Skip to content

Commit

Permalink
Refuse dynamic updates properly (#124)
Browse files Browse the repository at this point in the history
  • Loading branch information
@joohoi
joohoi committed Oct 31, 2018
1 parent 1d85bf7 commit 3bb130d
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 1 deletion.
1 change: 1 addition & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -303,6 +303,7 @@ logformat = "text"
- unreleased
- New
- Command line flag `-c` to specify location of config file.
- Proper refusal of dynamic update requests.
- v0.5
- New
- Configurable certificate cache directory
Expand Down
4 changes: 3 additions & 1 deletion dns.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,6 @@ func answer(q dns.Question) ([]dns.RR, int, error) {
if !ok {
rcode = dns.RcodeNameError
}

}
log.WithFields(log.Fields{"qtype": dns.TypeToString[rtype], "domain": domain, "rcode": dns.RcodeToString[rcode]}).Debug("Answering question for domain")
return r, rcode, nil
Expand All @@ -68,6 +67,9 @@ func handleRequest(w dns.ResponseWriter, r *dns.Msg) {

if r.Opcode == dns.OpcodeQuery {
readQuery(m)
} else if r.Opcode == dns.OpcodeUpdate {
log.Debug("Refusing DNS Dynamic update request")
m.MsgHdr.Rcode = dns.RcodeRefused
}

w.WriteMsg(m)
Expand Down

0 comments on commit 3bb130d

Please sign in to comment.