From: Remi Gacogne <remi.gacogne@powerdns.com>
Date: Tue, 26 Jan 2021 11:53:59 +0000 (+0100)
Subject: dnsdist: Fix EDNS in ServFail generated when no server is available
X-Git-Tag: dnsdist-1.6.0-alpha1~16^2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fpull%2F10012%2Fhead;p=thirdparty%2Fpdns.git

dnsdist: Fix EDNS in ServFail generated when no server is available
---

diff --git a/pdns/dnsdist.cc b/pdns/dnsdist.cc
index de81b75317..d0951a6042 100644
--- a/pdns/dnsdist.cc
+++ b/pdns/dnsdist.cc
@@ -1248,11 +1248,11 @@ ProcessQueryResult processQuery(DNSQuestion& dq, ClientState& cs, LocalHolders&
 
       vinfolog("%s query for %s|%s from %s, no policy applied", g_servFailOnNoPolicy ? "ServFailed" : "Dropped", dq.qname->toLogString(), QType(dq.qtype).getName(), dq.remote->toStringWithPort());
       if (g_servFailOnNoPolicy) {
-        restoreFlags(dq.getHeader(), dq.origFlags);
-
         dq.getHeader()->rcode = RCode::ServFail;
         dq.getHeader()->qr = true;
 
+        fixUpQueryTurnedResponse(dq, dq.origFlags);
+
         if (!prepareOutgoingResponse(holders, cs, dq, false)) {
           return ProcessQueryResult::Drop;
         }
diff --git a/regression-tests.dnsdist/test_Routing.py b/regression-tests.dnsdist/test_Routing.py
index 8567a3a8d8..8c5e337b58 100644
--- a/regression-tests.dnsdist/test_Routing.py
+++ b/regression-tests.dnsdist/test_Routing.py
@@ -524,6 +524,7 @@ class TestRoutingNoServer(DNSDistTest):
         """
         Routing: No server should return ServFail
         """
+        # without EDNS
         name = 'noserver.routing.tests.powerdns.com.'
         query = dns.message.make_query(name, 'A', 'IN')
         expectedResponse = dns.message.make_response(query)
@@ -532,7 +533,19 @@ class TestRoutingNoServer(DNSDistTest):
         for method in ("sendUDPQuery", "sendTCPQuery"):
             sender = getattr(self, method)
             (_, receivedResponse) = sender(query, response=None, useQueue=False)
-            self.assertEquals(receivedResponse, expectedResponse)
+            self.checkMessageNoEDNS(expectedResponse, receivedResponse)
+
+        # now with EDNS
+        query = dns.message.make_query(name, 'A', 'IN', use_edns=True, payload=4096, want_dnssec=False)
+        expectedResponse = dns.message.make_response(query, our_payload=1232)
+        expectedResponse.set_rcode(dns.rcode.SERVFAIL)
+
+        for method in ("sendUDPQuery", "sendTCPQuery"):
+            sender = getattr(self, method)
+            (_, receivedResponse) = sender(query, response=None, useQueue=False)
+            self.checkMessageEDNSWithoutOptions(expectedResponse, receivedResponse)
+            self.assertFalse(receivedResponse.ednsflags & dns.flags.DO)
+            self.assertEquals(receivedResponse.payload, 1232)
 
 class TestRoutingWRandom(DNSDistTest):