Commit Diff
Diff:
be5951d6782e605228999aed36e5e8e8f4e8fa2d
d29dc98c0220359debdca341ba7884ac62cfcc3b
Commit:
d29dc98c0220359debdca341ba7884ac62cfcc3b
Tree:
86a58656ff7b1cb0d57591ba049891768ff81da0
Author:
pjp <pjp@delphinusdns.org>
Committer:
pjp <pjp@delphinusdns.org>
Date:
Fri May 9 23:14:17 2014 UTC
Message:
* RFC 3225 (Indicating Resolver Support of DNSSEC) support * this is a fixup to last commit to show edns0 queries when they are done with the DO bit set. tested on OpenBSD
blob - 9ac472a4a0ccee82816f873f55880359e1842b2c
blob + 8a892009c0d5f8c6df71e5b298b975297e67e397
--- dns.h
+++ dns.h
@@ -139,6 +139,13 @@ struct dns_question_hdr {
#define UNSET_DNS_RCODE_FORMATERR(x) ((x)->query &= ~(DNS_FORMATERR))
#define UNSET_DNS_RCODE_NOERR(x) ((x)->query &= ~(DNS_NOERR))
+/* DNSSEC/EDNS0 options RFC 3225 */
+
+#define DNSSEC_OK 0x8000
+
+#define SET_DNS_ERCODE_DNSSECOK(x) ((x)->ttl |= (DNSSEC_OK))
+#define UNSET_DNS_ERCODE_DNSSECOK(x) ((x)->ttl &= ~(DNSSEC_OK))
+
/* DNS types - RFC 1035 page 12 */
#define DNS_TYPE_A 1
@@ -194,6 +201,7 @@ struct question {
struct dns_question_hdr *hdr;
char *converted_name;
int edns0len;
+ int dnssecok;
};
#endif /* DNS_H */
blob - 53870531cacbc444d9e74fe716cbb718beb0b59c
blob + 8ff7c890c0e33766796bd2b0c9b6a13fc0b76cfb
--- main.c
+++ main.c
@@ -166,7 +166,7 @@ static struct tcps {
} *tn1, *tnp, *tntmp;
-static const char rcsid[] = "$Id: main.c,v 1.89 2014/05/09 22:02:18 pjp Exp $";
+static const char rcsid[] = "$Id: main.c,v 1.90 2014/05/09 23:14:17 pjp Exp $";
/*
* MAIN - set up arguments, set up database, set up sockets, call mainloop
@@ -1234,14 +1234,16 @@ build_question(char *buf, int len, int additional)
if (ntohs(opt->type) != DNS_TYPE_OPT)
break;
- /* hackaround everything 0 for edns0 question */
- if (ntohl(opt->ttl) != 0)
- break;
-
/* if we got options here I don't want to know about them */
if (ntohs(opt->rdlen) > 0)
break;
+ /* RFC 3225 */
+ if (ntohl(opt->ttl) & DNSSEC_OK)
+ q->dnssecok = 1;
+ else if (ntohl(opt->ttl) != 0)
+ break;
+
q->edns0len = ntohs(opt->class);
} while (0);
@@ -3392,12 +3394,12 @@ udpnxdomain:
udpout:
if (lflag) {
- dolog(LOG_INFO, "request on descriptor %u interface \"%s\" from %s (ttl=%u, region=%d) for \"%s\" type=%s class=%u, %sanswering \"%s\"\n", so, cfg->ident[i], address, received_ttl, aregion, question->converted_name, get_dns_type(ntohs(question->hdr->qtype)), ntohs(question->hdr->qclass), (question->edns0len ? "edns0, " : ""), replystring);
+ dolog(LOG_INFO, "request on descriptor %u interface \"%s\" from %s (ttl=%u, region=%d) for \"%s\" type=%s class=%u, %s%sanswering \"%s\"\n", so, cfg->ident[i], address, received_ttl, aregion, question->converted_name, get_dns_type(ntohs(question->hdr->qtype)), ntohs(question->hdr->qclass), (question->edns0len ? "edns0, " : ""), (question->dnssecok ? "dnssecok, " : "") , replystring);
}
if (logging.active == 1 && logging.bind == 0) {
- remotelog(lfd, "request on descriptor %u interface \"%s\" from %s (ttl=%u, region=%d) for \"%s\" type=%s class=%u, %sanswering \"%s\"", so, cfg->ident[i], address, received_ttl, aregion, question->converted_name, get_dns_type(ntohs(question->hdr->qtype)), ntohs(question->hdr->qclass), (question->edns0len ? "edns0, ": ""), replystring);
+ remotelog(lfd, "request on descriptor %u interface \"%s\" from %s (ttl=%u, region=%d) for \"%s\" type=%s class=%u, %s%sanswering \"%s\"", so, cfg->ident[i], address, received_ttl, aregion, question->converted_name, get_dns_type(ntohs(question->hdr->qtype)), ntohs(question->hdr->qclass), (question->edns0len ? "edns0, ": ""), (question->dnssecok ? "dnssecok" : ""), replystring);
}
if (fakequestion != NULL) {
repomaster@centroid.eu