r13117@catbus: nickm | 2007-05-31 19:40:32 -0400

 Patch from Tup: treat RESOLVED_TYPE_ERROR_TRANSIENT as a SERVERFAILED, and RESOLVED_TYPE_ERROR as NOTEXIST.  Generate transient/nontransient errors more sensibly.  Set flags better on DNS replies.


svn:r10427

4 files changed, 22 insertions, 9 deletions

diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c
index 110057005c..3ac8e7346a 100644
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -57,7 +57,8 @@ _connection_mark_unattached_ap(edge_connection_t *conn, int endreason,
     if (SOCKS_COMMAND_IS_CONNECT(conn->socks_request->command))
       connection_ap_handshake_socks_reply(conn, NULL, 0, endreason);
     else if (SOCKS_COMMAND_IS_RESOLVE(conn->socks_request->command))
-      connection_ap_handshake_socks_resolved(conn, RESOLVED_TYPE_ERROR,
+      connection_ap_handshake_socks_resolved(conn,
+                                             RESOLVED_TYPE_ERROR_TRANSIENT,
                                              0, NULL, -1);
     else /* unknown or no handshake at all. send no response. */
       conn->socks_request->has_finished = 1;
@@ -1306,7 +1307,8 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
         log_warn(LD_APP,"Address to be resolved is too large. Failing.");
         control_event_client_status(LOG_WARN, "SOCKS_BAD_HOSTNAME HOSTNAME=%s",
                                     escaped(socks->address));
-        connection_ap_handshake_socks_resolved(conn,RESOLVED_TYPE_ERROR,
+        connection_ap_handshake_socks_resolved(conn,
+                                               RESOLVED_TYPE_ERROR_TRANSIENT,
                                                0,NULL,-1);
         connection_mark_unattached_ap(conn,
                                 END_STREAM_REASON_SOCKSPROTOCOL |
diff --git a/src/or/dns.c b/src/or/dns.c
index cfb404d337..9f1a35a20f 100644
--- a/src/or/dns.c
+++ b/src/or/dns.c
@@ -990,7 +990,8 @@ dns_found_answer(const char *address, int is_reverse, uint32_t addr,
         /* This detach must happen after we send the end cell. */
         circuit_detach_stream(circuit_get_by_edge_conn(pendconn), pendconn);
       } else {
-        send_resolved_cell(pendconn, RESOLVED_TYPE_ERROR);
+        send_resolved_cell(pendconn, outcome == DNS_RESOLVE_FAILED_PERMANENT ?
+                          RESOLVED_TYPE_ERROR : RESOLVED_TYPE_ERROR_TRANSIENT);
         /* This detach must happen after we send the resolved cell. */
         circuit_detach_stream(circuit_get_by_edge_conn(pendconn), pendconn);
       }
diff --git a/src/or/dnsserv.c b/src/or/dnsserv.c
index bda4be56c2..4b61f362f1 100644
--- a/src/or/dnsserv.c
+++ b/src/or/dnsserv.c
@@ -32,6 +32,8 @@ evdns_server_callback(struct evdns_server_request *req, void *_data)
   tor_assert(_data == NULL);
   log_info(LD_APP, "Got a new DNS request!");
 
+  req->flags |= 0x80; /* set RA */
+
   /* First, check whether the requesting address matches our SOCKSPolicy. */
   if ((addrlen = evdns_server_request_get_requesting_addr(req,
                                 (struct sockaddr*)&addr, sizeof(addr))) < 0) {
@@ -81,8 +83,8 @@ evdns_server_callback(struct evdns_server_request *req, void *_data)
   }
   if (!q) {
     log_info(LD_APP, "None of the questions we got were ones we're willing "
-             "to support. Sending error.");
-    evdns_server_request_respond(req, DNS_ERR_NOTIMPL);
+             "to support. Sending NODATA.");
+    evdns_server_request_respond(req, DNS_ERR_NONE);
     return;
   }
   if (q->type == EVDNS_TYPE_A) {
@@ -183,8 +185,10 @@ dnsserv_resolved(edge_connection_t *conn,
                                        conn->socks_request->address,
                                        (char*)answer, ttl);
     tor_free(ans);
-  } else {
-    err = DNS_ERR_SERVERFAILED; /* Really? Not noent? */
+  } else if (answer_type == RESOLVED_TYPE_ERROR) {
+    err = DNS_ERR_NOTEXIST;
+  } else { /* answer_type == RESOLVED_TYPE_ERROR_TRANSIENT */
+    err = DNS_ERR_SERVERFAILED;
   }
 
   evdns_server_request_respond(req, err);
diff --git a/src/or/eventdns.c b/src/or/eventdns.c
index a3bb3bf245..46735f28f0 100644
--- a/src/or/eventdns.c
+++ b/src/or/eventdns.c
@@ -962,8 +962,7 @@ request_parse(u8 *packet, int length, struct evdns_server_port *port, struct soc
 	GET16(additional);
 
 	if (flags & 0x8000) return -1; // Must not be an answer.
-	if (flags & 0x7800) return -1; // only standard queries are supported
-	flags &= 0x0300; // Only TC and RD get preserved.
+	flags &= 0x0110; // Only RD and CD get preserved.
 
 	server_req = malloc(sizeof(struct server_request));
 	if (server_req == NULL) return -1;
@@ -1001,6 +1000,13 @@ request_parse(u8 *packet, int length, struct evdns_server_port *port, struct soc
 
 	server_req->port = port;
 	port->refcnt++;
+
+	// Only standard queries are supported.
+	if (flags & 0x7800) {
+		evdns_server_request_respond(&(server_req->base), DNS_ERR_NOTIMPL);
+		return -1;
+	}
+
 	port->user_callback(&(server_req->base), port->user_data);
 
 	return 0;