struct addrtree *tree;
if (edns->subnet_addr_fam == EDNSSUBNET_ADDRFAM_IP4) {
if (!data->tree4)
- data->tree4 = addrtree_create(EDNSSUBNET_MAX_SUBNET_IP4, &delfunc, &sizefunc, env, 0);
+ data->tree4 = addrtree_create(EDNSSUBNET_MAX_SUBNET_IP4,
+ &delfunc, &sizefunc, env, 0);
tree = data->tree4;
} else {
if (!data->tree6)
- data->tree6 = addrtree_create(EDNSSUBNET_MAX_SUBNET_IP6, &delfunc, &sizefunc, env, 0);
+ data->tree6 = addrtree_create(EDNSSUBNET_MAX_SUBNET_IP6,
+ &delfunc, &sizefunc, env, 0);
tree = data->tree6;
}
return tree;
rep->flags &= ~(BIT_AA | BIT_CD);/* a reply based on the cache */
addrtree_insert(tree, (addrkey_t*)edns->subnet_addr,
edns->subnet_source_mask,
- qstate->edns_server_in.subnet_scope_mask, rep, rep->ttl,
+ qstate->edns_server_in.subnet_scope_mask, rep, rep->ttl + *qstate->env->now,
*qstate->env->now);
if (acquired_lock) lock_rw_unlock(&lru_entry->lock);
}
e->copy_id = true;
} else if(str_keyword(&parse, "copy_query")) {
e->copy_query = true;
+ } else if(str_keyword(&parse, "copy_ednsdata_assume_clientsubnet")) {
+ e->copy_ednsdata_assume_clientsubnet = true;
} else if(str_keyword(&parse, "sleep=")) {
e->sleeptime = (unsigned int) strtol(parse, (char**)&parse, 10);
while(isspace((int)*parse))
e->reply_list = NULL;
e->copy_id = false;
e->copy_query = false;
+ e->copy_ednsdata_assume_clientsubnet = false;
e->sleeptime = 0;
e->next = NULL;
return e;
ldns_rr_list_deep_free(ldns_pkt_question(answer_pkt));
ldns_pkt_set_question(answer_pkt, list);
}
+ if(match->copy_ednsdata_assume_clientsubnet) {
+ /** copy ednsdata to reply, assume it is vandergaast and
+ * adjust scopemask to match sourcemask */
+ ldns_rdf* edns_rdf;
+ if (ldns_rdf_size(ldns_pkt_edns_data(query_pkt)) >= 8) {
+ edns_rdf = ldns_rdf_clone(ldns_pkt_edns_data(query_pkt));
+ ldns_rdf_data(edns_rdf)[7] = ldns_rdf_data(edns_rdf)[6];
+ ldns_pkt_set_edns_data(answer_pkt, edns_rdf);
+ }
+ }
if(match->sleeptime > 0) {
verbose(3, "sleeping for %d seconds\n", match->sleeptime);
#ifdef HAVE_SLEEP
--- /dev/null
+; Ask the same question twice. Check to see second is answered
+; from cache
+
+server:
+ trust-anchor: "example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b"
+ val-override-date: "20070916134226"
+ target-fetch-policy: "0 0 0 0 0"
+ send-client-subnet: 1.2.3.4
+ client-subnet-opcode: 20730
+ max-client-subnet-ipv4: 17
+ module-config: "subnetcache validator iterator"
+ verbosity: 3
+
+stub-zone:
+ name: "."
+ stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET.
+CONFIG_END
+
+SCENARIO_BEGIN Test validator with positive response
+
+; K.ROOT-SERVERS.NET.
+RANGE_BEGIN 0 100
+ ADDRESS 193.0.14.129
+ ENTRY_BEGIN
+ MATCH opcode qtype qname ednsdata
+ ADJUST copy_id
+ REPLY QR NOERROR
+ SECTION QUESTION
+ . IN NS
+ SECTION ANSWER
+ . IN NS K.ROOT-SERVERS.NET.
+ SECTION ADDITIONAL
+ HEX_EDNSDATA_BEGIN
+ ;; we expect to receive empty
+ HEX_EDNSDATA_END
+ K.ROOT-SERVERS.NET. IN A 193.0.14.129
+ ENTRY_END
+
+ ENTRY_BEGIN
+ MATCH opcode qtype qname
+ ADJUST copy_id
+ REPLY QR NOERROR
+ SECTION QUESTION
+ www.example.com. IN A
+ SECTION AUTHORITY
+ com. IN NS a.gtld-servers.net.
+ SECTION ADDITIONAL
+ a.gtld-servers.net. IN A 192.5.6.30
+ ENTRY_END
+RANGE_END
+
+; a.gtld-servers.net.
+RANGE_BEGIN 0 100
+ ADDRESS 192.5.6.30
+ ENTRY_BEGIN
+ MATCH opcode qtype qname ednsdata
+ ADJUST copy_id
+ REPLY QR NOERROR
+ SECTION QUESTION
+ com. IN NS
+ SECTION ANSWER
+ com. IN NS a.gtld-servers.net.
+ SECTION ADDITIONAL
+ HEX_EDNSDATA_BEGIN
+ ;; we expect to receive empty
+ HEX_EDNSDATA_END
+ a.gtld-servers.net. IN A 192.5.6.30
+ ENTRY_END
+
+ ENTRY_BEGIN
+ MATCH opcode qtype qname
+ ADJUST copy_id
+ REPLY QR NOERROR
+ SECTION QUESTION
+ www.example.com. IN A
+ SECTION AUTHORITY
+ example.com. IN NS ns.example.com.
+ SECTION ADDITIONAL
+ ns.example.com. IN A 1.2.3.4
+ ENTRY_END
+RANGE_END
+
+; ns.example.com.
+RANGE_BEGIN 0 100
+ ADDRESS 1.2.3.4
+ ENTRY_BEGIN
+ MATCH opcode qtype qname ednsdata
+ ADJUST copy_id
+ REPLY QR NOERROR
+ SECTION QUESTION
+ example.com. IN NS
+ SECTION ANSWER
+ example.com. IN NS ns.example.com.
+ example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
+ SECTION ADDITIONAL
+ HEX_EDNSDATA_BEGIN
+ ;; we expect to receive empty
+ HEX_EDNSDATA_END
+ ns.example.com. IN A 1.2.3.4
+ ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
+ ENTRY_END
+
+ ; response to DNSKEY priming query
+ ENTRY_BEGIN
+ MATCH opcode qtype qname ednsdata
+ ADJUST copy_id
+ REPLY QR NOERROR
+ SECTION QUESTION
+ example.com. IN DNSKEY
+ SECTION ANSWER
+ example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b}
+ example.com. 3600 IN RRSIG DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854}
+ SECTION AUTHORITY
+ example.com. IN NS ns.example.com.
+ example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
+ SECTION ADDITIONAL
+ HEX_EDNSDATA_BEGIN
+ ;; we expect to receive empty
+ HEX_EDNSDATA_END
+ ns.example.com. IN A 1.2.3.4
+ ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
+ ENTRY_END
+RANGE_END
+
+RANGE_BEGIN 0 10
+ ; response to query of interest
+ ENTRY_BEGIN
+ MATCH opcode qtype qname ednsdata
+ ADJUST copy_id copy_ednsdata_assume_clientsubnet
+ REPLY QR NOERROR
+ SECTION QUESTION
+ www.example.com. IN A
+ SECTION ANSWER
+ www.example.com. IN A 10.20.30.40
+ ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854}
+ SECTION AUTHORITY
+ example.com. IN NS ns.example.com.
+ example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
+ SECTION ADDITIONAL
+ HEX_EDNSDATA_BEGIN
+ ; client is 127.0.0.1
+ 50 fa ; OPC
+ 00 07 ; option length
+ 00 01 ; Family
+ 11 00 ; source mask, scopemask
+ 7f 00 00 ; address
+ HEX_EDNSDATA_END
+ ns.example.com. IN A 1.2.3.4
+ www.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854}
+ ENTRY_END
+RANGE_END
+
+STEP 1 QUERY
+ENTRY_BEGIN
+ HEX_ANSWER_BEGIN;
+ 00 00 01 00 00 01 00 00 ;ID 0
+ 00 00 00 01 03 77 77 77 ; www.example.com A? (DO)
+ 07 65 78 61 6d 70 6c 65
+ 03 63 6f 6d 00 00 01 00
+ 01 00 00 29 10 00 00 00
+ 80 00 00 0b
+
+ 50 fa 00 07 ; OPC, optlen
+ 00 01 11 00 ; ip4, scope 17, source 0
+ 7f 00 00 ;127.0.0.0/17
+ HEX_ANSWER_END
+ENTRY_END
+
+STEP 10 CHECK_ANSWER
+ENTRY_BEGIN
+ MATCH all ednsdata
+ REPLY QR RD RA AD NOERROR
+ SECTION QUESTION
+ www.example.com. IN A
+ SECTION ANSWER
+ www.example.com. IN A 10.20.30.40
+ www.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854}
+ SECTION AUTHORITY
+ example.com. IN NS ns.example.com.
+ example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
+ SECTION ADDITIONAL
+ HEX_EDNSDATA_BEGIN
+ ; client is 127.0.0.1
+ 50 fa ; OPC
+ 00 07 ; option length
+ 00 01 ; Family
+ 11 11 ; source mask, scopemask
+ 7f 00 00 ; address
+ HEX_EDNSDATA_END
+ ns.example.com. IN A 1.2.3.4
+ ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854}
+ENTRY_END
+
+STEP 11 QUERY
+
+ENTRY_BEGIN
+ HEX_ANSWER_BEGIN;
+ 00 00 01 00 00 01 00 00 ;ID 0
+ 00 00 00 01 03 77 77 77 ; www.example.com A? (DO)
+ 07 65 78 61 6d 70 6c 65
+ 03 63 6f 6d 00 00 01 00
+ 01 00 00 29 10 00 00 00
+ 80 00 00 0b
+
+ 50 fa 00 07 ; OPC, optlen
+ 00 01 11 00 ; ip4, scope 17, source 0
+ 7f 00 00 ;127.0.0.0/17
+ HEX_ANSWER_END
+ENTRY_END
+
+STEP 20 CHECK_ANSWER
+ENTRY_BEGIN
+ MATCH all ednsdata
+ REPLY QR RD RA AD NOERROR
+ SECTION QUESTION
+ www.example.com. IN A
+ SECTION ANSWER
+ www.example.com. IN A 10.20.30.40
+ www.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854}
+ SECTION AUTHORITY
+ example.com. IN NS ns.example.com.
+ example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
+ SECTION ADDITIONAL
+ HEX_EDNSDATA_BEGIN
+ ; client is 127.0.0.1
+ 50 fa ; OPC
+ 00 07 ; option length
+ 00 01 ; Family
+ 11 11 ; source mask, scopemask
+ 7f 00 00 ; address
+ HEX_EDNSDATA_END
+ ns.example.com. IN A 1.2.3.4
+ ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854}
+ENTRY_END
+
+SCENARIO_END
projects / thirdparty / unbound.git / commitdiff
