Re: dig(1): SVCB and HTTPS RR types
On Sun, Jul 03, 2022 at 07:47:27AM +0200, Florian Obser wrote:
> anyone?
Looks good and works for me, ok.
-Otto
>
> On 2022-06-25 13:15 +02, Florian Obser wrote:
> > See https://datatracker.ietf.org/doc/draft-ietf-dnsop-svcb-https/
> >
> > $ ./obj/dig @8.8.8.8 +norec _dns.resolver.arpa svcb
> >
> > ; <<>> dig 9.10.8-P1 <<>> @8.8.8.8 +norec _dns.resolver.arpa svcb
> > ; (1 server found)
> > ;; global options: +cmd
> > ;; Got answer:
> > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21245
> > ;; flags: qr aa ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 4
> >
> > ;; QUESTION SECTION:
> > ;_dns.resolver.arpa.IN SVCB
> >
> > ;; ANSWER SECTION:
> > _dns.resolver.arpa. 86400 IN SVCB1 dns.google. alpn="dot"
> > _dns.resolver.arpa. 86400 IN SVCB 2 dns.google. alpn="h2,h3"
> > dohpath="/dns-query{?dns}"
> >
> > ;; ADDITIONAL SECTION:
> > dns.google. 86400 IN A 8.8.8.8
> > dns.google. 86400 IN A 8.8.4.4
> > dns.google. 86400 IN 2001:4860:4860::
> > dns.google. 86400 IN 2001:4860:4860::8844
> >
> > ;; Query time: 11 msec
> > ;; SERVER: 8.8.8.8#53(8.8.8.8)
> > ;; WHEN: Sat Jun 25 13:08:21 CEST 2022
> > ;; MSG SIZE rcvd: 224
> >
> > $ ./obj/dig +dnssec cloudflare.com https
> >
> > ; <<>> dig 9.10.8-P1 <<>> +dnssec cloudflare.com https
> > ;; global options: +cmd
> > ;; Got answer:
> > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22508
> > ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
> >
> > ;; QUESTION SECTION:
> > ;cloudflare.com.IN HTTPS
> >
> > ;; ANSWER SECTION:
> > cloudflare.com. 217 IN HTTPS 1 . alpn="h3,h3-29,h2"
> > ipv4hint=104.16.132.229,104.16.133.229
> > ipv6hint=2606:4700::6810:84e5,2606:4700::6810:85e5
> > cloudflare.com. 217 IN RRSIG HTTPS 13 2 300 20220626120906
> > 20220624100906 34505
> > cloudflare.com. PbQwTGVBW2MIXubouK2vUo92UNvlJ874KCrqah/Or21Jo2oDxfgI15jA
> > 8z/Q6mseLPWIlTxex+KoIqv9y+FNjg==
> >
> > ;; Query time: 0 msec
> > ;; SERVER: 127.0.0.1#53(127.0.0.1)
> > ;; WHEN: Sat Jun 25 13:10:29 CEST 2022
> > ;; MSG SIZE rcvd: 221
> >
> > OK?
>
> diff --git lib/dns/include/dns/types.h lib/dns/include/dns/types.h
> index 63ea8d67f51..7085ce29f2e 100644
> --- lib/dns/include/dns/types.h
> +++ lib/dns/include/dns/types.h
> @@ -139,6 +139,8 @@ enum {
> dns_rdatatype_openpgpkey = 61,
> dns_rdatatype_csync = 62,
> dns_rdatatype_zonemd = 63,
> + dns_rdatatype_svcb = 64,
> + dns_rdatatype_https = 65,
> dns_rdatatype_spf = 99,
> dns_rdatatype_unspec = 103,
> dns_rdatatype_nid = 104,
> diff --git lib/dns/rdata.c lib/dns/rdata.c
> index c27409efc3c..d731eb3a846 100644
> --- lib/dns/rdata.c
> +++ lib/dns/rdata.c
> @@ -775,6 +775,7 @@ dns_rdatatype_fromtext(dns_rdatatype_t *typep,
> isc_textregion_t *source) {
> {"gpos",27},
> {"hinfo", 13},
> {"hip", 55},
> + {"https", 65},
> {"ipseckey",45},
> {"isdn",20},
> {"ixfr",251},
> @@ -822,6 +823,7 @@ dns_rdatatype_fromtext(dns_rdatatype_t *typep,
> isc_textregion_t *source) {
> {"spf", 99},
> {"srv", 33},
> {"sshfp", 44},
> + {"svcb",64},
> {"ta", 32768},
> {"talink", 58},
> {"tkey",249},
> @@ -1006,6 +1008,10 @@ dns_rdatatype_totext(dns_rdatatype_t type,
> isc_buffer_t *target) {
> return (isc_str_tobuffer("CSYNC", target));
> case 63:
> return (isc_str_tobuffer("ZONEMD", target));
> + case 64:
> + return (isc_str_tobuffer("SVCB", target));
> + case 65:
> + return (isc_str_tobuffer("HTTPS", target));
> case 99:
> return (isc_str_tobuffer("SPF", target));
> case 100:
> diff --git lib/dns/rdata/in_1/https_65.c lib/dns/rdata/in_1/https_65.c
> new file mode 100644
> index 000..23d80f8d352
> --- /dev/null
> +++ lib/dns/rdata/in_1/https_65.c
> @@ -0,0 +1,48 @@
> +/*
> + * Copyright (C) 2022 Florian Obser
> + *
> + * Permission to use, copy, modify, and/or distribute this software for any
> + * purpose with or without fee is hereby granted, provided that the above
> + * copyright notice and this permission notice appear in all copies.
> + *
> + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
> + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
> MERCHANTABILITY
> + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
> + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
> FROM
> + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
> + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE
Re: dig(1): SVCB and HTTPS RR types
anyone?
On 2022-06-25 13:15 +02, Florian Obser wrote:
> See https://datatracker.ietf.org/doc/draft-ietf-dnsop-svcb-https/
>
> $ ./obj/dig @8.8.8.8 +norec _dns.resolver.arpa svcb
>
> ; <<>> dig 9.10.8-P1 <<>> @8.8.8.8 +norec _dns.resolver.arpa svcb
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21245
> ;; flags: qr aa ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 4
>
> ;; QUESTION SECTION:
> ;_dns.resolver.arpa.IN SVCB
>
> ;; ANSWER SECTION:
> _dns.resolver.arpa. 86400 IN SVCB1 dns.google. alpn="dot"
> _dns.resolver.arpa. 86400 IN SVCB 2 dns.google. alpn="h2,h3"
> dohpath="/dns-query{?dns}"
>
> ;; ADDITIONAL SECTION:
> dns.google. 86400 IN A 8.8.8.8
> dns.google. 86400 IN A 8.8.4.4
> dns.google. 86400 IN 2001:4860:4860::
> dns.google. 86400 IN 2001:4860:4860::8844
>
> ;; Query time: 11 msec
> ;; SERVER: 8.8.8.8#53(8.8.8.8)
> ;; WHEN: Sat Jun 25 13:08:21 CEST 2022
> ;; MSG SIZE rcvd: 224
>
> $ ./obj/dig +dnssec cloudflare.com https
>
> ; <<>> dig 9.10.8-P1 <<>> +dnssec cloudflare.com https
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22508
> ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;cloudflare.com.IN HTTPS
>
> ;; ANSWER SECTION:
> cloudflare.com. 217 IN HTTPS 1 . alpn="h3,h3-29,h2"
> ipv4hint=104.16.132.229,104.16.133.229
> ipv6hint=2606:4700::6810:84e5,2606:4700::6810:85e5
> cloudflare.com. 217 IN RRSIG HTTPS 13 2 300 20220626120906
> 20220624100906 34505
> cloudflare.com. PbQwTGVBW2MIXubouK2vUo92UNvlJ874KCrqah/Or21Jo2oDxfgI15jA
> 8z/Q6mseLPWIlTxex+KoIqv9y+FNjg==
>
> ;; Query time: 0 msec
> ;; SERVER: 127.0.0.1#53(127.0.0.1)
> ;; WHEN: Sat Jun 25 13:10:29 CEST 2022
> ;; MSG SIZE rcvd: 221
>
> OK?
diff --git lib/dns/include/dns/types.h lib/dns/include/dns/types.h
index 63ea8d67f51..7085ce29f2e 100644
--- lib/dns/include/dns/types.h
+++ lib/dns/include/dns/types.h
@@ -139,6 +139,8 @@ enum {
dns_rdatatype_openpgpkey = 61,
dns_rdatatype_csync = 62,
dns_rdatatype_zonemd = 63,
+ dns_rdatatype_svcb = 64,
+ dns_rdatatype_https = 65,
dns_rdatatype_spf = 99,
dns_rdatatype_unspec = 103,
dns_rdatatype_nid = 104,
diff --git lib/dns/rdata.c lib/dns/rdata.c
index c27409efc3c..d731eb3a846 100644
--- lib/dns/rdata.c
+++ lib/dns/rdata.c
@@ -775,6 +775,7 @@ dns_rdatatype_fromtext(dns_rdatatype_t *typep,
isc_textregion_t *source) {
{"gpos",27},
{"hinfo", 13},
{"hip", 55},
+ {"https", 65},
{"ipseckey",45},
{"isdn",20},
{"ixfr",251},
@@ -822,6 +823,7 @@ dns_rdatatype_fromtext(dns_rdatatype_t *typep,
isc_textregion_t *source) {
{"spf", 99},
{"srv", 33},
{"sshfp", 44},
+ {"svcb",64},
{"ta", 32768},
{"talink", 58},
{"tkey",249},
@@ -1006,6 +1008,10 @@ dns_rdatatype_totext(dns_rdatatype_t type, isc_buffer_t
*target) {
return (isc_str_tobuffer("CSYNC", target));
case 63:
return (isc_str_tobuffer("ZONEMD", target));
+ case 64:
+ return (isc_str_tobuffer("SVCB", target));
+ case 65:
+ return (isc_str_tobuffer("HTTPS", target));
case 99:
return (isc_str_tobuffer("SPF", target));
case 100:
diff --git lib/dns/rdata/in_1/https_65.c lib/dns/rdata/in_1/https_65.c
new file mode 100644
index 000..23d80f8d352
--- /dev/null
+++ lib/dns/rdata/in_1/https_65.c
@@ -0,0 +1,48 @@
+/*
+ * Copyright (C) 2022 Florian Obser
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+ * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+ * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+ * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+ * PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/* draft-ietf-dnsop-svcb-https-10 */
+
+#ifndef RDATA_IN_1_HTTPS_65_C
+#define RDATA_IN_1_HTTPS_65_C
+
+static inline isc_result_t
+totext_in_https(ARGS_TOTEXT) {
+ REQUIRE(rdata->type == dns_rdatatype_https);
+ REQUIRE(rdata->rdclass ==
dig(1): SVCB and HTTPS RR types
See https://datatracker.ietf.org/doc/draft-ietf-dnsop-svcb-https/
$ ./obj/dig @8.8.8.8 +norec _dns.resolver.arpa svcb
; <<>> dig 9.10.8-P1 <<>> @8.8.8.8 +norec _dns.resolver.arpa svcb
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21245
;; flags: qr aa ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 4
;; QUESTION SECTION:
;_dns.resolver.arpa.IN SVCB
;; ANSWER SECTION:
_dns.resolver.arpa. 86400 IN SVCB1 dns.google. alpn="dot"
_dns.resolver.arpa. 86400 IN SVCB2 dns.google. alpn="h2,h3"
dohpath="/dns-query{?dns}"
;; ADDITIONAL SECTION:
dns.google. 86400 IN A 8.8.8.8
dns.google. 86400 IN A 8.8.4.4
dns.google. 86400 IN 2001:4860:4860::
dns.google. 86400 IN 2001:4860:4860::8844
;; Query time: 11 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sat Jun 25 13:08:21 CEST 2022
;; MSG SIZE rcvd: 224
$ ./obj/dig +dnssec cloudflare.com https
; <<>> dig 9.10.8-P1 <<>> +dnssec cloudflare.com https
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22508
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;cloudflare.com.IN HTTPS
;; ANSWER SECTION:
cloudflare.com. 217 IN HTTPS 1 . alpn="h3,h3-29,h2"
ipv4hint=104.16.132.229,104.16.133.229
ipv6hint=2606:4700::6810:84e5,2606:4700::6810:85e5
cloudflare.com. 217 IN RRSIG HTTPS 13 2 300 20220626120906
20220624100906 34505 cloudflare.com.
PbQwTGVBW2MIXubouK2vUo92UNvlJ874KCrqah/Or21Jo2oDxfgI15jA
8z/Q6mseLPWIlTxex+KoIqv9y+FNjg==
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Jun 25 13:10:29 CEST 2022
;; MSG SIZE rcvd: 221
OK?
diff --git lib/dns/include/dns/types.h lib/dns/include/dns/types.h
index 63ea8d67f51..7085ce29f2e 100644
--- lib/dns/include/dns/types.h
+++ lib/dns/include/dns/types.h
@@ -139,6 +139,8 @@ enum {
dns_rdatatype_openpgpkey = 61,
dns_rdatatype_csync = 62,
dns_rdatatype_zonemd = 63,
+ dns_rdatatype_svcb = 64,
+ dns_rdatatype_https = 65,
dns_rdatatype_spf = 99,
dns_rdatatype_unspec = 103,
dns_rdatatype_nid = 104,
diff --git lib/dns/rdata.c lib/dns/rdata.c
index c27409efc3c..d731eb3a846 100644
--- lib/dns/rdata.c
+++ lib/dns/rdata.c
@@ -775,6 +775,7 @@ dns_rdatatype_fromtext(dns_rdatatype_t *typep,
isc_textregion_t *source) {
{"gpos",27},
{"hinfo", 13},
{"hip", 55},
+ {"https", 65},
{"ipseckey",45},
{"isdn",20},
{"ixfr",251},
@@ -822,6 +823,7 @@ dns_rdatatype_fromtext(dns_rdatatype_t *typep,
isc_textregion_t *source) {
{"spf", 99},
{"srv", 33},
{"sshfp", 44},
+ {"svcb",64},
{"ta", 32768},
{"talink", 58},
{"tkey",249},
@@ -1006,6 +1008,10 @@ dns_rdatatype_totext(dns_rdatatype_t type, isc_buffer_t
*target) {
return (isc_str_tobuffer("CSYNC", target));
case 63:
return (isc_str_tobuffer("ZONEMD", target));
+ case 64:
+ return (isc_str_tobuffer("SVCB", target));
+ case 65:
+ return (isc_str_tobuffer("HTTPS", target));
case 99:
return (isc_str_tobuffer("SPF", target));
case 100:
diff --git lib/dns/rdata/in_1/https_65.c lib/dns/rdata/in_1/https_65.c
new file mode 100644
index 000..23d80f8d352
--- /dev/null
+++ lib/dns/rdata/in_1/https_65.c
@@ -0,0 +1,48 @@
+/*
+ * Copyright (C) 2022 Florian Obser
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+ * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+ * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+ * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+ * PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/* draft-ietf-dnsop-svcb-https-10 */
+
+#ifndef RDATA_IN_1_HTTPS_65_C
+#define RDATA_IN_1_HTTPS_65_C
+
+static inline isc_result_t
+totext_in_https(ARGS_TOTEXT) {
+ REQUIRE(rdata->type == dns_rdatatype_https);
+ REQUIRE(rdata->rdclass == dns_rdataclass_in);
+ REQUIRE(rdata->length != 0);
+
+ return (totext_in_svcb_https(rdata, tctx,
