diff --git a/middleware/file/dname.go b/middleware/file/dname.go new file mode 100644 index 000000000..e4c29c77d --- /dev/null +++ b/middleware/file/dname.go @@ -0,0 +1,44 @@ +package file + +import ( + "strings" + + "github.com/miekg/dns" +) + +// substituteDNAME performs the DNAME substitution defined by RFC 6672, +// assuming the QTYPE of the query is not DNAME. It returns an empty +// string if there is no match. +func substituteDNAME(qname, owner, target string) string { + if dns.IsSubDomain(owner, qname) && qname != owner { + labels := dns.SplitDomainName(qname) + labels = append(labels[0:len(labels)-dns.CountLabel(owner)], dns.SplitDomainName(target)...) + + return strings.Join(labels, ".") + "." + } + + return "" +} + +// synthesizeCNAME returns a CNAME RR pointing to the resulting name of +// the DNAME substitution. The owner name of the CNAME is the QNAME of +// the query and the TTL is the same as the corresponding DNAME RR. +// +// It returns nil if the DNAME substitution has no match. +func synthesizeCNAME(qname string, d *dns.DNAME) *dns.CNAME { + target := substituteDNAME(qname, d.Header().Name, d.Target) + if target == "" { + return nil + } + + r := new(dns.CNAME) + r.Hdr = dns.RR_Header{ + Name: qname, + Rrtype: dns.TypeCNAME, + Class: dns.ClassINET, + Ttl: d.Header().Ttl, + } + r.Target = target + + return r +} diff --git a/middleware/file/dname_test.go b/middleware/file/dname_test.go new file mode 100644 index 000000000..e26a1c29a --- /dev/null +++ b/middleware/file/dname_test.go @@ -0,0 +1,159 @@ +package file + +import ( + "sort" + "strings" + "testing" + + "github.com/coredns/coredns/middleware/pkg/dnsrecorder" + "github.com/coredns/coredns/middleware/test" + + "github.com/miekg/dns" + "golang.org/x/net/context" +) + +// RFC 6672, Section 2.2. Assuming QTYPE != DNAME. +var dnameSubstitutionTestCases = []struct { + qname string + owner string + target string + expected string +}{ + {"com.", "example.com.", "example.net.", ""}, + {"example.com.", "example.com.", "example.net.", ""}, + {"a.example.com.", "example.com.", "example.net.", "a.example.net."}, + {"a.b.example.com.", "example.com.", "example.net.", "a.b.example.net."}, + {"ab.example.com.", "b.example.com.", "example.net.", ""}, + {"foo.example.com.", "example.com.", "example.net.", "foo.example.net."}, + {"a.x.example.com.", "x.example.com.", "example.net.", "a.example.net."}, + {"a.example.com.", "example.com.", "y.example.net.", "a.y.example.net."}, + {"cyc.example.com.", "example.com.", "example.com.", "cyc.example.com."}, + {"cyc.example.com.", "example.com.", "c.example.com.", "cyc.c.example.com."}, + {"shortloop.x.x.", "x.", ".", "shortloop.x."}, + {"shortloop.x.", "x.", ".", "shortloop."}, +} + +func TestDNAMESubstitution(t *testing.T) { + for i, tc := range dnameSubstitutionTestCases { + result := substituteDNAME(tc.qname, tc.owner, tc.target) + if result != tc.expected { + if result == "" { + result = "" + } + + t.Errorf("Case %d: Expected %s -> %s, got %v", i, tc.qname, tc.expected, result) + return + } + } +} + +var dnameTestCases = []test.Case{ + { + Qname: "dname.miek.nl.", Qtype: dns.TypeDNAME, + Answer: []dns.RR{ + test.DNAME("dname.miek.nl. 1800 IN DNAME test.miek.nl."), + }, + Ns: miekAuth, + }, + { + Qname: "dname.miek.nl.", Qtype: dns.TypeA, + Answer: []dns.RR{ + test.A("dname.miek.nl. 1800 IN A 127.0.0.1"), + }, + Ns: miekAuth, + }, + { + Qname: "dname.miek.nl.", Qtype: dns.TypeMX, + Answer: []dns.RR{}, + Ns: []dns.RR{ + test.SOA("miek.nl. 1800 IN SOA linode.atoom.net. miek.miek.nl. 1282630057 14400 3600 604800 14400"), + }, + }, + { + Qname: "a.dname.miek.nl.", Qtype: dns.TypeA, + Answer: []dns.RR{ + test.CNAME("a.dname.miek.nl. 1800 IN CNAME a.test.miek.nl."), + test.A("a.test.miek.nl. 1800 IN A 139.162.196.78"), + test.DNAME("dname.miek.nl. 1800 IN DNAME test.miek.nl."), + }, + Ns: miekAuth, + }, + { + Qname: "www.dname.miek.nl.", Qtype: dns.TypeA, + Answer: []dns.RR{ + test.A("a.test.miek.nl. 1800 IN A 139.162.196.78"), + test.DNAME("dname.miek.nl. 1800 IN DNAME test.miek.nl."), + test.CNAME("www.dname.miek.nl. 1800 IN CNAME www.test.miek.nl."), + test.CNAME("www.test.miek.nl. 1800 IN CNAME a.test.miek.nl."), + }, + Ns: miekAuth, + }, +} + +func TestLookupDNAME(t *testing.T) { + zone, err := Parse(strings.NewReader(dbMiekNLDNAME), testzone, "stdin") + if err != nil { + t.Fatalf("Expect no error when reading zone, got %q", err) + } + + fm := File{Next: test.ErrorHandler(), Zones: Zones{Z: map[string]*Zone{testzone: zone}, Names: []string{testzone}}} + ctx := context.TODO() + + for _, tc := range dnameTestCases { + m := tc.Msg() + + rec := dnsrecorder.New(&test.ResponseWriter{}) + _, err := fm.ServeDNS(ctx, rec, m) + if err != nil { + t.Errorf("Expected no error, got %v\n", err) + return + } + + resp := rec.Msg + sort.Sort(test.RRSet(resp.Answer)) + sort.Sort(test.RRSet(resp.Ns)) + sort.Sort(test.RRSet(resp.Extra)) + + if !test.Header(t, tc, resp) { + t.Logf("%v\n", resp) + continue + } + if !test.Section(t, tc, test.Answer, resp.Answer) { + t.Logf("%v\n", resp) + } + if !test.Section(t, tc, test.Ns, resp.Ns) { + t.Logf("%v\n", resp) + } + if !test.Section(t, tc, test.Extra, resp.Extra) { + t.Logf("%v\n", resp) + } + } +} + +const dbMiekNLDNAME = ` +$TTL 30M +$ORIGIN miek.nl. +@ IN SOA linode.atoom.net. miek.miek.nl. ( + 1282630057 ; Serial + 4H ; Refresh + 1H ; Retry + 7D ; Expire + 4H ) ; Negative Cache TTL + IN NS linode.atoom.net. + IN NS ns-ext.nlnetlabs.nl. + IN NS omval.tednet.nl. + IN NS ext.ns.whyscream.net. + +test IN MX 1 aspmx.l.google.com. + IN MX 5 alt1.aspmx.l.google.com. + IN MX 5 alt2.aspmx.l.google.com. + IN MX 10 aspmx2.googlemail.com. + IN MX 10 aspmx3.googlemail.com. +a.test IN A 139.162.196.78 + IN AAAA 2a01:7e00::f03c:91ff:fef1:6735 +www.test IN CNAME a.test + +dname IN DNAME test +dname IN A 127.0.0.1 +a.dname IN A 127.0.0.1 +` diff --git a/middleware/file/lookup.go b/middleware/file/lookup.go index 94ec0e726..2e95e42c7 100644 --- a/middleware/file/lookup.go +++ b/middleware/file/lookup.go @@ -63,7 +63,7 @@ func (z *Zone) Lookup(state request.Request, qname string) ([]dns.RR, []dns.RR, // use the wildcard. // // Main for-loop handles delegation and finding or not finding the qname. - // If found we check if it is a CNAME and do CNAME processing (DNAME should be added as well) + // If found we check if it is a CNAME/DNAME and do CNAME processing // We also check if we have type and do a nodata resposne. // // If not found, we check the potential wildcard, and use that for further processing. @@ -95,6 +95,24 @@ func (z *Zone) Lookup(state request.Request, qname string) ([]dns.RR, []dns.RR, continue } + // If we see DNAME records, we should return those. + if dnamerrs := elem.Types(dns.TypeDNAME); dnamerrs != nil { + // Only one DNAME is allowed per name. We just pick the first one. + dname := dnamerrs[0] + if cname := synthesizeCNAME(state.Name(), dname.(*dns.DNAME)); cname != nil { + answer, ns, extra, rcode := z.searchCNAME(state, elem, []dns.RR{cname}) + + // The relevant DNAME RR should be included in the answer section, + // if the DNAME is being employed as a substitution instruction. + answer = append([]dns.RR{dname}, answer...) + + return answer, ns, extra, rcode + } + // The domain name that owns a DNAME record is allowed to have other RR types + // at that domain name, except those have restrictions on what they can coexist + // with (e.g. another DNAME). So there is nothing special left here. + } + // If we see NS records, it means the name as been delegated, and we should return the delegation. if nsrrs := elem.Types(dns.TypeNS); nsrrs != nil { glue := z.Glue(nsrrs, do) @@ -122,7 +140,6 @@ func (z *Zone) Lookup(state request.Request, qname string) ([]dns.RR, []dns.RR, // Found entire name. if found && shot { - // DNAME...? if rrs := elem.Types(dns.TypeCNAME); len(rrs) > 0 && qtype != dns.TypeCNAME { return z.searchCNAME(state, elem, rrs) } diff --git a/middleware/test/helpers.go b/middleware/test/helpers.go index 339385a23..0ac329ec0 100644 --- a/middleware/test/helpers.go +++ b/middleware/test/helpers.go @@ -61,6 +61,9 @@ func AAAA(rr string) *dns.AAAA { r, _ := dns.NewRR(rr); return r.(*dns.AAAA) } // CNAME returns a CNAME record from rr. It panics on errors. func CNAME(rr string) *dns.CNAME { r, _ := dns.NewRR(rr); return r.(*dns.CNAME) } +// DNAME returns a DNAME record from rr. It panics on errors. +func DNAME(rr string) *dns.DNAME { r, _ := dns.NewRR(rr); return r.(*dns.DNAME) } + // SRV returns a SRV record from rr. It panics on errors. func SRV(rr string) *dns.SRV { r, _ := dns.NewRR(rr); return r.(*dns.SRV) }