Networks which only have tunneled IPv6 access but still want to go
IPv6-only internally can use unbound's DNS64 module together with the
dns64-synthall or dns64-ignore-aaaa options to direct most traffic (any
dualstack domain) to their NAT64.
There is only one problem with this setup, currently domains with only AAAA
records will fail to resolve.
To allow for this use-case arrange for the A sub-query to make the AAAA
super query advance along the module stack when no records are returned.
Signed-off-by: Daniel Gröber <dxld@darkboxed.org>
- Move declarations to the top for C90 compliance.
- Save cycles by not calling (yet) unneeded functions.
- Possible use of uninitialised value.
- Consistent formatting.
Found by static analyzer svace
Static analyzer message: Return value of a function 'reply_info_copy'
is dereferenced at dns64.c:923 without checking, but it is usually
checked for this function (4/5).
on-behalf-of: @ideco-team <github@ideco.ru>
The original algorithm assumed that any prefix length would be valid
and did not skip over bits 64 to 71 and set them to zero.
This means that only dns64 prefixes with length 32 and 96 generated
embedded addresses according to RFC6052, cf. Figure 1 in 2.2.
other threads from picking up the wrong data. The module restores
the previous no_cache_store setting when the the module is finished.
git-svn-id: file:///svn/unbound/trunk@4979 be551aaa-1e26-0410-a405-d3ace91eadb9
config.sub(2016-09-05).
- annotate case statement fallthrough for gcc 7.1.1.
- flex output from flex 2.6.1.
- snprintf of thread number does not warn about truncated string.
git-svn-id: file:///svn/unbound/trunk@4278 be551aaa-1e26-0410-a405-d3ace91eadb9
bypassing the cache response stage and uniquifying mesh states. Four EDNS
option lists were added to module_qstate (module_qstate.edns_opts_*) to
store EDNS options from/to front/back side.
- Added two flags to module_qstate (no_cache_lookup, no_cache_store) that
control the modules' cache interactions.
- Added code for registering inplace callback functions. The registered
functions can be called just before replying with local data or Chaos,
replying from cache, replying with SERVFAIL, replying with a resolved
query, sending a query to a nameserver. The functions can inspect the
available data and maybe change response/query related data (i.e. append
EDNS options).
- Updated Python module for the above.
- Updated Python documentation.
git-svn-id: file:///svn/unbound/trunk@3947 be551aaa-1e26-0410-a405-d3ace91eadb9
strcpy changed to memmove.
arraybound check fixed from prefix_net/8/4 to prefix_net/8+4.
allocation of result consistently in the correct region.
time_t is now used for ttl in unbound (since the patch's version).
git-svn-id: file:///svn/unbound/trunk@3199 be551aaa-1e26-0410-a405-d3ace91eadb9
Initial commit of the patch from the FreeBSD base (with its fixes).
This adds a module (for module-config in unbound.conf) dns64 that
performs DNS64 processing, see README.DNS64.
git-svn-id: file:///svn/unbound/trunk@3198 be551aaa-1e26-0410-a405-d3ace91eadb9