]> git.ipfire.org Git - thirdparty/unbound.git/commitdiff
projects / thirdparty / unbound.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 42ba5ae)
fix CH class response
authorTCY16 <tom@nlnetlabs.nl>
Tue, 28 Sep 2021 14:35:50 +0000 (16:35 +0200)
committerTCY16 <tom@nlnetlabs.nl>
Tue, 28 Sep 2021 14:35:50 +0000 (16:35 +0200)
daemon/worker.c patch | blob | blame | history

diff --git a/daemon/worker.c b/daemon/worker.c
index a1584a548d840631e4178c78e866fce7ad478698..2f2e62b324768731ada0b654b13376ebd6dacc2a 100644 (file)
--- a/daemon/worker.c
+++ b/daemon/worker.c
@@ -1057,13 +1057,21 @@ deny_refuse(struct comm_point* c, enum acl_access acl,
                         sldns_buffer_flip(c->buffer);
                        return 1;
                }
-               sldns_buffer_skip(c->buffer, (ssize_t)sizeof(uint16_t)); /* skip qtype  */
-               sldns_buffer_skip(c->buffer, (ssize_t)sizeof(uint16_t)); /* skip qclass */
-
                LDNS_QR_SET(sldns_buffer_begin(c->buffer));
                LDNS_RCODE_SET(sldns_buffer_begin(c->buffer), 
                        LDNS_RCODE_REFUSED);
 
+               sldns_buffer_skip(c->buffer, (ssize_t)sizeof(uint16_t)); /* skip qtype  */
+               
+               /* check the qclass */
+               if (sldns_buffer_read_u16(c->buffer) != LDNS_RR_CLASS_IN) {
+                       LDNS_ANCOUNT_SET(sldns_buffer_begin(c->buffer), 0);
+                       LDNS_NSCOUNT_SET(sldns_buffer_begin(c->buffer), 0);
+                       LDNS_ARCOUNT_SET(sldns_buffer_begin(c->buffer), 0);
+                       sldns_buffer_flip(c->buffer);
+                       return 1;
+               }
+
                /* check edns section is present */
                if(LDNS_ARCOUNT(sldns_buffer_begin(c->buffer)) != 1) {
                        LDNS_ANCOUNT_SET(sldns_buffer_begin(c->buffer), 0);
Mirror of https://github.com/NLnetLabs/unbound.git