return FLAGS_SET(q->answer_query_flags, SD_RESOLVED_CONFIDENTIAL) && !q->previous_redirect_non_confidential;
}
+
+bool dns_query_fully_synthetic(DnsQuery *q) {
+ assert(q);
+
+ return (q->answer_query_flags & (SD_RESOLVED_SYNTHETIC | SD_RESOLVED_FROM_TRUST_ANCHOR)) &&
+ !(q->answer_query_flags & SD_RESOLVED_FROM_MASK & ~SD_RESOLVED_FROM_TRUST_ANCHOR);
+}
bool dns_query_fully_authenticated(DnsQuery *q);
bool dns_query_fully_confidential(DnsQuery *q);
+bool dns_query_fully_synthetic(DnsQuery *q);
static inline uint64_t dns_query_reply_flags_make(DnsQuery *q) {
assert(q);
uint16_t id,
int rcode,
bool tc, /* set the Truncated bit? */
+ bool aa, /* set the Authoritative Answer bit? */
bool add_opt, /* add an OPT RR to this packet? */
bool edns0_do, /* set the EDNS0 DNSSEC OK bit? */
bool ad, /* set the DNSSEC authenticated data bit? */
DNS_PACKET_HEADER(p)->flags = htobe16(DNS_PACKET_MAKE_FLAGS(
1 /* qr */,
0 /* opcode */,
- 0 /* aa */,
+ aa /* aa */,
tc /* tc */,
1 /* rd */,
1 /* ra */,
DNS_PACKET_ID(q->request_packet),
rcode,
truncated,
+ dns_query_fully_synthetic(q),
!!q->request_packet->opt,
edns0_do,
DNS_PACKET_AD(q->request_packet) && dns_query_fully_authenticated(q),
DNS_PACKET_ID(p),
rcode,
truncated,
+ false,
!!p->opt,
DNS_PACKET_DO(p),
DNS_PACKET_AD(p) && authenticated,