5411 – rsyncd.conf allow does not like CNAME

Bug 5411 - rsyncd.conf allow does not like CNAME

Summary: rsyncd.conf allow does not like CNAME

Status:	RESOLVED FIXED

Alias:	None

Product:	rsync
Classification:	Unclassified
Component:	core (show other bugs)
Version:	2.6.9
Hardware:	Other Linux

Importance:	P3 normal (vote)
Target Milestone:	---
Assignee:	Wayne Davison
QA Contact:	Rsync QA Contact

URL:
Keywords:

Depends on:
Blocks:

Reported:	2008-04-23 11:38 UTC by Marc Perkel
Modified:	2011-01-03 21:21 UTC (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Marc Perkel 2008-04-23 11:38:31 UTC

When using rsyncd.conf - if the host allow uses a host name and when the FCrDNS of the host name is verified, if the reverse pointer references a CNAME - it doesn't work. The following fails.

hosts allow = *.ctyme.com

Example:

65.49.42.30
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31491
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 3, ADDITIONAL: 5

;; QUESTION SECTION:
;30.42.49.65.in-addr.arpa.      IN      PTR

;; ANSWER SECTION:
30.42.49.65.in-addr.arpa. 22931 IN      CNAME   30.subnet0.42.49.65.in-addr.arpa.
30.subnet0.42.49.65.in-addr.arpa. 8590 IN PTR   dns0.ctyme.com.

Comment 1 Wayne Davison 2011-01-03 21:21:50 UTC

The 3.1.0dev version will now support a CNAME for a host as long as you list the hostname(s) explicitly (i.e. don't try to wild-card match a CNAME).  Wildcard matching can only work against the reverse-DNS name of the connecting IP, since there is no good way to ask for all the IPs that match a wildcard hostname.

Example:

hosts allow = bar.foo.com

That will allow host baz.foo.com to connect if bar.foo.com is a CNAME for baz.foo.com