Unify instances of "additionals" -> "additional" when referring to the section as a whole (#487)

* additionals -> additional

* Revert "additionals -> additional"

This reverts commit d755d3e.

* only change authorities for user-visible fields, leave plural for sets of authority records in the code

* use x_section to allign with dig

* Revert "use x_section to allign with dig"

This reverts commit c6fe501.

* pluralized

* fix dnssec pluralization

* remove overzealous find/replace

* missed a few more

* pr cleanup

* singular module name DNSKEY

---------

Co-authored-by: Zakir Durumeric <[email protected]>

Author: phillip-stephens

README.md

@@ -113,7 +113,7 @@ Lookup Modules
 --------------
 
 Raw DNS responses frequently do not provide the data you _want_. For example,
-an MX response may not include the associated A records in the additionals
+an MX response may not include the associated A records in the additional
 section requiring an additional lookup. To address this gap and provide a
 friendlier interface, we also provide several _lookup_ modules: `alookup`,
 `mxlookup`, and `nslookup`.

src/cli/worker_manager_test.go

@@ -76,7 +76,7 @@ func TestConvertNameServerStringToNameServer(t *testing.T) {
 		containsExpectedNameServerStrings(t, nses, expectedNSes)
 	})
 	t.Run("Bad domain name", func(t *testing.T) {
-		_, err := convertNameServerStringToNameServer("bad.domain.name", zdns.IPv4OrIPv6, false, false)
+		_, err := convertNameServerStringToNameServer("bad.domain.name.random.j83bs", zdns.IPv4OrIPv6, false, false)
 		require.Error(t, err)
 	})
 	t.Run("Bad IP address", func(t *testing.T) {

src/zdns/alookup.go

@@ -82,15 +82,15 @@ func getIPAddressesFromQueryResult(res *SingleQueryResult, queryType, name strin
 	if res == nil {
 		return nil, errors.New("nil SingleQueryResult")
 	}
-	ips := make([]string, 0, len(res.Answers)+len(res.Additional))
+	ips := make([]string, 0, len(res.Answers)+len(res.Additionals))
 	for _, ans := range res.Answers {
 		if a, ok := ans.(Answer); ok {
 			if a.Type == queryType {
 				ips = append(ips, a.Answer)
 			}
 		}
 	}
-	for _, ans := range res.Additional {
+	for _, ans := range res.Additionals {
 		if a, ok := ans.(Answer); ok {
 			if a.Type == queryType {
 				ips = append(ips, a.Answer)

src/zdns/cache.go

@@ -136,7 +136,7 @@ func (s *Cache) getCachedResult(q Question, ns *NameServer, isAuthority bool, de
 	retv = new(SingleQueryResult)
 	retv.Answers = make([]interface{}, 0, len(cachedRes.Answers))
 	retv.Authorities = make([]interface{}, 0, len(cachedRes.Authorities))
-	retv.Additional = make([]interface{}, 0, len(cachedRes.Additionals))
+	retv.Additionals = make([]interface{}, 0, len(cachedRes.Additionals))
 	retv.Flags = cachedRes.Flags
 	retv.DNSSECResult = cachedRes.DNSSECResult
 	// great we have a result. let's go through the entries and build a result. In the process, throw away anything
@@ -163,11 +163,11 @@ func (s *Cache) getCachedResult(q Question, ns *NameServer, isAuthority bool, de
 			partiallyExpired = true
 			s.VerboseLog(depth+2, "expiring cache additional ", cachedAdditional.Answer.BaseAns().Name)
 		} else {
-			retv.Additional = append(retv.Additional, cachedAdditional.Answer)
+			retv.Additionals = append(retv.Additionals, cachedAdditional.Answer)
 		}
 	}
 	// Don't return an empty response.
-	if len(retv.Answers) == 0 && len(retv.Authorities) == 0 && len(retv.Additional) == 0 {
+	if len(retv.Answers) == 0 && len(retv.Authorities) == 0 && len(retv.Additionals) == 0 {
 		// remove from cache since it's completely expired
 		s.IterativeCache.Delete(cacheKey)
 		s.VerboseLog(depth+2, "-> no entry found in cache, after expiration for ", cacheKey, ", removing from cache")
@@ -229,8 +229,8 @@ func (s *Cache) buildCachedResult(res *SingleQueryResult, depth int, layer strin
 			})
 		}
 	}
-	cachedRes.Additionals = make([]TimedAnswer, 0, len(res.Additional))
-	for _, a := range res.Additional {
+	cachedRes.Additionals = make([]TimedAnswer, 0, len(res.Additionals))
+	for _, a := range res.Additionals {
 		castAns, expiresAt := getExpirationForSafeAnswer(a)
 		if castAns != nil {
 			cachedRes.Additionals = append(cachedRes.Additionals, TimedAnswer{
@@ -252,7 +252,7 @@ func (s *Cache) SafeAddCachedAnswer(q Question, res *SingleQueryResult, ns *Name
 		nsString = ns.String()
 	}
 	// check for poison
-	for _, a := range util.Concat(res.Answers, res.Authorities, res.Additional) {
+	for _, a := range util.Concat(res.Answers, res.Authorities, res.Additionals) {
 		castAns, ok := a.(WithBaseAnswer)
 		if !ok {
 			// if we can't cast, it won't be added to the cache. We'll log in buildCachedResult

src/zdns/cache_test.go

@@ -38,7 +38,7 @@ func TestNoNameServerLookupSuccess(t *testing.T) {
 			Name:    "google.com",
 			Answer:  "192.0.2.1",
 		}},
-		Additional:  nil,
+		Additionals: nil,
 		Authorities: nil,
 		Protocol:    "",
 		Flags:       DNSFlags{Authoritative: true},
@@ -59,7 +59,7 @@ func TestNoNameServerLookupForNamedNameServer(t *testing.T) {
 			Name:    "google.com",
 			Answer:  "192.0.2.1",
 		}},
-		Additional:  nil,
+		Additionals: nil,
 		Authorities: nil,
 		Protocol:    "",
 		Flags:       DNSFlags{Authoritative: true},
@@ -83,7 +83,7 @@ func TestNamedServerLookupForNonNamedNameServer(t *testing.T) {
 			Name:    "google.com",
 			Answer:  "192.0.2.1",
 		}},
-		Additional:  nil,
+		Additionals: nil,
 		Authorities: nil,
 		Protocol:    "",
 		Flags:       DNSFlags{Authoritative: true},
@@ -107,7 +107,7 @@ func TestNamedServerLookupForNamedNameServer(t *testing.T) {
 			Name:    "google.com",
 			Answer:  "192.0.2.1",
 		}},
-		Additional:  nil,
+		Additionals: nil,
 		Authorities: nil,
 		Protocol:    "",
 		Flags:       DNSFlags{Authoritative: true},
@@ -134,7 +134,7 @@ func TestNoNameServerLookupNotAuthoritative(t *testing.T) {
 			Name:    "google.com",
 			Answer:  "192.0.2.1",
 		}},
-		Additional:  nil,
+		Additionals: nil,
 		Authorities: nil,
 		Protocol:    "",
 		Flags:       DNSFlags{Authoritative: false},

src/zdns/dnssec.go

@@ -62,8 +62,8 @@ const NSEC3OptOutFlag = 0x01
 // - *DNSSECResult: Contains validation results for all message sections:
 //   - Status: Overall DNSSEC validation status (Secure/Insecure/Bogus/Indeterminate)
 //   - DS: Collection of DS records actually used during validation
-//   - DNSKEY: Collection of DNSKEY records actually used during validation
-//   - Answer/Additional/Authoritative: Per-RRset validation results
+//   - DNSKEYs: Collection of DNSKEY records actually used during validation
+//   - Answers/Additionals/Authorities: Per-RRset validation results
 //
 // - Trace: Updated trace context containing validation path
 func (v *dNSSECValidator) validate(layer string, msg *dns.Msg, nameServer *NameServer, depth int, trace Trace) (*DNSSECResult, Trace) {
@@ -99,28 +99,28 @@ func (v *dNSSECValidator) validate(layer string, msg *dns.Msg, nameServer *NameS
 		// Validate the answer section
 		var sectionRes []DNSSECPerSetResult
 		sectionRes, trace = v.validateSection(v.msg.Answer, depth, trace)
-		result.Answer = sectionRes
+		result.Answers = sectionRes
 
 		// If the message is authoritative, we drop the additional and authoritative sections
 		// in Resolver.iterativeLookup, hence no need to validate them here. Validating them
 		// causes circular lookups in some cases and can confuse the user.
 		if !v.msg.Authoritative {
 			// Validate the additional section
 			sectionRes, trace = v.validateSection(v.msg.Extra, depth, trace)
-			result.Additional = sectionRes
+			result.Additionals = sectionRes
 
 			// Validate the authoritative section
 			sectionRes, trace = v.validateSection(v.msg.Ns, depth, trace)
-			result.Authoritative = sectionRes
+			result.Authorities = sectionRes
 		}
 
 		for ds := range v.ds {
 			parsed := ParseAnswer(&ds).(DSAnswer) //nolint:golint,errcheck
-			result.DS = append(result.DS, &parsed)
+			result.DSes = append(result.DSes, &parsed)
 		}
 		for dnskey := range v.dNSKEY {
 			parsed := ParseAnswer(&dnskey).(DNSKEYAnswer) //nolint:golint,errcheck
-			result.DNSKEY = append(result.DNSKEY, &parsed)
+			result.DNSKEYs = append(result.DNSKEYs, &parsed)
 		}
 
 		result.populateStatus()
@@ -277,7 +277,7 @@ func (v *dNSSECValidator) findSEPsFromAnswer(rrSet []dns.RR, signerDomain string
 	}
 
 	if len(dnskeys) == 0 {
-		return nil, trace, errors.New("could not find any DNSKEY")
+		return nil, trace, errors.New("could not find any DNSKEYs")
 	}
 
 	// Find SEP keys
@@ -328,7 +328,7 @@ func (v *dNSSECValidator) getDNSKEYs(signerDomain string, trace Trace, depth int
 	} else if res.DNSSECResult != nil && res.DNSSECResult.Status != DNSSECSecure { // 	// DNSSECResult may be nil if the response is from the cache.
 		v.r.verboseLog(depth, fmt.Sprintf("DNSSEC: Failed to get DNSKEYs for signer domain %s, DNSSEC status: %s", signerDomain, res.DNSSECResult.Status))
 
-		if prevResult := getResultForRRset(RRsetKey(dnskeyQuestion.Q), res.DNSSECResult.Answer); prevResult != nil && prevResult.Error != "" {
+		if prevResult := getResultForRRset(RRsetKey(dnskeyQuestion.Q), res.DNSSECResult.Answers); prevResult != nil && prevResult.Error != "" {
 			return nil, nil, trace, fmt.Errorf("DNSKEY fetch failed: %s", prevResult.Error)
 		} else {
 			return nil, nil, trace, errors.New(res.DNSSECResult.Reason)
@@ -403,7 +403,7 @@ func (v *dNSSECValidator) fetchDSRecords(signerDomain string, trace Trace, depth
 	} else if res.DNSSECResult != nil && res.DNSSECResult.Status != DNSSECSecure {
 		v.r.verboseLog(depth, fmt.Sprintf("DNSSEC: Failed to get DS records for signer domain %s, DNSSEC status: %s", signerDomain, res.DNSSECResult.Status))
 
-		if prevResult := getResultForRRset(RRsetKey(dsQuestion.Q), res.DNSSECResult.Authoritative); prevResult != nil && prevResult.Error != "" {
+		if prevResult := getResultForRRset(RRsetKey(dsQuestion.Q), res.DNSSECResult.Authorities); prevResult != nil && prevResult.Error != "" {
 			return nil, false, trace, fmt.Errorf("DS fetch failed: %s", prevResult.Error)
 		} else {
 			return nil, false, trace, errors.New(res.DNSSECResult.Reason)

src/zdns/dnssec_types.go

@@ -45,13 +45,13 @@ type DNSSECPerSetResult struct {
 
 // DNSSECResult captures all information generated during a DNSSEC validation
 type DNSSECResult struct {
-	Status        DNSSECStatus         `json:"status" groups:"dnssec,dnssec,normal,long,trace"`
-	Reason        string               `json:"reason" groups:"dnssec,dnssec,normal,long,trace"`
-	DS            []*DSAnswer          `json:"ds" groups:"dnssec,long,trace"`
-	DNSKEY        []*DNSKEYAnswer      `json:"dnskey" groups:"dnssec,long,trace"`
-	Answer        []DNSSECPerSetResult `json:"answer" groups:"dnssec,long,trace"`
-	Additional    []DNSSECPerSetResult `json:"additional" groups:"dnssec,long,trace"`
-	Authoritative []DNSSECPerSetResult `json:"authoritative" groups:"dnssec,long,trace"`
+	Status      DNSSECStatus         `json:"status" groups:"dnssec,dnssec,normal,long,trace"`
+	Reason      string               `json:"reason" groups:"dnssec,dnssec,normal,long,trace"`
+	DSes        []*DSAnswer          `json:"dses" groups:"dnssec,long,trace"`
+	DNSKEYs     []*DNSKEYAnswer      `json:"dnskeys" groups:"dnssec,long,trace"`
+	Answers     []DNSSECPerSetResult `json:"answers" groups:"dnssec,long,trace"`
+	Additionals []DNSSECPerSetResult `json:"additionals" groups:"dnssec,long,trace"`
+	Authorities []DNSSECPerSetResult `json:"authorities" groups:"dnssec,long,trace"`
 }
 
 func getResultForRRset(rrsetKey RRsetKey, results []DNSSECPerSetResult) *DNSSECPerSetResult {
@@ -100,13 +100,13 @@ func (v *dNSSECValidator) resetDNSSECValidator(msg *dns.Msg, nameServer *NameSer
 // makeDNSSECResult creates and initializes a new DNSSECResult instance
 func makeDNSSECResult() *DNSSECResult {
 	return &DNSSECResult{
-		Status:        DNSSECIndeterminate,
-		Reason:        "",
-		DS:            make([]*DSAnswer, 0),
-		DNSKEY:        make([]*DNSKEYAnswer, 0),
-		Answer:        make([]DNSSECPerSetResult, 0),
-		Additional:    make([]DNSSECPerSetResult, 0),
-		Authoritative: make([]DNSSECPerSetResult, 0),
+		Status:      DNSSECIndeterminate,
+		Reason:      "",
+		DSes:        make([]*DSAnswer, 0),
+		DNSKEYs:     make([]*DNSKEYAnswer, 0),
+		Answers:     make([]DNSSECPerSetResult, 0),
+		Additionals: make([]DNSSECPerSetResult, 0),
+		Authorities: make([]DNSSECPerSetResult, 0),
 	}
 }
 
@@ -129,7 +129,7 @@ func (r *DNSSECResult) populateStatus() {
 	r.Status = DNSSECSecure
 
 	// Check for bogus results first (highest priority)
-	checkSections := [][]DNSSECPerSetResult{r.Answer, r.Additional, r.Authoritative}
+	checkSections := [][]DNSSECPerSetResult{r.Answers, r.Additionals, r.Authorities}
 	for _, section := range checkSections {
 		for _, result := range section {
 			if result.Status == DNSSECBogus {
@@ -140,7 +140,7 @@ func (r *DNSSECResult) populateStatus() {
 		}
 	}
 
-	for _, result := range r.Answer {
+	for _, result := range r.Answers {
 		if result.Status == DNSSECInsecure {
 			// This is considered bogus. If we are at this point, we know a DS exists for
 			// the zone, so the answer section (authoritative data) should be signed.
@@ -156,7 +156,7 @@ func (r *DNSSECResult) populateStatus() {
 	}
 
 	// Check DNSSEC-related RRsets in other sections
-	for _, section := range [][]DNSSECPerSetResult{r.Additional, r.Authoritative} {
+	for _, section := range [][]DNSSECPerSetResult{r.Additionals, r.Authorities} {
 		for _, result := range section {
 			if isDNSSECType(result.RRset.Type) {
 				if result.Status == DNSSECInsecure {

src/zdns/lookup.go

@@ -327,7 +327,7 @@ func (r *Resolver) filterNameServersForUniqueNames(nameServers []NameServer) []N
 			}
 		}
 		if ipv4NS == nil && ipv6NS == nil {
-			// can be the case that nameservers don't have IPs (like if we have an authority but no additionals)
+			// can be the case that nameservers don't have IPs (like if we have an authority but no additional)
 			// use the first NS if so
 			if len(nsSlice) > 0 {
 				filteredNameServersSet = append(filteredNameServersSet, nsSlice[0])
@@ -472,7 +472,7 @@ func (r *Resolver) extractNameServersFromLayerResults(layerResults []ExtendedRes
 		if res.Status != StatusNoError {
 			continue
 		}
-		for _, ans := range res.Res.Additional {
+		for _, ans := range res.Res.Additionals {
 			if a, ok := ans.(Answer); ok {
 				uniqueAdditionals[mapKey{Type: a.RrType, Name: a.Name, Answer: a.Answer}] = a
 			}
@@ -695,16 +695,16 @@ func (r *Resolver) iterativeLookup(ctx context.Context, qWithMeta *QuestionWithM
 		r.verboseLog((depth + 1), "-> error occurred during lookup")
 		return result, trace, status, err
 	} else if len(result.Answers) != 0 || result.Flags.Authoritative {
-		// DS records is authoritative from parent NS and will be in Authority section. Avoid dropping them.
+		// DS records are authoritative from parent NS and will be in Authority section. Avoid dropping them.
 		if len(result.Answers) != 0 && qWithMeta.Q.Type != dns.TypeDS {
 			r.verboseLog((depth + 1), "-> answers found")
 			if len(result.Authorities) > 0 {
 				r.verboseLog((depth + 2), "Dropping ", len(result.Authorities), " authority answers from output")
 				result.Authorities = make([]interface{}, 0)
 			}
-			if len(result.Additional) > 0 {
-				r.verboseLog((depth + 2), "Dropping ", len(result.Additional), " additional answers from output")
-				result.Additional = make([]interface{}, 0)
+			if len(result.Additionals) > 0 {
+				r.verboseLog((depth + 2), "Dropping ", len(result.Additionals), " additional answers from output")
+				result.Additionals = make([]interface{}, 0)
 			}
 		} else {
 			r.verboseLog((depth + 1), "-> authoritative response found")
@@ -868,7 +868,7 @@ func (r *Resolver) cachedLookup(ctx context.Context, q Question, nameServer *Nam
 			if ok {
 				r.verboseLog(depth+2, "Cache auth hit for ", authName)
 				// only want to return if we actually have additionals and authorities from the cache for the caller
-				if len(cachedResult.Additional) > 0 && len(cachedResult.Authorities) > 0 {
+				if len(cachedResult.Additionals) > 0 && len(cachedResult.Authorities) > 0 {
 					return cachedResult, true, StatusNoError, trace, nil
 				}
 				// unsuccessful in retrieving from the cache, we'll continue to the wire
@@ -1010,7 +1010,7 @@ func doDoTLookup(ctx context.Context, connInfo *ConnectionInfo, q Question, name
 		Protocol:    DoTProtocol,
 		Answers:     []interface{}{},
 		Authorities: []interface{}{},
-		Additional:  []interface{}{},
+		Additionals: []interface{}{},
 	}
 	// if we have it, add the TLS handshake info
 	if connInfo.tlsHandshake != nil {
@@ -1082,7 +1082,7 @@ func doDoHLookup(ctx context.Context, httpClient *http.Client, q Question, nameS
 		Protocol:    DoHProtocol,
 		Answers:     []interface{}{},
 		Authorities: []interface{}{},
-		Additional:  []interface{}{},
+		Additionals: []interface{}{},
 	}
 	if resp.Request != nil && resp.Request.TLSLog != nil {
 		processor := output.Processor{Verbose: false}
@@ -1098,7 +1098,7 @@ func doDoHLookup(ctx context.Context, httpClient *http.Client, q Question, nameS
 
 // wireLookupTCP performs a DNS lookup on-the-wire over TCP with the given parameters
 func wireLookupTCP(ctx context.Context, connInfo *ConnectionInfo, q Question, nameServer *NameServer, ednsOptions []dns.EDNS0, recursive, dnssec, checkingDisabled bool) (*SingleQueryResult, *dns.Msg, Status, error) {
-	res := SingleQueryResult{Answers: []interface{}{}, Authorities: []interface{}{}, Additional: []interface{}{}}
+	res := SingleQueryResult{Answers: []interface{}{}, Authorities: []interface{}{}, Additionals: []interface{}{}}
 	res.Resolver = nameServer.String()
 
 	m := new(dns.Msg)
@@ -1152,7 +1152,7 @@ func wireLookupTCP(ctx context.Context, connInfo *ConnectionInfo, q Question, na
 
 // wireLookupUDP performs a DNS lookup on-the-wire over UDP with the given parameters
 func wireLookupUDP(ctx context.Context, connInfo *ConnectionInfo, q Question, nameServer *NameServer, ednsOptions []dns.EDNS0, recursive, dnssec, checkingDisabled bool) (*SingleQueryResult, *dns.Msg, Status, error) {
-	res := SingleQueryResult{Answers: []interface{}{}, Authorities: []interface{}{}, Additional: []interface{}{}}
+	res := SingleQueryResult{Answers: []interface{}{}, Authorities: []interface{}{}, Additionals: []interface{}{}}
 	res.Resolver = nameServer.String()
 	res.Protocol = "udp"
 
@@ -1196,7 +1196,7 @@ func constructSingleQueryResultFromDNSMsg(res *SingleQueryResult, r *dns.Msg) (*
 		for _, ans := range r.Extra {
 			inner := ParseAnswer(ans)
 			if inner != nil {
-				res.Additional = append(res.Additional, inner)
+				res.Additionals = append(res.Additionals, inner)
 			}
 		}
 		return res, r, TranslateDNSErrorCode(r.Rcode), nil
@@ -1221,7 +1221,7 @@ func constructSingleQueryResultFromDNSMsg(res *SingleQueryResult, r *dns.Msg) (*
 	for _, ans := range r.Extra {
 		inner := ParseAnswer(ans)
 		if inner != nil {
-			res.Additional = append(res.Additional, inner)
+			res.Additionals = append(res.Additionals, inner)
 		}
 	}
 	for _, ans := range r.Ns {