auth: createForward and createForward6 will use the zone_record as base

Closes #7522

diff --git a/pdns/lua-auth4.hh b/pdns/lua-auth4.hh
index d154df708849ecc2156c53454629a092c60338e8..6d75072d2f7870eac32e45cc59ca16b95106274c 100644 (file)
--- a/pdns/lua-auth4.hh
+++ b/pdns/lua-auth4.hh
@@ -45,5 +45,5 @@ private:
   luacall_axfr_filter_t d_axfr_filter;
   luacall_prequery_t d_prequery;
 };
-std::vector<shared_ptr<DNSRecordContent>> luaSynth(const std::string& code, const DNSName& qname,
+std::vector<shared_ptr<DNSRecordContent>> luaSynth(const std::string& code, const DNSName& qname, const DNSRecord& zone_record,
                                                    const DNSName& zone, int zoneid, const DNSPacket& dnsp, uint16_t qtype, unique_ptr<AuthLua4>& LUA);

diff --git a/pdns/lua-record.cc b/pdns/lua-record.cc
index 1f2344a881b5e06c70a8d8a6999dc28ca0fdc020..a6286f4aa7e50ccba61cea954b5f712ff945744e 100644 (file)
--- a/pdns/lua-record.cc
+++ b/pdns/lua-record.cc
@@ -654,6 +654,7 @@ typedef struct AuthLuaRecordContext
 {
   ComboAddress          bestwho;
   DNSName               qname;
+  DNSRecord             zone_record;
   DNSName               zone;
   int                   zoneid;
 } lua_record_ctx_t;
@@ -915,8 +916,14 @@ static void setupLuaRecords(LuaContext& lua) // NOLINT(readability-function-cogn
       return std::string("error");
     });
   lua.writeFunction("createForward", []() {
-      static string allZerosIP("0.0.0.0");
-      DNSName rel=s_lua_record_ctx->qname.makeRelative(s_lua_record_ctx->zone);
+      static string allZerosIP{"0.0.0.0"};
+      DNSName record_name{s_lua_record_ctx->zone_record.d_name};
+      if (record_name.isWildcard() == false) {
+        return allZerosIP;
+      }
+      record_name.chopOff();
+      DNSName rel{s_lua_record_ctx->qname.makeRelative(record_name)};
+
       // parts is something like ["1", "2", "3", "4", "static"] or
       // ["1", "2", "3", "4"] or ["ip40414243", "ip-addresses", ...]
       auto parts = rel.getRawLabels();
@@ -972,7 +979,14 @@ static void setupLuaRecords(LuaContext& lua) // NOLINT(readability-function-cogn
     });
 
   lua.writeFunction("createForward6", []() {
-      DNSName rel=s_lua_record_ctx->qname.makeRelative(s_lua_record_ctx->zone);
+      static string allZerosIP{"::"};
+      DNSName record_name{s_lua_record_ctx->zone_record.d_name};
+      if (record_name.isWildcard() == false) {
+        return allZerosIP;
+      }
+      record_name.chopOff();
+      DNSName rel{s_lua_record_ctx->qname.makeRelative(record_name)};
+
       auto parts = rel.getRawLabels();
       if(parts.size()==8) {
         string tot;
@@ -1008,7 +1022,7 @@ static void setupLuaRecords(LuaContext& lua) // NOLINT(readability-function-cogn
         }
       }
 
-      return std::string("::");
+      return allZerosIP;
     });
   lua.writeFunction("createReverse6", [](string format, boost::optional<std::unordered_map<string,string>> e){
       vector<ComboAddress> candidates;
@@ -1395,7 +1409,7 @@ static void setupLuaRecords(LuaContext& lua) // NOLINT(readability-function-cogn
     });
 }
 
-std::vector<shared_ptr<DNSRecordContent>> luaSynth(const std::string& code, const DNSName& query, const DNSName& zone, int zoneid, const DNSPacket& dnsp, uint16_t qtype, unique_ptr<AuthLua4>& LUA)
+std::vector<shared_ptr<DNSRecordContent>> luaSynth(const std::string& code, const DNSName& query, const DNSRecord& zone_record, const DNSName& zone, int zoneid, const DNSPacket& dnsp, uint16_t qtype, unique_ptr<AuthLua4>& LUA)
 {
   if(!LUA ||                  // we don't have a Lua state yet
      !g_LuaRecordSharedState) { // or we want a new one even if we had one
@@ -1409,6 +1423,7 @@ std::vector<shared_ptr<DNSRecordContent>> luaSynth(const std::string& code, cons
 
   s_lua_record_ctx = std::make_unique<lua_record_ctx_t>();
   s_lua_record_ctx->qname = query;
+  s_lua_record_ctx->zone_record = zone_record;
   s_lua_record_ctx->zone = zone;
   s_lua_record_ctx->zoneid = zoneid;
 

diff --git a/pdns/packethandler.cc b/pdns/packethandler.cc
index ca6d263438c4e3cb4c0d689f0edd454e2c731289..18435977596db88e0a271949e609fe4f54533afc 100644 (file)
--- a/pdns/packethandler.cc
+++ b/pdns/packethandler.cc
@@ -427,7 +427,7 @@ bool PacketHandler::getBestWildcard(DNSPacket& p, const DNSName &target, DNSName
           //    noCache=true;
           DLOG(g_log<<"Executing Lua: '"<<rec->getCode()<<"'"<<endl);
           try {
-            auto recvec=luaSynth(rec->getCode(), target, d_sd.qname, d_sd.domain_id, p, rec->d_type, s_LUA);
+            auto recvec=luaSynth(rec->getCode(), target, rr.dr, d_sd.qname, d_sd.domain_id, p, rec->d_type, s_LUA);
             for (const auto& r : recvec) {
               rr.dr.d_type = rec->d_type; // might be CNAME
               rr.dr.setContent(r);
@@ -1622,7 +1622,7 @@ std::unique_ptr<DNSPacket> PacketHandler::doQuestion(DNSPacket& p)
         if(rec->d_type == QType::CNAME || rec->d_type == p.qtype.getCode() || (p.qtype.getCode() == QType::ANY && rec->d_type != QType::RRSIG)) {
           noCache=true;
           try {
-            auto recvec=luaSynth(rec->getCode(), target, d_sd.qname, d_sd.domain_id, p, rec->d_type, s_LUA);
+            auto recvec=luaSynth(rec->getCode(), target, rr.dr, d_sd.qname, d_sd.domain_id, p, rec->d_type, s_LUA);
             if(!recvec.empty()) {
               for (const auto& r_it : recvec) {
                 rr.dr.d_type = rec->d_type; // might be CNAME

diff --git a/regression-tests.auth-py/test_LuaRecords.py b/regression-tests.auth-py/test_LuaRecords.py
index 973d98568c87e9e752ea9526771b87b83e331f9c..dc4664584534143a4d541e44eaf181c05fc084b4 100644 (file)
--- a/regression-tests.auth-py/test_LuaRecords.py
+++ b/regression-tests.auth-py/test_LuaRecords.py
@@ -148,6 +148,7 @@ resolve          IN    LUA    A   ";local r=resolve('localhost', 1) local t={{}}
 filterforwardempty IN LUA A "filterForward('192.0.2.1', newNMG{{'192.1.2.0/24'}}, '')"
 
 *.createforward  IN    LUA    A     "filterForward(createForward(), newNMG{{'1.0.0.0/8', '64.0.0.0/8'}})"
+*.createforward6 IN    LUA    AAAA  "filterForward(createForward6(), newNMG{{'2000::/3'}}, 'fe80::1')"
 *.createreverse  IN    LUA    PTR   "createReverse('%5%.example.com', {{['10.10.10.10'] = 'quad10.example.com.'}})"
 *.createreverse6 IN    LUA    PTR   "createReverse6('%33%.example.com', {{['2001:db8::1'] = 'example.example.com.'}})"
 
@@ -160,14 +161,7 @@ lookmeup         IN           A  192.0.2.5
 dblookup         IN    LUA    A  "dblookup('lookmeup.example.org', pdns.A)[1]"
 
 whitespace       IN    LUA    TXT "'foo" "bar'"
-        """,
-        'createforward6.example.org': """
-createforward6.example.org.                 3600 IN SOA  {soa}
-createforward6.example.org.                 3600 IN NS   ns1.example.org.
-createforward6.example.org.                 3600 IN NS   ns2.example.org.
-*                                                IN    LUA    AAAA  "filterForward(createForward6(), newNMG{{'2000::/3'}}, 'fe80::1')"
-        """
-# the separate createforward6 zone is because some of the code in lua-record.cc insists on working relatively to the zone apex
+        """
     }
     _web_rrsets = []
 
@@ -1004,7 +998,7 @@ createforward6.example.org.                 3600 IN NS   ns2.example.org.
                 "invalid": "0.0.0.0",
                 "1-2-3-4": "1.2.3.4",
                 "1-2-3-4.foo": "1.2.3.4",
-                "1-2-3-4.foo.bar": "0.0.0.0",
+                "1-2-3-4.foo.bar": "1.2.3.4",
                 "1-2-3-4.foo.bar.baz": "0.0.0.0",
                 "1-2-3-4.foo.bar.baz.quux": "0.0.0.0",
                 "ip-1-2-3-4": "1.2.3.4",