From: Remi Gacogne Date: Fri, 19 Apr 2019 13:06:10 +0000 (+0200) Subject: dnsdist: Accept a single DoH URL string. Better error messages X-Git-Tag: dnsdist-1.4.0-alpha2~6^2~3 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=0718e562ed25684853258a4b13d49e604bd9c047;p=pdns dnsdist: Accept a single DoH URL string. Better error messages --- diff --git a/pdns/dnsdist-lua.cc b/pdns/dnsdist-lua.cc index 0e1954ce0..7a3457d1c 100644 --- a/pdns/dnsdist-lua.cc +++ b/pdns/dnsdist-lua.cc @@ -1648,7 +1648,7 @@ void setupLuaConfig(bool client) setSyslogFacility(facility); }); - g_lua.writeFunction("addDOHLocal", [client](const std::string& addr, boost::variant>> certFiles, boost::variant>> keyFiles, boost::optional > > urls, boost::optional vars) { + g_lua.writeFunction("addDOHLocal", [client](const std::string& addr, boost::variant>> certFiles, boost::variant>> keyFiles, boost::optional > > > urls, boost::optional vars) { if (client) { return; } @@ -1665,9 +1665,15 @@ void setupLuaConfig(bool client) } frontend->d_local = ComboAddress(addr, 443); - if(urls && !urls->empty()) { - for(const auto& p : *urls) { - frontend->d_urls.push_back(p.second); + if (urls) { + if (urls->type() == typeid(std::string)) { + frontend->d_urls.push_back(boost::get(*urls)); + } + else if (urls->type() == typeid(std::vector>)) { + auto urlsVect = boost::get>>(*urls); + for(const auto& p : urlsVect) { + frontend->d_urls.push_back(p.second); + } } } else { @@ -1735,13 +1741,13 @@ void setupLuaConfig(bool client) result = g_dohlocals.at(index); } else { - errlog("Error: trying to get DOH frontend with index %zu but we only have %zu\n", index, g_dohlocals.size()); - g_outputBuffer="Error: trying to get DOH frontend with index " + std::to_string(index) + " but we only have " + std::to_string(g_dohlocals.size()) + "\n"; + errlog("Error: trying to get DOH frontend with index %zu but we only have %zu frontend(s)\n", index, g_dohlocals.size()); + g_outputBuffer="Error: trying to get DOH frontend with index " + std::to_string(index) + " but we only have " + std::to_string(g_dohlocals.size()) + " frontend(s)\n"; } } catch(const std::exception& e) { - g_outputBuffer="Error: "+string(e.what())+"\n"; - errlog("Error: %s\n", string(e.what())); + g_outputBuffer="Error while trying to get DOH frontend with index " + std::to_string(index) + ": "+string(e.what())+"\n"; + errlog("Error while trying to get get DOH frontend with index %zu: %s\n", index, string(e.what())); } #else g_outputBuffer="DNS over HTTPS support is not present!\n"; @@ -1869,13 +1875,13 @@ void setupLuaConfig(bool client) result = g_tlslocals.at(index)->getContext(); } else { - errlog("Error: trying to get TLS context with index %zu but we only have %zu\n", index, g_tlslocals.size()); - g_outputBuffer="Error: trying to get TLS context with index " + std::to_string(index) + " but we only have " + std::to_string(g_tlslocals.size()) + "\n"; + errlog("Error: trying to get TLS context with index %zu but we only have %zu context(s)\n", index, g_tlslocals.size()); + g_outputBuffer="Error: trying to get TLS context with index " + std::to_string(index) + " but we only have " + std::to_string(g_tlslocals.size()) + " context(s)\n"; } } catch(const std::exception& e) { - g_outputBuffer="Error: "+string(e.what())+"\n"; - errlog("Error: %s\n", string(e.what())); + g_outputBuffer="Error while trying to get TLS context with index " + std::to_string(index) + ": "+string(e.what())+"\n"; + errlog("Error while trying to get TLS context with index %zu: %s\n", index, string(e.what())); } #else g_outputBuffer="DNS over TLS support is not present!\n"; @@ -1892,13 +1898,13 @@ void setupLuaConfig(bool client) result = g_tlslocals.at(index); } else { - errlog("Error: trying to get TLS frontend with index %zu but we only have %zu\n", index, g_tlslocals.size()); - g_outputBuffer="Error: trying to get TLS frontend with index " + std::to_string(index) + " but we only have " + std::to_string(g_tlslocals.size()) + "\n"; + errlog("Error: trying to get TLS frontend with index %zu but we only have %zu frontends\n", index, g_tlslocals.size()); + g_outputBuffer="Error: trying to get TLS frontend with index " + std::to_string(index) + " but we only have " + std::to_string(g_tlslocals.size()) + " frontend(s)\n"; } } catch(const std::exception& e) { - g_outputBuffer="Error: "+string(e.what())+"\n"; - errlog("Error: %s\n", string(e.what())); + g_outputBuffer="Error while trying to get TLS frontend with index " + std::to_string(index) + ": "+string(e.what())+"\n"; + errlog("Error while trying to get TLS frontend with index %zu: %s\n", index, string(e.what())); } #else g_outputBuffer="DNS over TLS support is not present!\n"; diff --git a/pdns/dnsdistdist/docs/reference/config.rst b/pdns/dnsdistdist/docs/reference/config.rst index 9db8c9e0d..a0aed92e1 100644 --- a/pdns/dnsdistdist/docs/reference/config.rst +++ b/pdns/dnsdistdist/docs/reference/config.rst @@ -100,7 +100,7 @@ Listen Sockets higher than 0 to enable TCP Fast Open when available. Default is 0. -.. function:: addDOHLocal(address, certFile(s), keyFile(s) [, url [, options]]) +.. function:: addDOHLocal(address, certFile(s), keyFile(s) [, urls [, options]]) .. versionadded:: 1.4.0 @@ -110,7 +110,7 @@ Listen Sockets The default port is 443. :param str certFile(s): The path to a X.509 certificate file in PEM format, or a list of paths to such files. :param str keyFile(s): The path to the private key file corresponding to the certificate, or a list of paths to such files, whose order should match the certFile(s) ones. - :param list url: A list of URLs to accept queries on. The default is /. + :param str or list urls: A base URL, or a list of base URLs, to accept queries on. Any query with a path under one of these will be treated as a DoH query. The default is /. :param table options: A table with key: value pairs with listen options. Options: