Expose EDNS Flags to Lua

Closes #4531

diff --git a/docs/markdown/recursor/scripting.md b/docs/markdown/recursor/scripting.md
index 862fb1d8cdb5e1c3a76346fe3e55212fc900ef4f..473b3df96c39769b5789a1564402622b4e4eac38 100644 (file)
--- a/docs/markdown/recursor/scripting.md
+++ b/docs/markdown/recursor/scripting.md
@@ -116,6 +116,8 @@ It also supports the following methods:
 * `getRecords()`: get a table of DNS Records in this DNS Question (or answer by now)
 * `setPolicyTags(tags)`: update the policy tags, taking a table of strings.
 * `setRecords(records)`: after your edits, update the answers of this question
+* `getEDNSFlag(name)`: returns true if the EDNS flag with `name` is set in the query
+* `getEDNSFlags()`: returns a list of strings with all the EDNS flag mnemonics in the query
 * `getEDNSOption(num)`: get the EDNS Option with number `num`
 * `getEDNSOptions()`: get a map of all EDNS Options
 * `getEDNSSubnet()`: returns the netmask specified in the EDNSSubnet option, or empty if there was none

diff --git a/pdns/lua-recursor4.cc b/pdns/lua-recursor4.cc
index 36769190b71f7b66a9ec96b5fceba22e1211bf22..e04073d703936f69a7b43dc86594a6f63fe05cba 100644 (file)
--- a/pdns/lua-recursor4.cc
+++ b/pdns/lua-recursor4.cc
@@ -166,6 +166,25 @@ boost::optional<dnsheader> RecursorLua4::DNSQuestion::getDH() const
   return boost::optional<dnsheader>();
 }
 
+vector<string> RecursorLua4::DNSQuestion::getEDNSFlags() const
+{
+  vector<string> ret;
+  if (ednsFlags) {
+    if (*ednsFlags & EDNSOpts::DNSSECOK)
+      ret.push_back("DO");
+  }
+  return ret;
+}
+
+bool RecursorLua4::DNSQuestion::getEDNSFlag(string flag) const
+{
+  if (ednsFlags) {
+    if (flag == "DO" && (*ednsFlags & EDNSOpts::DNSSECOK))
+      return true;
+  }
+  return false;
+}
+
 vector<pair<uint16_t, string> > RecursorLua4::DNSQuestion::getEDNSOptions() const
 {
   if(ednsOptions)
@@ -408,6 +427,8 @@ RecursorLua4::RecursorLua4(const std::string& fname)
   d_lw->registerFunction("getEDNSOptions", &DNSQuestion::getEDNSOptions);
   d_lw->registerFunction("getEDNSOption", &DNSQuestion::getEDNSOption);
   d_lw->registerFunction("getEDNSSubnet", &DNSQuestion::getEDNSSubnet);
+  d_lw->registerFunction("getEDNSFlags", &DNSQuestion::getEDNSFlags);
+  d_lw->registerFunction("getEDNSFlag", &DNSQuestion::getEDNSFlag);
   d_lw->registerMember("name", &DNSRecord::d_name);
   d_lw->registerMember("type", &DNSRecord::d_type);
   d_lw->registerMember("ttl", &DNSRecord::d_ttl);

diff --git a/pdns/lua-recursor4.hh b/pdns/lua-recursor4.hh
index 3acce5d51bccaadf5e900fa44110322d827cfb4f..230f07a85d4ad7ef490c4f291e9c55ab66d918cd 100644 (file)
--- a/pdns/lua-recursor4.hh
+++ b/pdns/lua-recursor4.hh
@@ -58,6 +58,7 @@ public:
     const struct dnsheader* dh{nullptr};
     const bool isTcp;
     const std::vector<pair<uint16_t, string>>* ednsOptions{nullptr};
+    const uint16_t* ednsFlags{nullptr};
     vector<DNSRecord>* currentRecords{nullptr};
     DNSFilterEngine::Policy* appliedPolicy{nullptr};
     std::vector<std::string>* policyTags{nullptr};
@@ -74,6 +75,8 @@ public:
     vector<pair<uint16_t, string> > getEDNSOptions() const;
     boost::optional<string> getEDNSOption(uint16_t code) const;
     boost::optional<Netmask> getEDNSSubnet() const;
+    vector<string> getEDNSFlags() const;
+    bool getEDNSFlag(string flag) const;
     void setRecords(const vector<pair<int,DNSRecord> >& records);
 
     int rcode{0};

diff --git a/pdns/pdns_recursor.cc b/pdns/pdns_recursor.cc
index 31c6cd734e69de7330c90dbd549eade870a48858..8c87337cbdca4a51cb6da9cf4e3f22d9d00e7117 100644 (file)
--- a/pdns/pdns_recursor.cc
+++ b/pdns/pdns_recursor.cc
@@ -746,6 +746,7 @@ void startDoResolve(void *p)
     std::shared_ptr<RecursorLua4::DNSQuestion> dq = nullptr;
     if (t_pdl->get() && (*t_pdl)->needDQ()) {
       dq = std::make_shared<RecursorLua4::DNSQuestion>(dc->d_remote, dc->d_local, dc->d_mdp.d_qname, dc->d_mdp.d_qtype, dc->d_tcp, variableAnswer, wantsRPZ);
+      dq->ednsFlags = &edo.d_Z;
       dq->ednsOptions = &dc->d_ednsOpts;
       dq->tag = dc->d_tag;
       dq->discardedPolicies = &sr.d_discardedPolicies;