openvpn3/dns__options_8hpp_source.html

//    OpenVPN -- An application to securely tunnel IP networks

//               over a single port, with support for SSL/TLS-based

//               session authentication and key exchange,

//               packet encryption, packet authentication, and

//               packet compression.

//

//    Copyright (C) 2022- OpenVPN Inc.

//

//    SPDX-License-Identifier: MPL-2.0 OR AGPL-3.0-only WITH openvpn3-openssl-exception

//


#pragma once


#include <map>

#include <vector>

#include <algorithm>

#include <sstream>


#include <openvpn/common/number.hpp>

#include <openvpn/common/jsonlib.hpp>

#include <openvpn/common/hostport.hpp>

#include <openvpn/addr/ip.hpp>


#ifdef HAVE_JSON

#include <openvpn/common/jsonhelper.hpp>

#endif


namespace openvpn {


struct DnsAddress

{


    std::string to_string() const

    {

        std::ostringstream os;

        os << address;

        if (port)

        {

            os << " " << port;

        }

        return os.str();

    }


    void validate(const std::string &title) const

    {

        IP::Addr::validate(address, title);

    }


#ifdef HAVE_JSON


    Json::Value to_json() const

    {

        Json::Value root(Json::objectValue);

        root["address"] = Json::Value(address);

        if (port)

        {

            root["port"] = Json::Value(port);

        }

        return root;

    }


    void from_json(const Json::Value &root, const std::string &title)

    {

        json::assert_dict(root, title);

        json::to_uint_optional(root, port, "port", 0u, title);


        std::string addr_str;

        json::to_string(root, addr_str, "address", title);

        address = IP::Addr::from_string(addr_str).to_string();

    }


#endif


    bool operator==(const DnsAddress &) const = default;


    std::string address;

    unsigned int port = 0;

};


struct DnsDomain

{


    std::string to_string() const

    {

        return domain;

    }


    void validate(const std::string &title) const

    {

        HostPort::validate_host(domain, title);

    }


#ifdef HAVE_JSON


    Json::Value to_json() const

    {

        return Json::Value(domain);

    }


    void from_json(const Json::Value &value, const std::string &title)

    {

        if (!value.isString())

        {

            throw json::json_parse("string " + title + " is of incorrect type");

        }

        domain = value.asString();

    }


#endif


    std::string domain;


    bool operator==(const DnsDomain &) const = default;

};


struct DnsServer

{


    enum class Security

    {

        Unset,

        No,

        Yes,

        Optional

    };


    std::string dnssec_string(const Security dnssec) const

    {

        switch (dnssec)

        {

        case Security::No:

            return "No";

        case Security::Yes:

            return "Yes";

        case Security::Optional:

            return "Optional";

        default:

            return "Unset";

        }

    }


    enum class Transport

    {

        Unset,

        Plain,

        HTTPS,

        TLS

    };


    std::string transport_string(const Transport transport) const

    {

        switch (transport)

        {

        case Transport::Plain:

            return "Plain";

        case Transport::HTTPS:

            return "HTTPS";

        case Transport::TLS:

            return "TLS";

        default:

            return "Unset";

        }

    }


    std::string to_string(const char *prefix = "") const

    {

        std::ostringstream os;

        os << prefix << "Addresses:\n";

        for (const auto &address : addresses)

        {

            os << prefix << "  " << address.to_string() << '\n';

        }

        if (!domains.empty())

        {

            os << prefix << "Domains:\n";

            for (const auto &domain : domains)

            {

                os << prefix << "  " << domain.to_string() << '\n';

            }

        }

        if (dnssec != Security::Unset)

        {

            os << prefix << "DNSSEC: " << dnssec_string(dnssec) << '\n';

        }

        if (transport != Transport::Unset)

        {

            os << prefix << "Transport: " << transport_string(transport) << '\n';

        }

        if (!sni.empty())

        {

            os << prefix << "SNI: " << sni << '\n';

        }

        return os.str();

    }


#ifdef HAVE_JSON


    Json::Value to_json() const

    {

        Json::Value server(Json::objectValue);

        json::from_vector(server, addresses, "addresses");

        if (!domains.empty())

        {

            json::from_vector(server, domains, "domains");

        }

        if (dnssec != Security::Unset)

        {

            server["dnssec"] = Json::Value(dnssec_string(dnssec));

        }

        if (transport != Transport::Unset)

        {

            server["transport"] = Json::Value(transport_string(transport));

        }

        if (!sni.empty())

        {

            server["sni"] = Json::Value(sni);

        }

        return server;

    }


    void from_json(const Json::Value &root, const std::string &title)

    {

        json::assert_dict(root, title);

        json::to_vector(root, addresses, "addresses", title);

        if (json::exists(root, "domains"))

        {

            json::to_vector(root, domains, "domains", title);

        }

        if (json::exists(root, "dnssec"))

        {

            std::string dnssec_str;

            json::to_string(root, dnssec_str, "dnssec", title);

            if (dnssec_str == "Optional")

            {

                dnssec = Security::Optional;

            }

            else if (dnssec_str == "Yes")

            {

                dnssec = Security::Yes;

            }

            else if (dnssec_str == "No")

            {

                dnssec = Security::No;

            }

            else

            {

                throw json::json_parse("dnssec value " + dnssec_str + "is unknown");

            }

        }

        if (json::exists(root, "transport"))

        {

            std::string transport_str;

            json::to_string(root, transport_str, "transport", title);

            if (transport_str == "Plain")

            {

                transport = Transport::Plain;

            }

            else if (transport_str == "HTTPS")

            {

                transport = Transport::HTTPS;

            }

            else if (transport_str == "TLS")

            {

                transport = Transport::TLS;

            }

            else

            {

                throw json::json_parse("transport value " + transport_str + "is unknown");

            }

        }

        json::to_string_optional(root, sni, "sni", "", title);

    }


#endif


    bool operator==(const DnsServer &at) const = default;


    std::vector<DnsAddress> addresses;

    std::vector<DnsDomain> domains;

    Security dnssec = Security::Unset;

    Transport transport = Transport::Unset;

    std::string sni;

};


struct DnsOptions

{


    std::string to_string() const

    {

        std::ostringstream os;

        if (!servers.empty())

        {

            os << "DNS Servers:\n";

            for (const auto &elem : servers)

            {

                os << "  Priority: " << elem.first << '\n';

                os << elem.second.to_string("  ");

            }

        }

        if (!search_domains.empty())

        {

            os << "DNS Search Domains:\n";

            for (const auto &domain : search_domains)

            {

                os << "  " << domain.to_string() << '\n';

            }

        }

        return os.str();

    }


#ifdef HAVE_JSON


    Json::Value to_json() const

    {

        Json::Value root(Json::objectValue);

        Json::Value servers_json(Json::objectValue);

        for (const auto &[prio, server] : servers)

        {

            servers_json[std::to_string(prio)] = server.to_json();

        }

        root["servers"] = std::move(servers_json);

        json::from_vector(root, search_domains, "search_domains");

        return root;

    }


    void from_json(const Json::Value &root, const std::string &title)

    {

        json::assert_dict(root, title);

        json::assert_dict(root["servers"], title);

        for (const auto &prio : root["servers"].getMemberNames())

        {

            DnsServer server;

            server.from_json(root["servers"][prio], title);

            servers[std::stoi(prio)] = std::move(server);

        }

        json::to_vector(root, search_domains, "search_domains", title);

    }


#endif


    bool operator==(const DnsOptions &at) const = default;


    bool from_dhcp_options = false;

    std::vector<DnsDomain> search_domains;

    std::map<int, DnsServer> servers;


  protected:


    DnsServer &get_server(const int priority)

    {

        auto it = servers.insert(std::make_pair(priority, DnsServer())).first;

        return (*it).second;

    }


};


} // namespace openvpn

openvpn::IP::Addr::from_string
static Addr from_string(const std::string &ipstr, const TITLE &title, const Version required_version)
Definition ip.hpp:105

openvpn::IP::Addr::to_string
std::string to_string() const
Definition ip.hpp:528

openvpn::IP::Addr::validate
static std::string validate(const std::string &ipstr, const TITLE &title, const Version required_version)
Definition ip.hpp:131

hostport.hpp

ip.hpp

jsonhelper.hpp

jsonlib.hpp

openvpn::HostPort::validate_host
void validate_host(const std::string &host, const std::string &title)
Definition hostport.hpp:93

openvpn::json::assert_dict
void assert_dict(const Json::Value &obj, const TITLE &title)
Definition jsonhelper.hpp:163

openvpn::json::to_string_optional
void to_string_optional(const Json::Value &root, std::string &dest, const NAME &name, const std::string &default_value, const TITLE &title)
Definition jsonhelper.hpp:819

openvpn::json::to_string
void to_string(const Json::Value &root, std::string &dest, const NAME &name, const TITLE &title)
Definition jsonhelper.hpp:810

openvpn::json::to_vector
void to_vector(const Json::Value &root, T &vec, const NAME &name, const TITLE &title)
Definition jsonhelper.hpp:195

openvpn::json::exists
bool exists(const Json::Value &root, const NAME &name)
Definition jsonhelper.hpp:179

openvpn::json::from_vector
void from_vector(Json::Value &root, const T &vec, const NAME &name)
Definition jsonhelper.hpp:153

openvpn::json::to_uint_optional
void to_uint_optional(const Json::Value &root, unsigned int &dest, const NAME &name, const unsigned int default_value, const TITLE &title)
Definition jsonhelper.hpp:861

openvpn
Definition ovpncli.cpp:97

number.hpp

openvpn::DnsAddress
A name server address and optional port.
Definition dns_options.hpp:36

openvpn::DnsAddress::operator==
bool operator==(const DnsAddress &) const =default

openvpn::DnsAddress::to_json
Json::Value to_json() const
Definition dns_options.hpp:59

openvpn::DnsAddress::port
unsigned int port
Definition dns_options.hpp:84

openvpn::DnsAddress::from_json
void from_json(const Json::Value &root, const std::string &title)
Definition dns_options.hpp:70

openvpn::DnsAddress::validate
void validate(const std::string &title) const
Definition dns_options.hpp:53

openvpn::DnsAddress::address
std::string address
Definition dns_options.hpp:83

openvpn::DnsAddress::to_string
std::string to_string() const
Return string representation of the DnsAddress object.
Definition dns_options.hpp:42

openvpn::DnsDomain
A DNS domain name.
Definition dns_options.hpp:92

openvpn::DnsDomain::operator==
bool operator==(const DnsDomain &) const =default

openvpn::DnsDomain::validate
void validate(const std::string &title) const
Definition dns_options.hpp:103

openvpn::DnsDomain::to_string
std::string to_string() const
Return string representation of the DnsDomain object.
Definition dns_options.hpp:98

openvpn::DnsDomain::domain
std::string domain
Definition dns_options.hpp:124

openvpn::DnsDomain::to_json
Json::Value to_json() const
Definition dns_options.hpp:109

openvpn::DnsDomain::from_json
void from_json(const Json::Value &value, const std::string &title)
Definition dns_options.hpp:114

openvpn::DnsOptions
All DNS options set with the –dns or –dhcp-option directive.
Definition dns_options.hpp:304

openvpn::DnsOptions::servers
std::map< int, DnsServer > servers
Definition dns_options.hpp:360

openvpn::DnsOptions::get_server
DnsServer & get_server(const int priority)
Definition dns_options.hpp:363

openvpn::DnsOptions::from_json
void from_json(const Json::Value &root, const std::string &title)
Definition dns_options.hpp:342

openvpn::DnsOptions::search_domains
std::vector< DnsDomain > search_domains
Definition dns_options.hpp:359

openvpn::DnsOptions::from_dhcp_options
bool from_dhcp_options
Definition dns_options.hpp:358

openvpn::DnsOptions::operator==
bool operator==(const DnsOptions &at) const =default

openvpn::DnsOptions::to_string
std::string to_string() const
Definition dns_options.hpp:305

openvpn::DnsOptions::to_json
Json::Value to_json() const
Definition dns_options.hpp:329

openvpn::DnsServer
DNS settings for a name server.
Definition dns_options.hpp:134

openvpn::DnsServer::addresses
std::vector< DnsAddress > addresses
Definition dns_options.hpp:292

openvpn::DnsServer::domains
std::vector< DnsDomain > domains
Definition dns_options.hpp:293

openvpn::DnsServer::transport_string
std::string transport_string(const Transport transport) const
Definition dns_options.hpp:166

openvpn::DnsServer::dnssec_string
std::string dnssec_string(const Security dnssec) const
Definition dns_options.hpp:143

openvpn::DnsServer::to_string
std::string to_string(const char *prefix="") const
Definition dns_options.hpp:181

openvpn::DnsServer::operator==
bool operator==(const DnsServer &at) const =default

openvpn::DnsServer::sni
std::string sni
Definition dns_options.hpp:296

openvpn::DnsServer::dnssec
Security dnssec
Definition dns_options.hpp:294

openvpn::DnsServer::Security
Security
Definition dns_options.hpp:136

openvpn::DnsServer::Security::Yes
@ Yes

openvpn::DnsServer::Security::No
@ No

openvpn::DnsServer::Security::Unset
@ Unset

openvpn::DnsServer::Security::Optional
@ Optional

openvpn::DnsServer::to_json
Json::Value to_json() const
Definition dns_options.hpp:213

openvpn::DnsServer::Transport
Transport
Definition dns_options.hpp:159

openvpn::DnsServer::Transport::TLS
@ TLS

openvpn::DnsServer::Transport::HTTPS
@ HTTPS

openvpn::DnsServer::Transport::Plain
@ Plain

openvpn::DnsServer::Transport::Unset
@ Unset

openvpn::DnsServer::from_json
void from_json(const Json::Value &root, const std::string &title)
Definition dns_options.hpp:236

openvpn::DnsServer::transport
Transport transport
Definition dns_options.hpp:295

address
remote_address address
Definition test_capture.cpp:82

os
std::ostringstream os
Definition test_capture.cpp:1086