]> git.ipfire.org Git - thirdparty/bind9.git/commit
projects / thirdparty / bind9.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0def38f) | patch
Check SOA owner names in zone transfers
authorMark Andrews <marka@isc.org>
Wed, 3 Feb 2021 00:10:20 +0000 (11:10 +1100)
committerMichał Kępień <michal@isc.org>
Thu, 29 Apr 2021 09:56:03 +0000 (11:56 +0200)
commit4eff09c6b1e524b0efc393ee948b5c4cdf16ccb8
treed4ca9615ef1c6e38af89bd75f7adc99f9070d53ctree | snapshot
parent0def38f7b4466945ef2321a074fc196f0e3e2708commit | diff
Check SOA owner names in zone transfers

An IXFR containing SOA records with owner names different than the
transferred zone's origin can result in named serving a version of that
zone without an SOA record at the apex.  This causes a RUNTIME_CHECK
assertion failure the next time such a zone is refreshed.  Fix by
immediately rejecting a zone transfer (either an incremental or
non-incremental one) upon detecting an SOA record not placed at the apex
of the transferred zone.
lib/dns/xfrin.c diff | blob | blame | history
Mirror of https://gitlab.isc.org/isc-projects/bind9.git