44 lines
2.0 KiB
Diff
44 lines
2.0 KiB
Diff
From 5421863a16f19ba6a85214bb17986d6015b298b3 Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Jack=20D=C3=A4hn?= <jack@jkdhn.me>
|
|
Date: Tue, 3 Aug 2021 08:07:05 +0200
|
|
Subject: [PATCH] resolved: Don't omit AD bit in reply if DO is set in the
|
|
query
|
|
|
|
Set the AD bit in the response if the data is authenticated and AD or DO is set in the query, as suggested by section 5.8 of RFC6840.
|
|
|
|
Fixes #20332
|
|
|
|
(cherry picked from commit b553abd8aed0f6fbff9973882fb08c3aec1d9400)
|
|
|
|
Conflict:NA
|
|
Reference:https://github.com/systemd/systemd/commit/5421863a16f19ba6a85214bb17986d6015b298b3
|
|
---
|
|
src/resolve/resolved-dns-stub.c | 4 ++--
|
|
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/src/resolve/resolved-dns-stub.c b/src/resolve/resolved-dns-stub.c
|
|
index 5b9d32f001..49da916576 100644
|
|
--- a/src/resolve/resolved-dns-stub.c
|
|
+++ b/src/resolve/resolved-dns-stub.c
|
|
@@ -585,7 +585,7 @@ static int dns_stub_send_reply(
|
|
DNS_PACKET_RD(q->request_packet),
|
|
!!q->request_packet->opt,
|
|
edns0_do,
|
|
- DNS_PACKET_AD(q->request_packet) && dns_query_fully_authenticated(q),
|
|
+ (DNS_PACKET_AD(q->request_packet) || DNS_PACKET_DO(q->request_packet)) && dns_query_fully_authenticated(q),
|
|
DNS_PACKET_CD(q->request_packet),
|
|
q->stub_listener_extra ? ADVERTISE_EXTRA_DATAGRAM_SIZE_MAX : ADVERTISE_DATAGRAM_SIZE_MAX,
|
|
dns_packet_has_nsid_request(q->request_packet) > 0 && !q->stub_listener_extra);
|
|
@@ -627,7 +627,7 @@ static int dns_stub_send_failure(
|
|
DNS_PACKET_RD(p),
|
|
!!p->opt,
|
|
DNS_PACKET_DO(p),
|
|
- DNS_PACKET_AD(p) && authenticated,
|
|
+ (DNS_PACKET_AD(p) || DNS_PACKET_DO(p)) && authenticated,
|
|
DNS_PACKET_CD(p),
|
|
l ? ADVERTISE_EXTRA_DATAGRAM_SIZE_MAX : ADVERTISE_DATAGRAM_SIZE_MAX,
|
|
dns_packet_has_nsid_request(p) > 0 && !l);
|
|
--
|
|
2.33.0
|
|
|