19741624072

Committed 27 Nov 2025 03:45PM UTC coverage: 73.086% (+0.02%) from 73.065%

Build # 19741624072

Build Type

Pull #16570

github

Committed by

web-flow

Commit Message

Merge 08a2cdb1d into f94a3f63f

Pull Request Pull Request #16570: rec: rewrite all unwrap calls in web.rs

Run Details

38523 of 63408 branches covered (60.75%)

Branch coverage included in aggregate %.

128044 of 164496 relevant lines covered (77.84%)

6531485.83 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

88.68

/pdns/dnsdistdist/dnsdist-doh-common.cc

/*
 * This file is part of PowerDNS or dnsdist.
 * Copyright -- PowerDNS.COM B.V. and its contributors
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of version 2 of the GNU General Public License as
 * published by the Free Software Foundation.
 *
 * In addition, for the avoidance of any doubt, permission is granted to
 * link this program with OpenSSL and to (re)distribute the binaries
 * produced as the result of such linking.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 */
#include "base64.hh"
#include "dnsdist-doh-common.hh"
#include "dnsdist.hh"

#ifdef HAVE_DNS_OVER_HTTPS
void DOHFrontend::rotateTicketsKey(time_t now)
{
  return d_tlsContext->rotateTicketsKey(now);
}

void DOHFrontend::loadTicketsKeys(const std::string& keyFile)
{
  return d_tlsContext->loadTicketsKeys(keyFile);
}

void DOHFrontend::loadTicketsKey(const std::string& key)
{
  return d_tlsContext->loadTicketsKey(key);
}

void DOHFrontend::handleTicketsKeyRotation()
{
}

std::string DOHFrontend::getNextTicketsKeyRotation() const
{
  return d_tlsContext->getNextTicketsKeyRotation();
}

size_t DOHFrontend::getTicketsKeysCount()
{
  return d_tlsContext->getTicketsKeysCount();
}

void DOHFrontend::reloadCertificates()
{
  if (isHTTPS()) {
    d_tlsContext->setupTLS();
  }
}

void DOHFrontend::setup()
{
  if (isHTTPS()) {
    if (!d_tlsContext->setupTLS()) {
      throw std::runtime_error("Error setting up TLS context for DoH listener on '" + d_tlsContext->d_addr.toStringWithPort());
    }
  }
}

#endif /* HAVE_DNS_OVER_HTTPS */

namespace dnsdist::doh
{
std::optional<PacketBuffer> getPayloadFromPath(const std::string_view& path)
{
  std::optional<PacketBuffer> result{std::nullopt};

  if (path.size() <= 5) {
    return result;
  }

  auto pos = path.find("?dns=");
  if (pos == string::npos) {
    pos = path.find("&dns=");
  }

  if (pos == string::npos) {
    return result;
  }

  // need to base64url decode this
  string sdns;
  const size_t payloadSize = path.size() - pos - 5;
  size_t neededPadding = 0;
  switch (payloadSize % 4) {
  case 2:
    neededPadding = 2;
    break;
  case 3:
    neededPadding = 1;
    break;
  }
  sdns.reserve(payloadSize + neededPadding);
  sdns = path.substr(pos + 5);
  for (auto& entry : sdns) {
    switch (entry) {
    case '-':
      entry = '+';
      break;
    case '_':
      entry = '/';
      break;
    }
  }

  if (neededPadding != 0) {
    // re-add padding that may have been missing
    sdns.append(neededPadding, '=');
  }

  PacketBuffer decoded;
  /* rough estimate so we hopefully don't need a new allocation later */
  /* We reserve at few additional bytes to be able to add EDNS later */
  const size_t estimate = ((sdns.size() * 3) / 4);
  decoded.reserve(estimate);
  if (B64Decode(sdns, decoded) < 0) {
    return result;
  }

  result = std::move(decoded);
  return result;
}
}

1	/*
2	* This file is part of PowerDNS or dnsdist.
3	* Copyright -- PowerDNS.COM B.V. and its contributors
4	*
5	* This program is free software; you can redistribute it and/or modify
6	* it under the terms of version 2 of the GNU General Public License as
7	* published by the Free Software Foundation.
8	*
9	* In addition, for the avoidance of any doubt, permission is granted to
10	* link this program with OpenSSL and to (re)distribute the binaries
11	* produced as the result of such linking.
12	*
13	* This program is distributed in the hope that it will be useful,
14	* but WITHOUT ANY WARRANTY; without even the implied warranty of
15	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16	* GNU General Public License for more details.
17	*
18	* You should have received a copy of the GNU General Public License
19	* along with this program; if not, write to the Free Software
20	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
21	*/
22	#include "base64.hh"
23	#include "dnsdist-doh-common.hh"
24	#include "dnsdist.hh"
25
26	#ifdef HAVE_DNS_OVER_HTTPS
27	void DOHFrontend::rotateTicketsKey(time_t now)
28	{	22✔
29	return d_tlsContext->rotateTicketsKey(now);	22✔
30	}	22✔
31
32	void DOHFrontend::loadTicketsKeys(const std::string& keyFile)
33	{	6✔
34	return d_tlsContext->loadTicketsKeys(keyFile);	6✔
35	}	6✔
36
37	void DOHFrontend::loadTicketsKey(const std::string& key)
38	{	×
39	return d_tlsContext->loadTicketsKey(key);	×
40	}	×
41
42	void DOHFrontend::handleTicketsKeyRotation()
43	{	×
44	}	×
45
46	std::string DOHFrontend::getNextTicketsKeyRotation() const
47	{	12✔
48	return d_tlsContext->getNextTicketsKeyRotation();	12✔
49	}	12✔
50
51	size_t DOHFrontend::getTicketsKeysCount()
52	{	12✔
53	return d_tlsContext->getTicketsKeysCount();	12✔
54	}	12✔
55
56	void DOHFrontend::reloadCertificates()
57	{	2✔
58	if (isHTTPS()) {	2!
59	d_tlsContext->setupTLS();	2✔
60	}	2✔
61	}	2✔
62
63	void DOHFrontend::setup()
64	{	38✔
65	if (isHTTPS()) {	38✔
66	if (!d_tlsContext->setupTLS()) {	37!
67	throw std::runtime_error("Error setting up TLS context for DoH listener on '" + d_tlsContext->d_addr.toStringWithPort());	×
68	}	×
69	}	37✔
70	}	38✔
71
72	#endif /* HAVE_DNS_OVER_HTTPS */
73
74	namespace dnsdist::doh
75	{
76	std::optional<PacketBuffer> getPayloadFromPath(const std::string_view& path)
77	{	189✔
78	std::optional<PacketBuffer> result{std::nullopt};	189✔
79
80	if (path.size() <= 5) {	189!
81	return result;	×
82	}	×
83
84	auto pos = path.find("?dns=");	189✔
85	if (pos == string::npos) {	189✔
86	pos = path.find("&dns=");	2✔
87	}	2✔
88
89	if (pos == string::npos) {	189✔
90	return result;	2✔
91	}	2✔
92
93	// need to base64url decode this
94	string sdns;	187✔
95	const size_t payloadSize = path.size() - pos - 5;	187✔
96	size_t neededPadding = 0;	187✔
97	switch (payloadSize % 4) {	187✔
98	case 2:	63✔
99	neededPadding = 2;	63✔
100	break;	63✔
101	case 3:	64✔
102	neededPadding = 1;	64✔
103	break;	64✔
104	}	187✔
105	sdns.reserve(payloadSize + neededPadding);	187✔
106	sdns = path.substr(pos + 5);	187✔
107	for (auto& entry : sdns) {	14,558✔
108	switch (entry) {	14,558✔
109	case '-':	4✔
110	entry = '+';	4✔
111	break;	4✔
112	case '_':	6✔
113	entry = '/';	6✔
114	break;	6✔
115	}	14,558✔
116	}	14,558✔
117
118	if (neededPadding != 0) {	187✔
119	// re-add padding that may have been missing
120	sdns.append(neededPadding, '=');	127✔
121	}	127✔
122
123	PacketBuffer decoded;	187✔
124	/* rough estimate so we hopefully don't need a new allocation later */
125	/* We reserve at few additional bytes to be able to add EDNS later */
126	const size_t estimate = ((sdns.size() * 3) / 4);	187✔
127	decoded.reserve(estimate);	187✔
128	if (B64Decode(sdns, decoded) < 0) {	187✔
129	return result;	2✔
130	}	2✔
131
132	result = std::move(decoded);	185✔
133	return result;	185✔
134	}	187✔
135	}

PowerDNS / pdns / 19741624072

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous