ddig 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 1d1bcdd660ab21b14d2e5572b27a50f2cc0fe541c64b9c6c8502f85d89a29b28
+  data.tar.gz: 6462363f2b075b9aad78f88a055e1d53af1901054a22c3a010fcdfb0a28e9fde
+SHA512:
+  metadata.gz: 785ef898b4f773668131d56ed8596b11de8bfbe9908cc0de7383a2b0cfbb3aaf613dc813b73284382aaa6bbb3d9e89d6e4a45e0d1205aba45361213d6764cc19
+  data.tar.gz: c12f638d1899ddb47e6c482b22b315ea8912bce701243fef37a239566653e5e216c8ed01b910105bc06c28843e9d40ef81d653923e1b95a2e386f18c18f2fc72

data/.rspec

@@ -0,0 +1,3 @@
+--format documentation
+--color
+--require spec_helper

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2024 Taketo Takashima
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,102 @@
+# ddig
+
+ddig is DNS lookup utility for Ruby.
+
+## Features
+
+- DNS Resolvers
+  - UDP (Do53)
+  - DoT (DNS over TLS)
+    - https://datatracker.ietf.org/doc/html/rfc7858
+  - ~~DoH (DNS over HTTPS)~~
+    - Not yet Supported
+    - https://datatracker.ietf.org/doc/html/rfc8484
+- DDR (Discovery of Designated Resolvers)
+  - https://www.rfc-editor.org/rfc/rfc9462.html
+
+## Installation
+
+Install the gem and add to the application's Gemfile by executing:
+
+    $ bundle add ddig
+
+If bundler is not being used to manage dependencies, install the gem by executing:
+
+    $ gem install ddig
+
+## Usage
+
+```ruby
+ddig = Ddig.lookup('dns.google', nameservers: ['8.8.8.8', '2001:4860:4860::8888'])
+
+ddig[:do53][:ipv4]
+=> #<Ddig::Resolver::Do53:0x00000001207aaeb0 @a=["8.8.4.4", "8.8.8.8"], @aaaa=["2001:4860:4860::8844", "2001:4860:4860::8888"], @hostname="dns.google", @ip=:ipv4, @nameservers=["8.8.8.8"]>
+ddig[:do53][:ipv6]
+=> #<Ddig::Resolver::Do53:0x000000012073d2c0 @a=["8.8.4.4", "8.8.8.8"], @aaaa=["2001:4860:4860::8844", "2001:4860:4860::8888"], @hostname="dns.google", @ip=:ipv4, @nameservers=["2001:4860:4860::8888"]>
+
+ddig[:ddr]
+=> [#<Ddig::Ddr::DesignatedResolver:0x0000000120735480
+    @address="8.8.8.8",
+    @dohpath=nil,
+    @ip=:ipv4,
+    @port=853,
+    @protocol="dot",
+    @target="dns.google",
+    @unencrypted_resolver="8.8.8.8",
+    @verify_cert=
+     #<Ddig::Ddr::VerifyCert:0x00000001207321e0
+      @address="8.8.8.8",
+      @hostname="dns.google",
+      @open_timeout=3,
+      @port=853,
+      @subject_alt_name=
+       ["DNS:dns.google",
+        "IP Address:8.8.8.8",
+        "IP Address:2001:4860:4860:0:0:0:0:8888",
+		...
+        "IP Address:2001:4860:4860:0:0:0:0:64"],
+      @unencrypted_resolver="8.8.8.8",
+      @verify=true>>,
+   #<Ddig::Ddr::DesignatedResolver:0x0000000120733b30
+    @address="8.8.8.8",
+    @dohpath="/dns-query{?dns}",
+    @ip=:ipv4,
+    @port=443,
+    @protocol="h2",
+    @target="dns.google",
+    @unencrypted_resolver="8.8.8.8",
+    @verify_cert=
+     #<Ddig::Ddr::VerifyCert:0x0000000120451bd8
+      @address="8.8.8.8",
+      @hostname="dns.google",
+      @open_timeout=3,
+      @port=443,
+      @subject_alt_name=
+       ["DNS:dns.google",
+        "IP Address:8.8.8.8",
+        "IP Address:2001:4860:4860:0:0:0:0:8888",
+		...
+        "IP Address:2001:4860:4860:0:0:0:0:64"],
+      @unencrypted_resolver="8.8.8.8",
+      @verify=true>>,
+   ...
+]
+```
+
+### CLI
+
+(TBD)
+
+## Development
+
+After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+
+To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and the created tag, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/taketo1113/ddig.
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/Rakefile

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new(:spec)
+
+task default: :spec

data/exe/ddig

@@ -0,0 +1,6 @@
+#!/usr/bin/env ruby
+
+require "ddig/cli"
+
+cli = Ddig::Cli.new(ARGV)
+cli.exec

data/lib/ddig/cli.rb

@@ -0,0 +1,55 @@
+require "optparse"
+
+require "ddig"
+
+module Ddig
+  class Cli
+    def initialize(args)
+      @args = args
+      @options = {
+        format: 'text',
+      }
+
+      parse_options
+
+      if @hostname.nil?
+        puts @option_parser
+        exit
+      end
+    end
+
+    def parse_options
+      @option_parser = OptionParser.new do |opts|
+        opts.banner = "Usage: ddig [options] hostname"
+
+        opts.on("--nameserver=ipaddress", "nameserver ip address") { |v| @options[:nameserver] = v }
+        opts.on("--format={text|json}", "output format (default: text)") { |v| @options[:format] = v }
+
+        opts.separator ""
+
+        opts.on("-v", "--verbose", "run verbosely") { |v| @options[:verbose] = v }
+
+        opts.on("-h", "--help", "show this help message.") { puts opts; exit }
+        opts.on("--version", "show version.") { puts Ddig::VERSION; exit }
+      end
+      @option_parser.parse!
+
+      @hostname = @args[0]
+    end
+
+    def exec
+      @ddig = Ddig.lookup(@hostname, nameservers: [@options[:nameserver]])
+
+      if @options[:format] == 'json'
+        # TODO: to_json
+        puts @ddig
+      else
+        print_result
+      end
+    end
+
+    def print_result
+      puts @ddig
+    end
+  end
+end

data/lib/ddig/ddr/designated_resolver.rb

@@ -0,0 +1,51 @@
+module Ddig
+  class Ddr
+    class DesignatedResolver
+      attr_reader :unencrypted_resolver, :target, :protocol, :port, :dohpath, :address, :ip
+      attr_reader :verify_cert
+
+      PROTOCOLS = ['http/1.1', 'h2', 'h3', 'dot', 'doq']
+
+      def initialize(unencrypted_resolver:, target:, protocol: nil, port: nil, dohpath: nil, address: nil, ip: nil)
+        @target = target
+        @unencrypted_resolver = unencrypted_resolver
+        @protocol = protocol
+        @port = port
+        @dohpath = dohpath
+        @address = address
+        @ip = ip
+
+        # check protocol
+        unless PROTOCOLS.include?(@protocol)
+          raise Error.new("Not Supportted Protocol (protocol: #{@protocol}). Suported protocol is #{PROTOCOLS.join(' / ')}")
+        end
+
+        if @port.nil?
+          set_default_port
+        end
+      end
+
+      def verify
+        @verify_cert = VerifyCert.new(hostname: @target, address: @address, port: @port, unencrypted_resolver: @unencrypted_resolver)
+        @verify_cert.verify
+      end
+
+      # Set default port by protocol
+      # ref: https://www.rfc-editor.org/rfc/rfc9461.html#section-4.2
+      def set_default_port
+        case @protocol
+        when 'http/1.1'
+          @port = 80
+        when 'h2', 'h3'
+          @port = 443
+        when 'dot', 'doq'
+          @port = 853
+        end
+      end
+
+      def uniq_key
+        "#{@unencrypted_resolver}-#{@target}-#{@protocol}-#{@port}-#{@dohpath}-#{@address}-#{@ip}"
+      end
+    end
+  end
+end

data/lib/ddig/ddr/verify_cert.rb

@@ -0,0 +1,68 @@
+require "openssl"
+require 'net/protocol'
+
+module Ddig
+  class Ddr
+    class VerifyCert
+      attr_reader :hostname, :address, :port, :unencrypted_resolver
+      attr_reader :verify, :subject_alt_name, :error_message
+
+      def initialize(hostname:, address:, port:, unencrypted_resolver:)
+        @hostname = hostname
+        @address = address
+        @port = port
+        @unencrypted_resolver = unencrypted_resolver
+
+        @open_timeout = 3
+      end
+
+      def verify
+        begin
+          socket = Timeout.timeout(@open_timeout) {
+            TCPSocket.open(@address, @port)
+          }
+
+          ctx = OpenSSL::SSL::SSLContext.new
+          ctx.set_params
+
+          ssl_socket = OpenSSL::SSL::SSLSocket.new(socket, ctx)
+          ssl_socket.sync_close = true
+          ssl_socket.hostname = @hostname
+
+          # connect
+          Timeout.timeout(@open_timeout) {
+            ssl_socket.connect
+          }
+
+          # verify
+          set_subject_alt_name(ssl_socket)
+
+          unless ssl_socket.post_connection_check(@hostname)
+            @verify = false
+            return @verify
+          end
+
+          unless ssl_socket.post_connection_check(@unencrypted_resolver)
+            @verify = false
+            return @verify
+          end
+
+          @verify = true
+          return @verify
+
+        rescue => e
+          @verify = false
+          @error_message = e.message
+
+          return @verify
+        end
+      end
+
+      def set_subject_alt_name(ssl_socket)
+        socket = Net::BufferedIO.new(ssl_socket)
+
+        @subject_alt_name = socket.io.peer_cert.extensions.select { |ext| ext.to_h['oid'] == 'subjectAltName' }.first.to_h['value'].split(', ')
+      end
+    end
+  end
+end

data/lib/ddig/ddr.rb

@@ -0,0 +1,140 @@
+require 'resolv'
+
+require_relative "ddr/verify_cert"
+require_relative "ddr/designated_resolver"
+
+module Ddig
+  # DDR client (Discovery of Designated Resolvers)
+  class Ddr
+    attr_reader :nameservers, :ip
+    attr_reader :svcb_records, :designated_resolvers
+
+    def initialize(nameservers: nil, ip: nil)
+      @ip = ip
+
+      @nameserver = Ddig::Nameserver.new(nameservers: nameservers)
+      set_nameservers
+
+      # discover designated resolvers
+      query_svcb_records
+      discover_designated_resolvers
+      verify_discovery
+    end
+
+    def query_svcb_records
+      @svcb_records = []
+
+      if @nameservers.empty?
+        return @svcb_records
+      end
+
+      @nameservers.each do |nameserver|
+        svcb_rrset = Resolv::DNS.open(nameserver: nameserver) do |dns|
+          dns.getresources('_dns.resolver.arpa', Resolv::DNS::Resource::IN::SVCB)
+        end
+
+        svcb_rrset.sort_by!(&:priority)
+
+        @svcb_records += svcb_rrset.map { |svcb_record| { unencrypted_resolver: nameserver, svcb_record: svcb_record } }
+      end
+
+      @svcb_records
+    end
+
+    # Discovery Designated Resolvers from SVCB RR Set
+    # ref. https://www.rfc-editor.org/rfc/rfc9461.html
+    def discover_designated_resolvers
+      @designated_resolvers = []
+
+      @svcb_records.each do |item|
+        unencrypted_resolver = item[:unencrypted_resolver]
+        svcb_record = item[:svcb_record]
+
+        target = svcb_record.target.to_s
+        priority = svcb_record.priority
+        protocols = svcb_record.params[:alpn].protocol_ids
+        port = svcb_record.params[:port]&.port
+        dohpath = svcb_record.params[:dohpath]&.template
+        ipv4hint = svcb_record.params[:ipv4hint]&.addresses
+        ipv6hint = svcb_record.params[:ipv6hint]&.addresses
+
+        # Skip AliasMode of SVCB RR
+        if priority.zero?
+          next
+        end
+
+        protocols.each do |protocol|
+          do53_v4 = ::Ddig::Resolver::Do53.new(hostname: target, nameservers: [unencrypted_resolver], ip: :ipv4).lookup
+          do53_v6 = ::Ddig::Resolver::Do53.new(hostname: target, nameservers: [unencrypted_resolver], ip: :ipv6).lookup
+
+          # ipv4
+          unless do53_v4.nil? || do53_v4.a.nil?
+            do53_v4.a.each do |address|
+              designated_resolver = ::Ddig::Ddr::DesignatedResolver.new(unencrypted_resolver: unencrypted_resolver, target: target, protocol: protocol, port: port, dohpath: dohpath, address: address.to_s, ip: :ipv4)
+              @designated_resolvers << designated_resolver
+            end
+          end
+          unless do53_v6.nil? || do53_v6.a.nil?
+            do53_v6.a.each do |address|
+              designated_resolver = ::Ddig::Ddr::DesignatedResolver.new(unencrypted_resolver: unencrypted_resolver, target: target, protocol: protocol, port: port, dohpath: dohpath, address: address.to_s, ip: :ipv4)
+              @designated_resolvers << designated_resolver
+            end
+          end
+
+          # ipv6
+          unless do53_v4.nil? || do53_v4.aaaa.nil?
+            do53_v4.aaaa.each do |address|
+              designated_resolver = ::Ddig::Ddr::DesignatedResolver.new(unencrypted_resolver: unencrypted_resolver, target: target, protocol: protocol, port: port, dohpath: dohpath, address: address.to_s, ip: :ipv6)
+              @designated_resolvers << designated_resolver
+            end
+          end
+          unless do53_v6.nil? || do53_v6.aaaa.nil?
+            do53_v6.aaaa.each do |address|
+              designated_resolver = ::Ddig::Ddr::DesignatedResolver.new(unencrypted_resolver: unencrypted_resolver, target: target, protocol: protocol, port: port, dohpath: dohpath, address: address.to_s, ip: :ipv6)
+              @designated_resolvers << designated_resolver
+            end
+          end
+
+          # ipv4hint
+          unless ipv4hint.nil?
+            ipv4hint.each do |address|
+              ip = :ipv4
+              designated_resolver = ::Ddig::Ddr::DesignatedResolver.new(unencrypted_resolver: unencrypted_resolver, target: target, protocol: protocol, port: port, dohpath: dohpath, address: address.to_s, ip: ip)
+              @designated_resolvers << designated_resolver
+            end
+          end
+
+          # ipv6hint
+          unless ipv6hint.nil?
+            ipv6hint.each do |address|
+              ip = :ipv6
+              designated_resolver = ::Ddig::Ddr::DesignatedResolver.new(unencrypted_resolver: unencrypted_resolver, target: target, protocol: protocol, port: port, dohpath: dohpath, address: address.to_s, ip: ip)
+              @designated_resolvers << designated_resolver
+            end
+          end
+        end
+      end
+
+      @designated_resolvers.uniq! { |designated_resolver| designated_resolver.uniq_key }
+    end
+
+    def verify_discovery
+      @designated_resolvers.map! do |designated_resolver|
+        designated_resolver.verify
+        designated_resolver
+      end
+    end
+
+    def set_nameservers
+      @nameservers = @nameserver.servers
+
+      if @ip == :ipv4
+        @nameservers = @nameserver.servers_ipv4
+      end
+
+      if @ip == :ipv6
+        @nameservers = @nameserver.servers_ipv6
+      end
+    end
+  end
+end

data/lib/ddig/nameserver.rb

@@ -0,0 +1,65 @@
+require 'resolv'
+
+module Ddig
+  class Nameserver
+    attr_reader :servers
+
+    def initialize(nameservers: nil)
+      @nameservers = nameservers
+
+      if @nameservers.nil?
+        @servers = default_servers
+      elsif @nameservers.is_a?(Array)
+        @servers = @nameservers
+      else
+        @servers = [@nameservers]
+      end
+
+      validation_servers
+    end
+
+    def servers
+      if @servers.count.zero?
+        raise Ddig::Error.new('nameservers required')
+      end
+
+      @servers
+    end
+
+    def default_servers
+      Resolv::DNS::Config.default_config_hash[:nameserver]
+    end
+
+    def servers_ipv4
+      @servers.map do |nameserver|
+        if IPAddr.new(nameserver).ipv4?
+          nameserver
+        end
+      end.compact
+    end
+
+    def servers_ipv6
+      @servers.map do |nameserver|
+        if IPAddr.new(nameserver).ipv6?
+          nameserver
+        end
+      end.compact
+    end
+
+    def validation_servers
+      @servers.uniq.each do |server|
+        addr = IPAddr.new(server) rescue nil
+        if addr.nil?
+          puts "Warning: nameservers has invalid ip address (nameserver: #{server})"
+          @servers.delete(server)
+        end
+      end
+
+      if @servers.count.zero?
+        return false
+      end
+
+      return true
+    end
+  end
+end

data/lib/ddig/resolver/do53.rb

@@ -0,0 +1,49 @@
+require 'resolv'
+
+module Ddig
+  module Resolver
+    # DNS Resolver of UDP/53
+    class Do53
+      attr_reader :hostname, :nameservers, :ip
+      attr_reader :a, :aaaa
+
+      def initialize(hostname:, nameservers: nil, ip: nil)
+        @hostname = hostname
+        @ip = ip
+
+        @nameserver = Ddig::Nameserver.new(nameservers: nameservers)
+        set_nameservers
+      end
+
+      def lookup
+        if @nameservers.empty?
+          return nil
+        end
+
+        @a = Resolv::DNS.open(nameserver: @nameservers) do |dns|
+          ress = dns.getresources(@hostname, Resolv::DNS::Resource::IN::A)
+          ress.map { |resource| resource.address.to_s }
+        end
+
+        @aaaa = Resolv::DNS.open(nameserver: @nameservers) do |dns|
+          ress = dns.getresources(@hostname, Resolv::DNS::Resource::IN::AAAA)
+          ress.map { |resource| resource.address.to_s }
+        end
+
+        self
+      end
+
+      def set_nameservers
+        @nameservers = @nameserver.servers
+
+        if @ip == :ipv4
+          @nameservers = @nameserver.servers_ipv4
+        end
+
+        if @ip == :ipv6
+          @nameservers = @nameserver.servers_ipv6
+        end
+      end
+    end
+  end
+end

data/lib/ddig/resolver/dot.rb

@@ -0,0 +1,94 @@
+require 'openssl'
+require 'resolv'
+
+module Ddig
+  module Resolver
+    # DNS over TLS/TCP
+    class Dot
+      attr_reader :hostname, :server, :server_name, :port
+      attr_reader :a, :aaaa
+
+      def initialize(hostname:, server:, server_name: nil, port: 853)
+        @hostname = hostname
+        @server = server
+        @server_name = server_name
+        @port = port
+
+        @open_timeout = 3
+      end
+
+      def lookup
+        if @server.nil?
+          return nil
+        end
+
+        @a = get_resources(@hostname, Resolv::DNS::Resource::IN::A).map { |resource| resource.address.to_s if resource.is_a?(Resolv::DNS::Resource::IN::A) }.compact
+
+        @aaaa = get_resources(@hostname, Resolv::DNS::Resource::IN::AAAA).map { |resource| resource.address.to_s if resource.is_a?(Resolv::DNS::Resource::IN::AAAA) }.compact
+
+        self
+      end
+
+      def get_resources(hostname, typeclass)
+        ssl_socket = get_socket
+
+        # send query
+        message = dns_message(hostname, typeclass)
+
+        request = [message.encode.length].pack('n') + message.encode
+        ssl_socket.write(request)
+
+        # recive answer
+        len = ssl_socket.read(2).unpack1('n')
+        response = Resolv::DNS::Message.decode(ssl_socket.read(len))
+
+        resources = response.answer.map { |name, ttl, resource| resource }
+
+        resources
+      end
+
+      def get_socket
+        begin
+          socket = Timeout.timeout(@open_timeout) {
+            TCPSocket.open(@server, @port)
+          }
+
+          ctx = OpenSSL::SSL::SSLContext.new
+          ctx.set_params
+          ctx.alpn_protocols = ['dot']
+
+          ssl_socket = OpenSSL::SSL::SSLSocket.new(socket, ctx)
+          ssl_socket.sync_close = true
+          unless @server_name.nil?
+            ssl_socket.hostname = @server_name
+          end
+
+          # connect
+          Timeout.timeout(@open_timeout) {
+            ssl_socket.connect
+            unless @server_name.nil?
+              ssl_socket.post_connection_check(@server_name)
+            end
+          }
+
+          ssl_socket
+        end
+      end
+
+      def dns_message(hostname, typeclass)
+        if hostname.nil?
+          return nil
+        end
+        if typeclass.nil?
+          return nil
+        end
+
+        message = Resolv::DNS::Message.new
+        message.rd = 1 # recursive query
+        message.add_question(hostname, typeclass)
+
+        message
+      end
+    end
+  end
+end

data/lib/ddig/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module Ddig
+  VERSION = "0.1.0"
+end

data/lib/ddig.rb

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+require_relative "ddig/version"
+require_relative "ddig/nameserver"
+require_relative "ddig/resolver/do53"
+require_relative "ddig/resolver/dot"
+require_relative "ddig/ddr"
+
+module Ddig
+  class Error < StandardError; end
+
+  def self.lookup(hostname, nameservers: nil)
+    @hostname = hostname
+    @nameservers = nameservers
+
+    @nameserver = Ddig::Nameserver.new(nameservers: @nameservers)
+
+    @do53_ipv4 = Ddig::Resolver::Do53.new(hostname: @hostname, nameservers: @nameserver.servers, ip: :ipv4).lookup
+    @do53_ipv6 = Ddig::Resolver::Do53.new(hostname: @hostname, nameservers: @nameserver.servers, ip: :ipv6).lookup
+
+    @ddr = Ddig::Ddr.new(nameservers: @nameservers)
+
+    {
+      do53: {
+        ipv4: @do53_ipv4,
+        ipv6: @do53_ipv6,
+      },
+      ddr: @ddr.designated_resolvers
+    }
+  end
+end

data/sig/ddig.rbs

@@ -0,0 +1,4 @@
+module Ddig
+  VERSION: String
+  # See the writing guide of rbs: https://github.com/ruby/rbs#guides
+end

metadata

@@ -0,0 +1,76 @@
+--- !ruby/object:Gem::Specification
+name: ddig
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Taketo Takashima
+autorequire:
+bindir: exe
+cert_chain: []
+date: 2024-03-16 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: resolv
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.3.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.3.0
+description: DNS lookup utility for Ruby
+email:
+- t.taketo1113@gmail.com
+executables:
+- ddig
+extensions: []
+extra_rdoc_files: []
+files:
+- ".rspec"
+- LICENSE.txt
+- README.md
+- Rakefile
+- exe/ddig
+- lib/ddig.rb
+- lib/ddig/cli.rb
+- lib/ddig/ddr.rb
+- lib/ddig/ddr/designated_resolver.rb
+- lib/ddig/ddr/verify_cert.rb
+- lib/ddig/nameserver.rb
+- lib/ddig/resolver/do53.rb
+- lib/ddig/resolver/dot.rb
+- lib/ddig/version.rb
+- sig/ddig.rbs
+homepage: https://github.com/taketo1113/ddig
+licenses:
+- MIT
+metadata:
+  homepage_uri: https://github.com/taketo1113/ddig
+  source_code_uri: https://github.com/taketo1113/ddig
+  changelog_uri: https://github.com/taketo1113/ddig/releases
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.6.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.5.3
+signing_key:
+specification_version: 4
+summary: DNS lookup utility for Ruby
+test_files: []