]> git.ipfire.org Git - thirdparty/pdns.git/commitdiff
projects / thirdparty / pdns.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 9199072)
If we receive a question with an EDNS section in auth, always answer with an EDNS...
authorBert Hubert <bert.hubert@netherlabs.nl>
Sun, 1 Jul 2012 11:44:26 +0000 (11:44 +0000)
committerBert Hubert <bert.hubert@netherlabs.nl>
Sun, 1 Jul 2012 11:44:26 +0000 (11:44 +0000)
Spotted by the ever-vigilant Jimmy Bergman.

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@2649 d19b8d6e-7fed-0310-83ef-9ca221ded41b

pdns/dnspacket.cc patch | blob | blame | history
pdns/dnspacket.hh patch | blob | blame | history

diff --git a/pdns/dnspacket.cc b/pdns/dnspacket.cc
index 93a2952fc8e4431bf208b5f14a3849a40ae84ddb..d58df1af2f14c49fc165728194506c19b3059d21 100644 (file)
--- a/pdns/dnspacket.cc
+++ b/pdns/dnspacket.cc
@@ -92,6 +92,7 @@ DNSPacket::DNSPacket(const DNSPacket &orig)
   
   d_eso = orig.d_eso;
   d_haveednssubnet = orig.d_haveednssubnet;
+  d_haveednssection = orig.d_haveednssection;
   
   d_dnssecOk = orig.d_dnssecOk;
   d_rrs=orig.d_rrs;
@@ -281,7 +282,7 @@ void DNSPacket::wrapup()
   }
   
   
-  if(!d_rrs.empty() || !opts.empty() || d_haveednssubnet) {
+  if(!d_rrs.empty() || !opts.empty() || d_haveednssubnet || d_haveednssection) {
     try {
       uint8_t maxScopeMask=0;
       for(pos=d_rrs.begin(); pos < d_rrs.end(); ++pos) {
@@ -318,7 +319,7 @@ void DNSPacket::wrapup()
         opts.push_back(make_pair(::arg().asNum("edns-subnet-option-number"), opt));
       }
 
-      if(!opts.empty() || d_dnssecOk)
+      if(!opts.empty() || d_haveednssection || d_dnssecOk)
         pw.addOpt(2800, 0, d_dnssecOk ? EDNSOpts::DNSSECOK : 0, opts);
 
       if(!pw.getHeader()->tc) // protect against double commit from addSignature
@@ -376,6 +377,7 @@ DNSPacket *DNSPacket::replyPacket() const
   r->d_dnssecOk = d_dnssecOk;
   r->d_eso = d_eso;
   r->d_haveednssubnet = d_haveednssubnet;
+  r->d_haveednssection = d_haveednssection;
   
   if(!d_tsigkeyname.empty()) {
     r->d_tsigkeyname = d_tsigkeyname;
@@ -477,9 +479,11 @@ try
   d_ednsping.clear();
   d_havetsig = mdp.getTSIGPos();
   d_haveednssubnet = false;
+  d_haveednssection = false;
 
 
   if(getEDNSOpts(mdp, &edo)) {
+    d_haveednssection=true;
     d_maxreplylen=std::min(edo.d_packetsize, (uint16_t)1680);
 //    cerr<<edo.d_Z<<endl;
     if(edo.d_Z & EDNSOpts::DNSSECOK)
diff --git a/pdns/dnspacket.hh b/pdns/dnspacket.hh
index 3789dc27a49118d6c5cc1eb25f469a558dcd807d..5d9a74873fce82e3fd08f5bea504952c08d5de43 100644 (file)
--- a/pdns/dnspacket.hh
+++ b/pdns/dnspacket.hh
@@ -169,6 +169,7 @@ private:
   string d_ednsping;
   bool d_wantsnsid;
   bool d_haveednssubnet;
+  bool d_haveednssection;
   EDNSSubnetOpts d_eso;
   string d_tsigsecret;
   string d_tsigkeyname;
Unnamed repository; edit this file 'description' to name the repository.