Remove the useless remote IP check

2021-10-31 18:46:29 +00:00 · 2021-10-31 18:46:29 +00:00 · 6610db601b
commit 6610db601b
parent 166705fc60
2 changed files with 15 additions and 31 deletions
--- a/cmd/meshnamed/main.go
+++ b/cmd/meshnamed/main.go
@ -30,8 +30,8 @@ func parseNetworks(networksconf string) (map[string]*net.IPNet, error) {
 var (
 	listenAddr, networksconf string
-	getName, getIP                      string
+	getName, getIP           string
-	debug, noMeshIP, allowRemote        bool
+	debug, noMeshIP          bool
 )
 func init() {
@ -40,7 +40,6 @@ func init() {
 	flag.BoolVar(&noMeshIP, "nomeship", false, "disable .meship resolver")
 	flag.StringVar(&getName, "getname", "", "convert IPv6 address to a name")
 	flag.StringVar(&getIP, "getip", "", "convert a name to IPv6 address")
 	flag.BoolVar(&allowRemote, "allowremote", false, "allow remote queries from any IP address")
 	flag.BoolVar(&debug, "debug", false, "enable debug logging")
 }
@ -78,7 +77,7 @@ func main() {
 		logger.Fatalln(err)
 	}
-	s := meshname.New(logger, listenAddr, networks, !noMeshIP, allowRemote)
+	s := meshname.New(logger, listenAddr, networks, !noMeshIP)
 	if err := s.Start(); err != nil {
 		logger.Fatal(err)
--- a/pkg/meshname/server.go
+++ b/pkg/meshname/server.go
@ -3,7 +3,6 @@ package meshname
 import (
 	"errors"
 	"net"
 	"strings"
 	"sync"
 	"github.com/gologme/log"
@ -17,14 +16,13 @@ type MeshnameServer struct {
 	dnsServer    *dns.Server
 	networks     map[string]*net.IPNet
 	enableMeshIP bool
 	allowRemote  bool
 	startedLock sync.RWMutex
 	started     bool
 }
 // New is a constructor for MeshnameServer
-func New(log *log.Logger, listenAddr string, networks map[string]*net.IPNet, enableMeshIP bool, allowRemote bool) *MeshnameServer {
+func New(log *log.Logger, listenAddr string, networks map[string]*net.IPNet, enableMeshIP bool) *MeshnameServer {
 	dnsClient := new(dns.Client)
 	dnsClient.Timeout = 5000000000 // increased 5 seconds timeout
@ -34,7 +32,6 @@ func New(log *log.Logger, listenAddr string, networks map[string]*net.IPNet, ena
 		networks:     networks,
 		dnsClient:    dnsClient,
 		enableMeshIP: enableMeshIP,
 		allowRemote:  allowRemote,
 	}
 }
@ -99,21 +96,18 @@ func (s *MeshnameServer) handleMeshnameRequest(w dns.ResponseWriter, r *dns.Msg)
 		}
 		subDomain := labels[len(labels)-2]
-		if s.isRemoteLookupAllowed(w.RemoteAddr()) {
+		resolvedAddr, err := IPFromDomain(&subDomain)
-			// do remote lookups only for local clients
+		if err != nil {
-			resolvedAddr, err := IPFromDomain(&subDomain)
+			s.log.Debugln(err)
-			if err != nil {
+			continue
-				s.log.Debugln(err)
+		}
-				continue
+		// check subnet validity
-			}
+		tld := labels[len(labels)-1]
 			// check subnet validity
 			tld := labels[len(labels)-1]
-			if subnet, ok := s.networks[tld]; ok && subnet.Contains(resolvedAddr) {
+		if subnet, ok := s.networks[tld]; ok && subnet.Contains(resolvedAddr) {
-				remoteLookups[resolvedAddr.String()] = append(remoteLookups[resolvedAddr.String()], q)
+			remoteLookups[resolvedAddr.String()] = append(remoteLookups[resolvedAddr.String()], q)
-			} else {
+		} else {
-				s.log.Debugln("Error: subnet doesn't match")
+			s.log.Debugln("Error: subnet doesn't match")
 			}
 		}
 	}
@ -165,15 +159,6 @@ func (s *MeshnameServer) handleMeshIPRequest(w dns.ResponseWriter, r *dns.Msg) {
 	}
 }
 func (s *MeshnameServer) isRemoteLookupAllowed(addr net.Addr) bool {
 	// TODO prefix whitelists ?
 	if s.allowRemote {
 		return true
 	}
 	ra := addr.String()
 	return strings.HasPrefix(ra, "[::1]:") || strings.HasPrefix(ra, "127.0.0.1:")
 }
 func (s *MeshnameServer) IsStarted() bool {
 	s.startedLock.RLock()
 	started := s.started