Skip to content

D
Dnsmasq
Commit 78c61847 authored by Simon Kelley's avatar Simon Kelley
Browse files
Options

Auth: correct replies to NS and SOA in .arpa zones.

parent 38440b20
Show whitespace changes
Inline Side-by-side
Showing with 38 additions and 21 deletions
CHANGELOG
View file @ 78c61847
...@@ -94,6 +94,14 @@ version 2.73 ...@@ -94,6 +94,14 @@ version 2.73
in the auth-zone declaration. Thanks to Johnny S. Lee in the auth-zone declaration. Thanks to Johnny S. Lee
for the bugreport and initial patch. for the bugreport and initial patch.
Fix authoritative DNS code to correctly reply to NS
and SOA queries for .arpa zones for which we are
declared authoritative by means of a subnet in auth-zone.
Previously we provided correct answers to PTR queries
in such zones (including NS and SOA) but not direct
NS and SOA queries. Thanks to Johnny S. Lee for
pointing out the problem.
version 2.72 version 2.72
Add ra-advrouter mode, for RFC-3775 mobile IPv6 support. Add ra-advrouter mode, for RFC-3775 mobile IPv6 support.
......
src/auth.c
View file @ 78c61847
...@@ -131,12 +131,9 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n ...@@ -131,12 +131,9 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
continue; continue;
} }
if (qtype == T_PTR) if ((qtype == T_PTR || qtype == T_SOA || qtype == T_NS) &&
{ (flag = in_arpa_name_2_addr(name, &addr)) &&
if (!(flag = in_arpa_name_2_addr(name, &addr))) !local_query)
continue;
if (!local_query)
{ {
for (zone = daemon->auth_zones; zone; zone = zone->next) for (zone = daemon->auth_zones; zone; zone = zone->next)
if ((subnet = find_subnet(zone, flag, &addr))) if ((subnet = find_subnet(zone, flag, &addr)))
...@@ -147,8 +144,14 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n ...@@ -147,8 +144,14 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
auth = 0; auth = 0;
continue; continue;
} }
else if (qtype == T_SOA)
soa = 1, found = 1;
else if (qtype == T_NS)
ns = 1, found = 1;
} }
if (qtype == T_PTR && flag)
{
intr = NULL; intr = NULL;
if (flag == F_IPV4) if (flag == F_IPV4)
...@@ -243,6 +246,11 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n ...@@ -243,6 +246,11 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
} }
cname_restart: cname_restart:
if (found)
/* NS and SOA .arpa requests have set found above. */
cut = NULL;
else
{
for (zone = daemon->auth_zones; zone; zone = zone->next) for (zone = daemon->auth_zones; zone; zone = zone->next)
if (in_zone(zone, name, &cut)) if (in_zone(zone, name, &cut))
break; break;
...@@ -252,6 +260,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n ...@@ -252,6 +260,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
auth = 0; auth = 0;
continue; continue;
} }
}
for (rec = daemon->mxnames; rec; rec = rec->next) for (rec = daemon->mxnames; rec; rec = rec->next)
if (!rec->issrv && hostname_isequal(name, rec->name)) if (!rec->issrv && hostname_isequal(name, rec->name))
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment