bugfix: when the AD and CD bits are set in the DNS responses as per RFC 2065, they would erroneously be treated as part of the error code (RCODE). thanks Celebi Lui for the report in #14 and the original patch in #15.

Author: agentzh

lib/resty/dns/resolver.lua

@@ -335,7 +335,7 @@ local function parse_response(buf, id)
         return nil, "truncated"
     end
 
-    local code = band(flags, 0x7f)
+    local code = band(flags, 0xf)
 
     -- print(format("code: %d", code))
 

t/TestDNS.pm

@@ -120,9 +120,15 @@ sub gen_dns_reply ($$) {
     my $tc = $t->{tc} // 0;
     my $rd = $t->{rd} // 1;
     my $ra = $t->{ra} // 1;
+
+    my $ad = $t->{ad} // 0;
+    my $cd = $t->{cd} // 0;
+
     my $rcode = $t->{rcode} // 0;
 
-    my $flags = ($qr << 15) + ($opcode << 11) + ($aa << 10) + ($tc << 9) + ($rd << 8) + ($ra << 7) + $rcode;
+    my $flags = ($qr << 15) + ($opcode << 11) + ($aa << 10) + ($tc << 9)
+                + ($rd << 8) + ($ra << 7) + ($ad << 4) + ($cd << 5) + $rcode;
+
     #warn sprintf("flags: %b", $flags);
 
     $flags = pack("n", $flags);

t/mock.t

@@ -6,7 +6,7 @@ use Cwd qw(cwd);
 
 repeat_each(2);
 
-plan tests => repeat_each() * (3 * blocks() + 14);
+plan tests => repeat_each() * (3 * blocks() + 16);
 
 my $pwd = cwd();
 
@@ -1421,3 +1421,96 @@ records: [{"class":1,"name":"www.google.com","ttl":123456,"txt":["hello","world!
 --- no_error_log
 [error]
 
+
+
+=== TEST 30: single answer reply, good A answer (AD is set)
+--- http_config eval: $::HttpConfig
+--- config
+    location /t {
+        content_by_lua '
+            local resolver = require "resty.dns.resolver"
+
+            local r, err = resolver:new{
+                nameservers = { {"127.0.0.1", 1953} }
+            }
+            if not r then
+                ngx.say("failed to instantiate resolver: ", err)
+                return
+            end
+
+            r._id = 125
+
+            local ans, err = r:query("www.google.com", { qtype = r.TYPE_A })
+            if not ans then
+                ngx.say("failed to query: ", err)
+                return
+            end
+
+            local cjson = require "cjson"
+            ngx.say("records: ", cjson.encode(ans))
+        ';
+    }
+--- udp_listen: 1953
+--- udp_reply dns
+{
+    id => 125,
+    opcode => 0,
+    qname => 'www.google.com',
+    ad => 1,
+    answer => [{ name => "www.google.com", ipv4 => "127.0.0.1", ttl => 123456 }],
+}
+--- request
+GET /t
+--- udp_query eval
+"\x{00}}\x{01}\x{00}\x{00}\x{01}\x{00}\x{00}\x{00}\x{00}\x{00}\x{00}\x{03}www\x{06}google\x{03}com\x{00}\x{00}\x{01}\x{00}\x{01}"
+--- response_body
+records: [{"address":"127.0.0.1","type":1,"class":1,"name":"www.google.com","ttl":123456}]
+--- no_error_log
+[error]
+
+
+
+=== TEST 31: single answer reply, good A answer (CD is set)
+--- http_config eval: $::HttpConfig
+--- config
+    location /t {
+        content_by_lua '
+            local resolver = require "resty.dns.resolver"
+
+            local r, err = resolver:new{
+                nameservers = { {"127.0.0.1", 1953} }
+            }
+            if not r then
+                ngx.say("failed to instantiate resolver: ", err)
+                return
+            end
+
+            r._id = 125
+
+            local ans, err = r:query("www.google.com", { qtype = r.TYPE_A })
+            if not ans then
+                ngx.say("failed to query: ", err)
+                return
+            end
+
+            local cjson = require "cjson"
+            ngx.say("records: ", cjson.encode(ans))
+        ';
+    }
+--- udp_listen: 1953
+--- udp_reply dns
+{
+    id => 125,
+    opcode => 0,
+    qname => 'www.google.com',
+    cd => 1,
+    answer => [{ name => "www.google.com", ipv4 => "127.0.0.1", ttl => 123456 }],
+}
+--- request
+GET /t
+--- udp_query eval
+"\x{00}}\x{01}\x{00}\x{00}\x{01}\x{00}\x{00}\x{00}\x{00}\x{00}\x{00}\x{03}www\x{06}google\x{03}com\x{00}\x{00}\x{01}\x{00}\x{01}"
+--- response_body
+records: [{"address":"127.0.0.1","type":1,"class":1,"name":"www.google.com","ttl":123456}]
+--- no_error_log
+[error]