Please sign in to comment.
Drop duplicate query ID handling
Protection against the Kaminsky attack requires query IDs to be random, but it doesn't require them to be unique. And since net-dns opens a new socket for each query it performs, it doesn't rely on the uniqueness of the query ID to map requests to responses. Requiring unique query IDs limits net-dns to only making 65535 lookups before it starts spinning in circles, trying to generate a query ID it hasn't seen before, when in fact they have all been generated. So instead, generate random query IDs, but don't require them to be unique.
- Loading branch information...
Showing with 1 addition and 17 deletions.