From: Pieter Lexis Date: Tue, 22 Sep 2020 14:11:46 +0000 (+0200) Subject: Add additional processing for SVCB and HTTPS X-Git-Tag: auth-4.4.0-alpha1~2^2~6 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=8d0d65efcb7f7ad8d04ccb0db91d63429509b12b;p=thirdparty%2Fpdns.git Add additional processing for SVCB and HTTPS --- diff --git a/pdns/dnsrecords.hh b/pdns/dnsrecords.hh index 4daa894c87..bb016dedca 100644 --- a/pdns/dnsrecords.hh +++ b/pdns/dnsrecords.hh @@ -501,6 +501,8 @@ class SVCBRecordContent : public DNSRecordContent { public: includeboilerplate(SVCB) + const DNSName& getTarget() const {return d_target;} + uint16_t getPriority() const {return d_priority;} private: uint16_t d_priority; @@ -512,6 +514,8 @@ class HTTPSRecordContent : public DNSRecordContent { public: includeboilerplate(HTTPS) + const DNSName& getTarget() const {return d_target;} + uint16_t getPriority() const {return d_priority;} private: uint16_t d_priority; diff --git a/pdns/packethandler.cc b/pdns/packethandler.cc index a535ac6fec..9347adb87b 100644 --- a/pdns/packethandler.cc +++ b/pdns/packethandler.cc @@ -438,13 +438,51 @@ bool PacketHandler::getBestWildcard(DNSPacket& p, const SOAData& sd, const DNSNa return haveSomething; } +DNSName PacketHandler::doAdditionalServiceProcessing(const DNSName &firstTarget, const uint16_t &qtype, const int domain_id, std::unique_ptr& r) { + DNSName ret = firstTarget; + size_t ctr = 5; // Max 5 SVCB Aliasforms per query + bool done = false; + while (!done && ctr > 0) { + DNSZoneRecord rr; + done = true; + B.lookup(QType(qtype), ret, domain_id); + while (B.get(rr)) { + rr.dr.d_place = DNSResourceRecord::ADDITIONAL; + switch (qtype) { + case QType::SVCB: { + auto rrc = getRR(rr.dr); + r->addRecord(std::move(rr)); + ret = rrc->getTarget().isRoot() ? ret : rrc->getTarget(); + if (rrc->getPriority() == 0) { + done = false; + } + break; + } + case QType::HTTPS: { + auto rrc = getRR(rr.dr); + r->addRecord(std::move(rr)); + ret = rrc->getTarget().isRoot() ? ret : rrc->getTarget(); + if (rrc->getPriority() == 0) { + done = false; + } + break; + } + default: + throw PDNSException("Unknown type (" + QType(qtype).getName() + "for additional service processing"); + } + } + ctr--; + } + return ret; +} + void PacketHandler::doAdditionalProcessing(DNSPacket& p, std::unique_ptr& r, const SOAData& soadata) { DNSName content; std::unordered_set lookup; const auto& rrs = r->getRRS(); - + lookup.reserve(rrs.size()); for(auto& rr : rrs) { if(rr.dr.d_place != DNSResourceRecord::ADDITIONAL) { @@ -458,6 +496,24 @@ void PacketHandler::doAdditionalProcessing(DNSPacket& p, std::unique_ptr(rr.dr)->d_target); break; + case QType::SVCB: { + auto rrc = getRR(rr.dr); + content = rrc->getTarget(); + if (content.isRoot()) { + content = rr.dr.d_name; + } + content = doAdditionalServiceProcessing(content, rr.dr.d_type, soadata.domain_id, r); + break; + } + case QType::HTTPS: { + auto rrc = getRR(rr.dr); + content = rrc->getTarget(); + if (content.isRoot()) { + content = rr.dr.d_name; + } + content = doAdditionalServiceProcessing(content, rr.dr.d_type, soadata.domain_id, r); + break; + } default: continue; } diff --git a/pdns/packethandler.hh b/pdns/packethandler.hh index 36201d1047..3ffba371e3 100644 --- a/pdns/packethandler.hh +++ b/pdns/packethandler.hh @@ -74,6 +74,7 @@ private: bool addCDS(DNSPacket& p, std::unique_ptr& r, const SOAData& sd); bool addNSEC3PARAM(const DNSPacket& p, std::unique_ptr& r, const SOAData& sd); void doAdditionalProcessing(DNSPacket& p, std::unique_ptr& r, const SOAData& sd); + DNSName doAdditionalServiceProcessing(const DNSName &firstTarget, const uint16_t &qtype, const int domain_id, std::unique_ptr& r); void addNSECX(DNSPacket& p, std::unique_ptr& r, const DNSName &target, const DNSName &wildcard, const DNSName &auth, int mode); void addNSEC(DNSPacket& p, std::unique_ptr& r, const DNSName &target, const DNSName &wildcard, const DNSName& auth, int mode); void addNSEC3(DNSPacket& p, std::unique_ptr& r, const DNSName &target, const DNSName &wildcard, const DNSName& auth, const NSEC3PARAMRecordContent& nsec3param, bool narrow, int mode);