mirror of
https://github.com/isc-projects/bind9.git
synced 2026-03-12 05:32:42 -04:00
716b936045
Previously a hard-coded limitation of maximum two key or message verification checks were introduced when checking the message's SIG(0) signature. It was done in order to protect against possible DoS attacks. The logic behind choosing the number two was that more than one key should only be required only during key rotations, and in that case two keys are enough. But later it became apparent that there are other use cases too where even more keys are required, see issue number #5050 in GitLab. This change introduces two new configuration options for the views, sig0key-checks-limit and sig0message-checks-limit, which define how many keys are allowed to be checked to find a matching key, and how many message verifications are allowed to take place once a matching key has been found. The latter protects against expensive cryptographic operations when there are keys with colliding tags and algorithm numbers, with default being 2, and the former protects against a bit less expensive key parsing operations and defaults to 16. |
||
|---|---|---|
| .. | ||
| include | ||
| .gitignore | ||
| bind9.xsl | ||
| builtin.c | ||
| config.c | ||
| control.c | ||
| controlconf.c | ||
| dlz_dlopen_driver.c | ||
| fuzz.c | ||
| geoip.c | ||
| log.c | ||
| logconf.c | ||
| main.c | ||
| Makefile.am | ||
| named.conf.rst | ||
| named.rst | ||
| os.c | ||
| server.c | ||
| statschannel.c | ||
| tkeyconf.c | ||
| transportconf.c | ||
| tsigconf.c | ||
| xsl_p.h | ||
| zoneconf.c | ||