26 lines
1.1 KiB
Diff
26 lines
1.1 KiB
Diff
Description: fix controls for zone transfers not being properly applied to
|
|
Dynamically Loadable Zones (DLZs) if the zones are writable
|
|
Origin: provided by ISC
|
|
|
|
Index: bind9-9.11.4+dfsg/bin/named/xfrout.c
|
|
===================================================================
|
|
--- bind9-9.11.4+dfsg.orig/bin/named/xfrout.c 2019-02-20 09:02:00.710689380 +0100
|
|
+++ bind9-9.11.4+dfsg/bin/named/xfrout.c 2019-02-20 09:02:00.706689381 +0100
|
|
@@ -803,12 +803,12 @@ ns_xfr_start(ns_client_t *client, dns_rd
|
|
result = dns_zt_find(client->view->zonetable, question_name, 0, NULL,
|
|
&zone);
|
|
|
|
- if (result != ISC_R_SUCCESS) {
|
|
+ if (result != ISC_R_SUCCESS || dns_zone_gettype(zone) == dns_zone_dlz) {
|
|
/*
|
|
- * Normal zone table does not have a match.
|
|
- * Try the DLZ database
|
|
+ * The normal zone table does not have a match, or this is
|
|
+ * marked in the zone table as a DLZ zone. Check the DLZ
|
|
+ * databases for a match.
|
|
*/
|
|
- // Temporary: only searching the first DLZ database
|
|
if (! ISC_LIST_EMPTY(client->view->dlz_searched)) {
|
|
result = dns_dlzallowzonexfr(client->view,
|
|
question_name,
|