6.2.1

changelog.md

@@ -1,5 +1,19 @@
 # Changelog
 
+## 2024-09-21 - 6.2.1 - fix(core)
+Fixing issues with keywords and readme formatting.
+
+- Synchronized keywords field between npmextra.json and package.json.
+- Updated readme.md to fix formatting issues and added new sections.
+
+## 2024-09-19 - 6.2.0 - feat(dnssec)
+Introduced DNSSEC support with ECDSA algorithm
+
+- Added `DnsSec` class for handling DNSSEC operations.
+- Updated `DnsServer` to support DNSSEC with ECDSA.
+- Shifted DNS-related helper functions to `DnsServer` class.
+- Integrated parsing and handling of DNSKEY and RRSIG records in `DnsServer`.
+
 ## 2024-09-19 - 6.1.1 - fix(ts_server)
 Update DnsSec class to fully implement key generation and DNSKEY record creation.
 

npmextra.json

@@ -9,14 +9,17 @@
       "npmPackagename": "@push.rocks/smartdns",
       "license": "MIT",
       "keywords": [
-        "DNS",
         "TypeScript",
+        "DNS",
+        "DNS records",
+        "DNS resolution",
+        "DNS management",
+        "DNSSEC",
         "Node.js",
         "Google DNS",
         "Cloudflare",
-        "DNS records",
-        "DNS resolution",
-        "DNSSEC"
+        "UDP DNS",
+        "HTTPS DNS"
       ]
     }
   },

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@push.rocks/smartdns",
-  "version": "6.1.1",
+  "version": "6.2.1",
   "private": false,
   "description": "A TypeScript library for smart DNS methods, supporting various DNS records and providers.",
   "exports": {
@@ -18,14 +18,17 @@
     "url": "https://code.foss.global/push.rocks/smartdns.git"
   },
   "keywords": [
-    "DNS",
     "TypeScript",
+    "DNS",
+    "DNS records",
+    "DNS resolution",
+    "DNS management",
+    "DNSSEC",
     "Node.js",
     "Google DNS",
     "Cloudflare",
-    "DNS records",
-    "DNS resolution",
-    "DNSSEC"
+    "UDP DNS",
+    "HTTPS DNS"
   ],
   "author": "Lossless GmbH",
   "license": "MIT",

readme.md

@@ -1,6 +1,5 @@
 # @push.rocks/smartdns
-
-smart dns methods written in TypeScript
+A TypeScript library for smart DNS methods, supporting various DNS records and providers.
 
 ## Install
 
@@ -16,7 +15,7 @@ Or with `yarn`:
 yarn add @push.rocks/smartdns
 ```
 
-Make sure you have a TypeScript environment setup to utilize the library effectively.
+Make sure you have a TypeScript environment set up to utilize the library effectively.
 
 ## Usage
 
@@ -39,6 +38,8 @@ Often, the need arises to fetch various DNS records for a domain. `@push.rocks/s
 To fetch an "A" record for a domain:
 
 ```typescript
+import { Smartdns } from '@push.rocks/smartdns';
+
 const dnsManager = new Smartdns({});
 const aRecords = await dnsManager.getRecordsA('example.com');
 console.log(aRecords);
@@ -53,6 +54,15 @@ const aaaaRecords = await dnsManager.getRecordsAAAA('example.com');
 console.log(aaaaRecords);
 ```
 
+#### Fetching TXT Records
+
+For "TXT" records:
+
+```typescript
+const txtRecords = await dnsManager.getRecordsTxt('example.com');
+console.log(txtRecords);
+```
+
 ### Advanced DNS Management
 
 Beyond simple queries, `@push.rocks/smartdns` offers functionalities suitable for more complex DNS management scenarios.
@@ -94,6 +104,258 @@ if (featureFlags['NewFeature']) {
 }
 ```
 
+### DNS Server Implementation
+
+To implement a DNS server, `@push.rocks/smartdns` includes classes and methods to set up a UDP and HTTPS DNS server supporting DNSSEC.
+
+#### Basic DNS Server Example
+
+Here's a basic example of a UDP/HTTPS DNS server:
+
+```typescript
+import { DnsServer } from '@push.rocks/smartdns';
+
+const dnsServer = new DnsServer({
+  httpsKey: 'path/to/key.pem',
+  httpsCert: 'path/to/cert.pem',
+  httpsPort: 443,
+  udpPort: 53,
+  dnssecZone: 'example.com',
+});
+
+dnsServer.registerHandler('*.example.com', ['A'], (question) => ({
+  name: question.name,
+  type: 'A',
+  class: 'IN',
+  ttl: 300,
+  data: '127.0.0.1',
+}));
+
+dnsServer.start().then(() => console.log('DNS Server started'));
+```
+
+### DNSSEC Support
+
+`@push.rocks/smartdns` provides support for DNSSEC, including the generation, signing, and validation of DNS records.
+
+#### DNSSEC Configuration
+
+To configure DNSSEC for your DNS server:
+
+```typescript
+import { DnsServer } from '@push.rocks/smartdns';
+
+const dnsServer = new DnsServer({
+  httpsKey: 'path/to/key.pem',
+  httpsCert: 'path/to/cert.pem',
+  httpsPort: 443,
+  udpPort: 53,
+  dnssecZone: 'example.com',
+});
+
+dnsServer.registerHandler('*.example.com', ['A'], (question) => ({
+  name: question.name,
+  type: 'A',
+  class: 'IN',
+  ttl: 300,
+  data: '127.0.0.1',
+}));
+
+dnsServer.start().then(() => console.log('DNS Server with DNSSEC started'));
+```
+
+This setup ensures that DNS records are signed and can be verified for authenticity.
+
+### Handling DNS Queries Over Different Protocols
+
+The library supports handling DNS queries over UDP and HTTPS.
+
+#### Handling UDP Queries
+
+UDP is the traditional means of DNS query transport. 
+
+```typescript
+import { DnsServer } from '@push.rocks/smartdns';
+import dgram from 'dgram';
+
+dnsServer.registerHandler('*.example.com', ['A'], (question) => ({
+  name: question.name,
+  type: 'A',
+  class: 'IN',
+  ttl: 300,
+  data: '127.0.0.1',
+}));
+
+dnsServer.start().then(() => {
+  console.log('UDP DNS Server started on port', dnsServer.getOptions().udpPort);
+});
+
+const client = dgram.createSocket('udp4');
+
+client.on('message', (msg, rinfo) => {
+  console.log(`Received ${msg} from ${rinfo.address}:${rinfo.port}`);
+});
+
+client.send(Buffer.from('example DNS query'), dnsServer.getOptions().udpPort, 'localhost');
+```
+
+#### Handling HTTPS Queries
+
+DNS over HTTPS (DoH) is increasingly adopted for privacy and security.
+
+```typescript
+import { DnsServer } from '@push.rocks/smartdns';
+import https from 'https';
+import fs from 'fs';
+
+const dnsServer = new DnsServer({
+  httpsKey: fs.readFileSync('path/to/key.pem'),
+  httpsCert: fs.readFileSync('path/to/cert.pem'),
+  httpsPort: 443,
+  udpPort: 53,
+  dnssecZone: 'example.com',
+});
+
+dnsServer.registerHandler('*.example.com', ['A'], (question) => ({
+  name: question.name,
+  type: 'A',
+  class: 'IN',
+  ttl: 300,
+  data: '127.0.0.1',
+}));
+
+dnsServer.start().then(() => console.log('HTTPS DNS Server started'));
+
+const client = https.request({
+  hostname: 'localhost',
+  port: 443,
+  path: '/dns-query',
+  method: 'POST',
+  headers: {
+    'Content-Type': 'application/dns-message'
+  }
+}, (res) => {
+  res.on('data', (d) => {
+    process.stdout.write(d);
+  });
+});
+
+client.on('error', (e) => {
+  console.error(e);
+});
+
+client.write(Buffer.from('example DNS query'));
+client.end();
+```
+
+### Testing
+
+To ensure that the DNS server behaves as expected, it is important to write tests for various scenarios.
+
+#### DNS Server Tests
+
+Here is an example of how to test the DNS server with TAP:
+
+```typescript
+import { expect, tap } from '@push.rocks/tapbundle';
+
+import { DnsServer } from '@push.rocks/smartdns';
+
+let dnsServer: DnsServer;
+
+tap.test('should create an instance of DnsServer', async () => {
+  dnsServer = new DnsServer({
+    httpsKey: 'path/to/key.pem',
+    httpsCert: 'path/to/cert.pem',
+    httpsPort: 443,
+    udpPort: 53,
+    dnssecZone: 'example.com',
+  });
+  expect(dnsServer).toBeInstanceOf(DnsServer);
+});
+
+tap.test('should start the server', async () => {
+  await dnsServer.start();
+  expect(dnsServer.isRunning()).toBeTrue();
+});
+
+tap.test('should add a DNS handler', async () => {
+  dnsServer.registerHandler('*.example.com', ['A'], (question) => ({
+    name: question.name,
+    type: 'A',
+    class: 'IN',
+    ttl: 300,
+    data: '127.0.0.1',
+  }));
+
+  const response = dnsServer.processDnsRequest({
+    type: 'query',
+    id: 1,
+    flags: 0,
+    questions: [
+      {
+        name: 'test.example.com',
+        type: 'A',
+        class: 'IN',
+      },
+    ],
+    answers: [],
+  });
+
+  expect(response.answers[0]).toEqual({
+    name: 'test.example.com',
+    type: 'A',
+    class: 'IN',
+    ttl: 300,
+    data: '127.0.0.1',
+  });
+});
+
+tap.test('should query the server over HTTP', async () => {
+  // Assuming fetch or any HTTP client is available
+  const query = dnsPacket.encode({
+    type: 'query',
+    id: 2,
+    flags: dnsPacket.RECURSION_DESIRED,
+    questions: [
+      {
+        name: 'test.example.com',
+        type: 'A',
+        class: 'IN',
+      },
+    ],
+  });
+
+  const response = await fetch('https://localhost:443/dns-query', {
+    method: 'POST',
+    body: query,
+    headers: {
+      'Content-Type': 'application/dns-message',
+    }
+  });
+
+  expect(response.status).toEqual(200);
+
+  const responseData = await response.arrayBuffer();
+  const dnsResponse = dnsPacket.decode(Buffer.from(responseData));
+
+  expect(dnsResponse.answers[0]).toEqual({
+    name: 'test.example.com',
+    type: 'A',
+    class: 'IN',
+    ttl: 300,
+    data: '127.0.0.1',
+  });
+});
+
+tap.test('should stop the server', async () => {
+  await dnsServer.stop();
+  expect(dnsServer.isRunning()).toBeFalse();
+});
+
+await tap.start();
+```
+
 ### Conclusion
 
 `@push.rocks/smartdns` offers a versatile set of tools for DNS querying and management, tailored for applications at any scale. The examples provided illustrate the library's potential use cases, highlighting its applicability in various scenarios from basic lookups to facilitating complex application features through DNS.
@@ -102,8 +364,6 @@ For the full spectrum of functionalities, including detailed method documentatio
 
 Remember, DNS changes might take time to propagate worldwide, and the utility methods provided by `@push.rocks/smartdns` for checking record availability will be invaluable in managing these changes seamlessly.
 
-
-
 ## License and Legal Information
 
 This repository contains open-source code that is licensed under the MIT License. A copy of the MIT License can be found in the [license](license) file within this repository. 

ts_server/classes.dnssec.ts

@@ -69,7 +69,7 @@ export class DnsSec {
     return { privateKey, publicKey };
   }
 
-  private getAlgorithmNumber(): number {
+  public getAlgorithmNumber(): number {
     switch (this.zone.algorithm) {
       case 'ECDSA':
         return 13; // ECDSAP256SHA256

ts_server/classes.dnsserver.ts

@@ -1,16 +1,46 @@
 import * as plugins from './plugins.js';
+import { DnsSec } from './classes.dnssec.js';
+import * as dnsPacket from 'dns-packet';
 
 interface IDnsServerOptions {
   httpsKey: string;
   httpsCert: string;
   httpsPort: number;
   udpPort: number;
+  dnssecZone: string;
+}
+
+interface DnsAnswer {
+  name: string;
+  type: string;
+  class: string | number;
+  ttl: number;
+  data: any;
 }
 
 interface IDnsHandler {
   domainPattern: string;
   recordTypes: string[];
-  handler: (question: plugins.dnsPacket.Question) => plugins.dnsPacket.Answer | null;
+  handler: (question: dnsPacket.Question) => DnsAnswer | null;
+}
+
+// Define types for DNSSEC records if not provided
+interface DNSKEYData {
+  flags: number;
+  algorithm: number;
+  key: Buffer;
+}
+
+interface RRSIGData {
+  typeCovered: string; // Changed to string to match dns-packet expectations
+  algorithm: number;
+  labels: number;
+  originalTTL: number;
+  expiration: number;
+  inception: number;
+  keyTag: number;
+  signerName: string;
+  signature: Buffer;
 }
 
 export class DnsServer {
@@ -18,30 +48,75 @@ export class DnsServer {
   private httpsServer: plugins.https.Server;
   private handlers: IDnsHandler[] = [];
 
-  constructor(private options: IDnsServerOptions) {}
+  // DNSSEC related properties
+  private dnsSec: DnsSec;
+  private dnskeyRecord: DNSKEYData;
+  private keyTag: number;
+
+  constructor(private options: IDnsServerOptions) {
+    // Initialize DNSSEC
+    this.dnsSec = new DnsSec({
+      zone: options.dnssecZone,
+      algorithm: 'ECDSA', // You can change this based on your needs
+      keySize: 256,
+      days: 365,
+    });
+
+    // Generate DNSKEY and DS records
+    const { dsRecord, dnskeyRecord } = this.dnsSec.getDsAndKeyPair();
+
+    // Parse DNSKEY record into dns-packet format
+    this.dnskeyRecord = this.parseDNSKEYRecord(dnskeyRecord);
+    this.keyTag = this.computeKeyTag(this.dnskeyRecord);
+  }
 
   public registerHandler(
     domainPattern: string,
     recordTypes: string[],
-    handler: (question: plugins.dnsPacket.Question) => plugins.dnsPacket.Answer | null
+    handler: (question: dnsPacket.Question) => DnsAnswer | null
   ): void {
     this.handlers.push({ domainPattern, recordTypes, handler });
   }
 
-  private processDnsRequest(request: plugins.dnsPacket.Packet): plugins.dnsPacket.Packet {
-    const response: plugins.dnsPacket.Packet = {
+  private processDnsRequest(request: dnsPacket.Packet): dnsPacket.Packet {
+    const response: dnsPacket.Packet = {
       type: 'response',
       id: request.id,
-      flags: plugins.dnsPacket.RECURSION_DESIRED | plugins.dnsPacket.RECURSION_AVAILABLE,
+      flags:
+        dnsPacket.AUTHORITATIVE_ANSWER |
+        dnsPacket.RECURSION_AVAILABLE |
+        (request.flags & dnsPacket.RECURSION_DESIRED ? dnsPacket.RECURSION_DESIRED : 0),
       questions: request.questions,
       answers: [],
+      additionals: [],
     };
 
+    const dnssecRequested = this.isDnssecRequested(request);
+
     for (const question of request.questions) {
       console.log(`Query for ${question.name} of type ${question.type}`);
 
       let answered = false;
 
+      // Handle DNSKEY queries if DNSSEC is requested
+      if (dnssecRequested && question.type === 'DNSKEY' && question.name === this.options.dnssecZone) {
+        const dnskeyAnswer: DnsAnswer = {
+          name: question.name,
+          type: 'DNSKEY',
+          class: 'IN',
+          ttl: 3600,
+          data: this.dnskeyRecord,
+        };
+        response.answers.push(dnskeyAnswer as plugins.dnsPacket.Answer);
+
+        // Sign the DNSKEY RRset
+        const rrsig = this.generateRRSIG('DNSKEY', [dnskeyAnswer], question.name);
+        response.answers.push(rrsig as plugins.dnsPacket.Answer);
+
+        answered = true;
+        continue;
+      }
+
       for (const handlerEntry of this.handlers) {
         if (
           plugins.minimatch.minimatch(question.name, handlerEntry.domainPattern) &&
@@ -49,7 +124,20 @@ export class DnsServer {
         ) {
           const answer = handlerEntry.handler(question);
           if (answer) {
-            response.answers.push(answer);
+            // Ensure the answer has ttl and class
+            const dnsAnswer: DnsAnswer = {
+              ...answer,
+              ttl: answer.ttl || 300,
+              class: answer.class || 'IN',
+            };
+            response.answers.push(dnsAnswer as plugins.dnsPacket.Answer);
+
+            if (dnssecRequested) {
+              // Sign the answer RRset
+              const rrsig = this.generateRRSIG(question.type, [dnsAnswer], question.name);
+              response.answers.push(rrsig as plugins.dnsPacket.Answer);
+            }
+
             answered = true;
             break;
           }
@@ -58,23 +146,193 @@ export class DnsServer {
 
       if (!answered) {
         console.log(`No handler found for ${question.name} of type ${question.type}`);
+        response.flags |= dnsPacket.AUTHORITATIVE_ANSWER;
+        const soaAnswer: DnsAnswer = {
+          name: question.name,
+          type: 'SOA',
+          class: 'IN',
+          ttl: 3600,
+          data: {
+            mname: `ns1.${this.options.dnssecZone}`,
+            rname: `hostmaster.${this.options.dnssecZone}`,
+            serial: Math.floor(Date.now() / 1000),
+            refresh: 3600,
+            retry: 600,
+            expire: 604800,
+            minimum: 86400,
+          },
+        };
+        response.answers.push(soaAnswer as plugins.dnsPacket.Answer);
       }
     }
 
     return response;
   }
 
+  private isDnssecRequested(request: dnsPacket.Packet): boolean {
+    if (!request.additionals) return false;
+    for (const additional of request.additionals) {
+      if (additional.type === 'OPT' && typeof additional.flags === 'number') {
+        // The DO bit is the 15th bit (0x8000)
+        if (additional.flags & 0x8000) {
+          return true;
+        }
+      }
+    }
+    return false;
+  }
+
+  private generateRRSIG(
+    type: string,
+    rrset: DnsAnswer[],
+    name: string
+  ): DnsAnswer {
+    // Prepare RRSIG data
+    const algorithm = this.dnsSec.getAlgorithmNumber();
+    const keyTag = this.keyTag;
+    const signerName = this.options.dnssecZone.endsWith('.') ? this.options.dnssecZone : `${this.options.dnssecZone}.`;
+    const inception = Math.floor(Date.now() / 1000) - 3600; // 1 hour ago
+    const expiration = inception + 86400; // Valid for 1 day
+    const ttl = rrset[0].ttl || 300;
+
+    // Serialize the RRset in canonical form
+    const rrsetBuffer = this.serializeRRset(rrset);
+
+    // Sign the RRset
+    const signature = this.dnsSec.signData(rrsetBuffer);
+
+    // Construct the RRSIG record
+    const rrsig: DnsAnswer = {
+      name,
+      type: 'RRSIG',
+      class: 'IN',
+      ttl,
+      data: {
+        typeCovered: type, // Changed to type string
+        algorithm,
+        labels: name.split('.').length - 1,
+        originalTTL: ttl,
+        expiration,
+        inception,
+        keyTag,
+        signerName,
+        signature: signature,
+      },
+    };
+
+    return rrsig;
+  }
+
+  private serializeRRset(rrset: DnsAnswer[]): Buffer {
+    // Implement canonical DNS RRset serialization as per RFC 4034 Section 6
+    const buffers: Buffer[] = [];
+    for (const rr of rrset) {
+      if (rr.type === 'OPT') {
+        continue; // Skip OPT records
+      }
+
+      const name = rr.name.endsWith('.') ? rr.name : rr.name + '.';
+      const nameBuffer = this.nameToBuffer(name.toLowerCase());
+
+      const typeValue = this.qtypeToNumber(rr.type);
+      const typeBuffer = Buffer.alloc(2);
+      typeBuffer.writeUInt16BE(typeValue, 0);
+
+      const classValue = this.classToNumber(rr.class);
+      const classBuffer = Buffer.alloc(2);
+      classBuffer.writeUInt16BE(classValue, 0);
+
+      const ttlValue = rr.ttl || 300;
+      const ttlBuffer = Buffer.alloc(4);
+      ttlBuffer.writeUInt32BE(ttlValue, 0);
+
+      // Serialize the data based on the record type
+      const dataBuffer = this.serializeRData(rr.type, rr.data);
+
+      const rdLengthBuffer = Buffer.alloc(2);
+      rdLengthBuffer.writeUInt16BE(dataBuffer.length, 0);
+
+      buffers.push(Buffer.concat([nameBuffer, typeBuffer, classBuffer, ttlBuffer, rdLengthBuffer, dataBuffer]));
+    }
+    return Buffer.concat(buffers);
+  }
+
+  private serializeRData(type: string, data: any): Buffer {
+    // Implement serialization for each record type you support
+    switch (type) {
+      case 'A':
+        return Buffer.from(data.split('.').map((octet: string) => parseInt(octet, 10)));
+      case 'AAAA':
+        // Handle IPv6 addresses
+        return Buffer.from(data.split(':').flatMap((segment: string) => {
+          const num = parseInt(segment, 16);
+          return [num >> 8, num & 0xff];
+        }));
+      case 'DNSKEY':
+        const dnskeyData: DNSKEYData = data;
+        return Buffer.concat([
+          Buffer.from([dnskeyData.flags >> 8, dnskeyData.flags & 0xff]),
+          Buffer.from([3]), // Protocol field, always 3
+          Buffer.from([dnskeyData.algorithm]),
+          dnskeyData.key,
+        ]);
+      case 'SOA':
+        // Implement SOA record serialization if needed
+        // For now, return an empty buffer or handle as needed
+        return Buffer.alloc(0);
+      // Add cases for other record types as needed
+      default:
+        throw new Error(`Serialization for record type ${type} is not implemented.`);
+    }
+  }
+
+  private parseDNSKEYRecord(dnskeyRecord: string): DNSKEYData {
+    // Parse the DNSKEY record string into dns-packet format
+    const parts = dnskeyRecord.trim().split(/\s+/);
+    const flags = parseInt(parts[3], 10);
+    const algorithm = parseInt(parts[5], 10);
+    const publicKeyBase64 = parts.slice(6).join('');
+    const key = Buffer.from(publicKeyBase64, 'base64');
+
+    return {
+      flags,
+      algorithm,
+      key,
+    };
+  }
+
+  private computeKeyTag(dnskeyRecord: DNSKEYData): number {
+    // Compute key tag as per RFC 4034 Appendix B
+    const flags = dnskeyRecord.flags;
+    const algorithm = dnskeyRecord.algorithm;
+    const key = dnskeyRecord.key;
+
+    const dnskeyRdata = Buffer.concat([
+      Buffer.from([flags >> 8, flags & 0xff]),
+      Buffer.from([3]), // Protocol field, always 3
+      Buffer.from([algorithm]),
+      key,
+    ]);
+
+    let acc = 0;
+    for (let i = 0; i < dnskeyRdata.length; i++) {
+      acc += (i & 1) ? dnskeyRdata[i] : dnskeyRdata[i] << 8;
+    }
+    acc += (acc >> 16) & 0xffff;
+    return acc & 0xffff;
+  }
+
   private handleHttpsRequest(req: plugins.http.IncomingMessage, res: plugins.http.ServerResponse): void {
     if (req.method === 'POST' && req.url === '/dns-query') {
       let body: Buffer[] = [];
 
-      req.on('data', chunk => {
+      req.on('data', (chunk) => {
         body.push(chunk);
       }).on('end', () => {
         const msg = Buffer.concat(body);
-        const request = plugins.dnsPacket.decode(msg);
+        const request = dnsPacket.decode(msg);
         const response = this.processDnsRequest(request);
-        const responseData = plugins.dnsPacket.encode(response);
+        const responseData = dnsPacket.encode(response);
         res.writeHead(200, { 'Content-Type': 'application/dns-message' });
         res.end(responseData);
       });
@@ -95,9 +353,9 @@ export class DnsServer {
 
     this.udpServer = plugins.dgram.createSocket('udp4');
     this.udpServer.on('message', (msg, rinfo) => {
-      const request = plugins.dnsPacket.decode(msg);
+      const request = dnsPacket.decode(msg);
       const response = this.processDnsRequest(request);
-      const responseData = plugins.dnsPacket.encode(response);
+      const responseData = dnsPacket.encode(response);
       this.udpServer.send(responseData, rinfo.port, rinfo.address);
     });
 
@@ -108,6 +366,7 @@ export class DnsServer {
 
     const udpListeningDeferred = plugins.smartpromise.defer<void>();
     const httpsListeningDeferred = plugins.smartpromise.defer<void>();
+
     try {
       this.udpServer.bind(this.options.udpPort, '0.0.0.0', () => {
         console.log(`UDP DNS server running on port ${this.options.udpPort}`);
@@ -144,4 +403,49 @@ export class DnsServer {
 
     await Promise.all([doneUdp.promise, doneHttps.promise]);
   }
+
+  // Helper methods
+
+  private qtypeToNumber(type: string): number {
+    const QTYPE_NUMBERS: { [key: string]: number } = {
+      'A': 1,
+      'NS': 2,
+      'CNAME': 5,
+      'SOA': 6,
+      'PTR': 12,
+      'MX': 15,
+      'TXT': 16,
+      'AAAA': 28,
+      'SRV': 33,
+      'DNSKEY': 48,
+      'RRSIG': 46,
+      // Add more as needed
+    };
+    return QTYPE_NUMBERS[type.toUpperCase()] || 0;
+  }
+
+  private classToNumber(cls: string | number): number {
+    const CLASS_NUMBERS: { [key: string]: number } = {
+      'IN': 1,
+      'CH': 3,
+      'HS': 4,
+      // Add more as needed
+    };
+    if (typeof cls === 'number') {
+      return cls;
+    }
+    return CLASS_NUMBERS[cls.toUpperCase()] || 1;
+  }
+
+  private nameToBuffer(name: string): Buffer {
+    const labels = name.split('.');
+    const buffers = labels.map(label => {
+      const len = Buffer.byteLength(label, 'utf8');
+      const buf = Buffer.alloc(1 + len);
+      buf.writeUInt8(len, 0);
+      buf.write(label, 1);
+      return buf;
+    });
+    return Buffer.concat([...buffers, Buffer.from([0])]); // Add root label
+  }
 }

ts_server/plugins.ts

@@ -21,7 +21,7 @@ export {
 }
 
 // third party
-import * as elliptic from 'elliptic';
+import elliptic from 'elliptic';
 import * as dnsPacket from 'dns-packet';
 import * as minimatch from 'minimatch';