src/patches/dnsmasq/0089-Check-IPv4-mapped-IPv6-addresses-with-stop-rebind.patch

   1 From b059c96dc69dfe3055c5b32b078a05c53b11ebb3 Mon Sep 17 00:00:00 2001
   2 From: Simon Kelley <simon@thekelleys.org.uk>
   3 Date: Fri, 8 May 2015 20:25:51 +0100
   4 Subject: [PATCH 89/98] Check IPv4-mapped IPv6 addresses with --stop-rebind.
   5
   6 ---
   7  CHANGELOG     |  3 +++
   8  src/rfc1035.c | 21 +++++++++++++++++----
   9  2 files changed, 20 insertions(+), 4 deletions(-)
  10
  11 diff --git a/CHANGELOG b/CHANGELOG
  12 index d8fc57a418bb..94a521f996e2 100644
  13 --- a/CHANGELOG
  14 +++ b/CHANGELOG
  15 @@ -115,6 +115,9 @@ version 2.73
  16             header to 1280 bytes. If it then answers, make that
  17             change permanent.
  18
  19 +           Check IPv4-mapped IPv6 addresses when --stop-rebind
  20 +           is active. Thanks to Jordan Milne for spotting this.
  21 +
  22
  23  version 2.72
  24              Add ra-advrouter mode, for RFC-3775 mobile IPv6 support.
  25 diff --git a/src/rfc1035.c b/src/rfc1035.c
  26 index 8b1709dd3495..5e3f566fdbc5 100644
  27 --- a/src/rfc1035.c
  28 +++ b/src/rfc1035.c
  29 @@ -1117,10 +1117,23 @@ int extract_addresses(struct dns_header *header, size_t qlen, char *name, time_t
  30                       memcpy(&addr, p1, addrlen);
  31
  32                       /* check for returned address in private space */
  33 -                     if (check_rebind &&
  34 -                         (flags & F_IPV4) &&
  35 -                         private_net(addr.addr.addr4, !option_bool(OPT_LOCAL_REBIND)))
  36 -                       return 1;
  37 +                     if (check_rebind)
  38 +                       {
  39 +                         if ((flags & F_IPV4) &&
  40 +                             private_net(addr.addr.addr4, !option_bool(OPT_LOCAL_REBIND)))
  41 +                           return 1;
  42 +
  43 +#ifdef HAVE_IPV6
  44 +                         if ((flags & F_IPV6) &&
  45 +                             IN6_IS_ADDR_V4MAPPED(&addr.addr.addr6))
  46 +                           {
  47 +                             struct in_addr v4;
  48 +                             v4.s_addr = ((const uint32_t *) (&addr.addr.addr6))[3];
  49 +                             if (private_net(v4, !option_bool(OPT_LOCAL_REBIND)))
  50 +                               return 1;
  51 +                           }
  52 +#endif
  53 +                       }
  54
  55  #ifdef HAVE_IPSET
  56                       if (ipsets && (flags & (F_IPV4 | F_IPV6)))
  57 --
  58 2.1.0
  59