From da56c453c7aa1100d45f03046dfffca50cb442d8 Mon Sep 17 00:00:00 2001
From: Shreyas Zare <shreyas@technitium.com>
Date: Sat, 21 Aug 2021 12:13:08 +0530
Subject: [PATCH] BlockListZoneManager: updated allowed list implementation to
 check for domains zone wise so that subdomain names from blocked lists too
 are allowed.

---
 .../Dns/ZoneManagers/BlockListZoneManager.cs   | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

diff --git a/DnsServerCore/Dns/ZoneManagers/BlockListZoneManager.cs b/DnsServerCore/Dns/ZoneManagers/BlockListZoneManager.cs
index 7e31d781..dff0ac18 100644
--- a/DnsServerCore/Dns/ZoneManagers/BlockListZoneManager.cs
+++ b/DnsServerCore/Dns/ZoneManagers/BlockListZoneManager.cs
@@ -223,12 +223,26 @@ namespace DnsServerCore.Dns.ZoneManagers
 
                 domain = GetParentZone(domain);
             }
-            while (domain != null);
+            while (domain is not null);
 
             blockedDomain = null;
             return null;
         }
 
+        private bool IsZoneAllowed(Dictionary<string, object> allowedDomains, string domain)
+        {
+            do
+            {
+                if (allowedDomains.TryGetValue(domain, out _))
+                    return true;
+
+                domain = GetParentZone(domain);
+            }
+            while (domain is not null);
+
+            return false;
+        }
+
         #endregion
 
         #region public
@@ -275,7 +289,7 @@ namespace DnsServerCore.Dns.ZoneManagers
                 {
                     string domain = queue.Dequeue();
 
-                    if (allowedDomains.TryGetValue(domain, out _))
+                    if (IsZoneAllowed(allowedDomains, domain))
                         continue; //domain is in allowed list so skip adding it to block list zone
 
                     if (!blockListZone.TryGetValue(domain, out List<Uri> blockLists))