src/dns/waitfordns.js

'use strict';

exports = module.exports = waitForDns;

const assert = require('node:assert'),
    BoxError = require('../boxerror.js'),
    debug = require('debug')('box:dns/waitfordns'),
    dig = require('../dig.js'),
    dns = require('node:dns'),
    promiseRetry = require('../promise-retry.js'),
    safe = require('safetydance'),
    _ = require('../underscore.js');

async function resolveIp(hostname, type, options) {
    assert.strictEqual(typeof hostname, 'string');
    assert(type === 'A' || type === 'AAAA');
    assert.strictEqual(typeof options, 'object');

    // try A record at authoritative server
    debug(`resolveIp: Checking ${type} for ${hostname} at ${options.server}`);
    const [error, results] = await safe(dig.resolve(hostname, type, options));
    if (!error && results.length !== 0) return results;

    // try CNAME record at authoritative server
    debug(`resolveIp: No ${type}. Checking CNAME for ${hostname} at ${options.server}`);
    const cnameResults = await dig.resolve(hostname, 'CNAME', options);
    if (cnameResults.length === 0) return cnameResults;

    // recurse lookup the CNAME record
    debug(`resolveIp: found CNAME for ${hostname}. resolving ${cnameResults[0]}`);
    return await dig.resolve(cnameResults[0], type, _.omit(options, ['server']));
}

async function isChangeSynced(hostname, type, value, nameserver) {
    assert.strictEqual(typeof hostname, 'string');
    assert.strictEqual(typeof type, 'string');
    assert.strictEqual(typeof value, 'string');
    assert.strictEqual(typeof nameserver, 'string');

    // ns records cannot have cname
    const [error4, nsIPv4s] = await safe(dig.resolve(nameserver, 'A', { timeout: 5000 }));
    const [error6, nsIPv6s] = await safe(dig.resolve(nameserver, 'AAAA', { timeout: 5000 }));

    if (error4 && error6) {
        debug(`isChangeSynced: cannot resolve NS ${nameserver}`); // NS doesn't resolve at all; it's fine
        return true;
    }

    const nsIPs = [].concat(nsIPv4s || []).concat(nsIPv6s || []);
    const status = [];
    for (let i = 0; i < nsIPs.length; i++) {
        const nsIp = nsIPs[i];
        const resolveOptions = { server: nsIp, timeout: 5000, tries: 1 };
        const resolver = type === 'A' || type === 'AAAA' ? resolveIp(hostname, type, resolveOptions) : dig.resolve(hostname, 'TXT', resolveOptions);

        const [error, answer] = await safe(resolver);
        // CONNREFUSED - when there is no ipv4/ipv6 connectivity. REFUSED - server won't answer maybe by policy
        if (error && (error.code === dns.TIMEOUT || error.code === dns.REFUSED || error.code === dns.CONNREFUSED)) {
            debug(`isChangeSynced: NS ${nameserver} (${nsIp}) not resolving ${hostname} (${type}): ${error}. Ignoring`);
            status[i] = true; // should be ok if dns server is down
            continue;
        }

        if (error) {
            debug(`isChangeSynced: NS ${nameserver} (${nsIp}) errored when resolve ${hostname} (${type}): ${error}`);
            status[i] = false;
            continue;
        }

        let match;
        if (type === 'A' || type === 'AAAA') {
            match = answer.length === 1 && answer[0] === value;
        } else if (type === 'TXT') { // answer is a 2d array of strings
            match = answer.some(function (a) { return value === a.join(''); });
        }

        debug(`isChangeSynced: ${hostname} (${type}) was resolved to ${answer} at NS ${nameserver} (${nsIp}). Expecting ${value}. Match ${match}`);
        status[i] = match;
    }

    return status.every(s => s === true);
}

// check if IP change has propagated to every nameserver
async function waitForDns(hostname, zoneName, type, value, options) {
    assert.strictEqual(typeof hostname, 'string');
    assert.strictEqual(typeof zoneName, 'string');
    assert(type === 'A' || type === 'AAAA' || type === 'TXT');
    assert.strictEqual(typeof value, 'string');
    assert(options && typeof options === 'object'); // { interval: 5000, times: 50000 }

    debug(`waitForDns: waiting for ${hostname} to be ${value} in zone ${zoneName}`);

    await promiseRetry(Object.assign({ debug }, options), async function () {
        const nameservers = await dig.resolve(zoneName, 'NS', { timeout: 5000 });
        if (!nameservers) throw new BoxError(BoxError.EXTERNAL_ERROR, 'Unable to get nameservers');
        debug(`waitForDns: nameservers are ${JSON.stringify(nameservers)}`);

        for (const nameserver of nameservers) {
            const synced = await isChangeSynced(hostname, type, value, nameserver);
            debug(`waitForDns: ${hostname} at ns ${nameserver}: ${synced ? 'done' : 'not done'} `);
            if (!synced) throw new BoxError(BoxError.EXTERNAL_ERROR, 'ETRYAGAIN');
        }
    });

    debug(`waitForDns: ${hostname} has propagated`);
}
add waitfordns.js (refactored from appstore) 2015-12-11 13:14:27 -08:00			`'use strict';`

			`exports = module.exports = waitForDns;`

use node: prefix for requires 2025-08-14 11:17:38 +05:30			`const assert = require('node:assert'),`
Move DomainsError to BoxError 2019-10-23 10:02:04 -07:00			`BoxError = require('../boxerror.js'),`
Make waitForDns provider specific 2016-12-14 12:27:11 -08:00			`debug = require('debug')('box:dns/waitfordns'),`
make waitForDns async 2022-02-03 16:15:14 -08:00			`dig = require('../dig.js'),`
dig: use built-in resolver timeout 2023-06-30 18:34:53 +05:30			`dns = require('node:dns'),`
make waitForDns async 2022-02-03 16:15:14 -08:00			`promiseRetry = require('../promise-retry.js'),`
dns: resolve cname records using unbound 2023-01-25 09:57:07 +01:00			`safe = require('safetydance'),`
replace underscore with our own 2025-02-13 14:03:25 +01:00			`_ = require('../underscore.js');`
add waitfordns.js (refactored from appstore) 2015-12-11 13:14:27 -08:00
make waitForDns async 2022-02-03 16:15:14 -08:00			`async function resolveIp(hostname, type, options) {`
Follow CNAME records 2018-02-08 14:55:06 -08:00			`assert.strictEqual(typeof hostname, 'string');`
waitForDns: support AAAA 2022-01-06 22:07:26 -08:00			`assert(type === 'A' \|\| type === 'AAAA');`
Follow CNAME records 2018-02-08 14:55:06 -08:00			`assert.strictEqual(typeof options, 'object');`

			`// try A record at authoritative server`
waitfordns: better debugs 2024-04-26 14:46:01 +02:00			debug(`resolveIp: Checking ${type} for ${hostname} at ${options.server}`);
make waitForDns async 2022-02-03 16:15:14 -08:00			`const [error, results] = await safe(dig.resolve(hostname, type, options));`
			`if (!error && results.length !== 0) return results;`

			`// try CNAME record at authoritative server`
waitfordns: better debugs 2024-04-26 14:46:01 +02:00			debug(`resolveIp: No ${type}. Checking CNAME for ${hostname} at ${options.server}`);
make waitForDns async 2022-02-03 16:15:14 -08:00			`const cnameResults = await dig.resolve(hostname, 'CNAME', options);`
			`if (cnameResults.length === 0) return cnameResults;`

			`// recurse lookup the CNAME record`
waitfordns: better debugs 2024-04-26 14:46:01 +02:00			debug(`resolveIp: found CNAME for ${hostname}. resolving ${cnameResults[0]}`);
replace underscore with our own 2025-02-13 14:03:25 +01:00			`return await dig.resolve(cnameResults[0], type, _.omit(options, ['server']));`
Follow CNAME records 2018-02-08 14:55:06 -08:00			`}`

make waitForDns async 2022-02-03 16:15:14 -08:00			`async function isChangeSynced(hostname, type, value, nameserver) {`
rework dns api to take domainObject 2019-01-04 18:44:54 -08:00			`assert.strictEqual(typeof hostname, 'string');`
Enhance waitForDns to support TXT records 2018-09-11 19:09:30 -07:00			`assert.strictEqual(typeof type, 'string');`
Remove type argument from waitForDns 2018-02-08 14:19:14 -08:00			`assert.strictEqual(typeof value, 'string');`
add waitfordns.js (refactored from appstore) 2015-12-11 13:14:27 -08:00			`assert.strictEqual(typeof nameserver, 'string');`

			`// ns records cannot have cname`
waitfordns: resolve and check against NS' IPv6 address 2024-04-26 17:41:51 +02:00			`const [error4, nsIPv4s] = await safe(dig.resolve(nameserver, 'A', { timeout: 5000 }));`
			`const [error6, nsIPv6s] = await safe(dig.resolve(nameserver, 'AAAA', { timeout: 5000 }));`

			`if (error4 && error6) {`
			debug(`isChangeSynced: cannot resolve NS ${nameserver}`); // NS doesn't resolve at all; it's fine
make waitForDns async 2022-02-03 16:15:14 -08:00			`return true;`
			`}`

waitfordns: resolve and check against NS' IPv6 address 2024-04-26 17:41:51 +02:00			`const nsIPs = [].concat(nsIPv4s \|\| []).concat(nsIPv6s \|\| []);`
make waitForDns async 2022-02-03 16:15:14 -08:00			`const status = [];`
waitfordns: resolve and check against NS' IPv6 address 2024-04-26 17:41:51 +02:00			`for (let i = 0; i < nsIPs.length; i++) {`
			`const nsIp = nsIPs[i];`
dig: set tries parameter 2024-09-18 15:25:48 +02:00			`const resolveOptions = { server: nsIp, timeout: 5000, tries: 1 };`
make waitForDns async 2022-02-03 16:15:14 -08:00			`const resolver = type === 'A' \|\| type === 'AAAA' ? resolveIp(hostname, type, resolveOptions) : dig.resolve(hostname, 'TXT', resolveOptions);`

			`const [error, answer] = await safe(resolver);`
waitfordns: resolve and check against NS' IPv6 address 2024-04-26 17:41:51 +02:00			`// CONNREFUSED - when there is no ipv4/ipv6 connectivity. REFUSED - server won't answer maybe by policy`
			`if (error && (error.code === dns.TIMEOUT \|\| error.code === dns.REFUSED \|\| error.code === dns.CONNREFUSED)) {`
waitfordns: ignore REFUSED error 2023-09-10 06:17:43 +05:30			debug(`isChangeSynced: NS ${nameserver} (${nsIp}) not resolving ${hostname} (${type}): ${error}. Ignoring`);
make waitForDns async 2022-02-03 16:15:14 -08:00			`status[i] = true; // should be ok if dns server is down`
			`continue;`
it is fine for one or more ns to be dead 2016-04-25 15:58:42 -07:00			`}`
add waitfordns.js (refactored from appstore) 2015-12-11 13:14:27 -08:00
make waitForDns async 2022-02-03 16:15:14 -08:00			`if (error) {`
			debug(`isChangeSynced: NS ${nameserver} (${nsIp}) errored when resolve ${hostname} (${type}): ${error}`);
			`status[i] = false;`
			`continue;`
			`}`
Enhance waitForDns to support TXT records 2018-09-11 19:09:30 -07:00
make waitForDns async 2022-02-03 16:15:14 -08:00			`let match;`
			`if (type === 'A' \|\| type === 'AAAA') {`
			`match = answer.length === 1 && answer[0] === value;`
			`} else if (type === 'TXT') { // answer is a 2d array of strings`
			`match = answer.some(function (a) { return value === a.join(''); });`
			`}`
add waitfordns.js (refactored from appstore) 2015-12-11 13:14:27 -08:00
make waitForDns async 2022-02-03 16:15:14 -08:00			debug(`isChangeSynced: ${hostname} (${type}) was resolved to ${answer} at NS ${nameserver} (${nsIp}). Expecting ${value}. Match ${match}`);
			`status[i] = match;`
			`}`
remove native-dns and use dig directly 2017-05-26 15:15:01 -07:00
make waitForDns async 2022-02-03 16:15:14 -08:00			`return status.every(s => s === true);`
debug the zoneName in waitForDns 2018-01-09 16:09:47 -08:00			`}`
add waitfordns.js (refactored from appstore) 2015-12-11 13:14:27 -08:00
			`// check if IP change has propagated to every nameserver`
make waitForDns async 2022-02-03 16:15:14 -08:00			`async function waitForDns(hostname, zoneName, type, value, options) {`
rework dns api to take domainObject 2019-01-04 18:44:54 -08:00			`assert.strictEqual(typeof hostname, 'string');`
make waitForDns take zone name argument 2017-06-11 22:12:23 -07:00			`assert.strictEqual(typeof zoneName, 'string');`
waitForDns: support AAAA 2022-01-06 22:07:26 -08:00			`assert(type === 'A' \|\| type === 'AAAA' \|\| type === 'TXT');`
Remove type argument from waitForDns 2018-02-08 14:19:14 -08:00			`assert.strictEqual(typeof value, 'string');`
pass retry options to waitForDns 2016-06-21 15:12:36 -05:00			`assert(options && typeof options === 'object'); // { interval: 5000, times: 50000 }`
add waitfordns.js (refactored from appstore) 2015-12-11 13:14:27 -08:00
better debugs 2022-02-24 12:57:56 -08:00			debug(`waitForDns: waiting for ${hostname} to be ${value} in zone ${zoneName}`);
add waitfordns.js (refactored from appstore) 2015-12-11 13:14:27 -08:00
make waitForDns async 2022-02-03 16:15:14 -08:00			`await promiseRetry(Object.assign({ debug }, options), async function () {`
			`const nameservers = await dig.resolve(zoneName, 'NS', { timeout: 5000 });`
			`if (!nameservers) throw new BoxError(BoxError.EXTERNAL_ERROR, 'Unable to get nameservers');`
better debugs 2022-02-24 12:57:56 -08:00			debug(`waitForDns: nameservers are ${JSON.stringify(nameservers)}`);
add waitfordns.js (refactored from appstore) 2015-12-11 13:14:27 -08:00
make waitForDns async 2022-02-03 16:15:14 -08:00			`for (const nameserver of nameservers) {`
			`const synced = await isChangeSynced(hostname, type, value, nameserver);`
better debugs 2022-02-24 12:57:56 -08:00			debug(`waitForDns: ${hostname} at ns ${nameserver}: ${synced ? 'done' : 'not done'} `);
make waitForDns async 2022-02-03 16:15:14 -08:00			`if (!synced) throw new BoxError(BoxError.EXTERNAL_ERROR, 'ETRYAGAIN');`
			`}`
debug the zoneName in waitForDns 2018-01-09 16:09:47 -08:00			`});`
make waitForDns async 2022-02-03 16:15:14 -08:00
			debug(`waitForDns: ${hostname} has propagated`);
add waitfordns.js (refactored from appstore) 2015-12-11 13:14:27 -08:00			`}`