dig: remove "+unexpected" option

The network manager does not support returning UDP datagrams to
clients from unexpected sources; it is therefore not possible for
dig to accept them.  The "+[no]unexpected" option has therefore
been removed from the dig command and its documentation.

diff --git a/bin/dig/dig.c b/bin/dig/dig.c
index 3648c98773bee06ccabc4680cc6e5c43e24ea101..3dac5aa28bc7ef9592636d316079843c77435cdf 100644 (file)
--- a/bin/dig/dig.c
+++ b/bin/dig/dig.c
@@ -296,9 +296,6 @@ help(void) {
               "in records)\n"
               "                 +[no]ttlunits       (Display TTLs in "
               "human-readable units)\n"
-              "                 +[no]unexpected     (Print replies from "
-              "unexpected sources\n"
-              "                                      default=off)\n"
               "                 +[no]unknownformat  (Print RDATA in RFC 3597 "
               "\"unknown\" "
               "format)\n"
@@ -1807,7 +1804,8 @@ plus_option(char *option, bool is_batchfile, dig_lookup_t *lookup) {
                        switch (cmd[2]) {
                        case 'e':
                                FULLCHECK("unexpected");
-                               lookup->accept_reply_unexpected_src = state;
+                               fprintf(stderr, ";; +unexpected option "
+                                               "is deprecated");
                                break;
                        case 'k':
                                FULLCHECK("unknownformat");

diff --git a/bin/dig/dig.rst b/bin/dig/dig.rst
index 893ef55228c8976d44a48d9a596c0c4a67e32213..4b1dd7a9d4f3a81a0c660bccdc425260e876061c 100644 (file)
--- a/bin/dig/dig.rst
+++ b/bin/dig/dig.rst
@@ -549,11 +549,6 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to
    units of ``s``, ``m``, ``h``, ``d``, and ``w``, representing seconds, minutes,
    hours, days, and weeks. This implies ``+ttlid``.
 
-``+[no]unexpected``
-   This option accepts [or does not accept] answers from unexpected sources.  By default, ``dig``
-   will not accept a reply from a source other than the one to which it sent the
-   query.
-
 ``+[no]unknownformat``
    This option prints all RDATA in unknown RR type presentation format (:rfc:`3597`).
    The default is to print RDATA for known types in the type's

diff --git a/bin/dig/dighost.c b/bin/dig/dighost.c
index 12d5c4618d92f9be7f3061b9ea788b376df2b1a0..c3e428fb0ef655742be16e8026bbfe93726148eb 100644 (file)
--- a/bin/dig/dighost.c
+++ b/bin/dig/dighost.c
@@ -650,7 +650,6 @@ make_empty_lookup(void) {
        looknew->ttlunits = false;
        looknew->expandaaaa = false;
        looknew->qr = false;
-       looknew->accept_reply_unexpected_src = false;
 #ifdef HAVE_LIBIDN2
        looknew->idnin = isatty(1) ? (getenv("IDN_DISABLE") == NULL) : false;
        looknew->idnout = looknew->idnin;
@@ -799,8 +798,6 @@ clone_lookup(dig_lookup_t *lookold, bool servers) {
        looknew->ttlunits = lookold->ttlunits;
        looknew->expandaaaa = lookold->expandaaaa;
        looknew->qr = lookold->qr;
-       looknew->accept_reply_unexpected_src =
-               lookold->accept_reply_unexpected_src;
        looknew->idnin = lookold->idnin;
        looknew->idnout = lookold->idnout;
        looknew->udpsize = lookold->udpsize;
@@ -3627,43 +3624,6 @@ recv_done(isc_nmhandle_t *handle, isc_result_t eresult, isc_region_t *region,
        isc_buffer_add(&b, region->length);
 
        peer = isc_nmhandle_peeraddr(handle);
-       if (!l->tcp_mode &&
-           !isc_sockaddr_compare(&peer, &query->sockaddr,
-                                 ISC_SOCKADDR_CMPADDR | ISC_SOCKADDR_CMPPORT |
-                                         ISC_SOCKADDR_CMPSCOPE |
-                                         ISC_SOCKADDR_CMPSCOPEZERO))
-       {
-               char buf1[ISC_SOCKADDR_FORMATSIZE];
-               char buf2[ISC_SOCKADDR_FORMATSIZE];
-               isc_sockaddr_t any;
-
-               if (isc_sockaddr_pf(&query->sockaddr) == AF_INET) {
-                       isc_sockaddr_any(&any);
-               } else {
-                       isc_sockaddr_any6(&any);
-               }
-
-               /*
-                * We don't expect a match when the packet is
-                * sent to 0.0.0.0, :: or to a multicast addresses.
-                * XXXMPA broadcast needs to be handled here as well.
-                */
-               if ((!isc_sockaddr_eqaddr(&query->sockaddr, &any) &&
-                    !isc_sockaddr_ismulticast(&query->sockaddr)) ||
-                   isc_sockaddr_getport(&query->sockaddr) !=
-                           isc_sockaddr_getport(&peer))
-               {
-                       isc_sockaddr_format(&peer, buf1, sizeof(buf1));
-                       isc_sockaddr_format(&query->sockaddr, buf2,
-                                           sizeof(buf2));
-                       dighost_warning("reply from unexpected source: %s,"
-                                       " expected %s\n",
-                                       buf1, buf2);
-                       if (!l->accept_reply_unexpected_src) {
-                               match = false;
-                       }
-               }
-       }
 
        result = dns_message_peekheader(&b, &id, &msgflags);
        if (result != ISC_R_SUCCESS || l->sendmsg->id != id) {

diff --git a/bin/dig/dighost.h b/bin/dig/dighost.h
index ff8de20bcdfdf0333b17718c5e4a7405a561cebe..f9bbaf92d3fe0652e7afc629f9d7366fb753d0cb 100644 (file)
--- a/bin/dig/dighost.h
+++ b/bin/dig/dighost.h
@@ -114,12 +114,9 @@ struct dig_lookup {
                tcp_keepalive, header_only, ednsneg, mapped,
                print_unknown_format, multiline, nottl, noclass, onesoa,
                use_usec, nocrypto, ttlunits, idnin, idnout, expandaaaa, qr,
-               accept_reply_unexpected_src, /*%  print replies from
-                                             * unexpected
-                                             *   sources. */
-               setqid;                      /*% use a speciied query ID */
-       char textname[MXNAME];               /*% Name we're going to be
-                                             * looking up */
+               setqid;        /*% use a specified query ID */
+       char textname[MXNAME]; /*% Name we're going to be
+                               * looking up */
        char cmdline[MXNAME];
        dns_rdatatype_t rdtype;
        dns_rdatatype_t qrdtype;

diff --git a/bin/tests/system/digdelv/tests.sh b/bin/tests/system/digdelv/tests.sh
index 25c5df6fb57743c9bf2bc2c15254b3e53d708775..299d396b208ad43d5086111a75f50e72dc77c505 100644 (file)
--- a/bin/tests/system/digdelv/tests.sh
+++ b/bin/tests/system/digdelv/tests.sh
@@ -919,33 +919,6 @@ if [ -x "$DIG" ] ; then
     status=$((status+ret))
   fi
 
-  n=$((n+1))
-  echo_i "check that dig +unexpected works ($n)"
-  ret=0
-  dig_with_opts @10.53.0.6 +tries=1 +time=2 +unexpected a a.example > dig.out.test$n || ret=1
-  grep 'reply from unexpected source' dig.out.test$n > /dev/null || ret=1
-  grep 'status: NOERROR' dig.out.test$n > /dev/null || ret=1
-  if [ $ret -ne 0 ]; then echo_i "failed"; fi
-  status=$((status+ret))
-
-  n=$((n+1))
-  echo_i "check that dig +nounexpected works ($n)"
-  ret=0
-  dig_with_opts @10.53.0.6 +nounexpected +tries=1 +time=2 a a.example > dig.out.test$n && ret=1
-  grep 'reply from unexpected source' dig.out.test$n > /dev/null || ret=1
-  grep "status: NOERROR" < dig.out.test$n > /dev/null && ret=1
-  if [ $ret -ne 0 ]; then echo_i "failed"; fi
-  status=$((status+ret))
-
-  n=$((n+1))
-  echo_i "check that dig default for +[no]unexpected (+nounexpected) works ($n)"
-  ret=0
-  dig_with_opts @10.53.0.6 +tries=1 +time=2 a a.example > dig.out.test$n && ret=1
-  grep 'reply from unexpected source' dig.out.test$n > /dev/null || ret=1
-  grep "status: NOERROR" < dig.out.test$n > /dev/null && ret=1
-  if [ $ret -ne 0 ]; then echo_i "failed"; fi
-  status=$((status+ret))
-
   n=$((n+1))
   echo_i "check that dig +bufsize=0 just sets the buffer size to 0 ($n)"
   ret=0