Improve code quality

Meldiron · Meldiron · commit 6bb1aa818811 · 2025-11-06T11:44:07.000+01:00
diff --git a/src/DNS/Client.php b/src/DNS/Client.php
@@ -3,6 +3,7 @@
 namespace Utopia\DNS;
 
 use Exception;
+use Utopia\Validator\IP;
 
 class Client
 {
@@ -14,6 +15,11 @@ class Client
 
     public function __construct(string $server = '127.0.0.1', int $port = 53, int $timeout = 5)
     {
+        $validator = new IP(IP::ALL); // IPv4 + IPv6
+        if (!$validator->isValid($server)) {
+            throw new Exception('Server must be an IP address.');
+        }
+
         $this->server = $server;
         $this->port = $port;
         $this->timeout = $timeout;
diff --git a/src/DNS/Validator/DNS.php b/src/DNS/Validator/DNS.php
@@ -41,20 +41,6 @@ class DNS extends Validator
      */
     public function __construct(protected string $target, protected string $type = self::RECORD_CNAME, protected string $dnsServer = self::DEFAULT_DNS_SERVER)
     {
-        if (!filter_var($dnsServer, FILTER_VALIDATE_IP)) {
-            $dns = new Client(self::DEFAULT_DNS_SERVER);
-            $question = new Question($dnsServer, Record::TYPE_A); // TODO: ipv6 support
-            $query = Message::query($question, recursionDesired: true);
-            $response = $dns->query($query);
-            $answer = $response->answers[0] ?? null;
-            $aRecord = $answer->rdata ?? '';
-
-            if (empty($aRecord)) {
-                throw new \Exception('Invalid DNS server.');
-            }
-
-            $this->dnsServer = $aRecord;
-        }
     }
 
     /**
diff --git a/tests/e2e/DNS/ClientTest.php b/tests/e2e/DNS/ClientTest.php
@@ -14,7 +14,7 @@ final class ClientTest extends TestCase
 
     public function testARecords(): void
     {
-        $client = new Client('localhost', self::PORT);
+        $client = new Client('127.0.0.1', self::PORT);
         $response = $client->query(Message::query(
             new Question('dev.appwrite.io', Record::TYPE_A)
         ));
@@ -49,7 +49,7 @@ public function testARecords(): void
 
     public function testAAAARecords(): void
     {
-        $client = new Client('localhost', self::PORT);
+        $client = new Client('127.0.0.1', self::PORT);
         $response = $client->query(Message::query(
             new Question('dev.appwrite.io', Record::TYPE_AAAA)
         ));
@@ -79,7 +79,7 @@ public function testAAAARecords(): void
 
     public function testCnameRecords(): void
     {
-        $client = new Client('localhost', self::PORT);
+        $client = new Client('127.0.0.1', self::PORT);
         $response = $client->query(Message::query(
             new Question('alias.appwrite.io', Record::TYPE_CNAME)
         ));
@@ -102,7 +102,7 @@ public function testCnameRecords(): void
 
     public function testTxtRecords(): void
     {
-        $client = new Client('localhost', self::PORT);
+        $client = new Client('127.0.0.1', self::PORT);
         $response = $client->query(Message::query(
             new Question('dev.appwrite.io', Record::TYPE_TXT)
         ));
@@ -128,7 +128,7 @@ public function testTxtRecords(): void
 
     public function testNsRecords(): void
     {
-        $client = new Client('localhost', self::PORT);
+        $client = new Client('127.0.0.1', self::PORT);
         $response = $client->query(Message::query(
             new Question('delegated.appwrite.io', Record::TYPE_NS)
         ));
@@ -161,7 +161,7 @@ public function testNsRecords(): void
 
     public function testCaaRecords(): void
     {
-        $client = new Client('localhost', self::PORT);
+        $client = new Client('127.0.0.1', self::PORT);
         $response = $client->query(Message::query(
             new Question('dev.appwrite.io', Record::TYPE_CAA)
         ));
@@ -187,7 +187,7 @@ public function testCaaRecords(): void
 
     public function testSoaRecords(): void
     {
-        $client = new Client('localhost', self::PORT);
+        $client = new Client('127.0.0.1', self::PORT);
         $response = $client->query(Message::query(
             new Question('appwrite.io', Record::TYPE_SOA)
         ));
@@ -220,4 +220,39 @@ public function testSoaRecords(): void
         $this->assertStringContainsString('team.appwrite.io', $rdata);
         $this->assertStringContainsString('1 7200 1800 1209600 3600', $rdata);
     }
+
+    public function testInvalidServer(): void
+    {
+        try {
+            new Client('not-ip-address', self::PORT);
+            $this->fail('Expected invalid IP address exception');
+        } catch (\Exception $e) {
+            $this->assertEquals('Server must be an IP address.', $e->getMessage());
+        }
+
+        try {
+            new Client('ns1.digitalocean.com', self::PORT);
+            $this->fail('Expected invalid IP address exception');
+        } catch (\Exception $e) {
+            $this->assertEquals('Server must be an IP address.', $e->getMessage());
+        }
+
+        try {
+            $client = new Client('172.64.52.210', self::PORT);
+            $this->assertNotEmpty($client);
+            $client = new Client('127.0.0.1', self::PORT);
+            $this->assertNotEmpty($client);
+        } catch (\Exception $e) {
+            $this->fail('IPv4 threw unexpected error');
+        }
+
+        try {
+            $client = new Client('::1', self::PORT);
+            $this->assertNotEmpty($client);
+            $client = new Client('2606:4700:52::ac40:34d2', self::PORT);
+            $this->assertNotEmpty($client);
+        } catch (\Exception $e) {
+            $this->fail('IPv6 threw unexpected error');
+        }
+    }
 }
diff --git a/tests/unit/DNS/Validator/DNSTest.php b/tests/unit/DNS/Validator/DNSTest.php
@@ -72,8 +72,9 @@ public function testAAAA(): void
      */
     public function testCAA(): void
     {
-        $certainly = new DNS('certainly.com', DNS::RECORD_CAA, 'ns1.digitalocean.com');
-        $letsencrypt = new DNS('letsencrypt.org', DNS::RECORD_CAA, 'ns1.digitalocean.com');
+        $digitalOceanIp = '172.64.52.210'; // ping ns1.digitalocean.com
+        $certainly = new DNS('certainly.com', DNS::RECORD_CAA, $digitalOceanIp);
+        $letsencrypt = new DNS('letsencrypt.org', DNS::RECORD_CAA, $digitalOceanIp);
 
         // No CAA record succeeds on main domain & subdomains for any issuer
         $this->assertEquals($certainly->isValid('caa.appwrite.org'), true);
@@ -88,11 +89,11 @@ public function testCAA(): void
         $this->assertEquals($letsencrypt->isValid('certainly-full.caa.appwrite.org'), false);
 
         // Custom flags&tag are not allowed if validator includes specific flags&tag
-        $certainlyFull = new DNS('0 issue "certainly.com"', DNS::RECORD_CAA, 'ns1.digitalocean.com');
+        $certainlyFull = new DNS('0 issue "certainly.com"', DNS::RECORD_CAA, $digitalOceanIp);
         $this->assertEquals($certainlyFull->isValid('certainly-full.caa.appwrite.org'), false);
 
         // Custom flags&tag still allows if they match exactly
-        $certainlyFull = new DNS('128 issuewild "certainly.com;account=123456;validationmethods=dns-01"', DNS::RECORD_CAA, 'ns1.digitalocean.com');
+        $certainlyFull = new DNS('128 issuewild "certainly.com;account=123456;validationmethods=dns-01"', DNS::RECORD_CAA, $digitalOceanIp);
         $this->assertEquals($certainlyFull->isValid('certainly-full.caa.appwrite.org'), true);
 
         // Certainly CAA allows Certainly, but not LetsEncrypt; Same for subdomains
