1 /*
2 * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
3 *
4 * SPDX-License-Identifier: MPL-2.0
5 *
6 * This Source Code Form is subject to the terms of the Mozilla Public
7 * License, v. 2.0. If a copy of the MPL was not distributed with this
8 * file, you can obtain one at https://mozilla.org/MPL/2.0/.
9 *
10 * See the COPYRIGHT file distributed with this work for additional
11 * information regarding copyright ownership.
12 */
13
14 #ifndef WIN32
15 #include <arpa/inet.h>
16 #include <netdb.h>
17 #include <netinet/in.h>
18 #include <sys/socket.h>
19 #include <sys/types.h>
20 #include <unistd.h>
21 #endif /* ifndef WIN32 */
22
23 #include <stdbool.h>
24 #include <stdio.h>
25 #include <stdlib.h>
26 #include <string.h>
27
28 #include <isc/app.h>
29 #include <isc/base64.h>
30 #include <isc/buffer.h>
31 #include <isc/commandline.h>
32 #include <isc/lib.h>
33 #include <isc/managers.h>
34 #include <isc/mem.h>
35 #include <isc/print.h>
36 #include <isc/sockaddr.h>
37 #include <isc/socket.h>
38 #include <isc/task.h>
39 #include <isc/timer.h>
40 #include <isc/util.h>
41
42 #include <dns/client.h>
43 #include <dns/fixedname.h>
44 #include <dns/keyvalues.h>
45 #include <dns/lib.h>
46 #include <dns/name.h>
47 #include <dns/rdata.h>
48 #include <dns/rdataset.h>
49 #include <dns/rdatastruct.h>
50 #include <dns/rdatatype.h>
51 #include <dns/result.h>
52 #include <dns/secalg.h>
53
54 #include <dst/dst.h>
55
56 #include <irs/resconf.h>
57
58 static char *algname;
59
60 static isc_result_t
printdata(dns_rdataset_t * rdataset,dns_name_t * owner)61 printdata(dns_rdataset_t *rdataset, dns_name_t *owner) {
62 isc_buffer_t target;
63 isc_result_t result;
64 isc_region_t r;
65 char t[4096];
66
67 if (!dns_rdataset_isassociated(rdataset)) {
68 printf("[WARN: empty]\n");
69 return (ISC_R_SUCCESS);
70 }
71
72 isc_buffer_init(&target, t, sizeof(t));
73
74 result = dns_rdataset_totext(rdataset, owner, false, false, &target);
75 if (result != ISC_R_SUCCESS) {
76 return (result);
77 }
78 isc_buffer_usedregion(&target, &r);
79 printf("%.*s", (int)r.length, (char *)r.base);
80
81 return (ISC_R_SUCCESS);
82 }
83
84 ISC_PLATFORM_NORETURN_PRE static void
85 usage(void) ISC_PLATFORM_NORETURN_POST;
86
87 static void
usage(void)88 usage(void) {
89 fprintf(stderr, "resolve [-t RRtype] "
90 "[[-a algorithm] [-e] -k keyname -K keystring] "
91 "[-S domain:serveraddr_for_domain ] [-s server_address]"
92 "[-b address[#port]] hostname\n");
93
94 exit(1);
95 }
96
97 static void
set_key(dns_client_t * client,char * keynamestr,char * keystr,bool is_sep,isc_mem_t ** mctxp)98 set_key(dns_client_t *client, char *keynamestr, char *keystr, bool is_sep,
99 isc_mem_t **mctxp) {
100 isc_result_t result;
101 dns_fixedname_t fkeyname;
102 unsigned int namelen;
103 dns_name_t *keyname;
104 dns_rdata_dnskey_t keystruct;
105 unsigned char keydata[4096];
106 isc_buffer_t keydatabuf;
107 unsigned char rrdata[4096];
108 isc_buffer_t rrdatabuf;
109 isc_buffer_t b;
110 isc_textregion_t tr;
111 isc_region_t r;
112 dns_secalg_t alg;
113
114 isc_mem_create(mctxp);
115
116 if (algname != NULL) {
117 tr.base = algname;
118 tr.length = strlen(algname);
119 result = dns_secalg_fromtext(&alg, &tr);
120 if (result != ISC_R_SUCCESS) {
121 fprintf(stderr, "failed to identify the algorithm\n");
122 exit(1);
123 }
124 } else {
125 alg = DNS_KEYALG_RSASHA1;
126 }
127
128 keystruct.common.rdclass = dns_rdataclass_in;
129 keystruct.common.rdtype = dns_rdatatype_dnskey;
130 keystruct.flags = DNS_KEYOWNER_ZONE; /* fixed */
131 if (is_sep) {
132 keystruct.flags |= DNS_KEYFLAG_KSK;
133 }
134 keystruct.protocol = DNS_KEYPROTO_DNSSEC; /* fixed */
135 keystruct.algorithm = alg;
136
137 isc_buffer_init(&keydatabuf, keydata, sizeof(keydata));
138 isc_buffer_init(&rrdatabuf, rrdata, sizeof(rrdata));
139 result = isc_base64_decodestring(keystr, &keydatabuf);
140 if (result != ISC_R_SUCCESS) {
141 fprintf(stderr, "base64 decode failed\n");
142 exit(1);
143 }
144 isc_buffer_usedregion(&keydatabuf, &r);
145 keystruct.datalen = r.length;
146 keystruct.data = r.base;
147
148 result = dns_rdata_fromstruct(NULL, keystruct.common.rdclass,
149 keystruct.common.rdtype, &keystruct,
150 &rrdatabuf);
151 if (result != ISC_R_SUCCESS) {
152 fprintf(stderr, "failed to construct key rdata\n");
153 exit(1);
154 }
155 namelen = strlen(keynamestr);
156 isc_buffer_init(&b, keynamestr, namelen);
157 isc_buffer_add(&b, namelen);
158 keyname = dns_fixedname_initname(&fkeyname);
159 result = dns_name_fromtext(keyname, &b, dns_rootname, 0, NULL);
160 if (result != ISC_R_SUCCESS) {
161 fprintf(stderr, "failed to construct key name\n");
162 exit(1);
163 }
164 result = dns_client_addtrustedkey(client, dns_rdataclass_in,
165 dns_rdatatype_dnskey, keyname,
166 &rrdatabuf);
167 if (result != ISC_R_SUCCESS) {
168 fprintf(stderr, "failed to add key for %s\n", keynamestr);
169 exit(1);
170 }
171 }
172
173 static void
addserver(dns_client_t * client,const char * addrstr,const char * port,const char * name_space)174 addserver(dns_client_t *client, const char *addrstr, const char *port,
175 const char *name_space) {
176 struct addrinfo hints, *res;
177 int gaierror;
178 isc_sockaddr_t sa;
179 isc_sockaddrlist_t servers;
180 isc_result_t result;
181 unsigned int namelen;
182 isc_buffer_t b;
183 dns_fixedname_t fname;
184 dns_name_t *name = NULL;
185
186 memset(&hints, 0, sizeof(hints));
187 hints.ai_family = AF_UNSPEC;
188 hints.ai_socktype = SOCK_DGRAM;
189 hints.ai_protocol = IPPROTO_UDP;
190 hints.ai_flags = AI_NUMERICHOST;
191 gaierror = getaddrinfo(addrstr, port, &hints, &res);
192 if (gaierror != 0) {
193 fprintf(stderr, "getaddrinfo failed: %s\n",
194 gai_strerror(gaierror));
195 exit(1);
196 }
197 INSIST(res->ai_addrlen <= sizeof(sa.type));
198 memmove(&sa.type, res->ai_addr, res->ai_addrlen);
199 sa.length = (unsigned int)res->ai_addrlen;
200 freeaddrinfo(res);
201 ISC_LINK_INIT(&sa, link);
202 ISC_LIST_INIT(servers);
203 ISC_LIST_APPEND(servers, &sa, link);
204
205 if (name_space != NULL) {
206 namelen = strlen(name_space);
207 isc_buffer_constinit(&b, name_space, namelen);
208 isc_buffer_add(&b, namelen);
209 name = dns_fixedname_initname(&fname);
210 result = dns_name_fromtext(name, &b, dns_rootname, 0, NULL);
211 if (result != ISC_R_SUCCESS) {
212 fprintf(stderr, "failed to convert qname: %u\n",
213 result);
214 exit(1);
215 }
216 }
217
218 result = dns_client_setservers(client, dns_rdataclass_in, name,
219 &servers);
220 if (result != ISC_R_SUCCESS) {
221 fprintf(stderr, "set server failed: %u\n", result);
222 exit(1);
223 }
224 }
225
226 int
main(int argc,char * argv[])227 main(int argc, char *argv[]) {
228 int ch;
229 isc_textregion_t tr;
230 char *server = NULL;
231 char *altserver = NULL;
232 char *altserveraddr = NULL;
233 char *altservername = NULL;
234 dns_client_t *client = NULL;
235 char *keynamestr = NULL;
236 char *keystr = NULL;
237 isc_result_t result;
238 isc_buffer_t b;
239 dns_fixedname_t qname0;
240 unsigned int namelen;
241 dns_name_t *qname, *name;
242 dns_rdatatype_t type = dns_rdatatype_a;
243 dns_rdataset_t *rdataset;
244 dns_namelist_t namelist;
245 isc_mem_t *keymctx = NULL;
246 unsigned int clientopt, resopt = 0;
247 bool is_sep = false;
248 const char *port = "53";
249 isc_mem_t *mctx = NULL;
250 isc_appctx_t *actx = NULL;
251 isc_nm_t *netmgr = NULL;
252 isc_taskmgr_t *taskmgr = NULL;
253 isc_socketmgr_t *socketmgr = NULL;
254 isc_timermgr_t *timermgr = NULL;
255 struct in_addr in4;
256 struct in6_addr in6;
257 isc_sockaddr_t a4, a6;
258 isc_sockaddr_t *addr4 = NULL, *addr6 = NULL;
259
260 while ((ch = isc_commandline_parse(argc, argv, "a:b:es:t:k:K:p:S:")) !=
261 -1) {
262 switch (ch) {
263 case 't':
264 tr.base = isc_commandline_argument;
265 tr.length = strlen(isc_commandline_argument);
266 result = dns_rdatatype_fromtext(&type, &tr);
267 if (result != ISC_R_SUCCESS) {
268 fprintf(stderr, "invalid RRtype: %s\n",
269 isc_commandline_argument);
270 exit(1);
271 }
272 break;
273 case 'a':
274 algname = isc_commandline_argument;
275 break;
276 case 'b':
277 if (inet_pton(AF_INET, isc_commandline_argument,
278 &in4) == 1) {
279 if (addr4 != NULL) {
280 fprintf(stderr, "only one local "
281 "address per family "
282 "can be specified\n");
283 exit(1);
284 }
285 isc_sockaddr_fromin(&a4, &in4, 0);
286 addr4 = &a4;
287 } else if (inet_pton(AF_INET6, isc_commandline_argument,
288 &in6) == 1) {
289 if (addr6 != NULL) {
290 fprintf(stderr, "only one local "
291 "address per family "
292 "can be specified\n");
293 exit(1);
294 }
295 isc_sockaddr_fromin6(&a6, &in6, 0);
296 addr6 = &a6;
297 } else {
298 fprintf(stderr, "invalid address %s\n",
299 isc_commandline_argument);
300 exit(1);
301 }
302 break;
303 case 'e':
304 is_sep = true;
305 break;
306 case 'S':
307 if (altserver != NULL) {
308 fprintf(stderr,
309 "alternate server "
310 "already defined: %s\n",
311 altserver);
312 exit(1);
313 }
314 altserver = isc_commandline_argument;
315 break;
316 case 's':
317 if (server != NULL) {
318 fprintf(stderr,
319 "server "
320 "already defined: %s\n",
321 server);
322 exit(1);
323 }
324 server = isc_commandline_argument;
325 break;
326 case 'k':
327 keynamestr = isc_commandline_argument;
328 break;
329 case 'K':
330 keystr = isc_commandline_argument;
331 break;
332 case 'p':
333 port = isc_commandline_argument;
334 break;
335 default:
336 usage();
337 }
338 }
339
340 argc -= isc_commandline_index;
341 argv += isc_commandline_index;
342 if (argc < 1) {
343 usage();
344 }
345
346 if (altserver != NULL) {
347 char *cp;
348
349 cp = strchr(altserver, ':');
350 if (cp == NULL) {
351 fprintf(stderr, "invalid alternate server: %s\n",
352 altserver);
353 exit(1);
354 }
355 *cp = '\0';
356 altservername = altserver;
357 altserveraddr = cp + 1;
358 }
359
360 isc_lib_register();
361 result = dns_lib_init();
362 if (result != ISC_R_SUCCESS) {
363 fprintf(stderr, "dns_lib_init failed: %u\n", result);
364 exit(1);
365 }
366
367 isc_mem_create(&mctx);
368
369 result = isc_appctx_create(mctx, &actx);
370 if (result != ISC_R_SUCCESS) {
371 goto cleanup;
372 }
373 result = isc_app_ctxstart(actx);
374 if (result != ISC_R_SUCCESS) {
375 goto cleanup;
376 }
377 result = isc_managers_create(mctx, 1, 0, &netmgr, &taskmgr);
378 if (result != ISC_R_SUCCESS) {
379 goto cleanup;
380 }
381 result = isc_socketmgr_create(mctx, &socketmgr);
382 if (result != ISC_R_SUCCESS) {
383 goto cleanup;
384 }
385 result = isc_timermgr_create(mctx, &timermgr);
386 if (result != ISC_R_SUCCESS) {
387 goto cleanup;
388 }
389
390 clientopt = 0;
391 result = dns_client_create(mctx, actx, taskmgr, socketmgr, timermgr,
392 clientopt, &client, addr4, addr6);
393 if (result != ISC_R_SUCCESS) {
394 fprintf(stderr, "dns_client_create failed: %u, %s\n", result,
395 isc_result_totext(result));
396 exit(1);
397 }
398
399 /* Set the nameserver */
400 if (server == NULL) {
401 irs_resconf_t *resconf = NULL;
402 isc_sockaddrlist_t *nameservers;
403
404 result = irs_resconf_load(mctx, "/etc/resolv.conf", &resconf);
405 if (result != ISC_R_SUCCESS && result != ISC_R_FILENOTFOUND) {
406 fprintf(stderr, "irs_resconf_load failed: %u\n",
407 result);
408 exit(1);
409 }
410 nameservers = irs_resconf_getnameservers(resconf);
411 result = dns_client_setservers(client, dns_rdataclass_in, NULL,
412 nameservers);
413 if (result != ISC_R_SUCCESS) {
414 irs_resconf_destroy(&resconf);
415 fprintf(stderr, "dns_client_setservers failed: %u\n",
416 result);
417 exit(1);
418 }
419 irs_resconf_destroy(&resconf);
420 } else {
421 addserver(client, server, port, NULL);
422 }
423
424 /* Set the alternate nameserver (when specified) */
425 if (altserver != NULL) {
426 addserver(client, altserveraddr, port, altservername);
427 }
428
429 /* Install DNSSEC key (if given) */
430 if (keynamestr != NULL) {
431 if (keystr == NULL) {
432 fprintf(stderr, "key string is missing "
433 "while key name is provided\n");
434 exit(1);
435 }
436 set_key(client, keynamestr, keystr, is_sep, &keymctx);
437 }
438
439 /* Construct qname */
440 namelen = strlen(argv[0]);
441 isc_buffer_init(&b, argv[0], namelen);
442 isc_buffer_add(&b, namelen);
443 qname = dns_fixedname_initname(&qname0);
444 result = dns_name_fromtext(qname, &b, dns_rootname, 0, NULL);
445 if (result != ISC_R_SUCCESS) {
446 fprintf(stderr, "failed to convert qname: %u\n", result);
447 }
448
449 /* Perform resolution */
450 if (keynamestr == NULL) {
451 resopt |= DNS_CLIENTRESOPT_NODNSSEC;
452 }
453 ISC_LIST_INIT(namelist);
454 result = dns_client_resolve(client, qname, dns_rdataclass_in, type,
455 resopt, &namelist);
456 if (result != ISC_R_SUCCESS) {
457 fprintf(stderr, "resolution failed: %s\n",
458 dns_result_totext(result));
459 }
460 for (name = ISC_LIST_HEAD(namelist); name != NULL;
461 name = ISC_LIST_NEXT(name, link))
462 {
463 for (rdataset = ISC_LIST_HEAD(name->list); rdataset != NULL;
464 rdataset = ISC_LIST_NEXT(rdataset, link))
465 {
466 if (printdata(rdataset, name) != ISC_R_SUCCESS) {
467 fprintf(stderr, "print data failed\n");
468 }
469 }
470 }
471
472 dns_client_freeresanswer(client, &namelist);
473
474 /* Cleanup */
475 cleanup:
476 dns_client_destroy(&client);
477
478 if (taskmgr != NULL) {
479 isc_managers_destroy(&netmgr, &taskmgr);
480 }
481 if (timermgr != NULL) {
482 isc_timermgr_destroy(&timermgr);
483 }
484 if (socketmgr != NULL) {
485 isc_socketmgr_destroy(&socketmgr);
486 }
487 if (actx != NULL) {
488 isc_appctx_destroy(&actx);
489 }
490 isc_mem_detach(&mctx);
491
492 if (keynamestr != NULL) {
493 isc_mem_destroy(&keymctx);
494 }
495 dns_lib_shutdown();
496
497 return (0);
498 }
499