Policy REFUSE; minot tweak
Merge request reports
Activity
added 2 commits
- 4d45529a - policy: add REFUSE policy
- 778115b9 - kresd: improve error reporting if cache cannot be opened
assigned to @vcunat
@vcunat Please review https://gitlab.labs.nic.cz/knot/knot-resolver/merge_requests/549/diffs?commit_id=778115b9100c19041f132565e05db85ff75ff1d1 and merge it if it is okay. I do not see reason to have assert in here.
- Resolved by Grigorii Demidov
This code will leave the AD flag if the query had AD or DO. We probably don't want that. Currently we don't have lua bindings to set individual flags – we have
ffi.C.kr_pkt_make_auth_header
in policy specifically for this, but that also sets the AA flag – I'm not sure we want it in all cases, but it seems less bad than AD flag.Otherwise, at least in the long run, we can bind all the flags into lua in some way, e.g. add non-inline clones of all the flag-setting c functions.
Edited by Vladimír Čunátassigned to @pspacek
- fix header flags
- inspect flags in other policies as DROP etc. as well
Edited by Grigorii Demidovassigned to @gdemidov
DROP & DENY policies don't return AD flag.
Edited by Grigorii Demidovmentioned in commit bba85538