2023-03-28 18:39:22 +00:00
|
|
|
// Copyright (c) HashiCorp, Inc.
|
2023-08-11 13:12:13 +00:00
|
|
|
// SPDX-License-Identifier: BUSL-1.1
|
2023-03-28 18:39:22 +00:00
|
|
|
|
2024-01-10 16:19:20 +00:00
|
|
|
package dnsutil
|
2022-03-18 01:31:28 +00:00
|
|
|
|
|
|
|
import (
|
|
|
|
"errors"
|
2024-01-29 16:40:10 +00:00
|
|
|
"net"
|
2022-03-18 01:31:28 +00:00
|
|
|
"regexp"
|
2024-01-29 16:40:10 +00:00
|
|
|
"slices"
|
|
|
|
"strings"
|
|
|
|
|
|
|
|
"github.com/miekg/dns"
|
2022-03-18 01:31:28 +00:00
|
|
|
)
|
|
|
|
|
2024-02-12 19:27:25 +00:00
|
|
|
type TranslateAddressAccept int
|
|
|
|
|
2024-01-10 16:19:20 +00:00
|
|
|
// MaxLabelLength is the maximum length for a name that can be used in DNS.
|
2024-01-29 16:40:10 +00:00
|
|
|
const (
|
|
|
|
MaxLabelLength = 63
|
|
|
|
|
|
|
|
arpaLabel = "arpa"
|
|
|
|
arpaIPV4Label = "in-addr"
|
|
|
|
arpaIPV6Label = "ip6"
|
2024-02-12 19:27:25 +00:00
|
|
|
|
|
|
|
TranslateAddressAcceptDomain TranslateAddressAccept = 1 << iota
|
|
|
|
TranslateAddressAcceptIPv4
|
|
|
|
TranslateAddressAcceptIPv6
|
|
|
|
|
|
|
|
TranslateAddressAcceptAny TranslateAddressAccept = ^0
|
2024-01-29 16:40:10 +00:00
|
|
|
)
|
2024-01-10 16:19:20 +00:00
|
|
|
|
|
|
|
// InvalidNameRe is a regex that matches characters which can not be included in
|
|
|
|
// a DNS name.
|
|
|
|
var InvalidNameRe = regexp.MustCompile(`[^A-Za-z0-9\\-]+`)
|
|
|
|
|
2022-03-18 01:31:28 +00:00
|
|
|
// matches valid DNS labels according to RFC 1123, should be at most 63
|
|
|
|
// characters according to the RFC
|
|
|
|
var validLabel = regexp.MustCompile(`^[a-zA-Z0-9]([a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])?$`)
|
|
|
|
|
|
|
|
// IsValidLabel returns true if the string given is a valid DNS label (RFC 1123).
|
|
|
|
// Note: the only difference between RFC 1035 and RFC 1123 labels is that in
|
|
|
|
// RFC 1123 labels can begin with a number.
|
|
|
|
func IsValidLabel(name string) bool {
|
|
|
|
return validLabel.MatchString(name)
|
|
|
|
}
|
|
|
|
|
|
|
|
// ValidateLabel is similar to IsValidLabel except it returns an error
|
|
|
|
// instead of false when name is not a valid DNS label. The error will contain
|
|
|
|
// reference to what constitutes a valid DNS label.
|
|
|
|
func ValidateLabel(name string) error {
|
|
|
|
if !IsValidLabel(name) {
|
|
|
|
return errors.New("a valid DNS label must consist of lower case alphanumeric characters or '-', and must start and end with an alphanumeric character")
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
2024-01-29 16:40:10 +00:00
|
|
|
|
|
|
|
// IPFromARPA returns the net.IP address from a fully-qualified ARPA PTR domain name.
|
|
|
|
// If the address is an invalid format, it returns nil.
|
|
|
|
func IPFromARPA(arpa string) net.IP {
|
|
|
|
labels := dns.SplitDomainName(arpa)
|
|
|
|
if len(labels) != 6 && len(labels) != 34 {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// The last two labels should be "in-addr" or "ip6" and "arpa"
|
|
|
|
if labels[len(labels)-1] != arpaLabel {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
var ip net.IP
|
|
|
|
switch labels[len(labels)-2] {
|
|
|
|
case arpaIPV4Label:
|
|
|
|
parts := labels[:len(labels)-2]
|
|
|
|
slices.Reverse(parts)
|
|
|
|
ip = net.ParseIP(strings.Join(parts, "."))
|
|
|
|
case arpaIPV6Label:
|
|
|
|
parts := labels[:len(labels)-2]
|
|
|
|
slices.Reverse(parts)
|
|
|
|
|
|
|
|
// Condense the different words of the address
|
|
|
|
address := strings.Join(parts[0:4], "")
|
|
|
|
for i := 4; i <= len(parts)-4; i = i + 4 {
|
|
|
|
word := parts[i : i+4]
|
|
|
|
address = address + ":" + strings.Join(word, "")
|
|
|
|
}
|
|
|
|
ip = net.ParseIP(address)
|
|
|
|
// default: fallthrough
|
|
|
|
}
|
|
|
|
return ip
|
|
|
|
}
|