diff options
author | Casey Deccio <casey@deccio.net> | 2019-03-12 19:14:00 +0300 |
---|---|---|
committer | Casey Deccio <casey@deccio.net> | 2019-03-12 19:14:00 +0300 |
commit | af31ed1c9ffe6267122835f810966f7e5934cf80 (patch) | |
tree | ad9b0dd617eaae1c48b2906d5e962e02c634a55e | |
parent | 0dab819020f760fc4e003e306e628087e2ab2ab3 (diff) |
Remove EDNS option on FORMERR
-rw-r--r-- | dnsviz/query.py | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/dnsviz/query.py b/dnsviz/query.py index 9824ea0..66c3a22 100644 --- a/dnsviz/query.py +++ b/dnsviz/query.py @@ -456,6 +456,22 @@ class DisableEDNSOnRcodeHandler(DNSResponseHandler): self._request.use_edns(False) return DNSQueryRetryAttempt(response_time, RETRY_CAUSE_RCODE, response.rcode(), RETRY_ACTION_DISABLE_EDNS, None) +class RemoveEDNSOptionOnRcodeHandler(DNSResponseHandler): + '''Remove an EDNS option if the RCODE in the response indicates that the + server didn't handle the request properly.''' + + def __init__(self, rcode): + self._rcode = rcode + + def handle(self, response_wire, response, response_time): + try: + opt = self._request.options[0] + except IndexError: + opt = None + if isinstance(response, dns.message.Message) and response.rcode() == self._rcode and opt is not None: + self._request.options.remove(opt) + return DNSQueryRetryAttempt(response_time, RETRY_CAUSE_RCODE, response.rcode(), RETRY_ACTION_REMOVE_EDNS_OPTION, opt.otype) + class AddServerCookieOnBADCOOKIE(DNSResponseHandler): '''Update the DNS Cookie EDNS option with the server cookie when a BADCOOKIE rcode is received.''' @@ -1718,6 +1734,7 @@ class QuickDNSSECQuery(DNSSECQuery): response_handlers = DNSSECQuery.response_handlers + \ [ AddServerCookieOnBADCOOKIE(), + RemoveEDNSOptionOnRcodeHandler(dns.rcode.FORMERR), DisableEDNSOnFormerrHandler(), DisableEDNSOnRcodeHandler() ] @@ -1733,6 +1750,7 @@ class DiagnosticQuery(DNSSECQuery): response_handlers = DNSSECQuery.response_handlers + \ [ AddServerCookieOnBADCOOKIE(), + RemoveEDNSOptionOnRcodeHandler(dns.rcode.FORMERR), DisableEDNSOnFormerrHandler(), DisableEDNSOnRcodeHandler(), ReduceUDPMaxPayloadOnTimeoutHandler(512, 4), @@ -1769,6 +1787,7 @@ class RecursiveDiagnosticQuery(RecursiveDNSSECQuery): response_handlers = DNSSECQuery.response_handlers + \ [ AddServerCookieOnBADCOOKIE(), + RemoveEDNSOptionOnRcodeHandler(dns.rcode.FORMERR), DisableEDNSOnFormerrHandler(), SetFlagOnRcodeHandler(dns.flags.CD, dns.rcode.SERVFAIL), DisableEDNSOnRcodeHandler(), @@ -1810,6 +1829,7 @@ class TCPDiagnosticQuery(DNSSECQuery): response_handlers = \ [ + RemoveEDNSOptionOnRcodeHandler(dns.rcode.FORMERR), DisableEDNSOnFormerrHandler(), DisableEDNSOnRcodeHandler(), ChangeTimeoutOnTimeoutHandler(4.0, 2) @@ -1831,6 +1851,7 @@ class RecursiveTCPDiagnosticQuery(RecursiveDNSSECQuery): response_handlers = \ [ + RemoveEDNSOptionOnRcodeHandler(dns.rcode.FORMERR), DisableEDNSOnFormerrHandler(), SetFlagOnRcodeHandler(dns.flags.CD, dns.rcode.SERVFAIL), DisableEDNSOnRcodeHandler(), @@ -1854,6 +1875,7 @@ class PMTUDiagnosticQuery(DNSSECQuery): DNSSECQuery.response_handlers + \ [ AddServerCookieOnBADCOOKIE(), + RemoveEDNSOptionOnRcodeHandler(dns.rcode.FORMERR), DisableEDNSOnFormerrHandler(), DisableEDNSOnRcodeHandler(), RemoveEDNSOptionOnTimeoutHandler(6), @@ -1889,6 +1911,7 @@ class RecursivePMTUDiagnosticQuery(RecursiveDNSSECQuery): DNSSECQuery.response_handlers + \ [ AddServerCookieOnBADCOOKIE(), + RemoveEDNSOptionOnRcodeHandler(dns.rcode.FORMERR), DisableEDNSOnFormerrHandler(), SetFlagOnRcodeHandler(dns.flags.CD, dns.rcode.SERVFAIL), DisableEDNSOnRcodeHandler(), |