[Midnightbsd-cvs] src: lib/dns: If a client requests DNSSEC records with the Checking
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Wed Jan 6 19:37:12 EST 2010
Log Message:
-----------
If a client requests DNSSEC records with the Checking Disabled (CD) flag
set, BIND may cache the unvalidated responses. These responses may later
be returned to another client that has not set the CD flag.
based on freebsd SA-10:01
Note this patch is slightly different and may need more work. System bind should be updated as soon as possible.
Modified Files:
--------------
src/contrib/bind9/bin/named:
query.c (r1.5 -> r1.6)
(http://cvsweb.midnightbsd.org/src/contrib/bind9/bin/named/query.c?r1=1.5&r2=1.6)
src/contrib/bind9/lib/dns:
masterdump.c (r1.1.1.5 -> r1.2)
(http://cvsweb.midnightbsd.org/src/contrib/bind9/lib/dns/masterdump.c?r1=1.1.1.5&r2=1.2)
rbtdb.c (r1.1.1.5 -> r1.2)
(http://cvsweb.midnightbsd.org/src/contrib/bind9/lib/dns/rbtdb.c?r1=1.1.1.5&r2=1.2)
resolver.c (r1.7 -> r1.8)
(http://cvsweb.midnightbsd.org/src/contrib/bind9/lib/dns/resolver.c?r1=1.7&r2=1.8)
validator.c (r1.4 -> r1.5)
(http://cvsweb.midnightbsd.org/src/contrib/bind9/lib/dns/validator.c?r1=1.4&r2=1.5)
src/contrib/bind9/lib/dns/include/dns:
types.h (r1.1.1.4 -> r1.2)
(http://cvsweb.midnightbsd.org/src/contrib/bind9/lib/dns/include/dns/types.h?r1=1.1.1.4&r2=1.2)
More information about the Midnightbsd-cvs
mailing list