alessio 887502e37d Drop malformed notify messages early instead of decompressing them ... The DNS header shows if a message has multiple questions or invalid NOTIFY sections. We can drop these messages early, right after parsing the question. This matches RFC 9619 for multi-question messages and Unbound's handling of NOTIFY. To further add further robustness, we include an additional check for unknown opcodes, and also drop those messages early. Add early_sanity_check() function to check for these conditions: - Messages with more than one question, as required by RFC 9619 - NOTIFY query messages containing answer sections (like Unbound) - NOTIFY messages containing authority sections (like Unbound) - Unknown opcodes.		2025-02-25 10:40:38 +01:00
..
dns	Drop malformed notify messages early instead of decompressing them	2025-02-25 10:40:38 +01:00
isc	Explicitly create and shutdown the call_rcu_thread	2025-02-22 16:19:01 +01:00
isccc	Refactor and simplify isc_symtab	2025-02-17 11:43:19 +01:00
isccfg	Implement sig0key-checks-limit and sig0message-checks-limit	2025-02-20 13:35:14 +00:00
ns	Fix RPZ bug when resuming a query during a reconfiguration	2025-02-21 11:10:15 +00:00
.gitignore	The isc/platform.h header has been completely removed	2021-07-06 05:33:48 +00:00
Makefile.am	Move irs_resconf into libdns and remove libirs	2023-02-24 09:38:59 +00:00