1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
|
local adns = require "net.adns";
local inet_pton = require "util.net".pton;
local inet_ntop = require "util.net".ntop;
local idna_to_ascii = require "util.encodings".idna.to_ascii;
local unpack = table.unpack or unpack; -- luacheck: ignore 113
local methods = {};
local resolver_mt = { __index = methods };
-- FIXME RFC 6724
-- Find the next target to connect to, and
-- pass it to cb()
function methods:next(cb)
if self.targets then
if #self.targets == 0 then
cb(nil);
return;
end
local next_target = table.remove(self.targets, 1);
cb(unpack(next_target, 1, 4));
return;
end
if not self.hostname then
self.last_error = "hostname failed IDNA";
cb(nil);
return;
end
local secure = true;
local tlsa = {};
local targets = {};
local n = 3;
local function ready()
n = n - 1;
if n > 0 then return; end
self.targets = targets;
if self.extra and self.extra.use_dane then
if secure and tlsa[1] then
self.extra.tlsa = tlsa;
self.extra.dane_hostname = self.hostname;
else
self.extra.tlsa = nil;
self.extra.dane_hostname = nil;
end
end
self:next(cb);
end
-- Resolve DNS to target list
local dns_resolver = adns.resolver();
if not self.extra or self.extra.use_ipv4 ~= false then
dns_resolver:lookup(function (answer, err)
if answer then
secure = secure and answer.secure;
for _, record in ipairs(answer) do
table.insert(targets, { self.conn_type.."4", record.a, self.port, self.extra });
end
if answer.bogus then
self.last_error = "Validation error in A lookup";
elseif answer.status then
self.last_error = answer.status .. " in A lookup";
end
else
self.last_error = err;
end
ready();
end, self.hostname, "A", "IN");
else
ready();
end
if not self.extra or self.extra.use_ipv6 ~= false then
dns_resolver:lookup(function (answer, err)
if answer then
secure = secure and answer.secure;
for _, record in ipairs(answer) do
table.insert(targets, { self.conn_type.."6", record.aaaa, self.port, self.extra });
end
if answer.bogus then
self.last_error = "Validation error in AAAA lookup";
elseif answer.status then
self.last_error = answer.status .. " in AAAA lookup";
end
else
self.last_error = err;
end
ready();
end, self.hostname, "AAAA", "IN");
else
ready();
end
if self.extra and self.extra.use_dane == true then
dns_resolver:lookup(function (answer, err)
if answer then
secure = secure and answer.secure;
for _, record in ipairs(answer) do
table.insert(tlsa, record.tlsa);
end
if answer.bogus then
self.last_error = "Validation error in TLSA lookup";
elseif answer.status then
self.last_error = answer.status .. " in TLSA lookup";
end
else
self.last_error = err;
end
ready();
end, ("_%d._tcp.%s"):format(self.port, self.hostname), "TLSA", "IN");
else
ready();
end
end
local function new(hostname, port, conn_type, extra)
local ascii_host = idna_to_ascii(hostname);
local targets = nil;
conn_type = conn_type or "tcp";
local is_ip = inet_pton(hostname);
if not is_ip and hostname:sub(1,1) == '[' then
is_ip = inet_pton(hostname:sub(2,-2));
end
if is_ip then
hostname = inet_ntop(is_ip);
if #is_ip == 16 then
targets = { { conn_type.."6", hostname, port, extra } };
elseif #is_ip == 4 then
targets = { { conn_type.."4", hostname, port, extra } };
end
end
return setmetatable({
hostname = ascii_host;
port = port;
conn_type = conn_type;
extra = extra;
targets = targets;
}, resolver_mt);
end
return {
new = new;
};
|
