d_lw->registerFunction<DNSPacket, int(const char *, size_t)>("parse", [](DNSPacket &p, const char *mesg, size_t len){ return p.parse(mesg, len); });
d_lw->registerFunction<DNSPacket, const std::string()>("getString", [](DNSPacket &p) { return p.getString(); });
d_lw->registerFunction<DNSPacket, void(const ComboAddress&)>("setRemote", [](DNSPacket &p, const ComboAddress &ca) { p.setRemote(&ca); });
- d_lw->registerFunction<DNSPacket, ComboAddress()>("getRemote", [](DNSPacket &p) { return p.getRemote(); });
+ d_lw->registerFunction<DNSPacket, ComboAddress()>("getRemote", [](DNSPacket &p) { return p.getInnerRemote(); });
d_lw->registerFunction<DNSPacket, Netmask()>("getRealRemote", [](DNSPacket &p) { return p.getRealRemote(); });
d_lw->registerFunction<DNSPacket, ComboAddress()>("getLocal", [](DNSPacket &p) { return p.getLocal(); });
- d_lw->registerFunction<DNSPacket, unsigned int()>("getRemotePort", [](DNSPacket &p) { return p.getRemotePort(); });
+ d_lw->registerFunction<DNSPacket, unsigned int()>("getRemotePort", [](DNSPacket &p) { return p.getInnerRemote().getPort(); });
d_lw->registerFunction<DNSPacket, std::tuple<const std::string, unsigned int>()>("getQuestion", [](DNSPacket &p) { return std::make_tuple(p.qdomain.toString(), static_cast<unsigned int>(p.qtype.getCode())); });
d_lw->registerFunction<DNSPacket, void(bool)>("setA", [](DNSPacket &p, bool a) { return p.setA(a); });
d_lw->registerFunction<DNSPacket, void(unsigned int)>("setID", [](DNSPacket &p, unsigned int id) { return p.setID(static_cast<uint16_t>(id)); });
upq.qtype = qtype.getCode();
upq.zonename = zonename;
upq.local = packet.getLocal();
- upq.remote = packet.getRemote();
+ upq.remote = packet.getInnerRemote();
upq.realRemote = packet.getRealRemote();
upq.tsigName = packet.getTSIGKeyname();
upq.peerPrincipal = packet.d_peer_principal;
int PacketHandler::trySuperMasterSynchronous(const DNSPacket& p, const DNSName& tsigkeyname)
{
- ComboAddress remote = p.getRemote();
- // this uses the outer (non-PROXY) remote on purpose
+ ComboAddress remote = p.getInnerRemote();
if(p.hasEDNSSubnet() && pdns::isAddressTrustedNotificationProxy(remote)) {
remote = p.getRealRemote().getNetwork();
}
else {
- // but we fall back to the inner (PROXY) remote if there is no ECS forwarded by a trusted proxy
remote = p.getInnerRemote();
}
remote.setPort(53);
return RCode::Refused;
}
- // this uses the outer (non-PROXY) remote on purpose
- if(pdns::isAddressTrustedNotificationProxy(p.getRemote())) {
+ if(pdns::isAddressTrustedNotificationProxy(p.getInnerRemote())) {
if(di.masters.empty()) {
- g_log<<Logger::Warning<<"Received NOTIFY for "<<p.qdomain<<" from trusted-notification-proxy "<<p.getRemote()<<", zone does not have any masters defined (Refused)"<<endl;
+ g_log<<Logger::Warning<<"Received NOTIFY for "<<p.qdomain<<" from trusted-notification-proxy "<<p.getRemoteString()<<", zone does not have any masters defined (Refused)"<<endl;
return RCode::Refused;
}
- g_log<<Logger::Notice<<"Received NOTIFY for "<<p.qdomain<<" from trusted-notification-proxy "<<p.getRemote()<<endl;
+ g_log<<Logger::Notice<<"Received NOTIFY for "<<p.qdomain<<" from trusted-notification-proxy "<<p.getRemoteString()<<endl;
}
else if(::arg().mustDo("primary") && di.kind == DomainInfo::Master) {
g_log<<Logger::Warning<<"Received NOTIFY for "<<p.qdomain<<" from "<<p.getRemoteString()<<" but we are master (Refused)"<<endl;
if(p.d.qr) { // QR bit from dns packet (thanks RA from N)
if(d_logDNSDetails)
- g_log<<Logger::Error<<"Received an answer (non-query) packet from "<<p.getRemote()<<", dropping"<<endl;
+ g_log<<Logger::Error<<"Received an answer (non-query) packet from "<<p.getRemoteString()<<", dropping"<<endl;
S.inc("corrupt-packets");
S.ringAccount("remotes-corrupt", p.d_remote);
return nullptr;
if(p.d.tc) { // truncated query. MOADNSParser would silently parse this packet in an incomplete way.
if(d_logDNSDetails)
- g_log<<Logger::Error<<"Received truncated query packet from "<<p.getRemote()<<", dropping"<<endl;
+ g_log<<Logger::Error<<"Received truncated query packet from "<<p.getRemoteString()<<", dropping"<<endl;
S.inc("corrupt-packets");
S.ringAccount("remotes-corrupt", p.d_remote);
return nullptr;
if(!validDNSName(p.qdomain)) {
if(d_logDNSDetails)
- g_log<<Logger::Error<<"Received a malformed qdomain from "<<p.getRemote()<<", '"<<p.qdomain<<"': sending servfail"<<endl;
+ g_log<<Logger::Error<<"Received a malformed qdomain from "<<p.getRemote
String()<<", '"<<p.qdomain<<"': sending servfail"<<endl;
S.inc("corrupt-packets");
S.ringAccount("remotes-corrupt", p.d_remote);
S.inc("servfail-packets");
return nullptr;
}
- g_log<<Logger::Error<<"Received an unknown opcode "<<p.d.opcode<<" from "<<p.getRemote()<<" for "<<p.qdomain<<endl;
+ g_log<<Logger::Error<<"Received an unknown opcode "<<p.d.opcode<<" from "<<p.getRemote
String()<<" for "<<p.qdomain<<endl;
r->setRcode(RCode::NotImp);
return r;
}
- // g_log<<Logger::Warning<<"Query for '"<<p.qdomain<<"' "<<p.qtype.toString()<<" from "<<p.getRemote()<< " (tcp="<<p.d_tcp<<")"<<endl;
+ // g_log<<Logger::Warning<<"Query for '"<<p.qdomain<<"' "<<p.qtype.toString()<<" from "<<p.getRemote
String()<< " (tcp="<<p.d_tcp<<")"<<endl;
if(p.qtype.getCode()==QType::IXFR) {
r->setRcode(RCode::Refused);
// this TRUMPS a cname!
if(p.qtype.getCode() == QType::RRSIG) {
- g_log<<Logger::Info<<"Direct RRSIG query for "<<target<<" from "<<p.getRemote()<<endl;
+ g_log<<Logger::Info<<"Direct RRSIG query for "<<target<<" from "<<p.getRemoteString()<<endl;
r->setRcode(RCode::Refused);
goto sendit;
}
projects / thirdparty / pdns.git / commitdiff
