From 2c2875cdba2726ac2ab27a6797cb06e20ca19671 Mon Sep 17 00:00:00 2001
From: Shreyas Zare <shreyas@technitium.com>
Date: Sun, 10 May 2020 13:37:40 +0530
Subject: [PATCH] DnsServer: fixed x-real-ip parsing issue in
 ProcessDoHRequest(). Fixed IXFR issue in ProcessQuery().

---
 DnsServerCore/Dns/DnsServer.cs | 28 +++++++++++++++-------------
 1 file changed, 15 insertions(+), 13 deletions(-)

diff --git a/DnsServerCore/Dns/DnsServer.cs b/DnsServerCore/Dns/DnsServer.cs
index 71eb22dd..f44fdb8e 100644
--- a/DnsServerCore/Dns/DnsServer.cs
+++ b/DnsServerCore/Dns/DnsServer.cs
@@ -649,11 +649,10 @@ namespace DnsServerCore.Dns
                     if (usingReverseProxy)
                     {
                         string xRealIp = requestHeaders["X-Real-IP"];
-
-                        if (!string.IsNullOrEmpty(xRealIp))
+                        if (IPAddress.TryParse(xRealIp, out IPAddress address))
                         {
                             //get the real IP address of the requesting client from X-Real-IP header set in nginx proxy_pass block
-                            remoteEP = new IPEndPoint(IPAddress.Parse(xRealIp), 0);
+                            remoteEP = new IPEndPoint(address, 0);
                         }
                     }
 
@@ -944,26 +943,29 @@ namespace DnsServerCore.Dns
                     {
                         switch (request.Question[0].Type)
                         {
-                            case DnsResourceRecordType.IXFR:
                             case DnsResourceRecordType.AXFR:
                                 if (protocol == DnsTransportProtocol.Udp)
                                     return new DnsDatagram(new DnsHeader(request.Header.Identifier, true, DnsOpcode.StandardQuery, false, false, request.Header.RecursionDesired, isRecursionAllowed, false, false, DnsResponseCode.FormatError, request.Header.QDCOUNT, 0, 0, 0), request.Question, null, null, null);
 
                                 return ProcessZoneTransferQuery(request, remoteEP, isRecursionAllowed);
 
+                            case DnsResourceRecordType.IXFR:
+                                return ProcessZoneTransferQuery(request, remoteEP, isRecursionAllowed);
+
                             case DnsResourceRecordType.MAILB:
                             case DnsResourceRecordType.MAILA:
                                 return new DnsDatagram(new DnsHeader(request.Header.Identifier, true, DnsOpcode.StandardQuery, false, false, request.Header.RecursionDesired, isRecursionAllowed, false, false, DnsResponseCode.NotImplemented, request.Header.QDCOUNT, 0, 0, 0), request.Question, null, null, null);
+
+                            default:
+                                //query authoritative zone
+                                DnsDatagram authoritativeResponse = ProcessAuthoritativeQuery(request, isRecursionAllowed);
+
+                                if ((authoritativeResponse.Header.RCODE != DnsResponseCode.Refused) || !request.Header.RecursionDesired || !isRecursionAllowed)
+                                    return authoritativeResponse;
+
+                                //do recursive query
+                                return ProcessRecursiveQuery(request);
                         }
-
-                        //query authoritative zone
-                        DnsDatagram authoritativeResponse = ProcessAuthoritativeQuery(request, isRecursionAllowed);
-
-                        if ((authoritativeResponse.Header.RCODE != DnsResponseCode.Refused) || !request.Header.RecursionDesired || !isRecursionAllowed)
-                            return authoritativeResponse;
-
-                        //do recursive query
-                        return ProcessRecursiveQuery(request);
                     }
                     catch (Exception ex)
                     {