{ "getTLSContext", true, "n", "returns the TLS context with index n" },
{ "getTLSFrontend", true, "n", "returns the TLS frontend with index n" },
{ "HTTPHeaderRule", true, "name, regex", "matches DoH queries with a HTTP header 'name' whose content matches the regular expression 'regex'"},
+ { "HTTPPathRegexRule", true, "regex", "matches DoH queries whose HTTP path matches 'regex'"},
{ "HTTPPathRule", true, "path", "matches DoH queries whose HTTP path is an exact match to 'path'"},
{ "inClientStartup", true, "", "returns true during console client parsing of configuration" },
{ "includeDirectory", true, "path", "nclude configuration files from `path`" },
g_lua.writeFunction("HTTPPathRule", [](const std::string& path) {
return std::shared_ptr<DNSRule>(new HTTPPathRule(path));
});
+ g_lua.writeFunction("HTTPPathRegexRule", [](const std::string& regex) {
+ return std::shared_ptr<DNSRule>(new HTTPPathRegexRule(regex));
+ });
#endif
#ifdef HAVE_RE2
private:
string d_path;
};
+
+class HTTPPathRegexRule : public DNSRule
+{
+public:
+ HTTPPathRegexRule(const std::string& regex);
+ bool matches(const DNSQuestion* dq) const override;
+ string toString() const override;
+private:
+ Regex d_regex;
+ std::string d_visual;
+};
#endif
class SNIRule : public DNSRule
:param str name: The case-insensitive name of the HTTP header to match on
:param str regex: A regular expression to match the content of the specified header
+.. function:: HTTPPathRegexRule(regex)
+ .. versionadded:: 1.4.0
+
+ Matches DNS over HTTPS queries with a HTTP path matching the regular expression supplied in ``regex``. For example, if the query has been sent to the https://192.0.2.1:443/PowerDNS?dns=... URL, the path would be '/PowerDNS'.
+
+ :param str regex: The regex to match on
+
.. function:: HTTPPathRule(path)
.. versionadded:: 1.4.0
d_visual = "http[" + header+ "] ~ " + regex;
}
+
bool HTTPHeaderRule::matches(const DNSQuestion* dq) const
{
if(!dq->du) {
return "url path == " + d_path;
}
+HTTPPathRegexRule::HTTPPathRegexRule(const std::string& regex): d_regex(regex), d_visual("http path ~ " + regex)
+{
+}
+
+bool HTTPPathRegexRule::matches(const DNSQuestion* dq) const
+{
+ if(!dq->du) {
+ return false;
+ }
+
+ if(dq->du->req->query_at == SIZE_MAX) {
+ return d_regex.match(std::string(dq->du->req->path.base, dq->du->req->path.len));
+ }
+ else {
+ cerr<<std::string(dq->du->req->path.base, dq->du->req->path.len - dq->du->req->query_at)<<endl;
+ return d_regex.match(std::string(dq->du->req->path.base, dq->du->req->path.len - dq->du->req->query_at));
+ }
+}
+
+string HTTPPathRegexRule::toString() const
+{
+ return d_visual;
+}
+
void dnsdistclient(int qsock, int rsock)
{
setThreadName("dnsdist/doh-cli");
projects / thirdparty / pdns.git / commitdiff
