push.rocks/smartdns
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(rustdns-client): add Rust DNS client binary and TypeScript IPC bridge to enable UDP and DoH resolution, RDATA decoding, and DNSSEC AD/rcode support

Browse Source
This commit is contained in:
Jürgen Kunz
2026-02-11 13:02:37 +00:00
parent 9d4db39741
commit 368430d199
24 changed files with 2805 additions and 863 deletions
Download Patch File Download Diff File Expand all files Collapse all files

226
rust/crates/rustdns-protocol/src/packet.rs
View File

@@ -1,5 +1,5 @@
use crate::name::{decode_name, encode_name};
use crate::types::{QClass, QType, FLAG_QR, FLAG_AA, FLAG_RD, FLAG_RA, EDNS_DO_BIT};
use crate::types::{QClass, QType, FLAG_QR, FLAG_AA, FLAG_RD, FLAG_RA, FLAG_AD, EDNS_DO_BIT};
/// A parsed DNS question.
#[derive(Debug, Clone)]
@@ -61,6 +61,16 @@ impl DnsPacket {
}
}
/// Extract the response code (lower 4 bits of flags).
pub fn rcode(&self) -> u8 {
(self.flags & 0x000F) as u8
}
/// Check if the AD (Authenticated Data) flag is set.
pub fn has_ad_flag(&self) -> bool {
self.flags & FLAG_AD != 0
}
/// Check if DNSSEC (DO bit) is requested in the OPT record.
pub fn is_dnssec_requested(&self) -> bool {
for additional in &self.additionals {
@@ -335,6 +345,181 @@ pub fn encode_rrsig(
buf
}
// ── RDATA decoding helpers ─────────────────────────────────────────
/// Decode an A record (4 bytes -> IPv4 string).
pub fn decode_a(rdata: &[u8]) -> Result<String, &'static str> {
if rdata.len() < 4 {
return Err("A rdata too short");
}
Ok(format!("{}.{}.{}.{}", rdata[0], rdata[1], rdata[2], rdata[3]))
}
/// Decode an AAAA record (16 bytes -> IPv6 string).
pub fn decode_aaaa(rdata: &[u8]) -> Result<String, &'static str> {
if rdata.len() < 16 {
return Err("AAAA rdata too short");
}
let groups: Vec<String> = (0..8)
.map(|i| {
let val = u16::from_be_bytes([rdata[i * 2], rdata[i * 2 + 1]]);
format!("{:x}", val)
})
.collect();
// Build full form, then compress :: notation
let full = groups.join(":");
compress_ipv6(&full)
}
/// Compress a full IPv6 address to shortest form.
fn compress_ipv6(full: &str) -> Result<String, &'static str> {
let groups: Vec<&str> = full.split(':').collect();
if groups.len() != 8 {
return Ok(full.to_string());
}
// Find longest run of consecutive "0" groups
let mut best_start = None;
let mut best_len = 0usize;
let mut cur_start = None;
let mut cur_len = 0usize;
for (i, g) in groups.iter().enumerate() {
if *g == "0" {
if cur_start.is_none() {
cur_start = Some(i);
cur_len = 1;
} else {
cur_len += 1;
}
if cur_len > best_len {
best_start = cur_start;
best_len = cur_len;
}
} else {
cur_start = None;
cur_len = 0;
}
}
if best_len >= 2 {
let bs = best_start.unwrap();
let left: Vec<&str> = groups[..bs].to_vec();
let right: Vec<&str> = groups[bs + best_len..].to_vec();
let l = left.join(":");
let r = right.join(":");
if l.is_empty() && r.is_empty() {
Ok("::".to_string())
} else if l.is_empty() {
Ok(format!("::{}", r))
} else if r.is_empty() {
Ok(format!("{}::", l))
} else {
Ok(format!("{}::{}", l, r))
}
} else {
Ok(full.to_string())
}
}
/// Decode a TXT record (length-prefixed chunks -> strings).
pub fn decode_txt(rdata: &[u8]) -> Result<Vec<String>, &'static str> {
let mut strings = Vec::new();
let mut pos = 0;
while pos < rdata.len() {
let len = rdata[pos] as usize;
pos += 1;
if pos + len > rdata.len() {
return Err("TXT chunk extends beyond rdata");
}
let s = std::str::from_utf8(&rdata[pos..pos + len])
.map_err(|_| "invalid UTF-8 in TXT")?;
strings.push(s.to_string());
pos += len;
}
Ok(strings)
}
/// Decode an MX record (preference + exchange name with compression).
pub fn decode_mx(rdata: &[u8], packet: &[u8], rdata_offset: usize) -> Result<(u16, String), String> {
if rdata.len() < 3 {
return Err("MX rdata too short".into());
}
let preference = u16::from_be_bytes([rdata[0], rdata[1]]);
let (name, _) = decode_name(packet, rdata_offset + 2).map_err(|e| e.to_string())?;
Ok((preference, name))
}
/// Decode a name from RDATA (for NS, CNAME, PTR records with compression).
pub fn decode_name_rdata(_rdata: &[u8], packet: &[u8], rdata_offset: usize) -> Result<String, String> {
let (name, _) = decode_name(packet, rdata_offset).map_err(|e| e.to_string())?;
Ok(name)
}
/// SOA record decoded fields.
#[derive(Debug, Clone)]
pub struct SoaData {
pub mname: String,
pub rname: String,
pub serial: u32,
pub refresh: u32,
pub retry: u32,
pub expire: u32,
pub minimum: u32,
}
/// Decode a SOA record RDATA.
pub fn decode_soa(rdata: &[u8], packet: &[u8], rdata_offset: usize) -> Result<SoaData, String> {
let (mname, consumed1) = decode_name(packet, rdata_offset).map_err(|e| e.to_string())?;
let (rname, consumed2) = decode_name(packet, rdata_offset + consumed1).map_err(|e| e.to_string())?;
let nums_offset = consumed1 + consumed2;
if rdata.len() < nums_offset + 20 {
return Err("SOA rdata too short for numeric fields".into());
}
let serial = u32::from_be_bytes([
rdata[nums_offset], rdata[nums_offset + 1],
rdata[nums_offset + 2], rdata[nums_offset + 3],
]);
let refresh = u32::from_be_bytes([
rdata[nums_offset + 4], rdata[nums_offset + 5],
rdata[nums_offset + 6], rdata[nums_offset + 7],
]);
let retry = u32::from_be_bytes([
rdata[nums_offset + 8], rdata[nums_offset + 9],
rdata[nums_offset + 10], rdata[nums_offset + 11],
]);
let expire = u32::from_be_bytes([
rdata[nums_offset + 12], rdata[nums_offset + 13],
rdata[nums_offset + 14], rdata[nums_offset + 15],
]);
let minimum = u32::from_be_bytes([
rdata[nums_offset + 16], rdata[nums_offset + 17],
rdata[nums_offset + 18], rdata[nums_offset + 19],
]);
Ok(SoaData { mname, rname, serial, refresh, retry, expire, minimum })
}
/// SRV record decoded fields.
#[derive(Debug, Clone)]
pub struct SrvData {
pub priority: u16,
pub weight: u16,
pub port: u16,
pub target: String,
}
/// Decode a SRV record RDATA.
pub fn decode_srv(rdata: &[u8], packet: &[u8], rdata_offset: usize) -> Result<SrvData, String> {
if rdata.len() < 7 {
return Err("SRV rdata too short".into());
}
let priority = u16::from_be_bytes([rdata[0], rdata[1]]);
let weight = u16::from_be_bytes([rdata[2], rdata[3]]);
let port = u16::from_be_bytes([rdata[4], rdata[5]]);
let (target, _) = decode_name(packet, rdata_offset + 6).map_err(|e| e.to_string())?;
Ok(SrvData { priority, weight, port, target })
}
/// Build a DnsRecord from high-level data.
pub fn build_record(name: &str, rtype: QType, ttl: u32, rdata: Vec<u8>) -> DnsRecord {
DnsRecord {
@@ -416,6 +601,45 @@ mod tests {
assert_eq!(&data[7..12], b"world");
}
#[test]
fn test_decode_a() {
let rdata = encode_a("192.168.1.1");
let decoded = decode_a(&rdata).unwrap();
assert_eq!(decoded, "192.168.1.1");
}
#[test]
fn test_decode_aaaa() {
let rdata = encode_aaaa("::1");
let decoded = decode_aaaa(&rdata).unwrap();
assert_eq!(decoded, "::1");
let rdata2 = encode_aaaa("2001:db8::1");
let decoded2 = decode_aaaa(&rdata2).unwrap();
assert_eq!(decoded2, "2001:db8::1");
}
#[test]
fn test_decode_txt() {
let strings = vec!["hello".to_string(), "world".to_string()];
let rdata = encode_txt(&strings);
let decoded = decode_txt(&rdata).unwrap();
assert_eq!(decoded, strings);
}
#[test]
fn test_rcode_and_ad_flag() {
let mut pkt = DnsPacket::new_query(1);
assert_eq!(pkt.rcode(), 0);
assert!(!pkt.has_ad_flag());
pkt.flags |= crate::types::FLAG_AD;
assert!(pkt.has_ad_flag());
pkt.flags |= 0x0003; // NXDOMAIN
assert_eq!(pkt.rcode(), 3);
}
#[test]
fn test_dnssec_do_bit() {
let mut query = DnsPacket::new_query(1);

3
rust/crates/rustdns-protocol/src/types.rs
View File

@@ -127,5 +127,8 @@ pub const FLAG_AA: u16 = 0x0400;
pub const FLAG_RD: u16 = 0x0100;
pub const FLAG_RA: u16 = 0x0080;
/// Authenticated Data flag
pub const FLAG_AD: u16 = 0x0020;
/// OPT record DO bit (DNSSEC OK)
pub const EDNS_DO_BIT: u16 = 0x8000;