Add argument sq network search --use-dane.

- See #478.
This commit is contained in:
Justus Winter 2024-12-13 15:58:50 +01:00
parent 964f9dd51f
commit c9d7eb8878
No known key found for this signature in database
GPG Key ID: 686F55B4AB2B3386
4 changed files with 48 additions and 9 deletions

View File

@ -77,6 +77,21 @@ pub struct Command {
#[clap(skip)] #[clap(skip)]
pub use_wkd_source: Option<clap::parser::ValueSource>, pub use_wkd_source: Option<clap::parser::ValueSource>,
#[clap(
long = "use-dane",
value_name = "ENABLE",
default_value = "true",
help = "Use DANE to search for certs",
long_help = config::augment_help(
"network.search.use-dane",
"Use DANE to search for certs"),
)]
pub use_dane: Option<bool>,
/// Workaround for https://github.com/clap-rs/clap/issues/3846
#[clap(skip)]
pub use_dane_source: Option<clap::parser::ValueSource>,
#[clap( #[clap(
help = FileOrCertStore::HELP_OPTIONAL, help = FileOrCertStore::HELP_OPTIONAL,
long, long,

View File

@ -46,11 +46,13 @@ fn network(sq: Sq, _: inspect::network::Command) -> Result<()> {
wwriteln!(stream=o, initial_indent = " - ", "see below for impact"); wwriteln!(stream=o, initial_indent = " - ", "see below for impact");
} }
let use_dane = sq.config.network_search_use_dane(
Some(true), Some(ValueSource::DefaultValue));
wwriteln!(stream=o, initial_indent = " - ", "{}", wwriteln!(stream=o, initial_indent = " - ", "{}",
may_use("DANE", sq.config.network_search_dane())); may_use("DANE", use_dane));
wwriteln!(stream=o, initial_indent = " - ", wwriteln!(stream=o, initial_indent = " - ",
"relevant setting: network.search.use-dane"); "relevant setting: network.search.use-dane");
if sq.config.network_search_dane() { if use_dane {
wwriteln!(stream=o, initial_indent = " - ", "see below for impact"); wwriteln!(stream=o, initial_indent = " - ", "see below for impact");
} }

View File

@ -85,6 +85,7 @@ pub fn dispatch(sq: Sq, c: cli::network::Command, matches: &ArgMatches)
Subcommands::Search(mut command) => { Subcommands::Search(mut command) => {
command.servers_source = matches.value_source("servers"); command.servers_source = matches.value_source("servers");
command.use_wkd_source = matches.value_source("use_wkd"); command.use_wkd_source = matches.value_source("use_wkd");
command.use_dane_source = matches.value_source("use_dane");
dispatch_search(sq, command) dispatch_search(sq, command)
}, },
@ -905,6 +906,8 @@ pub fn dispatch_search(mut sq: Sq, c: cli::network::search::Command)
let use_wkd = let use_wkd =
sq.config.network_search_use_wkd(c.use_wkd, c.use_wkd_source); sq.config.network_search_use_wkd(c.use_wkd, c.use_wkd_source);
let use_dane =
sq.config.network_search_use_dane(c.use_dane, c.use_dane_source);
let mut seen_emails = HashSet::new(); let mut seen_emails = HashSet::new();
let mut seen_fps = HashSet::new(); let mut seen_fps = HashSet::new();
@ -979,7 +982,7 @@ pub fn dispatch_search(mut sq: Sq, c: cli::network::search::Command)
} }
if let Some(address) = query.as_address() if let Some(address) = query.as_address()
.filter(|_| sq.config.network_search_dane()) .filter(|_| use_dane)
{ {
let a = address.to_string(); let a = address.to_string();
pb.inc_length(1); pb.inc_length(1);

View File

@ -83,7 +83,7 @@ pub struct Config {
network_search_use_wkd: Option<bool>, network_search_use_wkd: Option<bool>,
/// Whether network search should use DANE. /// Whether network search should use DANE.
network_search_dane: bool, network_search_use_dane: Option<bool>,
/// The location of the backend server executables. /// The location of the backend server executables.
servers_path: Option<PathBuf>, servers_path: Option<PathBuf>,
@ -107,7 +107,7 @@ impl Default for Config {
key_servers: None, key_servers: None,
network_search_iterations: 3, network_search_iterations: 3,
network_search_use_wkd: None, network_search_use_wkd: None,
network_search_dane: true, network_search_use_dane: None,
servers_path: None, servers_path: None,
} }
} }
@ -353,8 +353,23 @@ impl Config {
} }
/// Returns whether network search should use DANE. /// Returns whether network search should use DANE.
pub fn network_search_dane(&self) -> bool { ///
self.network_search_dane /// Handles the precedence of the various sources:
///
/// - If the flag is given, use the given value.
/// - If the command line flag is not given, then
/// - use the value from the configuration file (if any),
/// - or use the default value.
pub fn network_search_use_dane(&self, cli: Option<bool>,
source: Option<ValueSource>)
-> bool
{
let cli = cli.expect("has a default");
match source.expect("set by the cli parser") {
ValueSource::DefaultValue =>
self.network_search_use_dane.unwrap_or(cli),
_ => cli,
}
} }
/// Returns the path to the backend servers. /// Returns the path to the backend servers.
@ -1279,7 +1294,7 @@ fn apply_network_search_iterations(config: &mut Option<&mut Config>,
/// Validates the `network.search.use-dane` value. /// Validates the `network.search.use-dane` value.
fn apply_network_search_use_dane(config: &mut Option<&mut Config>, fn apply_network_search_use_dane(config: &mut Option<&mut Config>,
_cli: &mut Option<&mut Augmentations>, cli: &mut Option<&mut Augmentations>,
path: &str, item: &Item) path: &str, item: &Item)
-> Result<()> -> Result<()>
{ {
@ -1287,7 +1302,11 @@ fn apply_network_search_use_dane(config: &mut Option<&mut Config>,
.ok_or_else(|| Error::bad_item_type(path, item, "bool"))?; .ok_or_else(|| Error::bad_item_type(path, item, "bool"))?;
if let Some(config) = config { if let Some(config) = config {
config.network_search_dane = s; config.network_search_use_dane = Some(s);
}
if let Some(cli) = cli {
cli.insert("network.search.use-dane", s.to_string());
} }
Ok(()) Ok(())