mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-09-05 09:05:40 +00:00
Code Issues Releases Wiki Activity

1947. [func] It is now possible to configure named to accept

Browse Source 
expired RRSIGs.  Default "dnssec-accept-expired no;".
                        Setting "dnssec-accept-expired yes;" leaves named
                        vulnerable to replay attacks.  [RT #14685]
This commit is contained in:
Mark Andrews
2006-01-04 02:35:49 +00:00
parent 35da39a7f1
commit fabf2ee6b0
10 changed files with 66 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
lib/dns/view.c
View File

@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: view.c,v 1.133 2005/09/05 00:11:02 marka Exp $ */
/* $Id: view.c,v 1.134 2006/01/04 02:35:49 marka Exp $ */
/*! \file */
@@ -160,6 +160,7 @@ dns_view_create(isc_mem_t *mctx, dns_rdataclass_t rdclass,
view->additionalfromcache = ISC_TRUE;
view->additionalfromauth = ISC_TRUE;
view->enablednssec = ISC_TRUE;
view->acceptexpired = ISC_FALSE;
view->minimalresponses = ISC_FALSE;
view->transfer_format = dns_one_answer;
view->queryacl = NULL;