dnscontrol/pkg/normalize/flatten.go

package normalize

import (
	"fmt"
	"sort"
	"strconv"
	"strings"

	"github.com/StackExchange/dnscontrol/v3/models"
	"github.com/StackExchange/dnscontrol/v3/pkg/spflib"
	"golang.org/x/exp/constraints"
)

func sortedKeys[K constraints.Ordered, V any](m map[K]V) []K {
	keys := make([]K, len(m))
	i := 0
	for k := range m {
		keys[i] = k
		i++
	}
	sort.Slice(keys, func(i, j int) bool { return keys[i] < keys[j] })
	return keys
}

// hasSpfRecords returns true if this record requests SPF unrolling.
func flattenSPFs(cfg *models.DNSConfig) []error {
	var cache spflib.CachingResolver
	var errs []error
	var err error
	for _, domain := range cfg.Domains {
		txtRecords := domain.Records.GetByType("TXT")
		// flatten all spf records that have the "flatten" metadata
		for _, txt := range txtRecords {
			var rec *spflib.SPFRecord
			txtTarget := strings.Join(txt.TxtStrings, "")
			if txt.Metadata["flatten"] != "" || txt.Metadata["split"] != "" {
				if cache == nil {
					cache, err = spflib.NewCache("spfcache.json")
					if err != nil {
						return []error{err}
					}
				}
				rec, err = spflib.Parse(txtTarget, cache)
				if err != nil {
					errs = append(errs, err)
					continue
				}
			}
			if flatten, ok := txt.Metadata["flatten"]; ok && strings.HasPrefix(txtTarget, "v=spf1") {
				rec = rec.Flatten(flatten)
				err = txt.SetTargetTXT(rec.TXT())
				if err != nil {
					errs = append(errs, err)
					continue
				}
			}
			// now split if needed
			if split, ok := txt.Metadata["split"]; ok {

				overhead1 := 0
				// overhead1: The first segment of the SPF record
				// needs to be shorter than the others due to the overhead of
				// other (non-SPF) txt records.  If there are (for example) 50
				// bytes of txt records also on this domain record, setting
				// overhead1=50 reduces the maxLen by 50. It only affects the
				// first part of the split.
				if oh, ok := txt.Metadata["overhead1"]; ok {
					i, err := strconv.Atoi(oh)
					if err != nil {
						errs = append(errs, Warning{fmt.Errorf("split overhead1 %q is not an int", oh)})
					}
					overhead1 = i
				}

				// Default txtMaxSize will not result in multiple TXT strings
				txtMaxSize := 255
				if oh, ok := txt.Metadata["txtMaxSize"]; ok {
					i, err := strconv.Atoi(oh)
					if err != nil {
						errs = append(errs, Warning{fmt.Errorf("split txtMaxSize %q is not an int", oh)})
					}
					txtMaxSize = i
				}

				if !strings.Contains(split, "%d") {
					errs = append(errs, Warning{fmt.Errorf("split format `%s` in `%s` is not proper format (missing %%d)", split, txt.GetLabelFQDN())})
					continue
				}
				recs := rec.TXTSplit(split+"."+domain.Name, overhead1, txtMaxSize)

				for _, k := range sortedKeys(recs) {
					v := recs[k]
					if k == "@" {
						txt.SetTargetTXTs(v)
					} else {
						cp, _ := txt.Copy()
						cp.SetTargetTXTs(v)
						cp.SetLabelFromFQDN(k, domain.Name)
						domain.Records = append(domain.Records, cp)
					}
				}
			}
		}
	}
	if cache == nil {
		return errs
	}
	// check if cache is stale
	for _, e := range cache.ResolveErrors() {
		errs = append(errs, Warning{fmt.Errorf("problem resolving SPF record: %s", e)})
	}
	if len(cache.ResolveErrors()) == 0 {
		changed := cache.ChangedRecords()
		if len(changed) > 0 {
			if err := cache.Save("spfcache.updated.json"); err != nil {
				errs = append(errs, err)
			} else {
				errs = append(errs, Warning{fmt.Errorf("%d spf record lookups are out of date with cache (%s).\nWrote changes to spfcache.updated.json. Please rename and commit:\n    $ mv spfcache.updated.json spfcache.json\n    $ git commit -m 'Update spfcache.json' spfcache.json", len(changed), strings.Join(changed, ","))})
			}
		}
	}
	return errs
}
Add SPF flattening feature. (#126) 2017-09-30 03:30:36 +08:00			`package normalize`

			`import (`
Switch to Go 1.13 error wrapping (#604) * Replaced errors.Wrap with fmt.Errorf (#589) * Find: errors\.Wrap\(([^,]+),\s+(["`][^"`])(["`])\) Replace: fmt.Errorf($2: %w$3, $1) Replaced errors.Wrapf with fmt.Errorf (#589) * Find: errors\.Wrapf\(([^,]+),\s+(["`][^"`])(["`])\) Replace: fmt.Errorf($2: %w$3, $1) Find: errors\.Wrapf\(([^,]+),\s+(["`][^"`])(["`])(,[^)]+)\) Replace: fmt.Errorf($2: %w$3$4, $1) * Replaced errors.Errorf with fmt.Errorf (#589) * Find: errors\.Errorf Replace: fmt.Errorf * Cleaned up remaining imports * Cleanup * Regenerate provider support matrix This was broken by #533 ... and it's now the third time this has been missed. 2020-01-29 00:06:56 +08:00			`"fmt"`
BUG: SPF split doesn't produce consistent output (#1865) 2022-12-26 22:11:52 +08:00			`"sort"`
NEW: spf flattener can make first record extra short (#781) * NEW: spf flattener can make first record extra short * fixup! 2020-07-10 00:52:49 +08:00			`"strconv"`
Add SPF flattening feature. (#126) 2017-09-30 03:30:36 +08:00			`"strings"`

Update github.com/StackExchange/dnscontrol/v2 2020-04-15 04:47:30 +08:00			`"github.com/StackExchange/dnscontrol/v3/models"`
			`"github.com/StackExchange/dnscontrol/v3/pkg/spflib"`
BUG: SPF split doesn't produce consistent output (#1865) 2022-12-26 22:11:52 +08:00			`"golang.org/x/exp/constraints"`
Add SPF flattening feature. (#126) 2017-09-30 03:30:36 +08:00			`)`

BUG: SPF split doesn't produce consistent output (#1865) 2022-12-26 22:11:52 +08:00			`func sortedKeys[K constraints.Ordered, V any](m map[K]V) []K {`
			`keys := make([]K, len(m))`
			`i := 0`
			`for k := range m {`
			`keys[i] = k`
			`i++`
			`}`
			`sort.Slice(keys, func(i, j int) bool { return keys[i] < keys[j] })`
			`return keys`
			`}`

Add SPF flattening feature. (#126) 2017-09-30 03:30:36 +08:00			`// hasSpfRecords returns true if this record requests SPF unrolling.`
			`func flattenSPFs(cfg *models.DNSConfig) []error {`
			`var cache spflib.CachingResolver`
			`var errs []error`
			`var err error`
			`for _, domain := range cfg.Domains {`
SPF Flatten for non apex domains (#1220) 2021-07-25 23:53:31 +08:00			`txtRecords := domain.Records.GetByType("TXT")`
Add SPF flattening feature. (#126) 2017-09-30 03:30:36 +08:00			`// flatten all spf records that have the "flatten" metadata`
SPF Flatten for non apex domains (#1220) 2021-07-25 23:53:31 +08:00			`for _, txt := range txtRecords {`
Add SPF flattening feature. (#126) 2017-09-30 03:30:36 +08:00			`var rec *spflib.SPFRecord`
TXT records should check length at check/preview time (#947) * TXT records should check length * Add validation to TXT generator * Split and validate long TXT targets * Add a metaparameter to TXT records to indicate autosplit is requested. * SPF_BUILDER marks TXT records as needing to be autosplit. * Validate should check for overly-long TXT targets 2020-11-18 20:05:26 +08:00			`txtTarget := strings.Join(txt.TxtStrings, "")`
Add SPF flattening feature. (#126) 2017-09-30 03:30:36 +08:00			`if txt.Metadata["flatten"] != "" \|\| txt.Metadata["split"] != "" {`
			`if cache == nil {`
			`cache, err = spflib.NewCache("spfcache.json")`
			`if err != nil {`
			`return []error{err}`
			`}`
			`}`
TXT records should check length at check/preview time (#947) * TXT records should check length * Add validation to TXT generator * Split and validate long TXT targets * Add a metaparameter to TXT records to indicate autosplit is requested. * SPF_BUILDER marks TXT records as needing to be autosplit. * Validate should check for overly-long TXT targets 2020-11-18 20:05:26 +08:00			`rec, err = spflib.Parse(txtTarget, cache)`
Add SPF flattening feature. (#126) 2017-09-30 03:30:36 +08:00			`if err != nil {`
			`errs = append(errs, err)`
			`continue`
			`}`
			`}`
TXT records should check length at check/preview time (#947) * TXT records should check length * Add validation to TXT generator * Split and validate long TXT targets * Add a metaparameter to TXT records to indicate autosplit is requested. * SPF_BUILDER marks TXT records as needing to be autosplit. * Validate should check for overly-long TXT targets 2020-11-18 20:05:26 +08:00			`if flatten, ok := txt.Metadata["flatten"]; ok && strings.HasPrefix(txtTarget, "v=spf1") {`
Add SPF flattening feature. (#126) 2017-09-30 03:30:36 +08:00			`rec = rec.Flatten(flatten)`
Refactor RecordConfig: Add getters/setters (#314) * Replace RecordConfig.Name and .NameFQDN with getters and setters. * Replace RecordConfig.Target with getters and setters. * Eliminate the CombinedTarget concept. * Add RecordConfig.PopulateFromString to reduce code in all providers. * encode and decode name.com txt records (#315) * Replace fmt.Errorf with errors.Errorf 2018-02-16 01:02:50 +08:00			`err = txt.SetTargetTXT(rec.TXT())`
			`if err != nil {`
			`errs = append(errs, err)`
			`continue`
			`}`
Add SPF flattening feature. (#126) 2017-09-30 03:30:36 +08:00			`}`
			`// now split if needed`
			`if split, ok := txt.Metadata["split"]; ok {`
NEW: spf flattener can make first record extra short (#781) * NEW: spf flattener can make first record extra short * fixup! 2020-07-10 00:52:49 +08:00
			`overhead1 := 0`
			`// overhead1: The first segment of the SPF record`
			`// needs to be shorter than the others due to the overhead of`
			`// other (non-SPF) txt records. If there are (for example) 50`
			`// bytes of txt records also on this domain record, setting`
			`// overhead1=50 reduces the maxLen by 50. It only affects the`
			`// first part of the split.`
			`if oh, ok := txt.Metadata["overhead1"]; ok {`
			`i, err := strconv.Atoi(oh)`
			`if err != nil {`
			`errs = append(errs, Warning{fmt.Errorf("split overhead1 %q is not an int", oh)})`
			`}`
			`overhead1 = i`
			`}`

SPF Optimizer: Enable the use of TXTMulti records to support longer SPF records (#794) * Add multiple string support to SPF optimizer Notes: * This implements [RFC 4408][rfc] for the SPF optimizer. Allowing for more SPF records to fit within the 10 lookups by using multiple strings. * By default the max size of the TXT remains at 255. Meaning users will still only get a single 255 length string unless they modify `txtMaxSize` and opt into this feature. * The general recommendation when using multiple strings for TXT records is to keep the size within a single UDP packet. It seems like the maximum size for this depends on a bunch of factors that are sometimes outside of your control. A similar tool has a [formula for estimating the maximum allowed size][formula]. However I felt giving a user configurable size would fit with the current configuration style that dnscontrol has. Similar to how dnscontrol recommends only flattening a record if absolutely needed, I can see this length being increased by only enough to get you within 10 lookups. [rfc]: https://tools.ietf.org/html/rfc4408#section-3.1.3 [formula]: https://github.com/oasys/mkspf/blob/master/Overhead.md * Add a nice comment for the Chunks function 2020-08-01 01:28:13 +08:00			`// Default txtMaxSize will not result in multiple TXT strings`
			`txtMaxSize := 255`
			`if oh, ok := txt.Metadata["txtMaxSize"]; ok {`
			`i, err := strconv.Atoi(oh)`
			`if err != nil {`
			`errs = append(errs, Warning{fmt.Errorf("split txtMaxSize %q is not an int", oh)})`
			`}`
			`txtMaxSize = i`
			`}`

Add SPF flattening feature. (#126) 2017-09-30 03:30:36 +08:00			`if !strings.Contains(split, "%d") {`
Lint: Fix ST1005: error strings should not be capitalized (#834) 2020-08-31 07:52:37 +08:00			errs = append(errs, Warning{fmt.Errorf("split format `%s` in `%s` is not proper format (missing %%d)", split, txt.GetLabelFQDN())})
Add SPF flattening feature. (#126) 2017-09-30 03:30:36 +08:00			`continue`
			`}`
SPF Optimizer: Enable the use of TXTMulti records to support longer SPF records (#794) * Add multiple string support to SPF optimizer Notes: * This implements [RFC 4408][rfc] for the SPF optimizer. Allowing for more SPF records to fit within the 10 lookups by using multiple strings. * By default the max size of the TXT remains at 255. Meaning users will still only get a single 255 length string unless they modify `txtMaxSize` and opt into this feature. * The general recommendation when using multiple strings for TXT records is to keep the size within a single UDP packet. It seems like the maximum size for this depends on a bunch of factors that are sometimes outside of your control. A similar tool has a [formula for estimating the maximum allowed size][formula]. However I felt giving a user configurable size would fit with the current configuration style that dnscontrol has. Similar to how dnscontrol recommends only flattening a record if absolutely needed, I can see this length being increased by only enough to get you within 10 lookups. [rfc]: https://tools.ietf.org/html/rfc4408#section-3.1.3 [formula]: https://github.com/oasys/mkspf/blob/master/Overhead.md * Add a nice comment for the Chunks function 2020-08-01 01:28:13 +08:00			`recs := rec.TXTSplit(split+"."+domain.Name, overhead1, txtMaxSize)`
BUG: SPF split doesn't produce consistent output (#1865) 2022-12-26 22:11:52 +08:00
			`for _, k := range sortedKeys(recs) {`
			`v := recs[k]`
Add SPF flattening feature. (#126) 2017-09-30 03:30:36 +08:00			`if k == "@" {`
SPF Optimizer: Enable the use of TXTMulti records to support longer SPF records (#794) * Add multiple string support to SPF optimizer Notes: * This implements [RFC 4408][rfc] for the SPF optimizer. Allowing for more SPF records to fit within the 10 lookups by using multiple strings. * By default the max size of the TXT remains at 255. Meaning users will still only get a single 255 length string unless they modify `txtMaxSize` and opt into this feature. * The general recommendation when using multiple strings for TXT records is to keep the size within a single UDP packet. It seems like the maximum size for this depends on a bunch of factors that are sometimes outside of your control. A similar tool has a [formula for estimating the maximum allowed size][formula]. However I felt giving a user configurable size would fit with the current configuration style that dnscontrol has. Similar to how dnscontrol recommends only flattening a record if absolutely needed, I can see this length being increased by only enough to get you within 10 lookups. [rfc]: https://tools.ietf.org/html/rfc4408#section-3.1.3 [formula]: https://github.com/oasys/mkspf/blob/master/Overhead.md * Add a nice comment for the Chunks function 2020-08-01 01:28:13 +08:00			`txt.SetTargetTXTs(v)`
Add SPF flattening feature. (#126) 2017-09-30 03:30:36 +08:00			`} else {`
			`cp, _ := txt.Copy()`
SPF Optimizer: Enable the use of TXTMulti records to support longer SPF records (#794) * Add multiple string support to SPF optimizer Notes: * This implements [RFC 4408][rfc] for the SPF optimizer. Allowing for more SPF records to fit within the 10 lookups by using multiple strings. * By default the max size of the TXT remains at 255. Meaning users will still only get a single 255 length string unless they modify `txtMaxSize` and opt into this feature. * The general recommendation when using multiple strings for TXT records is to keep the size within a single UDP packet. It seems like the maximum size for this depends on a bunch of factors that are sometimes outside of your control. A similar tool has a [formula for estimating the maximum allowed size][formula]. However I felt giving a user configurable size would fit with the current configuration style that dnscontrol has. Similar to how dnscontrol recommends only flattening a record if absolutely needed, I can see this length being increased by only enough to get you within 10 lookups. [rfc]: https://tools.ietf.org/html/rfc4408#section-3.1.3 [formula]: https://github.com/oasys/mkspf/blob/master/Overhead.md * Add a nice comment for the Chunks function 2020-08-01 01:28:13 +08:00			`cp.SetTargetTXTs(v)`
Refactor in preparation to unexport RecordConfig.{Name,NameFQDN,Target} (#337) * Preparing for the unexport of Name/NameFQDN/Target * Cleanups 2018-03-20 05:18:58 +08:00			`cp.SetLabelFromFQDN(k, domain.Name)`
Add SPF flattening feature. (#126) 2017-09-30 03:30:36 +08:00			`domain.Records = append(domain.Records, cp)`
			`}`
			`}`
			`}`
			`}`
			`}`
			`if cache == nil {`
			`return errs`
			`}`
			`// check if cache is stale`
			`for _, e := range cache.ResolveErrors() {`
Switch to Go 1.13 error wrapping (#604) * Replaced errors.Wrap with fmt.Errorf (#589) * Find: errors\.Wrap\(([^,]+),\s+(["`][^"`])(["`])\) Replace: fmt.Errorf($2: %w$3, $1) Replaced errors.Wrapf with fmt.Errorf (#589) * Find: errors\.Wrapf\(([^,]+),\s+(["`][^"`])(["`])\) Replace: fmt.Errorf($2: %w$3, $1) Find: errors\.Wrapf\(([^,]+),\s+(["`][^"`])(["`])(,[^)]+)\) Replace: fmt.Errorf($2: %w$3$4, $1) * Replaced errors.Errorf with fmt.Errorf (#589) * Find: errors\.Errorf Replace: fmt.Errorf * Cleaned up remaining imports * Cleanup * Regenerate provider support matrix This was broken by #533 ... and it's now the third time this has been missed. 2020-01-29 00:06:56 +08:00			`errs = append(errs, Warning{fmt.Errorf("problem resolving SPF record: %s", e)})`
Add SPF flattening feature. (#126) 2017-09-30 03:30:36 +08:00			`}`
			`if len(cache.ResolveErrors()) == 0 {`
			`changed := cache.ChangedRecords()`
			`if len(changed) > 0 {`
			`if err := cache.Save("spfcache.updated.json"); err != nil {`
			`errs = append(errs, err)`
			`} else {`
New features: DU() and getConfiguredDomains() to assist modifying domains (#800) * Added DU() and getConfiguredDomains() * Added docs for both new functions * Added a space between option and its value * Renamed "DU" to "D_EXTEND", adjusted docs * Fixed: Changed old DU() calls to D_EXTEND() 2020-08-04 21:43:02 +08:00			`errs = append(errs, Warning{fmt.Errorf("%d spf record lookups are out of date with cache (%s).\nWrote changes to spfcache.updated.json. Please rename and commit:\n $ mv spfcache.updated.json spfcache.json\n $ git commit -m 'Update spfcache.json' spfcache.json", len(changed), strings.Join(changed, ","))})`
Add SPF flattening feature. (#126) 2017-09-30 03:30:36 +08:00			`}`
			`}`
			`}`
			`return errs`
			`}`