From 1c5e038c67fca647daa3ea651b935ce90e777cc2 Mon Sep 17 00:00:00 2001 From: Florian Ritterhoff Date: Fri, 2 Jun 2023 06:10:35 +0200 Subject: [PATCH] add dhcid type --- build/generate/featureMatrix.go | 6 ++++++ models/dnsrr.go | 2 ++ models/record.go | 2 ++ pkg/js/helpers.js | 3 +++ pkg/js/parse_tests/046-DHCID.js | 3 +++ pkg/js/parse_tests/046-DHCID.json | 18 ++++++++++++++++++ pkg/normalize/validate.go | 4 +++- providers/axfrddns/axfrddnsProvider.go | 1 + providers/bind/bindProvider.go | 1 + providers/capabilities.go | 3 +++ providers/capability_string.go | 5 +++-- 11 files changed, 45 insertions(+), 3 deletions(-) create mode 100644 pkg/js/parse_tests/046-DHCID.js create mode 100644 pkg/js/parse_tests/046-DHCID.json diff --git a/build/generate/featureMatrix.go b/build/generate/featureMatrix.go index 06c0178fe..c032d092f 100644 --- a/build/generate/featureMatrix.go +++ b/build/generate/featureMatrix.go @@ -87,6 +87,7 @@ func matrixData() *FeatureMatrix { DomainModifierSshfp = "[`SSHFP`](functions/domain/SSHFP.md)" DomainModifierTlsa = "[`TLSA`](functions/domain/TLSA.md)" DomainModifierDs = "[`DS`](functions/domain/DS.md)" + DomainModifierDhcid = "[`DHCID`](functions/domain/DHCID.md)" DualHost = "dual host" CreateDomains = "create-domains" NoPurge = "[`NO_PURGE`](functions/domain/NO_PURGE.md)" @@ -110,6 +111,7 @@ func matrixData() *FeatureMatrix { DomainModifierSshfp, DomainModifierTlsa, DomainModifierDs, + DomainModifierDhcid, DualHost, CreateDomains, NoPurge, @@ -212,6 +214,10 @@ func matrixData() *FeatureMatrix { DomainModifierTlsa, providers.CanUseTLSA, ) + setCapability( + DomainModifierDhcid, + providers.CanUseDHCID, + ) setCapability( GetZones, providers.CanGetZones, diff --git a/models/dnsrr.go b/models/dnsrr.go index 2361c7f38..b7b73e264 100644 --- a/models/dnsrr.go +++ b/models/dnsrr.go @@ -96,6 +96,8 @@ func RRtoRC(rr dns.RR, origin string) (RecordConfig, error) { err = rc.SetTargetTLSA(v.Usage, v.Selector, v.MatchingType, v.Certificate) case *dns.TXT: err = rc.SetTargetTXTs(v.Txt) + case *dns.DHCID: + err = rc.SetTarget(v.Digest) default: return *rc, fmt.Errorf("rrToRecord: Unimplemented zone record type=%s (%v)", rc.Type, rr) } diff --git a/models/record.go b/models/record.go index 9c958a808..fb2f7cccd 100644 --- a/models/record.go +++ b/models/record.go @@ -446,6 +446,8 @@ func (rc *RecordConfig) ToRR() dns.RR { rr.(*dns.TLSA).Certificate = rc.GetTargetField() case dns.TypeTXT: rr.(*dns.TXT).Txt = rc.TxtStrings + case dns.TypeDHCID: + rr.(*dns.DHCID).Digest = rc.GetTargetField() default: panic(fmt.Sprintf("ToRR: Unimplemented rtype %v", rc.Type)) // We panic so that we quickly find any switch statements diff --git a/pkg/js/helpers.js b/pkg/js/helpers.js index 6581cfaf2..10dfa1f69 100644 --- a/pkg/js/helpers.js +++ b/pkg/js/helpers.js @@ -407,6 +407,9 @@ var DS = recordBuilder('DS', { }, }); +// DHCID(name,target, recordModifiers...) +var DHCID = recordBuilder('DHCID'); + // PTR(name,target, recordModifiers...) var PTR = recordBuilder('PTR'); diff --git a/pkg/js/parse_tests/046-DHCID.js b/pkg/js/parse_tests/046-DHCID.js new file mode 100644 index 000000000..8847c54ff --- /dev/null +++ b/pkg/js/parse_tests/046-DHCID.js @@ -0,0 +1,3 @@ +D("foo.com","none", + DHCID("@", "Test") +); diff --git a/pkg/js/parse_tests/046-DHCID.json b/pkg/js/parse_tests/046-DHCID.json new file mode 100644 index 000000000..a64818280 --- /dev/null +++ b/pkg/js/parse_tests/046-DHCID.json @@ -0,0 +1,18 @@ +{ + "registrars": [], + "dns_providers": [], + "domains": [ + { + "name": "foo.com", + "registrar": "none", + "dnsProviders": {}, + "records": [ + { + "type": "DHCID", + "name": "@", + "target": "Test" + } + ] + } + ] +} diff --git a/pkg/normalize/validate.go b/pkg/normalize/validate.go index 0a52cad1a..23694c98c 100644 --- a/pkg/normalize/validate.go +++ b/pkg/normalize/validate.go @@ -73,6 +73,7 @@ func validateRecordTypes(rec *models.RecordConfig, domain string, pTypes []strin "SSHFP": true, "TLSA": true, "TXT": true, + "DHCID": true, } _, ok := validTypes[rec.Type] if !ok { @@ -221,7 +222,7 @@ func checkTargets(rec *models.RecordConfig, domain string) (errs []error) { } case "SRV": check(checkTarget(target)) - case "TXT", "IMPORT_TRANSFORM", "CAA", "SSHFP", "TLSA", "DS": + case "TXT", "IMPORT_TRANSFORM", "CAA", "SSHFP", "TLSA", "DS", "DHCID": default: if rec.Metadata["orig_custom_type"] != "" { // it is a valid custom type. We perform no validation on target @@ -696,6 +697,7 @@ var providerCapabilityChecks = []pairTypeCapability{ capabilityCheck("SRV", providers.CanUseSRV), capabilityCheck("SSHFP", providers.CanUseSSHFP), capabilityCheck("TLSA", providers.CanUseTLSA), + capabilityCheck("DHCID", providers.CanUseDHCID), // DS needs special record-level checks { diff --git a/providers/axfrddns/axfrddnsProvider.go b/providers/axfrddns/axfrddnsProvider.go index d455fc205..d670b775b 100644 --- a/providers/axfrddns/axfrddnsProvider.go +++ b/providers/axfrddns/axfrddnsProvider.go @@ -49,6 +49,7 @@ var features = providers.DocumentationNotes{ providers.CanUseSRV: providers.Can(), providers.CanUseSSHFP: providers.Can(), providers.CanUseTLSA: providers.Can(), + providers.CanUseDHCID: providers.Can(), providers.CantUseNOPURGE: providers.Cannot(), providers.DocCreateDomains: providers.Cannot(), providers.DocDualHost: providers.Cannot(), diff --git a/providers/bind/bindProvider.go b/providers/bind/bindProvider.go index fdb746625..21c98da64 100644 --- a/providers/bind/bindProvider.go +++ b/providers/bind/bindProvider.go @@ -44,6 +44,7 @@ var features = providers.DocumentationNotes{ providers.CanUseSRV: providers.Can(), providers.CanUseSSHFP: providers.Can(), providers.CanUseTLSA: providers.Can(), + providers.CanUseDHCID: providers.Can(), providers.CantUseNOPURGE: providers.Cannot(), providers.DocCreateDomains: providers.Can("Driver just maintains list of zone files. It should automatically add missing ones."), providers.DocDualHost: providers.Can(), diff --git a/providers/capabilities.go b/providers/capabilities.go index 3335c8f5a..972163391 100644 --- a/providers/capabilities.go +++ b/providers/capabilities.go @@ -78,6 +78,9 @@ const ( // DocOfficiallySupported means it is actively used and maintained by stack exchange DocOfficiallySupported + + // CanUseDHCID indicates the provider can handle DHCID records + CanUseDHCID ) var providerCapabilities = map[string]map[Capability]bool{} diff --git a/providers/capability_string.go b/providers/capability_string.go index fb35841af..fd5753163 100644 --- a/providers/capability_string.go +++ b/providers/capability_string.go @@ -28,11 +28,12 @@ func _() { _ = x[DocCreateDomains-17] _ = x[DocDualHost-18] _ = x[DocOfficiallySupported-19] + _ = x[CanUseDHCID-20] } -const _Capability_name = "CanAutoDNSSECCanGetZonesCanUseAKAMAICDNCanUseAliasCanUseAzureAliasCanUseCAACanUseDSCanUseDSForChildrenCanUseLOCCanUseNAPTRCanUsePTRCanUseRoute53AliasCanUseSOACanUseSRVCanUseSSHFPCanUseTLSACantUseNOPURGEDocCreateDomainsDocDualHostDocOfficiallySupported" +const _Capability_name = "CanAutoDNSSECCanGetZonesCanUseAKAMAICDNCanUseAliasCanUseAzureAliasCanUseCAACanUseDSCanUseDSForChildrenCanUseLOCCanUseNAPTRCanUsePTRCanUseRoute53AliasCanUseSOACanUseSRVCanUseSSHFPCanUseTLSACantUseNOPURGEDocCreateDomainsDocDualHostDocOfficiallySupportedCanUseDHCID" -var _Capability_index = [...]uint8{0, 13, 24, 39, 50, 66, 75, 83, 102, 111, 122, 131, 149, 158, 167, 178, 188, 202, 218, 229, 251} +var _Capability_index = [...]uint16{0, 13, 24, 39, 50, 66, 75, 83, 102, 111, 122, 131, 149, 158, 167, 178, 188, 202, 218, 229, 251, 262} func (i Capability) String() string { if i >= Capability(len(_Capability_index)-1) {