7 files changed, 56 insertions(+), 43 deletions(-)

M dns-specs/dns-parameters-11.csv
M dns-specs/dns-parameters-4.csv
M examples/update_specs.rs
M src/cache/redis.rs
M src/resolver.rs
M src/specs/enums_generated.rs
M src/specs/version_generated.rs

@@ 17,8 17,10 @@ Value,Name,Status,Reference
 15,Extended DNS Error,Standard,[RFC8914]
 16,EDNS-Client-Tag,Optional,[draft-bellis-dnsop-edns-tags]
 17,EDNS-Server-Tag,Optional,[draft-bellis-dnsop-edns-tags]
-18-26945,Unassigned,,
-26946,DeviceID,Optional,[https://docs.umbrella.com/developer/networkdevices-api/identifying-dns-traffic2][Brian_Hartvigsen]
+18-20291,Unassigned,,
+20292,Umbrella Ident,Optional,[https://developer.cisco.com/docs/cloud-security/#!integrating-network-devices/rdata-description][Cisco_CIE_DNS_team]
+20293-26945,Unassigned,,
+26946,DeviceID,Optional,[https://developer.cisco.com/docs/cloud-security/#!network-devices-getting-started/response-codes][Cisco_CIE_DNS_team]
 26947-65000,Unassigned,,
 65001-65534,Reserved for Local/Experimental Use,,[RFC6891]
 65535,Reserved for future expansion,,[RFC6891]

@@ 22,35 22,35 @@ X25,19,for X.25 PSDN address,[RFC1183],,
 ISDN,20,for ISDN address,[RFC1183],,
 RT,21,for Route Through,[RFC1183],,
 NSAP,22,"for NSAP address, NSAP style A record",[RFC1706],,
-NSAP-PTR,23,"for domain name pointer, NSAP style",[RFC1348][RFC1637][RFC1706],,
-SIG,24,for security signature,[RFC4034][RFC3755][RFC2535][RFC2536][RFC2537][RFC2931][RFC3110][RFC3008],,
-KEY,25,for security key,[RFC4034][RFC3755][RFC2535][RFC2536][RFC2537][RFC2539][RFC3008][RFC3110],,
+NSAP-PTR,23,"for domain name pointer, NSAP style",[RFC1706],,
+SIG,24,for security signature,[RFC2536][RFC2931][RFC3110][RFC4034],,
+KEY,25,for security key,[RFC2536][RFC2539][RFC3110][RFC4034],,
 PX,26,X.400 mail mapping information,[RFC2163],,
 GPOS,27,Geographical Position,[RFC1712],,
 AAAA,28,IP6 Address,[RFC3596],,
 LOC,29,Location Information,[RFC1876],,
-NXT,30,Next Domain (OBSOLETE),[RFC3755][RFC2535],,
+NXT,30,Next Domain (OBSOLETE),[RFC2535][RFC3755],,
 EID,31,Endpoint Identifier,[Michael_Patton][http://ana-3.lcs.mit.edu/~jnc/nimrod/dns.txt],,1995-06
 NIMLOC,32,Nimrod Locator,[1][Michael_Patton][http://ana-3.lcs.mit.edu/~jnc/nimrod/dns.txt],,1995-06
 SRV,33,Server Selection,[1][RFC2782],,
 ATMA,34,ATM Address,"[
         ATM Forum Technical Committee, ""ATM Name System, V2.0"", Doc ID: AF-DANS-0152.000, July 2000. Available from and held in escrow by IANA.]",,
-NAPTR,35,Naming Authority Pointer,[RFC2915][RFC2168][RFC3403],,
+NAPTR,35,Naming Authority Pointer,[RFC3403],,
 KX,36,Key Exchanger,[RFC2230],,
 CERT,37,CERT,[RFC4398],,
-A6,38,A6 (OBSOLETE - use AAAA),[RFC3226][RFC2874][RFC6563],,
+A6,38,A6 (OBSOLETE - use AAAA),[RFC2874][RFC3226][RFC6563],,
 DNAME,39,DNAME,[RFC6672],,
-SINK,40,SINK,[Donald_E_Eastlake][http://tools.ietf.org/html/draft-eastlake-kitchen-sink],,1997-11
-OPT,41,OPT,[RFC6891][RFC3225],,
+SINK,40,SINK,[Donald_E_Eastlake][draft-eastlake-kitchen-sink],,1997-11
+OPT,41,OPT,[RFC3225][RFC6891],,
 APL,42,APL,[RFC3123],,
-DS,43,Delegation Signer,[RFC4034][RFC3658],,
+DS,43,Delegation Signer,[RFC4034],,
 SSHFP,44,SSH Key Fingerprint,[RFC4255],,
 IPSECKEY,45,IPSECKEY,[RFC4025],,
-RRSIG,46,RRSIG,[RFC4034][RFC3755],,
-NSEC,47,NSEC,[RFC4034][RFC3755],,
-DNSKEY,48,DNSKEY,[RFC4034][RFC3755],,
+RRSIG,46,RRSIG,[RFC4034],,
+NSEC,47,NSEC,[RFC4034][RFC9077],,
+DNSKEY,48,DNSKEY,[RFC4034],,
 DHCID,49,DHCID,[RFC4701],,
-NSEC3,50,NSEC3,[RFC5155],,
+NSEC3,50,NSEC3,[RFC5155][RFC9077],,
 NSEC3PARAM,51,NSEC3PARAM,[RFC5155],,
 TLSA,52,TLSA,[RFC6698],,
 SMIMEA,53,S/MIME cert association,[RFC8162],SMIMEA/smimea-completed-template,2015-12-01

@@ 3,6 3,7 @@ use std::env;
 use std::fs::{self, File};
 use std::io::{Read, Write};
 use std::path::{Path, PathBuf};
+use std::time::Duration;
 use std::vec;
 
 use anyhow::{bail, Context, Result};


@@ 110,8 111,8 @@ fn generate_enums_rs(
         fs::File::create(&enums_rs).with_context(|| "Failed to create dns enums rust file")?;
     info!("Generating {:?}", enums_rs);
     enumsfile.write(b"// This file is autogenerated by update_specs.rs. Don't touch.\n")?;
-    enumsfile.write(b"use rkyv::{Archive, Deserialize, Serialize};\n")?;
     enumsfile.write(b"use bytecheck::CheckBytes;\n")?;
+    enumsfile.write(b"use rkyv::{Archive, Deserialize, Serialize};\n")?;
 
     // Iterate over entries in input, open their respective files
     for section in sections {


@@ 131,24 132,28 @@ fn generate_enums_rs(
         // Write enum definition
 
         enumsfile.write(format!("#[repr({})]\n", section.DataType).as_bytes())?;
-        enumsfile.write(b"#[derive(Archive, Deserialize, Serialize, Clone, Copy, PartialEq, Eq, PartialOrd, Ord, Hash, Debug)]\n")?;
+        enumsfile.write(
+            b"#[derive(
+    Archive, Deserialize, Serialize, Clone, Copy, PartialEq, Eq, PartialOrd, Ord, Hash, Debug,
+)]\n",
+        )?;
         enumsfile.write(b"#[archive_attr(derive(CheckBytes))]\n")?;
         enumsfile.write(format!("pub enum {} {{\n", section.EnumName).as_bytes())?;
         for entry in &entries {
             if entry.doc {
-                enumsfile.write(format!("\n  /// {}\n", entry.comment1).as_bytes())?;
+                enumsfile.write(format!("\n    /// {}\n", entry.comment1).as_bytes())?;
                 if let Some(c2) = &entry.comment2 {
-                    enumsfile.write(format!("  /// {}\n", c2).as_bytes())?;
+                    enumsfile.write(format!("    /// {}\n", c2).as_bytes())?;
                 }
             } else {
-                enumsfile.write(format!("\n  // {}\n", entry.comment1).as_bytes())?;
+                enumsfile.write(format!("\n    // {}\n", entry.comment1).as_bytes())?;
                 if let Some(c2) = &entry.comment2 {
-                    enumsfile.write(format!("  // {}\n", c2).as_bytes())?;
+                    enumsfile.write(format!("    // {}\n", c2).as_bytes())?;
                 }
             }
             if let Some(n) = &entry.name {
                 if let Some(i) = &entry.intval {
-                    enumsfile.write(format!("  {} = {},\n", n, i).as_bytes())?;
+                    enumsfile.write(format!("    {} = {},\n", n, i).as_bytes())?;
                 } else {
                     panic!("Missing entry.intval for entry.name={}", n)
                 }

@@ 56,8 56,8 @@ impl Cache {
             // Set up a reasonable allocation - will expand automatically if needed.
             store_buf: BytesMut::with_capacity(1024),
             scratch_buf,
-            // Include our build SHA in the key used for storing data in Redis.
-            // Avoids potential compatibility issues with old vs new rkyv data when upgrading.
+            // Include a hash of the DNS specs in the key used for storing data in Redis.
+            // Avoids potential issues with old vs new generated spec data when upgrading.
             redis_key_prefix: format!("originz_rkyv__{}__", VERSION_HASH),
         })
     }

@@ 91,9 91,9 @@ impl Resolver {
         request_info: &RequestInfo,
         response_buffer: &mut BytesMut,
     ) -> Result<()> {
-
-        // TODO(#36): Switch to building a new request from scratch for cache/upstreams.
-        //            Avoids weird things like worrying about whether EDNS is or isn't present
+        // TODO(#36): Switch to building a new request from scratch for querying cache/upstreams,
+        //            rather than reusing the request provided by the client.
+        //            This avoids weird things like worrying about whether EDNS is or isn't present
         //            in the original request and whether that's getting stored in the cache.
         //            Also makes it easier to deal with things like upstream client COOKIE support.
 

@@ 125,13 125,13 @@ pub enum ResourceType {
     /// for NSAP address, NSAP style A record [RFC1706]
     NSAP = 22,
 
-    /// for domain name pointer, NSAP style [RFC1348][RFC1637][RFC1706]
+    /// for domain name pointer, NSAP style [RFC1706]
     NSAP_PTR = 23,
 
-    /// for security signature [RFC4034][RFC3755][RFC2535][RFC2536][RFC2537][RFC2931][RFC3110][RFC3008]
+    /// for security signature [RFC2536][RFC2931][RFC3110][RFC4034]
     SIG = 24,
 
-    /// for security key [RFC4034][RFC3755][RFC2535][RFC2536][RFC2537][RFC2539][RFC3008][RFC3110]
+    /// for security key [RFC2536][RFC2539][RFC3110][RFC4034]
     KEY = 25,
 
     /// X.400 mail mapping information [RFC2163]


@@ 146,7 146,7 @@ pub enum ResourceType {
     /// Location Information [RFC1876]
     LOC = 29,
 
-    /// Next Domain (OBSOLETE) [RFC3755][RFC2535]
+    /// Next Domain (OBSOLETE) [RFC2535][RFC3755]
     NXT_OBSOLETE = 30,
 
     /// Endpoint Identifier [Michael_Patton][http://ana-3.lcs.mit.edu/~jnc/nimrod/dns.txt]


@@ 161,7 161,7 @@ pub enum ResourceType {
     /// ATM Address [         ATM Forum Technical Committee, "ATM Name System, V2.0", Doc ID: AF-DANS-0152.000, July 2000. Available from and held in escrow by IANA.]
     ATMA = 34,
 
-    /// Naming Authority Pointer [RFC2915][RFC2168][RFC3403]
+    /// Naming Authority Pointer [RFC3403]
     NAPTR = 35,
 
     /// Key Exchanger [RFC2230]


@@ 170,22 170,22 @@ pub enum ResourceType {
     /// CERT [RFC4398]
     CERT = 37,
 
-    /// A6 (OBSOLETE - use AAAA) [RFC3226][RFC2874][RFC6563]
+    /// A6 (OBSOLETE - use AAAA) [RFC2874][RFC3226][RFC6563]
     A6_OBSOLETE = 38,
 
     /// DNAME [RFC6672]
     DNAME = 39,
 
-    /// SINK [Donald_E_Eastlake][http://tools.ietf.org/html/draft-eastlake-kitchen-sink]
+    /// SINK [Donald_E_Eastlake][draft-eastlake-kitchen-sink]
     SINK = 40,
 
-    /// OPT [RFC6891][RFC3225]
+    /// OPT [RFC3225][RFC6891]
     OPT = 41,
 
     /// APL [RFC3123]
     APL = 42,
 
-    /// Delegation Signer [RFC4034][RFC3658]
+    /// Delegation Signer [RFC4034]
     DS = 43,
 
     /// SSH Key Fingerprint [RFC4255]


@@ 194,19 194,19 @@ pub enum ResourceType {
     /// IPSECKEY [RFC4025]
     IPSECKEY = 45,
 
-    /// RRSIG [RFC4034][RFC3755]
+    /// RRSIG [RFC4034]
     RRSIG = 46,
 
-    /// NSEC [RFC4034][RFC3755]
+    /// NSEC [RFC4034][RFC9077]
     NSEC = 47,
 
-    /// DNSKEY [RFC4034][RFC3755]
+    /// DNSKEY [RFC4034]
     DNSKEY = 48,
 
     /// DHCID [RFC4701]
     DHCID = 49,
 
-    /// NSEC3 [RFC5155]
+    /// NSEC3 [RFC5155][RFC9077]
     NSEC3 = 50,
 
     /// NSEC3PARAM [RFC5155]


@@ 648,8 648,13 @@ pub enum OPTOptionCode {
     EDNS_SERVER_TAG = 17,
 
     // Unassigned
-    // 18-26945
-    /// DeviceID: Optional [https://docs.umbrella.com/developer/networkdevices-api/identifying-dns-traffic2][Brian_Hartvigsen]
+    // 18-20291
+    /// Umbrella Ident: Optional [https://developer.cisco.com/docs/cloud-security/#!integrating-network-devices/rdata-description][Cisco_CIE_DNS_team]
+    UMBRELLA_IDENT = 20292,
+
+    // Unassigned
+    // 20293-26945
+    /// DeviceID: Optional [https://developer.cisco.com/docs/cloud-security/#!network-devices-getting-started/response-codes][Cisco_CIE_DNS_team]
     DEVICEID = 26946,
 
     // Unassigned


@@ 681,6 686,7 @@ pub fn optoptioncode_int(i: usize) -> Option<OPTOptionCode> {
         15 => Some(OPTOptionCode::EXTENDED_DNS_ERROR),
         16 => Some(OPTOptionCode::EDNS_CLIENT_TAG),
         17 => Some(OPTOptionCode::EDNS_SERVER_TAG),
+        20292 => Some(OPTOptionCode::UMBRELLA_IDENT),
         26946 => Some(OPTOptionCode::DEVICEID),
         65535 => Some(OPTOptionCode::RESERVED_FOR_FUTURE_EXPANSION),
         _ => None,

@@ 1,2 1,2 @@
 // This file is autogenerated by update_specs.rs. Don't touch.
-pub const VERSION_HASH: &str = "88ed579d6ebf37f5";
+pub const VERSION_HASH: &str = "b325bb07ddc78cd5";