CHECKM(named_config_getport(config, &port), "port");
dns_view_setdstport(view, port);
- CHECK(configure_view_acl(vconfig, config, named_g_config,
- "allow-query", NULL, actx,
- named_g_mctx, &view->queryacl));
-
/*
* Make the list of response policy zone names for a view that
* is used for real lookups and so cares about hints.
"allow-query-cache-on", NULL, actx,
named_g_mctx, &view->cacheonacl));
/*
- * Set "allow-query-cache", "allow-recursion", and
- * "allow-recursion-on" acls if configured in named.conf.
- * (Ignore the global defaults for now, because these ACLs
- * can inherit from each other when only some of them set at
- * the options/view level.)
+ * Set the "allow-query", "allow-query-cache", "allow-recursion",
+ * and "allow-recursion-on" ACLs if configured in named.conf, but
+ * NOT from the global defaults. This is done by leaving the third
+ * argument to configure_view_acl() NULL.
+ *
+ * We ignore the global defaults here because these ACLs
+ * can inherit from each other. If any are still unset after
+ * applying the inheritance rules, we'll look up the defaults at
+ * that time.
*/
- CHECK(configure_view_acl(vconfig, config, NULL, "allow-query-cache",
- NULL, actx, named_g_mctx, &view->cacheacl));
+
+ /* named.conf only */
+ CHECK(configure_view_acl(vconfig, config, NULL,
+ "allow-query", NULL, actx,
+ named_g_mctx, &view->queryacl));
+
+ /* named.conf only */
+ CHECK(configure_view_acl(vconfig, config, NULL,
+ "allow-query-cache", NULL, actx,
+ named_g_mctx, &view->cacheacl));
if (strcmp(view->name, "_bind") != 0 &&
view->rdclass != dns_rdataclass_chaos)
{
+ /* named.conf only */
CHECK(configure_view_acl(vconfig, config, NULL,
"allow-recursion", NULL, actx,
named_g_mctx, &view->recursionacl));
+ /* named.conf only */
CHECK(configure_view_acl(vconfig, config, NULL,
"allow-recursion-on", NULL, actx,
named_g_mctx, &view->recursiononacl));
* the global config.
*/
if (view->recursionacl == NULL) {
+ /* global default only */
CHECK(configure_view_acl(NULL, NULL, named_g_config,
"allow-recursion", NULL,
actx, named_g_mctx,
&view->recursionacl));
}
if (view->recursiononacl == NULL) {
+ /* global default only */
CHECK(configure_view_acl(NULL, NULL, named_g_config,
"allow-recursion-on", NULL,
actx, named_g_mctx,
&view->recursiononacl));
}
if (view->cacheacl == NULL) {
+ /* global default only */
CHECK(configure_view_acl(NULL, NULL, named_g_config,
"allow-query-cache", NULL,
actx, named_g_mctx,
CHECK(dns_acl_none(mctx, &view->cacheacl));
}
+ if (view->queryacl == NULL) {
+ /* global default only */
+ CHECK(configure_view_acl(NULL, NULL, named_g_config,
+ "allow-query", NULL,
+ actx, named_g_mctx,
+ &view->queryacl));
+ }
+
/*
* Ignore case when compressing responses to the specified
* clients. This causes case not always to be preserved,
<section xml:id="relnotes_security"><info><title>Security Fixes</title></info>
<itemizedlist>
+ <listitem>
+ <para>
+ When recursion is enabled but the <command>allow-recursion</command>
+ and <command>allow-query-cache</command> ACLs are not specified, they
+ should be limited to local networks, but they were inadvertently set
+ to match the default <command>allow-query</command>, thus allowing
+ remote queries. This flaw is disclosed in CVE-2018-5738. [GL #309]
+ </para>
+ </listitem>
<listitem>
<para>
The serve-stale feature could cause an assertion failure in
rbtdb.c even when stale-answer-enable was false. The
simultaneous use of stale cache records and NSEC aggressive
negative caching could trigger a recursion loop in the
- <command>named</command> process. (CVE-2018-5737) [GL #185]
+ <command>named</command> process. This flaw is disclosed in
+ CVE-2018-5737. [GL #185]
</para>
</listitem>
<listitem>
<para>
A bug in zone database reference counting could lead to a crash
when multiple versions of a slave zone were transferred from a
- master in close succession. (CVE-2018-5736) [GL #134]
+ master in close succession. This flaw is disclosed in
+ CVE-2018-5736. [GL #134]
</para>
</listitem>
+ </itemizedlist>
+ </section>
+
+ <section xml:id="relnotes_features"><info><title>New Features</title></info>
+ <itemizedlist>
<listitem>
<para>
<command>update-policy</command> rules that otherwise ignore the
was present, it wouldn't be interpreted as expected.
</para>
</listitem>
- </itemizedlist>
- </section>
-
- <section xml:id="relnotes_features"><info><title>New Features</title></info>
- <itemizedlist>
<listitem>
<para>
- Add root key sentinel support which enables resolvers to test
- which trust anchors are configured for the root. To disable, add
- 'root-key-sentinel no;' to named.conf. [GL #37]
+ <command>named</command> now supports the "root key sentinel"
+ mechanism. This enables validating resolvers to indicate
+ which trust anchors are configured for the root, so that
+ information about root key rollover status can be gathered.
+ To disable this feature, add
+ <command>root-key-sentinel no;</command> to
+ <filename>named.conf</filename>. [GL #37]
</para>
</listitem>
<listitem>
projects / thirdparty / bind9.git / commitdiff
