sagittarius 0.2.0

A fast, self-hosted DNS sinkhole in a single Rust binary
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385

//! Repository for the `forward_zones` table — conditional-forward zones.
//!
//! Provides the [`ForwardZoneRepository`] trait and its
//! [`SqliteForwardZoneRepo`] implementation.  A forward zone maps a DNS name
//! suffix (e.g. `168.192.in-addr.arpa`) to a `target` resolver; a query whose
//! name falls under an enabled zone is forwarded to that target instead of the
//! default upstream pool (E13.4).  All DB interaction uses compile-time-checked
//! `sqlx` macros against the `forward_zones` table defined in its migration.

use std::future::Future;

use sqlx::SqlitePool;

use super::Error;

// ── Result alias ────────────────────────────────────────────────────────────

pub type Result<T> = std::result::Result<T, Error>;

// ── ForwardZone ──────────────────────────────────────────────────────────────

/// A conditional-forward zone row.
#[derive(Debug, Clone, PartialEq)]
pub struct ForwardZone {
    /// Row primary key.
    pub id: i64,
    /// Name suffix the zone matches, e.g. `168.192.in-addr.arpa` (normalized,
    /// no leading or trailing dot).
    pub zone_suffix: String,
    /// Target resolver as `IP` or `IP:port`; `None` until the admin sets one.
    pub target: Option<String>,
    /// Whether this zone participates in routing.
    pub enabled: bool,
    /// Ordering key; lower values sort first in the admin UI.
    pub sort_order: i64,
}

/// Data required to insert a new forward zone (no `id` — assigned by the DB).
#[derive(Debug, Clone)]
pub struct NewForwardZone {
    /// Name suffix the zone matches.
    pub zone_suffix: String,
    /// Target resolver as `IP` or `IP:port`; `None` to leave unset.
    pub target: Option<String>,
    /// Whether this zone is active.
    pub enabled: bool,
    /// Ordering key.
    pub sort_order: i64,
}

// ── Private row struct ────────────────────────────────────────────────────────

/// Private projection for `query_as!` — primitive SQLite types only.
///
/// The non-null INTEGER columns use sqlx's `AS "col!"` override so they decode
/// to `i64`/`bool` rather than the conservative `Option<_>` sqlx-SQLite would
/// otherwise infer (it cannot always prove NOT NULL through a `WHERE`).
struct ForwardZoneRow {
    id: i64,
    zone_suffix: String,
    target: Option<String>,
    enabled: bool,
    sort_order: i64,
}

impl From<ForwardZoneRow> for ForwardZone {
    fn from(row: ForwardZoneRow) -> Self {
        ForwardZone {
            id: row.id,
            zone_suffix: row.zone_suffix,
            target: row.target,
            enabled: row.enabled,
            sort_order: row.sort_order,
        }
    }
}

// ── ForwardZoneRepository trait ──────────────────────────────────────────────

/// Repository for reading and writing conditional-forward zone rows.
///
/// Methods are declared as `fn(…) -> impl Future<…>` rather than `async fn` for
/// the same reason as the other repositories (see [`super::upstreams`]): it
/// avoids the `async_fn_in_trait` lint without forcing a `Send` bound onto every
/// implementation, while concrete call sites still get `Send` where needed.
pub trait ForwardZoneRepository {
    /// List all zones ordered by `sort_order`.
    fn list(&self) -> impl Future<Output = Result<Vec<ForwardZone>>>;

    /// List the **actionable** zones for the resolver hot path (E13.4): those
    /// that are enabled *and* have a target set, ordered by `sort_order`.
    ///
    /// An enabled zone with a `NULL` target has nowhere to forward, so it is
    /// excluded here rather than forcing every caller to filter it out.
    fn list_enabled(&self) -> impl Future<Output = Result<Vec<ForwardZone>>>;

    /// Set the `target` resolver of the zone with the given `id` (or clear it
    /// with `None`).
    fn set_target(&self, id: i64, target: Option<&str>) -> impl Future<Output = Result<()>>;

    /// Set the `enabled` flag on the zone with the given `id`.
    fn set_enabled(&self, id: i64, enabled: bool) -> impl Future<Output = Result<()>>;

    /// Insert a new (custom) zone and return the inserted row including its
    /// assigned `id`.  Future-friendly: the seeded reverse zones cover the
    /// common case, but the admin may add split-horizon forward zones later.
    fn insert(&self, zone: NewForwardZone) -> impl Future<Output = Result<ForwardZone>>;

    /// Delete the zone with the given `id`.
    fn delete(&self, id: i64) -> impl Future<Output = Result<()>>;
}

// ── SqliteForwardZoneRepo ─────────────────────────────────────────────────────

/// SQLite-backed [`ForwardZoneRepository`].
pub struct SqliteForwardZoneRepo {
    pool: SqlitePool,
}

impl SqliteForwardZoneRepo {
    /// Construct a new repository from an open [`crate::storage::Db`] pool.
    pub fn new(pool: SqlitePool) -> Self {
        Self { pool }
    }
}

impl ForwardZoneRepository for SqliteForwardZoneRepo {
    async fn list(&self) -> Result<Vec<ForwardZone>> {
        let rows = sqlx::query_as!(
            ForwardZoneRow,
            r#"SELECT
                id          AS "id!",
                zone_suffix,
                target,
                enabled     AS "enabled!: bool",
                sort_order  AS "sort_order!"
            FROM forward_zones
            ORDER BY sort_order"#
        )
        .fetch_all(&self.pool)
        .await?;

        Ok(rows.into_iter().map(ForwardZone::from).collect())
    }

    async fn list_enabled(&self) -> Result<Vec<ForwardZone>> {
        let rows = sqlx::query_as!(
            ForwardZoneRow,
            r#"SELECT
                id          AS "id!",
                zone_suffix,
                target,
                enabled     AS "enabled!: bool",
                sort_order  AS "sort_order!"
            FROM forward_zones
            WHERE enabled = 1 AND target IS NOT NULL
            ORDER BY sort_order"#
        )
        .fetch_all(&self.pool)
        .await?;

        Ok(rows.into_iter().map(ForwardZone::from).collect())
    }

    async fn set_target(&self, id: i64, target: Option<&str>) -> Result<()> {
        sqlx::query!(
            "UPDATE forward_zones SET target = ? WHERE id = ?",
            target,
            id,
        )
        .execute(&self.pool)
        .await?;
        Ok(())
    }

    async fn set_enabled(&self, id: i64, enabled: bool) -> Result<()> {
        let enabled_int = enabled as i64;
        sqlx::query!(
            "UPDATE forward_zones SET enabled = ? WHERE id = ?",
            enabled_int,
            id,
        )
        .execute(&self.pool)
        .await?;
        Ok(())
    }

    async fn insert(&self, zone: NewForwardZone) -> Result<ForwardZone> {
        let enabled = zone.enabled as i64;

        let id = sqlx::query!(
            r#"INSERT INTO forward_zones (zone_suffix, target, enabled, sort_order)
            VALUES (?, ?, ?, ?)
            RETURNING id"#,
            zone.zone_suffix,
            zone.target,
            enabled,
            zone.sort_order,
        )
        .fetch_one(&self.pool)
        .await?
        .id;

        Ok(ForwardZone {
            id,
            zone_suffix: zone.zone_suffix,
            target: zone.target,
            enabled: zone.enabled,
            sort_order: zone.sort_order,
        })
    }

    async fn delete(&self, id: i64) -> Result<()> {
        sqlx::query!("DELETE FROM forward_zones WHERE id = ?", id)
            .execute(&self.pool)
            .await?;
        Ok(())
    }
}

// ── Tests ─────────────────────────────────────────────────────────────────────

#[cfg(test)]
mod tests {
    use super::*;
    use crate::storage::Db;
    use tempfile::TempDir;

    async fn open_repo() -> (TempDir, SqliteForwardZoneRepo) {
        let dir = TempDir::new().expect("temp dir");
        let path = dir.path().join("test.db");
        let db = Db::connect(&path).await.expect("connect");
        let repo = SqliteForwardZoneRepo::new(db.pool().clone());
        (dir, repo)
    }

    #[tokio::test]
    async fn seed_zones_present_disabled_and_untargeted() {
        let (_dir, repo) = open_repo().await;
        let zones = repo.list().await.expect("list");

        // 1 (/8) + 1 (/16) + 16 (/12) + 2 (ULA) = 20 seeded reverse zones.
        assert_eq!(zones.len(), 20, "all private reverse zones must be seeded");

        for z in &zones {
            assert!(!z.enabled, "{} must be seeded disabled", z.zone_suffix);
            assert!(
                z.target.is_none(),
                "{} must be seeded with a NULL target",
                z.zone_suffix
            );
        }

        // Spot-check representative suffixes are present.
        for suffix in [
            "10.in-addr.arpa",
            "168.192.in-addr.arpa",
            "16.172.in-addr.arpa",
            "31.172.in-addr.arpa",
            "c.f.ip6.arpa",
            "d.f.ip6.arpa",
        ] {
            assert!(
                zones.iter().any(|z| z.zone_suffix == suffix),
                "seed must contain {suffix}"
            );
        }
    }

    #[tokio::test]
    async fn list_is_ordered_by_sort_order() {
        let (_dir, repo) = open_repo().await;
        let zones = repo.list().await.expect("list");
        let mut prev = i64::MIN;
        for z in &zones {
            assert!(z.sort_order >= prev, "zones must be returned in sort order");
            prev = z.sort_order;
        }
    }

    #[tokio::test]
    async fn set_target_and_enabled_round_trip() {
        let (_dir, repo) = open_repo().await;
        let zones = repo.list().await.expect("list");
        let id = zones
            .iter()
            .find(|z| z.zone_suffix == "168.192.in-addr.arpa")
            .expect("seed zone")
            .id;

        repo.set_target(id, Some("192.168.1.1"))
            .await
            .expect("set target");
        repo.set_enabled(id, true).await.expect("enable");

        let after = repo.list().await.expect("list after");
        let zone = after.iter().find(|z| z.id == id).expect("zone present");
        assert_eq!(zone.target.as_deref(), Some("192.168.1.1"));
        assert!(zone.enabled);

        // Clearing the target with None must persist as NULL.
        repo.set_target(id, None).await.expect("clear target");
        let after = repo.list().await.expect("list after clear");
        let zone = after.iter().find(|z| z.id == id).expect("zone present");
        assert!(zone.target.is_none(), "target must be cleared to NULL");
    }

    #[tokio::test]
    async fn list_enabled_filters_disabled_and_untargeted() {
        let (_dir, repo) = open_repo().await;

        // Nothing is actionable initially (all seeds are disabled + NULL target).
        assert!(
            repo.list_enabled().await.expect("list_enabled").is_empty(),
            "no zone is actionable before configuration"
        );

        let zones = repo.list().await.expect("list");
        let id = zones[0].id;

        // Enabled but still no target → still excluded.
        repo.set_enabled(id, true).await.expect("enable");
        assert!(
            repo.list_enabled().await.expect("list_enabled").is_empty(),
            "enabled-but-untargeted zone must be excluded"
        );

        // Enabled + target → now actionable.
        repo.set_target(id, Some("10.0.0.1"))
            .await
            .expect("set target");
        let enabled = repo.list_enabled().await.expect("list_enabled");
        assert_eq!(enabled.len(), 1);
        assert_eq!(enabled[0].id, id);
        assert_eq!(enabled[0].target.as_deref(), Some("10.0.0.1"));

        // Disabling again removes it from the actionable set.
        repo.set_enabled(id, false).await.expect("disable");
        assert!(
            repo.list_enabled().await.expect("list_enabled").is_empty(),
            "disabled zone must be excluded even with a target"
        );
    }

    #[tokio::test]
    async fn insert_and_delete_custom_zone() {
        let (_dir, repo) = open_repo().await;

        let new = NewForwardZone {
            zone_suffix: "corp.internal".to_owned(),
            target: Some("10.0.0.53".to_owned()),
            enabled: true,
            sort_order: 100,
        };
        let inserted = repo.insert(new).await.expect("insert");
        assert!(inserted.id > 0);
        assert_eq!(inserted.zone_suffix, "corp.internal");

        // It should appear in list_enabled (enabled + target).
        let enabled = repo.list_enabled().await.expect("list_enabled");
        assert!(enabled.iter().any(|z| z.id == inserted.id));

        repo.delete(inserted.id).await.expect("delete");
        let after = repo.list().await.expect("list after delete");
        assert!(
            !after.iter().any(|z| z.id == inserted.id),
            "deleted zone must be gone"
        );
    }

    #[tokio::test]
    async fn duplicate_zone_suffix_is_rejected() {
        let (_dir, repo) = open_repo().await;
        let new = NewForwardZone {
            zone_suffix: "10.in-addr.arpa".to_owned(), // already seeded
            target: None,
            enabled: false,
            sort_order: 0,
        };
        assert!(
            repo.insert(new).await.is_err(),
            "duplicate zone_suffix must fail the UNIQUE constraint"
        );
    }
}