Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

net: dnsclient should be more robust against bogus UDP packets #13281

Closed
mdempsky opened this issue Nov 16, 2015 · 1 comment

Comments

Projects
None yet
2 participants
@mdempsky
Copy link
Member

commented Nov 16, 2015

Currently package net's dnsclient gives up on trying to query a DNS server over UDP if it receives a bogus DNS response (e.g., not a DNS packet, mismatched query ID, wrong query name). This makes it a bit more vulnerable to DNS forgery attacks. It would be better if in these cases that dnsclient continued waiting until the deadline for a legitimate response.

@gopherbot

This comment has been minimized.

Copy link

commented Apr 16, 2016

CL https://golang.org/cl/22126 mentions this issue.

@gopherbot gopherbot closed this in 3411d63 Apr 22, 2016

@golang golang locked and limited conversation to collaborators Apr 22, 2017

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
You can’t perform that action at this time.