From: mb Date: Mon, 16 Nov 2020 08:49:06 +0000 (+0100) Subject: rpz: more nsip X-Git-Tag: release-1.14.0rc1~62^2~53^2^2~14 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=07d937f508006c9d9df82f941a46390d40e90148;p=thirdparty%2Funbound.git rpz: more nsip --- diff --git a/services/rpz.c b/services/rpz.c index ff994a482..9b1d23884 100644 --- a/services/rpz.c +++ b/services/rpz.c @@ -1458,7 +1458,7 @@ rpz_iterator_module_callback(struct module_qstate* ms, struct iter_qstate* is) rpz_action_to_string(raddr->action)); action = raddr->action; - if(action == RPZ_LOCAL_DATA_ACTION && raddr->data == NULL ) { + if(action == RPZ_LOCAL_DATA_ACTION && raddr->data == NULL) { verbose(VERB_ALGO, "rpz: bug: local-data action but no local data"); ret = -1; goto done; @@ -1467,6 +1467,7 @@ rpz_iterator_module_callback(struct module_qstate* ms, struct iter_qstate* is) switch(action) { case RPZ_NXDOMAIN_ACTION: FLAGS_SET_RCODE(is->response->rep->flags, LDNS_RCODE_NXDOMAIN); + is->response->rep->flags |= BIT_QR | BIT_AA | BIT_RA; is->response->rep->an_numrrsets = 0; is->response->rep->ns_numrrsets = 0; is->response->rep->ar_numrrsets = 0; @@ -1476,6 +1477,7 @@ rpz_iterator_module_callback(struct module_qstate* ms, struct iter_qstate* is) break; case RPZ_NODATA_ACTION: FLAGS_SET_RCODE(is->response->rep->flags, LDNS_RCODE_NOERROR); + is->response->rep->flags |= BIT_QR | BIT_AA | BIT_RA; is->response->rep->an_numrrsets = 0; is->response->rep->ns_numrrsets = 0; is->response->rep->ar_numrrsets = 0; diff --git a/testdata/rpz_nsip.rpl b/testdata/rpz_nsip.rpl index 29cd8e189..1d4462df0 100644 --- a/testdata/rpz_nsip.rpl +++ b/testdata/rpz_nsip.rpl @@ -181,6 +181,36 @@ ENTRY_END RANGE_END +; bb. ------------------------------------------------------------------------ +RANGE_BEGIN 0 100 + ADDRESS 8.8.1.8 + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +bb. IN NS +SECTION ANSWER +bb. IN NS ns1.aa. +SECTION ADDITIONAL +ns1.bb. IN A 8.8.1.8 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode subdomain +ADJUST copy_id copy_query +REPLY QR NOERROR +SECTION QUESTION +gotham.bb. IN A +SECTION AUTHORITY +gotham.bb. IN NS ns1.gotham.bb. +SECTION ADDITIONAL +ns1.gotham.bb. IN A 192.0.1.1 +ENTRY_END + +RANGE_END + ; ns1.gotham.com. ------------------------------------------------------------ RANGE_BEGIN 0 100 ADDRESS 192.0.6.1 @@ -213,6 +243,22 @@ ENTRY_END RANGE_END +; ns1.gotham.bb. ------------------------------------------------------------- +RANGE_BEGIN 0 100 + ADDRESS 192.0.1.1 + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +gotham.bb. IN A +SECTION ANSWER +gotham.bb. IN A 192.0.1.2 +ENTRY_END + +RANGE_END + STEP 1 QUERY ENTRY_BEGIN REPLY RD @@ -240,10 +286,26 @@ ENTRY_END STEP 11 CHECK_ANSWER ENTRY_BEGIN MATCH all -REPLY QR AA RD RA NXDOMAIN +REPLY QR RD RA NXDOMAIN SECTION QUESTION gotham.aa. IN A SECTION ANSWER ENTRY_END +STEP 20 QUERY +ENTRY_BEGIN +REPLY RD +SECTION QUESTION +gotham.bb. IN A +ENTRY_END + +STEP 21 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RD RA NOERROR +SECTION QUESTION +gotham.bb. IN A +SECTION ANSWER +ENTRY_END + SCENARIO_END