Izibuyekezo zokulungisa amagatsha azinzile eseva ye-BIND DNS 9.11.18 kanye ne-9.16.2, kanye negatsha lokuthuthukiswa kokuhlola 9.17.1. Kuma-release amasha inkinga yokuphepha ehlobene nokungasebenzi kahle kokuvikela ekuhlaselweni"uma usebenza kumodi yokudlulisela iseva ye-DNS (bheka isigaba esithi "Abadluliselayo" kuzilungiselelo). Ngaphezu kwalokho, kwenziwe umsebenzi wokunciphisa usayizi wezibalo zesiginesha yedijithali ye-DNSSEC egcinwe kwimemori—inani lezinkinobho ezilandelwayo lehlisiwe laba ezine endaweni ngayinye, okwanele kuma-99% ezimweni.
Indlela "yokubopha kabusha i-DNS" ivumela, lapho umsebenzisi evula ikhasi elithile kusiphequluli, ukuthi asungule uxhumano lwe-WebSocket nesevisi yenethiwekhi kunethiwekhi yangaphakathi engafinyeleleki ngokufinyelela okuqondile kwe-inthanethi. Ukuze kugwenywe ukuvikelwa kwesiphequluli esinqamula imvelaphi, igama lomphathi we-DNS lomhlaseli liyashintshwa. Iseva ye-DNS yomhlaseli ilungiselelwe ukubuyisela amakheli amabili e-IP ngokushintshana: isicelo sokuqala sibuyisela ikheli langempela le-IP leseva ephethe ikhasi, kanti izicelo ezilandelayo zibuyisela ikheli langaphakathi ledivayisi (isb., 192.168.10.1).
Isikhathi sokuphila (i-TTL) sempendulo yokuqala sisethwe enanini elincane, ngakho-ke lapho ikhasi livuliwe, isiphequluli sinquma i-IP yangempela yeseva yomhlaseli bese silayisha okuqukethwe kwekhasi. Ikhodi ye-JavaScript isebenza ekhasini, ilinde ukuthi i-TTL iphelelwe yisikhathi, bese ithumela isicelo sesibili, manje esikhomba i-host njengo-192.168.10.1. Lokhu kuvumela i-JavaScript ukufinyelela isevisi ngaphakathi kwenethiwekhi yendawo, idlula umkhawulo we-cross-origin. Ukuvikelwa ekuhlaselweni okunjalo ku-BIND kusekelwe ekuvimbeleni amaseva angaphandle ekubuyiseleni amakheli e-IP enethiwekhi yangaphakathi yamanje noma ama-alias e-CNAME ezizindeni zasendaweni kusetshenziswa izilungiselelo zama-alias e-denial-answer kanye nama-alias e-denial-answer.
Source: opennet.ru
