From 1353273b0ea6aae7ea9c5e9b244e7f2495e03e9f Mon Sep 17 00:00:00 2001
From: Winfried Angele <winfried.angele@gmail.com>
Date: Wed, 30 Dec 2015 11:32:19 +0100
Subject: [PATCH] Use 56 bits instead of 64 in ECS option

to please https://tools.ietf.org/html/draft-ietf-dnsop-edns-client-subnet-06#section-11 and protect IPv6 users privacy as well.
---
 pdns/pdns_recursor.cc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pdns/pdns_recursor.cc b/pdns/pdns_recursor.cc
index a002446cf8..87556821a0 100644
--- a/pdns/pdns_recursor.cc
+++ b/pdns/pdns_recursor.cc
@@ -2154,7 +2154,7 @@ boost::optional<Netmask> getEDNSSubnetMask(const ComboAddress& local, const DNSN
 {
   if(local.sin4.sin_family != AF_INET || local.sin4.sin_addr.s_addr) { // detect unset 'requestor'
     if(g_ednsdomains.check(dn) || g_ednssubnets.match(rem)) {
-      int bits =local.sin4.sin_family == AF_INET ? 24 : 64;
+      int bits =local.sin4.sin_family == AF_INET ? 24 : 56;
       ComboAddress trunc(local);
       trunc.truncate(bits);
       return boost::optional<Netmask>(Netmask(trunc, bits));
-- 
2.47.2