fix invalid records & automatically split long TXT records into chunks of up to 255 characters

This commit is contained in:
m5r 2024-07-17 23:21:54 +02:00
parent 92cdddec9c
commit 3f48a4190d
Signed by: mokhtar
GPG Key ID: 1509B54946D08A95

View File

@ -20,7 +20,7 @@ type Xip struct {
type HardcodedRecord struct { type HardcodedRecord struct {
A []*dns.A A []*dns.A
AAAA []*dns.AAAA AAAA []*dns.AAAA
TXT *dns.TXT TXT []string // *dns.TXT
MX []*dns.MX MX []*dns.MX
CNAME []*dns.CNAME CNAME []*dns.CNAME
SRV *dns.SRV SRV *dns.SRV
@ -58,44 +58,40 @@ var (
// {A: net.IPv4(66, 241, 125, 48)}, // {A: net.IPv4(66, 241, 125, 48)},
{A: net.IPv4(137, 66, 40, 11)}, // fly.io edge-only ip address {A: net.IPv4(137, 66, 40, 11)}, // fly.io edge-only ip address
}, },
TXT: &dns.TXT{ TXT: []string{"v=spf1 include:capsulecorp.dev ~all"},
Txt: []string{
"sl-verification=frudknyqpqlpgzbglkqnsmorfcvxrf",
"v=spf1 include:capsulecorp.dev ~all",
},
},
MX: []*dns.MX{ MX: []*dns.MX{
{Preference: 10, Mx: "email.capsulecorp.dev."}, {Preference: 10, Mx: "email.capsulecorp.dev."},
}, },
}, },
"autodiscover.local-ip.sh.": { "autodiscover.local-ip.sh.": {
CNAME: []*dns.CNAME{ CNAME: []*dns.CNAME{
{Target: "email.capsulecorp.dev"}, {Target: "email.capsulecorp.dev."},
}, },
}, },
"_autodiscover._tcp.local-ip.sh.": { "_autodiscover._tcp.local-ip.sh.": {
SRV: &dns.SRV{ SRV: &dns.SRV{
Target: "email.capsulecorp.dev 443", Priority: 0,
Weight: 0,
Port: 443,
Target: "email.capsulecorp.dev.",
}, },
}, },
"autoconfig.local-ip.sh.": { "autoconfig.local-ip.sh.": {
CNAME: []*dns.CNAME{ CNAME: []*dns.CNAME{
{Target: "email.capsulecorp.dev"}, {Target: "email.capsulecorp.dev."},
}, },
}, },
"_dmarc.local-ip.sh.": { "_dmarc.local-ip.sh.": {
TXT: &dns.TXT{ TXT: []string{"v=DMARC1; p=none; rua=mailto:postmaster@local-ip.sh; ruf=mailto:admin@local-ip.sh"},
Txt: []string{"v=DMARC1; p=none; rua=mailto:postmaster@local-ip.sh; ruf=mailto:admin@local-ip.sh"},
},
}, },
"dkim._domainkey.local-ip.sh.": { "dkim._domainkey.local-ip.sh.": {
TXT: &dns.TXT{ TXT: []string{
Txt: []string{"v=DKIM1;k=rsa;t=s;s=email;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMW6NFo34qzKRPbzK41GwbWncB8IDg1i2eA2VWznIVDmTzzsqILaBOGv2xokVpzZm0QRF9wSbeVUmvwEeQ7Z6wkfMjawenDEc3XxsNSvQUVBP6LU/xcm1zsR8wtD8r5J+Jm45pNFaateiM/kb/Eypp2ntdtd8CPsEgCEDpNb62LWdy0yzRdZ/M/fNn51UMN8hVFp4YfZngAt3bQwa6kPtgvTeqEbpNf5xanpDysNJt2S8zfqJMVGvnr8JaJiTv7ZlKMMp94aC5Ndcir1WbMyfmgSnGgemuCTVMWDGPJnXDi+8BQMH1b1hmTpWDiVdVlehyyWx5AfPrsWG9cEuDIfXwIDAQAB"}, "v=DKIM1;k=rsa;t=s;s=email;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMW6NFo34qzKRPbzK41GwbWncB8IDg1i2eA2VWznIVDmTzzsqILaBOGv2xokVpzZm0QRF9wSbeVUmvwEeQ7Z6wkfMjawenDEc3XxsNSvQUVBP6LU/xcm1zsR8wtD8r5J+Jm45pNFaateiM/kb/Eypp2ntdtd8CPsEgCEDpNb62LWdy0yzRdZ/M/fNn51UMN8hVFp4YfZngAt3bQwa6kPtgvTeqEbpNf5xanpDysNJt2S8zfqJMVGvnr8JaJiTv7ZlKMMp94aC5Ndcir1WbMyfmgSnGgemuCTVMWDGPJnXDi+8BQMH1b1hmTpWDiVdVlehyyWx5AfPrsWG9cEuDIfXwIDAQAB",
}, },
}, },
"_acme-challenge.local-ip.sh.": { "_acme-challenge.local-ip.sh.": {
// will be filled in later when requesting the wildcard certificate // will be filled in later when requesting the wildcard certificate
TXT: &dns.TXT{}, TXT: []string{},
}, },
} }
) )
@ -108,9 +104,7 @@ func (xip *Xip) SetTXTRecord(fqdn string, value string) {
} }
if records, ok := hardcodedRecords[fqdn]; ok { if records, ok := hardcodedRecords[fqdn]; ok {
records.TXT = &dns.TXT{ records.TXT = []string{value}
Txt: []string{value},
}
hardcodedRecords["_acme-challenge.local-ip.sh."] = records hardcodedRecords["_acme-challenge.local-ip.sh."] = records
} }
} }
@ -123,19 +117,20 @@ func (xip *Xip) UnsetTXTRecord(fqdn string) {
} }
if records, ok := hardcodedRecords[fqdn]; ok { if records, ok := hardcodedRecords[fqdn]; ok {
records.TXT = nil records.TXT = []string{}
hardcodedRecords["_acme-challenge.local-ip.sh."] = records hardcodedRecords["_acme-challenge.local-ip.sh."] = records
} }
} }
func (xip *Xip) fqdnToA(fqdn string) []*dns.A { func (xip *Xip) fqdnToA(fqdn string) []*dns.A {
if hardcodedRecords[strings.ToLower(fqdn)].A != nil { normalizedFqdn := strings.ToLower(fqdn)
if hardcodedRecords[normalizedFqdn].A != nil {
var records []*dns.A var records []*dns.A
for _, record := range hardcodedRecords[strings.ToLower(fqdn)].A { for _, record := range hardcodedRecords[normalizedFqdn].A {
records = append(records, &dns.A{ records = append(records, &dns.A{
Hdr: dns.RR_Header{ Hdr: dns.RR_Header{
Ttl: uint32((time.Hour * 24 * 7).Seconds()), Ttl: uint32((time.Minute * 5).Seconds()),
Name: fqdn, Name: fqdn,
Rrtype: dns.TypeA, Rrtype: dns.TypeA,
Class: dns.ClassINET, Class: dns.ClassINET,
@ -158,7 +153,7 @@ func (xip *Xip) fqdnToA(fqdn string) []*dns.A {
return []*dns.A{{ return []*dns.A{{
Hdr: dns.RR_Header{ Hdr: dns.RR_Header{
Ttl: uint32((time.Hour * 24 * 7).Seconds()), Ttl: uint32((time.Minute * 5).Seconds()),
Name: fqdn, Name: fqdn,
Rrtype: dns.TypeA, Rrtype: dns.TypeA,
Class: dns.ClassINET, Class: dns.ClassINET,
@ -193,15 +188,16 @@ func (xip *Xip) handleA(question dns.Question, message *dns.Msg) {
func (xip *Xip) handleAAAA(question dns.Question, message *dns.Msg) { func (xip *Xip) handleAAAA(question dns.Question, message *dns.Msg) {
fqdn := question.Name fqdn := question.Name
if hardcodedRecords[strings.ToLower(fqdn)].AAAA == nil { normalizedFqdn := strings.ToLower(fqdn)
if hardcodedRecords[normalizedFqdn].AAAA == nil {
xip.answerWithAuthority(question, message) xip.answerWithAuthority(question, message)
return return
} }
for _, record := range hardcodedRecords[strings.ToLower(fqdn)].AAAA { for _, record := range hardcodedRecords[normalizedFqdn].AAAA {
message.Answer = append(message.Answer, &dns.AAAA{ message.Answer = append(message.Answer, &dns.AAAA{
Hdr: dns.RR_Header{ Hdr: dns.RR_Header{
Ttl: uint32((time.Hour * 24 * 7).Seconds()), Ttl: uint32((time.Minute * 5).Seconds()),
Name: fqdn, Name: fqdn,
Rrtype: dns.TypeAAAA, Rrtype: dns.TypeAAAA,
Class: dns.ClassINET, Class: dns.ClassINET,
@ -218,7 +214,7 @@ func (xip *Xip) handleNS(question dns.Question, message *dns.Msg) {
for _, ns := range xip.nameServers { for _, ns := range xip.nameServers {
nameServers = append(nameServers, &dns.NS{ nameServers = append(nameServers, &dns.NS{
Hdr: dns.RR_Header{ Hdr: dns.RR_Header{
Ttl: uint32((time.Hour * 24 * 7).Seconds()), Ttl: uint32((time.Minute * 5).Seconds()),
Name: fqdn, Name: fqdn,
Rrtype: dns.TypeNS, Rrtype: dns.TypeNS,
Class: dns.ClassINET, Class: dns.ClassINET,
@ -238,35 +234,46 @@ func (xip *Xip) handleNS(question dns.Question, message *dns.Msg) {
} }
} }
func chunkBy(str string, chunkSize int) (chunks []string) {
for chunkSize < len(str) {
str, chunks = str[chunkSize:], append(chunks, str[0:chunkSize])
}
return append(chunks, str)
}
func (xip *Xip) handleTXT(question dns.Question, message *dns.Msg) { func (xip *Xip) handleTXT(question dns.Question, message *dns.Msg) {
fqdn := question.Name fqdn := question.Name
if hardcodedRecords[strings.ToLower(fqdn)].TXT == nil { normalizedFqdn := strings.ToLower(fqdn)
if hardcodedRecords[normalizedFqdn].TXT == nil {
xip.answerWithAuthority(question, message) xip.answerWithAuthority(question, message)
return return
} }
for _, record := range hardcodedRecords[normalizedFqdn].TXT {
message.Answer = append(message.Answer, &dns.TXT{ message.Answer = append(message.Answer, &dns.TXT{
Hdr: dns.RR_Header{ Hdr: dns.RR_Header{
Ttl: uint32((time.Hour * 24 * 7).Seconds()), Ttl: uint32((time.Minute * 5).Seconds()),
Name: fqdn, Name: fqdn,
Rrtype: dns.TypeTXT, Rrtype: dns.TypeTXT,
Class: dns.ClassINET, Class: dns.ClassINET,
}, },
Txt: hardcodedRecords[strings.ToLower(fqdn)].TXT.Txt, Txt: chunkBy(record, 255),
}) })
}
} }
func (xip *Xip) handleMX(question dns.Question, message *dns.Msg) { func (xip *Xip) handleMX(question dns.Question, message *dns.Msg) {
fqdn := question.Name fqdn := question.Name
if hardcodedRecords[strings.ToLower(fqdn)].MX == nil { normalizedFqdn := strings.ToLower(fqdn)
if hardcodedRecords[normalizedFqdn].MX == nil {
xip.answerWithAuthority(question, message) xip.answerWithAuthority(question, message)
return return
} }
for _, record := range hardcodedRecords[strings.ToLower(fqdn)].MX { for _, record := range hardcodedRecords[normalizedFqdn].MX {
message.Answer = append(message.Answer, &dns.MX{ message.Answer = append(message.Answer, &dns.MX{
Hdr: dns.RR_Header{ Hdr: dns.RR_Header{
Ttl: uint32((time.Hour * 24 * 7).Seconds()), Ttl: uint32((time.Minute * 5).Seconds()),
Name: fqdn, Name: fqdn,
Rrtype: dns.TypeMX, Rrtype: dns.TypeMX,
Class: dns.ClassINET, Class: dns.ClassINET,
@ -279,15 +286,16 @@ func (xip *Xip) handleMX(question dns.Question, message *dns.Msg) {
func (xip *Xip) handleCNAME(question dns.Question, message *dns.Msg) { func (xip *Xip) handleCNAME(question dns.Question, message *dns.Msg) {
fqdn := question.Name fqdn := question.Name
if hardcodedRecords[strings.ToLower(fqdn)].CNAME == nil { normalizedFqdn := strings.ToLower(fqdn)
if hardcodedRecords[normalizedFqdn].CNAME == nil {
xip.answerWithAuthority(question, message) xip.answerWithAuthority(question, message)
return return
} }
for _, record := range hardcodedRecords[strings.ToLower(fqdn)].CNAME { for _, record := range hardcodedRecords[normalizedFqdn].CNAME {
message.Answer = append(message.Answer, &dns.CNAME{ message.Answer = append(message.Answer, &dns.CNAME{
Hdr: dns.RR_Header{ Hdr: dns.RR_Header{
Ttl: uint32((time.Hour * 24 * 7).Seconds()), Ttl: uint32((time.Minute * 5).Seconds()),
Name: fqdn, Name: fqdn,
Rrtype: dns.TypeCNAME, Rrtype: dns.TypeCNAME,
Class: dns.ClassINET, Class: dns.ClassINET,
@ -297,6 +305,28 @@ func (xip *Xip) handleCNAME(question dns.Question, message *dns.Msg) {
} }
} }
func (xip *Xip) handleSRV(question dns.Question, message *dns.Msg) {
fqdn := question.Name
normalizedFqdn := strings.ToLower(fqdn)
if hardcodedRecords[normalizedFqdn].SRV == nil {
xip.answerWithAuthority(question, message)
return
}
message.Answer = append(message.Answer, &dns.SRV{
Hdr: dns.RR_Header{
Ttl: uint32((time.Minute * 5).Seconds()),
Name: fqdn,
Rrtype: dns.TypeSRV,
Class: dns.ClassINET,
},
Priority: hardcodedRecords[normalizedFqdn].SRV.Priority,
Weight: hardcodedRecords[normalizedFqdn].SRV.Weight,
Port: hardcodedRecords[normalizedFqdn].SRV.Port,
Target: hardcodedRecords[normalizedFqdn].SRV.Target,
})
}
func (xip *Xip) handleSOA(question dns.Question, message *dns.Msg) { func (xip *Xip) handleSOA(question dns.Question, message *dns.Msg) {
message.Answer = append(message.Answer, xip.soaRecord(question)) message.Answer = append(message.Answer, xip.soaRecord(question))
} }
@ -307,7 +337,7 @@ func (xip *Xip) soaRecord(question dns.Question) *dns.SOA {
Name: question.Name, Name: question.Name,
Rrtype: dns.TypeSOA, Rrtype: dns.TypeSOA,
Class: dns.ClassINET, Class: dns.ClassINET,
Ttl: uint32((time.Hour * 24 * 7).Seconds()), Ttl: uint32((time.Minute * 5).Seconds()),
Rdlength: 0, Rdlength: 0,
} }
soa.Ns = "ns1.local-ip.sh." soa.Ns = "ns1.local-ip.sh."
@ -336,6 +366,8 @@ func (xip *Xip) handleQuery(message *dns.Msg) {
xip.handleMX(question, message) xip.handleMX(question, message)
case dns.TypeCNAME: case dns.TypeCNAME:
xip.handleCNAME(question, message) xip.handleCNAME(question, message)
case dns.TypeSRV:
xip.handleSRV(question, message)
case dns.TypeSOA: case dns.TypeSOA:
xip.handleSOA(question, message) xip.handleSOA(question, message)
default: default:
@ -359,7 +391,10 @@ func (xip *Xip) handleDnsRequest(response dns.ResponseWriter, request *dns.Msg)
message.MsgHdr.Rcode = dns.RcodeRefused message.MsgHdr.Rcode = dns.RcodeRefused
} }
response.WriteMsg(message) error := response.WriteMsg(message)
if error != nil {
log.Printf("Error writing answer \"%s\": %s\n", message.String(), error.Error())
}
}() }()
} }