fix(cloudflare): convert DNS record names to Punycode (#1160)

* fix(cloudflare): convert DNS record names to Punycode * fix(domain): converts domain name in a copy In-place editing may have unintended side effects. * fix(cloudflare): remove unnecessary variable * fix(domains): do not use Fluent API
jeessy2 · Jun 16, 2024 · 095b850 · 095b850
1 parent 97f188f
commit 095b850
Show file tree

Hide file tree

Showing 3 changed files with 90 additions and 13 deletions.
diff --git a/config/domains.go b/config/domains.go
@@ -5,6 +5,7 @@ import (
 	"strings"
 
 	"github.com/jeessy2/ddns-go/v6/util"
+	"golang.org/x/net/idna"
 	"golang.org/x/net/publicsuffix"
 )
 
@@ -28,6 +29,16 @@ type Domain struct {
 	UpdateStatus updateStatusType // 更新状态
 }
 
+// nontransitionalLookup implements the nontransitional processing as specified in
+// Unicode Technical Standard 46 with almost all checkings off to maximize user freedom.
+//
+// Copied from: https://github.com/cloudflare/cloudflare-go/blob/v0.97.0/dns.go#L95
+var nontransitionalLookup = idna.New(
+	idna.MapForLookup(),
+	idna.StrictDomainName(false),
+	idna.ValidateLabels(false),
+)
+
 func (d Domain) String() string {
 	if d.SubDomain != "" {
 		return d.SubDomain + "." + d.DomainName
@@ -63,6 +74,16 @@ func (d Domain) GetCustomParams() url.Values {
 	return url.Values{}
 }
 
+// ToASCII converts [Domain] to its ASCII form,
+// using non-transitional process specified in UTS 46.
+//
+// Note: conversion errors are silently discarded and partial conversion
+// results are used.
+func (d Domain) ToASCII() string {
+	name, _ := nontransitionalLookup.ToASCII(d.String())
+	return name
+}
+
 // GetNewIp 接口/网卡/命令获得 ip 并校验用户输入的域名
 func (domains *Domains) GetNewIp(dnsConf *DnsConfig) {
 	domains.Ipv4Domains = checkParseDomains(dnsConf.Ipv4.Domains)

diff --git a/config/domains_test.go b/config/domains_test.go
@@ -1,8 +1,54 @@
 package config
 
-import (
-	"testing"
-)
+import "testing"
+
+// TestToASCII test converts the name of [Domain] to its ASCII form.
+//
+// Copied from: https://github.com/cloudflare/cloudflare-go/blob/v0.97.0/dns_test.go#L15
+func TestToASCII(t *testing.T) {
+	tests := map[string]struct {
+		domain   string
+		expected string
+	}{
+		"empty": {
+			"", "",
+		},
+		"unicode get encoded": {
+			"😺.com", "xn--138h.com",
+		},
+		"unicode gets mapped and encoded": {
+			"ÖBB.at", "xn--bb-eka.at",
+		},
+		"punycode stays punycode": {
+			"xn--138h.com", "xn--138h.com",
+		},
+		"hyphens are not checked": {
+			"s3--s4.com", "s3--s4.com",
+		},
+		"STD3 rules are not enforced": {
+			"℀.com", "a/c.com",
+		},
+		"bidi check is disabled": {
+			"englishﻋﺮﺑﻲ.com", "xn--english-gqjzfwd1j.com",
+		},
+		"invalid joiners are allowed": {
+			"a\u200cb.com", "xn--ab-j1t.com",
+		},
+		"partial results are used despite errors": {
+			"xn--:D.xn--.😺.com", "xn--:d..xn--138h.com",
+		},
+	}
+
+	for name, tt := range tests {
+		t.Run(name, func(t *testing.T) {
+			d := &Domain{DomainName: tt.domain}
+			actual := d.ToASCII()
+			if actual != tt.expected {
+				t.Errorf("ToASCII() = %v, want %v", actual, tt.expected)
+			}
+		})
+	}
+}
 
 // TestParseDomainArr 测试 parseDomainArr
 func TestParseDomainArr(t *testing.T) {

diff --git a/dns/cloudflare.go b/dns/cloudflare.go
@@ -5,16 +5,15 @@ import (
 	"encoding/json"
 	"fmt"
 	"net/http"
+	"net/url"
 	"strconv"
 	"strings"
 
 	"github.com/jeessy2/ddns-go/v6/config"
 	"github.com/jeessy2/ddns-go/v6/util"
 )
 
-const (
-	zonesAPI string = "https://api.cloudflare.com/client/v4/zones"
-)
+const zonesAPI = "https://api.cloudflare.com/client/v4/zones"
 
 // Cloudflare Cloudflare实现
 type Cloudflare struct {
@@ -106,10 +105,16 @@ func (cf *Cloudflare) addUpdateDomainRecords(recordType string) {
 			return
 		}
 
-		// 存在参数才进行筛选
-		comment := domain.GetCustomParams().Get("comment")
-		if comment != "" {
-			comment = fmt.Sprintf("&comment=%s", comment)
+		params := url.Values{}
+		params.Set("type", recordType)
+		// The name of DNS records in Cloudflare API expects Punycode.
+		//
+		// See: cloudflare/cloudflare-go#690
+		params.Set("name", domain.ToASCII())
+		params.Set("per_page", "50")
+		// Add a comment only if it exists
+		if c := domain.GetCustomParams().Get("comment"); c != "" {
+			params.Set("comment", c)
 		}
 
 		zoneID := result.Result[0].ID
@@ -118,7 +123,7 @@ func (cf *Cloudflare) addUpdateDomainRecords(recordType string) {
 		// getDomains 最多更新前50条
 		err = cf.request(
 			"GET",
-			fmt.Sprintf(zonesAPI+"/%s/dns_records?type=%s&name=%s&per_page=50%s", zoneID, recordType, domain, comment),
+			fmt.Sprintf(zonesAPI+"/%s/dns_records?%s", zoneID, params.Encode()),
 			nil,
 			&records,
 		)
@@ -149,7 +154,7 @@ func (cf *Cloudflare) addUpdateDomainRecords(recordType string) {
 func (cf *Cloudflare) create(zoneID string, domain *config.Domain, recordType string, ipAddr string) {
 	record := &CloudflareRecord{
 		Type:    recordType,
-		Name:    domain.String(),
+		Name:    domain.ToASCII(),
 		Content: ipAddr,
 		Proxied: false,
 		TTL:     cf.TTL,
@@ -219,9 +224,14 @@ func (cf *Cloudflare) modify(result CloudflareRecordsResp, zoneID string, domain
 
 // 获得域名记录列表
 func (cf *Cloudflare) getZones(domain *config.Domain) (result CloudflareZonesResp, err error) {
+	params := url.Values{}
+	params.Set("name", domain.DomainName)
+	params.Set("status", "active")
+	params.Set("per_page", "50")
+
 	err = cf.request(
 		"GET",
-		fmt.Sprintf(zonesAPI+"?name=%s&status=%s&per_page=%s", domain.DomainName, "active", "50"),
+		fmt.Sprintf(zonesAPI+"?%s", params.Encode()),
 		nil,
 		&result,
 	)