bebc7ba4534f4871fc5d3f24c04e36bd3149ae0b
[openwrt/staging/stintel.git] /
1 From 6f7812d97bc8f87004c0a5069c6c94c64af78106 Mon Sep 17 00:00:00 2001
2 From: Simon Kelley <simon@thekelleys.org.uk>
3 Date: Tue, 23 Oct 2018 23:54:44 +0100
4 Subject: [PATCH 06/32] Fix spurious AD flags in some DNS replies from local
5 config.
6
7 Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
8 ---
9 src/rfc1035.c | 42 ++++++++++++++++++++++++------------------
10 1 file changed, 24 insertions(+), 18 deletions(-)
11
12 --- a/src/rfc1035.c
13 +++ b/src/rfc1035.c
14 @@ -1330,7 +1330,7 @@ size_t answer_request(struct dns_header
15 {
16 if (t->class == qclass && hostname_isequal(name, t->name))
17 {
18 - ans = 1;
19 + ans = 1, sec_data = 0;
20 if (!dryrun)
21 {
22 unsigned long ttl = daemon->local_ttl;
23 @@ -1370,7 +1370,7 @@ size_t answer_request(struct dns_header
24 addr.addr.rcode.rcode = NOTIMP;
25 log_query(F_CONFIG | F_RCODE, name, &addr, NULL);
26 }
27 - ans = 1;
28 + ans = 1, sec_data = 0;
29 }
30 }
31 }
32 @@ -1725,7 +1725,7 @@ size_t answer_request(struct dns_header
33 }
34 else if (is_name_synthetic(flag, name, &addr))
35 {
36 - ans = 1;
37 + ans = 1, sec_data = 0;
38 if (!dryrun)
39 {
40 log_query(F_FORWARD | F_CONFIG | flag, name, &addr, NULL);
41 @@ -1763,25 +1763,27 @@ size_t answer_request(struct dns_header
42 for (rec = daemon->mxnames; rec; rec = rec->next)
43 if (!rec->issrv && hostname_isequal(name, rec->name))
44 {
45 - ans = found = 1;
46 - if (!dryrun)
47 - {
48 - int offset;
49 - log_query(F_CONFIG | F_RRNAME, name, NULL, "<MX>");
50 - if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->local_ttl,
51 - &offset, T_MX, C_IN, "sd", rec->weight, rec->target))
52 - {
53 - anscount++;
54 - if (rec->target)
55 - rec->offset = offset;
56 - }
57 - }
58 + ans = found = 1;
59 + sec_data = 0;
60 + if (!dryrun)
61 + {
62 + int offset;
63 + log_query(F_CONFIG | F_RRNAME, name, NULL, "<MX>");
64 + if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->local_ttl,
65 + &offset, T_MX, C_IN, "sd", rec->weight, rec->target))
66 + {
67 + anscount++;
68 + if (rec->target)
69 + rec->offset = offset;
70 + }
71 + }
72 }
73
74 if (!found && (option_bool(OPT_SELFMX) || option_bool(OPT_LOCALMX)) &&
75 cache_find_by_name(NULL, name, now, F_HOSTS | F_DHCP | F_NO_RR))
76 {
77 ans = 1;
78 + sec_data = 0;
79 if (!dryrun)
80 {
81 log_query(F_CONFIG | F_RRNAME, name, NULL, "<MX>");
82 @@ -1802,6 +1804,7 @@ size_t answer_request(struct dns_header
83 if (rec->issrv && hostname_isequal(name, rec->name))
84 {
85 found = ans = 1;
86 + sec_data = 0;
87 if (!dryrun)
88 {
89 int offset;
90 @@ -1838,6 +1841,7 @@ size_t answer_request(struct dns_header
91 if (!found && option_bool(OPT_FILTER) && (qtype == T_SRV || (qtype == T_ANY && strchr(name, '_'))))
92 {
93 ans = 1;
94 + sec_data = 0;
95 if (!dryrun)
96 log_query(F_CONFIG | F_NEG, name, NULL, NULL);
97 }
98 @@ -1850,6 +1854,7 @@ size_t answer_request(struct dns_header
99 if (hostname_isequal(name, na->name))
100 {
101 ans = 1;
102 + sec_data = 0;
103 if (!dryrun)
104 {
105 log_query(F_CONFIG | F_RRNAME, name, NULL, "<NAPTR>");
106 @@ -1862,11 +1867,12 @@ size_t answer_request(struct dns_header
107 }
108
109 if (qtype == T_MAILB)
110 - ans = 1, nxdomain = 1;
111 + ans = 1, nxdomain = 1, sec_data = 0;
112
113 if (qtype == T_SOA && option_bool(OPT_FILTER))
114 {
115 - ans = 1;
116 + ans = 1;
117 + sec_data = 0;
118 if (!dryrun)
119 log_query(F_CONFIG | F_NEG, name, &addr, NULL);
120 }