From 96eab1202717e073782ec399a4e0820cae15b1bb Mon Sep 17 00:00:00 2001 From: Christopher Speller Date: Thu, 17 Aug 2017 17:19:06 -0700 Subject: Updating server dependancies. (#7246) --- vendor/github.com/miekg/dns/scan.go | 3 +-- vendor/github.com/miekg/dns/scan_test.go | 45 ++++++++++++++++++++++++++++++++ vendor/github.com/miekg/dns/tsig.go | 3 +++ vendor/github.com/miekg/dns/tsig_test.go | 15 +++++++++++ vendor/github.com/miekg/dns/types.go | 42 ++++++++++++++--------------- 5 files changed, 85 insertions(+), 23 deletions(-) create mode 100644 vendor/github.com/miekg/dns/scan_test.go (limited to 'vendor/github.com/miekg/dns') diff --git a/vendor/github.com/miekg/dns/scan.go b/vendor/github.com/miekg/dns/scan.go index 8d4773c3e..5f7f64423 100644 --- a/vendor/github.com/miekg/dns/scan.go +++ b/vendor/github.com/miekg/dns/scan.go @@ -278,8 +278,7 @@ func parseZone(r io.Reader, origin, f string, t chan *Token, include int) { return } neworigin := origin // There may be optionally a new origin set after the filename, if not use current one - l := <-c - switch l.value { + switch l := <-c; l.value { case zBlank: l := <-c if l.value == zString { diff --git a/vendor/github.com/miekg/dns/scan_test.go b/vendor/github.com/miekg/dns/scan_test.go new file mode 100644 index 000000000..b31c4c779 --- /dev/null +++ b/vendor/github.com/miekg/dns/scan_test.go @@ -0,0 +1,45 @@ +package dns + +import ( + "io/ioutil" + "os" + "strings" + "testing" +) + +func TestParseZoneInclude(t *testing.T) { + + tmpfile, err := ioutil.TempFile("", "dns") + if err != nil { + t.Fatalf("could not create tmpfile for test: %s", err) + } + + if _, err := tmpfile.WriteString("foo\tIN\tA\t127.0.0.1"); err != nil { + t.Fatalf("unable to write content to tmpfile %q: %s", tmpfile.Name(), err) + } + if err := tmpfile.Close(); err != nil { + t.Fatalf("could not close tmpfile %q: %s", tmpfile.Name(), err) + } + + zone := "$INCLUDE " + tmpfile.Name() + + tok := ParseZone(strings.NewReader(zone), "", "") + for x := range tok { + if x.Error != nil { + t.Fatalf("expected no error, but got %s", x.Error) + } + } + + os.Remove(tmpfile.Name()) + + tok = ParseZone(strings.NewReader(zone), "", "") + for x := range tok { + if x.Error == nil { + t.Fatalf("expected first token to contain an error but it didn't") + } + if !strings.Contains(x.Error.Error(), "failed to open") || + !strings.Contains(x.Error.Error(), tmpfile.Name()) { + t.Fatalf(`expected error to contain: "failed to open" and %q but got: %s`, tmpfile.Name(), x.Error) + } + } +} diff --git a/vendor/github.com/miekg/dns/tsig.go b/vendor/github.com/miekg/dns/tsig.go index 24013096b..4837b4ab1 100644 --- a/vendor/github.com/miekg/dns/tsig.go +++ b/vendor/github.com/miekg/dns/tsig.go @@ -208,6 +208,9 @@ func tsigBuffer(msgbuf []byte, rr *TSIG, requestMAC string, timersOnly bool) []b rr.Fudge = 300 // Standard (RFC) default. } + // Replace message ID in header with original ID from TSIG + binary.BigEndian.PutUint16(msgbuf[0:2], rr.OrigId) + if requestMAC != "" { m := new(macWireFmt) m.MACSize = uint16(len(requestMAC) / 2) diff --git a/vendor/github.com/miekg/dns/tsig_test.go b/vendor/github.com/miekg/dns/tsig_test.go index 48b9988b6..4bc52733c 100644 --- a/vendor/github.com/miekg/dns/tsig_test.go +++ b/vendor/github.com/miekg/dns/tsig_test.go @@ -1,6 +1,7 @@ package dns import ( + "encoding/binary" "testing" "time" ) @@ -22,6 +23,20 @@ func TestTsig(t *testing.T) { if err != nil { t.Fatal(err) } + + // TSIG accounts for ID substitution. This means if the message ID is + // changed by a forwarder, we should still be able to verify the TSIG. + m = newTsig(HmacMD5) + buf, _, err = TsigGenerate(m, "pRZgBrBvI4NAHZYhxmhs/Q==", "", false) + if err != nil { + t.Fatal(err) + } + + binary.BigEndian.PutUint16(buf[0:2], uint16(42)) + err = TsigVerify(buf, "pRZgBrBvI4NAHZYhxmhs/Q==", "", false) + if err != nil { + t.Fatal(err) + } } func TestTsigCase(t *testing.T) { diff --git a/vendor/github.com/miekg/dns/types.go b/vendor/github.com/miekg/dns/types.go index 53da4755c..57f065bc8 100644 --- a/vendor/github.com/miekg/dns/types.go +++ b/vendor/github.com/miekg/dns/types.go @@ -115,27 +115,27 @@ const ( ClassNONE = 254 ClassANY = 255 - // Message Response Codes. - RcodeSuccess = 0 - RcodeFormatError = 1 - RcodeServerFailure = 2 - RcodeNameError = 3 - RcodeNotImplemented = 4 - RcodeRefused = 5 - RcodeYXDomain = 6 - RcodeYXRrset = 7 - RcodeNXRrset = 8 - RcodeNotAuth = 9 - RcodeNotZone = 10 - RcodeBadSig = 16 // TSIG - RcodeBadVers = 16 // EDNS0 - RcodeBadKey = 17 - RcodeBadTime = 18 - RcodeBadMode = 19 // TKEY - RcodeBadName = 20 - RcodeBadAlg = 21 - RcodeBadTrunc = 22 // TSIG - RcodeBadCookie = 23 // DNS Cookies + // Message Response Codes, see https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml + RcodeSuccess = 0 // NoError - No Error [DNS] + RcodeFormatError = 1 // FormErr - Format Error [DNS] + RcodeServerFailure = 2 // ServFail - Server Failure [DNS] + RcodeNameError = 3 // NXDomain - Non-Existent Domain [DNS] + RcodeNotImplemented = 4 // NotImp - Not Implemented [DNS] + RcodeRefused = 5 // Refused - Query Refused [DNS] + RcodeYXDomain = 6 // YXDomain - Name Exists when it should not [DNS Update] + RcodeYXRrset = 7 // YXRRSet - RR Set Exists when it should not [DNS Update] + RcodeNXRrset = 8 // NXRRSet - RR Set that should exist does not [DNS Update] + RcodeNotAuth = 9 // NotAuth - Server Not Authoritative for zone [DNS Update] + RcodeNotZone = 10 // NotZone - Name not contained in zone [DNS Update/TSIG] + RcodeBadSig = 16 // BADSIG - TSIG Signature Failure [TSIG] + RcodeBadVers = 16 // BADVERS - Bad OPT Version [EDNS0] + RcodeBadKey = 17 // BADKEY - Key not recognized [TSIG] + RcodeBadTime = 18 // BADTIME - Signature out of time window [TSIG] + RcodeBadMode = 19 // BADMODE - Bad TKEY Mode [TKEY] + RcodeBadName = 20 // BADNAME - Duplicate key name [TKEY] + RcodeBadAlg = 21 // BADALG - Algorithm not supported [TKEY] + RcodeBadTrunc = 22 // BADTRUNC - Bad Truncation [TSIG] + RcodeBadCookie = 23 // BADCOOKIE - Bad/missing Server Cookie [DNS Cookies] // Message Opcodes. There is no 3. OpcodeQuery = 0 -- cgit v1.2.3-1-g7c22