From: W.C.A. Wijngaards <wouter@nlnetlabs.nl>
Date: Mon, 28 Feb 2022 13:39:48 +0000 (+0100)
Subject: - Fix edns client subnet to add the option based on the option list,
X-Git-Tag: release-1.16.0rc1~38
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8e8ccfe3c3c5889a43d2a73e1cef7ebaced59d47;p=thirdparty%2Funbound.git

- Fix edns client subnet to add the option based on the option list,
  so that it is not state dependent, after the state fix of #605 for
  double EDNS options.
---

diff --git a/doc/Changelog b/doc/Changelog
index f3d925927..fe8ef0d83 100644
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -5,6 +5,9 @@
 28 February 2022: Wouter
 	- Fix #633: Document unix domain socket support for unbound-control.
 	- Fix for #633: updated fix with new text.
+	- Fix edns client subnet to add the option based on the option list,
+	  so that it is not state dependent, after the state fix of #605 for
+	  double EDNS options.
 
 25 February 2022: Wouter
 	- Fix to detect that no IPv6 support means that IPv6 addresses are
diff --git a/edns-subnet/subnetmod.c b/edns-subnet/subnetmod.c
index 81f0bf3ad..3c723bcc3 100644
--- a/edns-subnet/subnetmod.c
+++ b/edns-subnet/subnetmod.c
@@ -162,17 +162,21 @@ int ecs_whitelist_check(struct query_info* qinfo,
 		/* Address on whitelist or client query contains ECS option, we
 		 * want to sent out ECS. Only add option if it is not already
 		 * set. */
-		if(!(sq->subnet_sent)) {
+		if(!edns_opt_list_find(qstate->edns_opts_back_out,
+			qstate->env->cfg->client_subnet_opcode)) {
 			ecs_opt_list_append(&sq->ecs_server_out,
 				&qstate->edns_opts_back_out, qstate);
-			sq->subnet_sent = 1;
 		}
+		sq->subnet_sent = 1;
 	}
-	else if(sq->subnet_sent) {
+	else {
 		/* Outgoing ECS option is set, but we don't want to sent it to
 		 * this address, remove option. */
-		edns_opt_list_remove(&qstate->edns_opts_back_out,
-			qstate->env->cfg->client_subnet_opcode);
+		if(!edns_opt_list_find(qstate->edns_opts_back_out,
+			qstate->env->cfg->client_subnet_opcode)) {
+			edns_opt_list_remove(&qstate->edns_opts_back_out,
+				qstate->env->cfg->client_subnet_opcode);
+		}
 		sq->subnet_sent = 0;
 	}
 	return 1;