[Openswan dev] long DNS query results may choke glibc
Michael Richardson
mcr at sandelman.ottawa.on.ca
Fri Sep 2 17:04:39 CEST 2005
-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "D" == D Hugh Redelmeier <hugh at mimosa.com> writes:
D> [Perhaps this should go to the users' list but I don't subscribe
D> to it.]
D> Users of *swan may have long DNS entries because DNS records can
D> be used to distribute public RSA keys.
I hope that anyone using DNS entries is using lwdnsq, which doesn't
use the code in glibc.
Also, in 2.5.x we will include all the code required to build lwdnsq,
rather than depending upon libisc/libdns, which creates unwanted
dependancies on a host of other shared objects.
I also hope that we will have a single binary that will figure out if
it needs to:
a) speak lwres to a local bind9
b) do recursive DNSSEC resolution itself (via libsresolv)
c) read /etc/resolv.conf and talk to those name servers.
- --
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Xelerance Corporation, Ottawa, ON |net architect[
] mcr at xelerance.com http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys
iQCVAwUBQxiwVoqHRg3pndX9AQE8YAP/Uxa76rqZUC7+EGBSErnz9FJwtCWGYYmG
TGpTIQ7XdM+S1OJelomdl3TB4fT/nP7x5wZWYl1GdO/z8xIQO4BMbvVvhsJCpeU/
lBhSMgFbRDOUfbk4+ywkRVgmRy2NF6kHKBX4Fm2yBDdtn7CroJaL2Xbavmp4ugV7
uLIIuFa1JqU=
=Asek
-----END PGP SIGNATURE-----
More information about the Dev
mailing list