From 0bcd43e7cc0be454c0a1d2ebee778684fb31fd38 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ask=20Bj=C3=B8rn=20Hansen?= <ask@develooper.com>
Date: Tue, 7 May 2013 16:53:43 -0700
Subject: [PATCH] Use SourceNetmask to truncate IP addresses in
 EDNS-CLIENT-SUBNET packets

OpenDNS returns SERVFAIL to the client if the address in the EDNS packet
is too long. The spec says to truncate it to the shortest possible address
when the SourceNetmask is applied.
---
 edns.go | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/edns.go b/edns.go
index e6f6804d..b2781b57 100644
--- a/edns.go
+++ b/edns.go
@@ -227,6 +227,11 @@ func (e *EDNS0_SUBNET) pack() ([]byte, error) {
 			}
 			ip[i] = a[i]
 		}
+		needLength := e.SourceNetmask / 8
+		if e.SourceNetmask%8 > 0 {
+			needLength++
+		}
+		ip = ip[:needLength]
 		b = append(b, ip...)
 	case 2:
 		if e.SourceNetmask > net.IPv6len*8 {
@@ -240,7 +245,11 @@ func (e *EDNS0_SUBNET) pack() ([]byte, error) {
 			}
 			ip[i] = a[i]
 		}
-		// chop off ip a SourceNetmask/8: ip = ip[:e.SourceNetmask/8] ?
+		needLength := e.SourceNetmask / 8
+		if e.SourceNetmask%8 > 0 {
+			needLength++
+		}
+		ip = ip[:needLength]
 		b = append(b, ip...)
 	default:
 		return nil, errors.New("dns: bad address family")