shuque / dane Goto Github PK
View Code? Open in Web Editor NEWGo library for DANE authentication
License: MIT License
dane's People
Contributors
Stargazers
Watchers
dane's Issues
"dane" does not seem to return the correct result.
Hi,
When I tested the good.dane.huque.com, I found a discrepancy between the results I ran locally and the results I got from the DANE Test site and the results I got from the SIDN test site. After double-checking the TLSA record, I found that SIDN should be correct. There seems to be a problem with the TLSA validation process for the dane project.
What am I doing wrong?
I'm trying to check if I can introduce the ability of making requests to DANE-powered addresses in an app I have (I'm not very familiar with DANE and I'm not sure this even makes sense, but I'm just playing with it) and then I'm trying to test this library as a drop-in replacement to my http.Transport TLS thing.
The problem is that the only two DANE domains I know, falci.me and www.huque.com, return Okdane == false and Okpkix == true.
This is the code I'm using:
package main
import (
"context"
"fmt"
"log"
"net"
"net/http"
"strconv"
"strings"
"github.com/shuque/dane"
)
func main() {
t := &http.Transport{
DialTLSContext: func(ctx context.Context, network, addr string) (net.Conn, error) {
spl := strings.Split(addr, ":")
host := spl[0]
port, _ := strconv.Atoi(spl[1])
conn, s, err := dane.ConnectByNameAsync(host, port)
if err != nil {
return conn, err
}
log.Print(s.Okdane)
log.Print(s.Okpkix)
return conn, nil
},
}
client := http.Client{Transport: t}
resp, err := client.Get("https://www.huque.com")
if err != nil {
log.Fatal(err)
}
fmt.Println(resp)
}These two domains succeed on the DANE verification at https://www.huque.com/bin/danecheck.
return result instead of just printing it.
Hi,
in tlsa.go there is a function to print the result:
Lines 81 to 98 in 312d7e1
Is it possible to make it returning the result instead?
I want to make some docker container that mail when something goes wrong, now it can only mail: it failed. If I can use this function to see what is failing, it is a bit more informative.
DoT support
Dear developer,
I found your library and it looks very useful and I'd like to use it. But I'd need to be able to configure custom resolvers (classic DNS and DNS over TLS (DoT)) but looking at https://pkg.go.dev/github.com/shuque/dane#Resolver it seems like the latter is not supported. The DNS library miekg/dns seems to support DoT so I'd like to ask whether you would consider to add DoT support?
Best regards,
Martin
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.