Fix non tsig queries

TODO.markdown

@@ -12,8 +12,16 @@ need to be fixed.
   array of 256 block lens set to 0. scan RRs, save highest RR / 8 in
   each block. len is 2 * # non-0 blocks + sum block len
   We now allocate 32 bytes for each nsec3 seen
+
+master¹% ./q -dnssec -tsig axfr.:so6ZGir4GPAqINNh9U5c3A== @localhost mx miek.nl
+dns: overflow unpacking OPT
+dns: overflow unpacking OPT
+;; opcode: QUERY, status: NOERROR, id: 32082
+;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, AD
   
 ## Examples to add
 
 * Nameserver, with a small zone, 1 KSK and online signing;
 * Recursor - ala FunkenSturm?
+
+

client.go

@@ -150,7 +150,6 @@ func NewClient() *Client {
 	c.QueryChan = DefaultQueryChan
 	c.ReadTimeout = 2 * 1e9
 	c.WriteTimeout = 2 * 1e9
-	c.TsigSecret = make(map[string]string)
 	return c
 }
 
@@ -381,21 +380,29 @@ func (w *reply) readClient(p []byte) (n int, err error) {
 // Send sends a dns msg to the address specified in w.
 // If the message m contains a TSIG record the transaction
 // signature is calculated.
-func (w *reply) Send(m *Msg) error {
+func (w *reply) Send(m *Msg) (err error) {
+	var out []byte
 	if m.IsTsig() {
+		mac := ""
 		name := m.Extra[len(m.Extra)-1].(*RR_TSIG).Hdr.Name
 		if _, ok := w.Client().TsigSecret[name]; !ok {
 			return ErrSecret
 		}
-		out, mac, err := TsigGenerate(m, w.Client().TsigSecret[name], w.tsigRequestMAC, w.tsigTimersOnly)
+		out, mac, err = TsigGenerate(m, w.Client().TsigSecret[name], w.tsigRequestMAC, w.tsigTimersOnly)
 		if err != nil {
 			return err
 		}
 		w.tsigRequestMAC = mac
-		if _, err = w.writeClient(out); err != nil {
-			return err
+	} else {
+		ok := false
+		out, ok = m.Pack()
+		if !ok {
+			return ErrPack
 		}
 	}
+	if _, err = w.writeClient(out); err != nil {
+		return err
+	}
 	return nil
 }
 

client_test.go

@@ -73,7 +73,7 @@ func TestClientTsigAXFR(t *testing.T) {
 	m.SetTsig("axfr.", HmacMD5, 300, uint64(time.Now().Unix()))
 
 	c := NewClient()
-	c.TsigSecret["axfr."] = "so6ZGir4GPAqINNh9U5c3A=="
+	c.TsigSecret = map[string]string{"axfr.": "so6ZGir4GPAqINNh9U5c3A=="}
 	c.Net = "tcp"
 
 	if err := c.XfrReceive(m, "85.223.71.124:53"); err != nil {

ex/q/q.go

@@ -166,7 +166,7 @@ Flags:
 		if *tsig != "" {
 			if algo, name, secret, ok := tsigKeyParse(*tsig); ok {
 				m.SetTsig(name, algo, 300, uint64(time.Now().Unix()))
-				c.TsigSecret[name] = secret;
+				c.TsigSecret = map[string]string{name: secret}
 			} else {
 				fmt.Fprintf(os.Stderr, "TSIG key error\n")
 				return

tsig.go

@@ -7,7 +7,7 @@
 //      c := NewClient()
 //      m.SetQuestion("miek.nl.", TypeMX)
 //	// Set the secret under the name "axfr."
-//      c.TsigSecret["axfr."] = "so6ZGir4GPAqINNh9U5c3A=="	// don't forget the . here
+//      c.TsigSecret = map[string]string{"axfr.": "so6ZGir4GPAqINNh9U5c3A=="}	// don't forget the . here
 //	// Add the stub TSIG RR to the message
 //      m.SetTsig("axfr.", HmacMD5, 300, uint64(time.Seconds()))
 //	...
@@ -17,7 +17,7 @@
 // TSIG record, which in the above example, is also set to 'axfr.' The supported algorithm
 // include: HmacMD5, HmacSHA1 and HmacSHA256.
 //
-// AXFR
+// AXFR (TODO)
 // The message requesting an AXFR (almost all TSIG usage is when requesting zone transfers)
 // for miek.nl with the TSIG record added is now ready to use. 
 // We now need a new client with access to the secrets:

types.go

@@ -994,7 +994,8 @@ func (rr *RR_TSIG) Header() *RR_Header {
 
 // TSIG has no official presentation format, but this will suffice.
 func (rr *RR_TSIG) String() string {
-	return rr.Hdr.String() +
+	s := "\n;; TSIG PSEUDOSECTION:\n"
+	s += rr.Hdr.String() +
 		" " + rr.Algorithm +
 		" " + tsigTimeToDate(rr.TimeSigned) +
 		" " + strconv.Itoa(int(rr.Fudge)) +
@@ -1004,6 +1005,7 @@ func (rr *RR_TSIG) String() string {
 		" " + strconv.Itoa(int(rr.Error)) + // BIND prints NOERROR
 		" " + strconv.Itoa(int(rr.OtherLen)) +
 		" " + rr.OtherData
+	return s
 }
 
 func (rr *RR_TSIG) Len() int {