This PR fixes a couple of bugs in RFC 6891 extended RCODE conversion functions that prevent extended RCODE (values > 15) being handled correctly.
This problem was observed while testing an implementation of RFC 7873 Domain Name System (DNS) Cookies, when responding with extended RCODE BADCOOKIE (integer value 23).
23 is binary 0000_0001_0111 in 12-bit extended RCODE form, with 0000_0001 (1) being the extended part and 0111 (7) being the RFC 1035 DNS header RCODE part.
The wire format should have had the lowest bit of the OPT header extended RCODE field set but it was unset. This can be seen in the following Wireshark screenshot:
This PR fixes the problem by making the following two changes:
to_int(): Like from_int(), work with the lowest 12-bits when converting to u16, not the lowest 4-bits.
to_parts(): Like from_parts(), shift by 4-bits, not by 8-bits.
It also adds a new test called optrcode_parts() that fails without these changes and passes with them.
With the fix applied Wireshark shows the OPT header RCODE value being set correctly:
And dig was then able to correctly detect the BADCOOKIE RCODE and use the accompanying server cookie in subsequent requests, while without the fix the received server cookie was ignored.
This PR fixes a couple of bugs in RFC 6891 extended RCODE conversion functions that prevent extended RCODE (values > 15) being handled correctly.
This problem was observed while testing an implementation of RFC 7873 Domain Name System (DNS) Cookies, when responding with extended RCODE
BADCOOKIE(integer value 23).23 is binary 0000_0001_0111 in 12-bit extended RCODE form, with 0000_0001 (1) being the extended part and 0111 (7) being the RFC 1035 DNS header RCODE part.
The wire format should have had the lowest bit of the OPT header extended RCODE field set but it was unset. This can be seen in the following Wireshark screenshot:
This PR fixes the problem by making the following two changes:
to_int(): Likefrom_int(), work with the lowest 12-bits when converting to u16, not the lowest 4-bits.to_parts(): Likefrom_parts(), shift by 4-bits, not by 8-bits.It also adds a new test called
optrcode_parts()that fails without these changes and passes with them.With the fix applied Wireshark shows the OPT header RCODE value being set correctly:
And
digwas then able to correctly detect the BADCOOKIE RCODE and use the accompanying server cookie in subsequent requests, while without the fix the received server cookie was ignored.