From 44140cad3b8e6567ec77175332f9da58da9d0617 Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Thu, 27 Mar 2025 16:37:02 +1100 Subject: [PATCH] Extract and send server cookie with BADVERS retry A BADVERS response can also include EDNS SERVER COOKIE. Extract that from the OPT record and use it when resending the request. --- bin/dig/dighost.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/bin/dig/dighost.c b/bin/dig/dighost.c index 0bc839c121..e9696ab1d2 100644 --- a/bin/dig/dighost.c +++ b/bin/dig/dighost.c @@ -4269,6 +4269,12 @@ recv_done(isc_nmhandle_t *handle, isc_result_t eresult, isc_region_t *region, dighost_comments(l, "BADVERS, retrying with EDNS version %u.", (unsigned int)newedns); l->edns = newedns; + /* + * Extract the server cookie so it can be sent in the retry. + */ + if (l->cookie == NULL && l->sendcookie) { + process_opt(l, msg); + } n = requeue_lookup(l, true); if (l->trace && l->trace_root) { n->rdtype = l->qrdtype;