dnsdist: Clean up parameter types in Lua bindings

author Remi Gacogne <remi.gacogne@powerdns.com>

Fri, 12 Nov 2021 14:59:45 +0000 (15:59 +0100)

committer Remi Gacogne <remi.gacogne@powerdns.com>

Wed, 22 Dec 2021 08:30:44 +0000 (09:30 +0100)
author Remi Gacogne <remi.gacogne@powerdns.com>
Fri, 12 Nov 2021 14:59:45 +0000 (15:59 +0100)
committer Remi Gacogne <remi.gacogne@powerdns.com>
Wed, 22 Dec 2021 08:30:44 +0000 (09:30 +0100)
diff --git a/pdns/dnsdist-lua-bindings-dnsquestion.cc b/pdns/dnsdist-lua-bindings-dnsquestion.cc

index 9d2033139ceba5c2528b5c3f0eca4ab9cda79b10..2baa1c9bdcd02a18ca64e6b3d476f63d41245fa9 100644 (file)
--- a/pdns/dnsdist-lua-bindings-dnsquestion.cc
+++ b/pdns/dnsdist-lua-bindings-dnsquestion.cc
@@ -114,7 +114,7 @@ void setupLuaBindingsDNSQuestion(LuaContext& luaCtx)
        return *dq.qTag;
      });
  
-  luaCtx.registerFunction<void(DNSQuestion::*)(std::vector<std::pair<uint8_t, std::string>>)>("setProxyProtocolValues", [](DNSQuestion& dq, const std::vector<std::pair<uint8_t, std::string>>& values) {
+  luaCtx.registerFunction<void(DNSQuestion::*)(std::vector<std::pair<int, std::string>>)>("setProxyProtocolValues", [](DNSQuestion& dq, const std::vector<std::pair<int, std::string>>& values) {
      if (!dq.proxyProtocolValues) {
        dq.proxyProtocolValues = make_unique<std::vector<ProxyProtocolValue>>();
      }
@@ -122,24 +122,26 @@ void setupLuaBindingsDNSQuestion(LuaContext& luaCtx)
      dq.proxyProtocolValues->clear();
      dq.proxyProtocolValues->reserve(values.size());
      for (const auto& value : values) {
-      dq.proxyProtocolValues->push_back({value.second, value.first});
+      checkParameterBound("setProxyProtocolValues", value.first, std::numeric_limits<uint8_t>::max());
+      dq.proxyProtocolValues->push_back({value.second, static_cast<uint8_t>(value.first)});
      }
    });
  
-  luaCtx.registerFunction<void(DNSQuestion::*)(uint8_t, std::string)>("addProxyProtocolValue", [](DNSQuestion& dq, uint8_t type, std::string value) {
+  luaCtx.registerFunction<void(DNSQuestion::*)(uint64_t, std::string)>("addProxyProtocolValue", [](DNSQuestion& dq, uint64_t type, std::string value) {
+    checkParameterBound("addProxyProtocolValue", type, std::numeric_limits<uint8_t>::max());
      if (!dq.proxyProtocolValues) {
        dq.proxyProtocolValues = make_unique<std::vector<ProxyProtocolValue>>();
      }
  
-    dq.proxyProtocolValues->push_back({value, type});
+    dq.proxyProtocolValues->push_back({value, static_cast<uint8_t>(type)});
    });
  
-  luaCtx.registerFunction<std::vector<std::pair<uint8_t, std::string>>(DNSQuestion::*)()>("getProxyProtocolValues", [](const DNSQuestion& dq) {
+  luaCtx.registerFunction<std::vector<std::pair<int, std::string>>(DNSQuestion::*)()>("getProxyProtocolValues", [](const DNSQuestion& dq) {
      if (!dq.proxyProtocolValues) {
-      return std::vector<std::pair<uint8_t, std::string>>();
+      return std::vector<std::pair<int, std::string>>();
      }
  
-    std::vector<std::pair<uint8_t, std::string>> result;
+    std::vector<std::pair<int, std::string>> result;
      result.resize(dq.proxyProtocolValues->size());
      for (const auto& value : *dq.proxyProtocolValues) {
        result.push_back({ value.type, value.content });
@@ -285,16 +287,23 @@ void setupLuaBindingsDNSQuestion(LuaContext& luaCtx)
        return dq.du->getHTTPHeaders();
      });
  
-    luaCtx.registerFunction<void(DNSQuestion::*)(uint16_t statusCode, const std::string& body, const boost::optional<std::string> contentType)>("setHTTPResponse", [](DNSQuestion& dq, uint16_t statusCode, const std::string& body, const boost::optional<std::string> contentType) {
+    luaCtx.registerFunction<void(DNSQuestion::*)(uint64_t statusCode, const std::string& body, const boost::optional<std::string> contentType)>("setHTTPResponse", [](DNSQuestion& dq, uint64_t statusCode, const std::string& body, const boost::optional<std::string> contentType) {
        if (dq.du == nullptr) {
          return;
        }
+      checkParameterBound("DNSQuestion::setHTTPResponse", statusCode, std::numeric_limits<uint16_t>::max());
        PacketBuffer vect(body.begin(), body.end());
        dq.du->setHTTPResponse(statusCode, std::move(vect), contentType ? *contentType : "");
      });
  #endif /* HAVE_DNS_OVER_HTTPS */
  
-  luaCtx.registerFunction<bool(DNSQuestion::*)(bool nxd, const std::string& zone, uint32_t ttl, const std::string& mname, const std::string& rname, uint32_t serial, uint32_t refresh, uint32_t retry, uint32_t expire, uint32_t minimum)>("setNegativeAndAdditionalSOA", [](DNSQuestion& dq, bool nxd, const std::string& zone, uint32_t ttl, const std::string& mname, const std::string& rname, uint32_t serial, uint32_t refresh, uint32_t retry, uint32_t expire, uint32_t minimum) {
+  luaCtx.registerFunction<bool(DNSQuestion::*)(bool nxd, const std::string& zone, uint64_t ttl, const std::string& mname, const std::string& rname, uint64_t serial, uint64_t refresh, uint64_t retry, uint64_t expire, uint64_t minimum)>("setNegativeAndAdditionalSOA", [](DNSQuestion& dq, bool nxd, const std::string& zone, uint64_t ttl, const std::string& mname, const std::string& rname, uint64_t serial, uint64_t refresh, uint64_t retry, uint64_t expire, uint64_t minimum) {
+      checkParameterBound("setNegativeAndAdditionalSOA", ttl, std::numeric_limits<uint32_t>::max());
+      checkParameterBound("setNegativeAndAdditionalSOA", serial, std::numeric_limits<uint32_t>::max());
+      checkParameterBound("setNegativeAndAdditionalSOA", refresh, std::numeric_limits<uint32_t>::max());
+      checkParameterBound("setNegativeAndAdditionalSOA", retry, std::numeric_limits<uint32_t>::max());
+      checkParameterBound("setNegativeAndAdditionalSOA", expire, std::numeric_limits<uint32_t>::max());
+      checkParameterBound("setNegativeAndAdditionalSOA", minimum, std::numeric_limits<uint32_t>::max());
        return setNegativeAndAdditionalSOA(dq, nxd, DNSName(zone), ttl, DNSName(mname), DNSName(rname), serial, refresh, retry, expire, minimum);
      });
  }
diff --git a/pdns/dnsdist-lua-bindings.cc b/pdns/dnsdist-lua-bindings.cc

index 5e51e192649cda19b375d9d3494764980f9c14af..265f712aad4989c65d70b66a806530a02308b68a 100644 (file)
--- a/pdns/dnsdist-lua-bindings.cc
+++ b/pdns/dnsdist-lua-bindings.cc
@@ -594,7 +594,8 @@ void setupLuaBindings(LuaContext& luaCtx, bool client)
      return values;
    });
  
-  luaCtx.writeFunction("newDOHResponseMapEntry", [](const std::string& regex, uint16_t status, const std::string& content, boost::optional<std::map<std::string, std::string>> customHeaders) {
+  luaCtx.writeFunction("newDOHResponseMapEntry", [](const std::string& regex, uint64_t status, const std::string& content, boost::optional<std::map<std::string, std::string>> customHeaders) {
+    checkParameterBound("newDOHResponseMapEntry", status, std::numeric_limits<uint16_t>::max());
      boost::optional<std::vector<std::pair<std::string, std::string>>> headers{boost::none};
      if (customHeaders) {
        headers = std::vector<std::pair<std::string, std::string>>();
@@ -605,8 +606,9 @@ void setupLuaBindings(LuaContext& luaCtx, bool client)
      return std::make_shared<DOHResponseMapEntry>(regex, status, PacketBuffer(content.begin(), content.end()), headers);
    });
  
-  luaCtx.writeFunction("newSVCRecordParameters", [](uint16_t priority, const std::string& target, boost::optional<svcParamsLua_t> additionalParameters)
+  luaCtx.writeFunction("newSVCRecordParameters", [](uint64_t priority, const std::string& target, boost::optional<svcParamsLua_t> additionalParameters)
    {
+    checkParameterBound("newSVCRecordParameters", priority, std::numeric_limits<uint16_t>::max());
      SVCRecordParameters parameters;
      if (additionalParameters) {
        parameters = parseSVCParameters(*additionalParameters);
diff --git a/pdns/dnsdist-lua-rules.cc b/pdns/dnsdist-lua-rules.cc

index 19eec4ca66229a01c5946ed83bee72ee7ba09371..bc17df30e7d1a86b615dbb16d74a573d243fbf0c 100644 (file)
--- a/pdns/dnsdist-lua-rules.cc
+++ b/pdns/dnsdist-lua-rules.cc
@@ -75,10 +75,10 @@ void parseRuleParams(boost::optional<luaruleparams_t> params, boost::uuids::uuid
  
    if (params) {
      if (params->count("uuid")) {
-      uuidStr = boost::get<std::string>((*params)["uuid"]);
+      uuidStr = params->at("uuid");
      }
      if (params->count("name")) {
-      name = boost::get<std::string>((*params)["name"]);
+      name = params->at("name");
      }
    }
  
diff --git a/pdns/dnsdist-lua.cc b/pdns/dnsdist-lua.cc

index e37b998c6bc138aace267342ada2f5322870cb30..f45682216837f81a2f545458857839c947ffffd7 100644 (file)
--- a/pdns/dnsdist-lua.cc
+++ b/pdns/dnsdist-lua.cc
@@ -101,9 +101,9 @@ void resetLuaSideEffect()
    g_noLuaSideEffect = boost::logic::indeterminate;
  }
  
-typedef std::unordered_map<std::string, boost::variant<bool, int, std::string, std::vector<std::pair<int, int>>, std::vector<std::pair<int, std::string>>, std::map<std::string, std::string>>> localbind_t;
+typedef std::unordered_map<std::string, boost::variant<bool, int, std::string, std::vector<std::pair<int, int>>, std::vector<std::pair<int, std::string>>, std::vector<std::pair<std::string, std::string>>>> localbind_t;
  
-static void parseLocalBindVars(boost::optional<localbind_t> vars, bool& reusePort, int& tcpFastOpenQueueSize, std::string& interface, std::set<int>& cpus, int& tcpListenQueueSize, size_t& maxInFlightQueriesPerConnection, size_t& tcpMaxConcurrentConnections)
+static void parseLocalBindVars(boost::optional<localbind_t> vars, bool& reusePort, int& tcpFastOpenQueueSize, std::string& interface, std::set<int>& cpus, int& tcpListenQueueSize, uint64_t& maxInFlightQueriesPerConnection, uint64_t& tcpMaxConcurrentConnections)
  {
    if (vars) {
      if (vars->count("reusePort")) {
@@ -257,7 +257,7 @@ static void parseTLSConfig(TLSConfig& config, const std::string& context, boost:
  
  #endif // defined(HAVE_DNS_OVER_TLS) || defined(HAVE_DNS_OVER_HTTPS)
  
-static void checkParameterBound(const std::string& parameter, uint64_t value, size_t max = std::numeric_limits<uint16_t>::max())
+void checkParameterBound(const std::string& parameter, uint64_t value, size_t max)
  {
    if (value > max) {
      throw std::runtime_error("The value (" + std::to_string(value) + ") passed to " + parameter + " is too large, the maximum is " + std::to_string(max));
@@ -920,7 +920,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck)
      return *poolServers;
    });
  
-  luaCtx.writeFunction("getServer", [client](boost::variant<unsigned int, std::string> i) {
+  luaCtx.writeFunction("getServer", [client](boost::variant<int, std::string> i) {
      if (client) {
        return std::make_shared<DownstreamState>(ComboAddress());
      }
@@ -933,7 +933,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck)
          }
        }
      }
-    else if (auto pos = boost::get<unsigned int>(&i)) {
+    else if (auto pos = boost::get<int>(&i)) {
        return states.at(*pos);
      }
  
@@ -942,19 +942,19 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck)
    });
  
  #ifndef DISABLE_CARBON
-  luaCtx.writeFunction("carbonServer", [](const std::string& address, boost::optional<string> ourName, boost::optional<unsigned int> interval, boost::optional<string> namespace_name, boost::optional<string> instance_name) {
+  luaCtx.writeFunction("carbonServer", [](const std::string& address, boost::optional<string> ourName, boost::optional<uint64_t> interval, boost::optional<string> namespace_name, boost::optional<string> instance_name) {
      setLuaSideEffect();
      auto ours = g_carbon.getCopy();
      ours.push_back({ComboAddress(address, 2003),
                      (namespace_name && !namespace_name->empty()) ? *namespace_name : "dnsdist",
                      ourName ? *ourName : "",
                      (instance_name && !instance_name->empty()) ? *instance_name : "main",
-                    interval ? *interval : 30});
+                    (interval && *interval < std::numeric_limits<unsigned int>::max())  ? static_cast<unsigned int>(*interval) : 30});
      g_carbon.setState(ours);
    });
  #endif /* DISABLE_CARBON */
  
-  luaCtx.writeFunction("webserver", [client, configCheck](const std::string& address, boost::optional<std::string> password, boost::optional<std::string> apiKey, const boost::optional<std::map<std::string, std::string>> customHeaders, const boost::optional<std::string> acl) {
+  luaCtx.writeFunction("webserver", [client, configCheck](const std::string& address, boost::optional<std::string> password, boost::optional<std::string> apiKey, const boost::optional<std::unordered_map<std::string, std::string>> customHeaders, const boost::optional<std::string> acl) {
      setLuaSideEffect();
      ComboAddress local;
      try {
@@ -1015,7 +1015,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck)
      }
    });
  
-  typedef std::unordered_map<std::string, boost::variant<bool, std::string, std::map<std::string, std::string>>> webserveropts_t;
+  typedef std::unordered_map<std::string, boost::variant<bool, std::string, std::unordered_map<std::string, std::string>>> webserveropts_t;
  
    luaCtx.writeFunction("setWebserverConfig", [](boost::optional<webserveropts_t> vars) {
      setLuaSideEffect();
@@ -1056,7 +1056,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck)
      }
  
      if (vars->count("customHeaders")) {
-      const boost::optional<std::map<std::string, std::string>> headers = boost::get<std::map<std::string, std::string>>(vars->at("customHeaders"));
+      const auto headers = boost::get<std::unordered_map<std::string, std::string>>(vars->at("customHeaders"));
  
        setWebserverCustomHeaders(headers);
      }
@@ -1162,7 +1162,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck)
      }
    });
  
-  luaCtx.writeFunction("setConsoleMaximumConcurrentConnections", [](size_t max) {
+  luaCtx.writeFunction("setConsoleMaximumConcurrentConnections", [](uint64_t max) {
      setLuaSideEffect();
      setConsoleMaximumConcurrentConnections(max);
    });
@@ -1179,7 +1179,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck)
      g_outputBuffer = (fmt % size).str();
    });
  
-  luaCtx.writeFunction("getQueryCounters", [](boost::optional<unsigned int> optMax) {
+  luaCtx.writeFunction("getQueryCounters", [](boost::optional<uint64_t> optMax) {
      setLuaNoSideEffect();
      auto records = g_qcount.records.read_lock();
      g_outputBuffer = "query counting is currently: ";
@@ -1187,8 +1187,8 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck)
      g_outputBuffer += (boost::format(" (%d records in buffer)\n") % records->size()).str();
  
      boost::format fmt("%-3d %s: %d request(s)\n");
-    unsigned int max = optMax ? *optMax : 10;
-    unsigned int index{1};
+    uint64_t max = optMax ? *optMax : 10U;
+    uint64_t index{1};
      for (auto it = records->begin(); it != records->end() && index <= max; ++it, ++index) {
        g_outputBuffer += (fmt % index % it->first % it->second).str();
      }
@@ -1302,7 +1302,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck)
      }
    });
  
-  luaCtx.writeFunction("setMaxTCPQueriesPerConnection", [](size_t max) {
+  luaCtx.writeFunction("setMaxTCPQueriesPerConnection", [](uint64_t max) {
      if (!g_configurationDone) {
        g_maxTCPQueriesPerConn = max;
      }
@@ -1311,7 +1311,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck)
      }
    });
  
-  luaCtx.writeFunction("setMaxTCPConnectionsPerClient", [](size_t max) {
+  luaCtx.writeFunction("setMaxTCPConnectionsPerClient", [](uint64_t max) {
      if (!g_configurationDone) {
        g_maxTCPConnectionsPerClient = max;
      }
@@ -1320,7 +1320,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck)
      }
    });
  
-  luaCtx.writeFunction("setMaxTCPConnectionDuration", [](size_t max) {
+  luaCtx.writeFunction("setMaxTCPConnectionDuration", [](uint64_t max) {
      if (!g_configurationDone) {
        g_maxTCPConnectionDuration = max;
      }
@@ -1329,11 +1329,11 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck)
      }
    });
  
-  luaCtx.writeFunction("setMaxCachedTCPConnectionsPerDownstream", [](size_t max) {
+  luaCtx.writeFunction("setMaxCachedTCPConnectionsPerDownstream", [](uint64_t max) {
      DownstreamTCPConnectionsManager::setMaxIdleConnectionsPerDownstream(max);
    });
  
-  luaCtx.writeFunction("setMaxIdleDoHConnectionsPerDownstream", [](size_t max) {
+  luaCtx.writeFunction("setMaxIdleDoHConnectionsPerDownstream", [](uint64_t max) {
      setDoHDownstreamMaxIdleConnectionsPerBackend(max);
    });
  
@@ -1380,11 +1380,17 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck)
      g_cacheCleaningDelay = delay;
    });
  
-  luaCtx.writeFunction("setCacheCleaningPercentage", [](uint16_t percentage) { if (percentage < 100) g_cacheCleaningPercentage = percentage; else g_cacheCleaningPercentage = 100; });
+  luaCtx.writeFunction("setCacheCleaningPercentage", [](uint64_t percentage) { if (percentage < 100) g_cacheCleaningPercentage = percentage; else g_cacheCleaningPercentage = 100; });
  
-  luaCtx.writeFunction("setECSSourcePrefixV4", [](uint16_t prefix) { g_ECSSourcePrefixV4 = prefix; });
+  luaCtx.writeFunction("setECSSourcePrefixV4", [](uint64_t prefix) {
+    checkParameterBound("setECSSourcePrefixV4", prefix, std::numeric_limits<uint16_t>::max());
+    g_ECSSourcePrefixV4 = prefix;
+  });
  
-  luaCtx.writeFunction("setECSSourcePrefixV6", [](uint16_t prefix) { g_ECSSourcePrefixV6 = prefix; });
+  luaCtx.writeFunction("setECSSourcePrefixV6", [](uint64_t prefix) {
+    checkParameterBound("setECSSourcePrefixV6", prefix, std::numeric_limits<uint16_t>::max());
+    g_ECSSourcePrefixV6 = prefix;
+  });
  
    luaCtx.writeFunction("setECSOverride", [](bool override) { g_ECSOverride = override; });
  
@@ -1465,7 +1471,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck)
                         });
  
    luaCtx.writeFunction("addDynBlockSMT",
-                       [](const vector<pair<unsigned int, string>>& names, const std::string& msg, boost::optional<int> seconds, boost::optional<DNSAction::Action> action) {
+                       [](const vector<pair<int, string>>& names, const std::string& msg, boost::optional<int> seconds, boost::optional<DNSAction::Action> action) {
                           if (names.empty()) {
                             return;
                           }
@@ -1516,7 +1522,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck)
      }
    });
  
-  luaCtx.writeFunction("setDynBlocksPurgeInterval", [](unsigned int interval) {
+  luaCtx.writeFunction("setDynBlocksPurgeInterval", [](uint64_t interval) {
      DynBlockMaintenance::s_expiredDynBlocksPurgeInterval = interval;
    });
  
@@ -1620,7 +1626,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck)
  #endif
    });
  
-  luaCtx.writeFunction("getDNSCryptBind", [](size_t idx) {
+  luaCtx.writeFunction("getDNSCryptBind", [](uint64_t idx) {
      setLuaNoSideEffect();
  #ifdef HAVE_DNSCRYPT
      std::shared_ptr<DNSCryptContext> ret = nullptr;
@@ -1716,7 +1722,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck)
      }
    });
  
-  luaCtx.writeFunction("getBind", [](size_t num) {
+  luaCtx.writeFunction("getBind", [](uint64_t num) {
      setLuaNoSideEffect();
      ClientState* ret = nullptr;
      if (num < g_frontends.size()) {
@@ -1942,7 +1948,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck)
      }
    });
  
-  luaCtx.writeFunction("setRingBuffersSize", [client](size_t capacity, boost::optional<size_t> numberOfShards) {
+  luaCtx.writeFunction("setRingBuffersSize", [client](uint64_t capacity, boost::optional<uint64_t> numberOfShards) {
      setLuaSideEffect();
      if (g_configurationDone) {
        errlog("setRingBuffersSize() cannot be used at runtime!");
@@ -1957,7 +1963,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck)
      }
    });
  
-  luaCtx.writeFunction("setRingBuffersLockRetries", [](size_t retries) {
+  luaCtx.writeFunction("setRingBuffersLockRetries", [](uint64_t retries) {
      setLuaSideEffect();
      g_rings.setNumberOfLockRetries(retries);
    });
@@ -1968,7 +1974,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck)
      g_hashperturb = perturb;
    });
  
-  luaCtx.writeFunction("setTCPInternalPipeBufferSize", [](size_t size) { g_tcpInternalPipeBufferSize = size; });
+  luaCtx.writeFunction("setTCPInternalPipeBufferSize", [](uint64_t size) { g_tcpInternalPipeBufferSize = size; });
  
    luaCtx.writeFunction("snmpAgent", [client, configCheck](bool enableTraps, boost::optional<std::string> daemonSocket) {
      if (client || configCheck)
@@ -2130,7 +2136,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck)
      g_applyACLToProxiedClients = apply;
    });
  
-  luaCtx.writeFunction("setProxyProtocolMaximumPayloadSize", [](size_t size) {
+  luaCtx.writeFunction("setProxyProtocolMaximumPayloadSize", [](uint64_t size) {
      if (g_configurationDone) {
        errlog("setProxyProtocolMaximumPayloadSize() cannot be used at runtime!");
        g_outputBuffer = "setProxyProtocolMaximumPayloadSize() cannot be used at runtime!\n";
@@ -2140,7 +2146,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck)
      g_proxyProtocolMaximumSize = std::max(static_cast<size_t>(16), size);
    });
  
-  luaCtx.writeFunction("setUDPMultipleMessagesVectorSize", [](size_t vSize) {
+  luaCtx.writeFunction("setUDPMultipleMessagesVectorSize", [](uint64_t vSize) {
      if (g_configurationDone) {
        errlog("setUDPMultipleMessagesVectorSize() cannot be used at runtime!");
        g_outputBuffer = "setUDPMultipleMessagesVectorSize() cannot be used at runtime!\n";
@@ -2159,7 +2165,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck)
      g_addEDNSToSelfGeneratedResponses = add;
    });
  
-  luaCtx.writeFunction("setPayloadSizeOnSelfGeneratedAnswers", [](uint16_t payloadSize) {
+  luaCtx.writeFunction("setPayloadSizeOnSelfGeneratedAnswers", [](uint64_t payloadSize) {
      if (payloadSize < 512) {
        warnlog("setPayloadSizeOnSelfGeneratedAnswers() is set too low, using 512 instead!");
        g_outputBuffer = "setPayloadSizeOnSelfGeneratedAnswers() is set too low, using 512 instead!";
@@ -2336,7 +2342,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck)
        }
  
        if (vars->count("customResponseHeaders")) {
-        for (auto const& headerMap : boost::get<std::map<std::string, std::string>>((*vars).at("customResponseHeaders"))) {
+        for (auto const& headerMap : boost::get<std::vector<std::pair<std::string, std::string>>>((*vars).at("customResponseHeaders"))) {
            frontend->d_customResponseHeaders.emplace_back(boost::to_lower_copy(headerMap.first), headerMap.second);
          }
        }
@@ -2431,7 +2437,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck)
  #endif
    });
  
-  luaCtx.writeFunction("getDOHFrontend", [client](size_t index) {
+  luaCtx.writeFunction("getDOHFrontend", [client](uint64_t index) {
      std::shared_ptr<DOHFrontend> result = nullptr;
      if (client) {
        return result;
@@ -2490,7 +2496,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck)
      }
    });
  
-  luaCtx.registerFunction<void (std::shared_ptr<DOHFrontend>::*)(const std::map<int, std::shared_ptr<DOHResponseMapEntry>>&)>("setResponsesMap", [](std::shared_ptr<DOHFrontend> frontend, const std::map<int, std::shared_ptr<DOHResponseMapEntry>>& map) {
+  luaCtx.registerFunction<void (std::shared_ptr<DOHFrontend>::*)(const std::vector<std::pair<int, std::shared_ptr<DOHResponseMapEntry>>>&)>("setResponsesMap", [](std::shared_ptr<DOHFrontend> frontend, const std::vector<std::pair<int, std::shared_ptr<DOHResponseMapEntry>>>& map) {
      if (frontend != nullptr) {
        auto newMap = std::make_shared<std::vector<std::shared_ptr<DOHResponseMapEntry>>>();
        newMap->reserve(map.size());
@@ -2598,7 +2604,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck)
  #endif
    });
  
-  luaCtx.writeFunction("getTLSContext", [](size_t index) {
+  luaCtx.writeFunction("getTLSContext", [](uint64_t index) {
      std::shared_ptr<TLSCtx> result = nullptr;
  #ifdef HAVE_DNS_OVER_TLS
      setLuaNoSideEffect();
@@ -2621,7 +2627,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck)
      return result;
    });
  
-  luaCtx.writeFunction("getTLSFrontend", [](size_t index) {
+  luaCtx.writeFunction("getTLSFrontend", [](uint64_t index) {
      std::shared_ptr<TLSFrontend> result = nullptr;
  #ifdef HAVE_DNS_OVER_TLS
      setLuaNoSideEffect();
@@ -2737,7 +2743,7 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck)
    });
  #endif /* HAVE_LIBSSL && HAVE_OCSP_BASIC_SIGN*/
  
-  luaCtx.writeFunction("addCapabilitiesToRetain", [](boost::variant<std::string, std::map<int, std::string>> caps) {
+  luaCtx.writeFunction("addCapabilitiesToRetain", [](boost::variant<std::string, std::vector<std::pair<int, std::string>>> caps) {
      setLuaSideEffect();
      if (g_configurationDone) {
        g_outputBuffer = "addCapabilitiesToRetain cannot be used at runtime!\n";
@@ -2746,8 +2752,8 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck)
      if (caps.type() == typeid(std::string)) {
        g_capabilitiesToRetain.insert(boost::get<std::string>(caps));
      }
-    else if (caps.type() == typeid(std::map<int, std::string>)) {
-      for (const auto& cap : boost::get<std::map<int, std::string>>(caps)) {
+    else if (caps.type() == typeid(std::vector<std::pair<int, std::string>>)) {
+      for (const auto& cap : boost::get<std::vector<std::pair<int, std::string>>>(caps)) {
          g_capabilitiesToRetain.insert(cap.second);
        }
      }
diff --git a/pdns/dnsdist-lua.hh b/pdns/dnsdist-lua.hh

index 9611963c06b6e830adc69d2aa7b0b7f7c65f31e2..32eefa5bcc5a88a6d02ae697e03bcaf62db2b4f4 100644 (file)
--- a/pdns/dnsdist-lua.hh
+++ b/pdns/dnsdist-lua.hh
@@ -131,8 +131,9 @@ private:
  
  typedef boost::variant<string, vector<pair<int, string>>, std::shared_ptr<DNSRule>, DNSName, vector<pair<int, DNSName> > > luadnsrule_t;
  std::shared_ptr<DNSRule> makeRule(const luadnsrule_t& var);
-typedef std::unordered_map<std::string, boost::variant<std::string> > luaruleparams_t;
+typedef std::unordered_map<std::string, std::string> luaruleparams_t;
  void parseRuleParams(boost::optional<luaruleparams_t> params, boost::uuids::uuid& uuid, std::string& name, uint64_t& creationOrder);
+void checkParameterBound(const std::string& parameter, uint64_t value, size_t max = std::numeric_limits<uint16_t>::max());
  
  typedef NetmaskTree<DynBlock, AddressAndPortRange> nmts_t;
  
diff --git a/pdns/dnsdist-web.cc b/pdns/dnsdist-web.cc

index 52972c20e8c90f2d06736f9fbaf4bcd3687d1c2f..81e6af180830972d786b4c765fb2c3cc00a01769 100644 (file)
--- a/pdns/dnsdist-web.cc
+++ b/pdns/dnsdist-web.cc
@@ -52,7 +52,7 @@ struct WebserverConfig
    NetmaskGroup acl;
    std::unique_ptr<CredentialsHolder> password;
    std::unique_ptr<CredentialsHolder> apiKey;
-  boost::optional<std::map<std::string, std::string> > customHeaders;
+  boost::optional<std::unordered_map<std::string, std::string> > customHeaders;
    bool statsRequireAuthentication{true};
  };
  
@@ -354,7 +354,7 @@ static void handleCORS(const YaHTTP::Request& req, YaHTTP::Response& resp)
    }
  }
  
-static void addSecurityHeaders(YaHTTP::Response& resp, const boost::optional<std::map<std::string, std::string> >& customHeaders)
+static void addSecurityHeaders(YaHTTP::Response& resp, const boost::optional<std::unordered_map<std::string, std::string> >& customHeaders)
  {
    static const std::vector<std::pair<std::string, std::string> > headers = {
      { "X-Content-Type-Options", "nosniff" },
@@ -375,7 +375,7 @@ static void addSecurityHeaders(YaHTTP::Response& resp, const boost::optional<std
    }
  }
  
-static void addCustomHeaders(YaHTTP::Response& resp, const boost::optional<std::map<std::string, std::string> >& customHeaders)
+static void addCustomHeaders(YaHTTP::Response& resp, const boost::optional<std::unordered_map<std::string, std::string> >& customHeaders)
  {
    if (!customHeaders)
      return;
@@ -1537,7 +1537,7 @@ void setWebserverACL(const std::string& acl)
    g_webserverConfig.lock()->acl = std::move(newACL);
  }
  
-void setWebserverCustomHeaders(const boost::optional<std::map<std::string, std::string> > customHeaders)
+void setWebserverCustomHeaders(const boost::optional<std::unordered_map<std::string, std::string> > customHeaders)
  {
    g_webserverConfig.lock()->customHeaders = customHeaders;
  }
diff --git a/pdns/dnsdistdist/dnsdist-web.hh b/pdns/dnsdistdist/dnsdist-web.hh

index c119eee11d9e926f7ae86728f5fbfd81ad12742d..e021e5866c7d00af4eaed8d616ebbf7e254ce949 100644 (file)
--- a/pdns/dnsdistdist/dnsdist-web.hh
+++ b/pdns/dnsdistdist/dnsdist-web.hh
@@ -5,7 +5,7 @@
  void setWebserverAPIKey(std::unique_ptr<CredentialsHolder>&& apiKey);
  void setWebserverPassword(std::unique_ptr<CredentialsHolder>&& password);
  void setWebserverACL(const std::string& acl);
-void setWebserverCustomHeaders(const boost::optional<std::map<std::string, std::string> > customHeaders);
+void setWebserverCustomHeaders(const boost::optional<std::unordered_map<std::string, std::string> > customHeaders);
  void setWebserverStatsRequireAuthentication(bool);
  void setWebserverMaxConcurrentConnections(size_t);
  
diff --git a/pdns/dnsdistdist/test-dnsdistrules_cc.cc b/pdns/dnsdistdist/test-dnsdistrules_cc.cc

index b44374fefab39fc524fb1f53289e741ff675c403..c075c86dae43344b6557a0252b38fc3363103ceb 100644 (file)
--- a/pdns/dnsdistdist/test-dnsdistrules_cc.cc
+++ b/pdns/dnsdistdist/test-dnsdistrules_cc.cc
@@ -7,6 +7,14 @@
  
  #include "dnsdist-rules.hh"
  
+void checkParameterBound(const std::string& parameter, uint64_t value, size_t max);
+void checkParameterBound(const std::string& parameter, uint64_t value, size_t max)
+{
+  if (value > std::numeric_limits<uint16_t>::max()) {
+    throw std::runtime_error("The value passed to " + parameter + " is too large, the maximum is " + std::to_string(max));
+  }
+}
+
  static DNSQuestion getDQ(const DNSName* providedName = nullptr)
  {
    static const DNSName qname("powerdns.com.");
author	Remi Gacogne <remi.gacogne@powerdns.com>
	Fri, 12 Nov 2021 14:59:45 +0000 (15:59 +0100)
committer	Remi Gacogne <remi.gacogne@powerdns.com>
	Wed, 22 Dec 2021 08:30:44 +0000 (09:30 +0100)
pdns/dnsdist-lua-bindings-dnsquestion.cc		patch \| blob \| blame \| history
pdns/dnsdist-lua-bindings.cc		patch \| blob \| blame \| history
pdns/dnsdist-lua-rules.cc		patch \| blob \| blame \| history
pdns/dnsdist-lua.cc		patch \| blob \| blame \| history
pdns/dnsdist-lua.hh		patch \| blob \| blame \| history
pdns/dnsdist-web.cc		patch \| blob \| blame \| history
pdns/dnsdistdist/dnsdist-web.hh		patch \| blob \| blame \| history
pdns/dnsdistdist/test-dnsdistrules_cc.cc		patch \| blob \| blame \| history