[Dnsmasq-discuss] [PATCH] Accept /32 and /0 as valid CIDR prefixes for rev-server directive
Simon Kelley
simon at thekelleys.org.uk
Tue Feb 14 15:17:54 GMT 2017
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
That's an improvement, but I tend to agree that /0 doesn't make much
sense. If we're going to patch this, it seems to make more sense to
reject anything other that /32 /24 /16 or /8.
The ideal solution would be to accept any prefix length and generate
the (up to) 256 --server equivalents that it corresponds to. If
you're going to have syntactic sugar, it may as well work for you.
Cheers,
Simon.
On 13/02/17 23:31, olivier.gayot at sigexec.com wrote:
> From: Olivier Gayot <olivier.gayot at sigexec.com>
>
> [ excerpt from the man page ] The rev-server directive provides a
> syntactic sugar to make specifying address-to-name queries easier.
> For example --rev-server=1.2.3.0/24,192.168.0.1 is exactly
> equivalent to --server=/3.2.1.in-addr.arpa/192.168.0.1
>
> It is not mentioned in the man page but specifying anything but /8
> or /24 as the CIDR prefix has the same effect as specifying /16.
>
> It is not a big deal for subnets on non-octet boundaries since
> they cannot be represented using a single in-addr.arpa address.
> However, it is unconvenient for /32 and /0 prefixes while their
> analogous server directives behave as expected. E.g. the following
> server directives work as expected:
>
> server=/42.10.168.192.in-addr.arpa/1.2.3.4
> server=/in-addr.arpa/1.2.3.4
>
> but the following do not:
>
> rev-server=192.168.10.42/32,1.2.3.4
> rev-server=192.168.10.42/0,1.2.3.4
>
> and, in practice, they behave the same as:
>
> server=/168.192.in-addr.arpa/1.2.3.4
> server=/168.192.in-addr.arpa/1.2.3.4
>
> This strange behaviour is fixed by accepting /32 and /0 CIDR
> prefixes as valid values. Any other value will still be considered
> the same as /16.
>
> Signed-off-by: Olivier Gayot <olivier.gayot at sigexec.com> ---
> src/option.c | 31 +++++++++++++++++++++---------- 1 file changed,
> 21 insertions(+), 10 deletions(-)
>
> diff --git a/src/option.c b/src/option.c index 4a5ef5f..eeca3d6
> 100644 --- a/src/option.c +++ b/src/option.c @@ -850,19 +850,30 @@
> char *parse_server(char *arg, union mysockaddr *addr, union
> mysockaddr *source_a static struct server *add_rev4(struct in_addr
> addr, int msize) { struct server *serv = opt_malloc(sizeof(struct
> server)); - in_addr_t a = ntohl(addr.s_addr) >> 8; + in_addr_t
> a = ntohl(addr.s_addr); char *p;
>
> memset(serv, 0, sizeof(struct server)); - p = serv->domain =
> opt_malloc(25); /* strlen("xxx.yyy.zzz.in-addr.arpa")+1 */ - - if
> (msize == 24) - p += sprintf(p, "%d.", a & 0xff); - a = a >>
> 8; - if (msize != 8) - p += sprintf(p, "%d.", a & 0xff); - a =
> a >> 8; - p += sprintf(p, "%d.in-addr.arpa", a & 0xff); + p =
> serv->domain = opt_malloc(29); /*
> strlen("xxx.yyy.zzz.ttt.in-addr.arpa")+1 */ + + switch (msize) +
> { + case 32: + p += sprintf(p, "%d.", a & 0xff); + /*
> fall through */ + case 24: + p += sprintf(p, "%d.", (a >>
> 8) & 0xff); + /* fall through */ + default: + case 16: +
> p += sprintf(p, "%d.", (a >> 16) & 0xff); + /* fall through
> */ + case 8: + p += sprintf(p, "%d.in-addr.arpa", (a >> 24)
> & 0xff); + break; + case 0: + p += sprintf(p,
> "in-addr.arpa"); + }
>
> serv->flags = SERV_HAS_DOMAIN; serv->next = daemon->servers;
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
iQIcBAEBCAAGBQJYox+hAAoJEBXN2mrhkTWiBSUQAJQxq6yD3Tcw/39On0QcLcfy
aZTerALrzgrwlpyH4yVWeztrA3pFK1uVLIhnQP161zR+NJRI5Bo0J7tAOElETm3k
QQ0HEu16skPHdmzlmbR1MMLoVKn4myh6hDm5iFSAf+jsCpItAzYo5Cy9/oAz3PNU
Hp1SKxYNwrcSTw5FQrLpNuhZxbqvkA5KiU3URcnzv3mW2YbMzcjrULL7hF7xfN0t
2iwI8shObm/3FMDux7jX1wuRPQALWokaXFhAyOTDUVBONavA4W/PxS+8VvV4noi4
dFh6FMhJYPggUh7v02PTOoPtSuvaLNGt1vgWeHt1sqTXEo6rVsft085fKwH1uONw
SGWrGhnFaVDewHeEoB46K6qg7LYSoLa1cgv8li8QJ9ZTSiFC7ZqIWsXBQ5oqlGzr
0iR6jo1yqISvwyek8nogsgNWI4zx/mmC1AXhR/OjE8Y/3MA87rhpY+t/U2ZJug5e
f611DvKCl4iQuL/EyWY7hCIK7XCHi4ACx7sosN21zgL2/ToLshaF7i3rcYC6F/Bx
5GGgv6x6WiXWRMk82YiqcEphnOdphsWen4ZMHTdlBIzZ1EXpD5XwhDHTzzmD3SlT
oNjwPR1Gmkt1yXxLSvvr6mp7XFRDQOJMWDHvmfroH4p2hcxyB/2dSbhLjrfri0nL
WsjDDAhdIM1aHokLmLqi
=mtD9
-----END PGP SIGNATURE-----
More information about the Dnsmasq-discuss
mailing list