BIND 10 trac1386, updated. ff3a2e359264e4089a989eb60b1832e753663878 [1386] EDNS TCP fallback disabled. NB: I still think it might be useful in DNSSEC situation when the resolver fully supports DNSSEC-aware clients.
BIND 10 source code commits
bind10-changes at lists.isc.org
Mon Dec 19 17:22:25 UTC 2011
The branch, trac1386 has been updated
via ff3a2e359264e4089a989eb60b1832e753663878 (commit)
from 7d90bbbc9310e7e539e2e9898e6334993e66bd1f (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit ff3a2e359264e4089a989eb60b1832e753663878
Author: Dima Volodin <dvv at isc.org>
Date: Mon Dec 19 11:41:31 2011 -0500
[1386] EDNS TCP fallback disabled. NB: I still think it might be
useful in DNSSEC situation when the resolver fully supports
DNSSEC-aware clients.
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 3 ++-
src/lib/resolve/recursive_query.cc | 8 +++-----
.../resolve/tests/recursive_query_unittest_3.cc | 14 +++-----------
3 files changed, 8 insertions(+), 17 deletions(-)
-----------------------------------------------------------------------
diff --git a/ChangeLog b/ChangeLog
index 2a48f63..e918c15 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,6 @@
xxx. [bug] dvv
- resolver: EDNS fallback on FORMERR
+ resolver: If an upstream server responds with FORMERR to an EDNS query,
+ try querying it without EDNS.
(Trac #1386, git TBD)
342. [bug] stephen
diff --git a/src/lib/resolve/recursive_query.cc b/src/lib/resolve/recursive_query.cc
index 3b33943..a00f17f 100644
--- a/src/lib/resolve/recursive_query.cc
+++ b/src/lib/resolve/recursive_query.cc
@@ -558,11 +558,9 @@ private:
// see if it's a FORMERR and a potential EDNS problem
if (incoming.getRcode() == Rcode::FORMERR()) {
if (protocol_ == IOFetch::UDP && edns_) {
- // try EDNS over TCP
- send(IOFetch::TCP, true);
- return (false);
- } else if (protocol_ == IOFetch::TCP && edns_) {
- // try UDP, no EDNS
+ // TODO: in case we absolutely need EDNS (i.e. for DNSSEC
+ // aware queries), we might want to try TCP before we give
+ // up. For now, just try UDP, no EDNS
send(IOFetch::UDP, false);
return (false);
}
diff --git a/src/lib/resolve/tests/recursive_query_unittest_3.cc b/src/lib/resolve/tests/recursive_query_unittest_3.cc
index bcf472c..3602b03 100644
--- a/src/lib/resolve/tests/recursive_query_unittest_3.cc
+++ b/src/lib/resolve/tests/recursive_query_unittest_3.cc
@@ -101,8 +101,7 @@ public:
enum QueryStatus {
NONE = 0, ///< Default
EDNS_UDP = 1, ///< EDNS query over UDP
- EDNS_TCP = 2, ///< EDNS query over TCP
- NON_EDNS_UDP = 3, ///< Non-EDNS query over UDP
+ NON_EDNS_UDP = 2, ///< Non-EDNS query over UDP
COMPLETE = 6 ///< Query is complete
};
@@ -225,7 +224,7 @@ public:
EXPECT_TRUE(query.getEDNS());
// Return FORMERROR
setFORMERR(message);
- expected_ = EDNS_TCP;
+ expected_ = NON_EDNS_UDP;
break;
case NON_EDNS_UDP:
@@ -346,14 +345,7 @@ public:
// Set up state-dependent bits:
switch (expected_) {
- case EDNS_TCP:
- EXPECT_TRUE(query.getEDNS());
- // Return FORMERROR
- setFORMERR(message);
- expected_ = NON_EDNS_UDP;
- break;
-
- default:
+ default:
FAIL() << "TcpReceiveHandler called with unknown state";
}
More information about the bind10-changes
mailing list