Permalink
Browse files

fix OPT inclusion in truncated responses to EDNS queries

  • Loading branch information...
1 parent 2ee9ba2 commit 90d361d86661c53749ee94817089beb9f5ab9c55 @Habbie Habbie committed Jun 18, 2013
View
@@ -310,7 +310,7 @@ void DNSPacket::wrapup()
if(pos->d_place == DNSResourceRecord::ANSWER || pos->d_place == DNSResourceRecord::AUTHORITY) {
pw.getHeader()->tc=1;
}
- goto noCommit;
+ goto truncated;
}
}
@@ -323,12 +323,15 @@ void DNSPacket::wrapup()
opts.push_back(make_pair(::arg().asNum("edns-subnet-option-number"), opt));
}
+ pw.commit();
+
+ truncated:;
+
if(!opts.empty() || d_haveednssection || d_dnssecOk)
+ {
pw.addOpt(2800, 0, d_dnssecOk ? EDNSOpts::DNSSECOK : 0, opts);
-
- if(!pw.getHeader()->tc) // protect against double commit from addSignature
pw.commit();
- noCommit:;
+ }
}
catch(std::exception& e) {
L<<Logger::Warning<<"Exception: "<<e.what()<<endl;
@@ -1,2 +1,2 @@
#!/bin/sh
-cleandig example.com RRSIG
+cleandig example.com RRSIG dnssec
@@ -1,3 +1,4 @@
1 example.com. IN SOA 86400 ns1.example.com. ahu.example.com. 2000081501 28800 7200 604800 86400
+2 . IN OPT 32768
Rcode: 0, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0
Reply to question for qname='example.com.', qtype=RRSIG
@@ -1,4 +1,8 @@
0 example.com. IN RRSIG 100000 SOA 8 2 100000 [expiry] [inception] [keytag] example.com. ...
+0 example.com. IN RRSIG 120 MX 8 2 120 [expiry] [inception] [keytag] example.com. ...
0 example.com. IN RRSIG 120 NS 8 2 120 [expiry] [inception] [keytag] example.com. ...
-Rcode: 0, RD: 0, QR: 1, TC: 1, AA: 1, opcode: 0
+0 example.com. IN RRSIG 86400 DNSKEY 8 2 86400 [expiry] [inception] [keytag] example.com. ...
+0 example.com. IN RRSIG 86400 NSEC 8 2 86400 [expiry] [inception] [keytag] example.com. ...
+2 . IN OPT 32768
+Rcode: 0, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0
Reply to question for qname='example.com.', qtype=RRSIG

0 comments on commit 90d361d

Please sign in to comment.