From ceef84e022cb5ee42fa32699c8c55d5b0322b429 Mon Sep 17 00:00:00 2001 From: "W.C.A. Wijngaards" Date: Tue, 4 Jan 2022 13:49:31 +0100 Subject: [PATCH] - Fix that RPZ does not set RD flag on replies, it should be copied from the query. --- doc/Changelog | 2 ++ services/rpz.c | 6 +++--- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/doc/Changelog b/doc/Changelog index c843a3f06..34366e7ae 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -5,6 +5,8 @@ is blocked with NXDOMAIN by unsetting RA. - Fix to add test for rpz-signal-nxdomain-ra. - Fix #596: only unset RA when NXDOMAIN is signalled. + - Fix that RPZ does not set RD flag on replies, it should be copied + from the query. 22 December 2021: George - contrib/aaaa-filter-iterator.patch file renewed diff content to diff --git a/services/rpz.c b/services/rpz.c index 383440a23..a8e8b5503 100644 --- a/services/rpz.c +++ b/services/rpz.c @@ -1698,7 +1698,7 @@ rpz_synthesize_nodata(struct rpz* ATTR_UNUSED(r), struct module_qstate* ms, if(msg == NULL) { return msg; } msg->qinfo = *qinfo; msg->rep = construct_reply_info_base(ms->region, - LDNS_RCODE_NOERROR | BIT_RD | BIT_QR | BIT_AA | BIT_RA, + LDNS_RCODE_NOERROR | BIT_QR | BIT_AA | BIT_RA, 1, /* qd */ 0, /* ttl */ 0, /* prettl */ @@ -1723,7 +1723,7 @@ rpz_synthesize_nxdomain(struct rpz* r, struct module_qstate* ms, uint16_t flags; if(msg == NULL) { return msg; } msg->qinfo = *qinfo; - flags = LDNS_RCODE_NXDOMAIN | BIT_RD | BIT_QR | BIT_AA | BIT_RA; + flags = LDNS_RCODE_NXDOMAIN | BIT_QR | BIT_AA | BIT_RA; if(r->signal_nxdomain_ra) flags &= ~BIT_RA; msg->rep = construct_reply_info_base(ms->region, @@ -1757,7 +1757,7 @@ rpz_synthesize_localdata_from_rrset(struct rpz* ATTR_UNUSED(r), struct module_qs if(msg == NULL) { return NULL; } new_reply_info = construct_reply_info_base(ms->region, - LDNS_RCODE_NOERROR | BIT_RD | BIT_QR | BIT_AA | BIT_RA, + LDNS_RCODE_NOERROR | BIT_QR | BIT_AA | BIT_RA, 1, /* qd */ 0, /* ttl */ 0, /* prettl */ -- 2.47.3