Update deps

This commit is contained in:
Frank Denis 2024-06-13 23:44:17 +02:00
parent 7a4b2ac7ea
commit 2dd6c8e996
104 changed files with 5055 additions and 1906 deletions

View file

@ -188,6 +188,9 @@ Example programs can be found in the `github.com/miekg/exdns` repository.
* 8777 - DNS Reverse IP Automatic Multicast Tunneling (AMT) Discovery
* 8914 - Extended DNS Errors
* 8976 - Message Digest for DNS Zones (ZONEMD RR)
* 9460 - Service Binding and Parameter Specification via the DNS
* 9461 - Service Binding Mapping for DNS Servers
* 9462 - Discovery of Designated Resolvers
## Loosely Based Upon

View file

@ -55,7 +55,10 @@ func endingToTxtSlice(c *zlexer, errstr string) ([]string, *ParseError) {
sx := []string{}
p := 0
for {
i := escapedStringOffset(l.token[p:], 255)
i, ok := escapedStringOffset(l.token[p:], 255)
if !ok {
return nil, &ParseError{err: errstr, lex: l}
}
if i != -1 && p+i != len(l.token) {
sx = append(sx, l.token[p:p+i])
} else {
@ -1919,29 +1922,36 @@ func (rr *APL) parse(c *zlexer, o string) *ParseError {
// escapedStringOffset finds the offset within a string (which may contain escape
// sequences) that corresponds to a certain byte offset. If the input offset is
// out of bounds, -1 is returned.
func escapedStringOffset(s string, byteOffset int) int {
if byteOffset == 0 {
return 0
// out of bounds, -1 is returned (which is *not* considered an error).
func escapedStringOffset(s string, desiredByteOffset int) (int, bool) {
if desiredByteOffset == 0 {
return 0, true
}
offset := 0
for i := 0; i < len(s); i++ {
offset += 1
currentByteOffset, i := 0, 0
for i < len(s) {
currentByteOffset += 1
// Skip escape sequences
if s[i] != '\\' {
// Not an escape sequence; nothing to do.
} else if isDDD(s[i+1:]) {
i += 3
} else {
// Single plain byte, not an escape sequence.
i++
} else if isDDD(s[i+1:]) {
// Skip backslash and DDD.
i += 4
} else if len(s[i+1:]) < 1 {
// No character following the backslash; that's an error.
return 0, false
} else {
// Skip backslash and following byte.
i += 2
}
if offset >= byteOffset {
return i + 1
if currentByteOffset >= desiredByteOffset {
return i, true
}
}
return -1
return -1, true
}

View file

@ -188,6 +188,14 @@ type DecorateReader func(Reader) Reader
// Implementations should never return a nil Writer.
type DecorateWriter func(Writer) Writer
// MsgInvalidFunc is a listener hook for observing incoming messages that were discarded
// because they could not be parsed.
// Every message that is read by a Reader will eventually be provided to the Handler,
// rejected (or ignored) by the MsgAcceptFunc, or passed to this function.
type MsgInvalidFunc func(m []byte, err error)
func DefaultMsgInvalidFunc(m []byte, err error) {}
// A Server defines parameters for running an DNS server.
type Server struct {
// Address to listen on, ":dns" if empty.
@ -233,6 +241,8 @@ type Server struct {
// AcceptMsgFunc will check the incoming message and will reject it early in the process.
// By default DefaultMsgAcceptFunc will be used.
MsgAcceptFunc MsgAcceptFunc
// MsgInvalidFunc is optional, will be called if a message is received but cannot be parsed.
MsgInvalidFunc MsgInvalidFunc
// Shutdown handling
lock sync.RWMutex
@ -277,6 +287,9 @@ func (srv *Server) init() {
if srv.MsgAcceptFunc == nil {
srv.MsgAcceptFunc = DefaultMsgAcceptFunc
}
if srv.MsgInvalidFunc == nil {
srv.MsgInvalidFunc = DefaultMsgInvalidFunc
}
if srv.Handler == nil {
srv.Handler = DefaultServeMux
}
@ -531,6 +544,7 @@ func (srv *Server) serveUDP(l net.PacketConn) error {
if cap(m) == srv.UDPSize {
srv.udpPool.Put(m[:srv.UDPSize])
}
srv.MsgInvalidFunc(m, ErrShortRead)
continue
}
wg.Add(1)
@ -611,6 +625,7 @@ func (srv *Server) serveUDPPacket(wg *sync.WaitGroup, m []byte, u net.PacketConn
func (srv *Server) serveDNS(m []byte, w *response) {
dh, off, err := unpackMsgHdr(m, 0)
if err != nil {
srv.MsgInvalidFunc(m, err)
// Let client hang, they are sending crap; any reply can be used to amplify.
return
}
@ -620,10 +635,12 @@ func (srv *Server) serveDNS(m []byte, w *response) {
switch action := srv.MsgAcceptFunc(dh); action {
case MsgAccept:
if req.unpack(dh, m, off) == nil {
err := req.unpack(dh, m, off)
if err == nil {
break
}
srv.MsgInvalidFunc(m, err)
fallthrough
case MsgReject, MsgRejectNotImplemented:
opcode := req.Opcode

50
vendor/github.com/miekg/dns/svcb.go generated vendored
View file

@ -14,7 +14,7 @@ import (
// SVCBKey is the type of the keys used in the SVCB RR.
type SVCBKey uint16
// Keys defined in draft-ietf-dnsop-svcb-https-08 Section 14.3.2.
// Keys defined in rfc9460
const (
SVCB_MANDATORY SVCBKey = iota
SVCB_ALPN
@ -23,7 +23,8 @@ const (
SVCB_IPV4HINT
SVCB_ECHCONFIG
SVCB_IPV6HINT
SVCB_DOHPATH // draft-ietf-add-svcb-dns-02 Section 9
SVCB_DOHPATH // rfc9461 Section 5
SVCB_OHTTP // rfc9540 Section 8
svcb_RESERVED SVCBKey = 65535
)
@ -37,6 +38,7 @@ var svcbKeyToStringMap = map[SVCBKey]string{
SVCB_ECHCONFIG: "ech",
SVCB_IPV6HINT: "ipv6hint",
SVCB_DOHPATH: "dohpath",
SVCB_OHTTP: "ohttp",
}
var svcbStringToKeyMap = reverseSVCBKeyMap(svcbKeyToStringMap)
@ -201,6 +203,8 @@ func makeSVCBKeyValue(key SVCBKey) SVCBKeyValue {
return new(SVCBIPv6Hint)
case SVCB_DOHPATH:
return new(SVCBDoHPath)
case SVCB_OHTTP:
return new(SVCBOhttp)
case svcb_RESERVED:
return nil
default:
@ -771,8 +775,8 @@ func (s *SVCBIPv6Hint) copy() SVCBKeyValue {
// SVCBDoHPath pair is used to indicate the URI template that the
// clients may use to construct a DNS over HTTPS URI.
//
// See RFC xxxx (https://datatracker.ietf.org/doc/html/draft-ietf-add-svcb-dns-02)
// and RFC yyyy (https://datatracker.ietf.org/doc/html/draft-ietf-add-ddr-06).
// See RFC 9461 (https://datatracker.ietf.org/doc/html/rfc9461)
// and RFC 9462 (https://datatracker.ietf.org/doc/html/rfc9462).
//
// A basic example of using the dohpath option together with the alpn
// option to indicate support for DNS over HTTPS on a certain path:
@ -816,6 +820,44 @@ func (s *SVCBDoHPath) copy() SVCBKeyValue {
}
}
// The "ohttp" SvcParamKey is used to indicate that a service described in a SVCB RR
// can be accessed as a target using an associated gateway.
// Both the presentation and wire-format values for the "ohttp" parameter MUST be empty.
//
// See RFC 9460 (https://datatracker.ietf.org/doc/html/rfc9460/)
// and RFC 9230 (https://datatracker.ietf.org/doc/html/rfc9230/)
//
// A basic example of using the dohpath option together with the alpn
// option to indicate support for DNS over HTTPS on a certain path:
//
// s := new(dns.SVCB)
// s.Hdr = dns.RR_Header{Name: ".", Rrtype: dns.TypeSVCB, Class: dns.ClassINET}
// e := new(dns.SVCBAlpn)
// e.Alpn = []string{"h2", "h3"}
// p := new(dns.SVCBOhttp)
// s.Value = append(s.Value, e, p)
type SVCBOhttp struct{}
func (*SVCBOhttp) Key() SVCBKey { return SVCB_OHTTP }
func (*SVCBOhttp) copy() SVCBKeyValue { return &SVCBOhttp{} }
func (*SVCBOhttp) pack() ([]byte, error) { return []byte{}, nil }
func (*SVCBOhttp) String() string { return "" }
func (*SVCBOhttp) len() int { return 0 }
func (*SVCBOhttp) unpack(b []byte) error {
if len(b) != 0 {
return errors.New("dns: svcbotthp: svcbotthp must have no value")
}
return nil
}
func (*SVCBOhttp) parse(b string) error {
if b != "" {
return errors.New("dns: svcbotthp: svcbotthp must have no value")
}
return nil
}
// SVCBLocal pair is intended for experimental/private use. The key is recommended
// to be in the range [SVCB_PRIVATE_LOWER, SVCB_PRIVATE_UPPER].
// Basic use pattern for creating a keyNNNNN option:

1
vendor/github.com/miekg/dns/xfr.go generated vendored
View file

@ -209,6 +209,7 @@ func (t *Transfer) inIxfr(q *Msg, c chan *Envelope) {
// ch := make(chan *dns.Envelope)
// tr := new(dns.Transfer)
// var wg sync.WaitGroup
// wg.Add(1)
// go func() {
// tr.Out(w, r, ch)
// wg.Done()