make sure we stuff in synthesised DNSKEYs for an ANY query - maybe this will make...

author Bert Hubert <bert.hubert@netherlabs.nl>

Mon, 3 Jan 2011 20:11:40 +0000 (20:11 +0000)

committer Bert Hubert <bert.hubert@netherlabs.nl>

Mon, 3 Jan 2011 20:11:40 +0000 (20:11 +0000)
author Bert Hubert <bert.hubert@netherlabs.nl>
Mon, 3 Jan 2011 20:11:40 +0000 (20:11 +0000)
committer Bert Hubert <bert.hubert@netherlabs.nl>
Mon, 3 Jan 2011 20:11:40 +0000 (20:11 +0000)
diff --git a/pdns/packethandler.cc b/pdns/packethandler.cc

index 67572d89494326abcfe5e560504857a3223e3295..c250ca69cb8f76309f7cb210656fa475d8226003 100644 (file)
--- a/pdns/packethandler.cc
+++ b/pdns/packethandler.cc
@@ -227,8 +227,6 @@ int PacketHandler::doDNSKEYRequest(DNSPacket *p, DNSPacket *r)
      r->addRecord(rr);
      haveOne=true;
    }
-
-
    return haveOne;
  }
  
@@ -1029,6 +1027,18 @@ void PacketHandler::completeANYRecords(DNSPacket *p, DNSPacket*r, SOAData& sd, c
      cerr<<"Need to add all the RRSIGs too for '"<<target<<"', should do this manually since DNSSEC was not requested"<<endl;
    //  cerr<<"Need to add all the NSEC too.."<<endl; /// XXX FIXME THE ABOVE IF IS WEIRD
    addNSECX(p, r, target, sd.qname, 2); 
+  if(sd.qname == p->qdomain) {
+    DNSSECKeeper::keyset_t zskset = d_dk.getKeys(p->qdomain);
+    DNSResourceRecord rr;
+    BOOST_FOREACH(DNSSECKeeper::keyset_t::value_type value, zskset) {
+      rr.qtype=QType::DNSKEY;
+      rr.ttl=3600;
+      rr.qname=p->qdomain;
+      rr.content=value.first.getDNSKEY().getZoneRepresentation();
+      rr.auth = true;
+      r->addRecord(rr);
+    }
+  }
  }
  
  bool PacketHandler::tryWildcard(DNSPacket *p, DNSPacket*r, SOAData& sd, string &target, bool& retargeted)
author	Bert Hubert <bert.hubert@netherlabs.nl>
	Mon, 3 Jan 2011 20:11:40 +0000 (20:11 +0000)
committer	Bert Hubert <bert.hubert@netherlabs.nl>
	Mon, 3 Jan 2011 20:11:40 +0000 (20:11 +0000)