1b7579f77SDag-Erling Smørgrav /* 2b7579f77SDag-Erling Smørgrav * checkconf/unbound-host.c - replacement for host that supports validation. 3b7579f77SDag-Erling Smørgrav * 4b7579f77SDag-Erling Smørgrav * Copyright (c) 2007, NLnet Labs. All rights reserved. 5b7579f77SDag-Erling Smørgrav * 6b7579f77SDag-Erling Smørgrav * This software is open source. 7b7579f77SDag-Erling Smørgrav * 8b7579f77SDag-Erling Smørgrav * Redistribution and use in source and binary forms, with or without 9b7579f77SDag-Erling Smørgrav * modification, are permitted provided that the following conditions 10b7579f77SDag-Erling Smørgrav * are met: 11b7579f77SDag-Erling Smørgrav * 12b7579f77SDag-Erling Smørgrav * Redistributions of source code must retain the above copyright notice, 13b7579f77SDag-Erling Smørgrav * this list of conditions and the following disclaimer. 14b7579f77SDag-Erling Smørgrav * 15b7579f77SDag-Erling Smørgrav * Redistributions in binary form must reproduce the above copyright notice, 16b7579f77SDag-Erling Smørgrav * this list of conditions and the following disclaimer in the documentation 17b7579f77SDag-Erling Smørgrav * and/or other materials provided with the distribution. 18b7579f77SDag-Erling Smørgrav * 19b7579f77SDag-Erling Smørgrav * Neither the name of the NLNET LABS nor the names of its contributors may 20b7579f77SDag-Erling Smørgrav * be used to endorse or promote products derived from this software without 21b7579f77SDag-Erling Smørgrav * specific prior written permission. 22b7579f77SDag-Erling Smørgrav * 23b7579f77SDag-Erling Smørgrav * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 2417d15b25SDag-Erling Smørgrav * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 2517d15b25SDag-Erling Smørgrav * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 2617d15b25SDag-Erling Smørgrav * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 2717d15b25SDag-Erling Smørgrav * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 2817d15b25SDag-Erling Smørgrav * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 2917d15b25SDag-Erling Smørgrav * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 3017d15b25SDag-Erling Smørgrav * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 3117d15b25SDag-Erling Smørgrav * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 3217d15b25SDag-Erling Smørgrav * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 3317d15b25SDag-Erling Smørgrav * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34b7579f77SDag-Erling Smørgrav */ 35b7579f77SDag-Erling Smørgrav 36b7579f77SDag-Erling Smørgrav /** 37b7579f77SDag-Erling Smørgrav * \file 38b7579f77SDag-Erling Smørgrav * 39b7579f77SDag-Erling Smørgrav * This file performs functionality like 'host', and also supports validation. 40b7579f77SDag-Erling Smørgrav * It uses the libunbound library. 41b7579f77SDag-Erling Smørgrav */ 42b7579f77SDag-Erling Smørgrav 43b7579f77SDag-Erling Smørgrav #include "config.h" 44b7579f77SDag-Erling Smørgrav #ifdef HAVE_GETOPT_H 45b7579f77SDag-Erling Smørgrav #include <getopt.h> 46b7579f77SDag-Erling Smørgrav #endif 47b7579f77SDag-Erling Smørgrav /* remove alloc checks, not in this part of the code */ 48b7579f77SDag-Erling Smørgrav #ifdef UNBOUND_ALLOC_STATS 49b7579f77SDag-Erling Smørgrav #undef malloc 50b7579f77SDag-Erling Smørgrav #undef calloc 51b7579f77SDag-Erling Smørgrav #undef free 52b7579f77SDag-Erling Smørgrav #undef realloc 53b7579f77SDag-Erling Smørgrav #endif 54b7579f77SDag-Erling Smørgrav #ifdef UNBOUND_ALLOC_LITE 55b7579f77SDag-Erling Smørgrav #undef malloc 56b7579f77SDag-Erling Smørgrav #undef calloc 57b7579f77SDag-Erling Smørgrav #undef free 58b7579f77SDag-Erling Smørgrav #undef realloc 59b7579f77SDag-Erling Smørgrav #undef strdup 60b7579f77SDag-Erling Smørgrav #define unbound_lite_wrapstr(s) s 61b7579f77SDag-Erling Smørgrav #endif 62b7579f77SDag-Erling Smørgrav #include "libunbound/unbound.h" 6309a3aaf3SDag-Erling Smørgrav #include "sldns/rrdef.h" 6409a3aaf3SDag-Erling Smørgrav #include "sldns/wire2str.h" 658ed2b524SDag-Erling Smørgrav #ifdef HAVE_NSS 668ed2b524SDag-Erling Smørgrav /* nss3 */ 678ed2b524SDag-Erling Smørgrav #include "nss.h" 688ed2b524SDag-Erling Smørgrav #endif 69*3bd4df0aSDag-Erling Smørgrav #ifdef HAVE_SSL 70*3bd4df0aSDag-Erling Smørgrav #ifdef HAVE_OPENSSL_SSL_H 71*3bd4df0aSDag-Erling Smørgrav #include <openssl/ssl.h> 72*3bd4df0aSDag-Erling Smørgrav #endif 73*3bd4df0aSDag-Erling Smørgrav #ifdef HAVE_OPENSSL_ERR_H 74*3bd4df0aSDag-Erling Smørgrav #include <openssl/err.h> 75*3bd4df0aSDag-Erling Smørgrav #endif 76*3bd4df0aSDag-Erling Smørgrav #endif /* HAVE_SSL */ 77b7579f77SDag-Erling Smørgrav 78b7579f77SDag-Erling Smørgrav /** verbosity for unbound-host app */ 79b7579f77SDag-Erling Smørgrav static int verb = 0; 80b7579f77SDag-Erling Smørgrav 81b7579f77SDag-Erling Smørgrav /** Give unbound-host usage, and exit (1). */ 82b7579f77SDag-Erling Smørgrav static void 83b5663de9SDag-Erling Smørgrav usage(void) 84b7579f77SDag-Erling Smørgrav { 85b7579f77SDag-Erling Smørgrav printf("Usage: unbound-host [-vdhr46] [-c class] [-t type] hostname\n"); 86b7579f77SDag-Erling Smørgrav printf(" [-y key] [-f keyfile] [-F namedkeyfile]\n"); 87b7579f77SDag-Erling Smørgrav printf(" [-C configfile]\n"); 88b7579f77SDag-Erling Smørgrav printf(" Queries the DNS for information.\n"); 89b7579f77SDag-Erling Smørgrav printf(" The hostname is looked up for IP4, IP6 and mail.\n"); 90b7579f77SDag-Erling Smørgrav printf(" If an ip-address is given a reverse lookup is done.\n"); 91b7579f77SDag-Erling Smørgrav printf(" Use the -v option to see DNSSEC security information.\n"); 92b7579f77SDag-Erling Smørgrav printf(" -t type what type to look for.\n"); 93b7579f77SDag-Erling Smørgrav printf(" -c class what class to look for, if not class IN.\n"); 94b7579f77SDag-Erling Smørgrav printf(" -y 'keystring' specify trust anchor, DS or DNSKEY, like\n"); 95b7579f77SDag-Erling Smørgrav printf(" -y 'example.com DS 31560 5 1 1CFED8478...'\n"); 96ff825849SDag-Erling Smørgrav printf(" -D DNSSEC enable with default root anchor\n"); 97ff825849SDag-Erling Smørgrav printf(" from %s\n", ROOT_ANCHOR_FILE); 98b7579f77SDag-Erling Smørgrav printf(" -f keyfile read trust anchors from file, with lines as -y.\n"); 99b7579f77SDag-Erling Smørgrav printf(" -F keyfile read named.conf-style trust anchors.\n"); 100b7579f77SDag-Erling Smørgrav printf(" -C config use the specified unbound.conf (none read by default)\n"); 101b7579f77SDag-Erling Smørgrav printf(" -r read forwarder information from /etc/resolv.conf\n"); 102b5663de9SDag-Erling Smørgrav printf(" breaks validation if the forwarder does not do DNSSEC.\n"); 103b7579f77SDag-Erling Smørgrav printf(" -v be more verbose, shows nodata and security.\n"); 104b7579f77SDag-Erling Smørgrav printf(" -d debug, traces the action, -d -d shows more.\n"); 105b7579f77SDag-Erling Smørgrav printf(" -4 use ipv4 network, avoid ipv6.\n"); 106b7579f77SDag-Erling Smørgrav printf(" -6 use ipv6 network, avoid ipv4.\n"); 107b7579f77SDag-Erling Smørgrav printf(" -h show this usage help.\n"); 108b7579f77SDag-Erling Smørgrav printf("Version %s\n", PACKAGE_VERSION); 109b7579f77SDag-Erling Smørgrav printf("BSD licensed, see LICENSE in source package for details.\n"); 110b7579f77SDag-Erling Smørgrav printf("Report bugs to %s\n", PACKAGE_BUGREPORT); 111b7579f77SDag-Erling Smørgrav exit(1); 112b7579f77SDag-Erling Smørgrav } 113b7579f77SDag-Erling Smørgrav 114b7579f77SDag-Erling Smørgrav /** determine if str is ip4 and put into reverse lookup format */ 115b7579f77SDag-Erling Smørgrav static int 116b7579f77SDag-Erling Smørgrav isip4(const char* nm, char** res) 117b7579f77SDag-Erling Smørgrav { 118b7579f77SDag-Erling Smørgrav struct in_addr addr; 119b7579f77SDag-Erling Smørgrav /* ddd.ddd.ddd.ddd.in-addr.arpa. is less than 32 */ 120b7579f77SDag-Erling Smørgrav char buf[32]; 121b7579f77SDag-Erling Smørgrav if(inet_pton(AF_INET, nm, &addr) <= 0) { 122b7579f77SDag-Erling Smørgrav return 0; 123b7579f77SDag-Erling Smørgrav } 124b7579f77SDag-Erling Smørgrav snprintf(buf, sizeof(buf), "%u.%u.%u.%u.in-addr.arpa", 125b7579f77SDag-Erling Smørgrav (unsigned)((uint8_t*)&addr)[3], (unsigned)((uint8_t*)&addr)[2], 126b7579f77SDag-Erling Smørgrav (unsigned)((uint8_t*)&addr)[1], (unsigned)((uint8_t*)&addr)[0]); 127b7579f77SDag-Erling Smørgrav *res = strdup(buf); 128b7579f77SDag-Erling Smørgrav return 1; 129b7579f77SDag-Erling Smørgrav } 130b7579f77SDag-Erling Smørgrav 131b7579f77SDag-Erling Smørgrav /** determine if str is ip6 and put into reverse lookup format */ 132b7579f77SDag-Erling Smørgrav static int 133b7579f77SDag-Erling Smørgrav isip6(const char* nm, char** res) 134b7579f77SDag-Erling Smørgrav { 135b7579f77SDag-Erling Smørgrav struct in6_addr addr; 136b7579f77SDag-Erling Smørgrav /* [nibble.]{32}.ip6.arpa. is less than 128 */ 137b7579f77SDag-Erling Smørgrav const char* hex = "0123456789abcdef"; 138b7579f77SDag-Erling Smørgrav char buf[128]; 139b7579f77SDag-Erling Smørgrav char *p; 140b7579f77SDag-Erling Smørgrav int i; 141b7579f77SDag-Erling Smørgrav if(inet_pton(AF_INET6, nm, &addr) <= 0) { 142b7579f77SDag-Erling Smørgrav return 0; 143b7579f77SDag-Erling Smørgrav } 144b7579f77SDag-Erling Smørgrav p = buf; 145b7579f77SDag-Erling Smørgrav for(i=15; i>=0; i--) { 146b7579f77SDag-Erling Smørgrav uint8_t b = ((uint8_t*)&addr)[i]; 147b7579f77SDag-Erling Smørgrav *p++ = hex[ (b&0x0f) ]; 148b7579f77SDag-Erling Smørgrav *p++ = '.'; 149b7579f77SDag-Erling Smørgrav *p++ = hex[ (b&0xf0) >> 4 ]; 150b7579f77SDag-Erling Smørgrav *p++ = '.'; 151b7579f77SDag-Erling Smørgrav } 152b7579f77SDag-Erling Smørgrav snprintf(buf+16*4, sizeof(buf)-16*4, "ip6.arpa"); 153b7579f77SDag-Erling Smørgrav *res = strdup(buf); 154b7579f77SDag-Erling Smørgrav if(!*res) { 155b7579f77SDag-Erling Smørgrav fprintf(stderr, "error: out of memory\n"); 156b7579f77SDag-Erling Smørgrav exit(1); 157b7579f77SDag-Erling Smørgrav } 158b7579f77SDag-Erling Smørgrav return 1; 159b7579f77SDag-Erling Smørgrav } 160b7579f77SDag-Erling Smørgrav 161b7579f77SDag-Erling Smørgrav /** massage input name */ 162b7579f77SDag-Erling Smørgrav static char* 163b7579f77SDag-Erling Smørgrav massage_qname(const char* nm, int* reverse) 164b7579f77SDag-Erling Smørgrav { 165b7579f77SDag-Erling Smørgrav /* recognise IP4 and IP6, create reverse addresses if needed */ 166b7579f77SDag-Erling Smørgrav char* res; 167b7579f77SDag-Erling Smørgrav if(isip4(nm, &res)) { 168b7579f77SDag-Erling Smørgrav *reverse = 1; 169b7579f77SDag-Erling Smørgrav } else if(isip6(nm, &res)) { 170b7579f77SDag-Erling Smørgrav *reverse = 1; 171b7579f77SDag-Erling Smørgrav } else { 172b7579f77SDag-Erling Smørgrav res = strdup(nm); 173b7579f77SDag-Erling Smørgrav } 174b7579f77SDag-Erling Smørgrav if(!res) { 175b7579f77SDag-Erling Smørgrav fprintf(stderr, "error: out of memory\n"); 176b7579f77SDag-Erling Smørgrav exit(1); 177b7579f77SDag-Erling Smørgrav } 178b7579f77SDag-Erling Smørgrav return res; 179b7579f77SDag-Erling Smørgrav } 180b7579f77SDag-Erling Smørgrav 181b7579f77SDag-Erling Smørgrav /** massage input type */ 182b7579f77SDag-Erling Smørgrav static int 183b7579f77SDag-Erling Smørgrav massage_type(const char* t, int reverse, int* multi) 184b7579f77SDag-Erling Smørgrav { 185b7579f77SDag-Erling Smørgrav if(t) { 18617d15b25SDag-Erling Smørgrav int r = sldns_get_rr_type_by_name(t); 187b7579f77SDag-Erling Smørgrav if(r == 0 && strcasecmp(t, "TYPE0") != 0 && 188b7579f77SDag-Erling Smørgrav strcmp(t, "") != 0) { 189b7579f77SDag-Erling Smørgrav fprintf(stderr, "error unknown type %s\n", t); 190b7579f77SDag-Erling Smørgrav exit(1); 191b7579f77SDag-Erling Smørgrav } 192b7579f77SDag-Erling Smørgrav return r; 193b7579f77SDag-Erling Smørgrav } 194b7579f77SDag-Erling Smørgrav if(!t && reverse) 195b7579f77SDag-Erling Smørgrav return LDNS_RR_TYPE_PTR; 196b7579f77SDag-Erling Smørgrav *multi = 1; 197b7579f77SDag-Erling Smørgrav return LDNS_RR_TYPE_A; 198b7579f77SDag-Erling Smørgrav } 199b7579f77SDag-Erling Smørgrav 200b7579f77SDag-Erling Smørgrav /** massage input class */ 201b7579f77SDag-Erling Smørgrav static int 202b7579f77SDag-Erling Smørgrav massage_class(const char* c) 203b7579f77SDag-Erling Smørgrav { 204b7579f77SDag-Erling Smørgrav if(c) { 20517d15b25SDag-Erling Smørgrav int r = sldns_get_rr_class_by_name(c); 206b7579f77SDag-Erling Smørgrav if(r == 0 && strcasecmp(c, "CLASS0") != 0 && 207b7579f77SDag-Erling Smørgrav strcmp(c, "") != 0) { 208b7579f77SDag-Erling Smørgrav fprintf(stderr, "error unknown class %s\n", c); 209b7579f77SDag-Erling Smørgrav exit(1); 210b7579f77SDag-Erling Smørgrav } 211b7579f77SDag-Erling Smørgrav return r; 212b7579f77SDag-Erling Smørgrav } 213b7579f77SDag-Erling Smørgrav return LDNS_RR_CLASS_IN; 214b7579f77SDag-Erling Smørgrav } 215b7579f77SDag-Erling Smørgrav 216b7579f77SDag-Erling Smørgrav /** nice security status string */ 217b7579f77SDag-Erling Smørgrav static const char* 218b7579f77SDag-Erling Smørgrav secure_str(struct ub_result* result) 219b7579f77SDag-Erling Smørgrav { 2208a384985SDag-Erling Smørgrav if(result->rcode != 0 && result->rcode != 3) return "(error)"; 221b7579f77SDag-Erling Smørgrav if(result->secure) return "(secure)"; 222b7579f77SDag-Erling Smørgrav if(result->bogus) return "(BOGUS (security failure))"; 223b7579f77SDag-Erling Smørgrav return "(insecure)"; 224b7579f77SDag-Erling Smørgrav } 225b7579f77SDag-Erling Smørgrav 226b7579f77SDag-Erling Smørgrav /** nice string for type */ 227b7579f77SDag-Erling Smørgrav static void 228b7579f77SDag-Erling Smørgrav pretty_type(char* s, size_t len, int t) 229b7579f77SDag-Erling Smørgrav { 23017d15b25SDag-Erling Smørgrav char d[16]; 23117d15b25SDag-Erling Smørgrav sldns_wire2str_type_buf((uint16_t)t, d, sizeof(d)); 232b7579f77SDag-Erling Smørgrav snprintf(s, len, "%s", d); 233b7579f77SDag-Erling Smørgrav } 234b7579f77SDag-Erling Smørgrav 235b7579f77SDag-Erling Smørgrav /** nice string for class */ 236b7579f77SDag-Erling Smørgrav static void 237b7579f77SDag-Erling Smørgrav pretty_class(char* s, size_t len, int c) 238b7579f77SDag-Erling Smørgrav { 23917d15b25SDag-Erling Smørgrav char d[16]; 24017d15b25SDag-Erling Smørgrav sldns_wire2str_class_buf((uint16_t)c, d, sizeof(d)); 241b7579f77SDag-Erling Smørgrav snprintf(s, len, "%s", d); 242b7579f77SDag-Erling Smørgrav } 243b7579f77SDag-Erling Smørgrav 244b7579f77SDag-Erling Smørgrav /** nice string for rcode */ 245b7579f77SDag-Erling Smørgrav static void 246b7579f77SDag-Erling Smørgrav pretty_rcode(char* s, size_t len, int r) 247b7579f77SDag-Erling Smørgrav { 24817d15b25SDag-Erling Smørgrav char d[16]; 24917d15b25SDag-Erling Smørgrav sldns_wire2str_rcode_buf(r, d, sizeof(d)); 25017d15b25SDag-Erling Smørgrav snprintf(s, len, "%s", d); 251b7579f77SDag-Erling Smørgrav } 252b7579f77SDag-Erling Smørgrav 253b7579f77SDag-Erling Smørgrav /** convert and print rdata */ 254b7579f77SDag-Erling Smørgrav static void 255b7579f77SDag-Erling Smørgrav print_rd(int t, char* data, size_t len) 256b7579f77SDag-Erling Smørgrav { 25717d15b25SDag-Erling Smørgrav char s[65535]; 25817d15b25SDag-Erling Smørgrav sldns_wire2str_rdata_buf((uint8_t*)data, len, s, sizeof(s), (uint16_t)t); 25917d15b25SDag-Erling Smørgrav printf(" %s", s); 260b7579f77SDag-Erling Smørgrav } 261b7579f77SDag-Erling Smørgrav 262b7579f77SDag-Erling Smørgrav /** pretty line of RR data for results */ 263b7579f77SDag-Erling Smørgrav static void 264b7579f77SDag-Erling Smørgrav pretty_rdata(char* q, char* cstr, char* tstr, int t, const char* sec, 265b7579f77SDag-Erling Smørgrav char* data, size_t len) 266b7579f77SDag-Erling Smørgrav { 267b7579f77SDag-Erling Smørgrav printf("%s", q); 268b7579f77SDag-Erling Smørgrav if(strcmp(cstr, "IN") != 0) 269b7579f77SDag-Erling Smørgrav printf(" in class %s", cstr); 270b7579f77SDag-Erling Smørgrav if(t == LDNS_RR_TYPE_A) 271b7579f77SDag-Erling Smørgrav printf(" has address"); 272b7579f77SDag-Erling Smørgrav else if(t == LDNS_RR_TYPE_AAAA) 273b7579f77SDag-Erling Smørgrav printf(" has IPv6 address"); 274b7579f77SDag-Erling Smørgrav else if(t == LDNS_RR_TYPE_MX) 275b7579f77SDag-Erling Smørgrav printf(" mail is handled by"); 276b7579f77SDag-Erling Smørgrav else if(t == LDNS_RR_TYPE_PTR) 277b7579f77SDag-Erling Smørgrav printf(" domain name pointer"); 278b7579f77SDag-Erling Smørgrav else printf(" has %s record", tstr); 279b7579f77SDag-Erling Smørgrav print_rd(t, data, len); 280b7579f77SDag-Erling Smørgrav if(verb > 0) 281b7579f77SDag-Erling Smørgrav printf(" %s", sec); 282b7579f77SDag-Erling Smørgrav printf("\n"); 283b7579f77SDag-Erling Smørgrav } 284b7579f77SDag-Erling Smørgrav 285b7579f77SDag-Erling Smørgrav /** pretty line of output for results */ 286b7579f77SDag-Erling Smørgrav static void 287b7579f77SDag-Erling Smørgrav pretty_output(char* q, int t, int c, struct ub_result* result, int docname) 288b7579f77SDag-Erling Smørgrav { 289b7579f77SDag-Erling Smørgrav int i; 290b7579f77SDag-Erling Smørgrav const char *secstatus = secure_str(result); 291b7579f77SDag-Erling Smørgrav char tstr[16]; 292b7579f77SDag-Erling Smørgrav char cstr[16]; 293b7579f77SDag-Erling Smørgrav char rcodestr[16]; 294b7579f77SDag-Erling Smørgrav pretty_type(tstr, 16, t); 295b7579f77SDag-Erling Smørgrav pretty_class(cstr, 16, c); 296b7579f77SDag-Erling Smørgrav pretty_rcode(rcodestr, 16, result->rcode); 297b7579f77SDag-Erling Smørgrav 298b7579f77SDag-Erling Smørgrav if(!result->havedata && result->rcode) { 299b7579f77SDag-Erling Smørgrav printf("Host %s not found: %d(%s).", 300b7579f77SDag-Erling Smørgrav q, result->rcode, rcodestr); 301b7579f77SDag-Erling Smørgrav if(verb > 0) 302b7579f77SDag-Erling Smørgrav printf(" %s", secstatus); 303b7579f77SDag-Erling Smørgrav printf("\n"); 304b7579f77SDag-Erling Smørgrav if(result->bogus && result->why_bogus) 305b7579f77SDag-Erling Smørgrav printf("%s\n", result->why_bogus); 306b7579f77SDag-Erling Smørgrav return; 307b7579f77SDag-Erling Smørgrav } 308b7579f77SDag-Erling Smørgrav if(docname && result->canonname && 309b7579f77SDag-Erling Smørgrav result->canonname != result->qname) { 310b7579f77SDag-Erling Smørgrav printf("%s is an alias for %s", result->qname, 311b7579f77SDag-Erling Smørgrav result->canonname); 312b7579f77SDag-Erling Smørgrav if(verb > 0) 313b7579f77SDag-Erling Smørgrav printf(" %s", secstatus); 314b7579f77SDag-Erling Smørgrav printf("\n"); 315b7579f77SDag-Erling Smørgrav } 316b7579f77SDag-Erling Smørgrav /* remove trailing . from long canonnames for nicer output */ 317b7579f77SDag-Erling Smørgrav if(result->canonname && strlen(result->canonname) > 1 && 318b7579f77SDag-Erling Smørgrav result->canonname[strlen(result->canonname)-1] == '.') 319b7579f77SDag-Erling Smørgrav result->canonname[strlen(result->canonname)-1] = 0; 320b7579f77SDag-Erling Smørgrav if(!result->havedata) { 321b7579f77SDag-Erling Smørgrav if(verb > 0) { 322b7579f77SDag-Erling Smørgrav printf("%s", result->canonname?result->canonname:q); 323b7579f77SDag-Erling Smørgrav if(strcmp(cstr, "IN") != 0) 324b7579f77SDag-Erling Smørgrav printf(" in class %s", cstr); 325b7579f77SDag-Erling Smørgrav if(t == LDNS_RR_TYPE_A) 326b7579f77SDag-Erling Smørgrav printf(" has no address"); 327b7579f77SDag-Erling Smørgrav else if(t == LDNS_RR_TYPE_AAAA) 328b7579f77SDag-Erling Smørgrav printf(" has no IPv6 address"); 329b7579f77SDag-Erling Smørgrav else if(t == LDNS_RR_TYPE_PTR) 330b7579f77SDag-Erling Smørgrav printf(" has no domain name ptr"); 331b7579f77SDag-Erling Smørgrav else if(t == LDNS_RR_TYPE_MX) 332b7579f77SDag-Erling Smørgrav printf(" has no mail handler record"); 333b7579f77SDag-Erling Smørgrav else if(t == LDNS_RR_TYPE_ANY) { 33417d15b25SDag-Erling Smørgrav char* s = sldns_wire2str_pkt( 33517d15b25SDag-Erling Smørgrav result->answer_packet, 33617d15b25SDag-Erling Smørgrav (size_t)result->answer_len); 33717d15b25SDag-Erling Smørgrav if(!s) { 33817d15b25SDag-Erling Smørgrav fprintf(stderr, "alloc failure\n"); 339b7579f77SDag-Erling Smørgrav exit(1); 340b7579f77SDag-Erling Smørgrav } 34117d15b25SDag-Erling Smørgrav printf("%s\n", s); 342b7579f77SDag-Erling Smørgrav } else printf(" has no %s record", tstr); 343b7579f77SDag-Erling Smørgrav printf(" %s\n", secstatus); 344b7579f77SDag-Erling Smørgrav } 345b7579f77SDag-Erling Smørgrav /* else: emptiness to indicate no data */ 346b7579f77SDag-Erling Smørgrav if(result->bogus && result->why_bogus) 347b7579f77SDag-Erling Smørgrav printf("%s\n", result->why_bogus); 348b7579f77SDag-Erling Smørgrav return; 349b7579f77SDag-Erling Smørgrav } 350b7579f77SDag-Erling Smørgrav i=0; 351b7579f77SDag-Erling Smørgrav while(result->data[i]) 352b7579f77SDag-Erling Smørgrav { 353b7579f77SDag-Erling Smørgrav pretty_rdata( 354b7579f77SDag-Erling Smørgrav result->canonname?result->canonname:q, 355b7579f77SDag-Erling Smørgrav cstr, tstr, t, secstatus, result->data[i], 356b7579f77SDag-Erling Smørgrav (size_t)result->len[i]); 357b7579f77SDag-Erling Smørgrav i++; 358b7579f77SDag-Erling Smørgrav } 359b7579f77SDag-Erling Smørgrav if(result->bogus && result->why_bogus) 360b7579f77SDag-Erling Smørgrav printf("%s\n", result->why_bogus); 361b7579f77SDag-Erling Smørgrav } 362b7579f77SDag-Erling Smørgrav 363b7579f77SDag-Erling Smørgrav /** perform a lookup and printout return if domain existed */ 364b7579f77SDag-Erling Smørgrav static int 365b7579f77SDag-Erling Smørgrav dnslook(struct ub_ctx* ctx, char* q, int t, int c, int docname) 366b7579f77SDag-Erling Smørgrav { 367b7579f77SDag-Erling Smørgrav int ret; 368b7579f77SDag-Erling Smørgrav struct ub_result* result; 369b7579f77SDag-Erling Smørgrav 370b7579f77SDag-Erling Smørgrav ret = ub_resolve(ctx, q, t, c, &result); 371b7579f77SDag-Erling Smørgrav if(ret != 0) { 372b7579f77SDag-Erling Smørgrav fprintf(stderr, "resolve error: %s\n", ub_strerror(ret)); 373b7579f77SDag-Erling Smørgrav exit(1); 374b7579f77SDag-Erling Smørgrav } 375b7579f77SDag-Erling Smørgrav pretty_output(q, t, c, result, docname); 376b7579f77SDag-Erling Smørgrav ret = result->nxdomain; 377b7579f77SDag-Erling Smørgrav ub_resolve_free(result); 378b7579f77SDag-Erling Smørgrav return ret; 379b7579f77SDag-Erling Smørgrav } 380b7579f77SDag-Erling Smørgrav 381b7579f77SDag-Erling Smørgrav /** perform host lookup */ 382b7579f77SDag-Erling Smørgrav static void 383b7579f77SDag-Erling Smørgrav lookup(struct ub_ctx* ctx, const char* nm, const char* qt, const char* qc) 384b7579f77SDag-Erling Smørgrav { 385b7579f77SDag-Erling Smørgrav /* massage input into a query name, type and class */ 386b7579f77SDag-Erling Smørgrav int multi = 0; /* no type, so do A, AAAA, MX */ 387b7579f77SDag-Erling Smørgrav int reverse = 0; /* we are doing a reverse lookup */ 388b7579f77SDag-Erling Smørgrav char* realq = massage_qname(nm, &reverse); 389b7579f77SDag-Erling Smørgrav int t = massage_type(qt, reverse, &multi); 390b7579f77SDag-Erling Smørgrav int c = massage_class(qc); 391b7579f77SDag-Erling Smørgrav 392b7579f77SDag-Erling Smørgrav /* perform the query */ 393b7579f77SDag-Erling Smørgrav if(multi) { 394b7579f77SDag-Erling Smørgrav if(!dnslook(ctx, realq, LDNS_RR_TYPE_A, c, 1)) { 395b7579f77SDag-Erling Smørgrav /* domain exists, lookup more */ 396b7579f77SDag-Erling Smørgrav (void)dnslook(ctx, realq, LDNS_RR_TYPE_AAAA, c, 0); 397b7579f77SDag-Erling Smørgrav (void)dnslook(ctx, realq, LDNS_RR_TYPE_MX, c, 0); 398b7579f77SDag-Erling Smørgrav } 399b7579f77SDag-Erling Smørgrav } else { 400b7579f77SDag-Erling Smørgrav (void)dnslook(ctx, realq, t, c, 1); 401b7579f77SDag-Erling Smørgrav } 402b7579f77SDag-Erling Smørgrav ub_ctx_delete(ctx); 403b7579f77SDag-Erling Smørgrav free(realq); 404b7579f77SDag-Erling Smørgrav } 405b7579f77SDag-Erling Smørgrav 406b7579f77SDag-Erling Smørgrav /** print error if any */ 407b7579f77SDag-Erling Smørgrav static void 408b7579f77SDag-Erling Smørgrav check_ub_res(int r) 409b7579f77SDag-Erling Smørgrav { 410b7579f77SDag-Erling Smørgrav if(r != 0) { 411b7579f77SDag-Erling Smørgrav fprintf(stderr, "error: %s\n", ub_strerror(r)); 412b7579f77SDag-Erling Smørgrav exit(1); 413b7579f77SDag-Erling Smørgrav } 414b7579f77SDag-Erling Smørgrav } 415b7579f77SDag-Erling Smørgrav 416b7579f77SDag-Erling Smørgrav /** getopt global, in case header files fail to declare it. */ 417b7579f77SDag-Erling Smørgrav extern int optind; 418b7579f77SDag-Erling Smørgrav /** getopt global, in case header files fail to declare it. */ 419b7579f77SDag-Erling Smørgrav extern char* optarg; 420b7579f77SDag-Erling Smørgrav 421ff825849SDag-Erling Smørgrav /** Main routine for unbound-host */ 422b7579f77SDag-Erling Smørgrav int main(int argc, char* argv[]) 423b7579f77SDag-Erling Smørgrav { 424b7579f77SDag-Erling Smørgrav int c; 425b7579f77SDag-Erling Smørgrav char* qclass = NULL; 426b7579f77SDag-Erling Smørgrav char* qtype = NULL; 427b7579f77SDag-Erling Smørgrav struct ub_ctx* ctx = NULL; 428b7579f77SDag-Erling Smørgrav int debuglevel = 0; 429b7579f77SDag-Erling Smørgrav 430b7579f77SDag-Erling Smørgrav ctx = ub_ctx_create(); 431b7579f77SDag-Erling Smørgrav if(!ctx) { 432b7579f77SDag-Erling Smørgrav fprintf(stderr, "error: out of memory\n"); 433b7579f77SDag-Erling Smørgrav exit(1); 434b7579f77SDag-Erling Smørgrav } 435ff825849SDag-Erling Smørgrav /* no need to fetch additional targets, we only do few lookups */ 436ff825849SDag-Erling Smørgrav check_ub_res(ub_ctx_set_option(ctx, "target-fetch-policy:", "0 0 0 0 0")); 437b7579f77SDag-Erling Smørgrav 438b7579f77SDag-Erling Smørgrav /* parse the options */ 439ff825849SDag-Erling Smørgrav while( (c=getopt(argc, argv, "46DF:c:df:hrt:vy:C:")) != -1) { 440b7579f77SDag-Erling Smørgrav switch(c) { 441b7579f77SDag-Erling Smørgrav case '4': 442b7579f77SDag-Erling Smørgrav check_ub_res(ub_ctx_set_option(ctx, "do-ip6:", "no")); 443b7579f77SDag-Erling Smørgrav break; 444b7579f77SDag-Erling Smørgrav case '6': 445b7579f77SDag-Erling Smørgrav check_ub_res(ub_ctx_set_option(ctx, "do-ip4:", "no")); 446b7579f77SDag-Erling Smørgrav break; 447b7579f77SDag-Erling Smørgrav case 'c': 448b7579f77SDag-Erling Smørgrav qclass = optarg; 449b7579f77SDag-Erling Smørgrav break; 450b7579f77SDag-Erling Smørgrav case 'C': 451b7579f77SDag-Erling Smørgrav check_ub_res(ub_ctx_config(ctx, optarg)); 452b7579f77SDag-Erling Smørgrav break; 453ff825849SDag-Erling Smørgrav case 'D': 454ff825849SDag-Erling Smørgrav check_ub_res(ub_ctx_add_ta_file(ctx, ROOT_ANCHOR_FILE)); 455ff825849SDag-Erling Smørgrav break; 456b7579f77SDag-Erling Smørgrav case 'd': 457b7579f77SDag-Erling Smørgrav debuglevel++; 458b7579f77SDag-Erling Smørgrav if(debuglevel < 2) 459b7579f77SDag-Erling Smørgrav debuglevel = 2; /* at least VERB_DETAIL */ 460b7579f77SDag-Erling Smørgrav break; 461b7579f77SDag-Erling Smørgrav case 'r': 462b7579f77SDag-Erling Smørgrav check_ub_res(ub_ctx_resolvconf(ctx, "/etc/resolv.conf")); 463b7579f77SDag-Erling Smørgrav break; 464b7579f77SDag-Erling Smørgrav case 't': 465b7579f77SDag-Erling Smørgrav qtype = optarg; 466b7579f77SDag-Erling Smørgrav break; 467b7579f77SDag-Erling Smørgrav case 'v': 468b7579f77SDag-Erling Smørgrav verb++; 469b7579f77SDag-Erling Smørgrav break; 470b7579f77SDag-Erling Smørgrav case 'y': 471b7579f77SDag-Erling Smørgrav check_ub_res(ub_ctx_add_ta(ctx, optarg)); 472b7579f77SDag-Erling Smørgrav break; 473b7579f77SDag-Erling Smørgrav case 'f': 474b7579f77SDag-Erling Smørgrav check_ub_res(ub_ctx_add_ta_file(ctx, optarg)); 475b7579f77SDag-Erling Smørgrav break; 476b7579f77SDag-Erling Smørgrav case 'F': 477b7579f77SDag-Erling Smørgrav check_ub_res(ub_ctx_trustedkeys(ctx, optarg)); 478b7579f77SDag-Erling Smørgrav break; 479b7579f77SDag-Erling Smørgrav case '?': 480b7579f77SDag-Erling Smørgrav case 'h': 481b7579f77SDag-Erling Smørgrav default: 482b7579f77SDag-Erling Smørgrav usage(); 483b7579f77SDag-Erling Smørgrav } 484b7579f77SDag-Erling Smørgrav } 485b7579f77SDag-Erling Smørgrav if(debuglevel != 0) /* set after possible -C options */ 486b7579f77SDag-Erling Smørgrav check_ub_res(ub_ctx_debuglevel(ctx, debuglevel)); 487b7579f77SDag-Erling Smørgrav if(ub_ctx_get_option(ctx, "use-syslog", &optarg) == 0) { 488b7579f77SDag-Erling Smørgrav if(strcmp(optarg, "yes") == 0) /* disable use-syslog */ 489b7579f77SDag-Erling Smørgrav check_ub_res(ub_ctx_set_option(ctx, 490b7579f77SDag-Erling Smørgrav "use-syslog:", "no")); 491b7579f77SDag-Erling Smørgrav free(optarg); 492b7579f77SDag-Erling Smørgrav } 493b7579f77SDag-Erling Smørgrav argc -= optind; 494b7579f77SDag-Erling Smørgrav argv += optind; 495b7579f77SDag-Erling Smørgrav if(argc != 1) 496b7579f77SDag-Erling Smørgrav usage(); 497b7579f77SDag-Erling Smørgrav 498*3bd4df0aSDag-Erling Smørgrav #ifdef HAVE_SSL 499*3bd4df0aSDag-Erling Smørgrav #ifdef HAVE_ERR_LOAD_CRYPTO_STRINGS 500*3bd4df0aSDag-Erling Smørgrav ERR_load_crypto_strings(); 501*3bd4df0aSDag-Erling Smørgrav #endif 502*3bd4df0aSDag-Erling Smørgrav #if OPENSSL_VERSION_NUMBER < 0x10100000 || !defined(HAVE_OPENSSL_INIT_SSL) 503*3bd4df0aSDag-Erling Smørgrav ERR_load_SSL_strings(); 504*3bd4df0aSDag-Erling Smørgrav #endif 505*3bd4df0aSDag-Erling Smørgrav #if OPENSSL_VERSION_NUMBER < 0x10100000 || !defined(HAVE_OPENSSL_INIT_CRYPTO) 506*3bd4df0aSDag-Erling Smørgrav OpenSSL_add_all_algorithms(); 507*3bd4df0aSDag-Erling Smørgrav #else 508*3bd4df0aSDag-Erling Smørgrav OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS 509*3bd4df0aSDag-Erling Smørgrav | OPENSSL_INIT_ADD_ALL_DIGESTS 510*3bd4df0aSDag-Erling Smørgrav | OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL); 511*3bd4df0aSDag-Erling Smørgrav #endif 512*3bd4df0aSDag-Erling Smørgrav #if OPENSSL_VERSION_NUMBER < 0x10100000 || !defined(HAVE_OPENSSL_INIT_SSL) 513*3bd4df0aSDag-Erling Smørgrav (void)SSL_library_init(); 514*3bd4df0aSDag-Erling Smørgrav #else 515*3bd4df0aSDag-Erling Smørgrav (void)OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL); 516*3bd4df0aSDag-Erling Smørgrav #endif 517*3bd4df0aSDag-Erling Smørgrav #endif /* HAVE_SSL */ 5188ed2b524SDag-Erling Smørgrav #ifdef HAVE_NSS 5198ed2b524SDag-Erling Smørgrav if(NSS_NoDB_Init(".") != SECSuccess) { 5208ed2b524SDag-Erling Smørgrav fprintf(stderr, "could not init NSS\n"); 5218ed2b524SDag-Erling Smørgrav return 1; 5228ed2b524SDag-Erling Smørgrav } 5238ed2b524SDag-Erling Smørgrav #endif 524b7579f77SDag-Erling Smørgrav lookup(ctx, argv[0], qtype, qclass); 525b7579f77SDag-Erling Smørgrav return 0; 526b7579f77SDag-Erling Smørgrav } 527