]> git.ipfire.org Git - thirdparty/knot-resolver.git/commitdiff
projects / thirdparty / knot-resolver.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d25b881)
daemon: proper initialization of requests's source address
authorGrigorii Demidov <grigorii.demidov@nic.cz>
Wed, 30 Dec 2015 10:44:48 +0000 (11:44 +0100)
committerMarek Vavrusa <marek@vavrusa.com>
Mon, 11 Jan 2016 02:10:40 +0000 (18:10 -0800)
lib: answer finalization was changed

daemon/worker.c patch | blob | blame | history
lib/resolve.c patch | blob | blame | history

diff --git a/daemon/worker.c b/daemon/worker.c
index 34d1f003cea2db4e6b6dc9824a4040b6196d4385..b541b1eee70a811166a56f1879336b5e0a9b89a1 100644 (file)
--- a/daemon/worker.c
+++ b/daemon/worker.c
@@ -265,6 +265,8 @@ static struct qr_task *qr_task_create(struct worker_ctx *worker, uv_handle_t *ha
        task->retry.data = task;
        task->timeout.data = task;
        task->on_complete = NULL;
+       task->req.qsource.key = NULL;
+       task->req.qsource.addr = NULL;
        /* Remember query source addr */
        if (addr) {
                size_t addr_len = sizeof(struct sockaddr_in);
diff --git a/lib/resolve.c b/lib/resolve.c
index 3999a14bff6050438244f51929c5064dd0da8b00..e104faf957cb1dbc15ef5823b569284de6493b00 100644 (file)
--- a/lib/resolve.c
+++ b/lib/resolve.c
@@ -313,8 +313,15 @@ static int answer_finalize(struct kr_request *request, int state)
                        return ret;
                }
        }
-       /* Set AD=1 if succeeded and requested secured answer. */
        struct kr_rplan *rplan = &request->rplan;
+       /* Always set SERVFAIL for bogus answers. */
+       if (state == KNOT_STATE_FAIL && rplan->pending.len > 0) {
+               struct kr_query *last = array_tail(rplan->pending);
+               if ((last->flags & QUERY_DNSSEC_WANT) && (last->flags & QUERY_DNSSEC_BOGUS)) {
+                       knot_wire_set_rcode(answer->wire,KNOT_RCODE_SERVFAIL);
+               }
+       }
+       /* Set AD=1 if succeeded and requested secured answer. */
        if (state == KNOT_STATE_DONE && rplan->resolved.len > 0) {
                struct kr_query *last = array_tail(rplan->resolved);
                /* Do not set AD for RRSIG query, as we can't validate it. */
@@ -362,8 +369,6 @@ int kr_resolve_begin(struct kr_request *request, struct kr_context *ctx, knot_pk
        request->options = ctx->options;
        request->state = KNOT_STATE_CONSUME;
        request->current_query = NULL;
-       request->qsource.key = NULL;
-       request->qsource.addr = NULL;
        array_init(request->authority);
        array_init(request->additional);
 
Mirror of https://gitlab.nic.cz/knot/knot-resolver.git