From: Pieter Lexis <pieter.lexis@powerdns.com>
Date: Wed, 22 Feb 2017 17:04:22 +0000 (+0100)
Subject: dnsdist addAction: Also DNSName(s)
X-Git-Tag: rec-4.1.0-alpha1~238^2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fpull%2F5070%2Fhead;p=thirdparty%2Fpdns.git

dnsdist addAction: Also DNSName(s)
---

diff --git a/pdns/README-dnsdist.md b/pdns/README-dnsdist.md
index e3d615be80..01fb4b0396 100644
--- a/pdns/README-dnsdist.md
+++ b/pdns/README-dnsdist.md
@@ -412,6 +412,10 @@ Cache Hit Response rules, triggered on a cache hit, can be added via:
 
 A DNS rule can be:
 
+ * A string that is either a domain name or netmask
+ * A list of strings that are either domain names or netmasks
+ * A DNSName
+ * A list of DNSNames
  * an AllRule
  * an AndRule
  * a DNSSECRule
diff --git a/pdns/dnsdist-lua.cc b/pdns/dnsdist-lua.cc
index 3a662e713c..fe0abd01be 100644
--- a/pdns/dnsdist-lua.cc
+++ b/pdns/dnsdist-lua.cc
@@ -91,16 +91,13 @@ private:
   func_t d_func;
 };
 
-typedef boost::variant<string,vector<pair<int, string>>, std::shared_ptr<DNSRule> > luadnsrule_t;
-
 std::shared_ptr<DNSRule> makeRule(const luadnsrule_t& var)
 {
-  if(auto src = boost::get<std::shared_ptr<DNSRule>>(&var))
-    return *src;
-  
+  if (var.type() == typeid(std::shared_ptr<DNSRule>))
+    return *boost::get<std::shared_ptr<DNSRule>>(&var);
+
   SuffixMatchNode smn;
   NetmaskGroup nmg;
-
   auto add=[&](string src) {
     try {
       nmg.addMask(src); // need to try mask first, all masks are domain names!
@@ -108,13 +105,21 @@ std::shared_ptr<DNSRule> makeRule(const luadnsrule_t& var)
       smn.add(DNSName(src));
     }
   };
-  if(auto src = boost::get<string>(&var))
-    add(*src);
-  else {
-    for(auto& a : boost::get<vector<pair<int, string>>>(var)) {
+
+  if (var.type() == typeid(string))
+    add(*boost::get<string>(&var));
+
+  else if (var.type() == typeid(vector<pair<int, string>>))
+    for(const auto& a : *boost::get<vector<pair<int, string>>>(&var))
       add(a.second);
-    }
-  }
+
+  else if (var.type() == typeid(DNSName))
+    smn.add(*boost::get<DNSName>(&var));
+
+  else if (var.type() == typeid(vector<pair<int, DNSName>>))
+    for(const auto& a : *boost::get<vector<pair<int, DNSName>>>(&var))
+      smn.add(a.second);
+
   if(nmg.empty())
     return std::make_shared<SuffixMatchNodeRule>(smn);
   else
diff --git a/pdns/dnsdist-lua.hh b/pdns/dnsdist-lua.hh
index 5e88dfa91f..5a91e69549 100644
--- a/pdns/dnsdist-lua.hh
+++ b/pdns/dnsdist-lua.hh
@@ -21,5 +21,5 @@
  */
 #pragma once
 
-typedef boost::variant<string,vector<pair<int, string>>, std::shared_ptr<DNSRule> > luadnsrule_t;
+typedef boost::variant<string, vector<pair<int, string>>, std::shared_ptr<DNSRule>, DNSName, vector<pair<int, DNSName> > > luadnsrule_t;
 std::shared_ptr<DNSRule> makeRule(const luadnsrule_t& var);
diff --git a/regression-tests.dnsdist/test_Basics.py b/regression-tests.dnsdist/test_Basics.py
index 496e6410b0..a4b891269e 100644
--- a/regression-tests.dnsdist/test_Basics.py
+++ b/regression-tests.dnsdist/test_Basics.py
@@ -15,6 +15,8 @@ class TestBasics(DNSDistTest):
     mySMN:add(newDNSName("nameAndQtype.tests.powerdns.com."))
     addAction(AndRule{SuffixMatchNodeRule(mySMN), QTypeRule("TXT")}, RCodeAction(dnsdist.NOTIMP))
     addAction(makeRule("drop.test.powerdns.com."), DropAction())
+    addAction(newDNSName("dnsname.addaction.powerdns.com."), RCodeAction(dnsdist.REFUSED))
+    addAction({newDNSName("dnsname-table1.addaction.powerdns.com."), newDNSName("dnsname-table2.addaction.powerdns.com.")}, RCodeAction(dnsdist.REFUSED))
     block=newDNSName("powerdns.org.")
     function blockFilter(dq)
         if(dq.qname:isPartOf(block))
@@ -380,6 +382,29 @@ class TestBasics(DNSDistTest):
         self.assertEquals(query, receivedQuery)
         self.assertEquals(receivedResponse, None)
 
+    def testAddActionDNSName(self):
+        """
+        Basics: test if addAction accepts a DNSName
+        """
+        name = 'dnsname.addaction.powerdns.com.'
+        query = dns.message.make_query(name, 'A', 'IN')
+        expectedResponse = dns.message.make_response(query)
+        expectedResponse.set_rcode(dns.rcode.REFUSED)
+
+        (_, receivedResponse) = self.sendUDPQuery(query, response=None, useQueue=False)
+        self.assertEquals(receivedResponse, expectedResponse)
+
+    def testAddActionDNSNames(self):
+        """
+        Basics: test if addAction accepts a table of DNSNames
+        """
+        for name in ['dnsname-table{}.addaction.powerdns.com.'.format(i) for i in range(1,2)]:
+            query = dns.message.make_query(name, 'A', 'IN')
+            expectedResponse = dns.message.make_response(query)
+            expectedResponse.set_rcode(dns.rcode.REFUSED)
+
+            (_, receivedResponse) = self.sendUDPQuery(query, response=None, useQueue=False)
+            self.assertEquals(receivedResponse, expectedResponse)
 
 if __name__ == '__main__':
     unittest.main()