rename to go.wit.com/control-panel-dns

Signed-off-by: Jeff Carr <jcarr@wit.com>
2023-12-20 15:12:26 -06:00 · 2023-12-20 15:12:26 -06:00 · bb662ccd82
parent 4c3be58461
commit bb662ccd82
9 changed files with 382 additions and 11 deletions
--- a/debian/Makefile
+++ b/debian/Makefile
@ -21,7 +21,7 @@ clean:
 extract:
 	mkdir -p ../files/usr/bin
 	mkdir -p ../files/usr/lib/control-panel-dns/
-	-cp ~/go/src/git.wit.org/wit/gui/toolkit/*.so ../files/usr/lib/control-panel-dns/
+	-cp ~/go/src/go.wit.com/gui/toolkit/*.so ../files/usr/lib/control-panel-dns/
 	cp  ../README.md ../files/usr/lib/control-panel-dns/
 	cp  ../control-panel-dns ../files/usr/bin/

--- a/dnssecsocket/args.go
+++ b/dnssecsocket/args.go
@ -0,0 +1,44 @@
+package dnssecsocket
+
+//
+// By using the package "github.com/alexflint/go-arg",
+// these can be configured from the command line
+//
+
+import (
+	// arg "github.com/alexflint/go-arg"
+	// "log"
+	// "os"
+)
+
+type Args struct {
+	VerboseDnssec bool `arg:"--verbose-dnssec" help:"debug dnssec lookups"`
+	Foo string `arg:"env:USER"`
+}
+
+var args struct {
+	Args
+	Verbose bool
+}
+
+func Parse (b bool) {
+	args.Verbose = b
+	args.VerboseDnssec = b
+}
+
+// I attempted to pass the *arg.Parser down
+// to see if I could find the value somewhere but I couldn't find it
+/*
+var conf arg.Config
+
+func Parse (p *arg.Parser) {
+	// conf.Program = "control-panel-dns"
+	// conf.IgnoreEnv = false
+	// arg.NewParser(conf, &args)
+	log.Println("fuckit", p, args.VerboseDnssec)
+	for i, v := range p.SubcommandNames() {
+		log.Println("dnssec.Parse", i, v)
+	}
+	p.Jcarr()
+}
+*/
--- a/dnssecsocket/connection_handler.go
+++ b/dnssecsocket/connection_handler.go
@ -0,0 +1,131 @@
+// inspired from:
+// https://github.com/mactsouk/opensource.com.git
+// and
+// https://coderwall.com/p/wohavg/creating-a-simple-tcp-server-in-go
+
+package dnssecsocket
+
+import "os"
+import "bufio"
+import "math/rand"
+import "net"
+import "strconv"
+import "strings"
+// import log "github.com/sirupsen/logrus"
+// import "github.com/wercker/journalhook"
+
+import "go.wit.com/shell"
+
+// will try to get this hosts FQDN
+// import "github.com/Showmax/go-fqdn"
+
+import "github.com/miekg/dns"
+
+// import "github.com/davecgh/go-spew/spew"
+
+const MIN = 1
+const MAX = 100
+
+func random() int {
+	return rand.Intn(MAX-MIN) + MIN
+}
+
+func GetRemoteAddr(conn net.TCPConn) string {
+	clientAddr := conn.RemoteAddr().String()
+	parts := strings.Split(clientAddr, "]")
+	ipv6 := parts[0]
+	return ipv6[1:]
+}
+
+//
+// Handle each connection
+// Each client must send it's hostname as the first line
+// Then each hostname is verified with DNSSEC
+//
+func HandleConnection(conn *net.TCPConn) {
+	// Disable journalhook until it builds on Windows
+	// journalhook.Enable()
+
+	// spew.Dump(conn)
+	// ipv6client := GetRemoteAddr(c)
+	ipv6client := conn.RemoteAddr()
+	log(args.VerboseDnssec, "Serving to %s as the IPv6 client", ipv6client)
+
+	// setup this TCP socket as the "standard input"
+	// newStdin, _ := bufio.NewReader(conn.File())
+	newStdin, _ := conn.File()
+	newreader := bufio.NewReader(newStdin)
+
+	log(args.VerboseDnssec, "Waiting for the client to tell me its name")
+	netData, err := newreader.ReadString('\n')
+	if err != nil {
+		log(args.VerboseDnssec, err)
+		return
+	}
+	clientHostname := strings.TrimSpace(netData)
+	log(args.VerboseDnssec, "Recieved client hostname as:", clientHostname)
+
+	dnsRR := Dnstrace(clientHostname, "AAAA")
+	if (dnsRR == nil) {
+		log(args.VerboseDnssec, "dnsRR IS NIL")
+		log(args.VerboseDnssec, "dnsRR IS NIL")
+		log(args.VerboseDnssec, "dnsRR IS NIL")
+		conn.Close()
+		return
+	}
+	ipaddr := dns.Field(dnsRR[1], 1)
+	log(args.VerboseDnssec, "Client claims to be:   ", ipaddr)
+	log(args.VerboseDnssec, "Serving to IPv6 client:", ipv6client)
+
+/* TODO: figure out how to fix this check
+	if (ipaddr != ipv6client) {
+		log(args.VerboseDnssec)
+		log(args.VerboseDnssec, "DNSSEC ERROR: client IPv6 does not work")
+		log(args.VerboseDnssec, "DNSSEC ERROR: client IPv6 does not work")
+		log(args.VerboseDnssec, "DNSSEC ERROR: client IPv6 does not work")
+		log(args.VerboseDnssec)
+		conn.Close()
+		return
+	}
+*/
+
+	f, _ := conn.File()
+//	shell.SetStdout(f)
+//	shell.SpewOn()		// turn this on if you want to look at the process exit states
+
+	// send all log() output to systemd journalctl
+//	shell.UseJournalctl()
+
+	for {
+		defer shell.SetStdout(os.Stdout)
+		defer conn.Close()
+		netData, err := newreader.ReadString('\n')
+		if err != nil {
+			log(args.VerboseDnssec, err)
+			return
+		}
+
+		temp := strings.TrimSpace(string(netData))
+		if temp == "STOP" {
+			break
+		}
+		log(args.VerboseDnssec, "Recieved: ", temp)
+
+		if (temp == "list") {
+			log(args.VerboseDnssec, "Should run list here")
+			shell.SetStdout(f)
+			shell.Run("/root/bin/list.testing.com")
+			shell.SetStdout(os.Stdout)
+		}
+
+		if (temp == "cpuinfo") {
+			log(args.VerboseDnssec, "Should cat /proc/cpuinfo")
+			shell.SetStdout(f)
+			shell.Run("cat /proc/cpuinfo")
+			shell.SetStdout(os.Stdout)
+		}
+
+		result := strconv.Itoa(random()) + "\n"
+		conn.Write([]byte(string(result)))
+	}
+}
--- a/dnssecsocket/dnstrace.go
+++ b/dnssecsocket/dnstrace.go
@ -0,0 +1,168 @@
+package dnssecsocket
+
+// inspired from github.com/rs/dnstrace/main.go
+
+import "fmt"
+import "net"
+// import "os"
+import "strings"
+import "time"
+
+import "github.com/miekg/dns"
+import "github.com/rs/dnstrace/client"
+
+// import log "github.com/sirupsen/logrus"
+
+// this is cool, but breaks the Windows build
+// import "github.com/wercker/journalhook"
+
+// import "github.com/davecgh/go-spew/spew"
+
+const (
+	cReset    = 0
+	cBold     = 1
+	cRed      = 31
+	cGreen    = 32
+	cYellow   = 33
+	cBlue     = 34
+	cMagenta  = 35
+	cCyan     = 36
+	cGray     = 37
+	cDarkGray = 90
+)
+
+func colorize(s interface{}, color int, enabled bool) string {
+	if !enabled {
+		return fmt.Sprintf("%v", s)
+	}
+	return fmt.Sprintf("\x1b[%dm%v\x1b[0m", color, s)
+}
+
+func Dnstrace(hostname string, qtypestr string) []dns.RR {
+	// color := flag.Bool("color", true, "Enable/disable colors")
+	color := true
+
+	qname := dns.Fqdn(hostname)
+	// qtype := dns.TypeA
+	qtype := dns.StringToType[qtypestr]
+
+	col := func(s interface{}, c int) string {
+		return colorize(s, c, color)
+	}
+
+	m := &dns.Msg{}
+	m.SetQuestion(qname, qtype)
+	// Set DNSSEC opt to better emulate the default queries from a nameserver.
+	o := &dns.OPT{
+		Hdr: dns.RR_Header{
+			Name:   ".",
+			Rrtype: dns.TypeOPT,
+		},
+	}
+	o.SetDo()
+	o.SetUDPSize(dns.DefaultMsgSize)
+	m.Extra = append(m.Extra, o)
+
+	c := client.New(1)
+	c.Client.Timeout = 500 * time.Millisecond
+	t := client.Tracer{
+		GotIntermediaryResponse: func(i int, m *dns.Msg, rs client.Responses, rtype client.ResponseType) {
+			fr := rs.Fastest()
+			var r *dns.Msg
+			if fr != nil {
+				r = fr.Msg
+			}
+			qname := m.Question[0].Name
+			qtype := dns.TypeToString[m.Question[0].Qtype]
+			if i > 1 {
+				log(args.VerboseDnssec)
+			}
+			log(args.VerboseDnssec, "%d - query %s %s", i, qtype, qname)
+			if r != nil {
+				log(args.VerboseDnssec, ": %s", strings.Replace(strings.Replace(r.MsgHdr.String(), ";; ", "", -1), "\n", ", ", -1))
+			}
+			log(args.VerboseDnssec)
+			for _, pr := range rs {
+				ln := 0
+				if pr.Msg != nil {
+					ln = pr.Msg.Len()
+				}
+				rtt := float64(pr.RTT) / float64(time.Millisecond)
+				lrtt := "0ms (from cache)"
+				if pr.Server.HasGlue {
+					lrtt = "0ms (from glue)"
+				} else if pr.Server.LookupRTT > 0 {
+					lrtt = fmt.Sprintf("%.2fms", float64(pr.Server.LookupRTT)/float64(time.Millisecond))
+				}
+				log(args.VerboseDnssec, col("  - %d bytes in %.2fms + %s lookup on %s(%s)", cDarkGray), ln, rtt, lrtt, pr.Server.Name, pr.Addr)
+				if pr.Err != nil {
+					err := pr.Err
+					if oerr, ok := err.(*net.OpError); ok {
+						err = oerr.Err
+					}
+					log(args.VerboseDnssec, ": %v", col(err, cRed))
+				}
+				log(args.VerboseDnssec, "\n")
+			}
+
+			switch rtype {
+			case client.ResponseTypeDelegation:
+				var label string
+				for _, rr := range r.Ns {
+					if ns, ok := rr.(*dns.NS); ok {
+						label = ns.Header().Name
+						break
+					}
+				}
+				_, ns := c.DCache.Get(label)
+				for _, s := range ns {
+					var glue string
+					if s.HasGlue {
+						glue = col("glue: "+strings.Join(s.Addrs, ","), cDarkGray)
+					} else {
+						glue = col("no glue", cYellow)
+					}
+					log(args.VerboseDnssec, "%s %d NS %s (%s)\n", label, s.TTL, s.Name, glue)
+				}
+			case client.ResponseTypeCNAME:
+				for _, rr := range r.Answer {
+					log(args.VerboseDnssec, rr)
+				}
+			}
+		},
+		FollowingCNAME: func(domain, target string) {
+			log(args.VerboseDnssec, col("\n~ following CNAME %s -> %s\n", cBlue), domain, target)
+		},
+	}
+	r, rtt, err := c.RecursiveQuery(m, t)
+	if err != nil {
+		log(args.VerboseDnssec, col("*** error: %v\n", cRed), err)
+		return nil
+	}
+
+	log(args.VerboseDnssec)
+	log(args.VerboseDnssec, col(";; Cold best path time: %s\n\n", cGray), rtt)
+	for i, rr := range r.Answer {
+		log(args.VerboseDnssec, "r.Answer =", i, rr, args.VerboseDnssec)
+	}
+	return r.Answer
+	// for _, rr := range r.Answer {
+	// 	return rr
+	// }
+	// return nil
+}
+
+func ResolveIPv6hostname(hostname string) *net.TCPAddr {
+	dnsRR := Dnstrace(hostname, "AAAA")
+	if (dnsRR == nil) {
+		return nil
+	}
+	aaaa := dns.Field(dnsRR[1], 1)
+	localTCPAddr, _  := net.ResolveTCPAddr("tcp", aaaa)
+	return localTCPAddr
+}
+
+func UseJournalctl() {
+	log(args.VerboseDnssec, "journalhook is disabled because it breaks the Windows build right now")
+        // journalhook.Enable()
+}
--- a/dnssecsocket/log.go
+++ b/dnssecsocket/log.go
@ -0,0 +1,30 @@
+package dnssecsocket
+
+import 	(
+	witlog "go.wit.com/gui/log"
+)
+
+// various debugging flags
+var logNow bool = true	// useful for active development
+var logError bool = true
+var logWarn bool = false
+var logInfo bool = false
+var logVerbose bool = false
+
+var SPEW witlog.Spewt
+
+// var log interface{}
+
+func log(a ...any) {
+	witlog.Where = "wit/gui"
+	witlog.Log(a...)
+}
+
+func sleep(a ...any) {
+	witlog.Sleep(a...)
+}
+
+func exit(a ...any) {
+	log(logError, "got to log() exit")
+	witlog.Exit(a...)
+}
--- a/hostname.go
+++ b/hostname.go
@ -6,12 +6,10 @@
 package main

 import (
-	"git.wit.org/wit/shell"
+	"go.wit.com/shell"

-	// dnssec IPv6 socket library
-	"git.wit.org/jcarr/dnssecsocket"
-
-	"git.wit.org/jcarr/control-panel-dns/cloudflare"
+	"go.wit.com/control-panel-dns/cloudflare"
+	"go.wit.com/control-panel-dns/dnssecsocket"
 )

 // will try to get this hosts FQDN
--- a/log.go
+++ b/log.go
@ -3,7 +3,7 @@ package main
 import 	(
 	"log"
 	"reflect"
-	witlog "git.wit.org/wit/gui/log"
+	witlog "go.wit.com/gui/log"
 )

 var LogPrefix = "ipv6cp" // ipv6 control panel debugging line
--- a/nsupdate.go
+++ b/nsupdate.go
@ -12,7 +12,7 @@ import (
 //	./go-nsupdate \
 //		--tsig-algorithm=hmac-sha512 \
 //		--tsig-secret="OWh5/ZHIyaz7B8J9m9ZDqZ8448Pke0PTpkYbZmFcOf5a6rEzgmcwrG91u1BHi1/4us+mKKEobDPLw1x6sD+ZJw==" \
-//		-i eno2 farm001.lab.wit.org
+//		-i eno2 farm001.lab.wit.com

 func nsupdate() {
 	var tsigSecret string
--- a/unix.go
+++ b/unix.go
@ -13,7 +13,7 @@ import 	(
 	"fmt"
 	"strings"

-	"git.wit.org/wit/shell"
+	"go.wit.com/shell"
 )

 func CheckSuperuser() bool {
@ -35,8 +35,8 @@ func Escalate() {
 }

 // You need permission to do a zone transfer. Otherwise:
-// dig +noall +answer +multiline lab.wit.org any 
-// dig +all +multiline fire.lab.wit.org # gives the zonefile header (ttl vals)
+// dig +noall +answer +multiline lab.wit.com any 
+// dig +all +multiline fire.lab.wit.com # gives the zonefile header (ttl vals)
 func DumpPublicDNSZone(zone string) {
 	entries, err := net.LookupHost(zone)
 	if err != nil {