Disable ZONEVERSION for built-in chaos and empty zones

diff --git a/bin/named/config.c b/bin/named/config.c
index ade302bd74118c54bb00990a5623db371b9e1a72..c3bc87b0abf1bc2d1fe5bab56623cb5de8ee5b4a 100644 (file)
--- a/bin/named/config.c
+++ b/bin/named/config.c
@@ -262,6 +262,7 @@ view \"_bind\" chaos {\n\
        notify no;\n\
        allow-new-zones no;\n\
        max-cache-size 2M;\n\
+       provide-zoneversion no;\n\
 \n\
        # Prevent use of this zone in DNS amplified reflection DoS attacks\n\
        rate-limit {\n\

diff --git a/bin/named/server.c b/bin/named/server.c
index d271c153cf2a111a9a65fd1e6ec6dd20cf604bce..f57a7276541de81687d32fc0bfd76c6687ccab6e 100644 (file)
--- a/bin/named/server.c
+++ b/bin/named/server.c
@@ -3253,6 +3253,7 @@ create_empty_zone(dns_zone_t *pzone, dns_name_t *name, dns_view_t *view,
 
        dns_zone_setoption(zone, ~DNS_ZONEOPT_NOCHECKNS, false);
        dns_zone_setoption(zone, DNS_ZONEOPT_NOCHECKNS, true);
+       dns_zone_setoption(zone, DNS_ZONEOPT_ZONEVERSION, false);
        dns_zone_setcheckdstype(zone, dns_checkdstype_no);
        dns_zone_setnotifytype(zone, dns_notifytype_no);
        dns_zone_setautomatic(zone, true);