naughty

package
v0.0.0-...-29aa66d Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 18, 2024 License: MIT Imports: 19 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	Nsec3Salt       = "abcdef"
	Nsec3Iterations = uint16(2)
)
View Source 
const (
	DnskeyFlagZsk uint16 = 256 // Zone Signing Key
	DnskeyFlagKsk uint16 = 257 // Key Signing Key
	DnskeyFlagCsk uint16 = 257 // Key Signing Key
)

Variables

This section is empty.

Functions

func ContainsType 

func ContainsType(rrset []dns.RR, t uint16) bool

func DefaultDenyExistenceNSEC 

func DefaultDenyExistenceNSEC(msg *dns.Msg, z *Zone, wildcardsUsed SynthesisedResults) (*dns.Msg, error)

func DefaultDenyExistenceNSEC3 

func DefaultDenyExistenceNSEC3(msg *dns.Msg, z *Zone, wildcardsUsed SynthesisedResults) (*dns.Msg, error)

func Do 

func Do(msg *dns.Msg) bool

Do Has the DO bit been set on the question

func GroupRecordsByNameAndType 

func GroupRecordsByNameAndType(rrset []dns.RR) map[string]map[uint16][]dns.RR

func GroupRecordsByType 

func GroupRecordsByType(rrset []dns.RR) map[uint16][]dns.RR

func IterateDownDomainHierarchy 

func IterateDownDomainHierarchy(domain string) iter.Seq[string]

func NewHeader 

func NewHeader(name string, rrtype uint16) dns.RR_Header

func SignMsg 

func SignMsg(key *dns.DNSKEY, signer crypto.Signer, msg *dns.Msg, rrsetSigner SignRRSetSigner) (*dns.Msg, error)

func SignRRSet 

func SignRRSet(key *dns.DNSKEY, signer crypto.Signer, rrset []dns.RR, inception, expiration int64) (*dns.RRSIG, error)

func WildcardName 

func WildcardName(name string) string

WildcardName replaces the first label with *

Types

type BehaviourFactory 

type BehaviourFactory interface {
	Setup(*Nameserver) []*Zone
}

type Callbacks 

type Callbacks struct {
	// Message signing
	Keys             func() []*dns.DNSKEY
	Sign             func(*dns.Msg) (*dns.Msg, error)
	DelegatedSingers func() []*dns.DS
	DenyExistence    func(*dns.Msg, *Zone, SynthesisedResults) (*dns.Msg, error)
}

func NewStandardCallbacks 

func NewStandardCallbacks(signer Signer) *Callbacks

type GluedNS 

type GluedNS struct {
	NS *dns.NS
	A  *dns.A
}

type Logger 

type Logger func(string)
var Debug Logger = func(s string) {}
var Info Logger = func(s string) {}
var Query Logger = func(s string) {}
var Warn Logger = func(s string) {}

type Nameserver 

type Nameserver struct {
	RootZone     *Zone
	BaseZone     *Zone
	BaseZoneName string
	NSRecords    []GluedNS
	Zones        map[string]*Zone
}

func NewNameserver 

func NewNameserver(baseZoneName string, nsIPv4s []string) *Nameserver

func (*Nameserver) AddBehaviours 

func (ns *Nameserver) AddBehaviours(behaviours []BehaviourFactory) error

func (*Nameserver) BaseDelegatedSingers 

func (ns *Nameserver) BaseDelegatedSingers() []*dns.DS

func (*Nameserver) Exchange 

func (ns *Nameserver) Exchange(qmsg *dns.Msg) (*dns.Msg, error)

func (*Nameserver) RegisterToZone 

func (ns *Nameserver) RegisterToZone(new *Zone, existing *Zone) error

func (*Nameserver) RegisterZone 

func (ns *Nameserver) RegisterZone(new *Zone) error

func (*Nameserver) RootDelegatedSingers 

func (ns *Nameserver) RootDelegatedSingers() []*dns.DS

type OldBehaviourFactory 

type OldBehaviourFactory interface {
	Setup(*Nameserver) error
}

type RecordSet 

type RecordSet []dns.RR

type RecordStore 

type RecordStore map[string]map[uint16]RecordSet

func (RecordStore) GetNSEC3ClosestEncloserRecord 

func (store RecordStore) GetNSEC3ClosestEncloserRecord(name, zoneName string) dns.RR

func (RecordStore) GetNSEC3Record 

func (store RecordStore) GetNSEC3Record(name, zoneName string) dns.RR

type SignRRSetSigner 

type SignRRSetSigner func(*dns.DNSKEY, crypto.Signer, []dns.RR, int64, int64) (*dns.RRSIG, error)

type Signer 

type Signer interface {
	Keys() []*dns.DNSKEY
	Sign(*dns.Msg) (*dns.Msg, error)
	DelegatedSingers() []*dns.DS
}

type SignerAutogenPair 

type SignerAutogenPair struct {
	Ksk *SignerAutogenSingle
	Zsk *SignerAutogenSingle
	// contains filtered or unexported fields
}

func NewSignerAutogenPair 

func NewSignerAutogenPair(zone string, kskAlgorithm uint8, kskBits int, zskAlgorithm uint8, zskBits int) (*SignerAutogenPair, error)

func (*SignerAutogenPair) DelegatedSingers 

func (s *SignerAutogenPair) DelegatedSingers() []*dns.DS

func (*SignerAutogenPair) Keys 

func (s *SignerAutogenPair) Keys() []*dns.DNSKEY

func (*SignerAutogenPair) Sign 

func (s *SignerAutogenPair) Sign(msg *dns.Msg) (*dns.Msg, error)

type SignerAutogenSingle 

type SignerAutogenSingle struct {
	// contains filtered or unexported fields
}

SignerAutogenSingle Generates a CSK signer using the passed algorithm and bit count.

func NewSignerAutogenSingle 

func NewSignerAutogenSingle(zone string, algorithm uint8, bits int) (*SignerAutogenSingle, error)

func NewSignerAutogenSingleDefault 

func NewSignerAutogenSingleDefault(zone string) *SignerAutogenSingle

NewSignerAutogenSingleDefault Creates the default config - a ECDSAP256SHA256 CSK

func NewSignerAutogenSingleMLDSA 

func NewSignerAutogenSingleMLDSA(zone string, algorithm uint8) (*SignerAutogenSingle, error)

func (*SignerAutogenSingle) DelegatedSingers 

func (s *SignerAutogenSingle) DelegatedSingers() []*dns.DS

func (*SignerAutogenSingle) Key 

func (s *SignerAutogenSingle) Key() *dns.DNSKEY

func (*SignerAutogenSingle) Keys 

func (s *SignerAutogenSingle) Keys() []*dns.DNSKEY

func (*SignerAutogenSingle) SetDnsKeyFlag 

func (s *SignerAutogenSingle) SetDnsKeyFlag(flag uint16)

func (*SignerAutogenSingle) SetHash 

func (s *SignerAutogenSingle) SetHash(hash uint8)

func (*SignerAutogenSingle) Sign 

func (s *SignerAutogenSingle) Sign(msg *dns.Msg) (*dns.Msg, error)

func (*SignerAutogenSingle) Signer 

func (s *SignerAutogenSingle) Signer() crypto.Signer

type SignerReaderPair 

type SignerReaderPair struct {
	Ksk *SignerReaderSingle
	Zsk *SignerAutogenSingle
	// contains filtered or unexported fields
}

func NewSignerReaderPair 

func NewSignerReaderPair(zone string, publicReader, secretReader io.Reader) (*SignerReaderPair, error)

func (*SignerReaderPair) DelegatedSingers 

func (s *SignerReaderPair) DelegatedSingers() []*dns.DS

func (*SignerReaderPair) Keys 

func (s *SignerReaderPair) Keys() []*dns.DNSKEY

func (*SignerReaderPair) Sign 

func (s *SignerReaderPair) Sign(msg *dns.Msg) (*dns.Msg, error)

type SignerReaderSingle 

type SignerReaderSingle struct {
	// contains filtered or unexported fields
}

SignerReaderSingle Generates a CSK signer using the passed algorithm and bit count.

func NewSignerReaderSingle 

func NewSignerReaderSingle(zone string, publicReader, secretReader io.Reader) (*SignerReaderSingle, error)

func (*SignerReaderSingle) DelegatedSingers 

func (s *SignerReaderSingle) DelegatedSingers() []*dns.DS

func (*SignerReaderSingle) Key 

func (s *SignerReaderSingle) Key() *dns.DNSKEY

func (*SignerReaderSingle) Keys 

func (s *SignerReaderSingle) Keys() []*dns.DNSKEY

func (*SignerReaderSingle) SetDnsKeyFlag 

func (s *SignerReaderSingle) SetDnsKeyFlag(flag uint16)

SetDnsKeyFlag allows the DNSKEY flags to be amended.

func (*SignerReaderSingle) Sign 

func (s *SignerReaderSingle) Sign(msg *dns.Msg) (*dns.Msg, error)

func (*SignerReaderSingle) Signer 

func (s *SignerReaderSingle) Signer() crypto.Signer

type SynthesisedResults 

type SynthesisedResults map[string]string

type Zone 

type Zone struct {
	Name string

	Callbacks *Callbacks

	NS  []GluedNS
	SOA *dns.SOA

	// a map of name, then type
	Records RecordStore
}

func NewZone 

func NewZone(name string, nameservers []GluedNS, callbacks *Callbacks) *Zone

func (*Zone) AddRecord 

func (z *Zone) AddRecord(r dns.RR)

func (*Zone) AddRecords 

func (z *Zone) AddRecords(r []dns.RR)

func (*Zone) DelegateTo 

func (z *Zone) DelegateTo(child *Zone)

func (*Zone) Exchange 

func (z *Zone) Exchange(qmsg *dns.Msg) (*dns.Msg, error)

func (*Zone) GetRecords 

func (z *Zone) GetRecords(rrname string, rrtype uint16) []dns.RR

func (*Zone) GetTypesAndRecords 

func (z *Zone) GetTypesAndRecords(rrname string) map[uint16]RecordSet

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.