git.ipfire.org Git - thirdparty/systemd.git/commit - src/resolve/resolved-dns-transaction.c

]> git.ipfire.org Git - thirdparty/systemd.git/commit - src/resolve/resolved-dns-transaction.c

projects / thirdparty / systemd.git / commit

author	Lennart Poettering <lennart@poettering.net>
	Mon, 16 Nov 2020 22:26:37 +0000 (23:26 +0100)
committer	Lennart Poettering <lennart@poettering.net>
	Thu, 18 Feb 2021 14:55:58 +0000 (15:55 +0100)
commit	acbf761b5d22129d6eebffc6747d18414168bda0
tree	b6367482eeb7c52e1d6a1b81c3658027157b4c86	tree \| snapshot
parent	d79677ab441152639a52aef56164930fa4490633	commit \| diff

resolved: let's track fragment sizes of servers/retry on fragmenting

Fragmenting sucks, let's avoid it. Thus let's start tracking the maximum
fragment size we receive.

Also, let's redo a transaction via TCP if we see fragmenting on UDP, as
effective mitigation against DNS fragment attacks.

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom

src/resolve/resolved-dns-packet.c		diff \| blob \| blame \| history
src/resolve/resolved-dns-packet.h		diff \| blob \| blame \| history
src/resolve/resolved-dns-server.c		diff \| blob \| blame \| history
src/resolve/resolved-dns-server.h		diff \| blob \| blame \| history
src/resolve/resolved-dns-transaction.c		diff \| blob \| blame \| history