modo-rs 0.8.0

Rust web framework for small monolithic apps
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140

//! Internal DNS wire-protocol helpers: building queries, validating responses,
//! and extracting TXT / CNAME record data from parsed packets.

use simple_dns::{CLASS, Name, Packet, QCLASS, QTYPE, Question, RCODE, TYPE, rdata::RData};

use crate::error::{Error, Result};

use super::error::DnsError;

/// Which DNS record type to query.
#[derive(Debug, Clone, Copy)]
pub(crate) enum RecordType {
    Txt,
    Cname,
}

/// Build a DNS query packet. Returns (query_id, serialized_bytes).
pub(crate) fn build_query(domain: &str, record_type: RecordType) -> Result<(u16, Vec<u8>)> {
    let id: u16 = (rand::random::<u16>()) | 1; // avoid id=0
    let mut packet = Packet::new_query(id);

    let name = Name::new(domain)
        .map_err(|_| Error::bad_request(format!("invalid domain name: {domain}")))?;

    let qtype = match record_type {
        RecordType::Txt => QTYPE::TYPE(TYPE::TXT),
        RecordType::Cname => QTYPE::TYPE(TYPE::CNAME),
    };

    packet
        .questions
        .push(Question::new(name, qtype, QCLASS::CLASS(CLASS::IN), false));

    let bytes = packet
        .build_bytes_vec()
        .map_err(|_| Error::internal("failed to build dns query packet"))?;

    Ok((id, bytes))
}

/// Validate a DNS response: parse, check ID, check RCODE.
/// Returns the parsed packet on success.
/// NXDOMAIN (NameError) returns Ok with an empty answers section.
pub(crate) fn validate_response(data: &[u8], expected_id: u16) -> Result<Packet<'_>> {
    let packet = Packet::parse(data).map_err(|_| {
        Error::bad_gateway("dns response malformed")
            .chain(DnsError::Malformed)
            .with_code(DnsError::Malformed.code())
    })?;

    if packet.id() != expected_id {
        return Err(Error::bad_gateway("dns response id mismatch")
            .chain(DnsError::Malformed)
            .with_code(DnsError::Malformed.code()));
    }

    match packet.rcode() {
        RCODE::NoError | RCODE::NameError => Ok(packet),
        RCODE::ServerFailure => Err(Error::bad_gateway("dns server failure")
            .chain(DnsError::ServerFailure)
            .with_code(DnsError::ServerFailure.code())),
        RCODE::Refused => Err(Error::bad_gateway("dns query refused")
            .chain(DnsError::Refused)
            .with_code(DnsError::Refused.code())),
        _ => Err(Error::bad_gateway("dns query failed")
            .chain(DnsError::ServerFailure)
            .with_code(DnsError::ServerFailure.code())),
    }
}

/// Extract all TXT record strings from a parsed response packet.
///
/// `simple-dns` TXT `attributes()` returns `HashMap<String, Option<String>>`.
/// For plain verification tokens (not key=value), the token is the key with `None` value.
/// For key=value pairs, both key and value are present.
/// We collect all keys (which represent the text content of each TXT record).
pub(crate) fn extract_txt_records(packet: &Packet<'_>) -> Vec<String> {
    let mut results = Vec::new();
    for answer in &packet.answers {
        if let RData::TXT(txt) = &answer.rdata {
            for (key, value) in txt.attributes() {
                match value {
                    Some(val) => results.push(format!("{key}={val}")),
                    None => results.push(key),
                }
            }
        }
    }
    results
}

/// Extract the CNAME target from a parsed response packet (first CNAME answer).
/// CNAME is a tuple struct: `CNAME(pub Name<'a>)`.
pub(crate) fn extract_cname_target(packet: &Packet<'_>) -> Option<String> {
    for answer in &packet.answers {
        if let RData::CNAME(cname) = &answer.rdata {
            return Some(cname.0.to_string());
        }
    }
    None
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn build_txt_query_roundtrips() {
        let (id, bytes) = build_query("example.com", RecordType::Txt).unwrap();
        let packet = Packet::parse(&bytes).unwrap();
        assert_eq!(packet.id(), id);
        assert_eq!(packet.questions.len(), 1);
        assert_eq!(packet.questions[0].qname.to_string(), "example.com");
        assert_eq!(packet.questions[0].qtype, QTYPE::TYPE(TYPE::TXT));
        assert_eq!(packet.questions[0].qclass, QCLASS::CLASS(CLASS::IN));
    }

    #[test]
    fn build_cname_query_roundtrips() {
        let (id, bytes) = build_query("example.com", RecordType::Cname).unwrap();
        let packet = Packet::parse(&bytes).unwrap();
        assert_eq!(packet.id(), id);
        assert_eq!(packet.questions[0].qtype, QTYPE::TYPE(TYPE::CNAME));
    }

    #[test]
    fn parse_rcode_noerror() {
        let packet = Packet::new_query(1);
        let bytes = packet.build_bytes_vec().unwrap();
        let parsed = Packet::parse(&bytes).unwrap();
        assert_eq!(parsed.rcode(), RCODE::NoError);
    }

    #[test]
    fn id_mismatch_returns_error() {
        let (_, query_bytes) = build_query("example.com", RecordType::Txt).unwrap();
        let result = validate_response(&query_bytes, 9999);
        assert!(result.is_err());
    }
}