diff options
| author |  tobi <31960611+tsmethurst@users.noreply.github.com> | 2022-06-11 11:09:31 +0200 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2022-06-11 11:09:31 +0200 |
| commit | cf5c6d724d381a867a7ff5d82fb9432e26c395e8 (patch) | |
| tree | 859bb6fa4a3de2fdcb218b24bb33ab7219e80ce7 /vendor/github.com/miekg/dns/acceptfunc.go | |
| parent | [chore] Webfinger rework (#627) (diff) | |
| download | gotosocial-cf5c6d724d381a867a7ff5d82fb9432e26c395e8.tar.xz | |
[chore] Validate/set account domain (#619)
* add miekg/dns dependency
* set/validate accountDomain
Diffstat (limited to 'vendor/github.com/miekg/dns/acceptfunc.go')
| -rw-r--r-- | vendor/github.com/miekg/dns/acceptfunc.go | 62 |
1 files changed, 62 insertions, 0 deletions
diff --git a/vendor/github.com/miekg/dns/acceptfunc.go b/vendor/github.com/miekg/dns/acceptfunc.go new file mode 100644 index 000000000..ac479db95 --- /dev/null +++ b/vendor/github.com/miekg/dns/acceptfunc.go @@ -0,0 +1,62 @@ +package dns + +// MsgAcceptFunc is used early in the server code to accept or reject a message with RcodeFormatError. +// It returns a MsgAcceptAction to indicate what should happen with the message. +type MsgAcceptFunc func(dh Header) MsgAcceptAction + +// DefaultMsgAcceptFunc checks the request and will reject if: +// +// * isn't a request (don't respond in that case) +// +// * opcode isn't OpcodeQuery or OpcodeNotify +// +// * Zero bit isn't zero +// +// * does not have exactly 1 question in the question section +// +// * has more than 1 RR in the Answer section +// +// * has more than 0 RRs in the Authority section +// +// * has more than 2 RRs in the Additional section +// +var DefaultMsgAcceptFunc MsgAcceptFunc = defaultMsgAcceptFunc + +// MsgAcceptAction represents the action to be taken. +type MsgAcceptAction int + +// Allowed returned values from a MsgAcceptFunc. +const ( + MsgAccept MsgAcceptAction = iota // Accept the message + MsgReject // Reject the message with a RcodeFormatError + MsgIgnore // Ignore the error and send nothing back. + MsgRejectNotImplemented // Reject the message with a RcodeNotImplemented +) + +func defaultMsgAcceptFunc(dh Header) MsgAcceptAction { + if isResponse := dh.Bits&_QR != 0; isResponse { + return MsgIgnore + } + + // Don't allow dynamic updates, because then the sections can contain a whole bunch of RRs. + opcode := int(dh.Bits>>11) & 0xF + if opcode != OpcodeQuery && opcode != OpcodeNotify { + return MsgRejectNotImplemented + } + + if dh.Qdcount != 1 { + return MsgReject + } + // NOTIFY requests can have a SOA in the ANSWER section. See RFC 1996 Section 3.7 and 3.11. + if dh.Ancount > 1 { + return MsgReject + } + // IXFR request could have one SOA RR in the NS section. See RFC 1995, section 3. + if dh.Nscount > 1 { + return MsgReject + } + if dh.Arcount > 2 { + return MsgReject + } + return MsgAccept +} |