Set the d_priority field in the policy objects of a zone.

author Otto Moerbeek <otto.moerbeek@open-xchange.com>

Wed, 12 Feb 2020 15:49:58 +0000 (16:49 +0100)

committer Otto Moerbeek <otto.moerbeek@open-xchange.com>

Fri, 14 Feb 2020 12:39:15 +0000 (13:39 +0100)
author Otto Moerbeek <otto.moerbeek@open-xchange.com>
Wed, 12 Feb 2020 15:49:58 +0000 (16:49 +0100)
committer Otto Moerbeek <otto.moerbeek@open-xchange.com>
Fri, 14 Feb 2020 12:39:15 +0000 (13:39 +0100)
diff --git a/pdns/filterpo.cc b/pdns/filterpo.cc

index df195e4d482377a19e48337a7a5ef26264a67ad9..316c31a7dbbf5096eb471c1e81f2a34135fee66e 100644 (file)
--- a/pdns/filterpo.cc
+++ b/pdns/filterpo.cc
@@ -115,19 +115,19 @@ bool DNSFilterEngine::Zone::findExactNamedPolicy(const std::unordered_map<DNSNam
    return false;
  }
  
-DNSFilterEngine::Policy DNSFilterEngine::getProcessingPolicy(const DNSName& qname, const std::unordered_map<std::string,bool>& discardedPolicies, Priority currentPriority) const
+DNSFilterEngine::Policy DNSFilterEngine::getProcessingPolicy(const DNSName& qname, const std::unordered_map<std::string,bool>& discardedPolicies, Priority maxPriority) const
  {
    // cout<<"Got question for nameserver name "<<qname<<endl;
    std::vector<bool> zoneEnabled(d_zones.size());
    size_t count = 0;
    bool allEmpty = true;
    for (const auto& z : d_zones) {
-    if (z->getPriority() > currentPriority) {
-      break;
-    }
      bool enabled = true;
      const auto zoneName = z->getName();
-    if (zoneName && discardedPolicies.find(*zoneName) != discardedPolicies.end()) {
+    if (z->getPriority() >= maxPriority) {
+      enabled = false;
+    }
+    else if (zoneName && discardedPolicies.find(*zoneName) != discardedPolicies.end()) {
        enabled = false;
      }
      else {
@@ -158,9 +158,6 @@ DNSFilterEngine::Policy DNSFilterEngine::getProcessingPolicy(const DNSName& qnam
  
    count = 0;
    for(const auto& z : d_zones) {
-    if (z->getPriority() > currentPriority) {
-      break;
-    }
      if (!zoneEnabled[count]) {
        ++count;
        continue;
@@ -182,12 +179,12 @@ DNSFilterEngine::Policy DNSFilterEngine::getProcessingPolicy(const DNSName& qnam
    return pol;
  }
  
-DNSFilterEngine::Policy DNSFilterEngine::getProcessingPolicy(const ComboAddress& address, const std::unordered_map<std::string,bool>& discardedPolicies, Priority currentPriority) const
+DNSFilterEngine::Policy DNSFilterEngine::getProcessingPolicy(const ComboAddress& address, const std::unordered_map<std::string,bool>& discardedPolicies, Priority maxPriority) const
  {
    Policy pol;
    //  cout<<"Got question for nameserver IP "<<address.toString()<<endl;
    for(const auto& z : d_zones) {
-    if (z->getPriority() > currentPriority) {
+    if (z->getPriority() >= maxPriority) {
        break;
      }
      const auto zoneName = z->getName();
@@ -203,27 +200,28 @@ DNSFilterEngine::Policy DNSFilterEngine::getProcessingPolicy(const ComboAddress&
    return pol;
  }
  
-DNSFilterEngine::Policy DNSFilterEngine::getQueryPolicy(const DNSName& qname, const ComboAddress& ca, const std::unordered_map<std::string,bool>& discardedPolicies, Priority currentPriority) const
+DNSFilterEngine::Policy DNSFilterEngine::getQueryPolicy(const DNSName& qname, const ComboAddress& ca, const std::unordered_map<std::string,bool>& discardedPolicies, Priority maxPriority) const
  {
    // cout<<"Got question for "<<qname<<" from "<<ca.toString()<<endl;
    std::vector<bool> zoneEnabled(d_zones.size());
    size_t count = 0;
    bool allEmpty = true;
    for (const auto& z : d_zones) {
-    if (z->getPriority() > currentPriority) {
-      break;
-    }
      bool enabled = true;
-    const auto zoneName = z->getName();
-    if (zoneName && discardedPolicies.find(*zoneName) != discardedPolicies.end()) {
+    if (z->getPriority() >= maxPriority) {
        enabled = false;
-    }
-    else {
-      if (z->hasQNamePolicies() || z->hasClientPolicies()) {
-        allEmpty = false;
+    } else {
+      const auto zoneName = z->getName();
+      if (zoneName && discardedPolicies.find(*zoneName) != discardedPolicies.end()) {
+        enabled = false;
        }
        else {
-        enabled = false;
+        if (z->hasQNamePolicies() || z->hasClientPolicies()) {
+          allEmpty = false;
+        }
+        else {
+          enabled = false;
+        }
        }
      }
  
@@ -246,9 +244,6 @@ DNSFilterEngine::Policy DNSFilterEngine::getQueryPolicy(const DNSName& qname, co
  
    count = 0;
    for (const auto& z : d_zones) {
-    if (z->getPriority() > currentPriority) {
-      break;
-    }
      if (!zoneEnabled[count]) {
        ++count;
        continue;
diff --git a/pdns/filterpo.hh b/pdns/filterpo.hh

index a75f291611a1a7086a60e1d3c4939025862f71dc..d0ef6fb26f8652c9064d714c6f223a90b3ca8cd1 100644 (file)
--- a/pdns/filterpo.hh
+++ b/pdns/filterpo.hh
@@ -203,6 +203,21 @@ public:
      }
      void setPriority(Priority p) {
        d_priority = p;
+      for (auto& pol : d_qpolName) {
+        pol.second.d_priority = p;
+      }
+      for (auto& pol: d_qpolAddr) {
+        pol->second.d_priority = p;
+      }
+      for (auto& pol: d_propolName) {
+        pol.second.d_priority = p;
+      }
+      for (auto& pol: d_propolNSAddr) {
+        pol->second.d_priority = p;
+      }
+      for (auto& pol: d_postpolAddr) {
+        pol->second.d_priority = p;
+      }
      }
    private:
      static DNSName maskToRPZ(const Netmask& nm);
@@ -267,10 +282,10 @@ public:
      }
    }
  
-  Policy getQueryPolicy(const DNSName& qname, const ComboAddress& nm, const std::unordered_map<std::string,bool>& discardedPolicies, Priority Priority) const;
-  Policy getProcessingPolicy(const DNSName& qname, const std::unordered_map<std::string,bool>& discardedPolicies, Priority currentPriority) const;
-  Policy getProcessingPolicy(const ComboAddress& address, const std::unordered_map<std::string,bool>& discardedPolicies, Priority currentPriority) const;
-  Policy getPostPolicy(const vector<DNSRecord>& records, const std::unordered_map<std::string,bool>& discardedPolicies, Priority currentPriority) const;
+  Policy getQueryPolicy(const DNSName& qname, const ComboAddress& nm, const std::unordered_map<std::string,bool>& discardedPolicies, Priority maxPriority) const;
+  Policy getProcessingPolicy(const DNSName& qname, const std::unordered_map<std::string,bool>& discardedPolicies, Priority maxPriority) const;
+  Policy getProcessingPolicy(const ComboAddress& address, const std::unordered_map<std::string,bool>& discardedPolicies, Priority maxPriority) const;
+  Policy getPostPolicy(const vector<DNSRecord>& records, const std::unordered_map<std::string,bool>& discardedPolicies, Priority maxPriority) const;
  
    size_t size() const {
      return d_zones.size();
author	Otto Moerbeek <otto.moerbeek@open-xchange.com>
	Wed, 12 Feb 2020 15:49:58 +0000 (16:49 +0100)
committer	Otto Moerbeek <otto.moerbeek@open-xchange.com>
	Fri, 14 Feb 2020 12:39:15 +0000 (13:39 +0100)
pdns/filterpo.cc		patch \| blob \| blame \| history
pdns/filterpo.hh		patch \| blob \| blame \| history