diff options
| author | Simon Kelley <simon@thekelleys.org.uk> | 2014-03-01 20:03:47 +0000 |
|---|---|---|
| committer | Simon Kelley <simon@thekelleys.org.uk> | 2014-03-01 20:03:47 +0000 |
| commit | 1fbe4d2f5ff8389ae8c721f50ac99cb94f0012f0 (patch) | |
| tree | 4e7bcc16486bb339121f523cfd104f8698a9805a | |
| parent | 0575610fa136d5c6afe951fcbad76841230a808e (diff) | |
| download | dnsmasq-1fbe4d2f5ff8389ae8c721f50ac99cb94f0012f0.tar.gz | |
Tweak tuning params.
| -rw-r--r-- | src/config.h | 3 | ||||
| -rw-r--r-- | src/dnssec.c | 4 | ||||
| -rw-r--r-- | src/rfc1035.c | 2 |
3 files changed, 5 insertions, 4 deletions
diff --git a/src/config.h b/src/config.h index b564b8b..a1501ca 100644 --- a/src/config.h +++ b/src/config.h @@ -31,7 +31,8 @@ #define PING_CACHE_TIME 30 /* Ping test assumed to be valid this long. */ #define DECLINE_BACKOFF 600 /* disable DECLINEd static addresses for this long */ #define DHCP_PACKET_MAX 16384 /* hard limit on DHCP packet size */ -#define SMALLDNAME 40 /* most domain names are smaller than this */ +#define SMALLDNAME 50 /* most domain names are smaller than this */ +#define CNAME_CHAIN 10 /* chains longer than this atr dropped for loop protection */ #define HOSTSFILE "/etc/hosts" #define ETHERSFILE "/etc/ethers" #define DEFLEASE 3600 /* default lease time, 1 hour */ diff --git a/src/dnssec.c b/src/dnssec.c index 6639188..c68640a 100644 --- a/src/dnssec.c +++ b/src/dnssec.c @@ -1653,7 +1653,7 @@ int dnssec_validate_reply(time_t now, struct dns_header *header, size_t plen, ch { unsigned char *ans_start, *qname, *p1, *p2, **nsecs; int type1, class1, rdlen1, type2, class2, rdlen2, qclass, qtype; - int i, j, rc, nsec_count, cname_count = 10; + int i, j, rc, nsec_count, cname_count = CNAME_CHAIN; int nsec_type = 0, have_answer = 0; if (neganswer) @@ -1930,7 +1930,7 @@ int dnssec_chase_cname(time_t now, struct dns_header *header, size_t plen, char { unsigned char *p = (unsigned char *)(header+1); int type, class, qtype, qclass, rdlen, j, rc; - int cname_count = 10; + int cname_count = CNAME_CHAIN; /* Get question */ if (!extract_name(header, plen, &p, name, 1, 4)) diff --git a/src/rfc1035.c b/src/rfc1035.c index 2fd43e2..15b4261 100644 --- a/src/rfc1035.c +++ b/src/rfc1035.c @@ -927,7 +927,7 @@ int extract_addresses(struct dns_header *header, size_t qlen, char *name, time_t for (i = ntohs(header->qdcount); i != 0; i--) { - int found = 0, cname_count = 10; + int found = 0, cname_count = CNAME_CHAIN; struct crec *cpp = NULL; int flags = RCODE(header) == NXDOMAIN ? F_NXDOMAIN : 0; int secflag = secure ? F_DNSSECOK : 0; |