AMAZEHOME/dns-server
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

优化DNSSEC

Browse Source
This commit is contained in:
Alex Yang
2025-12-16 16:25:55 +08:00
parent 50d2b5fbdb
commit 106b869111
7 changed files with 108 additions and 195 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
dns/cache.go
View File

@@ -41,7 +41,7 @@ func cacheKey(qName string, qType uint16) string {
// hasDNSSECRecords 检查响应是否包含DNSSEC记录
func hasDNSSECRecords(response *dns.Msg) bool {
// 检查响应中是否包含DNSKEYRRSIG记录
// 检查响应中是否包含DNSSEC相关记录DNSKEYRRSIG、DS、NSEC、NSEC3等
for _, rr := range response.Answer {
if _, ok := rr.(*dns.DNSKEY); ok {
return true
@@ -49,6 +49,15 @@ func hasDNSSECRecords(response *dns.Msg) bool {
if _, ok := rr.(*dns.RRSIG); ok {
return true
}
if _, ok := rr.(*dns.DS); ok {
return true
}
if _, ok := rr.(*dns.NSEC); ok {
return true
}
if _, ok := rr.(*dns.NSEC3); ok {
return true
}
}
for _, rr := range response.Ns {
if _, ok := rr.(*dns.DNSKEY); ok {
@@ -57,6 +66,15 @@ func hasDNSSECRecords(response *dns.Msg) bool {
if _, ok := rr.(*dns.RRSIG); ok {
return true
}
if _, ok := rr.(*dns.DS); ok {
return true
}
if _, ok := rr.(*dns.NSEC); ok {
return true
}
if _, ok := rr.(*dns.NSEC3); ok {
return true
}
}
for _, rr := range response.Extra {
if _, ok := rr.(*dns.DNSKEY); ok {
@@ -65,6 +83,15 @@ func hasDNSSECRecords(response *dns.Msg) bool {
if _, ok := rr.(*dns.RRSIG); ok {
return true
}
if _, ok := rr.(*dns.DS); ok {
return true
}
if _, ok := rr.(*dns.NSEC); ok {
return true
}
if _, ok := rr.(*dns.NSEC3); ok {
return true
}
}
return false
}