Merge pull request #773 from tweltz/master

Fixes TXT query results

Author: jandubois

go.mod

@@ -13,6 +13,7 @@ require (
 	github.com/diskfs/go-diskfs v1.2.0
 	github.com/docker/go-units v0.4.0
 	github.com/elastic/go-libaudit/v2 v2.2.0
+	github.com/foxcpp/go-mockdns v1.0.0
 	github.com/google/go-cmp v0.5.7
 	github.com/gorilla/mux v1.8.0
 	github.com/hashicorp/go-multierror v1.1.1

go.sum

@@ -384,6 +384,8 @@ github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYF
 github.com/felixge/httpsnoop v1.0.1/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
 github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k=
 github.com/form3tech-oss/jwt-go v3.2.3+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k=
+github.com/foxcpp/go-mockdns v1.0.0 h1:7jBqxd3WDWwi/6WhDvacvH1XsN3rOLXyHM1uhvIx6FI=
+github.com/foxcpp/go-mockdns v1.0.0/go.mod h1:lgRN6+KxQBawyIghpnl5CezHFGS9VLzvtVlwxvzXTQ4=
 github.com/frankban/quicktest v1.11.3/go.mod h1:wRf/ReqHper53s+kmmSZizM8NamnL3IM0I9ntUbOk+k=
 github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
 github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ=
@@ -680,6 +682,7 @@ github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b h1:j7+1HpAFS1zy5+Q4qx1f
 github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b/go.mod h1:01TrycV0kFyexm33Z7vhZRXopbI8J3TDReVlkTgMUxE=
 github.com/mibk/dupl v1.0.0/go.mod h1:pCr4pNxxIbFGvtyCOi0c7LVjmV6duhKWV+ex5vh38ME=
 github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg=
+github.com/miekg/dns v1.1.25/go.mod h1:bPDLeHnStXmXAq1m/Ch/hvfNHr14JKNPMBo3VZKjuso=
 github.com/miekg/dns v1.1.43/go.mod h1:+evo5L0630/F6ca/Z9+GAqzhjGyn8/c+TBaOyfEl0V4=
 github.com/miekg/dns v1.1.48 h1:Ucfr7IIVyMBz4lRE8qmGUuZ4Wt3/ZGu9hmcMT3Uu4tQ=
 github.com/miekg/dns v1.1.48/go.mod h1:e3IlAVfNqAllflbibAZEWOXOQ+Ynzk/dDozDxY7XnME=
@@ -1016,6 +1019,7 @@ golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8U
 golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20190923035154-9ee001bba392/go.mod h1:/lpIB1dKB+9EgE3H3cr1v9wB50oz8l4C4h62xy7jSTY=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20200220183623-bac4c82f6975/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
@@ -1091,6 +1095,7 @@ golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLL
 golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20190921015927-1a5e07d1ff72/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20190923162816-aa69164e4478/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20191004110552-13f9640d40b9/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
@@ -1188,6 +1193,8 @@ golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190922100055-0a153f010e69/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190924154521-2837fb4f24fe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191022100944-742c48ecaeb7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -1311,6 +1318,7 @@ golang.org/x/tools v0.0.0-20190624222133-a101b041ded4/go.mod h1:/rFqwRUd4F7ZHNgw
 golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
 golang.org/x/tools v0.0.0-20190706070813-72ffa07ba3db/go.mod h1:jcCCGcm9btYwXyDqrUWc6MKQKKGJCWEQ3AfLSRIbEuI=
 golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20190907020128-2ca718005c18/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=

pkg/hostagent/dns/dns.go

@@ -174,12 +174,17 @@ func (h *Handler) handleQuery(w dns.ResponseWriter, req *dns.Msg) {
 		case dns.TypeTXT:
 			txt, err := net.LookupTXT(q.Name)
 			if err == nil && len(txt) > 0 {
-				a := &dns.TXT{
-					Hdr: hdr,
-					Txt: txt,
+				for _, s := range txt {
+					a := &dns.TXT{
+						Hdr: hdr,
+					}
+					// Per RFC7208 3.3, when a TXT answer has multiple strings, the answer must be treated as
+					// a single concatenated string. net.LookupTXT is pre-concatenating such answers, which
+					// means we need to break it back up for this resolver to return a valid response.
+					a.Txt = chunkify(s, 255)
+					reply.Answer = append(reply.Answer, a)
+					handled = true
 				}
-				reply.Answer = append(reply.Answer, a)
-				handled = true
 			}
 		case dns.TypeNS:
 			ns, err := net.LookupNS(q.Name)
@@ -291,3 +296,15 @@ func Start(udpLocalPort, tcpLocalPort int, IPv6 bool, hosts map[string]string) (
 	}
 	return server, nil
 }
+
+func chunkify(buffer string, limit int) []string {
+	var result []string
+	for len(buffer) > 0 {
+		if len(buffer) < limit {
+			limit = len(buffer)
+		}
+		result = append(result, buffer[:limit])
+		buffer = buffer[limit:]
+	}
+	return result
+}

pkg/hostagent/dns/dns_test.go

@@ -0,0 +1,116 @@
+package dns
+
+import (
+	"io"
+	"log"
+	"net"
+	"regexp"
+	"testing"
+
+	"github.com/foxcpp/go-mockdns"
+	"github.com/miekg/dns"
+	"gotest.tools/v3/assert"
+)
+
+var (
+	dnsResult *dns.Msg
+)
+
+func TestTXTRecords(t *testing.T) {
+	testDomains := make([]string, 3)
+	testDomains[0] = "onerecord.com"
+	testDomains[1] = "multistringrecord.com"
+	testDomains[2] = "multiplerecords.com"
+
+	expectedResults := make([]string, 3)
+	expectedResults[0] = `onerecord.com.\s+5\s+IN\s+TXT\s+"My txt record"`
+	expectedResults[1] = `multistringrecord.com.\s+5\s+IN\s+TXT\s+"123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345" "67890123456789012345678901234567890"`
+	expectedResults[2] = `multiplerecords.com.\s+5\s+IN\s+TXT\s+"record 1"\nmultiplerecords.com.\s*5\s*IN\s*TXT\s*"record 2"`
+
+	srv, _ := mockdns.NewServerWithLogger(map[string]mockdns.Zone{
+		"onerecord.com.": {
+			TXT: []string{"My txt record"},
+		},
+		"multistringrecord.com.": {
+			TXT: []string{"123456789012345678901234567890123456789012345678901234567890" +
+				"123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890" +
+				"123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890" +
+				"12345678901234567890123456789012345678901234567890"},
+		},
+		"multiplerecords.com.": {
+			TXT: []string{"record 1", "record 2"},
+		},
+	}, log.New(io.Discard, "mockdns server: ", log.LstdFlags), false)
+	defer srv.Close()
+
+	srv.PatchNet(net.DefaultResolver)
+	defer mockdns.UnpatchNet(net.DefaultResolver)
+
+	t.Run("test TXT records", func(t *testing.T) {
+		w := new(TestResponseWriter)
+		h, err := newHandler(true, map[string]string{
+			"MY.Host": "host.lima.internal",
+		})
+		if err == nil {
+			for i := 0; i < len(testDomains); i++ {
+				req := new(dns.Msg)
+				req.SetQuestion(dns.Fqdn(testDomains[i]), dns.TypeTXT)
+				h.ServeDNS(w, req)
+				regex_check := regexp.MustCompile(expectedResults[i]).MatchString(dnsResult.String())
+				assert.Assert(t, regex_check)
+			}
+		}
+	})
+}
+
+type TestResponseWriter struct {
+}
+
+// LocalAddr returns the net.Addr of the server
+func (r TestResponseWriter) LocalAddr() net.Addr {
+	return new(TestAddr)
+}
+
+// RemoteAddr returns the net.Addr of the client that sent the current request.
+func (r TestResponseWriter) RemoteAddr() net.Addr {
+	return new(TestAddr)
+}
+
+// WriteMsg writes a reply back to the client.
+func (r TestResponseWriter) WriteMsg(newMsg *dns.Msg) error {
+	dnsResult = newMsg
+	return nil
+}
+
+// Write writes a raw buffer back to the client.
+func (r TestResponseWriter) Write([]byte) (int, error) {
+	return 0, nil
+}
+
+// Close closes the connection.
+func (r TestResponseWriter) Close() error {
+	return nil
+}
+
+// TsigStatus returns the status of the Tsig.
+func (r TestResponseWriter) TsigStatus() error {
+	return nil
+}
+
+// TsigTimersOnly sets the tsig timers only boolean.
+func (r TestResponseWriter) TsigTimersOnly(bool) {
+}
+
+// Hijack lets the caller take over the connection.
+// After a call to Hijack(), the DNS package will not do anything with the connection.
+func (r TestResponseWriter) Hijack() {
+}
+
+type TestAddr struct{}
+
+func (r TestAddr) Network() string {
+	return ""
+}
+func (r TestAddr) String() string {
+	return ""
+}