[WIP] Managed implementation of DNS resolver

[rzikm]

Description

This PR brings in a C# implementation of a DNS resolver that is able to signal the TTL information together with the query results.

Main features

• Async network I/O, fully cancellable
• Mockable
• Resolves IP Addresses (A/AAAA records) and Service records (SRV + related A/AAAA)
• Transparent fallback to TCP
• Autodetection of OS settings (i.e. reads nameservers from /etc/resolv.conf file)
• Thread-safe

Checklist

• Is this feature complete?
  • Yes. Ready to ship.
  • No. Follow-up changes expected.
• Are you including unit tests for the changes and scenario tests if relevant?
  • Yes
  • No
• Did you add public API?
  • Yes
    • If yes, did you have an API Review for it?
      • Yes
      • No
    • Did you add <remarks /> and <code /> elements on your triple slash comments?
      • Yes
      • No
  • No
• Does the change make any security assumptions or guarantees?
  • Yes
    • If yes, have you done a threat model and had a security review?
      • Yes
      • No
  • No
• Does the change require an update in our Aspire docs?
  • Yes
    • Link to aspire-docs issue:
  • No

Microsoft Reviewers: Open in CodeFlow

[BrennanConroy]

Only reviewed a subset of files. It's a large PR and has a lot of RFC reading attached to it. Will review more later.

[BrennanConroy]

If the destination is empty, we should just return.

[BrennanConroy]

Do we need to add validation that only A-Z, a-z, 0-9, -, " ", and . are allowed?

[BrennanConroy]

Add 255 length check?

names 255 octets or less

[rzikm]

The domain name is already validated at this point, it is done by DnsResolver.GetNormalizedHostName(name) (which throws if any of the domain name limits is violated)

[rzikm]

I will add Debug.Asserts for some of the properties

[BrennanConroy]

messageBuffer doesn't have any endianness normalization when it's passed in. Is that problematic?

[rzikm]

The only multibyte information is the offset in pointers and we read higher and lower byte separately and combine them correctly. Otherwise we only ever read individual bytes or (ascii) strings, so endianness should not matter.

[BrennanConroy]

This wouldn't use the bytes past DnsMessageHeader.HeaderLength if we read more than that.

[rzikm]

This is UDP path, the DNS message is received in entirety in a single ReceiveAsync call, and here we checked that we are not interested in this particular message.

[BrennanConroy]

Need to check if (read == 0)?

[BrennanConroy]

This is kind of dangerous, user controlled pre-allocation. Since we're limited to 65k here you could argue it's not too risky, but we should probably explicitly call it out in a comment and make sure we're okay with the risk.

Technically the array pool (ConfigurableArrayPool) could return a 65 * 2 * 2 (or more) buffer since the implementation is free to search multiple bucket sizes to find a pooled byte[].

[rzikm]

I am curious, if we were to decide it's too risky, what would you suggest as a mitigation? We need the entire message in memory for parsing purposes (domain name compression via pointers with offsets), so I don't see us reading the contents of the message from a stream.

[BrennanConroy]

Verify search domains as well?

[danmoseley]

@rzikm could you set expectations on this one ?

[rzikm]

@rzikm could you set expectations on this one ?

in parallel to this, I am also finishing Threat Model Review and will need to setup fuzzing. If there are no major distractions I hope to finish the work this month.

[rzikm]

@BrennanConroy I pushed a substantial update which should resolve most of the comments, please take another look.