Pull request: AG-28961-upd-golibs
Squashed commit of the following: commit b153bbc7100dd9184ca689f1755f068b63e3046b Merge: d16da0cf64508ae860Author: Dimitry Kolyshev <dkolyshev@adguard.com> Date: Wed Jan 17 13:56:34 2024 +0200 Merge remote-tracking branch 'origin/master' into AG-28961-upd-golibs commit d16da0cf61d050afd04f00ffc36bca550548edd9 Author: Dimitry Kolyshev <dkolyshev@adguard.com> Date: Wed Jan 17 09:52:03 2024 +0200 all: imp code commit 46aeca7221586ce0cdc91838764bbacdbdfa8620 Author: Dimitry Kolyshev <dkolyshev@adguard.com> Date: Wed Jan 17 09:50:10 2024 +0200 all: imp code commit 32bc83c0a909467655a258e2e879731a90dc96e6 Merge: ee51c60466dbeb5b97Author: Dimitry Kolyshev <dkolyshev@adguard.com> Date: Tue Jan 16 15:42:32 2024 +0200 Merge remote-tracking branch 'origin/master' into AG-28961-upd-golibs # Conflicts: # go.mod # go.sum commit ee51c6046632f89fbe5aa8f6d857c239f060aba5 Author: Dimitry Kolyshev <dkolyshev@adguard.com> Date: Tue Jan 16 10:56:38 2024 +0200 all: upd libs commit 02c1dbd9b568cb9f6ec52a0e9835d0d39e3cd377 Merge: 1daba834258b47adafAuthor: Dimitry Kolyshev <dkolyshev@adguard.com> Date: Tue Jan 16 10:53:54 2024 +0200 Merge remote-tracking branch 'origin/master' into AG-28961-upd-golibs commit 1daba8342b72163c8a26380e083c4e497d6bb772 Author: Dimitry Kolyshev <dkolyshev@adguard.com> Date: Mon Jan 15 11:15:05 2024 +0200 all: upd dnsproxy commit b1670e8a81c04f400245e1316857578b549e58f1 Author: Dimitry Kolyshev <dkolyshev@adguard.com> Date: Mon Jan 15 10:46:27 2024 +0200 dnsforward: imp code commit 7b65a50fca37ad71b68a8bda504839a78b6f7319 Author: Dimitry Kolyshev <dkolyshev@adguard.com> Date: Fri Jan 12 14:14:34 2024 +0200 all: upd golibs
This commit is contained in:
Dimitry Kolyshev
@@ -36,11 +36,8 @@ type dnsContext struct {
|
||||
|
||||
// unreversedReqIP stores an IP address obtained from a PTR request if it
|
||||
// was parsed successfully and belongs to one of the locally served IP
|
||||
// ranges. It is also filled with unmapped version of the address if it's
|
||||
// within DNS64 prefixes.
|
||||
//
|
||||
// TODO(e.burkov): Use netip.Addr when we switch to netip more fully.
|
||||
unreversedReqIP net.IP
|
||||
// ranges.
|
||||
unreversedReqIP netip.Addr
|
||||
|
||||
// err is the error returned from a processing function.
|
||||
err error
|
||||
@@ -350,7 +347,7 @@ func (s *Server) processDetermineLocal(dctx *dnsContext) (rc resultCode) {
|
||||
|
||||
rc = resultCodeSuccess
|
||||
|
||||
dctx.isLocalClient = s.privateNets.Contains(dctx.proxyCtx.Addr.Addr().AsSlice())
|
||||
dctx.isLocalClient = s.privateNets.Contains(dctx.proxyCtx.Addr.Addr())
|
||||
|
||||
return rc
|
||||
}
|
||||
@@ -491,14 +488,7 @@ func extractARPASubnet(domain string) (pref netip.Prefix, err error) {
|
||||
}
|
||||
}
|
||||
|
||||
var subnet *net.IPNet
|
||||
subnet, err = netutil.SubnetFromReversedAddr(domain[idx:])
|
||||
if err != nil {
|
||||
// Don't wrap the error since it's informative enough as is.
|
||||
return netip.Prefix{}, err
|
||||
}
|
||||
|
||||
return netutil.IPNetToPrefixNoMapped(subnet)
|
||||
return netutil.PrefixFromReversedAddr(domain[idx:])
|
||||
}
|
||||
|
||||
// processRestrictLocal responds with NXDOMAIN to PTR requests for IP addresses
|
||||
@@ -532,8 +522,7 @@ func (s *Server) processRestrictLocal(dctx *dnsContext) (rc resultCode) {
|
||||
// assume that all the DHCP leases we give are locally served or at least
|
||||
// shouldn't be accessible externally.
|
||||
subnetAddr := subnet.Addr()
|
||||
addrData := subnetAddr.AsSlice()
|
||||
if !s.privateNets.Contains(addrData) {
|
||||
if !s.privateNets.Contains(subnetAddr) {
|
||||
return resultCodeSuccess
|
||||
}
|
||||
|
||||
@@ -548,7 +537,7 @@ func (s *Server) processRestrictLocal(dctx *dnsContext) (rc resultCode) {
|
||||
}
|
||||
|
||||
// Do not perform unreversing ever again.
|
||||
dctx.unreversedReqIP = addrData
|
||||
dctx.unreversedReqIP = subnetAddr
|
||||
|
||||
// There is no need to filter request from external addresses since this
|
||||
// code is only executed when the request is for locally served ARPA
|
||||
@@ -573,16 +562,8 @@ func (s *Server) processDHCPAddrs(dctx *dnsContext) (rc resultCode) {
|
||||
return resultCodeSuccess
|
||||
}
|
||||
|
||||
ip := dctx.unreversedReqIP
|
||||
if ip == nil {
|
||||
return resultCodeSuccess
|
||||
}
|
||||
|
||||
// TODO(a.garipov): Remove once we switch to [netip.Addr] more fully.
|
||||
ipAddr, err := netutil.IPToAddrNoMapped(ip)
|
||||
if err != nil {
|
||||
log.Debug("dnsforward: bad reverse ip %v from dhcp: %s", ip, err)
|
||||
|
||||
ipAddr := dctx.unreversedReqIP
|
||||
if ipAddr == (netip.Addr{}) {
|
||||
return resultCodeSuccess
|
||||
}
|
||||
|
||||
@@ -591,7 +572,7 @@ func (s *Server) processDHCPAddrs(dctx *dnsContext) (rc resultCode) {
|
||||
return resultCodeSuccess
|
||||
}
|
||||
|
||||
log.Debug("dnsforward: dhcp client %s is %q", ip, host)
|
||||
log.Debug("dnsforward: dhcp client %s is %q", ipAddr, host)
|
||||
|
||||
req := pctx.Req
|
||||
resp := s.makeResponse(req)
|
||||
@@ -624,7 +605,7 @@ func (s *Server) processLocalPTR(dctx *dnsContext) (rc resultCode) {
|
||||
}
|
||||
|
||||
ip := dctx.unreversedReqIP
|
||||
if ip == nil {
|
||||
if ip == (netip.Addr{}) {
|
||||
return resultCodeSuccess
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user