From 7e614bc534b2c69ae70dbf7a93d4441b7b42da46 Mon Sep 17 00:00:00 2001
From: Willem Toorop <willem@nlnetlabs.nl>
Date: Mon, 11 Jul 2016 15:13:40 +0200
Subject: [PATCH] More conventional server DNSSEC behaviour

+ documentation of behaviour
---
 project-doc/getdns_query-deamon-behaviour.ods | Bin 0 -> 17609 bytes
 project-doc/getdns_query-deamon-behaviour.pdf | Bin 0 -> 13995 bytes
 src/convert.c                                 |  35 ++++-
 .../getdns_context_set_listen_addresses.c     |  66 +++++++++
 src/test/getdns_query.c                       | 128 ++++++++++++++----
 5 files changed, 202 insertions(+), 27 deletions(-)
 create mode 100644 project-doc/getdns_query-deamon-behaviour.ods
 create mode 100644 project-doc/getdns_query-deamon-behaviour.pdf

diff --git a/project-doc/getdns_query-deamon-behaviour.ods b/project-doc/getdns_query-deamon-behaviour.ods
new file mode 100644
index 0000000000000000000000000000000000000000..041cebc754bfe60ac255409c9d2c70f5e6687f21
GIT binary patch
literal 17609
zcmb8X19&Cd(mxzK6Wg{iv2EM7ZQGgH6Whte$s`lowr%6f-1j~AoO|DM@ALnvpYGjz
z@2*<Cs@JMt)#_DCP7)Xd82|tR0N_IFKrGmbJ%Sbh0O0rj`4fP(xwWyAyPdJVot>4r
zp}v#3tqq-vjS;P_zN5J#t*xE0jghUPv$e5}6Ro42gR#DmqnWX>lia_^WE5~M^d|-Y
z_`Rcl%2YCQwl=WQH@9-6bNb_y*3QN>Tuw$5777#U^AcEbF(HM|&!x}(0|NN-D47&!
z3jhH0CMTsN3<wAa28#xbfPn@1c_}F&1}Xs#0R=fZH4P&*BMT!96$cX~Gb7{IuWZb0
zUzs`BxmdrlF>-KnFmdv5Q?UuLa0;*sN^nak@XDzRex(uMVio4+Q0Avql;9B)6Bm(G
zmXMQ`P*zoz6j7E@QInTYQc_Y-(v(+IRnpYdP*l)R*3eN?*3{ILR5Ov(vQySHlF_r2
zF>q2hFjqBo)|ZttRhKqUlrz*&G|<+t)RD8%*09$QbI?{W*4MVwSF|+HbT^cCHB~h?
zH#f0%w6(J}cW`sEFtE3_^sq8?w=r{fuyA#C)v@;1vJcR=@iTD^we*g6^bB(F3HR{!
zxART34v4k(|K{i)?d>1v6&T?Xn(7{x;}QMcJE73uN<GwGGr(3a)Wy`_#XiWx!QaO-
z(%UZF*W;U)d4O+VsGn<~zjutkb7X*LTA)pOh*NI3OL3x?pPye~a71uebY!r9bXag?
zWMn|pw}9yM$e8%BxY&q<^rWcZ^n~z~l$79<;?V5c<jnlIoVuvo(&+rA^zWtd`So!H
zt=~$TzLmCS6xC*xHe^(EX4bS7#rhQ_2IMD&7pI37q(+n_1y&@7m!}1kXG9cae5=ih
z$ji*F&W$Ylp4OBf{i8U!t0t$Uq@=L2v8=A8sj{H8uB^VkzP7Qgv8AcuM@L&@O=oL;
zYinC-<<HE9{-Tzl@6A(%9h0S<lMU^^O1j6(e@?gj9Bvv~?3`ZjnAqx=+3l%F`c;=X
z_@ku1y<xhoq`RYg_-D&vPsPGO^VVq7{!B-I|3Kg9+|cy$%s}_-Nbk(p;L>>S(!}88
z#MJWi(ER-T;Nsq|^~;&novHPs<@K$_jpNC+%jJW$(XET&ovWpt<K?5fmCKidrNO<`
z*~_(ov(542?WOC@(VM-wtNrEs!`Yjo)#tON*Q@oNot>?{<DJ9Z-J`SPy{)sO-IJ4(
zozt8B^T*@!tD}p@qub}3v;F(az1yqP$E*G4+tZtyo9p|ho2S>O`|H=I+xPc($5Npl
z0007BaUp&sx8*Z$ST!WqRyxm#mg1(BgC$Sb3k^>XC=mZ)2_Zq0wd@iYP_6z5jsuN|
z05o1)2WnjlNnQwkiQ1E6i)!3Tt-i}S!$yTd0d1IwX^4u@Ai~%cFr@JN#SB`+W5|A(
zME4vfBnTtYL=1u+3)!DGqoeJKqtzE5A3m@9Z(T?LNZvz1AU{Vh$=iWe@12}(a%z(t
zFUUTw4vFf&v{|kCyZ|~koi1bbfy7%o_|({XvJJlP)eD!Sp88-y&qwGxZZmPna<nmb
z7-68gYb7+?9D)}dy28pT^WfLHh)*wXz~tn-DDB*s^&Q!<QMx~03-Y^c)^FT5Rlx)h
zfjZ*XpXP8KpDJ8O>lzZ6Da~EBz~R5TF6em4Wfi*ei#=Zca%LKWA4wVFpHw1tSL1j&
zgG=AVulue9b2Q9?d$3gK{B_@d&Z0`q$0?Ni&{Y)=dr8&EE>*bEhBOGqH;pTi?X@Nj
zha-vYaqswp0(yo<Krj~6#eH^(gAq7MiO4LRM+~)LOXGALT&O5kV!7ojZ65iqTJGsr
z)2{;qooLgSa&gg87FQtFI|UW*qoI~qqB?lIFup1;hWLS@c}#8%aojo#VeQaS<oDy7
zhcfITEPjpfG%g%x1nepn8(~AO*c@$LfGhJ%K?rizrArN!D>`8m)Rf4ASh-*;MV|CV
zDCAAnmqaitE(?!fDv*1q$6D%Gy^|H7xgcfj0!5+;TLyKF+-At)VNWurM`$M(xY4*v
zq=J~>yUK*C@E)*w(5vZ@mI55vv;ns<>_0kpyFJ~U4P~-WLIummaLPsE&5bT#&{7QF
z@Cs+kJ*rPb>IBp^CDl7_Tn*do=BVh7E**y=TkW1Uw{?!SDq-mQ`ZHa?9AI^(VcT`K
zVe6tSYXd949SlDj7@3j-K2NgGhIS*Ad^HPVMUaz0!3VXGe?QQBA6~TlI5_!LPH8W_
z%gSOTnpa}OfAMHmaWuY$GOg@CR*S3Hk%P4Muo2myAF85}+11v-m!|Zr5YMQu8Z49-
z{Hx=}lYgd2qDjZ@3zE1lW4ja1d3ZaY%LfIs(ZDa3Ti-zjqsjyf<~oFn712E6=z4%J
zT^ExWpv<cAR#6chJX~@#O@XYY+V>RLp-)QWCOE=Pr&){IOk1z5P{em_Zp`JEz7-1J
z&Oe+^T~p@g!opLI%MXCUKiG@x?QNsRHSWDud`cCC-I*rMQK6Qa<#q5mA1Ty&X+@gP
z@Nm2?U-y#Zs-l`Xz7}%~$oO;QQOao|F&|DY!B{tn<-mx(pX=sxTK2UFYdkHVB3fsN
zlh}~Q5{bkGI}H?tARVY8Tbd$D>L|Xoa;YoYJ?^sA+2ZdoJ8vBorzn}DvCtkV3$rkX
z&Yn(10TGyf>5YHTeQqb(Z$KNQl{2g=ES9n##lTZeNjmmxmn(9S*cymzJKOsu;X!W=
zi1jukA|2+iEs-`YfUByN%R`O~t4Cf<n0Zs7Roo8H-?YDtOUY2D(i1#=0joOT)BFqQ
zA(jQHuLD}e*dD9HoV@y!%tE3IkKHE!C*n%*eqCKvsOg;|ZqXcBd(AWB(mc&#GV*ck
zyJ}O?`$}ula;}S&^wRcgZ)OfFs6mDT>rj(Tf_z&O$9t3BEk(?YS-d&<8#hIU0y(7A
zJ{wx1HRhAY0o~x?h3wKX+sc)w_jg^xu5I{k1?+|Rgo#dz#2ZbnH|wmZaeDqN*w;rJ
z4c3@Zxqf2EieW>kB?f<KB%EkqJm}2H@7TLMa*E-e(Wg3Yrb5*xc~O*4FI6jo-?}#o
zzEiD)V7y+Zs5IDV-UAD>l!Gv6QCKpSjI>rt6pF*n1r>>^gObGz#1gcnLb(^GLiW2(
zRjnK>@UN#03HRNrzg{mz*F178_&=d4OiCxNcnA#VvoPJCTd|Y2yxpoo)?-md2uMsZ
z7#+-PZkkq+wTpRuP4TaQxaQfJT?!p^_A%Openm@hp9f~7l!QYSFcEBeRk#8ioh2sJ
z7T=2?+*OC6iN;sxk6Vjjq%*N&muyX+)@rsLW1&0F${Y{T+03CSYwWih2WBtUNP&J+
zI~mS1MZt@cAA74D5)F{bGrwuOGbIYqrWRvTnPBTpRqnneF$6-&G6kci2wtFx#~b>w
zR(m#P9VozSl7conNE`SQ-&6YGY~^xGIp6AKjZxq}ag58DcWHE{x_&^zR6P7D%3Oyg
ziN4tRiH;_51|yARvosWyP&gBuIbPCDG1XMwC^^O>@^~YR(01wjCJ_Z<A(O<^U_XuF
zV5d|_rpQ9QKseS=RP|K98fh_;W~?9YNO>S=W<OKY0_M1>B86#6TgLTXnsN{7W4&}m
zF``j^6$MHK_YOxs_Ek?}mFXK;XGZVqcVS$oqN>`<SdkTKep#HAlODyJetcfph%nX<
zY*=l6W}<2C2h&X1;D{d*o_WYe3GVaiAoe>bHbz!i&YAFhB2f68c2EK|s~q)L$JFq&
zzZ4@BE3qwr8E1*VJI^-@82Wdz@8lyO#<BH>u~CNWjWWITlWjXErkjQokjd%DzFC7P
zbmQm-NuE5)z!cE7WlvjJy=^}R?Y<Z+@<OYtZQzE`R`ik@U=0neh!`A4;U75|(|W$W
zpI+UVYQ9q)RtWdEa;i@COB`hZA<d`dscnKtmxi({J&vzIj&nTWo7G4c($?~1<uG_f
zP=@oPP68#4PMnW`aNTu$<$~DFY_Ib&7^EdMpHwoc%I4(3oTxVRu<#=#Wu!d9Ekq)%
zU?T9{kC##7i$fy5GxQ`1Cz=hOC>9VVgR6`A75IYy3rX+fwD(63g#haY;V3Ho%%1sS
zeQ|~afIvS+cHU(+Xw;M$PpV7GkoH|vf+o@&hB*Z56);oS577J0YKd(4x=|5&3CelQ
z`)a#d{B(h$Uvhh0BL#5%Afy}<QBO~x?N#ZBa&}O0dxgD70xHtp(vACBu4VYYauj)8
z-ld*qx`1V2?<MA`=WlDk-XIMUIO?I458aT>O3B(qOrYD~uYh|4Mol!l2R&@+*qs&P
z{EB6+`N*(+%DoyF23Os@n|K}FQihJC!WJG<op>Rt>B6GMPHyls*s6KeWoi0Qx!~(G
z5xMR$k(R#9-;H(gEV-kSZYG6r;g4|T$KJ08%;qMI%Hg@Yf8FUiAqAO}w#dei1KD8#
z34v9x0klLdy1`wN9nI<S1@+xuSlTJBPd`XCDuRk<wB8djx+8WbMT1Ti0of{ozLggX
zd>G_7V2T%3yNy~s97&3sVrfAyQ1qi=Qxg?&+q}D&xb892>f;j;>Hf&+o!nZ)acdf9
zM)RT8@l_ba4>&Zep{k@hItHW7Y9#O2y?e+GS;}mG=hbO;kB$1q+ZeHhLbYwssi&nw
zO-ewTqG+4ml*L<|-9eCa(_L5+#JzqpYGoqtsp2ALlwD!%^kQ*uxj18w4UQKj(#3l-
zfFBFPXo=yNtcfBq|E0J)$k{{*DpM|h^UKlDwL#>=;BEyvao!d@6Tj!pllcDZ1B3rE
z(3}LUE6V1277djbJti7ceDF`#8(ivQ)Y-H+-Vq+?NOtbKKKD29t64h4joNE<*+x)B
zRnQ-Psrc0s+!OmJ=r@%2r}`#O;m-FZp9QkQ_w#BhmBX%*fV8yHc5HjYBqY@(F+^8h
zD}X65TAs{{&!bxP7`-;=-?_k{3d#Gu=rKRPrSXEfJH?f%gTqwR+H%{wel`$SsLV}y
zzWjT@x(eO8#Q-@{QL7AfPK#~QOhq!DUOHd8sX(e~HTBeEPv3r%F1jLtbK;Y`U<ZpD
z8Is@4qiW%xismwVq1k=^&U>>||J_-~$a{)j;#F45luim!y?==(d|~hui%4E%P8XEW
z*yMQ6>}c02A252i8t9gszJXwU;^f5;zH1y8+NeygXznYmNz!Euq?DTJOEAo8DDJrx
zW`S7#!yu;GyOd*?b55&%9eZOXe|OHBq9?rANB_R3PR`Dk_TtRtN%m7?7=w&q&dc+`
zad(0Kd3DDtZ8}5vPfdQft)cFF%V<B|G^6XtH>!=6B;|uXld(*6j`?czOq`75Q12tl
z{USNL)iEUvjEPUn@QfM_kTR5=*mZ+%s}1E%sChu=f=KOpcwzE|xlWu`XL$xMqS?5_
zoKaKBZyRt@iOx&0m6UG);Fv7n7H#wMYUY3xUMWLBwssPnf5rSDiF5e2LI7v|v&tj-
zG#NzJbQZDiP^onE6$Wo)!Y2GGZ#!eEmrWn$8Fxa%C0(MYP8Pw#ejfwT_25nt^t!$X
zN9COJl4odQ@$UH+=g~de!GaN(;_-bykzB()=$t0;gb%e^jCwFGx5Vb>dsOV({ko#A
z!NOM&_>b{Z&6@dOaEyM=fam=l`po=Wi?M>Z@H$uXfUr@f*-prtXZGlt!%&JHek=V(
zse5ln^L}wuSCsSJs@tuBGGXtDOtvXKXqwV&b)siBqUZo`BWshXD<p0!qxt<K3mw@t
zOzkloMAeG-N$}M<Ihq-&1Tr<^O+M?7RO@y{&Da%7%QA}|pS*dX{$<w5SAYTyMa^<6
zLn17Nc?hSSX`k&p0ENo?&X~oEiC2a}q9B+Hqdme?5AVsClhO4h$onsit<lRX;Tw6>
zlCkoY^FVh+=dR7s8vd3)W{&hZFqYdzO(MzROc(nz8%I)|dQN0x_e`7M3%#DkjwFmx
zTJ+io-O_rGyUIo-#>JE=+sH;wPV$lMGr?o}M;1JyE1aX6@VtXLS_fL%Lk1j=U;JS~
zZpX~bj*51WEnT?JN+<k8GSwaOer@Z#a7!-cxF7fKc<&#f296pj12Q@sbK(({n`brR
z<WW&MU^5It4<^2)RnJrUUTVW^BQ@pPw$#(lV0`_eqp=eXKBWqTaY|lz0bS?k<%oHB
zAcrYyJNg>n7e0WG!pW^<W8#F7-`<S>f?xtJ1{=WWVBsmE_Nvz5qr#<dXRW4Xz{o5a
zuP`XE{Y=#fuyZV!KwL2H?d*%rTWz~>m{)SIxw}Vu5&!hNk6)cw9mk`PGIAclk<_?(
zyHBqeawO)9tyOLc?OK<_6WZdjLlZxL5SKLQ=MW><n?h3tp%Nzzc;+JL&|TxIZ$Kr_
zsp1(q^nFc^T{zi51XlN)(Z3T0`Np{zkjZ4HnYlEW$8^E~=<D)f2nY0>Zgde3S#@qY
zdoogJwlZdZCEgb6ML&!hR!3sCJ3flGo#^513XW^jzRk_pd>AoyqAL}g$u$0B3dR)(
zCp%py-)2z@{6T1`*d|n+&6)JDlv}WC3pi_u2)P~|!CumXxz{_P9z}lK!`o2pDr3rf
zW+Xy#h@^aX3x_{~q|JdBd~P^u&iI$bR~_9eNfKW?++TD*K$)*i%RZG^kgRTJYBfVY
z<kF_-R~M}!{Z-t>#iE3`H<zTl>?{-zI*wZe)*CfrVZr5^jL1bA%Qc%R*Zkz_AKhGW
zIxS*uFq_)Q{!GNGU8l<gdftT>K@gg+9<*H18Bo1KK)#|a#KZAn_Ur;mOVHCl6j;>N
zGxl^|Yu@8{f2?99I%2Z+^|Z-svE(qa-~QD_Zi25LLemba*x`7>zMQkV8eR<V!X0rE
z`MF>5;w5TAv2A~Lm$AVqZvU?Q(B~z;{k^QtS7z*6Zt6M0%`DnN-3w~wPALsK>sRo*
zv0ljSRSp2ImArbKGk>A|H2re8i|&^`#TApXH12}v7R%IksT;4r8=giU32&|0ule;m
zbu=}%LP3lYZ_mr8Om_4%^}7>UHXQZNAlENU862sadYh}OHWxHvRsfE*gOY%NQSjb}
zwm?Ar=f7SB`S_N{KF6`TNYa6T5=zH%?i3ip7|5CY){O|-(BUtc)(atUK^=gB-cvSm
zo($u1zKus!*sV-XFzPLDF=WMab1Okq&M91#<zb!6flC43qTUsCoWw|xS2TLmA-Q$I
z#SP_{$ZW69l0<op$rv+?duBI52&-I==~5vl?INCz<-&-{;OHiQOUKZyFmpV(1AV?c
zG#zTGY}1d2tKeC6)}-*UWT(0rwZ@)XdfSu%>Y_NGJshtF`H|=jCWc^qcefq2VaXA?
z)>^F|tQs+K&=CEY(#c2K(3&%)yMdq5>76*tg@sLHEwUJZ7N_fKT189s(&I{X;<a76
zRtA8krlIP<#HHE82Rh;JvHWpl3U6n&^JP-fVVv(24cE;ZFbijW&wt@T+)3C3gh-cZ
z+ZIH>s^c3G=s0@NDthc`CrVU%CJYO7A;}{cNQ=iIG=2X?VtbTQ%gwVtP&<z|li$f)
zR2bCj`zT)Eqw_r*ejDOY=3ctceir{>80H1&4?JN^8&SeT%~@hm2})YvGzI@YqG(Zg
z5NkU@6`D&nEC(Wu32)-&KJdYB3{vHIOoI*2a@;!AzLsAWDMj7hFnTYy#85UdevoYM
zhFz#aJ=PQ9ZR)Q|Sv1PNE*bd9a?|o1QIko`dplwxcD)RG5@n}H@DpnmlB8{?>^zh0
zl(xKFKKA9bxF6F8D6?!$H~TgC>3>_$6%<u<c7k!ZZW=_YrrRtnEs5rAy_SYixOwo^
z8!gXlMns>8!?(<S>4nSZm;tAFm^i{Jb#j+Ra3K(DDIk7;$$TjuRZY@rbm%JEyPJI`
z2X!qs>+Qt2TPL!VuTSTEOH1-B(ZoFGu+CRr6JMO2#r4pq=eIuY7V9}@F2T}RwQ#GT
zfdz^Tjm}zC_Ui|8&VUoi|3?E91zVcLs!-P%_h9v`m-Kx@U1~aiK@UOkyNdqSzi)#t
zsf^yFE!v@<vKD6!@^a#dC^z>6pso*L>C9W+_1;W7!JB{D_FkERSdY?$vuL8lx?Orw
zakf1=QEB2Tn?=`s0=MUB=Z4uL`>GD}@ysOB@oqa+wv{1kkV;jZqd}#cMbJ~@gLnO`
z*n?_!x3IyvuKOW#7uD&`#&f!P=ZJ09vz*QsFpVL@Wzf!pF0g`*WWD)OWvsO+_k(rz
z$x5uFppB$Nw&Lul1x;;^q0OtRi9RU;>mkYLy;juHrAroPRCYujX!T^G;vm067g&}O
z88ph)oR(Ve*|+1n<tVF;{I~Q_<X})J`V_R2T)``bsdYFbV^4j4{d`Yr{=DvVepw(@
zWKfBJI<#LH@ArN<2Q#-FjtW_)N)`E7R72WPX0vEY&+;6P1+@_&2_1|3H9P{S6GSf9
z`er+SRXtaz#!HOt^teG=*`N+KzRLK?G(P!G&B3d0ZQ|t9$yuF4ELUxNGpoDtwf!An
zBqwdjb#p9I%L3Y?dzEY+1B`AO#rXEQ9<Ahc6o0&88e{bp!yNU}bQcE>Naamwch;*B
z^wL(dK=`Zgl?*@k8y8NiPELXQo368IUzg_OM~S<IONwBpDIxlaxlWD=^sNC9C2J?R
zx52O?-TClqKq5`56&~)!<ug`xq~ZNm8jS(-YO}4IO@+=zGIA*LMtXKw1tBG2p=D)w
zSi^}P(cz9`eq73$`&*wb<n5Mt=J=X!m%Dgw&cee0zE2i6>L8_@NvtP#1VglOu;UYN
zWxWfCwz2<l-y<0P_iskRXmKl{O}Q)7UV~t)`YY5Z5D_}-cwGdz1b(YU-<w)(iBQQK
zl(aGsjrz^JFdUtIFWl#k-?ygrJ{rc;T{c@h$4PePK~sR+&S>tIqGLecjU2J?>PBY@
z%BbFCl^ifVt$*B^7V{;gyCy`8IVigHY_E^@Q}B!MLWas$e-QR8=yn~Y73kj4zCmrS
zj@)!#4(&-{rja665<bS6qkdPe(Fyn-D5=`jrbZAV+~HoG&88nyCoDh6SOk`~G7~AF
zuI)(|Q+bXzh0#D;Ot&}a!eCY|yi~lE4FT?GgNer|flp@rmQ&)J!rBx`pn?PIPGwn^
zUX<_a>mqNvkER$firS;IrkmN9+t<&j$l-+QYjxAw$!DBqW_MGzT#;0{y=+XvUOIr}
zauw6x97B?+rK{lio%79daBb;Xh-g<H*qER0P*sjY(^G&O1=Z-#P=!PeI#L0Tjfc$!
zE4r~U<p?Yv*2N-f&Si$Pq&cR{#%E=bU)<cn(z2~ut-B}$de;4oZ`vAU7W1c^=E~)c
zhW9@LHO1%(q8xLlN{9Iw^9rbx_h*l^D2|FDx=H^IEfr824*VpemWl-Ev^=FvObagO
zf%lT`m-px9e5puu-HZ7tE!@Lt)hddyO#ADEA1@NQHa<y5z1&}9vtD>~+)&xFGpM>x
z%2hm$%{q&{gCDXzaIhaooj;_S-=C|zKdrZ#m@P-rBukznz}L00qSCni%Wd58(Hp?$
z6VJn5L641<<hNBVMxb}^?BdMyc?=&X<L4ZaxJIjVexeLOBgxY$@z2N_I+BZvy&Jsz
zCG@8>L)292q}wGoX)n`8VV95MGN15uA;ua`PwP{g^c><GRPX!jm@{y&7DJePpRK~U
zr`K}t#f0aEE*`Tj;|0h%mC?9on^(D2J6bM}u!;qscV|EyzJxjn<k(YEZ&NHAO_)6C
z$boIKV&X+lz&Dh~Pow{d<;mk9Iq3dv$1uf1ukz;`5^S-tUfcX4ka29zs4`vH2W;<!
z@1im&j1J*91bXACLBCF7q1mhq;Zdhq8sLRh_}qyx=MM+Dlo8d1(C`>FHkUmhLz;f|
z>oa_e0SSKRLI`nbmT6;kPCH03gtNi&UemYltF+7nB6_#dyE(F=Y#yeCCG0kF=*L&l
z!6i05sF`c;oU#g8tlk<SBS(8a0_2F-b>VV`S_%MHTjRwnU~^&>B(+w1hJDNZ<v#my
z)HcgHb?F0gv@dA#0nhJrl5bpxmn@MC;sPG8FQfyHSd4)6lUgw(DuVyZHP6YT0p_kZ
zPgOnQk6JHooWP1~L2dg2LDSjyKyx6}UA|=xkM1JhwXfhh&ykDqiaBr)5Qh;*Yg{aY
zdQ5c@3=@<B!coDsMj?uR^GhxG%ys%~!11VjlEj3Scmi>QtVtkAP^0z4;;Ky`?kzTN
zU+sLx&d5BrE-CQQ5b2RqCNnsx&aFRN?hDgrL@b-N*T;ZIYOCdxfD-rV8&b*}e2W=P
zkci9`ju5Lp=Z0=_gAL$Nfvk-`%b>D@4aVhIJocW_)y;v)m}otBJ*lpCIji1i0CqU}
zf(%$uoezLT7kl~aym?6Rvx-Iz`fh9Ms2Yz4G&|iEmWx?h6u2!jyH&d>L%`(&bO&sg
z1^V$`oNfJJ_H!V`B#<jR{V9`wSy6OmO4;U!NpDVMf40ZEHrcO;<#O<DL6<O*USdR<
zVcRfjgv#r=@hY=b{58aBLJlOPA0d>Ov0xFNR8y@BZ>h5;o~YQz5!2Vg%4<jbT%$!Y
zp--EqCK`B@?(4@~-|n+iQCG|WzDr^_?RuA>VfV$PI0TLNLXhL4$n>o$(gjHzX(Bja
z`4V{3)ITD|{J_!k`_xs5qFj+F)+(kz!mbDpI;s=!IuUueGY<S%cAhH&M~DXUYZU9T
z2rm+CvGQ3tO%6{Cz_H}}_fr1kUmi9#9=$wZi5$r5^|`LAtVQ<)3yqPpH2$r^h07HP
zI=s~-2Y2;egZJl$OJ45Y+OepzAFp(xK<^;Wd+wYK+-|~sX{95jYm~z#h*CNqUg;-H
zC+R{@`l>jm4`u9r8TOb<Fv?1W;i{$w-@m=p@bG+Sk4$qkYSm#+w_W?lE_DU>?;+Qf
z4s)%kK5WG7i|kJ>aVQE~JgWkTn(N>dUUVz6-*sP+`0i$z?#m|6R(`A+5gTkIMV>*w
zOYF@Wz?44;4=c8&Qp{lR<P7l*G$|Lf*lfgLh8^K7sHZF64GY)GV10+K{93-BCCREv
zY|63;zHr6J1)JR7a2M@*kx;wAce+%x$^E4XzXMveP$B=y5t;{daFF`j)9R}KS9MS~
znsF4~hH++e6+QnLnx{2AWxZc)vwFXJ=LIUhHRJY4LBcHPp{wX}Lu@1`Faj;F_!XRj
ztCuyD$W?3(G(Ho(N8SDor?wZCg5tgV$`*Jj)5cC)-lk@%o|c@Le~dJN#8(lP5yjWU
zXSQ-9!nO?~oY*3lEOg<7+hxSet50)W#NXAFEenS8>=Pc~ipX^IX1jAdDEghQ`Gcsn
z;S4&s^mJ=~G4e$i<hqd&BsX;yI(7C;g%cqfQM|cd2rV+5925c9#P<eO8eECtyku=*
zjtK<6(u(1I9_E6E%yiw<ZQzTWi023Cp-ncOMLqS)m}<e3Q@tBF>eY)~eW6&5upq!L
ze<K@3#V)xisMo=x=Q8S7w2wMa$x0Mr+)v{+)X22aGWEAdxVr}_Wkylj3TtpMBS7?N
zB1MeeEfHrSmf5LZz)O#|a~=7C*mBvh!TLE8r)wGuT!%W3`Ix7coH!coYpG>grXDUv
zN0B1o`V$3&-|1r-tV!7eBpPd1ut=1(5B59>-^}m}B3&Ui0fs6<aISX$Cja9>kGHmB
z;3<eDtk-}Ksc3~P?nSliQvU<~!LB|fhGaDyHi#h6S?MQ`^Ywb>aNNL<Z2ri=dSN;A
zZGujZIDCbvLm`2Sr`bHN_H|gzkrvHqJKnwHL{5r9?+e2R?e!YO20Ee0x}%L=fmfjl
z08MT`WDKSl#spPNQG~9<X#aLh{4RR&>oC8*^eSDI9vF<{r@77tC{moL!c$xtz?aJW
zixoxl26^U8`4^~N6!YaTk&_1#QfcFZb*9kh6>5$FLGp$+k@hY{PKQ=8gj?Q*i}y5$
z2D%M|d1AcvdRs&7C{RZfJVq^7P)A31)s)C7DL$Z~Gq=7A!m+@NKY>CHg*!45QIZt%
zm?~99<d$(NlZQUG#%;bgj8|yTNGqBjl^BV6rtnx4O)%W7h#-;hxniGn2~Kj0c$U!B
zu_-~4B6;V&d^S=a-~CwrB1{bR-iQHCwZL_q6NPG9YQ=fQ8;R0_B5}u3%y(<}L9n_)
zrLkbE!_;mTH)J-QBVZ#d9bJ^()(lS4&6?<sHl`*SB91HZ%ZFOfEUX8%G61-WIjhah
zJL?iT-#1uXl?OcX>muXzg86Pi#czb$795~EViBpdolb7Y`3W8}E98$sp0d{7-q%h`
z;C%gqr3+>cXjAR)>`q^p^X0#dpNDssM3n{(t@_9Au73~$u2%~Ic=1F=uwC=iFJbX~
zv__7*Y?i4iCHNScshR<=BRV@3wvei?n^kW{@P`NidA&_i+xVX<rn6lb#!-V9Up~)?
zlN&xO0HxYUnO0sM-usyK*Ra+MPX+kYVS5f-pJkA%u9|ftDn6<{<PUxVvWmMz*FWMb
ze*rN7Z>@N4S~_0Ff8TUF-;q*JmR~F(Bqu+o76FJ0%Lr8o=mq@Gv?T}#h<{9l`u)!z
z1oL^~Xzb)<Ze!|5>t=0rroQ5^%?9tiQ7!i59NEK4j8xM7twqq!4;Ji|)QaRDUy@e5
zKdxFALx8e(69?%2)MoCwTR2&!S!1oZ?N@Jebga#M9AoTeM1fa)Ay%06w%cPNp)^_L
zYR7Hm^8m2B&%KqJOBl{G{0(+sW+cU_2=zckyRTNfK*R_LeQXlLB>|OVn-owO+{iGV
zX^QL5dm^meEoET`cDUguFJxie??2H5bgv~!m4+{}af_Bgcs=P3B9<rK$s^#eX~}hJ
zR87dFlJ*RIJ~Uh16|V!$l}bHodi7uCLcapO#AXiU;jQfNTeGQD5<<rBHG=26mWvn9
zzy0XHO>GvE%ZHZ|!^gqBw#LWxNR?E6BKTk$EcSc3OfwDSy1_or4p6a~tJbX!x!}9_
z#a-I^-HRr>(q|l;f4uk0D&K(`YLraQv`zFST`RY!A-Z!G5er7~PtXF3Q~2Rx=4k%d
z+e`rccwLI;odisv7>5wxdBI@_9E5%Qt&bbU{?4vbd|x4*Os@WsIL;uCY7j@iC;)da
zK5RED@03X@E^LMKCG|W!b6<M7bcAR55131q3{T4+f(w8?;`Ff|7?1oL-_%b4%E{!1
zlYSi4JpeX}u#x#hbfXfy3*{CZPcf80%DF|g#@atAVELh;E1qn8-_VAz`9W-<c#+ze
z5`+&?qqN5yR2(l0<0FMC9_w1+V`Fyq$U~5K8un(fUrWJn25II1Mz@ak?pkZ9O^qst
zlr(A~q^|`@+_J*NN8PhAj$p_y;qqKR@p8ldDEPBJppzQHHyAsA9+L1D0yCa12>Grm
zx2)NfBGVE~<p_XO3C_DBu>{zkh$B%d2%R=ai(VS+Q2QR)VQP%u@PrQ10E|nfr4(YR
z#Y>df37O2fCq^0@$@Dv~HiEIXi5|RE*cbHB0iC1}Kkk~vna;N%semtOc2#{Ex^hRs
zPOdP%t(#ql>kuh1&G%~GpDFx{mnxl>aCKJPMi&iM3PC)phjh|Cj;`jPv$MPLc|TkX
zdEph{@h(lP*!w!!7tz}gMM5WvB?F=9U|K7#TriA&_?aNSc>`f<%Q5trWdOE^#EDV-
zWNjBscJ{Lln=T$P-vs!gsf27g2^aU64NAf*5W%t!$OTn9CTRElMyl69+7~h_ncNsD
zaiJ^c<fB|F)A=Y4Rr5U|k+Ev0uH1%+ddOFDFWG$rXnt~4_mFpsgOEDXfpP?u=*7S;
z#Tp+c0uS;51_zxWe$$aiuNuJFAxpjr4!wYzykF_*e!d5dR1vQFeu(_Z;_hd8s8nR%
z#&n9YMz{q5nX}(1ea7j>zG495&z-i(!pqDygRx#eo5Ev{)h8ypwn6!?gGW(M4QtO|
zX6NV2sMgH2F{t+ijjDlmXOpfr+lpXJJxbmJt7{EnimUk-(m6-dPaHNXTA-8Knt1m`
zBzF>BPUg}da4TzBXBzxfqSjMbS;knlWkuUDe1>LLXx#P9GB~QNdrnoF_SX`oSfNLn
zC<b1%M?;(#E-IfDT~~8#v@}_oLu{eamR%-ODOK7Ye^B27Nmgi&-szR1O3t{LpE!BY
zrpDr-Sx^8m-8eIw_irpI4AzrIbfsGBRN8lgvZ6YuMyls7f@Te{<%jo!-H{)EZFox;
zur(gDWHcLG$wL)#@sjBr>T4Hmt9(&eQR=Y@TQ@%4*X$9<N(R%Q&t|>rSBQStXAO?A
z@h+rt@eI@>azoq^v;01Jo_ejcR*@wl=eYl@VL7KI$wH=wn_H}`7&BJL5}F^bUY=H|
zFvDyKyylccHlv`3ha_#Awj(~HHM*yu>07Eq8x@Anw^FLt2)2p;7FH4&0<uU*dfW#`
zZe-8r`)t8nYdP|9OXtjU^zm}6D<=sK0o&{X?F|Y50EiC&@Sn{#^rzW2w6$^iJw5fe
z)z;o{TxNs!>FW9^Xlk<zZipWTPb*$5JuP!F?Lyj+<%!Y+pldxsH01yKK=y=IXNVLi
zO~~i&$G@D!Q|Z#B9S+&)*5!nA254YFbWt~F?W%!!D`m8_ep+{TGeG9O=;3=e0Gcji
zjTA#|1V(#XVnY~P=NfJ9X@q>I(*$%H4Uf-?;oco=Bs7L_otI)3Ep#N$raCKdn6IeL
zjf~nzp*3ALti_rSO*&`#C0N)RI#5{In06$JvP@Q9d5^^Ymcl^A)tm1OJEG9gvx`pC
zQQ|FLpBgpte!C$0a`Z4eCkIR47HUyy?-hVE@0&5^q`w!VfzygMQM@w&sPdJ)Izj^4
z52P@v3^2J%BUNu0NF@D{y%=?Ce0j1RUAX$;^*eehhI)4JA9XpwKh;&)Ys=b(!%2=?
z{l+ElUCq3Vv$jSS+LCnjn~$}$SPdzWR($r1MW(;=2#^O4qkPwc+q&n->O}BHEkLvU
zg|=7(552vwVUNUSVqw3FiV;2J3`?5V3x0lW4sS0QhZvlV;9UH(j}qs3quSNb@r!m1
zVp9&<ymhSHW+ipt6X~}qCq2DGA}PgQsq#d+l}eomYZ>k0Ob$0&LXO^KW%A+8O!O!b
zHTV-aR;~6SyAuyzwyy#N@v;k)PMlyV;(`g*4-v0d)MK)W$Zje^!0`;5)1iy|+TD<I
zB54Rha4wUmg8l5$=mdhdtWF7svMEYzFaoWTsZ8|6qVHmp<NL6uwB@h^I5_GvuVF2@
zUm@A^ggsw&);GO5WHYE4`j{a11gf2rX2B59;EAkL>oECqfRK(+nQ<JP5$wH|D}-~{
z&qwC7#t=o!bgW^xP|c&lkmMI!aOpICf$-wH9312gB}ZV!_U<rlQwh+u<ASBdM1D4x
z4nf=j>T%xk7;-mYJ>os0RD_ZYD*4}vkvpB}JqHm`0}?x(A@+O~lK-J|_I%;naMkDn
zXX+1ZR~kNyj9H%|zwc_#2|;d9I?H-zmpMz&yD+*eH7iXPxd4BSTn>}jeWwv#v{>>&
z-HBhsO1z95O^P0{@eEQYX9#><nuuU{6>NP~!DHpxT7~r!ZL%V8-jl*?ZD!0bs~x%K
zy~cZf14i?su;$L=tj7+?>c{8;y~eIzEh>WY>@Tc?$?P!<|A&=8+ze0dbw56wr&$;O
z{K#Qs@EQ&)s0e+sXxj2af_ZQHKo5a@MR+#mW>S6bsjK0-@C&~IbXhJ;I^d-(ao6}?
zA`Ue&WLT#>)R88KY~rzS^t=lpc=JH}67Cy(iw2fi_!918M+9`B<4DC{us!#WKtNOR
z5{mB`kBo(}L5}p(odH9;lj#e9i<vR(<|6W8Pin|7OGV-gHJ3AF9?2r)cL!Q2lIoQM
zFu>lqngdXzY-s7ITh!~JFGueUkh7u*za&r1+F0pWMXp`&cRo2=>-2X^FM4@uc7~7)
zKkB$|?6acHU-jYr)F`hAn2<O;wSsDI3^tVU-{@ttqxjZ<<<`AP&c%0*ZRc_6)sRzb
z-}LbU#9iLx`Q@RF+Kcu+LmDv%$Y(=sX7}Lb!aW21CwYfQ7$@nVht^u|)9Iv1JbTdX
zF(C)+)r+_YKqk8r5Cty?33%aLs^Ut$6S!2aU=WJ1!j@$P0>(`~FtrPQM7j{w4Ux78
z4G$z*SO^;NRqmE5cP;r85wPG%opXYi+SIx5OA<yfN`=TCh9@15;lr;1No;TEa%Q&u
z8<$nD(f9hcg$);#C{$3zYtJNX4ptomRv+%TRV!dJKMwC(f>_7V@0Eolx(LX3D74{^
z-8YQy=+N}J0=5vbaHqOU*?5!CMDI@eyYj_Wez^D{$(_dx!)+4D=^J(Z(Fs*hf<Il#
zf7XEzSGU2D=dRfFIj*l!F?!8)xJfXgm|zDTk)x5ripo?sC3^i>8s(3WyS2>!@uY+I
zE0;Cm1k6ev@7GxK)#H6DPr`F&j|>ZRm@%J&FYo(x+Mu6NuUqLby(X|{h{uia3e#-)
zmY?##9izT;$mvB8!9sx_A(ku-h*?u84rzon?obiy$*k+(HZ>hlk#vAiwYC$oMy}=%
z(3&+he)){jUM!ROppP1s`0aSi((BmnMj%u6kIpIhc`l*G*bUwf?60i@5uvPGc{n0@
z+XU)a`+IKW)OSr07uq-QyaMZ93x1~NwvJA>RXpoAP-x6!)3fCXaUiutl(jeslQQ>b
zZ0I%NRB8Q-6F)pg*kbM1LNi<m?xJn0eb+ZAJ2?qEIaecOuh!<9)LqFs>EeA#GKwg%
zTC~2ir@Kds@hVPHh&tig;3jtiQF1(dCsu%zNvfj^nl+aTj)TfuXzFJ$%CoL|A=X12
z;uifiRa;1iBI=1FdfWz_bllWRoT7iD^lcEA1U!3C>6_S2iRaH1MgxvRhl|BhP2nz~
zc$X;lYqvK6An?WB7j%q~MPS*<vM6p`Rh~<$d@c8jbB<X5q~^zs&NCCMV>GJ%=7%mG
z??(q!Ku5tY^*n<eG4sx}#ki2(Jv;29n72@mp9)LmjBzv8{v`!P-{tp4mZ!+i;#Gi#
zztIZ7%}rA3mU*@KJ}C(A$nQx)R^*PSc*?haUYU??C4N>TxL?B*yX#2?SUrR&vbOfx
zYA|&%t*Y@9nO^Q^DNN=aQM7DZrlfsYss(-S^4!bsiyw<*&6Ts55H);I>-1w6j`tvT
zkK|{*9Fr`vIA*?S3~^4v0T$VWP|GvkZ?_@4+UNBh8~^~x@4vYX|44i>cGCatGejp!
z#%9nX2S2=_3}(@w8{+m5M$HPVDmE%8mbQg0x+*mHi}XuP`|93Eq{*NrE!w@}jJGtE
z;#OBe>2%*uA954QM*&T)LX=K;-kx1DtmX|oYa3_hkbslI;Au?KTJ^B_Hy>w@NqRD?
zjY-XnWFHj;XS0t>fqOL8(2N!3s<%*<`kqa}9dLwP?Ky<gGBe&siK{2OX=uy$*lK-M
zW04Oql%prTO%(#EK3%-@m5e@ZN?_PWW!`o?qM!}mL7upv@@^6+@dS2DHrS}KmwqJN
zy2b?^dCY*7mFqY^SIe&|Vq6v2;X?3WniZG2rl);%#D^pzArk&(Ofh7hHU+g|uM|-K
zRb|+0$PAmLAh+$C$>-Z?D;ZFNEZ#>s7?)?2x4k&;?|Ta*+hf<3Xdh!Jw=8d=I=gAy
zfnc_*O+E=^&^g6D_NejX(FvhsrJ<h_7if9+&1(Q-vRHWiIi<E)eIDt>NPZfHKfU~7
z&#Rx_nDDGG-f7xnr*UytH;MEPoOoYBxyZt+b4>tGJWo#yh|A#T^tCcWWhZx@i7=2K
zGpBAlX87qGtc%0Y`M^2n`{@sYLo|ikiPr-H07QM}4*h5U@OP?_qm#Rp@jrt4J@qA<
zRaRv03sne4_yRtbg#MTvd9IyM5dM@th|GqI1|joBx$k`P^}DqjGu6i_w+V>s%avBv
zlN^D>g4v$#?&p+G&--x-mZ9$aYE4aV!KRvQ(CR{UM%EwC=Y@{O8&;idCiYSS*h19Q
zikXnb@S+jW&_VTtC9DfBL-l@n0m%Fz3R)n9FlsSOG|0?T{v2f*^27TPRCbCQn}MlR
z)U`C~PP`vRpf(bs*k=b&lGJv~$gxXWTY~&qsq6%jj>KXE5x^u%FO3~2gm7A}T^n@w
z2hjaU3%ZpmRm&`3p<pQ~nUqS%t*Hj?YFp3H8*_`u(98=w;nwNjl8(6d>r458?%LBG
zwE#e>sCFE(zZXeSb-E0l9xjs*F^6jQnGU1@H4E->rQ=Z^$Sbl68*pxKP(83%m38TK
zar{D&J;)}hr707Txn5eRn3Q(!Pi0VsQW~ln)%I8q*7UZ`eMr3ICIh+w<H`&Q4GRge
zPyP}Q#<l?(6zIyh%aT4K8EfIQ?U2bt8%1#SY5;ypEnQ|KEHR*{d~RX(Gv5pzYCp3r
zt|^XrJZAGvy*yd^rpp1PM7@g?)N3LMJrRiSqIB`PuOTosNnNQ>TNsRIHx;QRxC9Ye
z12Y{#aEYv>!c$C8u)GFQ%DE|x3bsstR2(|g2;PVq4s*J4lrF-NVK>6nwQAMTNY%ep
zJ!i(ONYXQ(({wb~vY)(9CP+}js;WG~G`aG)joHDvi%^bdZm+VLJP<#)t{{&hZ=mrF
zVz0t&zDGH-X-<LWN+y8m2Me)mEt&9?z^+h`oQ_Kv5(?INgE`&h#bL9<as`-4jQD`S
z=B=ZZ#}ET9LrLu&3(XJXfYKL@3E%f$9xtn{z2f2sc!g$Cn~_(0F~77sbYShCRS;t2
z#ZPKwEUREuNO~a|3Y$U>!t#Uiy-s%HzNSJ0)$28anoa(6AR`RsOT&hK+uIgT&nEwN
zG>xVd5)<S*3KUUSAOv}8qC^uUhYte&VxzmHjq+vI_?vT}vVH?D>{HDgXQM#J)oW9=
ziVPSsUJ(k`WU`ZTMrDpoQY_fuhL&otBDY{8m%>20sVkq#8x2WXnK9&`FfqY*fa^Ja
zV2<dRnq6#>_nk@kPS?BsndU_XD4F=1x=oTMaAfQmPmx9z>sWKEUdxQG_s5yk`OmjS
zBYI0}U`3r@HgLBy3c@(pgUv!S1Q#kf0t<}w921y3GVE0LkJZK2T6&B#np&)u4aIW_
z(;3mzC$<*@@!aP>5;ltnWCp4t+K~51YwN<4Vj(z%Bwrt2M8n;hSP3GpGv}-9Gzhr2
z1|{k)I?<HVm*G+dz@aj$=#ixJRo^V*C#-Na#?+vvUW($QRJ%+2IiL%q88_wgVZP68
zVA^0lEaA`=X`7^ln5<i{S-Z*-SJc(|xby2}6X(qrchh$pe2LvqGlUWmX9ikI6yw>;
zQ>Z}@(#D<5JN{^@)sGdg3r0Y>=6F_fNY3e#$xyqapB}4I?7hHyBNDlWok_8eLcmNF
zAr9V5C3b{TabS<`+s#et6~qxqkSdYEm_#GeU>51<p#Uf6rO;j>NS^qzQy(3Uc+D>(
zkkV2!KzMMIsm^rli&(gf<4C?&;nB0r_Yl8d-QF2*V>(#THM}Xq&*ro|V@f+f8WB^0
zT*=unuDF2<a2K6$0l5hzGfWtlzl!icmSeT$Qe0Zxh{^<Ze!?cjT48+_RBYj-TpmVN
z!*35WqT?B_`kB_ojU><+M88wbX(MYr$ZJC+b?gni(*J||-SpA=Dd#F<^@k}}!Ua=G
zWTf&J*Cgjvj+@z7pk4B^^;A#j4+-eJ%Z^N&I<b`V`pHCJ7#3KNQ5nedV6ltz4G$Ra
z3?pvriF32yvabqC=qSI;zbHp4%*+-nj{5okR7vY<QR&JUJn@aB=|}N!{G>A%w3DQE
zL4kp@>F`$JL?DqH!|EaB)zp~{{7dq><Lc>43yJl|=e~Z835d!H;g<pgo7kby!H)8c
zJ{h~VQ~UB4Z$hjT=0l>RCR|lEeh_PcvWty}Fte;#4F!r>cAS1PE)MY?FB85Pk3s+0
z>sQGEPbfUk9ru`LHy!I>5F4MGhMuF|G7_=!`-#9C<xO2$+8iA%u9nvJ>pcYj=Tu2J
zP`wwQ4+A9)8>Eu#(68mnNNSbdg@?|eR3V(NShHgrzfr3C<P^dN>@zbK=MR+nBM<iz
znEpw>b7lo?ZA{EfogMy>f$PXf_nC3)Y@qKz_ph0@|77_*`8zHXD_eah<Nv>0PPVpI
z|Gg~izqvy@2U}AIV@JpT&WZUqoWIMn)3-6U`Y*NnJ3dDzeJAI?l=pW7`DA}np1z@>
zv6b<sYHc0p44oYu{&%zp_#ckM=k)+UzYm}EpOyW0w_|5(=WO@;IsKPv;C)K{_eX1P
zt#4}VNGD+KWUX)K_`l45SC`)}C9L&r%uS3PooF45OvVz&Yy#=wgD$v&jmH=H=s-ao
z$cI}ja=KYU)IjO3(-GG@V-i*53(AgjW_PMYm^NY>GS2j|2P5lBdX$(ADM*IJ%o>lV
zINE4i3RgIm7n`W?(s8aV0t<5}TU~7^*>#hHX}-c(P1JuUcT2zFl5HpKnPamTgXwRG
zfq=w~7BIit^}=Ky--a|%m3KPHjdOp%=Z;+CD9x>d(r;4e2yMcT_ved-lo}3l3dC-e
zk^IG!d?U}^lXtc~pw}@I_?=7dk}76maXk#CXisOeqvl*IaKkIf%;Vh9!+GY{)dtZw
zy-db)+2b}&_m6{j+KCU0?dk>>AuGP|eADN+gNAE7Wzp*2-KyciY#Q{_`3wB7&L7IB
z`lN-G_-VvtMCksh$4{5PQc2RHmmYrY09j<kpmeM(j7=THBj6UGjLQXNTFgv@pvC(v
zPM3m$Va%rUf_n@`qvF0tm2+^Hkab(SGXiR|e_nqhY+_9GjaFr3i4ffh2mYj99@bk7
ztr>wNKPCj*oEcE8evSdKX(}0D@Y%G3hf%v73(&DPQ(3ih+`T09-Rp;n>#r9MjCEFl
zHQ<&I;D+&8FR@98#01y*%g;o<#o>HC_i{yrVLgpypc*;F0;?txuRQx~<Q(a=nl7SW
zpfiD(H;HNxsiA9e*!%9_Y5EfuQnElz2<~1V_4dFu?i}P-J-s)kH8G1Vox3~!lUf*-
zJ-wU#6;?w}7f-LTCq0pc0r?>6nGMYlNGT2xL#r-u@Nmj>#rm|f)zx}Wu)lRI*^jzJ
z@Tp^Akl+0R5C|FIKQAKisp!AZA4>}SJJ-K26YwXC(&y=aS~TDfDSvd3zYYxl?jU~>
zG|9id!~1v6zs82Y2af-wpOpVHjQsD6e~mSMhmL>J6XRzO{og?H-?{#3`+vtFf6_Md
zU!#&g`2G_z{K*%_`G1YcpE&WakLXXX|3QjBzjywPls|Ff|5eKE-$?lrNB*;v-$?Q&
zQF8s?8vQG-{AWqOP4b^)^f!|JiZlPOax(u$&R=oof8_kp7=M@l2YCEOo<C{!Z{++3
z9Qtn!;9o0A#r-$x`U?vE=Su#@p+Cv+Z{++RRQlJN{?+9EYq!h&6!uT+`iWA1ROb&J
l{ne2CHpzd|2G4&m&~lQXpH3410K(^H_i29w`F?-<{{V%OeklL|

literal 0
HcmV?d00001

diff --git a/project-doc/getdns_query-deamon-behaviour.pdf b/project-doc/getdns_query-deamon-behaviour.pdf
new file mode 100644
index 0000000000000000000000000000000000000000..f97f81b8d3caf5016345971d086be5e76e9d6260
GIT binary patch
literal 13995
zcmaib1yo$ivUZRJ_u%dXn;G1l!6CT2yAAG|1cwkva1Rbaf<u7d?(PsgxZ6LRbMCq4
z-uK@6_gX!>yQ;go`zzTCRu%1A2`~$Yl>?c!Gq1C`^Lu9|G8+Yu!qLPASwH|FZ|-0T
zv7%syQd9t7YdeU!3jl0q3^A85H+3{K7ZO5tg}9g-+ar6X)qYWkT>zts96jRlA!xY?
zaj;_>5zH#MW3;>kj&|nM(Xm9>1#OPE8M;UhB=FFcu?D}0kn-<b6HtlRtY7wcB5U<1
zcRhZiP=v9>bM1fN@5_6CnSHl?+;F#?znEP98p9Bs+J6@z3m}n>7T|yH<;h2$G4gIC
zRn?f}7U>rT=GMK`)j;G?^Zu}*VeD|`=~&o=IB(;7@^=&B0*#Q{hkIKl6+uo*_;)8y
zv}(vSiTc8JXMJuDTCp#2h?LfL=!8%<dUT5<W4+#guK#kj(r@rfm4-JaZjP8C67xNH
zrE$Nv)9RHb+$wqiX{$evMDjMUljp)3-Ia805T))uN)2tjbF`=2Z1VP1E_}emj;>TL
zrMDKLlyte2yo!*Jl3!~$qm>o9y42aGY`Ij)TaYN;uqbisnkA~5RAo@;C3o(?ulJ$K
z!6Ka97pY!~`Y-xb=+aVN%@Idxcoz4>UR>{vV*%%S7>haYZr~44hL2+`U!m5gk@^0x
z;VSTH(>bAB9H#V<hbdocj>g*Cb8Z(i4C5lE<Q8VG`*q5~McIV9FWwDqBIMr4p0wNH
znKso4XQ&f9p5l#{70&*-hx;0!u2@+0se`)w(Nkd!$?Z1wVke2xrE$e9v}q%nMK`~b
zJ@!J&$83yvk#%5w9j!4G%NydBe3E(18Y0=1n%eGpbiB@%MVa0C>byB{wP0M&q4gxY
z-&1NChSd`%f()RKw6uT^df7}^^GleO@dPI(dBBX!N0HS4D7zH-z0h*ir1|?Uirdk5
zfbaK4G3t8y@4Zzqi&#_<2M8?49wA96SHa;D0GN$E)+#KCK=r<BR!^3$oStj#{0xlW
zuLHnAYmnodLG+_}a5imqG4&@MjGtW&B2|mGE_zOIISKo`U0P4tm~Zbg<Y^s#3>4ej
zHnZw7&h)}WVnu7r-bcC@nIHB#>-G!q&c+z@zoM427OhPzo051FEv+VtQk>7hB?Y@G
z)4Yf-0ZT*esEa27OBDAy>+4V0^DV7F^!UK2BXIbOJ`VVuAT1H<gx6V8CNSQL%p&ik
zU+Cp6V`s55i-<*|TZyOywvwO#DX_D)C1BU#E9Appq#MJ$g36r4d|m?W5e*>0T-dkQ
zBkiH00JCmuLk*5vEvrcz<U3<BP!`50t2T0PDjk7#Qeq{S6#TIB_ELu7hdW5sq@+~*
ziVe-ZLrGS8JUW<{Rif^?V^v1<jACGpyj$rFD<NVog596N#kfd^7beW&7R-f>Ac`v0
z@uAFZ3;u-onS__|q%eoybGHZF&-G?w$UYowjxssgn@O>u@q1Hzr_Ne(KR2I^$p9{l
zQOBnnkN>tcld_zR2_<Uzg9Tjz6aRdOG4BXXB(7YlO<IR16yvYB_DJqIRAv(5y;2XP
zi}e`$sQjR;z!6Ps@0NYd+*Me$@0>p7xOyEWj(#ZUCy7g2(e;lt*x`qA_NU9f8SDhh
zO`+4I%2%vecbCHtS%7xZZ2AGgZ1Jf<VDvnSG3SKQ<|h+)Dt7Go3EZ-|qumH&`S~V_
zLw&aB7GlgpeG#9=4z1wEj$j*2f+jk4+7!nhXkY^Xo`eN_O$ifG^~x0P+!sI_TERCD
zLChn4k)}p5!{8<{rKBdYcfEse2fu<sjM=emAYp;-Zjz>#O^sCOzp9hkkC)NjU$SQD
z>t_Sn^^HX)aj{cSF31~D<;alD9nAiUiO}A27)5@Lp3fZ+8xQX@`wt@L{|K^N|3{Gh
zD+q%qK%5{T@Sh=f$r}Zt))Q}~dDU_@CY{1RKDblSkUQpKk%vVjLqVArDU=(3BSR5H
zgP9-_AQDjdG6svw2y-@pG<ZV^Ri<+0x+m~kG!B2ScE!hoc~I)ez(6<gtnWS72c*)C
z>n^SYgNt-5@`Zhm;RTOj{_UkNK8|jGKI(2GQRt3GG;3yQz#O~fX`$<b$PxcY%u_r{
z%v!IWLf`z`_}8HTEU_~EkfjB-mbP1V$^*wxtFGT=ruyXM%L`KPVN!X#z4;dS$r{dV
zy+Sw7DRSbd!InqUCO14usy^SNmrrmf_ODED(3r{R_$nJ7%C|e(6yJZv8W^anT>)w3
z^;v2O1(`Rr`RQ7=8_ph8MxFDSI~kdsGdK@pRY|X2gmk8dgb@d5MQo`h9&NveyFX?k
z5k&*2(!D1tQzW-QjD61`TTp0K-9>~$jGr0zInnOp;hPw>)2B1qR@zp{R;u5Wcx(ki
zjt!wECUkW;Y*#{nCC}mVyEdjU)@wdF1M086C%VPxaZSfJ2Q2kxn@4@@jOPpuM{={R
zVj1Y7QoWs<%TI~rv5O(TibhY|<y=2w;wwx?wtH8yv-1M+eU`9`A8>ER@T-FZLdfG0
z`c$QFD7*+WV{^6+bI9Wmc5TL$0@^R*n)*aZHb6VHAEj5oia)%ou)ek1Qt#5hWg7E|
z7WCqn(U*7ZC)Zp42GFd}uVil`#E&SC%Y{4GoV@lOG#m`C5>_%$bN2bgRO>%2Wtao`
zRifn?2-#RdZ<F9XGL@6bw+j9k%Al?gjdo$HF*8-J(_nH_wP15U)mq#iahflyy_=BG
z)g>8;hlj`9d$DQO#LhlGp+fq`UAJ_OhLD;X)z~{-gBm#s)>)I+*WQJqg@q!I|Nha=
zz`ce#=YdW_R|K4Rq>&Q1Sdh?Hr@|;bcR?siD_x}b6<&swl6KCap`Q|Axg65Foz+l|
zwRXoys^GF(g<SF0m{Olb!l>P$2hT;_PAQ)xkgI`lbzzKMc}nBMy&`c3BMEN0@tlJT
z-(X-COtwgY=`n{{QZVx9VDb7y;trK(9ZZtO)G}6KnQdvYeC0xF)e>irv{b&1B%@jq
zjDn;{NmZgx!_H=$@4TR(^L3g8S8YQFKMCm}F%euT>4IWq@rMsSaCDj!1ImQG^EXXe
zBwm(34hu_>>v?9(ODe9a55UQom=iSb1Wq)AJDv6XpETrs5OZZdKFad!h+inmUz1ch
z=Gf;vEG}Nty<_I3Q+)SM2~{IIT*jXIJ0JH|x;PTd%349-<TPAYcKfXc07YV^%n@~z
zBXe;ghTuMl_aGAcprF7jW&Wu&C5!4UX`yOUI>!AdZ<t+&m{D^%NGqwYAe3F=q&@|<
zCVEDGWJZg~bLiT4=;D_>dfJe=EfGDen2y4`Tx2)jLP20F(qU1oQkXchgny!uhrGm>
zO)902vP`*ZoTM!-BJxtTMkT4lS^39wI0-uM?-{Ne(*jBJQgb$`5USREi%Hb&vyWmj
zw9F_ho8bI4o%Z&L;bduHWqqt-iWRrLD<yr16_p+H`TSsFO@T)4iH4a<tQzV^Dd1X}
zLhT=VSQPfD;$^TI#j?xQdYoe#gs+3nTqZeN#hP7{6}JbF0G={J*2SAYr;%$)&Wk^E
z$CL+_v1G$(>Lf3IHo{;~;AvNg=^mzYuqw<hm77i1KLm*|?GY!JIWw2oI_SN|rqODj
zL$X%SG~Te1N30V4h_W*daiLZ)Qjlh#6uYEcWdO8Wili2F>WYPxXgL&b(YjF6#Ch4g
zrjDc4bkhjm@w~w+pyK|D{3O7Q2B6AB4hU}PBWtc&dR?;hwr5tX=hI$hg^BeJ5~fsq
zbi{gN)D{<jn~#rFA%=`MYm)2qoAX7X4*DDMDKD$?J;ygodCY1!-%KxjgP7P?U1=9f
z7e#7yS`E$v3K}h1buvbIlghrV4w6!a!_!tEVLEj5Q>g|w-rjh-U(Y*ZZA56yoc*+x
zT(fO>2UtLoQs@aaRWSV^8%?&!gv9S<sBA{aTml$z&t+#4J`99&`-;m`S<rBTi=<i%
zcM)yLFdFgwv|yr0Yvwv4>YG@XO3aqDL7Z2Rt4{RGblJ?~2(jLJ9i~FW+U6S)Ox&-j
zJuq{=F|VA*1!AZa5!YYi_5jlIXUQf(w?~W(AtNK{3W7NH3X9zza5;kw5d(8y*KRNf
zqN(AKA-Y165Kv=WVgMW0RTKuDCptB#m15t0wnNpnu5InOFp?70)^o+}exPc}xhTS&
zB&LlaHx77x<y>!~wIq;?OS2$haXBX}0|%6CqB=Ftm~rRNDO}1jjudpvSo-`7SIQ`Q
zz5FYi&=sEQ9?O-L>Dxz=)55BYu~|!#T}|^@`cBPiW1q`byGC|5s*89vIwIz94!DW8
zObTBQzA*6Mz0}Qdmn4laQT~861d<KyBggqDnS!euK_8YO8<e<s^0U+;C!QlB+?rGQ
zOIZ^RB?!cntv*nt!>OEi;4-&WNHsFLMRjav*N}z}Xjx!;J)&GbP>_?9l=QNJg(Xk2
z<p+rjDNj_hnT_b%)IkbieaXb}oqG}@*f8Pgl_#5#LE=O^VQvHCik(uc`mZ3%%aK^p
zFM=3y`%(`sOTlP9HkRZe@hSQWUQR1X?{t>dGoo$<ha!E5k_b8@QXRi;b*5Sj9Lh}(
z`&O8k%B+`S>W&A|fr7rMys;>bLS?ua<W^XP9oeK!kSoU)m16y%De0~J^947{xG5EC
z#0C{-1XsKPF3ib#LxVLfCGAj~Y-oegMUAIuGYu6I1vSbWCODGaI9n?#t(LcM#5<Gm
zH@y`MCVpz4lqsDyu#~3y7!qJ<BnVU``l|L3>$*50k)j9_C|VZ?b&%6_M^56FaNl%E
z$WbZC$z8tTy$zCV!dGB5iDc{^n!;m!H<z$er`2C<kE-R+1$ilG0E62srs#fs==Nng
zhp$CwdBNsYtk<~wkcFvzbK*vsq}-dPG)?!peQQFtHHkIU;1cuRiC}^mbD<zFuao36
z0Up<KJpAGG&j|)`hOz@$fl4aK!+PL1XTP*r=&GkuHS0&Qkzx`_Qr6y^5%L7ci4gZO
zTQCVc9^$xN3Do`ueCXQ8+nz}-ur)x_oqVu*(iL`R<)V`+P|NeNbusxuS7g)a-ZL+V
zHXOjv*3ytQb$>9%f}lyKYV6$Ay$){*4x7od)84)Py*rmS&liNY2SGyFM?TxfAGk`g
zCt|U}{*gGNH!<6N(dho$&;8~047k}WxvHEppFNCg`(kU1st`tp;1^1+H>Dy04mxr$
z*mmmo=<gZiF`+IQy4-S!vBF^IhWP@RA)|IRm|EN)dNA_%dW>1lNem{(lY2A?8Utc`
z1FB!W-|yQSSfaRyCuMYViYX)rju34OjRf7prun<FMLTa+!ixNe^iG+fW9s!W*<PsV
zd}vbKR1T~bc_Sc4n9Kf@pf#_d-cm*<`0$;j^^~jY(pQQ7Gi4GUmm{*PSDN?r<<~L7
zN9<%FW|le%vR4SP9^1bl!d^YS-xSKz${o+5;k{5FLa-jh3FZoWtNitpF1+=H)3HU4
zf6y4k28Uxo64d0zS}Pb&5~d8_Oh=MZbsp$;B>dnYB8^JWa@#bh7}&6PKDi(Z;o7v0
zAJuY7_dz+J`$mD5{%H%elkp%_>WMuq$eeh8xw{fTbXU0tx9z7+^MP{V6DR!}U(Q!#
zpEBaD2qG;NyMH>#dFt?pW0*w|Yp%a&v#@6$li`!>fuv}p&Y2pRJ8&LxMS{=xfAO+U
zq~Pi?SX6U0s*lv{#Hj^rc9?q*I@z3#63ZMde@=<Ra49s9CUy}H>mW~#YT@8&+7&3f
z>-YH0oG#>S;!eJJ_A~b&nK;J2BJJi=y=C7I?)fY7l$*JbJ)Y^|a#PJvb2FGCsy4NI
zetdc6ti>cN%QqaM9^n(e)>}<dhLH&sVuP9acTCq!x=ql#5mRVv$7AvyWP+DBR8Li0
zsEs`~yQGP<1<Oy0mh)NZ#sCqtQ{A43k;x^WY;F}f<7^tdi}~KNOd6Di@7idoqisy}
zloWlNS5*M08E#?jR7Jf(v9(Wdwl3=`u3#Az;Y(qYp)mJiVM!L}LLqJ#$}wGc{QYfv
z=KgJOAoq8@wm`sMSl_BTK4-Z@Ykvd%aj}KIEWWpMcIsftP8_YSSdxOOZb4&WFMh7O
z8}sgQzUtX}xM;wYrmkN3r4#~K@mH2J$~mFKHvSTdO%qB97oc`7QQ=eAQpuUcOunWg
z;|D{H<f?<1+7U|@CU-T3X1}8)d@`-E1v1S>;KyBkT28{5$F;gPOGk9SY9{WwyVQ_{
zSbLXW5CO8NYJ{<!<U%0>IdCFk!A16%j9B>(2&`u11ol2Ye7e6PM)J9nG6u{;O$OOS
zCxsy~mmsE~o;uTc+Tzca7BWl#(MuHV5Cbw(GS&xTA%D-=*Brb@Tg@*U#$FnrbZ+?{
zAIw$f+#ghD>S0F+`>8HXeuN{ae2VfHj<)j&%Nx{JQK@|ukfKyX>l8JZeN4DPW6HN7
z)}4=P%m)`m2+V*XELMt*Iq3<zE1(XPkj84jN~S6Yzi)icgQn<N0}7TRgGeWzT^Exy
zrfsi(B#G!kanX05xJS+2qW-+5V1WnlSSN^3C}p5)%a-3Q?^E*|nGhi~Kgln-^BwY-
zu^ipjykJr2b-0#Y8uYVM=&y><E8Ah!vAbjjNV_<CW|?;5Ox`WexrrrI2IqY=agm7k
z#*b#nX&DC5FJ*djd@9K390S{S-gADZBQ6``vflM~e|@)h&Gz%7%@$8gt(mWA&X^R9
zO#i2H*<eNFL=kNy)Fk;&Z*`FdKmCC8<zuJplq<xSf=z?VD>YF0%-qgJH#FF>IB}Jw
zVhavZ3~%4;5~7pbZBJ!AM4_R`d||=Bh!M&R2@>2)%tQzeC;nRco0-_Rp7yMEwky?v
zX;=5tM}z9AI=i!Vt(2<$j<N7=bjEE~#T0vNPQu47MM1d>yq@hDPv%;T=9aG;-^wCY
z<`tI*NFmNoAP1Z~pv8j>12~mHwK#_DeI5T{mpdN*uBt$|44j~2piC#IGcAaat-IX=
zbRo+~Tcl#+us5Y9noRWeFzh8;xy5J$Dgo-89DE%<2fA$yZ5qLLG~5(0uYjhVR+uDU
zu7nQ^9O}tSU7x%U<`z9ko_qIJpxS#`Y^S$&TgaADHT^vEhR5Djvq%+UdKnbY%Z}|$
z-9v=|t{Oz#i6)5TA!tW8mPi0S%rP#$5ug)bLexUO!qD>2E#egD=%>jv;C=&(MXQX5
zt2`R9@y%#*GCVm<^z$+SY1E*(<C!@ki*KUA(G~$G2bN|e-(?adCma4}l9$V229Y!C
zi21<DFH@B}Z2{(v?WDr@*>%kRq6x#8Cz`h(eT1%8Groj>GUpq*xRAqGy{(N`p;fKg
z)G6#T!KgctVEZg-&>^5Q8DBqW#l$+pAY-fM+QD|TP(Iqv;Wee@RdS<k%FK(YmwAPt
zK1hH#R=z$@Wm`bW$lU;0>hRP^QPDRb!KtpV>D6oWcTPwWq>PB<A}>w#vK9IoB{_#Z
zmhhc{cPK^(!CvvVTmf1sjt4%cx1U(8iCl0IjdVYO67>`p&S#g9>D&}~j)G{ubZMK3
zafya$#t*ge(>M2Iu3i}Rp5^SBYujE<)+d8PpNC(wMy>r4Q?T)rE|7`CB8kTvj7eFW
zKfLM^bkG^UIG!%aWL+WN;W<7H+~)5t@~P&Y!ACh3CZ=nO<hre{o|*BaAY5;IoM?$8
zCV%J~p8a6i8V_0ctx)_s(kZ<;6y!narC?1kG?yxlz}&?05$}5!vUS+1{0lju_mg5p
zl)RK*3Z{8Te#ZK<bEhaulE<P;RPW?Ciz|G_PCmdualO-|t)){Y{4}P)p)b)BnI#>K
zPN*25jU_FKd5BkSW1fJlT0d%KQ_L(m9bq3X3P;Kv*#4sheIzS?AX`&S8Oup3M3$%#
zOMM$REG2jq%&-&gAfb`*%3{@J0I=zvH6+SnQ;!oNgEuD^iO{yxbdtS>tK4H!&>gwp
zN61@Jcb637!6f|9gYTbm&En@^E<QZ0JQGnSr$2-?fH&7(dw<ENnK0h8_`O`QUn`|4
zYtTB9i?^gvgT(8+T-?GkzSDDo%|jWSVD{eCv!6JmmH5o!e2EDJkfY4)UkBY}$xGo}
z(T$T%KWOmbxd9`{&;r=fkk@`W*^JWf6p6}XI>R}1mtqNCC1OPtZ8Q|c6+6g}#<3QN
z>D4MA@VVN5P9)Juu>nu76Qx`Ya=W0#sinV`z63zJGVi^12Fvr0@0tvjTX$-s%ypSc
zUTIh~Xr3o&pp`?$H|JJ{9>1L)E74n*9~~>9ueh10f~SAsH2wBAQMKqUpuf3>7yCK&
z*~8`oVNN2s#~3L@*j#^%Kj%uS+JGP=<cIf=>8}tAuABxbaehvxubx_YepClP6{uOL
z6!MZQ5ADcv!|Yi0O-i+2w7o#nDV!GLFgK#ZQ%ETg2`OT0{(2)Vz9IQli<zwjF#uB-
zuLvCV9&`NzPA>HX&NbW(!B#>|6_@6K8H-h|28x{N%P4Dt<{lw23?Eq@z}xI;qRMeS
z+f=uHKKm9MTtST&^ENRt%UCd2R5;SFJ$^4IQN?l-JPEKEpaw4vp*m9(TYcymfWc+$
z0MvEs0{E-h5j-#AI@zecB+Z5OISwyglyO_n0j$>s&r}ko5INZB`aF|}*1pZ5JCD#e
zy-aCnq|$xu%BX2M%!>Hy(u97GC+%lEdY1<qo_kkEH7E{qBSM>`nhDJFMl^Uc0Z*=p
z#yA;^%mN68VfVv8r!m%(d2tpU627Cs!akA-D5OVWvEr~{bM3Ske4Wlavhvb4@v{3S
zXm-xy_XL8)Bb@)K{d<2`BkzlN@}rao3<fe!dlOnedf;6$zV1&!H+sv8^z{3$P07CA
z^8rsI_0csWEr3Tc0ofdxS98US--XcDCqyz|l^hy<3z<g0*fGX7@<aXEC6bKf-4Rr(
z8D#;qj2_V5(B|-ZD5^X&Rzrs~{mc>--c?KVQmTYN(D8=FkmLO-4@WRHEhnkIsG4!{
z)vc3*4(vKWXJpvGXZ>bQDZ_Em>DAAVN<p69ohyK)hrRNq*19IU-QP3rhk|Xkpoeyx
zYI6B2yE`95;Y;{Xzq;!EskzwJmb;Gl`FU!5_oK(%PBdHcN5b22GLn6Q7|sxZuchn8
zpB-Xn@kKrINo8~WcAYHu*3{;ck^Md_{zxU{`FNYK^GM*-ects}*>X&IYAj;kc4J|E
zx9IxpL@fqkvFhhn>0<mT@HOolx#3`SbP?f28=UvbY~y;lCL|m&#9yQFqlj`rrBfZX
zoeJuHVkjwP0|V-u92GQV#^r5mbf4hih81)+T0eFzpY&@c77MN{wcak<+aAW|V+cX~
zd)TX8N6PdAkb6G_grx1^4}H={2vZ71zVU9c-Ac-5(j?tsXw0tp;Y#bZ@25D4Q)f+R
z&zI7Cf{fHD&q=+wr5TI$KI$#r8!FCF!aSO$6$&ZZ+gPFuj!|Z~7r%22MQDx>zQ151
zQ?4$61n!{asT3#2NFOA?@4RrKl_W|m$VW*4t1xG26|mqlCo>0ocTh{F+#AoMWgk{(
zATYA^ZE*)>5Wa>-m3U_h@3DE0p7Emys}L8zt#RAFO93BDi+@~A!mnkT5JcZ*Al-94
zSS={OLggiNbzZScAEi9l1dHNQJ<VUv8Q~*z0nl1qOdBG*GxGpGS-10?aMz@=of79i
zS-nw9>i8IG96))X{{q9jLx!K=0LeZ1LAhx(5yJL?jIEuLg(N=<9MRG>s)5*oH){-Q
z>53<8i7Fv}KJM&Str(vJy6JVK<LWDz{XC7wVvOu2bsn@+AywTq7B`|qC-A;e@M-z}
z-Kn;-ki>Rm#xx8)2e0uL91caN0_6BIdvC3>ce0BuC!e;rN)-LRAHOJbfDiUgi5<;;
zQI>%&GElaU4Og2M;heJce!@hQp&bdlm&I#Ri1(<$c~O#EO+NA{_lqgME0z4froOGD
z(C+%=dsm&K?V0(sLJP=u#G_mDXETv@rTa{Z!rdN;x$aSgexs$-l?(oXEnlO3U&HnU
z9v47Cfzg_!LZ^vgiOAR$cgFt2P2R!DqKvGh*2fkFhm_VWqpGoEl7U)d8l%LuV?@nj
z42)*h6{!PRris#(A#z~u?4XkHV^@;L?WmE6d7;1WfF+>}sDYiROGu4zoC?(*Qq(V`
zkA3&G&^=NRB1~&$=o7c4e+TlBUObz%>!Yqt>Zv?xAbcDU{;i*OP?K<bN5C-L$P)Q`
zFs0X<CK6X#9eauO@MA08w+<RZY?hyTks~>r9h(5zQkgu-4{;2}*>TsSPp6D6FmhO}
zh(zsj2FyhW9u&?DRj<%ERmM~A<FTgmBv>$|3gC!Hji&fWbePyJcxma$eWK|{3^zi3
z>GSy4OzE3<eMe-Jc-9JWy3^k7obxuNF%Kh=^R3Yu)XsSQlxa%iPpgr(H_<4Q*-nho
zi{Nef);DWQ!j5d*&AoKgAna0&<G`~Q4&sJ1WG|zIIb^1GH>`<sH*be?FCHflleu^L
zb4L}^NIC$URF~8?!UOI<bNlrT5hAr@7kGQ5rJ4+AE>=!2Z7m;J%yx7U!*JcC6F)8p
z%s4izz3=y&MI%ikI$iqYkiw>PcP!;_-Fipw;606|)M#8m?CylbzgUy@F?cHdcR?_*
z|Hk7Fg@9k-+)II`UT^acT#lS3ZpQLlbTF?!CuY6_yMbwcoszm$%X+k=;tgLd++l4a
z38#{i5W5|1O$m{p%WctUa6iOhtO;@pt_!Ud@Pr$<z4+ApeN>?W<4k5#1fy6yl#5lI
z(Y*^V-KlNu@ynff9k9IE?F+GsxXpu_y}O?JP<a-ZZ;`njO;dgA0Y`Jn;0o(XyYB5T
zaOQr}qT1K33|^cE+XlST+PGjsEfYL;BGNBwbOBuRiMQQ)1A9jC^<j}GE(raGi$Qi0
zZT%J5tGEL29d=yr)1?fB$r^X%?RN@nue)nc@J3uwR-!X|&O(|b4Mw_0J~rWb<(dFD
z&OF1z6$~7Yn<!?c_%@OKb*_^G!Vl1s;0SjKiR@{tyl(N+Q9;w6JHqlSfw$AaPUo4K
z6JH?4-hQ81bv%A`90+H6X%iPs?LoZL^Sm}LW@@lI_|m5f1<A8kWC|5Le5#gqOYGU}
zj6J{gsP$SC?iO)%i9Pkm>-l=AM8L`6o}8QP$ZH*lKABVXZPLr`_91=-3Y+-P55~~6
zU*`GAoO{8pP&m=^%J10ceL2VKj)6n%Tso!zHWG@!9K+_p0Of^VeR3;E5w+G!NziJU
zq#SdJsz&c)%Epgh&q+ahB_`iM*EMO8!bZw%EgvC3OP;JvV*9HnG~!21u!OFlbD1-o
z^G9bfJ(3UhEg6=smUGww=1plc!9`pS(YX=wg(hyl^^0L@!cj$|-?)Dkw$}(agLR+4
z(0^x1o>s=IMBcdZsi~iR@5lf{HNbUd<(scNsJZ1f2G_dA;+MJeNJmC4G1KqmMwOHs
zIv>M1EsN9}-J}3jAX!^@EWffx)Pb6B>6~=n6Se&Z2{V_VN-nndx9Up)EJ&Eja*8J#
zA2&=y%<f-HV%bi0)Oe~-_N~8eB@hnrHy*=oyB!`@Ujax;`y1)On6Gv~Osup7^+g9H
zSl|QZy$=Oea0=PnOdY&PTtn?nBV4Zh@y{Ew1nk|2a7|ghp?$NnM=gzh1?tD1!t8Pn
zR|=gdI9_&|@5zc4Q_xW*Vv!Ek$9hLqi2cggxQN&;VoA|`fzE#N7h$rXeTFkeb*ZrA
zFb*Tm4@w-L{i)Z|GFThB)j9bZpqVU!oy4_-pmkRL`c}DZDFPPm)8jgwN)qzh-C$q3
zYbgZPe%;*W6bRld%0a=~^|>Vo5y!~VL$}(yjr{ABjF9M!ilv6U``<Gj6}$p9T-NS_
z_QwbQ_fssE7Q%c>p<j5FSX`%n>nML-d25n6(t}ftPd7}K89kz}nK8^hy6WGIcg8Gb
z1z;<j<jTJ&P|ox#YZ(}xri0Lq7C`^_W0Wwas$G$|StH~O4G~2!oe$Az3_0u(hzU+Q
zXHxyOVG%)`xasdNjmK>=$p`*fzwdK0;`p=Ts6@pj&~iFI&?a!?Pzt^$!q2j)ab&UD
zZf?2SFa7HkYXGn7R$Rc%PVr!=dMD>pXNlhVML^2K1bf}mC5P7XE$>eOZRL~A19Jbz
z$u2(>{KKYekCoetmPq`SJKMCD3#Xv+oDi!{_b&NDF$54P?PgQYDrpwk3ktG}IuaqJ
zv6t=x-q)C{B*NwM^BY#S+E!1_n}Jml>asZd<~1KKRdi@Y)d{pxaA}LV_B>w?M5jbF
z5_Qq##z>|^|J}Y9qbl=Ru|Ce}ji~ghmpEfMoc<Z(H+2%sxjaw#yd(HnV%&J^E-SQ1
zE80DW;ei?9C;gfH$HqLeyy2%GG{sT{%ev@l)NdZ9cETL(cnl}qtcLaw?gm<CT<-CI
zjr;g>v|s9_E}qs#vwAG#!j*2!!(FwwW|8#N`h1TUVr`Wy&C}~^<%az|C7w%2^yagP
zGB{q?sg1(An^Vp7IuPJYctKD5KD0tPZMIGaZ!3Gj<7G7Ox!llw`)>!!v$e}@ZZbPa
z0}+OUZ|j3o^~V&9p~sV@<>i2fiGytM>Lcp&-{h9)C4A^o+Iq#z{<P~N@Fb(1eC(y-
z+QUN+cPM%!zM1N@>$?eN6Y@D~n;|lA1T<81@U$rn+Ef|Zwxs!`Mvs_@jjbXyyT_>b
zyGvIM(gC-ctm6mSSt}E!gIYmntntEc0LyrDBy;$E#i6gVRgK<7zqPaDx+L@<3iBa&
z4fMZnNJq*w17v%{zJqaxv3jxIj@0$}72G|H&?_5C>%2f9TF_OmRHzBLH<2TRC^9-~
zH|qGPyN$32L|*5h)*VPC6US6*9Q7rsTsG&tA(z-YLxnMSZEUfSi=)|^LvRe|CAh!a
z$rjdkVmjCz^3eRszS-?P`E1Ryi;3%iOb}@Z$Kv~eRr7eq;pRu`Sx0&F*eJwUR3*0d
zW%3U`<$ZGsF{M#8%u=STO&o1fo-Z!)>02r=`vtvAGgYEvbp5_@k$4!q!gNe)-6RsR
zYJoKhWg`e&aza&HGigTTBV_>f`M-#-vH9Y;A6v%lNFh-EvLWj?Dezo7D^*he?#$~F
zVeN{YTuA5)qdp9=Z&UP(M3r>kX4{A|S%7)e5BrXKC%t;c9e8)sE7+(oE@qo!NxzrW
z7!HcV6Xfd#oNM2*>{sn?CqCMi0&0om9%b#?pWxeE4f`L?o^;bwzv$CH!m^}18Gjyr
zT1&#T-#w63aozybXWm@d5&31RMcDSK9>cLwM#Z^#R&?EgVm5&580&X0SUTdP<61nA
z#Am^obO>tRVi7!~<0$JGy{aix<1t5M=+xz5XIKG1?#_YP-<+jK;9DKLHZtef4Il31
zHR-ST{w0?m_-GtX{W!MSYeJV5R!l8lGNK}fnAG#IK7v1%@RsWrJ!Ck%^$<Opc#@l?
z3t1S&cjg%<<h7|G!XVB}Djk2dE2CPp8@OA_x6ZK`3BryN!#*);m7LvJ=UA^Vz&1W~
zYpKzn!NR0YqL`GGdnE>>J~5L*#EY|FgpZ_2AVFy-3e7}m*QxsG%MHK(o)B5AGDAX4
z0g)>Ub-(=SP6z=k<^)d|=or2#ts+Z%Knj13W0q2m+AflyZH8Dtlh7azq`oQTfk%;^
zAP<&I=tX~Lgw~-HX2fz6*Mb%7Mx)AuAACWhT>m;4%`D!D1^(SfG!uWs7>YK$uVPL#
z4XP7{ARrId;=&R;qou=e!kLRJet!u+zgfUtp>Fx^N*Xm_sZm`63B0*B96!89noi1l
zdYW=tJSDept5KHdBem)71*vbzb=AE)#`DVBpS~RM;dVo>i@iiYAF!RjlhW{TcU+kl
zYKEA(S_VjMSEjK9gs-x9)uwk+lNiK(Yy#3hfwwHBpSZ=cHkVqcbJIKD9~>qVyG(EP
z)*j}jKjgaj1iaG=Xjv;RFJB%?XLNDhKDOe=#)!JiO7mNI=Oe}E&3(2Eb}5g9UPOQg
zGr_9HRqAVVjvu7P)hw&c5(255-Dr5YTyUKi|Ct)kWqJ04Yb1FpItI<%9TIcyezoz#
z)f-%AuO9<@5u3HTFh!=ElB)iTc&F#X98sS00Cjpgo278@eG?!5+nV;Zpw{7`Twb`&
zrHloix^wT~d+)m@LGD>6)@=Vr+p@6$G^1%@aJUR$mrl^^HG7DB)fclh{@BfROG>d4
z8T#EHb(uBPVZ_-)<FRVIh%B_aC)6uHjU`yz)|+rv_$R-ox$u5xq*w2?e^VsoiL3o#
z*5Fes>5+1tgVelY71~Ot8Or)A>6zrqHj)KLmAf_07U`APTHDIWSYNLuhbq#ojr$}j
z3wD#+DWULqR^3l~13bQ7hdQ+un|%H-vOhVK#82BQw~}2SDy*pr&m2At6!!B=&y}1y
zh(vHQs+Y|t*cz)HmKo+3KLwL%8prC-X6zrl+Oqg`#gG(|hJg7SX}21~O|VpUH2Zrh
z`2ynQz1N}Z0x@`>_&O@49>PB<q*-{aJeB0BAFD$|(?wt{u<3sBF@&SeWtn6>HCJpQ
z?)0f<iJ?47R6RC*kJ*FT-l^MFEn{J{D(M}^WW_xH%;;rmH^JmkfQ7lx1*slL*Kw`W
zGO5jL!E0Aa?9`*^0lt>&{RqsY&)4EZ65NHdm~Z&omH64ITN~`tq#b@5DPGzRq$5uQ
zt=bGv{S;Dt_<CP2`mdZOkbf2k#Rg?9Vob0**}UpS4K2HUy{WWTQTydPhVPf}PshCW
zntrUh`=6FH3s3rsnaVWjD$*LMi2R?L%oZF2HmV5&;QAeXH5S_RPv@2!ASdIW<m4MR
zS<dxOyXGI=`ntjm0mf+fL7dG4zwEj*7yK2c-krvNLu&PC#i&q7o;9dYsB5`xkzZJ3
zdh6qGym-yqJ+al`s_Z4SFklX-@b+5WS^|*!+)NJ4x3l+*zz+jA2tRvc!2*I$Bu5Di
z8GP3IQS1bOxLH9zAgf}5UW%X6b9ypS1f;%ZHXV~(2<Toi3tpni3;V5EH|}k2%Ixv-
zI-TD4HGJ$ajV+kBArA}6b$VnVxuBhEb*Jh6e%HGh-$2cL1+xXi_xJ);F-B>;Nak}!
zGf+m8)Im_d>GR>$&|J)6NXr#-Wpqs99M}mS?t%8ZzhMvynF;ZF^EWgdfbHn&=Y`60
z+#|Hsm)|dj{B_w|bI)>!Bql$^^$@)xAkZev)!h5FSE!;{+52@e-~4u2dCxYxn||TG
zx0>ikRj7WaX+3vCsPdOKk-U*z+-VeAeUQxySgzD>gR?e^_OGMBvCf~IfACm0Tcxqv
z3}AY6^#avN>VgrsjrJf9M9H>uyoZZ><}mh$w=YN#^UBtg^2>R%crhu^hW3e-;1*YE
zj#}@ey~e9VmQ%V#bX6v*L=a$+5xTMB5)?PSH&{c=AWe~mnDD)Y1DtFfl>Xt8dhL9;
zurr7n)N{Q%h<M<-k61Ik3{g?5Vq}u{h;|a5W}&%KFLYN0*O9BF(0e_p*?#m`#a;9w
zj>j6^#m`1t%{-yxqVS9VFByo>sfB-JAOhLAIQ~vS<o<UGqMDbJIRNbF0Ff|vHFdFe
zf;d9+yrDxyV|#OenCSDvByVkE?qUqFc63lRc5p?0&I7k}rQm>epcBQ!96fbe*nsR5
zEbP!95RikHf)@nT2gpE-?W|2j9W3q4DS*fTQCCxQ2M7f(kP{j3yw~%9g$)Ek28bIw
zNt;_+T0xm0=tNbBxxEGj5486z9-4Y?&PMT^GpT|M&4Bz@5+%>SZ}6{7bspgVCr@2J
zLBSyehzY(*>llDw1w{u*h)KUe!j60_tU;gv=1F%^h~q7`W)RNH>eG0CZzIguIypPl
zOYuK3Je*ald|%F87UtEw@aiY7L(54Xw*3n8Ld0Wgc80*pl*WGZkGClf@~R^Nu9jye
zn&0?qH*m=Wp1Qsp`MBaV#WuU_?+Gaw0t2-rR?WXyWxM)i?Cmy?{rFn!H`ln~uYFa%
z2{>+5q<CFMTf$+Aa;C;@Wa|nCKns@7lZ^K=nh&rv9;BTqzbP$?l*LDbEo1A6;2Dk=
zxA;){h0{fXWZYk#<Yh0CCH5xV8P-j&uc#0fQ@=1a{ZC%kP+yAzNBz%zWvfD;<6(~8
z^&XJp_a0P?DO9y}3ne^on$H@lvfSB1J|2*d3EkP=;@#1E0{R}YZly10Jf->`Q`ip3
z*IQ`rO4!-%q-IsWwee9@w{-|bJmeC1ozXAfyLyivZXH`YU;2Z=93Hky^`n8~X{({<
zuly}NiRepnR=5+++l2oY!{q(90{=EafU27b<k=q8T-?n6po$s0nm=2?|7nTVF0K%9
zD`S^u3zIkgtIy7b4A8VTgIKxhvU71#aB*=_u(3gnh?DE@_Dp*o|BKGX&HXp;xzEnd
z{yawJ1Ooq{KhNie%HW3b{&++C&$Pek(DC!SXa2L?=k?He$j|TR_Qzb%pR)A-wCsO7
z9L2LgsvrZ@9Mv7HpQ|e<p3VC|>>axF@6rq~h~gQ&|Kx-I!G{6{^}|1=0N%PdnyQ*Z
zbOF$64}hAvCq)0BZuE~;f8hPr*wP&E*4X9QIXRvM094Ff9o<|^&0Q%#&y!UE3g%|k
z#?L<gya6XKCj}1&n?69w#nH_PS~j8z)g3fOI6aFn^#X{iLVexc+SFV{N(>-F0fFjO
zNC+SfJs@-kSBmF)6KILV-(C&+M*)hsqucW}pgs*%F$L()LX>9}|JDDGYy2zG8hV01
z*8u@))(|^$0k9+(3<Pqp0fAiN&<0JT=HdVX*+D{o1R;p-pLf#I)`6Y`dJzg}-1_VK
zf1Kr?hkM53Ig~>8_!}!|F#K<TkpGPkbiv;cQ9!jWXKm)HOYz5+&%?iN_|N<Q_a5TL
z&>-q)2|be~R0Dr#1R0>@WbPnp`W%k`JU#{B`TP!Uc6NXM0HLy#+#q(=4$oTq1LOYy
z>mLc|;?NQvXvF^)OzeL_^b8d{6e6hcn7Nsn|IL4<^FkXGPVQ$&q29p(g_n!#ulCG)
zmI0+h*+BN^x8z@N|FISH%o5NVA_fUQHXw)#$PMHMv9t5C^DqI~=z&1`H~+xG)5Y8Z
z8At)*LWWBE>!IM{<Yechu%P&p22HC6LNR%MC>;KxLHi)6cl;*}#LoTSG!Q%VOZ7kI
zL2cu|Xdn<b^n>=F@}M+ss22ZY4-kkK8fyNF#>N5q?>#_l+#smC|L0n^|78z0UXK4U
z4~i|+(*JWU`}3#wziI6Myc@*D82S-)c{W^CYj1NXqyQC1N2nkDWlu5=7LL#o1E{S+
zV~~slg)W5vCoeY}7dJaloR^K06U-(l&ch?l0}>Sli}8ZRxh2_zkpKTvo=sfB(Nx^Z
z+|<_9&7K0lB?%T6l>l>cu}Mhqf+fV+cqBl)U|wD}ad93Xx2VLkk-9>RT_As`9>mVU
N4ML`+l~e*F|3AzLS^@w7

literal 0
HcmV?d00001

diff --git a/src/convert.c b/src/convert.c
index 2539d7bd..5eb1a513 100644
--- a/src/convert.c
+++ b/src/convert.c
@@ -611,6 +611,15 @@ _getdns_wire2msg_dict_scan(struct mem_funcs *mf,
 	if (!wire || !*wire || !wire_len || !msg_dict)
 		return GETDNS_RETURN_INVALID_PARAMETER;
 
+#if 0 && defined(SERVER_DEBUG) && SERVER_DEBUG
+	do {
+		char *str = gldns_wire2str_pkt((uint8_t *)*wire, *wire_len);
+		DEBUG_SERVER("_getdns_wire2msg_dict_scan for a packet size: %d: %s\n",
+		    (int)*wire_len, str);
+		free(str);
+	} while(0);
+#endif
+
        	if (!(result = _getdns_dict_create_with_mf(mf)) ||
 	    !(header = _getdns_dict_create_with_mf(mf)) ||
 	    !(sections[SECTION_ANSWER]
@@ -768,11 +777,12 @@ _getdns_reply_dict2wire(
     const getdns_dict *reply, gldns_buffer *buf, int reuse_header)
 {
 	uint8_t header_spc[GLDNS_HEADER_SIZE], *header;
-	uint32_t n, qtype, qclass = GETDNS_RRCLASS_IN;
+	uint32_t n, qtype, qclass = GETDNS_RRCLASS_IN, rr_type;
 	size_t pkt_start, i;
 	getdns_list *section;
 	getdns_dict *rr_dict;
 	getdns_bindata *qname;
+	int remove_dnssec;
 
 	pkt_start = gldns_buffer_position(buf);
 	if (reuse_header) {
@@ -814,11 +824,18 @@ _getdns_reply_dict2wire(
 			    buf, pkt_start+GLDNS_ARCOUNT_OFF, 0);
 		}
 	}
+	remove_dnssec = !getdns_dict_get_int(reply, "/header/do", &n) && n == 0;
+	DEBUG_SERVER("remove_dnssec: %d\n", remove_dnssec);
+
 	if (!getdns_dict_get_list(reply, "answer", &section)) {
 		for ( n = 0, i = 0
 		    ; !getdns_list_get_dict(section, i, &rr_dict); i++) {
 
-			 if (!_getdns_rr_dict2wire(rr_dict, buf))
+			if (remove_dnssec &&
+			    !getdns_dict_get_int(rr_dict, "type", &rr_type) &&
+			    rr_type == GETDNS_RRTYPE_RRSIG)
+				continue;
+			if (!_getdns_rr_dict2wire(rr_dict, buf))
 				 n++;
 		}
 		gldns_buffer_write_u16_at(buf, pkt_start+GLDNS_ANCOUNT_OFF, n);
@@ -827,7 +844,15 @@ _getdns_reply_dict2wire(
 		for ( n = 0, i = 0
 		    ; !getdns_list_get_dict(section, i, &rr_dict); i++) {
 
-			 if (!_getdns_rr_dict2wire(rr_dict, buf))
+			if (remove_dnssec &&
+			    !getdns_dict_get_int(rr_dict, "type", &rr_type) &&
+			    (  rr_type == GETDNS_RRTYPE_RRSIG
+			    || rr_type == GETDNS_RRTYPE_NSEC
+			    || rr_type == GETDNS_RRTYPE_NSEC3
+			    || rr_type == GETDNS_RRTYPE_DS
+			    ))
+				continue;
+			if (!_getdns_rr_dict2wire(rr_dict, buf))
 				 n++;
 		}
 		gldns_buffer_write_u16_at(buf, pkt_start+GLDNS_NSCOUNT_OFF, n);
@@ -836,6 +861,10 @@ _getdns_reply_dict2wire(
 		for ( n = 0, i = 0
 		    ; !getdns_list_get_dict(section, i, &rr_dict); i++) {
 
+			if (remove_dnssec &&
+			    !getdns_dict_get_int(rr_dict, "type", &rr_type) &&
+			    rr_type == GETDNS_RRTYPE_RRSIG)
+				continue;
 			 if (!_getdns_rr_dict2wire(rr_dict, buf))
 				 n++;
 		}
diff --git a/src/test/getdns_context_set_listen_addresses.c b/src/test/getdns_context_set_listen_addresses.c
index eeeac3ad..fcfe9057 100644
--- a/src/test/getdns_context_set_listen_addresses.c
+++ b/src/test/getdns_context_set_listen_addresses.c
@@ -503,6 +503,72 @@ static void udp_read_cb(void *userarg)
 		close(l->fd);
 		l->fd = -1;
 
+#if 0 && defined(SERVER_DEBUG) && SERVER_DEBUG
+	} else {
+		char addrbuf[100];
+		char hexbuf[4096], *hexptr;
+		size_t l, i, j;
+
+		if (conn->remote_in.ss_family == AF_INET) {
+			if (inet_ntop(AF_INET,
+			    &((struct sockaddr_in*)&conn->remote_in)->sin_addr,
+			    addrbuf, sizeof(addrbuf))) {
+
+				l = strlen(addrbuf);
+				(void) snprintf(addrbuf + l,
+				    sizeof(addrbuf) - l, ":%d", 
+				    (int)((struct sockaddr_in*)
+				    &conn->remote_in)->sin_port);
+			} else
+				(void) strncpy(
+				    addrbuf, "error ipv4", sizeof(addrbuf));
+
+		} else if (conn->remote_in.ss_family == AF_INET6) {
+			addrbuf[0] = '[';
+			if (inet_ntop(AF_INET6,
+			    &((struct sockaddr_in6*)
+			    &conn->remote_in)->sin6_addr,
+			    addrbuf, sizeof(addrbuf))) {
+
+				l = strlen(addrbuf);
+				(void) snprintf(addrbuf + l,
+				    sizeof(addrbuf) - l, ":%d", 
+				    (int)((struct sockaddr_in6*)
+				    &conn->remote_in)->sin6_port);
+			} else
+				(void) strncpy(
+				    addrbuf, "error ipv6", sizeof(addrbuf));
+
+		} else {
+			(void) strncpy(
+			    addrbuf, "unknown address", sizeof(addrbuf));
+		}
+		*(hexptr = hexbuf) = 0;
+		for (i = 0; i < len; i++) {
+			if (i % 12 == 0) {
+				hexptr += snprintf(hexptr,
+				    sizeof(hexbuf) - (hexptr - hexbuf) - 1,
+				    "\n%.4x", (int)i);
+			} else if (i % 4 == 0) {
+				hexptr += snprintf(hexptr,
+				    sizeof(hexbuf) - (hexptr - hexbuf) - 1,
+				    " ");
+			}
+			if (hexptr - hexbuf > sizeof(hexbuf))
+				break;
+			hexptr += snprintf(hexptr,
+			    sizeof(hexbuf) - (hexptr - hexbuf) - 1,
+			    " %.2x", (int)buf[i]);
+			if (hexptr - hexbuf > sizeof(hexbuf))
+				break;
+		}
+		DEBUG_SERVER("Received %d bytes from %s: %s\n",
+		    (int)len, addrbuf, hexbuf);
+	}
+	if (len == -1) {
+		; /* pass */
+#endif
+
 	} else if ((r = getdns_wire2msg_dict(buf, len, &request_dict)))
 		; /* FROMERR on input, ignore */
 
diff --git a/src/test/getdns_query.c b/src/test/getdns_query.c
index 09184e6d..54464bcd 100644
--- a/src/test/getdns_query.c
+++ b/src/test/getdns_query.c
@@ -1200,8 +1200,10 @@ typedef struct dns_msg {
 	getdns_transaction_t  request_id;
 	getdns_dict          *request;
 	uint32_t              rt;
+	uint32_t              ad_bit;
 	uint32_t              do_bit;
 	uint32_t              cd_bit;
+	int                   has_edns0;
 } dns_msg;
 
 #if defined(SERVER_DEBUG) && SERVER_DEBUG
@@ -1236,15 +1238,53 @@ void servfail(dns_msg *msg, getdns_dict **resp_p)
 	(void) getdns_dict_set_int(*resp_p, "/header/ad", 0);
 }
 
-void request_cb(getdns_context *context, getdns_callback_type_t callback_type,
+static getdns_return_t _handle_edns0(
+    getdns_dict *response, int has_edns0, uint32_t do_bit)
+{
+	getdns_return_t r;
+	getdns_list *additional;
+	size_t len, i;
+	getdns_dict *rr;
+	uint32_t rr_type;
+	char remove_str[100] = "/replies_tree/0/additional/";
+
+	if ((r = getdns_dict_set_int(
+	    response, "/replies_tree/0/header/do", do_bit)))
+		return r;
+	if (has_edns0)
+		return GETDNS_RETURN_GOOD;
+	if ((r = getdns_dict_get_list(response, "/replies_tree/0/additional",
+	    &additional)))
+		return r;
+	if ((r = getdns_list_get_length(additional, &len)))
+		return r;
+	for (i = 0; i < len; i++) {
+		if ((r = getdns_list_get_dict(additional, i, &rr)))
+			return r;
+		if ((r = getdns_dict_get_int(rr, "type", &rr_type)))
+			return r;
+		if (rr_type != GETDNS_RRTYPE_OPT)
+			continue;
+		(void) snprintf(remove_str + 27, 60, "%d", (int)i);
+		if ((r = getdns_dict_remove_name(response, remove_str)))
+			return r;
+		break;
+	}
+	return GETDNS_RETURN_GOOD;
+}
+
+static void request_cb(
+    getdns_context *context, getdns_callback_type_t callback_type,
     getdns_dict *response, void *userarg, getdns_transaction_t transaction_id)
 {
 	dns_msg *msg = (dns_msg *)userarg;
 	uint32_t qid;
 	getdns_return_t r = GETDNS_RETURN_GOOD;
-	uint32_t n;
+	uint32_t n, rcode, dnssec_status;
 
-	DEBUG_SERVER("reply for: %p %"PRIu64" %d\n", msg, transaction_id, (int)callback_type);
+	DEBUG_SERVER("reply for: %p %"PRIu64" %d (edns0: %d, do: %d, ad: %d,"
+	    " cd: %d)\n", msg, transaction_id, (int)callback_type,
+	    msg->has_edns0, msg->do_bit, msg->ad_bit, msg->cd_bit);
 	assert(msg);
 
 #if 0
@@ -1263,21 +1303,36 @@ void request_cb(getdns_context *context, getdns_callback_type_t callback_type,
 		SERVFAIL("Could not copy QID", r, msg, &response);
 
 	else if (getdns_dict_get_int(
-	    response, "/replies_tree/0/header/rcode", &n))
+	    response, "/replies_tree/0/header/rcode", &rcode))
 		SERVFAIL("No reply in replies tree", 0, msg, &response);
 
-	else if (msg->cd_bit != 1 && !getdns_dict_get_int(
-	    response, "/replies_tree/0/dnssec_status", &n)
-	    && n == GETDNS_DNSSEC_BOGUS)
+	/* ansers when CD or not BOGUS */
+	else if (!msg->cd_bit && !getdns_dict_get_int(
+	    response, "/replies_tree/0/dnssec_status", &dnssec_status)
+	    && dnssec_status == GETDNS_DNSSEC_BOGUS)
 		SERVFAIL("DNSSEC status was bogus", 0, msg, &response);
 
-	else if ((r = getdns_dict_get_int(
-	    response, "/replies_tree/0/header/rcode", &n)))
-		SERVFAIL("Could not get rcode from reply", r, msg, &response);
-
-	else if (n == GETDNS_RCODE_SERVFAIL)
+	else if (rcode == GETDNS_RCODE_SERVFAIL)
 		servfail(msg, &response);
 
+	/* RRsigs when DO and (CD or not BOGUS) 
+	 * Implemented in conversion to wireformat function by checking for DO
+	 * bit.  In recursing resolution mode we have to copy the do bit from
+	 * the request, because libunbound has it in the answer always.
+	 */
+	else if (msg->rt == GETDNS_RESOLUTION_RECURSING &&
+	    (r = _handle_edns0(response, msg->has_edns0, msg->do_bit)))
+		SERVFAIL("Could not handle EDNS0", r, msg, &response);
+
+	/* AD when (DO or AD) and SECURE */
+	else if ((r = getdns_dict_set_int(response,"/replies_tree/0/header/ad",
+	    ((msg->do_bit || msg->ad_bit)
+	    && (  (!msg->cd_bit && dnssec_status == GETDNS_DNSSEC_SECURE)
+	       || ( msg->cd_bit && !getdns_dict_get_int(response,
+	            "/replies_tree/0/dnssec_status", &dnssec_status)
+	          && dnssec_status == GETDNS_DNSSEC_SECURE ))) ? 1 : 0)))
+		SERVFAIL("Could not set AD bit", r, msg, &response);
+
 	else if (msg->rt == GETDNS_RESOLUTION_STUB)
 		; /* following checks are for RESOLUTION_RECURSING only */
 	
@@ -1324,6 +1379,10 @@ static void incoming_request_handler(getdns_context *context,
 	getdns_dict *qext = NULL;
 	dns_msg *msg = NULL;
 	getdns_dict *response = NULL;
+	size_t i, len;
+	getdns_list *additional;
+	getdns_dict *rr;
+	uint32_t rr_type;
 
 	if (!query_extensions_spc &&
 	    !(query_extensions_spc = getdns_dict_create()))
@@ -1345,10 +1404,26 @@ static void incoming_request_handler(getdns_context *context,
 	n = 0;
 	msg->request_id = request_id;
 	msg->request = request;
-	msg->do_bit = msg->cd_bit = 0;
-	msg->rt = GETDNS_RESOLUTION_STUB;
-	(void) getdns_dict_get_int(request, "/additional/0/do", &msg->do_bit);
+	msg->ad_bit = msg->do_bit = msg->cd_bit = 0;
+	msg->has_edns0 = 0;
+	msg->rt = GETDNS_RESOLUTION_RECURSING;
+	(void) getdns_dict_get_int(request, "/header/ad", &msg->ad_bit);
 	(void) getdns_dict_get_int(request, "/header/cd", &msg->cd_bit);
+	if (!getdns_dict_get_list(request, "additional", &additional)) {
+		if (getdns_list_get_length(additional, &len))
+			len = 0;
+		for (i = 0; i < len; i++) {
+			if (getdns_list_get_dict(additional, i, &rr))
+				break;
+			if (getdns_dict_get_int(rr, "type", &rr_type))
+				break;
+			if (rr_type != GETDNS_RRTYPE_OPT)
+				continue;
+			msg->has_edns0 = 1;
+			(void) getdns_dict_get_int(rr, "do", &msg->do_bit);
+			break;
+		}
+	}
 	if ((r = getdns_context_get_resolution_type(context, &msg->rt)))
 		fprintf(stderr, "Could get resolution type from context: %s\n",
 		    getdns_get_errorstr_by_id(r));
@@ -1359,15 +1434,10 @@ static void incoming_request_handler(getdns_context *context,
 		if (!getdns_dict_get_dict(request, "header", &header))
 			(void)getdns_dict_set_dict(qext, "header", header);
 
-	} else if (getdns_dict_get_int(extensions,"dnssec_return_status",&n) ||
-	    n == GETDNS_EXTENSION_FALSE)
-		(void)getdns_dict_set_int(qext, "dnssec_return_status",
-		    msg->do_bit ? GETDNS_EXTENSION_TRUE : GETDNS_EXTENSION_FALSE);
-
-	if (!getdns_dict_get_int(qext, "dnssec_return_status", &n) &&
-	    n == GETDNS_EXTENSION_TRUE)
-		(void) getdns_dict_set_int(qext, "dnssec_return_all_statuses",
-		    msg->cd_bit ? GETDNS_EXTENSION_TRUE : GETDNS_EXTENSION_FALSE);
+	}
+	if (msg->cd_bit)
+		getdns_dict_set_int(qext, "dnssec_return_all_statuses",
+		    GETDNS_EXTENSION_TRUE);
 
 	if (!getdns_dict_get_int(request, "/additional/0/extended_rcode",&n))
 		(void)getdns_dict_set_int(
@@ -1431,6 +1501,16 @@ error:
 	if (qname_str)
 		free(qname_str);
 	servfail(msg, &response);
+#if defined(SERVER_DEBUG) && SERVER_DEBUG
+	do {
+		char *request_str = getdns_pretty_print_dict(request);
+		char *response_str = getdns_pretty_print_dict(response);
+		DEBUG_SERVER("request error, request: %s\n, response: %s\n"
+		            , request_str, response_str);
+		free(response_str);
+		free(request_str);
+	} while(0);
+#endif
 	if (!response)
 		/* No response, no reply */
 		_getdns_cancel_reply(context, request_id);