summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSimon Kelley <simon@thekelleys.org.uk>2015-04-16 15:05:30 +0100
committerSimon Kelley <simon@thekelleys.org.uk>2015-04-16 15:05:30 +0100
commit78c6184752dce27849e36cce4360abc27b8d76d2 (patch)
tree8e711ff384f41c614329ae5111fca3da01f62b80
parent38440b204db65f9be16c4c3daa7e991e4356f6ed (diff)
downloaddnsmasq-78c6184752dce27849e36cce4360abc27b8d76d2.tar.gz
Auth: correct replies to NS and SOA in .arpa zones.
Diffstat
-rw-r--r--CHANGELOG8
-rw-r--r--src/auth.c51
2 files changed, 38 insertions, 21 deletions
diff --git a/CHANGELOG b/CHANGELOG
index f2142c7..0619788 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -94,6 +94,14 @@ version 2.73
in the auth-zone declaration. Thanks to Johnny S. Lee
for the bugreport and initial patch.
+ Fix authoritative DNS code to correctly reply to NS
+ and SOA queries for .arpa zones for which we are
+ declared authoritative by means of a subnet in auth-zone.
+ Previously we provided correct answers to PTR queries
+ in such zones (including NS and SOA) but not direct
+ NS and SOA queries. Thanks to Johnny S. Lee for
+ pointing out the problem.
+
version 2.72
Add ra-advrouter mode, for RFC-3775 mobile IPv6 support.
diff --git a/src/auth.c b/src/auth.c
index 4a5c39f..2b0b7d6 100644
--- a/src/auth.c
+++ b/src/auth.c
@@ -131,24 +131,27 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
continue;
}
- if (qtype == T_PTR)
+ if ((qtype == T_PTR || qtype == T_SOA || qtype == T_NS) &&
+ (flag = in_arpa_name_2_addr(name, &addr)) &&
+ !local_query)
{
- if (!(flag = in_arpa_name_2_addr(name, &addr)))
- continue;
-
- if (!local_query)
+ for (zone = daemon->auth_zones; zone; zone = zone->next)
+ if ((subnet = find_subnet(zone, flag, &addr)))
+ break;
+
+ if (!zone)
{
- for (zone = daemon->auth_zones; zone; zone = zone->next)
- if ((subnet = find_subnet(zone, flag, &addr)))
- break;
-
- if (!zone)
- {
- auth = 0;
- continue;
- }
+ auth = 0;
+ continue;
}
+ else if (qtype == T_SOA)
+ soa = 1, found = 1;
+ else if (qtype == T_NS)
+ ns = 1, found = 1;
+ }
+ if (qtype == T_PTR && flag)
+ {
intr = NULL;
if (flag == F_IPV4)
@@ -243,14 +246,20 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
}
cname_restart:
- for (zone = daemon->auth_zones; zone; zone = zone->next)
- if (in_zone(zone, name, &cut))
- break;
-
- if (!zone)
+ if (found)
+ /* NS and SOA .arpa requests have set found above. */
+ cut = NULL;
+ else
{
- auth = 0;
- continue;
+ for (zone = daemon->auth_zones; zone; zone = zone->next)
+ if (in_zone(zone, name, &cut))
+ break;
+
+ if (!zone)
+ {
+ auth = 0;
+ continue;
+ }
}
for (rec = daemon->mxnames; rec; rec = rec->next)
View Lorry Controller Status