summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--lib/libc/asr/asr_private.h4
-rw-r--r--lib/libc/asr/asr_utils.c13
-rw-r--r--lib/libc/asr/res_mkquery.c9
-rw-r--r--lib/libc/asr/res_send_async.c9
-rw-r--r--lib/libc/net/resolver.37
5 files changed, 24 insertions, 18 deletions
diff --git a/lib/libc/asr/asr_private.h b/lib/libc/asr/asr_private.h
index 80baf031890..e922017df24 100644
--- a/lib/libc/asr/asr_private.h
+++ b/lib/libc/asr/asr_private.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: asr_private.h,v 1.45 2017/02/27 11:31:01 jca Exp $ */
+/* $OpenBSD: asr_private.h,v 1.46 2017/02/27 11:38:08 jca Exp $ */
/*
* Copyright (c) 2012 Eric Faurot <eric@openbsd.org>
*
@@ -297,7 +297,7 @@ __BEGIN_HIDDEN_DECLS
void _asr_pack_init(struct asr_pack *, char *, size_t);
int _asr_pack_header(struct asr_pack *, const struct asr_dns_header *);
int _asr_pack_query(struct asr_pack *, uint16_t, uint16_t, const char *);
-int _asr_pack_edns0(struct asr_pack *, uint16_t);
+int _asr_pack_edns0(struct asr_pack *, uint16_t, int);
void _asr_unpack_init(struct asr_unpack *, const char *, size_t);
int _asr_unpack_header(struct asr_unpack *, struct asr_dns_header *);
int _asr_unpack_query(struct asr_unpack *, struct asr_dns_query *);
diff --git a/lib/libc/asr/asr_utils.c b/lib/libc/asr/asr_utils.c
index 25d9f2da389..f700973ce2f 100644
--- a/lib/libc/asr/asr_utils.c
+++ b/lib/libc/asr/asr_utils.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: asr_utils.c,v 1.16 2017/02/19 12:02:30 jca Exp $ */
+/* $OpenBSD: asr_utils.c,v 1.17 2017/02/27 11:38:08 jca Exp $ */
/*
* Copyright (c) 2009-2012 Eric Faurot <eric@faurot.net>
*
@@ -423,12 +423,19 @@ _asr_pack_query(struct asr_pack *p, uint16_t type, uint16_t class, const char *d
}
int
-_asr_pack_edns0(struct asr_pack *p, uint16_t pktsz)
+_asr_pack_edns0(struct asr_pack *p, uint16_t pktsz, int dnssec_do)
{
+ DPRINT("asr EDNS0 pktsz:%hu dnssec:%s\n", pktsz,
+ dnssec_do ? "yes" : "no");
+
pack_dname(p, ""); /* root */
pack_u16(p, T_OPT); /* OPT */
pack_u16(p, pktsz); /* UDP payload size */
- pack_u32(p, 0); /* extended RCODE and flags */
+
+ /* extended RCODE and flags */
+ pack_u16(p, 0);
+ pack_u16(p, dnssec_do ? DNS_MESSAGEEXTFLAG_DO : 0);
+
pack_u16(p, 0); /* RDATA len */
return (p->err) ? (-1) : (0);
diff --git a/lib/libc/asr/res_mkquery.c b/lib/libc/asr/res_mkquery.c
index 340c1f11f74..d6800877279 100644
--- a/lib/libc/asr/res_mkquery.c
+++ b/lib/libc/asr/res_mkquery.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: res_mkquery.c,v 1.10 2017/02/18 19:23:05 jca Exp $ */
+/* $OpenBSD: res_mkquery.c,v 1.11 2017/02/27 11:38:08 jca Exp $ */
/*
* Copyright (c) 2012 Eric Faurot <eric@openbsd.org>
*
@@ -61,14 +61,15 @@ res_mkquery(int op, const char *dname, int class, int type,
if (ac->ac_options & RES_RECURSE)
h.flags |= RD_MASK;
h.qdcount = 1;
- if (ac->ac_options & RES_USE_EDNS0)
+ if (ac->ac_options & (RES_USE_EDNS0 | RES_USE_DNSSEC))
h.arcount = 1;
_asr_pack_init(&p, buf, buflen);
_asr_pack_header(&p, &h);
_asr_pack_query(&p, type, class, dn);
- if (ac->ac_options & RES_USE_EDNS0)
- _asr_pack_edns0(&p, MAXPACKETSZ);
+ if (ac->ac_options & (RES_USE_EDNS0 | RES_USE_DNSSEC))
+ _asr_pack_edns0(&p, MAXPACKETSZ,
+ ac->ac_options & RES_USE_DNSSEC);
_asr_ctx_unref(ac);
diff --git a/lib/libc/asr/res_send_async.c b/lib/libc/asr/res_send_async.c
index 931c8a495d3..3d4fa1a2277 100644
--- a/lib/libc/asr/res_send_async.c
+++ b/lib/libc/asr/res_send_async.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: res_send_async.c,v 1.33 2017/02/27 10:44:46 jca Exp $ */
+/* $OpenBSD: res_send_async.c,v 1.34 2017/02/27 11:38:08 jca Exp $ */
/*
* Copyright (c) 2012 Eric Faurot <eric@openbsd.org>
*
@@ -377,14 +377,15 @@ setup_query(struct asr_query *as, const char *name, const char *dom,
if (as->as_ctx->ac_options & RES_RECURSE)
h.flags |= RD_MASK;
h.qdcount = 1;
- if (as->as_ctx->ac_options & RES_USE_EDNS0)
+ if (as->as_ctx->ac_options & (RES_USE_EDNS0 | RES_USE_DNSSEC))
h.arcount = 1;
_asr_pack_init(&p, as->as.dns.obuf, as->as.dns.obufsize);
_asr_pack_header(&p, &h);
_asr_pack_query(&p, type, class, dname);
- if (as->as_ctx->ac_options & RES_USE_EDNS0)
- _asr_pack_edns0(&p, MAXPACKETSZ);
+ if (as->as_ctx->ac_options & (RES_USE_EDNS0 | RES_USE_DNSSEC))
+ _asr_pack_edns0(&p, MAXPACKETSZ,
+ as->as_ctx->ac_options & RES_USE_DNSSEC);
if (p.err) {
DPRINT("error packing query");
errno = EINVAL;
diff --git a/lib/libc/net/resolver.3 b/lib/libc/net/resolver.3
index 68e509f4f0d..e371f7851c3 100644
--- a/lib/libc/net/resolver.3
+++ b/lib/libc/net/resolver.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: resolver.3,v 1.36 2017/02/18 19:23:05 jca Exp $
+.\" $OpenBSD: resolver.3,v 1.37 2017/02/27 11:38:08 jca Exp $
.\"
.\" Copyright (c) 1985, 1991, 1993
.\" The Regents of the University of California. All rights reserved.
@@ -27,7 +27,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.Dd $Mdocdate: February 18 2017 $
+.Dd $Mdocdate: February 27 2017 $
.Dt RES_INIT 3
.Os
.Sh NAME
@@ -199,9 +199,6 @@ uses 4096 bytes as input buffer size.
Request that the resolver uses
Domain Name System Security Extensions (DNSSEC),
as defined in RFCs 4033, 4034, and 4035.
-On
-.Ox
-this option does nothing.
.El
.Pp
The