Case-sensitive matching of questions and answers.

When checking that an answer is the answer to the question that
we asked, compare the name in a case-sensitive manner.

Clients can set the letters in a query to a random pattern of
uppercase and lowercase to add more randomness as protection against
cache-poisoning attacks, and we don't want to nullify that.

This actually restores the status quo before
commit ed6d29a784
since matching questions and answers using a checksum
can't help but be case sensitive.

This patch is a preparation for introducing DNS-0x20
in the dnsmasq query path.

src/forward.c

@@ -1999,12 +1999,14 @@ static ssize_t tcp_talk(int first, int last, int start, unsigned char *packet,
 	    continue;
 	}
 
-      /* If the question section of the reply doesn't match the crc we sent, then
+      /* If the question section of the reply doesn't match the question we sent, then
 	 someone might be attempting to insert bogus values into the cache by 
-	 sending replies containing questions and bogus answers. 
+	 sending replies containing questions and bogus answers.
+	 We compare the query name in a case sensitive manner, so that
+	 DNS-0x20 encoding is effective.
 	 Try another server, or give up */
       p = (unsigned char *)(header+1);
-      if (extract_name(header, rsize, &p, daemon->namebuff, 0, 4) != 1)
+      if (extract_name(header, rsize, &p, daemon->namebuff, -1, 4) != 1)
 	continue;
       GETSHORT(rtype, p); 
       GETSHORT(rclass, p);
@@ -3045,8 +3047,9 @@ static struct frec *lookup_frec(char *target, int class, int rrtype, int id, int
       {
 	unsigned char *p = (unsigned char *)(header+1);
 	int hclass, hrrtype;
-		   
-	if (extract_name(header, f->stash_len, &p, target, 0, 4) != 1)
+
+	/* Case sensitive compare for DNS-0x20 encoding. */
+	if (extract_name(header, f->stash_len, &p, target, -1, 4) != 1)
 	  continue;
 		   
 	GETSHORT(hrrtype, p);