joeig / go-powerdns Goto Github PK

Is it possible to make a PowerDNS mock server based on the tests?

Hello,
using this code:

_, err := pdns.Zones.AddNative("example.org", false, "", false, "", "", true, []string{"localhost."})
if err != nil {
		fmt.Println(err)
	}

I have this error:

invalid character '<' looking for beginning of value

I've been brute forcing an effort today to figure out how to make a reverse record (PTR), and I just cannot figure it out. It would be good to have an example for reverse records.

Here's some code that I've used to try and run through all the options I can think of. Warning, it's long...

// IP addr: 10.1.2.3
ip := "10.1.2.3"
fqdn := "host.example.com"
zone := "10.in-addr.arpa."
record := "3.2.1"
rip := "3.2.1.10"

err = pdns.Records.Add(ctx, zone, fqdn, powerdns.RRTypePTR, 60, []string{fmt.Sprintf("%s.in-addr.arpa.", ip)})
if err != nil {
log.Warn().Msgf("errored at 1 %v", err)
}

// name is full, non-reversed ip, content is fqdn
err = pdns.Records.Add(ctx, zone, fmt.Sprintf("%s.in-addr.arpa.", ip), powerdns.RRTypePTR, 60, []string{fqdn})
if err != nil {
log.Warn().Msgf("errored at 2 %v", err)
}

// name is fqdn, record is our truncated, reversed ip
err = pdns.Records.Add(ctx, zone, fqdn, powerdns.RRTypePTR, 60, []string{fmt.Sprintf("%s.in-addr.arpa.", record)})
if err != nil {
log.Warn().Msgf("errored at 3 %v", err)
}

// name is truncated, reversed ip record is our fqdn
err = pdns.Records.Add(ctx, zone, fmt.Sprintf("%s.in-addr.arpa.", record), powerdns.RRTypePTR, 60, []string{fqdn})
if err != nil {
log.Warn().Msgf("errored at 4 %v", err)
}

// name is fqdn, record is full, reversed ip
err = pdns.Records.Add(ctx, zone, fqdn, powerdns.RRTypePTR, 60, []string{fmt.Sprintf("%s.in-addr.arpa.", rip)})
if err != nil {
log.Warn().Msgf("errored at 5 %v", err)
}

// name is full, reversed ip, record is fqdn
err = pdns.Records.Add(ctx, zone, fmt.Sprintf("%s.in-addr.arpa.", rip), powerdns.RRTypePTR, 60, []string{fqdn})
if err != nil {
log.Warn().Msgf("errored at 6 %v", err)
}

// Same as above but without the ".in-addr.arpa."
err = pdns.Records.Add(ctx, zone, fqdn, powerdns.RRTypePTR, 60, []string{ip})
if err != nil {
log.Warn().Msgf("errored at 7 %v", err)
}

// name is full, non-reversed ip, content is fqdn
err = pdns.Records.Add(ctx, zone, ip, powerdns.RRTypePTR, 60, []string{fqdn})
if err != nil {
log.Warn().Msgf("errored at 8 %v", err)
}

// name is fqdn, record is our truncated, reversed ip
err = pdns.Records.Add(ctx, zone, fqdn, powerdns.RRTypePTR, 60, []string{record})
if err != nil {
log.Warn().Msgf("errored at 9 %v", err)
}

// name is truncated, reversed ip record is our fqdn
err = pdns.Records.Add(ctx, zone, record, powerdns.RRTypePTR, 60, []string{fqdn})
if err != nil {
log.Warn().Msgf("errored at 10 %v", err)
}

// name is fqdn, record is full, reversed ip
err = pdns.Records.Add(ctx, zone, fqdn, powerdns.RRTypePTR, 60, []string{rip})
if err != nil {
log.Warn().Msgf("errored at 11 %v", err)
}

// name is full, reversed ip, record is fqdn
err = pdns.Records.Add(ctx, zone, rip, powerdns.RRTypePTR, 60, []string{fqdn})
if err != nil {
log.Warn().Msgf("errored at 12 %v", err)
}
}

That code when run generates the following:

5:43PM WRN errored at 1 RRset host.example.com. IN PTR: Name is out of zone
5:43PM WRN errored at 2 RRset 10.1.2.3.in-addr.arpa. IN PTR: Name is out of zone
5:43PM WRN errored at 3 RRset host.example.com. IN PTR: Name is out of zone
5:43PM WRN errored at 4 RRset 3.2.1.in-addr.arpa. IN PTR: Name is out of zone
5:43PM WRN errored at 5 RRset host.example.com. IN PTR: Name is out of zone
5:43PM WRN errored at 6 Record 3.2.1.10.in-addr.arpa./PTR 'host.example.com': Not in expected format (parsed as 'host.example.com.')
5:43PM WRN errored at 7 RRset host.example.com. IN PTR: Name is out of zone
5:43PM WRN errored at 8 RRset 10.1.2.3. IN PTR: Name is out of zone
5:43PM WRN errored at 9 RRset host.example.com. IN PTR: Name is out of zone
5:43PM WRN errored at 10 RRset 3.2.1. IN PTR: Name is out of zone
5:43PM WRN errored at 11 RRset host.example.com. IN PTR: Name is out of zone
5:43PM WRN errored at 12 RRset 3.2.1.10. IN PTR: Name is out of zone

In other words, I've tried the following combinations (along with everything below, but with .in-addr.arpa. added to the IP addresses:

I can't think of any other options to try here, so I must be missing something (probably something obvious).

I would expect either the record name or the value to be something like 3.2.1.in-addr.arpa. or 3.2.1 as that's how things work for reverse records.

Any ideas? I'm happy to do a PR with a working example once I've discovered the proper call.

I think that would be very first method to be needed in this package... At least I am definitely needing that.

Link in Docs

Hi,

I was trying to setup today 2 different cert-manager webhooks today which appear to have in common this same library (one uses v2 and the other one v3). After fighting with both for a while we realized that zonenames are being trimmed in what it seems an incorrect way.

For example we have "subdomain-test.main.com." as a zone in our powerdns service, and somehow the final "." is being trimmed when the webhooks call pdns.Zones.Get(ctx, "zonename").

Is there any reason why we are trimming the "." at the end?.

What is even funnier is that if I append 2 "." to my zonename in my webhook configuration, I can make the final "." pass the trim function, so one of the dots don't get removed.

Thanks.

It would be handy to add comments and owner when creating records

I'm willing to create a PR from this, but I'm not sure if you want to support this and how you want to call your methods
I've created a quick fix for a project of mine: 42wim@5727ba7

Getting this:

[2020-11-10T08:51:14.755Z] NSEC3PARAMs provided for zone 'de-muc.iaas.genesiscloud.net.', but zone is not DNSSEC secured.

For code stretch:

  name_server := fmt.Sprintf("%s.%s", primary_server_hostname, zone_domain)
        zone, err := pdns_api.Zones.AddNative(zone_domain,
                                              false,
                                              "",
                                              false,
                                              "",
                                              "",
                                              false,
                                              []string{ name_server })

Could you have a look? Should be trivial if skipping those params when dnssec bool is false, but not certain is it enough.

Hello!

Firstly, thank you for this awesome library! I wanted to pick your brain about the idea of a breaking change which is to return an *http.Response in addition to an error from record/zone CRUD operations.

We have a use case to log request ID response headers for tracing when making PDNS calls which isn't possible today without providing a custom *http.Client + transport. There may be other, more appropriate approaches that you're aware of that I am not. If so, I would love to hear your insight.

Today's implementation:

err := client.Records.Add(
		ctx,
		record.Zone,
		record.FQDN,
		recordType,
		uint32(record.TTL),
		record.Targets,
	)
	if err != nil {
		return err
	}

Proposal:

response, err := client.Records.Add(
		ctx,
		record.Zone,
		record.FQDN,
		recordType,
		uint32(record.TTL),
		record.Targets,
	)
	if err != nil {
		return err
	}

Curious on your thoughts on the matter 😃
Thank you again!

Hello,

While trying to create new zone like

POST /api/v1/servers/localhost/zones HTTP/1.1
Host: myserver:8080
User-Agent: go-powerdns
Content-Length: 173
Accept: application/json
Content-Type: application/json
X-Api-Key: secret
Accept-Encoding: gzip

{"name":"test-4375161735057534218.com.","type":"Zone","kind":"Native","dnssec":false,"nsec3param":"","nsec3narrow":false,"soa_edit":"","soa_edit_api":"","api_rectify":true}

I got the error from server

HTTP/1.1 422 Unprocessable Entity
Access-Control-Allow-Origin: *
Connection: close
Content-Length: 107
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'
Content-Type: application/json
Server: PowerDNS/4.4.0
X-Content-Type-Options: nosniff
X-Frame-Options: deny
X-Permitted-Cross-Domain-Policies: none
X-Xss-Protection: 1; mode=block

{"error": "NSEC3PARAMs provided for zone 'test-4375161735057534218.com.', but zone is not DNSSEC secured."}

Tested on PowerDNS Authoritative Server 4.4.0 (C) 2001-2020 PowerDNS.COM BV
I'm using the code from example

zone, err := pdns.Zones.AddNative(domain, false, "", false, "", "", true, nil)

It happens because the client sends DNSsec=false with Nsec3Param="". And PowerDNS server thinking - why there is the nsec param if DNSSEC is false ? So servers respond with error.

I think it could be minor changes to resolve it, like in attached file

Thank you for the application !

The PowerDNS API Supports management of TSIG Keys:
https://doc.powerdns.com/authoritative/http-api/tsigkey.html

I would like to contribute this feature

https://doc.powerdns.com/authoritative/http-api/zone.html#get--servers-server_id-zones-zone_id

The Power DNS API supports filtering by the following query params. Would be great to support this via the RecordsService. Happy to contribute this addition.

rrsets (boolean) – “true” (default) or “false”, whether to include the “rrsets” in the response Zone object.
rrset_name (string) – Limit output to RRsets for this name.
rrset_type (string) – Limit output to the RRset of this type. Can only be used together with rrset_name.

Calling these two functions just result in one SRV record:

pdns_client.Records.Add("ims.mnc001.mcc001.3gppnetwork.org", "_sip._udp.scscf.ims.mnc001.mcc001.3gppnetwork.org", "SRV", 86400, []string{"30 1 6060 scscf-0.ims.mnc001.mcc001.3gppnetwork.org."})
	pdns_client.Records.Add("ims.mnc001.mcc001.3gppnetwork.org", "_sip._udp.scscf.ims.mnc001.mcc001.3gppnetwork.org", "SRV", 86400, []string{"30 1 6060 scscf-1.ims.mnc001.mcc001.3gppnetwork.org."})