cvs commit: src/lib/libc/net getaddrinfo.c
Hiroki Sato
hrs at crater.dragonflybsd.org
Wed Feb 2 07:11:29 PST 2005
hrs 2005/02/02 07:10:55 PST
DragonFly src repository
Modified files:
lib/libc/net getaddrinfo.c
Log:
Query A records before AAAA records in getaddrinfo() when AF_UNSPEC
is specified. Some broken DNS servers return NXDOMAIN against
non-existent AAAA queries, even when it should return NOERROR
with empty return records. This is a problem for an IPv4/IPv6 dual
stack node since the NXDOMAIN returned by the first query of
an AAAA record makes it give up querying the A record. Also, this
behavior has been recognized as a potential denial-of-service attack.
Note that although the query order has been changed, the result
linked-list of (struct addrinfo) set by getaddrinfo() is still
in order of AF_INET6 -> AF_INET.
Reference: http://www.kb.cert.org/vuls/id/714121
Revision Changes Path
1.5 +11 -10 src/lib/libc/net/getaddrinfo.c
http://www.dragonflybsd.org/cvsweb/src/lib/libc/net/getaddrinfo.c.diff?r1=1.4&r2=1.5&f=u
More information about the Commits
mailing list