13568961ec
As per https://www.icann.org/en/system/files/files/name-collision-mitigation-01aug14-en.pdf prior to a new top-level domain being put into service there is controlled interuption service which will return explicit responses to DNS A, MX, SRV, and TXT queries that can be used to detect private namespace collisions. When performing fallback_get_hosts() check the AF_INET responses to ensure that they are not the gTLD name collision address 127.0.53.53. If so, add an error message to the context and return KRB5_KDC_UNREACH. Write a warning to the log (if any). Change-Id: I2578f13948b8327cc3f06542c1e489f02410143a
29 KiB
29 KiB