* Support parsing known RR types in RFC 3597 format
This is the format used for "Unknown DNS Resource Records", but it's
also useful to support parsing known RR types in this way.
RFC 3597 says:
An implementation MAY also choose to represent some RRs of known type
using the above generic representations for the type, class and/or
RDATA, which carries the benefit of making the resulting master file
portable to servers where these types are unknown. Using the generic
representation for the RDATA of an RR of known type can also be
useful in the case of an RR type where the text format varies
depending on a version, protocol, or similar field (or several)
embedded in the RDATA when such a field has a value for which no text
format is known, e.g., a LOC RR [RFC1876] with a VERSION other than
0.
Even though an RR of known type represented in the \# format is
effectively treated as an unknown type for the purpose of parsing the
RDATA text representation, all further processing by the server MUST
treat it as a known type and take into account any applicable type-
specific rules regarding compression, canonicalization, etc.
* Correct mistakes in TestZoneParserAddressAAAA
This was spotted when writing TestParseKnownRRAsRFC3597.
* Eliminate canParseAsRR
This has the advantage that concrete types will now be returned for
parsed ANY, NULL, OPT and TSIG records.
* Expand TestDynamicUpdateParsing for RFC 3597
This ensures we're properly handling empty RDATA for RFC 3597 parsed
records.
* Implement SVCB
* Fix serialization and deserialization of double quotes
* More effort (?)
4 months old commit
* DEBUG
* _
* Presentation format serialization/deserialization
* _
Remove generated
* Progress on presentation format parse & write
* _
* Finish parsing presentation format
* Regenerate
* Pack unpack
* Move to svcb.go
Scan_rr.go and types.go should be untouched now
* 🐛
Thanks ghedo
* Definitions
* TypeHTTPSSVC
* Generated
and isDuplicate
* Goodbye lenient functions
Now private key=value pairs have to be defined as structs too. They are no longer automatically named as KeyNNNNN
* Encode/decode
* Experimental svc
* Read method
* Implement some of the methods, use trick...
to report where the error is while reading it. This should be applied to EDNS too. Todo: Find if case can only contain e := new(SVC_ALPN) and rest moved out
Also fix two compile errors
* Add SVC_LOCAL methods, reorder, remove alpn value, bugs
* Errors
* Alpn, make it build
* Correct testsuite
* Fully implement parser
Change from keeping a state variable to reading in one iteration until the key=value pair is fully consumed
* Simplify and document
EDNS should be simplified too
* Attempt to fix fuzzer
And Alpn bug
* A bug and change type values to match @ghedo's implementation
* IP bug
Also there are two ip duplicating patterns, one with copy, one with append. Maybe change it to be consistent.
* Check for strictly increasing keys as required
* Don't panic on invalid alpn
* Redundant check, don't modify original array
* Size calculation
* Fix the fuzzer, match the style
* 65535 is reserved too, don't delay errors
* Check keyNNN, check for aliasform having values
* IPvNHint is an array
* Fix ipvNHint
* Rename everything
* Unrecognized keys according to the updated specification
* Skip zero-length structs in generators. Fix CI
* Doc cleanup
* Off by one
* Add parse tests
* Check if private key doesn't collide with known key, invalid tests
* Disallow IPv4 as IPv6. More tests.
Related #1107
* Style fixes
* More consistency, more tests
* 🐛 Deep copy as in the documentation
a := make([]net.IP, 1)
a[0] = net.ParseIP("1.1.1.1").To4()
b := append(make([]net.IP, 0, 1), a...)
b[0] = net.ParseIP("3.1.1.1").To4()
fmt.Println(a[0][0])
* Make tests readable
* Move valid parse tests to different file
* 🐛 One of previous commits not fully committed
* Test binary single value encoding/decoding and full encode/decode
* Add worst-case grows to builders, 🐛 Wrong visible character range, redundant tests
* Testing improvements
And don't convert to IPv4 twice
* Doc update only
* Document worst case allocations
and ipv6 can be at most of length 39, not 40
* Redundant IP copy, consistent IPv6 behavior, fix deep copy
* isDuplicate for SVCB
* Optimizations
* echoconfig
* Svc => SVCB
* Fix CI
* Regenerate after REBASE (2)
Rebased twice on 15th and 20th May
* Rename svc, use escapeByte.
* Fix parsing whitespaces between quotes, rename ECHOHOConfig
* resolve
Remove svcbFieldLen
Use reverseInt
Uppercase SVCB
Rename key_value
"invalid" => bad
Alpn comments
> 65535 check
Unneeded slices
* a little more
read => parse
IP array meaning
Force pushed because forgot to change read in svcb_test.go
* HTTPSSVC -> HTTPS
* Use new values
* mandatory code
https://github.com/MikeBishop/dns-alt-svc/pull/205
* Resolve comments
Rename svcb-pairs
Remove SVCB_PRIVATE ranges
Comment on SVCB_KEY65535
ParseError return l.token
rename svcbKeyToString and svcbStringToKey
privatize SVCBKeyToString, SVCBStringToKey
* Refactor 1
Rename sorted, originalPairs
Use append instead of copy
Use svcb_RESERVED instead of 65535, with it now being private
"type SVCBKey uint16"
* Refactor 2
svcbKeyToString as method
svcbStringToKey updated after key 0
🐛 mandatory has missing key
Rename str
idx < 0
* Refactor 3
Use l.token as z
var key, value string
Comment wrap
0:
Sentences with '.'
keyValue => kv
* Refactor 4
* Refactor 5
len() int
* Refactor 6
* Refactor 7
* Test remove parsing
* Error messages
* Rewrite two estimate comments
* parse shouldn't modify original array 🐛
* Remove two unneeded comments
* Address review comments
Push 2 because can't build fuzzer python
Push 3 to try again
* Simplify argument duplication as per tmthrgd's suggestion
And add the relevant test
Force push edit: Make sorting code fit into one line
* Rewrite ECHConfig and address the review
* Remove the optional tab
* Add To4() Check
* More cleanup and fix mandatory not sorting bug
* Improve sprintName tests
* Fix sprintName handling of escaped dots
* Make sprintName consistently drop dangling incomplete escapes
* Be consistent about domain name label character escaping
Fixes#1121
* Replace strings.IndexByte with faster special-purpose function
Paraphrase @miekg's response to emphasize that multiple
questions in the question section of a DNS message
is not supported in practice.
refs miekg/dns#1092
Co-authored-by: Adam Chalkley <atc0005@users.noreply.github.com>
* Doc updates
Was reading https://pkg.go.dev/github.com/miekg/dns?tab=doc and spotted
some types and things to could be slightly better.
Make v unexported, as this version stuff should not be part of the
public API.
Signed-off-by: Miek Gieben <miek@miek.nl>
* fix test
Signed-off-by: Miek Gieben <miek@miek.nl>
* APL record: add structure and code point
* APL record: add wire format support
* APL record: add presentation format support
* APL record: add isDuplicate implementation
* APL record: add copy implementation
* APL record: add len implementation
* APL record: run go generate
* APL record: fix condition checking for equality
* APL record: use switches to map family to address length
* APL record: check bounds of individual fields rather than whole header
* APL record: stylistic changes
* APL record: remove APLPrefix methods from public interface
* APL record: update README
* APL record: additional cleanup for code review
* APL record: change return type from pointer to struct
* APL record: refactor of pack and unpack to eliminate extra variables
* Merge setRR into ZoneParser.Next
* Remove file argument from RR.parse
This was only used to fill in the ParseError file field. Instead we now
fill in that field in ZoneParser.Next.
* Move dynamic update check out of RR.parse
This consolidates all the dynamic update checks into one place.
* Check for unexpected newline before parsing RR data
* Move rr.parse call into if-statement
* Allow dynamic updates for TKEY and RFC3597 records
* Document that ParseError file field is unset from parse
* Inline allowDynamicUpdate into ZoneParser.Next
* Improve and simplify TestUnexpectedNewline
Both NSEC and NSEC3 use the same logic to pack the bitmap.
CSYNC.pack also appear to make use of `packDataNsec` so I am giving it
the same treatment by moving the logic in a helper function and making
all those types `len` call use that function.
The byte sequence, when Unpack()-ed and subsequential Pack()-ed created a
panic: runtime error: slice bounds out of range
github.com/miekg/dns.(*Msg).packBufferWithCompressionMap(0xc0000d4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x14, 0x14e80b, 0xbf2d4654d501a3c8, ...)
/Users/chantra/go/src/github.com/miekg/dns/msg.go:868 +0x13a8
Confirmed that Unpacking/Repacking payload described in TestCrashNSEC
did not raise a slice bound out of range panic, added unittests which
failed prior to this change.
```
go test -run TestCrashNSEC
--- FAIL: TestCrashNSEC (0.00s)
types_test.go:135: expected length of 19, got 12
FAIL
exit status 1
FAIL github.com/miekg/dns 0.067s
```
* Use for range loops instead of manual loops
* Use for range loop in Msg.CopyTo
This is a separate commit as the change is slightly more than just
switching the loop style.
* Use for range loop in DNSKEY.publicKeyRSA
* Add explen comment to DNSKEY.publicKeyRSA
* Eliminate Variable bool from parserFunc
Instead we now check whether the last token read from the zlexer was
a zNewline or zEOF. The error check above should be tripped for any
record that ends prematurely.
* Use an interface method for parsing zone file records
* Prevent panic in TestOmittedTTL if no regexp match
* Move slurpRemainder into fixed length parse functions
This is consistent with the original logic in setRR and avoids potential
edge cases.
* Parse synthetic records according to RFC 3597
These records lack a presentation format and cannot be parsed otherwise.
This behaviour is consistent with how this previously operated.
Sorely missing from this library. Add it. As there is no presentation
format the String method for this type puts a comment in front of it.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Simplify TKEY presentation format
Just put add ";" in front of it, instead of the whole pseudo option
text.
Fixes#855
Signed-off-by: Miek Gieben <miek@miek.nl>
* Add more fields to presentation format - convert time using the RRSIG routines
Signed-off-by: Miek Gieben <miek@miek.nl>
* Stop compressing names in RT records
Although RFC 1183 allows names in the RT record to be compressed with:
"The concrete encoding is identical to the MX RR."
RFC 3597 specifically prohibits compressing names in any record not
defined in RFC 1035.
* Add comment to RT struct regarding compression
* Remove fullSize return from compressionLenSearch
This wasn't used anywhere but TestCompressionLenSearch, and was very
wrong.
* Add generated compressedLen functions and use them
This replaces the confusing and complicated compressionLenSlice
function.
* Use compressedLenWithCompressionMap even for uncompressed
This leaves the len() functions unused and they'll soon be removed.
This also fixes the off-by-one error of compressedLen when a (Q)NAME
is ".".
* Use Len helper instead of RR.len private method
* Merge len and compressedLen functions
* Merge compressedLen helper into Msg.Len
* Remove compress bool from compressedLenWithCompressionMap
* Merge map insertion into compressionLenSearch
This eliminates the need to loop over the domain name twice when we're
compressing the name.
* Use compressedNameLen for NSEC.NextDomain
This was a mistake.
* Remove compress from RR.len
* Add test case for multiple questions length
* Add test case for MINFO and SOA compression
These are the only RRs with multiple compressible names within the same
RR, and they were previously broken.
* Rename compressedNameLen to domainNameLen
It also handles the length of uncompressed domain names.
* Use off directly instead of len(s[:off])
* Move initial maxCompressionOffset check out of compressionLenMapInsert
This should allow us to avoid the call overhead of
compressionLenMapInsert in certain limited cases and may result in a
slight performance increase.
compressionLenMapInsert still has a maxCompressionOffset check inside
the for loop.
* Rename compressedLenWithCompressionMap to msgLenWithCompressionMap
This better reflects that it also calculates the uncompressed length.
* Merge TestMsgCompressMINFO with TestMsgCompressSOA
They're both testing the same thing.
* Remove compressionLenMapInsert
compressionLenSearch does everything compressionLenMapInsert did anyway.
* Only call compressionLenSearch in one place in domainNameLen
* Split if statement in domainNameLen
The last two commits worsened the performance of domainNameLen
noticably, this change restores it's original performance.
name old time/op new time/op delta
MsgLength-12 550ns ±13% 510ns ±21% ~ (p=0.050 n=10+10)
MsgLengthNoCompression-12 26.9ns ± 2% 27.0ns ± 1% ~ (p=0.198 n=9+10)
MsgLengthPack-12 2.30µs ±12% 2.26µs ±16% ~ (p=0.739 n=10+10)
MsgLengthMassive-12 32.9µs ± 7% 32.0µs ±10% ~ (p=0.243 n=9+10)
MsgLengthOnlyQuestion-12 9.60ns ± 1% 9.20ns ± 1% -4.16% (p=0.000 n=9+9)
* Remove stray newline from TestMsgCompressionMultipleQuestions
* Remove stray newline in length_test.go
This was introduced when resolving merge conflicts.
* Simplify appendByte
* Add test case and benchmark for sprintName
* Add test case and benchmark for sprintTxtOctet
* Add test case and benchmark for sprintTxt
* Use strings.Builder for sprint* functions in types.go
* Use writeByte helper in unpackString
* Rename writeByte to writeEscapedByte
This better captures the purpose of this function.
* Remove redundant parenthesis
These were caught with:
gofmt -r '(a) -> a' -w *.go
This commit only includes the changes where the formatting makes the
ordering of operations clear.
* Remove more redundant parenthesis
These were caught with:
gofmt -r '(a) -> a' -w *.go
This commit includes the remaining changes where the formatting does not
make the ordering of operations as clear as the previous commit.
* Add support for TKEY RRs
- make sure Key and Data fields are variable length hex fields
- checkin output from 'go generate'
- add a TKEY specific test to ensure this stays working
* go format changes
* address review comments
* add ability to parse TKEY via string
* handle review comments - change TKEY string output
Implement the CSYNC record.
Fixes#290
Long overdue, lets add this record. Similar in vain as NSEC/NSEC3, we
need to implement len() our selves. Presentation format parsing and
tests are done as well.
This is CoreDNS running with CSYNC support, `dig` doesn't support this
at the moment, so:
~~~
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40323
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;csync.example.org. IN TYPE62
;; ANSWER SECTION:
csync.example.org. 10 IN TYPE62 \# 12 000335240042000460000008
;; AUTHORITY SECTION:
example.org. 10 IN NS a.iana-servers.net.
example.org. 10 IN NS b.iana-servers.net.
~~~
* Test for proper parsing of whitespace-separated (TXT) character-strings
* Properly parse whitespace-separated (TXT) character-strings
* Remove non-RFC treatment of backslash sequences in character-strings
Fixes gh-420
* For tests, remove non-RFC treatment of backslashes in domain names
1) Refactoring of tlsa.go
- moved routine to create the certificate rdata to its own go module
as this is shared between TLSA and SMIMEA records
2) Added support for creating an SMIMEA domain name
3) Developed in accordance with draft-ietf-dane-smime-12 RFC
Miek,
Submitting for your review. Happy to make any recommended changes or
address omissions.
Lightly tested against our internal DNS service which hosts DANE
SMIMEA records for our email certificates.
Parse tests are added.
When removing the reflection we inadvertely also removed the code for
handling empty salt values in NSEC3 and NSEC3PARAM. These are somewhat
annoying because the text representation is '-', which is not valid hex.
Update the size-xxx-member tags to point to another field in the struct
that should be used for the length in that field. Fix NSEC3/HIP and TSIG
to use to this and generate the correct pack/unpack functions for them.
Remove IPSECKEY from the lib and handle it as an unknown record - it is
such a horrible RR, needed kludges before - now just handle it as an
unknown RR.
All types now use generated pack and unpack functions. The blacklist is
removed.
* Make the error variable always named err.
Sometimes the error variable was named 'err' sometimes 'e'. Sometimes
'e' refered to an EDNS or string and not an error type.
* Use t.Errorf instead of t.Logf & t.Fail.
This fixes bugs in MB and CNAME.copy() (using sprintName for copying),
IPSECKEY (missed copyIP) and OPT (partially, Options was not copied as
slice; EDNS0 objects themselves are still pointers).
This process probably fixes a bug in NSAPPTR.len(), after a similar one was
found in HINFO.len().
This should also make it easier to make changes to these functions, and
check their correctness.
Generate the code by running "go generate".