Make it public as TsigGenerateWithProvider and update the docs a little.
And TsigVerifyWithProvider also - tweak those docs also a little.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Refactor net.PacketConn checks into helper function
* Only treat a *net.UnixConn of unixgram as a packet conn
* Handle wrapped net.Conn types in isPacketConn
* Use Error instead of Fatal where appropriate in TestIsPacketConn
* Send DNS query in one packet when using TCP/TLS
* fix review comments
* Removed net.Buffers
* Added unit-tests for writing messages over TCP in one go
* Ignore replies with unexpected IDs
This fixes the following problem:
At time 0, we send a query with ID X from port P.
At time T, we time out the query due to lack of response, and then send
a different query with ID Y. By coincidence, the new query is sent from
the same port number P (since port numbers are only 16 bits, this can happen
with non-negligible probability when making queries at a high rate).
At time T+epsilon, we receive a response to the original query.
Since the ID in this response is X, not Y, we would previously return
ErrId, preventing the second query from succeeding.
With this commit, we simply ignore the response with the mismatched ID
and return once we receive the response with the correct ID.
* Update test for bad ID
The new test sends two replies: the first one has a bad ID, which should
be ignored, and the second one has the correct ID.
* Add test to ensure query times out when server returns bad ID
* Avoid use of error string matching in test case
* Check for mismatched query IDs when using TCP
* Reduce timeout in TestClientSyncBadID
* Implements ExchangeWithConn, a function that allows callers to pass in a connection instead of having the library create a new one for them. Exchange now wraps around this, implementing the existing behavior by creating a new connection and passing it to ExchangeWithConn. c.exchange has been updated to support this behavior as well.
* adding tab
* formatting problem
* adds test case for ExchangeWithConn
Previously it was possible for two different questions to hit the same
single in flight entry if the type or class isn't in the relevant
XToString map. This could happen for a proxy server or similar.
* Simplify Server.readTCP
This slightly alters the error behaviour, but it should not be
observable outside of a decorated reader. I don't believe the old
behaviour was either obvious, documented or correct.
* Simplify TCP reading in client Conn
This alters the error behaviour in possibly observable ways, though
this is quite subtle and may not actually be readily observable.
Conn.ReadMsgHeader should behave the same way and still returns
ErrShortRead for length being too short.
Conn.Read will no longer return ErrShortRead if the length == 0,
otherwise it should be largely similar.
* Remove redundant error check in Conn.ReadMsgHeader
* Revert "Require URLs for DOH addresses (#684)"
This reverts commit 8ccae88257.
* Revert "WIP: DNS-over-HTTPS support for Client.Exchange API (#671)"
This reverts commit 64746df23b.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Finish revert of DoH
Signed-off-by: Miek Gieben <miek@miek.nl>
* Add back in the race condition comment
Signed-off-by: Miek Gieben <miek@miek.nl>
* Remove redundant parenthesis
These were caught with:
gofmt -r '(a) -> a' -w *.go
This commit only includes the changes where the formatting makes the
ordering of operations clear.
* Remove more redundant parenthesis
These were caught with:
gofmt -r '(a) -> a' -w *.go
This commit includes the remaining changes where the formatting does not
make the ordering of operations as clear as the previous commit.
* ensure dialTimeout is used at Dial time. Ensure dial functions setup the right timeout
* - on Dialing, ensure a dialTimeout for the Dialer only if it is just created, else keep going with parameters of the Dialer.
* Require URLs for DOH addresses
* Move time.Now directly above http.Client.Do in DoH
* Remove https scheme check from DOH
Although the draft RFC explicitly requires that the scheme be https,
this was deemed undesirable, so remove it.
* Add DNS-over-HTTPS support to (*Client).Exchange
* Ignore net/http goroutine leak from DoH
* Use existing Dialer and TLSConfig fields on Client for DOH
* Make DOH http.Client fully configurable
* Pipe context into exchangeDOH
* TSIG name must be presented in canonical form
Update the documentation to make clear that the zonename in the
TsigSecret map must be in canonical form.
* Reference RFC 4034 for canonical form
The response message must copied regardless of whether there was an
error or not, otherwise two concurrent queries may modify the response
as they write it out.
My home router only return 1 byte on the initial tcp read of 2 bytes
for the size of the reply. We should read the other byte as well if this
happen.
With this fix, this:
~~~
% ./q -tcp @192.168.1.1 higgs
;; dns: short read
~~~
becomes:
~~~
% ./q -tcp @192.168.1.1 higgs
;; opcode: QUERY, status: NOERROR, id: 12968
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;higgs. IN A
;; ANSWER SECTION:
higgs. 0 IN A 192.168.1.108
;; query time: 10737 µs, server: 192.168.1.1:53(tcp), size: 44 bytes
~~~
* Remove {un,}packUint{16,32}Msg functions.
unpackUint16Msg unpackUint32Msg packUint16Msg packUint32Msg implemented
functionality that is part of the encoding/binary package.
* Use encoding/binary's encoding in more places.
Remove the use of reflection when packing and unpacking, instead
generate all the pack and unpack functions using msg_generate.
This will generate zmsg.go which in turn calls the helper functions from
msg_helper.go.
This increases the speed by about ~30% while cutting back on memory
usage. Not all RRs are using it, but that will be rectified in upcoming
PR.
Most of the speed increase is in the header/question section parsing.
These functions *are* not generated, but straight forward enough. The
implementation can be found in msg.go.
The new code has been fuzzed by go-fuzz, which turned up some issues.
All files that started with 'z', and not autogenerated were renamed,
i.e. zscan.go is now scan.go.
Reflection is still used, in subsequent PRs it will be removed entirely.
TCP wasn't returning rrt info anymore, fix this. Also add
an issue_test.go where fixes for specific issues can be put.
Pull the rtt for udp message up into the function where we now
also set the rrt for tcp (for symmetry).