Use golang.org/x/crypto/cryptobyte to unpack DNS records

This substantially simplifies the machinery and state tracking around DNS record unpacking. Gone are the `off int` arguments! Gone are the manual slice length checks! Care has been taken to maintain existing behaviour, including quirks, with the only notable intentional change being to UnpackDomainName where we now strictly enforce that pointers point backwards into the message.
miekg · Nov 6, 2023 · a4fd336 · a4fd336
1 parent a16092f
commit a4fd336
Show file tree

Hide file tree

Showing 15 changed files with 1,384 additions and 1,799 deletions.
diff --git a/client.go b/client.go
@@ -300,7 +300,8 @@ func (co *Conn) ReadMsgHeader(hdr *Header) ([]byte, error) {
 
 	p = p[:n]
 	if hdr != nil {
-		dh, _, err := unpackMsgHdr(p, 0)
+		s := newDNSString(p, 0)
+		dh, err := unpackMsgHdr(s)
 		if err != nil {
 			return nil, err
 		}

diff --git a/dns.go b/dns.go
@@ -52,7 +52,7 @@ type RR interface {
 	//
 	// This will only be called on a new and empty RR type with only the header populated. It
 	// will only be called if the record's RDATA is non-empty.
-	unpack(msg []byte, off int) (off1 int, err error)
+	unpack(msg *dnsString) error
 
 	// parse parses an RR from zone file format.
 	//
@@ -104,7 +104,7 @@ func (h *RR_Header) pack(msg []byte, off int, compression compressionMap, compre
 	return off, nil
 }
 
-func (h *RR_Header) unpack(msg []byte, off int) (int, error) {
+func (h *RR_Header) unpack(msg *dnsString) error {
 	panic("dns: internal error: unpack should never be called on RR_Header")
 }
 
@@ -128,8 +128,8 @@ func (rr *RFC3597) ToRFC3597(r RR) error {
 		return nil
 	}
 
-	_, err = rr.unpack(buf, headerEnd)
-	return err
+	s := newDNSString(buf, headerEnd)
+	return rr.unpack(s)
 }
 
 // fromRFC3597 converts an unknown RR representation from RFC 3597 to the known RR type.
@@ -153,6 +153,6 @@ func (rr *RFC3597) fromRFC3597(r RR) error {
 		return err
 	}
 
-	_, err = r.unpack(msg, 0)
-	return err
+	s := newDNSString(msg, 0)
+	return r.unpack(s)
 }
diff --git a/dns_test.go b/dns_test.go
@@ -254,8 +254,7 @@ func TestMsgPackBuffer(t *testing.T) {
 		input, _ := hex.DecodeString(hexData)
 		m := new(Msg)
 		if err := m.Unpack(input); err != nil {
-			t.Errorf("packet %d failed to unpack", i)
-			continue
+			t.Errorf("packet %d failed to unpack: %v", i, err)
 		}
 	}
 }

diff --git a/go.mod b/go.mod
@@ -3,6 +3,7 @@ module github.com/miekg/dns
 go 1.19
 
 require (
+	golang.org/x/crypto v0.14.0
 	golang.org/x/net v0.17.0
 	golang.org/x/sync v0.4.0
 	golang.org/x/sys v0.13.0

diff --git a/go.sum b/go.sum
@@ -1,3 +1,5 @@
+golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc=
+golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4=
 golang.org/x/mod v0.12.0 h1:rmsUpXtvNzj340zd98LZ4KntptpfRHwpFOHG188oHXc=
 golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM=