mirror of
https://github.com/NLnetLabs/unbound.git
synced 2024-09-21 22:57:08 +00:00
No verbose for packet error. TC detect.
git-svn-id: file:///svn/unbound/trunk@293 be551aaa-1e26-0410-a405-d3ace91eadb9
This commit is contained in:
parent
efd5b66026
commit
ebd337689a
@ -234,6 +234,11 @@ worker_handle_reply(struct comm_point* c, void* arg, int error,
|
||||
return 0; /* not a reply to a query. */
|
||||
if(LDNS_QDCOUNT(ldns_buffer_begin(c->buffer)) > 1)
|
||||
return 0; /* too much in the query section */
|
||||
/* see if it is truncated */
|
||||
if(LDNS_TC_WIRE(ldns_buffer_begin(c->buffer)) && c->type == comm_udp) {
|
||||
log_info("TC: truncated. retry in TCP mode.");
|
||||
return 0;
|
||||
}
|
||||
/* woohoo a reply! */
|
||||
if((r=reply_info_parse(c->buffer, &w->worker->alloc, &qinf, &rep,
|
||||
w->worker->scratchpad, &svr_edns))!=0) {
|
||||
|
@ -694,11 +694,17 @@ add_rr_to_rrset(struct rrset_parse* rrset, ldns_buffer* pkt,
|
||||
/* check section of rrset. */
|
||||
if(rrset->section != section && type != LDNS_RR_TYPE_RRSIG &&
|
||||
rrset->type != LDNS_RR_TYPE_RRSIG) {
|
||||
/* silently drop it - it is a security problem, since
|
||||
/* silently drop it - we drop the last part, since
|
||||
* trust in rr data depends on the section it is in.
|
||||
* the less trustworthy part is discarded. */
|
||||
* the less trustworthy part is discarded.
|
||||
* also the last part is more likely to be incomplete.
|
||||
* RFC 2181: must put RRset only once in response. */
|
||||
/*
|
||||
verbose(VERB_DETAIL, "Packet contains rrset data in "
|
||||
"multiple sections, dropped last part.");
|
||||
log_hex("packet was: ", ldns_buffer_begin(pkt),
|
||||
ldns_buffer_limit(pkt));
|
||||
*/
|
||||
/* forwards */
|
||||
if(!skip_ttl_rdata(pkt))
|
||||
return LDNS_RCODE_FORMERR;
|
||||
|
Loading…
Reference in New Issue
Block a user