Also moved setting of hit value to find functions mostly.

author Otto <otto.moerbeek@open-xchange.com>

Fri, 15 Oct 2021 10:07:29 +0000 (12:07 +0200)

committer Otto <otto.moerbeek@open-xchange.com>

Fri, 15 Oct 2021 10:07:29 +0000 (12:07 +0200)
author Otto <otto.moerbeek@open-xchange.com>
Fri, 15 Oct 2021 10:07:29 +0000 (12:07 +0200)
committer Otto <otto.moerbeek@open-xchange.com>
Fri, 15 Oct 2021 10:07:29 +0000 (12:07 +0200)
diff --git a/pdns/filterpo.cc b/pdns/filterpo.cc

index a1161745e9dd10a947ee46da6a3b08beacd9f5b6..fc9d916482e765965f7696a1e99310e31eca41b6 100644 (file)
--- a/pdns/filterpo.cc
+++ b/pdns/filterpo.cc
@@ -64,6 +64,7 @@ bool DNSFilterEngine::Zone::findNSIPPolicy(const ComboAddress& addr, DNSFilterEn
      pol = fnd->second;
      pol.d_trigger = Zone::maskToRPZ(fnd->first);
      pol.d_trigger.appendRawLabel(rpzNSIPName);
+    pol.d_hit = addr.toString();
      return true;
    }
    return false;
@@ -75,6 +76,7 @@ bool DNSFilterEngine::Zone::findResponsePolicy(const ComboAddress& addr, DNSFilt
      pol = fnd->second;
      pol.d_trigger = Zone::maskToRPZ(fnd->first);
      pol.d_trigger.appendRawLabel(rpzIPName);
+    pol.d_hit = addr.toString();
      return true;
    }
    return false;
@@ -86,6 +88,7 @@ bool DNSFilterEngine::Zone::findClientPolicy(const ComboAddress& addr, DNSFilter
      pol = fnd->second;
      pol.d_trigger = Zone::maskToRPZ(fnd->first);
      pol.d_trigger.appendRawLabel(rpzClientIPName);
+    pol.d_hit = addr.toString();
      return true;
    }
    return false;
@@ -190,13 +193,13 @@ bool DNSFilterEngine::getProcessingPolicy(const DNSName& qname, const std::unord
      }
      if (z->findExactNSPolicy(qname, pol)) {
        // cerr<<"Had a hit on the nameserver ("<<qname<<") used to process the query"<<endl;
-      pol.d_hit = qname.toStringNoDot();
        return true;
      }
  
      for (const auto& wc : wcNames) {
        if (z->findExactNSPolicy(wc, pol)) {
          // cerr<<"Had a hit on the nameserver ("<<qname<<") used to process the query"<<endl;
+        // Hit is not arg to findExactNSPolicy!
          pol.d_hit = qname.toStringNoDot();
          return true;
        }
@@ -222,7 +225,6 @@ bool DNSFilterEngine::getProcessingPolicy(const ComboAddress& address, const std
      Netmask key;
      if(z->findNSIPPolicy(address, pol)) {
        //      cerr<<"Had a hit on the nameserver ("<<address.toString()<<") used to process the query"<<endl;
-      pol.d_hit = address.toString();
        return true;
      }
    }
@@ -244,7 +246,6 @@ bool DNSFilterEngine::getClientPolicy(const ComboAddress& ca, const std::unorder
      Netmask key;
      if (z->findClientPolicy(ca, pol)) {
        // cerr<<"Had a hit on the IP address ("<<ca.toString()<<") of the client"<<endl;
-      pol.d_hit = ca.toString();
        return true;
      }
    }
@@ -301,15 +302,13 @@ bool DNSFilterEngine::getQueryPolicy(const DNSName& qname, const std::unordered_
  
      if (z->findExactQNamePolicy(qname, pol)) {
        // cerr<<"Had a hit on the name of the query"<<endl;
-      pol.d_trigger = qname;
-      pol.d_hit = qname.toStringNoDot();
        return true;
      }
  
      for (const auto& wc : wcNames) {
        if (z->findExactQNamePolicy(wc, pol)) {
          // cerr<<"Had a hit on the name of the query"<<endl;
-        pol.d_trigger = wc;
+        // Hit is not arg to findExactQNamePolicy!
          pol.d_hit = qname.toStringNoDot();
          return true;
        }
@@ -364,9 +363,6 @@ bool DNSFilterEngine::getPostPolicy(const DNSRecord& record, const std::unordere
  
      Netmask key;
      if (z->findResponsePolicy(ca, pol)) {
-      pol.d_trigger = Zone::maskToRPZ(key);
-      pol.d_trigger.appendRawLabel(rpzIPName);
-      pol.d_hit = ca.toString();
        return true;
      }
    }
diff --git a/pdns/recursordist/test-filterpo_cc.cc b/pdns/recursordist/test-filterpo_cc.cc

index 5cb8cfb2fe45bcf9c1136c2c90d48a8b20ab93b8..9b0ff1fe19095dbea1c3beb347ace5401bd7f674 100644 (file)
--- a/pdns/recursordist/test-filterpo_cc.cc
+++ b/pdns/recursordist/test-filterpo_cc.cc
@@ -115,6 +115,7 @@ BOOST_AUTO_TEST_CASE(test_filter_policies_basic)
      BOOST_CHECK(zone->findNSIPPolicy(nsIP, zonePolicy));
      BOOST_CHECK(zonePolicy == matchingPolicy);
      BOOST_CHECK_EQUAL(zonePolicy.d_trigger, DNSName("31.0.2.0.192.rpz-nsip"));
+    BOOST_CHECK_EQUAL(zonePolicy.d_hit, nsIP.toString());
    }
  
    {
@@ -173,6 +174,7 @@ BOOST_AUTO_TEST_CASE(test_filter_policies_basic)
      BOOST_CHECK(zone->findClientPolicy(clientIP, zonePolicy));
      BOOST_CHECK(zonePolicy == matchingPolicy);
      BOOST_CHECK_EQUAL(zonePolicy.d_trigger, DNSName("31.128.2.0.192.rpz-client-ip"));
+    BOOST_CHECK_EQUAL(zonePolicy.d_hit, clientIP.toString());
    }
  
    {
@@ -196,6 +198,7 @@ BOOST_AUTO_TEST_CASE(test_filter_policies_basic)
      BOOST_CHECK(zone->findResponsePolicy(responseIP, zonePolicy));
      BOOST_CHECK(zonePolicy == matchingPolicy);
      BOOST_CHECK_EQUAL(zonePolicy.d_trigger, DNSName("31.254.2.0.192.rpz-ip"));
+    BOOST_CHECK_EQUAL(zonePolicy.d_hit, responseIP.toString());
    }
  
    {
author	Otto <otto.moerbeek@open-xchange.com>
	Fri, 15 Oct 2021 10:07:29 +0000 (12:07 +0200)
committer	Otto <otto.moerbeek@open-xchange.com>
	Fri, 15 Oct 2021 10:07:29 +0000 (12:07 +0200)
pdns/filterpo.cc		patch \| blob \| blame \| history
pdns/recursordist/test-filterpo_cc.cc		patch \| blob \| blame \| history