Remove floor on EDNS0 packet size with DNSSEC.

800c5cc1 · Simon Kelley · 857973e6 · 800c5cc1 · 800c5cc1
Commit 800c5cc1 authored Dec 15, 2014 by Simon Kelley
Show whitespace changes
Inline Side-by-side

Showing with 5 additions and 6 deletions

CHANGELOG CHANGELOG +5 -1

src/dnsmasq.c src/dnsmasq.c +0 -5

No files found.
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -3,6 +3,10 @@ version 2.73
 	    --conf-dir, also trivial memory leak. Thanks to 
 	    Tomas Hozza for spotting this.
+	    Remove floor of 4096 on advertised EDNS0 packet size when 
+	    DNSSEC in use, the original rationale for this has long gone.
+	    Thanks to Anders Kaseorg for spotting this.
 version 2.72
            Add ra-advrouter mode, for RFC-3775 mobile IPv6 support.

--- a/src/dnsmasq.c
+++ b/src/dnsmasq.c
@@ -87,11 +87,6 @@ int main (int argc, char **argv)
  if (daemon->edns_pktsz < PACKETSZ)
    daemon->edns_pktsz = PACKETSZ;
-#ifdef HAVE_DNSSEC
-  /* Enforce min packet big enough for DNSSEC */
-  if (option_bool(OPT_DNSSEC_VALID) && daemon->edns_pktsz < EDNS_PKTSZ)
-    daemon->edns_pktsz = EDNS_PKTSZ;
-#endif
  daemon->packet_buff_sz = daemon->edns_pktsz > DNSMASQ_PACKETSZ ? 
    daemon->edns_pktsz : DNSMASQ_PACKETSZ;