Together with Mukund Sivaraman we found out PowerDNS sdig does not truncate

trailing bits of EDNS Client Subnet mask.  So if you'd truncate something as
a /9, we'd have to use 2 bytes anyhow, but we would not zero the last 7 bits.

We do now. Thanks Mukund & ISC!

diff --git a/pdns/ednssubnet.cc b/pdns/ednssubnet.cc
index d6b9f8e0069ac4caae585da9e627391370769674..4528be3f3c6f947fc43edf591d3f2f96834e4ac0 100644 (file)
--- a/pdns/ednssubnet.cc
+++ b/pdns/ednssubnet.cc
@@ -95,10 +95,13 @@ string makeEDNSSubnetOptsString(const EDNSSubnetOpts& eso)
   ret.assign((const char*)&esow, sizeof(esow));
   int octetsout = ((esow.sourceMask - 1)>> 3)+1;
 
+  ComboAddress src=eso.source.getNetwork();
+  src.truncate(esow.sourceMask);
+  
   if(family == htons(1)) 
-    ret.append((const char*) &eso.source.getNetwork().sin4.sin_addr.s_addr, octetsout);
+    ret.append((const char*) &src.sin4.sin_addr.s_addr, octetsout);
   else
-    ret.append((const char*) &eso.source.getNetwork().sin6.sin6_addr.s6_addr, octetsout);
+    ret.append((const char*) &src.sin6.sin6_addr.s6_addr, octetsout);
   return ret;
 }