Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

dnsdist: Handle header-only responses, handle Refused as Servfail in the cache #4812

merged 3 commits into from Dec 29, 2016


Copy link

Short description

@rygl reported that Unbound sends Refused responses containing only the DNS header, and that we didn't parse these correctly.
This patch also makes the packet cache use the same custom TTL for Refused responses than for ServFail ones.


I have:

  • read the document
  • compiled and tested this code
  • included documentation (including possible behaviour changes)
  • documented the code
  • added regression tests

@rygl reported that unbound at least sends `Refused` responses
containing only the DNS header.
The check is done before inserting the response into the cache, but
it feels safer to check it again before passing it to `memcpy()`.
We check that the cached response is larger than
`sizeof(dnsheader) + qname` afterwards, but the previous commit
moved the header copy before that check.
@rgacogne rgacogne merged commit 2ea1f87 into PowerDNS:master Dec 29, 2016
@rgacogne rgacogne deleted the dnsdist-qdcount-zero-responses branch December 29, 2016 12:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet

Successfully merging this pull request may close these issues.

None yet

1 participant