From dc5748edd2eb00175ab1026e0d227cdff86d28f2 Mon Sep 17 00:00:00 2001 From: bert hubert Date: Sat, 5 Mar 2016 12:34:46 +0100 Subject: [PATCH] give gettag the ednssubnetmask too. Fix up logger to actualy log our enum. --- pdns/ednssubnet.cc | 17 ++++++++++------- pdns/ednssubnet.hh | 3 ++- pdns/lua-recursor4.cc | 9 +++++---- pdns/lua-recursor4.hh | 4 ++-- pdns/pdns_recursor.cc | 14 +++++++++++++- 5 files changed, 32 insertions(+), 15 deletions(-) diff --git a/pdns/ednssubnet.cc b/pdns/ednssubnet.cc index 92d9d2a17..f804c60a3 100644 --- a/pdns/ednssubnet.cc +++ b/pdns/ednssubnet.cc @@ -36,35 +36,38 @@ namespace { } - bool getEDNSSubnetOptsFromString(const string& options, EDNSSubnetOpts* eso) +{ + return getEDNSSubnetOptsFromString(options.c_str(), options.length(), eso); +} +bool getEDNSSubnetOptsFromString(const char* options, unsigned int len, EDNSSubnetOpts* eso) { //cerr<<"options.size:"<> 3)+1; //cerr<<"octetsin:"< 4) return false; memset(&address, 0, sizeof(address)); address.sin4.sin_family = AF_INET; - memcpy(&address.sin4.sin_addr.s_addr, options.c_str()+4, octetsin); + memcpy(&address.sin4.sin_addr.s_addr, options+4, octetsin); } else if(esow.family == 2) { - if(options.size() != 4+octetsin) + if(len != 4+octetsin) return false; if(octetsin > 16) return false; memset(&address, 0, sizeof(address)); address.sin4.sin_family = AF_INET6; - memcpy(&address.sin6.sin6_addr.s6_addr, options.c_str()+4, octetsin); + memcpy(&address.sin6.sin6_addr.s6_addr, options+4, octetsin); } else return false; diff --git a/pdns/ednssubnet.hh b/pdns/ednssubnet.hh index 084832010..4c4b4c412 100644 --- a/pdns/ednssubnet.hh +++ b/pdns/ednssubnet.hh @@ -1,6 +1,6 @@ /* PowerDNS Versatile Database Driven Nameserver - Copyright (C) 2011 Netherlabs Computer Consulting BV + Copyright (C) 2011 - 2016 Netherlabs Computer Consulting BV This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License version 2 as @@ -35,5 +35,6 @@ struct EDNSSubnetOpts }; bool getEDNSSubnetOptsFromString(const string& options, EDNSSubnetOpts* eso); +bool getEDNSSubnetOptsFromString(const char* options, unsigned int len, EDNSSubnetOpts* eso); string makeEDNSSubnetOptsString(const EDNSSubnetOpts& eso); #endif diff --git a/pdns/lua-recursor4.cc b/pdns/lua-recursor4.cc index df22aca8f..2c27519c2 100644 --- a/pdns/lua-recursor4.cc +++ b/pdns/lua-recursor4.cc @@ -45,7 +45,7 @@ bool RecursorLua4::ipfilter(const ComboAddress& remote, const ComboAddress& loca return false; } -int RecursorLua4::gettag(const ComboAddress& remote, const ComboAddress& local, const DNSName& qname, uint16_t qtype) +int RecursorLua4::gettag(const ComboAddress& remote, const EDNSSubnet& subnet, const ComboAddress& local, const DNSName& qname, uint16_t qtype) { return 0; } @@ -277,6 +277,7 @@ RecursorLua4::RecursorLua4(const std::string& fname) d_lw->registerFunction("getNetwork", [](const Netmask& nm) { return nm.getNetwork(); } ); // const reference makes this necessary d_lw->registerFunction("toString", &Netmask::toString); + d_lw->registerFunction("empty", &Netmask::empty); d_lw->writeFunction("newNMG", []() { return NetmaskGroup(); }); d_lw->registerFunction("addMask", [](NetmaskGroup&nmg, const std::string& mask) @@ -340,7 +341,7 @@ RecursorLua4::RecursorLua4(const std::string& fname) d_lw->writeFunction("pdnslog", [](const std::string& msg, boost::optional loglevel) { - theL() << loglevel.get_value_or(Logger::Warning) << msg< > in_t; vector > > pd{ @@ -426,10 +427,10 @@ bool RecursorLua4::ipfilter(const ComboAddress& remote, const ComboAddress& loca return false; // don't block } -int RecursorLua4::gettag(const ComboAddress& remote, const ComboAddress& local, const DNSName& qname, uint16_t qtype) +int RecursorLua4::gettag(const ComboAddress& remote, const Netmask& ednssubnet, const ComboAddress& local, const DNSName& qname, uint16_t qtype) { if(d_gettag) - return d_gettag(remote, local, qname, qtype); + return d_gettag(remote, ednssubnet, local, qname, qtype); return 0; } diff --git a/pdns/lua-recursor4.hh b/pdns/lua-recursor4.hh index 12e622e84..9ff7aa278 100644 --- a/pdns/lua-recursor4.hh +++ b/pdns/lua-recursor4.hh @@ -20,9 +20,9 @@ public: bool preoutquery(const ComboAddress& ns, const ComboAddress& requestor, const DNSName& query, const QType& qtype, vector& res, int& ret); bool ipfilter(const ComboAddress& remote, const ComboAddress& local, const struct dnsheader&); - int gettag(const ComboAddress& remote, const ComboAddress& local, const DNSName& query, uint16_t qtype); + int gettag(const ComboAddress& remote, const Netmask& ednssubnet, const ComboAddress& local, const DNSName& query, uint16_t qtype); - typedef std::function gettag_t; + typedef std::function gettag_t; gettag_t d_gettag; // public so you can query if we have this hooked private: diff --git a/pdns/pdns_recursor.cc b/pdns/pdns_recursor.cc index e0eda04b9..b59fd66bb 100644 --- a/pdns/pdns_recursor.cc +++ b/pdns/pdns_recursor.cc @@ -1157,7 +1157,19 @@ string* doProcessUDPQuestion(const std::string& question, const ComboAddress& fr uint16_t qtype=0; try { DNSName qname(question.c_str(), question.length(), sizeof(dnsheader), false, &qtype, 0, &consumed); - ctag=(*t_pdl)->gettag(fromaddr, destaddr, qname, qtype); + Netmask ednssubnet; + auto pos= sizeof(dnsheader)+consumed+4; + if(dh->arcount && question.length() > pos + 16) { // this code can extract one (1) EDNS Subnet option + uint16_t optlen=0x100*question.at(pos+9)+question.at(pos+10); + uint16_t optcode=0x100*question.at(pos+11)+question.at(pos+12); + if(question.at(pos)==0 && question.at(pos+1)==0 && question.at(pos+2)==QType::OPT && optlen && optcode==8) { + EDNSSubnetOpts eso; + if(getEDNSSubnetOptsFromString(question.c_str()+pos+15, question.length()-15-pos, &eso)) { + ednssubnet=eso.source; + } + } + } + ctag=(*t_pdl)->gettag(fromaddr, ednssubnet, destaddr, qname, qtype); } catch(std::exception& e) { -- 2.40.0