| /freebsd/contrib/unbound/dnstap/ |
| H A D | dnstap.proto | 1 // dnstap: flexible, structured event replication format for DNS software
4 // replication format for DNS software.
25 // DNS server identity.
26 // If enabled, this is the identity string of the DNS server which generated
31 // DNS server version.
32 // If enabled, this is the version string of the DNS server which generated
59 // SocketProtocol: the protocol used to transport a DNS message.
61 UDP = 1; // DNS over UDP transport (RFC 1035 section 4.2.1)
62 TCP = 2; // DNS over TCP transport (RFC 1035 section 4.2.2)
63 DOT = 3; // DNS over TLS (RFC 7858)
[all …]
|
| /freebsd/crypto/openssh/ |
| H A D | README.dns | 1 How to verify host keys using OpenSSH and DNS
4 OpenSSH contains support for verifying host keys using DNS as described
6 instructions on how to use this feature. Configuring DNS is out of the
10 (1) Server: Generate and publish the DNS RR
12 To create a DNS resource record (RR) containing a fingerprint of the
22 generic DNS RR format parsable by most modern name server
26 To publish the fingerprint using the DNS you must add the generated RR
27 to your DNS zone file and sign your zone.
30 (2) Client: Enable ssh to verify host keys using DNS
32 To enable the ssh client to verify host keys using DNS, you have to
[all …]
|
| H A D | dns.c | 1 /* $OpenBSD: dns.c,v 1.44 2023/03/10 04:06:21 dtucker Exp $ */
42 #include "dns.h"
172 * and return -1 which stops DNS key fingerprint processing. in is_numeric_hostname()
192 * Verify the given hostname, address and host key using DNS.
219 debug("skipped DNS lookup for numerical hostname"); in verify_host_key_dns()
226 verbose("DNS lookup error: %s", dns_result_totext(result)); in verify_host_key_dns()
232 debug("found %d secure fingerprints in DNS", in verify_host_key_dns()
235 debug("found %d insecure fingerprints in DNS", in verify_host_key_dns()
251 verbose("Error parsing fingerprint from DNS."); in verify_host_key_dns()
292 debug("matching host key fingerprint found in DNS"); in verify_host_key_dns()
[all …]
|
| /freebsd/contrib/ntp/sntp/libevent/test/ |
| H A D | regress_dns.c | 66 #include "event2/dns.h"
207 struct evdns_base *dns = evdns_base_new(base, EVDNS_BASE_INITIALIZE_NAMESERVERS); in dns_resolve_reverse() local
211 tt_assert(dns); in dns_resolve_reverse()
216 dns, &in, 0, dns_gethostbyname_cb, base); in dns_resolve_reverse()
224 if (dns) in dns_resolve_reverse()
225 evdns_base_free(dns, 0); in dns_resolve_reverse()
544 struct evdns_base *dns = NULL; in dns_search_test_impl() local
559 dns = evdns_base_new(base, 0); in dns_search_test_impl()
560 tt_assert(!evdns_base_nameserver_ip_add(dns, buf)); in dns_search_test_impl()
562 evdns_base_search_add(dns, "a.example.com"); in dns_search_test_impl()
[all …]
|
| /freebsd/contrib/libevent/test/ |
| H A D | regress_dns.c | 66 #include "event2/dns.h"
207 struct evdns_base *dns = evdns_base_new(base, EVDNS_BASE_INITIALIZE_NAMESERVERS); in dns_resolve_reverse() local
211 tt_assert(dns); in dns_resolve_reverse()
216 dns, &in, 0, dns_gethostbyname_cb, base); in dns_resolve_reverse()
224 if (dns) in dns_resolve_reverse()
225 evdns_base_free(dns, 0); in dns_resolve_reverse()
544 struct evdns_base *dns = NULL; in dns_search_test_impl() local
559 dns = evdns_base_new(base, 0); in dns_search_test_impl()
560 tt_assert(!evdns_base_nameserver_ip_add(dns, buf)); in dns_search_test_impl()
562 evdns_base_search_add(dns, "a.example.com"); in dns_search_test_impl()
[all …]
|
| /freebsd/lib/libcasper/services/cap_dns/ |
| H A D | cap_dns.3 | 87 .Nm system.dns
138 means that reverse DNS lookups are allowed with
163 .Nm system.dns
185 /* Use Casper capability to create capability to the system.dns service. */
186 capdns = cap_service_open(capcas, "system.dns");
188 err(1, "Unable to open system.dns service");
193 /* Limit system.dns to reserve IPv4 addresses */
196 err(1, "Unable to limit access to the system.dns service");
206 /* Limit system.dns to reverse DNS lookups. */
208 err(1, "Unable to limit access to the system.dns service");
|
| /freebsd/crypto/openssl/test/certs/ |
| H A D | setup.sh | 265 NC="permitted;DNS:www.good.org, permitted;DNS:good.com,"
274 NC="excluded;DNS:www.bad.org, excluded;DNS:bad.com,"
286 NC="permitted;DNS:www.good.net, permitted;DNS:ok.good.com, "
287 NC="$NC excluded;DNS:bad.ok.good.com"
296 "DNS.1 = www.good.org" "DNS.2 = any.good.com" \
300 # all DNS-like CNs allowed by CA1, no DNS SANs.
304 "3.CN=not..dns" "4.CN=not@dns" "5.CN=not-.dns" "6.CN=not.dns." | \
308 # all DNS-like CNs allowed by CA1, no SANs
314 # Some DNS-like CNs not permitted by CA1, no DNS SANs.
325 "DNS.1 = www.anything.org" "DNS.2 = any.other.com" \
[all …]
|
| /freebsd/crypto/heimdal/lib/wind/ |
| H A D | rfc3490.txt | 40 required in existing protocols like DNS, so that IDNs can be
54 3.2.1. DNS resource records................................ 8
68 6. Implications for typical applications using DNS............... 13
71 6.3 DNS servers............................................... 15
90 does not depend on any changes to DNS servers, resolvers, or protocol
91 elements, because the ASCII name service provided by the existing DNS
106 and DNS servers being updated in order for a user to use an
109 applications only; no changes are needed to the DNS protocol or any
110 DNS servers or the resolvers on user's computers.
125 IDNA does not extend the service offered by DNS to the applications.
[all …]
|
| /freebsd/contrib/unbound/contrib/ |
| H A D | unbound-querycachedb.py | 10 import dns.message
11 import dns.name
12 import dns.rdataclass
13 import dns.rdatatype
18 hobj.update(dns.name.from_text(qname).to_wire())
20 socket.htons(dns.rdatatype.from_text(qtype)),
21 socket.htons(dns.rdataclass.from_text(qclass))))
43 print(dns.message.from_wire(value[:-16]))
|
| H A D | unbound_munin_ | 57 unbound_munin_ - Munin plugin to monitor the Unbound DNS resolver.
242 echo "graph_title Unbound DNS traffic and cache hits"
246 echo "graph_category dns"
264 …echo "graph_info DNS queries to the recursive resolver. The unwanted replies could be innocent dup…
271 echo "graph_category dns"
282 echo "graph_category dns"
294 echo "graph_title Unbound DNS queries by type"
298 echo "graph_category dns"
303 echo "graph_info queries by DNS RR type queried for"
306 echo "graph_title Unbound DNS queries by class"
[all …]
|
| /freebsd/contrib/ntp/sntp/libevent/include/event2/ |
| H A D | dns.h | 29 * The original DNS code is due to Adam Langley with heavy
30 * modifications by Nick Mathewson. Adam put his DNS software in the
50 /** @file event2/dns.h
54 * Async DNS lookups are really a whole lot harder than they should be,
87 * although many DNS queries may be generated from a single call to
167 /** The request was canceled because the DNS subsystem was shut down. */
171 /** There were no answers and no error condition in the DNS packet.
237 * exiting when we have no active dns requests. */
245 Initialize the asynchronous DNS library.
251 @param event_base the event base to associate the dns client with
[all …]
|
| /freebsd/contrib/libevent/include/event2/ |
| H A D | dns.h | 29 * The original DNS code is due to Adam Langley with heavy
30 * modifications by Nick Mathewson. Adam put his DNS software in the
50 /** @file event2/dns.h
54 * Async DNS lookups are really a whole lot harder than they should be,
87 * although many DNS queries may be generated from a single call to
167 /** The request was canceled because the DNS subsystem was shut down. */
171 /** There were no answers and no error condition in the DNS packet.
237 * exiting when we have no active dns requests. */
245 Initialize the asynchronous DNS library.
251 @param event_base the event base to associate the dns client with
[all …]
|
| /freebsd/contrib/netbsd-tests/lib/libc/net/ |
| H A D | t_hostent.sh | 47 # Hijack DNS traffic using a single rump server instance and a DNS
167 atf_set "descr" "Checks DNS name lookup for AF_INET"
172 atf_check -o inline:"$ans4" -x "$HIJACK_DNS ${dir}/h_hostent ${res} -t dns -4 $n4"
182 atf_set "descr" "Checks DNS name lookup for AF_INET6"
187 atf_check -o inline:"$ans6" -x "$HIJACK_DNS ${dir}/h_hostent ${res} -t dns -6 $n6"
197 atf_set "descr" "Checks DNS address lookup for AF_INET"
202 atf_check -o inline:"$ans4" -x "$HIJACK_DNS ${dir}/h_hostent ${res} -t dns -4 -a $a4"
212 atf_set "descr" "Checks dns address lookup for AF_INET6"
217 atf_check -o inline:"$ans6" -x "$HIJACK_DNS ${dir}/h_hostent ${res} -t dns -6 -a $a6"
|
| /freebsd/contrib/llvm-project/llvm/lib/Target/AMDGPU/ |
| H A D | MIMGInstructions.td | 194 class MIMG_Base <dag outs, string dns = "">
207 let DecoderNamespace = dns;
208 let isAsmParserOnly = !eq(dns, "");
211 class MIMG <dag outs, string dns = "">
212 : MIMG_Base <outs, dns> {
227 class VIMAGE <dag outs, string dns = ""> : MIMG<outs, dns> {
232 class VSAMPLE <dag outs, string dns = ""> : MIMG<outs, dns> {
290 class MIMG_gfx6789<bits<8> op, dag outs, string dns = "">
291 : MIMG<outs, dns>, MIMGe_gfx6789<op> {
301 class MIMG_gfx90a<bits<8> op, dag outs, string dns = "">
[all …]
|
| /freebsd/usr.sbin/ppp/ |
| H A D | ipcp.c | 148 { 129, "PRIDNS" }, /* 129: Primary DNS Server Address */ in protoname()
150 { 131, "SECDNS" }, /* 131: Secondary DNS Server Address */ in protoname()
179 ipcp->ns.dns[0].s_addr = ipcp->ns.dns[1].s_addr = INADDR_NONE; in ipcp_LoadDNS()
252 if (n < 2 && inet_aton(cp, ipcp->ns.dns)) in ipcp_LoadDNS()
269 if (n == 2 && ipcp->ns.dns[0].s_addr == INADDR_ANY) { in ipcp_LoadDNS()
270 ipcp->ns.dns[0].s_addr = ipcp->ns.dns[1].s_addr; in ipcp_LoadDNS()
271 ipcp->ns.dns[1].s_addr = INADDR_ANY; in ipcp_LoadDNS()
290 if (ipcp->ns.dns[0].s_addr == INADDR_ANY && in ipcp_WriteDNS()
291 ipcp->ns.dns[1].s_addr == INADDR_ANY) { in ipcp_WriteDNS()
297 if (ipcp->ns.dns[0].s_addr == INADDR_ANY) { in ipcp_WriteDNS()
[all …]
|
| /freebsd/contrib/unbound/services/cache/ |
| H A D | dns.h | 2 * services/cache/dns.h - Cache services for DNS using msg and rrset caches.
39 * This file contains the DNS cache.
55 /** Allow caching a DNS message with a zero TTL. */
69 * Allocate a dns_msg with malloc/alloc structure and store in dns cache.
71 * @param env: environment, with alloc structure and dns cache.
108 * @param env: module environment with the DNS cache.
131 * @param env: module environment with the DNS cache.
155 * @param env: module environment with the DNS cache. NULL if the LRU from cache
157 * @param q: query info, contains qname that will make up the dns messag
[all...] |
| /freebsd/sys/contrib/device-tree/Bindings/arm/marvell/ |
| H A D | marvell,kirkwood.txt | 32 "dlink,dns-320"
33 "dlink,dns-320-a1"
34 "dlink,dns-325"
35 "dlink,dns-325-a1"
36 "dlink,dns-kirkwood"
|
| /freebsd/sys/netpfil/ipfilter/netinet/ |
| H A D | ip_dns_pxy.c | 12 * map ... proxy port dns/udp 53 { block .cnn.com; }
70 RWLOCK_INIT(&softd->ipf_p_dns_rwlock, "ipf dns rwlock"); in ipf_p_dns_soft_create()
182 * No real DNS packet is smaller than that. in ipf_p_dns_new()
194 MUTEX_INIT(&di->dnsi_lock, "dns lock"); in ipf_p_dns_new()
317 ipf_dns_hdr_t *dns; in ipf_p_dns_inout() local
322 if (fin->fin_dlen < sizeof(*dns)) in ipf_p_dns_inout()
325 dns = (ipf_dns_hdr_t *)((char *)fin->fin_dp + sizeof(udphdr_t)); in ipf_p_dns_inout()
327 q = dns->dns_qdcount; in ipf_p_dns_inout()
329 data = (char *)(dns + 1); in ipf_p_dns_inout()
330 dlen = fin->fin_dlen - sizeof(*dns) - sizeof(udphdr_t); in ipf_p_dns_inout()
|
| /freebsd/libexec/bootpd/ |
| H A D | Problems | 21 timeouts on failed DNS lookup operations. If this is the
22 problem, find the client names for which DNS lookup fails
31 If your DNS lookups work but are just slow, consider either
32 running bootpd on the same machine as the DNS server or
33 running a caching DNS server on the host running bootpd.
|
| /freebsd/release/packages/ucl/ |
| H A D | local-unbound-all.ucl | 19 comment = "NLnet Labs Unbound DNS resolver"
22 Unbound is a caching, DNSSEC-validating DNS resolver developed by NLnet Labs.
23 This version of Unbound, called local-unbound, is intended to service DNS
28 as "dns/unbound".
|
| /freebsd/sys/contrib/device-tree/src/arm/marvell/ |
| H A D | kirkwood-dns320.dts | 7 model = "D-Link DNS-320 NAS (Rev A1)";
8 …compatible = "dlink,dns-320-a1", "dlink,dns-320", "dlink,dns-kirkwood", "marvell,kirkwood-88f6281"…
|
| H A D | kirkwood-dns325.dts | 7 model = "D-Link DNS-325 NAS (Rev A1)";
8 …compatible = "dlink,dns-325-a1", "dlink,dns-325", "dlink,dns-kirkwood", "marvell,kirkwood-88f6281"…
|
| /freebsd/usr.sbin/ypserv/ |
| H A D | yp_dnslookup.c | 37 * Do standard and reverse DNS lookups using the resolver library.
155 yp_error("failed to malloc() circleq dns entry"); in yp_malloc_dnsent()
276 yp_error("sending dns reply to %s (%lu)", in yp_send_dns_reply()
338 * Data is pending on the DNS socket; check for valid replies
353 yp_error("running dns queue"); in yp_run_dnsq()
381 yp_error("got dns reply from %s", inet_ntoa(sin.sin_addr)); in yp_run_dnsq()
405 * Queue and transmit an asynchronous DNS hostname lookup.
443 yp_error("DNS query failed"); in yp_async_lookup_name()
453 yp_error("queueing async DNS name lookup (%lu)", q->id); in yp_async_lookup_name()
460 * Queue and transmit an asynchronous DNS IP address lookup.
[all …]
|
| /freebsd/contrib/unbound/doc/ |
| H A D | libunbound.3 | 47 \- Unbound DNS validating resolver 1.23.1 functions.
154 is an implementation of a DNS resolver, that does caching and
159 and obtain other information from the DNS. The library performs public\-key
217 Set machine to forward DNS queries to, the caching resolver to use.
218 IP4 or IP6 address. Forwards all DNS requests to that machine, which
226 Set a stub zone, authoritative dns servers to use for a particular zone.
235 Enable DNS over TLS (DoT) for machines set with
338 The rrtype and rrclass are DNS type and class codes.
386 The result of the DNS resolution and validation is returned as
|
| H A D | unbound.conf.5 | 158 also https or dns over tls port numbers by putting them in the list as well.
227 not set higher than that value. Default is 1232 which is the DNS Flag Day 2020
251 for 64 Kb packets, the maximum DNS message size. No message larger than this
253 for DNS data, such as for huge resource records, will result in a SERVFAIL
321 that sent the query with a valid DNS cookie. Since the cookie validates
334 The wait limit for the netblock, when the query has a DNS cookie.
471 IPv6 transport for sending DNS traffic, it does not impact the contents of
472 the DNS traffic, which may have ip4 and ip6 addresses in it.
475 If enabled, prefer IPv4 transport for sending DNS queries to internet
482 If enabled, prefer IPv6 transport for sending DNS queries to internet
[all …]
|