From d5518bad6772d7ab9a8ffcbb682b848674831cb5 Mon Sep 17 00:00:00 2001 From: Willem Toorop Date: Wed, 13 Dec 2017 11:12:49 +0100 Subject: [PATCH] Return which extensions are set (for programs (Stubby) to know whether a context will do native dnssec validation or not) --- src/context.c | 58 +++++++++++++++++++++++++++++++++++++++++++++++++++ src/dict.c | 20 +++++++++++++++++- 2 files changed, 77 insertions(+), 1 deletion(-) diff --git a/src/context.c b/src/context.c index fc33fec2..448daa0c 100644 --- a/src/context.c +++ b/src/context.c @@ -3876,6 +3876,64 @@ _get_context_settings(getdns_context* context) (void) getdns_dict_util_set_string(result, "resolvconf", str_value); if (!getdns_context_get_hosts(context, &str_value) && str_value) (void) getdns_dict_util_set_string(result, "hosts", str_value); + + /* Default settings for extensions */ + (void)getdns_dict_set_int( + result, "add_warning_for_bad_dns", + context->add_warning_for_bad_dns ? GETDNS_EXTENSION_TRUE + : GETDNS_EXTENSION_FALSE); + (void)getdns_dict_set_int( + result, "dnssec_return_all_statuses", + context->dnssec_return_all_statuses ? GETDNS_EXTENSION_TRUE + : GETDNS_EXTENSION_FALSE); + (void)getdns_dict_set_int( + result, "dnssec_return_full_validation_chain", + context->dnssec_return_full_validation_chain ? GETDNS_EXTENSION_TRUE + : GETDNS_EXTENSION_FALSE); + (void)getdns_dict_set_int( + result, "dnssec_return_only_secure", + context->dnssec_return_only_secure ? GETDNS_EXTENSION_TRUE + : GETDNS_EXTENSION_FALSE); + (void)getdns_dict_set_int( + result, "dnssec_return_status", + context->dnssec_return_status ? GETDNS_EXTENSION_TRUE + : GETDNS_EXTENSION_FALSE); + (void)getdns_dict_set_int( + result, "dnssec_return_validation_chain", + context->dnssec_return_validation_chain ? GETDNS_EXTENSION_TRUE + : GETDNS_EXTENSION_FALSE); + +#if defined(DNSSEC_ROADBLOCK_AVOIDANCE) && defined(HAVE_LIBUNBOUND) + (void)getdns_dict_set_int( + result, "dnssec_roadblock_avoidance", + context->dnssec_roadblock_avoidance ? GETDNS_EXTENSION_TRUE + : GETDNS_EXTENSION_FALSE); +#endif +#ifdef EDNS_COOKIES + (void)getdns_dict_set_int( + result, "edns_cookies", + context->edns_cookies ? GETDNS_EXTENSION_TRUE + : GETDNS_EXTENSION_FALSE); +#endif + (void)getdns_dict_set_int( + result, "return_both_v4_and_v6", + context->return_both_v4_and_v6 ? GETDNS_EXTENSION_TRUE + : GETDNS_EXTENSION_FALSE); + (void)getdns_dict_set_int( + result, "return_call_reporting", + context->return_call_reporting ? GETDNS_EXTENSION_TRUE + : GETDNS_EXTENSION_FALSE); + (void)getdns_dict_set_int(result, "specify_class", + (uint32_t)context->specify_class); + + if (context->add_opt_parameters) + (void)getdns_dict_set_dict( + result, "add_opt_parameters", context->add_opt_parameters); + + if (context->header) + (void)getdns_dict_set_dict( + result, "header", context->add_opt_parameters); + return result; error: getdns_dict_destroy(result); diff --git a/src/dict.c b/src/dict.c index 99e347ad..27ed57be 100644 --- a/src/dict.c +++ b/src/dict.c @@ -1082,7 +1082,25 @@ getdns_pp_dict(gldns_buffer * buf, size_t indent, strcmp(item->node.key, "follow_redirects") == 0 || strcmp(item->node.key, "transport") == 0 || strcmp(item->node.key, "resolution_type") == 0 || - strcmp(item->node.key, "tls_authentication") == 0 ) && + strcmp(item->node.key, "tls_authentication") == 0 || + + /* extensions */ + strcmp(item->node.key, "add_warning_for_bad_dns") == 0 || + strcmp(item->node.key, "dnssec_return_all_statuses") == 0 || + strcmp(item->node.key, "dnssec_return_full_validation_chain") == 0 || + strcmp(item->node.key, "dnssec_return_only_secure") == 0 || + strcmp(item->node.key, "dnssec_return_status") == 0 || + strcmp(item->node.key, "dnssec_return_validation_chain") == 0 || +#if defined(DNSSEC_ROADBLOCK_AVOIDANCE) && defined(HAVE_LIBUNBOUND) + strcmp(item->node.key, "dnssec_roadblock_avoidance") == 0 || +#endif +#ifdef EDNS_COOKIES + strcmp(item->node.key, "edns_cookies") == 0 || +#endif + strcmp(item->node.key, "return_api_information") == 0 || + strcmp(item->node.key, "return_both_v4_and_v6") == 0 || + strcmp(item->node.key, "return_call_reporting") == 0 + ) && (strval = _getdns_get_const_info(item->i.data.n)->name)) { if (gldns_buffer_printf(buf, " %s", strval) < 0)