diff --git a/cmd/meshnamed/main.go b/cmd/meshnamed/main.go index 1aaaf3d..4378db3 100644 --- a/cmd/meshnamed/main.go +++ b/cmd/meshnamed/main.go @@ -30,8 +30,8 @@ func parseNetworks(networksconf string) (map[string]*net.IPNet, error) { var ( listenAddr, networksconf string - getName, getIP string - debug, noMeshIP, allowRemote bool + getName, getIP string + debug, noMeshIP bool ) func init() { @@ -40,7 +40,6 @@ func init() { flag.BoolVar(&noMeshIP, "nomeship", false, "disable .meship resolver") flag.StringVar(&getName, "getname", "", "convert IPv6 address to a name") flag.StringVar(&getIP, "getip", "", "convert a name to IPv6 address") - flag.BoolVar(&allowRemote, "allowremote", false, "allow remote queries from any IP address") flag.BoolVar(&debug, "debug", false, "enable debug logging") } @@ -78,7 +77,7 @@ func main() { logger.Fatalln(err) } - s := meshname.New(logger, listenAddr, networks, !noMeshIP, allowRemote) + s := meshname.New(logger, listenAddr, networks, !noMeshIP) if err := s.Start(); err != nil { logger.Fatal(err) diff --git a/pkg/meshname/server.go b/pkg/meshname/server.go index 17d8c53..be44e0e 100644 --- a/pkg/meshname/server.go +++ b/pkg/meshname/server.go @@ -3,7 +3,6 @@ package meshname import ( "errors" "net" - "strings" "sync" "github.com/gologme/log" @@ -17,14 +16,13 @@ type MeshnameServer struct { dnsServer *dns.Server networks map[string]*net.IPNet enableMeshIP bool - allowRemote bool startedLock sync.RWMutex started bool } // New is a constructor for MeshnameServer -func New(log *log.Logger, listenAddr string, networks map[string]*net.IPNet, enableMeshIP bool, allowRemote bool) *MeshnameServer { +func New(log *log.Logger, listenAddr string, networks map[string]*net.IPNet, enableMeshIP bool) *MeshnameServer { dnsClient := new(dns.Client) dnsClient.Timeout = 5000000000 // increased 5 seconds timeout @@ -34,7 +32,6 @@ func New(log *log.Logger, listenAddr string, networks map[string]*net.IPNet, ena networks: networks, dnsClient: dnsClient, enableMeshIP: enableMeshIP, - allowRemote: allowRemote, } } @@ -99,21 +96,18 @@ func (s *MeshnameServer) handleMeshnameRequest(w dns.ResponseWriter, r *dns.Msg) } subDomain := labels[len(labels)-2] - if s.isRemoteLookupAllowed(w.RemoteAddr()) { - // do remote lookups only for local clients - resolvedAddr, err := IPFromDomain(&subDomain) - if err != nil { - s.log.Debugln(err) - continue - } - // check subnet validity - tld := labels[len(labels)-1] + resolvedAddr, err := IPFromDomain(&subDomain) + if err != nil { + s.log.Debugln(err) + continue + } + // check subnet validity + tld := labels[len(labels)-1] - if subnet, ok := s.networks[tld]; ok && subnet.Contains(resolvedAddr) { - remoteLookups[resolvedAddr.String()] = append(remoteLookups[resolvedAddr.String()], q) - } else { - s.log.Debugln("Error: subnet doesn't match") - } + if subnet, ok := s.networks[tld]; ok && subnet.Contains(resolvedAddr) { + remoteLookups[resolvedAddr.String()] = append(remoteLookups[resolvedAddr.String()], q) + } else { + s.log.Debugln("Error: subnet doesn't match") } } @@ -165,15 +159,6 @@ func (s *MeshnameServer) handleMeshIPRequest(w dns.ResponseWriter, r *dns.Msg) { } } -func (s *MeshnameServer) isRemoteLookupAllowed(addr net.Addr) bool { - // TODO prefix whitelists ? - if s.allowRemote { - return true - } - ra := addr.String() - return strings.HasPrefix(ra, "[::1]:") || strings.HasPrefix(ra, "127.0.0.1:") -} - func (s *MeshnameServer) IsStarted() bool { s.startedLock.RLock() started := s.started