pdns/doh.hh

   1 #pragma once
   2 #include "iputils.hh"
   3
   4 struct DOHServerConfig;
   5
   6 struct DOHFrontend
   7 {
   8   std::shared_ptr<DOHServerConfig> d_dsc{nullptr};
   9   std::vector<std::pair<std::string, std::string>> d_certKeyPairs;
  10   std::string d_ciphers;
  11   std::string d_ciphers13;
  12   std::string d_serverTokens{"h2o/dnsdist"};
  13   ComboAddress d_local;
  14
  15   uint32_t d_idleTimeout{30};             // HTTP idle timeout in seconds
  16   std::vector<std::string> d_urls;
  17
  18   std::atomic<uint64_t> d_httpconnects;   // number of TCP/IP connections established
  19   std::atomic<uint64_t> d_tls10queries;   // valid DNS queries received via TLSv1.0
  20   std::atomic<uint64_t> d_tls11queries;   // valid DNS queries received via TLSv1.1
  21   std::atomic<uint64_t> d_tls12queries;   // valid DNS queries received via TLSv1.2
  22   std::atomic<uint64_t> d_tls13queries;   // valid DNS queries received via TLSv1.3
  23   std::atomic<uint64_t> d_tlsUnknownqueries;   // valid DNS queries received via unknown TLS version
  24
  25   std::atomic<uint64_t> d_getqueries;     // valid DNS queries received via GET
  26   std::atomic<uint64_t> d_postqueries;    // valid DNS queries received via POST
  27   std::atomic<uint64_t> d_badrequests;     // request could not be converted to dns query
  28   std::atomic<uint64_t> d_errorresponses; // dnsdist set 'error' on response
  29   std::atomic<uint64_t> d_validresponses; // valid responses sent out
  30
  31   struct HTTPVersionStats
  32   {
  33     std::atomic<uint64_t> d_nbQueries{0}; // valid DNS queries received
  34     std::atomic<uint64_t> d_nb200Responses{0};
  35     std::atomic<uint64_t> d_nb400Responses{0};
  36     std::atomic<uint64_t> d_nb403Responses{0};
  37     std::atomic<uint64_t> d_nb500Responses{0};
  38     std::atomic<uint64_t> d_nb502Responses{0};
  39     std::atomic<uint64_t> d_nbOtherResponses{0};
  40   };
  41
  42   HTTPVersionStats d_http1Stats;
  43   HTTPVersionStats d_http2Stats;
  44
  45 #ifndef HAVE_DNS_OVER_HTTPS
  46   void setup()
  47   {
  48   }
  49
  50   void reloadCertificates()
  51   {
  52   }
  53 #else
  54   void setup();
  55   void reloadCertificates();
  56 #endif /* HAVE_DNS_OVER_HTTPS */
  57 };
  58
  59 #ifndef HAVE_DNS_OVER_HTTPS
  60 struct DOHUnit
  61 {
  62 };
  63
  64 #else /* HAVE_DNS_OVER_HTTPS */
  65 struct st_h2o_req_t;
  66
  67 struct DOHUnit
  68 {
  69   std::string query;
  70   std::string response;
  71   ComboAddress remote;
  72   ComboAddress dest;
  73   st_h2o_req_t* req{nullptr};
  74   DOHUnit** self{nullptr};
  75   int rsock;
  76   uint16_t qtype;
  77   /* the error and status_code are set from
  78      processDOHQuery() (which is executed in
  79      the DOH client thread) so that the correct
  80      response can be sent in on_dnsdist(),
  81      after the DOHUnit has been passed back to
  82      the main DoH thread.
  83   */
  84   uint16_t status_code{0};
  85   bool error{false};
  86   bool ednsAdded{false};
  87 };
  88
  89 #endif /* HAVE_DNS_OVER_HTTPS  */
  90
  91 void handleDOHTimeout(DOHUnit* oldDU);