Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 24 Jun 2024 11:56:01 +0000
From: "Lance Yang" <lance.yang@...ux.dev>
To: "Thorsten Glaser" <tg@...bsd.de>, musl@...ts.openwall.com
Cc: "Jan Mercl" <0xjnml@...il.com>, "Lance Yang" <ioworker0@...il.com>
Subject: Re: [PATCH 1/1] improve DNS resolution logic for parallel
 queries

June 24, 2024 at 2:52 AM, "Thorsten Glaser" <tg@...bsd.de> wrote:



> 
> Lance Yang dixit:
> 
> > 
> > I understand your concern that continuing the search after receiving an
> > 
> > NXDOMAIN response might pose a security risk. Will look into this issue
> > 
> 
> It’s not (just) a security risk, it’s how DNS works.
> 
> NXDOMAIN means “I am a nameserver responsible for resolving your
> 
> query, and I can state with confidence that the entry you requested
> 
> does not exist” so no other responsible nameserver’s response can
> 
> rightly differ.

Sorry to bother you again. Could you please let me know from which
document or standard this description is taken?

Any details about the specific RFC, technical documentation, or other
authoritative sources would be greatly appreciated.

Thanks,
Lance

> 
> If you need to merge different zones together, the normal method is
> 
> running a caching nameserver like dnscache from DJBDNS and configuring
> 
> it to ask specific upstream nameservers for specific zones, for example
> 
> “echo 192.168.178.1 >/service/dnscache/root/servers/box”, then it will
> 
> ask the normal root zone for normal requests but for *.box it’ll ask
> 
> a local Fritz!box instead.
> 
> bye,
> 
> //mirabilos
> 
> -- 
> 
> Solange man keine schmutzigen Tricks macht, und ich meine *wirklich*
> 
> schmutzige Tricks, wie bei einer doppelt verketteten Liste beide
> 
> Pointer XORen und in nur einem Word speichern, funktioniert Boehm ganz
> 
> hervorragend. -- Andreas Bogk über boehm-gc in d.a.s.r
>

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.