|
|
e87dd3 |
From c3d10a1132ada7baa80914f61abb720f94400465 Mon Sep 17 00:00:00 2001
|
|
|
e87dd3 |
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
|
|
|
e87dd3 |
Date: Tue, 14 Mar 2017 15:23:22 +0100
|
|
|
e87dd3 |
Subject: [PATCH 1/2] Warn when using label in default mode
|
|
|
e87dd3 |
|
|
|
e87dd3 |
---
|
|
|
e87dd3 |
src/dnsmasq.c | 2 ++
|
|
|
e87dd3 |
src/dnsmasq.h | 3 ++-
|
|
|
e87dd3 |
src/network.c | 13 +++++++++++++
|
|
|
e87dd3 |
3 files changed, 17 insertions(+), 1 deletion(-)
|
|
|
e87dd3 |
|
|
|
e87dd3 |
diff --git a/src/dnsmasq.c b/src/dnsmasq.c
|
|
|
e87dd3 |
index 456b0e8..d2cc7cc 100644
|
|
|
e87dd3 |
--- a/src/dnsmasq.c
|
|
|
e87dd3 |
+++ b/src/dnsmasq.c
|
|
|
e87dd3 |
@@ -771,6 +771,8 @@ int main (int argc, char **argv)
|
|
|
e87dd3 |
|
|
|
e87dd3 |
if (option_bool(OPT_NOWILD))
|
|
|
e87dd3 |
warn_bound_listeners();
|
|
|
e87dd3 |
+ else if (!option_bool(OPT_CLEVERBIND))
|
|
|
e87dd3 |
+ warn_wild_labels();
|
|
|
e87dd3 |
|
|
|
e87dd3 |
warn_int_names();
|
|
|
e87dd3 |
|
|
|
e87dd3 |
diff --git a/src/dnsmasq.h b/src/dnsmasq.h
|
|
|
e87dd3 |
index a27fbc1..6b44e53 100644
|
|
|
e87dd3 |
--- a/src/dnsmasq.h
|
|
|
e87dd3 |
+++ b/src/dnsmasq.h
|
|
|
e87dd3 |
@@ -522,7 +522,7 @@ struct ipsets {
|
|
|
e87dd3 |
struct irec {
|
|
|
e87dd3 |
union mysockaddr addr;
|
|
|
e87dd3 |
struct in_addr netmask; /* only valid for IPv4 */
|
|
|
e87dd3 |
- int tftp_ok, dhcp_ok, mtu, done, warned, dad, dns_auth, index, multicast_done, found;
|
|
|
e87dd3 |
+ int tftp_ok, dhcp_ok, mtu, done, warned, dad, dns_auth, index, multicast_done, found, label;
|
|
|
e87dd3 |
char *name;
|
|
|
e87dd3 |
struct irec *next;
|
|
|
e87dd3 |
};
|
|
|
e87dd3 |
@@ -1252,6 +1252,7 @@ int enumerate_interfaces(int reset);
|
|
|
e87dd3 |
void create_wildcard_listeners(void);
|
|
|
e87dd3 |
void create_bound_listeners(int die);
|
|
|
e87dd3 |
void warn_bound_listeners(void);
|
|
|
e87dd3 |
+void warn_wild_labels(void);
|
|
|
e87dd3 |
void warn_int_names(void);
|
|
|
e87dd3 |
int is_dad_listeners(void);
|
|
|
e87dd3 |
int iface_check(int family, struct all_addr *addr, char *name, int *auth_dns);
|
|
|
e87dd3 |
diff --git a/src/network.c b/src/network.c
|
|
|
e87dd3 |
index eb41624..e5ceb76 100644
|
|
|
e87dd3 |
--- a/src/network.c
|
|
|
e87dd3 |
+++ b/src/network.c
|
|
|
e87dd3 |
@@ -244,6 +244,7 @@ static int iface_allowed(struct iface_param *param, int if_index, char *label,
|
|
|
e87dd3 |
int tftp_ok = !!option_bool(OPT_TFTP);
|
|
|
e87dd3 |
int dhcp_ok = 1;
|
|
|
e87dd3 |
int auth_dns = 0;
|
|
|
e87dd3 |
+ int is_label = 0;
|
|
|
e87dd3 |
#if defined(HAVE_DHCP) || defined(HAVE_TFTP)
|
|
|
e87dd3 |
struct iname *tmp;
|
|
|
e87dd3 |
#endif
|
|
|
e87dd3 |
@@ -264,6 +265,8 @@ static int iface_allowed(struct iface_param *param, int if_index, char *label,
|
|
|
e87dd3 |
|
|
|
e87dd3 |
if (!label)
|
|
|
e87dd3 |
label = ifr.ifr_name;
|
|
|
e87dd3 |
+ else
|
|
|
e87dd3 |
+ is_label = strcmp(label, ifr.ifr_name);
|
|
|
e87dd3 |
|
|
|
e87dd3 |
/* maintain a list of all addresses on all interfaces for --local-service option */
|
|
|
e87dd3 |
if (option_bool(OPT_LOCAL_SERVICE))
|
|
|
e87dd3 |
@@ -482,6 +485,7 @@ static int iface_allowed(struct iface_param *param, int if_index, char *label,
|
|
|
e87dd3 |
iface->found = 1;
|
|
|
e87dd3 |
iface->done = iface->multicast_done = iface->warned = 0;
|
|
|
e87dd3 |
iface->index = if_index;
|
|
|
e87dd3 |
+ iface->label = is_label;
|
|
|
e87dd3 |
if ((iface->name = whine_malloc(strlen(ifr.ifr_name)+1)))
|
|
|
e87dd3 |
{
|
|
|
e87dd3 |
strcpy(iface->name, ifr.ifr_name);
|
|
|
e87dd3 |
@@ -1034,6 +1038,15 @@ void warn_bound_listeners(void)
|
|
|
e87dd3 |
my_syslog(LOG_WARNING, _("LOUD WARNING: use --bind-dynamic rather than --bind-interfaces to avoid DNS amplification attacks via these interface(s)"));
|
|
|
e87dd3 |
}
|
|
|
e87dd3 |
|
|
|
e87dd3 |
+void warn_wild_labels(void)
|
|
|
e87dd3 |
+{
|
|
|
e87dd3 |
+ struct irec *iface;
|
|
|
e87dd3 |
+
|
|
|
e87dd3 |
+ for (iface = daemon->interfaces; iface; iface = iface->next)
|
|
|
e87dd3 |
+ if (iface->found && iface->name && iface->label)
|
|
|
e87dd3 |
+ my_syslog(LOG_WARNING, _("warning: using interface %s instead"), iface->name);
|
|
|
e87dd3 |
+}
|
|
|
e87dd3 |
+
|
|
|
e87dd3 |
void warn_int_names(void)
|
|
|
e87dd3 |
{
|
|
|
e87dd3 |
struct interface_name *intname;
|
|
|
e87dd3 |
--
|
|
|
e87dd3 |
2.9.3
|
|
|
e87dd3 |
|