dnsdist: Handle header-only responses, handle Refused as Servfail in the cache #4812

merged 3 commits into from Dec 29, 2016


None yet

1 participant


Short description

@rygl reported that Unbound sends Refused responses containing only the DNS header, and that we didn't parse these correctly.
This patch also makes the packet cache use the same custom TTL for Refused responses than for ServFail ones.


I have:

  • read the CONTRIBUTING.md document
  • compiled and tested this code
  • included documentation (including possible behaviour changes)
  • documented the code
  • added regression tests
rgacogne added some commits Dec 22, 2016
@rgacogne rgacogne dnsdist: Handle responses with qdcount == 0
@rygl reported that unbound at least sends `Refused` responses
containing only the DNS header.
@rgacogne rgacogne dnsdist: Handle Refused as ServFail in the packet cache 2714396
@rgacogne rgacogne added this to the dnsdist-1.1.0 milestone Dec 23, 2016
@rgacogne rgacogne dnsdist: Check that cached responses are >= sizeof(dnsheader)
The check is done before inserting the response into the cache, but
it feels safer to check it again before passing it to `memcpy()`.
We check that the cached response is larger than
`sizeof(dnsheader) + qname` afterwards, but the previous commit
moved the header copy before that check.
@rgacogne rgacogne merged commit 2ea1f87 into PowerDNS:master Dec 29, 2016

1 check passed

continuous-integration/travis-ci/pr The Travis CI build passed
@rgacogne rgacogne deleted the rgacogne:dnsdist-qdcount-zero-responses branch Dec 29, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment