diff --git a/go.mod b/go.mod index ae9a4a45b1..0bd07abb05 100644 --- a/go.mod +++ b/go.mod @@ -56,7 +56,7 @@ require ( github.com/hashicorp/yamux v0.0.0-20181012175058-2f1d1f20f75d github.com/imdario/mergo v0.3.6 github.com/kr/text v0.1.0 - github.com/miekg/dns v1.1.22 + github.com/miekg/dns v1.1.26 github.com/mitchellh/cli v1.0.0 github.com/mitchellh/copystructure v1.0.0 github.com/mitchellh/go-testing-interface v1.0.0 diff --git a/go.sum b/go.sum index 532dfd92c9..ffdba4224d 100644 --- a/go.sum +++ b/go.sum @@ -257,8 +257,8 @@ github.com/matttproud/golang_protobuf_extensions v1.0.1 h1:4hp9jkHxhMHkqkrB3Ix0j github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/miekg/dns v1.0.14 h1:9jZdLNd/P4+SfEJ0TNyxYpsK8N4GtfylBLqtbYN1sbA= github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= -github.com/miekg/dns v1.1.22 h1:Jm64b3bO9kP43ddLjL2EY3Io6bmy1qGb9Xxz6TqS6rc= -github.com/miekg/dns v1.1.22/go.mod h1:bPDLeHnStXmXAq1m/Ch/hvfNHr14JKNPMBo3VZKjuso= +github.com/miekg/dns v1.1.26 h1:gPxPSwALAeHJSjarOs00QjVdV9QoBvc1D2ujQUr5BzU= +github.com/miekg/dns v1.1.26/go.mod h1:bPDLeHnStXmXAq1m/Ch/hvfNHr14JKNPMBo3VZKjuso= github.com/mitchellh/cli v1.0.0 h1:iGBIsUe3+HZ/AD/Vd7DErOt5sU9fa8Uj7A2s1aggv1Y= github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc= github.com/mitchellh/copystructure v1.0.0 h1:Laisrj+bAB6b/yJwB5Bt3ITZhGJdqmxquMKeZ+mmkFQ= diff --git a/vendor/github.com/miekg/dns/.travis.yml b/vendor/github.com/miekg/dns/.travis.yml index c450c9f956..7661bfd87c 100644 --- a/vendor/github.com/miekg/dns/.travis.yml +++ b/vendor/github.com/miekg/dns/.travis.yml @@ -2,8 +2,8 @@ language: go sudo: false go: - - 1.11.x - - 1.12.x + - "1.12.x" + - "1.13.x" - tip env: diff --git a/vendor/github.com/miekg/dns/CODEOWNERS b/vendor/github.com/miekg/dns/CODEOWNERS new file mode 100644 index 0000000000..e0917031bc --- /dev/null +++ b/vendor/github.com/miekg/dns/CODEOWNERS @@ -0,0 +1 @@ +* @miekg @tmthrgd diff --git a/vendor/github.com/miekg/dns/LICENSE b/vendor/github.com/miekg/dns/LICENSE index 5763fa7fe5..55f12ab777 100644 --- a/vendor/github.com/miekg/dns/LICENSE +++ b/vendor/github.com/miekg/dns/LICENSE @@ -1,7 +1,3 @@ -Extensions of the original work are copyright (c) 2011 Miek Gieben - -As this is fork of the official Go code the same license applies: - Copyright (c) 2009 The Go Authors. All rights reserved. Redistribution and use in source and binary forms, with or without @@ -30,3 +26,5 @@ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +As this is fork of the official Go code the same license applies. +Extensions of the original work are copyright (c) 2011 Miek Gieben diff --git a/vendor/github.com/miekg/dns/README.md b/vendor/github.com/miekg/dns/README.md index de4afed69a..3a6e1cc3c0 100644 --- a/vendor/github.com/miekg/dns/README.md +++ b/vendor/github.com/miekg/dns/README.md @@ -94,8 +94,8 @@ DNS Authors 2012- # Building -Building is done with the `go` tool. If you have setup your GOPATH correctly, the following should -work: +This library uses Go modules and uses semantic versioning. Building is done with the `go` tool, so +the following should work: go get github.com/miekg/dns go build github.com/miekg/dns diff --git a/vendor/github.com/miekg/dns/acceptfunc.go b/vendor/github.com/miekg/dns/acceptfunc.go index c6920f792c..825617fe21 100644 --- a/vendor/github.com/miekg/dns/acceptfunc.go +++ b/vendor/github.com/miekg/dns/acceptfunc.go @@ -6,22 +6,29 @@ type MsgAcceptFunc func(dh Header) MsgAcceptAction // DefaultMsgAcceptFunc checks the request and will reject if: // -// * isn't a request (don't respond in that case). +// * isn't a request (don't respond in that case) +// // * opcode isn't OpcodeQuery or OpcodeNotify +// // * Zero bit isn't zero +// // * has more than 1 question in the question section +// // * has more than 1 RR in the Answer section +// // * has more than 0 RRs in the Authority section +// // * has more than 2 RRs in the Additional section +// var DefaultMsgAcceptFunc MsgAcceptFunc = defaultMsgAcceptFunc // MsgAcceptAction represents the action to be taken. type MsgAcceptAction int const ( - MsgAccept MsgAcceptAction = iota // Accept the message - MsgReject // Reject the message with a RcodeFormatError - MsgIgnore // Ignore the error and send nothing back. + MsgAccept MsgAcceptAction = iota // Accept the message + MsgReject // Reject the message with a RcodeFormatError + MsgIgnore // Ignore the error and send nothing back. MsgRejectNotImplemented // Reject the message with a RcodeNotImplemented ) diff --git a/vendor/github.com/miekg/dns/doc.go b/vendor/github.com/miekg/dns/doc.go index d3d7cec9ef..3318b77e08 100644 --- a/vendor/github.com/miekg/dns/doc.go +++ b/vendor/github.com/miekg/dns/doc.go @@ -83,7 +83,7 @@ with: in, err := dns.Exchange(m1, "127.0.0.1:53") -When this functions returns you will get dns message. A dns message consists +When this functions returns you will get DNS message. A DNS message consists out of four sections. The question section: in.Question, the answer section: in.Answer, the authority section: in.Ns and the additional section: in.Extra. @@ -221,7 +221,7 @@ RFC 6895 sets aside a range of type codes for private use. This range is 65,280 - 65,534 (0xFF00 - 0xFFFE). When experimenting with new Resource Records these can be used, before requesting an official type code from IANA. -See https://miek.nl/2014/September/21/idn-and-private-rr-in-go-dns/ for more +See https://miek.nl/2014/september/21/idn-and-private-rr-in-go-dns/ for more information. EDNS0 @@ -238,9 +238,8 @@ Basic use pattern for creating an (empty) OPT RR: The rdata of an OPT RR consists out of a slice of EDNS0 (RFC 6891) interfaces. Currently only a few have been standardized: EDNS0_NSID (RFC 5001) and -EDNS0_SUBNET (draft-vandergaast-edns-client-subnet-02). Note that these options -may be combined in an OPT RR. Basic use pattern for a server to check if (and -which) options are set: +EDNS0_SUBNET (RFC 7871). Note that these options may be combined in an OPT RR. +Basic use pattern for a server to check if (and which) options are set: // o is a dns.OPT for _, s := range o.Option { diff --git a/vendor/github.com/miekg/dns/duplicate.go b/vendor/github.com/miekg/dns/duplicate.go index 00cda0aa29..49e6940b66 100644 --- a/vendor/github.com/miekg/dns/duplicate.go +++ b/vendor/github.com/miekg/dns/duplicate.go @@ -5,7 +5,7 @@ package dns // IsDuplicate checks of r1 and r2 are duplicates of each other, excluding the TTL. // So this means the header data is equal *and* the RDATA is the same. Return true // is so, otherwise false. -// It's is a protocol violation to have identical RRs in a message. +// It's a protocol violation to have identical RRs in a message. func IsDuplicate(r1, r2 RR) bool { // Check whether the record header is identical. if !r1.Header().isDuplicate(r2.Header()) { diff --git a/vendor/github.com/miekg/dns/edns.go b/vendor/github.com/miekg/dns/edns.go index 8cdbfb0b07..d244f7c6d5 100644 --- a/vendor/github.com/miekg/dns/edns.go +++ b/vendor/github.com/miekg/dns/edns.go @@ -360,7 +360,7 @@ func (e *EDNS0_COOKIE) copy() EDNS0 { return &EDNS0_COOKIE{e.Code, e.C // The EDNS0_UL (Update Lease) (draft RFC) option is used to tell the server to set // an expiration on an update RR. This is helpful for clients that cannot clean // up after themselves. This is a draft RFC and more information can be found at -// http://files.dns-sd.org/draft-sekar-dns-ul.txt +// https://tools.ietf.org/html/draft-sekar-dns-ul-02 // // o := new(dns.OPT) // o.Hdr.Name = "." @@ -370,24 +370,36 @@ func (e *EDNS0_COOKIE) copy() EDNS0 { return &EDNS0_COOKIE{e.Code, e.C // e.Lease = 120 // in seconds // o.Option = append(o.Option, e) type EDNS0_UL struct { - Code uint16 // Always EDNS0UL - Lease uint32 + Code uint16 // Always EDNS0UL + Lease uint32 + KeyLease uint32 } // Option implements the EDNS0 interface. func (e *EDNS0_UL) Option() uint16 { return EDNS0UL } -func (e *EDNS0_UL) String() string { return strconv.FormatUint(uint64(e.Lease), 10) } -func (e *EDNS0_UL) copy() EDNS0 { return &EDNS0_UL{e.Code, e.Lease} } +func (e *EDNS0_UL) String() string { return fmt.Sprintf("%d %d", e.Lease, e.KeyLease) } +func (e *EDNS0_UL) copy() EDNS0 { return &EDNS0_UL{e.Code, e.Lease, e.KeyLease} } // Copied: http://golang.org/src/pkg/net/dnsmsg.go func (e *EDNS0_UL) pack() ([]byte, error) { - b := make([]byte, 4) + var b []byte + if e.KeyLease == 0 { + b = make([]byte, 4) + } else { + b = make([]byte, 8) + binary.BigEndian.PutUint32(b[4:], e.KeyLease) + } binary.BigEndian.PutUint32(b, e.Lease) return b, nil } func (e *EDNS0_UL) unpack(b []byte) error { - if len(b) < 4 { + switch len(b) { + case 4: + e.KeyLease = 0 + case 8: + e.KeyLease = binary.BigEndian.Uint32(b[4:]) + default: return ErrBuf } e.Lease = binary.BigEndian.Uint32(b) diff --git a/vendor/github.com/miekg/dns/fuzz.go b/vendor/github.com/miekg/dns/fuzz.go index a8a09184d4..57410acda7 100644 --- a/vendor/github.com/miekg/dns/fuzz.go +++ b/vendor/github.com/miekg/dns/fuzz.go @@ -2,6 +2,8 @@ package dns +import "strings" + func Fuzz(data []byte) int { msg := new(Msg) @@ -16,7 +18,14 @@ func Fuzz(data []byte) int { } func FuzzNewRR(data []byte) int { - if _, err := NewRR(string(data)); err != nil { + str := string(data) + // Do not fuzz lines that include the $INCLUDE keyword and hint the fuzzer + // at avoiding them. + // See GH#1025 for context. + if strings.Contains(strings.ToUpper(str), "$INCLUDE") { + return -1 + } + if _, err := NewRR(str); err != nil { return 0 } return 1 diff --git a/vendor/github.com/miekg/dns/generate.go b/vendor/github.com/miekg/dns/generate.go index 26edc4f402..f7e91a23f7 100644 --- a/vendor/github.com/miekg/dns/generate.go +++ b/vendor/github.com/miekg/dns/generate.go @@ -85,6 +85,7 @@ func (zp *ZoneParser) generate(l lex) (RR, bool) { } zp.sub = NewZoneParser(r, zp.origin, zp.file) zp.sub.includeDepth, zp.sub.includeAllowed = zp.includeDepth, zp.includeAllowed + zp.sub.generateDisallowed = true zp.sub.SetDefaultTTL(defaultTtl) return zp.subNext() } diff --git a/vendor/github.com/miekg/dns/labels.go b/vendor/github.com/miekg/dns/labels.go index e32d2a1d25..10d824718a 100644 --- a/vendor/github.com/miekg/dns/labels.go +++ b/vendor/github.com/miekg/dns/labels.go @@ -126,20 +126,23 @@ func Split(s string) []int { // The bool end is true when the end of the string has been reached. // Also see PrevLabel. func NextLabel(s string, offset int) (i int, end bool) { - quote := false + if s == "" { + return 0, true + } for i = offset; i < len(s)-1; i++ { - switch s[i] { - case '\\': - quote = !quote - default: - quote = false - case '.': - if quote { - quote = !quote - continue - } - return i + 1, false + if s[i] != '.' { + continue } + j := i - 1 + for j >= 0 && s[j] == '\\' { + j-- + } + + if (j-i)%2 == 0 { + continue + } + + return i + 1, false } return i + 1, true } @@ -149,17 +152,38 @@ func NextLabel(s string, offset int) (i int, end bool) { // The bool start is true when the start of the string has been overshot. // Also see NextLabel. func PrevLabel(s string, n int) (i int, start bool) { + if s == "" { + return 0, true + } if n == 0 { return len(s), false } - lab := Split(s) - if lab == nil { - return 0, true + + l := len(s) - 1 + if s[l] == '.' { + l-- } - if n > len(lab) { - return 0, true + + for ; l >= 0 && n > 0; l-- { + if s[l] != '.' { + continue + } + j := l - 1 + for j >= 0 && s[j] == '\\' { + j-- + } + + if (j-l)%2 == 0 { + continue + } + + n-- + if n == 0 { + return l + 1, false + } } - return lab[len(lab)-n], false + + return 0, n > 1 } // equal compares a and b while ignoring case. It returns true when equal otherwise false. diff --git a/vendor/github.com/miekg/dns/msg.go b/vendor/github.com/miekg/dns/msg.go index e04fb5d77a..293813005a 100644 --- a/vendor/github.com/miekg/dns/msg.go +++ b/vendor/github.com/miekg/dns/msg.go @@ -11,14 +11,12 @@ package dns //go:generate go run msg_generate.go import ( - crand "crypto/rand" + "crypto/rand" "encoding/binary" "fmt" "math/big" - "math/rand" "strconv" "strings" - "sync" ) const ( @@ -73,53 +71,23 @@ var ( ErrTime error = &Error{err: "bad time"} // ErrTime indicates a timing error in TSIG authentication. ) -// Id by default, returns a 16 bits random number to be used as a -// message id. The random provided should be good enough. This being a -// variable the function can be reassigned to a custom function. -// For instance, to make it return a static value: +// Id by default returns a 16-bit random number to be used as a message id. The +// number is drawn from a cryptographically secure random number generator. +// This being a variable the function can be reassigned to a custom function. +// For instance, to make it return a static value for testing: // // dns.Id = func() uint16 { return 3 } var Id = id -var ( - idLock sync.Mutex - idRand *rand.Rand -) - // id returns a 16 bits random number to be used as a // message id. The random provided should be good enough. func id() uint16 { - idLock.Lock() - - if idRand == nil { - // This (partially) works around - // https://github.com/golang/go/issues/11833 by only - // seeding idRand upon the first call to id. - - var seed int64 - var buf [8]byte - - if _, err := crand.Read(buf[:]); err == nil { - seed = int64(binary.LittleEndian.Uint64(buf[:])) - } else { - seed = rand.Int63() - } - - idRand = rand.New(rand.NewSource(seed)) + var output uint16 + err := binary.Read(rand.Reader, binary.BigEndian, &output) + if err != nil { + panic("dns: reading random id failed: " + err.Error()) } - - // The call to idRand.Uint32 must be within the - // mutex lock because *rand.Rand is not safe for - // concurrent use. - // - // There is no added performance overhead to calling - // idRand.Uint32 inside a mutex lock over just - // calling rand.Uint32 as the global math/rand rng - // is internally protected by a sync.Mutex. - id := uint16(idRand.Uint32()) - - idLock.Unlock() - return id + return output } // MsgHdr is a a manually-unpacked version of (id, bits). diff --git a/vendor/github.com/miekg/dns/msg_helpers.go b/vendor/github.com/miekg/dns/msg_helpers.go index 0e96f0f345..43f54b303a 100644 --- a/vendor/github.com/miekg/dns/msg_helpers.go +++ b/vendor/github.com/miekg/dns/msg_helpers.go @@ -445,6 +445,13 @@ Option: } edns = append(edns, e) off += int(optlen) + case EDNS0EXPIRE: + e := new(EDNS0_EXPIRE) + if err := e.unpack(msg[off : off+int(optlen)]); err != nil { + return nil, len(msg), err + } + edns = append(edns, e) + off += int(optlen) case EDNS0UL: e := new(EDNS0_UL) if err := e.unpack(msg[off : off+int(optlen)]); err != nil { diff --git a/vendor/github.com/miekg/dns/scan.go b/vendor/github.com/miekg/dns/scan.go index 0f9361af01..671018b1f3 100644 --- a/vendor/github.com/miekg/dns/scan.go +++ b/vendor/github.com/miekg/dns/scan.go @@ -248,6 +248,7 @@ type ZoneParser struct { includeDepth uint8 includeAllowed bool + generateDisallowed bool } // NewZoneParser returns an RFC 1035 style zonefile parser that reads @@ -547,6 +548,9 @@ func (zp *ZoneParser) Next() (RR, bool) { st = zExpectDirGenerate case zExpectDirGenerate: + if zp.generateDisallowed { + return zp.setParseError("nested $GENERATE directive not allowed", l) + } if l.value != zString { return zp.setParseError("expecting $GENERATE value, not this...", l) } diff --git a/vendor/github.com/miekg/dns/tsig.go b/vendor/github.com/miekg/dns/tsig.go index 2c4ef03bac..61efa248e6 100644 --- a/vendor/github.com/miekg/dns/tsig.go +++ b/vendor/github.com/miekg/dns/tsig.go @@ -40,7 +40,7 @@ type TSIG struct { // TSIG has no official presentation format, but this will suffice. func (rr *TSIG) String() string { - s := "\n;; TSIG PSEUDOSECTION:\n" + s := "\n;; TSIG PSEUDOSECTION:\n; " // add another semi-colon to signify TSIG does not have a presentation format s += rr.Hdr.String() + " " + rr.Algorithm + " " + tsigTimeToString(rr.TimeSigned) + diff --git a/vendor/github.com/miekg/dns/version.go b/vendor/github.com/miekg/dns/version.go index 0a833dc93b..513520731b 100644 --- a/vendor/github.com/miekg/dns/version.go +++ b/vendor/github.com/miekg/dns/version.go @@ -3,7 +3,7 @@ package dns import "fmt" // Version is current version of this library. -var Version = V{1, 1, 22} +var Version = V{1, 1, 26} // V holds the version of this library. type V struct { diff --git a/vendor/github.com/miekg/dns/xfr.go b/vendor/github.com/miekg/dns/xfr.go index bb4ca3d879..43970e64f3 100644 --- a/vendor/github.com/miekg/dns/xfr.go +++ b/vendor/github.com/miekg/dns/xfr.go @@ -182,14 +182,17 @@ func (t *Transfer) inIxfr(q *Msg, c chan *Envelope) { // // ch := make(chan *dns.Envelope) // tr := new(dns.Transfer) -// go tr.Out(w, r, ch) +// var wg sync.WaitGroup +// go func() { +// tr.Out(w, r, ch) +// wg.Done() +// }() // ch <- &dns.Envelope{RR: []dns.RR{soa, rr1, rr2, rr3, soa}} // close(ch) -// w.Hijack() -// // w.Close() // Client closes connection +// wg.Wait() // wait until everything is written out +// w.Close() // close connection // -// The server is responsible for sending the correct sequence of RRs through the -// channel ch. +// The server is responsible for sending the correct sequence of RRs through the channel ch. func (t *Transfer) Out(w ResponseWriter, q *Msg, ch chan *Envelope) error { for x := range ch { r := new(Msg) diff --git a/vendor/modules.txt b/vendor/modules.txt index d2206c26f5..15498ec5d6 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -287,7 +287,7 @@ github.com/mattn/go-colorable github.com/mattn/go-isatty # github.com/matttproud/golang_protobuf_extensions v1.0.1 github.com/matttproud/golang_protobuf_extensions/pbutil -# github.com/miekg/dns v1.1.22 +# github.com/miekg/dns v1.1.26 github.com/miekg/dns # github.com/mitchellh/cli v1.0.0 github.com/mitchellh/cli