Add argument sq network search --use-dane.

- See #478.
2024-12-13 15:58:50 +01:00 · 2024-12-13 15:58:50 +01:00 · c9d7eb8878
commit c9d7eb8878
parent 964f9dd51f
4 changed files with 48 additions and 9 deletions
--- a/src/cli/network/search.rs
+++ b/src/cli/network/search.rs
@ -77,6 +77,21 @@ pub struct Command {
    #[clap(skip)]
    pub use_wkd_source: Option<clap::parser::ValueSource>,

+    #[clap(
+        long = "use-dane",
+        value_name = "ENABLE",
+        default_value = "true",
+        help = "Use DANE to search for certs",
+        long_help = config::augment_help(
+            "network.search.use-dane",
+            "Use DANE to search for certs"),
+    )]
+    pub use_dane: Option<bool>,
+
+    /// Workaround for https://github.com/clap-rs/clap/issues/3846
+    #[clap(skip)]
+    pub use_dane_source: Option<clap::parser::ValueSource>,
+
    #[clap(
        help = FileOrCertStore::HELP_OPTIONAL,
        long,
--- a/src/commands/config/inspect.rs
+++ b/src/commands/config/inspect.rs
@ -46,11 +46,13 @@ fn network(sq: Sq, _: inspect::network::Command) -> Result<()> {
        wwriteln!(stream=o, initial_indent = "     - ", "see below for impact");
    }

+    let use_dane = sq.config.network_search_use_dane(
+        Some(true), Some(ValueSource::DefaultValue));
    wwriteln!(stream=o, initial_indent = "   - ", "{}",
-              may_use("DANE", sq.config.network_search_dane()));
+              may_use("DANE", use_dane));
    wwriteln!(stream=o, initial_indent = "     - ",
              "relevant setting: network.search.use-dane");
-    if sq.config.network_search_dane() {
+    if use_dane {
        wwriteln!(stream=o, initial_indent = "     - ", "see below for impact");
    }

--- a/src/commands/network.rs
+++ b/src/commands/network.rs
@ -85,6 +85,7 @@ pub fn dispatch(sq: Sq, c: cli::network::Command, matches: &ArgMatches)
        Subcommands::Search(mut command) => {
            command.servers_source = matches.value_source("servers");
            command.use_wkd_source = matches.value_source("use_wkd");
+            command.use_dane_source = matches.value_source("use_dane");
            dispatch_search(sq, command)
        },

@ -905,6 +906,8 @@ pub fn dispatch_search(mut sq: Sq, c: cli::network::search::Command)

    let use_wkd =
        sq.config.network_search_use_wkd(c.use_wkd, c.use_wkd_source);
+    let use_dane =
+        sq.config.network_search_use_dane(c.use_dane, c.use_dane_source);

    let mut seen_emails = HashSet::new();
    let mut seen_fps = HashSet::new();
@ -979,7 +982,7 @@ pub fn dispatch_search(mut sq: Sq, c: cli::network::search::Command)
            }

            if let Some(address) = query.as_address()
-                .filter(|_| sq.config.network_search_dane())
+                .filter(|_| use_dane)
            {
                let a = address.to_string();
                pb.inc_length(1);
--- a/src/config.rs
+++ b/src/config.rs
@ -83,7 +83,7 @@ pub struct Config {
    network_search_use_wkd: Option<bool>,

    /// Whether network search should use DANE.
-    network_search_dane: bool,
+    network_search_use_dane: Option<bool>,

    /// The location of the backend server executables.
    servers_path: Option<PathBuf>,
@ -107,7 +107,7 @@ impl Default for Config {
            key_servers: None,
            network_search_iterations: 3,
            network_search_use_wkd: None,
-            network_search_dane: true,
+            network_search_use_dane: None,
            servers_path: None,
        }
    }
@ -353,8 +353,23 @@ impl Config {
    }

    /// Returns whether network search should use DANE.
-    pub fn network_search_dane(&self) -> bool {
-        self.network_search_dane
+    ///
+    /// Handles the precedence of the various sources:
+    ///
+    /// - If the flag is given, use the given value.
+    /// - If the command line flag is not given, then
+    ///   - use the value from the configuration file (if any),
+    ///   - or use the default value.
+    pub fn network_search_use_dane(&self, cli: Option<bool>,
+                                  source: Option<ValueSource>)
+                                  -> bool
+    {
+        let cli = cli.expect("has a default");
+        match source.expect("set by the cli parser") {
+            ValueSource::DefaultValue =>
+                self.network_search_use_dane.unwrap_or(cli),
+            _ => cli,
+        }
    }

    /// Returns the path to the backend servers.
@ -1279,7 +1294,7 @@ fn apply_network_search_iterations(config: &mut Option<&mut Config>,

 /// Validates the `network.search.use-dane` value.
 fn apply_network_search_use_dane(config: &mut Option<&mut Config>,
-                                 _cli: &mut Option<&mut Augmentations>,
+                                 cli: &mut Option<&mut Augmentations>,
                                 path: &str, item: &Item)
                                 -> Result<()>
 {
@ -1287,7 +1302,11 @@ fn apply_network_search_use_dane(config: &mut Option<&mut Config>,
        .ok_or_else(|| Error::bad_item_type(path, item, "bool"))?;

    if let Some(config) = config {
-        config.network_search_dane = s;
+        config.network_search_use_dane = Some(s);
+    }
+
+    if let Some(cli) = cli {
+        cli.insert("network.search.use-dane", s.to_string());
    }

    Ok(())