Commit bc53d68a authored by Diego dos Santos Fronza's avatar Diego dos Santos Fronza
Browse files

Added documentation for dig's +unexpected command line option.

parent 3ef91562
Pipeline #20744 failed with stages
in 21 minutes and 56 seconds
5284. [func] Added +unexpected command line option to dig.
By default, dig won't accept a reply from a source
other than the one to which it sent the query.
Invoking dig with +unexpected argument will allow it
to process replies from unexpected sources.
5283. [bug] When a response-policy zone expires, ensure that 5283. [bug] When a response-policy zone expires, ensure that
its policies are removed from the RPZ summary its policies are removed from the RPZ summary
database. [GL #1146] database. [GL #1146]
......
...@@ -1674,7 +1674,7 @@ plus_option(char *option, bool is_batchfile, ...@@ -1674,7 +1674,7 @@ plus_option(char *option, bool is_batchfile,
switch (cmd[2]) { switch (cmd[2]) {
case 'e': case 'e':
FULLCHECK("unexpected"); FULLCHECK("unexpected");
lookup->accept_reply_unexpected_src = true; lookup->accept_reply_unexpected_src = state;
break; break;
case 'k': case 'k':
FULLCHECK("unknownformat"); FULLCHECK("unknownformat");
......
...@@ -1269,6 +1269,17 @@ ...@@ -1269,6 +1269,17 @@
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry>
<term><option>+[no]unexpected</option></term>
<listitem>
<para>
Accept [do not accept] answers from unexpected sources. By
default, <command>dig</command> won't accept a reply from a
source other than the one to which it sent the query.
</para>
</listitem>
</varlistentry>
<varlistentry> <varlistentry>
<term><option>+[no]unknownformat</option></term> <term><option>+[no]unknownformat</option></term>
<listitem> <listitem>
......
...@@ -621,6 +621,7 @@ make_empty_lookup(void) { ...@@ -621,6 +621,7 @@ make_empty_lookup(void) {
looknew->ttlunits = false; looknew->ttlunits = false;
looknew->expandaaaa = false; looknew->expandaaaa = false;
looknew->qr = false; looknew->qr = false;
looknew->accept_reply_unexpected_src = false;
#ifdef HAVE_LIBIDN2 #ifdef HAVE_LIBIDN2
looknew->idnin = isatty(1)?(getenv("IDN_DISABLE") == NULL):false; looknew->idnin = isatty(1)?(getenv("IDN_DISABLE") == NULL):false;
looknew->idnout = looknew->idnin; looknew->idnout = looknew->idnin;
...@@ -766,6 +767,8 @@ clone_lookup(dig_lookup_t *lookold, bool servers) { ...@@ -766,6 +767,8 @@ clone_lookup(dig_lookup_t *lookold, bool servers) {
looknew->ttlunits = lookold->ttlunits; looknew->ttlunits = lookold->ttlunits;
looknew->expandaaaa = lookold->expandaaaa; looknew->expandaaaa = lookold->expandaaaa;
looknew->qr = lookold->qr; looknew->qr = lookold->qr;
looknew->accept_reply_unexpected_src =
lookold->accept_reply_unexpected_src;
looknew->idnin = lookold->idnin; looknew->idnin = lookold->idnin;
looknew->idnout = lookold->idnout; looknew->idnout = lookold->idnout;
looknew->udpsize = lookold->udpsize; looknew->udpsize = lookold->udpsize;
......
...@@ -67,7 +67,7 @@ for (;;) { ...@@ -67,7 +67,7 @@ for (;;) {
my $sendsock = my $sendsock =
IO::Socket::INET->new(LocalAddr => "10.53.1.2", IO::Socket::INET->new(LocalAddr => "10.53.1.2",
PeerAddr => $sock->peerhost, PeerAddr => $sock->peerhost,
PeerPort => "5300", PeerPort => $sock->peerport,
Proto => "udp") or die "$!"; Proto => "udp") or die "$!";
print "**** response from ", $sendsock->sockhost, " to " , print "**** response from ", $sendsock->sockhost, " to " ,
$sendsock->peerhost, " port ", $sendsock->peerport, "\n"; $sendsock->peerhost, " port ", $sendsock->peerport, "\n";
......
...@@ -68,6 +68,7 @@ if [ -n "$PYTHON" ] ; then ...@@ -68,6 +68,7 @@ if [ -n "$PYTHON" ] ; then
fi fi
if [ -x "$DIG" ] ; then if [ -x "$DIG" ] ; then
n=$((n+1)) n=$((n+1))
echo_i "checking dig short form works ($n)" echo_i "checking dig short form works ($n)"
ret=0 ret=0
...@@ -723,6 +724,7 @@ if [ -x "$DIG" ] ; then ...@@ -723,6 +724,7 @@ if [ -x "$DIG" ] ; then
status=$((status+ret)) status=$((status+ret))
n=$((n+1)) n=$((n+1))
echo_i "check that dig +short +expandaaaa works ($n)" echo_i "check that dig +short +expandaaaa works ($n)"
ret=0 ret=0
dig_with_opts @10.53.0.3 +short +expandaaaa AAAA ns2.example > dig.out.test$n 2>&1 || ret=1 dig_with_opts @10.53.0.3 +short +expandaaaa AAAA ns2.example > dig.out.test$n 2>&1 || ret=1
...@@ -744,6 +746,33 @@ if [ -x "$DIG" ] ; then ...@@ -744,6 +746,33 @@ if [ -x "$DIG" ] ; then
if [ $ret -ne 0 ]; then echo_i "failed"; fi if [ $ret -ne 0 ]; then echo_i "failed"; fi
status=$((status+ret)) status=$((status+ret))
fi fi
echo_i "check that dig +unexpected works ($n)"
ret=0
dig_with_opts @10.53.0.6 +unexpected a a.example > dig.out.test$n || ret=1
grep 'reply from unexpected source' dig.out.test$n > /dev/null || ret=1
grep 'status: NOERROR' dig.out.test$n > /dev/null || ret=1
if [ $ret -ne 0 ]; then echo_i "failed"; fi
status=$((status+ret))
n=$((n+1))
echo_i "check that dig +nounexpected works ($n)"
ret=0
dig_with_opts @10.53.0.6 +nounexpected +tries=1 +time=2 a a.example > dig.out.test$n && ret=1
grep 'reply from unexpected source' dig.out.test$n > /dev/null || ret=1
grep "status: NOERROR" < dig.out.test$n > /dev/null && ret=1
if [ $ret -ne 0 ]; then echo_i "failed"; fi
status=$((status+ret))
n=$((n+1))
echo_i "check that dig default for +[no]unexpected (+nounexpected) works ($n)"
ret=0
dig_with_opts @10.53.0.6 +tries=1 +time=2 a a.example > dig.out.test$n && ret=1
grep 'reply from unexpected source' dig.out.test$n > /dev/null || ret=1
grep "status: NOERROR" < dig.out.test$n > /dev/null && ret=1
if [ $ret -ne 0 ]; then echo_i "failed"; fi
status=$((status+ret))
else else
echo_i "$DIG is needed, so skipping these dig tests" echo_i "$DIG is needed, so skipping these dig tests"
fi fi
......
...@@ -113,6 +113,15 @@ ...@@ -113,6 +113,15 @@
<section xml:id="relnotes_features"><info><title>New Features</title></info> <section xml:id="relnotes_features"><info><title>New Features</title></info>
<itemizedlist> <itemizedlist>
<listitem>
<para>
Added a new command line option to <command>dig</command>:
<comand>+[no]unexpected</comand>. By default, <command>dig</command>
won't accept a reply from a source other than the one to which
it sent the query. Add the <command>+unexpected</command> argument
to enable it to process replies from unexpected sources.
</para>
</listitem>
<listitem> <listitem>
<para> <para>
The GeoIP2 API from MaxMind is now supported. Geolocation support The GeoIP2 API from MaxMind is now supported. Geolocation support
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment