Allow response with AD bit in resolver
Maxim Dounin
mdounin at mdounin.ru
Sun Jun 16 01:29:51 UTC 2024
Hello!
On Sat, Jun 15, 2024 at 12:02:28PM +0100, Kirill A. Korinsky wrote:
> Greetings,
>
> Here a trivial patch which allows DNS responses with enabled AD bit
> from used resolver.
>
> Index: src/core/ngx_resolver.c
> --- src/core/ngx_resolver.c.orig
> +++ src/core/ngx_resolver.c
> @@ -1774,7 +1774,7 @@ ngx_resolver_process_response(ngx_resolver_t *r, u_cha
> (response->nar_hi << 8) + response->nar_lo);
>
> /* response to a standard query */
> - if ((flags & 0xf870) != 0x8000 || (trunc && tcp)) {
> + if ((flags & 0xf850) != 0x8000 || (trunc && tcp)) {
> ngx_log_error(r->log_level, r->log, 0,
> "invalid %s DNS response %ui fl:%04Xi",
> tcp ? "TCP" : "UDP", ident, flags);
>
Looks good to me, pushed with an appropriate commit log, thanks.
--
Maxim Dounin
http://mdounin.ru/
More information about the nginx
mailing list