From 5c80fcb79ccb46292ae4a89559a06413b90333de Mon Sep 17 00:00:00 2001 From: Kaarle Ritvanen Date: Sat, 26 Jan 2019 13:19:31 +0200 Subject: host.resolve: properly handle CNAME records --- awall-cli | 4 ++-- awall/host.lua | 23 +++++++++++++---------- 2 files changed, 15 insertions(+), 12 deletions(-) diff --git a/awall-cli b/awall-cli index dd920cc..0786709 100755 --- a/awall-cli +++ b/awall-cli @@ -2,7 +2,7 @@ --[[ Alpine Wall -Copyright (C) 2012-2018 Kaarle Ritvanen +Copyright (C) 2012-2019 Kaarle Ritvanen See LICENSE file for license details ]]-- @@ -20,7 +20,7 @@ if not table.unpack then table.unpack = unpack end function help() io.stderr:write([[ Alpine Wall -Copyright (C) 2012-2018 Kaarle Ritvanen +Copyright (C) 2012-2019 Kaarle Ritvanen This is free software with ABSOLUTELY NO WARRANTY, available under the terms of the GNU General Public License, version 2 diff --git a/awall/host.lua b/awall/host.lua index bd44bd8..6959a6b 100644 --- a/awall/host.lua +++ b/awall/host.lua @@ -1,6 +1,6 @@ --[[ Host address resolver for Alpine Wall -Copyright (C) 2012-2018 Kaarle Ritvanen +Copyright (C) 2012-2019 Kaarle Ritvanen See LICENSE file for license details ]]-- @@ -30,16 +30,19 @@ function M.resolve(host, context) if not dnscache[host] then dnscache[host] = {} for family, rtype in pairs{inet='A', inet6='AAAA'} do + local answer for rec in io.popen('drill '..host..' '..rtype):lines() do - local name, addr = rec:match( - '^('..familypatterns.domain..')%s+%d+%s+IN%s+'..rtype.. - '%s+(.+)' - ) - - if name and name:sub(1, host:len() + 1) == host..'.' then - assert(getfamily(addr, context) == family) - table.insert(dnscache[host], {family, addr}) - end + if answer then + if rec == '' then break end + local addr = rec:match( + '^'..familypatterns.domain..'%s+%d+%s+IN%s+'..rtype.. + '%s+(.+)' + ) + if addr then + assert(getfamily(addr, context) == family) + table.insert(dnscache[host], {family, addr}) + end + elseif rec == ';; ANSWER SECTION:' then answer = true end end end if not dnscache[host][1] then -- cgit v1.2.3