Disable client side nat_dns

2015-12-31 19:24:45 +00:00 · 2015-12-31 19:24:45 +00:00 · dda7fa39c1
commit dda7fa39c1
parent 669e448db5
2 changed files with 12 additions and 18 deletions
--- a/client/fwknop.c
+++ b/client/fwknop.c
@ -893,26 +893,19 @@ set_nat_access(fko_ctx_t ctx, fko_cli_options_t *options, const char * const acc
    /* Check if there is a hostname to resolve as an ip address in the NAT access buffer */
    if (is_hostname_str_with_port(nat_access_buf, hostname, sizeof(hostname), &port))
    {
-        /* Speed up the name resolution by forcing ipv4 (AF_INET).
-         * A NULL pointer could be used instead if there is no constraint.
-         * Maybe when ipv6 support will be enable the structure could initialize the
-         * family to either AF_INET or AF_INET6 */
-        hints.ai_family = AF_INET;

-        if (resolve_dst_addr(hostname, &hints,
-                    dst_ip_str, sizeof(dst_ip_str), options) != 0)
+        /* We now send the hostname, and resolve it server side */
+        snprintf(nat_access_buf, MAX_LINE_LEN, "%s",
+                options->nat_access_str);
+    }
+
+        /* assume just hostname */
+    else
    {
-            log_msg(LOG_VERBOSITY_ERROR, "[*] Unable to resolve %s as an ip address",
-                    hostname);
-            return FKO_ERROR_INVALID_DATA;
-        }
-
        snprintf(nat_access_buf, MAX_LINE_LEN, NAT_ACCESS_STR_TEMPLATE,
-                dst_ip_str, port);
-    }
+            options->nat_access_str, access_port);

-    /* Nothing to resolve */
-    else;
+    }

    if(options->nat_rand_port)
    {
--- a/common/fko_util.c
+++ b/common/fko_util.c
@ -1014,6 +1014,7 @@ ipv4_resolve(const char *dns_str, char *ip_str)
    struct sockaddr_in *sai_remote; /* Remote host information as a sockaddr_in structure */
 #endif

+    memset(&hints, 0 , sizeof(hints));
    hints.ai_family = AF_INET;
    hints.ai_socktype = SOCK_STREAM;
    hints.ai_protocol = IPPROTO_TCP;
@ -1021,7 +1022,7 @@ ipv4_resolve(const char *dns_str, char *ip_str)
    /* Try to resolve the host name */
    error = getaddrinfo(dns_str, NULL, &hints, &result);
    if (error != 0)
-        fprintf(stderr, "resolve_dst_addr() : %s\n", gai_strerror(error));
+        fprintf(stderr, "ipv4_resolve() : %s\n", gai_strerror(error));

    else
    {