mirror of
https://github.com/oxen-io/lokinet
synced 2023-12-14 06:53:00 +01:00
Make upstream= override work; reject non-default upstream port
If you specify upstream= then you get no upstream, if you give one then you use that instead of the default, but you can still list multiple. unbound doesn't support an upstream port, so bail if the user gives a non-port-53 response.
This commit is contained in:
parent
d129b0432a
commit
01013c1963
|
@ -355,23 +355,32 @@ namespace llarp
|
|||
DnsConfig::defineConfigOptions(ConfigDefinition& conf, const ConfigGenParameters& params)
|
||||
{
|
||||
(void)params;
|
||||
auto parseDNSAddr = [](auto arg) {
|
||||
IpAddress addr{arg};
|
||||
if (not addr.getPort())
|
||||
addr.setPort(53);
|
||||
return addr;
|
||||
};
|
||||
|
||||
constexpr auto DefaultUpstreamDNS = "1.1.1.1:53";
|
||||
// Default, but if we get any upstream (including upstream=, i.e. empty string) we clear it
|
||||
constexpr auto DefaultUpstreamDNS = "1.1.1.1";
|
||||
m_upstreamDNS.emplace_back(DefaultUpstreamDNS);
|
||||
|
||||
conf.defineOption<std::string>(
|
||||
"dns", "upstream", false, true, DefaultUpstreamDNS, [=](std::string arg) {
|
||||
"dns", "upstream", false, true, DefaultUpstreamDNS, [=, first=true](std::string arg) mutable {
|
||||
if (first)
|
||||
{
|
||||
m_upstreamDNS.clear();
|
||||
first = false;
|
||||
}
|
||||
if (!arg.empty())
|
||||
m_upstreamDNS.push_back(parseDNSAddr(std::move(arg)));
|
||||
{
|
||||
auto& addr = m_upstreamDNS.emplace_back(std::move(arg));
|
||||
if (auto p = addr.getPort(); p && *p != 53)
|
||||
// unbound doesn't support specifying a port, so bail if the user gave a non-default port
|
||||
throw std::invalid_argument(stringify("Invalid [dns] upstream setting: non-default DNS ports are not supported"));
|
||||
addr.setPort(std::nullopt);
|
||||
}
|
||||
});
|
||||
|
||||
conf.defineOption<std::string>("dns", "bind", false, "127.3.2.1:53", [=](std::string arg) {
|
||||
m_bind = parseDNSAddr(std::move(arg));
|
||||
m_bind = IpAddress{std::move(arg)};
|
||||
if (!m_bind.getPort())
|
||||
m_bind.setPort(53);
|
||||
});
|
||||
|
||||
// Ignored option (used by the systemd service file to disable resolvconf configuration).
|
||||
|
|
Loading…
Reference in a new issue