Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

dnsdist: Add DoH3 headers, query string, path and scheme bindings #15002

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

dnsdist: Add DoH3 headers, query string, path and scheme bindings #15002

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
6c41945
dnsdist: Add DoH3 headers, query string, path and scheme bindings
rgacogne Dec 30, 2024
44caebc
dnsdist: Fix clang-tidy warnings
rgacogne Dec 30, 2024
f8b88c4
dnsdist: Don't dereference a null pointer when accessing DoH{,3} head…
rgacogne Dec 30, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions pdns/dnsdistdist/Makefile.am
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -480,12 +480,15 @@ endif

if HAVE_DNS_OVER_HTTP3
dnsdist_SOURCES += doh3.cc
testrunner_SOURCES += doh3.cc
endif

if HAVE_QUICHE
AM_CPPFLAGS += $(QUICHE_CFLAGS)
dnsdist_LDADD += $(QUICHE_LDFLAGS) $(QUICHE_LIBS)
dnsdist_SOURCES += doq-common.cc
testrunner_SOURCES += doq-common.cc
testrunner_LDADD += $(QUICHE_LDFLAGS) $(QUICHE_LIBS)
endif

if !HAVE_LUA_HPP
Expand Down
43 changes: 28 additions & 15 deletions pdns/dnsdistdist/dnsdist-doh-common.cc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,15 +32,23 @@ HTTPHeaderRule::HTTPHeaderRule(const std::string& header, const std::string& reg

bool HTTPHeaderRule::matches(const DNSQuestion* dq) const
{
if (!dq->ids.du) {
if (dq->ids.du) {
const auto& headers = dq->ids.du->getHTTPHeaders();
for (const auto& header : headers) {
if (header.first == d_header) {
return d_regex.match(header.second);
}
}
return false;
}

const auto& headers = dq->ids.du->getHTTPHeaders();
for (const auto& header : headers) {
if (header.first == d_header) {
return d_regex.match(header.second);
if (dq->ids.doh3u) {
const auto& headers = dq->ids.doh3u->getHTTPHeaders();
for (const auto& header : headers) {
if (header.first == d_header) {
return d_regex.match(header.second);
}
}
return false;
}
return false;
}
Expand All @@ -57,12 +65,14 @@ HTTPPathRule::HTTPPathRule(std::string path) :

bool HTTPPathRule::matches(const DNSQuestion* dq) const
{
if (!dq->ids.du) {
return false;
if (dq->ids.du) {
const auto path = dq->ids.du->getHTTPPath();
return d_path == path;
}

const auto path = dq->ids.du->getHTTPPath();
return d_path == path;
if (dq->ids.doh3u) {
return dq->ids.doh3u->getHTTPPath() == d_path;
}
return false;
}

string HTTPPathRule::toString() const
Expand All @@ -77,11 +87,14 @@ HTTPPathRegexRule::HTTPPathRegexRule(const std::string& regex) :

bool HTTPPathRegexRule::matches(const DNSQuestion* dq) const
{
if (!dq->ids.du) {
return false;
if (dq->ids.du) {
const auto path = dq->ids.du->getHTTPPath();
return d_regex.match(path);
}

return d_regex.match(dq->ids.du->getHTTPPath());
if (dq->ids.doh3u) {
return d_regex.match(dq->ids.doh3u->getHTTPPath());
}
return false;
}

string HTTPPathRegexRule::toString() const
Expand Down
45 changes: 30 additions & 15 deletions pdns/dnsdistdist/dnsdist-lua-bindings-dnsquestion.cc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -513,38 +513,53 @@ void setupLuaBindingsDNSQuestion(LuaContext& luaCtx)

#ifdef HAVE_DNS_OVER_HTTPS
luaCtx.registerFunction<std::string (DNSQuestion::*)(void) const>("getHTTPPath", [](const DNSQuestion& dnsQuestion) {
if (dnsQuestion.ids.du == nullptr) {
return std::string();
if (dnsQuestion.ids.du) {
return dnsQuestion.ids.du->getHTTPPath();
}
if (dnsQuestion.ids.doh3u) {
return dnsQuestion.ids.doh3u->getHTTPPath();
}
return dnsQuestion.ids.du->getHTTPPath();
return std::string();
});

luaCtx.registerFunction<std::string (DNSQuestion::*)(void) const>("getHTTPQueryString", [](const DNSQuestion& dnsQuestion) {
if (dnsQuestion.ids.du == nullptr) {
return std::string();
if (dnsQuestion.ids.du) {
return dnsQuestion.ids.du->getHTTPQueryString();
}
return dnsQuestion.ids.du->getHTTPQueryString();
if (dnsQuestion.ids.doh3u) {
return dnsQuestion.ids.doh3u->getHTTPQueryString();
}
return std::string();
});

luaCtx.registerFunction<std::string (DNSQuestion::*)(void) const>("getHTTPHost", [](const DNSQuestion& dnsQuestion) {
if (dnsQuestion.ids.du == nullptr) {
return std::string();
if (dnsQuestion.ids.du) {
return dnsQuestion.ids.du->getHTTPHost();
}
return dnsQuestion.ids.du->getHTTPHost();
if (dnsQuestion.ids.doh3u) {
return dnsQuestion.ids.doh3u->getHTTPHost();
}
return std::string();
});

luaCtx.registerFunction<std::string (DNSQuestion::*)(void) const>("getHTTPScheme", [](const DNSQuestion& dnsQuestion) {
if (dnsQuestion.ids.du == nullptr) {
return std::string();
if (dnsQuestion.ids.du) {
return dnsQuestion.ids.du->getHTTPScheme();
}
if (dnsQuestion.ids.doh3u) {
return dnsQuestion.ids.doh3u->getHTTPScheme();
}
return dnsQuestion.ids.du->getHTTPScheme();
return std::string();
});

luaCtx.registerFunction<LuaAssociativeTable<std::string> (DNSQuestion::*)(void) const>("getHTTPHeaders", [](const DNSQuestion& dnsQuestion) {
if (dnsQuestion.ids.du == nullptr) {
return LuaAssociativeTable<std::string>();
if (dnsQuestion.ids.du) {
return dnsQuestion.ids.du->getHTTPHeaders();
}
if (dnsQuestion.ids.doh3u) {
return dnsQuestion.ids.doh3u->getHTTPHeaders();
}
return dnsQuestion.ids.du->getHTTPHeaders();
return LuaAssociativeTable<std::string>();
});

luaCtx.registerFunction<void (DNSQuestion::*)(uint64_t statusCode, const std::string& body, const boost::optional<std::string> contentType)>("setHTTPResponse", [](DNSQuestion& dnsQuestion, uint64_t statusCode, const std::string& body, const boost::optional<std::string>& contentType) {
Expand Down
103 changes: 66 additions & 37 deletions pdns/dnsdistdist/dnsdist-lua-ffi.cc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -294,12 +294,16 @@ size_t dnsdist_ffi_dnsquestion_get_tag_raw(const dnsdist_ffi_dnsquestion_t* dq,
const char* dnsdist_ffi_dnsquestion_get_http_path(dnsdist_ffi_dnsquestion_t* dq)
{
if (!dq->httpPath) {
if (dq->dq->ids.du == nullptr) {
return nullptr;
}
#ifdef HAVE_DNS_OVER_HTTPS
dq->httpPath = dq->dq->ids.du->getHTTPPath();
if (dq->dq->ids.du) {
#if defined(HAVE_DNS_OVER_HTTPS)
dq->httpPath = dq->dq->ids.du->getHTTPPath();
#endif /* HAVE_DNS_OVER_HTTPS */
}
else if (dq->dq->ids.doh3u) {
#if defined(HAVE_DNS_OVER_HTTP3)
dq->httpPath = dq->dq->ids.doh3u->getHTTPPath();
#endif /* HAVE_DNS_OVER_HTTP3 */
}
}
if (dq->httpPath) {
return dq->httpPath->c_str();
Expand All @@ -310,12 +314,16 @@ const char* dnsdist_ffi_dnsquestion_get_http_path(dnsdist_ffi_dnsquestion_t* dq)
const char* dnsdist_ffi_dnsquestion_get_http_query_string(dnsdist_ffi_dnsquestion_t* dq)
{
if (!dq->httpQueryString) {
if (dq->dq->ids.du == nullptr) {
return nullptr;
}
if (dq->dq->ids.du) {
#ifdef HAVE_DNS_OVER_HTTPS
dq->httpQueryString = dq->dq->ids.du->getHTTPQueryString();
dq->httpQueryString = dq->dq->ids.du->getHTTPQueryString();
#endif /* HAVE_DNS_OVER_HTTPS */
}
else if (dq->dq->ids.doh3u) {
#if defined(HAVE_DNS_OVER_HTTP3)
dq->httpQueryString = dq->dq->ids.doh3u->getHTTPQueryString();
#endif /* HAVE_DNS_OVER_HTTP3 */
}
}
if (dq->httpQueryString) {
return dq->httpQueryString->c_str();
Expand All @@ -326,12 +334,16 @@ const char* dnsdist_ffi_dnsquestion_get_http_query_string(dnsdist_ffi_dnsquestio
const char* dnsdist_ffi_dnsquestion_get_http_host(dnsdist_ffi_dnsquestion_t* dq)
{
if (!dq->httpHost) {
if (dq->dq->ids.du == nullptr) {
return nullptr;
}
if (dq->dq->ids.du) {
#ifdef HAVE_DNS_OVER_HTTPS
dq->httpHost = dq->dq->ids.du->getHTTPHost();
dq->httpHost = dq->dq->ids.du->getHTTPHost();
#endif /* HAVE_DNS_OVER_HTTPS */
}
else if (dq->dq->ids.doh3u) {
#if defined(HAVE_DNS_OVER_HTTP3)
dq->httpHost = dq->dq->ids.doh3u->getHTTPHost();
#endif /* HAVE_DNS_OVER_HTTP3 */
}
}
if (dq->httpHost) {
return dq->httpHost->c_str();
Expand All @@ -342,12 +354,16 @@ const char* dnsdist_ffi_dnsquestion_get_http_host(dnsdist_ffi_dnsquestion_t* dq)
const char* dnsdist_ffi_dnsquestion_get_http_scheme(dnsdist_ffi_dnsquestion_t* dq)
{
if (!dq->httpScheme) {
if (dq->dq->ids.du == nullptr) {
return nullptr;
}
if (dq->dq->ids.du) {
#ifdef HAVE_DNS_OVER_HTTPS
dq->httpScheme = dq->dq->ids.du->getHTTPScheme();
dq->httpScheme = dq->dq->ids.du->getHTTPScheme();
#endif /* HAVE_DNS_OVER_HTTPS */
}
else if (dq->dq->ids.doh3u) {
#if defined(HAVE_DNS_OVER_HTTP3)
dq->httpScheme = dq->dq->ids.doh3u->getHTTPScheme();
#endif /* HAVE_DNS_OVER_HTTP3 */
}
}
if (dq->httpScheme) {
return dq->httpScheme->c_str();
Expand Down Expand Up @@ -404,36 +420,49 @@ size_t dnsdist_ffi_dnsquestion_get_edns_options(dnsdist_ffi_dnsquestion_t* dq, c

size_t dnsdist_ffi_dnsquestion_get_http_headers(dnsdist_ffi_dnsquestion_t* dq, const dnsdist_ffi_http_header_t** out)
{
if (dq->dq->ids.du == nullptr) {
return 0;
}
#if defined(HAVE_DNS_OVER_HTTPS) || defined(HAVE_DNS_OVER_HTTP3)
const auto processHeaders = [&dq](const std::unordered_map<std::string, std::string>& headers) {
if (headers.empty()) {
return;
}
dq->httpHeaders = std::make_unique<std::unordered_map<std::string, std::string>>(headers);
if (!dq->httpHeadersVect) {
dq->httpHeadersVect = std::make_unique<std::vector<dnsdist_ffi_http_header_t>>();
}
dq->httpHeadersVect->clear();
dq->httpHeadersVect->resize(dq->httpHeaders->size());
size_t pos = 0;
for (const auto& header : *dq->httpHeaders) {
dq->httpHeadersVect->at(pos).name = header.first.c_str();
dq->httpHeadersVect->at(pos).value = header.second.c_str();
++pos;
}
};

#ifdef HAVE_DNS_OVER_HTTPS
auto headers = dq->dq->ids.du->getHTTPHeaders();
if (headers.size() == 0) {
return 0;
#if defined(HAVE_DNS_OVER_HTTPS)
if (dq->dq->ids.du) {
const auto& headers = dq->dq->ids.du->getHTTPHeaders();
processHeaders(headers);
}
dq->httpHeaders = std::make_unique<std::unordered_map<std::string, std::string>>(std::move(headers));
if (!dq->httpHeadersVect) {
dq->httpHeadersVect = std::make_unique<std::vector<dnsdist_ffi_http_header_t>>();
#endif /* HAVE_DNS_OVER_HTTPS */
#if defined(HAVE_DNS_OVER_HTTP3)
if (dq->dq->ids.doh3u) {
const auto& headers = dq->dq->ids.doh3u->getHTTPHeaders();
processHeaders(headers);
}
dq->httpHeadersVect->clear();
dq->httpHeadersVect->resize(dq->httpHeaders->size());
size_t pos = 0;
for (const auto& header : *dq->httpHeaders) {
dq->httpHeadersVect->at(pos).name = header.first.c_str();
dq->httpHeadersVect->at(pos).value = header.second.c_str();
++pos;
#endif /* HAVE_DNS_OVER_HTTP3 */

if (!dq->httpHeadersVect) {
return 0;
}

if (!dq->httpHeadersVect->empty()) {
*out = dq->httpHeadersVect->data();
}

return dq->httpHeadersVect->size();
#else
#else /* HAVE_DNS_OVER_HTTPS || HAVE_DNS_OVER_HTTP3 */
return 0;
#endif
#endif /* HAVE_DNS_OVER_HTTPS || HAVE_DNS_OVER_HTTP3 */
}

size_t dnsdist_ffi_dnsquestion_get_tag_array(dnsdist_ffi_dnsquestion_t* dq, const dnsdist_ffi_tag_t** out)
Expand Down
Loading
Loading