From ravirocks1021 at gmail.com Thu May 12 04:39:40 2016 From: ravirocks1021 at gmail.com (ravin goyal) Date: Thu, 12 May 2016 10:09:40 +0530 Subject: [ldns-users] Fwd: Regarding dns resolver in c using ldns In-Reply-To: References: Message-ID: Hii I am trying to implement dns resolver in C using ldns and following example codes given on website i implemented basic dns resolver for TXT records But main concern is i want to set a static server address rather than looking up /etc/resolv.conf file And for that i have found ldns_resolver_set_source is what i actually need for this but i don't see any working example/code to use this function I followed the docs but i still in middle of how I am going to use this function. Any help?? Regards Ravin From willem at nlnetlabs.nl Thu May 12 09:35:22 2016 From: willem at nlnetlabs.nl (Willem Toorop) Date: Thu, 12 May 2016 11:35:22 +0200 Subject: [ldns-users] Fwd: Regarding dns resolver in c using ldns In-Reply-To: References: Message-ID: <57344E5A.3050700@nlnetlabs.nl> Hi Ravin, I suspect you want to use ldns_resolver_push_nameserver to target a server directly with a query. See attached example for its usage. Best regards, -- Willem Op 12-05-16 om 06:39 schreef ravin goyal: > Hii > > I am trying to implement dns resolver in C using ldns and following > example codes given on website i implemented basic dns resolver for > TXT records > > But main concern is i want to set a static server address rather than > looking up /etc/resolv.conf file > > And for that i have found ldns_resolver_set_source is what i actually > need for this > but i don't see any working example/code to use this function > > I followed the docs but i still in middle of how I am going to use > this function. > Any help?? > > Regards > Ravin > _______________________________________________ > ldns-users mailing list > ldns-users at open.nlnetlabs.nl > https://open.nlnetlabs.nl/mailman/listinfo/ldns-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: push_nameserver_example.c Type: text/x-csrc Size: 1030 bytes Desc: not available URL: From ravirocks1021 at gmail.com Thu May 12 10:13:23 2016 From: ravirocks1021 at gmail.com (ravin goyal) Date: Thu, 12 May 2016 15:43:23 +0530 Subject: [ldns-users] Fwd: Regarding dns resolver in c using ldns In-Reply-To: <57344E5A.3050700@nlnetlabs.nl> References: <57344E5A.3050700@nlnetlabs.nl> Message-ID: Thanks! Willem That helped me Regards Ravin On 12 May 2016 at 15:05, Willem Toorop wrote: > Hi Ravin, > > I suspect you want to use ldns_resolver_push_nameserver to target a > server directly with a query. See attached example for its usage. > > Best regards, > > -- Willem > > Op 12-05-16 om 06:39 schreef ravin goyal: >> Hii >> >> I am trying to implement dns resolver in C using ldns and following >> example codes given on website i implemented basic dns resolver for >> TXT records >> >> But main concern is i want to set a static server address rather than >> looking up /etc/resolv.conf file >> >> And for that i have found ldns_resolver_set_source is what i actually >> need for this >> but i don't see any working example/code to use this function >> >> I followed the docs but i still in middle of how I am going to use >> this function. >> Any help?? >> >> Regards >> Ravin >> _______________________________________________ >> ldns-users mailing list >> ldns-users at open.nlnetlabs.nl >> https://open.nlnetlabs.nl/mailman/listinfo/ldns-users >> > > > _______________________________________________ > ldns-users mailing list > ldns-users at open.nlnetlabs.nl > https://open.nlnetlabs.nl/mailman/listinfo/ldns-users > From vladimir.levijev at gmail.com Tue May 17 12:16:05 2016 From: vladimir.levijev at gmail.com (Vladimir Levijev) Date: Tue, 17 May 2016 15:16:05 +0300 Subject: [ldns-users] Limit number of recursions when using LDNS_RD Message-ID: Hi, I couldn't find any information on whether it's possible to limit the number of recursions when performing a recursive IN DNAME (or any other) query? Thanks, VL From ravirocks1021 at gmail.com Wed May 18 12:08:01 2016 From: ravirocks1021 at gmail.com (ravin goyal) Date: Wed, 18 May 2016 17:38:01 +0530 Subject: [ldns-users] Fwd: Regarding dns resolver in c using ldns In-Reply-To: References: <57344E5A.3050700@nlnetlabs.nl> Message-ID: Hii Willem Regarding ldns_resolver_push_nameserver to target a server directly with a query , in the example code that you have sent using while creating nameserver address you have done this : ldns_rdf_new_frm_str( LDNS_RDF_TYPE_A, "185.49.140.60") but in here i want to set the domain name rather than the ip address itself I tried using ldns_rdf_new_frm_str( LDNS_RDF_TYPE_DNAME, "domain.com") but it is not working How can we set the domain name of the nameserver rather than ip address thanks in advance. From willem at nlnetlabs.nl Wed May 18 12:28:49 2016 From: willem at nlnetlabs.nl (Willem Toorop) Date: Wed, 18 May 2016 14:28:49 +0200 Subject: [ldns-users] Fwd: Regarding dns resolver in c using ldns In-Reply-To: References: <57344E5A.3050700@nlnetlabs.nl>

Message-ID: <573C6001.3060506@nlnetlabs.nl> Hi Ravin, This is a little of a chicken and egg problem :). I suspect you want to target the authoritative nameservers for a given domain. In that case you have to find out which authoritative nameservers serve that domain and their IP addresses first. So to target the authoritative nameservers serving domain.com, you first have to query for the NS RRset for domain.com (perhaps with a ldns_resolver initialized with /etc/resolv.conf ; i.e. ldns_resolver_new_frm_fp(&res, NULL)). Below is the query done with drill, but it could be done with a ldns_resolver initialized with /etc/resolv.conf just as well... $ drill domain.com NS ;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 59096 ;; flags: qr rd ra ; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 4 ;; QUESTION SECTION: ;; domain.com. IN NS ;; ANSWER SECTION: domain.com. 86400 IN NS ns1.p13.dynect.net. domain.com. 86400 IN NS ns2.p13.dynect.net. domain.com. 86400 IN NS ns3.p13.dynect.net. domain.com. 86400 IN NS ns4.p13.dynect.net. ;; AUTHORITY SECTION: ;; ADDITIONAL SECTION: ns1.p13.dynect.net. 68784 IN A 208.78.70.13 ns2.p13.dynect.net. 68784 IN A 204.13.250.13 ns3.p13.dynect.net. 68784 IN A 208.78.71.13 ns4.p13.dynect.net. 68784 IN A 204.13.251.13 ;; Query time: 454 msec ;; SERVER: 185.49.140.101 ;; WHEN: Wed May 18 14:21:03 2016 ;; MSG SIZE rcvd: 178 Now push those IP addresses in the additional section on the ldns_resolver with which you want to target the authoritative nameserver. (you might have to do more lookups to get the addresses though...) Is this helpful to you? -- Willem Op 18-05-16 om 14:08 schreef ravin goyal: > Hii Willem > > Regarding ldns_resolver_push_nameserver to target a server directly > with a query , in the example code that you have sent using > > while creating nameserver address you have done this : > > ldns_rdf_new_frm_str( LDNS_RDF_TYPE_A, "185.49.140.60") > > but in here i want to set the domain name rather than the ip address itself > > I tried using ldns_rdf_new_frm_str( LDNS_RDF_TYPE_DNAME, "domain.com") > > but it is not working > > How can we set the domain name of the nameserver rather than ip address > > > thanks in advance. > From ravirocks1021 at gmail.com Wed May 18 12:29:04 2016 From: ravirocks1021 at gmail.com (ravin goyal) Date: Wed, 18 May 2016 17:59:04 +0530 Subject: [ldns-users] Fwd: Regarding dns resolver in c using ldns In-Reply-To: References: <57344E5A.3050700@nlnetlabs.nl>

<20160518.142120.514287537816376809.he@uninett.no> Message-ID: Hii Havard right now what is happening is dig @185.49.140.60 txt nlnetlabs.nl but i want it as dig @domain.com txt nlnetlabs.nl where domain.com is 185.49.140.60 I don't want to rely on ip address , possibility of ip address gets change over period of time is higher than the domain name gets change that's why i want to set domain name rather than ip address I hope i made myself clear thanks On 18 May 2016 at 17:58, ravin goyal wrote: > Hii Havard > > right now what is happening is > > dig @185.49.140.60 txt nlnetlabs.nl > > but i want it as > > dig @domain.com txt nlnetlabs.nl > > where domain.com is 185.49.140.60 > > I don't want to rely on ip address , possibility of ip address gets > change over period of time is higher than the domain name gets change > that's why i want to set domain name rather than ip address > > I hope i made myself clear > > thanks From sca at andreasschulze.de Tue May 31 21:52:33 2016 From: sca at andreasschulze.de (A. Schulze) Date: Tue, 31 May 2016 23:52:33 +0200 Subject: [ldns-users] TLSA verification using ldns-dane Message-ID: <1197b7a9-aaf9-c8a2-3b9c-052ed98f7a70@andreasschulze.de> Hello, i use the command "ldns-dane verify www.example.org 443" to check if the TLSA-Record _443._tcp.www.example.org match the certificate at https://www.example.org. That works. Now I try to check a mailserver that support STARTTLS. I assume "-i : Interact after connecting" is my friend. But what's the intended use? I tried variations of "echo STARTTLS | ldns-dane -i verify mail.example.org 25" but that fail: handshaking SSL_get_error: 1 error: could not get cert chain from ssl 140217346352784:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:795: Or does the above error say "ldns-dane don't understand the TLS version used by mail.example.org" ??? Andreas