Documentation
¶
Index ¶
Constants ¶
const DateFormat = "20060102150405"
DateFormat follows the Go standard layout for time parsing (YearMonthDayHourMinuteSecond), which uses the reference date: Mon Jan 2 15:04:05 MST 2006.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AAAARecord ¶
AAAARecord represents a single AAAA (Address) resource record in the Domain Name System (DNS). An AAAA record maps a domain name to an IPv6 address, enabling clients to locate servers and other resources on the IPv6 Internet.
Fields:
IPv6: A string representing the IPv6 address associated with the domain name.
The address is in colon-separated hexadecimal format (e.g., "2001:0db8:85a3:0000:0000:8a2e:0370:7334").
OriginalTTL: An unsigned 32-bit integer indicating the original time-to-live (TTL) value
of the AAAA record. This value specifies the duration in seconds that the record
may be cached before it should be discarded or refreshed.
func (*AAAARecord) Compare ¶
func (r *AAAARecord) Compare(b *AAAARecord) bool
Compare checks the equality between two instances of AAAARecord. This function is useful for testing and validation purposes.
Parameters: - b: A reference to another instance for comparison.
Returns:
- bool: Returns true if the corresponding properties of 'a' and 'b' are equal, otherwise, returns false.
func (*AAAARecord) String ¶
func (r *AAAARecord) String() string
String returns a formatted string representation of the AAAARecord. This method implements the fmt.Stringer interface for pretty-printing the record.
type AAAAResponse ¶
type AAAAResponse struct {
Records []AAAARecord
Validated bool
RRSIG *RRSIGRecord
RawResponse string
}
AAAAResponse represents the complete response for an AAAA record query. It includes a collection of AAAA records, the validation status of the response, any associated RRSIG record for DNSSEC validation, and the raw response received from the DNS server. This struct is particularly useful when dealing with responses that include multiple AAAA records for a single domain name.
Fields:
Records: A slice of AAAARecord structs, each representing an individual AAAA record.
Multiple AAAA records may be present if a domain name resolves to multiple
IPv6 addresses.
Validated: A boolean flag indicating whether the AAAA records have been validated
using DNSSEC validation procedures. True if validated, false otherwise.
RRSIG: A pointer to an RRSIGRecord struct that contains the DNSSEC signature for this
AAAA record set. This field is nil if DNSSEC is not used or if the record is not signed.
RawResponse: A string containing the raw textual response received from the DNS server,
which can be useful for logging, debugging, or other diagnostic purposes.
func (*AAAAResponse) Compare ¶
func (r *AAAAResponse) Compare(b *AAAAResponse) bool
Compare checks the equality between two instances of AAAAResponse. This function is useful for testing and validation purposes.
Parameters: - b: A reference to another instance for comparison.
Returns:
- bool: Returns true if the corresponding properties of 'a' and 'b' are equal, otherwise, returns false.
func (*AAAAResponse) Parse ¶
func (r *AAAAResponse) Parse(response string) (DNSRecordResult, error)
Parse parses a raw DNS response string and creates a new AAAAResponse struct. This function is specifically designed to work with the output of the 'delv' command-line tool for AAAA queries. The AAAA query is used to resolve a domain name to its IPv6 address. The parsed information from the 'delv' response is used to populate a AAAAResponse struct, which represents a structured interpretation of the AAAA records and associated data.
Parameters:
response: A string containing the raw textual response from the 'delv' command-line tool.
This response should be the result of an AAAA query for a specific domain.
The response string is expected to include the AAAA records, along with
any associated RRSIG records and other relevant DNS information.
Return Value:
*AAAAResponse: A pointer to a AAAAResponse struct that contains the parsed AAAA records,
the validation status, the associated RRSIG record (if available), and the raw response.
This struct provides a structured representation of the IPv6 addresses
and associated data extracted from the 'delv' response.
error: An error object that indicates any issues encountered during the parsing of the
response string. If the parsing is successful, the error is nil. If parsing fails,
the error provides details about the cause of the failure.
Example Usage:
aaaaResponse, err := Parse(rawDelvResponse)
if err != nil {
// Handle error
}
// Use aaaaResponse for DNS queries or other purposes
Note:
This function is specifically designed to parse the output of the 'delv' command-line tool, which is commonly used for DNS diagnostics and troubleshooting. The function assumes that the input string is in the format provided by 'delv' and may not work correctly with responses from other tools or in different formats.
func (*AAAAResponse) String ¶
func (r *AAAAResponse) String() string
String returns a formatted string representation of the AResponse. This method implements the fmt.Stringer interface for pretty-printing the response.
type ARecord ¶
ARecord represents a single A (Address) resource record in the Domain Name System (DNS). An A record maps a domain name to an IPv4 address, enabling clients to locate servers and other resources on the Internet.
Fields:
IPv4: A string representing the IPv4 address associated with the domain name.
The address is in dotted-decimal notation (e.g., "192.0.2.1").
OriginalTTL: An unsigned 32-bit integer indicating the original time-to-live (TTL) value
of the A record. This value specifies the duration in seconds that the record
may be cached before it should be discarded or refreshed.
func (*ARecord) Compare ¶
Compare checks the equality between two instances of ARecord. This function is useful for testing and validation purposes.
Parameters: - b: A reference to another instance for comparison.
Returns:
- bool: Returns true if the corresponding properties of 'a' and 'b' are equal, otherwise, returns false.
type AResponse ¶
type AResponse struct {
Records []ARecord
Validated bool
RRSIG *RRSIGRecord
RawResponse string
}
AResponse represents the complete response for an A record query. It includes a collection of A records, the validation status of the response, any associated RRSIG record for DNSSEC validation, and the raw response received from the DNS server. This struct is particularly useful when dealing with responses that include multiple A records for a single domain name.
Fields:
Records: A slice of ARecord structs, each representing an individual A record.
Multiple A records may be present if a domain name resolves to multiple
IPv4 addresses.
Validated: A boolean flag indicating whether the A records have been validated
using DNSSEC validation procedures. True if validated, false otherwise.
RRSIG: A pointer to an RRSIGRecord struct that contains the DNSSEC signature for this
A record set. This field is nil if DNSSEC is not used or if the record is not signed.
RawResponse: A string containing the raw textual response received from the DNS server,
which can be useful for logging, debugging, or other diagnostic purposes.
func (*AResponse) Compare ¶
Compare checks the equality between two instances of AResponse. This function is useful for testing and validation purposes.
Parameters: - b: A reference to another instance for comparison.
Returns:
- bool: Returns true if the corresponding properties of 'a' and 'b' are equal, otherwise, returns false.
func (*AResponse) Parse ¶
func (r *AResponse) Parse(response string) (DNSRecordResult, error)
Parse parses a raw DNS response string and creates a new AResponse struct. This function is designed to work with the output of the 'delv' command-line tool for A queries. The A query is used to resolve a domain name to its IPv4 address. The parsed information from the 'delv' response is used to populate an AResponse struct, which represents a structured interpretation of the A records and associated data.
Parameters:
response: A string containing the raw textual response from the 'delv' command-line tool.
This response should be the result of an A query for a specific domain.
The response string is expected to include the A records, along with
any associated RRSIG records and other relevant DNS information.
Return Value:
*AResponse: A pointer to an AResponse struct that contains the parsed A records,
the validation status, the associated RRSIG record (if available), and the raw response.
This struct provides a structured representation of the IPv4 addresses
and associated data extracted from the 'delv' response.
error: An error object that indicates any issues encountered during the parsing of the
response string. If the parsing is successful, the error is nil. If parsing fails,
the error provides details about the cause of the failure.
Example Usage:
aResponse, err := newARecord(rawDelvResponse)
if err != nil {
// Handle error
}
// Use aResponse for DNS queries or other purposes
Note:
This function is specifically designed to parse the output of the 'delv' command-line tool, which is commonly used for DNS diagnostics and troubleshooting. The function assumes that the input string is in the format provided by 'delv' and may not work correctly with responses from other tools or in different formats.
type DNSKEYRecord ¶
type DNSKEYRecord struct {
Flags uint16
Protocol uint8
Algorithm uint8
PublicKey string
KeyType string
AlgorithmName string
KeyID uint16
}
DNSKEYRecord represents a single DNSKEY resource record in DNSSEC. DNSKEY records are used to store public keys associated with a DNS zone, and they play a critical role in DNSSEC's ability to authenticate DNS records.
Fields:
Flags: An unsigned 16-bit integer specifying operational parameters of the DNSKEY.
Common values include 256 (Zone Signing Key) and 257 (Key Signing Key).
Protocol: An unsigned 8-bit integer that should always be 3, as per RFC 4034.
Algorithm: An unsigned 8-bit integer identifying the cryptographic algorithm used
for the key. The value corresponds to specific DNSSEC algorithm types
such as RSASHA1 or ECDSAP256SHA256.
PublicKey: A base64-encoded string representing the public key associated with the DNS zone.
KeyType: A human-readable string indicating the type of key (e.g., "ZSK" for Zone Signing Key,
"KSK" for Key Signing Key).
AlgorithmName: A human-readable string representing the name of the cryptographic algorithm,
such as "RSASHA256" or "ED25519".
KeyID: An unsigned 16-bit integer representing the DNSKEY record's identification value,
often used to reference this key in related DNSSEC records like DS or RRSIG.
func (*DNSKEYRecord) Compare ¶
func (r *DNSKEYRecord) Compare(b *DNSKEYRecord) bool
Compare checks the equality between two instances of DNSKEYRecord. This function is useful for testing and validation purposes.
Parameters: - b: A reference to another instance for comparison.
Returns:
- bool: Returns true if the corresponding properties of 'a' and 'b' are equal, otherwise, returns false.
func (*DNSKEYRecord) String ¶
func (r *DNSKEYRecord) String() string
String returns a formatted string representation of the DNSKEYRecord. It includes details like flags, protocol, algorithm, and the public key.
type DNSKEYResponse ¶
type DNSKEYResponse struct {
Records []DNSKEYRecord
Validated bool
RRSIG *RRSIGRecord
RawResponse string
}
DNSKEYResponse represents the complete response for a DNSKEY query. It includes a collection of DNSKEY records, the validation status of the response, any associated RRSIG record, and the raw response received from the DNS server.
Fields:
Records: A slice of DNSKEYRecord structs, each representing an individual DNSKEY record.
Multiple DNSKEY records are typically present in a DNSKEY query response, as they
represent different keys used for signing various aspects of a DNS zone.
Validated: A boolean flag indicating whether the DNSKEY records have been validated
using DNSSEC validation procedures. True if validated, false otherwise.
RRSIG: A pointer to an RRSIGRecord struct that contains the DNSSEC signature for this
DNSKEY record set. This field is nil if DNSSEC is not used or if the record is not signed.
RawResponse: A string containing the raw textual response received from the DNS server,
useful for logging, debugging, or other diagnostic purposes.
func (*DNSKEYResponse) Compare ¶
func (r *DNSKEYResponse) Compare(b *DNSKEYResponse) bool
Compare checks the equality between two instances of DNSKEYResponse. This function is useful for testing and validation purposes.
Parameters: - b: A reference to another instance for comparison.
Returns:
- bool: Returns true if the corresponding properties of 'a' and 'b' are equal, otherwise, returns false.
func (*DNSKEYResponse) Parse ¶
func (r *DNSKEYResponse) Parse(response string) (DNSRecordResult, error)
Parse parses a raw DNS response string and creates a new DNSKEYResponse struct. This function is designed to work with the output of the 'delv' command-line tool specifically for DNSKEY queries within the context of DNSSEC. The parsed information is used to populate a DNSKEYResponse struct, which represents a structured interpretation of the DNSKEY records and associated data.
Parameters:
response: A string containing the raw textual response from the 'delv' command-line tool.
This response should be the result of a DNSKEY query for a specific domain.
The response string is expected to include the DNSKEY records, along with
any associated RRSIG records and other relevant DNSSEC information.
Return Value:
*DNSKEYResponse: A pointer to a DNSKEYResponse struct that contains the parsed DNSKEY records,
the validation status, the associated RRSIG record (if available), and the raw response.
This struct provides a structured representation of the DNSSEC public keys
and associated data extracted from the 'delv' response.
error: An error object that indicates any issues encountered during the parsing of the
response string. If the parsing is successful, the error is nil. If parsing fails,
the error provides details about the cause of the failure.
Example Usage:
dnskeyResponse, err := Parse(rawDelvResponse)
if err != nil {
// Handle error
}
// Use dnskeyResponse for DNSSEC validation or other purposes
Note:
This function is specifically designed to parse the output of the 'delv' command-line tool, which is used for DNSSEC diagnostics and troubleshooting. The function assumes that the input string is in the format provided by 'delv' and may not work correctly with responses from other tools or in different formats.
func (*DNSKEYResponse) String ¶
func (r *DNSKEYResponse) String() string
String returns a formatted string representation of the DNSKEYResponse. It provides a human-readable view of the response, including the records, validation status, and raw response.
type DNSRecordParser ¶
type DNSRecordParser interface {
Parse(response string) (DNSRecordResult, error)
}
DNSRecordParser is an interface that defines the standard method for parsing DNS record responses. Implementations of this interface are responsible for parsing raw DNS response strings and converting them into structured data types.
The interface is designed to be flexible enough to handle different types of DNS records, such as DS, AAAA, DNSKEY, etc. Each specific record type will have its own implementation of the Parse method, tailored to extract the relevant information from that particular type of DNS response.
Methods:
Parse(response string) (DNSRecordResult, error)
- Parse takes a raw DNS response string as input and returns a DNSRecordResult.
- The response string is expected to be the output from a DNS query command (e.g., 'delv').
- The method returns a DNSRecordResult containing the parsed data, and an error if the parsing fails.
type DNSRecordResult ¶
type DNSRecordResult interface{}
DNSRecordResult is an interface that represents the result of parsing a DNS record response. This interface is implemented by structs that hold the parsed data of specific DNS record types.
The DNSRecordResult interface is a generic container for the results of DNS record parsing. Each specific record type (e.g., DS, AAAA, DNSKEY) will have its own struct that implements this interface, allowing for type-specific data to be stored while still conforming to a general result type that can be used in more abstract contexts, such as storing in a collection of mixed result types.
Implementations of DNSRecordResult should include fields that are relevant to the specific DNS record type they represent. For example, a struct representing the result of parsing a DS record might include fields for key tag, algorithm, digest type, digest, and validation status.
type DSRecord ¶
DSRecord represents a single DNSSEC Delegation Signer (DS) record. A DS record is used in DNSSEC to link a child zone to a parent zone, enabling the validation of DNSSEC-signed records in the child zone.
Fields:
KeyTag: A 16-bit identifier of the DNSKEY record in the child zone
that is used to sign the zone's DNS records. It is used to efficiently
locate the correct DNSKEY record in the child zone.
Algorithm: An 8-bit integer identifying the cryptographic algorithm
used to create the signature in the DNSKEY record. The value corresponds
to IANA DNSSEC Algorithm Identifiers.
DigestType: An 8-bit integer representing the type of digest
that is used to create a hash of the DNSKEY record. The value
corresponds to IANA DS Record Digest Types.
Digest: A string representing the hexadecimal value of the digest
(hash) of the DNSKEY record. The digest is calculated using the method
specified in the DigestType field.
func (*DSRecord) Compare ¶
Compare checks the equality between two instances of DSRecord. This function is useful for testing and validation purposes, where it is necessary to compare two DS records to verify if they have the same values.
Parameters: - b: A reference to another instance of DSRecord for comparison.
Returns:
- bool: Returns true if all properties of 'a' and 'b' are equal; otherwise, returns false.
type DSResponse ¶
type DSResponse struct {
Records []DSRecord
Validated bool
RRSIG *RRSIGRecord
RawResponse string
}
DSResponse represents a complete response for a DNSSEC DS record query. This includes potentially multiple DS records, a flag indicating whether the response was validated, the RRSIG record for the response, and the raw response received from the DNS server.
Fields:
Records: A slice of DSRecord, each representing an individual
Delegation Signer record. Multiple DS records may be included to
support different algorithms or keys.
Validated: A boolean flag indicating whether the DS records
in the response have been validated using DNSSEC validation procedures.
RRSIG: A pointer to an RRSIGRecord, which contains the DNSSEC
signature for this DS record set. This field may be nil if the
response does not include a signature or if DNSSEC is not enabled.
RawResponse: A string containing the raw textual response received
from the DNS server. It may be used for logging, debugging, or
other diagnostic purposes.
func (*DSResponse) Compare ¶
func (r *DSResponse) Compare(b *DSResponse) bool
Compare checks the equality between two instances of DSResponse. This function is useful for testing and validation purposes, where it is necessary to compare two DS responses to verify if they contain the same records, validation status, RRSIG records, and raw DNS response.
Parameters: - b: A reference to another instance of DSResponse for comparison.
Returns:
- bool: Returns true if the corresponding properties of 'a' and 'b' are equal, including the individual DS records, validation status, RRSIG records, and the raw response; otherwise, returns false.
func (*DSResponse) Parse ¶
func (r *DSResponse) Parse(response string) (DNSRecordResult, error)
Parse creates a new DSResponse struct from a raw DNS response string. A DSResponse struct is populated with the parsed information from the DNS response, typically obtained from a DNSSEC DS record query using the 'delv' command-line tool.
Parameters:
response: A string containing the raw textual response from the 'delv' command-line tool.
This response should be the result of a query for DS records for a specific domain.
The response string is expected to include one or more DS records, along with
any associated RRSIG records and other relevant DNSSEC information.
Return Value:
*DSResponse: A pointer to a DSResponse struct that contains the parsed DS records,
validation status, associated RRSIG record (if available), and the raw response.
This struct provides a structured representation of the DNSSEC DS records
and associated data.
error: An error object that indicates any issues encountered during the parsing of the
response string. If the parsing is successful, the error is nil. If parsing fails,
the error provides details about the cause of the failure.
Example Usage:
dsResponse, err := Parse(rawDelvResponse)
if err != nil {
// Handle error
}
// Use dsResponse for DNSSEC validation or other purposes
Note:
This function is designed to parse the output of the 'delv' command-line tool, which is used for DNSSEC troubleshooting and diagnostics. The function assumes that the input string is in the format provided by 'delv', and it may not work correctly with responses from other tools or in different formats.
func (*DSResponse) String ¶
func (r *DSResponse) String() string
String returns a formatted string representation of the DSResponse. It provides a human-readable view of the response, including the DS records, validation status, and raw response.
type NSEC3PARAMRecord ¶
type NSEC3PARAMRecord struct {
TTL uint32
HashAlgorithm uint8
Flags uint8
Iterations uint16
SaltLength uint8
Validated bool
RRSIG *RRSIGRecord
RawResponse string
}
NSEC3PARAMRecord represents a single NSEC3PARAM (NSEC3 Parameters) resource record in DNSSEC. NSEC3PARAM records are used to specify the parameters of the NSEC3 protocol, which provides authenticated denial of existence in a way that prevents zone enumeration.
Fields:
TTL: An unsigned 32-bit integer indicating the time-to-live (TTL) value of the NSEC3PARAM record.
Specifies the duration in seconds that the record may be cached before it should be
discarded or refreshed.
HashAlgorithm: An unsigned 8-bit integer specifying the cryptographic hash algorithm used
to generate NSEC3 hashes. Common values are defined in DNSSEC standards.
Flags: An unsigned 8-bit integer containing various flags relating to the NSEC3PARAM record.
These flags control certain aspects of NSEC3 processing.
Iterations: An unsigned 16-bit integer representing the number of additional times the hash
is performed. A higher number increases the difficulty of reversing the hash.
SaltLength: An unsigned 8-bit integer indicating the length of the salt value used in the hash.
Validated: A boolean flag indicating whether the NSEC3PARAM record has been validated
using DNSSEC validation procedures. True if validated, false otherwise.
RRSIG: A pointer to an RRSIGRecord struct containing the DNSSEC signature for the NSEC3PARAM record.
This field may be nil if DNSSEC is not used or if the record is not signed.
RawResponse: The raw text of the DNS response containing the NSEC3PARAM (NSEC3 Parameters) record.
func (*NSEC3PARAMRecord) Compare ¶
func (r *NSEC3PARAMRecord) Compare(b *NSEC3PARAMRecord) bool
Compare checks the equality between two instances of NSEC3PARAMRecord. This function is useful for testing and validation purposes.
Parameters: - b: A reference to another instance for comparison.
Returns:
- bool: Returns true if the corresponding properties of 'a' and 'b' are equal, otherwise, returns false.
func (*NSEC3PARAMRecord) Parse ¶
func (r *NSEC3PARAMRecord) Parse(response string) (DNSRecordResult, error)
Parse parses a raw DNS response string and creates a new NSEC3PARAMRecord struct. This function is specifically designed to work with the output of the 'delv' command-line tool for NSEC3PARAM queries in the context of DNSSEC. NSEC3PARAM records specify parameters for the NSEC3 protocol, which enhances DNSSEC by preventing zone walking. The parsed information from the 'delv' response is used to populate a NSEC3PARAMRecord struct.
Parameters:
response: A string containing the raw textual response from the 'delv' command-line tool.
This response should be the result of an NSEC3PARAM query for a specific domain.
The response string is expected to include the NSEC3PARAM record, along with
any associated RRSIG records and other relevant DNSSEC information.
Return Value:
*NSEC3PARAMRecord: A pointer to a NSEC3PARAMRecord struct that contains the parsed NSEC3PARAM
record details, including hash algorithm, flags, iterations, and salt length.
The struct also includes the validation status and any associated RRSIG record.
error: An error object that indicates any issues encountered during the parsing of the
response string. If the parsing is successful, the error is nil. If parsing fails,
the error provides details about the cause of the failure.
Example Usage:
nsec3paramRecord, err := Parse(rawDelvResponse)
if err != nil {
// Handle error
}
// Use nsec3paramRecord for DNSSEC-related tasks or analysis
Note:
This function is specifically designed to parse the output of the 'delv' command-line tool, which is commonly used for DNSSEC diagnostics and troubleshooting. The function assumes that the input string is in the format provided by 'delv' and may not work correctly with responses from other tools or in different formats.
func (*NSEC3PARAMRecord) String ¶
func (r *NSEC3PARAMRecord) String() string
String returns a formatted string representation of the NSEC3PARAMRecord. This method provides a readable view of the NSEC3PARAM record's details, including TTL, hash algorithm, and more.
type NSECRecord ¶
type NSECRecord struct {
TTL uint32
NextDomainName string
Types string
Validated bool
RRSIG *RRSIGRecord
RawResponse string
}
NSECRecord represents a single NSEC (Next SECure) resource record in DNSSEC. NSEC records are used to provide authenticated denial of existence for DNS records, indicating which domain names do not exist in a zone. They also enumerate the types of records that are available for a given domain name.
Fields:
TTL: An unsigned 32-bit integer indicating the time-to-live (TTL) value of the NSEC record.
Specifies the duration in seconds that the record may be cached before it should be
discarded or refreshed.
NextDomainName: A string representing the next domain name in the zone according to canonical
ordering. Used in proving the non-existence of a name in the zone.
Types: A string listing the types of DNS resource records that exist for the domain name.
This field helps in understanding the resource records available for the domain.
Validated: A boolean flag indicating whether the NSEC record has been validated
using DNSSEC validation procedures. True if validated, false otherwise.
RRSIG: A pointer to an RRSIGRecord struct containing the DNSSEC signature for the NSEC record.
This field may be nil if DNSSEC is not used or if the record is not signed.
RawResponse: The raw text of the DNS response containing the NSEC (Next SECure) record.
func (*NSECRecord) Compare ¶
func (r *NSECRecord) Compare(b *NSECRecord) bool
Compare checks the equality between two instances of NSECRecord. This function is useful for testing and validation purposes.
Parameters: - b: A reference to another instance for comparison.
Returns:
- bool: Returns true if the corresponding properties of 'a' and 'b' are equal, otherwise, returns false.
func (*NSECRecord) Parse ¶
func (r *NSECRecord) Parse(response string) (DNSRecordResult, error)
Parse parses a raw DNS response string and creates a new NSECRecord struct. This function is designed to work with the output of the 'delv' command-line tool for NSEC queries in the context of DNSSEC. NSEC (Next SECure) records provide authenticated denial of existence for DNS records, indicating which domain names do not exist in a zone. The parsed information from the 'delv' response is used to populate an NSECRecord struct, which represents a structured interpretation of the NSEC record and associated data.
Parameters:
response: A string containing the raw textual response from the 'delv' command-line tool.
This response should be the result of an NSEC query for a specific domain.
The response string is expected to include the NSEC record, along with
any associated RRSIG records and other relevant DNSSEC information.
Return Value:
*NSECRecord: A pointer to an NSECRecord struct that contains the parsed NSEC record details,
including the next domain name, the types of records available for the domain,
the validation status, and any associated RRSIG record.
error: An error object that indicates any issues encountered during the parsing of the
response string. If the parsing is successful, the error is nil. If parsing fails,
the error provides details about the cause of the failure.
Example Usage:
nsecRecord, err := Parse(rawDelvResponse)
if err != nil {
// Handle error
}
// Use nsecRecord for DNSSEC-related tasks or analysis
Note:
This function is specifically designed to parse the output of the 'delv' command-line tool, which is commonly used for DNSSEC diagnostics and troubleshooting. The function assumes that the input string is in the format provided by 'delv' and may not work correctly with responses from other tools or in different formats.
func (*NSECRecord) String ¶
func (r *NSECRecord) String() string
String returns a formatted string representation of the NSECRecord. This method provides a readable view of the NSEC record's details, including TTL, next domain name, and types.
type RRSIGRecord ¶
type RRSIGRecord struct {
TypeCovered string
Algorithm uint8
Labels uint8
OriginalTTL uint32
Expiration uint32
Inception uint32
KeyTag uint16
SignerName string
Signature string
}
RRSIGRecord represents a DNSSEC Resource Record Signature (RRSIG). It includes metadata about the digital signature used to secure a specific set of DNS records (RRset). Fields: TypeCovered: Type of the RRset that this RRSIG record covers (e.g., SOA, DS, DNSKEY). Algorithm: Numerical identifier of the cryptographic algorithm used for the signature, as per RFC 4034. Labels: Number of labels in the original RRSIG RR owner name. OriginalTTL: Original TTL of the covered RRset, as it appears in the authoritative zone. Expiration: Expiration date of the signature, represented as a UNIX timestamp. Inception: Inception date of the signature, also as a UNIX timestamp. KeyTag: Identifier of the DNSKEY record that validates this signature. SignerName: Domain name of the signer (entity that generated the signature). Signature: Actual digital signature in base64 encoding.
func (*RRSIGRecord) Compare ¶
func (r *RRSIGRecord) Compare(b *RRSIGRecord) bool
Compare checks the equality between two instances of RRSIGRecord. This function is useful for testing and validation purposes.
Parameters: - b: A reference to another instance for comparison.
Returns:
- bool: Returns true if the corresponding properties of 'a' and 'b' are equal, otherwise, returns false.
func (*RRSIGRecord) Parse ¶
func (r *RRSIGRecord) Parse(rrsigLine string) (DNSRecordResult, error)
Parse extracts information from a raw textual representation of an RRSIG record and populates the fields of the RRSIGRecord struct. This method is designed to parse a single line of RRSIG record data, typically obtained from a DNS response or diagnostic tool output (e.g., 'delv').
Parameters:
rrsigLine: A string representing a single line of RRSIG record data.
The format of this line should follow the standard RRSIG record format,
containing fields such as Type Covered, Algorithm, Labels, Original TTL,
Expiration, Inception, Key Tag, Signer's Name, and Signature.
Returns:
DNSRecordResult: A struct that implements the DNSRecordResult interface, specifically
an *RRSIGRecord struct, populated with the parsed data from the RRSIG line.
This return type allows for flexibility in handling different DNS record types.
error: An error object that indicates any issues encountered during the parsing of the RRSIG line.
If the parsing is successful, the error is nil. If parsing fails due to incorrect format,
invalid values, or any other reason, the error provides details about the cause of the failure.
Example Usage:
// Assume 'rrsigLine' is a string containing an RRSIG record
rrsigRecord, err := (&RRSIGRecord{}).Parse(rrsigLine)
if err != nil {
// Handle error
}
// Use rrsigRecord for DNSSEC validation or other purposes
Note:
- The method expects the input string to be in a specific format, closely aligned with the standard RRSIG record representation. Deviations from this format may lead to parsing errors.
- This method is particularly useful when dealing with DNS diagnostic tools' outputs or raw DNS responses where RRSIG records are presented in textual format.
func (*RRSIGRecord) String ¶
func (r *RRSIGRecord) String() string
String returns a formatted string representation of the RRSIGRecord. This method implements the fmt.Stringer interface so that the RRSIGRecord is printed in a human-readable form, rather than just displaying the pointer.
type SOARecord ¶
type SOARecord struct {
PrimaryNS string
Contact string
Serial uint32
Refresh uint32
Retry uint32
Expire uint32
Minimum uint32
Validated bool
RRSIG *RRSIGRecord
RawResponse string
}
SOARecord represents a DNS Start of Authority (SOA) record. It contains metadata about the DNS zone, including information about the zone's primary name server, the administrator's contact email, and various timing parameters. The structure also holds information about the validation status of the record and any associated DNSSEC RRSIG record.
Fields:
PrimaryNS: The primary name server for the DNS zone. This is typically the authoritative name server
that contains the original zone records.
Contact: The email address of the administrative contact for the DNS zone.
Serial: The serial number of the SOA record, which is used by secondary name servers to check if
their data is up-to-date. Incremented each time the zone data is changed.
Refresh: The time interval (in seconds) before the zone should be refreshed.
Retry: The time interval (in seconds) that should elapse before a failed refresh should be retried.
Expire: The time interval (in seconds) that specifies the upper limit on the time interval that can
elapse before the zone is no longer authoritative.
Minimum: The minimum TTL (time-to-live) field that should be exported with any resource record from
this zone.
Validated: Indicates whether the SOA record has been validated by DNSSEC. True if the record has been
validated, false otherwise.
RRSIG: Pointer to an RRSIGRecord struct, which contains the DNSSEC signature for this SOA record.
This field is nil if DNSSEC is not used or if the record is not signed.
RawResponse: The raw text of the DNS response containing the SOA record.
func (*SOARecord) Compare ¶
Compare checks the equality between two instances of SOARecord. This function is useful for testing and validation purposes.
Parameters: - b: A reference to another instance for comparison.
Returns:
- bool: Returns true if the corresponding properties of 'a' and 'b' are equal, otherwise, returns false.
func (*SOARecord) Parse ¶
func (r *SOARecord) Parse(response string) (DNSRecordResult, error)
Parse creates a new SOARecord struct from a raw DNS response string. The function parses the response string, which is expected to be obtained from a DNS query using the 'delv' command-line tool, and populates an SOARecord struct with the parsed information. An SOA (Start of Authority) record contains essential metadata about a DNS zone, such as the zone's primary name server and various timing parameters.
Parameters:
response: A string containing the raw textual response from the 'delv' command-line tool.
This response is expected to be the result of a query for an SOA record for a specific domain.
The response string should include the SOA record along with other relevant DNS information.
Return Value:
*SOARecord: A pointer to an SOARecord struct that contains the parsed SOA record details.
This struct provides a structured representation of the zone's metadata,
such as the primary name server, administrative contact, and timing parameters.
error: An error object that indicates any issues encountered during the parsing of the
response string. If the parsing is successful, the error is nil. If parsing fails,
the error provides details about the cause of the failure.
Example Usage:
soaRecord, err := Parse(rawDelvResponse)
if err != nil {
// Handle error
}
// Use soaRecord for DNS administration or other purposes
Note:
This function is specifically designed to parse the output of the 'delv' command-line tool, which is used for DNS diagnostics and troubleshooting. It assumes that the input string is in the format provided by 'delv'. The function may not work correctly with responses from other tools or in different formats.
Source Files