From 44500cbb25bc6e76723304b9ff39f875c04309f9 Mon Sep 17 00:00:00 2001
From: Florian Weimer <fweimer@redhat.com>
Date: Thu, 13 Apr 2017 13:22:51 +0200
Subject: resolv: Remove EDNS fallback [BZ #21369]

EDNS is disabled by default (so there is interoperability issue), and
the fallback code is problematic because it prevents an application
from obtaining DNSSEC data after a FORMERR response.
---
 ChangeLog | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'ChangeLog')

diff --git a/ChangeLog b/ChangeLog
index 1cd7a7b..9eec270 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,17 @@
 2017-04-13  Florian Weimer  <fweimer@redhat.com>
 
+	[BZ #21369]
+	Remove EDNS fallback.
+	* resolv/res_query.c (__libc_res_nquery): Remove RES_F_EDNS0ERR
+	handling.
+	* resolv/res_send.c (send_dg): Likewise.
+	* resolv/tst-resolv-edns.c (response): Handle "formerr." and
+	"tcp." prefixes.
+	(do_test): Send a "formerr."-prefixed query in an attempt to
+	trigger EDNS fallback.
+
+2017-04-13  Florian Weimer  <fweimer@redhat.com>
+
 	[BZ #21361]
 	Limit EDNS buffer size to 1200 bytes.
 	* include/resolv.h (__res_nopt): Remove declaration.
-- 
cgit v1.1