]> git.ipfire.org Git - thirdparty/bind9.git/commit
projects / thirdparty / bind9.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ab97f6e) | patch
Retry lookups with unsigned DNAME over TCP
authorMark Andrews <marka@isc.org>
Wed, 13 Aug 2025 03:56:01 +0000 (13:56 +1000)
committerMichał Kępień <michal@isc.org>
Thu, 2 Oct 2025 10:58:54 +0000 (12:58 +0200)
commita266f329e908313c5669a45751bd1cd84f3bd95b
tree1d112cdacf016ac18e3ec192d452f85e04aa5ff8tree | snapshot
parentab97f6e9f4405b61ba2051363104fc812cac5270commit | diff
Retry lookups with unsigned DNAME over TCP

To prevent spoofed unsigned DNAME responses being accepted retry
response with unsigned DNAMEs over TCP if the response is not TSIG
signed or there isn't a good DNS CLIENT COOKIE.

(cherry picked from commit 2e40705c06831988106335ed77db3cf924d431f6)
doc/arm/reference.rst diff | blob | blame | history
lib/dns/include/dns/message.h diff | blob | blame | history
lib/dns/message.c diff | blob | blame | history
lib/dns/resolver.c diff | blob | blame | history
Mirror of https://gitlab.isc.org/isc-projects/bind9.git