modules/http: answer to /dns-query endpoint as well

When using DoH, it seems /dns-query is a more common convetion for
an endpoint name. Let's use it in addition to /doh, since it doesn't
hurt anything and makes kresd more alike the other DoH implementations
out there. It'll also play more nicely with kdig, which uses /dns-query
as default as well.

diff --git a/NEWS b/NEWS
index 4edaee16e253d6238710344fe3e5e3359a61a7f6..0b74d5026488be9fd5aeb592fc8611e029c5a80d 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -1,7 +1,10 @@
 Knot Resolver 5.2.0 (2020-1m-dd)
 ================================
 
+Improvements
+------------
 - net: split the EDNS buffer size into upstream and downstream (!1026)
+- lua-http doh: answer to /dns-query endpoint as well as /doh (!1069)
 
 
 Knot Resolver 5.1.3 (2020-09-08)

diff --git a/modules/http/http_doh.lua b/modules/http/http_doh.lua
index 18de63f7a6131e94d4760af326c4cd41da7980b0..8625c12d950fcdc69dce3a016f1ba732401f322e 100644 (file)
--- a/modules/http/http_doh.lua
+++ b/modules/http/http_doh.lua
@@ -16,10 +16,10 @@ local function serve_doh(h, stream)
        if method == 'POST' then
                input = stream:get_body_chars(1025, 2)  -- read timeout = KR_CONN_RTT_MAX
        elseif method == 'GET' then
-               local input_b64 = string.match(h:get(':path'), '^/doh%?dns=([a-zA-Z0-9_-]+)$') or
-                               string.match(h:get(':path'), '^/doh%?dns=([a-zA-Z0-9_-]+)&') or
-                               string.match(h:get(':path'), '^/doh%?.*&dns=([a-zA-Z0-9_-]+)$') or
-                               string.match(h:get(':path'), '^/doh%?.*&dns=([a-zA-Z0-9_-]+)&')
+               local input_b64 = string.match(h:get(':path'), '^/[^?]*%?dns=([a-zA-Z0-9_-]+)$') or
+                               string.match(h:get(':path'), '^/[^?]*%?dns=([a-zA-Z0-9_-]+)&') or
+                               string.match(h:get(':path'), '^/[^?]*%?.*&dns=([a-zA-Z0-9_-]+)$') or
+                               string.match(h:get(':path'), '^/[^?]*%?.*&dns=([a-zA-Z0-9_-]+)&')
                if not input_b64 then
                        return 400, 'base64url query not found'
                end
@@ -116,6 +116,7 @@ end
 -- Export endpoints
 return {
        endpoints = {
-               ['/doh']   = {'text/plain', serve_doh, nil, nil, true},
+               ['/doh'] = {'text/plain', serve_doh, nil, nil, true},
+               ['/dns-query'] = {'text/plain', serve_doh, nil, nil, true},
        }
 }

diff --git a/modules/http/http_doh.test.lua b/modules/http/http_doh.test.lua
index ccb8d98c633acb63cd9a42bfa12ec19aa198d323..97bc63a8960029b1b4160bfb037266fa2b70de7a 100644 (file)
--- a/modules/http/http_doh.test.lua
+++ b/modules/http/http_doh.test.lua
@@ -360,6 +360,24 @@ else
                modules.unload('view')
        end
 
+       local function test_dns_query_endpoint()
+               local desc = 'valid POST query which ends with SERVFAIL on /dns-query'
+               local request = require('http.request')
+               uri_templ = string.format('http://%s:%d/dns-query', host, port)
+               req = assert(request.new_from_uri(uri_templ))
+               req.headers:upsert('content-type', 'application/dns-message')
+               req.headers:upsert(':method', 'POST')
+               req:set_body(basexx.from_base64(  -- servfail.test. A
+                       'FZUBAAABAAAAAAAACHNlcnZmYWlsBHRlc3QAAAEAAQ=='))
+               local headers, pkt = check_ok(req, desc)
+               if not (headers and pkt) then
+                       return
+               end
+               -- uncacheable
+               same(headers:get('cache-control'), 'max-age=0', desc .. ': TTL 0')
+               same(pkt:rcode(), kres.rcode.SERVFAIL, desc .. ': rcode matches')
+       end
+
 --     not implemented
 --     local function test_post_unsupp_accept()
 --             local req = assert(req_templ:clone())
@@ -393,7 +411,8 @@ else
                test_get_invalid_chars,
                test_unsupp_method,
                test_dstaddr,
-               test_srcaddr
+               test_srcaddr,
+               test_dns_query_endpoint,
        }
 
        return tests