From ce1e4c915586e7c013f8f56528c06c58ce3ca6b0 Mon Sep 17 00:00:00 2001
From: Otto Moerbeek <otto.moerbeek@open-xchange.com>
Date: Mon, 18 Mar 2024 10:54:58 +0100
Subject: [PATCH] sdig: remove xpf handling

---
 docs/manpages/sdig.1.rst |  2 --
 pdns/sdig.cc             | 40 ++++------------------------------------
 2 files changed, 4 insertions(+), 38 deletions(-)

diff --git a/docs/manpages/sdig.1.rst b/docs/manpages/sdig.1.rst
index ee916ed50a..e67c4a5a06 100644
--- a/docs/manpages/sdig.1.rst
+++ b/docs/manpages/sdig.1.rst
@@ -55,8 +55,6 @@ caStore *file*
     when using DoT, read the trusted CA certificates from *file*. Default is to use the system provided CA store.
 tlsProvider *name*
     when using DoT, use TLS provider *name*. Currently supported (if compiled in): `openssl` and `gnutls`. Default is `openssl` if available.
-xpf *XPFCODE* *XPFVERSION* *XPFPROTO* *XPFSRC* *XPFDST*
-	Send an *XPF* additional with these parameters.
 opcode *OPNUM*
     Use opcode *OPNUM* instead of 0 (Query). For example, ``sdig 192.0.2.1 53 example.com SOA opcode 4`` sends a ``NOTIFY``.
 
diff --git a/pdns/sdig.cc b/pdns/sdig.cc
index 036122317a..7362cc8164 100644
--- a/pdns/sdig.cc
+++ b/pdns/sdig.cc
@@ -40,7 +40,6 @@ static void usage()
   cerr << "Syntax: sdig IP-ADDRESS-OR-DOH-URL PORT QNAME QTYPE "
           "[dnssec] [ednssubnet SUBNET/MASK] [hidesoadetails] [hidettl] [recurse] [showflags] "
           "[tcp] [dot] [insecure] [fastOpen] [subjectName name] [caStore file] [tlsProvider openssl|gnutls] "
-          "[xpf XPFDATA] [class CLASSNUM] "
           "[proxy UDP(0)/TCP(1) SOURCE-IP-ADDRESS-AND-PORT DESTINATION-IP-ADDRESS-AND-PORT] "
           "[dumpluaraw] [opcode OPNUM]"
        << endl;
@@ -58,9 +57,7 @@ static std::unordered_set<uint16_t> s_expectedIDs;
 
 static void fillPacket(vector<uint8_t>& packet, const string& q, const string& t,
                        bool dnssec, const boost::optional<Netmask>& ednsnm,
-                       bool recurse, uint16_t xpfcode, uint16_t xpfversion,
-                       uint64_t xpfproto, char* xpfsrc, char* xpfdst,
-                       QClass qclass, uint8_t opcode, uint16_t qid)
+                       bool recurse, QClass qclass, uint8_t opcode, uint16_t qid)
 {
   DNSPacketWriter pw(packet, DNSName(q), DNSRecordContent::TypeToNumber(t), qclass, opcode);
 
@@ -82,19 +79,6 @@ static void fillPacket(vector<uint8_t>& packet, const string& q, const string& t
     pw.commit();
   }
 
-  if (xpfcode) {
-    ComboAddress src(xpfsrc), dst(xpfdst);
-    pw.startRecord(g_rootdnsname, xpfcode, 0, QClass::IN, DNSResourceRecord::ADDITIONAL);
-    // xpf->toPacket(pw);
-    pw.xfr8BitInt(xpfversion);
-    pw.xfr8BitInt(xpfproto);
-    pw.xfrCAWithoutPort(xpfversion, src);
-    pw.xfrCAWithoutPort(xpfversion, dst);
-    pw.xfrCAPort(src);
-    pw.xfrCAPort(dst);
-    pw.commit();
-  }
-
   if (recurse) {
     pw.getHeader()->rd = true;
   }
@@ -212,8 +196,6 @@ try {
   bool insecureDoT = false;
   bool fromstdin = false;
   boost::optional<Netmask> ednsnm;
-  uint16_t xpfcode = 0, xpfversion = 0, xpfproto = 0;
-  char *xpfsrc = NULL, *xpfdst = NULL;
   QClass qclass = QClass::IN;
   uint8_t opcode = 0;
   string proxyheader;
@@ -268,17 +250,6 @@ try {
         }
         ednsnm = Netmask(argv[++i]);
       }
-      else if (strcmp(argv[i], "xpf") == 0) {
-        if (argc < i + 6) {
-          cerr << "xpf needs five arguments" << endl;
-          exit(EXIT_FAILURE);
-        }
-        xpfcode = atoi(argv[++i]);
-        xpfversion = atoi(argv[++i]);
-        xpfproto = atoi(argv[++i]);
-        xpfsrc = argv[++i];
-        xpfdst = argv[++i];
-      }
       else if (strcmp(argv[i], "class") == 0) {
         if (argc < i+2) {
           cerr << "class needs an argument"<<endl;
@@ -377,8 +348,7 @@ try {
 #ifdef HAVE_LIBCURL
     vector<uint8_t> packet;
     s_expectedIDs.insert(0);
-    fillPacket(packet, name, type, dnssec, ednsnm, recurse, xpfcode, xpfversion,
-               xpfproto, xpfsrc, xpfdst, qclass, opcode, 0);
+    fillPacket(packet, name, type, dnssec, ednsnm, recurse, qclass, opcode, 0);
     MiniCurl mc;
     MiniCurl::MiniCurlHeaders mch;
     mch.emplace("Content-Type", "application/dns-message");
@@ -432,8 +402,7 @@ try {
     for (const auto& it : questions) {
       vector<uint8_t> packet;
       s_expectedIDs.insert(counter);
-      fillPacket(packet, it.first, it.second, dnssec, ednsnm, recurse, xpfcode,
-                 xpfversion, xpfproto, xpfsrc, xpfdst, qclass, opcode, counter);
+      fillPacket(packet, it.first, it.second, dnssec, ednsnm, recurse, qclass, opcode, counter);
       counter++;
 
       // Prefer to do a single write, so that fastopen can send all the data on SYN
@@ -463,8 +432,7 @@ try {
   {
     vector<uint8_t> packet;
     s_expectedIDs.insert(0);
-    fillPacket(packet, name, type, dnssec, ednsnm, recurse, xpfcode, xpfversion,
-               xpfproto, xpfsrc, xpfdst, qclass, opcode, 0);
+    fillPacket(packet, name, type, dnssec, ednsnm, recurse, qclass, opcode, 0);
     string question(packet.begin(), packet.end());
     Socket sock(dest.sin4.sin_family, SOCK_DGRAM);
     question = proxyheader + question;
-- 
2.47.2