diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 15:26:00 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 15:26:00 +0000 |
commit | 830407e88f9d40d954356c3754f2647f91d5c06a (patch) | |
tree | d6a0ece6feea91f3c656166dbaa884ef8a29740e /modules/workarounds | |
parent | Initial commit. (diff) | |
download | knot-resolver-830407e88f9d40d954356c3754f2647f91d5c06a.tar.xz knot-resolver-830407e88f9d40d954356c3754f2647f91d5c06a.zip |
Adding upstream version 5.6.0.upstream/5.6.0upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r-- | modules/workarounds/.packaging/test.config | 4 | ||||
-rw-r--r-- | modules/workarounds/README.rst | 11 | ||||
-rw-r--r-- | modules/workarounds/workarounds.lua | 23 |
3 files changed, 38 insertions, 0 deletions
diff --git a/modules/workarounds/.packaging/test.config b/modules/workarounds/.packaging/test.config new file mode 100644 index 0000000..c420810 --- /dev/null +++ b/modules/workarounds/.packaging/test.config @@ -0,0 +1,4 @@ +-- SPDX-License-Identifier: GPL-3.0-or-later +modules.load('workarounds') +assert(workarounds) +quit() diff --git a/modules/workarounds/README.rst b/modules/workarounds/README.rst new file mode 100644 index 0000000..fcb04aa --- /dev/null +++ b/modules/workarounds/README.rst @@ -0,0 +1,11 @@ +.. SPDX-License-Identifier: GPL-3.0-or-later + +.. _mod-workarounds: + +Module `workarounds` resolver behavior on specific broken sub-domains. +Currently it mainly disables case randomization. + +.. code-block:: lua + + modules.load('workarounds < iterate') + diff --git a/modules/workarounds/workarounds.lua b/modules/workarounds/workarounds.lua new file mode 100644 index 0000000..4ce7c47 --- /dev/null +++ b/modules/workarounds/workarounds.lua @@ -0,0 +1,23 @@ +-- SPDX-License-Identifier: GPL-3.0-or-later +-- Load dependent module +if not policy then modules.load('policy') end + +local M = {} -- the module + +function M.config() + policy.add(policy.suffix(policy.FLAGS('NO_0X20'), { + -- https://github.com/DNS-OARC/dns-violations/blob/master/2017/DVE-2017-0003.md + todname('avqs.mcafee.com'), todname('avts.mcafee.com'), + + -- https://github.com/DNS-OARC/dns-violations/blob/master/2017/DVE-2017-0006.md + -- Obtained via a reverse search on {ns1,ns3}.panthercdn.com. + todname('cdnga.com'), todname('cdngc.com'), todname('cdngd.com'), + todname('cdngl.com'), todname('cdngm.com'), + todname('cdngc.net'), todname('panthercdn.com'), + + todname('magazine-fashion.net.'), + })) +end + +return M + |