"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "src/auth.c" between
dnsmasq-2.80.tar.gz and dnsmasq-2.81.tar.xz

About: Dnsmasq is a lightweight caching DNS forwarder and DHCP server.

auth.c  (dnsmasq-2.80):auth.c  (dnsmasq-2.81.tar.xz)
/* dnsmasq is Copyright (c) 2000-2018 Simon Kelley /* dnsmasq is Copyright (c) 2000-2020 Simon Kelley
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
the Free Software Foundation; version 2 dated June, 1991, or the Free Software Foundation; version 2 dated June, 1991, or
(at your option) version 3 dated 29 June, 2007. (at your option) version 3 dated 29 June, 2007.
This program is distributed in the hope that it will be useful, This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>. along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
#include "dnsmasq.h" #include "dnsmasq.h"
#ifdef HAVE_AUTH #ifdef HAVE_AUTH
static struct addrlist *find_addrlist(struct addrlist *list, int flag, struct al l_addr *addr_u) static struct addrlist *find_addrlist(struct addrlist *list, int flag, union all _addr *addr_u)
{ {
do { do {
if (!(list->flags & ADDRLIST_IPV6)) if (!(list->flags & ADDRLIST_IPV6))
{ {
struct in_addr netmask, addr = addr_u->addr.addr4; struct in_addr netmask, addr = addr_u->addr4;
if (!(flag & F_IPV4)) if (!(flag & F_IPV4))
continue; continue;
netmask.s_addr = htonl(~(in_addr_t)0 << (32 - list->prefixlen)); netmask.s_addr = htonl(~(in_addr_t)0 << (32 - list->prefixlen));
if (is_same_net(addr, list->addr.addr.addr4, netmask)) if (is_same_net(addr, list->addr.addr4, netmask))
return list; return list;
} }
#ifdef HAVE_IPV6 else if (is_same_net6(&(addr_u->addr6), &list->addr.addr6, list->prefixlen))
else if (is_same_net6(&(addr_u->addr.addr6), &list->addr.addr.addr6, list->p
refixlen))
return list; return list;
#endif
} while ((list = list->next)); } while ((list = list->next));
return NULL; return NULL;
} }
static struct addrlist *find_subnet(struct auth_zone *zone, int flag, struct all _addr *addr_u) static struct addrlist *find_subnet(struct auth_zone *zone, int flag, union all_ addr *addr_u)
{ {
if (!zone->subnet) if (!zone->subnet)
return NULL; return NULL;
return find_addrlist(zone->subnet, flag, addr_u); return find_addrlist(zone->subnet, flag, addr_u);
} }
static struct addrlist *find_exclude(struct auth_zone *zone, int flag, struct al l_addr *addr_u) static struct addrlist *find_exclude(struct auth_zone *zone, int flag, union all _addr *addr_u)
{ {
if (!zone->exclude) if (!zone->exclude)
return NULL; return NULL;
return find_addrlist(zone->exclude, flag, addr_u); return find_addrlist(zone->exclude, flag, addr_u);
} }
static int filter_zone(struct auth_zone *zone, int flag, struct all_addr *addr_u ) static int filter_zone(struct auth_zone *zone, int flag, union all_addr *addr_u)
{ {
if (find_exclude(zone, flag, addr_u)) if (find_exclude(zone, flag, addr_u))
return 0; return 0;
/* No subnets specified, no filter */ /* No subnets specified, no filter */
if (!zone->subnet) if (!zone->subnet)
return 1; return 1;
return find_subnet(zone, flag, addr_u) != NULL; return find_subnet(zone, flag, addr_u) != NULL;
} }
skipping to change at line 117 skipping to change at line 115
int q, anscount = 0, authcount = 0; int q, anscount = 0, authcount = 0;
struct crec *crecp; struct crec *crecp;
int auth = !local_query, trunc = 0, nxdomain = 1, soa = 0, ns = 0, axfr = 0; int auth = !local_query, trunc = 0, nxdomain = 1, soa = 0, ns = 0, axfr = 0;
struct auth_zone *zone = NULL; struct auth_zone *zone = NULL;
struct addrlist *subnet = NULL; struct addrlist *subnet = NULL;
char *cut; char *cut;
struct mx_srv_record *rec, *move, **up; struct mx_srv_record *rec, *move, **up;
struct txt_record *txt; struct txt_record *txt;
struct interface_name *intr; struct interface_name *intr;
struct naptr *na; struct naptr *na;
struct all_addr addr; union all_addr addr;
struct cname *a, *candidate; struct cname *a, *candidate;
unsigned int wclen; unsigned int wclen;
if (ntohs(header->qdcount) == 0 || OPCODE(header) != QUERY ) if (ntohs(header->qdcount) == 0 || OPCODE(header) != QUERY )
return 0; return 0;
/* determine end of question section (we put answers there) */ /* determine end of question section (we put answers there) */
if (!(ansp = skip_questions(header, qlen))) if (!(ansp = skip_questions(header, qlen)))
return 0; /* bad packet */ return 0; /* bad packet */
/* now process each question, answers go in RRs after the question */ /* now process each question, answers go in RRs after the question */
p = (unsigned char *)(header+1); p = (unsigned char *)(header+1);
for (q = ntohs(header->qdcount); q != 0; q--) for (q = ntohs(header->qdcount); q != 0; q--)
{ {
unsigned short flag = 0; unsigned int flag = 0;
int found = 0; int found = 0;
int cname_wildcard = 0; int cname_wildcard = 0;
/* save pointer to name for copying into answers */ /* save pointer to name for copying into answers */
nameoffset = p - (unsigned char *)header; nameoffset = p - (unsigned char *)header;
/* now extract name as .-concatenated string into name */ /* now extract name as .-concatenated string into name */
if (!extract_name(header, qlen, &p, name, 1, 4)) if (!extract_name(header, qlen, &p, name, 1, 4))
return 0; /* bad packet */ return 0; /* bad packet */
skipping to change at line 182 skipping to change at line 180
if (qtype == T_PTR && flag) if (qtype == T_PTR && flag)
{ {
intr = NULL; intr = NULL;
if (flag == F_IPV4) if (flag == F_IPV4)
for (intr = daemon->int_names; intr; intr = intr->next) for (intr = daemon->int_names; intr; intr = intr->next)
{ {
struct addrlist *addrlist; struct addrlist *addrlist;
for (addrlist = intr->addr; addrlist; addrlist = addrlist->next) for (addrlist = intr->addr; addrlist; addrlist = addrlist->next)
if (!(addrlist->flags & ADDRLIST_IPV6) && addr.addr.addr4.s_add r == addrlist->addr.addr.addr4.s_addr) if (!(addrlist->flags & ADDRLIST_IPV6) && addr.addr4.s_addr == addrlist->addr.addr4.s_addr)
break; break;
if (addrlist) if (addrlist)
break; break;
else else
while (intr->next && strcmp(intr->intr, intr->next->intr) == 0) while (intr->next && strcmp(intr->intr, intr->next->intr) == 0)
intr = intr->next; intr = intr->next;
} }
#ifdef HAVE_IPV6
else if (flag == F_IPV6) else if (flag == F_IPV6)
for (intr = daemon->int_names; intr; intr = intr->next) for (intr = daemon->int_names; intr; intr = intr->next)
{ {
struct addrlist *addrlist; struct addrlist *addrlist;
for (addrlist = intr->addr; addrlist; addrlist = addrlist->next) for (addrlist = intr->addr; addrlist; addrlist = addrlist->next)
if ((addrlist->flags & ADDRLIST_IPV6) && IN6_ARE_ADDR_EQUAL(&ad dr.addr.addr6, &addrlist->addr.addr.addr6)) if ((addrlist->flags & ADDRLIST_IPV6) && IN6_ARE_ADDR_EQUAL(&ad dr.addr6, &addrlist->addr.addr6))
break; break;
if (addrlist) if (addrlist)
break; break;
else else
while (intr->next && strcmp(intr->intr, intr->next->intr) == 0) while (intr->next && strcmp(intr->intr, intr->next->intr) == 0)
intr = intr->next; intr = intr->next;
} }
#endif
if (intr) if (intr)
{ {
if (local_query || in_zone(zone, intr->name, NULL)) if (local_query || in_zone(zone, intr->name, NULL))
{ {
found = 1; found = 1;
log_query(flag | F_REVERSE | F_CONFIG, intr->name, &addr, NULL) ; log_query(flag | F_REVERSE | F_CONFIG, intr->name, &addr, NULL) ;
if (add_resource_record(header, limit, &trunc, nameoffset, &ans p, if (add_resource_record(header, limit, &trunc, nameoffset, &ans p,
daemon->auth_ttl, NULL, daemon->auth_ttl, NULL,
T_PTR, C_IN, "d", intr->name)) T_PTR, C_IN, "d", intr->name))
skipping to change at line 380 skipping to change at line 376
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp , daemon->auth_ttl, if (add_resource_record(header, limit, &trunc, nameoffset, &ansp , daemon->auth_ttl,
NULL, T_NAPTR, C_IN, "sszzzd", NULL, T_NAPTR, C_IN, "sszzzd",
na->order, na->pref, na->flags, na->serv ices, na->regexp, na->replace)) na->order, na->pref, na->flags, na->serv ices, na->regexp, na->replace))
anscount++; anscount++;
} }
} }
if (qtype == T_A) if (qtype == T_A)
flag = F_IPV4; flag = F_IPV4;
#ifdef HAVE_IPV6
if (qtype == T_AAAA) if (qtype == T_AAAA)
flag = F_IPV6; flag = F_IPV6;
#endif
for (intr = daemon->int_names; intr; intr = intr->next) for (intr = daemon->int_names; intr; intr = intr->next)
if ((rc = hostname_issubdomain(name, intr->name))) if ((rc = hostname_issubdomain(name, intr->name)))
{ {
struct addrlist *addrlist; struct addrlist *addrlist;
nxdomain = 0; nxdomain = 0;
if (rc == 2 && flag) if (rc == 2 && flag)
for (addrlist = intr->addr; addrlist; addrlist = addrlist->next) for (addrlist = intr->addr; addrlist; addrlist = addrlist->next)
if (((addrlist->flags & ADDRLIST_IPV6) ? T_AAAA : T_A) == qtype && if (((addrlist->flags & ADDRLIST_IPV6) ? T_AAAA : T_A) == qtype &&
(local_query || filter_zone(zone, flag, &addrlist->addr))) (local_query || filter_zone(zone, flag, &addrlist->addr)))
{ {
#ifdef HAVE_IPV6
if (addrlist->flags & ADDRLIST_REVONLY) if (addrlist->flags & ADDRLIST_REVONLY)
continue; continue;
#endif
found = 1; found = 1;
log_query(F_FORWARD | F_CONFIG | flag, name, &addrlist->addr , NULL); log_query(F_FORWARD | F_CONFIG | flag, name, &addrlist->addr , NULL);
if (add_resource_record(header, limit, &trunc, nameoffset, & ansp, if (add_resource_record(header, limit, &trunc, nameoffset, & ansp,
daemon->auth_ttl, NULL, qtype, C_IN, daemon->auth_ttl, NULL, qtype, C_IN,
qtype == T_A ? "4" : "6", &addrlist- >addr)) qtype == T_A ? "4" : "6", &addrlist- >addr))
anscount++; anscount++;
} }
} }
if (!cut) if (!cut)
skipping to change at line 426 skipping to change at line 419
auth = soa = 1; /* inhibits auth section */ auth = soa = 1; /* inhibits auth section */
found = 1; found = 1;
log_query(F_RRNAME | F_AUTH, zone->domain, NULL, "<SOA>"); log_query(F_RRNAME | F_AUTH, zone->domain, NULL, "<SOA>");
} }
else if (qtype == T_AXFR) else if (qtype == T_AXFR)
{ {
struct iname *peers; struct iname *peers;
if (peer_addr->sa.sa_family == AF_INET) if (peer_addr->sa.sa_family == AF_INET)
peer_addr->in.sin_port = 0; peer_addr->in.sin_port = 0;
#ifdef HAVE_IPV6
else else
{ {
peer_addr->in6.sin6_port = 0; peer_addr->in6.sin6_port = 0;
peer_addr->in6.sin6_scope_id = 0; peer_addr->in6.sin6_scope_id = 0;
} }
#endif
for (peers = daemon->auth_peers; peers; peers = peers->next) for (peers = daemon->auth_peers; peers; peers = peers->next)
if (sockaddr_isequal(peer_addr, &peers->addr)) if (sockaddr_isequal(peer_addr, &peers->addr))
break; break;
/* Refuse all AXFR unless --auth-sec-servers or auth-peers is set * / /* Refuse all AXFR unless --auth-sec-servers or auth-peers is set * /
if ((!daemon->secondary_forward_server && !daemon->auth_peers) || if ((!daemon->secondary_forward_server && !daemon->auth_peers) ||
(daemon->auth_peers && !peers)) (daemon->auth_peers && !peers))
{ {
if (peer_addr->sa.sa_family == AF_INET) if (peer_addr->sa.sa_family == AF_INET)
inet_ntop(AF_INET, &peer_addr->in.sin_addr, daemon->addrbuff, ADDRSTRLEN); inet_ntop(AF_INET, &peer_addr->in.sin_addr, daemon->addrbuff, ADDRSTRLEN);
#ifdef HAVE_IPV6
else else
inet_ntop(AF_INET6, &peer_addr->in6.sin6_addr, daemon->addrbu ff, ADDRSTRLEN); inet_ntop(AF_INET6, &peer_addr->in6.sin6_addr, daemon->addrbu ff, ADDRSTRLEN);
#endif
my_syslog(LOG_WARNING, _("ignoring zone transfer request from % s"), daemon->addrbuff); my_syslog(LOG_WARNING, _("ignoring zone transfer request from % s"), daemon->addrbuff);
return 0; return 0;
} }
auth = 1; auth = 1;
soa = 1; /* inhibits auth section */ soa = 1; /* inhibits auth section */
ns = 1; /* ensure we include NS records! */ ns = 1; /* ensure we include NS records! */
axfr = 1; axfr = 1;
found = 1; found = 1;
skipping to change at line 481 skipping to change at line 470
{ {
*cut = 0; /* remove domain part */ *cut = 0; /* remove domain part */
if (!strchr(name, '.') && (crecp = cache_find_by_name(NULL, name, now, F_IPV4 | F_IPV6))) if (!strchr(name, '.') && (crecp = cache_find_by_name(NULL, name, now, F_IPV4 | F_IPV6)))
{ {
if (crecp->flags & F_DHCP) if (crecp->flags & F_DHCP)
do do
{ {
nxdomain = 0; nxdomain = 0;
if ((crecp->flags & flag) && if ((crecp->flags & flag) &&
(local_query || filter_zone(zone, flag, &(crecp->addr.add r)))) (local_query || filter_zone(zone, flag, &(crecp->addr))))
{ {
*cut = '.'; /* restore domain part */ *cut = '.'; /* restore domain part */
log_query(crecp->flags, name, &crecp->addr.addr, record_s ource(crecp->uid)); log_query(crecp->flags, name, &crecp->addr, record_source (crecp->uid));
*cut = 0; /* remove domain part */ *cut = 0; /* remove domain part */
found = 1; found = 1;
if (add_resource_record(header, limit, &trunc, nameoffset , &ansp, if (add_resource_record(header, limit, &trunc, nameoffset , &ansp,
daemon->auth_ttl, NULL, qtype, C_ IN, daemon->auth_ttl, NULL, qtype, C_ IN,
qtype == T_A ? "4" : "6", &crecp- >addr)) qtype == T_A ? "4" : "6", &crecp- >addr))
anscount++; anscount++;
} }
} while ((crecp = cache_find_by_name(crecp, name, now, F_IPV4 | F_IPV6))); } while ((crecp = cache_find_by_name(crecp, name, now, F_IPV4 | F_IPV6)));
} }
*cut = '.'; /* restore domain part */ *cut = '.'; /* restore domain part */
} }
if ((crecp = cache_find_by_name(NULL, name, now, F_IPV4 | F_IPV6))) if ((crecp = cache_find_by_name(NULL, name, now, F_IPV4 | F_IPV6)))
{ {
if ((crecp->flags & F_HOSTS) || (((crecp->flags & F_DHCP) && option_boo l(OPT_DHCP_FQDN)))) if ((crecp->flags & F_HOSTS) || (((crecp->flags & F_DHCP) && option_boo l(OPT_DHCP_FQDN))))
do do
{ {
nxdomain = 0; nxdomain = 0;
if ((crecp->flags & flag) && (local_query || filter_zone(zone, f lag, &(crecp->addr.addr)))) if ((crecp->flags & flag) && (local_query || filter_zone(zone, f lag, &(crecp->addr))))
{ {
log_query(crecp->flags, name, &crecp->addr.addr, record_sour ce(crecp->uid)); log_query(crecp->flags, name, &crecp->addr, record_source(cr ecp->uid));
found = 1; found = 1;
if (add_resource_record(header, limit, &trunc, nameoffset, & ansp, if (add_resource_record(header, limit, &trunc, nameoffset, & ansp,
daemon->auth_ttl, NULL, qtype, C_IN, daemon->auth_ttl, NULL, qtype, C_IN,
qtype == T_A ? "4" : "6", &crecp->ad dr)) qtype == T_A ? "4" : "6", &crecp->ad dr))
anscount++; anscount++;
} }
} while ((crecp = cache_find_by_name(crecp, name, now, F_IPV4 | F_I PV6))); } while ((crecp = cache_find_by_name(crecp, name, now, F_IPV4 | F_I PV6)));
} }
/* Only supply CNAME if no record for any type is known. */ /* Only supply CNAME if no record for any type is known. */
skipping to change at line 593 skipping to change at line 582
if (!subnet) if (!subnet)
authname = zone->domain; authname = zone->domain;
else else
{ {
/* handle NS and SOA for PTR records */ /* handle NS and SOA for PTR records */
authname = name; authname = name;
if (!(subnet->flags & ADDRLIST_IPV6)) if (!(subnet->flags & ADDRLIST_IPV6))
{ {
in_addr_t a = ntohl(subnet->addr.addr.addr4.s_addr) >> 8; in_addr_t a = ntohl(subnet->addr.addr4.s_addr) >> 8;
char *p = name; char *p = name;
if (subnet->prefixlen >= 24) if (subnet->prefixlen >= 24)
p += sprintf(p, "%u.", a & 0xff); p += sprintf(p, "%u.", a & 0xff);
a = a >> 8; a = a >> 8;
if (subnet->prefixlen >= 16 ) if (subnet->prefixlen >= 16 )
p += sprintf(p, "%u.", a & 0xff); p += sprintf(p, "%u.", a & 0xff);
a = a >> 8; a = a >> 8;
p += sprintf(p, "%u.in-addr.arpa", a & 0xff); p += sprintf(p, "%u.in-addr.arpa", a & 0xff);
} }
#ifdef HAVE_IPV6
else else
{ {
char *p = name; char *p = name;
int i; int i;
for (i = subnet->prefixlen-1; i >= 0; i -= 4) for (i = subnet->prefixlen-1; i >= 0; i -= 4)
{ {
int dig = ((unsigned char *)&subnet->addr.addr.addr6)[i>>3]; int dig = ((unsigned char *)&subnet->addr.addr6)[i>>3];
p += sprintf(p, "%.1x.", (i>>2) & 1 ? dig & 15 : dig >> 4); p += sprintf(p, "%.1x.", (i>>2) & 1 ? dig & 15 : dig >> 4);
} }
p += sprintf(p, "ip6.arpa"); p += sprintf(p, "ip6.arpa");
} }
#endif
} }
/* handle NS and SOA in auth section or for explicit queries */ /* handle NS and SOA in auth section or for explicit queries */
newoffset = ansp - (unsigned char *)header; newoffset = ansp - (unsigned char *)header;
if (((anscount == 0 && !ns) || soa) && if (((anscount == 0 && !ns) || soa) &&
add_resource_record(header, limit, &trunc, 0, &ansp, add_resource_record(header, limit, &trunc, 0, &ansp,
daemon->auth_ttl, NULL, T_SOA, C_IN, "ddlllll", daemon->auth_ttl, NULL, T_SOA, C_IN, "ddlllll",
authname, daemon->authserver, daemon->hostmaster, authname, daemon->authserver, daemon->hostmaster,
daemon->soa_sn, daemon->soa_refresh, daemon->soa_sn, daemon->soa_refresh,
daemon->soa_retry, daemon->soa_expiry, daemon->soa_retry, daemon->soa_expiry,
skipping to change at line 643 skipping to change at line 630
if (soa) if (soa)
anscount++; anscount++;
else else
authcount++; authcount++;
} }
if (anscount != 0 || ns) if (anscount != 0 || ns)
{ {
struct name_list *secondary; struct name_list *secondary;
newoffset = ansp - (unsigned char *)header; /* Only include the machine running dnsmasq if it's acting as an auth s
if (add_resource_record(header, limit, &trunc, -offset, &ansp, erver */
daemon->auth_ttl, NULL, T_NS, C_IN, "d", offset if (daemon->authinterface)
== 0 ? authname : NULL, daemon->authserver)) {
{ newoffset = ansp - (unsigned char *)header;
if (offset == 0) if (add_resource_record(header, limit, &trunc, -offset, &ansp,
offset = newoffset; daemon->auth_ttl, NULL, T_NS, C_IN, "d", of
if (ns) fset == 0 ? authname : NULL, daemon->authserver))
anscount++; {
else if (offset == 0)
authcount++; offset = newoffset;
if (ns)
anscount++;
else
authcount++;
}
} }
if (!subnet) if (!subnet)
for (secondary = daemon->secondary_forward_server; secondary; seconda ry = secondary->next) for (secondary = daemon->secondary_forward_server; secondary; seconda ry = secondary->next)
if (add_resource_record(header, limit, &trunc, offset, &ansp, if (add_resource_record(header, limit, &trunc, offset, &ansp,
daemon->auth_ttl, NULL, T_NS, C_IN, "d", se condary->name)) daemon->auth_ttl, NULL, T_NS, C_IN, "d", se condary->name))
{ {
if (ns) if (ns)
anscount++; anscount++;
else else
skipping to change at line 756 skipping to change at line 747
if (cut) if (cut)
*cut = 0; *cut = 0;
for (addrlist = intr->addr; addrlist; addrlist = addrlist->next) for (addrlist = intr->addr; addrlist; addrlist = addrlist->next)
if (!(addrlist->flags & ADDRLIST_IPV6) && if (!(addrlist->flags & ADDRLIST_IPV6) &&
(local_query || filter_zone(zone, F_IPV4, &addrlist->addr)) && (local_query || filter_zone(zone, F_IPV4, &addrlist->addr)) &&
add_resource_record(header, limit, &trunc, -axfroffset, &an sp, add_resource_record(header, limit, &trunc, -axfroffset, &an sp,
daemon->auth_ttl, NULL, T_A, C_IN, "4", cut ? intr->name : NULL, &addrlist->addr)) daemon->auth_ttl, NULL, T_A, C_IN, "4", cut ? intr->name : NULL, &addrlist->addr))
anscount++; anscount++;
#ifdef HAVE_IPV6
for (addrlist = intr->addr; addrlist; addrlist = addrlist->next) for (addrlist = intr->addr; addrlist; addrlist = addrlist->next)
if ((addrlist->flags & ADDRLIST_IPV6) && if ((addrlist->flags & ADDRLIST_IPV6) &&
(local_query || filter_zone(zone, F_IPV6, &addrlist->addr)) && (local_query || filter_zone(zone, F_IPV6, &addrlist->addr)) &&
add_resource_record(header, limit, &trunc, -axfroffset, &an sp, add_resource_record(header, limit, &trunc, -axfroffset, &an sp,
daemon->auth_ttl, NULL, T_AAAA, C_IN, " 6", cut ? intr->name : NULL, &addrlist->addr)) daemon->auth_ttl, NULL, T_AAAA, C_IN, " 6", cut ? intr->name : NULL, &addrlist->addr))
anscount++; anscount++;
#endif
/* restore config data */ /* restore config data */
if (cut) if (cut)
*cut = '.'; *cut = '.';
} }
for (a = daemon->cnames; a; a = a->next) for (a = daemon->cnames; a; a = a->next)
if (in_zone(zone, a->alias, &cut)) if (in_zone(zone, a->alias, &cut))
{ {
strcpy(name, a->target); strcpy(name, a->target);
skipping to change at line 800 skipping to change at line 789
while ((crecp = cache_enumerate(0))) while ((crecp = cache_enumerate(0)))
{ {
if ((crecp->flags & (F_IPV4 | F_IPV6)) && if ((crecp->flags & (F_IPV4 | F_IPV6)) &&
!(crecp->flags & (F_NEG | F_NXDOMAIN)) && !(crecp->flags & (F_NEG | F_NXDOMAIN)) &&
(crecp->flags & F_FORWARD)) (crecp->flags & F_FORWARD))
{ {
if ((crecp->flags & F_DHCP) && !option_bool(OPT_DHCP_FQDN)) if ((crecp->flags & F_DHCP) && !option_bool(OPT_DHCP_FQDN))
{ {
char *cache_name = cache_get_name(crecp); char *cache_name = cache_get_name(crecp);
if (!strchr(cache_name, '.') && if (!strchr(cache_name, '.') &&
(local_query || filter_zone(zone, (crecp->flags & (F_IP (local_query || filter_zone(zone, (crecp->flags & (F_IP
V6 | F_IPV4)), &(crecp->addr.addr)))) V6 | F_IPV4)), &(crecp->addr))) &&
{ add_resource_record(header, limit, &trunc, -axfroffset,
qtype = T_A; &ansp,
#ifdef HAVE_IPV6 daemon->auth_ttl, NULL, (crecp->fla
if (crecp->flags & F_IPV6) gs & F_IPV6) ? T_AAAA : T_A, C_IN,
qtype = T_AAAA; (crecp->flags & F_IPV4) ? "4" : "6"
#endif , cache_name, &crecp->addr))
if (add_resource_record(header, limit, &trunc, -axfroff anscount++;
set, &ansp,
daemon->auth_ttl, NULL, qtype,
C_IN,
(crecp->flags & F_IPV4) ? "4" :
"6", cache_name, &crecp->addr))
anscount++;
}
} }
if ((crecp->flags & F_HOSTS) || (((crecp->flags & F_DHCP) && op tion_bool(OPT_DHCP_FQDN)))) if ((crecp->flags & F_HOSTS) || (((crecp->flags & F_DHCP) && op tion_bool(OPT_DHCP_FQDN))))
{ {
strcpy(name, cache_get_name(crecp)); strcpy(name, cache_get_name(crecp));
if (in_zone(zone, name, &cut) && if (in_zone(zone, name, &cut) &&
(local_query || filter_zone(zone, (crecp->flags & (F_IP V6 | F_IPV4)), &(crecp->addr.addr)))) (local_query || filter_zone(zone, (crecp->flags & (F_IP V6 | F_IPV4)), &(crecp->addr))))
{ {
qtype = T_A; if (cut)
#ifdef HAVE_IPV6 *cut = 0;
if (crecp->flags & F_IPV6)
qtype = T_AAAA; if (add_resource_record(header, limit, &trunc, -axfroff
#endif set, &ansp,
if (cut) daemon->auth_ttl, NULL, (crecp-
*cut = 0; >flags & F_IPV6) ? T_AAAA : T_A, C_IN,
(crecp->flags & F_IPV4) ? "4" :
if (add_resource_record(header, limit, &trunc, -axfrof "6", cut ? name : NULL, &crecp->addr))
fset, &ansp, anscount++;
daemon->auth_ttl, NULL, qtype,
C_IN,
(crecp->flags & F_IPV4) ? "4"
: "6", cut ? name : NULL, &crecp->addr))
anscount++;
} }
} }
} }
} }
/* repeat SOA as last record */ /* repeat SOA as last record */
if (add_resource_record(header, limit, &trunc, axfroffset, &ansp, if (add_resource_record(header, limit, &trunc, axfroffset, &ansp,
daemon->auth_ttl, NULL, T_SOA, C_IN, "ddlllll", daemon->auth_ttl, NULL, T_SOA, C_IN, "ddlllll",
daemon->authserver, daemon->hostmaster, daemon->authserver, daemon->hostmaster,
daemon->soa_sn, daemon->soa_refresh, daemon->soa_sn, daemon->soa_refresh,
skipping to change at line 865 skipping to change at line 842
{ {
/* set RA flag */ /* set RA flag */
header->hb4 |= HB4_RA; header->hb4 |= HB4_RA;
} }
else else
{ {
/* clear RA flag */ /* clear RA flag */
header->hb4 &= ~HB4_RA; header->hb4 &= ~HB4_RA;
} }
/* data is never DNSSEC signed. */
header->hb4 &= ~HB4_AD;
/* authoritative */ /* authoritative */
if (auth) if (auth)
header->hb3 |= HB3_AA; header->hb3 |= HB3_AA;
/* truncation */ /* truncation */
if (trunc) if (trunc)
header->hb3 |= HB3_TC; header->hb3 |= HB3_TC;
if ((auth || local_query) && nxdomain) if ((auth || local_query) && nxdomain)
SET_RCODE(header, NXDOMAIN); SET_RCODE(header, NXDOMAIN);
 End of changes. 38 change blocks. 
78 lines changed or deleted 58 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)