diff options
author | Sebastian Huber <sebastian.huber@embedded-brains.de> | 2020-06-18 13:10:44 +0200 |
---|---|---|
committer | Sebastian Huber <sebastian.huber@embedded-brains.de> | 2020-06-23 18:13:59 +0200 |
commit | 8aace47bba82f7a1741a0040529fd333efe47c09 (patch) | |
tree | 33e00d1b284742feab93a31f61dc9d90f2e1d77f /mDNSResponder/mDNSCore/DNSCommon.h | |
parent | mDNSResponder: Update to v878.230.2 (diff) | |
download | rtems-libbsd-8aace47bba82f7a1741a0040529fd333efe47c09.tar.bz2 |
mDNSResponder: Update to v878.240.1
The sources can be obtained via:
https://opensource.apple.com/tarballs/mDNSResponder/mDNSResponder-878.240.1.tar.gz
Update #4010.
Diffstat (limited to 'mDNSResponder/mDNSCore/DNSCommon.h')
-rw-r--r-- | mDNSResponder/mDNSCore/DNSCommon.h | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/mDNSResponder/mDNSCore/DNSCommon.h b/mDNSResponder/mDNSCore/DNSCommon.h index b100a400..48dfe102 100644 --- a/mDNSResponder/mDNSCore/DNSCommon.h +++ b/mDNSResponder/mDNSCore/DNSCommon.h @@ -110,6 +110,13 @@ extern mDNSu32 mDNSRandom(mDNSu32 max); // Returns pseudo-random result from #define mDNSIsUpperCase(X) ((X) >= 'A' && (X) <= 'Z') #define mDNSIsLowerCase(X) ((X) >= 'a' && (X) <= 'z') #define mDNSIsLetter(X) (mDNSIsUpperCase(X) || mDNSIsLowerCase(X)) + +// We believe we have adequate safeguards to protect against cache poisoning. +// In the event that someone does find a workable cache poisoning attack, we want to limit the lifetime of the poisoned entry. +// We set the maximum allowable TTL to one hour. +// With the 25% correction factor to avoid the DNS Zeno's paradox bug, that gives us an actual maximum lifetime of 75 minutes. + +#define mDNSMaximumTTLSeconds (mDNSu32)3600 #define mDNSValidHostChar(X, notfirst, notlast) (mDNSIsLetter(X) || mDNSIsDigit(X) || ((notfirst) && (notlast) && (X) == '-') ) |