From b3cb172a1128e1bece62e1067caf29d71fcf55cd Mon Sep 17 00:00:00 2001
From: bert hubert <bert.hubert@netherlabs.nl>
Date: Sun, 6 Mar 2016 10:59:23 +0100
Subject: [PATCH] make sure our recursor cache is blind for edns subnet - THIS
 CODE NEEDS TO BE IMPROVED @rgacogne

---
 pdns/recpacketcache.cc | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/pdns/recpacketcache.cc b/pdns/recpacketcache.cc
index 73756cd8e1..bd03e2a534 100644
--- a/pdns/recpacketcache.cc
+++ b/pdns/recpacketcache.cc
@@ -62,7 +62,29 @@ uint32_t RecursorPacketCache::canHashPacket(const std::string& origPacket)
   for(; p < end && *p; ++p) { // XXX if you embed a 0 in your qname we'll stop lowercasing there
     const char l = dns_tolower(*p); // label lengths can safely be lower cased
     ret=burtle((const unsigned char*)&l, 1, ret);
+  }                           // XXX the embedded 0 in the qname will break the subnet stripping
+  
+  // this code will only function properly with *1* EDNS option
+  struct dnsheader* dh = (struct dnsheader*)origPacket.c_str();
+  if(ntohs(dh->arcount)==1 && p+12 < end) {
+    const unsigned char *q = (const unsigned char*) p;
+    q+=5; 
+    unsigned int optlen=(0x100*q[9] + q[10]);
+    /*
+    cout<<"Option length: "<< optlen <<endl;
+    cout<<"Option code: "<< (0x100*q[11] + q[12]) <<endl;
+    cout<<makeHexDump(string((const char*)q, end))<<endl;
+    */
+    if(end - optlen > p) {
+      /*
+      cout<<"Had "<<(end-p)<<" bytes left to hash, removing "<<optlen<<" of those"<<endl;
+      cout<<"Removing: "<<makeHexDump(string(end-optlen, optlen))<<endl;
+      */
+      end -= optlen;
+      
+    }
   }
+  // cout<<"Hashing: "<<makeHexDump({p, end})<<endl;
   return burtle((const unsigned char*)p, end-p, ret);
 }
 
-- 
2.47.2