From: Marek Vavrusa Date: Sat, 23 Jan 2016 00:00:58 +0000 (-0800) Subject: scripts: 'host' utility alternative in scripts X-Git-Tag: v1.0.0-beta3~7 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6134920acfe60bd63907afe4a4f3513b9c8404df;p=thirdparty%2Fknot-resolver.git scripts: 'host' utility alternative in scripts the utility supports most of the 'unbound-host' functionality except PTR records --- diff --git a/daemon/lua/trust_anchors.lua b/daemon/lua/trust_anchors.lua index 2a0a21d72..bbcde67fe 100644 --- a/daemon/lua/trust_anchors.lua +++ b/daemon/lua/trust_anchors.lua @@ -117,7 +117,9 @@ local function ta_present(keyset, rr, hold_down_time, force) ta.state = key_state.Valid ta.timer = nil end - print('[ ta ] key: '..key_tag..' state: '..ta.state) + if rr.state ~= key_state.Valid or verbose() then + print('[ ta ] key: '..key_tag..' state: '..ta.state) + end return true elseif not key_revoked then -- First time seen (NewKey) rr.key_tag = key_tag @@ -127,7 +129,9 @@ local function ta_present(keyset, rr, hold_down_time, force) rr.state = key_state.AddPend rr.timer = now + hold_down_time end - print('[ ta ] key: '..key_tag..' state: '..rr.state) + if rr.state ~= key_state.Valid or verbose() then + print('[ ta ] key: '..key_tag..' state: '..rr.state) + end table.insert(keyset, rr) return true end diff --git a/scripts/kresd-host.lua b/scripts/kresd-host.lua new file mode 100755 index 000000000..02430860e --- /dev/null +++ b/scripts/kresd-host.lua @@ -0,0 +1,113 @@ +#!/usr/bin/env luajit +-- Work around OS X stripping dyld variables +cli_bin = 'luajit scripts/kresd-query.lua' +libdir = os.getenv('DYLD_LIBRARY_PATH') +if libdir then + cli_bin = string.format('DYLD_LIBRARY_PATH="%s" %s', libdir, cli_bin) +end +-- Parse CLI arguments +local function help(rc) + print(string.format([[ +Usage: %s [-vdh46D] [-c class] [-t type] + [-f keyfile] hostname + Queries the DNS for information. + The hostname is looked up for IP4, IP6 and mail. + If an ip-address is given a reverse lookup is done. + Use the -v option to see DNSSEC security information. + -t type what type to look for. + -c class what class to look for, if not class IN. + -C confstr additional kresd-style configuration. + -D DNSSEC enable with default root anchor + -f keyfile read trust anchors from file, with lines as -y. + -v be more verbose, shows nodata and security. + -d debug, traces the action, -d -d shows more. + -4 use ipv4 network, avoid ipv6. + -6 use ipv6 network, avoid ipv4. + -h show this usage help.]], + arg[0])) + return rc + +end +-- Parse CLI arguments +if #arg < 1 then + return help(1) +end +local qtypes, qclass, qname = {}, 'IN', nil +local verbose, config = false, {} +k = 1 while k <= #arg do + local v = arg[k] + if v == '-h' or v == '--help' then + return help(0) + elseif v == '-C' then + k = k + 1 + table.insert(config, arg[k]) + elseif v == '-D' then + table.insert(config, 'trust_anchors.file = "root.keys"') + elseif v == '-f' then + k = k + 1 + table.insert(config, string.format('trust_anchors.file = "%s"', arg[k])) + elseif v == '-v' then + verbose = true + elseif v == '-d' then + verbose = true + table.insert(config, 'verbose(true)') + elseif v == '-4' then + table.insert(config, 'net.ipv6 = false') + elseif v == '-6' then + table.insert(config, 'net.ipv4 = false') + elseif v == '-c' then + k = k + 1 + qclass = arg[k]:upper() + elseif v == '-t' then + k = k + 1 + table.insert(qtypes, arg[k]:upper()) + elseif v:byte() == string.byte('-') then + return help(1) + else + qname = v + -- Check if name is an IP addresses + -- @TODO: convert to domain name and make a PTR lookup + end + k = k + 1 +end +if not qname then + return help(1) +end +if #qtypes == 0 then + qtypes = {'A', 'AAAA', 'MX'} +end +-- Assemble config/query +for i, qtype in ipairs(qtypes) do + query = string.format('-t %s -c %s %s', qtype, qclass, qname) + capture = string.format([[ + local qname = "%s" + local qtype = "%s" + local qverbose = %s]], qname, qtype, tostring(verbose))..[[ + local qry = req:resolved() + local section = pkt:rrsets(kres.section.ANSWER) + for i = 1, #section do + local rr = section[i] + for k = 1, rr.rr.count do + local rdata = rr:tostring(k - 1) + if qverbose then + if not qry:hasflag(kres.query.DNSSEC_WANT) or + qry:hasflag(kres.query.DNSSEC_INSECURE) then + rdata = rdata .. " (insecure)" + else + rdata = rdata .. " (secure)" + end + end + if rr.type == kres.type.A then + print(string.format("%s has address %s", qname, rdata)) + elseif rr.type == kres.type.AAAA then + print(string.format("%s has IPv6 address %s", qname, rdata)) + elseif rr.type == kres.type.MX then + print(string.format("%s mail is handled by %s", qname, rdata)) + else + print(string.format("%s has %s record %s%s", qname, qtype, rdata)) + end + end + end + ]] + os.execute(string.format('%s -C \'%s\' %s \'%s\'', cli_bin, table.concat(config, ' '), query, capture)) +end diff --git a/scripts/kresd-query.lua b/scripts/kresd-query.lua index d4e57d761..4f28390ac 100755 --- a/scripts/kresd-query.lua +++ b/scripts/kresd-query.lua @@ -12,7 +12,10 @@ return resolve("%s", kres.type.%s, kres.class.%s, 0, function (pkt, req) pkt = kres.pkt_t(pkt) req = kres.request_t(req) - pcall(function () %s end) + local ok, err = pcall(function () %s end) + if not ok then + print(err) + end quit() end)']] -- Parse CLI arguments