1b7579f77SDag-Erling Smørgrav /* 2b7579f77SDag-Erling Smørgrav * checkconf/unbound-host.c - replacement for host that supports validation. 3b7579f77SDag-Erling Smørgrav * 4b7579f77SDag-Erling Smørgrav * Copyright (c) 2007, NLnet Labs. All rights reserved. 5b7579f77SDag-Erling Smørgrav * 6b7579f77SDag-Erling Smørgrav * This software is open source. 7b7579f77SDag-Erling Smørgrav * 8b7579f77SDag-Erling Smørgrav * Redistribution and use in source and binary forms, with or without 9b7579f77SDag-Erling Smørgrav * modification, are permitted provided that the following conditions 10b7579f77SDag-Erling Smørgrav * are met: 11b7579f77SDag-Erling Smørgrav * 12b7579f77SDag-Erling Smørgrav * Redistributions of source code must retain the above copyright notice, 13b7579f77SDag-Erling Smørgrav * this list of conditions and the following disclaimer. 14b7579f77SDag-Erling Smørgrav * 15b7579f77SDag-Erling Smørgrav * Redistributions in binary form must reproduce the above copyright notice, 16b7579f77SDag-Erling Smørgrav * this list of conditions and the following disclaimer in the documentation 17b7579f77SDag-Erling Smørgrav * and/or other materials provided with the distribution. 18b7579f77SDag-Erling Smørgrav * 19b7579f77SDag-Erling Smørgrav * Neither the name of the NLNET LABS nor the names of its contributors may 20b7579f77SDag-Erling Smørgrav * be used to endorse or promote products derived from this software without 21b7579f77SDag-Erling Smørgrav * specific prior written permission. 22b7579f77SDag-Erling Smørgrav * 23b7579f77SDag-Erling Smørgrav * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 2417d15b25SDag-Erling Smørgrav * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 2517d15b25SDag-Erling Smørgrav * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 2617d15b25SDag-Erling Smørgrav * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 2717d15b25SDag-Erling Smørgrav * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 2817d15b25SDag-Erling Smørgrav * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 2917d15b25SDag-Erling Smørgrav * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 3017d15b25SDag-Erling Smørgrav * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 3117d15b25SDag-Erling Smørgrav * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 3217d15b25SDag-Erling Smørgrav * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 3317d15b25SDag-Erling Smørgrav * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34b7579f77SDag-Erling Smørgrav */ 35b7579f77SDag-Erling Smørgrav 36b7579f77SDag-Erling Smørgrav /** 37b7579f77SDag-Erling Smørgrav * \file 38b7579f77SDag-Erling Smørgrav * 39b7579f77SDag-Erling Smørgrav * This file performs functionality like 'host', and also supports validation. 40b7579f77SDag-Erling Smørgrav * It uses the libunbound library. 41b7579f77SDag-Erling Smørgrav */ 42b7579f77SDag-Erling Smørgrav 43b7579f77SDag-Erling Smørgrav #include "config.h" 44b7579f77SDag-Erling Smørgrav #ifdef HAVE_GETOPT_H 45b7579f77SDag-Erling Smørgrav #include <getopt.h> 46b7579f77SDag-Erling Smørgrav #endif 47b7579f77SDag-Erling Smørgrav /* remove alloc checks, not in this part of the code */ 48b7579f77SDag-Erling Smørgrav #ifdef UNBOUND_ALLOC_STATS 49b7579f77SDag-Erling Smørgrav #undef malloc 50b7579f77SDag-Erling Smørgrav #undef calloc 51b7579f77SDag-Erling Smørgrav #undef free 52b7579f77SDag-Erling Smørgrav #undef realloc 53b7579f77SDag-Erling Smørgrav #endif 54b7579f77SDag-Erling Smørgrav #ifdef UNBOUND_ALLOC_LITE 55b7579f77SDag-Erling Smørgrav #undef malloc 56b7579f77SDag-Erling Smørgrav #undef calloc 57b7579f77SDag-Erling Smørgrav #undef free 58b7579f77SDag-Erling Smørgrav #undef realloc 59b7579f77SDag-Erling Smørgrav #undef strdup 60b7579f77SDag-Erling Smørgrav #define unbound_lite_wrapstr(s) s 61b7579f77SDag-Erling Smørgrav #endif 62b7579f77SDag-Erling Smørgrav #include "libunbound/unbound.h" 6309a3aaf3SDag-Erling Smørgrav #include "sldns/rrdef.h" 6409a3aaf3SDag-Erling Smørgrav #include "sldns/wire2str.h" 658ed2b524SDag-Erling Smørgrav #ifdef HAVE_NSS 668ed2b524SDag-Erling Smørgrav /* nss3 */ 678ed2b524SDag-Erling Smørgrav #include "nss.h" 688ed2b524SDag-Erling Smørgrav #endif 693bd4df0aSDag-Erling Smørgrav #ifdef HAVE_SSL 703bd4df0aSDag-Erling Smørgrav #ifdef HAVE_OPENSSL_SSL_H 713bd4df0aSDag-Erling Smørgrav #include <openssl/ssl.h> 723bd4df0aSDag-Erling Smørgrav #endif 733bd4df0aSDag-Erling Smørgrav #ifdef HAVE_OPENSSL_ERR_H 743bd4df0aSDag-Erling Smørgrav #include <openssl/err.h> 753bd4df0aSDag-Erling Smørgrav #endif 763bd4df0aSDag-Erling Smørgrav #endif /* HAVE_SSL */ 77b7579f77SDag-Erling Smørgrav 78b7579f77SDag-Erling Smørgrav /** verbosity for unbound-host app */ 79b7579f77SDag-Erling Smørgrav static int verb = 0; 80b7579f77SDag-Erling Smørgrav 81b7579f77SDag-Erling Smørgrav /** Give unbound-host usage, and exit (1). */ 82b7579f77SDag-Erling Smørgrav static void 83b5663de9SDag-Erling Smørgrav usage(void) 84b7579f77SDag-Erling Smørgrav { 85*4c75e3aaSDag-Erling Smørgrav printf("Usage: unbound-host [-C configfile] [-vdhr46] [-c class] [-t type]\n"); 86*4c75e3aaSDag-Erling Smørgrav printf(" [-y key] [-f keyfile] [-F namedkeyfile] hostname\n"); 87b7579f77SDag-Erling Smørgrav printf(" Queries the DNS for information.\n"); 88b7579f77SDag-Erling Smørgrav printf(" The hostname is looked up for IP4, IP6 and mail.\n"); 89b7579f77SDag-Erling Smørgrav printf(" If an ip-address is given a reverse lookup is done.\n"); 90b7579f77SDag-Erling Smørgrav printf(" Use the -v option to see DNSSEC security information.\n"); 91b7579f77SDag-Erling Smørgrav printf(" -t type what type to look for.\n"); 92b7579f77SDag-Erling Smørgrav printf(" -c class what class to look for, if not class IN.\n"); 93b7579f77SDag-Erling Smørgrav printf(" -y 'keystring' specify trust anchor, DS or DNSKEY, like\n"); 94b7579f77SDag-Erling Smørgrav printf(" -y 'example.com DS 31560 5 1 1CFED8478...'\n"); 95ff825849SDag-Erling Smørgrav printf(" -D DNSSEC enable with default root anchor\n"); 96ff825849SDag-Erling Smørgrav printf(" from %s\n", ROOT_ANCHOR_FILE); 97b7579f77SDag-Erling Smørgrav printf(" -f keyfile read trust anchors from file, with lines as -y.\n"); 98b7579f77SDag-Erling Smørgrav printf(" -F keyfile read named.conf-style trust anchors.\n"); 99b7579f77SDag-Erling Smørgrav printf(" -C config use the specified unbound.conf (none read by default)\n"); 100*4c75e3aaSDag-Erling Smørgrav printf(" pass as first argument if you want to override some\n"); 101*4c75e3aaSDag-Erling Smørgrav printf(" options with further arguments\n"); 102b7579f77SDag-Erling Smørgrav printf(" -r read forwarder information from /etc/resolv.conf\n"); 103b5663de9SDag-Erling Smørgrav printf(" breaks validation if the forwarder does not do DNSSEC.\n"); 104b7579f77SDag-Erling Smørgrav printf(" -v be more verbose, shows nodata and security.\n"); 105b7579f77SDag-Erling Smørgrav printf(" -d debug, traces the action, -d -d shows more.\n"); 106b7579f77SDag-Erling Smørgrav printf(" -4 use ipv4 network, avoid ipv6.\n"); 107b7579f77SDag-Erling Smørgrav printf(" -6 use ipv6 network, avoid ipv4.\n"); 108b7579f77SDag-Erling Smørgrav printf(" -h show this usage help.\n"); 109b7579f77SDag-Erling Smørgrav printf("Version %s\n", PACKAGE_VERSION); 110b7579f77SDag-Erling Smørgrav printf("BSD licensed, see LICENSE in source package for details.\n"); 111b7579f77SDag-Erling Smørgrav printf("Report bugs to %s\n", PACKAGE_BUGREPORT); 112b7579f77SDag-Erling Smørgrav exit(1); 113b7579f77SDag-Erling Smørgrav } 114b7579f77SDag-Erling Smørgrav 115b7579f77SDag-Erling Smørgrav /** determine if str is ip4 and put into reverse lookup format */ 116b7579f77SDag-Erling Smørgrav static int 117b7579f77SDag-Erling Smørgrav isip4(const char* nm, char** res) 118b7579f77SDag-Erling Smørgrav { 119b7579f77SDag-Erling Smørgrav struct in_addr addr; 120b7579f77SDag-Erling Smørgrav /* ddd.ddd.ddd.ddd.in-addr.arpa. is less than 32 */ 121b7579f77SDag-Erling Smørgrav char buf[32]; 122b7579f77SDag-Erling Smørgrav if(inet_pton(AF_INET, nm, &addr) <= 0) { 123b7579f77SDag-Erling Smørgrav return 0; 124b7579f77SDag-Erling Smørgrav } 125b7579f77SDag-Erling Smørgrav snprintf(buf, sizeof(buf), "%u.%u.%u.%u.in-addr.arpa", 126b7579f77SDag-Erling Smørgrav (unsigned)((uint8_t*)&addr)[3], (unsigned)((uint8_t*)&addr)[2], 127b7579f77SDag-Erling Smørgrav (unsigned)((uint8_t*)&addr)[1], (unsigned)((uint8_t*)&addr)[0]); 128b7579f77SDag-Erling Smørgrav *res = strdup(buf); 129b7579f77SDag-Erling Smørgrav return 1; 130b7579f77SDag-Erling Smørgrav } 131b7579f77SDag-Erling Smørgrav 132b7579f77SDag-Erling Smørgrav /** determine if str is ip6 and put into reverse lookup format */ 133b7579f77SDag-Erling Smørgrav static int 134b7579f77SDag-Erling Smørgrav isip6(const char* nm, char** res) 135b7579f77SDag-Erling Smørgrav { 136b7579f77SDag-Erling Smørgrav struct in6_addr addr; 137b7579f77SDag-Erling Smørgrav /* [nibble.]{32}.ip6.arpa. is less than 128 */ 138b7579f77SDag-Erling Smørgrav const char* hex = "0123456789abcdef"; 139b7579f77SDag-Erling Smørgrav char buf[128]; 140b7579f77SDag-Erling Smørgrav char *p; 141b7579f77SDag-Erling Smørgrav int i; 142b7579f77SDag-Erling Smørgrav if(inet_pton(AF_INET6, nm, &addr) <= 0) { 143b7579f77SDag-Erling Smørgrav return 0; 144b7579f77SDag-Erling Smørgrav } 145b7579f77SDag-Erling Smørgrav p = buf; 146b7579f77SDag-Erling Smørgrav for(i=15; i>=0; i--) { 147b7579f77SDag-Erling Smørgrav uint8_t b = ((uint8_t*)&addr)[i]; 148b7579f77SDag-Erling Smørgrav *p++ = hex[ (b&0x0f) ]; 149b7579f77SDag-Erling Smørgrav *p++ = '.'; 150b7579f77SDag-Erling Smørgrav *p++ = hex[ (b&0xf0) >> 4 ]; 151b7579f77SDag-Erling Smørgrav *p++ = '.'; 152b7579f77SDag-Erling Smørgrav } 153b7579f77SDag-Erling Smørgrav snprintf(buf+16*4, sizeof(buf)-16*4, "ip6.arpa"); 154b7579f77SDag-Erling Smørgrav *res = strdup(buf); 155b7579f77SDag-Erling Smørgrav if(!*res) { 156b7579f77SDag-Erling Smørgrav fprintf(stderr, "error: out of memory\n"); 157b7579f77SDag-Erling Smørgrav exit(1); 158b7579f77SDag-Erling Smørgrav } 159b7579f77SDag-Erling Smørgrav return 1; 160b7579f77SDag-Erling Smørgrav } 161b7579f77SDag-Erling Smørgrav 162b7579f77SDag-Erling Smørgrav /** massage input name */ 163b7579f77SDag-Erling Smørgrav static char* 164b7579f77SDag-Erling Smørgrav massage_qname(const char* nm, int* reverse) 165b7579f77SDag-Erling Smørgrav { 166b7579f77SDag-Erling Smørgrav /* recognise IP4 and IP6, create reverse addresses if needed */ 167b7579f77SDag-Erling Smørgrav char* res; 168b7579f77SDag-Erling Smørgrav if(isip4(nm, &res)) { 169b7579f77SDag-Erling Smørgrav *reverse = 1; 170b7579f77SDag-Erling Smørgrav } else if(isip6(nm, &res)) { 171b7579f77SDag-Erling Smørgrav *reverse = 1; 172b7579f77SDag-Erling Smørgrav } else { 173b7579f77SDag-Erling Smørgrav res = strdup(nm); 174b7579f77SDag-Erling Smørgrav } 175b7579f77SDag-Erling Smørgrav if(!res) { 176b7579f77SDag-Erling Smørgrav fprintf(stderr, "error: out of memory\n"); 177b7579f77SDag-Erling Smørgrav exit(1); 178b7579f77SDag-Erling Smørgrav } 179b7579f77SDag-Erling Smørgrav return res; 180b7579f77SDag-Erling Smørgrav } 181b7579f77SDag-Erling Smørgrav 182b7579f77SDag-Erling Smørgrav /** massage input type */ 183b7579f77SDag-Erling Smørgrav static int 184b7579f77SDag-Erling Smørgrav massage_type(const char* t, int reverse, int* multi) 185b7579f77SDag-Erling Smørgrav { 186b7579f77SDag-Erling Smørgrav if(t) { 18717d15b25SDag-Erling Smørgrav int r = sldns_get_rr_type_by_name(t); 188b7579f77SDag-Erling Smørgrav if(r == 0 && strcasecmp(t, "TYPE0") != 0 && 189b7579f77SDag-Erling Smørgrav strcmp(t, "") != 0) { 190b7579f77SDag-Erling Smørgrav fprintf(stderr, "error unknown type %s\n", t); 191b7579f77SDag-Erling Smørgrav exit(1); 192b7579f77SDag-Erling Smørgrav } 193b7579f77SDag-Erling Smørgrav return r; 194b7579f77SDag-Erling Smørgrav } 195b7579f77SDag-Erling Smørgrav if(!t && reverse) 196b7579f77SDag-Erling Smørgrav return LDNS_RR_TYPE_PTR; 197b7579f77SDag-Erling Smørgrav *multi = 1; 198b7579f77SDag-Erling Smørgrav return LDNS_RR_TYPE_A; 199b7579f77SDag-Erling Smørgrav } 200b7579f77SDag-Erling Smørgrav 201b7579f77SDag-Erling Smørgrav /** massage input class */ 202b7579f77SDag-Erling Smørgrav static int 203b7579f77SDag-Erling Smørgrav massage_class(const char* c) 204b7579f77SDag-Erling Smørgrav { 205b7579f77SDag-Erling Smørgrav if(c) { 20617d15b25SDag-Erling Smørgrav int r = sldns_get_rr_class_by_name(c); 207b7579f77SDag-Erling Smørgrav if(r == 0 && strcasecmp(c, "CLASS0") != 0 && 208b7579f77SDag-Erling Smørgrav strcmp(c, "") != 0) { 209b7579f77SDag-Erling Smørgrav fprintf(stderr, "error unknown class %s\n", c); 210b7579f77SDag-Erling Smørgrav exit(1); 211b7579f77SDag-Erling Smørgrav } 212b7579f77SDag-Erling Smørgrav return r; 213b7579f77SDag-Erling Smørgrav } 214b7579f77SDag-Erling Smørgrav return LDNS_RR_CLASS_IN; 215b7579f77SDag-Erling Smørgrav } 216b7579f77SDag-Erling Smørgrav 217b7579f77SDag-Erling Smørgrav /** nice security status string */ 218b7579f77SDag-Erling Smørgrav static const char* 219b7579f77SDag-Erling Smørgrav secure_str(struct ub_result* result) 220b7579f77SDag-Erling Smørgrav { 2218a384985SDag-Erling Smørgrav if(result->rcode != 0 && result->rcode != 3) return "(error)"; 222b7579f77SDag-Erling Smørgrav if(result->secure) return "(secure)"; 223b7579f77SDag-Erling Smørgrav if(result->bogus) return "(BOGUS (security failure))"; 224b7579f77SDag-Erling Smørgrav return "(insecure)"; 225b7579f77SDag-Erling Smørgrav } 226b7579f77SDag-Erling Smørgrav 227b7579f77SDag-Erling Smørgrav /** nice string for type */ 228b7579f77SDag-Erling Smørgrav static void 229b7579f77SDag-Erling Smørgrav pretty_type(char* s, size_t len, int t) 230b7579f77SDag-Erling Smørgrav { 23117d15b25SDag-Erling Smørgrav char d[16]; 23217d15b25SDag-Erling Smørgrav sldns_wire2str_type_buf((uint16_t)t, d, sizeof(d)); 233b7579f77SDag-Erling Smørgrav snprintf(s, len, "%s", d); 234b7579f77SDag-Erling Smørgrav } 235b7579f77SDag-Erling Smørgrav 236b7579f77SDag-Erling Smørgrav /** nice string for class */ 237b7579f77SDag-Erling Smørgrav static void 238b7579f77SDag-Erling Smørgrav pretty_class(char* s, size_t len, int c) 239b7579f77SDag-Erling Smørgrav { 24017d15b25SDag-Erling Smørgrav char d[16]; 24117d15b25SDag-Erling Smørgrav sldns_wire2str_class_buf((uint16_t)c, d, sizeof(d)); 242b7579f77SDag-Erling Smørgrav snprintf(s, len, "%s", d); 243b7579f77SDag-Erling Smørgrav } 244b7579f77SDag-Erling Smørgrav 245b7579f77SDag-Erling Smørgrav /** nice string for rcode */ 246b7579f77SDag-Erling Smørgrav static void 247b7579f77SDag-Erling Smørgrav pretty_rcode(char* s, size_t len, int r) 248b7579f77SDag-Erling Smørgrav { 24917d15b25SDag-Erling Smørgrav char d[16]; 25017d15b25SDag-Erling Smørgrav sldns_wire2str_rcode_buf(r, d, sizeof(d)); 25117d15b25SDag-Erling Smørgrav snprintf(s, len, "%s", d); 252b7579f77SDag-Erling Smørgrav } 253b7579f77SDag-Erling Smørgrav 254b7579f77SDag-Erling Smørgrav /** convert and print rdata */ 255b7579f77SDag-Erling Smørgrav static void 256b7579f77SDag-Erling Smørgrav print_rd(int t, char* data, size_t len) 257b7579f77SDag-Erling Smørgrav { 25817d15b25SDag-Erling Smørgrav char s[65535]; 25917d15b25SDag-Erling Smørgrav sldns_wire2str_rdata_buf((uint8_t*)data, len, s, sizeof(s), (uint16_t)t); 26017d15b25SDag-Erling Smørgrav printf(" %s", s); 261b7579f77SDag-Erling Smørgrav } 262b7579f77SDag-Erling Smørgrav 263b7579f77SDag-Erling Smørgrav /** pretty line of RR data for results */ 264b7579f77SDag-Erling Smørgrav static void 265b7579f77SDag-Erling Smørgrav pretty_rdata(char* q, char* cstr, char* tstr, int t, const char* sec, 266b7579f77SDag-Erling Smørgrav char* data, size_t len) 267b7579f77SDag-Erling Smørgrav { 268b7579f77SDag-Erling Smørgrav printf("%s", q); 269b7579f77SDag-Erling Smørgrav if(strcmp(cstr, "IN") != 0) 270b7579f77SDag-Erling Smørgrav printf(" in class %s", cstr); 271b7579f77SDag-Erling Smørgrav if(t == LDNS_RR_TYPE_A) 272b7579f77SDag-Erling Smørgrav printf(" has address"); 273b7579f77SDag-Erling Smørgrav else if(t == LDNS_RR_TYPE_AAAA) 274b7579f77SDag-Erling Smørgrav printf(" has IPv6 address"); 275b7579f77SDag-Erling Smørgrav else if(t == LDNS_RR_TYPE_MX) 276b7579f77SDag-Erling Smørgrav printf(" mail is handled by"); 277b7579f77SDag-Erling Smørgrav else if(t == LDNS_RR_TYPE_PTR) 278b7579f77SDag-Erling Smørgrav printf(" domain name pointer"); 279b7579f77SDag-Erling Smørgrav else printf(" has %s record", tstr); 280b7579f77SDag-Erling Smørgrav print_rd(t, data, len); 281b7579f77SDag-Erling Smørgrav if(verb > 0) 282b7579f77SDag-Erling Smørgrav printf(" %s", sec); 283b7579f77SDag-Erling Smørgrav printf("\n"); 284b7579f77SDag-Erling Smørgrav } 285b7579f77SDag-Erling Smørgrav 286b7579f77SDag-Erling Smørgrav /** pretty line of output for results */ 287b7579f77SDag-Erling Smørgrav static void 288b7579f77SDag-Erling Smørgrav pretty_output(char* q, int t, int c, struct ub_result* result, int docname) 289b7579f77SDag-Erling Smørgrav { 290b7579f77SDag-Erling Smørgrav int i; 291b7579f77SDag-Erling Smørgrav const char *secstatus = secure_str(result); 292b7579f77SDag-Erling Smørgrav char tstr[16]; 293b7579f77SDag-Erling Smørgrav char cstr[16]; 294b7579f77SDag-Erling Smørgrav char rcodestr[16]; 295b7579f77SDag-Erling Smørgrav pretty_type(tstr, 16, t); 296b7579f77SDag-Erling Smørgrav pretty_class(cstr, 16, c); 297b7579f77SDag-Erling Smørgrav pretty_rcode(rcodestr, 16, result->rcode); 298b7579f77SDag-Erling Smørgrav 299b7579f77SDag-Erling Smørgrav if(!result->havedata && result->rcode) { 300b7579f77SDag-Erling Smørgrav printf("Host %s not found: %d(%s).", 301b7579f77SDag-Erling Smørgrav q, result->rcode, rcodestr); 302b7579f77SDag-Erling Smørgrav if(verb > 0) 303b7579f77SDag-Erling Smørgrav printf(" %s", secstatus); 304b7579f77SDag-Erling Smørgrav printf("\n"); 305b7579f77SDag-Erling Smørgrav if(result->bogus && result->why_bogus) 306b7579f77SDag-Erling Smørgrav printf("%s\n", result->why_bogus); 307b7579f77SDag-Erling Smørgrav return; 308b7579f77SDag-Erling Smørgrav } 309b7579f77SDag-Erling Smørgrav if(docname && result->canonname && 310b7579f77SDag-Erling Smørgrav result->canonname != result->qname) { 311b7579f77SDag-Erling Smørgrav printf("%s is an alias for %s", result->qname, 312b7579f77SDag-Erling Smørgrav result->canonname); 313b7579f77SDag-Erling Smørgrav if(verb > 0) 314b7579f77SDag-Erling Smørgrav printf(" %s", secstatus); 315b7579f77SDag-Erling Smørgrav printf("\n"); 316b7579f77SDag-Erling Smørgrav } 317b7579f77SDag-Erling Smørgrav /* remove trailing . from long canonnames for nicer output */ 318b7579f77SDag-Erling Smørgrav if(result->canonname && strlen(result->canonname) > 1 && 319b7579f77SDag-Erling Smørgrav result->canonname[strlen(result->canonname)-1] == '.') 320b7579f77SDag-Erling Smørgrav result->canonname[strlen(result->canonname)-1] = 0; 321b7579f77SDag-Erling Smørgrav if(!result->havedata) { 322b7579f77SDag-Erling Smørgrav if(verb > 0) { 323b7579f77SDag-Erling Smørgrav printf("%s", result->canonname?result->canonname:q); 324b7579f77SDag-Erling Smørgrav if(strcmp(cstr, "IN") != 0) 325b7579f77SDag-Erling Smørgrav printf(" in class %s", cstr); 326b7579f77SDag-Erling Smørgrav if(t == LDNS_RR_TYPE_A) 327b7579f77SDag-Erling Smørgrav printf(" has no address"); 328b7579f77SDag-Erling Smørgrav else if(t == LDNS_RR_TYPE_AAAA) 329b7579f77SDag-Erling Smørgrav printf(" has no IPv6 address"); 330b7579f77SDag-Erling Smørgrav else if(t == LDNS_RR_TYPE_PTR) 331b7579f77SDag-Erling Smørgrav printf(" has no domain name ptr"); 332b7579f77SDag-Erling Smørgrav else if(t == LDNS_RR_TYPE_MX) 333b7579f77SDag-Erling Smørgrav printf(" has no mail handler record"); 334b7579f77SDag-Erling Smørgrav else if(t == LDNS_RR_TYPE_ANY) { 33517d15b25SDag-Erling Smørgrav char* s = sldns_wire2str_pkt( 33617d15b25SDag-Erling Smørgrav result->answer_packet, 33717d15b25SDag-Erling Smørgrav (size_t)result->answer_len); 33817d15b25SDag-Erling Smørgrav if(!s) { 33917d15b25SDag-Erling Smørgrav fprintf(stderr, "alloc failure\n"); 340b7579f77SDag-Erling Smørgrav exit(1); 341b7579f77SDag-Erling Smørgrav } 34217d15b25SDag-Erling Smørgrav printf("%s\n", s); 343*4c75e3aaSDag-Erling Smørgrav free(s); 344b7579f77SDag-Erling Smørgrav } else printf(" has no %s record", tstr); 345b7579f77SDag-Erling Smørgrav printf(" %s\n", secstatus); 346b7579f77SDag-Erling Smørgrav } 347b7579f77SDag-Erling Smørgrav /* else: emptiness to indicate no data */ 348b7579f77SDag-Erling Smørgrav if(result->bogus && result->why_bogus) 349b7579f77SDag-Erling Smørgrav printf("%s\n", result->why_bogus); 350b7579f77SDag-Erling Smørgrav return; 351b7579f77SDag-Erling Smørgrav } 352b7579f77SDag-Erling Smørgrav i=0; 353b7579f77SDag-Erling Smørgrav while(result->data[i]) 354b7579f77SDag-Erling Smørgrav { 355b7579f77SDag-Erling Smørgrav pretty_rdata( 356b7579f77SDag-Erling Smørgrav result->canonname?result->canonname:q, 357b7579f77SDag-Erling Smørgrav cstr, tstr, t, secstatus, result->data[i], 358b7579f77SDag-Erling Smørgrav (size_t)result->len[i]); 359b7579f77SDag-Erling Smørgrav i++; 360b7579f77SDag-Erling Smørgrav } 361b7579f77SDag-Erling Smørgrav if(result->bogus && result->why_bogus) 362b7579f77SDag-Erling Smørgrav printf("%s\n", result->why_bogus); 363b7579f77SDag-Erling Smørgrav } 364b7579f77SDag-Erling Smørgrav 365b7579f77SDag-Erling Smørgrav /** perform a lookup and printout return if domain existed */ 366b7579f77SDag-Erling Smørgrav static int 367b7579f77SDag-Erling Smørgrav dnslook(struct ub_ctx* ctx, char* q, int t, int c, int docname) 368b7579f77SDag-Erling Smørgrav { 369b7579f77SDag-Erling Smørgrav int ret; 370b7579f77SDag-Erling Smørgrav struct ub_result* result; 371b7579f77SDag-Erling Smørgrav 372b7579f77SDag-Erling Smørgrav ret = ub_resolve(ctx, q, t, c, &result); 373b7579f77SDag-Erling Smørgrav if(ret != 0) { 374b7579f77SDag-Erling Smørgrav fprintf(stderr, "resolve error: %s\n", ub_strerror(ret)); 375b7579f77SDag-Erling Smørgrav exit(1); 376b7579f77SDag-Erling Smørgrav } 377b7579f77SDag-Erling Smørgrav pretty_output(q, t, c, result, docname); 378b7579f77SDag-Erling Smørgrav ret = result->nxdomain; 379b7579f77SDag-Erling Smørgrav ub_resolve_free(result); 380b7579f77SDag-Erling Smørgrav return ret; 381b7579f77SDag-Erling Smørgrav } 382b7579f77SDag-Erling Smørgrav 383b7579f77SDag-Erling Smørgrav /** perform host lookup */ 384b7579f77SDag-Erling Smørgrav static void 385b7579f77SDag-Erling Smørgrav lookup(struct ub_ctx* ctx, const char* nm, const char* qt, const char* qc) 386b7579f77SDag-Erling Smørgrav { 387b7579f77SDag-Erling Smørgrav /* massage input into a query name, type and class */ 388b7579f77SDag-Erling Smørgrav int multi = 0; /* no type, so do A, AAAA, MX */ 389b7579f77SDag-Erling Smørgrav int reverse = 0; /* we are doing a reverse lookup */ 390b7579f77SDag-Erling Smørgrav char* realq = massage_qname(nm, &reverse); 391b7579f77SDag-Erling Smørgrav int t = massage_type(qt, reverse, &multi); 392b7579f77SDag-Erling Smørgrav int c = massage_class(qc); 393b7579f77SDag-Erling Smørgrav 394b7579f77SDag-Erling Smørgrav /* perform the query */ 395b7579f77SDag-Erling Smørgrav if(multi) { 396b7579f77SDag-Erling Smørgrav if(!dnslook(ctx, realq, LDNS_RR_TYPE_A, c, 1)) { 397b7579f77SDag-Erling Smørgrav /* domain exists, lookup more */ 398b7579f77SDag-Erling Smørgrav (void)dnslook(ctx, realq, LDNS_RR_TYPE_AAAA, c, 0); 399b7579f77SDag-Erling Smørgrav (void)dnslook(ctx, realq, LDNS_RR_TYPE_MX, c, 0); 400b7579f77SDag-Erling Smørgrav } 401b7579f77SDag-Erling Smørgrav } else { 402b7579f77SDag-Erling Smørgrav (void)dnslook(ctx, realq, t, c, 1); 403b7579f77SDag-Erling Smørgrav } 404b7579f77SDag-Erling Smørgrav ub_ctx_delete(ctx); 405b7579f77SDag-Erling Smørgrav free(realq); 406b7579f77SDag-Erling Smørgrav } 407b7579f77SDag-Erling Smørgrav 408b7579f77SDag-Erling Smørgrav /** print error if any */ 409b7579f77SDag-Erling Smørgrav static void 410b7579f77SDag-Erling Smørgrav check_ub_res(int r) 411b7579f77SDag-Erling Smørgrav { 412b7579f77SDag-Erling Smørgrav if(r != 0) { 413b7579f77SDag-Erling Smørgrav fprintf(stderr, "error: %s\n", ub_strerror(r)); 414b7579f77SDag-Erling Smørgrav exit(1); 415b7579f77SDag-Erling Smørgrav } 416b7579f77SDag-Erling Smørgrav } 417b7579f77SDag-Erling Smørgrav 418b7579f77SDag-Erling Smørgrav /** getopt global, in case header files fail to declare it. */ 419b7579f77SDag-Erling Smørgrav extern int optind; 420b7579f77SDag-Erling Smørgrav /** getopt global, in case header files fail to declare it. */ 421b7579f77SDag-Erling Smørgrav extern char* optarg; 422b7579f77SDag-Erling Smørgrav 423ff825849SDag-Erling Smørgrav /** Main routine for unbound-host */ 424b7579f77SDag-Erling Smørgrav int main(int argc, char* argv[]) 425b7579f77SDag-Erling Smørgrav { 426b7579f77SDag-Erling Smørgrav int c; 427b7579f77SDag-Erling Smørgrav char* qclass = NULL; 428b7579f77SDag-Erling Smørgrav char* qtype = NULL; 429b7579f77SDag-Erling Smørgrav struct ub_ctx* ctx = NULL; 430b7579f77SDag-Erling Smørgrav int debuglevel = 0; 431b7579f77SDag-Erling Smørgrav 432b7579f77SDag-Erling Smørgrav ctx = ub_ctx_create(); 433b7579f77SDag-Erling Smørgrav if(!ctx) { 434b7579f77SDag-Erling Smørgrav fprintf(stderr, "error: out of memory\n"); 435b7579f77SDag-Erling Smørgrav exit(1); 436b7579f77SDag-Erling Smørgrav } 437ff825849SDag-Erling Smørgrav /* no need to fetch additional targets, we only do few lookups */ 438ff825849SDag-Erling Smørgrav check_ub_res(ub_ctx_set_option(ctx, "target-fetch-policy:", "0 0 0 0 0")); 439b7579f77SDag-Erling Smørgrav 440b7579f77SDag-Erling Smørgrav /* parse the options */ 441ff825849SDag-Erling Smørgrav while( (c=getopt(argc, argv, "46DF:c:df:hrt:vy:C:")) != -1) { 442b7579f77SDag-Erling Smørgrav switch(c) { 443b7579f77SDag-Erling Smørgrav case '4': 444b7579f77SDag-Erling Smørgrav check_ub_res(ub_ctx_set_option(ctx, "do-ip6:", "no")); 445b7579f77SDag-Erling Smørgrav break; 446b7579f77SDag-Erling Smørgrav case '6': 447b7579f77SDag-Erling Smørgrav check_ub_res(ub_ctx_set_option(ctx, "do-ip4:", "no")); 448b7579f77SDag-Erling Smørgrav break; 449b7579f77SDag-Erling Smørgrav case 'c': 450b7579f77SDag-Erling Smørgrav qclass = optarg; 451b7579f77SDag-Erling Smørgrav break; 452b7579f77SDag-Erling Smørgrav case 'C': 453b7579f77SDag-Erling Smørgrav check_ub_res(ub_ctx_config(ctx, optarg)); 454b7579f77SDag-Erling Smørgrav break; 455ff825849SDag-Erling Smørgrav case 'D': 456ff825849SDag-Erling Smørgrav check_ub_res(ub_ctx_add_ta_file(ctx, ROOT_ANCHOR_FILE)); 457ff825849SDag-Erling Smørgrav break; 458b7579f77SDag-Erling Smørgrav case 'd': 459b7579f77SDag-Erling Smørgrav debuglevel++; 460b7579f77SDag-Erling Smørgrav if(debuglevel < 2) 461b7579f77SDag-Erling Smørgrav debuglevel = 2; /* at least VERB_DETAIL */ 462b7579f77SDag-Erling Smørgrav break; 463b7579f77SDag-Erling Smørgrav case 'r': 464b7579f77SDag-Erling Smørgrav check_ub_res(ub_ctx_resolvconf(ctx, "/etc/resolv.conf")); 465b7579f77SDag-Erling Smørgrav break; 466b7579f77SDag-Erling Smørgrav case 't': 467b7579f77SDag-Erling Smørgrav qtype = optarg; 468b7579f77SDag-Erling Smørgrav break; 469b7579f77SDag-Erling Smørgrav case 'v': 470b7579f77SDag-Erling Smørgrav verb++; 471b7579f77SDag-Erling Smørgrav break; 472b7579f77SDag-Erling Smørgrav case 'y': 473b7579f77SDag-Erling Smørgrav check_ub_res(ub_ctx_add_ta(ctx, optarg)); 474b7579f77SDag-Erling Smørgrav break; 475b7579f77SDag-Erling Smørgrav case 'f': 476b7579f77SDag-Erling Smørgrav check_ub_res(ub_ctx_add_ta_file(ctx, optarg)); 477b7579f77SDag-Erling Smørgrav break; 478b7579f77SDag-Erling Smørgrav case 'F': 479b7579f77SDag-Erling Smørgrav check_ub_res(ub_ctx_trustedkeys(ctx, optarg)); 480b7579f77SDag-Erling Smørgrav break; 481b7579f77SDag-Erling Smørgrav case '?': 482b7579f77SDag-Erling Smørgrav case 'h': 483b7579f77SDag-Erling Smørgrav default: 484b7579f77SDag-Erling Smørgrav usage(); 485b7579f77SDag-Erling Smørgrav } 486b7579f77SDag-Erling Smørgrav } 487b7579f77SDag-Erling Smørgrav if(debuglevel != 0) /* set after possible -C options */ 488b7579f77SDag-Erling Smørgrav check_ub_res(ub_ctx_debuglevel(ctx, debuglevel)); 489b7579f77SDag-Erling Smørgrav if(ub_ctx_get_option(ctx, "use-syslog", &optarg) == 0) { 490b7579f77SDag-Erling Smørgrav if(strcmp(optarg, "yes") == 0) /* disable use-syslog */ 491b7579f77SDag-Erling Smørgrav check_ub_res(ub_ctx_set_option(ctx, 492b7579f77SDag-Erling Smørgrav "use-syslog:", "no")); 493b7579f77SDag-Erling Smørgrav free(optarg); 494b7579f77SDag-Erling Smørgrav } 495b7579f77SDag-Erling Smørgrav argc -= optind; 496b7579f77SDag-Erling Smørgrav argv += optind; 497b7579f77SDag-Erling Smørgrav if(argc != 1) 498b7579f77SDag-Erling Smørgrav usage(); 499b7579f77SDag-Erling Smørgrav 5003bd4df0aSDag-Erling Smørgrav #ifdef HAVE_SSL 5013bd4df0aSDag-Erling Smørgrav #ifdef HAVE_ERR_LOAD_CRYPTO_STRINGS 5023bd4df0aSDag-Erling Smørgrav ERR_load_crypto_strings(); 5033bd4df0aSDag-Erling Smørgrav #endif 5043bd4df0aSDag-Erling Smørgrav #if OPENSSL_VERSION_NUMBER < 0x10100000 || !defined(HAVE_OPENSSL_INIT_SSL) 5053bd4df0aSDag-Erling Smørgrav ERR_load_SSL_strings(); 5063bd4df0aSDag-Erling Smørgrav #endif 5073bd4df0aSDag-Erling Smørgrav #if OPENSSL_VERSION_NUMBER < 0x10100000 || !defined(HAVE_OPENSSL_INIT_CRYPTO) 5083bd4df0aSDag-Erling Smørgrav OpenSSL_add_all_algorithms(); 5093bd4df0aSDag-Erling Smørgrav #else 5103bd4df0aSDag-Erling Smørgrav OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS 5113bd4df0aSDag-Erling Smørgrav | OPENSSL_INIT_ADD_ALL_DIGESTS 5123bd4df0aSDag-Erling Smørgrav | OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL); 5133bd4df0aSDag-Erling Smørgrav #endif 5143bd4df0aSDag-Erling Smørgrav #if OPENSSL_VERSION_NUMBER < 0x10100000 || !defined(HAVE_OPENSSL_INIT_SSL) 5153bd4df0aSDag-Erling Smørgrav (void)SSL_library_init(); 5163bd4df0aSDag-Erling Smørgrav #else 5173bd4df0aSDag-Erling Smørgrav (void)OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL); 5183bd4df0aSDag-Erling Smørgrav #endif 5193bd4df0aSDag-Erling Smørgrav #endif /* HAVE_SSL */ 5208ed2b524SDag-Erling Smørgrav #ifdef HAVE_NSS 5218ed2b524SDag-Erling Smørgrav if(NSS_NoDB_Init(".") != SECSuccess) { 5228ed2b524SDag-Erling Smørgrav fprintf(stderr, "could not init NSS\n"); 5238ed2b524SDag-Erling Smørgrav return 1; 5248ed2b524SDag-Erling Smørgrav } 5258ed2b524SDag-Erling Smørgrav #endif 526b7579f77SDag-Erling Smørgrav lookup(ctx, argv[0], qtype, qclass); 527b7579f77SDag-Erling Smørgrav return 0; 528b7579f77SDag-Erling Smørgrav } 529