1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
|
From f6bea86c78ba9efbd01da3dd2fb18764ec806290 Mon Sep 17 00:00:00 2001
From: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Date: Wed, 7 Sep 2016 09:35:07 +0100
Subject: [PATCH] dnsmasq: compile time option NO_ID
Some consider it good practice to obscure software version numbers to
clients. Compiling with -DNO_ID removes the *.bind info structure.
This includes: version, author, copyright, cachesize, cache insertions,
evictions, misses & hits, auth & servers.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
---
src/cache.c | 2 ++
src/config.h | 5 +++++
src/dnsmasq.h | 4 ++++
src/option.c | 8 ++++++--
src/rfc1035.c | 3 ++-
5 files changed, 19 insertions(+), 3 deletions(-)
--- a/src/cache.c
+++ b/src/cache.c
@@ -1290,6 +1290,7 @@ void cache_add_dhcp_entry(char *host_nam
}
#endif
+#ifndef NO_ID
int cache_make_stat(struct txt_record *t)
{
static char *buff = NULL;
@@ -1385,6 +1386,7 @@ int cache_make_stat(struct txt_record *t
*buff = len;
return 1;
}
+#endif
/* There can be names in the cache containing control chars, don't
mess up logging or open security holes. */
--- a/src/config.h
+++ b/src/config.h
@@ -120,6 +120,8 @@ HAVE_LOOP
HAVE_INOTIFY
use the Linux inotify facility to efficiently re-read configuration files.
+NO_ID
+ Don't report *.bind CHAOS info to clients.
NO_IPV6
NO_TFTP
NO_DHCP
@@ -434,6 +436,9 @@ static char *compile_opts =
"no-"
#endif
"DNSSEC "
+#ifdef NO_ID
+"no-ID "
+#endif
#ifndef HAVE_LOOP
"no-"
#endif
--- a/src/dnsmasq.h
+++ b/src/dnsmasq.h
@@ -286,6 +286,7 @@ struct naptr {
struct naptr *next;
};
+#ifndef NO_ID
#define TXT_STAT_CACHESIZE 1
#define TXT_STAT_INSERTS 2
#define TXT_STAT_EVICTIONS 3
@@ -293,6 +294,7 @@ struct naptr {
#define TXT_STAT_HITS 5
#define TXT_STAT_AUTH 6
#define TXT_STAT_SERVERS 7
+#endif
struct txt_record {
char *name;
@@ -1078,7 +1080,9 @@ void cache_add_dhcp_entry(char *host_nam
struct in_addr a_record_from_hosts(char *name, time_t now);
void cache_unhash_dhcp(void);
void dump_cache(time_t now);
+#ifndef NO_ID
int cache_make_stat(struct txt_record *t);
+#endif
char *cache_get_name(struct crec *crecp);
char *cache_get_cname_target(struct crec *crecp);
struct crec *cache_enumerate(int init);
--- a/src/option.c
+++ b/src/option.c
@@ -657,7 +657,8 @@ static int atoi_check8(char *a, int *res
return 1;
}
#endif
-
+
+#ifndef NO_ID
static void add_txt(char *name, char *txt, int stat)
{
struct txt_record *r = opt_malloc(sizeof(struct txt_record));
@@ -670,13 +671,14 @@ static void add_txt(char *name, char *tx
*(r->txt) = len;
memcpy((r->txt)+1, txt, len);
}
-
+
r->stat = stat;
r->name = opt_string_alloc(name);
r->next = daemon->txt;
daemon->txt = r;
r->class = C_CHAOS;
}
+#endif
static void do_usage(void)
{
@@ -4515,6 +4517,7 @@ void read_opts(int argc, char **argv, ch
daemon->soa_expiry = SOA_EXPIRY;
daemon->max_port = MAX_PORT;
+#ifndef NO_ID
add_txt("version.bind", "dnsmasq-" VERSION, 0 );
add_txt("authors.bind", "Simon Kelley", 0);
add_txt("copyright.bind", COPYRIGHT, 0);
@@ -4527,6 +4530,7 @@ void read_opts(int argc, char **argv, ch
add_txt("auth.bind", NULL, TXT_STAT_AUTH);
#endif
add_txt("servers.bind", NULL, TXT_STAT_SERVERS);
+#endif
while (1)
{
--- a/src/rfc1035.c
+++ b/src/rfc1035.c
@@ -1264,6 +1264,7 @@ size_t answer_request(struct dns_header
unsigned long ttl = daemon->local_ttl;
int ok = 1;
log_query(F_CONFIG | F_RRNAME, name, NULL, "<TXT>");
+#ifndef NO_ID
/* Dynamically generate stat record */
if (t->stat != 0)
{
@@ -1271,7 +1272,7 @@ size_t answer_request(struct dns_header
if (!cache_make_stat(t))
ok = 0;
}
-
+#endif
if (ok && add_resource_record(header, limit, &trunc, nameoffset, &ansp,
ttl, NULL,
T_TXT, t->class, "t", t->len, t->txt))
|
