3810. [bug] Work around broken nameservers that fail to ignore

author Mark Andrews <marka@isc.org>

Thu, 17 Apr 2014 05:43:38 +0000 (15:43 +1000)

committer Mark Andrews <marka@isc.org>

Thu, 17 Apr 2014 05:43:38 +0000 (15:43 +1000)
author Mark Andrews <marka@isc.org>
Thu, 17 Apr 2014 05:43:38 +0000 (15:43 +1000)
committer Mark Andrews <marka@isc.org>
Thu, 17 Apr 2014 05:43:38 +0000 (15:43 +1000)
diff --git a/CHANGES b/CHANGES

index 497f693652b6e4b78fe71c7c8ffbc8c7add03974..0ada88dbe1e48ff94cd7914398ccb7ac6421f27f 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,6 @@
+3810.  [bug]           Work around broken nameservers that fail to ignore
+                       unknown EDNS options. [RT #35766]
+
  3809.  [doc]           Fix SIT and NSID documentation.
  
  3808.  [doc]           Clean up "prefetch" documentation. [RT #35751]
diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c

index 11c805f7e8ff3af214d20114a250bb7f678d782e..cb05e69c2cd4941af17d522ae2bdc38298f9933f 100644 (file)
--- a/lib/dns/resolver.c
+++ b/lib/dns/resolver.c
@@ -7455,6 +7455,24 @@ resquery_response(isc_task_t *task, isc_event_t *event) {
          */
         if (message->rcode != dns_rcode_noerror &&
             message->rcode != dns_rcode_nxdomain) {
+#ifdef ISC_PLATFORM_USESIT
+               unsigned char sit[64];
+
+               /*
+                * Some servers do not ignore unknown EDNS options.
+                */
+               if (!NOSIT(query->addrinfo) &&
+                   (message->rcode == dns_rcode_formerr ||
+                    message->rcode == dns_rcode_notimp ||
+                    message->rcode == dns_rcode_refused) &&
+                    dns_adb_getsit(fctx->adb, query->addrinfo,
+                                  sit, sizeof(sit)) == 0U) {
+                       dns_adb_changeflags(fctx->adb, query->addrinfo,
+                                           FCTX_ADDRINFO_NOSIT,
+                                           FCTX_ADDRINFO_NOSIT);
+                       resend = ISC_TRUE;
+               } else
+#endif
                 if (((message->rcode == dns_rcode_formerr ||
                       message->rcode == dns_rcode_notimp) ||
                      (message->rcode == dns_rcode_servfail &&
author	Mark Andrews <marka@isc.org>
	Thu, 17 Apr 2014 05:43:38 +0000 (15:43 +1000)
committer	Mark Andrews <marka@isc.org>
	Thu, 17 Apr 2014 05:43:38 +0000 (15:43 +1000)
CHANGES		patch \| blob \| blame \| history
lib/dns/resolver.c		patch \| blob \| blame \| history