From: Kees Monshouwer Date: Tue, 4 Jun 2019 18:02:24 +0000 (+0200) Subject: auth: always truncate when the additional records do not fit X-Git-Tag: dnsdist-1.4.0-beta1~2^2~1 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=06ba4702400afc4eb2983f768495aa71d55c5713;p=thirdparty%2Fpdns.git auth: always truncate when the additional records do not fit in a response fixes #7315 --- diff --git a/pdns/dnspacket.cc b/pdns/dnspacket.cc index c7f3070338..ac752f506f 100644 --- a/pdns/dnspacket.cc +++ b/pdns/dnspacket.cc @@ -340,10 +340,8 @@ void DNSPacket::wrapup() pos->dr.d_content->toPacket(pw); if(pw.size() + optsize > (d_tcp ? 65535 : getMaxReplyLen())) { pw.rollback(); - if(pos->dr.d_place == DNSResourceRecord::ANSWER || pos->dr.d_place == DNSResourceRecord::AUTHORITY) { - pw.truncate(); - pw.getHeader()->tc=1; - } + pw.truncate(); + pw.getHeader()->tc=1; goto noCommit; } } diff --git a/regression-tests/tests/too-big-for-udp-query-no-truncate-additional/command b/regression-tests/tests/too-big-for-udp-query-always-truncate-additional/command similarity index 100% rename from regression-tests/tests/too-big-for-udp-query-no-truncate-additional/command rename to regression-tests/tests/too-big-for-udp-query-always-truncate-additional/command diff --git a/regression-tests/tests/too-big-for-udp-query-no-truncate-additional/description b/regression-tests/tests/too-big-for-udp-query-always-truncate-additional/description similarity index 53% rename from regression-tests/tests/too-big-for-udp-query-no-truncate-additional/description rename to regression-tests/tests/too-big-for-udp-query-always-truncate-additional/description index e694a2fcad..b00e0ccc74 100644 --- a/regression-tests/tests/too-big-for-udp-query-no-truncate-additional/description +++ b/regression-tests/tests/too-big-for-udp-query-always-truncate-additional/description @@ -1,4 +1,6 @@ UDP dns packets can only be 512 bytes long - when they are longer, they need to get truncated, and have the 'TC' bit set, to inform the client that they need to requery over TCP. This query however does not need truncation, since -the information that causes things to go over limit is 'additional'. +the information that causes things to go over limit are 'courtesy' additionals. +But truncation is harmless and will avoid a lot of additional complexity. +https://tools.ietf.org/html/rfc4472#appendix-B diff --git a/regression-tests/tests/too-big-for-udp-query-always-truncate-additional/expected_result b/regression-tests/tests/too-big-for-udp-query-always-truncate-additional/expected_result new file mode 100644 index 0000000000..d714295eca --- /dev/null +++ b/regression-tests/tests/too-big-for-udp-query-always-truncate-additional/expected_result @@ -0,0 +1,2 @@ +Rcode: 0 (No Error), RD: 0, QR: 1, TC: 1, AA: 1, opcode: 0 +Reply to question for qname='together-too-much.example.com.', qtype=MX diff --git a/regression-tests/tests/too-big-for-udp-query-no-truncate-additional/expected_result b/regression-tests/tests/too-big-for-udp-query-no-truncate-additional/expected_result deleted file mode 100644 index 99aa1092ad..0000000000 --- a/regression-tests/tests/too-big-for-udp-query-no-truncate-additional/expected_result +++ /dev/null @@ -1,29 +0,0 @@ -0 together-too-much.example.com. IN MX 120 25 toomuchinfo-X.example.com. -0 together-too-much.example.com. IN MX 120 25 toomuchinfo-X.example.com. -2 toomuchinfo-X.example.com. IN A 120 192.168.99. -2 toomuchinfo-X.example.com. IN A 120 192.168.99. -2 toomuchinfo-X.example.com. IN A 120 192.168.99. -2 toomuchinfo-X.example.com. IN A 120 192.168.99. -2 toomuchinfo-X.example.com. IN A 120 192.168.99. -2 toomuchinfo-X.example.com. IN A 120 192.168.99. -2 toomuchinfo-X.example.com. IN A 120 192.168.99. -2 toomuchinfo-X.example.com. IN A 120 192.168.99. -2 toomuchinfo-X.example.com. IN A 120 192.168.99. -2 toomuchinfo-X.example.com. IN A 120 192.168.99. -2 toomuchinfo-X.example.com. IN A 120 192.168.99. -2 toomuchinfo-X.example.com. IN A 120 192.168.99. -2 toomuchinfo-X.example.com. IN A 120 192.168.99. -2 toomuchinfo-X.example.com. IN A 120 192.168.99. -2 toomuchinfo-X.example.com. IN A 120 192.168.99. -2 toomuchinfo-X.example.com. IN A 120 192.168.99. -2 toomuchinfo-X.example.com. IN A 120 192.168.99. -2 toomuchinfo-X.example.com. IN A 120 192.168.99. -2 toomuchinfo-X.example.com. IN A 120 192.168.99. -2 toomuchinfo-X.example.com. IN A 120 192.168.99. -2 toomuchinfo-X.example.com. IN A 120 192.168.99. -2 toomuchinfo-X.example.com. IN A 120 192.168.99. -2 toomuchinfo-X.example.com. IN A 120 192.168.99. -2 toomuchinfo-X.example.com. IN A 120 192.168.99. -2 toomuchinfo-X.example.com. IN A 120 192.168.99. -Rcode: 0 (No Error), RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0 -Reply to question for qname='together-too-much.example.com.', qtype=MX