Add some sanity checks to the dnsdist health check

author Remi Gacogne <rgacogne-github@coredump.fr>

Tue, 3 Nov 2015 10:53:38 +0000 (11:53 +0100)

committer Remi Gacogne <rgacogne-github@coredump.fr>

Tue, 17 Nov 2015 09:32:20 +0000 (10:32 +0100)
author Remi Gacogne <rgacogne-github@coredump.fr>
Tue, 3 Nov 2015 10:53:38 +0000 (11:53 +0100)
committer Remi Gacogne <rgacogne-github@coredump.fr>
Tue, 17 Nov 2015 09:32:20 +0000 (10:32 +0100)
diff --git a/pdns/dnsdist.cc b/pdns/dnsdist.cc

index 38d266936c94c9d4a268ac1bc717ad03a9607b3c..b9a2e1c5d1cafafd21b42d067bc8af3aaef23214 100644 (file)
--- a/pdns/dnsdist.cc
+++ b/pdns/dnsdist.cc
@@ -561,7 +561,8 @@ try
  {
    vector<uint8_t> packet;
    DNSPacketWriter dpw(packet, DNSName("a.root-servers.net."), QType::A);
-  dpw.getHeader()->rd=true;
+  dnsheader * requestHeader = dpw.getHeader();
+  requestHeader->rd=true;
  
    Socket sock(remote.sin4.sin_family, SOCK_DGRAM);
    sock.setNonBlocking();
@@ -574,6 +575,23 @@ try
    ComboAddress dest=remote;
    sock.recvFrom(reply, dest);
  
+  // dnsparser.cc is not included in dnsdist right now
+  // MOADNSParser mdp(reply);
+  // dnsheader const * responseHeader = &mdp.d_header;
+  struct dnsheader responseHeader;
+
+  if (reply.size() < sizeof(responseHeader))
+    return false;
+
+  memcpy(&responseHeader, reply.c_str(), sizeof(responseHeader));
+
+  if (responseHeader.id != requestHeader->id)
+    return false;
+  if (!responseHeader.qr)
+    return false;
+  if (responseHeader.rcode == RCode::ServFail)
+    return false;
+
    // XXX fixme do bunch of checking here etc 
    return true;
  }
author	Remi Gacogne <rgacogne-github@coredump.fr>
	Tue, 3 Nov 2015 10:53:38 +0000 (11:53 +0100)
committer	Remi Gacogne <rgacogne-github@coredump.fr>
	Tue, 17 Nov 2015 09:32:20 +0000 (10:32 +0100)