Pi-Hole/dnsmasq
1
0
Fork 0
mirror of https://github.com/pi-hole/dnsmasq.git synced 2025-12-19 18:28:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auth: correct replies to NS and SOA in .arpa zones.

Browse Source
This commit is contained in:
Simon Kelley
2015-04-16 15:05:30 +01:00
parent 38440b204d
commit 78c6184752
2 changed files with 38 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
CHANGELOG
View File

@@ -94,6 +94,14 @@ version 2.73
in the auth-zone declaration. Thanks to Johnny S. Lee in the auth-zone declaration. Thanks to Johnny S. Lee
for the bugreport and initial patch. for the bugreport and initial patch.
Fix authoritative DNS code to correctly reply to NS
and SOA queries for .arpa zones for which we are
declared authoritative by means of a subnet in auth-zone.
Previously we provided correct answers to PTR queries
in such zones (including NS and SOA) but not direct
NS and SOA queries. Thanks to Johnny S. Lee for
pointing out the problem.
version 2.72 version 2.72
Add ra-advrouter mode, for RFC-3775 mobile IPv6 support. Add ra-advrouter mode, for RFC-3775 mobile IPv6 support.

21
src/auth.c
View File

@@ -131,12 +131,9 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
continue; continue;
} }
if (qtype == T_PTR) if ((qtype == T_PTR || qtype == T_SOA || qtype == T_NS) &&
{ (flag = in_arpa_name_2_addr(name, &addr)) &&
if (!(flag = in_arpa_name_2_addr(name, &addr))) !local_query)
continue;
if (!local_query)
{ {
for (zone = daemon->auth_zones; zone; zone = zone->next) for (zone = daemon->auth_zones; zone; zone = zone->next)
if ((subnet = find_subnet(zone, flag, &addr))) if ((subnet = find_subnet(zone, flag, &addr)))
@@ -147,8 +144,14 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
auth = 0; auth = 0;
continue; continue;
} }
else if (qtype == T_SOA)
soa = 1, found = 1;
else if (qtype == T_NS)
ns = 1, found = 1;
} }
if (qtype == T_PTR && flag)
{
intr = NULL; intr = NULL;
if (flag == F_IPV4) if (flag == F_IPV4)
@@ -243,6 +246,11 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
} }
cname_restart: cname_restart:
if (found)
/* NS and SOA .arpa requests have set found above. */
cut = NULL;
else
{
for (zone = daemon->auth_zones; zone; zone = zone->next) for (zone = daemon->auth_zones; zone; zone = zone->next)
if (in_zone(zone, name, &cut)) if (in_zone(zone, name, &cut))
break; break;
@@ -252,6 +260,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
auth = 0; auth = 0;
continue; continue;
} }
}
for (rec = daemon->mxnames; rec; rec = rec->next) for (rec = daemon->mxnames; rec; rec = rec->next)
if (!rec->issrv && hostname_isequal(name, rec->name)) if (!rec->issrv && hostname_isequal(name, rec->name))