ab16005053
* Bugfix for miekg/dns#748 w.msg was being prematurely cleared prior to use by TsigVerify * Modified patch after feedback from tmthrgd Added a disposeBuffer method to the server that's passed a response. This wipes the reference to and frees the buffer used to store the message after TSIG validation has occured, not before. Since the pool is an attribute of the server (and the logic refers to a server UDPSize attribute), it made sense to make this a function of the server rather than a function of the response. * Added TestServerRoundtripTsig to server_test.go This test generates a TSIG signed query, and makes sure that server TSIG validation does not produce an error. * Fixed data races introduced by TestServerRoundtripTsig * Simplified error signalling in TestServerRoundtripTsig * RunLocalUDPServerWithFinChan variadic closure argument added This (clever hack suggested by tmthrgd) allows specifying field values (like TsigSecret) on Server instances at test time without making the race detector grouchy, but is backwards compatible with existing invocations of RunLocalUDPServerWithFinChan. |
||
---|---|---|
dnsutil | ||
vendor/golang.org/x | ||
.codecov.yml | ||
.gitignore | ||
.travis.yml | ||
AUTHORS | ||
CONTRIBUTORS | ||
COPYRIGHT | ||
Gopkg.lock | ||
Gopkg.toml | ||
LICENSE | ||
Makefile.fuzz | ||
Makefile.release | ||
README.md | ||
client.go | ||
client_test.go | ||
clientconfig.go | ||
clientconfig_test.go | ||
compress_generate.go | ||
dane.go | ||
defaults.go | ||
dns.go | ||
dns_bench_test.go | ||
dns_test.go | ||
dnssec.go | ||
dnssec_keygen.go | ||
dnssec_keyscan.go | ||
dnssec_privkey.go | ||
dnssec_test.go | ||
doc.go | ||
duplicate.go | ||
duplicate_generate.go | ||
duplicate_test.go | ||
dyn_test.go | ||
edns.go | ||
edns_test.go | ||
example_test.go | ||
format.go | ||
fuzz.go | ||
generate.go | ||
generate_test.go | ||
issue_test.go | ||
labels.go | ||
labels_test.go | ||
leak_test.go | ||
length_test.go | ||
listen_go111.go | ||
listen_go_not111.go | ||
msg.go | ||
msg_generate.go | ||
msg_helpers.go | ||
msg_helpers_test.go | ||
msg_test.go | ||
nsecx.go | ||
nsecx_test.go | ||
parse_test.go | ||
privaterr.go | ||
privaterr_test.go | ||
rawmsg.go | ||
remote_test.go | ||
reverse.go | ||
rr_test.go | ||
sanitize.go | ||
sanitize_test.go | ||
scan.go | ||
scan_rr.go | ||
scan_test.go | ||
scanner.go | ||
server.go | ||
server_test.go | ||
sig0.go | ||
sig0_test.go | ||
singleinflight.go | ||
smimea.go | ||
tlsa.go | ||
tsig.go | ||
tsig_test.go | ||
types.go | ||
types_generate.go | ||
types_test.go | ||
udp.go | ||
udp_test.go | ||
update.go | ||
update_test.go | ||
version.go | ||
version_test.go | ||
xfr.go | ||
zcompress.go | ||
zduplicate.go | ||
zmsg.go | ||
ztypes.go |
README.md
Alternative (more granular) approach to a DNS library
Less is more.
Complete and usable DNS library. All widely used Resource Records are supported, including the DNSSEC types. It follows a lean and mean philosophy. If there is stuff you should know as a DNS programmer there isn't a convenience function for it. Server side and client side programming is supported, i.e. you can build servers and resolvers with it.
We try to keep the "master" branch as sane as possible and at the bleeding edge of standards, avoiding breaking changes wherever reasonable. We support the last two versions of Go.
Goals
- KISS;
- Fast;
- Small API. If it's easy to code in Go, don't make a function for it.
Users
A not-so-up-to-date-list-that-may-be-actually-current:
- https://github.com/coredns/coredns
- https://cloudflare.com
- https://github.com/abh/geodns
- http://www.statdns.com/
- http://www.dnsinspect.com/
- https://github.com/chuangbo/jianbing-dictionary-dns
- http://www.dns-lg.com/
- https://github.com/fcambus/rrda
- https://github.com/kenshinx/godns
- https://github.com/skynetservices/skydns
- https://github.com/hashicorp/consul
- https://github.com/DevelopersPL/godnsagent
- https://github.com/duedil-ltd/discodns
- https://github.com/StalkR/dns-reverse-proxy
- https://github.com/tianon/rawdns
- https://mesosphere.github.io/mesos-dns/
- https://pulse.turbobytes.com/
- https://play.google.com/store/apps/details?id=com.turbobytes.dig
- https://github.com/fcambus/statzone
- https://github.com/benschw/dns-clb-go
- https://github.com/corny/dnscheck for http://public-dns.info/
- https://namesmith.io
- https://github.com/miekg/unbound
- https://github.com/miekg/exdns
- https://dnslookup.org
- https://github.com/looterz/grimd
- https://github.com/phamhongviet/serf-dns
- https://github.com/mehrdadrad/mylg
- https://github.com/bamarni/dockness
- https://github.com/fffaraz/microdns
- http://kelda.io
- https://github.com/ipdcode/hades (JD.COM)
- https://github.com/StackExchange/dnscontrol/
- https://www.dnsperf.com/
- https://dnssectest.net/
- https://dns.apebits.com
- https://github.com/oif/apex
- https://github.com/jedisct1/dnscrypt-proxy
- https://github.com/jedisct1/rpdns
- https://github.com/xor-gate/sshfp
- https://github.com/rs/dnstrace
- https://blitiri.com.ar/p/dnss (github mirror)
Send pull request if you want to be listed here.
Features
- UDP/TCP queries, IPv4 and IPv6;
- RFC 1035 zone file parsing ($INCLUDE, $ORIGIN, $TTL and $GENERATE (for all record types) are supported;
- Fast:
- Reply speed around ~ 80K qps (faster hardware results in more qps);
- Parsing RRs ~ 100K RR/s, that's 5M records in about 50 seconds;
- Server side programming (mimicking the net/http package);
- Client side programming;
- DNSSEC: signing, validating and key generation for DSA, RSA, ECDSA and Ed25519;
- EDNS0, NSID, Cookies;
- AXFR/IXFR;
- TSIG, SIG(0);
- DNS over TLS: optional encrypted connection between client and server;
- DNS name compression;
- Depends only on the standard library.
Have fun!
Miek Gieben - 2010-2012 - miek@miek.nl
Building
Building is done with the go
tool. If you have setup your GOPATH correctly, the following should
work:
go get github.com/miekg/dns
go build github.com/miekg/dns
Examples
A short "how to use the API" is at the beginning of doc.go (this also will show
when you call godoc github.com/miekg/dns
).
Example programs can be found in the github.com/miekg/exdns
repository.
Supported RFCs
all of them
- 103{4,5} - DNS standard
- 1348 - NSAP record (removed the record)
- 1982 - Serial Arithmetic
- 1876 - LOC record
- 1995 - IXFR
- 1996 - DNS notify
- 2136 - DNS Update (dynamic updates)
- 2181 - RRset definition - there is no RRset type though, just []RR
- 2537 - RSAMD5 DNS keys
- 2065 - DNSSEC (updated in later RFCs)
- 2671 - EDNS record
- 2782 - SRV record
- 2845 - TSIG record
- 2915 - NAPTR record
- 2929 - DNS IANA Considerations
- 3110 - RSASHA1 DNS keys
- 3225 - DO bit (DNSSEC OK)
- 340{1,2,3} - NAPTR record
- 3445 - Limiting the scope of (DNS)KEY
- 3597 - Unknown RRs
- 403{3,4,5} - DNSSEC + validation functions
- 4255 - SSHFP record
- 4343 - Case insensitivity
- 4408 - SPF record
- 4509 - SHA256 Hash in DS
- 4592 - Wildcards in the DNS
- 4635 - HMAC SHA TSIG
- 4701 - DHCID
- 4892 - id.server
- 5001 - NSID
- 5155 - NSEC3 record
- 5205 - HIP record
- 5702 - SHA2 in the DNS
- 5936 - AXFR
- 5966 - TCP implementation recommendations
- 6605 - ECDSA
- 6725 - IANA Registry Update
- 6742 - ILNP DNS
- 6840 - Clarifications and Implementation Notes for DNS Security
- 6844 - CAA record
- 6891 - EDNS0 update
- 6895 - DNS IANA considerations
- 6975 - Algorithm Understanding in DNSSEC
- 7043 - EUI48/EUI64 records
- 7314 - DNS (EDNS) EXPIRE Option
- 7477 - CSYNC RR
- 7828 - edns-tcp-keepalive EDNS0 Option
- 7553 - URI record
- 7858 - DNS over TLS: Initiation and Performance Considerations
- 7871 - EDNS0 Client Subnet
- 7873 - Domain Name System (DNS) Cookies (draft-ietf-dnsop-cookies)
- 8080 - EdDSA for DNSSEC
Loosely based upon
ldns
NSD
Net::DNS
GRONG