From: Winfried Angele Date: Wed, 30 Dec 2015 10:32:19 +0000 (+0100) Subject: Use 56 bits instead of 64 in ECS option X-Git-Tag: dnsdist-1.0.0-alpha2^2 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=1353273b0ea6aae7ea9c5e9b244e7f2495e03e9f;p=pdns Use 56 bits instead of 64 in ECS option to please https://tools.ietf.org/html/draft-ietf-dnsop-edns-client-subnet-06#section-11 and protect IPv6 users privacy as well. --- diff --git a/pdns/pdns_recursor.cc b/pdns/pdns_recursor.cc index a002446cf..87556821a 100644 --- a/pdns/pdns_recursor.cc +++ b/pdns/pdns_recursor.cc @@ -2154,7 +2154,7 @@ boost::optional getEDNSSubnetMask(const ComboAddress& local, const DNSN { if(local.sin4.sin_family != AF_INET || local.sin4.sin_addr.s_addr) { // detect unset 'requestor' if(g_ednsdomains.check(dn) || g_ednssubnets.match(rem)) { - int bits =local.sin4.sin_family == AF_INET ? 24 : 64; + int bits =local.sin4.sin_family == AF_INET ? 24 : 56; ComboAddress trunc(local); trunc.truncate(bits); return boost::optional(Netmask(trunc, bits));