|
Martin Stransky |
25c020 |
--- bind-9.3.3rc2/doc/misc/options.edns 2005-05-13 04:43:27.000000000 +0200
|
|
Martin Stransky |
25c020 |
+++ bind-9.3.3rc2/doc/misc/options 2006-11-02 13:00:25.000000000 +0100
|
|
Martin Stransky |
25c020 |
@@ -83,6 +83,7 @@
|
|
Martin Stransky |
25c020 |
edns-udp-size <integer>;
|
|
Martin Stransky |
25c020 |
root-delegation-only [ exclude { <quoted_string>; ... } ];
|
|
Martin Stransky |
25c020 |
disable-algorithms <string> { <string>; ... };
|
|
Martin Stransky |
25c020 |
+ edns-enable <boolean>;
|
|
Martin Stransky |
25c020 |
dnssec-enable <boolean>;
|
|
Martin Stransky |
25c020 |
dnssec-lookaside <string> trust-anchor <string>;
|
|
Martin Stransky |
25c020 |
dnssec-must-be-secure <string> <boolean>;
|
|
Martin Stransky |
25c020 |
@@ -263,6 +264,7 @@
|
|
Martin Stransky |
25c020 |
edns-udp-size <integer>;
|
|
Martin Stransky |
25c020 |
root-delegation-only [ exclude { <quoted_string>; ... } ];
|
|
Martin Stransky |
25c020 |
disable-algorithms <string> { <string>; ... };
|
|
Martin Stransky |
25c020 |
+ edns-enable <boolean>;
|
|
Martin Stransky |
25c020 |
dnssec-enable <boolean>;
|
|
Martin Stransky |
25c020 |
dnssec-lookaside <string> trust-anchor <string>;
|
|
Martin Stransky |
25c020 |
dnssec-must-be-secure <string> <boolean>;
|
|
Martin Stransky |
25c020 |
--- bind-9.3.3rc2/lib/dns/view.c.edns 2004-03-10 03:55:58.000000000 +0100
|
|
Martin Stransky |
25c020 |
+++ bind-9.3.3rc2/lib/dns/view.c 2006-11-02 12:47:07.000000000 +0100
|
|
Martin Stransky |
25c020 |
@@ -156,6 +156,7 @@
|
|
Martin Stransky |
25c020 |
view->additionalfromcache = ISC_TRUE;
|
|
Martin Stransky |
25c020 |
view->additionalfromauth = ISC_TRUE;
|
|
Martin Stransky |
25c020 |
view->enablednssec = ISC_TRUE;
|
|
Martin Stransky |
25c020 |
+ view->enableedns = ISC_TRUE;
|
|
Martin Stransky |
25c020 |
view->minimalresponses = ISC_FALSE;
|
|
Martin Stransky |
25c020 |
view->transfer_format = dns_one_answer;
|
|
Martin Stransky |
25c020 |
view->queryacl = NULL;
|
|
Martin Stransky |
25c020 |
--- bind-9.3.3rc2/lib/dns/include/dns/view.h.edns 2004-03-10 03:55:58.000000000 +0100
|
|
Martin Stransky |
25c020 |
+++ bind-9.3.3rc2/lib/dns/include/dns/view.h 2006-11-02 12:47:07.000000000 +0100
|
|
Martin Stransky |
25c020 |
@@ -109,6 +109,7 @@
|
|
Martin Stransky |
25c020 |
isc_boolean_t additionalfromauth;
|
|
Martin Stransky |
25c020 |
isc_boolean_t minimalresponses;
|
|
Martin Stransky |
25c020 |
isc_boolean_t enablednssec;
|
|
Martin Stransky |
25c020 |
+ isc_boolean_t enableedns;
|
|
Martin Stransky |
25c020 |
dns_transfer_format_t transfer_format;
|
|
Martin Stransky |
25c020 |
dns_acl_t * queryacl;
|
|
Martin Stransky |
25c020 |
dns_acl_t * recursionacl;
|
|
Martin Stransky |
25c020 |
--- bind-9.3.3rc2/lib/isccfg/namedconf.c.edns 2006-03-02 01:37:20.000000000 +0100
|
|
Martin Stransky |
25c020 |
+++ bind-9.3.3rc2/lib/isccfg/namedconf.c 2006-11-02 12:47:07.000000000 +0100
|
|
Martin Stransky |
25c020 |
@@ -726,6 +726,7 @@
|
|
Martin Stransky |
25c020 |
{ "root-delegation-only", &cfg_type_optional_exclude, 0 },
|
|
Martin Stransky |
25c020 |
{ "disable-algorithms", &cfg_type_disablealgorithm,
|
|
Martin Stransky |
25c020 |
CFG_CLAUSEFLAG_MULTI },
|
|
Martin Stransky |
25c020 |
+ { "edns-enable", &cfg_type_boolean, 0 },
|
|
Martin Stransky |
25c020 |
{ "dnssec-enable", &cfg_type_boolean, 0 },
|
|
Martin Stransky |
25c020 |
{ "dnssec-lookaside", &cfg_type_lookaside, CFG_CLAUSEFLAG_MULTI },
|
|
Martin Stransky |
25c020 |
{ "dnssec-must-be-secure", &cfg_type_mustbesecure,
|
|
Martin Stransky |
25c020 |
--- bind-9.3.3rc2/bin/named/server.c.edns 2006-11-02 12:47:07.000000000 +0100
|
|
Martin Stransky |
25c020 |
+++ bind-9.3.3rc2/bin/named/server.c 2006-11-02 12:47:07.000000000 +0100
|
|
Martin Stransky |
25c020 |
@@ -1181,6 +1181,11 @@
|
|
Martin Stransky |
25c020 |
result = ns_config_get(maps, "provide-ixfr", &obj);
|
|
Martin Stransky |
25c020 |
INSIST(result == ISC_R_SUCCESS);
|
|
Martin Stransky |
25c020 |
view->provideixfr = cfg_obj_asboolean(obj);
|
|
Martin Stransky |
25c020 |
+
|
|
Martin Stransky |
25c020 |
+ obj = NULL;
|
|
Martin Stransky |
25c020 |
+ (void)ns_config_get(maps, "edns-enable", &obj);
|
|
Martin Stransky |
25c020 |
+ if (obj != NULL)
|
|
Martin Stransky |
25c020 |
+ view->enableedns = cfg_obj_asboolean(obj);
|
|
Martin Stransky |
25c020 |
|
|
Martin Stransky |
25c020 |
obj = NULL;
|
|
Martin Stransky |
25c020 |
result = ns_config_get(maps, "dnssec-enable", &obj);
|
|
Martin Stransky |
25c020 |
--- bind-9.3.3rc2/bin/named/query.c.edns 2006-08-31 05:57:11.000000000 +0200
|
|
Martin Stransky |
25c020 |
+++ bind-9.3.3rc2/bin/named/query.c 2006-11-02 12:47:07.000000000 +0100
|
|
Martin Stransky |
25c020 |
@@ -3558,6 +3558,12 @@
|
|
Martin Stransky |
25c020 |
if (client->view->enablednssec)
|
|
Martin Stransky |
25c020 |
message->flags |= DNS_MESSAGEFLAG_AD;
|
|
Martin Stransky |
25c020 |
|
|
Martin Stransky |
25c020 |
+ /*
|
|
Martin Stransky |
25c020 |
+ * Disable edns if an user require it.
|
|
Martin Stransky |
25c020 |
+ */
|
|
Martin Stransky |
25c020 |
+ if (!client->view->enableedns)
|
|
Martin Stransky |
25c020 |
+ client->query.fetchoptions |= DNS_FETCHOPT_NOEDNS0;
|
|
Martin Stransky |
25c020 |
+
|
|
Martin Stransky |
25c020 |
qclient = NULL;
|
|
Martin Stransky |
25c020 |
ns_client_attach(client, &qclient);
|
|
Martin Stransky |
25c020 |
query_find(qclient, NULL, qtype);
|
|
Martin Stransky |
25c020 |
--- bind-9.3.3rc2/bin/named/config.c.edns 2006-02-28 07:32:53.000000000 +0100
|
|
Martin Stransky |
25c020 |
+++ bind-9.3.3rc2/bin/named/config.c 2006-11-02 12:47:07.000000000 +0100
|
|
Martin Stransky |
25c020 |
@@ -125,6 +125,7 @@
|
|
Martin Stransky |
25c020 |
check-names master fail;\n\
|
|
Martin Stransky |
25c020 |
check-names slave warn;\n\
|
|
Martin Stransky |
25c020 |
check-names response ignore;\n\
|
|
Martin Stransky |
25c020 |
+ edns-enable yes;\n\
|
|
Martin Stransky |
25c020 |
dnssec-enable no; /* Make yes for 9.4. */ \n\
|
|
Martin Stransky |
25c020 |
"
|
|
Martin Stransky |
25c020 |
|