]> granicus.if.org Git - pdns/commitdiff
Use 56 bits instead of 64 in ECS option
authorWinfried Angele <winfried.angele@gmail.com>
Wed, 30 Dec 2015 10:32:19 +0000 (11:32 +0100)
committerWinfried Angele <winfried.angele@gmail.com>
Wed, 30 Dec 2015 10:32:19 +0000 (11:32 +0100)
to please https://tools.ietf.org/html/draft-ietf-dnsop-edns-client-subnet-06#section-11 and protect IPv6 users privacy as well.

pdns/pdns_recursor.cc

index a002446cf8b5c5c62c32b9f8db6a2d0619758589..87556821a03a410e46fc33fb594bac90ab496bf3 100644 (file)
@@ -2154,7 +2154,7 @@ boost::optional<Netmask> getEDNSSubnetMask(const ComboAddress& local, const DNSN
 {
   if(local.sin4.sin_family != AF_INET || local.sin4.sin_addr.s_addr) { // detect unset 'requestor'
     if(g_ednsdomains.check(dn) || g_ednssubnets.match(rem)) {
-      int bits =local.sin4.sin_family == AF_INET ? 24 : 64;
+      int bits =local.sin4.sin_family == AF_INET ? 24 : 56;
       ComboAddress trunc(local);
       trunc.truncate(bits);
       return boost::optional<Netmask>(Netmask(trunc, bits));