aboutsummaryrefslogtreecommitdiff
path: root/middleware/file/zone.go
diff options
context:
space:
mode:
Diffstat (limited to 'middleware/file/zone.go')
-rw-r--r--middleware/file/zone.go14
1 files changed, 12 insertions, 2 deletions
diff --git a/middleware/file/zone.go b/middleware/file/zone.go
index 7592798f0..a216f8af8 100644
--- a/middleware/file/zone.go
+++ b/middleware/file/zone.go
@@ -2,6 +2,7 @@ package file
import (
"fmt"
+ "net"
"path"
"strings"
"sync"
@@ -55,12 +56,12 @@ func NewZone(name, file string) *Zone {
return z
}
-// Copy copies a zone *without* copying the zone's content. It is not a deep copy.
func (z *Zone) Copy() *Zone {
z1 := NewZone(z.origin, z.file)
z1.TransferTo = z.TransferTo
z1.TransferFrom = z.TransferFrom
z1.Expired = z.Expired
+
z1.Apex = z.Apex
return z1
}
@@ -113,11 +114,20 @@ func (z *Zone) Insert(r dns.RR) error {
func (z *Zone) Delete(r dns.RR) { z.Tree.Delete(r) }
// TransferAllowed checks if incoming request for transferring the zone is allowed according to the ACLs.
-func (z *Zone) TransferAllowed(req request.Request) bool {
+func (z *Zone) TransferAllowed(state request.Request) bool {
for _, t := range z.TransferTo {
if t == "*" {
return true
}
+ // If remote IP matches we accept.
+ remote := state.IP()
+ to, _, err := net.SplitHostPort(t)
+ if err != nil {
+ continue
+ }
+ if to == remote {
+ return true
+ }
}
// TODO(miek): future matching against IP/CIDR notations
return false
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-06 11:04:27 +0000