Compare commits
2 Commits
| Author | SHA1 | Date |
|---|---|---|
 Jeff Carr
|
080acc8f3c | |
|
Jeff Carr
|
146249a13d |
10
README.md
10
README.md
|
|
@ -1,3 +1,13 @@
|
|||
# Intro
|
||||
|
||||
Attempt at some code to validate via DNS / DNSSEC
|
||||
the hostname is valid on a simple socket listen
|
||||
server
|
||||
|
||||
This recursively runs from the root TLD's and purposesly bypasses
|
||||
any DNS cache so that the DNS <-> IP address mappings can be verified
|
||||
|
||||
## References
|
||||
|
||||
* https://github.com/mactsouk/opensource.com.git
|
||||
* https://coderwall.com/p/wohavg/creating-a-simple-tcp-server-in-go
|
||||
|
|
|
|||
|
|
@ -0,0 +1,44 @@
|
|||
package dnssecsocket
|
||||
|
||||
//
|
||||
// By using the package "github.com/alexflint/go-arg",
|
||||
// these can be configured from the command line
|
||||
//
|
||||
|
||||
import (
|
||||
// arg "github.com/alexflint/go-arg"
|
||||
// "log"
|
||||
// "os"
|
||||
)
|
||||
|
||||
type Args struct {
|
||||
VerboseDnssec bool `arg:"--verbose-dnssec" help:"debug dnssec lookups"`
|
||||
Foo string `arg:"env:USER"`
|
||||
}
|
||||
|
||||
var args struct {
|
||||
Args
|
||||
Verbose bool
|
||||
}
|
||||
|
||||
func Parse (b bool) {
|
||||
args.Verbose = b
|
||||
args.VerboseDnssec = b
|
||||
}
|
||||
|
||||
// I attempted to pass the *arg.Parser down
|
||||
// to see if I could find the value somewhere but I couldn't find it
|
||||
/*
|
||||
var conf arg.Config
|
||||
|
||||
func Parse (p *arg.Parser) {
|
||||
// conf.Program = "control-panel-dns"
|
||||
// conf.IgnoreEnv = false
|
||||
// arg.NewParser(conf, &args)
|
||||
log.Println("fuckit", p, args.VerboseDnssec)
|
||||
for i, v := range p.SubcommandNames() {
|
||||
log.Println("dnssec.Parse", i, v)
|
||||
}
|
||||
p.Jcarr()
|
||||
}
|
||||
*/
|
||||
|
|
@ -11,7 +11,7 @@ import "math/rand"
|
|||
import "net"
|
||||
import "strconv"
|
||||
import "strings"
|
||||
import log "github.com/sirupsen/logrus"
|
||||
// import log "github.com/sirupsen/logrus"
|
||||
// import "github.com/wercker/journalhook"
|
||||
|
||||
import "git.wit.org/wit/shell"
|
||||
|
|
@ -49,41 +49,41 @@ func HandleConnection(conn *net.TCPConn) {
|
|||
// spew.Dump(conn)
|
||||
// ipv6client := GetRemoteAddr(c)
|
||||
ipv6client := conn.RemoteAddr()
|
||||
log.Println("Serving to %s as the IPv6 client", ipv6client)
|
||||
log(args.VerboseDnssec, "Serving to %s as the IPv6 client", ipv6client)
|
||||
|
||||
// setup this TCP socket as the "standard input"
|
||||
// newStdin, _ := bufio.NewReader(conn.File())
|
||||
newStdin, _ := conn.File()
|
||||
newreader := bufio.NewReader(newStdin)
|
||||
|
||||
log.Println("Waiting for the client to tell me its name")
|
||||
log(args.VerboseDnssec, "Waiting for the client to tell me its name")
|
||||
netData, err := newreader.ReadString('\n')
|
||||
if err != nil {
|
||||
log.Println(err)
|
||||
log(args.VerboseDnssec, err)
|
||||
return
|
||||
}
|
||||
clientHostname := strings.TrimSpace(netData)
|
||||
log.Println("Recieved client hostname as:", clientHostname)
|
||||
log(args.VerboseDnssec, "Recieved client hostname as:", clientHostname)
|
||||
|
||||
dnsRR := Dnstrace(clientHostname, "AAAA")
|
||||
if (dnsRR == nil) {
|
||||
log.Println("dnsRR IS NIL")
|
||||
log.Println("dnsRR IS NIL")
|
||||
log.Println("dnsRR IS NIL")
|
||||
log(args.VerboseDnssec, "dnsRR IS NIL")
|
||||
log(args.VerboseDnssec, "dnsRR IS NIL")
|
||||
log(args.VerboseDnssec, "dnsRR IS NIL")
|
||||
conn.Close()
|
||||
return
|
||||
}
|
||||
ipaddr := dns.Field(dnsRR[1], 1)
|
||||
log.Println("Client claims to be: ", ipaddr)
|
||||
log.Println("Serving to IPv6 client:", ipv6client)
|
||||
log(args.VerboseDnssec, "Client claims to be: ", ipaddr)
|
||||
log(args.VerboseDnssec, "Serving to IPv6 client:", ipv6client)
|
||||
|
||||
/* TODO: figure out how to fix this check
|
||||
if (ipaddr != ipv6client) {
|
||||
log.Println()
|
||||
log.Println("DNSSEC ERROR: client IPv6 does not work")
|
||||
log.Println("DNSSEC ERROR: client IPv6 does not work")
|
||||
log.Println("DNSSEC ERROR: client IPv6 does not work")
|
||||
log.Println()
|
||||
log(args.VerboseDnssec)
|
||||
log(args.VerboseDnssec, "DNSSEC ERROR: client IPv6 does not work")
|
||||
log(args.VerboseDnssec, "DNSSEC ERROR: client IPv6 does not work")
|
||||
log(args.VerboseDnssec, "DNSSEC ERROR: client IPv6 does not work")
|
||||
log(args.VerboseDnssec)
|
||||
conn.Close()
|
||||
return
|
||||
}
|
||||
|
|
@ -101,7 +101,7 @@ func HandleConnection(conn *net.TCPConn) {
|
|||
defer conn.Close()
|
||||
netData, err := newreader.ReadString('\n')
|
||||
if err != nil {
|
||||
log.Println(err)
|
||||
log(args.VerboseDnssec, err)
|
||||
return
|
||||
}
|
||||
|
||||
|
|
@ -109,17 +109,17 @@ func HandleConnection(conn *net.TCPConn) {
|
|||
if temp == "STOP" {
|
||||
break
|
||||
}
|
||||
log.Println("Recieved: ", temp)
|
||||
log(args.VerboseDnssec, "Recieved: ", temp)
|
||||
|
||||
if (temp == "list") {
|
||||
log.Println("Should run list here")
|
||||
log(args.VerboseDnssec, "Should run list here")
|
||||
shell.SetStdout(f)
|
||||
shell.Run("/root/bin/list.testing.com")
|
||||
shell.SetStdout(os.Stdout)
|
||||
}
|
||||
|
||||
if (temp == "cpuinfo") {
|
||||
log.Println("Should cat /proc/cpuinfo")
|
||||
log(args.VerboseDnssec, "Should cat /proc/cpuinfo")
|
||||
shell.SetStdout(f)
|
||||
shell.Run("cat /proc/cpuinfo")
|
||||
shell.SetStdout(os.Stdout)
|
||||
|
|
|
|||
36
dnstrace.go
36
dnstrace.go
|
|
@ -4,14 +4,14 @@ package dnssecsocket
|
|||
|
||||
import "fmt"
|
||||
import "net"
|
||||
import "os"
|
||||
// import "os"
|
||||
import "strings"
|
||||
import "time"
|
||||
|
||||
import "github.com/miekg/dns"
|
||||
import "github.com/rs/dnstrace/client"
|
||||
|
||||
import log "github.com/sirupsen/logrus"
|
||||
// import log "github.com/sirupsen/logrus"
|
||||
|
||||
// this is cool, but breaks the Windows build
|
||||
// import "github.com/wercker/journalhook"
|
||||
|
|
@ -75,13 +75,13 @@ func Dnstrace(hostname string, qtypestr string) []dns.RR {
|
|||
qname := m.Question[0].Name
|
||||
qtype := dns.TypeToString[m.Question[0].Qtype]
|
||||
if i > 1 {
|
||||
log.Println()
|
||||
log(args.VerboseDnssec)
|
||||
}
|
||||
log.Printf("%d - query %s %s", i, qtype, qname)
|
||||
log(args.VerboseDnssec, "%d - query %s %s", i, qtype, qname)
|
||||
if r != nil {
|
||||
log.Printf(": %s", strings.Replace(strings.Replace(r.MsgHdr.String(), ";; ", "", -1), "\n", ", ", -1))
|
||||
log(args.VerboseDnssec, ": %s", strings.Replace(strings.Replace(r.MsgHdr.String(), ";; ", "", -1), "\n", ", ", -1))
|
||||
}
|
||||
log.Println()
|
||||
log(args.VerboseDnssec)
|
||||
for _, pr := range rs {
|
||||
ln := 0
|
||||
if pr.Msg != nil {
|
||||
|
|
@ -94,15 +94,15 @@ func Dnstrace(hostname string, qtypestr string) []dns.RR {
|
|||
} else if pr.Server.LookupRTT > 0 {
|
||||
lrtt = fmt.Sprintf("%.2fms", float64(pr.Server.LookupRTT)/float64(time.Millisecond))
|
||||
}
|
||||
log.Printf(col(" - %d bytes in %.2fms + %s lookup on %s(%s)", cDarkGray), ln, rtt, lrtt, pr.Server.Name, pr.Addr)
|
||||
log(args.VerboseDnssec, col(" - %d bytes in %.2fms + %s lookup on %s(%s)", cDarkGray), ln, rtt, lrtt, pr.Server.Name, pr.Addr)
|
||||
if pr.Err != nil {
|
||||
err := pr.Err
|
||||
if oerr, ok := err.(*net.OpError); ok {
|
||||
err = oerr.Err
|
||||
}
|
||||
log.Printf(": %v", col(err, cRed))
|
||||
log(args.VerboseDnssec, ": %v", col(err, cRed))
|
||||
}
|
||||
log.Print("\n")
|
||||
log(args.VerboseDnssec, "\n")
|
||||
}
|
||||
|
||||
switch rtype {
|
||||
|
|
@ -122,28 +122,28 @@ func Dnstrace(hostname string, qtypestr string) []dns.RR {
|
|||
} else {
|
||||
glue = col("no glue", cYellow)
|
||||
}
|
||||
log.Printf("%s %d NS %s (%s)\n", label, s.TTL, s.Name, glue)
|
||||
log(args.VerboseDnssec, "%s %d NS %s (%s)\n", label, s.TTL, s.Name, glue)
|
||||
}
|
||||
case client.ResponseTypeCNAME:
|
||||
for _, rr := range r.Answer {
|
||||
log.Println(rr)
|
||||
log(args.VerboseDnssec, rr)
|
||||
}
|
||||
}
|
||||
},
|
||||
FollowingCNAME: func(domain, target string) {
|
||||
log.Printf(col("\n~ following CNAME %s -> %s\n", cBlue), domain, target)
|
||||
log(args.VerboseDnssec, col("\n~ following CNAME %s -> %s\n", cBlue), domain, target)
|
||||
},
|
||||
}
|
||||
r, rtt, err := c.RecursiveQuery(m, t)
|
||||
if err != nil {
|
||||
log.Printf(col("*** error: %v\n", cRed), err)
|
||||
os.Exit(1)
|
||||
log(args.VerboseDnssec, col("*** error: %v\n", cRed), err)
|
||||
return nil
|
||||
}
|
||||
|
||||
log.Println()
|
||||
log.Printf(col(";; Cold best path time: %s\n\n", cGray), rtt)
|
||||
log(args.VerboseDnssec)
|
||||
log(args.VerboseDnssec, col(";; Cold best path time: %s\n\n", cGray), rtt)
|
||||
for i, rr := range r.Answer {
|
||||
log.Println("r.Answer =", i, rr)
|
||||
log(args.VerboseDnssec, "r.Answer =", i, rr, args.VerboseDnssec)
|
||||
}
|
||||
return r.Answer
|
||||
// for _, rr := range r.Answer {
|
||||
|
|
@ -163,6 +163,6 @@ func ResolveIPv6hostname(hostname string) *net.TCPAddr {
|
|||
}
|
||||
|
||||
func UseJournalctl() {
|
||||
log.Println("journalhook is disabled because it breaks the Windows build right now")
|
||||
log(args.VerboseDnssec, "journalhook is disabled because it breaks the Windows build right now")
|
||||
// journalhook.Enable()
|
||||
}
|
||||
|
|
|
|||
|
|
@ -0,0 +1,30 @@
|
|||
package dnssecsocket
|
||||
|
||||
import (
|
||||
witlog "git.wit.org/wit/gui/log"
|
||||
)
|
||||
|
||||
// various debugging flags
|
||||
var logNow bool = true // useful for active development
|
||||
var logError bool = true
|
||||
var logWarn bool = false
|
||||
var logInfo bool = false
|
||||
var logVerbose bool = false
|
||||
|
||||
var SPEW witlog.Spewt
|
||||
|
||||
// var log interface{}
|
||||
|
||||
func log(a ...any) {
|
||||
witlog.Where = "wit/gui"
|
||||
witlog.Log(a...)
|
||||
}
|
||||
|
||||
func sleep(a ...any) {
|
||||
witlog.Sleep(a...)
|
||||
}
|
||||
|
||||
func exit(a ...any) {
|
||||
log(logError, "got to log() exit")
|
||||
witlog.Exit(a...)
|
||||
}
|
||||
Loading…
Reference in New Issue