Tidy up replies to non-QUERY DNS opcodes in auth mode.

2025-12-24 12:48:32 +00:00 · 2025-04-22 18:07:24 +01:00
parent cfa1313e1f
commit 9e67099ce7
3 changed files with 51 additions and 29 deletions
--- a/src/cache.c
+++ b/src/cache.c
@@ -2180,7 +2180,8 @@ void log_query(unsigned int flags, char *name, union all_addr *addr, char *arg,
  char *extra = "";
  char *gap = " ";
  char portstring[7]; /* space for #<portnum> */
-  
+  char opcodestring[3]; /* maximum is 15 */
+
  if (!option_bool(OPT_LOG))
    return;

@@ -2189,7 +2190,7 @@ void log_query(unsigned int flags, char *name, union all_addr *addr, char *arg,
    return;

  /* build query type string if requested */
-  if (!(flags & (F_SERVER | F_IPSET)) && type > 0)
+  if (!(flags & (F_SERVER | F_IPSET | F_QUERY)) && type > 0)
    arg = querystr(arg, type);

  dest = arg;
@@ -2282,6 +2283,8 @@ void log_query(unsigned int flags, char *name, union all_addr *addr, char *arg,
    source = arg;
  else if (flags & F_UPSTREAM)
    source = "reply";
+  else if (flags & F_AUTH)
+    source = "auth";
  else if (flags & F_SECSTAT)
    {
      if (addr && addr->log.ede != EDE_UNSET && option_bool(OPT_EXTRALOG))
@@ -2292,8 +2295,6 @@ void log_query(unsigned int flags, char *name, union all_addr *addr, char *arg,
      source = "validation";
      dest = arg;
    }
-  else if (flags & F_AUTH)
-    source = "auth";
  else if (flags & F_DNSSEC)
    {
      source = arg;
@@ -2304,11 +2305,6 @@ void log_query(unsigned int flags, char *name, union all_addr *addr, char *arg,
      source = "forwarded";
      verb = "to";
    }
-  else if (flags & F_QUERY)
-    {
-      source = arg;
-      verb = "from";
-    }
  else if (flags & F_IPSET)
    {
      source = type ? "ipset add" : "nftset add";
@@ -2320,7 +2316,21 @@ void log_query(unsigned int flags, char *name, union all_addr *addr, char *arg,
    source = "cached-stale";
  else
    source = "cached";
-  
+
+  if (flags & F_QUERY)
+    {
+      if (flags & F_CONFIG)
+	{
+	  sprintf(opcodestring, "%u", type & 0xf);
+	  source = "non-query opcode";
+	  name = opcodestring;
+	}
+      else if (!(flags & F_AUTH))
+	source = "query";
+      
+      verb = "from";
+    }
+
  if (!name)
    gap = name = "";
  else if (!name[0])