upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-04-26 08:39:00 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Update CHANGES and doc to reflect changes in master

Browse source
This commit is contained in:
Ondřej Surý 2018-06-26 11:56:20 +02:00 committed by Evan Hunt
parent 379d407773
commit cc5c3b5948
3 changed files with 14 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
CHANGES
View file

@ -1,3 +1,7 @@
4983. [func] Add the ability to not return a DNS COOKIE option
when one is present in the request (answer-cookie no;).
[GL #173]
4982. [cleanup] Return FORMERR if the question section is empty
and no COOKIE option is present; this restores
older behavior except in the newly specified
@ -48,9 +52,7 @@
4967. [cleanup] Add "answer-cookie" to the parser, marked obsolete.
4966. [func] Add the ability to not return a DNS COOKIE option
when one is present in the request (answer-cookie no;).
[GL #173]
4966. [placeholder]
4965. [func] Add support for marking options as deprecated.
[GL #322]

14
doc/arm/Bv9ARM-book.xml
View file

@ -6112,15 +6112,15 @@ options {
options level, not per-view.
</para>
<para>
<command>answer-cookie</command> is only intended as an
available measure, for use when <command>named</command>
<command>answer-cookie no</command> is intended as a
temporary measure, for use when <command>named</command>
shares an IP address with other servers that do not yet
support DNS COOKIE. A mismatch between servers on the same
address is not expected to cause operational problems, but the
option to disable COOKIE responses so that all servers have
the same behavior is provided out of an abundance of
caution. DNS COOKIE is an important security mechanism and
should not be disabled unless absolutely necessary.
address is not expected to cause operational problems, but
the option to disable COOKIE responses so that all servers
have the same behavior is provided out of an abundance of
caution. DNS COOKIE is an important security mechanism,
and should not be disabled unless absolutely necessary.
</para>
</listitem>
</varlistentry>

4
doc/arm/notes.xml
View file

@ -208,13 +208,13 @@
add 'answer-cookie no;' to named.conf. [GL #173]
</para>
<para>
<command>answer-cookie</command> is only intended as an available
<command>answer-cookie</command> is only intended as a temporary
measure, for use when <command>named</command> shares an IP address
with other servers that do not yet support DNS COOKIE. A mismatch
between servers on the same address is not expected to cause
operational problems, but the option to disable COOKIE responses so
that all servers have the same behavior is provided out of an
abundance of caution. DNS COOKIE is an important security mechanism
abundance of caution. DNS COOKIE is an important security mechanism,
and should not be disabled unless absolutely necessary.
</para>
</listitem>