[Feature] Add support of stub DNSSEC resolver to rdns

diff --git a/contrib/librdns/dns_private.h b/contrib/librdns/dns_private.h
index 28ab60a596e98168f2fe1169a554563eab5f3832..4e3f7c9a869f885873e684ea861eb2577434379e 100644 (file)
--- a/contrib/librdns/dns_private.h
+++ b/contrib/librdns/dns_private.h
@@ -144,7 +144,9 @@ struct dns_header {
        unsigned int rd:1;
 
        unsigned int ra:1;
-       unsigned int unused:3;
+       unsigned int cd : 1;
+       unsigned int ad : 1;
+       unsigned int z : 1;
        unsigned int rcode:4;
 #else
        unsigned int rd :1;
@@ -154,7 +156,9 @@ struct dns_header {
        unsigned int qr :1;
 
        unsigned int rcode :4;
-       unsigned int unused :3;
+       unsigned int z : 1;
+       unsigned int ad : 1;
+       unsigned int cd : 1;
        unsigned int ra :1;
 #endif
 

diff --git a/contrib/librdns/packet.c b/contrib/librdns/packet.c
index 532b5de91cb7682407448e921340c6fef6bb1b45..25f3d897936ed0eaeb2c515320d1ada60882a6ab 100644 (file)
--- a/contrib/librdns/packet.c
+++ b/contrib/librdns/packet.c
@@ -266,8 +266,11 @@ rdns_add_edns0 (struct rdns_request *req)
        *p16++ = htons (UDP_PACKET_SIZE);
        /* Extended rcode 00 00 */
        *p16++ = 0;
-       /* Z 10000000 00000000 to allow dnssec, disabled currently */
-       *p16++ = 0;
+       /* Z 10000000 00000000 to allow dnssec */
+       p8 = (uint8_t *)p16;
+       *p8++ = 0x80;
+       *p8++ = 0;
+       p16 = (uint16_t *)p8;
        /* Length */
        *p16 = 0;
        req->pos += sizeof (uint8_t) + sizeof (uint16_t) * 5;

diff --git a/contrib/librdns/rdns.h b/contrib/librdns/rdns.h
index 0728e5b9cbb34c364cd7860617a02976cfdc5396..56630536cb278dc98a229242837eaf14c44aabd0 100644 (file)
--- a/contrib/librdns/rdns.h
+++ b/contrib/librdns/rdns.h
@@ -133,6 +133,7 @@ struct rdns_reply {
        struct rdns_reply_entry *entries;
        const char *requested_name;
        enum dns_rcode code;
+       bool authenticated;
 };
 
 typedef void (*rdns_periodic_callback)(void *user_data);

diff --git a/contrib/librdns/resolver.c b/contrib/librdns/resolver.c
index 4027bf0ab79ec0c9730a2979fc2603e762c45691..20700ee3b013517c76596cbd958147460d1af280 100644 (file)
--- a/contrib/librdns/resolver.c
+++ b/contrib/librdns/resolver.c
@@ -119,6 +119,7 @@ rdns_make_reply (struct rdns_request *req, enum dns_rcode rcode)
                rep->entries = NULL;
                rep->code = rcode;
                req->reply = rep;
+               rep->authenticated = false;
        }
 
        return rep;
@@ -190,6 +191,10 @@ rdns_parse_reply (uint8_t *in, int r, struct rdns_request *req,
         */
        rep = rdns_make_reply (req, header->rcode);
 
+       if (header->ad) {
+               rep->authenticated = true;
+       }
+
        if (rep == NULL) {
                rdns_warn ("Cannot allocate memory for reply");
                return false;