Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
ISC Open Source Projects
BIND
Commits
32bcafc3
Commit
32bcafc3
authored
Sep 19, 2017
by
Mukund Sivaraman
Browse files
Change default minimal-responses setting to no-auth-recursive (#46016)
parent
e2ed24aa
Changes
8
Hide whitespace changes
Inline
Side-by-side
CHANGES
View file @
32bcafc3
4782. [func] Change default minimal-responses setting to
no-auth-recursive. [RT #46016]
4781. [bug] Fix use after free when closing an LMDB. [RT #46000]
4780. [bug] Fix out of bounds access in DHCID totext() method.
...
...
bin/named/config.c
View file @
32bcafc3
...
...
@@ -181,7 +181,7 @@ options {\n\
message-compression yes;
\n
\
# min-roots <obsolete>;
\n
\
minimal-any false;
\n
\
minimal-responses
tru
e;
\n
\
minimal-responses
no-auth-recursiv
e;
\n
\
notify-source *;
\n
\
notify-source-v6 *;
\n
\
nsec3-test-zone no;
\n
\
...
...
bin/tests/system/resolver/ns4/tld1.db
View file @
32bcafc3
...
...
@@ -19,7 +19,8 @@ ns A 10.53.0.4
$TTL 5
to-be-removed NS ns.to-be-removed
ns.to-be-removed A 10.53.0.6
fetch 10 TXT A short ttl
fetch.tld. NS ns.fetch.tld.
ns.fetch.tld. A 10.53.0.6
no-edns-version.tld. NS ns.no-edns-version.tld.
ns.no-edns-version.tld. A 10.53.0.6
edns-version.tld. NS ns.edns-version.tld.
...
...
bin/tests/system/resolver/ns4/tld2.db
View file @
32bcafc3
...
...
@@ -16,7 +16,8 @@ $TTL 300
)
@ NS ns.tld.
ns A 10.53.0.4
fetch 10 TXT A short ttl
fetch.tld. NS ns.fetch.tld.
ns.fetch.tld. A 10.53.0.6
fetchall 10 TXT A short ttl
fetchall 10 A 1.2.3.4
fetchall 10 AAAA ::1
...
...
bin/tests/system/resolver/ns6/fetch.tld.db
0 → 100644
View file @
32bcafc3
; Copyright (C) 2011, 2016 Internet Systems Consortium, Inc. ("ISC")
;
; This Source Code Form is subject to the terms of the Mozilla Public
; License, v. 2.0. If a copy of the MPL was not distributed with this
; file, You can obtain one at http://mozilla.org/MPL/2.0/.
; $Id: moves.db,v 1.3 2011/03/13 23:47:36 tbox Exp $
$TTL 300
@ IN SOA marka.isc.org. ns.fetch.tld. (
2010 ; serial
600 ; refresh
600 ; retry
1200 ; expire
600 ; minimum
)
@ NS ns.fetch.tld.
ns.fetch.tld. A 10.53.0.6
@ 10 TXT A short ttl
bin/tests/system/resolver/ns6/named.conf
View file @
32bcafc3
...
...
@@ -68,3 +68,8 @@ zone "delegation-only" {
type
master
;
file
"delegation-only.db"
;
};
zone
"fetch.tld"
{
type
master
;
file
"fetch.tld.db"
;
};
doc/arm/Bv9ARM-book.xml
View file @
32bcafc3
...
...
@@ -6239,7 +6239,9 @@ options {
unless they are required, but it may still add
records to the additional section. When set to
<userinput>no-auth-recursive</userinput>, this
is only done if the query is recursive. These
is only done if the query is recursive. When the
query is not recursive, the effect is same as if
<userinput>no</userinput> was specified. These
settings are useful when answering stub clients,
which usually ignore the authority section.
<userinput>no-auth-recursive</userinput> is
...
...
@@ -6247,7 +6249,8 @@ options {
both authoritative and recursive queries.
</para>
<para>
The default is <userinput>yes</userinput>.
The default is
<userinput>no-auth-recursive</userinput>.
</para>
</listitem>
</varlistentry>
...
...
@@ -6269,11 +6272,6 @@ options {
at the cost of increased memory usage for the zone. If
you don't want this, set it to <userinput>no</userinput>.
</para>
<para>
The glue cache is only used when
<userinput>minimal-responses</userinput> is also set
to <userinput>yes</userinput>.
</para>
</listitem>
</varlistentry>
...
...
lib/ns/query.c
View file @
32bcafc3
...
...
@@ -2063,10 +2063,12 @@ query_addadditional(void *arg, const dns_name_t *name, dns_rdatatype_t qtype) {
return
(
eresult
);
}
static
inline
void
query_addrdataset
(
ns_client_t
*
client
,
dns_
name_t
*
fname
,
dns_rdataset_t
*
rdataset
)
static
void
query_addrdataset
(
ns_client_t
*
client
,
dns_
section_t
section
,
dns_name_t
*
fname
,
dns_rdataset_t
*
rdataset
)
{
UNUSED
(
section
);
/*
* Add 'rdataset' and any pertinent additional data to
* 'fname', a name in the response message for 'client'.
...
...
@@ -2089,7 +2091,6 @@ query_addrdataset(ns_client_t *client, dns_name_t *fname,
* Try to process glue directly.
*/
if
(
client
->
view
->
use_glue_cache
&&
(
client
->
view
->
minimalresponses
==
dns_minimal_yes
)
&&
(
rdataset
->
type
==
dns_rdatatype_ns
)
&&
(
client
->
query
.
gluedb
!=
NULL
)
&&
dns_db_iszone
(
client
->
query
.
gluedb
))
...
...
@@ -2191,7 +2192,7 @@ query_addrrset(ns_client_t *client, dns_name_t **namep,
* we do not need to check if the SIG rdataset is already in the
* response.
*/
query_addrdataset
(
client
,
mname
,
rdataset
);
query_addrdataset
(
client
,
section
,
mname
,
rdataset
);
*
rdatasetp
=
NULL
;
if
(
sigrdataset
!=
NULL
&&
dns_rdataset_isassociated
(
sigrdataset
))
{
/*
...
...
@@ -7051,6 +7052,7 @@ query_dns64(query_ctx_t *qctx) {
isc_netaddr_t
netaddr
;
dns_dns64_t
*
dns64
;
unsigned
int
flags
=
0
;
const
dns_section_t
section
=
DNS_SECTION_ANSWER
;
/*%
* To the current response for 'qctx->client', add the answer RRset
...
...
@@ -7074,7 +7076,7 @@ query_dns64(query_ctx_t *qctx) {
dns64_rdata
=
NULL
;
dns64_rdataset
=
NULL
;
dns64_rdatalist
=
NULL
;
result
=
dns_message_findname
(
client
->
message
,
DNS_SECTION_ANSWER
,
result
=
dns_message_findname
(
client
->
message
,
section
,
name
,
dns_rdatatype_aaaa
,
qctx
->
rdataset
->
covers
,
&
mname
,
&
mrdataset
);
...
...
@@ -7094,7 +7096,7 @@ query_dns64(query_ctx_t *qctx) {
*/
if
(
qctx
->
dbuf
!=
NULL
)
query_keepname
(
client
,
name
,
qctx
->
dbuf
);
dns_message_addname
(
client
->
message
,
name
,
DNS_SECTION_ANSWER
);
dns_message_addname
(
client
->
message
,
name
,
section
);
qctx
->
fname
=
NULL
;
mname
=
name
;
}
else
{
...
...
@@ -7187,7 +7189,7 @@ query_dns64(query_ctx_t *qctx) {
dns_rdataset_setownercase
(
dns64_rdataset
,
mname
);
client
->
query
.
attributes
|=
NS_QUERYATTR_NOADDITIONAL
;
dns64_rdataset
->
trust
=
qctx
->
rdataset
->
trust
;
query_addrdataset
(
client
,
mname
,
dns64_rdataset
);
query_addrdataset
(
client
,
section
,
mname
,
dns64_rdataset
);
dns64_rdataset
=
NULL
;
dns64_rdatalist
=
NULL
;
dns_message_takebuffer
(
client
->
message
,
&
buffer
);
...
...
@@ -7232,6 +7234,7 @@ query_filter64(query_ctx_t *qctx) {
isc_region_t
r
;
isc_result_t
result
;
unsigned
int
i
;
const
dns_section_t
section
=
DNS_SECTION_ANSWER
;
CTRACE
(
ISC_LOG_DEBUG
(
3
),
"query_filter64"
);
...
...
@@ -7245,7 +7248,7 @@ query_filter64(query_ctx_t *qctx) {
myrdata
=
NULL
;
myrdataset
=
NULL
;
myrdatalist
=
NULL
;
result
=
dns_message_findname
(
client
->
message
,
DNS_SECTION_ANSWER
,
result
=
dns_message_findname
(
client
->
message
,
section
,
name
,
dns_rdatatype_aaaa
,
qctx
->
rdataset
->
covers
,
&
mname
,
&
myrdataset
);
...
...
@@ -7322,11 +7325,11 @@ query_filter64(query_ctx_t *qctx) {
if
(
qctx
->
dbuf
!=
NULL
)
query_keepname
(
client
,
name
,
qctx
->
dbuf
);
dns_message_addname
(
client
->
message
,
name
,
DNS_SECTION_ANSWER
);
section
);
qctx
->
dbuf
=
NULL
;
}
myrdataset
->
trust
=
qctx
->
rdataset
->
trust
;
query_addrdataset
(
client
,
mname
,
myrdataset
);
query_addrdataset
(
client
,
section
,
mname
,
myrdataset
);
myrdataset
=
NULL
;
myrdatalist
=
NULL
;
dns_message_takebuffer
(
client
->
message
,
&
buffer
);
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment