Created
April 26, 2013 11:39
-
-
Save Habbie/5466655 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff -ru pdns-2.9.22-rc3/pdns/backends/bind/bindbackend2.cc pdns-2.9.22-rc3-notify-accept/pdns/backends/bind/bindbackend2.cc | |
--- pdns-2.9.22-rc3/pdns/backends/bind/bindbackend2.cc 2008-11-15 21:32:46.000000000 +0100 | |
+++ pdns-2.9.22-rc3-notify-accept/pdns/backends/bind/bindbackend2.cc 2009-01-19 18:50:58.000000000 +0100 | |
@@ -903,13 +903,15 @@ | |
} | |
-bool Bind2Backend::isMaster(const string &name, const string &ip) | |
+bool Bind2Backend::isMaster(const string &name, const string &ip, string &info) | |
{ | |
for(id_zone_map_t::iterator j=s_state->id_zone_map.begin();j!=s_state->id_zone_map.end();++j) { | |
if(j->second.d_name==name) { | |
for(vector<string>::const_iterator iter = j->second.d_masters.begin(); iter != j->second.d_masters.end(); ++iter) | |
- if(*iter==ip) | |
+ if(*iter==ip) { | |
+ info=ip; | |
return true; | |
+ } | |
} | |
} | |
return false; | |
diff -ru pdns-2.9.22-rc3/pdns/backends/bind/bindbackend2.hh pdns-2.9.22-rc3-notify-accept/pdns/backends/bind/bindbackend2.hh | |
--- pdns-2.9.22-rc3/pdns/backends/bind/bindbackend2.hh 2008-02-03 13:13:59.000000000 +0100 | |
+++ pdns-2.9.22-rc3-notify-accept/pdns/backends/bind/bindbackend2.hh 2009-01-19 18:48:58.000000000 +0100 | |
@@ -133,7 +133,7 @@ | |
static void insert(shared_ptr<State> stage, int id, const string &qname, const QType &qtype, const string &content, int ttl, int prio); | |
void rediscover(string *status=0); | |
- bool isMaster(const string &name, const string &ip); | |
+ bool isMaster(const string &name, const string &ip, string &info); | |
// for supermaster support | |
bool superMasterBackend(const string &ip, const string &domain, const vector<DNSResourceRecord>&nsset, string *account, DNSBackend **db); | |
diff -ru pdns-2.9.22-rc3/pdns/backends/gsql/gsqlbackend.cc pdns-2.9.22-rc3-notify-accept/pdns/backends/gsql/gsqlbackend.cc | |
--- pdns-2.9.22-rc3/pdns/backends/gsql/gsqlbackend.cc 2008-12-06 20:43:50.000000000 +0100 | |
+++ pdns-2.9.22-rc3-notify-accept/pdns/backends/gsql/gsqlbackend.cc 2009-01-20 17:46:48.000000000 +0100 | |
@@ -50,7 +50,7 @@ | |
} | |
} | |
-bool GSQLBackend::isMaster(const string &domain, const string &ip) | |
+bool GSQLBackend::isMaster(const string &domain, const string &ip, string &info) | |
{ | |
char output[1024]; | |
snprintf(output,sizeof(output)-1, | |
@@ -64,9 +64,23 @@ | |
} | |
if(d_result.empty()) | |
- return 0; | |
+ return false; | |
- return !strcmp(ip.c_str(),d_result[0][0].c_str()); | |
+ // we can have multiple masters separated by commas | |
+ vector<string> masters; | |
+ stringtok(masters, d_result[0][0], " ,\t"); | |
+ for(vector<string>::const_iterator iter=masters.begin(); iter != masters.end(); ++iter) { | |
+ // we can also have masters with a port specified (which we ignore here) | |
+ ServiceTuple st; | |
+ parseService(*iter, st); | |
+ if (!strcmp(ip.c_str(), st.host.c_str())) { | |
+ info = *iter; | |
+ return true; | |
+ } | |
+ } | |
+ | |
+ // if no masters matched then this is not a master | |
+ return false; | |
} | |
bool GSQLBackend::getDomainInfo(const string &domain, DomainInfo &di) | |
diff -ru pdns-2.9.22-rc3/pdns/backends/gsql/gsqlbackend.hh pdns-2.9.22-rc3-notify-accept/pdns/backends/gsql/gsqlbackend.hh | |
--- pdns-2.9.22-rc3/pdns/backends/gsql/gsqlbackend.hh 2008-02-03 13:13:59.000000000 +0100 | |
+++ pdns-2.9.22-rc3-notify-accept/pdns/backends/gsql/gsqlbackend.hh 2009-01-20 17:45:37.000000000 +0100 | |
@@ -25,7 +25,7 @@ | |
void lookup(const QType &, const string &qdomain, DNSPacket *p=0, int zoneId=-1); | |
bool list(const string &target, int domain_id); | |
bool get(DNSResourceRecord &r); | |
- bool isMaster(const string &domain, const string &ip); | |
+ bool isMaster(const string &domain, const string &ip, string &info); | |
bool startTransaction(const string &domain, int domain_id=-1); | |
bool commitTransaction(); | |
diff -ru pdns-2.9.22-rc3/pdns/dnsbackend.hh pdns-2.9.22-rc3-notify-accept/pdns/dnsbackend.hh | |
--- pdns-2.9.22-rc3/pdns/dnsbackend.hh 2008-02-03 13:13:59.000000000 +0100 | |
+++ pdns-2.9.22-rc3-notify-accept/pdns/dnsbackend.hh 2009-01-19 18:41:58.000000000 +0100 | |
@@ -84,8 +84,8 @@ | |
//! fills the soadata struct with the SOA details. Returns false if there is no SOA. | |
virtual bool getSOA(const string &name, SOAData &soadata, DNSPacket *p=0); | |
- //! returns true if master ip is master for domain name. | |
- virtual bool isMaster(const string &name, const string &ip) | |
+ //! returns true if master ip is master for domain name, stores matching IP:port in "info" if true. | |
+ virtual bool isMaster(const string &name, const string &ip, string &info) | |
{ | |
return false; | |
} | |
diff -ru pdns-2.9.22-rc3/pdns/packethandler.cc pdns-2.9.22-rc3-notify-accept/pdns/packethandler.cc | |
--- pdns-2.9.22-rc3/pdns/packethandler.cc 2008-12-06 20:44:38.000000000 +0100 | |
+++ pdns-2.9.22-rc3-notify-accept/pdns/packethandler.cc 2009-01-20 17:34:48.000000000 +0100 | |
@@ -484,6 +484,11 @@ | |
} | |
string authServer(p->getRemote()); | |
+ int port = p->getRemotePort(); | |
+ if (port != 53) { | |
+ authServer += ':' + itoa(port); | |
+ } | |
+ | |
if(::arg().contains("trusted-notification-proxy", p->getRemote())) { | |
L<<Logger::Error<<"Received NOTIFY for "<<p->qdomain<<" from trusted-notification-proxy "<< p->getRemote()<<endl; | |
if(di.masters.empty()) { | |
@@ -494,9 +499,13 @@ | |
authServer = *di.masters.begin(); | |
} | |
- else if(!db->isMaster(p->qdomain, p->getRemote())) { | |
- L<<Logger::Error<<"Received NOTIFY for "<<p->qdomain<<" from "<<p->getRemote()<<" which is not a master"<<endl; | |
- return RCode::Refused; | |
+ else { | |
+ string newAuthServer; | |
+ if(!db->isMaster(p->qdomain, p->getRemote(), newAuthServer)) { | |
+ L<<Logger::Error<<"Received NOTIFY for "<<p->qdomain<<" from "<<authServer<<" which is not a master"<<endl; | |
+ return RCode::Refused; | |
+ } | |
+ authServer = newAuthServer; | |
} | |
uint32_t theirserial=0; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment