From 0cf71ac4ab76793de8ebd7524bdbae9045b66694 Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Thu, 26 Sep 2013 07:40:34 +1000 Subject: [PATCH] 3656. [bug] Treat a all zero netmask as invalid when generating the localnets acl. [RT #34687] (cherry picked from commit c9ee72cb3acb4562c43333b206737ee94cbbda5e) --- CHANGES | 3 +++ bin/named/interfacemgr.c | 15 +++++++++++---- 2 files changed, 14 insertions(+), 4 deletions(-) diff --git a/CHANGES b/CHANGES index c5a66f10a87..b5c7a9572bc 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,6 @@ +3656. [bug] Treat a all zero netmask as invalid when generating + the localnets acl. [RT #34687] + --- 9.8.6 released --- 3638. [cleanup] Add the ability to handle ENOPROTOOPT in case it is diff --git a/bin/named/interfacemgr.c b/bin/named/interfacemgr.c index 15ffe00aa51..9cf3cde697b 100644 --- a/bin/named/interfacemgr.c +++ b/bin/named/interfacemgr.c @@ -525,15 +525,22 @@ setup_locals(ns_interfacemgr_t *mgr, isc_interface_t *interface) { return (result); if (result != ISC_R_SUCCESS) { - isc_log_write(IFMGR_COMMON_LOGARGS, - ISC_LOG_WARNING, + isc_log_write(IFMGR_COMMON_LOGARGS, ISC_LOG_WARNING, "omitting IPv4 interface %s from " - "localnets ACL: %s", - interface->name, + "localnets ACL: %s", interface->name, isc_result_totext(result)); return (ISC_R_SUCCESS); } + if (prefixlen == 0U) { + isc_log_write(IFMGR_COMMON_LOGARGS, ISC_LOG_WARNING, + "omitting %s interface %s from localnets ACL: " + "zero prefix length detected", + (netaddr->family == AF_INET) ? "IPv4" : "IPv6", + interface->name); + return (ISC_R_SUCCESS); + } + result = dns_iptable_addprefix(mgr->aclenv.localnets->iptable, netaddr, prefixlen, ISC_TRUE); if (result != ISC_R_SUCCESS) -- 2.47.3