From: Aki Tuomi <cmouse@cmouse.fi>
Date: Mon, 17 Apr 2017 16:47:53 +0000 (+0300)
Subject: lua-auth4: Implement axfrfilter
X-Git-Tag: rec-4.1.0-alpha1~150^2~3
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=664706013e6e0874ff013abbca18faeea18aa998;p=thirdparty%2Fpdns.git

lua-auth4: Implement axfrfilter
---

diff --git a/pdns/lua-auth4.cc b/pdns/lua-auth4.cc
index 6503e9cbd1..a14c12b3fb 100644
--- a/pdns/lua-auth4.cc
+++ b/pdns/lua-auth4.cc
@@ -11,6 +11,7 @@
 
 AuthLua4::AuthLua4(const std::string& fname) { }
 bool AuthLua4::updatePolicy(const DNSName &qname, QType qtype, const DNSName &zonename, DNSPacket *packet) { return false; }
+bool AuthLua4::axfrfilter(const ComboAddress& remote, const DNSName& zone, const DNSResourceRecord& in, vector<DNSResourceRecord>& out) { return false; }
 AuthLua4::~AuthLua4() { }
 
 #else
@@ -203,6 +204,7 @@ AuthLua4::AuthLua4(const std::string& fname) {
       return luaResult;
   });
 
+
 /* update policy */
   d_lw->registerFunction<DNSName(UpdatePolicyQuery::*)()>("getQName", [](UpdatePolicyQuery& upq) { return upq.qname; });
   d_lw->registerFunction<DNSName(UpdatePolicyQuery::*)()>("getZoneName", [](UpdatePolicyQuery& upq) { return upq.zonename; });
@@ -222,8 +224,48 @@ AuthLua4::AuthLua4(const std::string& fname) {
   d_lw->executeCode(ifs);
 
   d_update_policy = d_lw->readVariable<boost::optional<luacall_update_policy_t>>("updatepolicy").get_value_or(0);
+  d_axfr_filter = d_lw->readVariable<boost::optional<luacall_axfr_filter_t>>("axfrfilter").get_value_or(0);
+
+}
+
+bool AuthLua4::axfrfilter(const ComboAddress& remote, const DNSName& zone, const DNSResourceRecord& in, vector<DNSResourceRecord>& out) {
+  luacall_axfr_filter_t::result_type ret;
+  int rcode;
+
+  if (d_axfr_filter == NULL) return false;
+
+  ret = d_axfr_filter(remote, zone, in);
+  rcode = std::get<0>(ret);
+  if (rcode < 0)
+    return false;
+  else if (rcode == 1)
+    out.push_back(in);
+  else
+    throw PDNSException("Cannot understand return code "+std::to_string(rcode)+" in axfr filter response");
+
+  const auto& rows = std::get<1>(ret);
+
+  for(const auto& row: rows) {
+    DNSResourceRecord rec;
+    for(const auto& col: row.second) {
+      if (col.first == "qtype")
+        rec.qtype = QType(boost::get<unsigned int>(col.second));
+      else if (col.first == "qname")
+        rec.qname = DNSName(boost::get<std::string>(col.second));
+      else if (col.first == "ttl")
+        rec.ttl = boost::get<unsigned int>(col.second);
+      else if (col.first == "content")
+        rec.setContent(boost::get<std::string>(col.second));
+      else
+        throw PDNSException("Cannot understand "+col.first+" in axfr filter response on row "+std::to_string(row.first));
+    }
+    out.push_back(rec);
+  }
+
+  return true;
 }
 
+
 bool AuthLua4::updatePolicy(const DNSName &qname, QType qtype, const DNSName &zonename, DNSPacket *packet) {
   UpdatePolicyQuery upq;
   upq.qname = qname;
diff --git a/pdns/lua-auth4.hh b/pdns/lua-auth4.hh
index 103460c3d1..3bad3541f7 100644
--- a/pdns/lua-auth4.hh
+++ b/pdns/lua-auth4.hh
@@ -5,6 +5,7 @@
 #include "dnsrecords.hh"
 #include "dnspacket.hh"
 #include <unordered_map>
+#include <boost/variant/variant.hpp>
 #ifdef HAVE_CONFIG_H
 #include "config.h"
 #endif
@@ -21,6 +22,7 @@ private:
 public:
   explicit AuthLua4(const std::string& fname);
   bool updatePolicy(const DNSName &qname, QType qtype, const DNSName &zonename, DNSPacket *packet);
+  bool axfrfilter(const ComboAddress&, const DNSName&, const DNSResourceRecord&, std::vector<DNSResourceRecord>&);
 
   ~AuthLua4(); // this is so unique_ptr works with an incomplete type
 private:
@@ -35,6 +37,8 @@ private:
   };
 
   typedef std::function<bool(const UpdatePolicyQuery&)> luacall_update_policy_t;
+  typedef std::function<std::tuple<int, std::unordered_map<int, std::unordered_map<std::string,boost::variant<unsigned int,std::string> > > >(const ComboAddress&, const DNSName&, const DNSResourceRecord&)> luacall_axfr_filter_t;
 
   luacall_update_policy_t d_update_policy;
+  luacall_axfr_filter_t d_axfr_filter;
 };