From 685397fc480a4e7d40ab16aa489332808dd6f7bd Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Mon, 25 Jun 2007 02:42:24 +0000 Subject: [PATCH] 2202. [security] The default acls for allow-query-cache and allow-recursion were not being applied. [RT #16960] --- CHANGES | 3 +++ bin/named/server.c | 6 +++--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/CHANGES b/CHANGES index 28d5e54d73..3351024a1e 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,6 @@ +2202. [security] The default acls for allow-query-cache and + allow-recursion were not being applied. [RT #16960] + 2200. [bug] The search for cached NSEC records was stopping to early leading to excessive DLV queries. [RT #16930] diff --git a/bin/named/server.c b/bin/named/server.c index a683da71f7..f66ee12574 100644 --- a/bin/named/server.c +++ b/bin/named/server.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: server.c,v 1.419.18.54 2007/05/15 02:31:05 marka Exp $ */ +/* $Id: server.c,v 1.419.18.55 2007/06/25 02:42:24 marka Exp $ */ /*! \file */ @@ -1438,7 +1438,7 @@ configure_view(dns_view_t *view, const cfg_obj_t *config, CHECK(configure_view_acl(vconfig, config, "allow-query-cache", actx, ns_g_mctx, &view->queryacl)); if (view->queryacl == NULL) - CHECK(configure_view_acl(NULL, ns_g_defaults, + CHECK(configure_view_acl(NULL, ns_g_config, "allow-query-cache", actx, ns_g_mctx, &view->queryacl)); @@ -1463,7 +1463,7 @@ configure_view(dns_view_t *view, const cfg_obj_t *config, * Set default "allow-recursion" acl. */ if (view->recursionacl == NULL && view->recursion) - CHECK(configure_view_acl(NULL, ns_g_defaults, "allow-recursion", + CHECK(configure_view_acl(NULL, ns_g_config, "allow-recursion", actx, ns_g_mctx, &view->recursionacl)); CHECK(configure_view_acl(vconfig, config, "sortlist",