Modify

Opened 2 years ago

Closed 2 years ago

#21361 closed defect (moved_to_github)

vpnc-scripts incorrectly handle multiple DNS servers per domain

Reported by: biblbroks Owned by: developers
Priority: normal Milestone:
Component: packages Version: Chaos Calmer 15.05
Keywords: Cc:

Description

I have an openconnect setup where the server pushes a split DNS setup with two DNS servers for VPN DNS domain.

/lib/netifd/vpnc-script from vpnc-scripts package (both in 15.05 and trunk) does not handle this configuration correctly.

The problem is in the following bit of shell code that handles DNS variables:

    if [ -n "$INTERNAL_IP4_DNS" ];then
        for dns in "$INTERNAL_IP4_DNS";do
            echo "server=/$i/$dns" >> $DNSMASQ_FILE
        done
    fi

Since $INTERNAL_IP4_DNS variable inside the 'for' statement is in double quotes, it does not get word split and this generates:

server=/foo.bar/1.2.3.4 5.6.7.8

which is invalid syntax for dnsmasq.conf and causes subsequent /etc/init.d/dnsmasq restart to barf, essentially killing all DHCP and DNS on the router.

A simple fix is to remove double quotes surrounding the variable in the 'for' statement (but, of course, not in the 'if' statement above). Note that there is more then one place in the script where this issue is present. With that fix in place, dnsmasq.conf is correctly generated and everything works as expected.

Attachments (0)

Change History (1)

comment:1 Changed 2 years ago by swalker

  • Resolution set to moved_to_github
  • Status changed from new to closed

Add Comment

Modify Ticket

Action
as closed .
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.