diff options
| author | Marc-André Lureau <marcandre.lureau@gmail.com> | 2020-03-24 10:09:59 +0000 |
|---|---|---|
| committer | Marc-André Lureau <marcandre.lureau@gmail.com> | 2020-03-24 10:09:59 +0000 |
| commit | 2707893bee79cb5859b70c96b41ca4ff174333c3 (patch) | |
| tree | 0ba8343eb320923d75883716424e3cd7ef9a11be | |
| parent | 55ab21c9a36852915b81f1b41ebaf3b6509dd8ba (diff) | |
| parent | 0f94ceec752592e4ac632a24e3c64a97dd09bf4c (diff) | |
| download | slirp-2707893bee79cb5859b70c96b41ca4ff174333c3.zip slirp-2707893bee79cb5859b70c96b41ca4ff174333c3.tar.gz slirp-2707893bee79cb5859b70c96b41ca4ff174333c3.tar.bz2 | |
Merge branch 'master' into 'master'
Limit dns passthrough to port 53 only and `disable_dns`
Closes #16
See merge request slirp/libslirp!31
| -rw-r--r-- | src/libslirp.h | 3 | ||||
| -rw-r--r-- | src/slirp.c | 7 | ||||
| -rw-r--r-- | src/slirp.h | 1 | ||||
| -rw-r--r-- | src/socket.c | 8 |
4 files changed, 14 insertions, 5 deletions
diff --git a/src/libslirp.h b/src/libslirp.h index fb4c7e8..caea7ed 100644 --- a/src/libslirp.h +++ b/src/libslirp.h @@ -67,7 +67,7 @@ typedef struct SlirpCb { } SlirpCb; #define SLIRP_CONFIG_VERSION_MIN 1 -#define SLIRP_CONFIG_VERSION_MAX 2 +#define SLIRP_CONFIG_VERSION_MAX 3 typedef struct SlirpConfig { /* Version must be provided */ @@ -109,6 +109,7 @@ typedef struct SlirpConfig { */ struct sockaddr_in *outbound_addr; struct sockaddr_in6 *outbound_addr6; + bool disable_dns; /* slirp will not redirect/serve any DNS packet */ } SlirpConfig; Slirp *slirp_new(const SlirpConfig *cfg, const SlirpCb *callbacks, diff --git a/src/slirp.c b/src/slirp.c index 14458e8..4053d34 100644 --- a/src/slirp.c +++ b/src/slirp.c @@ -338,6 +338,13 @@ Slirp *slirp_new(const SlirpConfig *cfg, const SlirpCb *callbacks, void *opaque) slirp->outbound_addr = NULL; slirp->outbound_addr6 = NULL; } + + if (cfg->version >= 3) { + slirp->disable_dns = cfg->disable_dns; + } else { + slirp->disable_dns = false; + } + return slirp; } diff --git a/src/slirp.h b/src/slirp.h index 32634bc..47d861b 100644 --- a/src/slirp.h +++ b/src/slirp.h @@ -202,6 +202,7 @@ struct Slirp { struct sockaddr_in *outbound_addr; struct sockaddr_in6 *outbound_addr6; + bool disable_dns; /* slirp will not redirect/serve any DNS packet */ }; void if_start(Slirp *); diff --git a/src/socket.c b/src/socket.c index 4cd9a64..cd2f89e 100644 --- a/src/socket.c +++ b/src/socket.c @@ -821,8 +821,8 @@ void sofwdrain(struct socket *so) static bool sotranslate_out4(Slirp *s, struct socket *so, struct sockaddr_in *sin) { - if (so->so_faddr.s_addr == s->vnameserver_addr.s_addr) { - return get_dns_addr(&sin->sin_addr) >= 0; + if (!s->disable_dns && so->so_faddr.s_addr == s->vnameserver_addr.s_addr) { + return so->so_fport == htons(53) && get_dns_addr(&sin->sin_addr) >= 0; } if (so->so_faddr.s_addr == s->vhost_addr.s_addr || @@ -839,9 +839,9 @@ static bool sotranslate_out4(Slirp *s, struct socket *so, struct sockaddr_in *si static bool sotranslate_out6(Slirp *s, struct socket *so, struct sockaddr_in6 *sin) { - if (in6_equal(&so->so_faddr6, &s->vnameserver_addr6)) { + if (!s->disable_dns && in6_equal(&so->so_faddr6, &s->vnameserver_addr6)) { uint32_t scope_id; - if (get_dns6_addr(&sin->sin6_addr, &scope_id) >= 0) { + if (so->so_fport == htons(53) && get_dns6_addr(&sin->sin6_addr, &scope_id) >= 0) { sin->sin6_scope_id = scope_id; return true; } |