mirror of
https://gitlab.isc.org/isc-projects/bind9
synced 2025-08-30 14:07:59 +00:00
[master] fix a problem with libgeoip 1.5 and higher
3715. [bug] The region and city databases could fail to initialize when using some versions of libGeoIP, causing assertion failures when named was configured to use them. [RT #35427]
This commit is contained in:
Evan Hunt
parent
db519a99ce
commit
83f69fcd6e
5
CHANGES
5
CHANGES
@ -1,3 +1,8 @@
|
|||||||
|
3715. [bug] The region and city databases could fail to
|
||||||
|
initialize when using some versions of libGeoIP,
|
||||||
|
causing assertion failures when named was
|
||||||
|
configured to use them. [RT #35427]
|
||||||
|
|
||||||
3714. [test] System tests that need to test for cryptography
|
3714. [test] System tests that need to test for cryptography
|
||||||
support before running can now use a common
|
support before running can now use a common
|
||||||
"testcrypto.sh" script to do so. [RT #35213]
|
"testcrypto.sh" script to do so. [RT #35213]
|
||||||
|
|||||||
@ -31,7 +31,7 @@ static dns_geoip_databases_t geoip_table = {
|
|||||||
};
|
};
|
||||||
|
|
||||||
static void
|
static void
|
||||||
init_geoip_db(GeoIP **dbp, GeoIPDBTypes edition,
|
init_geoip_db(GeoIP **dbp, GeoIPDBTypes edition, GeoIPDBTypes fallback,
|
||||||
GeoIPOptions method, const char *name)
|
GeoIPOptions method, const char *name)
|
||||||
{
|
{
|
||||||
char *info;
|
char *info;
|
||||||
@ -49,22 +49,22 @@ init_geoip_db(GeoIP **dbp, GeoIPDBTypes edition,
|
|||||||
if (! GeoIP_db_avail(edition)) {
|
if (! GeoIP_db_avail(edition)) {
|
||||||
isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
|
isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
|
||||||
NS_LOGMODULE_SERVER, ISC_LOG_INFO,
|
NS_LOGMODULE_SERVER, ISC_LOG_INFO,
|
||||||
"GeoIP %s DB not available", name);
|
"GeoIP %s (type %d) DB not available", name, edition);
|
||||||
return;
|
goto fail;
|
||||||
}
|
}
|
||||||
|
|
||||||
isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
|
isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
|
||||||
NS_LOGMODULE_SERVER, ISC_LOG_INFO,
|
NS_LOGMODULE_SERVER, ISC_LOG_INFO,
|
||||||
"initializing GeoIP %s DB", name);
|
"initializing GeoIP %s (type %d) DB", name, edition);
|
||||||
|
|
||||||
db = GeoIP_open_type(edition, method);
|
db = GeoIP_open_type(edition, method);
|
||||||
if (db == NULL) {
|
if (db == NULL) {
|
||||||
isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
|
isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
|
||||||
NS_LOGMODULE_SERVER, ISC_LOG_ERROR,
|
NS_LOGMODULE_SERVER, ISC_LOG_ERROR,
|
||||||
"failed to initialize GeoIP %s DB; "
|
"failed to initialize GeoIP %s (type %d) DB%s",
|
||||||
"geoip matches using this database will fail",
|
name, edition, fallback == 0
|
||||||
name);
|
? "geoip matches using this database will fail" : "");
|
||||||
return;
|
goto fail;
|
||||||
}
|
}
|
||||||
|
|
||||||
info = GeoIP_database_info(db);
|
info = GeoIP_database_info(db);
|
||||||
@ -74,18 +74,11 @@ init_geoip_db(GeoIP **dbp, GeoIPDBTypes edition,
|
|||||||
"%s", info);
|
"%s", info);
|
||||||
|
|
||||||
*dbp = db;
|
*dbp = db;
|
||||||
}
|
return;
|
||||||
|
fail:
|
||||||
|
if (fallback != 0)
|
||||||
|
init_geoip_db(dbp, fallback, 0, method, name);
|
||||||
|
|
||||||
static GeoIPDBTypes
|
|
||||||
choose_rev(GeoIPDBTypes primary, GeoIPDBTypes secondary, const char *name) {
|
|
||||||
if (GeoIP_db_avail(primary))
|
|
||||||
return (primary);
|
|
||||||
if (GeoIP_db_avail(secondary))
|
|
||||||
return (secondary);
|
|
||||||
isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
|
|
||||||
NS_LOGMODULE_SERVER, ISC_LOG_INFO,
|
|
||||||
"GeoIP %s DB: neither revision available", name);
|
|
||||||
return (0);
|
|
||||||
}
|
}
|
||||||
#endif /* HAVE_GEOIP */
|
#endif /* HAVE_GEOIP */
|
||||||
|
|
||||||
@ -124,41 +117,32 @@ ns_geoip_load(char *dir) {
|
|||||||
GeoIP_setup_custom_directory(dir);
|
GeoIP_setup_custom_directory(dir);
|
||||||
}
|
}
|
||||||
|
|
||||||
init_geoip_db(&ns_g_geoip->country_v4, GEOIP_COUNTRY_EDITION,
|
init_geoip_db(&ns_g_geoip->country_v4, GEOIP_COUNTRY_EDITION, 0,
|
||||||
method, "Country (IPv4)");
|
method, "Country (IPv4)");
|
||||||
#ifdef HAVE_GEOIP_V6
|
#ifdef HAVE_GEOIP_V6
|
||||||
init_geoip_db(&ns_g_geoip->country_v6, GEOIP_COUNTRY_EDITION_V6,
|
init_geoip_db(&ns_g_geoip->country_v6, GEOIP_COUNTRY_EDITION_V6, 0,
|
||||||
method, "Country (IPv6)");
|
method, "Country (IPv6)");
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
edition = choose_rev(GEOIP_CITY_EDITION_REV0,
|
init_geoip_db(&ns_g_geoip->city_v4, GEOIP_CITY_EDITION_REV1,
|
||||||
GEOIP_CITY_EDITION_REV1, "City (IPv4)");
|
GEOIP_CITY_EDITION_REV0, method, "City (IPv4)");
|
||||||
if (edition != 0)
|
|
||||||
init_geoip_db(&ns_g_geoip->city_v4, edition,
|
|
||||||
method, "City (IPv4)");
|
|
||||||
#if defined(HAVE_GEOIP_V6) && defined(HAVE_GEOIP_CITY_V6)
|
#if defined(HAVE_GEOIP_V6) && defined(HAVE_GEOIP_CITY_V6)
|
||||||
edition = choose_rev(GEOIP_CITY_EDITION_REV0_V6,
|
init_geoip_db(&ns_g_geoip->city_v6, GEOIP_CITY_EDITION_REV1_V6,
|
||||||
GEOIP_CITY_EDITION_REV1_V6, "City (IPv6)");
|
GEOIP_CITY_EDITION_REV0_V6, method, "City (IPv6)");
|
||||||
if (edition != 0)
|
|
||||||
init_geoip_db(&ns_g_geoip->city_v6, edition,
|
|
||||||
method, "City (IPv6)");
|
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
init_geoip_db(&ns_g_geoip->region, GEOIP_REGION_EDITION_REV1,
|
||||||
|
GEOIP_REGION_EDITION_REV0, method, "Region");
|
||||||
|
|
||||||
edition = choose_rev(GEOIP_REGION_EDITION_REV0,
|
init_geoip_db(&ns_g_geoip->isp, GEOIP_ISP_EDITION, 0,
|
||||||
GEOIP_REGION_EDITION_REV1, "Region");
|
|
||||||
if (edition != 0)
|
|
||||||
init_geoip_db(&ns_g_geoip->region, edition, method, "Region");
|
|
||||||
|
|
||||||
init_geoip_db(&ns_g_geoip->isp, GEOIP_ISP_EDITION,
|
|
||||||
method, "ISP");
|
method, "ISP");
|
||||||
init_geoip_db(&ns_g_geoip->org, GEOIP_ORG_EDITION,
|
init_geoip_db(&ns_g_geoip->org, GEOIP_ORG_EDITION, 0,
|
||||||
method, "Org");
|
method, "Org");
|
||||||
init_geoip_db(&ns_g_geoip->as, GEOIP_ASNUM_EDITION,
|
init_geoip_db(&ns_g_geoip->as, GEOIP_ASNUM_EDITION, 0,
|
||||||
method, "AS");
|
method, "AS");
|
||||||
init_geoip_db(&ns_g_geoip->domain, GEOIP_DOMAIN_EDITION,
|
init_geoip_db(&ns_g_geoip->domain, GEOIP_DOMAIN_EDITION, 0,
|
||||||
method, "Domain");
|
method, "Domain");
|
||||||
init_geoip_db(&ns_g_geoip->netspeed, GEOIP_NETSPEED_EDITION,
|
init_geoip_db(&ns_g_geoip->netspeed, GEOIP_NETSPEED_EDITION, 0,
|
||||||
method, "NetSpeed");
|
method, "NetSpeed");
|
||||||
#endif /* HAVE_GEOIP */
|
#endif /* HAVE_GEOIP */
|
||||||
}
|
}
|
||||||
|
|||||||
@ -655,8 +655,11 @@ dns_geoip_match(const isc_netaddr_t *reqaddr,
|
|||||||
maxlen = 255;
|
maxlen = 255;
|
||||||
getcountry:
|
getcountry:
|
||||||
db = DB46(reqaddr, geoip, country);
|
db = DB46(reqaddr, geoip, country);
|
||||||
INSIST(db != NULL);
|
if (db == NULL)
|
||||||
|
return (ISC_FALSE);
|
||||||
|
|
||||||
INSIST(elt->as_string != NULL);
|
INSIST(elt->as_string != NULL);
|
||||||
|
|
||||||
cs = country_lookup(db, subtype, reqaddr->family,
|
cs = country_lookup(db, subtype, reqaddr->family,
|
||||||
ipnum, ipnum6);
|
ipnum, ipnum6);
|
||||||
if (cs != NULL && strncasecmp(elt->as_string, cs, maxlen) == 0)
|
if (cs != NULL && strncasecmp(elt->as_string, cs, maxlen) == 0)
|
||||||
@ -675,6 +678,9 @@ dns_geoip_match(const isc_netaddr_t *reqaddr,
|
|||||||
INSIST(elt->as_string != NULL);
|
INSIST(elt->as_string != NULL);
|
||||||
|
|
||||||
db = DB46(reqaddr, geoip, city);
|
db = DB46(reqaddr, geoip, city);
|
||||||
|
if (db == NULL)
|
||||||
|
return (ISC_FALSE);
|
||||||
|
|
||||||
record = city_lookup(db, subtype,
|
record = city_lookup(db, subtype,
|
||||||
reqaddr->family, ipnum, ipnum6);
|
reqaddr->family, ipnum, ipnum6);
|
||||||
if (record == NULL)
|
if (record == NULL)
|
||||||
@ -688,6 +694,9 @@ dns_geoip_match(const isc_netaddr_t *reqaddr,
|
|||||||
|
|
||||||
case dns_geoip_city_metrocode:
|
case dns_geoip_city_metrocode:
|
||||||
db = DB46(reqaddr, geoip, city);
|
db = DB46(reqaddr, geoip, city);
|
||||||
|
if (db == NULL)
|
||||||
|
return (ISC_FALSE);
|
||||||
|
|
||||||
record = city_lookup(db, subtype,
|
record = city_lookup(db, subtype,
|
||||||
reqaddr->family, ipnum, ipnum6);
|
reqaddr->family, ipnum, ipnum6);
|
||||||
if (record == NULL)
|
if (record == NULL)
|
||||||
@ -699,6 +708,9 @@ dns_geoip_match(const isc_netaddr_t *reqaddr,
|
|||||||
|
|
||||||
case dns_geoip_city_areacode:
|
case dns_geoip_city_areacode:
|
||||||
db = DB46(reqaddr, geoip, city);
|
db = DB46(reqaddr, geoip, city);
|
||||||
|
if (db == NULL)
|
||||||
|
return (ISC_FALSE);
|
||||||
|
|
||||||
record = city_lookup(db, subtype,
|
record = city_lookup(db, subtype,
|
||||||
reqaddr->family, ipnum, ipnum6);
|
reqaddr->family, ipnum, ipnum6);
|
||||||
if (record == NULL)
|
if (record == NULL)
|
||||||
@ -711,7 +723,10 @@ dns_geoip_match(const isc_netaddr_t *reqaddr,
|
|||||||
case dns_geoip_region_countrycode:
|
case dns_geoip_region_countrycode:
|
||||||
case dns_geoip_region_code:
|
case dns_geoip_region_code:
|
||||||
case dns_geoip_region_name:
|
case dns_geoip_region_name:
|
||||||
INSIST(geoip->region != NULL);
|
case dns_geoip_region:
|
||||||
|
if (geoip->region == NULL)
|
||||||
|
return (ISC_FALSE);
|
||||||
|
|
||||||
INSIST(elt->as_string != NULL);
|
INSIST(elt->as_string != NULL);
|
||||||
|
|
||||||
/* Region DB is not supported for IPv6 */
|
/* Region DB is not supported for IPv6 */
|
||||||
@ -744,7 +759,9 @@ dns_geoip_match(const isc_netaddr_t *reqaddr,
|
|||||||
db = geoip->domain;
|
db = geoip->domain;
|
||||||
|
|
||||||
getname:
|
getname:
|
||||||
INSIST(db != NULL);
|
if (db == NULL)
|
||||||
|
return (ISC_FALSE);
|
||||||
|
|
||||||
INSIST(elt->as_string != NULL);
|
INSIST(elt->as_string != NULL);
|
||||||
/* ISP, Org, AS, and Domain are not supported for IPv6 */
|
/* ISP, Org, AS, and Domain are not supported for IPv6 */
|
||||||
if (reqaddr->family == AF_INET6)
|
if (reqaddr->family == AF_INET6)
|
||||||
|
|||||||
@ -45,7 +45,7 @@ static dns_geoip_databases_t geoip = {
|
|||||||
};
|
};
|
||||||
|
|
||||||
static void
|
static void
|
||||||
init_geoip_db(GeoIP **dbp, GeoIPDBTypes edition,
|
init_geoip_db(GeoIP **dbp, GeoIPDBTypes edition, GeoIPDBTypes fallback,
|
||||||
GeoIPOptions method, const char *name)
|
GeoIPOptions method, const char *name)
|
||||||
{
|
{
|
||||||
char *info;
|
char *info;
|
||||||
@ -61,18 +61,22 @@ init_geoip_db(GeoIP **dbp, GeoIPDBTypes edition,
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (! GeoIP_db_avail(edition)) {
|
if (! GeoIP_db_avail(edition)) {
|
||||||
fprintf(stderr, "GeoIP %s DB not available\n", name);
|
fprintf(stderr, "GeoIP %s (type %d) DB not available\n",
|
||||||
return;
|
name, edition);
|
||||||
|
goto fail;
|
||||||
}
|
}
|
||||||
|
|
||||||
fprintf(stderr, "initializing GeoIP %s DB\n", name);
|
fprintf(stderr, "initializing GeoIP %s (type %d) DB\n",
|
||||||
|
name, edition);
|
||||||
|
|
||||||
db = GeoIP_open_type(edition, method);
|
db = GeoIP_open_type(edition, method);
|
||||||
if (db == NULL) {
|
if (db == NULL) {
|
||||||
fprintf(stderr, "failed to initialize GeoIP %s DB; "
|
fprintf(stderr,
|
||||||
"geoip matches using this database will fail\n",
|
"failed to initialize GeoIP %s (type %d) DB%s\n",
|
||||||
name);
|
name, edition, fallback == 0
|
||||||
return;
|
? "; geoip matches using this database will fail"
|
||||||
|
: "");
|
||||||
|
goto fail;
|
||||||
}
|
}
|
||||||
|
|
||||||
info = GeoIP_database_info(db);
|
info = GeoIP_database_info(db);
|
||||||
@ -80,22 +84,16 @@ init_geoip_db(GeoIP **dbp, GeoIPDBTypes edition,
|
|||||||
fprintf(stderr, "%s\n", info);
|
fprintf(stderr, "%s\n", info);
|
||||||
|
|
||||||
*dbp = db;
|
*dbp = db;
|
||||||
}
|
return;
|
||||||
|
|
||||||
static GeoIPDBTypes
|
fail:
|
||||||
choose_rev(GeoIPDBTypes primary, GeoIPDBTypes secondary, const char *name) {
|
if (fallback != 0)
|
||||||
if (GeoIP_db_avail(primary))
|
init_geoip_db(dbp, fallback, 0, method, name);
|
||||||
return (primary);
|
|
||||||
if (GeoIP_db_avail(secondary))
|
|
||||||
return (secondary);
|
|
||||||
fprintf(stderr, "GeoIP %s DB: neither revision available\n", name);
|
|
||||||
return (0);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
static void
|
static void
|
||||||
load_geoip(const char *dir) {
|
load_geoip(const char *dir) {
|
||||||
GeoIPOptions method;
|
GeoIPOptions method;
|
||||||
GeoIPDBTypes edition;
|
|
||||||
|
|
||||||
#ifdef _WIN32
|
#ifdef _WIN32
|
||||||
method = GEOIP_STANDARD;
|
method = GEOIP_STANDARD;
|
||||||
@ -109,38 +107,31 @@ load_geoip(const char *dir) {
|
|||||||
GeoIP_setup_custom_directory(p);
|
GeoIP_setup_custom_directory(p);
|
||||||
}
|
}
|
||||||
|
|
||||||
init_geoip_db(&geoip.country_v4, GEOIP_COUNTRY_EDITION,
|
init_geoip_db(&geoip.country_v4, GEOIP_COUNTRY_EDITION, 0,
|
||||||
method, "Country (IPv4)");
|
method, "Country (IPv4)");
|
||||||
#ifdef HAVE_GEOIP_V6
|
#ifdef HAVE_GEOIP_V6
|
||||||
init_geoip_db(&geoip.country_v6, GEOIP_COUNTRY_EDITION_V6,
|
init_geoip_db(&geoip.country_v6, GEOIP_COUNTRY_EDITION_V6, 0,
|
||||||
method, "Country (IPv6)");
|
method, "Country (IPv6)");
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
edition = choose_rev(GEOIP_CITY_EDITION_REV0,
|
init_geoip_db(&geoip.city_v4, GEOIP_CITY_EDITION_REV1,
|
||||||
GEOIP_CITY_EDITION_REV1, "City (IPv4)");
|
GEOIP_CITY_EDITION_REV0, method, "City (IPv4)");
|
||||||
if (edition != 0)
|
|
||||||
init_geoip_db(&geoip.city_v4, edition, method, "City (IPv4)");
|
|
||||||
#if defined(HAVE_GEOIP_V6) && defined(HAVE_GEOIP_CITY_V6)
|
#if defined(HAVE_GEOIP_V6) && defined(HAVE_GEOIP_CITY_V6)
|
||||||
edition = choose_rev(GEOIP_CITY_EDITION_REV0_V6,
|
init_geoip_db(&geoip.city_v6, GEOIP_CITY_EDITION_REV1_V6,
|
||||||
GEOIP_CITY_EDITION_REV1_V6, "City (IPv6)");
|
GEOIP_CITY_EDITION_REV0_V6, method, "City (IPv6)");
|
||||||
if (edition != 0)
|
|
||||||
init_geoip_db(&geoip.city_v6, edition, method, "City (IPv6)");
|
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
edition = choose_rev(GEOIP_REGION_EDITION_REV0,
|
init_geoip_db(&geoip.region, GEOIP_REGION_EDITION_REV1,
|
||||||
GEOIP_REGION_EDITION_REV1, "Region");
|
GEOIP_REGION_EDITION_REV0, method, "Region");
|
||||||
if (edition != 0)
|
init_geoip_db(&geoip.isp, GEOIP_ISP_EDITION, 0,
|
||||||
init_geoip_db(&geoip.region, edition, method, "Region");
|
|
||||||
|
|
||||||
init_geoip_db(&geoip.isp, GEOIP_ISP_EDITION,
|
|
||||||
method, "ISP");
|
method, "ISP");
|
||||||
init_geoip_db(&geoip.org, GEOIP_ORG_EDITION,
|
init_geoip_db(&geoip.org, GEOIP_ORG_EDITION, 0,
|
||||||
method, "Org");
|
method, "Org");
|
||||||
init_geoip_db(&geoip.as, GEOIP_ASNUM_EDITION,
|
init_geoip_db(&geoip.as, GEOIP_ASNUM_EDITION, 0,
|
||||||
method, "AS");
|
method, "AS");
|
||||||
init_geoip_db(&geoip.domain, GEOIP_DOMAIN_EDITION,
|
init_geoip_db(&geoip.domain, GEOIP_DOMAIN_EDITION, 0,
|
||||||
method, "Domain");
|
method, "Domain");
|
||||||
init_geoip_db(&geoip.netspeed, GEOIP_NETSPEED_EDITION,
|
init_geoip_db(&geoip.netspeed, GEOIP_NETSPEED_EDITION, 0,
|
||||||
method, "NetSpeed");
|
method, "NetSpeed");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user