cvs commit: src/lib/libc/net getaddrinfo.c

Hiroki Sato hrs at crater.dragonflybsd.org
Wed Feb 2 07:11:29 PST 2005


hrs         2005/02/02 07:10:55 PST

DragonFly src repository

  Modified files:
    lib/libc/net         getaddrinfo.c 
  Log:
  Query A records before AAAA records in getaddrinfo() when AF_UNSPEC
  is specified.  Some broken DNS servers return NXDOMAIN against
  non-existent AAAA queries, even when it should return NOERROR
  with empty return records.  This is a problem for an IPv4/IPv6 dual
  stack node since the NXDOMAIN returned by the first query of
  an AAAA record makes it give up querying the A record.  Also, this
  behavior has been recognized as a potential denial-of-service attack.
  
  Note that although the query order has been changed, the result
  linked-list of (struct addrinfo) set by getaddrinfo() is still
  in order of AF_INET6 -> AF_INET.
  
  Reference: http://www.kb.cert.org/vuls/id/714121
  
  Revision  Changes    Path
  1.5       +11 -10    src/lib/libc/net/getaddrinfo.c


http://www.dragonflybsd.org/cvsweb/src/lib/libc/net/getaddrinfo.c.diff?r1=1.4&r2=1.5&f=u





More information about the Commits mailing list