1 From cf5984367bc6a949e3803a576512c5a7bc48ebab Mon Sep 17 00:00:00 2001
2 From: Vladislav Grishenko <themiron@mail.ru>
3 Date: Thu, 18 Oct 2018 04:55:21 +0500
4 Subject: [PATCH 04/11] Don't forward *.bind/*.server queries upstream
6 Chaos .bind and .server (RFC4892) zones are local, therefore
7 don't forward queries upstream to avoid mixing with supported
8 locally and false replies with NO_ID enabled.
10 Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
12 src/rfc1035.c | 15 ++++++++++++++-
13 1 file changed, 14 insertions(+), 1 deletion(-)
17 @@ -1276,7 +1276,7 @@ size_t answer_request(struct dns_header
18 int q, ans, anscount = 0, addncount = 0;
21 - int nxdomain = 0, auth = 1, trunc = 0, sec_data = 1;
22 + int nxdomain = 0, notimp = 0, auth = 1, trunc = 0, sec_data = 1;
23 struct mx_srv_record *rec;
26 @@ -1355,6 +1355,17 @@ size_t answer_request(struct dns_header
30 + if (qclass == C_CHAOS)
32 + /* don't forward *.bind and *.server chaos queries */
33 + if (hostname_issubdomain("bind", name) || hostname_issubdomain("server", name))
36 + notimp = 1, auth = 0;
44 @@ -1903,6 +1914,8 @@ size_t answer_request(struct dns_header
47 SET_RCODE(header, NXDOMAIN);
49 + SET_RCODE(header, NOTIMP);
51 SET_RCODE(header, NOERROR); /* no error */
52 header->ancount = htons(anscount);