Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

net: dnsclient should be more robust against bogus UDP packets #13281

Closed
mdempsky opened this issue Nov 16, 2015 · 1 comment
Closed

net: dnsclient should be more robust against bogus UDP packets #13281

mdempsky opened this issue Nov 16, 2015 · 1 comment
Labels
FrozenDueToAge
Milestone
Go1.7

Comments

@mdempsky
Copy link
Member

Currently package net's dnsclient gives up on trying to query a DNS server over UDP if it receives a bogus DNS response (e.g., not a DNS packet, mismatched query ID, wrong query name). This makes it a bit more vulnerable to DNS forgery attacks. It would be better if in these cases that dnsclient continued waiting until the deadline for a legitimate response.
@mdempsky mdempsky self-assigned this Nov 16, 2015
@mdempsky mdempsky added this to the Go1.7 milestone Nov 16, 2015
@danp danp mentioned this issue Nov 17, 2015
Open
@mikioh mikioh mentioned this issue Nov 22, 2015
Closed
@gopherbot
Copy link

CL https://golang.org/cl/22126 mentions this issue.

@golang golang locked and limited conversation to collaborators Apr 22, 2017
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge
Projects
None yet
Milestone
Go1.7
Development

No branches or pull requests
2 participants
@mdempsky @gopherbot