From c7f90f58cc2efb1bf19e98b33627152cebc9c56b Mon Sep 17 00:00:00 2001 From: Miek Gieben Date: Tue, 26 Jul 2011 20:00:08 +0200 Subject: [PATCH] Seems to be working --- _examples/ns/miek.nl.signed | 63 +++++++++++++++++++++++++++++++++++++ _examples/ns/ns.go | 46 ++++++++++++++++++++------- 2 files changed, 97 insertions(+), 12 deletions(-) create mode 100644 _examples/ns/miek.nl.signed diff --git a/_examples/ns/miek.nl.signed b/_examples/ns/miek.nl.signed new file mode 100644 index 00000000..5ab5dd3f --- /dev/null +++ b/_examples/ns/miek.nl.signed @@ -0,0 +1,63 @@ +miek.nl. 345600 IN SOA elektron.atoom.net. miekg.atoom.net. 1311646381 14400 3600 604800 86400 +miek.nl. 345600 IN RRSIG SOA 8 2 345600 20110825011301 20110726011301 12051 miek.nl. YyzEuovl3L+VA9/EB5sXCzbagxwDHJqa9drXG8Uts12Fj8f2dOrjhS57 6ZY+qbq/jS4eETB5bs3MgAAOUXhVL5Qto+XuQb9Ni+qmWKYzmUPoXwi6 F2eb7mCVnDMh+HnGmlM8ybB9BrAVHoj8h2sEJyMvY3f6KGK97uCBxLr3 dbQ= +miek.nl. 345600 IN NS ext.ns.whyscream.net. +miek.nl. 345600 IN NS open.nlnetlabs.nl. +miek.nl. 345600 IN NS omval.tednet.nl. +miek.nl. 345600 IN NS elektron.atoom.net. +miek.nl. 345600 IN RRSIG NS 8 2 345600 20110825011301 20110726011301 12051 miek.nl. MqpVvBNf61HWPVcZBlSk9lRkucR8mqgT9b/26dJ2Qx45Tp4JWpexQwXG +rbWzwtNbIYDKuwh8rVqKzn1z2BDqnkmsyx0cktbJo8Ci/qtWSRCg2JV tcyEa1yM74Ziay4Ur0wr74gWYmoSqjnga7erl6XjzjBTmjfgqLqYs/T3 +HI= +miek.nl. 345600 IN A 85.223.71.124 +miek.nl. 345600 IN RRSIG A 8 2 345600 20110825011301 20110726011301 12051 miek.nl. VDsBsEdQhsDay04akDBw5gKVnOtkOsnsjih2/I6/+8/eCBWOYfoGYR3e ANfRxCjI6ALMtBETQkd0XwUp7MaEe/7tIX7ENWXTI0bVfhuqXoH2+yIG RCxC06XdSWPQmrnISGQYGbFsXdzaJRAE911ipcS2Yh5tfwDJTDny4rYV 6FI= +miek.nl. 345600 IN MX 20 mail.atoom.net. +miek.nl. 345600 IN MX 40 mx-ext.tjeb.nl. +miek.nl. 345600 IN RRSIG MX 8 2 345600 20110825011301 20110726011301 12051 miek.nl. Jion3ZQv1BUdoiwmGdBcACvxJrkBdlE1Cw8TUFkjDpiSwT1PduxUD9Yl ZaSwSiUULDa69/SLfGyobqRnIqGysl1vRtCHG2d8/rsML/hVfPCoWgzI iv80StVQO1ZUHRrFyr0Nt0t4h195jiVHWgrBbm2r18SAz4Wo7+iYpCpJ lVo= +miek.nl. 345600 IN TXT "$pup: e66a339 2011-02-24 12:50:03 +0100 Miek Gieben$" +miek.nl. 345600 IN RRSIG TXT 8 2 345600 20110825011301 20110726011301 12051 miek.nl. kym+5x9xn5+9BBfFiQkcpIz1eZ/D4F5jBjtRZ+Ts3t3W8xMSG+WbK1Zh WopqjSP1jtQFlAGjkY5pTvO9kbBt8dY3yHO8hy1qgI5i3XZwm2UsNFsH yz2jJMQM74rRGXio0bUkh0H0PvBcZ2wK6Jn61hXLWC3Kmg0NHuIyWwwr tsA= +miek.nl. 345600 IN AAAA 2001:7b8:32a::2 +miek.nl. 345600 IN RRSIG AAAA 8 2 345600 20110825011301 20110726011301 12051 miek.nl. NHmqysscmxCP6eFhvmStfut1sHybTd7O2JlkQeCVzFbWv1Th3R7G/o2L zPE7qb7CNzeK4CYmkQZuWaQVmqOpbocuTI2TE95obMrqZ0VzTZ/Ps8LW 6RdgniJjWcOhl4P2w6Yo7WY3gvD9RjPdIJ5PJE1xf5KvrENx/UbAbdR8 JT4= +miek.nl. 86400 IN NSEC a.miek.nl. A NS SOA MX TXT AAAA RRSIG NSEC DNSKEY +miek.nl. 86400 IN RRSIG NSEC 8 2 86400 20110825011301 20110726011301 12051 miek.nl. YuiCAVIg0/fuXO78YgsQMhBIcdlJsp0Pi32a9Y47gWe62/o9AV/RMuoK OdKDBiTrcGUoGYiIKXASSqquHbLBH4duE32lFqimrdpE8dq0H2m51xOS g9Eo3UbFdQ8zGQGWRzSYw1lep47zaSSWqW2qmyF59l1jLW3SYRmMKSRk z9A= +miek.nl. 345600 IN DNSKEY 256 3 8 AwEAAcNEU67LJI5GEgF9QLNqLO1SMq1EdoQ6E9f85ha0k0ewQGCblyW2 836GiVsm6k8Kr5ECIoMJ6fZWf3CQSQ9ycWfTyOHfmI3eQ/1Covhb2y4b AmL/07PhrL7ozWBW3wBfM335Ft9xjtXHPy7ztCbV9qZ4TVDTW/Iyg0Pi wgoXVesz ; key id = 12051 +miek.nl. 345600 IN DNSKEY 257 3 8 AwEAAcWdjBl4W4wh/hPxMDcBytmNCvEngIgB9Ut3C2+QI0oVz78/WK9K PoQF7B74JQ/mjO4fvIncBmPp6mFNxs9/WQX0IXf7oKviEVOXLjctR4D1 KQLX0wprvtUIsQFIGdXaO6suTT5eDbSd6tTwu5xIkGkDmQhhH8OQydoE uCwV245ZwF/8AIsqBYDNQtQ6zhd6jDC+uZJXg/9LuPOxFHbiMTjp6j3C CW0kHbfM/YHZErWWtjPj3U3Z7knQSIm5PO5FRKBEYDdr5UxWJ/1/20Sr zI3iztvPwHDsA2rdHm/4YRzq7CvG4N0t9ac/T0a0Sxba/BUX2UVPWaIV BdTRBtgHi0s= ; key id = 33694 +miek.nl. 345600 IN RRSIG DNSKEY 8 2 345600 20110825011301 20110726011301 12051 miek.nl. pKMbYhGJP0AA2UEyxchOLQsTlfA89dzzhe1/bl9R1wjt572Gyl2YtujY 4FTRbFO92bnmfqRgHav7nnN+ToSXkspwEIsi4LIs27ngXC8shmzQPQec Pj5vO5XJqxROLbFhwCaHBEJbh0YlgMHhbk+QcKbH2gGP+sGLumM7KnwK 7lI= +miek.nl. 345600 IN RRSIG DNSKEY 8 2 345600 20110825011301 20110726011301 33694 miek.nl. oaZZSwUz1UhXFnJL8qfiPBneZKs/BGbQZWbA9U95eJgoT3p19DAgfqA0 t+iTt9SzrB3Mew211Ik77AZsF13TpryTr/qhe/kAK9dFryHV0JpZlZtS BNGVKIRRWwr3wxpD/9Z8A60MUVUaZTXUdaxWPNu1gNZPgJk1wIywLBEA D/icsNvhfVU47/CGzI4aFUeUIwJENxn0UZUVjZKQOSo58JyBkkvjQLfD ZVvRCZh/7Vdh8cBuNzDCifz2s5qrng+Xlaaly6vw1j1L8L2j74sGMEVE tH8lAyORNZRBswYux5WwXjLjsg3T8t9dAG3qY7ftngHxWB4HUZwLih5a Xj50Eg== +a.miek.nl. 345600 IN A 85.223.71.124 +a.miek.nl. 345600 IN RRSIG A 8 3 345600 20110825011301 20110726011301 12051 miek.nl. ueA2qBk2tahn4j4f2cvBQgahBstApb4ROKgzybIO8oShUTRseQWcg4vH RymI9AD5d/LbHIKmkfNkphm4O9Fburz83pTTA8cf6LvUBCGVLk1BYQYv f/gi8xHX7jkj6DaZ3dwfNq0agDE5fN1prfcksFLtPy081SU0BFYDr8lY VuU= +a.miek.nl. 345600 IN AAAA 2001:7b8:32a::2 +a.miek.nl. 345600 IN RRSIG AAAA 8 3 345600 20110825011301 20110726011301 12051 miek.nl. CT59F9JXQUNzIRCFlIDX8OTiDrw6JqG7WsdWA6dRsYuMZ5yd+TE1HkV+ rQjuBjOfh4pS0nset3G3l3wreXpDlXtBcvL/DrTzMciYdJoqJQjpGpJP BRGn/JpBHbG0kkJhNoxz1uLuWXKTx3jz8osx6yIyBysVLNEZn+59wxJg Gn4= +a.miek.nl. 86400 IN NSEC c.miek.nl. A AAAA RRSIG NSEC +a.miek.nl. 86400 IN RRSIG NSEC 8 3 86400 20110825011301 20110726011301 12051 miek.nl. cG0cLpsqC0DUmWB6o8Cs3xCohWJFuBo3VGqBkleN0mrU2cX/pMfqDA7J QDDTkCrJB1nPKxMqbVT5z2gWPr6rU5oq1tdk60Go58cheSmxMuSyNOSE jNk4x5LHPn4ghl7wL6V+XzAkfTm5ySNAzSZ3FVJCkc1l+BeHtraEoW/F LAU= +c.miek.nl. 345600 IN A 85.223.71.124 +c.miek.nl. 345600 IN RRSIG A 8 3 345600 20110825011301 20110726011301 12051 miek.nl. iiwAIygH5NmbqrpSCouwLIc3z5Bwk/mDR5ZeT6qYSMhuXECP59cVeimG ENWV5UsUVy4ZxAdahLRRJJEt1NaKoBZa6Q8lDSPSE2BVPKYYDfM1B4Vb Tpl2l1G+osJxmPXkZYUtQA04g0R9PJ5+4NuPrdtYTofi7/A9V91NWwZA jfY= +c.miek.nl. 345600 IN AAAA 2001:7b8:32a::2 +c.miek.nl. 345600 IN RRSIG AAAA 8 3 345600 20110825011301 20110726011301 12051 miek.nl. wc2yOWeTInPWyO/fEFF+bR45JuoE0irDuT1SZsMPcxsQ/3vpCxYheWVK BDXnaT/w+2yPEyYKm3VVyr45fVT9v+AmoxyLpgJiXQG1SZTj2sX+3Xjg JeSisCMsa7dw3hnOacLjKlxg+4KX6kzf7HQ5H5bINlpII18jYLUFCHKd jWY= +c.miek.nl. 86400 IN NSEC elektron.miek.nl. A AAAA RRSIG NSEC +c.miek.nl. 86400 IN RRSIG NSEC 8 3 86400 20110825011301 20110726011301 12051 miek.nl. fXkzo7csTtNqsPqpJEP3E1Vo+LcWdEqxsab9u2yDRP5FZgSDZSnzBd7l mi/yxYjogmrR44z7WaYN7Ow01M3cI0IuXdNQLVlsatlU/NYYKYcYUQ/Y BEJY7Ry+CvsTu4NpvrhN1zueX3DhcmWc8hgEQkJddBL4Vt5JmJu9tPgx 6RY= +elektron.miek.nl. 345600 IN A 85.223.71.124 +elektron.miek.nl. 345600 IN RRSIG A 8 3 345600 20110825011301 20110726011301 12051 miek.nl. aiNoDRGxcY/xfEBEYoIjEQQ3/sqj600WzSq6WFCUMMMqfhT4e8/em1Yn rkIqc4OucLJRsNJb1kfUOOiDa0c1pDt+xP0sw3+8kjBl+IwE4PZy88Uy 1iG3cNNwEuwdc/UdxjmI2/0S9HIOYj896GOGihJLVHgCsVpH7Ssp2r6J cfA= +elektron.miek.nl. 345600 IN AAAA 2001:7b8:32a::2 +elektron.miek.nl. 345600 IN RRSIG AAAA 8 3 345600 20110825011301 20110726011301 12051 miek.nl. wqvZD1mMa3z+DYt39AC0huj2nJc0w7DtmzryzePpwpqPD9TWHhROoflE 7gziHSUz+77V0NAIgqPmJ8Sh+g9B/Ey+blUj8YEYddkXIXoE/4KtWylq ybrqH2FjW9YTBd/GkoY7hjZT4/ep01AYynErzwtZLacfQv4O7YOtw2jR M1w= +elektron.miek.nl. 345600 IN SSHFP 1 1 EFEA55929C653057D981BC0F1D2C9E11C60953C7 +elektron.miek.nl. 345600 IN SSHFP 2 1 1A117C327825918B23422021EB5618FADD8150EE +elektron.miek.nl. 345600 IN RRSIG SSHFP 8 3 345600 20110825011301 20110726011301 12051 miek.nl. UrkW7ksY9sciRBzNreUcbCcMYVYAmjNeglMUlpV9ujR1vI1F0n2lbBi7 iE9G706jjR2VNKuo3sjjCcjaAqnET6FzxpCNRyuEPk97XQPvlGO6d8YN Keei18aE0/LaZPrWrq5Yafy9Ss3yjibGAoNnhyFHegbz80zmjzquNy/b ZpI= +elektron.miek.nl. 86400 IN NSEC localhost.miek.nl. A AAAA SSHFP RRSIG NSEC +elektron.miek.nl. 86400 IN RRSIG NSEC 8 3 86400 20110825011301 20110726011301 12051 miek.nl. luhY8LlPYnyVpka3585I9Lh+KOrmZUJtuJBqAHfDuqTRcEEP/ep7lhSQ bl45U/XOm3ITxp/bcTjMwILdBNfRmo/sit9Dt/xxypoE30MuCf3ILmS1 c9hTZIFN/lbf7fqHDjltpkTrI3BDVDNC4ngPAvq/Z5OzCatH7tUemY8v s7c= +localhost.miek.nl. 345600 IN A 127.0.0.1 +localhost.miek.nl. 345600 IN RRSIG A 8 3 345600 20110825011301 20110726011301 12051 miek.nl. wPAvNy2IpYn125Zzdn5GrlWfeL/Y6HL0oPZx+4HjW5MEHL/yXYzkolpB WGEGN8LO73x2i+8Vb/KF/tpMlHvCT7+adkJAYinbAZp9OFFvUZIKx1IP NHfRZYphnWAbRmfsyF653QfsBwsb4GJNhxy8E/AiLxNXlT0VToajvlOk jb4= +localhost.miek.nl. 86400 IN NSEC *.w1.miek.nl. A RRSIG NSEC +localhost.miek.nl. 86400 IN RRSIG NSEC 8 3 86400 20110825011301 20110726011301 12051 miek.nl. EhKtO0aHTX+FTVgmRqqJAY5VclhKPJxbk1Rd6zepjgQfFk8TlmMFUY1r uplQkc4VmpVqBtJ+wyyqGq9n1AudvfR/oY5FLCYaRFzLN3id2ueJj7h5 VFHvG9QN3ebUGYlcxRTtfGX6KCa8RYTA0b6+w9XnzAVWjITQ1xTg0QS/ YCc= +*.w1.miek.nl. 345600 IN TXT "Wildcard 1 expansion" +*.w1.miek.nl. 345600 IN RRSIG TXT 8 3 345600 20110825011301 20110726011301 12051 miek.nl. M8245hL8eQDNScXdyspnegEiMR/5hYErLEVGag/Ev0+OvKck2uRgSnQm OGkTxsn2e4CZnthd0UYP8SYtyL3mgEk49Z9y1dcwdYqrpYnkSzkoxr1f au1JPZ8AtP8T57xXo4ljabTl4l77b7gwf+flGd1Ilgk2kAl2akr9/0uR HDk= +*.w1.miek.nl. 86400 IN NSEC *.w2.miek.nl. TXT RRSIG NSEC +*.w1.miek.nl. 86400 IN RRSIG NSEC 8 3 86400 20110825011301 20110726011301 12051 miek.nl. evRJ7QgDd4T4eT45How07BVAZpjN6UZvq2AmNhFdPpX8v8kCmSsI8EQA fA5zg3KQ/1epcLUXRrfNtT0WnkdR+5GdDhKHjHUG8mhuiJLK2Awm+3jx 3fpxBDGvQcQTSuILY8Z6Z4ePL+D838YlZyrkWJZEvsjZYUNamFvd17kh D0k= +*.w2.miek.nl. 345600 IN TXT "Wildcard 2 expansion" +*.w2.miek.nl. 345600 IN RRSIG TXT 8 3 345600 20110825011301 20110726011301 12051 miek.nl. nQVxZQgjvaCishiZnRET2MLmZHHRE45svPFAuGR3uultY0nnQpdNJTsg ZLCoUvj+g7cilGrwtTwCEj8TB49cBkOFLl8TsfECj8ljBpg3hoQ6eAWO Yz0SIgSxfwfHt70uX+1ZsCNqwkaYq2zIDXPsfaRC9fu50qXGu2C5dXDF RdY= +*.w2.miek.nl. 86400 IN NSEC www.miek.nl. TXT RRSIG NSEC +*.w2.miek.nl. 86400 IN RRSIG NSEC 8 3 86400 20110825011301 20110726011301 12051 miek.nl. FNAzm1aSbgDB9B62ln9CMu7+Fl+d3EHD7S2rWOOnXfUr44NUjq7176x8 viwY2lfrUo+0nL5EZ/IoIpO7xSwDallIBPJePewILrSXzHE6zsZohl/3 E0YZwiWBfC2jS99lW3VTZWCvOq/vknNIhAKcdeaKC/XbPygkr1s2kq+f m64= +www.miek.nl. 345600 IN CNAME a.miek.nl. +www.miek.nl. 345600 IN RRSIG CNAME 8 3 345600 20110825011301 20110726011301 12051 miek.nl. EGIKOVEUTTfeMobxuTQ9K5ulr6I21MH6m3euTqe8t37eWI+usZdfw6mY EbjsugLbaQq6KsTsn6a7puMBnG97PjKbUS2mF+lIDf5RbLR+SxpIoQUl 3TLBex7efv5TP2V95xZ0p0C3aazJcIqvdoDlQA43eCbXBwM9T9FBQMHU uGE= +www.miek.nl. 86400 IN NSEC zzzzz.miek.nl. CNAME RRSIG NSEC +www.miek.nl. 86400 IN RRSIG NSEC 8 3 86400 20110825011301 20110726011301 12051 miek.nl. i/QVFS+O1dUb1kLzSNzfqABPzIJjHFivpZpDz7o5LcSEY1fYH5goQRW/ ZT4+0AiP9PeVZnxC+e59yBbzoStmGutHoAZ7UnDWfWKsFKMpvkdE/aSU zXdYdjOU1Pr9e7IECmLSgYs/Dpov6jX+X2d/F7myBVu90rSy7W1jtzjH 8RI= +zzzzz.miek.nl. 345600 IN TXT "Last record" +zzzzz.miek.nl. 345600 IN RRSIG TXT 8 3 345600 20110825011301 20110726011301 12051 miek.nl. oX9aquvHJ4st/z2VLtBBxLWlRh7s3ppfLuzOLy5KBN67dtzOI8Yv4NT6 gKiZ+EQoXcN3gXoDaQiRtV5inN1SX16HhHwzkUD4Tu2vCJ16SMGNL3NP l9w4ujnR73IpK6n4C6fmBuEC/qnrqjPLVn2gQ9+8oizynj5fBJvl63oG X0A= +zzzzz.miek.nl. 86400 IN NSEC miek.nl. TXT RRSIG NSEC +zzzzz.miek.nl. 86400 IN RRSIG NSEC 8 3 86400 20110825011301 20110726011301 12051 miek.nl. RzHU4jtMnbNicO5IIuezURUd4e4PQS75ixOoEBn57FF+hkkXlzB+4HKE 260ZdajfnFBz2aqYqVImMsIiAhWIwai2fEy9/79PPexjP9VTM4oNjlEE FQwcAo/IQCHjbwN4Mfpp3wcFgozwM6NSWYHtqD2//7KTBjXWNewHBuGe rCo= diff --git a/_examples/ns/ns.go b/_examples/ns/ns.go index 5b31e16a..26dc0656 100644 --- a/_examples/ns/ns.go +++ b/_examples/ns/ns.go @@ -12,19 +12,26 @@ import ( // Not too fast. var zone *dns.Zone +var ns []dns.RR +var soa dns.RR +var spam dns.RR func send(w dns.ResponseWriter, m *dns.Msg) { + println(">", m.String()) buf, _ := m.Pack() w.Write(buf) } func handleQueryCHAOS(w dns.ResponseWriter, req *dns.Msg) { + println(req.String()) m := new(dns.Msg) qname := req.Question[0].Name qtype := req.Question[0].Qtype qclass := req.Question[0].Qclass - println(req.String()) + m.Extra = make([]dns.RR, 1) + m.Extra[0] = spam + m.Extra[0].Header().Class = dns.ClassCHAOS if qclass != dns.ClassCHAOS { m.SetRcode(req, dns.RcodeServerFailure) @@ -54,12 +61,13 @@ func handleQueryCHAOS(w dns.ResponseWriter, req *dns.Msg) { } func handleQuery(w dns.ResponseWriter, req *dns.Msg) { + println(req.String()) m := new(dns.Msg) qname := req.Question[0].Name qtype := req.Question[0].Qtype qclass := req.Question[0].Qclass - - println(req.String()) + m.Extra = make([]dns.RR, 1) + m.Extra[0] = spam if qclass != dns.ClassINET { m.SetRcode(req, dns.RcodeServerFailure) @@ -68,18 +76,13 @@ func handleQuery(w dns.ResponseWriter, req *dns.Msg) { } m.SetReply(req) - // Create AUTH section - m.Ns = make([]dns.RR, 0) - for i := 0; i < zone.Len(); i++ { - if zone.At(i).Header().Name == "miek.nl." && zone.At(i).Header().Rrtype == dns.TypeNS { - m.Ns = append(m.Ns, zone.At(i)) - } - } + m.Ns = ns - // Save the name + names := false m.Answer = make([]dns.RR, 0) for i := 0; i < zone.Len(); i++ { if zone.At(i).Header().Name == qname { + names = true // Name found if zone.At(i).Header().Rrtype == qtype { // Type also found, exact match @@ -87,7 +90,15 @@ func handleQuery(w dns.ResponseWriter, req *dns.Msg) { } } } - // Glue?? + if len(m.Answer) == 0 { + m.Ns = m.Ns[:1] + m.Ns[0] = soa + if ! names { + // NXDOMAIN + m.MsgHdr.Rcode = dns.RcodeNameError + } + } + // Glue?? TODO send(w, m) } @@ -103,6 +114,17 @@ func main() { } + ns = make([]dns.RR, 0) + for i := 0; i < zone.Len(); i++ { + if zone.At(i).Header().Name == "miek.nl." && zone.At(i).Header().Rrtype == dns.TypeSOA { + soa = zone.At(i) + } + if zone.At(i).Header().Name == "miek.nl." && zone.At(i).Header().Rrtype == dns.TypeNS { + ns = append(ns, zone.At(i)) + } + } + spam = &dns.RR_TXT{Hdr: dns.RR_Header{Name: "miek.nl.", + Rrtype: dns.TypeTXT, Class: dns.ClassINET}, Txt: "Proudly served with Go: http://www.golang.org"} dns.HandleFunc("miek.nl.", handleQuery) dns.HandleFunc("bind.", handleQueryCHAOS) go func() {