diff --git a/client.go b/client.go index 76767522..1a67d003 100644 --- a/client.go +++ b/client.go @@ -290,7 +290,7 @@ func Dial(network, address string) (conn *Conn, err error) { return conn, nil } -// Dialtimeout acts like Dial but takes a timeout. +// DialTimeout acts like Dial but takes a timeout. func DialTimeout(network, address string, timeout time.Duration) (conn *Conn, err error) { conn = new(Conn) conn.Conn, err = net.DialTimeout(network, address, timeout) diff --git a/client_test.go b/client_test.go index 1f4fd0f3..7c957846 100644 --- a/client_test.go +++ b/client_test.go @@ -127,14 +127,14 @@ func ExampleUpdateLeaseTSIG(t *testing.T) { rrs[0] = rr m.Insert(rrs) - lease_rr := new(OPT) - lease_rr.Hdr.Name = "." - lease_rr.Hdr.Rrtype = TypeOPT + leaseRr := new(OPT) + leaseRr.Hdr.Name = "." + leaseRr.Hdr.Rrtype = TypeOPT e := new(EDNS0_UL) e.Code = EDNS0UL e.Lease = 120 - lease_rr.Option = append(lease_rr.Option, e) - m.Extra = append(m.Extra, lease_rr) + leaseRr.Option = append(leaseRr.Option, e) + m.Extra = append(m.Extra, leaseRr) c := new(Client) m.SetTsig("polvi.", HmacMD5, 300, time.Now().Unix()) diff --git a/clientconfig.go b/clientconfig.go index 0681e491..cfa9ad0b 100644 --- a/clientconfig.go +++ b/clientconfig.go @@ -7,7 +7,7 @@ import ( "strings" ) -// Wraps the contents of the /etc/resolv.conf. +// ClientConfig wraps the contents of the /etc/resolv.conf file. type ClientConfig struct { Servers []string // servers to use Search []string // suffixes to append to local name diff --git a/defaults.go b/defaults.go index d77cb01d..2d97f290 100644 --- a/defaults.go +++ b/defaults.go @@ -184,7 +184,7 @@ func IsFqdn(s string) bool { return s[l-1] == '.' } -// Fqdns return the fully qualified domain name from s. +// Fqdn return the fully qualified domain name from s. // If s is already fully qualified, it behaves as the identity function. func Fqdn(s string) string { if IsFqdn(s) { diff --git a/dns.go b/dns.go index 1ad78b4e..8114ab8d 100644 --- a/dns.go +++ b/dns.go @@ -96,11 +96,14 @@ package dns import "strconv" const ( - year68 = 1 << 31 // For RFC1982 (Serial Arithmetic) calculations in 32 bits. - DefaultMsgSize = 4096 // Standard default for larger than 512 bytes. - MinMsgSize = 512 // Minimal size of a DNS packet. - MaxMsgSize = 65536 // Largest possible DNS packet. - defaultTtl = 3600 // Default TTL. + year68 = 1 << 31 // For RFC1982 (Serial Arithmetic) calculations in 32 bits. + // DefaultMsgSize is the standard default for messages larger than 512 bytes. + DefaultMsgSize = 4096 + // MinMsgSize is the minimal size of a DNS packet. + MinMsgSize = 512 + // MaxMsgSize is the largest possible DNS packet. + MaxMsgSize = 65536 + defaultTtl = 3600 // Default internal TTL. ) // Error represents a DNS error diff --git a/dns_test.go b/dns_test.go index 63797fb0..2131460e 100644 --- a/dns_test.go +++ b/dns_test.go @@ -400,10 +400,10 @@ func BenchmarkMsgUnpack(b *testing.B) { name1 := "12345678901234567890123456789012345.12345678.123." rrMx, _ := NewRR(name1 + " 3600 IN MX 10 " + name1) msg := makeMsg(name1, []RR{rrMx, rrMx}, nil, nil) - msg_buf, _ := msg.Pack() + msgBuf, _ := msg.Pack() b.ResetTimer() for i := 0; i < b.N; i++ { - _ = msg.Unpack(msg_buf) + _ = msg.Unpack(msgBuf) } } diff --git a/dnssec.go b/dnssec.go index 4af0faeb..2f77ec4f 100644 --- a/dnssec.go +++ b/dnssec.go @@ -422,8 +422,8 @@ func (rr *RRSIG) ValidityPeriod(t time.Time) bool { } // Return the signatures base64 encodedig sigdata as a byte slice. -func (s *RRSIG) sigBuf() []byte { - sigbuf, err := fromBase64([]byte(s.Signature)) +func (rr *RRSIG) sigBuf() []byte { + sigbuf, err := fromBase64([]byte(rr.Signature)) if err != nil { return nil } diff --git a/dnssec_keygen.go b/dnssec_keygen.go index f49018c5..739beebe 100644 --- a/dnssec_keygen.go +++ b/dnssec_keygen.go @@ -15,8 +15,8 @@ import ( // what kind of DNSKEY will be generated. // The ECDSA algorithms imply a fixed keysize, in that case // bits should be set to the size of the algorithm. -func (r *DNSKEY) Generate(bits int) (PrivateKey, error) { - switch r.Algorithm { +func (k *DNSKEY) Generate(bits int) (PrivateKey, error) { + switch k.Algorithm { case DSA, DSANSEC3SHA1: if bits != 1024 { return nil, ErrKeySize @@ -39,7 +39,7 @@ func (r *DNSKEY) Generate(bits int) (PrivateKey, error) { } } - switch r.Algorithm { + switch k.Algorithm { case DSA, DSANSEC3SHA1: params := new(dsa.Parameters) if err := dsa.GenerateParameters(params, rand.Reader, dsa.L1024N160); err != nil { @@ -51,18 +51,18 @@ func (r *DNSKEY) Generate(bits int) (PrivateKey, error) { if err != nil { return nil, err } - r.setPublicKeyDSA(params.Q, params.P, params.G, priv.PublicKey.Y) + k.setPublicKeyDSA(params.Q, params.P, params.G, priv.PublicKey.Y) return (*DSAPrivateKey)(priv), nil case RSAMD5, RSASHA1, RSASHA256, RSASHA512, RSASHA1NSEC3SHA1: priv, err := rsa.GenerateKey(rand.Reader, bits) if err != nil { return nil, err } - r.setPublicKeyRSA(priv.PublicKey.E, priv.PublicKey.N) + k.setPublicKeyRSA(priv.PublicKey.E, priv.PublicKey.N) return (*RSAPrivateKey)(priv), nil case ECDSAP256SHA256, ECDSAP384SHA384: var c elliptic.Curve - switch r.Algorithm { + switch k.Algorithm { case ECDSAP256SHA256: c = elliptic.P256() case ECDSAP384SHA384: @@ -72,7 +72,7 @@ func (r *DNSKEY) Generate(bits int) (PrivateKey, error) { if err != nil { return nil, err } - r.setPublicKeyECDSA(priv.PublicKey.X, priv.PublicKey.Y) + k.setPublicKeyECDSA(priv.PublicKey.X, priv.PublicKey.Y) return (*ECDSAPrivateKey)(priv), nil default: return nil, ErrAlg diff --git a/dnssec_keyscan.go b/dnssec_keyscan.go index ce52b877..9406b47c 100644 --- a/dnssec_keyscan.go +++ b/dnssec_keyscan.go @@ -9,6 +9,8 @@ import ( "strings" ) +// NewPrivateKey returns a PrivateKey by parsing the string s. +// s should be in the same form of the BIND private key files. func (k *DNSKEY) NewPrivateKey(s string) (PrivateKey, error) { if s[len(s)-1] != '\n' { // We need a closing newline return k.ReadPrivateKey(strings.NewReader(s+"\n"), "") diff --git a/dnssec_privkey.go b/dnssec_privkey.go index 955798a7..0b8f282b 100644 --- a/dnssec_privkey.go +++ b/dnssec_privkey.go @@ -10,8 +10,9 @@ import ( "strconv" ) -const _FORMAT = "Private-key-format: v1.3\n" +const format = "Private-key-format: v1.3\n" +// PrivateKey ... TODO(miek) type PrivateKey interface { Sign([]byte, uint8) ([]byte, error) String(uint8) string @@ -53,17 +54,17 @@ func (p *RSAPrivateKey) String(alg uint8) string { // Calculate Exponent1/2 and Coefficient as per: http://en.wikipedia.org/wiki/RSA#Using_the_Chinese_remainder_algorithm // and from: http://code.google.com/p/go/issues/detail?id=987 one := big.NewInt(1) - p_1 := big.NewInt(0).Sub(p.Primes[0], one) - q_1 := big.NewInt(0).Sub(p.Primes[1], one) - exp1 := big.NewInt(0).Mod(p.D, p_1) - exp2 := big.NewInt(0).Mod(p.D, q_1) + p1 := big.NewInt(0).Sub(p.Primes[0], one) + q1 := big.NewInt(0).Sub(p.Primes[1], one) + exp1 := big.NewInt(0).Mod(p.D, p1) + exp2 := big.NewInt(0).Mod(p.D, q1) coeff := big.NewInt(0).ModInverse(p.Primes[1], p.Primes[0]) exponent1 := toBase64(exp1.Bytes()) exponent2 := toBase64(exp2.Bytes()) coefficient := toBase64(coeff.Bytes()) - return _FORMAT + + return format + "Algorithm: " + algorithm + "\n" + "Modulus: " + modulus + "\n" + "PublicExponent: " + publicExponent + "\n" + @@ -106,7 +107,7 @@ func (p *ECDSAPrivateKey) String(alg uint8) string { intlen = 48 } private := toBase64(intToBytes(p.D, intlen)) - return _FORMAT + + return format + "Algorithm: " + algorithm + "\n" + "PrivateKey: " + private + "\n" } @@ -133,7 +134,7 @@ func (p *DSAPrivateKey) String(alg uint8) string { base := toBase64(intToBytes(p.PublicKey.Parameters.G, 64+T*8)) priv := toBase64(intToBytes(p.X, 20)) pub := toBase64(intToBytes(p.PublicKey.Y, 64+T*8)) - return _FORMAT + + return format + "Algorithm: " + algorithm + "\n" + "Prime(p): " + prime + "\n" + "Subprime(q): " + subprime + "\n" + diff --git a/edns.go b/edns.go index 8b676e61..3f8fe880 100644 --- a/edns.go +++ b/edns.go @@ -47,6 +47,8 @@ const ( _DO = 1 << 15 // dnssec ok ) +// OPT is the EDNS0 RR appended to messages to convey extra (meta) information. +// See RFC 6891. type OPT struct { Hdr RR_Header Option []EDNS0 `dns:"opt"` diff --git a/msg.go b/msg.go index aded9653..22cabbdd 100644 --- a/msg.go +++ b/msg.go @@ -56,8 +56,7 @@ var ( // dns.Id = func() uint16 { return 3 } var Id func() uint16 = id -// A manually-unpacked version of (id, bits). -// This is in its own struct for easy printing. +// MsgHdr is a a manually-unpacked version of (id, bits). type MsgHdr struct { Id uint16 Response bool @@ -72,7 +71,7 @@ type MsgHdr struct { Rcode int } -// The layout of a DNS message. +// Msg contains the layout of a DNS message. type Msg struct { MsgHdr Compress bool `json:"-"` // If true, the message will be compressed when converted to wire format. This not part of the official DNS packet format. @@ -82,7 +81,7 @@ type Msg struct { Extra []RR // Holds the RR(s) of the additional section. } -// Map of strings for each RR wire type. +// TypeToString is a map of strings for each RR wire type. var TypeToString = map[uint16]string{ TypeA: "A", TypeAAAA: "AAAA", @@ -161,8 +160,10 @@ var TypeToString = map[uint16]string{ TypeX25: "X25", } -// Reverse, needed for string parsing. +// StringToType is the reverse of TypeToString, needed for string parsing. var StringToType = reverseInt16(TypeToString) + +// StringToClass is the reverse of ClassToString, needed for string parsing. var StringToClass = reverseInt16(ClassToString) // Map of opcodes strings. @@ -171,7 +172,7 @@ var StringToOpcode = reverseInt(OpcodeToString) // Map of rcodes strings. var StringToRcode = reverseInt(RcodeToString) -// Map of strings for each CLASS wire type. +// ClassToString is a maps Classes to strings for each CLASS wire type. var ClassToString = map[uint16]string{ ClassINET: "IN", ClassCSNET: "CS", @@ -181,7 +182,7 @@ var ClassToString = map[uint16]string{ ClassANY: "ANY", } -// Map of strings for opcodes. +// OpcodeToString maps Opcodes to strings. var OpcodeToString = map[int]string{ OpcodeQuery: "QUERY", OpcodeIQuery: "IQUERY", @@ -190,7 +191,7 @@ var OpcodeToString = map[int]string{ OpcodeUpdate: "UPDATE", } -// Map of strings for rcodes. +// RcodeToString maps Rcodes to strings. var RcodeToString = map[int]string{ RcodeSuccess: "NOERROR", RcodeFormatError: "FORMERR", @@ -264,7 +265,7 @@ func packDomainName(s string, msg []byte, off int, compression map[string]int, c // Emit sequence of counted strings, chopping at dots. begin := 0 bs := []byte(s) - ro_bs, bs_fresh, escaped_dot := s, true, false + roBs, bsFresh, escapedDot := s, true, false for i := 0; i < ls; i++ { if bs[i] == '\\' { for j := i; j < ls-1; j++ { @@ -288,13 +289,13 @@ func packDomainName(s string, msg []byte, off int, compression map[string]int, c } else if bs[i] == 'n' { bs[i] = '\n' } - escaped_dot = bs[i] == '.' - bs_fresh = false + escapedDot = bs[i] == '.' + bsFresh = false continue } if bs[i] == '.' { - if i > 0 && bs[i-1] == '.' && !escaped_dot { + if i > 0 && bs[i-1] == '.' && !escapedDot { // two dots back to back is not legal return lenmsg, labels, ErrRdata } @@ -320,16 +321,16 @@ func packDomainName(s string, msg []byte, off int, compression map[string]int, c } off++ } - if compress && !bs_fresh { - ro_bs = string(bs) - bs_fresh = true + if compress && !bsFresh { + roBs = string(bs) + bsFresh = true } // Dont try to compress '.' - if compress && ro_bs[begin:] != "." { - if p, ok := compression[ro_bs[begin:]]; !ok { + if compress && roBs[begin:] != "." { + if p, ok := compression[roBs[begin:]]; !ok { // Only offsets smaller than this can be used. if offset < maxCompressionOffset { - compression[ro_bs[begin:]] = offset + compression[roBs[begin:]] = offset } } else { // The first hit is the longest matching dname @@ -348,7 +349,7 @@ func packDomainName(s string, msg []byte, off int, compression map[string]int, c labels++ begin = i + 1 } - escaped_dot = false + escapedDot = false } // Root label is special if len(bs) == 1 && bs[0] == '.' { @@ -945,7 +946,7 @@ func unpackStructValue(val reflect.Value, msg []byte, off int) (off1 int, err er return lenmsg, &Error{"bad tag unpacking slice: " + val.Type().Field(i).Tag.Get("dns")} case `dns:"domain-name"`: // HIP record slice of name (or none) - servers := make([]string, 0) + var servers []string var s string for off < lenrd { s, off, err = UnpackDomainName(msg, off) @@ -971,7 +972,7 @@ func unpackStructValue(val reflect.Value, msg []byte, off int) (off1 int, err er // We can safely return here. break } - edns := make([]EDNS0, 0) + var edns []EDNS0 Option: code := uint16(0) if off+2 > lenmsg { @@ -1077,7 +1078,7 @@ func unpackStructValue(val reflect.Value, msg []byte, off int) (off1 int, err er off += net.IPv6len case `dns:"wks"`: // Rest of the record is the bitmap - serv := make([]uint16, 0) + var serv []uint16 j := 0 for off < lenrd { if off+1 > lenmsg { @@ -1121,7 +1122,7 @@ func unpackStructValue(val reflect.Value, msg []byte, off int) (off1 int, err er if off+2 > lenrd || off+2 > lenmsg { return lenmsg, &Error{err: "overflow unpacking nsecx"} } - nsec := make([]uint16, 0) + var nsec []uint16 length := 0 window := 0 for off+2 < lenrd { diff --git a/nsecx.go b/nsecx.go index ac48da0f..d2392c6e 100644 --- a/nsecx.go +++ b/nsecx.go @@ -50,6 +50,8 @@ func HashName(label string, ha uint8, iter uint16, salt string) string { return toBase32(nsec3) } +// Denialer is an interface that should be implemented by types that are used to denial +// answers in DNSSEC. type Denialer interface { // Cover will check if the (unhashed) name is being covered by this NSEC or NSEC3. Cover(name string) bool diff --git a/parse_test.go b/parse_test.go index 0bc47369..69dd89e4 100644 --- a/parse_test.go +++ b/parse_test.go @@ -1169,7 +1169,7 @@ func TestParseRRSIGTimestamp(t *testing.T) { `miek.nl. IN RRSIG SOA 8 2 43200 20140210031301 20140111031301 12051 miek.nl. MVZUyrYwq0iZhMFDDnVXD2BvuNiUJjSYlJAgzyAE6CF875BMvvZa+Sb0 RlSCL7WODQSQHhCx/fegHhVVF+Iz8N8kOLrmXD1+jO3Bm6Prl5UhcsPx WTBsg/kmxbp8sR1kvH4oZJtVfakG3iDerrxNaf0sQwhZzyfJQAqpC7pcBoc=`: true, `miek.nl. IN RRSIG SOA 8 2 43200 315565800 4102477800 12051 miek.nl. MVZUyrYwq0iZhMFDDnVXD2BvuNiUJjSYlJAgzyAE6CF875BMvvZa+Sb0 RlSCL7WODQSQHhCx/fegHhVVF+Iz8N8kOLrmXD1+jO3Bm6Prl5UhcsPx WTBsg/kmxbp8sR1kvH4oZJtVfakG3iDerrxNaf0sQwhZzyfJQAqpC7pcBoc=`: true, } - for r, _ := range tests { + for r := range tests { _, e := NewRR(r) if e != nil { t.Fail() diff --git a/server.go b/server.go index 8c3b015b..bd40b429 100644 --- a/server.go +++ b/server.go @@ -10,6 +10,7 @@ import ( "time" ) +// Handler is implemented by any value that implements ServeDNS. type Handler interface { ServeDNS(w ResponseWriter, r *Msg) } @@ -72,12 +73,12 @@ var DefaultServeMux = NewServeMux() // Handler object that calls f. type HandlerFunc func(ResponseWriter, *Msg) -// ServerDNS calls f(w, r) +// ServeDNS calls f(w, r). func (f HandlerFunc) ServeDNS(w ResponseWriter, r *Msg) { f(w, r) } -// FailedHandler returns a HandlerFunc that returns SERVFAIL for every request it gets. +// HandleFailed returns a HandlerFunc that returns SERVFAIL for every request it gets. func HandleFailed(w ResponseWriter, r *Msg) { m := new(Msg) m.SetRcode(r, RcodeServerFailure) @@ -121,10 +122,9 @@ func (mux *ServeMux) match(q string, t uint16) Handler { if h, ok := mux.z[string(b[:l])]; ok { // 'causes garbage, might want to change the map key if t != TypeDS { return h - } else { - // Continue for DS to see if we have a parent too, if so delegeate to the parent - handler = h } + // Continue for DS to see if we have a parent too, if so delegeate to the parent + handler = h } off, end = NextLabel(q, off) if end { @@ -148,7 +148,7 @@ func (mux *ServeMux) Handle(pattern string, handler Handler) { mux.m.Unlock() } -// Handle adds a handler to the ServeMux for pattern. +// HandleFunc adds a handler function to the ServeMux for pattern. func (mux *ServeMux) HandleFunc(pattern string, handler func(ResponseWriter, *Msg)) { mux.Handle(pattern, HandlerFunc(handler)) } diff --git a/sig0.go b/sig0.go index bef88cf9..aab8d0d2 100644 --- a/sig0.go +++ b/sig0.go @@ -92,7 +92,7 @@ func (rr *SIG) Sign(k PrivateKey, m *Msg) ([]byte, error) { buf[rdoff], buf[rdoff+1] = packUint16(rdlen) // Adjust additional count adc, _ := unpackUint16(buf, 10) - adc += 1 + adc++ buf[10], buf[11] = packUint16(adc) return buf, nil } diff --git a/tsig.go b/tsig.go index 4f79894f..133792fc 100644 --- a/tsig.go +++ b/tsig.go @@ -75,6 +75,8 @@ const ( HmacSHA512 = "hmac-sha512." ) +// TSIG is the RR the holds the transaction signature of a message. +// See RFC 2845 and RFC 4635. type TSIG struct { Hdr RR_Header Algorithm string `dns:"domain-name"` diff --git a/types.go b/types.go index a650850b..2ac9a6dc 100644 --- a/types.go +++ b/types.go @@ -10,9 +10,12 @@ import ( ) type ( - Type uint16 // Type is a DNS type. - Class uint16 // Class is a DNS class. - Name string // Name is a DNS domain name. + // Type is a DNS type. + Type uint16 + // Class is a DNS class. + Class uint16 + // Name is a DNS domain name. + Name string ) // Packet formats @@ -801,7 +804,7 @@ func cmToM(m, e uint8) string { s := fmt.Sprintf("%d", m) for e > 2 { s += "0" - e -= 1 + e-- } return s } diff --git a/xfr_test.go b/xfr_test.go index 4e3d1b6c..9ad66977 100644 --- a/xfr_test.go +++ b/xfr_test.go @@ -57,8 +57,7 @@ func testClientAXFRMultipleEnvelopes(t *testing.T) { tr := new(Transfer) if a, err := tr.In(m, net.JoinHostPort(server, "53")); err != nil { t.Log("Failed to setup axfr" + err.Error() + "for server: " + server) - t.Fail() - return + t.FailNow() } else { for ex := range a { if ex.Error != nil { diff --git a/zgenerate.go b/zgenerate.go index 7f1183e8..d9307cb0 100644 --- a/zgenerate.go +++ b/zgenerate.go @@ -24,13 +24,13 @@ func generate(l lex, c chan lex, t chan *Token, o string) string { if i+1 == len(l.token) { return "bad step in $GENERATE range" } - if s, e := strconv.Atoi(l.token[i+1:]); e != nil { - return "bad step in $GENERATE range" - } else { + if s, e := strconv.Atoi(l.token[i+1:]); e == nil { if s < 0 { return "bad step in $GENERATE range" } step = s + } else { + return "bad step in $GENERATE range" } l.token = l.token[:i] } diff --git a/zscan.go b/zscan.go index 0fc2a292..eaba3bb5 100644 --- a/zscan.go +++ b/zscan.go @@ -95,11 +95,14 @@ type lex struct { comment string // any comment text seen } -// *Tokens are returned when a zone file is parsed. +// Token holds the token that are returned when a zone file is parsed. type Token struct { - RR // the scanned resource record when error is not nil - Error *ParseError // when an error occured, this has the error specifics - Comment string // a potential comment positioned after the RR and on the same line + // The scanned resource record when error is not nil. + RR + // When an error occured, this has the error specifics. + Error *ParseError + // A potential comment positioned after the RR and on the same line. + Comment string } // NewRR reads the RR contained in the string s. Only the first RR is diff --git a/zscan_rr.go b/zscan_rr.go index ed796989..fe7b65a1 100644 --- a/zscan_rr.go +++ b/zscan_rr.go @@ -987,7 +987,7 @@ func setHIP(h RR_Header, c chan lex, o, f string) (RR, *ParseError, string) { // RendezvousServers (if any) l = <-c - xs := make([]string, 0) + var xs []string for l.value != _NEWLINE && l.value != _EOF { switch l.value { case _STRING: