New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add ERCodeRule #6147
Add ERCodeRule #6147
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice work, just a few minor nits!
bool matches(const DNSQuestion* dq) const override | ||
{ | ||
// avoid parsing EDNS OPT RR when not needed. | ||
if (d_rcode != dq->dh->rcode) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Given that dq->dh->rcode
is unsigned
, perhaps d_rcode
should be too? Same for d_extrcode
since edns0.extRCode
is an uint8_t
.
pdns/dnsdist-lua-rules.cc
Outdated
char * optStart = NULL; | ||
size_t optLen = 0; | ||
bool last = false; | ||
int res = locateEDNSOptRR((char*)dq->dh, dq->len, &optStart, &optLen, &last); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
const_cast<char*>(reinterpret_cast<const char*>(dq->dh))
? I don't think we'll manage to get rid of the existing C-style casts, but it would be nice to add new ones as few as possible :)
pdns/dnsdist-lua-rules.cc
Outdated
} | ||
EDNS0Record edns0; | ||
static_assert(sizeof(EDNS0Record) == sizeof(uint32_t), "sizeof(EDNS0Record) must match sizeof(uint32_t) AKA RR TTL size"); | ||
memcpy(&edns0, optStart + 5, sizeof edns0); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Adding a comment explaining where does the 5
comes from might be nice for later review.
Nits addressed |
Short description
Add ERCodeRule to match on EDNS Extended RCodes.
Separate rule to avoid performance cost for non-EDNS packets. Unclear if this is a good idea for correctness.
Checklist
I have: