// Retrieve the DNSKEY records of a zone and convert them // to DS records for SHA1, SHA256 and SHA384. func ExampleDS(zone string) { config, _ := dns.ClientConfigFromFile("/etc/resolv.conf") c := new(dns.Client) m := new(dns.Msg) if zone == "" { zone = "miek.nl" } m.SetQuestion(dns.Fqdn(zone), dns.TypeDNSKEY) m.SetEdns0(4096, true) r, _, err := c.Exchange(m, config.Servers[0]+":"+config.Port) if err != nil { return } if r.Rcode != dns.RcodeSuccess { return } for _, k := range r.Answer { if key, ok := k.(*dns.DNSKEY); ok { for _, alg := range []uint8{dns.SHA1, dns.SHA256, dns.SHA384} { fmt.Printf("%s; %d\n", key.ToDS(alg).String(), key.Flags) } } } }
func (d dnsAPI) ServiceLookup(w dns.ResponseWriter, req *dns.Msg) { qName := req.Question[0].Name qType := req.Question[0].Qtype name := strings.TrimSuffix(strings.ToLower(dns.Fqdn(qName)), d.Domain) labels := dns.SplitDomainName(name) tcp := isTCP(w.RemoteAddr()) res := &dns.Msg{} res.Authoritative = true res.RecursionAvailable = len(d.Recursors) > 0 res.SetReply(req) defer func() { if res.Rcode == dns.RcodeSuccess && qType == dns.TypeSOA { // SOA answer if requested. at the end of the request to ensure we didn't hit NXDOMAIN res.Answer = []dns.RR{d.soaRecord()} } if len(res.Answer) == 0 { // Add authority section with SOA if the answer has no items res.Ns = []dns.RR{d.soaRecord()} } w.WriteMsg(res) }() nxdomain := func() { res.SetRcode(req, dns.RcodeNameError) } var service string var proto string var instanceID string var leader bool switch { case len(labels) == 1: // normal lookup service = labels[0] case len(labels) == 2 && strings.HasPrefix(labels[0], "_") && strings.HasPrefix(labels[1], "_"): // RFC 2782 request looks like _postgres._tcp service = labels[0][1:] proto = labels[1][1:] case len(labels) == 3 && labels[2] == "_i": // address lookup for instance in RFC 2782 SRV record service = labels[1] instanceID = labels[0] case len(labels) == 2 && labels[0] == "leader": // leader lookup leader = true service = labels[1] default: nxdomain() return } var instances []*discoverd.Instance if !leader { instances = d.Store.Get(service) if instances == nil { nxdomain() return } } if leader || instanceID != "" { // we're doing a lookup for a single instance var resInst *discoverd.Instance if leader { resInst = d.Store.GetLeader(service) } else { for _, inst := range instances { if inst.ID == instanceID { resInst = inst break } } } if resInst == nil { nxdomain() return } addr := parseAddr(resInst) if qType != dns.TypeA && qType != dns.TypeAAAA && qType != dns.TypeANY && qType != dns.TypeSRV || addr.IPv4 == nil && qType == dns.TypeA || addr.IPv6 == nil && qType == dns.TypeAAAA { // no results if we're looking up an record that doesn't match the // request type or the type is incorrect return } res.Answer = make([]dns.RR, 0, 2) if qType != dns.TypeSRV { res.Answer = append(res.Answer, addrRecord(qName, addr)) } if qType == dns.TypeSRV || qType == dns.TypeANY { res.Answer = append(res.Answer, d.srvRecord(qName, service, addr, false)) } if tcp && qType == dns.TypeSRV { res.Extra = []dns.RR{addrRecord(qName, addr)} } return } if qType == dns.TypeSOA { // We don't need to do any more processing, as NXDOMAIN can't be reached // beyond this point, the SOA answer is added in the deferred function // above return } addrs := make([]*addrData, 0, len(instances)) added := make(map[string]struct{}, len(instances)) for _, inst := range instances { if proto != "" && inst.Proto != proto { continue } addr := parseAddr(inst) if _, ok := added[addr.String]; ok { continue } if addr.IPv4 == nil && qType == dns.TypeA || addr.IPv6 == nil && qType == dns.TypeAAAA { // Skip instance if we have an IPv6 address but want IPv4 or vice versa continue } if qType != dns.TypeSRV { // skip duplicate IPs if we're not doing an SRV lookup added[addr.String] = struct{}{} } addrs = append(addrs, addr) } if len(addrs) == 0 { // return empty response return } shuffle(addrs) // Truncate the response if we're using UDP if !tcp && len(addrs) > maxUDPRecords { addrs = addrs[:maxUDPRecords] } res.Answer = make([]dns.RR, 0, len(addrs)*2) for _, addr := range addrs { if qType == dns.TypeANY || qType == dns.TypeA || qType == dns.TypeAAAA { res.Answer = append(res.Answer, addrRecord(qName, addr)) } } for _, addr := range addrs { if qType == dns.TypeANY || qType == dns.TypeSRV { res.Answer = append(res.Answer, d.srvRecord(qName, service, addr, true)) } } if qType == dns.TypeSRV && tcp { // Add extra records mapping instance IDs to addresses res.Extra = make([]dns.RR, len(addrs)) for i, addr := range addrs { res.Extra[i] = addrRecord(d.instanceDomain(service, addr.ID), addr) } } }