Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

dnsdist: Implementation of DoH between dnsdist and the backend #10635

Merged
merged 39 commits into from
Sep 14, 2021

Conversation

rgacogne
Copy link
Member

@rgacogne rgacogne commented Aug 6, 2021

Short description

This PR implements DoH between dnsdist and the backend using nghttp2. It's a work-in-progress, the code is not pretty.
The PR is based on top of #10338 so the first commits are identical.

Checklist

I have:

  • read the CONTRIBUTING.md document
  • compiled this code
  • tested this code
  • included documentation (including possible behaviour changes)
  • documented the code
  • added or modified regression test(s)
  • added or modified unit test(s)

@rgacogne rgacogne added this to the dnsdist-1.7.0 milestone Aug 6, 2021
@rgacogne rgacogne marked this pull request as ready for review August 27, 2021 08:41
@rgacogne rgacogne changed the title dnsdist: WIP implementation of DoH between dnsdist and the backend dnsdist: Implementation of DoH between dnsdist and the backend Aug 27, 2021
@rgacogne
Copy link
Member Author

Rebased to fix conflicts now that #10338 has been merged.

@rgacogne rgacogne force-pushed the ddist-doh-backend-rebased branch 2 times, most recently from 640a399 to c310d7d Compare September 3, 2021 15:36
@github-actions
Copy link

github-actions bot commented Sep 3, 2021

@check-spelling-bot Report

Unrecognized words, please review:

  • HWorker
To accept these unrecognized words as correct, run the following commands

... in a clone of the git@github.com:rgacogne/pdns.git repository
on the ddist-doh-backend-rebased branch:

update_files() {
perl -e '
my $new_expect_file=".github/actions/spell-check/expect.txt";
use File::Path qw(make_path);
use File::Basename qw(dirname);
make_path (dirname($new_expect_file));
open FILE, q{<}, $new_expect_file; chomp(my @words = <FILE>); close FILE;
my @add=qw('"$patch_add"');
my %items; @items{@words} = @words x (1); @items{@add} = @add x (1);
@words = sort {lc($a)."-".$a cmp lc($b)."-".$b} keys %items;
open FILE, q{>}, $new_expect_file; for my $word (@words) { print FILE "$word\n" if $word =~ /\w/; };
close FILE;
system("git", "add", $new_expect_file);
'
}

comment_json=$(mktemp)
curl -L -s -S \
  --header "Content-Type: application/json" \
  "https://api.github.com/repos/PowerDNS/pdns/issues/comments/912627807" > "$comment_json"
comment_body=$(mktemp)
jq -r .body < "$comment_json" > $comment_body
rm $comment_json

patch_add=$(perl -e '$/=undef;
$_=<>;
s{<details>.*}{}s;
s{^#.*}{};
s{\n##.*}{};
s{(?:^|\n)\s*\*}{}g;
s{\s+}{ }g;
print' < "$comment_body")
  
update_files
rm $comment_body
git add -u
If the flagged items do not appear to be text

If items relate to a ...

  • well-formed pattern.

    If you can write a pattern that would match it,
    try adding it to the patterns.txt file.

    Patterns are Perl 5 Regular Expressions - you can test yours before committing to verify it will match your lines.

    Note that patterns can't match multiline strings.

  • binary file.

    Please add a file path to the excludes.txt file matching the containing file.

    File paths are Perl 5 Regular Expressions - you can test yours before committing to verify it will match your files.

    ^ refers to the file's path from the root of the repository, so ^README\.md$ would exclude README.md (on whichever branch you're using).

@rgacogne
Copy link
Member Author

rgacogne commented Sep 3, 2021

This PR is making good progress, I still have to handle the proxy protocol, clean up the code a bit, write more documentation and squash the commits and it should be ready for review.

@rgacogne rgacogne force-pushed the ddist-doh-backend-rebased branch 2 times, most recently from 1f63b74 to 16681c6 Compare September 6, 2021 14:47
@rgacogne
Copy link
Member Author

rgacogne commented Sep 6, 2021

Proxy protocol is now handled. I also rebased to squash the commits and use the new CI.

@github-actions
Copy link

github-actions bot commented Sep 6, 2021

@check-spelling-bot Report

Unrecognized words, please review:

  • nghttp
To accept these unrecognized words as correct, run the following commands

... in a clone of the git@github.com:rgacogne/pdns.git repository
on the ddist-doh-backend-rebased branch:

update_files() {
perl -e '
my $new_expect_file=".github/actions/spell-check/expect.txt";
use File::Path qw(make_path);
use File::Basename qw(dirname);
make_path (dirname($new_expect_file));
open FILE, q{<}, $new_expect_file; chomp(my @words = <FILE>); close FILE;
my @add=qw('"$patch_add"');
my %items; @items{@words} = @words x (1); @items{@add} = @add x (1);
@words = sort {lc($a)."-".$a cmp lc($b)."-".$b} keys %items;
open FILE, q{>}, $new_expect_file; for my $word (@words) { print FILE "$word\n" if $word =~ /\w/; };
close FILE;
system("git", "add", $new_expect_file);
'
}

comment_json=$(mktemp)
curl -L -s -S \
  --header "Content-Type: application/json" \
  "https://api.github.com/repos/PowerDNS/pdns/issues/comments/913752859" > "$comment_json"
comment_body=$(mktemp)
jq -r .body < "$comment_json" > $comment_body
rm $comment_json

patch_add=$(perl -e '$/=undef;
$_=<>;
s{<details>.*}{}s;
s{^#.*}{};
s{\n##.*}{};
s{(?:^|\n)\s*\*}{}g;
s{\s+}{ }g;
print' < "$comment_body")
  
update_files
rm $comment_body
git add -u
If the flagged items do not appear to be text

If items relate to a ...

  • well-formed pattern.

    If you can write a pattern that would match it,
    try adding it to the patterns.txt file.

    Patterns are Perl 5 Regular Expressions - you can test yours before committing to verify it will match your lines.

    Note that patterns can't match multiline strings.

  • binary file.

    Please add a file path to the excludes.txt file matching the containing file.

    File paths are Perl 5 Regular Expressions - you can test yours before committing to verify it will match your files.

    ^ refers to the file's path from the root of the repository, so ^README\.md$ would exclude README.md (on whichever branch you're using).

@rgacogne
Copy link
Member Author

rgacogne commented Sep 7, 2021

I believe this PR is finally ready for review :-)

It actually makes it harder to read the lists of events in the HTTP/2
unit tests, but I can't find a proper way to fix that.
I'm pretty sure the compiler is smart enough to do that by itself,
but it does not hurt and makes the warnings go away.
Reported by cppcheck.
@rgacogne
Copy link
Member Author

Rebased to fix a conflict, plus fixed the API regression tests (missing metrics).

@rgacogne rgacogne merged commit 459a938 into PowerDNS:master Sep 14, 2021
@rgacogne rgacogne deleted the ddist-doh-backend-rebased branch September 14, 2021 10:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants