From 7f632c0640f174bbbc1deb532e3a3977d595d28a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Henryk=20Pl=C3=B6tz?= <henryk@ploetzli.ch>
Date: Fri, 3 Oct 2014 20:22:01 +0200
Subject: Apply djbdns-1.05-dnssec.patch SHA1
 62e2ce1d31f1fe908fac84fc8bd049a12621810f, contained in
 tinydnssec-1.05-1.3.tar.bz2 Source was
 http://www.tinydnssec.org/download/tinydnssec-1.05-1.3.tar.bz2, SHA1
 b33d5c3e0de67f6427aad8c00a99580b59804075

---
 server.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'server.c')

diff --git a/server.c b/server.c
index d52ce87..b754265 100644
--- a/server.c
+++ b/server.c
@@ -1,3 +1,4 @@
+#include "edns0.h"
 #include "byte.h"
 #include "case.h"
 #include "env.h"
@@ -63,6 +64,9 @@ static int doit(void)
   if (header[2] & 126) goto NOTIMP;
   if (byte_equal(qtype,2,DNS_T_AXFR)) goto NOTIMP;
 
+  pos = check_edns0(header, buf, len, pos);
+  if (!pos) goto NOQ;
+
   case_lowerb(q,dns_domain_length(q));
   if (!respond(q,qtype,ip)) {
     qlog(ip,port,header,q,qtype," - ");
@@ -168,7 +172,7 @@ int main()
 	len = socket_recv6(udp53[i],buf,sizeof buf,ip,&port,&ifid);
 	if (len < 0) continue;
 	if (!doit()) continue;
-	if (response_len > 512) response_tc();
+	if (response_len > max_response_len) response_tc();
 	socket_send6(udp53[i],response,response_len,ip,port,ifid);
 	/* may block for buffer space; if it fails, too bad */
       }
-- 
cgit v1.2.3