RubyGems - dnsruby - Versions diffs - 1.55 → 1.56.0 - Mend

dnsruby 1.55 → 1.56.0

Files changed (158) hide show

checksums.yaml +4 -4
data/README.md +96 -0
data/Rakefile +30 -29
data/demo/axfr.rb +93 -93
data/demo/check_soa.rb +99 -99
data/demo/check_zone.rb +59 -59
data/demo/digdlv.rb +43 -43
data/demo/digroot.rb +34 -34
data/demo/example_recurse.rb +14 -14
data/demo/mresolv.rb +30 -30
data/demo/mx.rb +31 -31
data/demo/rubydig.rb +37 -37
data/demo/to_resolve.txt +3088 -3088
data/demo/trace_dns.rb +46 -46
data/lib/dnsruby.rb +161 -526
data/lib/dnsruby/DNS.rb +305 -0
data/lib/{Dnsruby/Cache.rb → dnsruby/cache.rb} +152 -152
data/lib/{Dnsruby → dnsruby}/code_mapper.rb +48 -52
data/lib/dnsruby/code_mappers.rb +295 -0
data/lib/{Dnsruby/Config.rb → dnsruby/config.rb} +454 -454
data/lib/{Dnsruby → dnsruby}/dnssec.rb +91 -91
data/lib/{Dnsruby/Hosts.rb → dnsruby/hosts.rb} +125 -125
data/lib/{Dnsruby → dnsruby}/ipv4.rb +26 -26
data/lib/{Dnsruby → dnsruby}/ipv6.rb +42 -42
data/lib/{Dnsruby → dnsruby}/key_cache.rb +29 -29
data/lib/dnsruby/message/decoder.rb +164 -0
data/lib/dnsruby/message/encoder.rb +75 -0
data/lib/dnsruby/message/header.rb +249 -0
data/lib/dnsruby/message/message.rb +629 -0
data/lib/dnsruby/message/question.rb +86 -0
data/lib/dnsruby/message/section.rb +96 -0
data/lib/{Dnsruby → dnsruby}/name.rb +141 -141
data/lib/dnsruby/packet_sender.rb +661 -0
data/lib/{Dnsruby/Recursor.rb → dnsruby/recursor.rb} +235 -233
data/lib/dnsruby/resolv.rb +113 -0
data/lib/dnsruby/resolver.rb +1192 -0
data/lib/dnsruby/resource/A.rb +56 -0
data/lib/dnsruby/resource/AAAA.rb +54 -0
data/lib/{Dnsruby → dnsruby}/resource/AFSDB.rb +68 -68
data/lib/{Dnsruby → dnsruby}/resource/CERT.rb +105 -105
data/lib/{Dnsruby → dnsruby}/resource/DHCID.rb +54 -54
data/lib/dnsruby/resource/DLV.rb +27 -0
data/lib/{Dnsruby → dnsruby}/resource/DNSKEY.rb +372 -372
data/lib/{Dnsruby → dnsruby}/resource/DS.rb +255 -255
data/lib/{Dnsruby → dnsruby}/resource/HINFO.rb +71 -71
data/lib/{Dnsruby → dnsruby}/resource/HIP.rb +29 -29
data/lib/{Dnsruby → dnsruby}/resource/IN.rb +30 -30
data/lib/{Dnsruby → dnsruby}/resource/IPSECKEY.rb +31 -31
data/lib/{Dnsruby → dnsruby}/resource/ISDN.rb +62 -62
data/lib/{Dnsruby → dnsruby}/resource/KX.rb +65 -65
data/lib/{Dnsruby → dnsruby}/resource/LOC.rb +263 -263
data/lib/{Dnsruby → dnsruby}/resource/MINFO.rb +69 -69
data/lib/{Dnsruby → dnsruby}/resource/MX.rb +65 -65
data/lib/{Dnsruby → dnsruby}/resource/NAPTR.rb +98 -98
data/lib/{Dnsruby → dnsruby}/resource/NSAP.rb +171 -171
data/lib/dnsruby/resource/NSEC.rb +275 -0
data/lib/dnsruby/resource/NSEC3.rb +332 -0
data/lib/dnsruby/resource/NSEC3PARAM.rb +135 -0
data/lib/dnsruby/resource/OPT.rb +272 -0
data/lib/{Dnsruby → dnsruby}/resource/PX.rb +70 -70
data/lib/{Dnsruby → dnsruby}/resource/RP.rb +75 -75
data/lib/dnsruby/resource/RR.rb +421 -0
data/lib/dnsruby/resource/RRSIG.rb +275 -0
data/lib/dnsruby/resource/RRSet.rb +190 -0
data/lib/{Dnsruby → dnsruby}/resource/RT.rb +67 -67
data/lib/{Dnsruby → dnsruby}/resource/SOA.rb +94 -94
data/lib/dnsruby/resource/SPF.rb +29 -0
data/lib/dnsruby/resource/SRV.rb +112 -0
data/lib/{Dnsruby → dnsruby}/resource/SSHFP.rb +14 -14
data/lib/dnsruby/resource/TKEY.rb +163 -0
data/lib/dnsruby/resource/TSIG.rb +593 -0
data/lib/{Dnsruby → dnsruby}/resource/TXT.rb +191 -191
data/lib/dnsruby/resource/X25.rb +55 -0
data/lib/{Dnsruby → dnsruby}/resource/domain_name.rb +25 -25
data/lib/{Dnsruby → dnsruby}/resource/generic.rb +80 -80
data/lib/dnsruby/resource/resource.rb +25 -0
data/lib/{Dnsruby → dnsruby}/select_thread.rb +148 -148
data/lib/{Dnsruby/SingleResolver.rb → dnsruby/single_resolver.rb} +60 -60
data/lib/{Dnsruby → dnsruby}/single_verifier.rb +344 -344
data/lib/dnsruby/the_log.rb +44 -0
data/lib/dnsruby/update.rb +278 -0
data/lib/dnsruby/validator_thread.rb +124 -0
data/lib/dnsruby/version.rb +3 -0
data/lib/{Dnsruby → dnsruby}/zone_reader.rb +93 -93
data/lib/{Dnsruby → dnsruby}/zone_transfer.rb +377 -377
data/test/spec_helper.rb +16 -0
data/test/tc_axfr.rb +31 -34
data/test/tc_cache.rb +32 -32
data/test/tc_dlv.rb +28 -28
data/test/tc_dns.rb +73 -76
data/test/tc_dnskey.rb +31 -32
data/test/tc_dnsruby.rb +50 -44
data/test/tc_ds.rb +36 -36
data/test/tc_escapedchars.rb +252 -255
data/test/tc_hash.rb +17 -21
data/test/tc_header.rb +48 -57
data/test/tc_hip.rb +19 -22
data/test/tc_ipseckey.rb +18 -21
data/test/tc_keith.rb +300 -0
data/test/tc_message.rb +87 -0
data/test/tc_misc.rb +83 -87
data/test/tc_name.rb +81 -84
data/test/tc_naptr.rb +18 -21
data/test/tc_nsec.rb +55 -55
data/test/tc_nsec3.rb +23 -24
data/test/tc_nsec3param.rb +20 -21
data/test/tc_packet.rb +90 -93
data/test/tc_packet_unique_push.rb +48 -51
data/test/tc_question.rb +30 -33
data/test/tc_queue.rb +16 -17
data/test/tc_recur.rb +16 -17
data/test/tc_res_config.rb +38 -41
data/test/tc_res_env.rb +29 -32
data/test/tc_res_file.rb +26 -29
data/test/tc_res_opt.rb +62 -65
data/test/tc_resolver.rb +287 -242
data/test/tc_rr-opt.rb +70 -63
data/test/tc_rr-txt.rb +68 -71
data/test/tc_rr-unknown.rb +45 -48
data/test/tc_rr.rb +76 -70
data/test/tc_rrset.rb +21 -22
data/test/tc_rrsig.rb +19 -20
data/test/tc_single_resolver.rb +294 -297
data/test/tc_soak.rb +199 -202
data/test/tc_soak_base.rb +29 -34
data/test/tc_sshfp.rb +20 -23
data/test/tc_tcp.rb +32 -35
data/test/tc_tkey.rb +41 -44
data/test/tc_tsig.rb +81 -84
data/test/tc_update.rb +108 -111
data/test/tc_validator.rb +29 -29
data/test/tc_verifier.rb +81 -82
data/test/ts_dnsruby.rb +16 -15
data/test/ts_offline.rb +62 -63
data/test/ts_online.rb +115 -115
metadata +155 -90
data/README +0 -59
data/lib/Dnsruby/DNS.rb +0 -305
data/lib/Dnsruby/PacketSender.rb +0 -656
data/lib/Dnsruby/Resolver.rb +0 -1189
data/lib/Dnsruby/TheLog.rb +0 -44
data/lib/Dnsruby/message.rb +0 -1230
data/lib/Dnsruby/resource/A.rb +0 -56
data/lib/Dnsruby/resource/AAAA.rb +0 -54
data/lib/Dnsruby/resource/DLV.rb +0 -27
data/lib/Dnsruby/resource/NSEC.rb +0 -298
data/lib/Dnsruby/resource/NSEC3.rb +0 -340
data/lib/Dnsruby/resource/NSEC3PARAM.rb +0 -135
data/lib/Dnsruby/resource/OPT.rb +0 -213
data/lib/Dnsruby/resource/RRSIG.rb +0 -275
data/lib/Dnsruby/resource/SPF.rb +0 -29
data/lib/Dnsruby/resource/SRV.rb +0 -112
data/lib/Dnsruby/resource/TKEY.rb +0 -163
data/lib/Dnsruby/resource/TSIG.rb +0 -593
data/lib/Dnsruby/resource/X25.rb +0 -55
data/lib/Dnsruby/resource/resource.rb +0 -678
data/lib/Dnsruby/update.rb +0 -278
data/lib/Dnsruby/validator_thread.rb +0 -124

data/lib/dnsruby/packet_sender.rb ADDED Viewed

@@ -0,0 +1,661 @@
+# --
+# Copyright 2007 Nominet UK
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ++
+require 'dnsruby/select_thread'
+require 'ipaddr'
+# require 'dnsruby/iana_ports'
+module Dnsruby
+  class PacketSender # :nodoc: all
+    @@authoritative_cache = Cache.new
+    @@recursive_cache = Cache.new
+    def PacketSender.cache(query, response)
+      return if response.cached
+      #  ONLY cache the response if it is not an update response
+      question = query.question()[0]
+      if (query.do_caching && (query.class != Update) &&
+          (question.qtype != Types::AXFR) && (question.qtype != Types::IXFR) &&
+          (response.rcode == RCode::NOERROR) &&(!response.tsig) &&
+          (query.class != Update) &&
+          (response.header.ancount > 0))
+        # # @TODO@ What about TSIG-signed responses?
+        #  Don't cache any packets with "*" in the query name! (RFC1034 sec 4.3.3)
+        if (!question.qname.to_s.include? "*")
+          #  Now cache response RRSets
+          if (query.header.rd)
+            PacketSender.cache_recursive(response);
+          else
+            PacketSender.cache_authoritative(response);
+          end
+        end
+      end
+    end
+    def PacketSender.cache_authoritative(answer)
+      return if !answer.header.aa
+      @@authoritative_cache.add(answer)
+    end
+    def PacketSender.cache_recursive(answer)
+      @@recursive_cache.add(answer)
+    end
+    def PacketSender.clear_caches
+      @@recursive_cache.clear
+      @@authoritative_cache.clear
+    end
+    attr_accessor :packet_timeout
+    #  The port on the resolver to send queries to.
+    #
+    #  Defaults to 53
+    attr_accessor :port
+    #  Use TCP rather than UDP as the transport.
+    #
+    #  Defaults to false
+    attr_accessor :use_tcp
+    #  Use UDP only - don't use TCP
+    #  For test/debug purposes only
+    #  Defaults to false
+    attr_accessor :no_tcp
+    #  The TSIG record to sign/verify messages with
+    attr_reader :tsig
+    #  Don't worry if the response is truncated - return it anyway.
+    #
+    #  Defaults to false
+    attr_accessor :ignore_truncation
+    #  The source address to send queries from
+    #
+    #  Defaults to localhost
+    attr_reader :src_address
+    #  should the Recursion Desired bit be set on queries?
+    #
+    #  Defaults to true
+    attr_accessor :recurse
+    #  The max UDP packet size
+    #
+    #  Defaults to 512
+    attr_reader :udp_size
+    #  The address of the resolver to send queries to
+    attr_reader :server
+    #  Use DNSSEC for this PacketSender
+    #  dnssec defaults to ON
+    attr_reader :dnssec
+    #  Set the source address. If the arg is nil, do nothing
+    def src_address6=(arg)
+      if (not arg.nil?)
+        @src_address6 = arg
+      end
+    end
+    #  Set the source address. If the arg is nil, do nothing
+    def src_address=(arg)
+      if (not arg.nil?)
+        @src_address = arg
+      end
+    end
+    # Sets the TSIG to sign outgoing messages with.
+    # Pass in either a Dnsruby::RR::TSIG, or a key_name and key (or just a key)
+    # Pass in nil to stop tsig signing.
+    # It is possible for client code to sign packets prior to sending - see
+    # Dnsruby::RR::TSIG#apply and Dnsruby::Message#sign
+    # Note that pre-signed packets will not be signed by PacketSender.
+    # * res.tsig=(tsig_rr)
+    # * res.tsig=(key_name, key)
+    # * res.tsig=nil # Stop the resolver from signing
+    def tsig=(*args)
+      @tsig = Resolver.get_tsig(args)
+    end
+    def dnssec=(on)
+      @dnssec=on
+      if (on)
+        #  Set the UDP size (RFC 4035 section 4.1)
+        if (udp_packet_size < Resolver::MinDnssecUdpSize)
+          self.udp_size = Resolver::MinDnssecUdpSize
+        end
+      end
+    end
+    def udp_size=(size)
+      @udp_size = size
+    end
+    def server=(server)
+      Dnsruby.log.debug { "InternalResolver setting server to #{server}" }
+      @server=Config.resolve_server(server)
+      check_ipv6
+    end
+    #  Can take a hash with the following optional keys :
+    #
+    #  * :server
+    #  * :port
+    #  * :use_tcp
+    #  * :no_tcp
+    #  * :ignore_truncation
+    #  * :src_address
+    #  * :src_address6
+    #  * :src_port
+    #  * :udp_size
+    #  * :tsig
+    #  * :packet_timeout
+    #  * :recurse
+    def initialize(*args)
+      arg=args[0]
+      @ipv6 = false
+      @packet_timeout = Resolver::DefaultPacketTimeout
+      @port = Resolver::DefaultPort
+      @udp_size = Resolver::DefaultUDPSize
+      @dnssec = Resolver::DefaultDnssec
+      @use_tcp = false
+      @no_tcp = false
+      @tsig = nil
+      @ignore_truncation = false
+      @src_address = '0.0.0.0'
+      @src_address6 = '::'
+      @src_port = [0]
+      @recurse = true
+      if (arg==nil)
+        #  Get default config
+        config = Config.new
+        #         @server = config.nameserver[0]
+      elsif (arg.kind_of? String)
+        @server=arg
+      elsif (arg.kind_of? Name)
+        @server=arg
+      elsif (arg.kind_of? Hash)
+        arg.keys.each do |attr|
+          begin
+            if (((attr.to_s == "src_address")||(attr.to_s == "src_address6")) &&
+                ((arg[attr] == nil) || (arg[attr] == "")))
+            else
+              send(attr.to_s+"=", arg[attr])
+            end
+          rescue Exception => e
+            Dnsruby.log.error { "PacketSender : Argument #{attr}, #{arg[attr]} not valid : #{e}\n" }
+          end
+          #         end
+        end
+      end
+      # Check server is IP
+      @server=Config.resolve_server(@server)
+      check_ipv6
+      #       ResolverRegister::register_single_resolver(self)
+    end
+    def check_ipv6
+      begin
+        i = IPv4.create(@server)
+        #         @src_address = '0.0.0.0'
+        @ipv6=false
+      rescue Exception
+        begin
+          i = IPv6.create(@server)
+          #           @src_address6 = '::'
+          @ipv6=true
+        rescue Exception
+          Dnsruby.log.error { "Server is neither IPv4 or IPv6!\n" }
+        end
+      end
+    end
+    def close
+      #  @TODO@ What about closing?
+      #  Any queries to complete? Sockets to close?
+    end
+    # Asynchronously send a Message to the server. The send can be done using just
+    # Dnsruby. Support for EventMachine has been deprecated.
+    #
+    # == Dnsruby pure Ruby event loop :
+    #
+    # A client_queue is supplied by the client,
+    # along with an optional client_query_id to identify the response. The client_query_id
+    # is generated, if not supplied, and returned to the client.
+    # When the response is known, the tuple
+    # (query_id, response_message, response_exception) is put in the queue for the client to process.
+    #
+    # The query is sent synchronously in the caller's thread. The select thread is then used to
+    # listen for and process the response (up to pushing it to the client_queue). The client thread
+    # is then used to retrieve the response and deal with it.
+    #
+    # Takes :
+    #
+    # * msg - the message to send
+    # * client_queue - a Queue to push the response to, when it arrives
+    # * client_query_id - an optional ID to identify the query to the client
+    # * use_tcp - whether to use TCP (defaults to PacketSender.use_tcp)
+    #
+    # Returns :
+    #
+    # * client_query_id - to identify the query response to the client. This ID is
+    # generated if it is not passed in by the client
+    #
+    # If the native Dsnruby networking layer is being used, then this method returns the client_query_id
+    #
+    #     id = res.send_async(msg, queue)
+    #     NOT SUPPORTED : id = res.send_async(msg, queue, use_tcp)
+    #     id = res.send_async(msg, queue, id)
+    #     id = res.send_async(msg, queue, id, use_tcp)
+    #
+    # Use Message#send_raw to send the packet with an untouched header.
+    # Use Message#do_caching to tell dnsruby whether to check the cache before
+    # sending, and update the cache upon receiving a response.
+    # Use Message#do_validation to tell dnsruby whether or not to do DNSSEC
+    # validation for this particular packet (assuming SingleResolver#dnssec == true)
+    # Note that these options should not normally be used!
+    def send_async(*args) # msg, client_queue, client_query_id, use_tcp=@use_tcp)
+      #  @TODO@ Need to select a good Header ID here - see forgery-resilience RFC draft for details
+      msg = args[0]
+      client_query_id = nil
+      client_queue = nil
+      use_tcp = @use_tcp
+      if (msg.kind_of? String)
+        msg = Message.new(msg)
+        if (@dnssec)
+          msg.header.cd = @dnssec # we'll do our own validation by default
+          if (Dnssec.no_keys?)
+            msg.header.cd = false
+          end
+        end
+      end
+      if (args.length > 1)
+        if (args[1].class==Queue)
+          client_queue = args[1]
+        elsif (args.length == 2)
+          use_tcp = args[1]
+        end
+        if (args.length > 2)
+          client_query_id = args[2]
+          if (args.length > 3)
+            use_tcp = args[3]
+          end
+        end
+      end
+      #  Need to keep track of the request mac (if using tsig) so we can validate the response (RFC2845 4.1)
+      #       #Are we using EventMachine or native Dnsruby?
+      #       if (Resolver.eventmachine?)
+      #         return send_eventmachine(query_packet, msg, client_query_id, client_queue, use_tcp)
+      #       else
+      if (!client_query_id)
+        client_query_id = Time.now + rand(10000) # is this safe?!
+      end
+      query_packet = make_query_packet(msg, use_tcp)
+      if (msg.do_caching && (msg.class != Update))
+        #  Check the cache!!
+        cachedanswer = nil
+        if (msg.header.rd)
+          cachedanswer = @@recursive_cache.find(msg.question()[0].qname, msg.question()[0].type)
+        else
+          cachedanswer = @@authoritative_cache.find(msg.question()[0].qname, msg.question()[0].type)
+        end
+        if (cachedanswer)
+          TheLog.debug("Sending cached answer to client\n")
+          #  @TODO@ Fix up the header - ID and flags
+          cachedanswer.header.id = msg.header.id
+          #  If we can find the answer, send it to the client straight away
+          #  Post the result to the client using SelectThread
+          st = SelectThread.instance
+          st.push_response_to_select(client_query_id, client_queue, cachedanswer, msg, self)
+          return client_query_id
+        end
+      end
+      #  Otherwise, run the query
+      if (udp_packet_size < query_packet.length)
+        if (@no_tcp)
+          #  Can't send the message - abort!
+          err=IOError.new("Can't send message - too big for UDP and no_tcp=true")
+          Dnsruby.log.error { "#{err}" }
+          st.push_exception_to_select(client_query_id, client_queue, err, nil)
+          return
+        end
+        Dnsruby.log.debug { "Query packet length exceeds max UDP packet size - using TCP" }
+        use_tcp = true
+      end
+      send_dnsruby(query_packet, msg, client_query_id, client_queue, use_tcp)
+      return client_query_id
+      #       end
+    end
+    #  This method sends the packet using the built-in pure Ruby event loop, with no dependencies.
+    def send_dnsruby(query_bytes, query, client_query_id, client_queue, use_tcp) #:nodoc: all
+      endtime = Time.now + @packet_timeout
+      #  First send the query (synchronously)
+      st = SelectThread.instance
+      socket = nil
+      runnextportloop = true
+      numtries = 0
+      src_address = @src_address
+      if (@ipv6)
+        src_address = @src_address6
+      end
+      while (runnextportloop) do
+        begin
+          numtries += 1
+          src_port = get_next_src_port
+          if (use_tcp)
+            begin
+              socket = TCPSocket.new(@server, @port, src_address, src_port)
+            rescue Errno::EBADF, Errno::ENETUNREACH => e
+              #  Can't create a connection
+              err=IOError.new("TCP connection error to #{@server}:#{@port} from #{src_address}:#{src_port}, use_tcp=#{use_tcp}, exception = #{e.class}, #{e}")
+              Dnsruby.log.error { "#{err}" }
+              st.push_exception_to_select(client_query_id, client_queue, err, nil)
+              return
+            end
+          else
+            socket = nil
+            #  JRuby UDPSocket only takes 0 parameters - no IPv6 support in JRuby...
+            if (/java/ =~ RUBY_PLATFORM)
+              socket = UDPSocket.new()
+            else
+              #               ipv6 = @src_address =~ /:/
+              socket = UDPSocket.new(@ipv6 ? Socket::AF_INET6 : Socket::AF_INET)
+            end
+            socket.bind(src_address, src_port)
+            socket.connect(@server, @port)
+          end
+          runnextportloop = false
+        rescue Exception => e
+          if (socket!=nil)
+            begin
+              socket.close
+            rescue Exception
+            end
+          end
+          #  Try again if the error was EADDRINUSE and a random source port is used
+          #  Maybe try a max number of times?
+          if ((e.class != Errno::EADDRINUSE) || (numtries > 50) ||
+              ((e.class == Errno::EADDRINUSE) && (src_port == @src_port[0])))
+            err=IOError.new("dnsruby can't connect to #{@server}:#{@port} from #{src_address}:#{src_port}, use_tcp=#{use_tcp}, exception = #{e.class}, #{e}")
+            Dnsruby.log.error { "#{err}" }
+            st.push_exception_to_select(client_query_id, client_queue, err, nil)
+            return
+          end
+        end
+      end
+      if (socket==nil)
+        err=IOError.new("dnsruby can't connect to #{@server}:#{@port} from #{src_address}:#{src_port}, use_tcp=#{use_tcp}")
+        Dnsruby.log.error { "#{err}" }
+        st.push_exception_to_select(client_query_id, client_queue, err, nil)
+        return
+      end
+      Dnsruby.log.debug { "Sending packet to #{@server}:#{@port} from #{src_address}:#{src_port}, use_tcp=#{use_tcp} : #{query.question()[0].qname}, #{query.question()[0].qtype}" }
+      #             print "#{Time.now} : Sending packet to #{@server} : #{query.question()[0].qname}, #{query.question()[0].qtype}\n"
+      #  Listen for the response before we send the packet (to avoid any race conditions)
+      query_settings = SelectThread::QuerySettings.new(query_bytes, query, @ignore_truncation, client_queue, client_query_id, socket, @server, @port, endtime, udp_packet_size, self)
+      begin
+        if (use_tcp)
+          lenmsg = [query_bytes.length].pack('n')
+          socket.send(lenmsg, 0)
+        end
+        socket.send(query_bytes, 0)
+        #  The select thread will now wait for the response and send that or a timeout
+        #  back to the client_queue.
+        st.add_to_select(query_settings)
+      rescue Exception => e
+        err=IOError.new("Send failed to #{@server}:#{@port} from #{src_address}:#{src_port}, use_tcp=#{use_tcp}, exception : #{e}")
+        Dnsruby.log.error { "#{err}" }
+        st.push_exception_to_select(client_query_id, client_queue, err, nil)
+        begin
+          socket.close
+        rescue Exception
+        end
+        return
+      end
+      Dnsruby.log.debug { "Packet sent to #{@server}:#{@port} from #{src_address}:#{src_port}, use_tcp=#{use_tcp} : #{query.question()[0].qname}, #{query.question()[0].qtype}" }
+      #       print "Packet sent to #{@server}:#{@port} from #{@src_address}:#{src_port}, use_tcp=#{use_tcp} : #{query.question()[0].qname}, #{query.question()[0].qtype}\n"
+    end
+    #  The source port to send queries from
+    #  Returns either a single Fixnum or an Array
+    #  e.g. "0", or "[60001, 60002, 60007]"
+    #
+    #  Defaults to 0 - random port
+    def src_port
+      if (@src_port.length == 1)
+        return @src_port[0]
+      end
+      return @src_port
+    end
+    #  Can be a single Fixnum or a Range or an Array
+    #  If an invalid port is selected (one reserved by
+    #  IANA), then an ArgumentError will be raised.
+    #
+    #         res.src_port=0
+    #         res.src_port=[60001,60005,60010]
+    #         res.src_port=60015..60115
+    #
+    def src_port=(p)
+      @src_port=[]
+      add_src_port(p)
+    end
+    #  Can be a single Fixnum or a Range or an Array
+    #  If an invalid port is selected (one reserved by
+    #  IANA), then an ArgumentError will be raised.
+    #  "0" means "any valid port" - this is only a viable
+    #  option if it is the only port in the list.
+    #  An ArgumentError will be raised if "0" is added to
+    #  an existing set of source ports.
+    #
+    #         res.add_src_port(60000)
+    #         res.add_src_port([60001,60005,60010])
+    #         res.add_src_port(60015..60115)
+    #
+    def add_src_port(p)
+      if (Resolver.check_port(p, @src_port))
+        a = Resolver.get_ports_from(p)
+        a.each do |x|
+          if ((@src_port.length > 0) && (x == 0))
+            raise ArgumentError.new("src_port of 0 only allowed as only src_port value (currently #{@src_port.length} values")
+          end
+          @src_port.push(x)
+        end
+      end
+    end
+    def get_next_src_port
+      # Different OSes have different interpretations of "random port" here.
+      # Apparently, Linux will just give you the same port as last time, unless it is still
+      # open, in which case you get n+1.
+      # We need to determine an actual (random) number here, then ask the OS for it, and
+      # continue until we get one.
+      if (@src_port[0] == 0)
+        candidate = -1
+        #         # better to construct an array of all the ports we *can* use, and then just pick one at random!
+        #         candidate = Iana::UNRESERVED_PORTS[rand(Iana::UNRESERVED_PORTS.length())]
+        #         #        while (!(Resolver.port_in_range(candidate)))
+        #         #          candidate = (rand(65535-1024) + 1024)
+        #         #        end
+        #  @TODO@ Should probably construct a bitmap of the IANA ports...
+        candidate = 50000 + (rand(15535)) # pick one over 50000
+        return candidate
+      end
+      pos = rand(@src_port.length)
+      return @src_port[pos]
+    end
+    def check_response(response, response_bytes, query, client_queue, client_query_id, tcp)
+      #  @TODO@ Should send_raw avoid this?
+      if (!query.send_raw)
+        sig_value = check_tsig(query, response, response_bytes)
+        if (sig_value != :okay)
+          #  Should send error back up to Resolver here, and then NOT QUERY AGAIN!!!
+          return sig_value
+        end
+        #  Should check that question section is same as question that was sent! RFC 5452
+        #  If it's not an update...
+        if (query.class == Update)
+          #  @TODO@!!
+        else
+          if ((response.question.size == 0) ||
+              (response.question[0].qname.labels != query.question[0].qname.labels) ||
+              (response.question[0].qtype != query.question[0].qtype) ||
+              (response.question[0].qclass != query.question[0].qclass) ||
+              (response.question.length != query.question.length) ||
+              (response.header.id != query.header.id))
+            TheLog.info("Incorrect packet returned : #{response.to_s}")
+            return false
+          end
+        end
+        # end
+        #  IF WE GET FORMERR BACK HERE (and we have EDNS0 on) THEN
+        #  TRY AGAIN WITH NO OPT RECORDS! (rfc2671 section 5.3)
+        if ((response.header.get_header_rcode == RCode.FORMERR) &&
+            (query.header.arcount > 0))
+          #  try resending the message with no OPT record
+          query.remove_additional
+          query.send_raw = true
+          send_async(query, client_queue, client_query_id, false)
+          return false
+        end
+        if (response.header.tc && !tcp && !@ignore_truncation)
+          if (@no_tcp)
+            Dnsruby.log.debug { "Truncated response - not resending over TCP as no_tcp==true" }
+          else
+            #  Try to resend over tcp
+            Dnsruby.log.debug { "Truncated - resending over TCP" }
+            #  @TODO@ Are the query options used correctly here? DNSSEC in particular...
+            #         query.send_raw = true # Make sure that the packet is not messed with.
+            send_async(query, client_queue, client_query_id, true)
+            return false
+          end
+        end
+      end
+      return true
+    end
+    def check_tsig(query, response, response_bytes)
+      if (query.tsig)
+        if (response.tsig)
+          if !query.tsig.verify(query, response, response_bytes)
+            #  Discard packet and wait for correctly signed response
+            Dnsruby.log.error { "TSIG authentication failed!" }
+            return TsigError.new
+          end
+        else
+          #  Treated as having format error and discarded (RFC2845, 4.6)
+          #  but return a different error code, because some servers fail at
+          #  this
+          Dnsruby.log.error { "Expecting TSIG signed response, but got unsigned response - discarding" }
+          return TsigNotSignedResponseError.new
+        end
+      elsif (response.tsig)
+        #  Error - signed response to unsigned query
+        Dnsruby.log.error { "Signed response to unsigned query" }
+        return TsigError.new
+      end
+      return :okay
+    end
+    def make_query(name, type = Types::A, klass = Classes::IN, set_cd=@dnssec)
+      msg = Message.new
+      msg.header.rd = 1
+      msg.add_question(name, type, klass)
+      if (@dnssec)
+        msg.header.cd = set_cd # We do our own validation by default
+      end
+      return msg
+    end
+    #  Prepare the packet for sending
+    def make_query_packet(packet, use_tcp = @use_tcp) #:nodoc: all
+      if (!packet.send_raw) # Don't mess with this packet!
+        if (packet.header.opcode == OpCode.QUERY || @recurse)
+          packet.header.rd=@recurse
+        end
+        #  Only do this if the packet has not been prepared already!
+        if (@dnssec)
+          prepare_for_dnssec(packet)
+        elsif ((udp_packet_size > Resolver::DefaultUDPSize) && !use_tcp)
+          #       if ((udp_packet_size > Resolver::DefaultUDPSize) && !use_tcp)
+          #  @TODO@ What if an existing OPT RR is not big enough? Should we replace it?
+          add_opt_rr(packet)
+        end
+      end
+      if (@tsig && !packet.signed?)
+        @tsig.apply(packet)
+      end
+      return packet.encode
+    end
+    def add_opt_rr(packet)
+      Dnsruby.log.debug { ";; Adding EDNS extension with UDP packetsize  #{udp_packet_size}.\n" }
+      #  RFC 3225
+      optrr = RR::OPT.new(udp_packet_size)
+      #  Only one OPT RR allowed per packet - do we already have one?
+      if (packet.additional.rrset(packet.question()[0].qname, Types::OPT).rrs.length == 0)
+        packet.add_additional(optrr)
+      end
+    end
+    def prepare_for_dnssec(packet)
+      #  RFC 4035
+      Dnsruby.log.debug { ";; Adding EDNS extension with UDP packetsize #{udp_packet_size} and DNS OK bit set\n" }
+      optrr = RR::OPT.new(udp_packet_size) # Decimal UDPpayload
+      optrr.dnssec_ok=true
+      if (packet.additional.rrset(packet.question()[0].qname, Types::OPT).rrs.length == 0)
+        packet.add_additional(optrr)
+      end
+      packet.header.ad = false # RFC 4035 section 4.6
+      #  SHOULD SET CD HERE!!!
+      if (packet.do_validation)
+        packet.header.cd = true
+      end
+      if (Dnssec.no_keys?)
+        packet.header.cd = false
+      end
+    end
+    #  Return the packet size to use for UDP
+    def udp_packet_size
+      #  if @udp_size > DefaultUDPSize then we use EDNS and
+      #  @udp_size should be taken as the maximum packet_data length
+      ret = (@udp_size > Resolver::DefaultUDPSize ? @udp_size : Resolver::DefaultUDPSize)
+      return ret
+    end
+  end
+end