Permalink
Browse files

DNAME don't sign the synthesised CNAME

  • Loading branch information...
1 parent 65d3cb2 commit dce1e90d4bfedd907263a925ad7a91c2358fb955 @mind04 mind04 committed with mind04 Sep 23, 2014
@@ -260,6 +260,7 @@ vector<DNSResourceRecord> PacketHandler::getBestDNAMESynth(DNSPacket *p, SOAData
rr.qtype = QType::CNAME;
rr.qname = prefix + rr.qname;
rr.content = prefix + rr.content;
+ rr.auth = 0; // don't sign CNAME
target= rr.content;
ret.push_back(rr);
}
@@ -1,2 +1,2 @@
#!/bin/sh
-cleandig www.d.test.com A
+cleandig www.d.test.com A dnssec
@@ -13,6 +13,7 @@
1 . IN NS 518400 k.root-servers.net.
1 . IN NS 518400 l.root-servers.net.
1 . IN NS 518400 m.root-servers.net.
+2 . IN OPT 32768
2 a.root-servers.net. IN A 3600000 198.41.0.4
2 b.root-servers.net. IN A 3600000 192.228.79.201
2 c.root-servers.net. IN A 3600000 192.33.4.12
@@ -25,5 +26,6 @@
2 j.root-servers.net. IN A 3600000 192.58.128.30
2 k.root-servers.net. IN A 3600000 193.0.14.129
2 l.root-servers.net. IN A 3600000 199.7.83.42
+2 m.root-servers.net. IN A 3600000 202.12.27.33
Rcode: 0, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0
Reply to question for qname='www.d.test.com.', qtype=A
@@ -0,0 +1,32 @@
+0 d.test.com. IN DNAME 3600 d2.test2.com.
+0 d.test.com. IN RRSIG 3600 DNAME 8 3 3600 [expiry] [inception] [keytag] test.com. ...
+0 www.d.test.com. IN CNAME 3600 www.d2.test2.com.
+1 . IN NS 518400 a.root-servers.net.
+1 . IN NS 518400 b.root-servers.net.
+1 . IN NS 518400 c.root-servers.net.
+1 . IN NS 518400 d.root-servers.net.
+1 . IN NS 518400 e.root-servers.net.
+1 . IN NS 518400 f.root-servers.net.
+1 . IN NS 518400 g.root-servers.net.
+1 . IN NS 518400 h.root-servers.net.
+1 . IN NS 518400 i.root-servers.net.
+1 . IN NS 518400 j.root-servers.net.
+1 . IN NS 518400 k.root-servers.net.
+1 . IN NS 518400 l.root-servers.net.
+1 . IN NS 518400 m.root-servers.net.
+2 . IN OPT 32768
+2 a.root-servers.net. IN A 3600000 198.41.0.4
+2 b.root-servers.net. IN A 3600000 192.228.79.201
+2 c.root-servers.net. IN A 3600000 192.33.4.12
+2 d.root-servers.net. IN A 3600000 199.7.91.13
+2 e.root-servers.net. IN A 3600000 192.203.230.10
+2 f.root-servers.net. IN A 3600000 192.5.5.241
+2 g.root-servers.net. IN A 3600000 192.112.36.4
+2 h.root-servers.net. IN A 3600000 128.63.2.53
+2 i.root-servers.net. IN A 3600000 192.36.148.17
+2 j.root-servers.net. IN A 3600000 192.58.128.30
+2 k.root-servers.net. IN A 3600000 193.0.14.129
+2 l.root-servers.net. IN A 3600000 199.7.83.42
+2 m.root-servers.net. IN A 3600000 202.12.27.33
+Rcode: 0, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0
+Reply to question for qname='www.d.test.com.', qtype=A

0 comments on commit dce1e90

Please sign in to comment.