From d7da15c560946cadaadfc173b8964dd6b40932ed Mon Sep 17 00:00:00 2001 From: bert hubert Date: Fri, 12 May 2017 21:25:16 +0200 Subject: [PATCH] Together with Mukund Sivaraman we found out PowerDNS sdig does not truncate trailing bits of EDNS Client Subnet mask. So if you'd truncate something as a /9, we'd have to use 2 bytes anyhow, but we would not zero the last 7 bits. We do now. Thanks Mukund & ISC! --- pdns/ednssubnet.cc | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/pdns/ednssubnet.cc b/pdns/ednssubnet.cc index d6b9f8e00..4528be3f3 100644 --- a/pdns/ednssubnet.cc +++ b/pdns/ednssubnet.cc @@ -95,10 +95,13 @@ string makeEDNSSubnetOptsString(const EDNSSubnetOpts& eso) ret.assign((const char*)&esow, sizeof(esow)); int octetsout = ((esow.sourceMask - 1)>> 3)+1; + ComboAddress src=eso.source.getNetwork(); + src.truncate(esow.sourceMask); + if(family == htons(1)) - ret.append((const char*) &eso.source.getNetwork().sin4.sin_addr.s_addr, octetsout); + ret.append((const char*) &src.sin4.sin_addr.s_addr, octetsout); else - ret.append((const char*) &eso.source.getNetwork().sin6.sin6_addr.s6_addr, octetsout); + ret.append((const char*) &src.sin6.sin6_addr.s6_addr, octetsout); return ret; } -- 2.40.0