From: Aki Tuomi <cmouse@desteem.org>
Date: Fri, 19 Feb 2016 07:53:55 +0000 (+0200)
Subject: Permit star, fixes #3406
X-Git-Tag: auth-4.0.0-alpha2~30^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cb9b59018796ad843667fd2cf59369789fe981ca;p=thirdparty%2Fpdns.git

Permit star, fixes #3406
---

diff --git a/pdns/ws-api.cc b/pdns/ws-api.cc
index e1e448a452..12d3f7417c 100644
--- a/pdns/ws-api.cc
+++ b/pdns/ws-api.cc
@@ -287,3 +287,8 @@ void apiCheckNameAllowedCharacters(const string& name) {
   if (name.find_first_not_of("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890_/.-") != std::string::npos)
     throw ApiException("Name '"+name+"' contains unsupported characters");
 }
+
+void apiCheckQNameAllowedCharacters(const string& qname) {
+  if (qname.compare(0, 2, "*.") == 0) apiCheckNameAllowedCharacters(qname.substr(2));
+  else apiCheckNameAllowedCharacters(qname);
+}
diff --git a/pdns/ws-api.hh b/pdns/ws-api.hh
index 96c4ec6b40..8c94076975 100644
--- a/pdns/ws-api.hh
+++ b/pdns/ws-api.hh
@@ -35,6 +35,7 @@ void apiServerStatistics(HttpRequest* req, HttpResponse* resp);
 DNSName apiZoneIdToName(const string& id);
 string apiZoneNameToId(const DNSName& name);
 void apiCheckNameAllowedCharacters(const string& name);
+void apiCheckQNameAllowedCharacters(const string& name);
 DNSName apiNameToDNSName(const string& name);
 
 // To be provided by product code.
diff --git a/pdns/ws-auth.cc b/pdns/ws-auth.cc
index 88904bcc30..8d88687755 100644
--- a/pdns/ws-auth.cc
+++ b/pdns/ws-auth.cc
@@ -620,7 +620,7 @@ static void apiServerZones(HttpRequest* req, HttpResponse* resp) {
     for(auto& rr : new_records) {
       if (!rr.qname.isPartOf(zonename) && rr.qname != zonename)
         throw ApiException("RRset "+rr.qname.toString()+" IN "+rr.qtype.getName()+": Name is out of zone");
-      apiCheckNameAllowedCharacters(rr.qname.toString());
+      apiCheckQNameAllowedCharacters(rr.qname.toString());
 
       if (rr.qtype.getCode() == QType::SOA && rr.qname==zonename) {
         have_soa = true;
@@ -889,7 +889,7 @@ static void patchZone(HttpRequest* req, HttpResponse* resp) {
       string changetype;
       QType qtype;
       DNSName qname = apiNameToDNSName(stringFromJson(rrset, "name"));
-      apiCheckNameAllowedCharacters(qname.toString());
+      apiCheckQNameAllowedCharacters(qname.toString());
       qtype = stringFromJson(rrset, "type");
       changetype = toUpper(stringFromJson(rrset, "changetype"));