Make DoC resource path configurable

miri64 · miri64 · commit afc76a5cc117 · 2025-11-01T18:09:10.000-04:00
diff --git a/daemon/worker.c b/daemon/worker.c
@@ -2255,6 +2255,7 @@ worker_init(struct worker* worker, struct config_file *cfg,
 			: cfg->tcp_idle_timeout,
 		cfg->harden_large_queries, cfg->http_max_streams,
 		cfg->http_endpoint, cfg->http_notls_downstream,
+		cfg->coap_endpoint,
 		worker->daemon->tcl, worker->daemon->listen_dot_sslctx,
 		worker->daemon->listen_doh_sslctx,
 		worker->daemon->listen_quic_sslctx,
diff --git a/services/listen_dnsport.c b/services/listen_dnsport.c
@@ -1530,10 +1530,14 @@ doc_handle_fetch(coap_resource_t *resource, coap_session_t *session,
 }
 
 static void
-doc_init_resources(coap_context_t* ctx, struct comm_point* cp) {
+doc_init_resources(coap_context_t* ctx, const char* resource_path, struct comm_point* cp) {
 	coap_resource_t* r;
 
-	log_info("Registering coap resource /");
+	log_info("Registering coap resource `%s`\n", resource_path);
+	if (resource_path[0] == '/')
+	{
+		resource_path += 1;
+	}
 	r = coap_resource_init(coap_make_str_const(""),
 			COAP_RESOURCE_FLAGS_NOTIFY_CON);
 
@@ -2000,7 +2004,9 @@ struct listen_dnsport*
 listen_create(struct comm_base* base, struct listen_port* ports,
 	size_t bufsize, int tcp_accept_count, int tcp_idle_timeout,
 	int harden_large_queries, uint32_t http_max_streams,
-	char* http_endpoint, int http_notls, struct tcl_list* tcp_conn_limit,
+	char* http_endpoint, int http_notls,
+	char* coap_endpoint,
+	struct tcl_list* tcp_conn_limit,
 	void* dot_sslctx, void* doh_sslctx, void* quic_sslctx,
 	struct dt_env* dtenv,
 	struct doq_table* doq_table,
@@ -2036,7 +2042,7 @@ listen_create(struct comm_base* base, struct listen_port* ports,
 				front->udp_buff, ports->pp2_enabled, cb,
 				cb_arg, ports->socket);
 			cp->coap_context = ports->coap_context;
-			doc_init_resources(cp->coap_context, cp);
+			doc_init_resources(cp->coap_context, coap_endpoint, cp);
 #endif	/* HAVE_COAP */
 		} else if(ports->ftype == listen_type_doq) {
 #ifndef HAVE_NGTCP2
diff --git a/services/listen_dnsport.h b/services/listen_dnsport.h
@@ -213,6 +213,7 @@ int resolve_interface_names(char** ifs, int num_ifs,
  * @param http_max_streams: maximum number of HTTP/2 streams per connection.
  * @param http_endpoint: HTTP endpoint to service queries on
  * @param http_notls: no TLS for http downstream
+ * @param coap_endpoint: CoAP resource path to service queries on
  * @param tcp_conn_limit: TCP connection limit info.
  * @param dot_sslctx: nonNULL if dot ssl context.
  * @param doh_sslctx: nonNULL if doh ssl context.
@@ -230,7 +231,9 @@ struct listen_dnsport*
 listen_create(struct comm_base* base, struct listen_port* ports,
 	size_t bufsize, int tcp_accept_count, int tcp_idle_timeout,
 	int harden_large_queries, uint32_t http_max_streams,
-	char* http_endpoint, int http_notls, struct tcl_list* tcp_conn_limit,
+	char* http_endpoint, int http_notls,
+	char* coap_endpoint,
+	struct tcl_list* tcp_conn_limit,
 	void* dot_sslctx, void* doh_sslctx, void* quic_sslctx,
 	struct dt_env* dtenv,
 	struct doq_table* doq_table,
diff --git a/testcode/fake_event.c b/testcode/fake_event.c
@@ -953,6 +953,7 @@ listen_create(struct comm_base* base, struct listen_port* ATTR_UNUSED(ports),
 	uint32_t ATTR_UNUSED(http_max_streams),
 	char* ATTR_UNUSED(http_endpoint),
 	int ATTR_UNUSED(http_notls),
+	char* ATTR_UNUSED(coap_endpoint),
 	struct tcl_list* ATTR_UNUSED(tcp_conn_limit),
 	void* ATTR_UNUSED(dot_sslctx), void* ATTR_UNUSED(doh_sslctx),
 	void* ATTR_UNUSED(quic_ssl),
diff --git a/util/config_file.c b/util/config_file.c
@@ -140,6 +140,7 @@ config_create(void)
 	cfg->quic_size = 8*1024*1024;
 	cfg->coap_port = UNBOUND_DNS_OVER_COAP_PORT;
 	cfg->coaps_port = UNBOUND_DNS_OVER_COAPS_PORT;
+	if(!(cfg->coap_endpoint = strdup("/"))) goto error_exit;
 	cfg->coaps_psk = NULL;
 	cfg->coaps_psk_id = NULL;
 	cfg->coap_oscore_conf = NULL;
@@ -1760,6 +1761,7 @@ config_delete(struct config_file* cfg)
 	free(cfg->tls_ciphers);
 	free(cfg->tls_ciphersuites);
 	free(cfg->http_endpoint);
+	free(cfg->coap_endpoint);
 	if(cfg->log_identity) {
 		log_ident_revert_to_default();
 		free(cfg->log_identity);
diff --git a/util/config_file.h b/util/config_file.h
@@ -175,6 +175,8 @@ struct config_file {
 	int coap_port;
 	/** port on which to provide DNS over CoAP over DTLS over UDP service */
 	int coaps_port;
+	/** endpoint for CoAP service */
+	char* coap_endpoint;
 	/** CoAPS pre-shared key */
 	char *coaps_psk;
 	/** Identity sent for CoAPS pre-shared key */
diff --git a/util/configlexer.lex b/util/configlexer.lex
@@ -274,6 +274,7 @@ quic-port{COLON}		{ YDVAR(1, VAR_QUIC_PORT) }
 quic-size{COLON}		{ YDVAR(1, VAR_QUIC_SIZE) }
 coap-port{COLON}		{ YDVAR(1, VAR_COAP_PORT) }
 coaps-port{COLON}		{ YDVAR(1, VAR_COAPS_PORT) }
+coap-endpoit{COLON}		{ YDVAR(1, VAR_COAP_ENDPOINT) }
 coaps-psk{COLON}		{ YDVAR(1, VAR_COAPS_PSK) }
 coaps-psk-id{COLON}		{ YDVAR(1, VAR_COAPS_PSK_ID) }
 coap-oscore-conf{COLON}		{ YDVAR(1, VAR_COAP_OSCORE_CONF) }
diff --git a/util/configparser.y b/util/configparser.y
@@ -211,7 +211,8 @@ extern struct config_parser_state* cfg_parser;
 %token VAR_INTERFACE_ACTION VAR_INTERFACE_VIEW VAR_INTERFACE_TAG
 %token VAR_INTERFACE_TAG_ACTION VAR_INTERFACE_TAG_DATA
 %token VAR_QUIC_PORT VAR_QUIC_SIZE
-%token VAR_COAP_PORT VAR_COAPS_PORT VAR_COAPS_PSK VAR_COAPS_PSK_ID
+%token VAR_COAP_PORT VAR_COAPS_PORT VAR_COAP_ENDPOINT
+%token VAR_COAPS_PSK VAR_COAPS_PSK_ID
 %token VAR_COAP_OSCORE_CONF VAR_COAP_OSCORE_SEQ_FILE
 %token VAR_PROXY_PROTOCOL_PORT VAR_STATISTICS_INHIBIT_ZERO
 %token VAR_HARDEN_UNKNOWN_ADDITIONAL VAR_DISABLE_EDNS_DO VAR_CACHEDB_NO_STORE
@@ -355,7 +356,8 @@ content_server: server_num_threads | server_verbosity | server_port |
 	server_zonemd_permissive_mode | server_max_reuse_tcp_queries |
 	server_tcp_reuse_timeout | server_tcp_auth_query_timeout |
 	server_quic_port | server_quic_size |
-	server_coap_port | server_coaps_port | server_coaps_psk | server_coaps_psk_id |
+	server_coap_port | server_coaps_port | server_coap_endpoint |
+	server_coaps_psk | server_coaps_psk_id |
 	server_coap_oscore_conf | server_coap_oscore_seq_file |
 	server_interface_automatic_ports | server_ede |
 	server_dns_error_reporting |
@@ -1282,6 +1284,17 @@ server_coaps_port: VAR_COAPS_PORT STRING_ARG
 		else cfg_parser->cfg->coaps_port = atoi($2);
 		free($2);
 	};
+server_coap_endpoint: VAR_COAP_ENDPOINT STRING_ARG
+	{
+		OUTYY(("P(server_coap_endpoint:%s)\n", $2));
+#ifndef HAVE_COAP
+		log_warn("%s:%d: Unbound is not compiled with "
+			"libcoap. This is required to use DNS "
+			"over CoAP.", cfg_parser->filename, cfg_parser->line);
+#endif
+		free(cfg_parser->cfg->coap_endpoint);
+		cfg_parser->cfg->coap_endpoint = $2;
+	};
 server_coaps_psk: VAR_COAPS_PSK STRING_ARG
 	{
 		OUTYY(("P(server_coaps_psk:%s)\n", $2));
