Pi-Hole/dnsmasq
1
0
Fork 0
mirror of https://github.com/pi-hole/dnsmasq.git synced 2025-12-19 10:18:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add --no-0x20-encode config option.

Browse Source 
The "bit 0x20 encoding" implemented in 995a16ca0c
can interact badly with (hopefully) rare broken upstream servers. Provide
an option to turn it off and a log message to give a clue as to why DNS service
is non-functional.
This commit is contained in:
Simon Kelley
2025-02-03 21:02:12 +00:00
parent 1f84cde024
commit 5226b712a3
6 changed files with 62 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
src/forward.c
View File

@@ -326,7 +326,7 @@ static void forward_query(int udpfd, union mysockaddr *udpaddr,
forward->new_id = get_id();
header->id = ntohs(forward->new_id);
forward->encode_bitmap = rand32();
forward->encode_bitmap = option_bool(OPT_NO_0x20) ? 0 : rand32();
p = (unsigned char *)(header+1);
if (!extract_name(header, plen, &p, NULL, EXTR_NAME_FLIP, forward->encode_bitmap))
goto reply;
@@ -2016,7 +2016,7 @@ static ssize_t tcp_talk(int first, int last, int start, unsigned char *packet,
sending replies containing questions and bogus answers.
Try another server, or give up */
p = (unsigned char *)(header+1);
if (extract_name(header, rsize, &p, daemon->namebuff, EXTR_NAME_NOCASE, 4) != 1)
if (extract_name(header, rsize, &p, daemon->namebuff, EXTR_NAME_COMPARE, 4) != 1)
continue;
GETSHORT(rtype, p);
GETSHORT(rclass, p);
@@ -3057,22 +3057,35 @@ static struct frec *lookup_frec(char *target, int class, int rrtype, int id, int
(header = blockdata_retrieve(f->stash, f->stash_len, NULL)))
{
unsigned char *p = (unsigned char *)(header+1);
int hclass, hrrtype;
int hclass, hrrtype, rc;
/* Case sensitive compare for DNS-0x20 encoding. */
if (extract_name(header, f->stash_len, &p, target, EXTR_NAME_NOCASE, 4) != 1)
continue;
GETSHORT(hrrtype, p);
GETSHORT(hclass, p);
/* type checked by flags for DNSSEC queries. */
if (rrtype != -1 && rrtype != hrrtype)
continue;
if (class != hclass)
continue;
if ((rc = extract_name(header, f->stash_len, &p, target, option_bool(OPT_NO_0x20) ? EXTR_NAME_COMPARE : EXTR_NAME_NOCASE, 4)))
{
GETSHORT(hrrtype, p);
GETSHORT(hclass, p);
/* type checked by flags for DNSSEC queries. */
if (rrtype != -1 && rrtype != hrrtype)
continue;
if (class != hclass)
continue;
}
if (rc != 1)
{
static int warned = 0;
if (rc == 3 && !warned)
{
my_syslog(LOG_WARNING, _("Case mismatch in DNS reply - check bit 0x20 encoding."));
warned = 1;
}
continue;
}
return f;
}