diff --git a/Cargo.lock b/Cargo.lock index cddf73b5af683..7b693bacb9396 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2982,7 +2982,7 @@ dependencies = [ "criterion", "data-encoding", "thiserror", - "trust-dns-proto 0.22.0", + "trust-dns-proto 0.23.0", ] [[package]] @@ -3117,14 +3117,14 @@ dependencies = [ [[package]] name = "enum-as-inner" -version = "0.5.1" +version = "0.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c9720bba047d567ffc8a3cba48bf19126600e249ab7f128e9233e6376976a116" +checksum = "5ffccbb6966c05b32ef8fbac435df276c4ae4d3dc55a8cd0eb9745e6c12f546a" dependencies = [ "heck 0.4.1", "proc-macro2 1.0.66", "quote 1.0.33", - "syn 1.0.109", + "syn 2.0.29", ] [[package]] @@ -9040,20 +9040,20 @@ dependencies = [ [[package]] name = "trust-dns-proto" -version = "0.22.0" +version = "0.23.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4f7f83d1e4a0e4358ac54c5c3681e5d7da5efc5a7a632c90bb6d6669ddd9bc26" +checksum = "0dc775440033cb114085f6f2437682b194fa7546466024b1037e82a48a052a69" dependencies = [ "async-trait", "cfg-if", "data-encoding", - "enum-as-inner 0.5.1", + "enum-as-inner 0.6.0", "futures-channel", "futures-io", "futures-util", - "idna 0.2.3", + "idna 0.4.0", "ipnet", - "lazy_static", + "once_cell", "rand 0.8.5", "smallvec", "thiserror", @@ -9589,7 +9589,7 @@ dependencies = [ "tracing-limit", "tracing-subscriber", "tracing-tower", - "trust-dns-proto 0.22.0", + "trust-dns-proto 0.23.0", "typetag", "url", "uuid", diff --git a/Cargo.toml b/Cargo.toml index f6e0335a0b6d7..e69a393895e0f 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -324,7 +324,7 @@ tokio-postgres = { version = "0.7.10", default-features = false, features = ["ru tokio-tungstenite = {version = "0.20.0", default-features = false, features = ["connect"], optional = true} toml = { version = "0.7.6", default-features = false, features = ["parse", "display"] } tonic = { version = "0.9", optional = true, default-features = false, features = ["transport", "codegen", "prost", "tls", "tls-roots", "gzip"] } -trust-dns-proto = { version = "0.22.0", default-features = false, features = ["dnssec"], optional = true } +trust-dns-proto = { version = "0.23.0", default-features = false, features = ["dnssec"], optional = true } typetag = { version = "0.2.13", default-features = false } url = { version = "2.4.0", default-features = false, features = ["serde"] } uuid = { version = "1", default-features = false, features = ["serde", "v4"] } diff --git a/LICENSE-3rdparty.csv b/LICENSE-3rdparty.csv index 022c138d1b5eb..9185fb736ccd0 100644 --- a/LICENSE-3rdparty.csv +++ b/LICENSE-3rdparty.csv @@ -569,6 +569,7 @@ tracing-subscriber,https://github.com/tokio-rs/tracing,MIT,"Eliza Weisman treediff,https://github.com/Byron/treediff-rs,MIT OR Apache-2.0,Sebastian Thiel trust-dns-proto,https://github.com/bluejekyll/trust-dns,MIT OR Apache-2.0,Benjamin Fry +trust-dns-proto,https://github.com/bluejekyll/trust-dns,MIT OR Apache-2.0,The contributors to Trust-DNS trust-dns-resolver,https://github.com/bluejekyll/trust-dns,MIT OR Apache-2.0,Benjamin Fry try-lock,https://github.com/seanmonstar/try-lock,MIT,Sean McArthur tungstenite,https://github.com/snapview/tungstenite-rs,MIT OR Apache-2.0,"Alexey Galakhov, Daniel Abramov" diff --git a/lib/dnsmsg-parser/Cargo.toml b/lib/dnsmsg-parser/Cargo.toml index e6ba28689e1aa..e69c648622367 100644 --- a/lib/dnsmsg-parser/Cargo.toml +++ b/lib/dnsmsg-parser/Cargo.toml @@ -9,7 +9,7 @@ license = "MIT" [dependencies] data-encoding = "2.4" thiserror = "1.0" -trust-dns-proto = { version = "0.22", features = ["dnssec"] } +trust-dns-proto = { version = "0.23", features = ["dnssec"] } [dev-dependencies] criterion = "0.5" diff --git a/lib/dnsmsg-parser/benches/benches.rs b/lib/dnsmsg-parser/benches/benches.rs index 37e6270c265ad..c9c1cccc3c4a7 100644 --- a/lib/dnsmsg-parser/benches/benches.rs +++ b/lib/dnsmsg-parser/benches/benches.rs @@ -1,10 +1,7 @@ use criterion::{criterion_group, criterion_main, BatchSize, Criterion, Throughput}; use data_encoding::BASE64; use dnsmsg_parser::dns_message_parser::DnsMessageParser; -use trust_dns_proto::{ - rr::rdata::null, - serialize::binary::{BinDecoder, Restrict}, -}; +use trust_dns_proto::rr::rdata::NULL; fn benchmark_parse_as_query_message(c: &mut Criterion) { let raw_dns_message = "szgAAAABAAAAAAAAAmg1B2V4YW1wbGUDY29tAAAGAAE="; @@ -64,8 +61,7 @@ fn benchmark_parse_apl_rdata(c: &mut Criterion) { fn benchmark_parse_rdata(c: &mut Criterion, data: &str, code: u16, id: &str) { let raw_rdata = BASE64.decode(data.as_bytes()).unwrap(); - let mut decoder = BinDecoder::new(&raw_rdata); - let record_rdata = null::read(&mut decoder, Restrict::new(raw_rdata.len() as u16)).unwrap(); + let record_rdata = NULL::with(raw_rdata.clone()); let mut group = c.benchmark_group("dnstap"); group.throughput(Throughput::Bytes(raw_rdata.len() as u64)); diff --git a/lib/dnsmsg-parser/src/dns_message_parser.rs b/lib/dnsmsg-parser/src/dns_message_parser.rs index 36275d8af00c2..25845444fffdc 100644 --- a/lib/dnsmsg-parser/src/dns_message_parser.rs +++ b/lib/dnsmsg-parser/src/dns_message_parser.rs @@ -9,10 +9,9 @@ use trust_dns_proto::{ rr::{ dnssec::{rdata::DNSSECRData, Algorithm, SupportedAlgorithms}, rdata::{ - a, aaaa, caa::Value, opt::{EdnsCode, EdnsOption}, - NULL, + A, AAAA, NULL, }, record_data::RData, resource::Record, @@ -69,7 +68,7 @@ impl DnsMessageParser { let msg = TrustDnsMessage::from_vec(&self.raw_message) .map_err(|source| DnsMessageParserError::TrustDnsError { source })?; let header = parse_dns_query_message_header(&msg); - let edns_section = parse_edns(&msg); + let edns_section = parse_edns(&msg).transpose()?; let rcode_high = edns_section.as_ref().map_or(0, |edns| edns.extended_rcode); let response_code = (u16::from(rcode_high) << 4) | ((u16::from(header.rcode)) & 0x000F); @@ -822,29 +821,32 @@ fn parse_dns_update_message_header(dns_message: &TrustDnsMessage) -> UpdateHeade } } -fn parse_edns(dns_message: &TrustDnsMessage) -> Option { - dns_message - .extensions() - .as_ref() - .map(|edns| OptPseudoSection { +fn parse_edns(dns_message: &TrustDnsMessage) -> Option> { + dns_message.extensions().as_ref().map(|edns| { + parse_edns_options(edns).map(|options| OptPseudoSection { extended_rcode: edns.rcode_high(), version: edns.version(), dnssec_ok: edns.dnssec_ok(), udp_max_payload_size: edns.max_payload(), - options: parse_edns_options(edns), + options, }) + }) } -fn parse_edns_options(edns: &Edns) -> Vec { +fn parse_edns_options(edns: &Edns) -> DnsParserResult> { edns.options() .as_ref() .iter() .map(|(code, option)| match option { EdnsOption::DAU(algorithms) | EdnsOption::DHU(algorithms) - | EdnsOption::N3U(algorithms) => parse_edns_opt_dnssec_algorithms(*code, *algorithms), - EdnsOption::Unknown(_, opt_data) => parse_edns_opt(*code, opt_data), - option => parse_edns_opt(*code, &Vec::::from(option)), + | EdnsOption::N3U(algorithms) => { + Ok(parse_edns_opt_dnssec_algorithms(*code, *algorithms)) + } + EdnsOption::Unknown(_, opt_data) => Ok(parse_edns_opt(*code, opt_data)), + option => Vec::::try_from(option) + .map(|bytes| parse_edns_opt(*code, &bytes)) + .map_err(|source| DnsMessageParserError::TrustDnsError { source }), }) .collect() } @@ -983,13 +985,13 @@ fn parse_vec_with_u16_len( } fn parse_ipv6_address(decoder: &mut BinDecoder<'_>) -> DnsParserResult { - Ok(aaaa::read(decoder) + Ok(::read(decoder) .map_err(|source| DnsMessageParserError::TrustDnsError { source })? .to_string()) } fn parse_ipv4_address(decoder: &mut BinDecoder<'_>) -> DnsParserResult { - Ok(a::read(decoder) + Ok(::read(decoder) .map_err(|source| DnsMessageParserError::TrustDnsError { source })? .to_string()) } @@ -1111,25 +1113,21 @@ mod tests { str::FromStr, }; - use trust_dns_proto::{ - rr::{ - dnssec::{ - rdata::{ - dnskey::DNSKEY, ds::DS, nsec::NSEC, nsec3::NSEC3, nsec3param::NSEC3PARAM, - sig::SIG, DNSSECRData, - }, - Algorithm as DNSSEC_Algorithm, DigestType, Nsec3HashAlgorithm, - }, - domain::Name, + use trust_dns_proto::rr::{ + dnssec::{ rdata::{ - caa::KeyValue, - null, - sshfp::{Algorithm, FingerprintType}, - tlsa::{CertUsage, Matching, Selector}, - CAA, NAPTR, SSHFP, TLSA, TXT, + dnskey::DNSKEY, ds::DS, nsec::NSEC, nsec3::NSEC3, nsec3param::NSEC3PARAM, sig::SIG, + DNSSECRData, }, + Algorithm as DNSSEC_Algorithm, DigestType, Nsec3HashAlgorithm, + }, + domain::Name, + rdata::{ + caa::KeyValue, + sshfp::{Algorithm, FingerprintType}, + tlsa::{CertUsage, Matching, Selector}, + CAA, NAPTR, SSHFP, TLSA, TXT, }, - serialize::binary::Restrict, }; use super::*; @@ -1284,7 +1282,7 @@ mod tests { #[test] fn test_format_rdata_for_a_type() { - let rdata = RData::A(Ipv4Addr::from_str("1.2.3.4").unwrap()); + let rdata = RData::A(Ipv4Addr::from_str("1.2.3.4").unwrap().into()); let rdata_text = format_rdata(&rdata); assert!(rdata_text.is_ok()); if let Ok((parsed, raw_rdata)) = rdata_text { @@ -1295,7 +1293,7 @@ mod tests { #[test] fn test_format_rdata_for_aaaa_type() { - let rdata = RData::AAAA(Ipv6Addr::from_str("2001::1234").unwrap()); + let rdata = RData::AAAA(Ipv6Addr::from_str("2001::1234").unwrap().into()); let rdata_text = format_rdata(&rdata); assert!(rdata_text.is_ok()); if let Ok((parsed, raw_rdata)) = rdata_text { @@ -1306,7 +1304,9 @@ mod tests { #[test] fn test_format_rdata_for_cname_type() { - let rdata = RData::CNAME(Name::from_str("www.example.com.").unwrap()); + let rdata = RData::CNAME(trust_dns_proto::rr::rdata::CNAME( + Name::from_str("www.example.com.").unwrap(), + )); let rdata_text = format_rdata(&rdata); assert!(rdata_text.is_ok()); if let Ok((parsed, raw_rdata)) = rdata_text { @@ -1778,8 +1778,7 @@ mod tests { let raw_rdata = BASE64 .decode(raw_data.as_bytes()) .expect("Invalid base64 encoded rdata."); - let mut decoder = BinDecoder::new(&raw_rdata); - let record_rdata = null::read(&mut decoder, Restrict::new(raw_rdata.len() as u16)).unwrap(); + let record_rdata = NULL::with(raw_rdata); let rdata_text = DnsMessageParser::new(Vec::::new()).format_unknown_rdata(code, &record_rdata); assert!(rdata_text.is_ok()); @@ -1801,9 +1800,7 @@ mod tests { .decode(raw_data_encoded.as_bytes()) .expect("Invalid base64 encoded raw rdata."); for i in 1..=2 { - let mut decoder = BinDecoder::new(&raw_rdata); - let record_rdata = - null::read(&mut decoder, Restrict::new(raw_rdata.len() as u16)).unwrap(); + let record_rdata = NULL::with(raw_rdata.clone()); let rdata_text = message_parser.format_unknown_rdata(code, &record_rdata); assert!(rdata_text.is_ok()); assert_eq!(expected_output, rdata_text.unwrap().0.unwrap());