From 42b74b2549a0891d22d649ac2404abee2d26ccda Mon Sep 17 00:00:00 2001
From: Doug Barton <dougb@FreeBSD.org>
Date: Wed, 6 Sep 2006 21:27:11 +0000
Subject: Vendor import of BIND 9.3.2-P1, which addresses the following
 security vulnerabilities:

http://www.niscc.gov.uk/niscc/docs/re-20060905-00590.pdf?lang=en
2066.  [security]      Handle SIG queries gracefully. [RT #16300]

http://www.kb.cert.org/vuls/id/697164
1941.  [bug]           ncache_adderesult() should set eresult even if no
                       rdataset is passed to it. [RT #15642]

All users of BIND 9 are encouraged to upgrade to this version.
---
 contrib/bind9/bin/named/query.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'contrib/bind9/bin/named/query.c')

diff --git a/contrib/bind9/bin/named/query.c b/contrib/bind9/bin/named/query.c
index 75102fd1369d..b20324b3fd61 100644
--- a/contrib/bind9/bin/named/query.c
+++ b/contrib/bind9/bin/named/query.c
@@ -15,7 +15,7 @@
  * PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: query.c,v 1.198.2.13.4.36 2005/08/11 05:25:20 marka Exp $ */
+/* $Id: query.c,v 1.198.2.13.4.36.6.1 2006/08/17 07:12:31 marka Exp $ */
 
 #include <config.h>
 
@@ -2393,7 +2393,7 @@ query_find(ns_client_t *client, dns_fetchevent_t *event, dns_rdatatype_t qtype)
 		is_zone = ISC_FALSE;
 
 		qtype = event->qtype;
-		if (qtype == dns_rdatatype_rrsig)
+		if (qtype == dns_rdatatype_rrsig || qtype == dns_rdatatype_sig)
 			type = dns_rdatatype_any;
 		else
 			type = qtype;
@@ -2434,7 +2434,7 @@ query_find(ns_client_t *client, dns_fetchevent_t *event, dns_rdatatype_t qtype)
 	/*
 	 * If it's a SIG query, we'll iterate the node.
 	 */
-	if (qtype == dns_rdatatype_rrsig)
+	if (qtype == dns_rdatatype_rrsig || qtype == dns_rdatatype_sig)
 		type = dns_rdatatype_any;
 	else
 		type = qtype;
-- 
cgit v1.2.3