From: Simon Kelley Date: Tue, 19 Jan 2016 21:23:30 +0000 (+0000) Subject: Fix wrong reply to simple name when --domain-needed set and no servers configured. X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=d05dd58de1113bb99060af2772247a45ceb3a1ad;p=people%2Fms%2Fdnsmasq.git Fix wrong reply to simple name when --domain-needed set and no servers configured. Also return REFUSED and not SERVFAIL when out of memory. Thanks to Allain Legacy for problem report. --- diff --git a/CHANGELOG b/CHANGELOG index dcaa699..d3cf909 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -22,6 +22,15 @@ version 2.76 reading a hosts-file fails. Thanks to André Glüpker for the patch. + Fix wrong answer to simple name query when --domain-needed + set, but no upstream servers configured. Dnsmasq returned + REFUSED, in this case, when it should be the same as when + upstream servers are configured - NOERROR. Thanks to + Allain Legacy for spotting the problem. + + Return REFUSED when running out of forwarding table slots, + not SERVFAIL. + version 2.75 Fix reversion on 2.74 which caused 100% CPU use when a diff --git a/src/forward.c b/src/forward.c index ff0ab7e..414f988 100644 --- a/src/forward.c +++ b/src/forward.c @@ -249,9 +249,7 @@ static int forward_query(int udpfd, union mysockaddr *udpaddr, (void)do_bit; /* may be no servers available. */ - if (!daemon->servers) - forward = NULL; - else if (forward || (hash && (forward = lookup_frec_by_sender(ntohs(header->id), udpaddr, hash)))) + if (forward || (hash && (forward = lookup_frec_by_sender(ntohs(header->id), udpaddr, hash)))) { /* If we didn't get an answer advertising a maximal packet in EDNS, fall back to 1280, which should work everywhere on IPv6. @@ -334,9 +332,9 @@ static int forward_query(int udpfd, union mysockaddr *udpaddr, #endif type &= ~SERV_DO_DNSSEC; - if (!flags && !(forward = get_new_frec(now, NULL, 0))) - /* table full - server failure. */ - flags = F_NEG; + if (daemon->servers && !flags) + forward = get_new_frec(now, NULL, 0); + /* table full - flags == 0, return REFUSED */ if (forward) { @@ -1621,6 +1619,9 @@ unsigned char *tcp_request(int confd, time_t now, unsigned int mark = 0; int have_mark = 0; + (void)mark; + (void)have_mark; + if (getpeername(confd, (struct sockaddr *)&peer_addr, &peer_len) == -1) return packet; diff --git a/src/rfc1035.c b/src/rfc1035.c index 55dec48..9c0ddb5 100644 --- a/src/rfc1035.c +++ b/src/rfc1035.c @@ -896,9 +896,7 @@ size_t setup_reply(struct dns_header *header, size_t qlen, header->nscount = htons(0); header->arcount = htons(0); header->ancount = htons(0); /* no answers unless changed below */ - if (flags == F_NEG) - SET_RCODE(header, SERVFAIL); /* couldn't get memory */ - else if (flags == F_NOERR) + if (flags == F_NOERR) SET_RCODE(header, NOERROR); /* empty domain */ else if (flags == F_NXDOMAIN) SET_RCODE(header, NXDOMAIN);