Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
ISC Open Source Projects
BIND
Commits
02093e4c
Commit
02093e4c
authored
Aug 25, 2015
by
Mark Andrews
Browse files
4193. [bug] Handle broken servers that return BADVERS incorrectly.
[RT #40427]
parent
9b956d34
Changes
2
Hide whitespace changes
Inline
Side-by-side
CHANGES
View file @
02093e4c
4193. [bug] Handle broken servers that return BADVERS incorrectly.
[RT #40427]
4192. [bug] The default rrset-order of random was not always being
applied. [RT #40456]
...
...
lib/dns/resolver.c
View file @
02093e4c
...
...
@@ -7986,8 +7986,11 @@ resquery_response(isc_task_t *task, isc_event_t *event) {
*/
result
=
DNS_R_YXDOMAIN
;
}
else
if
(
message
->
rcode
==
dns_rcode_badvers
)
{
unsigned
int
flags
,
mask
;
unsigned
int
version
;
isc_boolean_t
setnocookie
=
ISC_FALSE
;
#if DNS_EDNS_VERSION > 0
unsigned
int
flags
,
mask
;
#endif
/*
* Some servers return BADVERS to unknown
...
...
@@ -7998,18 +8001,22 @@ resquery_response(isc_task_t *task, isc_event_t *event) {
*/
if
(
dns_adb_getcookie
(
fctx
->
adb
,
query
->
addrinfo
,
cookie
,
sizeof
(
cookie
))
==
0U
)
{
if
(
!
NOCOOKIE
(
query
->
addrinfo
))
setnocookie
=
ISC_TRUE
;
dns_adb_changeflags
(
fctx
->
adb
,
query
->
addrinfo
,
FCTX_ADDRINFO_NOCOOKIE
,
FCTX_ADDRINFO_NOCOOKIE
);
}
resend
=
ISC_TRUE
;
INSIST
(
opt
!=
NULL
);
version
=
(
opt
->
ttl
>>
16
)
&
0xff
;
#if DNS_EDNS_VERSION > 0
flags
=
(
version
<<
DNS_FETCHOPT_EDNSVERSIONSHIFT
)
|
DNS_FETCHOPT_EDNSVERSIONSET
;
mask
=
DNS_FETCHOPT_EDNSVERSIONMASK
|
DNS_FETCHOPT_EDNSVERSIONSET
;
#endif
/*
* Record that we got a good EDNS response.
*/
...
...
@@ -8019,29 +8026,32 @@ resquery_response(isc_task_t *task, isc_event_t *event) {
FCTX_ADDRINFO_EDNSOK
,
FCTX_ADDRINFO_EDNSOK
);
}
/*
* XXXMPA we should really test against the version of
* EDNS we sent in the request. Some servers return
* BADVERS for unknown EDNS options.
* RFC 2671 was not clear that they should be ignored.
* RFC 6891 is clear that that they should be ignored.
* If we are supporting EDNS > 0 then perform strict
* RFC 2671 was not clear that unknown options should
* be ignored. RFC 6891 is clear that that they
* should be ignored. If we are supporting the
* experimental EDNS > 0 then perform strict
* version checking of badvers responses. We won't
* be sending COOKIE etc. in that case.
*/
#if DNS_EDNS_VERSION == 0
/* Avoids a compiler warning with < 0 */
if
(
version
<=
DNS_EDNS_VERSION
)
#else
if
(
version
<
DNS_EDNS_VERSION
)
#endif
{
#if DNS_EDNS_VERSION > 0
if
((
int
)
version
<
query
->
ednsversion
)
{
dns_adb_changeflags
(
fctx
->
adb
,
query
->
addrinfo
,
flags
,
mask
);
resend
=
ISC_TRUE
;
}
else
{
broken_server
=
DNS_R_BADVERS
;
keep_trying
=
ISC_TRUE
;
}
#else
if
(
version
==
0U
&&
setnocookie
)
{
resend
=
ISC_TRUE
;
}
else
{
broken_server
=
DNS_R_BADVERS
;
keep_trying
=
ISC_TRUE
;
}
#endif
}
else
if
(
message
->
rcode
==
dns_rcode_badcookie
&&
message
->
cc_ok
)
{
/*
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment