upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-06-11 06:39:59 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

implemented 'allow-query' config option

Browse source
This commit is contained in:
Andreas Gustafsson 1999-12-10 18:15:32 +00:00
parent 5cee8302fc
commit 0fb226f025
1 changed files with 20 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
bin/named/query.c
View file

@ -28,6 +28,7 @@
#include <isc/log.h>
#include <dns/a6.h>
#include <dns/aml.h>
#include <dns/db.h>
#include <dns/dbtable.h>
#include <dns/dispatch.h>
@ -1693,6 +1694,7 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
dns_fixedname_t fixed;
dns_dbversion_t *version;
dns_zone_t *zone;
dns_c_ipmatchlist_t *queryacl;
/*
* One-time initialization.
@ -1815,6 +1817,24 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
} else
version = NULL;
/*
* Check the query against the "allow-query" AML.
*/
if (is_zone) {
queryacl = dns_zone_getqueryacl(zone);
} else {
queryacl = NULL;
(void) dns_c_ctx_getqueryacl(ns_g_confctx, &queryacl);
}
result = dns_aml_checkrequest(client->signer,
ns_client_getsockaddr(client),
ns_g_confctx->acls, "query",
queryacl, NULL, ISC_TRUE);
if (result != DNS_R_SUCCESS) {
QUERY_ERROR(result);
goto cleanup;
}
/*
* Find the first unanswered type in the question section.
*/