On 10/16/2015 07:52 AM, Craig McQueen wrote:
I'm interested in this concept. I applied your patch to ConnMan 1.30, and I've
been testing it.
In my testing with DNS queries using the Linux 'dig' utility, I found it returns
malformed responses. That is because the 'dig' query includes an additional record
(ARCOUNT=1), of type OPT (41). When your patch send_response_A() creates the response, it
just uses the total length of the query (which includes the question and the additional
record), but then sets the ARCOUNT=0, so that doesn't account for a query that contains
additional records. So the response appears to have just one answer record of type
"OPT", followed by an additional 16 bytes of junk.
So the response is malformed for any query that includes more than one
question, and more than zero additional records.
I also note that this patch sends an A record response to any query, with a
link to the query name. But it doesn't make sense to send an A record answer if
the query wasn't an A record question. E.g. if the query is a PTR (reverse
lookup) question for 216.58.220.110, it doesn't make sense to respond with an A
record saying the IP address of 110.2200.58.216.in-addr.arpa is 192.168.1.1.
So the patch would need to be improved as follows:
* Check that the query first question is for an A record, and only send an A
record if so.
* Calculate the correct length of the query header and question record(s), in
order to position the answer in the correct location in the response.
* Calculate the correct total length of the response.
* Consider whether an "OPT" or other additional record should be copied into
the answer
* Consider how to handle a query with more than one question.
Hi Craig,
Thank you very much for your review.
It's true, I haven't thought about more complex DNS requests than a
simple and unique A request (which works in majority of case).
I will try to correct this and provide a new patch soon.
Alexandre
_______________________________________________
connman mailing list
[email protected]
https://lists.connman.net/mailman/listinfo/connman
