git.ipfire.org Git - thirdparty/bind9.git/commit

author	Artem Boldariev <artem@boldariev.com>
	Tue, 31 Oct 2023 10:39:04 +0000 (12:39 +0200)
committer	Artem Boldariev <artem@boldariev.com>
	Wed, 6 Dec 2023 13:15:25 +0000 (15:15 +0200)
commit	5ed3a76f9dffd193f73f0b30434a22162565ca2d
tree	90dc97a49f9ba01398b14d12c57d19c7041dae82	tree \| snapshot
parent	6725d36cfd390ecf80be6f70033d19857f31b983	commit \| diff

BIND: Add 'allow-proxy' and 'allow-proxy-on' options

The main intention of PROXY protocol is to pass endpoints information
to a back-end server (in our case - BIND). That means that it is a
valid way to spoof endpoints information, as the addresses and ports
extracted from PROXYv2 headers, from the point of view of BIND, are
used instead of the real connection addresses.

Of course, an ability to easily spoof endpoints information can be
considered a security issue when used uncontrollably. To resolve that,
we introduce 'allow-proxy' and 'allow-proxy-on' ACL options. These are
the only ACL options in BIND that work with real PROXY connections
addresses, allowing a DNS server operator to specify from what clients
and on which interfaces he or she is willing to accept PROXY
headers. By default, for security reasons we do not allow to accept
them.

bin/named/config.c		diff \| blob \| blame \| history
bin/named/server.c		diff \| blob \| blame \| history
doc/arm/reference.rst		diff \| blob \| blame \| history
doc/misc/options		diff \| blob \| blame \| history
lib/dns/include/dns/view.h		diff \| blob \| blame \| history
lib/dns/view.c		diff \| blob \| blame \| history
lib/isccfg/check.c		diff \| blob \| blame \| history
lib/isccfg/namedconf.c		diff \| blob \| blame \| history
lib/ns/client.c		diff \| blob \| blame \| history