From 1797bca311ca8fa1f503dd462e4772b9118fb18d Mon Sep 17 00:00:00 2001 From: m5r Date: Sun, 28 Jul 2024 12:06:59 +0200 Subject: [PATCH] reject if more or less than 1 question in the query + more logs --- xip/xip.go | 63 +++++++++++++++++++-------------- xip/xip_test.go | 94 +++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 131 insertions(+), 26 deletions(-) create mode 100644 xip/xip_test.go diff --git a/xip/xip.go b/xip/xip.go index cea8323..a17fc0d 100644 --- a/xip/xip.go +++ b/xip/xip.go @@ -24,10 +24,10 @@ var ( ) func (xip *Xip) SetTXTRecord(fqdn string, value string) { - utils.Logger.Debug().Str("fqdn", fqdn).Str("value", value).Msg("Trying to set TXT record") + utils.Logger.Trace().Str("fqdn", fqdn).Str("value", value).Msg("Trying to set TXT record") config := utils.GetConfig() if fqdn != fmt.Sprintf("_acme-challenge.%s.", config.Domain) { - utils.Logger.Debug().Msg("Not allowed, abort") + utils.Logger.Trace().Str("fqdn", fqdn).Msg("Not allowed, abort setting TXT record") return } @@ -38,10 +38,10 @@ func (xip *Xip) SetTXTRecord(fqdn string, value string) { } func (xip *Xip) UnsetTXTRecord(fqdn string) { - utils.Logger.Debug().Str("fqdn", fqdn).Msg("Trying to set TXT record") + utils.Logger.Trace().Str("fqdn", fqdn).Msg("Trying to unset TXT record") config := utils.GetConfig() if fqdn != fmt.Sprintf("_acme-challenge.%s.", config.Domain) { - utils.Logger.Debug().Msg("Not allowed, abort") + utils.Logger.Trace().Str("fqdn", fqdn).Msg("Not allowed, abort unsetting TXT record") return } @@ -288,27 +288,33 @@ func (xip *Xip) soaRecord(question dns.Question) *dns.SOA { } func (xip *Xip) handleQuery(message *dns.Msg) { - for _, question := range message.Question { - switch question.Qtype { - case dns.TypeA: - xip.handleA(question, message) - case dns.TypeAAAA: - xip.handleAAAA(question, message) - case dns.TypeNS: - xip.handleNS(question, message) - case dns.TypeTXT: - xip.handleTXT(question, message) - case dns.TypeMX: - xip.handleMX(question, message) - case dns.TypeCNAME: - xip.handleCNAME(question, message) - case dns.TypeSRV: - xip.handleSRV(question, message) - case dns.TypeSOA: - xip.handleSOA(question, message) - default: - xip.handleSOA(question, message) - } + if len(message.Question) != 1 { + // see https://serverfault.com/a/742788 + utils.Logger.Error().Any("questions", message.Question).Msg("Received an incorrect amount of questions") + message.MsgHdr.Rcode = dns.RcodeFormatError + return + } + + question := message.Question[0] + switch question.Qtype { + case dns.TypeA: + xip.handleA(question, message) + case dns.TypeAAAA: + xip.handleAAAA(question, message) + case dns.TypeNS: + xip.handleNS(question, message) + case dns.TypeTXT: + xip.handleTXT(question, message) + case dns.TypeMX: + xip.handleMX(question, message) + case dns.TypeCNAME: + xip.handleCNAME(question, message) + case dns.TypeSRV: + xip.handleSRV(question, message) + case dns.TypeSOA: + xip.handleSOA(question, message) + default: + xip.handleSOA(question, message) } } @@ -327,7 +333,12 @@ func (xip *Xip) handleDnsRequest(response dns.ResponseWriter, request *dns.Msg) message.MsgHdr.Rcode = dns.RcodeRefused } - utils.Logger.Debug().Str("FLY_REGION", flyRegion).Any("question", request.Question).Any("answer", message.Answer).Msg("resolved") + logEvent := utils.Logger.Debug().Str("FLY_REGION", flyRegion).Str("question", request.Question[0].String()) + re := regexp.MustCompile(`\s`) + for i, answer := range message.Answer { + logEvent.Str(fmt.Sprintf("answers[%d]", i), re.ReplaceAllString(answer.String(), " ")) + } + logEvent.Msg("resolved") error := response.WriteMsg(message) if error != nil { diff --git a/xip/xip_test.go b/xip/xip_test.go new file mode 100644 index 0000000..0ad1526 --- /dev/null +++ b/xip/xip_test.go @@ -0,0 +1,94 @@ +package xip + +import ( + "fmt" + "os/exec" + "strings" + "testing" + + "github.com/spf13/viper" +) + +func TestResolveDashUnit(t *testing.T) { + // viper.Set("dns-port", 9053) + xip := NewXip() + + A := xip.fqdnToA("192-168-1-29.local-ip.sh") + expected := "192.168.1.29" + received := A[0].A.String() + if received != expected { + t.Fatalf("Expected %s but received %s", expected, received) + } + + A = xip.fqdnToA("192.168.1.29.local-ip.sh") + expected = "192.168.1.29" + received = A[0].A.String() + if received != expected { + t.Fatalf("Expected %s but received %s", expected, received) + } + + A = xip.fqdnToA("prefixed.192.168.1.29.local-ip.sh") + expected = "192.168.1.29" + received = A[0].A.String() + if received != expected { + t.Fatalf("Expected %s but received %s", expected, received) + } + + A = xip.fqdnToA("prefixed-192.168.1.29.local-ip.sh") + if A != nil { + t.Fatalf("Expected %v but received %s", nil, A) + } +} + +func TestConstructor(t *testing.T) { + viper.Set("dns-port", 9053) + xip := NewXip() + + if xip.nameServers[0] != "ns1.local-ip.sh" { + t.Error("") + } + if xip.nameServers[1] != "ns2.local-ip.sh" { + t.Error("") + } +} + +func TestResolveDashE2E(t *testing.T) { + viper.Set("dns-port", 9053) + xip := NewXip() + go xip.StartServer() + + cmd := exec.Command("dig", "@localhost", "-p", "9053", "192-168-1-29.local-ip.sh", "+short") + out, err := cmd.Output() + if err != nil { + t.Fatal(err) + } + + if strings.TrimSpace(string(out)) != "192.168.1.29" { + t.Fatal(string(out)) + } +} + +func BenchmarkResolveDashBasic(b *testing.B) { + b.Skip() + // var semaphore = make(chan int, 40) + // var done = make(chan bool, 1) + + for i := 0; i < b.N; i++ { + port := 9053 + i + viper.Set("dns-port", port) + xip := NewXip() + go xip.StartServer() + + // semaphore <- 1 + // go func() { + cmd := exec.Command("dig", "@localhost", "-p", fmt.Sprint(port), "192-168-1-29.local-ip.sh", "+short") + cmd.Run() + + // <-semaphore + // if i == b.N { + // done <- true + // } + // }() + } + // <-done +}