1
--- maradns-1.3.03/server/MaraDNS.c.orig 2007-01-14 16:22:14.000000000 -0800
2
+++ maradns-1.3.03/server/MaraDNS.c 2007-01-14 16:22:17.000000000 -0800
4
if(dos_protection_level == 78 ) {
7
+ /* When dos_protection_level is 79, the only authoritative-type thing we
8
+ * do is report the version number of MaraDNS if they ask for it and have
9
+ * the authority to get this information */
10
+ if(dos_protection_level == 79) {
11
+ goto report_version;
14
/* We don't process RR_ANY records if dos_protection_level is greater
23
/* A TXT query to "version.maradns." will
24
return the version of MaraDNS being run. This only
25
works if we are not authoritative for "maradns.org", since
26
@@ -3221,7 +3228,12 @@
27
&& no_fingerprint != 1 && debug_msg_level >= 1) {
28
result_code = easter_egg(header.id,sock,ect,origq,
29
"Tversion.maradns.",RR_TXT,"MaraDNS version ",
34
+ "Broken compile, VERSION not defined"
37
if(result_code == JS_SUCCESS) {
38
js_destroy(lookfor); js_destroy(origq); js_destroy(lc);
40
@@ -3230,7 +3242,12 @@
46
+ /* At dos_protection_level 79, the only authoritative-type thing we do
47
+ * is let them see the version number of MaraDNS (see above) */
48
+ if(dos_protection_level == 79 ) {
49
+ goto recursive_call;
52
/* A TXT query to "numthreads.maradns." tells us the number of
53
threads that MaraDNS is running; this is only enabled if
54
@@ -4550,6 +4567,11 @@
55
if(make_ip_acl(verbstr,admin_acl,500,0) == JS_ERROR)
56
harderror("Could not make admin_acl list");
58
+ default_dos_level = 78; /* 78: Recursive-only; 0: default when
59
+ * there is one or more zonefiles */
60
+ if(admin_acl[0].ip != 0xffffffff) {
61
+ default_dos_level = 79; /* 79: Only check for Tversion.maradns. */
64
/* Anything after this does not need recursion enabled for the
65
kvar in question to be read */
66
@@ -4779,16 +4801,14 @@
67
/* populate_main uses qual timestamps for the csv2 zone files */
69
value = populate_main(bighash,errors,recursion_enabled);
70
- default_dos_level = 78; /* No authoritative records in cache */
71
+ /* If we have one or more elements in the cache, we will need to look
72
+ * through the cache for elements (default_dos_level, in this context,
73
+ * allows us to save time when doing just recursive queries by not
74
+ * bothering with cache lookups) */
75
if(value == JS_SUCCESS) {
76
default_dos_level = 0;
79
- /* Set the dos_protection_level to see if we disable some features
80
- * to protect us from a denial of service attack. */
81
- dos_protection_level =
82
- read_numeric_kvar("dos_protection_level",default_dos_level);
85
harderror(L_NOPOPULATE); /* "Error running populate_main program" */
86
else if(value == -2) {
87
@@ -4797,6 +4817,11 @@
88
harderror(L_POPULATE_FATAL); /* "This error in populate hash is fatal" */
91
+ /* Set the dos_protection_level to see if we disable some features
92
+ * to protect us from a denial of service attack. */
93
+ dos_protection_level =
94
+ read_numeric_kvar("dos_protection_level",default_dos_level);
96
if(verbstr != 0) { js_destroy(verbstr); }
97
verbstr = read_string_kvar("csv2_default_zonefile");
98
if(verbstr !=0 && js_length(verbstr) > 0) {