]> git.ipfire.org Git - thirdparty/pdns.git/commitdiff
projects / thirdparty / pdns.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 315cad1)
Log error when remote cannot do AXFR 2392/head
authorAki Tuomi <cmouse@desteem.org>
Sun, 29 Mar 2015 21:37:27 +0000 (00:37 +0300)
committerAki Tuomi <cmouse@desteem.org>
Mon, 30 Mar 2015 12:55:11 +0000 (15:55 +0300)
pdns/tcpreceiver.cc patch | blob | blame | history

diff --git a/pdns/tcpreceiver.cc b/pdns/tcpreceiver.cc
index b6afb9abf8d35b800361dbc5b6a02e5b9e302a31..ddd9cf222133b833860fc3dc836d8e939aeb1529 100644 (file)
--- a/pdns/tcpreceiver.cc
+++ b/pdns/tcpreceiver.cc
@@ -530,8 +530,15 @@ int TCPNameserver::doAXFR(const string &target, shared_ptr<DNSPacket> q, int out
       s_P=new PacketHandler;
     }
 
+    if (!canDoAXFR(q)) {
+      L<<Logger::Error<<"AXFR of domain '"<<target<<"' failed: "<<q->getRemote()<<" cannot request AXFR"<<endl;
+      outpacket->setRcode(9); // 'NOTAUTH'
+      sendPacket(outpacket,outsock);
+      return 0;
+    }
+
     // canDoAXFR does all the ACL checks, and has the if(disable-axfr) shortcut, call it first.
-    if(!canDoAXFR(q) || !s_P->getBackend()->getSOA(target, sd)) {
+    if(!s_P->getBackend()->getSOA(target, sd)) {
       L<<Logger::Error<<"AXFR of domain '"<<target<<"' failed: not authoritative"<<endl;
       outpacket->setRcode(9); // 'NOTAUTH'
       sendPacket(outpacket,outsock);
Unnamed repository; edit this file 'description' to name the repository.