diff options
| author |  Miek Gieben <miek@miek.nl>
| 2018-02-08 12:59:30 +0000 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2018-02-08 12:59:30 +0000 |
| commit | 74a9d28f1b500260a2512db0cc9c535f9389595a (patch) | |
| tree | 8d91e4b4efd67bed603f87f1e4adfa4f531a62b1 | |
| parent | 5a0adabceac88e00c0c70cacec1ce25603fc5995 (diff) | |
| download | coredns-74a9d28f1b500260a2512db0cc9c535f9389595a.tar.gz coredns-74a9d28f1b500260a2512db0cc9c535f9389595a.tar.zst coredns-74a9d28f1b500260a2512db0cc9c535f9389595a.zip | |
core: unblock CH class for forward as well (#1498)
Retweak this a little to make it slightly easier to *not* forget this,
but it is hardly perfect. Should probably make it an interface a plugin
can implement and then unblock if we see that interface.
| -rw-r--r-- | core/dnsserver/server.go | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/core/dnsserver/server.go b/core/dnsserver/server.go index 83c9c6168..db5ef88b4 100644 --- a/core/dnsserver/server.go +++ b/core/dnsserver/server.go @@ -41,7 +41,7 @@ type Server struct { } // NewServer returns a new CoreDNS server and compiles all plugins in to it. By default CH class -// queries are blocked unless the chaos or proxy is loaded. +// queries are blocked unless queries from enableChaos are loaded. func NewServer(addr string, group []*Config) (*Server, error) { s := &Server{ @@ -79,7 +79,8 @@ func NewServer(addr string, group []*Config) (*Server, error) { s.trace = t } } - if stack.Name() == "chaos" || stack.Name() == "proxy" { + // Unblock CH class queries when any of these plugins are loaded. + if _, ok := enableChaos[stack.Name()]; ok { s.classChaos = true } } @@ -319,5 +320,13 @@ const ( udp = 1 ) +// enableChaos is a map with plugin names for which we should open CH class queries as +// we block these by default. +var enableChaos = map[string]bool{ + "chaos": true, + "forward": true, + "proxy": true, +} + // Quiet mode will not show any informative output on initialization. var Quiet bool |