Pull request 2205: AGDNS-1982 Fix RDNS HTTP

Squashed commit of the following: commit a7d5023 Merge: 0be18b9 df7f19e Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Apr 15 15:11:51 2024 +0300 Merge branch 'master' into AGDNS-1982-fix-rdns-http commit 0be18b9 Merge: 54c1017 36986a8 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Apr 15 15:04:42 2024 +0300 Merge branch 'master' into AGDNS-1982-fix-rdns-http commit 54c1017 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Apr 15 14:00:14 2024 +0300 all: log changes commit 851a1a3 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Apr 15 13:44:13 2024 +0300 dnsforward: fix http private rdns
annguyen0 · Apr 15, 2024 · 201ac73 · 201ac73
1 parent df7f19e
commit 201ac73
Show file tree

Hide file tree

Showing 2 changed files with 30 additions and 7 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -29,6 +29,8 @@ NOTE: Add new changes BELOW THIS COMMENT.
 
 ### Fixed
 
+- The ability to apply an invalid configuration for private RDNS, which led to
+  server inoperability.
 - Ignoring query log for clients with ClientID set ([#5812]).
 - Subdomains of `in-addr.arpa` and `ip6.arpa` containing zero-length prefix
   incorrectly considered invalid when specified for private RDNS upstream

diff --git a/internal/dnsforward/http.go b/internal/dnsforward/http.go
@@ -1,6 +1,7 @@
 package dnsforward
 
 import (
+	"cmp"
 	"encoding/json"
 	"fmt"
 	"io"
@@ -332,6 +333,28 @@ func (req *jsonDNSConfig) checkBootstrap() (err error) {
 	return nil
 }
 
+// checkPrivateRDNS returns an error if the configuration of the private RDNS is
+// not valid.
+func (req *jsonDNSConfig) checkPrivateRDNS(
+	ownAddrs addrPortSet,
+	sysResolvers SystemResolvers,
+	privateNets netutil.SubnetSet,
+) (err error) {
+	if (req.UsePrivateRDNS == nil || !*req.UsePrivateRDNS) && req.LocalPTRUpstreams == nil {
+		return nil
+	}
+
+	addrs := cmp.Or(req.LocalPTRUpstreams, &[]string{})
+
+	uc, err := newPrivateConfig(*addrs, ownAddrs, sysResolvers, privateNets, &upstream.Options{})
+	err = errors.WithDeferred(err, uc.Close())
+	if err != nil {
+		return fmt.Errorf("private upstream servers: %w", err)
+	}
+
+	return nil
+}
+
 // validateUpstreamDNSServers returns an error if any field of req is invalid.
 func (req *jsonDNSConfig) validateUpstreamDNSServers(
 	ownAddrs addrPortSet,
@@ -349,12 +372,10 @@ func (req *jsonDNSConfig) validateUpstreamDNSServers(
 		}
 	}
 
-	if addrs := req.LocalPTRUpstreams; addrs != nil {
-		uc, err = newPrivateConfig(*addrs, ownAddrs, sysResolvers, privateNets, opts)
-		err = errors.WithDeferred(err, uc.Close())
-		if err != nil {
-			return fmt.Errorf("private upstream servers: %w", err)
-		}
+	err = req.checkPrivateRDNS(ownAddrs, sysResolvers, privateNets)
+	if err != nil {
+		// Don't wrap the error since it's informative enough as is.
+		return err
 	}
 
 	err = req.checkBootstrap()
@@ -440,7 +461,7 @@ func (s *Server) handleSetConfig(w http.ResponseWriter, r *http.Request) {
 	// TODO(e.burkov):  Consider prebuilding this set on startup.
 	ourAddrs, err := s.conf.ourAddrsSet()
 	if err != nil {
-		// TODO(e.burkov):  !! Put into openapi
+		// TODO(e.burkov):  Put into openapi
 		aghhttp.Error(r, w, http.StatusInternalServerError, "getting our addresses: %s", err)
 
 		return