Add crate for DNS verification (#502)

* add dns verification library

* rename library, add test

* schema test

* add builder

* add tests

* remove unused enum case

* use builder internally

* add all the logic to the builder, remove new function

* fix position in cargo.toml

Cargo.toml

@@ -50,6 +50,7 @@ members = [
     "lib/athena",
     "lib/blowocking",
     "lib/cursiv",
+    "lib/geomjeungja",
     "lib/http-compat",
     "lib/http-signatures",
     "lib/just-retry",

crates/kitsune-activitypub/Cargo.toml

@@ -6,7 +6,7 @@ version.workspace = true
 license.workspace = true
 
 [dependencies]
-async-trait = "0.1.77"
+async-trait = "0.1.78"
 autometrics = { version = "1.0.1", default-features = false }
 base64-simd = "0.8.0"
 diesel = "2.1.5"

crates/kitsune-core/Cargo.toml

@@ -7,7 +7,7 @@ license.workspace = true
 build = "build.rs"
 
 [dependencies]
-async-trait = "0.1.77"
+async-trait = "0.1.78"
 const_format = "0.2.32"
 http = "1.1.0"
 kitsune-db = { path = "../kitsune-db" }

crates/kitsune-observability/Cargo.toml

@@ -6,7 +6,7 @@ version.workspace = true
 license.workspace = true
 
 [dependencies]
-async-trait = "0.1.77"
+async-trait = "0.1.78"
 http-body-util = "0.1.1"
 http-compat = { path = "../../lib/http-compat" }
 hyper = { version = "1.2.0", default-features = false }

crates/kitsune-wasm-mrf/Cargo.toml

@@ -7,7 +7,7 @@ license.workspace = true
 build = "build.rs"
 
 [dependencies]
-async-trait = "0.1.77"
+async-trait = "0.1.78"
 derive_more = { version = "1.0.0-beta.6", features = ["from"] }
 enum_dispatch = "0.3.12"
 futures-util = { version = "0.3.30", default-features = false, features = [

crates/kitsune-webfinger/Cargo.toml

@@ -6,7 +6,7 @@ version.workspace = true
 license.workspace = true
 
 [dependencies]
-async-trait = "0.1.77"
+async-trait = "0.1.78"
 autometrics = { version = "1.0.1", default-features = false }
 futures-util = "0.3.30"
 http = "1.1.0"

kitsune/Cargo.toml

@@ -21,7 +21,7 @@ askama = { version = "0.12.1", features = [
     "with-axum",
 ], default-features = false }
 askama_axum = "0.4.0"
-async-trait = "0.1.77"
+async-trait = "0.1.78"
 axum = { version = "0.7.4", features = ["macros", "multipart"] }
 axum-extra = { version = "0.9.2", features = [
     "cookie",

lib/cursiv/Cargo.toml

@@ -17,7 +17,7 @@ tower = { version = "0.4.13", default-features = false }
 zeroize = { version = "1.7.0", features = ["derive"] }
 
 # `axum` feature
-async-trait = { version = "0.1.77", optional = true }
+async-trait = { version = "0.1.78", optional = true }
 axum-core = { version = "0.4.3", optional = true }
 
 [dev-dependencies]

lib/geomjeungja/Cargo.toml

@@ -0,0 +1,25 @@
+[package]
+name = "geomjeungja"
+authors.workspace = true
+edition.workspace = true
+version.workspace = true
+license = "MIT OR Apache-2.0"
+
+[dependencies]
+async-trait = "0.1.78"
+hickory-resolver = { version = "0.24.0", features = ["dns-over-rustls"] }
+rand = "0.8.5"
+serde = { version = "1.0.197", features = ["derive"] }
+simdutf8 = { version = "0.1.4", features = ["aarch64_neon"] }
+thiserror = "1.0.58"
+tracing = "0.1.40"
+typed-builder = "0.18.1"
+
+[dev-dependencies]
+insta = { version = "1.36.1", features = ["json"] }
+rand_xorshift = "0.3.0"
+serde_json = "1.0.114"
+tokio = { version = "1.36.0", features = ["macros", "rt"] }
+
+[lints]
+workspace = true

lib/geomjeungja/LICENSE-APACHE-2.0

@@ -0,0 +1 @@
+../../LICENSE-APACHE-2.0

lib/geomjeungja/LICENSE-MIT

@@ -0,0 +1 @@
+../../LICENSE-MIT

lib/geomjeungja/README.md

@@ -0,0 +1,13 @@
+# geomjeungja
+
+Domain verification via TXT records
+
+## About
+
+Geomjeungja is a small library for verifying domain ownership via the user setting a TXT record.  
+It is only compatible with Tokio at the moment but this might change in the future.
+
+It ships with one default verification strategy. This strategy is for validating structures looking like this: `[key]=[value]`.  
+In case you need anything more complicated, consider implementing your own strategy.
+
+A strategy is an asynchronous fallible operation with its own context that operates over an iterator of string slices that represent the TXT records.

lib/geomjeungja/examples/simple.rs

@@ -0,0 +1,33 @@
+use geomjeungja::{Error, KeyValueStrategy, Verifier};
+
+#[tokio::main(flavor = "current_thread")]
+async fn main() {
+    // Create a verification strategy
+    let verification_strategy =
+        KeyValueStrategy::generate(&mut rand::thread_rng(), "kakunin".into());
+    let verifier = Verifier::builder()
+        .fqdn("aumetra.xyz".into())
+        .strategy(verification_strategy)
+        .build();
+
+    // Now we store that somewhere for later verification
+    let serialised_strategy = serde_json::to_string(verifier.strategy()).unwrap();
+
+    // --- SOME TIME LATER ---
+
+    // Now we can deserialise it because the user told us "yeah I set that"
+    let deserialised_strategy: KeyValueStrategy =
+        serde_json::from_str(&serialised_strategy).unwrap();
+
+    // Let's check if they didn't lie
+    let verifier = Verifier::builder()
+        .fqdn("aumetra.xyz".into())
+        .strategy(deserialised_strategy)
+        .build();
+
+    match verifier.verify().await {
+        Ok(()) => println!("Successfully verified. All good!"),
+        Err(Error::Unverified) => println!("TXT records didn't contain the KV pair :("),
+        Err(err) => eprintln!("Something errored out. Error: {err:?}"),
+    }
+}