ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
Files
75f83bc01de0ea32f46b26a42e1560f33db23aa3
bind9/bin/tests/system/dnssec
History
Tatuya JINMEI 神明達哉 59721b321d 2828. [security] Cached CNAME or DNAME RR could be returned to clients 
without DNSSEC validation. [RT #20737]

9.4-ESV, 9.5.3, 9.6.2, 9.7.0, 9.8.0(?)

Additional notes specific to 9.4-ESV:
- I needed to explicitly enable dnssec-validation in "pending" system tests
  because it's disabled by default for 9.4.  This is not a problem of this
  patch - the test was broken for 9.4 when it was first introduced.  Another
  reason why we need more detailed tests.
- I modified the test case for 9.4 so that it allows pending-additional-to-answer
   promotion as 9.4 doesn't include this bug fix.
2009-12-30 08:55:48 +00:00
..
ns1
update copyright notice
2006-03-10 00:23:20 +00:00
ns2
2828. [security] Cached CNAME or DNAME RR could be returned to clients
2009-12-30 08:55:48 +00:00
ns3
update copyright notice
2006-03-10 00:23:20 +00:00
ns4
update copyright notice
2007-08-28 07:20:06 +00:00
ns5
update copyright notice
2007-08-28 07:20:06 +00:00
ns6
update copyright notice
2007-08-28 07:20:06 +00:00
clean.sh
update copyright notice
2005-06-24 00:08:13 +00:00
dnssec_update_test.pl
update copyright notice
2004-03-05 05:14:21 +00:00
prereq.sh
update copyright notice
2006-01-04 00:37:23 +00:00
README
update copyright notice
2004-03-05 05:14:21 +00:00
setup.sh
1584. [bug] "make test" failed with a readonly source tree.
2004-03-10 01:06:06 +00:00
tests.sh
2828. [security] Cached CNAME or DNAME RR could be returned to clients
2009-12-30 08:55:48 +00:00

README 

Copyright (C) 2004  Internet Systems Consortium, Inc. ("ISC")
Copyright (C) 2000-2002  Internet Software Consortium.
See COPYRIGHT in the source root or http://isc.org/copyright.html for terms.

$Id: README,v 1.8 2004/03/05 05:00:08 marka Exp $

The test setup for the DNSSEC tests has a secure root.

ns1 is the root server.

ns2 and ns3 are authoritative servers for the various test domains.

ns4 is a caching-only server, configured with the correct trusted key
for the root.

ns5 is a caching-only server, configured with the an incorrect trusted
key for the root.  It is used for testing failure cases.
View Git Blame Copy Permalink