From 79f64c2b48b641b12f21a6f47b1b7b5ec0f6c7ee Mon Sep 17 00:00:00 2001 From: Otto Moerbeek Date: Wed, 12 Feb 2020 16:49:58 +0100 Subject: [PATCH] Set the d_priority field in the policy objects of a zone. Comments from racacogne: Better name for currentPriority, more elegant loops with right cutoff. --- pdns/filterpo.cc | 43 +++++++++++++++++++------------------------ pdns/filterpo.hh | 23 +++++++++++++++++++---- 2 files changed, 38 insertions(+), 28 deletions(-) diff --git a/pdns/filterpo.cc b/pdns/filterpo.cc index df195e4d48..316c31a7db 100644 --- a/pdns/filterpo.cc +++ b/pdns/filterpo.cc @@ -115,19 +115,19 @@ bool DNSFilterEngine::Zone::findExactNamedPolicy(const std::unordered_map& discardedPolicies, Priority currentPriority) const +DNSFilterEngine::Policy DNSFilterEngine::getProcessingPolicy(const DNSName& qname, const std::unordered_map& discardedPolicies, Priority maxPriority) const { // cout<<"Got question for nameserver name "< zoneEnabled(d_zones.size()); size_t count = 0; bool allEmpty = true; for (const auto& z : d_zones) { - if (z->getPriority() > currentPriority) { - break; - } bool enabled = true; const auto zoneName = z->getName(); - if (zoneName && discardedPolicies.find(*zoneName) != discardedPolicies.end()) { + if (z->getPriority() >= maxPriority) { + enabled = false; + } + else if (zoneName && discardedPolicies.find(*zoneName) != discardedPolicies.end()) { enabled = false; } else { @@ -158,9 +158,6 @@ DNSFilterEngine::Policy DNSFilterEngine::getProcessingPolicy(const DNSName& qnam count = 0; for(const auto& z : d_zones) { - if (z->getPriority() > currentPriority) { - break; - } if (!zoneEnabled[count]) { ++count; continue; @@ -182,12 +179,12 @@ DNSFilterEngine::Policy DNSFilterEngine::getProcessingPolicy(const DNSName& qnam return pol; } -DNSFilterEngine::Policy DNSFilterEngine::getProcessingPolicy(const ComboAddress& address, const std::unordered_map& discardedPolicies, Priority currentPriority) const +DNSFilterEngine::Policy DNSFilterEngine::getProcessingPolicy(const ComboAddress& address, const std::unordered_map& discardedPolicies, Priority maxPriority) const { Policy pol; // cout<<"Got question for nameserver IP "<getPriority() > currentPriority) { + if (z->getPriority() >= maxPriority) { break; } const auto zoneName = z->getName(); @@ -203,27 +200,28 @@ DNSFilterEngine::Policy DNSFilterEngine::getProcessingPolicy(const ComboAddress& return pol; } -DNSFilterEngine::Policy DNSFilterEngine::getQueryPolicy(const DNSName& qname, const ComboAddress& ca, const std::unordered_map& discardedPolicies, Priority currentPriority) const +DNSFilterEngine::Policy DNSFilterEngine::getQueryPolicy(const DNSName& qname, const ComboAddress& ca, const std::unordered_map& discardedPolicies, Priority maxPriority) const { // cout<<"Got question for "< zoneEnabled(d_zones.size()); size_t count = 0; bool allEmpty = true; for (const auto& z : d_zones) { - if (z->getPriority() > currentPriority) { - break; - } bool enabled = true; - const auto zoneName = z->getName(); - if (zoneName && discardedPolicies.find(*zoneName) != discardedPolicies.end()) { + if (z->getPriority() >= maxPriority) { enabled = false; - } - else { - if (z->hasQNamePolicies() || z->hasClientPolicies()) { - allEmpty = false; + } else { + const auto zoneName = z->getName(); + if (zoneName && discardedPolicies.find(*zoneName) != discardedPolicies.end()) { + enabled = false; } else { - enabled = false; + if (z->hasQNamePolicies() || z->hasClientPolicies()) { + allEmpty = false; + } + else { + enabled = false; + } } } @@ -246,9 +244,6 @@ DNSFilterEngine::Policy DNSFilterEngine::getQueryPolicy(const DNSName& qname, co count = 0; for (const auto& z : d_zones) { - if (z->getPriority() > currentPriority) { - break; - } if (!zoneEnabled[count]) { ++count; continue; diff --git a/pdns/filterpo.hh b/pdns/filterpo.hh index a75f291611..d0ef6fb26f 100644 --- a/pdns/filterpo.hh +++ b/pdns/filterpo.hh @@ -203,6 +203,21 @@ public: } void setPriority(Priority p) { d_priority = p; + for (auto& pol : d_qpolName) { + pol.second.d_priority = p; + } + for (auto& pol: d_qpolAddr) { + pol->second.d_priority = p; + } + for (auto& pol: d_propolName) { + pol.second.d_priority = p; + } + for (auto& pol: d_propolNSAddr) { + pol->second.d_priority = p; + } + for (auto& pol: d_postpolAddr) { + pol->second.d_priority = p; + } } private: static DNSName maskToRPZ(const Netmask& nm); @@ -267,10 +282,10 @@ public: } } - Policy getQueryPolicy(const DNSName& qname, const ComboAddress& nm, const std::unordered_map& discardedPolicies, Priority Priority) const; - Policy getProcessingPolicy(const DNSName& qname, const std::unordered_map& discardedPolicies, Priority currentPriority) const; - Policy getProcessingPolicy(const ComboAddress& address, const std::unordered_map& discardedPolicies, Priority currentPriority) const; - Policy getPostPolicy(const vector& records, const std::unordered_map& discardedPolicies, Priority currentPriority) const; + Policy getQueryPolicy(const DNSName& qname, const ComboAddress& nm, const std::unordered_map& discardedPolicies, Priority maxPriority) const; + Policy getProcessingPolicy(const DNSName& qname, const std::unordered_map& discardedPolicies, Priority maxPriority) const; + Policy getProcessingPolicy(const ComboAddress& address, const std::unordered_map& discardedPolicies, Priority maxPriority) const; + Policy getPostPolicy(const vector& records, const std::unordered_map& discardedPolicies, Priority maxPriority) const; size_t size() const { return d_zones.size(); -- 2.47.2