From 07b66aead5dda1accd299941d3ab233db0750924 Mon Sep 17 00:00:00 2001 From: Remi Gacogne Date: Tue, 27 May 2025 16:23:39 +0200 Subject: [PATCH] dnsdist: Do not replace EDNS in answers self-generated from a packet While it makes sense to add/remove EDNS when the answer was generated from the query itself, we should not be doing that when it has been generated from a whole DNS packet, as it probably contains exactly what the user intended it to. Signed-off-by: Remi Gacogne --- pdns/dnsdistdist/dnsdist-self-answers.cc | 1 + pdns/dnsdistdist/dnsdist.cc | 3 +++ pdns/dnsdistdist/dnsdist.hh | 1 + 3 files changed, 5 insertions(+) diff --git a/pdns/dnsdistdist/dnsdist-self-answers.cc b/pdns/dnsdistdist/dnsdist-self-answers.cc index dd0ff0b119..4e0b66084e 100644 --- a/pdns/dnsdistdist/dnsdist-self-answers.cc +++ b/pdns/dnsdistdist/dnsdist-self-answers.cc @@ -233,6 +233,7 @@ bool generateAnswerFromRawPacket(DNSQuestion& dnsQuestion, const PacketBuffer& p { auto questionId = dnsQuestion.getHeader()->id; dnsQuestion.getMutableData() = packet; + dnsQuestion.d_selfGeneratedFromPacket = true; dnsdist::PacketMangling::editDNSHeaderFromPacket(dnsQuestion.getMutableData(), [questionId](dnsheader& header) { header.id = questionId; return true; diff --git a/pdns/dnsdistdist/dnsdist.cc b/pdns/dnsdistdist/dnsdist.cc index 4c9d596724..b96617e0a5 100644 --- a/pdns/dnsdistdist/dnsdist.cc +++ b/pdns/dnsdistdist/dnsdist.cc @@ -326,6 +326,9 @@ static bool fixUpQueryTurnedResponse(DNSQuestion& dnsQuestion, const uint16_t or return true; }); + if (dnsQuestion.d_selfGeneratedFromPacket) { + return true; + } return addEDNSToQueryTurnedResponse(dnsQuestion); } diff --git a/pdns/dnsdistdist/dnsdist.hh b/pdns/dnsdistdist/dnsdist.hh index 6624e86a45..06b32ade6f 100644 --- a/pdns/dnsdistdist/dnsdist.hh +++ b/pdns/dnsdistdist/dnsdist.hh @@ -184,6 +184,7 @@ public: bool ecsOverride; bool useECS{true}; bool asynchronous{false}; + bool d_selfGeneratedFromPacket{false}; }; struct DownstreamState; -- 2.47.2