]> git.ipfire.org Git - thirdparty/bind9.git/commitdiff
4212. [func] Re-query if we get a bad client cookie returned over
authorMark Andrews <marka@isc.org>
Thu, 17 Sep 2015 04:20:32 +0000 (14:20 +1000)
committerMark Andrews <marka@isc.org>
Thu, 17 Sep 2015 04:20:32 +0000 (14:20 +1000)
                        UDP. [RT #40748]

CHANGES
lib/dns/resolver.c

diff --git a/CHANGES b/CHANGES
index edf9ef9797440230de223403e118ac339ae43b7f..6198b5ba5d9c9113ac45aabb701b523415346ca5 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,6 @@
+4212.  [func]          Re-query if we get a bad client cookie returned over
+                       UDP. [RT #40748]
+
 4211.  [bug]           Ensure that lwresd gets at least one task to work
                        with if enabled. [RT #40652]
 
index 17f60b77f07694ec542123aaa267177669972d7a..d987316325d6fb0dff578120deef060e14e4aa92 100644 (file)
@@ -7756,8 +7756,7 @@ resquery_response(isc_task_t *task, isc_event_t *event) {
        if (opt != NULL)
                process_opt(query, opt);
 
-#ifdef notyet
-       if (message->cc_bad) {
+       if (message->cc_bad && (options & DNS_FETCHOPT_TCP) == 0) {
                /*
                 * If the COOKIE is bad assume it is a attack and retry.
                 */
@@ -7766,7 +7765,6 @@ resquery_response(isc_task_t *task, isc_event_t *event) {
                FCTXTRACE("bad cookie");
                goto done;
        }
-#endif
 
        /*
         * If the message is signed, check the signature.  If not, this