+	if (nsid->nsid_usepool)
+		isc_mem_put(mctx, nsid->nsid_pool,
+			    0x10000 * sizeof(isc_uint16_t));
+	else
+		isc_mem_put(mctx, nsid->nsid_vtable,
+			    NSID_SHUFFLE_TABLE_SIZE * (sizeof(isc_uint16_t)) );
+	memset(nsid, 0, sizeof(*nsid));
+}
+
+void
+dns_dispatch_hash(void *data, size_t len) {
+	nsid_hash(data, len);
+}

lib/dns/include/dns/dispatch.h

@@ -15,7 +15,7 @@
  * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: dispatch.h,v 1.37.4.1 2001/01/09 22:45:34 bwelling Exp $ */
+/* $Id: dispatch.h,v 1.37.4.1.4.1 2007/08/12 07:38:18 marka Exp $ */
 
 #ifndef DNS_DISPATCH_H
 #define DNS_DISPATCH_H 1
@@ -462,6 +462,13 @@ dns_dispatch_changeattributes(dns_dispatch_t *disp,
  *	attribute on a TCP socket isn't reasonable.
  */
 
+void
+dns_dispatch_hash(void *data, size_t len);
+/*%<
+ * Feed 'data' to the dispatch query id generator where 'len' is the size
+ * of 'data'.
+ */
+
 ISC_LANG_ENDDECLS
 
 #endif /* DNS_DISPATCH_H */

lib/dns/include/dns/validator.h

@@ -15,7 +15,7 @@
  * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: validator.h,v 1.17.2.1 2001/01/09 22:46:27 bwelling Exp $ */
+/* $Id: validator.h,v 1.17.2.1.4.1 2007/01/23 23:42:23 marka Exp $ */
 
 #ifndef DNS_VALIDATOR_H
 #define DNS_VALIDATOR_H 1
@@ -111,6 +111,11 @@ struct dns_validator {
 	ISC_LINK(dns_validator_t)	link;
 };
 
+/*%
+ * dns_validator_create() options.
+ */
+#define DNS_VALIDATOR_DEFER 2U
+
 ISC_LANG_BEGINDECLS
 
 isc_result_t
@@ -153,6 +158,15 @@ dns_validator_create(dns_view_t *view, dns_name_t *name, dns_rdatatype_t type,
  * part of a known insecure domain.
  */
 
+void
+dns_validator_send(dns_validator_t *validator);
+/*%<
+ * Send a deferred validation request
+ *
+ * Requires:
+ *	'validator' to points to a valid DNSSEC validator.
+ */
+
 void
 dns_validator_cancel(dns_validator_t *validator);
 /*

lib/dns/resolver.c

@@ -15,7 +15,7 @@
  * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: resolver.c,v 1.187.2.9 2001/03/20 23:49:36 bwelling Exp $ */
+/* $Id: resolver.c,v 1.187.2.9.4.2 2007/01/23 23:42:23 marka Exp $ */
 
 #include <config.h>
 
@@ -701,6 +701,8 @@ fctx_query(fetchctx_t *fctx, dns_adbaddrinfo_t *addrinfo,
 	if (result != ISC_R_SUCCESS)
 		return (result);
 
+	INSIST(ISC_LIST_EMPTY(fctx->validators));
+
 	dns_message_reset(fctx->rmessage, DNS_MESSAGE_INTENTPARSE);
 
 	query = isc_mem_get(res->mctx, sizeof *query);
@@ -2373,12 +2375,21 @@ maybe_destroy(fetchctx_t *fctx) {
 	unsigned int bucketnum;
 	isc_boolean_t bucket_empty = ISC_FALSE;
 	dns_resolver_t *res = fctx->res;
+	dns_validator_t *validator;
 
 	REQUIRE(SHUTTINGDOWN(fctx));
 
-	if (fctx->pending != 0 || !ISC_LIST_EMPTY(fctx->validators))
+	if (fctx->pending != 0)
 		return;
 
+	for (validator = ISC_LIST_HEAD(fctx->validators);
+	     validator != NULL;
+	     validator = ISC_LIST_HEAD(fctx->validators)) {
+		ISC_LIST_UNLINK(fctx->validators, validator, link);
+		dns_validator_cancel(validator);
+		dns_validator_destroy(&validator);
+	}
+
 	bucketnum = fctx->bucketnum;
 	LOCK(&res->buckets[bucketnum].lock);
 	if (fctx->references == 0)
@@ -2549,7 +2560,9 @@ validated(isc_task_t *task, isc_event_t *event) {
 			goto noanswer_response;
 	}
 
-	if (sentresponse) {
+	if (!ISC_LIST_EMPTY(fctx->validators))
+		dns_validator_send(ISC_LIST_HEAD(fctx->validators));
+	else if (sentresponse) {
 		/*
 		 * If we only deferred the destroy because we wanted to cache
 		 * the data, destroy now.
@@ -2569,6 +2582,7 @@ validated(isc_task_t *task, isc_event_t *event) {
 		 * more rdatasets that still need to
 		 * be validated.
 		 */
+		dns_validator_send(ISC_LIST_HEAD(fctx->validators));
 		goto cleanup_event;
 	}
 
@@ -2617,6 +2631,7 @@ cache_name(fetchctx_t *fctx, dns_name_t *name, isc_stdtime_t now) {
 	unsigned int options;
 	isc_task_t *task;
 	dns_validator_t *validator;
+	unsigned int valoptions = 0;
 
 	/*
 	 * The appropriate bucket lock must be held.
@@ -2805,15 +2820,18 @@ cache_name(fetchctx_t *fctx, dns_name_t *name, isc_stdtime_t now) {
 						rdataset,
 						sigrdataset,
 						fctx->rmessage,
-						0,
+						valoptions,
 						task,
 						validated,
 						fctx,
 						&validator);
-					if (result == ISC_R_SUCCESS)
+					if (result == ISC_R_SUCCESS) {
 						ISC_LIST_APPEND(
 							fctx->validators,
 							validator, link);
+						valoptions |=
+							 DNS_VALIDATOR_DEFER;
+					}
 				}
 			}
 		} else if (!EXTERNAL(rdataset)) {
@@ -2886,7 +2904,7 @@ cache_name(fetchctx_t *fctx, dns_name_t *name, isc_stdtime_t now) {
 					      valrdataset,
 					      valsigrdataset,
 					      fctx->rmessage,
-					      0,
+					      valoptions,
 					      task,
 					      validated,
 					      fctx,
@@ -3212,6 +3230,7 @@ check_related(void *arg, dns_name_t *addname, dns_rdatatype_t type) {
 				/*
 				 * Do we have its SIG too?
 				 */
+				rdataset = NULL;
 				result = dns_message_findtype(name,
 						      dns_rdatatype_sig,
 						      type, &rdataset);

lib/dns/validator.c

@@ -15,7 +15,7 @@
  * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: validator.c,v 1.87.2.1 2001/01/09 22:44:26 bwelling Exp $ */
+/* $Id: validator.c,v 1.87.2.1.4.1 2007/01/23 23:42:23 marka Exp $ */
 
 #include <config.h>
 
@@ -1512,7 +1512,8 @@ dns_validator_create(dns_view_t *view, dns_name_t *name, dns_rdatatype_t type,
 	ISC_LINK_INIT(val, link);
 	val->magic = VALIDATOR_MAGIC;
 
-	isc_task_send(task, (isc_event_t **)&event);
+	if ((options & DNS_VALIDATOR_DEFER) == 0)
+		isc_task_send(task, (isc_event_t **)&event);
 
 	*validatorp = val;
 
@@ -1529,6 +1530,21 @@ dns_validator_create(dns_view_t *view, dns_name_t *name, dns_rdatatype_t type,
 	return (result);
 }
 
+void
+dns_validator_send(dns_validator_t *validator) {
+	isc_event_t *event;
+	REQUIRE(VALID_VALIDATOR(validator));
+
+	LOCK(&validator->lock);
+
+	INSIST((validator->options & DNS_VALIDATOR_DEFER) != 0);
+	event = (isc_event_t *)validator->event;
+	validator->options &= ~DNS_VALIDATOR_DEFER;
+	UNLOCK(&validator->lock);
+
+	isc_task_send(validator->task, &event);
+}
+
 void
 dns_validator_cancel(dns_validator_t *validator) {
 	REQUIRE(VALID_VALIDATOR(validator));
@@ -1548,6 +1564,13 @@ dns_validator_cancel(dns_validator_t *validator) {
 
 		if (validator->authvalidator != NULL)
 			dns_validator_cancel(validator->authvalidator);
+
+		if ((validator->options & DNS_VALIDATOR_DEFER) != 0) {
+			isc_task_t *task = validator->event->ev_sender;
+			validator->options &= ~DNS_VALIDATOR_DEFER;
+			isc_event_free((isc_event_t **)&validator->event);
+			isc_task_detach(&task);
+		}
 	}
 	UNLOCK(&validator->lock);
 }

lib/isc/random.c

@@ -15,7 +15,7 @@
  * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: random.c,v 1.14.2.1 2001/01/09 22:49:14 bwelling Exp $ */
+/* $Id: random.c,v 1.14.2.1.4.1 2003/09/01 05:19:20 marka Exp $ */
 
 #include <config.h>
 
@@ -33,7 +33,14 @@ static isc_once_t once = ISC_ONCE_INIT;
 static void
 initialize_rand(void)
 {
-	srand(time(NULL));
+	unsigned int pid = getpid();
+
+	/*
+	 * The low bits of pid generally change faster.
+	 * Xor them with the high bits of time which change slowly.
+	 */
+	pid = ((pid << 16) & 0xffff0000) | ((pid >> 16) & 0xffff);
+	srand(time(NULL) ^ pid);
 }
 
 static void

lib/omapi/api

@@ -1,3 +1,3 @@
-LIBINTERFACE = 3
+LIBINTERFACE = 4
 LIBREVISION = 0
 LIBAGE = 0

lib/omapi/include/omapi/private.h

@@ -15,7 +15,7 @@
  * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: private.h,v 1.25.4.1 2001/01/09 22:53:15 bwelling Exp $ */
+/* $Id: private.h,v 1.25.4.1.4.1 2003/09/01 05:19:21 marka Exp $ */
 
 /*****
  ***** Private master include file for the OMAPI library.
@@ -243,6 +243,7 @@ struct omapi_protocol {
 	isc_region_t			signature_in;
 	isc_buffer_t			*signature_out;
 	isc_result_t			verify_result;
+	isc_uint32_t			authid;
 	/*
 	 * A callback to find out whether a requested key is valid on
 	 * the connection, and the arg the caller wants to help it decide.
@@ -438,12 +439,12 @@ send_intro(omapi_object_t *object, unsigned int version);
 #define send_status omapi__send_status
 isc_result_t
 send_status(omapi_object_t *protcol, isc_result_t waitstatus,
-	    unsigned int response_id, const char *message);
+	    unsigned int response_id, unsigned int authid, const char *message);
 
 #define send_update omapi__send_update
 isc_result_t
 send_update(omapi_object_t *protocol, unsigned int response_id,
-	    omapi_object_t *object);
+	    unsigned int authid, omapi_object_t *object);
 
 ISC_LANG_ENDDECLS
 

lib/omapi/include/omapi/result.h

@@ -15,7 +15,7 @@
  * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: result.h,v 1.7.4.1 2001/01/09 22:53:16 bwelling Exp $ */
+/* $Id: result.h,v 1.7.4.1.4.1 2003/09/01 05:19:22 marka Exp $ */
 
 #ifndef OMAPI_RESULT_H
 #define OMAPI_RESULT_H 1
@@ -32,8 +32,9 @@ ISC_LANG_BEGINDECLS
 #define OMAPI_R_INVALIDARG		(ISC_RESULTCLASS_OMAPI + 3)
 #define OMAPI_R_VERSIONMISMATCH		(ISC_RESULTCLASS_OMAPI + 4)
 #define OMAPI_R_PROTOCOLERROR		(ISC_RESULTCLASS_OMAPI + 5)
+#define OMAPI_R_BADAUTHID		(ISC_RESULTCLASS_OMAPI + 6)
 
-#define OMAPI_R_NRESULTS		6	/* Number of results */
+#define OMAPI_R_NRESULTS		7	/* Number of results */
 
 const char *
 omapi_result_totext(isc_result_t);

lib/omapi/listener.c

@@ -15,7 +15,7 @@
  * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: listener.c,v 1.31.4.2 2001/03/27 00:14:54 bwelling Exp $ */
+/* $Id: listener.c,v 1.31.4.2.4.1 2003/09/01 05:19:21 marka Exp $ */
 
 /*
  * Subroutines that support the generic listener object.
@@ -219,6 +219,8 @@ listener_accept(isc_task_t *task, isc_event_t *event) {
 	 */
 	protocol->verify_key = listener->verify_key;
 	protocol->verify_key_arg = listener->callback_arg;
+	while (protocol->authid == 0)
+		isc_random_get(&protocol->authid);
 
 	/*
 	 * Tie the protocol object bidirectionally to the connection

lib/omapi/message.c

@@ -15,7 +15,7 @@
  * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: message.c,v 1.28.4.1 2001/01/09 22:53:00 bwelling Exp $ */
+/* $Id: message.c,v 1.28.4.1.4.1 2003/09/01 05:19:21 marka Exp $ */
 
 /*
  * Subroutines for dealing with message objects.
@@ -26,6 +26,7 @@
 #include <stddef.h>
 
 #include <isc/buffer.h>
+#include <isc/random.h>
 #include <isc/string.h>
 #include <isc/util.h>
 
@@ -180,7 +181,7 @@ omapi_message_send(omapi_object_t *message, omapi_object_t *protocol) {
 
 	if (result == ISC_R_SUCCESS)
 		/* XXXTL Write the ID of the authentication key we're using. */
-		result = omapi_connection_putuint32(connection, 0);
+		result = omapi_connection_putuint32(connection, p->authid);
 
 	if (result == ISC_R_SUCCESS)
 		result = omapi_connection_putuint32(connection, authlen);
@@ -209,6 +210,8 @@ omapi_message_send(omapi_object_t *message, omapi_object_t *protocol) {
 		 * Set and write the transaction ID.
 		 */
 		m->id = p->next_xid++;
+		if (m->id == 0)
+			m->id = p->next_xid++;
 		result = omapi_connection_putuint32(connection, m->id);
 	}
 
@@ -385,6 +388,11 @@ message_process(omapi_object_t *mo, omapi_object_t *po) {
 			dst_context_destroy(&protocol->dstctx);
 		}
 
+		if (protocol->verify_result == ISC_R_SUCCESS &&
+		    protocol->authid != 0)
+			if (protocol->authid != message->authid)
+				result = OMAPI_R_BADAUTHID;
+
 		if (protocol->verify_result != ISC_R_SUCCESS) {
 			if (connection->is_client) {
 				INSIST(m != NULL);
@@ -422,6 +430,7 @@ message_process(omapi_object_t *mo, omapi_object_t *po) {
 				return (send_status(po,
 						    protocol->verify_result,
 						    message->id,
+						    protocol->authid,
 						    "failed to verify "
 						    "signature"));
 		}
@@ -434,7 +443,7 @@ message_process(omapi_object_t *mo, omapi_object_t *po) {
 
 		if (m != NULL) {
 			return (send_status(po, OMAPI_R_INVALIDARG,
-					    message->id,
+					    message->id, protocol->authid,
 					    "OPEN can't be a response"));
 		}
 
@@ -456,7 +465,8 @@ message_process(omapi_object_t *mo, omapi_object_t *po) {
 		} else if (result == ISC_R_NOTFOUND)
 			type = NULL;
 		else
-			return (send_status(po, result, message->id,
+			return (send_status(po, result, message->id, 
+					    protocol->authid,
 					    isc_result_totext(result)));
 
 		/*
@@ -470,6 +480,7 @@ message_process(omapi_object_t *mo, omapi_object_t *po) {
 			create = 0;
 		else
 			return (send_status(po, result, message->id,
+					    protocol->authid,
 					    isc_result_totext(result)));
 
 		/*
@@ -483,6 +494,7 @@ message_process(omapi_object_t *mo, omapi_object_t *po) {
 			update = 0;
 		else
 			return (send_status(po, result, message->id,
+					    protocol->authid,
 					    isc_result_totext(result)));
 
 		/*
@@ -496,6 +508,7 @@ message_process(omapi_object_t *mo, omapi_object_t *po) {
 			exclusive = 0;
 		else
 			return (send_status(po, result, message->id,
+					    protocol->authid,
 					    isc_result_totext(result)));
 
 		/*
@@ -505,6 +518,7 @@ message_process(omapi_object_t *mo, omapi_object_t *po) {
 #ifdef notyet /* not for 9.0.0 */
 		if (type != omapi_type_protocol && protocol->key == NULL)
 			return (send_status(po, ISC_R_NOPERM, message->id,
+					    protocol->authid,
 					    "unauthorized access"));
 #endif /* notyet */
 
@@ -516,6 +530,7 @@ message_process(omapi_object_t *mo, omapi_object_t *po) {
 			if (create != 0)
 				return (send_status(po, OMAPI_R_INVALIDARG,
 						   message->id,
+						    protocol->authid,
 						   "type required on create"));
 
 			goto refresh;
@@ -523,6 +538,7 @@ message_process(omapi_object_t *mo, omapi_object_t *po) {
 
 		if (message->object == NULL)
 			return (send_status(po, ISC_R_NOTFOUND, message->id,
+					    protocol->authid,
 					    "no lookup key specified"));
 
 		/*
@@ -551,12 +567,14 @@ message_process(omapi_object_t *mo, omapi_object_t *po) {
 
 		if (result == ISC_R_NOTIMPLEMENTED)
 			return (send_status(po, result, message->id,
+					    protocol->authid,
 					    "unsearchable object type"));
 
 		if (result != ISC_R_SUCCESS &&
 		    result != ISC_R_NOTFOUND &&
 		    result != OMAPI_R_NOKEYS)
 			return (send_status(po, result, message->id,
+					    protocol->authid,
 					    "object lookup failed"));
 
 		/*
@@ -565,6 +583,7 @@ message_process(omapi_object_t *mo, omapi_object_t *po) {
 		 */
 		if (result == ISC_R_NOTFOUND && create == 0) {
 			return (send_status(po, ISC_R_NOTFOUND, message->id,
+					    protocol->authid,
 					   "no object matches specification"));
 		}
 
@@ -576,6 +595,7 @@ message_process(omapi_object_t *mo, omapi_object_t *po) {
 		if (result == ISC_R_SUCCESS && create != 0 && exclusive != 0) {
 			OBJECT_DEREF(&object);
 			return (send_status(po, ISC_R_EXISTS, message->id,
+					    protocol->authid,
 					   "specified object already exists"));
 		}
 
@@ -586,6 +606,7 @@ message_process(omapi_object_t *mo, omapi_object_t *po) {
 			result = object_methodcreate(type, &object);
 			if (result != ISC_R_SUCCESS)
 				return (send_status(po, result, message->id,
+						    protocol->authid,
 						   "can't create new object"));
 		}
 
@@ -598,6 +619,7 @@ message_process(omapi_object_t *mo, omapi_object_t *po) {
 			if (result != ISC_R_SUCCESS) {
 				OBJECT_DEREF(&object);
 				return (send_status(po, result, message->id,
+						    protocol->authid,
 						    "can't update object"));
 			}
 		}
@@ -614,6 +636,7 @@ message_process(omapi_object_t *mo, omapi_object_t *po) {
 #ifdef notyet /* not for 9.0.0 */
 		if (protocol->key == NULL)
 			return (send_status(po, ISC_R_NOPERM, message->id,
+					    protocol->authid,
 					    "unauthorized access"));
 #endif /* notyet */
 
@@ -621,10 +644,11 @@ message_process(omapi_object_t *mo, omapi_object_t *po) {
 		result = handle_lookup(&object, message->h);
 		if (result != ISC_R_SUCCESS)
 			return (send_status(po, result, message->id,
+					    protocol->authid,
 					    "no matching handle"));
 
 	send:
-		result = send_update(po, message->id, object);
+		result = send_update(po, message->id, protocol->authid, object);
 		OBJECT_DEREF(&object);
 		return (result);
 
@@ -632,6 +656,7 @@ message_process(omapi_object_t *mo, omapi_object_t *po) {
 		if (! connection->is_client)
 			return (send_status(po, OMAPI_R_INVALIDARG,
 					    message->id,
+					    protocol->authid,
 					    "OMAPI_OP_UPDATE is not a "
 					    "valid server operation"));
 
@@ -642,6 +667,7 @@ message_process(omapi_object_t *mo, omapi_object_t *po) {
 			result = handle_lookup(&object, message->h);
 			if (result != ISC_R_SUCCESS)
 				return (send_status(po, result, message->id,
+						    protocol->authid,
 						    "no matching handle"));
 		}
 
@@ -656,6 +682,7 @@ message_process(omapi_object_t *mo, omapi_object_t *po) {
 		if (result != ISC_R_SUCCESS) {
 			if (message->rid == 0)
 				return (send_status(po, result, message->id,
+						    protocol->authid,
 						    "can't update object"));
 			if (m != NULL)
 				object_signal((omapi_object_t *)m,
@@ -665,6 +692,7 @@ message_process(omapi_object_t *mo, omapi_object_t *po) {
 
 		if (message->rid == 0)
 			result = send_status(po, ISC_R_SUCCESS, message->id,
+					    protocol->authid,
 					     NULL);
 
 		if (m != NULL)
@@ -675,12 +703,14 @@ message_process(omapi_object_t *mo, omapi_object_t *po) {
 
 	case OMAPI_OP_NOTIFY:
 		return (send_status(po, ISC_R_NOTIMPLEMENTED, message->id,
+				    protocol->authid,
 				    "notify not implemented yet"));
 
 	case OMAPI_OP_STATUS:
 		if (! connection->is_client)
 			return (send_status(po, OMAPI_R_INVALIDARG,
 					    message->id,
+					    protocol->authid,
 					    "OMAPI_OP_STATUS is not a "
 					    "valid server operation"));
 
@@ -720,22 +750,26 @@ message_process(omapi_object_t *mo, omapi_object_t *po) {
 
 		if (protocol->key == NULL)
 			return (send_status(po, ISC_R_NOPERM, message->id,
+					    protocol->authid,
 					    "unauthorized delete"));
 
 		result = handle_lookup(&object, message->h);
 		if (result != ISC_R_SUCCESS)
 			return (send_status(po, result, message->id,
+					    protocol->authid,
 					    "no matching handle"));
 
 		result = object_methodexpunge(object->type, object);
 		if (result == ISC_R_NOTIMPLEMENTED)
 			return (send_status(po, ISC_R_NOTIMPLEMENTED,
 					    message->id,
+					    protocol->authid,
 					    "no remove method for object"));
 
 		OBJECT_DEREF(&object);
 
-		return (send_status(po, result, message->id, NULL));
+		return (send_status(po, result, message->id,
+				    protocol->authid, NULL));
 	}
 
 	return (ISC_R_NOTIMPLEMENTED);

lib/omapi/protocol.c

@@ -15,7 +15,7 @@
  * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: protocol.c,v 1.32.4.1 2001/01/09 22:53:03 bwelling Exp $ */
+/* $Id: protocol.c,v 1.32.4.1.4.1 2003/09/01 05:19:21 marka Exp $ */
 
 /*
  * Functions supporting the object management protocol.
@@ -28,6 +28,7 @@
 
 #include <isc/buffer.h>
 #include <isc/mem.h>
+#include <isc/random.h>
 #include <isc/string.h>
 #include <isc/util.h>
 
@@ -158,9 +159,8 @@ send_intro(omapi_object_t *h, unsigned int ver) {
 
 		/*
 		 * Make up an initial transaction ID for this connection.
-		 * XXXDCL better generator than random()?
 		 */
-		p->next_xid = random();
+		isc_random_get(&p->next_xid);
 
 		result = connection_send(connection);
 
@@ -212,7 +212,7 @@ omapi_protocol_listen(omapi_object_t *manager, isc_sockaddr_t *addr,
 
 isc_result_t
 send_status(omapi_object_t *po, isc_result_t waitstatus,
-	    unsigned int rid, const char *msg)
+	    unsigned int rid, unsigned int authid, const char *msg)
 {
 	isc_result_t result;
 	omapi_object_t *message = NULL;
@@ -230,6 +230,10 @@ send_status(omapi_object_t *po, isc_result_t waitstatus,
 	if (result == ISC_R_SUCCESS)
 		result = omapi_object_setinteger(message, "rid", (int)rid);
 
+	if (result == ISC_R_SUCCESS)
+		result = omapi_object_setinteger(message, "authid",
+						 (int)authid);
+
 	if (result == ISC_R_SUCCESS)
 		result = omapi_object_setinteger(message, "result",
 						 (int)waitstatus);
@@ -249,7 +253,9 @@ send_status(omapi_object_t *po, isc_result_t waitstatus,
 }
 
 isc_result_t
-send_update(omapi_object_t *po, unsigned int rid, omapi_object_t *object) {
+send_update(omapi_object_t *po, unsigned int rid, unsigned int authid,
+	    omapi_object_t *object)
+{
 	isc_result_t result;
 	omapi_object_t *message = NULL;
 
@@ -267,6 +273,10 @@ send_update(omapi_object_t *po, unsigned int rid, omapi_object_t *object) {
 
 		result = omapi_object_setinteger(message, "rid", (int)rid);
 
+		if (result == ISC_R_SUCCESS)
+			result = omapi_object_setinteger(message, "authid",
+							 (int)authid);
+
 		if (result == ISC_R_SUCCESS)
 			result = object_gethandle(&handle, object);
 
@@ -378,6 +388,8 @@ dispatch_messages(omapi_protocol_t *protocol,
 		 */
 		/* XXXDCL authid is unused */
 		connection_getuint32(connection, &protocol->message->authid);
+		if (protocol->authid == 0)
+			protocol->authid = protocol->message->authid;
 		/* XXXTL bind the authenticator here! */
 		connection_getuint32(connection, &protocol->message->authlen);
 		connection_getuint32(connection, &protocol->message->op);

lib/omapi/result.c

@@ -15,7 +15,7 @@
  * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: result.c,v 1.10.4.1 2001/01/09 22:53:04 bwelling Exp $ */
+/* $Id: result.c,v 1.10.4.1.4.1 2003/09/01 05:19:21 marka Exp $ */
 #include <config.h>
 
 #include <isc/once.h>
@@ -31,6 +31,7 @@ static const char *text[OMAPI_R_NRESULTS] = {
 	"invalid argument",			/* 3 */
 	"protocol version mismatch",		/* 4 */
 	"protocol error",			/* 5 */
+	"bad authid",				/* 6 */
 };
 
 

version

@@ -1,4 +1,4 @@
-# $Id: version,v 1.18.4.13 2001/03/28 19:08:09 gson Exp $
+# $Id: version,v 1.18.4.13.4.4 2007/08/12 07:38:18 marka Exp $
 #
 # This file must follow /bin/sh rules.  It is imported directly via
 # configure.
@@ -6,5 +6,5 @@
 MAJORVER=9
 MINORVER=1
 PATCHVER=1
-RELEASETYPE=
-RELEASEVER=
+RELEASETYPE=-P
+RELEASEVER=4