March 8, 2015 11:37 · November 3, 2015 19:34 · April 28, 2016 07:22 · April 9, 2017 20:35 · February 18, 2016 17:53 · April 5, 2019 14:40
 --- nsd-4.1.1/query.c   2015-01-21 17:36:06.000000000 +0900
 +++ nsd-4.1.1-noany/query.c     2015-03-07 18:50:20.587502110 +0900
 @@ -1384,6 +1384,9 @@
                 * Thus RCODE = NOERROR = NSD_RC_OK. */
                return query_error(q, NSD_RC_OK);
        }
 +       if(q->qtype==TYPE_ANY) {
 +               return query_error(q, NSD_RC_IMPL);
 +       }
 
 ### reverse zone administrated by JPNIC (ksk=2048b, zsk=1280b)

 dais@claes:~$ ldns-keyfetcher -r named.root  133.in-addr.arpa

 133.in-addr.arpa.	86400	IN	DNSKEY	256 3 8 AwEAAZg7FvP9WNqqRGdtDkW/PVoOB
 U+mWupJHbNo8i9ogUgkskBsnGq32DBpew4VRomuGjvt++/OqCzzi9bRegOy6CdWg6LM3gW6qw
 0u925naUb9R1Hs0d6LlCfV2S9HtX0t/o4sIP9bV2r3mPYcsX71XwtvD3uMlB92xMp5ieEPtu0
 jd1XPDv4NKn+5+bnl5wZ5p9+zdnuE2dKcGAcjmkbQRG0= ;{id = 16816 (zsk), size = 1280b}
 133.in-addr.arpa.	86400	IN	DNSKEY	257 3 8 AwEAAZqrZ3fPVEDkpj8rFe5RNzxPN
 SQFi9+erHQ6KxV47S3rLZ40kiid73hm/QBJBNxUwJ4rPZ3Du8Yp6txQdmWXrCYoCzGK7OskVM
 logging {
        channel "resolver-log" {
                file "/tmp/resolver.log" versions 5 size 10M;
                severity debug 1;  # 1より大きくするとキャッシュミスのqname以外のログも大量に出てくる
                print-time yes;
                print-severity yes;
                print-category yes;
        };
        category resolver { "resolver-log"; };
 };
 --- nsd-4.1.7/query.c   2015-11-18 17:50:05.000000000 +0900
 +++ nsd-4.1.7-refuse-any/query.c        2016-04-09 03:34:09.312740769 +0900
 @@ -677,7 +677,7 @@
        assert(query);
        /* Currently, only troublesome for DNSKEY and DS,
          * cuz their RRSETs are quite large. */
 -       return (query->qtype != TYPE_DNSKEY && query->qtype != TYPE_DS);
 +       return (query->qtype != TYPE_DNSKEY && query->qtype != TYPE_DS && query->qtype != TYPE_ANY);
 }
 
 options {

  // Enable DNSSEC validation
  dnssec-validation auto;
  
  // set NTA to dnssec-failed.org
  // BIND9.10 and higher implements disable-ds-digests 
  disable-ds-digests dnssec-failed.org { SHA-1; SHA-256; };

 };
 $ date; curl -H'X-API-Key: *******' https://api.dnsdb.info/lookup/rrset/name/*.yamanashi-med.ac.jp/
 Fri Apr  5 23:35:40 JST 2019
 ;;  bailiwick: yamanashi-med.ac.jp.
 ;;      count: 27
 ;; first seen: 2019-01-01 19:08:57 -0000
 ;;  last seen: 2019-03-22 13:25:13 -0000
 yamanashi-med.ac.jp. IN A 183.181.98.2

 ;;  bailiwick: jp.
 ;;      count: 479
	--- nsd-4.1.1/query.c 2015-01-21 17:36:06.000000000 +0900
	+++ nsd-4.1.1-noany/query.c 2015-03-07 18:50:20.587502110 +0900
	@@ -1384,6 +1384,9 @@
	* Thus RCODE = NOERROR = NSD_RC_OK. */
	return query_error(q, NSD_RC_OK);
	}
	+ if(q->qtype==TYPE_ANY) {
	+ return query_error(q, NSD_RC_IMPL);
	+ }
	### reverse zone administrated by JPNIC (ksk=2048b, zsk=1280b)

	dais@claes:~$ ldns-keyfetcher -r named.root 133.in-addr.arpa

	133.in-addr.arpa. 86400 IN DNSKEY 256 3 8 AwEAAZg7FvP9WNqqRGdtDkW/PVoOB
	U+mWupJHbNo8i9ogUgkskBsnGq32DBpew4VRomuGjvt++/OqCzzi9bRegOy6CdWg6LM3gW6qw
	0u925naUb9R1Hs0d6LlCfV2S9HtX0t/o4sIP9bV2r3mPYcsX71XwtvD3uMlB92xMp5ieEPtu0
	jd1XPDv4NKn+5+bnl5wZ5p9+zdnuE2dKcGAcjmkbQRG0= ;{id = 16816 (zsk), size = 1280b}
	133.in-addr.arpa. 86400 IN DNSKEY 257 3 8 AwEAAZqrZ3fPVEDkpj8rFe5RNzxPN
	SQFi9+erHQ6KxV47S3rLZ40kiid73hm/QBJBNxUwJ4rPZ3Du8Yp6txQdmWXrCYoCzGK7OskVM
	logging {
	channel "resolver-log" {
	file "/tmp/resolver.log" versions 5 size 10M;
	severity debug 1; # 1より大きくするとキャッシュミスのqname以外のログも大量に出てくる
	print-time yes;
	print-severity yes;
	print-category yes;
	};
	category resolver { "resolver-log"; };
	};
	--- nsd-4.1.7/query.c 2015-11-18 17:50:05.000000000 +0900
	+++ nsd-4.1.7-refuse-any/query.c 2016-04-09 03:34:09.312740769 +0900
	@@ -677,7 +677,7 @@
	assert(query);
	/* Currently, only troublesome for DNSKEY and DS,
	* cuz their RRSETs are quite large. */
	- return (query->qtype != TYPE_DNSKEY && query->qtype != TYPE_DS);
	+ return (query->qtype != TYPE_DNSKEY && query->qtype != TYPE_DS && query->qtype != TYPE_ANY);
	}
	options {

	// Enable DNSSEC validation
	dnssec-validation auto;

	// set NTA to dnssec-failed.org
	// BIND9.10 and higher implements disable-ds-digests
	disable-ds-digests dnssec-failed.org { SHA-1; SHA-256; };

	};
	$ date; curl -H'X-API-Key: ******' https://api.dnsdb.info/lookup/rrset/name/.yamanashi-med.ac.jp/
	Fri Apr 5 23:35:40 JST 2019
	;; bailiwick: yamanashi-med.ac.jp.
	;; count: 27
	;; first seen: 2019-01-01 19:08:57 -0000
	;; last seen: 2019-03-22 13:25:13 -0000
	yamanashi-med.ac.jp. IN A 183.181.98.2

	;; bailiwick: jp.
	;; count: 479