From: Vladimír Čunát <vladimir.cunat@nic.cz>
Date: Tue, 11 Jul 2017 14:18:18 +0000 (+0200)
Subject: policy: change the localhost. domain
X-Git-Tag: v1.3.3~8^2~4
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b154c7512ad226380bcdf3615d26bbfc29014ec7;p=thirdparty%2Fknot-resolver.git

policy: change the localhost. domain

The RFC seems to read that resolvers should reply with address records
even for foo.bar.localhost.  Note: Unbound-1.6.4 does NOT do that.
https://tools.ietf.org/html/rfc6761#section-6.3
---

diff --git a/modules/policy/policy.lua b/modules/policy/policy.lua
index 1183883f2..05c1099a5 100644
--- a/modules/policy/policy.lua
+++ b/modules/policy/policy.lua
@@ -145,25 +145,18 @@ local function localhost(state, req)
 	ffi.C.kr_pkt_make_auth_header(answer)
 
 	local is_exact = ffi.C.knot_dname_is_equal(qry.sname, dname_localhost)
-	if not is_exact then
-		answer:rcode(kres.rcode.NXDOMAIN)
-		answer:begin(kres.section.AUTHORITY)
-		mkauth_soa(answer, dname_localhost)
-		return kres.DONE
-	end
 
 	answer:rcode(kres.rcode.NOERROR)
 	answer:begin(kres.section.ANSWER)
 	if qry.stype == kres.type.AAAA then
-		answer:put(dname_localhost, 900, answer:qclass(), kres.type.AAAA,
+		answer:put(qry.sname, 900, answer:qclass(), kres.type.AAAA,
 			'\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\1')
 	elseif qry.stype == kres.type.A then
-		answer:put(dname_localhost, 900, answer:qclass(), kres.type.A, '\127\0\0\1')
-	elseif qry.stype == kres.type.SOA then
+		answer:put(qry.sname, 900, answer:qclass(), kres.type.A, '\127\0\0\1')
+	elseif is_exact and qry.stype == kres.type.SOA then
 		mkauth_soa(answer, dname_localhost)
-	elseif qry.stype == kres.type.NS then
-		answer:put(dname_localhost, 900, answer:qclass(), kres.type.NS,
-			dname_localhost)
+	elseif is_exact and qry.stype == kres.type.NS then
+		answer:put(dname_localhost, 900, answer:qclass(), kres.type.NS, dname_localhost)
 	else
 		answer:begin(kres.section.AUTHORITY)
 		mkauth_soa(answer, dname_localhost)