Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

dnsdist: Add support for early DoH HTTP responses #8206

Merged
merged 4 commits into from
Aug 30, 2019

Conversation

rgacogne
Copy link
Member

Short description

The HTTPPathRule and HTTPPathRegexRule, and the Lua bindings to access the HTTP informations are only invoked for valid DNS over HTTP queries. This PR adds support for responding to HTTP queries before the DNS payload has been parsed, thus allowing to respond to all HTTP queries.

Checklist

I have:

  • read the CONTRIBUTING.md document
  • compiled this code
  • tested this code
  • included documentation (including possible behaviour changes)
  • documented the code
  • added or modified regression test(s)
  • added or modified unit test(s)

Copy link
Member

@chbruyand chbruyand left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code LGTM, I'm just wondering if matching shouldn't be also done on HTTP method ?
I'm also wondering if we may want to send the possibly set custom headers in the response ?

@rgacogne
Copy link
Member Author

I'm just wondering if matching shouldn't be also done on HTTP method ?

It might be a request at some point, yes, but for now I'm trying to keep it simple.

@rgacogne
Copy link
Member Author

I'm also wondering if we may want to send the possibly set custom headers in the response ?

I'd really like dnsdist not to become a full-fledged HTTP server :-)

@chbruyand
Copy link
Member

I'm also wondering if we may want to send the possibly set custom headers in the response ?

I'd really like dnsdist not to become a full-fledged HTTP server :-)

I know, this is just that you may expect to get the custom headers you set via customResponseHeaders in the response.

pdns/dnsdistdist/doh.cc Outdated Show resolved Hide resolved
@rgacogne
Copy link
Member Author

I know, this is just that you may expect to get the custom headers you set via customResponseHeaders in the response.

Oh, you are right! I'm not 100% sure it's a good idea to apply these to "early" responses, but I guess it might be something that users will expect..

@chbruyand
Copy link
Member

I know, this is just that you may expect to get the custom headers you set via customResponseHeaders in the response.

Oh, you are right! I'm not 100% sure it's a good idea to apply these to "early" responses, but I guess it might be something that users will expect..

Yes, really depends on your custom headers usage. But I think you would expect it in use cases like #7900

@rgacogne
Copy link
Member Author

I'm worried about the case where one does not want the customResponseHeaders applied here, so I guess we indeed need to accept an optional list of custom headers in newDOHResponseMapEntry(), where no list means to apply customResponseHeaders and any other value overrides it (so an empty list means no headers).

@rgacogne
Copy link
Member Author

Fixed the default application/dns-message content-type header added to early 200 responses. Added support for custom HTTP headers in early responses as well.

@rgacogne
Copy link
Member Author

Rebased to fix a conflict.

@chbruyand chbruyand self-requested a review August 29, 2019 13:55
@rgacogne rgacogne merged commit 762a2b5 into PowerDNS:master Aug 30, 2019
@rgacogne rgacogne deleted the dnsdist-early-doh-rewrite branch August 30, 2019 08:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants