No longer attempt to answer questions coming in from port 0, reply would not reach...

Closes #844.

diff --git a/pdns/nameserver.cc b/pdns/nameserver.cc
index 1ec2eab0880bd9612d80edb80d2db5c1d1685432..008844ee38ba334256bb4e6d601b1735606f6a5c 100644 (file)
--- a/pdns/nameserver.cc
+++ b/pdns/nameserver.cc
@@ -420,8 +420,12 @@ DNSPacket *UDPNameserver::receive(DNSPacket *prefilled)
   if(sock==-1)
     throw PDNSException("poll betrayed us! (should not happen)");
   
-
   DLOG(L<<"Received a packet " << len <<" bytes long from "<< remote.toString()<<endl);
+
+  BOOST_STATIC_ASSERT(offsetof(sockaddr_in, sin_port) == offsetof(sockaddr_in6, sin6_port));
+
+  if(remote.sin4.sin_port == 0) // would generate error on responding. sin4 also works for ipv6
+    return 0;
   
   DNSPacket *packet;
   if(prefilled)  // they gave us a preallocated packet

diff --git a/pdns/pdns_recursor.cc b/pdns/pdns_recursor.cc
index e275c3d0e7d8d7e7f41b2991b30bcf201ea222b2..ae4b0a42a6c043313cdda7d307268efdf804ee39 100644 (file)
--- a/pdns/pdns_recursor.cc
+++ b/pdns/pdns_recursor.cc
@@ -31,6 +31,7 @@
 #include "dns_random.hh"
 #include <iostream>
 #include <errno.h>
+#include <boost/static_assert.hpp>
 #include <map>
 #include <set>
 #include "recursor_cache.hh"
@@ -923,6 +924,14 @@ void handleNewUDPQuestion(int fd, FDMultiplexer::funcparam_t& var)
       g_stats.unauthorizedUDP++;
       return;
     }
+    BOOST_STATIC_ASSERT_MSG(offsetof(sockaddr_in, sin_port) == offsetof(sockaddr_in6, sin6_port), "IPv4 and IPv6 structs differ wrt port");
+    if(!fromaddr.sin4.sin_port) { // also works for IPv6
+     if(!g_quiet) 
+        L<<Logger::Error<<"["<<MT->getTid()<<"] dropping UDP query from "<<fromaddr.toStringWithPort()<<", can't deal with port 0"<<endl;
+
+      g_stats.clientParseError++; // not quite the best place to put it, but needs to go somewhere
+      return;
+    }
     try {
       dnsheader* dh=(dnsheader*)data;