From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <reyuki@gnuweeb.org>
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
	server-vie001.gnuweeb.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.2 required=5.0 tests=ALL_TRUSTED,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,URIBL_ZEN_BLOCKED_OPENDNS
	autolearn=ham autolearn_force=no version=3.4.6
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gnuweeb.org;
	s=new2025; t=1753718908;
	bh=F5yIf+XglSEphBL6BDO3C0DW9IOLhls2IaMr6XZGgzY=;
	h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version:Content-Transfer-Encoding:Message-ID:Date:From:
	 Reply-To:Subject:To:Cc:In-Reply-To:References:Resent-Date:
	 Resent-From:Resent-To:Resent-Cc:User-Agent:Content-Type:
	 Content-Transfer-Encoding;
	b=LC8GEAKrhiAB05/RH6wMdWqTG7XEwXd/G7LmUWxnCj+j1Ep9X6ewVMhyja3J8n1j/
	 dfYVscGnaO4i2LtSZPPxt0MzngEnQr40S2Z7a1L+moQxYKrBBXxT5d6LPardNOUGUw
	 /k7kKVsHYt5qymAsb0LGqwmGEMof/+UpUB2wXGOrVhoFUrE9Dhgf+DTGWjeABDESKK
	 W5LoUfYxjU0unfVBvloPwPBKbAVafwsBzX9tAwayt3x74xku/cu1LB+Rq6X/jMEQb6
	 HaCjsQH+TvLvHuqWSKhGkLaMvE84tw6bXe8+dSMkNAH7Lsen3qfABSQKwq2iXEmPWO
	 skksjgrxS/qfw==
Received: from zero (unknown [182.253.228.104])
	by server-vie001.gnuweeb.org (Postfix) with ESMTPSA id 51B8D3126E80;
	Mon, 28 Jul 2025 16:08:27 +0000 (UTC)
From: Ahmad Gani <reyuki@gnuweeb.org>
To: Ammar Faizi <ammarfaizi2@gnuweeb.org>
Cc: Ahmad Gani <reyuki@gnuweeb.org>,
	GNU/Weeb Mailing List <gwml@vger.gnuweeb.org>
Subject: [PATCH gwproxy v1 2/2] dns: validate restyp on initialization
Date: Mon, 28 Jul 2025 23:07:58 +0700
Message-ID: <20250728160800.95383-3-reyuki@gnuweeb.org>
X-Mailer: git-send-email 2.50.1
In-Reply-To: <20250728160800.95383-1-reyuki@gnuweeb.org>
References: <20250728160800.95383-1-reyuki@gnuweeb.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
List-Id: <gwml.vger.gnuweeb.org>

Return EINVAL on initialization if restyp is invalid.
And then prefer ipv4 if GWP_DNS_RESTYP_DEFAULT is used.

Fixes: 82c86a7256d6 ("gwproxy/dns: Replace the old DNS cache system with a new one.")
Signed-off-by: Ahmad Gani <reyuki@gnuweeb.org>
---
 src/gwproxy/dns.c | 20 +++++++++++++++++++-
 1 file changed, 19 insertions(+), 1 deletion(-)

diff --git a/src/gwproxy/dns.c b/src/gwproxy/dns.c
index f7cbcb2d6e89..b189b33127af 100644
--- a/src/gwproxy/dns.c
+++ b/src/gwproxy/dns.c
@@ -619,7 +619,8 @@ static int fetch_addr(struct gwp_dns_cache_entry *e, struct gwp_sockaddr *addr,
 			if (!fetch_i4(e, addr, port))
 				return -EHOSTUNREACH;
 		}
-	} else if (restyp == GWP_DNS_RESTYP_PREFER_IPV4) {
+	} else if (restyp == GWP_DNS_RESTYP_PREFER_IPV4 ||
+		   restyp == GWP_DNS_RESTYP_DEFAULT) {
 		if (!fetch_i4(e, addr, port)) {
 			if (!fetch_i6(e, addr, port))
 				return -EHOSTUNREACH;
@@ -679,11 +680,28 @@ static void free_cache(struct gwp_dns_cache *cache)
 	cache = NULL;
 }
 
+static inline bool validate_restyp(int restyp)
+{
+	switch (restyp) {
+	case GWP_DNS_RESTYP_DEFAULT:
+	case GWP_DNS_RESTYP_IPV4_ONLY:
+	case GWP_DNS_RESTYP_IPV6_ONLY:
+	case GWP_DNS_RESTYP_PREFER_IPV4:
+	case GWP_DNS_RESTYP_PREFER_IPV6:
+		return true;
+	default:
+		return false;
+	}
+}
+
 int gwp_dns_ctx_init(struct gwp_dns_ctx **ctx_p, const struct gwp_dns_cfg *cfg)
 {
 	struct gwp_dns_ctx *ctx;
 	int r;
 
+	if (!validate_restyp(cfg->restyp))
+		return -EINVAL;
+
 	ctx = calloc(1, sizeof(*ctx));
 	if (!ctx)
 		return -ENOMEM;
-- 
Ahmad Gani