Bug 94057 - Upgraded Port: mail/dcc-dccd to 1.3.30
Summary: Upgraded Port: mail/dcc-dccd to 1.3.30
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Emanuel Haupt
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-03-04 04:50 UTC by Dean Hollister
Modified: 2006-03-15 12:16 UTC (History)
0 users

See Also:


Attachments
file.diff (1.22 KB, patch)
2006-03-04 04:50 UTC, Dean Hollister
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Dean Hollister 2006-03-04 04:50:03 UTC
Upgraded Port: mail/dcc-dccd to 1.3.30

		Changes in this release:

			o Fix leak in dccd blacklist.

			o Change client-server protocol so that `cdcc clients` 
			  gets more than 16 bits of NOP counts.

			o updatedcc and fetchblack try two FTP and HTTP servers.

			o do not use stdio to parse whiteclnt files to deal with
			  Solaris' 255 limit on stdio file descriptors.

			o add /var/dcc/libexec/uninstalldcc
Comment 1 Emanuel Haupt freebsd_committer 2006-03-05 09:21:47 UTC
Responsible Changed
From-To: freebsd-ports-bugs->ehaupt

Take.
Comment 2 Emanuel Haupt freebsd_committer 2006-03-05 21:32:31 UTC
For the record:

--- forwarded mail begins here ---
From: Vernon Schryver <vjs@calcite.rhyolite.com>
To: dcc@calcite.rhyolite.com
Subject: Re: leak in dccd blacklist
Date: Sun, 5 Mar 2006 07:42:10 -0700 (MST)

(I'm sending this to the DCC mailing list with a bcc: to the person who asked)

> >     Fix leak in dccd blacklist.
>
> Is there maybe a detailed advisory available? I am trying to figure out
> how severe this leak is and whether we should advise FreeBSD users with
> an VuXML advisory.

Before 1.3.30, loading the blacklist was delayed until about 30 seconds
after dccd started.  If a hyper-active clients whose IP address is in
the blacklist made a request during those first 30 seconds, not only
would the request be answered, but future requests would also be answered
until the blacklist changed and dccd noticed and loaded the new version.

Only the public DCC servers use the blacklist of bad DCC clients.  Only
the largest blacklisted clients of the public DCC servers such as utk.edu
were leaked.


Vernon Schryver    vjs@rhyolite.com

--- forwarded mail ends here ---

-- 
GnuPG key id: 0x55E67774         Download: http://pgp.mit.edu:11371
Key fingerprint: 17B3 FD8F BA68 4AB4 10FD  A9D1 AD52 6588 55E6 7774
Comment 3 Emanuel Haupt freebsd_committer 2006-03-15 10:52:59 UTC
is dcc/libexec/uninstalldcc really relevant for the FreeBSD user?
Comment 4 Emanuel Haupt freebsd_committer 2006-03-15 12:16:46 UTC
State Changed
From-To: open->closed

Committed, thanks!