]> git.ipfire.org Git - thirdparty/bind9.git/commit
projects / thirdparty / bind9.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d7ce222) | patch
Check SOA owner names in zone transfers
authorMark Andrews <marka@isc.org>
Wed, 3 Feb 2021 00:10:20 +0000 (11:10 +1100)
committerMichał Kępień <michal@isc.org>
Thu, 29 Apr 2021 09:12:38 +0000 (11:12 +0200)
commitae96ca98f757b75076e528b6fb915664aa160f3a
treea57d479d71f57a5e06052c24fc09e865cbf7c34etree | snapshot
parentd7ce222c47e0cdd4f272f9bc89ddfcf33f4a1cbfcommit | diff
Check SOA owner names in zone transfers

An IXFR containing SOA records with owner names different than the
transferred zone's origin can result in named serving a version of that
zone without an SOA record at the apex.  This causes a RUNTIME_CHECK
assertion failure the next time such a zone is refreshed.  Fix by
immediately rejecting a zone transfer (either an incremental or
non-incremental one) upon detecting an SOA record not placed at the apex
of the transferred zone.
lib/dns/xfrin.c diff | blob | blame | history
Mirror of https://gitlab.isc.org/isc-projects/bind9.git