mirror/stackexchange-dnscontrol
1
0
Fork 0
mirror of https://github.com/StackExchange/dnscontrol.git synced 2024-05-11 05:55:12 +00:00
Code Issues Releases Activity

Fix DO

Browse Source
This commit is contained in:
Tom Limoncelli
2023-11-12 16:23:03 -05:00
parent 546cb60695
commit 891719b1ef
4 changed files with 42 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
integrationTest/integration_test.go
View File

@ -1088,7 +1088,7 @@ func makeTests(t *testing.T) []*TestGroup {
tc("TXT with 1 backtick", txt("foobt", "blah`blah")), tc("TXT with 1 backtick", txt("foobt", "blah`blah")),
tc("TXT with 1 double-quotes", txt("foodq", `quo"te`)), tc("TXT with 1 double-quotes", txt("foodq", `quo"te`)),
tc("TXT with 2 double-quotes", txt("foodqs", `q"uo"te`)), tc("TXT with 2 double-quotes", txt("foodqs", `q"uo"te`)),
tc("TXT with 1 backslash", txt("fooosbs", `backs\lash`)), tc("TXT with 1 backslash", txt("fooosbs", `back\slash`)),
clear(), clear(),
tc("TXT interior ws", txt("foosp", "with spaces")), tc("TXT interior ws", txt("foosp", "with spaces")),

58
pkg/rejectif/txt.go
View File

@ -9,18 +9,18 @@ import (
// Keep these in alphabetical order. // Keep these in alphabetical order.
// TxtHasBackticks audits TXT records for strings that contain backticks. // TxtHasBackslash audits TXT records for strings that contains one or more backslashes.
func TxtHasBackticks(rc *models.RecordConfig) error { func TxtHasBackslash(rc *models.RecordConfig) error {
if strings.Contains(rc.GetTargetField(), "`") { if strings.Contains(rc.GetTargetField(), `\`) {
return fmt.Errorf("txtstring contains backtick") return fmt.Errorf("txtstring contains backslashes")
} }
return nil return nil
} }
// TxtHasSingleQuotes audits TXT records for strings that contain single-quotes. // TxtHasBackticks audits TXT records for strings that contain backticks.
func TxtHasSingleQuotes(rc *models.RecordConfig) error { func TxtHasBackticks(rc *models.RecordConfig) error {
if strings.Contains(rc.GetTargetField(), "'") { if strings.Contains(rc.GetTargetField(), "`") {
return fmt.Errorf("txtstring contains single-quotes") return fmt.Errorf("txtstring contains backtick")
} }
return nil return nil
} }
@ -33,15 +33,6 @@ func TxtHasDoubleQuotes(rc *models.RecordConfig) error {
return nil return nil
} }
// TxtIsExactlyLen255 audits TXT records for strings exactly 255 octets long.
// This is rare; you probably want to use TxtNoStringsLen256orLonger() instead.
func TxtIsExactlyLen255(rc *models.RecordConfig) error {
if len(rc.GetTargetField()) == 255 {
return fmt.Errorf("txtstring length is 255")
}
return nil
}
// TxtHasSegmentLen256orLonger audits TXT records for strings that are >255 octets. // TxtHasSegmentLen256orLonger audits TXT records for strings that are >255 octets.
func TxtHasSegmentLen256orLonger(rc *models.RecordConfig) error { func TxtHasSegmentLen256orLonger(rc *models.RecordConfig) error {
if len(rc.GetTargetField()) > 255 { if len(rc.GetTargetField()) > 255 {
@ -50,10 +41,10 @@ func TxtHasSegmentLen256orLonger(rc *models.RecordConfig) error {
return nil return nil
} }
// TxtLongerThan255 audits TXT records for multiple strings // TxtHasSingleQuotes audits TXT records for strings that contain single-quotes.
func TxtLongerThan255(rc *models.RecordConfig) error { func TxtHasSingleQuotes(rc *models.RecordConfig) error {
if len(rc.GetTargetField()) > 255 { if strings.Contains(rc.GetTargetField(), "'") {
return fmt.Errorf("multiple strings in one txt") return fmt.Errorf("txtstring contains single-quotes")
} }
return nil return nil
} }
@ -67,6 +58,14 @@ func TxtHasTrailingSpace(rc *models.RecordConfig) error {
return nil return nil
} }
// TxtHasUnpairedDoubleQuotes audits TXT records for strings that contain unpaired doublequotes.
func TxtHasUnpairedDoubleQuotes(rc *models.RecordConfig) error {
if strings.Count(rc.GetTargetField(), `"`)%2 == 1 {
return fmt.Errorf("txtstring contains unpaired doublequotes")
}
return nil
}
// TxtIsEmpty audits TXT records for empty strings. // TxtIsEmpty audits TXT records for empty strings.
func TxtIsEmpty(rc *models.RecordConfig) error { func TxtIsEmpty(rc *models.RecordConfig) error {
if len(rc.GetTargetField()) == 0 { if len(rc.GetTargetField()) == 0 {
@ -75,10 +74,19 @@ func TxtIsEmpty(rc *models.RecordConfig) error {
return nil return nil
} }
// TxtHasUnpairedDoubleQuotes audits TXT records for strings that contain unpaired doublequotes. // TxtIsExactlyLen255 audits TXT records for strings exactly 255 octets long.
func TxtHasUnpairedDoubleQuotes(rc *models.RecordConfig) error { // This is rare; you probably want to use TxtNoStringsLen256orLonger() instead.
if strings.Count(rc.GetTargetField(), `"`)%2 == 1 { func TxtIsExactlyLen255(rc *models.RecordConfig) error {
return fmt.Errorf("txtstring contains unpaired doublequotes") if len(rc.GetTargetField()) == 255 {
return fmt.Errorf("txtstring length is 255")
}
return nil
}
// TxtLongerThan255 audits TXT records for multiple strings
func TxtLongerThan255(rc *models.RecordConfig) error {
if len(rc.GetTargetField()) > 255 {
return fmt.Errorf("multiple strings in one txt")
} }
return nil return nil
} }

9
providers/digitalocean/auditrecords.go
View File

@ -19,9 +19,11 @@ func AuditRecords(records []*models.RecordConfig) []error {
a.Add("TXT", MaxLengthDO) // Last verified 2021-03-01 a.Add("TXT", MaxLengthDO) // Last verified 2021-03-01
a.Add("TXT", rejectif.TxtHasDoubleQuotes) // Last verified 2021-03-01 a.Add("TXT", rejectif.TxtHasBackslash) // Last verified 2023-11-12
// Double-quotes not permitted in TXT strings. I have a hunch that // The web portal rejects blackslashes too
// this is due to a broken parser on the DO side.
a.Add("TXT", rejectif.TxtHasDoubleQuotes) // Last verified 2023-11-12
// The web portal rejects double quotes
return a.Audit(records) return a.Audit(records)
} }
@ -47,7 +49,6 @@ func MaxLengthDO(rc *models.RecordConfig) error {
if len(rc.GetTargetField()) > 509 { if len(rc.GetTargetField()) > 509 {
return fmt.Errorf("encoded txt too long") return fmt.Errorf("encoded txt too long")
} }
// FIXME(tlim): Try replacing GetTargetField() with (2 + (3*len(rc.TxtStrings) - 1))
return nil return nil
} }

3
providers/digitalocean/digitaloceanProvider.go
View File

@ -10,6 +10,7 @@ import (
"github.com/StackExchange/dnscontrol/v4/models" "github.com/StackExchange/dnscontrol/v4/models"
"github.com/StackExchange/dnscontrol/v4/pkg/diff" "github.com/StackExchange/dnscontrol/v4/pkg/diff"
"github.com/StackExchange/dnscontrol/v4/pkg/printer"
"github.com/StackExchange/dnscontrol/v4/providers" "github.com/StackExchange/dnscontrol/v4/providers"
"github.com/digitalocean/godo" "github.com/digitalocean/godo"
"github.com/miekg/dns/dnsutil" "github.com/miekg/dns/dnsutil"
@ -297,6 +298,7 @@ func toRc(domain string, r *godo.DomainRecord) *models.RecordConfig {
t.SetLabelFromFQDN(name, domain) t.SetLabelFromFQDN(name, domain)
switch rtype := r.Type; rtype { switch rtype := r.Type; rtype {
case "TXT": case "TXT":
printer.Printf("DEBUG: DIGITAL TXT inbounds=%s q=%q\n", target, target)
t.SetTargetTXT(target) t.SetTargetTXT(target)
default: default:
t.SetTarget(target) t.SetTarget(target)
@ -322,6 +324,7 @@ func toReq(dc *models.DomainConfig, rc *models.RecordConfig) *godo.DomainRecordE
case "TXT": case "TXT":
// TXT records are the one place where DO combines many items into one field. // TXT records are the one place where DO combines many items into one field.
target = rc.GetTargetTXTJoined() target = rc.GetTargetTXTJoined()
printer.Printf("DEBUG: DIGITAL TXT outbounds=%s q=%q\n", target, target)
default: default:
// no action required // no action required
} }