- rpz-triggers, the added soa for client ip modified answers is affected

  by the minimal-responses config option.

diff --git a/cachedb/cachedb.c b/cachedb/cachedb.c
index 707319e85767a38d53300914c55720756c326e94..af4ffe5f28b5d05dd1437bad71212d1bdbd18c69 100644 (file)
--- a/cachedb/cachedb.c
+++ b/cachedb/cachedb.c
@@ -402,7 +402,7 @@ prep_data(struct module_qstate* qstate, struct sldns_buffer* buf)
                        qstate->return_msg->rep);
        if(!reply_info_answer_encode(&qstate->return_msg->qinfo,
                qstate->return_msg->rep, 0, qstate->query_flags,
-               buf, 0, 1, qstate->env->scratch, 65535, &edns, 1, 0, 0))
+               buf, 0, 1, qstate->env->scratch, 65535, &edns, 1, 0))
                return 0;
 
        /* TTLs in the return_msg are relative to time(0) so we have to

diff --git a/daemon/worker.c b/daemon/worker.c
index 421cd82c4f1bc1f154bd2e2da2ff06fde558b407..2ee8b8d9b5d248343e147aee6db259a92744600b 100644 (file)
--- a/daemon/worker.c
+++ b/daemon/worker.c
@@ -522,7 +522,7 @@ answer_norec_from_cache(struct worker* worker, struct query_info* qinfo,
                repinfo->c, worker->scratchpad) ||
                !reply_info_answer_encode(&msg->qinfo, msg->rep, id, flags, 
                repinfo->c->buffer, 0, 1, worker->scratchpad,
-               udpsize, edns, (int)(edns->bits & EDNS_DO), secure, 0)) {
+               udpsize, edns, (int)(edns->bits & EDNS_DO), secure)) {
                if(!inplace_cb_reply_servfail_call(&worker->env, qinfo, NULL, NULL,
                        LDNS_RCODE_SERVFAIL, edns, repinfo, worker->scratchpad,
                        worker->env.now_tv))
@@ -726,7 +726,7 @@ answer_from_cache(struct worker* worker, struct query_info* qinfo,
                repinfo->c, worker->scratchpad) ||
                !reply_info_answer_encode(qinfo, encode_rep, id, flags,
                repinfo->c->buffer, timenow, 1, worker->scratchpad,
-               udpsize, edns, (int)(edns->bits & EDNS_DO), *is_secure_answer, 0)) {
+               udpsize, edns, (int)(edns->bits & EDNS_DO), *is_secure_answer)) {
                if(!inplace_cb_reply_servfail_call(&worker->env, qinfo, NULL, NULL,
                        LDNS_RCODE_SERVFAIL, edns, repinfo, worker->scratchpad,
                        worker->env.now_tv))

diff --git a/services/authzone.c b/services/authzone.c
index 19f4625861d1ca1475cebf8e0fd0393b5bf4f27e..b0cfc4e26441ecbc86927fec59e624f0f4908f79 100644 (file)
--- a/services/authzone.c
+++ b/services/authzone.c
@@ -3495,7 +3495,7 @@ auth_answer_encode(struct query_info* qinfo, struct module_env* env,
                *(uint16_t*)sldns_buffer_begin(buf),
                sldns_buffer_read_u16_at(buf, 2),
                buf, 0, 0, temp, udpsize, edns,
-               (int)(edns->bits&EDNS_DO), 0, 0)) {
+               (int)(edns->bits&EDNS_DO), 0)) {
                error_encode(buf, (LDNS_RCODE_SERVFAIL|BIT_AA), qinfo,
                        *(uint16_t*)sldns_buffer_begin(buf),
                        sldns_buffer_read_u16_at(buf, 2), edns);

diff --git a/services/localzone.c b/services/localzone.c
index 6eecab62aaad78032b4f137379d855ddf3c91d7c..a24137eacd8d6336638171fcc65582582a7acea1 100644 (file)
--- a/services/localzone.c
+++ b/services/localzone.c
@@ -1261,7 +1261,7 @@ local_encode(struct query_info* qinfo, struct module_env* env,
        if(!inplace_cb_reply_local_call(env, qinfo, NULL, &rep, rcode, edns,
                repinfo, temp, env->now_tv) || !reply_info_answer_encode(qinfo, &rep,
                *(uint16_t*)sldns_buffer_begin(buf), sldns_buffer_read_u16_at(buf, 2),
-               buf, 0, 0, temp, udpsize, edns, (int)(edns->bits&EDNS_DO), 0, 0)) {
+               buf, 0, 0, temp, udpsize, edns, (int)(edns->bits&EDNS_DO), 0)) {
                error_encode(buf, (LDNS_RCODE_SERVFAIL|BIT_AA), qinfo,
                        *(uint16_t*)sldns_buffer_begin(buf),
                        sldns_buffer_read_u16_at(buf, 2), edns);

diff --git a/services/mesh.c b/services/mesh.c
index 3ff14a0ddbf23e6ba71d7ae6193e051dc575dfb2..f00ad3e86c542989ef69a294934485f76d424fa8 100644 (file)
--- a/services/mesh.c
+++ b/services/mesh.c
@@ -1167,7 +1167,7 @@ mesh_do_callback(struct mesh_state* m, int rcode, struct reply_info* rep,
                        !reply_info_answer_encode(&m->s.qinfo, rep, r->qid, 
                        r->qflags, r->buf, 0, 1, 
                        m->s.env->scratch, udp_size, &r->edns, 
-                       (int)(r->edns.bits & EDNS_DO), secure, 0)) 
+                       (int)(r->edns.bits & EDNS_DO), secure)) 
                {
                        fptr_ok(fptr_whitelist_mesh_cb(r->cb));
                        (*r->cb)(r->cb_arg, LDNS_RCODE_SERVFAIL, r->buf,
@@ -1313,7 +1313,7 @@ mesh_send_reply(struct mesh_state* m, int rcode, struct reply_info* rep,
                        !reply_info_answer_encode(&m->s.qinfo, rep, r->qid, 
                        r->qflags, r_buffer, 0, 1, m->s.env->scratch,
                        udp_size, &r->edns, (int)(r->edns.bits & EDNS_DO),
-                       secure, 0)) 
+                       secure)) 
                {
                        if(!inplace_cb_reply_servfail_call(m->s.env, &m->s.qinfo, &m->s,
                        rep, LDNS_RCODE_SERVFAIL, &r->edns, &r->query_reply, m->s.region, &r->start_time))

diff --git a/services/rpz.c b/services/rpz.c
index a612cc0946af431eedb25473ff727ae41af82c4e..d7bada4a99dba8da5170c97141dec5b6e840cb91 100644 (file)
--- a/services/rpz.c
+++ b/services/rpz.c
@@ -1528,8 +1528,7 @@ rpz_local_encode(struct module_env* env, struct query_info* qinfo,
                repinfo, temp, env->now_tv) ||
          !reply_info_answer_encode(qinfo, &rep,
                *(uint16_t*)sldns_buffer_begin(buf), sldns_buffer_read_u16_at(buf, 2),
-               buf, 0, 0, temp, udpsize, edns, (int)(edns->bits&EDNS_DO), 0,
-               1 /* not minimal */ )) {
+               buf, 0, 0, temp, udpsize, edns, (int)(edns->bits&EDNS_DO), 0)) {
                error_encode(buf, (LDNS_RCODE_SERVFAIL|BIT_AA), qinfo,
                        *(uint16_t*)sldns_buffer_begin(buf),
                        sldns_buffer_read_u16_at(buf, 2), edns);

diff --git a/testdata/rpz_clientip.rpl b/testdata/rpz_clientip.rpl
index 7d5b5330d33fff87d24c97ec569cd4b22a3b41ac..78e05ad919944be00b8c96458318361843af2f86 100644 (file)
--- a/testdata/rpz_clientip.rpl
+++ b/testdata/rpz_clientip.rpl
@@ -3,6 +3,7 @@ server:
        module-config: "respip validator iterator"
        target-fetch-policy: "0 0 0 0 0"
        qname-minimisation: no
+       minimal-responses: no
   access-control: 192.0.0.0/8 allow
 
 rpz:

diff --git a/util/data/msgencode.c b/util/data/msgencode.c
index 1cf30dd5d47158bcd3f068288199d0c723cc1708..5f297b551bfb179b9dd61a4113b3fa93cfec0d09 100644 (file)
--- a/util/data/msgencode.c
+++ b/util/data/msgencode.c
@@ -878,7 +878,7 @@ int
 reply_info_answer_encode(struct query_info* qinf, struct reply_info* rep, 
        uint16_t id, uint16_t qflags, sldns_buffer* pkt, time_t timenow,
        int cached, struct regional* region, uint16_t udpsize, 
-       struct edns_data* edns, int dnssec, int secure, int notminimal)
+       struct edns_data* edns, int dnssec, int secure)
 {
        uint16_t flags;
        unsigned int attach_edns = 0;
@@ -916,7 +916,7 @@ reply_info_answer_encode(struct query_info* qinf, struct reply_info* rep,
        }
 
        if(!reply_info_encode(qinf, rep, id, flags, pkt, timenow, region,
-               udpsize, dnssec, (notminimal?0:MINIMAL_RESPONSES))) {
+               udpsize, dnssec, MINIMAL_RESPONSES)) {
                log_err("reply encode: out of memory");
                return 0;
        }

diff --git a/util/data/msgencode.h b/util/data/msgencode.h
index 3baa0eaf983f3779c88c0d0fd6c01d35e8e34b07..30dc515cbe595eadcb0bf58b5ded21b32e55296c 100644 (file)
--- a/util/data/msgencode.h
+++ b/util/data/msgencode.h
@@ -64,14 +64,12 @@ struct edns_data;
  *     or if edns_present = 0, it is not included.
  * @param dnssec: if 0 DNSSEC records are omitted from the answer.
  * @param secure: if 1, the AD bit is set in the reply.
- * @param notminimal: if 1, ignore minimalresponses and include additional
- *     section anyway.
  * @return: 0 on error (server failure).
  */
 int reply_info_answer_encode(struct query_info* qinf, struct reply_info* rep, 
        uint16_t id, uint16_t qflags, struct sldns_buffer* dest, time_t timenow,
        int cached, struct regional* region, uint16_t udpsize, 
-       struct edns_data* edns, int dnssec, int secure, int notminimal);
+       struct edns_data* edns, int dnssec, int secure);
 
 /**
  * Regenerate the wireformat from the stored msg reply.