diff options
| author | Adam Tkac <atkac@redhat.com> | 2009-07-27 07:33:48 -0700 |
|---|---|---|
| committer | Ulrich Drepper <drepper@redhat.com> | 2009-07-27 07:33:48 -0700 |
| commit | 2d0671cbbdade9013d6fd5153d01bd5e1d3f60cb (patch) | |
| tree | 6dec9333bf00d6bbf468bd6280ee4162e87f3450 /resolv | |
| parent | 09cd1f575476a48b262e4e45997bb56753f9d4f5 (diff) | |
Define and implement RES_USE_DNSSEC option in resolver.
Diffstat (limited to 'resolv')
| -rw-r--r-- | resolv/res_debug.c | 2 | ||||
| -rw-r--r-- | resolv/res_mkquery.c | 10 | ||||
| -rw-r--r-- | resolv/res_query.c | 8 | ||||
| -rw-r--r-- | resolv/resolv.h | 1 |
4 files changed, 16 insertions, 5 deletions
diff --git a/resolv/res_debug.c b/resolv/res_debug.c index c38de640a5..f7996a71da 100644 --- a/resolv/res_debug.c +++ b/resolv/res_debug.c @@ -586,6 +586,8 @@ p_option(u_long option) { case RES_ROTATE: return "rotate"; case RES_NOCHECKNAME: return "no-check-names"; case RES_USEBSTRING: return "ip6-bytstring"; + case RES_USE_EDNS0: return "edns0"; + case RES_USE_DNSSEC: return "dnssec"; /* XXX nonreentrant */ default: sprintf(nbuf, "?0x%lx?", (u_long)option); return (nbuf); diff --git a/resolv/res_mkquery.c b/resolv/res_mkquery.c index 2dda4c0f45..2bc2d2497f 100644 --- a/resolv/res_mkquery.c +++ b/resolv/res_mkquery.c @@ -247,7 +247,15 @@ __res_nopt(res_state statp, NS_PUT16(MIN(anslen, 0xffff), cp); /* CLASS = UDP payload size */ *cp++ = NOERROR; /* extended RCODE */ *cp++ = 0; /* EDNS version */ - /* XXX Once we support DNSSEC we change the flag value here. */ + + if (statp->options & RES_USE_DNSSEC) { +#ifdef DEBUG + if (statp->options & RES_DEBUG) + printf(";; res_opt()... ENDS0 DNSSEC\n"); +#endif + flags |= NS_OPT_DNSSEC_OK; + } + NS_PUT16(flags, cp); NS_PUT16(0, cp); /* RDLEN */ hp->arcount = htons(ntohs(hp->arcount) + 1); diff --git a/resolv/res_query.c b/resolv/res_query.c index 9ffb3e3685..5ff352e2fc 100644 --- a/resolv/res_query.c +++ b/resolv/res_query.c @@ -147,7 +147,7 @@ __libc_res_nquery(res_state statp, if (n > 0) { if ((oflags & RES_F_EDNS0ERR) == 0 - && (statp->options & RES_USE_EDNS0) != 0) + && (statp->options & (RES_USE_EDNS0|RES_USE_DNSSEC)) != 0) { n = __res_nopt(statp, n, query1, bufsize, anslen / 2); if (n < 0) @@ -169,7 +169,7 @@ __libc_res_nquery(res_state statp, NULL, query2, bufsize - nused); if (n > 0 && (oflags & RES_F_EDNS0ERR) == 0 - && (statp->options & RES_USE_EDNS0) != 0) + && (statp->options & (RES_USE_EDNS0|RES_USE_DNSSEC)) != 0) n = __res_nopt(statp, n, query2, bufsize - nused - n, anslen / 2); nquery2 = n; @@ -184,7 +184,7 @@ __libc_res_nquery(res_state statp, if (n > 0 && (oflags & RES_F_EDNS0ERR) == 0 - && (statp->options & RES_USE_EDNS0) != 0) + && (statp->options & (RES_USE_EDNS0|RES_USE_DNSSEC)) != 0) n = __res_nopt(statp, n, query1, bufsize, anslen); nquery1 = n; @@ -203,7 +203,7 @@ __libc_res_nquery(res_state statp, } if (__builtin_expect (n <= 0, 0)) { /* If the query choked with EDNS0, retry without EDNS0. */ - if ((statp->options & RES_USE_EDNS0) != 0 + if ((statp->options & (RES_USE_EDNS0|RES_USE_DNSSEC)) != 0 && ((oflags ^ statp->_flags) & RES_F_EDNS0ERR) != 0) { statp->_flags |= RES_F_EDNS0ERR; #ifdef DEBUG diff --git a/resolv/resolv.h b/resolv/resolv.h index 3ef714f458..e49c29d2fe 100644 --- a/resolv/resolv.h +++ b/resolv/resolv.h @@ -218,6 +218,7 @@ struct res_sym { #define RES_SNGLKUP 0x00200000 /* one outstanding request at a time */ #define RES_SNGLKUPREOP 0x00400000 /* -"-, but open new socket for each request */ +#define RES_USE_DNSSEC 0x00800000 /* use DNSSEC using OK bit in OPT */ #define RES_DEFAULT (RES_RECURSE|RES_DEFNAMES|RES_DNSRCH|RES_NOIP6DOTINT) |