Commit 78d78f05 authored by Brian Wellington's avatar Brian Wellington

556. [func] The DNSSEC OK bit in the EDNS extended flags

                        is now implemented.  Responses to queries without
                        this bit set will not contain any DNSSEC records.
parent 1f2f5445
556. [func] The DNSSEC OK bit in the EDNS extended flags
is now implemented. Responses to queries without
this bit set will not contain any DNSSEC records.
555. [bug] A slave server attempting a zone transfer could
crash with an assertion failure on certain
malformed responses from the master. [RT #457]
......
......@@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: dig.c,v 1.126 2000/11/08 00:47:15 mws Exp $ */
/* $Id: dig.c,v 1.127 2000/11/13 21:33:50 bwelling Exp $ */
#include <config.h>
#include <stdlib.h>
......@@ -180,6 +180,7 @@ show_usage(void) {
" +[no]trace (Trace delegation down from root)\n"
" +rrlimit=### (Limit number of rr's in xfr)\n"
" +namelimit=### (Limit number of names in xfr)\n"
" +[no]dnssec (Request DNSSEC records)\n"
" global d-opts and servers (before host name) affect all queries.\n"
" local d-opts and servers (after host name) affect only that lookup.\n"
, stderr);
......@@ -679,9 +680,12 @@ plus_option(char *option, isc_boolean_t is_batchfile,
break;
case 'd':
switch (cmd[1]) {
case 'e':
case 'e': /* defname */
lookup->defname = state;
break;
case 'n': /* dnssec */
lookup->dnssec = state;
break;
case 'o': /* domain */
if (value == NULL)
goto need_value;
......
......@@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: dighost.c,v 1.161 2000/11/08 01:23:27 gson Exp $ */
/* $Id: dighost.c,v 1.162 2000/11/13 21:33:51 bwelling Exp $ */
/*
* Notice to programmers: Do not use this code as an example of how to
......@@ -356,6 +356,7 @@ make_empty_lookup(void) {
looknew->ignore = ISC_FALSE;
looknew->servfail_stops = ISC_FALSE;
looknew->besteffort = ISC_TRUE;
looknew->dnssec = ISC_FALSE;
looknew->udpsize = 0;
looknew->recurse = ISC_TRUE;
looknew->aaonly = ISC_FALSE;
......@@ -415,6 +416,7 @@ clone_lookup(dig_lookup_t *lookold, isc_boolean_t servers) {
looknew->ignore = lookold->ignore;
looknew->servfail_stops = lookold->servfail_stops;
looknew->besteffort = lookold->besteffort;
looknew->dnssec = lookold->dnssec;
looknew->udpsize = lookold->udpsize;
looknew->recurse = lookold->recurse;
looknew->aaonly = lookold->aaonly;
......@@ -757,7 +759,9 @@ setup_libs(void) {
* option is UDP buffer size.
*/
static void
add_opt(dns_message_t *msg, isc_uint16_t udpsize, dns_optlist_t optlist) {
add_opt(dns_message_t *msg, isc_uint16_t udpsize, isc_boolean_t dnssec,
dns_optlist_t optlist)
{
dns_rdataset_t *rdataset = NULL;
dns_rdatalist_t *rdatalist = NULL;
dns_rdata_t *rdata = NULL;
......@@ -784,6 +788,8 @@ add_opt(dns_message_t *msg, isc_uint16_t udpsize, dns_optlist_t optlist) {
rdatalist->covers = 0;
rdatalist->rdclass = udpsize;
rdatalist->ttl = 0;
if (dnssec)
rdatalist->ttl = DNS_MESSAGEEXTFLAG_DO;
rdata->data = NULL;
rdata->length = 0;
#ifdef DNS_OPT_NEWCODES_LIVE
......@@ -1422,10 +1428,10 @@ setup_lookup(dig_lookup_t *lookup) {
result = dns_message_renderbegin(lookup->sendmsg, &lookup->sendbuf);
check_result(result, "dns_message_renderbegin");
#ifndef DNS_OPT_NEWCODES_LIVE
if (lookup->udpsize > 0) {
if (lookup->udpsize > 0 || lookup->dnssec) {
#else /* DNS_OPT_NEWCODES_LIVE */
if (lookup->udpsize > 0 || lookup->zonename[0] !=0 ||
lookup->viewname[0] != 0) {
if (lookup->udpsize > 0 || || lookup->dnssec ||
lookup->zonename[0] !=0 || lookup->viewname[0] != 0) {
dns_fixedname_t fname;
isc_buffer_t namebuf, *wirebuf = NULL;
dns_compress_t cctx;
......@@ -1475,7 +1481,8 @@ setup_lookup(dig_lookup_t *lookup) {
optlist.used++;
}
#endif /* DNS_OPT_NEWCODES_LIVE */
add_opt(lookup->sendmsg, lookup->udpsize, optlist);
add_opt(lookup->sendmsg, lookup->udpsize, lookup->dnssec,
optlist);
#ifdef DNS_OPT_NEWCODES_LIVE
if (wirebuf != NULL)
isc_buffer_free(&wirebuf);
......
......@@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: dig.h,v 1.56 2000/11/08 00:47:18 mws Exp $ */
/* $Id: dig.h,v 1.57 2000/11/13 21:33:53 bwelling Exp $ */
#ifndef DIG_H
#define DIG_H
......@@ -96,7 +96,8 @@ struct dig_lookup {
section_additional,
servfail_stops,
new_search,
besteffort;
besteffort,
dnssec;
char textname[MXNAME]; /* Name we're going to be looking up */
char cmdline[MXNAME];
dns_rdatatype_t rdtype;
......
......@@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: client.c,v 1.126 2000/11/03 17:39:37 gson Exp $ */
/* $Id: client.c,v 1.127 2000/11/13 21:33:54 bwelling Exp $ */
#include <config.h>
......@@ -538,6 +538,7 @@ ns_client_endrequest(ns_client_t *client) {
}
client->udpsize = 512;
client->extflags = 0;
dns_message_reset(client->message, DNS_MESSAGE_INTENTPARSE);
if (client->recursionquota != NULL)
......@@ -1233,6 +1234,11 @@ client_request(isc_task_t *task, isc_event_t *event) {
* Set the client's UDP buffer size.
*/
client->udpsize = opt->rdclass;
/*
* Get the flags out of the OPT record.
*/
client->extflags = DNS_OPT_FLAGS(opt);
#ifdef DNS_OPT_NEWCODES
/*
......@@ -1533,6 +1539,7 @@ client_create(ns_clientmgr_t *manager, ns_client_t **clientp)
client->tcpbuf = NULL;
client->opt = NULL;
client->udpsize = 512;
client->extflags = 0;
#ifdef DNS_OPT_NEWCODES
client->opt_zone = NULL;
client->opt_view = NULL;
......
......@@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: client.h,v 1.45 2000/10/12 21:51:48 mws Exp $ */
/* $Id: client.h,v 1.46 2000/11/13 21:33:57 bwelling Exp $ */
#ifndef NAMED_CLIENT_H
#define NAMED_CLIENT_H 1
......@@ -109,6 +109,7 @@ struct ns_client {
unsigned char * sendbuf;
dns_rdataset_t * opt;
isc_uint16_t udpsize;
isc_uint16_t extflags;
#ifdef DNS_OPT_NEWCODES
dns_fixedname_t * opt_zone;
isc_buffer_t * opt_view;
......
......@@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: query.h,v 1.22 2000/09/06 20:35:22 gson Exp $ */
/* $Id: query.h,v 1.23 2000/11/13 21:33:58 bwelling Exp $ */
#ifndef NAMED_QUERY_H
#define NAMED_QUERY_H 1
......@@ -61,6 +61,7 @@ struct ns_query {
#define NS_QUERYATTR_QUERYOKVALID 0x0040
#define NS_QUERYATTR_QUERYOK 0x0080
#define NS_QUERYATTR_WANTRECURSION 0x0100
#define NS_QUERYATTR_WANTDNSSEC 0x0200
isc_result_t
ns_query_init(ns_client_t *client);
......
This diff is collapsed.
......@@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: message.h,v 1.82 2000/11/13 20:12:03 bwelling Exp $ */
/* $Id: message.h,v 1.83 2000/11/13 21:34:01 bwelling Exp $ */
#ifndef DNS_MESSAGE_H
#define DNS_MESSAGE_H 1
......@@ -95,6 +95,8 @@
#define DNS_MESSAGEFLAG_AD 0x0020U
#define DNS_MESSAGEFLAG_CD 0x0010U
#define DNS_MESSAGEEXTFLAG_DO 0x8000U
#define DNS_MESSAGE_REPLYPRESERVE (DNS_MESSAGEFLAG_RD)
#define DNS_MESSAGE_HEADERLEN 12 /* 6 isc_uint16_t's */
......
......@@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: opt.h,v 1.2 2000/10/12 21:51:57 mws Exp $ */
/* $Id: opt.h,v 1.3 2000/11/13 21:34:03 bwelling Exp $ */
#ifndef DNS_OPT_H
#define DNS_OPT_H 1
......@@ -49,6 +49,8 @@
#define DNS_OPTCODE_VIEW 0xfff1
#endif /* DNS_OPT_NEWCODES */
#define DNS_OPT_FLAGS(opt) ((opt)->ttl & 0xFFFF)
/*
* OPT records contain a series of attributes which contain different types.
* These structures are used for holding the individual attribute
......
......@@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: opt.c,v 1.4 2000/10/25 04:26:42 marka Exp $ */
/* $Id: opt.c,v 1.5 2000/11/13 21:33:59 bwelling Exp $ */
#include <config.h>
......@@ -231,9 +231,13 @@ dns_opt_totext(dns_rdataset_t *opt, isc_buffer_t *target,
0x00ff0000 >> 16)));
ADD_STRING(target, buf, fail);
ADD_STRING(target, ", udp=", fail);
sprintf(buf, "%7u\n",
sprintf(buf, "%7u",
(unsigned int)opt->rdclass);
ADD_STRING(target, buf, fail);
ADD_STRING(target, ", flags:", fail);
if ((DNS_OPT_FLAGS(opt) & DNS_MESSAGEEXTFLAG_DO) != 0)
ADD_STRING(target, " do", fail);
ADD_STRING(target, "\n", fail);
list.attrs = &attr;
list.size = 1;
......
......@@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: resolver.c,v 1.180 2000/11/11 02:14:50 gson Exp $ */
/* $Id: resolver.c,v 1.181 2000/11/13 21:34:00 bwelling Exp $ */
#include <config.h>
......@@ -607,12 +607,12 @@ fctx_addopt(dns_message_t *message) {
rdatalist->rdclass = SEND_BUFFER_SIZE;
/*
* Set EXTENDED-RCODE, VERSION, and Z to 0.
* Set EXTENDED-RCODE, VERSION, and Z to 0, and the DO bit to 1.
*/
rdatalist->ttl = 0;
rdatalist->ttl = DNS_MESSAGEEXTFLAG_DO;
/*
* No ENDS options.
* No EDNS options.
*/
rdata->data = NULL;
rdata->length = 0;
......@@ -936,11 +936,12 @@ resquery_send(resquery_t *query) {
}
/*
* If we're using EDNS, set AD and CD so we'll get DNSSEC data.
* If we're using EDNS, set CD. CD and EDNS aren't really related,
* but if we send a non EDNS query, there's a chance the server
* won't understand CD either.
*/
if ((query->options & DNS_FETCHOPT_NOEDNS0) == 0)
fctx->qmessage->flags |=
(DNS_MESSAGEFLAG_AD|DNS_MESSAGEFLAG_CD);
fctx->qmessage->flags |= DNS_MESSAGEFLAG_CD;
/*
* Add TSIG record tailored to the current recipient.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment