X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=blobdiff_plain;f=src%2Fhttp.rs;h=073ba66b50ce701ec10cdffb14e0ef24401a219f;hb=8b836e295ec81c50907fe1f60ca43c82df792025;hp=53a0b18a71e3ba38615c37fb84d36fd9320170be;hpb=974fe2805f8a34d0fa88c05c2374ed69c51d7674;p=dnssec-prover diff --git a/src/http.rs b/src/http.rs index 53a0b18..073ba66 100644 --- a/src/http.rs +++ b/src/http.rs @@ -5,11 +5,13 @@ extern crate alloc; pub mod rr; -pub mod validation; -mod ser; +pub mod ser; pub mod query; -#[cfg(feature = "tokio")] +#[cfg(feature = "validation")] +pub mod validation; + +#[cfg(any(feature = "build_server", all(feature = "tokio", feature = "validation")))] use tokio_crate as tokio; #[cfg(feature = "build_server")] @@ -26,7 +28,7 @@ async fn main() { imp::run_server(listener, resolver_sockaddr).await; } -#[cfg(feature = "tokio")] +#[cfg(any(feature = "build_server", all(feature = "tokio", feature = "validation")))] mod imp { use super::*; @@ -108,25 +110,28 @@ mod imp { break 'ret_err; }; let proof_res = match t.to_ascii_uppercase().as_str() { - "TXT" => build_txt_proof_async(resolver_sockaddr, query_name).await, - "TLSA" => build_tlsa_proof_async(resolver_sockaddr, query_name).await, - "A" => build_a_proof_async(resolver_sockaddr, query_name).await, - "AAAA" => build_aaaa_proof_async(resolver_sockaddr, query_name).await, + "TXT" => build_txt_proof_async(resolver_sockaddr, &query_name).await, + "TLSA" => build_tlsa_proof_async(resolver_sockaddr, &query_name).await, + "A" => build_a_proof_async(resolver_sockaddr, &query_name).await, + "AAAA" => build_aaaa_proof_async(resolver_sockaddr, &query_name).await, _ => break 'ret_err, }; - let proof = if let Ok(proof) = proof_res { proof } else { + let (proof, cache_ttl) = if let Ok(proof) = proof_res { proof } else { response = ("404 Not Found", "Failed to generate proof for given domain"); break 'ret_err; }; let _ = socket.write_all( - format!("HTTP/1.1 200 OK\r\nContent-Length: {}\r\n\r\n", proof.len()).as_bytes() + format!( + "HTTP/1.1 200 OK\r\nContent-Length: {}\r\nContent-Type: application/octet-stream\r\nCache-Control: public, max-age={}, s-maxage={}\r\nAccess-Control-Allow-Origin: *\r\n\r\n", + proof.len(), cache_ttl, cache_ttl + ).as_bytes() ).await; let _ = socket.write_all(&proof).await; return; } let _ = socket.write_all(format!( - "HTTP/1.1 {}\r\nContent-Length: {}\r\nContent-Type: text/plain\r\n\r\n{}", + "HTTP/1.1 {}\r\nContent-Length: {}\r\nContent-Type: text/plain\r\nAccess-Control-Allow-Origin: *\r\n\r\n{}", response.0, response.1.len(), response.1, ).as_bytes()).await; }); @@ -134,11 +139,12 @@ mod imp { } } -#[cfg(all(feature = "tokio", test))] +#[cfg(all(feature = "tokio", feature = "validation", test))] mod test { use super::*; - use crate::validation::{parse_rr_stream, verify_rr_stream}; + use crate::ser::parse_rr_stream; + use crate::validation::verify_rr_stream; use minreq; @@ -157,4 +163,36 @@ mod test { let verified_rrs = verify_rr_stream(&rrs).unwrap(); assert_eq!(verified_rrs.verified_rrs.len(), 1); } + + #[tokio::test(flavor = "multi_thread", worker_threads = 1)] + async fn test_lookup_a() { + let ns = "9.9.9.9:53".parse().unwrap(); + let listener = tokio::net::TcpListener::bind("127.0.0.1:17493").await + .expect("Failed to bind to socket"); + tokio::spawn(imp::run_server(listener, ns)); + let resp = minreq::get( + "http://127.0.0.1:17493/dnssecproof?d=cloudflare.com.&t=a" + ).send().unwrap(); + + assert_eq!(resp.status_code, 200); + let rrs = parse_rr_stream(resp.as_bytes()).unwrap(); + let verified_rrs = verify_rr_stream(&rrs).unwrap(); + assert!(verified_rrs.verified_rrs.len() >= 1); + } + + #[tokio::test(flavor = "multi_thread", worker_threads = 1)] + async fn test_lookup_tlsa() { + let ns = "1.1.1.1:53".parse().unwrap(); + let listener = tokio::net::TcpListener::bind("127.0.0.1:17494").await + .expect("Failed to bind to socket"); + tokio::spawn(imp::run_server(listener, ns)); + let resp = minreq::get( + "http://127.0.0.1:17494/dnssecproof?d=_25._tcp.mail.as397444.net.&t=TLSA" + ).send().unwrap(); + + assert_eq!(resp.status_code, 200); + let rrs = parse_rr_stream(resp.as_bytes()).unwrap(); + let verified_rrs = verify_rr_stream(&rrs).unwrap(); + assert_eq!(verified_rrs.verified_rrs.len(), 1); + } }