upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-05-28 04:34:54 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
bind9/lib/isccfg
History
Evan Hunt 95fc625d60
Disable recursion for non-IN classes 
Force recursion off, and set allow-recursion/allow-recursion-on ACLs
to none, for views with a class other than IN. Log a configuration
warning if recursion is explicitly enabled for a non-IN view.

This addresses YWH-PGM40640-74 and YWH-PGM40640-75 by preventing any
attempt at recursive processing in a class-CHAOS view, ensuring that
server addresses used for recursive queries and received in recursive
responses are of the expected format.

Fixes: isc-projects/bind9#5780
Fixes: isc-projects/bind9#5781

(cherry picked from commit 7becff1a14684a68208c92b3b0315c045c05ad75)
2026-05-07 13:09:18 +02:00
..
include Change checkconf to include built-in dnssec-policy 2025-09-29 15:13:26 +02:00
aclconf.c Apply more SET_IF_NOT_NULL() changes 2024-12-13 13:50:05 +00:00
check.c Disable recursion for non-IN classes 2026-05-07 13:09:18 +02:00
dnsconf.c Update the copyright information in all files in the repository 2022-01-11 09:05:02 +01:00
duration.c Remove redundant parentheses from the return statement 2024-11-19 14:26:52 +01:00
kaspconf.c Fix KASP key leaks on keystore lookup failure 2026-03-16 11:05:03 +01:00
log.c Update the copyright information in all files in the repository 2022-01-11 09:05:02 +01:00
Makefile.am Move bind9/check to isccfg/check 2023-02-17 12:13:37 +00:00
namedconf.c standardize CHECK and RETERR macros 2025-12-03 19:17:20 -08:00
parser.c standardize CHECK and RETERR macros 2025-12-03 19:17:20 -08:00
tests Move all the unit tests to /tests/<libname>/ 2022-05-28 14:53:02 -07:00