config: do not allow an ANY address as DNS recursor

This commit is contained in:
Frank Schroeder 2017-10-20 20:00:45 +02:00
parent 41b4d3b2e2
commit 6628ca1cf1
No known key found for this signature in database
GPG key ID: 4D65C6EAEC87DECD
2 changed files with 14 additions and 0 deletions

View file

@ -726,6 +726,11 @@ func (b *Builder) Validate(rt RuntimeConfig) error {
return fmt.Errorf("DNS address cannot be a unix socket")
}
}
for _, a := range rt.DNSRecursors {
if ipaddr.IsAny(a) {
return fmt.Errorf("DNS recursor address cannot be 0.0.0.0, :: or [::]")
}
}
if rt.Bootstrap && !rt.ServerMode {
return fmt.Errorf("'bootstrap = true' requires 'server = true'")
}

View file

@ -1463,6 +1463,15 @@ func TestConfigFlagsAndEdgecases(t *testing.T) {
hcl: []string{`advertise_addr_wan = "::"`},
err: "Advertise WAN address cannot be 0.0.0.0, :: or [::]",
},
{
desc: "recursors any",
flags: []string{
`-data-dir=` + dataDir,
},
json: []string{`{ "recursors": ["::"] }`},
hcl: []string{`recursors = ["::"]`},
err: "DNS recursor address cannot be 0.0.0.0, :: or [::]",
},
{
desc: "dns_config.udp_answer_limit invalid",
flags: []string{