From 3299a77da3d5e4ddd1269ddae3b6f6f8aa9e43e5 Mon Sep 17 00:00:00 2001 From: "Sijie.Sun" Date: Sun, 24 Aug 2025 18:24:42 +0800 Subject: [PATCH] make magic dns domain check robust (#1288) --- easytier/src/instance/dns_server/config.rs | 2 +- .../instance/dns_server/server_instance.rs | 25 +++++-------------- easytier/src/instance/dns_server/tests.rs | 23 +++++++++++++---- 3 files changed, 25 insertions(+), 25 deletions(-) diff --git a/easytier/src/instance/dns_server/config.rs b/easytier/src/instance/dns_server/config.rs index e249ecf..d00f8a3 100644 --- a/easytier/src/instance/dns_server/config.rs +++ b/easytier/src/instance/dns_server/config.rs @@ -68,7 +68,7 @@ pub struct Record { } impl Record { - fn name(&self) -> anyhow::Result { + pub fn name(&self) -> anyhow::Result { let name = rr::Name::from_str(self.name.as_str())?; Ok(name) } diff --git a/easytier/src/instance/dns_server/server_instance.rs b/easytier/src/instance/dns_server/server_instance.rs index c25d21b..e78a0e1 100644 --- a/easytier/src/instance/dns_server/server_instance.rs +++ b/easytier/src/instance/dns_server/server_instance.rs @@ -70,20 +70,6 @@ pub(super) struct MagicDnsServerInstanceData { } impl MagicDnsServerInstanceData { - fn is_valid_subdomain_label(s: &str) -> bool { - let s = s.trim(); - - // 长度检查:1-63 个字符 - if s.is_empty() || s.len() > 63 { - return false; - } - - // 检查每个字符是否合法,并确保不以 '-' 开头或结尾 - s.chars().all(|c| matches!(c, 'a'..='z' | '0'..='9' | '-')) - && !s.starts_with('-') - && !s.ends_with('-') - } - pub async fn update_dns_records<'a, T: Iterator>( &self, routes: T, @@ -95,11 +81,6 @@ impl MagicDnsServerInstanceData { continue; } - // check host name valid for dns - if !Self::is_valid_subdomain_label(&route.hostname) { - continue; - } - let Some(ipv4_addr) = route.ipv4_addr.unwrap_or_default().address else { continue; }; @@ -111,6 +92,12 @@ impl MagicDnsServerInstanceData { .ttl(Duration::from_secs(1)) .build()?; + // check record name valid for dns + if let Err(e) = record.name() { + tracing::error!("Invalid subdomain label: {}", e); + continue; + } + records.push(record); } diff --git a/easytier/src/instance/dns_server/tests.rs b/easytier/src/instance/dns_server/tests.rs index 443d4cb..e750323 100644 --- a/easytier/src/instance/dns_server/tests.rs +++ b/easytier/src/instance/dns_server/tests.rs @@ -84,11 +84,23 @@ async fn test_magic_dns_server_instance() { .await .unwrap(); - let routes = vec![Route { - hostname: "test1".to_string(), - ipv4_addr: Some(Ipv4Inet::from_str("8.8.8.8/24").unwrap().into()), - ..Default::default() - }]; + let routes = vec![ + Route { + hostname: "test1".to_string(), + ipv4_addr: Some(Ipv4Inet::from_str("8.8.8.8/24").unwrap().into()), + ..Default::default() + }, + Route { + hostname: "中文".to_string(), + ipv4_addr: Some(Ipv4Inet::from_str("8.8.8.8/24").unwrap().into()), + ..Default::default() + }, + Route { + hostname: ".invalid".to_string(), + ipv4_addr: Some(Ipv4Inet::from_str("8.8.8.8/24").unwrap().into()), + ..Default::default() + }, + ]; dns_server_inst .data .update_dns_records(routes.iter(), DEFAULT_ET_DNS_ZONE) @@ -96,6 +108,7 @@ async fn test_magic_dns_server_instance() { .unwrap(); check_dns_record(&fake_ip, "test1.et.net", "8.8.8.8").await; + check_dns_record(&fake_ip, "中文.et.net", "8.8.8.8").await; } #[tokio::test]