You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am using Lua FFI to spoof responses, but I cannot currently handle cases where a client requests an unknown EDNS version (two of the ISC EDNS Compliance checks) because there is no function available to retrieve the OPT section.
Usecase
In my Lua script for spoofing responses, I would like to return BADVERS if the client requests anything other than EDNS version 0, which is the correct way of handling unknown EDNS versions (https://ednscomp.isc.org/).
Description
Implementing an ffi.C.dnsdist_ffi_dnsquestion_get_opt_section function that returns the requested EDNS version (along with other options) would allow me to handle unknown EDNS versions correctly.
The text was updated successfully, but these errors were encountered:
I see we already have an accessor for the DNSSEC OK bit (dnsdist_ffi_dnsquestion_get_do) and for EDNS options (dnsdist_ffi_dnsquestion_get_edns_options). There is no other flag defined as far as I know, so I guess we only need new accessors for the version and the extended rcode, or did you have something else in mind?
Short description
I am using Lua FFI to spoof responses, but I cannot currently handle cases where a client requests an unknown EDNS version (two of the ISC EDNS Compliance checks) because there is no function available to retrieve the OPT section.
Usecase
In my Lua script for spoofing responses, I would like to return BADVERS if the client requests anything other than EDNS version 0, which is the correct way of handling unknown EDNS versions (https://ednscomp.isc.org/).
Description
Implementing an
ffi.C.dnsdist_ffi_dnsquestion_get_opt_section
function that returns the requested EDNS version (along with other options) would allow me to handle unknown EDNS versions correctly.The text was updated successfully, but these errors were encountered: