From: Baptiste Assmann <bedis9@gmail.com>
Date: Fri, 11 Aug 2017 08:31:22 +0000 (+0200)
Subject: MINOR: dns: update record dname matching for SRV query types
X-Git-Tag: v1.8-dev3~182
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ddc8ce6d29eb131bcb8f864b5bda46b78e4e42e6;p=thirdparty%2Fhaproxy.git

MINOR: dns: update record dname matching for SRV query types

DNS response for SRV queries look like this:
- query dname looks like '_http._tcp.red.default.svc.cluster.local'
- answer record dname looks like
  '3336633266663038.red.default.svc.cluster.local.'

Of course, it never matches... and it triggers many false positive in
the current code (which is suitable for A/AAAA/CNAME).

This patch simply ignores this dname matching in the case of SRV query
type.
---

diff --git a/src/dns.c b/src/dns.c
index c3905f9ca0..765c787d6a 100644
--- a/src/dns.c
+++ b/src/dns.c
@@ -1173,7 +1173,7 @@ int dns_validate_dns_response(unsigned char *resp, unsigned char *bufend, struct
 		/* check if the current record dname is valid.
 		 * previous_dname points either to queried dname or last CNAME target
 		 */
-		if (memcmp(previous_dname, tmpname, len) != 0) {
+		if (dns_query->type != DNS_RTYPE_SRV && memcmp(previous_dname, tmpname, len) != 0) {
 			free_dns_answer_item(dns_answer_record);
 			if (i == 0) {
 				/* first record, means a mismatch issue between queried dname