rebinding: deduplicate code of policy.REFUSE

author: Vladimír Čunát <vladimir.cunat@nic.cz> 2020-04-02 09:46:50 +0200
committer: Vladimír Čunát <vladimir.cunat@nic.cz> 2020-04-02 14:35:43 +0200
commit: 83623ea7838dad2c24a4123e9ab889fa4c35e279 (patch)
tree: 7dc850e70330dc3dd986e239491e88fbe4de49ab /modules/rebinding
parent: policy: fix qry parameter in postrules (diff)
download: knot-resolver-83623ea7838dad2c24a4123e9ab889fa4c35e279.tar.xz
knot-resolver-83623ea7838dad2c24a4123e9ab889fa4c35e279.zip
1 files changed, 2 insertions, 12 deletions
diff --git a/modules/rebinding/rebinding.lua b/modules/rebinding/rebinding.lua
index 171e5edc..d8b9f662 100644
--- a/modules/rebinding/rebinding.lua
+++ b/modules/rebinding/rebinding.lua
@@ -4,6 +4,7 @@ local ffi = require('ffi')
 -- Protection from DNS rebinding attacks
 local kres = require('kres')
 local renumber = require('kres_modules.renumber')
+local policy = require('kres_modules.policy')
 
 local M = {}
 M.layer = {}
@@ -69,19 +70,8 @@ local function check_pkt(pkt)
 end
 
 local function refuse(req)
-	-- we are deleting packet in consume() phase so other modules
-	-- might have chosen some RRs from the original packet already
-	-- *_selected arrays are in mempool
-	-- so explicit deallocation is not necessary
-	req.answ_selected.len = 0
-	req.auth_selected.len = 0
-	req.add_selected.len = 0
-
-	-- construct brand new answer packet
+	policy.REFUSE(nil, req)
 	local pkt = req.answer
-	pkt:clear_payload()
-	pkt:rcode(kres.rcode.REFUSED)
-	pkt:ad(false)
 	pkt:aa(false)
 	pkt:begin(kres.section.ADDITIONAL)
author	Vladimír Čunát <vladimir.cunat@nic.cz>	2020-04-02 09:46:50 +0200
committer	Vladimír Čunát <vladimir.cunat@nic.cz>	2020-04-02 14:35:43 +0200
commit	83623ea7838dad2c24a4123e9ab889fa4c35e279 (patch)
tree	7dc850e70330dc3dd986e239491e88fbe4de49ab /modules/rebinding
parent	policy: fix qry parameter in postrules (diff)
download	knot-resolver-83623ea7838dad2c24a4123e9ab889fa4c35e279.tar.xz knot-resolver-83623ea7838dad2c24a4123e9ab889fa4c35e279.zip