openwrt/package/network/services/dnsmasq/patches/0004-Don-t-forward-.bind-.s...

53 lines
1.5 KiB
Diff

From cf5984367bc6a949e3803a576512c5a7bc48ebab Mon Sep 17 00:00:00 2001
From: Vladislav Grishenko <themiron@mail.ru>
Date: Thu, 18 Oct 2018 04:55:21 +0500
Subject: [PATCH 04/32] Don't forward *.bind/*.server queries upstream
Chaos .bind and .server (RFC4892) zones are local, therefore
don't forward queries upstream to avoid mixing with supported
locally and false replies with NO_ID enabled.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
---
src/rfc1035.c | 15 ++++++++++++++-
1 file changed, 14 insertions(+), 1 deletion(-)
--- a/src/rfc1035.c
+++ b/src/rfc1035.c
@@ -1276,7 +1276,7 @@ size_t answer_request(struct dns_header
int q, ans, anscount = 0, addncount = 0;
int dryrun = 0;
struct crec *crecp;
- int nxdomain = 0, auth = 1, trunc = 0, sec_data = 1;
+ int nxdomain = 0, notimp = 0, auth = 1, trunc = 0, sec_data = 1;
struct mx_srv_record *rec;
size_t len;
@@ -1355,6 +1355,17 @@ size_t answer_request(struct dns_header
}
}
+ if (qclass == C_CHAOS)
+ {
+ /* don't forward *.bind and *.server chaos queries */
+ if (hostname_issubdomain("bind", name) || hostname_issubdomain("server", name))
+ {
+ if (!ans)
+ notimp = 1, auth = 0;
+ ans = 1;
+ }
+ }
+
if (qclass == C_IN)
{
struct txt_record *t;
@@ -1903,6 +1914,8 @@ size_t answer_request(struct dns_header
if (nxdomain)
SET_RCODE(header, NXDOMAIN);
+ else if (notimp)
+ SET_RCODE(header, NOTIMP);
else
SET_RCODE(header, NOERROR); /* no error */
header->ancount = htons(anscount);