mirror/openwrt-packages
1
0
Fork 0
mirror of https://git.openwrt.org/feed/packages.git synced 2024-06-16 20:33:58 +02:00
Code Releases Activity
master
openwrt-packages/net/knot-resolver/patches/030-fix-policy-hack.patch
Michal Vasilek 5d2fd88693
knot-resolver: update to 5.5.3 
* fixes CVE-2022-40188

Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
2022-09-22 20:10:13 +02:00

14 lines
661 B
Diff
Raw Permalink Blame History

This patch fixes the problem with forwarding in knot-resolver v4.3.0.
It reintroduces a fix which enables policy related hack (knot/knot-resolver#205 (comment 94566) )
--- a/modules/policy/policy.lua
+++ b/modules/policy/policy.lua
@@ -1093,7 +1093,7 @@ policy.layer = {
if bit.band(state, bit.bor(kres.FAIL, kres.DONE)) ~= 0 then return state end
local qry = req:initial() -- same as :current() but more descriptive
return policy.evaluate(policy.rules, req, qry, state)
- or (special_names_optim(req, qry.sname)
+ or (true--special_names_optim(req, qry.sname)
and policy.evaluate(policy.special_names, req, qry, state))
or state
end,
View Git Blame Copy Permalink