MCPcopy
hub / github.com/AdguardTeam/dnsproxy / filterMsg

Function filterMsg

proxy/cache.go:644–658  ·  view source on GitHub ↗

filterMsg removes OPT RRs, DNSSEC RRs if do is false, sets TTL to ttl if it's not equal to 0 and puts the results to appropriate fields of dst. It also filters the AD bit if both ad and do are false.

(dst, m *dns.Msg, ad, do bool, ttl uint32)

Source from the content-addressed store, hash-verified

642// not equal to 0 and puts the results to appropriate fields of dst. It also
643// filters the AD bit if both ad and do are false.
644func filterMsg(dst, m *dns.Msg, ad, do bool, ttl uint32) {
645 // As RFC 6840 says, validating resolvers should only set the AD bit when a
646 // response both meets the conditions listed in RFC 4035, and the request
647 // contained either a set DO bit or a set AD bit.
648 dst.AuthenticatedData = dst.AuthenticatedData && (ad || do)
649
650 // It's important to filter out only DNSSEC RRs that aren't explicitly
651 // requested.
652 //
653 // See https://datatracker.ietf.org/doc/html/rfc4035#section-3.2.1 and
654 // https://github.com/AdguardTeam/dnsproxy/issues/144.
655 dst.Answer = filterRRSlice(m.Answer, do, ttl, m.Question[0].Qtype)
656 dst.Ns = filterRRSlice(m.Ns, do, ttl, dns.TypeNone)
657 dst.Extra = filterRRSlice(m.Extra, do, ttl, dns.TypeNone)
658}

Callers 2

ResolveMethod · 0.85
unpackItemMethod · 0.85

Calls 1

filterRRSliceFunction · 0.85

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…