dnsruby 1.61.9 → 1.71.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7f1d44662973a06d7ff5296b1c49530b10e58a08ca5df87c893bb25e06e4bf7c
-  data.tar.gz: b82b2920d6d24ff8907d2e9b776a53f7034c11610335626ea31ee1485ffb6dde
+  metadata.gz: 269c27f2434453482847eab90060c2de583ca876e9056b8acff0c9df23a64a84
+  data.tar.gz: 37c09c9a2c25f97cfd391ee8662de09b1698a44b189abe2cd75753579c87379a
 SHA512:
-  metadata.gz: 02f7ac0626839e3faf33f72a2b98e620ca1ac9bb5d11c06299b403c79e0552c5b0160b40978ead7aba27d8801b2b339a1cdeb856772c0241883f06b68a42beb5
-  data.tar.gz: bdc9cf4c7e89b11fb67871b480957f3f28bd29e472438490e918041f9e1d2682fa434ce6d66dff283843e7c67fc2f002482175e2a7c6b6a05106785b6f7797cb
+  metadata.gz: 6863374c8f220932c6aff08fce2a8afd1e38267f44f505121516580b69e4c5691a613d11b45e4227939586f6283743871834138bca06a8776a26f6b32c2141ad
+  data.tar.gz: e58edc0688147d6c8e6576bf6144469d52b09120da7a7d7d0c00fc962579e1c49e23962264caa448d1bb54c70559e25e4663a176d95fe5282a43dba631233035

data/.github/workflows/ci.yml

@@ -7,7 +7,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        ruby: [ '2.5', '2.6', '2.7', '3.0', '3.1' ] # , 'ruby-head' ]
+        ruby: [ '3.1', '3.2', '3.3' ] # , 'ruby-head' ]
     name: Ruby ${{ matrix.ruby }} tests
     steps:
       - uses: actions/checkout@v2

data/RELEASE_NOTES.md

@@ -1,5 +1,15 @@
 # Release Notes
 
+## v.1.71.0
+
+* Fix assigning public_key in ECDSA - thanks Jiří Kubíček!
+
+## v.1.70.0
+
+* OpenSSL 3 support
+* Resource record hashes no longer include the rdata
+* Removed requite to title-cased Digest - thanks jhawthron
+
 ## v.1.61.9
 
 * Remove unused net-ftp dependency

data/Rakefile

@@ -27,10 +27,10 @@ def create_task(task_name, test_suite_filespec)
 end
 
 create_task(:test,         'test/ts_dnsruby.rb')
+create_task(:dnskey,         'test/tc_dnskey.rb')
 create_task(:test_offline, 'test/ts_offline.rb')
 create_task(:test_online,  'test/ts_online.rb')
 create_task(:soak,         'test/tc_soak.rb')
 create_task(:message,      'test/tc_message.rb')
 create_task(:cache,         'test/tc_cache.rb')
 create_task(:pipe,          'test/tc_tcp_pipelining.rb')
-create_task(:resolv,       'test/tc_resolv.rb')

data/dnsruby.gemspec

@@ -36,15 +36,16 @@ DNSSEC NSEC3 support.'
   }
 
   s.add_development_dependency 'rake', '>= 13.0.6'
-  s.add_development_dependency 'minitest', '~> 5.14.4'
-  s.add_development_dependency 'rubydns', '~> 2.0.1'
-  s.add_development_dependency 'nio4r', '~> 2.0'
+  s.add_development_dependency 'minitest', '~> 5.18.0'
+  s.add_development_dependency 'rubydns', '>= 2.0.2'
+  s.add_development_dependency 'nio4r', '>= 2.7.0'
   s.add_development_dependency 'minitest-display', '>= 0.3.1'
-  s.add_development_dependency('yard', '~> 0.9')
+  s.add_development_dependency('yard', '>= 0.9')
+  # s.add_development_dependency('io-event', '>=1.1.7')
 
   if RUBY_VERSION >= "1.9.3"
-    s.add_development_dependency 'coveralls', '~> 0.7'
+    s.add_development_dependency 'coveralls', '~> 0.8.23'
   end
 
-  s.add_runtime_dependency 'simpleidn', '~> 0.1'
+  s.add_runtime_dependency 'simpleidn', '~> 0.2.1'
 end

data/lib/dnsruby/resource/DNSKEY.rb

@@ -294,11 +294,11 @@ module Dnsruby
         begin
           key_text.gsub!(/\n/, "")
           key_text.gsub!(/ /, "")
-          #         @key=Base64.decode64(key_text)
-          @key=key_text.unpack("m*")[0]
+          @key=Base64.decode64(key_text)
           public_key
           get_new_key_tag
-        rescue Exception
+        rescue Exception => e
+          Dnsruby.log.error(e)
           raise ArgumentError.new("Key #{key_text} invalid")
         end
       end
@@ -341,13 +341,12 @@ module Dnsruby
         modulus = RR::get_num(@key[pos, @key.length])
         @key_length = (@key.length - pos) * 8
 
-        pkey = OpenSSL::PKey::RSA.new
-        begin
-          pkey.set_key(modulus, exponent, nil) # use set_key, present in later versions of openssl gem
-        rescue NoMethodError
-          pkey.e = exponent # set_key not available in earlier versions, use this approach instead
-          pkey.n = modulus
-        end
+        data_sequence = OpenSSL::ASN1::Sequence([
+                                                  OpenSSL::ASN1::Integer(modulus),
+                                                  OpenSSL::ASN1::Integer(exponent)
+                                                ])
+        asn1 = OpenSSL::ASN1::Sequence(data_sequence)
+        pkey = OpenSSL::PKey::RSA.new(asn1.to_der)
         return pkey
       end
 
@@ -366,18 +365,25 @@ module Dnsruby
         pos += pgy_len
         @key_length = (pgy_len * 8)
 
-        pkey = OpenSSL::PKey::DSA.new
-        begin
-          pkey.set_pgq(p,g,q)
-          pkey.set_key(y, nil) # use set_pgq and set_key, present in later versions of openssl gem
-        rescue NoMethodError
-          pkey.p = p # set_key not available in earlier versions, use this approach instead
-          pkey.q = q
-          pkey.g = g
-          pkey.pub_key = y
-        end
-
-        pkey
+        asn1 = OpenSSL::ASN1::Sequence.new(
+          [
+            OpenSSL::ASN1::Sequence.new(
+              [
+                OpenSSL::ASN1::ObjectId.new('DSA'),
+                OpenSSL::ASN1::Sequence.new(
+                  [
+                    OpenSSL::ASN1::Integer.new(p),
+                    OpenSSL::ASN1::Integer.new(q),
+                    OpenSSL::ASN1::Integer.new(g)
+                  ]
+                )
+              ]
+            ),
+            OpenSSL::ASN1::BitString.new(OpenSSL::ASN1::Integer.new(y).to_der)
+          ]
+        )
+
+        pkey = OpenSSL::PKey::DSA.new(asn1.to_der)
       end
 
       # RFC6605, section 4
@@ -386,15 +392,22 @@ module Dnsruby
       # uncompressed form of a curve point, "x | y".
       def ec_key(curve = 'prime256v1')
         group = OpenSSL::PKey::EC::Group.new(curve)
-        pkey = OpenSSL::PKey::EC.new(group)
-
         # DNSSEC pub does not have first octet that determines whether it's uncompressed
         # or compressed form, but it's required by OpenSSL to parse EC point correctly
-        point_from_pub = "\x04" + @key.to_s # octet string, \x04 prefix determines uncompressed
-        pkey.public_key = OpenSSL::PKey::EC::Point.new(group, point_from_pub)
-
-        pkey
+        dnskey_bn = OpenSSL::BN.new("\x04" + @key, 2)
+        key_point = OpenSSL::PKey::EC::Point.new(group, dnskey_bn)
+        
+        asn1 = OpenSSL::ASN1::Sequence.new(
+          [
+            OpenSSL::ASN1::Sequence.new([
+              OpenSSL::ASN1::ObjectId.new("id-ecPublicKey"),
+              OpenSSL::ASN1::ObjectId.new(group.curve_name)
+            ]),
+            OpenSSL::ASN1::BitString.new(key_point.to_octet_string(:uncompressed))
+          ]
+        )
+        OpenSSL::PKey::EC.new(asn1.to_der)
       end
     end
   end
-end
+end

data/lib/dnsruby/resource/DS.rb

@@ -14,11 +14,8 @@
 # limitations under the License.
 # ++
 require 'base64'
-begin
-require 'Digest/sha2'
-rescue LoadError
-  require 'digest/sha2'
-end
+require 'digest/sha2'
+
 module Dnsruby
   class RR
     # RFC4034, section 4

data/lib/dnsruby/resource/RR.rb

@@ -350,7 +350,7 @@ class RR
   end
 
   def hash # :nodoc:
-    vars = (self.instance_variables - [:@ttl]).sort
+    vars = (self.instance_variables - [:@ttl, :@rdata]).sort
     vars.inject(0) do |hash_value, var_name|
       hash_value ^ self.instance_variable_get(var_name).hash
     end

data/lib/dnsruby/resource/TSIG.rb

@@ -234,7 +234,7 @@ module Dnsruby
       def verify_common(response)#:nodoc: all
         tsig_rr = response.tsig
 
-	if (!tsig_rr)
+	      if (!tsig_rr)
           response.tsigerror = RCode.FORMERR
           response.tsigstate = :Failed
           return false

data/lib/dnsruby/version.rb

@@ -1,3 +1,3 @@
 module Dnsruby
-  VERSION = '1.61.9'
+  VERSION = '1.71.0'
 end

data/lib/dnsruby/zone_transfer.rb

@@ -138,7 +138,7 @@ module Dnsruby
                 send_message(socket, msg)
                 next
               end
-              raise ResolvError.new(rcode.string);
+              raise ResolvError.new(rcode.string)
             end
 
             if (response.question[0].qtype != @transfer_type)

data/test/tc_dns.rb

@@ -25,7 +25,7 @@ class TestDNS < Minitest::Test
   end
 
   def test_ipv4_address
-    Dnsruby::DNS.open { |dns| dns.getnames(Dnsruby::IPv4.create("221.186.184.68")) }
+    Dnsruby::DNS.open { |dns| dns.getnames(Dnsruby::IPv4.create("8.8.8.8")) }
   end
 
   # def test_resolv_rb_api

data/test/tc_ecdsa.rb

@@ -0,0 +1,27 @@
+require_relative 'spec_helper'
+
+Dnsruby::TheLog.level = Logger::DEBUG
+
+class VerifierTest < Minitest::Test
+
+  def test_ecdsa
+    inner_resolver = Dnsruby::Resolver.new
+    inner_resolver.do_validation = true
+    inner_resolver.dnssec = true
+    resolver = Dnsruby::Recursor.new(inner_resolver)
+    resolver.dnssec = true
+
+    #    Dnsruby::TheLog.level=Logger::DEBUG
+
+    name = 'carlgo11.com'
+    type = 'A'
+    klass = 'IN'
+
+    begin
+      answer = resolver.query(name, type, klass)
+      print answer
+    rescue Exception => e
+      fatal_error("query failed: #{e}")
+    end
+  end
+end

data/test/tc_res_file.rb

@@ -21,12 +21,6 @@ class TestAResolverFile < Minitest::Test
     Dnsruby::Config.reset
   end
 
-  # def test_bad_resFile
-  #   res = Dnsruby::DNS.new("test/resolv.conf.bad")
-  #   res.getaddress("bbc.co.uk")
-  #   assert_nil res
-  # end
-
   def test_resFile
     res = Dnsruby::DNS.new("test/resolv.conf")
 

data/test/ts_offline.rb

@@ -62,14 +62,14 @@ TESTS.each { |test| require_relative "tc_#{test}.rb" }
 
 def have_open_ssl?
   have_open_ssl = true
-#  begin
-#    require "openssl"
-#    OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, "key", "data")
-#    key = OpenSSL::PKey::RSA.new
-#    key.e = 111
-#  rescue
-#    have_open_ssl = false
-#  end
+  begin
+    require "openssl"
+    OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, "key", "data")
+    key = OpenSSL::PKey::RSA.new
+    key.e = 111
+  rescue
+    have_open_ssl = false
+  end
   have_open_ssl
 end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dnsruby
 version: !ruby/object:Gem::Version
-  version: 1.61.9
+  version: 1.71.0
 platform: ruby
 authors:
 - Alex Dalitz
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-01-12 00:00:00.000000000 Z
+date: 2024-03-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -30,42 +30,42 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 5.14.4
+        version: 5.18.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 5.14.4
+        version: 5.18.0
 - !ruby/object:Gem::Dependency
   name: rubydns
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 2.0.1
+        version: 2.0.2
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 2.0.1
+        version: 2.0.2
 - !ruby/object:Gem::Dependency
   name: nio4r
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: 2.7.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: 2.7.0
 - !ruby/object:Gem::Dependency
   name: minitest-display
   requirement: !ruby/object:Gem::Requirement
@@ -84,14 +84,14 @@ dependencies:
   name: yard
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0.9'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0.9'
 - !ruby/object:Gem::Dependency
@@ -100,28 +100,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.7'
+        version: 0.8.23
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.7'
+        version: 0.8.23
 - !ruby/object:Gem::Dependency
   name: simpleidn
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.1'
+        version: 0.2.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.1'
+        version: 0.2.1
 description: |-
   Dnsruby is a pure Ruby DNS client library which implements a
   stub resolver. It aims to comply with all DNS RFCs, including
@@ -254,6 +254,7 @@ files:
 - test/tc_dns.rb
 - test/tc_dnskey.rb
 - test/tc_ds.rb
+- test/tc_ecdsa.rb
 - test/tc_encoding.rb
 - test/tc_escapedchars.rb
 - test/tc_gpos.rb
@@ -335,7 +336,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.30
+rubygems_version: 3.5.3
 signing_key:
 specification_version: 4
 summary: Ruby DNS(SEC) implementation