Unify DoH URI making throughout the codebase

This commit adds new function isc_nm_http_makeuri() which is supposed to unify DoH URI construction throughout the codebase. It handles IPv6 addresses, hostnames, and IPv6 addresses given as hostnames properly, and replaces similar ad-hoc code in the codebase.
2025-09-05 09:05:40 +00:00 · 2021-08-12 10:14:30 +03:00
parent 2d36920d6a
commit 530133c10f
4 changed files with 198 additions and 52 deletions
--- a/lib/isc/netmgr/http.c
+++ b/lib/isc/netmgr/http.c
@@ -3081,6 +3081,66 @@ isc__nmhandle_http_keepalive(isc_nmhandle_t *handle, bool value) {
 	}
 }

+void
+isc_nm_http_makeuri(const bool https, const isc_sockaddr_t *sa,
+		    const char *hostname, const uint16_t http_port,
+		    const char *abs_path, char *outbuf,
+		    const size_t outbuf_len) {
+	char saddr[INET6_ADDRSTRLEN] = { 0 };
+	int family;
+	bool ipv6_addr = false;
+	struct sockaddr_in6 sa6;
+	uint16_t host_port = http_port;
+	const char *host = NULL;
+
+	REQUIRE(outbuf != NULL);
+	REQUIRE(outbuf_len != 0);
+	REQUIRE(isc_nm_http_path_isvalid(abs_path));
+
+	/* If hostname is specified, use that. */
+	if (hostname != NULL && hostname[0] != '\0') {
+		/*
+		 * The host name could be an IPv6 address. If so,
+		 * wrap it between [ and ].
+		 */
+		if (inet_pton(AF_INET6, hostname, &sa6) == 1 &&
+		    hostname[0] != '[') {
+			ipv6_addr = true;
+		}
+		host = hostname;
+	} else {
+		/*
+		 * A hostname was not specified; build one from
+		 * the given IP address.
+		 */
+		INSIST(sa != NULL);
+		family = ((const struct sockaddr *)&sa->type.sa)->sa_family;
+		host_port = ntohs(family == AF_INET ? sa->type.sin.sin_port
+						    : sa->type.sin6.sin6_port);
+		ipv6_addr = family == AF_INET6;
+		(void)inet_ntop(
+			family,
+			family == AF_INET
+				? (const struct sockaddr *)&sa->type.sin.sin_addr
+				: (const struct sockaddr *)&sa->type.sin6
+					  .sin6_addr,
+			saddr, sizeof(saddr));
+		host = saddr;
+	}
+
+	/*
+	 * If the port number was not specified, the default
+	 * depends on whether we're using encryption or not.
+	 */
+	if (host_port == 0) {
+		host_port = https ? 443 : 80;
+	}
+
+	(void)snprintf(outbuf, outbuf_len, "%s://%s%s%s:%u%s",
+		       https ? "https" : "http", ipv6_addr ? "[" : "", host,
+		       ipv6_addr ? "]" : "", host_port, abs_path);
+}
+
 /*
 * DoH GET Query String Scanner-less Recursive Descent Parser/Verifier
 *