Rebar 3 support for dns_erlang

[rikribbers]

Added rebar3 to dns_erlang.

[tsloughter]

Was about to do this myself, +1 :). Would also be great to get it published to hex.pm

[aeden]

When I attempt to build https://github.com/aetrion/erl-dns (which is still using the old rebar) using the rikribbers:master, I hit the following error:

Uncaught error in rebar_core: {'EXIT',
                               {function_clause,
                                [{code,which,
                                  [{rebar3_asn1_compiler,"1.0.0"}],
                                  [{file,"code.erl"},{line,412}]},
                                 {rebar_core,'-plugin_modules/3-lc$^0/1-0-',
                                  1,
                                  [{file,"src/rebar_core.erl"},{line,482}]},
                                 {rebar_core,plugin_modules,3,
                                  [{file,"src/rebar_core.erl"},{line,482}]},
                                 {rebar_core,process_dir1,6,
                                  [{file,"src/rebar_core.erl"},{line,165}]},
                                 {rebar_core,process_each,5,
                                  [{file,"src/rebar_core.erl"},{line,268}]},
                                 {rebar_core,process_dir1,6,
                                  [{file,"src/rebar_core.erl"},{line,213}]},
                                 {rebar_core,process_commands,2,
                                  [{file,"src/rebar_core.erl"},{line,61}]},
                                 {rebar,main,1,
                                  [{file,"src/rebar.erl"},{line,58}]}]}}
make: *** [build] Error 1

Does this indicate that rebar and rebar3 will not play nicely together, and thus erldns needs to be updated to use rebar3 first?

[rikribbers]

Propably the fact that rebar is used I would say....

However I had some other problems in my own project, so I switched from asn1 provider. I will update the pull request to include this change.

[andrewtj]

DSA/SHA1 support probably has limited utility at this point. Unless ASN1 is needed to implement ECDSA I wouldn't jump through too many hoops to get it working with both rebars.

[aeden]

ECDSA isn't necessary for us right now, however CloudFlare is pushing it as a better algorithm for dynamic zone signing ( https://www.cloudflare.com/dnssec/ecdsa-and-dnssec/ ), so it may become important at some point.

Would it make sense to just focus on getting it working under rebar3?

[rikribbers]

slightly off-topic but interesting though: There is a paper on ECDSA for DNSSEC

The blog-post in only in dutch, but thank to google translate you will get the details:

https://translate.google.com/translate?sl=nl&tl=en&js=y&prev=_t&hl=nl&ie=UTF-8&u=https%3A%2F%2Fwww.sidnlabs.nl%2Fa%2Fweblog%2Fsidn-waarschuwt-voor-kwetsbare-dnssec-instellingen&edit-text=

[rikribbers]

removed rebar.lock from .gitignore based on this discussion https://github.com/aetrion/erl-dns/pull/43#issuecomment-184369204

[andrewtj]

@aeden Probably. I'm a bit out of the loop with Erlang so I'm not sure how important rebar, rebar3, erlang.mk and whatever else are. As it stands dnssec:verify_rrsig/4 with DSA/SHA1 is broken on Erlang 18.0. It's a couple line patch to update it to the current crypto API though that's without covering tests. (Haven't looked at signing yet.)

[andrewtj]

Signing with DSA/SHA1 is also broken. The dnssec tests have a couple of issues: only RSA is properly covered and the public key to DNSKEY helper doesn't work correctly with DSA. It wouldn't take much for me to prepare a PR with fixes and tests but it's probably better to get the scalpel out instead.

[rikribbers]

very old pull request; cleaning it up