LDNS_RCODE_SET(ldns_buffer_begin(c->buffer),
LDNS_RCODE_SERVFAIL);
ldns_buffer_set_position(c->buffer, LDNS_HEADER_SIZE);
+ ldns_buffer_write_at(c->buffer, 4,
+ (uint8_t*)"\0\0\0\0\0\0\0\0", 8);
ldns_buffer_flip(c->buffer);
return 1;
}
- callback checks for event callbacks done from mini_event. Because
of deletions cannot do this from netevent. This means when using
libevent the protection does not work on event-callbacks.
+ - fixup too small reply (did not zero counts).
+ - fixup reply no longer AD bit when query without DO bit.
5 October 2007: Wouter
- function pointer whitelist.
else repinfo.c->type = comm_udp;
fill_buffer_with_reply(repinfo.c->buffer, todo->match, NULL);
log_info("testbound: incoming QUERY");
+ log_pkt("query pkt", todo->match->reply_list->reply);
/* call the callback for incoming queries */
if((*runtime->callback_query)(repinfo.c, runtime->cb_arg,
NETEVENT_NOERROR, &repinfo)) {
} else if(str_keyword(&parse, "AD")) {
ldns_pkt_set_ad(reply, true);
} else if(str_keyword(&parse, "DO")) {
+ ldns_pkt_set_edns_udp_size(reply, 4096);
ldns_pkt_set_edns_do(reply, true);
} else {
error("could not parse REPLY: '%s'", parse);
STEP 1 QUERY
ENTRY_BEGIN
-REPLY RD
+REPLY RD DO
SECTION QUESTION
www.example.com. IN A
ENTRY_END
www.example.com. IN A
SECTION ANSWER
www.example.com. IN A 10.20.30.40
+www.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854}
SECTION AUTHORITY
example.com. IN NS ns.example.com.
+example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
SECTION ADDITIONAL
ns.example.com. IN A 1.2.3.4
+ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854}
ENTRY_END
; make sure glue fetch is done.
STEP 1 QUERY
ENTRY_BEGIN
-REPLY RD
+REPLY RD DO
SECTION QUESTION
www.example.com. IN A
ENTRY_END
www.example.com. IN A
SECTION ANSWER
www.example.com. IN A 10.20.30.40
+www.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854}
SECTION AUTHORITY
example.com. IN NS ns.example.com.
+example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
SECTION ADDITIONAL
ns.example.com. IN A 1.2.3.4
+ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854}
ENTRY_END
; make sure glue fetch is done.
STEP 1 QUERY
ENTRY_BEGIN
-REPLY RD
+REPLY RD DO
SECTION QUESTION
www.sub.example.com. IN A
ENTRY_END
SECTION ANSWER
SECTION AUTHORITY
example.com. SOA ns.example.com. h.example.com. 2007090504 1800 1800 2419200 7200
+example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. MCwCFC5uwIHSehZtetK2CMNXttSFUB0XAhROFDAgy/FaxR8zFXJzyPdpQG93Sw== ;{id = 2854}
+blub.example.com. NSEC znub.example.com. A MX RRSIG NSEC
+blub.example.com. 3600 IN RRSIG NSEC 3 3 3600 20070926134150 20070829134150 2854 example.com. MCwCFCic/WwyMtdDE/84g8l0S0M8AOtnAhR88hQEp5cD5XQ3EmQ79RUuNTCgdg== ;{id = 2854}
+example.com. NSEC blub.example.com. SOA NS MX DNSKEY RRSIG NSEC
+example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFFYX7iNIlT79gNFFlvnn44Ittm6HAhUAg7u0hZ4to87qyfkonZu2jVLW3xw= ;{id = 2854}
SECTION ADDITIONAL
ENTRY_END
STEP 1 QUERY
ENTRY_BEGIN
-REPLY RD
+REPLY RD DO
SECTION QUESTION
www.sub.example.com. IN A
ENTRY_END
SECTION ANSWER
SECTION AUTHORITY
example.com. SOA ns.example.com. h.example.com. 2007090504 1800 1800 2419200 7200
+example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. MCwCFC5uwIHSehZtetK2CMNXttSFUB0XAhROFDAgy/FaxR8zFXJzyPdpQG93Sw== ;{id = 2854}
+blub.example.com. NSEC znub.example.com. A MX RRSIG NSEC
+blub.example.com. 3600 IN RRSIG NSEC 3 3 3600 20070926134150 20070829134150 2854 example.com. MCwCFCic/WwyMtdDE/84g8l0S0M8AOtnAhR88hQEp5cD5XQ3EmQ79RUuNTCgdg== ;{id = 2854}
+example.com. NSEC blub.example.com. SOA NS MX DNSKEY RRSIG NSEC
+example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFFYX7iNIlT79gNFFlvnn44Ittm6HAhUAg7u0hZ4to87qyfkonZu2jVLW3xw= ;{id = 2854}
SECTION ADDITIONAL
ENTRY_END
STEP 1 QUERY
ENTRY_BEGIN
-REPLY RD
+REPLY RD DO
SECTION QUESTION
328.0.0.194.example.com. IN A
ENTRY_END
328.0.0.194.example.com. IN A
SECTION ANSWER
328.0.0.194.example.com. 3600 IN A 11.11.11.11
+328.0.0.194.example.com. 3600 IN RRSIG A 5 6 3600 20070926135752 20070829135752 30899 0.0.194.example.com. chZW77mqywhw/4ch6BxXQ4EbFgb9zgh2xF75FLlKq/7ey6CfHSJRpJRjRqtMTn+1i18UL2B4nPS/WnK5DZeqlA== ;{id = 30899}
SECTION AUTHORITY
SECTION ADDITIONAL
ENTRY_END
/* remove AA bit, copy RD and CD bits from query. */
flags = (rep->flags & ~BIT_AA) | (qflags & (BIT_RD|BIT_CD));
}
- if(secure)
+ if(secure && dnssec)
flags |= BIT_AD;
log_assert(flags & BIT_QR); /* QR bit must be on in our replies */
if(udpsize < LDNS_HEADER_SIZE)
projects / thirdparty / unbound.git / commitdiff
