diff --git a/CHANGES b/CHANGES
index 1adebfeb72..e9a50b55ed 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,6 @@
+4586. [func] dig, host and nslookup now use TCP for ANY queries.
+ [RT #44687]
+
4585. [port] win32: Set CompileAS value. [RT #42474]
4584. [bug] A number of memory usage statistics were not properly
diff --git a/bin/dig/dig.c b/bin/dig/dig.c
index 6e183d48f8..51dcfa8e63 100644
--- a/bin/dig/dig.c
+++ b/bin/dig/dig.c
@@ -1744,6 +1744,9 @@ dash_option(char *option, char *next, dig_lookup_t **lookup,
if (rdtype == dns_rdatatype_axfr) {
(*lookup)->section_question = plusquest;
(*lookup)->comments = pluscomm;
+ } else if (rdtype == dns_rdatatype_any) {
+ if (!(*lookup)->tcp_mode_set)
+ (*lookup)->tcp_mode = ISC_TRUE;
}
(*lookup)->ixfr_serial = ISC_FALSE;
}
@@ -2054,6 +2057,10 @@ parse_args(isc_boolean_t is_batchfile, isc_boolean_t config_only,
plusquest;
lookup->comments = pluscomm;
}
+ if (rdtype ==
+ dns_rdatatype_any &&
+ !lookup->tcp_mode_set)
+ lookup->tcp_mode = ISC_TRUE;
lookup->ixfr_serial = ISC_FALSE;
}
continue;
diff --git a/bin/dig/dig.docbook b/bin/dig/dig.docbook
index ce3a205bef..e262d24a6e 100644
--- a/bin/dig/dig.docbook
+++ b/bin/dig/dig.docbook
@@ -1067,10 +1067,10 @@
Use [do not use] TCP when querying name servers. The
- default behavior is to use UDP unless an
- ixfr=N query is requested, in which
- case the default is TCP. AXFR queries always use
- TCP.
+ default behavior is to use UDP unless a type
+ any or ixfr=N
+ query is requested, in which case the default is TCP.
+ AXFR queries always use TCP.
diff --git a/bin/dig/host.c b/bin/dig/host.c
index 7d91250399..ed075b3e47 100644
--- a/bin/dig/host.c
+++ b/bin/dig/host.c
@@ -602,7 +602,7 @@ printmessage(dig_query_t *query, dns_message_t *msg, isc_boolean_t headers) {
return (result);
}
-static const char * optstring = "46aAc:dilnm:rst:vVwCDN:R:TW:";
+static const char * optstring = "46aAc:dilnm:rst:vVwCDN:R:TUW:";
/*% version */
static void
@@ -743,6 +743,9 @@ parse_args(isc_boolean_t is_batchfile, int argc, char **argv) {
lookup->ixfr_serial = serial;
lookup->tcp_mode = ISC_TRUE;
list_type = rdtype;
+ } else if (rdtype == dns_rdatatype_any) {
+ if (!lookup->tcp_mode_set)
+ lookup->tcp_mode = ISC_TRUE;
#ifdef WITH_IDN
} else if (rdtype == dns_rdatatype_a ||
rdtype == dns_rdatatype_aaaa ||
@@ -815,6 +818,11 @@ parse_args(isc_boolean_t is_batchfile, int argc, char **argv) {
break;
case 'T':
lookup->tcp_mode = ISC_TRUE;
+ lookup->tcp_mode_set = ISC_TRUE;
+ break;
+ case 'U':
+ lookup->tcp_mode = ISC_FALSE;
+ lookup->tcp_mode_set = ISC_TRUE;
break;
case 'C':
debug("showing all SOAs");
diff --git a/bin/dig/host.docbook b/bin/dig/host.docbook
index 7578b07a8a..18fc605faf 100644
--- a/bin/dig/host.docbook
+++ b/bin/dig/host.docbook
@@ -50,7 +50,7 @@
host
-
+
@@ -291,14 +291,16 @@
-T
+ -U
- TCP:
+ TCP/UDP:
By default, host uses UDP when making
queries. The option makes it use a TCP
connection when querying the name server. TCP will be
automatically selected for queries that require it, such
- as zone transfer (AXFR) requests.
+ as zone transfer (AXFR) requests. Type ANY queries default
+ to TCP but can be forced to UDP initially using .
diff --git a/bin/dig/nslookup.c b/bin/dig/nslookup.c
index 951a13875e..e8b3940894 100644
--- a/bin/dig/nslookup.c
+++ b/bin/dig/nslookup.c
@@ -51,7 +51,7 @@
#endif
static isc_boolean_t short_form = ISC_TRUE,
- tcpmode = ISC_FALSE,
+ tcpmode = ISC_FALSE, tcpmode_set = ISC_FALSE,
identify = ISC_FALSE, stats = ISC_TRUE,
comments = ISC_TRUE, section_question = ISC_TRUE,
section_answer = ISC_TRUE, section_authority = ISC_TRUE,
@@ -718,8 +718,10 @@ setoption(char *opt) {
usesearch = ISC_FALSE;
} else if (strncasecmp(opt, "vc", 3) == 0) {
tcpmode = ISC_TRUE;
+ tcpmode_set = ISC_TRUE;
} else if (strncasecmp(opt, "novc", 5) == 0) {
tcpmode = ISC_FALSE;
+ tcpmode_set = ISC_TRUE;
} else if (strncasecmp(opt, "deb", 3) == 0) {
short_form = ISC_FALSE;
showsearch = ISC_TRUE;
@@ -796,7 +798,10 @@ addlookup(char *opt) {
lookup->retries = tries;
lookup->udpsize = 0;
lookup->comments = comments;
- lookup->tcp_mode = tcpmode;
+ if (lookup->rdtype == dns_rdatatype_any && !tcpmode_set)
+ lookup->tcp_mode = ISC_TRUE;
+ else
+ lookup->tcp_mode = tcpmode;
lookup->stats = stats;
lookup->section_question = section_question;
lookup->section_answer = section_answer;
diff --git a/bin/dig/nslookup.docbook b/bin/dig/nslookup.docbook
index c2a8668adc..26d8cd9a66 100644
--- a/bin/dig/nslookup.docbook
+++ b/bin/dig/nslookup.docbook
@@ -308,8 +308,7 @@ nslookup -query=hinfo -timeout=10
-
- nodebug
+ nodebug
Turn on or off the display of the full response packet and
@@ -322,8 +321,7 @@ nslookup -query=hinfo -timeout=10
-
- nod2
+ nod2
Turn debugging mode on or off. This displays more about
@@ -345,8 +343,7 @@ nslookup -query=hinfo -timeout=10
-
- nosearch
+ nosearch
If the lookup request contains at least one period but
@@ -392,8 +389,7 @@ nslookup -query=hinfo -timeout=10
-
- norecurse
+ norecurse
Tell the name server to query other servers if it does not
@@ -437,8 +433,7 @@ nslookup -query=hinfo -timeout=10
-
- novc
+ novc
Always use a virtual circuit when sending requests to the
@@ -451,8 +446,7 @@ nslookup -query=hinfo -timeout=10
-
- nofail
+ nofail
Try the next nameserver if a nameserver responds with