Permalink
Browse files

rec: Don't take the initial ECS source for a scope one if EDNS is off

(cherry picked from commit fe61f5d)
  • Loading branch information...
rgacogne committed Jun 2, 2017
1 parent 2325010 commit 261591b6f517f6fcfdaad7501ce7c068d25ae369
Showing with 8 additions and 4 deletions.
  1. +6 −2 pdns/lwres.cc
  2. +1 −1 pdns/recursor_cache.hh
  3. +1 −1 pdns/syncres.cc
View
@@ -116,20 +116,20 @@ int asyncresolve(const ComboAddress& ip, const DNSName& domain, int type, bool d
string ping;
bool weWantEDNSSubnet=false;
if(EDNS0Level) {
if(EDNS0Level > 0) {
DNSPacketWriter::optvect_t opts;
if(srcmask) {
EDNSSubnetOpts eo;
eo.source = *srcmask;
// cout<<"Adding request mask: "<<eo.source.toString()<<endl;
opts.push_back(make_pair(8, makeEDNSSubnetOptsString(eo)));
srcmask=boost::optional<Netmask>(); // this is also our return value
weWantEDNSSubnet=true;
}
pw.addOpt(g_outgoingEDNSBufsize, 0, g_dnssecmode == DNSSECMode::Off ? 0 : EDNSOpts::DNSSECOK, opts);
pw.commit();
}
srcmask = boost::none; // this is also our return value, even if EDNS0Level == 0
lwr->d_rcode = 0;
lwr->d_haveEDNS = false;
int ret;
@@ -255,6 +255,10 @@ int asyncresolve(const ComboAddress& ip, const DNSName& domain, int type, bool d
EDNSSubnetOpts reso;
if(getEDNSSubnetOptsFromString(opt.second, &reso)) {
// cerr<<"EDNS Subnet response: "<<reso.source.toString()<<", scope: "<<reso.scope.toString()<<", family = "<<reso.scope.getNetwork().sin4.sin_family<<endl;
/* rfc7871 states that 0 "indicate[s] that the answer is suitable for all addresses in FAMILY",
so we might want to still pass the information along to be able to differentiate between
IPv4 and IPv6. Still I'm pretty sure it doesn't matter in real life, so let's not duplicate
entries in our cache. */
if(reso.scope.getBits())
srcmask = reso.scope;
}
View
@@ -55,7 +55,7 @@ public:
unsigned int bytes();
int get(time_t, const DNSName &qname, const QType& qt, vector<DNSRecord>* res, const ComboAddress& who, vector<std::shared_ptr<RRSIGRecordContent>>* signatures=0, bool* variable=0);
void replace(time_t, const DNSName &qname, const QType& qt, const vector<DNSRecord>& content, const vector<shared_ptr<RRSIGRecordContent>>& signatures, bool auth, boost::optional<Netmask> ednsmask=boost::optional<Netmask>());
void replace(time_t, const DNSName &qname, const QType& qt, const vector<DNSRecord>& content, const vector<shared_ptr<RRSIGRecordContent>>& signatures, bool auth, boost::optional<Netmask> ednsmask=boost::none);
void doPrune(void);
void doSlash(int perc);
uint64_t doDump(int fd);
View
@@ -356,7 +356,7 @@ int SyncRes::asyncresolveWrapper(const ComboAddress& ip, bool ednsMANDATORY, con
SyncRes::EDNSStatus::EDNSMode& mode=ednsstatus->mode;
SyncRes::EDNSStatus::EDNSMode oldmode = mode;
int EDNSLevel=0;
int EDNSLevel = 0;
auto luaconfsLocal = g_luaconfs.getLocal();
ResolveContext ctx;
#ifdef HAVE_PROTOBUF

0 comments on commit 261591b

Please sign in to comment.