DnsServer: returning format error response when domain name is invalid. Setting recursion available flag in response for auth zone when recursion is desired since dns clients like nslookup and dig complain about it otherwise.

2026-02-14 03:43:59 +00:00 · 2020-12-12 16:40:06 +05:30
parent 31eee972e0
commit 849df07c73
1 changed files with 8 additions and 0 deletions
--- a/DnsServerCore/Dns/DnsServer.cs
+++ b/DnsServerCore/Dns/DnsServer.cs
@@ -926,6 +926,11 @@ namespace DnsServerCore.Dns
                                return await ProcessRecursiveQueryAsync(request, null, null, !inAllowedZone, false);
                        }
                    }
+                    catch (InvalidDomainNameException)
+                    {
+                        //format error response
+                        return new DnsDatagram(request.Identifier, true, request.OPCODE, false, false, request.RecursionDesired, IsRecursionAllowed(remoteEP), false, false, DnsResponseCode.FormatError, request.Question);
+                    }
                    catch (Exception ex)
                    {
                        LogManager log = _log;
@@ -1087,6 +1092,9 @@ namespace DnsServerCore.Dns
                }
            }

+            if (response.RecursionAvailable != isRecursionAllowed)
+                response = new DnsDatagram(response.Identifier, response.IsResponse, response.OPCODE, response.AuthoritativeAnswer, response.Truncation, response.RecursionDesired, isRecursionAllowed, response.AuthenticData, response.CheckingDisabled, response.RCODE, response.Question, response.Answer, response.Authority, response.Additional);
+
            return Task.FromResult(response);
        }