Commit 9f966d70 authored by Marek Vavrusa's avatar Marek Vavrusa

packet: guarantee that QNAME is not compressed

parent 637f1536
......@@ -3,24 +3,21 @@
#include <urcu.h>
#include "knot/nameserver/process_query.h"
#include "libknot/consts.h"
#include "common/debug.h"
#include "libknot/common.h"
#include "libknot/tsig-op.h"
#include "common/descriptor.h"
#include "knot/updates/acl.h"
/*! \todo Move close to server when done. */
#include "knot/nameserver/chaos.h"
#include "knot/nameserver/internet.h"
#include "knot/nameserver/axfr.h"
#include "knot/nameserver/ixfr.h"
#include "knot/nameserver/update.h"
#include "knot/nameserver/nsec_proofs.h"
#include "knot/nameserver/synth_record.h"
#include "knot/server/notify.h"
#include "knot/server/server.h"
#include "knot/server/rrl.h"
#include "knot/updates/acl.h"
#include "knot/conf/conf.h"
#include "libknot/tsig-op.h"
#include "common/descriptor.h"
#include "common/debug.h"
/* Forward decls. */
static const zone_t *answer_zone_find(const knot_pkt_t *query, knot_zonedb_t *zonedb);
......@@ -172,6 +169,11 @@ int process_query_out(knot_pkt_t *pkt, knot_process_t *ctx)
* Postprocessing.
*/
/* Synthetic response (if applicable). */
if (synth_answer_possible(qdata)) {
next_state = synth_answer(pkt, qdata);
}
/* Transaction security (if applicable). */
if (next_state == NS_PROC_DONE || next_state == NS_PROC_FULL) {
if (process_query_sign_response(pkt, qdata) != KNOT_EOK) {
......
......@@ -83,7 +83,7 @@ static uint32_t acl_fill_mask32(short nbits)
return htonl(r);
}
static int addr_match(const netblock_t *a1, const struct sockaddr_storage *a2)
int netblock_match(const netblock_t *a1, const struct sockaddr_storage *a2)
{
int ret = 0;
uint32_t mask = 0xffffffff;
......@@ -174,7 +174,7 @@ acl_match_t* acl_find(acl_t *acl, const struct sockaddr_storage *addr, const kno
acl_match_t *cur = NULL;
WALK_LIST(cur, *acl) {
if (addr_match(&cur->netblock, addr) == 0) {
if (netblock_match(&cur->netblock, addr) == 0) {
/* NOKEY entry. */
if (cur->key == NULL) {
if (key_name == NULL) {
......
......@@ -53,6 +53,9 @@ typedef struct acl_match {
struct knot_tsig_key *key; /*!< \brief TSIG key. */
} acl_match_t;
/*! \brief Match address against netblock. */
int netblock_match(const netblock_t *a1, const struct sockaddr_storage *a2);
/*!
* \brief Create a new ACL.
*
......
......@@ -612,7 +612,7 @@ int knot_pkt_parse_question(knot_pkt_t *pkt)
/* Process question. */
int len = knot_dname_wire_check(pkt->wire + pkt->parsed,
pkt->wire + pkt->size,
pkt->wire);
NULL /* No compression in QNAME. */);
if (len <= 0) {
return KNOT_EMALF;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment