Check the peer address

Just for paranoia, as it is redundant with the connect() call, but cheap enough and the connect() call may eventually be removed.
5 years ago · 82924686d9
parent 0c1ba485f4
commit 82924686d9
1 changed files with 3 additions and 2 deletions
--- a/src/main.rs
+++ b/src/main.rs
@ -112,9 +112,10 @@ async fn handle_client_query(
    let mut response;
    loop {
        response = vec![0u8; DNS_MAX_PACKET_SIZE];
-        let response_len = ext_socket.recv(&mut response[..]).await?;
+        let (response_len, response_addr) = ext_socket.recv_from(&mut response[..]).await?;
        response.truncate(response_len);
-        if response_len >= DNS_HEADER_SIZE
+        if response_addr == globals.upstream_addr
+            && response_len >= DNS_HEADER_SIZE
            && dns::tid(&response) == tid
            && dns::qname(&packet)? == dns::qname(&response)?
        {