interesting
/
getdns
mirror of https://github.com/getdnsapi/getdns.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

no_dnssec_checking_disabled extension for internal use only

This commit is contained in:
Willem Toorop 2017-12-13 12:36:02 +01:00
parent d4ec98ae6d
commit 362d168380
2 changed files with 27 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
src/request-internal.c
View File

@ -84,6 +84,11 @@ getdns_dict dnssec_ok_checking_disabled_avoid_roadblocks_spc = {
getdns_dict *dnssec_ok_checking_disabled_avoid_roadblocks
= &dnssec_ok_checking_disabled_avoid_roadblocks_spc;
getdns_dict no_dnssec_checking_disabled_spc = {
{ RBTREE_NULL, 0, (int (*)(const void *, const void *)) strcmp },
{ NULL, {{ NULL, NULL, NULL }}}
};
getdns_dict *no_dnssec_checking_disabled = &no_dnssec_checking_disabled_spc;
static int
is_extension_set(getdns_dict *extensions, const char *name, int default_value)
@ -94,7 +99,8 @@ is_extension_set(getdns_dict *extensions, const char *name, int default_value)
if ( ! extensions
|| extensions == dnssec_ok_checking_disabled
|| extensions == dnssec_ok_checking_disabled_roadblock_avoidance
|| extensions == dnssec_ok_checking_disabled_avoid_roadblocks)
|| extensions == dnssec_ok_checking_disabled_avoid_roadblocks
|| extensions == no_dnssec_checking_disabled)
return 0;
r = getdns_dict_get_int(extensions, name, &value);
@ -155,7 +161,7 @@ netreq_reset(getdns_network_req *net_req)
static int
network_req_init(getdns_network_req *net_req, getdns_dns_req *owner,
uint16_t request_type, int dnssec_extension_set, int with_opt,
uint16_t request_type, int checking_disabled, int with_opt,
int edns_maximum_udp_payload_size,
uint8_t edns_extended_rcode, uint8_t edns_version, int edns_do_bit,
uint16_t opt_options_size, size_t noptions, getdns_list *options,
@ -240,7 +246,7 @@ network_req_init(getdns_network_req *net_req, getdns_dns_req *owner,
_getdns_reply_dict2wire(owner->context->header, &gbuf, 1);
gldns_buffer_rewind(&gbuf);
_getdns_reply_dict2wire(extensions, &gbuf, 1);
if (dnssec_extension_set) /* We will do validation ourselves */
if (checking_disabled) /* We will do validation ourselves */
GLDNS_CD_SET(net_req->query);
if (with_opt) {
@ -762,8 +768,22 @@ _getdns_dns_req_new(getdns_context *context, getdns_eventloop *loop,
*/
size_t max_query_sz, max_response_sz, netreq_sz, dnsreq_base_sz;
uint8_t *region, *suffixes;
int checking_disabled = dnssec_extension_set;
if (extensions == dnssec_ok_checking_disabled ||
if (extensions == no_dnssec_checking_disabled) {
dnssec_return_status = 0;
dnssec_return_only_secure = 0;
dnssec_return_all_statuses = 0;
dnssec_return_full_validation_chain = 0;
dnssec_return_validation_chain = 0;
dnssec_extension_set = 0;
#ifdef DNSSEC_ROADBLOCK_AVOIDANCE
dnssec_roadblock_avoidance = 0;
avoid_dnssec_roadblocks = 0;
#endif
extensions = NULL;
checking_disabled = 1;
} else if (extensions == dnssec_ok_checking_disabled ||
extensions == dnssec_ok_checking_disabled_roadblock_avoidance ||
extensions == dnssec_ok_checking_disabled_avoid_roadblocks)
extensions = NULL;
@ -973,7 +993,7 @@ _getdns_dns_req_new(getdns_context *context, getdns_eventloop *loop,
result->chain = NULL;
network_req_init(result->netreqs[0], result,
request_type, dnssec_extension_set, with_opt,
request_type, checking_disabled, with_opt,
edns_maximum_udp_payload_size,
edns_extended_rcode, edns_version, edns_do_bit,
(uint16_t) opt_options_size, noptions, options,
@ -984,7 +1004,7 @@ _getdns_dns_req_new(getdns_context *context, getdns_eventloop *loop,
network_req_init(result->netreqs[1], result,
( request_type == GETDNS_RRTYPE_A
? GETDNS_RRTYPE_AAAA : GETDNS_RRTYPE_A ),
dnssec_extension_set, with_opt,
checking_disabled, with_opt,
edns_maximum_udp_payload_size,
edns_extended_rcode, edns_version, edns_do_bit,
(uint16_t) opt_options_size, noptions, options,

1
src/types-internal.h
View File

@ -425,6 +425,7 @@ typedef struct getdns_dns_req {
extern getdns_dict *dnssec_ok_checking_disabled;
extern getdns_dict *dnssec_ok_checking_disabled_roadblock_avoidance;
extern getdns_dict *dnssec_ok_checking_disabled_avoid_roadblocks;
extern getdns_dict *no_dnssec_checking_disabled;
/* dns request utils */
getdns_dns_req *_getdns_dns_req_new(getdns_context *context, getdns_eventloop *loop,