Add support for search-only resolvers

2022-03-16 10:30:48 +01:00
parent 25ce4b7c84
commit 2a930b6362
3 changed files with 21 additions and 0 deletions
--- a/resolver/scopes.go
+++ b/resolver/scopes.go
@@ -179,6 +179,7 @@ var (
 	errInsecureProtocol = errors.New("insecure protocols disabled")
 	errAssignedServer   = errors.New("assigned (dhcp) nameservers disabled")
 	errMulticastDNS     = errors.New("multicast DNS disabled")
+	errOutOfScope       = errors.New("query out of scope for resolver")
 )

 func (q *Query) checkCompliance() error {
@@ -236,5 +237,10 @@ func (resolver *Resolver) checkCompliance(_ context.Context, q *Query) error {
 		}
 	}

+	// Check if the resolver should only be used for the search scopes.
+	if resolver.SearchOnly && !domainInScope(q.dotPrefixedFQDN, resolver.Search) {
+		return errOutOfScope
+	}
+
 	return nil
 }