Deadwood beta on debian lenny

Sam Trenholme strenholme.usenet at gmail.com
Mon Aug 2 14:17:14 EDT 2010 

> Quote from deadwood doc
> http://www.maradns.org/deadwood/doc/Deadwood.txt
> "The netmask is optional, and, if not present, indicates that
>   only a single IP will match."
>
> recursive_acl = "127.0.0.0/8,85.93.18.62"
> results in:
> localhost:/etc# askmara Agoogle.hu.
> # Querying the server with the IP 127.0.0.1
> # Hard Error: Timeout

OK, for the record: I wasn't the one to break that.  I can blame
someone who will remain nameless, since that certain someone has made
valuable contributions to Deadwood without getting paid.  :)

However, I am the one to fix it (if people ever wonder why their patch
doesn't get accepted in to some random open-source project, it's often
times because the maintainer of said project does not want to deal
with any bugs the patch may cause).

Attached is a patch which fixes this issue.

In addition, I have uploaded the uploaded Deadwood:

http://maradns.org/deadwood/snap/deadwood-H-20100802-2.tar.bz2

- Sam

Note: I do not answer MaraDNS (including Deadwood) support requests
sent by private email without being compensated for my time. A MaraDNS
support request is any and all discussion you may wish to have about
MaraDNS in private email; if you want to email me to talk about
MaraDNS then, yes, that is a support request. I will discuss rates if
you want this kind of support. Thank you for your understanding.

MaraDNS security vulnerability reports, however, will be dealt with
without charge and kept confidential. If you don't know what Bugtraq
is, then, no, your email is not a security report. It is not a
security report unless you've done due diligence to determine how the
security bug you think you found can reasonably be exploited.

--- deadwood-2.9.02/src/DwSocket.c      2010-07-29 10:39:10.000000000 -0700
+++ deadwood-2.9.03/src/DwSocket.c      2010-08-02 11:06:26.000000000 -0700
@@ -293,6 +293,8 @@

         q = strchr(c,'/');
         if(q == 0 || *q != '/') {
+               pop_ip_core(list,(ip_addr_T *)ip_mask,c);
+               make_netmask(ip_mask->len * 8,ip_mask->mask,ip_mask->len);
                 goto catch_pop_ip_mask;
         }
         *q = 0; /* pop_ip_core can't take an IP ending with a slash */

More information about the list mailing list