From faaa4fdf1897085bf8d65f5a1be67551daf9811c Mon Sep 17 00:00:00 2001
From: Cory Snider <csnider@mirantis.com>
Date: Fri, 6 Jan 2023 20:11:15 -0500
Subject: [PATCH] libnetwork: forward unknown PTR queries externally

PTR queries with domain names unknown to us are not necessarily invalid.
Act like a well-behaved middlebox and fall back to forwarding
externally, same as we do with the other query types.

Signed-off-by: Cory Snider <csnider@mirantis.com>
---
 libnetwork/resolver.go | 29 +++++++++++++----------------
 1 file changed, 13 insertions(+), 16 deletions(-)

diff --git a/libnetwork/resolver.go b/libnetwork/resolver.go
index ecd1d198d9..eafc2204d6 100644
--- a/libnetwork/resolver.go
+++ b/libnetwork/resolver.go
@@ -293,26 +293,23 @@ func (r *resolver) handleIPQuery(query *dns.Msg, ipType int) (*dns.Msg, error) {
 }
 
 func (r *resolver) handlePTRQuery(query *dns.Msg) (*dns.Msg, error) {
-	var (
-		parts []string
-		ptr   = query.Question[0].Name
-	)
-
-	if strings.HasSuffix(ptr, ptrIPv4domain) {
-		parts = strings.Split(ptr, ptrIPv4domain)
-	} else if strings.HasSuffix(ptr, ptrIPv6domain) {
-		parts = strings.Split(ptr, ptrIPv6domain)
-	} else {
-		return nil, fmt.Errorf("invalid PTR query, %v", ptr)
+	ptr := query.Question[0].Name
+	name, after, found := strings.Cut(ptr, ptrIPv4domain)
+	if !found || after != "" {
+		name, after, found = strings.Cut(ptr, ptrIPv6domain)
 	}
-
-	host := r.backend.ResolveIP(parts[0])
-
-	if len(host) == 0 {
+	if !found || after != "" {
+		// Not a known IPv4 or IPv6 PTR domain.
+		// Maybe the external DNS servers know what to do with the query?
 		return nil, nil
 	}
 
-	logrus.Debugf("[resolver] lookup for IP %s: name %s", parts[0], host)
+	host := r.backend.ResolveIP(name)
+	if host == "" {
+		return nil, nil
+	}
+
+	logrus.Debugf("[resolver] lookup for IP %s: name %s", name, host)
 	fqdn := dns.Fqdn(host)
 
 	resp := new(dns.Msg)