Re: dig(1): SVCB and HTTPS RR types
On Sun, Jul 03, 2022 at 07:47:27AM +0200, Florian Obser wrote: > anyone? Looks good and works for me, ok. -Otto > > On 2022-06-25 13:15 +02, Florian Obser wrote: > > See https://datatracker.ietf.org/doc/draft-ietf-dnsop-svcb-https/ > > > > $ ./obj/dig @8.8.8.8 +norec _dns.resolver.arpa svcb > > > > ; <<>> dig 9.10.8-P1 <<>> @8.8.8.8 +norec _dns.resolver.arpa svcb > > ; (1 server found) > > ;; global options: +cmd > > ;; Got answer: > > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21245 > > ;; flags: qr aa ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 4 > > > > ;; QUESTION SECTION: > > ;_dns.resolver.arpa.IN SVCB > > > > ;; ANSWER SECTION: > > _dns.resolver.arpa. 86400 IN SVCB1 dns.google. alpn="dot" > > _dns.resolver.arpa. 86400 IN SVCB 2 dns.google. alpn="h2,h3" > > dohpath="/dns-query{?dns}" > > > > ;; ADDITIONAL SECTION: > > dns.google. 86400 IN A 8.8.8.8 > > dns.google. 86400 IN A 8.8.4.4 > > dns.google. 86400 IN 2001:4860:4860:: > > dns.google. 86400 IN 2001:4860:4860::8844 > > > > ;; Query time: 11 msec > > ;; SERVER: 8.8.8.8#53(8.8.8.8) > > ;; WHEN: Sat Jun 25 13:08:21 CEST 2022 > > ;; MSG SIZE rcvd: 224 > > > > $ ./obj/dig +dnssec cloudflare.com https > > > > ; <<>> dig 9.10.8-P1 <<>> +dnssec cloudflare.com https > > ;; global options: +cmd > > ;; Got answer: > > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22508 > > ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0 > > > > ;; QUESTION SECTION: > > ;cloudflare.com.IN HTTPS > > > > ;; ANSWER SECTION: > > cloudflare.com. 217 IN HTTPS 1 . alpn="h3,h3-29,h2" > > ipv4hint=104.16.132.229,104.16.133.229 > > ipv6hint=2606:4700::6810:84e5,2606:4700::6810:85e5 > > cloudflare.com. 217 IN RRSIG HTTPS 13 2 300 20220626120906 > > 20220624100906 34505 > > cloudflare.com. PbQwTGVBW2MIXubouK2vUo92UNvlJ874KCrqah/Or21Jo2oDxfgI15jA > > 8z/Q6mseLPWIlTxex+KoIqv9y+FNjg== > > > > ;; Query time: 0 msec > > ;; SERVER: 127.0.0.1#53(127.0.0.1) > > ;; WHEN: Sat Jun 25 13:10:29 CEST 2022 > > ;; MSG SIZE rcvd: 221 > > > > OK? > > diff --git lib/dns/include/dns/types.h lib/dns/include/dns/types.h > index 63ea8d67f51..7085ce29f2e 100644 > --- lib/dns/include/dns/types.h > +++ lib/dns/include/dns/types.h > @@ -139,6 +139,8 @@ enum { > dns_rdatatype_openpgpkey = 61, > dns_rdatatype_csync = 62, > dns_rdatatype_zonemd = 63, > + dns_rdatatype_svcb = 64, > + dns_rdatatype_https = 65, > dns_rdatatype_spf = 99, > dns_rdatatype_unspec = 103, > dns_rdatatype_nid = 104, > diff --git lib/dns/rdata.c lib/dns/rdata.c > index c27409efc3c..d731eb3a846 100644 > --- lib/dns/rdata.c > +++ lib/dns/rdata.c > @@ -775,6 +775,7 @@ dns_rdatatype_fromtext(dns_rdatatype_t *typep, > isc_textregion_t *source) { > {"gpos",27}, > {"hinfo", 13}, > {"hip", 55}, > + {"https", 65}, > {"ipseckey",45}, > {"isdn",20}, > {"ixfr",251}, > @@ -822,6 +823,7 @@ dns_rdatatype_fromtext(dns_rdatatype_t *typep, > isc_textregion_t *source) { > {"spf", 99}, > {"srv", 33}, > {"sshfp", 44}, > + {"svcb",64}, > {"ta", 32768}, > {"talink", 58}, > {"tkey",249}, > @@ -1006,6 +1008,10 @@ dns_rdatatype_totext(dns_rdatatype_t type, > isc_buffer_t *target) { > return (isc_str_tobuffer("CSYNC", target)); > case 63: > return (isc_str_tobuffer("ZONEMD", target)); > + case 64: > + return (isc_str_tobuffer("SVCB", target)); > + case 65: > + return (isc_str_tobuffer("HTTPS", target)); > case 99: > return (isc_str_tobuffer("SPF", target)); > case 100: > diff --git lib/dns/rdata/in_1/https_65.c lib/dns/rdata/in_1/https_65.c > new file mode 100644 > index 000..23d80f8d352 > --- /dev/null > +++ lib/dns/rdata/in_1/https_65.c > @@ -0,0 +1,48 @@ > +/* > + * Copyright (C) 2022 Florian Obser > + * > + * Permission to use, copy, modify, and/or distribute this software for any > + * purpose with or without fee is hereby granted, provided that the above > + * copyright notice and this permission notice appear in all copies. > + * > + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH > + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF > MERCHANTABILITY > + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, > + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING > FROM > + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE > + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE
Re: dig(1): SVCB and HTTPS RR types
anyone? On 2022-06-25 13:15 +02, Florian Obser wrote: > See https://datatracker.ietf.org/doc/draft-ietf-dnsop-svcb-https/ > > $ ./obj/dig @8.8.8.8 +norec _dns.resolver.arpa svcb > > ; <<>> dig 9.10.8-P1 <<>> @8.8.8.8 +norec _dns.resolver.arpa svcb > ; (1 server found) > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21245 > ;; flags: qr aa ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 4 > > ;; QUESTION SECTION: > ;_dns.resolver.arpa.IN SVCB > > ;; ANSWER SECTION: > _dns.resolver.arpa. 86400 IN SVCB1 dns.google. alpn="dot" > _dns.resolver.arpa. 86400 IN SVCB 2 dns.google. alpn="h2,h3" > dohpath="/dns-query{?dns}" > > ;; ADDITIONAL SECTION: > dns.google. 86400 IN A 8.8.8.8 > dns.google. 86400 IN A 8.8.4.4 > dns.google. 86400 IN 2001:4860:4860:: > dns.google. 86400 IN 2001:4860:4860::8844 > > ;; Query time: 11 msec > ;; SERVER: 8.8.8.8#53(8.8.8.8) > ;; WHEN: Sat Jun 25 13:08:21 CEST 2022 > ;; MSG SIZE rcvd: 224 > > $ ./obj/dig +dnssec cloudflare.com https > > ; <<>> dig 9.10.8-P1 <<>> +dnssec cloudflare.com https > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22508 > ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0 > > ;; QUESTION SECTION: > ;cloudflare.com.IN HTTPS > > ;; ANSWER SECTION: > cloudflare.com. 217 IN HTTPS 1 . alpn="h3,h3-29,h2" > ipv4hint=104.16.132.229,104.16.133.229 > ipv6hint=2606:4700::6810:84e5,2606:4700::6810:85e5 > cloudflare.com. 217 IN RRSIG HTTPS 13 2 300 20220626120906 > 20220624100906 34505 > cloudflare.com. PbQwTGVBW2MIXubouK2vUo92UNvlJ874KCrqah/Or21Jo2oDxfgI15jA > 8z/Q6mseLPWIlTxex+KoIqv9y+FNjg== > > ;; Query time: 0 msec > ;; SERVER: 127.0.0.1#53(127.0.0.1) > ;; WHEN: Sat Jun 25 13:10:29 CEST 2022 > ;; MSG SIZE rcvd: 221 > > OK? diff --git lib/dns/include/dns/types.h lib/dns/include/dns/types.h index 63ea8d67f51..7085ce29f2e 100644 --- lib/dns/include/dns/types.h +++ lib/dns/include/dns/types.h @@ -139,6 +139,8 @@ enum { dns_rdatatype_openpgpkey = 61, dns_rdatatype_csync = 62, dns_rdatatype_zonemd = 63, + dns_rdatatype_svcb = 64, + dns_rdatatype_https = 65, dns_rdatatype_spf = 99, dns_rdatatype_unspec = 103, dns_rdatatype_nid = 104, diff --git lib/dns/rdata.c lib/dns/rdata.c index c27409efc3c..d731eb3a846 100644 --- lib/dns/rdata.c +++ lib/dns/rdata.c @@ -775,6 +775,7 @@ dns_rdatatype_fromtext(dns_rdatatype_t *typep, isc_textregion_t *source) { {"gpos",27}, {"hinfo", 13}, {"hip", 55}, + {"https", 65}, {"ipseckey",45}, {"isdn",20}, {"ixfr",251}, @@ -822,6 +823,7 @@ dns_rdatatype_fromtext(dns_rdatatype_t *typep, isc_textregion_t *source) { {"spf", 99}, {"srv", 33}, {"sshfp", 44}, + {"svcb",64}, {"ta", 32768}, {"talink", 58}, {"tkey",249}, @@ -1006,6 +1008,10 @@ dns_rdatatype_totext(dns_rdatatype_t type, isc_buffer_t *target) { return (isc_str_tobuffer("CSYNC", target)); case 63: return (isc_str_tobuffer("ZONEMD", target)); + case 64: + return (isc_str_tobuffer("SVCB", target)); + case 65: + return (isc_str_tobuffer("HTTPS", target)); case 99: return (isc_str_tobuffer("SPF", target)); case 100: diff --git lib/dns/rdata/in_1/https_65.c lib/dns/rdata/in_1/https_65.c new file mode 100644 index 000..23d80f8d352 --- /dev/null +++ lib/dns/rdata/in_1/https_65.c @@ -0,0 +1,48 @@ +/* + * Copyright (C) 2022 Florian Obser + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* draft-ietf-dnsop-svcb-https-10 */ + +#ifndef RDATA_IN_1_HTTPS_65_C +#define RDATA_IN_1_HTTPS_65_C + +static inline isc_result_t +totext_in_https(ARGS_TOTEXT) { + REQUIRE(rdata->type == dns_rdatatype_https); + REQUIRE(rdata->rdclass ==
dig(1): SVCB and HTTPS RR types
See https://datatracker.ietf.org/doc/draft-ietf-dnsop-svcb-https/ $ ./obj/dig @8.8.8.8 +norec _dns.resolver.arpa svcb ; <<>> dig 9.10.8-P1 <<>> @8.8.8.8 +norec _dns.resolver.arpa svcb ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21245 ;; flags: qr aa ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 4 ;; QUESTION SECTION: ;_dns.resolver.arpa.IN SVCB ;; ANSWER SECTION: _dns.resolver.arpa. 86400 IN SVCB1 dns.google. alpn="dot" _dns.resolver.arpa. 86400 IN SVCB2 dns.google. alpn="h2,h3" dohpath="/dns-query{?dns}" ;; ADDITIONAL SECTION: dns.google. 86400 IN A 8.8.8.8 dns.google. 86400 IN A 8.8.4.4 dns.google. 86400 IN 2001:4860:4860:: dns.google. 86400 IN 2001:4860:4860::8844 ;; Query time: 11 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Sat Jun 25 13:08:21 CEST 2022 ;; MSG SIZE rcvd: 224 $ ./obj/dig +dnssec cloudflare.com https ; <<>> dig 9.10.8-P1 <<>> +dnssec cloudflare.com https ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22508 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;cloudflare.com.IN HTTPS ;; ANSWER SECTION: cloudflare.com. 217 IN HTTPS 1 . alpn="h3,h3-29,h2" ipv4hint=104.16.132.229,104.16.133.229 ipv6hint=2606:4700::6810:84e5,2606:4700::6810:85e5 cloudflare.com. 217 IN RRSIG HTTPS 13 2 300 20220626120906 20220624100906 34505 cloudflare.com. PbQwTGVBW2MIXubouK2vUo92UNvlJ874KCrqah/Or21Jo2oDxfgI15jA 8z/Q6mseLPWIlTxex+KoIqv9y+FNjg== ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Sat Jun 25 13:10:29 CEST 2022 ;; MSG SIZE rcvd: 221 OK? diff --git lib/dns/include/dns/types.h lib/dns/include/dns/types.h index 63ea8d67f51..7085ce29f2e 100644 --- lib/dns/include/dns/types.h +++ lib/dns/include/dns/types.h @@ -139,6 +139,8 @@ enum { dns_rdatatype_openpgpkey = 61, dns_rdatatype_csync = 62, dns_rdatatype_zonemd = 63, + dns_rdatatype_svcb = 64, + dns_rdatatype_https = 65, dns_rdatatype_spf = 99, dns_rdatatype_unspec = 103, dns_rdatatype_nid = 104, diff --git lib/dns/rdata.c lib/dns/rdata.c index c27409efc3c..d731eb3a846 100644 --- lib/dns/rdata.c +++ lib/dns/rdata.c @@ -775,6 +775,7 @@ dns_rdatatype_fromtext(dns_rdatatype_t *typep, isc_textregion_t *source) { {"gpos",27}, {"hinfo", 13}, {"hip", 55}, + {"https", 65}, {"ipseckey",45}, {"isdn",20}, {"ixfr",251}, @@ -822,6 +823,7 @@ dns_rdatatype_fromtext(dns_rdatatype_t *typep, isc_textregion_t *source) { {"spf", 99}, {"srv", 33}, {"sshfp", 44}, + {"svcb",64}, {"ta", 32768}, {"talink", 58}, {"tkey",249}, @@ -1006,6 +1008,10 @@ dns_rdatatype_totext(dns_rdatatype_t type, isc_buffer_t *target) { return (isc_str_tobuffer("CSYNC", target)); case 63: return (isc_str_tobuffer("ZONEMD", target)); + case 64: + return (isc_str_tobuffer("SVCB", target)); + case 65: + return (isc_str_tobuffer("HTTPS", target)); case 99: return (isc_str_tobuffer("SPF", target)); case 100: diff --git lib/dns/rdata/in_1/https_65.c lib/dns/rdata/in_1/https_65.c new file mode 100644 index 000..23d80f8d352 --- /dev/null +++ lib/dns/rdata/in_1/https_65.c @@ -0,0 +1,48 @@ +/* + * Copyright (C) 2022 Florian Obser + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* draft-ietf-dnsop-svcb-https-10 */ + +#ifndef RDATA_IN_1_HTTPS_65_C +#define RDATA_IN_1_HTTPS_65_C + +static inline isc_result_t +totext_in_https(ARGS_TOTEXT) { + REQUIRE(rdata->type == dns_rdatatype_https); + REQUIRE(rdata->rdclass == dns_rdataclass_in); + REQUIRE(rdata->length != 0); + + return (totext_in_svcb_https(rdata, tctx,