Mirrors/coredns
1
0
Fork 0
mirror of https://github.com/coredns/coredns.git synced 2025-11-17 17:32:18 -05:00
Code Issues Packages Projects Releases Wiki Activity

plugin/transfer: only allow outgoing axfr over tcp (#4452)

Browse Source 
* plugin/transfer: only allow outgoing axfr over tcp

Return refused when the query comes in over udp.
No need to add a new test case as the current crop needed to be changed
to use TCP.

Fixes: #4450

Signed-off-by: Miek Gieben <miek@miek.nl>

* transfer tests: this needs tcp as well

Signed-off-by: Miek Gieben <miek@miek.nl>
This commit is contained in:
Miek Gieben
2021-02-05 10:51:29 +01:00
committed by GitHub
parent 03812bb1e7
commit 56bc7f399a
5 changed files with 17 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
plugin/transfer/transfer_test.go
View File

@@ -91,7 +91,7 @@ func TestTransferNonZone(t *testing.T) {
ctx := context.TODO()
for _, tc := range []string{"sub.example.org.", "example.test."} {
w := dnstest.NewRecorder(&test.ResponseWriter{})
w := dnstest.NewRecorder(&test.ResponseWriter{TCP: true})
m := &dns.Msg{}
m.SetAxfr(tc)
@@ -114,7 +114,7 @@ func TestTransferNotAXFRorIXFR(t *testing.T) {
transfer := newTestTransfer()
ctx := context.TODO()
w := dnstest.NewRecorder(&test.ResponseWriter{})
w := dnstest.NewRecorder(&test.ResponseWriter{TCP: true})
m := &dns.Msg{}
m.SetQuestion("test.domain.", dns.TypeA)
@@ -136,7 +136,7 @@ func TestTransferAXFRExampleOrg(t *testing.T) {
transfer := newTestTransfer()
ctx := context.TODO()
w := dnstest.NewMultiRecorder(&test.ResponseWriter{})
w := dnstest.NewMultiRecorder(&test.ResponseWriter{TCP: true})
m := &dns.Msg{}
m.SetAxfr(transfer.xfrs[0].Zones[0])
@@ -152,7 +152,7 @@ func TestTransferAXFRExampleCom(t *testing.T) {
transfer := newTestTransfer()
ctx := context.TODO()
w := dnstest.NewMultiRecorder(&test.ResponseWriter{})
w := dnstest.NewMultiRecorder(&test.ResponseWriter{TCP: true})
m := &dns.Msg{}
m.SetAxfr(transfer.xfrs[1].Zones[0])
@@ -170,7 +170,7 @@ func TestTransferIXFRCurrent(t *testing.T) {
testPlugin := transfer.Transferers[0].(*transfererPlugin)
ctx := context.TODO()
w := dnstest.NewMultiRecorder(&test.ResponseWriter{})
w := dnstest.NewMultiRecorder(&test.ResponseWriter{TCP: true})
m := &dns.Msg{}
m.SetIxfr(transfer.xfrs[0].Zones[0], testPlugin.Serial, "ns.dns."+testPlugin.Zone, "hostmaster.dns."+testPlugin.Zone)
@@ -200,7 +200,7 @@ func TestTransferIXFRFallback(t *testing.T) {
testPlugin := transfer.Transferers[0].(*transfererPlugin)
ctx := context.TODO()
w := dnstest.NewMultiRecorder(&test.ResponseWriter{})
w := dnstest.NewMultiRecorder(&test.ResponseWriter{TCP: true})
m := &dns.Msg{}
m.SetIxfr(
transfer.xfrs[0].Zones[0],
@@ -262,7 +262,7 @@ func TestTransferNotAllowed(t *testing.T) {
}
ctx := context.TODO()
w := dnstest.NewRecorder(&test.ResponseWriter{})
w := dnstest.NewRecorder(&test.ResponseWriter{TCP: true})
m := &dns.Msg{}
m.SetAxfr(transfer.xfrs[0].Zones[0])