plugin/edns: remove truncating of question section on bad EDNS version (#5787)
* plugin/edns: remove truncating of question section on bad EDNS version EDNS requests of "Unknown Version" removed the query section altogether. Not sure why since this is not require (see [link](https://kb.isc.org/docs/edns-compatibility-dig-queries) This cause issues with DNS solutions that uses this information (initial queried name, type and class) in order to route the response to the right client (e.g. PDNS). The change here is to keep the inital query section as is. Signed-off-by: Ben Kaplan <ben.kaplan@redis.com> * adding tests for edns0 version check Signed-off-by: Ben Kaplan <ben.kaplan@redis.com> * adding tests for non-edns0 version check Signed-off-by: Ben Kaplan <ben.kaplan@redis.com> Signed-off-by: Ben Kaplan <ben.kaplan@redis.com>
This commit is contained in:
Ben Kaplan
GitHub
parent
5517c3fd30
commit
9b94696b11
2 changed files with 15 additions and 6 deletions
|
|
@ -36,8 +36,7 @@ func SupportedOption(option uint16) bool {
|
||||||
|
|
||||||
// Version checks the EDNS version in the request. If error
|
// Version checks the EDNS version in the request. If error
|
||||||
// is nil everything is OK and we can invoke the plugin. If non-nil, the
|
// is nil everything is OK and we can invoke the plugin. If non-nil, the
|
||||||
// returned Msg is valid to be returned to the client (and should). For some
|
// returned Msg is valid to be returned to the client (and should).
|
||||||
// reason this response should not contain a question RR in the question section.
|
|
||||||
func Version(req *dns.Msg) (*dns.Msg, error) {
|
func Version(req *dns.Msg) (*dns.Msg, error) {
|
||||||
opt := req.IsEdns0()
|
opt := req.IsEdns0()
|
||||||
if opt == nil {
|
if opt == nil {
|
||||||
|
|
@ -48,8 +47,6 @@ func Version(req *dns.Msg) (*dns.Msg, error) {
|
||||||
}
|
}
|
||||||
m := new(dns.Msg)
|
m := new(dns.Msg)
|
||||||
m.SetReply(req)
|
m.SetReply(req)
|
||||||
// zero out question section, wtf.
|
|
||||||
m.Question = nil
|
|
||||||
|
|
||||||
o := new(dns.OPT)
|
o := new(dns.OPT)
|
||||||
o.Hdr.Name = "."
|
o.Hdr.Name = "."
|
||||||
|
|
|
||||||
|
|
@ -10,20 +10,32 @@ func TestVersion(t *testing.T) {
|
||||||
m := ednsMsg()
|
m := ednsMsg()
|
||||||
m.Extra[0].(*dns.OPT).SetVersion(2)
|
m.Extra[0].(*dns.OPT).SetVersion(2)
|
||||||
|
|
||||||
_, err := Version(m)
|
r, err := Version(m)
|
||||||
if err == nil {
|
if err == nil {
|
||||||
t.Errorf("Expected wrong version, but got OK")
|
t.Errorf("Expected wrong version, but got OK")
|
||||||
}
|
}
|
||||||
|
if r.Question == nil {
|
||||||
|
t.Errorf("Expected question section, but got nil")
|
||||||
|
}
|
||||||
|
if r.Rcode != dns.RcodeBadVers {
|
||||||
|
t.Errorf("Expected Rcode to be of BADVER (16), but got %d", r.Rcode)
|
||||||
|
}
|
||||||
|
if r.Extra == nil {
|
||||||
|
t.Errorf("Expected OPT section, but got nil")
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestVersionNoEdns(t *testing.T) {
|
func TestVersionNoEdns(t *testing.T) {
|
||||||
m := ednsMsg()
|
m := ednsMsg()
|
||||||
m.Extra = nil
|
m.Extra = nil
|
||||||
|
|
||||||
_, err := Version(m)
|
r, err := Version(m)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Errorf("Expected no error, but got one: %s", err)
|
t.Errorf("Expected no error, but got one: %s", err)
|
||||||
}
|
}
|
||||||
|
if r != nil {
|
||||||
|
t.Errorf("Expected nil since not an EDNS0 request, but did not got nil")
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func ednsMsg() *dns.Msg {
|
func ednsMsg() *dns.Msg {
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue