+25 June 2019: Wouter
+ - For #45, check that 127.0.0.1 and ::1 are not used in unbound.conf
+ when do-not-query-localhost is turned on, or at default on,
+ unbound-checkconf prints a warning if it is found in forward-addr or
+ stub-addr statements.
+
24 June 2019: Wouter
- Fix memleak in unit test, reported from the clang 8.0 static analyzer.
edns_known_options_delete(&env);
}
+/** true is addr is a localhost address, 127.0.0.1 or ::1 (@port) */
+static int
+str_addr_is_localhost(const char* a)
+{
+ if(strncmp(a, "127.", 4) == 0) return 1;
+ if(strncmp(a, "::1", 3) == 0) return 1;
+ return 0;
+}
+
+/** check do-not-query-localhost */
+static void
+donotquerylocalhostcheck(struct config_file* cfg)
+{
+ if(cfg->donotquery_localhost) {
+ struct config_stub* p;
+ struct config_strlist* s;
+ for(p=cfg->forwards; p; p=p->next) {
+ for(s=p->addrs; s; s=s->next) {
+ if(str_addr_is_localhost(s->str)) {
+ fprintf(stderr, "unbound-checkconf: warning: forward-addr: '%s' is specified for forward-zone: '%s', but do-not-query-localhost: yes means that the address will not be used for lookups.\n", s->str, p->name);
+ }
+ }
+ }
+ for(p=cfg->stubs; p; p=p->next) {
+ for(s=p->addrs; s; s=s->next) {
+ if(str_addr_is_localhost(s->str)) {
+ fprintf(stderr, "unbound-checkconf: warning: stub-addr: '%s' is specified for stub-zone: '%s', but do-not-query-localhost: yes means that the address will not be used for lookups.\n", s->str, p->name);
+ }
+ }
+ }
+ }
+}
+
/** check localzones */
static void
localzonechecks(struct config_file* cfg)
cfg->control_cert_file);
}
+ donotquerylocalhostcheck(cfg);
localzonechecks(cfg);
view_and_respipchecks(cfg);
#ifdef CLIENT_SUBNET
projects / thirdparty / unbound.git / commitdiff
