MINOR: dns: Update analysis of TRUNCATED response for SRV records

First implementation of the DNS parser used to consider TRUNCATED
responses as errors and triggered a failover to an other query type
(usually A to AAAA or vice-versa).

When we query for SRV records, a TRUNCATED response still contains valid
records we can exploit, so we shouldn't trigger a failover in such case.

Note that we had to move the maching against the flag later in the
response parsing (actually, until we can read the query type....)

diff --git a/src/dns.c b/src/dns.c
index 00f7b10ca5f6d26f7c4d6420d57b85f7f96003bd..c3905f9ca02f26dc5251e3430b7b9eafabde810d 100644 (file)
--- a/src/dns.c
+++ b/src/dns.c
@@ -1037,6 +1037,7 @@ int dns_validate_dns_response(unsigned char *resp, unsigned char *bufend, struct
        reader = resp;
        len = 0;
        previous_dname = NULL;
+       dns_query = NULL;
 
        /* initialization of response buffer and structure */
        dns_p = &resolution->response;
@@ -1061,9 +1062,6 @@ int dns_validate_dns_response(unsigned char *resp, unsigned char *bufend, struct
 
        flags = reader[0] * 256 + reader[1];
 
-       if (flags & DNS_FLAG_TRUNCATED)
-               return DNS_RESP_TRUNCATED;
-
        if ((flags & DNS_FLAG_REPLYCODE) != DNS_RCODE_NO_ERROR) {
                if ((flags & DNS_FLAG_REPLYCODE) == DNS_RCODE_NX_DOMAIN)
                        return DNS_RESP_NX_DOMAIN;
@@ -1148,6 +1146,12 @@ int dns_validate_dns_response(unsigned char *resp, unsigned char *bufend, struct
                reader += 2;
        }
 
+       /* TRUNCATED flag must be checked after we could read the query type
+        * because a TRUNCATED SRV query type response can still be exploited
+        */
+       if (dns_query->type != DNS_RTYPE_SRV && flags & DNS_FLAG_TRUNCATED)
+               return DNS_RESP_TRUNCATED;
+
        /* now parsing response records */
        nb_saved_records = 0;
        for (i = 0; i < dns_p->header.ancount; i++) {