PATCH: dig warn user when querying ANY towards recursive server (fwd)
(I don't think this made it to the list before, mixup of email addresses)
Please consider including this patch,
Paul
-- Forwarded message --
Date: Mon, 2 Jul 2012 17:45:08
From: Paul Wouters
Cc: Paul Vixie
To: bind-users@lists.isc.org
Subject: PATCH: dig warn user when querying ANY towards recursive server
Hi,
As recently came up, when querying a recursive caching server for ANY
will only result on cached entries being returned, and not the whole
possible set. For that you need to query the authoritative server.
I wasn't aware of this, and since I'm sure I'll forget about this again
too, I wrote a patch for dig to remind me. Please apply :)
Pauldiff -aur bind-9.9.1-P1-orig/bin/dig/dig.c bind-9.9.1-P1/bin/dig/dig.c
--- bind-9.9.1-P1-orig/bin/dig/dig.c2012-06-01 11:29:52.0 -0400
+++ bind-9.9.1-P1/bin/dig/dig.c 2012-07-02 17:37:26.360724292 -0400
@@ -537,6 +537,11 @@
msg->counts[DNS_SECTION_AUTHORITY],
msg->counts[DNS_SECTION_ADDITIONAL]);
+ if ( (query->lookup->rdtype == dns_rdatatype_any) &&
+ (msg->flags & DNS_MESSAGEFLAG_RA) != 0)
+ printf("\n\n;; WARNING: Requested ANY data from
a caching recursive server!\n"
+ "The returned answer
from cache might be incomplete.\n\n");
+
if (msg != query->lookup->sendmsg &&
(msg->flags & DNS_MESSAGEFLAG_RD) != 0 &&
(msg->flags & DNS_MESSAGEFLAG_RA) == 0)
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: PATCH: dig warn user when querying ANY towards recursive server (fwd)
On 7/22/2012 10:19 AM, Paul Wouters wrote:
(I don't think this made it to the list before, mixup of email addresses)
Please consider including this patch,
Paul
-- Forwarded message --
Date: Mon, 2 Jul 2012 17:45:08
From: Paul Wouters
Cc: Paul Vixie
To: bind-users@lists.isc.org
Subject: PATCH: dig warn user when querying ANY towards recursive server
Hi,
As recently came up, when querying a recursive caching server for ANY
will only result on cached entries being returned, and not the whole
possible set. For that you need to query the authoritative server.
I wasn't aware of this, and since I'm sure I'll forget about this again
too, I wrote a patch for dig to remind me. Please apply :)
Don't forget that recursive servers can also host the zone being
queried. Testing for the "aa" flag makes the message more accurate.
if ((query->lookup->rdtype == dns_rdatatype_any) &&
((msg->flags & DNS_MESSAGEFLAG_RA) != 0) &&
(msg->flags & DNS_MESSAGEFLAG_AA) == 0)
printf("\n\n;; WARNING: Requested ANY data "
"from a non-authoritative recursive "
"server.\n;; The cached answer "
"might be incomplete.\n\n");
--
Andris
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
