bfaf9e0aec
* core: add listening for other protocols
Allow CoreDNS to listen for TLS request coming over port 853. This can
be enabled with `tls://` in the config file.
Implement listening for grps:// as well.
a Corefile like:
~~~
. tls://.:1853 {
whoami
tls
}
~~~
Means we listen on 1853 for tls requests, the `tls` config item allows
configuration for TLS parameters. We *might* be tempted to use Caddy's
Let's Encrypt implementation here.
* Refactor coredns/grpc into CoreDNS
This makes gRPC a first class citizen in CoreDNS. Add defines as being
just another server.
* some cleanups
* unexport the servers
* Move protobuf dir
* Hook up TLS properly
* Fix test
* listen for TLS as well. README updates
* disable test, fix package
* fix test
* Fix tests
* Fix remaining test
* Some tests
* Make the test work
* Add grpc test from #580
* fix crash
* Fix tests
* Close conn
* README cleanups
* README
* link RFC
100 lines
2.6 KiB
Go
100 lines
2.6 KiB
Go
package middleware
|
|
|
|
import (
|
|
"net"
|
|
"strings"
|
|
|
|
"github.com/miekg/dns"
|
|
)
|
|
|
|
// See core/dnsserver/address.go - we should unify these two impls.
|
|
|
|
// Zones respresents a lists of zone names.
|
|
type Zones []string
|
|
|
|
// Matches checks is qname is a subdomain of any of the zones in z. The match
|
|
// will return the most specific zones that matches other. The empty string
|
|
// signals a not found condition.
|
|
func (z Zones) Matches(qname string) string {
|
|
zone := ""
|
|
for _, zname := range z {
|
|
if dns.IsSubDomain(zname, qname) {
|
|
// We want the *longest* matching zone, otherwise we may end up in a parent
|
|
if len(zname) > len(zone) {
|
|
zone = zname
|
|
}
|
|
}
|
|
}
|
|
return zone
|
|
}
|
|
|
|
// Normalize fully qualifies all zones in z.
|
|
func (z Zones) Normalize() {
|
|
for i := range z {
|
|
z[i] = Name(z[i]).Normalize()
|
|
}
|
|
}
|
|
|
|
// Name represents a domain name.
|
|
type Name string
|
|
|
|
// Matches checks to see if other is a subdomain (or the same domain) of n.
|
|
// This method assures that names can be easily and consistently matched.
|
|
func (n Name) Matches(child string) bool {
|
|
if dns.Name(n) == dns.Name(child) {
|
|
return true
|
|
}
|
|
return dns.IsSubDomain(string(n), child)
|
|
}
|
|
|
|
// Normalize lowercases and makes n fully qualified.
|
|
func (n Name) Normalize() string { return strings.ToLower(dns.Fqdn(string(n))) }
|
|
|
|
type (
|
|
// Host represents a host from the Corefile, may contain port.
|
|
Host string // Host represents a host from the Corefile, may contain port.
|
|
// Addr represents an address in the Corefile.
|
|
Addr string // Addr resprents an address in the Corefile.
|
|
)
|
|
|
|
// Normalize will return the host portion of host, stripping
|
|
// of any port or transport. The host will also be fully qualified and lowercased.
|
|
func (h Host) Normalize() string {
|
|
|
|
s := string(h)
|
|
|
|
switch {
|
|
case strings.HasPrefix(s, TransportTLS+"://"):
|
|
s = s[len(TransportTLS+"://"):]
|
|
case strings.HasPrefix(s, TransportDNS+"://"):
|
|
s = s[len(TransportDNS+"://"):]
|
|
case strings.HasPrefix(s, TransportGRPC+"://"):
|
|
s = s[len(TransportGRPC+"://"):]
|
|
}
|
|
|
|
// separate host and port
|
|
host, _, err := net.SplitHostPort(s)
|
|
if err != nil {
|
|
host, _, _ = net.SplitHostPort(s + ":")
|
|
}
|
|
return Name(host).Normalize()
|
|
}
|
|
|
|
// Normalize will return a normalized address, if not port is specified
|
|
// port 53 is added, otherwise the port will be left as is.
|
|
func (a Addr) Normalize() string {
|
|
// separate host and port
|
|
addr, port, err := net.SplitHostPort(string(a))
|
|
if err != nil {
|
|
addr, port, _ = net.SplitHostPort(string(a) + ":53")
|
|
}
|
|
// TODO(miek): lowercase it?
|
|
return net.JoinHostPort(addr, port)
|
|
}
|
|
|
|
// Duplicated from core/dnsserver/address.go !
|
|
const (
|
|
TransportDNS = "dns"
|
|
TransportTLS = "tls"
|
|
TransportGRPC = "grpc"
|
|
)
|