From: Vsevolod Stakhov Date: Thu, 18 Aug 2016 14:34:14 +0000 (+0100) Subject: [Feature] Add support of stub DNSSEC resolver to rdns X-Git-Tag: 1.3.4~30 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=795fe5c42fc25332dd32dc29aede858043596f70;p=thirdparty%2Frspamd.git [Feature] Add support of stub DNSSEC resolver to rdns --- diff --git a/contrib/librdns/dns_private.h b/contrib/librdns/dns_private.h index 28ab60a596..4e3f7c9a86 100644 --- a/contrib/librdns/dns_private.h +++ b/contrib/librdns/dns_private.h @@ -144,7 +144,9 @@ struct dns_header { unsigned int rd:1; unsigned int ra:1; - unsigned int unused:3; + unsigned int cd : 1; + unsigned int ad : 1; + unsigned int z : 1; unsigned int rcode:4; #else unsigned int rd :1; @@ -154,7 +156,9 @@ struct dns_header { unsigned int qr :1; unsigned int rcode :4; - unsigned int unused :3; + unsigned int z : 1; + unsigned int ad : 1; + unsigned int cd : 1; unsigned int ra :1; #endif diff --git a/contrib/librdns/packet.c b/contrib/librdns/packet.c index 532b5de91c..25f3d89793 100644 --- a/contrib/librdns/packet.c +++ b/contrib/librdns/packet.c @@ -266,8 +266,11 @@ rdns_add_edns0 (struct rdns_request *req) *p16++ = htons (UDP_PACKET_SIZE); /* Extended rcode 00 00 */ *p16++ = 0; - /* Z 10000000 00000000 to allow dnssec, disabled currently */ - *p16++ = 0; + /* Z 10000000 00000000 to allow dnssec */ + p8 = (uint8_t *)p16; + *p8++ = 0x80; + *p8++ = 0; + p16 = (uint16_t *)p8; /* Length */ *p16 = 0; req->pos += sizeof (uint8_t) + sizeof (uint16_t) * 5; diff --git a/contrib/librdns/rdns.h b/contrib/librdns/rdns.h index 0728e5b9cb..56630536cb 100644 --- a/contrib/librdns/rdns.h +++ b/contrib/librdns/rdns.h @@ -133,6 +133,7 @@ struct rdns_reply { struct rdns_reply_entry *entries; const char *requested_name; enum dns_rcode code; + bool authenticated; }; typedef void (*rdns_periodic_callback)(void *user_data); diff --git a/contrib/librdns/resolver.c b/contrib/librdns/resolver.c index 4027bf0ab7..20700ee3b0 100644 --- a/contrib/librdns/resolver.c +++ b/contrib/librdns/resolver.c @@ -119,6 +119,7 @@ rdns_make_reply (struct rdns_request *req, enum dns_rcode rcode) rep->entries = NULL; rep->code = rcode; req->reply = rep; + rep->authenticated = false; } return rep; @@ -190,6 +191,10 @@ rdns_parse_reply (uint8_t *in, int r, struct rdns_request *req, */ rep = rdns_make_reply (req, header->rcode); + if (header->ad) { + rep->authenticated = true; + } + if (rep == NULL) { rdns_warn ("Cannot allocate memory for reply"); return false;