diff options
| author |  kadern0 <kaderno@gmail.com>
| 2020-04-10 04:26:28 +1000 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2020-04-09 11:26:28 -0700 |
| commit | e410760a49ee3d1179a7c9f8771d0d5a0301940b (patch) | |
| tree | 3f59efbd9c6d04eeb0a5062c03eddf2d3aeb1543 | |
| parent | 08120096ebb1baa119c8f13e0e23001b453a92f6 (diff) | |
| download | coredns-e410760a49ee3d1179a7c9f8771d0d5a0301940b.tar.gz coredns-e410760a49ee3d1179a7c9f8771d0d5a0301940b.tar.zst coredns-e410760a49ee3d1179a7c9f8771d0d5a0301940b.zip | |
plugin/forward: crash if using https (#3817)
Signed-off-by: kadern0 <kaderno@gmail.com>
| -rw-r--r-- | plugin/forward/setup.go | 5 | ||||
| -rw-r--r-- | plugin/forward/setup_test.go | 1 |
2 files changed, 6 insertions, 0 deletions
diff --git a/plugin/forward/setup.go b/plugin/forward/setup.go index 8070369c9..b5eeab912 100644 --- a/plugin/forward/setup.go +++ b/plugin/forward/setup.go @@ -99,8 +99,13 @@ func parseStanza(c *caddy.Controller) (*Forward, error) { } transports := make([]string, len(toHosts)) + allowedTrans := map[string]bool{"dns": true, "tls": true} for i, host := range toHosts { trans, h := parse.Transport(host) + + if !allowedTrans[trans] { + return f, fmt.Errorf("'%s' is not supported as a destination protocol in forward: %s", trans, host) + } p := NewProxy(h, trans) f.proxies = append(f.proxies, p) transports[i] = trans diff --git a/plugin/forward/setup_test.go b/plugin/forward/setup_test.go index 0949e0935..6864136e4 100644 --- a/plugin/forward/setup_test.go +++ b/plugin/forward/setup_test.go @@ -37,6 +37,7 @@ func TestSetup(t *testing.T) { {"forward . 127.0.0.1 {\nblaatl\n}\n", true, "", nil, 0, options{hcRecursionDesired: true}, "unknown property"}, {`forward . ::1 forward com ::2`, true, "", nil, 0, options{hcRecursionDesired: true}, "plugin"}, + {"forward . https://127.0.0.1 \n", true, ".", nil, 2, options{hcRecursionDesired: true}, "'https' is not supported as a destination protocol in forward: https://127.0.0.1"}, } for i, test := range tests { |