2828. [security] Cached CNAME or DNAME RR could be returned to clients

without DNSSEC validation. [RT #20737] 9.4-ESV, 9.5.3, 9.6.2, 9.7.0, 9.8.0(?)
2009-12-30 08:02:23 +00:00
parent 0f348b269b
commit d8680445d6
15 changed files with 283 additions and 70 deletions
--- a/bin/tests/system/pending/ns2/example.com.db.in
+++ b/bin/tests/system/pending/ns2/example.com.db.in
@@ -0,0 +1,31 @@
+; Copyright (C) 2009  Internet Systems Consortium, Inc. ("ISC")
+;
+; Permission to use, copy, modify, and/or distribute this software for any
+; purpose with or without fee is hereby granted, provided that the above
+; copyright notice and this permission notice appear in all copies.
+;
+; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+; AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+; PERFORMANCE OF THIS SOFTWARE.
+
+; $Id: example.com.db.in,v 1.2 2009/12/30 08:02:22 jinmei Exp $
+
+$TTL 30
+@			IN SOA	mname1. . (
+				2009110300 ; serial
+				20         ; refresh (20 seconds)
+				20         ; retry (20 seconds)
+				1814400    ; expire (3 weeks)
+				3600       ; minimum (1 hour)
+				)
+			NS	ns2
+			MX	10 mail
+ns2			A	10.53.0.2
+mail			A	192.0.2.2
+			AAAA	2001:db8::2
+pending-ok		A	192.0.2.2
+pending-ng		A	192.0.2.102