daxi20/AdGuardHome
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Process DNS rebinding protection after DNSSEC

Browse Source
This commit is contained in:
Reinaldo de Souza Jr
2020-12-03 01:20:05 +01:00
parent b338bf9b3f
commit 6b60598025
7 changed files with 219 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
internal/dnsforward/rebind_test.go
View File

@@ -83,12 +83,12 @@ func TestIsResponseRebind(t *testing.T) {
"localhost",
} {
s.conf.RebindingEnabled = true
s.conf.RebindingProtectionEnabled = true
assert.True(t, s.isResponseRebind("example.com", host))
assert.False(t, s.isResponseRebind("totally-safe.com", host))
assert.False(t, s.isResponseRebind("absolutely.totally-safe.com", host))
s.conf.RebindingEnabled = false
s.conf.RebindingProtectionEnabled = false
assert.False(t, s.isResponseRebind("example.com", host))
assert.False(t, s.isResponseRebind("totally-safe.com", host))
assert.False(t, s.isResponseRebind("absolutely.totally-safe.com", host))
@@ -98,12 +98,12 @@ func TestIsResponseRebind(t *testing.T) {
"200.168.2.3",
"another-example.com",
} {
s.conf.RebindingEnabled = true
s.conf.RebindingProtectionEnabled = true
assert.False(t, s.isResponseRebind("example.com", host))
assert.False(t, s.isResponseRebind("totally-safe.com", host))
assert.False(t, s.isResponseRebind("absolutely.totally-legit.com", host))
s.conf.RebindingEnabled = false
s.conf.RebindingProtectionEnabled = false
assert.False(t, s.isResponseRebind("example.com", host))
assert.False(t, s.isResponseRebind("totally-safe.com", host))
assert.False(t, s.isResponseRebind("absolutely.totally-legit.com", host))