]> git.ipfire.org Git - thirdparty/bind9.git/commit
projects / thirdparty / bind9.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 40c375c) | patch
Change the QNAME minimization algorithm to follow the standard
authorOndřej Surý <ondrej@isc.org>
Thu, 27 Nov 2025 13:07:35 +0000 (14:07 +0100)
committerOndřej Surý <ondrej@isc.org>
Thu, 27 Nov 2025 15:47:29 +0000 (16:47 +0100)
commited460c50b7868e1f797eb609908bb97dd56149fa
treed30c3b475492acca73ee6b5e4be4636fe5751aeatree | snapshot
parent40c375c58eae35ecf4112a2fffd8d491f9dfaa4acommit | diff
Change the QNAME minimization algorithm to follow the standard

In !9155, the QNAME minimization was changed to not leak the query type
to the parent name server.  This violates RFC 9156 Section 3, step (3)
and it is not necessary.  It also breaks some (weird) authoritative DNS
setups, especially when CNAMEs are involved.  Also there is really no
privacy leak with query type.
.gitlab-ci.yml diff | blob | blame | history
bin/tests/system/dnssec/tests_validation.py diff | blob | blame | history
bin/tests/system/mirror/tests.sh diff | blob | blame | history
bin/tests/system/qmin/tests.sh diff | blob | blame | history
bin/tests/system/resolver/tests.sh diff | blob | blame | history
bin/tests/system/rpzextra/tests_rpzextra.py diff | blob | blame | history
bin/tests/system/synthfromdnssec/tests.sh diff | blob | blame | history
lib/dns/resolver.c diff | blob | blame | history
Mirror of https://gitlab.isc.org/isc-projects/bind9.git