* Support parsing known RR types in RFC 3597 format
This is the format used for "Unknown DNS Resource Records", but it's
also useful to support parsing known RR types in this way.
RFC 3597 says:
An implementation MAY also choose to represent some RRs of known type
using the above generic representations for the type, class and/or
RDATA, which carries the benefit of making the resulting master file
portable to servers where these types are unknown. Using the generic
representation for the RDATA of an RR of known type can also be
useful in the case of an RR type where the text format varies
depending on a version, protocol, or similar field (or several)
embedded in the RDATA when such a field has a value for which no text
format is known, e.g., a LOC RR [RFC1876] with a VERSION other than
0.
Even though an RR of known type represented in the \# format is
effectively treated as an unknown type for the purpose of parsing the
RDATA text representation, all further processing by the server MUST
treat it as a known type and take into account any applicable type-
specific rules regarding compression, canonicalization, etc.
* Correct mistakes in TestZoneParserAddressAAAA
This was spotted when writing TestParseKnownRRAsRFC3597.
* Eliminate canParseAsRR
This has the advantage that concrete types will now be returned for
parsed ANY, NULL, OPT and TSIG records.
* Expand TestDynamicUpdateParsing for RFC 3597
This ensures we're properly handling empty RDATA for RFC 3597 parsed
records.
These were flagged by GitHub CodeQL code scanning as potential
vulnerabilities or issues. Fixing them is easy and they are incorrect.
Adding tests is less easy because int is 64-bits on most systems,
including those we test on, so we can't consistently provoke a failure
here.
This also removed the codecov that was still done. We could potentially
re-add as an action, but I don't really miss it. Add testing for 1.14
and 1.15 (it's very fast now).
Fuzzing needs to stay on 1.14 due to brokeness of some kind.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Support generic net.PacketConn's for the Server
This commit adds support for listening on generic net.PacketConn's for
UDP DNS requests, previously *net.UDPConn was the only supported type.
In the event of a future v2 of this module, this should be streamlined.
* Eliminate wrapper functions around RunLocalXServerWithFinChan
* Eliminate RunLocalTCPServerWithTsig function
* Replace RunLocalTLSServer with a wrapper around RunLocalTCPServer
This reduces code duplication.
* Add net.PacketConn server tests
This provides coverage over nearly all of the newly added code (with
the unfortunate exception of (*response).RemoteAddr).
* Fix broken client_test.go tests
a433fbede4 was merged into master between this PR being opened and
being merged. This broke the CI tests in rather strange ways as the
code was being merged into master in a way that wasn't at all clear.
This commit fixes the two broken lines.
* Fix XFR tests
axfrTestingSuite returned the test function that was never actually
executed. These were broken from the beginning awkwardly, though the
test cases pass fine once fixed.
* Switch axfrTestingSuite argument order
*testing.T is customarily the first argument.
AFAIK, the only way to get an RSAMD5 DNSKEY was to manually construct
one. This is ancient, just get rid of it.
The only remaining usage of md5 is in tsig.go. Hopefully that might be
removable as well.
`&dns.HTTPS{Hdr: ...}` fails due to `cannot use promoted field SVCB.Hdr
in struct literal of type dns.HTTPS`. Fix this, less readable
alternatives include using `dns.SVCB` directly, or `&dns.HTTPS{SVCB:
dns.SVCB{Hdr: ...}}`.
Fix the draft reference, draft-02 has not been published yet. Fix ECH,
its type has changed from base64 to a byte array.
* Ignore replies with unexpected IDs
This fixes the following problem:
At time 0, we send a query with ID X from port P.
At time T, we time out the query due to lack of response, and then send
a different query with ID Y. By coincidence, the new query is sent from
the same port number P (since port numbers are only 16 bits, this can happen
with non-negligible probability when making queries at a high rate).
At time T+epsilon, we receive a response to the original query.
Since the ID in this response is X, not Y, we would previously return
ErrId, preventing the second query from succeeding.
With this commit, we simply ignore the response with the mismatched ID
and return once we receive the response with the correct ID.
* Update test for bad ID
The new test sends two replies: the first one has a bad ID, which should
be ignored, and the second one has the correct ID.
* Add test to ensure query times out when server returns bad ID
* Avoid use of error string matching in test case
* Check for mismatched query IDs when using TCP
* Reduce timeout in TestClientSyncBadID
The SVBC record didn't have a class, so add that and use struct literal
to put it all on 1 one. Use `s` for SVCB records, and `h` for HTTPS to
be more consistent.
Signed-off-by: Miek Gieben <miek@miek.nl>
Original PR doesn't make clear why this is 900-now assuming we want to
cross the 14 bit length boundary.
Up to 900 creates a super large (>2^16) message. Not sure why that needs
testing.
Also remove the packs at lower sizes.
Signed-off-by: Miek Gieben <miek@miek.nl>
This reduces the time it takes to run the test. Shorter timeouts on
clients to avoid awaiting for the detault timeouts.
It's also reduces the iterations in some test functions, this doesn't
seem to impact the tests indicating those numbers where random to begin
with.
Use shorter crypto keys, as we don't need to strength in tests.
Stop using Google Public DNS and other remotes in tests as well: it's
faster, keeps things local and avoids spilling info to Google.
This brings the test duration down from ~8s to ~2s on my machine, a 4x
reduction.
~~~
PASS
ok github.com/miekg/dns 2.046s
Switched to branch 'master'
Your branch is up-to-date with 'origin/master'.
PASS
ok github.com/miekg/dns 7.915s
~~~
Signed-off-by: Miek Gieben <miek@miek.nl>
This bumps Travis CI to the last two supported golang releases, as
documented in the readme: go1.14 and go1.15.
It also bumps the GitHub Code Action CI to go1.14 as it doesn't yet
supported go1.15 (see actions/setup-go#74).
* Implement SVCB
* Fix serialization and deserialization of double quotes
* More effort (?)
4 months old commit
* DEBUG
* _
* Presentation format serialization/deserialization
* _
Remove generated
* Progress on presentation format parse & write
* _
* Finish parsing presentation format
* Regenerate
* Pack unpack
* Move to svcb.go
Scan_rr.go and types.go should be untouched now
* 🐛
Thanks ghedo
* Definitions
* TypeHTTPSSVC
* Generated
and isDuplicate
* Goodbye lenient functions
Now private key=value pairs have to be defined as structs too. They are no longer automatically named as KeyNNNNN
* Encode/decode
* Experimental svc
* Read method
* Implement some of the methods, use trick...
to report where the error is while reading it. This should be applied to EDNS too. Todo: Find if case can only contain e := new(SVC_ALPN) and rest moved out
Also fix two compile errors
* Add SVC_LOCAL methods, reorder, remove alpn value, bugs
* Errors
* Alpn, make it build
* Correct testsuite
* Fully implement parser
Change from keeping a state variable to reading in one iteration until the key=value pair is fully consumed
* Simplify and document
EDNS should be simplified too
* Attempt to fix fuzzer
And Alpn bug
* A bug and change type values to match @ghedo's implementation
* IP bug
Also there are two ip duplicating patterns, one with copy, one with append. Maybe change it to be consistent.
* Check for strictly increasing keys as required
* Don't panic on invalid alpn
* Redundant check, don't modify original array
* Size calculation
* Fix the fuzzer, match the style
* 65535 is reserved too, don't delay errors
* Check keyNNN, check for aliasform having values
* IPvNHint is an array
* Fix ipvNHint
* Rename everything
* Unrecognized keys according to the updated specification
* Skip zero-length structs in generators. Fix CI
* Doc cleanup
* Off by one
* Add parse tests
* Check if private key doesn't collide with known key, invalid tests
* Disallow IPv4 as IPv6. More tests.
Related #1107
* Style fixes
* More consistency, more tests
* 🐛 Deep copy as in the documentation
a := make([]net.IP, 1)
a[0] = net.ParseIP("1.1.1.1").To4()
b := append(make([]net.IP, 0, 1), a...)
b[0] = net.ParseIP("3.1.1.1").To4()
fmt.Println(a[0][0])
* Make tests readable
* Move valid parse tests to different file
* 🐛 One of previous commits not fully committed
* Test binary single value encoding/decoding and full encode/decode
* Add worst-case grows to builders, 🐛 Wrong visible character range, redundant tests
* Testing improvements
And don't convert to IPv4 twice
* Doc update only
* Document worst case allocations
and ipv6 can be at most of length 39, not 40
* Redundant IP copy, consistent IPv6 behavior, fix deep copy
* isDuplicate for SVCB
* Optimizations
* echoconfig
* Svc => SVCB
* Fix CI
* Regenerate after REBASE (2)
Rebased twice on 15th and 20th May
* Rename svc, use escapeByte.
* Fix parsing whitespaces between quotes, rename ECHOHOConfig
* resolve
Remove svcbFieldLen
Use reverseInt
Uppercase SVCB
Rename key_value
"invalid" => bad
Alpn comments
> 65535 check
Unneeded slices
* a little more
read => parse
IP array meaning
Force pushed because forgot to change read in svcb_test.go
* HTTPSSVC -> HTTPS
* Use new values
* mandatory code
https://github.com/MikeBishop/dns-alt-svc/pull/205
* Resolve comments
Rename svcb-pairs
Remove SVCB_PRIVATE ranges
Comment on SVCB_KEY65535
ParseError return l.token
rename svcbKeyToString and svcbStringToKey
privatize SVCBKeyToString, SVCBStringToKey
* Refactor 1
Rename sorted, originalPairs
Use append instead of copy
Use svcb_RESERVED instead of 65535, with it now being private
"type SVCBKey uint16"
* Refactor 2
svcbKeyToString as method
svcbStringToKey updated after key 0
🐛 mandatory has missing key
Rename str
idx < 0
* Refactor 3
Use l.token as z
var key, value string
Comment wrap
0:
Sentences with '.'
keyValue => kv
* Refactor 4
* Refactor 5
len() int
* Refactor 6
* Refactor 7
* Test remove parsing
* Error messages
* Rewrite two estimate comments
* parse shouldn't modify original array 🐛
* Remove two unneeded comments
* Address review comments
Push 2 because can't build fuzzer python
Push 3 to try again
* Simplify argument duplication as per tmthrgd's suggestion
And add the relevant test
Force push edit: Make sorting code fit into one line
* Rewrite ECHConfig and address the review
* Remove the optional tab
* Add To4() Check
* More cleanup and fix mandatory not sorting bug
* answer queries with no matching handler with RcodeRefused
* update documentation
* mark HandleFailed deprecated
* add handleRefused and use it to answer requests matching no handler
* silence noise maker
Co-authored-by: Brian <brian@pop-os.localdomain>
* Improve sprintName tests
* Fix sprintName handling of escaped dots
* Make sprintName consistently drop dangling incomplete escapes
* Be consistent about domain name label character escaping
Fixes#1121
* Replace strings.IndexByte with faster special-purpose function
* fix check for bad offset on 32 bit systems
* parse integers into int64 rather than platform dependent ints
Co-authored-by: Michael Hudson-Doyle <Michael Hudson-Doyle michael.hudson@ubuntu.com>