Skip to content

Commit

Permalink
Tweak logging and special handling of T_ANY in rr-filter code.
Browse files Browse the repository at this point in the history 
Signed-off-by: DL6ER <dl6er@dl6er.de>
  • Loading branch information
@simonkelley @DL6ER
simonkelley authored and DL6ER committed Feb 13, 2024
1 parent 45c342a commit cc98853
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 26 deletions.
44 changes: 19 additions & 25 deletions src/dnsmasq/rfc1035.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -594,7 +594,7 @@ static int find_soa(struct dns_header *header, size_t qlen, char *name, int *sub
}

/* Print TXT reply to log */
static int log_txt(char *name, unsigned char *p, const int ardlen, int secflag)
static int log_txt(char *name, unsigned char *p, const int ardlen, int flag)
{
unsigned char *p1 = p;

Expand All @@ -616,7 +616,7 @@ static int log_txt(char *name, unsigned char *p, const int ardlen, int secflag)
}

*p3 = 0;
log_query(secflag | F_FORWARD, name, NULL, (char*)p1, 0);
log_query(flag, name, NULL, (char*)p1, 0);
/* restore */
memmove(p1 + 1, p1, i);
*p1 = len;
Expand Down Expand Up @@ -787,7 +787,8 @@ int extract_addresses(struct dns_header *header, size_t qlen, char *name, time_t
addrlen = IN6ADDRSZ;
flags |= F_IPV6;
}
else if (qtype != T_CNAME && (qtype == T_SRV || rr_on_list(daemon->cache_rr, qtype)))
else if (qtype != T_CNAME &&
(qtype == T_SRV || rr_on_list(daemon->cache_rr, qtype) || rr_on_list(daemon->cache_rr, T_ANY)))
flags |= F_RR;
else
insert = 0; /* NOTE: do not cache data from CNAME queries. */
Expand All @@ -813,13 +814,14 @@ int extract_addresses(struct dns_header *header, size_t qlen, char *name, time_t
}
GETSHORT(ardlen, p1);
endrr = p1+ardlen;

if (!CHECK_LEN(header, endrr, qlen, 0))
return 2; /* bad packet */

/* Not what we're looking for? */
if (aqclass != C_IN || res == 2)
{
p1 = endrr;
if (!CHECK_LEN(header, p1, qlen, 0))
return 2; /* bad packet */
continue;
}

Expand Down Expand Up @@ -881,12 +883,13 @@ int extract_addresses(struct dns_header *header, size_t qlen, char *name, time_t

found = 1;
}
else if (aqtype != qtype)
else if (qtype == T_ANY || aqtype != qtype)
{
#ifdef HAVE_DNSSEC
if (!option_bool(OPT_DNSSEC_VALID) || aqtype != T_RRSIG)
#endif
log_query(secflag | F_FORWARD | F_UPSTREAM | F_RRNAME, name, NULL, NULL, aqtype);
if (qtype != T_ANY)
log_query(secflag | F_FORWARD | F_UPSTREAM | F_RRNAME, name, NULL, NULL, aqtype);
}
else if (!(flags & F_NXDOMAIN))
{
Expand Down Expand Up @@ -1032,26 +1035,17 @@ int extract_addresses(struct dns_header *header, size_t qlen, char *name, time_t
blockdata_free(addr.rrblock.rrdata);
}

/* We're filtering this RRtype. It will be removed from the
returned packet in process_reply() but gets cached here anyway
and will be filtered again on the way out of the cache. Here,
we just need to alter the logging. */
if (rr_on_list(daemon->filter_rr, qtype))
secflag = F_NEG | F_CONFIG;

if (aqtype == T_TXT)
{
if (!CHECK_LEN(header, p1, qlen, ardlen))
return 2;

log_txt(name, p1, ardlen, secflag | F_UPSTREAM);
}
log_txt(name, p1, ardlen, flags | F_FORWARD | F_UPSTREAM | secflag);
else
{
int negflag = F_UPSTREAM;

/* We're filtering this RRtype. It will be removed from the
returned packet in process_reply() but gets cached here anyway
and will be filtered again on the way out of the cache. Here,
we just need to alter the logging. */
if (rr_on_list(daemon->filter_rr, qtype))
negflag = F_NEG | F_CONFIG;

log_query(negflag | flags | F_FORWARD | secflag, name, &addr, NULL, aqtype);
}
log_query(flags | F_FORWARD | F_UPSTREAM | secflag, name, &addr, NULL, aqtype);
}

p1 = endrr;
Expand Down
2 changes: 1 addition & 1 deletion src/dnsmasq/util.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -119,7 +119,7 @@ int rr_on_list(struct rrlist *list, unsigned short rr)
{
while (list)
{
if (list->rr == rr || list->rr == T_ANY)
if (list->rr == rr)
return 1;

list = list->next;
Expand Down

0 comments on commit cc98853

Please sign in to comment.