39 lines
1.2 KiB
Diff
39 lines
1.2 KiB
Diff
From 7db2796507127b40e2f091dafb842c6a7e86b9a8 Mon Sep 17 00:00:00 2001
|
|
From: Mark Andrews <marka@isc.org>
|
|
Date: Thu, 12 Oct 2023 12:01:46 +1100
|
|
Subject: [PATCH] Restore dns64 state during serve-stale processing
|
|
|
|
If we are in the process of looking for the A records as part of
|
|
dns64 processing and the server-stale timeout triggers, redo the
|
|
dns64 changes that had been made to the orignal qctx.
|
|
|
|
Conflict:NA
|
|
Reference:https://downloads.isc.org/isc/bind/9.18.24/patches/0003-CVE-2023-5679.patch
|
|
|
|
(cherry picked from commit 1fcc483df13e049b96f620e515f0d4d45f3680b7)
|
|
---
|
|
lib/ns/query.c | 7 +++++++
|
|
1 file changed, 7 insertions(+)
|
|
|
|
diff --git a/lib/ns/query.c b/lib/ns/query.c
|
|
index 61749c8..40e1232 100644
|
|
--- a/lib/ns/query.c
|
|
+++ b/lib/ns/query.c
|
|
@@ -6228,6 +6228,13 @@ query_lookup_stale(ns_client_t *client) {
|
|
query_ctx_t qctx;
|
|
|
|
qctx_init(client, NULL, client->query.qtype, &qctx);
|
|
+ if (DNS64(client)) {
|
|
+ qctx.qtype = qctx.type = dns_rdatatype_a;
|
|
+ qctx.dns64 = true;
|
|
+ }
|
|
+ if (DNS64EXCLUDE(client)) {
|
|
+ qctx.dns64_exclude = true;
|
|
+ }
|
|
dns_db_attach(client->view->cachedb, &qctx.db);
|
|
client->query.attributes &= ~NS_QUERYATTR_RECURSIONOK;
|
|
client->query.dboptions |= DNS_DBFIND_STALETIMEOUT;
|
|
--
|
|
2.33.0
|
|
|