type match is available.
19 March 2024: Wouter
- Fix rpz so that rpz CNAME can apply after rpz CNAME. And fix that
clientip and nsip can give a CNAME.
+ - Fix localdata and rpz localdata to match CNAME only if no direct
+ type match is available.
18 March 2024: Wouter
- Fix that rpz CNAME content is limited to the max number of cnames.
static struct local_rrset*
local_data_find_type(struct local_data* data, uint16_t type, int alias_ok)
{
- struct local_rrset* p;
+ struct local_rrset* p, *cname = NULL;
type = htons(type);
for(p = data->rrsets; p; p = p->next) {
if(p->rrset->rk.type == type)
return p;
if(alias_ok && p->rrset->rk.type == htons(LDNS_RR_TYPE_CNAME))
- return p;
+ cname = p;
}
+ if(alias_ok)
+ return cname;
return NULL;
}
static struct local_rrset*
local_data_find_type(struct local_data* data, uint16_t type, int alias_ok)
{
- struct local_rrset* p;
+ struct local_rrset* p, *cname = NULL;
type = htons(type);
for(p = data->rrsets; p; p = p->next) {
if(p->rrset->rk.type == type)
return p;
if(alias_ok && p->rrset->rk.type == htons(LDNS_RR_TYPE_CNAME))
- return p;
+ cname = p;
}
+ if(alias_ok)
+ return cname;
return NULL;
}
--- /dev/null
+; config options
+server:
+ local-zone: "a." static
+ local-data: "myd.a. NSEC myd2.a. CNAME NSEC"
+ local-data: "myd.a. CNAME myd.target.a."
+
+ ; Switches the types first one then the other.
+ local-data: "myd2.a. CNAME myd2.target.a."
+ local-data: "myd2.a. NSEC myd3.a. CNAME NSEC"
+
+stub-zone:
+ name: "a"
+ stub-addr: 1.2.3.4
+
+CONFIG_END
+SCENARIO_BEGIN Test local data queries with CNAME and other data.
+
+RANGE_BEGIN 0 1000
+ ADDRESS 1.2.3.4
+ENTRY_BEGIN
+MATCH opcode qtype qname
+ADJUST copy_id
+REPLY QR NOERROR
+SECTION QUESTION
+www.refuse.top. IN A
+SECTION ANSWER
+www.refuse.top. IN A 5.5.5.5
+ENTRY_END
+RANGE_END
+
+; local data query for type next to CNAME, the specific type should
+; be preferred over the CNAME.
+STEP 10 QUERY
+ENTRY_BEGIN
+REPLY RD
+SECTION QUESTION
+myd.a. IN NSEC
+ENTRY_END
+
+STEP 20 CHECK_ANSWER
+ENTRY_BEGIN
+MATCH all
+REPLY QR RD RA AA
+SECTION QUESTION
+myd.a. IN NSEC
+SECTION ANSWER
+myd.a. NSEC myd2.a. CNAME NSEC
+ENTRY_END
+
+STEP 30 QUERY
+ENTRY_BEGIN
+REPLY RD
+SECTION QUESTION
+myd2.a. IN NSEC
+ENTRY_END
+
+STEP 40 CHECK_ANSWER
+ENTRY_BEGIN
+MATCH all
+REPLY QR RD RA AA
+SECTION QUESTION
+myd2.a. IN NSEC
+SECTION ANSWER
+myd2.a. NSEC myd3.a. CNAME NSEC
+ENTRY_END
+
+SCENARIO_END
projects / thirdparty / unbound.git / commitdiff
